Efficient CM-constructions of elliptic curves over finite fields

Bröker, Reinier; Stevenhagen, Peter

doi:10.1090/S0025-5718-07-01980-1

Efficient CM-constructions of elliptic curves over finite fields
HTML articles powered by AMS MathViewer

by Reinier Bröker and Peter Stevenhagen;

Math. Comp. 76 (2007), 2161-2179

DOI: https://doi.org/10.1090/S0025-5718-07-01980-1

Published electronically: May 3, 2007

PDF | Request permission

Abstract:

We present an algorithm that, on input of an integer $N\ge 1$ together with its prime factorization, constructs a finite field $\mathbf {F}$ and an elliptic curve $E$ over $\mathbf {F}$ for which $E({\mathbf {F} })$ has order $N$. Although it is unproved that this can be done for all $N$, a heuristic analysis shows that the algorithm has an expected run time that is polynomial in $2^{\omega (N)}\log N$, where $\omega (N)$ is the number of distinct prime factors of $N$. In the cryptographically relevant case where $N$ is prime, an expected run time $O((\log N)^{4+\varepsilon })$ can be achieved. We illustrate the efficiency of the algorithm by constructing elliptic curves with point groups of order $N=10^{2004}$ and $N=\text {nextprime}(10^{2004})=10^{2004}+4863$.

References

Manindra Agrawal, Neeraj Kayal, and Nitin Saxena, PRIMES is in P, Ann. of Math. (2) 160 (2004), no. 2, 781–793. MR 2123939, DOI 10.4007/annals.2004.160.781
R. C. Baker, G. Harman, and J. Pintz, The difference between consecutive primes. II, Proc. London Math. Soc. (3) 83 (2001), no. 3, 532–562. MR 1851081, DOI 10.1112/plms/83.3.532
D. Bernstein, Proving primality in essentially quartic random time, Math. Comp., to appear.
R. Bröker, Constructing elliptic curves of prescribed order, Ph.D. Thesis, Universiteit Leiden, 2006. See www.math.leidenuniv.nl/scripties/Broker.pdf.
Reinier Bröker and Peter Stevenhagen, Elliptic curves with a given number of points, Algorithmic number theory, Lecture Notes in Comput. Sci., vol. 3076, Springer, Berlin, 2004, pp. 117–131. MR 2137348, DOI 10.1007/978-3-540-24847-7_{8}
J. Buhler, S. Wagon, Basic algorithms in number theory, Surveys in Algorithmic Number Theory, Cambridge University Press, 2006.
Henri Cohen, A course in computational algebraic number theory, Graduate Texts in Mathematics, vol. 138, Springer-Verlag, Berlin, 1993. MR 1228206, DOI 10.1007/978-3-662-02945-9
Jean-Marc Couveignes and Thierry Henocq, Action of modular correspondences around CM points, Algorithmic number theory (Sydney, 2002) Lecture Notes in Comput. Sci., vol. 2369, Springer, Berlin, 2002, pp. 234–243. MR 2041087, DOI 10.1007/3-540-45455-1_{1}9
A. Enge, The complexity of class polynomial computations via floating point approximations, preprint, January 2006.
Joachim von zur Gathen and Jürgen Gerhard, Modern computer algebra, Cambridge University Press, New York, 1999. MR 1689167
Pierrick Gaudry, A comparison and a combination of SST and AGM algorithms for counting points of elliptic curves in characteristic 2, Advances in cryptology—ASIACRYPT 2002, Lecture Notes in Comput. Sci., vol. 2501, Springer, Berlin, 2002, pp. 311–327. MR 2087393, DOI 10.1007/3-540-36178-2_{2}0
Alice Gee and Peter Stevenhagen, Generating class fields using Shimura reciprocity, Algorithmic number theory (Portland, OR, 1998) Lecture Notes in Comput. Sci., vol. 1423, Springer, Berlin, 1998, pp. 441–453. MR 1726092, DOI 10.1007/BFb0054883
Aleksandar Ivić, The Riemann zeta-function, A Wiley-Interscience Publication, John Wiley & Sons, Inc., New York, 1985. The theory of the Riemann zeta-function with applications. MR 792089
Kiran S. Kedlaya, Counting points on hyperelliptic curves using Monsky-Washnitzer cohomology, J. Ramanujan Math. Soc. 16 (2001), no. 4, 323–338. MR 1877805
Elisavet Konstantinou, Yannis C. Stamatiou, and Christos Zaroliagis, On the construction of prime order elliptic curves, Progress in cryptology—INDOCRYPT 2003, Lecture Notes in Comput. Sci., vol. 2904, Springer, Berlin, 2003, pp. 309–322. MR 2092390, DOI 10.1007/978-3-540-24582-7_{2}3
Georg-Johann Lay and Horst G. Zimmer, Constructing elliptic curves with given group order over large finite fields, Algorithmic number theory (Ithaca, NY, 1994) Lecture Notes in Comput. Sci., vol. 877, Springer, Berlin, 1994, pp. 250–263. MR 1322728, DOI 10.1007/3-540-58691-1_{6}4
H. W. Lenstra Jr. and Carl Pomerance, A rigorous time bound for factoring integers, J. Amer. Math. Soc. 5 (1992), no. 3, 483–516. MR 1137100, DOI 10.1090/S0894-0347-1992-1137100-0
H. W. Lenstra, C. Pomerance, Primality testing with Gaussian periods, To appear.
P. Mihăilescu, R. M. Avanzi, Efficient ‘quasi’-deterministic primalisty test improving AKS, preprint (2003).
F. Morain, Implementing the asymptotically fast version of the elliptic curve primality proving algorithm, preprint, arXiv:math.NT/0502097 (2005).
Takakazu Satoh, The canonical lift of an ordinary elliptic curve over a finite field and its point counting, J. Ramanujan Math. Soc. 15 (2000), no. 4, 247–270. MR 1801221
Erkay Savaş, Thomas A. Schmidt, and Çetin K. Koç, Generating elliptic curves of prime order, Cryptographic hardware and embedded systems—CHES 2001 (Paris), Lecture Notes in Comput. Sci., vol. 2162, Springer, Berlin, 2001, pp. 142–158. MR 1945401, DOI 10.1007/3-540-44709-1_{1}3
Reinhard Schertz, Weber’s class invariants revisited, J. Théor. Nombres Bordeaux 14 (2002), no. 1, 325–343 (English, with English and French summaries). MR 1926005
René Schoof, Elliptic curves over finite fields and the computation of square roots mod $p$, Math. Comp. 44 (1985), no. 170, 483–494. MR 777280, DOI 10.1090/S0025-5718-1985-0777280-6
René Schoof, Counting points on elliptic curves over finite fields, J. Théor. Nombres Bordeaux 7 (1995), no. 1, 219–254. Les Dix-huitièmes Journées Arithmétiques (Bordeaux, 1993). MR 1413578
Joseph H. Silverman, The arithmetic of elliptic curves, Graduate Texts in Mathematics, vol. 106, Springer-Verlag, New York, 1986. MR 817210, DOI 10.1007/978-1-4757-1920-8
Peter Stevenhagen, Hilbert’s 12th problem, complex multiplication and Shimura reciprocity, Class field theory—its centenary and prospect (Tokyo, 1998) Adv. Stud. Pure Math., vol. 30, Math. Soc. Japan, Tokyo, 2001, pp. 161–176. MR 1846457, DOI 10.2969/aspm/03010161
H. P. F. Swinnerton-Dyer, An application of computing to class field theory, Algebraic Number Theory (Proc. Instructional Conf., Brighton, 1965) Academic Press, London, 1967, pp. 280–291. MR 219514