You are looking at a specific version 20200823:182411 of this paper. See the latest version.

Paper 2020/972

Optimized Binary GCD for Modular Inversion

Thomas Pornin

Abstract

In this short note, we describe a practical optimization of the well-known extended binary GCD algorithm, for the purpose of computing modular inverses. The method is conceptually simple and is applicable to all odd moduli (including non-prime moduli). When implemented for inversion in the field of integers modulo the prime $2^{255}-19$, on a recent x86 CPU (Coffee Lake core), we compute the inverse in 6253 cycles, with a fully constant-time implementation.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
binary GCDmodular inversion
Contact author(s)
thomas pornin @ nccgroup com
History
2020-08-23: last of 2 revisions
2020-08-18: received
See all versions
Short URL
https://ia.cr/2020/972
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.