Discrete logarithms in curves over finite fields

A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

The arithmetic of Jacobian groups of superelliptic cubics

International audienceWe present two algorithms for the arithmetic of cubic curves with a totally ramified prime at infinity. The first algorithm, inspired by Cantor's reduction for hyperelliptic curves, is easily implemented with a few lines of code, making use of a polynomial arithmetic package. We prove explicit reducedness criteria for superelliptic curves of genus 3 and 4, which show the correctness of the algorithm. The second approach, quite general in nature and applicable to further classes of curves, uses the FGLM algorithm for switching between Gröbner bases for different orderings. Carrying out the computations symbolically, we obtain explicit reduction formulae in terms of the input data

A Generic Approach to Searching for Jacobians

We consider the problem of finding cryptographically suitable Jacobians. By applying a probabilistic generic algorithm to compute the zeta functions of low genus curves drawn from an arbitrary family, we can search for Jacobians containing a large subgroup of prime order. For a suitable distribution of curves, the complexity is subexponential in genus 2, and O(N^{1/12}) in genus 3. We give examples of genus 2 and genus 3 hyperelliptic curves over prime fields with group orders over 180 bits in size, improving previous results. Our approach is particularly effective over low-degree extension fields, where in genus 2 we find Jacobians over F_{p^2) and trace zero varieties over F_{p^3} with near-prime orders up to 372 bits in size. For p = 2^{61}-1, the average time to find a group with 244-bit near-prime order is under an hour on a PC.Comment: 22 pages, to appear in Mathematics of Computatio

A Geometric Interpretation of Reduction in the Jacobians of C ab Curves

In this paper, we show that the reduction of divisors in the Jacobian of a curve $C$ can be performed by considering the intersections of a suitable projective model of $C$ with quadrics in projective space. We apply this idea to certain projective model of elliptic and hyperelliptic curves on one hand, and to the canonical model of $C_{ab}$ curves on the other hand, and we generalize (and recover) some well known algorithms

An extension of Kedlaya's algorithm for hyperelliptic curves

In this paper we describe a generalisation and adaptation of Kedlaya's algorithm for computing the zeta function of a hyperelliptic curve over a finite field of odd characteristic that the author used for the implementation of the algorithm in the Magma library. We generalise the algorithm to the case of an even degree model. We also analyse the adaptation of working with the $x^idx/y^3$ rather than the $x^idx/y$ differential basis. This basis has the computational advantage of always leading to an integral transformation matrix whereas the latter fails to in small genus cases. There are some theoretical subtleties that arise in the even degree case where the two differential bases actually lead to different redundant eigenvalues that must be discarded.Comment: v3: some minor changes and addition of a reference to a paper by Theo van den Bogaar