Faster Point Scalar Multiplication on Short Weierstrass Elliptic Curves over Fp using Twisted Hessian Curves over Fp2

• Autorzy: Wroński M.
• Języki publikacji: EN

Abstrakty

EN

This article shows how to use fast F_p2 arithmetic and twisted Hessian curves to obtain faster point scalar multiplication on elliptic curve E_SW in short Weierstrass form over F_p. It is assumed that p and #E_SW(F_p) are different large primes, #E(F_q) denotes number of points on curve E over field F_q and #E^t_SW (F_p), where E^t is twist of E, is divisible by 3. For example this method is suitable for two NIST curves over F_p: NIST P-224 and NIST P-256. The presented solution may be much faster than classic approach. Presented solution should also be resistant for side channel attacks and information about Y coordinate should not be lost (using for example Brier-Joye ladder such information may be lost). If coefficient A in equation of curve E_SW : y² =x³+Ax+B in short Weierstrass curve is not of special form, presented solution is up to 30% faster than classic approach. If A=−3, proposed method may be up to 24% faster.

Słowa kluczowe

EN

elliptic curve cryptography; hardware implementation; twisted Hessian curves

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2016
• Tom: nr 3
• Strony: 98--102
• Opis fizyczny: Bibliogr. 9 poz., rys.

Twórcy

autor

Wroński M.

• Department of Mathematics and Cryptology, Military University of Technology, Kaliskiego st 2, 00-908 Warsaw, Poland

Bibliografia

• [1] E. Brier and M. Joye, “Weierstraß elliptic curves and side-channel attacks”, in Public Key Cryptography, LNCS, vol. 2274, pp. 335–345. Springer, 2002 (doi: 10.007/3-540-45664-3 24).
• [2] S. Ghosh, D. Mukhopadhyay, and D. Roychowdhury, “High speed flexible pairing cryptoprocessor on FPGA platform”, in Pairing-Based Cryptography – Pairing 2010, S. Ghosh, D. Mukhopadhyay, and D. Roychowdhury, Eds. LNCS, vol. 6487, pp. 450–466. Springer, 2010 (doi: 10.1007/978/3/642-17455-1 28).
• [3] H. Cohen and G. Frey, Handbook of Elliptic and Hyperelliptic Curve Cryptography. New York: Chapman & Hall/CRC, 2006.
• [4] J. Renes, C. Costello, and L. Batina, “Complete addition formulas for prime order elliptic curves”, Cryptology ePrint Archive, Report 2015/1060, 2015 [Online]. Available: https://eprint.iacr.org/ 2015/1060
• [5] Explicit Formulas Database. [Online]. Available: http://hyperelliptic.org/EFD/g1p/index.html
• [6] D. Bernstein, Ch. Chuengsatiansup, D. Kohel, and T. Lange, “Twisted Hessian curves”, Cryptology ePrint Archive, Report 2015/781, 2015 [Online]. Available: https://eprint.iacr.org/2015/781
• [7] N. P. Smart, “The Hessian form of an elliptic curve”, in Cryptographic Hardware and Embedded Systems – CHES 2001, LNCS, vol. 2162, pp. 118–125. Springer, 2001 (doi: 10.1007/3-540-44709-1 11).
• [8] “Recommended Elliptic Curves For Federal Government Use”, National Institute of Standards and Technology, MA, USA, 1999 [Online]. Available: http://csrc.nist.gov/groups/ST/toolkit/documents/ dss/NISTReCur.pdf, 1999
• [9] S. Galbraith, X. Lin, and M. Scott, “Endomorphisms for faster elliptic curve cryptography on a large class of curves”, J. of Cryptol., vol. 24, no. 3, pp. 446–469, 2011.