Cover and Decomposition Index Calculus on Elliptic Curves Made Practical - Application to a Previously Unreachable Curve over $\mathbb{F}_{p^6}$
نویسندگان
چکیده
We present a new “cover and decomposition” attack on the elliptic curve discrete logarithm problem, that combines Weil descent and decomposition-based index calculus into a single discrete logarithm algorithm. This attack applies, at least theoretically, to all composite degree extension fields, and is particularly well-suited for curves defined over Fp6 . We give a real-size example of discrete logarithm computations on a curve over a 151-bit degree 6 extension field, which would not have been practically attackable using previously known algorithms.
منابع مشابه
Cover and Decomposition Index Calculus on Elliptic Curves made practical. Application to a seemingly secure curve over Fp6
We present a new “cover and decomposition” attack on the elliptic curve discrete logarithm problem, that combines Weil descent and decomposition-based index calculus into a single discrete logarithm algorithm. This attack applies, at least theoretically, to all composite degree extension fields, and is particularly well-suited for curves defined over Fp6 . We give a real-size example of discret...
متن کاملEfficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملGeneralized Jacobian and Discrete Logarithm Problem on Elliptic Curves
Let E be an elliptic curve over the finite field F_{q}, P a point in E(F_{q}) of order n, and Q a point in the group generated by P. The discrete logarithm problem on E is to find the number k such that Q = kP. In this paper we reduce the discrete logarithm problem on E[n] to the discrete logarithm on the group F*_{q} , the multiplicative group of nonzero elements of Fq, in the case where n | q...
متن کاملComplete characterization of the Mordell-Weil group of some families of elliptic curves
The Mordell-Weil theorem states that the group of rational points on an elliptic curve over the rational numbers is a finitely generated abelian group. In our previous paper, H. Daghigh, and S. Didari, On the elliptic curves of the form $ y^2=x^3-3px$, Bull. Iranian Math. Soc. 40 (2014), no. 5, 1119--1133., using Selmer groups, we have shown that for a prime $p...
متن کاملElliptic curves with weak coverings over cubic extensions of finite fields with odd characteristic
In this paper, we present a classification of elliptic curves defined over a cubic extension of a finite field with odd characteristic which have coverings over the finite field therefore subjected to the GHS attack. The densities of these weak curves, with hyperelliptic and non-hyperelliptic coverings, are then analyzed respectively. In particular, we show, for elliptic curves defined by Legen...
متن کامل