Skip to main content
SpringerLink
Log in

Efficient Ephemeral Elliptic Curve Cryptographic Keys

  • Conference paper
  • First Online:
Information Security (ISC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9290))

Included in the following conference series:

Abstract

We show how any pair of authenticated users can on-the-fly agree on an elliptic curve group that is unique to their communication session, unpredictable to outside observers, and secure against known attacks. Our proposal is suitable for deployment on constrained devices such as smartphones, allowing them to efficiently generate ephemeral parameters that are unique to any single cryptographic application such as symmetric key agreement. For such applications it thus offers an alternative to long term usage of standardized or otherwise pre-generated elliptic curve parameters, obtaining security against cryptographic attacks aimed at other users, and eliminating the need to trust elliptic curves generated by third parties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Obviously, we could have used Weber polynomials instead. Here we explain and generalize the method from [34] and therefore use Hilbert polynomials because those were the ones used in that paper.

References

  1. Aranha, D.F., Barreto, P.S.L.M., Geovandro, C.C.F.P., Ricardini, J.E.: A note on high-security general-purpose elliptic curves. IACR Cryptology ePrint Archive, 2013:647 (2013)

    Google Scholar 

  2. Atkin, A.O.L., Morain, F.: Elliptic curves and primality proving. Math. Comput. 61, 29–68 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  3. Avanzi, R.M., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman & Hall/CRC, Boca Raton (2006)

    MATH  Google Scholar 

  4. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Bernstein, D.J.: Curve25519: new diffie-hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Bernstein, D.J., Chou, T., Chuengsatiansup, C., Hülsing, A., Lange, T., Niederhagen, R., van Vredendaal, C.: How to manipulate curve standards: a white paper for the black hat. Cryptology ePrint Archive, Report 2014/571 (2014). http://eprint.iacr.org/2014/571

  7. Bernstein, D.J., Hamburg, M., Krasnova, A., Lange, T.: Elligator: elliptic-curve points indistinguishable from uniform random strings. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS 2013, pp. 967–980. ACM, New York (2013)

    Google Scholar 

  8. Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  9. Bernstein, D.J., Lange, T.L.: Safecurves: choosing safe curves for elliptic-curve cryptography

    Google Scholar 

  10. Biehl, I., Meyer, B., Müller, V.: Differential fault attacks on elliptic curve cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 131. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  11. Blaze, M., Diffie, W., Rivest, R.L., Schneier, B., Shimomura, T., Thompson, Wiener, M.: Minimal key lengths for symmetric ciphers to provide adequate commercial security, January 1996. http://www.schneier.com/paper-keylength.pdf

  12. Bos, J.W., Costello, C., Hisil, H., Lauter, K.: Fast cryptography in genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 194–210. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  13. Bos, J.W., Costello, C., Longa, P., Naehrig, M.: Selecting elliptic curves for cryptography: an efficiency and security analysis. Cryptology ePrint Archive, Report 2014/130 (2014). http://eprint.iacr.org/

  14. Bos, J.W., Costello, C., Miele, A.: Elliptic and hyperelliptic curves: a practical security analysis. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 203–220. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  15. Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, p. 335. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Certicom Research. Standards for efficient cryptography 2: Recommended elliptic curve domain parameters. Standard SEC2, Certicom (2000)

    Google Scholar 

  17. Certicom Research. Standards for efficient cryptography 1: Elliptic curve cryptography (version 2.0). Standard SEC1, Certicom (2009)

    Google Scholar 

  18. Cheon, J.H.: Security analysis of the strong diffie-hellman problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1–11. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  19. Coppersmith, D.: Modifications to the number field sieve. J. Cryptology 6(3), 169–180 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  20. Crandall, R., Pomerance, C.: Prime Numbers: A Computational Perspective. Lecture Notes in Statistics, 2nd edn. Springer, New York (2005)

    MATH  Google Scholar 

  21. Duursma, I.M., Gaudry, P., Morain, F.: Speeding up the discrete log computation on curves with automorphisms. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 103–121. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  22. Fan, J., Verbauwhede, I.: An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Naccache, D. (ed.) Cryphtography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 265–282. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  23. Fouque, P.-A., Joux, A., Tibouchi, M.: Injective encodings to elliptic curves. In: Boyd, C., Simpson, L. (eds.) ACISP. LNCS, vol. 7959, pp. 203–218. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  24. Free Software Foundation, Inc. GMP: The GNU Multiple Precision Arithmetic Library (2014). http://www.gmplib.org/

  25. Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Improving the parallelized Pollard lambda search on anomalous binary curves. Math. Comput. 69(232), 1699–1705 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  26. Google. Android NDK. https://developer.android.com/tools/sdk/ndk/index.html

  27. Google. Android SDK guide. http://developer.android.com/guide/index.html

  28. Hales, T.C.: The NSA back door to NIST. Not. AMS 61(2), 190–192 (2013)

    MathSciNet  Google Scholar 

  29. Hanrot, G., Morain, F.: Solvability by radicals from an algorithmic point of view. In: Proceedings of the 2001 International Symposium on Symbolic and Algebraic Computation, ISSAC 2001, pp. 175–182. ACM, New York (2001)

    Google Scholar 

  30. Ishii, N.: Trace of frobenius endomorphism of an elliptic curve with complex multiplication. Bull. Aust. Math. Soc. 70, 125–142 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  31. Izu, T., Takagi, T.: Exceptional procedure attack on elliptic curve cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 224–239. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  32. Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  33. Koblitz, N.: Hyperelliptic cryptosystems. J. Cryptology 1(3), 139–150 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  34. Lenstra, A.K.: Efficient identity based parameter selection for elliptic curve cryptosystems. In: Pieprzyk, J.P., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 294–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  35. Lenstra, A.K., Lenstra Jr., H.W. (eds.): The Development of the Number Field Sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Heidelberg (1993)

    MATH  Google Scholar 

  36. Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. J. Cryptology 14(4), 255–293 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  37. Lenstra, A.K., Wesolowski, B.: A random zoo: sloth, unicorn, and trx. Cryptology ePrint Archive, Report 2015/366 (2015). http://eprint.iacr.org/2015/366

  38. Lenstra Jr., H.W.: Factoring integers with elliptic curves. Ann. Math. 126(3), 649–673 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  39. Lochter, M., Merkle, J.: Elliptic curve cryptography (ECC) brainpool standard curves and curve generation. RFC 5639 (2010)

    Google Scholar 

  40. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)

    Google Scholar 

  41. Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  42. Morain, F.: Edwards curves and cm curves. Technical report (2009)

    Google Scholar 

  43. National Institute of Standards and Technology. Special publication 800–57: Recommendation for key management part 1: General (revised). http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf

  44. National Security Agency. Fact sheet NSA Suite B Cryptography (2009). http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml

  45. NIST. Workshop on Elliptic Curve Cryptography Standards 2015, June 2015. http://www.nist.gov/itl/csd/ct/ecc-workshop.cfm

  46. Oracle. Java native interface

    Google Scholar 

  47. Rajwade, A.R.: Certain classical congruences via elliptic curves. J. Lond. Math. Soc. 2(8), 60–62 (1974)

    Article  MathSciNet  MATH  Google Scholar 

  48. Rubin, K., Silverberg, A.: Choosing the correct elliptic curve in the cm method. Math. Comput. 79(269), 545–561 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  49. Satoh, T., Araki, K.: Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Commentarii Mathematici Univ. Sancti Pauli 47(1), 81–92 (1998)

    MathSciNet  MATH  Google Scholar 

  50. Schoof, R., Schoof, P.R.E.: Counting points on elliptic curves over finite fields (1995)

    Google Scholar 

  51. Semaev, I.A.: Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p. Math. Comput. 67, 353–356 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  52. Shumov, D., Ferguson, N.: On the Possibility of a Back Door in the NIST SP800-90 Dual EC PRNG (2007)

    Google Scholar 

  53. Silverman, J.H.: The Arithmetic of Elliptic Curves. Gradute Texts in Mathematics, vol. 106. Springer, New York (1986)

    MATH  Google Scholar 

  54. Smart, N.P.: The discrete logarithm problem on elliptic curves of trace one. J. Cryptology 12(3), 193–196 (1999)

    Article  MathSciNet  MATH  Google Scholar 

  55. Snow, B.: Private communication, June 2014

    Google Scholar 

  56. Stark, H.: Counting points on \(cm\) elliptic curves. Rocky Mt. J. Math. 26(3), 1115–1138 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  57. Tibouchi, M.: Elligator squared: Uniform points on elliptic curves of prime order as uniform random strings. IACR Cryptology ePrint Archive 2014:43 (2014)

    Google Scholar 

  58. U.S. Department of Commerce/National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS-186-4 (2013). http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

  59. van Wamelen, P.B.: Examples of genus two cm curves defined over the rationals. Math. Comput. 68(225), 307–320 (1999)

    Article  MathSciNet  MATH  Google Scholar 

  60. Weng, A.: Constructing hyperelliptic curves of genus 2 suitable for cryptography. Math. Comput. 72(241), 435–458 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  61. Wiener, M.J., Zuccherato, R.J.: Faster attacks on elliptic curve cryptosystems. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 190–200. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

Download references

Acknowledgement

Thanks to Adrian Antipa for bringing the strong Diffie-Hellman security requirement and additional precaution from [17, Sect. B.1] to our attention, and to René Schoof for inspiring this paper by providing the original table in [34].

Author information

Authors and Affiliations

  1. EPFL, Lausanne, Switzerland

    Andrea Miele & Arjen K. Lenstra

Authors
  1. Andrea Miele
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arjen K. Lenstra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrea Miele .

Editor information

Editors and Affiliations

  1. University of Malaga, Malaga, Spain

    Javier Lopez

  2. Royal Holloway University of London, Egham, United Kingdom

    Chris J. Mitchell

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Miele, A., Lenstra, A.K. (2015). Efficient Ephemeral Elliptic Curve Cryptographic Keys. In: Lopez, J., Mitchell, C. (eds) Information Security. ISC 2015. Lecture Notes in Computer Science(), vol 9290. Springer, Cham. https://doi.org/10.1007/978-3-319-23318-5_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23318-5_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23317-8

  • Online ISBN: 978-3-319-23318-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation