# American Institute of Mathematical Sciences

November  2014, 8(4): 389-406. doi: 10.3934/amc.2014.8.389

## Comparison of scalar multiplication on real hyperelliptic curves

 1 Department of Computer Science, University of Calgary, 2500 University Drive NW, Calgary, Alberta, Canada T2N 1N4, Canada 2 Department of Mathematics and Statistics, University of Calgary, 2500 University Drive NW, Calgary, Alberta, Canada T2N 1N4, Canada, Canada

Received  March 2014 Revised  September 2014 Published  November 2014

Real hyperelliptic curves admit two structures suitable for cryptography --- the Jacobian (a finite abelian group) and the infrastructure. Mireles Morales described precisely the relationship between these two structures, and made the assertion that when implemented with balanced divisor arithmetic, the Jacobian generically yields more efficient arithmetic than the infrastructure for cryptographic applications. We confirm that this assertion holds for genus two curves, through rigorous analysis and the first detailed numerical performance comparisons, showing that cryptographic key agreement can be performed in the Jacobian without any extra operations beyond those required for basic scalar multiplication. We also present a modified version of Mireles Morales' map that more clearly reveals the algorithmic relationship between the two structures.
Citation: Michael J. Jacobson, Jr., Monireh Rezai Rad, Renate Scheidler. Comparison of scalar multiplication on real hyperelliptic curves. Advances in Mathematics of Communications, 2014, 8 (4) : 389-406. doi: 10.3934/amc.2014.8.389
##### References:
 [1] E. Barker, W. Barker, W. Polk and M. Smid, Recommendation for key management - part 1: General (revised), NIST Special Publication 800-57, 2007. Google Scholar [2] H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercouteren, Handbook of Elliptic and Hyperelliptic Curve Cryptography, Chapman & Hall/CRC, Boca Raton, 2006. doi: 10.1201/9781420034981.  Google Scholar [3] W. Diffie and M. Hellman, New directions in cryptography, IEEE Trans. Inf. Theory, 22 (1976), 472-492. doi: 10.1109/TIT.1976.1055638.  Google Scholar [4] S. Erickson, M. J. Jacobson, Jr. and A. Stein, Explicit formulas for real hyperelliptic curves of genus $2$ in affine representation, Adv. Math. Commun., 5 (2011), 623-666. doi: 10.3934/amc.2011.5.623.  Google Scholar [5] F. Fontein, Groups from cyclic infrastructures and Pohlig-Hellman in certain infrastructures, Adv. Math. Commun., 2 (2008), 293-307. doi: 10.3934/amc.2008.2.293.  Google Scholar [6] F. Fontein, Holes in the infrastructure of global hyperelliptic function fields,, preprint, ().   Google Scholar [7] E. Friedman and L. C. Washington, On the distribution of divisor class groups of curves over a finite field, Théorie des Nombres (Québec, PQ), de Gruyter, Berlin, 1989, 227-239.  Google Scholar [8] S. D. Galbraith, M. Harrison and D. J. Mireles Morales, Efficient hyperelliptic curve arithmetic using balanced representation for divisors, in Algorithmic Number Theory - ANTS 2008 (Berlin), Springer, 2008, 342-356. doi: 10.1007/978-3-540-79456-1_23.  Google Scholar [9] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Cryptographic protocols on real hyperelliptic curves, Adv. Math. Commun., 1 (2007), 197-221. doi: 10.3934/amc.2007.1.197.  Google Scholar [10] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Fast arithmetic on hyperelliptic curves via continued fraction expansions, in Advances in Coding Theory and Cryptology (eds. T. Shaska, W.C. Huffman, D. Joyner and V. Ustimenko), World Scientific Publishing, 2007, 201-244. doi: 10.1142/9789812772022_0013.  Google Scholar [11] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Cryptographic aspects of real hyperelliptic curves, Tatra Mountains Math. Publ., 40 (2010), 1-35. doi: 10.2478/v10127-010-0030-9.  Google Scholar [12] N. Koblitz, Hyperelliptic cryptosystems, J. Cryptology, 1 (1989), 139-150. doi: 10.1007/BF02252872.  Google Scholar [13] T. Lange, Formulae for arithmetic on genus 2 hyperelliptic curves, Appl. Algebra Eng. Commun. Comput., 15 (2005), 295-328. doi: 10.1007/s00200-004-0154-8.  Google Scholar [14] D. J. Mireles Morales, An analysis of the infrastructure in real function fields, Cryptology eprint archive no. 2008/299, 2008. Google Scholar [15] R. Scheidler, J. A. Buchmann and H. C. Williams, A key exchange protocol using real quadratic fields, J. Cryptology, 7 (1994), 171-199. doi: 10.1007/BF02318548.  Google Scholar [16] R. Scheidler, A. Stein and H. C. Williams, Key-exchange in real quadratic congruence function fields, Des. Codes Crypt., 7 (1996), 153-174. doi: 10.1007/BF00125081.  Google Scholar [17] V. Shoup, NTL: A Library for doing Number Theory (version 5.4.2), http://www.shoup.net, 2008. Google Scholar [18] A. Stein, Explicit infrastructure for real quadratic function fields and real hyperelliptic curves, Glas. Mat. Ser. III, 44(64) (2009), 89-126. doi: 10.3336/gm.44.1.05.  Google Scholar

show all references

##### References:
 [1] E. Barker, W. Barker, W. Polk and M. Smid, Recommendation for key management - part 1: General (revised), NIST Special Publication 800-57, 2007. Google Scholar [2] H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercouteren, Handbook of Elliptic and Hyperelliptic Curve Cryptography, Chapman & Hall/CRC, Boca Raton, 2006. doi: 10.1201/9781420034981.  Google Scholar [3] W. Diffie and M. Hellman, New directions in cryptography, IEEE Trans. Inf. Theory, 22 (1976), 472-492. doi: 10.1109/TIT.1976.1055638.  Google Scholar [4] S. Erickson, M. J. Jacobson, Jr. and A. Stein, Explicit formulas for real hyperelliptic curves of genus $2$ in affine representation, Adv. Math. Commun., 5 (2011), 623-666. doi: 10.3934/amc.2011.5.623.  Google Scholar [5] F. Fontein, Groups from cyclic infrastructures and Pohlig-Hellman in certain infrastructures, Adv. Math. Commun., 2 (2008), 293-307. doi: 10.3934/amc.2008.2.293.  Google Scholar [6] F. Fontein, Holes in the infrastructure of global hyperelliptic function fields,, preprint, ().   Google Scholar [7] E. Friedman and L. C. Washington, On the distribution of divisor class groups of curves over a finite field, Théorie des Nombres (Québec, PQ), de Gruyter, Berlin, 1989, 227-239.  Google Scholar [8] S. D. Galbraith, M. Harrison and D. J. Mireles Morales, Efficient hyperelliptic curve arithmetic using balanced representation for divisors, in Algorithmic Number Theory - ANTS 2008 (Berlin), Springer, 2008, 342-356. doi: 10.1007/978-3-540-79456-1_23.  Google Scholar [9] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Cryptographic protocols on real hyperelliptic curves, Adv. Math. Commun., 1 (2007), 197-221. doi: 10.3934/amc.2007.1.197.  Google Scholar [10] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Fast arithmetic on hyperelliptic curves via continued fraction expansions, in Advances in Coding Theory and Cryptology (eds. T. Shaska, W.C. Huffman, D. Joyner and V. Ustimenko), World Scientific Publishing, 2007, 201-244. doi: 10.1142/9789812772022_0013.  Google Scholar [11] M. J. Jacobson, Jr., R. Scheidler and A. Stein, Cryptographic aspects of real hyperelliptic curves, Tatra Mountains Math. Publ., 40 (2010), 1-35. doi: 10.2478/v10127-010-0030-9.  Google Scholar [12] N. Koblitz, Hyperelliptic cryptosystems, J. Cryptology, 1 (1989), 139-150. doi: 10.1007/BF02252872.  Google Scholar [13] T. Lange, Formulae for arithmetic on genus 2 hyperelliptic curves, Appl. Algebra Eng. Commun. Comput., 15 (2005), 295-328. doi: 10.1007/s00200-004-0154-8.  Google Scholar [14] D. J. Mireles Morales, An analysis of the infrastructure in real function fields, Cryptology eprint archive no. 2008/299, 2008. Google Scholar [15] R. Scheidler, J. A. Buchmann and H. C. Williams, A key exchange protocol using real quadratic fields, J. Cryptology, 7 (1994), 171-199. doi: 10.1007/BF02318548.  Google Scholar [16] R. Scheidler, A. Stein and H. C. Williams, Key-exchange in real quadratic congruence function fields, Des. Codes Crypt., 7 (1996), 153-174. doi: 10.1007/BF00125081.  Google Scholar [17] V. Shoup, NTL: A Library for doing Number Theory (version 5.4.2), http://www.shoup.net, 2008. Google Scholar [18] A. Stein, Explicit infrastructure for real quadratic function fields and real hyperelliptic curves, Glas. Mat. Ser. III, 44(64) (2009), 89-126. doi: 10.3336/gm.44.1.05.  Google Scholar
 [1] M. J. Jacobson, R. Scheidler, A. Stein. Cryptographic protocols on real hyperelliptic curves. Advances in Mathematics of Communications, 2007, 1 (2) : 197-221. doi: 10.3934/amc.2007.1.197 [2] Kwang Ho Kim, Junyop Choe, Song Yun Kim, Namsu Kim, Sekung Hong. Speeding up regular elliptic curve scalar multiplication without precomputation. Advances in Mathematics of Communications, 2020, 14 (4) : 703-726. doi: 10.3934/amc.2020090 [3] Iris Anshel, Derek Atkins, Dorian Goldfeld, Paul E. Gunnells. Ironwood meta key agreement and authentication protocol. Advances in Mathematics of Communications, 2021, 15 (3) : 397-413. doi: 10.3934/amc.2020073 [4] Laurent Imbert, Michael J. Jacobson, Jr.. Empirical optimization of divisor arithmetic on hyperelliptic curves over $\mathbb{F}_{2^m}$. Advances in Mathematics of Communications, 2013, 7 (4) : 485-502. doi: 10.3934/amc.2013.7.485 [5] Roberto Avanzi, Nicolas Thériault. A filtering method for the hyperelliptic curve index calculus and its analysis. Advances in Mathematics of Communications, 2010, 4 (2) : 189-213. doi: 10.3934/amc.2010.4.189 [6] Chris Guiver, Mark R. Opmeer. Bounded real and positive real balanced truncation for infinite-dimensional systems. Mathematical Control & Related Fields, 2013, 3 (1) : 83-119. doi: 10.3934/mcrf.2013.3.83 [7] Stefan Erickson, Michael J. Jacobson, Jr., Andreas Stein. Explicit formulas for real hyperelliptic curves of genus 2 in affine representation. Advances in Mathematics of Communications, 2011, 5 (4) : 623-666. doi: 10.3934/amc.2011.5.623 [8] Anton Stolbunov. Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves. Advances in Mathematics of Communications, 2010, 4 (2) : 215-235. doi: 10.3934/amc.2010.4.215 [9] Francisco Braun, José Ruidival dos Santos Filho. The real jacobian conjecture on $\R^2$ is true when one of the components has degree 3. Discrete & Continuous Dynamical Systems, 2010, 26 (1) : 75-87. doi: 10.3934/dcds.2010.26.75 [10] Akbar Mahmoodi Rishakani, Seyed Mojtaba Dehnavi, Mohmmadreza Mirzaee Shamsabad, Nasour Bagheri. Cryptographic properties of cyclic binary matrices. Advances in Mathematics of Communications, 2021, 15 (2) : 311-327. doi: 10.3934/amc.2020068 [11] Bernard Dacorogna, Olivier Kneuss. Multiple Jacobian equations. Communications on Pure & Applied Analysis, 2014, 13 (5) : 1779-1787. doi: 10.3934/cpaa.2014.13.1779 [12] Isabelle Déchène. On the security of generalized Jacobian cryptosystems. Advances in Mathematics of Communications, 2007, 1 (4) : 413-426. doi: 10.3934/amc.2007.1.413 [13] Zsolt Páles, Vera Zeidan. $V$-Jacobian and $V$-co-Jacobian for Lipschitzian maps. Discrete & Continuous Dynamical Systems, 2011, 29 (2) : 623-646. doi: 10.3934/dcds.2011.29.623 [14] Andrew D. Lewis, David R. Tyner. Geometric Jacobian linearization and LQR theory. Journal of Geometric Mechanics, 2010, 2 (4) : 397-440. doi: 10.3934/jgm.2010.2.397 [15] Ronen Peretz, Nguyen Van Chau, L. Andrew Campbell, Carlos Gutierrez. Iterated images and the plane Jacobian conjecture. Discrete & Continuous Dynamical Systems, 2006, 16 (2) : 455-461. doi: 10.3934/dcds.2006.16.455 [16] Neil S. Trudinger. On the local theory of prescribed Jacobian equations. Discrete & Continuous Dynamical Systems, 2014, 34 (4) : 1663-1681. doi: 10.3934/dcds.2014.34.1663 [17] Ruinian Li, Yinhao Xiao, Cheng Zhang, Tianyi Song, Chunqiang Hu. Cryptographic algorithms for privacy-preserving online applications. Mathematical Foundations of Computing, 2018, 1 (4) : 311-330. doi: 10.3934/mfc.2018015 [18] Haibo Yi. Efficient systolic multiplications in composite fields for cryptographic systems. Discrete & Continuous Dynamical Systems - S, 2019, 12 (4&5) : 1135-1145. doi: 10.3934/dcdss.2019078 [19] Qichun Wang, Chik How Tan, Pantelimon Stănică. Concatenations of the hidden weighted bit function and their cryptographic properties. Advances in Mathematics of Communications, 2014, 8 (2) : 153-165. doi: 10.3934/amc.2014.8.153 [20] Pascale Charpin, Jie Peng. Differential uniformity and the associated codes of cryptographic functions. Advances in Mathematics of Communications, 2019, 13 (4) : 579-600. doi: 10.3934/amc.2019036

2020 Impact Factor: 0.935