Solving the Elliptic Curve Discrete Logarithm Problem Using Semaev Polynomials, Weil Descent and Gröbner Basis Methods - An Experimental Study
نویسندگان
چکیده
At ASIACRYPT 2012, Petit and Quisquater suggested that there may be a subexponential-time index-calculus type algorithm for the Elliptic Curve Discrete Logarithm Problem (ECDLP) in characteristic two fields. This algorithm uses Semaev polynomials and Weil Descent to create a system of polynomial equations that subsequently is to be solved with Gröbner basis methods. Its analysis is based on heuristic assumptions on the performance of Gröbner basis methods in this particular setting. While the subexponential behaviour would manifest itself only far beyond the cryptographically interesting range, this result, if correct, would still be extremely remarkable. We examined some aspects of the work by Petit and Quisquater experimentally.
منابع مشابه
Equations System coming from Weil descent and subexponential attack for algebraic curve cryptosystem (Draft)
In [2], Faugére et al. shows that the decomposition problem of a point of elliptic curve over binary field F2n reduces to solving low degree equations system over F2 coming from Weil descent. Using this method, the discrete logarithm problem of elliptic curve over F2n reduces to linear constrains, i.e., solving equations system using linear algebra of monomial modulo field equations, and its co...
متن کاملEquations System coming from Weil descent and subexponential attack for algebraic curve cryptosystem
In [2], Faugére et al. shows that the decomposition problem of a point of elliptic curve over binary field F2n reduces to solving low degree equations system over F2 coming from Weil descent. Using this method, the discrete logarithm problem of elliptic curve over F2n reduces to linear constrains, i.e., solving equations system using linear algebra of monomial modulo field equations, and its co...
متن کاملOn the last fall degree of zero-dimensional Weil descent systems
In this article we will discuss a new, mostly theoretical, method for solving (zero-dimensional) polynomial systems, which lies in between Gröbner basis computations and the heuristic first fall degree assumption and is not based on any heuristic. This method relies on the new concept of last fall degree. Let k be a finite field of cardinality qn and let k be its subfield of cardinality q. Let ...
متن کاملPolynomial systems solving and elliptic curve cryptography. (Résolution de systèmes polynomiaux et cryptologie sur les courbes elliptiques)
Since the last decade, attacks on the elliptic curve discrete logarithm problem (ECDLP) whichrequires to solve polynomial systems have been quite successful. This thesis takes place in this contextand the contributions are twofold.On the one hand, we present new tools for solving polynomial systems by using Gröbner bases.First, we investigate polynomial systems with symmetries. ...
متن کاملSolving Elliptic Curve Discrete Logarithm Problems Using Weil Descent
We provide the first cryptographically interesting instance of the elliptic curve discrete logarithm problem which resists all previously known attacks, but which can be solved with modest computer resources using the Weil descent attack methodology of Frey. We report on our implementation of index-calculus methods for hyperelliptic curves over characteristic two finite fields, and discuss the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013