Cryptography Reference
In-Depth Information
First, we give a way to construct elements of
H
1
(
G,
E
(
Q
)). Let
C
be a
curve defined over
Q
such that
C
is isomorphic to
E
over
Q
. This means th
at
thereisamap
φ
:
E
C
given by rational functions with coe
cients in
Q
and an invers
e f
unction
φ
−
1
→
:
C
→
E
also given by rational functions with
G
,andlet
φ
g
denote the map obtained by applying
g
to the coecients of the rational functions defining
φ
.Since
C
is defined
over
Q
,themap
φ
g
coe
cients in
Q
.Let
g
∈
maps
E
to
gC
=
C
. Note that
g
(
φ
(
P
)) = (
φ
g
)(
gP
)
(8.19)
for all
P ∈ E
(
Q
), since the expression
g
(
φ
(
P
)) means we apply
g
to ev-
erything, while
φ
g
means applying
g
to the coecients of
φ
and
gP
means
applying
g
to
P
.
We have to be a little careful when applying
g
1
g
2
. The rule is
φ
g
1
g
2
=(
φ
g
2
)
g
1
,
since applying
g
1
g
2
to the coe
cients of
φ
means first applying
g
2
, then ap-
plying
g
1
to the result.
We say that a map
φ
is
defined over Q
if
φ
g
(
P
)=
φ
(
P
) for all
P
∈
E
(
Q
)
and all
g
G
(this is equivalent to saying that the coe
cients of the rational
functions defining
φ
can be taken to be in
Q
, though proving this requires
results such as Hilbert's Theorem 90).
The map
φ
−
1
φ
g
gives a map from
E
to
E
.Wea
ss
umethefollowing:
A ssu m ption:
Assume that there is a point
T
g
∈
∈
E
(
Q
) such that
φ
−
1
(
φ
g
(
P
)) =
P
+
T
g
(8.20)
for all
P ∈ E
(
Q
). Equation (8.20) can be rewritten as
φ
g
(
P
)=
φ
(
P
+
T
g
)
(8.21)
for all
P ∈ E
(
Q
). If we let
P
=(
φ
g
)
−
1
(
Q
) for a point
Q ∈ C
(
Q
), then the
assumption becomes
φ
−
1
(
Q
)=(
φ
g
)
−
1
(
Q
)+
T
g
,
(8.22)
which says that
φ
−
1
and (
φ
g
)
−
1
differ by a translation. We'll give an example
of such a map
φ
below.
LEMMA 8.32
D efine
τ
φ
:
G → E
(
Q
)
by
τ
φ
(
g
)=
T
g
.Then
τ
φ
∈ Z
(
G, E
(
Q
))
.
Search WWH ::
Custom Search