Abstract
We show that the elliptic curve cryptosystems based on the Montgomery-form E M:BY 2 = X 3 + AX 2 +X are immune to the timing-attacks by using our technique of randomized projective coordinates, while Montgomery originally introduced this type of curves for speeding up the Pollard and Elliptic Curve Methods of integer factorization [Math. Comp. Vol.48, No.177, (1987) pp.243-264].
However, it should be noted that not all the elliptic curves have the Montgomery-form, because the order of any elliptic curve with the Montgomery-form is divisible by “4”. Whereas recent ECC-standards [NIST,SEC-1] recommend that the cofactor of elliptic curve should be no greater than 4 for cryptographic applications.
Therefore, we present an efficient algorithm for generating Montgomery-form elliptic curve whose cofactor is exactly “4”. Finally, we give the exact consition on the elliptic curves whether they can be represented as a Montgomery-form or not. We consider divisibility by “8” for Montgomery-form elliptic curves.
We implement the proposed algorithm and give some numerical examples obtained by this.
Chapter PDF
Similar content being viewed by others
References
Agnew, G.B., Mullin, R.C., Vanstone, S.A.: An Implementation of Elliptic Curve Cryptosystems Over F\(_{2^155}\). IEEE Journal on Selected Areas in Communications 11(5), 804–813 (1993)
ANSI X9.62, Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm(ECDSA) (1999)
Bailey, D.V., Paar, C.: Optimal Extension Fields for Fast Arithmetic in Public- Key Algorithms. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 472–485. Springer, Heidelberg (1998)
Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography. Cambridge University Press, Cambridge (1999)
Cohen, H., Miyaji, A., Ono, T.: Efficient Elliptic Curve Exponentiation Using Mixed Coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)
Coron, J.S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Pre-Proceedings ofWorkshop on Cryptographic Hardware and Embedded Systems(CHES), pp. 292–302 (1999)
Frey, G., Rück, H.G.: A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math. Comp. 62, 865–874 (1994)
Izu, T.: Elliptic Curve Exponentiation for Cryptosystem. In: SCIS 1999, vol. W4-1.1, pp. 275–280 (1999)
Izu, T.: Elliptic Curve Exponentiation without y-coordinate, Technical Report of IEICE. ISEC98-86, 93–98 (1999)
Kobayashi, T., Morita, H., Kobayashi, K., Hoshino, F.: Fast Elliptic Curve Algorithm Combining Frobenius Map and Table Reference to Adapt to Higher Characteristic. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 176–189. Springer, Heidelberg (1999)
Koblitz, N.: Elliptic curve cryptosystems. Math. Comp. 48, 203–209 (1987)
Kocher, C.: Cryptanalysis of Diffie-Hellman,RSA,DSS, and Other Systems Using Timing Attacks, available at http://www.cryptography.com/
Kocher, C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)
Menezes, A., Okamoto, T., Vanstone, A.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transaction on Information Theory IT-39(5), 1639–1646 (1993)
Miyaji, A., Ono, T., Cohen, H.: Efficient elliptic curve exponentiation(II). In: SCIS 1998, vol. 7.1.D (1998)
Montgomery, P.L.: Speeding the Pollard and Elliptic Curve Methods of Factorizations. Math. Comp. 48, 243–264 (1987)
National Institute for Standards and Technology, Recommended Elliptic Curves for Federal Government Use (1999), Available at http://csrc.nist.gov/encryption/
Satoh, T., Araki, K.: Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Commentarii Mathematici Universitatis Sancti Pauli, 88–92 (1998)
Ohgishi, K., Sakai, R., Kasahara, M.: Elliptic Curve Signature Scheme with No y Coordinate. In: SCIS 1999, vol. W4-1.3, pp. 285–287 (1999)
Standards for Efficient Cryptography. Elliptic Curve Cryptography Ver.0.5 (1999) Available at, http://www.secg.org/drafts.htm
Semaev, I.: Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p. Math. Comp. 67, 353–356 (1998)
Smart, N.P.: The Discrete Logarithm Problem on Elliptic Curves of Trace One. Journal of Cryptology (to appear)
Takeuchi, K., Koyama, K.: Fast Computation of Elliptic Curve Cryptosystems. In: SCIS 1999, vol. W4-1.2, pp. 281–284 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Okeya, K., Kurumatani, H., Sakurai, K. (2000). Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications. In: Imai, H., Zheng, Y. (eds) Public Key Cryptography. PKC 2000. Lecture Notes in Computer Science, vol 1751. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-46588-1_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-46588-1_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66967-8
Online ISBN: 978-3-540-46588-1
eBook Packages: Springer Book Archive