Characterization of Elliptic Curve Traces under FR-Reduction
نویسندگان
چکیده
Elliptic curve cryptosystems([19, 25]) are based on the elliptic curve discrete logarithm problem(ECDLP). If elliptic curve cryptosystems avoid FR-reduction([11, 17]) and anomalous elliptic curve over Fq ([34, 3, 36]), then with current knowledge we can construct elliptic curve cryptosystems over a smaller de nition eld. ECDLP has an interesting property that the security deeply depends on elliptic curve traces rather than de nition elds, which does not occur in the case of the discrete logarithm problem(DLP). Therefore it is important to characterize elliptic curve traces explicitly from the security point of view. As for FR-reduction, supersingular elliptic curves or elliptic curve E=Fq with trace 2 have been reported to be vulnerable. However unfortunately these have been only results that characterize elliptic curve traces explicitly for FRor MOV-reductions. More importantly, the secure trace against FRreduction has not been reported at all. Elliptic curves with the secure trace means that the reduced extension degree is always higher than a certain level. In this paper, we aim at characterizing elliptic curve traces by FRreduction and investigate explicit conditions of traces vulnerable or secure against FR-reduction. We show new explicit conditions of elliptic curve traces for FR-reduction. We also present algorithms to construct such elliptic curves, which have relation to famous number theory problems. key words: elliptic curve cryptosystems, trace, FR-reduction, number theory
منابع مشابه
New explicit conditions of elliptic curve traces for FR-reduction
Elliptic curve cryptosystems([19],[25]) are based on the elliptic curve discrete logarithm problem(ECDLP). If elliptic curve cryptosystems avoid FRreduction([11],[17]) and anomalous elliptic curve over Fq ([3], [33], [35]), then with current knowledge we can construct elliptic curve cryptosystems over a smaller definition field. ECDLP has an interesting property that the security deeply depends...
متن کاملComplete characterization of the Mordell-Weil group of some families of elliptic curves
The Mordell-Weil theorem states that the group of rational points on an elliptic curve over the rational numbers is a finitely generated abelian group. In our previous paper, H. Daghigh, and S. Didari, On the elliptic curves of the form $ y^2=x^3-3px$, Bull. Iranian Math. Soc. 40 (2014), no. 5, 1119--1133., using Selmer groups, we have shown that for a prime $p...
متن کاملRemarks on Elliptic Curve Discrete Logarithm Problems
The MOV and FR algorithms, which are representative attacks on elliptic curve cryptosystems, reduce the elliptic curve discrete logarithm problem (ECDLP) to the discrete logarithm problem in a finite field. This paper studies these algorithms and introduces the following three results. First, we show an explicit condition under which the MOV algorithm can be applied to non-supersingular ellipti...
متن کاملComparing the MOV and FR Reductions in Elliptic Curve Cryptography
This paper addresses the discrete logarithm problem in elliptic curve cryptography. In particular, we generalize the Menezes, Okamoto, and Vanstone (MOV) reduction so that it can be applied to some non-supersingular elliptic curves (ECs); decrypt Frey and Rück (FR)’s idea to describe the detail of the FR reduction and to implement it for actual elliptic curves with finite fields on a practical ...
متن کامل/ 93 12 05 7 v 1 8 D ec 1 99 3 Difference equations with elliptic coefficients and quantum affine algebras
Introduction The purpose of this paper is to introduce and study a q-analogue of the holo-nomic system of differential equations associated to the Belavin's classical r-matrix (elliptic r-matrix equations), or, equivalently, to define an elliptic deformation of the quantum Knizhnik-Zamolodchikov equations invented by Frenkel and Reshetikhin [FR]. In [E], it was shown that solutions of the ellip...
متن کامل