3

I am working with elliptic curve cryptography on software environment. I wish to inquire how to efficiently implement the modulo operation of large numbers with respect to a large prime number. e.g. (192 bit number) mod (192 bit mersenne prime)

If there are any tricks or algorithms you can refer that would be very helpful as I am working with resource constrained sensor nodes.

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
aviian7
  • 55
  • 6
  • Normally, you don't just have an *n*-bit number that you want to apply *mod p* on. The modulo operation has to be integrated into addition, multiplication and exponentiation. – Artjom B. Oct 14 '15 at 11:58
  • Yes sorry I meant the binary of 'n' has to be 192 bits long. – aviian7 Oct 14 '15 at 12:08
  • Related questions: [What are the computational benefits of primes close to the power of 2?](http://crypto.stackexchange.com/questions/24014/what-are-the-computational-benefits-of-primes-close-to-the-power-of-2) and [How does NaCL Poly1305 implementation do modular multiplication?](http://crypto.stackexchange.com/questions/9222/how-does-nacl-poly1305-implementation-do-modular-multiplication) – CodesInChaos Nov 08 '15 at 08:24

1 Answers1

3

There is no 192-bit Mersene prime, as considered in the question.

Implementing modular reduction of a 192-bit integer x modulo another 192-bit prime p is very straightforward: the result is x when x<p, or x-p otherwise.

Perhaps the question really is about efficient modular reduction modulo a 192-bit prime p of some larger quantity, for a prime p as commonly used in Elliptic Curve Cryptography. Such primes are often chosen in a way allowing efficient modular reduction. For example, for P-192, the prime modulus p is specified to be 6277101735386680763835789423207666416083908700390324961279 which is fffffffffffffffffffffffffffffffeffffffffffffffffh or 2192-264-1. This p is so near (232)6 that when working in base 232, estimation of a quotient digit in modular reduction modulo p is very easy, much like estimating a new digit when performing schoolbook Euclidian division by 999899 in base 10 is easy: much of the time, the leftmost digit of what remains of the dividend is that new digit of the quotient.

fgrieu
  • 2,724
  • 1
  • 23
  • 53