Skip to main content

Advertisement

Springer Nature Link
Log in

The efficiency of solving multiple discrete logarithm problems and the implications for the security of fixed elliptic curves

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

This paper examines the cryptographic security of fixed versus random elliptic curves over GF(p). It assumes a precomputation for use in breaking the elliptic curve discrete logarithm problem (ecdlp) can be made for fixed curves. A lower bound for the efficiency of a variation of Pollard’s rho method for solving multiple ecdlps is presented, as well as an approximation of the expected time remaining to solve an ecdlp when a given size of precomputation is available. We conclude that adding 4 bits to the order of a fixed curve to avoid general software attacks plus 6 bits to avoid attacks on curves with special properties provides equivalent security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Blake I, Seroussi G, Smart N (1999) Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol 265. Cambridge University Press, Cambridge

  2. Brown M, Hankerson D, López J, Menezes A (2001) Software implementation of the NIST elliptic curves over prime fields. In: Topics in Cryptology – CT-RSA 2001. Lecture notes in computer science, vol 2020. Springer, Berlin Heidelberg New York, pp 250–265

  3. Gradshteyn IS, Ryzhik IM (1994) Table of integrals, series, and products, 5th edn. Academic, San Diego

  4. Greenspan HP, Benny DJ (1973) Calculus: an introduction to applied mathematics. McGraw-Hill Kogakusha, Tokyo, International student edition

  5. Hasegawa T, Nakajima J, Matsui M (1998) A practical implementation of elliptic curve cryptosystems over GF(p) on a 16-bit microcomputer. In: Practice and Theory in Public Key Cryptography – PKC ’98. Lecture notes in computer science, vol 1431. Springer, Berlin Heidelberg New York, pp 182–194

  6. Hitchcock Y, Montague P, Carter G, Dawson E (2003) The security of fixed versus random elliptic curves in cryptography. In: Australasian Conference on Information Security and Privacy – ACISP 2003. Lecture notes in computer science, vol 2727. Springer, Berlin Heidelberg New York, pp 55–66

  7. Huang M-DA, Kueh KL, Tan K-S (2000) Lifting elliptic curves and solving the elliptic curve discrete logarithm problem. In: Proceedings of Algorithmic Number Theory: 4th international symposium – ANTS-IV 2000. Lecture notes in computer science, vol 1838. Springer, Berlin Heidelberg New York, pp 377–384

  8. Kuhn F, Struik R (2001) Random walks revisited: extensions of Pollard’s rho algorithm for computing multiple discrete logarithms. In: Selected Areas in Cryptography – SAC 2001. Lecture notes in computer science, vol 2259. Springer, Berlin Heidelberg New York, pp 212–229

  9. Lenstra AK, Verheul ER (2001) Selecting cryptographic key sizes. J Cryptol 14(4):255–293

    Article  MathSciNet  Google Scholar 

  10. Motorola Inc (2003) MPC190: Security processor, 1994–2003. [Online] http://e-www.motorola.com/webapp/sps/site/prod_summary.jsp?code=MPC190&nodeId=01DFTQ42497721 [accessed 13/02/2003]

  11. NIST (National Institute of Standards and Technology), US Department of Commerce (2001) FIPS 186-2, digital signature standard (DSS). Federal Information Processing Standard (FIPS), January 2000. [Online] http://www.csrc.nist.gov/publications/fips/ [accessed 07/06/2001]

  12. Pohlig SC, Hellman ME (1978) An imporved algortihm for computing logarithms in GF(p) and its cryptographic significance. IEEE Trans Inf Theory 24(1):106–111

    Article  MathSciNet  Google Scholar 

  13. Pollard JM (1978) Monte Carlo methods for index computation (mod p). Math Comput 32(143):918–924

    MathSciNet  Google Scholar 

  14. Scott M (1999) Comments in the file sea.cpp which implements the Schoof-Elkies-Atkin algorithm for the Multiprecision Integer and Rational Arithmetic C/C++ Library (MIRACL). Shamus Software Ltd. [Online] ftp://ftp.computing.dcu.ie/pub/crypto/sea.cpp [accessed 04/06/2003]

  15. Shamus Software Ltd (2000) Multiprecision Integer and Rational Arithmetic C/C++ Library (MIRACL). [Online] http://indigo.ie/∼mscott/ [accessed 23/6/2000]

  16. Shanks D (1971) Class number: a theory of factorization, and genera. In: Proceedings of Symposia in Pure Mathematics 1969 Number Theory Institute, vol XX. AMS, Providence, RI, pp 415–440

  17. Teske E (1998) Speeding up pollard’s rho method for computing discrete logarithms. In: Proceedings of Algorithmic Number Theory: 3rd international symposium – ANTS-III 1998. Lecture notes in computer science, vol 1423. Springer, Berlin Heidelberg New York, pp 541–554

  18. van Oorschot PC, Wiener MJ (1999) Parallel collision search with cryptanalytic applications. J Cryptol 12(1):1–28

    Article  Google Scholar 

  19. WAP (Wireless Application Protocol Forum Ltd) (2001) Wireless application protocol: wireless transport layer security. [Online] http://www1.wapforum.org/tech/terms.asp?doc=WAP-261-WTLS-20010406-a.pdf [accessed 31/07/2002]

  20. Wiener MJ, Zuccherato RJ (1999) Faster attacks on elliptic curve cryptosystems. In: Selected Areas in Cryptography – SAC ’98. Lecture notes in computer science, vol 1556. Springer, Berlin Heidelberg New York, pp 190–200

Download references

Author information

Authors and Affiliations

  1. Information Security Research Centre, Queensland University of Technology, 2434, Brisbane, Q, 4001, Australia

    Yvonne Hitchcock & Ed Dawson

  2. Motorola Australia Software Centre, 2 Second Ave, Mawson Lakes, SA, 5095, Australia

    Paul Montague

  3. School of Mathematics, Queensland University of Technology, 2434, Brisbane, Q, 4001, Australia

    Gary Carter

Authors
  1. Yvonne Hitchcock
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Montague
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gary Carter
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ed Dawson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yvonne Hitchcock.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Hitchcock, Y., Montague, P., Carter, G. et al. The efficiency of solving multiple discrete logarithm problems and the implications for the security of fixed elliptic curves. IJIS 3, 86–98 (2004). https://doi.org/10.1007/s10207-004-0045-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-004-0045-9

Keywords