Extractors are an important ingredient in designing key exchange protocols and secure pseudorandom sequences in the standard model. Elliptic and hyperelliptic curves are gaining more and more interest due to their fast arithmetic and the fact that no subexponential attacks against the discrete logarithm problem are known. In this paper we propose two simple and efficient deterministic extractors for J(F_q), the Jacobian of a genus 2 hyperelliptic curve H defined over F_9, where q = 2~n, called the sum and product extractors. For non-supersingular hyperelliptic curves having a Jacobian with group order 2m, where m is odd, we propose the modified sum and product extractors for the main subgroup of J(F_q). We show that, if D ∈ J(F_q) is chosen uniformly at random, the bits extracted from D are indistinguishable from a uniformly random bit-string of length n.
展开▼
