[curves] Improvements on discrete log for Koblitz curves?
Gregory Maxwell
gmaxwell at gmail.com
Tue Apr 7 01:51:20 PDT 2015
It's important to distinguish the binary extension field attacks (at
this point I wouldn't use a binary extension field for anything), and
the other things that get called 'koblitz curves'.
On Tue, Apr 7, 2015 at 12:44 AM, Trevor Perrin <trevp at trevp.net> wrote:
> An eprint paper claims an improvement over Pollard Rho vs the FIPS
> K-409 and K-571 curves:
>
> https://eprint.iacr.org/2015/310.pdf
>
>
> Seems like this might be building on the direction described below,
> from the "ellipticnews" blog:
>
> https://ellipticnews.wordpress.com/2012/05/16/two-new-papers-on-the-ecdlp-in-characteristic-2/
>
>
> Anyone able to place the work in context? (is this a real
> improvement? by how much? what are prospects for further advances,
> application to other curves, etc.)
>
>
> Trevor
> _______________________________________________
> Curves mailing list
> Curves at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/curves
More information about the Curves
mailing list