Cryptology ePrint Archive: Report 2021/019

Kummer versus Montgomery Face-off over Prime Order Fields

Kaushik Nath and Palash Sarkar

Abstract: This paper makes a comprehensive comparison of the efficiencies of vectorized implementations of Kummer lines and Montgomery curves at various security levels. For the comparison, nine Kummer lines are considered, out of which eight are new, and new assembly implementations of all nine Kummer lines have been made. Seven previously proposed Montgomery curves are considered and new vectorized assembly implementations have been made for five of them. Our comparisons show that for all security levels, Kummer lines are consistently faster than Montgomery curves, though the speed-up gap is not much.

Category / Keywords: implementation / Kummer line, Montgomery curve, Diffie-Hellman, 4-way vectorization, SIMD

Date: received 6 Jan 2021, last revised 25 Mar 2021

Contact author: kaushikn_r at isical ac in, palash at isical ac in

Available format(s): PDF | BibTeX Citation

Note: Updated Table 6.

Version: 20210325:070507 (All versions of this report)

Short URL: ia.cr/2021/019