A Note on the Computation of the Modular Inverse for Cryptography

Abstract

In literature, there are a number of cryptographic algorithms (RSA, ElGamal, NTRU, etc.) that require multiple computations of modulo multiplicative inverses. In this paper, we describe the modulo operation and we recollect the main approaches to computing the modulus. Then, given a and n positive integers, we present the sequence (zj)j≥0, where zj=zj−1+aβj−n, a<n and GCD(a,n)=1. Regarding the above sequence, we show that it is bounded and admits a simple explicit, periodic solution. The main result is that the inverse of a modulo n is given by a−1=⌊im⌋+1 with m=n/a. The computational cost of such an index i is O(a), which is less than O(nlnn) of the Euler’s phi function. Furthermore, we suggest an algorithm for the computation of a−1 using plain multiplications instead of modular multiplications. The latter, still, has complexity O(a) versus complexity O(n) (naive algorithm) or complexity O(lnn) (extended Euclidean algorithm). Therefore, the above procedure is more convenient when a<<n (e.g., a<lnn).