Abstract
Our purpose is to describe elliptic curves with complex multiplication which in characteristic 2 have the following useful properties for constructing Diffie-Hellman type cryptosystems: (1) they are nonsupersingular (so that one cannot use the Menezes-Okamoto-Vanstone reduction of discrete log from elliptic curves to finite fields); (2) the order of the group has a large prime factor (so that discrete logs cannot be computed by giant-step/baby-step or the Pollard rho method); (3) doubling of points can be carried out almost as efficiently as in the case of the supersingular curves used by Vanstone; (4) the curves are easy to find.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
S. Goldwasser, J. Kilian, Almost all primes can be quickly certified, Proceedings of the 18th ACM Symp. Theory of Computing (1986), 316–329.
N. Koblitz, A Course in Number Theory and Cryptography, Springer-Verlag, 1987.
N. Koblitz, Elliptic curve cryptosystems, Math. of Computation, 48 (1987), 203–209.
A. K. Lenstra and H. W. Lenstra, Jr., Algorithms in number theory, in: Handbook of Theoretical Computer Science, Vol. A, Algorithms and Complexity, ed. by j. van Leeuwen, Amsterdam: Elsevier (1990), 673–715.
A. Menezes and S. A. Vanstone, Isomorphism classes of elliptic curves over finite fields of characteristic 2, Utilitas Mathematica, 38 (1990), 135–154.
A. Menezes and S. A. Vanstone, Elliptic curve cryptosystems and their implementation, to appear in J. Cryptology.
A. Menezes, T. Okamoto, and S. A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, Proceedings of the 23rd ACM Symp. Theory of Computing, 1991.
V. Miller, Use of elliptic curves in cryptography, Advanced in Cryptology — Crypto’ 85, Springer-Verlag, 1986, 417–426.
F. Morain, Implementation of the Goldwasser-Kilian-Atkin primality testing algorithm, preprint.
F. Morain and J. Olivos, Speeding up the computations on an elliptic curve using addition-subtraction chains, R.A.I.R.O. Technical Informatics and Applications, 24 (1990), 531–543.
R. C. Mullin, I. M. Onyszchuk, S. A. Vanstone, and R. M. Wilson, Optimal normal bases in GF(p n), Discrete Appl. Math., 22 (1988/89), 149–161.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koblitz, N. (1992). CM-Curves with Good Cryptographic Properties. In: Feigenbaum, J. (eds) Advances in Cryptology — CRYPTO ’91. CRYPTO 1991. Lecture Notes in Computer Science, vol 576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46766-1_22
Download citation
DOI: https://doi.org/10.1007/3-540-46766-1_22
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-55188-1
Online ISBN: 978-3-540-46766-3
eBook Packages: Springer Book Archive