Hostname: page-component-8448b6f56d-m8qmq Total loading time: 0 Render date: 2024-04-18T03:47:19.024Z Has data issue: false hasContentIssue false
  • English
  • Français

Generalising the GHS Attack on the Elliptic Curve Discrete Logarithm Problem

Published online by Cambridge University Press:  01 February 2010

F. Hess
F. Hess
Affiliation:
Technical University of Berlin, Faculty II- Institute of Mathematics, MA8-1 Straße des 17. Juni 136, 10623 Berlin, Germany, hess@math.tu-berlin.de, http://www.math.tu-berlin.de/~hess

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

The Weil descent construction of the GHS attack on the elliptic curve discrete logarithm problem (ECDLP) is generalised in this paper, to arbitrary Artin-Schreier extensions. A formula is given for the characteristic polynomial of Frobenius for the curves thus obtained, as well as a proof that the large cyclic factor of the input elliptic curve is not contained in the kernel of the composition of the conorm and norm maps. As an application, the number of elliptic curves that succumb to the basic GHS attack is considerably increased, thereby further weakening curves over GF2155.

Other possible extensions or variations of the GHS attack are discussed, leading to the conclusion that they are unlikely to yield further improvements.

Type
Research Article
Information
LMS Journal of Computation and Mathematics , Volume 7 , 2004 , pp. 167 - 192
Copyright
Copyright © London Mathematical Society 2004

References

1. Arita, S., ‘Weil descent of elliptic curves over finite fields of characteristic three’, Advances in cryptology - ASIACRYPT 2000, Kyoto, Japan, Lecture Notes in Comput. Sci. (1976) (ed.Okamoto, T., Springer, New York, 2000)248258.Google Scholar
2. Artin, E. and Tate, J., Class field theory (Benjamin, New York, 1968).Google Scholar
3. Blake, I., Seroussi, G., Smart, N., Elliptic curves in cryptography, London Math. Soc. Lecture Note Ser. 265 (Cambridge University Press,Cambridge 1999).CrossRefGoogle Scholar
4. Boneh, D., Franklin, M., ‘Identity-based encryption from the Weil pairing‘, Advances in cryptology - CRYPTO 2001, Lecture Notes in Comput. Sci. 2139 (ed.Kilian, J., Springer,New York, 2001) 213229.Google Scholar
5. Ciet, M., Quisquater, J.J, Sica, F., ‘A secure family of composite finite fields suitable for fast implementation of elliptic curve cryptography’, [23] 108116.CrossRefGoogle Scholar
6. Diem, C., ‘The GHS-attack in odd characteristic’, J. Ramanujan Math. Soc 18 (2003) 132.Google Scholar
7. Frey, G., ‘HOW to disguise an elliptic curve’, Talk at ECC’98, Waterloo; available at http://www.cacr.math,uwaterloo.ca/conferences/1998/ecc98/frey.ps.Google Scholar
8. Frey, G., Rück, H. G., ‘A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves’, Math. Comp. 62 (1994) 865874.Google Scholar
9. Galbrath, S., ‘Weil descent of Jacobians’, WCC2001 International workshop on coding and cryptography, Electron. Notes Discrete Math. 6 (ed. Augot, D. and Carlet, C., Elsevier, Amsterdam/Paris, 2001).CrossRefGoogle Scholar
10. Galbrath, S., Smart, N. P., ‘A cryptographic application of Weil descent’, Cryptography and coding, Lecture Notes in Comput. Sci. 1746 (ed. Walker, M., Springer, New York, 1999) 191200.Google Scholar
11. Galbrath, S., Hess, F., Smart, N. P., ‘Extending the GHS Weil descent attack’, Advances in cryptology - EUROCRYPT 2002, Lecture Notes in Comput. Sci. 2332 (ed. Knudsen, L. R., Springer, New York, 2002) 2944.Google Scholar
12. Garcia, A., Stichtenoth, H., ‘Elementary abelian p-extensions of algebraic function fields’, Manuscripta Math. 72 (1991) 6779.CrossRefGoogle Scholar
13. Gaudry, P., Hess, F., Smart, N. P., ‘Constructive and destructive facets of Weil descent on elliptic curves’, J. Cryptology 15 (2002) 1946.CrossRefGoogle Scholar
14. Hess, F., ‘Zur Divisorenklassengruppenberechnung in globalen Funktionenkörpern’, PhD Thesis, Technische Universität Berlin, (1999).Google Scholar
15. Hess, F., ‘Computing Riemann-Roch spaces in algebraic function fields and related topics’, J. Symbolic Comput 33 (2002) 425445.CrossRefGoogle Scholar
16. Hess, F., ‘Computing relations in divisor class groups of algebraic curves over finite fields’, Submitted; http://www.math.tu-berlin.de/~hess/dlog.ps.gz.Google Scholar
17. IETF (Internet Engineering Task Force), ‘The Oakley key determination protocol’, IETF RFC 2412; http://www.ietf.org/rfc/rfc2412.txt.Google Scholar
18. Jacobson, M., Menezes, A., Stein, A., ‘Solving elliptic curve discrete logarithm problems using Weil descent’, J. Ramanujan Math. Soc 16 (2001) 231260.Google Scholar
19. Maurer, M., MENEZES, A. and TESKE, E., ‘Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree’, [23] 195213.CrossRefGoogle Scholar
20. Menezes, A., and Qu, M., ‘Analysis of the Weil descent attack of Gaudry, Hess and Smart’, Progress in cryptology - CT-RSA (2001, Lecture Notes in Comput. Sci. 2020 (ed. Naccache, D, Springer, New York, 2001) 308318.Google Scholar
21. Menezes, A., Okatomo, T., and VANSTONE, S., ‘Reducing elliptic curve logarithms to logarithms in a finite field’, IEEE Trans. Inform. Theory 3 (1993) 16391646.CrossRefGoogle Scholar
22. Neukirch, J., Algebraic number theory (Springer, New York, 1999).CrossRefGoogle Scholar
23. Rangan, C. Pandu and Ding, C. (eds), Progress in cryptology - INDOCRYPT 2001, Chennai, India, Lecture Notes in Comput. Sci. 2247 (Springer, New York, 2001).CrossRefGoogle Scholar
24. SMART, N. P., ‘HOW secure are elliptic curves over composite extension fields?’ Ad vances in cryptology - EUROCRYPT 2001, Lecture Notes in Comput. Sci. 2045 (ed. Pfitzmann, B., Springer, New York, 2001) 3039.Google Scholar
25. Stichtenoth, H., Algebraic function fields and codes (Springer, Berlin, 1993).Google Scholar
26. Thériault, N., ‘Weil descent attack for Artin-Schreier curves’, submitted; available at http://www.math.toronto.edu/nicolast/weildescent.pdf.Google Scholar