On the distribution of the subset sum pseudorandom number generator on elliptic curves (Q2893492)

Let \({\mathcal E}\) be an elliptic curve over the finite field \({\mathbb F}_p\) of \(p\) elements. Let \(r\) be an integer, \(r\geq 2,\) and \({\mathbf P}=(P_0,\dots, P_{r-1})\in {\mathcal E}^r\).NEWLINENEWLINELet \(\bigl (u(n)\bigr)_{n=1}^{+\infty}\) be a linear recurrence sequence of order \(r\) over the field \({\mathbb F}_2\) of two elements.NEWLINENEWLINEDefine, for \(n=1,2,\dots \), NEWLINE\[NEWLINE V_{\mathbf P}(n)=\sum_{j=0}^{r-1} u(n+j)P_j~, NEWLINE\]NEWLINE where the summation symbol refers to the group operation on \({\mathcal E}\). Denote by \(x(P)\) the \(x\)th coordinate of an affine point \(P\in {\mathcal E}\) with the convention \(x(O)=0\) for the point at infinity \(O\).NEWLINENEWLINEThe authors improve the result of \textit{E. D. El-Mahassni} [Integers 8, A31, 7 p. (2008; Zbl 1226.11082)] on the distribution of the sequence \(\bigl (x(V_{\mathbf P}(n))/p\bigr)_{n\geq 1}\). In the main theorem, an upper bound for the discrepancy of the sequence \(\bigl (x(V_{\mathbf P}(n))/p\bigr)_{1\leq n\leq N}\) is established. The inequality is valid for a large number of choices of \({\mathbf P}\in {\mathcal E}^r\).