Skip to main content
SpringerLink
Log in

Analysis of the Xedni Calculus Attack

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

The xedni calculus attack on the elliptic curve discrete logarithm problem (ECDLP) involves lifting points from the finite field \({\mathbb{F}}_p\) to the rational numbers \({\mathbb{Q}}\) and then constructing an elliptic curve over \({\mathbb{Q}}\) that passes through them. If the lifted points are linearly dependent, then the ECDLP is solved. Our purpose is to analyze the practicality of this algorithm. We find that asymptotically the algorithm is virtually certain to fail, because of an absolute bound on the size of the coefficients of a relation satisfied by the lifted points. Moreover, even for smaller values of p experiments show that the odds against finding a suitable lifting are prohibitively high.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. B. Birch and H. P. F. Swinnerton-Dyer, Notes on elliptic curves I and II, J.Reine Angew.Math., Vol. 212 (1963) pp. 7–25 and Vol. 218 (1965) pp. 79–108.

    Google Scholar 

  2. B. Birch and H. P. F. Swinnerton-Dyer, Elliptic curves and modular functions. In B. Birch and W. Kuyk (eds.), Modular Functions of One Variable IV (Lect. Notes in Math., Vol. 476), Springer-Verlag, 1975, pp. 2–32.

  3. J. W. S. Cassels, Diophantine equations with special reference to elliptic curves, J.London Math.Soc., Vol. 41 (1966) 193–291.

    Google Scholar 

  4. J. H. Cheon, S. G. Hahn, and H. J. Kim, Analogue of the index calculus for elliptic discrete logarithm, preprint.

  5. J. Coates and A. Wiles, On the conjecture of Birch and Swinnerton-Dyer, Invent.Math., Vol. 39 (1977) pp. 223–251.

    Google Scholar 

  6. R. Greenberg, On the Birch and Swinnerton-Dyer conjecture, Invent.Math., Vol. 72 (1983) pp. 241–265.

    Google Scholar 

  7. G. Havas, B. Majewski, and K. Matthews, Extended GCD and Hermite normal form algorithms via lattice basis reduction, Experimental Math., Vol. 7 (1998) pp. 125–136.

    Google Scholar 

  8. M. Hindry and J. H. Silverman, The canonical height and integral points on elliptic curves, Invent.Math., Vol. 93 (1988), 419–450.

    Google Scholar 

  9. N. Koblitz, Elliptic curve cryptosystems, Math.Comp., Vol. 48 (1987) pp. 203–209.

    Google Scholar 

  10. N. Koblitz, Introduction to Elliptic Curves and Modular Forms, 2nd ed., Springer-Verlag, 1993.

  11. N. Koblitz, Algebraic Aspects of Cryptography, Springer-Verlag, 1998.

  12. S. Lang, Elliptic Curves: Diophantine Analysis, Springer-Verlag, 1978.

  13. S. Lang, Fundamental of Diophantine Geometry, Springer-Verlag, 1983.

  14. LiDIA Group, Technische Universität Darmstadt, Darmstadt, Germany, LiDIA-A Library for Computational Number Theory, Version 1.3, 1997.

    Google Scholar 

  15. D. W. Masser, Specializations of finitely generated subgroups of abelian varieties, Trans.Amer.Math.Soc., Vol. 311 (1989) pp. 413–424.

    Google Scholar 

  16. B. Mazur, Modular curves and the Eisenstein ideal, Inst.Hautes Études Sci.Publ.Math., Vol. 47 (1977) pp. 33–186.

    Google Scholar 

  17. A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Acad. Pub., 1993.

  18. A. Menezes, P. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.

  19. J. F. Mestre, Construction d'une courbe elliptique de rang ¸ 12, C.R.Acad.Sci.Paris, Vol. 295 (1982) pp. 643–644.

    Google Scholar 

  20. J. F. Mestre, Formules explicites et minoration de conducteurs de variétés algébriques, Compos.Math., Vol. 58 (1986) pp. 209–232.

    Google Scholar 

  21. V. S. Miller, Use of elliptic curves in cryptography, Advances in Cryptology-Crypto '85 (Lect. Notes in Comp. Sci., Vol. 218), Springer-Verlag (1986), pp. 417–426.

  22. A. Néron, Propriétés arithmétqiues et géométriques attachés à la notion de rang d'une courbe algébrique dans un corps, Bull.Soc.Math.France, Vol. 80 (1952) pp. 101–166.

    Google Scholar 

  23. A. Néron, Quasi-fonctions et hauteurs sur les variétés abéliennes, Annals of Math., Vol. 82 (1965) pp. 249–331.

    Google Scholar 

  24. K. Ribet, On modular representations of Gal.(Q;Q) arising from modular forms, Invent.Math. Vol. 100 (1990) pp. 431–476.

    Google Scholar 

  25. K. Rubin, Elliptic curves with complex multiplication and the conjecture of Birch and Swinnerton-Dyer, Invent.Math., Vol. 64 (1981) pp. 455–470.

    Google Scholar 

  26. R. Schoof, Nonsingular plane cubic curves, J.Combinatorial Theory, Ser.A, Vol. 46 (1987) pp. 183–211.

    Google Scholar 

  27. J. H. Silverman, Lower bound for the canonical height on elliptic curves, Duke Math.J., Vol. 48 (1981) pp. 633–648.

    Google Scholar 

  28. J. H. Silverman, Divisibility of the specialization map for families of elliptic curves, Amer.J.Math., Vol. 107 (1985) pp. 555–565.

    Google Scholar 

  29. J. H. Silverman, The Arithmetic of Elliptic Curves, Springer-Verlag (1986).

  30. J. H. Silverman, Computing heights on elliptic curves, Math.Comp., Vol. 51 (1988) pp. 339–358.

    Google Scholar 

  31. J. H. Silverman, Advanced Topics in the Arithmetic of Elliptic Curves, Springer-Verlag (1994).

  32. J. H. Silverman, Computing canonical heights with little (or no) factorization, Math.Comp., Vol. 66 (1997) pp. 787–805.

    Google Scholar 

  33. J. H. Silverman, The xedni calculus and the elliptic curve discrete logarithm problem, Designs, Codes and Cryptography, Vol. 20 (2000), pp. 5–40.

    Google Scholar 

  34. J. H. Silverman and J. Suzuki, Elliptic curve discrete logarithms and the index calculus, Advances in Cryptology-ASIACRYPT '98 (Lecture Notes in Comp. Sci. Vol.), Springer-Verlag (1998), pp. 110–125.

  35. J. H. Silverman and J. Tate, Rational Points on Elliptic Curves, Springer-Verlag (1992).

  36. R. Taylor and A. Wiles, Ring-theoretic properties of certain Hecke algebras, Annals of Math., Vol. 141 (1995) pp. 553–572.

    Google Scholar 

  37. A. Wiles, Modular elliptic curves and Fermat's Last Theorem, Annals of Math., Vol. 141 (1995) pp. 443–551.

    Google Scholar 

  38. H. G. Zimmer et al., SIMATH Manual, University of Saarland, Saarbrücken, Germany (1997).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Applied Cryptographic Research, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada

    Edlyn Teske

Authors
  1. Michael J. Jacobson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Neal Koblitz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joseph H. Silverman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andreas Stein
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Edlyn Teske
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Jacobson, M.J., Koblitz, N., Silverman, J.H. et al. Analysis of the Xedni Calculus Attack. Designs, Codes and Cryptography 20, 41–64 (2000). https://doi.org/10.1023/A:1008312401197

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008312401197

Search

Navigation