Bill Allombert on Mon, 13 Jun 2005 21:37:40 +0200


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Elliptic Curve over binary field


Hauw Suwito told me privately that my instructions were not 
completly right:

On Fri, Jun 10, 2005 at 08:43:36PM +0200, Bill Allombert wrote:
> Try the following:
> 
> 1) Compute a polynomial (in w) defining your field:
> F=ffinit(2,m,w);
> 2) Set a to w mod F
> a=Mod(w,F);

That should be 
a=Mod(w*Mod(1,2),F)

> 3.a) Define your curve in term of a:
> E=ellinit([0,0,a,0,a+1]);
> 3.b) If your curve is defined of F_2, simply multiply it by a^0 instead:
> E=ellinit([0,0,1,0,1]*a^0);
That should be 
E=ellinit([0,0,1,0,1]*Mod(Mod(1,2),F));

> Now you can do operations on points of E as usual:
> ? elladd(E,[1,a],[0,1])
> %4 = [Mod(w^2 - 2*w, Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2)), Mod(Mod(1, 2),
> Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2))]
which was wrong. With the right instruction, you get:

%4 = [Mod(Mod(1, 2)*w^2, Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2)), Mod(Mod(1,
2), Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2))]
which is correct.

However we have hit a fine point of semantic:

? Mod(w*Mod(1,2),F)^0
%5 = Mod(1, Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2))

whereas we expect the result below:
%5 = Mod(Mod(1, 2), Mod(1, 2)*w^3 + Mod(1, 2)*w^2 + Mod(1, 2))

In fact
? (x*Mod(1,2))^0
%6 = 1

where we would prefer Mod(1,2).

However, I don't think we can fix this problem:
what should we return for
(A*x^2+B*x+C)^0 where A,B and C are arbitrary PARI objects ?

Cheers,
Bill.