Cryptology ePrint Archive: Report 2010/311

Combining leak--resistant arithmetic for elliptic curves defined over $\F_p$ and RNS representation

J.C. Bajard and S. Duquesne and M. Ercegovac

Abstract: In this paper we combine the residue number system (RNS) representation and the leak-resistant arithmetic on elliptic curves. These two techniques are relevant for implementation of elliptic curve cryptography on embedded devices.\\ % since they have leak-resistance properties. It is well known that the RNS multiplication is very efficient whereas the reduction step is costly. Hence, we optimize formulae for basic operations arising in leak-resistant arithmetic on elliptic curves (unified addition, Montgomery ladder) in order to minimize the number of modular reductions. We also improve the complexity of the RNS modular reduction step. As a result, we show how to obtain a competitive secured implementation.\\ Finally, %we recall the main advantages of the RNS representation, %especially in hardware and for embedded devices, and we show that, contrary to other approaches, ours takes optimally the advantage of a dedicated parallel architecture.

Category / Keywords: implementation / ellicptic curves, leak resistance, RNS, arithmetic

Date: received 25 May 2010

Contact author: sylvain duquesne at univ-rennes1 fr

Available formats: PDF | BibTeX Citation

Version: 20100525:213752 (All versions of this report)

Discussion forum: Show discussion | Start new discussion