Efficient algorithms for pairing-based cryptosystems

We describe fast new algorithms to implement recent cryptosystems based on the Tate pairing. In particular, our techniques improve pairing evaluation speed by a factor of about 55 compared to previously known methods in characteristic 3, and attain performance comparable to that of RSA in larger characteristics.We also propose faster algorithms for scalar multiplication in characteristic 3 and square root extraction over Fpm, the latter technique being also useful in contexts other than that of pairing-based cryptography

Group law computations on Jacobians of hyperelliptic curves

We derive an explicit method of computing the composition step in Cantor’s algorithm for group operations on Jacobians of hyperelliptic curves. Our technique is inspired by the geometric description of the group law and applies to hyperelliptic curves of arbitrary genus. While Cantor’s general composition involves arithmetic in the polynomial ring F_q[x], the algorithm we propose solves a linear system over the base field which can be written down directly from the Mumford coordinates of the group elements. We apply this method to give more efficient formulas for group operations in both affine and projective coordinates for cryptographic systems based on Jacobians of genus 2 hyperelliptic curves in general form

An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for End-to-End Security in IoT Applications

This paper presents a reconfigurable cryptographic engine that implements the DTLS protocol to enable end-to-end security for IoT. This implementation of the DTLS engine demonstrates 10x reduction in code size and 438x improvement in energy-efficiency over software. Our ECC primitive is 237x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Pairing the DTLS engine with an on-chip RISC-V allows us to demonstrate applications beyond DTLS with up to 2 orders of magnitude energy savings.Comment: Published in 2018 IEEE International Solid-State Circuits Conference (ISSCC

An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for End-to-End Security in IoT Applications

This paper presents a reconfigurable cryptographic engine that implements the DTLS protocol to enable end-to-end security for IoT. This implementation of the DTLS engine demonstrates 10x reduction in code size and 438x improvement in energy-efficiency over software. Our ECC primitive is 237x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Pairing the DTLS engine with an on-chip RISC-V allows us to demonstrate applications beyond DTLS with up to 2 orders of magnitude energy savings.Comment: Published in 2018 IEEE International Solid-State Circuits Conference (ISSCC

Cryptographic Pairings

This article appeared as Chapter 9 of the book Topics in Computational Number Theory inspired by Peter L. Montgomery , edited by Joppe W. Bos and Arjen K. Lenstra and published by Cambridge University Press. See https://www.cambridge.org/9781107109353

The Graphs for Elliptic Curve Cryptography

The scalar multiplication on elliptic curves defined over finite fields is a core operation in elliptic curve cryptography (ECC). Several different methods are used for computing this operation. One of them, the binary method, is applied depending on the binary representation of the scalar v in a scalar multiplication vP, where P is a point that lies on elliptic curve E defined over a prime field Fp. On the binary method, two methodologies are performed based on the implementation of the binary string bits from the right to the left (RLB) [or from the left to the right (LRB)]. Another method is a nonadjacent form (NAF) which depended on the signed digit representation of a positive integer v. In this chapter, the graphs and subgraphs are employed for the serial computations of elliptic scalar multiplications defined over prime fields. This work proposed using the subgraphs H of the graphs G or the (simple, undirected, directed, connected, bipartite, and other) graphs to represent a scalar v directly. This usage speeds up the computations on the elliptic scalar multiplication algorithms. The computational complexities of the proposed algorithms and previous ones are determined. The comparison results of the computational complexities on all these algorithms are discussed. The experimental results show that the proposed algorithms which are used the sub-graphs H and graphs G need to the less costs for computing vP in compare to previous algorithms which are employed the binary representations or NAF expansion. Thus, the proposed algorithms that use the subgraphs or the graphs to represent the scalars v are more efficient than the original ones