Abstract: Disclosed herein is an arithmetic logic unit over a finite field GF(2m). Arithmetic logic units consistent with the present invention are disclosed as implemented using a division algorithm based on a binary greatest common divisor algorithm and a Most Significant Bit-first multiplication algorithm. The arithmetic logic unit can perform both a multiplication and a division using shared logic. Since the arithmetic logic unit has no limitations in the selection of an irreducible polynomial, and it is very regular and easily formed as a module, the arithmetic logic unit of the present invention has high expansibility and flexibility with respect to the size m of a field. Further, since the arithmetic logic unit of the present invention can perform a multiplication and a division using shared logic, it is very suitable to implement an encryption system for application products requiring a small size, such as smart cards or wireless communication devices.

Abstract: The present invention relates to a method of encryption and decryption comprises the steps of: selecting a generator and a first element of a first non abelian group, respectively, computing a first inner automorphism which is used as a first public key, and generating a second public key by using a secret key being a first integer and the first public key; expressing a plain text by a product of generator of a second non abelian group, computing a second inner automorphism by using an arbitrary second integer and the first public key, computing a third inner automorphism by using the second integer and the second public key, and generating a ciphertext by using the third inner automorphism; and generating a fourth inner automorphism by using the secret key and the second inner automorphism, and decrypting the ciphertext by using the fourth inner automorphism.

Abstract: In a device for calculating a result of a modular exponentiation, the Chinese Residue Theorem (CRT) is used, wherein two auxiliary exponentiations are calculated using two auxiliary exponents and two sub-moduli. In order to improve the safety of the RSA CRT calculations against cryptographic attacks, a randomization of the auxiliary exponents and/or a change of the sub-moduli are performed. Thus, there is a safe RSA decryption and RSA encryption, respectively, by means of the calculating time efficient Chinese Residue Theorem.

Abstract: A reduction operation is utilized in an arithmetic operation on two binary polynomials X(t) and Y(t) over GF(2), where an irreducible polynomial Mm(t)=tm+am?1tm?1+am?2tm?2+ . . . +a1t+a0, where the coefficients ai are equal to either 1 or 0, and m is a field degree. The reduction operation includes partially reducing a result of the arithmetic operation on the two binary polynomials to produce a congruent polynomial of degree less than a chosen integer n, with m?n. The partial reduction includes using a polynomial M?=(Mm(t)?tm)*tn?m, or a polynomial M?=Mm(t)*tn?m as part of reducing the result to the degree less than n and greater than or equal to m. The integer n can be the data path width of an arithmetic unit performing the arithmetic operation, a multiple of a digit size of a multiplier performing the arithmetic operation, a word size of a storage location, such as a register, or a maximum operand size of a functional unit in which the arithmetic operation is performed.

Abstract: Scalable and unified multipliers for multiplication of cryptographic parameters represented as elements of either of the prime field (GF(p)) and the binary extension field (GF(2m)) include processing elements arranged to execute in pipeline stages. The processing elements are configurable to perform operations corresponding to either the prime field or the binary extension field. In an example, the processing elements include a dual-field adder having a field-select input that permits selection of a field arithmetic. In a representative example, multipliers are implemented as integrated circuits having processing units that each receive a single bit of one operand and partial words of the remaining operand.

Abstract: A method, apparatus, and article of manufacture provide the ability to rapidly generate a large prime number to be utilized in a cryptographic key of a cryptographic system. A candidate prime number is determined and a mod remainder table is initialized for the candidate prime number using conventional mod operations. If all mod remainder entries in the table are non-zero, the candidate number is tested for primality. If the candidate prime number tests positive for primality, the candidate number is utilized in a cryptographic key of a cryptographic system. If any of the table entries is zero, the candidate number and each mod remainder entry are decremented/incremented. If any mod remainder entry is less than zero or greater than the corresponding prime number, the corresponding prime number is added/subtracted to/from the mod remainder. The process then repeats until a satisfactory number is obtained.

Abstract: A circuit for computing the inner of scalar product of two vectors in a finite Galois field defined by a generator polynomial, wherein each vector includes at least two elements belonging to said finite field, comprises one or more look-up tables storing digital words indicative of said possible combinations and said possible reductions. The digital words in question are defined as a function of the second elements of said vectors and the generator polynomial of the field. The input register(s) and the look-up table(s) are configured to co-operate in a plurality of subsequent steps to generate at each step a partial product result identified by at least one of digital word addressed in a corresponding look-up table as a function of the digital signals stored in the input register(s). The circuit also includes an accumulator unit for adding up the partial results generated at each step to give a final product result deriving from accumulation of said partial results.

Abstract: An objective is to obtain a Jacobian group element adder that can calculate addition in a Jacobian group of a Cab curve at a high speed, and can enhance practicality of the Cab curve. An algebraic curve parameter file A 10, and Groebner bases I1 and I2 of ideals of a coordinate ring of an algebraic curve designated by this file A are input into an ideal composition section 11 to perform arithmetic of producing a Groebner basis J of an ideal product of the ideal generated by I1 and ideal generated by I2. In a first ideal reduction section 12, arithmetic is performed of producing a Groebner basis J* of an ideal that is smallest in a monomial order designated by the file A among ideals equivalent to an inverse ideal of an ideal that J in the coordinate ring of the algebraic curve designated by the file A generates.

Abstract: A method and apparatus for processing binary data representing field elements of an odd-characteristic finite field GF(pk). Binary data representing at least a portion of a field element of an odd-characteristic finite field GF(pk) is stored in a register, p being an odd prime number. The field element includes k coefficients in accordance with a polynomial-basis representation. The binary data includes plural groups of data bits, wherein each group of data bits represents an associated one of the k coefficients. At least one operation on contents of the register such that the plural groups of data bits are processed in parallel.

Abstract: A full-adder post processor performs modulo arithmetic. The full-adder post processor is a hardware implementation able to calculate A mod N, (A+B) mod N and (A?B) mod N. The processor includes a full adder able to add the operands A and B while modulo reduction is accomplished in the processor by successively subtracting the largest possible multiple of the modulus N obtainable by bit shifting prior to subtraction.

Abstract: A multiply unit includes an extended precision accumulator. Microprocessor instructions are provided for manipulating portions of the extended precision accumulator including an instruction to move the contents of a portion of the extended accumulator to a general-purpose register (“MFLHXU”) and an instruction to move the contents of a general-purpose register to a portion of the extended accumulator (“MTLHX”).

Abstract: A data buffer receives and temporarily stores data including a product code enabling error correction in first and second directions. An exclusive-OR operation circuit uses an error amount detected by error correction in the first direction and data stored in a storage element to calculate a first error check result. A PI direction error-checking circuit according to the first error check result performs error check after error correction in the first direction. A PO direction partial error-checking circuit and a PO direction aggregate error-checking circuit use an error amount detected in error correction in the second direction and calculate a second error check result. The first and second error check results are used to generate a final error check result by an exclusive-OR operation circuit.

Abstract: A compact Galois field parallel multiplier engine includes a multiplier circuit for multiplying together two polynomials with coefficients over a Galois field to obtain their product; a Galois field linear transformer circuit has a multiply input from the multiplier circuit for predicting the modulo remainder of the polynomial product for an irreducible polynomial; first and second polynomial inputs; the Galois field linear transformer circuit may include a plurality of cells configured in a matrix section and a unity matrix section wherein the unity matrix section cells represent the prediction of the remainder when the output of the multiplier circuit is a polynomial with a power less than the power of the irreducible polynomial.

Abstract: An elliptic curve encryption processing method and an elliptic curve encryption processing apparatus enable high-speed elliptic curve encryption processing computations to be realized. In elliptic curve encryption processing computations, two scalar multiplications, kP and lQ, are not performed separately, but the computation process of kP+lQ is performed simultaneously. In the computation of scalar multiplications, kP and lQ are set on a Montgomery elliptic curve By2=x3+Ax2+x. On the basis of a combination of each bit value of k and l from the high-order bits of the binary representation data of the scalar quantities k and l, a computation relation of the next four points based on the computed four points is selected, and based on the selected relation, a process of computing the next four points is repeatedly performed to eventually compute kP+lQ.

Abstract: An Reed-Solomon encoder and method for block-code encoding by performing a plurality of Galois-Field (GF) multiplication operations utilizing a single GF multiplier. The multiplier generates a set of partial products that are used to calculate all the multiplication operations required for the encoding.

Abstract: A method for constructing a logic circuit for inversion in finite field GF(2m) is described, where m=nk, and k, n are coprime numbers, using bases in subfields GF(2n) and GF(2k). The method may be applied to error correction codes, including BCH codes, Reed-Solomon codes (which are a subset of BCH codes), turbo codes, and the like.

Abstract: A multiply execution unit that is operable to generate the integer product and the XOR product of a multiplicand and a multiplier. The multiply execution unit includes a summing circuit for summing a plurality of partial products. The partial products may be Booth encoded. The summing circuit can generate an integer sum of the plurality of partial products and can generate an XOR sum of the plurality of partial products. The summing circuit includes a first plurality of full adders. The first plurality of full adders each has three inputs, a carry output, and a sum output. The sum outputs of the first plurality of full adders are independent of the value of any carry output in the summing circuit. The summing circuit also includes a second plurality of full adders. The second plurality of full adders each has three inputs, a carry output, and a sum output.

Abstract: The invention relates to a method and multiplier for multiplying two factors from the Galois field GF (2m*p), where each of the factors can be represented as a vector of p sub-blocks with a width of m bits and p, m are positive integers greater than 1. The method and multiplier allow for a polynomial multiplication to be performed quickly and efficiently with minimum requirements in respect of for storage space. Therefore, savings can thus be achieved in respect of power consumption, crystal surface and calculation time.

Abstract: A flexible Galois Field multiplier is provided which implements multiplication of two elements within a finite field defined by a degree and generator polynomial. One preferred embodiment provides a method for multiplying two elements of a finite field. According to the method, two input operands are mapped into a composite finite field, an initial KOA processing is performed upon the two operands in order to prepare the two operands for a multiplication in the ground field, the multiplication in the ground field is performed through the use of a triangular basis multiplier, and final KOA3 processing and optional modulo reduction processing is performed to produce the result. This design allows rapid redefinition of the degree and generator polynomial used for the ground field and the extension field.

Abstract: A method and apparatus for performing Galois field multiplication with reduced redundancy. Generally, multiplication by a Galois field multiplier involves the multiplication of two polynomials modulo another polynomial. The Galois field multiplier has two Galois Field elements in a field of GF(2n) that correspond to the binary polynomials A[X] and B[X]: A[X]=an-1Xn-1+an-2Xn-2+an-3Xn-3+ . . . a1X+a0, B[X]=bn-1Xn-1+bn-2Xn-2+bn-3Xn-3+ . . . b1X+b0, where n corresponds to a number of terms in a Galois extension field of the Galois multiplier, and n-1 is an order of the polynomial A[X]. Premultiplier logic translates the binary polynomial A[X] into a binary vector cr, where r is the number of terms of the vector. The premultiplier logic is configured to modulo-2 add together various coefficients of the a0 through an-1, coefficients to produce various terms c0 through cr-1 of the cr binary vector.

Abstract: A residue computing device on a Galois Field, for calculating a residue of a product of a multiplier factor and a multiplicand under a modulo, includes a gate for allowing the multiplier factor to pass therethrough when a leading bit of the multiplicand is 1, an adder for adding a temporary residue and a value obtained by the passage, a gate for allowing the modulo to pass therethrough when a leading bit of a summed value of the adder is 1, and a subtractor for subtracting the modulo from the summed value of the adder when the leading bit of the summed value is 1, wherein a process for setting a value obtained by shifting a subtracted value of the subtractor by one bit, as the temporary residue on the basis of the next clock is repeatedly performed for each clock to thereby calculate the residue.

Abstract: A modular Galois-field subfield-power integrated inverter-multiplier circuit that may be used to perform Galois-field division over GF(245). The integrated inverter-multiplier circuit combines subfield-power and parallel multiplication and inversion operations performed therein. The circuit is modular, has a relatively low gate count, and is easily pipelined because it does not use random logic. The circuit implements mathematical calculations known as “Galois-field arithmetic” that are required for a variety of digital signaling and processing applications such as Reed-Solomon and Bose-Chaudhuri-Hochquenghem (BCH) error-correction coding systems. Galois-field division is particularly difficult, typically requiring either a great deal of time or highly complex circuits, or both. The circuit uses a unique combination of subfield and power inversion techniques to carry out multiplicative inversion.

Abstract: A hashing system produces hash values by manipulating n-bit sequences in accordance with a selected distance d error correction code (“ECC”) over an associated Galois Field. The current system produces a hash value for a given n-bit sequence by treating the sequence as either a corrupted n-bit ECC codeword or as “n” information bits of an (n+r)-bit ECC codeword. The hashing system may decode the n bits as a corrupted codeword of an (n, k, d) perfect ECC to produce an n-bit error-free codeword, and then use as the hash value the information bits of the error-free codeword. Alternatively, the hashing system may treat the n-bit sequence as a corrupted code word of a cyclic distance d ECC, and map the codeword to an (n?k)-bit “error pattern” that the system then uses as the hash value. The hashing system may instead treat the n-bit sequence as n “information” bits and encode the bits in accordance with an (n+r, n, d) ECC, to produce an r-bit hash value that consists of the associated redundancy bits.

Abstract: A Galois field multiply/multiply-add/multiply-accumulate system includes a multiplier circuit for multiplying two polynomials with coefficients over a Galois field to obtain their product; a Galois field linear transformer circuit responsive to the multiplier circuit for predicting the modulo remainder of the polynomial product for an irreducible polynomial; a storage circuit for supplying to the Galois field linear transformer circuit a set of coefficient for predicting the modulo remainder for a predetermined irreducible polynomial; and a Galois field adder circuit for adding the product of the multiplier circuit with a third polynomial with coefficients over a Galois field for performing the multiplication and add operations in a single cycle.

Abstract: A fast cryptographic method between two entities exchanging data via a non-secure communication channel. The method, for example, forms a common key between two entities (A,B), each having a secret key (a,b) and using a public key (P) formed by a point of an elliptic curve (E), and includes at least multiplying the odd order point (P) by an integer by additions and halving operations.

Abstract: A method for implementing an elliptic curve or discrete logarithm cryptosystem on inexpensive microprocessors is disclosed which provides for advantageous finite field computational performance on microprocessors having limited computational capabilities. The method can be employed with a variety of commercial and industrial imbedded microprocessor applications such as consumer smart cards, smart cards, wireless devices, personal digital assistants, and microprocessor controlled equipment. In one embodiment, a Galois Field (GF) implementation based on the finite field GF((28?17)17) is disclosed for an Intel 8051 microcontroller, a popular commercial smart card microprocessor. The method is particularly suited for low end 8-bit and 16-bit processors either with or without a coprocessor.

Abstract: A method and apparatus for performing syndrome computation in a decoder of a forward error correction (FEC) system. Syndrome computation logic of the decoder uses a partial parity-check matrix to recursively generate intermediate syndrome vectors based on a code word received by the decoder and to modulo-2 add the recursively generated intermediate syndrome vectors together until a final resolved syndrome vector has been generated. This recursive use of the partial parity-check matrix enables the syndrome computations to be performed very quickly so that the decoder is suitable for use in high data rate systems and provides a very large reduction in the amount of logic needed to perform the syndrome vector computations. The reduction in the syndrome computation logic results in reduced area requirements for the logic as well as reduced power requirements.

Abstract: A combinational circuit comprises: a plurality of multipliers, independently performing two or more multiplications for coded digital signals in a Galois extension field GF(2m) (m is an integer equal to or greater than 2), wherein the multipliers include an input side XOR calculator, an AND calculator, and an output side XOR calculator, and wherein the multipliers share the input side XOR calculator. Further, according to the present invention, these multipliers each include an adder connected between an AND calculator and an output side XOR calculator, wherein the output side XOR calculator is used in common, and wherein the outputs of the AND calculators in the multipliers are added by the adders, and the addition results are calculated by the output side XOR calculator that is used in common.

Abstract: Finite field multiplication of first and second Galois elements having n bit places and belonging to a Galois field GF 2n described by an irreducible polynomial is performed by forming an intermediate result Z of intermediate sums of partial products of bit width 2n?2 in an addition part of a Galois multiplier. The intermediate result Z is processed in a reduction part of a Galois multiplier by modulo dividing by the irreducible polynomial, whereby after all XOR's are traversed a result E with n bits is computed.

Abstract: To implement an operation in Jacobian with improved computation complexity, the sum is computed of a divisor D1=g.c.d. (a1(x),y?b1(x)) and a divisor D2=g.c.d. (a2(x),y?b2(x)) on Jacobian of a hyperelliptic curve y2+y=f(x) defined over GF(2n) by: storing a1(x), a2(x), b1(x) and b2(x); and calculating q(x)=s1(b1(x)+b2(x)) mod a2(x) by using s1(x) in s1(x)a1(x)+s2(x)a2(x)=1 in case of GCD(a1(x),a2(x))=1 where GCD denotes a greatest common polynomial. Thus, a new function q(x) is provided so as to reduce the entire computational complexity and the hardware size. Moreover, in the case of D1=D2, a1(x) and b1(x) is stored; and q(x)=Q(b12(x)+f(x) mod a12(x), a1(x)) where Q(A,B) is a quotient of A/B is calculated.

Abstract: A data converter (1) capable of reducing a size of the total implementation in a device is a processing apparatus that performs secret converting processing predetermined to input data with 64 bits, the data converter including a finite field polynomial cubing unit (10), data integrating units (11a) to (11d), (12) and (13), a first converter (14), a second converter (15), a data splitting unit (16), and a data integrating unit (17). The finite field polynomial cubing unit (10) performs cubing, on the 32 bits data, in the polynomial residue class ring with a value in the finite field GF (28) as a coefficient and respectively outputs data with 32 bits.

Abstract: A systolic product-sum calculator for computing A*B+C over multi-basis in Galois fields GF(2m) includes a systolic architecture comprises a plurality of basic cells arranged in m rows and m columns, at least one row of n multiplexers disposed between two pre-determined rows, n and n-1, and a column of stacked multiplexers. At least one selection line is used to control the multiplexers for selecting the outputs over multi-basis including at least GF(2m) or GF(2n).

Abstract: A multiple-stage encoder encodes the data in accordance with one, two, . . . , or f factors of an associated cyclic code generator polynomial g(x)=g1(x)*g2(x)* . . . *gf(x) to produce data code words that include a selected number of ECC symbols. The encoder encodes the data d(x) in a first stage using a first factor gm(x) of a selected polynomial ps(x) to produce d(x)*xs=q1(x)g1(x)+r1(x), where q1(x) is a quotient and r1(x) is a remainder and g1(x) has degree s. In a next stage the encoder encodes q1(x) using a next factor gm(x) of the selected polynomial to produce qm(x)=q1(x)gm(x)+rm(x) and so forth, until the remainders associated with all of the factors of the selected generator polynomial have been produced. The system then manipulates the remainders to produce a remainder rs(x) that is associated with the selected polynomial ps(x), and uses a cyclically shifted version of the remainder rs(x) as the code word ECC symbols.

Abstract: A system that produces one or more non-repeating randomizer sequences of up to 2m?1 or more m-bit symbols includes a randomizer circuit that is set up in accordance with a polynomial with primitive elements of GF(2m) as coefficients. The system combines the randomizer sequence with all the symbols of ECC code words that are encoded using a BCH code over GF(2m) to produce a randomized code word. The particular primitive elements used and/or an initial state of one or more registers in the system specifies the particular sequence produced by the system. The initial state of each of the one or more registers is a selected one of the 2m?1 elements of GF(2m), and thus, 2m?1 different sequences may be produced by selecting a different initial state for a given one of the registers. If the coefficients are also selected from, for example, a set of “p” possible values, the system produces p*(2m?1) different sequences.

Abstract: The disclosed technology of the present invention relates to an information processing device such as an IC card, and specifically to the overflow processing which occurs in a modular multiplication operation during crypto-processing. Such overflow processing exhibits a particular pattern of consumption current. It is the subject of the present invention to decrease the relationship between the data processing and the pattern of the consumption current. In the processing procedures for performing a modular exponentiation operation according to the 2 bit addition chain method, the modular multiplication operation to be executed is selected at random, the selected modular multiplication operation is executed for each 2 bits, the correction of the result is performed, and the result of the calculation (i.e, a corrected value or uncorrected value) is outputted.

Abstract: A multi-word arithmetic device, capable of executing a variety of types of multi-word arithmetic required for elliptic curve cryptology, includes the following. A memory 40, formed from two dual-port memories 41 and 42, temporarily stores n-word integers on which calculation is performed, and a calculation result. An arithmetic unit 20 executes two or more types of calculation, including addition and multiplication, on each word, and outputs a one-word result. A memory input/output unit 30 supplies a maximum of three pieces of one-word data from the memory 40 to the arithmetic unit 20, while simultaneously storing a one-word calculation result from the arithmetic unit 20 in the memory 40. A control unit 10 controls the arithmetic unit 20 and the memory input/output unit 30 so as to have the arithmetic unit execute one of modular addition and Montgomery reduction on n words.

Abstract: Finite field elements from the Galois field GF(2k) are represented as polynomials with binary valued coefficients. As such, multiplication in the field is defined modulo an irreducible polynomial of degree k?1. One of the multiplicands is treated in blocks of polynomials of degree n?1 so that the multiplier operates over T cycles where k=nT. If k is not a composite number to start with, higher order terms are added, so that multipliers are now constructable even when k is prime. Since n<k, the construction of the needed multiplier circuits are much simpler. Designers are now provided with an opportunity of easily trading off circuit speed for circuit complexity in an orderly and structured fashion.

Abstract: A decoding circuit used to correct an error in a digital signal includes: an input unit for entering coded digital signals ID in parallel in accordance with the number of interleaved codes; a processor including an error locator polynomial calculator and an error value polynomial calculator for processing data obtained serially from the interleaved codes that are received by the input unit; and an output unit for correcting errors by employing the output data that are received from the processor and the digital signals ID, and for outputting in parallel the obtained digital signals OD, for which an error has been corrected by a linear calculation on a Galois field, in accordance with the number of interleaved codes.

Abstract: A multiplicand is multiplied by a multiplier using a modulus. The multiplicand, the multiplier and the modulus are polynomials of variable. A multiplication look-ahead method to obtain a multiplication shift value is carried out. An intermediate result polynomial is shifted to the left by the number of digits of the multiplication shift value. A reduction shift value equalling the difference of the degree of the shifted intermediate result polynomial and the degree of the modulus polynomial is obtained in a reduction look-ahead method. The modulus polynomial is then shifted by a number of digits equalling the reduction shift value. In a three-operands addition, the shifted polynomial and the multiplicand are summed and the shifted modulus polynomial is subtracted. The modular multiplication are iteratively executed and processed progressively until all the powers of the multiplier polynomial have been processed.

Abstract: One embodiment of the present invention provides a system that performs modular division. This system contains a number of registers, including: a register A that is initialized with a value X; a register U that is initialized with a value Y; a register B that is initialized with a value M; and a register V that is initialized with a value 0. The system also includes a counter CA that indicates an upper bound for the most-significant non-zero bit of register A. It also includes a counter CB that indicates an upper bound for the most-significant non-zero bit of register B. The system additionally includes a temporary register H, and a temporary register L. An updating mechanism is configured to iteratively reduce the contents of registers A and B to a value of one by applying a plurality of operations to registers A, B, U and V. During operation, this updating mechanism temporarily stores A+B in the temporary register H, and temporarily stores U+V in the temporary register L.

Abstract: The present invention relates to a finite field multiplier used for implementing an encrypting algorithm circuit, thereby minimizing power consumption and circuit area in implementing the finite field multiplier with a LFSR (Linear Feedback Shift Register) structure. The Finite field multiplier of the present invention is an operator performing a modular operation on the multiplication result of two data represented on a polynomial basis in a Galois Field into an irreducible polynomial. The LFSR structure is a serial finite field multiplication structure, and has a merit over an array structure and a hybrid structure in application to systems that are limited in size and power due to its simplicity of circuits and also its capability of being implemented in a small size.

Abstract: A multiplication module, including a first input unit and a second input unit, for multiplying m bits of data in a Galois field GF(2m)(m?1), includes: first and second power arithmetic units for receiving the first m bits of data from the first input unit; a first multiplication unit for receiving the first m bits of data and the output of the first power arithmetic unit; a second multiplication unit for receiving second m bits of data from the second input unit and the output of the second power arithmetic unit; a selection unit for receiving an output signal from the second multiplication unit and the second m bits of data; and a control unit for outputting a control signal to the first power arithmetic unit, the second arithmetic unit and the selection unit, wherein the first power arithmetic unit receives a first control signal, the second power arithmetic unit receives a second control signal, and the selection unit receives a third control signal, for controlling the output of the selection unit, while

Abstract: A K-bit information signal represented by a polynomial U(x) having a degree K?1 is received. The information signal is transformed to form a transformed information signal using a first transform represented by a polynomial G1(x) having a degree P. The transformed information signal is represented by a polynomial T(x) having a degree K+P?1. T(x) equals U(x)G1(x). An initial cyclic code represented by a polynomial R1(x) is generated for the transformed information signal using a second transform represented by a polynomial G2(x), where G2(x) has high-order leading-zero terms. R1(x) equals the remainder obtained by dividing T(x) by G2(x). The initial cyclic code is transformed to form a final cyclic code represented by a polynomial R2(x) using the first transform. R2(x) equals R1(x)/G1(x).

Abstract: A syndrome polynomial calculating circuit and a Reed-Solomon decoding circuit capable of performing a high-speed operation. Higher-order signals I1, I2 and I3 are inputted to first to third Galois field multiplication circuits. For each of S0, S1, S2 and S3, the multipliers are a6, a9, a12; a2, a4, a6, a8; a, a2, a3, a4. Outputs of first to third multiplication circuits and I4 are sent to an exclusive-OR gate, an output of which is sent to a D-F/F. An output of the D-F/F is sent to a fourth Galois field multiplication circuit and to an AND gate. For each of S0, S1, S2 and S3, multipliers of the fourth multiplication circuit are a4, a8, a12, a16. An output of the fourth multiplication circuit is sent to a fifth input of the exclusive OR gate. Clocks are input to the D-F/F and to a counter. The counter value is reset by the inputting of a frame pulse. The counter value is L or H for the counter value of 0 to 4 or 5, respectively. A counter output is sent to the AND gate.

Abstract: An apparatus and method for performing a modular operation S=AB mod N, the apparatus arranged such that the constant J0, which is ordinarily required in order to complete the operation, is not required to be explicitly computed, thus simplifying and speeding up the operation.

Abstract: A Galois field divider engine and method inputs a 1 and a first Galois field element to a Galois field reciprocal generator to obtain an output, multiplies in a Galois field reciprocal generator a first Galois field element by a first element of the Galois field reciprocal generator for predicting the modulo remainder of the square of the polynomial product of an irreducible polynomial m−2 times where m is the degree of the Galois field to obtain the reciprocal of the first Galois field element, and multiplying in the Galois field reciprocal engine the reciprocal of the first Galois field element by a second Galois field element for predicting the modulo remainder of the polynomial product for an irreducible polynomial to obtain the quotient of the two Galois field elements in m cycles; in a broader sense the invention includes a compound Galois field engine for performing a succession of Galois field linear transforms on a succession of polynomial inputs to obtain an ultimate output where each input ex

Abstract: A method of modular exponentiation includes receiving as input a first number, a second number, and a modulus for calculating a residue of a product of the first number times the second number modulo the modulus; partitioning the first number into a selected number of pieces; calculating a first product of one of the pieces times the second number; adding a previous intermediate result to the first product to generate a first sum; shifting the first sum by a selected number of bit positions to generate a second product; and reducing a bit width of the second product to generate an intermediate result wherein the intermediate result has a bit width that is less than a bit width of the second product and has a residue that is identical to a residue of the second product modulo the modulus.

Abstract: Montgomery exponentiators and methods modulo exponentiate a generator (g) to a power of an exponent (e). The Montgomery exponentiators and methods include a first multiplier that is configured to repeatedly square a residue of the generator, to produce a series of first multiplier output values at a first multiplier output. A second multiplier is configured to multiply selected ones of the series of first multiplier output values that correspond to a bit of the exponent that is binary one, by a partial result, to produce a series of second multiplier output values at a second multiplier output. By providing two multipliers that are serially coupled as described above, Montgomery exponentiation can be accelerated.

Abstract: The present invention is directed to a method for constructing a logic circuit for inversion in finite field GF(2m), where m=nk, and k, n are coprime numbers, using bases in subfields GF(2n) and GF(2k). The present invention may be applied to error correction codes, including BCH codes, Reed-Solomon codes (which are a subset of BCH codes), turbo codes, and the like.

Abstract: A method for power reduction and increasing computation speed for a Montgomery modulus multiplication module for performing modulus multiplication. A coding scheme reduces the hamming distance for partial product and multiple modulus selection, reducing MUX operations and power consumption. Synchronization registers synchronize partial product and multiple modulus values input to an accumulator reducing glitch and/or increase computation speed. Registers provide storage of previous values and reduce the need to obtain the values from a MUX, reducing MUX operations and/or reducing power consumption.