Abstract
Pollard rho and its parallelized variants are at present known as the best generic algorithms for computing discrete logarithms in groups of elliptic curves over finite fields. The \(r+h\)-mixed walk, one of the variant parallelized rho method in characteristic 2, is expected to have r times point addition operations and h times point halving operations. We observe that by reducing the randomness but increasing the ratio of h/r, the overall efficiency for parallelized rho method can be improved. Hence, we try to find the best ratio to get the best overall efficiency for parallelized rho method. And then, we provide an optimal configuration with the best overall efficiency for the parallelized rho method. Our experiments show that the optimal configuration can improve the overall efficiency of ECC2-79 by about \(36\%\). Further, we give algorithms to improve the efficiency of basic operations in \(\mathbb {F}_{2^{131}}\) and estimate that the optimal configuration can improve the overall efficiency of ECC2-131 by about \(39\%\).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ANSI X9.62-199x: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 13 January 1998
ANSI X9.63-199x: Public Key Cryptography for the Financial Services Industry: Elliptic Curve Key Agreement and Transport Protocols, 5 October 1997
Bailey, D.V., Batina, L., et al.: Breaking ECC2K-130. Cryptology ePrint Archive, Report 2009/541 (2009)
Bessalov, A.V.: A method of solution of the problem of taking the discrete logarithm on an elliptic curve by division of points by two. Cybern. Syst. Anal. 37(6), 820–823 (2001)
Certicom: Certicom ECC Challenge (2009). https://www.certicom.com/content/dam/ certicom/images/pdfs/challenge-2009.pdf
Cohen, H.: A Course in Computational Algebraic Number Theory, vol. 139. Springer, Heidelberg (1993). https://doi.org/10.1007/978-3-662-02945-9
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Fong, K., Hankerson, D., et al.: Field inversion and point halving revisited. IEEE Trans. Comput. 53(8), 1047–1059 (2004)
Gallagher, P.: Digital signature standard. Federal Information Processing Standards Publication, February 2013:186–3
Harley, R.: Elliptic curve discrete logarithms project. http://pauillac.inria.fr/~harley/ecdl/
Harris, B.: Probability distribution related to random mappings. Ann. Math. Statist. 31, 1045–1062 (1960)
Intel: Intel intrinsics guide. http://software.intel.com/sites/landingpage/IntrinsicsGuide/
Knudsen, E.W.: Elliptic scalar multiplication using point halving. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 135–149. Springer, Heidelberg (1999). https://doi.org/10.1007/978-3-540-48000-6_12
Knuth, D.E.: Seminumerical Algorithms, the Art of Computer Programming. Addison-Wesley, Boston (1997)
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
FIPS, PUB: Digital Signature Standard, Federal Information Processing Standards Publication 186. US Department of Commerce, National Institute of Standards and Technology (NIST), National Technical Information Service. Springfield, Virginia (1994)
Pollard, J.: Monte Carlo methods for index computation mod p. Math. Comput. 32(143), 918–924 (1978)
Schroeppel, R.: Elliptic curve point halving wins big. In: The 2nd Midwest Arithmetical Geometry in Cryptography Workshop, Urbana, Illinois, November 2000
Schroeppel, R.: Elliptic curve point ambiguity resolution apparatus and method. U.S. Patent 7,200,225, 3 Apr 2007
Silverman, J.H.: The Arithmetic of Elliptic Curves. GTM, vol. 106. Springer, New York (2009). https://doi.org/10.1007/978-0-387-09494-6
Teske, E.: Speeding up Pollard’s rho method for computing discrete logarithms. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 541–554. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054891
Teske, E.: On random walks for Pollard’s rho method. Math. Comput. 70(234), 809–825 (2001)
Van Oorschot, P., Wiener, M.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1–28 (1999)
Zhang, F., Wang, P.: Speeding up elliptic curve discrete logarithm computations with point halving. Des. Codes Cryptogr. 67(2), 197–208 (2013)
Acknowledgement
This work is supported by the National Key R&D Program of China (No. 2017 YFB0802500), the National Natural Science Foundation of China (No. 61672550, No. 61972429), the Natural Science Foundation of Guangdong Province of China (No. 2016A030310027, No. 2018A0303130133) and Shenzhen Technology Plan (No. JCYJ20170818144026871, JCYJ20170818140234295).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, F., Liu, Z., Wang, P., Tian, H. (2020). Improving ECDLP Computation in Characteristic 2. In: Liu, Z., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2019. Lecture Notes in Computer Science(), vol 12020. Springer, Cham. https://doi.org/10.1007/978-3-030-42921-8_32
Download citation
DOI: https://doi.org/10.1007/978-3-030-42921-8_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42920-1
Online ISBN: 978-3-030-42921-8
eBook Packages: Computer ScienceComputer Science (R0)