Short-Memory Scalar Multiplication for Koblitz Curves

Camille Vuillaume; Katsuyuki Okeya; Tsuyoshi Takagi

doi:10.1109/TC.2007.70824

Publication
2008
Issue No. 4 - April
Abstract - Short-Memory Scalar Multiplication for Koblitz Curves

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Camille Vuillaume Articles by Katsuyuki Okeya Articles by Tsuyoshi Takagi

Short-Memory Scalar Multiplication for Koblitz Curves

April 2008 (vol. 57 no. 4)

pp. 481-489

	ASCII Text	x
	Camille Vuillaume, Katsuyuki Okeya, Tsuyoshi Takagi, "Short-Memory Scalar Multiplication for Koblitz Curves," IEEE Transactions on Computers, vol. 57, no. 4, pp. 481-489, April, 2008.

	BibTex	x
	@article{ 10.1109/TC.2007.70824, author = {Camille Vuillaume and Katsuyuki Okeya and Tsuyoshi Takagi}, title = {Short-Memory Scalar Multiplication for Koblitz Curves}, journal ={IEEE Transactions on Computers}, volume = {57}, number = {4}, issn = {0018-9340}, year = {2008}, pages = {481-489}, doi = {http://doi.ieeecomputersociety.org/10.1109/TC.2007.70824}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Computers TI - Short-Memory Scalar Multiplication for Koblitz Curves IS - 4 SN - 0018-9340 SP481 EP489 EPD - 481-489 A1 - Camille Vuillaume, A1 - Katsuyuki Okeya, A1 - Tsuyoshi Takagi, PY - 2008 KW - Public key cryptosystems KW - Smartcards KW - Efficiency KW - Koblitz Curves VL - 57 JA - IEEE Transactions on Computers ER -

Camille Vuillaume

Katsuyuki Okeya

Tsuyoshi Takagi

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2007.70824

This paper presents a scalar multiplication method for Koblitz curves. Koblitz curves are elliptic curves where the scalar multiplication can be computed in a much faster way than other curves, allowing designs and implementations without arithmetic coprocessor. The new method is as fast as the fastest known techniques on Koblitz curves, but requires much less memory, therefore, it is of particular interest for environments with low resources. Our technique is well-suited for both of hardware and software implementations. In hardware, we show that a normal basis implementation reduces memory consumption by 85% compared to conventional methods, but still has exactly the same computational cost. In software, thanks to a mixed normal-polynomial bases approach, our technique allows memory savings up to 70%, and depending on the instruction set of the CPU, can be as fast as the fastest known scalar multiplication methods, or even beat them largely. Therefore, in software and in hardware, our scalar multiplication technique offers high performance without sacrifice in view of memory.

[1] N. Koblitz, “Elliptic Curve Cryptosystems,” Math. Computation, vol. 48, no. 177, pp. 203-209, 1987.
[2] V.S. Miller, “Use of Elliptic Curves in Cryptography,” Advances in Cryptology—Proc. Fifth Ann. Int'l Cryptology Conf., pp. 417-426, 1986.
[3] N. Koblitz, “CM-Curves with Good Cryptographic Properties,” Advances in Cryptology—Proc. 11th Ann. Int'l Cryptology Conf., pp.279-287, 1992.
[4] J. Solinas, “Efficient Arithmetic on Koblitz Curves,” Designs, Codes, and Cryptography, vol. 19, nos. 2-3, pp. 195-249, 2000.
[5] R.M. Avanzi, M. Ciet, and F. Sica, “Faster Scalar Multiplication on Koblitz Curves Combining Point Halving with the Frobenius Endomorphism,” Proc. Seventh Int'l Workshop Theory and Practice in Public Key Cryptography, pp. 28-40, 2004.
[6] R.M. Avanzi, C. Heuberger, and H. Prodinger, “Minimality of the Hamming Weight of the $t\hbox{-}{\rm NAF}$ for Koblitz Curves and Improved Combination with Point Halving,” Proc. 12th Ann. Workshop Selected Areas in Cryptography, pp. 332-344, 2006.
[7] J.-S. Coron, D. M'Raïhi, and C. Tymen, “Fast Generation of Pairs $(k, [k]P)$ for Koblitz Elliptic Curves,” Proc. Eighth Ann. Workshop Selected Areas in Cryptography, pp. 151-164, 2001.
[8] D. Hankerson, J. López, and A. Menezes, “Software Implementation of Elliptic Curve Cryptography over Binary Fields,” Proc. Second Int'l Workshop Cryptographic Hardware and Embedded Systems, pp. 1-24, 2000.
[9] R. Dahab, D. Hankerson, F. Hu, M. Long, J. López, and A. Menezes, “Software Multiplication Using Gaussian Normal Bases,” IEEE Trans. Computers, vol. 55, no. 8, pp. 974-984, Aug. 2006.
[10] “P1363: Standard Specifications for Public-Key Cryptography,” IEEE, 2000.
[11] J. López and R. Dahab, “Improved Algorithms for Elliptic Curve Arithmetic in ${\rm GF}(2^{n})$ ,” Proc. Second Ann. Workshop Selected Areas in Cryptography, pp. 201-212, 1998.
[12] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography. Springer, 2004.
[13] P. Kocher, J. Jaffe, and B. Jun, “Differential Power Analysis,” Advances in Cryptology—Proc. 19th Ann. Int'l Cryptology Conf., pp.388-397, 1999.
[14] E. Biham and A. Shamir, “Differential Fault Analysis of Secret Key Cryptosystems,” Advances in Cryptology—Proc. 17th Ann. Int'l Cryptology Conf., pp. 513-525, 1997.
[15] D.J. Park, S.G. Sim, and P.J. Lee, “Fast Scalar Multiplication Method Using Change-of-Basis Matrix to Prevent Power Analysis Attacks on Koblitz Curves,” Proc. Fourth Int'l Workshop Information Security Applications, pp. 474-488, 2003.
[16] J. Massey and J.K. Omura, “Computational Method and Apparatus for Finite-Field Arithmetic,” US patent 4587627, Washington, D.C., Patent and Trademark Office, 1986.
[17] B.S. Kaliski and Y.L. Yin, “Storage-Efficient Finite-Field Basis Conversion,” Proc. Second Ann. Workshop Selected Areas in Cryptography, pp. 81-93, 1999.
[18] E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.B. Wilson, “Fast Exponentiation with Precomputation: Algorithms and Lower Bounds,” Advances in Cryptology—Proc. European Workshop Theory and Application of Cryptographic Techniques, pp. 200-209, 1993.
[19] B. Möller, “Improved Techniques for Fast Exponentiation,” Proc. Fifth Int'l Conf. Information Security and Cryptology, pp. 298-312, 2003.
[20] K. Okeya, T. Takagi, and C. Vuillaume, “Short Memory Scalar Multiplication on Koblitz Curves,” Proc. Seventh Int'l Workshop Cryptographic Hardware and Embedded Systems, pp. 91-105, 2005.
[21] R.M. Avanzi, V. Dimitrov, C. Doche, and F. Sica, “Extending Scalar Multiplication Using Double Bases,” Advances in Cryptology —Proc. 12th Asia Conf. Theory and Applications of Cryptology and Information Security, pp. 130-144, 2006.

Index Terms:

Public key cryptosystems, Smartcards, Efficiency, Koblitz Curves

Citation:

Camille Vuillaume, Katsuyuki Okeya, Tsuyoshi Takagi, "Short-Memory Scalar Multiplication for Koblitz Curves," IEEE Transactions on Computers, vol. 57, no. 4, pp. 481-489, April 2008, doi:10.1109/TC.2007.70824

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.