[curves] Webpage on pairing-friendly curves

Brad Klee bradklee at gmail.com
Tue Mar 30 17:55:32 PDT 2021

For fun, another teaching example (not perfect):

(also with brilliant French from Voltaire!)


On Tue, Mar 30, 2021 at 12:50 PM Brad Klee <bradklee at gmail.com> wrote:

> Hi Aurore!
> Such a pretty website, why no response? La terreur et la pierre de la
> geurre? You probably couldn't care less what I think, but here for you:
> When others finally understand more about curves, smart tabulations
> such as yours will probably be viewed in a similar light to lists of
> integer
> sequences on OEIS, so keep going and do branch out!
> French academic professionalism is not an area where I excel
> (ni la linguistique française), but I also have a few tabulations:
> https://pqdtopen.proquest.com/doc/2489352408.html?FMT=ABS
> My poor work isn't in the running for the Levchin Prize, but you may
> be interested anyways... In the final draft, Edwards's addition rules
> eventually contributed to proof of the alternate exact pendulum
> solution in Chapter 2. Very sad to hear the news of H.E. passing
> last year and disappointed to never have met him--known for "la
> lumière de la vérité" and also language skills sanz supremacy.
> Meanwhile, in the news, you will probably be happy to read about
> Victor Miller (also a valuable contributor on [mathfun]):
> https://math.washington.edu/news/2021/02/22/neil-koblitz-co-recipient-2021-levchin-prize
> Unfortunately the prize cycle is always falling years behind the exploit
> cycle, and given current madness, we can wonder what "success" will
> look like five years from now? Sacrebleu!
> As far as "teaching" goes, here's one of my targets right now:
> https://sha-mbles.github.io/
> Scary that a "Pratyekabuddha GTX-Slinger" (sorry) could accomplish
> a SHA-1 Chosen Prefix attack for L.T. 1 BTC. In the next version of the
> crypto-capitalist university system, such a problem could presumably
> be given out as homework. For now we would be happy with a lower
> entry price point. So the problem is:
> Design a weak hash function susceptible to prefix-collision in under an
> hour of brute force searching, prove "Hello World" = "Goodbye World",
> and claim the title "Evil Zen Master" that everyone is talking about.
> The other, bigger question is whether or not SHA-2 could fall to a similar
> attack, which relies on highly-incentivized crowd computing? I have asked
> around, but experts are going silent and / or becoming "company interns"
> (excusez moi à nouveau).
> I will look through your dissertation today, send questions or comments
> if you want, or ideas about the toy hash function.
> Au revoir,
> --Brad
> On Wed, Sep 16, 2020 at 2:08 AM Aurore Guillevic <
> aurore.guillevic at inria.fr> wrote:
>> Hi,
>> Following a discussion at the session cryptanalysis 2 at CRYPTO 2020
>> online, I started a webpage on pairing-friendly curves, this is at
>> https://members.loria.fr/AGuillevic/pairing-friendly-curves/
>> Your comments are welcome.
>> Best,
>> Aurore Guillevic.
>> --
>> Aurore Guillevic
>> Chargée de recherche / Research scientist
>> Équipe Caramba bureau B258
>> Inria Nancy -- Grand Est
>> 615 rue du jardin botanique
>> CS 20101
>> 54603 Villers-lès-Nancy Cedex France
>> https://members.loria.fr/AGuillevic/
>> _______________________________________________
>> Curves mailing list
>> Curves at moderncrypto.org
>> https://moderncrypto.org/mailman/listinfo/curves
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/curves/attachments/20210330/752f58c3/attachment.htm>

More information about the Curves mailing list