[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ECDL on Oakley Grp 3&4

To: ipsec@tis.com
Subject: ECDL on Oakley Grp 3&4
From: Niels Provos <provos@wserver.physnet.uni-hamburg.de>
Date: Thu, 13 Aug 1998 17:42:33 +0200
Sender: owner-ipsec@ex.tis.com

FYI M. Wiener and R. Zuccherato will be presenting a paper with the 
title 'Faster attacks on Elliptic Curve Cryptosystems' at the SAC'98. 
The paper describes a speedup of the Pollard-\rho attack when an 
elliptic curve over GF(2**n), with n = ed, is defined over GF(2**e). 
The speedup is by a factor of \sqrt{2d}. 
 
Since both Oakley Group 3 and 4 are defined over GF(2**31) and GF(2**37) 
respectivly, the speedup of a parallel collison-search in both cases is by a 
factor of about \sqrt(2*5) ~ 3. 
 
Greetings 
 Niels 
 
--  
- PHYSnet Rechnerverbund     PGP V2.6 Public key via finger or key server 
  Niels Provos                
  Universitaet Hamburg       WWW: http://www.physnet.uni-hamburg.de/provos/    
  Jungiusstrasse 9           E-Mail: provos@wserver.physnet.uni-hamburg.de 
  Germany 20355 Hamburg      Tel.:   +49 40 4123-2404     Fax: -6571

Follow-Ups:

Re: ECDL on Oakley Grp 3&4

From: Lewis McCarthy <lmccarth@cs.umass.edu>

Prev by Date: 40-bit DES negotiation in IKE?
Next by Date: Re: 40-bit DES negotiation in IKE?
Prev by thread: Re: 40-bit DES negotiation in IKE?
Next by thread: Re: ECDL on Oakley Grp 3&4
Index(es):
- Main
- Thread