shifts. This result suggests that isogeny-based cryptosystems may
be uncompetitive with more mainstream quantum-resistant cryptosystems such as lattice-
based cryptosystems. As part of this work, we also present the first classical algorithm for
evaluating isogenies having provably subexponential running time in the cardinality of the
base field under GRH.
Keywords. Elliptic curves, isogenies, hidden shift problem, quantum algorithms.
2010 Mathematics Subject Classification. 81P94, 68Q12, 11Y40, 14H52.
We consider the problem of constructing a nonzero
In this article, we formalize in Mizar ,  a binary operation of points on an elliptic curve over GF(p) in affine coordinates. We show that the operation is unital, complementable and commutative. Elliptic curve cryptography , whose security is based on a difficulty of discrete logarithm problem of elliptic curves, is important for information security.
In general, there exists an ellipse passing through the vertices of a convex pentagon, but any ellipse passing through the vertices of a convex hexagon does not have to exist. Thus, attention is turned to algebraic curves of the third degree, namely to the closed component of certain elliptic curves. This closed curve will be called the spekboom curve. Results of numerical experiments and some hypotheses regarding hexagons of special shape connected with the existence of this curve passing through the vertices are presented and suggested. Some properties of the spekboom curve are described, too.
This paper revisits the computation of pairings on a model of elliptic curve called Selmer curves. We extend the work of Zhang, Wang, Wang and Ye to the computation of other variants of the Tate pairing on this curve. Especially, we show that the Selmer model of an elliptic curve presents faster formulas for the computation of the Ate and optimal Ate pairings with respect to Weierstrass elliptic curves. We show how to parallelise the computation of these pairings and we obtained very fast results. We also present an example of optimal pairing on a pairing-friendly Selmer curve of embedding degree k = 12.
paper proposes the computation of the Tate pairing, Ate pairing and its variations on the special Jacobi quartic elliptic curve . We improve
the doubling and addition steps in Miller's algorithm to compute the Tate pairing. We use the birational equivalence between Jacobi quartic curves and Weierstrass curves, together with a specific point representation to obtain the best result to date among curves with quartic
twists. For the doubling and addition steps in Miller's algorithm for the computation of the Tate pairing,
we obtain a theoretical gain up to and , depending on the embedding degree and the extension
field arithmetic, with respect to Weierstrass curves and previous results on Jacobi quartic curves. Furthermore and for the first time, we compute and implement Ate, twisted Ate and optimal pairings on the Jacobi quartic curves. Our results are up to more efficient compared to the case of Weierstrass curves with
This paper deals with an implementation of the elliptic curve primality proving (ECPP) algorithm of Atkin and Morain. As the ECPP algorithm is not deterministic, we are developing a strategy to avoid certain situations in which the original implementation could get stuck and to get closer to the situation where the probability that the algorithm terminates successfully is 1. We apply heuristics and tricks in order to test the strategy in our implementation in Magma on numbers of up to 7000 decimal digits and collect data to show the advantages over previous implementations in practice.
We study distance functions on the set of ordinary (or non-supersingular) elliptic curves in short Weierstrass form (or simplified Weierstrass form) over a finite field of characteristic three. Mishra and Gupta (2008) firstly construct distance functions on the set of elliptic curves in short Weierstrass form over any prime field of characteristic greater than three. Afterward, Vetro (2011) constructs some other distance functions on the set of elliptic curves in short Weierstrass form over any prime field of characteristic greater than three. Recently, Hakuta (2015) has proposed distance functions on the set of ordinary elliptic curves in short Weierstrass form over any finite field of characteristic two. However, to our knowledge, no analogous result is known in the characteristic three case. In this paper, we shall prove that one can construct distance functions on the set of ordinary elliptic curves in short Weierstrass form over any finite field of characteristic three. A cryptographic application of our distance functions is also discussed.
We improve on the first fall degree bound of polynomial systems that arise
from a Weil descent along Semaev’s summation polynomials relevant to the solution of the Elliptic Curve
Discrete Logarithm Problem via Gröbner basis algorithms.
The majority of methods for constructing pairing-friendly elliptic curves are based on representing the curve parameters as polynomial families. There are three such types, namely complete, complete with variable discriminant and sparse families. In this paper, we present a method for constructing sparse families and produce examples of this type that have not previously appeared in the literature, for various embedding degrees. We provide numerical examples obtained by these sparse families, considering for the first time the effect of the recent progress on the tower number field sieve (TNFS) method for solving the discrete logarithm problem (DLP) in finite field extensions of composite degree.