{"id":"https://openalex.org/W4313508331","doi":"https://doi.org/10.46586/tches.v2023.i3.504-521","title":"Faster Montgomery multiplication and Multi-Scalar-Multiplication for SNARKs","display_name":"Faster Montgomery multiplication and Multi-Scalar-Multiplication for SNARKs","publication_year":2023,"publication_date":"2023-06-09","ids":{"openalex":"https://openalex.org/W4313508331","doi":"https://doi.org/10.46586/tches.v2023.i3.504-521"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2023.i3.504-521","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i3.504-521","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/10972/10279","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"preprint","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/10972/10279","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065790307","display_name":"Gautam Botrel","orcid":null},"institutions":[{"id":"https://openalex.org/I4210102518","display_name":"ConsenSys (United States)","ror":"https://ror.org/01a2p6r88","country_code":"US","type":"company","lineage":["https://openalex.org/I4210102518"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Gautam Botrel","raw_affiliation_strings":["Linea, Fort Worth (Texas), USA","ConsenSys (New York - United States)"],"affiliations":[{"raw_affiliation_string":"Linea, Fort Worth (Texas), USA","institution_ids":[]},{"raw_affiliation_string":"ConsenSys (New York - United States)","institution_ids":["https://openalex.org/I4210102518"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004547486","display_name":"Youssef El Housni","orcid":"https://orcid.org/0000-0003-2873-3479"},"institutions":[{"id":"https://openalex.org/I142476485","display_name":"\u00c9cole Polytechnique","ror":"https://ror.org/05hy3tk52","country_code":"FR","type":"education","lineage":["https://openalex.org/I142476485","https://openalex.org/I4210145102"]},{"id":"https://openalex.org/I4210126360","display_name":"Centre Inria de Saclay","ror":"https://ror.org/0315e5x55","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1326498283","https://openalex.org/I4210126360"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Youssef El Housni","raw_affiliation_strings":["Linea, Fort Worth (Texas), USA","GRACE - Geometry, arithmetic, algorithms, codes and encryption (Inria Saclay Ile-de-France - B\u00e2t. Alan Turing ; LIX - 2e \u00e9tage ; 1 rue Honor\u00e9 d'Estienne d'Orves ; Campus de l'\u00c9cole Polytechnique ; 91120 Palaiseau - France)"],"affiliations":[{"raw_affiliation_string":"Linea, Fort Worth (Texas), USA","institution_ids":[]},{"raw_affiliation_string":"GRACE - Geometry, arithmetic, algorithms, codes and encryption (Inria Saclay Ile-de-France - B\u00e2t. Alan Turing ; LIX - 2e \u00e9tage ; 1 rue Honor\u00e9 d'Estienne d'Orves ; Campus de l'\u00c9cole Polytechnique ; 91120 Palaiseau - France)","institution_ids":["https://openalex.org/I4210126360","https://openalex.org/I142476485"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5065790307"],"corresponding_institution_ids":["https://openalex.org/I4210102518"],"apc_list":null,"apc_paid":null,"fwci":2.2494,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.89933218,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"2023","issue":"3","first_page":"504","last_page":"521"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11435","display_name":"Polynomial and algebraic computation","score":0.9589999914169312,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/multiplication","display_name":"Multiplication (music)","score":0.8036350011825562},{"id":"https://openalex.org/keywords/scalar-multiplication","display_name":"Scalar multiplication","score":0.774707555770874},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.6208856105804443},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.43328726291656494},{"id":"https://openalex.org/keywords/scalar","display_name":"Scalar (mathematics)","score":0.41707393527030945},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3797091841697693},{"id":"https://openalex.org/keywords/combinatorics","display_name":"Combinatorics","score":0.17936864495277405},{"id":"https://openalex.org/keywords/geometry","display_name":"Geometry","score":0.05986618995666504}],"concepts":[{"id":"https://openalex.org/C2780595030","wikidata":"https://www.wikidata.org/wiki/Q3860309","display_name":"Multiplication (music)","level":2,"score":0.8036350011825562},{"id":"https://openalex.org/C171182647","wikidata":"https://www.wikidata.org/wiki/Q126736","display_name":"Scalar multiplication","level":3,"score":0.774707555770874},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.6208856105804443},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.43328726291656494},{"id":"https://openalex.org/C57691317","wikidata":"https://www.wikidata.org/wiki/Q1289248","display_name":"Scalar (mathematics)","level":2,"score":0.41707393527030945},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3797091841697693},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.17936864495277405},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.05986618995666504}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.46586/tches.v2023.i3.504-521","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i3.504-521","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/10972/10279","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:oai:HAL:hal-03922635v1","is_oa":true,"landing_page_url":"https://hal.science/hal-03922635","pdf_url":"https://hal.science/hal-03922635/document","source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023, pp.504-521. &#x27E8;10.46586/tches.v2023.i3.504-521&#x27E9;","raw_type":"Journal articles"},{"id":"pmh:oai:doaj.org/article:05dc327ef8174357a96866ad7ab2d6fb","is_oa":true,"landing_page_url":"https://doaj.org/article/05dc327ef8174357a96866ad7ab2d6fb","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2023, Iss 3 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.46586/tches.v2023.i3.504-521","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i3.504-521","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/10972/10279","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4313508331.pdf"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1534733761","https://openalex.org/W1584722274","https://openalex.org/W2004814164","https://openalex.org/W2065422049","https://openalex.org/W2069448237","https://openalex.org/W2127195783","https://openalex.org/W2529173666","https://openalex.org/W2765725997","https://openalex.org/W2902824124","https://openalex.org/W2951701972","https://openalex.org/W2977627479","https://openalex.org/W2978282230","https://openalex.org/W3021066046","https://openalex.org/W3037454578","https://openalex.org/W3202783968","https://openalex.org/W4280542304"],"related_works":["https://openalex.org/W2034604290","https://openalex.org/W2867317277","https://openalex.org/W1576294153","https://openalex.org/W2078886092","https://openalex.org/W2057797376","https://openalex.org/W2090319426","https://openalex.org/W2362283711","https://openalex.org/W2002792918","https://openalex.org/W2360049128","https://openalex.org/W2506252583"],"abstract_inverted_index":{"The":[0],"bottleneck":[1],"in":[2,150,179,188,192,204],"the":[3,14,29,53,76,84,119,123,173,185,189,193],"proving":[4],"algorithm":[5,32],"of":[6,8,25,28,37,60,78,97,132],"most":[7],"elliptic-curve-based":[9],"SNARK":[10],"proof":[11],"systems":[12,135],"is":[13,52,71,94,128],"Multi-Scalar-Multiplication":[15],"(MSM)":[16],"algorithm.":[17],"In":[18],"this":[19,51],"paper":[20],"we":[21,74,107],"give":[22],"an":[23],"overview":[24],"a":[26,35,44,95,109,169],"variant":[27],"Pippenger":[30,120],"MSM":[31,121,124,182,197],"together":[33],"with":[34],"set":[36],"optimizations":[38],"tailored":[39,117],"for":[40,55,66,113,118,130],"curves":[41,116,127],"that":[42,50,100,165],"admit":[43],"twisted":[45,114],"Edwards":[46,115],"form.":[47],"We":[48,146,163],"prove":[49],"case":[54],"SNARK-friendly":[56],"chains":[57],"and":[58,142,152,161,200,212],"cycles":[59],"elliptic":[61],"curves,":[62],"which":[63],"are":[64],"useful":[65],"recursive":[67,133],"constructions.":[68],"Our":[69],"contribution":[70,96],"twofold:":[72],"first,":[73],"optimize":[75],"arithmetic":[77],"finite":[79],"fields":[80],"by":[81,210],"improving":[82],"on":[83,155,198],"well-known":[85],"Coarsely":[86],"Integrated":[87],"Operand":[88],"Scanning":[89],"(CIOS)":[90],"modular":[91],"multiplication.":[92],"This":[93,181],"independent":[98],"interest":[99],"applies":[101],"to":[102],"many":[103],"different":[104,157],"contexts.":[105],"Second,":[106],"propose":[108],"new":[110],"coordinate":[111],"system":[112],"algorithm.Accelerating":[122],"over":[125,172],"these":[126],"critical":[129],"deployment":[131],"proof&lt;":[134],"applications":[136],"such":[137],"as":[138],"proof-carrying-data,":[139],"blockchain":[140,143],"rollups":[141],"light":[144],"clients.":[145],"implement":[147],"our":[148,166],"work":[149],"Go":[151],"benchmark":[153],"it":[154],"two":[156,205],"CPU":[158],"architectures":[159],"(x86":[160],"arm64).":[162],"show":[164],"implementation":[167,175,183],"achieves":[168],"40-47%":[170],"speedup":[171],"state-of-the-art":[174],"(which":[176],"was":[177],"implemented":[178],"Rust).":[180],"won":[184],"first":[186],"place":[187],"ZPrize":[190],"competition":[191],"open":[194],"division":[195],"\u201cAccelerating":[196],"Mobile\u201d":[199],"will":[201],"be":[202],"deployed":[203],"real-world":[206],"applications:":[207],"Linea":[208],"zkEVM":[209],"ConsenSys":[211],"probably":[213],"Celo":[214],"network.":[215]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}