Results 1 -
6 of
6
On the construction of prime order elliptic curves
- Progress in cryptology—INDOCRYPT 2003, Springer Lecture Notes in Computer Science
"... Abstract. We consider a variant of the Complex Multiplication (CM) method for constructing elliptic curves (ECs) of prime order with additional security properties. Our variant uses Weber polynomials whose discriminant D is congruent to 3 (mod 8), and is based on a new transformation for converting ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
(Show Context)
Abstract. We consider a variant of the Complex Multiplication (CM) method for constructing elliptic curves (ECs) of prime order with additional security properties. Our variant uses Weber polynomials whose discriminant D is congruent to 3 (mod 8), and is based on a new transformation for converting roots of Weber polynomials to their Hilbert counterparts. We also present a new theoretical estimate of the bit precision required for the construction of the Weber polynomials for these values of D. We conduct a comparative experimental study investigating the time and bit precision of using Weber polynomials against the (typical) use of Hilbert polynomials. We further investigate the time efficiency of the new CM variant under four different implementations of a crucial step of the variant and demonstrate the superiority of two of them. 1
On the Use of Weber Polynomials in Elliptic Curve Cryptography
- In Proc. European PKI Workshop 2004, LNCS 3093
, 2004
"... Abstract. In many cryptographic applications it is necessary to generate elliptic curves (ECs) with certain security properties. These curves are commonly constructed using the Complex Multiplication method which typically uses the roots of Hilbert or Weber polynomials. The former generate the EC di ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract. In many cryptographic applications it is necessary to generate elliptic curves (ECs) with certain security properties. These curves are commonly constructed using the Complex Multiplication method which typically uses the roots of Hilbert or Weber polynomials. The former generate the EC directly, but have high computational demands, while the latter are faster to construct but they do not lead, directly, to the desired EC. In this paper we present in a simple and unifying manner a complete set of transformations of the roots of a Weber polynomial to the roots of its corresponding Hilbert polynomial for all discriminant values on which they are defined. Moreover, we prove a theoretical estimate of the precision required for the computation of Weber polynomials. Finally, we experimentally assess the computational efficiency of the Weber polynomials along with their precision requirements for various discriminant values and compare the results with the theoretical estimates. Our experimental results may be used as a guide for the selection of the most efficient curves in applications residing in resource limited devices such as smart cards that support secure and efficient Public Key Infrastructure (PKI) services. 1
Introducing Ramanujan’s Class Polynomials in the Generation of Prime Order Elliptic Curves
, 804
"... Complex Multiplication (CM) method is a frequently used method for the generation of prime order elliptic curves (ECs) over a prime field Fp. The most demanding and complex step of this method is the computation of the roots of a special type of class polynomials, called Hilbert polynomials. These p ..."
Abstract
- Add to MetaCart
(Show Context)
Complex Multiplication (CM) method is a frequently used method for the generation of prime order elliptic curves (ECs) over a prime field Fp. The most demanding and complex step of this method is the computation of the roots of a special type of class polynomials, called Hilbert polynomials. These polynonials are uniquely determined by the CM discriminant D. The disadvantage of these polynomials is that they have huge coefficients and thus they need high precision arithmetic for their construction. Alternatively, Weber polynomials can be used in the CM method. These polynomials have much smaller coefficients and their roots can be easily transformed to the roots of the corresponding Hilbert polynomials. However, in the case of prime order elliptic curves, the degree of Weber polynomials is three times larger than the degree of the corresponding Hilbert polynomials and for this reason the calculation of their roots involves computations in the extension field F p 3. Recently, two other classes of polynomials, denoted by MD,l(x) and MD,p1,p2(x) respectively, were introduced which can also be used in the generation of prime order elliptic curves. The advantage of these polynomials is that their degree is equal to the degree of the Hilbert polynomials and thus computations over the extension field can be avoided. In this paper, we propose the use of a new class of polynomials. We will call them Ramanujan polynomials named after Srinivasa Ramanujan who was the first to compute them for few values of D. We explicitly describe the algorithm for the construction of the new polynomials, show that their degree is equal to the degree of the corresponding Hilbert polynomials and give the necessary transformation of their roots (to the roots of the corresponding Hilbert polynomials). Moreover, we compare (theoretically and experimentally) the efficiency of using this new class against the use of the aforementioned Weber, MD,l(x) and MD,p1,p2(x) polynomials and show that they clearly outweigh all of them in the generation of prime order elliptic curves.
Contents lists available at ScienceDirect Computers and Mathematics with Applications
"... journal homepage: www.elsevier.com/locate/camwa On nonoscillation of mixed advanced-delay differential equations with ..."
Abstract
- Add to MetaCart
journal homepage: www.elsevier.com/locate/camwa On nonoscillation of mixed advanced-delay differential equations with
ECE 679 SPRING TERM JOURNAL OF CRYPTOGRAPHY 1 The use of FFT’s and other algorithms for fast Elliptic Curve operations
"... Abstract — Over the past few years there has been a lot of research into public key cryptography. In recent years Elliptic Curve Cryptography (ECC) has become increasingly attractive due to the relatively small key sizes (as opposed to RSA for example). This paper gives an overview of some of the ba ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract — Over the past few years there has been a lot of research into public key cryptography. In recent years Elliptic Curve Cryptography (ECC) has become increasingly attractive due to the relatively small key sizes (as opposed to RSA for example). This paper gives an overview of some of the basic principles of ECC and then presents some well known, as well as some not-so-well known algorithms for computations that can speed up Elliptic Curve operations. The paper ends with a short overview of attacks on cryptosystems and attempts to give pointers on how to avoid
On the Efficient Generation of Elliptic Curves
"... Abstract. We present a variant of the complex multiplication method that generates elliptic curves of cryptographically strong order. Our variant is based on the computation of Weber polynomials that require significantly less time and space resources than their Hilbert counterparts. We investigate ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. We present a variant of the complex multiplication method that generates elliptic curves of cryptographically strong order. Our variant is based on the computation of Weber polynomials that require significantly less time and space resources than their Hilbert counterparts. We investigate the time efficiency and precision requirements for generating off-line Weber polynomials and its comparison to another variant based on the off-line generation of Hilbert polynomials. We also investigate the efficiency of our variant when the computation of Weber polynomials should be made on-line due to limitations in resources (e.g., hardware devices of limited space). We present trade-offs that could be useful to potential implementors of elliptic curve cryptosystems on resource-limited hardware devices. 1
