Elliptic Curves OTHER BOOKS by the AUTHOR

Total Page:16

File Type:pdf, Size:1020Kb

Elliptic Curves OTHER BOOKS by the AUTHOR J.S. Milne: Elliptic Curves OTHER BOOKS BY THE AUTHOR Etale Cohomology Princeton Mathematical Series 33, Princeton University Press, 1980, 323+xiii pages, ISBN 0-691-08238-3 Hodge Cycles, Motives, and Shimura Varieties (with Pierre Deligne, Arthur Ogus, and Kuang-yen Shih) Lecture Notes in Math. 900, Springer-Verlag, 1982, 414 pages, ISBN 3-540- 11174-3 and 0-387-11174-3 Arithmetic Duality Theorems Academic Press, 1986, 421+x pages, ISBN 0-12-498040-6 Second corrected TeXed edition (paperback) BookSurge Publishing 2006, 339+viii pages, ISBN 1-4196-4274-X Elliptic Curves J.S. Milne Copyright c 2006 J.S. Milne. Single unbound paper copies for noncommercial personal use may be made without explicit permission from the copyright holder. All other rights reserved. A paperback version of this work is available from booksellers worldwide, in- cluding www.amazon.com and www.amazon.co.uk, and from the publisher: BookSurge Publishing, www.booksurge.com. Your purchase of this book will encourage the writing of more works like this. BibTeX information @book{milne2006, author={J.S. Milne}, title={Elliptic Curves}, year={2006}, publisher={BookSurge Publishers}, pages={238+viii}, isbn={1-4196-5257-5} } Library of Congress data available (www.jmilne.org/math/pBooks/) Mathematics Subject Classification (MSC2000): 11G, 11D, 14G. R The illustrations were written directly in PostScript code (by the author, ex- cept for the flying tori on the back cover, which use code written by W. Cassel- man). The Kea is a friendly intelligent parrot found only in the mountains of New Zealand. Preface In early 1996, I taught a course on elliptic curves. Since this was not long after Wiles had proved Fermat’s Last Theorem and I promised to explain some of the ideas underlying his proof, the course attracted an unusually large and diverse audience. As a result, I attempted to make the course accessible to all students with a knowledge only of the standard first-year graduate courses. When it was over, I collected the notes that I had handed out during the course into a single file, made a few corrections, and posted them on the Web, where they have since been downloaded tens of thousands of times. The appearance of publishers willing to turn pdf files into books quickly and cheaply and make them available worldwide while allowing the author to retain full control of the content and appearance of the work has prompted me to rewrite the notes and make them available as a paperback. J.S. Milne, October 30, 2006. Contents Contents vii IPlaneCurves 5 1 Basicdefinitions;Bezout’stheorem............... 5 2 Rationalpointsonplanecurves.................. 17 3 Thegrouplawonacubiccurve.................. 25 4 Regularfunctions;theRiemann-Rochtheorem......... 29 5 Definingalgebraiccurvesoversubfields............. 42 II Basic Theory of Elliptic Curves 45 1 Definition of an elliptic curve . .................. 45 2 The Weierstrass equation for an elliptic curve . ....... 50 3 Reduction of an elliptic curve modulo p ............. 54 4 Elliptic curves over Qp ...................... 61 5 Torsionpoints........................... 64 6N´eronmodels........................... 69 7 Algorithms for elliptic curves . .................. 76 III Elliptic Curves over the Complex Numbers 81 1 Latticesandbases......................... 81 2 Doubly periodic functions . .................. 82 3 Elliptic curves as Riemann surfaces . .............. 89 IV The Arithmetic of Elliptic Curves 101 1 Group cohomology . ......................102 2 The Selmer and Tate-Shafarevich groups . .......108 3 ThefinitenessoftheSelmergroup................110 4 Heights;completionoftheproof.................117 5 The problem of computing the rank of E.Q/ ...........126 6TheN´eron-Tatepairing......................131 7 Geometric interpretation of the cohomology groups .......133 8 FailureoftheHasse(local-global)principle...........143 9 Elliptic curves over finite fields ..................147 vii viii 10 TheconjectureofBirchandSwinnerton-Dyer..........160 11 Elliptic curves and sphere packings ................168 V Elliptic curves and modular forms 173 1 The Riemann surfaces X0.N / ..................173 2 X0.N / as an algebraic curve over Q ...............181 3 Modular forms . ........................189 4 Modular forms and the L-series of elliptic curves . .....193 5 Statementofthemaintheorems.................208 6 How to get an elliptic curve from a cusp form . .........210 7WhytheL-Series of Ef agrees with the L-Series of f .....215 8 Wiles’sproof...........................222 9 Fermat,atlast...........................226 Bibliography 229 Index 235 1 Introduction An elliptic curve over a field k is a nonsingular complete curve of genus 1 with a distinguished point. When the characteristic of k is not 2 or 3, it can be realized as a plane projective curve Y 2Z D X 3 C aXZ2 C bZ3;4a3 C 27b2 ¤ 0; and every such equation defines an elliptic curve over k. The distinguished point is .0 W 1 W 0/. For example, the following pictures show the real points (except the point at infinity) of two elliptic curves: Y 2 D X 3 C 1 Y 2 D X.X2 1/ Although the problem of computing the points on an elliptic curve E with rational numbers as coordinates has fascinated mathematicians since the time of the ancient Greeks, it was not until 1922 that it was proved that it is possible to construct all the points starting from a finite number by drawing chords and tangents. This is the famous theorem of Mordell, which shows more precisely that the rational points form a finitely generated group E.Q/. There is a sim- ple algorithm for computing the torsion subgroup of E.Q/, but there is still no proven algorithm for computing the rank. In one of the earliest applications of computers to mathematics, Birch and Swinnerton-Dyer discovered experimen- tally a relation between the rank and the numbers Np of the points on the curve read modulo the different prime numbers p. The problem of proving this rela- tion (the conjecture of Birch and Swinnerton-Dyer) is one of the most important in mathematics. Chapter IV of the book proves Mordell’s theorem and explains the conjecture of Birch and Swinnerton-Dyer. In 1955, Taniyama noted that it was plausible that the Np attached to a given elliptic curve always arise in a simple way from a modular form (in modern terminology, that the curve is modular). However, in 1985 Frey observed that this didn’t appear to be true for the elliptic curve attached to a nontrivial solution of the Fermat equation X p C Y p D Zp, p>2. His observation prompted Serre to revisit some old conjectures implying this, and Ribet proved enough of his conjectures to deduce that Frey’s observation is correct: the elliptic curve 2 attached to a nontrivial solution of the Fermat equation is not modular. Finally, in 1994 Wiles (with the help of Taylor) proved that every elliptic curve in a large class is modular. Since the class would contain any curve attached to a nontrivial solution of the Fermat equation, this proves that no such solution exists. Chapter V of the book is devoted to explaining these results. The first three chapters of the book develop the basic theory of elliptic curves. Elliptic curves have been used to shed light on some important problems that, at first sight, appear to have nothing to do with elliptic curves. I mention three such problems. Fast factorization of integers There is an algorithm for factoring integers that uses elliptic curves and is in many respects better than previous algorithms. People have been factoring in- tegers for centuries, but recently the topic has become of practical significance: given an integer n that is the product n D pq of two (large) primes p and q, there is a secret code for which anyone who knows n can encode a message, but only those who know p; q can decode it. The security of the code depends on no unauthorized person being able to factor n. See Koblitz 1987, VI 4, or Silverman and Tate 1992, IV 4. Lattices and the sphere packing problem The sphere packing problem is that of finding an arrangement of n-dimensional unit balls in Euclidean space that covers as much of the space as possible without overlaps. The arrangement is called a lattice packing if the centres of the spheres are the points of a lattice in n-space. The best packing in the plane is a lattice packing. Elliptic curves have been used to find lattice packings in many dimensions that are denser than any previously known (see IV, 11). Congruent numbers A natural number n is said to be congruent if it occurs as the area of a right triangle whose sides have rational length. If we denote the lengths of the sides of the triangle by x;y;z,thenn will be congruent if and only if the equations 2 2 2 1 x C y D z ;nD 2 xy 3 have simultaneous solutions in Q. The problem was of interest to the ancient Greeks, and was discussed systematically by Arab scholars in the tenth cen- tury. Fibonacci showed that 5 and 6 are congruent, Fermat that 1; 2; 3; are not congruent, and Euler proved that 7 is congruent, but it appeared hopeless to find a simple criterion for deciding whether a given n is congruent until Tunnell showed that the conjecture of Birch and Swinnerton-Dyer implies the following critertion: An odd square-free n is congruent if and only if the number of triples of integers .x;y;z/satisfying 2x2 C y2 C 8z2 D n is equal to twice the number of triples satisfying 2x2 C y2 C 32z2 D n. See Koblitz 1984. Among the many works on the arithmetic of elliptic curves, I mention here only the survey article Cassels 1966, which gave the first modern exposition of the subject, Tate’s Haverford lectures (reproduced in Silverman and Tate 1992), which remain the best elementary introduction, and the two volumes Silverman 1986, 1994, which have become the standard reference.
Recommended publications
  • Revisiting Elliptic Curve Cryptography with Applications to Post-Quantum SIDH Ciphers
    Revisiting Elliptic Curve Cryptography with Applications to Post-quantum SIDH Ciphers by Wesam Nabil Eid Master of Science Electrical and Computer Engineering University of New Haven 2013 A dissertation submitted to the Department of Computer Engineering and Sciences of Florida Institute of Technology in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Engineering Melbourne, Florida May, 2020 ⃝c Copyright 2020 Wesam Nabil Eid All Rights Reserved The author grants permission to make single copies We the undersigned committee hereby recommend that the attached document be accepted as fulfilling in part the requirements for the degree of Ph.D. in Computer Engineering. \Revisiting Elliptic Curve Cryptography with Applications to Post-quantum SIDH Ciphers" a dissertation by Wesam Nabil Eid Marius C. Silaghi, Ph.D. Associate Professor, Department of Computer Engineering and Sciences Major Advisor Carlos Otero, Ph.D. Associate Professor, Department of Computer Engineering and Sciences Committee Member Susan Earles, Ph.D. Associate Professor, Department of Computer Engineering and Sciences Committee Member Eugene Dshalalow, Dr.rer.nat. Professor, Department of Mathematical Sciences Committee Member Philip Bernhard, Ph.D. Associate Professor and Department Head Department of Computer Engineering and Sciences ABSTRACT Revisiting Elliptic Curve Cryptography with Applications to Post-quantum SIDH Ciphers by Wesam Nabil Eid Thesis Advisor: Marius C. Silaghi, Ph.D. Elliptic Curve Cryptography (ECC) has positioned itself as one of the most promising candidates for various applications since its introduction by Miller and Kolbitz in 1985 [53, 44]. The core operation for ECC is the scalar multiplication [k]P where many efforts have addressed its computation speed.
    [Show full text]
  • Nonintersecting Brownian Motions on the Unit Circle: Noncritical Cases
    The Annals of Probability 2016, Vol. 44, No. 2, 1134–1211 DOI: 10.1214/14-AOP998 c Institute of Mathematical Statistics, 2016 NONINTERSECTING BROWNIAN MOTIONS ON THE UNIT CIRCLE By Karl Liechty and Dong Wang1 DePaul University and National University of Singapore We consider an ensemble of n nonintersecting Brownian particles on the unit circle with diffusion parameter n−1/2, which are condi- tioned to begin at the same point and to return to that point after time T , but otherwise not to intersect. There is a critical value of T which separates the subcritical case, in which it is vanishingly un- likely that the particles wrap around the circle, and the supercritical case, in which particles may wrap around the circle. In this paper, we show that in the subcritical and critical cases the probability that the total winding number is zero is almost surely 1 as n , and →∞ in the supercritical case that the distribution of the total winding number converges to the discrete normal distribution. We also give a streamlined approach to identifying the Pearcey and tacnode pro- cesses in scaling limits. The formula of the tacnode correlation kernel is new and involves a solution to a Lax system for the Painlev´e II equation of size 2 2. The proofs are based on the determinantal × structure of the ensemble, asymptotic results for the related system of discrete Gaussian orthogonal polynomials, and a formulation of the correlation kernel in terms of a double contour integral. 1. Introduction. The probability models of nonintersecting Brownian motions have been studied extensively in last decade; see Tracy and Widom (2004, 2006), Adler and van Moerbeke (2005), Adler, Orantin and van Moer- beke (2010), Delvaux, Kuijlaars and Zhang (2011), Johansson (2013), Ferrari and Vet˝o(2012), Katori and Tanemura (2007) and Schehr et al.
    [Show full text]
  • Examples from Complex Geometry
    Examples from Complex Geometry Sam Auyeung November 22, 2019 1 Complex Analysis Example 1.1. Two Heuristic \Proofs" of the Fundamental Theorem of Algebra: Let p(z) be a polynomial of degree n > 0; we can even assume it is a monomial. We also know that the number of zeros is at most n. We show that there are exactly n. 1. Proof 1: Recall that polynomials are entire functions and that Liouville's Theorem says that a bounded entire function is in fact constant. Suppose that p has no roots. Then 1=p is an entire function and it is bounded. Thus, it is constant which means p is a constant polynomial and has degree 0. This contradicts the fact that p has positive degree. Thus, p must have a root α1. We can then factor out (z − α1) from p(z) = (z − α1)q(z) where q(z) is an (n − 1)-degree polynomial. We may repeat the above process until we have a full factorization of p. 2. Proof 2: On the real line, an algorithm for finding a root of a continuous function is to look for when the function changes signs. How do we generalize this to C? Instead of having two directions, we have a whole S1 worth of directions. If we use colors to depict direction and brightness to depict magnitude, we can plot a graph of a continuous function f : C ! C. Near a zero, we'll see all colors represented. If we travel in a loop around any point, we can keep track of whether it passes through all the colors; around a zero, we'll pass through all the colors, possibly many times.
    [Show full text]
  • A Review on Elliptic Curve Cryptography for Embedded Systems
    International Journal of Computer Science & Information Technology (IJCSIT), Vol 3, No 3, June 2011 A REVIEW ON ELLIPTIC CURVE CRYPTOGRAPHY FOR EMBEDDED SYSTEMS Rahat Afreen 1 and S.C. Mehrotra 2 1Tom Patrick Institute of Computer & I.T, Dr. Rafiq Zakaria Campus, Rauza Bagh, Aurangabad. (Maharashtra) INDIA siddiqui.rahat@gmail.com 2Department of C.S. & I.T., Dr. B.A.M. University, Aurangabad. (Maharashtra) INDIA mehrotra_suresh@yahoo.com ABSTRACT Importance of Elliptic Curves in Cryptography was independently proposed by Neal Koblitz and Victor Miller in 1985.Since then, Elliptic curve cryptography or ECC has evolved as a vast field for public key cryptography (PKC) systems. In PKC system, we use separate keys to encode and decode the data. Since one of the keys is distributed publicly in PKC systems, the strength of security depends on large key size. The mathematical problems of prime factorization and discrete logarithm are previously used in PKC systems. ECC has proved to provide same level of security with relatively small key sizes. The research in the field of ECC is mostly focused on its implementation on application specific systems. Such systems have restricted resources like storage, processing speed and domain specific CPU architecture. KEYWORDS Elliptic curve cryptography Public Key Cryptography, embedded systems, Elliptic Curve Digital Signature Algorithm ( ECDSA), Elliptic Curve Diffie Hellman Key Exchange (ECDH) 1. INTRODUCTION The changing global scenario shows an elegant merging of computing and communication in such a way that computers with wired communication are being rapidly replaced to smaller handheld embedded computers using wireless communication in almost every field. This has increased data privacy and security requirements.
    [Show full text]
  • Contents 5 Elliptic Curves in Cryptography
    Cryptography (part 5): Elliptic Curves in Cryptography (by Evan Dummit, 2016, v. 1.00) Contents 5 Elliptic Curves in Cryptography 1 5.1 Elliptic Curves and the Addition Law . 1 5.1.1 Cubic Curves, Weierstrass Form, Singular and Nonsingular Curves . 1 5.1.2 The Addition Law . 3 5.1.3 Elliptic Curves Modulo p, Orders of Points . 7 5.2 Factorization with Elliptic Curves . 10 5.3 Elliptic Curve Cryptography . 14 5.3.1 Encoding Plaintexts on Elliptic Curves, Quadratic Residues . 14 5.3.2 Public-Key Encryption with Elliptic Curves . 17 5.3.3 Key Exchange and Digital Signatures with Elliptic Curves . 20 5 Elliptic Curves in Cryptography In this chapter, we will introduce elliptic curves and describe how they are used in cryptography. Elliptic curves have a long and interesting history and arise in a wide range of contexts in mathematics. The study of elliptic curves involves elements from most of the major disciplines of mathematics: algebra, geometry, analysis, number theory, topology, and even logic. Elliptic curves appear in the proofs of many deep results in mathematics: for example, they are a central ingredient in the proof of Fermat's Last Theorem, which states that there are no positive integer solutions to the equation xn + yn = zn for any integer n ≥ 3. Our goals are fairly modest in comparison, so we will begin by outlining the basic algebraic and geometric properties of elliptic curves and motivate the addition law. We will then study the behavior of elliptic curves modulo p: ultimately, there is a fairly strong analogy between the structure of the points on an elliptic curve modulo p and the integers modulo n.
    [Show full text]
  • An Efficient Approach to Point-Counting on Elliptic Curves
    mathematics Article An Efficient Approach to Point-Counting on Elliptic Curves from a Prominent Family over the Prime Field Fp Yuri Borissov * and Miroslav Markov Department of Mathematical Foundations of Informatics, Institute of Mathematics and Informatics, Bulgarian Academy of Sciences, 1113 Sofia, Bulgaria; miro@math.bas.bg * Correspondence: youri@math.bas.bg Abstract: Here, we elaborate an approach for determining the number of points on elliptic curves 2 3 from the family Ep = fEa : y = x + a (mod p), a 6= 0g, where p is a prime number >3. The essence of this approach consists in combining the well-known Hasse bound with an explicit formula for the quantities of interest-reduced modulo p. It allows to advance an efficient technique to compute the 2 six cardinalities associated with the family Ep, for p ≡ 1 (mod 3), whose complexity is O˜ (log p), thus improving the best-known algorithmic solution with almost an order of magnitude. Keywords: elliptic curve over Fp; Hasse bound; high-order residue modulo prime 1. Introduction The elliptic curves over finite fields play an important role in modern cryptography. We refer to [1] for an introduction concerning their cryptographic significance (see, as well, Citation: Borissov, Y.; Markov, M. An the pioneering works of V. Miller and N. Koblitz from 1980’s [2,3]). Briefly speaking, the Efficient Approach to Point-Counting advantage of the so-called elliptic curve cryptography (ECC) over the non-ECC is that it on Elliptic Curves from a Prominent requires smaller keys to provide the same level of security. Family over the Prime Field Fp.
    [Show full text]
  • Lecture 9 Riemann Surfaces, Elliptic Functions Laplace Equation
    Lecture 9 Riemann surfaces, elliptic functions Laplace equation Consider a Riemannian metric gµν in two dimensions. In two dimensions it is always possible to choose coordinates (x,y) to diagonalize it as ds2 = Ω(x,y)(dx2 + dy2). We can then combine them into a complex combination z = x+iy to write this as ds2 =Ωdzdz¯. It is actually a K¨ahler metric since the condition ∂[i,gj]k¯ = 0 is trivial if i, j = 1. Thus, an orientable Riemannian manifold in two dimensions is always K¨ahler. In the diagonalized form of the metric, the Laplace operator is of the form, −1 ∆=4Ω ∂z∂¯z¯. Thus, any solution to the Laplace equation ∆φ = 0 can be expressed as a sum of a holomorphic and an anti-holomorphid function. ∆φ = 0 φ = f(z)+ f¯(¯z). → In the following, we assume Ω = 1 so that the metric is ds2 = dzdz¯. It is not difficult to generalize our results for non-constant Ω. Now, we would like to prove the following formula, 1 ∂¯ = πδ(z), z − where δ(z) = δ(x)δ(y). Since 1/z is holomorphic except at z = 0, the left-hand side should vanish except at z = 0. On the other hand, by the Stokes theorem, the integral of the left-hand side on a disk of radius r gives, 1 i dz dxdy ∂¯ = = π. Zx2+y2≤r2 z 2 I|z|=r z − This proves the formula. Thus, the Green function G(z, w) obeying ∆zG(z, w) = 4πδ(z w), − should behave as G(z, w)= log z w 2 = log(z w) log(¯z w¯), − | − | − − − − near z = w.
    [Show full text]
  • 25 Modular Forms and L-Series
    18.783 Elliptic Curves Spring 2015 Lecture #25 05/12/2015 25 Modular forms and L-series As we will show in the next lecture, Fermat's Last Theorem is a direct consequence of the following theorem [11, 12]. Theorem 25.1 (Taylor-Wiles). Every semistable elliptic curve E=Q is modular. In fact, as a result of subsequent work [3], we now have the stronger result, proving what was previously known as the modularity conjecture (or Taniyama-Shimura-Weil conjecture). Theorem 25.2 (Breuil-Conrad-Diamond-Taylor). Every elliptic curve E=Q is modular. Our goal in this lecture is to explain what it means for an elliptic curve over Q to be modular (we will also define the term semistable). This requires us to delve briefly into the theory of modular forms. Our goal in doing so is simply to understand the definitions and the terminology; we will omit all but the most straight-forward proofs. 25.1 Modular forms Definition 25.3. A holomorphic function f : H ! C is a weak modular form of weight k for a congruence subgroup Γ if f(γτ) = (cτ + d)kf(τ) a b for all γ = c d 2 Γ. The j-function j(τ) is a weak modular form of weight 0 for SL2(Z), and j(Nτ) is a weak modular form of weight 0 for Γ0(N). For an example of a weak modular form of positive weight, recall the Eisenstein series X0 1 X0 1 G (τ) := G ([1; τ]) := = ; k k !k (m + nτ)k !2[1,τ] m;n2Z 1 which, for k ≥ 3, is a weak modular form of weight k for SL2(Z).
    [Show full text]
  • Lectures on the Combinatorial Structure of the Moduli Spaces of Riemann Surfaces
    LECTURES ON THE COMBINATORIAL STRUCTURE OF THE MODULI SPACES OF RIEMANN SURFACES MOTOHICO MULASE Contents 1. Riemann Surfaces and Elliptic Functions 1 1.1. Basic Definitions 1 1.2. Elementary Examples 3 1.3. Weierstrass Elliptic Functions 10 1.4. Elliptic Functions and Elliptic Curves 13 1.5. Degeneration of the Weierstrass Elliptic Function 16 1.6. The Elliptic Modular Function 19 1.7. Compactification of the Moduli of Elliptic Curves 26 References 31 1. Riemann Surfaces and Elliptic Functions 1.1. Basic Definitions. Let us begin with defining Riemann surfaces and their moduli spaces. Definition 1.1 (Riemann surfaces). A Riemann surface is a paracompact Haus- S dorff topological space C with an open covering C = λ Uλ such that for each open set Uλ there is an open domain Vλ of the complex plane C and a homeomorphism (1.1) φλ : Vλ −→ Uλ −1 that satisfies that if Uλ ∩ Uµ 6= ∅, then the gluing map φµ ◦ φλ φ−1 (1.2) −1 φλ µ −1 Vλ ⊃ φλ (Uλ ∩ Uµ) −−−−→ Uλ ∩ Uµ −−−−→ φµ (Uλ ∩ Uµ) ⊂ Vµ is a biholomorphic function. Remark. (1) A topological space X is paracompact if for every open covering S S X = λ Uλ, there is a locally finite open cover X = i Vi such that Vi ⊂ Uλ for some λ. Locally finite means that for every x ∈ X, there are only finitely many Vi’s that contain x. X is said to be Hausdorff if for every pair of distinct points x, y of X, there are open neighborhoods Wx 3 x and Wy 3 y such that Wx ∩ Wy = ∅.
    [Show full text]
  • Elliptic Curve Cryptography and Digital Rights Management
    Lecture 14: Elliptic Curve Cryptography and Digital Rights Management Lecture Notes on “Computer and Network Security” by Avi Kak (kak@purdue.edu) March 9, 2021 5:19pm ©2021 Avinash Kak, Purdue University Goals: • Introduction to elliptic curves • A group structure imposed on the points on an elliptic curve • Geometric and algebraic interpretations of the group operator • Elliptic curves on prime finite fields • Perl and Python implementations for elliptic curves on prime finite fields • Elliptic curves on Galois fields • Elliptic curve cryptography (EC Diffie-Hellman, EC Digital Signature Algorithm) • Security of Elliptic Curve Cryptography • ECC for Digital Rights Management (DRM) CONTENTS Section Title Page 14.1 Why Elliptic Curve Cryptography 3 14.2 The Main Idea of ECC — In a Nutshell 9 14.3 What are Elliptic Curves? 13 14.4 A Group Operator Defined for Points on an Elliptic 18 Curve 14.5 The Characteristic of the Underlying Field and the 25 Singular Elliptic Curves 14.6 An Algebraic Expression for Adding Two Points on 29 an Elliptic Curve 14.7 An Algebraic Expression for Calculating 2P from 33 P 14.8 Elliptic Curves Over Zp for Prime p 36 14.8.1 Perl and Python Implementations of Elliptic 39 Curves Over Finite Fields 14.9 Elliptic Curves Over Galois Fields GF (2n) 52 14.10 Is b =0 a Sufficient Condition for the Elliptic 62 Curve6 y2 + xy = x3 + ax2 + b to Not be Singular 14.11 Elliptic Curves Cryptography — The Basic Idea 65 14.12 Elliptic Curve Diffie-Hellman Secret Key 67 Exchange 14.13 Elliptic Curve Digital Signature Algorithm (ECDSA) 71 14.14 Security of ECC 75 14.15 ECC for Digital Rights Management 77 14.16 Homework Problems 82 2 Computer and Network Security by Avi Kak Lecture 14 Back to TOC 14.1 WHY ELLIPTIC CURVE CRYPTOGRAPHY? • As you saw in Section 12.12 of Lecture 12, the computational overhead of the RSA-based approach to public-key cryptography increases with the size of the keys.
    [Show full text]
  • Applications of Elliptic Functions in Classical and Algebraic Geometry
    APPLICATIONS OF ELLIPTIC FUNCTIONS IN CLASSICAL AND ALGEBRAIC GEOMETRY Jamie Snape Collingwood College, University of Durham Dissertation submitted for the degree of Master of Mathematics at the University of Durham It strikes me that mathematical writing is similar to using a language. To be understood you have to follow some grammatical rules. However, in our case, nobody has taken the trouble of writing down the grammar; we get it as a baby does from parents, by imitation of others. Some mathe- maticians have a good ear; some not... That’s life. JEAN-PIERRE SERRE Jean-Pierre Serre (1926–). Quote taken from Serre (1991). i Contents I Background 1 1 Elliptic Functions 2 1.1 Motivation ............................... 2 1.2 Definition of an elliptic function ................... 2 1.3 Properties of an elliptic function ................... 3 2 Jacobi Elliptic Functions 6 2.1 Motivation ............................... 6 2.2 Definitions of the Jacobi elliptic functions .............. 7 2.3 Properties of the Jacobi elliptic functions ............... 8 2.4 The addition formulæ for the Jacobi elliptic functions . 10 2.5 The constants K and K 0 ........................ 11 2.6 Periodicity of the Jacobi elliptic functions . 11 2.7 Poles and zeroes of the Jacobi elliptic functions . 13 2.8 The theta functions .......................... 13 3 Weierstrass Elliptic Functions 16 3.1 Motivation ............................... 16 3.2 Definition of the Weierstrass elliptic function . 17 3.3 Periodicity and other properties of the Weierstrass elliptic function . 18 3.4 A differential equation satisfied by the Weierstrass elliptic function . 20 3.5 The addition formula for the Weierstrass elliptic function . 21 3.6 The constants e1, e2 and e3 .....................
    [Show full text]
  • Elliptic Curves, Modular Forms, and L-Functions Allison F
    Claremont Colleges Scholarship @ Claremont HMC Senior Theses HMC Student Scholarship 2014 There and Back Again: Elliptic Curves, Modular Forms, and L-Functions Allison F. Arnold-Roksandich Harvey Mudd College Recommended Citation Arnold-Roksandich, Allison F., "There and Back Again: Elliptic Curves, Modular Forms, and L-Functions" (2014). HMC Senior Theses. 61. https://scholarship.claremont.edu/hmc_theses/61 This Open Access Senior Thesis is brought to you for free and open access by the HMC Student Scholarship at Scholarship @ Claremont. It has been accepted for inclusion in HMC Senior Theses by an authorized administrator of Scholarship @ Claremont. For more information, please contact scholarship@cuc.claremont.edu. There and Back Again: Elliptic Curves, Modular Forms, and L-Functions Allison Arnold-Roksandich Christopher Towse, Advisor Michael E. Orrison, Reader Department of Mathematics May, 2014 Copyright c 2014 Allison Arnold-Roksandich. The author grants Harvey Mudd College and the Claremont Colleges Library the nonexclusive right to make this work available for noncommercial, educational purposes, provided that this copyright statement appears on the reproduced ma- terials and notice is given that the copying is by permission of the author. To dis- seminate otherwise or to republish requires written permission from the author. Abstract L-functions form a connection between elliptic curves and modular forms. The goals of this thesis will be to discuss this connection, and to see similar connections for arithmetic functions. Contents Abstract iii Acknowledgments xi Introduction 1 1 Elliptic Curves 3 1.1 The Operation . .4 1.2 Counting Points . .5 1.3 The p-Defect . .8 2 Dirichlet Series 11 2.1 Euler Products .
    [Show full text]