Results 1  10
of
10
The Relationship Between Breaking the DiffieHellman Protocol and Computing Discrete Logarithms
, 1998
"... Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that re ..."
Abstract

Cited by 37 (3 self)
 Add to MetaCart
Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that reduces the computation of discrete logarithms in G to breaking the DiffieHellman protocol in G and has complexity p maxf(p i )g \Delta (log jGj) O(1) , where (p) stands for the minimum of the set of largest prime factors of all the numbers d in the interval [p \Gamma 2 p p+1; p+2 p p+ 1]. Under the unproven but plausible assumption that (p) is polynomial in log p, this reduction implies that the DiffieHellman problem and the discrete logarithm problem are polynomialtime equivalent in G. Second, it is proved that the DiffieHellman problem and the discrete logarithm problem are equivalent in a uniform sense for groups whose orders belong to certain classes: there exists a p...
Schoof's Algorithm and Isogeny Cycles
, 1994
"... . The heart of Schoof's algorithm for computing the cardinality m of an elliptic curve over a finite field is the computation of m modulo small primes `. Elkies and Atkin have designed practical improvements to the basic algorithm, that make use of "good" primes `. We show how to u ..."
Abstract

Cited by 28 (6 self)
 Add to MetaCart
. The heart of Schoof's algorithm for computing the cardinality m of an elliptic curve over a finite field is the computation of m modulo small primes `. Elkies and Atkin have designed practical improvements to the basic algorithm, that make use of "good" primes `. We show how to use powers of good primes in an efficient way. This is done by computing isogenies between curves over the ground field. A new structure appears, called "isogeny cycle". We investigate some properties of this structure. 1 Introduction Let E be an elliptic curve over a primitive finite field F p where p is a large prime integer. (We are not dealing with the case of small characteristic here.) The curve is given by some equation E(X; Y ) = 0 in Weierstrass form E(X; Y ) = Y 2 \Gamma X 3 \Gamma AX \Gamma B so that a generic point on the curve is given by (X; Y ) mod E . Let m be the number of points of E. It is well known that m = p + 1 \Gamma t, with t an integer satisfying jtj ! 2 p p. If p is small...
The DiffieHellman Protocol
 DESIGNS, CODES, AND CRYPTOGRAPHY
, 1999
"... The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protoco ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protocol, allowing two parties who share no secret information initially, to generate a mutual secret key. This paper summarizes the present knowledge on the security of this protocol.
Counting the Number of Points on Elliptic Curves over Finite Fields of Characteristic Greater than Three
 In Proceedings of ANTS I
, 1994
"... We present a variant of an algorithm of Oliver Atkin for counting the number of points on an elliptic curve over a finite field. We describe an implementation of this algorithm for prime fields. We report on the use of this implementation to count the number of points on a curve over IFp , where p i ..."
Abstract

Cited by 16 (4 self)
 Add to MetaCart
We present a variant of an algorithm of Oliver Atkin for counting the number of points on an elliptic curve over a finite field. We describe an implementation of this algorithm for prime fields. We report on the use of this implementation to count the number of points on a curve over IFp , where p is a 375digit prime.
Isogeny cycles and the SchoofElkiesAtkin algorithm
 Research Report LIX/RR/96/03, LIX
, 1996
"... . The heart of Schoof's algorithm for computing the cardinality m of an elliptic curve over a finite field is the computation of m modulo small primes `. Elkies and Atkin have designed practical improvements to the basic algorithm, that make use of "good" primes `. We show how to use ..."
Abstract

Cited by 14 (5 self)
 Add to MetaCart
. The heart of Schoof's algorithm for computing the cardinality m of an elliptic curve over a finite field is the computation of m modulo small primes `. Elkies and Atkin have designed practical improvements to the basic algorithm, that make use of "good" primes `. We show how to use powers of good primes in an efficient way. This is done by computing isogenies between curves over the ground field. We investigate the properties of the "isogeny cycles" that appear. 1. Introduction Let E be an elliptic curve over a finite field F q where q = p r , p prime. The curve is given by some equation E(X; Y ) = 0 in Weierstrass form E(X; Y ) = Y 2 + a 1 XY + a 3 Y \Gamma (X 3 + a 2 X 2 + a 4 X + a 6 ) so that a generic point on the curve is given by (X; Y ) mod E . Let m be the number of points of E. It is well known that m = q + 1 \Gamma t, with t an integer satisfying jtj 2 p q. If q is small the problem of computing the cardinality of E is easy: one can simply enumerate all the p...
The LiPS Runtime Systems based on FaultTolerant Tuple Space Machines
 IN PROCEEDINGS OF THE WORKSHOP ON RUNTIME SYSTEMS FOR PARALLEL PROGRAMMING (RTSPP), 11TH INTERNATIONAL PARALLEL PROCESSING SYMPOSIUM (IPPS'97
, 1997
"... Performing computation using networks of workstations is increasingly becoming an alternative to using a supercomputer. This approach is motivated by the vast quantities of unused idletime available in workstation networks. Unlike computing on a tightly coupled parallel computer where a xed number ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
Performing computation using networks of workstations is increasingly becoming an alternative to using a supercomputer. This approach is motivated by the vast quantities of unused idletime available in workstation networks. Unlike computing on a tightly coupled parallel computer where a xed number of processor nodes is used within a computation, the number of usable nodes in a workstation network is constantly changing over time. Additionally, workstations are more frequently subject to outages, e.g. due to reboots. The question arises how applications, adapting smoothly to this environment, should be realized. LiPS 1 is a system for distributed computing using idlecycles in networks of workstations. This system in its version 2.3 is currently used at the Universitat des Saarlandes in Saarbrucken, Germany to perform computationally intensive applications in the eld of cryptography and computer algebra [BMS95, LMMS94, BLZ93, WD95] on a net of approximately 250 workstations and should be enhanced to work within an environment of more than 1000 machines all over the world within the next years. The main lesson learned while using LiPS version 2.3 is that the fault as introduced by crashing machines or transient network problems should be transparent to the user. The design of version 2.4 takes this into account. In this paper we present the runtime systems of LiPS along with performance measurements taken with the current LiPS development version 2.4.
Elliptic Curve Cryptography on Smart Cards
, 2000
"... In 1985 Neal Koblitz and V.S. Miller proposed elliptic curves to be used for public key cryptosystems, whereas RSA, a nowadays widely used public key cryptosystem, was developed by Rivest, Shamir, and Adleman almost ten years earlier in 1977. The elliptic curve cryptosystem benefits from smaller key ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
In 1985 Neal Koblitz and V.S. Miller proposed elliptic curves to be used for public key cryptosystems, whereas RSA, a nowadays widely used public key cryptosystem, was developed by Rivest, Shamir, and Adleman almost ten years earlier in 1977. The elliptic curve cryptosystem benefits from smaller key sizes than RSA, which makes its cryptographic operations, encryption, decryption, signing, and signature verification faster than RSA's operations. A smart card is a singlechip microcomputer with a size of 25 mm&sup2; at most. Today smart cards are used mainly for electronic identification and storing user information. Smart cards are also used to store private keys and to execute cryptographic operations which use private keys. This Master's thesis examines whether elliptic curve cryptography is better suited to be used on smart cards than the nowadays widely used RSA. It describes the elliptic curve cryptography and RSA implementations used to compare these two cryptosystems, and presents performance comparisons based on these implementations. In addition, this thesis contains security and space requirement comparisons between these two cryptosystems. According to the test results, signing and decryption operations are faster with the elliptic curve cryptosystem than with RSA, but RSA is faster when encrypting messages or verifying signatures. On the other hand, the elliptic curve cryptosystem needs less space to store the private keys than RSA, and is thus well suited to be used on smart cards. The elliptic curve cryptosystem has the disadvantage that the MenezesVanstone encryption increases the size of encrypted messages considerably more than RSA encryption does. In addition, because an elliptic curve cryptosystem implementation is more complicated and requires deeper mathematical understanding than an RSA implementation, it is more susceptible to errors which diminishes its security.
FaultTolerant Distributed Applications in LiPS
 Hochschule Darmstadt, FB Informatik
, 1996
"... Performing computations using networks of workstations is increasingly becoming an alternative to using a supercomputer. This approach is motivated by the the vast quantities of unused idletime available in workstation networks. Unlike computing on a tightly coupled parallel computer, where a fixed ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Performing computations using networks of workstations is increasingly becoming an alternative to using a supercomputer. This approach is motivated by the the vast quantities of unused idletime available in workstation networks. Unlike computing on a tightly coupled parallel computer, where a fixed number of processor nodes is used within a computation, the number of useable nodes in a workstation network is constantly changing over time. Additionally, workstations are more frequently subject to outages, eg. due to reboots. The question arises how applications, adapting smoothly to this environment, should be realized. This paper shows how faulttolerant distributed applications are implemented within LiPS version 2.4, a system for distributed computing using idlecycles in networks of workstation. This system currently is used at the Universitat des Saarlandes in Saarbrucken to perform computationally intensive applications on a net of approximately 250 workstations. The LiPS system ...
Software FaultTolerant Distributed Applications in LiPS
"... This paper illustrates how software faulttolerant distributed applications are implemented within LiPS version 2.4, a system for distributed computing using idlecycles in networks of workstation. The LiPS system [SR92,SR93,STea94,Set95,SF96,ST96,SL97,ST97] employs the tuple space programming parad ..."
Abstract
 Add to MetaCart
This paper illustrates how software faulttolerant distributed applications are implemented within LiPS version 2.4, a system for distributed computing using idlecycles in networks of workstation. The LiPS system [SR92,SR93,STea94,Set95,SF96,ST96,SL97,ST97] employs the tuple space programming paradigm, as originally used in the Linda 1 programming language. Applications implemented using this paradigm easily adapt to changes in availability as they occur in workstation networks. In LiPS, applications are enabled to terminate successfully in spite of failing nodes by periodically writing checkpoints, freezing the state of a computational process, and keeping track of messages exchanged between checkpoints in a message log. The message log is kept within the tuple space machine implementing the tuple space and replayed if an application process recovers. This assumes deterministic behavior of the application process but allows independent checkpoint generation and alleviates the need ...