A good reference for this section is the first chapter of mumfords abelian varieties. Previously, he was a postdoctoral researcher at microsoft research msr in the cryptography group. The motivation for considering these varieties comes. Compactifying moduli spaces for abelian varieties download. The possibility of using the group \a\mathbbf\ of points on a in \\mathbbf\ as the basis of a publickey cryptography scheme is still at an early stage of exploration. Buy abelian varieties on free shipping on qualified orders. There are two main new contributions in this monograph. A generalized brezingweng algorithm for constructing pairing. In mathematics, particularly in algebraic geometry, complex analysis and number theory, an abelian variety is a projective algebraic variety that is also an algebraic group, i.
Definition 25 let, be two abelian varieties over of the same dimension. In mathematics, the arithmetic of abelian varieties is the study of the number theory of an abelian variety, or a family of abelian varieties. Dissertation, university of california, berkeley, may 2008 download. Ben moonen a dimension formula for ekedahloort strata. David freeman constructing abelian varieties for pairingbased cryptography. Sep, 2002 this paper determines exactly which values can occur as the security parameters of supersingular abelian varieties in terms of the dimension of the abelian variety and the size of the finite field, and gives constructions of supersingular abelian varieties that are optimal for use in cryptography. Jun 03, 2009 we give a survey on old and new results on relations between geometric invariants of principally polarized supersingular abelian varieties and arithmetic invariants of quaternion hermitian forms such as the numbers of polarizations and irreducible components of the supersingular locus, the field of definition, existence of curves with many rational points, class numbers, type numbers.
Constructing abelian varieties for cryptographic use hyperelliptic org. The main purpose of this survey is to give a complete account of the computational aspects of the isogenies of low dimensional abelian varieties and their use in cryptography. Otherwise, it may be possible to get a jacobian which is isomorphic to a product of jacobians. It should be made clear that we are probably taking the product polarization of the product of principally polarized abelian varieties mentioned in the old mse question.
Abelian varieties, hyperelliptic curves, pairingbased cryp tosystems. This is a consequence to the riemannroch theorem, which implies that. This paper determines exactly which values can occur as the security parameters of supersingular abelian varieties in terms of the dimension of the abelian variety and the size of the finite field, and gives constructions of supersingular abelian varieties that are optimal for use in cryptography. Keywords elliptic curve cryptography ecc, cyclic abelian group, public key cryptography. Constructing abelian varieties for cryptographic use. The main motivation comes from 40, where rubin and silverberg show that supersingular abelian. In the two decades since then, the cm method in genus 2 has undergone a vast range of improvements, both theoretical and computational, which were motivated in large part by its application to generating abelian surfaces for use in cryptography. As soon as encryption schemes based on arithmetic in elliptic curves were proposed, it was natural to speculate on whether these schemes could be generalized to hyperelliptic curves or even general abelian varieties. An abelian variety is a complete connected group variety over some field. Constructing abelian varieties for pairingbased cryptography. A study of non abelian public key cryptography tzuchun lin department of applied mathematics, feng chia university 100, wenhwa road, taichung 40724, taiwan, r. Abelian varieties with small isogeny class and applications to cryptography.
Let a be an abelian variety over a finite field equation. Using abelian varieties to improve pairingbased cryptography. Introduction cryptography is the science of information security. In terms of cryptography, youll want to study abelian varieties and elliptic curvesthey are incredibly useful in ciphertext compression without loss of security. Abelian varieties with maximal galois action on their torsion. This paper surveys some topics in algebraic curve cryptography, with an. Index calculus for abelian varieties and the elliptic. Method 1 constructing pairingfriendly abelian varieties. Elliptic curve can be applied to cryptography as it is secure to the best of current knowledge. Probably lang does, too, in his abelian varieties book, but thats in the older weilstyle language, so probably harder to read.
Method 2 constructing abelian varieties for pairingbased cryptography david freeman stanford university, usa foundations of computational mathematics. The anshelanshelgoldfeld protocol tries to use noncommutativity itself, and relies on how much non abelian the group is. Abelian varieties appear naturally as jacobian varieties the connected components of zero in picard varieties and albanese varieties of other algebraic varieties. Supersingular abelian varieties and modular forms microsoft. Damien works in the field of applications of abelian varieties in public key cryptography, with main subjects of interest jacobians of hyperelliptic curves and more specifically genus 2 curves, computing isogenies and point counting, and also. We give a survey on old and new results on relations between geometric invariants of principally polarized supersingular abelian varieties and arithmetic invariants of quaternion hermitian forms such as the numbers of polarizations and irreducible components of the supersingular locus, the field of definition, existence of curves with many rational points, class numbers, type numbers.
In particular, we will discuss arithmetic on abelian varieties. Supersingular abelian varieties in cryptology springerlink. Newest abelianvarieties questions mathematics stack. Abelian varieties and cryptography they both have a long history but but their common history is rather short. Abelian varieties with maximal galois action on their. The hodge conjecture being a caracteristic 0 analogue of the tate conjecture.
A study of nonabelian public key cryptography tzuchun lin department of applied mathematics, feng chia university 100, wenhwa road, taichung 40724, taiwan, r. In the two decades since then, the cm method in genus 2 has undergone a vast range of improvements, both theoretical and computational, which were motivated in large part by its application to generating abelian surfaces for. Constructing abelian surfaces for cryptography via rosenhain. Trace zero varieties are even more interesting in the context of pairingbased cryptography. Superisolated elliptic curves and abelian surfaces in. Computing isogenies between abelian varieties may be seen as different kind of computational problems depending on the expected input and output of the algorithm.
Any nonempty set can be equipped with an abelian group structure, but you are probably only interested in the nice group structure on elliptic curves given by rational maps. Im curious because, as i understand it, nonabelian finite groups arent considered particularly useful in cryptography, due to the coincident group orders theorem that follows from the classification of the finite simple groups, but obviously infinite nonabelian groups are another matter. Supersingular abelian varieties are natural candidates for these appli cations. In terms of software, u3pg hit the nail on the head. Lenstra uses the group of points of an elliptic curve over znz. Optimal pairings on abelian varieties with theta functions. Efficient pairing computation on supersingular abelian varieties. Associated to an abelian variety ak is a galois representation which describes the action of the absolute galois group of k on the torsion points of a. Let agfp and agfp be supersingular principally polarized abelian varieties of dimension g 1. The idea of replacing multiplicative groups by elliptic curves immediately proves to be useful in. An elliptic curve is an abelian variety of dimension 1. Newest abelianvarieties questions mathematics stack exchange. Supersingular abelian varieties in cryptology 3 note that, since cryptographic security is based on the cyclic subgroups of af q, for purposes of cryptology it is only necessary to consider simple abelian varieties, i. In general, one can define the quotient of an abelian variety by any finite subgroup scheme, so the same proof works over any field.
Constructing abelian surfaces for cryptography via rosenhain invariants volume 17 issue a craig costello, alyson deinesschartz, kristin lauter, tonghai yang. Abelian varieties in coding and cryptography conference paper. He computed p 1 mod p with it to sell the algorithm. Ben moonen group schemes with additional structures and weyl group cosets. Constructing hyperelliptic curves of genus 2 suitable for. The group law of an abelian variety is necessarily commutative and the variety is nonsingular. We give a simple characterization of superisolated elliptic. Constructing abelian varieties for pairingbased cryptography david freeman ph. Algebraic number theory, galois representations, abelian varieties. Abelian varieties and pairingbased cryptography constructing pairingfriendly abelian varieties. Pdf abelian varieties and cryptography researchgate.
In this article, we aim to give the reader an introduction to elliptic curve cryptosystems, and to demonstrate why these systems provide relatively small block sizes, highspeed software and hardware implementations, and offer the highest. Especially, i am interested in the structure and arithmetic of abelian varieties, curves and their coverings, the discrete logarithm problem in elliptic curves over finite fields and more generally the discrete logarithm problem in class groups of curves over finite fields, as well as the problem to solve systems of systems of polynomial equations. A line bundle on is called a divisorial correspondence if and. Abelian varieties the subject of abelian varieties is vast. In this article, we will discuss some of the issues and their current staus. The speakers will be drawn from the participating faculty as well as visitors brought in as part of the crg activities. We call an elliptic curve, or abelian variety, superisolated if it has this property. Abelian varieties crg an important ongoing activity of the crg is a monthly seminar during the academic terms on the theme of explicit methods in abelian varieties. For any prime m, we give an algorithm that finds a path in the m,misogeny graph in opg1 group operations on a classical computer, and opg12 calls to the grover oracle on a quantum computer. The possibility of using the group equation of points on a in equationas the basis of a publickey cryptography scheme is still at an. Section 5 proves that when e is a supersingular elliptic curve over fp2 with rkende 4, the functors 1 and 2 are equivalences of categories, so that there is a clean classi.
Superisolated elliptic curves and abelian surfaces in cryptography. Elliptic curve cryptography is now an entrenched field and has been subjected to an enormous amount of research in the last fifteen years. The morphism is actually a homomorphism since it sends 0 to 0. An elliptic curve is a onedimensional abelian variety. A divisorial correspondence induces a morphism of abelian varieties in general, a line bundle on gives a morphism. Thus, for instance, by an ascheme we mean a scheme over speca. If you have any questions on this, feel free to pm me.
Elliptic curves over finite fields a good reference for this section is chapter v of silvermans the arithmetic of elliptic curves mr0817210. Abelian varieties with small isogeny class and applications to. Yes, every elliptic curve that is, smooth projective curve of genus one over a field admits a natural group structure on its set of points. Yigeng zhao wednesday, 1012 h, m 006 introduction the aim of this seminar is to study some basic theories of abelian varieties over an algebraic closed eld k, which are one of the most important and most studied objects in arithmetic geometry. Cryptography is a method to encrypt and decrypt the data. Constructing abelian surfaces for cryptography via. Jacobians of curves and products of abelian varieties. I maintain a list of my publications, and a list of softwares. The supersingular isogeny problem in genus 2 and beyond. For example, it is known that for abelian varieties but not other varieties, the variational hodge conjecture implies the hodge conjecture.
Supersingular abelian varieties in cryptology uci math. Abelian varieties with small isogeny class and applications. Then i talk about the abelian varieties over the complex numbers from the analytic point of view. Most of these can be posed for an abelian variety a. Abelian varieties in coding and cryptography request pdf. Aug 08, 20 previously, he was a postdoctoral researcher at microsoft research msr in the cryptography group. For certain abelian varieties afq, subgroups of afq of prime order r have the necessary properties. In these notes we will hit some highlights of the theory, stressing examples and intuition rather than proofs due to lack of time, among other reasons. Studying a variety over finite fields helps us understand abelian varieties over global. Moduli of abelian varieties texel island, 1999, 255298, progress in math. It is disconcerting that we cant prove the hodge conjecture even for abelian varieties, even for abelian varieties of cmtype, and we cant even prove that the hodge classes weil described are algebraic. How does the wider cryptographic community view nonabelian. Sometimes we need to send or receive the data in encrypted format.
Elliptic curve cryptography, cryptography having number theoretic flavour. Abelian varieties isogenous to a power of an elliptic curve. Let a be an abelian variety over a finite field \\mathbbf\. With some more work, we can get classification up to isomorphism. Constructing hyperelliptic curves of genus 2 suitable for cryptography. Using abelian varieties to improve pairingbased cryptography 3 supersingular abelian varieties than using supersingular elliptic curves, and supersingular abelian surfaces attain higher mov security per bit than supersingular elliptic curves over every.
I work in the field of applications of abelian varieties in public key cryptography. Abelian groups in elliptic curves cryptography stack exchange. A kvariety is a geometrically integral separated kscheme of. Why do people think that abelian varieties are the hardest. Almost all cryptographic algorithms which use groups actually work in subgroups generated by a conventional element.