International Association for Cryptologic Research

Ph.D. Database

The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and access to the full text. On the second hand, it deals with Ph.D. subjects currently under investigation. This way, we provide a timely map of contemporary research in cryptology. All entries or changes need to be approved by an editor. You can contact them via phds (at)


Alfred Menezes (#334)
Name Alfred Menezes
Personal Homepage
Topic of his/her doctorate. Elliptic Curve Cryptosystems
Category public-key cryptography
Ph.D. Supervisor(s) Scott Vanstone
Year of completion 1992
Abstract Elliptic curves have been extensively studied for many years. Recent interest has revolved around their applicability to factoring integers and to primality testing. In 1985, N. Koblitz and V. Miller independently suggested using the group of points on an elliptic curve over a finite field as a basis for public-key cryptosystems. Elliptic curve cryptosystems have the potential to provide equivalent security as the existing public-key schemes, but with much shorter key lengths. The purpose of this thesis is to study various issues that arise in the secure and efficient implementation of these systems.

We first present a simple method of counting the number of non-isomorphic elliptic curves over finite fields of characteristic two.

We then show how the discrete logarithm problem in some finite groups can be efficiently reduced to the discrete logarithm problem in a finite field. We present a reduction of the elliptic curve logarithm problem to the logarithm problem in some finite field. For the special class of supersingular curves, the reduction takes probabilistic polynomial time, thus leading to a probabilistic subexponential time algorithm for the logarithm problem in these elliptic curves.

For some elliptic curves for which the logarithm problem is believed to be intractable, we demonstrate that the cryptosystems that arise form these curves are very practical, and are amenable to both software and hardware implementation.

Finally, we present some heuristics for improving Schoof's polynomial time algorithm for counting the number of points on elliptic curves defined over finite fields of characteristic two.

Last Change 2011-04-16 11:22:04
To provide an update on this entry, please click .

Alfred Menezes's Students

Berkant Ustaoglu - Key establishment - security models, protocols and usage (cryptographic protocols)

Contact: phds (at)

[ IACR home page ] [ IACR PhDs page ] © IACR