Generalized Mersenne Numbers in Pairing-Based Cryptography
01 Jan 2006-
TL;DR: The author’s home country, the United States, and some of the characters from the film adaptation are fictitious.
Abstract: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Chapter
Citations
More filters
01 Jun 1986
40 citations
References
More filters
TL;DR: This paper presents an algorithm to solve the discrete logarithm problem forGF ( p) with heuristic expected running time L_p [ 1/3; 3^{2/3}] and for umbers of a special form, there is an asymptotically slower but more practical version of the algorithm.
Abstract: Recently, several algorithms using number field sieves have been given to factor a number n in heuristic expected time $L_n [1/3; c]$, where \[ L_n [ v ;c ] = \exp \left\{ ( c + o ( 1 ) ) ( \log n )^v ( \log \log n )^{1 - v } \right\} \] for $n \to \infty $.This paper presents an algorithm to solve the discrete logarithm problem for $GF ( p )$ with heuristic expected running time $L_p [ 1/3; 3^{2/3}]$. For umbers of a special form, there is an asymptotically slower but more practical version of the algorithm.
351 citations
IBM1
TL;DR: The ideas give a dramatic improvement even for moderate-sized fields such as GF (2^{127}) , and make (barely) possible computations in fields of size around 2^{400} .
Abstract: A method for determining logarithms in GF (2^{n}) is presented. Its asymptotic running time is O(\exp (cn^{1/3} \log^{2/3} n)) for a small constant c , while, by comparison, Adleman's scheme runs in time O(\exp (c^{'}n^{1/2} \log^{1/2} n )) . The ideas give a dramatic improvement even for moderate-sized fields such as GF (2^{127}) , and make (barely) possible computations in fields of size around 2^{400} . The method is not applicable to GF (q) for a large prime q .
350 citations
Book•
01 Jan 1995
TL;DR: In this article, Commutative Rings I First Properties Fields Polynomials Homomorphisms Greatest Common Divisors Unique Factorization Irreducibility Quotient Rings and Finite Fields Officers, Fertilizer, and a Line at Infinity 4 Goodies Linear Algebra Euclidean Constructions Classical Formulas Insolvability of the General Quintic Epilog 5 Groups II Finite Abelian Groups The Sylow Theorems The Jordan-Holder Theorem Presentations 6 Commutive Rings II Prime Ideals and Maximal Ideals Unique Factor
Abstract: 1 Number Theory Induction Binomial Coefficients Greatest Common Divisors The Fundamental Theorem of Arithmetic Congruences Dates and Days 2 Groups I Functions Permutations Groups Lagrange's Theorem Homomorphisms Quotient Groups Group Actions Counting with Groups 3 Commutative Rings I First Properties Fields Polynomials Homomorphisms Greatest Common Divisors Unique Factorization Irreducibility Quotient Rings and Finite Fields Officers, Fertilizer, and a Line at Infinity 4 Goodies Linear Algebra Euclidean Constructions Classical Formulas Insolvability of the General Quintic Epilog 5 Groups II Finite Abelian Groups The Sylow Theorems The Jordan-Holder Theorem Presentations 6 Commutative Rings II Prime Ideals and Maximal Ideals Unique Factorization Noetherian Rings Varieties Grobner Bases Hints to Exercises Bibliography Index
325 citations
TL;DR: Weil and Tate pairings on elliptic curves have attracted much attention in recent years, and Boneh and Franklin [8] as discussed by the authors examined the implications of heightened security needs for pairing-based cryptosystems.
Abstract: In recent years cryptographic protocols based on the Weil and Tate pairings on elliptic curves have attracted much attention. A notable success in this area was the elegant solution by Boneh and Franklin [8] of the problem of efficient identity-based encryption. At the same time, the security standards for public key cryptosystems are expected to increase, so that in the future they will be capable of providing security equivalent to 128-, 192-, or 256-bit AES keys. In this paper we examine the implications of heightened security needs for pairing-based cryptosystems. We first describe three different reasons why high-security users might have concerns about the long-term viability of these systems. However, in our view none of the risks inherent in pairing-based systems are sufficiently serious to warrant pulling them from the shelves.
We next discuss two families of elliptic curves E for use in pairing-based cryptosystems. The first has the property that the pairing takes values in the prime field $\mathbb{F}_p$ over which the curve is defined; the second family consists of supersingular curves with embedding degree k = 2. Finally, we examine the efficiency of the Weil pairing as opposed to the Tate pairing and compare a range of choices of embedding degree k, including k = 1 and k = 24.
313 citations
08 Apr 2001
TL;DR: This paper presents an extensive study of the software implementation on workstations of the NIST-recommended elliptic curves over prime fields in C and assembler on a Pentium II 400MHz workstation.
Abstract: This paper presents an extensive study of the software implementation on workstations of the NIST-recommended elliptic curves over prime fields. We present the results of our implementation in C and assembler on a Pentium II 400MHz workstation. We also provide a comparison with the NIST-recommended curves over binary fields.
287 citations