Vortrag
Efficient arithmetic in trace-zero subgroups
Vortrag von Giulia Bianco
Datum: 27.09.17 Zeit: 16.00 - 17.00 Raum: Y27H12
We consider trace-zero subgroups of elliptic curves, that are particular groups of points of an elliptic curve defined over a finite field, endowed with the standard point addition. These subgroups have potential applications to cryptography: therefore, it is important to study efficient methods to perform scalar multiplication in them. Moreover, such methods need to be integrated with the use of an optimal representation of trace-zero points, in order to have fast arithmetic and optimal space storage at the same time. An optimal representation for the trace-zero subgroup associates to each group element the shortest possible tuple of coordinates in the field of definition of the elliptic curve. It is possible to compute the tuple from the point via the process of compression, and to recover the point from the tuple via the process of decompression. In order to integrate fast scalar multiplication with the use of an optimal representation in trace-zero subgroups, one can simply perform the standard scalar multiplication of points on the elliptic curve, together with fast compression and decompression algorithms. Another approach is to perform the operation directly in the optimal coordinates of the trace-zero subgroup, without compression and decompression of points. We present the first algorithm that follows this direct approach, for the trace-zero subgroup of degree 3.