University of Hagen
In this paper the authors study software optimization of elliptic curve cryptography with 256-bit prime fields. The authors propose a constant-time implementation of the NIST and SECG standardized curve P-256, that can be seamlessly integrated into OpenSSL. This accelerates perfect forward secrecy TLS handshakes that use ECDSA and/or ECDHE, and can help improving the efficiency of TLS servers. They report significant performance improvements for ECDSA and ECDH, on several architectures. For example, on the latest Intel Haswell micro-architecture, their ECDSA sign is 2.33x faster than OpenSSL's implementation.