On the effectiveness of isogeny walks for extending cover attacks on elliptic curves

Loading...
Thumbnail Image

Date

2016-08-23

Authors

Yee, Randy

Advisor

Menezes, Alfred

Journal Title

Journal ISSN

Volume Title

Publisher

University of Waterloo

Abstract

Cryptographic systems based on the elliptic curve discrete logarithm problem (ECDLP) are widely deployed in the world today. In order for such a system to guarantee a particular security level, the elliptic curve selected must be such that it avoids a number of well-known attacks. Beyond this, one also needs to be wary of attacks whose reach can be extended via the use of isogenies. It is an open problem as to whether there exists a field for which the isogeny walk strategy can render all elliptic curves unsuitable for cryptographic use. This thesis provides a survey of the theory of elliptic curves from a cryptographic perspective and overviews a few of the well-known algorithms for computing elliptic curve discrete logarithms. We perform some experimental verification for the assumptions used in the analysis of the isogeny walk strategy for extending Weil descent-type cover attacks, and explore its applicability to elliptic curves of cryptographic size. In particular, we demonstrate for the first time that the field F_2^{150} is partially weak for elliptic curve cryptography.

Description

Keywords

Elliptic Curves, Isogenies, Cryptography, Discrete Logarithms

LC Subject Headings

Citation