1994-08-24 - Fast modular exponentiation

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 6a30f5c89adb8c4e1e70c845d334947e1f3dbde5dfd1a2418c261d5dec9150e7
Message ID: <199408241507.IAA15669@jobe.shell.portal.com>
Reply To: <199408240810.BAA27546@servo.qualcomm.com>
UTC Datetime: 1994-08-24 15:08:06 UTC
Raw Date: Wed, 24 Aug 94 08:08:06 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Wed, 24 Aug 94 08:08:06 PDT
To: cypherpunks@toad.com
Subject: Fast modular exponentiation
In-Reply-To: <199408240810.BAA27546@servo.qualcomm.com>
Message-ID: <199408241507.IAA15669@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain

Phil Karn <karn@qualcomm.com> writes:
>Now can we return to cryptography? How about a discussion of fast
>modular exponentiation algorithms, something we (or at least I) can
>put to more immediate and constructive use than nuclear bomb designs?

In the Crypto 93 proceedings, there is an article by Bosselaers, Govaerts,
and Vandewalle comparing the speed of three algorithms for modular reduction
which is the main time-consuming step in modular exponentiation.  They
compared the classical algorithm from Knuth, a modification to it by Barrett
which speeds up the estimate of the first digit of the quotient, and 
Montgomery multiplication (which is inherently modular).

Montgomery was the fastest for taking 1024 bit numbers modulo 512 bit
numbers, but not by a lot.  For exponentiation, though, where the reduction
happens a lot, Montgomery was fastest for all but the very smallest exponents.
512 bit exponents took  about 2.93 seconds for the classical algorithm,
2.85 seconds for the Barrett improvement, and 2.55 seconds for Montgomery.
The crossover point (below which Barrett is best) is exponents of about 32
bits.

So, Montgomery multiplication was best, but the percentage improvement is
not that large.

Sometimes, as I mentioned yesterday, you can restrict the size of the exponents
without losing security (as in DSS), but it depends on the algorithm.

Hal

Thread

Return to August 1994
Return to “Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>”
Return to “Brian Lane <blane@squeaky.free.org>”
Return to “cjl <cjl@welchlink.welch.jhu.edu>”
Return to “Hal <hfinney@shell.portal.com>”
Return to “jdd@aiki.demon.co.uk (Jim Dixon)”
Return to “Jim choate <ravage@bga.com>”
Return to “joshua geller <joshua@cae.retix.com>”
Return to “khijol!erc@apple.com (Ed Carp [Sysadmin])”
Return to “Lawrence Weinman <ltw@netcom.com>”
Return to “m5@vail.tivoli.com (Mike McNally)”
Return to “Mikolaj Habryn <dichro@tartarus.uwa.edu.au>”
Return to “mpd@netcom.com (Mike Duvos)”
Return to “paul@poboy.b17c.ingr.com (Paul Robichaux)”
Return to ““Perry E. Metzger” <perry@imsi.com>”
Return to “Phil Karn <karn@qualcomm.com>”
Return to “Phil Karn <karn@unix.ka9q.ampr.org>”
Return to “pstemari@bismark.cbis.com (Paul J. Ste. Marie)”
Return to “sdw@lig.net (Stephen D. Williams)”
Return to “tcmay@netcom.com (Timothy C. May)”
1994-08-23 (Tue, 23 Aug 94 11:42:12 PDT) - Re: Nuclear Weapons Material - jdd@aiki.demon.co.uk (Jim Dixon)
- 1994-08-23 (Tue, 23 Aug 94 13:25:19 PDT) - Re: Nuclear Weapons Material - Phil Karn <karn@qualcomm.com>
  - 1994-08-24 (Tue, 23 Aug 94 19:47:57 PDT) - Re: Nuclear Weapons Material - khijol!erc@apple.com (Ed Carp [Sysadmin])
    - 1994-08-24 (Wed, 24 Aug 94 01:12:39 PDT) - Re: Nuclear Weapons Material - Phil Karn <karn@qualcomm.com>
      - 1994-08-24 (Wed, 24 Aug 94 06:40:55 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
        1994-08-26 (Thu, 25 Aug 94 21:18:04 PDT) - DSPs - Phil Karn <karn@unix.ka9q.ampr.org>
      - 1994-08-24 (Wed, 24 Aug 94 08:08:06 PDT) - Fast modular exponentiation - Hal <hfinney@shell.portal.com>
        1994-08-26 (Fri, 26 Aug 94 00:05:05 PDT) - Re: Fast modular exponentiation - Phil Karn <karn@unix.ka9q.ampr.org>
        1994-08-26 (Fri, 26 Aug 94 00:26:33 PDT) - Re: Fast modular exponentiation - tcmay@netcom.com (Timothy C. May)
    - 1994-08-24 (Wed, 24 Aug 94 15:36:10 PDT) - Re: Nuclear Weapons Material - Brian Lane <blane@squeaky.free.org>
- 1994-08-23 (Tue, 23 Aug 94 13:57:15 PDT) - Re: Nuclear Weapons Material - sdw@lig.net (Stephen D. Williams)
  - 1994-08-23 (Tue, 23 Aug 94 14:11:30 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
  - 1994-08-24 (Tue, 23 Aug 94 19:17:57 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>
    - 1994-08-24 (Wed, 24 Aug 94 06:10:51 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
      - 1994-08-24 (Wed, 24 Aug 94 09:45:47 PDT) - Re: Nuclear Weapons Material - khijol!erc@apple.com (Ed Carp [Sysadmin])
        1994-08-24 (Wed, 24 Aug 94 10:06:43 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
        1994-08-26 (Fri, 26 Aug 94 00:03:49 PDT) - Re: Nuclear Weapons Material - Phil Karn <karn@unix.ka9q.ampr.org>
        1994-08-25 (Wed, 24 Aug 94 21:17:08 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>
        1994-08-25 (Wed, 24 Aug 94 22:32:24 PDT) - Re: Nuclear Weapons Material - khijol!erc@apple.com (Ed Carp [Sysadmin])
        1994-08-25 (Wed, 24 Aug 94 22:37:59 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>
        1994-08-25 (Thu, 25 Aug 94 05:53:11 PDT) - Re: Nuclear Weapons Material - Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
        1994-08-25 (Thu, 25 Aug 94 06:59:38 PDT) - Nuclear Weapons Material - pstemari@bismark.cbis.com (Paul J. Ste. Marie)
        1994-08-25 (Thu, 25 Aug 94 07:41:17 PDT) - Re: Nuclear Weapons Material - mpd@netcom.com (Mike Duvos)
        1994-08-25 (Thu, 25 Aug 94 07:52:38 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
        1994-08-25 (Thu, 25 Aug 94 09:33:55 PDT) - Re: Nuclear Weapons Material - mpd@netcom.com (Mike Duvos)
        1994-08-25 (Thu, 25 Aug 94 11:13:26 PDT) - Re: Nuclear Weapons Material - Jim choate <ravage@bga.com>
        1994-08-25 (Thu, 25 Aug 94 10:14:10 PDT) - Re: Nuclear Weapons Material - m5@vail.tivoli.com (Mike McNally)
        1994-08-25 (Thu, 25 Aug 94 10:22:21 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
        1994-08-25 (Thu, 25 Aug 94 11:01:02 PDT) - Re: Nuclear Weapons Material - Jim choate <ravage@bga.com>
        1994-08-25 (Thu, 25 Aug 94 11:27:04 PDT) - Re: Nuclear Weapons Material - “Perry E. Metzger” <perry@imsi.com>
        1994-08-25 (Thu, 25 Aug 94 11:29:25 PDT) - Re: Nuclear Weapons Material - paul@poboy.b17c.ingr.com (Paul Robichaux)
        1994-08-25 (Thu, 25 Aug 94 11:56:18 PDT) - Re: Nuclear Weapons Material - Jim choate <ravage@bga.com>
        1994-08-26 (Thu, 25 Aug 94 21:13:06 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>
        1994-08-25 (Thu, 25 Aug 94 11:09:14 PDT) - Re: Nuclear Weapons Material - joshua geller <joshua@cae.retix.com>
        1994-08-26 (Thu, 25 Aug 94 23:39:32 PDT) - Re: Nuclear Weapons Material - Lawrence Weinman <ltw@netcom.com>
        1994-08-26 (Thu, 25 Aug 94 20:59:58 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>
      - 1994-08-25 (Wed, 24 Aug 94 17:25:36 PDT) - Re: Nuclear Weapons Material - cjl <cjl@welchlink.welch.jhu.edu>
      - 1994-08-25 (Wed, 24 Aug 94 21:10:13 PDT) - Re: Nuclear Weapons Material - Mikolaj Habryn <dichro@tartarus.uwa.edu.au>

cryptoanarchy.wiki

1994-08-24 - Fast modular exponentiation

Header Data

Raw message

Thread