Construction of Secure Random Curves of Genus 2 over Prime Fields

  • Pierrick Gaudry
  • Éric Schost
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3027)


For counting points of Jacobians of genus 2 curves defined over large prime fields, the best known method is a variant of Schoof’s algorithm. We present several improvements on the algorithms described by Gaudry and Harley in 2000. In particular we rebuild the symmetry that had been broken by the use of Cantor’s division polynomials and design a faster division by 2 and a division by 3. Combined with the algorithm by Matsuo, Chao and Tsujii, our implementation can count the points on a Jacobian of size 164 bits within about one week on a PC.


  1. 1.
    Adleman, L., Huang, M.-D.: Counting points on curves and abelian varieties over finite fields. J. Symbolic Comput. 32, 171–189 (2001)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Aho, A., Steiglitz, K., Ullman, J.D.: Evaluating polynomials at fixed sets of points. SIAM J. Comput. 4(4), 533–539 (1975)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Bosma, W., Cannon, J.: Handbook of Magma functions (1997),
  4. 4.
    Bostan, A., Flajolet, P., Salvy, B., Schost, É.: Fast computation with two algebraic numbers. Technical Report 4579, INRIA (2002)Google Scholar
  5. 5.
    Bostan, A., Gaudry, P., Schost, É.: Linear recurrences with polynomial coefficients and computation of the Cartier-Manin operator on hyperelliptic curves (2003); To appear in Proceedings Fq’7Google Scholar
  6. 6.
    Brent, R., Kung, H.: Fast algorithms for manipulating formal power series. J. ACM 25, 581–595 (1978)MATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Cantor, D.G.: Computing in the Jacobian of an hyperelliptic curve. Math. Comp. 48(177), 95–101 (1987)MATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    Cantor, D.G.: On the analogue of the division polynomials for hyperelliptic curves. J. Reine Angew. Math. 447, 91–145 (1994)MATHMathSciNetCrossRefGoogle Scholar
  9. 9.
    Gaudry, P.: NTLJac2, Tools for genus 2 Jacobians in NTL,
  10. 10.
    Gaudry, P., Gürel, N.: Counting points in medium characteristic using Kedlaya’s algorithm. To appear in Experiment. Math.Google Scholar
  11. 11.
    Gaudry, P., Harley, R.: Counting points on hyperelliptic curves over finite fields. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 313–332. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Gaudry, P., Schost, É.: Modular equations for hyperelliptic curves. To appear in Math. Comp.Google Scholar
  13. 13.
    Gaudry, P., Schost, É.: A low-memory parallel version of Matsuo, Chao and Tsujii’s algorithm. To appear in ANTS VIGoogle Scholar
  14. 14.
    Hanrot, G., Morain, F.: Solvability of radicals from an algorithmic point of view. In: ISSAC 2001, pp. 175–182. ACM Press, New York (2001)CrossRefGoogle Scholar
  15. 15.
    Hindry, M., Silverman, J.: Diophantine geometry. An introduction Graduate Texts in Mathematics, vol. 201. Springer, Heidelberg (2000)MATHGoogle Scholar
  16. 16.
    Huang, M.-D., Ierardi, D.: Counting points on curves over finite fields. J. Symbolic Comput. 25, 1–21 (1998)CrossRefMathSciNetGoogle Scholar
  17. 17.
    Kaltofen, E., Shoup, V.: Fast polynomial factorization over high algebraic extensions of finite fields. In: Kuchlin, W. (ed.) ISSAC 1997, pp. 184–188. ACM Press, New York (1997)CrossRefGoogle Scholar
  18. 18.
    Kampkötter, W.: Explizite Gleichungen für Jacobische Varietäten hyperelliptischer Kurven. PhD thesis, Universität Gesamthochschule Essen (August 1991)Google Scholar
  19. 19.
    Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves (2003) (preprint)Google Scholar
  20. 20.
    Lercier, R., Lubicz, D.: A quasi quadratic time algorithm for hyperelliptic curve point counting (preprint)Google Scholar
  21. 21.
    Matsuo, K., Chao, J., Tsujii, S.: An improved baby step giant step algorithm for point counting of hyperelliptic curves over finite fields. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 461–474. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  22. 22.
    Menezes, A., Wu, Y.-H., Zuccherato, R.: An elementary introduction to hyperelliptic curves. In: Koblitz, N. (ed.) Algebraic aspects of cryptography, pp. 155–178. Springer, Heidelberg (1997)Google Scholar
  23. 23.
    Mestre, J.-F.: Utilisation de l’AGM pour le calcul de E(F2n). Letter to Gaudry and Harley (December 2000)Google Scholar
  24. 24.
    Milne, J.S.: Abelian varieties. In: Cornell, G., Silverman, J.H. (eds.) Arithmetic Geometry, pp. 103–150. Springer, Heidelberg (1986)Google Scholar
  25. 25.
    Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic curve cryptosystems: Closing the performance gap to elliptic curves (2003) (preprint)Google Scholar
  26. 26.
    Pila, J.: Frobenius maps of abelian varieties and finding roots of unity in finite fields. Math. Comp. 55(192), 745–763 (1990)MATHMathSciNetCrossRefGoogle Scholar
  27. 27.
    Schoof, R.: Elliptic curves over finite fields and the computation of square roots mod p. Math. Comp. 44, 483–494 (1985)MATHMathSciNetGoogle Scholar
  28. 28.
    Schost, É.: Complexity results for triangular sets. J. Symbolic Comput. 36, 555–594 (2003)MATHCrossRefMathSciNetGoogle Scholar
  29. 29.
    Shoup, V.: NTL: A library for doing number theory,
  30. 30.
    Shoup, V.: A new polynomial factorization algorithm and its implementation. J. Symbolic Comput. 20, 363–397 (1995)MATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    Vercauteren, F.: Computing Zeta functions of hyperelliptic curves over finite fields of characteristic 2. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 369–384. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  32. 32.
    von zur Gathen, J., Gerhard, J.: Modern computer algebra. Cambridge University Press, Cambridge (1999)MATHGoogle Scholar
  33. 33.
    von, J., von zur Gathen, J., Shoup, V.: Computing Frobenius maps and factoring polynomials. Comput. Complexity 2, 187–224 (1992)MATHCrossRefMathSciNetGoogle Scholar
  34. 34.
    Weng, A.: Constructing hyperelliptic curves of genus 2 suitable for cryptography. Math. Comp. 72, 435–458 (2003)MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Pierrick Gaudry
    • 1
  • Éric Schost
    • 2
  1. 1.Laboratoire LIX, École polytechniqueFrance
  2. 2.Laboratoire STIX, École polytechniqueFrance

Personalised recommendations