#### Filter Results:

- Full text PDF available (13)

#### Publication Year

2011

2017

- This year (1)
- Last five years (13)

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

- Aurore Guillevic, Sorina Ionica
- ASIACRYPT
- 2013

The Gallant-Lambert-Vanstone (GLV) algorithm uses efficiently computable endomorphisms to accelerate the computation of scalar multiplication of points on an abelian variety. Freeman and Satoh proposed for cryptographic use two families of genus 2 curves defined over Fp which have the property that the corresponding Jacobians are (2, 2)-isogenous over an… (More)

- Aurore Guillevic
- IACR Cryptology ePrint Archive
- 2016

Computing discrete logarithms in finite fields is a main concern in cryptography. The best algorithms known are the Number Field Sieve and its variants in large and medium characteristic fields (e.g. GF(p 2), GF(p 12)); the Function Field Sieve and the Quasi Polynomial-time Algorithm in small characteristic finite fields (e.g. GF(3 6·509)). The last step of… (More)

- Razvan Barbulescu, Pierrick Gaudry, Aurore Guillevic, François Morain
- EUROCRYPT
- 2015

The aim of this work is to investigate the hardness of the discrete logarithm problem in fields GF(p n) where n is a small integer greater than 1. Though less studied than the small characteristic case or the prime field case, the difficulty of this problem is at the heart of security evaluations for torus-based and pairing-based cryptography. The best… (More)

- Aurore Guillevic
- ACNS
- 2013

We provide software implementation timings for pairings over composite-order and prime-order elliptic curves. Composite orders must be large enough to be infeasible to factor. They are modulus of 2 up to 5 large prime numbers in the literature. There exists size recommendations for two-prime RSA modulus and we extend the results of Lenstra concerning the… (More)

- Aurore Guillevic
- ASIACRYPT
- 2015

The Number Field Sieve (NFS) algorithm is the best known method to compute discrete logarithms (DL) in finite fields Fpn, with p medium to large and n ≥ 1 small. This algorithm comprises four steps: polynomial selection, relation collection, linear algebra and finally, individual logarithm computation. The first step outputs two polynomials defining two… (More)

- Aurore Guillevic, Damien Vergnaud
- IACR Cryptology ePrint Archive
- 2011

The use of elliptic and hyperelliptic curves in cryptography relies on the ability to compute the Jacobian order of a given curve. Recently, Satoh proposed a probabilistic polynomial time algorithm to test whether the Jacobian – over a finite field Fq – of a hyperelliptic curve of the form Y 2 = X 5 + aX 3 + bX (with a, b ∈ F * q) has a large prime factor.… (More)

- Aurore Guillevic
- IACR Cryptology ePrint Archive
- 2015

The Number Field Sieve (NFS) algorithm is the best known method to compute discrete logarithms (DL) in large characteristic finite fields F p n , with p large and n ≥ 1 small. This algorithm comprises four steps: polynomial selection, relation collection, linear algebra and finally, individual logarithm computation. The first step outputs two numbers fields… (More)

- Aurore Guillevic, François Morain, Emmanuel Thomé
- IACR Cryptology ePrint Archive
- 2016

Pairing based cryptography is in a dangerous position following the breakthroughs on discrete logarithms computations in finite fields of small characteristic. Remaining instances are built over finite fields of large characteristic and their security relies on the fact the embedding field of the underlying curve is relatively large. How large is debatable.… (More)

- Aurore Guillevic
- 2013

- Renaud Dubois, Aurore Guillevic, Marine Sengelin Le Breton
- IACR Cryptology ePrint Archive
- 2012

The Boneh-Gentry-Waters (BGW) [4] scheme is one of the most efficient broadcast encryp-tion scheme regarding the overhead size. This performance relies on the use of a pairing. Hence this protocol can benefit from public key improvements. The ciphertext is of constant size, whatever the proportion of revoked users is. The main lasting constraint is the… (More)