Results 1  10
of
28
PolynomialTime Quantum Algorithms for Pell's Equation and the Principal Ideal Problem
 in Proceedings of the 34th ACM Symposium on Theory of Computing
, 2001
"... Besides Shor's polynomialtime quantum algorithms for factoring and discrete log, all progress in understanding when quantum algorithms have an exponential advantage over classical algorithms has been through oracle problems. Here we give efficient quantum algorithms for two more nonoracle problems ..."
Abstract

Cited by 81 (7 self)
 Add to MetaCart
Besides Shor's polynomialtime quantum algorithms for factoring and discrete log, all progress in understanding when quantum algorithms have an exponential advantage over classical algorithms has been through oracle problems. Here we give efficient quantum algorithms for two more nonoracle problems. The first is Pell's equation. Given a positive nonsquare integer d, Pell's equation is x²  dy² = 1 and the goal is to find its integer solutions. Factoring integers reduces to finding integer solutions of Pell's equation, but a reduction in the other direction is not known and appears more difficult. The second problem is the principal ideal problem in real quadratic number fields. Solving this problem is at least as hard as solving Pell's equation, and is the basis of a cryptosystem which is broken by our algorithm. We also state some related open problems from the area of computational algebraic number theory.
Algorithms in algebraic number theory
 Bull. Amer. Math. Soc
, 1992
"... Abstract. In this paper we discuss the basic problems of algorithmic algebraic number theory. The emphasis is on aspects that are of interest from a purely mathematical point of view, and practical issues are largely disregarded. We describe what has been done and, more importantly, what remains to ..."
Abstract

Cited by 40 (3 self)
 Add to MetaCart
Abstract. In this paper we discuss the basic problems of algorithmic algebraic number theory. The emphasis is on aspects that are of interest from a purely mathematical point of view, and practical issues are largely disregarded. We describe what has been done and, more importantly, what remains to be done in the area. We hope to show that the study of algorithms not only increases our understanding of algebraic number fields but also stimulates our curiosity about them. The discussion is concentrated of three topics: the determination of Galois groups, the determination of the ring of integers of an algebraic number field, and the computation of the group of units and the class group of that ring of integers. 1.
Solving the Pell Equation
, 2008
"... We illustrate recent developments in computational number theory by studying their implications for solving the Pell equation. We shall see that, if the solutions to the Pell equation are properly represented, the traditional continued fraction method for solving the equation can be significantly a ..."
Abstract

Cited by 20 (0 self)
 Add to MetaCart
We illustrate recent developments in computational number theory by studying their implications for solving the Pell equation. We shall see that, if the solutions to the Pell equation are properly represented, the traditional continued fraction method for solving the equation can be significantly accelerated. The most promising method depends on the use of smooth numbers. As with many algorithms depending on smooth numbers, its run time can presently only conjecturally be established; giving a rigorous analysis is one of the many open problems surrounding the Pell equation.
Effectivity of Arakelov Divisors and the Theta Divisor of a Number
"... In the well known analogy between the theory of function fields of curves over finite fields and the arithmetic of algebraic number fields, the number theoretical analogue of a divisor on a curve is an Arakelov divisor. In this paper we introduce the notion of an effective ..."
Abstract

Cited by 19 (2 self)
 Add to MetaCart
In the well known analogy between the theory of function fields of curves over finite fields and the arithmetic of algebraic number fields, the number theoretical analogue of a divisor on a curve is an Arakelov divisor. In this paper we introduce the notion of an effective
On the Complexity and Efficiency of a New Key Exchange System
, 1993
"... In [2] Buchmann and Williams presented a new public key exchange system based on imaginary quadratic fields. While in that paper the system was described theoretically and its security was discussed in some detail nothing much was said about the practical implementation. In this paper we discuss the ..."
Abstract

Cited by 14 (6 self)
 Add to MetaCart
In [2] Buchmann and Williams presented a new public key exchange system based on imaginary quadratic fields. While in that paper the system was described theoretically and its security was discussed in some detail nothing much was said about the practical implementation. In this paper we discuss the practical aspects of the new system, its efficiency and implementation. In particular we study the crucial point of the method: ideal reduction. We suggest a refinement of the well known reduction method which has been implemented on a computer. We present extensive running time statistics and a detailed complexity analysis of the methods involved. The implementation of the reduction procedure on chips is subject of future research. 1 The DiffieHellman scheme In their paper "New Directions in Cryptography" [3] Diffie and Hellman introduced in 1976 the idea of public key exchange. By this method it is possible to communicate a secret key for some cryptosystem over a public insecure chann...
Explicit bounds and heuristics on class numbers in hyperelliptic function fields
 Mathematics of Computation
, 1999
"... Abstract. In this paper, we provide tight estimates for the divisor class number of hyperelliptic function fields. We extend the existing methods to any hyperelliptic function field and improve the previous bounds by a factor proportional to g with the help of new results. We thus obtain a faster me ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
Abstract. In this paper, we provide tight estimates for the divisor class number of hyperelliptic function fields. We extend the existing methods to any hyperelliptic function field and improve the previous bounds by a factor proportional to g with the help of new results. We thus obtain a faster method of computing regulators and class numbers. Furthermore, we provide experimental data and heuristics on the distribution of the class number within the bounds on the class number. These heuristics are based on recent results by Katz and Sarnak. Our numerical results and the heuristics imply that our approximation is in general far better than the bounds suggest. 1.
Short Representation of Quadratic Integers
 PROCEEDINGS OF CANT
, 1992
"... Let O be a real quadratic order of discriminant \Delta. For elements ff in O we develop a compact representation whose binary length is polynomially bounded in log log H(ff), log N(ff) and log \Delta where H(ff) is the height of ff and N(ff) is the norm of ff. We show that using compact representa ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
Let O be a real quadratic order of discriminant \Delta. For elements ff in O we develop a compact representation whose binary length is polynomially bounded in log log H(ff), log N(ff) and log \Delta where H(ff) is the height of ff and N(ff) is the norm of ff. We show that using compact representations we can in polynomial time compute norms, signs, products, and inverses of numbers in O and principal ideals generated by numbers in O. We also show how to compare numbers given in compact represention in polynomial time.
An Investigation of Bounds for the Regulator of Quadratic Fields
 Experimental Mathematics
, 1995
"... This paper considers the following problems: How large, and how small, can R get? And how often? The answer is simple for the problem of how small R can be, but seems to be extremely difficult for the question of how large ..."
Abstract

Cited by 12 (6 self)
 Add to MetaCart
This paper considers the following problems: How large, and how small, can R get? And how often? The answer is simple for the problem of how small R can be, but seems to be extremely difficult for the question of how large
Reducing Logarithms in Totally NonMaximal Imaginary Quadratic Orders to Logarithms in Finite Fields (Extended Abstract)
, 1999
"... Since nobody can guarantee that the computation of discrete logarithms in elliptic curves or IF p remains intractible for the future it is important to study cryptosystems based on alternative groups. A promising candidate, which was proposed by Buchmann and Williams [8], is the class group Cl(\D ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
Since nobody can guarantee that the computation of discrete logarithms in elliptic curves or IF p remains intractible for the future it is important to study cryptosystems based on alternative groups. A promising candidate, which was proposed by Buchmann and Williams [8], is the class group Cl(\Delta) of an imaginary quadratic order O \Delta . This ring is isomorphic to the endomorphism ring of a nonsupersingular elliptic curve over a finite field. While in the meantime there was found a subexponential algorithm for the computation of discrete logarithms in Cl(\Delta) [16], this algorithm only has running time L \Delta [ 1 2 ; c] and is far less efficient than the number field sieve with L p [ 1 3 ; c] to compute logarithms in IF p . Thus one may choose the parameters smaller to obtain the same level of security. It is an open question whether there is an L \Delta [ 1 3 ; c] algorithm to compute discrete logarithms in arbitrary Cl(\Delta). Recently there were proposed cry...
Computing Arakelov class groups
, 2008
"... Shanks’s infrastructure algorithm and Buchmann’s algorithm for computing class groups and unit groups of rings of integers of algebraic number fields are most naturally viewed as computations inside Arakelov class groups. In this paper we discuss the basic properties of Arakelov class groups and of ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Shanks’s infrastructure algorithm and Buchmann’s algorithm for computing class groups and unit groups of rings of integers of algebraic number fields are most naturally viewed as computations inside Arakelov class groups. In this paper we discuss the basic properties of Arakelov class groups and of the set of reduced Arakelov divisors. As an application we describe Buchmann’s algorithm in this context.