Aurore Guillevic

Learn More
The aim of this work is to investigate the hardness of the discrete logarithm problem in fields GF(p) where n is a small integer greater than 1. Though less studied than the small characteristic case or the prime field case, the difficulty of this problem is at the heart of security evaluations for torus-based and pairing-based cryptography. The best known(More)
We provide software implementation timings for pairings over composite-order and prime-order elliptic curves. Composite orders must be large enough to be infeasible to factor. They are modulus of 2 up to 5 large prime numbers in the literature. There exists size recommendations for two-prime RSA modulus and we extend the results of Lenstra concerning the(More)
The Number Field Sieve (NFS) algorithm is the best known method to compute discrete logarithms (DL) in large characteristic finite fields Fpn , with p large and n ≥ 1 small. This algorithm comprises four steps: polynomial selection, relation collection, linear algebra and finally, individual logarithm computation. The first step outputs two numbers fields(More)
Computing discrete logarithms in finite fields is a main concern in cryptography. The best algorithms known are the Number Field Sieve and its variants in large and medium characteristic fields (e.g. GF(p), GF(p)); the Function Field Sieve and the Quasi Polynomial-time Algorithm in small characteristic finite fields (e.g. GF(36·509)). The last step of the(More)
The use of elliptic and hyperelliptic curves in cryptography relies on the ability to compute the Jacobian order of a given curve. Recently, Satoh proposed a probabilistic polynomial time algorithm to test whether the Jacobian – over a finite field Fq – of a hyperelliptic curve of the form Y 2 = X + aX + bX (with a, b ∈ Fq) has a large prime factor. His(More)
Since 2000 pairings became a very useful tool to design new protocols in cryptography. Short signatures<lb>and identity-based encryption became also practical thanks to these pairings.<lb>This thesis contains two parts. One part is about optimized pairing implementation on different ellip-<lb>tic curves according to the targeted protocol. Pairings are(More)
The Boneh-Gentry-Waters (BGW) [4] scheme is one of the most efficient broadcast encryption scheme regarding the overhead size. This performance relies on the use of a pairing. Hence this protocol can benefit from public key improvements. The ciphertext is of constant size, whatever the proportion of revoked users is. The main lasting constraint is the(More)
Pairing based cryptography is in a dangerous position following the breakthroughs on discrete logarithms computations in finite fields of small characteristic. Remaining instances are built over finite fields of large characteristic and their security relies on the fact the embedding field of the underlying curve is relatively large. How large is debatable.(More)