Professional Documents
Culture Documents
Fastexp PDF
Fastexp PDF
n
Note i = (n >> i) &1 in C notation. y = (odd(n) ) ? a : 1; // y = a 0
n' = n / 2;
For notational purposes, let ni = ( i i1 ... 0)2 for
while ( n' > 0 )
i = 0,1, ..., k. i1 i
x = x2 (mod m); // x = a2 x = a2
if (odd(n') )
Integer fastExp( Integer a, Integer n, Integer m) n n
0 y = (y ==1) ? x : yx (mod m); // y = a i1 y = a i
x = a; // x = a2
n n' = n'/ 2;
y = (0 ==1) ? a : 1; // y = a 0 return y;
for ( i = 1, 2, ..., k )
i1 i
x = x2 (mod m); // x = a2 x = a2
if ( i == 1 )
n n
y = (y==1) ? x : yx (mod m); // y = a i1 y = a i
return y;
n n n
Instead of computing a 0, a 1, ..., a k, where ni = ( i k1 ... 0)2, the Each algorithm performs between lg(n) and 2lg(n) modular
m m m multiplications. The exact number is
variation below computes a k, a k1, ..., a 0, where
mi = ( k k1 ... i)2. lg(n) + |{i : 0 i < k, i = 1}|.
It uses one less variable. Note mk = 1, mi = 2mi+1 + i for i = For a random n in [2k,2k+1), we would expect half the i to be 1, so
k1,...,1,0, and m0 = n. the expected number of modular multiplications would be
3/2 lg(n).