scholarly journals On the discrete logarithm problem for prime-field elliptic curves

2018 ◽  
Vol 51 ◽  
pp. 168-182 ◽  
Author(s):  
Alessandro Amadori ◽  
Federico Pintore ◽  
Massimiliano Sala
Keyword(s):  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Prime Field

scholarly journals Improved lower bound for Diffie–Hellman problem using multiplicative group of a finite field as auxiliary group

2018 ◽  
Vol 12 (2) ◽  
pp. 101-118 ◽  
Author(s):  
Prabhat Kushwaha
Keyword(s):  
Lower Bound ◽  
Finite Field ◽  
Elliptic Curves ◽  
Multiplicative Group ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Reduction Algorithm ◽  
Practical Applications ◽  
Diffie Hellman ◽  
Estimate Lower

Abstract In 2004, Muzereau, Smart and Vercauteren [A. Muzereau, N. P. Smart and F. Vercauteren, The equivalence between the DHP and DLP for elliptic curves used in practical applications, LMS J. Comput. Math. 7 2004, 50–72] showed how to use a reduction algorithm of the discrete logarithm problem to Diffie–Hellman problem in order to estimate lower bound for the Diffie–Hellman problem on elliptic curves. They presented their estimates on various elliptic curves that are used in practical applications. In this paper, we show that a much tighter lower bound for the Diffie–Hellman problem on those curves can be achieved if one uses the multiplicative group of a finite field as auxiliary group. The improved lower bound estimates of the Diffie–Hellman problem on those recommended curves are also presented. Moreover, we have also extended our idea by presenting similar estimates of DHP on some more recommended curves which were not covered before. These estimates of DHP on these curves are currently the tightest which lead us towards the equivalence of the Diffie–Hellman problem and the discrete logarithm problem on these recommended elliptic curves.

scholarly journals Generalising the GHS Attack on the Elliptic Curve Discrete Logarithm Problem

2004 ◽  
Vol 7 ◽  
pp. 167-192 ◽  
Author(s):  
F. Hess
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Characteristic Polynomial ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Weil Descent

AbstractThe Weil descent construction of the GHS attack on the elliptic curve discrete logarithm problem (ECDLP) is generalised in this paper, to arbitrary Artin-Schreier extensions. A formula is given for the characteristic polynomial of Frobenius for the curves thus obtained, as well as a proof that the large cyclic factor of the input elliptic curve is not contained in the kernel of the composition of the conorm and norm maps. As an application, the number of elliptic curves that succumb to the basic GHS attack is considerably increased, thereby further weakening curves over GF2155.Other possible extensions or variations of the GHS attack are discussed, leading to the conclusion that they are unlikely to yield further improvements.

scholarly journals Analysis of the GHS Weil Descent Attack on the ECDLP over Characteristic Two Finite Fields of Composite Degree

2002 ◽  
Vol 5 ◽  
pp. 127-174 ◽  
Author(s):  
Markus Maurer ◽  
Alfred Menezes ◽  
Edlyn Teske
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Finite Fields ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Signature Scheme ◽  
Extension Degree ◽  
Characteristic Two ◽  
Weil Descent

AbstractIn this paper, the authors analyze the Gaudry-Hess-Smart (GHS) Weil descent attack on the elliptic curve discrete logarithm problem (ECDLP) for elliptic curves defined over characteristic two finite fields of composite extension degree. For each such field F2N, where N is in [100,600], elliptic curve parameters are identified such that: (i) there should exist a cryptographically interesting elliptic curve E over F2N with these parameters; and (ii) the GHS attack is more efficient for solving the ECDLP in E(F2N) than for solving the ECDLP on any other cryptographically interesting elliptic curve over F2N. The feasibility of the GHS attack on the specific elliptic curves is examined over F2176, F2208, F2272, F2304 and F2368, which are provided as examples in the ANSI X9.62 standard for the elliptic curve signature scheme ECDSA. Finally, several concrete instances are provided of the ECDLP over F2N, N composite, of increasing difficulty; these resist all previously known attacks, but are within reach of the GHS attack.

Blind Signature Based on Discrete Logarithm Type Cryptosystem

2011 ◽  
Vol 204-210 ◽  
pp. 1318-1321
Author(s):  
Xuan Wu Zhou ◽  
Yan Fu
Keyword(s):  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Blind Signature ◽  
Discrete Logarithm Problem ◽  
Public Key ◽  
Security Level ◽  
Signature Schemes ◽  
Public Key Cryptosystems ◽  
Trapdoor Function ◽  
Asymmetric Cryptosystem

Discrete logarithm problem is an important trapdoor function to design asymmetric cryptosystem, and some fast public key cryptosystems have been designed based on it. In the paper, we introduced fast asymmetric cryptosystem into the designing and analyzing of blind signature, and presented improved blind signature schemes based on ECC (Elliptic Curves Cryptosystem). The trapdoor function of the blind signatures is based on ECDLP (Elliptic Curves Discrete Logarithm Problem), and the algorithms of the scheme make full use of the superiority of ECC, such as high efficiency and short key length. The improved blind signature schemes can achieve the same security level with less storing space, smaller communication band-width and less overheads regarding software and hardware application. Furthermore, the algorithms in the schemes can be generalized into other public key cryptosystems based on discrete logarithm problem without any influence to efficiency or security.

scholarly journals On the discrete logarithm problem in elliptic curves

2010 ◽  
Vol 147 (1) ◽  
pp. 75-104 ◽  
Author(s):  
Claus Diem
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Finite Extension ◽  
Discrete Logarithm Problem ◽  
Natural Numbers ◽  
Expected Time

AbstractWe study the elliptic curve discrete logarithm problem over finite extension fields. We show that for any sequences of prime powers (qi)i∈ℕand natural numbers (ni)i∈ℕwithni⟶∞andni/log (qi)⟶0 fori⟶∞, the elliptic curve discrete logarithm problem restricted to curves over the fields 𝔽qniican be solved in subexponential expected time (qnii)o(1). We also show that there exists a sequence of prime powers (qi)i∈ℕsuch that the problem restricted to curves over 𝔽qican be solved in an expected time ofe𝒪(log (qi)2/3).

scholarly journals Operations of Points on Elliptic Curve in Affine Coordinates

2019 ◽  
Vol 27 (3) ◽  
pp. 315-320
Author(s):  
Yuichi Futa ◽  
Hiroyuki Okazaki ◽  
Yasunari Shidama
Keyword(s):  
Information Security ◽  
Elliptic Curve ◽  
Elliptic Curves ◽  
Elliptic Curve Cryptography ◽  
Binary Operation ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem

Summary In this article, we formalize in Mizar [1], [2] a binary operation of points on an elliptic curve over GF(p) in affine coordinates. We show that the operation is unital, complementable and commutative. Elliptic curve cryptography [3], whose security is based on a difficulty of discrete logarithm problem of elliptic curves, is important for information security.

scholarly journals A quantum circuit to find discrete logarithms on ordinary binary elliptic curves in depth O(log^2n)

2014 ◽  
Vol 14 (9&10) ◽  
pp. 888-900
Author(s):  
Martin Rotteler ◽  
Rainer Steinwandt
Keyword(s):  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Quantum Circuit ◽  
Discrete Logarithm Problem ◽  
Quantum Circuits ◽  
Discrete Logarithms ◽  
Shor's Algorithm

Improving over an earlier construction by Kaye and Zalka \cite{KaZa04}, in \cite{MMCP09b} Maslov et al. describe an implementation of Shor's algorithm, which can solve the discrete logarithm problem on ordinary binary elliptic curves in quadratic depth $\bigO(n^2)$. In this paper we show that discrete logarithms on such curves can be found with a quantum circuit of depth $\bigO(\log^2n)$. As technical tools we introduce quantum circuits for ${\mathbb F}_{2^n}$-multiplication in depth $\bigO(\log n)$ and for ${\mathbb F}_{2^n}$-inversion in depth $\bigO(\log^2 n)$.

Sign in / Sign up

Export Citation Format

Share Document