摘要
在公约密码学中,有限域椭圆曲线Weil对的计算问题研究多集中于理论研究,而对实践应用关注甚少,导致部分理论研究需要新的方法支持。为此,给出了Weil对的计算方法,通过实例指出了Miller算法在有限域上点的选择问题,分析了两种不同方法使用Miller算法的差异。通过Miller算法,指出了MOV(Menezes-Okamoto-Vanstone)攻击离散对数的局限性。实践分析表明,有限域上椭圆曲线Weil对的计算是小子阶上的计算,对于大子阶的计算不是很有效。
The computation of Weil pairing of elliptic curves over finite fields is of great significance to the application of public-key cryptography. The research of Weil pairing focuses on theoretical research, but pays little attention to practical application, which leads to the need for new methods to support some theoretical research. For this reason, the Weil pairing calculation method is given, the point selection problem of Miller algorithm over finite field is pointed out by examples, and the difference between two different methods using Miller algorithm is analyzed. Through Miller algorithm, the limitation of MOV(Menezes-Okamoto-Vanstone) attack discrete logarithm is pointed out. The practical analysis shows that the Weil pairing of elliptic curves in finite fields are of small order and not very effective for large suborder.
作者
胡建军
王伟
李恒杰
HU Jianjun;WANG Wei;LI Hengjie(School of Digital Media,Lanzhou University of Arts and Science,Lanzhou 730010,China)
出处
《吉林大学学报(信息科学版)》
CAS
2022年第3期509-514,共6页
Journal of Jilin University(Information Science Edition)
基金
兰州文理学院服务地方经济社会发展计划基金资助项目(2021FWDF15)。
关键词
WEIL对
Miller算法
MOV算法
离散对数
Weil pairing
Miller algorithm
menezes-okamoto-vanstone(MOV)algorithm
discrete logarithm
