Journal of Cryptology

, Volume 30, Issue 2, pp 572–600 | Cite as

Jacobian Coordinates on Genus 2 Curves

Article
  • 307 Downloads

Abstract

This paper presents a new projective coordinate system and new explicit algorithms which together boost the speed of arithmetic in the divisor class group of genus 2 curves. The proposed formulas generalize the use of Jacobian coordinates on elliptic curves, and their application improves the speed of performing cryptographic scalar multiplications in Jacobians of genus 2 curves over prime fields by an approximate factor of 1.25x. For example, on a single core of an Intel Core i7-3770 (Ivy Bridge), we show that replacing the previous best formulas with our new set improves the cost of generic scalar multiplications from 239,000 to 192,000 cycles and drops the cost of specialized GLV-style scalar multiplications from 155,000 to 123,000 cycles.

Keywords

Genus 2 Hyperelliptic curves Explicit formulas  Jacobian coordinates Scalar multiplication 

Notes

Acknowledgments

We thank Joppe Bos, Michael Naehrig, Benjamin Smith, and Osmanbey Uzunkol for their useful comments on an early draft of this work. We also thank the anonymous Asiacrypt 2014 referees for their valuable comments, and Patrick Longa for independently benchmarking our code on different processors.

References

  1. 1.
    R. M. Avanzi, A note on the signed sliding window integer recoding and a left-to-right analogue, in H. Handschuh and M. A. Hasan, editors, Selected Areas in Cryptography, volume 3357 of Lecture Notes in Computer Science (Springer, 2004), pp. 130–143Google Scholar
  2. 2.
    R. Barbulescu, P. Gaudry, A. Joux, and E. Thomé. A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic, in P. Q. Nguyen and E. Oswald, editors, EUROCRYPT, volume 8441 of Lecture Notes in Computer Science (Springer, 2014), pp. 1–16Google Scholar
  3. 3.
    D. J. Bernstein, C. Chuengsatiansup, T. Lange, and P. Schwabe. Kummer strikes back: New DH speed records., in P. Sarkar and T. Iwata, editors, Proceedings, Part I on Advances in Cryptology—ASIACRYPT 2014—20th International Conference on the Theory and Application of Cryptology and Information Security, 7–11 December, 2014, Kaoshiung, Taiwan, R.O.C., volume 8873 of Lecture Notes in Computer Science (Springer, 2014) pp. 317–337Google Scholar
  4. 4.
    D. J. Bernstein and T. Lange. Faster addition and doubling on elliptic curves, in ASIACRYPT 2007, volume 4833 of LNCS (Springer, 2007), pp. 29–50Google Scholar
  5. 5.
    D. J. Bernstein and T. Lange (2014). Explicit-formulas database, accessed 2 January 2014. http://www.hyperelliptic.org/EFD/
  6. 6.
    D. J. Bernstein and T. Lange. eBACS: ECRYPT Benchmarking of Cryptographic Systems, accessed 28 September, 2013. http://bench.cr.yp.to
  7. 7.
    G. Bisson, R. Cosset, and D. Robert. AVIsogenies—a library for computing isogenies between abelian varieties, November 2012. http://avisogenies.gforge.inria.fr
  8. 8.
    J. W. Bos, C. Costello, H. Hisil, and K. Lauter. Fast cryptography in genus 2, in T. Johansson and P. Q. Nguyen, editors, EUROCRYPT, volume 7881 of Lecture Notes in Computer Science (Springer, 2013), pp. 194–210. full version available at: http://eprint.iacr.org/2012/670
  9. 9.
    W. Bosma, J. Cannon, and C. Playoust. The Magma algebra system. I. The user language. J. Symb. Comput. 24(34), 235–265 (1997). [Computational algebra and number theory (London, 1993)]Google Scholar
  10. 10.
    E. Brier and M. Joye. Weierstraß elliptic curves and side-channel attacks, in Public Key Cryptography (Springer, 2002), pp. 335–345Google Scholar
  11. 11.
    D. V. Chudnovsky and G. V. Chudnovsky. Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. Appl. Math. 7(4), 385–434 (1986)Google Scholar
  12. 12.
    C. Costello and K. Lauter. Group law computations on Jacobians of hyperelliptic curves, in A. Miri and S. Vaudenay, editors, Selected Areas in Cryptography, volume 7118 of Lecture Notes in Computer Science (Springer, 2011), pp. 92–117Google Scholar
  13. 13.
    O. Diao and M. Joye. Unified addition formulæ for hyperelliptic curve cryptosystems, in 3rd Workshop on Mathematical Cryptology (WMC 2012) and 3rd International Conference on Symbolic Computation and Cryptography (SCC 2012) (2012), pp. 45–50Google Scholar
  14. 14.
    S. Erickson, T. Ho, and S. Zemedkun. Explicit projective formulas for real hyperelliptic curves of genus 2. Adv. Math. Commun. (2014) (To appear)Google Scholar
  15. 15.
    X. Fan and G. Gong. Efficient explicit formulae for genus 2 hyperelliptic curves over prime fields and their implementations, in C. Adams, A. Miri, and M. Wiener, editors, Selected Areas in Cryptography, volume 4876 of Lecture Notes in Computer Science (Springer, Berlin, Heidelberg, 2007), pp. 155–172Google Scholar
  16. 16.
    A. Faz-Hernández, P. Longa, and A. H. Sanchez. Efficient and secure algorithms for GLV-based scalar multiplication and their implementation on GLV-GLS curves, in J. Benaloh, editor, CT-RSA, volume 8366 of Lecture Notes in Computer Science (Springer, 2014), pp. 1–27Google Scholar
  17. 17.
    S. D. Galbraith, M. Harrison, and D. J. Mireles Morales. Efficient hyperelliptic arithmetic using balanced representation for divisors, in A. J. van der Poorten and A. Stein, editors, ANTS, volume 5011 of Lecture Notes in Computer Science (Springer, 2008), pp. 342–356Google Scholar
  18. 18.
    S. D. Galbraith, J. Pujolàs, C. Ritzenthaler, and B. A. Smith. Distortion maps for supersingular genus two curves. J. Math. Cryptol. 3(1), 1–18 (2009)Google Scholar
  19. 19.
    R. P. Gallant, R. J. Lambert, and S. A. Vanstone. Faster point multiplication on elliptic curves with efficient endomorphisms, in J. Kilian, editor, CRYPTO, volume 2139 of Lecture Notes in Computer Science (Springer, 2001), pp. 190–200Google Scholar
  20. 20.
    P. Gaudry. Fast genus 2 arithmetic based on Theta functions. J. Math. Cryptol. JMC 1(3), 243–265 (2007)Google Scholar
  21. 21.
    P. Gaudry, D. R. Kohel, and B. A. Smith. Counting points on genus 2 curves with real multiplication, in D. H. Lee and X. Wang, editors, ASIACRYPT, volume 7073 of Lecture Notes in Computer Science (Springer, 2011), pp. 504–519Google Scholar
  22. 22.
    P. Gaudry and E. Schost. Genus 2 point counting over prime fields. J. Symb. Comput. 47(4), 368–400 (2012)Google Scholar
  23. 23.
    R. R. Goundar, M. Joye, A. Miyaji, M. Rivain, and A. Venelli. Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic. J. Cryptogr. Eng. 1(2), 161–176 (2011)Google Scholar
  24. 24.
    M. Hamburg. Fast and compact elliptic-curve cryptography. Cryptology ePrint Archive, Report 2012/309 (2012). http://eprint.iacr.org/
  25. 25.
    H. Hisil. Elliptic curves, group law, and efficient computation. PhD thesis, Queensland University of Technology (2010)Google Scholar
  26. 26.
    N. Koblitz. Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)Google Scholar
  27. 27.
    N. Koblitz. Hyperelliptic cryptosystems. J. Cryptol. 1(3), 139–150 (1989)Google Scholar
  28. 28.
    V. Kovtun and S. Kavun. Co-Z divisor addition formulae in Jacobian of genus 2 hyperelliptic curves over prime fields. Cryptology ePrint Archive, Report 2010/498 (2010). http://eprint.iacr.org/
  29. 29.
    T. Lange. Formulae for arithmetic on genus 2 hyperelliptic curves. Appl. Algebra Eng. Commun. Comput. 15(5), 295–328 (2005)Google Scholar
  30. 30.
    P. Longa and A. Miri. New composite operations and precomputation scheme for elliptic curve cryptosystems over prime fields, in R. Cramer, editor, Public Key Cryptography PKC 2008, volume 4939 of Lecture Notes in Computer Science (Springer, Berlin, Heidelberg, 2008), pp. 189–201Google Scholar
  31. 31.
    D. Lubicz and D. Robert. A generalisation of Miller’s algorithm and applications to pairing computations on abelian varieties. Cryptology ePrint Archive, Report 2013/192 (2013). http://eprint.iacr.org/
  32. 32.
    N. Meloni. New point addition formulae for ECC applications, in C. Carlet and B. Sunar, editors, WAIFI, volume 4547 of Lecture Notes in Computer Science (Springer, 2007), pp. 189–201Google Scholar
  33. 33.
    V. S. Miller. Use of elliptic curves in cryptography, in H. C. Williams, editor, CRYPTO, volume 218 of Lecture Notes in Computer Science (Springer, 1985), pp. 417–426Google Scholar
  34. 34.
    P. L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)Google Scholar
  35. 35.
    A.-M. Spallek. Kurven vom geschlecht 2 und ihre anwendung in public-key-kryptosystemen. PhD thesis, Universität Essen. Institut für Experimentelle Mathematik (1994)Google Scholar

Copyright information

© International Association for Cryptologic Research 2016

Authors and Affiliations

  1. 1.Yasar UniversityIzmirTurkey
  2. 2.Microsoft ResearchRedmondUSA

Personalised recommendations