Some improved algorithms for hyperelliptic curve cryptosystems using degenerate divisors

TLDR: This paper presents explicit formulae of the addition algorithm with degenerate divisors, and develops a window-based scheme that is secure against side-channel attacks.

Abstract: Hyperelliptic curve cryptosystems (HECC) can be good alternatives to elliptic curve cryptosystems, and there is a good possibility to improve the efficiency of HECC due to its flexible algebraic structure. Recently, an efficient scalar multiplication technique for application to genus 2 curves using a degenerate divisor has been proposed. This new technique can be used in the cryptographic protocol using a fixed base point, e.g., HEC-DSA. This paper considers two important issues concerning degenerate divisors. First, we extend the technique for genus 2 curves to genus 3 curves. Jacobian variety for genus 3 curves has two different degenerate divisors: degree 1 and 2. We present explicit formulae of the addition algorithm with degenerate divisors, and then present the timing of scalar multiplication using the proposed formulae. Second, we propose several window methods using the degenerate divisors. It is not obvious how to construct a base point D such that degD = deg(aD) <g for integer a, where g is the genus of the underlying curve and deg(D) is the degree of divisor D. We present an explicit algorithm for generating such divisors. We then develop a window-based scheme that is secure against side-channel attacks.