Go to DBLP homepagePEPEC: Precomputed ECC Points Embedded in Certificates and Verified by CT Log Servers
Abstract: Elliptic curve cryptography (ECC) is respected in public key infrastructures (PKIs) due to its high performance and small key size. However, for some client devices with limited computing resources, signature verification and key agreement using the ECC public key is computationally difficult which mainly due to the complexity of scalar multiplication. The window non-adjacent form algorithm can be used to improve the performance of the elliptic curve public key operation, which is combining the window method with the Non-adjacent form representation (w-NAF). Compared with fixed-point scalar multiplication using the offline precomputed table, for the unknown-point multiplication of ECC public key operation, a pre-computed table needs to be generated online. In this paper, a novel efficient certificate scheme called PEPEC (Precomputed ECC Points Embedded in Certificates) is proposed to integrate the w-NAF into CT (Certificate Transparency) which is a trusted enhancement for PKI. By using the PEPEC certificate, the client can improve the performance of the public key operation by more than 10%, with the offline-generated precomputed table of the w-NAF algorithm. The correctness of the precomputed table is provided by CT. Our PEPEC certificate is compatible with the existing standardized PKI system. The client can select the optimal window size of the w-NAF algorithm according to the current situation of computing resources to improve the performance of the public key operation.
Loading