Results 1  10
of
71
Efficient algorithms for pairingbased cryptosystems
, 2002
"... Abstract. We describe fast new algorithms to implement recent cryptosystems based on the Tate pairing. In particular, our techniques improve pairing evaluation speed by a factor of about 55 compared to previously known methods in characteristic 3, and attain performance comparable to that of RSA in ..."
Abstract

Cited by 291 (23 self)
 Add to MetaCart
Abstract. We describe fast new algorithms to implement recent cryptosystems based on the Tate pairing. In particular, our techniques improve pairing evaluation speed by a factor of about 55 compared to previously known methods in characteristic 3, and attain performance comparable to that of RSA in larger characteristics. We also propose faster algorithms for scalar multiplication in characteristic 3 and square root extraction over Fpm, the latter technique being also useful in contexts other than that of pairingbased cryptography. 1
Efficient arithmetic on Koblitz curves
 Designs, Codes, and Cryptography
, 2000
"... Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the ..."
Abstract

Cited by 80 (0 self)
 Add to MetaCart
Abstract. It has become increasingly common to implement discretelogarithm based publickey protocols on elliptic curves over finite fields. The basic operation is scalar multiplication: taking a given integer multiple of a given point on the curve. The cost of the protocols depends on that of the elliptic scalar multiplication operation. Koblitz introduced a family of curves which admit especially fast elliptic scalar multiplication. His algorithm was later modified by Meier and Staffelbach. We give an improved version of the algorithm which runs 50 % faster than any previous version. It is based on a new kind of representation of an integer, analogous to certain kinds of binary expansions. We also outline further speedups using precomputation and storage.
Efficient Algorithms for Elliptic Curve Cryptosystems
, 1997
"... Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This th ..."
Abstract

Cited by 66 (9 self)
 Add to MetaCart
Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This thesis deals with such algorithms. Efficient algorithms for elliptic curves can be classified into lowlevel algorithms, which deal with arithmetic in the underlying finite field and highlevel algorithms, which operate with the group operation. This thesis describes three new algorithms for efficient implementations of elliptic curve cryptosystems. The first algorithm describes the application of the KaratsubaOfman Algorithm to multiplication in composite fields GF ((2 n ) m ). The second algorithm deals with efficient inversion in composite Galois fields of the form GF ((2 n ) m ). The third algorithm is an entirely new approach which accelerates the multiplication of points which i...
A HighPerformance Reconfigurable Elliptic Curve Processor for GF(2 m )
, 2000
"... . This work proposes a processor architecture for elliptic curves cryptosystems over fields GF(2 m ). This is a scalable architecture in terms of area and speed that exploits the abilities of reconfigurable hardware to deliver optimized circuitry for different elliptic curves and finite fields. ..."
Abstract

Cited by 65 (5 self)
 Add to MetaCart
. This work proposes a processor architecture for elliptic curves cryptosystems over fields GF(2 m ). This is a scalable architecture in terms of area and speed that exploits the abilities of reconfigurable hardware to deliver optimized circuitry for different elliptic curves and finite fields. The main features of this architecture are the use of an optimized bitparallel squarer, a digitserial multiplier, and two programmable processors. Through reconfiguration, the squarer and the multiplier architectures can be optimized for any field order or field polynomial. The multiplier performance can also be scaled according to system's needs. Our results show that implementations of this architecture executing the projective coordinates version of the Montgomery scalar multiplication algorithm can compute elliptic curve scalar multiplications with arbitrary points in 0.21 msec in the field GF(2 167 ). A result that is at least 19 times faster than documented hardware imple...
Efficient Arithmetic in Finite Field Extensions with Application in Elliptic Curve Cryptography
 Journal of Cryptology
, 2000
"... . This contribution focuses on a class of Galois field used to achieve fast finite field arithmetic which we call an Optimal Extension Field (OEF), first introduced in [3]. We extend this work by presenting an adaptation of Itoh and Tsujii's algorithm for finite field inversion applied to OEFs. I ..."
Abstract

Cited by 46 (7 self)
 Add to MetaCart
. This contribution focuses on a class of Galois field used to achieve fast finite field arithmetic which we call an Optimal Extension Field (OEF), first introduced in [3]. We extend this work by presenting an adaptation of Itoh and Tsujii's algorithm for finite field inversion applied to OEFs. In particular, we use the facts that the action of the Frobenius map in GF (p m ) can be computed with only m 1 subfield multiplications and that inverses in GF (p) may be computed cheaply using known techniques. As a result, we show that one extension field inversion can be computed with a logarithmic number of extension field multiplications. In addition, we provide new extension field multiplication formulas which give a performance increase. Further, we provide an OEF construction algorithm together with tables of Type I and Type II OEFs along with statistics on the number of pseudoMersenne primes and OEFs. We apply this new work to provide implementation results using these me...
Elliptic Curve Cryptography On Smart Cards Without Coprocessors
 IN IFIP CARDIS 2000, FOURTH SMART CARD RESEARCH AND ADVANCED APPLICATION CONFERENCE
, 2000
"... This contribution describes how an elliptic curve cryptosystem can be implemented on very low cost microprocessors with reasonable performance. We focus in this paper on the Intel 8051 family of microcontrollers popular in smart cards and other costsensitive devices. The implementation is based on ..."
Abstract

Cited by 36 (9 self)
 Add to MetaCart
This contribution describes how an elliptic curve cryptosystem can be implemented on very low cost microprocessors with reasonable performance. We focus in this paper on the Intel 8051 family of microcontrollers popular in smart cards and other costsensitive devices. The implementation is based on the use of the finite field GF ((2 8  17) 17 ) which is particularly suited for low end 8bit processors. Two advantages of our method are that subfield modular reduction can be performed infrequently, and that an adaption of Itoh and Tsujii's inversion algorithm is used for the group operation. We show that an elliptic curve scalar multiplication with a fixed point, which is the core operation for a signature generation, can be performed in a group of order approximately 2 134 in less than 2 seconds. Unlike other implementations, we do not make use of curves defined over a subfield such as Koblitz curves.
An EndtoEnd Systems Approach to Elliptic Curve Cryptography
 In Cryptographic Hardware and Embedded Systems (CHES
, 2002
"... Since its proposal by Victor Miller [17] and Neal Koblitz [15] in the mid 1980s, Elliptic Curve Cryptography (ECC) has evolved into a mature publickey cryptosystem. Offering the smallest key size and the highest strength per bit, its computational efficiency can benefit both client devices and serv ..."
Abstract

Cited by 26 (3 self)
 Add to MetaCart
Since its proposal by Victor Miller [17] and Neal Koblitz [15] in the mid 1980s, Elliptic Curve Cryptography (ECC) has evolved into a mature publickey cryptosystem. Offering the smallest key size and the highest strength per bit, its computational efficiency can benefit both client devices and server machines. We have designed a programmable hardware accelerator to speed up point multiplication for elliptic curves over binary polynomial fields GF (2^m). The accelerator is based on a scalable architecture capable of handling curves of arbitrary field degrees up to m = 255. In addition, it delivers optimized performance for a set of commonly used curves through hardwired reduction logic. A prototype implementation running in a Xilinx XCV2000E FPGA at 66.4 MHz shows a performance of 6987 point multiplications per second for GF(2^163). We have integrated ECC into OpenSSL, today's dominant implementation of the secure Internet protocol SSL, and tested it with the Apache web server and opensource web browsers.
Finite Field Multiplier Using Redundant Representation
 IEEE Transactions on Computers
, 2002
"... This article presents simple and highly regular architectures for finite field multipliers using a redundant representation. The basic idea is to embed a finite field into a cyclotomic ring which has a basis with the elegant multiplicative structure of a cyclic group. One important feature of our ar ..."
Abstract

Cited by 21 (1 self)
 Add to MetaCart
This article presents simple and highly regular architectures for finite field multipliers using a redundant representation. The basic idea is to embed a finite field into a cyclotomic ring which has a basis with the elegant multiplicative structure of a cyclic group. One important feature of our architectures is that they provide areatime tradeoffs which enable us to implement the multipliers in a partialparallel/hybrid fashion. This hybrid architecture has great significance in its VLSI implementation in very large fields. The squaring operation using the redundant representation is simply a permutation of the coordinates. It is shown that when there is an optimal normal basis, the proposed bitserial and hybrid multiplier architectures have very low space complexity. Constant multiplication is also considered and is shown to have advantage in using the redundant representation. Index terms: Finite field arithmetic, cyclotomic ring, redundant set, normal basis, multiplier, squaring.
Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x Family of Microcontrollers
, 2001
"... This contribution describes a methodology used to efficiently implement elliptic curves (EC) over GF (p) on the 16bit TI MSP430x33x family of lowcost microcontrollers. We show that it is possible to implement EC cryptosystems in highly constrained embedded systems and still obtain acceptable perfo ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
This contribution describes a methodology used to efficiently implement elliptic curves (EC) over GF (p) on the 16bit TI MSP430x33x family of lowcost microcontrollers. We show that it is possible to implement EC cryptosystems in highly constrained embedded systems and still obtain acceptable performance at low cost. We modified the EC point addition and doubling formulae to reduce the number of intermediate variables while at the same time allowing for flexibility. We used a GeneralizedMersenne prime to implement the arithmetic in the underlying field. We take advantage of the special form of the moduli to minimize the number of precomputations needed to implement inversion via Fermat's Little theorem and the kary method of exponentiation. We apply these ideas to an implementation of an elliptic curve system over GF (p), where p = 2 128  2 97  1. We show that a scalar point multiplication can be achieved in 3.4 seconds without any stored/precomputed values and...
On broadcast authentication in wireless sensor networks
 In International Conference on Wireless Algorithms, Systems, and Applications (WASA 2006
, 2006
"... Abstract — Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetrickeybased solutions such as µTESLA and multilevel µTESLA have been proposed, ..."
Abstract

Cited by 18 (0 self)
 Add to MetaCart
Abstract — Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetrickeybased solutions such as µTESLA and multilevel µTESLA have been proposed, they all suffer from severe energydepletion attacks resulting from the nature of delayed message authentication. This paper presents several efficient publickeybased schemes to achieve immediate broadcast authentication and thus avoid the security flaw inherent in the µTESLAlike schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message recovery signature scheme and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication. I.