Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

asked 2017-11-22 14:16:18 +0200

Shalec gravatar image

Defining a subgroup of elliptic curves with specific characteristics

Hey,

is there a way, to define a subgroup of an elliptic curve with two or more characteristics? I would like to take an elliptic curve over a finite field of order p and $p^4$, define the r-torsion subgroup (where $r$ is a prime, too) and reduce those to the set of points, which also lays in the Frobenius-eigenspace.

For example:

p= 13
r=5
R=GF(p)
_.<x> = PolynomialRing(R)
R4.<x> = R.extension(x^4 - 2, 'x')
_.<y> = PolynomialRing(R)

b= x^-1

E = EllipticCurve(R, [1,0]) # y^2 = x^3+x
E4 = EllipticCurve(R4, [b,0])

Well, it is easy to find a point on $Q\in E4$, such that $r*Q = (0:1:0)$, use

Q=ZZ(E4.order()/r *Q

, but checking, if $\pi(Q) = pQ$ is hard. I only need one point of that group at all, but my $p$ is even larger, so brute-forcing would be an option, if I could start it 6-12 month ago :)

Defining a subgroup of elliptic curves with specific characteristics

Hey,

is there a way, to define a subgroup of an elliptic curve with two or more characteristics? I would like to take an elliptic curve over a finite field of order p and $p^4$, define the r-torsion subgroup (where $r$ is a prime, too) and reduce those to the set of points, which also lays in the Frobenius-eigenspace.

For example:

p= 13
r=5
R=GF(p)
_.<x> = PolynomialRing(R)
R4.<x> = R.extension(x^4 - 2, 'x')
_.<y> = PolynomialRing(R)

b= x^-1

E = EllipticCurve(R, [1,0]) # y^2 = x^3+x
E4 = EllipticCurve(R4, [b,0])

Well, it is easy to find a point on $Q\in E4$, such that $r*Q = (0:1:0)$, use

Q=ZZ(E4.order()/r *Q

, but checking, if $\pi(Q) $( x(Q)^p, y(Q)^p )=\pi(Q) = pQ$ is hard. I only need one point of that group at all, but my $p$ is even larger, larger (~340 bits), so brute-forcing would be an option, if I could start it 6-12 month ago :)

Furthermore, if I concider to evaluate the secant or tangent on E and let me return a point on that curve, it will have projective coordinates, with $z(P)\neq1$. Shall I apply $\pi$ to all three coordinates?

click to hide/show revision 3
retagged

updated 2018-12-16 18:41:42 +0200

FrédéricC gravatar image

Defining a subgroup of elliptic curves with specific characteristics

Hey,

is there a way, to define a subgroup of an elliptic curve with two or more characteristics? I would like to take an elliptic curve over a finite field of order p and $p^4$, define the r-torsion subgroup (where $r$ is a prime, too) and reduce those to the set of points, which also lays in the Frobenius-eigenspace.

For example:

p= 13
r=5
R=GF(p)
_.<x> = PolynomialRing(R)
R4.<x> = R.extension(x^4 - 2, 'x')
_.<y> = PolynomialRing(R)

b= x^-1

E = EllipticCurve(R, [1,0]) # y^2 = x^3+x
E4 = EllipticCurve(R4, [b,0])

Well, it is easy to find a point on $Q\in E4$, such that $r*Q = (0:1:0)$, use

Q=ZZ(E4.order()/r *Q

, but checking, if $( x(Q)^p, y(Q)^p )=\pi(Q) = pQ$ is hard. I only need one point of that group at all, but my $p$ is even larger (~340 bits), so brute-forcing would be an option, if I could start it 6-12 month ago :)

Furthermore, if I concider to evaluate the secant or tangent on E and let me return a point on that curve, it will have projective coordinates, with $z(P)\neq1$. Shall I apply $\pi$ to all three coordinates?

Copyright Sage, 2010. Some rights reserved under creative commons license. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.7.59