Cryptology ePrint Archive: Report 2018/792

Faster Modular Arithmetic For Isogeny Based Crypto on Embedded Devices

Joppe W. Bos and Simon J. Friedberger

Abstract: We show how to implement the Montgomery reduction algorithm for isogeny based cryptography such that it can utilize the "unsigned multiply accumulate accumulate long" instruction present on modern ARM architectures. This results in a practical speed-up of a factor 1.34 compared to the approach used by SIKE: the supersingular isogeny based submission to the ongoing post-quantum standardization effort.

Moreover, motivated by the recent work of Costello and Hisil (ASIACRYPT 2017), which shows that there is only a moderate degradation in performance when evaluating large odd degree isogenies, we search for more general supersingular isogeny friendly moduli. Using graphics processing units to accelerate this search we find many such moduli which allow for faster implementations on embedded devices. By combining these two approaches we manage to make the modular reduction 1.5 times as fast on a 32-bit ARM platform.

Category / Keywords: public-key cryptography /

Date: received 28 Aug 2018

Contact author: joppe bos at nxp com

Available format(s): PDF | BibTeX Citation

Version: 20180901:121733 (All versions of this report)

Short URL: ia.cr/2018/792