Learn More
This paper discusses several Montgomery multiplication algorithms, two of which h a ve been proposed before. We describe three additional algorithms, and analyze in detail the space and time requirements of all ve methods. These algorithms have been implemented in C and in assembler. The analyses and actual performance results indicate that the Coarsely(More)
We initiate a provable-security treatment of cryptographic agility. A primitive (for example PRFs, authenticated encryption schemes or digital signatures) is agile when multiple, individually secure schemes can securely share the same key. We provide a surprising connection between two seemingly unrelated but challenging questions. The first, new to this(More)
We present a new algorithm for computing a e where a 2 GF2 k and e is a positive integer. The proposed algorithm is more suitable for implementation in software , and relies on the Montgomery multiplication in GF2 k. The speed of the exponentiation algorithm largely depends on the availability of a fast method for multiplying two polynomials of length w(More)
This note describes a Diffie-Hellman oracle, constructed using standard Trusted Platform Module (TPM) signature APIs. The oracle allows one to compute the ex-ponentiation of an arbitrary group element to a specified TPM-protected private key. By employing the oracle, the security provided by a group of order p is reduced by log k bits, provided k oracle(More)