Elliptic Curves in Cryptography

Fall 2011

Textbook

• Required: Elliptic Curves: Number Theory and Cryptography, 2nd edition by L. Washington.
• Online edition of Washington (available from on-campus computers; click here to set up proxies for off-campus access).
• There is a problem with the Chapter 2 PDF in the online edition of Washington: most of the lemmas and theorems don't display correctly. We are working with Stanford Libraries and the publisher to make a correct version available. In the meantime, here is a PDF file with the missing content.

Course Topics

1. Introduction to elliptic curves (Washington Chapters 1-2).
• Definition of elliptic curves. Group law. Endomorphisms and isomorphisms. j-invariant. Elliptic curves in SAGE.
2. Elliptic curves over finite fields (Ch. 3-4).
• Torsion points. Frobenius morphism. Group structure and group order. Hasse's theorem. Supersingular curves. Discrete logarithm problem.
3. Elliptic curve cryptosystems (Ch. 6).
• Diffie-Hellman key exchange. ElGamal encryption. Schnorr identification. ECDSA. Security definitions and proofs.
4. Discrete logarithm attacks (Ch. 5).
• Baby step-giant step. Pollard rho. Menezes-Okamoto-Vanstone and Frey-Rück reductions. Anomalous curves.
5. Pairing-based cryptography.
• Abstract properties of pairings. Pairing-friendly elliptic curves. Boneh-Franklin identity-based encryption. Boneh-Lynn-Shacham signatures. Boneh-Goh-Nissim homomorphic encryption.
6. Generating elliptic curves for cryptography (Ch. 4,10).
• Schoof's algorithm. Complex multiplication. Generating pairing-friendly curves.
7. Advanced topics, to be chosen from the following:
• Mathematics of pairings (Ch. 11).
• Elliptic curve factoring and primality testing (Ch. 7).
• Hyperelliptic curves (Ch. 13).
• Weil restriction and index calculus.
• More pairing-based cryptosystems.
• Fast implementations.