I have a few questions on how to set up discrete elliptic curve logging problems that are safe against the Pohlig-Hellman attack, clutch attacks, and abnormal curve attacks. If anyone can point me to good resources on any of these issues, I would really appreciate it. I mainly looked at Washington, along with a few other books and articles. & # x200B; ** Pohlig-Hellman: ** To protect against this, Bob needs to make sure the order of P is divisible by a large prime (from what I found, 2 ^ 160 is good enough as of 2015). As far as I know, he has two options. The first is to | P | to find and factor it. But factoring is a difficult problem (and finding | P | isn’t exactly easy). Is it feasible to factor numbers that are around size 2 ^ 160? His other option would be to find the number of points on the curve (the order of the group) and then check if that number is divisible by a large prime number. Then with a high probability P has an order that is divisible by the same large prime number. This has the same problem as Bob’s first approximation, except that finding the number of points on the curve (as far as I know) is more difficult than finding | P |. Both options seem bad. What is being done in practice to ensure that | P | is divisible by a large prime number? & # x200B; ** Attacks with couples: ** I don’t quite understand the concept of couples. But as far as I know, mating attacks are probably not feasible as long as the curve used is not supersingular (another word I don’t quite understand). Is there a quick way to determine if a curve is supersingular? & # x200B; ** Deviating curves: ** If the number of points on an elliptic curve above F _q is equal to q, then the curve is called deviated and solving the ECDLP is easy. Can Bob determine if a curve is out of the ordinary without calculating the number of points on the curve? If not, is it possible to calculate the number of points on the curve?

About Cryptoplatforming.com

Cryptoplatforming.com is a news websites which gets news around the globe on investing in Crypto. Our news has no backgroundcheck.