Generation of two “independent” points on an elliptic curve of 𝑗-invariant ≠0,1728

<p> This article is dedicated to a new generation method of two “independent” <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="double-struck upper F Subscript q"> <mml:semantics> <mml:msub> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mi mathvariant="double-struck">F</mml:mi> </mml:mrow> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mspace width="negativethinmathspace"/> <mml:mi>q</mml:mi> </mml:mrow> </mml:msub> <mml:annotation encoding="application/x-tex">\mathbb {F}_{\!q}</mml:annotation> </mml:semantics> </mml:math> </inline-formula> -points <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper P 0"> <mml:semantics> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>0</mml:mn> </mml:msub> <mml:annotation encoding="application/x-tex">P_0</mml:annotation> </mml:semantics> </mml:math> </inline-formula> , <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper P 1"> <mml:semantics> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>1</mml:mn> </mml:msub> <mml:annotation encoding="application/x-tex">P_1</mml:annotation> </mml:semantics> </mml:math> </inline-formula> on almost any ordinary elliptic curve <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper E"> <mml:semantics> <mml:mi>E</mml:mi> <mml:annotation encoding="application/x-tex">E</mml:annotation> </mml:semantics> </mml:math> </inline-formula> over a finite field <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="double-struck upper F Subscript q"> <mml:semantics> <mml:msub> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mi mathvariant="double-struck">F</mml:mi> </mml:mrow> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mspace width="negativethinmathspace"/> <mml:mi>q</mml:mi> </mml:mrow> </mml:msub> <mml:annotation encoding="application/x-tex">\mathbb {F}_{\!q}</mml:annotation> </mml:semantics> </mml:math> </inline-formula> of large characteristic. In particular, the method is relevant for all standardized and real-world elliptic curves of <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="j"> <mml:semantics> <mml:mi>j</mml:mi> <mml:annotation encoding="application/x-tex">j</mml:annotation> </mml:semantics> </mml:math> </inline-formula> -invariants different from <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="0"> <mml:semantics> <mml:mn>0</mml:mn> <mml:annotation encoding="application/x-tex">0</mml:annotation> </mml:semantics> </mml:math> </inline-formula> , <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="1728"> <mml:semantics> <mml:mn>1728</mml:mn> <mml:annotation encoding="application/x-tex">1728</mml:annotation> </mml:semantics> </mml:math> </inline-formula> . The points <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper P 0"> <mml:semantics> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>0</mml:mn> </mml:msub> <mml:annotation encoding="application/x-tex">P_0</mml:annotation> </mml:semantics> </mml:math> </inline-formula> , <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper P 1"> <mml:semantics> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>1</mml:mn> </mml:msub> <mml:annotation encoding="application/x-tex">P_1</mml:annotation> </mml:semantics> </mml:math> </inline-formula> are characterized by the fact that nobody (even a generator) knows the discrete logarithm <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="log Subscript upper P 0 Baseline left-parenthesis upper P 1 right-parenthesis"> <mml:semantics> <mml:mrow> <mml:msub> <mml:mi>log</mml:mi> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>0</mml:mn> </mml:msub> </mml:mrow> </mml:msub> <mml:mo> ⁡ </mml:mo> <mml:mo stretchy="false">(</mml:mo> <mml:msub> <mml:mi>P</mml:mi> <mml:mn>1</mml:mn> </mml:msub> <mml:mo stretchy="false">)</mml:mo> </mml:mrow> <mml:annotation encoding="application/x-tex">\log _{P_0}(P_1)</mml:annotation> </mml:semantics> </mml:math> </inline-formula> in the group <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="upper E left-parenthesis double-struck upper F Subscript q Baseline right-parenthesis"> <mml:semantics> <mml:mrow> <mml:mi>E</mml:mi> <mml:mo stretchy="false">(</mml:mo> <mml:msub> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mi mathvariant="double-struck">F</mml:mi> </mml:mrow> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mspace width="negativethinmathspace"/> <mml:mi>q</mml:mi> </mml:mrow> </mml:msub> <mml:mo stretchy="false">)</mml:mo> </mml:mrow> <mml:annotation encoding="application/x-tex">E(\mathbb {F}_{\!q})</mml:annotation> </mml:semantics> </mml:math> </inline-formula> . Moreover, only one square root extraction in <inline-formula content-type="math/mathml"> <mml:math xmlns:mml="http://www.w3.org/1998/Math/MathML" alttext="double-struck upper F Subscript q"> <mml:semantics> <mml:msub> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mi mathvariant="double-struck">F</mml:mi> </mml:mrow> <mml:mrow class="MJX-TeXAtom-ORD"> <mml:mspace width="negativethinmathspace"/> <mml:mi>q</mml:mi> </mml:mrow> </mml:msub> <mml:annotation encoding="application/x-tex">\mathbb {F}_{\!q}</mml:annotation> </mml:semantics> </mml:math> </inline-formula> (instead of two ones) is required in comparison with all previous generation methods. </p>