Finding Secure Curves with the Satoh-FGH Algorithm and an Early-Abort Strategy
نویسندگان
چکیده
The use of elliptic curves in cryptography relies on the ability to count the number of points on a given curve. Before 1999, the SEA algorithm was the only efficient method known for random curves. Then Satoh proposed a new algorithm based on the canonical p-adic lift of the curve for p ≥ 5. In an earlier paper, the authors extended Satoh’s method to the case of characteristics two and three. This paper presents an implementation of the Satoh-FGH algorithm and its application to the problem of finding curves suitable for cryptography. By combining SatohFGH and an early-abort strategy based on SEA, we are able to find secure random curves in characteristic two in much less time than previously reported. In particular we can generate curves widely considered to be as secure as RSA-1024 in less than one minute each on a fast workstation.
منابع مشابه
AN ALGORITHM FOR FINDING THE EIGENPAIRS OF A SYMMETRIC MATRIX
The purpose of this paper is to show that ideas and techniques of the homotopy continuation method can be used to find the complete set of eigenpairs of a symmetric matrix. The homotopy defined by Chow, Mallet- Paret and York [I] may be used to solve this problem with 2""-n curves diverging to infinity which for large n causes a great inefficiency. M. Chu 121 introduced a homotopy equation...
متن کاملDegree Reduction of Disk Wang-Bézier Type Generalized Ball Curves
A disk Wang-Bézier type generalized Ball curve is a Wang-Bézier type generalized Ball curve whose control points are disks in a plane. It can be viewed as a parametric curve with error tolerances. In this paper, we discuss the problem of degree reduction of disk Wang-Bézier type generalized Ball curve, that is, bounding disk Wang-Bézier type generalized Ball curves with lower degree disk Wa...
متن کاملSecurity of an Identity-Based Cryptosystem and the Related Reductions
Recently an efficient solution to the discrete logarithm problem on elliptic curves over F, with p points ( p : prime), so-called anornalous curues, was independently discovered by Semaev [14], Smart [17], and Satoh and Araki [12]. Since the solution is very efficient, i.e., 0 ( l p l 3 ) , the Semaev-Smart-Satoh-Araki (SSSA) algorithm implies the possibility of realizing a trapdoor for the dis...
متن کاملJoint inversion of ReMi dispersion curves and refraction travel times using particle swarm optimization algorithm
Shear-wave velocity ( ) is an important parameter used for site characterization in geotechnical engineering. However, dispersion curve inversion is challenging for most inversion methods due to its high non-linearity and mix-determined trait. In order to overcome these problems, in this study, a joint inversion strategy is proposed based on the particle swarm optimization (PSO) algorithm. The ...
متن کاملDegree Reduction of Disk Wang-Bézier Type Generalized Ball Curves
A disk Wang-Bézier type generalized Ball curve is a Wang-Bézier type generalized Ball curve whose control points are disks in a plane. It can be viewed as a parametric curve with error tolerances. In this paper, we discuss the problem of degree reduction of disk Wang-Bézier type generalized Ball curve, that is, bounding disk Wang-Bézier type generalized Ball curves with lower degree disk Wa...
متن کامل