Some improved algorithms for hyperelliptic curve cryptosystems using degenerate divisors

Authors:
Masanobu Katagi;Toru Akishita;Izuru Kitamura;Tsuyoshi Takagi
Affiliations:
Sony Corporation, Tokyo, Japan;Sony Corporation, Tokyo, Japan;Sony Corporation, Tokyo, Japan;Fachbereich Informatik, Technische Universität Darmstadt, Darmstadt, Germany
Venue:
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Year:
2004

Citing 5
Cited 2

Hyperelliptic cryptosystems

Journal of Cryptology
Computing Zeta Functions of Hyperelliptic Curves over Finite Fields of Characteristic 2

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Improving Group Law Algorithms for Jacobians of Hyperelliptic Curves

ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems

CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
The width-W NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track

Efficient pairing computation on supersingular Abelian varieties

Designs, Codes and Cryptography
Hyperelliptic pairings

Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

Hyperelliptic curve cryptosystems (HECC) can be good alternatives to elliptic curve cryptosystems, and there is a good possibility to improve the efficiency of HECC due to its flexible algebraic structure. Recently, an efficient scalar multiplication technique for application to genus 2 curves using a degenerate divisor has been proposed. This new technique can be used in the cryptographic protocol using a fixed base point, e.g., HEC-DSA. This paper considers two important issues concerning degenerate divisors. First, we extend the technique for genus 2 curves to genus 3 curves. Jacobian variety for genus 3 curves has two different degenerate divisors: degree 1 and 2. We present explicit formulae of the addition algorithm with degenerate divisors, and then present the timing of scalar multiplication using the proposed formulae. Second, we propose several window methods using the degenerate divisors. It is not obvious how to construct a base point D such that degD = deg(aD) g for integer a, where g is the genus of the underlying curve and deg(D) is the degree of divisor D. We present an explicit algorithm for generating such divisors. We then develop a window-based scheme that is secure against side-channel attacks.