A Weil pairing on the p-torsion of ordinary elliptic curves over K[ ]
نویسنده
چکیده
For an elliptic curve E over any field K, the Weil pairing en is a bilinear map on n-torsion. For K of characteristic p > 0, the map en is degenerate if and only if n is divisible by p. In this paper, we consider E over the dual numbers K[ ] and define a non-degenerate “Weil pairing on p-torsion” which shares many of the same properties of the Weil pairing. We also show that the discrete logarithm attacks on p-torsion subgroups of Semaev and Rück may be viewed as Weil-pairing-based attacks, just like the MOV attack. Finally, we describe an attack on the discrete logarithm problem on anomalous curves, analogous to that of Smart, using a lift of E over Fp[ ].
منابع مشابه
A WEIL PAIRING ON THE p-TORSION OF ORDINARY ELLIPTIC CURVES OVER K[ǫ]
For an elliptic curve E over any field K, the Weil pairing en is a bilinear map on n-torsion. For K of characteristic p > 0, the map en is degenerate if and only if n is divisible by p. In this paper, we consider E over the dual numbers K[ǫ] and define a non-degenerate “Weil pairing on ptorsion” which shares many of the same properties of the Weil pairing. We also show that the discrete logarit...
متن کاملComplete characterization of the Mordell-Weil group of some families of elliptic curves
The Mordell-Weil theorem states that the group of rational points on an elliptic curve over the rational numbers is a finitely generated abelian group. In our previous paper, H. Daghigh, and S. Didari, On the elliptic curves of the form $ y^2=x^3-3px$, Bull. Iranian Math. Soc. 40 (2014), no. 5, 1119--1133., using Selmer groups, we have shown that for a prime $p...
متن کاملOn the elliptic curves of the form $ y^2=x^3-3px $
By the Mordell-Weil theorem, the group of rational points on an elliptic curve over a number field is a finitely generated abelian group. There is no known algorithm for finding the rank of this group. This paper computes the rank of the family $ E_p:y^2=x^3-3px $ of elliptic curves, where p is a prime.
متن کاملThe Discrete Logarithm Problem on the p-torsion Subgroup of Elliptic Curves
An ongoing challenge in cryptography is to find groups in which the DLP is computationally infeasible, that is, for which the best known attack is exponential in log(N). Such a group can be used as the setting for many cryptographic protocols, from Diffie-Hellman key exchange to El Gamal encryption ([14], 159). The most prominent example, first proposed in 1985, is a subgroup of points of an el...
متن کاملThe Geometry of Elliptic Curves over Finite Fields
We first provide an overview of the basic results in the geometry of elliptic curves, introducing the Picard Group, Weierstrass Equations, and Isogenies. This is followed by a discussion of the structure of m-torsion points on an elliptic curve, introducing such tools as the Weil pairing and the l-adic Tate module. The paper culminates in a theorem counting the rational points on an elliptic cu...
متن کامل