Discrete logarithms in curves over finite fields

A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

Computational Arithmetic Geometry I: Sentences Nearly in the Polynomial Hierarchy

We consider the average-case complexity of some otherwise undecidable or open Diophantine problems. More precisely, consider the following: (I) Given a polynomial f in Z[v,x,y], decide the sentence \exists v \forall x \exists y f(v,x,y)=0, with all three quantifiers ranging over N (or Z). (II) Given polynomials f_1,...,f_m in Z[x_1,...,x_n] with m>=n, decide if there is a rational solution to f_1=...=f_m=0. We show that, for almost all inputs, problem (I) can be done within coNP. The decidability of problem (I), over N and Z, was previously unknown. We also show that the Generalized Riemann Hypothesis (GRH) implies that, for almost all inputs, problem (II) can be done via within the complexity class PP^{NP^NP}, i.e., within the third level of the polynomial hierarchy. The decidability of problem (II), even in the case m=n=2, remains open in general. Along the way, we prove results relating polynomial system solving over C, Q, and Z/pZ. We also prove a result on Galois groups associated to sparse polynomial systems which may be of independent interest. A practical observation is that the aforementioned Diophantine problems should perhaps be avoided in the construction of crypto-systems.Comment: Slight revision of final journal version of an extended abstract which appeared in STOC 1999. This version includes significant corrections and improvements to various asymptotic bounds. Needs cjour.cls to compil

Solving Degenerate Sparse Polynomial Systems Faster

Consider a system F of n polynomial equations in n unknowns, over an algebraically closed field of arbitrary characteristic. We present a fast method to find a point in every irreducible component of the zero set Z of F. Our techniques allow us to sharpen and lower prior complexity bounds for this problem by fully taking into account the monomial term structure. As a corollary of our development we also obtain new explicit formulae for the exact number of isolated roots of F and the intersection multiplicity of the positive-dimensional part of Z. Finally, we present a combinatorial construction of non-degenerate polynomial systems, with specified monomial term structure and maximally many isolated roots, which may be of independent interest.Comment: This is the final journal version of math.AG/9702222 (``Toric Generalized Characteristic Polynomials''). This final version is a major revision with several new theorems, examples, and references. The prior results are also significantly improve