In this paper we give an introduction to elliptic curve public key cryptosystems. We explain how the discrete logarithm in an elliptic curve group can be used to construct cryptosystems. We also focus on practical aspects such as implementation, standardization and intellectual property.

In this paper, we propose a new method for fault tolerant computation over GF (2) for use in public key cryptosystems. In particular, we are concerned with the active side channel attacks, i.e., fault attacks. We define a larger ring in which new computation is performed with encoded elements while arithmetic structure is preserved. Computation is decomposed into parallel, mutually independent,...

We analyze and critique the public-key cryptosystem, based on combinatorial group theory, that was proposed by Wagner and Magyarik in 1984. This idea is actually not based on the word problem but on another, generally easier, premise problem. Moreover, the idea of the Wagner-Magyarik system is vague, and it is difficult to find a secure realization of this idea. We describe a public-key cryptos...

The traditional way of creating secret codes (used in various degrees of sophistication for centuries) is that both the sender and the receiver share a secret, called a key. The sender scrambles the message in a complicated way that depends on the key. The receiver then uses the key to unscramble the message. If these codes are constructed properly (something which is surprisingly hard to do), ...

A generator-based design and validation methodology for rapid prototyping of elliptic curve public-key cryptosystem hardware is described. By their very nature, crypto systems challenge both design and validation. Pure RTL-based synthesis is as unsuitable as is high-level synthesis. Instead, a generator program accepts the two main parameters, key size and multiplier radix, and creates a highly...

We demonstrate that the public key cryptosystems using the modular group suggested in [4,5] are vulnerable to very simple ciphertextonly attacks. Consequently, in the present form both of these systems cannot be considered as sufficiently secure for cryptographic purposes.

In this paper we introduce two notions of security: multi-user indistinguishability and multi-user non-malleability. We believe that they encompass the correct requirements for public key encryption schemes in the context of multicast communications. A precise and non-trivial analysis proves that they are equivalent to the former single-user notions, provided the number of participants is polyn...

Almost all of the current public-key cryptosystems (PKCs) are based on number theory, such as the integer factoring problem and the discrete logarithm problem (which will be solved in polynomial-time after the emergence of quantum computers). While the McEliece PKC is based on another theory, i.e. coding theory, it is vulnerable against several practical attacks. In this paper, we carefully rev...

The application of sparse polynomials in cryptography has been studied recently. A public key encryption scheme EnRoot [4] and an identification scheme SPIFI [1] based on sparse polynomials were proposed. In this paper, we show that both of them are insecure. The designers of SPIFI proposed the modified SPIFI [2] after Schnorr pointed out some weakness in its initial version. Unfortunately, the...

We construct public-key cryptosystems that are secure assuming the worst-case hardness of approximating the length of a shortest nonzero vector in an n-dimensional lattice to within a small poly(n) factor. Prior cryptosystems with worst-case connections were based either on the shortest vector problem for a special class of lattices (Ajtai and Dwork, STOC 1997; Regev, J. ACM 2004), or on the co...