On Montgomery-Like Representationsfor Elliptic Curves over GF(2k)

This paper discusses representations for computation on non-supersingular elliptic curves over binary fields, where computations are performed on the x-coordinates only. We discuss existing methods and present a new one, giving rise to a faster addition routine than previous Montgomery-representations. As a result a double exponentiation routine is described that requires 8.5 field multiplications per exponent bit, but that does not allow easy y-coordinate recovery. For comparison, we also give a briefu pdate oft he survey by Hankerson et al. and conclude that, for non-constrained devices, using a Montgomery-representation is slower for both single and double exponentiation than projective methods with y-coordinate.

[1]  Kouichi Sakurai,et al.  Efficient Elliptic Curve Cryptosystems from a Scalar Multiplication Algorithm with Recovery of the y-Coordinate on a Montgomery-Form Elliptic Curve , 2001, CHES.

[2]  Tsuyoshi Takagi,et al.  A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks , 2002, Public Key Cryptography.

[3]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[4]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[5]  Yukio Tsuruoka Computing Short Lucas Chains for Elliptic Curve Cryptosystems , 2001 .

[6]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[7]  Bodo Möller Algorithms for Multi-exponentiation , 2001, Selected Areas in Cryptography.

[8]  Arjen K. Lenstra,et al.  Speeding Up XTR , 2001, ASIACRYPT.

[9]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[10]  Brian King,et al.  An Improved Implementation of Elliptic Curves over GF(2) when Using Projective Point Arithmetic , 2001, Selected Areas in Cryptography.

[11]  Ricardo Dahab,et al.  Improved Algorithms for Elliptic Curve Arithmetic in GF(2n) , 1998, Selected Areas in Cryptography.

[12]  Ricardo Dahab,et al.  Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation , 1999, CHES.

[13]  Alfred Menezes,et al.  Software Implementation of Elliptic Curve Cryptography over Binary Fields , 2000, CHES.

[14]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[15]  Toru Akishita,et al.  Fast Simultaneous Scalar Multiplication on Elliptic Curve with Montgomery Form , 2001, Selected Areas in Cryptography.

[16]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[17]  Gordon B. Agnew,et al.  An Implementation of Elliptic Curve Cryptosystems Over F2155 , 1993, IEEE J. Sel. Areas Commun..

[18]  Alfred Menezes,et al.  Elliptic curve cryptosystems and their implementation , 1993, Journal of Cryptology.

[19]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[20]  Kouichi Sakurai,et al.  Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications , 2000, Public Key Cryptography.

[21]  Aaron Strauss Continuous Dependence of Solutions of Ordinary Differential Equations , 1964 .

[22]  Daniel Bleichenbacher,et al.  Efficiency and security of cryptosystems based on number theory , 1996 .

[23]  Jim Law Selected papers on analysis of algorithms , 2001, SOEN.