Abstract
This paper analyzes the cost of breaking ECC under the following assumptions: (1) ECC is using a standardized elliptic curve that was actually chosen by an attacker; (2) the attacker is aware of a vulnerability in some curves that are not publicly known to be vulnerable. This cost includes the cost of exploiting the vulnerability, but also the initial cost of computing a curve suitable for sabotaging the standard. This initial cost depends heavily upon the acceptability criteria used by the public to decide whether to allow a curve as a standard, and (in most cases) also upon the chance of a curve being vulnerable. This paper shows the importance of accurately modeling the actual acceptability criteria: i.e., figuring out what the public can be fooled into accepting. For example, this paper shows that plausible models of the “Brainpool acceptability criteria” allow the attacker to target a onein- a-million vulnerability and that plausible models of the “Microsoft NUMS criteria” allow the attacker to target a one-in-a-hundred-thousand vulnerability.
Original language | English |
---|---|
Title of host publication | Security Standardisation Research - 2nd International Conference, SSR 2015, Proceedings |
Editors | Liqun Chen, Shin’ichiro Matsuo |
Publisher | Springer Verlag |
Pages | 109-139 |
Number of pages | 31 |
ISBN (Print) | 9783319271514 |
DOIs | |
State | Published - 2015 |
Event | 2nd International Conference on Security Standardisation Research, SSR 2015 - Tokyo, Japan Duration: 15 Dec 2015 → 16 Dec 2015 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 9497 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 2nd International Conference on Security Standardisation Research, SSR 2015 |
---|---|
Country/Territory | Japan |
City | Tokyo |
Period | 15/12/15 → 16/12/15 |
Bibliographical note
Publisher Copyright:© Springer International Publishing Switzerland 2015.
Keywords
- ANSI X9
- Brainpool
- Elliptic-curve cryptography
- Microsoft NUMS
- Minimal curves
- NIST
- Nothing-up-mysleeve numbers
- SECG
- Verifiably pseudorandom curves
- Verifiably random curves
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science