Paper 2003/094

Trace Zero Subvariety for Cryptosystems

Tanja Lange

Abstract

We present a kind of group suitable for cryptographic applications: the trace zero subvariety. The construction is based on Weil descent from curves of genus two over extension fields $\F_{p^n}$, $n=3$. On the Jacobian of the curve the group can be seen as a prime order subgroup, however, considering the construction as Weil descent we can argue that the security is equivalent to that of groups based on low-genus hyperelliptic curves over prime fields. The advantage is that the complexity to compute scalar multiples is lower, as one can make use of the Frobenius endomorphism of the initial curve. Thus the trace zero subvariety can be used efficiently in protocols based on the discrete logarithm problem.

Note: Nicer picture

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. submitted
Keywords
Public key cryptographydiscrete logarithmhyperelliptic curvesabelian varietiesFrobenius endomorphismfast arithmetic
Contact author(s)
lange @ itsc rub de
History
2003-05-22: revised
2003-05-17: received
See all versions
Short URL
https://ia.cr/2003/094
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2003/094,
      author = {Tanja Lange},
      title = {Trace Zero Subvariety for Cryptosystems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2003/094},
      year = {2003},
      url = {https://eprint.iacr.org/2003/094}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.