International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

ECM using Edwards curves

Authors:
Daniel J. Bernstein
Peter Birkner
Tanja Lange
Christiane Peters
Download:
URL: http://eprint.iacr.org/2008/016
Search ePrint
Search Google
Abstract: This paper introduces GMP-EECM, a fast implementation of the elliptic-curve method of factoring integers. GMP-EECM is based on, but faster than, the well-known GMP-ECM software. The main changes are as follows: (1) use Edwards curves instead of Montgomery curves; (2) use twisted inverted Edwards coordinates; (3) use signed-sliding-window addition chains; (4) batch primes to increase the window size; (5) choose curves with small parameters $a,d,X_1,Y_1,Z_1$; (6) choose curves with larger torsion.
BibTeX
@misc{eprint-2008-17693,
  title={ECM using Edwards curves},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / factorization, ECM, elliptic-curve method, curve selection, Edwards coordinates, inverted Edwards coordinates, twisted Edwards curves},
  url={http://eprint.iacr.org/2008/016},
  note={ tanja@hyperelliptic.org 13898 received 9 Jan 2008, last revised 20 Jan 2008},
  author={Daniel J. Bernstein and Peter Birkner and Tanja Lange and Christiane Peters},
  year=2008
}