Results 1  10
of
91
Guide to Elliptic Curve Cryptography
, 2004
"... Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves ..."
Abstract

Cited by 593 (18 self)
 Add to MetaCart
Elliptic curves have been intensively studied in number theory and algebraic geometry for over 100 years and there is an enormous amount of literature on the subject. To quote the mathematician Serge Lang: It is possible to write endlessly on elliptic curves. (This is not a threat.) Elliptic curves also figured prominently in the recent proof of Fermat's Last Theorem by Andrew Wiles. Originally pursued for purely aesthetic reasons, elliptic curves have recently been utilized in devising algorithms for factoring integers, primality proving, and in publickey cryptography. In this article, we aim to give the reader an introduction to elliptic curve cryptosystems, and to demonstrate why these systems provide relatively small block sizes, highspeed software and hardware implementations, and offer the highest strengthperkeybit of any known publickey scheme.
Software Implementation of Elliptic Curve Cryptography Over Binary Fields
, 2000
"... This paper presents an extensive and careful study of the software implementation on workstations of the NISTrecommended elliptic curves over binary fields. We also present the results of our implementation in C on a Pentium II 400 MHz workstation. ..."
Abstract

Cited by 184 (10 self)
 Add to MetaCart
This paper presents an extensive and careful study of the software implementation on workstations of the NISTrecommended elliptic curves over binary fields. We also present the results of our implementation in C on a Pentium II 400 MHz workstation.
Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms
, 2001
"... The fundamental operation in elliptic curve cryptographic schemes is that of point multiplication of an elliptic curve point by an integer. This paper describes a new method for accelerating this operation on classes of elliptic curves that have efficientlycomputable endomorphisms. One advantage of ..."
Abstract

Cited by 93 (0 self)
 Add to MetaCart
(Show Context)
The fundamental operation in elliptic curve cryptographic schemes is that of point multiplication of an elliptic curve point by an integer. This paper describes a new method for accelerating this operation on classes of elliptic curves that have efficientlycomputable endomorphisms. One advantage of the new method is that it is applicable to a larger class of curves than previous such methods.
Software Implementation of the NIST Elliptic Curves Over Prime Fields
 TOPICS IN CRYPTOLOGY – CTRSA 2001, VOLUME 2020 OF LNCS
, 2001
"... ..."
(Show Context)
An Overview of Elliptic Curve Cryptography
, 2000
"... Elliptic curve cryptography (ECC) was introduced by Victor Miller and Neal Koblitz in 1985. ECC proposed as an alternative to established publickey systems such as DSA and RSA, have recently gained a lot attention in industry and academia. The main reason for the attractiveness of ECC is the fact t ..."
Abstract

Cited by 36 (3 self)
 Add to MetaCart
Elliptic curve cryptography (ECC) was introduced by Victor Miller and Neal Koblitz in 1985. ECC proposed as an alternative to established publickey systems such as DSA and RSA, have recently gained a lot attention in industry and academia. The main reason for the attractiveness of ECC is the fact that there is no subexponential algorithm known to solve the discrete logarithm problem on a properly chosen elliptic curve. This means that significantly smaller parameters can be used in ECC than in other competitive systems such RSA and DSA, but with equivalent levels of security. Some benefits of having smaller key sizes include faster computations, and reductions in processing power, storage space and bandwidth. This makes ECC ideal for constrained environments such as pagers, PDAs, cellular phones and smart cards. The implementation of ECC, on the other hand, requires several choices such as the type of the underlying finite field, algorithms for implementing the finite field arithmetic and so on. In this paper we give we presen an selective overview of the main methods.
Algorithms for Multiexponentiation
 In Selected Areas in Cryptography – SAC 2001 (2001
, 2001
"... Abstract. This paper compares different approaches for computing power products � 1≤i≤k ge i i in commutative groups. We look at the conventional simultaneous exponentiation approach and present an alternative strategy, interleaving exponentiation. Our comparison shows that in general groups, someti ..."
Abstract

Cited by 31 (3 self)
 Add to MetaCart
(Show Context)
Abstract. This paper compares different approaches for computing power products � 1≤i≤k ge i i in commutative groups. We look at the conventional simultaneous exponentiation approach and present an alternative strategy, interleaving exponentiation. Our comparison shows that in general groups, sometimes the conventional method and sometimes interleaving exponentiation is more efficient. In groups where inverting elements is easy (e.g. elliptic curves), interleaving exponentiation with signed exponent recoding usually wins over the conventional method. 1
Analysis of the Weil Descent Attack of Gaudry, Hess and Smart
, 2000
"... . We analyze the Weil descent attack of Gaudry, Hess and Smart [12] on the elliptic curve discrete logarithm problem for elliptic curves dened over F2 n , where n is prime. 1 Introduction Let E be an elliptic curve dened over a nite eld F q . The elliptic curve discrete logarithm problem (ECDLP) ..."
Abstract

Cited by 31 (5 self)
 Add to MetaCart
. We analyze the Weil descent attack of Gaudry, Hess and Smart [12] on the elliptic curve discrete logarithm problem for elliptic curves dened over F2 n , where n is prime. 1 Introduction Let E be an elliptic curve dened over a nite eld F q . The elliptic curve discrete logarithm problem (ECDLP) in E(F q ) is the following: given E, P 2 E(F q ), r = ord(P ) and Q 2 hP i, nd the integer s 2 [0; r 1] such that Q = sP . The ECDLP is of interest because its apparent intractability forms the basis for the security of elliptic curve cryptographic schemes. The elliptic curve parameters have to be carefully chosen in order to circumvent some known attacks on the ECDLP. In order to avoid the PohligHellman [19] and Pollard's rho [20, 17] attacks, r should be a large prime number, say r > 2 160 . To avoid the Weil pairing [15] and Tate pairing [8] attacks, r should not divide q k 1 for each 1 k C, where C is large enough so that it is computationally infeasible to nd discrete ...
Elliptic curve cryptography: The serpentine course of a paradigm shift
 J. NUMBER THEORY
, 2008
"... Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare ..."
Abstract

Cited by 21 (5 self)
 Add to MetaCart
(Show Context)
Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare this story with the commonly accepted Ideal Model of how research and development function in cryptography. We also discuss to what extent the ideas in the literature on “social construction of technology” can contribute to a better understanding of this history.
Solving Elliptic Curve Discrete Logarithm Problems Using Weil Descent
 JOURNAL OF THE RAMANUJAN MATHEMATICAL SOCIETY
, 2001
"... We provide the first cryptographically interesting instance of the elliptic curve discrete logarithm problem which resists all previously known attacks, but which can be solved with modest computer resources using the Weil descent attack methodology of Frey. We report on our implementation of index ..."
Abstract

Cited by 19 (3 self)
 Add to MetaCart
We provide the first cryptographically interesting instance of the elliptic curve discrete logarithm problem which resists all previously known attacks, but which can be solved with modest computer resources using the Weil descent attack methodology of Frey. We report on our implementation of indexcalculus methods for hyperelliptic curves over characteristic two finite fields, and discuss the cryptographic implications of our results.