0

I am trying to solve elliptic curves discrete logrithm problem using Pollard rho attack in c. Since the target elliptic curve is defined over binary field F2^113, I need to do a great amount of EC_POINT_add operation s in my program. Unfortunately, the EC_POINT_add always return 0 and program stop after about 7x(10^7) loops. Here is my testing code, and I am very confused why the EC_POINT_add always return 0 and program stop after about 7x(10^7) loops. I really need your help since this problem has confused me the whole week. Thank you!

/*X1 is a elliptic point, Tx,Ty,BL,c1,d1,c[i],d[i] and R[i] are BIGNUM* */
while(1) {

    if(1 != EC_POINT_get_affine_coordinates_GF2m(curve,X1,Tx,Ty,ctx)) return 0;

    BN_mod(Tx,Tx,BL,ctx);
    i = atoi(BN_bn2dec(Tx));

    if(1 != EC_POINT_add(curve,X1,X1,R[i],ctx)) {
            printf("\nb\n");
            return 0;
    }

    BN_mod_add(c1,c1,c[i],order,ctx);
    BN_mod_add(d1,d1,d[i],order,ctx);

    k++;
    printf("%d ",k);
}
ybshen
  • 1
  • 1

1 Answers1

0

Now,I'am going to answer my own question since I have found the debug in my code at the end. I tested all of the potential errors and finally discovered that the return string of function 'BN_bn2dec()' must be free by 'OPENSSL_free()', otherwise it will lead to segmentation fault(core dumped) after about 2*10^8 loops. Here is the explanation of the documentation:

    BN_bn2hex() and BN_bn2dec() return printable strings containing the
    hexadecimal and decimal encoding of a respectively. For negative
    numbers, the string is prefaced with a leading '-'. The string must be
    freed later using OPENSSL_free().

I used GDB debugger to locate the error. GDB is really a useful tool to debug codes.

ybshen
  • 1
  • 1