Integer Decomposition for Fast Scalar Multiplication on Elliptic Curves

  • Dongryeol Kim
  • Seongan Lim
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2595)


Since Miller and Koblitz applied elliptic curves to cryptographic system in 1985 [3],[6], a lot of researchers have been interested in this field and various speedup techniques for the scalar multiplication have been developed. Recently, Gallant et al. published a method that accelerates the scalar multiplication and is applicable to a larger class of curves [4]. In the process of their method, they assumed the existence of a special pair of two short linearly independent vectors. Once a pair of such vectors exists, their decomposition method improves the efficiency of the scalar multiplication roughly about 50%. In this paper, we state and prove a necessary condition for the existence of a pair of desired vectors and we also present an algorithm to find them.


elliptic curve cryptosystem scalar multiplication integer decomposition endomorphism 


  1. 1.
    D. Bailey and C. Paar: ‘Optimal extention fields for fast arithmetic in public-key algorithms’, Advances in Cryptology-Crypto’98, Lecture Notes in Computer Science, Vol 1462, 1998, pp.472–485.zbMATHGoogle Scholar
  2. 2.
    H. Cohen, A. Miyaji, and T. Ono: ‘Efficient Elliptic Curve Exponentiation using Mixed Coordinates’, Advances in Cryptology-Asiacrypt’98, Lecture Notes in Computer Science, Vol 1514, 1998, pp.51–65.CrossRefGoogle Scholar
  3. 3.
    V. Miller: ‘Use of Elliptic Curves in Cryptography’, Advances in Cryptology-Crypto’85, Lecture Notes in Computer Science, Vol 263, 1986, pp.417–426.Google Scholar
  4. 4.
    R. Gallant, R. Lambert, and L. Vanstone: ‘Faster Point Multiplication on Elliptic Curves with Efficient Endomorphism’, Advances in Cryptology-Crypto’2001, Lecture Notes in Computer Science, Vol 2139, 2001, pp.190–201.Google Scholar
  5. 5.
    N. Koblitz: ‘CM-curves with Good Cryptographic Properties’, Advances in Cryptology-Crypto’91, 1992, 48, pp.279–287.MathSciNetzbMATHGoogle Scholar
  6. 6.
    N. Koblitz: ‘Elliptic Curve Cryptosystems’, Mathematics of Computation, 1987, 48, pp.203–209.MathSciNetCrossRefGoogle Scholar
  7. 7.
    C. Lim and P. Lee: ‘More Flexible Exponentiation with Precomputation’, Advances in Cryptology-Crypto’94, Lecture Notes in Computer Science, Vol 839, 1994, pp.95–107.Google Scholar
  8. 8.
    J. Solinas: ‘An Improved Algorithm for Arithmetic on a Family of Elliptic Curves’, Advances in Cryptology-Crypto’97, Lecture Notes in Computer Science, Vol 1294, 1997, pp.357–371.CrossRefGoogle Scholar
  9. 9.
    J. Solinas: ‘Efficient Arithmetic on Koblitz Curves’, Design, Codes and Crytography, 2000, 19, pp.195–249.MathSciNetCrossRefGoogle Scholar
  10. 10.
    V. Müller: ‘Fast Multiplication on Elliptic Curves over small fields of charactersitic two’, J. of Cryptology, 1998, 11, pp.219–234.MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Dongryeol Kim
    • 1
  • Seongan Lim
    • 1
  1. 1.KISA (Korea Information Security Agency)SeoulKorea

Personalised recommendations