Download presentation

Presentation is loading. Please wait.

Published byIrving Pennel Modified over 2 years ago

1
Elliptic Curve Cryptography The EC Discrete Logarithm problem and Pollard’s Rho attack Ofer Schwarz, Winter 2012-2013 Advisor: Barukh Ziv

2
Background ECDLP; The ECDLP attack; Project goals

3
Elliptic Curves

4
ECDLP

5
ECDLP using collisions

6
Pollard’s Rho

7
Additive walks

8
Pohlig-Hellman reduction

9
Project goals

10
Improvements and optimizations Nivasch’s algorithm; Montgomery trick and distinguished point method; Negation map

11
1. Nivasch’s algorithm

12
2. The Montgomery trick

13
Local parallelization

14
Distinguished points

15
3. Negation map

16
Fruitless cycles

17
Resolving fruitless cycles

18
Implementation and results EC arithmetic library; Collision library; Challenges and results

19
Curve arithmetic library Generic EC arithmetic library in C++ Support for various different curves and algorithms o Extensible syntax that allows adding even more curves and algorithms Fast field arithmetic using GMP and NTL o Incl. complex operations, e.g., Chinese remainders, modular square roots

20
Collision library Generic (templated) C++ library for finding collisions Only need to supply the function Currently implemented: o Floyd’s algorithm o Nivasch’s stack algorithm o Distinguished point method for parallelization

21
Challenges 4 ECDLP challenges of increasing difficulty o 30, 40, 50 and 64 bits 1 Extra challenge with non-prime order for testing Pohlig-Hellman reduction

22
Results!

23
Results!

24
Optimization tests Check every improvement against vanilla version Nivasch: 2.16 times less iterations, 1.4 speedup Montgomery: 1.43 speedup factor for 40 bits, 1.33 factor for 30 bits Negation map: 1.1 times less iterations, no speedup o (Actually about 1.07 times slower)

25
Improvement ideas Distributed attack Low-level optimizations o Integer arithmetic o Field arithmetic (probably harder since NTL is very good at that) o In-place operations instead of constructors and copying Use SIMD architecture (e.g., GPUs)

26
The End

Similar presentations

Presentation is loading. Please wait....

OK

Motivation Basis of modern cryptosystems

Motivation Basis of modern cryptosystems

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google