A fast scalar multiplication method with randomized projective coordinates on a Montgomery-form elliptic curve secure against side channel attacks

Abstract

In this paper, we propose a scalar multiplication method that does not incur a higher computational cost for randomized projective coordinates of the Montgomery form of elliptic curves. A randomized projective coordinates method is a countermeasure against side channel attacks on an elliptic curve cryptosystem in which an attacker cannot predict the appearance of a specific value because the coordinates have been randomized. However, because of this randomization, we cannot assume the Z-coordinate to be 1. Thus, the computational cost increases by multiplications of Z-coordinates, 10%. Our results clarify the advantages of cryptographic usage of Montgomery-form elliptic curves in constrained environments such as mobile devices and smart cards.