We now use the Weil pairing to deduce two propositions that will be used in

the proof of Hasse's theorem in Chapter 4. Recall that if α is an endomorphism

of E , then we obtain a matrix α n = ab

with entries in Z n , describing the

cd

action of α on a basis {T 1 ,T 2 } of E [ n ].

PROPOSITION 3.15

Let α be an endom orphism of an ellipticcurve E defined over a field K .

Let n be a positive integer not divisiblebythe characteristicof K .Then

det( α n ) ≡ deg( α )(mod n ) .

PROOF By Corollary 3.10, ζ = e n ( T 1 ,T 2 ) is a primitive n th root of unity.

By part (6) of Theorem 3.9, we have

ζ deg( α ) = e n ( α ( T 1 ) ,α ( T 2 )) = e n ( aT 1 + cT 2 ,bT 1 + dT 2 )

= e n ( T 1 ,T 1 ) ab e n ( T 1 ,T 2 ) ad e n ( T 2 ,T 1 ) cb e n ( T 2 ,T 2 ) cd

= ζ ad−bc ,

by the properties of the Weil pairing. Since ζ is a primitive n th root of unity,

deg( α ) ≡ ad − bc (mod n ).

As we'll see in the proof of the next result, Proposition 3.15 allows us to

reduce questions about the degree to calculations with matrices. Both Propo-

sition 3.15 and Proposition 3.16 hold for all endomorphisms, since part (6)

of Theorem 3.9 holds in general. However, we prove part (6) only for sepa-

rable endomorphisms and for the Frobenius map, which is sucient for our

purposes. We'll state Proposition 3.16 in general, and the proof is sucient

for separable endomorphisms and for all endomorphisms of the form r + sφ q

with arbitrary integers r, s .

Let α and β be endomorphisms of E and let a, b be integers. The endomor-

phism aα + bβ is defined by

( aα + bβ )( P )= aα ( P )+ bβ ( P ) .

Here aα ( P ) means multiplication on E of α ( P ) by the integer a . The result

is then added on E to bβ ( P ). This process can all be described by rational

functions, since this is true for each of the individual steps. Therefore aα + bβ

is an endomorphism.

PROPOSITION 3.16

deg( aα + bβ )= a 2 deg α + b 2 deg β + ab (deg( α + β ) − deg α − deg β ) .