Results 1  10
of
622
Elliptic Curves And Primality Proving
 Math. Comp
, 1993
"... The aim of this paper is to describe the theory and implementation of the Elliptic Curve Primality Proving algorithm. ..."
Abstract

Cited by 175 (22 self)
 Add to MetaCart
The aim of this paper is to describe the theory and implementation of the Elliptic Curve Primality Proving algorithm.
The Complexity of Counting in Sparse, Regular, and Planar Graphs
 SIAM Journal on Computing
, 1997
"... We show that a number of graphtheoretic counting problems remain NPhard, indeed #Pcomplete, in very restricted classes of graphs. In particular, it is shown that the problems of counting matchings, vertex covers, independent sets, and extremal variants of these all remain hard when restricted to ..."
Abstract

Cited by 74 (0 self)
 Add to MetaCart
We show that a number of graphtheoretic counting problems remain NPhard, indeed #Pcomplete, in very restricted classes of graphs. In particular, it is shown that the problems of counting matchings, vertex covers, independent sets, and extremal variants of these all remain hard when restricted to planar bipartite graphs of bounded degree or regular graphs of constant degree. To achieve these results, a new interpolationbased reduction technique which preserves properties such as constant degree is introduced. In addition, the problem of approximately counting minimum cardinality vertex covers is shown to remain NPhard even when restricted to graphs of maximal degree 3. Previously, restrictedcase complexity results for counting problems were elusive; we believe our techniques may help obtain similar results for many other counting problems. 1 Introduction Ever since the introduction of NPcompleteness in the early 1970's, the primary focus of complexity theory has been on decision ...
Counting Points on Hyperelliptic Curves over Finite Fields
"... . We describe some algorithms for computing the cardinality of hyperelliptic curves and their Jacobians over finite fields. They include several methods for obtaining the result modulo small primes and prime powers, in particular an algorithm `a la Schoof for genus 2 using Cantor 's divisio ..."
Abstract

Cited by 63 (7 self)
 Add to MetaCart
(Show Context)
. We describe some algorithms for computing the cardinality of hyperelliptic curves and their Jacobians over finite fields. They include several methods for obtaining the result modulo small primes and prime powers, in particular an algorithm `a la Schoof for genus 2 using Cantor 's division polynomials. These are combined with a birthday paradox algorithm to calculate the cardinality. Our methods are practical and we give actual results computed using our current implementation. The Jacobian groups we handle are larger than those previously reported in the literature. Introduction In recent years there has been a surge of interest in algorithmic aspects of curves. When presented with any curve, a natural task is to compute the number of points on it with coordinates in some finite field. When the finite field is large this is generally difficult to do. Ren'e Schoof gave a polynomial time algorithm for counting points on elliptic curves i.e., those of genus 1, in his ground...
A normal form for elliptic curves
 Bulletin of the American Mathematical Society
"... Abstract. The normal form x2 +y2 = a2 +a2x2y 2 for elliptic curves simplifies formulas in the theory of elliptic curves and functions. Its principal advantage is that it allows the addition law, the group law on the elliptic curve, to be stated explicitly ..."
Abstract

Cited by 59 (0 self)
 Add to MetaCart
(Show Context)
Abstract. The normal form x2 +y2 = a2 +a2x2y 2 for elliptic curves simplifies formulas in the theory of elliptic curves and functions. Its principal advantage is that it allows the addition law, the group law on the elliptic curve, to be stated explicitly
Arithmetic and Attractors
, 2003
"... We study relations between some topics in number theory and supersymmetric black holes. These relations are based on the “attractor mechanism ” of N = 2 supergravity. In IIB string compactification this mechanism singles out certain “attractor varieties. ” We show that these attractor varieties are ..."
Abstract

Cited by 57 (2 self)
 Add to MetaCart
We study relations between some topics in number theory and supersymmetric black holes. These relations are based on the “attractor mechanism ” of N = 2 supergravity. In IIB string compactification this mechanism singles out certain “attractor varieties. ” We show that these attractor varieties are constructed from products of elliptic curves with complex multiplication for N = 4, 8 compactifications. The heterotic dual theories are related to rational conformal field theories. In the case of N = 4 theories Uduality inequivalent backgrounds with the same horizon area are counted by the class number of a quadratic imaginary field. The attractor varieties are defined over fields closely related to class fields of the quadratic imaginary field. We discuss some extensions to more general CalabiYau compactifications and explore further connections to arithmetic including connections to Kronecker’s Jugendtraum and the theory of modular heights. The paper also includes a short review of the attractor mechanism. A much shorter version of the paper summarizing the main points is the companion note entitled “Attractors and Arithmetic,” hepth/9807056.
Some integer factorization algorithms using elliptic curves
 Australian Computer Science Communications
, 1986
"... Lenstra’s integer factorization algorithm is asymptotically one of the fastest known algorithms, and is also ideally suited for parallel computation. We suggest a way in which the algorithm can be speeded up by the addition of a second phase. Under some plausible assumptions, the speedup is of order ..."
Abstract

Cited by 52 (13 self)
 Add to MetaCart
(Show Context)
Lenstra’s integer factorization algorithm is asymptotically one of the fastest known algorithms, and is also ideally suited for parallel computation. We suggest a way in which the algorithm can be speeded up by the addition of a second phase. Under some plausible assumptions, the speedup is of order log(p), where p is the factor which is found. In practice the speedup is significant. We mention some refinements which give greater speedup, an alternative way of implementing a second phase, and the connection with Pollard’s “p − 1” factorization algorithm. 1
Feedback shift registers, 2adic span, and combiners with memory
 Journal of Cryptology
, 1997
"... Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presen ..."
Abstract

Cited by 51 (7 self)
 Add to MetaCart
Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presented, including a synthesis algorithm (analogous to the BerlekampMassey algorithm for LFSR’s) which, for any pseudorandom sequence, constructs the smallest FCSR which will generate the sequence. These techniques are used to attack the summation cipher. This analysis gives a unified approach to the study of pseudorandom sequences, arithmetic codes, combiners with memory, and the MarsagliaZaman random number generator. Possible variations on the FCSR architecture are indicated at the end. Index Terms – Binary sequence, shift register, stream cipher, combiner with memory, cryptanalysis, 2adic numbers, arithmetic code, 1/q sequence, linear span. 1
NEW CONGRUENCES FOR CENTRAL BINOMIAL COEFFICIENTS
, 2009
"... Let p be a prime, and let d ∈ {0,..., pa} with a ∈ Z +. In this paper we determine Pp a −1 2k ´ P k=0 /mk p−1 ..."
Abstract

Cited by 48 (44 self)
 Add to MetaCart
Let p be a prime, and let d ∈ {0,..., pa} with a ∈ Z +. In this paper we determine Pp a −1 2k ´ P k=0 /mk p−1
Parallel Algorithms for Integer Factorisation
"... The problem of finding the prime factors of large composite numbers has always been of mathematical interest. With the advent of public key cryptosystems it is also of practical importance, because the security of some of these cryptosystems, such as the RivestShamirAdelman (RSA) system, depends o ..."
Abstract

Cited by 42 (17 self)
 Add to MetaCart
The problem of finding the prime factors of large composite numbers has always been of mathematical interest. With the advent of public key cryptosystems it is also of practical importance, because the security of some of these cryptosystems, such as the RivestShamirAdelman (RSA) system, depends on the difficulty of factoring the public keys. In recent years the best known integer factorisation algorithms have improved greatly, to the point where it is now easy to factor a 60decimal digit number, and possible to factor numbers larger than 120 decimal digits, given the availability of enough computing power. We describe several algorithms, including the elliptic curve method (ECM), and the multiplepolynomial quadratic sieve (MPQS) algorithm, and discuss their parallel implementation. It turns out that some of the algorithms are very well suited to parallel implementation. Doubling the degree of parallelism (i.e. the amount of hardware devoted to the problem) roughly increases the size of a number which can be factored in a fixed time by 3 decimal digits. Some recent computational results are mentioned – for example, the complete factorisation of the 617decimal digit Fermat number F11 = 2211 + 1 which was accomplished using ECM.
The Relationship Between Breaking the DiffieHellman Protocol and Computing Discrete Logarithms
, 1998
"... Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that re ..."
Abstract

Cited by 42 (3 self)
 Add to MetaCart
Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that reduces the computation of discrete logarithms in G to breaking the DiffieHellman protocol in G and has complexity p maxf(p i )g \Delta (log jGj) O(1) , where (p) stands for the minimum of the set of largest prime factors of all the numbers d in the interval [p \Gamma 2 p p+1; p+2 p p+ 1]. Under the unproven but plausible assumption that (p) is polynomial in log p, this reduction implies that the DiffieHellman problem and the discrete logarithm problem are polynomialtime equivalent in G. Second, it is proved that the DiffieHellman problem and the discrete logarithm problem are equivalent in a uniform sense for groups whose orders belong to certain classes: there exists a p...