structure of volcano of isogeny applied to couveignes s
play

Structure of Volcano of -isogeny applied to Couveigness algorithm - PowerPoint PPT Presentation

Feb 14, 2023 •180 likes •472 views

Reminder on elliptic curves Endomorphism ring Volcano of -isogeny and Frobenius endomorphism -adic tower Structure of Volcano of -isogeny applied to Couveigness algorithm Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost

  1. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Université Versailles Saint Quentin en Yvelines, Paris-Saclay March 15, 2016 1/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  2. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Summary Reminder on elliptic curves, 1 Endomorphism ring of elliptic curves following Kohel in 1996 [5], 2 Volcanoes of ℓ -isogenies and Frobenius endomorphism, 3 Working on ℓ -adic tower. 4 2/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  3. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Reminder on elliptic curves F q a finite field of characteristic p . Definition E an elliptic curve defined over F q , we denote by : E ( F q ) the set of rational points of E over F q During all this presentation we will consider only elliptic curves on the finite field F q , ℓ is a prime different from p 3/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  4. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition ( m torsion points) m ∈ N , we denote by E [ m ] = { P ∈ E , mP = 0 E } E ( F q )[ m ] = { P ∈ E ( F q ) , mP = 0 E } 4/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  5. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Reminder on isogenies Definition (isogeny) E and E ′ two ellitpic curves, φ : E → E ′ a surjective morphism such that φ (0 E ) = 0 E ′ , then φ is an isogeny. An isogeny is a group morphism. We say that E and E ′ are isogenous if there exist an isogeny φ between the two curves. Proposition E and E ′ two ellitpic curves, φ : E → E ′ an isogeny, if φ is separable , then we have: deg φ = | ker( φ ) | 5/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  6. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition E and E ′ two elliptic curves and ℓ a prime number, φ : E → E ′ a non constant isogeny. We say that φ is an ℓ -isogeny if we have deg φ = ℓ Theorem (Tate) E and E ′ two elliptic curves and φ : E → E ′ an isogeny. Then | E ( F q ) | = | E ′ ( F q ) | 6/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  7. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Theorem E, E ′ two elliptic curves. There is a bijection between finite subgroups of E ′ and separable isogenies : ( φ : E → E ′ ) �→ ker φ ( E → E / C ) �→ C Remark E an elliptic curve defined over F q , let ℓ be a prime different from p , then we define an ℓ -isogeny by a primitive ℓ -torsion point: P φ : E → E / � P � 7/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  8. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Isogeny computation Couveignes’s algorithm [1] in O ( r 2 ) Require: E,E’ two r -isogenous curves on F p n Ensure: φ : E → E ′ of degree r Main steps of Couveignes’s algorithm: determine p k primitive torsion points on E and E ′ with p k > 4 r , 1 since E [ p k ] is cyclic, the algorithm just has to interpolate p k torsion 2 points on p k torsion points according to the group law, test if the interpolation is good, 3 if the test is good, then return the isogeny. 4 Mainly used in S.E.A. for counting points 8/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  9. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Isogeny computation Other existing algorithms .[BMSS] et [CCR] work only for r ≪ p in O ( M ( r ) log( r )) 1 p -adic algorithms [Satoh] with p fixed are exponential in log( p ) 2 .[LS08] works for every p in O ( r 2 ) 3 9/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  10. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition (Endomorphism ring) End ( E ) = { isogenies φ : E → E } is a ring with the addition law and composition law. Remark We have Z ⊂ End ( E ) 10/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  11. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition (Frobenius Endomorphism) E an elliptic curve defined over F q . The function π : ( x , y ) �→ ( x q , y q ) is called Frobenius endomorphism. It belongs to End ( E ). Remark E an elliptic curve defined over F q , then we always have Z [ π ] ⊂ End ( E ) . 11/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  12. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Proposition E an elliptic curve defined over F q is ordinary if it satisfies any of the two equivalent conditions: E [ p r ] = Z / p r Z 1 End ( E ) is isomorphic to an order in a quadratic imaginary extension 2 of Q . From now we will only work with ordinary elliptic curves. Definition An order in a quadratic imaginary number field K is a subring of K 1 a Z -modulus of rank 2 2 12/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  13. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition We denote by O K the algebraic integers of K . We can associate to any elliptic curve E his endomorphism ring: O ≃ End ( E ) We will denote O (resp. O ′ ) the End ( E ) (resp. End ( E ′ )) up to isomorphism. Remark For an ordinary elliptic curve we have: Z [ π ] ⊂ O ⊂ O K 13/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  14. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Lemma (Kohel 1996) E and E ′ two elliptic curves defined over F q , φ : E → E ′ an ℓ -isogeny, with ℓ � = p . Then ℓ = [ O : O ′ ] we say then that 1 φ is a descending isogeny, ℓ = [ O ′ : O ] we say then that 2 φ is an ascending isogeny, O = O ′ we say then that φ 3 is an horizontal isogeny. 14/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  15. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower • • • • • • • • • • • • • • • • • • • • ( d K /ℓ ) = − 1 ( d K /ℓ ) = 0 ( d K /ℓ ) = +1 Figure: The three shapes of volcanoes of 2-isogenies 15/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  16. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Remark In the rest of this talk we consider only volcanoes with cyclic crater (i.e. ( d K /ℓ ) = +1), so that ℓ is an Elkies prime for these curves. This implies that the Frobenius automorphism on T ℓ ( E ), which we write π | T ℓ ( E ), has two distinct eigenvalues λ � = µ . The depth of the volcano of F q -rational ℓ -isogenies is h = v ℓ ( λ − µ ). Proposition Let E be a curve on a volcano of ℓ isogeny with cyclic crater. Then there exists a unique a ∈ { 0 , ℓ, . . . , ℓ h − 1 } such that π | T ℓ ( E ) is conjugate, � λ a over Z ℓ , to the matrix � . 0 µ Moreover a = 0 if E lies on the crater. 16/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel Deyts Universit Paris Saclay UVSQ Dec 14, 2018, UVSQ, Versailles Elliptic curves Let E y 2 x 3 ax b be an elliptic curve...

1.02k views • 85 slides
Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes

Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes

Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes Algorithmique arithmtique Motivation I Effective methods and issues play an important role in number theory : Diophantine equations, Agorithmic

284 views • 7 slides
Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization Centre for Applied Cryptographic Research June 17, 2016 CENTRE FOR APPLIED CRYPTOGRAPHIC RESEARCH (CACR) Motivation: Post-Quantum Cryptography

355 views • 16 slides
Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor

Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor

Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor Network ICTP Trieste - Italy March 11, 2016 Context Arenal Volcano Stromboli volcano (924 m) (1.633 m) Italy Costa Rica Longonot

237 views • 9 slides
Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past

Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past

Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past earthquake-volcano interaction at - 2002-2005 intrusion - effects on the volcano - Kilauea deformation Falk Amelung*, Sang-Ho Yun, Thomas Walter, Paul

890 views • 41 slides
The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier)

The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier)

The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier) INRIA Bordeaux Sud-Ouest et Institut de Math ematiques de Bordeaux CIAO 2020, Bordeaux Jean-Marc Couveignes (with Reynald Lercier) The geometry

559 views • 29 slides
The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and

The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and

The Volcano Optimizer The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and database systems Allowing query optimization to be Efficient Search more tuned towards the application = Presentation:

288 views • 4 slides
Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe

Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe

Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe Petit ECC 2019 3 December 1 / 50 Motivation Isogeny based cryptography Another Look at Provable Security Neal Koblitz Dept. of

780 views • 61 slides
Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux Workshop FAST, September 2017 The linear sieve Algorithm for computing discrete logarithms in F q with q = p d . F q = F p [ X ] / A ( X ) with A ( X )

510 views • 21 slides
The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic

The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic

The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic Discussion: Jerry Zhang What is Volcano? Why develop it? An optimizer generator tuned towards object-oriented and scientific database systems. It

1.2k views • 11 slides
Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr,

Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr,

Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr, Geovandro C. C. F. Pereira , Javad Doliskani, and Paulo S. L. M. Barreto. 1 REVI EW : SI DH AND COMPRESSED KEYS 2 Isogeny-based Crypto n SIDH:

856 views • 81 slides
Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux Workshop FAST, September 2017 Specializing isogenies between algebraic groups Le G / K be a commutative algebraic group over a perfect field and T G

549 views • 20 slides
Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019 Mathematical foundations of asymmetric cryptography Aussois, Savoie Slides online at https://defeo.lu/docet/ Overview Isogeny graphs 1 Elliptic Curves

1.96k views • 156 slides
Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier

Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier

Background Function Field Sieve Galois Invariant Smoothness Basis Conclusion Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier DGA/CELAR & University of Rennes France Reynald.Lercier (at)

650 views • 38 slides
Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint

Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint

Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint work with Emmanuel Thom Sorina Ionica 1 / 24 Isogeny graphs Kohel 1996: Graph with vertices elliptic curves defined over F q and edges all

302 views • 27 slides
BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017,

BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017,

ERNEST HUNTER DIMITAR BENJAMIN BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017, NIJMEGEN, THE NETHERLANDS BY BENJAMIN WESOLOWSKI FROM EPFL, SWITZERLAND AN INTRODUCTION TO ISOGENY GRAPHS

770 views • 63 slides
Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage UCSD MIT UCSD UCSD Todays talk in one slide Third-party clouds: cloud cartography

563 views • 29 slides
TOEIC speaking and writingread a text aloud Fri 20 Sep 2019 11:31:18 AM CST

TOEIC speaking and writingread a text aloud Fri 20 Sep 2019 11:31:18 AM CST

TOEIC speaking and writingread a text aloud Fri 20 Sep 2019 11:31:18 AM CST http://github.com/drbean/curriculum/master/speaking TOEIC speaking and writingread a text aloud Fri 20 Sep 2019 11:31:18 AM CST

356 views • 20 slides
Evolution of the distribution of rapidities under atom losses in the 1D Bose gas Jrme Dubail

Evolution of the distribution of rapidities under atom losses in the 1D Bose gas Jrme Dubail

Evolution of the distribution of rapidities under atom losses in the 1D Bose gas Jrme Dubail LPCT, CNRS and Universit de Lorraine, Nancy Based on arXiv:2006.03583 with: Isabelle Bouchoule (Institut dOptique, Palaiseau) Benjamin Doyon

428 views • 16 slides
CS 451 Software Engineering Winter Term Yuanfang Cai Room 104, University Crossings

CS 451 Software Engineering Winter Term Yuanfang Cai Room 104, University Crossings

CS 451 Software Engineering Winter Term Yuanfang Cai Room 104, University Crossings 215.895.0298 yfcai@cs.drexel.edu 1 Drexel University PROCESS MODEL A structured collection of practices Describe characteristics of effective process

519 views • 36 slides
New results on the geometry of translation surfaces Marian Ioan MUNTEANU Al.I.Cuza University of

New results on the geometry of translation surfaces Marian Ioan MUNTEANU Al.I.Cuza University of

New results on the geometry of translation surfaces Marian Ioan MUNTEANU Al.I.Cuza University of Iasi, Romania webpage: http://www.math.uaic.ro/ munteanu XI th International Conference GEOMETRY, INTEGRABILITY and QUANTIZATION Varna : June 5

1.59k views • 83 slides
Logic and cognition: Sujata Ghosh Towards an interdependent ISI Chennai

Logic and cognition: Sujata Ghosh Towards an interdependent ISI Chennai

Logic and Cognition Workshop, ICLA 2019, March 2, 2019 Logic and cognition: Sujata Ghosh Towards an interdependent ISI Chennai sujata@isichennai.res.in methodology What is logic ? What is logic ? Contrariwise, continued Tweedledee,

840 views • 80 slides
Authentication and Passwords Autumn 2016 Tadayoshi Kohno yoshi@cs.Washington.edu Thanks to Dan

Authentication and Passwords Autumn 2016 Tadayoshi Kohno yoshi@cs.Washington.edu Thanks to Dan

CSE 484 / CSE M 584: Computer Security and Privacy Authentication and Passwords Autumn 2016 Tadayoshi Kohno yoshi@cs.Washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Franzi Roesner, Vitaly

751 views • 39 slides
Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10

Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10

Broken Authentication: What it means, and what you can do hassan.abudu@owasp.org OWASP Top 10 Vulnerabilities - 2017 Rank Name 1 Injection 2 Broken Authentication 3 Sensitive Data Exposure 4 XML External Entities 5 Broken Access

207 views • 6 slides

More recommend