Cryptology ePrint Archive: Report 2009/100

Computing the endomorphism ring of an ordinary elliptic curve over a finite field

Gaetan Bisson and Andrew V. Sutherland

Abstract: We present two algorithms to compute the endomorphism ring of an ordinary elliptic curve E defined over a finite field F_q. Under suitable heuristic assumptions, both have subexponential complexity. We bound the complexity of the first algorithm in terms of log q, while our bound for the second algorithm depends primarily on log |D_E|, where D_E is the discriminant of the order isomorphic to End(E). As a byproduct, our method yields a short certificate that may be used to verify that the endomorphism ring is as claimed.

Category / Keywords:

Date: received 26 Feb 2009, last revised 17 Mar 2009

Contact author: gaetan bisson at loria fr

Available formats: PDF | BibTeX Citation

Version: 20090317:164048 (All versions of this report)

Discussion forum: Show discussion | Start new discussion