Distributing of point division on 4 results of Edwards curve points group to adjacement classes
Keywords:Edwards curve, subgroup, adjacent class, сyclic group, generator of group
Elliptic curves in Edwards form are perspective for usage in modern asymmetric cryptosystems. Such curves have a series of advantages in compare with elliptic curves in canonical form, such as speed of addition, universality of addition law, existence of affine coordinates for neutral element of group of points. The fact that Edwards curves are symmetric in both variables involves some properties of such curves that are used in cryptogogy. These days Edwards curves are actively investigates all over the world, for instance, the possibility is investigated to design new digital signature standards on Edwards curves. The most interesting for practical usage are Edwards curves which orders are equal to 4n, where n is large prime number. The security of digital signature on Edwards curves is based on complication of DLP (Discrete logarithm problem) in subgroup of Edwards curve points. The usage of Edwards curve for new digital signature standards stipulates the actuality of cryptanalysis of such cryptosystems. The important place among attacks on DLP-based cryptosystems take special attacks that use the features of the cyclic group in which the DLP problem is considered. Because of this it is necessary to investigate the structure of the cyclic group and its features for cryptanalysis of such systems. One of the algebraic tasks which may be useful in cryptanalysis is representation of Edwards curve points by the pair of left (right) adjacent classes by subgroups of the order 4 and of the maximal prime order n. One of the algorithms for cryptographic analysis of the Edwards curve cryptosystems is the division of point of Edwards curve by four. Division results are tightly connected with the split of point groups of Edward curve by adjacent classes of subgoups of maximum prime order and of the order 4. Structure of the Edwards curve points group allows to determine definitively position of any point of this group, simultaneously in two adjacent classes of subgroups of maximum prime order or fourth order. Example is given of discrete logarithmic problem solution using division of point by four and classification of results of division by adjacent classes for point groups of Edwards curve of order twenty eight and seventy six.
State standard of Ukraine. DSTU 4145-2002. Information technologies. Cryptographic defence of information. Digital signature which is based on elliptic curves. Forming and verification. Кyiv, Ukraine: State standard of Ukraine, 2003.
А. V. Bessalov, Elliptic curve in Edvards form and cryptography. Кyiv, Ukraine: Pоlitеchniка, 2017.
H. M. Edwards, “A normal form for elliptic curves”, Bulletin of the American Mathematical Society, vol. 44, no. 3, pp. 393-422, 2007. doi: 10.1090/S0273-0979-07-01153-6.
D. Bernstein, and T. Lange, “Faster addition and doubling on elliptic curves”. in Proc. International Conference on the Theory and Application of Cryptology and Information Security, Kuching, 2007, pp. 1-20. doi: 10.1007/978-3-540-76900-2_3.
А. Bessalov, А. Dichtenko, and D. Tretiakov, “Estimate of real resistance of cryptosystem on Edwards curve over finite fields of small extension”, Modern information protection, no. 2, pp. 17-20, 2012.
A. V. Bessalov, and A. A. Dikhtenko, “Crypto resistant Edwards elliptic curves over finite fields”, Applied radioelectronics, vol. 12, no. 2, pp. 285-291, 2013.
M. M. Glukchov, V. P. Yelizarov, and A. A. Nechayev, Algebra. Moscow, Russia: Gelios-ARV, 2003.
L. Kovalchuk, А. Bessalov, and О. Bespalov, “Comparative analysis of base point generation algorithms on Edwards curve”, in Proc. XVII International conference “Information protection in information-telecommunication systems”, Kyiv, 2015, pp. 32-33.
O.B. Telizhenko, “Group structure of Edwards elliptic curve without points of order 8”, Mathematical and computer modeling, iss. 15, pp. 239-243, 2017.
How to Cite
Copyright (c) 2020 Collection "Information technology and security"
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).