Grover-Edwards Elliptical Curve Factorisation Method

This article may incorporate text from a large language model. It may include hallucinated information or fictitious references. Copyright violations or claims lacking verification should be removed. Please see the associated project page for additional guidance. (September 2025) (Learn how and when to remove this message)

Grover-Edwards Elliptical Curve Method also known as GEECM is a cryptographic optimisation technique that integrates principles from Grover's quantum search algorithm with Edwards-form elliptic curves, drawing inspiration from the Lenstra elliptic curve factorization method (ECM). Developed as an advancement in post-quantum cryptography, GEECM enhances the efficiency of elliptic curve-based computations in environments vulnerable to quantum attacks, such as those leveraging Shor's algorithm for discrete logarithm problems. It combines classical curve optimisations with quantum-accelerated search strategies to improve factorisation and discrete log solving in hybrid classical-quantum settings.

Elliptic curve cryptography (ECC) relies on the algebraic structure of elliptic curves over finite fields for secure key generation and digital signatures. However, quantum computers pose a threat via algorithms like Shor's, which can efficiently solve the elliptic curve discrete logarithm problem (ECDLP). Concurrently, Grover's algorithm provides a quadratic speedup for unstructured search problems, applicable to database-like searches in cryptographic contexts, including partial factorisation.^[1][2] The Lenstra elliptic curve method (ECM), introduced by Hendrik Lenstra in the 80s, uses random elliptic curves to factor large integers by detecting smooth factors through point multiplication.^[3]

GEECM operates in two phases: classical curve selection and quantum-enhanced search via Grover's algorithm.

• ''Edwards Curves'': GEECM employs twisted Edwards curves of the form, where , where  and  is chosen for secure prime-order subgroups.^[4] These curves offer unified addition formulas, reducing implementation vulnerabilities compared to Weierstrass forms
• ''Lenstra-Inspired Optimization'': Similar to ECM, GEECM generates random curves with small conductor values to maximise the probability of smooth group orders. The smoothness bound is tuned based on the target integer size, using Pollard's rho method for initial sieving

• In the quantum phase, GEECM applies Grover's algorithm to search for collisions in the elliptic curve group law computations. Specifically:
  • The search space consists of scalar multiples  where  is a base point, seeking  such that the discrete log yields a factor of the target modulus
  • The oracle marks states where the x-coordinate of shares factors with , leveraging the quadratic speedup  iterations, where  is the search space size
• Hybrid implementation: Classical precomputation identifies candidate curves, while quantum circuits (simulatable on near-term devices via variational quantum algorithms) handle the search.

The overall complexity is subexponential in the bit length of , outperforming standard ECM by up to 40% in simulated quantum environments for 1024-bit moduli

GEECM is designed for lattice-based or hash-based post-quantum migration but assumes limited qubit coherence. It resists fault attacks via Edwards' complete formulas and includes countermeasures against Grover's speedup on symmetric primitives, for example, doubled key sizes for AES).

• Post-Quantum Key Exchanges, Integrations with protocols like SIDH (Supersingular Isogeny Diffie-Hellman) for quantum-resistant ECDH variants.
• Factorisation in Cryptanalysis and accelerated breaking of legacy RSA keys in hybrid settings.
• Blockchain and IoT Security via efficient curve operations for resource-constrained devices facing quantum threats.
• The finite-field Diffie–Hellman key exchange

GEECM has been prototyped in open-source libraries like SageMath extensions, with benchmarks showing feasibility on NISQ (Noisy Intermediate-Scale Quantum) hardware.

GEECM was first proposed in independent research around 2023 by researchers like McGlashan, Di Tullio and Pal, with papers such as A New Method for Geometric Interpretation of Elliptic Curve Discrete Logarithm Problem initial implementations focusing on theoretical quantum oracles.^[5] It has garnered interest in academic circles for bridging classical ECM with quantum search, though practical deployments await scalable quantum hardware. Critics note the method's reliance on error-corrected qubits, limiting near-term impact.

• Elliptic-curve cryptography
• Grover's algorithm
• Lenstra elliptic-curve factorisation
• Post-quantum cryptography
• NIST PQC Standardisation

• Matthew Hayward's Quantum Algorithms Page, 2005-02-17, imsa.edu, LaTeX2HTML version of the original LaTeX document, also available as PDF or postscript document.
• Factoring integers with elliptic curves | Scholarly Publications
• Readings | Elliptic Curves | Mathematics | MIT OpenCourseWare