The fast implementation of elliptic curve cryptosystems relies on the efficient computation of scalar multiplication. Based on the double-base chain representation of scalar using powers of 2 and 3, we propose a new representation with powers of 1⁄2 and 3 instead. Thus the efficient point halving operation can be incorporated in the new double-base chain to achieve fast scalar multiplication. E...

We address the Menezes-Okamoto-Vanstone (MOV) algorithm for attacking elliptic curve cryptosystems which is completed in subexponential time for supersingular elliptic curves. There exist two hurdles to clear, from an algorithmic point of view, in applying the MOV reduction to general elliptic curves: the problem of explicitly determining the minimum extension degree k such that E[n] E(F q k) a...

The major building block of most elliptic curve cryptosystems are computation of multi-scalar multiplication. This paper proposes a novel algorithm for simultaneous multi-scalar multiplication, that is by employing addition chains. The previously known methods utilizes double-and-add algorithm with binary representations. In order to accomplish our purpose, an efficient empirical method for fin...

A recent paper by Costello and Hisil at Asiacrypt’17 presents efficient formulas for computing isogenies with odd-degree cyclic kernels on Montgomery curves. We provide a constructive proof of a generalization of this theorem which shows the connection between the shape of the isogeny and the simple action of the point (0, 0). This generalization removes the restriction of a cyclic kernel and a...

Koblitz curves allow very efficient scalar multiplications because point doublings can be traded for cheap Frobenius endomorphisms by representing the scalar as a τ -adic expansion. Typically elliptic curve cryptosystems, such as ECDSA, also require the scalar as an integer. This results in a need for conversions between integers and the τ -adic domain, which are costly and prevent from using K...

We propose a fast cryptographic hash algorithm that maps arbitrary messages onto points of pairing-friendly elliptic curves defined over F3m , a core operation in many pairing-based cryptosystems. Our scheme runs in time O(m2), while the best previous algorithm for this task runs in time O(m3). Experimental data confirms the speedup by a factor O(m), or approximately a hundred times for practic...

Root extraction is a classical problem in computers algebra. It plays an essential role in cryptosystems based on elliptic curves. In 2006, Barreto and Voloch proposed an algorithm to compute rth roots in Fqm for certain choices of m and q. If r || q − 1 and (m, r) = 1, they proved that the complexity of their method is Õ(r(logm + log log q)m log q). In this paper, we extend the Barreto-Voloch ...

‎By the Mordell‎- ‎Weil theorem‎, ‎the group of rational points on an elliptic curve over a number field is a finitely generated abelian group‎. ‎This paper studies the rank of the family Epq:y2=x3-pqx of elliptic curves‎, ‎where p and q are distinct primes‎. ‎We give infinite families of elliptic curves of the form y2=x3-pqx with rank two‎, ‎three and four‎, ‎assuming a conjecture of Schinzel ...

‎‎in the category of mordell curves (e_d:y^2=x^3+d) with nontrivial torsion groups we find curves of the generic rank two as quadratic twists of (e_1), ‎and of the generic rank at least two and at least three as cubic twists of (e_1). ‎previous work‎, ‎in the category of mordell curves with trivial torsion groups‎, ‎has found infinitely many elliptic curves with rank at least seven as sextic tw...

We investigate the discrete logarithm problem over jacobians of hyperelliptic curves suitable for public-key cryptosystems. We focus on the case when the definition field has small characteristic 2, 3, 5 and 7, then we present hyperelliptic cryptosystems that resist against all known attacks. We further implement our designed hyperelliptic cryptosystems over finite fields F2n in software on Alp...