Extracting bits from coordinates of a point of an elliptic curve
نویسنده
چکیده
In the classic Diffie-Hellman protocol based on a generic group G, Alice and Bob agree on a common secret KAB (master secret) which is indistinguishable from another element of G but not from a random bits-string of the same length. In this paper, we present a new deterministic method to extract bits from KAB when G is an elliptic curve defined over a quadratic extension of a finite field. In the last section, we show that it is also possible to extract a few bits when G is an elliptic curve defined over a prime field.
منابع مشابه
Efficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملCryptanalysis of the Dual Elliptic Curve Pseudorandom Generator
The Dual Elliptic Curve Pseudorandom Generator (DEC PRG) is proposed by Barker and Kelsey [2]. It is claimed (see Section 10.3.1 of [2]) that the pseudorandom generator is secure unless the adversary can solve the elliptic curve discrete logarithm problem (ECDLP) for the corresponding elliptic curve. The claim is supported only by an informal discussion. No security reduction is given, that is,...
متن کاملCryptanalyzing the Dual Elliptic Curve Pseudorandom Generator
The Dual Elliptic Curve Pseudorandom Generator (DEC PRG) is proposed by Barker and Kelsey [2]. It is claimed (see Section 10.3.1 of [2]) that the pseudorandom generator is secure unless the adversary can solve the elliptic curve discrete logarithm problem (ECDLP) for the corresponding elliptic curve. The claim is supported only by an informal discussion. No security reduction is given, that is,...
متن کاملCompact Representation of Elliptic Curve Points over F2n
finite fields, elliptic curves, cryptography A method is described to represent points on elliptic curves over F2n‚ in the context of elliptic curve cryptosystems‚ using n bits. The method allows for full recovery of the x and y components of the point. This improves on the naive representation using 2n bits and on a previously known compressed representation using n + 1 bits. Since n bits are ...
متن کاملCompact Representation of Elliptic Curve
A method is described to represent points on elliptic curves over F 2 n , in the context of elliptic curve cryptosystems, using n bits. The method allows for full recovery of the x and y components of the point. This improves on the naive representation using 2n bits, and on a previously known compressed representation using n + 1 bits. Since n bits are necessary to represent a point in the gen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2005 شماره
صفحات -
تاریخ انتشار 2005