Paper 2018/839

On Kummer Lines With Full Rational 2-torsion and Their Usage in Cryptography

Huseyin Hisil and Joost Renes

Abstract

A paper by Karati and Sarkar at Asiacrypt'17 has pointed out the potential for Kummer lines in genus one, by observing that its SIMD-friendly arithmetic is competitive with the status quo. A more recent preprint explores the connection with (twisted) Edwards curves. In this paper we extend this work and significantly simplify their treatment. We show that their Kummer line is the x-line of a Montgomery curve translated by a point of order two, and exhibit a natural isomorphism to a twisted Edwards curve. Moreover, we show that the Kummer line presented by Gaudry and Lubicz can be obtained via the action of a point of order two on the y-line of an Edwards curve. The maps connecting these curves and lines are all very simple. As an example, we present the first implementation of the qDSA signature scheme based on the squared Kummer line. Finally we present close estimates on the number of isomorphism classes of Kummer lines.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Montgomery curvesEdwards curvesKummer linesMontgomery ladderDigital signatures
Contact author(s)
j renes @ cs ru nl
History
2018-09-06: received
Short URL
https://ia.cr/2018/839
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/839,
      author = {Huseyin Hisil and Joost Renes},
      title = {On Kummer Lines With Full Rational 2-torsion and Their Usage in Cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/839},
      year = {2018},
      url = {https://eprint.iacr.org/2018/839}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.