Abstract: A present invention Galois field multiplier system and method utilize lookup tables to generate one partial product term and one feedback term in one clock cycle. In one embodiment, a Galois field multiplier system includes a plurality of shift registers, a plurality of exclusive OR components, a partial product lookup table, and a feedback table lookup table. The plurality of shift registers perform shift multiplication operation and are coupled to the plurality of shift registers that perform addition operations. The partial product lookup table and feedback lookup tables are selectively coupled to the exclusive OR components and values from the partial product lookup table and feedback lookup tables are fed into the selectively coupled exclusive OR components. Coefficients of the partial product term and feedback term are utilized as indexes to the partial product lookup table and feedback lookup table respectively.

Abstract: A device for determining an inverse of an initial value related to a modulus, comprising a unit configured to process an iterative algorithm in a plurality of iterations, wherein an iteration includes two modular reductions and has, as an iteration loop result, values obtained by an iteration loop of an extended Euclidean algorithm.

Abstract: A method or cryptographic system for communicating securely over an insecure communication channel of the type which communicates a message from a transmitter to a receiver includes the step of providing a finite filed serial-serial multiplication/reduction structure wherein an initial delay and clock-cycle are inherently independent of word length and wherein input operands are serially entered one digit at a time and the output result is computed serially one digit at a time, wherein the digit size can be one bit or more. As disclosed, the multiplication structure is scalable and a serial transfer reduces the bus width needed to transfer data back and forth between memory and a multiplication/reduction step. A finite field multiplication structure in which an operand multiplication and a finite field reduction are formulated as a serial-serial computation is also disclosed.

Abstract: Methods and systems relating to Weil-based spreading codes are described herein. In an embodiment, a method includes generating a set of Weil sequences, adapting a plurality of sequences of the set of Weil sequences to form a first plurality of codes, and selecting a second plurality of codes from the first plurality of codes. A code of the first plurality of codes is selected based at least on a correlation associated with the code. Each code of the first plurality of codes has a predetermined length.

Abstract: A condensed Galois field computing system including a multiplier circuit for multiplying first and second polynomials with coefficients over a Galois field to obtain their product; and a Galois field linear transformer circuit for applying an irreducible polynomial of power n to the product including a partial result generator responsive to terms of power n and greater in the product for providing a folded partial result and a Galois field adder for condensing the folded partial result and the terms less than power n in the product to obtain Galois field transformer of power n of the product.

Abstract: Disclosed is a method and architecture for parallel calculating GHASH of Galois Counter Mode (GCM), which regards the additional authenticated data A and the ciphertext C defined in the GCM as a single data M with an input order of a sequence M1M2 . . . Mm-1, and arranges the final output of the GHASH into a combination of the sequence M1M2 . . . Mm-1 and the hash key H. Then, the combined form for the final output is further divided into two odd and even parallel calculating parts. According to the two parallel calculating parts and the hash key H, the final output of the GHASH operation is calculated. This invention may calculate the additional authenticated data A and the ciphertext C in parallel. It may also calculate the even-order input data and odd-order input data in parallel.

Abstract: Methods and apparatus for an encryption processor for performing accelerated computations to establish secure network sessions. The encryption processor includes an execution unit and a decode unit. The execution unit is configured to execute Montgomery operations and including at least one adder and at least two multipliers. The decode unit is configured to determine if a square operation or a product operation needs to be performed and to issue the appropriate instructions so that certain multiply and/or addition operations are performed in parallel in the execution unit while performing either the Montgomery square or Montgomery product operation.

Abstract: An elliptic curve processing apparatus that performs operations on elliptic curves specified over binary polynomial fields includes a functional unit that has a digit serial multiplier with a digit size of at least two bits. The elliptic curve processing apparatus performs reduction for respective generic curves using arbitrary irreducible polynomials, which correspond to respective ones of the generic curves. The elliptic curve processing apparatus may include hardwired reduction circuits in the functional unit for use with respective named curves. A storage location in the elliptic curve processing apparatus may be used to specify whether an operation is for one of the named curves or for one of the generic curves.

Abstract: A method of generating a cryptographic key between two users. First, the users select an elliptic curve. Next, the users select a point P on the curve. Next, the first user selects integers ra and wa and the second user selects integers rb and wb. Next, the first user generates points Ra=raP and Wa=waP and the second user generates points Rb=rbP and Wb=wbP. Next, the first user transmits Ra and Wa to the second user and the second user transmits Rb and Wb to the first user. Next, the first user generates ca from what it possesses while the second user generates cb from what it possesses in equivalent fashion. Next, the first user generates ga as a function of wa, ra, Wb, and Rb and the second user generates gb as a function of wb, rb, Wa, and Ra, in equivalent fashion. Next, the first user binarily expands on ca and ga in joint sparse form and the second user does the same on cb and gb.

Abstract: Techniques for single function stage Galois field (GF) computations are described. The new single function stage GF multiplication requires only m-bits per internal logic stage, a savings of m?1 bits per logic stage that do not have to be accounted for as compared with a previous two function stage approach. Also, a common design CF multiplication cell is described that may be suitably used to construct an m-by-m GF multiplication array for the calculation of GF[2m]/g[x]. In addition, these techniques are further described in the context of packed data form computation, VLIW processing, and processing on multiple processing elements in parallel.

Abstract: N-valued with n?2 scramblers, descramblers, sequence generators and sequence detectors operate with Linear Feedback Shift Registers (LFSRs) in Galois configuration. Detectors and descramblers in Fibonacci configuration relate to generators and scramblers with LFSRs in Galois configuration. The content of a shift register in a sequence detector in Galois configuration is calculated. Binary and n-valued scramblers in Galois configuration are matched with corresponding self-synchronizing descramblers with Linear Forward Connected Shift Registers. Systems, including communication systems apply scramblers and descramblers, sequence generators and sequence detectors in Galois configuration.

Abstract: The present invention provides a system and method for improving the performance of general-purpose processors by implementing a functional unit that computes the product of a matrix operand with a vector operand, producing a vector result. The functional unit fully utilizes the entire resources of a 128b by 128b multiplier regardless of the operand size, as the number of elements of the matrix and vector operands increase as operand size is reduced. The unit performs both fixed-point and floating-point multiplications and additions with the highest-possible intermediate accuracy with modest resources.

Abstract: Basis conversion from polynomial-basis form to normal-basis form is provided for both generic polynomials and special irreducible polynomials in the form of “all ones”, referred to as “all-ones-polynomials” (AOP). Generation and storing of large matrices is minimized by creating matrices on the fly, or by providing an alternate means of computing a result with minimal hardware extensions.

Abstract: A unified integer/Galois-Field 2m multiplier performs multiply operations for public-key systems such as Rivert, Shamir, Aldeman (RSA), Diffie-Hellman key exchange (DH) and Elliptic Curve Cryptosystem (ECC). The multiply operations may be performed on prime fields and different composite binary fields in independent multipliers in an interleaved fashion.

Abstract: Basis conversion from normal form to canonical form is provided for both generic polynomials and special irreducible polynomials in the form of “all ones”, referred to as “all-ones-polynomials” (AOP). Generation and storing of large matrices is minimized by creating matrices on the fly, or by providing an alternate means of computing a result with minimal hardware extensions.

Abstract: A method is provided for masking a process used in generating a number sequence. The method includes generating a first sequence of numbers contained within a Galois field GF[M]. The method also includes performing a first modification to a first number in the first sequence of numbers. The first modification includes summing the first number with a result of a modulo P operation performed on a second number of the first sequence that proceeds the first number. M is relatively prime with respect to P. The method further includes performing a second modification to the first random number. The second modification is comprised of a modulo P operation. This second modification is performed subsequent to the first modification. The method includes repeating the first and second modification for a plurality of numbers comprising the first sequence of numbers to generate a second sequence of numbers.

Abstract: A method is presided for masking a process used in generating a random number sequence. The method includes generating a random number sequence. This step involves selectively generating the random number sequence utilizing a ring structure which has been punctured. The method also includes performing a mixed radix conversion to convert the random number sequence from a first number base to a second number base. The method further includes puncturing the ring structure by removing at least one element therefrom to eliminate a statistical artifact in the random number sequence expressed in the second number base. The first number base and second number base are selected so that they are respectively defined by a first Galois field characteristic and a second Galois field characteristic.

Abstract: A method for efficiently calculating syndromes in Reed-Solomon decoding is adapted to be implemented in a processor having a parallel processing instruction set. The method includes: (a) initializing a syndrome vector; (b) obtaining a symbol from a Reed-Solomon block code; (c) finding a lookup index based on the symbol; (d) using the parallel processing instruction set, obtaining a finite field product vector Corresponding to the lookup index from a finite field vector multiplication table that includes at least one finite field product vector; (e) using the parallel processing instruction set, performing vector finite field addition on the finite field product vector corresponding to the lookup index and the syndrome vector, thereby obtaining an updated syndrome vector; and (f) outputting the updated syndrome vector.

Abstract: Techniques for single function stage Galois field (GF) computations are described. The new single function stage GF multiplication requires only m-bits per internal logic stage, a savings of m?1 bits per logic stage that do not have to be accounted for as compared with a previous two function stage approach. Also, a common design GF multiplication cell is described that may be suitably used to construct an m-by-m GF multiplication array for the calculation of GF[2m]/g[x]. In addition, these techniques are further described in the context of packed data form computation, very long instruction word (VLIW) processing, and processing on multiple processing elements in parallel.

Abstract: Modular multiplication of two elements X(t) and Y(t), over GF(2), where m is a field degree, may utilize field degree to determine, at least in part, the number of iterations. An extra shift operation may be employed when the number of iterations is reduced. Modular multiplication of two elements X(t) and Y(t), over GF(2), may include a shared reduction circuit utilized during multiplication and reduction. In addition, a modular multiplication of binary polynomials X(t) and Y(t), over GF(2), may utilize the Karatsuba algorithm, e.g., by recursively splitting up a multiplication into smaller operands determined according to the Karatsuba algorithm.

Abstract: Disclosed is a low-latency method and apparatus of GHASH operation for authenticated encryption Galois Counter Mode (GCM), which simultaneously computes three interim values respectively yielded from the additional authenticated data A, the ciphertext C, and the hash key H defined in the GCM. Then, the output of the GHASH operation may be derived. Therefore, supposing that A has m blocks and C has n blocks, then this invention performs the GHASH operation with max{m,n}+1 steps. The input order for the additional authenticated data A and the ciphertext C may be independent. A disordered sequence for the additional authenticated data A and the ciphertext C may also be accepted by this invention. This allows the applications in GCM be more flexible.

Abstract: Multi-precision multiplication methods over GF(2m) include representing a first polynomial and a second polynomial as an array of n words. A recursive algorithm may be used to iteratively decompose the multiplication into a weighted sum of smaller subproducts. When the size of the smaller subproducts is less than or equal to a predetermined size, a nonrecursive algorithm may be used to complete the multiplication. The nonrecursive algorithm may be optimized to efficiently perform the bottom-end multiplication. For example, pairs of redundant subproducts can be identified and excluded from the nonrecursive algorithm. Moreover, subproducts having weights in a special form may be efficiently calculated by a process that involves storing and reusing intermediate calculations.

Abstract: A combination of an infrequently-called tiny multiplication unit and a “differential” unit that quickly computes T (n+1) basing on known T n. The schedule (how often the multiplication unit is called) can be considered as a parameter of the algorithm. The proposed architecture of the “differential” unit is efficient both in terms of speed (delay) and area (gate count).

Abstract: Multi-valued or n-state with n=2p Linear Feedback Shift Registers (LFSRs) in binary form are provided for scramblers, descramblers and sequence generators using addition and multiplication functions over a Finite Field GF(n) in binary form. N-state switching functions in an LFSR are implemented by using implementations of reversible binary functions. LFSRs may be in Fibonacci or in Galois configuration. N-state LFSR based sequence generators in binary form for generating an n-state maximum length sequence in binary form are also provided. A method for simple correlation calculation is provided. Communication systems and data storage systems using the LFSRs are also disclosed.

Abstract: A processor includes a source register having a source register content, a destination register, a calculating unit for performing a calculation using the source register content, wherein the calculation is performed in several calculation cycles, and wherein in each cycle only one portion of the source register content is useable, a data bus connected to the source register, the destination register and the calculating unit, and a processor controller. The processor controller is operable to supply the source register content in portions to the calculating unit on the one hand and to the destination register on the other hand during the calculation via the data bus, so that after an execution of the calculation the source register content is written into the destination register. Therefore it is possible to obtain a register copy of a source register the destination register via a limited data bus without additional machine cycles for long operands to be processed in portions.

Abstract: An arithmetic processor is provided, which comprises an arithmetic logic unit (ALU) containing arithmetic circuitry configured to perform field operations in an underlying field. The circuitry comprises a first controller for sequencing the ALU through steps in the field operations. The processor also comprises a register file comprising one or more general purpose registers to contain representations of one or more operands, and a second controller to provide instructions to the ALU for controlling computational operations of the ALU on the one or more operands. The second controller co-operates with the first controller to control operations of the ALU to accommodate different operand vector sizes in response to variations in size of the underlying field indicated by a field size control signal received by the second controller. The first controller monitors control bits and implements a counter in its own control registers for determining the size of a field being used.

Abstract: A reduction operation is utilized in an arithmetic operation on two binary polynomials X(t) and Y(t) over GF(2), where an irreducible polynomial Mm(t)=tm+am?1tm?1+am?2tm?2+ . . . +a1t+a0, where the coefficients ai are equal to either 1 or 0, and m is a field degree. The reduction operation includes partially reducing a result of the arithmetic operation on the two binary polynomials to produce a congruent polynomial of degree less than a chosen integer n, with m?n. The partial reduction includes using a polynomial M?=(Mm(t)?tm)*tn?m, or a polynomial M?=Mm(t)*tn?m as part of reducing the result to the degree less than n and greater than or equal to m. The integer n can be the data path width of an arithmetic unit performing the arithmetic operation, a multiple of a digit size of a multiplier performing the arithmetic operation, a word size of a storage location, such as a register, or a maximum operand size of a functional unit in which the arithmetic operation is performed.

Abstract: A Montgomery modular multiplier receiving a multiplicand (A), a modulus (M), and a multiplier (B), using a t-s compressor, where t>3 and s>1, and a multiplication method performed in the same. In response to a carry propagation adder signal, the t-s compressor performs additions on the carry C and the sum S and obtains the final results in a carry propagation adder structure.

Abstract: A method for realizing a finite field divider architecture is proposed, in which all standard basis of a divider are transformed into the composite field basis, and the circuit is realized using subfield multiplier, squarer, adder and lookup table over this composite field. The user can finish a division operation within one clock cycle and accomplish the requirement of low complexity. In many finite field operations, divider circuits like this are very helpful to RS/BCH decoders or ECC/Security processors.

Abstract: Error correction coding is provided for codeword headers in a data tape format, such as a Linear Tape-Open, Generation 4 (LTO-4) data tape format. The data tape format defines a codeword quad as having first and second codeword headers interleaved with first and second codeword pairs, each codeword header comprising N bytes Ck=C0, C1, . . . , CN?2, CN?1 wherein K bytes C0-CK?1 of the first and second headers in a codeword quad differ such that if one is known the other can be inferred. Each header byte Ck of a codeword quad is redefined as comprising two interleaved (M/2)-bit nibbles, ek, ok. For each header, nibbles ek-eN?1 and nibbles ok-oN?1 are generated as a function of nibbles, e0-EK?1 and o0-oK?1, respectively. A codeword is assembled with the redefined headers the codeword quad is then recorded onto a recording medium.

Abstract: This invention describes a method for evaluating a polynomial in an extension field Fqm, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of qth powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a qth power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of qth powers from components of smaller powers; and evaluating the field element at the root of the polynomial.

Abstract: Described is an apparatus for performing a Galois field product computation on data. A first symbol data includes a plurality of symbols each being a bit sequence on which a product operation by a factor ? is to be performed in a Galois field, where ? is a primitive element of the Galois field, is acquired. A factor ? computation is performed on the first symbol data by performing a bit shift operation on the first symbol data toward high-order bit position, generating first mask data from the first symbol data, generating first correction data by computing a logical AND of the first mask data and a first symbol correction value, generating a factor ? computation result by computing a XOR of the second symbol data and the first correction data.

Abstract: A Galois field multiplier array includes a 1st register, a 2nd register, a 3rd register, and a plurality of multiplier cells. The 1st register stores bits of a 1st operand. The 2nd register stores bits of a 2nd operand. The 3rd register stores bits of a generating polynomial that corresponds to one of a plurality of applications (e.g., FEC, CRC, Reed Solomon, et cetera). The plurality of multiplier cells is arranged in rows and columns. Each of the multiplier cells outputs a sum and a product and each cell includes five inputs. The 1st input receives a preceding cell's multiply output, the 2nd input receives at least one bit of the 2nd operand, the 3rd input receives a preceding cell's sum output, a 4th input receives at least one bit of the generating polynomial, and the 5th input receives a feedback term from a preceding cell in a preceding row. The multiplier cells in the 1st row have the 1st input, 3rd input, and 5th input set to corresponding initialization values in accordance with the 2nd operand.

Abstract: An arithmetic device for Montgomery modular multiplication which quickly calculates a parameter ND, the parameter ND satisfying R×R?1?N×ND=1 for an integer N and a radix R that is coprime to and greater than N, with a large number of effective lower bits. The device comprises an ND generator, a multiplication-accumulation (MAC) operator, and a sum data store. The ND generator produces effective lower bits of ND at a rate of k bits per clock cycle, with reference to lower k bits of a variable S, as well as to lower k bits of an odd positive integer N. The MAC operator multiplies the produced k-bit ND value by N and adds the resulting product to S. The sum data store stores the variable S, which is updated with the output of the MAC operator, with its bits shifted right by k bits, for use by the ND generator in the subsequent clock cycle.

Abstract: A method and system for protecting against side channel attacks on cryptographic systems that attempt to recover information from externally detectable signals, such as electromagnetic fields or power input variations. A system operates in accordance with the subject invention to process a message using a cryptographic protocol involving a secret key d. The protocol includes a step for computing the result of iteratively performing a binary operation [op] on a digital quantity G, where a secret key d is taken as an integer value, such as elliptic curve scalar point multiplication or modular exponentiation.

Abstract: A multiplier apparatus is arranged for multiplying a first long integer entity with a second long integer entity modulo a prime number. In particular, the comprises a pipelined multiplier core, whilst executing the overall multiplication in Montgomery fashion.

Abstract: Various methods and systems for implementing Reed Solomon multiplication sections from exclusive-OR (XOR) logic are disclosed. For example, a system includes a Reed Solomon multiplication section, which includes XOR-based logic. The XOR-based logic includes an input, an output, and one or more XOR gates. A symbol X is received at the input of the XOR-based logic. The one or more XOR gates are coupled to generate a product of a power of ? and X at the output, wherein ? is a root of a primitive polynomial of a Reed Solomon code. Such a Reed Solomon multiplication section, which can include one or more multipliers implemented using XOR-based logic, can be included in a Reed Solomon encoder or decoder.

Abstract: In this invention we describe a new type of computer—infinity computer—that is able to operate with infinite, infinitesimal, and finite numbers in such a way that it becomes possible to execute the usual arithmetical operations with all of them. For the new computer it is shown how the memory for storage of these members is organized and how the new arithmetic logic unit (NALU) executing arithmetical operations with them works.

Abstract: A multiply execution unit that can generate the integer product of a multiplicand and a multiplier and is also operable to generate the XOR product of the multiplicand and the multiplier. The multiply execution unit includes a summing circuit for summing a plurality of partial products. The summing circuit includes a plurality of rows. The summing circuit can generate an integer sum of the plurality of partial products and can generate an XOR sum of the plurality of partial products. The summing circuit includes a plurality of compressors in the first row of the summing circuit. The plurality of compressors each has more than three inputs that receive data, a carry output, and a sum output.

Abstract: A data cryptographer encrypts and decrypts character data of any given length using derivative equations and factors. The use of factors and derivative equations introduces the randomness required for effective encryption without the use of complex mathematics. A set of equations determined by the user is used in a manner similar to a key but with random results. Only a portion of the key is exposed to decrypt the encrypted information. The data cryptographer may be configured using either simple or complex equations and may be implemented in an unlimited number of variations. The data cryptographer is portable, and can be implemented in any programming language that supports cyclical character manipulation. The data cryptographer also supports input from a variety of sources, allowing control from the administrator side, string value side, or any other input that may be extracted from the desired programming language.

Abstract: A technology generally related to large-scale computations is described herein. An implementation, described herein, employs a new and improved variant of the Karatsuba multiplication approach.

Abstract: An apparatus multiplies a first and a second binary polynomial X(t) and Y(t) over GF(2), where an irreducible polynomial Mm(t)=tm+am?1tm?1+am?2tm?2tm?2+ . . . +a1t+a0, and where the coefficients ai are equal to either 1 or 0, and m is a field degree. The degree of X(t)<n, and the degree of Y(t)<n, and m?n. The apparatus includes a digit serial modular multiplier circuit coupled to supply a multiplication result of degree ?m of a multiplication of the first and second binary polynomials. The digit serial modular multiplier circuit includes a first and second register, each being ?n bits. A partial product generator circuit multiplies a portion of digit size d of contents of the first register and contents of the second register. The partial product generator is also utilized as part of a reduction operation for at least one generic curve.

Abstract: There are provided efficient basis conversion matrices Dsd and Dds and a basis conversion method in a finite field GF(2n) using the basis conversion matrices for a case where a defining polynomial is a pentanomial, xn+xk(3)+xk(2)+xk(1)+1, and the exponents n, k(3), k(2), and (k1) satisfy the condition, n?k(3)>k(3)?k(1). In addition, an apparatus for the basis conversion in the finite field GF(2n) is provided. Since a pentanomial having a general form in an arbitrary degree is used as the defining polynomial, basis conversion between a standard representation and a dual representation is efficiently performed. Consequently, a dual basis multiplier can be efficiently implemented.

Abstract: A system that produces one or more non-repeating randomizer sequences of up to 2m?1 or more m-bit symbols includes a randomizer circuit that is set up in accordance with a polynomial with primitive elements of GF(2m) as coefficients. The system combines the randomizer sequence with all the symbols of ECC code words that are encoded using a BCH code over GF(2m) to produce a randomized code word. The particular primitive elements used and/or an initial state of one or more registers in the system specifies the particular sequence produced by the system. The initial state of each of the one or more registers is a selected one of the 2m?1 elements of GF(2m), and thus, 2m?1 different sequences may be produced by selecting a different initial state for a given one of the registers. If the coefficients are also selected from, for example, a set of “p” possible values, the system produces p*(2m?1) different sequences.

Abstract: A processor includes an instruction memory, arithmetic logic unit, finite field arithmetic unit, at least one digital storage device, and an instruction decoder. The instruction memory temporarily stores an instruction that includes at least one of: an operational code, destination information, and source information. The instruction decoder is operably coupled to interpret the instruction to identify the arithmetic logic unit and/or the finite field arithmetic unit to perform the operational code of the corresponding instruction. The instruction decoder then identifies at least one destination location within the digital storage device based on the destination information contained within the corresponding instruction. The instruction decoder then identifies at least one source location within the digital storage device based on the source information of the corresponding instruction.

Abstract: The present invention aims at providing a novel enciphering and deciphering apparatus and an enciphering and deciphering method related thereto, which are respectively capable of contracting the time required for enciphering and deciphering processes and decreasing the number of logic gates provided in the apparatus. Essentially based on an equation Xki=1+?((J=1, i)iCj·Xk?1j) and also based on an initial value consisting of a group of power raising values Xk0j corresponding to j=1 through m in relation to k?1=k0, an arithmetic operating unit 21 seeks a second expression Yk1 by serially computing a group of power raising values Xki corresponding to i=1 through m in relation to one unit of k shown in the above equation in a range from k=k0+1 up to k=k1 by applying binomial coefficients stored in a coefficient memory unit 17.

Abstract: A Galois field arithmetic unit includes a Galois field multiplier section and a Galois field adder section. The Galois field multiplier section includes a plurality of Galois field multiplier arrays that perform a Galois field multiplication by multiplying, in accordance with a generating polynomial, a 1st operand and a 2nd operand. The bit size of the 1st and 2nd operands correspond to the bit size of a processor data path, where each of the Galois field multiplier arrays performs a portion of the Galois field multiplication by multiplying, in accordance with a corresponding portion of the generating polynomial, corresponding portions of the 1st and 2nd operands. The bit size of the corresponding portions of the 1st and 2nd operands corresponds to a symbol size of symbols of a coding scheme being implemented by the corresponding processor.

Abstract: This invention describes a method for evaluating a polynomial in an extension field FqM, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of q-th powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of q-th powers from components of smaller powers; and evaluating the field element at the root of the polynomial.

Abstract: A programmable data encryption engine for performing the cipher function of the data encryption standard (DES) algorithm includes a Galois field linear transformer system (GFLT) responsive to a first input data block to execute an E permutation to obtain an expanded data block and combine it with a key to obtain a second larger intermediate data block in one cycle; and further includes a parallel look-up table system for implementing the unique data encryption standard selection function(s) and for condensing the second larger intermediate data block to a third data block similar to the first input data block in a second cycle and submitting it to the Galois field linear transformer system to execute a second permutation in a third cycle resulting in a data encryption standard cipher function of the first input data block.

Abstract: A data converter (1) capable of reducing a size of the total implementation in a device is a processing apparatus that performs secret converting processing predetermined to input data with 64 bits, the data converter including a finite field polynomial cubing unit (10), data integrating units (11a) to (11d), (12) and (13), a first converter (14), a second converter (15), a data splitting unit (16), and a data integrating unit (17). The finite field polynomial cubing unit (10) performs cubing, on the 32 bits data, in the polynomial residue class ring with a value in the finite field GF (28) as a coefficient and respectively outputs data with 32 bits.