Lines Matching +refs:ps +refs:first +refs:page
92 perhaps explains it better. I am the first to admit there is not anything that special with what I have done. Perhaps
133 This text is for people who stop and wonder when first examining algorithms such as RSA for the first time and asks
149 At the time of writing this, I've still not met Tom or Mads in meatspace. I've been following Tom's progress since his first splash on the
260 example, the Handbook of Applied Cryptography (\textit{HAC}), algorithm 14.7 on page 594, gives a relatively simple
406 Problems at the first level are meant to be simple questions that the reader can answer quickly without programming a solution or
411 Problems at the third level are meant to be a bit more difficult than the first two levels. The answer is often
531 That is, to implement the lowest level dependencies first and work towards the most abstract functions last. For example,
549 \includegraphics{pics/design_process.ps}
626 first starting at the location indexed by zero\footnote{In C all arrays begin at zero.} in the array. For example,
665 functions and make sense of them. For example, the first function would read ``multiply a and b and store in c''.
723 Given the basic mp\_int structure an initialization routine must first allocate memory to hold the digits of
771 Allocating a block of digits at first instead of a single digit has the benefit of lowering the number of usually slow
798 Here we see (line 24) the memory allocation is performed first. This allows us to exit cleanly and quickly
927 A quick optimization is to first determine if a memory re-allocation is required at all. The if statement (line 24) checks
934 function leaves the base of the allocation intact which means the first \textbf{alloc} digits of the mp\_int are the same as before
987 The number of digits $b$ requested is padded (line 24) by first augmenting it to the next multiple of
1049 though, with no final carry into the last position. However, suppose the destination had to be first expanded
1166 If $b$ does not have enough room for the digits of $a$ it must first have its precision augmented via the mp\_grow
1192 of the mp\_ints $a$ and $b$ respectively. These aliases (lines 43 and 46) allow the compiler to access the digits without first dereferencing the
1200 \textbf{Remarks.} The use of pointer aliases is an implementation methodology first introduced in this function that will
1224 The first reason is that most compilers will not effectively optimize pointer arithmetic. For example, some optimizations
1230 The second reason is that pointer aliases often can make an algorithm simpler to read. Consider the first ``for''
1360 This fairly trivial algorithm first eliminates non--required duplications (line 28) and then sets the
1504 The first comparision routine that will be developed is the unsigned magnitude compare which will perform a comparison based on the digits of two
1544 \textbf{MP\_GT} and similar with respect to when $a = b$ and $a < b$. The first two steps compare the number of digits used in both $a$ and $b$.
1589 The first two steps compare the signs of the two inputs. If the signs do not agree then it can return right away with the appropriate
1650 trailing digits first and propagate the resulting carry upwards. Since this is a lower level algorithm the name will have a ``s\_'' prefix.
1701 The first thing that has to be accomplished is to sort out which of the two inputs is the largest. The addition logic
1702 will simply add all of the smallest input to the largest input and store that first part of the result in the
1705 The first two steps will handle sorting the inputs such that $min$ and $max$ hold the digit counts of the two
1710 At this point the first addition loop will go through as many digit positions that both inputs have. The carry
1730 We first sort (lines 28 to 36) the inputs based on magnitude and determine the $min$ and $max$ variables.
1812 the third bit which will be set to zero after the borrow. After the very first bit has been subtracted $4 - 1 \equiv 0011_2$ will remain, When the
1837 The first subtraction loop (lines 47 through 61) subtract digits from both inputs until the smaller of
1923 produce a result of $-0$. However, since the sign is set first then the unsigned addition is performed the subsequent usage of algorithm mp\_clamp
1996 Similar to the case of algorithm mp\_add the \textbf{sign} is set first before the unsigned addition or subtraction. That is to prevent the
2190 \includegraphics{pics/sliding_window.ps}
2330 The shifting is performed in--place which means the first step (line 25) is to copy the input to the
2377 mp\_mul\_2d by first using whole digit shifts then single precision shifts. This algorithm will also produce the remainder of the division
2441 We first avoid cases of $b \le 0$ by simply mp\_zero()'ing the destination in such cases. Next if $2^b$ is larger
2562 The first thing this algorithm checks for is whether a Comba multiplier can be used instead. If the minimum digit count of either
2610 First we determine (line 31) if the Comba method can be used first since it's faster. The conditions for
2647 after the nested loop to reduce the amount of work requiored. Succintly the first step of the algorithm is to compute
2674 At this point the vector $x = \left < 10, 34, 45, 31, 6 \right >$ is the result of the first step of the Comba multipler.
2808 As per the pseudo--code we first calculate $pa$ (line 48) as the number of digits to output. Next we begin the outer loop
2886 At first it may seem like a good idea to choose $n = 1000$ since the exponent is approximately $1.1$. However, the overhead
2920 Karatsuba \cite{KARA} multiplication when originally proposed in 1962 was among the first set of algorithms to break the $O(n^2)$ barrier for
2941 By adding the first and last equation to the equation in the middle the term $w_1$ can be isolated and all three coefficients solved for. The simplicity
3021 The first algebraic portion of the algorithm is to split the two inputs into their halves. However, instead of using mp\_mod\_2d and mp\_rshd
3023 \textbf{sign} members are copied first. The first for loop on line 96 copies the lower halves. Since they are both the same magnitude it
3084 Continued on the next page.\\
3128 The two inputs $a$ and $b$ are first split into three $k$-digit integers $a_0, a_1, a_2$ and $b_0, b_1, b_2$ respectively. From these smaller
3131 The first two relations $w_0$ and $w_4$ are the points $\zeta_{0}$ and $\zeta_{\infty}$ respectively. The relation $w_1, w_2$ and $w_3$ correspond
3150 The first obvious thing to note is that this algorithm is complicated. The complexity is worth it if you are multiplying very
3160 we get those out of the way first (lines 73 and 78). Next we compute $w1, w2$ and $w3$ using Horners method.
3218 Squaring is a special case of multiplication where both multiplicands are equal. At first it may seem like there is no significant optimization
3242 represent the number being squared. The first observation is that in row $k$ the $2k$'th column of the product has a $\left (x_k \right)^2$ term in it.
3248 The third and final observation is that for row $k$ the first unique non-square term, that is, one that hasn't already appeared in an earlier row,
3250 Column two of row one is a square and column three is the first unique column.
3331 The first obvious solution is to make an array of mp\_words which will hold all of the columns. This will indeed eliminate all of the carry
3480 as the radix point. The first two squares in steps 6 and 7 are rather straightforward while the last square is of a more compact form.
3640 to fixed point first by multiplying by $2^q$. Let $a = 9(2^q)$ represent the fixed point representation of $9$ and $b = 5(2^q)$ represent the
3700 ``might as well be zero'' they might as well not be there in the first place. Let $q_0 = \lfloor a/\beta^{m-1} \rfloor$ represent the input
3713 $0 \le a - b \cdot \lfloor (q_0 \cdot \mu) / \beta^{m+1} \rfloor < 3b$. By first subtracting $b$ times the quotient and then conditionally subtracting
3731 After the first multiplication inside the quotient ($q_0 \cdot \mu$) the value is shifted right by $m + 1$ places effectively nullifying the lower
3825 The first multiplication that determines the quotient can be performed by only producing the digits from $m - 1$ and up. This essentially halves
4014 The value $\mu n \beta^t$ is a multiple of the modulus $n$ meaning that it will not change the residue. If the first digit of
4045 The final result $900$ is then divided by $\beta^k$ to produce the final result $9$. The first observation is that $9 \nequiv x \mbox{ (mod }n\mbox{)}$
4214 The $\hat W$ array is first filled with digits of $x$ on line 48 then the rest of the digits are zeroed on line 55. Both loops share
4453 The first step is to grow $x$ as required to $2m$ digits since the reduction is performed in place on $x$. The label on line 52 is where
4455 the modulus and question of whether $x$ is large enough are invariant after the first pass meaning that it would be a waste of time.
4521 in the mp\_int. Step 2 tests all but the first digit to see if they are equal to $\beta - 1$. If the algorithm manages to get to
4625 one digit than it will always be of the correct form. Otherwise all of the bits above the first digit must be one. This arises from the fact
4626 that there will be value of $k$ that when added to the modulus causes a carry in the first digit which propagates all the way to the most
4784 The first algorithm in the series of exponentiation algorithms will be an unbounded algorithm where the exponent is a single digit. It is intended
4817 A copy of $a$ is made first to allow destination variable $c$ be the same as the source variable $a$. The result is set to the initial value of
4820 Inside the loop the exponent is read from the most significant bit first down to the least significant bit. First $c$ is invariably squared
4833 the most significant down towards the least significant. The invariant squaring operation placed on line 33 is performed first. After
4960 Consider the exponent $b = 111101011001000_2 \equiv 31432_{10}$ with $k = 3$ using both algorithms. The first algorithm will divide the exponent up as
4963 a single squaring took place instead of a squaring and multiplication. In total the first method requires $10$ multiplications and $18$
4971 $d \equiv a^b \mbox{ (mod }c\mbox{)}$ is a modular exponentiation. Instead of first computing $a^b$ and then reducing it
4977 Before the actual modular exponentiation algorithm can be written a wrapper algorithm must be written first. This algorithm
5007 The first algorithm which actually performs modular exponentiation is algorithm s\_mp\_exptmod. It is a sliding window $k$-ary algorithm
5019 In order to keep the algorithms in a known state the first step on line 29 is to reject any negative modulus as input. If the exponent is
5081 Continued on next page. \\
5140 The first two steps determine the optimal window size based on the number of bits in the exponent. The larger the exponent the
5144 After the table is allocated the first power of $g$ is found. Since $g \ge p$ is allowed it must be first reduced modulo $p$ to make
5145 the rest of the algorithm more efficient. The first element of the table at $2^{winsize - 1}$ is found by squaring $M_1$ successively $winsize - 2$
5153 $1$ then there would be $lg(\beta) - 1$ zero bits before the first non-zero bit. In this case bits are ignored until a non-zero bit is found.
5168 All of step 12 is the window processing loop. It will iterate while there are digits available form the exponent to read. The first step
5177 algorithm from having to perform trivial squaring and reduction operations before the first non-zero bit is read. Step 12.6 and 12.7-10 handle
5182 \includegraphics{pics/expt_state.ps}
5248 The first section describes a method of integer division with remainder that is universally well known. It provides the signed division logic
5288 To find the first digit of the quotient the value of $k$ must be maximized such that $kx\beta^t$ is less than or equal to $y$ and
5314 The first obvious case is when $\hat k = \beta - 1$ in which case the proof is concluded since the real quotient cannot be larger. For all other
5392 Continued on the next page. \\
5455 After the first two trivial cases of inputs are handled the variable $q$ is setup to receive the digits of the quotient. Two unsigned copies of the
5461 $2\beta - {2 \over \beta}$ which means that a digit of the quotient must be first produced by another means. In this case $y$ is shifted
5508 Throughout the variables $n$ and $t$ will represent the highest digit of $x$ and $y$ respectively. These are first used to produce the
5721 that the numerator of ${f(x) \over f'(x)}$ can be derived from a partial denominator. That is at first the denominator is calculated by finding
5765 This algorithm produces a pseudo-random integer of $b$ digits. By ensuring that the first digit is non-zero the algorithm also guarantees that the
5783 printable characters. For example, when the character ``N'' is read it represents the integer $23$. The first $16$ characters of the
5992 However, instead of factoring $b - a$ to find a suitable value of $p$ the powers of $p$ can be removed from $a$ and $b$ that are in common first.
6026 This algorithm is based on the first except it removes powers of $p$ first and inside the main loop to ensure the tuple $\left < a, b \right >$
6027 decreases more rapidly. The first loop on step two removes powers of $p$ that are in common. A count, $k$, is kept which will present a common
6083 The first two steps handle the cases where either one of or both inputs are zero. If either input is zero the greatest common divisor is the
6112 must be divided out of the two inputs. The block starting at line 44 removes common factors of two by first counting the number of trailing
6162 To explain the Jacobi Symbol we shall first discuss the Legendre function\footnote{Arrg. What is the name of this?} off which the Jacobi symbol is
6483 array \_\_prime\_tab is an array of the first \textbf{PRIME\_SIZE} prime numbers.
6575 value must be equal to $-1$. The squarings are stopped as soon as $-1$ is observed. If the value of $1$ is observed first it means that