Elliptic Curves in Montgomery Form with B=1 and Their Low Order Torsion
نویسندگان
چکیده
This paper proves that the Montgomery form elliptic curves that are cheaply transformable into short Weierstrass form by a simple change of variables (x, y) 7→ (x+α, y) (instead of a more general affine change of variables) are precisely the curves with B = 1. The points of order 2 and 4 on these curves are described, and it is observed that the x-coordinates of these points are consecutive field elements. Finally, it is shown that two elliptic curves specified (in short Weierstrass form) in the SECG standard can be transformed into B = 1 Montgomery form, and also into Edwards form.
منابع مشابه
Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications
We show that the elliptic curve cryptosystems based on the Montgomery-form E : BY 2 = X+AX+X are immune to the timingattacks by using our technique of randomized projective coordinates, while Montgomery originally introduced this type of curves for speeding up the Pollard and Elliptic Curve Methods of integer factorization [Math. Comp. Vol.48, No.177, (1987) pp.243-264]. However, it should be n...
متن کاملTorsion Subgroups of Elliptic Curves in Short Weierstrass Form
In a recent paper by M. Wieczorek, a claim is made regarding the possible rational torsion subgroups of elliptic curves E/Q in short Weierstrass form, subject to certain inequalities for their coefficients. We provide a series of counterexamples to this claim and explore a number of related results. In particular, we show that, for any ε > 0, all but finitely many curves EA,B : y 2 = x +Ax+B, w...
متن کاملECM using Edwards curves
This paper introduces EECM-MPFQ, a fast implementation of the elliptic-curve method of factoring integers. EECM-MPFQ uses fewer modular multiplications than the well-known GMP-ECM software, takes less time than GMP-ECM, and finds more primes than GMP-ECM. The main improvements above the modular-arithmetic level are as follows: (1) use Edwards curves instead of Montgomery curves; (2) use extende...
متن کاملEfficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملEdwards curves and CM curves
Edwards curves are a particular form of elliptic curves that admit a fast, unified and complete addition law. Relations between Edwards curves and Montgomery curves have already been described. Our work takes the view of parameterizing elliptic curves given by their j-invariant, a problematic that arises from using curves with complex multiplication, for instance. We add to the catalogue the li...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009