Welcome to the resource topic for 2024/1321
Title:
ECC’s Achilles’ Heel: Unveiling Weak Keys in Standardized Curves
Authors: Enrico Talotti, Matteo Paier, Marino Miculan
Abstract:The strength of Elliptic curve cryptography (ECC) relies on curve choice. This work analyzes weak keys in standardized curves, i.e., private keys within small subgroups of the auxiliary group \mathbb{Z}^*_p. We quantify weak
key prevalence across standardized curves, revealing a potential vulnerability due to numerous small divisors in auxiliary group orders. To address this, we leverage the implicit “baby-steps giant-steps algorithm”, which transforms the complex elliptic curve discrete logarithm problem into a simpler problem within \mathbb{Z}^*_p. This enables efficient detection of weak keys in small-order subgroups.
Our findings highlight the importance of rigorous key testing in applications using standardized ECC. While random weak keys are unlikely, malicious actors could exploit this by manipulating key generation libraries. To this end, we show how users can assess their private key vulnerabilities and mitigate risks by eliminating weak keys. Hence, this work contributes to improved ECC security through proactive key management practices.
ePrint: https://eprint.iacr.org/2024/1321
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .