Jacobian Coordinates on Genus 2 Curves

  • Huseyin Hisil
  • Craig Costello
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8873)

Abstract

This paper presents a new projective coordinate system and new explicit algorithms which together boost the speed of arithmetic in the divisor class group of genus 2 curves. The proposed formulas generalise the use of Jacobian coordinates on elliptic curves, and their application improves the speed of performing cryptographic scalar multiplications in Jacobians of genus 2 curves over prime fields by an approximate factor of 1.25x. For example, on a single core of an Intel Core i7-3770M (Ivy Bridge), we show that replacing the previous best formulas with our new set improves the cost of generic scalar multiplications from 243,000 to 195,000 cycles, and drops the cost of specialised GLV-style scalar multiplications from 166,000 to 129,000 cycles.

Keywords

Genus 2 hyperelliptic curves explicit formulas Jacobian coordinates scalar multiplication 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Avanzi, R.M.: A note on the signed sliding window integer recoding and a left-to-right analogue. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 130–143. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 1–16. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  3. 3.
    Bernstein, D.J., Chuengsatiansup, C., Lange, T., Schwabe, P.: Kummer strikes back: new DH speed records. IACR Cryptology ePrint Archive, 2014:134 (2014)Google Scholar
  4. 4.
    Bernstein, D.J., Lange, T.: Explicit-formulas database, http://www.hyperelliptic.org/EFD/ (accessed January 2, 2014)
  5. 5.
    Bernstein, D.J., Lange, T.: eBACS: ECRYPT Benchmarking of Cryptographic Systems, http://bench.cr.yp.to (accessed September 28, 2013)
  6. 6.
    Bisson, G., Cosset, R., Robert, D.: AVIsogenies – a library for computing isogenies between abelian varieties (November 2012), http://avisogenies.gforge.inria.fr
  7. 7.
    Bos, J.W., Costello, C., Hisil, H., Lauter, K.: Fast cryptography in genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 194–210. Springer, Heidelberg (2013), full version available at: http://eprint.iacr.org/2012/670 CrossRefGoogle Scholar
  8. 8.
    Bosma, W., Cannon, J., Playoust, C.: The Magma algebra system. I. The user language. J. Symbolic Comput. 24(3-4), 235–265 (1997) Computational algebra and number theory, London (1993)Google Scholar
  9. 9.
    Costello, C., Lauter, K.: Group law computations on jacobians of hyperelliptic curves. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 92–117. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Erickson, S., Ho, T., Zemedkun, S.: Explicit projective formulas for real hyperelliptic curves of genus 2. Advances for Mathematics of Communications (to appear, 2014)Google Scholar
  11. 11.
    Fan, X., Gong, G.: Efficient explicit formulae for genus 2 hyperelliptic curves over prime fields and their implementations. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 155–172. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Faz-Hernández, A., Longa, P., Sánchez, A.H.: Efficient and secure algorithms for GLV-based scalar multiplication and their implementation on GLV-GLS curves. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 1–27. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  13. 13.
    Galbraith, S.D., Harrison, M., Mireles Morales, D.J.: Efficient hyperelliptic arithmetic using balanced representation for divisors. In: van der Poorten, A.J., Stein, A. (eds.) ANTS-VIII 2008. LNCS, vol. 5011, pp. 342–356. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Galbraith, S.D., Pujolàs, J., Ritzenthaler, C., Smith, B.A.: Distortion maps for supersingular genus two curves. J. Mathematical Cryptology 3(1), 1–18 (2009)CrossRefMATHGoogle Scholar
  15. 15.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Gaudry, P.: Fast genus 2 arithmetic based on Theta functions. Journal of Mathematical Cryptology, JMC 1(3), 243–265 (2007)MATHMathSciNetGoogle Scholar
  17. 17.
    Gaudry, P., Kohel, D.R., Smith, B.A.: Counting points on genus 2 curves with real multiplication. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 504–519. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Gaudry, P., Schost, E.: Genus 2 point counting over prime fields. J. Symb. Comput. 47(4), 368–400 (2012)CrossRefMATHMathSciNetGoogle Scholar
  19. 19.
    Goundar, R.R., Joye, M., Miyaji, A., Rivain, M., Venelli, A.: Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic. J. Cryptographic Engineering 1(2), 161–176 (2011)CrossRefGoogle Scholar
  20. 20.
    Hamburg, M.: Fast and compact elliptic-curve cryptography. Cryptology ePrint Archive, Report 2012/309 (2012), http://eprint.iacr.org/
  21. 21.
    Hisil, H., Costello, C.: Jacobian coordinates on genus 2 curves. IACR Cryptology ePrint Archive, 2014:385 (2014)Google Scholar
  22. 22.
    Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)CrossRefMATHMathSciNetGoogle Scholar
  23. 23.
    Koblitz, N.: Hyperelliptic cryptosystems. Journal of Cryptology 1(3), 139–150 (1989)CrossRefMATHMathSciNetGoogle Scholar
  24. 24.
    Kovtun, V., Kavun, S.: Co-Z divisor addition formulae in Jacobian of genus 2 hyperelliptic curves over prime fields. Cryptology ePrint Archive, Report 2010/498 (2010), http://eprint.iacr.org/
  25. 25.
    Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves. Appl. Algebra Eng. Commun. Comput. 15(5), 295–328 (2005)CrossRefMATHGoogle Scholar
  26. 26.
    Longa, P., Miri, A.: New composite operations and precomputation scheme for elliptic curve cryptosystems over prime fields. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 229–247. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Lubicz, D., Robert, D.: A generalisation of Miller’s algorithm and applications to pairing computations on abelian varieties. Cryptology ePrint Archive, Report 2013/192 (2013), http://eprint.iacr.org/
  28. 28.
    Meloni, N.: New point addition formulae for ECC applications. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 189–201. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  29. 29.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  30. 30.
    Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)CrossRefMATHMathSciNetGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  • Huseyin Hisil
    • 1
  • Craig Costello
    • 2
  1. 1.Yasar UniversityIzmirTurkey
  2. 2.Microsoft ResearchRedmondUSA

Personalised recommendations