Abstract
We analyze the Weil descent attack of Gaudry, Hess and Smart [11] on the elliptic curve discrete logarithm problem for elliptic curves defined over finite fields of characteristic two.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
L. Adleman, J. DeMarrais and M. Huang, “A subexponential algorithm for discrete logarithms over the rational subgroup of the jacobians of large genus hyperelliptic curves over finite fields”, Algorithmic Number Theory, LNCS 877, 1994, 28–40.
D. Cantor, “Computing in the jacobian of a hyperelliptic curve”, Mathematics of Computation, 48 (1987), 95–101.
A. Enge, “The extended Euclidean algorithm on polynomials, and the efficiency of hyperelliptic cryptosystems”, Designs, Codes and Cryptography, to appear.
A. Enge and P. Gaudry, “A general framework for subexponential discrete logarithm algorithms”, Rapport de Recherche Lix/RR/00/04, June 2000. Available from http://ultralix.polytechnique.fr/Labo/Pierrick.Gaudry/papers.html
G. Frey, “How to disguise an elliptic curve (Weil descent) ”, Talk at ECC’ 98, Waterloo, 1998. Slides available from http://www.cacr.math.uwaterloo.ca/conferences/1998/ecc98/slides.html
G. Frey, “Applications of arithmetical geometry to cryptographic constructions”, Proceedings of the Fifth International Conference on Finite Fields and Applications, to appear. Also available from http://www.exp-math.uni-essen.de/zahlentheorie/preprints/Index.html
G. Frey and H. Rück, “A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves”, Mathematics of Computation, 62 (1994), 865–874.
S. Galbraith and N. Smart, “A cryptographic application of Weil descent”, Codes and Cryptography, LNCS 1746, 1999, 191–200.
R. Gallant, R. Lambert and S. Vanstone, “Improving the parallelized Pollard lambda search on binary anomalous curves”, to appear in Mathematics of Computation.
P. Gaudry, “An algorithm for solving the discrete log problem on hyperelliptic curves”, Advances in Cryptology — Eurocrypt 2000, LNCS 1807, 2000, 19–34.
P. Gaudry, F. Hess and N. Smart, “Constructive and destructive facets of Weil descent on elliptic curves”, preprint, January 2000. Available from http://ultralix.polytechnique.fr/Labo/Pierrick.Gaudry/papers.html
Internet Engineering Task Force, The OAKLEY Key Determination Protocol, IETF RFC 2412, November 1998.
N. Koblitz, “CM-curves with good cryptographic properties”, Advances in Cryptology — Crypto’ 91, LNCS 576, 1992, 279–287.
A. Menezes, T. Okamoto and S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field”, tiIEEE Transactions on Information Theory, 39 (1993), 1639–1646.
National Institute of Standards and Technology, Digital Signature Standard, FIPS Publication 186-2, February 2000.
P. van Oorschot and M. Wiener, “Parallel collision search with cryptanalytic applications”, Journal of Cryptology, 12 (1999), 1–28.
S. Paulus and A. Stein, “Comparing real and imaginary arithmetics for divisor class groups of hyperelliptic curves”, Algorithmic Number Theory, LNCS 1423, 1998, 576–591.
S. Pohlig and M. Hellman, “An improved algorithm for computing logarithms over GF(p) and its cryptographic significance”, IEEE Transactions on Information Theory, 24 (1978), 106–110.
J. Pollard, “Monte Carlo methods for index computation mod p”, Mathematics of Computation, 32 (1978), 918–924.
T. Satoh and K. Araki, “Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves”, Commentarii Mathematici Universitatis Sancti Pauli, 47 (1998), 81–92.
I. Semaev, “Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p”, Mathematics of Computation, 67 (1998), 353–356.
N. Smart, “The discrete logarithm problem on elliptic curves of trace one”, Journal of Cryptology, 12 (1999), 193–196.
J. Solinas, “Eficient arithmetic on Koblitz curves”, Designs, Codes and Cryptography, 19 (2000), 195–249.
M. Wiener and R. Zuccherato, “Faster attacks on elliptic curve cryptosystems”, Selected Areas in Cryptography, LNCS 1556, 1999, 190–200.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Heidelberg
About this paper
Cite this paper
Menezes, A., Qu, M. (1999). Analysis of the Weil Descent Attack of Gaudry, Hess and Smart. In: Naccache, D. (eds) Topics in Cryptology — CT-RSA 2001. CT-RSA 2001. Lecture Notes in Computer Science, vol 2020. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45353-9_23
Download citation
DOI: https://doi.org/10.1007/3-540-45353-9_23
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41898-6
Online ISBN: 978-3-540-45353-6
eBook Packages: Springer Book Archive