Security Estimates for Quadratic Field Based Cryptosystems

We describe implementations for solving the discrete logarithm problem in the class group of an imaginary quadratic field and in the infrastructure of a real quadratic field. The algorithms used incorporate improvements over previously-used algorithms, and extensive numerical results are presented demonstrating their efficiency. This data is used as the basis for extrapolations, used to provide recommendations for parameter sizes providing approximately the same level of security as block ciphers with $80,$ $112,$ $128,$ $192,$ and $256$-bit symmetric keys

A Generic Approach to Searching for Jacobians

We consider the problem of finding cryptographically suitable Jacobians. By applying a probabilistic generic algorithm to compute the zeta functions of low genus curves drawn from an arbitrary family, we can search for Jacobians containing a large subgroup of prime order. For a suitable distribution of curves, the complexity is subexponential in genus 2, and O(N^{1/12}) in genus 3. We give examples of genus 2 and genus 3 hyperelliptic curves over prime fields with group orders over 180 bits in size, improving previous results. Our approach is particularly effective over low-degree extension fields, where in genus 2 we find Jacobians over F_{p^2) and trace zero varieties over F_{p^3} with near-prime orders up to 372 bits in size. For p = 2^{61}-1, the average time to find a group with 244-bit near-prime order is under an hour on a PC.Comment: 22 pages, to appear in Mathematics of Computatio

Discrete logarithms in curves over finite fields

A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

The renormalized ϕ44\phi^4_4-trajectory by perturbation theory in the running coupling

We compute the renormalized trajectory of $\phi^4_4$-theory by perturbation theory in a running coupling. We introduce an iterative scheme without reference to a bare action. The expansion is proved to be finite to every order of perturbation theory.Comment: 23 pages LaTeX, Large momentum bound correcte

Constructive homomorphisms for classical groups

Let Omega be a quasisimple classical group in its natural representation over a finite vector space V, and let Delta be its normaliser in the general linear group. We construct the projection from Delta to Delta/Omega and provide fast, polynomial-time algorithms for computing the image of an element. Given a discrete logarithm oracle, we also represent Delta/Omega as a group with at most 3 generators and 6 relations. We then compute canonical representatives for the cosets of Omega. A key ingredient of our algorithms is a new, asymptotically fast method for constructing isometries between spaces with forms. Our results are useful for the matrix group recognition project, can be used to solve element conjugacy problems, and can improve algorithms to construct maximal subgroups

Subquadratic computation of vector generating polynomials and improvement of the block Wiedemann algorithm

This paper describes a new algorithm for computing linear generators (vector generating polynomials) for matrix sequences, running in sub-quadratic time. This algorithm applies in particular to the sequential stage of Coppersmith's block Wiedemann algorithm. Experiments showed that our method can be substituted in place of the quadratic one proposed by Coppersmith, yielding important speedups even for realistic matrix sizes. The base fields we were interested in were finite fields of large characteristic. As an example, we have been able to compute a linear generator for a sequence of 4*4 matrices of length 242 304 defined over GF(2^607) in less than two days on one 667MHz alpha ev67 cpu