Abstract
Recently, a method, reducing the elliptic curve discrete logarithm problem(EDLP) to the discrete logarithm problem(DLP) in a finite field, was proposed. But this reducing is valid only when Weil pairing can be defined over the m-torsion group which includes the base point of EDLP. If an elliptic curve is ordinary, there exists EDLP to which we cannot apply the reducing. In this paper, we investigate the condition for which this reducing is invalid. We show the next two main results.
(1) For any elliptic curve E defined over F 2 r, we can reduce EDLP on E, in an expected polynomial time, to EDLP that we can apply the MOV reduction to and whose size is same as or less than the original EDLP. (2) For an ordinary elliptic curve E defined over F p (p is a large prime), EDLP on E cannot be reduced to DLP in any extension field of F p by any embedding. We also show an algorithm that constructs such ordinary elliptic curves E defined over F p that makes reducing EDLP on E to DLP by embedding impossible.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
A. O. L. Atkin and F. Morain, “Elliptic curves and primality proving”, Research Report 1256, INRIA, Juin 1990. Submitted to Math. Comp.
A. Bender and G. Castagnoli, “On the implementation of elliptic curve cryptosystems”, Advances in Cryptology — Proceedings of Crypto '89, Lecture Notes in Computer Science, 435 (1990), Springer-Verlag, 186–192.
T. Beth and F. Schaefer, “Non supersingular elliptic curves for public key cryptosystems”, Abstracts for Eurocrypto 91, Brighton, U.K. 155–159.
M. Deuring, “Die Typen der Multiplikatorenringe elliptischer Funktionenkörper”, Abh. Math. Sem. Hamburg 14 (1941), 197–272.
N. Koblitz, “Elliptic curve cryptosystems”, Math. Comp. 48(1987), 203–209.
N. Koblitz, “A course in Number Theory and Cryptography”, GTM114, Springer-Verlag, New York(1987).
S. Lang, “Algebraic Number Theory”, GTM110, Springer-Verlag, New York(1986).
S. Lang, “Elliptic Functions”, Addison-Wesley, 1973.
V. S. Miller, “Use of elliptic curves in cryptography”, Advances in Cryptology-Proceedings of Crypto'85, Lecture Notes in Computer Science, 218 (1986), Springer-Verlag, 417–426.
A. Menezes and S. Vanstone, “The implementaion of elliptic curve cryptosystems”, Advances in Cryptology — Proceedings of Auscrypt'90, Lecture Notes in Computer Science, 453(1990), Springer-Verlag, 2–13.
F. Morain, “Building cyclic elliptic curves modulo large primes”, Abstracts for Eurocrypto91, Brighton, U.K. 160–164.
A. Menezes, S. Vanstone and T. Okamoto, “Reducing elliptic curve logarithms to logarithms in a finite field”, to appear in Proc. STOC'91.
P. Ribenboim, “The book of prime number records”, Springer-Verlag, New-York, 1988.
J. H. Silverman, “The Arithmetic of Elliptic Curves”, GTM106, Springer-Verlag, New York, 1986
H. Shizuya, T. Itoh and K. Sakurai, “On the Complexity of Hyperelliptic Discrete Logarithm Problem”, Proc. Eurocrypt'91, Lecture Notes in Computer Science, Springer-Verlag (to appear).
T. Takagi, “Syotou seisuuronn kougi”, Kyouritu Syuppan.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Miyaji, A. (1993). On ordinary elliptic curve cryptosystems. In: Imai, H., Rivest, R.L., Matsumoto, T. (eds) Advances in Cryptology — ASIACRYPT '91. ASIACRYPT 1991. Lecture Notes in Computer Science, vol 739. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-57332-1_39
Download citation
DOI: https://doi.org/10.1007/3-540-57332-1_39
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57332-6
Online ISBN: 978-3-540-48066-2
eBook Packages: Springer Book Archive