Presentation is loading. Please wait.

Presentation is loading. Please wait.

Discrete Methods in Mathematical Informatics Lecture 5: Elliptic Curve Cryptography Implementation(I) 8 th January 2012 Vorapong Suppakitpaisarn

Published byMarshall Martin Nash Modified over 9 years ago

Similar presentations

Presentation on theme: "Discrete Methods in Mathematical Informatics Lecture 5: Elliptic Curve Cryptography Implementation(I) 8 th January 2012 Vorapong Suppakitpaisarn"— Presentation transcript:

1 Discrete Methods in Mathematical Informatics Lecture 5: Elliptic Curve Cryptography Implementation(I) 8 th January 2012 Vorapong Suppakitpaisarn vorapong@mist.i.u-tokyo.ac.jp, Eng. 6 Room 363 Download Slide: http://misojiro.t.u-tokyo.ac.jp/~vorapong/

2 Course Information 10/9 – Elliptic Curve I (2 Exercises) (What is Elliptic Curve?) 10/16 – Elliptic Curve II (1 Exercises) (Elliptic Curve Cryptography[1]) 10/23 – Elliptic Curve III (2 Exercises) (Elliptic Curve Cryptography[2]) 10/30 – Cancelled 11/6 – Online Algorithm I (Prof. Han) 11/13 – Online Algorithm II (Prof. Han) 11/20 – Cancelled 11/27 – Elliptic Curve IV (1 Exercises) (ECC Implementation I) 12/4 – Cancelled 12/11 – Computational Game Theory I (Prof. Gurvich) 12/18 – Computational Game Theory II (Prof. Elbassioni) 1/8 – Elliptic Curve V (3 Exercises) (ECC Implementation II) 1/15 – Cancelled (Monday Schedule) 1/22~ – SAT Problem (Prof. Makino) 10/9 – Elliptic Curve I (2 Exercises) (What is Elliptic Curve?) 10/16 – Elliptic Curve II (1 Exercises) (Elliptic Curve Cryptography[1]) 10/23 – Elliptic Curve III (2 Exercises) (Elliptic Curve Cryptography[2]) 10/30 – Cancelled 11/6 – Online Algorithm I (Prof. Han) 11/13 – Online Algorithm II (Prof. Han) 11/20 – Cancelled 11/27 – Elliptic Curve IV (1 Exercises) (ECC Implementation I) 12/4 – Cancelled 12/11 – Computational Game Theory I (Prof. Gurvich) 12/18 – Computational Game Theory II (Prof. Elbassioni) 1/8 – Elliptic Curve V (3 Exercises) (ECC Implementation II) 1/15 – Cancelled (Monday Schedule) 1/22~ – SAT Problem (Prof. Makino) Schedule For my part, you need to submit 2 Reports. - Report 1: Select 3 from 6 exercises in Elliptic Curve I – III Submission Deadline: 14 November - Report 2: Select 2 from 4 exercises in Elliptic Curve IV – V Submission Deadline: January 22 nd - Submit your report in this lecture room before the class begins. For my part, you need to submit 2 Reports. - Report 1: Select 3 from 6 exercises in Elliptic Curve I – III Submission Deadline: 14 November - Report 2: Select 2 from 4 exercises in Elliptic Curve IV – V Submission Deadline: January 22 nd - Submit your report in this lecture room before the class begins. Grading

3 Elliptic Curve Cryptography Field Arithmetic Elliptic Curve Arithmetic Point Addition A = -4, B = 4 Scalar Multiplication Compute rP = 14P r = 14 = (0 1 1 1 0) 2 P3P3P7P7P14P 6P6P2P2P O 2 Point Additions 3 Point Doubles ECC Protocol Generate P 2 E(F) Generate positive integers a Receive Q = bP Compute aQ = abP Receive P Receive S = aP Generate positive integer b Compute bS = abP P aP bP Last Time This Time

4 Scalar Multiplication and Binary Representation Scalar Multiplication on Elliptic Curve Cryptography S = P + P + … + P = rP when r1 is positive integer, S,P is a member of the curve Double-and-add method Let r = 14 = (01110) 2 Compute rP = 14P r = 14 = (0 1 1 1 0) 2 Weight = 3 P3P3P7P7P14P 6P6P2P2P 3 – 1 = 2 Point Additions 4 – 1 = 3 Point Doubles r times O For [0,2 n -1], n - 1 times. Average # of Point Doubles? For [0,2 n -1], n/2 - 1 times. (Average Weight = n/2) Average # of Point Additions?

5 Redundant Binary Representation Change Digit Set can help Scalar Multiplication faster Represent each digit using {0, 1, -1} instead of {0,1}. Redundant, then use Minimum Weight Conversion to find Minimum Weight Expansion (the expansion that have the minimum joint weight) Weight = 2 P2P2P4P4P 7P 7P 4P4P2P2P 8P O Compute rP = 14P r = 14 = (1 0 0 -1 0) 2 14P 2 – 1 = 1 Point Additions 5 – 1 = 4 Point Doubles 3 – 1 = 2 Point Additions 4 – 1 = 3 Point Doubles For [0,2 n -1], n + o(n) times. Average # of Point Doubles? For [0,2 n -1], n/3 + o(n) times. (Average Weight = n/3 + o(n)) Average # of Point Additions? For [0,2 n -1], n - 1 times? Average # of Point Doubles? For [0,2 n -1], n/2 - 1 times? (Average Weight = n/2) Average # of Point Additions?

6 Non-Adjacent Form S = (s n-1 s n-2 … s 0 ) is Non-Adjacent Form (NAF) of positive integer r iff Definition S is Minimum Weight {0, ±1}-Expansion of r if S is Non-Adjacent Form of r Optimality S = (s n-1 s n-2 … s 0 ) is D S -Expansion of positive integer r iff Definition S = (s n-1 s n-2 … s 0 ) is Minimum Weight D S -Expansion of positive integer r iff Definition

7 Algorithm Simple Fact n - 1 consecutive 1’sn - 2 consecutive 0’s Ex Example 1 0 0 0 -1 Algorithm For [0,2 n -1], n/3 + o(n) times. (Average Weight = n/3 + o(n)) Average # of Point Additions? Markov Chain

8 w-NAF S = (s n-1 s n-2 … s 0 ) is Non-Adjacent Form (NAF) of positive integer r iff Definition S is Minimum Weight {0, ±1}-Expansion of r if S is Non-Adjacent Form of r Optimality S = (s n-1 s n-2 … s 0 ) is D S -Expansion of positive integer r iff Definition S = (s n-1 s n-2 … s 0 ) is Minimum Weight D S -Expansion of positive integer r iff Definition S = (s n-1 s n-2 … s 0 ) is w-NAF of positive integer r iff Definition w-NAF of positive integer r is also NAF of r when w = 1 S is Minimum Weight {0, ±1, …, (2 w -1)}-Expansion of r if S is w-NAF of r Optimality

9 Exercise 7 AlgorithmExercise 7 Memory and Speed P3P3P7P7P14P 6P6P2P2P O Compute rP = 14P r = 14 = (0 1 1 1 0) 2

10 Average Weight {0, ±1, ±3, …, ±(2h+1)} Digit SetAverage Weight {0, ±1} 9 states [Egecioglu 94] {0, ±1, ±3} 38 states [Muir 04] {0, ±1, ±3, ±5} 70 states [Moller 05] {0, ±1,±3, ±5,±7} 119 states [Moller 05] {0, ±1,±3, ±5,±7,±9} 160 states [Moller 05] {0, ±1,±3, ±5,±7,±9, ±11} 207 states [Moller 05] Average Number of Additions (Average Weight) of r in [0,2 n -1] representing using digit set {0, ±1, ±3, …, ±(2h+1)} is when Theorem [Moller 05] n tends to infinite Average Number of Additions (Average Weight) of r in [0,2 n -1] representing using digit set {0, ±1, ±3, …, ±(2 w -1)} is Theorem [Muir 04] n tends to infinite

11 r-radix Representation 00 0) 2 (1 14 = O P 2P2P4P4P8P8P14P 2P2P4P4P7P7P 2424 23232 2121 2020 Base 2 1 -1) 2 (0 14 = O 3P3P6P6P15P P2P2P5P5P14P 3434 3 3232 3131 3030 Base 3 1 Point Additions 4 Point Doubles 3 Point Additions 3 Point Triples Field with characteristic 3 (eg. F 3 97 ) is used in fast Pairing implementation. [Barreto, Kim, Lynn, Scott CRYPTO2002] [Galbraith, Harrison, Soldera ANTS, 2002] [Granger, Page, Stam 2004] In the field, point triple is very fast operation. [Takagi, Reis, Yen, Wu, IEICE Trans., 2006]

12 Average Weight for 3-radix {0, ±1, ±2, …, ±h} Digit SetAverage Weight {0, ±1} {0, ±1, ±2} [Joye, Yen 04] {0, ±1, ±2, ±4} [Takagi, Jeis, Yen, Wu 06] {0, ±1,±2, ±4,±5} [New Result] {0, ±1,±2, ±4,±5±7} [New Result] {0, ±1,±2, ±4,±5,±7, ±8} [Joye, Yen 04] Average Number of Additions (Average Weight) of r in [0,2 n -1] representing using digit set {0, ±1, ±3, …, ±(3 w -1)/2} – 3Z is Theorem [Takagi, Jeis, Yen, Wu 06] n tends to infinite Average Number of Additions (Average Weight) of r in [0,2 n -1] representing using digit set {0, ±1, ±2, …, ±(3 w -1)} – 3Z is Theorem [Joye, Yen 04] n tends to infinite Our Observation Average Number of Additions (Average Weight) of r in [0,2 n -1] representing using digit set {0, ±1, ±2, …, ±h} – 3Z is when We also found the relation for 4-radix and 6-radix!!!

13 Double-Base Number System [Dimitrov, Cooklev, IEEE Trans. on Circuits and Systems, 1995] 00 0) 2 (1 14 = O P 2P2P4P4P8P8P14P 2P2P4P4P7P7P 2424 23232 2121 2020 Base 2 1 -1) 3 (0 14 = O 3P3P6P6P15P P2P2P5P5P14P 3434 3 3232 3131 3030 Base 3 1 Point Additions 4 Point Doubles 3 Point Additions 3 Point Triples 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 14 = 2 3 3 0 + 2 1 3 1

14 Double-Base Number System (DBNS) [Dimitrov, Cooklev, IEEE Trans. on Circuits and Systems, 1995] is D S -DBNS of positive integer r iff Definition 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 14 = 2 3 3 0 + 2 1 3 1 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 14 = 2 2 3 1 + 2 1 3 0 Example

15 Double-Base Number System (DBNS) [Dimitrov, Cooklev, IEEE Trans. on Circuits and Systems, 1995] is Minimum Weight D S -DBNS of positive integer r iff Definition In this state, there exists no polynomial-time algorithm to compute Minimum Weight D S -DBNS. Note Theorem For Single-Base (Base 2,3,…), the weight is in for the average case. For Double-Base, the weight is in, even for the worst case. Note Hard to introduce to Scalar Multiplication Too General

16 Scalar Multiplication with DBNS [Meloni, Hasan, CHES2009] Algorithm 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 127 = 2 2 3 3 + 2 1 3 2 + 2 1 3 0 1 Need memory to store l elliptic points

17 Double-Base Chain [Dimitrov, Imbert, Mishra, Math of Computation, 2008] whenand Double-Base Number System With More Restriction

18 Double Base Number System (DBNS) Double-Base Number System [Dimitrov, Cooklev, IEEE Trans. on Circuits and Systems, 1995] 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 14 = 2 3 3 0 + 2 1 3 1 Double Base Chains (DBC) 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 14 = 2 2 3 1 + 2 1 3 0 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 127 = 2 2 3 3 + 2 1 3 2 + 2 1 3 0 1 24342434 24332433 24322432 24312431 24302430 23342334 23332333 23322332 23312331 23302330 22342234 22332233 22322232 22312231 22302230 21342134 21332133 21322132 21312131 21302130 20342034 20332033 20322032 20312031 20302030 1 1 1

19 Double-Base Chain [Dimitrov, Imbert, Mishra, Math of Computation, 2008] k = 127 = 2 2 3 3 + 2 1 3 2 + 2 0 3 0 Digit 101001 Base2 2 3 3 2 1 3 3 2 1 3 2 2 0 3 2 2 0 3 1 3 0 3 0 O P 2P2P 2P2P 6P6P 7P7P 14P 42P 126P 127P whenand 2 Point Additions, 2 Point Doubles, 3 Point Triples Given k Given C add - Computation time of a Point Addition Given C dbl - Computation time of a Point Double Given C tpl - Computation time of a Point Triple Find the Chain With Smallest Total Computation Time Problem Double-Base Number System With More Restriction Similar to Double-and- add Methods

20 Algorithms [Suppakitpaisarn, Edahiro, Imai, 2012] k = 10, C tpl = 1, C dbl = 1, C add = 1 How to compute kP = 10P 1.Compute 5P 2.Double the point to 10P = 2. 5P 1.Compute 5P 2.Double the point to 10P = 2. 5P Plan A 1.Compute 3P 2.Triple the point to 9P = 3. 3P 3.Add the point with P (9P + P = 10P) 1.Compute 3P 2.Triple the point to 9P = 3. 3P 3.Add the point with P (9P + P = 10P) Plan B Optimize Computation Time of 5P + Point Double = C(5P) + C dbl = 3 + 1 = 4 Optimize Computation Time of 5P + Point Double = C(5P) + C dbl = 3 + 1 = 4 Cost Optimize Computation Time of 3P + Point Triple + Point Addition = C(3P) + C tpl + C add = 1 + 1 + 1 = 3 Optimize Computation Time of 3P + Point Triple + Point Addition = C(3P) + C tpl + C add = 1 + 1 + 1 = 3 Cost Our Results

21 Algorithm C(k) =min(, ) if k mod 6 == 0 min(, ) if k mod 6 == 1 min(, ) if k mod 6 == 2 min(, ) if k mod 6 == 3 min(, ) if k mod 6 == 4 min(, ) if k mod 6 == 5 C(k/2) + P dbl C(k/2) + P dbl + P add C(k/3) + P tpl C(k/3) + P tpl + P add infinity Dynamic Programming Time : lg 2 k Memory : lg 2 k 1 1 0 0 0 0 3 3 1 1 3 3 Our Results

22 Prime Field (F p ) Experiments on Inverted Edward Coordinates [Bernstein, Lange, AAECC 2007] C dbl = 6.2[m], C tpl = 12.2[m], C add = 9.8[m] Algorithm192 bits256 bits320 bits384 bits512 bits NAF [Egecioglu, Koc, Theo. Comp. Sci., 1994] 1817.62423.53029.33635.24241.1 Ternary/Binary [Dimitrov, Jullien, Miller, Information Processing Letters, 1998] 1761.22353.62944.93537.24129.6 DB-Chain [Dimitrov, Imbert, Mishra, Math. of Comp., April 2008] 1725.52302.02879.13455.24032.4 Tree-Based Approach [Doche, Habsieger, ACISP 2008, July 2008] 1691.32255.82821.03386.03950.3 Optimized DB-Chain [Our Result] 1624.52168.22710.93254.13796.3 3.95 %3.88 %3.90 % Our Results

23 Double-Base Chain [Dimitrov, Imbert, Mishra, Math of Computation, 2008] k = 127 = 2 2 3 3 + 2 1 3 2 + 2 0 3 0 Digit 101001 Base2 2 3 3 2 1 3 3 2 1 3 2 2 0 3 2 2 0 3 1 3 0 3 0 O P 2P2P 2P2P 6P6P 7P7P 14P 42P 126P 127P whenand 2 Point Additions, 2 Point Doubles, 3 Point Triples Given k Given C add - Computation time of a Point Addition Given C dbl - Computation time of a Point Double Given C tpl - Computation time of a Point Triple Find the Chain With Smallest Total Computation Time Double-Base Number System With More Restriction Similar to Double-and- add Methods Given k Given C add = 1, C dbl = 0, C tpl = 0 Find the Chain With Smallest Total Computation Time Given k Given C add = 1, C dbl = 0, C tpl = 0 Find the shortest chain (the chain with smallest number of terms) Problem

24 On-Going… DBNS Double-Base Chain Input: k Output: m k * Solved by DP [Our Results] Input: k Output: m k * Tractable??? Approximation Algorithm??? [Dimitrov, Cooklev, 1995] [Our Results]

25 Exercise 8

26 Efficiency of Multi-Scalar Multiplication Multi-Scalar Multiplication on Elliptic Curve Cryptography S = P + P + … + P + Q + Q + … + Q = r 1 P + r 2 Q when r 1, r 2 is positive integer, S,P,Q is a member of the curve General Technique - Double-and-add method Let r 1 = 12 = (01100) 2, r 2 = 21 = (10101) 2 Compute r 1 P = 12P r 1 = 12 = (0 1 1 0 0) 2 Compute r 2 Q = 21Q r 2 = 21 = (1 0 1 0 1) 2 Weight = 2 Weight = 3 P3P3P6P6P12P 6P6P2P2P Q2Q2Q 5Q5Q 10Q 4Q4Q2Q2Q 20Q 21Q [DJM00] Dimitrov, V. S.; Jullien, G. A. and Miller, W. C. Complexity and fast algorithms for multiexponentiations IEEE Trans. on Computers, 2000, 49, 141-147 4 Point Additions 7 Point Doubles r 1 times r 2 times O O Horner’s Method

27 Shamir’s Trick + Binary Representation [ElGamal, IEEE Trans. on Info. Theory, 1986] Compute two number together to reduce the redundant task. Pre-compute P + Q r 1 = 12 = ( 0 1 1 0 0 ) 2 r 2 = 21 = ( 1 0 1 0 1 ) 2 QP+2Q3P+5Q 2P+4Q2Q2Q6P+10Q12P+20Q 12P+21Q6P+10Q Joint Weight = 4 3 Point Additions 4 Point Doubles O 4 Point Additions 7 Point Doubles For [0,2 n -1], 0.75n - 1 times. (Average Weight = 0.75n) Average # of Point Additions?

28 Shamir’s Trick + Joint Sparse Form (JSF) [Solinas, Combinatorics and Optimization Research, 2001] Joint Weight = 3 P+Q2P+2Q3P+5Q 4P+4Q2P+2Q6P+10Q12P+20Q 12P+21Q6P+10Q 2 Point Additions 4 Point Doubles Dahmen, Okeya and Takagi expands digit over {-3,-1,0,1,3} [DOT08] Adikari and Dimitrov expands digit over Hybrid Binary-Ternary representation [AD08] Represent each digit using {0, ±1} instead of {0,1}. r 1 = 12 = ( 1 0 -1 0 0 ) 2 r 2 = 21 = ( 1 0 1 0 1 ) 2 For [0,2 n -1], 0.5n - 1 times. (Average Weight = 0.5n) Average # of Point Additions?

29 Average Joint Weight of {0, ±1, ±3} Solinas, Comb. and Opt. Report, 2001 Avanzi, Crypto. e-Print Achieve, 2002 Kuang, Zhu, Zhang, ACNS 2004, 2004 Moller, ICISC 2004, 2004 Dahmen, Okeya, Takagi, IEICE Trans., 2007 Open Problem 0.3750 0.3712 0.3636 0.3615 Our Result 0.3575 We prove that 0.3575 is the least number and solve the open problem

30 Other Results {0, ±1, ±3, …, ±(2h+1)} hSingle Integer Integer PairTriple Quadruple 0 [Egecioglu 94][Solinas 01][Heuberger 07] 1 [Muir 04] [Improved Result] [New Result] 2 [Moller 05] [New Result] 3 [Moller 05] [New Result] 4 [Moller 05] [New Result] 5 207 states [Moller 05] [New Result] Match existing works Improve existing works New Results

31 Exercise 9 Let P, Q be points in elliptic curve, and assume that P + Q can be computed much faster if P – Q is known. (even much faster than point double) Let T be a computation time for fast addition (that P – Q is known), and n = max(lg r 1, lg r 2 ). 1. Develop an algorithm for computing S = r 1 P in 2nT with constant number of points stored in memory. 2. Develop an algorithm for computing S = r 1 P + r 2 Q in 3nT with constant number of points stored in memory. Additional score will be given if you can find algorithm faster than 3nT. Exercise 9

32 Course Information 10/9 – Elliptic Curve I (2 Exercises) (What is Elliptic Curve?) 10/16 – Elliptic Curve II (1 Exercises) (Elliptic Curve Cryptography[1]) 10/23 – Elliptic Curve III (2 Exercises) (Elliptic Curve Cryptography[2]) 10/30 – Cancelled 11/6 – Online Algorithm I (Prof. Han) 11/13 – Online Algorithm II (Prof. Han) 11/20 – Cancelled (Friday Schedule) 11/27 – Elliptic Curve IV (1 Exercises) (ECC Implementation I) 12/4 – Cancelled 12/11 – Computational Game Theory I (Prof. Gurvich) 12/18 – Computational Game Theory II (Prof. Elbassioni) 1/8 – Elliptic Curve V (3 Exercises) (ECC Implementation II) 1/15 – Cancelled (Monday Schedule) 1/22~ – SAT Problem (Prof. Makino) 10/9 – Elliptic Curve I (2 Exercises) (What is Elliptic Curve?) 10/16 – Elliptic Curve II (1 Exercises) (Elliptic Curve Cryptography[1]) 10/23 – Elliptic Curve III (2 Exercises) (Elliptic Curve Cryptography[2]) 10/30 – Cancelled 11/6 – Online Algorithm I (Prof. Han) 11/13 – Online Algorithm II (Prof. Han) 11/20 – Cancelled (Friday Schedule) 11/27 – Elliptic Curve IV (1 Exercises) (ECC Implementation I) 12/4 – Cancelled 12/11 – Computational Game Theory I (Prof. Gurvich) 12/18 – Computational Game Theory II (Prof. Elbassioni) 1/8 – Elliptic Curve V (3 Exercises) (ECC Implementation II) 1/15 – Cancelled (Monday Schedule) 1/22~ – SAT Problem (Prof. Makino) Schedule For my part, you need to submit 2 Reports. - Report 1: Select 3 from 6 exercises in Elliptic Curve I – III Submission Deadline: 14 November - Report 2: Select 2 from 4 exercises in Elliptic Curve IV – V Submission Deadline: January 22 nd - Submit your report in this lecture room before the class begins. For my part, you need to submit 2 Reports. - Report 1: Select 3 from 6 exercises in Elliptic Curve I – III Submission Deadline: 14 November - Report 2: Select 2 from 4 exercises in Elliptic Curve IV – V Submission Deadline: January 22 nd - Submit your report in this lecture room before the class begins. Grading

33 Thank you for your attention Please feel free to ask questions or comment.

Download ppt "Discrete Methods in Mathematical Informatics Lecture 5: Elliptic Curve Cryptography Implementation(I) 8 th January 2012 Vorapong Suppakitpaisarn"

Similar presentations

1 Computational Complexity Size Matters!. 2 Suppose there are several algorithms which can all be used to perform the same task. We need some way to judge.

1 Computational Complexity Size Matters!. 2 Suppose there are several algorithms which can all be used to perform the same task. We need some way to judge.
Discrete Methods in Mathematical Informatics Lecture 3: Other Applications of Elliptic Curve 23h October 2012 Vorapong Suppakitpaisarn http://www-imai.is.s.u-tokyo.ac.jp/~mr_t_dtone/

Discrete Methods in Mathematical Informatics Lecture 3: Other Applications of Elliptic Curve 23h October 2012 Vorapong Suppakitpaisarn
Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks JaeCheol Ha * and SangJae Moon ** * Korea Nazarene University **

Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks JaeCheol Ha * and SangJae Moon ** * Korea Nazarene University **
Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?

Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?
On Karatsuba Multiplication Algorithm

On Karatsuba Multiplication Algorithm
Lecture 11-12 Implementations. The efficiency of a particular cryptographic scheme based on any one of the algebraic structures will depend on a number.

Lecture Implementations. The efficiency of a particular cryptographic scheme based on any one of the algebraic structures will depend on a number.
Discrete Methods in Mathematical Informatics Lecture 2: Elliptic Curve Cryptography 16 th October 2012 Vorapong Suppakitpaisarn

Discrete Methods in Mathematical Informatics Lecture 2: Elliptic Curve Cryptography 16 th October 2012 Vorapong Suppakitpaisarn
What is Elliptic Curve Cryptography?

What is Elliptic Curve Cryptography?
Advanced Information Security 2 SCALAR MULTIPLICATION Dr. Turki F. Al-Somani 2015.

Advanced Information Security 2 SCALAR MULTIPLICATION Dr. Turki F. Al-Somani 2015.
Discrete Methods in Mathematical Informatics Lecture 1: What is Elliptic Curve? 9 th October 2012 Vorapong Suppakitpaisarn

Discrete Methods in Mathematical Informatics Lecture 1: What is Elliptic Curve? 9 th October 2012 Vorapong Suppakitpaisarn
Five Problems CSE 421 Richard Anderson Winter 2009, Lecture 3.

Five Problems CSE 421 Richard Anderson Winter 2009, Lecture 3.
Elliptic curve arithmetic and applications to cryptography By Uros Abaz Supervised by Dr. Shaun Cooper and Dr. Andre Barczak.

Elliptic curve arithmetic and applications to cryptography By Uros Abaz Supervised by Dr. Shaun Cooper and Dr. Andre Barczak.
Advanced Information Security 4 Field Arithmetic

Advanced Information Security 4 Field Arithmetic
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
Advanced in Cryptology – CRYPT 2004, Santa Barbara, August 16, 2004 Signed Binary Representations Revisited Katsuyuki Okeya, Hitachi Katja Schmidt-Samoa,

Advanced in Cryptology – CRYPT 2004, Santa Barbara, August 16, 2004 Signed Binary Representations Revisited Katsuyuki Okeya, Hitachi Katja Schmidt-Samoa,
1 Efficient Algorithms for Elliptic Curve Cryptosystems Original article by Jorge Guajardo and Christof Paar Of WPI ECE Department Presentation by Curtis.

1 Efficient Algorithms for Elliptic Curve Cryptosystems Original article by Jorge Guajardo and Christof Paar Of WPI ECE Department Presentation by Curtis.
Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.

Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.
Network Optimization Problems: Models and Algorithms

Network Optimization Problems: Models and Algorithms
11 -1 Chapter 11 Randomized Algorithms. 11 -2 Randomized algorithms In a randomized algorithm (probabilistic algorithm), we make some random choices.

11 -1 Chapter 11 Randomized Algorithms Randomized algorithms In a randomized algorithm (probabilistic algorithm), we make some random choices.
Radix-r Non-Adjacent Form and Its Application to Pairing- Based Cryptosystem Authors: T. Takagi, D. Reis Jr., S.M. Yen and B.C. Wu IEICE Trans. Fundamentals,

Radix-r Non-Adjacent Form and Its Application to Pairing- Based Cryptosystem Authors: T. Takagi, D. Reis Jr., S.M. Yen and B.C. Wu IEICE Trans. Fundamentals,

Similar presentations

Ads by Google