Results 1  10
of
37
Elliptic Curves And Primality Proving
 Math. Comp
, 1993
"... The aim of this paper is to describe the theory and implementation of the Elliptic Curve Primality Proving algorithm. ..."
Abstract

Cited by 162 (22 self)
 Add to MetaCart
The aim of this paper is to describe the theory and implementation of the Elliptic Curve Primality Proving algorithm.
Counting Points on Elliptic Curves Over Finite Fields
, 1995
"... . We describe three algorithms to count the number of points on an elliptic curve over a finite field. The first one is very practical when the finite field is not too large; it is based on Shanks's babystepgiantstep strategy. The second algorithm is very efficient when the endomorphism ri ..."
Abstract

Cited by 82 (0 self)
 Add to MetaCart
. We describe three algorithms to count the number of points on an elliptic curve over a finite field. The first one is very practical when the finite field is not too large; it is based on Shanks's babystepgiantstep strategy. The second algorithm is very efficient when the endomorphism ring of the curve is known. It exploits the natural lattice structure of this ring. The third algorithm is based on calculations with the torsion points of the elliptic curve [18]. This deterministic polynomial time algorithm was impractical in its original form. We discuss several practical improvements by Atkin and Elkies. 1. Introduction. Let p be a large prime and let E be an elliptic curve over F p given by a Weierstraß equation Y 2 = X 3 +AX +B for some A, B 2 F p . Since the curve is not singular we have that 4A 3 + 27B 2 6j 0 (mod p). We describe several methods to count the rational points on E, i.e., methods to determine the number of points (x; y) on E with x; y 2 F p . Most o...
A Subexponential Algorithm for the Determination of Class Groups and Regulators of Algebraic Number Fields
, 1990
"... A new probabilistic algorithm for the determination of class groups and regulators of an algebraic number field F is presented. Heuristic evidence is given which shows that the expected running time of the algorithm is exp( p log D log log D) c+o(1) where D is the absolute discriminant of F , wh ..."
Abstract

Cited by 51 (5 self)
 Add to MetaCart
A new probabilistic algorithm for the determination of class groups and regulators of an algebraic number field F is presented. Heuristic evidence is given which shows that the expected running time of the algorithm is exp( p log D log log D) c+o(1) where D is the absolute discriminant of F , where c 2 R?0 is an absolute constant, and where the o(1)function depends on the degree of F . 1 Introduction Computing the class group and the regulator of an algebraic number field F are two major tasks of algorithmic algebraic number theory. In the last decade, several regulator and class group algorithms have been suggested (e.g. [16],[17],[18],[3]). In [2] the problem of the computational complexity of those algorithms was adressed for the first time. This question was then studied in [2] in great detail. The theoretical results and the computational experience show that computing class groups and regulators is a very difficult problem. More precisely, it turns out that even under the a...
An Implementation of the General Number Field Sieve
 In Proceedings of Crypto'93
, 1993
"... It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with our implementation of the GNFS ..."
Abstract

Cited by 23 (2 self)
 Add to MetaCart
It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with our implementation of the GNFS whose first version was completed in January 1993 at the Department of Computer Science at the Universitat des Saarlandes. 1 Introduction Factoring rational integers into primes is one of the most important and most difficult problems of computational number theory. It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with the first version of our implementation of the GNFS. For our implementation we used the methods described in [2], [3], and [7]. In the course of the implementati...
An analysis of Shanks’s algorithm for computing square roots in finite fields
 in Proc. 5th Conf. Canadian Number Theory Assoc
, 1999
"... Abstract We rigorously analyze Shanks's algorithm for computing square roots modulo a prime number. The initialization always requires two exponentiations. Averaged over all primes and possible inputs, the body of the algorithm requires 8/3 additional multiplications. We obtain exact values for ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
Abstract We rigorously analyze Shanks's algorithm for computing square roots modulo a prime number. The initialization always requires two exponentiations. Averaged over all primes and possible inputs, the body of the algorithm requires 8/3 additional multiplications. We obtain exact values for the mean and variance of the number of additional multiplications for a fixed prime, and finally show that the distribution is asymptotically normal.
Implementation Of The AtkinGoldwasserKilian Primality Testing Algorithm
 RAPPORT DE RECHERCHE 911, INRIA, OCTOBRE
, 1988
"... We describe a primality testing algorithm, due essentially to Atkin, that uses elliptic curves over finite fields and the theory of complex multiplication. In particular, we explain how the use of class fields and genus fields can speed up certain phases of the algorithm. We sketch the actual implem ..."
Abstract

Cited by 9 (7 self)
 Add to MetaCart
We describe a primality testing algorithm, due essentially to Atkin, that uses elliptic curves over finite fields and the theory of complex multiplication. In particular, we explain how the use of class fields and genus fields can speed up certain phases of the algorithm. We sketch the actual implementation of this test and its use on testing large primes, the records being two numbers of more than 550 decimal digits. Finally, we give a precise answer to the question of the reliability of our computations, providing a certificate of primality for a prime number.
Deterministic Irreducibility Testing of Polynomials over Large Finite Fields
 J. Symbolic Comput
, 1987
"... We present a sequential deterministic polynomialtime algorithm for testing dense multivariate polynomials over a large finite field for irreducibility. All previously known algorithms were of a probabilistic nature. Our deterministic solution is based on our algorithm for absolute irreducibility te ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
We present a sequential deterministic polynomialtime algorithm for testing dense multivariate polynomials over a large finite field for irreducibility. All previously known algorithms were of a probabilistic nature. Our deterministic solution is based on our algorithm for absolute irreducibility testing combined with Berlekamp's algorithm.
On the Generation of Cryptographically Strong Elliptic Curves
, 1997
"... We discuss two methods for generating cryptographically strong elliptic curves defined over finite prime fields. The advantages and disadvantages of these algorithms are discussed and a practical comparison of the algorithms is given. ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
We discuss two methods for generating cryptographically strong elliptic curves defined over finite prime fields. The advantages and disadvantages of these algorithms are discussed and a practical comparison of the algorithms is given.
Square, a New Multivariate Encryption Scheme
, 2009
"... We propose and analyze a multivariate encryption scheme that uses odd characteristic and an embedding in its construction. This system has a very simple core map F (X) = X², allowing for efficient decryption. We also discuss ways to make this decryption faster with specific parameter choices. We gi ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
We propose and analyze a multivariate encryption scheme that uses odd characteristic and an embedding in its construction. This system has a very simple core map F (X) = X², allowing for efficient decryption. We also discuss ways to make this decryption faster with specific parameter choices. We give heuristic arguments along with experimental data to show that this scheme resists all known attacks.