2024-11-12
11:00
Salle 2
The Humbert surface of discriminant $N^2$
A pair of elliptic curves $E/Q$ and $E’/Q$ are isogenous if and only if they have the same number of points mod $p$ for every (good) prime $p$. A conjecture of Frey and Mazur predicts that $E$ and $E’$ are isogenous if and only if they are $N$-congruent for any sufficiently large integer $N > N_0$ (i.e., $\#E(F_p) = \#E’(F_p) \bmod N$ for all good $p$). Congruences appear quite naturally in applications, for example: in isogeny-based cryptography (an abelian surface being $(N,N)$-split implies that the corresponding pair of elliptic curves are $N$-congruent); in Diophantine problems (e.g., Fermat’s last theorem); in descent obstructions (via Mazur’s notion of “visible elements of Sha”). Despite the Frey–Mazur conjecture, it is not known for which integers there exist non-isogenous $N$-congruent elliptic curves: what is $N_0$? I will discuss progress towards refining the Frey–Mazur conjecture by studying the geometry of “Humbert surfaces” which parametrise $N$-congruences.
2024-11-05
11:00
Salle 2
Arthur Herlédan Le Merdy (ÉNS Lyon)
Unconditional foundations for supersingular isogeny-based cryptography
Isogeny-based cryptography is founded on the assumption that the Isogeny problem—finding an isogeny between two given elliptic curves—is a hard problem, even for quantum computers. In the security analysis of isogeny-based schemes, various related problems naturally arise, such as computing the endomorphism ring of an elliptic curve or determining a maximal quaternion order isomorphic to it. These problems have been shown to be equivalent to the Isogeny problem, first under some heuristics and subsequently under the Generalized Riemann Hypothesis. In this talk, we present ongoing joint work with Benjamin Wesolowski, where we unconditionally prove these equivalences, notably using the new tools provided by isogenies in higher dimensions. Additionally, we show that these problems are also equivalent to finding the lattice of all isogenies between two elliptic curves. Finally, we demonstrate that if there exist hard instances of the Isogeny problem then all the previously mentioned problems are hard on average.
2024-10-15
11:00
Salle 2
The module action on abelian varieties
In a category enriched in a closed symmetric monoidal category, the power object construction, if it is representable, gives a contravariant monoidal action. We first survey the construction, due to Serre, of the power object by (projective) Hermitian modules on abelian varieties. The resulting action, when applied to a primitively oriented elliptic curve, gives a contravariant equivalence of categories (Jordan, Keeton, Poonen, Rains, Shepherd-Barron and Tate). We then give several applications of this module action: 1) We first explain how it allows to describe purely algebraically the ideal class group action on an elliptic curve or the Shimura class group action on a CM abelian variety over a finite field, without lifting to characteristic 0. 2) We then extend the usual algorithms for the ideal action to the case of modules, and use it to explore isogeny graphs of powers of an elliptic curve in dimension up to 4. This allows us to find new examples of curves with many points. (This is a joint work with Kirschmer, Narbonne and Ritzenthaler). 3) Finally, we give new applications for isogeny based cryptography. We explain how, via the Weil restriction, the supersingular isogeny path problem can be recast as a rank 2 module action inversion problem. We also propose ⊗-MIKE a novel NIKE (non interactive isogeny key exchange) that only needs to send j-invariants of supersingular curves, and compute a dimension 4 abelian variety as the shared secret.
2024-10-08
11:00
Salle 2
Computing modular polynomials by deformation
The classical modular polynomial $\Phi_N$ parametrizes pairs of elliptic curves connected by an isogeny of degree $N$. They play an important role in algorithmic number theory, and are used in many applications, for example in the SEA point counting algorithm. This talk is about a new method for computing modular polynomials. It has the same asymptotic time complexity as the currently best known algorithms, but does not rely on any heuristics. The main ideas of our algorithm are: the embedding of $N$-isogenies in smooth-degree isogenies in higher dimension, and the computation of deformations of isogenies. The talk is based on a joint work with Damien Robert.
2024-10-01
11:00
Salle 2
Equidistribution of supersingular elliptic curves with extra structure
Several algorithmic problems on supersingular elliptic curves are currently under close scrutiny. When analysing algorithms or reductions in this context, one often runs into the following type of question: given a supersingular elliptic curve $E$ and an object $x$ attached to $E$, if we consider a random large degree isogeny $f : E \to E'$ and carry the object $x$ along $f$, how is the resulting $f(x)$ distributed among the possible objects attached to $E'$? We propose a general framework to formulate this type of question precisely, and prove a general equidistribution theorem under a condition that is easy to check in practice. The proof goes from elliptic curves to quaternionic automorphic forms via an augmented Deuring correspondence, and then to classical modular forms via the Jacquet–Langlands correspondence. This is joint work with Benjamin Wesolowski.
2024-09-24
11:00
Salle 2
Additive Twisted Codes: New Distance Bounds and Infinite Families of Quantum Codes
In this talk, we present a new construction of quantum codes that enables the integration of a broader class of classical codes into the mathematical framework of quantum stabilizer codes. Next, we discuss new connections between twisted codes and linear cyclic codes and provide novel bounds for the minimum distance of twisted codes. We demonstrate that classical tools, such as the Hartmann-Tzeng minimum distance bound, are applicable to twisted codes. This has led to the discovery of five new infinite families and many other examples of record-breaking, and sometimes optimal, binary quantum codes. Additionally, we explore the role of the $\gamma$ value on the parameters of twisted codes and present new findings regarding the construction of twisted codes with different $\gamma$ values but identical parameters.
