橢圓曲線密碼系統之曲線安全性研究

Chien-Yeo Chiang; 江前佑

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/9885

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	陳君明
dc.contributor.author	Chien-Yeo Chiang	en
dc.contributor.author	江前佑	zh_TW
dc.date.accessioned	2021-05-20T20:47:20Z	-
dc.date.available	2008-07-14
dc.date.available	2021-05-20T20:47:20Z	-
dc.date.copyright	2008-07-14
dc.date.issued	2008
dc.date.submitted	2008-07-07
dc.identifier.citation	[1] I.F. Blake, G. Seroussi and N.P. Smart. Elliptic curve in cryptography. Chapter VII volume 265 of London Mathematical Society Lecture Note Series. Cambridge University Press, Cambridge, 2000. [2] C. Diem. Systems of polynomial equations associated to elliptic curve discrete logarithm problems. Preprint, 2004. [3] A. Enge and P. Gaudry. A general framework for subexponential discrete logarithm algorithms. Rapport de Recherche Lix/PR/00/04, June 2000. [4] G. Frey and H. R‥uck. A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Mathematics of Computation, 62:865-874, 1994. [5] G. Frey. Applications of Arithmetical Geometry to Cryptographic Constructions. Finite Fields and Applications, 128-161, Springer, 1999. [6] R. Gallant, R. Lambert and S. Vanstone. Improving the parallelized Pollard lambda search on anomalous binary curves. Mathematics of Computation, 69:1699-1705, 2000. [7] S. Galbraith, and N. Smart. A Cryptographic application of Weil descent Cryptography and Coding, (LNCS 1176) 191-200. Springer-Verlag, 1999. [8] P. Gaudry. Index calculus for abelian varieties and the elliptic curve discrete logarithm problem. Preprint, 2004. [9] P. Gaudry, F. Hess, and N. Smart. Constructive and destructive facets of Weil descent on elliptic curves. Journal of Cryptology, 15:19-46, 2002. [10] S. Galbraith, F. Hess, and N. Smart. Extending the GHS Weil descent attack. Advances in Cryptology-EUROCRYPT 2002 (LNCS 2332)[248], 29-44, 2002. [11] P. Gaudry. An algorithm for solving the discrete log problem on hyperelliptic curves. Advances in Cryptology-EUROCRYPT 2000 (LNCS 1807), 19-34, 2000. [12] D. Hankerson, A. Menezes, and S. Vanstone. Guide to Elliptic Curve Cryptography. Springer, 2003. [13] M.-D. Huang, K. Kueh, and K.-S. Tan. Lifting elliptic curves and solving the elliptic curve discrete logarithm problem. ANTS (LNCS 877), 377-384, Springer-Verlag, 2000. [14] M. Jacobson, N. Koblitz, J. Silverman, A. Stein, and E. Teske. Analysis of the xedni calculus attack. Design, Codes, and Cryptography, 20:41-64, 2000. [15] M. Jacobson, A. Menezes and A. Stein. Solving elliptic curve discrete logarithm problems using Weil descent. Preprint, 2001. [16] N. Koblitz, A. Menezes, Y. H. Wu, and R. Zuccherato. Algebraic aspects of Cryptography. Springer. 1998. [17] M. Maurer, A. Menezes, and E. Teske. Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree. LMS Journal of Computation and Mathematics, 5:127-174, 2002. [18] A. Menezes and E. Teske. Cryptographic implications of Hess’ generalized GHS attack. http://www.cacr.math.uwaterloo.ca/ajmeneze/research/html December,2004. [19] A. Menezes and M. Qu. Analysis of the Weil descent attack of Gaudry, Hess and Smart. Topics in Cryptology CT-RSA 2001 (LNCS 2020)[338], 308-318,2001. [20] A. Meneze, S. Vanstone and T. Okamoto. Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory, 39:1639-1646, 1993 [21] J.F. Mestre. Formules explicites et minoration de conducteurs de varietes algebriques. Compositio Math. 58(1986), 209-232. [22] V. Miller. Use of elliptic curves in Cryptography. Advances in Cryptology CRYPTO ’85. (LNCS 218) 417-426, Springer, 1986. [23] V. Miller. Short programs for functions on curves. Unpublished manuscript,1986. [24] S. Pohlig and M. Hellman. An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory, 24:106-110, 1978. [25] J. M. Pollard. Monte Carlo methods for index computation (mod p). Mathematics of Computation, 32, 918-924, 1978. [26] T. Satoh and K. Araki. Fermat quotients and the polynomial time discrete log algorithm for anomalous curve. Commentarii Mathematici Universitatis Sancti Pauli, 47:81-92, 1998. [27] R. Schoof. Elliptic curves over finite fields and the computation of square roots mod p. Mathematics of Computation. 44(170):483-494, 1985. [28] R. Schoof. Nonsingular plane cubic curves over finite fields. Journal of Combinatorial Theory, A 46(1987), 183-211. [29] I. Semaev. Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic p. Mathematics of Computation, 67:353-356,1998. [30] I. Semaev. Summation polynomials and the discrete logarithm problem on elliptic curves. Preprint, February 5 2004. [31] D. Shanks. Class number, a theory of factorization, and genera. 1969 Number Theory Institute, page 415-440. American Mathematical Society, Providence,RI, 1971. [32] J. Silverman. The Arithmetic of Elliptic Curves. Springer-Verlag. GTM 106. [33] J. Silverman and J. Suzuki. Elliptic curve discrete logarithms and the index calculus. Advances in Cryptology-ASIACRYPT ’98(LNCS 1514)[352], 110-125,1998. [34] J. Silverman. The xedni calculus and the elliptic curve discrete logarithm problem. Designs, Codes, and Cryptography, 20:5-40, 2000. [35] N. Smart. The discrete logarithm problem on elliptic curve of trace one. Journal of Cryptology, 12:193-196, 1999. [36] P. Van Oorschot and M. Wiener. Parallel collision search with cryptanalytic applications. Journal of Cryptology, 12:1-28, 1999. [37] L. Washington. Elliptic curves. Number theory and Cryptography. Chapmanand Hall, 2003. [38] M. Wiener and R. Zuccherato. Faster attacks on elliptic curve cryptosystems. Selected Areas in Cryptography-SAC ’98 (LNCS1556)[457], 190-200, 1999.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/9885	-
dc.description.abstract	現今許多密碼系統的安全性, 是以橢圓曲線離散對數問題(ECDLP) 的困難度為基礎。這些密碼系統的安全性, 通常取決於曲線的選擇。在這篇論文中, 我們對現在針對橢圓曲線離散對數問題的攻擊法做一個整理, 找出弱曲線的條件, 也提出一些安全曲線應該有的條件。另外, 我們也會討論一些其他的攻擊法, 這些攻擊法對ECDLP 是失敗的。	zh_TW
dc.description.abstract	The elliptic curve discrete logarithm problem (ECDLP) forms the basis of numerous cryptosystems today. The security of these cryptosystems usually depends on the choice of curves. In this thesis, we give a summary of recent attacks on the ECDLP, find the criteria of weak curves, and suggest the conditions that a secure curve should have. We will also discuss some attacks which works on the DLP but may fail to the ECDLP.	en
dc.description.provenance	Made available in DSpace on 2021-05-20T20:47:20Z (GMT). No. of bitstreams: 1 ntu-97-R94221032-1.pdf: 524854 bytes, checksum: e72ab8bbf789e2808eb6a1d46e8e421d (MD5) Previous issue date: 2008	en
dc.description.tableofcontents	Contents 口試委員會審定書i 致謝ii Abstract in Chinese iii Abstract in English iv 1 Introduction 1 2 General Attacks on the ECDLP 4 2.1 Baby Step, Giant Step . . . . . . . . . . . . . . . . . 4 2.2 The Pollard Method. . . . . . . . . . . . . . . . . . . 5 2.2.1 Pollard’s ρ Method. . . . . . . . . . . . . . . . . 5 2.2.2 Pollard’s λ Method. . . . . . . . . . . . . . . . . 9 2.3 Pohlig-Hellman Attack. . . . . . . . . . . . . . . . . 11 3 Isomorphism Attacks on the ECDLP 15 3.1 Attacks on Anomalous Curves. . . . . . . . . . . . . . 15 3.1.1 Smart’s Method. . . . . . . . . . . . . . . . . . . 15 3.1.2 Semaev’s Method . . . . . . . . . . . . . . . . . . 18 3.2 MOV Attack . . . . . . . . . . . . . . . . . . . . . . 22 3.3 Tate Pairing Attack. . . . . . . . . . . . . . . . . . 26 3.4 Weil Descent . . . . . . . . . . . . . . . . . . . . . 29 4 Other Attacks 33 4.1 Index Calculus on the ECDLP. . . . . . . . . . . . . . 33 4.2 Xedni Calculus on the ECDLP. . . . . . . . . . . . . . 36 4.3 Semaev’s Summation Polynomials. . . . . . . . . . . . 44 4.4 Further Results. . . . . . . . . . . . . . . . . . . . 47 5 Conclusions 50 References 52 A Computation of the Parings 57
dc.language.iso	en
dc.title	橢圓曲線密碼系統之曲線安全性研究	zh_TW
dc.title	The Security of Curves for Elliptic Curve Cryptosystems	en
dc.type	Thesis
dc.date.schoolyear	96-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	陳其誠,黃柏嶧,鄭振牟,楊柏因
dc.subject.keyword	橢圓曲線密碼學,橢圓曲線離散對數,弱曲線,索引演算,離散對數。,	zh_TW
dc.subject.keyword	ECC,ECDLP,weak curve,index calculus,DLP.,	en
dc.relation.page	60
dc.rights.note	同意授權(全球公開)
dc.date.accepted	2008-07-07
dc.contributor.author-college	理學院	zh_TW
dc.contributor.author-dept	數學研究所	zh_TW
顯示於系所單位：	數學系

文件中的檔案：

檔案	大小	格式
ntu-97-1.pdf	512.55 kB	Adobe PDF	檢視/開啟

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。