Classification of Elliptic/hyperelliptic Curves with Weak Coverings against GHS Attack under an Isogeny Condition

The GHS attack is known to map the discrete logarithm problem(DLP) in the Jacobian of a curve C0 defined over the d degree extension kd of a finite field k to the DLP in the Jacobian of a new curve C over k which is a covering curve of C0, then solve the DLP of curves C/k by variations of index calculus algorithms. It is therefore important to know which curve C0/kd is subjected to the GHS attack, especially those whose covering C/k have the smallest genus g(C) = dg(C0), which we called satisfying the isogeny condition. Until now, 4 classes of such curves were found by Thériault in [35] and 6 classes by Diem in [3][5]. In this paper, we present a classification i.e. a complete list of all elliptic curves and hyperelliptic curves C0/kd of genus 2, 3 which possess (2, ..., 2) covering C/k of P under the isogeny condition (i.e. g(C) = d · g(C0)) in odd characteristic case. In particular, classification of the Galois representation of Gal(kd/k) acting on the covering group cov(C/P) is used together with analysis of ramification points of these coverings. Besides, a general existential condition of a model of C over k is also obtained. As the result, a complete list of all defining equations of curves C0/kd with covering C/k are provided explicitly. Besides the 10 classes of C0/kd already known, 17 classes are newly found.

[1]  Hess Florian,et al.  Generalising the GHS attack on the elliptic curve discrete logarithm , 2004 .

[2]  Nicolas Thériault,et al.  Weil Descent Attack for Artin-Schreier Curves , 2003 .

[3]  C. Diem The GHS-attack in odd characteristic , 2003 .

[4]  Nicolas Thériault,et al.  A double large prime variation for small genus hyperelliptic index calculus , 2004, Math. Comput..

[5]  N. Thériault Weil descent attack for Kummer extensions , 2003 .

[6]  Alfred Menezes,et al.  Weak Fields for ECC , 2004, CT-RSA.

[7]  Steven D. Galbraith Weil Descent of Jacobians , 2003, Discret. Appl. Math..

[8]  Leonard M. Adleman,et al.  A subexponential algorithm for discrete logarithms over the rational subgroup of the jacobians of large genus hyperelliptic curves over finite fields , 1994, ANTS.

[9]  Jinhui Chao,et al.  An Extension of GHS Weil Descent Attack , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Claus Diem,et al.  Index Calculus in Class Groups of Plane Curves of Small Degree , 2005, IACR Cryptol. ePrint Arch..

[11]  Alfred Menezes,et al.  Analysis of the GHS Weil Descent Attack on the ECDLP over Characteristic Two Finite Fields of Composite Degree , 2001, INDOCRYPT.

[12]  Jinhui Chao,et al.  Scholten Forms and Elliptic/Hyperelliptic Curves with Weak Weil Restrictions , 2005, IACR Cryptol. ePrint Arch..

[13]  Benjamin A. Smith Isogenies and the Discrete Logarithm Problem in Jacobians of Genus 3 Hyperelliptic Curves, , 2008, Journal of Cryptology.

[14]  Jinhui Chao,et al.  Classification of Weil Restrictions Obtained by (2, ..., 2) Coverings of P1 , 2006, IACR Cryptol. ePrint Arch..

[15]  Jinhui Chao,et al.  On Implementation of GHS Attack against Elliptic Curve Cryptosystems over Cubic Extension Fields of Odd Characteristics , 2008, IACR Cryptol. ePrint Arch..

[16]  Koh-ichi Nagao,et al.  Improvement of ThéLeriault Algorithm of Index Calculus for Jacobian of Hyperelliptic Curves of Small Genus , 2004, IACR Cryptol. ePrint Arch..

[17]  Pierrick Gaudry,et al.  Index calculus for abelian varieties of small dimension and the elliptic curve discrete logarithm problem , 2009, J. Symb. Comput..

[18]  Nigel P. Smart,et al.  Constructive and destructive facets of Weil descent on elliptic curves , 2002, Journal of Cryptology.

[19]  Nicolas Thériault,et al.  Index Calculus Attack for Hyperelliptic Curves of Small Genus , 2003, ASIACRYPT.

[20]  Henning Stichtenoth,et al.  Algebraic function fields and codes , 1993, Universitext.

[21]  Alfred Menezes,et al.  Analysis of the Weil Descent Attack of Gaudry, Hess and Smart , 2001, CT-RSA.

[22]  Jinhui Chao,et al.  Elliptic curves with weak coverings over cubic extensions of finite fields with odd characteristics , 2009, IACR Cryptol. ePrint Arch..

[23]  PalaiseauDeutschland Franceenge A General Framework for Subexponential Discrete Logarithm Algorithms , 2000 .

[24]  Florian Hess,et al.  The GHS Attack Revisited , 2003, EUROCRYPT.

[25]  Pierrick Gaudry,et al.  An Algorithm for Solving the Discrete Log Problem on Hyperelliptic Curves , 2000, EUROCRYPT.

[26]  Jinhui Chao,et al.  Classification of Elliptic/hyperelliptic Curves with Weak Coverings against GHS Attack without Isogeny Condition , 2009, IACR Cryptol. ePrint Arch..