A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves
Mathematics of Computation
A course in computational algebraic number theory
A course in computational algebraic number theory
Elliptic curves in cryptography
Elliptic curves in cryptography
Computing l-Isogenies Using the p-Torsion
ANTS-II Proceedings of the Second International Symposium on Algorithmic Number Theory
Supersingular Abelian Varieties in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Hardware architectures for public key cryptography
Integration, the VLSI Journal
Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults
Designs, Codes and Cryptography
Extractors for binary elliptic curves
Designs, Codes and Cryptography
Bits Security of the Elliptic Curve Diffie---Hellman Secret Keys
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Applications to cryptography of twisting commutative algebraic groups
Discrete Applied Mathematics
Designs, Codes and Cryptography
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Do all elliptic curves of the same order have the same difficulty of discrete log?
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
A low-memory algorithm for finding short product representations in finite groups
Designs, Codes and Cryptography
Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Algebraic curves and cryptography
Finite Fields and Their Applications
On efficient pairings on elliptic curves over extension fields
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Hi-index | 0.00 |
In this paper we extend the Weil descent attack due to Gaudry, Hess and Smart (GHS) to a much larger class of elliptic curves. This extended attack applies to fields of composite degree over F2. The principle behind the extended attack is to use isogenies to find an elliptic curve for which the GHS attack is effective. The discrete logarithm problem on the target curve can be transformed into a discrete logarithm problem on the isogenous curve.A further contribution of the paper is to give an improvement to an algorithm of Galbraith for constructing isogenies between elliptic curves, and this is of independent interest in elliptic curve cryptography. We show that a larger proportion than previously thought of elliptic curves over F2155 should be considered weak.