Generating pairing-friendly elliptic curve parameters using sparse families

Abstract The majority of methods for constructing pairing-friendly elliptic curves are based on representing the curve parameters as polynomial families. There are three such types, namely complete, complete with variable discriminant and sparse families. In this paper, we present a method for constructing sparse families and produce examples of this type that have not previously appeared in the literature, for various embedding degrees. We provide numerical examples obtained by these sparse families, considering for the first time the effect of the recent progress on the tower number field sieve (TNFS) method for solving the discrete logarithm problem (DLP) in finite field extensions of composite degree.

Download Full-text

Elliptic curves over the ring R

Boletim da Sociedade Paranaense de Matemática ◽

10.5269/bspm.v38i3.39868 ◽

2019 ◽

Vol 38 (3) ◽

pp. 193-201 ◽

Cited By ~ 1

Author(s):

A. Boulbot ◽

Abdelhakim Chillali ◽

A. Mouhib

Keyword(s):

Finite Field ◽

Elliptic Curve ◽

Elliptic Curves ◽

Prime Number ◽

Canonical Projection ◽

First Time ◽

Weierstrass Equation

Let Fq be a ﬁnite ﬁeld of q elements, where q is a power of a prime number p greater than or equal to 5. In this paper, we study the elliptic curve denoted Ea,b(Fq[e]) over the ring Fq[e], where e2 = e and (a,b) ∈ (Fq[e])2. In a ﬁrst time, we study the arithmetic of this ring. In addition, using the Weierstrass equation, we deﬁne the elliptic curve Ea,b(Fq[e]) and we will show that Eπ0(a),π0(b)(Fq) and Eπ1(a),π1(b)(Fq) are two elliptic curves over the ﬁeld Fq, where π0 and π1 are respectively the canonical projection and the sum projection of coordinates of X ∈Fq[e]. Precisely, we give a bijection between the sets Ea,b(Fq[e]) and Eπ0(a),π0(b)(Fq)×Eπ1(a),π1(b)(Fq).

Download Full-text

The Order of Edwards and Montgomery Curves

WSEAS TRANSACTIONS ON MATHEMATICS ◽

10.37394/23206.2020.19.25 ◽

2020 ◽

Vol 19 ◽

Keyword(s):

Finite Field ◽

Elliptic Curve ◽

Elliptic Curves ◽

Digital Signature ◽

Discrete Logarithm ◽

Log P ◽

Edwards Curves ◽

Digital Signature Algorithm ◽

Supersingular Curves ◽

Edwards Curve

The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the Digital Signature Algorithm (DSA) [2]. It is well known that the problem of discrete logarithm is NP-hard on group on elliptic curve (EC) [5]. The orders of groups of an algebraic affine and projective curves of Edwards [3, 9] over the finite field Fpn is studied by us. We research Edwards algebraic curves over a finite field, which are one of the most promising supports of sets of points which are used for fast group operations [1]. We construct a new method for counting the order of an Edwards curve [F ] d p E over a finite field Fp . It should be noted that this method can be applied to the order of elliptic curves due to the birational equivalence between elliptic curves and Edwards curves. The method we have proposed has much less complexity 22 O p log p at not large values p in comparison with the best Schoof basic algorithm with complexity 8 2 O(log pn ) , as well as a variant of the Schoof algorithm that uses fast arithmetic, which has complexity 42O(log pn ) , but works only for Elkis or Atkin primes. We not only find a specific set of coefficients with corresponding field characteristics for which these curves are supersingular, but we additionally find a general formula by which one can determine whether a curve [F ] d p E is supersingular over this field or not. The symmetric of the Edwards curve form and the parity of all degrees made it possible to represent the shape curves and apply the method of calculating the residual coincidences. A birational isomorphism between the Montgomery curve and the Edwards curve is also constructed. A oneto- one correspondence between the Edwards supersingular curves and Montgomery supersingular curves is established. The criterion of supersingularity for Edwards curves is found over F pn .

Download Full-text

PERSPECTIVES OF ELLIPTICAL CRYPTOGRAPHY TO ENSURE THE INTEGRITY AND CONFIDENTIALITY OF INFORMATION

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-2-23-26 ◽

2019 ◽

Author(s):

Anna ILYENKO ◽

Sergii ILYENKO ◽

Yana MASUR

Keyword(s):

Information Systems ◽

Elliptic Curve ◽

Elliptic Curves ◽

Finite Fields ◽

Computational Efficiency ◽

Digital Signature ◽

Discrete Logarithm ◽

Algebraic Groups ◽

Schnorr Signature ◽

Stability Of Algorithms

In this article, the main problems underlying the current asymmetric crypto algorithms for the formation and verification of electronic-digital signature are considered: problems of factorization of large integers and problems of discrete logarithm. It is noted that for the second problem, it is possible to use algebraic groups of points other than finite fields. The group of points of the elliptical curve, which satisfies all set requirements, looked attractive on this side. Aspects of the application of elliptic curves in cryptography and the possibilities offered by these algebraic groups in terms of computational efficiency and crypto-stability of algorithms were also considered. Information systems using elliptic curves, the keys have a shorter length than the algorithms above the finite fields. Theoretical directions of improvement of procedure of formation and verification of electronic-digital signature with the possibility of ensuring the integrity and confidentiality of information were considered. The proposed method is based on the Schnorr signature algorithm, which allows data to be recovered directly from the signature itself, similarly to RSA-like signature systems, and the amount of recoverable information is variable depending on the information message. As a result, the length of the signature itself, which is equal to the sum of the length of the end field over which the elliptic curve is determined, and the artificial excess redundancy provided to the hidden message was achieved.

Download Full-text

Analysis and Improvements to the Special Number Field Sieve for Discrete Logarithm Problems

2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP) ◽

10.1109/csp51677.2021.9357589 ◽

2021 ◽

Author(s):

Liwei Liu ◽

Maozhi Xu ◽

Guoqing Zhou

Keyword(s):

Number Field ◽

Discrete Logarithm ◽

Number Field Sieve ◽

Special Number

Download Full-text

Primitive divisors of sequences associated to elliptic curves with complex multiplication

Research in Number Theory ◽

10.1007/s40993-021-00267-9 ◽

2021 ◽

Vol 7 (2) ◽

Author(s):

Matteo Verzobio

Keyword(s):

Elliptic Curve ◽

Elliptic Curves ◽

Number Field ◽

Complex Multiplication ◽

Dedekind Domain ◽

Torsion Point ◽

Integral Ideal ◽

Primitive Divisors ◽

Primitive Divisor ◽

The Ideal

AbstractLet P and Q be two points on an elliptic curve defined over a number field K. For $$\alpha \in {\text {End}}(E)$$ α ∈ End ( E ) , define $$B_\alpha $$ B α to be the $$\mathcal {O}_K$$ O K -integral ideal generated by the denominator of $$x(\alpha (P)+Q)$$ x ( α ( P ) + Q ) . Let $$\mathcal {O}$$ O be a subring of $${\text {End}}(E)$$ End ( E ) , that is a Dedekind domain. We will study the sequence $$\{B_\alpha \}_{\alpha \in \mathcal {O}}$$ { B α } α ∈ O . We will show that, for all but finitely many $$\alpha \in \mathcal {O}$$ α ∈ O , the ideal $$B_\alpha $$ B α has a primitive divisor when P is a non-torsion point and there exist two endomorphisms $$g\ne 0$$ g ≠ 0 and f so that $$f(P)= g(Q)$$ f ( P ) = g ( Q ) . This is a generalization of previous results on elliptic divisibility sequences.

Download Full-text

Generalized Artin'S Conjecture for Primitive Roots and Cyclicity Mod of Elliptic Curves Over Function Fields

Canadian Mathematical Bulletin ◽

10.4153/cmb-1995-023-2 ◽

1995 ◽

Vol 38 (2) ◽

pp. 167-173 ◽

Cited By ~ 5

Author(s):

David A. Clark ◽

Masato Kuwata

Keyword(s):

Finite Field ◽

Prime Ideal ◽

Elliptic Curve ◽

Elliptic Curves ◽

Function Field ◽

Function Fields ◽

Artin's Conjecture ◽

Primitive Roots

AbstractLet k = Fq be a finite field of characteristic p with q elements and let K be a function field of one variable over k. Consider an elliptic curve E defined over K. We determine how often the reduction of this elliptic curve to a prime ideal is cyclic. This is done by generalizing a result of Bilharz to a more general form of Artin's primitive roots problem formulated by R. Murty.

Download Full-text

Improved lower bound for Diffie–Hellman problem using multiplicative group of a finite field as auxiliary group

Journal of Mathematical Cryptology ◽

10.1515/jmc-2017-0053 ◽

2018 ◽

Vol 12 (2) ◽

pp. 101-118 ◽

Cited By ~ 1

Author(s):

Prabhat Kushwaha

Keyword(s):

Lower Bound ◽

Finite Field ◽

Elliptic Curves ◽

Multiplicative Group ◽

Discrete Logarithm ◽

Discrete Logarithm Problem ◽

Reduction Algorithm ◽

Practical Applications ◽

Diffie Hellman ◽

Estimate Lower

Abstract In 2004, Muzereau, Smart and Vercauteren [A. Muzereau, N. P. Smart and F. Vercauteren, The equivalence between the DHP and DLP for elliptic curves used in practical applications, LMS J. Comput. Math. 7 2004, 50–72] showed how to use a reduction algorithm of the discrete logarithm problem to Diffie–Hellman problem in order to estimate lower bound for the Diffie–Hellman problem on elliptic curves. They presented their estimates on various elliptic curves that are used in practical applications. In this paper, we show that a much tighter lower bound for the Diffie–Hellman problem on those curves can be achieved if one uses the multiplicative group of a finite field as auxiliary group. The improved lower bound estimates of the Diffie–Hellman problem on those recommended curves are also presented. Moreover, we have also extended our idea by presenting similar estimates of DHP on some more recommended curves which were not covered before. These estimates of DHP on these curves are currently the tightest which lead us towards the equivalence of the Diffie–Hellman problem and the discrete logarithm problem on these recommended elliptic curves.

Download Full-text

Perfect squares representing the number of rational points on elliptic curves over finite field extensions

Finite Fields and Their Applications ◽

10.1016/j.ffa.2020.101725 ◽

2020 ◽

Vol 67 ◽

pp. 101725

Author(s):

Kwok Chi Chim ◽

Florian Luca

Keyword(s):

Finite Field ◽

Elliptic Curves ◽

Rational Points ◽

Field Extensions ◽

Perfect Squares

Download Full-text

Finding roots in with the successive resultants algorithm

LMS Journal of Computation and Mathematics ◽

10.1112/s1461157014000138 ◽

2014 ◽

Vol 17 (A) ◽

pp. 203-217 ◽

Cited By ~ 2

Author(s):

Christophe Petit

Keyword(s):

Finite Field ◽

Elliptic Curve ◽

Finite Fields ◽

Coding Theory ◽

Discrete Logarithm ◽

Discrete Logarithm Problem ◽

Polynomial Equations ◽

Preliminary Results ◽

Characteristic Case ◽

Practical Security

AbstractThe problem of solving polynomial equations over finite fields has many applications in cryptography and coding theory. In this paper, we consider polynomial equations over a ‘large’ finite field with a ‘small’ characteristic. We introduce a new algorithm for solving this type of equations, called the successive resultants algorithm (SRA). SRA is radically different from previous algorithms for this problem, yet it is conceptually simple. A straightforward implementation using Magma was able to beat the built-in Roots function for some parameters. These preliminary results encourage a more detailed study of SRA and its applications. Moreover, we point out that an extension of SRA to the multivariate case would have an important impact on the practical security of the elliptic curve discrete logarithm problem in the small characteristic case.Supplementary materials are available with this article.

Download Full-text

The Construction of ElGamal over Koblitz Curve

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.931-932.1441 ◽

2014 ◽

Vol 931-932 ◽

pp. 1441-1446 ◽

Cited By ~ 1

Author(s):

Krissanee Kamthawee ◽

Bhichate Chiewthanakul

Keyword(s):

Elliptic Curve ◽

Elliptic Curves ◽

Discrete Logarithm ◽

Scalar Multiplication ◽

Computer Hardware ◽

Point Multiplication ◽

Koblitz Curves ◽

Elliptic Curve Cryptosystems ◽

Elgamal Cryptosystem ◽

Primary Advantage

Recently elliptic curve cryptosystems are widely accepted for security applications key generation, signature and verification. Cryptographic mechanisms based on elliptic curves depend on arithmetic involving the points of the curve. it is possible to use smaller primes, or smaller finite fields, with elliptic curves and achieve a level of security comparable to that for much larger integers. Koblitz curves, also known as anomalous binary curves, are elliptic curves defined over F2. The primary advantage of these curves is that point multiplication algorithms can be devised that do not use any point doublings. The ElGamal cryptosystem, which is based on the Discrete Logarithm problem can be implemented in any group. In this paper, we propose the ElGamal over Koblitz Curve Scheme by applying the arithmetic on Koblitz curve to the ElGamal cryptosystem. The advantage of this scheme is that point multiplication algorithms can be speeded up the scalar multiplication in the affine coodinate of the curves using Frobenius map. It has characteristic two, therefore it’s arithmetic can be designed in any computer hardware. Moreover, it has more efficient to employ the TNAF method for scalar multiplication on Koblitz curves to decrease the number of nonzero digits. It’s security relies on the inability of a forger, who does not know a private key, to compute elliptic curve discrete logarithm.

Download Full-text