We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:


Current browse context:


Change to browse by:


References & Citations

DBLP - CS Bibliography


(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: High-degree compression functions on alternative models of elliptic curves and their applications

Abstract: This paper presents method for obtaining high-degree compression functions using natural symmetries in a given model of an elliptic curve. Such symmetries may be found using symmetry of involution $[-1]$ and symmetry of translation morphism $\tau_T=P+T$, where $T$ is the $n$-torsion point which naturally belongs to the $E(\mathbb K)$ for a given elliptic curve model. We will study alternative models of elliptic curves with points of order $2$ and $4$, and specifically Huff's curves and the Hessian family of elliptic curves (like Hessian, twisted Hessian and generalized Hessian curves) with a point of order $3$. We bring up some known compression functions on those models and present new ones as well. For (almost) every presented compression function, differential addition and point doubling formulas are shown. As in the case of high-degree compression functions manual investigation of differential addition and doubling formulas is very difficult, we came up with a Magma program which relies on the Gr\"obner basis. We prove that if for a model $E$ of an elliptic curve exists an isomorphism $\phi:E \to E_M$, where $E_M$ is the Montgomery curve and for any $P \in E(\mathbb K)$ holds that $\phi(P)=(\phi_x(P), \phi_y(P))$, then for a model $E$ one may find compression function of degree $2$. Moreover, one may find, defined for this compression function, differential addition and doubling formulas of the same efficiency as Montgomery's. However, it seems that for the family of elliptic curves having a natural point of order $3$, compression functions of the same efficiency do not exist.
Comments: 33 pages
Subjects: Cryptography and Security (cs.CR)
Journal reference: Fundamenta Informaticae, Volume 184, Issue 2 (January 27, 2022) fi:8959
Cite as: arXiv:2111.04533 [cs.CR]
  (or arXiv:2111.04533v2 [cs.CR] for this version)

Submission history

From: Michał Wroński [view email]
[v1] Mon, 8 Nov 2021 14:26:00 GMT (29kb)
[v2] Thu, 13 Jan 2022 11:45:00 GMT (25kb)

Link back to: arXiv, form interface, contact.