Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools

EUROCRYPT

2012

Springer

2012

Springer

Abstract. The goal of this paper is to further study the index calculus method that was ﬁrst introduced by Semaev for solving the ECDLP and later developed by Gaudry and Diem. In particular, we focus on the step which consists in decomposing points of the curve with respect to an appropriately chosen factor basis. This part can be nicely reformulated as a purely algebraic problem consisting in ﬁnding solutions to a multivariate polynomial f(x1, . . . , xm) = 0 such that x1, . . . , xm all belong to some vector subspace of F2n /F2. Our main contribution is the identiﬁcation of particular structures inherent to such polynomial systems and a dedicated method for tackling this problem. We solve it by means of Gröbner basis techniques and analyze its complexity using the multi-homogeneous structure of the equations. A direct consequence of our results is an index calculus algorithm solving ECDLP over any binary ﬁeld F2n in time O(2ω t ), with t ≈ n/2 (provided that a certain heu...

Related Content

Added |
29 Sep 2012 |

Updated |
29 Sep 2012 |

Type |
Journal |

Year |
2012 |

Where |
EUROCRYPT |

Authors |
Jean-Charles Faugère, Ludovic Perret, Christophe Petit, Guénaël Renault |

Comments (0)