Skip to main content
SpringerLink
Log in
Book cover

International Algorithmic Number Theory Symposium

ANTS 1998: Algorithmic Number Theory pp 252–266Cite as

On the performance of signature schemes based on elliptic curves

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1423))

Abstract

This paper describes a fast software implementation of the elliptic curve version of DSA, as specified in draft standard documents ANSI X9.62 and IEEE P1363. We did the implementations for the fields GF(2n), using a standard basis, and GF(p). We discuss various design decisions that have to be made for the operations in the underlying field and the operations on elliptic curve points. In particular, we conclude that it is a good idea to use projective coordinates for GF(p), but not for GF(2n). We also extend a number of exponentiation algorithms, that result in considerable speed gains for DSA, to ECDSA, using a signed binary representation. Finally, we present timing results for both types of fields on a PPro-200 based PC, for a C/C++ implementation with small assembly-language optimizations, and make comparisons to other signature algorithms, such as RSA and DSA. We conclude that for practical sizes of fields and moduli, GF(p) is roughly twice as fast as GF(2n). Furthermore, the speed of ECDSA over GF(p) is similar to the speed of DSA; it is approximately 7 times faster than RSA for signing, and 40 times slower than RSA for verification (with public exponent 3).

F.W.O.-Flanders research assistant, sponsored by the Fund for Scientific Research — Flanders. Most of the work presented in this paper was done during an internship with Entrust Technologies in Ottawa, Canada.

F.W.O.-Flanders postdoctoral researcher, sponsored by the Fund for Scientific Research — Flanders.

This is a preview of subscription content, log in via an institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ANSI X9.62-199x: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), June 11, 1997.

    Google Scholar 

  2. A. Atkin and F. Morain, “Elliptic curves and primality proving,” Mathematics of Computation, Vol. 61 (1993), pp. 29–68.

    Article  MATH  MathSciNet  Google Scholar 

  3. P. Barrett, “Implementing the Rivest Shamir and Adleman public key encryption algorithm on a standard digital signal processor,” Advances in Cryptology, Proc. Crypto'86, LNCS 263, A. Odlyzko, Ed., Springer-Verlag, 1987, pp. 311–323.

    Google Scholar 

  4. E. Brickell, D. Gordon, K. McCurley and D. Wilson, “Fast exponentiation with precomputation,” Advances in Cryptology, Proc. Eurocrypt'92, LNCS 658, R.A. Rueppel, Ed., Springer-Verlag, 1993, pp. 200–207.

    Google Scholar 

  5. E. De Win, A. Bosselaers, S. Vandenberghe, P. De Gersem and J. Vandewalle, “A fast software implementation for arithmetic operations in GF(2n),” Advances in Cryptology, Proc. Asiacrypt'96, LNCS 1163, K. Kim and T. Matsumoto, Eds., Springer-Verlag, 1996, pp. 65–76.

    Google Scholar 

  6. D. Gordon, “A survey of fast exponentiation methods,” draft, 1996.

    Google Scholar 

  7. J. Guajardo and C. Paar, “Efficient algorithms for elliptic curve cryptosystems,” Advances in Cryptology, Proc. Crypto'97, LNCS 1294, B. Kaliski, Ed., Springer-Verlag, 1997, pp. 342–356.

    Google Scholar 

  8. G. Harper, A. Menezes and S. Vanstone, “Public key cryptosystems with very small key length,” Advances in Cryptology, Proc. Eurocrypt'92, LNCS 658, R.A. Rueppel, Ed., Springer-Verlag, 1993, pp. 163–173.

    Google Scholar 

  9. IEEE P1363: Editorial Contribution to Standard for Public Key Cryptography, August 18, 1997.

    Google Scholar 

  10. B. Kaliski Jr., “The Montgomery inverse and its applications,” IEEE Transactions on Computers, Vol. 44, no. 8 (1995), pp. 1064–1065.

    Article  MATH  Google Scholar 

  11. D. Knuth, The art of computer programming, Vol. 2, Semi-numerical Algorithms, 2nd Edition, Addison-Wesley, Reading, Mass., 1981.

    Google Scholar 

  12. N. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, no. 177 (1987), pp. 203–209.

    Article  MATH  MathSciNet  Google Scholar 

  13. N. Koblitz, “CM-curves with good cryptographic properties,” Advances in Cryptology, Proc. Crypto'91, LNCS 576, J. Feigenbaum, Ed., Springer-Verlag, 1997, pp. 279–287.

    Google Scholar 

  14. C. KoÇ, “Analysis of sliding window techniques for exponentiation,” Computers Math. Applic., Vol. 30, no. 10 (1995), pp. 17–24.

    Article  MATH  Google Scholar 

  15. K. Koyama and Y. Tsuruoka, “Speeding up elliptic cryptosystems by using a signed binary window method,” Advances in Cryptology, Proc. Crypto'92, LNCS 740, E. Brickell, Ed., Springer-Verlag, 1993, pp. 345–357.

    Google Scholar 

  16. H.W. Lenstra Jr., “Factoring integers with elliptic curves,” Annals of Mathematics, Vol. 126 (1987), pp. 649–673.

    Article  MATH  MathSciNet  Google Scholar 

  17. A. Menezes, Elliptic curve public key cryptosystems, Kluwer Academic Publishers, 1993.

    Google Scholar 

  18. A. Menezes, T. Okamoto and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field,” IEEE Transactions on Information Theory, Vol. 39 (1993), pp. 1639–1646.

    Article  MATH  MathSciNet  Google Scholar 

  19. A. Menezes, P. van Oorschot and S. Vanstone, Handbook of applied cryptography, CRC Press, 1997.

    Google Scholar 

  20. V.S. Miller, “Use of elliptic curves in cryptography,” Advances in Cryptoiogy Proc. Crypto'85, LNCS 218, H.C. Williams, Ed., Springer-Verlag, 1985, pp. 417–426.

    Google Scholar 

  21. A. Miyaji, T. Ono and H. Cohen, “Efficient elliptic curve exponentiation,” Proceedings of ICICS'97, LNCS 1334, Y. Han, T. Okamoto and S. Qing, Eds., Springer-Verlag, 1997, pp. 282–290.

    Google Scholar 

  22. P. Montgomery, “Modular multiplication without trial division,” Mathematics of Computation, Vol. 44 (1985), pp. 519–521.

    Article  MATH  MathSciNet  Google Scholar 

  23. F. Morain and J. Olivos, “Speeding up the computations on an elliptic curve using addition-subtraction chains,” Informatique Théorique et Applications, Vol. 24, pp. 531–543, 1990.

    MATH  MathSciNet  Google Scholar 

  24. R. Mullin, I. Onyszchuk, S. Vanstone and R. Wilson, “Optimal normal bases in GF(p n),” Discrete Applied Mathematics, Vol. 22 (1988/1989), pp. 149–161.

    Article  MathSciNet  Google Scholar 

  25. G. Reitwiesner, “Binary arithmetic,” Advances in Computers, Vol. 1 (1960), pp. 231–308

    MathSciNet  Google Scholar 

  26. R. Schroeppel, H. Orman, S. O'Malley and O. Spatscheck, “Fast key exchange with elliptic curve systems,” Advances in Cryptology, Proc. Crypto'95, LNCS 963, D. Coppersmith, Ed., Springer-Verlag, 1995, pp. 43–56.

    Google Scholar 

  27. N. Smart, “Elliptic Curve Discrete Logarithms,” message to newsgroup sci.math.research. no. 3430BAB8.4878@hplb.hpl.hp.com, Sept. 30 1997.

    Google Scholar 

  28. J. Solinas, “An improved algorithm for arithmetic on a family of elliptic curves,” Advances in Cryptology, Proc. Crypto'97, LNCS 1294, B. Kaliski, Ed., Springer-Verlag, 1997, pp. 357–371.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ESAT/COSIC, Katholieke Universiteit Leuven, K. Mercierlaan 94, 3001, Heverlee, Belgium

    Erik De Win & Bart Preneel

  2. Department of Electrical and Computer Engineering, Queen's University, K7L 3N6, Kingston, Ontario, Canada

    Serge Mister

  3. Entrust Technologies, 750 Heron Road, K1V 1A7, Ottawa, Ontario, Canada

    Michael Wiener

Authors
  1. Erik De Win
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Serge Mister
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Wiener
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Joe P. Buhler

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

De Win, E., Mister, S., Preneel, B., Wiener, M. (1998). On the performance of signature schemes based on elliptic curves. In: Buhler, J.P. (eds) Algorithmic Number Theory. ANTS 1998. Lecture Notes in Computer Science, vol 1423. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054867

Download citation

  • DOI: https://doi.org/10.1007/BFb0054867

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64657-0

  • Online ISBN: 978-3-540-69113-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation