Skip to main content
SpringerLink
Log in

A Subexponential Algorithm for Evaluating Large Degree Isogenies

  • Conference paper
Algorithmic Number Theory (ANTS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6197))

Included in the following conference series:

Abstract

An isogeny between elliptic curves is an algebraic morphism which is a group homomorphism. Many applications in cryptography require evaluating large degree isogenies between elliptic curves efficiently. For ordinary curves of the same endomorphism ring, the previous best known algorithm has a worst case running time which is exponential in the length of the input. In this paper we show this problem can be solved in subexponential time under reasonable heuristics. Our approach is based on factoring the ideal corresponding to the kernel of the isogeny, modulo principal ideals, into a product of smaller prime ideals for which the isogenies can be computed directly. Combined with previous work of Bostan et al., our algorithm yields equations for large degree isogenies in quasi-optimal time given only the starting curve and the kernel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bisson, G., Sutherland, A.: Computing the endomorphism ring of an ordinary elliptic curve over a finite field. Journal of Number Theory (to appear 2009)

    Google Scholar 

  2. Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (2000); Reprint of the 1999 original (1999)

    Google Scholar 

  3. Bostan, A., Morain, F., Salvy, B., Schost, É.: Fast algorithms for computing isogenies between elliptic curves. Math. Comp. 77(263), 1755–1778 (2008)

    Article  MathSciNet  Google Scholar 

  4. Bröker, R., Charles, D., Lauter, K.: Evaluating large degree isogenies and applications to pairing based cryptography. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 100–112. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Bröker, R., Lauter, K., Sutherland, A.: Modular polynomials via isogeny volcanoes (2010)

    Google Scholar 

  6. Buchmann, J., Vollmer, U.: Binary quadratic forms. Algorithms and Computation in Mathematics, vol. 20. Springer, Berlin (2007); An algorithmic approach

    MATH  Google Scholar 

  7. Certicom ECC Challenge, http://www.certicom.com/images/pdfs/cert_ecc_challenge.pdf .

  8. Certicom ECC Curves List, http://www.certicom.com/index.php/curves-list

  9. Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., Vercauteren, F. (eds.): Handbook of elliptic and hyperelliptic curve cryptography. Discrete Mathematics and its Applications. Chapman & Hall/CRC (2006)

    Google Scholar 

  10. Cohen, H.: A course in computational algebraic number theory. Graduate Texts in Mathematics, vol. 138. Springer, Berlin (1993)

    MATH  Google Scholar 

  11. Couveignes, J.-M., Morain, F.: Schoof’s algorithm and isogeny cycles. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 43–58. Springer, Heidelberg (1994)

    Google Scholar 

  12. Cox, D.A.: Primes of the form x 2 + ny 2. A Wiley-Interscience Publication, John Wiley & Sons Inc., New York (1989); Fermat, class field theory and complex multiplication

    Google Scholar 

  13. Enge, A.: Computing modular polynomials in quasi-linear time. Math. Comp. 78(267), 1809–1824 (2009)

    Article  MathSciNet  Google Scholar 

  14. Fouquet, M., Morain, F.: Isogeny volcanoes and the SEA algorithm. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 276–291. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptology (to appear 2010)

    Google Scholar 

  16. Galbraith, S.D.: Constructing isogenies between elliptic curves over finite fields. LMS J. Comput. Math. 2, 118–138 (1999) (electronic)

    MATH  MathSciNet  Google Scholar 

  17. Galbraith, S.D., Hess, F., Smart, N.P.: Extending the GHS Weil descent attack. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 29–44. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. Hafner, J., McCurley, K.: A rigorous subexponential algorithm for computation of class groups. J. Amer. Math. Soc. 2(4), 837–850 (1989)

    MATH  MathSciNet  Google Scholar 

  19. Hardy, K., Muskat, J.B., Williams, K.S.: A deterministic algorithm for solving n = fu 2 + gv 2 in coprime integers u and v. Math. Comp. 55(191), 327–343 (1990)

    MATH  MathSciNet  Google Scholar 

  20. Jao, D., Miller, S.D., Venkatesan, R.: Do all elliptic curves of the same order have the same difficulty of discrete log? In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 21–40. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  21. Kohel, D.: Endomorphism rings of elliptic curves over finite fields. PhD thesis, University of California, Berkeley (1996)

    Google Scholar 

  22. MAGMA Computational Algebra System, http://magma.maths.usyd.edu.au/

  23. Menezes, A., Teske, E., Weng, A.: Weak fields for ECC. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 366–386. Springer, Heidelberg (2004)

    Google Scholar 

  24. Schönhage, A.: Fast reduction and composition of binary quadratic forms. In: ISSAC 1991: Proceedings of the 1991 International Symposium on Symbolic and Algebraic Computation, pp. 128–133. ACM, New York (1991)

    Chapter  Google Scholar 

  25. Schoof, R.: Counting points on elliptic curves over finite fields. J. Théor. Nombres Bordeaux 7(1), 219–254 (1995); Les Dix-huitièmes Journées Arithmétiques (Bordeaux, 1993)

    MATH  MathSciNet  Google Scholar 

  26. Seysen, M.: A probabilistic factorization algorithm with quadratic forms of negative discriminant. Math. Comp. 48(178), 757–780 (1987)

    MATH  MathSciNet  Google Scholar 

  27. Silverman, J.: The arithmetic of elliptic curves. Graduate Texts in Mathematics, vol. 106. Springer, New York (1992); Corrected reprint of the 1986 original (1986)

    Google Scholar 

  28. Sutherland, A.:Smoothrelation, http://math.mit.edu/~drew/smoothrelation_v1.tar

  29. Tate, J.: Endomorphisms of abelian varieties over finite fields. Invent. Math. 2, 134–144 (1966)

    Article  MATH  MathSciNet  Google Scholar 

  30. Teske, E.: An elliptic curve trapdoor system. J. Cryptology 19(1), 115–133 (2006)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Combinatorics and Optimization, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada

    David Jao & Vladimir Soukharev

Authors
  1. David Jao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vladimir Soukharev
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. LIP/ENS-Lyon, 46, allée d’Italie, 69364, Lyon, Cedex 07, France

    Guillaume Hanrot

  2. Laboratoire d’Informatique (CNRS/UMR 7650), École polytechnique, 91128, Palaiseau Cedex, France

    François Morain

  3. INRIA Nancy, project CARAMEL, 615 rue du jardin botanique, 54602, Villers-lès-Nancy Cedex,, France

    Emmanuel Thomé

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jao, D., Soukharev, V. (2010). A Subexponential Algorithm for Evaluating Large Degree Isogenies. In: Hanrot, G., Morain, F., Thomé, E. (eds) Algorithmic Number Theory. ANTS 2010. Lecture Notes in Computer Science, vol 6197. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14518-6_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14518-6_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14517-9

  • Online ISBN: 978-3-642-14518-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation