ECDLP Workshop at EPFL

Last week the group at EPFL‘s Laboratory for Cryptologic Algorithms (LACAL) held an excellent small workshop on the discrete logarithm problem on elliptic (and hyperelliptic) curves.

On the wednesday we had a series of introductory lectures, aimed at filling in the background for graduate students. I introduced the arithmetic of hyperelliptic curves and their Jacobians. Dimitar Jetchev described index calculus attacks, and Daniel Moldovan and Cihangir Tezcan gave an introduction to Weil descent; finally, Thorsten Kleinjung spoke about Semaev’s summation polynomials.

The workshop proper kicked off the next day, with detailed talks (most of them running just over an hour, with plenty of audience interaction) spread over the thursday and friday. The workshop essentially presented the current state of the art in algorithms (both theoretical and practical) for the DLP in Jacobians of algebraic curves.

Claus Diem spoke (twice) about high- and low-genus DLP algorithms based on his work in index calculus. Pierrick Gaudry and I gave talks about the DLP for genus 3 curves: I spoke about the case where the isogeny attack applies, while Pierrick gave a much more interesting talk considering other cases. Emmanuel Thomé spoke about L(1/3) DLP algorithms for high-genus curves with low degree (such as hyperelliptic and C_ab curves). Romain Cosset gave a nice talk about isogeny computations in genus 2, and showed us some really interesting isogeny graphs. Returning to the Weil descent theme, Tsutomu Iijima spoke about classifying weak curves and coverings. Vanessa Vitse spoke about combining cover and decomposition attacks for DLPs on elliptic curves defined over composite-degree extensions: this means applying Gaudry-Hess-Smart to move the DLP into a higher-genus Jacobian over an intermediate subfield, then using a decomposition attack on the resulting Jacobian on the smaller subfield. To conclude the workshop, Florian Hess gave an excellent talk on two themes: the DLP on elliptic curves, and problems involved in pairing inversion.

Some of the speakers (notably Claus, Thorsten, and Pierrick) gave blackboard talks; in theory the slides for the others are available on request (see the LACAL website, or ask Dimitar Jetchev).

— Ben Smith

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to ECDLP Workshop at EPFL

  1. Felix Fontein says:

    I’m curious: was this workshop announced anywhere? I haven’t heard of it until I read this post…

  2. Ben Smith says:

    I don’t know if the workshop was widely publicised (apart from being on the EPFL website): I was contacted by the organisers, and told a few people; I think some of the other speakers would have done the same (I didn’t think of asking anyone else there how they knew about it). As it turned out, the workshop was a really nice size: (just) large enough to have a good range of points of view, and (just) small enough for each person to talk to everyone else. But I figured that there would have been plenty of other interested people out there who either didn’t know about it or couldn’t come; I wrote this post because to let them what happened, so they could get in touch with the speakers or the organisers if they wanted slides or an update.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s