Endomorphism rings of supersingular elliptic curves over $ \mathbb{F}_p $ and binary quadratic forms

Guanju Xiao; Zijian Zhou; Yingpu Deng; Longjiang Qu

doi:10.3934/amc.2024019

Article Contents

2025, Volume 19, Issue 2: 698-715. Doi: 10.3934/amc.2024019

This issue Previous Article Linear codes invariant under a linear endomorphism Next Article Circulant, circulant-like and orthogonal MDS generalized cauchy matrices

Endomorphism rings of supersingular elliptic curves over $ \mathbb{F}_p $ and binary quadratic forms

1.
College of Science, National University of Defense Technology, Changsha 410073, China
2.
KLMM, NCMIS, Academy of Mathematics and Systems Sciencs, Chinese Academy of Sciences, Beijing 100190, China
3.
School of Mathematical Sciences, University of Chinese Academy of Sciences, Beijing 100049, China

^*Corresponding author: Longjiang Qu
^*Corresponding author: Longjiang Qu

Received: December 2023

Revised: April 2024

Early access: May 11, 2024

Published online: May 11, 2024

The work is supported by the National Key Research and Development Program of China under Grant No. 2022YFA1004900, the National Natural Science Foundation of China under Grant No. 12271517, No. 12201637 and No. 62202475, and the Innovation Program for Quantum Science and Technology under Grant No. 2021ZD0302902.

Abstract / Introduction Full Text(HTML) Related Papers Cited by

Abstract

It is well known that there is a one-to-one correspondence between supersingular $ j $-invariants up to the action of $ \text{Gal}(\mathbb{F}_{p^2}/\mathbb{F}_p) $ and type classes of maximal orders in $ B_{p, \infty} $ by Deuring's theorem. Interestingly, we establish a one-to-one correspondence between $ \mathbb{F}_p $-isomorphism classes of supersingular elliptic curves and primitive reduced binary quadratic forms with discriminant $ -p $ or $ -16p $. Due to this correspondence and the fact that $ \mathbb{F}_p $-isogenies between elliptic curves could be represented by quadratic forms, we show that actions of these isogenies on supersingular elliptic curves over $ \mathbb{F}_p $ are compatible with the composition of quadratic forms. Based on these results, we reduce the security of CSIDH cryptosystem to computing this correspondence explicitly.

Keywords:

Mathematics Subject Classification: Primary: 14H52, 14K22; Secondary: 11R11.

Citation:

Full Text(HTML)

Related Papers

Cited by

References

[1]	H. Brandt, Zur Zahlentheorie der Quaternionen, Jber. Deutscher Math. Vereing, 53 (1943), 23-57.
[2]	J. Buchmann and U. Vollmer, Binary Quadratic Forms. An algorithmic approach, Algorithms and Computation in Mathematics, 20. Springer, Berlin, 2007.
[3]	D. A. Buell, Binary Quadratic Forms, Classical Theory and Modern Computations, Springer-Verlag, New York, 1989. doi: 10.1007/978-1-4612-4542-1.
[4]	W. Castryck, T. Lange, C. Martindale, L. Panny and J. Renes, CSIDH: An efficient post-quantum commutative group action, Advances in Cryptology—ASIACRYPT 2018. Part III, Lecture Notes in Comput. Sci., vol., Springer, Cham, 11274 (2018), 395-427. doi: 10.1007/978-3-030-03332-3_15.
[5]	W. Castryck, L. Panny and F. Vercauteren, Rational isogenies from irrational endomorphisms, Advances in Cryptology—EUROCRYPT 2020. Part II, Lecture Notes in Comput. Sci., vol., Springer, Cham, 12106 (2020), 523-548.
[6]	I. Chevyrev and S. D. Galbraith, Constructing supersingular elliptic curves with a given endomorphism ring, LMS J. Comput. Math., 17 (2014), 71-91. doi: 10.1112/S1461157014000254.
[7]	D. A. Cox, Primes of the Form $x^2 + ny^2$. Fermat, Class Field Theory, and Complex Multiplication, Second ed., Pure and Applied Mathematics (Hoboken), John Wiley & Sons, Inc., Hoboken, NJ, 2013. doi: 10.1002/9781118400722.
[8]	C. Delfs and S. D. Galbraith, Computing isogenies between supersingular elliptic curves over $\mathbb{F}_p$, Des. Codes Cryptogr., 78 (2016), 425-440. doi: 10.1007/s10623-014-0010-1.
[9]	M. Deuring, Die Typen der Multiplikatorenringe elliptischer Funktionenkörper, Abh. Math. Sem. Hansischen Univ., 14 (1941), 197-272. doi: 10.1007/BF02940746.
[10]	B. H. Gross and D. B. Zagier, On singular moduli, J. Reine Angew. Math., 355 (1985), 191-220.
[11]	T. Ibukiyama, On maximal orders of division quaternion algebras over the rational number field with certain optimal embeddings, Nagoya Math. J., 88 (1982), 181-195. doi: 10.1017/S002776300002016X.
[12]	M. Kaneko, Supersingular $j$-invariants as singular moduli mod $ p$, Osaka J. Math., 26 (1989), 849-855.
[13]	D. Kohel, K. Lauter, C. Petit and J.-P. Tignol, On the quaternion $\ell$-isogeny path problem., LMS Journal of Computation and Mathematics, 17 (2014), 418-432. doi: 10.1112/S1461157014000151.
[14]	K. Lauter and B. Viray, On singular moduli for arbitrary discriminants, Int. Math. Res. Not. IMRN, (2015), 9206-9250. doi: 10.1093/imrn/rnu223.
[15]	S. Li, Y. Ouyang and X. Zheng, Endomorphism rings of supersingular elliptic curves over $\mathbb{F}_p$, Finite Fields Appl., 62 (2020), 101619, 24 pp. doi: 10.1016/j.ffa.2019.101619.
[16]	J. H. Silverman, The Arithmetic of Elliptic Curves, Second ed., Graduate Texts in Mathematics, vol. 106, Springer, Dordrecht, 2009. doi: 10.1007/978-0-387-09494-6.
[17]	F. Sohn, Beiträge zur Zahlentheorie der Ternären Quadratischen Formen und der Quaternionenalgebren, Ph.D. thesis, Westfälische Wilhelms-Universität zu Münster, 1957.
[18]	A. V. Sutherland, Computing hilbert class polynomials with the chinese remainder theorem, Math. Comp., 80 (2011), 501-538. doi: 10.1090/S0025-5718-2010-02373-7.
[19]	J. Voight, Quaternion Algebras, Graduate Texts in Mathematics, 288. Springer, Cham, 2021. doi: 10.1007/978-3-030-56694-4.
[20]	B. Wesolowski, The supersingular isogeny path and endomorphism ring problems are equivalent, 2021 IEEE 62nd Annual Symposium on Foundations of Computer Science (FOCS), Denver, CO, USA, (2022), 1100-1111. doi: 10.1109/FOCS52979.2021.00109.
[21]	G. Xiao, L. Luo and Y. Deng, Supersingular $j$-invariants and the class number of $\mathbb{Q}(\sqrt{-p})$, Int. J. Number Theory, 18 (2022), 1065-1078. doi: 10.1142/S1793042122500555.