M. Maurer, A. Menezes and E. Teske, "Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree", LMS Journal of Computation and Mathematics, 5 (2002), 127-174.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....E 2 . The Weil descent of E 2 differs from the Weil descent of E 1 . Repeat this step until you are lucky. Hess wrote a KASH program implementing the ideas of JMS. Maurer, Menezes and Teske applied this KASH program on several cases in the real cryptographical world. I cite from their paper [18] It was proven to fail for all cryptographycally interesting elliptic curves over F 2 n , where n 2 [160; 600] is prime. The purpose of this paper is to investigate the applicability of the GHS attack on the ECDLP for cryptographycally interesting elliptic curves over F 2 n for composite n 2 ....

Markus Maurer, Alfred J. Menezes, Edlyn Teske, Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree, (2001), to appear.

.... and ea 6;i y (mod e P i (X) Hence, Chinese remaindering on each subgroup e E i yields the value of d mod lcm(r 1 ; r l ) Remark that, when q i is composite, the computation of discrete logarithms in e E i (F 2 q i ) can be speeded up by Weil descent [11] see also [16, 19, 23] for a thorough analysis and [10] for recent developments) Unknown error The above analysis implies that the error on the representation of e K is known. When only a portion of the representation of K is damaged, we choose for e K the candidate best matching K . In some cases, the error on (the ....

Markus Maurer, Alfred Menezes, and Edlyn Teske. Analysis of the GHS Weil descent attack on the ECDLP over characteristic two nite elds of composite degree. In C. Pandu Rangan and C. Ding, editors, Progress in Cryptology { INDOCRYPT 2001, volume 2247 of Lecture Notes in Computer Science, pages 195{

No context found.

M. Maurer, A. Menezes and E. Teske, "Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree", LMS Journal of Computation and Mathematics, 5 (2002), 127-174.

No context found.

M. Maurer, A. Menezes and E. Teske, Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree, London Mathematical Society Journal of Computation and Mathematics, 5 (2002), pp. 127-174.

No context found.

M. Maurer, A. Menezes and E. Teske, \Analysis of the GHS Weil descent attack on the ECDLP over characteristic two nite elds of composite degree", LMS Journal of Computation and Mathematics, 5 (2002), 127-174.

....the Enge Gaudry algorithm. This is noteworthy because Pollard s rho algorithm for solving the ECDLP instance is infeasible, while the HCDLP instance was solved in a few days on a small network of workstations. The e ectiveness of the GHS attack for composite n 2 [100; 600] was further analyzed in [48], where the elliptic curves most susceptible to the GHS attack were identi ed and enumerated. Because of this relationship between the ECDLP and the HCDLP, improvements, both concrete and asymptotic, in algorithms for solving the HCDLP can increase the vulnerability of elliptic curves to the GHS ....

M. Maurer, A. Menezes and E. Teske, \Analysis of the GHS Weil descent attack on the ECDLP over characteristic two nite elds of composite degree", LMS Journal of Computation and Mathematics, 5 (2002), 127-174.

No context found.

M. Maurer, A. Menezes, and E. Teske. Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree. LMS Journal of Computation and Mathematics, 5:127-- 174, 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC