Abstract : In this paper we look in detail at the curves which arise in the method of Galbraith and Smart for producing curves in the Weil restriction of an elliptic curve over a finite field of characteristic two of composite degree. We explain how this can be used to construct hyperelliptic cryptosystems which could be as secure as a cryptosystem based on the original elliptic curve. On the other hand, we show that the same technique may provide a way of attacking the original elliptic curve cryptosystem using recent advances in the study of the discrete logarithm problem on hyperelliptic curves. We examine the resulting higher genus curves in some detail and propose an additional check on elliptic curve systems defined over fields of characteristic two so as to make them immune from the methods in this paper.
https://hal.inria.fr/inria-00512763
Contributeur : Pierrick Gaudry
<>
Soumis le : mardi 31 août 2010 - 15:25:03
Dernière modification le : jeudi 12 avril 2018 - 01:46:38
Document(s) archivé(s) le : mercredi 1 décembre 2010 - 02:51:20