Complexity of computation in Finite Fields

Efficient implementation of arithmetic in finite fields is of primary importance for cryptography, coding theory, digital signal processing etc. (see, for example [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]). In this survey we consider only Boolean circuits for arithmetic operations in finite fields. Another term: bit-parallel circuits. Boolean circuits for multiplication and inversion in finite fields are implemented physically on chips and are tailored for particular applications. These circuits are usually called multipliers and invertors. In practice the main interest lies in fields of characteristic two, but some fields of odd characteristic are also involved. In the last case elements of a field are coded by binary strings. Boolean circuits are composed from Boolean two-input cells (or gates) AND, NAND, OR, NOR, XOR, XNOR, connected by wires. Depth of a given circuit is the length of the longest directed path, connecting primary input and output of the circuit. Complexity of a given circuit (in other words, size of a circuit) is the number of cells in it. This notion is very close to the notion of bit complexity of computation (program). All necessary definitions may be found in [11, 12, 13]. Minimization of the depth and the complexity of circuits is one of the central and practically important problems in the complexity theory. In practice, are often exploited so-called circuits with memory (i.e. finite automata). Numerous papers deal with finite fields arithmetic implementation on such circuits. This subject needs in special review and does not included in the survey. In some theoretical papers on computer arithmetic Turing machines are used as a computational model. They function via reading and overriding an information stored on a tape by a reading head (i.e. as an automaton). Various types of Turing machines are known: multitape, pointer, with memory etc. As far as this concept is mainly of theoretic interest, it is also omitted in the review.