Extending the GLS endomorphism to speed up GHS Weil descent using Magma

Jesús-Javier Chi-Domínguez,Francisco Rodríguez-Henríquez,Benjamin Smith

doi:10.1016/j.ffa.2021.101891

Extending the GLS endomorphism to speed up GHS Weil descent using Magma

Jesús-Javier Chi-Domínguez, Francisco Rodríguez-Henríquez + Show 1 more

Open Access

https://doi.org/10.1016/j.ffa.2021.101891

Copy DOI

Journal: Finite Fields and Their Applications

Publication Date: Jun 15, 2021

Affiliation: Technology Innovation Institute, Center for Research and Advanced Studies of the National Polytechnic Institute, Computer Science Laboratory of the École Polytechnique, Institut Polytechnique de Paris, École Polytechnique

#Discrete Logarithm #Computation Of Logarithm + Show 7 more

Abstract
Full-Text PDF
Similar Papers

Abstract

Let q=2n, and let E/Fqℓ be a generalized Galbraith–Lin–Scott (GLS) binary curve, with ℓ≥2 and (ℓ,n)=1. We show that the GLS endomorphism on E/Fqℓ induces an efficient endomorphism on the Jacobian JacH(Fq) of the genus-g hyperelliptic curve H corresponding to the image of the GHS Weil-descent attack applied to E/Fqℓ, and that this endomorphism yields a factor-n speedup when using standard index-calculus procedures for solving the Discrete Logarithm Problem (DLP) on JacH(Fq). Our analysis is backed up by the explicit computation of a discrete logarithm defined on a prime-order subgroup of a GLS elliptic curve over the field F25⋅31. A Magma implementation of our algorithm finds the aforementioned discrete logarithm in about 1,035 CPU-days.

Full Text