Advertisement

A Complete Divisor Class Halving Algorithm for Hyperelliptic Curve Cryptosystems of Genus Two

  • Izuru Kitamura
  • Masanobu Katagi
  • Tsuyoshi Takagi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3574)

Abstract

We deal with a divisor class halving algorithm on hyperelliptic curve cryptosystems (HECC), which can be used for scalar multiplication, instead of a doubling algorithm. It is not obvious how to construct a halving algorithm, due to the complicated addition formula of hyperelliptic curves. In this paper, we propose the first halving algorithm used for HECC of genus 2, which is as efficient as the previously known doubling algorithm. From the explicit formula of the doubling algorithm, we can generate some equations whose common solutions contain the halved value. From these equations we derive four specific equations and show an algorithm that selects the proper halved value using two trace computations in the worst case. If a base point is fixed, we can reduce these extra field operations by using a pre-computed table which shows the correct halving divisor class — the improvement over the previously known fastest doubling algorithm is up to about 10%. This halving algorithm is applicable to DSA and DH based on HECC. Finally, we present the divisor class halving algorithms for not only the most frequent case but also other exceptional cases.

Keywords

Elliptic Curf Scalar Multiplication General Curve Hyperelliptic Curve Divisor Class 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [Ava04]
    Avanzi, R.: Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 148–162. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. [ACF04]
    Avanzi, R., Ciet, M., Sica, F.: Faster Scalar Multiplication on Koblitz Curves Combining Point Halving with the Frobenius Endomorphism. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 28–40. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. [Can87]
    Cantor, D.: Computing in the Jacobian of a Hyperelliptic Curve. Mathematics of Computation 48(177), 95–101 (1987)zbMATHMathSciNetCrossRefGoogle Scholar
  4. [Duq04]
    Duquesne, S.: Montgomery Scalar Multiplication for Genus 2 Curves. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 153–168. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. [FHL+03]
    Fong, K., Hankerson, D., López, J., Menezes, A.: Field inversion and point halving revised, Technical Report CORR2003-18, http://www.cacr.math.uwaterloo.ca/techreports/2003/corr2003-18.pdf
  6. [GH00]
    Gaudry, P., Harley, R.: Counting Points on Hyperelliptic Curves over Finite Fields. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 313–332. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. [HHM00]
    Hankerson, D., Hernandez, J., Menezes, A.: Software Implementation of Elliptic Curve Cryptography over Binary Fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–24. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. [Har00a]
    Harley, R.: Adding.txt (2000), http://cristal.inria.fr/~harley/hyper/
  9. [Har00b]
    Harley, R.: Doubling.c (2000), http://cristal.inria.fr/~harley/hyper/
  10. [KKT05]
    Kitamura, I., Katagi, M., Takagi, T.: A Complete Divisor Class Halving Algorithm for Hyperelliptic Curve Cryptosystems of Genus Two, Cryptology ePrint Archive, 2004/255, IACR, (2004)Google Scholar
  11. [KR04]
    King, B., Rubin, B.: Improvements to the Point Halving Algorithm. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 262–276. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. [Kob89]
    Koblitz, N.: Hyperelliptic Cryptosystems. Journal of Cryptology 1, 139–150 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  13. [Knu99]
    Knudsen, E.: Elliptic Scalar Multiplication Using Point Halving. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 135–149. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. [Lan02a]
    Lange, T.: Efficient Arithmetic on Genus 2 Hyperelliptic Curves over Finite Fields via Explicit Formulae, Cryptology ePrint Archive, 2002/121, IACR (2002)Google Scholar
  15. [Lan02b]
    Lange, T.: Inversion-Free Arithmetic on Genus 2 Hyperelliptic Curves, Cryptology ePrint Archive, 2002/147, IACR (2002)Google Scholar
  16. [Lan02c]
    Lange, T.: Weighted Coordinates on Genus 2 Hyperelliptic Curves, Cryptology ePrint Archive, 2002/153, IACR (2002)Google Scholar
  17. [Lan04a]
    Lange, T.: Montgomery Addition for Genus Two Curves. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 309–317. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. [Lan04b]
    Lange, T.: Formulae for Arithmetic on Genus 2 Hyperelliptic Curves. J.AAECC 15(5), 295–328 (2005)zbMATHCrossRefGoogle Scholar
  19. [LS04]
    Lange, T., Stevens, M.: Efficient Doubling on Genus Two Curves over Binary Fields. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 189–202. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. [Men93]
    Menezes, A.: Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, Dordrecht (1993)zbMATHGoogle Scholar
  21. [Mum84]
    Mumford, D.: Tata Lectures on Theta II, Progress in Mathematics, vol. 43. Birkhäuser, Basel (1984)Google Scholar
  22. [MCT01]
    Matsuo, K., Chao, J., Tsuji, S.: Fast Genus Two Hyperelliptic Curve Cryptosystems. Technical Report ISEC2001-31, IEICE Japan, pp.89–96 (2001)Google Scholar
  23. [PWP03]
    Pelzl, J., Wollinger, T., Paar, C.: High Performance Arithmetic for Hyperelliptic Curve Cryptosystems of Genus Two, Cryptology ePrint Archive, 2003/212, IACR (2003)Google Scholar
  24. [PWG+03]
    Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 351–365. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. [Sch00]
    Schroeppel, R.: Elliptic curve point halving wins big. In: 2nd Midwest Arithmetic Geometry in Cryptography Workshop, Urbana, Illinois (November 2000)Google Scholar
  26. [SMC+02]
    Sugizaki, T., Matsuo, K., Chao, J., Tsujii, S.: An Extension of Harley Addition Algorithm for Hyperelliptic Curves over Finite Fields of Characteristic Two, Technical Report ISEC2002-9, IEICE Japan, pp.49–56 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Izuru Kitamura
    • 1
  • Masanobu Katagi
    • 1
  • Tsuyoshi Takagi
    • 2
  1. 1.Sony CorporationTokyoJapan
  2. 2.Future University HakodateHakodateJapan

Personalised recommendations