Speeding up Scalar Multiplication on Koblitz Curves Using \(\mu _4\) Coordinates

Abstract

Koblitz curves are a special family of binary elliptic curves satisfying equation \(y^2+xy=x^3+ax^2+1\), \(a\in \{0,1\}\). Scalar multiplication on Koblitz curves can be achieved with point addition and fast Frobenius endomorphism. We show a new point representation system \(\mu _4\) coordinates for Koblitz curves. When \(a=0\), \(\mu _4\) coordinates derive basic group operations—point addition and mixed-addition with complexities \(7\mathbf{M}+2\mathbf{S}\) and \(6\mathbf{M}+2\mathbf{S}\), respectively. Moreover, Frobenius endomorphism on \(\mu _4\) coordinates requires \(4\mathbf{S}\). Compared with the state-of-the-art \(\lambda \) representation system, the timings obtained using \(\mu _4\) coordinates show speed-ups of \(28.6\%\) to \(32.2\%\) for NAF algorithms, of \(13.7\%\) to \(20.1\%\) for \(\tau \)NAF and of \(18.4\%\) to \(23.1\%\) for regular \(\tau \)NAF on four NIST-recommended Koblitz curves K-233, K-283, K-409 and K-571.

This work is supported by the National Natural Science Foundation of China (No. 61872442, No. 61802401, No. 61502487) and the National Cryptography Development Fund (No. MMJJ20180216).