Abstract
The Double-Base Number System (DBNS) uses two bases, 2 and 3, in order to represent any integer n. A Double-Base Chain (DBC) is a special case of a DBNS expansion. DBCs have been introduced to speed up the scalar multiplication [n]P on certain families of elliptic curves used in cryptography. In this context, our contributions are twofold. First, given integers n, a, and b, we outline a recursive algorithm to compute the number of different DBCs with a leading factor dividing 2a3b and representing n. A simple modification of the algorithm allows to determine the number of DBCs with a specified length as well as the actual expansions. In turn, this gives rise to a method to compute an optimal DBC representing n, i.e. an expansion with minimal length. Our implementation is able to return an optimal expansion for most integers up to 260 bits in a few minutes. Second, we introduce an original and potentially more efficient approach to compute a random scalar multiplication [n]P, based on the concept of controlled DBC. Instead of generating a random integer n and then trying to find an optimal, or at least a short DBC to represent it, we propose to directly generate n as a random DBC with a chosen leading factor 2a3b and length ℓ. To inform the selection of those parameters, in particular ℓ, which drives the trade-off between the efficiency and the security of the underlying cryptosystem, we enumerate the total number of DBCs having a given leading factor 2a3b and a certain length ℓ. The comparison between this total number of DBCs and the total number of integers that we wish to represent a priori provides some guidance regarding the selection of suitable parameters. Experiments indicate that our new Near Optimal Controlled DBC approach provides a speedup of at least 10% with respect to the NAF for sizes from 192 to 512 bits. Computations involve elliptic curves defined over \(\mathbb{F}_p\), using the Inverted Edwards coordinate system and state of the art scalar multiplication techniques.
Chapter PDF
Similar content being viewed by others
References
Avanzi, R.M., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. Discrete Mathematics and its Applications. Chapman & Hall/CRC, Boca Raton (2005)
Bernstein, D.J., Lange, T.: Explicit-formulas database, http://www.hyperelliptic.org/EFD/
Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)
Bernstein, D.J., Lange, T.: Inverted Edwards Coordinates. In: Boztaş, S., Lu, H.-F(F.) (eds.) AAECC 2007. LNCS, vol. 4851, pp. 20–27. Springer, Heidelberg (2007)
Dimitrov, V.S., Cooklev, T.: Hybrid Algorithm for the Computation of the Matrix Polynomial I + A + ⋯ + A N − 1. IEEE Trans. on Circuits and Systems 42(7), 377–380 (1995)
Dimitrov, V.S., Imbert, L., Mishra, P.K.: Efficient and Secure Elliptic Curve Point Multiplication Using Double-Base Chains. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 59–78. Springer, Heidelberg (2005)
Dimitrov, V.S., Jullien, G.A., Miller, W.C.: An Algorithm for Modular Exponentiation. Information Processing Letters 66(3), 155–159 (1998)
Doche, C.: C++ and PARI/GP implementations to compute optimal and enumerate Double-Base Chains, http://www.comp.mq.edu.au/~doche
Doche, C., Habsieger, L.: A Tree-Based Approach for Computing Double-Base Chains. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 433–446. Springer, Heidelberg (2008)
Doche, C., Imbert, L.: Extended Double-Base Number System with applications to Elliptic Curve Cryptography. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 335–348. Springer, Heidelberg (2006)
Doche, C., Kohel, D.R., Sica, F.: Double-Base Number System for Multi-scalar Multiplications. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 502–517. Springer, Heidelberg (2009)
Doche, C., Sutantyo, D.: New and Improved Methods to Analyze and Compute Double-Scalar Multiplications. IEEE Trans. Comput. 63(1), 230–242 (2014)
Edwards, H.M.: A normal form for elliptic curves. Bull. Amer. Math. Soc (N.S.) 44(3), 393–422 (2007) (electronic)
Erdős, P., Loxton, J.H.: Some problems in partitio numerorum. J. Austral. Math. Soc. Ser. A 27(3), 319–331 (1979)
Free Software Foundation. GNU Multiple Precision Library
Hankerson, D., Menezes, A.J., Vanstone, S.A.: Guide to Elliptic Curve Cryptography. Springer, Berlin (2003)
Imbert, L., Philippe, F.: Strictly chained (p,q)-ary partitions. Contrib. Discrete Math. 5(2), 119–136 (2010)
Lou, T., Sun, X., Tartary, C.: Bounds and Trade-offs for Double-Base Number Systems. Information Processing Letters 111(10), 488–493 (2011)
Morain, F., Olivos, J.: Speeding up the Computations on an Elliptic Curve using Addition-Subtraction Chains. Inform. Theor. Appl. 24, 531–543 (1990)
Reitwiesner, G.: Binary arithmetic. Adv. Comput. 1, 231–308 (1962)
Shoup, V.: NTL: A Library for doing Number Theory
The PARI Group, Bordeaux. PARI/GP, version 2.7.1 (2014)
Washington, L.C.: Elliptic Curves. Discrete Mathematics and its Applications. Number theory and cryptography. Chapman & Hall/CRC, Boca Raton (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 International Association for Cryptologic Research
About this paper
Cite this paper
Doche, C. (2014). On the Enumeration of Double-Base Chains with Applications to Elliptic Curve Cryptography. In: Sarkar, P., Iwata, T. (eds) Advances in Cryptology – ASIACRYPT 2014. ASIACRYPT 2014. Lecture Notes in Computer Science, vol 8873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45611-8_16
Download citation
DOI: https://doi.org/10.1007/978-3-662-45611-8_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45610-1
Online ISBN: 978-3-662-45611-8
eBook Packages: Computer ScienceComputer Science (R0)