Welcome to the resource topic for 2019/1304
Title:
Reduction Modulo 2^{448}-2^{224}-1
Authors: Kaushik Nath, Palash Sarkar
Abstract:An elliptic curve known as Curve448 defined over the finite field \mathbb{F}_p, where p=2^{448}-2^{224}-1, has been proposed as part of the Transport Layer Security (TLS) protocol, version 1.3. Elements of \mathbb{F}_p can be represented using 7 limbs where each limb is a 64-bit quantity. This paper describes efficient algorithms for reduction modulo p that are required for performing field arithmetic in \mathbb{F}_p using 7-limb representation. A key feature of our work is that we provide the relevant proofs of correctness of the algorithms. We also report efficient 64-bit assembly implementations for key generation and shared secret computation phases of the Diffie-Hellman key agreement protocol on Curve448. Timings results on the Haswell and Skylake processors demonstrate that the new 64-bit implementations for computing the shared secret are faster than the previously best known 64-bit implementations.
ePrint: https://eprint.iacr.org/2019/1304
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .