Results 1  10
of
30
Guide to Elliptic Curve Cryptography
, 2004
"... Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves ..."
Abstract

Cited by 369 (17 self)
 Add to MetaCart
Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves also figured prominently in the recent proof of Fermat's Last Theorem by Andrew Wiles. Originally pursued for purely aesthetic reasons, elliptic curves have recently been utilized in devising algorithms for factoring integers, primality proving, and in publickey cryptography. In this article, we aim to give the reader an introduction to elliptic curve cryptosystems, and to demonstrate why these systems provide relatively small block sizes, highspeed software and hardware implementations, and offer the highest strengthperkeybit of any known publickey scheme.
Efficient Elliptic Curve Exponentiation Using Mixed Coordinates
, 1998
"... Elliptic curve cryptosystems, proposed by Koblitz ([11]) and Miller ([15]), can be constructed over a smaller field of definition than the ElGamal cryptosystems ([5]) or the RSA cryptosystems ([19]). This is why elliptic curve cryptosystems have begun to attract notice. In this paper, we investigate ..."
Abstract

Cited by 142 (2 self)
 Add to MetaCart
Elliptic curve cryptosystems, proposed by Koblitz ([11]) and Miller ([15]), can be constructed over a smaller field of definition than the ElGamal cryptosystems ([5]) or the RSA cryptosystems ([19]). This is why elliptic curve cryptosystems have begun to attract notice. In this paper, we investigate efficient elliptic curve exponentiation. We propose a new coordinate system and a new mixed coordinates strategy, which significantly improves on the number of basic operations needed for elliptic curve exponentiation.
Efficient Algorithms for Elliptic Curve Cryptosystems
, 1997
"... Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This th ..."
Abstract

Cited by 66 (9 self)
 Add to MetaCart
Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This thesis deals with such algorithms. Efficient algorithms for elliptic curves can be classified into lowlevel algorithms, which deal with arithmetic in the underlying finite field and highlevel algorithms, which operate with the group operation. This thesis describes three new algorithms for efficient implementations of elliptic curve cryptosystems. The first algorithm describes the application of the KaratsubaOfman Algorithm to multiplication in composite fields GF ((2 n ) m ). The second algorithm deals with efficient inversion in composite Galois fields of the form GF ((2 n ) m ). The third algorithm is an entirely new approach which accelerates the multiplication of points which i...
Optimal Extension Fields for Fast Arithmetic in PublicKey Algorithms
, 1998
"... Abstract. This contribution introduces a class of Galois field used to achieve fast finite field arithmetic which we call an Optimal Extension Field (OEF). This approach is well suited for implementation of publickey cryptosystems based on elliptic and hyperelliptic curves. Whereas previous reported ..."
Abstract

Cited by 65 (14 self)
 Add to MetaCart
Abstract. This contribution introduces a class of Galois field used to achieve fast finite field arithmetic which we call an Optimal Extension Field (OEF). This approach is well suited for implementation of publickey cryptosystems based on elliptic and hyperelliptic curves. Whereas previous reported optimizations focus on finite fields of the form GF (p) and GF (2 m), an OEF is the class of fields GF (p m), for p a prime of special form and m a positive integer. Modern RISC workstation processors are optimized to perform integer arithmetic on integers of size up to the word size of the processor. Our construction employs wellknown techniques for fast finite field arithmetic which fully exploit the fast integer arithmetic found on these processors. In this paper, we describe our methods to perform the arithmetic in an OEF and the methods to construct OEFs. We provide a list of OEFs tailored for processors with 8, 16, 32, and 64 bit word sizes. We report on our application of this approach to construction of elliptic curve cryptosystems and demonstrate a substantial performance improvement over all previous reported software implementations of Galois field arithmetic for elliptic curves.
A Fast Software Implementation for Arithmetic Operations in GF(2^n)
, 1996
"... . We present a software implementation of arithmetic operations in a finite field GF(2 n ), based on an alternative representation of the field elements. An important application is in elliptic curve cryptosystems. Whereas previously reported implementations of elliptic curve cryptosystems use a s ..."
Abstract

Cited by 46 (2 self)
 Add to MetaCart
. We present a software implementation of arithmetic operations in a finite field GF(2 n ), based on an alternative representation of the field elements. An important application is in elliptic curve cryptosystems. Whereas previously reported implementations of elliptic curve cryptosystems use a standard basis or an optimal normal basis to perform field operations, we represent the field elements as polynomials with coefficients in the smaller field GF(2 16 ). Calculations in this smaller field are carried out using precalculated lookup tables. This results in rather simple routines matching the structure of computer memory very well. The use of an irreducible trinomial as the field polynomial, as was proposed at Crypto'95 by R. Schroeppel et al., can be extended to this representation. In our implementation, the resulting routines are slightly faster than standard basis routines. 1 Introduction Elliptic curve public key cryptosystems are rapidly gaining popularity [M93]. The use...
On the Performance of Signature Schemes based on Elliptic Curves
, 1998
"... . This paper describes a fast software implementation of the elliptic curve version of DSA, as specified in draft standard documents ANSI X9.62 and IEEE P1363. We did the implementations for the fields GF(2 n ), using a standard basis, and GF(p). We discuss various design decisions that have t ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
. This paper describes a fast software implementation of the elliptic curve version of DSA, as specified in draft standard documents ANSI X9.62 and IEEE P1363. We did the implementations for the fields GF(2 n ), using a standard basis, and GF(p). We discuss various design decisions that have to be made for the operations in the underlying field and the operations on elliptic curve points. In particular, we conclude that it is a good idea to use projective coordinates for GF(p), but not for GF(2 n ). We also extend a number of exponentiation algorithms, that result in considerable speed gains for DSA, to ECDSA, using a signed binary representation. Finally, we present timing results for both types of fields on a PPro200 based PC, for a C/C++ implementation with small assemblylanguage optimizations, and make comparisons to other signature algorithms, such as RSA and DSA. We conclude that for practical sizes of fields and moduli, GF(p) is roughly twice as fast as GF(2 ...
Efficient Elliptic Curve Exponentiation
, 1997
"... Elliptic curve cryptosystems, proposed by Koblitz([8]) and Miller([11]), can be constructed over a smaller definition field than the ElGamal cryptosystems([5]) or the RSA cryptosystems([16]). This is why elliptic curve cryptosystems have be un to attract notice. There are mainly two types in ellipti ..."
Abstract

Cited by 39 (1 self)
 Add to MetaCart
Elliptic curve cryptosystems, proposed by Koblitz([8]) and Miller([11]), can be constructed over a smaller definition field than the ElGamal cryptosystems([5]) or the RSA cryptosystems([16]). This is why elliptic curve cryptosystems have be un to attract notice. There are mainly two types in elliptic curve cryptosystems, elliptic curves E over IF 2 r and E over IFp . Some current systems based on ElGamal or RSA may often use modulo arithmetic over IFp . Therefore it is convenient to construct fast elliptic curve cryptosystems over IFp . In this paper, we investi ate how to implement elliptic curve cryptosystems on E/IF p . 1 Introdu1 Koblitz ([8])a8 Miller ([11]) proposeda method by which public key cryptosystemsca be constructed on the groupof points on a elliptic curve over a finite fieldinstea ofa finite field. If elliptic curve cryptosystemsa void the MenezesOkaeneze aeneze reduction ([13]), then the only knownapGS ks ap the PollaS #method ([15]) ap the PohligHellma method ([14]). So upto the present, weca construct elliptic curve cryptosystems overa smaE// definition field tha the discreteloga6paEGpaEGpap////p// cryptosystems likeElGa ma cryptosystems([5]) or DSA([3])aA the RSA cryptosystems([16]). Elliptic curve cryptosystems with 160bit key ha ve the sap securitya s bothElGaD/ cryptosystemsar RSA with 1,024bit key. This is why elliptic curve cryptosystemsha ve been discussed in ISO/IEC CD 148833, ISO/IEC DIS 117703, ANSI ASC X.9, X.9.62,a9 IEEE P1363([7]). AsstaS0LpPL6/0Sp is apapE/E faEimplementalem of elliptic curve cryptosystemsha been reported([6, 20, 22]). Thereae marep two types in elliptic curve cryptosystems, elliptic curves over IF 2 raD elliptic curves over IF p . U to the resent, the study on im lementapDE ha been often atena elli tic cur...
Algorithms for computing isogenies between elliptic curves
 Math. Comp
, 2000
"... Abstract. The heart of the improvements by Elkies to Schoof’s algorithm for computing the cardinality of elliptic curves over a finite field is the ability to compute isogenies between curves. Elkies ’ approach is well suited for the case where the characteristic of the field is large. Couveignes sh ..."
Abstract

Cited by 31 (6 self)
 Add to MetaCart
Abstract. The heart of the improvements by Elkies to Schoof’s algorithm for computing the cardinality of elliptic curves over a finite field is the ability to compute isogenies between curves. Elkies ’ approach is well suited for the case where the characteristic of the field is large. Couveignes showed how to compute isogenies in small characteristic. The aim of this paper is to describe the first successful implementation of Couveignes’s algorithm. In particular, we describe the use of fast algorithms for performing incremental operations on series. We also insist on the particular case of the characteristic 2. 1.
Fast Arithmetic for PublicKey Algorithms in Galois Fields with Composite Exponents
 IEEE Transactions on Computers
, 1999
"... This contribution describes a new class of arithmetic architectures for Galois fields GF (2 k ). The main applications of the architecture are publickey systems which are based on the discrete logarithm problem for elliptic curves. The architectures use a representation of the field GF (2 k ..."
Abstract

Cited by 24 (2 self)
 Add to MetaCart
This contribution describes a new class of arithmetic architectures for Galois fields GF (2 k ). The main applications of the architecture are publickey systems which are based on the discrete logarithm problem for elliptic curves. The architectures use a representation of the field GF (2 k ) as GF ((2 n ) m ), where k = n \Delta m. The approach explores bit parallel arithmetic in the subfield GF (2 n ), and serial processing for the extension field arithmetic. This mixed parallelserial (hybrid) approach can lead to fast implementations. As the core module, a hybrid multiplier is introduced and several This paper is an extension of [1]. The bit parallel squarer architectures have been completely revised. 1 optimizations are discussed. We provide two different approaches to squaring. We develop exact expressions for the complexity of parallel squarers in composite fields which can have a surprisingly low complexity. The hybrid architectures are capable of explori...
Elliptic curve cryptosystems on reconfigurable hardware
 MASTER’S THESIS, WORCESTER POLYTECHNIC INST
, 1998
"... Security issues will play an important role in the majority of communication and computer networks of the future. As the Internet becomes more and more accessible to the public, security measures will have to be strengthened. Elliptic curve cryptosystems allow for shorter operand lengths than other ..."
Abstract

Cited by 19 (0 self)
 Add to MetaCart
Security issues will play an important role in the majority of communication and computer networks of the future. As the Internet becomes more and more accessible to the public, security measures will have to be strengthened. Elliptic curve cryptosystems allow for shorter operand lengths than other publickey schemes based on the discrete logarithm in finite fields and the integer factorization problem and are thus attractive for many applications. This thesis describes an implementation of a crypto engine based on elliptic curves. The underlying algebraic structures are composite Galois fields GF((2 n) m) in a standard base representation. As a major new feature, the system is developed for a reconfigurable platform based on Field Programmable Gate Arrays (FPGAs). FPGAs combine the flexibility of software solutions with the security of traditional hardware implementations. In particular, it is possible to easily change all algorithm parameters such as curve coefficients, field order, or field representation. The thesis deals with the design and implementation of elliptic curve point multiplicationarchitectures. The architectures are described in VHDL and mapped to Xilinx FPGA devices. Architectures over Galois fields of different order and representation were implemented and compared. Area and timing measurements are provided for all architectures. It is shown that a full point multiplication on elliptic curves of realworld size can be implemented on commercially available FPGAs.