@inproceedings{3370b72b2d2f4a9fbab9b5b7b2490c57,
title = "μKummer: Efficient hyperelliptic signatures and key exchange on microcontrollers",
abstract = "We describe the design and implementation of efficient signature and key-exchange schemes for the AVR A Tmega and ARM Cortex M0 microcontrollers, targeting the 128-bit security level. Our algorithms are based on an efficient Montgomery ladder scalar multiplication on the Kummer surface of Gaudry and Schost{\textquoteright}s genus-2 hyperelliptic curve, combined with the Jacobian point recovery technique of Chung, Costello, and Smith. Our results are the first to show the feasibility of softwareonly hyperelliptic cryptography on constrained platforms, and represent a significant improvement on the elliptic-curve state-of-the-art for both key exchange and signatures on these architectures. Notably, our keyexchange scalar-multiplication software runs in under 9520k cycles on the ATmega and under 2640k cycles on the Cortex M0, improving on the current speed records by 32\% and 75\% respectively.",
keywords = "ARM cortex M0, AVR ATmega, Hyperelliptic curve cryptography, Kummer surface",
author = "Joost Renes and Peter Schwabe and Benjamin Smith and Lejla Batina",
note = "Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2016.; 18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016 ; Conference date: 17-08-2016 Through 19-08-2016",
year = "2016",
month = jan,
day = "1",
doi = "10.1007/978-3-662-53140-2\_15",
language = "English",
isbn = "9783662531396",
series = "Lecture Notes in Computer Science",
publisher = "Springer Verlag",
pages = "301--320",
editor = "Benedikt Gierlichs and Poschmann, \{Axel Y.\}",
booktitle = "Cryptographic Hardware and Embedded Systems, CHES 2016 - 18th International Workshop, Proceedings",
}