CryptoDB
ECM using Edwards curves
Authors: | |
---|---|
Download: | |
Abstract: | This paper introduces GMP-EECM, a fast implementation of the elliptic-curve method of factoring integers. GMP-EECM is based on, but faster than, the well-known GMP-ECM software. The main changes are as follows: (1) use Edwards curves instead of Montgomery curves; (2) use twisted inverted Edwards coordinates; (3) use signed-sliding-window addition chains; (4) batch primes to increase the window size; (5) choose curves with small parameters $a,d,X_1,Y_1,Z_1$; (6) choose curves with larger torsion. |
BibTeX
@misc{eprint-2008-17693, title={ECM using Edwards curves}, booktitle={IACR Eprint archive}, keywords={public-key cryptography / factorization, ECM, elliptic-curve method, curve selection, Edwards coordinates, inverted Edwards coordinates, twisted Edwards curves}, url={http://eprint.iacr.org/2008/016}, note={ tanja@hyperelliptic.org 13898 received 9 Jan 2008, last revised 20 Jan 2008}, author={Daniel J. Bernstein and Peter Birkner and Tanja Lange and Christiane Peters}, year=2008 }