Skip to main content
SpringerLink
Log in

Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

In 2007, Meloni introduced a new type of arithmetic on elliptic curves when adding projective points sharing the same Z-coordinate. This paper presents further co-Z addition formulæ (and register allocations) for various point additions on Weierstraß elliptic curves. It explains how the use of conjugate point addition and other implementation tricks allow one to develop efficient scalar multiplication algorithms making use of co-Z arithmetic. Specifically, this paper describes efficient co-Z based versions of Montgomery ladder, Joye’s double-add algorithm, and certain signed-digit algorithms, as well as faster (X, Y)-only variants for left-to-right versions. Further, the proposed implementations are regular, thereby offering a natural protection against a variety of implementation attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Koblitz N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  2. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) Advances in Cryptology − CRYPTO’85. LNCS, vol. 218, pp. 417–426. Springer, Berlin (1985)

  3. Avanzi, R., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. CRC Press, Boca Raton (2005)

  4. Blake, I.F., Seroussi, G., Smart, N.P. (eds.): Advances in Elliptic Curve Cryptography, London Mathematical Society Lecture Note Series, vol. 317. Cambridge University Press, Cambridge (2005)

  5. Meloni, N.: New point addition formulæ for ECC applications. In: Carlet, C., Sunar, B. (eds.) Arithmetic of Finite Fields (WAIFI 2007). LNCS, vol. 4547, pp. 189–201. Springer, Berlin (2007)

  6. Goundar, R.R., Joye, M., Miyaji, A.: Co-Z addition formulæ and binary ladders on elliptic curves. In: Mangard, S., Standaert, F.X. (eds.) Cryptographic Hardware and Embedded Systems − CHES 2010. LNCS, vol. 6225, pp. 65–79. Springer, Berlin (2010)

  7. Venelli A., Dassance F.: Faster side-channel resistant elliptic curve scalar multiplication. Contemp. Math. 521, 29–40 (2010)

    MathSciNet  Google Scholar 

  8. Rivain, M.: Fast and regular algorithms for scalar multiplication over elliptic curves. Cryptology ePrint Archive, Report 2011/338 (2011). http://eprint.iacr.org/

  9. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) Advances in Cryptology − CRYPTO ’99. LNCS, vol. 1666, pp. 388–397. Springer, Berlin (1999)

  10. Yen S.M., Joye M.: Checking before output may not be enough against fault-based cryptanalysis. IEEE Trans. Comput. 49(9), 967–970 (2000)

    Article  Google Scholar 

  11. Yen, S.M., Kim, S., Lim, S., Moon, S.J.: A countermeasure against one physical cryptanalysis may benefit another attack. In: Kim, K. (ed.) Information Security and Cryptology—ICISC 2001. LNCS, vol. 2288, pp. 414–427. Springer, Berlin (2002)

  12. Bernstein, D.J., Lange, T.: Explicit-formulas database. http://hyperelliptic.org/EFD/g1p/auto-shortw.html

  13. Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) Advances in Cryptology—ASIACRYPT ’98. LNCS, vol. 1514, pp. 51–65. Springer, Berlin (1998)

  14. Longa, P.: ECC Point Arithmetic Formulae (EPAF). http://patricklonga.bravehost.com/jacobian.html

  15. Chudnovsky D.V., Chudnovsky G.V.: Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. Appl. Math. 7(4), 385–434 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  16. Izu, T., Möller, B., Takagi, T.: Improved elliptic curve multiplication methods reistant against side-channel attacks. In: Menezes, A., Sarkar, P. (eds.) Progress in Cryptology—INDOCRYPT 2002. LNCS, vol. 2551, pp. 296–313. Springer, Berlin (2002)

  17. Coron, J.S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koc, C.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems (CHES’99). LNCS, vol. 1717, pp. 292–302. Springer, Berlin (1999)

  18. Montgomery P.L.: Speeding up the pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)

    Article  MATH  Google Scholar 

  19. Joye, M., Yen, S.M.: The Montgomery powering ladder. In: Kaliski, B.S. Jr, et al. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Berlin (2003)

  20. Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) Public Key Cryptography (PKC 2002) LNCS, vol. 2274, pp. 335–345. Springer, Berlin (2002)

  21. Fischer, W., Giraud, C., Knudsen, E.W., Seifert, J.P.: Parallel scalar multiplication on general elliptic curves over \({\mathbb{F}_p}\) hedged against non-differential side-channel attacks. Cryptology ePrint Archive, Report 2002/007 (2002). http://eprint.iacr.org/

  22. Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) Public Key Cryptography (PKC 2002). LNCS, vol. 2274, pp. 280–296. Springer, Berlin (2002)

  23. López, J., Dahab, R.: Fast multiplication on elliptic curves over GF(2m) without precomputation. In: Koc, C.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems (CHES’99). LNCS, vol. 1717, pp. 316–327. Springer, Berlin (1999)

  24. Joye, M.: Highly regular right-to-left algorithms for scalar multiplication. In: Paillier, P., Verbauwhede, I. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2007. LNCS, vol. 4727, pp. 135–147. Springer, Berlin (2007)

  25. Morain F., Olivos J.: Speeding up the computations on an elliptic curve using addition-subtraction chains. RAIRO Informatique théorique et applications 24(6), 531–543 (1990)

    MathSciNet  MATH  Google Scholar 

  26. Galbraith, S., Lin, X., Scott, M.: A faster way to do ECC. Presented at 12th Workshop on Elliptic Curve Cryptography (ECC 2008), Utrecht, The Netherlands (2008). http://www.hyperelliptic.org/tanja/conf/ECC08/slides/Mike-Scott.pdf

  27. Longa, P., Gebotys, C.H.: Novel precomputation schemes for elliptic curve cryptosystems. In: Abdalla, M. et al. (eds.) Applied Cryptography and Network Security (ACNS 2009). LNCS, vol. 5536, pp. 71–88. Springer, Berlin (2009)

  28. Longa, P., Miri, A.: New composite operations and precomputation for elliptic curve cryptosystems over prime fields. In: Cramer, R. (ed.) Public Key Cryptography—PKC 2008. LNCS, vol. 4939, pp. 229–247. Springer, Berlin (2008)

  29. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, C.K., Naccache, D., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Berlin (2001)

  30. Agrawal, D., Archambeault, B., Rao, J., Rohatgi, P.: The EM side-channel(s). In: Kaliski, B.S. Jr et al. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Berlin (2003)

  31. Chevallier-Mames B., Ciet M., Joye M.: Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity. IEEE Trans. Comput. 53(6), 760–768 (2004)

    Article  Google Scholar 

  32. Biehl, I., Meyer, B., Müller, V.: Differential fault attacks on elliptic curve cryptosystems. In: Bellare, M. (ed.) Advances in Cryptology—CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Berlin (2000)

  33. Boneh D., DeMillo R.A., Lipton R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptol. 14(2), 110–119 (2001) Extended abstract in Proc of EUROCRYPT, 97

    Article  MathSciNet  Google Scholar 

  34. Fouque, P.A., Lercier, R., Réal, D., Valette, F.: Fault attack on elliptic curve Montgomery ladder implementation. In: Breveglieri, L. et al. (eds.) Fault Diagnosis and Tolerance in Cryptography (FDTC 2008), pp. 92–98. IEEE Computer Society (2008)

  35. IEEE Std 1363-2000: IEEE Standard Specifications for Public-Key Cryptography. IEEE Computer Society (2000)

Download references

Author information

Authors and Affiliations

  1. P.O. Box 794, Ba, Fiji Islands

    Raveen R. Goundar

  2. Technicolor, Security and Content Protection Labs, 1 av. de Belle Fontaine, 35576, Cesson-Sévigné Cedex, France

    Marc Joye

  3. Japan Advanced Institute of Science and Technology, 1-1 Asahidai, Nomi, Ishikawa, 923-1292, Japan

    Atsuko Miyaji

  4. CryptoExperts, 41 Boulevard des Capucines, 75002, Paris, France

    Matthieu Rivain

  5. Inside Secure, Avenue Victoire, 13790, Rousset, France

    Alexandre Venelli

Authors
  1. Raveen R. Goundar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marc Joye
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Atsuko Miyaji
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthieu Rivain
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Alexandre Venelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Matthieu Rivain.

Additional information

R. R. Goundar is an independent researcher.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Goundar, R.R., Joye, M., Miyaji, A. et al. Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic. J Cryptogr Eng 1, 161–176 (2011). https://doi.org/10.1007/s13389-011-0012-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-011-0012-0

Keywords

Search

Navigation