On Generalization of Cheon's Algorithm
We consider a generalization of Cheon's algorithm on the strong Diffie-Hellman problem. More specifically, we consider the circumstance that p^k-1 has a small divisor for k>=3, where p is the order of group on which we consider the strong Diffie-Hellman problem. It seems that our algorithm is only effective for k=1, 2, that is, the original Cheon's algorithm.
The Brezing-Weng-Freeman Method for Certain Genus two Hyperelliptic Curves
We construct paring friendly curves of the form $Y^2 = X^5 + uX^3 + vX$ over large finite prime fields. The rho value of our family is always less than 4. Our method is based on the fact that, under a certain condition, the Jacobian $J$ of the curve splits to a square of an elliptic curve over the quadratic extension of the base field. However, the generated curves by our method are $F_p$-simple. A key ingredient is the construction of a pairing non-friendly elliptic curve by the modified Brezing-Weng-Freeman method so that $J$ is pairing friendly.
More Discriminants with the Brezing-Weng Method
The Brezing-Weng method is a general framework to generate families of pairing-friendly elliptic curves. Here, we introduce an improvement which can be used to generate more curves with larger discriminants. Apart from the number of curves this yields, it provides an easy way to avoid endomorphism rings with small class number.
Generating genus two hyperelliptic curves over large characteristic finite fields
In hyperelliptic curve cryptography, finding a suitable hyperelliptic curve is an important fundamental problem. One of necessary conditions is that the order of its Jacobian is a product of a large prime number and a small number. In the paper, we give a probabilistic polynomial time algorithm to test whether the Jacobian of the given hyperelliptic curve of the form $Y sup 2 = X sup 5 + u X sup 3 + v X$ satisfies the condition and, if so, gives the largest prime factor. Our algorithm enables us to generate random curves of the form until the order of its Jacobian is almost prime in the above sense. A key idea is to obtain candidates of its zeta function over the base field from its zeta function over the extension field where the Jacobian splits.