Results 1  10
of
18
Analyzing the GalbraithLinScott Point Multiplication Method for Elliptic Curves over Binary Fields
 IEEE Transactions on Computers
, 2009
"... Abstract. Galbraith, Lin and Scott recently constructed efficientlycomputable endomorphisms for a large family of elliptic curves defined over Fq 2 and showed, in the case where q is prime, that the GallantLambertVanstone point multiplication method for these curves is significantly faster than p ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
Abstract. Galbraith, Lin and Scott recently constructed efficientlycomputable endomorphisms for a large family of elliptic curves defined over Fq 2 and showed, in the case where q is prime, that the GallantLambertVanstone point multiplication method for these curves is significantly faster than point multiplication for general elliptic curves over prime fields. In this paper, we investigate the potential benefits of using GalbraithLinScott elliptic curves in the case where q is a power of 2. The analysis differs from the q prime case because of several factors, including the availability of the point halving strategy for elliptic curves over binary fields. Our analysis and implementations show that GalbraithLinScott offers significant acceleration for curves over binary fields, in both doubling and halvingbased approaches. Experimentally, the acceleration surpasses that reported for prime fields (for the platform in common), a somewhat counterintuitive result given the relative costs of point addition and doubling in each case. 1.
Elliptic curve cryptography: The serpentine course of a paradigm shift
 J. NUMBER THEORY
, 2008
"... Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
Over a period of sixteen years elliptic curve cryptography went from being an approach that many people mistrusted or misunderstood to being a public key technology that enjoys almost unquestioned acceptance. We describe the sometimes surprising twists and turns in this paradigm shift, and compare this story with the commonly accepted Ideal Model of how research and development function in cryptography. We also discuss to what extent the ideas in the literature on “social construction of technology” can contribute to a better understanding of this history.
Another look at nonstandard discrete log and DiffieHellman problems
 J. Math. Cryptology
"... Abstract. We examine several versions of the onemorediscretelog and onemoreDiffieHellman problems. In attempting to evaluate their intractability, we find conflicting evidence of the relative hardness of the different problems. Much of this evidence comes from natural families of groups associ ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
Abstract. We examine several versions of the onemorediscretelog and onemoreDiffieHellman problems. In attempting to evaluate their intractability, we find conflicting evidence of the relative hardness of the different problems. Much of this evidence comes from natural families of groups associated with curves of genus 2, 3, 4, 5, and 6. This leads to questions about how to interpret reductionist security arguments that rely on these nonstandard problems. 1.
Fast Jacobian group operations for C3,4 curves over a large finite field. available on the Arxiv
"... Let C be an arbitrary smooth algebraic curve of genus g over a large finite field K. We revisit fast addition algorithms in the Jacobian of C due to KhuriMakdisi (math.NT/0409209, to appear in Mathematics of Computation). The algorithms, which reduce to linear algebra in vector spaces of dimension ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Let C be an arbitrary smooth algebraic curve of genus g over a large finite field K. We revisit fast addition algorithms in the Jacobian of C due to KhuriMakdisi (math.NT/0409209, to appear in Mathematics of Computation). The algorithms, which reduce to linear algebra in vector spaces of dimension O(g) once K  ≫ g and which asymptotically require O(g 2.376) field operations using fast linear algebra, are shown to perform efficiently even for certain low genus curves. Specifically, we provide explicit formulae for performing the group law on Jacobians of C3,4 curves of genus 3. We show that, typically, the addition of two distinct elements in the Jacobian of a C3,4 curve requires 117 multiplications and 2 inversions in K, and an element can be doubled using 129 multiplications and 2 inversions in K. This represents an improvement of approximately 20% over previous methods. 1 Introduction and
An L(1/3) Discrete Logarithm Algorithm for Low Degree Curves, 2009, http://hal.inria.fr/inria00383941/en/, Accepted for publication in Journal of Cryptology
"... We present an algorithm for solving the discrete logarithm problem in Jacobians of families of plane curves whose degrees in X and Y are low with respect to their genera. The finite base fields Fq are arbitrary, but their sizes should not grow too fast compared to the genus. For such families, the g ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
We present an algorithm for solving the discrete logarithm problem in Jacobians of families of plane curves whose degrees in X and Y are low with respect to their genera. The finite base fields Fq are arbitrary, but their sizes should not grow too fast compared to the genus. For such families, the group structure and discrete logarithms can be computed in subexponential time of Lqg(1/3, O(1)). The runtime bounds rely on heuristics similar to the ones used in the number field sieve or the function field sieve. 1
NONHYPERELLIPTIC MODULAR JACOBIANS OF DIMENSION 3
, 2008
"... Abstract. We present a method to solve in an efficient way the problem of constructing the curves given by Torelli’s theorem in dimension 3 over the complex numbers: For an absolutely simple principally polarized abelian threefold A over C given by its period matrix Ω, compute a model of the curve o ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract. We present a method to solve in an efficient way the problem of constructing the curves given by Torelli’s theorem in dimension 3 over the complex numbers: For an absolutely simple principally polarized abelian threefold A over C given by its period matrix Ω, compute a model of the curve of genus three (unique up to isomorphism) whose Jacobian, equipped with its canonical polarization, is isomorphic to A as a principally polarized abelian variety. We use this method to describe the nonhyperelliptic modular Jacobians of dimension 3. We investigate all the nonhyperelliptic new modular Jacobians Jac(Cf) of dimension 3 which are isomorphic to Af,wheref∈Snew 2 (X0(N)), N ≤ 4000.
INFRASTRUCTURE, ARITHMETIC, AND CLASS NUMBER COMPUTATIONS IN PURELY CUBIC FUNCTION FIELDS OF CHARACTERISTIC AT LEAST 5
, 2009
"... One of the more difficult and central problems in computational algebraic number theory is the computation of certain invariants of a field and its maximal order. In this thesis, we consider this problem where the field in question is a purely cubic function field, K/Fq(x), with char(K) ≥ 5. In add ..."
Abstract
 Add to MetaCart
One of the more difficult and central problems in computational algebraic number theory is the computation of certain invariants of a field and its maximal order. In this thesis, we consider this problem where the field in question is a purely cubic function field, K/Fq(x), with char(K) ≥ 5. In addition, we will give a divisortheoretic treatment of the infrastructures of K, including a description of its arithmetic, and develop arithmetic on the ideals of the maximal order, O, of K. Historically, the infrastructure, RC, of an ideal class, C ∈ Cl(O) has been defined as a set of reduced ideals in C. However, we extend work of Paulus and Rück [PR99] and Jacobson, Scheidler, and Stein [JSS07b] to define RC as a certain subset of the divisor class group, JK, of a cubic function field, K, specifically, the subset of distinguished divisors whose classes map to C via JK → Cl(O). Our definition of distinguished generalizes the same notion by Bauer for purely cubic function fields of unit rank 0 [Bau04] to those of unit rank 1 and 2 as well. Further, we prove a bijection between RC, as a set of distinguished divisors, and the infrastructure of C defined by “reduced” ideals, as in [Sch00, SS00, Sch01, LSY03, Sch04]. We describe the arithmetic on RC, providing new results on the baby step and giant step operations and generalizing notions of the inverse of a divisor in R [O] from quadratic infrastructures in [JSS07b] to cubic infrastructures. We also give algorithms to
On the discrete logarithm problem for plane curves Claus Diem
, 2010
"... In this article the discrete logarithm problem in degree 0 class groups of curves over finite fields given by plane models is studied. It is proven that the discrete logarithm problem in degree 0 class groups of nonhyperelliptic curves of genus 3 (given by plane models of degree 4) can be solved in ..."
Abstract
 Add to MetaCart
In this article the discrete logarithm problem in degree 0 class groups of curves over finite fields given by plane models is studied. It is proven that the discrete logarithm problem in degree 0 class groups of nonhyperelliptic curves of genus 3 (given by plane models of degree 4) can be solved in an expected time of Õ(q), where q is the cardinality of the ground field. Moreover, it is proven that for every fixed natural number d ≥ 4 such that d or d − 1 is prime, the discrete logarithm problem for curves given by reflexive plane models of degree d can be 2 solved in an expected time of Õ(q2 − d−2). 1
1 Fast addition on nonhyperelliptic genus 3 curves
"... We present a fast addition algorithm in the Jacobian of a genus 3 nonhyperelliptic curve over a field k of any characteristic. When the curve has a rational flex and k is a finite field of characteristic greater than 5, the computational cost for addition is 163M+2I and 185M+2I for doubling. We stud ..."
Abstract
 Add to MetaCart
We present a fast addition algorithm in the Jacobian of a genus 3 nonhyperelliptic curve over a field k of any characteristic. When the curve has a rational flex and k is a finite field of characteristic greater than 5, the computational cost for addition is 163M+2I and 185M+2I for doubling. We study also the rationality of intersection points of a line with a quartic and give geometric characterizations of C3,4 curves and Picard curves. To conclude, an appendix gives a formula to compute flexes in all characteristics.