Abstract
In most algorithms involving elliptic curves, the most expensive part consists in computing multiples of points. This paper investigates how to extend the τ-adic expansion from Koblitz curves to a larger class of curves defined over a prime field having an efficiently-computable endomorphism φ in order to perform an efficient point multiplication with efficiency similar to Solinas’ approach presented at CRYPTO ’97. Furthermore, many elliptic curve cryptosystems require the computation of k 0 P + k 1 Q. Following the work of Solinas on the Joint Sparse Form, we introduce the notion of φ-Joint Sparse Form which combines the advantages of a φ-expansion with the additional speedup of the Joint Sparse Form. We also present an efficient algorithm to obtain the φ-Joint Sparse Form. Then, the double exponentiation can be done using the φ endomorphism instead of doubling, resulting in an average of l applications of φ and l/2 additions, where l is the size of the ki’s. This results in an important speed-up when the computation of φ is particularly effective, as in the case of Koblitz curves.
The work described in this paper has been supported [in part] by the Commission of the European Communities through the IST Programme under Contract IST-1999-12324, http://www.cryptonessie.org/. The information in this document is provided as is, and no guarantee or warranty is given or implied that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. The views expressed are those of the authors and do not represent an official view/position of the NESSIE project (as a whole).
Chapter PDF
References
IEEE Std 1363-2000. IEEE Standard Specifications for Public-Key Cryptography. IEEE Computer Society, August 29, 2000.
R.M. Avanzi. On multi-exponentiation in cryptography. Technical Report 2002/154, Cryptology ePrint Archive, Available at: http://eprint.iacr.org/2002/154, 2002.
D.J. Bernstein. Pippenger’s exponentiation algorithm. Available at: http://cr.yp.to/papers.html, 2002.
I. Blake, G. Seroussi, and N. Smart. Elliptic Curves in Cryptography, volume 265 of London Mathematical Society. Cambridge University Press, 2000.
H. Cohen. A Course in Computational Algebraic Number Theory, volume 138 of Graduate Texts in Mathematics. Springer, 1996.
H. Cohen, A. Miyaji, and T. Ono. Efficient Elliptic Curve using Mixed Coordinates. In K. Ohta and D. Pei, editors, Advances in Cryptography — Proceedings of ASIACRYPT 1998, volume 1514 of Lecture Notes in Computer Science, pages 51–65. Springer, 1998.
T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):469–472, 1985.
Standard for Efficient Cryptography. Elliptic Curve Cryptography Ver.1.0 Technical report, Certicom, Available at: http://www.secg.org/drafts.html, 2001.
R. P. Gallant, J. L. Lambert, and S. A. Vanstone. Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms. In J. Kilian, editor, Advances in Cryptology — Proceedings of CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 190–200. Springer, 2001.
D. M. Gordon. A Survey of Fast Exponentiation Methods. Journal of Algorithms, 27(1):129–146, 1998.
N. Koblitz. CM-curves with good cryptographic properties. In Joan Feigenbaum, editor, Advances in Cryptology — Proceedings of CRYPTO 1991, volume 576 of Lecture Notes in Computer Science, pages 279–287, Berlin, 1991. Springer.
T. Lange. Efficient Arithmetic on Hyperelliptic Koblitz Curves. PhD thesis, University of Essen, 2001.
F. Morain and J. Olivos. Speeding up the Computations on an Elliptic Curve using Addition-Subtraction Chains. Inform. Theor. Appl., 24:531–543, 1990.
V. Müller. Fast Multiplication on Elliptic Curves over Small Fields of Characteristic Two. Journal of Cryptology, 11(4):219–234, 1998.
V. Müller. Efficient Point Multiplication for Elliptic Curves over Special Optimal Extension Fields. In Walter de Gruyter, editor, Public-Key Cryptography and Computational Number Theory, pages 197–207, Warschau, Poland, September 11–15, 2000 (2001).
National Institute of Standards and Technology. FIPS-186-2: Digital Signature Standard (DSS), January 2000. Available at http://csrc.nist.gov/publications/fips/.
Y-H. Park, S. Jeong, C. Kim, and J. Lim. An Alternate Decomposition of an Integer for Faster Point Multiplication on Certain Elliptic Curves. In D. Naccache and P. Paillier, editors, Advances in Cryptology — Proceedings of PKC 2002, volume 2274 of Lecture Notes in Computer Science, pages 323–334. Springer, 2002.
G.W. Reitwiesner. Binary arithmetic. Advances in Computers, 1:231–308, 1960.
F. Sica, M. Ciet, and J-J. Quisquater. Analysis of the Gallant-Lambert-Vanstone Method based on Efficient Endomorphisms: Elliptic and Hyperelliptic Curves. In H. Heys and K. Nyberg, editors, Proceedings of Selected Areas in Cryptography (SAC 2002), Lecture Notes in Computer Science. Springer, 2002. To appear.
N.P. Smart. Elliptic Curve Cryptosystems over Small Fields of Odd Characteristic. Journal of Cryptology, 12(2):141–151, 1999.
J. Solinas. Efficient arithmetic on Koblitz curves. Designs, Codes and Cryptography, 19:195–249, 2000.
J. A. Solinas. An Improved Algorithm for Arithmetic on a Family of Elliptic Curves. In Burton S. Kaliski Jr., editor, Advances in Cryptology — Proceedings of CRYPTO 1997, volume 1294 of Lecture Notes in Computer Science, pages 357–371. Springer, 1997.
J.A. Solinas. Low-Weight Binary Representations for Pairs of Integers. Technical Report CORR 2001-41, CACR, Available at: www.cacr.math.uwaterloo.ca/~techreports/2001/corr2001-41.ps, 2001.
E.G. Straus. Addition chains of vectors (problem 5125). American Mathematical Monthly 70, pages 806–808, 1964.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 International Association for Cryptologic Research
About this paper
Cite this paper
Ciet, M., Lange, T., Sica, F., Quisquater, JJ. (2003). Improved Algorithms for Efficient Arithmetic on Elliptic Curves Using Fast Endomorphisms. In: Biham, E. (eds) Advances in Cryptology — EUROCRYPT 2003. EUROCRYPT 2003. Lecture Notes in Computer Science, vol 2656. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39200-9_24
Download citation
DOI: https://doi.org/10.1007/3-540-39200-9_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-14039-9
Online ISBN: 978-3-540-39200-2
eBook Packages: Springer Book Archive