Group Law Computations on Jacobians of Hyperelliptic Curves

We derive an explicit method of computing the composition step in Cantor’s algorithm for group operations on Jacobians of hyperelliptic curves. Our technique is inspired by the geometric description of the group law and applies to hyperelliptic curves of arbitrary genus. While Cantor’s general composition involves arithmetic in the polynomial ring F_q[x], the algorithm we propose solves a linear system over the base field which can be written down directly from the Mumford coordinates of the group elements. We apply this method to give more efficient formulas for group operations in both affine and projective coordinates for cryptographic systems based on Jacobians of genus 2 hyperelliptic curves in general form.

[1]  Kristin Lauter THE EQUIVALENCE OF THE GEOMETRIC AND ALGEBRAIC GROUP LAWS FOR JACOBIANS OF GENUS 2 CURVES , 2001 .

[2]  Pierrick Gaudry,et al.  Fast genus 2 arithmetic based on Theta functions , 2007, J. Math. Cryptol..

[3]  Thomas J. Wollinger,et al.  Fast explicit formulae for genus 2 hyperelliptic curves using projective coordinates , 2007, Fourth International Conference on Information Technology (ITNG'07).

[4]  Ming-Deh A. Huang,et al.  Efficient Algorithms for the Riemann-Roch Problem and for Addition in the Jacobian of a Curve , 1994, J. Symb. Comput..

[5]  Christof Paar,et al.  Cantor versus Harley: optimization and analysis of explicit formulae for hyperelliptic curve cryptosystems , 2005, IEEE Transactions on Computers.

[6]  Pierrick Gaudry,et al.  An Algorithm for Solving the Discrete Log Problem on Hyperelliptic Curves , 2000, EUROCRYPT.

[7]  Tanja Lange Efficient Arithmetic on Hyperelliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[8]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[9]  Robert Harley,et al.  Counting Points on Hyperelliptic Curves over Finite Fields , 2000, ANTS.

[10]  Tsuyoshi Takagi,et al.  Novel Efficient Implementations of Hyperelliptic Curve Cryptosystems Using Degenerate Divisors , 2004, WISA.

[11]  Florian Hess,et al.  Computing Riemann-Roch Spaces in Algebraic Function Fields and Related Topics , 2002, J. Symb. Comput..

[12]  Steven D. Galbraith,et al.  Efficient Hyperelliptic Arithmetic Using Balanced Representation for Divisors , 2008, ANTS.

[13]  Kamal Khuri-Makdisi,et al.  Asymptotically fast group operations on Jacobians of general curves , 2004, Math. Comput..

[14]  Zheng Wang,et al.  Rethinking low genus hyperelliptic Jacobian arithmetic over binary fields: interplay of field arithmetic and explicit formulæ , 2008, J. Math. Cryptol..

[15]  晋輝 趙,et al.  H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercauteren (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography, Discrete Math. Appl. (Boca Raton)., Chapman & Hall/CRC, 2006年,xxxiv + 808ページ. , 2009 .

[16]  Claus Diem,et al.  An Index Calculus Algorithm for Plane Curves of Small Degree , 2006, ANTS.

[17]  Kazuto Matsuo,et al.  Fast Genus Three Hyperelliptic Curve Cryptosystems , 2002 .

[18]  Tanja Lange,et al.  Efficient Arithmetic on Genus 2 Hyperelliptic Curves over Finite Fields via Explicit Formulae , 2002, IACR Cryptol. ePrint Arch..

[19]  D. Mumford Tata Lectures on Theta I , 1982 .

[20]  Kazumaro Aoki,et al.  Improvements of Addition Algorithm on Genus 3 Hyperelliptic Curves and Their Implementation , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[21]  Benjamin A. Smith Isogenies and the Discrete Logarithm Problem in Jacobians of Genus 3 Hyperelliptic Curves, , 2008, Journal of Cryptology.

[22]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[23]  Andreas Stein,et al.  Explicit Formulas for Real Hyperelliptic Curves of Genus 2 in Affine Representation , 2007, WAIFI.

[24]  Thomas Wollinger,et al.  Software and hardware implementation of hyperelliptic curve cryptosystems , 2004 .

[25]  Steven D. Galbraith,et al.  Mathematics of Public Key Cryptography , 2012 .

[26]  Tanja Lange,et al.  Formulae for Arithmetic on Genus 2 Hyperelliptic Curves , 2005, Applicable Algebra in Engineering, Communication and Computing.

[27]  David Jao,et al.  Efficient Pairing Computation on Genus 2 Curves in Projective Coordinates , 2009, Selected Areas in Cryptography.

[28]  Kristin E. Lauter,et al.  Fast Elliptic Curve Arithmetic and Improved Weil Pairing Evaluation , 2003, CT-RSA.

[29]  Neal Koblitz,et al.  Hyperelliptic cryptosystems , 1989, Journal of Cryptology.

[30]  Fatima K. Abu Salem,et al.  Fast Jacobian group operations for C_{3,4} curves over a large finite field , 2006, ArXiv.

[31]  Roger Oyono,et al.  Fast Arithmetic on Jacobians of Picard Curves , 2004, Public Key Cryptography.

[32]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[33]  Tanja Lange Inversion-Free Arithmetic on Genus 2 Hyperelliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[34]  Christophe Doche,et al.  Efficient Scalar Multiplication by Isogeny Decompositions , 2005, IACR Cryptol. ePrint Arch..

[35]  Marc Joye,et al.  Trading Inversions for Multiplications in Elliptic Curve Cryptography , 2006, Des. Codes Cryptogr..

[36]  H. Hisil Elliptic curves, group law, and efficient computation , 2010 .

[37]  Kamal Khuri-Makdisi Linear algebra algorithms for divisors on an algebraic curve , 2004, Math. Comput..

[38]  Michael Naehrig,et al.  An Analysis of Affine Coordinates for Pairing Computation , 2010, Pairing.

[39]  P. Gaudry Advances in Elliptic Curve Cryptography: Hyperelliptic Curves and the HCDLP , 2005 .

[40]  Christophe Ritzenthaler,et al.  Fast addition on non-hyperelliptic genus 3 curves , 2008, IACR Cryptol. ePrint Arch..

[41]  D. Cantor Computing in the Jacobian of a hyperelliptic curve , 1987 .

[42]  Frank Leitenberger About the group law for the Jacobi variety of a hyperelliptic curve , 2005 .

[43]  Vishnu A. Patankar,et al.  EXPLICIT ALGORITHM FOR THE ARITHMETIC ON THE HYPERELLIPTIC JACOBIANS OF GENUS 3 , 2004 .

[44]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[45]  Tanja Lange Weighted Coordinates on Genus 2 Hyperelliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[46]  Franz Lemmermeyer,et al.  Introduction to Algebraic Geometry , 2005 .

[47]  Nicolas Thériault,et al.  A double large prime variation for small genus hyperelliptic index calculus , 2004, Math. Comput..