Efficient Integer Representations for Cryptographic Operations

Every positive integer has a unique radix 2 representation which uses the digits {0, 1}. However, if we allow digits other than 0 and 1, say {0, 1,−1}, then a positive integer has many representations. Of these redundant representations, it is possible to choose one that has few nonzero digits. It is well known that using representations of integers with few nonzero digits allows certain algebraic operations to be done more quickly. This thesis is concerned with various representations of integers that are related to efficient implementations of algebraic operations in cryptographic algorithms. The topics covered here include: –The width-w nonadjacent form (w-NAF). We prove that the w-NAF of an integer has a minimal number of nonzero digits; that is, no other representation of an integer, which uses the w-NAF digits, can have fewer nonzero digits than its w-NAF. –A left-to-right analogue of the w-NAF. We introduce a new family of radix 2 representations which use the same digits as the w-NAF, but have the property that they can be computed by sliding a window from left to right across the binary representation of an integer. We show these new representations have a minimal number of nonzero digits. –Joint representations. Solinas introduced a {0, 1,−1}-radix 2 representation for pairs of integers called the joint sparse form. We consider generalizations of the joint sparse form which represent r ≥ 2 integers and use digits other than {0, 1,−1}. We show how to construct a {0, 1, 2, 3}-joint representation that has a minimal number of nonzero columns. –Nonadjacent digit sets. It is well known that if x equals 3 or −1 then every nonnegative integer has a unique {0, 1, x}-nonadjacent form; that is, a {0, 1, x}-radix 2 representation with the property that, of any two consecutive digits, at most one is nonzero. We investigate what other values of x have this property.

[1]  J. Olivos,et al.  Speeding up the computations on an elliptic curve using addition-subtraction chains , 1990, RAIRO Theor. Informatics Appl..

[2]  Tsuyoshi Takagi,et al.  Signed Binary Representations Revisited , 2004, CRYPTO.

[3]  Thomas Peyrin,et al.  Advances in Alternative Non-adjacent Form Representations , 2004, INDOCRYPT.

[4]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[5]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[6]  J. Solinas Low-Weight Binary Representations for Pairs of Integers , 2001 .

[7]  Douglas R. Stinson,et al.  New Minimal Weight Representations for Left-to-Right Window Methods , 2005, CT-RSA.

[8]  Roberto Maria Avanzi,et al.  On multi-exponentiation in cryptography , 2002, IACR Cryptol. ePrint Arch..

[9]  CLEMENS HEUBERGER,et al.  THE ALTERNATING GREEDY EXPANSION AND APPLICATIONS TO LEFT-TO-RIGHT ALGORITHMS IN CRYPTOGRAPHY , 2004 .

[10]  Helmut Prodinger,et al.  Analysis of linear combination algorithms in cryptography , 2005, TALG.

[11]  Alfred Menezes,et al.  Topics in Cryptology – CT-RSA 2005 , 2005 .

[12]  Xiaoyu Ruan,et al.  Left-to-right binary signed-digit recoding for elliptic curve cryptography , 2004, 2004 IEEE International Symposium on Circuits and Systems (IEEE Cat. No.04CH37512).

[13]  Jerome A. Solinas An Improved Algorithm for Arithmetic on a Family of Elliptic Curves , 1997, CRYPTO.

[14]  Rajendra S. Katti,et al.  Speeding up elliptic cryptosystems using a new signed binary representation for integers , 2002, Proceedings Euromicro Symposium on Digital System Design. Architectures, Methods and Tools.

[15]  Nicholas Pippenger,et al.  On the Evaluation of Powers and Monomials , 1980, SIAM J. Comput..

[16]  Bodo Möller,et al.  Fractional Windows Revisited: Improved Signed-Digit Representations for Efficient Exponentiation , 2004, ICISC.

[17]  Helmut Prodinger,et al.  Analysis of Alternative Digit Sets for Nonadjacent Representations , 2006 .

[18]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[19]  Andrew D. Booth,et al.  A SIGNED BINARY MULTIPLICATION TECHNIQUE , 1951 .

[20]  Volker Müller Fast Multiplication on Elliptic Curves over Small Fields of Characteristic Two , 1998, Journal of Cryptology.

[21]  Daniel M. Gordon,et al.  A Survey of Fast Exponentiation Methods , 1998, J. Algorithms.

[22]  Atsuko Miyaji,et al.  Efficient elliptic curve exponentiation , 1997, ICICS.

[23]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[24]  C. Mitchell,et al.  Minimum weight modified signed-digit representations and fast exponentiation , 1989 .

[25]  Bodo Möller,et al.  Improved Techniques for Fast Exponentiation , 2002, ICISC.

[26]  Yukio Tsuruoka,et al.  Speeding up Elliptic Cryptosystems by Using a Signed Binary Window Method , 1992, CRYPTO.

[27]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[28]  David W. Matula,et al.  Basic digit sets for radix representation , 1982, JACM.

[29]  Roberto Maria Avanzi A Note on the Signed Sliding Window Integer Recoding and a Left-to-Right Analogue , 2004, Selected Areas in Cryptography.

[30]  Chae Hoon Lim,et al.  More Flexible Exponentiation with Precomputation , 1994, CRYPTO.

[31]  Helmut Prodinger,et al.  Distribution results for low-weight binary representations for pairs of integers , 2004, Theor. Comput. Sci..

[32]  Douglas R. Stinson,et al.  Alternative Digit Sets for Nonadjacent Representations , 2005, SIAM J. Discret. Math..

[33]  Jerome A. Solinas,et al.  Efficient Arithmetic on Koblitz Curves , 2000, Des. Codes Cryptogr..

[34]  Douglas R. Stinson,et al.  Minimality and other properties of the width-w nonadjacent form , 2005, Math. Comput..

[35]  Marc Joye,et al.  Optimal Left-to-Right Binary Signed-Digit Recoding , 2000, IEEE Trans. Computers.