Cryptography Reference
In-Depth Information
have nonzero derivative. In characteristic
p>
0, the polynomials with zero
derivative are exactly those of the form
g
(
x
p
).)
Example 2.5
We continue with the previous example, where
α
(
P
)=2
P
.Wehave
R
1
(
x, y
)=
3
x
2
+
A
2
−
2
x.
2
y
The fact that
y
2
=
x
3
+
Ax
+
B
, plus a little algebraic manipulation, yields
r
1
(
x
)=
x
4
−
2
Ax
2
−
8
Bx
+
A
2
4(
x
3
+
Ax
+
B
)
.
(This is the same as the expression in terms of division polynomials that will
be given in Section 3.2.) Therefore, deg(
α
) = 4. The polynomial
q
(
x
)=
4(3
x
2
+
A
) is not zero (including in characteristic 3, since if
A
=0then
x
3
+
B
has multiple roots, contrary to assumption). Therefore
α
is separable.
Example 2.6
Let's repeat the previous example, but in characteristic 2. We'll use the
formulas from Section 2.8 for doubling a point. First, let's look at
y
2
+
xy
=
x
3
+
a
2
x
2
+
a
6
.Wehave
α
(
x, y
)=(
r
1
(
x
)
,R
2
(
x, y
))
with
r
1
(
x
)=(
x
4
+
a
6
)
/x
2
. Therefore deg(
α
) = 4. Since
p
(
x
)=4
x
3
=0and
q
(
x
)=2
x
= 0, the endomorphism
α
is not separable.
Similarly, in the case
y
2
+
a
3
y
=
x
3
+
a
4
x
+
a
6
,wehave
r
1
(
x
)=(
x
4
+
a
4
)
/a
3
.
Therefore, deg(
α
) = 4, but
α
is not separable.
In general, in characteristic
p
,themap
α
(
Q
)=
pQ
has degree
p
2
and is not
separable. The statement about the degree is Corollary 3.7. The fact that
α
is not separable is proved in Proposition 2.28.
An important example of an endomorphism is the
Frobenius map
. Sup-
pose
E
is defined over the finite field
F
q
.Let
φ
q
(
x, y
)=(
x
q
,y
q
)
.
The Frobenius map
φ
q
plays a crucial role in the theory of elliptic curves over
F
q
.
LEMMA 2.20
Let
E
be defined over
F
q
.Then
φ
q
is an endom orphism
of
E
of degree
q
,
and
φ
q
is not separable.
Search WWH ::
Custom Search