Efficiencies in binary elliptic curves

This paper discusses the choices of elliptic curve models available to the would-be implementer, and assists the decision as to which model to use by examining the links between security and efficiency. In early public key cryptography schemes, such as ElGamal and RSA, the use of finite fields over large prime numbers was prevalent, thus preventing the need for difficult and expensive computations over extension fields. Thus, with the introduction of elliptic curve models, the same computational infrastructure using prime fields was inevitably used. As it became clear that elliptic curve models were more efficient than their public key competitors, they acquired a great deal of attention. In more recent times, and with the onset of the Internet of Things, the cryptography community is faced with the challenge of improving the efficiency of cryptography even further, resulting in many papers dealing with improvements of computational efficiencies. This search, along with improvements in both software and hardware dealing with characteristic two fields has instigated the analysis of elliptic curve constructions over binary extension fields. In particular, the ability to identify an object in the field with a bit string aids computation for binary elliptic curves. These circumstances account for our focus on binary elliptic curve fields in this paper in which we present an in-depth discussion on their efficiency and security properties along with other relevant features of various binary elliptic curve models.