TY - GEN

T1 - A technique for accelerating characteristic 2 elliptic curve cryptography

AU - Gueron, Shay

AU - Kounavis, Michael

PY - 2008

Y1 - 2008

N2 - In this paper we describe a novel approach for speeding up the computations of characteristic 2 elliptic curve cryptography. Using a projective space such as the Lopez-Dahab space [1] for representing point coordinates we accelerate point additions and point doublings by introducing a novel way for multiply elements in finite fields of the form GF(2m). Our technique uses a CPU instruction for carry-less multiplication (GFMUL) and single iteration Karatsuba-like formulae [2] for computing the carryless product of large degree polynomials in GF(2). It then performs the reduction of the carry-less product of these polynomials by taking into account the fact that many curves specify fields with irreducible polynomials which are sparse. For example NIST curves specify polynomials with either three terms (trinomials) or five terms (pentanomials). We demonstrate results from a prototype implementation showing that our technique speeds up Elliptic Curve Diffie Hellman based on the NISTB-233 curve by 55% in software on a 3.6 GHz Pentium 4 processor. If a 3 clock latency GFMUL instruction is introduced to the CPU then the acceleration factor becomes 5.2X. We also show that further software optimizations have the potential to further increase the speedup beyond 10X.

AB - In this paper we describe a novel approach for speeding up the computations of characteristic 2 elliptic curve cryptography. Using a projective space such as the Lopez-Dahab space [1] for representing point coordinates we accelerate point additions and point doublings by introducing a novel way for multiply elements in finite fields of the form GF(2m). Our technique uses a CPU instruction for carry-less multiplication (GFMUL) and single iteration Karatsuba-like formulae [2] for computing the carryless product of large degree polynomials in GF(2). It then performs the reduction of the carry-less product of these polynomials by taking into account the fact that many curves specify fields with irreducible polynomials which are sparse. For example NIST curves specify polynomials with either three terms (trinomials) or five terms (pentanomials). We demonstrate results from a prototype implementation showing that our technique speeds up Elliptic Curve Diffie Hellman based on the NISTB-233 curve by 55% in software on a 3.6 GHz Pentium 4 processor. If a 3 clock latency GFMUL instruction is introduced to the CPU then the acceleration factor becomes 5.2X. We also show that further software optimizations have the potential to further increase the speedup beyond 10X.

UR - http://www.scopus.com/inward/record.url?scp=44049086563&partnerID=8YFLogxK

U2 - 10.1109/ITNG.2008.193

DO - 10.1109/ITNG.2008.193

M3 - Conference contribution

AN - SCOPUS:44049086563

SN - 0769530990

SN - 9780769530994

T3 - Proceedings - International Conference on Information Technology: New Generations, ITNG 2008

SP - 265

EP - 272

BT - Proceedings - International Conference on Information Technology

T2 - International Conference on Information Technology: New Generations, ITNG 2008

Y2 - 7 April 2008 through 9 April 2008

ER -