Re: Reduced Tate pairing in supersingular elliptic curves

Aleksandr Lenin on Thu, 19 Apr 2018 17:24:38 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Reduced Tate pairing in supersingular elliptic curves

To: pari-users@pari.math.u-bordeaux.fr
Subject: Re: Reduced Tate pairing in supersingular elliptic curves
From: Aleksandr Lenin <aleksandr.lenin@cyber.ee>
Date: Thu, 19 Apr 2018 18:24:29 +0300
Autocrypt: addr=aleksandr.lenin@cyber.ee; prefer-encrypt=mutual; keydata= xsFNBFg+zhcBEADDEV0vMCFAkMGPnaEqsa4JnTUIGPrQvVkp5hCyVwTgHOzDTw4x3FljwbJ9 BoVI9V3d9j9OdxM6WSKlinjf7ZDFajzRo+O1aevXuJNAdXyWsCfdgKP9zsxcdf2pcgkTSh4j I2fFkjndylGYPrSbKFLdZz+SngY+wXAEQ1CcKSAmwm2Gd5qqXgjErIFtvRtcRnH+0z4/Hbw0 5BPASCpdmrfu/ALvM6YWi4Bskqz6TAtsFdqJV1MpWBwU56CdLgt3q8SOoBOzJBIF329OPW/O BIXdByfeA4Z7HVLLjQM/D5CPRvjBRJw5tfTd5dAH30uJDF3C88DE4mpZrR8dRrSuFhBEacSO MU6UoBm8q3V6yeRv9zQENDBXa+StTTOYKR2DI+7pLFzfYBRMu18IdgPoG7Vyzo9T+SSvRkb/ csGS7uwpwzNXLQ7GM4xAguBmlWUBWuJRH+t5+zPJ9a2k9bYpwos72PkPGdss4/xDu/d9p04Z xkXLj3RbPWac8B6wxkt6spuDni8W1N2KIDV8Gbe5wDzEns/ebVaH/oSC0UZaDQVW2ye4jCpL hnn7K23FBGe6xwiD8RzIEHkrTv/M2XoLvt0vkNouquliZSRmLfJA11M+50kOhdd+GntLhob0 zZjYhxv7pJjGW10XpqDE4tP205zrjU/oyn5XQY7IMDrbjCJT3wARAQABzSpBbGVrc2FuZHIg TGVuaW4gPGFsZWtzYW5kci5sZW5pbkBjeWJlci5lZT7CwX0EEwEIACcFAlg+zhcCGyMFCQlm AYAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ4HByBsz4rF0OURAAjs3Ehe+8EAjhgv0O rKy6SALX2qVPiviwqg4i67HE8E2pJcZNivma8s/6V2VJClzvTpDzW/u5hPVJVJrMBkE+SdQp Z+3GrFUTIElocJWIboqRyTx/h8mHKTjIM9dcJxvnsxxP2l9UoNMr2Dcl3r0v6YMgB1XxiRg5 PROVWlR0do+b6cQb89fLTvngqd9NhpRBgxNqf0HrjAYFuDRXNu5AOlAlKajPc1K0A5B8K0za 4G8jUMipX2/y6iqpjIm73rKvFZVgRlXYlcz+rS6Uhi5ee4/zi8Z3roN9GZ+NzbUV8culwBu0 VhoSXqCfWqdhzCluTw/BWuWbkZ9MENPEhmXmoAK+wmMNXQHVXo602Cjn8xJeYXjoY8cAb7MX SBOYBF4yviTuFHvXiYROxjNsE53i/R4qJEb1Br2So/6oM1jQZ8vWFeE8UlDYsw9UnLgu0tQF iN+O14Az7Ohn367u4kxHnmAyJpxOkJwkzvGejbavyjCg0PkivZfu0Fnfg9JsCdcxMWYTActu GY87rnxx7EGk9VBjmfmtUO0d+MrwL32GyT18KyIGN6H6evJJBp/5hNsh8pDfXwzvHebEADOo BEeQspzAfmc1A92PZLqbXMC62PWz0ULWRzTI20s0AijLwoQFTNgM4n2am4ma+QyyS9gtsvZD lS9BlHOEYkcHOJetdUvOwU0EWD7OFwEQALnjVZAmxrQixWfoQH7DgUNvHD31VDKIU1RZVrgm 43PxrxTVWwAjVm+ZwKqHgUbZeeiQy+mIZN9yL7LNvEtxT3LV2SlUSG0Q7NemQry5+kMbYgyF CVIBp+/5Abay6wBtTk3y/Gk7ZcoDBxxuaMy2bzqFBq1JPmQYWMMWCU7U/mBnJGd8NUaxE016 9QNkJnQsuxHX5IS13qSD3VOAvnqEMcJQxF1HqXTtOG7j3bmkNAgd+uKR/l6tyhr9BqYlguvX JAKipUGBxySHkXdvUledNw3qVqYCzy7+UT/Rjza/mlIDEkFEgevEIGB/u74lr60TnB0FDHQG 7B8p8gT5phNJZQvYxEz/htoUOmuKEAYezY/CFRGS4v1Xzqt5AlXBoorV8YkbMhv1f6H2Y17m RFgIboBYxU66JMKx3AiZMhAg0RpTQgQMsjxKVFEPFTFBsu7rQ76NEFdImjsIG/T0iJSbJYTV QLE/ceRK5mWn8m8PPdSWsERkQIFeUGziMeGZ8MfjeUg33fmt1sf8HW5nPSbsaguMguLYYHiW lSVjUXYCfcXqUdGIm1BrxTI/kThzvD+FFtt5QhLHi7/NxU0IF5AmqKlNO5p7hNgVTQayHzJb 8bR8PdFYXCUuNejO3zeiuWH4Pg1pIc0I/wDnTmkQAhH4O67mmy6RylzhmwAeNeCe/izvABEB AAHCwWUEGAEIAA8FAlg+zhcCGwwFCQlmAYAACgkQ4HByBsz4rF32TRAAl2l5BXnp8Rvnm5Vv 2ZqFRTpVMzVQiH3FsDh7WdA9yzz4xOYxDLmnyOA1Ag4hK2RrotdhLCyNV7VAcXixHwufpXa1 hnXQRGTxRQ/83RHDdhTDYmXgseuJ4A/IUg12Ub10HmdnxHVaF2QT7tbB9Fa9o5DA2DHM4cWQ BhMRjsagVa7PtzadyvrtdXYHunSRh3O2hOMP0w/goU/INL4bqhl7le8qpHIV0K8WQMQHWkuu 5cB6nmsTegFXy3fi0//GN/dtzz9HyCOm2N20rijcuMbNrTSclCOxCUV9mwyTiGQEwOhOhMgH RgbeNUp0nA9P6Q/lANJt0I2qNKZVWV4FtUzzPPMSSz25v39hbiNgT4p3DNYiw8E1rgFj/h0F K0KK16nSao2y62f/p/+pBajYAIPT/z4p80FRK3r7Pauy7LXQya8h+mGiyuY46ZPFQb3xjeZg /1hu5akwrnp8ME54zvzSk86L4zH4XZ20vdU1j7wY8oFbFVdjIDuUfb1XorWRe1aI54Nb+JZm xzBfZwpxmg1i1IMjCRWthVqQdg6oPcabXDrGM4GzJu9UnMLJIGpeUXnhV1VaMCcBBcvc4bwD 6BdW5CFGkncegvQTRnzN8J422a8awuedG0dZtH4OmHn61OZEfrZQWis8UFX2j4gL1HnqdEav ekgdeiobwetd5TJhNf8=
Delivery-date: Thu, 19 Apr 2018 17:24:38 +0200
In-reply-to: <20180418220225.GI25420@yellowpig>
Openpgp: preference=signencrypt
References: <1f4d9137-c75d-3e6c-3120-bf536887e010@cyber.ee> <20180417193911.GJ9805@yellowpig> <20180417211040.GD25420@yellowpig> <896f1087-28bd-08dc-b149-574d6117747d@cyber.ee> <20180418220225.GI25420@yellowpig>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

Hello Bill,

thank you for such a detailed explanation, much appreciated! It became
much clearer now.

-- 
Aleksandr

On 04/19/2018 01:02 AM, Bill Allombert wrote:
> On Wed, Apr 18, 2018 at 11:13:34AM +0300, Aleksandr Lenin wrote:
>> Hello Bill,
>>
>> thanks for your answer.
>>
>> On 04/18/2018 12:10 AM, Bill Allombert wrote:
>>> However E(F_q) is isomorphic to (Z/lZ)^2 with r^6 dividing l,
>                                           I meant r^3
>>> and p2 is of order r, so p2 can be written as [r].q for some point q,
>>> so the Tate pairing (p1,p2) is trivial.
>>
>> I do not completely understand the last inference about the triviality
>> of the Tate pairing.
> 
> E(F_q) is isomorphic to (Z/lZ)^2, so there are two generators g1, g2 of
> order l. Since p2 belong to E(F_q), there exist a, b, such that 
> p2= a.g1 + b.g2
> Now
> r.p2 = (r*a).g1 + (r.b)*.g2
> since r.p2 = oo then 
> r*a = 0 [l]
> r*b = 0 [l]
> Since r^2 divides l, then
> r*a = 0 [r^2]
> r*b = 0 [r^2]
> so
> a=0 [r]
> b=0 [r]
> So it existe a', b' such that
> a= r*a'
> b= r*b'
> We set q2 = a'.g1+b'.g2
> then r.q2 = p2
> 
> Now the Tate pairing is bilinear so tate_r(p1,p2) = tate_r(p1,q2)^r
> so tate_r(p1,p2)^((q-1)/r) = tate_r(p1,q2)^(q-1) = 1.
> 
> Cheers,
> Bill
>

References:
- Reduced Tate pairing in supersingular elliptic curves
  - From: Aleksandr Lenin <aleksandr.lenin@cyber.ee>
- Re: Reduced Tate pairing in supersingular elliptic curves
  - From: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>
- Re: Reduced Tate pairing in supersingular elliptic curves
  - From: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>
- Re: Reduced Tate pairing in supersingular elliptic curves
  - From: Aleksandr Lenin <aleksandr.lenin@cyber.ee>
- Re: Reduced Tate pairing in supersingular elliptic curves
  - From: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>

Prev by Date: Re: Reduced Tate pairing in supersingular elliptic curves
Previous by thread: Re: Reduced Tate pairing in supersingular elliptic curves
Index(es):
- Date
- Thread