Efficient Elliptic Curve Exponentiation Using Mixed Coordinates

  • Henri Cohen
  • Atsuko Miyaji
  • Takatoshi Ono
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1514)


Elliptic curve cryptosystems, proposed by Koblitz ([12]) and Miller ([16]), can be constructed over a smaller field of definition than the ElGamal cryptosystems ([6]) or the RSA cryptosystems ([20]). This is why elliptic curve cryptosystems have begun to attract notice. In this paper, we investigate efficient elliptic curve exponentiation. We propose a new coordinate system and a new mixed coordinates strategy, which significantly improves on the number of basic operations needed for elliptic curve exponentiation.

key words

elliptic curve exponentiation coordinate system 


  1. 1.
    D. V. Chudnovsky and G. V. Chudnovsky “Sequences of numbers generated by addition in formal groups and new primality and factorization tests„ Advances In Applied Math., 7 (1986), 385–434.zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    H. Cohen, “A course in computational algebraic number theory„, Graduate Texts in Math. 138, Springer-Verlag, 1993, Third corrected printing, 1996.Google Scholar
  3. 3.
    H. Cohen, A. Miyaji and T. Ono, “Efficient elliptic curve exponentiation„, Advances in Cryptology-Proceedings of ICICS’97, Lecture Notes in Computer Science, 1334 (1997), Springer-Verlag, 282–290.Google Scholar
  4. 4.
    G. Frey and H. G. Rück, “A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves„, Mathematics of computation, 62(1994), 865–874.zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    “Proposed federal information processing standard for digital signature standard (DSS)„, Federal Register, 56 No. 169, 30 Aug 1991, 42980–42982.Google Scholar
  6. 6.
    T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms„, IEEE Trans. Inform. Theory, IT-31 (1985), 469–472.CrossRefMathSciNetGoogle Scholar
  7. 7.
    Torbjorn Granlund, The GNU MP LIBRARY, version 2.0.2, June 1996.
  8. 8.
    Jorge Guajardo and Christof Paar “Efficient algorithms for elliptic curve cryptosystems„, Advances in Cryptology-Proceedings of Crypto’97, Lecture Notes in Computer Science, 1294 (1997), Springer-Verlag, 342–356.CrossRefGoogle Scholar
  9. 9.
    G. Harper, A. Menezes and S. Vanstone, “Public-key cryptosystems with very small key lengths„, Advances in Cryptology-Proceedings of Eurocrypt’92, Lecture Notes in Computer Science, 658 (1993), Springer-Verlag, 163–173.Google Scholar
  10. 10.
    IEEE P1363 Working Draft, June 16, 1998.Google Scholar
  11. 11.
    D. E. Knuth, The art of computer programming, vol. 2, Seminumerical Algorithms, 2nd ed., Addison-Wesley, Reading, Mass. 1981.zbMATHGoogle Scholar
  12. 12.
    N. Koblitz, “Elliptic curve cryptosystems„, Mathematics of Computation, 48 (1987), 203–209.zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    N. Koblitz, “CM-curves with good cryptographic properties„, Advances in Cryptology-Proceedings of CRYPTO’91, Lecture Notes in Computer Science, 576 (1992), Springer-Verlag, 279–287.Google Scholar
  14. 14.
    K. Koyama and Y. Tsuruoka, “Speeding up elliptic cryptosystems by using a signed binary window method„, Advances in Cryptology-Proceedings of Crypto’92, Lecture Notes in Computer Science, 740 (1993), Springer-Verlag, 345–357.Google Scholar
  15. 15.
    A. Menezes, T. Okamoto and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field„, Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing (1991), 80–89.Google Scholar
  16. 16.
    V. S. Miller, “Use of elliptic curves in cryptography„, Advances in Cryptology-Proceedings of Crypto’85, Lecture Notes in Computer Science, 218 (1986), Springer-Verlag, 417–426.CrossRefGoogle Scholar
  17. 17.
    F. Morain and J. Olivos, “Speeding up the computations on an elliptic curve using addition-subtraction chains„, Theoretical Informatics and Applications 24 No.6 (1990), 531–544.zbMATHMathSciNetGoogle Scholar
  18. 18.
    S. C. Pohlig and M. E. Hellman, “An improved algorithm for computing logarithms over GF(p) and its cryptographic significance„, IEEE Trans. Inf. Theory, IT-24 (1978), 106–110.CrossRefMathSciNetGoogle Scholar
  19. 19.
    J. Pollard, “Monte Carlo methods for index computation (mod p)„, Mathematics of Computation, 32 (1978), 918–924.zbMATHCrossRefMathSciNetGoogle Scholar
  20. 20.
    R. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems„, Communications of the ACM, 21 No. 2 (1978), 120–126.zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    T. Satoh and K. Araki “Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves„, Commentarii Math. Univ. St. Pauli., vol. 47 (1998), 81–92.zbMATHMathSciNetGoogle Scholar
  22. 22.
    R. Schroeppel, H. Orman, S. O’Malley and O. Spatscheck, “Fast key exchange with elliptic curve systems„, Advances in Cryptology-Proceedings of Crypto’95, Lecture Notes in Computer Science, 963 (1995), Springer-Verlag, 43–56.Google Scholar
  23. 23.
    I. A. Semaev “Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p„, Mathematics of computation, 67 (1998), 353–356.zbMATHCrossRefMathSciNetGoogle Scholar
  24. 24.
    J. H. Silverman, The Arithmetic of Elliptic Curves, GTM 106, Springer-Verlag, New York, 1986.Google Scholar
  25. 25.
    N. P. Smart “The discrete logarithm problem on elliptic curves of trace one„, to appear in J. Cryptology.Google Scholar
  26. 26.
    Jerome A. Solinas “An improved algorithm for arithmetic on a family of elliptic curves„, Advances in Cryptology-Proceedings of Crypto’97, Lecture Notes in Computer Science, 1294 (1997), Springer-Verlag, 357–371.CrossRefGoogle Scholar
  27. 27.
    E. D. Win, A. Bosselaers and S. Vandenberghe “A fast software implementation for arithmetic operations in GF(2n)„, Advances in Cryptology-Proceedings of Asiacrypt’95, Lecture Notes in Computer Science, 1163 (1996), Springer-Verlag, 65–76.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Henri Cohen
    • 1
  • Atsuko Miyaji
    • 2
  • Takatoshi Ono
    • 3
  1. 1.Laboratoire A2XUniversit“é Bordeaux IUSA
  2. 2.Multimedia Development CenterMatsushita Electric Industrial Co., Ltd.USA
  3. 3.Matsushita Information Systems Research Laboratory Nagoya Co., Ltd.USA

Personalised recommendations