AN AUTHENTICATION SCHEME BASED ON TRILINEAR SELF- PAIRING MAP

176 | P a g e

AN AUTHENTICATION SCHEME BASED

ON TRILINEAR SELF- PAIRING MAP

Manoj Kumar

Department of Mathematics and Statistics,

Gurukula Kangri Vishwavidyalaya, Haridwar, Uttrakhand, (India)

ABSTRACT

The concept of pairing in cryptography was first introduced by Andre Weil in 1940. Generally pairings map

pairs of points on an elliptic curve into the multiplicative group of a finite field. The use of pairings in

cryptography has developed at an extraordinary pace since the publication of the paper of Joux in 2004. In the

present paper, we introduced a multi self- pairing trilinear map on finitely generated free R-modules with rank three, where R is a commutative ring with unity. We used this pairing map to generate secret shared key for group communication.

Keywords- Authentication protocols, Elliptic curve cryptography, Trilinear paring maps, Torsion

Points, Finite Fields.

I.INTRODUCTION

In the recent years, pairing based cryptographic schemes on elliptic curve have been a very active field of

research in cryptography. The concept of pairing in cryptography was first introduced by Weil [16]. Generally

pairings map pairs of points on an elliptic curve into the multiplicative group of a finite field. The use of

pairings in cryptography has developed at an extraordinary pace since the publication of the paper of Joux [8]. Joux’s paper is of great interest to cryptographers, who want to start investigating further applications of

pairings. The next two important applications of pairings are the identity-based encryption scheme of Boneh and

Franklin [2] and the short signature scheme of Boneh, Lynn and Shacham [3]. Pairings have been accepted as an

indispensable tool for the protocol designer. There has also been a tremendous amount of work on the

realization and efficient implementation of trilinear pairings using the Tate pairing on elliptic curves,

hyperelliptic curves, and more general kinds of abelian varieties [7, 9, 10, 12, 14, 15].

Let E with y2x3ax b be an elliptic curve defined over a finite field F. Then, we know that [6, 11, 13] each elliptic curve point can be described by two coordinates ,x yF. In this case we say that elliptic curve

points belong to two dimensional affine planeA_F2 {( , )x y  F F} . Suppose the coordinates( , )x y of the affine plane A_F2 {( , )x y  F F} are mapped to the coordinates ( , , )X Y Z of projective plane

3 _{{( , , ) }}

F

P  X Y Z   F F F as

( , , )X Y Z ( .x Zc, .y Zd,1)or xX Z/ c and yY Z/ d (1)

where c d, are integers.

177 | P a g e

2 3 4 6

:

E Y X aXZ bZ .

If P₁(X Y Z₁, ,_{1 1})and P₂(X Y Z₂, ₂, ₂)are two distinct points on the projective plane then their point addition



P3(X Y Z3, 3, 3) P1 P2



and point doubling (P32 )P1 can be described as follows:

1.1 Addition of Two Distinct Points

Case-I :

If

x1x2

then we have

2 1

2 1 2 1 2 1 1 2 2 1

2 1

2 1 2 1 1 2 2 1

2 1

( )

( )

d d d d c c

c c d d

c c

Y Y

y y Z Z Y Z Y Z Z Z X X

x x X Z X Z Z Z

Z Z         _ 

It is obvious from above expression that



exist because

x₁x₂

.

Now the point

P3

can be calculated as

2

2 2 1 1 2 2 1 1 2 2 1

3 1 2

2 1 1 2 2 1 2 1

( )

( )

d d c c c c

c c d d c c

Y Z Y Z Z Z X Z X Z

x x x

X Z X Z Z Z Z Z

    

   _ _ 



 

3 3 2 2 2

2 1 1 2 2 1 1 2 2 1 2 1 1 2 2 1

2 2

2 1 1 2 2 1

( ) ( )( )

( )

d d c c c c c c d d

c c d c d c

Y Z Y Z Z Z X Z X Z X Z X Z Z Z

X Z X Z Z  Z 

   





3 ( 1 3) 1

y  x x y

2 3 3 2 2 2

2 1 1 2 2 1 1 2 1 1 2 2 1 1 2 2 1 2 1 1 2 2 1 1

2 2

2 1 1 2 2 1 1 2 1 1 2 2 1 1

( ) ( ) ( )( )

( ) ( )

d d c c d d c c c c c c d d

c c d d c c c d c d c d

Y Z Y Z Z Z X Y Z Y Z Z Z X Z X Z X Z X Z Z Z Y

X Z X Z Z Z Z X Z X Z Z  Z  Z

 

    

 _  _

 _  _

2 2 2 2 3 3

2 1 1 2 2 1 1 2 2 1 2 1 1 2 2 1 2 1 1 2 2 1 1

2 2

2 1 1 2 2 1 2 1 1 2 2 1 1

( ) (2 )( ) ( )

( ) ( )

d d c c c c c c d d d d c c

c c d d c c d c d c d

Y Z Y Z Z Z X Z X Z X Z X Z Z Z Y Z Y Z Z Z Y

X Z X Z Z Z X Z X Z Z  Z  Z

 

    

 _ _

 _  _

2 2 2 3 4 4

2 1 1 2 1 2 2 1 2 1 1 2 2 1 2 1 1 2 2 1 1

3 3

2 1 1 2 2 1 1

( )(2 )( ) ( )

( )

d d c c c c d c d c d d c c

c c d c d c d

Y Z Y Z X Z X Z X Z X Z Z Z Y Z Y Z Z Z Y

X Z X Z Z Z Z

           

2 2 2 3 3 3

2 1 1 2 1 2 2 1 1 2 2 1 1 2 2 1 1 2 2 1 2 1 1 2 2 1

3 3

2 1 1 2 2 1

(( )(2 ) ( ))( ) ( )

( )

d d c c d c c c c d d d d c c

c c d d

Y Z Y Z X Z X Z Y Z X Z X Z X Z X Z Z Z Y Z Y Z Z Z

X Z X Z Z Z

      





Using (1) and Jacobian projective transformation with

c2

and

d3

,

P3

is given by

3 3 2 2 2 2 2 2

3 ( 2 1 1 2 ) ( 1 2 2 1 )( 2 1 1 2 )

X  Y Z Y Z  X Z X Z X Z X Z

,

3 3 2 2 3 2 2 3 3 3

3 (( 2 1 1 2 )(2 1 2 2 1 ) 1 2 ( 2 1 1 2 )) ( 2 1 1 2 )

Y  Y Z Y Z X Z X Z Y Z X Z X Z  Y Z Y Z

,

and

2 2

3 ( 2 1 1 2 ) 2 1

178 | P a g e

Case-II :

If x₁x₂ then we have P₃  P₁ P₂ O, where O is the point at infinity of the elliptic curve E in projective coordinates. It can be easily seen that for Jacobian projective coordinates, the point at infinity has the

form (1,1, 0) .

1.2 Addition of Two Equal Points

For point doubling we can take P₁P₂then P₃ P₁ P₂2P₁(X Y Z₃, ₃, ₃). We have

2 2 2

1 1 1 1

2

1 1 1

3 3

2 2

d c d

c x a X Z aZ

y Z Y

    

Obviously exists if y₁0. So we get

2 2 2 2 2 2 2 2 3 2

2 1 1 1 1 1 1 1 1 1 1

3 1 _{4 2 4 2}

1 1 1 1 1

(3 ) (3 ) 8

2 2

4 4

c d c d c

c c c

X aZ Z X X aZ Z Z X Y

x x

Z Y Z Z Y

   

    

2

3 ( 1 3) 1 (31 ) 1

y 



x x y 



x 



y

2 2 2 2 2 2 2

1 1 1 1 1 1 1 1

2 4 2

1 1 1 1 1 1

(3 ) (3 )

3

2 4

c d c d

c c c d

X aZ Z X X aZ Z Y

Z Y Z Z Y Z

 

 

 _  _

 

2 2 2 2 3 2 2 2 3 4 6 4

1 1 1 1 1 1 1 1 1 1

6 3

1 1

12 (3 ) (3 ) 8

8

c c d c d c

c d

X Y X aZ Z X aZ Z Z Y

Z Y 



   



Using (1) and Jacobian projective transformation with c2andd3, the doubling of pointP₁ is given by

3( 3, 3, 3) P X Y Z

where X₃(3X₁2aZ₁4 2) 8X Y_{1 1}2,

2 2 4 2 4 3 4

3 12 1 1 (3 1 1 ) (3 1 1 ) 81

Y  X Y X aZ  X aZ  Y ,

and Z₃2Z Y_{1 1}.

Point subtraction can be performed as P₃ P₁ P₂  P₁ ( P₂) where P₂ is the additive inverse of P₂and

2 ( 2, 2, 2)

P X Y Z

   .

Here it is remarkable that we are no need of division and multiplication operations for calculating elliptic curve

point P₃on the projective plane.

II. CONSTRUCTION OF TRILINEAR SELF PARING MAP

According to the terminology as in the references [1, 3, 4, 5], let R be a commutative ring with unity, P be a finitely generated free R-module with rank 3 and ( , , )l m n be a generating pair forP. We consider elementsau l₁ v m w n₁  ₁ ,bu l₂ v m w n₂  ₂ , cu l₃ v m w n₃  ₃ in P, where u v wi, ,i iPfor each

1, 2,3 i .

For some fixed

  

, , R where all

 

, and are not zero at the same time, we construct a pairing map

, , :

f_{  } P P P  P (2)

179 | P a g e

, , ( , , ) [ (1 2 3 3 2) 1( 3 2 2 3) 1( 2 3 3 2)].( )

f_{  } a b c  u v w v w v u w u w w u v u v lmn (3)

It can be easily seen that the pairing map (2) defined by (3) is non- trivial and well defined map.

For this, if aa',bb'and cc'then we have u_i u_i' ,v_i v_i' and w_i w_i' for each i1, 2,3 by independency of ( , , )l m n . This implies f_{  , ,} ( , , )a b c  f_{  , ,} ( ', ', ')a b c . Therefore the map is well defined.

Proposition-1[15]: The pairing f_{  , ,} ( , , )a b c has the following properties:

(i) Identity : f_{  , ,} ( , , )a a a 0 for all aP . (ii) Trilinearity : If , , ,a b c dPthen we have

, , ( , , ) , , ( , , ) , , ( , , ) f   a b c d f   a c d f   b c d ,

, , ( , , ) , , ( , , ) , , ( , , ) f_{  } a b c d f_{  } a b d f_{  } a c d ,

and f_{  , ,} ( , ,a b cd) f_{  , ,} ( , , )a b c f_{  , ,} ( , , )a b d .

(iii) Anti- symmetry : f_{  , ,} ( , , )a b c  f_{  , ,} ( , , )b c a for all , ,a b cP.

(iv) Non- degeneracy : If , ,a b cP then f_{  , ,} ( , , 0)a b  0 f_{  , ,} ( , 0, )a c  f_{  , ,} (0, , )b c .

Also, if f_{  , ,} ( , , )a b c 0for all b c, P, then a0.

Moreover, if f_{  , ,} ( , , )a b c 0for all cPthen akbfor some constantk.

III. CONSTRUCTION OF TRILINEAR SELF PARING MAP ON ELLIPTIC CURVES

In this section, we will extend the multi self pairing (constructed in previous section) on elliptic curve over the

finite fields. At the end of this section we will also discuss an auxiliary result which will be useful in the next

section.

Let E _{be an elliptic curve. Then a point} PE is said to be a torsion point[15] if there exist a positive integer

m such thatmPO. The smallest such integer is called the order of P. An n-torsion point is a point PE

satisfyingnPO.

Also let K be a field with characteristic zero or a prime p(p is relatively prime to n) and let

( )

EE K be an elliptic curve over K where K is an algebraic closure of K. Also let E K n( )[ ]denote the subgroup of n-torsion point in E K( ), where n0.

For our simplicity we will denote E K n( )[ ] by E n[ ]. It can be easily checked that E n[ ]ZnZnZn.

Let { , ,U V W}for some fixed generating pair for E n[ ]. Then the points P Q R, , E n[ ] can be expressed as

1 1 1

Pa Ub Vc W, Qa U2 b V2 c W2 , Ra U3 b V3 c W3 , where a b ci, ,i ifor each i1, 2,3are

integers in [0,n1].

Now for some fixed integers

  

, , [0,n1],where all

  

, , are not zero at the same time, we construct a map

, , : [ ] [ ] [ ] [ ]

n

f _{  } E n E n E n E n (4)

180 | P a g e

, , ( , , ) [ (1 2 3 3 2) 1( 3 2 2 3) 1( 2 3 3 2)].( )

n

f _{  } P Q R  a b c b c b a c a c c a b a b UVW (5)

It can be easily checked the map (4) defined by (5) is well defined.

Proposition-2[15] : The pairing map fn  _{, ,} ( , , )P Q R constructed as above, satisfies the following postulates :

(i) Identity : fn_{  , ,} ( , , )P P P Ofor all PE n[ ].

(ii) Trilinearity : If P Q R S, , , E n[ ], then we have

, , ( , , ) , , ( , , ) , , ( , , )

n n n

f _{  } PQ R S  f _{  } P R S f _{  } Q R S ,

, , ( , , ) , , ( , , ) , , ( , , )

n n n

f _{  } P QR S  f _{  } P Q S f _{  } P R S ,

and fn_{  , ,} ( , ,P Q RS) fn_{  , ,} ( , , )P Q R fn_{  , ,} ( , , )P Q S .

(iii) Anti-symmerty : fn_{  , ,} ( , , )P Q R  fn_{  , ,} ( , , )Q P R for all P Q R, , E n[ ].

(iv) Non-degeneracy : If P Q R, , E n[ ] then fn  _{, ,} ( , , )P Q O O fn  _{, ,} ( , , )P O R  fn  _{, ,} ( , , )O Q R .

Also if fn_{  , ,} ( , , )P Q R Ofor all Q R, E n[ ], then PO.

Moreover if fn  _{, ,} ( , , )P Q R Ofor all RE n[ ], then PkQfor some constant k.

(v)Compatibility : If PE nk[ ] , QE n[ ] and RE n[ ]then fn_{  , ,} (kP Q R, , )kfn_{  , ,} ( , , )P Q R , if PE n[ ], QE nk[ ] and RE n[ ]then fn_{  , ,} ( ,P kQ R, )kfn_{  , ,} ( , , )P Q R ,

also PE n[ ], QE n[ ]and RE nk[ ] then fn_{  , ,} ( , ,P Q kR)kfn_{  , ,} ( , , )P Q R .

IV

.

CRYPTOGRAPHIC APPLICATIONS

In this section we will apply multi self trilinear pairing (constructed in previous section) to elliptic curve

cryptography. A protocol is a multi-party algorithm, defined by a sequence of steps precisely specifying

the actions required by three or more parties in order to achieve a specified objective. Key establishment is

a process or protocol whereby a shared secret becomes available to three or more parties, for

subsequent cryptographic use. A key agreement protocol is a key establishment technique in which a

shared secret is derived by three (or more) parties as a function of information contributed by, or

associated with, each of these, such that no party can predetermine the resulting value. The key agreement

protocol is contributory if each party equally contributes to the key and guarantees its freshness. Key

authentication is the property whereby one party is associated that no other party aside from an especially

identified second party may gain access to a particular secret key. Key authentication is said to be implicit

if each party sharing the key is assured that no other party can learn the secret shared key.

For a prime number p(pis large enough) and a positive integer r, we denote q pr. Let E be an elliptic curve over a finite field F_q . Then given PE F( _q) with order n and Q P , to findk such that QkP, is known as elliptic curve discrete log problem (ECDLP) in E F( _q). Also for given P aP bP, , to find abP

is known as Diffie-Hellman problem for elliptic curves. Actually it is known as Diffie-Hellman key exchange

protocol for elliptic curves.

181 | P a g e

(i) We Select a large prime ssuch that [ ] ( k) q

E s E F for some smallest integer k.

(ii) Next we select a generating pair { , ,U V W} in [ ]E s and integers , ,  [0,l1]which determine the pairing fs_{  , ,} .

Let the parameters ( , , ,P Q R fs_{  , ,} )be publicly known and let h E F: ( _q)Z l/ be hash functions.

Now our proposed fs_{  , ,} - pairing can be apply to cryptographic scheme namely authenticated key agreement on elliptic curves. To apply the proposed scheme, we assume that three communication parties Alice, Bob and

Carol wish to share a common secret information. Now we are in the position to explain authenticated elliptic

curve Diffie-Hellman key agreement for three parties, which consists of the following phases:

Phase-I: It consists of the following steps

1) Alice, Bob and Carol randomly select secret integers , ,a b c(1,s1) respectively.

2) They respectively compute aP bP cP, , . 3) They broadcast the above computed values.

Now the public values of the system are ( , , ,P Q R aP bP cP f, , , s_{  , ,} ).

Phase-II: It consists of the following steps

1) Alice computes S_Aa bP cP. . abcP(becausePE n[ ]) and fs_{  , ,} (aP Q R, , ). She sends

, ,

( A) s ( , , )

h S f _{  } aP Q R to Bob and Carol.

2) Bob computes S_Bb aP cP. . abcP and fs_{  , ,} (bP Q R, , ). He sends h S( _B)fs_{  , ,} (bP Q R, , )to Alice and

Carol.

3) Carol computes S_C c aP bP. . abcP and fs_{  , ,} (cP Q R, , ). He sends h S( _C)fs_{  , ,} (cP Q R, , )to Alice and

Bob.

It is evident that S_AS_BS_C abcPS_ABC(say).

Phase-III: It consists of the following steps

1) Alice receives

I

_A



h

(

S

_B

)

f

_S_,,

(

bP

,

Q

,

R

)

h

(

S

_C

)

f

_S_,,

(

cP

,

Q

,

R

)

Using the trilinearity of pairing , , s

f _{  }, Alice obtains ( ) , , ( , , ) s

A ABC

I h S bcf _{  } P Q R .

Alice computes h S( _A) (mod )1 s to obtain her secret share key as K_Aah S( _A)1I_A. 2) Next Bob receives

I

h

(

S

)

f

, ,

(

aP

,

Q

,

R

)

h

(

S

)

f

, ,

(

cP

,

Q

,

R

)

S C S

A

B



     

)

,

,

(

)

(

S

acf

_{, ,}

P

Q

R

h

_{ABC }S_{ }



To obtain secret share key, Bob calculates h S( _B) (mod )1 s and compute his shared secret key as

1 ( )

B B B

K bh S  I .

3) Finally Carol receives

I

h

(

S

)

f

, ,

(

aP

,

Q

,

R

)

h

(

S

)

f

, ,

(

bP

,

Q

,

R

)

S

B S

A

182 | P a g e



h

(

S

_ABC

)

abf

_S_,,

(

P

,

Q

,

R

)

To obtain secret share key, Carol calculates h S( _C) (mod )1 s and compute his shared secret key as

1 ( )

C C C

K ch S  I .

It can be easily verified that K_AK_BK_C abc fs_{  , ,} ( , , )P Q R K(say).

Thus there has been established an authenticated common secret key among multiparty Alice, Bob and Carol.

V. SECURITY ANALYSIS

It is obvious from the proposed authenticated elliptic curve Diffie Hellman protocol that the common secret

key Kabc fs_{  , ,} ( , , )P Q R is designed by the contribution of each involved party (Alice, Bob, Carol). This

results in the complexity for the attacker.

For this suppose an active adversary is capable to reform, delay or interpose the message. Now possible attacks

on Bob and Carol can be described as:

If K_Bor K_C secret common key calculated by Bob or Carol, then it can be represented as

, , ( 1 , , ) s

B

K b f _{  } d P Q R or K_C c fs_{  , ,} (d P Q R₂ , , )where d₁ or d₂are introduced by adversary. It means that adversary can alter the first flow of the proposed protocol with fs_{  , ,} (d P Q R₁ , , )orfs_{  , ,} (d P Q R₂ , , ).

To compute bfs_{  , ,} (d P Q R₁ , , )or cfs_{  , ,} (d P Q R₂ , , )adversary requires to calculate bfs_{  , ,} ( , , )P Q R or

, , ( , , ) s

cf _{  } P Q R respectively. But in the second flow, the only expression calculating bfs_{  , ,} ( , , )P Q R or

, , ( , , ) s

cf _{  } P Q R is h S( _B)fs_{  , ,} (bP Q R, , )or h S( _C)fs_{  , ,} (cP Q R, , )respectively. This shows that for adversary to compute bfs_{  , ,} ( , , )P Q R or cfs_{  , ,} ( , , )P Q R respectively from h S( _B)fs_{  , ,} (bP Q R, , )or

, ,

( _C) s ( , , )

h S f _{  } cP Q R is intractable without the knowledge of K_Bor K_C. Similarly attack on Alice can be described as:

Suppose key calculated by Alice is K_Aah S( _A)1fs_{  , ,} (d P Q R₃ , , )where d₃is introduced by the adversary. Now if assume that d₃d h S₄ ( A)where d4is known by adversary and independent of h S( A), then









1

, , 4 , , 4

( ) s ( ) , , s , ,

A A A

K ah S  f _{  } d h S P Q R af _{  } d P Q R . Also to calculate d h S₄ ( _A)fs_{  , ,}



P Q R, ,



,

where d₄is known by adversary, is intractable without calculating h S( _A)fs_{  , ,}



P Q R, ,



. Further if d₃is independent of h S( A), then it is impossible to calculate the key of Alice because KA depends upon

1

( _A)

h S  .

VI. CONCLUSIONS

Using fs_{  , ,} - pairing in cryptography is based on the difficulty of computingh S( _B)fs_{  , ,} (bP Q R, , ),

, ,

( _C) s ( , , )

h S f _{  } cP Q R andh S( A)fs  _{, ,} (aP Q R, , ), without knowing the secret values ,a band c( of Alice,

Bob and Carol respectively ) in the construction of the self pairing trilinear map fs_{  , ,} . To compute

, , ( 1 , , ) s

183 | P a g e

, , ( , , )

s

cf _{  } P Q R respectively. But in the second flow the only expression calculating bfs_{  , ,} ( , , )P Q R or

, , ( , , ) s

cf _{  } P Q R is h S( _B)fs_{  , ,} (bP Q R, , ) or h S( _C)fs_{  , ,} (cP Q R, , )respectively. This shows that for adversary to compute bfs_{  , ,} ( , , )P Q R or cfs_{  , ,} ( , , )P Q R respectively from h S( _B)fs_{  , ,} (bP Q R, , )or

, ,

( _C) s ( , , )

h S f _{  } cP Q R is intractable without the knowledge of K_Bor K_C. Furthermore to calculated h S₄ ( _A)fs_{  , ,}



P Q R, ,



, where d₄ is known by adversary, is intractable without calculatingh S( _A)fs_{  , ,}



P Q R, ,



. In fact, it is impossible to calculate the secret key of Alice because her

keyK_A depends uponh S( _A)1. Thus fs_{  , ,} pairing with only public values is as hard as solving the discrete logarithm problem on elliptic curves.

REFERENCES

[1] Bhattacharya P.B., Jain S.K. and Nagpaul S.R., Basic abstract algebra, Cambridge university press, United

Kingdom, (1995).

[2] Boneh, D. and Franklin, M. (2001), Identity-based encryption from the Weil pairing, Advances in

Cryptology-CRYPTO 2001, Lecture Notes in Computer Science, 2139, 213-229. Full version: SIAM

Journal on Computing, 32 (2003), 586-615.

[3] Boneh, D., Lynn, B. and Shacham, H., Short signatures from the Weil pairing, Advances in

Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science, 2248, (2001)514-532. Full version: Journal of

Cryptology, 17 (2004), 297-319.

[4] Gallian , J. A., Contemporary abstract algebra, Narosa publishing house, New Delhi, (1998).

[5] Gilbert, W. J., Modern algebra with application, Willey-Interscience, New York, (2004).

[6] Hankerson, D. and Menezes, J. A., Vanstone S., Guide to Elliptic Curve Cryptography, Springer-Verlag,

Germany, (2004).

[7] Hardy, G. H., Wright E. M., An introduction to the theory of numbers, oxford university press, United

Kingdom, (1938).

[8] Joux, A., A one round protocol for tripartite Diffie-Hellman, Algorithmic Number Theory: 4th International

Symposium, ANTS-IV, Lecture Notes in Computer Science, 1838, 385-393, (2000). Full version: Journal

of Cryptology, 17 (2004)263–276.

[9] Koblitz N., Elliptic Curve Cryptosystem, Journal of Mathematics Computation, 48(177), (1987)203-209.

[10] Miller V., Use of elliptic curves in cryptography, Advances in Cryptology-CRYPTO, 85 (LNCS 218),

(1985)417-426.

[11] Nemati H., Information security and Ethics: Concept, Methodologies, Tools, and Applications, Information

science reference, New York, (2007).

[12] Silverman, J., The Arithmetic of Elliptic Curves, Springer- Verlag, New York, (1986).

[13] Sklavos N. and Zhang X., Wireless security and cryptography specifications and implementations, Chapman

and Hall/CRC, United Kingdom, (2007).

184 | P a g e

[15] Washington, L.C., Elliptic curves number theory and cryptography, Chapman and Hall/CRC, United

Kingdom, (2008).

[16.]Weil, André Sur les fonctions algébriques à corps de constantes fini. (French) C. R. Acad. Sci.