PB preference over ONB

In principle there are no restrictions on the kind of basis that is used (polynomial, normal, …). Although more work has to be done on this, we believe that a polynomial basis is most suited because a number of the advantages of (optimal) normal basis disappear when r > 1.

[Erik De Win, Antoon Bosselaers, Servaas Vandenberghe, Peter De Gersem, Joos Vandewalle, “A Fast Software Implementation for Arithmetic Operations in GF(2^n)“, Katholieke Universiteit Leuven, Belgium]

Advertisements