Abstract
This paper gives a comprehensive analysis of Montgomery powering ladder. Initially developed for fast scalar multiplication on elliptic curves, we extend the scope of Montgomery ladder to any exponentiation in an abelian group. Computationally, the Montgomery ladder has the triple advantage of presenting a Lucas chain structure, of being parallelized, and of sharing a common operand. Furthermore, contrary to the classical binary algorithms, it behaves very regularly, which makes it naturally protected against a large variety of implementation attacks.
Supported in part by the Ministry of Education of the Republic of China under contract EX-91-E-FA06-4-4.
Chapter PDF
References
IEEE Std 1363-2000. IEEE Standard Specifications for Public-Key Cryptography. IEEE Computer Society, August 29, 2000.
G.B. Agnew, R.C. Mullin, and S.A. Vanstone. An implementation of elliptic curve cryptosystems over F2155. IEEE Journal on Selected Areas in Communications, 11(5):804–813, June 1993.
Éric Brier and Marc Joye. Weierstra\ elliptic curves and side-channel attacks. In D. Naccache and P. Paillier, editors, Public Key Cryptography, volume 2274 of Lecture Notes in Computer Science, pages 335–345. Springer-Verlag, 2002.
Richard Crandall and Carl Pomerance. Prime Numbers: A Computational Perspective. Springer-Verlag, 2001.
Wieland Fischer, Christophe Giraud, Erik Woodward Knudsen, and Jean-Pierre Seifert. Parallel scalar multiplication on general elliptic curves over Fp hedged against non-differential side-channel attacks. Report 2002/007, Cryptology ePrint Archive, January 2002.
Daniel M. Gordon. A survey of fast exponentiation methods. Journal of Algorithms, 27:129–146, 1998.
Tetsuya Izu and Tsuyoshi Takagi. A fast parallel elliptic curve multiplication resistant against side channel attacks. In D. Naccache and P. Paillier, editors, Public Key Cryptography, volume 2274 of Lecture Notes in Computer Science, pages 280–296. Springer-Verlag, 2002.
Marc Joye and Jean-Jacques Quisquater. Efficient computation of full Lucas sequences. Electronics Letters, 32(6):537–538, March 1996.
Marc Joye, Jean-Jacques Quisquater, Sung-Ming Yen, and Moti Yung. Observability analysis: Detecting when improved cryptosystems fail. In B. Preneel, editor, Topics in Cryptology-CT-RSA 2002, volume 2271 of Lecture Notes in Computer Science, pages 17–29. Springer-Verlag, 2002.
Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In M. Wiener, editor, Advances in Cryptology-CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer-Verlag, 1999.
Paul C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology-CRYPTO’96, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer-Verlag, 1996.
Julio López and Ricardo Dahab. Fast multiplication on elliptic curves over GF(2m) without precomputation. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems, volume 1717 of Lecture Notes in Computer Science, pages 316–327. Springer-Verlag, 1999.
Thomas S. Messerges, Ezzy A. Dabbish, and Robert H. Sloan. Power analysis attacks of modular exponentiation in smartcards. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems (CHES’ 99), volume 1717 of Lecture Notes in Computer Science, pages 144–157. Springer-Verlag, 1999.
Atsuko Miyaji, Takatoshi Ono, and Henri Cohen. Efficient elliptic curve exponentiation. In Y. Han, T. Okamoto, and S. Qing, editors, Information and Communications Security (ICICS’ 97), volume 1334 of Lecture Notes in Computer Science, pages 282–290. Springer-Verlag, 1997.
Peter L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation, 48(177):243–264, January 1987.
Peter L. Montgomery. Evaluating recurrences of form Xm+n = f(Xm,Xn,Xm-n) via Lucas chains. Unpublished manuscript, January 1992.
Katsuyuki Okeya, Hiroyuki Kurumatani, and Kouichi Sakurai. Elliptic curves with the Montgomery form and their cryptographic applications. In H. Imai and Y. Zheng, editors, Public Key Cryptography, volume 1751 of Lecture Notes in Computer Science, pages 238–257. Springer-Verlag, 2000.
Katsuyuki Okeya and Kouichi Sakurai. Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomeryform elliptic curve. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 126–141. Springer-Verlag, 2001.
P. Smith. Cryptography without exponentiation. Dr. Dobb’s Journal, (4):26–30, April 1994.
Peter J. Smith and Michael J.J. Lennon. LUC: A new public key system. In E.G. Douglas, editor, Ninth IFIP Symposium on Computer Security, pages 103–117. Elsevier Science Publishers, 1993.
Tzong-Chen Wu and Yuh-Shihng Chang. Improved generalisation of commonmultiplicand algorithm of Yen and Laih. Electronics Letters, 31(20):1738–1739, September 1995.
Sung-Ming Yen. Improved common-multiplicand multiplication and fast exponentiation by exponent decomposition. IEICE Trans. Fundamentals, E80-A(6):1160–1163, June 1997.
Sung-Ming Yen and Marc Joye. Checking before output may not be enough against fault-based cryptanalysis. IEEE Trans. on Computers, 49(9):967–970, September 2000.
Sung-Ming Yen, Seung-Joo Kim, Seon-Gan Lim, and Sang-Jae Moon. A countermeasure against one physical cryptanalysis may benefit another attack. In K. Kim, editor, Information Security and Cryptology-ICISC 2001, volume 2288 of Lecture Notes in Computer Science, pages 414–427. Springer-Verlag, 2002.
Sung-Ming Yen and Chi-Sung Laih. Common-multiplicand multiplication and its application to public-key cryptography. Electronics Letters, 29(17):1583–1584, August 1993.
Sung-Ming Yen and Chi-Sung Laih. Fast algorithms for LUC digital signature computation. IEE Proc.-Comput. Digit Tech., 142(2):165–169, March 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Joye, M., Yen, SM. (2003). The Montgomery Powering Ladder. In: Kaliski, B.S., Koç, ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems - CHES 2002. CHES 2002. Lecture Notes in Computer Science, vol 2523. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36400-5_22
Download citation
DOI: https://doi.org/10.1007/3-540-36400-5_22
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00409-7
Online ISBN: 978-3-540-36400-9
eBook Packages: Springer Book Archive