Algorithms and cryptographic protocols using elliptic curves

En els darrers anys, la criptografia amb corbes el.líptiques ha adquirit una importància creixent, fins a arribar a formar part en la actualitat de diferents estàndards industrials. Tot i que s'han dissenyat variants amb corbes el.líptiques de criptosistemes clàssics, com el RSA, el seu màxim interès rau en la seva aplicació en criptosistemes basats en el Problema del Logaritme Discret, com els de tipus ElGamal. En aquest cas, els criptosistemes el.líptics garanteixen la mateixa seguretat que els construïts sobre el grup multiplicatiu d'un cos finit primer, però amb longituds de clau molt menor. Mostrarem, doncs, les bones propietats d'aquests criptosistemes, així com els requeriments bàsics per a que una corba sigui criptogràficament útil, estretament relacionat amb la seva cardinalitat. Revisarem alguns mètodes que permetin descartar corbes no criptogràficament útils, així com altres que permetin obtenir corbes bones a partir d'una de donada. Finalment, descriurem algunes aplicacions, com són el seu ús en Targes Intel.ligents i sistemes RFID, per concloure amb alguns avenços recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent years, and today represents a cornerstone in many industrial standards. Although elliptic curve variants of classical cryptosystems such as RSA exist, the full potential of elliptic curve cryptography is displayed in cryptosystems based on the Discrete Logarithm Problem, such as ElGamal. For these, elliptic curve cryptosystems guarantee the same security levels as their finite field analogues, with the additional advantage of using significantly smaller key sizes. In this report we show the positive properties of elliptic curve cryptosystems, and the requirements a curve must meet to be useful in this context, closely related to the number of points. We survey methods to discard cryptographically uninteresting curves as well as methods to obtain other useful curves from a given one. We then describe some real world applications such as Smart Cards and RFID systems and conclude with a snapshot of recent developments in the field

NTRU software implementation for constrained devices

The NTRUEncrypt is a public-key cryptosystem based on the shortest vector problem. Its main characteristics are the low memory and computational requirements while providing a high security level. This document presents an implementation and optimization of the NTRU public-key cryptosys- tem for constrained devices. Speci cally the NTRU cryptosystem has been implemented on the ATMega128 and the ATMega163 microcontrollers. This has turned in a major e ort in order to reduce the consumption of memory and op- timize the computational resources. The di erent resulting optimizations have been compared and evaluated throught the AVR Studio 4 [1]. The nal outcome has also been compared with other published public-key cryptosystems as RSA or ECC showing the great performance NTRUEncrypt is able to deliver at a surprising very low cost

Elliptic Curve Cryptography: The Serpentine Course of a Paradigm Shift

Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare this story with the commonly accepted Ideal Model of how research and development function in cryptography. We also discuss to what extent the ideas in the literature on social construction of technology can contribute to a better understanding of this history

A double large prime variation for small genus hyperelliptic index calculus

International audienceIn this article, we examine how the index calculus approach for computing discrete logarithms in small genus hyperelliptic curves can be improved by introducing a double large prime variation. Two algorithms are presented. The first algorithm is a rather natural adaptation of the double large prime variation to the intended context. On heuristic and experimental grounds, it seems to perform quite well but lacks a complete and precise analysis. Our second algorithm is a considerably simplified variant, which can be analyzed easily. The resulting complexity improves on the fastest known algorithms. Computer experiments show that for hyperelliptic curves of genus three, our first algorithm surpasses Pollard's Rho method even for rather small field sizes

Cryptography Through the Lens of Group Theory

Cryptography has been around for many years, and mathematics has been around even longer. When the two subjects were combined, however, both the improvements and attacks on cryptography were prevalent. This paper introduces and performs a comparative analysis of two versions of the ElGamal cryptosystem, both of which use the specific field of mathematics known as group theory