Paper 2023/785

Generation of two ''independent'' points on an elliptic curve of $j$-invariant $\neq 0, 1728$

Dmitrii Koshelev, École Normale Supérieure de Lyon
Abstract

This article is dedicated to a new generation method of two ``independent'' $\mathbb{F}_{\!q}$-points $P_0$, $P_1$ on almost any ordinary elliptic curve $E$ over a finite field $\mathbb{F}_{\!q}$ of large characteristic. In particular, the method is relevant for all standardized and real-world elliptic curves of $j$-invariants different from $0$, $1728$. The points $P_0$, $P_1$ are characterized by the fact that nobody (even a generator) knows the discrete logarithm $\log_{P_0}(P_1)$ in the group $E(\mathbb{F}_{\!q})$. Moreover, only one square root extraction in $\mathbb{F}_{\!q}$ (instead of two ones) is required in comparison with all previous generation methods.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
endomorphism ringsgeneration of ''independent'' pointsisotrivial elliptic curvesMordell-Weil lattices
Contact author(s)
dimitri koshelev @ gmail com
History
2024-01-24: last of 2 revisions
2023-05-29: received
See all versions
Short URL
https://ia.cr/2023/785
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2023/785,
      author = {Dmitrii Koshelev},
      title = {Generation of two ''independent'' points on an elliptic curve of $j$-invariant $\neq 0, 1728$},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/785},
      year = {2023},
      url = {https://eprint.iacr.org/2023/785}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.