5 research outputs found
Bitcoin Security with a Twisted Edwards Curve
International audienceThe security of the Bitcoin cryptocurrency system depends on the Koblitz curve secp256k1 combined with the digital signature ECDSA and the hash function SHA-256. In this paper, we show that the security of Bitcoin with ECDSA and secp256k1 is not optimal and present a detailed study of the efficiency of Bitcoin with the digital signature algorithm Ed25519 combined with the twisted Edwards curve CurveEd25519 and the hash function SHA-512. We show that Bitcoin is more secure and more efficient with the digital signature algorithm Ed25519 and the twisted Edwards curve CurveEd25519. Subject Classifications: 94A6
Bitcoin Security with Post Quantum Cryptography
International audienceIn a future quantum world with a large quantum computer, the security of the digital signatures used for Bitcoin transactions will be broken by Shor's algorithm. Bitcoin has to switch to post-quantum cryptography. In this paper, we show that the post quantum signatures based on LWE and ring LWE are the most promising to use in the presence of large quantum computers running Shor's algorithm
Bitcoin Security with a Twisted Edwards Curve
International audienceThe security of the Bitcoin cryptocurrency system depends on the Koblitz curve secp256k1 combined with the digital signature ECDSA and the hash function SHA-256. In this paper, we show that the security of Bitcoin with ECDSA and secp256k1 is not optimal and present a detailed study of the efficiency of Bitcoin with the digital signature algorithm Ed25519 combined with the twisted Edwards curve CurveEd25519 and the hash function SHA-512. We show that Bitcoin is more secure and more efficient with the digital signature algorithm Ed25519 and the twisted Edwards curve CurveEd25519. Subject Classifications: 94A6
Cryptanalysis of RSA Variants with Primes Sharing Most Significant Bits
International audienceWe consider four variants of the RSA cryptosystem with an RSA modulus N = pq where the public exponent e and the private exponent d satisfy an equation of the form ed − k (p^2 − 1)( q^2 − 1 )= 1. We show that, if the prime numbers p and q share most significant bits, that is, if the prime difference |p − q| is sufficiently small, then one can solve the equation for larger values of d, and factor the RSA modulus, which makes the systems insecure
Cryptanalysis of RSA Variants with Primes Sharing Most Significant Bits
We consider four variants of the RSA cryptosystem with an RSA modulus N= pq where the public exponent e and the private exponent d satisfy an equation of the form ed- k(p2- 1 ) (q2- 1 ) = 1. We show that, if the prime numbers p and q share most significant bits, that is, if the prime difference | p- q| is sufficiently small, then one can solve the equation for larger values of d, and factor the RSA modulus, which makes the systems insecure