TY - GEN
T1 - Montgomery addition for genus two curves
AU - Lange, T.
PY - 2004
Y1 - 2004
N2 - Hyperelliptic curves of low genus obtained a lot of attention in the recent past for cryptographic applications. They were shown to be competitive with elliptic curves in speed and security. In practice, one also needs to prevent from side channel analysis, a method using information leaked during the process of computing to attack the system. For elliptic curves the curve arithmetic proposed by Montgomery requires a comparably small number of field operations to perform a scalar multiplication but at the same time achieves security against non-differential side channel attacks.
This paper studies the generalization of Montgomery arithmetic for genus 2 curves. We do not give the explicit formulae here, but together with the explicit formulae for affine or projective group operations the results show how to implement it. The divisor classes can be represented using only their first polynomials, a feature that is important for actual implementations. Our method applies to arbitrary genus two curves over arbitrary fields of odd characteristic which have at least one rational Weierstraß point.
AB - Hyperelliptic curves of low genus obtained a lot of attention in the recent past for cryptographic applications. They were shown to be competitive with elliptic curves in speed and security. In practice, one also needs to prevent from side channel analysis, a method using information leaked during the process of computing to attack the system. For elliptic curves the curve arithmetic proposed by Montgomery requires a comparably small number of field operations to perform a scalar multiplication but at the same time achieves security against non-differential side channel attacks.
This paper studies the generalization of Montgomery arithmetic for genus 2 curves. We do not give the explicit formulae here, but together with the explicit formulae for affine or projective group operations the results show how to implement it. The divisor classes can be represented using only their first polynomials, a feature that is important for actual implementations. Our method applies to arbitrary genus two curves over arbitrary fields of odd characteristic which have at least one rational Weierstraß point.
U2 - 10.1007/978-3-540-24847-7_23
DO - 10.1007/978-3-540-24847-7_23
M3 - Conference contribution
SN - 3-540-22156-5
T3 - Lecture Notes in Computer Science
SP - 309
EP - 317
BT - Algorithmic number theory : 6th international symposium, ANTS-VI, Burlington VT, USA, June 13-18, 2004 : proceedings
A2 - Buell, D.A.
PB - Springer
CY - Berlin
ER -