Machine learning for moduli space of genus two curves and an application to post-quantum cryptography

We apply transformer models and feedforward neural networks to predict Frobenius traces $a_p$ from elliptic curves given other traces $a_q$. We train further models to predict $a_p \bmod 2$ from $a_q \bmod 2$, and cross-analysis such as $a_p \bmod 2$ from $a_q$. Our experiments reveal that these models achieve high accuracy, even in the absence of explicit number-theoretic tools like functional equations of $L$-functions. We also present partial interpretability findings.

Genus 2 curves have been an object of much mathematical interest since eighteenth century and continued interest to date. They have become an important tool in many algorithms in cryptographic applications, such as factoring large numbers, hyperelliptic curve cryptography, etc. Choosing genus 2 curves suitable for such applications is an important step of such algorithms. In existing algorithms often such curves are chosen using equations of moduli spaces of curves with decom...

We show that standard machine-learning algorithms may be trained to predict certain invariants of low genus arithmetic curves. Using datasets of size around one hundred thousand, we demonstrate the utility of machine-learning in classification problems pertaining to the BSD invariants of an elliptic curve (including its rank and torsion subgroup), and the analogous invariants of a genus 2 curve. Our results show that a trained machine can efficiently classify curves according...

How can Transformers model and learn enumerative geometry? What is a robust procedure for using Transformers in abductive knowledge discovery within a mathematician-machine collaboration? In this work, we introduce a new paradigm in computational enumerative geometry in analyzing the $\psi$-class intersection numbers on the moduli space of curves. By formulating the enumerative problem as a continuous optimization task, we develop a Transformer-based model for computing $\psi...

We build a database of genus 2 curves defined over $\mathbb Q$ which contains all curves with minimal absolute height $h \leq 5$, all curves with moduli height $\mathfrak h \leq 20$, and all curves with extra automorphisms in standard form $y^2=f(x^2)$ defined over $\mathbb Q$ with height $h \leq 101$. For each isomorphism class in the database, an equation over its minimal field of definition is provided, the automorphism group of the curve, Clebsch and Igusa invariants. The...

Genus 2 curves are useful in cryptography for both discrete-log based and pairing-based systems, but a method is required to compute genus 2 curves such that the Jacobian has a given number of points. Currently, all known methods involve constructing genus 2 curves with complex multiplication via computing their three Igusa class polynomials. These polynomials have rational coefficients and require extensive computation and precision to compute. Both the computation and the c...

We describe the construction of a database of genus 2 curves of small discriminant that includes geometric and arithmetic invariants of each curve, its Jacobian, and the associated L-function. This data has been incorporated into the L-Functions and Modular Forms Database (LMFDB).

A genus 2 curve $C$ has an elliptic subcover if there exists a degree $n$ maximal covering $\psi: C \to E$ to an elliptic curve $E$. Degree $n$ elliptic subcovers occur in pairs $(E, E')$. The Jacobian $J_C$ of $C$ is isogenous of degree $n^2$ to the product $E \times E'$. We say that $J_C$ is $(n, n)$-split. The locus of $C$, denoted by $\L_n$, is an algebraic subvariety of the moduli space $\M_2$. The space $\L_2$ was studied in Shaska/V\"olklein and Gaudry/Schost. The spac...

We apply some of the latest techniques from machine-learning to the arithmetic of hyperelliptic curves. More precisely we show that, with impressive accuracy and confidence (between 99 and 100 percent precision), and in very short time (matter of seconds on an ordinary laptop), a Bayesian classifier can distinguish between Sato-Tate groups given a small number of Euler factors for the L-function. Our observations are in keeping with the Sato-Tate conjecture for curves of low ...

These lectures notes were written for a summer school on Mathematics for post-quantum cryptography in Thi\`es, Senegal. They try to provide a guide for Masters' students to get through the vast literature on elliptic curves, without getting lost on their way to learning isogeny based cryptography. They are by no means a reference text on the theory of elliptic curves, nor on cryptography; students are encouraged to complement these notes with some of the books recommended in ...