Arithmetic on non supersingular elliptic curves

  • T. Beth
  • F. Schaefer
Submitted Contributions
Part of the Lecture Notes in Computer Science book series (LNCS, volume 539)


We discuss the different possibilities to choose elliptic curves over different finite fields with respect to application for public key cryptosystems.

In 1985 it was proposed to use the multiplication on elliptic curves for the implementation of one way functions.

Supersingular curves E with #E(Fq) = q + 1 elements were proposed at that time. New results due to A. Menezes, T. Okamoto and S. Vanstone show, that these curves are not well suited for that purpose. They can be attacked with a new division algorithm recently presented.

However, by using non-supersingular elliptic curves this attack can be avoided. We show how to construct suitable curves. Furthermore some aspects of a VLSI-implementation for such a cryptosystem are discussed.


Elliptic Curve Finite Field Elliptic Curf Discrete Logarithm Discrete Logarithm Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    T. Beth, D. Gollmann; Algorithm Engineering for Public Key Algorithms; IEEE Journal on Selected Areas in Comm., Vol. 7, No. 4, 1989, pp 458–466.Google Scholar
  2. [2]
    T. Beth, W. Geiselmann, F. Schaefer; Arithmetics on Elliptic Curves; Algebraic and Combinatorial Coding Theory, 2nd Int. Workshop, Leningrad, 1990, pp 28–33.Google Scholar
  3. [3]
    T. Beth, F. Schaefer; Non Supersingular Elliptic Curves for Public Key Cryptosystems; to appear in Proc. of EUROCRYPT'91.Google Scholar
  4. [4]
    D. Coppersmith; Fast evaluation of logarithms in fields of characteristic two; IEEE Trans. Inform. Theory, IT 30, 1984, pp 587–594.Google Scholar
  5. [5]
    M. Deuring; Die Typen der Multiplikatorenringe elliptischer Funktionenkörper; Abh. Math. Sem. Hamburg, Bd. 14, 1941, pp 197–272.Google Scholar
  6. [6]
    W. Diffie, M. Hellman; New directions in cryptography; IEEE Trans. Inform. Theory, IT 22, 1976, pp 644–654.Google Scholar
  7. [7]
    T. ElGamal; A public key cryptosystem and a signature scheme based on discrete logarithms; IEEE Trans. Inform. Theory, IT 31, 1985, pp 469–472.Google Scholar
  8. [8]
    N. Koblitz; Elliptic Curve Cryptosystems; Mathematics of Computation, Vol. 48, No177, 1987, pp 203–209.Google Scholar
  9. [9]
    A. Menezes, S. A. Vanstone; The Implementation fo Elliptic Curve Cryptosystems; Advances in Cryptology-AUSCRYPT90, Springer LNCS 453, 1990, pp 2–13.Google Scholar
  10. [10]
    A. Menezes, T. Okamoto, S. A. Vanstone; Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field; Proc. of the 22nd Annual ACM Symposium on the Theory of Comp., 80–89, 1991.Google Scholar
  11. [11]
    V. S. Miller; Use of Elliptic Curves in Cryptography; Advances in Cryptology: Proceedings of Crypto 85, Springer LNCS 218, 1986, pp 417–426.Google Scholar
  12. [12]
    P. Montgomery; Speeding the Pollard and elliptic curve methods of factorization; Math. Comp., Vol. 48, 1977, pp 243–264.Google Scholar
  13. [13]
    R. Schoof; Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p; Math. Of Comp., Vol. 44, No. 170, 1985, pp 483–494.Google Scholar
  14. [14]
    J. H. Silverman; The Arithmetic of Elliptic Curves; Springer-Verlag, New York, 1986.Google Scholar
  15. [15]
    J. T. Tate; The Arithmetic of Elliptic Curves; Inventiones Math. 23, Springer-Verlag, 1974, pp 179–206.Google Scholar
  16. [16]
    W. C. Waterhouse; Abelian Varieties over finite fields; Ann. Scient. Ec. Norm. Sup., 4th serie, 1969, pp 521–560.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • T. Beth
    • 1
  • F. Schaefer
    • 1
  1. 1.Institut für Algorithmen und Kognitive SystemeUniversität KarlsruheKarlruhe 1

Personalised recommendations