首页
社区
课程
招聘
[求助]椭圆曲线数字签名中基点的阶的问题
发表于: 2010-12-19 12:06 14567

[求助]椭圆曲线数字签名中基点的阶的问题

2010-12-19 12:06
14567
若椭圆曲线的阶#E(Fp)为素数,那么用#E(Fp)来代替基点的阶n,可行么?

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

收藏
免费 0
支持
分享
最新回复 (13)
雪    币: 6949
活跃值: (2785)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
我倒是可以下载,就是太慢了,取消掉了
楼主放115就好了
2010-12-19 15:13
0
雪    币:
能力值: (RANK: )
在线值:
发帖
回帖
粉丝
3
应该不行吧, 每个基点都有自己的阶.
BTW: 2楼回错贴了?
2010-12-20 20:03
0
雪    币: 157
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
4
“如果群的阶#E为素数,则群中每一个元都可以由另一个元生成, 每个元也可以生
成其它元, 而且每个元的阶均为#E, 即群的阶为基点的阶。”

这是我在一篇文献中看到的一句话,能解释下么?
2010-12-20 21:53
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
5
QUOTE=ningwine;905285]“如果群的阶#E为素数,则群中每一个元都可以由另一个元生成, 每个元也可以生
成其它元, 而且每个元的阶均为#E, 即群的阶为基点的阶。”

这是我在一篇文献中看到的一句话,能解释下么?[/QUOTE]

应该是基点被确定后,基点的阶=群的阶

群中----循环加群的特点,生成元的阶恰好是群的阶,是ECC的设计根据,基点找到了,找基点要用模知识---群环模的模,模和同调真的难啊。。。。

群的阶是指群的元素个数,元素的阶是指要自乘几次变回自身

======== ECC2-163 ========
m = 163
f = x163 + x8 + x2 + x + 1
seedE = D2C0FB15 760860DE F1EEF4D6 96E67687 56151754
a = 02 5C4BEAC8 074B8C2D 9DF63AF9 1263EB82 29B3C967
b = 00 C9517D06 D5240D3C FF38C74B 20B6CD4D 6F9DD4D9
seedP = C368944D 696E6768 75615175 FF31C825 CC82534A
U_x = 04 342429E5 9B4E1052 222769E1 AB51C17A 53EAB862
U_y = 01 02FB92FE EB65AD06 8469D2DD 15BC0906 C9520891
P_x = 02 3A2E9990 4996E867 9B50FF1E 49ADD8BD 2388F387
P_y = 05 FCBFE409 8477C9D1 87EA1CF6 15C7E915 29E73BA2
h = 02
n = 04 00000000 00000000 0001E60F C8821CC7 4DAEAFC1
seedQ = DFD5F8E2 E38F4D69 6E676875 615175F3 B5115321
V_x = 03 85E70316 D171C67A C6C74463 9CCF27B9 7CDAFCC9
V_y = 06 D5323AEA D193FB57 BB37878A 46125B5A ACE1A5C2
Q_x = 04 38D8B382 1C8E9264 637F2FC7 4F8007B2 1210F0F2
Q_y = 07 3FCEA8D5 E247CE36 7368F006 EBD5B32F DF4286D2
2010-12-22 17:56
0
雪    币:
能力值: (RANK: )
在线值:
发帖
回帖
粉丝
6
如果#E(假设为N)为素数, 则
1. 群中任意两个元a, b, 方程ka = b mod N都有解. 即群中的任意一个元都能由任意另一个元生成.
2. 群中任意一个元a, 显然有aN=0 mod N, 即a(N+1)=a mod N,  即群中的任意一个元的阶都是N.
证毕.
2010-12-22 21:06
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
7
对于素域,|E|=hn(不是简单的乘法,是点乘),只要余因子h=1,群的阶为基点的阶互为充分必要条件,余因子h=2,3,4,基点的阶数还是=群的阶,但推荐的那5条h=1

对于F(2m)的二进制表示法,推荐h=1只有一条,2的4条

K-F(2m)里h=2,4,

余因子h表示:

用的是E上所有点形成的循环群,还是用的是E所有点形成的循环群的子群,拉格朗日定理和引理可知,就用循环群子群也能形成加群(如h=2,用两个子群的阶算出一个新阶当基点阶)

下面的F(2m)  ECC2-163 ,h = 2 ,seedE /seedP/seedQ是ANSIX962种子产生的素数或素数积,UXUY,PXPY是x163 + x7 + x2 + x + 1 MOD(E)的两个子群的元素,UXUY+PXPY将算出个新点,新点的阶n就E上所有点形成的循环群的阶=群的阶

VXVYQXQY是换了个种子产生的,同样可用

======== ECC2-163 ========
m = 163
f = x163 + x7 + x2 + x + 1
seedE = D2C0FB15 760860DE F1EEF4D6 96E67687 56151754
a = 02 5C4BEAC8 074B8C2D 9DF63AF9 1263EB82 29B3C967
b = 00 C9517D06 D5240D3C FF38C74B 20B6CD4D 6F9DD4D9
seedP = C368944D 696E6768 75615175 FF31C825 CC82534A
U_x = 04 342429E5 9B4E1052 222769E1 AB51C17A 53EAB862
U_y = 01 02FB92FE EB65AD06 8469D2DD 15BC0906 C9520891
P_x = 02 3A2E9990 4996E867 9B50FF1E 49ADD8BD 2388F387
P_y = 05 FCBFE409 8477C9D1 87EA1CF6 15C7E915 29E73BA2
h = 02
n = 04 00000000 00000000 0001E60F C8821CC7 4DAEAFC1
seedQ = DFD5F8E2 E38F4D69 6E676875 615175F3 B5115321
V_x = 03 85E70316 D171C67A C6C74463 9CCF27B9 7CDAFCC9
V_y = 06 D5323AEA D193FB57 BB37878A 46125B5A ACE1A5C2
Q_x = 04 38D8B382 1C8E9264 637F2FC7 4F8007B2 1210F0F2
Q_y = 07 3FCEA8D5 E247CE36 7368F006 EBD5B32F DF4286D2
2010-12-28 20:02
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
8
还有正规基表示的,没搜到有推荐的曲线,正规基用于硬件,有三曾求和公式,余因子h应该更大
2010-12-28 20:07
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
9
Y^=2X^3+28X+31MOD113

[0, 12]  [0, 101]  [1, 25]  [1, 88]  [2, 35]  [2, 78]  [11, 38]  [11, 75]  [12,
20]  [12, 93]  [13, 28]  [13, 85]  [15, 53]  [15, 60]  [17, 30]  [17, 83]  [19,
23]  [19, 90]  [21, 7]  [21, 106]  [24, 17]  [24, 96]  [36, 3]  [36, 110]  [38,
22]  [38, 91]  [39, 10]  [39, 103]  [40, 17]  [40, 96]  [43, 25]  [43, 88]  [44,
51]  [44, 62]  [45, 35]  [45, 78]  [48, 53]  [48, 60]  [49, 17]  [49, 96]  [50,
53]  [50, 60]  [53, 21]  [53, 92]  [54, 4]  [54, 109]  [55, 49]  [55, 64]  [56,
12]  [56, 101]  [57, 12]  [57, 101]  [61, 11]  [61, 102]  [62, 14]  [62, 99]  [
64, 15]  [64, 98]  [66, 35]  [66, 78]  [67, 13]  [67, 100]  [69, 25]  [69, 88]
[70, 51]  [70, 62]  [71, 5]  [71, 108]  [72, 19]  [72, 94]  [73, 15]  [73, 98]
[75, 16]  [75, 97]  [77, 36]  [77, 77]  [80, 11]  [80, 102]  [81, 43]  [81, 70]
[83, 21]  [83, 92]  [85, 11]  [85, 102]  [88, 54]  [88, 59]  [89, 15]  [89, 98]
  [90, 21]  [90, 92]  [92, 37]  [92, 76]  [94, 18]  [94, 95]  [97, 32]  [97, 81]
  [100, 42]  [100, 71]  [101, 1]  [101, 112]  [102, 55]  [102, 58]  [106, 31]  [
106, 82]  [107, 41]  [107, 72]  [108, 52]  [108, 61]  [109, 9]  [109, 104]  [112
, 51]  [112, 62]

{1, {0, 12}, 2, {61, 11}, 3, {66, 78}, 4, {48, 53}, 5, {39, 103},
    6, {92, 37}, 7, {108, 52}, 8, {69, 88}, 9, {75, 97}, 10, {88, 54}, 11, {
  77, 36}, 12, {49, 96}, 13, {90, 92}, 14, {21, 7}, 15, {100, 71},
     16, {57, 12},
   17, {56, 101}, 18, {101, 112}, 19, {94, 18}, 20, {72, 94}, 21, {45,
     78}, 22, {36, 3}, 23, {70, 62}, 24, {2, 35},
  25, {102, 58}, 26, {106, 82}, 27, {107, 41}, 28, {89,
  98}, 29, {80, 11}, 30, {44, 62}, 31, {85, 102}, 32, {17,
   83}, 33, {11, 75}, 34, {19, 23}, 35, {43, 88}, 36, {40, 96}, 37, {13,
    85}, 38, {64, 98}, 39, {71, 108}, 40, {38, 91},
   41, {83, 92}, 42, {12, 20}, 43, {1, 25}, 44, {55, 64},
  45, {67, 13}, 46, {97, 81},
  47, {73, 98}, 48, {24, 17}, 49, {81, 70}, 50, {109, 9},
  51, {54, 4}, 52, {15, 53}, 53, {112, 51}, 54, {53, 21}, 55, {62, 99},
    56, {50, 60}, 57, {50, 53}, 58, {62, 14}, 59, {53, 92},
    60, {112, 62}, 61, {15, 60},
     62, {54, 109}, 63, {109, 104}, 64, {81, 43}, 65, {24,
    96}, 66, {73, 15}, 67, {97, 32}, 68, {67, 100}, 69, {55, 49},
    70, {1, 88}, 71, {12, 93}, 72, {83, 21}, 73, {38, 22}, 74, {71,
   5}, 75, {64, 15}, 76, {13, 28}, 77, {40, 17}, 78, {43, 25},
    79, {19, 90}, 80, {11, 38}, 81, {17, 30}, 82, {85, 11},
    83, {44, 51}, 84, {80, 102}, 85, {89, 15}, 86, {107, 72},
    87, {106, 31}, 88, {102, 55}, 89, {2, 78}, 90, {70, 51},
    91, {36, 110}, 92, {45, 35}, 93, {72, 19}, 94, {94, 95},
     95, {101, 1}, 96, {
  56, 12}, 97, {57, 101}, 98, {100, 42}, 99, {21, 106}, 100, {90, 21},
    101, {49, 17}, 102, {77, 77}, 103, {88, 59}, 104, {75, 16}, 105, {69, 25},
   106, {108, 61}, 107, {92, 76}, 108, {39, 10}, 109, {48, 60}, 110, {
    66, 35}, 111, {61, 102}, 112, {0, 101}, 113, {infinity, infinity}

Y^=2X^3+28X+82MOD113

[0, 46]  [0, 67]  [1, 26]  [1, 87]  [4, 22]  [4, 91]  [5, 11]  [5, 102]  [6, 50]
  [6, 63]  [7, 13]  [7, 100]  [11, 34]  [11, 79]  [12, 15]  [12, 98]  [13, 48]
[13, 65]  [16, 28]  [16, 85]  [19, 44]  [19, 69]  [21, 10]  [21, 103]  [23, 24]
[23, 89]  [24, 1]  [24, 112]  [25, 19]  [25, 94]  [28, 52]  [28, 61]  [30, 24]
[30, 89]  [32, 33]  [32, 80]  [33, 52]  [33, 61]  [36, 25]  [36, 88]  [38, 14]
[38, 99]  [40, 1]  [40, 112]  [41, 54]  [41, 59]  [42, 38]  [42, 75]  [43, 26]
[43, 87]  [44, 36]  [44, 77]  [46, 31]  [46, 82]  [47, 40]  [47, 73]  [49, 1]
[49, 112]  [51, 16]  [51, 97]  [52, 52]  [52, 61]  [56, 46]  [56, 67]  [57, 46]
[57, 67]  [58, 56]  [58, 57]  [59, 53]  [59, 60]  [60, 24]  [60, 89]  [63, 4]
[63, 109]  [64, 29]  [64, 84]  [65, 4]  [65, 109]  [68, 40]  [68, 73]  [69, 26]
[69, 87]  [70, 36]  [70, 77]  [73, 29]  [73, 84]  [74, 37]  [74, 76]  [75, 9]
[75, 104]  [77, 45]  [77, 68]  [89, 29]  [89, 84]  [92, 8]  [92, 105]  [94, 6]
[94, 107]  [96, 2]  [96, 111]  [98, 4]  [98, 109]  [100, 32]  [100, 81]  [101, 3
9]  [101, 74]  [102, 5]  [102, 108]  [111, 40]  [111, 73]  [112, 36]  [112, 77]

{1, {0, 46}, 2, {52, 61}, 3, {47, 73}, 4, {65, 109}, 5, {74, 37},
    6, {21, 10}, 7, {5, 11}, 8, {44, 36}, 9, {38,
  14}, 10, {25, 94}, 11, {36, 25}, 12, {64, 29}, 13, {
  23, 89}, 14, {92, 8}, 15, {13, 65}, 16, {56, 46},
  17, {57, 67}, 18, {12, 15}, 19, {19, 69}, 20, {41, 59},
  21, {68, 73}, 22, {77, 68}, 23, {43, 87}, 24, {111, 40},
   25, {11, 34}, 26, {7, 13},
  27, {6, 63}, 28, {24, 112}, 29, {33, 61}, 30, {69, 87}, 31, {28,
     52}, 32, {96, 111}, 33, {102, 5}, 34, {94, 107}, 35, {70, 36}, 36, {73,
   29}, 37, {100, 81}, 38, {49, 112}, 39, {42, 75}, 40, {75,
   104}, 41, {30, 89}, 42, {101, 39}, 43, {112, 77}, 44, {
  58, 57}, 45, {46, 31}, 46, {
  16, 28}, 47, {40, 112}, 48, {89, 84}, 49, {32, 80}, 50, {4, 91},
    51, {59, 53}, 52, {
  98, 109}, 53, {1, 26}, 54, {60, 24}, 55, {51, 97}, 56, {
  63, 4}, 57, {63, 109}, 58, {51, 16}, 59, {60, 89}, 60, {
  1, 87}, 61, {98, 4}, 62, {59, 60}, 63, {4, 22}, 64, {32,
   33}, 65, {89, 29}, 66, {40, 1}, 67, {16, 85}, 68, {46, 82},
   69, {58, 56}, 70, {112, 36}, 71, {101, 74}, 72, {
  30, 24}, 73, {75, 9}, 74, {42, 38}, 75, {49, 1},
   76, {100, 32}, 77, {73, 84}, 78, {70, 77}, 79, {94, 6},
   80, {102, 108}, 81, {96, 2}, 82, {28, 61}, 83, {69, 26},
  84, {33, 52}, 85, {24, 1},
   86, {6, 50}, 87, {7, 100}, 88, {11, 79}, 89, {111, 73},
   90, {43, 26}, 91, {77, 45}, 92, {68, 40}, 93, {41, 54},
   94, {19, 44}, 95, {12, 98}, 96, {57, 46}, 97, {56, 67},
   98, {13, 48}, 99, {92, 105}, 100, {23, 24}, 101, {64,
   84}, 102, {36, 88}, 103, {25, 19}, 104, {38, 99}, 105, {44, 77},
    106, {5, 102}, 107, {21, 103}, 108, {74, 76}, 109, {65, 4}, 110, {47, 40},
   111, {52, 52}, 112, {0, 67}, 113, {infinity, infinity}
2010-12-29 17:31
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
10
仔细看了看书,|F|=如果等于点阶,会被同构攻击,不过等于点阶的的CURVE 不多,用p=113试了下面,好象都是偶数点阶,哪天找到=113的,将建同构试下

Y^2=X^3+31x+b0MOD113

从左往右,b=82,83..........90

每列等于该b的|F|,都是偶数
上传的附件:
2011-1-10 20:47
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
11
b 0----20的也传在这,没113的

找到两小点的:

Y^2=x^3+3x+6mod13

[1, 6]
[1, 7]
[3, 4]
[3, 9]
[4, 2]
[4, 11]
[5, 4]
[5, 9]
[8, 3]
[8, 10]
[10, 3]
[10, 10]

{1, {1, 6}, 2, {8, 10}, 3, {3, 4}, 4, {10, 3}, 5, {5, 4}, 6, {4, 2}, 7, {4,
  11}, 8, {5, 9}, 9, {10, 10}, 10, {3, 9}, 11, {
  8, 3}, 12, {1, 7}, 13, {infinity, infinity}

用Y^2=X^3+5MOD37

[6, 6]
[6, 31]
[8, 6]
[8, 31]
[11, 2]
[11, 35]
[14, 14]
[14, 23]
[17, 16]
[17, 21]
[18, 18]
[18, 19]
[21, 4]
[21, 33]
[22, 16]
[22, 21]
[23, 6]
[23, 31]
[24, 18]
[24, 19]
[25, 4]
[25, 33]
[27, 2]
[27, 35]
[28, 4]
[28, 33]
[29, 14]
[29, 23]
[31, 14]
[31, 23]
[32, 18]
[32, 19]
[35, 16]
[35, 21]
[36, 2]
[36, 35]

{1, {6, 6}, 2, {32, 19}, 3, {27, 2}, 4, {11, 2}, 5, {31,
   14}, 6, {21, 4}, 7, {36, 35}, 8, {25, 4}, 9, {22, 21},
    10, {8, 6}, 11, {23, 31}, 12, {35, 21}, 13, {29, 14}, 14, {28, 33},
  15, {24, 19}, 16, {17, 21}, 17, {18, 18}, 18, {14,
   23}, 19, {14, 14}, 20, {18, 19}, 21, {17, 16}, 22, {24, 18},
    23, {28, 4}, 24, {29, 23},
    25, {35, 16}, 26, {23, 6}, 27, {8, 31}, 28, {22,
  16}, 29, {25, 33}, 30, {36, 2}, 31, {21, 33}, 32, {31,
   23}, 33, {11, 35}, 34, {27,
   35}, 35, {32, 18}, 36, {6, 31}, 37, {infinity, infinity}
上传的附件:
2011-1-11 17:03
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
12
找到两条:

y^2=(x^3+28*x+82)MOD113和y^2=(x^3+28*x+31)MOD113还是两曲线同构

[0, 46]  [0, 67]  [1, 26]  [1, 87]  [4, 22]  [4, 91]  [5, 11]  [5, 102]  [6, 50]
  [6, 63]  [7, 13]  [7, 100]  [11, 34]  [11, 79]  [12, 15]  [12, 98]  [13, 48]
[13, 65]  [16, 28]  [16, 85]  [19, 44]  [19, 69]  [21, 10]  [21, 103]  [23, 24]
[23, 89]  [24, 1]  [24, 112]  [25, 19]  [25, 94]  [28, 52]  [28, 61]  [30, 24]
[30, 89]  [32, 33]  [32, 80]  [33, 52]  [33, 61]  [36, 25]  [36, 88]  [38, 14]
[38, 99]  [40, 1]  [40, 112]  [41, 54]  [41, 59]  [42, 38]  [42, 75]  [43, 26]
[43, 87]  [44, 36]  [44, 77]  [46, 31]  [46, 82]  [47, 40]  [47, 73]  [49, 1]
[49, 112]  [51, 16]  [51, 97]  [52, 52]  [52, 61]  [56, 46]  [56, 67]  [57, 46]
[57, 67]  [58, 56]  [58, 57]  [59, 53]  [59, 60]  [60, 24]  [60, 89]  [63, 4]
[63, 109]  [64, 29]  [64, 84]  [65, 4]  [65, 109]  [68, 40]  [68, 73]  [69, 26]
[69, 87]  [70, 36]  [70, 77]  [73, 29]  [73, 84]  [74, 37]  [74, 76]  [75, 9]
[75, 104]  [77, 45]  [77, 68]  [89, 29]  [89, 84]  [92, 8]  [92, 105]  [94, 6]
[94, 107]  [96, 2]  [96, 111]  [98, 4]  [98, 109]  [100, 32]  [100, 81]  [101, 3
9]  [101, 74]  [102, 5]  [102, 108]  [111, 40]  [111, 73]  [112, 36]  [112, 77]

[0, 12]  [0, 101]  [1, 25]  [1, 88]  [2, 35]  [2, 78]  [11, 38]  [11, 75]  [12,
20]  [12, 93]  [13, 28]  [13, 85]  [15, 53]  [15, 60]  [17, 30]  [17, 83]  [19,
23]  [19, 90]  [21, 7]  [21, 106]  [24, 17]  [24, 96]  [36, 3]  [36, 110]  [38,
22]  [38, 91]  [39, 10]  [39, 103]  [40, 17]  [40, 96]  [43, 25]  [43, 88]  [44,
51]  [44, 62]  [45, 35]  [45, 78]  [48, 53]  [48, 60]  [49, 17]  [49, 96]  [50,
53]  [50, 60]  [53, 21]  [53, 92]  [54, 4]  [54, 109]  [55, 49]  [55, 64]  [56,
12]  [56, 101]  [57, 12]  [57, 101]  [61, 11]  [61, 102]  [62, 14]  [62, 99]  [
64, 15]  [64, 98]  [66, 35]  [66, 78]  [67, 13]  [67, 100]  [69, 25]  [69, 88]
[70, 51]  [70, 62]  [71, 5]  [71, 108]  [72, 19]  [72, 94]  [73, 15]  [73, 98]
[75, 16]  [75, 97]  [77, 36]  [77, 77]  [80, 11]  [80, 102]  [81, 43]  [81, 70]
[83, 21]  [83, 92]  [85, 11]  [85, 102]  [88, 54]  [88, 59]  [89, 15]  [89, 98]
  [90, 21]  [90, 92]  [92, 37]  [92, 76]  [94, 18]  [94, 95]  [97, 32]  [97, 81]
  [100, 42]  [100, 71]  [101, 1]  [101, 112]  [102, 55]  [102, 58]  [106, 31]  [
106, 82]  [107, 41]  [107, 72]  [108, 52]  [108, 61]  [109, 9]  [109, 104]  [112
, 51]  [112, 62]

y^2=(x^3+28*x+31)MOD113图:
上传的附件:
2011-1-13 18:05
0
雪    币: 433
活跃值: (45)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
13
A
用ECDSA:
1
双方都知y^2=X^3+28X+31mod113,随便选共用基点P(94, 18),
乙方选随机选G=28P={11, 38}公开在网上(CA里),但28保密
{1, {94, 18}, 2, {64, 98}, 3, {50,
   53}, 4, {13, 28}, 5, {101, 1}, 6, {0, 12}, 7, {72,
  94}, 8, {71, 108}, 9, {62,
   14}, 10, {40, 17}, 11, {56, 12}, 12, {61, 11}, 13, {45, 78}, 14, {38, 91},
  15, {53, 92}, 16, {43, 25}, 17, {57, 101}, 18, {66, 78},
   19, {36, 3}, 20, {83, 92}, 21, {112, 62}, 22, {19, 90},
   23, {100, 42}, 24, {48, 53}, 25, {70, 62}, 26, {12, 20}, 27, {15,
     60}, 28, {11, 38},

2
甲方用y^2=X^3+28X+31mod113加密明文转换后的M(12, 20)
甲方下载G=28P={11, 38},发送kP和M+kG给乙方,k随机选100保密,
计算:
kP=100*[94, 18] =  [45, 35]
M+kG=(12, 20)+100*[11,38] =  [12, 20]+[70, 51]={94, 18}
{1, {94, 18}, 2, {64, 98}, 3, {50,
   53}, 4, {13, 28}, 5, {101, 1}, 6, {0, 12}, 7, {72,
  .........................
    99, {38, 22}, 100, {45, 35},

{1, {11, 38}, 2, {73, 98}, 3, {21, 7}, 4, {94, 95}, 5, {15,
  ......................................................
      99, {88, 54}, 100, {70, 51},

3
乙方收到
算点乘28*100P=28[45, 35]={70,51}
用M+kG减上面的={94, 18}-{70,51}=={94, 18}+{70, 62}={12, 20}

{1, {45, 35}, 2, {12, 93}, 3, {109, 9}, 4, {80, 11}, 5, {69,
   88}, 6, {90, 21}, 7, {19, 90}, 8, {62, 14}, 9, {13,
  。。。。。。。。。。。。  23, {85, 11}, 24, {15, 60}, 25, {38, 91}, 26, {94, 18}, 27, {61,
    102}, 28, {70, 51}

B
1
用同构的整数加法循环群就不用算点乘点加了
双方都知y^2=X^3+28X+31mod113,随便选共用基点P(94, 18)设为=BASEPOINT,
乙方选随机选G=28*BASEPOINT,28保密
BASEPOINT,G=28*BASEPOINT在CA里公开
2
甲方把要加密的M变成M(12, 20)设为=SECRETS
甲方把k随机选100保密,下载G=28*BASEPOINT
计算
KP=100BASEPOINT
M+kG=SECRETS+100*28*BASEPOINT=SECRETS+2800BASEPOINT

3
乙方收到
计算M=SECRETS+2800BASEPOINT-28*100BASEPOINT
=secrets

C
攻击:p-192=6277101735386680763835789423207666416083908700390324961279

K*9446345918554318339765539424505774633321MOD6277101735386680763835789423207666416083908700390324961279

Modinv(9446345918554318339765539424505774633321,6277101735386680763835789423207666416083908700390324961279)
K=1532084311281248847514493572338365725620829653400330514855

p-521:
6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151

k*6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057100000000000000000000000000000000000000000000000000000000000000000000
ModinvMOD6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151

Modinv(6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057100000000000000000000000000000000000000000000000000000000000000000000
,6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151
)
K=5901386678599506152160266444336643147527836287142516551780095978326817626778882\
055005664653705963895377109198675609485945127204446392964055893638946661134156

超大的:

IsPrime(2^9999-2273)
false
NextPrime(2^999-2273)=P-999=5357543035931336604742125245300009052807024058527668037218751941851755255624680\
6124659918940784792906379733645877657341259357264284615702179922887873492874019\
6728388741211549271053730253118557093897709107652323749179097063369938377958277\
1973038531457285598238843271083830214915826312193418602834032473

k*2^1111111MOD(2^999-2273)

Modinv(2^1111111,2^999-2273)

K=4748214322661817382262199753193115765427191123881878730499973333066859911161160\
1542923798271616879439876262334364812467901090548753349042487469134236069990591\
3376133918158644602423476018625588589630148765756466840037796341529289266800406\
6398814306452488358082383049140645608312195991172097367035686837
2011-1-26 17:55
0
雪    币: 62
活跃值: (27)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
14
如果群的阶是素数,那么该群的每个元素的阶均是群的阶,所以每个元素都是生成元,这是常识。
2011-2-24 11:43
0
游客
登录 | 注册 方可回帖
返回
//