SP 800-186, Discrete Logarithm-Based Crypto: Elliptic Curve Parameters
出てくる楕円曲線
グループ
認証プログラム
table:目次
Table of Contents Executive Summary 1
Introduction
2 Overview of Elliptic Curves 4
2.1.1. Curves in Short-Weierstrass Form 4
2.1.2. Montgomery Curves 4
2.1.3. Twisted Edwards Curves 5
2.2.1. Curves in Short-Weierstrass Form 5
Recommended Curves for U.S. Federal Government Use 6
3.1.1. Choice of Key Lengths 6
3.1.2. Choice of Underlying Fields 6
3.1.3. Choice of Basis for Binary Fields 7
3.1.4. Choice of Curves 8
3.2.1. Weierstrass Curves 9
3.2.2. Montgomery Curves 15
3.2.3. Twisted Edwards Curves 17
3.3.1. Koblitz Curves 21
3.3.2. Pseudorandom Curves 24
References 28
Appendix A. Details of Elliptic Curve Group Operations 30
A.1.1. Group Law for Weierstrass Curves 30
A.1.2. Group Law for Montgomery Curves 30
A.1.3. Group Law for Twisted Edwards Curves 30
A.2.1. Group Law for Weierstrass Curves 31
Appendix B. Relationships Between Curve Models 32
B.1. Mapping Between Twisted Edwards Curves and Montgomery Curves 32
B.2. Mapping Between Montgomery Curves and Weierstrass Curves 33
B.3. Mapping Between Twisted Edwards Curves and Weierstrass Curves 33
B.4. 4-Isogenous Mapping 34
Appendix C. Generation Details for Recommended Elliptic Curves 35
C.1.1. Implementation Security Criteria 35
C.2.1. Weierstrass Curves Over Prime Fields 35
C.2.2. Montgomery Curves 36
C.2.3. Twisted Edwards Curves 37
C.2.4. Weierstrass Curves over Binary Fields 37
C.3.1. Generation of Pseudorandom Curves (Prime Case) 38
C.3.2. Verification of Curve Generation (Prime Case) 39
C.3.3. Generation of Pseudorandom Curves (Binary Case) 40
C.3.4. Verification of Curve Generation (Binary Case) 41
Appendix D. Elliptic Curve Routines 42
D.1.1. Non-binary Curves in Short-Weierstrass Form 42
D.1.2. Montgomery Curves 42
D.1.3. Twisted Edwards Curves 43
D.1.4. Binary Curves in Short-Weierstrass Form 44
D.2.1. Prime Curves in Short-Weierstrass Form 45
D.2.2. Binary Curves in Short-Weierstrass Form 46
Appendix E. Auxiliary Functions 48
Appendix F. Data Conversion 50
F.1. Conversion of a Field Element to an Integer 50
F.2. Conversion of an Integer to a Field Element 50
F.3. Conversion of an Integer to a Bit String 50
F.4. Conversion of a Bit String to an Integer 51
Appendix G. Implementation Aspects 52
G.1.1. Curve P-224 52
G.1.2. Curve P-256 52
G.1.3. Curve P-384 53
G.1.4. Curve P-521 54
G.1.5. Curve25519 54
G.1.6. Curve448 54
G.3.1. Normal Bases 57
G.3.2. Polynomial Basis to Normal Basis Conversion 59
G.3.3. Normal Basis to Polynomial Basis Conversion 59
Appendix H. Other Allowed Elliptic Curves 61
Appendix I. List of Symbols, Abbreviations, and Acronyms 62
Appendix J. Glossary 64
List of Tables
Table 1. Approximate Security Strength of the Recommended Curves 6
Table 2. Allowed Usage of the Specified Curves 7
1. Introduction
2. Overview of Elliptic Curves
$ \mathrm{GF}(p) 上の楕円曲線$ E
3. Recommended Curves for U.S. Federal Government Use
table:単語など
eliptic curve 楕円曲線
binary field バイナリ体、2進数体?、標数2上の体? cardinality
確認用
Q. SP 800-186
関連