Limitations of constructive Weil descent (Q2764233)

Since it was proposed by \textit{G. Frey} [How to disguise an elliptic curve (Weil descent), PS-file available at http://www.cacr.math.uwaterloo.ca/conferences/1998/ecc98/slides.html, ECC'98, Waterloo (1999)] the descent of Weil, as a tool to translate the discrete logarithm problem on an elliptic curve \(E\) over a finite field \(F_{q^n}\) to the discrete logarithm problem on an abelian variety over \(F_q\) (the Jacobian of a hyperelliptic curve in many instances), had generated an abundant literature.NEWLINENEWLINENEWLINEMany authors outline the two possibilities of this technique: the cryptoanalytic attack to the original elliptic logarithm problem and the design of curves suitable for cryptographic purposes [see \textit{P. Gaudry, F. Hess} and \textit{N. P. Smart}, J. Cryptology 15, 19-46 (2001; Zbl 0996.94036), \textit{S. D. Galbraith, F. Hess} and \textit{N. P. Smart}, Eurocrypt 2002, Springer, Lect. Notes Comput. Sci. 2332, 29-44 (2002) and \textit{M. Jacobson, A. Menezes} and \textit{A. Stein}, J. Ramanujan Math. Soc. 16, 231-260 (2001; Zbl 1017.11030)].NEWLINENEWLINENEWLINEThis paper explores the last application, that is to say the use of constructive Weil descent in order to find hyperelliptic curves of low genus. In a previous paper, \textit{F. Hess, G. Seroussi} and \textit{N. P. Smart} [Selected areas in cryptography, SAC 2001, Toronto, Lect. Notes Comput. Sci. 2259, 181-189 (2001)] gave a construction for genus two and three curves.NEWLINENEWLINENEWLINEThe present paper shows the limitations of such a construction, explicitly that the obtained curves are not random enough. In the author's words:NEWLINENEWLINENEWLINE``The goal of this paper (is) to give evidence that only a small proportion of all isogeny classes of Jacobians of hyperelliptic curves can be constructed using Weil descent.NEWLINENEWLINENEWLINEFurthermore, we hope to convince the reader that any generalization of constructive Weil descent to produce curves of any form (i.e. not necessarily hyperelliptic) will also produce a small proportion of the available isogeny classes of curves''. NEWLINENEWLINENEWLINEThe paper consists of an Introduction and six sections. Section 3 gives the reasons why the curves obtained with the constructive Weil descent are very special and Section 4 shows some experimental evidence for small fields \(F_{2^n}\). The following sections study the generalization mentioned above of the construction of Hess, Seroussi and Smart.NEWLINENEWLINEFor the entire collection see [Zbl 0976.00054].