Symmetric digit sets for elliptic curve scalar multiplication without precomputation

We describe a method to perform scalar multiplication on two classes of ordinary elliptic curves, namely E : y(2) = x(3) + Ax in prime characteristic p equivalent to 1 mod 4, and E : y(2) = x(3) +B in prime characteristic p equivalent to 1 mod 3. On these curves, the 4-th and 6-th roots of unity act as (computationally efficient) endomorphisms. In order to optimise the scalar multiplication, we consider a width-w-NAF (Non-Adjacent Form) digit expansion of positive integers to the complex base of tau, where tau is a zero of the characteristic polynomial x(2) - tx + p of the Frobenius endomorphism associated to the curve. We provide a precomputationless algorithm by means of a convenient factorisation of the unit group of residue classes modulo tau in the endomorphism ring, whereby we construct a digit set consisting of powers of subgroup generators, which are chosen as efficient endomorphisms of the curve. (C) 2014 The Authors. Published by Elsevier B.V.