Advertisement

Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms

  • Robert P. Gallant
  • Robert J. Lambert
  • Scott A. Vanstone
Conference paper
First Online:
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2139)

Abstract

The fundamental operation in elliptic curve cryptographic schemes is the multiplication of an elliptic curve point by an integer. This paper describes a new method for accelerating this operation on classes of elliptic curves that have efficiently-computable endomorphisms. One advantage of the new method is that it is applicable to a larger class of curves than previous such methods. For this special class of curves, a speedup of up to 50% can be expected over the best general methods for point multiplication.

Keywords

Point Multiplication Elliptic Curve Elliptic Curf Point Doubling Discrete Logarithm Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full conference paper text

References

  1. 1.
    L. Babai, “On Lovász’ Lattice Reduction and the Nearest Lattice Point Problem”, Combinatorica 6 (1986), 1–13zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    D. Bailey and C. Paar, “Optimal extension fields for fast arithmetic in public-key algorithms”, Advances in Cryptology-Crypto’ 98, 1998, 472–485.Google Scholar
  3. 3.
    D. Bleichenbacher, “On the generation of DSA one-time keys”, preprint, November 2000.Google Scholar
  4. 4.
    D. Chudnovsky and G. Chudnovsky, “Sequences of numbers generated by addition in formal groups and new primality and factoring tests”, Advances in Applied Mathematics, 7 (1987), 385–434.CrossRefMathSciNetGoogle Scholar
  5. 5.
    H. Cohen, A Course in Computational Algebraic Number Theory, Springer-Verlag, 3rd printing, 1996.Google Scholar
  6. 6.
    H. Cohen, A. Miyaji and T. Ono, “Efficient elliptic curve exponentiation using mixed coordinates”, Advances in Cryptology-Asiacrypt’ 98, 1998, 51–65.Google Scholar
  7. 7.
    D. Cox, Primes of the Form x 2 + ny2. Fermat, Class Field Theory and Complex Multiplication, Wiley, 1989.Google Scholar
  8. 8.
    G. Frey and H. Rück, “A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves”, Mathematics of Computation, 62 (1994), 865–874.zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    R. Gallant, R. Lambert and S. Vanstone, “Improving the parallelized Pollard lambda search on anomalous binary curves”, Mathematics of Computation, 69 (2000), 1699–1705.zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    D. Gollmann, Y. Han and C. Mitchell, “Redundant integer representations and fast exponentiation”, Designs, Codes and Cryptography, 7 (1996), 135–151.zbMATHMathSciNetGoogle Scholar
  11. 11.
    D. Gordon, “A survey of fast exponentiation methods”, Journal of Algorithms, 27 (1998), 129–146.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    D. Hankerson, J. Hernandez and A. Menezes, “Software implementation of elliptic curve cryptography over binary fields”, Proceedings of CHES 2000, LNCS 1965 (2000), 1–24.Google Scholar
  13. 13.
    N. Koblitz, “CM-curves with good cryptographic properties”, Advances in Cryptology-Crypto’ 91, 1992, 279–287.Google Scholar
  14. 14.
    N. Koblitz, “An elliptic curve implementation of the finite field digital signature algorithm”, Advances in Cryptology-Crypto’ 98, 1998, 327–337.Google Scholar
  15. 15.
    C. Lim and P. Lee, “More flexible exponentiation with precomputation”, Advances in Cryptology-Crypto’ 94, 1994, 95–107.Google Scholar
  16. 16.
    A. Menezes, T. Okamoto and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field”, IEEE Transactions on Information Theory, 39 (1993), 1639–1646.zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    A. Menezes, P. van Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.Google Scholar
  18. 18.
    A. Miyaji, T. Ono and H. Cohen, “Efficient elliptic curve exponentiation”, Proceedings of ICICS’ 97, 1997, 282–290.Google Scholar
  19. 19.
    F. Morain and J. Olivos, “Speeding up the computations on an elliptic curve using addition-subtraction chains”, Informatique Théorique et Applications, 24 (1990), 531–544.zbMATHMathSciNetGoogle Scholar
  20. 20.
    V. Müller, “Fast multiplication in elliptic curves over small fields of characteristic two”, Journal of Cryptology, 1 (1998), 219–234.Google Scholar
  21. 21.
    P. van Oorschot and M. Wiener, “Parallel collision search with cryptanalytic applications”, Journal of Cryptology, 12 (1999), 1–28.zbMATHCrossRefGoogle Scholar
  22. 22.
    S. Pohlig and M. Hellman, “An improved algorithm for computing logarithms over GF(p) and its cryptographic significance”, IEEE Transactions on Information Theory, 24 (1978), 106–110.zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    J. Pollard, “Monte Carlo methods for index computation mod p”, Mathematics of Computation, 32 (1978), 918–924.zbMATHCrossRefMathSciNetGoogle Scholar
  24. 24.
    J. Proos, personal communication, March 2000.Google Scholar
  25. 25.
    T. Satoh and K. Araki, “Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves”, Commentarii Mathematici Universitatis Sancti Pauli, 47 (1998), 81–92.zbMATHMathSciNetGoogle Scholar
  26. 26.
    I. Semaev, ”Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p“, Mathematics of Computation, 67 (1998), 353–356.zbMATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    J. Silverman, The Arithmetic of Elliptic Curves, Springer-Verlag, 1986.Google Scholar
  28. 28.
    N. Smart, “The discrete logarithm problem on elliptic curves of trace one”, Journal of Cryptology, 12 (1999), 193–196.zbMATHCrossRefMathSciNetGoogle Scholar
  29. 29.
    N. Smart, “Elliptic curve cryptosystems over small fields of odd characteristic”, Journal of Cryptology, 12 (1999), 141–151.zbMATHCrossRefMathSciNetGoogle Scholar
  30. 30.
    J. Solinas, “An improved algorithm for arithmetic on a family of elliptic curves”, Advances in Cryptology-Crypto’ 97, 1997, 357–371.Google Scholar
  31. 31.
    J. Solinas, “Generalized Mersenne numbers”, Technical Report CORR 99-39, Dept. of C&O, University of Waterloo, 1999.Google Scholar
  32. 32.
    J. Solinas, “Efficient arithmetic on Koblitz curves”, Designs, Codes and Cryptography, 19 (2000), 195–249.zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    WAP WTLS, Wireless Application Protocol Wireless Transport Layer Security Specification, Wireless Application Protocol Forum, February 1999. Drafts available at http://www.wapforum.org
  34. 34.
    M. Wiener and R. Zuccherato, “Faster attacks on elliptic curve cryptosystems”, Selected Areas in Cryptography, LNCS 1556 (1999), 190–200.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Robert P. Gallant
    • 1
  • Robert J. Lambert
    • 2
  • Scott A. Vanstone
    • 1
    • 2
  1. 1.Certicom ResearchCanada
  2. 2.University of WaterlooCanada

Personalised recommendations

Cite paper