On Modular Decomposition of Integers
At Crypto 2001, Gallant et al. showed how to exploit fast endomorphisms on some specific classes of elliptic curves to obtain fast scalar multiplication. The GLV method works by decomposing scalars into two small portions using multiplications, divisions, and rounding operations in the rationals. We present a new simple method based on the extended Euclidean algorithm that uses notably different operations than that of traditional decomposition. We obtain strict bounds on each component. Additionally, we examine the use of random decompositions, useful for key generation or cryptosystems requiring ephemeral keys. Specifically, we provide a complete description of the probability distribution of random decompositions and give bounds for each component in such a way that ensures a concrete level of entropy. This is the first analysis on distribution of random decompositions in GLV allowing the derivation of the entropy and thus an answer to the question first posed by Gallant in 1999.
Keywordselliptic curve cryptography GLV method integer decompositions
Unable to display preview. Download preview PDF.
- 4.Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. In: Advances in cryptology—EUROCRYPT 2009. LNCS, Springer, Heidelberg (2009) (to appear)Google Scholar
- 5.Gallant, R.: Faster elliptic curve cryptography using efficient endomorphisms. In: 3rd workshop on Elliptic Curve Cryptography—ECC 1999 (1999) (presentation slides)Google Scholar
- 6.SECG: Recommended elliptic curve domain parameters. Standards for Efficient Cryptography SEC 2 (September 20, 2000)Google Scholar
- 7.ANSI: Public key cryptography for the financial services industry: Key agreement and key transport using elliptical curve cryptography (2001) ANSI X9.63Google Scholar
- 18.Cohen, H., Frey, G. (eds.): Handbook of elliptic and hyperelliptic curve cryptography. CRC Press, Boca Raton (2005)Google Scholar
- 19.IEEE: IEEE P1363 working group for public-key cryptography standards. meeting minutes (November 15, 2000), http://grouper.ieee.org/groups/1363/WorkingGroup/minutes/Nov00.txt