Section: Overall Objectives
Overall Objectives
A general keyword that could encompass most of our research objectives is arithmetic. Indeed, in the Caramel team, the goal is to push forward the possibilities to compute efficiently with objects having an arithmetic nature. This includes integers, real and complex numbers, polynomials, finite fields, and, last but not least, algebraic curves.
Our main application domains are publickey cryptography and computer algebra systems. Concerning cryptography, we concentrate on the study of the primitives based on the factorization problem or on the discretelogarithm problem in finite fields or (Jacobians of) algebraic curves. Both the constructive and destructive sides are of interest to Caramel . For applications in computer algebra systems, we are mostly interested in arithmetic building blocks for integers, floatingpoint numbers, polynomials, and finite fields. Also some higher level functionalities like factoring and discretelogarithm computation are usually desired in computer algebra systems.
Since we develop our expertise at various levels, from most lowlevel software or hardware implementation of basic building blocks to complicated highlevel algorithms like integer factorization or point counting, we have remarked that it is often too simpleminded to separate them: we believe that the interactions between lowlevel and highlevel algorithms are of utmost importance for arithmetic applications, yielding important improvements that would not be possible with a vision restricted to low or highlevel algorithms.
We emphasize three main directions in the Caramel team:

Integer factorization and discretelogarithm computation in finite fields.
We are in particular interested in the number field sieve algorithm (NFS) that is the best algorithm known for factoring large RSAlike integers, and for solving discrete logarithms in prime finite fields and small extension degree finite fields. In the case of discrete logarithm in small characteristic, recent progress led to algorithms that are less similar to the NFS algorithm; on the other hand they involve GrÃ¶bner basis computations.
In all these cases, we plan to improve on existing algorithms, with a view towards practical considerations and setting new records.

Algebraic curves and cryptography.
Our two main research interests on this topic lie in genus2 cryptography and in the arithmetic of pairings, mostly on the constructive side in both cases. For genus2 curves, a key algorithmic tool that we develop is the computation of explicit isogenies; this allows improvements for cryptographyrelated computations such as point counting in large characteristic, complexmultiplication construction and computation of the ring of endomorphisms.
The pairingbased cryptography landscape has been greatly modified recently, due to the progress in the discrete logarithm problem. Therefore, this is no longer a priority for us.

Integer, finitefield and polynomial arithmetic are ubiquitous to our research. We consider them not only as tools for other algorithms, but as a research theme per se. We are interested in algorithmic advances, in particular for large input sizes where asymptotically fast algorithms become of practical interest. We also keep an important implementation activity, both in hardware and in software.
Polynomial system solving is a transverse theme to these research directions. It is rather natural with algebraic curves, and occurs also in NFSrelated contexts, that many important challenges can be represented via polynomial systems, which have structural specificities. We also intend to develop algorithms and tools that, when possible, take advantage of these specificities.