Elliptic Curve Cryptography in Practice

被引：125

作者：

Bos, Joppe W. ^{[4
]}

Halderman, J. Alex ^{[2
]}

Heninger, Nadia ^{[3
]}

Moore, Jonathan

Naehrig, Michael ^{[1
]}

Wustrow, Eric ^{[2
]}

机构：

[1] Microsoft Res, Redmond, WA USA

[2] Univ Michigan, Ann Arbor, MI 48109 USA

[3] Univ Penn, Philadelphia, PA 19104 USA

[4] NXP Semicond, Leuven, Belgium

来源：

FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2014 | 2014年 / 8437卷

关键词：

ATTACKS; COMPUTATION;

D O I：

10.1007/978-3-662-45472-5_11

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

In this paper we perform a review of elliptic curve cryptography (ECC) as it is used in practice today in order to reveal unique mistakes and vulnerabilities that arise in implementations of ECC. We study four popular protocols that make use of this type of public-key cryptography: Bitcoin, secure shell (SSH), transport layer security (TLS), and the Austrian e-ID card. We are pleased to observe that about 1 in 10 systems support ECC across the TLS and SSH protocols. However, we find that despite the high stakes of money, access and resources protected by ECC, implementations suffer from vulnerabilities similar to those that plague previous cryptographic systems.

引用

页码：157 / 175

页数：19

共 51 条

[1]

[Anonymous], 2012, P 2012 ACM C COMP CO

[2]

[Anonymous], 2012, LNCS, DOI DOI 10.1007/978-3-642-32946-3

[3]

[Anonymous], 9939 CORR

[4]

Barber S., 2012, FINANCIAL CRYPTOGRAP, P399, DOI DOI 10.1007/978-3-642-32946-3_29

[5]

Bernstein DJ, 2006, LECT NOTES COMPUT SC, V3958, P207

[6]

Bernstein DJ, 2013, LECT NOTES COMPUT SC, V8270, P341, DOI 10.1007/978-3-642-42045-0_18

[7]

Bernstein Daniel J., 2013, Safecurves: choosing safe curves for ellipticcurve cryptography

[8]

BERNSTEIN DJ, 2001, P224 NIST

[9]

Biehl I, 2000, LECT NOTES COMPUT SC, V1880, P131

[10]

bitcoincard.org, 2012, SAMPL T

← 1 2 3 4 5 6 →