Cargando…
Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016
Wang et al. proposed a method for obtaining elliptic curves with embedding degree 1 for securing critical infrastructures, and presented several elliptic curves generated by their method with torsion points of 160 bits and 189 bits orders. They also presented some experimental results and claimed th...
| Autor principal: | |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Public Library of Science
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6380619/ https://www.ncbi.nlm.nih.gov/pubmed/30779766 http://dx.doi.org/10.1371/journal.pone.0212310 |
| _version_ | 1783396331366121472 |
|---|---|
| author | Teruya, Tadanori |
| author_facet | Teruya, Tadanori |
| author_sort | Teruya, Tadanori |
| collection | PubMed |
| description | Wang et al. proposed a method for obtaining elliptic curves with embedding degree 1 for securing critical infrastructures, and presented several elliptic curves generated by their method with torsion points of 160 bits and 189 bits orders. They also presented some experimental results and claimed that their implementation of an elliptic curve generated with their method is faster than an implementation for embedded devices presented by Bertoni et al. In this paper, we point out that the security and efficiency claims given by Wang et al. are flawed. Specifically, we show that it is possible to solve finite field discrete logarithm problems defined over their elliptic curves in practice. On the elliptic curves with torsion points of 160 bits orders generated by Wang et al., their instances of finite field discrete logarithm problems are solved in around 4 hours by using a standard desktop PC. On the torsion points of 189 bits orders, their instances are solved in around 10 days by using two standard desktop PCs. The hardness of the finite field discrete logarithm problems is one of the most important bases of security; therefore, their elliptic curves should not be used for cryptographic purposes. |
| format | Online Article Text |
| id | pubmed-6380619 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | Public Library of Science |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-63806192019-03-01 Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 Teruya, Tadanori PLoS One Research Article Wang et al. proposed a method for obtaining elliptic curves with embedding degree 1 for securing critical infrastructures, and presented several elliptic curves generated by their method with torsion points of 160 bits and 189 bits orders. They also presented some experimental results and claimed that their implementation of an elliptic curve generated with their method is faster than an implementation for embedded devices presented by Bertoni et al. In this paper, we point out that the security and efficiency claims given by Wang et al. are flawed. Specifically, we show that it is possible to solve finite field discrete logarithm problems defined over their elliptic curves in practice. On the elliptic curves with torsion points of 160 bits orders generated by Wang et al., their instances of finite field discrete logarithm problems are solved in around 4 hours by using a standard desktop PC. On the torsion points of 189 bits orders, their instances are solved in around 10 days by using two standard desktop PCs. The hardness of the finite field discrete logarithm problems is one of the most important bases of security; therefore, their elliptic curves should not be used for cryptographic purposes. Public Library of Science 2019-02-19 /pmc/articles/PMC6380619/ /pubmed/30779766 http://dx.doi.org/10.1371/journal.pone.0212310 Text en © 2019 Tadanori Teruya http://creativecommons.org/licenses/by/4.0/ This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. |
| spellingShingle | Research Article Teruya, Tadanori Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title | Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title_full | Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title_fullStr | Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title_full_unstemmed | Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title_short | Security analysis of elliptic curves with embedding degree 1 proposed in PLOS ONE 2016 |
| title_sort | security analysis of elliptic curves with embedding degree 1 proposed in plos one 2016 |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6380619/ https://www.ncbi.nlm.nih.gov/pubmed/30779766 http://dx.doi.org/10.1371/journal.pone.0212310 |
| work_keys_str_mv | AT teruyatadanori securityanalysisofellipticcurveswithembeddingdegree1proposedinplosone2016 |