/// <summary>
/// Computes the inverse mod 2.
/// <para>The algorithm is described in <a href="http://www.securityinnovation.com/uploads/Crypto/NTRUTech014.pdf">
/// Almost Inverses and Fast NTRU Key Generation</a>.</para>
/// </summary>
///
/// <returns>Returns <c>null</c> if the polynomial is not invertible.</returns>
private IntegerPolynomial InvertF2()
{
int N = Coeffs.Length;
int k = 0;
IntegerPolynomial b = new IntegerPolynomial(N + 1);
b.Coeffs[0] = 1;
IntegerPolynomial c = new IntegerPolynomial(N + 1);
IntegerPolynomial f = new IntegerPolynomial(Coeffs.CopyOf(N + 1));
f.Mod2();
// set g(x) = x^N − 1
IntegerPolynomial g = new IntegerPolynomial(N + 1);
g.Coeffs[0] = 1;
g.Coeffs[N] = 1;
while (true)
{
while (f.Coeffs[0] == 0)
{
for (int i = 1; i <= N; i++)
{
f.Coeffs[i - 1] = f.Coeffs[i]; // f(x) = f(x) / x
c.Coeffs[N + 1 - i] = c.Coeffs[N - i]; // c(x) = c(x) * x
}
f.Coeffs[N] = 0;
c.Coeffs[0] = 0;
k++;
if (f.EqualsZero())
return null; // not invertible
}
if (f.EqualsOne())
break;
if (f.Degree() < g.Degree())
{
// exchange f and g
IntegerPolynomial temp = f;
f = g;
g = temp;
// exchange b and c
temp = b;
b = c;
c = temp;
}
f.Add(g);
f.Mod2();
b.Add(c);
b.Mod2();
}
if (b.Coeffs[N] != 0)
return null;
// Fq(x) = x^(N-k) * b(x)
IntegerPolynomial Fq = new IntegerPolynomial(N);
int j = 0;
k %= N;
for (int i = N - 1; i >= 0; i--)
{
j = i - k;
if (j < 0)
j += N;
Fq.Coeffs[j] = b.Coeffs[i];
}
return Fq;
}