{"entities":{"Q2499265":{"pageid":2510008,"ns":120,"title":"Item:Q2499265","lastrevid":49892263,"modified":"2026-01-11T17:15:35Z","type":"item","id":"Q2499265","labels":{"en":{"language":"en","value":"An elliptic curve trapdoor system"}},"descriptions":{"en":{"language":"en","value":"scientific article; zbMATH DE number 5045612"}},"aliases":{},"claims":{"P31":[{"mainsnak":{"snaktype":"value","property":"P31","hash":"fd5912e4dab4b881a8eb0eb27e7893fef55176ad","datavalue":{"value":{"entity-type":"item","numeric-id":56887,"id":"Q56887"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","id":"Q2499265$9DDC3C54-4B31-4C5A-B2DE-57DAB71C7480","rank":"normal"}],"P159":[{"mainsnak":{"snaktype":"value","property":"P159","hash":"15764894efd5f553f14c06829a610e9c19526d1e","datavalue":{"value":{"text":"An elliptic curve trapdoor system","language":"en"},"type":"monolingualtext"},"datatype":"monolingualtext"},"type":"statement","id":"Q2499265$73BECA0B-D545-451E-A45D-D35AF104D94C","rank":"normal"}],"P225":[{"mainsnak":{"snaktype":"value","property":"P225","hash":"d4ffc7691f61982a40e8732d703c2b3134f2e9bd","datavalue":{"value":"1099.14012","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$2255B232-6B47-4657-AA23-44028A14BC94","rank":"normal"}],"P16":[{"mainsnak":{"snaktype":"value","property":"P16","hash":"ce248613f92a3e6b8e8d637fc8e54f4491fc3d92","datavalue":{"value":{"entity-type":"item","numeric-id":1300625,"id":"Q1300625"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","id":"Q2499265$2BCC96C8-777D-4363-9BB1-0EAE303675B1","rank":"normal"}],"P200":[{"mainsnak":{"snaktype":"value","property":"P200","hash":"d5eab3bbb3b6673353b9ed770934b15d004ef795","datavalue":{"value":{"entity-type":"item","numeric-id":166358,"id":"Q166358"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","id":"Q2499265$FEAF34FC-DD21-4C13-A50B-0A5ACD60E3F2","rank":"normal"}],"P28":[{"mainsnak":{"snaktype":"value","property":"P28","hash":"2d16893a2881e21dd54b3d85e13a15572e7a543f","datavalue":{"value":{"time":"+2006-08-14T00:00:00Z","timezone":0,"before":0,"after":0,"precision":11,"calendarmodel":"http://www.wikidata.org/entity/Q1985727"},"type":"time"},"datatype":"time"},"type":"statement","id":"Q2499265$A873D702-F82E-452D-A4FE-156985E09343","rank":"normal"}],"P1448":[{"mainsnak":{"snaktype":"value","property":"P1448","hash":"5b45169dc447d2e442af1fb3bc6343f8cdb019b3","datavalue":{"value":"The paper proposes a trapdoor system based on a pair \\((E_s, E_{pb})\\)\\, of isogenous elliptic curves defined over the field \\(\\mathbb F_{2^{161}}\\),\\, which can be useful in cryptographic key escrow applications (allowing wire tapping under legal authorization). The pair \\((E_s, E_{pb})\\)\\, is defined as follows:   The (secret) curve \\(E_s\\)\\, is a cryptographically interesting elliptic curve over \\(\\mathbb F_{2^{161}}= \\mathbb F_{{(2^{23})}^7} \\),\\, such that the GHS Weil attack [see \\textit{P. Gaudry, F. Hess}, and \\textit{N. P. Smart}, J. Crypto. 15, 19--46 (2002; Zbl 0996.94036)] produces a hyperelliptic curve over \\(\\mathbb F_{2^{23}}\\)\\, of genus 7 (i.e. \\(m=4\\), and \\(g=2^{m-1}-1\\), where \\(m\\)\\, is the magic number for \\(E\\)). This only happens for a small fraction of all elliptic curves over \\(\\mathbb F_{2^{161}}\\). For technical reasons \\(E_s\\) is also chosen with square free discriminant D (then for any elliptic curve \\(E\\),\\, isogenous to \\(E_s\\), the ring End\\((E)\\)\\, is the maximal order of \\(Q(\\sqrt D)\\), and for any prime \\(l\\) the volcano of \\(l\\)-isogenies of \\(E\\) reduces to the crater, see \\textit{D. Kohel} [PhD. Thesis, U. of California (1996)]).  The curve \\(E_{pb}\\)\\, is isogenous to \\(E_s\\)\\, (selected by a pseudo-random walk in the isogeny class of \\(E_s\\)) but with \\(m=7\\). \\(E_{pb}\\) is public and can be used for implementation of the elliptic curve discrete logarithm problem (ECDLP) while \\(E_s\\)\\, is kept by a trusted authority.  The GHS attack allows to reduce the ECDLP over \\(E_s\\)\\, to a HCDLP over a hyperelliptic curve of genus 7, problem feasible using the \\textit{A. Enge, P. Gaudry} index calculus method [Acta Arith. 102, 83--103 (2002; Zbl 1028.11079)], but not trivial: in the author's words \\` \\` can be solved in an estimated 25.000 days on a 1 GHz workstation''. This way the authority, knowing \\(E_s\\)\\, and perhaps the isogeny relating \\(E_s\\) and \\(E_{pb}\\)\\, can, if necessary, solve any instance of ECDLP over \\(E_{pb}\\), but \\` \\` has to invest a considerable amount of computation, which make applications such as widespread wire-tapping impossible''.  The first two sections of the paper are introductory. Section 3 studies the behavior of the magic number \\(m\\) under isogenies. Details of the construction of the trapdoor system are given in section 4, its security is analyzed in section 5 and its efficiency in section 6. Section 7 studies other (binary) finite fields which can also be used for a similar trapdoor: Table 3 list all finite fields \\(\\mathbb F_{2^N},\\, (150<N<600)\\)\\, that are possible suitable. An appendix gives an instance of the trapdoor system.","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$39EF8207-E176-4DFA-AE41-992114521C0A","rank":"normal"}],"P226":[{"mainsnak":{"snaktype":"value","property":"P226","hash":"332a7ca0fc2503044cbe5299ecaa975484163791","datavalue":{"value":"14G50","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$C650EEF6-5CE5-4B4B-8152-643EE6E1DCDB","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P226","hash":"b3f5570531d36cdad95fcc8cba24a2dabc5fbbbf","datavalue":{"value":"94A60","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$DCE6C024-0FE5-418A-875A-765F86EA5161","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P226","hash":"dcefd1e200eae54420c5080733f6b5a349da9f6a","datavalue":{"value":"11T71","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$DF5A3636-05C7-4D5A-811D-FC5BE295DF63","rank":"normal"}],"P1451":[{"mainsnak":{"snaktype":"value","property":"P1451","hash":"7263d0f1834592d8661a9dbd31eaa26f3f72db86","datavalue":{"value":"5045612","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$4A0A3637-7DC7-44BA-821F-4A358F8BAEFD","rank":"normal"}],"P1450":[{"mainsnak":{"snaktype":"value","property":"P1450","hash":"a6a66e293ed90360a62e9b78fddc7fda8603bc3c","datavalue":{"value":"elliptic curve cryptography","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$8E722360-0F37-495F-9EB9-618300EDAC9A","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1450","hash":"48e9f07ac7f5ead83a027ee69a8c012e9994690e","datavalue":{"value":"ECDLP","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$9195F509-F16D-49D8-AC9D-2424651D25C6","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1450","hash":"184d735b140b48131bcafb39b630f5195ecdde9c","datavalue":{"value":"Weil descent","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$8542F0FF-D236-467D-B57E-F946AFFF8E9B","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1450","hash":"7a6b21a5db6aad919e7ae2ddba25abcc258e4b2e","datavalue":{"value":"trapdoor functions","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$14F0C3C2-53A1-4719-925A-83FE4EA28B0D","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1450","hash":"bf391ab8f05881917ea4a8ba362fd284ce4f78a8","datavalue":{"value":"key escrow","type":"string"},"datatype":"string"},"type":"statement","id":"Q2499265$2B57A3B7-1D75-4938-A2B4-C179C60F5C43","rank":"normal"}],"P1447":[{"mainsnak":{"snaktype":"value","property":"P1447","hash":"8892955fafe16ba1bddb104e5d82ec8889d70fd9","datavalue":{"value":{"entity-type":"item","numeric-id":1313210,"id":"Q1313210"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","id":"Q2499265$00F3FB13-7C21-4F68-9A95-A8B3D8B7523B","rank":"normal"}],"P1460":[{"mainsnak":{"snaktype":"value","property":"P1460","hash":"57f7fea50d2ce1b39b695c4a1313582eed405e38","datavalue":{"value":{"entity-type":"item","numeric-id":5976449,"id":"Q5976449"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","id":"Q2499265$859A7362-B0D6-4E11-8F6C-83804DE7EFED","rank":"normal"}],"P205":[{"mainsnak":{"snaktype":"value","property":"P205","hash":"e6a779eb9850e1ca80df67062d0058cc5a99e8ee","datavalue":{"value":"https://doi.org/10.1007/s00145-004-0328-3","type":"string"},"datatype":"url"},"type":"statement","id":"Q2499265$6A280DC6-550F-4596-A3CC-818D0538C9CA","rank":"normal"}],"P388":[{"mainsnak":{"snaktype":"value","property":"P388","hash":"b4faa0e7389d139d7e6e4fed855a3d6aaef47290","datavalue":{"value":"W2062791219","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$711D7B12-8270-42BC-ACFC-B921FE08E616","rank":"normal"}],"P27":[{"mainsnak":{"snaktype":"value","property":"P27","hash":"b6115a78d6f7b6cc13f976be4f05a5fb8db0682f","datavalue":{"value":"10.1007/S00145-004-0328-3","type":"string"},"datatype":"external-id"},"type":"statement","id":"Q2499265$DAA67E10-D740-4B5C-B881-68FA25A7425D","rank":"normal"}],"P1643":[{"mainsnak":{"snaktype":"value","property":"P1643","hash":"b9031bc5bbbb45afb0bf9be6d3604eaad5176f46","datavalue":{"value":{"entity-type":"item","numeric-id":4664857,"id":"Q4664857"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","qualifiers":{"P1659":[{"snaktype":"value","property":"P1659","hash":"3e1e25592a9edb902e364d8993287d959915b9c5","datavalue":{"value":{"amount":"+0.9928404092788696","unit":"1"},"type":"quantity"},"datatype":"quantity"}],"P1660":[{"snaktype":"value","property":"P1660","hash":"a327a09ea0305e98d5cf33bd4036320e19f2aed0","datavalue":{"value":{"entity-type":"item","numeric-id":6821328,"id":"Q6821328"},"type":"wikibase-entityid"},"datatype":"wikibase-item"}]},"qualifiers-order":["P1659","P1660"],"id":"Q2499265$C8AE47BB-746F-4C78-9C22-7641382C5680","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1643","hash":"a1ce0d36e7adca9c12b8bc399ee6d42b38b08e4c","datavalue":{"value":{"entity-type":"item","numeric-id":3760431,"id":"Q3760431"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","qualifiers":{"P1659":[{"snaktype":"value","property":"P1659","hash":"485a5ff952a3b5403836796c429484906a63786c","datavalue":{"value":{"amount":"+0.7705075144767761","unit":"1"},"type":"quantity"},"datatype":"quantity"}],"P1660":[{"snaktype":"value","property":"P1660","hash":"a327a09ea0305e98d5cf33bd4036320e19f2aed0","datavalue":{"value":{"entity-type":"item","numeric-id":6821328,"id":"Q6821328"},"type":"wikibase-entityid"},"datatype":"wikibase-item"}]},"qualifiers-order":["P1659","P1660"],"id":"Q2499265$9B3CBF66-40B0-4E9E-BC92-E1426E9C64DA","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1643","hash":"574b84dbf164a9466a2d977bbcfbb74183cb0a1b","datavalue":{"value":{"entity-type":"item","numeric-id":3718617,"id":"Q3718617"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","qualifiers":{"P1659":[{"snaktype":"value","property":"P1659","hash":"53af5b00159415de20794754c631b46b811a80ab","datavalue":{"value":{"amount":"+0.7649613618850708","unit":"1"},"type":"quantity"},"datatype":"quantity"}],"P1660":[{"snaktype":"value","property":"P1660","hash":"a327a09ea0305e98d5cf33bd4036320e19f2aed0","datavalue":{"value":{"entity-type":"item","numeric-id":6821328,"id":"Q6821328"},"type":"wikibase-entityid"},"datatype":"wikibase-item"}]},"qualifiers-order":["P1659","P1660"],"id":"Q2499265$C076D780-0581-41CF-86BD-FEF0899EE16A","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1643","hash":"cc6b8a9a2f95ac9f8f5e318bd5913bac4becc2d3","datavalue":{"value":{"entity-type":"item","numeric-id":2765411,"id":"Q2765411"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","qualifiers":{"P1659":[{"snaktype":"value","property":"P1659","hash":"dbde4d65c883a4b0af75eae9924ab256f944e874","datavalue":{"value":{"amount":"+0.7649408578872681","unit":"1"},"type":"quantity"},"datatype":"quantity"}],"P1660":[{"snaktype":"value","property":"P1660","hash":"a327a09ea0305e98d5cf33bd4036320e19f2aed0","datavalue":{"value":{"entity-type":"item","numeric-id":6821328,"id":"Q6821328"},"type":"wikibase-entityid"},"datatype":"wikibase-item"}]},"qualifiers-order":["P1659","P1660"],"id":"Q2499265$9D5D2C58-60F6-4607-8DAF-F14EC438B928","rank":"normal"},{"mainsnak":{"snaktype":"value","property":"P1643","hash":"b89249edaf0e7b7000334429fdfcadcdce3c7340","datavalue":{"value":{"entity-type":"item","numeric-id":4037476,"id":"Q4037476"},"type":"wikibase-entityid"},"datatype":"wikibase-item"},"type":"statement","qualifiers":{"P1659":[{"snaktype":"value","property":"P1659","hash":"fc6fa9a86671943a667abd0521c4fee29492c1db","datavalue":{"value":{"amount":"+0.7648879885673523","unit":"1"},"type":"quantity"},"datatype":"quantity"}],"P1660":[{"snaktype":"value","property":"P1660","hash":"a327a09ea0305e98d5cf33bd4036320e19f2aed0","datavalue":{"value":{"entity-type":"item","numeric-id":6821328,"id":"Q6821328"},"type":"wikibase-entityid"},"datatype":"wikibase-item"}]},"qualifiers-order":["P1659","P1660"],"id":"Q2499265$B1366E06-110E-4AE2-B523-42FB9F085739","rank":"normal"}]},"sitelinks":{"mardi":{"site":"mardi","title":"Publication:2499265","badges":[],"url":"https://portal.mardi4nfdi.de/wiki/Publication:2499265"}}}}}