Combined small subgroups and side-channel attack on elliptic curves with cofactor divisible by 2m2^m

Nowadays, alternative models of elliptic curves like Montgomery, Edwards, twisted Edwards, Hessian, twisted Hessian, Huff's curves and many others are very popular and many people use them in cryptosystems which are based on elliptic curve cryptography. Most of these models allow to use fast and complete arithmetic which is especially convenient in fast implementations that are side-channel attacks resistant. Montgomery, Edwards and twisted Edwards curves have always order of group of rational points divisible by 4. Huff's curves have always order of rational points divisible by 8. Moreover, sometimes to get fast and efficient implementations one can choose elliptic curve with even bigger cofactor, for example 16. Of course the bigger cofactor is, the smaller is the security of cryptosystem which uses such elliptic curve. In this article will be checked what influence on the security has form of cofactor of elliptic curve and will be showed that in some situations elliptic curves with cofactor divisible by $2^m$ are vulnerable for combined small subgroups and side-channel attacks

Combined small subgroups and side-channel attack on elliptic curves with cofactor divisible by 2m2^m

Nowadays, alternative models of elliptic curves like Montgomery, Edwards, twisted Edwards, Hessian, twisted Hessian, Huff\u27s curves and many others are very popular and many people use them in cryptosystems which are based on elliptic curve cryptography. Most of these models allow to use fast and complete arithmetic which is especially convenient in fast implementations that are side-channel attacks resistant. Montgomery, Edwards and twisted Edwards curves have always order of group of rational points divisible by 4. Huff\u27s curves have always order of rational points divisible by 8. Moreover, sometimes to get fast and efficient implementations one can choose elliptic curve with even bigger cofactor, for example 16. Of course the bigger cofactor is, the smaller is the security of cryptosystem which uses such elliptic curve. In this article will be checked what influence on the security has form of cofactor of elliptic curve and will be showed that in some situations elliptic curves with cofactor divisible by $2^m$ are vulnerable for combined small subgroups and side-channel attacks

High Speed and Low-Complexity Hardware Architectures for Elliptic Curve-Based Crypto-Processors

The elliptic curve cryptography (ECC) has been identified as an efficient scheme for public-key cryptography. This thesis studies efficient implementation of ECC crypto-processors on hardware platforms in a bottom-up approach. We first study efficient and low-complexity architectures for finite field multiplications over Gaussian normal basis (GNB). We propose three new low-complexity digit-level architectures for finite field multiplication. Architectures are modified in order to make them more suitable for hardware implementations specially focusing on reducing the area usage. Then, for the first time, we propose a hybrid digit-level multiplier architecture which performs two multiplications together (double-multiplication) with the same number of clock cycles required as the one for one multiplication. We propose a new hardware architecture for point multiplication on newly introduced binary Edwards and generalized Hessian curves. We investigate higher level parallelization and lower level scheduling for point multiplication on these curves. Also, we propose a highly parallel architecture for point multiplication on Koblitz curves by modifying the addition formulation. Several FPGA implementations exploiting these modifications are presented in this thesis. We employed the proposed hybrid multiplier architecture to reduce the latency of point multiplication in ECC crypto-processors as well as the double-exponentiation. This scheme is the first known method to increase the speed of point multiplication whenever parallelization fails due to the data dependencies amongst lower level arithmetic computations. Our comparison results show that our proposed multiplier architectures outperform the counterparts available in the literature. Furthermore, fast computation of point multiplication on different binary elliptic curves is achieved

Efficient and Secure ECDSA Algorithm and its Applications: A Survey

Public-key cryptography algorithms, especially elliptic curve cryptography (ECC)and elliptic curve digital signature algorithm (ECDSA) have been attracting attention frommany researchers in different institutions because these algorithms provide security andhigh performance when being used in many areas such as electronic-healthcare, electronicbanking,electronic-commerce, electronic-vehicular, and electronic-governance. These algorithmsheighten security against various attacks and the same time improve performanceto obtain efficiencies (time, memory, reduced computation complexity, and energy saving)in an environment of constrained source and large systems. This paper presents detailedand a comprehensive survey of an update of the ECDSA algorithm in terms of performance,security, and applications

Addition law structure of elliptic curves

The study of alternative models for elliptic curves has found recent interest from cryptographic applications, once it was recognized that such models provide more efficiently computable algorithms for the group law than the standard Weierstrass model. Examples of such models arise via symmetries induced by a rational torsion structure. We analyze the module structure of the space of sections of the addition morphisms, determine explicit dimension formulas for the spaces of sections and their eigenspaces under the action of torsion groups, and apply this to specific models of elliptic curves with parametrized torsion subgroups

New Addition Operation and Its Application for Scalar Multiplication on Hessian Curves over Prime Fields

In this paper, we present a new addition operation on Hessian curves with low cost. It can be applied to resist the side channel attacks for scalar multiplication, and also can be used to compute precomputation points for window-based scalar multiplication on Hessian curves over prime fields. We propose two new precomputation schemes that are shown to achieve the lowest cost among all known methods. By using the fractional $w$NAF and fractional $wmb$NAF, if $n=192$ bits and $1I\approx30M$, scheme 1 can save up to $31M$, scheme 2 can save up to $28M$ with $w\geq 6$, where $I$, $M$ represent the inversion and the multiplication, respectively

A Survey Report On Elliptic Curve Cryptography

The paper presents an extensive and careful study of elliptic curve cryptography (ECC) and its applications. This paper also discuss the arithmetic involved in elliptic curve  and how these curve operations is crucial in determining the performance of cryptographic systems. It also presents  different forms of elliptic curve in various coordinate system , specifying which is most widely used and why. It also explains how isogenenies between elliptic curve  provides the secure ECC. Exentended form of elliptic curve i.e hyperelliptic curve has been presented here with its pros and cons. Performance of ECC and HEC is also discussed based on scalar multiplication and DLP. Keywords: Elliptic curve cryptography (ECC), isogenies, hyperelliptic curve (HEC) , Discrete Logarithm Problem (DLP), Integer  Factorization , Binary Field, Prime FieldDOI:http://dx.doi.org/10.11591/ijece.v1i2.8