Paper 2014/134

Kummer strikes back: new DH speed records

Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange, and Peter Schwabe

Abstract

This paper sets new speed records for high-security constant-time variable-base-point Diffie--Hellman software: 305395 Cortex-A8-slow cycles; 273349 Cortex-A8-fast cycles; 88916 Sandy Bridge cycles; 88448 Ivy Bridge cycles; 54389 Haswell cycles. There are no higher speeds in the literature for any of these platforms. The new speeds rely on a synergy between (1) state-of-the-art formulas for genus-2 hyperelliptic curves and (2) a modern trend towards vectorization in CPUs. The paper introduces several new techniques for efficient vectorization of Kummer-surface computations.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A major revision of an IACR publication in Asiacrypt 2014
Keywords
performanceDiffie--Hellmanhyperelliptic curvesKummer surfacesvectorization
Contact author(s)
authorcontact-kummer @ box cr yp to
History
2014-10-28: revised
2014-02-24: received
See all versions
Short URL
https://ia.cr/2014/134
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/134,
      author = {Daniel J.  Bernstein and Chitchanok Chuengsatiansup and Tanja Lange and Peter Schwabe},
      title = {Kummer strikes back: new DH speed records},
      howpublished = {Cryptology ePrint Archive, Paper 2014/134},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/134}},
      url = {https://eprint.iacr.org/2014/134}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.