scholarly journals The Equivalence between the DHP and DLP for Elliptic Curves Used in Practical Applications

2004 ◽  
Vol 7 ◽  
pp. 50-72 ◽  
Author(s):  
A. Muzereau ◽  
N. P. Smart ◽  
F. Vercauteren
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Precise Estimate ◽  
Practical Applications ◽  
Diffie Hellman ◽  
Exact Security

AbstractIn this paper, the authors re-examine the reduction of Maurer and Wolf of the discrete logarithm problem to the Diffie-Hellman problem. They give a precise estimate for the number of operations required in the reduction, and then use this to estimate the exact security of the elliptic curve variant of the Diffie-Hellman protocol for various elliptic curves defined in standards.

scholarly journals Improved lower bound for Diffie–Hellman problem using multiplicative group of a finite field as auxiliary group

2018 ◽  
Vol 12 (2) ◽  
pp. 101-118 ◽  
Author(s):  
Prabhat Kushwaha
Keyword(s):  
Lower Bound ◽  
Finite Field ◽  
Elliptic Curves ◽  
Multiplicative Group ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Reduction Algorithm ◽  
Practical Applications ◽  
Diffie Hellman ◽  
Estimate Lower

Abstract In 2004, Muzereau, Smart and Vercauteren [A. Muzereau, N. P. Smart and F. Vercauteren, The equivalence between the DHP and DLP for elliptic curves used in practical applications, LMS J. Comput. Math. 7 2004, 50–72] showed how to use a reduction algorithm of the discrete logarithm problem to Diffie–Hellman problem in order to estimate lower bound for the Diffie–Hellman problem on elliptic curves. They presented their estimates on various elliptic curves that are used in practical applications. In this paper, we show that a much tighter lower bound for the Diffie–Hellman problem on those curves can be achieved if one uses the multiplicative group of a finite field as auxiliary group. The improved lower bound estimates of the Diffie–Hellman problem on those recommended curves are also presented. Moreover, we have also extended our idea by presenting similar estimates of DHP on some more recommended curves which were not covered before. These estimates of DHP on these curves are currently the tightest which lead us towards the equivalence of the Diffie–Hellman problem and the discrete logarithm problem on these recommended elliptic curves.

Problems in Cryptography and Cryptanalysis

2018 ◽  
pp. 23-39
Author(s):  
Kannan Balasubramanian ◽  
Rajakani M.
Keyword(s):  
Elliptic Curve ◽  
Optimization Problems ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Random Number Generators ◽  
Factorization Problem ◽  
Diffie Hellman ◽  
Integer Factorization Problem ◽  
Diffie Hellman Key Exchange ◽  
Membership Problems

The integer factorization problem used in the RSA cryptosystem, the discrete logarithm problem used in Diffie-Hellman Key Exchange protocol and the Elliptic Curve Discrete Logarithm problem used in Elliptic Curve Cryptography are traditionally considered the difficult problems and used extensively in the design of cryptographic algorithms. We provide a number of other computationally difficult problems in the areas of Cryptography and Cryptanalysis. A class of problems called the Search problems, Group membership problems, and the Discrete Optimization problems are examples of such problems. A number of computationally difficult problems in Cryptanalysis have also been identified including the Cryptanalysis of Block ciphers, Pseudo-Random Number Generators and Hash functions.

scholarly journals Generalising the GHS Attack on the Elliptic Curve Discrete Logarithm Problem

2004 ◽  
Vol 7 ◽  
pp. 167-192 ◽  
Author(s):  
F. Hess
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Characteristic Polynomial ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Weil Descent

AbstractThe Weil descent construction of the GHS attack on the elliptic curve discrete logarithm problem (ECDLP) is generalised in this paper, to arbitrary Artin-Schreier extensions. A formula is given for the characteristic polynomial of Frobenius for the curves thus obtained, as well as a proof that the large cyclic factor of the input elliptic curve is not contained in the kernel of the composition of the conorm and norm maps. As an application, the number of elliptic curves that succumb to the basic GHS attack is considerably increased, thereby further weakening curves over GF2155.Other possible extensions or variations of the GHS attack are discussed, leading to the conclusion that they are unlikely to yield further improvements.

scholarly journals Analysis of the GHS Weil Descent Attack on the ECDLP over Characteristic Two Finite Fields of Composite Degree

2002 ◽  
Vol 5 ◽  
pp. 127-174 ◽  
Author(s):  
Markus Maurer ◽  
Alfred Menezes ◽  
Edlyn Teske
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Finite Fields ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Signature Scheme ◽  
Extension Degree ◽  
Characteristic Two ◽  
Weil Descent

AbstractIn this paper, the authors analyze the Gaudry-Hess-Smart (GHS) Weil descent attack on the elliptic curve discrete logarithm problem (ECDLP) for elliptic curves defined over characteristic two finite fields of composite extension degree. For each such field F2N, where N is in [100,600], elliptic curve parameters are identified such that: (i) there should exist a cryptographically interesting elliptic curve E over F2N with these parameters; and (ii) the GHS attack is more efficient for solving the ECDLP in E(F2N) than for solving the ECDLP on any other cryptographically interesting elliptic curve over F2N. The feasibility of the GHS attack on the specific elliptic curves is examined over F2176, F2208, F2272, F2304 and F2368, which are provided as examples in the ANSI X9.62 standard for the elliptic curve signature scheme ECDSA. Finally, several concrete instances are provided of the ECDLP over F2N, N composite, of increasing difficulty; these resist all previously known attacks, but are within reach of the GHS attack.

scholarly journals On the discrete logarithm problem in elliptic curves

2010 ◽  
Vol 147 (1) ◽  
pp. 75-104 ◽  
Author(s):  
Claus Diem
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Finite Extension ◽  
Discrete Logarithm Problem ◽  
Natural Numbers ◽  
Expected Time

AbstractWe study the elliptic curve discrete logarithm problem over finite extension fields. We show that for any sequences of prime powers (qi)i∈ℕand natural numbers (ni)i∈ℕwithni⟶∞andni/log (qi)⟶0 fori⟶∞, the elliptic curve discrete logarithm problem restricted to curves over the fields 𝔽qniican be solved in subexponential expected time (qnii)o(1). We also show that there exists a sequence of prime powers (qi)i∈ℕsuch that the problem restricted to curves over 𝔽qican be solved in an expected time ofe𝒪(log (qi)2/3).

scholarly journals Operations of Points on Elliptic Curve in Affine Coordinates

2019 ◽  
Vol 27 (3) ◽  
pp. 315-320
Author(s):  
Yuichi Futa ◽  
Hiroyuki Okazaki ◽  
Yasunari Shidama
Keyword(s):  
Information Security ◽  
Elliptic Curve ◽  
Elliptic Curves ◽  
Elliptic Curve Cryptography ◽  
Binary Operation ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem

Summary In this article, we formalize in Mizar [1], [2] a binary operation of points on an elliptic curve over GF(p) in affine coordinates. We show that the operation is unital, complementable and commutative. Elliptic curve cryptography [3], whose security is based on a difficulty of discrete logarithm problem of elliptic curves, is important for information security.

scholarly journals Operations of Points on Elliptic Curve in Projective Coordinates

2012 ◽  
Vol 20 (1) ◽  
pp. 87-95
Author(s):  
Yuichi Futa ◽  
Hiroyuki Okazaki ◽  
Daichi Mizushima ◽  
Yasunari Shidama
Keyword(s):  
Information Security ◽  
Elliptic Curve ◽  
Elliptic Curves ◽  
Elliptic Curve Cryptography ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Binary Operations

Operations of Points on Elliptic Curve in Projective Coordinates In this article, we formalize operations of points on an elliptic curve over GF(p). Elliptic curve cryptography [7], whose security is based on a difficulty of discrete logarithm problem of elliptic curves, is important for information security. We prove that the two operations of points: compellProjCo and addellProjCo are unary and binary operations of a point over the elliptic curve.

An O(m^2)-depth quantum algorithm for the elliptic curve discrete logarithm problem over GF(2^m)

2009 ◽  
Vol 9 (7&8) ◽  
pp. 610-621
Author(s):  
D. Maslov ◽  
J. Mathew ◽  
D. Cheung ◽  
D.K. Pradhan
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curves ◽  
Finite Fields ◽  
Nearest Neighbor ◽  
Discrete Logarithm ◽  
Quantum Algorithm ◽  
Polynomial Time Algorithm ◽  
Time Algorithm ◽  
Discrete Logarithm Problem ◽  
Quantum Polynomial

We consider a quantum polynomial-time algorithm which solves the discrete logarithm problem for points on elliptic curves over $GF(2^m)$. We improve over earlier algorithms by constructing an efficient circuit for multiplying elements of binary finite fields and by representing elliptic curve points using a technique based on projective coordinates. The depth of our proposed implementation, executable in the Linear Nearest Neighbor (LNN) architecture, is $O(m^2)$, which is an improvement over the previous bound of $O(m^3)$ derived assuming no architectural restrictions.

Problems in Cryptography and Cryptanalysis

2021 ◽  
pp. 837-853
Author(s):  
Kannan Balasubramanian ◽  
Rajakani M.
Keyword(s):  
Elliptic Curve ◽  
Optimization Problems ◽  
Discrete Logarithm ◽  
Discrete Logarithm Problem ◽  
Random Number Generators ◽  
Factorization Problem ◽  
Diffie Hellman ◽  
Integer Factorization Problem ◽  
Diffie Hellman Key Exchange ◽  
Membership Problems

The integer factorization problem used in the RSA cryptosystem, the discrete logarithm problem used in Diffie-Hellman Key Exchange protocol and the Elliptic Curve Discrete Logarithm problem used in Elliptic Curve Cryptography are traditionally considered the difficult problems and used extensively in the design of cryptographic algorithms. We provide a number of other computationally difficult problems in the areas of Cryptography and Cryptanalysis. A class of problems called the Search problems, Group membership problems, and the Discrete Optimization problems are examples of such problems. A number of computationally difficult problems in Cryptanalysis have also been identified including the Cryptanalysis of Block ciphers, Pseudo-Random Number Generators and Hash functions.

Sign in / Sign up

Export Citation Format

Share Document