Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

New Efficient Scalar Multiplication Algorithms Based on Montgomery Ladder Method for Elliptic Curve Cryptosystems

타원곡선암호시스템에서 Montgomery ladder 방법에 기반한 새로운 스칼라 곱셈 알고리즘

  • Cho, Sung-Min (Graduate School of Information Management and Security, Korea University) ;
  • Seo, Seog-Chung (Graduate School of Information Management and Security, Korea University) ;
  • Kim, Tae-Hyun (Graduate School of Information Management and Security, Korea University) ;
  • Park, Yung-Ho (School of Computer Engineering, Sejong Cyber University) ;
  • Hong, Seok-Hie (Graduate School of Information Management and Security, Korea University)
  • 조성민 (고려대학교 정보경영공학전문대학원) ;
  • 서석충 (고려대학교 정보경영공학전문대학원) ;
  • 김태현 (고려대학교 정보경영공학전문대학원) ;
  • 박영호 (세종사이버대학교) ;
  • 홍석희 (고려대학교 정보경영공학전문대학원)
  • Published : 2009.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

This paper proposes efficient scalar multiplication algorithms based on Montgomery ladder method. The proposed algorithm represents the scalar as ternary or quaternary and applies new composite formulas utilizing only x coordinate on affine coordinate system in order to improve performance. Furthermore, side-channel atomicity mechanism is applied on the proposed composite formulas to prevent simple power analysis. The proposed methods saves at least 26% of running time with the reduced number of storage compared with existing algorithms such as window-based methods and comb-based methods.

본 논문에서는 Montgomery ladder 방법을 확장한 효율적인 스칼라 곱셈 알고리즘을 제안한다. 제안하는 방법은 효율성을 높이기 위하여 스칼라를 ternary 또는 quaternary로 표현하고 아핀좌표계에서 Montgomery ladder 방법과 같이 x 좌표만을 이용하여 연산 가능하도록 하는 새로운 연산식을 적용한다. 그리고 단순전력분석에 안전하도록 Side-channel atomicity를 적용하였다. 또한 Montgomery trick을 사용하여 연산속도를 높였다. 재안하는 방법은 기존에 효율적으로 알려진 window method. comb method에 비해서 연산속도가 26% 이상 향상된다. 또한 이 방법들보다 저장공간을 적게 사용하는 장점도 가지고 있다.

Keywords

References

  1. N. Koblitz, 'Elliptic Curve Cryptosystems,' Mathematics of Computation, vol. 48, no. 177, pp. 203-309, Jan. 1987 https://doi.org/10.2307/2007884
  2. V. Miller, 'Uses of Elliptic Curves in Cryptography.' Advances in cryptography-CRYPTO 85', LNCS 218, pp. 417-426, 1986
  3. I. Blake. G. Seroussi. and N. Smart. Elliptic Curves in Cryptography. Cambridge University Press. July 1999
  4. F. Morain and J. Olivos, 'Speeding up the computation of an elliptic curve using addition-subtraction chains,' Informatique theorique et Applications, pp. 531-544, Sep. 1990
  5. M. Ciet, K. Lauter. M. Joye, and P.L. Montgomery. 'Trading inversions for multiplications in elliptic curve cryptography,' Designs. Codes and Cryptography. vol. 39. no. 2, pp. 189-206. May 2006 https://doi.org/10.1007/s10623-005-3299-y
  6. H. Cohen, A. Miyaji, and T. Ono. 'Efficient elliptic curve exponentiation using mixed coordinates,' Asiacrypt98, LNCS 1514. pp. 51-65. 1998
  7. K. Eisentrager, K. Lauter, and P.L. Montgomery, 'Fast elliptic curve arithmetic and improved Weil pairing evaluation. In M. Joye, editor.' Topics in Cryptology-CT-RSA 2003. LNCS 2612, pp. 343-354, 2003
  8. H. Cohen, A course in computational algebraic number theory : Graduate Texts in Mathematics, Springer-Verlag, Sep. 1993
  9. P. Kocher, 'Timing Attacks on Implementations of Diffie- Hellman, RSA, DSS, and Others Systems,' CRYPTO'96, LNCS 1109. pp. 104-113, 1996
  10. 한동국, 김성경, 김태현, 김호원, 임종인, '단순전력분석에 안전한 Signed Left-to-Right 리코딩 방법' 정보보호학회논문지, 17(1), pp. 127-132, 2007년 2월
  11. 김성경, 한동국, 김호원, 정교일, 임종인 ' SPA에 안전한 Unsigned Left- to-Right 리코딩 방법' 정보보호학회논문지, 17(1), pp. 23-32. 2007년 2월
  12. 김태현, 장상운, 김웅희, 박영호, '부채널 공격에 안전한 타원곡선 스칼라 곱셈 알고리즘.' 정보보호학회논문지, 14(6), pp. 125-134, 2004년 12월
  13. 임채훈, '부가채널 공격에 안전한 효율적인 타원곡선 상수배 알고리즘.' 정보보호학회논문지, 12(4), pp. 99-114, 2002년 8월
  14. 한동국, 장남수, 장상운, 임종인, '랜덤한 덧셈-뺼셈 체인에 대한 부채널 공격.' 정보보호학회논문지, 14(5), pp. 121-133, 2007년 10월
  15. V. Dimitrov, L. Imbert, and P.K. Mishra. 'Efficient and Secure Elliptic Curve Point Multiplication using Double Base Chain. In: Roy, B. (ed'),' ASIACRYPT 2005, LNCS 3788, pp. 59-79, 2005
  16. T. Izu and T. Takagi, 'A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks,' PKC 2002. LNCS 2274. pp. 280-296, 2002
  17. E. Brier and M. Joye, 'Weierstrass Elliptic Curves and Side-Channel Attacks,' Public Key Cryptography (PKC2002). LNCS 2274, pp. 335-345, 2002
  18. B.C. Mames, M. Ciet, and M. Joye. 'Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity,' IEEE Transactions on Computers, vol. 53. no. 6. pp. 760-768, June 2004 https://doi.org/10.1109/TC.2004.13
  19. D. Hankerson. A.J. Menezes, and S.A. Vanstone. Guide to elliptic curve cryptography. Springer-Verlag. Jan. 2004
  20. P. Kocher, J. Jaffe. and B. Jun, 'Differential power analysis. In: Wiener.' M.J.(ed.) CRYPTO 1999, LNCS 1666. pp. 388-397. 1999
  21. J. Coron, 'Resistance against differential power analysis for elliptic curve cryptosystems.' CHES'99. LNCS 1717, pp. 292-302, 1999
  22. B. Moller. 'Securing Elliptic Curve Point Multiplication against Side-Channel Attacks.' ICS 2001, LNCS 2200. pp. 324-334. 2001
  23. K. Okeya and T. Takagi, 'The Width-w NAF Method Provides Small Memory and Fast Elliptic Scalar Multiplication Secure against Side Channel Attacks,' CT-RSA 2003, LNCS 2612, pp. 328-342, 2003
  24. J. Lopez and R. Dahab, 'Fast Multiplication on Elliptic Curves over GF($2^{m}$) without Precomputation.' Cryptographic Hadware and Embedded Systems-CHES'99. LNCS 1717, pp. 316-327, 1999
  25. J.A. Solinas. 'Efficient Arithmetic on Koblitz Curves.' Designs, Codes and Cryptography. vol. 19, no. 2-3. pp. 195-249, Mar. 2000 https://doi.org/10.1023/A:1008306223194
  26. P.K. Mishra and V. Dimitrov, 'Efficient Quintuple Formulas for Elliptic Curves and Efficient Scalar Multiplication Using Multibase Number Representation,' ISC 2007. LNCS 4779, pp. 390-406. 2007
  27. M. Feng, B.B. Zhu, M. Xu. and S. Li, 'Efficient Comb Elliptic Curve Multiplication Methods Resistant to Power Analysis,' http://eprint.iacr.org/2005/222.ps.gz. 2005
  28. M. Hedabou, P. Pinel. and L. B'eb'eteau, 'A Comb Method to Render ECC Resistant against Side Chiannel Attacks.' http:// eprin t. iacr. org/2004/342. pdf, 2004