Cryptography Reference
In-Depth Information
(a) Show that the points (
b, b
√
a
+2
b
)and(
b
√
a
−
b,
−
−
2
b
)haveor-
der 4.
(b) Show that at least one of
a
+2
b
,
a
2
b
,
a
2
4
b
2
is a square in
F
q
.
−
−
(c) Show that if
a
2
4
b
2
is a square in
F
q
,then
E
[2]
−
⊆
E
(
F
q
).
(d) (Suyama) Show that #
E
(
F
q
) is a multiple of 4.
(e) Let
E
be defined by
y
2
=
x
3
2
ax
2
+(
a
2
4
b
2
)
x
. Show that
E
[2]
⊆ E
(
F
q
). Conclude that #
E
(
F
q
) is a multiple of 4.
−
−
The curve
E
is isogenous to
E
via
(
x
,y
)=(
y
2
/x
2
,y
(
b
2
x
2
)
/x
2
)
−
(see the end of Section 8.6 and also Chapter 12). It can be shown that
this implies that #
E
(
F
q
)=#
E
(
F
q
). This gives another proof of the
result of part (d). The curve
E
has been used in certain elliptic curve
factorization implementations (see [19]).
4.12 Let
p
be a prime and let
E
be a supersingular elliptic curve over the
finite field
F
p
.Let
φ
p
be the Frobenius endomorphism. Show that some
power of
φ
p
is an integer. (
Note
: This is easy when
p ≥
5. The cases
p
=2
,
3 can be done by a case-by-case calculation.)
4.13 Let
E
be an elliptic curve over
F
q
. Show that Hasse's theorem can be
restated as
−
√
q
≤
#
E
(
F
q
)
1
.
4.14 Let
E
be an elliptic curve over
F
q
. Assume that
q
=
r
2
for some integer
r
. Suppose that #
E
(
F
q
)=(
r
1)
2
.Let
φ
=
φ
q
be the
q
th power
−
Frobenius endomorphism.
(a) Show that (
φ − r
)
2
=0.
(b) Show
th
at
φ−r
=0. (
Hint:
A nonzero endomorphism is surjective
on
E
(
F
q
) by Theorem 2.22.)
(c) Show that (
r −
1)
E
(
F
q
)=0.
(d) Show that
E
(
F
q
)
Z
r−
1
.
(e) Now suppose
E
is an elliptic curve over
F
q
with #
E
(
F
q
)=(
r
+1)
2
(where
q
=
r
2
). Show that
E
(
F
q
)
Z
r−
1
⊕
Z
r
+1
⊕
Z
r
+1
.
Search WWH ::
Custom Search