The emergence of Picard Jacobians in cryptography (Q2771345)

Let \(C_a\) be a family of Picard curves defined over a finite field \({\mathbb F}_p\) by \(C_a : Y^3W=X^4+aXW^3\) with \(a\in{\mathbb F}_p, a\neq 0\). Let \(J(C_a)\) be the Jacobian variety of \(C_a\). The Picard curves \(C_a\) define genus \(3\) curves. In the paper under review, the Hasse-Witt matrix for \(C_a\), the isogeny structure of \(J(C_a)\), and the characteristic polynomial \(P_{\pi}(a;\lambda)\) of the Frobenius endomorphism \(\pi\) of \(J(C_a)\) relative to \({\mathbb F}_p\), are determined explicitly. One of the main results is formulated as follows. NEWLINENEWLINENEWLINETheorem: If \(p\equiv 4, 7\pmod 9\), \(p>39\), then \(J(C_a)\) is \({\mathbb F}_p\)-simple, and the formal group is of symmetric type (\(G_{1,2}+G_{2,1}\)). Furthermore, the characteristic polynomial \(P_{\pi}(a;\lambda)\) belongs to the set \(S(C_a;\mu'_2; \mu'_3; p)\) of polynomials of the form: NEWLINE\[NEWLINEP_{\pi}(\lambda;\mu_2';\mu'_3) =\lambda^6+\mu'_2p\lambda^4+\mu'_3p^2\lambda^2+p^3NEWLINE\]NEWLINE where \(\mu'_2\in\{-3,0,3\}\) and \(\mu'_3\) is an integer satisfying \(|\mu'_3|\leq 2[p^{1/2}]+1\) and \(\mu'_3\equiv 1\pmod 3\). NEWLINENEWLINENEWLINEBy the theorem \(P_{\pi}(C_a,\lambda)\) is determined up to some free parameters \(\mu'_2\) and \(\mu'_3\). Further, an algorithm is given to determine \(P_{\pi}(C_a,\lambda)\) explicit using the addition law in \(J(C_a)\) developed by \textit{E. Reinaldo Barreiro, J. Estrada Sarlabous} and \textit{J.-P. Cherdieu} [in: Coding theory, cryptography and related areas, Proc. Int. Conf., 13-28 (2000; Zbl 1012.14010)].NEWLINENEWLINENEWLINEThat many members of this family provide secure curves for cryptosystems based on discrete logarithm, is also discussed.NEWLINENEWLINEFor the entire collection see [Zbl 0969.00044].