Advertisement

Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves

  • Steven D. Galbraith
  • Xibin Lin
  • Michael Scott
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5479)

Abstract

Efficiently computable homomorphisms allow elliptic curve point multiplication to be accelerated using the Gallant-Lambert- Vanstone (GLV) method. We extend results of Iijima, Matsuo, Chao and Tsujii which give such homomorphisms for a large class of elliptic curves by working over \({\mathbb F}_{p^2}\) and demonstrate that these results can be applied to the GLV method.

In general we expect our method to require about 0.75 the time of previous best methods (except for subfield curves, for which Frobenius expansions can be used). We give detailed implementation results which show that the method runs in between 0.70 and 0.84 the time of the previous best methods for elliptic curve point multiplication on general curves.

Keywords

elliptic curves point multiplication GLV method isogenies 

References

  1. 1.
    Antipa, A., Brown, D., Gallant, R.P., Lambert, R., Struik, R., Vanstone, S.A.: Accelerated Verification of ECDSA Signatures. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 307–318. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Avanzi, R.M.: Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 148–162. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Avanzi, R., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Cryptography. Chapman and Hall/CRC (2006)Google Scholar
  4. 4.
    Bernstein, D.J.: Curve25519: New Diffie-Hellman Speed Records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Bernstein, D.J.: Elliptic vs. Hyperelliptic, part 1 ECC, Toronto, Canada (2006), http://www.cacr.math.uwaterloo.ca/conferences/2006/ecc2006/slides.html
  6. 6.
    Bernstein, D.J., Lange, T.: Faster Addition and Doubling on Elliptic Curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Bernstein, D.J., Lange, T.: Inverted Edwards Coordinates. In: Boztaş, S., Lu, H.-F. (eds.) AAECC 2007. LNCS, vol. 4851, pp. 20–27. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Bernstein, D.J., Lange, T.: Analysis and Optimization of Elliptic-Curve Single-Scalar Multiplication. In: Finite Fields and Applications: Proceedings of Fq8, Contemporary Mathematics 461, pp. 1–18. American Mathematical Society (2008)Google Scholar
  9. 9.
    Blake, I., Seroussi, G., Smart, N.P. (eds.): Elliptic Curves in Cryptography. Cambridge University Press, Cambridge (1999)zbMATHGoogle Scholar
  10. 10.
    eBATS: ECRYPT Benchmarking of Asymmetric Systems, http://www.ecrypt.eu.org/ebats/
  11. 11.
    Bernstein, D.J., Lange, T.: eBACS: ECRYPT Benchmarking of Cryptographic Systems (accessed January 9, 2009), http://bench.cr.yp.to/
  12. 12.
    Dahmen, E., Okeya, K., Schepers, D.: Affine Precomputation with Sole Inversion in Elliptic Curve Cryptography. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 245–258. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Galbraith, S.D., Scott, M.: Exponentiation in Pairing-Friendly Groups Using Homomorphisms. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 211–224. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Improving the Parallelized Pollard Lambda Search on Anomalous Binary Curves. Math. Comp. 69, 1699–1705 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Gaudry, P.: Index Calculus for Abelian Varieties of Small Dimension and the Elliptic Curve Discrete Logarithm Problem. J. Symbolic Comput. (to appear)Google Scholar
  17. 17.
    Gaudry, P., Thome, E.: The mpFq Library and Implementing Curve-Based Key Exchanges. In: SPEED workshop presentation, Amsterdam (June 2007)Google Scholar
  18. 18.
    Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to elliptic curve cryptography. Springer, Heidelberg (2004)zbMATHGoogle Scholar
  19. 19.
    Hankerson, D., Karabina, K., Menezes, A.J.: Analyzing the Galbraith-Lin-Scott Point Multiplication Method for Elliptic Curves over Binary Fields, eprint 2008/334Google Scholar
  20. 20.
    Iijima, T., Matsuo, K., Chao, J., Tsujii, S.: Costruction of Frobenius Maps of Twist Elliptic Curves and its Application to Elliptic Scalar Multiplication. In: SCIS 2002, IEICE Japan, pp. 699–702 (January 2002)Google Scholar
  21. 21.
    Kim, D., Lim, S.: Integer Decomposition for Fast Scalar Multiplication on Elliptic Curves. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 13–20. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Kozaki, S., Matsuo, K., Shimbara, Y.: Skew-Frobenius Maps on Hyperelliptic Curves, IEICE Trans. E91-A(7), 1839–1843 (2008)Google Scholar
  23. 23.
    Longa, P., Miri, A.: New Composite Operations and Precomputation Scheme for Elliptic Curve Cryptosystems over Prime Fields. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 229–247. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  24. 24.
    Möller, B.: Algorithms for Multi-exponentiation. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 165–180. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Möller, B.: Improved Techniques for Fast Exponentiation. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 298–312. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  26. 26.
    Möller, B.: Fractional Windows Revisited: Improved Signed-Digit Representations for Efficient Exponentiation. In: Park, C.-S., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 137–153. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Möller, B., Rupp, A.: Faster Multi-exponentiation through Caching: Accelerating (EC)DSA Signature Verification. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 39–56. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
    Montgomery, P.L.: Speeding the Pollard and Elliptic Curve Methods of Factorization. Math. Comp. 47, 243–264 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  29. 29.
    Nogami, Y., Morikawa, Y.: Fast Generation of Elliptic Curves with Prime Order over Extension Field of Even Extension Degree. In: Proceedings 2003 IEEE International Symposium on Information Theory, p. 18 (2003)Google Scholar
  30. 30.
    Park, Y.-H., Jeong, S., Kim, C.-H., Lim, J.-I.: An Alternate Decomposition of an Integer for Faster Point Multiplication on Certain Elliptic Curves. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 323–334. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  31. 31.
    Scott, M.: MIRACL – Multiprecision Integer and Rational Arithmetic C/C++ Library (2008), http://ftp.computing.dcu.ie/pub/crypto/miracl.zip
  32. 32.
    Scott, M., Szczechowiak, P.: Optimizing Multiprecision Multiplication for Public Key Cryptography (2007), http://eprint.iacr.org/2007/299
  33. 33.
    Sica, F., Ciet, M., Quisquater, J.-J.: Analysis of the Gallant-Lambert-Vanstone Method based on Efficient Endomorphisms: Elliptic and Hyperelliptic Curves. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 21–36. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  34. 34.
    Solinas, J.A.: Low-Weight Binary Representations for Pairs of Integers, Technical Report CORR 2001–41, CACR (2001)Google Scholar
  35. 35.
    Wiener, M., Zuccherato, R.J.: Faster Attacks on Elliptic Curve Cryptosystems. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 190–200. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Steven D. Galbraith
    • 1
  • Xibin Lin
    • 2
  • Michael Scott
    • 3
  1. 1.Mathematics Department, Royal HollowayUniversity of London, EghamSurreyUnited Kingdom
  2. 2.School of Mathematics and Computational ScienceSun Yat-Sen UniversityGuangzhouP.R. China
  3. 3.School of ComputingDublin City University, BallymunDublin 9Ireland

Personalised recommendations