Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Fast Generation of Elliptic Curve Base Points Using Efficient Exponentiation over $GF(p^m)$)

효율적인 $GF(p^m)$ 멱승 연산을 이용한 타원곡선 기저점의 고속 생성

  • 이문규 (인하대학교 컴퓨터공학부)
  • Published : 2007.04.15
Download PDF
⟨ Previous Next ⟩

Abstract

Since Koblitz and Miller suggested the use of elliptic curves in cryptography, there has been an extensive literature on elliptic curve cryptosystem (ECC). The use of ECC is based on the observation that the points on an elliptic curve form an additive group under point addition operation. To realize secure cryptosystems using these groups, it is very important to find an elliptic curve whose group order is divisible by a large prime, and also to find a base point whose order equals this prime. While there have been many dramatic improvements on finding an elliptic curve and computing its group order efficiently, there are not many results on finding an adequate base point for a given curve. In this paper, we propose an efficient method to find a random base point on an elliptic curve defined over $GF(p^m)$. We first show that the critical operation in finding a base point is exponentiation. Then we present efficient algorithms to accelerate exponentiation in $GF(p^m)$. Finally, we implement our algorithms and give experimental results on various practical elliptic curves, which show that the new algorithms make the process of searching for a base point 1.62-6.55 times faster, compared to the searching algorithm based on the binary exponentiation.

Koblitz와 Miller가 암호시스템에 타원곡선을 사용할 것을 제안한 이래, 타원곡선 암호에 관한 다양한 연구가 진행되어 왔다. 타원곡선 암호는 타원곡선 상의 점들이 덧셈 연산에 대한 군을 형성한다는 관찰에 기반하고 있는데, 안전한 암호를 실현하기 위해서는 군의 위수에 큰 소수를 인자로 포함하는 적절한 타원곡선을 찾고 이 큰 소수를 위수로 갖는 기저점을 찾는 작업이 매우 중요하다. 현재까지 타원 곡선을 찾거나 해당 군의 위수를 계산하는 방법에 관해서는 많은 연구가 있어 왔으나, 곡선이 주어질 때 기저점을 찾는 문제에 대한 연구 결과는 많지 않다. 이에 본 논문에서는 $GF(p^m)$ 상에서 정의된 타원곡선 상에서 임의의 기저점을 찾는 효율적인 방안을 제시한다. 먼저 우리는 기저점을 찾는 데 있어 가장 중요한 연산이 멱승 연산임을 밝히고, 다음에 $GF(p^m)$ 상에서의 멱승을 빠르게 하기 위한 효율적인 알고리즘들을 제시한다. 마지막으로 이 알고리즘들을 구현하여 다양한 실제 타원 곡선 상에서 실험한 결과들을 제시하는데, 이에 따르면 본 논문에서 제안하는 알고리즘은 이진 멱승에 기반한 기저점 탐색 알고리즘에 비해 탐색 속도를 1.62-6.55 배 향상시킴을 확인할 수 있다.

Keywords

References

  1. N. Koblitz, 'Elliptic Curve Cryptosystems,' Mathematics of Computation, vol. 48, pp. 203-209, 1987 https://doi.org/10.2307/2007884
  2. V. Miller. 'Use of elliptic curves in cryptography,' Advances in Cryptology- CRYPTO 85, LNCS, Vol. 218, pp.417-428, Springer-Verlag, 1986
  3. IEEE P1363-2000, IEEE Standard Specifications for Public-Key Cryptography, 2000
  4. TTAS.KO-12.0015, Digital Signature Mechanism with Appendix- Part 3: Korean Certificate-based Digital Signature Algorithm using Elliptic Curves, 2001
  5. R. Schoof. 'Elliptic curves over finite fields and the computation of square roots mod p,' Mathematics of Computation, Vol.44, pp.483-494, 1985 https://doi.org/10.2307/2007968
  6. R. Lercier and F. Morain, 'Counting the number of points on elliptic curves over finite fields: strategies and performance,' Advances in Cryptology-Eurocrypt 95, LNCS, Vol.921, pp.79-94. Springer, 1995
  7. R. Lercier, 'Finding good random elliptic curves for cryptosystems defined over $F_2$,' Advances in Cryptology-Eurocrypt 97, LNCS, Vol.1233, pp.379-392. Springer, 1997
  8. D. V. Bailey and C. Paar, 'Optimal extension fields for fast arithmetic in public-key algorithms,' Advances in Cryptology- CRYPTO 98, LNCS, Vol.1462, pp.472-485. Springer, 1998 https://doi.org/10.1007/BFb0055748
  9. D. V. Bailey and C. Paar, 'Efficient arithmetic in finite field extensions with application in elliptic curve cryptography,' Journal of Cryptology, Vol.14, No.3, pp.153-176, 2001 https://doi.org/10.1007/s001450010012
  10. N. P. Smart, 'A comparison of different finite fields for elliptic curve cryptosystems,' Computers and Mathematics with Applications, Vol.42, pp.91-100, 2001 https://doi.org/10.1016/S0898-1221(01)00133-X
  11. G. B. Agnew, R. C. Mullin, and S. A. Vanstone, 'Fast exponentiation in $GF(2^n)$,' Advances in Cryptology-EUROCRYPT 88, LNCS, Vol.330, pp.251-256, Springer, 1988 https://doi.org/10.1007/3-540-45961-8_22
  12. J. von zur Gathen, 'Processor-efficient exponentiation in finite fields,' Information Processing Letters, Vol.41, pp.81-86, 1992 https://doi.org/10.1016/0020-0190(92)90259-X
  13. M. K. Lee, Y. Kim, K. Park, and Y. Cho, 'Efficient parallel exponentiation in $GF(q^n)$ using normal basis representations,' Journal of Algorithms, Vol.54, pp.205-221, 2005 https://doi.org/10.1016/j.jalgor.2004.06.005
  14. T. Kobayashi, '$Base-{\phi}$ method for elliptic curves of OEF,' IEICE Trans. Fundamentals, Vol.E83-A, No.4, pp.679-686, 2000
  15. D. M. Gordon, 'A survey of fast exponentiation methods,' Journal of Algorithms, Vol.27, pp.129-146, 1998 https://doi.org/10.1006/jagm.1997.0913
  16. D. Knuth. The Art of Computer Programming, Volume 2: Seminumerical Algorithms, Addison-Wesley, Reading, Massachusetts, 3rd edition, 1998
  17. J. Bos and M. Coster, 'Addition chain heuristics,' Advances in Cryptology- CRYPTO 89, LNCS, Vol.435, pp.400-407. Springer-Verlag, 1990
  18. J.-C. Ha and S.-J. Moon, 'Fast exponentiation with common-multiplicand modular multiplication,' Journal of the Korea Information Science Society (C), Vol.3, No.5, pp.491-497, 1997
  19. J.-C. Ha and S.-J. Moon, 'A common-multiplicand method to the Montgomery algorithm for speeding up exponentiation,' Information Processing Letters, Vol.66, pp.105-107, 1998 https://doi.org/10.1016/S0020-0190(98)00031-3
  20. E. F. Brickell, D. M. Gordon, K. S. McCurley, and D. B. Wilson, 'Fast exponentiation with precomputation,' Advances in Cryptology -Eurocrypt 92, LNCS, Vol.658, pp.200-207. Springer, 1993
  21. C. H. Lim and P. J. Lee, 'More flexible exponentiation with precomputation,' Advances in Cryptology -CRYPTO 94, LNCS, Vol.839, pp.95-107. Springer, 1994