On the Irreducibility of Polynomials Associated with the Complete Residue Systems in any Imaginary Quadratic Fields

For a Gaussian prime π and a nonzero Gaussian integer β = a + b i ∈ ℤ i with a ≥ 1 and β ≥ 2 + 2 , it was proved that if π = α n β n + α n − 1 β n − 1 + ⋯ + α 1 β + α 0 ≕ f β where n ≥ 1 , α n ∈ ℤ i \ 0 , α 0 , … , α n − 1 belong to a complete residue system modulo β , and the digits α n − 1 and α n satisfy certain restrictions, then the polynomial f x is irreducible in ℤ i x . For any quadratic field K ≔ ℚ m , it is well known that there are explicit representations for a complete residue system in K , but those of the case m ≡ 1 mod 4 are inapplicable to this work. In this article, we establish a new complete residue system for such a case and then generalize the result mentioned above for the ring of integers of any imaginary quadratic field.

Montgomery Reduction for Gaussian Integers

Modular arithmetic over integers is required for many cryptography systems. Montgomery reduction is an efficient algorithm for the modulo reduction after a multiplication. Typically, Montgomery reduction is used for rings of ordinary integers. In contrast, we investigate the modular reduction over rings of Gaussian integers. Gaussian integers are complex numbers where the real and imaginary parts are integers. Rings over Gaussian integers are isomorphic to ordinary integer rings. In this work, we show that Montgomery reduction can be applied to Gaussian integer rings. Two algorithms for the precision reduction are presented. We demonstrate that the proposed Montgomery reduction enables an efficient Gaussian integer arithmetic that is suitable for elliptic curve cryptography. In particular, we consider the elliptic curve point multiplication according to the randomized initial point method which is protected against side-channel attacks. The implementation of this protected point multiplication is significantly faster than comparable algorithms over ordinary prime fields.

Dimension of the intersection of certain Cantor sets in the plane

In this paper we consider a retained digits Cantor set \(T\) based on digit expansions with Gaussian integer base. Let \(F\) be the set all \(x\) such that the intersection of \(T\) with its translate by \(x\) is non-empty and let \(F_{\beta}\) be the subset of \(F\) consisting of all \(x\) such that the dimension of the intersection of \(T\) with its translate by \(x\) is \(\beta\) times the dimension of \(T\). We find conditions on the retained digits sets under which \(F_{\beta}\) is dense in \(F\) for all \(0\leq\beta\leq 1\). The main novelty in this paper is that multiplication the Gaussian integer base corresponds to an irrational (in fact transcendental) rotation in the complex plane.

A new twofold Cornacchia-type algorithm and its applications

<p style='text-indent:20px;'>We focus on exploring more potential of Longa and Sica's algorithm (ASIACRYPT 2012), which is an elaborate iterated Cornacchia algorithm that can compute short bases for 4-GLV decompositions. The algorithm consists of two sub-algorithms, the first one in the ring of integers <inline-formula><tex-math id="M1">\begin{document}$ \mathbb{Z} $\end{document}</tex-math></inline-formula> and the second one in the Gaussian integer ring <inline-formula><tex-math id="M2">\begin{document}$ \mathbb{Z}[i] $\end{document}</tex-math></inline-formula>. We observe that <inline-formula><tex-math id="M3">\begin{document}$ \mathbb{Z}[i] $\end{document}</tex-math></inline-formula> in the second sub-algorithm can be replaced by another Euclidean domain <inline-formula><tex-math id="M4">\begin{document}$ \mathbb{Z}[\omega] $\end{document}</tex-math></inline-formula> <inline-formula><tex-math id="M5">\begin{document}$ (\omega = \frac{-1+\sqrt{-3}}{2}) $\end{document}</tex-math></inline-formula>. As a consequence, we design a new twofold Cornacchia-type algorithm with a theoretic upper bound of output <inline-formula><tex-math id="M6">\begin{document}$ C\cdot n^{1/4} $\end{document}</tex-math></inline-formula>, where <inline-formula><tex-math id="M7">\begin{document}$ C = \frac{3+\sqrt{3}}{2}\sqrt{1+|r|+|s|} $\end{document}</tex-math></inline-formula> with small values <inline-formula><tex-math id="M8">\begin{document}$ r, s $\end{document}</tex-math></inline-formula> given by the curves.</p><p style='text-indent:20px;'>The new twofold algorithm can be used to compute <inline-formula><tex-math id="M9">\begin{document}$ 4 $\end{document}</tex-math></inline-formula>-GLV decompositions on two classes of curves. First it gives a new and unified method to compute all <inline-formula><tex-math id="M10">\begin{document}$ 4 $\end{document}</tex-math></inline-formula>-GLV decompositions on <inline-formula><tex-math id="M11">\begin{document}$ j $\end{document}</tex-math></inline-formula>-invariant <inline-formula><tex-math id="M12">\begin{document}$ 0 $\end{document}</tex-math></inline-formula> elliptic curves over <inline-formula><tex-math id="M13">\begin{document}$ \mathbb{F}_{p^2} $\end{document}</tex-math></inline-formula>. Second it can be used to compute the <inline-formula><tex-math id="M14">\begin{document}$ 4 $\end{document}</tex-math></inline-formula>-GLV decomposition on the Jacobian of the hyperelliptic curve defined as <inline-formula><tex-math id="M15">\begin{document}$ \mathcal{C}/\mathbb{F}_{p}:y^{2} = x^{6}+ax^{3}+b $\end{document}</tex-math></inline-formula>, which has an endomorphism <inline-formula><tex-math id="M16">\begin{document}$ \phi $\end{document}</tex-math></inline-formula> with the characteristic equation <inline-formula><tex-math id="M17">\begin{document}$ \phi^2+\phi+1 = 0 $\end{document}</tex-math></inline-formula> (hence <inline-formula><tex-math id="M18">\begin{document}$ \mathbb{Z}[\phi] = \mathbb{Z}[\omega] $\end{document}</tex-math></inline-formula>). As far as we know, none of the previous algorithms can be used to compute the <inline-formula><tex-math id="M19">\begin{document}$ 4 $\end{document}</tex-math></inline-formula>-GLV decomposition on the latter class of curves.</p>

A Compact Coprocessor for the Elliptic Curve Point Multiplication over Gaussian Integers

This work presents a new concept to implement the elliptic curve point multiplication (PM). This computation is based on a new modular arithmetic over Gaussian integer fields. Gaussian integers are a subset of the complex numbers such that the real and imaginary parts are integers. Since Gaussian integer fields are isomorphic to prime fields, this arithmetic is suitable for many elliptic curves. Representing the key by a Gaussian integer expansion is beneficial to reduce the computational complexity and the memory requirements of secure hardware implementations, which are robust against attacks. Furthermore, an area-efficient coprocessor design is proposed with an arithmetic unit that enables Montgomery modular arithmetic over Gaussian integers. The proposed architecture and the new arithmetic provide high flexibility, i.e., binary and non-binary key expansions as well as protected and unprotected PM calculations are supported. The proposed coprocessor is a competitive solution for a compact ECC processor suitable for applications in small embedded systems.