8 research outputs found
Improved Fault Attack Against Eta Pairing
Abstract In recent years, an increasing number of cryptographic protocols based on bilinear pairings have been developed. With the enhancement of implementation efficiency, the algorithms of pairings are usually embedded in identity aware devices such as smartcards. Although many fault attacks and countermeasures for public key and elliptic curve cryptographic systems are known, the security of pairing based cryptography against the fault attacks has not been studied extensively. In this paper, we present an improved fault attack against the Eta pairing and generalize the attack to general loop iteration. We show that whatever the position of the secret point is, it can be recovered through solving the non-linear system obtained after the fault attack
Research on Attacking a Special Elliptic Curve Discrete Logarithm Problem
Cheon first proposed a novel algorithm for solving discrete logarithm problem with auxiliary inputs. Given some points P,αP,α2P,…,αdP∈G, an attacker can solve the secret key efficiently. In this paper, we propose a new algorithm to solve another form of elliptic curve discrete logarithm problem with auxiliary inputs. We show that if some points P,αP,αkP,αk2P,αk3P,…,αkφ(d)-1P∈G and a multiplicative cyclic group K=〈k〉 are given, where d is a prime, φ(d) is the order of K. The secret key α∈Fp⁎ can be solved in O((p-1)/d+d) group operations by using O((p-1)/d) storage
a Special Elliptic Curve Discrete Logarithm Problem
Cheon first proposed a novel algorithm for solving discrete logarithm problem with auxiliary inputs. Given some points , , 2 , . . . , ∈ G, an attacker can solve the secret key efficiently. In this paper, we propose a new algorithm to solve another form of elliptic curve discrete logarithm problem with auxiliary inputs. We show that if some points , , , 2 , 3 , . . . , ∈ G and a multiplicative cyclic group = ⟨ ⟩ are given, where is a prime, ( ) is the order of . The secret key ∈ F * can be solved in O(√( − 1)/ + ) group operations by using O(√( − 1)/ ) storage