structure of volcano of isogeny applied to couveignes s
play

Structure of Volcano of -isogeny applied to Couveigness algorithm - PowerPoint PPT Presentation

Feb 14, 2023 •180 likes •472 views

Reminder on elliptic curves Endomorphism ring Volcano of -isogeny and Frobenius endomorphism -adic tower Structure of Volcano of -isogeny applied to Couveigness algorithm Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost

  1. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Université Versailles Saint Quentin en Yvelines, Paris-Saclay March 15, 2016 1/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  2. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Summary Reminder on elliptic curves, 1 Endomorphism ring of elliptic curves following Kohel in 1996 [5], 2 Volcanoes of ℓ -isogenies and Frobenius endomorphism, 3 Working on ℓ -adic tower. 4 2/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  3. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Reminder on elliptic curves F q a finite field of characteristic p . Definition E an elliptic curve defined over F q , we denote by : E ( F q ) the set of rational points of E over F q During all this presentation we will consider only elliptic curves on the finite field F q , ℓ is a prime different from p 3/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  4. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition ( m torsion points) m ∈ N , we denote by E [ m ] = { P ∈ E , mP = 0 E } E ( F q )[ m ] = { P ∈ E ( F q ) , mP = 0 E } 4/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  5. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Reminder on isogenies Definition (isogeny) E and E ′ two ellitpic curves, φ : E → E ′ a surjective morphism such that φ (0 E ) = 0 E ′ , then φ is an isogeny. An isogeny is a group morphism. We say that E and E ′ are isogenous if there exist an isogeny φ between the two curves. Proposition E and E ′ two ellitpic curves, φ : E → E ′ an isogeny, if φ is separable , then we have: deg φ = | ker( φ ) | 5/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  6. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition E and E ′ two elliptic curves and ℓ a prime number, φ : E → E ′ a non constant isogeny. We say that φ is an ℓ -isogeny if we have deg φ = ℓ Theorem (Tate) E and E ′ two elliptic curves and φ : E → E ′ an isogeny. Then | E ( F q ) | = | E ′ ( F q ) | 6/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  7. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Theorem E, E ′ two elliptic curves. There is a bijection between finite subgroups of E ′ and separable isogenies : ( φ : E → E ′ ) �→ ker φ ( E → E / C ) �→ C Remark E an elliptic curve defined over F q , let ℓ be a prime different from p , then we define an ℓ -isogeny by a primitive ℓ -torsion point: P φ : E → E / � P � 7/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  8. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Isogeny computation Couveignes’s algorithm [1] in O ( r 2 ) Require: E,E’ two r -isogenous curves on F p n Ensure: φ : E → E ′ of degree r Main steps of Couveignes’s algorithm: determine p k primitive torsion points on E and E ′ with p k > 4 r , 1 since E [ p k ] is cyclic, the algorithm just has to interpolate p k torsion 2 points on p k torsion points according to the group law, test if the interpolation is good, 3 if the test is good, then return the isogeny. 4 Mainly used in S.E.A. for counting points 8/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  9. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Isogeny computation Other existing algorithms .[BMSS] et [CCR] work only for r ≪ p in O ( M ( r ) log( r )) 1 p -adic algorithms [Satoh] with p fixed are exponential in log( p ) 2 .[LS08] works for every p in O ( r 2 ) 3 9/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  10. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition (Endomorphism ring) End ( E ) = { isogenies φ : E → E } is a ring with the addition law and composition law. Remark We have Z ⊂ End ( E ) 10/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  11. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition (Frobenius Endomorphism) E an elliptic curve defined over F q . The function π : ( x , y ) �→ ( x q , y q ) is called Frobenius endomorphism. It belongs to End ( E ). Remark E an elliptic curve defined over F q , then we always have Z [ π ] ⊂ End ( E ) . 11/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  12. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Proposition E an elliptic curve defined over F q is ordinary if it satisfies any of the two equivalent conditions: E [ p r ] = Z / p r Z 1 End ( E ) is isomorphic to an order in a quadratic imaginary extension 2 of Q . From now we will only work with ordinary elliptic curves. Definition An order in a quadratic imaginary number field K is a subring of K 1 a Z -modulus of rank 2 2 12/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  13. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Definition We denote by O K the algebraic integers of K . We can associate to any elliptic curve E his endomorphism ring: O ≃ End ( E ) We will denote O (resp. O ′ ) the End ( E ) (resp. End ( E ′ )) up to isomorphism. Remark For an ordinary elliptic curve we have: Z [ π ] ⊂ O ⊂ O K 13/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  14. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Lemma (Kohel 1996) E and E ′ two elliptic curves defined over F q , φ : E → E ′ an ℓ -isogeny, with ℓ � = p . Then ℓ = [ O : O ′ ] we say then that 1 φ is a descending isogeny, ℓ = [ O ′ : O ] we say then that 2 φ is an ascending isogeny, O = O ′ we say then that φ 3 is an horizontal isogeny. 14/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  15. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower • • • • • • • • • • • • • • • • • • • • ( d K /ℓ ) = − 1 ( d K /ℓ ) = 0 ( d K /ℓ ) = +1 Figure: The three shapes of volcanoes of 2-isogenies 15/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

  16. Reminder on elliptic curves Endomorphism ring Volcano of ℓ -isogeny and Frobenius endomorphism ℓ -adic tower Remark In the rest of this talk we consider only volcanoes with cyclic crater (i.e. ( d K /ℓ ) = +1), so that ℓ is an Elkies prime for these curves. This implies that the Frobenius automorphism on T ℓ ( E ), which we write π | T ℓ ( E ), has two distinct eigenvalues λ � = µ . The depth of the volcano of F q -rational ℓ -isogenies is h = v ℓ ( λ − µ ). Proposition Let E be a curve on a volcano of ℓ isogeny with cyclic crater. Then there exists a unique a ∈ { 0 , ℓ, . . . , ℓ h − 1 } such that π | T ℓ ( E ) is conjugate, � λ a over Z ℓ , to the matrix � . 0 µ Moreover a = 0 if E lies on the crater. 16/ 28 Luca De Feo, Cyril Hugounenq, Jerome Plut, Eric Schost Structure of Volcano of ℓ -isogeny applied to Couveignes’s algorithm

Recommend

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel

Exploring Isogeny Graphs Around the Volcano in 2 80 Days Luca De Feo hand drawings by Rachel Deyts Universit Paris Saclay UVSQ Dec 14, 2018, UVSQ, Versailles Elliptic curves Let E y 2 x 3 ax b be an elliptic curve...

1.02k views • 85 slides
Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes

Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes

Algorithmique arithmtique, N1MA9W11 Jean-Marc Couveignes 5 septembre 2011 Jean-Marc Couveignes Algorithmique arithmtique Motivation I Effective methods and issues play an important role in number theory : Diophantine equations, Agorithmic

284 views • 7 slides
Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization

Isogeny-Based Public-Key Cryptography David Jao Department of Combinatorics & Optimization Centre for Applied Cryptographic Research June 17, 2016 CENTRE FOR APPLIED CRYPTOGRAPHIC RESEARCH (CACR) Motivation: Post-Quantum Cryptography

355 views • 16 slides
Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor

Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor

Workshop on New Frontiers in Internet of Things Active Volcano Monitoring with Wireless Sensor Network ICTP Trieste - Italy March 11, 2016 Context Arenal Volcano Stromboli volcano (924 m) (1.633 m) Italy Costa Rica Longonot

237 views • 9 slides
Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past

Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past

Stress control of deep rift intrusion at Mauna Loa volcano, Hawaii Outline: - past earthquake-volcano interaction at - 2002-2005 intrusion - effects on the volcano - Kilauea deformation Falk Amelung*, Sang-Ho Yun, Thomas Walter, Paul

890 views • 41 slides
The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier)

The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier)

The geometry of some parameterizations and encodings Jean-Marc Couveignes (with Reynald Lercier) INRIA Bordeaux Sud-Ouest et Institut de Math ematiques de Bordeaux CIAO 2020, Bordeaux Jean-Marc Couveignes (with Reynald Lercier) The geometry

559 views • 29 slides
The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and

The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and

The Volcano Optimizer The Volcano Optimizer Generator Generator: Object-oriented and scientific Extensibility and database systems Allowing query optimization to be Efficient Search more tuned towards the application = Presentation:

288 views • 4 slides
Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe

Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe

Another Look At Some Isogeny Hardness Assumptions Simon-Phillipp Merz, Romy Minko, Christophe Petit ECC 2019 3 December 1 / 50 Motivation Isogeny based cryptography Another Look at Provable Security Neal Koblitz Dept. of

780 views • 61 slides
Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux Workshop FAST, September 2017 The linear sieve Algorithm for computing discrete logarithms in F q with q = p d . F q = F p [ X ] / A ( X ) with A ( X )

510 views • 21 slides
The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic

The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic

The Volcano Optimizer Generator: Extensibility and Efficient Search Presentation: Mirna Limic Discussion: Jerry Zhang What is Volcano? Why develop it? An optimizer generator tuned towards object-oriented and scientific database systems. It

1.2k views • 11 slides
Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr,

Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr,

Faster Isogeny-Based Compressed Key Agreement Gustavo H. M. Zanon, Marcos A. Simplicio Jr, Geovandro C. C. F. Pereira , Javad Doliskani, and Paulo S. L. M. Barreto. 1 REVI EW : SI DH AND COMPRESSED KEYS 2 Isogeny-based Crypto n SIDH:

856 views • 81 slides
Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux

Kummer theory for finite fields Jean-Marc Couveignes Institut de Mathmatiques de Bordeaux Workshop FAST, September 2017 Specializing isogenies between algebraic groups Le G / K be a commutative algebraic group over a perfect field and T G

549 views • 20 slides
Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ March 18, 2019 Mathematical foundations of asymmetric cryptography Aussois, Savoie Slides online at https://defeo.lu/docet/ Overview Isogeny graphs 1 Elliptic Curves

1.96k views • 156 slides
Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier

Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier

Background Function Field Sieve Galois Invariant Smoothness Basis Conclusion Discrete Logarithms and Galois Invariant Smoothness Basis (with J.-M. Couveignes) R. Lercier DGA/CELAR & University of Rennes France Reynald.Lercier (at)

650 views • 38 slides
Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint

Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint

Isogeny graphs with real multiplication Sorina Ionica Ecole Normale Suprieure de Paris joint work with Emmanuel Thom Sorina Ionica 1 / 24 Isogeny graphs Kohel 1996: Graph with vertices elliptic curves defined over F q and edges all

302 views • 27 slides
BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017,

BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017,

ERNEST HUNTER DIMITAR BENJAMIN BROOKS JETCHEV WESOLOWSKI ISOGENY GRAPHS OF ORDINARY ABELIAN VARIETIES PRESENTED AT ECC 2017, NIJMEGEN, THE NETHERLANDS BY BENJAMIN WESOLOWSKI FROM EPFL, SWITZERLAND AN INTRODUCTION TO ISOGENY GRAPHS

770 views • 63 slides
Integrated Electromagnetic and Geochemical methods applied to volcanic hydrothermal systems:

Integrated Electromagnetic and Geochemical methods applied to volcanic hydrothermal systems:

Integrated Electromagnetic and Geochemical methods applied to volcanic hydrothermal systems: Application to Taal volcano (Philippines) EMSEV-2008, Sinaia, Romania (EMSEV activities: http://www.emsev-iugg.org/emsev/) J. Zlotnicki 1 , Y. Sasai 2 ,

681 views • 33 slides
On the Security of Supersingular Isogeny Cryptosystems Yan Bo Ti Department of Mathematics,

On the Security of Supersingular Isogeny Cryptosystems Yan Bo Ti Department of Mathematics,

On the Security of Supersingular Isogeny Cryptosystems Yan Bo Ti Department of Mathematics, University of Auckland AsiaCrypt 2016, 5th of December 1/17 Outline Joint work with Steven Galbraith , Christophe Petit and Barak Shani . 1

242 views • 23 slides
Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ July 29 August 29,

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ July 29 August 29,

Isogeny graphs in cryptography Luca De Feo Universit Paris Saclay, UVSQ July 29 August 29, 2019 Cryptography meets Graph Theory Wrzburg, Franken, Germany Luca De Feo (U Paris Saclay) Isogeny graphs in cryptography Jul 29Aug 2,

1.99k views • 174 slides
What is a volcano? A point on the earths crust where magma forces its way to the surface

What is a volcano? A point on the earths crust where magma forces its way to the surface

What is a volcano? A point on the earths crust where magma forces its way to the surface Ash and gases may also escape Where do they occur? On subduction zones On constructive plate boundaries On hot spots What types of

932 views • 25 slides
Sleeping in the volcano ECC Rump Session Damien Robert (Slides done under pressure by Ben

Sleeping in the volcano ECC Rump Session Damien Robert (Slides done under pressure by Ben

Sleeping in the volcano ECC Rump Session Damien Robert (Slides done under pressure by Ben looking for guinea pigs for the xtomato program) 19/09/2011 (Nancy) Sleep sort New breakthrough algorithm for sorting a list of integers. #!/bin/sh for

458 views • 11 slides
Supersingular Isogeny Key Encapsulation Presented by David Jao University of Waterloo and

Supersingular Isogeny Key Encapsulation Presented by David Jao University of Waterloo and

Supersingular Isogeny Key Encapsulation Presented by David Jao University of Waterloo and evolutionQ, Inc. Full list of submitters: Reza Azarderakhsh, FAU Amir Jalali, LinkedIn Michael Naehrig, MSR Matt Campagna, Amazon David Jao, UW

365 views • 10 slides
Summary Chart- Use this during the Presentations Tropical Cyclone Volcano What is it? What

Summary Chart- Use this during the Presentations Tropical Cyclone Volcano What is it? What

Summary Chart- Use this during the Presentations Tropical Cyclone Volcano What is it? What causes it? Areas of the world where it occurs Possible effects Warning systems Other important information Summary Chart- Use during the

76 views • 3 slides
Municipal Prepayment Structure Applied Solutions Annual Conference: Adapting Existing Financial

Municipal Prepayment Structure Applied Solutions Annual Conference: Adapting Existing Financial

Municipal Prepayment Structure Applied Solutions Annual Conference: Adapting Existing Financial Instruments Bolder, Colorado November 11, 2010 Presented by John Wang Municipal Prepayment Structure (contd) Introduction Municipal finance

145 views • 11 slides

More recommend