Cryptography Reference
In-Depth Information
13.2 Divisors
We continue to assume that
C
is a hyperelliptic curve given by (13.2) over
an algebraically closed field
K
of characteristic not equal to 2.
In general, a line intersects
C
in 2
g
+ 1 points. Therefore, when
g ≥
2, we
cannot use the method from elliptic curves to make the points on
C
into a
group, since the line through two points intersects the curve in 2
g
1 additional
points, rather than in a unique third point. Instead, we form the group of
divisors of degree 0 modulo principal divisors (that is, modulo divisors of
functions on
C
).
In order to discuss divisors of functions, we need to make precise the order
of vanishing of a function at a point. Let
P
=(
a, b
)beapointon
C
and let
t
be a function that has a simple zero at
P
.If
H
(
x, y
) is a function on
C
,write
H
=
t
r
G
,where
G
(
P
)
=0
,∞
.Then
H
has a zero of order
r
at
P
(if
r<
0,
then
H
has a pole of order
|r|
). If
P
=(
a, b
)with
b
=0,itcanbeshownthat
t
=
x − a
has a simple zero at
P
.If
b
=0,then
x − a
has a double zero, but
t
=
y
works since the function
y
has a simple zero. The intuition is that the
line
x
−
a
= 0 intersects the curve
C
nontangentially at (
a, b
) except when
b
= 0, where it is a vertical tangent to the curve. Since tangency corresponds
to higher order vanishing (as in Section 2.4), we need to use
y
instead, since
the horizontal line
y
= 0 intersects
C
at (
a,
0) nontangentially.
The functions we will work with are polynomials in
x
and
y
.Since
y
2
=
f
(
x
), we can replace
y
2
with
f
(
x
). By induction, any polynomial in
x, y
can
be reduced to a function of the form
A
(
x
)+
B
(
x
)
y
,where
A
(
x
)and
B
(
x
)are
polynomials in
x
.
We need to consider two special forms of functions.
−
PROPOSITION 13.2
(a) L et
A
(
x
)=
j
(
x − a
j
)
c
j
.Then
div(
A
(
x
)) =
j
c
j
[
P
j
]+[
w
(
P
j
)]
−
2[
∞
]
,
where
P
j
=
a
j
,
f
(
a
j
)
and
w
(
P
j
)=
a
j
, −
f
(
a
j
)
.
(b) L et
V
(
x
)
be a polynom ial.Let
f
(
x
)
− V
(
x
)
2
=
j
(
x − a
j
)
d
j
.
Then the function
y
V
(
x
)
has divisor
div
y
−
V
(
x
)
=
j
d
j
[(
a
j
,b
j
)]
]
,
−
−
[
∞
Search WWH ::
Custom Search