Elliptic curve discrete logarithm problem over small degree extension fields

Journal of Cryptology

Volumn 26, Issue 1, 2013, Pages 119-143

  Joux, Antoine ^a,b   Vitse, Vanessa ^b  

^a Delegation Generale pour l'Armement   (France)

^b UNIVERSITY OF VERSAILLES   (France)

Author keywords

Discrete logarithm problem (DLP); Elliptic curve; Gr bner basis computation; Index calculus; Static Diffie Hellman problem (SDHP); Summation polynomials

Indexed keywords

GEOMETRY;

ASYMPTOTIC COMPLEXITY; DIFFIE-HELLMAN PROBLEM; DISCRETE LOGARITHM PROBLEMS; DISCRETE LOGARITHMS; ELLIPTIC CURVE; ELLIPTIC CURVE DISCRETE LOGARITHM PROBLEMS; EXTENSION FIELD; INDEX CALCULUS;

CALCULATIONS;

EID: 84878520685     PISSN: 09332790     EISSN: 14321378     Source Type: Journal    
DOI: 10.1007/s00145-011-9116-z     Document Type: Article

References (46)

1. M. Bardet, Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie. PhD thesis, Université Pierre et Marie Curie, Paris VI, 2004
2. M. Bardet, J.-C. Faugère, B. Salvy, B.-Y. Yang, Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. Presented at MEGA'05, Eighth International Symposium on Effective Methods in Algebraic Geometry, 2005
3. E. Becker, M.G. Marinari, T. Mora, C. Traverso, The shape of the shape lemma, in Proceedings of ISSAC'94, Oxford, 1994 (ACM, New York, 1994), pp. 129-133
4. L. Bettale, J.-C. Faugère, L. Perret, Hybrid approach for solving multivariate systems over finite fields. J. Math. Cryptol. 3(3), 177-197 (2010)
5. W. Bosma, J. Cannon, C. Playoust, The Magma algebra system. I. The user language. J. Symb. Comput. 24(3-4), 235-265 (1997). Computational algebra and number theory (London, 1993)
6. D.R.L. Brown, R.P. Gallant, The static Diffie-Hellman problem. Cryptology ePrint Archive, Report 2004/306, 2004
7. B. Buchberger, Gröbner bases: an algorithmic method in polynomial ideal theory, in Multidimensional Systems Theory, Progress, Directions and Open Problems, ed. by N. Bose. Math. Appl., vol. 16 (Reidel, Dordrecht, 1985), pp. 184-232
8. H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, F. Vercauteren (eds.), Handbook of Elliptic and Hyperelliptic Curve Cryptography. Discrete Mathematics and Its Applications (Chapman & Hall/CRC, Boca Raton, 2006)
9. A. Colin, Solving a system of algebraic equations with symmetries. J. Pure Appl. Algebra 117/118, 195-215 (1997)
10. D. Cox, J. Little, D. O'Shea, Ideals, Varieties, and Algorithms, 3rd edn. Undergraduate Texts in Mathematics (Springer, New York, 2007)
11. C. Diem, On the discrete logarithm problem in elliptic curves. Compos. Math. 147(1), 75-104 (2011)
12. W. Diffie, M.E. Hellman, New directions in cryptography. IEEE Trans. Inf. Theory IT-22(6), 644-654 (1976)
13. C. Eder, J. Perry, F5C: a variant of Faugère's F5 algorithm with reduced Gröbner bases. J. Symb. Comput. 45(12), 1442-1458 (2010)
14. T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, in Advances in Cryptology - CRYPTO 1984. Lecture Notes in Comput. Sci., vol. 196 (Springer, Berlin, 1985), pp. 10-18
15. J.-C. Faugère, A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139(1-3), 61-88 (1999)
16. J.-C. Faugère, A new efficient algorithm for computing Gröbner bases without reduction to zero (F5), in Proceedings of ISSAC'02 (ACM, New York, 2002), pp. 75-83
17. J.-C. Faugère, L. Perret, Algebraic cryptanalysis of Curry and Flurry using correlated messages, in Inscrypt 2009, ed. by M. Yung, F. Bao, vol. 6151 (Springer, Berlin, 2010), pp. 266-277
18. J.-C. Faugère, P. Gianni, D. Lazard, T. Mora, Efficient computation of zero-dimensional Gröbner bases by change of ordering. J. Symb. Comput. 16(4), 329-344 (1993)
19. G. Frey, H.-G. Rück, A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Math. Comput. 62(206), 865-874 (1994)
20. P. Gaudry, Index calculus for abelian varieties of small dimension and the elliptic curve discrete logarithm problem. J. Symb. Comput. 44(12), 1690-1702 (2008)
21. P. Gaudry, F. Hess, N.P. Smart, Constructive and destructive facets of Weil descent on elliptic curves. J. Cryptol. 15(1), 19-46 (2002)
22. P. Gaudry, E. Thomé, N. Thériault, C. Diem, A double large prime variation for small genus hyperelliptic index calculus. Math. Comput. 76, 475-492 (2007)
23. R. Gebauer, H.M. Möller, On an installation of Buchberger's algorithm. J. Symb. Comput. 6(2-3), 275-286 (1988)
24. R. Granger, On the static Diffie-Hellman problem on elliptic curves over extension fields, in Advances in Cryptology - ASIACRYPT 2010. Lecture Notes in Comput. Sci., vol. 6477 (2010), pp. 283-302
25. R. Granger, A. Joux, V. Vitse, New timings for oracle-assisted SDHP on the IPSEC Oakley 'Well Known Group' 3 curve. Announcement on the NBRTHRY mailing list, July 2010. http://listserv.nodak.edu/archives/nmbrthry.html
26. F. Hess, Weil descent attacks, in Advances in Elliptic Curve Cryptography. London Math. Soc. Lecture Note Ser., vol. 317 (Cambridge Univ. Press, Cambridge, 2005), pp. 151-180
27. A. Joux, V. Vitse, A variant of the F4 algorithm, in Topics in Cryptology - CT-RSA 2011, ed. by A. Kiayias. Lecture Notes in Comput. Sci., vol. 6558 (Springer, Berlin, 2011), pp. 356-375
28. A. Joux, R. Lercier, D. Naccache, E. Thomé, Oracle assisted static Diffie-Hellman is easier than discrete logarithms, in IMA Int. Conf, ed. by M.G. Parker. Lecture Notes in Comput. Sci., vol. 5921 (Springer, Berlin, 2009), pp. 351-367
29. N. Koblitz, Elliptic curve cryptosystems. Math. Comput. 48(177), 203-209 (1987)
30. N. Koblitz, A. Menezes, Another look at non-standard discrete log and Diffie-Hellman problems. J. Math. Cryptol. 2(4), 311-326 (2008)
31. D. Lazard, Gröbner bases, Gaussian elimination and resolution of systems of algebraic equations, in Computer Algebra, London, 1983. Lecture Notes in Comput. Sci., vol. 162 (Springer, Berlin, 1983), pp. 146-156
32. A.J. Menezes, T. Okamoto, S.A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans. Inf. Theory 39(5), 1639-1646 (1993)
33. V.S. Miller, Use of elliptic curves in cryptography, in Advances in Cryptology - CRYPTO 1985. Lecture Notes in Comput. Sci., vol. 218 (Springer, Berlin, 1986), pp. 417-426
34. V.S. Miller, The Weil pairing, and its efficient calculation. J. Cryptol. 17(4), 235-261 (2004)
35. S. Pohlig, M. Hellman, An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Inf. Theory IT-24, 106-110 (1978)
36. J.M. Pollard, Monte Carlo methods for index computation (modp). Math. Comput. 32(143), 918-924 (1978)
37. J.M. Pollard, Kangaroos, monopoly and discrete logarithms. J. Cryptol. 13(4), 437-447 (2000)
38. T. Satoh, K. Araki, Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Comment. Math. Univ. St. Pauli 47(1), 81-92 (1998)
39. I.A. Semaev, Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p. Math. Comput. 67(221), 353-356 (1998)
40. I.A. Semaev, Summation polynomials and the discrete logarithm problem on elliptic curves. Cryptology ePrint Archive, Report 2004/031, 2004
41. D. Shanks, Class number, a theory of factorization, and genera, in 1969 Number Theory Institute (Proc. Sympos. Pure Math., Vol. XX, State Univ. New York, Stony Brook, N.Y., 1969) (Amer. Math. Soc., Providence, 1971), pp. 415-440
42. J.H. Silverman, The Arithmetic of Elliptic Curves. Graduate Texts in Mathematics, vol. 106 (Springer, New York, 1986)
43. N.P. Smart, The discrete logarithm problem on elliptic curves of trace one. J. Cryptol. 12(3), 193-196 (1999)
44. N. Thériault, Index calculus attack for hyperelliptic curves of small genus, in Advances in Cryptology - ASIACRYPT 2003, ed. by Heidelberg. Lecture Notes in Comput. Sci., vol. 2894 (Springer, Berlin, 2003), pp. 75-92
45. N.M. Thiéry, Computing minimal generating sets of invariant rings of permutation groups with SAGBI-Gröbner basis, in DM-CCG 2001, ed. by R. Cori, J. Mazoyer, M. Morvan, R. Mosseri. DMTCS Proceedings, vol. AA (2001), pp. 315-328
46. J. von zur Gathen, J. Gerhard, Modern Computer Algebra, 2nd edn. (Cambridge University Press, Cambridge, 2003)