@inproceedings{00ec54e490a048f0951c58fa73c9febc,
title = "Faster compact Diffie-Hellman: Endomorphisms on the x-line",
abstract = "We describe an implementation of fast elliptic curve scalar multiplication, optimized for Diffie-Hellman Key Exchange at the 128-bit security level. The algorithms are compact (using only x-coordinates), run in constant time with uniform execution patterns, and do not distinguish between the curve and its quadratic twist; they thus have a built-in measure of side-channel resistance. (For comparison, we also implement two faster but non-constant-time algorithms.) The core of our construction is a suite of two-dimensional differential addition chains driven by efficient endomorphism decompositions, built on curves selected from a family of ℚ-curve reductions over double-struck F p2 with p = 2127 - 1. We include state-of-the-art experimental results for twist-secure, constant-time, x-coordinate-only scalar multiplication.",
keywords = "Elliptic curve cryptography, Kummer variety, Montgomery curve, addition chains, endomorphism, scalar multiplication, side channel attacks, twist-secure",
author = "Craig Costello and Huseyin Hisil and Benjamin Smith",
year = "2014",
month = jan,
day = "1",
doi = "10.1007/978-3-642-55220-5\_11",
language = "English",
isbn = "9783642552199",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "183--200",
booktitle = "Advances in Cryptology, EUROCRYPT 2014 - 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",
note = "33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2014 ; Conference date: 11-05-2014 Through 15-05-2014",
}