Abstract
This paper discusses the choices of elliptic curve models available to the would-be implementer, and assists the decision as to which model to use by examining the links between security and efficiency. In early public key cryptography schemes, such as ElGamal and RSA, the use of finite fields over large prime numbers was prevalent, thus preventing the need for difficult and expensive computations over extension fields. Thus, with the introduction of elliptic curve models, the same computational infrastructure using prime fields was inevitably used. As it became clear that elliptic curve models were more efficient than their public key competitors, they acquired a great deal of attention. In more recent times, and with the onset of the Internet of Things, the cryptography community is faced with the challenge of improving the efficiency of cryptography even further, resulting in many papers dealing with improvements of computational efficiencies. This search, along with improvements in both software and hardware dealing with characteristic two fields has instigated the analysis of elliptic curve constructions over binary extension fields. In particular, the ability to identify an object in the field with a bit string aids computation for binary elliptic curves. These circumstances account for our focus on binary elliptic curve fields in this paper in which we present an in-depth discussion on their efficiency and security properties along with other relevant features of various binary elliptic curve models.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Lenstra Jr., H.W.: Factoring integers with elliptic curves. Ann. Math. 126(3), 649–673 (1987)
Fan, J., Guo, X., De Mulder, E., Schaumont, P., Preneel, B. and Verbauwhede, I.: State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 76–87. IEEE, June 2010
Fan, J., Verbauwhede, I.: An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Naccache, D. (ed.) Cryptography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 265–282. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28368-0_18
De Win, E., Mister, S., Preneel, B., Wiener, M.: On the performance of signature schemes based on elliptic curves. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 252–266. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054867
Joye, M., Yen, S.-M.: The Montgomery powering ladder. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_22
Marzouqi, H., Al-Qutayri, M., Salah, K.: Review of elliptic curve cryptography processor designs. Microprocess. Microsyst. 39(2), 97–112 (2015)
Belgarric, P., Fouque, P.-A., Macario-Rat, G., Tibouchi, M.: Side-channel analysis of Weierstrass and Koblitz curve ECDSA on android smartphones. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 236–252. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_14
Joye, M.: Highly regular right-to-left algorithms for scalar multiplication. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 135–147. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_10
Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44, 519–521 (1985)
Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987)
Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman and Hall, CRC Press, Boca Raton (2006)
Karaklajić, D., Fan, J., Schmidt, J.M., Verbauwhede, I.: Low-cost fault detection method for ECC using Montgomery powering ladder. In: Proceedings of 2011 Design, Automation & Test in Europe, pp. 1–6. IEEE (2011)
Naccache, D., Smart, N.P., Stern, J.: Projective coordinates leak. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 257–267. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_16
Edwards, H.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44(3), 393–422 (2007)
Bernstein, D.J., Lange, T., Rezaeian Farashahi, R.: Binary edwards curves. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 244–265. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_16
Oliveira, T., López, J., Aranha, D.F., Rodríguez-Henríquez, F.: Lambda coordinates for binary elliptic curves. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 311–330. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_18
Kim, K.H., Lee, C.O., Negre, C.: Binary edwards curves revisited. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 393–408. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13039-2_23
Rashidi, B.: A Survey on Hardware Implementations of Elliptic Curve Cryptosystems. arXiv preprint arXiv:1710.08336 (2017)
Bernstein, D.J.: Batch binary Edwards. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 317–336. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_19
Devigne, J., Joye, M.: Binary Huff curves. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 340–355. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_22
Blake, I.F., Seroussi, G., Smart, N.: Elliptic curves in cryptography. In: London Mathematical Society Lecture Notes, vol. 265. Cambridge University Press, Cambridge (1999)
[X9.62.1999] Accredited Standards Committee X9. American national standard x9.62-1999, public key cryptography for the financial services industry: The elliptic curve digital signature algorithm (ECDSA). Draft at http://grouper.ieee.org/groups/1363/Research/Other.html
Oliveira, T., López, J., Aranha, D.F., Rodríguez-Henríquez, F.: Two is the fastest prime: lambda coordinates for binary elliptic curves. J. Cryptogr. Eng. 4(1), 3–17 (2014)
Costello, C., Smith, B.: Montgomery curves and their arithmetic: the case of large characteristic fields. IACR Cryptology ePrint Archive, vol. 2017, p. 212 (2017)
Oliveira, T., López, J., Rodríguez-Henríquez, F.: The Montgomery ladder on binary elliptic curves. J. Cryptogr. Eng. 1–18 (2017). https://doi.org/10.1007/s13389-017-0163-8
Bernstein, D.J., Lange, T.: Montgomery curves and the Montgomery ladder. IACR Cryptology ePrint Archive (2017)
Hamburg, M.: Decaf: eliminating cofactors through point compression. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 705–723. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_34
Farashahi, R.R., Joye, M.: Efficient arithmetic on Hessian curves. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 243–260. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13013-7_15
Solinas, J.A.: Efficient arithmetic on Koblitz curves. In: Koblitz, N. (ed.) Towards a Quarter-Century of Public Key Cryptography, pp. 125–179. Springer, Boston (2000). https://doi.org/10.1007/978-1-4757-6856-5_6
Aranha, D.F., Faz-Hernández, A., López, J., Rodríguez-Henríquez, F.: Faster implementation of scalar multiplication on Koblitz curves. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 177–193. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33481-8_10
Bernstein, D., Lange, T.: Explicit-Formulas Database (2014). http://hyperelliptic.org/EFD/. Accessed 2 Apr 2017
Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_11
Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 518–535. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_30
Hankerson, D., Karabina, K., Menezes, A.: Analyzing the Galbraith-Lin-Scott point multiplication method for elliptic curves over binary fields. IEEE Trans. Comput. 58(10), 1411–1420 (2009)
Gueron, S.: AES-GCM for efficient authenticated encryption–ending the reign of HMAC-SHA-1. Real-World Cryptography (2013)
Alcaide, A., Palomar, E., Montero-Castillo, J., Ribagorda, A.: Anonymous authentication for privacy-preserving IoT target-driven applications. Comput. Secur. 37, 111–123 (2013)
Markmann, T., Schmidt, T.C., Wählisch, M.: Federated end-to-end authentication for the constrained internet of things using IBC and ECC. ACM SIGCOMM Comput. Commun. Rev. 45(4), 603–604 (2015)
Chatzigiannakis, I., Vitaletti, A., Pyrgelis, A.: A privacy-preserving smart parking system using an IoT elliptic curve based security platform. Comput. Commun. 89, 165–177 (2016)
Wenger, E., Hutter, M.: Exploring the design space of prime field vs. binary field ECC-hardware implementations. In: Laud, P. (ed.) NordSec 2011. LNCS, vol. 7161, pp. 256–271. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29615-4_18
Azarderakhsh, R., Jarvinen, K.U., Mozaffari-Kermani, M.: Efficient algorithm and architecture for elliptic curve cryptography for extremely constrained secure applications. IEEE Trans. Circ. Syst. I Regul. Pap. 61(4), 1144–1155 (2014)
Halak, B., Waizi, S.S., Islam, A.: A Survey of Hardware Implementations of Elliptic Curve Cryptographic Systems (2016). https://eprint.iacr.org/2016/712.pdf
Ozturk, E., Gopal, V.: Enabling High-performance Galois-counter mode on Intel architecture processors. Intel white paper (2012)
Galbraith, S.D., Gaudry, P.: Recent progress on the elliptic curve discrete logarithm problem. Des. Codes Crypt. 78(1), 51–72 (2016)
Feix, B., Roussellet, M., Venelli, A.: Side-channel analysis on blinded regular scalar multiplications. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 3–20. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13039-2_1
Chen, C.: FPGA implementation for elliptic curve cryptography over binary extension field. M.A.Sc., University of Windsor, 10 December 2017, Electronic Theses and Dissertations (2017)
Lalonde, D.R.: Private and public-key side-channel threats against hardware accelerated cryptosystems. M.A.Sc., University of Windsor, 13 December 2017, Electronic Theses and Dissertations (2017)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25
Maplesoft. User Manual (2015). http://www.maplesoft.com/documentation_center/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Hirschfeld, S.T.E., Batten, L.M., Amain, M.K.I. (2018). Efficiencies in Binary Elliptic Curves. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2018. ICCSA 2018. Lecture Notes in Computer Science(), vol 10964. Springer, Cham. https://doi.org/10.1007/978-3-319-95174-4_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-95174-4_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-95173-7
Online ISBN: 978-3-319-95174-4
eBook Packages: Computer ScienceComputer Science (R0)