Group law computations on Jacobians of hyperelliptic curves

We derive an explicit method of computing the composition step in Cantor’s algorithm for group operations on Jacobians of hyperelliptic curves. Our technique is inspired by the geometric description of the group law and applies to hyperelliptic curves of arbitrary genus. While Cantor’s general composition involves arithmetic in the polynomial ring F_q[x], the algorithm we propose solves a linear system over the base field which can be written down directly from the Mumford coordinates of the group elements. We apply this method to give more efficient formulas for group operations in both affine and projective coordinates for cryptographic systems based on Jacobians of genus 2 hyperelliptic curves in general form

Discrete logarithms in curves over finite fields

A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

A Generic Approach to Searching for Jacobians

We consider the problem of finding cryptographically suitable Jacobians. By applying a probabilistic generic algorithm to compute the zeta functions of low genus curves drawn from an arbitrary family, we can search for Jacobians containing a large subgroup of prime order. For a suitable distribution of curves, the complexity is subexponential in genus 2, and O(N^{1/12}) in genus 3. We give examples of genus 2 and genus 3 hyperelliptic curves over prime fields with group orders over 180 bits in size, improving previous results. Our approach is particularly effective over low-degree extension fields, where in genus 2 we find Jacobians over F_{p^2) and trace zero varieties over F_{p^3} with near-prime orders up to 372 bits in size. For p = 2^{61}-1, the average time to find a group with 244-bit near-prime order is under an hour on a PC.Comment: 22 pages, to appear in Mathematics of Computatio

Computing isogenies between Jacobian of curves of genus 2 and 3

We present a quasi-linear algorithm to compute isogenies between Jacobians of curves of genus 2 and 3 starting from the equation of the curve and a maximal isotropic subgroup of the l-torsion, for l an odd prime number, generalizing the V\'elu's formula of genus 1. This work is based from the paper "Computing functions on Jacobians and their quotients" of Jean-Marc Couveignes and Tony Ezome. We improve their genus 2 case algorithm, generalize it for genus 3 hyperelliptic curves and introduce a way to deal with the genus 3 non-hyperelliptic case, using algebraic theta functions.Comment: 34 page

On Using Expansions to the Base of -2

This short note investigates the effects of using expansions to the base of -2. The main applications we have in mind are cryptographic protocols, where the crucial operation is computation of scalar multiples. For the recently proposed groups arising from Picard curves this leads to a saving of at least 7% for the computation of an m-fold. For more general non-hyperelliptic genus 3 curves we expect a larger speed-up.Comment: 5 page

Examples of CM curves of genus two defined over the reflex field

In "Proving that a genus 2 curve has complex multiplication", van Wamelen lists 19 curves of genus two over $\mathbf{Q}$ with complex multiplication (CM). For each of the 19 curves, the CM-field turns out to be cyclic Galois over $\mathbf{Q}$. The generic case of non-Galois quartic CM-fields did not feature in this list, as the field of definition in that case always contains a real quadratic field, known as the real quadratic subfield of the reflex field. We extend van Wamelen's list to include curves of genus two defined over this real quadratic field. Our list therefore contains the smallest "generic" examples of CM curves of genus two. We explain our methods for obtaining this list, including a new height-reduction algorithm for arbitrary hyperelliptic curves over totally real number fields. Unlike Van Wamelen, we also give a proof of our list, which is made possible by our implementation of denominator bounds of Lauter and Viray for Igusa class polynomials.Comment: 31 pages; Updated some reference

Hyperelliptic Theta-Functions and Spectral Methods: KdV and KP solutions

This is the second in a series of papers on the numerical treatment of hyperelliptic theta-functions with spectral methods. A code for the numerical evaluation of solutions to the Ernst equation on hyperelliptic surfaces of genus 2 is extended to arbitrary genus and general position of the branch points. The use of spectral approximations allows for an efficient calculation of all characteristic quantities of the Riemann surface with high precision even in almost degenerate situations as in the solitonic limit where the branch points coincide pairwise. As an example we consider hyperelliptic solutions to the Kadomtsev-Petviashvili and the Korteweg-de Vries equation. Tests of the numerics using identities for periods on the Riemann surface and the differential equations are performed. It is shown that an accuracy of the order of machine precision can be achieved.Comment: 16 pages, 8 figure