Results 1 
8 of
8
Implementing PublicKey Infrastructure for Sensor Networks
, 2007
"... We present a critical evaluation of the first known implementation of elliptic curve cryptography over F2p for sensor networks based on the 8bit, 7.3828MHz MICA2 mote. We offer, along the way, a primer for those interested in the field of cryptography for sensor networks. We discuss, in particular ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
We present a critical evaluation of the first known implementation of elliptic curve cryptography over F2p for sensor networks based on the 8bit, 7.3828MHz MICA2 mote. We offer, along the way, a primer for those interested in the field of cryptography for sensor networks. We discuss, in particular, the decisions underlying our design and alternatives thereto. And we elaborate on the methodologies underlying our evaluation. Through instrumentation of UC Berkeley’s TinySec module, we argue that, although symmetric cryptography has been tractable in this domain for some time, there has remained a need, unfulfilled until recently, for an efficient, secure mechanism for distribution of secret keys among nodes. Although publickey infrastructure has been thought impractical, we show, through analysis of our original implementation for TinyOS of point multiplication on elliptic curves, that publickey infrastructure is indeed viable for TinySec keys ’ distribution, even on the MICA2. We demonstrate that public keys can be generated within 34 seconds and that shared secrets can be distributed among nodes in a sensor network within the same, using just over 1 kilobyte of SRAM and 34 kilobytes of ROM. We demonstrate that communication costs are minimal, with only 2 packets required for transmission of a public key among nodes. We make available all of our source code for other researchers to download and use. And we discuss recent results based on our work that corroborate and improve upon our conclusions.
Minimal weight and colexicographically minimal integer representations – online resources. http://www.opt.math.tugraz.ac.at/˜cheub/ publications/colexi
"... Redundant number systems (e.g., signed binary representations) have been utilized to efficiently implement algebraic operations required by publickey cryptosystems, especially those based on elliptic curves. Several families of integer representations have been proposed that have a minimal number o ..."
Abstract

Cited by 8 (7 self)
 Add to MetaCart
Redundant number systems (e.g., signed binary representations) have been utilized to efficiently implement algebraic operations required by publickey cryptosystems, especially those based on elliptic curves. Several families of integer representations have been proposed that have a minimal number of nonzero digits (socalled minimal weight representations). We observe that many of the constructions for minimal weight representations actually work by building representations which are minimal in another sense. For a given set of digits, these constructions build colexicographically minimal representations; that is, they build representations where each nonzero digit is positioned as far left (toward the most significant digit) as possible. We utilize this strategy in a new algorithm which constructs a very general family of minimal weight dimensiond joint representations for any d ≥ 1. The digits we use are from the set {a ∈ Z: ℓ ≤ a ≤ u} where ℓ ≤ 0 and u ≥ 1 are integers. By selecting particular values of ℓ and u, it is easily seen that our algorithm generalizes many of the minimal weight representations previously described in the literature. From our algorithm, we obtain a syntactical description of a particular family of dimensiond joint representations; any representation which obeys this syntax must be both colexicographically minimal and have minimal weight; moreover, every vector of integers has exactly one representation that satisfies this syntax. We utilize this syntax in a combinatorial analysis of the weight of the representations.
Affine precomputation with sole inversion in elliptic curve cryptography
 in [30] (2007), 245–258. Citations in this document
, 2007
"... Abstract. This paper presents a new approach to precompute all odd points [3]P, [5]P,..., [2k − 1]P, k ≥ 2 on an elliptic curve over Fp. Those points are required for the efficient evaluation of a scalar multiplication, the most important operation in elliptic curve cryptography. The proposed method ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Abstract. This paper presents a new approach to precompute all odd points [3]P, [5]P,..., [2k − 1]P, k ≥ 2 on an elliptic curve over Fp. Those points are required for the efficient evaluation of a scalar multiplication, the most important operation in elliptic curve cryptography. The proposed method precomputes the points in affine coordinates and needs only one single field inversion for the computation. The new method is superior to all known methods that also use one field inversion. Compared to methods that require several field inversions for the precomputation, the proposed method is faster for a broad range of ratios of field inversions and field multiplications. The proposed method benefits especially from ratios as they occur on smart cards.
Setting Speed Records with the (Fractional) Multibase NonAdjacent Form Method for Efficient Elliptic Curve Scalar Multiplication
"... Abstract. In this paper, we introduce the Fractional Windoww Multibase NonAdjacent Form (FracwmbNAF) method to perform the scalar multiplication. This method generalizes the recently developed Windoww mbNAF (wmbNAF) method by allowing an unrestricted number of precomputed points. We then make a ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract. In this paper, we introduce the Fractional Windoww Multibase NonAdjacent Form (FracwmbNAF) method to perform the scalar multiplication. This method generalizes the recently developed Windoww mbNAF (wmbNAF) method by allowing an unrestricted number of precomputed points. We then make a comprehensive analysis of the most recent and relevant methods existent in the literature for the ECC scalar multiplication, including the presented generalization and its original nonwindow version known as Multibase NonAdjacent Form (mbNAF). Moreover, we present new improvements in the point operation formulae. Specifically, we reduce further the cost of composite operations such as doublingaddition, tripling, quintupling and septupling of a point, which are relevant for the speed up of methods using multiple bases. Following, we also analyze the precomputation stage in scalar multiplications and present efficient schemes for the different studied scenarios. Our analysis includes the standard elliptic curves using Jacobian coordinates, and also Edwards curves, which are gaining growing attention due to their high performance. We demonstrate with extensive tests that mbNAF is currently the most efficient method without precomputations not only for the standard curves but also for the faster Edwards form. Similarly, FracwmbNAF is shown to attain the highest performance among windowbased methods for all the studied curve forms.
A New Upper Bound for the Minimal Density of Joint Representations in Elliptic Curve Cryptosystems
, 2007
"... SUMMARY The most time consuming operation to verify a ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
SUMMARY The most time consuming operation to verify a
Optimal Average Joint Hamming Weight and Minimal Weight Conversion of d Integers
"... Abstract. In this paper, we propose the minimal joint Hamming weight conversion for any binary expansions of d integers. With redundant representations, we may represent a number by many expansions, and the minimal joint Hamming weight conversion is the algorithm to select the expansion that has the ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract. In this paper, we propose the minimal joint Hamming weight conversion for any binary expansions of d integers. With redundant representations, we may represent a number by many expansions, and the minimal joint Hamming weight conversion is the algorithm to select the expansion that has the least joint Hamming weight. As the computation time of the cryptosystem strongly depends on the joint Hamming weight, the conversion can make the cryptosystem faster. Most of existing conversions are limited to some specific representations, and are difficult to apply to other representations. On the other hand, our conversion is applicable to any binary expansions. The proposed can explore the minimal average weights in a class of representation that have not been found. One of the most interesting results is that, for the expansion of integer pairs when the digit set is {0, ±1, ±3}, we show that the minimal average joint Hamming weight is 0.3575. This improves the upper bound value, 0.3616, proposed by Dahmen, Okeya, and Takagi.
Endomorphislms for Faster Elliptic Curve . . .
"... Efficiently computable homomorphisms allow elliptic curve point multiplication to be accelerated using the GallantLambertVanstone (GLV) method. Iijima, Matsuo, Chao and Tsujii gave such homomorphisms for a large class of elliptic curves by working over F p 2. We extend their results and demonstra ..."
Abstract
 Add to MetaCart
Efficiently computable homomorphisms allow elliptic curve point multiplication to be accelerated using the GallantLambertVanstone (GLV) method. Iijima, Matsuo, Chao and Tsujii gave such homomorphisms for a large class of elliptic curves by working over F p 2. We extend their results and demonstrate that they can be applied to the GLV method. In general we expect our method to require about 0.75 the time of previous best methods (except for subfield curves, for which Frobenius expansions can be used). We give detailed implementation results which show that the method runs in between 0.70 and 0.83 the time of the previous best methods for elliptic curve point multiplication on general curves.