Gaudry has described a new algorithm (Gaudry's variant) for the discrete logarithm problem (DLP) in hyperelliptic curves. For a hyperelliptic curve of a small genus on a finite field GF(q), Gaudry's variant solves for the DLP in time O(q2+ε). This paper shows that Cab curves can be attacked with a modified form of Gaudry's variant and presents the timing results of such attack. However, Gaudry's variant cannot be effective in all of the Cab curve cryptosystems. This paper also provides an example of a Cab curve that is unassailable by Gaudry's variant.

This paper gives an efficient algorithm to compute addition in Jacobian of C34 curves, aiming at C34 curve cryptosystems. Using C34 curves for cryptosystems has two advantages. The first is safety and the second is the short size of the base field. In the paper, we modify the addition algorithm of for Cab curves in the specific manner to C34 curves. We classify all of the forms of the Groebner bases of ideals involved in the algorithm and eliminate the use of Buchberger algorithm from it. Our resulting algorithm computes the addition in Jacobian of C34 curves in about 3 times amount of computation of the one in elliptic curves, when the sizes of groups are set to be the same.

This paper proposes a Weil descent attack against elliptic curve cryptosystems over quartic extension fields. The scenario of the attack is as follows: First, one reduces a DLP on a Weierstrass form over the quartic extention of a finite field k to a DLP on a special form, called Scholten form, over the same field. Second, one reduces the DLP on the Scholten form to a DLP on a genus two hyperelliptic curve over the quadratic extension of k. Then, one reduces the DLP on the hyperelliptic curve to one on a Cab model over k. Finally, one obtains the discrete-log of original DLP by applying the Gaudry method to the DLP on the Cab model. In order to carry out the scenario, this paper shows that many of elliptic curve discrete-log problems over quartic extension fields of odd characteristics are reduced to genus two hyperelliptic curve discrete-log problems over quadratic extension fields, and that almost all of the genus two hyperelliptic curve discrete-log problems over quadratic extension fields of odd characteristics come under Weil descent attack. This means that many of elliptic curve cryptosystems over quartic extension fields of odd characteristics can be attacked uniformly.

This paper proposes a heuristic algorithm which, given a basis of a subspace of the space of cuspforms of weight 2 for 0(N) which is invariant for the action of the Hecke operators, tests whether the subspace corresponds to a quotient A of the jacobian of the modular curve X0(N) such that A is the jacobian of a curve C. Moreover, equations for such a curve C are computed which make the quotient suitable for applications in cryptography. One advantage of using such quotients of modular jacobians is that fast methods are known for finding their number of points over finite fields.