A double large prime variation for small genus hyperelliptic index calculus
نویسندگان
چکیده
In this article, we examine how the index calculus approach for computing discrete logarithms in small genus hyperelliptic curves can be improved by introducing a double large prime variation. Two algorithms are presented. The first algorithm is a rather natural adaptation of the double large prime variation to the intended context. On heuristic and experimental grounds, it seems to perform quite well but lacks a complete and precise analysis. Our second algorithm is a considerably simplified variant, which can be analyzed easily. The resulting complexity improves on the fastest known algorithms. Computer experiments show that for hyperelliptic curves of genus three, our first algorithm surpasses Pollard’s Rho method even for rather small field sizes. Key-words: cryptology, algorithmics, hyperelliptic curves, discrete logarithm ∗ CNRS, LIX, École polytechnique † INRIA Futurs, projet TANC ‡ INRIA Lorraine, projet SPACES § CACR, University of Waterloo ¶ Universität Leipzig Calcul de logarithmes discrets sur des courbes hyperelliptiques de petit genre en utilisant une double large prime variation Résumé : Nous présentons et analysons un nouvel algorithme pour résoudre des problèmes de logarithme discret dans les jacobiennes de courbes hyperelliptiques de petit genre. Cet algorithme utilise la technique de la double large prime variation, dans le cadre d’un algorithme de calcul d’index classique. Nous obtenons une analyse rigoureuse grâce à l’introduction d’un algorithme simplifié. La complexité obtenue est meilleure que celle des algorithmes connus précédemment pour résoudre le problème fixé dans ce contexte. Le résultat théorique est corroboré par l’expérimentation : nous avons démontré que des courbes de genre 3 sont davantage vulnérables à notre attaque qu’à l’algorithme Rho de Pollard, et ce même pour des tailles de groupes modérées. Mots-clés : cryptologie, algorithmique, courbes hyperelliptiques, logarithme discret A double large prime variation for hyperelliptic index calculus 3
منابع مشابه
Index calculus with double large prime variation for curves of small genus with cyclic class group
We present an index calculus algorithm with double large prime variation which lends itself well to a rigorous analysis. Using this algorithm we prove that for fixed genus g ≥ 2, the discrete logarithm problem in degree 0 class groups of non-singular curves over finite fields Fq can be solved in an expected time of Õ(q ), provided that the curve is given by a plane model of bounded degree and t...
متن کاملIndex calculus in class groups of non-hyperelliptic curves of genus 3 from a full cost perspective
We consider the discrete logarithm problem (DLP) in degree 0 class groups of non-hyperelliptic curves of genus 3 over finite fields Fq. Using a recent index calculus algorithm with double large prime variation by the author, heuristically, one can solve this problem in a time of Õ(q). In this work, we study this problem from a full cost perspective. We argue that heuristically, using a 3-dimens...
متن کاملIndex Calculus Attack for Hyperelliptic Curves of Small Genus
We present a variation of the index calculus attack by Gaudry which can be used to solve the discrete logarithm problem in the Jacobian of hyperelliptic curves. The new algorithm has a running time which is better than the original index calculus attack and the Rho method (and other square-root algorithms) for curves of genus ≥ 3. We also describe another improvement for curves of genus ≥ 4 (sl...
متن کاملImprovement of ThLeriault Algorithm of Index Calculus for Jacobian of Hyperelliptic Curves of Small Genus
Gaudry present a variation of index calculus attack for solving the DLP in the Jacobian of hyperelliptic curves. Harley and Thérialut improve these kind of algorithm. Here, we will present a variation of these kind of algorithm, which is faster than previous ones.
متن کاملImproved Sieving on Algebraic Curves
The best algorithms for discrete logarithms in Jacobians of algebraic curves of small genus are based on index calculus methods coupled with large prime variations. For hyperelliptic curves, relations are obtained by looking for reduced divisors with smooth Mumford representation [4]; for non-hyperelliptic curves it is faster to obtain relations using special linear systems of divisors [2, 3]. ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Math. Comput.
دوره 76 شماره
صفحات -
تاریخ انتشار 2004