Using Montgomery curve arithmetic over F2p for point scalar multiplication on short Weierstrass curve over Fp with exactly one 2-torsion point and order not divisible by 4

2016 ◽  
Vol 0 (0) ◽  
pp. 33-38
Author(s):  
Michał Wroński
Keyword(s):  
Scalar Multiplication ◽  
Side Channel ◽  
Torsion Point ◽  
Side Channel Attacks ◽  
Torsion Points ◽  
Standard Methods ◽  
Hardware Implementations ◽  
Point Scalar Multiplication ◽  
Montgomery Curve

Montgomery curves are well known because of their efficiency and side channel attacks vulnerability. In this article it is showed how Montgomery curve arithmetic may be used for point scalar multiplication on short Weierstrass curve ESW over Fp with exactly one 2-torsion point and #ESW (Fp) not divisible by 4. If P ∈ ESW (Fp) then also P ∈ ESW (Fp2). Because ESW (Fp2) has three 2-torsion points (because ESW (Fp) has one 2-torsion point) it is possible to use 2-isogenous Montgomery curve EM (Fp2) to the curve ESW (Fp2) for counting point scalar multiplication on ESW (Fp). However arithmetic in (Fp2) is much more complicated than arithmetic in Fp, in hardware implementations this method may be much more useful than standard methods, because it may be nearly 45% faster.

scholarly journals Optimized CSIDH Implementation Using a 2-Torsion Point

Cryptography ◽  
2020 ◽  
Vol 4 (3) ◽  
pp. 20 ◽  
Author(s):  
Donghoe Heo ◽  
Suhri Kim ◽  
Kisoon Yoon ◽  
Young-Ho Park ◽  
Seokhie Hong
Keyword(s):  
Elliptic Curve ◽  
Group Action ◽  
Large Degree ◽  
Transitive Group ◽  
Optimization Method ◽  
Torsion Point ◽  
Torsion Points ◽  
Diffie Hellman ◽  
Odd Degree ◽  
Montgomery Curve

The implementation of isogeny-based cryptography mainly use Montgomery curves, as they offer fast elliptic curve arithmetic and isogeny computation. However, although Montgomery curves have efficient 3- and 4-isogeny formula, it becomes inefficient when recovering the coefficient of the image curve for large degree isogenies. Because the Commutative Supersingular Isogeny Diffie-Hellman (CSIDH) requires odd-degree isogenies up to at least 587, this inefficiency is the main bottleneck of using a Montgomery curve for CSIDH. In this paper, we present a new optimization method for faster CSIDH protocols entirely on Montgomery curves. To this end, we present a new parameter for CSIDH, in which the three rational two-torsion points exist. By using the proposed parameters, the CSIDH moves around the surface. The curve coefficient of the image curve can be recovered by a two-torsion point. We also proved that the CSIDH while using the proposed parameter guarantees a free and transitive group action. Additionally, we present the implementation result using our method. We demonstrated that our method is 6.4% faster than the original CSIDH. Our works show that quite higher performance of CSIDH is achieved while only using Montgomery curves.

Power Side-Channel Analysis of RNS GLV ECC Using Machine and Deep Learning Algorithms

2021 ◽  
Vol 21 (3) ◽  
pp. 1-20
Author(s):  
Mohamad Ali Mehrabi ◽  
Naila Mukhtar ◽  
Alireza Jolfaei
Keyword(s):  
Deep Learning ◽  
Elliptic Curve ◽  
Smart Cities ◽  
Information Leakage ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Public Key Cryptosystems ◽  
Elliptic Curve Cryptosystems ◽  
Hardware Implementations ◽  
Substantial Progress

Many Internet of Things applications in smart cities use elliptic-curve cryptosystems due to their efficiency compared to other well-known public-key cryptosystems such as RSA. One of the important components of an elliptic-curve-based cryptosystem is the elliptic-curve point multiplication which has been shown to be vulnerable to various types of side-channel attacks. Recently, substantial progress has been made in applying deep learning to side-channel attacks. Conceptually, the idea is to monitor a core while it is running encryption for information leakage of a certain kind, for example, power consumption. The knowledge of the underlying encryption algorithm can be used to train a model to recognise the key used for encryption. The model is then applied to traces gathered from the crypto core in order to recover the encryption key. In this article, we propose an RNS GLV elliptic curve cryptography core which is immune to machine learning and deep learning based side-channel attacks. The experimental analysis confirms the proposed crypto core does not leak any information about the private key and therefore it is suitable for hardware implementations.

scholarly journals Parallel and Regular Algorithm of Elliptic Curve Scalar Multiplication over Binary Fields

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Xingran Li ◽  
Wei Yu ◽  
Bao Li
Keyword(s):  
Elliptic Curve ◽  
Efficient Algorithm ◽  
Multicore Processors ◽  
Scalar Multiplication ◽  
Side Channel ◽  
Elliptic Curve Cryptosystem ◽  
Side Channel Attacks ◽  
Binary Fields ◽  
Speed Up ◽  
Elliptic Curve Scalar Multiplication

Accelerating scalar multiplication has always been a significant topic when people talk about the elliptic curve cryptosystem. Many approaches have been come up with to achieve this aim. An interesting perspective is that computers nowadays usually have multicore processors which could be used to do cryptographic computations in parallel style. Inspired by this idea, we present a new parallel and efficient algorithm to speed up scalar multiplication. First, we introduce a new regular halve-and-add method which is very efficient by utilizing λ projective coordinate. Then, we compare many different algorithms calculating double-and-add and halve-and-add. Finally, we combine the best double-and-add and halve-and-add methods to get a new faster parallel algorithm which costs around 12.0% less than the previous best. Furthermore, our algorithm is regular without any dummy operations, so it naturally provides protection against simple side-channel attacks.

Sign in / Sign up

Export Citation Format

Share Document