199 research outputs found
Fast, uniform, and compact scalar multiplication for elliptic curves and genus 2 Jacobians with applications to signature schemes
We give a general framework for uniform, constant-time one-and
two-dimensional scalar multiplication algorithms for elliptic curves and
Jacobians of genus 2 curves that operate by projecting to the x-line or Kummer
surface, where we can exploit faster and more uniform pseudomultiplication,
before recovering the proper "signed" output back on the curve or Jacobian.
This extends the work of L{\'o}pez and Dahab, Okeya and Sakurai, and Brier and
Joye to genus 2, and also to two-dimensional scalar multiplication. Our results
show that many existing fast pseudomultiplication implementations (hitherto
limited to applications in Diffie--Hellman key exchange) can be wrapped with
simple and efficient pre-and post-computations to yield competitive full scalar
multiplication algorithms, ready for use in more general discrete
logarithm-based cryptosystems, including signature schemes. This is especially
interesting for genus 2, where Kummer surfaces can outperform comparable
elliptic curve systems. As an example, we construct an instance of the Schnorr
signature scheme driven by Kummer surface arithmetic
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Isogeny-based post-quantum key exchange protocols
The goal of this project is to understand and analyze the supersingular isogeny Diffie Hellman (SIDH), a post-quantum key exchange protocol which security lies on the isogeny-finding problem between supersingular elliptic curves. In order to do so, we first introduce the reader to cryptography focusing on key agreement protocols and motivate the rise of post-quantum cryptography as a necessity with the existence of the model of quantum computation. We review some of the known attacks on the SIDH and finally study some algorithmic aspects to understand how the protocol can be implemented
Tree Parity Machine Rekeying Architectures
The necessity to secure the communication between hardware components in
embedded systems becomes increasingly important with regard to the secrecy of
data and particularly its commercial use. We suggest a low-cost (i.e. small
logic-area) solution for flexible security levels and short key lifetimes. The
basis is an approach for symmetric key exchange using the synchronisation of
Tree Parity Machines. Fast successive key generation enables a key exchange
within a few milliseconds, given realistic communication channels with a
limited bandwidth. For demonstration we evaluate characteristics of a
standard-cell ASIC design realisation as IP-core in 0.18-micrometer
CMOS-technology
Bit Security of the Hyperelliptic Curves Diffie-Hellman Problem
The Diffie-Hellman problem as a cryptographic primitive plays an important role in modern cryptology. The Bit Security or Hard-Core Bits of Diffie-Hellman problem in arbitrary finite cyclic group is a long-standing open problem in cryptography. Until now, only few groups have been studied. Hyperelliptic curve cryptography is an alternative to elliptic curve cryptography. Due to the recent cryptanalytic results that the best known algorithms to attack hyperelliptic curve cryptosystems of genus are the generic methods and the recent implementation results that hyperelliptic curve cryptography in genus 2 has the potential to be competitive with its elliptic curve cryptography counterpart. In this paper, we generalize Boneh and Shparlinksi\u27s method and result about elliptic curve to the case of Jacobians of hyperelliptic curves. We prove that the least significant bit of each coordinate of hyperelliptic curves Diffie-Hellman secret value in genus 2 is hard as the entire Diffie-Hellman value, and then we also show that any bit is hard as the entire Diffie-Hellman value. Finally, we extend our techniques and results to hyperelliptic curves of any genus
On the decisional Diffie-Hellman problem for class group actions on oriented elliptic curves
We show how the Weil pairing can be used to evaluate the assigned characters
of an imaginary quadratic order in an unknown ideal class
that connects two given
-oriented elliptic curves and . When specialized to ordinary elliptic curves over
finite fields, our method is conceptually simpler and often somewhat faster
than a recent approach due to Castryck, Sot\'akov\'a and Vercauteren, who rely
on the Tate pairing instead. The main implication of our work is that it breaks
the decisional Diffie-Hellman problem for practically all oriented elliptic
curves that are acted upon by an even-order class group. It can also be used to
better handle the worst cases in Wesolowski's recent reduction from the
vectorization problem for oriented elliptic curves to the endomorphism ring
problem, leading to a method that always works in sub-exponential time.Comment: 18 p
Ring Learning With Errors: A crossroads between postquantum cryptography, machine learning and number theory
The present survey reports on the state of the art of the different
cryptographic functionalities built upon the ring learning with errors problem
and its interplay with several classical problems in algebraic number theory.
The survey is based to a certain extent on an invited course given by the
author at the Basque Center for Applied Mathematics in September 2018.Comment: arXiv admin note: text overlap with arXiv:1508.01375 by other
authors/ comment of the author: quotation has been added to Theorem 5.
Curves, Jacobians, and Cryptography
The main purpose of this paper is to give an overview over the theory of
abelian varieties, with main focus on Jacobian varieties of curves reaching
from well-known results till to latest developments and their usage in
cryptography. In the first part we provide the necessary mathematical
background on abelian varieties, their torsion points, Honda-Tate theory,
Galois representations, with emphasis on Jacobian varieties and hyperelliptic
Jacobians. In the second part we focus on applications of abelian varieties on
cryptography and treating separately, elliptic curve cryptography, genus 2 and
3 cryptography, including Diffie-Hellman Key Exchange, index calculus in Picard
groups, isogenies of Jacobians via correspondences and applications to discrete
logarithms. Several open problems and new directions are suggested.Comment: 66 page
- …