Pseudorandom Bits From Points on Elliptic Curves

Let E be an elliptic curve over a finite field F_q of q elements, with gcd(q,6)=1, given by an affine Weierstraß equation. We use x(P) to denote the x-component of a point P=(x(P),y(P)) ∈ E. We estimate character sums of the form Σ_n=1^Nχ(x(nP)x(nQ)) and Σ_n1,⋯,nk=1^Nψ(Σ_j=1^k c_jx((Π_i=1^j n_i)R)) on average over all F_q rational points P, Q, and R on E, where χ is a quadratic character, ψ is a nontrivial additive character in F_q, and (c₁,..., c_k) ∈ F_q^k is a nonzero vector. These bounds confirm several recent conjectures of Jao, Jetchev, and Venkatesan, related to extracting random bits from various sequences of points on the elliptic curves.