POINT COMPRESSION FOR KOBLITZ ELLIPTIC CURVES

Elliptic curves over finite fields have applications in public key cryptography. A Koblitz curve is an elliptic curve E over F-2; the group E (F-2n) has convenient features for efficient implementation of elliptic curve cryptography. Wiener and Zuccherato and Gallant, Lambert and Vanstone showed that one can accelerate the Pollard rho algorithm for the discrete logarithm problem on Koblitz curves. This implies that when using Koblitz curves,one has a lower security per bit than when using general elliptic curves defined over the same field. Hence for a fixed security level, systems using Koblitz curves require slightly more bandwidth. We present a method to reduce this band width when a normal basis representation for F(2)n is used. Our method is appropriate for applications such as Diffie-Hellman key exchange or Elgamal encryption. We show that, with a low probability of failure,our method gives the expected bandwidth for a given security level.