Cryptography Reference
In-Depth Information
security professionals and developers, and also to the more mathematically advanced
[26, 53, 81].
11.1 Elliptic Curves and Their Group Structure
In this section we analyze the basic properties of elliptic curves and their group
structure.
11.1.1 Definition of Elliptic Curve
We start with a simple definition of elliptic curves that will be sufficient for our
purposes; for more general definitions see, for example [181]. For simplicity we will
also assume that our curves are defined over a field of characteristic
=
2
,
3, although
the definition can easily be extended to cover these cases.
F
=
,
Definition 11.1 An elliptic curve E over a field
of characteristic
2
3isthe
curve associated with an equation of the form:
y 2
x 3
=
+
ax
+
b
,
and 4 a 3
27 b 2
where a
,
b
∈ F
+
=
0. This equation is called the Weierstrass equation
of the curve. If
K
is an extension field of
F
(i.e., a field containing
F
which may be
equal to
F
itself) then the set of
K
-rational points of E is:
2
y 2
x 3
E
( K ) ={ O }∪{ (
x
,
y
) ∈ K
|
=
+
ax
+
b
} ,
where
is a special point called the point at infinity and the remaining points are
those in the affine plane
O
2 that satisfy the curve equation.
K
Remark 11.1 Note that the term
K
-rational used in the previous definition does not
Q
K
=
,
refer to the rational field
,as
can be any field of characteristic
2
3. Elliptic
Q
curves over
are often referred to as rational elliptic curves.
that gives a group structure
to this set. But before proceeding to do so, a few comments on several details of the
previous definition are in order. The first is that, while in practice we will work with
the group structure defined on the set E
Our next objective is to define the operation on E
( K )
and the same curve may be defined by
different equations, we will always use the Weierstrass equation to represent it.
The most natural way to introduce the point at infinity,
( K )
, is by viewing elliptic
curves as projective curves in the projective plane, as can be seen in the references.
For simplicity, we shall keep the 'affine version' as in the definition above and,
O
 
Search WWH ::




Custom Search