Abstract.We develop an efficient identity based signature scheme based on pairings whose security relies on the hardness of the Diffie-Hellman problem in the random oracle model. We describe how this scheme is obtained as a special version of a more general generic scheme which yields further new provably secure identity based signature schemes if pairings are used. The generic scheme also includes traditional public key signature schemes. We further discuss issues of key escrow and the distribution of keys to multiple trust authorities. The appendix contains a brief description of the relevant properties of supersingular elliptic curves and the Weil and Tate pairings.
In this paper we simplify and extend the Eta pairing, originally discovered in the setting of supersingular curves by Barreto et al., to ordinary curves. Furthermore, we show that by swapping the arguments of the Eta pairing, one obtains a very efficient algorithm resulting in a speed-up of a factor of around six over the usual Tate pairing, in the case of curves which have large security parameters, complex multiplication by an order of Q(√ −3), and when the trace of Frobenius is chosen to be suitably small. Other, more minor savings are obtained for more general curves. 1 2
Abstract. In this paper we look in detail at the curves which arise in the method of Galbraith and Smart for producing curves in the Weil restriction of an elliptic curve over a nite eld of characteristic two of composite degree. We explain how this method can be used to construct hyperelliptic cryptosystems which could be as secure as cryptosystems based on the original elliptic curve. On the other hand, we show that the same technique may provide a way of attacking the original elliptic curve cryptosystem using recent advances in the study of the discrete logarithm problem on hyperelliptic curves.We examine the resulting higher genus curves in some detail and propose an additional check on elliptic curve systems de ned over elds of characteristic two so as to make them immune from the methods in this paper. IntroductionIn this paper we address two problems: how to construct hyperelliptic cryptosystems and how to attack elliptic curve cryptosystems de ned over elds of composite degree over F 2 .As explained in 17], there is currently no practical method which generates cryptographically secure Jacobians of hyperelliptic curves that have no special added structure. We shall present a method that will produce a hyperelliptic Jacobian related to a`random' elliptic curve, which is secure assuming one believes the discrete logarithm problem on the elliptic curve is itself hard.For the second problem we turn our construction of hyperelliptic cryptosystems on its head and argue that this provides evidence for the weakness of the original elliptic curve discrete logarithm problem. We stress that this does not provide evidence for the weakness of elliptic curve systems in general, but only those which are de ned over the special nite elds considered in this paper. These elds are extensions of composite degree over the eld F 2 .Let
We develop a simple and efficient algorithm to compute Riemann-Roch spaces of divisors in general algebraic function fields which does not use the Brill-Noether method of adjoints or any series expansions. The basic idea also leads to an elementary proof of the Riemann-Roch theorem. We describe the connection to the geometry of numbers of algebraic function fields and develop a notion and algorithm for divisor reduction. An important application is to compute in the divisor class group of an algebraic function field.
Abstract. In this paper we extend the Weil descent attack due to Gaudry, Hess and Smart (GHS) to a much larger class of elliptic curves. This extended attack applies to fields of composite degree over F2. The principle behind the extended attack is to use isogenies to find an elliptic curve for which the GHS attack is effective. The discrete logarithm problem on the target curve can be transformed into a discrete logarithm problem on the isogenous curve. A further contribution of the paper is to give an improvement to an algorithm of Galbraith for constructing isogenies between elliptic curves, and this is of independent interest in elliptic curve cryptography. We show that a larger proportion than previously thought of elliptic curves over F 2 155 should be considered weak.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.