Skip to main content


Modular Inverse Algorithms Without Multiplications for Cryptographic Applications


Hardware and algorithmic optimization techniques are presented to the left-shift, right-shift, and the traditional Euclidean-modular inverse algorithms. Theoretical arguments and extensive simulations determined the resulting expected running time. On many computational platforms these turn out to be the fastest known algorithms for moderate operand lengths. They are based on variants of Euclidean-type extended GCD algorithms. On the considered computational platforms for operand lengths used in cryptography, the fastest presented modular inverse algorithms need about twice the time of modular multiplications, or even less. Consequently, in elliptic curve cryptography delaying modular divisions is slower (affine coordinates are the best) and the RSA and ElGamal cryptosystems can be accelerated.

[1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22]


  1. 1.

    Joye M, Paillier P: GCD-free algorithms for computing modular inverses. Proceedings of 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '03), September 2003, Cologne, Germany, Lecture Notes in Computer Science 2779: 243-253.

  2. 2.

    Schönhage A, Strassen V: Schnelle Multiplikation großer Zahlen. Computing 1971, 7: 281-292. 10.1007/BF02242355

  3. 3.

    GNU Multiple Precision Arithmetic Library manual,

  4. 4.

    Hankerson DR, Menezes AJ, Vanstone SA: Guide to Elliptic Curve Cryptography. Springer, New York, NY, USA; 2004.

  5. 5.

    Menezes AJ, van Oorschot PC, Vanstone SA: Handbook of Applied Cryptography. CRC Press, Boca Raton, Fla, USA; 1996.

  6. 6.

    Hars L: Fast truncated multiplication and its applications in cryptography. Proceedings of 7th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '05), August 2005, Edinburgh, Scotland

  7. 7.

    Shantz SC: From Euclid's GCD to Montgomery multiplication to the great divide. In Tech. Rep. TR-2001-95. Sun Microsystems Laboratories, Santa Clara, Calif, USA; 2001.

  8. 8.

    Jedwab J, Mitchell CJ: Minimum weight modified signed-digit representations and fast exponentiation. Electronics Letters 1989,25(17):1171-1172. 10.1049/el:19890785

  9. 9.

    Cohen H, Miyaji A, Ono T: Efficient elliptic curve exponentiation using mixed coordinates. In Proceedings of International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology (ASIACRYPT '98), October 1998, Beijing, China, Lecture Notes in Computer Science Edited by: Ohta K, Pei D. 1514: 51-65.

  10. 10.

    Ercegovac MD, Lang T: Digital Arithmetic. Morgan Kaufmann, San Francisco, Calif, USA; 2004. chapter 2

  11. 11.

    Hars L: Long modular multiplication for cryptographic applications. Proceedings of 6th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '04), August 2004, Cambridge, Mass, USA, Lecture Notes in Computer Science 3156: 44-61.

  12. 12.

    Knuth DE: The Art of Computer Programming, Volume 2: Seminumerical Algorithms. 3rd edition. Addison-Wesley, Reading, Mass, USA; 1997.

  13. 13.

    Stein J: Computational problems associated with Racah algebra. Journal of Computational Physics 1967,1(3):397-405. 10.1016/0021-9991(67)90047-2

  14. 14.

    Brent RP, Kung HT: Systolic VLSI arrays for linear-time GCD computation. In Proceedings of International Conference on Very Large Scale Integration (VLSI' 83), August 1983, Trondheim, Norway Edited by: Anceau V, Aas EJ. 145-154.

  15. 15.

    Kaliski BS Jr.: The Montgomery inverse and its applications. IEEE Transactions on Computers 1995,44(8):1064-1065. 10.1109/12.403725

  16. 16.

    Savaş E, Koç ÇK: The Montgomery modular inverse-revisited. IEEE Transactions on Computers 2000,49(7):763-766. 10.1109/12.863048

  17. 17.

    Lórencz R: New algorithm for classical modular inverse. Proceedings of 4th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '02), August 2002, Redwood Shores, Calif, USA, Lecture Notes in Computer Science 2523: 57-70.

  18. 18.

    Jebelean T: Comparing several GCD algorithms. Proceedings of 11th IEEE Symposium on Computer Arithmetic (ARITH-11 '93), June-July 1993, Windsor, Ontario, Canada 180-185.

  19. 19.

    Vallée B: Complete Analysis of the Binary GCD Algorithm. 1998,

  20. 20.

    Schroeppel R, Orman H, O'Malley S: Fast key exchange with elliptic curve systems. In Tech. Rep. 95-03. Department of Computer Science, The University of Arizona, Tucson, Ariz, USA; 1995.

  21. 21.

    Jebelean T: A double-digit Lehmer-Euclid algorithm for finding the GCD of long integers. Journal of Symbolic Computation 1995,19(1–3):145-157. Technical report version also available 10.1006/jsco.1995.1009

  22. 22.

    Weber K: The accelerated integer GCD algorithm. ACM Transactions on Mathematical Software 1995,21(1):111-122. 10.1145/200979.201042

Download references

Author information

Correspondence to Laszlo Hars.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Hars, L. Modular Inverse Algorithms Without Multiplications for Cryptographic Applications. J Embedded Systems 2006, 032192 (2006).

Download citation


  • Algorithmic Optimization
  • Optimization Technique
  • Control Structure
  • Elliptic Curve
  • Theoretical Argument