Abstract
For most of the time since they were proposed, it was widely believed that hyperelliptic curve cryptosystems (HECC) carry a substantial performance penalty compared to elliptic curve cryptosystems (ECC) and are, thus, not too attractive for practical applications. Only quite recently improvements have been made, mainly restricted to curves of genus 2. The work at hand advances the state-of-the-art considerably in several aspects. First, we generalize and improve the closed formulae for the group operation of genus 3 for HEC defined over fields of characteristic two. For certain curves we achieve over 50% complexity improvement compared to the best previously published results. Second, we introduce a new complexity metric for ECC and HECC defined over characteristic two fields which allow performance comparisons of practical relevance. It can be shown that the HECC performance is in the range of the performance of an ECC; for specific parameters HECC can even possess a lower complexity than an ECC at the same security level. Third, we describe the first implementation of a HEC cryptosystem on an embedded (ARM7) processor. Since HEC are particularly attractive for constrained environments, such a case study should be of relevance.
Chapter PDF
Similar content being viewed by others
References
ANSI X9.62-1999. The Elliptic Curve Digital Signature Algorithm. Technical report, ANSI (1999)
Boston, N., Clancy, T., Liow, Y., Webster, J.: Genus Two Hyperelliptic Curve Coprocessor. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 400–414. Springer, Heidelberg (2003)
Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography. London Mathematical Society Lecture Notes Series, vol. 265. Cambridge University Press, Reading (1999)
Cantor, D.G.: Computing in Jacobian of a Hyperelliptic Curve. Mathematics of Computation 48(177), 95–101 (1987)
Chudnovsky, D.V., Chudnovsky, G.V.: Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Advances in Applied Mathematics 7, 385–434 (1987)
Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)
Cohen, H.: A course in computational number theory. Graduate Texts in Math., vol. 138. Springer, Berlin (1993), Third corrected printing (1996)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory, IT-22, 644–654 (1976)
Enge, A.: The extended Euclidean algorithm on polynomials, and the computational efficiency of hyperelliptic cryptosystems (November 1999) (preprint)
Frey, G., Rück, H.-G.: A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Mathematics of Computation 62(206), 865–874 (1994)
Galbraith, S.D.: Supersingular curves in cryptography. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 495–517. Springer, Heidelberg (2001)
Gaudry, P.: An algorithm for solving the discrete log problem on hyperelliptic curves. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 19–34. Springer, Heidelberg (2000)
Gaudry, P., Harley, R.: Counting Points on Hyperelliptic Curves over Finite Fields. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 297–312. Springer, Heidelberg (2000)
Harley, R.: Fast Arithmetic on Genus Two Curves (2000), Available at http://cristal.inria.fr/~harley/hyper/
Hankerson, D., López Hernandez, J., Menezes, A.: Software Implementation of Elliptic Curve Cryptography Over Binary Fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–24. Springer, Heidelberg (2000)
Kuroki, J., Gonda, M., Matsuo, K., Chao, J., Tsujii, S.: Fast Genus Three Hyperelliptic Curve Cryptosystems. In: The 2002 Symposium on Cryptography and Information Security, Japan – SCIS 2002, January 29-February 1 (2002)
Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Sov. Phys. Dokl (English translation) 7(7), 595–596 (1963)
Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48, 203–209 (1987)
Koblitz, N.: A Family of Jacobians Suitable for Discrete Log Cryptosystems. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 94–99. Springer, Heidelberg (1990)
Koblitz, N.: Hyperelliptic Cryptosystems. In: Brickell, E.F. (ed.) Journal of Cryptology, pp. 139–150 (1989)
Koblitz, N.: Algebraic Aspects of Cryptography. Algorithms and Computation in Mathematics. Springer, Heidelberg (1998)
Krieger, U.: signature.c, Diplomarbeit, Universität Essen, Fachbereich 6 (Mathematik und Informatik) (February 1997)
Lange, T.: Efficient Arithmetic on Genus 2 Hyperelliptic Curves over Finite Fields via Explicit Formulae. Cryptology ePrint Archive, Report 2002/121 (2002), http://eprint.iacr.org/
Lange, T.: Inversion-Free Arithmetic on Genus 2 Hyperelliptic Curves. Cryptology ePrint Archive, Report 2002/147 (2002), http://eprint.iacr.org/
Lange, T.: Weighted Coordinates on Genus 2 Hyperelliptic Curves. Cryptology ePrint Archive, Report 2002/153 (2002), http://eprint.iacr.org/
López, J., Dahab, R.: Improved algorithms for elliptic curve arithmetic in GF(2n). In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 201–212. Springer, Heidelberg (1999)
Lopez, J., Dahab, R.: High-speed software multiplication in \( \mathbb{F}_2 \) m. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 203–212. Springer, Heidelberg (2000)
Matsuo, K., Chao, J., Tsujii, S.: Fast Genus Two Hyperelliptic Curve Cryptosystems. In: ISEC2001-31, IEICE (2001)
Miyamoto, Y., Doi, H., Matsuo, K., Chao, J., Tsuji, S.: A Fast Addition Algorithm of Genus Two Hyperelliptic Curve. In: SCIS, IEICE Japan, pp. 497–502 (2002) (in Japanese)
Miller, V.: Uses of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)
Mumford, D.: Tata lectures on theta II. In: Mumford, D. (ed.) Prog. Math., vol. 43, Birkhäuser, Basel (1984)
Nagao, K.: Improving group law algorithms for Jacobians of hyperelliptic curves. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 439–448. Springer, Heidelberg (2000)
IEEE P1363 Standard Specifications for Public Key Cryptography, Last Preliminary Draft (November 1999)
Pollard, J.M.: Monte carlo methods for index computation mod p. Mathematics of Computation 32(143), 918–924 (1978)
Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves (Update). Cryptology ePrint Archive, Report 2003/026 (2003), http://eprint.iacr.org/
Smart, N.P.: On the Performance of Hyperelliptic Cryptosystems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 165–175. Springer, Heidelberg (1999)
Sakai, Y., Sakurai, K.: Design of Hyperelliptic Cryptosystems in small Characteristic and a Software Implementation over \( \mathbb{F}_{2^n } \). In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 80–94. Springer, Heidelberg (1998)
Sakai, Y., Sakurai, K.: On the Practical Performance of Hyperelliptic Curve Cryptosystems in Software Implementation. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E83-A (4), 692–703 (2000)
Sakai, Y., Sakurai, K., Ishizuka, H.: Secure Hyperelliptic Cryptosystems and their Performance. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 164–181. Springer, Heidelberg (1998)
Takahashi, M.: Improving Harley Algorithms for Jacobians of Genus 2 Hyperelliptic Curves. In: SCIS, IEICE, Japan (2002) (in Japanese)
van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. Journal of Cryptology 12(1), 1–28 (Winter 1999)
Wollinger, T.: Computer Architectures for Cryptosystems Based on Hyperelliptic Curves, Master Thesis, Worcester Polytechnic Institute (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pelzl, J., Wollinger, T., Guajardo, J., Paar, C. (2003). Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems - CHES 2003. CHES 2003. Lecture Notes in Computer Science, vol 2779. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45238-6_28
Download citation
DOI: https://doi.org/10.1007/978-3-540-45238-6_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40833-8
Online ISBN: 978-3-540-45238-6
eBook Packages: Springer Book Archive