Provably Sublinear Point Multiplication on Koblitz Curves and Its Hardware Implementation

We describe algorithms for point multiplication on Koblitz curves using multiple-base expansions of the form k = Sigmaplusmntau^a(tau-1)^b and k = Sigmaplusmntau^a(tau - mu)^b(tau² - mutau - 1)^c. We prove that the number of terms in the second type is sublinear in the bit length of k, which leads to the first provably sublinear point multiplication algorithm on Koblitz curves. For the first type, we conjecture that the number of terms is sublinear and provide numerical evidence demonstrating that the number of terms is significantly less than that of tau-adic nonadjacent form expansions. We present details of an innovative FPGA implementation of our algorithm and performance data demonstrating the efficiency of our method. We also show that implementations with very low computation latency are possible with the proposed method because parallel processing can be exploited efficiently.