# Computing Hilbert class polynomials with the Chinese remainder theorem

@article{Sutherland2009ComputingHC,
title={Computing Hilbert class polynomials with the Chinese remainder theorem},
author={Andrew V. Sutherland},
journal={Math. Comput.},
year={2009},
volume={80},
pages={501-538}
}
We present a space-efficient algorithm to compute the Hilbert class polynomial H_D(X) modulo a positive integer P, based on an explicit form of the Chinese Remainder Theorem. Under the Generalized Riemann Hypothesis, the algorithm uses O(|D|^(1/2+o(1))log P) space and has an expected running time of O(|D|^(1+o(1)). We describe practical optimizations that allow us to handle larger discriminants than other methods, with |D| as large as 10^13 and h(D) up to 10^6. We apply these results to…
105 Citations

## Figures and Tables from this paper

### Supersingular $j$-invariants and the Class Number of $\mathbb{Q}(\sqrt{-p})$

• Mathematics, Computer Science
• 2021
A deterministic algorithm is got for computing the class number of Q( √−p) if D is not a quadratic residue in Fp and the time complexity of Algorithm 3 is Õ(p1/2) if the authors use probabilistic factorization algorithms and assume the Generalized Riemann Hypothesis.

### 22.1 the Hilbert Class Polynomial

The appellation “Hilbert” is sometimes reserved for cases where D is a fundamental discriminant (in which case HD(X) is more generally called a ring class polynomial), but we shall use the term

### Constructing supersingular elliptic curves with a given endomorphism ring

• Mathematics, Computer Science
• 2014
The paper presents an algorithm that solves the computational problem of constructing a supersingular elliptic curve E over F_p such that End(E) = O by taking gcds of the reductions modulo p of Hilbert class polynomials by simultaneously match all maximal order types with their associated j-invariants.

### Some remarks on the construction of class polynomials

• Mathematics, Computer Science
• 2011
It is shown that Weber polynomials constructed with discriminants $-D \equiv 1$ (mod $8$) have the smallest height and require the least precision for their construction, and that this fact does not necessarily lead to the most efficient computations.

### Modular polynomials via isogeny volcanoes

• Mathematics, Computer Science
Math. Comput.
• 2012
This approach uses the graph of l-isogenies to eciently compute l mod p for many primes p of a suitable form, and then applies the Chinese Remainder Theorem (CRT).

### On the evaluation of modular polynomials

We present two algorithms that, given a prime ell and an elliptic curve E/Fq, directly compute the polynomial Phi_ell(j(E),Y) in Fq[Y] whose roots are the j-invariants of the elliptic curves that are

### Generalized class polynomials

• Mathematics, Computer Science
• 2022
This work introduces a generalization of class polynomials, with reduction factors that are not limited by the Br¨oker-Stevenhagen bound, and provides examples match-ing Weber’s reduction factor.

### Improved CRT Algorithm for Class Polynomials in Genus 2

This work presents a probabilistic algorithm for “going up” to a maximal curve (a curve with maximal endomorphism ring), once the authors find any curve in the right isogeny class.

### Algorithm 1 Overview of the full algorithm

Let E be an ordinary elliptic curve over a finite field and g be a positive integer. Under some technical assumptions, we give an algorithm to span the isomorphism classes of principally polarized

## References

SHOWING 1-10 OF 83 REFERENCES

### A $p$-adic algorithm to compute the Hilbert class polynomial

Classically, the Hilbert class polynomial PΔ ∈ Z[X] of an imaginary quadratic discriminant A is computed using complex analytic techniques. In 2002, Couveignes and Henocq suggested a p-adic algorithm

### A p-adic algorithm to compute the Hilbert class polynomial

A detailed description of the p-adic algorithm to compute the Hilbert class polynomial P∆ of an imaginary quadratic discriminant ∆ is given, and a careful study of the complexity shows that, if the Generalized Riemann Hypothesis holds true, the expected runtime is O(|∆|(log | ∆|)8+ε) instead of O( |∆ |1+ε).

### Computing Hilbert Class Polynomials

• Computer Science, Mathematics
ANTS
• 2008
A p-adic lifting algorithm forinert primes p in the order of discriminant D < 0.1 and an improved Chinese remainder algorithm which uses the class group action onCM-curves over finite fields are presented.

### Numerical Results on Class Groups of Imaginary Quadratic Fields

• Computer Science, Mathematics
ANTS
• 2006
Using techniques described in [3], the class number and class group structure of all imaginary quadratic fields with discriminant Δ for 0 < |Δ| < 1011 is computed.

### Factoring integers with elliptic curves

This paper is devoted to the description and analysis of a new algorithm to factor positive integers that depends on the use of elliptic curves and it is conjectured that the algorithm determines a non-trivial divisor of a composite number n in expected time at most K( p)(log n)2.

### The complexity of class polynomial computation via floating point approximations

• A. Enge
• Computer Science, Mathematics
Math. Comput.
• 2009
The complexity of computing class polynomials, that are an important ingredient for CM constructions of elliptic curves, via complex floating point approximations of their roots, is analysed, using a technique devised by Dupont to evaluate modular functions by Newton iterations on an expression involving the arithmetic-geometric mean.

### CONSTRUCTING ELLIPTIC CURVES WITH A KNOWN NUMBER OF POINTS OVER A PRIME FIELD

• Mathematics, Computer Science
• 2003
A modified version of the Chinese remainder theorem (CRT) is presented to compute HD(X) modulo n directly from the knowledge of HD( X)modulo enough small primes, suggesting that asymptotically the algorithm is an improvement over previously known methods.

### Computing modular polynomials in quasi-linear time

• A. Enge
• Computer Science
Math. Comput.
• 2009
It is shown that an algorithm relying on floating point evaluation of modular functions and on interpolation, which has received little attention in the literature, has a complexity that is essentially linear in the size of the computed polynomials.

### A rigorous subexponential algorithm for computation of class groups

• Mathematics
• 1989
Let C(-d) denote the Gauss Class Group of quadratic forms of a negative discriminant -d (or equivalently, the class group of the imaginary quadratic field Q(A/=') ). We give a rigorous proof that

### Explicit bounds for primality testing and related problems

Many number-theoretic algorithms rely on a result of Ankeny, which states that if the Extended Riemann Hypothesis (ERH) is true, any nontrivial multiplicative subgroup of the integers modulo m omits