Abstract
This papers introduces several binary scalar multiplication algorithms with applications to cryptography. Remarkably, the proposed algorithms regularly repeat the same pattern when evaluating a scalar multiplication in an (additively written) abelian group. Furthermore, they are generic and feature the following properties:
-
no dummy operation is involved;
-
no precomputation nor prior recoding is needed;
-
a small number of temporary registers / code memory is required;
-
the scalar is processed right-to-left.
As a result, they are particularly well fitted for implementing cryptosystems in constrained devices, in an efficient yet secure way.
Keywords
References
Agnew, G.B., Mullin, R.C., Vanstone, S.A.: An implementation of elliptic curve cryptosystems over \({\mathbb F}_{2^{155}}\). IEEE Journal on Selected Areas in Communications 11(5), 804–813 (1993)
Bailey, D., Paar, C.: Optimal extension fields for fast arithmetic in public-key algorithms. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 472–485. Springer, Heidelberg (1998)
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (1999)
Blake, I.F., Seroussi, G., Smart, N.P.: Advances in elliptic curve cryptography. London Mathematical Society Lecture Note Series, vol. 317. Cambridge University Press, Cambridge (2005)
Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)
Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the NIST elliptic curves over prime fields. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 250–265. Springer, Heidelberg (2001)
Ciet, M., Joye, M., Lauter, K., Montgomery, P.L.: Trading inversions for multiplications in elliptic curve cryptography. Designs, Codes and Cryptography 39(2), 189–206 (2006)
Cohen, H.: A course in computational algebraic number theory. In: Graduate Texts in Mathematics, vol. 138, Springer, Heidelberg (1993)
Cohen, H., Frey, G. (eds.): Handbook of elliptic and hyperelliptic curve cryptography. Chapman & Hall/CRC (2006)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)
De Win, E., Mister, S., Preneel, B., Wiener, M.J.: On the performance of signature schemes based on elliptic curves. In: Buhler, J.P. (ed.) Algorithmic Number Theory. LNCS, vol. 1423, pp. 252–266. Springer, Heidelberg (1998)
Durand, A.: Efficient ways to implement elliptic curve exponentiation on a smart card. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 357–365. Springer, Heidelberg (2000)
Eisenträger, K., Lauter, K., Montgomery, P.L.: Fast elliptic curve arithmetic and improved Weil pairing evaluation. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 343–354. Springer, Heidelberg (2003)
Fong, K., Hankerson, D., López, J., Menezes, A.: Field inversion and point halving revisited, Tech. Report CORR 2003-18, CACR, University of Waterloo (2003)
Fouque, P.-A., Valette, F.: The doubling attack − why upwards is better than downwards. In: D.Walter, C., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003)
Gaubatz, G., Savaş, E., Sunar, B.: Sequential circuit design for embedded cryptographic applications resilient to adversarial faults. IEEE Transactions on Computers (to appear)
Giraud, C.: Fault resistant RSA implementation. In: Second Workshop on Fault Detection and Tolerance in Cryptography (Edinburgh, UK) September 2, pp. 142–151 (2005)
Gordon, D.M.: A survey of fast exponentiation methods. Journal of Algorithms 27(1), 129–146 (1998)
Guajardo, J., Paar, C.: Efficient algorithms for elliptic curve cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 342–356. Springer, Heidelberg (1997)
Hankerson, D., López, J., Menezes, A.: Software implementation of elliptic curve cryptography over binary fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–24. Springer, Heidelberg (2000)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to elliptic curve cryptography. Springer, Heidelberg (2004)
Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 129–143. Springer, Heidelberg (2003)
Itoh, K., Izu, T., Takenaka, M.: Efficient countermeasures against power analysis for elliptic curve cryptosystems. In: Quisquater, J.-J. (ed.) Smart Card Research and Advanced Applications, vol. VI, pp. 99–113. Kluwer Academic Publishers, Dordrecht (2004)
Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 280–296. Springer, Heidelberg (2002)
Joye, M., Yen, S.-M.: The Montgomery powering ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)
Kobayashi, T., Morita, H., Kobayashi, K., Hoshino, F.: Fast elliptic curve algorithm combining Frobenius map and table reference to adapt to higher characteristic. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 176–189. Springer, Heidelberg (1999)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Lim, C.H.: A new method for securing elliptic scalar multiplication against side-channel attacks. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 289–300. Springer, Heidelberg (2004)
Lim, C.H., Hwang, H.S.: Fast implementation of elliptic curve arithmetic in GF(p n). In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 405–421. Springer, Heidelberg (2000)
López, J., Dahab, R.: Improved algorithms for elliptic curve arithmetic in GF(2n). In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 201–212. Springer, Heidelberg (1999)
López, J., Dahab, R.: Fast multiplication on elliptic curves over GF(2m) without precomputation. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 316–327. Springer, Heidelberg (1999)
Mamiya, H., Miyaji, A., Morimoto, H.: Efficient countermeasures against RPA, DPA, and SPA. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 343–356. Springer, Heidelberg (2004)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton, USA (1997)
Möller, B.: Securing elliptic curve point multiplication against side-channel attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 324–334. Springer, Heidelberg (2001)
Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)
Nguyen, K.: Curve based cryptography: The state of the art in smart card environments. In: 6th Workshop on Elliptic Curve Cryptography (ECC 2002), Essen, Germany (September 23-25, 2002)
Okeya, K., Kurumatani, H., Sakurai, K.: Elliptic curves with Montgomery form and their cryptographic applications. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 238–257. Springer, Heidelberg (2000)
Okeya, K., Takagi, T.: The width-w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 328–334. Springer, Heidelberg (2003)
Page, D., Vercauteren, F.: Fault and side-channel attacks on pairing based cryptography, Cryptology ePrint Archive, Report 2004/283 (2004), http://eprint.iacr.org/2004/283/
Savaş, E., Koç, Ç.K.: Architectures for unified field inversion with applications in elliptic curve cryptography. In: 9th International Conference on Electronics, Circuits and Systems − ICECS 2002, vol. 3, pp. 1155–1158. IEEE Press, Los Alamitos (2002)
Schroeppel, R., Orman, H., O’Malley, S., Spatschek, O.: Fast key exchange with elliptic curve systems. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 43–56. Springer, Heidelberg (1995)
Smart, N.: A comparison of different finite fields for elliptic curve cryptosystems. Computers and Mathematics with Applications 42, 91–100 (2001)
Stam, M.: On Montgomery-like representations for elliptic curves over GF(2k). In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 240–253. Springer, Heidelberg (2002)
Stam, M.: Speeding up subgroup cryptosystems. Ph.D. thesis, Technische Universiteit Eindhoven, Eindhoven (2003)
Thiérault, N.: SPA resistant left-to-right integer recodings. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 345–358. Springer, Heidelberg (2006)
Walter, C.D.: Sliding windows succumbs to big Mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001)
Yen, S.-M., Joye, M.: Checking before output may not be enough against fault-based cryptanalysis. IEEE Transactions on Computers 49(9), 967–970 (2000)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Joye, M. (2007). Highly Regular Right-to-Left Algorithms for Scalar Multiplication. In: Paillier, P., Verbauwhede, I. (eds) Cryptographic Hardware and Embedded Systems - CHES 2007. CHES 2007. Lecture Notes in Computer Science, vol 4727. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74735-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-74735-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74734-5
Online ISBN: 978-3-540-74735-2
eBook Packages: Computer ScienceComputer Science (R0)