### Abstract

In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F_{2} and on which arithmetic operations can be performed more quickly than on prime extensions of F_{2} of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F_{2}N = F_{h}n. This approach leads to a theoretical computation speedup over fields of the same size, using a standard point of view (cf. [7]). We also analyse their security against prime extension fields F_{2}p, where p is prime, following the method of Menezes and Qu [12]. We conclude that our fields do not present any significant weakness towards the solution of the elliptic curve discrete logarithm problem and that often the Weil descent of Galbraith-Gaudry-Hess-Smart (GGHS) does not offer a better attack on elliptic curves defined over F_{2}N than on those defined over F_{2}p, with a prime p of the same size as N. A noteworthy example is provided by F_{2226}: a generic elliptic curve Y^{2} + XY = X^{3} + αX^{2} + β defined over F_{2226} is as prone to the GGHS Weil descent attack as a generic curve defined on the NIST field F_{2233}.

Original language | English |
---|---|

Title of host publication | Progress in Cryptology - INDOCRYPT 2001 - 2nd International Conference on Cryptology in India, Proceedings |

Publisher | Springer Verlag |

Pages | 108-116 |

Number of pages | 9 |

Volume | 2247 |

ISBN (Print) | 9783540453116 |

Publication status | Published - 2001 |

Event | 2nd International Conference on Cryptology in India, INDOCRYPT 2001 - Chennai, India Duration: Dec 16 2001 → Dec 20 2001 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 2247 |

ISSN (Print) | 03029743 |

ISSN (Electronic) | 16113349 |

### Other

Other | 2nd International Conference on Cryptology in India, INDOCRYPT 2001 |
---|---|

Country | India |

City | Chennai |

Period | 12/16/01 → 12/20/01 |

### Fingerprint

### Keywords

- Elliptic curve cryptography
- Fast performance
- Finite fields
- Weil descent

### ASJC Scopus subject areas

- Computer Science(all)
- Theoretical Computer Science

### Cite this

*Progress in Cryptology - INDOCRYPT 2001 - 2nd International Conference on Cryptology in India, Proceedings*(Vol. 2247, pp. 108-116). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2247). Springer Verlag.

**A secure family of composite finite fields suitable for fast implementation of elliptic curve cryptography.** / Ciet, Mathieu; Quisquater, Jean Jacques; Sica, Francesco.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Progress in Cryptology - INDOCRYPT 2001 - 2nd International Conference on Cryptology in India, Proceedings.*vol. 2247, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2247, Springer Verlag, pp. 108-116, 2nd International Conference on Cryptology in India, INDOCRYPT 2001, Chennai, India, 12/16/01.

}

TY - GEN

T1 - A secure family of composite finite fields suitable for fast implementation of elliptic curve cryptography

AU - Ciet, Mathieu

AU - Quisquater, Jean Jacques

AU - Sica, Francesco

PY - 2001

Y1 - 2001

N2 - In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F2 and on which arithmetic operations can be performed more quickly than on prime extensions of F2 of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F2N = Fhn. This approach leads to a theoretical computation speedup over fields of the same size, using a standard point of view (cf. [7]). We also analyse their security against prime extension fields F2p, where p is prime, following the method of Menezes and Qu [12]. We conclude that our fields do not present any significant weakness towards the solution of the elliptic curve discrete logarithm problem and that often the Weil descent of Galbraith-Gaudry-Hess-Smart (GGHS) does not offer a better attack on elliptic curves defined over F2N than on those defined over F2p, with a prime p of the same size as N. A noteworthy example is provided by F2226: a generic elliptic curve Y2 + XY = X3 + αX2 + β defined over F2226 is as prone to the GGHS Weil descent attack as a generic curve defined on the NIST field F2233.

AB - In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F2 and on which arithmetic operations can be performed more quickly than on prime extensions of F2 of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F2N = Fhn. This approach leads to a theoretical computation speedup over fields of the same size, using a standard point of view (cf. [7]). We also analyse their security against prime extension fields F2p, where p is prime, following the method of Menezes and Qu [12]. We conclude that our fields do not present any significant weakness towards the solution of the elliptic curve discrete logarithm problem and that often the Weil descent of Galbraith-Gaudry-Hess-Smart (GGHS) does not offer a better attack on elliptic curves defined over F2N than on those defined over F2p, with a prime p of the same size as N. A noteworthy example is provided by F2226: a generic elliptic curve Y2 + XY = X3 + αX2 + β defined over F2226 is as prone to the GGHS Weil descent attack as a generic curve defined on the NIST field F2233.

KW - Elliptic curve cryptography

KW - Fast performance

KW - Finite fields

KW - Weil descent

UR - http://www.scopus.com/inward/record.url?scp=84974687517&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84974687517&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9783540453116

VL - 2247

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 108

EP - 116

BT - Progress in Cryptology - INDOCRYPT 2001 - 2nd International Conference on Cryptology in India, Proceedings

PB - Springer Verlag

ER -