Cryptology ePrint Archive: Report 2022/277

Security Analysis of Elliptic Curves over Sextic Extension of Small Prime Fields

Robin Salen and Vijaykumar Singh and Vladimir Soukharev

Abstract: In this report we investigate how to generate secure elliptic curves over sextic extension of prime fields of size roughly 64 bits to achieve 128-bit security. In particular, we present one of such curves over a 64-bit prime field, which we named Cheetah, and provide its security parameter. This curve is particularly well-suited for zero-knowledge applications such as FRI-based STARK proving systems, as its base prime field has the property of having a large two-adicity, necessary for FFT-related operations and at the same time it is used for elliptic curve-based signatures. We also provide a prototype implementation of this curve in Rust, featuring constant-time arithmetic and no use of the Rust standard library for WebAssembly support.

Category / Keywords: foundations / elliptic curves, digital signatures, zero-knowledge proofs, stark, blockchain, field extension

Date: received 1 Mar 2022, last revised 2 Mar 2022

Contact author: salen at toposware com, vijaykumar singh at toposware com, vladimir soukharev at toposware com

Available format(s): PDF | BibTeX Citation

Version: 20220302:164443 (All versions of this report)

Short URL: ia.cr/2022/277