Coprocessor for Koblitz Curves

  • Sujoy Sinha RoyEmail author
  • Ingrid Verbauwhede
Part of the Computer Architecture and Design Methodologies book series (CADM)


Koblitz curves [20] are a special class of elliptic-curves which enable very efficient point multiplications and, therefore, they are attractive for hardware and software implementations. However, these efficiency gains can be exploited only by representing scalars as specific \(\tau \)-adic expansions. Most cryptosystems require the scalar also as an integer (see, e.g., ECDSA [25]). Therefore, cryptosystems utilizing Koblitz curves need both the integer and \(\tau \)-adic representations of the scalar, which results in a need for conversions between the two domains.


  1. 1.
    Adikari J, Dimitrov VS, Järvinen K (2012) A fast hardware architecture for integer to \(\tau \)NAF conversion for koblitz curves. IEEE Trans Comput 61(5):732–737MathSciNetCrossRefGoogle Scholar
  2. 2.
    Al-Daoud E, Mahmod R, Rushdan M, Kilicman A (2002) A new addition formula for elliptic curves over \(GF(2^n)\). IEEE Trans Comput 51(8):972–975MathSciNetCrossRefGoogle Scholar
  3. 3.
    Aranha DF, Dahab R, López J, Oliveira LB (2010) Efficient implementation of elliptic curve cryptography in wireless sensors. Adv Math Commun 4(2):169–187MathSciNetCrossRefGoogle Scholar
  4. 4.
    Azarderakhsh R, Järvinen KU, Mozaffari-Kermani M (2014) Efficient algorithm and architecture for elliptic curve cryptography for extremely constrained secure applications. IEEE Trans Circuits Syst I Regul Pap 61(4):1144–1155CrossRefGoogle Scholar
  5. 5.
    Batina L, Mentens N, Sakiyama K, Preneel B, Verbauwhede I (2006) Low-cost elliptic curve cryptography for wireless sensor networks. In: Security and privacy in ad-hoc and sensor networks — ESAS 2006. Lecture notes in computer science, vol 4357. Springer, Berlin, pp 6–17Google Scholar
  6. 6.
    Bock H, Braun M, Dichtl M, Hess E, Heyszl J, Kargl W, Koroschetz H, Meyer B, Seuschek H (2008) A milestone towards RFID products offering asymmetric authentication based on elliptic curve cryptography. In: Proceedings of the 4th workshop on RFID security — RFIDSec 2008Google Scholar
  7. 7.
    Brumley BB, Järvinen KU (2010) Conversion algorithms and implementations for koblitz curve cryptography. IEEE Trans Comput 59(1):81–92MathSciNetCrossRefGoogle Scholar
  8. 8.
    Coron J-S (1999) Resistance against differential power analysis for elliptic curve cryptosystems. In: Cryptographic hardware and embedded systems — CHES 1999. Lecture notes in computer science, vol 1717. Springer, Berlin, pp 292–302CrossRefGoogle Scholar
  9. 9.
    de Clercq R, Uhsadel L, Van Herrewege A, Verbauwhede I (2014) Ultra low-power implementation of ECC on the ARM cortex-M0+. In: Proceedings of the 51st annual design automation conference, DAC ’14. ACM, New York, NY, USA, pp 112:1–112:6Google Scholar
  10. 10.
    Dimitrov VS, Järvinen KU, Jacobson MJ, Chan WF, Huang Z (2006) FPGA implementation of point multiplication on koblitz curves using kleinian integers. In: Cryptographic hardware and embedded systems, CHES’06. Springer, Berlin, pp 445–459Google Scholar
  11. 11.
    Dimitrov VS, Järvinen KU, Jacobson MJ, Chan WF, Huang Z (2008) Provably sublinear point multiplication on koblitz curves and its hardware implementation. IEEE Trans Comput 57:1469–1481MathSciNetCrossRefGoogle Scholar
  12. 12.
    Fan J, Verbauwhede, I (2012) An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Cryptography and security: from theory to applications. Lecture notes in computer science, vol 6805. Springer, Berlin, pp 265–282CrossRefGoogle Scholar
  13. 13.
    Fouque P-A, Valettem, F (2003) The doubling attack—why upwards is better than downwards. In: Cryptographic hardware and embedded systems — CHES 2003. Lecture notes in computer science, vol 2779. Springer, Berlin, pp 269–280Google Scholar
  14. 14.
    Hankerson D, Menezes AJ, Vanstone S (2003) Guide to elliptic curve cryptography. Springer, New YorkGoogle Scholar
  15. 15.
    Hein D, Wolkerstorfer J, Felber N (2009) ECC is ready for RFID–a proof in silicon. In: Selected areas in cryptography — SAC 2008. Lecture notes in computer science, vol 5381. Springer, Berlin, pp 401–413CrossRefGoogle Scholar
  16. 16.
    Hinterwälder G, Moradi A, Hutter M, Schwabe P, Paar C (2015) Full-size high-security ECC implementation on MSP430 microcontrollers. In: Progress in cryptology — LATINCRYPT 2014. Lecture notes in computer science. Springer, Berlin, pp 31–47Google Scholar
  17. 17.
    Itoh T, Tsujii S (1988) A fast algorithm for computing multiplicative inverses in \(GF(2^m)\) using normal bases. Inf Comput 78(3):171–177MathSciNetCrossRefGoogle Scholar
  18. 18.
    Järvinen KU, Forsten J, Skyttä JO (2006) Efficient circuitry for computing \(\tau \)-adic non-adjacent form. In: Proceedings of the IEEE international conference on electronics, circuits and systems (ICECS ’06), pp 232–235Google Scholar
  19. 19.
    Kargl A, Pyka S, Seuschek H (2008) Fast arithmetic on ATmega128 for elliptic curve cryptography. Cryptology ePrint Archive, Report 2008/442Google Scholar
  20. 20.
    Koblitz N (1991) CM-curves with good cryptographic properties. In: Advances in cryptology — CRYPTO ’91. Lecture notes in computer science, vol 576. Springer, Berlin, pp. 279–287Google Scholar
  21. 21.
    Kumar S, Paar C, Pelzl J, Pfeiffer G, Schimmler M (2006) Breaking ciphers with COPACOBANA — a cost-optimized parallel code breaker. In: Cryptographic hardware and embedded systems (CHES 2006). Lecture notes in computer science, vol 4249. Springer, Berlin, pp 101–118Google Scholar
  22. 22.
    Lee YK, Sakiyama K, Batina L, Verbauwhede I (2008) Elliptic-curve-based security processor for RFID. IEEE Trans Comput 57(11):1514–1527MathSciNetCrossRefGoogle Scholar
  23. 23.
    López J, Dahab R (1999) Improved algorithms for elliptic curve arithmetic in \(GF(2^n)\). In: Selected areas in cryptography — SAC’98. Lecture notes in computer science, vol 1556. Springer, Berlin, pp 201–212CrossRefGoogle Scholar
  24. 24.
    National Institute of Standard and Technology (2000) Federal information processing standards publication, FIPS 186–2. Digital Signature StandardGoogle Scholar
  25. 25.
    National Institute of Standards and Technology (2013) Digital signature standard (DSS). Federal information processing standard, FIPS PUB 186-4Google Scholar
  26. 26.
    Okeya K, Takagi T, Vuillaume C (2005) Efficient representations on koblitz curves with resistance to side channel attacks. In: Proceedings of the 10th Australasian conference on information security and privacy — ACISP 2005. Lecture notes in computer science, vol 3574. Springer, Berlin, pp 218–229CrossRefGoogle Scholar
  27. 27.
    Pessl P, Hutter M (2014) Curved tags — a low-resource ECDSA implementation tailored for RFID. In: Workshop on RFID security — RFIDSec 2014CrossRefGoogle Scholar
  28. 28.
    Schaumont PR (2013) A practical introduction to hardware/software codesign, 2nd edn. Springer, BerlinCrossRefGoogle Scholar
  29. 29.
    Solinas JA (2000) Efficient arithmetic on koblitz curves. Des Codes Cryptogr 19(2–3):195–249MathSciNetCrossRefGoogle Scholar
  30. 30.
    Szczechowiak P, Oliveira LB, Scott M, Collier M, Dahab R (2008) NanoECC: testing the limits of elliptic curve cryptography in sensor networks. In: European conference on wireless sensor networks — ESWN 2008. Lecture notes in computer science, vol 4913. Springer, Berlin, pp 305–320Google Scholar
  31. 31.
    Texas Instruments (2007–2012) MSP430F261x and MSP430F241x, June 2007, Revised November 2012. Accessed 22 July 2015
  32. 32.
    Vuillaume C, Okeya K, Takagi T (2006) Defeating simple power analysis on koblitz curves. IEICE Trans Fundam Electron Commun Comput Sci E89-A(5):1362–1369CrossRefGoogle Scholar
  33. 33.
    Wenger E (2013) Hardware architectures for MSP430-based wireless sensor nodes performing elliptic curve cryptography. In: Applied cryptography and network security — ACNS 2013. Lecture notes in computer science, vol 7954. Springer, Berlin, pp 290–306CrossRefGoogle Scholar
  34. 34.
    Wenger E, Hutter M (2011) A hardware processor supporting elliptic curve cryptography for less than 9 kGEs. In: Smart card research and advanced applications — CARDIS 2011. Lecture notes in computer science, vol 7079. Springer, Berlin, pp 182–198CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.School of Computer ScienceUniversity of BirminghamBirminghamUK
  2. 2.ESAT—COSICKU LeuvenLeuvenBelgium

Personalised recommendations