Collision Search for Elliptic Curve Discrete Logarithm over GF(2 m ) with FPGA [chapter]

Guerric Meurice de Dormale, Philippe Bulens, Jean-Jacques Quisquater
Lecture Notes in Computer Science  
In this last decade, Elliptic Curve Cryptography (ECC) has gained increasing acceptance in the industry and the academic community and has been the subject of several standards. This interest is mainly due to the high level of security with relatively small keys provided by ECC. Indeed, no sub-exponential algorithms are known to solve the underlying hard problem: the Elliptic Curve Discrete Logarithm. The aim of this work is to explore the possibilities of dedicated hardware implementing the
more » ... t known algorithm for generic curves: the parallelized Pollard's ρ method. This problem has specific constraints and requires therefore new architectures. Four different strategies were investigated with different FPGA families in order to provide the best areatime product, according to the capabilities of the chosen platforms. The approach yielding the best throughput over hardware cost ratio is then fully described and was implemented in order to estimate the cost of an attack. Such results should help to improve the accuracy of the security level offered by a given key size, especially for the shorter parameters proposed for resource constrained devices.
doi:10.1007/978-3-540-74735-2_26 fatcat:yzgvk7kc35flbnel7rw6h7yxnu