Encoding points on hyperelliptic curves over finite fields in deterministic polynomial time

We present families of (hyper)elliptic curve which admit an efficient deterministic encoding function

Efficient arithmetic on elliptic curves in characteristic 2

International audienceWe present normal forms for elliptic curves over a field of characteristic 2 analogous to Edwards normal form, and determine bases of addition laws, which provide strikingly simple expressions for the group law. We deduce efficient algorithms for point addition and scalar multiplication on these forms. The resulting algorithms apply to any elliptic curve over a field of characteristic 2 with a 4-torsion point, via an isomorphism with one of the normal forms. We deduce algorithms for duplication in time $2M + 5S + 2m_c$ and for addition of points in time $7M + 2S$, where $M$ is the cost of multiplication, $S$ the cost of squaring , and $m_c$ the cost of multiplication by a constant. By a study of the Kummer curves $\mathcal{K} = E/\{\pm1]\}$, we develop an algorithm for scalar multiplication with point recovery which computes the multiple of a point P with $4M + 4S + 2m_c + m_t$ per bit where $m_t$ is multiplication by a constant that depends on $P$

INJECTIVE ENCODINGS TO ELLIPTIC CURVES

Abstract. We investigate the problem of constructing efficient, efficiently invertible injective maps with large image to the set of rational points of an elliptic curve over a finite field, and obtain an essentially optimal solution for a large families of curves, including all Edwards curves with a complete addition law. 1

Hashing into Hessian curves

We describe a hashing function from the elements of the finite field double-struck Fq into points on a Hessian curve. Our function features the uniform and smaller size for the cardinalities of almost all fibers compared with the other known hashing functions for elliptic curves. For ordinary Hessian curves, this function is 2:1 for almost all points. More precisely, for odd q, the cardinality of the image set of the function is exactly given by (q + i + 2)/2 for some i = - 1,1. Next, we present an injective hashing function from the elements of ℤm into points on a Hessian curve over double-struck Fq with odd q and m = (q + i)/2 for some i = - 1,1,3.12 page(s

Efficient arithmetic on elliptic curves over fields of characteristic three

This paper presents new explicit formulae for the point doubling, tripling and addition for ordinary Weierstraß elliptic curves with a point of order 3 and their equivalent Hessian curves over finite fields of characteristic three. The cost of basic point operations is lower than that of all previously proposed ones. The new doubling, mixed addition and tripling formulae in projective coordinates require 3M + 2C, 8M + 1C + 1D and 4M + 4C + 1D respectively, where M, C and D is the cost of a field multiplication, a cubing and a multiplication by a constant. Finally, we present several examples of ordinary elliptic curves in characteristic three for high security levels

Extractors for Jacobian of hyperelliptic curves of genus 2 in odd characteristic

We propose two simple and efficient deterministic extractors for J(Fq), the Jacobian of a genus 2 hyperelliptic curve H defined over Fq, for some odd q. Our first extractor, SEJ, called sum extractor, for a given point D on J(Fq), outputs the sum of abscissas of rational points on H in the support of D, considering D as a reduced divisor. Similarly the second extractor, PEJ, called product extractor, for a given point D on the J(Fq), outputs the product of abscissas of rational points in the support of D. Provided that the point D is chosen uniformly at random in J(Fq), the element extracted from the point D is indistinguishable from a uniformly random variable in Fq. Thanks to the Kummer surface K, that is associated to the Jacobian of H over Fq, we propose the sum and product extractors, SEK and PEK, for K(Fq). These extractors are the modified versions of the extractors SEJ and PEJ. Provided a point K is chosen uniformly at random in K, the element extracted from the point K is statistically close to a uniformly random variable in Fq.23 page(s