Craig CostelloHüseyin HişilBenjamin A. Smith2025-10-0620149789819698936, 9789819698042, 9789819698110, 9789819698905, 9789819512324, 9783032026019, 9783032008909, 9783031915802, 9789819698141, 978303198413616113349, 0302974310.1007/978-3-642-55220-5_11https://www.scopus.com/inward/record.uri?eid=2-s2.0-84901674442&doi=10.1007%2F978-3-642-55220-5_11&partnerID=40&md5=42ef6b2930560211874a6fd363f09f65https://gcris.yasar.edu.tr/handle/123456789/10038We describe an implementation of fast elliptic curve scalar multiplication optimized for Diffie-Hellman Key Exchange at the 128-bit security level. The algorithms are compact (using only x-coordinates) run in constant time with uniform execution patterns and do not distinguish between the curve and its quadratic twist, they thus have a built-in measure of side-channel resistance. (For comparison we also implement two faster but non-constant-time algorithms.) The core of our construction is a suite of two-dimensional differential addition chains driven by efficient endomorphism decompositions built on curves selected from a family of ℚ-curve reductions over double-struck F <inf>p2</inf> with p = 2127 - 1. We include state-of-the-art experimental results for twist-secure constant-time x-coordinate-only scalar multiplication. © 2014 International Association for Cryptologic Research. © 2014 Elsevier B.V. All rights reserved.EnglishAddition Chains, Elliptic Curve Cryptography, Endomorphism, Kummer Variety, Montgomery Curve, Scalar Multiplication, Side Channel Attacks, Twist-secure, Chains, Public Key Cryptography, Addition Chains, Elliptic Curve Cryptography, Endomorphism, Kummer Variety, Montgomery, Scalar Multiplication, Side Channel Attack, Twist-secure, AlgorithmsChains, Public key cryptography, Addition chains, Elliptic curve cryptography, endomorphism, Kummer variety, Montgomery, Scalar multiplication, Side channel attack, twist-secure, AlgorithmsConference Object