10 research outputs found
A Las Vegas algorithm to solve the elliptic curve discrete logarithm problem
In this paper, we describe a new Las Vegas algorithm to solve the elliptic
curve discrete logarithm problem. The algorithm depends on a property of the
group of rational points of an elliptic curve and is thus not a generic
algorithm. The algorithm that we describe has some similarities with the most
powerful index-calculus algorithm for the discrete logarithm problem over a
finite field
ΠΡΠΈΠ½ΡΠΈΠΏΡ ΠΏΠΎΡΡΡΠΎΠ΅Π½ΠΈΡ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΡ Π°Π»Π³ΠΎΡΠΈΡΠΌΠΎΠ² Π½Π° ΡΠ»Π»ΠΈΠΏΡΠΈΡΠ΅ΡΠΊΠΈΡ ΠΊΡΠΈΠ²ΡΡ
ΠΠ°Π²Π΅Π΄Π΅Π½ΠΎ ΠΏΡΠΈΠ½ΡΠΈΠΏΠΈ ΠΏΠΎΠ±ΡΠ΄ΠΎΠ²ΠΈ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΡΠ½ΠΈΡ
Π°Π»Π³ΠΎΡΠΈΡΠΌΡΠ² Π½Π° Π΅Π»ΡΠΏΡΠΈΡΠ½ΠΈΡ
ΠΊΡΠΈΠ²ΠΈΡ
, Π²ΠΈΠΊΠΎΡΠΈΡΡΠ°Π½Ρ Π² ΡΡΠ°Π½Π΄Π°ΡΡΡ ΠΠ‘Π’Π£ 4145-2002, ΡΠΊΡ Π·Π°Π±Π΅Π·ΠΏΠ΅ΡΡΡΡΡ Π²ΠΈΡΠΎΠΊΡ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΡΡΠ½Ρ ΡΡΡΠΉΠΊΡΡΡΡ ΡΠΈΡΡΠΎΠ²ΠΎΠ³ΠΎ ΠΏΡΠ΄ΠΏΠΈΡΡ.Design principles of elliptic curve cryptographic algorithms are explained. It is shown that implementation of these principles in the National digital signature standard DSTU 4145-2002 guarantees a high cryptographic strength of the digital signature
Diversity and Transparency for ECC
Generating and standardizing elliptic curves to use
them in a cryptographic context is a hard task.
In this note, we donβt make an explicit proposal
for an elliptic curve, but we deal with the following
issues.
Security: We give a list of criteria that should be
satisfied by a secure elliptic curve. Although a few
of these criteria are incompatible, we detail what we
think are the best choices for optimal security.
Transparency: We sketch a way to generate a
curve in a fully transparent way so that it can be
trusted and not suspected to belong to a (not publicly
known to be) vulnerable class. In particular, since the
computational cost of verifying the output of such a
process may be quite high, we sketch out the format
of a certificate that eases the computations. We think
that this format might deserve being standardized
Comparing proofs of security for lattice-based encryption
This paper describes the limits of various security proofs , using 36 lattice-based KEMs as case studies. This description allows the limits to be systematically compared across these KEMs; shows that some previous claims are incorrect; and provides an explicit framework for thorough security reviews of these KEMs
Cryptographic Pairings: Efficiency and DLP security
This thesis studies two important aspects of the use of pairings in cryptography, efficient
algorithms and security.
Pairings are very useful tools in cryptography, originally used for the cryptanalysis of
elliptic curve cryptography, they are now used in key exchange protocols, signature schemes
and Identity-based cryptography.
This thesis comprises of two parts: Security and Efficient Algorithms.
In Part I: Security, the security of pairing-based protocols is considered, with a thorough
examination of the Discrete Logarithm Problem (DLP) as it occurs in PBC. Results on the
relationship between the two instances of the DLP will be presented along with a discussion
about the appropriate selection of parameters to ensure particular security level.
In Part II: Efficient Algorithms, some of the computational issues which arise when using
pairings in cryptography are addressed. Pairings can be computationally expensive, so
the Pairing-Based Cryptography (PBC) research community is constantly striving to find
computational improvements for all aspects of protocols using pairings. The improvements
given in this section contribute towards more efficient methods for the computation of pairings,
and increase the efficiency of operations necessary in some pairing-based protocol
CM55: special prime-field elliptic curves almost optimizing den Boer\u27s reduction between Diffie-Hellman and discrete logs
Using the Pohlig--Hellman algorithm, den Boer reduced the discrete logarithm problem to the Diffie--Hellman problem in groups of an order whose prime factors were each one plus a smooth number. This report reviews some related general conjectural lower bounds on the Diffie-Hellman problem in elliptic curve groups that relax the smoothness condition into a more commonly true condition.
This report focuses on some elliptic curve parameters defined over a prime field size of size 9+55(2^288), whose special form may provide some efficiency advantages over random fields of similar sizes. The curve has a point of Proth prime order 1+55(2^286), which helps to nearly optimize the den Boer reduction. This curve is constructed using the CM method. It has cofactor 4, trace 6, and fundamental discriminant -55.
This report also tries to consolidate the variety of ways of deciding between elliptic curves (or other algorithms) given the efficiency and security of each