4,432 research outputs found
Quasi-quadratic elliptic curve point counting using rigid cohomology
We present a deterministic algorithm that computes the zeta function of a
nonsupersingular elliptic curve E over a finite field with p^n elements in time
quasi-quadratic in n. An older algorithm having the same time complexity uses
the canonical lift of E, whereas our algorithm uses rigid cohomology combined
with a deformation approach. An implementation in small odd characteristic
turns out to give very good results.Comment: 14 page
Finding Significant Fourier Coefficients: Clarifications, Simplifications, Applications and Limitations
Ideas from Fourier analysis have been used in cryptography for the last three
decades. Akavia, Goldwasser and Safra unified some of these ideas to give a
complete algorithm that finds significant Fourier coefficients of functions on
any finite abelian group. Their algorithm stimulated a lot of interest in the
cryptography community, especially in the context of `bit security'. This
manuscript attempts to be a friendly and comprehensive guide to the tools and
results in this field. The intended readership is cryptographers who have heard
about these tools and seek an understanding of their mechanics and their
usefulness and limitations. A compact overview of the algorithm is presented
with emphasis on the ideas behind it. We show how these ideas can be extended
to a `modulus-switching' variant of the algorithm. We survey some applications
of this algorithm, and explain that several results should be taken in the
right context. In particular, we point out that some of the most important bit
security problems are still open. Our original contributions include: a
discussion of the limitations on the usefulness of these tools; an answer to an
open question about the modular inversion hidden number problem
An Improved Public Key Cryptography Based on the Elliiptic Curve
Elliptic curve cryptography offers two major benefits over RSA: more security
per bit, and a suitable key size for hardware and modern communication. Thus, this
results to smaller size of public key certificates, lower power requirements and
smaller hardware processors.
Three major approaches are used in this dissertation to enhance the elliptic curve
cryptsystems: reducing the number of the elliptic curve group arithmetic operations,
speeding up the underlying finite field operations and reducing the size of the
transited parameters. A new addition formula in the projective coordinate is
introduced, where the analysis for this formula shows that the number of
multiplications over the finite field is reduced to nine general field element
multiplications. Thus this reduction will speed up the computation of adding two
points on the elliptic curve by 11 percent. Moreover, the new formula can be used
more efficiently when it is combined with the suggested sparse elements algorithms. To speed up the underlying finite field operations, several new algorithms are
introduced namely: selecting random sparse elements algorithm, finding sparse base
points, sparse multiplication over polynomial basis, and sparse multiplication over
normal basis. The complexity analysis shows that whenever the sparse techniques
are used, the improvement rises to 33 percent compared to the standard projective
coordinate formula and improvement of 38 percent compared to affine coordinate. A
new algorithm to compress and decompress the sparse elements algorithms are
introduced to reduce the size of the transited parameters.
The enhancements are applied on three protocols and two applications. The
protocols are Diffie-Hellman, ELGamal and elliptic curve digital signature. In these
protocols the speed of encrypting, decrypting and signing the message are increased
by 23 to 38 percent. Meanwhile, the size of the public keys are reduced by 37 to 48
percent. The improved algorithms are applied to the on-line and off-line electronic
payments systems, which lead to probably the best solution to reduce the objects
size and enhance the performance in both systems
A Generic Approach to Searching for Jacobians
We consider the problem of finding cryptographically suitable Jacobians. By
applying a probabilistic generic algorithm to compute the zeta functions of low
genus curves drawn from an arbitrary family, we can search for Jacobians
containing a large subgroup of prime order. For a suitable distribution of
curves, the complexity is subexponential in genus 2, and O(N^{1/12}) in genus
3. We give examples of genus 2 and genus 3 hyperelliptic curves over prime
fields with group orders over 180 bits in size, improving previous results. Our
approach is particularly effective over low-degree extension fields, where in
genus 2 we find Jacobians over F_{p^2) and trace zero varieties over F_{p^3}
with near-prime orders up to 372 bits in size. For p = 2^{61}-1, the average
time to find a group with 244-bit near-prime order is under an hour on a PC.Comment: 22 pages, to appear in Mathematics of Computatio
Agri-Food Traceability Management using a RFID System with Privacy Protection
In this paper an agri-food traceability system based on public key cryptography and Radio Frequency Identification (RFID) technology is proposed. In order to guarantee safety in food, an efficient tracking and tracing system is required. RFID devices allow recording all useful information for traceability directly on the commodity. The security issues are discussed and two different methods based on public cryptography are proposed and evaluated. The first algorithm uses a nested RSA based structure to improve security, while the second also provides authenticity of data. An experimental analysis demonstrated that the proposed system is well suitable on PDAs to
Algorithms and cryptographic protocols using elliptic curves
En els darrers anys, la criptografia amb corbes el.líptiques ha
adquirit una importància creixent, fins a arribar a formar part en
la actualitat de diferents estàndards industrials. Tot i que s'han
dissenyat variants amb corbes el.líptiques de criptosistemes
clàssics, com el RSA, el seu màxim interès rau en la seva
aplicació en criptosistemes basats en el Problema del Logaritme
Discret, com els de tipus ElGamal. En aquest cas, els
criptosistemes el.líptics garanteixen la mateixa seguretat que els
construïts sobre el grup multiplicatiu d'un cos finit primer, però
amb longituds de clau molt menor.
Mostrarem, doncs, les bones propietats d'aquests criptosistemes,
així com els requeriments bàsics per a que una corba
sigui criptogràficament útil, estretament relacionat amb la seva
cardinalitat. Revisarem alguns mètodes que permetin descartar
corbes no criptogràficament útils, així com altres que permetin
obtenir corbes bones a partir d'una de donada. Finalment,
descriurem algunes aplicacions, com són el seu ús en Targes
Intel.ligents i sistemes RFID, per concloure amb alguns avenços
recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent
years, and today represents a cornerstone in many industrial
standards. Although elliptic curve variants of classical
cryptosystems such as RSA exist, the full potential of elliptic
curve cryptography is displayed in cryptosystems based on the
Discrete Logarithm Problem, such as ElGamal. For these, elliptic
curve cryptosystems guarantee the same security levels as their
finite field analogues, with the additional advantage of using
significantly smaller key sizes.
In this report we show the positive properties of elliptic curve
cryptosystems, and the requirements a curve must meet to be
useful in this context, closely related to the number of points.
We survey methods to discard cryptographically uninteresting
curves as well as methods to obtain other useful curves from
a given one. We then describe some real world applications
such as Smart Cards and RFID systems and conclude with a
snapshot of recent developments in the field
Hard isogeny problems over RSA moduli and groups with infeasible inversion
We initiate the study of computational problems on elliptic curve isogeny
graphs defined over RSA moduli. We conjecture that several variants of the
neighbor-search problem over these graphs are hard, and provide a comprehensive
list of cryptanalytic attempts on these problems. Moreover, based on the
hardness of these problems, we provide a construction of groups with infeasible
inversion, where the underlying groups are the ideal class groups of imaginary
quadratic orders.
Recall that in a group with infeasible inversion, computing the inverse of a
group element is required to be hard, while performing the group operation is
easy. Motivated by the potential cryptographic application of building a
directed transitive signature scheme, the search for a group with infeasible
inversion was initiated in the theses of Hohenberger and Molnar (2003). Later
it was also shown to provide a broadcast encryption scheme by Irrer et al.
(2004). However, to date the only case of a group with infeasible inversion is
implied by the much stronger primitive of self-bilinear map constructed by
Yamakawa et al. (2014) based on the hardness of factoring and
indistinguishability obfuscation (iO). Our construction gives a candidate
without using iO.Comment: Significant revision of the article previously titled "A Candidate
Group with Infeasible Inversion" (arXiv:1810.00022v1). Cleared up the
constructions by giving toy examples, added "The Parallelogram Attack" (Sec
5.3.2). 54 pages, 8 figure
A Comparison of Cryptography Courses
The author taught two courses on cryptography, one at Duke University aimed
at non-mathematics majors and one at Rose-Hulman Institute of Technology aimed
at mathematics and computer science majors. Both tried to incorporate technical
and societal aspects of cryptography, with varying emphases. This paper will
discuss the strengths and weaknesses of both courses and compare the
differences in the author's approach.Comment: 14 pages; to appear in Cryptologi
- …