第1页 / 共332页
第2页 / 共332页
第3页 / 共332页
第4页 / 共332页
第5页 / 共332页
第6页 / 共332页
第7页 / 共332页
第8页 / 共332页
椭圆曲线密码学导论.pdf
Guide to Elliptic Curve Cryptography
Contents
List of Algorithms
List of Tables
List of Figures
Acronyms
Preface
1 Introduction and Overview
1.1 Cryptography basics
1.2 Public-key cryptography
1.2.1 RSAsystems
1.2.2 Discrete logarithmsystems
1.2.3 Elliptic curve systems
1.3 Why elliptic curve cryptography?
1.4 Roadmap
1.5 Notes andfurther references
2 Finite Field Arithmetic
2.1 Introduction to finite fields
2.2 Primefieldarithmetic
2.2.1 Addition and subtraction
2.2.2 Integer multiplication
2.2.3 Integer squaring
2.2.4 Reduction
2.2.5 Inversion
2.2.6 NISTprimes
2.3 Binaryfieldarithmetic
2.3.1 Addition
2.3.2 Multiplication
2.3.3 Polynomial multiplication
2.3.4 Polynomial squaring
2.3.5 Reduction
2.3.6 Inversion anddivision
2.4 Optimal extensionfieldarithmetic
2.4.1 Addition and subtraction
2.4.2 Multiplication and reduction
2.4.3 Inversion
2.5 Notes andfurther references
3 Elliptic Curve Arithmetic
3.1 Introduction to elliptic curves
3.1.1 SimplifiedWeierstrass equations
3.1.2 Group law
3.1.3 Group order
3.1.4 Group structure
3.1.5 Isomorphismclasses
3.2 Point representationandthe group law
3.2.1 Projective coordinates
3.2.2 The elliptic curve y2 = x3 +ax +b
3.2.3 The elliptic curve y2 +xy = x3 +ax2 +b
3.3 Point multiplication
3.3.1 Unknown point
3.3.2 Fixed point
3.3.3 Multiple point multiplication
3.4 Koblitz curves
3.4.1 The Frobenius map and the ring Z[τ ]
3.4.2 Point multiplication
3.5 Curves with efficiently computable endomorphisms
3.6 Point multiplication using halving
3.6.1 Point halving
3.6.2 Performing point halving efficiently
3.6.3 Point multiplication
3.7 Point multiplication costs
3.8 Notes andfurther references
4 Cryptographic Protocols
4.1 The elliptic curve discrete logarithm problem
4.1.1 Pohlig-Hellman attack
4.1.2 Pollard's rho attack
4.1.3 Index-calculus attacks
4.1.4 Isomorphismattacks
4.1.5 Relatedproblems
4.2 Domainparameters
4.2.1 Domainparametergeneration andvalidation
4.2.2 Generating elliptic curves verifiably at random
4.2.3 Determining the number of points on an elliptic curve
4.3 Keypairs
4.4 Signature schemes
4.4.1 ECDSA
4.4.2 EC-KCDSA
4.5 Public-key encryption
4.5.1 ECIES
4.5.2 PSEC
4.6 Keyestablishment
4.6.1 Station-to-station
4.6.2 ECMQV
4.7 Notes andfurther references
5 Implementation Issues
5.1 Software implementation
5.1.1 Integer arithmetic
5.1.2 Floating-point arithmetic
5.1.3 SIMDandfieldarithmetic
5.1.4 Platformmiscellany
5.1.5 Timings
5.2 Hardware implementation
5.2.1 Designcriteria
5.2.2 Field arithmeticprocessors
5.3 Secure implementation
5.3.1 Power analysis attacks
5.3.2 Electromagnetic analysis attacks
5.3.3 Errormessageanalysis
5.3.4 Fault analysis attacks
5.3.5 Timing attacks
5.4 Notes andfurther references
A Sample Parameters
A.1 Irreducible polynomials
A.2 Elliptic curves
A.2.1 Random elliptic curves over Fp
A.2.2 Random elliptic curves over F2m
A.2.3 Koblitz elliptic curves over F2m
B ECC Standards
C Software Tools
C.1 General-purpose tools
C.2 Libraries
Bibliography
Index
Guide to EllipticCurve CryptographyDarrel HankersonAlfred MenezesScott VanstoneSpringer
Guide to Elliptic Curve CryptographySpringerNew YorkBerlinHeidelbergHong KongLondonMilanParisTokyo
Darrel HankersonAlfred MenezesScott VanstoneGuide to EllipticCurve CryptographyWith 38 IllustrationsSpringer
Darrel HankcrsnnDepartment of MathematicsAuburn UniversityAuhuni, Al. .36849-5107. USAhankedr"1 auburn, cduScott VansloneDepart menl of Combinatorics andOplimi/.alionUniversity of WaterlooWaterloo, Ontario. N2L 3Gl CanadaxavansUK"1 LI Waterloo.eaAlfred MenezesDepartmet of Combinatories andOptimizationUniversity of WaterlooWaterloo. Ontario, N2L 3G1 Canadaajmeneze@uwaterloo.calibrary of Congress Calaloging-in-Publication DataHankerson. Darrel R.Guide to elliptic curve cryptography / Darrel Hankerson, Alfred J. Menezes, Scott Vanstone.p. cm.Includes bibliographical references and index.ISBN 0-387-95273-X (alk. paper)1. Computer securiiy. 2. PuMic key cryptography. I. Vunsionc, Scott A,11. Mene/.es. A. J. (Alfred J,), 1965- III. Title,QA76.9.A25H37 2003005.8'(2-dc22 2003059137ISBN 0-387-95273-X Printed un acid-free paper.(c) 2004 Springer-Verlag New York, Inc.All riglils reserved. This work may not Ix1 translated or copied in wimle or in pan without the written permissionol'I he puhlishi-r I Springer-VL-rlag New York, Inc., 175 I-'ifth Avenue, New York, NY 10010,USA J, except for briefexcerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storageand reltrieval, electronic adaption, computer software, or by similar or dissimilar methodology now known 01hereafter developed is forbidden.The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are notidentified as such, is not to be taken as an expression of opinion as to whedier or not they are subject to proprietaryrights.Printed m the United States of America. (HAM)987654321 SPIN 10832297Springer-Vcrlag is a part of ' Springer science+Business Mediaspringeronline.com
ContentsListofAlgorithmsixListofTablesxivListofFiguresxviAcronymsxviiPrefacexix1IntroductionandOverview11.1Cryptographybasics..........................21.2Public-keycryptography........................61.2.1RSAsystems..........................61.2.2Discretelogarithmsystems...................81.2.3Ellipticcurvesystems.....................111.3Whyellipticcurvecryptography?....................151.4Roadmap................................191.5Notesandfurtherreferences......................212FiniteFieldArithmetic252.1Introductiontofinitefields.......................252.2Primefieldarithmetic..........................292.2.1Additionandsubtraction....................302.2.2Integermultiplication......................312.2.3Integersquaring........................342.2.4Reduction............................352.2.5Inversion............................392.2.6NISTprimes..........................44
viContents2.3Binaryfieldarithmetic.........................472.3.1Addition............................472.3.2Multiplication..........................482.3.3Polynomialmultiplication...................482.3.4Polynomialsquaring......................522.3.5Reduction............................532.3.6Inversionanddivision.....................572.4Optimalextensionfieldarithmetic...................622.4.1Additionandsubtraction....................632.4.2Multiplicationandreduction..................632.4.3Inversion............................672.5Notesandfurtherreferences......................693EllipticCurveArithmetic753.1Introductiontoellipticcurves......................763.1.1SimplifiedWeierstrassequations................783.1.2Grouplaw............................793.1.3Grouporder...........................823.1.4Groupstructure.........................833.1.5Isomorphismclasses......................843.2Pointrepresentationandthegrouplaw.................863.2.1Projectivecoordinates.....................863.2.2Theellipticcurvey2=x3+ax+b..............893.2.3Theellipticcurvey2+xy=x3+ax2+b...........933.3Pointmultiplication...........................953.3.1Unknownpoint.........................963.3.2Fixedpoint...........................1033.3.3Multiplepointmultiplication..................1093.4Koblitzcurves..............................1143.4.1TheFrobeniusmapandtheringZ[τ].............1143.4.2Pointmultiplication.......................1193.5Curveswithefficientlycomputableendomorphisms..........1233.6Pointmultiplicationusinghalving...................1293.6.1Pointhalving..........................1303.6.2Performingpointhalvingefficiently..............1323.6.3Pointmultiplication.......................1373.7Pointmultiplicationcosts........................1413.8Notesandfurtherreferences......................147
Contentsvii4CryptographicProtocols1534.1Theellipticcurvediscretelogarithmproblem.............1534.1.1Pohlig-Hellmanattack.....................1554.1.2Pollard’srhoattack.......................1574.1.3Index-calculusattacks.....................1654.1.4Isomorphismattacks......................1684.1.5Relatedproblems........................1714.2Domainparameters...........................1724.2.1Domainparametergenerationandvalidation.........1734.2.2Generatingellipticcurvesverifiablyatrandom........1754.2.3Determiningthenumberofpointsonanellipticcurve....1794.3Keypairs................................1804.4Signatureschemes...........................1834.4.1ECDSA.............................1844.4.2EC-KCDSA..........................1864.5Public-keyencryption..........................1884.5.1ECIES.............................1894.5.2PSEC..............................1914.6Keyestablishment............................1924.6.1Station-to-station........................1934.6.2ECMQV............................1954.7Notesandfurtherreferences......................1965ImplementationIssues2055.1Softwareimplementation........................2065.1.1Integerarithmetic........................2065.1.2Floating-pointarithmetic....................2095.1.3SIMDandfieldarithmetic...................2135.1.4Platformmiscellany......................2155.1.5Timings.............................2195.2Hardwareimplementation.......................2245.2.1Designcriteria.........................2265.2.2Fieldarithmeticprocessors...................2295.3Secureimplementation.........................2385.3.1Poweranalysisattacks.....................2395.3.2Electromagneticanalysisattacks................2445.3.3Errormessageanalysis.....................2445.3.4Faultanalysisattacks......................2485.3.5Timingattacks.........................2505.4Notesandfurtherreferences......................250
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
