Filters








20 Hits in 4.8 sec

Challenges with Assessing the Impact of NFS Advances on the Security of Pairing-Based Cryptography [chapter]

Alfred Menezes, Palash Sarkar, Shashank Singh
2017 Lecture Notes in Computer Science  
This article presents a concise overview of these algorithms and discusses some of the challenges with assessing their impact on keylengths for pairing-based cryptosystems.  ...  In the past two years there have been several advances in Number Field Sieve (NFS) algorithms for computing discrete logarithms in finite fields Fpn where p is prime and n > 1 is a small integer.  ...  Acknowledgements We thank the referees for their comments which helped improve the presentation of the paper.  ... 
doi:10.1007/978-3-319-61273-7_5 fatcat:jefi5xpxljhi5mqpoxygpowume

The Past, Evolving Present, and Future of the Discrete Logarithm [chapter]

Antoine Joux, Andrew Odlyzko, Cécile Pierrot
2014 Open Problems in Mathematics and Computational Science  
In particular, this is the case for the multiplicative groups of finite fields with medium to large characteristic and for the additive group of a general elliptic curve.  ...  The first practical public key cryptosystem ever published, the Diffie-Hellman key exchange algorithm, relies for its security on the assumption that discrete logarithms are hard to compute.  ...  , for example, on hyperelliptic curves.  ... 
doi:10.1007/978-3-319-10683-0_2 fatcat:ykp3rhh2lnhn5ml4otrrfszoii

Rigorous analysis of a randomised number field sieve

Jonathan D. Lee, Ramarathnam Venkatesan
2018 Journal of Number Theory  
The Number Field Sieve (NFS) introduced circa 1990, is still the state of the art algorithm, but no rigorous proof that it halts or generates relationships is known.  ...  For each n, we show that these randomised variants of the NFS and Coppersmith's multiple polynomial sieve find congruences of squares in expected times matching the best-known heuristic estimates.  ...  For technical reasons, we instead use the somewhat more complex Hyperelliptic Curve Method, which works on the Jacobian of a hyperelliptic curve in place of an elliptic curve.  ... 
doi:10.1016/j.jnt.2017.10.019 fatcat:obo7prjivbfrnnqfiickimwqm4

Examples of CM curves of genus two defined over the reflex field

Florian Bouyer, Marco Streng
2015 LMS Journal of Computation and Mathematics  
Our list therefore contains the smallest 'generic' examples of CM curves of genus two.We explain our methods for obtaining this list, including a new height-reduction algorithm for arbitrary hyperelliptic  ...  Comp.68 (1999) no. 225, 307–320] lists 19 curves of genus two over$\mathbf{Q}$with complex multiplication (CM).  ...  The authors would like to thank Bill Hart for his help with the factoring software GMP-ECM and CADO-NFS, Jeroen Sijsling for useful discussions about models and invariants, Damiano Testa as advisor of  ... 
doi:10.1112/s1461157015000121 fatcat:oni5ascyg5b6lgzvje6kvf3o4m

Non-uniform Cracks in the Concrete: The Power of Free Precomputation [chapter]

Daniel J. Bernstein, Tanja Lange
2013 Lecture Notes in Computer Science  
There is a flaw in the standard security definitions used in the literature on provable concrete security.  ...  The definitions are frequently conjectured to assign a security level of 2 128 to AES, the NIST P-256 elliptic curve, DSA-3072, RSA-3072, and various higher-level protocols, but they actually assign a  ...  Koblitz and Menezes in [32] recently considered the family of attacks D s .  ... 
doi:10.1007/978-3-642-42045-0_17 fatcat:eh677w5xbbcfnlfq25642mfeyq

Explicit Methods in Number Theory

Henri Cohen, Hendrik Lenstra, Jr., Don Zagier
2005 Oberwolfach Reports  
These notes contain extended abstracts on the topic of explicit methods in number theory.  ...  The range of topics included modular forms, varieties over finite fields, rational and integral points on varieties, class groups, and integer factorization.  ...  This only depends on the d f l values as above. The effort to identify good pairs among the d l f polynomial pairs considered above is O(d l 2 log d).  ... 
doi:10.4171/owr/2005/32 fatcat:c7bvrqbu3zc25hwv7j2xkkvtq4

Remodeling the B-Model

Vincent Bouchard, Albrecht Klemm, Marcos Mariño, Sara Pasquetti
2008 Communications in Mathematical Physics  
The formalism is based on the recursive solution of matrix models recently proposed by Eynard and Orantin. The resulting amplitudes are non-perturbative in both the closed and the open moduli.  ...  We also use our formalism to predict the disk amplitude for the orbifold C^3/Z_3.  ...  The work of S.P. was partly supported by the Swiss National Science Foundation and by the European Commission under contracts MRTN-CT-2004-005104.  ... 
doi:10.1007/s00220-008-0620-4 fatcat:kvbi5jt2cjahdm53eeipi5rvje

Finiteness theorems on elliptical billiards and a variant of the Dynamical Mordell-Lang Conjecture [article]

Pietro Corvaja, Umberto Zannier
2021 arXiv   pre-print
Another instance is the finiteness of the billiard shots which send a given ball into another one so that this falls eventually in a hole.  ...  For instance, if two players hit a ball at a given position and with directions forming a fixed angle in (0,π), there are only finitely many cases for both trajectories being periodic.  ...  Then the equation becomes of the form Q(m) = nF (m) for polynomials Q(X), F (X) with deg Q ≤ 2, deg F ≤ 1.  ... 
arXiv:2103.11347v2 fatcat:63tc47p5fzf7zia4nt7x6ps6om

The annual meeting of the society

W. M. Whyburn
1951 Bulletin of the American Mathematical Society  
If the irreducible canonical system on a regular algebraic surface of genera py-pa^p, p( l)~n -\-l, consists of hyperelliptic curves, it has n--2p+4: simple base points on a model free from exceptional  ...  of the boundary functions and on the smoothness of the boundary curve.  ...  Reserves held in accounts "Reserve for Investment Losses" ($4,386) and "Profit on Sales of Securities" ($18,168) may still be considered adequate protection against contingent depreciation in market value  ... 
doi:10.1090/s0002-9904-1951-09479-3 fatcat:gv6o2ywuyjgtvoukqa4advbtd4

On the Analysis of Public-Key Cryptologic Algorithms

Andrea Miele
2015
−1 < n < 2 N ) on the four (modified) curves we consider in this work.  ...  a collection of pairs of integers (a, b) that results from NFS sieving for one or more special primes.  ...  Each row contains a value d , the class number h −d of the imaginary quadratic field Q( −d ) with discriminant −d , the root used (commonly referred to as the j -invariant), the elliptic curve E = E a,  ... 
doi:10.5075/epfl-thesis-6603 fatcat:kijyxks7kvagtc7rj4lr6qreiu

Algorithms and Number Theory

J Buhler, Berkeley, H Niederreiter, M Pohst, Berlin
2001 unpublished
The use of elliptic curves in cryptography seems to be well understood by now, and the focus is on speeding up the algorithms, whereas the research on the use of hyper-elliptic curves is more focused on  ...  There has also been continuing interest in cryptography, and this year almost a third of the talks were on algebraic curves, most with an eye to applications in cryptography.  ...  Independence of Rational Points on Hyperelliptic Curves Michael Stoll Consider the following question. Let C/Q : y 2 = f (x) be a hyperelliptic curve of genus g ≥ 2, and let J denote its Jacobian.  ... 
fatcat:t6xjky6c3bhipnu7mtz5glbf7m

Matrix Model Superpotentials and Calabi-Yau Spaces: an ADE Classification [article]

Carina Curto
2005 arXiv   pre-print
We find that ADE superpotentials in the Intriligator--Wecht classification exactly match matrix model superpotentials obtained from Calabi-Yau's with corresponding ADE singularities.  ...  To obtain these results we develop techniques for performing small resolutions and small blow-downs, including an algorithm for blowing down exceptional ^1's.  ...  Here we briefly sketch the rudiments of the hermitian one-matrix model, and show the emergence of the hyperelliptic curve which geometrically encodes the solution.  ... 
arXiv:math/0505111v1 fatcat:i6dwdovzpfakpbefjcc4rv2nsa

Endomorphism rings in cryptography [article]

Bisson, G (Gaëtan), Lange, T (Tanja), Gaudry, P (Pierrick)
2011
For instance, many featureful cryptographic schemes have recently been enabled by pairings; to make these schemes pra ical, abelian varieties endowed with efficient pairings must be generated.  ...  "More discriminants with the Brezing-Weng method". "Computing the endomorphism ring of an ordinary elliptic curve over a nite eld".  ...  More precisely, this length can essentially be quadratic if we require that the runtime of the generation algorithm be bounded under the generalized Riemann hypothesis (via eorem ..), or linear if  ... 
doi:10.6100/ir714676 fatcat:jaubmqut55b43kmzqujncrr6ce

Lifts of Hilbert modular forms and application to modularity of abelian varieties [article]

Clifton Cunningham, Lassina Dembélé
2017 arXiv   pre-print
We then use those lifts to provide evidence for a conjecture of Gross on the modularity of abelian varieties not of GL_2-type.  ...  In this paper, we prove the existence of certain lifts of Hilbert cusp forms to general odd spin groups.  ...  Voight for allowing us to use their algorithm for computing endomorphism rings of abelian varieties, and for kindly providing us with a preliminary version of  ... 
arXiv:1705.03054v1 fatcat:ur24bo5hanagbelbcpc7groysa

14th Meeting of the Canadian Number Theory Association [article]

(:Unkn) Unknown, University Of Calgary
2019
To advance these goals, the CNTA organizes bi-annual conferences that showcase new research in number theory, with the aim of exposing Canadian and international students and researchers to the latest  ...  An exceptional scholar and Professor Emeritus at the University of Calgary, Richard's numerous and outstanding contributions to number theory have had a lasting impact on the field, and his collection  ...  Stoll recently computed an explicit embedding of the Kummer variety of genus three hyperelliptic curves, together with a theory of heights.  ... 
doi:10.11575/prism/36513 fatcat:nblta3bmtnac7abeps4vptl6ay
« Previous Showing results 1 — 15 out of 20 results