Montgomery-friendly primes and applications to cryptography.

This paper deals with Montgomery-friendly primes designed for the modular reduction algorithm of Montgomery. These numbers are scattered in the literature and their properties are partially exploited. We exhibit a large family of Montgomery-friendly primes which give rise to efficient modular reduction algorithms. We develop two main outcomes. The first one is dedicated directly to cryptography, in particular for isogeny-based approaches and more generally to elliptic curves cryptography (ECC). We suggest more appropriate finite fields and curves in terms of complexity for the recommended security levels, for both isogeny-based cryptography and ECC. The second issue is mainly arithmetic (even if its main use is cryptography), and we propose families of alternative RNS bases. We show that, for dedicated architectures with word operators, we can reach, for a same or better complexity, larger RNS bases with Montgomery-friendly pairwise co-primes than the RNS bases generally used in the literature with pseudo-Mersenne numbers.