## Arithmetic and geometric structures in cryptography

We explore a few algebraic and geometric structures, through certain questions posed by modern cryptography. We focus on the cases of discrete logarithms in finite fields of small characteristic, the structure of isogeny graphs of ordinary abelian varieties, and the geometry of ideals in cyclotomic rings. The presumed difficulty of computing discrete logarithms in certain groups is essential for the security of a number of communication protocols deployed today. One of the most classic choices for the underlying group is the multiplicative group of a finite field. Yet this choice is showing its age, and particularly when the characteristic of the field is small: recent algorithms allow to compute logarithms efficiently in these groups. However, these methods are only heuristic: they seem to always work, yet we do not know how to prove it. In the first part, we propose to study these methods in the hope to get a better understanding, notably by revealing the geometric structures at play. A more modern choice is the group of rational points of an elliptic curve defined over a finite field. There, the difficulty of the discrete logarithm problem seems at its peak. More generally, the group of rational points of an abelian variety (notably the Jacobian of a curve of small genus) could be appropriate. One of the main tools for studying discrete logarithms on such objects is the notion of isogeny: a morphism from a variety to another one, which allows, among other things, to transfer the computation of a logarithm. Whereas the theory for elliptic curves is already mature, little is known about the structures formed by these isogenies (the isogeny graphs) for varieties of higher dimension. In the second part, we study the structure of isogeny graphs of absolutely simple, ordinary abelian varieties, with a few consequences regarding discrete logarithms on Jacobians of hyperelliptic curves of genus 2, the main object of concern of so-called hyperelliptic cryptography. The security of quite a few protocols, notably those relying on discrete logarithms, would collapse in front of an adversary equipped with a large-scale quantum computer. This perspective motivates cryptographers to study problems that would resist this technological feat. One of the major directions is cryptography based on Euclidean lattices, relying on the difficulty to find short vectors in a given lattice. For efficiency, one benefits from considering lattices endowed with more structure, such as the ideals of a cyclotomic field. In the third part, we study the geometry of these ideals, and show that a quantum computer allows to efficiently find much shorter vectors in these ideals than is currently possible in generic lattices.

Advisor(s):
Lenstra, Arjen
Granger, Robert
Year:
2018
Publisher:
Lausanne, EPFL
Keywords:
Laboratories:
LACAL

Record created 2018-11-21, last modified 2019-06-19

Rate this document:

1
2
3

(Not yet reviewed)