BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Andreas Enge

Andreas Enge contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
math.NTCryptography and Securitymath.AGMathematical Software

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
6works
0followers
4topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

6 published item(s)

preprint2014arXiv

Bilinear pairings on elliptic curves

We give an elementary and self-contained introduction to pairings on elliptic curves over finite fields. For the first time in the literature, the three different definitions of the Weil pairing are stated correctly and proved to be equivalent using Weil reciprocity. Pairings with shorter loops, such as the ate, ate$_i$, R-ate and optimal pairings, together with their twisted variants, are presented with proofs of their bilinearity and non-degeneracy. Finally, we review different types of pairings in a cryptographic context. This article can be seen as an update chapter to A. Enge, Elliptic Curves and Their Applications to Cryptography - An Introduction, Kluwer Academic Publishers 1999.

0 citations0 reviewsNo code linkedOpen access
preprint2014arXiv

Implementing cryptographic pairings at standard security levels

This study reports on an implementation of cryptographic pairings in a general purpose computer algebra system. For security levels equivalent to the different AES flavours, we exhibit suitable curves in parametric families and show that optimal ate and twisted ate pairings exist and can be efficiently evaluated. We provide a correct description of Miller's algorithm for signed binary expansions such as the NAF and extend a recent variant due to Boxall et al. to addition-subtraction chains. We analyse and compare several algorithms proposed in the literature for the final exponentiation. Finally, we ive recommendations on which curve and pairing to choose at each security level.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Generalised Weber Functions

A generalised Weber function is given by $\w_N(z) = η(z/N)/η(z)$, where $η(z)$ is the Dedekind function and $N$ is any integer; the original function corresponds to $N=2$. We classify the cases where some power $\w_N^e$ evaluated at some quadratic integer generates the ring class field associated to an order of an imaginary quadratic field. We compare the heights of our invariants by giving a general formula for the degree of the modular equation relating $\w_N(z)$ and $j(z)$. Our ultimate goal is the use of these invariants in constructing reductions of elliptic curves over finite fields suitable for cryptographic use.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Singular values of multiple eta-quotients for ramified primes

We determine the conditions under which singular values of multiple $η$-quotients of square-free level, not necessarily prime to~6, yield class invariants, that is, algebraic numbers in ring class fields of imaginary-quadratic number fields. We show that the singular values lie in subfields of the ring class fields of index $2^{k' - 1}$ when $k' \geq 2$ primes dividing the level are ramified in the imaginary-quadratic field, which leads to faster computations of elliptic curves with prescribed complex multiplication. The result is generalised to singular values of modular functions on $X_0^+ (p)$ for $p$ prime and ramified.

0 citations0 reviewsNo code linkedOpen access
preprint2007arXiv

An $L (1/3 + ε)$ Algorithm for the Discrete Logarithm Problem for Low Degree Curves

The discrete logarithm problem in Jacobians of curves of high genus $g$ over finite fields $\FF_q$ is known to be computable with subexponential complexity $L_{q^g}(1/2, O(1))$. We present an algorithm for a family of plane curves whose degrees in $X$ and $Y$ are low with respect to the curve genus, and suitably unbalanced. The finite base fields are arbitrary, but their sizes should not grow too fast compared to the genus. For this family, the group structure can be computed in subexponential time of $L_{q^g}(1/3, O(1))$, and a discrete logarithm computation takes subexponential time of $L_{q^g}(1/3+ε, o(1))$ for any positive $ε$. These runtime bounds rely on heuristics similar to the ones used in the number field sieve or the function field sieve algorithms.

0 citations0 reviewsNo code linkedOpen access