Related papers: Accelerating the CM method

We present a space-efficient algorithm to compute the Hilbert class polynomial H_D(X) modulo a positive integer P, based on an explicit form of the Chinese Remainder Theorem. Under the Generalized Riemann Hypothesis, the algorithm uses…

Elliptic curves with a known number of points over a given prime field with n elements are often needed for use in cryptography. In the context of primality proving, Atkin and Morain suggested the use of the theory of complex multiplication…

We present and analyze two algorithms for computing the Hilbert class polynomial $H_D$ . The first is a p-adic lifting algorithm for inert primes p in the order of discriminant D < 0. The second is an improved Chinese remainder algorithm…

We analyse the complexity of computing class polynomials, that are an important ingredient for CM constructions of elliptic curves, via complex floating point approximations of their roots. The heart of the algorithm is the evaluation of…

We will describe an algorithm to construct an elliptic curve $E_{f_q}$ over some prime field $\mathbb{F}_p$ such that such that $|E_{f_q}(\mathbb{F}_p)| = f_q$, where $f_q$ is a probable Fibonacci prime for some prime index $q$. The…

We describe deterministic and probabilistic algorithms to determine whether or not a given monic irreducible polynomial H in Z[X] is a Hilbert class polynomial, and if so, which one. These algorithms can be used to determine whether a given…

For E/k an elliptic curve with CM by O, we determine a formula for (a generalization of) the arithmetic local constant of [4] at almost all primes of good reduction. We apply this formula to the CM curves defined over Q and are able to…

Assuming GRH, we present an algorithm which inputs a prime $p$ and outputs the set of fundamental discriminants $D<0$ such that the reduction map modulo a prime above $p$ from elliptic curves with CM by $\order_{D}$ to supersingular…

Assuming the Generalized Riemann Hypothesis, we design a deterministic algorithm that, given a prime p and positive integer m=o(sqrt(p)/(log p)^4), outputs an elliptic curve E over the finite field F_p for which the cardinality of E(F_p) is…

Let O be a maximal order in the quaternion algebra B_p over Q ramified at p and infinity. The paper is about the computational problem: Construct a supersingular elliptic curve E over F_p such that End(E) = O. We present an algorithm that…

Let E be an elliptic curve having complex multiplication by a given quadratic order of an imaginary quadratic field K. The field of definition of E is the ring class field Omega of the order. If the prime p splits completely in Omega, then…

We present an algorithm that, on input of a positive integer N together with its prime factorization, constructs a finite field F and an elliptic curve E over F for which E(F) has order N. Although it is unproved that this can be done for…

We present a very efficient algorithm to construct an elliptic curve E and a finite field F such that the order of the point group E(F) is a given prime number N. Heuristically, this algorithm only takes polynomial time Otilde((\log N)^3),…

The complexity of the elliptic curve method of factorization (ECM) is proven under the celebrated conjecture of existence of smooth numbers in short intervals. In this work we tackle a different version of ECM which is actually much more…

In this paper, we propose the use of Ramanujan class of polynomials for the construction of prime order elliptic curves using the CM-method. We compare (theoretically and experimentally) the efficiency of using this new class against the…

Elliptic curves over finite fields with predefined conditions in the order are practically constructed using the theory of complex multiplication. The stage with longest calculations in this method reconstructs some polynomial with integer…

We consider a quantum polynomial-time algorithm which solves the discrete logarithm problem for points on elliptic curves over $GF(2^m)$. We improve over earlier algorithms by constructing an efficient circuit for multiplying elements of…

For the integer $ D=pq$ of the product of two distinct odd primes, we construct an elliptic curve $E_{2rD}:y^2=x^3-2rDx$ over $\mathbb Q$, where $r$ is a parameter dependent on the classes of $p$ and $q$ modulo 8, and show, under the parity…

The elliptic curve method (ECM) is one of the best factorization methods available. It is possible to use hyperelliptic curves instead of elliptic curves but it is in theory slower. We use special hyperelliptic curves and Kummer surfaces to…

Let $\mathcal{O}$ be an order in the imaginary quadratic field $K$. For positive integers $M \mid N$, we determine the least degree of an $\mathcal{O}$-CM point on the modular curve $X(M,N)_{/K(\zeta_M)}$ and also on the modular curve…