Abstract. We introduce a short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyper-elliptic curves. The signature length is half the size of a DSA signature for a similar level of security. Our short signature scheme is designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel. 1

Pairing-based cryptosystems depend on the existence of groups where the Decision Diffie-Hellman problem is easy to solve, but the Computational Diffie-Hellman problem is hard. Such is the case of elliptic curve groups whose embedding degree is large enough to maintain a good security level, but small enough for arithmetic operations to be feasible. However, the embedding degree is usually enormous, and the scarce previously known suitable elliptic groups had embedding degree k <= 6. In this note, we examine criteria for curves with larger k that generalize prior work by Miyaji et al. based on the properties of cyclotomic polynomials, and propose efficient representations for the underlying algebraic structures.

Abstract. This is the second in a series of papers where we combine the classical approach to exponential Diophantine equations (linear forms in logarithms, Thue equations, etc.) with a modular approach based on some of the ideas of the proof of Fermat’s Last Theorem. In this paper we use a general and powerful new lower bound for linear forms in three logarithms, together with a combination of classical, elementary and substantially improved modular methods to solve completely the Lebesgue-Nagell equation for D in the range 1 ≤ D ≤ 100. x 2 + D = y n, x, y integers, n ≥ 3, 1.

this paper (section 2), and to Denis Simon for the reference [10].

A set of m positive integers is called a Diophantine m-tuple if the product of its any two distinct elements increased by 1 is a perfect square. We prove that if b, c} is a Diophantine triple such that b > 4a and c > max{b or c > max{b then there is unique positive integer d such that d > c and is a Diophantine quadruple. Furthermore, we prove that there does not exist a Diophantine 9-tuple and that there are only finitely many Diophantine 8-tuples. 1

Abstract. Let Q be an n × n symmetric matrix with integral entries and with det Q � = 0, but not necesarily positive definite. We describe a generalized LLL algorithm to reduce this quadratic form. This algorithm either reduces the quadratic form or stops with some isotropic vector. It is proved to run in polynomial time. We also describe an algorithm for the minimization of a ternary quadratic form: when a quadratic equation q(x, y, z) =0issolvable over Q, a solution can be deduced from another quadratic equation of determinant ±1. The combination of these algorithms allows us to solve efficiently any general ternary quadratic equation over Q, and this gives a polynomial time algorithm (as soon as the factorization of the determinant of Q is known). There are various methods in the literature for solving homogeneous quadratic equations q(x, y, z) =0overQ. Mathematicians seem to be unanimous in saying that the first step consists of reducing to the diagonal case, that is, to Legendre equations of the type ax 2 + by 2 + cz 2 = 0. As we will see in Section 4.2, this is a good idea in theory, but disastrous in practice: the determinant of the new equation

In this paper we prove that the Diophantine equation where c 3 is an integer, has only the trivial solutions (1, 0), (0, 1).

In this paper we prove that the only primitive solutions of the 1). 1

Abstract. If F (x, y) is a binary cubic form with integer coefficients such that F (x, 1) has at least two distinct complex roots, then the equation F (x, y) =1 possesses at most ten solutions in integers x and y, nineifF has a nontrivial automorphism group. If, further, F (x, y) is reducible over Z[x, y], then this equation has at most 2 solutions, unless F (x, y) is equivalent under GL2(Z)action to either x(x 2 − xy − y 2)orx(x 2 − 2y 2). The proofs of these results rely upon the method of Thue-Siegel as refined by Evertse, together with lower bounds for linear forms in logarithms of algebraic numbers and techniques from computational Diophantine approximation. Along the way, we completely solve all Thue equations F (x, y) =1forF cubic and irreducible of positive discriminant DF ≤ 10 6. As corollaries, we obtain bounds for the number of solutions to more general cubic Thue equations of the form F (x, y) =m and to Mordell’s equation y 2 = x 3 + k, wherem and k are nonzero integers. 1.

Finding suitable non-supersingular elliptic curves becomes an important issue for the growing area of pairing-based cryptosystems. For this purpose, many methods have been proposed when embedding degree k and cofactor h are taken different values. In this paper we propose a new method to find pairing-friendly elliptic curves without restrictions on embedding degree k and cofactor h. We propose the idea of effective polynomial families for finding the curves through different kinds of Pell equations or special forms of D(x)V 2 (x). In addition, we discover some efficient families which can be used to build pairing-friendly elliptic curves over extension fields, e.g. Fp 2 and Fp 4.