Index Calculus in Class Groups of Plane Curves of Small Degree

We present a novel index calculus algorithm for the discrete logarithm problem (DLP) in degree 0 class groups of curves over finite fields. A heuristic analysis of our algorithm indicates that asymptotically for varying q, “essentially all” instances of the DLP in degree 0 class groups of curves represented by plane models of a fixed degree d over Fq can be solved in an expected time of O(q ). A particular application is that heuristically, “essentially all” instances of the DLP in degree 0 class groups of non-hyperelliptic curves of genus 3 (represented by plane curves of degree 4) can be solved in an expected time of O(q). We also provide a method to represent “sufficiently general” (nonhyperelliptic) curves of genus g ≥ 3 by plane models of degree g+1. We conclude that on heuristic grounds the DLP in degree 0 class groups of “sufficiently general” curves of genus g ≥ 3 (represented initially by plane models of bounded degree) can be solved in an expected time of O(q).

[1]  C. Pomerance Fast, Rigorous Factorization and Discrete Logarithm Algorithms , 1987 .

[2]  Koh-ichi Nagao,et al.  Improvement of ThéLeriault Algorithm of Index Calculus for Jacobian of Hyperelliptic Curves of Small Genus , 2004, IACR Cryptol. ePrint Arch..

[3]  Daniel J. Bernstein,et al.  Circuits for Integer Factorization: A Proposal , 2001 .

[4]  P. Newstead Moduli Spaces and Vector Bundles: Geometric Invariant Theory , 2009 .

[5]  C. Diem The GHS-attack in odd characteristic , 2003 .

[6]  J. Pila Frobenius maps of Abelian varieties and finding roots of unity in finite fields , 1990 .

[7]  D. Cantor Computing in the Jacobian of a hyperelliptic curve , 1987 .

[8]  Erich Kaltofen,et al.  On randomized Lanczos algorithms , 1997, ISSAC.

[9]  R. Schoof Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p , 1985 .

[10]  Nicolas Thériault,et al.  A double large prime variation for small genus hyperelliptic index calculus , 2004, Math. Comput..

[11]  Another proof of the existence of special divisors , 1974 .

[12]  Timothy J. Purcell Sorting and searching , 2005, SIGGRAPH Courses.

[13]  PalaiseauDeutschland Franceenge A General Framework for Subexponential Discrete Logarithm Algorithms , 2000 .

[14]  Emil J. Volcheck Computing in the jacobian of a plane algebraic curve , 1994, ANTS.

[15]  Florian Hess,et al.  Computing Riemann-Roch Spaces in Algebraic Function Fields and Related Topics , 2002, J. Symb. Comput..

[16]  Leonard M. Adleman,et al.  A subexponential algorithm for discrete logarithms over the rational subgroup of the jacobians of large genus hyperelliptic curves over finite fields , 1994, ANTS.

[17]  Jean-Charles Faugère,et al.  The arithmetic of Jacobian groups of superelliptic cubics , 2005, Math. Comput..

[18]  Christophe Ritzenthaler,et al.  Fast addition on non-hyperelliptic genus 3 curves , 2008, IACR Cryptol. ePrint Arch..

[19]  Michael J. Wiener The Full Cost of Cryptanalytic Attacks , 2003, Journal of Cryptology.

[20]  Martin E. Hellman,et al.  Time-memory-processor trade-offs , 1988, IEEE Trans. Inf. Theory.

[21]  Adi Shamir,et al.  Analysis of Bernstein's Factorization Circuit , 2002, ASIACRYPT.

[22]  Joe Harris,et al.  On the variety of special linear systems on a general algebraic curve , 1980 .

[23]  Kamal Khuri-Makdisi Linear algebra algorithms for divisors on an algebraic curve , 2004, Math. Comput..

[24]  Ming-Deh A. Huang,et al.  Efficient Algorithms for the Riemann-Roch Problem and for Addition in the Jacobian of a Curve , 1994, J. Symb. Comput..

[25]  Jonathan Pila Counting points on curves over families in polynomial time , 2005 .

[26]  C. Diem,et al.  Attacks A report for the AREHCC project , 2003 .

[27]  T. Willmore Algebraic Geometry , 1973, Nature.

[28]  Nicolas Thériault,et al.  Index Calculus Attack for Hyperelliptic Curves of Small Genus , 2003, ASIACRYPT.

[29]  Jean-Charles Faugère,et al.  Implementing the Arithmetic of C3, 4Curves , 2004, ANTS.

[30]  Pierrick Gaudry,et al.  An Algorithm for Solving the Discrete Log Problem on Hyperelliptic Curves , 2000, EUROCRYPT.

[31]  Alfred Menezes,et al.  Algebraic curves and cryptography , 2005, Finite Fields Their Appl..

[32]  Roger Oyono,et al.  Fast Arithmetic on Jacobians of Picard Curves , 2004, Public Key Cryptography.

[33]  F. Hess,et al.  Advances in Elliptic Curve Cryptography: Weil Descent Attacks , 2005 .