DOCSLIB.ORG

1 2. Endomorphisms for Elliptic Curves 3 3. Torsion Points 7 4

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
1 2. Endomorphisms for Elliptic Curves 3 3. Torsion Points 7 4 ELLIPTIC CURVES AND CRYPTOGRAPHY MICHAEL CALDERBANK Abstract. We begin with the basics of elliptic curves, assuming some knowl- edge of group theory and number theory. We shall first build up some general theorems of endomorphisms and torsion points, which will be necessary when we provide Hasse's Theorem about the order of a group of points on an elliptic curve. This will allow us to provide an example of how elliptic curves can be used in cryptography. Contents 1. What is an Elliptic Curve? 1 2. Endomorphisms for Elliptic Curves 3 3. Torsion Points 7 4. Elliptic Curves over Finite Fields 10 5. Discrete Logarithm Problem 13 6. Conclusion 15 Acknowledgments 15 References 15 1. What is an Elliptic Curve? An elliptic curve E is the graph of an equation of the form: y2 = x3 + Ax + B where A and B are constants. This equation is called the Weierstrass equation for an elliptic curve. We will need to specify which field A; B; x; and y belong to, for now we will deal with R, since it is easy to visualize, but for our cryptographic applications, it will make sense to deal with finite fields Fq, where q is a prime power. When working over fields of characteristic 2 or 3, it is more useful to deal with the generalized Weierstrass equation: 2 3 2 y + a1xy + a3y = x + a2x + a4x + a6 With a little algebraic manipulation, an equation of this form can be reduced to a Weirstrass equation if the characteristic of the field is not equal to 2 or 3. We want to look at points on the elliptic curve, so if we have an elliptic curve E over a field K, then for any field L such that L ⊇ K we can consider the set: E(L) = f1g [ f(x; y) 2 L × Ljy2 = x3 + Ax + Bg Date: August 21, 2009. 1 2 MICHAEL CALDERBANK Note that we have added the point at infinity to our curve. This concept can be made rigorous using projective space, but it is easiest to regard it as the point (1; 1). For computational purposes, it will be a formal symbol satisfying certain rules. At this point, we'll define addition for points. Start with 2 points: M1 = (x1; y1);M2 = (x1; y1) on an elliptic curve E given by the equation y2 = x3 + Ax + B. We define a new point M3 as follows: Draw the line D through M1 and M2. We'll see below that D intersects E in a third point P . Reflect P across the x-axis to obtain M3. We define M1 + M2 = M3 When E is defined over the reals, then we have the figure below: For other fields, there is no intuitive picture, so we will need a formal set of rules for addition. Using a bit of basic algebra, we can calculate the coordinates of the ELLIPTIC CURVES AND CRYPTOGRAPHY 3 third point given the coordinates of the first two points. Note that if M1 = M2, then we can use implicit differentiation to find the slope of the line. To summarize: Definition 1.1. Let E be an elliptic curve defined by y2 = x3 + Ax + B. Let P1 = (x1; y1) and P2 = (x2; y2) be points on E with P1;P2 6= 1. Define P1 + P2 = P3 = (x3; y3) as follows: (1) If x1 6= x2, then 2 y2 − y1 x3 = m − x1 − x2; y3 = m(x1 − x3) − y1; where m = x2 − x1 (2) If x1 = x2 but y1 6= y2, then P1 + P2 = 1 (3) If P1 = P2 and y1 6= 0, then 2 2 3x1 + A x3 = m − 2x1; y3 = m(x1 − x3) − y1; where m = 2y1 (4) If P1 = P2 and y1 = 0, then P1 + P2 = 1 Also, define P + 1 = P for all points P on E. With addition defined, it is only a small step to our first theorem: Theorem 1.2. The addition of points on an elliptic curve E form an additive abelian group with 1 as the identity element. Proof. From the formulas, commutativity is obvious, since the line passing through the points is the same, and if we want to find the inverse of P , then if we reflect P across the x-axis to get P 0, then P + P 0 = 1. The only tricky part is associativity, and this is a messy calculation involving the formulas above, so we leave it as an exercise. We will want to study the order of specific points and the order of the group in general, but first we have to make rigorous endomorphisms on an elliptic curve 2. Endomorphisms for Elliptic Curves Definition 2.1. An endomorphism of E is a homomorphism α : E(K) −! E(K) that is given by rational functions. So α(P1 + P2) = α(P1) + α(P2), and there are rational functions R1(x; y);R2(x; y) with coefficients in K such that α(x; y) = (R1(x; y);R2(x; y)) for all (x; y) 2 E(K). Naturally, α(1) = 1, and we will also assume that any endomorphism is nontrivial, so there exists some (x; y) such that α(x; y) 6= 1. Using the fact that y2 = x3 + Ax + B for all (x; y) 2 E(K), we can show that any endomorphism defined as above can be written as: α(x; y) = (r1(x); r2(x)y) with rational functions r1(x); r2(x). 4 MICHAEL CALDERBANK p(x) Definition 2.2. Let α be as above and write r1(x) = q(x) . We define the degree of α to be deg(α) = Maxfdeg p(x); deg q(x)g 0 Also, we define α to be a separable endomorphism if the derivative r1(x) is not identically zero. This is equivalent to saying that at least one of p0(x) and q0(x) is not identically zero. Of particular importance to our study is the Frobenius map. Suppose E is defined over the finite field Fq. Let q q φq(x; y) = (x ; y ) . Lemma 2.3. Let E be defined over Fq. Then φq is an endomorphism of E of degree q, and φq is not separable. q q Proof. Since φq(x; y) = (x ; y ) is given by rational functions, it is clear that the q degree is q. Also, since q = 0 in Fq, the derivative of x is indentically zero, so φq is not separable. The main thing to be proven is that φq : E(Fq) ! E(Fq) is a homomorphism. Let (x1; y1); (x2; y2) 2 E(Fq) with x1 6= x2. According to Definition 1.1(1) The sum is (x3; y3) with 2 y2 − y1 x3 = m − x1 − x2; y3 = m(x1 − x3) − y1; where m = x2 − x1 Raise everything to the qth power: q q q 02 q q q 0 q q q 0 y2 − y1 x3 = m − x1 − x2; y3 = m (x1 − x3) − y1; where m = q q x2 − x1 So if x1 6= x2, then we see that φq(x3; y3) = φq(x1; y1) + φq(x2; y2) There is a bit more subtlety when we add a point to itself. According to Definition 1.1(1), we have 2(x1; y1) = (x3; y3), with 2 2 3x1 + A x3 = m − 2x1; y3 = m(x1 − x3) − y1; where m = 2y1 When we raise everything to the qth power, we will need to use the fact that q q q 2 = 2; 3 = 3;A = A, since 2; 3;A 2 Fq. This is only true if the characteristic of Fq is not 2 or 3, but if that were the case, then we would have a different addition formula since we would need to use the generalized Weirstrass form. The calculation for that form is essentially the same. We will return to the Frobenius map, but now we need a few general results about endomorphisms. Proposition 2.4. Let α 6= 0 be a separable endomorphism of an elliptic curve E. Then deg α = #Ker(α) If α 6= 0 is not separable, then deg α > #Ker(α) ELLIPTIC CURVES AND CRYPTOGRAPHY 5 Proof. Assume first that α is separable. Write α(x; y) = (r1(x); r2(x)y) with 0 0 0 r1(x) = p(x)=q(x), as above. Then r1 6= 0, so p q − pq is not the zero polyno- mial. Let S be the set of x 2 K such that (pq0 − p0q)(x)q(x) = 0. Let (a; b) 2 E(K) be such that (1) a 6= 0; b 6= 0; (a; b) 6= 1, (2) deg(p(x) − aq(x)) = Maxfdeg(p); deg(q)g = deg(α) (3) a2 = r1(S), and (4) (a; b) 2 α(E(K)) Since pq0 − p0q is not the zero polynomial, S is a finite set, hence its image under α is finite. The function r1(x) takes on infinitely many distinct values as x runs through K. Since for each x there is a point (x; y) 2 E(K), we see that α(E(K)) is an infinite set. Therefore, we know such an (a; b) exists. We claim that there are exactly deg(α) points (x1; y1) 2 E(K) such that α(x1; y1) = (a; b). For such a point, we have p(x1) = a; y1r2(x1) = b: q(x1) Since (a; b) 6= 1, we must have q(x1) 6= 0. Since b 6= 0 and y1r2(x1) = b, we must have y1 = b=r2(x1). Therefore, x1 determines y1 in this case, so we only need to count values of x1.
Load more

Recommended publications
  • THE TESTIDEALS PACKAGE for MACAULAY2 1. Introduction This Paper Describes Methods for Computing Objects and Numerical Invariants
    THE TESTIDEALS PACKAGE FOR MACAULAY2 ALBERTO F. BOIX, DANIEL J. HERNANDEZ,´ ZHIBEK KADYRSIZOVA, MORDECHAI KATZMAN, SARA MALEC, MARCUS ROBINSON, KARL SCHWEDE, DANIEL SMOLKIN, PEDRO TEIXEIRA, AND EMILY E. WITT Abstract. This note describes a Macaulay2 package for computations in prime characteristic commutative algebra. This includes Frobenius powers and roots, p−e-linear and pe-linear maps, singularities defined in terms of these maps, different types of test ideals and modules, and ideals compatible with a given p−e-linear map. 1. Introduction This paper describes methods for computing objects and numerical invariants in prime characteristic commutative algebra, implemented in the package TestIdeals for the computer algebra system Macaulay2 [GS]. A ring R of prime characteristic p comes equipped with the Frobenius endomorphism F : R −! R given by F (x) = xp; which is the basis for many constructions and methods. Notably, the Frobenius endomorphism can be used to detect whether a ring is regular [Kun69], and fur- ther, to quantify how far a ring is from being regular, measuring the severity of a singularity. In this direction, two notable applications of the Frobenius endomorphism are the theory of tight closure (see [HH90, Hoc07] for an introduction) and the resulting theory of test ideals (see the survey [ST12]). These methods are used by a wide group of commutative algebraists and algebraic geometers. The TestIdeals package was started during a Macaulay2 development work- shop in 2012, hosted by Wake Forest University. The package, at that time called PosChar, aimed at providing a unified and efficient set of tools to study singulari- ties in characteristic p > 0, and in particular, collecting and implementing several algorithms that had been described in research papers.
    [Show full text]
  • The Structure of the Group of Rational Points of an Abelian Variety Over a Finite Field
    THE STRUCTURE OF THE GROUP OF RATIONAL POINTS OF AN ABELIAN VARIETY OVER A FINITE FIELD CALEB SPRINGER Abstract. Let A be a simple abelian variety of dimension g defined over a finite field Fq with Frobenius endomorphism π. This paper describes the structure of the group of rational points A(Fqn ), for all n 1, as a module over the ring R of endomorphisms which are defined ≥ over Fq, under certain technical conditions. If [Q(π): Q]=2g and R is a Gorenstein ring, n F n then A( q ) ∼= R/R(π 1). This includes the case when A is ordinary and has maximal real multiplication. Otherwise,− if Z is the center of R and (πn 1)Z is the product of d n − invertible prime ideals in Z, then A(Fqn ) = R/R(π 1) where d =2g/[Q(π): Q]. Finally, ∼ − we deduce the structure of A(Fq) as a module over R under similar conditions. These results generalize results of Lenstra for elliptic curves. 1. Introduction Given an abelian variety A over a finite field Fq, one may view the group of rational points A(Fq) as a module over the ring EndFq (A) of endomorphisms defined over Fq. Lenstra completely described this module structure for elliptic curves over finite fields in the following theorem. In addition to being useful and interesting in its own right, this theorem also determines a fortiori the underlying abelian group structure of A(Fq) purely in terms of the endomorphism ring. The latter perspective has been leveraged for the sake of computational number theory and cryptography; see, for example, the work of Galbraith [6, Lemma 1], Ionica and Joux [8, §2.3], and Kohel [12, Chapter 4].
    [Show full text]
  • Frobenius Maps of Abelian Varieties and Finding Roots of Unity in Finite Fields J
    Frobenius Maps of Abelian Varieties and Finding Roots of Unity in Finite Fields J. Pila “If ’twere done when ’tis done, then ’twere well / It were done quickly.” –Macbeth. Abstract. We give a generalization to Abelian varieties over finite fields of the algorithm of Schoof for elliptic curves. Schoof showed that for an elliptic curve E over Fq given by a Weierstrass equation one can compute the number of Fq– rational points of E in time O((log q)9). Our result is the following. Let A be an Abelian variety over Fq. Then one can compute the characteristic polynomial of the Frobenius endomorphism of A in time O((log q)∆) where ∆ and the implied constant depend only on the dimension of the embedding space of A, the number of equations defining A and the addition law, and their degrees. The method, generalizing that of Schoof, is to use the machinery developed by Weil to prove the Riemann hypothesis for Abelian varieties. By means of this theory, the calculation is reduced to ideal theoretic computations in a ring of polynomials in several variables over Fq. As applications we show how to count the rational points on the reductions modulo primes p of a fixed curve over Q in time polynomial in log p; we show also that, for a fixed prime `, we can compute the `th roots of unity mod p, when they exist, in polynomial time in log p. This generalizes Schoof’s application of his algorithm to find square roots of a fixed integer x mod p. 1.
    [Show full text]
  • The Frobenius Endomorphism and Multiplicities
    The Frobenius Endomorphism and Multiplicities by Linquan Ma A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Mathematics) in The University of Michigan 2014 Doctoral Committee: Professor Melvin Hochster, Chair Professor Hyman Bass Professor Harm Derksen Professor Mircea Mustat¸˘a Professor Karen E. Smith To my parents ii ACKNOWLEDGEMENTS First and foremost, I would like to express my deep gratitude to my advisor, Mel Hochster, for his constant support and encouragement. His ingenious ideas and invaluable advice have helped me a lot in my research throughout the years. I would like to thank Hyman Bass, Harm Derksen, Mircea Mustat¸˘a,and Karen Smith for being my dissertation committee members. I am particularly thankful to Mircea Mustat¸˘aand Karen Smith for teaching me many algebraic geometry courses and answering my questions. I want to thank Karl Schwede and Wenliang Zhang, for answering numerous of my questions and for lots of inspirational discussions in mathematics. It is a pleasure to thank Zhixian Zhu, Xin Zhou, Felipe P´erez,Yefeng Shen and Sijun Liu for many helpful mathematical conversations throughout the years. I am also grateful to all my friends at Peking University and University of Michigan. Special thanks go to Jingchen Wu, for being a great friend and especially for organizing the Crosstalk shows that add color to my mathematical life. We are an excellent \couple" in Crosstalk! Last but definitely not least, I would like to thank my parents for their kind support and encouragement. iii TABLE OF CONTENTS DEDICATION :::::::::::::::::::::::::::::::::::::::::: ii ACKNOWLEDGEMENTS :::::::::::::::::::::::::::::::::: iii CHAPTER I.
    [Show full text]
  • Motives Over Fp
    Motives over Fp J.S. Milne July 22, 2006 Abstract In April, 2006, Kontsevich asked me whether the category of motives over Fp (p prime), has a fibre functor over a number field of finite degree since he had a conjecture that more-or-less implied this. This article is my response. Unfortunately, since the results are generally negative or inconclusive, they are of little interest except perhaps for the question they raise on the existence of a cyclic extension of Q having certain properties (see Question 6.5). Let k be a finite field. Starting from any suitable class S of algebraic varieties over k including the abelian varieties and using the correspondences defined by algebraic cycles modulo numerical equivalence, we obtain a graded tannakian category Mot.k/ of motives. Let Mot0.k/ be the subcategory of motives of weight 0 and assume that the Tate conjecture holds for the varieties in S. For a simple motive X, D End.X/ is a division algebra with centre the subfield D F QŒX generated by the Frobenius endomorphism X of X and D 1 rank.X/ ŒD F 2 ŒF Q: D W W Therefore, D can act on a Q-vector space of dimension rank.X/ only if it is commutative. Since this is never the case for the motive of a supersingular elliptic curve or of the abelian variety obtained by restriction of scalars from such a curve, there cannot be a Q-valued fibre functor on the full category Mot.k/. Let k Fq. Then, for each prime v of F , D 8 1=2 if v is real and X has odd weight ˆ < ordv.X / invv.D/ ŒFv Qp if v p (1) D ˆ ordv.q/ W j :ˆ 0 otherwise (Tate’s formula; see Milne 1994, 2.16).
    [Show full text]
  • The Grothendieck Ring of Varieties and of the Theory of Algebraically Closed Fields
    THE GROTHENDIECK RING OF VARIETIES AND OF THE THEORY OF ALGEBRAICALLY CLOSED FIELDS TIBOR BEKE ABSTRACT. In each characteristic, there is a canonical homomorphism from the Grothendieck ring of varieties to the Grothendieck ring of sets definable in the theory of algebraically closed fields. We prove that this homomorphism is an isomorphism in characteristic zero. In positive characteristics, we exhibit specific elements in the kernel of the corresponding homomorphism of Grothendieck semirings. The comparison of these two Grothendieck rings in positive characteristics seems to be an open question, related to the difficult problem of cancellativity of the Grothendieck semigroup of varieties. 1. INTRODUCTION Of the many occurrences of Grothendieck rings in algebraic geometry, there are two closely related ones that are the subjects of this note. One is Grothendieck’s original definition: the gener- ators are isomorphism classes of varieties, and the relations stem from open-closed decompositions into subvarieties. See Bittner [Bit04] for a careful discussion and presentation in terms of smooth varieties, and Looijenga [Loo02] for how localizations and completions of this ring give rise to motivic measures. The other definition originates in geometric model theory, as an instance of the Grothendieck ring of models of a first-order theory. Here, in line with the general aims of model theory, the objects of study are formulas of first order logic, and the subsets of an ambient model they define. The natural notion of morphism becomes a definable map, and in the Grothendieck ring of definable sets, it is natural to permit as relations all definable decompositions. Let us specialize to the theory of algebraically closed fields.
    [Show full text]
  • On P-Adic Unit-Root Formulas
    On p-adic unit-root formulas Masha Vlasenko Abstract For a multivariate Laurent polynomial f (x) with coefficients in a ring R we construct a sequence of matrices with entries in R whose reductions modulo p give iterates of the Hasse–Witt operation for the hypersurface of zeroes of the reduc- tion of f (x) modulo p. We show that our matrices satisfy a system of congruences modulo powers of p. If the Hasse–Witt operation is invertible these congruences yield p-adic limit formulas, which conjecturally describe the Gauss–Manin connec- tion and the Frobenius operator on the the slope 0 part of a crystal attached to f (x). We also apply our results on congruences to integrality of formal group laws of Artin–Mazur kind. 1 Hasse–Witt matrix Let X=Fq be a smooth projective variety of dimension n over a finite field with q = pa elements. The congruence formula due to Katz (see [1]) states that modulo p the zeta function of X is described as n a i (−1)i+1 Z(X=Fq;T) ≡ ∏det(1 − T · F jH (X;OX )) mod p; (1) i=0 i where H (X;OX ) is the cohomology of X with coefficients in the structure sheaf OX and F is the Frobenius map, the p-linear vector space map induced by h 7! hp on p p the structure sheaf (p-linear means F (bs + ct) = b F (s) + c F (t) for b;c 2 Fq i and s;t 2 H (X;OX )). When X is a complete intersection the only interesting term n in formula (1) is given by H (X;OX ).
    [Show full text]
  • Entropy and Witt Construction 8 2.1
    CHARACTERISTIC 1, ENTROPY AND THE ABSOLUTE POINT ALAIN CONNES AND CATERINA CONSANI Abstract. We show that the mathematical meaning of working in character- istic one is directly connected to the fields of idempotent analysis and tropical algebraic geometry and we relate this idea to the notion of the absolute point Spec F1. After introducing the notion of \perfect" semi-ring of characteristic one, we explain how to adapt the construction of the Witt ring in characteris- tic p > 1 to the limit case of characteristic one. This construction also unveils an interesting connection with entropy and thermodynamics, while shedding a new light on the classical Witt construction itself. We simplify our earlier construction of the geometric realization of an F1-scheme and extend our ear- lier computations of the zeta function to cover the case of F1-schemes with torsion. Then, we show that the study of the additive structures on monoids provides a natural map M 7! A(M) from monoids to sets which comes close to fulfill the requirements for the hypothetical curve Spec Z over the absolute point Spec F1. Finally, we test the computation of the zeta function on elliptic curves over the rational numbers. Contents 1. Introduction 2 2. Working in characteristic 1: Entropy and Witt construction 8 2.1. Additive structure 8 2.2. Characteristic p = 2 10 2.3. Characteristic p = 1 and idempotent analysis 12 2.4. Witt ring in characteristic p = 1 and entropy 17 2.5. The Witt ring in characteristic p > 1 revisited 20 2.6. B, F1 and the \absolute point" 22 3.
    [Show full text]
  • Arxiv:1803.03229V2 [Math.AC] 8 Sep 2018 N H Perfection, the and Aia Fr(O Xml,Rcudb -Dclycmlt) T R Map Complete)
    REGULAR RINGS AND PERFECT(OID) ALGEBRAS BHARGAV BHATT, SRIKANTH B. IYENGAR, AND LINQUAN MA Happy Birthday Gennady! ABSTRACT. We prove a p-adic analog of Kunz’s theorem: a p-adically complete noether- ian ring is regular exactly when it admits a faithfully flat map to a perfectoid ring. This result is deduced from a more precise statement on detecting finiteness of projective di- mension of finitely generated modules over noetherian rings via maps to perfectoid rings. We also establish a version of the p-adic Kunz’s theorem where the flatness hypothesis is relaxed to almost flatness. 1. INTRODUCTION This paper explores some homological properties of perfect(oid) algebras over commu- tative noetherian rings. A commutative ring of positive characteristic p is called perfect if its Frobenius endomorphism is an isomorphism. Perfectoid rings are generalizations of perfect rings to mixed characteristic (Definition 3.5). Their most important features for our work are: if A is a perfectoid ring, then √pA is a flat ideal, A/√pA is a perfect ring, and finitely generated radical ideals in A containing p have finite flat dimension (Lemma 3.7). One of our main results is that over a noetherian local ring R, any perfectoid R-algebra A with mA = A detects finiteness of homological dimension of R-modules. More precisely, 6 R given such an A, if a finitely generated R-module M satisfies Tor j (A,M)= 0 for j 0, then M has a finite free resolution by R-modules (Theorem 4.1). The crucial property≫ of A that is responsible for this phenomenon is isolated in Theorem 2.1, which identifies a large class of modules that can detect finiteness of homological dimension over local rings.
    [Show full text]
  • Abstract Commutative Endomorphism Rings Of
    ABSTRACT Title of dissertation: COMMUTATIVE ENDOMORPHISM RINGS OF SIMPLE ABELIAN VARIETIES OVER FINITE FIELDS Jeremy Bradford, Doctor of Philosophy, 2012 Dissertation directed by: Professor Lawrence C. Washington Department of Mathematics In this thesis we look at simple abelian varieties defined over a finite field k = Fpn with Endk(A) commutative. We derive a formula that connects the p- rank r(A) with the splitting behavior of p in E = Q(π), where π is a root of the characteristic polynomial of the Frobenius endomorphism. We show how this formula can be used to explicitly list all possible splitting behaviors of p in OE, and we do so for abelian varieties of dimension less than or equal to four defined over Fp. We then look for when p divides [OE : Z[π; π¯]]. This allows us to prove that the endomorphism ring of an absolutely simple abelian surface is maximal at p when p ≥ 3. We also derive a condition that guarantees that p divides [OE : Z[π; π¯]]. Last, we explicitly describe the structure of some intermediate subrings of p-power index between Z[π; π¯] and OE when A is an abelian 3-fold with r(A) = 1. COMMUTATIVE ENDOMORPHISM RINGS OF SIMPLE ABELIAN VARIETIES OVER FINITE FIELDS by Jeremy Bradford Dissertation submitted to the Faculty of the Graduate School of the University of Maryland, College Park in partial fulfillment of the requirements for the degree of Doctor of Philosophy 2012 Advisory Committee: Professor Lawrence C. Washington, Chair/Advisor Professor Patrick Brosnan Professor William Gasarch Professor Niranjan Ramachandran Professor Harry Tamvakis Table of Contents 1 Introduction 1 2 Background 5 2.1 Abelian Varieties .
    [Show full text]
  • THE THEOREM of HONDA and TATE 11 We Have 1/2 [Lw : Fv] = [L0,W0 : F0,V0 ] = [L0 : F0] = [E : F ]
    THE THEOREM OF HONDA AND TATE KIRSTEN EISENTRAGER¨ 1. Motivation Consider the following theorem of Tate (proved in [Mum70, Theo- rems 2–3, Appendix I]): Theorem 1.1. Let A and B be abelian varieties over a finite field k of size q, and let fA, fB ∈ Z[T ] be the characteristic polynomials of their q-Frobenius endomorphisms, so fA and fB have degrees 2 · dimA and 2 · dimB with constant terms qdimA and qdimB respectively. The following statements are equivalent: (1) B is k-isogenous to an abelian subvariety of A. (2) fB|fA in Q[T ]. In particular, A is k-isogenous to B if and only if fA = fB. Moreover, A is k-simple if and only if fA is a power of an irreducible polynomial in Q[T ]. Recall that the roots of fA in C are “Weil q-integers”: algebraic integers whose images in C all have absolute value q1/2. By Theorem 1.1 to describe the isogeny classes of abelian varieties over finite fields we would like to know for which Weil q-integers π in C we can find a k- simple abelian variety A/k such that π is a root of fA. We will show that for each π, we can find a k-simple abelian variety A and an embedding 0 Q[π] ,→ Endk(A) such that π is the q-Frobenius endomorphism of A. We will follow the discussion in [Tat68] and [MW71]. Brian Conrad heavily revised Section 8 to simplify the computation of the invariant invv(E) for v | p and he provided the proofs for Theorem 8.3 and the results in the appendix.
    [Show full text]
  • Long Booklet
    INVITED TALKS Yves Aubry ....................................................................................................................... 1 Jennifer Balakrishnan ........................................................................................................ 1 Eva Bayer-Fluckiger ........................................................................................................ 1 Arzu Boysal ...................................................................................................................... 2 William D. Gillam ........................................................................................................... 2 Francesco de Giovanni ..................................................................................................... 2 Jonathan Jedwab .............................................................................................................. 3 Ali Ulaş Özgür Kişisel ..................................................................................................... 3 Michel Lavrauw ............................................................................................................... 4 Patrizia Longobardi .......................................................................................................... 5 Mercede Maj .................................................................................................................... 6 Gerriet Martens ...............................................................................................................
    [Show full text]