Journal of Cryptology
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
On Exponential Sums and Group Generators for Elliptic Curves over Finite Fields
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Extracting randomness from samplable distributions
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
Extractors for binary elliptic curves
Designs, Codes and Cryptography
The Quadratic Extension Extractor for (Hyper)Elliptic Curves in Odd Characteristic
WAIFI '07 Proceedings of the 1st international workshop on Arithmetic of Finite Fields
Optimal Randomness Extraction from a Diffie-Hellman Element
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Guide to Elliptic Curve Cryptography
Guide to Elliptic Curve Cryptography
New directions in cryptography
IEEE Transactions on Information Theory
Hi-index | 0.00 |
A deterministic extractor for an elliptic curve, that converts a uniformly random point on the curve to a random bit-string with a uniform distribution, is an important tool in cryptography. Such extractors can be used for example in key derivation functions, in key exchange protocols and to design cryptographically secure pseudorandom number generator. In this paper, we present a simple and efficient deterministic extractor for an elliptic curve E defined over a non prime finite field. Our extractor, for a given random point P on the curve, outputs the k-first coefficients of the abscissa of the point P. This extractor confirms the two conjectures stated by Farashahi and Pellikaan (2007) and Farashahi et al. (2008), related to the extraction of bits from coordinates of a point of an elliptic curve. As applications of our extractor, we show under the decisional Diffie-Hellman problem on an elliptic curve defined over a finite field of characteristic two, that the k-first or the k-last bits of the abscissa of a random point on the curve are indistinguishable from a random bit-string of the same length.