Description
The curve shape suggested by Edwards does not define elliptic curves over fields of characteristic 2. We recently generalized the concept of Edwards curves and defined binary Edwards curves. These curves offer complete addition formulas and are the first binary curves with this property. Doubling and differential addition (addition of two points with known difference, like in the Montgomery ladder) are very fast on these curves. We present the design principles behind this choice of curve shape, present the birational equivalence with Weierstrass elliptic curves and explain how to obtain fast doubling and differential addition.<br/> This is joint work with Daniel J. Bernstein and Reza Rezaeian Farashahi.
Next sessions
-
CryptoVerif: a computationally-sound security protocol verifier
Speaker : Bruno Blanchet - Inria
CryptoVerif is a security protocol verifier sound in the computational model of cryptography. It produces proofs by sequences of games, like those done manually by cryptographers. It has an automatic proof strategy and can also be guided by the user. It provides a generic method for specifying security assumptions on many cryptographic primitives, and can prove secrecy, authentication, and[…]-
Cryptography
-