Advertisement

Journal of Cryptographic Engineering

, Volume 9, Issue 1, pp 1–19 | Cite as

Constructing multidimensional differential addition chains and their applications

  • Aaron Hutchinson
  • Koray KarabinaEmail author
Regular Paper

Abstract

We propose new algorithms for constructing multidimensional differential addition chains and for performing multidimensional scalar point multiplication based on these chains. Our algorithms work in any dimension and offer some key efficiency and security features. In particular, our scalar point multiplication algorithm is uniform, it can be parallelized, and differential addition formulas can be deployed. It also allows trading speed for precomputation cost and storage requirements. These key features and our theoretical estimates indicate that this new algorithm may offer some performance advantages over the existing point multiplication algorithms in practice. We also report some experimental results and verify some of our theoretical findings, and a simplistic Magma implementation is provided.

Keywords

Differential addition chains Side-channel resistance Elliptic curves Scalar multiplication Cryptographic algorithms 

Mathematics Subject Classification

94A60 14G50 

Notes

Acknowledgements

The authors would like to thank reviewers for their comments and corrections. Research reported in this paper was supported by the Army Research Office under award number W911NF-17-1-0311. The content is solely the responsibility of the authors and does not necessarily represent the official views of the Army Research Office.

References

  1. 1.
    Antipa, A., Brown, D., Gallant, R., Lambert, R., Struik, R., Vanstone, S.: Accelerated verification of ECDSA signatures. In: Selected Areas in Cryptography, SAC 2005, Lecture Notes in Computer Science, vol. 3897, pp. 307–318 (2005)Google Scholar
  2. 2.
    Azarderakhsh, R., Karabina, K.: A new double point multiplication algorithm and its application to binary elliptic curves with endomorphisms. IEEE Trans. Comput. 63, 2614–2619 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Azarderakhsh, R., Karabina, K.: Efficient algorithms and architectures for double point multiplication on elliptic curves. In: Proceedings of the Third Workshop on Cryptography and Security in Computing Systems—CS2 2016. (2016)Google Scholar
  4. 4.
    Bernstein, D.: Differential Addition Chains. Technical Report (2006). http://cr.yp.to/ecdh/diffchain-20060219.pdf
  5. 5.
    Bernstein, D., Lange, T.: Explicit-formulas database. http://hyperelliptic.org/EFD/
  6. 6.
    Bos, J., Costello, C., Hisil, H., Lauter, K.: High-performance scalar multiplication using 8-dimensional GLV/GLS decomposition. In: Cryptographic Hardware and Embedded Systems—CHES 2013, Lecture Notes in Computer Science, vol. 8086, pp. 331–348 (2013)Google Scholar
  7. 7.
    Brown, D.: Multi-Dimensional Montgomery Ladders for Elliptic Curves. ePrint Archive: Report 2006/220. http://eprint.iacr.org/2006/220
  8. 8.
    Costello, C., Longa, P.: FourQ: Four-dimensional decompositions on a \(Q\)-curve over the Mersenne prime. In: Advances in Cryptology ASIACRYPT 2015, Lecture Notes in Computer Science, vol. 9452, pp. 214–235 (2015)Google Scholar
  9. 9.
    Faz-Hernandez, A., Longa, P., Sanchez, A.: Efficient and secure algorithms for GLV-based scalar multiplication and their implementation on GLV–GLS curves. In: Topics in Cryptology CT-RSA 2014, Lecture Notes in Computer Science, vol. 8366, pp. 1–27 (2014)Google Scholar
  10. 10.
    Feng, M., Zhu, B., Zhao, C., Li, S.: Signed MSB-set comb method for elliptic curve point multiplication. In: Information Security Practice and Experience—ISPEC 2006, Lecture Notes in Computer Science, vol. 3903, pp. 13–24 (2006)Google Scholar
  11. 11.
    Galbraith, D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. J. Cryptol. 24, 446–469 (2011)Google Scholar
  12. 12.
    Gallant, R., Lambert, R., Vanstone, S.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Advances in Cryptology—CRYPTO 2011, LNCS, vol. 2139, pp. 190–200 (2001)Google Scholar
  13. 13.
    Guillevic, A., Ionica, S.: Four-dimensional GLV via the Weil restriction. In: Advances in Cryptology, ASIACRYPT 2013, Lecture Notes in Computer Science, vol. 8269, pp. 79–96 (2013)Google Scholar
  14. 14.
    Hankerson, D., Karabina, K., Menezes, A.: Analyzing the Galbraith–Lin–Scott point multiplication method for elliptic curves over binary fields. IEEE Trans. Comput. 58, 1411–1420 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Hedabou, M., Pinel, P., Beneteau, L.: Countermeasures for preventing comb method against SCA attacks. Inf. Secur. Pract. Exp. ISPEC 2005(3439), 85–96 (2005)zbMATHGoogle Scholar
  16. 16.
    Hisil, H., Wong, K., Carter, G., Dawson, E.: Twisted Edwards curves revisited. In: Advances in Cryptology—ASIACRYPT 2008, Lecture Notes in Computer Science, vol. 5350, pp. 326–343 (2008)Google Scholar
  17. 17.
    Joye, M., Tunstall, M.: Exponent recoding and regular exponentiation algorithms. Lecture Notes in Computer Science, AFRICACRYPT 2009(5580), 334–349 (2009)Google Scholar
  18. 18.
    Lim, C., Lee, P.: More flexible exponentiation with precomputation. In: Advances in Cryptology CRYPTO 94, Lecture Notes in Computer Science, vol. 839, pp. 95–107 (1994)Google Scholar
  19. 19.
    Longa, P., Sica, F.: Four-dimensional Gallant–Lambert–Vanstone scalar multiplication. In: Advances in Cryptology, ASIACRYPT 2012, Lecture Notes in Computer Science, vol. 7658, pp. 718–739 (2012)Google Scholar
  20. 20.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. New York (1996)Google Scholar
  21. 21.
    Möller, B.: Algorithms for multi-exponentiation. In: Selected Areas in Computer Science SAC 2001, LNCS, 2259, pp. 165–180 (2001)Google Scholar
  22. 22.
    Montgomery, P.: Evaluating recurrences of form \({X}_{m+n} = f({X}_m, {X}_n, {X}_{m-n})\) via Lucas chains. https://cr.yp.to/bib/1992/montgomery-lucas.ps (1983)
  23. 23.
    Montgomery, P.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Advances in Cryptology CRYPTO 92, Lecture Notes in Computer Science, vol. 740, pp. 31–53 (1993)Google Scholar
  25. 25.
    Okeya, K., Takagi, T.: The width-w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks. In: Topics in Cryptology—CT-RSA 2003, Lecture Notes in Computer Science, vol. 2612, pp. 328–343 (2003)Google Scholar
  26. 26.
    Rao, S.R.S.: Three dimensional montgomery ladder, differential point tripling on montgomery curves and point quintupling on Weierstrass and Edwards curves. In: Progress in Cryptology AFRICACRYPT 2016, Lecture Notes in Computer Science, vol. 9646, pp. 84–106 (2016)Google Scholar
  27. 27.
    Shoup, V.: Ntl: A Library for doing number theory. http://www.shoup.net/ntl/
  28. 28.
    Stam, M.: Speeding up Subgroup Cryptosystems. PhD Thesis, Technische Universiteit Eindhoven (2003)Google Scholar
  29. 29.
    Zhou, Z., Hu, Z., Xu, M., Song, W.: Efficient 3-dimensional GLV method for faster point multiplication on some GLS elliptic curves. Inf. Process. Lett. 110, 1003–1006 (2010)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  1. 1.Florida Atlantic UniversityBoca RatonUSA

Personalised recommendations