111 research outputs found
SIDH hybrid schemes with a classical component based on the discrete logarithm problem over finite field extension
The concept of a hybrid scheme with connection of SIDH and ECDH is nowadays very popular. In hardware implementations it is convenient to use a classical key exchange algorithm, which is based on the same finite field as SIDH. Most frequently used hybrid scheme is SIDH-ECDH. On the other hand, using the same field as in SIDH, one can construct schemes over \Fpn, like Diffie-Hellman or XTR scheme, whose security is based on the discrete logarithm problem. In this paper, idea of such schemes will be presented. The security of schemes, which are based on the discrete logarithm problem over fields \Fp, \Fpd, \Fpc, \Fps and \Fpo, for primes used in SIDH, will be analyzed. At the end, the propositions of practical applications of these schemes will be presented
Efficient algorithms for pairing-based cryptosystems
We describe fast new algorithms to implement recent cryptosystems based on the Tate pairing. In particular, our techniques improve pairing evaluation speed by a factor of about 55 compared to previously known methods in characteristic 3, and attain performance comparable
to that of RSA in larger characteristics.We also propose faster algorithms for scalar multiplication in characteristic 3 and square root extraction
over Fpm, the latter technique being also useful in contexts other than that of pairing-based cryptography
An Improved Public Key Cryptography Based on the Elliiptic Curve
Elliptic curve cryptography offers two major benefits over RSA: more security
per bit, and a suitable key size for hardware and modern communication. Thus, this
results to smaller size of public key certificates, lower power requirements and
smaller hardware processors.
Three major approaches are used in this dissertation to enhance the elliptic curve
cryptsystems: reducing the number of the elliptic curve group arithmetic operations,
speeding up the underlying finite field operations and reducing the size of the
transited parameters. A new addition formula in the projective coordinate is
introduced, where the analysis for this formula shows that the number of
multiplications over the finite field is reduced to nine general field element
multiplications. Thus this reduction will speed up the computation of adding two
points on the elliptic curve by 11 percent. Moreover, the new formula can be used
more efficiently when it is combined with the suggested sparse elements algorithms. To speed up the underlying finite field operations, several new algorithms are
introduced namely: selecting random sparse elements algorithm, finding sparse base
points, sparse multiplication over polynomial basis, and sparse multiplication over
normal basis. The complexity analysis shows that whenever the sparse techniques
are used, the improvement rises to 33 percent compared to the standard projective
coordinate formula and improvement of 38 percent compared to affine coordinate. A
new algorithm to compress and decompress the sparse elements algorithms are
introduced to reduce the size of the transited parameters.
The enhancements are applied on three protocols and two applications. The
protocols are Diffie-Hellman, ELGamal and elliptic curve digital signature. In these
protocols the speed of encrypting, decrypting and signing the message are increased
by 23 to 38 percent. Meanwhile, the size of the public keys are reduced by 37 to 48
percent. The improved algorithms are applied to the on-line and off-line electronic
payments systems, which lead to probably the best solution to reduce the objects
size and enhance the performance in both systems
Point compression for the trace zero subgroup over a small degree extension field
Using Semaev's summation polynomials, we derive a new equation for the
-rational points of the trace zero variety of an elliptic curve
defined over . Using this equation, we produce an optimal-size
representation for such points. Our representation is compatible with scalar
multiplication. We give a point compression algorithm to compute the
representation and a decompression algorithm to recover the original point (up
to some small ambiguity). The algorithms are efficient for trace zero varieties
coming from small degree extension fields. We give explicit equations and
discuss in detail the practically relevant cases of cubic and quintic field
extensions.Comment: 23 pages, to appear in Designs, Codes and Cryptograph
XTR and Tori
At the turn of the century, 80-bit security was the standard. When considering discrete-log based cryptosystems, it could be achieved using either subgroups of 1024-bit finite fields or using (hyper)elliptic curves. The latter would allow more compact and efficient arithmetic, until Lenstra and Verheul invented XTR. Here XTR stands for \u27ECSTR\u27, itself an abbreviation for Efficient and Compact Subgroup Trace Representation. XTR exploits algebraic properties of the cyclotomic subgroup of sixth degree extension fields, allowing representation only a third of their regular size, making finite field DLP-based systems competitive with elliptic curve ones.
Subsequent developments, such as the move to 128-bit security and improvements in finite field DLP, rendered the original XTR and closely related torus-based cryptosystems no longer competitive with elliptic curves. Yet, some of the techniques related to XTR are still relevant for certain pairing-based cryptosystems. This chapter describes the past and the present of XTR and other methods for efficient and compact subgroup arithmetic
- …