Results 1  10
of
27
Guide to Elliptic Curve Cryptography
, 2004
"... Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves ..."
Abstract

Cited by 369 (17 self)
 Add to MetaCart
Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves also figured prominently in the recent proof of Fermat's Last Theorem by Andrew Wiles. Originally pursued for purely aesthetic reasons, elliptic curves have recently been utilized in devising algorithms for factoring integers, primality proving, and in publickey cryptography. In this article, we aim to give the reader an introduction to elliptic curve cryptosystems, and to demonstrate why these systems provide relatively small block sizes, highspeed software and hardware implementations, and offer the highest strengthperkeybit of any known publickey scheme.
Extending the GHS Weil descent attack
 Advances in CryptologyEUROCRYPT 2002, LNCS 2332
, 2002
"... Abstract. In this paper we extend the Weil descent attack due to Gaudry, Hess and Smart (GHS) to a much larger class of elliptic curves. This extended attack applies to fields of composite degree over F2. The principle behind the extended attack is to use isogenies to find an elliptic curve for whic ..."
Abstract

Cited by 38 (1 self)
 Add to MetaCart
Abstract. In this paper we extend the Weil descent attack due to Gaudry, Hess and Smart (GHS) to a much larger class of elliptic curves. This extended attack applies to fields of composite degree over F2. The principle behind the extended attack is to use isogenies to find an elliptic curve for which the GHS attack is effective. The discrete logarithm problem on the target curve can be transformed into a discrete logarithm problem on the isogenous curve. A further contribution of the paper is to give an improvement to an algorithm of Galbraith for constructing isogenies between elliptic curves, and this is of independent interest in elliptic curve cryptography. We show that a larger proportion than previously thought of elliptic curves over F 2 155 should be considered weak. 1
The GHS Attack in odd Characteristic
, 2003
"... The GHS attack is originally an approach to attack the discretelogarithm problem (DLP) in the group of rational points of an elliptic curve over a nonprime finite field of characteristic 2. It is a method to transform the original DLP into DLPs in class groups of specific curves of higher genera ov ..."
Abstract

Cited by 36 (6 self)
 Add to MetaCart
The GHS attack is originally an approach to attack the discretelogarithm problem (DLP) in the group of rational points of an elliptic curve over a nonprime finite field of characteristic 2. It is a method to transform the original DLP into DLPs in class groups of specific curves of higher genera over smaller fields. In this article we give a generalization of the attack to degree 0 class groups of (hyper)elliptic curves over nonprime fields of arbitrary characteristic. We solve the problem under which conditions the kernel of the "transformation homomorphism " (GHSconormnorm homomorphism) is small. We then analyze the resulting curves for the case that the characteristic is odd.
Index Calculus for Abelian Varieties and the Elliptic Curve Discrete Logarithm Problem
, 2004
"... We propose an index calculus algorithm for the discrete logarithm problem on general abelian varieties. The main difference with the previous approaches is that we do not make use of any embedding into the Jacobian of a wellsuited curve. We apply this algorithm to the Weil restriction of elliptic c ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
We propose an index calculus algorithm for the discrete logarithm problem on general abelian varieties. The main difference with the previous approaches is that we do not make use of any embedding into the Jacobian of a wellsuited curve. We apply this algorithm to the Weil restriction of elliptic curves and hyperelliptic curves over small degree extension fields. In particular, our attack can solve all elliptic curve discrete logarithm problems defined over F q 3 in time O(q ), with a reasonably small constant; and an elliptic problem over F q 4 or a genus 2 problem over F p 2 in time O(q ) with a larger constant.
Solving Elliptic Curve Discrete Logarithm Problems Using Weil Descent
 JOURNAL OF THE RAMANUJAN MATHEMATICAL SOCIETY
, 2001
"... We provide the first cryptographically interesting instance of the elliptic curve discrete logarithm problem which resists all previously known attacks, but which can be solved with modest computer resources using the Weil descent attack methodology of Frey. We report on our implementation of index ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
We provide the first cryptographically interesting instance of the elliptic curve discrete logarithm problem which resists all previously known attacks, but which can be solved with modest computer resources using the Weil descent attack methodology of Frey. We report on our implementation of indexcalculus methods for hyperelliptic curves over characteristic two finite fields, and discuss the cryptographic implications of our results.
An Elliptic Curve Processor Suitable For RFIDTags
, 2006
"... RFIDTags are small devices used for identification purposes in many applications nowadays. ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
RFIDTags are small devices used for identification purposes in many applications nowadays.
Elliptic curve cryptography: The serpentine course of a paradigm shift
 J. NUMBER THEORY
, 2008
"... Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare this story with the commonly accepted Ideal Model of how research and development function in cryptography. We also discuss to what extent the ideas in the literature on “social construction of technology” can contribute to a better understanding of this history.
Weak Fields for ECC
, 2003
"... We demonstrate that some finite fields, including F 2 210 , are weak for elliptic curve cryptography in the sense that any instance of the elliptic curve discrete logarithm problem for any elliptic curve over these fields can be solved in significantly less time than it takes Pollard's rho method to ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
We demonstrate that some finite fields, including F 2 210 , are weak for elliptic curve cryptography in the sense that any instance of the elliptic curve discrete logarithm problem for any elliptic curve over these fields can be solved in significantly less time than it takes Pollard's rho method to solve the hardest instances. We discuss the implications of our observations to elliptic curve cryptography, and list some open problems.
Ordinary elliptic curves of high rank over ¯ Fp(x) with constant jinvariant
"... constant jinvariant ..."