DiSSECT

Distinguisher of Standard & Simulated Elliptic Curves via Traits

DiSSECT is a community project with the aim of raising trust in elliptic curves used in cryptography. It offers the largest publicly available database of standard elliptic curves, implementation of popular algorithms for generating elliptic curves and series of tests for testing various curve properties. Using these tools, DiSSECT provides a infrastructure for statistical analysis of elliptic curve standards.

I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry.

I now personally consider this to be smoking evidence that the parameters are cooked.

Do they want to be distrusted?

Many prominent cryptographers criticize the selection of curves in all major elliptic curve standards. The lack of explanation of parameters used in cryptographic standards provides a potential space for weaknesses or inserted vulnerabilities. Even though newer, more rigidly generated curves like Curve25519, Ed448-Goldilocks or NUMS curves are on the rise, some argue that “defining a process that is accepted as completely transparent and traceable by everyone, seems to be impossible.” Thus, a thorough wide-scale analysis of the standard curves is important to establish trust in elliptic curve cryptosystems.

Tool description

DiSSECT contains the largest publicly available database of standardized elliptic curves (taken from our sister project) and offers generation of simulated curves according to the mentioned standards. The tool contains over 20 tests (which we call traits), each computing curve properties, ranging from classical algebraic ones to unconventional ones and those connected to implementations. After obtaining their empirical distributions, the traits allow us to compare the simulated curves to the standard ones.

DiSSECT is written in Python 3 and imports the SageMath library. The database of the standardized elliptic curves as well as the simulated ones with the results of the traits, including the visualization, can be found at https://dissect.crocs.fi.muni.cz/. DiSSECT is open-source and we welcome any collaborators who have an idea for a new trait, new simulation method, or just want to contribute in another way.

Authors

Paper

Our publication of DiSSECT accepted for AFRICACRYPT'22 is available here and the presentation here. This version of the contribution has been accepted for publication, after peer review but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/10.1007/978-3-031-17433-9_21. Use of this Accepted Version is subject to the publisher’s Accepted Manuscript terms of use https://www.springernature.com/gp/open-research/policies/accepted-manuscript-terms