Let I(g, q, N) be the number of isogeny classes of g-dimensional abelian varieties over a finite field Fq having a fixed number N of Fq-rational points. We describe the asymptotic (for q →∞) distribution of I(g, q, N) over possible values of N . We also prove an analogue of the Sato—Tate conjecture for isogeny classes of g-dimensional abelian varieties. 2000 Math. Subj. Class. Primary: 11G25, 1...

In this note we extend the computations described in [4] by computing the analytic order of the Tate-Shafarevich group III for all the curves in each isogeny class; in [4] we considered the strong Weil curve only. While no new methods are involved here, the results have some interesting features suggesting ways in which strong Weil curves may be distinguished from other curves in their isogeny ...

In this paper, we present three side-channel attacks on the quantum-resistant supersingular isogeny Di e-Hellman (SIDH) key exchange protocol. These re ned power analysis attacks target the representation of a zero value in a physical implementation of SIDH to extract bits of the secret key. To understand the behavior of these zero-attacks on SIDH, we investigate the representation of zero in t...

A recent paper by Costello and Hisil at Asiacrypt’17 presents efficient formulas for computing isogenies with odd-degree cyclic kernels on Montgomery curves. We provide a constructive proof of a generalization of this theorem which shows the connection between the shape of the isogeny and the simple action of the point (0, 0). This generalization removes the restriction of a cyclic kernel and a...

̄ As an example, the negation map that send P ∈ E(k) to its additive inverse is an isogeny from E to itself; as noted in Lecture 23, it is an automorphism, hence a surjective morphism, and it clearly fixes the identity element (the distinguished rational point O). Recall that a morphism of projective curves is either constant or surjective, so any nonconstant morphism that maps O1 to O2 is autom...

Isogeny-based cryptography is an active area of research in post-quantum public key cryptography. The problem proving knowledge isogeny a natural that has several applications isogeny-based cryptography, such as allowing users to demonstrate they are behaving honestly protocol. It also related digital signatures. Over the last few years, there have been number advances this area, but still many...

Abstract Isogeny‐based cryptography is a promising approach for post‐quantum cryptography. The best‐known protocol following that the supersingular isogeny Diffie–Hellman (SIDH); this was turned into CCA‐secure key encapsulation mechanism SIKE, which submitted to and remains in third round of NIST's standardisation process as an ‘alternate’ candidate. generally relies on conjectured hardness co...

We study a problem on specializations of multiples of rational points on elliptic curves analogous to the Mersenne problem. We solve this problem when descent via isogeny is possible by giving explicit bounds on the indices of prime power terms in elliptic divisibility sequences associated to points in the image of a nontrivial isogeny. We also discuss the uniformity of these bounds assuming th...