Team TANC
Members
Overall Objectives
Scientific Foundations
Application Domains
Software
New Results
Contracts and Grants with Industry
Other Grants and Activities
Dissemination
Bibliography
previous up next PDF XML

Section: New Results

Algebraic curves over finite fields

Cardinality

Participants : Andreas Enge, François Morain.

A crucial ingredient for these records was A. Enge's new algorithm [15] for computing modular equations of index greater than 2000. The algorithm computes bivariate modular polynomials by an evaluation and interpolation approach and relies on the ability to rapidly evaluate modular functions in complex floating point arguments. It has a quasi-linear complexity with respect to its output size, so that the performance of the algorithm is limited only by the size of the result: we have in fact been able to compute modular polynomials of degree larger than 10000 and of size 16 GB by a parallelised implementation of the algorithm, that uses mpc and mpfrcx for the arithmetic of complex numbers and of polynomials with floating point coefficients, see Sections  5.2 and 5.3 . For the point counting algorithm, the polynomials of prime level up to 6000 have been used. They occupy a disk space of close to 1 TB. Despite this progress, computing modular polynomials remains the stumbling block for new point counting records. Clearly, to circumvent the memory problems, one would need an algorithm that directly obtains the polynomial specialised in one variable.

We plan to make our new implementation available as an extension to the NTL library.

Isogenies

Participants : François Morain, Luca De Feo, Benjamin Smith.

Together with A. Bostan, B. Salvy (from projet ALGO ), and É. Schost, F. Morain gave quasi-linear algorithms for computing the explicit form of a strict isogeny between two elliptic curves, another important block in the SEA algorithm [3] . This article contains a survey of previous methods, all applicable in the large characteristic case. Joux and Lercier have recently announced a p -adic approach for computing isogenies in all characteristic with the same complexity and based on our work.

For the small case, the old algorithms of Couveignes and Lercier were studied from scratch, and Lercier's algorithm reimplemented in NTL by F. Morain, as a benchmark for other methods. In 2009 L. De Feo and É. Schost gave new asymptotically fast algorithms for arithmetics in Artin–Schreier towers [19] . The algorithms have been packaged in the C++ library FAAST and served as a basis for a new efficient implementation of Couveignes' algorithm. Integration with F. Morain's implementation of SEA is in progress. An article is in preparation giving the details of the implementation and the improvements to the original algorithm.

In 2009, B. Smith gave new constructions of families of isogenies of Jacobians of high-genus curves; the existence of these families is remarkable. An article exhibiting twelve families of higher-genus hyperelliptic curves was submitted to the proceedings of AGCT 12 [20] , and an article describing six infinite series of families (each giving isogenies in arbitrarily high dimension) is in preparation.

Discrete logarithms on curves

Participants : Andreas Enge, Jean-François Biasse, Benjamin Smith.

Jean-François Biasse has worked on an implementation of a subexponential algorithm to solve instances of the discrete logarithm problem on hyperelliptic curves of genus 8, in order to study the efficiency of a cryptosystem proposed by Edlyn Teske. This cryptosystem relies on the facility of solving this problem, as well as the difficulty of solving the discrete logarithm problem on an elliptic curve. This work was presented in October 2008 at the "Journée Nationales du Calcul Formel" in Luminy.

An extended version of B. Smith's 2008 work on polynomial-time reductions of discrete logarithm problem instances from a large class of hyperelliptic curves of genus 3 to non-hyperelliptic curves of genus 3 (where Diem's algorithm [31] can solve the discrete logarithm problem in time Im6 ${\mover O\#732 {(q)}}$ , a significant improvement over the previous best known Im7 ${\mover O\#732 {(q^{4/3})}}$ algorithm for solving hyperelliptic genus 3 discrete logarithms due to P. Gaudry, E. Thomé, N. Thériault, and C. Diem  [45] ) has now appeared in the Journal of Cryptology [17] .

Pairings

Participants : Andreas Enge, Benjamin Smith.

B. Smith has recently published joint work with S. Galbraith (Auckland), J. Pujolas (Lleida), and C. Ritzenthaler (Luminy), giving explicit constructions of distortion maps for supersingular genus 2 curves [16] . This enables practical pairing-based cryptography based on genus 2 curves.


previous
next

Logo Inria