Abstract
Frey and Rück gave a method to transform the discrete logarithm problem in the divisor class group of a curve over \( \mathbb{F}_q \) into a discrete logarithm problem in some finite field extension \( \mathbb{F}_{q^k } \) . The discrete logarithm problem can therefore be solved using index calculus algorithms as long as k is small.In the elliptic curve case it was shown by Menezes, Okamoto and Vanstone that for supersingular curves one has k ⪯ 6. In this paper curves of higher genus are studied. Bounds on the possible values for k in the case of supersingular curves are given which imply that supersingular curves are weaker than the general case for cryptography. Ways to ensure that a curve is not supersingular are also discussed.A constructive application of supersingular curves to cryptography is given, by generalising an identity-based cryptosystem due to Boneh and Franklin. The generalised scheme provides a significant reduction in bandwidth compared with the original scheme.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
