TY - BOOK

T1 - Efficient halving for genus 3 curves over binary fields

AU - Birkner, P.

AU - Thériault, N.

PY - 2009

Y1 - 2009

N2 - In this article, we deal with fast arithmetic in the Picard group of hyperelliptic curves of genus 3 over binary fields. We investigate both the optimal performance curves, where h(x) = 1, and the more general curves where the degree of h(x) is 1, 2 or 3. For the optimal performance curves, we provide explicit halving and doubling formulas; not only for the most frequent case but also for all possible special cases that may occur when performing arithmetic on the proposed curves. In this situation, we show that halving offers
equivalent performance to that of doubling when computing scalar multiples (by means of an halve-and-add algorithm) in the divisor class group. For the other types of curves where halving may give performance gains (when the group order is twice an odd number), we give explicit halving formulas which outperform the corresponding doubling formulas by about 10 to 20 field multiplications per halving. These savings more than justify the use
of halvings for these curves, making them significantly more efficient than previously thought. For halving on genus 3 curves there is no previous work published so far.

AB - In this article, we deal with fast arithmetic in the Picard group of hyperelliptic curves of genus 3 over binary fields. We investigate both the optimal performance curves, where h(x) = 1, and the more general curves where the degree of h(x) is 1, 2 or 3. For the optimal performance curves, we provide explicit halving and doubling formulas; not only for the most frequent case but also for all possible special cases that may occur when performing arithmetic on the proposed curves. In this situation, we show that halving offers
equivalent performance to that of doubling when computing scalar multiples (by means of an halve-and-add algorithm) in the divisor class group. For the other types of curves where halving may give performance gains (when the group order is twice an odd number), we give explicit halving formulas which outperform the corresponding doubling formulas by about 10 to 20 field multiplications per halving. These savings more than justify the use
of halvings for these curves, making them significantly more efficient than previously thought. For halving on genus 3 curves there is no previous work published so far.

M3 - Report

T3 - Cryptology ePrint Archive

BT - Efficient halving for genus 3 curves over binary fields

PB - IACR

ER -