Up to now, the state-of-the-art implementations of Super-singular Isogeny Dime-Hellman (SIDH) work with Montgomery curves or Edwards curves, due to the facts that such curve models provide high efficiency for elliptic curve arithmetic operations. In this work, we propose a new to-coordinate method to optimize the arithmetic operations on Huff curves. Specifically, for the optimal computations of addition operation and doubling operation proposed by Orhon and Hisil on a fixed Huff curve, the costs of these operations can be further improved by about 40%. For the evaluations of odd-degree isogeny and 2-isogeny on variable Huff curves proposed by Moody and Shumow, the costs of evaluating ℓ-isogeny (ℓ is odd) point and ℓ-isogeny curve can be further improved by about 50%. The computations of evaluating 2-isogeny point and 2-isogeny curve can be separately replaced by computing 4-isogeny point and 4-isogeny curve, which need 6M + 2S and 4S, respectively, and avoid square root calculation mentioned in Moody and Shumow's work. Interestingly, the desired computational issues on variable Huff curves have the same computational costs as those on variable Montgomery curves, as well supported by our implementations.
展开▼
