Elliptic and hyperelliptic curves: A practical security analysis

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8383 LNCS, Issue , 2014, Pages 203-220

  Bos, Joppe W ^a   Costello, Craig ^a   Miele, Andrea ^b  

^a MICROSOFT RESEARCH   (United States)

^b EPFL   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; BINARY SEQUENCES; COMPUTER PROGRAMMING; PUBLIC KEY CRYPTOGRAPHY;

AUTOMORPHISM GROUPS; BEST-KNOWN ALGORITHMS; DISCRETE LOGARITHM PROBLEMS; HYPER-ELLIPTIC CURVES; SECURITY ANALYSIS; SECURITY LEVEL; SOFTWARE FRAMEWORKS; SYSTEMATIC SECURITY;

GEOMETRY;

EID: 84958528585     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-54631-0_12     Document Type: Conference Paper

References (39)

1. Aranha, D.F., Karabina, K., Longa, P., Gebotys, C.H., López, J.: Faster explicit formulas for computing pairings over ordinary curves. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 48-68. Springer, Heidelberg (2011
2. Bailey, D.V., Batina, L., Bernstein, D.J., Birkner, P., Bos, J.W., Chen, H.-C., Cheng, C.-M., van Damme, G., de Meulenaer, G., Perez, L.J.D., Fan, J., Güneysu, T., Gurkaynak, F., Kleinjung, T., Lange, T., Mentens, N., Niederhagen, R., Paar, C., Regazzoni, F., Schwabe, P., Uhsadel, L., Herrewege, A.V., Yang, B.-Y.: Breaking ECC2K-130. Cryptology ePrint Archive, Report 2009/541 (2009), http://eprint.iacr.org/2009/541
3. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319-331. Springer, Heidelberg (2006
4. Bernstein, D.J.: Curve25519: New Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207-228. Springer, Heidelberg (2006
5. Bernstein, D.J.: Elliptic vs. Hyperelliptic, part I. Talk at the ECC (September 2006), slides at http://cr.yp.to/talks/2006.09.20/slides.pdf
6. Bernstein, D.J., Lange, T., Schwabe, P.: On the correct use of the negation map in the Pollard rho method. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 128-146. Springer, Heidelberg (2011
7. Bos, J.W., Costello, C., Hisil, H., Lauter, K.: Fast cryptography in genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 194-210. Springer, Heidelberg (2013
8. Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: Solving a 112-bit prime elliptic curve discrete logarithm problem on game consoles using sloppy reduction. International Journal of Applied Cryptography 2(3), 212-228 (2012
9. Bos, J.W., Kleinjung, T., Lenstra, A.K.: On the use of the negation map in the Pollard rho method. In: Hanrot, G., Morain, F., Thomé;, E. (eds.) ANTS-IX. LNCS, vol. 6197, pp. 66-82. Springer, Heidelberg (2010
10. Brent, R.P., Pollard, J.M.: Factorization of the eighth Fermat number. Mathematics of Computation 36(154), 627-630 (1981
11. Buhler, J., Koblitz, N.: Lattice basis reduction, Jacobi sums and hyperelliptic cryptosystems. Bull. Australian Math. Soc. 58(1), 147-154 (1998
12. Certicom. Press release: Certicom announces elliptic curve cryptosystem (ECC) challenge winner (2002), http://www.certicom.com/index.php/2002-press- releases/ 38-2002-press-releases/340-notre-dame-mathematician-solves-eccp -109-encryption-key-problem-issued-in-1997
13. Certicom Research. Standards for efficient cryptography 2: Recommended elliptic curve domain parameters. Standard SEC2, Certicom (2000
14. Costello, C., Lauter, K.: Group law computations on Jacobians of hyperelliptic curves. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 92-117. Springer, Heidelberg (2012
15. Duursma, I.M., Gaudry, P., Morain, F.: Speeding up the discrete log computation on curves with automorphisms. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 103-121. Springer, Heidelberg (1999
16. Galbraith, S.D.: Mathematics of public key cryptography. Cambridge University Press (2012
17. Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. J. Cryptology 24(3), 446-469 (2011
18. Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190-200. Springer, Heidelberg (2001
19. Gaudry, P., Kohel, D.R., Smith, B.A.: Counting points on genus 2 curves with real multiplication. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 504-519. Springer, Heidelberg (2011
20. Gaudry, P., Schost, É.: Genus 2 point counting over prime fields. J. Symb. Comput. 47(4), 368-400 (2012
21. Geovandro, C.C.F.P., Simplício Jr., M.A., Naehrig, M., Barreto, P.S.L.M.: A family of implementation-friendly BN elliptic curves. Journal of Systems and Software 84(8), 1319-1326 (2011
22. Harley, R.: Elliptic curve discrete logarithms project, http://pauillac.inria.fr/~harley/
23. Harris, B.: Probability distributions related to random mappings. The Annals of Mathematical Statistics 31, 1045-1062 (1960
24. Hisil, H.: Elliptic curves, group law, and efficient computation. PhD thesis (2010
25. Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48(177), 203-209 (1987
26. Koblitz, N.: Hyperelliptic cryptosystems. Journal of Cryptology 1(3), 139-150 (1989
27. Lange, T.: Elliptic vs. Hyperelliptic, part II. Talk at the ECC (September 2006), slides at http://www.hyperelliptic.org/tanja/vortraege/ECC-06. ps
28. Longa, P., Sica, F.: Four-dimensional Gallant-Lambert-Vanstone scalar multiplication. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 718-739. Springer, Heidelberg (2012
29. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417-426. Springer, Heidelberg (1986
30. Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243-264 (1987
31. Nagao, K.: Improving group law algorithms for Jacobians of hyperelliptic curves. In: Bosma, W. (ed.) ANTS-IV. LNCS, vol. 1838, pp. 439-447. Springer, Heidelberg (2000
32. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2009), http://bitcoin.org/bitcoin.pdf
33. Pollard, J.M.: Monte Carlo methods for index computation (mod p). Mathematics of Computation 32(143), 918-924 (1978
34. Smith, B.A.: Families of fast elliptic curves from Q-curves. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 61-78. Springer, Heidelberg (2013
35. Teske, E.: On random walks for Pollard's rho method. Mathematics of Computation 70(234), 809-825 (2001
36. U.S. Department of Commerce/National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS-186-4 (2013), http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
37. Van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. Journal of Cryptology 12(1), 1-28 (1999
38. Walter, C.D.: Montgomery exponentiation needs no final subtractions. Electronics Letters 35(21), 1831-1832 (1999
39. Wiener, M.J., Zuccherato, R.J.: Faster attacks on elliptic curve cryptosystems. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 190-200. Springer, Heidelberg (1999