[curves] Microsoft ECCLib for "NUMS" curves

Trevor Perrin trevp at trevp.net
Mon Jun 30 14:54:52 PDT 2014 

On Mon, Jun 30, 2014 at 1:29 PM, Samuel Neves <sneves at dei.uc.pt> wrote:
> Here are the remaining numbers:

Thanks, those are also very close to the numbers previously reported
by Microsoft [1] that I put in the spreadsheet.

It's good to get independent verification, but for variable-base
scalar mult it looks like there's no surprise here.  (I haven't looked
at fixed-base or "double-base" performance, though).


Trevor


[1] http://patricklonga.webs.com/Presentation_CFRG_Selecting_Elliptic_Curves_for_Cryptography.pdf


>> Curve arithmetic: Weierstrass a=-3 over GF(2^256-189)
>>
>>   Point doubling runs in ..........................................      687 cycles
>>   (Complete) point addition runs in ...............................     1788 cycles
>>   Variable-base scalar mul runs in ................................   282593 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........   109593 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........   299468 cycles
>>
>> --------------------------------------------------------------------------------------------------------
>>
>> Curve arithmetic: twisted Edwards a=-1 over GF(2^256-189)
>>
>>   Point doubling runs in ..........................................      561 cycles
>>   (Complete) point addition runs in ...............................      932 cycles
>>   Variable-base scalar mul runs in ................................   228468 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........    84344 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........   242463 cycles
>>
>> --------------------------------------------------------------------------------------------------------
>>
>> Curve arithmetic: Weierstrass a=-3 over GF(2^384-317)
>>
>>   Point doubling runs in ..........................................     1291 cycles
>>   (Complete) point addition runs in ...............................     3160 cycles
>>   Variable-base scalar mul runs in ................................   756699 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........   260110 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........   795440 cycles
>>
>> --------------------------------------------------------------------------------------------------------
>>
>> Curve arithmetic: twisted Edwards a=-1 over GF(2^384-317)
>>
>>   Point doubling runs in ..........................................     1048 cycles
>>   (Complete) point addition runs in ...............................     1738 cycles
>>   Variable-base scalar mul runs in ................................   612372 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........   206029 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........   644065 cycles
>>
>> --------------------------------------------------------------------------------------------------------
>>
>> Curve arithmetic: Weierstrass a=-3 over GF(2^512-569)
>>
>>   Point doubling runs in ..........................................     1995 cycles
>>   (Complete) point addition runs in ...............................     4798 cycles
>>   Variable-base scalar mul runs in ................................  1560055 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........   505452 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........  1643738 cycles
>>
>> --------------------------------------------------------------------------------------------------------
>>
>> Curve arithmetic: twisted Edwards a=-1 over GF(2^512-569)
>>
>>   Point doubling runs in ..........................................     1697 cycles
>>   (Complete) point addition runs in ...............................     2832 cycles
>>   Variable-base scalar mul runs in ................................  1287500 cycles
>>   Fixed-base scalar mul (memory model=MEM_LARGE) runs in ..........   399970 cycles
>>   Double-base scalar mul (memory model=MEM_LARGE) runs in .........  1346718 cycles
>
> _______________________________________________
> Curves mailing list
> Curves at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/curves

More information about the Curves mailing list