Randomized Batch Verification of Standard ECDSA Signatures

In AfricaCrypt 2012, several algorithms are proposed for the batch verification of ECDSA signatures. In this paper, we propose three randomization methods for these batch-verification algorithms. Our first proposal is based on Montgomery ladders, and the second on computing square-roots in the underlying field. Both these techniques use numeric arithmetic only. Our third proposal exploits symbolic computations leading to a seminumeric algorithm. We theoretically and experimentally establish that for standard ECDSA signatures, our seminumeric randomization algorithm in tandem with the batch-verification algorithm S2′ gives the best speedup over individual verification. If each ECDSA signature contains an extra bit to uniquely identify the correct y-coordinate of the elliptic-curve point appearing in the signature, then the second numeric randomization algorithm followed by the naive batch-verification algorithm N′ yields the best performance gains. We detail our study for NIST prime and Koblitz curves.

[1]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[2]  Roberto Maria Avanzi,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography, Second Edition , 2012 .

[3]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[4]  Jean-Pierre Seifert,et al.  Parallel scalar multiplication on general elliptic curves over Fp hedged against Non-Differential Side-Channel Attacks , 2002, IACR Cryptol. ePrint Arch..

[5]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[6]  Dipanwita Roy Chowdhury,et al.  Batch Verification of ECDSA Signatures , 2012, AFRICACRYPT.

[7]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[8]  David M'Raïhi,et al.  Can D.S.A. be Improved? Complexity Trade-Offs with the Digital Signature Standard , 1994, EUROCRYPT.

[9]  Ricardo Dahab,et al.  Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation , 1999, CHES.

[10]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[11]  Jung Hee Cheon,et al.  Fast Batch Verification of Multiple Signatures , 2007, Public Key Cryptography.

[12]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[13]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[14]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[15]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[16]  Jerome A. Solinas An Improved Algorithm for Arithmetic on a Family of Elliptic Curves , 1997, CRYPTO.

[17]  Jerome A. Solinas,et al.  Improved Algorithms for Arithmetic on Anomalous Binary Curves , 1997 .

[18]  Tanja Lange,et al.  Faster Batch Forgery Identification , 2012, INDOCRYPT.

[19]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[20]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[21]  Martijn Stam,et al.  On Montgomery-Like Representationsfor Elliptic Curves over GF(2k) , 2003, Public Key Cryptography.

[22]  晋輝 趙,et al.  H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercauteren (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography, Discrete Math. Appl. (Boca Raton)., Chapman & Hall/CRC, 2006年,xxxiv + 808ページ. , 2009 .

[23]  Tanja Lange,et al.  A note on López-Dahab coordinates , 2004, IACR Cryptol. ePrint Arch..

[24]  Serge Vaudenay,et al.  Progress in Cryptology - AFRICACRYPT 2012 , 2012, Lecture Notes in Computer Science.

[25]  M. Stam,et al.  Speeding up subgroup cryptosystems , 2003 .

[26]  Mridul Nandi,et al.  Progress in Cryptology - INDOCRYPT 2012 , 2012, Lecture Notes in Computer Science.

[27]  Scott A. Vanstone,et al.  Accelerated Verification of ECDSA Signatures , 2005, Selected Areas in Cryptography.