Decaf: Eliminating Cofactors Through Point Compression

We propose a new unified point compression format for Edwards, Twisted Edwards and Montgomery curves over large-characteristic fields, which effectively divides the curve’s cofactor by 4 at very little cost to performance. This allows cofactor-4 curves to efficiently implement prime-order groups.

[1]  Tanja Lange,et al.  High-Speed High-Security Signatures , 2011, CHES.

[2]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[3]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.

[4]  Tanja Lange,et al.  High-speed high-security signatures , 2011, Journal of Cryptographic Engineering.

[5]  Tanja Lange,et al.  Twisted Edwards Curves , 2008, AFRICACRYPT.

[6]  Daniel J. Bernstein,et al.  Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.

[7]  Marc Joye,et al.  The Jacobi Model of an Elliptic Curve and Side-Channel Analysis , 2003, AAECC.

[8]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[9]  Feng Hao,et al.  J-PAKE: Authenticated Key Exchange without PKI , 2010, Trans. Comput. Sci..

[10]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[11]  Tanja Lange,et al.  Faster Addition and Doubling on Elliptic Curves , 2007, ASIACRYPT.

[12]  Ed Dawson,et al.  Jacobi Quartic Curves Revisited , 2009, ACISP.

[13]  Feng Hao,et al.  Cryptanalysis of the dragonfly key exchange protocol , 2014, IET Inf. Secur..

[14]  Craig Costello,et al.  Selecting elliptic curves for cryptography: an efficiency and security analysis , 2016, Journal of Cryptographic Engineering.

[15]  Jean-Sébastien Coron,et al.  Efficient Indifferentiable Hashing into Ordinary Elliptic Curves , 2010, CRYPTO.

[16]  H. Edwards A normal form for elliptic curves , 2007 .

[17]  Hassan M. Elkamchouchi,et al.  An efficient protocol for authenticated key agreement , 2011, 2011 28th National Radio Science Conference (NRSC).

[18]  Ed Dawson,et al.  Faster Group Operations on Elliptic Curves , 2009, AISC.

[19]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[20]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[21]  Michael Hamburg,et al.  Fast and compact elliptic-curve cryptography , 2012, IACR Cryptol. ePrint Arch..

[22]  Ed Dawson,et al.  Twisted Edwards Curves Revisited , 2008, IACR Cryptol. ePrint Arch..

[23]  Jonathan Katz,et al.  Efficient Signature Schemes with Tight Reductions to the Diffie-Hellman Problems , 2007, Journal of Cryptology.

[24]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[25]  Alfred Menezes,et al.  An Efficient Protocol for Authenticated Key Agreement , 2003, Des. Codes Cryptogr..

[26]  Alfred Menezes,et al.  On the Importance of Public-Key Validation in the MQV and HMQV Key Agreement Protocols , 2006, INDOCRYPT.

[27]  Robert Granger,et al.  On isogeny classes of Edwards curves over finite fields , 2011, IACR Cryptol. ePrint Arch..

[28]  Marc Joye,et al.  Efficient Arithmetic on Hessian Curves , 2010, Public Key Cryptography.