We introduce FourQ, a high-security, high-performance elliptic curve that targets the 128-bit security level. At the highest arithmetic level, cryptographic scalar multiplications on FourQ can use a four-dimensional Gallant-Lambert-Vanstone decomposition to minimize the total number of elliptic curve group operations. At the group arithmetic level, FourQ admits the use of extended twisted Edwards coordinates and can therefore exploit the fastest known elliptic curve addition formulas over large prime characteristic fields. Finally, at the finite field level, arithmetic is performed modulo the extremely fast Mersenne prime p = 2~(127) - 1. We show that this powerful combination facilitates scalar multiplications that are significantly faster than all prior works. On Intel's Haswell, Ivy Bridge and Sandy Bridge architectures, our software computes a variable-base scalar multiplication in 59,000, 71,000 cycles and 74,000 cycles, respectively; and, on the same platforms, our software computes a Diffie-Hellman shared secret in 92,000, 110,000 cycles and 116,000 cycles, respectively.
展开▼
机译:我们介绍FourQ,高安全性,高性能椭圆曲线,可针对128位安全级别。在最高算术级别,FourQ上的加密标量乘法可以使用四维勇士 - 兰伯特 - 刮刀分解,以最小化椭圆曲线组操作的总数。在集团算术级别,FourQ承认使用扩展扭曲的Edwards坐标,因此可以利用大型主要特征领域的最快已知的椭圆曲线附加公式。最后,在有限场级别,进行算术进行模数,其极快的Mersenne Prime P = 2〜(127) - 1.我们表明这种强大的组合促进了比所有先前作品更快的标量乘法。在英特尔的Haswell,Ivy Bridge和Sandy Bridge架构上,我们的软件将分别计算59,000,71,000个周期和74,000个周期的可变基础标量乘法;并且,在同一平台上,我们的软件将分别计算92,000,110,000周期和116,000个周期中的Diffie-Hellman共享秘密。
展开▼
