Abstract
In this paper we present an improved algorithm for counting points on elliptic curves over finite fields. It is mainly based on Satoh-Skjernaa-Taguchi algorithm [SST01], and uses a Gaussian Normal Basis (GNB) of small type t ≤ 4. In practice, about 42% (36% for prime N) of fields in cryptographic context (i.e., for p = 2 and 160 < N < 600) have such bases. They can be lifted from \( \mathbb{F}_{p^N } \) to ℤp N in a natural way. From the specific properties of GNBs, efficient multiplication and the Frobenius substitution are available. Thus a fast norm computation algorithm is derived, which runs in O(N 2μ log N) with O(N 2) space, where the time complexity of multiplying two n-bit objects is O(n μ). As a result, for all small characteristic p, we reduced the time complexity of the SST-algorithm from O(N 2μ+0.5) to \( O(N^{2\mu + \frac{1} {{\mu + 1}}} ) \) and the space complexity still fits in O(N 2). Our approach is expected to be applicable to the AGM since the exhibited improvement is not restricted to only [SST01].
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
A. O. L. Atkin, The number of points on an elliptic curve modulo a prime, Series of e-mails to the NUMBERTHRY mailing list, 1992.
L. F. Blake, R. M. Roth, and G. Seroussi, Efficient Arithmetic in GF(2n) through Palindromic Representation, Tech. Rep. HPL-98-134, Hewlett Packard, 1998.
I. Blake, G. Seroussi, and N. Smart, Elliptic Curves in Cryptography, Cambridge Univ. Press, 2000.
J. M. Couveignes, Computing l-isogenies using the p-Torsion, Algorithmic number theory-ANTS-II, LNCS 1122, pp. 59–66, Springer-Verlag, 1996.
M. Deuring, Die Typen der Multiplikatorenringe elliptischer Funktionenkörper. Abh. Math. Sem. Univ. Hamburg, 14, pp. 197–272, 1941.
N. D. Elkies, Elliptic and modular curves over finite fields and related computational issues, In D.A. Buell and eds. J.T. Teitelbaum, editors, Computational perspective on number theory, AMS/IP Stud. Adv. Math., 7, pp. 21–78, Province, RI: AMS, 1998. Proceedings of a Conference in Honor of A.O.L. Atkin.
M. Fouquet, P. Gaudry, and R. Harley, On Satoh’s algorithm and its implementation, J. Ramanujan Math. Soc., 15, pp. 281–318, 2000.
R. Harley, Counting points with the arithmetic-geometric mean(joint work with J. F. Mestre and P. Gaudry), Eurocrypt 2001, Rump session, 2001.
C. Hooley, On Artin’s conjecture, J. Reine Angew Math., 225, pp. 209–220, 1967.
K. Kedlaya, Counting points on hyperelliptic curves using Monsky-Wash-nitzer cohomology, available at http://arXiv.org/abs/math/0105031.
N. Koblitz, Elliptic curve cyptosystem, Math. Comp., 48(177), pp. 203–209, 1998.
S. Lang, Algebraic Number Theory, Springer-Verlag, 1994.
J. Lubin, J. P. Serre, and J. Tate. Elliptic curves and formal group. Lecture notes in prepared in connection with the seminars held at the Summer institute on Algebraic Geometry, Whitney Estate, Woods Hole, Massachusetts, 1964.
A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993.
A. Menezes, Application of Finite Fields, Kluwer Academic Publisher, 1993.
V. Miller, Use of elliptic curves in cryptography. Crypto’86, LNCS 263, pp. 417–426, 1987.
M. R. Murty, Artin’s conjecture for primitive roots, Math. Intelligencer, 10(4), pp. 59–67, 1988.
M. S. Parterson and L. J. Stockmeyer, On the number of nonscalar multiplications necessary to evaluate polynomials. SIMA J. Comput., 2, pp. 60–67, 1973.
T. Satoh, The canonical lift of an ordinary elliptic curve over a finite field and its point counting, J. Ramanujan Math. Soc., 15, pp. 247–270, 2000.
R. Schoof, Elliptic curves over finite fields and the computation of square roots mod p, Math. Comput., 44, pp. 483–494, 1985.
J. H. Silverman, Fast Multiplication in Finite Fields GF(2N), Crytographic Hardware and Embedded Systems-CHES’99, LNCS 1717, pp. 122–134, Springer-Verlag, 1999.
B. Skjernaa, Satoh Point Counting in characteristic 2. To appear in Math. Comp.
T. Satoh, B. Skjernaa, and Y. Taguchi, Fast Computation of Canonical Lifts of Elliptic curves and its Application to Point Counting, Preprint, 2001.
F. Vercauteren, B. Preneel, and J. Vandewalle, A Memory Efficient Version of Satoh’s Algorithm. Advances in Cryptology-Eurocrypt 2001, LNCS 2045, pp. 1–13, Springer-Verlag, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, H.Y., Park, J.Y., Cheon, J.H., Park, J.H., Kim, J.H., Hahn, S.G. (2002). Fast Elliptic Curve Point Counting Using Gaussian Normal Basis. In: Fieker, C., Kohel, D.R. (eds) Algorithmic Number Theory. ANTS 2002. Lecture Notes in Computer Science, vol 2369. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45455-1_24
Download citation
DOI: https://doi.org/10.1007/3-540-45455-1_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43863-2
Online ISBN: 978-3-540-45455-7
eBook Packages: Springer Book Archive