Results 1 
4 of
4
Index calculus in class groups of nonhyperelliptic curves of genus three, in "Journal of Cryptology", The original publication is available at www.springerlink.com
, 2007
"... We study an index calculus algorithm to solve the discrete logarithm problem (DLP) in degree 0 class groups of nonhyperelliptic curves of genus 3 over finite fields. We present a heuristic analysis of the algorithm which indicates that the DLP in degree 0 class groups of nonhyperelliptic curves of ..."
Abstract

Cited by 26 (4 self)
 Add to MetaCart
(Show Context)
We study an index calculus algorithm to solve the discrete logarithm problem (DLP) in degree 0 class groups of nonhyperelliptic curves of genus 3 over finite fields. We present a heuristic analysis of the algorithm which indicates that the DLP in degree 0 class groups of nonhyperelliptic curves of genus 3 can be solved in an expected time of Õ(q). This heuristic result relies on one heuristic assumption which is studied experimentally. We also present experimental data which show that a variant of the algorithm is faster than the Rho method even for small group sizes, and we address practical limitations of the algorithm.
On Small Degree Extension Fields in Cryptology
, 2005
"... that are based in, or map to, the multiplicative group of finite fields with small extension degree. A central observation is that the multiplicative group of extension fields essentially decomposes as a product of algebraic tori, whose properties allow for improved communication efficiency. ..."
Abstract
 Add to MetaCart
(Show Context)
that are based in, or map to, the multiplicative group of finite fields with small extension degree. A central observation is that the multiplicative group of extension fields essentially decomposes as a product of algebraic tori, whose properties allow for improved communication efficiency.
Improved Masking for Tweakable Blockciphers with Applications to Authenticated Encryption
"... Abstract. A popular approach to tweakable blockcipher design is via masking, where a certain primitive (a blockcipher or a permutation) is preceded and followed by an easytocompute tweakdependent mask. In this work, we revisit the principle of masking. We do so alongside the introduction of the t ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. A popular approach to tweakable blockcipher design is via masking, where a certain primitive (a blockcipher or a permutation) is preceded and followed by an easytocompute tweakdependent mask. In this work, we revisit the principle of masking. We do so alongside the introduction of the tweakable EvenMansour construction MEM. Its masking function combines the advantages of wordoriented LFSR and poweringupbased methods. We show in particular how recent advancements in computing discrete logarithms over finite fields of characteristic 2 can be exploited in a constructive way to realize highly efficient, constanttime masking functions. If the masking satisfies a set of simple conditions, then MEM is a secure tweakable blockcipher up to the birthday bound. The strengths of MEM are exhibited by the design of fully parallelizable authenticated encryption schemes OPP (noncerespecting) and MRO (misuseresistant). If instantiated with a reducedround BLAKE2b permutation, OPP and MRO achieve speeds up to 0.55 and 1.06 cycles per byte on the Intel Haswell microarchitecture, and are able to significantly outperform their closest competitors.
Index
, 2006
"... calculus in class groups of nonhyperelliptic curves of genus three ..."
(Show Context)