DOCSLIB.ORG

Reduction of Superelliptic Riemann Surfaces

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Reduction of Superelliptic Riemann Surfaces Contemporary Mathematics Reduction of superelliptic Riemann surfaces Tanush Shaska Abstract. For a superelliptic curve X , defined over Q, let p denote the cor- responding moduli point in the weighted moduli space. We describe a method how to determine a minimal integral model of X such that: i) the correspond- ing moduli point p has minimal weighted height, ii) the equation of the curve has minimal coefficients. Part i) is accomplished by reduction of the moduli point which is equivalent with obtaining a representation of the moduli point p with minimal weighted height, as defined in [1], and part ii) by the classical reduction of the binary forms. 1. Introduction Let k be an algebraic number field and Ok its ring of integers. The isomorphism class of a smooth, irreducible algebraic curve X defined over Ok is determined by its set of invariants which are homogenous polynomials in terms of the coefficients of X . When X is a superelliptic curve, as defined in [13], these invariants are generators of the invariant ring of binary forms of fixed degree. Such invariant rings are theoretically well understood and their generators have been known explicitly for degree d ≤ 8 due to work of classical invariant theorists such as Clebsch, Bolza, Gordan, van Gall, et al. In the last two decades computational invariant theory has been revived and have been attempts to compute such generators for higher degree binary forms. Given a binary form f(x; y), there are two main reduction problems (equiv- alently for superelliptic curves). Determine g(x; y), SL2(k)-equivalent to f(x; y), such that g(x; y) has minimal: a) invariants b) coefficients Explaining what minimal means will be the main focus of this paper. Completing of each task we will call reduction type a) and reduction type b). Reduction a) described in this paper, to the best of our knowledge is new and has not appeared in the literature before, apart from elliptic curves in the work of Birch and Swinnerton-Dyer as explained below (cf. Section 3.2.1). Reduction b) is explained in details in Section4 and is based on work of G. Julia [ 12]. For the purposes of this paper we will focus on the case when k = Q, even though the majority of results follow for any number field k. Key words and phrases. Superelliptic curve and Minimal invariants and weighted height. 1 2 TANUSH SHASKA 1.1. Reduction a): Minimality of the moduli point. Let X be a su- perelliptic curve defined over a field k given by an affine equation zn = f(x) with coefficients in Ok. There are two questions at hand: i) determine an equation of 0 a curve X , defined over Ok and k-isomorphic to X , with smallest invariants, ii) " ¯ determine the equation of a curve X , defined over Ok and k-isomorphic to X with smallest invariants, in other words the twist of X with smallest invariants. The isomorphism class of X correspond to the equivalence class of a binary form f(x; y). Thus, the isomorphism classes of superelliptic curves are determined by the set of generators of the ring of invariants Rd of degree d ≥ 2 binary forms, in other words by SL2(Ok)-invariants. By Hilbert's basis theorem Rd is finitely generated. Let I0, ::: , In be the generators of Rd such that the homogenous degree of Ii is qi for each i = 0; : : : ; n. We denote by I := (I0;:::;In) the tuple of invariants and by I(f) = (I0(f);:::;In(f)) such invariants evaluated at the binary form f. The corresponding set of invariants I(f) is a point in the weighted projective space n WPw(k) with weights w = (q0; : : : ; qn); see [15] or [1] for details. The weighted moduli point corresponding to X is p = [I(f)]. We denote the weighted greatest common divisor of the weighted tuple I(f) by wgcd(I(f)) and by wgcd(I(f)) its absolute weighted greatest common divisor; see [1]. The curve X is said to have a minimal model over Ok when it has minimal height in the weighted moduli n space WPw(k). In other words, when the weighted valuation of the tuple I(f) for each prime p 2 Ok, valp(I(f)) := max fνp(Ii(f)) for all i = 0; : : : ; ng is minimal, where νp(Ii(f)) is the valuation at p of Ii(f). The weighted moduli point p = [I(f)] is called normalized when wgcd(I(f)) is 1. A given curve X which has normalized moduli point (cf. ??) is already in the minimal model. Our main result is Thm.5, which says that the minimal models of superelliptic curves exist. Moreover, an equation X : zmyd−m = f(x; y) is a minimal model over Ok, if for every prime p 2 Ok which divides p j wgcd (I(f)), the valuation d valp of I(f) at p satisfies valp(I(f)) < qi, for all i = 0; : : : ; n. Moreover, for 2j k j k dq0 dqn λ = wgcd(I(f)) with respect the weights 2 ;:::; 2 the transformation d x m (x; y; z) ! λ ; y; λ z gives the minimal model of X over Ok. If mjd then this isomorphism is defined over k. Such minimal integral models can be found not only up to k-isomorphisms, but also over its algebraic closure k¯. We call them minimal twists. In Thm.7 we prove that minimal twists of superelliptic curves exist. An equation X : zmyd−m = f(x; y) is a minimal twist over Ok, if for every prime p 2 Ok which divides d p j wgcd (I(f)), the valuation valp of I(f) at p satisfies valp(I(f)) < 2 qi, for all i = 0; : : : ; n. The result in Thm.5 makes it possible to create a database of su- perelliptic curves defined over Ok, by storing only the curves with minimal weighted moduli point. The result in Thm.7 does this also for all their twists as well. Our motivation of exploring such reduction came from computational issues for genus 2 curves; see [2]. The idea of weighted heights and weighted greatest common divisors were developed in [1] and the moduli reduction was first developed in [13]. n 1.2. Reduction b): Minimality of coefficients. Let p 2 WPw(Q) be a reduced point via reduction a) and X the corresponding superelliptic curve with equation zn = f(x) over some minimal field of definition k. Determining such equation is part of the math folklore for elliptic curves. For genus 2 such equation is determined in [16] for curves with automorphism group of order 2, in [21, Lemma 3] REDUCTION OF SUPERELLIPTIC RIEMANN SURFACES 3 where the group is the dihedral group D4 or D6, and in [22, Theorem 3] for all groups of order > 2. Recently in [14] a universal equation for all genus 2 curves is given. One of the main concerns when obtaining such equations is to have coefficients as small as possible. This comes down to what historically is referred to as reduction of binary forms and goes back to Hermite for quadratic forms and Julia [12] for cubic forms. In [24] such reduction was considered again for cubics and quartics. We briefly explain below. Let f(x; y) be a degree d ≥ 2 binary form with real coefficients. Then its Julia quadratic Jf is defined as in Eq. (15). It is a positive definite quadratic and therefore has one root in the upper-half complex plane H2, say αf . Since J(f) is SL2(Z)-covariant, then bringing αf to the fundamental domain F by a matrix M M M 2 SL2(Z), induces an action f ! f on binary forms. The form f is called reduction of f. A detailed description of reduction b) is intended in [20]. 1.3. Birch and Swinnerton-Dyer computations. After the first draft of this paper was written we discovered that a reduction combining both methods described above had been used in the seminal paper of Birch and Swinnerton-Dyer in [7] and [8] for computations with elliptic curves. While the case of the elliptic curves is simpler, it is also the only case that is fully understood, since only for cubics and quartics we have precise results of the Julia reduction as described in the work of Cremona and Stoll in [24] and further explored by Beshaj in [4] and [5] as remarked above. The initial computations in [7] start with reduction a). Let f(x; y) = ax4+bx3+ 2 cx +dx+e, where a; b; c; d; e are rational integers, and I4;I6 its invariants. If p 2 Z is a prime such that p 6= 2; 3, and pj wgcd 4;6(I4;I6), there there a quartic integral −4 −6 binary form g(x; y), SL2(Z) equivalent to f(x; y) with invariants (p I4; p I6). Birch and Swinnerton-Dyer go to a case by case analysis to prove this result; see [7, Lemma 3]. However, this is an immediate consequence of the reduction a) described in Section 3.2. Lemma 4 and Lemma 5 in [7] give the reduction for p = 2 and 3 respectively. In Section 3.2.1 we give a quick recap of Birch and Sinnerton-Dyer spectacular results. The minimal integral models that we determine in this paper give the "nicest" equation of the paper over a global field, since the corresponding invariants are non-zero for as many primes p 2 Ok as possible. It is a topic of interest to explore the stability of such curves.
Load more

Recommended publications
  • From Hyperelliptic to Superelliptic Curves
    From hyperelliptic to superelliptic curves T. Shaska Oakland University Rochester, MI, 48309 September 16, 2017 T. Shaska ( Oakland University Rochester, MI, 48309 ) From hyperelliptic to superelliptic curves September 16, 2017 1 / 27 Outline 1 Preliminaries Algebraic curves Riemann surfaces Automorphism groups 2 Superelliptic curves over C Automorphisms of superelliptic curves Recovering a curve from a moduli point 3 Superelliptic curves over Q On the field of moduli of superelliptic curves Curves with minimal discriminant Minimal equations and reduction theory A database of algebraic curves T. Shaska ( Oakland University Rochester, MI, 48309 ) From hyperelliptic to superelliptic curves September 16, 2017 2 / 27 Preliminaries Algebraic curves Algebraic curves: An irreducible projective curve defined over a field k = k¯ is called the set of zeroes of the following irreducible homogenous polynomial F(x; y; z) 2 k[x; y; z]. We normally say: Given the curve C C : F(x; y; z) = 0 The coordinate ring of C is k[C] := k[x; y; z]=(F). The function field of C is defined as n g o k(C) := g; h 2 k[C] are forms of the same degree and h 6= 0 h A rational map between two curves φ : C1 : F1(x; y; z) = 0 ! C2 : F2(x; y; z) = 0 is a map given by (x; y; z) ! (f1(x; y; z); f2(x; y; z); f3(x; y; z)) where f1; f2; f3 are homogenous polynomials such that: 1 f1; f2; f3 and all have the same degree. 2 There is a P 2 C1 such that not all fi (P) = 0.
    [Show full text]
  • Efficient Point-Counting Algorithms for Superelliptic Curves
    Efficient Point-Counting Algorithms for Superelliptic Curves Matthew Hase-Liu Abstract In this paper, we present efficient algorithms for computing the number of points and the order of the Jacobian group of a superelliptic curve over finite fields of prime order p: Our method employs the Hasse-Weil bounds in conjunction with the Hasse- Witt matrix for superelliptic curves, whose entries we express in terms of multinomial coefficients. We present a fast algorithm for counting points on specific trinomial superelliptic curves and a slower, more general method for all superelliptic curves. For the first case, we reduce the problem of simplifying the entries of the Hasse-Witt matrix modulo p to a problem of solving quadratic Diophantine equations. For the second case, we extend Bostan et al.’s method for hyperelliptic curves to general superelliptic curves. We believe the methods we describe are asymptotically the most efficient known point-counting algorithms for certain families of trinomial superelliptic curves. 1 1 Introduction In this paper, we present and prove asymptotics for the fastest known algorithms for counting the number of points on certain families of possibly singular plane curves. A central problem in number theory is the study of rational solutions of polynomial equations. Even before the development of algebra, the Greeks were interested in systematically determining all rational solutions to the Pythagorean equation: a2 +b2 = c2: More recently, Andrew Wiles proved Fermat’s Last Theorem, which states that Fermat’s equation, an +bn = cn; has no nontrivial rational solutions — a problem that had withstood over 350 years of effort by mathematicians.
    [Show full text]
  • The Case for Superelliptic Curves
    The case for superelliptic curves L. BESHAJ a T. SHASKA b E. ZHUPA c a Department of Mathematics, Oakland University, Rochester, MI, USA; E-mail: [email protected] b Department of Mathematics, Oakland University, Rochester, MI, USA; E-mail: [email protected] c Department of Computer Science, University of Information Science and Technology ”St. Paul the Apostle”, Ohrid, Republic of Macedonia; E-mail: [email protected] Abstract. There is a natural question to ask whether the rich mathemat- ical theory of the hyperelliptic curves can be extended to all superellip- tic curves. Moreover, one wonders if all of the applications of hyperellip- tic curves such as cryptography, mathematical physics, quantum com- putation, diophantine geometry, etc can carry over to the superelliptic curves. In this short paper we make the case that the superelliptic curves are exactly the curves that one should study Keywords. hyperelliptic curves, superelliptic curves, moduli space 1. Introduction This lecture is intended to be a motivation for the study of superelliptic curves arXiv:1502.07249v1 [math.AG] 25 Feb 2015 which were the main focus of the NATO Advanced Study Institute held in Ohrid, Macedonia in the Summer 2014. While the scope of interesting mathematical problems related to superelliptic curves is very broad and the applications include different areas of sciences, in this paper we focus on few of the arithmetic problems related to the moduli space of curves, automorphisms groups, minimal models of curves, and rational points on curves with the intention to emphasize the methods of extending the knowledge of hyperelliptic curves to all superelliptic curves.
    [Show full text]
  • ON SUPERELLIPTIC CURVES of LEVEL N and THEIR QUOTIENTS, I
    ALBANIAN JOURNAL OF MATHEMATICS Volume 5, Number 3, Pages 115{137 ISSN: 1930-1235; (2011) ON SUPERELLIPTIC CURVES OF LEVEL n AND THEIR QUOTIENTS, I. Lubjana Beshaj Department of Mathematics and Statistics, Oakland University, Rochester, MI, 48309. Email: [email protected] Valmira Hoxha Department of Mathematics and Statistics, Oakland University, Rochester, MI, 48309. Email: [email protected] Tony Shaska Department of Mathematics and Statistics, Oakland University, Rochester, MI, 48309. Email: [email protected] Abstract. We study families of superelliptic curves with fixed automorphism groups. Such families are parametrized with invariants expressed in terms of the coefficients of the curves. Algebraic relations among such invariants deter- mine the lattice of inclusions among the loci of superelliptic curves and their field of moduli. We give a Maple package of how to compute the normal form of an superelliptic curve and its invariants. A complete list of all superelliptic curves of genus g ≤ 10 defined over any field of characteristic 6= 2 is given in a subsequent paper [3]. 1. Introduction Let Xg be an algebraic curve of genus g ≥ 2 defined over an algebraically closed field k of characteristic p 6= 2. What is the group of automorphisms of Xg over k? Given the group of automorphisms G of a genus g curve, can we determine the equation of the curve? These two questions have been studied for a long time and a complete answer is not known for either one. There are some families of 2000 Mathematics Subject Classification. 14H32, 14H37, 14K25. Key words and phrases. cyclic quotients, algebraic curves, automorphism groups.
    [Show full text]
  • Computing Period Matrices and the Abel-Jacobi Map of Superelliptic Curves Pascal Molin, Christian Neurohr
    Computing period matrices and the Abel-Jacobi map of superelliptic curves Pascal Molin, Christian Neurohr To cite this version: Pascal Molin, Christian Neurohr. Computing period matrices and the Abel-Jacobi map of superelliptic curves. Mathematics of Computation, American Mathematical Society, 2019. hal-02416012 HAL Id: hal-02416012 https://hal.inria.fr/hal-02416012 Submitted on 17 Dec 2019 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Computing period matrices and the Abel-Jacobi map of superelliptic curves Pascal Molin ,∗ Christian Neurohr † September 2017 Abstract We present an algorithm for the computation of period matrices and the Abel-Jacobi map of complex superelliptic curves given by an equation ym = f(x). It relies on rigorous numerical integration of differentials between Weierstrass points, which is done using Gauss method if the curve is hyperelliptic (m = 2) or the Double-Exponential method. The algorithm is implemented and makes it possible to reach thousands of digits accuracy even on large genus curves. 1 Introduction The Abel-Jacobi map links a complex curve to a complex torus. In particular the matrix of periods allows to define the Riemann theta function of the curve, which is an object of central interest in mathematics and physics: let us mention the theory of abelian functions or integration of partial differential equations.
    [Show full text]
  • Arithmetic on Jacobians of Algebraic Curves
    Universit´eBordeaux 1 Universit`adegli Studi di Padova MASTER ALGANT Master thesis Arithmetic on Jacobians of algebraic curves Student: Advisor: Giulio Di Piazza Damien Robert Academic year 2012-2013 Introduction In the last century, information security became of the utmost importance for human society. Initially it was used for military scope, but with the incoming of personal computers and with the increasing dependence on information technology for commercial and private use, also the general public needed to protect electronic data. Thus cryptography gained popularity. The symmetric systems, in which the two parties who want to communicate share a common secret key, are the oldest ones. They could be used in a not large organism where the secret keys could be shared without many issues. But with the advent of Internet these systems will no longer be usable for every context. In 1976 Diffie and Hellman proposed public-key systems. They are based on the so called one-way functions. Such a function is easy to compute, but the inverse cannot be computed in an acceptable time window. The "hard" mathe- matics problem, as the factorization of the product of two large prime and the Discrete Logarithm Problem, leads to construct a lot of one-way functions. Nowa- days there are subexponential algorithms that can attack these "hard" problems over a finite field. So that key size of about 2048 bits are required in order to keep secure information. In 1985 Koblitz and Miller proposed independently to use elliptic curves and their group law instead of finite fields. Nowadays a good cryptography system based on elliptic curve is exponential in the security parameters and we can use much smaller keys.
    [Show full text]
  • Efficient Point-Counting Algorithms for Superelliptic Curves
    EFFICIENT POINT-COUNTING ALGORITHMS FOR SUPERELLIPTIC CURVES MATTHEW HASE-LIU AND NICHOLAS TRIANTAFILLOU Abstract. In this paper, we present efficient algorithms for computing the number of points and the order of the Jacobian group of a superelliptic curve over finite fields of prime order p. Our method employs the Hasse-Weil bounds in conjunction with the Hasse-Witt matrix for superelliptic curves, whose entries we express in terms of multinomial coefficients. We present a fast algorithm for counting points on specific trinomial superelliptic curves and a slower, more general method for all superelliptic curves. For the first case, we reduce the problem of simplifying the entries of the Hasse-Witt matrix modulo p to a problem of solving quadratic Diophantine equations. For the second case, we extend Bostan et al.’s method for hyperelliptic curves to general superelliptic curves. We believe the methods we describe are asymptotically the most efficient known point-counting algorithms for certain families of trinomial superelliptic curves. 1. Introduction In this paper, we present and prove asymptotics for the fastest known algorithms for counting the number of points on certain families of possibly singular plane curves. A central problem in number theory is the study of rational solutions of polynomial equations. Even before the development of algebra, the Greeks were interested in systematically determining all rational solutions to the Pythagorean equation: a2+b2 = c2. More recently, Andrew Wiles proved Fermat’s Last Theorem, which states that Fermat’s equation, an+bn = cn, has no nontrivial rational solutions — a problem that had withstood over 350 years of effort by mathematicians.
    [Show full text]
  • From Hyperelliptic to Superelliptic Curves
    ALBANIAN JOURNAL OF MATHEMATICS Volume 13, Number 1, Pages 107–200 ISSN: 1930-1235; (2019) FROM HYPERELLIPTIC TO SUPERELLIPTIC CURVES A. MALMENDIER AND T. SHASKA Dedicated to the memory of Kay Magaard ABSTRACT. The theory of elliptic and hyperelliptic curves has been of crucial impor- tance in the development of algebraic geometry. Almost all fundamental ideas were first obtained and generalized from computations and constructions carried out for elliptic or hyperelliptic curves. In this long survey, we show that this theory can be extended naturally to all superel- liptic curves. We focus on automorphism groups, stratification of the moduli space Mg, binary forms, invariants of curves, weighted projective spaces, minimal models for superel- liptic curves, field of moduli versus field of definition, theta functions, Jacobian varieties, addition law in the Jacobian, isogenies among Jacobians, etc. Many recent developments on the theory of superelliptic curves are provided as well as many open problems. MSC 2010: 14-02, 14H10, 14H37, 14H40 KEYWORDS: Hyperelliptic curves, superelliptic curves CONTENTS 1. Introduction 108 Part 1. Curves and hyperelliptic curves 110 2. Algebraic curves and their function fields 110 3. Weierstrass points 114 4. Automorphisms 121 Part 2. Superelliptic curves 127 5. Superelliptic curves 127 6. Moduli space of curves and superelliptic loci 136 7. Equations of curves with prescribed automorphism group 143 8. Binary forms and their invariants 146 9. Weighted moduli spaces and their heights 155 10. Minimal models 162 11. Field of moduli 166 12. Theta functions 171 13. Jacobian varieties 179 14. Jacobians with complex multiplication 191 15. A word on Abelian covers and further directions 195 References 196 c 2019 Albanian Journal of Mathematics 107 FROM HYPERELLIPTIC TO SUPERELLIPTIC CURVES 108 1.
    [Show full text]
  • Computing the Zeta Function of Two Classes of Singular Curves By
    Computing the Zeta Function of Two Classes of Singular Curves by Robert Burko A thesis submitted in conformity with the requirements for the degree of Doctor of Philosophy Graduate Department of Mathematics University of Toronto c Copyright (year of graduation) by Robert Burko Contents 1 Introduction 1 1.0.1 Point Counting and the Zeta Function . 1 1.0.2 Weil Cohomology . 3 1.1 Algorithmic Approaches . 4 1.1.1 `-Adic Methods . 4 1.1.2 p-Adic Methods . 5 1.1.3 Deformation and Fibration Methods . 6 1.1.4 Approaches to Singular Varieties . 7 1.2 This Thesis . 8 1.3 Applications and Future Work . 8 1.3.1 Cryptography . 9 1.3.2 Support for Dimca's Conjecture . 10 1.3.3 Potential Generalizations and Improvements . 11 2 Cohomology Theories 13 2.1 Preliminaries . 13 2.1.1 p-Adic numbers and Witt vectors . 13 2.1.2 Useful Properties of Etale´ Maps . 14 2.2 Algebraic de Rham Cohomology . 15 2.2.1 K¨ahlerDifferentials . 15 2.2.2 de Rham Cohomology for Schemes . 15 2.2.3 de Rham Cohomology with Logarithmic Singularities . 16 2.3 p-Adic Cohomology Theories . 20 2.3.1 Monsky-Washnitzer Cohomology . 20 2.3.2 Rigid Cohomology and Crystalline Cohomology . 21 2.3.3 Comparisons Theorems Between p-Adic and de Rham Cohomology 22 2.4 Exact Sequences . 23 ii 3 Superelliptic Curves 25 3.1 Basic Properties . 25 3.1.1 The Genus . 26 3.1.2 The Zeta Function . 30 1 0 − 3.1.3 The Vector Space HMW(CK =K) .
    [Show full text]
  • ON the FIELD of MODULI of SUPERELLIPTIC CURVES 11 Column Is the Level N of the Superelliptic Curve
    ON THE FIELD OF MODULI OF SUPERELLIPTIC CURVES RUBEN HIDALGO AND TONY SHASKA Abstract. A superelliptic curve of genus g 2 is not necessarily defined X ≥ over its field of moduli but it can be defined over a quadratic extension of it. While a lot of work has been done by many authors to determine which hyperelliptic curves are defined over their field of moduli, less is known for superelliptic curves. In this paper we observe that if the reduced group of a genus g 2 su- ≥ perelliptic curve is different from the trivial or cyclic group, then can be X X defined over its field of moduli; in the cyclic situation we provide a sufficient condition for this to happen. We also determine those families of superelliptic curves of genus at most 10 which might not be definable over their field of moduli. 1. Introduction Let k be an algebraically closed field of characteristic zero and X a genus g ≥ 2, projective, irreducible algebraic curve defined over k. The field of moduli of X is the field of definition of the corresponding moduli point p = [X ] in the moduli space Mg (see Section 2.1.2 for a formal definition of the field of moduli). In general, to determine the field of moduli and to decide if it is a field of definition is difficult task and it is an active research topic. Examples of algebraic curves (for k = C) which cannot be defined over their field of moduli have been provided by Earle [11], Huggins [16] and Shimura [32] for the hyperelliptic situation and by the first author [13] and Kontogeorgis [18] in the non-hyperelliptic situation.
    [Show full text]
  • Supersingular Curves in Cryptography
    Supersingular Curves in Cryptography Steven D. Galbraith Mathematics Department, Royal Holloway University of London, Egham, Surrey TW20 0EX, UK. [email protected] Abstract. Frey and R¨uck gave a method to transform the discrete loga- rithm problem in the divisor class group of a curve over Fq into a discrete F logarithm problem in some finite field extension qk . The discrete loga- rithm problem can therefore be solved using index calculus algorithms as long as k is small. In the elliptic curve case it was shown by Menezes, Okamoto and Van- stone that for supersingular curves one has k 6. In this paper curves of ≤ higher genus are studied. Bounds on the possible values for k in the case of supersingular curves are given which imply that supersingular curves are weaker than the general case for cryptography. Ways to ensure that a curve is not supersingular are also discussed. A constructive application of supersingular curves to cryptography is given, by generalising an identity-based cryptosystem due to Boneh and Franklin. The generalised scheme provides a significant reduction in bandwidth compared with the original scheme. 1 Introduction Frey and R¨uck [8] described how the Tate pairing can be used to map the discrete logarithmproblemin the divisor class group of a curve C over a finite field Fq F into the multiplicative group q∗k of some extension of the base field. This has significant implications for cryptography as there are well-known subexponential algorithmsfor solving the discrete logarithmproblemin a finite field. Therefore, there is a method for solving the discrete logarithmproblemin the divisor class group in those cases where the extension degree k is small.
    [Show full text]
  • Computing the Zeta Functions of Two Classes of Singular Curves By
    Computing the Zeta Functions of Two Classes of Singular Curves by Robert M. Burko A thesis submitted in conformity with the requirements for the degree of Doctor of Philosophy Graduate Department of Mathematics University of Toronto Copyright c 2014 by Robert M. Burko Abstract Computing the Zeta Functions of Two Classes of Singular Curves Robert M. Burko Doctor of Philosophy Graduate Department of Mathematics University of Toronto 2014 Motivated by applications to cryptography, for over a decade mathematicians have suc- cessfully used p-adic cohomological methods to compute the zeta functions of various classes of varieties defined over finite fields of order q = pa in an amount of time polyno- mial in a, assuming the characteristic p is fixed. In all instances, the varieties considered had smooth representations in either affine or projective space. In this thesis, two non-smooth situations are introduced: the case of superelliptic curves with singular points that are rational over the field of definition, and the case of nodal projective plane curves. In each case, we present a polynomial-time algorithm which computes the zeta function the curve, and provide the results of an implementation in MAGMA. The case of singular superelliptic curves extends a method of Gaudry and G¨urel,and the case of nodal projective curves extends a method of Kedlaya, Abbott, and Roe. Assuming the curve has geometric genus g, and that the characteristic p is fixed, the running time of the first algorithm is O(a3+"g5+") and the running time of the second is O(a7+"g10+"). Both methods involve computing the matrix of the Frobenius automorphism on the cohomology groups of Monsky and Washnitzer up to a certain amount of p-adic accuracy.
    [Show full text]