Description
We describe an algorithm of Harvey, improved and implemented by Harvey and Sutherland, which given a hyperelliptic curve of genus g over Q computes its zeta function over F_p for all p <= N in such a way that the average time per prime is polynomial in g and log(N). The method is based on p-adic cohomology, specifically the algorithms of Kedlaya and Harvey; the key new observation is that one can set up the cohomology computation in a manner which is almost entirely independent of p, and thus reuse much of the computation.
Next sessions
-
Algorithms for post-quantum commutative group actions
Speaker : Marc Houben - Inria Bordeaux
At the historical foundation of isogeny-based cryptography lies a scheme known as CRS; a key exchange protocol based on class group actions on elliptic curves. Along with more efficient variants, such as CSIDH, this framework has emerged as a powerful building block for the construction of advanced post-quantum cryptographic primitives. Unfortunately, all protocols in this line of work are[…] -
Endomorphisms via Splittings
Speaker : Min-Yi Shen - No Affiliation
One of the fundamental hardness assumptions underlying isogeny-based cryptography is the problem of finding a non-trivial endomorphism of a given supersingular elliptic curve. In this talk, we show that the problem is related to the problem of finding a splitting of a principally polarised superspecial abelian surface. In particular, we provide formal security reductions and a proof-of-concept[…]-
Cryptography
-