Advertisement

Lambda Coordinates for Binary Elliptic Curves

  • Thomaz Oliveira
  • Julio López
  • Diego F. Aranha
  • Francisco Rodríguez-Henríquez
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8086)

Abstract

In this work we present the λ-coordinates, a new system for representing points in binary elliptic curves. We also provide efficient elliptic curve operations based on the new representation and timing results of our software implementation over the field \(\mathbb{F}_{2^{254}}\). As a result, we improve speed records for protected/unprotected single/multi-core software implementations of random-point elliptic curve scalar multiplication at the 128-bit security level. When implemented on a Sandy Bridge 3.4GHz Intel Xeon processor, our software is able to compute a single/multi-core unprotected scalar multiplication in 72,300 and 47,900 clock cycles, respectively; and a protected single-core scalar multiplication in 114,800 cycles. These numbers improve by around 2% on the newer Core i7 2.8GHz Ivy Bridge platform.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Agnew, G.B., Mullin, R.C., Vanstone, S.A.: An implementation of elliptic curve cryptosystems over \(F_{2^{155}}\). IEEE J. Sel. Areas Commun. 11(5), 804–813 (1993)CrossRefGoogle Scholar
  2. 2.
    Ahmadi, O., Hankerson, D., Rodríguez-Henríquez, F.: Parallel formulations of scalar multiplication on Koblitz curves. J. UCS 14(3), 481–504 (2008)MathSciNetzbMATHGoogle Scholar
  3. 3.
    Al-Daoud, E., Mahmod, R., Rushdan, M., Kilicman, A.: A new addition formula for elliptic curves over GF(2n). IEEE Trans. Comput. 51(8), 972–975 (2002)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Aranha, D.F., Faz-Hernández, A., López, J., Rodríguez-Henríquez, F.: Faster Implementation of Scalar Multiplication on Koblitz Curves. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 177–193. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  5. 5.
    Aranha, D.F., López, J., Hankerson, D.: Efficient Software Implementation of Binary Field Arithmetic Using Vector Instruction Sets. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 144–161. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Bernstein, D.J.: Curve25519: New Diffie-Hellman Speed Records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Bernstein, D.J., Lange, T. (eds.): eBACS: ECRYPT Benchmarking of Cryptographic Systems, http://bench.cr.yp.to (accessed June 6, 2013)
  8. 8.
    Bernstein, D.J., Lange, T., Rezaeian Farashahi, R.: Binary Edwards Curves. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 244–265. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Bos, J.W., Costello, C., Hisil, H., Lauter, K.: Fast Cryptography in Genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 194–210. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  10. 10.
    Chatterjee, S., Karabina, K., Menezes, A.: A new protocol for the nearby friend problem. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 236–251. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Chudnovsky, D.V., Chudnovsky, G.V.: Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. Appl. Math. 7(4), 385–434 (1986)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Faz-Hernández, A., Longa, P., Sanchez, A.H.: Efficient and Secure Methods for GLV-Based Scalar Multiplication and their Implementation on GLV-GLS Curves. Cryptology ePrint Archive, Report 2013/158 (2013), http://eprint.iacr.org/
  13. 13.
    Firasta, M., Buxton, M., Jinbo, P., Nasri, K., Kuo, S.: Intel AVX: New Frontiers in Performance Improvements and Energy Efficiency. White paper, Intel Corporation (2008), http://software.intel.com
  14. 14.
    Fong, K., Hankerson, D., López, J., Menezes, A.: Field inversion and point halving revisited. IEEE Trans. Comput. 53(8), 1047–1059 (2004)CrossRefGoogle Scholar
  15. 15.
    Galbraith, S., Lin, X., Scott, M.: Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves. J. Cryptol. 24, 446–469 (2011)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Gaudry, P., Hess, F., Smart, N.P.: Constructive and destructive facets of Weil descent on elliptic curves. J. Cryptol. 15, 19–46 (2002)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Hamburg, M.: Fast and compact elliptic-curve cryptography. Cryptology ePrint Archive, Report 2012/309 (2012), http://eprint.iacr.org/
  19. 19.
    Hankerson, D., Karabina, K., Menezes, A.: Analyzing the Galbraith-Lin-Scott Point Multiplication Method for Elliptic Curves over Binary Fields. IEEE Trans. Comput. 58(10), 1411–1420 (2009)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer-Verlag New York, Inc., Secaucus (2003)zbMATHGoogle Scholar
  21. 21.
    Hankerson, D., Hernandez, J.L., Menezes, A.: Software Implementation of Elliptic Curve Cryptography over Binary Fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–24. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  22. 22.
    Hess, F.: Generalising the GHS Attack on the Elliptic Curve Discrete Logarithm Problem. LMS J. Comput. Math. 7, 167–192 (2004)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Intel Corporation: Intel SSE4 Programming Reference, Reference Number: D91561-001 (2007), http://software.intel.com
  24. 24.
    Intel Corporation: Intel Architecture Instruction Set Extensions Programming Reference, Reference Number: 319433-014 (2012), http://software.intel.com
  25. 25.
    Itoh, T., Tsujii, S.: A fast algorithm for computing multiplicative inverses in GF(2m) using normal bases. Inf. Comput. 78(3), 171–177 (1988)CrossRefGoogle Scholar
  26. 26.
    Joye, M., Tunstall, M.: Exponent recoding and regular exponentiation algorithms. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 334–349. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Kim, D., Lim, S.: Integer Decomposition for Fast Scalar Multiplication on Elliptic Curves. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 13–20. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  28. 28.
    Kim, K.H., Kim, S.I.: A New Method for Speeding Up Arithmetic on Elliptic Curves over Binary Fields. Cryptology ePrint Archive, Report 2007/181 (2007), http://eprint.iacr.org/
  29. 29.
    King, B.: An Improved Implementation of Elliptic Curves over GF(2n) when Using Projective Point Arithmetic. In: Vaudenay, S., Youssef, A. (eds.) SAC 2001. LNCS, vol. 2259, pp. 134–150. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  30. 30.
    Knudsen, E.W.: Elliptic Scalar Multiplication Using Point Halving. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 135–149. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  31. 31.
    Knuth, D.E.: The Art of Computer Programming: Seminumerical Algorithms, vol. 2. Addison-Wesley, Boston (1997)zbMATHGoogle Scholar
  32. 32.
    Lange, T.: A note on López-Dahab coordinates. Cryptology ePrint Archive, Report 2004/323 (2006), http://eprint.iacr.org/
  33. 33.
    Lim, C.H., Hwang, H.S.: Speeding up elliptic scalar multiplication with precomputation. In: Song, J.S. (ed.) ICISC 1999. LNCS, vol. 1787, pp. 102–119. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  34. 34.
    Longa, P., Sica, F.: Four-Dimensional Gallant-Lambert-Vanstone Scalar Multiplication. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 718–739. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  35. 35.
    Longa, P., Sica, F.: Four-Dimensional Gallant-Lambert-Vanstone Scalar Multiplication. J. Cryptol. (to appear, 2013)Google Scholar
  36. 36.
    López, J., Dahab, R.: Improved Algorithms for Elliptic Curve Arithmetic in GF(2n). In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 201–212. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  37. 37.
    López, J., Dahab, R.: An overview of elliptic curve cryptography. Tech. Rep. IC-00-10, Institute of computing, University of Campinas (2000), http://www.ic.unicamp.br/~reltech/2000/00-10.pdf
  38. 38.
    López, J., Dahab, R.: New Point Compression Algorithms for Binary Curves. In: IEEE Information Theory Workshop (ITW 2006), pp. 126–130. IEEE Press, New York (2006)CrossRefGoogle Scholar
  39. 39.
    Park, Y.-H., Jeong, S., Kim, C.H., Lim, J.: An Alternate Decomposition of an Integer for Faster Point Multiplication on Certain Elliptic Curves. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 323–334. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  40. 40.
    Schroeppel, R.: Automatically solving equations in finite fields. U.S. patent 2002/0055962 A1 (2002)Google Scholar
  41. 41.
    Taverne, J., Faz-Hernández, A., Aranha, D.F., Rodríguez-Henríquez, F., Hankerson, D., López, J.: Speeding scalar multiplication over binary elliptic curves using the new carry-less multiplication instruction. Journal of Cryptographic Engineering 1, 187–199 (2011)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Thomaz Oliveira
    • 1
  • Julio López
    • 2
  • Diego F. Aranha
    • 3
  • Francisco Rodríguez-Henríquez
    • 1
  1. 1.Computer Science DepartmentCINVESTAV-IPNMexico
  2. 2.Institute of ComputingUniversity of CampinasBrazil
  3. 3.Department of Computer ScienceUniversity of BrasíliaBrazil

Personalised recommendations