• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.515-518
• /
• 2019

The performance of Elliptic Curves Cryptosystem(ECC) is dominated by the modular multiplication since the elliptic curve scalar multiplication consists of the modular multiplication in projective coordinates. In this paper, we propose a new method that combines the Karatsuba-Ofman multiplication method and a new modular reduction algorithm in order to improve the performance of the modular multiplication for NIST p224 in the FIPS 186-4 standard. The proposed method leads to a running time improvement for computing the modular multiplication about 25% faster than the previous methods. The results also show that the method can reduce the arithmetic complexity by half when compared with traditional implementations on the standpoint of the modular reduction.

• Journal of the Korean Mathematical Society
• /
• v.48 no.5
• /
• pp.953-967
• /
• 2011

We show that the characteristic function $1S_{\underline{\alpha}}$ of any Harder-Narasimhan strata $S{\underline{\alpha}}\;{\subset}\;Coh_X^{\alpha}$ belongs to the spherical Hall algebra $H_X^{sph}$ of a smooth projective curve X (defined over a finite field $\mathbb{F}_q$). We prove a similar result in the geometric setting: the intersection cohomology complex IC(${\underline{S}_{\underline{\alpha}}$) of any Harder-Narasimhan strata ${\underline{S}}{\underline{\alpha}}\;{\subset}\;{\underline{Coh}}_X^{\underline{\alpha}}$ belongs to the category $Q_X$ of spherical Eisenstein sheaves of X. We show by a simple example how a complete description of all spherical Eisenstein sheaves would necessarily involve the Brill-Noether stratas of ${\underline{Coh}}_X^{\underline{\alpha}}$.

• Communications of the Korean Mathematical Society
• /
• v.23 no.1
• /
• pp.11-18
• /
• 2008

For a nef and big divisor D on a smooth projective surface S, the inequality $h^{0}$(S;$O_{s}(D)$) ${\leq}\;D^2\;+\;2$ is well known. For a nef and big canonical divisor KS, there is a better inequality $h^{0}$(S;$O_{s}(K_s)$) ${\leq}\;\frac{1}{2}{K_{s}}^{2}\;+\;2$ which is called the Noether inequality. We investigate an inequality $h^{0}$(S;$O_{s}(D)$) ${\leq}\;\frac{1}{2}D^{2}\;+\;2$ like Clifford theorem in the case of a curve. We show that this inequality holds except some cases. We show the existence of a counter example for this inequality. We prove also the base-locus freeness of the linear system in the exceptional cases.

• Journal of the Korean Mathematical Society
• /
• v.56 no.2
• /
• pp.387-419
• /
• 2019

A fullness conjecture of Kuznetsov says that if a smooth projective variety X admits a full exceptional collection of line bundles of length l, then any exceptional collection of line bundles of length l is full. In this paper, we show that this conjecture holds for X as the blow-up of ${\mathbb{P}}^3$ at a point, a line, or a twisted cubic curve, i.e., any exceptional collection of line bundles of length 6 on X is full. Moreover, we obtain an explicit classification of full exceptional collections of line bundles on such X.

• Journal of the Korean Mathematical Society
• /
• v.56 no.6
• /
• pp.1463-1474
• /
• 2019

Let C be a nonsingular projective curve of genus ${\geq}2$ over an algebraically closed field of characteristic 0. For a point P in C, the Weierstrass semigroup H(P) is defined as the set of non-negative integers n for which there exists a rational function f on C such that the order of the pole of f at P is equal to n, and f is regular away from P. A point P in C is referred to as a weak Galois-Weierstrass point if P is a Weierstrass point and there exists a Galois morphism ${\varphi}:C{\rightarrow}{\mathbb{p}}^1$ such that P is a total ramification point of ${\varphi}$. In this paper, we investigate the number of weak Galois-Weierstrass points of which the Weierstrass semigroups are generated by two positive integers.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1083-1091
• /
• 2017

This paper describes a design of cryptographic processor supporting 224-bit elliptic curves over prime field defined by NIST. Scalar point multiplication that is a core arithmetic function in elliptic curve cryptography(ECC) was implemented by adopting the modified Montgomery ladder algorithm. In order to eliminate division operations that have high computational complexity, projective coordinate was used to implement point addition and point doubling operations, which uses addition, subtraction, multiplication and squaring operations over GF(p). The final result of the scalar point multiplication is converted to affine coordinate and the inverse operation is implemented using Fermat's little theorem. The ECC processor was verified by FPGA implementation using Virtex5 device. The ECC processor synthesized using a 0.18 um CMOS cell library occupies 2.7-Kbit RAM and 27,739 gate equivalents (GEs), and the estimated maximum clock frequency is 71 MHz. One scalar point multiplication takes 1,326,985 clock cycles resulting in the computation time of 18.7 msec at the maximum clock frequency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.169-177
• /
• 2003

We establish the security requirements and derive a generic condition of elliptic curve scalar multiplication to resist against DPA and Goubin’s attack. Also we show that if a scalar multiplication algorithm satisfies our generic condition, then both attacks are infeasible. Showing that the randomized signed scalar multiplication using Ha-Moon's receding algorithm satisfies the generic condition, we recommend the randomized signed scalar multiplication using Ha-Moon's receding algorithm to be protective against both attacks. Also we newly design a random recoding method to Prevent two attacks. Finally, in efficiency comparison, it is shown that the recommended method is a bit faster than Izu-Takagi’s method which uses Montgomery-ladder without computing y-coordinate combined with randomized projective coordinates and base point blinding or isogeny method. Moreover. Izu-Takagi’s method uses additional storage, but it is not the case of ours.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.48 no.5
• /
• pp.13-24
• /
• 2011

This paper deals with a 3D-pose (orientation and position) estimation problem of a circular object in 3D-space. Circular features can be found with many objects in real world, and provide crucial cues in vision-based object recognition and location. In general, as a circular feature in 3D space is perspectively projected when imaged by a camera, it is difficult to recover fully three-dimensional orientation and position parameters from the projected curve information. This paper therefore proposes a 3D pose estimation method of a circular feature using a coplanar point. We first interpret a circular feature with a coplanar point in both the projective space and 3D space. A procedure for estimating 3D orientation/position parameters is then described. The proposed method is verified by a numerical example, and evaluated by a series of experiments for analyzing accuracy and sensitivity.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1137-1148
• /
• 2021

The main obstacle for implementing CSIDH-based cryptography is that it requires generating a kernel of a small prime order to compute the group action using Velu's formula. As this is a quite painstaking process for small torsion points, a new approach called radical isogeny is recently proposed to compute chains of isogenies from a coefficient of an elliptic curve. This paper presents an optimized implementation of radical isogenies and analyzes its ideal use in CSIDH-based cryptography. We tailor the formula for transforming Montgomery curves and Tate normal form and further optimized the radical 2- and 3- isogeny formula and a projective version of radical 5- and 7- isogeny. For CSIDH-512, using radical isogeny of degree up to 7 is 15.3% faster than standard constant-time CSIDH. For CSIDH-4096, using only radical 2-isogeny is the optimal choice.