ASIACRYPT 2003: Advances in Cryptology - ASIACRYPT 2003 pp 93-110

Parallelizing Explicit Formula for Arithmetic in the Jacobian of Hyperelliptic Curves

• Palash Sarkar
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2894)

Abstract

One of the recent thrust areas in research on hyperelliptic curve cryptography has been to obtain explicit formulae for performing arithmetic in the Jacobian of such curves. We continue this line of research by obtaining parallel versions of such formulae. Our first contribution is to develop a general methodology for obtaining parallel algorithm of any explicit formula. Any parallel algorithm obtained using our methodology is provably optimal in the number of multiplication rounds. We next apply this methodology to Lange’s explicit formula for arithmetic in genus 2 hyperelliptic curve – both for the affine coordinate and inversion free arithmetic versions. Since encapsulated add-and-double algorithm is an important countermeasure against side channel attacks, we develop parallel algorithms for encapsulated add-and-double for both of Lange’s versions of explicit formula. For the case of inversion free arithmetic, we present parallel algorithms using 4, 8 and 12 multipliers. All parallel algorithms described in this paper are optimal in the number of parallel rounds. One of the conclusions from our work is the fact that the parallel version of inversion free arithmetic is more efficient than the parallel version of arithmetic using affine coordinates.

Keywords

hyperelliptic curve cryptography explicit formula parallel algorithm Jacobian encapsulated add-and-double

References

1. 1.
Cantor, D.G.: Computing in the Jacobian of a Hyperelliptic curve. Mathematics of Computation 48, 95–101 (1987)
2. 2.
Cormen, T.H., Leiserson, C.E., Rivest, R.L.: Introduction to Algorithms. MIT Press, Cambridge (1997)Google Scholar
3. 3.
Coron, J.-S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)
4. 4.
Gaudry, P., Harley, R.: Counting Points on Hyperelliptic Curves over Finite Fields. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 297–312. Springer, Heidelberg (2000)
5. 5.
Harley, R.: Fast Arithmetic on Genus 2 Curves (2000), Avaiable at: http://cristal.inria.fr/~harley/hyper
6. 6.
Izu, T., Takagi, T.: A Fast Parallel Elliptic Curve Multiplication Resistant against Side-Channel Attacks. Technical Report CORR 2002-03, University of Waterloo (2002), Available at: http://www.cacr.math.uwaterloo.ca
7. 7.
Izu, T., Möller, B., Takagi, T.: Improved Elliptic Curve Multiplication Methods Resistant Against Side Channel Attacks. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 296–313. Springer, Heidelberg (2002)
8. 8.
Koblitz, N.: Hyperelliptic Cryptosystems. Journal of Cryptology 1, 139–150 (1989)
9. 9.
Menezes, J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
10. 10.
Lange, T.: Efficient Arithmetic on Hyperelliptic Curves. PhD thesis, Universität Gesamthochsschule Essen (2001)Google Scholar
11. 11.
Lange, T.: Efficient Arithmetic on Genus 2 Curves over Finite Fields via Explicit Formulae. Cryptology ePrint Archive, Report 2002/121 (2002), http://eprint.iacr.org/
12. 12.
Lange, T.: Inversion-free Arithmetic on Genus 2 Hyperelliptic Curves. Cryptology ePrint Archive, Report 2002/147 (2002), http://eprint.iacr.org/
13. 13.
Lange, T.: Weighted Co-ordinates on Genus 2 Hyperelliptic Curves. Cryptology ePrint Archive, Report 2002/153 (2002), http://eprint.iacr.org/
14. 14.
Matsuo, K., Chao, J., Tsujii, S.: Fast Genus Two Hyperelliptic Curve Cryptosystems. In: ISEC 2001, IEICE (2001)Google Scholar
15. 15.
Menezes, A., Wu, Y., Zuccherato, R.: An Elementary Introduction to Hyperelliptic Curves. Technical Report CORR 96-19, University of Waterloo, Canada (1996), Available at: http://www.cacr.math.uwaterloo.ca
16. 16.
Mishra, P.K., Sarkar, P.: Parallelizing Explicit Formula in the Jacobian of Hyperelliptic Curves (Full Version) Available at the Technical Report Section (Number 16) of http://www.isical.ac.in/~crg. Also available at IACR ePrint Archive, http://eprint.iacr.org/
17. 17.
Miyamoto, Y., Doi, H., Matsuo, K., Chao, J., Tsujii, S.: A fast addition algorithm for genus 2 hyperelliptic curves. In: Proc. of SCIS 2002, IEICE, Japan, pp. 497–502 (2002) (in Japanese)Google Scholar
18. 18.
Montgomery, P.: Speeding the Pollard and Elliptic Curve Methods for Factorisation. Math. Comp. 48, 243–264 (1987)
19. 19.
Nagao, K.: Improving Group Law Algorithms for Jacobians of Hyperelliptic Curves. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, Springer, Heidelberg (2000)
20. 20.
Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves. Cryptology ePrint Archive, Report 2003/026 (2003), http://eprint.iacr.org/
21. 21.
Pelzl, J., Wollinger, T., Paar, C.: Low Cost Security: Explicit Formulae for Genus 4 Hyperelliptic Curves. Cryptology ePrint Archive, Report 2003/097 (2003), http://eprint.iacr.org/
22. 22.
Spallek, M.: Kurven vom Geschletch 2 und irhe Anwendung in Public-Key- Kryptosystemen. PhD Thesis, Universität Gesamthochschule, Essen (1994)Google Scholar
23. 23.
Takahashi, M.: Improving Harley Algorithms for Jacobians of Genus 2 Hyperelliptic Curves. In: Proc. of SCIS 2002, ICICE, Japan (2002) (in Japanese)Google Scholar