Finding Good Random Elliptic Curves for Cryptosystems Defined over F2n

One of the main difficulties for implementing cryptographic schemes based on elliptic curves defined over finite fields is the necessary computation of the cardinality of these curves. In the case of finite fields F2n, recent theoretical breakthroughs yield a significant speed up of the computations. Once described some of these ideas in the first part of this paper, we show that our current implementation runs from 2 up to 10 times faster than what was done previously. In the second part, we exhibit a slight change of Schoof's algorithm to choose curves with a number of points "nearly" prime and so construct cryptosystems based on random elliptic curves instead of specific curves as it used to be.

[1]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[2]  D. Shanks Class number, a theory of factorization, and genera , 1971 .

[3]  R. Schoof Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p , 1985 .

[4]  F. Mestre,et al.  Journal de Theorie des Nombres de Bordeaux 7 (1995), 219{254 , 2022 .

[5]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[6]  N. Koblitz PRIMALITY OF THE NUMBER OF POINTS ON AN ELLIPTIC CURVE OVER A FINITE FIELD , 1988 .

[7]  Burton S. Kaliski,et al.  A Pseudo-Random Bit Generator Based on Elliptic Logarithms , 1986, CRYPTO.

[8]  J. Couveignes Isogeny cycles and the Schoof-Elkies-Atkin algorithm , 1996 .

[9]  Alfred Menezes,et al.  Elliptic curve public key cryptosystems , 1993, The Kluwer international series in engineering and computer science.

[10]  Andreas Bender,et al.  On the Implementation of Elliptic Curve Cryptosystems , 1989, CRYPTO.

[11]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1993, IEEE Trans. Inf. Theory.

[12]  François Morain Building Elliptic Curves Modulo Large Primes , 1991, EUROCRYPT.

[13]  Hilarie K. Orman,et al.  Fast Key Exchange with Elliptic Curve Systems , 1995, CRYPTO.

[14]  Everett W. Howe On the group orders of elliptic curves over finite fields , 2001, math/0110262.

[15]  Jean Marc Couveignes,et al.  Computing l-Isogenies Using the p-Torsion , 1996, ANTS.

[16]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[17]  Horst G. Zimmer,et al.  Constructing elliptic curves with given group order over large finite fields , 1994, ANTS.

[18]  R. Lercier,et al.  "Finding good random elliptic curves for cryptosystems defined over F_ ," EUROCRYPT '97 , 1997 .

[19]  Kazuo Tanada,et al.  Design of Elliptic Curves with Controllable Lower Boundary of Extension Degree for Reduction Attacks , 1994, CRYPTO.

[20]  Reynald Lercier,et al.  Computing Isogenies in F2n , 1996, ANTS.

[21]  Jean-Marc Couveignes,et al.  Computing L-isogenies with the P-torsion , 1996 .

[22]  V. Müller Ein Algorithmus zur Bestimmung der Punktanzahl elliptischer Kurven über endlichen Körpern der Char , 1995 .

[23]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[24]  R. Zuccherato,et al.  Counting Points on Elliptic Curves Over F2m , 1993 .

[25]  Alfred Menezes,et al.  Public-Key Cryptosystems with Very Small Key Length , 1992, EUROCRYPT.

[26]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[27]  Françoise Morain Courbes elliptiques et tests de primalité , 1990 .

[28]  Reynald Lercier,et al.  Counting the Number of Points on Elliptic Curves over Finite Fields: Strategies and Performance , 1995, EUROCRYPT.

[29]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[30]  Atsuko Miyaji,et al.  On Ordinary Elliptic Curve Cryptosystems , 1991, ASIACRYPT.

[31]  Atsuko Miyaji,et al.  Elliptic Curves over Fp Suitable for Cryptosystems , 1992, AUSCRYPT.

[32]  R. Schoof Journal de Theorie des Nombres de Bordeaux 7 (1995), 219{254 , 2022 .

[33]  François Morain,et al.  Schoof's algorithm and isogeny cycles , 1994, ANTS.