Solving 94-bit ECDLP with 70 Computers in Parallel
暂无分享,去创建一个
Elliptic curve discrete logarithm problem(ECDLP) is one of problems on which the security of pairing-based cryptography is based. This paper considers Pollard’s rho method to evaluate the security of ECDLP on Barreto-Naehrig(BN) curve that is an efficient pairing-friendly curve. Some techniques are proposed to make the rho method efficient. Especially, the group structure on BN curve, distinguished point method, and Montgomery trick are well-known techniques. This paper applies these techniques and shows its optimization. According to the experimental results for which a large-scale parallel system with MySQL is applied, 94-bit ECDLP was solved about 28 hours by parallelizing 71 computers. Keywords—Pollard’s rho method, BN curve, Montgomery multiplication.
[1] P. L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization , 1987 .
[2] Craig Costello,et al. Elliptic and Hyperelliptic Curves: A Practical Security Analysis , 2014, Public Key Cryptography.
[3] Yasuyuki Nogami,et al. Integer Variable chi-Based Cross Twisted Ate Pairing and Its Optimization for Barreto-Naehrig Curve , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..
[4] Frederik Vercauteren,et al. Optimal Pairings , 2010, IEEE Transactions on Information Theory.