Skip to main content
  • Research Article
  • Open access
  • Published:

Modular Inverse Algorithms Without Multiplications for Cryptographic Applications


Hardware and algorithmic optimization techniques are presented to the left-shift, right-shift, and the traditional Euclidean-modular inverse algorithms. Theoretical arguments and extensive simulations determined the resulting expected running time. On many computational platforms these turn out to be the fastest known algorithms for moderate operand lengths. They are based on variants of Euclidean-type extended GCD algorithms. On the considered computational platforms for operand lengths used in cryptography, the fastest presented modular inverse algorithms need about twice the time of modular multiplications, or even less. Consequently, in elliptic curve cryptography delaying modular divisions is slower (affine coordinates are the best) and the RSA and ElGamal cryptosystems can be accelerated.

[1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22]


  1. Joye M, Paillier P: GCD-free algorithms for computing modular inverses. Proceedings of 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '03), September 2003, Cologne, Germany, Lecture Notes in Computer Science 2779: 243-253.

    Google Scholar 

  2. Schönhage A, Strassen V: Schnelle Multiplikation großer Zahlen. Computing 1971, 7: 281-292. 10.1007/BF02242355

    Article  MATH  Google Scholar 

  3. GNU Multiple Precision Arithmetic Library manual,

  4. Hankerson DR, Menezes AJ, Vanstone SA: Guide to Elliptic Curve Cryptography. Springer, New York, NY, USA; 2004.

    MATH  Google Scholar 

  5. Menezes AJ, van Oorschot PC, Vanstone SA: Handbook of Applied Cryptography. CRC Press, Boca Raton, Fla, USA; 1996.

    Book  Google Scholar 

  6. Hars L: Fast truncated multiplication and its applications in cryptography. Proceedings of 7th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '05), August 2005, Edinburgh, Scotland

    Google Scholar 

  7. Shantz SC: From Euclid's GCD to Montgomery multiplication to the great divide. In Tech. Rep. TR-2001-95. Sun Microsystems Laboratories, Santa Clara, Calif, USA; 2001.

    Google Scholar 

  8. Jedwab J, Mitchell CJ: Minimum weight modified signed-digit representations and fast exponentiation. Electronics Letters 1989,25(17):1171-1172. 10.1049/el:19890785

    Article  MATH  Google Scholar 

  9. Cohen H, Miyaji A, Ono T: Efficient elliptic curve exponentiation using mixed coordinates. In Proceedings of International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology (ASIACRYPT '98), October 1998, Beijing, China, Lecture Notes in Computer Science Edited by: Ohta K, Pei D. 1514: 51-65.

    Google Scholar 

  10. Ercegovac MD, Lang T: Digital Arithmetic. Morgan Kaufmann, San Francisco, Calif, USA; 2004. chapter 2

    Google Scholar 

  11. Hars L: Long modular multiplication for cryptographic applications. Proceedings of 6th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '04), August 2004, Cambridge, Mass, USA, Lecture Notes in Computer Science 3156: 44-61.

    Google Scholar 

  12. Knuth DE: The Art of Computer Programming, Volume 2: Seminumerical Algorithms. 3rd edition. Addison-Wesley, Reading, Mass, USA; 1997.

    Google Scholar 

  13. Stein J: Computational problems associated with Racah algebra. Journal of Computational Physics 1967,1(3):397-405. 10.1016/0021-9991(67)90047-2

    Article  MATH  Google Scholar 

  14. Brent RP, Kung HT: Systolic VLSI arrays for linear-time GCD computation. In Proceedings of International Conference on Very Large Scale Integration (VLSI' 83), August 1983, Trondheim, Norway Edited by: Anceau V, Aas EJ. 145-154.

    Google Scholar 

  15. Kaliski BS Jr.: The Montgomery inverse and its applications. IEEE Transactions on Computers 1995,44(8):1064-1065. 10.1109/12.403725

    Article  MATH  Google Scholar 

  16. Savaş E, Koç ÇK: The Montgomery modular inverse-revisited. IEEE Transactions on Computers 2000,49(7):763-766. 10.1109/12.863048

    Article  Google Scholar 

  17. Lórencz R: New algorithm for classical modular inverse. Proceedings of 4th International Workshop on Cryptographic Hardware and Embedded Systems (CHES '02), August 2002, Redwood Shores, Calif, USA, Lecture Notes in Computer Science 2523: 57-70.

    Google Scholar 

  18. Jebelean T: Comparing several GCD algorithms. Proceedings of 11th IEEE Symposium on Computer Arithmetic (ARITH-11 '93), June-July 1993, Windsor, Ontario, Canada 180-185.

    Chapter  Google Scholar 

  19. Vallée B: Complete Analysis of the Binary GCD Algorithm. 1998,

  20. Schroeppel R, Orman H, O'Malley S: Fast key exchange with elliptic curve systems. In Tech. Rep. 95-03. Department of Computer Science, The University of Arizona, Tucson, Ariz, USA; 1995.

    Google Scholar 

  21. Jebelean T: A double-digit Lehmer-Euclid algorithm for finding the GCD of long integers. Journal of Symbolic Computation 1995,19(1–3):145-157. Technical report version also available 10.1006/jsco.1995.1009

    Article  MathSciNet  MATH  Google Scholar 

  22. Weber K: The accelerated integer GCD algorithm. ACM Transactions on Mathematical Software 1995,21(1):111-122. 10.1145/200979.201042

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Laszlo Hars.

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License ( ), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and permissions

About this article

Cite this article

Hars, L. Modular Inverse Algorithms Without Multiplications for Cryptographic Applications. J Embedded Systems 2006, 032192 (2006).

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: