An alternative normal form for elliptic curve cryptography: Edwards curves

Muş, Köksal
A new normal form x2 + y2 = c2(1 + x2y2) of elliptic curves was introduced by M. Harold Edwards in 2007 over the field k having characteristic different than 2. This new form has very special and important properties such that addition operation is strongly unified and complete for properly chosen parameter c . In other words, doubling can be done by using the addition formula and any two points on the curve can be added by the addition formula without exception. D. Bernstein and T. Lange added one more parameter d to the normal form to cover a large class of elliptic curves, x2 + y2 = c2(1 + dx2y2) over the same field. In this thesis, an expository overview of the literature on Edwards curves is given. First, the types of Edwards curves over the nonbinary field k are introduced, addition and doubling over the curves are derived and efficient algorithms for addition and doubling are stated with their costs. Finally, known elliptic curves and Edwards curves are compared according to their cryptographic applications. The way to choose the Edwards curve which is most appropriate for cryptographic applications is also explained.
Citation Formats
K. Muş, “An alternative normal form for elliptic curve cryptography: Edwards curves,” M.S. - Master of Science, Middle East Technical University, 2009.