Cryptography Reference
In-Depth Information
nR
2
=
Q
2
.Then
n
(
R
1
+
R
2
)=
Q
1
+
Q
2
,so
τ
n
(
P, Q
1
+
Q
2
)=
e
n
(
P, R
1
+
R
2
− φR
1
− φR
2
)
=
e
n
(
P, R
1
− φR
1
)
e
n
(
P, R
2
− φR
2
)
=
τ
n
(
P, Q
1
)
τ
n
(
P, Q
2
)
.
It remains to prove the nondegeneracy. This we postpone to Section 11.7.
The Tate-Lichtenbaum pairing can be used in some situations where the
Weil pairing does not apply. The Weil pairing needs
E
[
n
]
⊆ E
(
F
q
), which
implies that
μ
n
⊆
F
q
, by Corollary 3.11.
The Tate-Lichtenbaum pairing
F
q
, but only needs a point of order
n
, rather than all
of
E
[
n
], to be in
E
(
F
q
). In fact, it doesn't even need a point of order
n
.If
E
(
F
q
)[
n
] is trivial, for example, then we have a pairing between two trivial
groups.
requires that
μ
n
⊆
Exercises
3.1 Let
E
be the elliptic curve
y
2
=
x
3
+1mod 5.
(a) Compute the division polynomial
ψ
3
(
x
).
(b) Show that gcd(
x
5
x, ψ
3
(
x
)) =
x
.
(c) Use the result of part (b) to show that the 3-torsion points in
E
(
F
5
)
are
{∞,
(0
,
1)
,
(0
, −
1)
}
.
−
3.2 Let
E
be an elliptic curve in characteristic 2. Show that
E
[3]
Z
3
⊕
Z
3
.
(
Hint:
Use the formulas at the end of Section 2.8.)
3.3 Let
E
be an elliptic curve over a field of characteristic not 2. Let
E
[2] =
{∞
,P
1
,P
2
,P
3
}
. Show that
e
2
(
P
i
,P
j
)=
−
1 whenever
i
=
j
.
3.4 Let
M
and
N
be 2
×
2 matrices with
N
=
wx
.
N
=
Define
yz
z −x
−yw
(this is the adjoint matrix).
(a) Show that Trace(
M N
)=det(
M
+
N
)
−
det(
M
)
−
det(
N
).
(b) Use (a) to show that
b
2
det
N
=
ab
(det(
M
+
N
)
−
det
M −
det
N
)
a
2
det
M
det(
aM
+
bN
)
−
−
Search WWH ::
Custom Search