CryptoDB
An Elliptic Curve Trapdoor System
| Authors: | |
|---|---|
| Download: | |
| Abstract: | We propose an elliptic curve trapdoor system which is of interest in key escrow applications. In this system, a pair ($E_{\rm s}, E_{\rm pb}$) of elliptic curves over $\F_{2^{161}}$ is constructed with the following properties: (i) the Gaudry-Hess-Smart Weil descent attack reduces the elliptic curve discrete logarithm problem (ECDLP) in $E_{\rm s}(\F_{2^{161}})$ to a hyperelliptic curve DLP in the Jacobian of a curve of genus 7 or 8, which is computationally feasible, but by far not trivial; (ii) $E_{\rm pb}$ is isogenous to $E_{\rm s}$; (iii) the best attack on the ECDLP in $E_{\rm pb}(\F_{2^{161}})$ is the parallelized Pollard rho method.\\ The curve $E_{\rm pb}$ is used just as usual in elliptic curve cryptosystems. The curve $E_{\rm s} is submitted to a trusted authorityfor the purpose of key escrow. The crucial difference from other key escrow scenarios is that the trusted authority has to invest a considerable amount of computation to compromise a user's private key, which makes applications such as widespread wire-tapping impossible. |
BibTeX
@misc{eprint-2003-11775,
title={An Elliptic Curve Trapdoor System},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / elliptic curve cryptosystem, key escrow},
url={http://eprint.iacr.org/2003/058},
note={ eteske@math.uwaterloo.ca 12143 received 31 Mar 2003},
author={Edlyn Teske},
year=2003
}