Kaz Kobara on Wed, 29 Jan 2014 23:46:54 +0100

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 RE: Your help needed

```Dear Bill and all,

> Not unless you know the factorisation of the order of the elliptic curve,
> or some similar useful information

Thank you for this information.

That's why the manual of ellorder()
http://pari.math.u-bordeaux.fr/dochtml/html/Functions_related_to_elliptic_cu
rves.html
suggests to supply o of

? N = p+1-ellap(E,p); o = [N, factor(N)];

This solved our problem. Thank you very much.

I have another favor to ask you or pari-users.

E = ellinit([a,b], 2)

defines EC over F2, but how EC over GF(2^m) can be defined on PARI/GP?

Best regards,
Kaz

> -----Original Message-----
> From: Bill Allombert [mailto:Bill.Allombert@math.u-bordeaux1.fr]
> Sent: Tuesday, January 28, 2014 10:18 PM
> To: SeongHan Shin
> Cc: pari-users@pari.math.u-bordeaux.fr; =?UTF-8?B?5Y+k5Y6f5ZKM6YKm?=
> Subject: Re: Your help needed
>
> On Tue, Jan 28, 2014 at 08:05:27AM +0900, SeongHan Shin wrote:
> > Dear Bill,
> >
> > >I assume you want to compute the order of a point on a elliptic curve
> > >over a finite field of size around 512bit.
> > >Unfortunately the number of points on the curve is too hard to be
> > >factored by PARI.
> > Yes, that's exactly what I want to do.
> > Is there any way to compute a 512-bit order?
>
> Not unless you know the factorisation of the order of the elliptic curve,
> or some similar useful information
>
> Cheers,
> Bill.

```