A filtering method for the hyperelliptic curve index calculus and its analysis

We describe a filtering technique improving the performance of index-calculus algorithms for hyperelliptic curves. Filtering is a stage taking place between the relation search and the linear algebra. Its purpose is to eliminate redundant or duplicate relations, as well as reducing the size of the matrix, thus decreasing the time required for the linear algebra step. This technique, which we call harvesting, is in fact a new strategy that subtly alters the whole index calculus algorithm. In particular, it changes the relation search to find many times more relations than variables, after which a selection process is applied to the set of the relations – the harvesting process. The aim of this new process is to extract a (slightly) overdetermined submatrix which is as small as possible. Furthermore, the size of the factor base also has to be readjusted, in order to keep the (extended) relation search faster than it would have been in an index calculus algorithm without harvesting. The size of the factor base must also be chosen to guarantee that the final matrix will be indeed smaller than it would be in an optimised index calculus without harvesting, thus also speeding up the linear algebra step. The version of harvesting presented here is an improvement over an earlier version by the same authors. By means of a new selection algorithm, time-complexity can be reduced from quadratic to linear (in the size of the input), thus making its running time effectively negligible with respect to the rest of the index calculus algorithm. At the same time we make the process of harvesting more effective – in the sense that the final matrix should (on average) be smaller than with the earlier approach. We present an analysis of the impact of harvesting (for instance, we show that its usage can improve index calculus performance by more than 30% in some cases), we show that the impact on matrix size is essentially independent on the genus of the curve considered, and provide an heuristic argument in support of the effectiveness of harvesting as one parameter (which defines how far the relation search is pushed) increases.