Meng Zhang,Xuehong Chen,Maozhi Xu,Jie Wang

DOI: https://doi.org/10.1007/978-981-15-2777-7_5

2019-01-01

Abstract:Since Boneh and Franklin implemented the Identity Based Encryption in 2001, a number of novel schemes have been proposed based on bilinear pairings, which have been widely used in the scenario of blockchain. The elliptic curves with low embedding degree and large prime-order subgroup (a.k.a pairing-friendly elliptic curves) are the basic components for such schemes, where prime order elliptic curves are most frequently used in practice. In this paper, a systematic method is utilized to find all the possible prime order families, then it is shown that all the existing constructions can be explained via our method. We further give the evidence that it's unlikely to produce extra families.

Chen Shan,Zhang Xushen,Wang Kunpeng,Lin Dongdai

IF: 1.019

2014-01-01

Chinese Journal of Electronics

Abstract:In this paper, we depict in detail six subfamilies of implementation-friendly Barreto-Naehrig (EN) elliptic curves by choosing six special congruency classes of the curve-finding search parameter. These curves have small curve constants, support efficient tower extension options of finite field required in fast pairing implementation and have obvious generators for the bilinear cycle group G(1). The detailed description will supply the implementor with more choices of suitable BN curves.

Kefeng Liu,Jie Tu

DOI: https://doi.org/10.4310/ajm.2018.v22.n5.a3

2018-01-01

Asian Journal of Mathematics

Abstract:We study the holomorphic family of pairs {(X-t, E-t)} by the calculation of Kuranishi data on {E-t}, where each E-t is a holomorphic vector bundle over the compact complex manifold X-t. The splitting of holomorphic cotangent bundle over E-0 via any integrable connection decomposes the Kuranishi data into the horizontal part and the vertical part. The horizontal part is the Kursnishi data of base family {X-t}. When the vertical part is vanishing under the decomposition by a Nakano semi-positive Chern connection del, i.e. {(X-t, E-t)} is lifting from base family {X-t} via del, we get a infinitesimal extension of (partial derivative) over bar -closed bundle valued (n, q)-form by the recursive method.

Maciej Grześkowiak

2024-09-30

Abstract:Miyaji, Nakabayashi, and Takano proposed the algorithm for the construction of prime order pairing-friendly elliptic curves with embedding degrees $k=3,4,6$. We present a method for generating generalized MNT curves. The order of such pairing-friendly curves is the product of two prime numbers.

Cryptography and Security,Number Theory

Raghda Abdellatif

2024-10-05

Abstract:We construct three families of pairs of genus 2 curves over a field K, whose Jacobians are isomorphic as unpolarized abelian varieties. Each family is parameterized by an open subset of the Projective line over K. Our construction is based on a remark in a paper by Howe. Later, we describe an obstruction to perusing the same technique over Q.

Algebraic Geometry

Xusheng Zhang,Dongdai Lin

DOI: https://doi.org/10.1007/978-3-642-25516-8_19

2011-01-01

Abstract:In pairing-based cryptography, most researches are focused on elliptic curves of embedding degrees greater than six, but less on curves of small embedding degrees, although they are important for pairing-based cryptography over composite-order groups. This paper analyzes efficient pairings on ordinary elliptic curves of embedding degree 1 and 2 from the point of shortening Miller's loop. We first show that pairing lattices presented by Hess can be redefined on composite-order groups. Then we give a simpler variant of the Weil pairing lattice which can also be regarded as an Omega pairing lattice, and extend it to ordinary curves of embedding degree 1. In our analysis, the optimal Omega pairing, as the super-optimal pairing on elliptic curves of embedding degree 1 and 2, could be more efficient than Weil and Tate pairings. On the other hand, elliptic curves of embedding degree 2 are also very useful for pairings on elliptic curves over RSA rings proposed by Galbraith and McKee. So we analyze the construction of such curves over RSA rings, and redefine pairing lattices over RSA rings. Specially, modified Omega pairing lattices over RSA rings can be computed without knowing the RSA trapdoor. Furthermore, for keeping the trapdoor secret, we develop an original idea of evaluating pairings without leaking the group order.

Katherine E. Stange

2024-06-24

Abstract:Let $E$ be an elliptic curve with complex multiplication by a ring $R$, where $R$ is an order in an imaginary quadratic field or quaternion algebra. We define sesquilinear pairings ($R$-linear in one variable and $R$-conjugate linear in the other), taking values in an $R$-module, generalizing the Weil and Tate-Lichtenbaum pairings.

Number Theory,Algebraic Geometry

Barinder S.Banwait,Armand Brumer,Hyun Jong Kim,Zev Klagsbrun,Jacob Mayle,Padmavathi Srinivasan,Isabel Vogt

2023-07-10

Abstract:For a genus $2$ curve $C$ over $\mathbb{Q}$ whose Jacobian $A$ admits only trivial geometric endomorphisms, Serre's open image theorem for abelian surfaces asserts that there are only finitely many primes $\ell$ for which the Galois action on $\ell$-torsion points of $A$ is not maximal. Building on work of Dieulefait, we give a practical algorithm to compute this finite set. The key inputs are Mitchell's classification of maximal subgroups of $\mathrm{PSp_4}(\mathbb{F}_\ell)$, sampling of the characteristic polynomials of Frobenius, and the Khare--Wintenberger modularity theorem. The algorithm has been submitted for integration into Sage, executed on all of the genus~$2$ curves with trivial endomorphism ring in the LMFDB, and the results incorporated into the homepage of each such curve.

Number Theory

Jonathan Love,Dan Boneh

DOI: https://doi.org/10.48550/arXiv.1910.03180

2020-06-24

Abstract:We introduce a special class of supersingular curves over $\mathbb{F}_{p^2}$, characterized by the existence of non-integer endomorphisms of small degree. A number of properties of this set is proved. Most notably, we show that when this set partitions into subsets in such a way that curves within each subset have small-degree isogenies between them, but curves in distinct subsets have no small-degree isogenies between them. Despite this, we show that isogenies between these curves can be computed efficiently, giving a technique for computing isogenies between certain prescribed curves that cannot be reasonably connected by searching on $\ell$-isogeny graphs.

Number Theory,Cryptography and Security

François Brunault,Rob de Jeu,Hang Liu,Fernando Rodriguez Villegas

2024-01-09

Abstract:We give two constructions of families of elliptic curves over cubic or quartic fields with three, respectively four, `integral' elements in the kernel of the tame symbol on the curves. The fields are in general non-Abelian, and the elements linearly independent. For their integrality, we prove a new criterion that does not ignore any torsion. We also verify Beilinson's conjecture numerically for just over 90 of the curves.

Number Theory,Algebraic Geometry,K-Theory and Homology

Yukako Kezuka,Yongxiong Li

DOI: https://doi.org/10.4171/dm/795

2020-01-01

Documenta mathematica

Abstract:We study elliptic curves of the form x(3) + y(3) = 2p and x(3) + y(3) = 2p(2) where p is any odd prime satisfying p equivalent to 2 mod 9 or p equivalent to 5 mod 9. We first show that the 3-part of the Birch-Swinnerton-Dyer conjecture holds for these curves. Then we relate their 2-Selmer group to the 2-rank of the ideal class group of Q((3)root p) to obtain some examples of elliptic curves with rank one and non-trivial 2-part of the Tate-Shafarevich group.

Stéphane Ballet,Robert Rolland

DOI: https://doi.org/10.48550/arXiv.0906.5432

2009-06-30

Number Theory

Abstract:We study and explicitly construct some families of asymptotically exact sequences of algebraic function fields. It turns out that these families have an asymptotical class number widely greater than the general Lachaud - Martin-Deschamps bounds. We emphasize that we obtain asymptotically exact sequences of algebraic function fields over any finite field $\F_q$, in particular when $q$ is not a square and that these sequences are dense towers.

Michael Scott,Naomi Benger,Manuel Charlemagne,Luis J. Dominguez Perez,Ezekiel J. Kachisa

DOI: https://doi.org/10.1007/978-3-642-03298-1_6

2009-01-01

Abstract:When performing a Tate pairing (or a derivative thereof) on an ordinary pairing-friendly elliptic curve, the computation can be looked at as having two stages, the Miller loop and the so-called final exponentiation. As a result of good progress being made to reduce the Miller loop component of the algorithm (particularly with the discovery of "truncated loop" pairings like the R-ate pairing [18]), the final exponentiation has become a more significant component of the overall calculation. Here we exploit the structure of pairing-friendly elliptic curves to reduce to a minimum the computation required for the final exponentiation.

Sun Woo Park

2024-09-16

Abstract:Fix a prime number $p$. Let $\mathbb{F}_q$ be a finite field of characteristic coprime to 2, 3, and $p$, which also contains the primitive $p$-th root of unity $\mu_p$. Based on the works by Swinnerton-Dyer and Klagsbrun, Mazur, and Rubin, we prove that the probability distribution of the sizes of prime Selmer groups over a family of cyclic prime twists of non-isotrivial elliptic curves over $\mathbb{F}_q(t)$ satisfying a number of mild constraints conforms to the distribution conjectured by Bhargava, Kane, Lenstra, Poonen, and Rains with explicit error bounds. The key tools used in proving these results are the Riemann hypothesis over global function fields, the Erdös-Kac theorem, and the geometric ergodicity of Markov chains.

Number Theory,Probability

Xusheng Zhang,Kunpeng Wang,Dongdai Lin

DOI: https://doi.org/10.1007/978-3-642-36334-4_1

2012-01-01

Abstract:In implementation of elliptic curve cryptography, three kinds of finite fields have been widely studied, i.e. prime field, binary field and optimal extension field. In pairing-based cryptography, however, pairing-friendly curves are usually chosen among ordinary curves over prime fields and supersingular curves over extension fields with small characteristics. In this paper, we study pairings on elliptic curves over extension fields from the point of view of accelerating the Miller's algorithm to present further advantage of pairing-friendly curves over extension fields, not relying on the much faster field arithmetic. We propose new pairings on elliptic curves over extension fields can make better use of the multi-pairing technique for the efficient implementation. By using some implementation skills, our new pairings could be implemented much more efficiently than the optimal ate pairing and the optimal twisted ate pairing on elliptic curves over extension fields. At last, we use the similar method to give more efficient pairings on Estibals's supersingular curves over composite extension fields in parallel implementation.

Franck Leprevost,Michael E. Pohst,Andreas M. Schoepp

DOI: https://doi.org/10.48550/arXiv.math/0301370

2003-01-31

Number Theory

Abstract:Soit l un entier et E_{c,l} la famille de Kubert des courbes elliptiques definies sur Q munies d'un point rationnel A d'ordre l. On note F_{c,l} la courbe elliptique quotient de E_{c,l} par le groupe engendre' par A, et f_l l'isogenie de E_{c,l} sur F_{c,l}. Pour l = 3, 4, 5 et 6, nous construisons explicitement, pour des parametrisations convenables de c, des elements non-triviaux de F_{c,l}(Q) / (f_l(E_{c,l}(Q))), autrement dit, des points explicites de F_{c,l}(Q) qui ne sont l'image par f_l d'aucun element de E_{c,l}(Q). Ces points sont en general d'ordre infini. Nous donnons des applications de cette methode a la construction d'extensions cycliques de Q de degre' l, et retrouvons certains corps obtenus par Shanks et Gras. Dans un article ulterieur, nous etudierons les proprietes arithmetiques de certaines des extensions obtenues ici.

Arman Shamsi Zargar Seiji Tomita 1 Department of Mathematics and Applications,University of Mohaghegh Ardabili,Ardabil,Iran.2 Tokyo Software Company (Inc.),Japan. E-Mail

DOI: https://doi.org/10.2989/16073606.2024.2412293

2024-10-16

Quaestiones Mathematicae

Abstract:Consider a pair of right triangles with an equal hypotenuse. This turns out to solve the diophantine system of equations a 2 + b 2 = c 2 + d 2 = e 2 in integers. To this system we associate a family of elliptic curves with defining equation y 2 = ( x − a 2 )( x − b 2 )( x − c 2 )+ a 2 b 2 c 2 . We show that there exists a subfamily of rank ≥ 3 over Q( m , n , k , l ) and obtain a subfamily of rank (exactly) four over Q( k ) and determine a set of its free generators. Besides, we show there exist infinitely many elliptic curves of rank ≥ 5 parameterized by a rank five quartic elliptic curve. We also find a few particular examples with higher ranks. The families we construct have Z/2Z torsion subgroups in general. The previous work [13] has obtained similar Pythagorean quadruplet elliptic curve families in two parameters with rank ≥ 3. (Recall that by a Pythagorean quadruplet ( a , b , c , d ), we mean an integer solution to the quadratic equation a 2 + b 2 = c 2 + d 2 .)

mathematics

Sam Frengley

2023-09-14

Abstract:We construct infinite families of pairs of (geometrically non-isogenous) elliptic curves defined over $\mathbb{Q}$ with $12$-torsion subgroups that are isomorphic as Galois modules. This extends previous work of Chen and Fisher where it is assumed that the underlying isomorphism of $12$-torsion subgroups respects the Weil pairing. Our approach is to compute explicit birational models for the modular diagonal quotient surfaces which parametrise such pairs of elliptic curves. A key ingredient in the proof is to construct simple (algebraic) conditions for the $2$, $3$, or $4$-torsion subgroups of a pair of elliptic curves to be isomorphic as Galois modules. These conditions are given in terms of the $j$-invariants of the pair of elliptic curves.

Number Theory

Shengqiang LI,Zhixiong CHEN,Liang ZHOU

DOI: https://doi.org/10.1587/transfun.e93.a.1827

2010-01-01

Abstract:An upper bound is established for certain exponential sums on the rational points of an elliptic curve over a residue class ring $\mathbb{Z}_N$, N=pq for two distinct odd primes p and q. The result is a generalization of an estimate of exponential sums on rational point groups of elliptic curves over finite fields. The bound is applied to showing the pseudorandomness of a large family of binary sequences constructed by using elliptic curves over $\mathbb{Z}_N$.

Gabriel Bujokas,Anand Patel

2024-10-27

Abstract:We introduce and motivate a conjecture about the existence of complete, 1-dimensional families of covers of an elliptic curve. If the conjecture holds, then it would imply a uniform lower bound of 5 for slope of the moduli space of curves. If the conjecture fails, this would itself be an interesting phenomenon worthy of explanation.

Algebraic Geometry