Abstract
Twisted Edwards curves are elliptic curves of the form \(ax^2 + y^2 = 1 + dx^2y^2\) for some constants a and d. The curves are called complete Edwards curves for the special case when \(a=1\) and d is not a square. Using complete Edwards curves for elliptic curve cryptography has many advantages as they have very efficient, complete, and unified point addition formula. In order to use complete Edwards curves for elliptic curve cryptography, we need to specify the curve as well as a point on the curve (typically of prime order). In this paper, we introduce some algorithms for generating complete Edwards curves over \(\mathbb {F}_p\) with \(4p_0\) number of points, where \(p_0\) is a prime and p is a prime of user-specified bit length. These algorithms are able to generate a complete Edwards curve over \(\mathbb {F}_p\) and a point of prime order on the curve in less than 3 (resp. 15, 35) minutes when p is a 256 (resp. 384, 512)-bit prime. These are much faster than the running time of the twisted Edwards curves generation algorithm proposed by Costello et al. in [4].
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Pseudo-Mersenne primes are primes of the form \(2^{\alpha } - \gamma \), while Montgomery-friendly primes are primes of the form \(2^{\alpha }(2^{\beta } - \gamma ) -1\), where \(\alpha , \beta , \gamma \) are integers. Primes of these forms are usually preferred for efficiency consideration [1].
References
Bos, J.W., Costello, C., Longa, P., Naehrig, M.: Selecting elliptic curves for cryptography: an efficiency and security analysis. J. Cryptol. Eng. 6, 259–286 (2016). doi:10.1007/s13389-015-0097-y
Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007). doi:10.1007/978-3-540-76900-2_3
Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68164-9_26
Costello, C., Longa, P., Naehrig, M.: A brief discussion on selecting new elliptic curves. Microsoft Research, Technical report MSR-TR-2015-46 (2015). http://research.microsoft.com/apps/pubs/default.aspx?id=246915
Crandall, R., Pomerance, C.: Prime Numbers: A Computational Perspective. Springer, New York (2005)
Edwards, H.M.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44(3), 393–422 (2007). doi:10.1090/S0273-0979-07-01153-6
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203–209 (1987). doi:10.1090/S0025-5718-1987-0866109-5
Hisil, H.: Elliptic curves, group law, and efficient computation, Ph.D. thesis, Queensland University of Technology (2010)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). doi:10.1007/3-540-39799-X_31
Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987). doi:10.1090/S0025-5718-1987-0866113-7
Morain, F.: Edwards curves and CM curves. Technical report (2009). https://hal.inria.fr/inria-00375427
Okeya, K., Kurumatani, H., Sakurai, K.: Elliptic curves with the montgomery-form and their cryptographic applications. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 238–257. Springer, Heidelberg (2000). doi:10.1007/978-3-540-46588-1_17
Schoof, R.: Elliptic curves over finite fields and the computation of square roots mod p. Math. Comput. 44, 483–494 (1985). doi:10.1090/S0025-5718-1985-0777280-6
Schoof, R.: Counting points on elliptic curves over finite fields. J. Theor. Nombres Bordx. 7, 219–254 (1995)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix
A List of Discriminants and Their Hilbert Class Polynomials
B Sample Output of Algorithms 4 and 5
The sample output of Algorithms 4 and 5 are given in Tables 3, 4 and 5 below.
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Prabowo, T.F., Tan, C.H. (2017). Generating Complete Edwards Curves. In: Pieprzyk, J., Suriadi, S. (eds) Information Security and Privacy. ACISP 2017. Lecture Notes in Computer Science(), vol 10343. Springer, Cham. https://doi.org/10.1007/978-3-319-59870-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-59870-3_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59869-7
Online ISBN: 978-3-319-59870-3
eBook Packages: Computer ScienceComputer Science (R0)