Cryptography Reference
In-Depth Information
2
3
Table 3.4. Finite Subgroup
to En for
[]
EKy
/:
=+ ,
x
3
x
Where K = F 11
Point P
Order n
Point P
Order n
[0,0]
2
[3,6]
3
[1,9]
6
[6,5]
4
[1,2]
6
[6,6]
4
[2,5]
12
[7,1]
12
[2,6]
12
[7,10]
12
[3,5]
3
1
Let us review Mazur's theorem, by which we limit the number of groups to a ratio-
nal torsion subgroup.
Mazur's theorem: Let E be a nonsingular cubic elliptic curve, and let
E con-
tain a point P of finite order m . Then the torsion group is isomorphic to Z / nZ for
1
()
££ or n = 12 or
10
ZZZ Z
/2
´
/2
for 1
££
4.
3.9 Pairing-Based Cryptography
In recent years we have seen enormous usage of pairings in cryptography, which have
been particularly useful in implementing identity-based signature and encryption
schemes (Boneh and Boyen 2004; Boneh and Franklin 2001; Boneh and Shacham
2004; Boneh et al. 2004; Joux 2000; Sakai et al. 2000). In this section, we review Weil
and Tate pairings.
3.9.1 Divisor Theory
A divisor is the formal sum of points on the curve E : y 2 = x 3
+
Ax
+
B defined over a
finite field F p .
å
A
=
a P
[]
wh e
a
Î
Z
and
P
Î
E
(3.38)
i
i
i
i
i
The degree of the divisor is defined as
æ
ö ÷
ç
åå
÷
ç
[]
(3.39)
deg
aP
÷
a
Z
ç
÷
i
i
i
ç
÷
ç è
i
i
Search WWH ::




Custom Search