The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
A survey of fast exponentiation methods
Journal of Algorithms
Efficient Arithmetic on Koblitz Curves
Designs, Codes and Cryptography - Special issue on towards a quarter-century of public key cryptography
Elliptic curves in cryptography
Elliptic curves in cryptography
Optimal Left-to-Right Binary Signed-Digit Recoding
IEEE Transactions on Computers - Special issue on computer arithmetic
Handbook of Applied Cryptography
Handbook of Applied Cryptography
On the Performance of Signature Schemes Based on Elliptic Curves
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Theoretical Computer Science
Improved techniques for fast exponentiation
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
A note on the signed sliding window integer recoding and a left-to-right analogue
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
New minimal weight representations for left-to-right window methods
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Fractional windows revisited: improved signed-digit representations for efficient exponentiation
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Faster Multi-exponentiation through Caching: Accelerating (EC)DSA Signature Verification
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Affine precomputation with sole inversion in elliptic curve cryptography
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
| Hi-index | 14.98 |
Elliptic curve cryptosystems (ECC) are suitable for memory-constraint devices like smart cards due to their small key-size. A standard way of computing elliptic curve scalar multiplication, the most frequent operation in ECC, is window methods, which enhance the efficiency of the binary method at the expense of some precomputation. The most established window methods are sliding window on NAF (NAF+SW), wNAF, and wMOF, where NAF and MOF are acronyms for nonadjacent form and mutually opposite form, respectively. A common drawback of these schemes is that only a small portion of the numbers are possible sizes for precomputation tables. Therefore, in practice, it is often necessary to waste memory because there is no table fitting exactly the available storage. In the case of wNAF, there exists a variant that allows arbitrary table sizes, the so-called fractional wNAF (Frac--wNAF). In this paper, we give a comprehensive proof using Markov theory for the estimation of the average nonzero density of the Frac-wNAF representation. Then, we propose the fractional wMOF (Frac-wMOF), which is a left-to-right analogue of Frac-wNAF. We prove that Frac-wMOF inherits the outstanding properties of Frac-wNAF. However, because of its left-to-right nature, Frac-wMOF is preferable as it reduces the memory consumption of the scalar multiplication. Finally, we show that the properties of all discussed previous schemes can be achieved as special instances of the Frac-wMOF method. To demonstrate the practicability of Frac-wMOF, we develop an on-the-fly algorithm for computing elliptic curve scalar multiplication with a flexibly chosen amount of memory.