Advertisement

Elliptic Curve Cryptosystems

  • Ian F. Blake
  • XuHong Gao
  • Ronald C. Mullin
  • Scott A. Vanstone
  • Tomik Yaghoobian
Chapter
Part of the The Springer International Series in Engineering and Computer Science book series (SECS, volume 199)

Abstract

As we have seen in Section 6.1, the elements of a finite cyclic group G may be used to implement several cryptographic schemes, provided that finding logarithms of elements in G is infeasible. We may take G to be a cyclic subgroup of E(F q ), the group of F q -rational points of an elliptic curve defined over F q ; this was first suggested by N. Koblitz [10] and V. Miller [17]. Since the addition in this group is relatively simple, and moreover the discrete logarithm problem in G is believed to be intractable, elliptic curve cryptosystems have the potential to provide security equivalent to that of existing public key schemes, but with shorter key lengths. Having short key lengths is a factor that can be crucial in some applications, for example the design of smart card systems.

Keywords

Elliptic Curve Elliptic Curf Logarithm Problem Discrete Logarithm Discrete Logarithm Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    G. Agnew, T. Beth, R. Mullin and S. Vanstone, Arithmetic operations in GF(2 m ), J. of Cryptology, to appear.Google Scholar
  2. [2]
    G. Agnew, R. Mullin, I. Onyszchuk and S. Vanstone, “An. implementation for a fast public key cryptosystem”, J. of Cryptology, 3 (1991), 63–79.MathSciNetMATHCrossRefGoogle Scholar
  3. [3]
    M. Ben-Or, “Probabilistic algorithms in finite fields”, 22nd Annual Symposium on Foundations of Computer Science (1981), 394–398.Google Scholar
  4. [4]
    D. Coppersmith, “Fast evaluation of logarithms in fields of characteristic two”, IEEE Trans. Info. Th., 30 (1984), 587–594.MathSciNetMATHCrossRefGoogle Scholar
  5. [5]
    D. Coppersmith, A. Odlyzko and R. Schroeppel, “Discrete logarithms in Gf(p)”, Algorithmica, 1 (1986), 1–15.MathSciNetMATHCrossRefGoogle Scholar
  6. [6]
    T. Elgamal, “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Trans. Info. Th., 31 (1985), 469–472.MathSciNetMATHCrossRefGoogle Scholar
  7. [7]
    T. Elgamal, “A subexponential-time algorithm for computing discrete logarithms over Gf(p 2)”, IEEE Trans. Info. Th., 31 (1985), 473–481.MathSciNetCrossRefGoogle Scholar
  8. [8]
    D. Husemoller, Elliptic Curves, Springer-Verlag, New York, 1987.MATHGoogle Scholar
  9. [9]
    B. Kaliski, Elliptic Curves and Cryptography: A PseudorAndom Bit Generator and other Tools, Ph.D. thesis, M.I.T., January 1988.Google Scholar
  10. [10]
    N. Koblitz, “Elliptic curve cryptosystems”, Math. Comp., 48 (1987), 203–209.MathSciNetMATHCrossRefGoogle Scholar
  11. [11]
    N. Koblitz, “Constructing elliptic curve cryptosystems in characteristic 2”, Advances in Cryptology: Proceedings of Crypto ’90, Lecture Notes in Computer Science, 537 (1991), Springer-Verlag, 156–167.Google Scholar
  12. [12]
    N. Koblitz, “Elliptic curve implementation of zero-knowledge blobs”, J. of Cryptology, 4 (1991), 207–213.MathSciNetMATHCrossRefGoogle Scholar
  13. [13]
    N. Koblitz, “Cm-Curves with good cryptographic properties”, Advances in Cryptology: Proceedings of Crypto ’91, Lecture Notes in Computer Science, 576 (1992), Springer-Verlag, 279–287.Google Scholar
  14. [14]
    A. Lenstra, H.W. Lenstra, M. Manasse and J. Pollard, “The number field sieve” , Proceedings of the 22nd Annual Acm Symposium on Theory of Computing (1990), 564–572.Google Scholar
  15. [15]
    A. Menezes, T. Okamoto and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field”, Proceedings of the 23rd Annual Acm Symposium on Theory of Computing (1991), 80–89.Google Scholar
  16. [16]
    A. Menezes, S. Vanstone and R. Zuccherato, “Counting points on elliptic curves over F2m”, Math. Comp., to appear.Google Scholar
  17. [17]
    V. Miller, “Uses of elliptic curves in cryptography”, Advances in Cryptology: Proceedings of Crypto ’85, Lecture Notes in Computer Science, 218 (1986), Springer-Verlag, 417–426.Google Scholar
  18. [18]
    V. Miller, “Short programs for functions on curves”, unpublished manuscript, 1986.Google Scholar
  19. [19]
    A. Odlyzko, “Discrete logarithms and their cryptographic significance”, in Advances in Cryptology: Proceedings of Eurocrypt ’84, Lecture Notes in Computer Science, 209 (1985), Springer-Verlag, 224–314.Google Scholar
  20. [20]
    C. Pomerance, “Fast, rigorous factorization and discrete logarithms al-gorithms”, in Discrete Algorithms and Complexity, Academic Press, 1987, 119–143.Google Scholar
  21. [21]
    J. Rosser and L. Schoenfield, “Approximate formulas for some functions of prime numbers”, Illinois J. Math., 6 (1962), 64–94.MathSciNetMATHGoogle Scholar
  22. [22]
    R.J. Schoof, “Elliptic curves over finite fields and the computation of square roots mod p”, Math. Comp., 44 (1985), 483–494.MathSciNetMATHGoogle Scholar
  23. [23]
    J. Silverman, The Arithmetic of Elliptic Curves, Springer-Verlag, New York, 1986.MATHCrossRefGoogle Scholar
  24. [24]
    R. Silverman, “The multiple polynomial quadratic sieve”, Math. Comp., 48 (1987), 329–339.MathSciNetMATHCrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 1993

Authors and Affiliations

  • Ian F. Blake
    • 1
  • XuHong Gao
    • 1
  • Ronald C. Mullin
    • 1
  • Scott A. Vanstone
    • 1
  • Tomik Yaghoobian
    • 1
  1. 1.University of WaterlooCanada

Personalised recommendations