Abstract
An isogeny between elliptic curves is an algebraic morphism which is a group homomorphism. Many applications in cryptography require evaluating large degree isogenies between elliptic curves efficiently. For ordinary curves of the same endomorphism ring, the previous best known algorithm has a worst case running time which is exponential in the length of the input. In this paper we show this problem can be solved in subexponential time under reasonable heuristics. Our approach is based on factoring the ideal corresponding to the kernel of the isogeny, modulo principal ideals, into a product of smaller prime ideals for which the isogenies can be computed directly. Combined with previous work of Bostan et al., our algorithm yields equations for large degree isogenies in quasi-optimal time given only the starting curve and the kernel.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bisson, G., Sutherland, A.: Computing the endomorphism ring of an ordinary elliptic curve over a finite field. Journal of Number Theory (to appear 2009)
Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (2000); Reprint of the 1999 original (1999)
Bostan, A., Morain, F., Salvy, B., Schost, É.: Fast algorithms for computing isogenies between elliptic curves. Math. Comp. 77(263), 1755–1778 (2008)
Bröker, R., Charles, D., Lauter, K.: Evaluating large degree isogenies and applications to pairing based cryptography. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 100–112. Springer, Heidelberg (2008)
Bröker, R., Lauter, K., Sutherland, A.: Modular polynomials via isogeny volcanoes (2010)
Buchmann, J., Vollmer, U.: Binary quadratic forms. Algorithms and Computation in Mathematics, vol. 20. Springer, Berlin (2007); An algorithmic approach
Certicom ECC Challenge, http://www.certicom.com/images/pdfs/cert_ecc_challenge.pdf .
Certicom ECC Curves List, http://www.certicom.com/index.php/curves-list
Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., Vercauteren, F. (eds.): Handbook of elliptic and hyperelliptic curve cryptography. Discrete Mathematics and its Applications. Chapman & Hall/CRC (2006)
Cohen, H.: A course in computational algebraic number theory. Graduate Texts in Mathematics, vol. 138. Springer, Berlin (1993)
Couveignes, J.-M., Morain, F.: Schoof’s algorithm and isogeny cycles. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 43–58. Springer, Heidelberg (1994)
Cox, D.A.: Primes of the form x 2 + ny 2. A Wiley-Interscience Publication, John Wiley & Sons Inc., New York (1989); Fermat, class field theory and complex multiplication
Enge, A.: Computing modular polynomials in quasi-linear time. Math. Comp. 78(267), 1809–1824 (2009)
Fouquet, M., Morain, F.: Isogeny volcanoes and the SEA algorithm. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 276–291. Springer, Heidelberg (2002)
Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptology (to appear 2010)
Galbraith, S.D.: Constructing isogenies between elliptic curves over finite fields. LMS J. Comput. Math. 2, 118–138 (1999) (electronic)
Galbraith, S.D., Hess, F., Smart, N.P.: Extending the GHS Weil descent attack. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 29–44. Springer, Heidelberg (2002)
Hafner, J., McCurley, K.: A rigorous subexponential algorithm for computation of class groups. J. Amer. Math. Soc. 2(4), 837–850 (1989)
Hardy, K., Muskat, J.B., Williams, K.S.: A deterministic algorithm for solving n = fu 2 + gv 2 in coprime integers u and v. Math. Comp. 55(191), 327–343 (1990)
Jao, D., Miller, S.D., Venkatesan, R.: Do all elliptic curves of the same order have the same difficulty of discrete log? In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 21–40. Springer, Heidelberg (2005)
Kohel, D.: Endomorphism rings of elliptic curves over finite fields. PhD thesis, University of California, Berkeley (1996)
MAGMA Computational Algebra System, http://magma.maths.usyd.edu.au/
Menezes, A., Teske, E., Weng, A.: Weak fields for ECC. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 366–386. Springer, Heidelberg (2004)
Schönhage, A.: Fast reduction and composition of binary quadratic forms. In: ISSAC 1991: Proceedings of the 1991 International Symposium on Symbolic and Algebraic Computation, pp. 128–133. ACM, New York (1991)
Schoof, R.: Counting points on elliptic curves over finite fields. J. Théor. Nombres Bordeaux 7(1), 219–254 (1995); Les Dix-huitièmes Journées Arithmétiques (Bordeaux, 1993)
Seysen, M.: A probabilistic factorization algorithm with quadratic forms of negative discriminant. Math. Comp. 48(178), 757–780 (1987)
Silverman, J.: The arithmetic of elliptic curves. Graduate Texts in Mathematics, vol. 106. Springer, New York (1992); Corrected reprint of the 1986 original (1986)
Sutherland, A.:Smoothrelation, http://math.mit.edu/~drew/smoothrelation_v1.tar
Tate, J.: Endomorphisms of abelian varieties over finite fields. Invent. Math. 2, 134–144 (1966)
Teske, E.: An elliptic curve trapdoor system. J. Cryptology 19(1), 115–133 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jao, D., Soukharev, V. (2010). A Subexponential Algorithm for Evaluating Large Degree Isogenies. In: Hanrot, G., Morain, F., Thomé, E. (eds) Algorithmic Number Theory. ANTS 2010. Lecture Notes in Computer Science, vol 6197. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14518-6_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-14518-6_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14517-9
Online ISBN: 978-3-642-14518-6
eBook Packages: Computer ScienceComputer Science (R0)