Cryptology ePrint Archive: Report 2007/192

Optimal Irreducible Polynomials for GF(2^m) Arithmetic

Michael Scott

Abstract: The irreducible polynomials recommended for use by multiple standards documents are in fact far from optimal on many platforms. Specifically they are suboptimal in terms of performance, for the computation of field square roots and in the application of the ``almost inverse'' field inversion algorithm. In this paper we question the need for the standardisation of irreducible polynomials in the first place, and derive the ``best'' polynomials to use depending on the underlying processor architecture. Surprisingly it turns out that a trinomial polynomial is in many cases not necessarily the best choice. Finally we make some specific recommendations for some particular types of architecture.

Category / Keywords: implementation / Irreducible polynomials, implementation

Date: received 23 May 2007, last revised 30 May 2007

Contact author: mike at computing dcu ie

Available format(s): PDF | BibTeX Citation

Note: More typos fixed, and an appendix added on the calculation of square roots.

Version: 20070530:160024 (All versions of this report)

Short URL: ia.cr/2007/192

Discussion forum: Show discussion | Start new discussion