Hostname: page-component-cd9895bd7-gvvz8 Total loading time: 0 Render date: 2024-12-26T03:30:12.337Z Has data issue: false hasContentIssue false

Fast heuristic algorithms for computing relations in the class group of a quadratic order, with applications to isogeny evaluation

Published online by Cambridge University Press:  26 August 2016

Jean-François Biasse
Affiliation:
University of South Florida, USA email biasse@usf.edu
Claus Fieker
Affiliation:
University of Kaiserslautern, Germany email fieker@mathematik.uni-kl.de
Michael J. Jacobson Jr
Affiliation:
University of Calgary, Canada email jacobs@ucalgary.ca

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

In this paper, we present novel algorithms for finding small relations and ideal factorizations in the ideal class group of an order in an imaginary quadratic field, where both the norms of the prime ideals and the size of the coefficients involved are bounded. We show how our methods can be used to improve the computation of large-degree isogenies and endomorphism rings of elliptic curves defined over finite fields. For these problems, we obtain improved heuristic complexity results in almost all cases and significantly improved performance in practice. The speed-up is especially high in situations where the ideal class group can be computed in advance.

Type
Research Article
Copyright
© The Author(s) 2016 

References

Ajtai, M., Kumar, R. and Sivakumar, D., ‘A sieve algorithm for the shortest lattice vector problem’, Proceedings of the Thirty-third Annual ACM Symposium on Theory of Computing, STOC ’01 (ACM, New York, 2001) 601610.CrossRefGoogle Scholar
Bisson, G., ‘Computing endomorphism rings of elliptic curves under the GRH’, J. Math. Cryptol. 5 (2012) no. 2, 101114.CrossRefGoogle Scholar
Bisson, G. and Sutherland, A., ‘Computing the endomorphism ring of an ordinary elliptic curve over a finite field’, J. Number Theory 131 (2011) no. 5, 815831. Elliptic Curve Cryptography.CrossRefGoogle Scholar
Bröker, R., Xavier Charles, D. and Lauter, K., ‘Evaluating large degree isogenies and applications to pairing based cryptography’, Pairing-based Cryptography – Pairing 2008, Proceedings of Second International Conference, Egham, September 1–3, 2008 , Lecture Notes in Computer Science 5209 (eds Galbraith, S. and Paterson, K.; Springer, 2008) 100112.CrossRefGoogle Scholar
Bröker, R., Lauter, K. and Sutherland, D., ‘Modular polynomials via isogeny volcanoes’, Math. Comput. 81 (2012) 12011231.CrossRefGoogle Scholar
Childs, A., Jao, D. and Soukharev, V., ‘Constructing elliptic curve isogenies in quantum subexponential time’, J. Math. Cryptol. 8 (2013) no. 1, 129.Google Scholar
Cohen, H., A course in computational algebraic number theory , Graduate Texts in Mathematics 138 (Springer, 1991).Google Scholar
Dupont, R., ‘Moyenne arithmético-géométrique, suites de Borchardt et applications’, PhD Thesis, École Polytechnique, 2006.Google Scholar
Hafner, J. L. and McCurley, K. S., ‘A rigorous subexponential algorithm for computation of class groups’, J. Amer. Math. Soc. 2 (1989) 839850.Google Scholar
Jao, D., Miller, S. D. and Venkatesan, R., ‘Expander graphs based on GRH with an application to elliptic curve cryptography’, J. Number Theory 129 (2009) no. 6, 14911504.CrossRefGoogle Scholar
Jao, D. and Soukharev, V., ‘A subexponential algorithm for evaluating large degree isogenies’, Algorithmic number theory , Lecture Notes in Computer Science 6197 (eds Hanrot, G., Morain, F. and Thomé, E.; Springer, Berlin, Heidelberg, 2010) 219233.CrossRefGoogle Scholar
Klüners, J. and Pauli, S., ‘Computing residue class rings and picard groups of orders’, J. Algebra 292 (2005) no. 1, 4764.CrossRefGoogle Scholar
Kohel, D., Lauter, K., Petit, C. and Tignol, J.-P., ‘On the quaternion l-isogeny path problem’, LMS J. Comput. Math. 17 (2014) 418432; 1.CrossRefGoogle Scholar
Lenstra, A. K., Lenstra, H. W. Jr., Manasse, M. S. and Pollard, J. M., ‘The number field sieve’, STOC ’90: Proceedings of the Twenty-second Annual ACM Symposium on Theory of Computing (ACM, New York, 1990) 564572.Google Scholar
Pauderis, C. and Storjohann, A., ‘Computing the invariant structure of integer matrices: fast algorithms into practice’, International Symposium on Symbolic and Algebraic Computation, ISSAC’13, Boston, MA, June 26–29, 2013 (ed. Kauers, M.; ACM, New York, 2013) 307314.Google Scholar
Schoof, R., ‘Counting points on elliptic curves over finite fields’, J. Théor. Nombres Bordeaux 7 (1995) 219254.CrossRefGoogle Scholar
Stephens-Davidowitz, N., ‘Dimension-preserving reductions between lattice problems’, http://www.noahsd.com/latticeproblems.pdf.Google Scholar
Sutherland, A., ‘On the evaluation of modular polynomials’, Proceedings of the Tenth Algorithmic Number Theory Symposium (ANTS X) , Open Book Series 1 (Mathematical Sciences Publishers, Berkeley, CA, 2013) 531555.Google Scholar