Halving for the 2-Sylow subgroup of genus 2 curves over binary fields

AbstractWe give a deterministic polynomial time algorithm to find the structure of the 2-Sylow subgroup of the Jacobian of a genus 2 curve over a finite field of characteristic 2. Our procedure starts with the points of order 2 and then performs a chain of successive halvings while such an operation makes sense. The stopping condition is triggered when certain polynomials fail to have roots in the base field, as previously shown by I. Kitamura, M. Katagi and T. Takagi. The structure of our algorithm is similar to the already known case of genus 1 and odd characteristic

A Geometric Interpretation of Reduction in the Jacobians of C ab Curves

In this paper, we show that the reduction of divisors in the Jacobian of a curve $C$ can be performed by considering the intersections of a suitable projective model of $C$ with quadrics in projective space. We apply this idea to certain projective model of elliptic and hyperelliptic curves on one hand, and to the canonical model of $C_{ab}$ curves on the other hand, and we generalize (and recover) some well known algorithms

Discrete logarithms in curves over finite fields

A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

Cryptanalysis of McEliece Cryptosystem Based on Algebraic Geometry Codes and their subcodes

We give polynomial time attacks on the McEliece public key cryptosystem based either on algebraic geometry (AG) codes or on small codimensional subcodes of AG codes. These attacks consist in the blind reconstruction either of an Error Correcting Pair (ECP), or an Error Correcting Array (ECA) from the single data of an arbitrary generator matrix of a code. An ECP provides a decoding algorithm that corrects up to $\frac{d^*-1-g}{2}$ errors, where $d^*$ denotes the designed distance and $g$ denotes the genus of the corresponding curve, while with an ECA the decoding algorithm corrects up to $\frac{d^*-1}{2}$ errors. Roughly speaking, for a public code of length $n$ over $\mathbb F_q$, these attacks run in $O(n^4\log (n))$ operations in $\mathbb F_q$ for the reconstruction of an ECP and $O(n^5)$ operations for the reconstruction of an ECA. A probabilistic shortcut allows to reduce the complexities respectively to $O(n^{3+\varepsilon} \log (n))$ and $O(n^{4+\varepsilon})$. Compared to the previous known attack due to Faure and Minder, our attack is efficient on codes from curves of arbitrary genus. Furthermore, we investigate how far these methods apply to subcodes of AG codes.Comment: A part of the material of this article has been published at the conferences ISIT 2014 with title "A polynomial time attack against AG code based PKC" and 4ICMCTA with title "Crypt. of PKC that use subcodes of AG codes". This long version includes detailed proofs and new results: the proceedings articles only considered the reconstruction of ECP while we discuss here the reconstruction of EC