The group structure of elliptic curves over Z/NZ

TL;DR

This paper classifies the group structures of elliptic curves over composite rings by analyzing their reductions modulo prime factors, providing bounds and cryptographic insights.

Contribution

It characterizes possible elliptic curve groups over Z/NZ in terms of prime reductions and introduces an isomorphism attack on ECDLP under specific conditions.

Findings

Explicit bounds on the rank of p-group elliptic curve groups.

Classification of elliptic curve groups over Z/NZ based on prime factor reductions.

An isomorphism attack on ECDLP for prime power moduli with trace one.

Abstract

We characterize the possible groups $E(\mathbb{Z}/N\mathbb{Z})$ arising from elliptic curves over $\mathbb{Z}/N\mathbb{Z}$ in terms of the groups $E(\mathbb{F}_p)$, with $p$ varying among the prime divisors of $N$. This classification is achieved by showing that the infinity part of any elliptic curve over $\mathbb{Z}/p^e\mathbb{Z}$ is a $\mathbb{Z}/p^e\mathbb{Z}$-torsor, of which a generator is exhibited. As a first consequence, when $E(\mathbb{Z}/N\mathbb{Z})$ is a $p$-group, we provide an explicit and sharp bound on its rank. As a second consequence, when $N = p^e$ is a prime power and the projected curve $E(\mathbb{F}_p)$ has trace one, we provide an isomorphism attack to the ECDLP, which works only by means of finite rings arithmetic.