Cryptography Reference
In-Depth Information
applications. However, to get rid of the extra 2 in the denominator, we proceed
as follows. Induction (treating separately the various possibilities for
n
mod
4) shows that
(
x
2
+
A
)
(
n
2
−
1)
/
4
ψ
n
≡
(mod 2)
when
n
is odd
and
n
2
(
x
2
+
A
)
(
n
2
(2
y
)
−
1
ψ
n
≡
−
4)
/
4
(mod 2)
when
n
is even
.
A straightforward calculation now yields the lemma.
We now consider an elliptic curve
y
2
=
x
3
+
Ax
+
B,
4
A
3
+27
B
2
E
:
=0
.
We don't specify what ring or field the coe
cients
A, B
are in, so we continue
to treat them as variables. We regard the polynomials in
Z
[
x, y
2
,A,B
]as
polynomials in
Z
[
x, A, B
]byreplacing
y
2
with
x
3
+
Ax
+
B
. Therefore, we
write
φ
n
(
x
)and
ψ
n
(
x
). Note that
ψ
n
is not necessarily a polynomial in
x
alone, while
ψ
n
is always a polynomial in
x
.
LEMMA 3.5
φ
n
(
x
)=
x
n
2
+
low er degree term s
ψ
n
(
x
)=
n
2
x
n
2
−
1
+
low er degree term s
PROOF
In fact, we claim that
ψ
n
=
y
(
nx
(
n
2
−
4)
/
2
+
···
)if
n
is even
nx
(
n
2
−
1)
/
2
+
···
if
n
is odd.
This is proved by induction. For example, if
n
=2
m
+1 with
m
even, then
the leading term of
ψ
m
+2
ψ
3
m
is
(
m
+2)
m
3
y
4
x
(
m
+2)
2
−
4
+
3
m
2
−
12
.
2
2
Changing
y
4
to (
x
3
+
Ax
+
B
)
2
yields
(
m
+2)
m
3
x
(2
m
+1)
2
−
1
.
2
Similarly, the leading term of
ψ
m−
1
ψ
3
m
+1
is
(
m −
1)(
m
+1)
3
x
(2
m
+1)
2
−
1
.
2
Search WWH ::
Custom Search