On the Construction of Prime Order Elliptic Curves

We consider a variant of the Complex Multiplication (CM) method for constructing elliptic curves (ECs) of prime order with additional security properties. Our variant uses Weber polynomials whose discriminant D is congruent to 3 (mod 8), and is based on a new transformation for converting roots of Weber polynomials to their Hilbert counterparts. We also present a new theoretical estimate of the bit precision required for the construction of the Weber polynomials for these values of D. We conduct a comparative experimental study investigating the time and bit precision of using Weber polynomials against the (typical) use of Hilbert polynomials. We further investigate the time efficiency of the new CM variant under four different implementations of a crucial step of the variant and demonstrate the superiority of two of them.

[1]  Erkay Savas,et al.  Generating Elliptic Curves of Prime Order , 2001, CHES.

[2]  C. Pandu Rangan,et al.  Progress in Cryptology — INDOCRYPT 2001 , 2001, Lecture Notes in Computer Science.

[3]  Markus Jakobsson,et al.  Proactive public key and signature systems , 1997, CCS '97.

[4]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[5]  Andreas Enge,et al.  Comparing Invariants for Class Fields of Imaginary Quadratic Fields , 2002, ANTS.

[6]  Sachar Paulus,et al.  On the Generation of Cryptographically Strong Elliptic Curves , 1997 .

[7]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[8]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[9]  Christos D. Zaroliagis,et al.  On the Efficient Generation of Elliptic Curves over Prime Fields , 2002, CHES.

[10]  Hans Eberle,et al.  Generic implementations of elliptic curve cryptography using partial reduction , 2002, CCS '02.

[11]  T. Valente A distributed approach to proving large numbers prime , 1992 .

[12]  Horst G. Zimmer,et al.  Constructing elliptic curves with given group order over large finite fields , 1994, ANTS.

[13]  Harald Baier,et al.  Efficient Construction of Cryptographically Strong Elliptic Curves , 2000, INDOCRYPT.

[14]  Harald Baier,et al.  Elliptic Curves of Prime Order over Optimal Extension Fields for Use in Cryptography , 2001, INDOCRYPT.

[15]  Harald Baier,et al.  Efficient algorithms for generating elliptic curves over finite fields suitable for use in cryptography , 2002 .

[16]  Erich Kaltofen,et al.  An improved Las Vegas primality test , 1989, ISSAC '89.

[17]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[18]  Vom Fachbereich Informatik Ecient Algorithms for Generating Elliptic Curves over Finite Fields Suitable for Use in Cryptography , 2002 .

[19]  E. Kaltofen,et al.  Explicit Construction of the Hilbert Class Fields of Imaginary Quadratic Fields by Integer Lattice Reduction , 1991 .

[20]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[21]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[22]  K. Brown,et al.  Graduate Texts in Mathematics , 1982 .

[23]  Y. Nogami Fast Generation of Elliptic Curves with Prime Order over F_{p^{2^c}} , 2003 .

[24]  Bimal Roy,et al.  Progress in Cryptology —INDOCRYPT 2000 , 2002, Lecture Notes in Computer Science.

[25]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[26]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[27]  L. G. Lidia,et al.  A library for computational number theory , 1997 .

[28]  A. Atkin,et al.  ELLIPTIC CURVES AND PRIMALITY PROVING , 1993 .