Paper 2025/186

Computing Quaternion Embeddings and Endomorphism rings of Supersingular Oriented Elliptic curves

Maher Mamah, Pennsylvania State University
Abstract

In this paper, we investigate several computational problems motivated by post-quantum cryptosystems based on isogenies and ideal class group actions on oriented elliptic curves. Our main technical contribution is an efficient algorithm for embedding the ring of integers of an imaginary quadratic field \( K \) into some maximal order of the quaternion algebra \( B_{p,\infty} \) ramified at a prime \( p \) and infinity. Assuming the Generalized Riemann Hypothesis (GRH), our algorithm runs in probabilistic polynomial time, improving upon previous results that relied on heuristics or required the factorization of \( \textnormal{disc}(K) \). Notably, this algorithm may be of independent interest. Our approach enhances the work of Love and Boneh on computing isogenies between \( M \)-small elliptic curves by eliminating heuristics and improving computational efficiency. Furthermore, given a quadratic order \( \mathfrak{O} \) in \( K \), we show that our algorithm reduces the computational endomorphism ring problem of \( \mathfrak{O} \)-oriented elliptic curves to the Vectorization problem in probabilistic polynomial time, assuming the conductor of \( \mathfrak{O} \) can be efficiently factorized. Previously, the best known result required the full factorization of \( \textnormal{disc}(\mathfrak{O}) \), which may be exponentially large. Additionally, when the conductor of \( \mathfrak{O} \) can be efficiently factorized, we establish a polynomial-time equivalence between the Quaternion Order Embedding Problem, which asks to embed a quadratic order \( \mathfrak{O} \) into a maximal order in \( B_{p,\infty} \), and computing horizontal isogenies between \( \mathfrak{O} \)-oriented elliptic curves. Leveraging this reduction, we propose a rigorous algorithm, under GRH, that solves the quaternion order embedding problem in time \( \tilde{O}(|\mathrm{disc}(\mathfrak{O})|^{1/2}) \), improving upon previous methods that required higher asymptotic time and relied on several heuristics.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
isogeny-based cryptographyendomorphism ringquaternion embeddingsorientations
Contact author(s)
mmm8895 @ psu edu
History
2025-02-13: last of 4 revisions
2025-02-08: received
See all versions
Short URL
https://ia.cr/2025/186
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/186,
      author = {Maher Mamah},
      title = {Computing Quaternion Embeddings and Endomorphism rings of Supersingular Oriented Elliptic curves},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/186},
      year = {2025},
      url = {https://eprint.iacr.org/2025/186}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.