Computing the trace of an endomorphism of a supersingular elliptic curve

Wills, Michael Thomas

10 June 2021

We provide an explicit algorithm for computing the trace of an endomorphism of an elliptic curve which is given by a chain of small-degree isogenies. We analyze its complexity, determining that if the length of the chain, the degree of the isogenies, and the log of the field-size are all O(n), the trace of the endomorphism can be computed in O(n⁶) bit operations. This makes explicit a theorem of Kohel which states that such a polynomial time algorithm exists. The given procedure is based on Schoof's point-counting algorithm. / Master of Science / The developing technology of quantum computers threatens to render current cryptographic systems (that is, systems for protecting stored or transmitted digital information from unauthorized third parties) ineffective. Among the systems proposed to ensure information security against attacks by quantum computers is a cryptographic scheme known as SIKE. In this thesis, we provide and analyze an algorithm that comprises one piece of a potential attack against SIKE by a classical computer. The given algorithm is also useful more generally in the field of arithmetic geometry.

elliptic curves

endomorphism rings

arithmetic geometry

supersingular elliptic curves

TheGL(4) Rapoport-Zink Space:

Fox, Maria

January 2019

Thesis advisor: Benjamin Howard / This dissertation gives a description of the GL(4) Rapoport-Zink space, including the connected components, irreducible components, intersection behavior of the irreducible components, and Ekedahl-Oort stratification. As an application of this, this dissertation also includes a description of the supersingular locus of the Shimura variety for the group GU(2,2) over a prime split in the relevant imaginary quadratic field. / Thesis (PhD) — Boston College, 2019. / Submitted to: Boston College. Graduate School of Arts and Sciences. / Discipline: Mathematics.

Arithmetic Geometry

GL(4)

GU(2

2)

Rapoport-Zink Space

Shimura Variety

Supersingular Locus

Kriptoschemos identifikacinės informacijos pagrindu / Identy based cryptoschemes

Kirna, Aurelijus

08 June 2006

Identy based cryptography has been, for a few recent years, the most active area of research and currently is of a great interest to the researchers groups. In general case the root of ID based cryptography is that user identifying data is used like a public key and so is no need of certificates for the user authentification. In this work we survey a few basic the most influent cryptoschemes. We attempt to answer what is needed for constructing an efficient IBE scheme. There are trustworthy cryptoschemes that uses elliptic curves and bilinear pairings in nowadays. We use these mathematical implements for efficient cryptoscheme too. And finally, there is a pilot software realization for this scheme.

Informatics

Bitiesiniai poravimai

Elipsinės kreivės

IBE

Elliptic curves

Bilinear pairings

Identy based

Identifikacinė informacija

Supersingular

Id based

A Performance Evaluation of Post-Quantum Cryptography in the Signal Protocol / En prestandautvärdering av kvantsäkert krypto i Signal-protokollet

Alvila, Markus

January 2019

The Signal protocol can be considered state-of-the-art when it comes to secure messaging, but advances in quantum computing stress the importance of finding post-quantum resistant alternatives to its asymmetric cryptographic primitives. The aim is to determine whether existing post-quantum cryptography can be used as a drop-in replacement for the public-key cryptography currently used in the Signal protocol and what the performance trade-offs may be. An implementation of the Signal protocol using commutative supersingular isogeny Diffie-Hellman (CSIDH) key exchange operations in place of elliptic-curve Diffie-Hellman (ECDH) is proposed. The benchmark results on a Samsung Galaxy Note 8 mobile device equipped with a 64-bit Samsung Exynos 9 (8895) octa-core CPU shows that it takes roughly 8 seconds to initialize a session using CSIDH-512 and over 40 seconds using CSIDH-1024, without platform specific optimization. To the best of our knowledge, the proposed implementation is the first post-quantum resistant Signal protocol implementation and the first evaluation of using CSIDH as a drop-in replacement for ECDH in a communication protocol.

post-quantum

resistant

cryptography

commutative

supersingular

isogeny

Diffie-Hellman

CSIDH

Signal

protocol

X3DH

Double Ratchet

Curve25519

performance

evaluation

CPU

profiling

Android

Engineering and Technology

Teknik och teknologier

Construction of algebraic curves with many rational points over finite fields / Construction of algebraic curves with many rational points over finite fields

Ducet, Virgile

23 September 2013

L'étude du nombre de points rationnels d'une courbe définie sur un corps fini se divise naturellement en deux cas : lorsque le genre est petit (typiquement g<=50), et lorsqu'il tend vers l'infini. Nous consacrons une partie de cette thèse à chacun de ces cas. Dans la première partie de notre étude nous expliquons comment calculer l'équation de n'importe quel revêtement abélien d'une courbe définie sur un corps fini. Nous utilisons pour cela la théorie explicite du corps de classe fournie par les extensions de Kummer et d'Artin-Schreier-Witt. Nous détaillons également un algorithme pour la recherche de bonnes courbes, dont l'implémentation fournit de nouveaux records de nombre de points sur les corps finis d'ordres 2 et 3. Nous étudions dans la seconde partie une formule de trace d'opérateurs de Hecke sur des formes modulaires quaternioniques, et montrons que les courbes de Shimura associées forment naturellement des suites récursives de courbes asymptotiquement optimales sur une extension quadratique du corps de base. Nous prouvons également qu'alors la contribution essentielle en points rationnels est fournie par les points supersinguliers. / The study of the number of rational points of a curve defined over a finite field naturally falls into two cases: when the genus is small (typically g<=50), and when it tends to infinity. We devote one part of this thesis to each of these cases. In the first part of our study, we explain how to compute the equation of any abelian covering of a curve defined over a finite field. For this we use explicit class field theory provided by Kummer and Artin-Schreier-Witt extensions. We also detail an algorithm for the search of good curves, whose implementation provides new records of number of points over the finite fields of order 2 and 3. In the second part, we study a trace formula of Hecke operators on quaternionic modular forms, and we show that the associated Shimura curves of the form naturally form recursive sequences of asymptotically optimal curves over a quadratic extension of the base field. Moreover, we then prove that the essential contribution to the rational points is provided by supersingular points.

Courbes avec beaucoup de points

Théorie explicite du corps de classe

Théorie de Kummer

Vecteurs de Witt

Équations de revêtements abéliens

Courbes de Shimura

Formes modulaires

Opérateurs de Hecke

Points supersinguliers

Tours récursive

Explicit class field theory

Kummer theory

Witt vectors

Equations of abelian coverings

Shimura curves

Modular forms

Hecke operators

Supersingular points

Recursive towers

510