Advertisement

Analysis of the Gallant-Lambert-Vanstone Method Based on Efficient Endomorphisms: Elliptic and Hyperelliptic Curves

  • Francesco Sica
  • Mathieu Ciet
  • Jean-Jacques Quisquater
Conference paper
First Online:
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2595)

Abstract

In this work we analyse the GLV method of Gallant, Lambert and Vanstone (CRYPTO 2001) which uses a fast endomorphism Φ with minimal polynomial X 2 +rX +s to compute any multiple kP of a point P of order n lying on an elliptic curve. First we fill in a gap in the proof of the bound of the kernel K vectors of the reduction map f : (i, j) → i+λj (mod n). In particular, we prove the GLV decomposition with explicit constant kP = k1P + k 2 Φ(P), with max Rik 1∣, ∣k 2∣ ⪯ √1 +∣r∣ + sn . Next we improve on this bound and give the best constant in the given examples for the quantity supk,n max ∣k 1∣, ∣k 2∣/√n. Independently Park, Jeong, Kim, and Lim (PKC 2002) have given similar but slightly weaker bounds. Finally we provide the first explicit bounds for the GLV method generalised to hyperelliptic curves as described in Park, Jeong and Lim (EUROCRYPT 2002).

Keywords

Elliptic curve cryptography fast performance efficientlycomputable endomorphisms algebraic number fields 
Download to read the full conference paper text

References

  1. 1.
    I. Blake, G. Seroussi, and N. Smart. Elliptic Curves in Cryptography, volume 265 of London Mathematical Society. Cambridge University Press, 2000.Google Scholar
  2. 2.
    H. Cohen. A Course in Computational Algebraic Number Theory, volume 138 of Graduate Texts in Mathematics. Springer, 1996.Google Scholar
  3. 3.
    H. Daudé, P. Flajolet, and B. Vallée. An Average-case Analysis of the Gaussian Algorithm for Lattice Reduction. Technical Report 2798, INRIA, February 1996.Google Scholar
  4. 4.
    H. Davenport. Multiplicative Number Theory, volume 74 of Graduate Texts in Mathematics. Springer Verlag, 1980.Google Scholar
  5. 5.
    R. P. Gallant, J. L. Lambert, and S. A. Vanstone. Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms. In J. Kilian, editor, Advances in Cryptology-Proceedings of CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 190–200. Springer, 2001.Google Scholar
  6. 6.
    D. M. Gordon. A Survey of Fast Exponentiation Methods. Journal of Algorithms, 27(1):129–146, 1998.zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    D. Kim and S. Lim. Integer Decomposition for Fast Scalar Multiplication on Elliptic Curves. In Howard Heys and Kaisa Nyberg, editors, Selected Areas in Cryptography, 9th Annual International Workshop, SAC 2002, Lecture Notes in Computer Science. Springer, 2002. (this volume).Google Scholar
  8. 8.
    K. Koblitz. Elliptic Curve Cryptosystems. Mathematics of Computation, 48(177):203–209, 1987.zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    D. Kohel. Endomorphism Rings of Elliptic Curves over Finite Fields. PhD thesis, UC Berkeley, 1996.Google Scholar
  10. 10.
    T. Lange. Efficient Arithmetic on Hyperelliptic Koblitz Curves. PhD thesis, University of Essen, 2001.Google Scholar
  11. 11.
    A. K. Lenstra, H. W. Lenstra Jr., and L. Lovász. Factoring polynomials with rational coefficients. Mathematische Ann., 261:513–534, 1982.Google Scholar
  12. 12.
    A.J. Menezes. Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, 1995.Google Scholar
  13. 13.
    V. Miller. Use of Elliptic Curves in Cryptography. In A. M. Odlyzko, editor, Advances in Cryptology-Proceedings of CRYPTO 1986, volume 263 of Lecture Notes in Computer Science, pages 417–426. Springer, 1986.Google Scholar
  14. 14.
    V. Müller. Efficient Point Multiplication for Elliptic Curves over Special Optimal Extension Fields. In Walter de Gruyter, editor, Public-Key Cryptography and Computational Number Theory, pages 197–207, Warschau, Poland, September 11–15, 2000 (2001).Google Scholar
  15. 15.
    Y-H. Park, S. Jeong, C. Kim, and J. Lim. An Alternate Decomposition of an Integer for Faster Point Multiplication on Certain Elliptic Curves. In D. Naccache and P. Paillier, editors, Advances in Cryptology-Proceedings of PKC 2002, volume 2274 of Lecture Notes in Computer Science, pages 323–334. Springer, 2002.Google Scholar
  16. 16.
    Y-H. Park, S. Jeong, and J. Lim. Speeding Up Point Multiplication on Hyperelliptic Curves with Efficiently-computable Endomorphisms. In L. Knudsen, editor, Advances in Cryptology-Proceedings of EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 197–208. Springer, 2002.Google Scholar
  17. 17.
    J. A. Solinas. An Improved Algorithm for Arithmetic on a Family of Elliptic Curves. In Burton S. Kaliski Jr., editor, Advances in Cryptology-Proceedings of CRYPTO 1997, volume 1294 of Lecture Notes in Computer Science, pages 357–371. Springer, 1997.Google Scholar
  18. 18.
    E. Waterhouse. Abelian varieties over finite fields. Ann. Sci. École Norm. Sup., 2:521–560, 1969.zbMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Francesco Sica
    • 1
  • Mathieu Ciet
    • 1
  • Jean-Jacques Quisquater
    • 1
  1. 1.UCL Crypto GroupLouvain-la-NeuveBelgium

Personalised recommendations

Cite paper