Improved Sieving on Algebraic Curves
The best algorithms for discrete logarithms in Jacobians of algebraic curves of small genus are based on index calculus methods coupled with large prime variations. For hyperelliptic curves, relations are obtained by looking for reduced divisors with smooth Mumford representation (Gaudry); for non-hyperelliptic curves it is faster to obtain relations using special linear systems of divisors (Diem, Kochinke). Recently, Sarkar and Singh have proposed a sieving technique, inspired by an earlier work of Joux and Vitse, to speed up the relation search in the hyperelliptic case. We give a new description of this technique, and show that this new formulation applies naturally to the non-hyperelliptic case with or without large prime variations. In particular, we obtain a speed-up by a factor approximately 3 for the relation search in Diem and Kochinke’s methods.
KeywordsDiscrete logarithm Index calculus Algebraic curves Curve-based cryptography
We would like to thank the anonymous referees for their useful comments during the elaboration of the article.
- 3.Diem, C., Kochinke, S.: Computing discrete logarithms with special linear systems (2013). http://www.math.uni-leipzig.de/diem/preprints/dlp-linear-systems.pdf
- 10.Sarkar, P., Singh, S.: A new method for decomposition in the Jacobian of small genus hyperelliptic curves. Cryptology ePrint Archive, Report 2014/815 (2014)Google Scholar