Abstract
We analyze the security of two number-theoretic pseudo-random generators based on elliptic curves: the elliptic curve linear congruential generator and the elliptic curve power generator. We show that these recursive generators are insecure if sufficiently many bits are output at each iteration (improving notably the prior cryptanalysis of Gutierrez and Ibeas from 2007). We present several theoretical attacks based on Coppersmith's techniques for finding small roots on polynomial equations. Our results confirm that these generators are not appropriate for cryptographic purposes.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
