TY - JOUR
AU - Nath, Kaushik
AU - Sarkar, Palash
PY - 2021/01/05
Y2 - 2024/11/14
TI - Reduction Modulo 2^{448}-2^{224}-1
JF - Mathematical Cryptology
JA - mathcryptology
VL - 0
IS - 1
SE - Articles
DO -
UR - https://ojs.test.flvc.org/mathcryptology/article/view/123700
SP - 8-21
AB - <p>An elliptic curve known as Curve448 defined over the finite field $\mathbb{F}_p$, where $p=2^{448}-2^{224}-1$, has been proposed as part of <br>the Transport Layer Security (TLS) protocol, version 1.3. Elements of $\mathbb{F}_p$ can be represented using 7 limbs where each limb is a 64-bit <br>quantity. This paper describes efficient algorithms for reduction modulo $p$ that are required for performing field arithmetic in $\mathbb{F}_p$ <br>using 7-limb representation. A key feature of our work is that we provide the relevant proofs of correctness of the algorithms. <br>We also report efficient 64-bit assembly implementations for key generation and shared secret computation of the Diffie-Hellman key agreement <br>protocol on Curve448. Timings results on the Haswell and Skylake processors demonstrate that the new 64-bit implementations for computing the <br>shared secret are faster than the previously best known 64-bit implementations.</p>
ER -