Results 1  10
of
96
Implementing 2Descent for Jacobians of Hyperelliptic Curves
 Acta Arith
, 1999
"... . This paper gives a fairly detailed description of an algorithm that computes (the size of) the 2Selmer group of the Jacobian of a hyperellitptic curve over Q. The curve is assumed to have even genus or to possess a Qrational Weierstra point. 1. Introduction Given some curve C over Q , one w ..."
Abstract

Cited by 49 (16 self)
 Add to MetaCart
. This paper gives a fairly detailed description of an algorithm that computes (the size of) the 2Selmer group of the Jacobian of a hyperellitptic curve over Q. The curve is assumed to have even genus or to possess a Qrational Weierstra point. 1. Introduction Given some curve C over Q , one would like to determine as much as possible of its arithmetical properties. One of the more important invariants is the MordellWeil rank of its Jacobian J , i.e., the free abelian rank of J(Q ) (finite by the MordellWeil Theorem). There is no algorithm so far that provably determines this rank, but it is possible (at least in theory) to bound it from above by computing the size of a suitable Selmer group. It is also fairly easy to find lower bounds by looking for independent rational points on the Jacobian. (It can be difficult, however, to find the right number of independent points, when some of the generators are large.) With some luck, both bounds coincide, and the rank is determined. In...
Applications of Arithmetical Geometry to Cryptographic Constructions
 Proceedings of the Fifth International Conference on Finite Fields and Applications
"... Public key cryptosystems are very important tools for data transmission. Their performance and security depend on the underlying crypto primitives. In this paper we describe one such primitive: The Discrete Logarithm (DL) in cyclic groups of prime order (Section 1). To construct DLsystems we use me ..."
Abstract

Cited by 44 (1 self)
 Add to MetaCart
Public key cryptosystems are very important tools for data transmission. Their performance and security depend on the underlying crypto primitives. In this paper we describe one such primitive: The Discrete Logarithm (DL) in cyclic groups of prime order (Section 1). To construct DLsystems we use methods from algebraic and arithmetic geometry and especially the theory of abelian varieties over finite fields. It is explained why Jacobian varieties of hyperelliptic curves of genus 4 are candidates for cryptographically "good" abelian varieties (Section 2). In the third section we describe the (constructive and destructive) role played by Galois theory: Local and global Galois representation theory is used to count points on abelian varieties over finite fields and we give some applications of Weil descent and Tate duality.
Arithmetic On Superelliptic Curves
 Math. Comp
, 2000
"... This paper is concerned with algorithms for computing in the divisor class group of a nonsingular plane curve of the form y n = c(x) which has only one point at infinity. Divisors are represented as ideals and an ideal reduction algorithm based on lattice reduction is given. We obtain a unique repre ..."
Abstract

Cited by 39 (4 self)
 Add to MetaCart
This paper is concerned with algorithms for computing in the divisor class group of a nonsingular plane curve of the form y n = c(x) which has only one point at infinity. Divisors are represented as ideals and an ideal reduction algorithm based on lattice reduction is given. We obtain a unique representative for each divisor class and the algorithms for addition and reduction of divisors run in polynomial time. An algorithm is also given for solving the discrete logarithm problem when the curve is defined over a finite field.
A Separation Bound for Real Algebraic Expressions
 In Lecture Notes in Computer Science
, 2001
"... Real algebraic expressions are expressions whose leaves are integers and whose internal nodes are additions, subtractions, multiplications, divisions, kth root operations for integral k, and taking roots of polynomials whose coefficients are given by the values of subexpressions. We consider the si ..."
Abstract

Cited by 38 (3 self)
 Add to MetaCart
Real algebraic expressions are expressions whose leaves are integers and whose internal nodes are additions, subtractions, multiplications, divisions, kth root operations for integral k, and taking roots of polynomials whose coefficients are given by the values of subexpressions. We consider the sign computation of real algebraic expressions, a task vital for the implementation of geometric algorithms. We prove a new separation bound for real algebraic expressions and compare it analytically and experimentally with previous bounds. The bound is used in the sign test of the number type leda real. 1
Index calculus in class groups of nonhyperelliptic curves of genus three, in "Journal of Cryptology", The original publication is available at www.springerlink.com
, 2007
"... We study an index calculus algorithm to solve the discrete logarithm problem (DLP) in degree 0 class groups of nonhyperelliptic curves of genus 3 over finite fields. We present a heuristic analysis of the algorithm which indicates that the DLP in degree 0 class groups of nonhyperelliptic curves of ..."
Abstract

Cited by 23 (4 self)
 Add to MetaCart
We study an index calculus algorithm to solve the discrete logarithm problem (DLP) in degree 0 class groups of nonhyperelliptic curves of genus 3 over finite fields. We present a heuristic analysis of the algorithm which indicates that the DLP in degree 0 class groups of nonhyperelliptic curves of genus 3 can be solved in an expected time of Õ(q). This heuristic result relies on one heuristic assumption which is studied experimentally. We also present experimental data which show that a variant of the algorithm is faster than the Rho method even for small group sizes, and we address practical limitations of the algorithm.
A Bost–Connes–Marcolli system for Shimura varieties, in preparation
"... We construct a Quantum Statistical Mechanical system (A, σt) analogous to the BostConnesMarcolli system of [CM04] in the case of Shimura varieties. Along the way, we define a new BostConnes system for number fields which has the “correct” symmetries and the “correct ” partition function. We give ..."
Abstract

Cited by 21 (0 self)
 Add to MetaCart
We construct a Quantum Statistical Mechanical system (A, σt) analogous to the BostConnesMarcolli system of [CM04] in the case of Shimura varieties. Along the way, we define a new BostConnes system for number fields which has the “correct” symmetries and the “correct ” partition function. We give a formalism that applies to general Shimura data (G, X). The object of this series of papers is to show that these systems have phase transitions and spontaneous symmetry breaking, and to classify their KMS states, at least for low temperature.
An Implementation of the Number Field Sieve
 EXPERIMENTAL MATHEMATICS
, 1996
"... This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implem ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implementation are listed, including the record factorization of 12^151 1.
Strategies in Filtering in the Number Field Sieve
 In preparation
, 2000
"... A critical step when factoring large integers by the Number Field Sieve [8] consists of finding dependencies in a huge sparse matrix over the field F2 , using a Block Lanczos algorithm. Both size and weight (the number of nonzero elements) of the matrix critically affect the running time of Block ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
A critical step when factoring large integers by the Number Field Sieve [8] consists of finding dependencies in a huge sparse matrix over the field F2 , using a Block Lanczos algorithm. Both size and weight (the number of nonzero elements) of the matrix critically affect the running time of Block Lanczos. In order to keep size and weight small the relations coming out of the siever do not flow directly into the matrix, but are filtered first in order to reduce the matrix size. This paper discusses several possible filter strategies and their use in the recent record factorizations of RSA140, R211 and RSA155. 2000 Mathematics Subject Classification: Primary 11Y05. Secondary 11A51. 1999 ACM Computing Classification System: F.2.1. Keywords and Phrases: Number Field Sieve, factoring, filtering, Structured Gaussian elimination, Block Lanczos, RSA. Note: Work carried out under project MAS2.2 "Computational number theory and data security". This report will appear in the proceed...
Equivariant epsilon constants, discriminants and Étale cohomology
 Proc. London Math. Soc
, 2001
"... this paper was written when the second named author 2 visited the Institute for Mathematics of the University of Augsburg in July 1999. He would like to thank Juergen Ritter for the warm hospitality shown him during this (and many other) visits ..."
Abstract

Cited by 14 (10 self)
 Add to MetaCart
this paper was written when the second named author 2 visited the Institute for Mathematics of the University of Augsburg in July 1999. He would like to thank Juergen Ritter for the warm hospitality shown him during this (and many other) visits