* This work was partially supported by Generalitat Valenciana grant number GV04B-462 A new cryptosystem based on elliptic curves and polynomial matrices* JOAN-JOSEP CLIMENT, FRANCISCO FERRÁNDEZ Departament de Ciència de la Computació i Intel·ligència Artificial Universitat d'Alacant Campus de Sant Vicent del Raspeig. Ap. de Correus 99, E-03080, Alacant SPAIN Abstract: - The system we propose is a mathematical problem with the necessary properties to define public key cryptosystems. It is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP) and polynomial matrices. In this way, we achieve to increase the possible number of keys and, therefore, we augment the resolution complexity of the system. Also, we make a cryptanalisys of the system detecting its weaknesses and verifying that, even so, it is harder to solve than the ECDLP. Key-Words: - Public key cryptography, elliptic curves, finite fields, discrete logarithm problem, linear systems, Diffie-Hellman key agreement, multiple instances, polynomial matrices. 1 Introduction Public key cryptography is shown, nowadays, as the most efficient security tool in the digital world. Still have not turned thirty years old, it is able to provide a set of necessary services for the progress of the communications. Some examples of these are the electronic signature, document encryption, or electronic voting schemes. Stands out, without doubt, the secret key agreement protocol, necessary to use private key cryptography, or classic, with security. It was developed by W. Diffie and M. Hellman in 1976 [3], and it supposed the first public key cryptosystem. In order to design these systems, mathematical problems, called one-way functions with trapdoor, are required. Its fundamental characteristic is that they allow us to apply the function in an efficient way, but its inversion is unfeasible unless an unlimited computation capacity should be available or the trapdoor be known. This one is that we know as the private key. Notice that the function, still being defined in an unique way, provides different results depending on the trapdoor or private key used. The functions more used are those based on the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP) and the Elliptic Curve Discrete Logarithm Problem (ECDLP). The DLP consists of obtaining the logarithm of a huge number with respect to a generator base of the multiplicative group of the integers modulo n. ECDLP is based in a similar way, but in this case, the group of points of an elliptic curve is used. For an introduction, you can see [4], [5] and [8]. The matrix system we propose is based on the ECDLP, and, for that reason, it is convenient to make a brief introduction to this problem. Consider a finite field q F with characteristic greater than 3. An elliptic curve E over q F is the set of all solutions (, ) q q xy ∈ × F F to an equation 2 3 y x ax b = + + , where , q ab ∈ F and 3 2 4 27 0 a b + ≠ , together with a special point O called the point at infinity. We denote the curve by / q E F . It is well known that / q E F with a binary operation, called addition of points and denoted by +, is an abelian group with O as the identity element. We denote the group by ( ) q E F . The addition of points is defined as: Let be 1 1 ( , ) ( ) q P x y E = ∈ F , then 1 1 ( , ) P x y − = − . If 2 2 ( , ) ( ) q Q x y E = ∈ F , Q P ≠− , then 3 3 ( , ) P Q x y + = , with 2 3 1 2 3 1 3 1 ( ) x x x y x x y λ λ = − − = − − where 1 2 1 2 1 2 1 1 1 ( )( ) , if (3 )(2 ) , if y y x x P Q x a y P Q λ − − ⎧ − − ≠ ⎪ = ⎨ + = ⎪ ⎩ Defining the curve over a finite field with characteristic 2 or 3 is possible, but it is indifferent for our purposes. The ECDLP consists of the following: let be two points , ( ) q PQ E ∈ F , with kP Q = , determine the scalar p k ∈ F , with # ( ) q p E = F . It is necessary that P be a generator of the group of points ( ) q E F , or, at least, it generates a subgroup with similar number of points. The group of points of an elliptic curve is an abelian group of rank 1 or 2, that is, it exists an isomorphism with a direct sum of cyclic groups, i.e.