Skip to main content

Elliptic Curve Discrete Logarithm Problem

  • Reference work entry
Encyclopedia of Cryptography and Security

Related Concepts

Discrete Logarithm Problem; Elliptic Curve Cryptography

Definition

The ECDLP is a special case of the discrete logarithm problem

Background

Let E be an elliptic curve defined over a finite field \({\mathbb{F}}_{q}\), and let \(P \in E({\mathbb{F}}_{q})\) be a point of order n. Given \(Q \in \langle P\rangle\), the elliptic curve discrete logarithm problem (ECDLP) is to find the integer l, \(0 \leq l \leq n - 1\), such that Q = lP. The ECDLP is a special case of the discrete logarithm problem in which the cyclic group G is represented by the group \(\langle P\rangle\) of points on an elliptic curve. It is of cryptographic interest because its apparent intractability is the basis for the security of elliptic curve cryptography.

Theory

If the order n of the base point P is composite and its factorization is known, then the Pohlig–Hellman algorithm [19] (see the discrete logarithm problem entry) can be used to efficiently reduce the ECDLP in \(\langle P\rangle\)to...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 949.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Recommended Reading

  1. Adleman L, DeMarrais J, Huang M (1994) A subexponential algorithm for discrete logarithms over the rational subgroup of the jacobians of large genus hyperelliptic curves over finite fields. Algorithmic Number Theory—ANTS-I, Lecture Notes in Computer Science, vol 877. Springer, Berlin, pp 28–40

    Google Scholar 

  2. Diem C (in press), On the discrete logarithm problem in class groups of curves. Mathematics of Computation, to appear

    Google Scholar 

  3. Diem C (2009) On the discrete logarithm problem in elliptic curves. Preprint

    Google Scholar 

  4. Frey G (2001) Applications of arithmetical geometry to cryptographic constructions. Proceedings of the Fifth International Conference on Finite Fields and Applications, Springer, Berlin, pp 128–161

    Google Scholar 

  5. Frey G, Rück H (1994) A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math Comput 62:865–874

    MATH  Google Scholar 

  6. Gallant R, Lambert R, Vanstone S (2000) Improving the parallelized Pollard lambda search on anomalous binary curves. Math Comput 69:1699–1705

    MATH  MathSciNet  Google Scholar 

  7. Gaudry P (2000) An algorithm for solving the discrete log problem in hyperelliptic curves. Advances in cryptology—EUROCRYPT 2000, Lecture Notes in Computer Science, vol 1807. Springer, Berlin, pp 19–34

    Chapter  Google Scholar 

  8. Gaudry P (2009), Index calculus for abelian varieties and the elliptic curve discrete logarithm problem. J Symbol Computation 44(12):1690–1702

    Article  MATH  MathSciNet  Google Scholar 

  9. Gaudry P, Hess F, Smart N (2002) Constructive and destructive facets of Weil descent on elliptic curves. J Cryptol 15:19–46

    Article  MathSciNet  Google Scholar 

  10. Hess F (2004) Generalising the GHS attack on the elliptic curve discrete logarithm problem. LMS J Comput Math 7:167–192

    MATH  MathSciNet  Google Scholar 

  11. Jacobson M, Koblitz N, Silverman J, Stein A, Teske E (2000) Analysis of the xedni calculus attack. Design Codes Cryptogr 20:41–64

    Article  MATH  MathSciNet  Google Scholar 

  12. Jacobson M, Menezes A, Stein A (2001) Solving elliptic curve discrete logarithm problems using Weil descent. J Ramanujan Math Soc 16:231–260

    MATH  MathSciNet  Google Scholar 

  13. Maurer M, Menezes A, Teske E (2002) Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree. LMS J Comput Math 5:127–174

    MATH  MathSciNet  Google Scholar 

  14. Menezes A, Okamoto T, Vanstone S (1993) Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans Inf Theory 39:1639–1646

    Article  MATH  MathSciNet  Google Scholar 

  15. Menezes A, Qu M (2001) Analysis of the Weil descent attack of Gaudry, Hess and Smart. Topics in cryptology—CT-RSA 2001, Lecture Notes in Computer Science, vol 2020. Springer, Berlin, pp 308–318

    Chapter  Google Scholar 

  16. Menezes A, Teske E (2006) Cryptographic implications of Hess’ generalized GHS attack. Appl Algebr Eng Comm Comput 16:439–460

    Article  MATH  MathSciNet  Google Scholar 

  17. Menezes A, Teske E, Weng A (2004) Weak fields for ECC. Topics in cryptology–CT-RSA 2004, Lecture Notes in Computer Science, vol 2964. Springer, Berlin, pp 366–386

    Chapter  Google Scholar 

  18. Miller V (1986) Use of elliptic curves in cryptography. Advances in cryptology—CRYPTO ’85, Lecture Notes in Computer Science, vol 218. Springer, Berlin, pp 417–426

    Chapter  Google Scholar 

  19. Pohlig S, Hellman M (1978) An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans Inf Theory 24, 106–110

    Article  MATH  MathSciNet  Google Scholar 

  20. Pollard J (1978) Monte Carlo methods for index computation (mod p). Math Comput 32:918–924

    MATH  MathSciNet  Google Scholar 

  21. Satoh T, Araki K (1998) Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Comment Math Universitat Sancti Pauli 47:81–92

    MATH  MathSciNet  Google Scholar 

  22. Semaev I (1998) Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p. Math Comput 67:353–356

    Article  MATH  MathSciNet  Google Scholar 

  23. Silverman J (2000) The xedni calculus and the elliptic curve discrete logarithm problem. Design Codes Cryptogr 20:5–40

    Article  MATH  Google Scholar 

  24. Silverman J, Suzuki J (1998) Elliptic curve discrete logarithms and the index calculus. Advances in cryptology—ASIACRYPT ’98, Lecture Notes in Computer Science, vol 1514. Springer, Berlin, pp 110–125

    Google Scholar 

  25. Smart N (1999) The discrete logarithm problem on elliptic curves of trace one. J Cryptol 12:193–196

    Article  MATH  MathSciNet  Google Scholar 

  26. Teske E (1998) Speeding up Pollard’s rho method for computing discrete logarithms. Algorithmic number theory—ANTS-III, Lecture Notes in Computer Science, vol 1423. Springer, Berlin, pp 541–554

    Chapter  Google Scholar 

  27. van Oorschot P, Wiener W (1998) Parallel collision search with cryptanalytic applications. J Cryptol 12:1–28

    Article  Google Scholar 

  28. Wiener M, Zuccherato R (1999) Faster attacks on elliptic curve cryptosystems. Selected Areas in Cryptography—SAC ’98, Lecture Notes in Computer Science 1556:190–200, Springer, Berlin

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

Hankerson, D., Menezes, A. (2011). Elliptic Curve Discrete Logarithm Problem. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_246

Download citation

Publish with us

Policies and ethics