Results 1  10
of
26
The secure remote password protocol
 In Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium
, 1998
"... This paper presents a new password authentication and keyexchange protocol suitable for authenticating users and exchanging keys over an untrusted network. The new protocol resists dictionary attacks mounted by either passive or active network intruders, allowing, in principle, even weak passphrase ..."
Abstract

Cited by 175 (5 self)
 Add to MetaCart
This paper presents a new password authentication and keyexchange protocol suitable for authenticating users and exchanging keys over an untrusted network. The new protocol resists dictionary attacks mounted by either passive or active network intruders, allowing, in principle, even weak passphrases to be used safely. It also o ers perfect forward secrecy, which protects past sessions and passwords against future compromises. Finally, user passwords are stored in a form that is not plaintextequivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the host. This new protocol combines techniques of zeroknowledge proofs with asymmetric key exchange protocols and o ers signi cantly improved performance over comparably strong extended methods that resist stolenveri er attacks such as Augmented EKE or BSPEKE. 1
Efficient Algorithms for Elliptic Curve Cryptosystems
, 1997
"... Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This th ..."
Abstract

Cited by 66 (9 self)
 Add to MetaCart
Elliptic curves are the basis for a relative new class of publickey schemes. It is predicted that elliptic curves will replace many existing schemes in the near future. It is thus of great interest to develop algorithms which allow efficient implementations of elliptic curve crypto systems. This thesis deals with such algorithms. Efficient algorithms for elliptic curves can be classified into lowlevel algorithms, which deal with arithmetic in the underlying finite field and highlevel algorithms, which operate with the group operation. This thesis describes three new algorithms for efficient implementations of elliptic curve cryptosystems. The first algorithm describes the application of the KaratsubaOfman Algorithm to multiplication in composite fields GF ((2 n ) m ). The second algorithm deals with efficient inversion in composite Galois fields of the form GF ((2 n ) m ). The third algorithm is an entirely new approach which accelerates the multiplication of points which i...
An Overview of Elliptic Curve Cryptography
, 2000
"... Elliptic curve cryptography (ECC) was introduced by Victor Miller and Neal Koblitz in 1985. ECC proposed as an alternative to established publickey systems such as DSA and RSA, have recently gained a lot attention in industry and academia. The main reason for the attractiveness of ECC is the fact t ..."
Abstract

Cited by 29 (2 self)
 Add to MetaCart
Elliptic curve cryptography (ECC) was introduced by Victor Miller and Neal Koblitz in 1985. ECC proposed as an alternative to established publickey systems such as DSA and RSA, have recently gained a lot attention in industry and academia. The main reason for the attractiveness of ECC is the fact that there is no subexponential algorithm known to solve the discrete logarithm problem on a properly chosen elliptic curve. This means that significantly smaller parameters can be used in ECC than in other competitive systems such RSA and DSA, but with equivalent levels of security. Some benefits of having smaller key sizes include faster computations, and reductions in processing power, storage space and bandwidth. This makes ECC ideal for constrained environments such as pagers, PDAs, cellular phones and smart cards. The implementation of ECC, on the other hand, requires several choices such as the type of the underlying finite field, algorithms for implementing the finite field arithmetic and so on. In this paper we give we presen an selective overview of the main methods.
Discrete Logarithms: the Effectiveness of the Index Calculus Method
, 1996
"... . In this article we survey recent developments concerning the discrete logarithm problem. Both theoretical and practical results are discussed. We emphasize the case of finite fields, and in particular, recent modifications of the index calculus method, including the number field sieve and the func ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
. In this article we survey recent developments concerning the discrete logarithm problem. Both theoretical and practical results are discussed. We emphasize the case of finite fields, and in particular, recent modifications of the index calculus method, including the number field sieve and the function field sieve. We also provide a sketch of the some of the cryptographic schemes whose security depends on the intractibility of the discrete logarithm problem. 1 Introduction Let G be a cyclic group generated by an element t. The discrete logarithm problem in G is to compute for any b 2 G the least nonnegative integer e such that t e = b. In this case, we write log t b = e. Our purpose, in this paper, is to survey recent work on the discrete logarithm problem. Our approach is twofold. On the one hand, we consider the problem from a purely theoretical perspective. Indeed, the algorithms that have been developed to solve it not only explore the fundamental nature of one of the basic s...
Parallel scalar multiplication on general elliptic curves over F_p hedged against NonDifferential SideChannel Attacks
, 2002
"... For speeding up elliptic curve scalar multiplication and making it secure against sidechannel attacks such as timing or power analysis, various methods have been proposed using specifically chosen elliptic curves. We show that both goals can be achieved simultaneously even for conventional elliptic ..."
Abstract

Cited by 22 (0 self)
 Add to MetaCart
For speeding up elliptic curve scalar multiplication and making it secure against sidechannel attacks such as timing or power analysis, various methods have been proposed using specifically chosen elliptic curves. We show that both goals can be achieved simultaneously even for conventional elliptic curves over Fp . This result is shown via two facts. First, we recall the known fact that every elliptic curve over Fp admits a scalar multiplication via a (Montgomery ladder) Lucas chain.
Elliptic curve cryptosystems on reconfigurable hardware
 MASTER’S THESIS, WORCESTER POLYTECHNIC INST
, 1998
"... Security issues will play an important role in the majority of communication and computer networks of the future. As the Internet becomes more and more accessible to the public, security measures will have to be strengthened. Elliptic curve cryptosystems allow for shorter operand lengths than other ..."
Abstract

Cited by 19 (0 self)
 Add to MetaCart
Security issues will play an important role in the majority of communication and computer networks of the future. As the Internet becomes more and more accessible to the public, security measures will have to be strengthened. Elliptic curve cryptosystems allow for shorter operand lengths than other publickey schemes based on the discrete logarithm in finite fields and the integer factorization problem and are thus attractive for many applications. This thesis describes an implementation of a crypto engine based on elliptic curves. The underlying algebraic structures are composite Galois fields GF((2 n) m) in a standard base representation. As a major new feature, the system is developed for a reconfigurable platform based on Field Programmable Gate Arrays (FPGAs). FPGAs combine the flexibility of software solutions with the security of traditional hardware implementations. In particular, it is possible to easily change all algorithm parameters such as curve coefficients, field order, or field representation. The thesis deals with the design and implementation of elliptic curve point multiplicationarchitectures. The architectures are described in VHDL and mapped to Xilinx FPGA devices. Architectures over Galois fields of different order and representation were implemented and compared. Area and timing measurements are provided for all architectures. It is shown that a full point multiplication on elliptic curves of realworld size can be implemented on commercially available FPGAs.
Fast multiplication on elliptic curves over GF(2m) without precomputation
, 1999
"... This paper describes an algorithm for computing elliptic scalar multiplications on nonsupersingular elliptic curves defined over GF(2 m ). The algorithm is an optimized version of a method described in [1], which is based on Montgomery's method [8]. Our algorithm is easy to implement in both ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
This paper describes an algorithm for computing elliptic scalar multiplications on nonsupersingular elliptic curves defined over GF(2 m ). The algorithm is an optimized version of a method described in [1], which is based on Montgomery's method [8]. Our algorithm is easy to implement in both hardware and software, works for any elliptic curve over GF(2 m ), requires no precomputed multiples of a point, and is faster on average than the additionsubtraction method described in draft standard IEEE P1363. In addition, the method requires less memory than projective schemes and the amount of computation needed for a scalar multiplication is fixed for all multipliers of the same binary length. Therefore, the improved method possesses many desirable features for implementing elliptic curves in restricted environments.
Elliptic Curve Pseudorandom Sequence Generators
, 1998
"... In this paper, we introduce a new approach to the generation of binary sequences by applying trace functions to elliptic curves over GF(2 m ). We call these sequences elliptic curve pseudorandom sequences (ECsequence). We determine their periods, distribution of zeros and ones, and linear span ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
In this paper, we introduce a new approach to the generation of binary sequences by applying trace functions to elliptic curves over GF(2 m ). We call these sequences elliptic curve pseudorandom sequences (ECsequence). We determine their periods, distribution of zeros and ones, and linear spans for a class of ECsequences generated from supersingular curves. We exhibit a class of ECsequences which has half period as a lower bound for their linear spans. ECsequences can be constructed algebraically and can be generated efficiently in software or hardware by the same methods that are used for implementation of elliptic curve publickey cryptosystems.
ECC Based Threshold Cryptography for Secure Data Forwarding and Secure Key Exchange
 University of Waterloo
, 2005
"... Abstract. This paper proposes a new approach to provide reliable data transmission in MANET with strong adversaries. We combine Elliptic Curve Cryptography and Threshold Cryptosystem to securely deliver messages in n shares. As long as the destination receives at least k shares, it can recover the o ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
Abstract. This paper proposes a new approach to provide reliable data transmission in MANET with strong adversaries. We combine Elliptic Curve Cryptography and Threshold Cryptosystem to securely deliver messages in n shares. As long as the destination receives at least k shares, it can recover the original message. We explore seven ECC mechanisms, ElGamal, MasseyOmura, DiffieHellman, MenezesVanstone, KoyamaMaurerOkamotoVanstone, Ertaul, and Demytko. For secure data forwarding, we consider both splitting plaintext before encryption, and splitting ciphertext after encryption. Also we suggest to exchange keys between a pair of mobile nodes using Elliptic Curve Cryptography DiffieHellman. We did performance comparison of ECC and RSA to show ECC is more efficient than RSA. 1
Elliptic Curve Cryptography on Smart Cards
, 2000
"... In 1985 Neal Koblitz and V.S. Miller proposed elliptic curves to be used for public key cryptosystems, whereas RSA, a nowadays widely used public key cryptosystem, was developed by Rivest, Shamir, and Adleman almost ten years earlier in 1977. The elliptic curve cryptosystem benefits from smaller key ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
In 1985 Neal Koblitz and V.S. Miller proposed elliptic curves to be used for public key cryptosystems, whereas RSA, a nowadays widely used public key cryptosystem, was developed by Rivest, Shamir, and Adleman almost ten years earlier in 1977. The elliptic curve cryptosystem benefits from smaller key sizes than RSA, which makes its cryptographic operations, encryption, decryption, signing, and signature verification faster than RSA's operations. A smart card is a singlechip microcomputer with a size of 25 mm² at most. Today smart cards are used mainly for electronic identification and storing user information. Smart cards are also used to store private keys and to execute cryptographic operations which use private keys. This Master's thesis examines whether elliptic curve cryptography is better suited to be used on smart cards than the nowadays widely used RSA. It describes the elliptic curve cryptography and RSA implementations used to compare these two cryptosystems, and presents performance comparisons based on these implementations. In addition, this thesis contains security and space requirement comparisons between these two cryptosystems. According to the test results, signing and decryption operations are faster with the elliptic curve cryptosystem than with RSA, but RSA is faster when encrypting messages or verifying signatures. On the other hand, the elliptic curve cryptosystem needs less space to store the private keys than RSA, and is thus well suited to be used on smart cards. The elliptic curve cryptosystem has the disadvantage that the MenezesVanstone encryption increases the size of encrypted messages considerably more than RSA encryption does. In addition, because an elliptic curve cryptosystem implementation is more complicated and requires deeper mathematical understanding than an RSA implementation, it is more susceptible to errors which diminishes its security.