Improvements of Addition Algorithm on Genus 3 Hyperelliptic Curves and Their Implementation

Genus 3 hyperelliptic curve cryptosystems are capable of fast-encryption on a 64-bit CPU, because a 56-bit field is enough for their definition fields. Recently, Kuroki et al. proposed an extension of the Harley algorithm, which had been known as the fastest addition algorithm of divisor classes on genus 2 hyperelliptic curves, on genus 3 hyperelliptic curves and Pelzl et al. improved the algorithm. This paper shows an improvement of the Harley algorithm on genus 3 hyperelliptic curves using Toom's multiplication. The proposed algorithm takes only I + 70M for an addition and I + 71M for a doubling instead of I + 76M and I + 74M respectively, which are the best possible of the previous works, where I and M denote the required time for an inversion and a multiplication over the definition field respectively. This paper also shows 2 variations of the proposed algorithm in order to adapt the algorithm to various platforms. Moreover this paper discusses finite field arithmetic suitable for genus 3 hyperelliptic curve cryptosystems and shows implementation results of the proposed algorithms on a 64-bit CPU. The implementation results show a 160-bit scalar multiplication can be done within 172 μs on a 64-bit CPU Alpha EV68 1.25 GHz.

[1]  Christof Paar,et al.  Optimal Extension Fields for Fast Arithmetic in Public-Key Algorithms , 1998, CRYPTO.

[2]  Tanja Lange,et al.  Efficient Arithmetic on Genus 2 Hyperelliptic Curves over Finite Fields via Explicit Formulae , 2002, IACR Cryptol. ePrint Arch..

[3]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[4]  Tanja Lange Weighted Coordinates on Genus 2 Hyperelliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[5]  Masanobu Katagi,et al.  Efficient Implementation of Genus Three Hyperelliptic Curve Cryptography over GF(2n) , 2003, IACR Cryptol. ePrint Arch..

[6]  Anatolij A. Karatsuba,et al.  Multiplication of Multidigit Numbers on Automata , 1963 .

[7]  Nicolas Thériault,et al.  Index Calculus Attack for Hyperelliptic Curves of Small Genus , 2003, ASIACRYPT.

[8]  Henning Stichtenoth,et al.  Algebraic function fields and codes , 1993, Universitext.

[9]  W. J. Harvey,et al.  TATA LECTURES ON THETA I (Progress in Mathematics, 28) , 1986 .

[10]  D. Cantor Computing in the Jacobian of a hyperelliptic curve , 1987 .

[11]  D. Mumford Tata Lectures on Theta I , 1982 .

[12]  Christof Paar,et al.  Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves , 2003, CHES.

[13]  Christof Paar,et al.  Low Cost Security: Explicit Formulae for Genus-4 Hyperelliptic Curves , 2003, Selected Areas in Cryptography.

[14]  Robert Harley,et al.  Counting Points on Hyperelliptic Curves over Finite Fields , 2000, ANTS.

[15]  Nigel P. Smart,et al.  Elliptic Curves in Cryptography: Preface , 1999 .

[16]  Tanja Lange Inversion-Free Arithmetic on Genus 2 Hyperelliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[17]  Henry S. Warren,et al.  Hacker's Delight , 2002 .

[18]  Joachim von zur Gathen,et al.  Modern Computer Algebra , 1998 .

[19]  Roberto Maria Avanzi,et al.  Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations , 2004, CHES.

[20]  Koh-ichi Nagao Improving Group Law Algorithms for Jacobians of Hyperelliptic Curves , 2000, ANTS.

[21]  Kazuto Matsuo,et al.  Fast Genus Three Hyperelliptic Curve Cryptosystems , 2002 .

[22]  Christof Paar,et al.  High Performance Arithmetic for Hyperelliptic Curve Cryptosystems of Genus Two , 2003, IACR Cryptol. ePrint Arch..

[23]  Kazumaro Aoki,et al.  A Cyclic Window Algorithm for ECC Defined over Extension Fields , 2001, ICICS.

[24]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[25]  Palash Sarkar,et al.  Parallelizing Explicit Formula for Arithmetic in the Jacobian of Hyperelliptic Curves , 2003, ASIACRYPT.

[26]  Pierrick Gaudry,et al.  An Algorithm for Solving the Discrete Log Problem on Hyperelliptic Curves , 2000, EUROCRYPT.