Results 1  10
of
14
The complexity of class polynomial computation via floating point approximations. ArXiv preprint
, 601
"... Abstract. We analyse the complexity of computing class polynomials, that are an important ingredient for CM constructions of elliptic curves, via complex floating point approximations of their roots. The heart of the algorithm is the evaluation of modular functions in several arguments. The fastest ..."
Abstract

Cited by 43 (6 self)
 Add to MetaCart
(Show Context)
Abstract. We analyse the complexity of computing class polynomials, that are an important ingredient for CM constructions of elliptic curves, via complex floating point approximations of their roots. The heart of the algorithm is the evaluation of modular functions in several arguments. The fastest one of the presented approaches uses a technique devised by Dupont to evaluate modular functions by Newton iterations on an expression involving the arithmeticgeometric mean. Under the heuristic assumption, justified by experiments, that the correctness of the result is not perturbed by rounding errors, the algorithm runs in time “p “p ”” 3 2 O Dlog D  M Dlog D  ⊆ O ` Dlog 6+ε D  ´ ⊆ O ` h 2+ε´ for any ε> 0, where D is the CM discriminant, h is the degree of the class polynomial and M(n) is the time needed to multiply two nbit numbers. Up to logarithmic factors, this running time matches the size of the constructed polynomials. The estimate also relies on a new result concerning the complexity of enumerating the class group of an imaginary quadratic order and on a rigorously proven upper bound for the height of class polynomials. 1. Motivation and
Constructing hyperelliptic curves of genus 2 suitable for cryptography
 Math. Comp
, 2003
"... Abstract. In this article we show how to generalize the CMmethod for elliptic curves to genus two. We describe the algorithm in detail and discuss the results of our implementation. 1. ..."
Abstract

Cited by 42 (2 self)
 Add to MetaCart
(Show Context)
Abstract. In this article we show how to generalize the CMmethod for elliptic curves to genus two. We describe the algorithm in detail and discuss the results of our implementation. 1.
The security of Hidden Field Equations (HFE
 In The Cryptographer’s Track at RSA Conference 2001, volume 2020 of Lecture Notes in Computer Science
, 2001
"... Abstract. We consider the basic version of the asymmetric cryptosystem HFE from Eurocrypt 96. We propose a notion of nontrivial equations as a tentative to account for a large class of attacks on oneway functions. We found equations that give experimental evidence that basic HFE can be broken in e ..."
Abstract

Cited by 29 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We consider the basic version of the asymmetric cryptosystem HFE from Eurocrypt 96. We propose a notion of nontrivial equations as a tentative to account for a large class of attacks on oneway functions. We found equations that give experimental evidence that basic HFE can be broken in expected polynomial time for any constant degree d. It has been independently proven by Shamir and Kipnis [Crypto’99]. We designed and implemented a series of new advanced attacks that are much more efficient that the ShamirKipnis attack. They are practical for HFE degree d ≤ 24 and realistic up to d = 128. The 80bit, 500$ Patarin’s 1st challenge on HFE can be broken in about 2 62. Our attack is subexponential and requires n 3 2 log d computations. The original ShamirKipnis attack was in at least n log2 d. We show how to improve the ShamirKipnis attack, by using a better method of solving the involved algebraical problem MinRank. It becomes then in n 3 log d+O(1). All attacks fail for modified versions of HFE: HFE − (Asiacrypt’98), HFEv (Eurocrypt’99), Quartz (RSA’2000) and even for Flash (RSA’2000).
A search for Wilson primes
 Mathematics of Computation, preprint http://arxiv.org/abs/1209.3436
, 2012
"... ar ..."
Factoring Polynomials over Finite Fields using Balance Test
"... We study the problem of factoring univariate polynomials over finite fields. Under the assumption of the Extended Riemann Hypothesis (ERH), Gao [Gao01] designed a polynomial time algorithm that fails to factor only if the input polynomial satisfies a strong symmetry property, namely square balance. ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
We study the problem of factoring univariate polynomials over finite fields. Under the assumption of the Extended Riemann Hypothesis (ERH), Gao [Gao01] designed a polynomial time algorithm that fails to factor only if the input polynomial satisfies a strong symmetry property, namely square balance. In this paper, we propose an extension of Gao’s algorithm that fails only under an even stronger symmetry property. We also show that our property can be used to improve the time complexity of best deterministic algorithms on most input polynomials. The property also yields a new randomized polynomial time algorithm. 1
Gauß Periods in Finite Fields
"... In this survey, we review two recent applications of a venerable tool: Gauß periods. In Section 2, we describe Gauß' original construction, and how it can be used to generate normal bases in extensions of finite fields. Section 3 contains the first application: finding elements of exponentially ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this survey, we review two recent applications of a venerable tool: Gauß periods. In Section 2, we describe Gauß' original construction, and how it can be used to generate normal bases in extensions of finite fields. Section 3 contains the first application: finding elements of exponentially large order in certain finite fields. This can be viewed as a step towards solving the famous open problem of finding efficiently a primitive element in a given finite field. A pleasant feature is that the prime factorization of the order of the multiplicative group is not required. In Section 4 we give another example of the method, yielding a different kind of bound: among the q shifts + a of an element of an extension of F q , where a runs through F q , at most one has "small" order. The second application, in Section 5, deals with efficient exponentiation...
Public Key Cryptography Using Discrete Logarithms in Finite Fields: Algorithms, Efficient Implementation and Attacks
"... The field of cryptography (from the Greek kryptos, meaning “hidden ” and graphein, meaning “to write”) is concerned with problems related to the security of information, such as: ensuring that information transmitted over a public channel cannot be understood by an eavesdropper; verifying that rec ..."
Abstract
 Add to MetaCart
(Show Context)
The field of cryptography (from the Greek kryptos, meaning “hidden ” and graphein, meaning “to write”) is concerned with problems related to the security of information, such as: ensuring that information transmitted over a public channel cannot be understood by an eavesdropper; verifying that received information has indeed been sent by the party claiming to have sent it; and ensuring that the information has not been tampered with by unauthorised parties in transit. These problems have been of interest to humanity since ancient times, historically in connection with military and diplomatic affairs. The “shift cipher ” of Julius Caesar and the cipher rods of the Spartan military are well known historical examples of cryptography. More recently, the efforts of the Allied forces in breaking the Nazi “Enigma ” code have been credited with having shortened World War II by up to two years. Since the advent and subsequent widespread adoption of the digital computer, the range of applications for cryptography has exploded and the field has matured from what was once arguably an art into a definite science of the
Finding Roots in Fpn with the Successive Resultants Algorithm
"... Abstract. The problem of solving polynomial equations over finite fields has many applications in cryptography and coding theory. In this paper, we consider polynomial equations over a “large ” finite field with a “small ” characteristic. We introduce a new algorithm for solving this type of equat ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. The problem of solving polynomial equations over finite fields has many applications in cryptography and coding theory. In this paper, we consider polynomial equations over a “large ” finite field with a “small ” characteristic. We introduce a new algorithm for solving this type of equations, called the Successive Resultants Algorithm (SRA) in the sequel. SRA is radically different from previous algorithms for this problem, yet it is conceptually simple. A straightforward implementation using Magma was able to beat the builtin function Roots for some parameters. These preliminary results encourage a more detailed study of SRA and its applications. Moreover, we point out that an extension of SRA to the multivariate case would have an important impact on the practical security of the elliptic curve discrete logarithm problem in small characteristic. 1
Fast Algorithms for Towers of Finite Fields and Isogenies Algorithmes Rapides pour les Tours de Corps Finis et les Isogénies
, 2011
"... Thèse de doctorat ..."
POLYNOMIAL FACTORIZATION OVER F2
, 2002
"... Abstract. We describe algorithms for polynomial factorization over the binary field F2, and their implementation. They allow polynomials of degree up to 250 000 to be factored in about one day of CPU time, distributing the work on two processors. 1. ..."
Abstract
 Add to MetaCart
Abstract. We describe algorithms for polynomial factorization over the binary field F2, and their implementation. They allow polynomials of degree up to 250 000 to be factored in about one day of CPU time, distributing the work on two processors. 1.