How Secure Are Elliptic Curves over Composite Extension Fields?

نویسنده

  • Nigel P. Smart
چکیده

We compare the method of Weil descent for solving the ECDLP, over extensions fields of composite degree in characteristic two, against the standard method of parallelised Pollard rho. We give details of a theoretical and practical comparison and then use this to analyse the difficulty of actually solving the ECDLP for curves of the size needed in practical cryptographic systems. We show that composite degree extensions of degree divisible by four should be avoided. We also examine the elliptic curves proposed in the Oakley key determination protocol and show that with current technology they remain secure.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

On Efficient Pairings on Elliptic Curves over Extension Fields

In implementation of elliptic curve cryptography, three kinds of finite fields have been widely studied, i.e. prime field, binary field and optimal extension field. In pairing-based cryptography, however, pairingfriendly curves are usually chosen among ordinary curves over prime fields and supersingular curves over extension fields with small characteristics. In this paper, we study pairings on...

متن کامل

Cover and Decomposition Index Calculus on Elliptic Curves made practical. Application to a seemingly secure curve over Fp6

We present a new “cover and decomposition” attack on the elliptic curve discrete logarithm problem, that combines Weil descent and decomposition-based index calculus into a single discrete logarithm algorithm. This attack applies, at least theoretically, to all composite degree extension fields, and is particularly well-suited for curves defined over Fp6 . We give a real-size example of discret...

متن کامل

A Secure Family of Composite Finite Fields Suitable for Fast Implementation of Elliptic Curve Cryptography

In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F2 and on which arithmetic operations can be performed more quickly than on prime extensions of F2 of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F2N = Fhn . This approach leads to a theoretical computa...

متن کامل

An Extension of GHS Weil Descent Attack

The Weil descent attack, suggested by Frey, has been implemented by Gaudry, Hess and Smart (the so-called GHS attack), on elliptic curves over finite fields of characteristic two of composite degrees. The GHS attack has been extended by Galbraith to hyperelliptic curves of characteristic two. Recently, Diem presented a general treatment of GHS attack to hyperelliptic curves over finite fields o...

متن کامل

The discrete logarithm problem for elliptic curves over binary fields: analysis and experiments

Cryptographic applications play a significant role in secure and private communication of information. Secrecy and security in areas such as military intelligence are of paramount importance. Many of the modern day cryptographic algorithms are deemed to be secure, based on the intractability of the discrete logarithm problem over the elliptic curves defined in Galois fields. The purpose of this...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2001