François Morain

Speeding up the Discrete Log Computation on Curves with Automorphisms

We show how to speed up the discrete log computations on curves having automorphisms of large order, thus generalizing the attacks on anomalous binary elliptic curves. This includes the first known attack on most of the hyperelliptic curves described in the literature.

FAST ALGORITHMS FOR COMPUTING ISOGENIES BETWEEN ELLIPTIC CURVES

We survey algorithms for computing isogenies between elliptic curves defined over a field of characteristic either 0 or a large prime. We introduce a new algorithm that computes an isogeny of degree l (l different from the characteristic) in time quasi-linear with respect to l. This is based in particular on fast algorithms for power series expansion of the Weierstrass ℘-function and related functions.

Building Curves with Arbitrary Small MOV Degree over Finite Prime Fields

Abstract We present a fast algorithm for building ordinary elliptic curves over finite prime fields having arbitrary small MOV degree. The elliptic curves are obtained using complex multiplication by any desired discriminant.

Isogeny Volcanoes and the SEA Algorithm

Recently, Kohel gave algorithms to compute the conductor of the endomorphism ring of an ordinary elliptic curve, given the cardinality of the curve. Using his work, we give a complete description of the structure of curves related via rational l-degree isogenies, a structure we call a volcano. We explain how we can travel through this structure using modular polynomials. The computation of the structure is possible without knowing the cardinality of the curve, and that as a result, we deduce information on the cardinality.

Counting the number of points on elliptic curves over finite fields: strategies and performances

Cryptographic schemes using elliptic curves over finite fields require the computation of the cardinality of the curves. Dramatic progress have been achieved recently in that field by various authors. The aim of this article is to highlight part of these improvements and to describe an efficient implementation of them in the particular case of the fields GF(2n), for n ≤ 600.

Schoof's algorithm and isogeny cycles

The heart of Schoofs algorithm for computing the cardinality m of an elliptic curve over a finite field is the computation of m modulo small primes l. Elkies and Atkin have designed practical improvements to the basic algorithm, that make use of “good” primes l. We show how to use powers of good primes in an efficient way. This is done by computing isogenies between curves over the ground field. A new structure appears, called “isogeny cycle”. We investigate some properties of this structure.

Finding suitable curves for the elliptic curve method of factorization

Using the parametrizations of Kubert, we show how to produce in nite families of elliptic curves which have prescribed nontrivial torsion over Q and rank at least one. These curves can be used to speed up the ECM factorization algorithm of Lenstra. We also brie y discuss curves with complex multiplication in this context.

Implementing the asymptotically fast version of the elliptic curve primality proving algorithm

The elliptic curve primality proving (ECPP) algorithm is one of the current fastest practical algorithms for proving the primality of large numbers. Its running time cannot be proven rigorously, but heuristic arguments show that it should run in time O ((log N)^5) to prove the primality of N. An asymptotically fast version of it, attributed to J. O. Shallit, runs in time O ((log N)^4). The aim of this article is to describe this version in more details, leading to actual implementations able to handle numbers with several thousands of decimal digits.

Primality Proving Using Elliptic Curves: An Update

In 1986, following the work of Schoof on counting points on elliptic curves over finite fields, new algorithms for primality proving emerged, due to Goldwasser and Kilian on the one hand, and Atkin on the other. The latter algorithm uses the theory of complex multiplication. The algorithm, now called ECPP, has been used for nearly ten years. The purpose of this paper is to give an account of the recent theoretical and practical improvements of ECPP, as well as new benchmarks for integers of various sizes and a new primality record.

Comparing Invariants for Class Fields of Imaginary Quadratic Fields

Class fields of imaginary quadratic number fields can be constructed from singular values of modular functions, called class invariants. From a computational point of view, it is desirable that the associated minimal polynomials be small. We examine different approaches to measure the size of the polynomials. Based on experimental evidence, we compare two families of class invariants suggested in the literature with respect to these criteria. Our results lead to more efficient constructions of elliptic curves for cryptography or in the context of elliptic curve primality proving (ECPP).