An Advanced Method for Joint Scalar Multiplications on Memory Constraint Devices | SpringerLink
Skip to main content
Springer Nature Link
Log in

An Advanced Method for Joint Scalar Multiplications on Memory Constraint Devices

  • Conference paper
Security and Privacy in Ad-hoc and Sensor Networks (ESAS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3813))

Included in the following conference series:

Abstract

One of the most frequent operations in modern cryptosystems is a multi-scalar multiplication with two scalars. Common methods to compute it are the Shamir method and the Interleave method whereas their speed mainly depends on the (joint) Hamming weight of the scalars. To increase the speed, the scalars are usually deployed using some general representation which provides a lower (joint) Hamming weight than the binary representation. However, by using such general representations the precomputation and storing of some points becomes necessary and therefore more memory is required. Probably the most famous method to speed up the Shamir method is the joint sparse form (JSF). The resulting representation has an average joint Hamming weight of 1/2 and it uses the digits 0,± 1. To compute a multi-scalar multiplication with the JSF, the precomputation of two points is required. While for two precomputed points both the Shamir and the Interleave method provide the same efficiency, until now the Interleave method is faster in any case where more points are precomputed. This paper extends the used digits of the JSF in a natural way, namely we use the digits 0, ±1, ±3 which results in the necessity to precompute ten points. We will prove that using the proposed scheme, the average joint Hamming density is reduced to 239/661 ≈ 0.3615. Hence, a multi-scalar multiplication can be computed more than 10% faster, compared to the JSF. Further, our scheme is superior to all known methods using ten precomputed points and is therefore the first method to improve the Shamir method such that it is faster than the Interleave method. Another advantage of the new representation is, that it is generated starting at the most significant bit. More specific, we need to store only up to 5 joint bits of the new representation at a time. Compared to representations which are generated starting at the least significant bit, where we have to store the whole representation, this yields a significant saving of memory.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Avanzi, R.: On multi-exponentiation in cryptography, Cryptology ePrint Archive: Report 2002/154 (2002), available at http://eprint.iacr.org/2002/154/

  2. Avanzi, R.: A Note on the Signed Sliding Window Integer Recoding and a Left-to-Right Analogue. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 130–143. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography. Cambridge University Press, Cambridge (1999)

    MATH  Google Scholar 

  4. Cohen, H., Miyaji, A., Ono, T.: Efficient Elliptic Curve Exponentiation Using Mixed Coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  5. ElGamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  6. Grabner, P., Heuberger, C., Prodinger, H., Thuswaldner, J.: Analysis of linear combination algorithms in cryptography, available at http://www.opt.math.tu-graz.ac.at/~cheub/publications/

  7. Gordon, D.: A survey of fast exponentiation methods. Journal of Algorithms 27, 129–146 (1998)

    Article  MATH  MathSciNet  Google Scholar 

  8. Häggström, O.: Finite Markov Chains and Algorithmic Applications. In: London Mathematical Society Student Texts, vol. 52, Cambridge University Press, Cambridge (2002)

    Google Scholar 

  9. Heuberger, C., Katti, R., Prodinger, H., Ruan, X.: The Alternating Greedy Expansion and Applications to Left-To-Right Algorithms in Cryptography, available at http://www.opt.math.tu-graz.ac.at/~cheub/publications/

  10. Koblitz, N.: Elliptic Curve Cryptosystems. Math. Comp. 48, 203–209 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  11. Kuang, B., Zhu, Y., Zhang, Y.: An Improved Algorithm for uP+vQ using JSF 3. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 467–478. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)

    Google Scholar 

  13. Miyaji, A., Ono, T., Cohen, H.: Efficient Elliptic Curve Exponentiation. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 282–291. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  14. Morain, F., Olivos, J.: Speeding Up the Computations on an Elliptic Curve using Addition-Subtraction Chains. Informa. Theor. Appl. 24, 531–543 (1990)

    MATH  MathSciNet  Google Scholar 

  15. Möller, B.: Algorithms for Multi-exponentiation. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 165–180. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Möller, B.: Improved Techniques for Fast Exponentiation. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 298–312. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Möller, B.: Fractional Windows Revisited: Improved Signed-Digit Representations for Efficient Exponentiation. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 137–153. Springer, Heidelberg (2005) (to appear)

    Chapter  Google Scholar 

  18. Okeya, K., Schmidt-Samoa, K., Spahn, C., Takagi, T.: Signed Binary Representations Revisited. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 123–139. Springer, Heidelberg (2004), available at http://eprint.iacr.org/2004/195/

    Google Scholar 

  19. Proos, J.: Joint Sparse Forms and Generating Zero Columns when Combing, Technical Report of the Centre for Applied Cryptographic Research, University of Waterloo - CACR, CORR 2003-23 (2003), available at http://www.cacr.math.uwaterloo.ca

  20. Schmidt-Samoa, K., Semay, O., Takagi, T.: Analysis of Some Efficient Window Methods and their Application to Elliptic Curve Cryptosystems, Technical Report No. TI-3/04, 16 (August 2004)

    Google Scholar 

  21. Solinas, J.A.: Efficient Arithmetic on Koblitz Curves. Design, Codes and Cryptography 19, 195–249 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  22. Solinas, J.A.: Low-weight binary representations for pairs of integers, Technical Report of the Centre for Applied Cryptographic Research, University of Waterloo - CACR, CORR 2001-41 (2001), available at http://www.cacr.math.uwaterloo.ca

Download references

Author information

Authors and Affiliations

  1. Fachbereich Informatik, Technische Universität Darmstadt, Hochschulstr.10, D-64289, Darmstadt, Germany

    Erik Dahmen

  2. Hitachi, Ltd., Systems Development Laboratory, 1099, Ohzenji, Asao-ku, Kawasaki-shi, Kanagawa-ken, 215-0013, Japan

    Katsuyuki Okeya

  3. Future University – Hakodate, 116-2 Kamedanakano-cho Hakodate, Hokkaido, 041-8655, Japan

    Tsuyoshi Takagi

Authors
  1. Erik Dahmen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Katsuyuki Okeya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tsuyoshi Takagi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut Eurecom, 2229 Route des Cretes, 06904, Sophia-Antipolis, France

    Refik Molva

  2. Computer Science Department, University of California, Irvine,  

    Gene Tsudik

  3. NEC Europe Ltd.,,  

    Dirk Westhoff

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dahmen, E., Okeya, K., Takagi, T. (2005). An Advanced Method for Joint Scalar Multiplications on Memory Constraint Devices. In: Molva, R., Tsudik, G., Westhoff, D. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2005. Lecture Notes in Computer Science, vol 3813. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11601494_16

Download citation

  • DOI: https://doi.org/10.1007/11601494_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30912-3

  • Online ISBN: 978-3-540-31615-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics