Galois invariant smoothness basis

This text answers a question raised by Joux and the second author about the computation of discrete logarithms in the multiplicative group of finite fields. Given a finite residue field \bK, one looks for a smoothness basis for \bK^* that is left invariant by automorphisms of \bK. For a broad class of finite fields, we manage to construct models that allow such a smoothness basis. This work aims at accelerating discrete logarithm computations in such fields. We treat the cases of codimension one (the linear sieve) and codimension two (the function field sieve)

A usability study of elliptic curves

In the recent years, the need of information security has rapidly increased due to an enormous growth of data transmission. In this thesis, we study the uses of elliptic curves in the cryptography. We discuss the elliptic curves over finite fields, attempts to attack; discrete logarithm, Pollard’s rho algorithm, baby-step giant-step algorithm, Pohlig-Hellman algorithm, function field sieve, and number field sieve. The main cryptographic reason to use elliptic curves over finite fields is to provide arbitrarily large finite cyclic groups having a computationally difficult discrete logarithm problem

Maximal Galois group of L-functions of elliptic curves

We give a quantitative version of a result due to N. Katz about L-functions of elliptic curves over function fields over finite fields. Roughly speaking, Katz's Theorem states that, on average over a suitably chosen algebraic family, the L-function of an elliptic curve over a function field becomes "as irreducible as possible" when seen as a polynomial with rational coefficients, as the cardinality of the field of constants grows. A quantitative refinement is obtained as a corollary of our main result which gives an estimate for the proportion of elliptic curves studied whose L-functions have "maximal" Galois group . To do so we make use of E. Kowalski's idea to apply large sieve methods in algebro-geometric contexts. Besides large sieve techniques, we use results of C. Hall on finite orthogonal monodromy and previous work of the author on orthogonal groups over finite fields.Comment: 20 page

Selecting polynomials for the Function Field Sieve

The Function Field Sieve algorithm is dedicated to computing discrete logarithms in a finite field GF(q^n) , where q is a small prime power. The scope of this article is to select good polynomials for this algorithm by defining and measuring the size property and the so-called root and cancellation properties. In particular we present an algorithm for rapidly testing a large set of polynomials. Our study also explains the behaviour of inseparable polynomials, in particular we give an easy way to see that the algorithm encompass the Coppersmith algorithm as a particular case

Relation collection for the Function Field Sieve

International audienceIn this paper, we focus on the relation collection step of the Function Field Sieve (FFS), which is to date the best known algorithm for computing discrete logarithms in small-characteristic finite fields of cryptographic sizes. Denoting such a finite field by GF(p^n), where p is much smaller than n, the main idea behind this step is to find polynomials of the form a(t)-b(t)x in GF(p)[t][x] which, when considered as principal ideals in carefully selected function fields, can be factored into products of low-degree prime ideals. Such polynomials are called ''relations'', and current record-sized discrete-logarithm computations require billions of them. Collecting relations is therefore a crucial and extremely expensive step in FFS, and a practical implementation thereof requires heavy use of cache-aware sieving algorithms, along with efficient polynomial arithmetic over GF(p)[t]. This paper presents the algorithmic and arithmetic techniques which were put together as part of a new implementation of FFS, aimed at medium- to record-sized computations, and planned for public release in the near future