The Q-curve construction for endomorphism-accelerated elliptic curves

نویسنده

  • Benjamin Smith
چکیده

We give a detailed account of the use of Q-curve reductions to construct elliptic curves over Fp2 with efficiently computable endomorphisms, which can be used to accelerate elliptic curve-based cryptosystems in the same way as Gallant–Lambert–Vanstone (GLV) and Galbraith–Lin–Scott (GLS) endomorphisms. Like GLS (which is a degenerate case of our construction), we offer the advantage over GLV of selecting from a much wider range of curves, and thus finding secure group orders when p is fixed for efficient implementation. Unlike GLS, we also offer the possibility of constructing twist-secure curves. We construct several one-parameter families of elliptic curves over Fp2 equipped with efficient endomorphisms for every p > 3, and exhibit examples of twist-secure curves over Fp2 for the efficient Mersenne prime p = 2−1.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Diffie-Hellman type key exchange protocols based on isogenies

‎In this paper‎, ‎we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves‎. ‎The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $‎, ‎is a straightforward generalization of elliptic curve Diffie-Hellman key exchange‎. ‎The method uses commutativity of the endomorphism ring $ End(E) $‎. ‎Then using dual isogenies‎, ‎we propose...

متن کامل

Scalar Multiplication on Pairing Friendly Elliptic Curves

Efficient computation of elliptic curve scalar multiplication has been a significant problem since Koblitz [13] and Miller [14] independently proposed elliptic curve cryptography, and several efficient methods of scalar multiplication have been proposed (e.g., [8], [9], [12]). A standard approach for computing scalar multiplication is to use the Frobenius endomorphism. If we compute the s-multi...

متن کامل

Efficient elliptic curve cryptosystems

Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...

متن کامل

On Silverman's conjecture for a family of elliptic curves

Let $E$ be an elliptic curve over $Bbb{Q}$ with the given Weierstrass equation $ y^2=x^3+ax+b$. If $D$ is a squarefree integer, then let $E^{(D)}$ denote the $D$-quadratic twist of $E$ that is given by $E^{(D)}: y^2=x^3+aD^2x+bD^3$. Let $E^{(D)}(Bbb{Q})$ be the group of $Bbb{Q}$-rational points of $E^{(D)}$. It is conjectured by J. Silverman that there are infinitely many primes $p$ for which $...

متن کامل

An Algorithm for Modular Elliptic Curves over Real Quadratic Fields

Let F be a real quadratic field with narrow class number one, and f a Hilbert newform of weight 2 and level n with rational Fourier coefficients, where n is an integral ideal of F . By the Eichler-Shimura construction, which is still a conjecture in many cases when [F : Q] > 1, there exists an elliptic curve Ef over F attached to f . In this paper, we develop an algorithm that computes the (can...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2014  شماره 

صفحات  -

تاریخ انتشار 2014