Publication Type

Journal Article

Version

publishedVersion

Publication Date

6-2014

Abstract

In this paper, we present invalid-curve attacks that apply to the hyperelliptic curve scalar multiplication (HECSM) algorithm proposed by Avanzi et al. on the genus 2 hyperelliptic curve over binary field. We observe some new properties of the HECSM. Our attacks are based on these new properties and the observation that the parameters f 0 and f 1 of the hyperelliptic curve equation are not utilized for the HECSM. We show that with different “values” for curve parameters f 0, f 1, there exsit cryptographically weak groups in the Koblitz hyperelliptic curve. Also, we compute the theoretical probability of getting a weak Jacobian group of hyperelliptic curve whose cardinality is an smooth integer.

Keywords

hyperelliptic curve, discrete logarithm, binary field, genus, cryptosystem

Discipline

Information Security | Theory and Algorithms

Research Areas

Cybersecurity

Areas of Excellence

Digital transformation

Publication

SCIENCE CHINA Information Sciences

Volume

57

Issue

3

First Page

1

Last Page

17

ISSN

1674-733X

Identifier

10.1007/s11432-013-5048-6

Publisher

Springer

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1007/s11432-013-5048-6

Share

COinS