The Mordell-Weil theorem states that the group of rational points‎ ‎on an elliptic curve over the rational numbers is a finitely‎ ‎generated abelian group‎. ‎In our previous paper, H‎. ‎Daghigh‎, ‎and S‎. ‎Didari‎, On the elliptic curves of the form $ y^2=x^3-3px$‎, ‎‎Bull‎. ‎Iranian Math‎. ‎Soc‎.‎‎ 40 (2014)‎, no‎. ‎5‎, ‎1119--1133‎.‎, ‎using Selmer groups‎, ‎we have shown that for a prime $p...

In this paper we describe how to efficiently implement pairing calculation on supersingular genus 2 curves over prime fields. We find that, contrary to the results reported in [8], pairing calculation on supersingular genus 2 curves over prime fields is efficient and a viable candidate for practical implementation. We also show how to eliminate divisions in an efficient manner when computing th...

The goal of this course is to investigate an object which might be called X(p∞), and which appears as the inverse limit of the classical modular curves X(p). Informally, X(p∞) ought to classify elliptic curves E together with a Zp-basis for the Tate module Tp(E). (A disclaimer is in order, lest I be accused of false advertising: We won’t be studying all of X(p∞), but rather a piece of it corres...

Cryptosystems based on supersingular isogenies have been proposed recently for use in post-quantum cryptography. Three problems have emerged related to their hardness: computing an isogeny between two curves, computing the endomorphism ring of a curve, and computing a maximal order associated to it. While some of these problems are believed to be polynomial-time equivalent based on heuristics, ...

We present an attack on SIDH utilising isogenies between polarized products of two supersingular elliptic curves. In the case arbitrary starting curve, our (discovered independently from [8]) has subexponential complexity, thus significantly reducing security and SIKE. When endomorphism ring curve is known, (here derived polynomial-time complexity assuming generalised Riemann hypothesis. Our ap...

the mordell-weil theorem states that the group of rational points‎ ‎on an elliptic curve over the rational numbers is a finitely‎ ‎generated abelian group‎. ‎in our previous paper, h‎. ‎daghigh‎, ‎and s‎. ‎didari‎, on the elliptic curves of the form $ y^2=x^3-3px$‎, ‎‎bull‎. ‎iranian math‎. ‎soc‎.‎‎ 40 (2014)‎, no‎. ‎5‎, ‎1119--1133‎.‎, ‎using selmer groups‎, ‎we have shown that for a prime $p$...

Efficient computation of elliptic curve scalar multiplication has been a significant problem since Koblitz [13] and Miller [14] independently proposed elliptic curve cryptography, and several efficient methods of scalar multiplication have been proposed (e.g., [8], [9], [12]). A standard approach for computing scalar multiplication is to use the Frobenius endomorphism. If we compute the s-multi...

Pairings on elliptic curves over finite fields are crucial for constructing various cryptographic schemes. The ηT pairing on supersingular curves over GF(3) is particularly popular since it is efficiently implementable. Taking into account the Menezes-Okamoto-Vanstone (MOV) attack, the discrete logarithm problem (DLP) in GF(3) becomes a concern for the security of cryptosystems using ηT pairing...