Koblitz curves and integer equivalents of Frobenius expansions
BB Brumley, K Järvinen - International Workshop on Selected Areas in …, 2007 - Springer
International Workshop on Selected Areas in Cryptography, 2007•Springer
Scalar multiplication on Koblitz curves can be very efficient due to the elimination of point
doublings. Modular reduction of scalars is commonly performed to reduce the length of
expansions, and τ-adic Non-Adjacent Form (NAF) can be used to reduce the density.
However, such modular reduction can be costly. An alternative to this approach is to use a
random τ-adic NAF, but some cryptosystems (eg ECDSA) require both the integer and the
scalar multiple. This paper presents an efficient method for computing integer equivalents of …
doublings. Modular reduction of scalars is commonly performed to reduce the length of
expansions, and τ-adic Non-Adjacent Form (NAF) can be used to reduce the density.
However, such modular reduction can be costly. An alternative to this approach is to use a
random τ-adic NAF, but some cryptosystems (eg ECDSA) require both the integer and the
scalar multiple. This paper presents an efficient method for computing integer equivalents of …
Abstract
Scalar multiplication on Koblitz curves can be very efficient due to the elimination of point doublings. Modular reduction of scalars is commonly performed to reduce the length of expansions, and τ-adic Non-Adjacent Form (NAF) can be used to reduce the density. However, such modular reduction can be costly. An alternative to this approach is to use a random τ-adic NAF, but some cryptosystems (e.g. ECDSA) require both the integer and the scalar multiple. This paper presents an efficient method for computing integer equivalents of random τ-adic expansions. The hardware implications are explored, and an efficient hardware implementation is presented. The results suggest significant computational efficiency gains over previously documented methods.
Springer
Showing the best result for this search. See all results