Abstract
We consider the generation of prime order elliptic curves (ECs) over a prime field \(\mathbb{F}_p\) using the Complex Multiplication (CM) method. A crucial step of this method is to compute the roots of a special type of class field polynomials with the most commonly used being the Hilbert and Weber ones, uniquely determined by the CM discriminant D. In attempting to construct prime order ECs using Weber polynomials two difficulties arise (in addition to the necessary transformations of the roots of such polynomials to those of their Hilbert counterparts). The first one is that the requirement of prime order necessitates that D ≡ 3 (mod 8), which gives Weber polynomials with degree three times larger than the degree of their corresponding Hilbert polynomials (a fact that could affect efficiency). The second difficulty is that these Weber polynomials do not have roots in \(\mathbb{F}_p\). In this paper we show how to overcome the above difficulties and provide efficient methods for generating ECs of prime order supported by a thorough experimental study. In particular, we show that such Weber polynomials have roots in \(\mathbb{F}_{p^3}\) and present a set of transformations for mapping roots of Weber polynomials in \(\mathbb{F}_{p^3}\) to roots of their corresponding Hilbert polynomials in \(\mathbb{F}_{p}\). We also show how a new class of polynomials, with degree equal to their corresponding Hilbert counterparts (and hence having roots in \(\mathbb{F}_{p}\)), can be used in the CM method to generate prime order ECs. Finally, we compare experimentally the efficiency of using this new class against the use of the aforementioned Weber polynomials.
This work was partially supported by the Action IRAKLITOS (Fellowships for Research in the University of Patras) with matching funds from EC and the Greek Ministry of Education.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Atkin, A.O.L., Morain, F.: Elliptic curves and primality proving. Mathematics of Computation 61, 29–67 (1993)
Baier, H.: Elliptic Curves of Prime Order over Optimal Extension Fields for Use in Cryptography. In: Pandu Rangan, C., Ding, C. (eds.) INDOCRYPT 2001. LNCS, vol. 2247, pp. 99–107. Springer, Heidelberg (2001)
Baier, H.: Efficient Algorithms for Generating Elliptic Curves over Finite Fields Suitable for Use in Cryptography, PhD Thesis, Dept. of Computer Science, Technical Univ. of Darmstadt (May 2002)
Berlekamp, E.R.: Factoring polynomials over large finite fields. Mathematics of Computation 24, 713–735 (1970)
Blake, I., Seroussi, G., Smart, N.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (1999)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Cohen, H.: A Course in Computational Algebraic Number Theory. Graduate Texts in Mathematics, vol. 138. Springer, Berlin (1993)
Cox, D.A.: Primes of the form x 2 + ny 2. John Wiley and Sons, New York (1989)
Enge, A., Morain, F.: Comparing invariants for class fields of imaginary quadratic fields. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 252–266. Springer, Heidelberg (2002)
Enge, A., Schertz, R.: Constructing elliptic curves from modular curves of positive genus, Preprint (2003)
Galbraith, S., McKee, J.: The probability that the number of points on an elliptic curve over a finite field is prime. Journal of the London Mathematical Society 62(3), 671–684 (2000)
GNU multiple precision library, edn. 3.1.1 (September 2000), Available at http://www.swox.com/gmp
IEEE P1363/D13, Standard Specifications for Public-Key Cryptography (1999), http://grouper.ieee.org/groups/1363/tradPK/draft.html
Kaltofen, E., Yui, N.: Explicit construction of the Hilbert class fields of imaginary quadratic fields by integer lattice reduction. Research Report 89-13, Rensselaer Polytechnic Institute (May 1989)
Konstantinou, E., Stamatiou, Y., Zaroliagis, C.: On the Efficient Generation of Elliptic Curves over Prime Fields. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 333–348. Springer, Heidelberg (2003)
Konstantinou, E., Stamatiou, Y.C., Zaroliagis, C.: On the Construction of Prime Order Elliptic Curves. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 309–322. Springer, Heidelberg (2003)
Lay, G.J., Zimmer, H.: Constructing Elliptic Curves with Given Group Order over Large Finite Fields. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 250–263. Springer, Heidelberg (1994)
Menezes, A.J., Okamoto, T., Vanstone, S.A.: Reducing elliptic curve logarithms to a finite field. IEEE Trans. Info. Theory 39, 1639–1646 (1993)
Miyaji, A., Nakabayashi, M., Takano, S.: Characterization of Elliptic Curve Traces under FR-reduction. In: Won, D. (ed.) ICISC 2000. LNCS, vol. 2015, pp. 90–108. Springer, Heidelberg (2001)
Miyaji, A., Nakabayashi, M., Takano, S.: New explicit conditions of elliptic curve traces for FR-reduction. IEICE Transactions on Fundamentals E84-A(5), 1234-1243 (2001)
Morain, F.: Modular curves and class invariants, Preprint (June 2000)
Morain, F.: Computing the cardinality of CM elliptic curves using torsion points, Preprint (October 2002)
Nogami, Y., Morikawa, Y.: Fast generation of elliptic curves with prime order over \(F_{p^{2^c}}\). In: Proc. of the International workshop on Coding and Cryptography (March 2003)
Pohlig, G.C., Hellman, M.E.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Info. Theory 24, 106–110 (1978)
Satoh, T., Araki, K.: Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Comm. Math. Univ. Sancti Pauli 47, 81–91 (1998)
Savaş, E., Schmidt, T.A., Koç, Ç.K.: Generating Elliptic Curves of Prime Order. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 145–161. Springer, Heidelberg (2001)
Schertz, R.: Weber’s class invariants revisited. Journal de Théorie des Nombres de Bordeaux 4, 325-343 (2002)
Schoof, R.: Counting points on elliptic curves over finite fields. J. Theorie des Nombres de Bordeaux 7, 219–254 (1995)
Scott, M., Barreto, P.S.L.M.: Generating more MNT elliptic curves, Cryptology ePrint Archive, Report 2004/058 (2004)
Silverman, J.H.: The Arithmetic of Elliptic Curves. GTM 106. Springer, Heidelberg (1986)
Stewart, I.: Galois Theory, 3rd edn. Chapman & Hall/CRC, Boca Raton (2004)
Stewart, I., Tall, D.: Algebraic Number Theory, 2nd edn. Chapman & Hall, London (1987)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Konstantinou, E., Kontogeorgis, A., Stamatiou, Y.C., Zaroliagis, C. (2005). Generating Prime Order Elliptic Curves: Difficulties and Efficiency Considerations. In: Park, Cs., Chee, S. (eds) Information Security and Cryptology – ICISC 2004. ICISC 2004. Lecture Notes in Computer Science, vol 3506. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11496618_20
Download citation
DOI: https://doi.org/10.1007/11496618_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26226-8
Online ISBN: 978-3-540-32083-8
eBook Packages: Computer ScienceComputer Science (R0)