ANTS / 5 / 20 Katsuyuki Takashima Mitsubishi Electric
Size: px
Start display at page:

Download "ANTS / 5 / 20 Katsuyuki Takashima Mitsubishi Electric"

Transcription

1 Efficiently Computable Distortion Maps for Supersingular Curves ANTS / 5 / 20 Katsuyuki Takashima Mitsubishi Electric 1

2 Our results Galbraith-Pujolas-Ritzenthaler-Smith [GPRS] gave unsolved problems on distortion maps for special supersingular curves. We solve them based on explicit construction of a basis of - vector space consisting of eigenvectors of the Frobenius endomorphism ( -eigenvector basis ) a -basis of - vector space We explicitly determine the discrete logarithms of the Weil pairing to one base where We obtain an efficiently constructible (semi-)symplectic -eigenvector basis. 2

3 Agenda Target supersingular curves Distortion maps Computational problems on distortion maps Results and unsolved problem given in [GPRS] Our approach Our results on Our results on Conclusions 3

4 Target supersingular curves : proj., nonsingular, geom. irred. curve. Def. Def. :supersingular :supersingular isogeneous to a product of supersingular elliptic curves prime, prime s.t. -power Frobenius endomorphism action of a primitive -th root of unity induced by on on -power Frobenius endomorphism Action of an extra-special 2-group of order 32 [vdgvdv]. 4

5 Distortion maps : prime s.t. s.t. : nondegenerate bilinear pairing from to Definition [GPRS] For a pair is called a distortion map. Theorem 1 [GPRS] Let be a target supersingular curve. endo. of endo. defined over - vector space In particular, for every pair there exists a distortion map 5

6 Computational problems on distortion maps Theorem 1 doesn t assure the existence of an efficiently computable distortion map. Computational problem 1 For every pair a distortion map can we efficiently compute? Cf. [GR] for the case of supersingular elliptic curves. Computational problem 2 Is there a basis of s.t. are efficiently computable? Basis in problem 2 an answer (efficient algorithm) to problem 1. 6

7 Results and unsolved problem given in [GPRS] [GPRS] gave bases of For For -vector space for target curves. is a and are -basis. -bases. Unsolved problem given in [GPRS] Are the above and -bases of? We show that it holds for 1-st curve when and 2-nd curve when by using a direct approach different from theirs. positive answer to problem 2 (and 1) for target curves. 7

8 Our approach We construct a with a nonzero -eigenvector basis of and explicit generating operators s.t. For example, for are given by Gauss sums for the 1-st curve. We show that are invertible and are also efficiently computable. A key fact: : projection to Since where are eigenvalues of where : matrix units w.r.t. we know that (and ) are -bases of 8

9 Our results on. where We show that is a -basis of when for (it holds if ) -eigenvector basis of 1. Generate a nonzero 2. for : Gauss sum operator multiplicative character of of order additive character of 9

10 Our results on. where is a -eigenvector basis of where and is a Jacobi sum. is a basis of From and for we see that is a basis of

11 Fundamental properties of the Weil pairing. where and : the dual of e.g. [Mil, p.132] In particular, we use the following two cases. For example, we calculate 11

12 Weil pairing on. Using the fundamental properties of we obtain where and when for any nonzero for (Corollary 2) If we normalize to for we obtain an efficiently constructible (semi-)symplectic basis w.r.t. the Weil pairing. 12

13 . (full) embedding degree for is 12, i.e., order of is 12. Action of an extra-special 2-group of order 32. For any where is a root of the quadratic eq. The dihedral subgroup of order 8. 13

14 Our results on. where We show that and are -bases of when We consider the following 1. Generate a nonzero 2. where and 14

15 Our results on. when (Lemma 5) A basis of consisting of eigenvectors of for when for is a -eigenvector basis of 15

16 Our results on. and are since -bases of is the dihedral group. By the fundamental properties of : (semi-)symplectic basis w.r.t. the Weil pairing 16

17 Conclusions We proved several facts on distortion maps given in [GPRS]. Our explicit results seem useful to use - dim. vector space in cryptography. Can we obtain a similar or general result for a broader class of curves? Cf. [GR] Is there another application of our results? 17

Similar documents

Constructing Abelian Varieties for Pairing-Based Cryptography

Constructing Abelian Varieties for Pairing-Based Cryptography for Pairing-Based CWI and Universiteit Leiden, Netherlands Workshop on Pairings in Arithmetic Geometry and 4 May 2009 s MNT MNT Type s What is pairing-based cryptography? Pairing-based cryptography refers

More information

A New Approach on Bilinear Pairings and Its Applications. Tatsuaki Okamoto

A New Approach on Bilinear Pairings and Its Applications. Tatsuaki Okamoto A New Approach on Bilinear Pairings and Its Applications Tatsuaki Okamoto Who Used Bilinear Pairings in Cryptography for the First Time? Are Alfred Menezes, O. and Scott Vanstone such persons by their

More information

Genus 2 Curves of p-rank 1 via CM method

Genus 2 Curves of p-rank 1 via CM method School of Mathematical Sciences University College Dublin Ireland and Claude Shannon Institute April 2009, GeoCrypt Joint work with Laura Hitt, Michael Naehrig, Marco Streng Introduction This talk is about

More information

GENERATORS OF JACOBIANS OF GENUS TWO CURVES

GENERATORS OF JACOBIANS OF GENUS TWO CURVES GENERATORS OF JACOBIANS OF GENUS TWO CURVES CHRISTIAN ROBENHAGEN RAVNSHØJ Abstract. We prove that in most cases relevant to cryptography, the Frobenius endomorphism on the Jacobian of a genus two curve

More information

Ate Pairing on Hyperelliptic Curves

Ate Pairing on Hyperelliptic Curves Ate Pairing on Hyperelliptic Curves R. Granger, F. Hess, R. Oyono, N. Thériault F. Vercauteren EUROCRYPT 2007 - Barcelona Pairings Pairings Let G 1, G 2, G T be groups of prime order l. A pairing is a

More information

Background of Pairings

Background of Pairings Background of Pairings Tanja Lange Department of Mathematics and Computer Science Technische Universiteit Eindhoven The Netherlands tanja@hyperelliptic.org 04.09.2007 Tanja Lange Background of Pairings

More information

Mappings of elliptic curves

Mappings of elliptic curves Mappings of elliptic curves Benjamin Smith INRIA Saclay Île-de-France & Laboratoire d Informatique de l École polytechnique (LIX) Eindhoven, September 2008 Smith (INRIA & LIX) Isogenies of Elliptic Curves

More information

NUNO FREITAS AND ALAIN KRAUS

NUNO FREITAS AND ALAIN KRAUS ON THE DEGREE OF THE p-torsion FIELD OF ELLIPTIC CURVES OVER Q l FOR l p NUNO FREITAS AND ALAIN KRAUS Abstract. Let l and p be distinct prime numbers with p 3. Let E/Q l be an elliptic curve with p-torsion

More information

Explicit Complex Multiplication

Explicit Complex Multiplication Explicit Complex Multiplication Benjamin Smith INRIA Saclay Île-de-France & Laboratoire d Informatique de l École polytechnique (LIX) Eindhoven, September 2008 Smith (INRIA & LIX) Explicit CM Eindhoven,

More information

Optimised versions of the Ate and Twisted Ate Pairings

Optimised versions of the Ate and Twisted Ate Pairings Optimised versions of the Ate and Twisted Ate Pairings Seiichi Matsuda 1, Naoki Kanayama 1, Florian Hess 2, and Eiji Okamoto 1 1 University of Tsukuba, Japan 2 Technische Universität Berlin, Germany Abstract.

More information

Computing isogeny graphs using CM lattices

Computing isogeny graphs using CM lattices Computing isogeny graphs using CM lattices David Gruenewald GREYC/LMNO Université de Caen GeoCrypt, Corsica 22nd June 2011 Motivation for computing isogenies Point counting. Computing CM invariants. Endomorphism

More information

Isogenies in a quantum world

Isogenies in a quantum world Isogenies in a quantum world David Jao University of Waterloo September 19, 2011 Summary of main results A. Childs, D. Jao, and V. Soukharev, arxiv:1012.4019 For ordinary isogenous elliptic curves of equal

More information

Galois Representations

Galois Representations Galois Representations Samir Siksek 12 July 2016 Representations of Elliptic Curves Crash Course E/Q elliptic curve; G Q = Gal(Q/Q); p prime. Fact: There is a τ H such that E(C) = C Z + τz = R Z R Z. Easy

More information

HONDA-TATE THEOREM FOR ELLIPTIC CURVES

HONDA-TATE THEOREM FOR ELLIPTIC CURVES HONDA-TATE THEOREM FOR ELLIPTIC CURVES MIHRAN PAPIKIAN 1. Introduction These are the notes from a reading seminar for graduate students that I organised at Penn State during the 2011-12 academic year.

More information

CONSTRUCTING SUPERSINGULAR ELLIPTIC CURVES. Reinier Bröker

CONSTRUCTING SUPERSINGULAR ELLIPTIC CURVES. Reinier Bröker CONSTRUCTING SUPERSINGULAR ELLIPTIC CURVES Reinier Bröker Abstract. We give an algorithm that constructs, on input of a prime power q and an integer t, a supersingular elliptic curve over F q with trace

More information

DISCRETE SUBGROUPS, LATTICES, AND UNITS.

DISCRETE SUBGROUPS, LATTICES, AND UNITS. DISCRETE SUBGROUPS, LATTICES, AND UNITS. IAN KIMING 1. Discrete subgroups of real vector spaces and lattices. Definitions: A lattice in a real vector space V of dimension d is a subgroup of form: Zv 1

More information

ON ISOGENY GRAPHS OF SUPERSINGULAR ELLIPTIC CURVES OVER FINITE FIELDS

ON ISOGENY GRAPHS OF SUPERSINGULAR ELLIPTIC CURVES OVER FINITE FIELDS ON ISOGENY GRAPHS OF SUPERSINGULAR ELLIPTIC CURVES OVER FINITE FIELDS GORA ADJ, OMRAN AHMADI, AND ALFRED MENEZES Abstract. We study the isogeny graphs of supersingular elliptic curves over finite fields,

More information

Aspects of Pairing Inversion

Aspects of Pairing Inversion Applications of Aspects of ECC 2007 - Dublin Aspects of Applications of Applications of Aspects of Applications of Pairings Let G 1, G 2, G T be groups of prime order r. A pairing is a non-degenerate bilinear

More information

A Field Extension as a Vector Space

A Field Extension as a Vector Space Chapter 8 A Field Extension as a Vector Space In this chapter, we take a closer look at a finite extension from the point of view that is a vector space over. It is clear, for instance, that any is a linear

More information

Constructing Families of Pairing-Friendly Elliptic Curves

Constructing Families of Pairing-Friendly Elliptic Curves Constructing Families of Pairing-Friendly Elliptic Curves David Freeman Information Theory Research HP Laboratories Palo Alto HPL-2005-155 August 24, 2005* cryptography, pairings, elliptic curves, embedding

More information

TC10 / 3. Finite fields S. Xambó

TC10 / 3. Finite fields S. Xambó TC10 / 3. Finite fields S. Xambó The ring Construction of finite fields The Frobenius automorphism Splitting field of a polynomial Structure of the multiplicative group of a finite field Structure of the

More information

COMPRESSION FOR TRACE ZERO SUBGROUPS OF ELLIPTIC CURVES

COMPRESSION FOR TRACE ZERO SUBGROUPS OF ELLIPTIC CURVES COMPRESSION FOR TRACE ZERO SUBGROUPS OF ELLIPTIC CURVES A. SILVERBERG Abstract. We give details of a compression/decompression algorithm for points in trace zero subgroups of elliptic curves over F q r,

More information

LECTURE 2 FRANZ LEMMERMEYER

LECTURE 2 FRANZ LEMMERMEYER LECTURE 2 FRANZ LEMMERMEYER Last time we have seen that the proof of Fermat s Last Theorem for the exponent 4 provides us with two elliptic curves (y 2 = x 3 + x and y 2 = x 3 4x) in the guise of the quartic

More information

USING ABELIAN VARIETIES TO IMPROVE PAIRING-BASED CRYPTOGRAPHY

USING ABELIAN VARIETIES TO IMPROVE PAIRING-BASED CRYPTOGRAPHY USING ABELIAN VARIETIES TO IMPROVE PAIRING-BASED CRYPTOGRAPHY K. RUBIN AND A. SILVERBERG Abstract. We show that supersingular abelian varieties can be used to obtain higher MOV security per bit, in all

More information

14 Ordinary and supersingular elliptic curves

14 Ordinary and supersingular elliptic curves 18.783 Elliptic Curves Spring 2015 Lecture #14 03/31/2015 14 Ordinary and supersingular elliptic curves Let E/k be an elliptic curve over a field of positive characteristic p. In Lecture 7 we proved that

More information

Counting points on genus 2 curves over finite

Counting points on genus 2 curves over finite Counting points on genus 2 curves over finite fields Chloe Martindale May 11, 2017 These notes are from a talk given in the Number Theory Seminar at the Fourier Institute, Grenoble, France, on 04/05/2017.

More information

GALOIS GROUPS ATTACHED TO POINTS OF FINITE ORDER ON ELLIPTIC CURVES OVER NUMBER FIELDS (D APRÈS SERRE)

GALOIS GROUPS ATTACHED TO POINTS OF FINITE ORDER ON ELLIPTIC CURVES OVER NUMBER FIELDS (D APRÈS SERRE) GALOIS GROUPS ATTACHED TO POINTS OF FINITE ORDER ON ELLIPTIC CURVES OVER NUMBER FIELDS (D APRÈS SERRE) JACQUES VÉLU 1. Introduction Let E be an elliptic curve defined over a number field K and equipped

More information

Counting points on elliptic curves over F q

Counting points on elliptic curves over F q Counting points on elliptic curves over F q Christiane Peters DIAMANT-Summer School on Elliptic and Hyperelliptic Curve Cryptography September 17, 2008 p.2 Motivation Given an elliptic curve E over a finite

More information

Since G is a compact Lie group, we can apply Schur orthogonality to see that G χ π (g) 2 dg =

Since G is a compact Lie group, we can apply Schur orthogonality to see that G χ π (g) 2 dg = Problem 1 Show that if π is an irreducible representation of a compact lie group G then π is also irreducible. Give an example of a G and π such that π = π, and another for which π π. Is this true for

More information

Constructing Pairing-Friendly Elliptic Curves for Cryptography

Constructing Pairing-Friendly Elliptic Curves for Cryptography Constructing Pairing-Friendly Elliptic Curves for Cryptography University of California, Berkeley, USA 2nd KIAS-KMS Summer Workshop on Cryptography Seoul, Korea 30 June 2007 Outline 1 Pairings in Cryptography

More information

Weil Representations of Finite Fields

Weil Representations of Finite Fields Weil Representations of Finite Fields Tim Tzaneteas December, 005 1 Introduction These notes present some of the results of a paper by Paul Gérardin [1] concerning the representations of matrix groups

More information

Optimal TNFS-secure pairings on elliptic curves with even embedding degree

Optimal TNFS-secure pairings on elliptic curves with even embedding degree Optimal TNFS-secure pairings on elliptic curves with even embedding degree Georgios Fotiadis 1 and Chloe Martindale 2 1 University of the Aegean, Greece gfotiadis@aegean.gr 2 Technische Universiteit Eindhoven,

More information

Three-dimensional imprimitive representations of PSL 2 (Z) and their associated vector-valued modular forms

Three-dimensional imprimitive representations of PSL 2 (Z) and their associated vector-valued modular forms Three-dimensional imprimitive representations of PSL 2 (Z) and their associated vector-valued modular forms U-M Automorphic forms workshop, March 2015 1 Definition 2 3 Let Γ = PSL 2 (Z) Write ( 0 1 S =

More information

The Spinor Representation

The Spinor Representation The Spinor Representation Math G4344, Spring 2012 As we have seen, the groups Spin(n) have a representation on R n given by identifying v R n as an element of the Clifford algebra C(n) and having g Spin(n)

More information

ALGEBRA QUALIFYING EXAM PROBLEMS LINEAR ALGEBRA

ALGEBRA QUALIFYING EXAM PROBLEMS LINEAR ALGEBRA ALGEBRA QUALIFYING EXAM PROBLEMS LINEAR ALGEBRA Kent State University Department of Mathematical Sciences Compiled and Maintained by Donald L. White Version: August 29, 2017 CONTENTS LINEAR ALGEBRA AND

More information

10 l-adic representations

10 l-adic representations 0 l-adic representations We fix a prime l. Artin representations are not enough; l-adic representations with infinite images naturally appear in geometry. Definition 0.. Let K be any field. An l-adic Galois

More information

FORMAL GROUPS OF CERTAIN Q-CURVES OVER QUADRATIC FIELDS

FORMAL GROUPS OF CERTAIN Q-CURVES OVER QUADRATIC FIELDS Sairaiji, F. Osaka J. Math. 39 (00), 3 43 FORMAL GROUPS OF CERTAIN Q-CURVES OVER QUADRATIC FIELDS FUMIO SAIRAIJI (Received March 4, 000) 1. Introduction Let be an elliptic curve over Q. We denote by ˆ

More information

Non-generic attacks on elliptic curve DLPs

Non-generic attacks on elliptic curve DLPs Non-generic attacks on elliptic curve DLPs Benjamin Smith Team GRACE INRIA Saclay Île-de-France Laboratoire d Informatique de l École polytechnique (LIX) ECC Summer School Leuven, September 13 2013 Smith

More information

c Copyright 2012 Wenhan Wang

c Copyright 2012 Wenhan Wang c Copyright 01 Wenhan Wang Isolated Curves for Hyperelliptic Curve Cryptography Wenhan Wang A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy University

More information

Isogeny graphs, modular polynomials, and point counting for higher genus curves

Isogeny graphs, modular polynomials, and point counting for higher genus curves Isogeny graphs, modular polynomials, and point counting for higher genus curves Chloe Martindale July 7, 2017 These notes are from a talk given in the Number Theory Seminar at INRIA, Nancy, France. The

More information

Notes on nilpotent orbits Computational Theory of Real Reductive Groups Workshop. Eric Sommers

Notes on nilpotent orbits Computational Theory of Real Reductive Groups Workshop. Eric Sommers Notes on nilpotent orbits Computational Theory of Real Reductive Groups Workshop Eric Sommers 17 July 2009 2 Contents 1 Background 5 1.1 Linear algebra......................................... 5 1.1.1

More information

Some Efficient Algorithms for the Final Exponentiation of η T Pairing

Some Efficient Algorithms for the Final Exponentiation of η T Pairing Some Efficient Algorithms for the Final Exponentiation of η T Pairing Masaaki Shirase 1, Tsuyoshi Takagi 1, and Eiji Okamoto 2 1 Future University-Hakodate, Japan 2 University of Tsukuba, Japan Abstract.

More information

12x + 18y = 30? ax + by = m

12x + 18y = 30? ax + by = m Math 2201, Further Linear Algebra: a practical summary. February, 2009 There are just a few themes that were covered in the course. I. Algebra of integers and polynomials. II. Structure theory of one endomorphism.

More information

Parameterization of Edwards curves on the rational field Q with given torsion subgroups. Linh Tung Vo

Parameterization of Edwards curves on the rational field Q with given torsion subgroups. Linh Tung Vo Parameterization of Edwards curves on the rational field Q with given torsion subgroups Linh Tung Vo Email: vtlinh@bcy.gov.vn Abstract. This paper presents the basic concepts of the Edwards curves, twisted

More information

Symplectic Structures in Quantum Information

Symplectic Structures in Quantum Information Symplectic Structures in Quantum Information Vlad Gheorghiu epartment of Physics Carnegie Mellon University Pittsburgh, PA 15213, U.S.A. June 3, 2010 Vlad Gheorghiu (CMU) Symplectic struct. in Quantum

More information

L-Polynomials of Curves over Finite Fields

L-Polynomials of Curves over Finite Fields School of Mathematical Sciences University College Dublin Ireland July 2015 12th Finite Fields and their Applications Conference Introduction This talk is about when the L-polynomial of one curve divides

More information

FINDING COMPOSITE ORDER ORDINARY ELLIPTIC CURVES USING THE COCKS-PINCH METHOD

FINDING COMPOSITE ORDER ORDINARY ELLIPTIC CURVES USING THE COCKS-PINCH METHOD FINDING COMPOSITE ORDER ORDINARY ELLIPTIC CURVES USING THE COCKS-PINCH METHOD D. BONEH, K. RUBIN, AND A. SILVERBERG Abstract. We apply the Cocks-Pinch method to obtain pairing-friendly composite order

More information

Fast, twist-secure elliptic curve cryptography from Q-curves

Fast, twist-secure elliptic curve cryptography from Q-curves Fast, twist-secure elliptic curve cryptography from Q-curves Benjamin Smith Team GRACE INRIA Saclay Île-de-France Laboratoire d Informatique de l École polytechnique (LIX) ECC #17, Leuven September 16,

More information

Surjectivity in Honda-Tate

Surjectivity in Honda-Tate Surjectivity in Honda-Tate Brian Lawrence May 5, 2014 1 Introduction Let F q be a finite field with q = p a elements, p prime. Given any simple Abelian variety A over F q, we have seen that the characteristic

More information

Tight Sets and m-ovoids of Quadrics 1

Tight Sets and m-ovoids of Quadrics 1 Tight Sets and m-ovoids of Quadrics 1 Qing Xiang Department of Mathematical Sciences University of Delaware Newark, DE 19716 USA xiang@mathudeledu Joint work with Tao Feng and Koji Momihara 1 T Feng, K

More information

Up to twist, there are only finitely many potentially p-ordinary abelian varieties over. conductor

Up to twist, there are only finitely many potentially p-ordinary abelian varieties over. conductor Up to twist, there are only finitely many potentially p-ordinary abelian varieties over Q of GL(2)-type with fixed prime-to-p conductor Haruzo Hida Department of Mathematics, UCLA, Los Angeles, CA 90095-1555,

More information

1. Introduction Let E be an elliptic curve over Q. We recall that the Tate-Shafarevich group of E/Q is defined by

1. Introduction Let E be an elliptic curve over Q. We recall that the Tate-Shafarevich group of E/Q is defined by Bull. Korean Math. Soc. 50 (2013), No. 2, pp. 407 416 http://dx.doi.org/10.4134/bkms.2013.50.2.407 ON THE p-primary PART OF TATE-SHAFAREVICH GROUP OF ELLIPTIC CURVES OVER Q WHEN p IS SUPERSINGULAR Dohyeong

More information

Computing the endomorphism ring of an ordinary elliptic curve

Computing the endomorphism ring of an ordinary elliptic curve Computing the endomorphism ring of an ordinary elliptic curve Massachusetts Institute of Technology April 3, 2009 joint work with Gaetan Bisson http://arxiv.org/abs/0902.4670 Elliptic curves An elliptic

More information

A normal form for elliptic curves in characteristic 2

A normal form for elliptic curves in characteristic 2 A normal form for elliptic curves in characteristic 2 David R. Kohel Institut de Mathématiques de Luminy Arithmetic, Geometry, Cryptography et Coding Theory 2011 CIRM, Luminy, 15 March 2011 Edwards model

More information

Genus 2 Hyperelliptic Curve Families with Explicit Jacobian Order Evaluation and Pairing-Friendly Constructions

Genus 2 Hyperelliptic Curve Families with Explicit Jacobian Order Evaluation and Pairing-Friendly Constructions Genus Hyperelliptic Curve Families with Explicit Jacobian Order Evaluation and Pairing-Friendly Constructions Aurore Guillevic 1, and Damien Vergnaud 1 1 Équipe crypto DI, École Normale Supérieure, C.N.R.S.,

More information

The Fricke-Macbeath Curve

The Fricke-Macbeath Curve The Fricke-Macbeath Curve Jaap Top BIRS, September 28th, 2016 joint work with Carlo Verschoor (master s student in Groningen during 2014/15, currently PhD student with Frits Beukers, Utrecht) Some history

More information

l-adic Representations

l-adic Representations l-adic Representations S. M.-C. 26 October 2016 Our goal today is to understand l-adic Galois representations a bit better, mostly by relating them to representations appearing in geometry. First we ll

More information

Hidden pairings and trapdoor DDH groups. Alexander W. Dent Joint work with Steven D. Galbraith

Hidden pairings and trapdoor DDH groups. Alexander W. Dent Joint work with Steven D. Galbraith Hidden pairings and trapdoor DDH groups Alexander W. Dent Joint work with Steven D. Galbraith 2 Pairings in cryptography Elliptic curves have become an important tool in cryptography and pairings have

More information

The Representations of The Heisenberg Group over a Finite Field

The Representations of The Heisenberg Group over a Finite Field Armenian Journal of Mathematics Volume 3, Number 4, 2010, 162 173 The Representations of The Heisenberg Group over a Finite Field Manouchehr Misaghian Department of Mathematics Prairie view A & M University

More information

Elliptic Curves Spring 2015 Lecture #7 02/26/2015

Elliptic Curves Spring 2015 Lecture #7 02/26/2015 18.783 Elliptic Curves Spring 2015 Lecture #7 02/26/2015 7 Endomorphism rings 7.1 The n-torsion subgroup E[n] Now that we know the degree of the multiplication-by-n map, we can determine the structure

More information

CALCULUS ON MANIFOLDS. 1. Riemannian manifolds Recall that for any smooth manifold M, dim M = n, the union T M =

CALCULUS ON MANIFOLDS. 1. Riemannian manifolds Recall that for any smooth manifold M, dim M = n, the union T M = CALCULUS ON MANIFOLDS 1. Riemannian manifolds Recall that for any smooth manifold M, dim M = n, the union T M = a M T am, called the tangent bundle, is itself a smooth manifold, dim T M = 2n. Example 1.

More information

The Eta Pairing Revisited

The Eta Pairing Revisited The Eta Pairing Revisited F. Hess 1, N. Smart 2, and Frederik Vercauteren 3 1 Technische Universität Berlin, Fakultät II, Institut für Mathematik, MA 8-1, Strasse des 17. Juni 136, D-10623 Berlin, Germany.

More information

Fully maximal and minimal supersingular abelian varieties

Fully maximal and minimal supersingular abelian varieties Fully maximal and minimal supersingular abelian varieties Valentijn Karemaker (University of Pennsylvania) Joint with R. Pries Arithmetic, Geometry, Cryptography, and Coding Theory, CIRM June 19, 2017

More information

Algebraic Geometry Spring 2009

Algebraic Geometry Spring 2009 MIT OpenCourseWare http://ocw.mit.edu 18.726 Algebraic Geometry Spring 2009 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms. 18.726: Algebraic Geometry

More information

A PRIMER ON SESQUILINEAR FORMS

A PRIMER ON SESQUILINEAR FORMS A PRIMER ON SESQUILINEAR FORMS BRIAN OSSERMAN This is an alternative presentation of most of the material from 8., 8.2, 8.3, 8.4, 8.5 and 8.8 of Artin s book. Any terminology (such as sesquilinear form

More information

Integral models of Shimura varieties

Integral models of Shimura varieties Zavosh Amir-Khosravi April 9, 2011 Motivation Let n 3 be an integer, S a scheme, and let (E, α n ) denote an elliptic curve E over S with a level-n structure α n : (Z/nZ) 2 E n. Motivation Let n 3 be an

More information

Γ 1 (N) given by the W -operator W =. It would be interesting to show

Γ 1 (N) given by the W -operator W =. It would be interesting to show Hodge structures of type (n, 0,..., 0, n) Burt Totaro Completing earlier work by Albert, Shimura found all the possible endomorphism algebras (tensored with the rationals) for complex abelian varieties

More information

On near prime-order elliptic curves with small embedding degrees (Full version)

On near prime-order elliptic curves with small embedding degrees (Full version) On near prime-order elliptic curves with small embedding degrees (Full version) Duc-Phong Le 1, Nadia El Mrabet 2, and Chik How Tan 1 1 Temasek Laboratories, National University of Singapore {tslld,tsltch}@nus.edu.sg

More information

Elliptic Nets With Applications to Cryptography

Elliptic Nets With Applications to Cryptography Elliptic Nets With Applications to Cryptography Katherine Stange Brown University http://www.math.brown.edu/~stange/ Elliptic Divisibility Sequences: Seen In Their Natural Habitat Example Elliptic Divisibility

More information

UC Berkeley Summer Undergraduate Research Program 2015 July 9 Lecture

UC Berkeley Summer Undergraduate Research Program 2015 July 9 Lecture UC Berkeley Summer Undergraduate Research Program 205 July 9 Lecture We will introduce the basic structure and representation theory of the symplectic group Sp(V ). Basics Fix a nondegenerate, alternating

More information

The Eta Pairing Revisited

The Eta Pairing Revisited 1 The Eta Pairing Revisited F. Hess, N.P. Smart and F. Vercauteren Abstract In this paper we simplify and extend the Eta pairing, originally discovered in the setting of supersingular curves by Baretto

More information

3.2 Real and complex symmetric bilinear forms

3.2 Real and complex symmetric bilinear forms Then, the adjoint of f is the morphism 3 f + : Q 3 Q 3 ; x 5 0 x. 0 2 3 As a verification, you can check that 3 0 B 5 0 0 = B 3 0 0. 0 0 2 3 3 2 5 0 3.2 Real and complex symmetric bilinear forms Throughout

More information

On Near Prime-Order Elliptic Curves with Small Embedding Degrees

On Near Prime-Order Elliptic Curves with Small Embedding Degrees On Near Prime-Order Elliptic Curves with Small Embedding Degrees Duc-Phong Le, Nadia El Mrabet, Tan Chik How To cite this version: Duc-Phong Le, Nadia El Mrabet, Tan Chik How. On Near Prime-Order Elliptic

More information

The Major Problems in Group Representation Theory

The Major Problems in Group Representation Theory The Major Problems in Group Representation Theory David A. Craven 18th November 2009 In group representation theory, there are many unsolved conjectures, most of which try to understand the involved relationship

More information

Math 110, Summer 2012: Practice Exam 1 SOLUTIONS

Math 110, Summer 2012: Practice Exam 1 SOLUTIONS Math, Summer 22: Practice Exam SOLUTIONS Choose 3/5 of the following problems Make sure to justify all steps in your solutions Let V be a K-vector space, for some number field K Let U V be a nonempty subset

More information

Elliptic Curves Spring 2019 Problem Set #7 Due: 04/08/2019

Elliptic Curves Spring 2019 Problem Set #7 Due: 04/08/2019 18.783 Elliptic Curves Spring 2019 Problem Set #7 Due: 04/08/2019 Description These problems are related to the material covered in Lectures 13-14. Instructions: Solve problem 1 and then solve one of Problems

More information

Elliptic Curves Spring 2015 Lecture #23 05/05/2015

Elliptic Curves Spring 2015 Lecture #23 05/05/2015 18.783 Elliptic Curves Spring 2015 Lecture #23 05/05/2015 23 Isogeny volcanoes We now want to shift our focus away from elliptic curves over C and consider elliptic curves E/k defined over any field k;

More information

Explicit isogenies and the Discrete Logarithm Problem in genus three

Explicit isogenies and the Discrete Logarithm Problem in genus three Explicit isogenies and the Discrete Logarithm Problem in genus three Benjamin Smith INRIA Saclay Île-de-France Laboratoire d informatique de l école polytechnique (LIX) EUROCRYPT 2008 : Istanbul, April

More information

Even sharper upper bounds on the number of points on curves

Even sharper upper bounds on the number of points on curves Even sharper upper bounds on the number of points on curves Everett W. Howe Center for Communications Research, La Jolla Symposium on Algebraic Geometry and its Applications Tahiti, May 2007 Revised slides

More information

Constructing Abelian Varieties for Pairing-Based Cryptography. David Stephen Freeman. A.B. (Harvard University) 2002

Constructing Abelian Varieties for Pairing-Based Cryptography. David Stephen Freeman. A.B. (Harvard University) 2002 Constructing Abelian Varieties for Pairing-Based Cryptography by David Stephen Freeman A.B. (Harvard University) 2002 A dissertation submitted in partial satisfaction of the requirements for the degree

More information

Igusa class polynomials

Igusa class polynomials Number Theory Seminar Cambridge 26 April 2011 Elliptic curves An elliptic curve E/k (char(k) 2) is a smooth projective curve y 2 = x 3 + ax 2 + bx + c. Q P P Q E is a commutative algebraic group Endomorphisms

More information

Graph structure of isogeny on elliptic curves

Graph structure of isogeny on elliptic curves Graph structure of isogeny on elliptic curves Université Versailles Saint Quentin en Yvelines October 23, 2014 1/ 42 Outline of the talk 1 Reminder about elliptic curves, 2 Endomorphism ring of elliptic

More information

COMPUTING MODULAR POLYNOMIALS

COMPUTING MODULAR POLYNOMIALS COMPUTING MODULAR POLYNOMIALS DENIS CHARLES AND KRISTIN LAUTER 1. Introduction The l th modular polynomial, φ l (x, y), parameterizes pairs of elliptic curves with a cyclic isogeny of degree l between

More information

Hyperplanes of Hermitian dual polar spaces of rank 3 containing a quad

Hyperplanes of Hermitian dual polar spaces of rank 3 containing a quad Hyperplanes of Hermitian dual polar spaces of rank 3 containing a quad Bart De Bruyn Ghent University, Department of Mathematics, Krijgslaan 281 (S22), B-9000 Gent, Belgium, E-mail: bdb@cage.ugent.be Abstract

More information

Material covered: Class numbers of quadratic fields, Valuations, Completions of fields.

Material covered: Class numbers of quadratic fields, Valuations, Completions of fields. ALGEBRAIC NUMBER THEORY LECTURE 6 NOTES Material covered: Class numbers of quadratic fields, Valuations, Completions of fields. 1. Ideal class groups of quadratic fields These are the ideal class groups

More information

CHARACTERS AS CENTRAL IDEMPOTENTS

CHARACTERS AS CENTRAL IDEMPOTENTS CHARACTERS AS CENTRAL IDEMPOTENTS CİHAN BAHRAN I have recently noticed (while thinking about the skewed orthogonality business Theo has mentioned) that the irreducible characters of a finite group G are

More information

Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem.

Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem. Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem. Elisa Lorenzo García Université de Rennes 1 14-09-2017 Elisa Lorenzo García (Rennes 1) Elliptic Curves 4 14-09-2017 1 /

More information

Weil pairing. Algant: Regensburg and Leiden Elliptic curves and Weil conjectures seminar, Regensburg. Wednesday 22 nd June, 2016.

Weil pairing. Algant: Regensburg and Leiden Elliptic curves and Weil conjectures seminar, Regensburg. Wednesday 22 nd June, 2016. Weil pairing Jana Sotáková Algant: Regensburg and Leiden Elliptic curves and Weil conjectures seminar, Regensburg Wednesday 22 nd June, 2016 Abstract In this talk we are mainly invested in constructing

More information

On finite semifelds of prime degree. equivalence classifcation of subspaces of invertible matrices

On finite semifelds of prime degree. equivalence classifcation of subspaces of invertible matrices On finite semifields of prime degree and the equivalence classifcation of subspaces of invertible matrices John Sheekey Rod Gow Claude Shannon Institute School of Mathematical Science University College

More information

Journal of Algebra 333 (2011) Contents lists available at ScienceDirect. Journal of Algebra.

Journal of Algebra 333 (2011) Contents lists available at ScienceDirect. Journal of Algebra. Journal of Algebra 333 (2011) 295 317 Contents lists available at ScienceDirect Journal of Algebra www.elsevier.com/locate/jalgebra The structure of rank 3 permutation modules for O ± 2n (2) and U m (2)

More information

On metacyclic extensions

On metacyclic extensions On metacyclic extensions Masanari Kida 1 Introduction A group G is called metacyclic if it contains a normal cyclic subgroup N such that the quotient group G/N is also cyclic. The category of metacyclic

More information

Sato-Tate groups of abelian surfaces

Sato-Tate groups of abelian surfaces Sato-Tate groups of abelian surfaces Kiran S. Kedlaya Department of Mathematics, University of California, San Diego kedlaya@ucsd.edu http://kskedlaya.org/slides/ Curves and Automorphic Forms Arizona State

More information

Supplementary Notes March 23, The subgroup Ω for orthogonal groups

Supplementary Notes March 23, The subgroup Ω for orthogonal groups The subgroup Ω for orthogonal groups 18.704 Supplementary Notes March 23, 2005 In the case of the linear group, it is shown in the text that P SL(n, F ) (that is, the group SL(n) of determinant one matrices,

More information

COMPUTING MODULAR POLYNOMIALS

COMPUTING MODULAR POLYNOMIALS COMPUTING MODULAR POLYNOMIALS DENIS CHARLES AND KRISTIN LAUTER 1. Introduction The l th modular polynomial, φ l (x, y), parameterizes pairs of elliptic curves with an isogeny of degree l between them.

More information

CUBIC SURFACES WITH SPECIAL PERIODS

CUBIC SURFACES WITH SPECIAL PERIODS CUBIC SURFACES WITH SPECIAL PERIODS JAMES CARLSON AND DOMINGO TOLEDO Abstract. We show that the vector of period ratios of a cubic surface is rational over Q(ω), where ω = exp(2πi/3) if and only if the

More information

ON THE SEMIPRIMITIVITY OF CYCLIC CODES

ON THE SEMIPRIMITIVITY OF CYCLIC CODES ON THE SEMIPRIMITIVITY OF CYCLIC CODES YVES AUBRY AND PHILIPPE LANGEVIN Abstract. We prove, without assuming the Generalized Riemann Hypothesis, but with at most one exception, that an irreducible cyclic

More information

NOTES ON CLASSICAL SHIMURA VARIETIES

NOTES ON CLASSICAL SHIMURA VARIETIES NOTES ON CLASSICAL SHIMURA VARIETIES DONU ARAPURA We work over C in these notes. 1. Abelian varieties An abelian variety is a higher dimensional version of an elliptic curve. So first of all it is a complex

More information

Real representations

Real representations Real representations 1 Definition of a real representation Definition 1.1. Let V R be a finite dimensional real vector space. A real representation of a group G is a homomorphism ρ VR : G Aut V R, where

More information

RIGHT-LEFT SYMMETRY OF RIGHT NONSINGULAR RIGHT MAX-MIN CS PRIME RINGS

RIGHT-LEFT SYMMETRY OF RIGHT NONSINGULAR RIGHT MAX-MIN CS PRIME RINGS Communications in Algebra, 34: 3883 3889, 2006 Copyright Taylor & Francis Group, LLC ISSN: 0092-7872 print/1532-4125 online DOI: 10.1080/00927870600862714 RIGHT-LEFT SYMMETRY OF RIGHT NONSINGULAR RIGHT

More information

Algebra Qualifying Exam August 2001 Do all 5 problems. 1. Let G be afinite group of order 504 = 23 32 7. a. Show that G cannot be isomorphic to a subgroup of the alternating group Alt 7. (5 points) b.

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback