Results 1 
9 of
9
Twisted Edwards Curves
"... Abstract. This paper introduces “twisted Edwards curves, ” a generalization of the recently introduced Edwards curves; shows that twisted Edwards curves include more curves over finite fields, and in particular every elliptic curve in Montgomery form; shows how to cover even more curves via isogenie ..."
Abstract

Cited by 35 (4 self)
 Add to MetaCart
Abstract. This paper introduces “twisted Edwards curves, ” a generalization of the recently introduced Edwards curves; shows that twisted Edwards curves include more curves over finite fields, and in particular every elliptic curve in Montgomery form; shows how to cover even more curves via isogenies; presents fast explicit formulas for twisted Edwards curves in projective and inverted coordinates; and shows that twisted Edwards curves save time for many curves that were already expressible as Edwards curves.
Constructing Isogenies Between Elliptic Curves Over Finite Fields
 LMS J. Comput. Math
, 1999
"... Let E 1 and E 2 be ordinary elliptic curves over a finite field Fp such that #E1 (Fp ) = #E2 (Fp ). Tate's isogeny theorem states that there is an isogeny from E1 to E2 which is defined over Fp . The goal of this paper is to describe a probabilistic algorithm for constructing such an isogeny. ..."
Abstract

Cited by 30 (3 self)
 Add to MetaCart
Let E 1 and E 2 be ordinary elliptic curves over a finite field Fp such that #E1 (Fp ) = #E2 (Fp ). Tate's isogeny theorem states that there is an isogeny from E1 to E2 which is defined over Fp . The goal of this paper is to describe a probabilistic algorithm for constructing such an isogeny.
A PublicKey Encryption Scheme with PseudoRandom Ciphertexts
 In ESORICS ’04, LNCS 3193
, 2004
"... Abstract. This work presents a practical publickey encryption scheme that offers security under adaptive chosenciphertext attack (CCA) and has pseudorandom ciphertexts, i.e. ciphertexts indistinguishable from random bit strings. Ciphertext pseudorandomness has applications in steganography. The ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
Abstract. This work presents a practical publickey encryption scheme that offers security under adaptive chosenciphertext attack (CCA) and has pseudorandom ciphertexts, i.e. ciphertexts indistinguishable from random bit strings. Ciphertext pseudorandomness has applications in steganography. The new scheme features short ciphertexts due to the use of elliptic curve cryptography, with ciphertext pseudorandomness achieved through a new key encapsulation mechanism (KEM) based on elliptic curve DiffieHellman with a pair of elliptic curves where each curve is a twist of the other. The publickey encryption scheme resembles the hybrid DHIES construction; besides by using the new KEM, it differs from DHIES in that it uses an authenticatethenencrypt (AtE) rather than encryptthenauthenticate (EtA) approach for symmetric cryptography. 1
The distribution of the number of points modulo an integer on elliptic curves over finite fields
, 2009
"... Let Fq be a finite field and let b and N be integers. We study the probability that the number of points on a randomly chosen elliptic curve E over Fq equals b modulo N. We prove explicit formulas for the cases gcd(N, q) = 1 and N = char(Fq). In the former case, these formulas follow from a random ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Let Fq be a finite field and let b and N be integers. We study the probability that the number of points on a randomly chosen elliptic curve E over Fq equals b modulo N. We prove explicit formulas for the cases gcd(N, q) = 1 and N = char(Fq). In the former case, these formulas follow from a random matrix theorem for Frobenius acting on the Ntorsion part of E, obtained by applying density results due to Chebotarev to the modular covering X(N) → X(1). As an additional application to this theorem, we estimate the probability that a randomly chosen elliptic curve has a point of order precisely N. 1
Generating Prime Order Elliptic Curves: Difficulties and Efficiency
 Considerations, in International Conference on Information Security and Cryptology – ICISC 2004, Lecture Notes in Computer Science
, 2005
"... Abstract. We consider the generation of prime order elliptic curves (ECs) over a prime field Fp using the Complex Multiplication (CM) method. A crucial step of this method is to compute the roots of a special type of class field polynomials with the most commonly used being the Hilbert and Weber one ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
Abstract. We consider the generation of prime order elliptic curves (ECs) over a prime field Fp using the Complex Multiplication (CM) method. A crucial step of this method is to compute the roots of a special type of class field polynomials with the most commonly used being the Hilbert and Weber ones, uniquely determined by the CM discriminant D. In attempting to construct prime order ECs using Weber polynomials two difficulties arise (in addition to the necessary transformations of the roots of such polynomials to those of their Hilbert counterparts). The first one is that the requirement of prime order necessitates that D ≡ 3 (mod 8), which gives Weber polynomials with degree three times larger than the degree of their corresponding Hilbert polynomials (a fact that could affect efficiency). The second difficulty is that these Weber polynomials do not have roots in Fp. In this paper we show how to overcome the above difficulties and provide efficient methods for generating ECs of prime order supported by a thorough experimental study. In particular,
Compressing and Disguising Elements in Discrete Logarithm Cryptography
, 2008
"... In the modern world, the ubiquity of digital communication is driven by the constantly evolving world of cryptography. Consequently one must efficiently implement asymmetric cryptography in environments which have limited resources at their disposal, such as smart–cards, ID cards, vehicular microchi ..."
Abstract
 Add to MetaCart
In the modern world, the ubiquity of digital communication is driven by the constantly evolving world of cryptography. Consequently one must efficiently implement asymmetric cryptography in environments which have limited resources at their disposal, such as smart–cards, ID cards, vehicular microchips and many more. It is the primary purpose of this thesis to investigate methods for reducing the bandwidth required by these devices. Part I of this thesis considers compression techniques for elliptic curve cryptography (ECC). We begin this by analysing how much data is actually required to establish domain parameters for ECC. Following the widely used cryptographic standards (for example: SEC 1), we show that naïvely implemented systems use extensively more data than is actually required and suggest a flexible and compact way to better implement these. This is especially of use in a multi–curve environment. We then investigate methods for reducing the inherent redundancy in the point representation of Koblitz systems; a by–product of the best known Pollard–ρ based attacks by Wiener & Zuccherato and Gallant, Lambert & Vanstone. We present methods which allow such systems to operate (with a high confidence) as efficiently as generic ones whilst maintaining all of their com
Divisibility, Smoothness and Cryptographic Applications
, 2008
"... This paper deals with products of moderatesize primes, familiarly known as smooth numbers. Smooth numbers play an crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in var ..."
Abstract
 Add to MetaCart
This paper deals with products of moderatesize primes, familiarly known as smooth numbers. Smooth numbers play an crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in various integer sequences. We then turn our attention to cryptographic applications in which smooth numbers play a pivotal role. 1 1
A DISCRETE LOGARITHM ATTACK ON ELLIPTIC CURVES
"... ABSTRACT. We give an improved index calculus attack for a large class of elliptic curves. Our algorithm works by efficiently transferring the group structure of an elliptic curve to a weaker group. The running time of our attack poses a significant and realistic threat to the security of the ellipti ..."
Abstract
 Add to MetaCart
ABSTRACT. We give an improved index calculus attack for a large class of elliptic curves. Our algorithm works by efficiently transferring the group structure of an elliptic curve to a weaker group. The running time of our attack poses a significant and realistic threat to the security of the elliptic curves in this class. As a consequence of our construction, we will also derive entirely new point counting algorithms. These algorithms set new runtime complexity records. We discuss implementations of these algorithms and give examples. 1.