A Technique for Accelerating Characteristic 2 Elliptic Curve Cryptography

摘要

In this paper we describe a novel approach for speeding up the computations of characteristic 2 elliptic curve cryptography. Using a projective space such as the Lopez-Dahab space [1] for representing point coordinates we accelerate point additions and point doublings by introducing a novel way for multiply elements in finite fields of the form GF(2{sup}m). Our technique uses a CPU instruction for carry-less multiplication (GFMUL) and single iteration Karatsuba-like formulae [2] for computing the carry-less product of large degree polynomials in GF(2). It then performs the reduction of the carry-less product of these polynomials by taking into account the fact that many curves specify fields with irreducible polynomials which are sparse. For example NIST curves specify polynomials with either three terms (trinomials) or five terms (pentanomials). We demonstrate results from a prototype implementation showing that our technique speeds up Elliptic Curve Diffie Hellman based on the NIST B-233 curve by 55% in software on a 3.6 GHz Pentium 4 processor. If a 3 clock latency GFMUL instruction is introduced to the CPU then the acceleration factor becomes 5.2×. We also show that further software optimizations have the potential to further increase the speedup beyond 10×.