Wikipedia:Reference desk/Archives/Mathematics/2015 February 13

= February 13 =

Massey-Omura cryptosystem
From three-pass protocol:
 * The Massey-Omura Cryptosystem was proposed by James Massey and Jim K. Omura in 1982 as a possible improvement over the Shamir protocol. The Massey-Omura method uses exponentiation in the Galois field GF(2n) as both the encryption and decryption functions.  That is E(e,m)=me and D(d,m)=md where the calculations are carried out in the Galois field.  For any encryption exponent e with 0<e<2n-1 and gcd(e,2n-1)=1 the corresponding decryption exponent is d such that de ≡ 1 (mod 2n-1).  Since the multiplicative group of the Galois field GF(2n) has order 2n-1 Lagrange's theorem implies that mde=m for all m in GF(2n)*.

I have been able to get the Shamir three-pass protocol to work, but I don't know how to do this one. How do I perform "calculations...carried out in the Galois field"? — Melab±1 &#9742; 21:18, 13 February 2015 (UTC)
 * See Finite field arithmetic. In brief: Addition in the field is bitwise XOR. Multiplication is the usual positional long addition (XOR with shifts), except that whenever a nonzero bit ends up left of the bit length, you add (XOR) a constant bitstring with the constant's MSB aligned to it and thus cancel it, repeating until there only zeros left of the rightmost n bits.  The constant is determined by the representation of the field (the irreducable poynomial).  Exponentiation is repeated by multiplication, which can be done pretty efficiently through exponentiation by squaring.  There is a lot of code online if you Google finite field arithmetic, Galois field arithmetic etc. —Quondum 23:01, 13 February 2015 (UTC)
 * An arguably more elegant but much less common approach, which works only for fields of order $$2^{2^k}$$, is to use the first $$2^{2^k}$$ nimbers with the standard nimber sum (bitwise xor) and product. -- BenRG (talk) 23:17, 13 February 2015 (UTC)
 * You lost me at "usual positional long addition". Can I have an example, maybe, or what is so special about using polynomials in such a convoluted way? — Melab±1 &#9742; 15:33, 19 February 2015 (UTC)