Abstract. Classicaly, the Hilbert class polynomial P ∆ ∈ Z[X] of an imaginary quadratic discriminant ∆ is computed using complex analytic techniques. In 2002, Couveignes and Henocq [5] suggested a p-adic algorithm to compute P∆. Unlike the complex analytic method, it does not suffer from problems caused by rounding errors. In this paper we complete the outline given in [5] and we prove that, if the Generalized Riemann Hypothesis holds true, the expected runtime of the p-adic algorithm is eO(|∆|). We illustrate the algorithm by computing the polynomial P−639 using a 643-adic algorithm. 1.

We present a new algorithm to compute the classical modular polynomial Φl in the rings Z[X, Y] and (Z/mZ)[X, Y], for a prime l and any positive integer m. Our approach uses the graph of l-isogenies to efficiently compute Φl mod p for many primes p of a suitable form, and then applies the Chinese Remainder Theorem (CRT). Under the Generalized Riemann Hypothesis (GRH), we achieve an expected running time of O(l3 (log l) 3 log log l), and compute Φl mod m using O(l2 (log l) 2 + l2 log m) space. We have used the new algorithm to compute Φl with l over 5000, and Φl mod m with l over 20000. We also consider several modular functions g for which Φ g l is smaller than Φl, allowing us to handle l over 60000.

Abstract. We discuss the computation of coefficients of the L-series associated to a hyperelliptic curve over Q of genus at most 3, using point counting, generic group algorithms, and p-adic methods. 1

Modular polynomials are an important tool in many algorithms involving elliptic curves. In this article we investigate their generalization to the genus 2 case following pioneering work by Gaudry and Dupont. We prove various properties of these genus 2 modular polynomials and give an improved way to explicitly compute them.

Abstract. We develop a new p-adic algorithm to compute the minimal polynomial of a class invariant. Our approach works for virtually any modular function yielding class invariants. The main algorithmic tool is modular polynomials, a concept which we generalize to functions of higher level. 1.

Elliptic curve cryptosystems have become the most trusted, secure systems in widespread use today. However, the recent advent of utilizing side channel information poses an immediate and powerful threat to systems which are not prepared for this exact type of attack. Side channel analysis (SCA) attacks use some measured quantities outside the scope of the actual cryptographic algorithm, in addition to some knowledge of the algorithm used, in order to

Abstract. The modular curve X1(N) parametrizes elliptic curves with a point of order N. For N ≤ 50 we obtain plane models of X1(N) that have been optimized for fast computation, and provide explicit birational maps to transform a point on our model of X1(N) to an elliptic curve. Over a finite field, these allow us to quickly construct elliptic curves containing a point of order N, and can accelerate the search for an elliptic curve whose order is divisible by N. 1.

Abstract. The modular curve X1(N) parametrizes elliptic curves with a point of order N. For N ≤ 50 we obtain plane models for X1(N) that have been optimized for fast computation, and provide explicit birational maps to transform a point on our model of X1(N) to an elliptic curve. Over a finite field Fq, these allow us to quickly construct elliptic curves containing a point of order N, and can accelerate the search for an elliptic curve of order divisible by N. For odd N we also give a method to generate elliptic curves over Fq with order congruent to 2N mod 4N. 1.