• Tidak ada hasil yang ditemukan

Plain E&F Template

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2024

Membagikan "Plain E&F Template"

Copied!
25
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 25 Halaman )

Teks penuh

(1)

Advanced Information Security

3 PROJECTIVE COORDINATES

Dr. Turki F. Al-Somani

2017

(2)

Module Outlines

2

Why Projective Coordinates ?

Which Projective Coordinates ?

Homogeneous,

Jacobian,

Lopez-Dahab,

Mixed,

and Edwards coordinate systems

Summary

(3)

Why Projective Coordinates ?

3

The group operations in an affine

coordinate system involve finite field inversion, which is a very costly

operation, particularly over prime fields.

Projective coordinate systems are used to reduce the need for performing

inversion to only 1.

Several projective coordinate systems have been proposed:

Homogeneous, Jacobian, Lopez-Dahab, Mixed and Edwards coordinate systems

(4)

Which Projective Coordinate

4

?

The selection of a projective coordinate is based on the number of arithmetic operations, mainly

multiplications.

This is to be expected due to the sequential nature of these architectures where a single multiplier is used.

For high performance implementations, such

sequential architectures are too slow to meet the demand of increasing number of operations.

One solution for meeting this requirement is to exploit the inherent parallelism within the elliptic curve point operations in projective coordinate

(5)

Homogeneous Coordinates

5

For the Homogeneous, so called projective, coordinate system, an elliptic curve point P takes the form (x, y) = (X/Z, Y/Z).

Let P1, P2 and P3 be three different points on the elliptic curve over GF(p), where P1=(X1, Y1, Z1), P2=(X2, Y2, Z2=1) and P3=(X3, Y3, Z3).

Point addition with the Homogenous

coordinate systems can be computed as:

A=Y2Z1, B=X2Z1−X1, C=A2Z1−B32B2X1, X3=BC, Y3=A(B2X1−C)−B3Y1, Z3=B3Z1.

(6)

Homogeneous Coordinates (contd.)

6

Point doubling, on the other hand, can be computed as: A=aZ12+3X12, B=Y1Z1,

C=X1Y1B, D=A28C, X3=2BD, Y3=A(4C−D)

8Y12B2, Z3=8B3.

(7)

Jacobian Coordinates

7

For the Jacobian coordinate system, P takes the form (x, y) = (X/Z2, Y/Z3).

Point addition can be computed as: A=X1, B=X2Z12, C=Y1, D=Y2Z13, E=B−A, F=D−C, X3=F2(E3+2AE2), Y3=F(AE2−X3)−CE3,

Z3=Z1E.

Point doubling, on the other hand, can be computed as: A=4X1Y12, B=3X12+aZ14,

X3=B22A, Y3=B(A−X3)8Y14, Z3=2Y1Z1.

(8)

Lopez-Dahab Coordinates

8

Lopez-Dahab coordinate system takes the form (x,y)=(X/Z,Y/Z2).

Very efficient in GF(2m)

Point addition can be computed as:

A0=Y12Z12 , A1=Y1Z22 , B0=X2Z1, B1=X1Z2,

C=A0+A1, D=B0+B1, E=Z1Z2, F=DE, Z3=F2, G=D2(F+aE2), H=CF, X3=C2+H+G,

I=D2B0E+X3, J=D2A0+X3, Y3=HI+Z3J.

Point doubling can be computed as:

Z3=Z12X12, X3=X14+bZ14,

Y3=bZ14Z3+X3(aZ3+Y12+bZ14)

(9)

Mixed Coordinates

9

The Mixed coordinate system adds two points where one is given in some

coordinate system while the other in another coordinate system.

The coordinate system of the resulting point, may be in a third coordinate

system

(10)

Mixed Coordinates (contd.)

10

(11)

Edwards Coordinates

11

Recently, Edwards showed that all

elliptic curves over prime fields could be transformed to the shape: x2 + y2 = c2 (1 + x2y2), with (0, c) as neutral element

and with the surprisingly simple and

symmetric addition law of two points P1

= (x1, y1) and P2 = (x2, y2) as:

(12)

Edwards Coordinates (contd.)

12

To capture a larger class of elliptic curves over the original field, the notion of Edwards form

have been modified to include all curves x2 + y2

= c2 (1 + dx2y2) where cd(1−dc4) ≠ 0.

Point addition with the Edwards coordinate systems can be computed as: B=Z12Z1, C=X1X2, D=Y1Y2,

E=G–(C+D), F=dCD, G=(X1+Y1)(X2+Y2), X3=Z1E(B–

F), Z3=(B–F)(B+F), Y3=Z1(D–C)(B+F).

Point doubling, on the other hand, can be computed as: A=X1+Y1, B=A2, C=X12, D=Y12, E=C+D, F=B–E, H=Z12, I=2H, J=E–I, X3=FJ, Z3=EJ, Y3=E(C–D).

(13)

Inherent Parallelism (2006)

13

(14)

Inherent Parallelism (2006)

14

(15)

Inherent Parallelism (2006)

15

(16)

Inherent Parallelism (2010)

16

(17)

Inherent Parallelism (2010)

17

(18)

Inherent Parallelism (2010)

18

(19)

Inherent Parallelism (2013)

19

(20)

Inherent Parallelism (2013)

20

(21)

Inherent Parallelism (2015)

21

(22)

Inherent Parallelism

22

(23)

Inherent Parallelism

23

(24)

Summary

24

The projective coordinate systems are used to eliminate the need for

performing inversion.

For elliptic curves, many different forms of formulas are found for point addition and doubling.

The selection of a specific projective coordinate systems depends on:

Time

Inherent parallelism.

(25)

THANKS & GOOD LUCK

NEXT IS: 4 FIELD ARITHMETIC

Dr. Turki F. Al-Somani

2017

Referensi

Unduh sekarang ( PPTX - 25 Halaman - 1.62 MB )

Dokumen terkait

PREFERENSI KONSUMEN This presentation uses a free template provided by FPPT.com

• Tingkat utility total yang dicapai seorang konsumen merupakan fungsi dari kuantitas barang yang.. dikonsumsinya : Utilittas = U(barang X, barang Y, barang

isprsarchives XXXVIII 5 W12 243 2011

Normal direction and plane information were calculated and stored with point cloud in a tabular format: x, y, z coordinate, point normal, degree of membership and joint

Conference paper

Figure 6 shows the cuboids generated by iteratively applying the cuboid placement rule parameterized based on the peaks in the histograms of x-, y- and z coordinates.. In

1. Grothendieck Topology Let C be a category. Given f

The fiber product of f and g will be denoted by X×ZY.A category C is called a category with fiber products if given any two morphisms f :X→Z and g:Y →Z inC, their fiber product exists..

Unit-1 – Basics of Computer Graphics

 If the view plane is placed at position zvp along the zv axis, then any point x, y, z in viewing coordinates is transformed to projection coordinates as 𝒙𝒑= 𝒙, 𝒚𝒑 = 𝒚 View Plane

Semantic Structure of Javanese Verb 'to cut' - e-Journal UNP

The explicatiosn of Ngrajang X does something to Y vegetables/meat At the same time something happened to Y X using Z kitchen knife Y into small measured parts [M] X wants this X

Moderated multiple regression

The moderated multiple regression model can be called from R using a formula like y ~ x * z in the lm function

links.lww.com/ALN/C585

Region Identified by Atlas MNI Coordinates Seed Region AAL Anatomy Toolbox Harvard-Oxford Exten t t- value x y z Frontal_Mid_2_L L Middle Frontal Gyrus Middle Frontal Gyrus 142