Twisting an elliptic curve to speed up cryptographic algorithms
نویسندگان
چکیده
An elliptic curve y = x +ax+ b over the prime field Fp may be twisted by a change of variables into the curve y = x + a′x + b′, where a′ differs from a by a quartic residue. We show that most curves over Fp may be twisted to have a′ quite small, allowing one of the multiplications in the point doubling formula to be replaced by additions. This speeds up algorithms to solve the elliptic curve discrete logarithm problem, the difficulty of which underpins the security of elliptic curve cryptography. We show that the current benchmark curves published by Certicom Inc. are vulnerable to this speedup, but that it is feasible to find curves that are not.
منابع مشابه
Efficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملA Small and Fast Software Implementation of Elliptic Curve Cryptosystems over GF (p) on a 16-Bit Microcomputer
Recently the study and implementation of elliptic curve cryptosystems (ECC) have developed rapidly and its achievements have become a center of attraction. ECC has the advantage of high-speed processing in software even on restricted environments such as smart cards. In this paper, we concentrate on complete software implementation of ECC over a prime field on a 16-bit microcomputer M16C (10MHz...
متن کاملTwisting Edwards curves with isogenies
Edwards’ elliptic curve form is popular in modern cryptographic implementations thanks to their fast, strongly unified addition formulas. Twisted Edwards curves with a = −1 are slightly faster, but their addition formulas are not complete over Fp where p ≡ 3 (mod 4). In this short note, we propose that designers specify Edwards curves, but implement scalar multiplications and the like using an ...
متن کاملAn Abstract of the Thesis of High-speed Algorithms & Architectures for Number-theoretic Cryptosystems
approved: C etin K. Ko c Computer and network security systems rely on the privacy and authenticity of information, which requires implementation of cryptographic functions. Software implementations of these functions are often desired because of their exibility and cost e ectiveness. In this study, we concentrate on developing high-speed and area-e cient modular multiplication and exponentiati...
متن کاملImplementing Elliptic Curve Cryptography
The strength of public key cryptography utilizing Elliptic Curves relies on the difficulty of computing discrete logarithms in a finite field. Diffie-Hellman key exchange algorithm also relies on the same fact. There are two flavors of this algorithm, one using Elliptic Curves and another without using Elliptic Curves. Both flavors of the algorithm rely on the difficulty of computing discrete l...
متن کامل