| 作成者 |
|
|
|
|
|
| 本文言語 |
|
| 出版者 |
|
|
|
| 発行日 |
|
| 収録物名 |
|
| 巻 |
|
| 号 |
|
| 開始ページ |
|
| 終了ページ |
|
| 出版タイプ |
|
| アクセス権 |
|
| 関連DOI |
|
| 関連DOI |
|
|
|
|
|
| 関連URI |
|
|
|
|
|
| 関連情報 |
|
|
|
|
|
|
|
| 概要 |
Elliptic curve cryptosystems (ECC) are emerging cryptographic standards which can be used instead of RSA cryptosystems, and are practically used. In ECC, scalar multiplication (or point multiplication...) is the dominant operation, namely computing an integer multiple for a given integer and a point on an elliptic curve. However, for practical use, it is a very important matter to improve the efficiency of scalar multiplication. The \tau-adic non-adjacent form (\tau-NAF) proposed by Solinas, is one of the most efficient algorithms to compute scalar multiplications on Koblitz curves. Avanzi, Heuberger, and Prodinger have proven the minimality of the Hamming weightof the \tau-NAF on Koblitz curves. However, the lower bound for the length of minimal Hamming weight \tau-adic expansions is not known yet. In this paper, we shall derive an explicit lower bound for the length of minimal Hamming weight \tau -adic expansions. We shall also give a new proof of the minimality of the Hamming weight of the \tau-NAF on Koblitz curves. Further, by using the proof of the lower bound and the new proof of the minimality, we classify a minimal length \tau-adic expansion with minimal Hamming weight except for two special cases. The classification shows that the \tau-NAF has almost minimal length among all \tau-adic expansions of minimal Hamming weight and we can easily convert the \tau-NAF into a minimal length \tau-adic expansion without changing the Hamming weight. This fact follows immediately from the proof of the lower bound and our new proof.続きを見る
|
Mendeley出力
JMI2010A-7