Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Trace Zero Subvarieties of Genus 2 Curves for Cryptosystems


Affiliations
1 Information-Security and Cryptography, Ruhr-University of Bochum, Universitatsstr. 150, D-44780 Bochum, Germany
     

   Subscribe/Renew Journal


In this paper we present a kind of group suitable for cryptographic applications: the trace zero subvariety. We describe in detail the case of trace zero varieties constructed from genus 2 curves over prime fields. The curve is considered over an extension field of degree 3 and one performs Weil descent from its Jacobian to the prime field leading to a variety of dimension 6. The trace zero variety is a subvariety thereof. As a group it is isomorphic to a subgroup of the Jacobian of the original curve. For appropriately chosen parameters it is as secure as Jacobians of curves of genus g≤3.
Its main advantage is that the complexity of computing scalar multiplication is lower than on other curve based groups. This is achieved by making use of the Frobenius endomorphism.
Thus the trace zero subvariety can be used efficiently in protocols based on the discrete logarithm problem.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 224

PDF Views: 0




  • Trace Zero Subvarieties of Genus 2 Curves for Cryptosystems

Abstract Views: 224  |  PDF Views: 0

Authors

Tanja Lange
Information-Security and Cryptography, Ruhr-University of Bochum, Universitatsstr. 150, D-44780 Bochum, Germany

Abstract


In this paper we present a kind of group suitable for cryptographic applications: the trace zero subvariety. We describe in detail the case of trace zero varieties constructed from genus 2 curves over prime fields. The curve is considered over an extension field of degree 3 and one performs Weil descent from its Jacobian to the prime field leading to a variety of dimension 6. The trace zero variety is a subvariety thereof. As a group it is isomorphic to a subgroup of the Jacobian of the original curve. For appropriately chosen parameters it is as secure as Jacobians of curves of genus g≤3.
Its main advantage is that the complexity of computing scalar multiplication is lower than on other curve based groups. This is achieved by making use of the Frobenius endomorphism.
Thus the trace zero subvariety can be used efficiently in protocols based on the discrete logarithm problem.