Cryptography Reference
In-Depth Information
LEMMA 11.30
Let
A
and
B
be finiteabe ian groups (w ritten additively) such that
nx
=0
for all
x ∈ A
and for all
x ∈ B
.Supposethat there is a nondegenerate(in
botharguments) bilinear pairing
,
:
B × A → μ
n
,
where
μ
n
isthe group of
n
throotsofunity(insomefie d). Let
C
be a su bgrou p
of
B
. D efine
ψ
:
A −→
μ
n
c
∈
C
a
−→
(
···
,
c, a
,
···
)
.
Then
#
ψ
(
A
)=#
C.
PROOF
The pairing is nondegenerate, so
A
Hom(
B, μ
n
). Clearly,
Ker
ψ
=
{
a
∈
A
|
c, a
=1forall
c
∈
C
}
.
Identifying
A
with the set of homomorphisms from
B
to
μ
n
, we see that
Ker
ψ
=
{f ∈
Hom(
B, μ
n
)
| f
(
C
)=1
}.
But a homomorphism that sends
C
to1isexactlythesameasahomo-
morphism from
B/C
to
μ
n
. The set of such homomorphisms has order
#(
B/C
)=#
B/
#
C
. Therefore (see Theorem B.6 in Appendix B)
#
ψ
(
A
)=#
A/
#Ker
ψ
=#
A/
#(
B/C
)=#
C,
since #
A
=#
B
. This proves the lemma.
We can now apply the above to the elliptic curve
E
.Let
ψ
:
E
[
n
]
−→
μ
n
P
∈
E
(
F
q
)[
n
]
Q −→
(
··· ,e
n
(
P, Q
)
, ···
)
.
LEMMA 11.31
Let
φ
=
φ
q
be the
q
th pow er Frobenius endom orphism
of
E
.Then
Ker
ψ
=
(
φ −
1)
E
[
n
]
.
Search WWH ::
Custom Search