Computing cardinalities of Q-curve reductions over finite fields

We present a specialized point-counting algorithm for a class of elliptic curves over F\_{p^2} that includes reductions of quadratic Q-curves modulo inert primes and, more generally, any elliptic curve over F\_{p^2} with a low-degree isogeny to its Galois conjugate curve. These curves have interesting cryptographic applications. Our algorithm is a variant of the Schoof--Elkies--Atkin (SEA) algorithm, but with a new, lower-degree endomorphism in place of Frobenius. While it has the same asymptotic asymptotic complexity as SEA, our algorithm is much faster in practice.Comment: To appear in the proceedings of ANTS-XII. Added acknowledgement of Drew Sutherlan

Computing the cardinality of CM elliptic curves using torsion points

Let E be an elliptic curve having complex multiplication by a given quadratic order of an imaginary quadratic field K. The field of definition of E is the ring class field Omega of the order. If the prime p splits completely in Omega, then we can reduce E modulo one the factors of p and get a curve Ep defined over GF(p). The trace of the Frobenius of Ep is known up to sign and we need a fast way to find this sign. For this, we propose to use the action of the Frobenius on torsion points of small order built with class invariants a la Weber, in a manner reminiscent of the Schoof-Elkies-Atkin algorithm for computing the cardinality of a given elliptic curve modulo p. We apply our results to the Elliptic Curve Primality Proving algorithm (ECPP).Comment: Revised and shortened version, including more material using discriminants of curves and division polynomial

Four primality testing algorithms

In this expository paper we describe four primality tests. The first test is very efficient, but is only capable of proving that a given number is either composite or 'very probably' prime. The second test is a deterministic polynomial time algorithm to prove that a given numer is either prime or composite. The third and fourth primality tests are at present most widely used in practice. Both tests are capable of proving that a given number is prime or composite, but neither algorithm is deterministic. The third algorithm exploits the arithmetic of cyclotomic fields. Its running time is almost, but not quite polynomial time. The fourth algorithm exploits elliptic curves. Its running time is difficult to estimate, but it behaves well in practice.Comment: 21 page

On Taking Square Roots without Quadratic Nonresidues over Finite Fields

We present a novel idea to compute square roots over finite fields, without being given any quadratic nonresidue, and without assuming any unproven hypothesis. The algorithm is deterministic and the proof is elementary. In some cases, the square root algorithm runs in $\tilde{O}(\log^2 q)$ bit operations over finite fields with $q$ elements. As an application, we construct a deterministic primality proving algorithm, which runs in $\tilde{O}(\log^3 N)$ for some integers $N$.Comment: 14 page

Linearizing torsion classes in the Picard group of algebraic curves over finite fields

We address the problem of computing in the group of $\ell^k$-torsion rational points of the jacobian variety of algebraic curves over finite fields, with a view toward computing modular representations.Comment: To appear in Journal of Algebr