This paper by Neal Koblitz discusses elliptic curve cryptosystems, which are based on the structure of the group of points on an elliptic curve over a finite field. These systems are proposed as alternatives to traditional public key cryptosystems that use the multiplicative group of a finite field. The discrete logarithm problem on elliptic curves is expected to be harder than the classical discrete logarithm problem, particularly over GF(2^n), making these systems potentially more secure. The paper covers several key aspects: 1. **Introduction**: It reviews the historical development of public key cryptosystems and introduces the concept of elliptic curve cryptosystems. 2. **Elliptic Curves**: Definitions and properties of elliptic curves over finite fields are provided, including the addition law for points on these curves. 3. **Imbedding Plaintext**: Methods for embedding plaintexts into points on elliptic curves are discussed, including probabilistic methods. 4. **Cryptosystems**: Two elliptic curve public key cryptosystems are described: an elliptic curve analog of the Massey-Omura system and an elliptic curve analog of the ElGamal system. 5. **Examples**: Specific examples of elliptic curves and their parameters are given to illustrate the construction of these cryptosystems. 6. **Primitive Points**: The probability that a fixed point on an elliptic curve generates a large cyclic subgroup is discussed, with references to conjectures by Lang and Trotter. 7. **Nonsmooth Cyclic Subgroups**: The paper presents a theorem on the probability that a cyclic subgroup generated by a fixed point is nonsmooth, providing insights into the security of these cryptosystems. Koblitz emphasizes the potential advantages of elliptic curve cryptosystems, particularly in terms of security and efficiency, and highlights the ongoing research and theoretical developments in this area.This paper by Neal Koblitz discusses elliptic curve cryptosystems, which are based on the structure of the group of points on an elliptic curve over a finite field. These systems are proposed as alternatives to traditional public key cryptosystems that use the multiplicative group of a finite field. The discrete logarithm problem on elliptic curves is expected to be harder than the classical discrete logarithm problem, particularly over GF(2^n), making these systems potentially more secure. The paper covers several key aspects: 1. **Introduction**: It reviews the historical development of public key cryptosystems and introduces the concept of elliptic curve cryptosystems. 2. **Elliptic Curves**: Definitions and properties of elliptic curves over finite fields are provided, including the addition law for points on these curves. 3. **Imbedding Plaintext**: Methods for embedding plaintexts into points on elliptic curves are discussed, including probabilistic methods. 4. **Cryptosystems**: Two elliptic curve public key cryptosystems are described: an elliptic curve analog of the Massey-Omura system and an elliptic curve analog of the ElGamal system. 5. **Examples**: Specific examples of elliptic curves and their parameters are given to illustrate the construction of these cryptosystems. 6. **Primitive Points**: The probability that a fixed point on an elliptic curve generates a large cyclic subgroup is discussed, with references to conjectures by Lang and Trotter. 7. **Nonsmooth Cyclic Subgroups**: The paper presents a theorem on the probability that a cyclic subgroup generated by a fixed point is nonsmooth, providing insights into the security of these cryptosystems. Koblitz emphasizes the potential advantages of elliptic curve cryptosystems, particularly in terms of security and efficiency, and highlights the ongoing research and theoretical developments in this area.