Abstract
This article generalizes the simplified Shallue–van de Woestijne–Ulas (SWU) method of a deterministic finite field mapping \(h\!: \mathbb {F}_{q} \to E_{a}(\mathbb {F}_{q})\) to the case of any elliptic \(\mathbb {F}_{q}\)-curve Ea : y2 = x3 − ax of j-invariant 1728. In comparison with the (classical) SWU method the simplified SWU method allows to avoid one quadratic residuosity test in the field \(\mathbb {F}_{q}\), which is a quite painful operation in cryptography with regard to timing attacks. More precisely, in order to derive h we obtain a rational \(\mathbb {F}_{q}\)-curve C (and its explicit quite simple proper \(\mathbb {F}_{q}\)-parametrization) on the Kummer surface \(K^{\prime }\) associated with the direct product \({E_{a}} \times {E_{a}^{\prime }}\), where \(E_{a}^{\prime }\) is the quadratic \(\mathbb {F}_{q}\)-twist of Ea. Our approach of finding C is based on the fact that every curve Ea has a vertical \(\mathbb {F}_{q^{2}}\)-isogeny of degree 2.
Similar content being viewed by others
References
Sakemi, Y., Kobayashi, T., Saito, T., Wahby, R.: Pairing-friendly curves IETF Secretariat (2020)
El Mrabet, N., Joye, M.: Guide to pairing-based cryptography — New York.: Chapman and Hall (2016)
Faz-Hernandez, A., et al.: Hashing to elliptic curves IETF Secretariat (2020)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)
Icart, T.: How to hash into elliptic curves. 29th Annual international cryptology conference, p. 303–316 (2009)
Bernstein, D., Hamburg, M., Krasnova, A., Lange, T.: Elligator: Elliptic-curve points indistinguishable from uniform random strings. Conference on Computer & Commun Security, pp. 967–980 (2013)
Skałba, M.: Points on elliptic curves over finite fields. Acta Arithmetica 117, 293–301 (2005)
Mordell, L.: Diophantine equations — London.: Academic Press (1969)
Shallue, A., van de Woestijne, C.: Construction of rational points on elliptic curves over finite fields. 7th International Algorithmic Number Theory Symposium, P. 510–524 (2006)
Sendra, J., Winkler, F., Pérez-Díaz, S.: Rational algebraic curves: A computer algebra approach. Springer, Berlin (2008)
Van der Geer, G., Katsura, T.: On the height of Calabi–Yau varieties in positive characteristic. Doc. Math. 8(1), 97–113 (2003)
Andreatta, M., Wiśniewski, J.: On the Kummer construction. Revista Matemática Complutense 23(1), 191–215 (2010)
Cynk, S., Schütt, M.: Generalised Kummer constructions and Weil restrictions. J. Num. Theory 129(8), 1965–1975 (2009)
Donten, M.: On Kummer 3-folds. Revista Matemática Complutense 24(2), 465–492 (2011)
Kollár, J., Larsen, M.: Quotients of Calabi–Yau varieties. Algebra, arithmetic, and geometry. Birkhäuser Boston, pp. 179–211 (2009)
Debarre, O.: Higher-dimensional algebraic geometry. Springer, Berlin (2001)
Voisin, C.: Miroir set involutions sur les surfaces K3. Astérisque 218, 273–323 (1993)
Bogomolov, F., Tschinkel, Y.: Rational curves and points on K3 surfaces. Am. J. Math. 127(4), 825–835 (2005)
Brier, E., Coron, J.-S., Icart, T., Madore, D., Randriam, H., Tibouchi, M.: Efficient indifferentiable hashing into ordinary elliptic curves. 30th Annual Cryptology Conference, pp. 237–254 (2010)
Mestre, J. -F.: Rang de courbes elliptiques d’invariant donné. Comptes Rendus de l’Académie des Sciences - Series I - Mathematics 314 (12), 919–922 (1992)
Satgé, P.: Une construction de courbes k-rationnelles sur les surfaces de Kummer d’un produit de courbes de genre 1. Rational points on algebraic varieties. Birkhäuser Basel, pp. 313–334 (2001)
Ulas, M.: Rational points on certain hyperelliptic curves over finite fields. Bulletin of the Polish Academy of Sciences. Mathematics 55(2), 97–104 (2007)
Kuwata, M., Wang, L.: Topology of rational points on isotrivial elliptic surfaces. Int. Math. Res. Not. 1993(4), 113–123 (1993)
Wahby, R., Boneh, D.: Fast and simple constant-time hashing to the BLS12-381 elliptic curve. IACR Trans. on Crypto Hardware and Embedded Systems, pp. 154–179 (2019)
Kachisa, E., Schaefer, E., Scott, M.: Constructing Brezing–Weng pairing-friendly elliptic curves using elements in the cyclotomic field. 2nd Internat, Conf. on Pairing-Based Crypto, pp. 126–135 (2008)
Barbulescu, R., El Mrabet, N., Ghammam, L.: A taxonomy of pairings, their security, their complexity IACR Cryptology ePrint Archive (2019)
Barbulescu, R., Duquesne, S.: Updating key size estimations for pairings. J. Cryptol. pp. 1–39 (2018)
Ghammam, L., Fouotsa, E.: Adequate elliptic curves for computing the product of n pairings. International workshop on the arithmetic of finite fields, pp. 36–53 (2016)
Gorchinskiy, S., Shramov, C.: Unramified Brauer group and its applications — Providence.: American Mathematical Society (2018)
Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of elliptic and hyperelliptic curve cryptography. Chapman & Hall, Boca Raton (2006)
Milne, J.: Abelian varieties. Arithmetic geometry, pp. 103–150 (1986)
Hartshorne, R.: Algebraic geometry. Springer, Berlin (1977)
Hunt, B.: The geometry of some special arithmetic quotients. Springer, Berlin (1996)
Huybrechts, D.: Lectures on K3 surfaces. Cambridge University Press, Cambridge (2016)
Ulmer, D.: Elliptic curves over function fields. Arithmetic of L-functions, pp. 211–280 (2011)
Shioda, T.: Supersingular K3 surfaces. Algebraic Geometry, pp. 564–591 (1979)
Hirschfeld, J., Korchmáros, G., Torres, F.: Algebraic curves over a finite field. Princeton University Press, Princeton (2008)
Gaudry, P., Schost, É.: On the invariants of the quotients of the Jacobian of a curve of genus 2. 14th Inter. Symp. on Applied Algebra, Algebraic Algorithms, and Error-Correct Codes, pp. 373–386 (2001)
Koshelev, D.: Non-split toric codes. Probl. Inf. Transm. 55(2), 124–144 (2019)
Silverman, J.: The arithmetic of elliptic curves. Springer, New York (2009)
Galbraith, S.: Mathematics of public key cryptography. Cambridge University Press, New York (2012)
Koshelev, D. Magma code. https://github.com/dishport/Hashing-to-elliptic-curves-of-j-invariant-1728
Aubry, Y., Perret, M.: A Weil theorem for singular curves. Arithmetic, Geometry and Coding Theory (AGCT-4), pp. 1–7 (1993)
Ireland, K., Rosen, M.: A classical introduction to modern number theory. Springer, New York (1990)
Fouque, P.-A., Tibouchi, M.: Estimating the size of the image of deterministic hash functions to elliptic curves. 1st Inter, Conference on Crypto and Information Security in Latin America, pp. 81–91 (2010)
Acknowledgements
The author expresses his deep gratitude to his scientic advisor M. Tsfasman and thanks K. Loginov, K. Shramov for their help and useful comments.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Web page: https://www.researchgate.net/profile/Dimitri-Koshelev
This work was supported by a public grant as part of the FMJH project
Electronic supplementary material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Koshelev, D. Hashing to elliptic curves of j-invariant 1728. Cryptogr. Commun. 13, 479–494 (2021). https://doi.org/10.1007/s12095-021-00478-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12095-021-00478-y
Keywords
- Finite fields
- Pairing-based cryptography
- Elliptic curves of j-invariant 1728
- Kummer surfaces
- Rational curves
- Weil restriction
- Isogenies