Randomized modular polynomial reduction method and hardware therefore

摘要

A cryptographically secure, computer hardware-implemented binary finite-field polynomial modular reduction method estimates (32) and randomizes (36) a polynomial quotient q' (x) used for computation of a polynomial remainder. The randomizing error E (x) injected into the approximate polynomial quotient q (x) is limited to a few bits, e.g. less than half a word. The computed (38) polynomial remainder r' (x) is congruent with but a small random multiple of the residue r (x), which can be found by a final strict binary field reduction by the modulus M (x). In addition to a computational unit (10) and operations sequencer (16), the computing hardware also includes a random or pseudo-random number generator (20) for producing the random polynomial error. The modular reduction method thus resists hardware cryptoanalysis attacks, such as timing and power analysis attacks.