Privately Outsourcing Exponentiation to a Single Server: Cryptanalysis and Optimal Constructions

Chevalier, Céline; Laguillaumie, Fabien; Vergnaud, Damien

doi:10.1007/s00453-020-00750-2

Cited by 4 publications

(1 citation statement)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To reduce the number of point additions, all possible values for w-bit pairs should be pre-computed and stored in Step 1 of Algorithm Shamir's trick in Figure 1. Certainly, the wide scanning approach [20][21][22][23][24][25], including the m-ary method and the sliding window method, always combines with the coding approach, such as the NAF representation and the JSF representation, in practice. However, the approach requires a large number of extra registers to store all possible values for w-bit pairs, even with a moderate w. Finally, some works [26,27] are dedicated to presenting the parallel algorithms for the multi-scalar multiplication, because the chip manufacturers are increasing the number of cores inside the processors.…”

Section: Previous Workmentioning

confidence: 99%

On Multi-Scalar Multiplication Algorithms for Register-Constrained Environments

et al. 2021

View full text Add to dashboard Cite

A basic but expensive operation in the implementations of several famous public-key cryptosystems is the computation of the multi-scalar multiplication in a certain finite additive group defined by an elliptic curve. We propose an adaptive window method for the multi-scalar multiplication, which aims to balance the computation cost and the memory cost under register-constrained environments. That is, our method can maximize the computation efficiency of multi-scalar multiplication according to any small, fixed number of registers provided by electronic devices. We further demonstrate that our method is efficient when five registers are available. Our method is further studied in detail in the case where it is combined with the non-adjacent form (NAF) representation and the joint sparse form (JSF) representation. One efficiency result is that our method with the proposed improved NAF n-bit representation on average requires 209n/432 point additions. To the best of our knowledge, this efficiency result is optimal compared with those of similar methods using five registers. Unlike the previous window methods, which store all possible values in the window, our method stores those with comparatively high probabilities to reduce the number of required registers.

show abstract