Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves

Galbraith, Steven D.; Lin, Xibin; Scott, Michael

doi:10.1007/978-3-642-01001-9_30

Cited by 88 publications

(78 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Constructing efficiently computable endomorphisms is one of the key problems in the GLV method. In 2002, Iijima et al [85] constructed an efficient computable homomorphism on elliptic curves E(F p 2 ) with j(E) ∈ F p arising from the Frobenius map on a twist of E. Galbraith et al [86] generalized their construction for a large class of elliptic curves over F p 2 (referred to as GLS curves) and applied the GLV method. They gave detailed implementations on these curves, showing that their method ran in between 0.70 and 0.84 the time of the best methods for SMs on general curves at that time.…”

Section: A Rsa Vs Eccmentioning

confidence: 99%

A Survey of Public-Key Cryptographic Primitives in Wireless Sensor Networks

Shim

2016

IEEE Commun. Surv. Tutorials

106

View full text Add to dashboard Cite

Cryptographic primitives are fundamental building blocks for designing security protocols to achieve confidentiality, authentication, integrity and non-repudiation. It is not too much to say that the selection and integration of appropriate cryptographic primitives into the security protocols determines the largest part of the efficiency and energy consumption of the Wireless sensor network (WSN). There are a number of surveys on security issues on WSNs, which, however, didn't focus on public-key cryptographic primitives in WSNs. In this survey, we provide a deeper understanding of public-key cryptographic primitives in WSNs including identity-based cryptography, and discuss their main directions and some open research issues that can be further pursued. We investigate state-of-the-art software implementation results of public-key cryptographic primitives in terms of execution time, energy consumption and resource occupation on constrained wireless devices choosing popular IEEE 802.15.4-compliant WSN hardware platforms, used in reallife deployments. This survey provides invaluable insights on public-key cryptographic primitives on WSN platforms, and solutions to find tradeoffs between cost, performance and security for designing security protocols in WSNs.

show abstract

Section: A Rsa Vs Eccmentioning

confidence: 99%

A Survey of Public-Key Cryptographic Primitives in Wireless Sensor Networks

Shim

2016

IEEE Commun. Surv. Tutorials

106

View full text Add to dashboard Cite

show abstract

“…More recently, Galbraith et al show how to apply it to larger classes of curves [8]. The key idea for these GLS curves is to work over small extension fieldsotherwise the scalar multiplication methods are analogous to those used in GLV.…”

Section: Glv Curvesmentioning

confidence: 99%

Faster Software for Fast Endomorphisms

Brumley

2015

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

Abstract. GLV curves (Gallant et al.) have performance advantages over standard elliptic curves, using half the number of point doublings for scalar multiplication. Despite their introduction in 2001, implementations of the GLV method have yet to permeate widespread software libraries. Furthermore, side-channel vulnerabilities, specifically cachetiming attacks, remain unpatched in the OpenSSL code base since the first attack in 2009 (Brumley and Hakala) even still after the most recent attack in 2014 (Benger et al.). This work reports on the integration of the GLV method in OpenSSL for curves from 160 to 256 bits, as well as deploying and evaluating two side-channel defenses. Performance gains are up to 51%, and with these improvements GLV curves are now the fastest elliptic curves in OpenSSL for these bit sizes.

show abstract

“…There are multiple ways to save computations in this latter approach. After computing the multiples in the first lookup table L 0 , the values for the d − 1 other tables can be computed by applying the map φ to the individual point in the lookup table [25]. Since the computation of the map φ only takes three or four multiplications (depending on the curve used), this is a significant saving compared to computing the group operation which is an order of magnitude slower.…”

Section: Computing the Scalar Multiplicationmentioning

confidence: 99%

“…Another advantage for genus 2 curves is that the endomorphism ring is larger than it is in the case of genus 1, so it is possible to achieve higher dimensional GLV scalar decompositions [26] (without passing to an extension field to make use of GLS [25]). For prime fields, we implement four-dimensional GLV decompositions on Buhler-Koblitz (BK) curves [16] and on Furukawa-Kawazoe-Takahashi (FKT) curves [24], both of which are faster than all prior eBACS-documented implementations.…”

Section: Introductionmentioning

confidence: 99%

Fast Cryptography in Genus 2

et al. 2014

View full text Add to dashboard Cite

In this paper, we highlight the benefits of using genus 2 curves in public-key cryptography. Compared to the standardized genus 1 curves, or elliptic curves, arithmetic on genus 2 curves is typically more involved but allows us to work with moduli of half the size. We give a taxonomy of the best known techniques to realize genus 2-based cryptography, which includes fast formulas on the Kummer surface and efficient fourdimensional GLV decompositions. By studying different modular arithmetic approaches on these curves, we present a range of genus 2 implementations. On a single core of an Intel Core i7-3520M (Ivy Bridge), our implementation on the Kummer surface breaks the 125 thousand cycle barrier which sets a new software speed record at the 128-bit security level for constant-time scalar multiplications compared to all previous genus 1 and genus 2 implementations.

show abstract

Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves

Cited by 88 publications

References 26 publications

A Survey of Public-Key Cryptographic Primitives in Wireless Sensor Networks

A Survey of Public-Key Cryptographic Primitives in Wireless Sensor Networks

Faster Software for Fast Endomorphisms

Fast Cryptography in Genus 2

Contact Info

Product

Resources

About