Elliptic Curve Cryptography The EC Discrete Logarithm problem and Pollard’s Rho attack Ofer Schwarz, Winter 2012-2013 Advisor: Barukh Ziv.

Slides:



Advertisements
Similar presentations
AKS Implementation of a Deterministic Primality Algorithm
Advertisements

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.
PUBLIC KEY CRYPTOSYSTEMS Symmetric Cryptosystems 6/05/2014 | pag. 2.
RSA and Public Key Cryptography Oct Nathanael Paul.
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Cryptography and Network Security Chapter 8 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Modified – Tom Noack.
Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?
Chapter 4 Finite Fields. Introduction of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key concern operations on “numbers”
Chapter 4 – Finite Fields. Introduction will now introduce finite fields of increasing importance in cryptography –AES, Elliptic Curve, IDEA, Public Key.
Lecture 8: Lattices and Elliptic Curves
Fast Modular Reduction
22C:19 Discrete Structures Integers and Modular Arithmetic
Efficient generation of cryptographically strong elliptic curves Shahar Papini Michael Krel Instructor : Barukh Ziv 1.
Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.
A Public Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography David J. Malan, Matt Welsh, Michael D. Smith Presented.
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
ASYMMETRIC CIPHERS.
Peter Lam Discrete Math CS.  Sometimes Referred to Clock Arithmetic  Remainder is Used as Part of Value ◦ i.e Clocks  24 Hours in a Day However, Time.
-Anusha Uppaluri.  ECC- A set of algorithms for key generation, encryption and decryption (public key encryption technique)  ECC was introduced by Victor.
Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations Copyright © The McGraw-Hill Companies, Inc. Permission required.
Software Security Seminar - 1 Chapter 11. Mathematical Background 발표자 : 안병희 Applied Cryptography.
10.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 10 Symmetric-Key Cryptography.
1 Network Security Lecture 6 Public Key Algorithms Waleed Ejaz
Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.
Long Modular Multiplication for Cryptographic Applications Laszlo Hars Seagate Research Workshop on Cryptographic Hardware and Embedded Systems, CHES 2004.
Number-Theoretic Algorithms
200/MAPLD 2004 Craven1 Super-Sized Multiplies: How Do FPGAs Fare in Extended Digit Multipliers? Stephen Craven Cameron Patterson Peter Athanas Configurable.
ECE 545 – Introduction to VHDL ECE 645—Project 2 Project Options.
Chapter 21 Public-Key Cryptography and Message Authentication.
FPT 2006 Bangkok A Novel Memory Architecture for Elliptic Curve Cryptography with Parallel Modular Multipliers Ralf Laue, Sorin A. Huss Integrated Circuits.
Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative.
General Attacks on Elliptic Curve Based Cryptosystems Merabi Chicvashvili Ron Ryvchin Project Advisor: Barukh Ziv Spring 2014.
Distributed computing using Projective Geometry: Decoding of Error correcting codes Nachiket Gajare, Hrishikesh Sharma and Prof. Sachin Patkar IIT Bombay.
Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation.
Exploiting the Order of Multiplier Operands: A Low-Cost Approach for HCCA Resistance Poulami Das and Debapriya Basu Roy under the supervision of Dr. Debdeep.
6.4 Factoring.
Elliptic Curve Cryptography
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Faster Implementation of Modular Exponentiation in JavaScript
Introdution to SSE or How to put your algorithms on steroids! Christian Kerl
Cryptographic coprocessor
Cryptography issues – elliptic curves Presented by Tom Nykiel.
A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n ) Michael Jung 1, M. Ernst 1, F. Madlener 1, S. Huss 1, R. Blümel.
Lecture 11: Elliptic Curve Cryptography Wayne Patterson SYCS 653 Fall 2008.
9.1 Primes and Related Congruence Equations 23 Sep 2013.
160 as a product of its prime factors is 2 5 x 5 Use this information to show that 160 has 12 factors.
An Optimized Hardware Architecture for the Montgomery Multiplication Algorithm Miaoqing Huang 1, Kris Gaj 2, Soonhak Kwon 3, Tarek El-Ghazawi 1 1 The George.
Efficient Montgomery Modular Multiplication Algorithm Using Complement and Partition Techniques Speaker: Te-Jen Chang.
Motivation Basis of modern cryptosystems
RSA Algorithm Date: 96/10/17 Wun-Long Yang. Outline Introduction to RSA algorithm RSA efficient implementation & profiling.
Asymmetric-Key Cryptography
Asymmetric-Key Cryptography
Network Security Design Fundamentals Lecture-13
Cryptanalysis using Supercomputers, FPGAs and GPUs
D. Cheung – IQC/UWaterloo, Canada D. K. Pradhan – UBristol, UK
Topic 26: Discrete LOG Applications
Progress Report— 11/06 宗慶.
RSA and El Gamal Cryptosystems
Cryptographic protocols 2014, Lecture 2 assumptions and reductions
Homework 3 As announced: not due today 
Elliptic Curve Cryptography over GF(2m) on a Reconfigurable Computer:
Efficient CRT-Based RSA Cryptosystems
Parallel Quadratic Sieve
Symmetric-Key Cryptography
Symmetric-Key Cryptography
Cryptology Design Fundamentals
An x-Coordinate Point Compression Method for Elliptic Curves over Fp
Network Security Design Fundamentals Lecture-13
Mathematical Background: Extension Finite Fields
Presentation transcript:

Elliptic Curve Cryptography The EC Discrete Logarithm problem and Pollard’s Rho attack Ofer Schwarz, Winter Advisor: Barukh Ziv

Background ECDLP; The ECDLP attack; Project goals

Elliptic Curves

ECDLP

ECDLP using collisions

Pollard’s Rho

Additive walks

Pohlig-Hellman reduction

Project goals

Improvements and optimizations Nivasch’s algorithm; Montgomery trick and distinguished point method; Negation map

1. Nivasch’s algorithm

2. The Montgomery trick

Local parallelization

Distinguished points

3. Negation map

Fruitless cycles

Resolving fruitless cycles

Implementation and results EC arithmetic library; Collision library; Challenges and results

Curve arithmetic library Generic EC arithmetic library in C++ Support for various different curves and algorithms o Extensible syntax that allows adding even more curves and algorithms Fast field arithmetic using GMP and NTL o Incl. complex operations, e.g., Chinese remainders, modular square roots

Collision library Generic (templated) C++ library for finding collisions Only need to supply the function Currently implemented: o Floyd’s algorithm o Nivasch’s stack algorithm o Distinguished point method for parallelization

Challenges 4 ECDLP challenges of increasing difficulty o 30, 40, 50 and 64 bits 1 Extra challenge with non-prime order for testing Pohlig-Hellman reduction

Results!

Results!

Optimization tests Check every improvement against vanilla version Nivasch: 2.16 times less iterations, 1.4 speedup Montgomery: 1.43 speedup factor for 40 bits, 1.33 factor for 30 bits Negation map: 1.1 times less iterations, no speedup o (Actually about 1.07 times slower)

Improvement ideas Distributed attack Low-level optimizations o Integer arithmetic o Field arithmetic (probably harder since NTL is very good at that) o In-place operations instead of constructors and copying Use SIMD architecture (e.g., GPUs)

The End

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.