here - Sites personnels de TELECOM ParisTech - TÃ©lÃ©com ParisTech

More documents

Recommendations

Info

136 Chapter 5. Complex multiplication and elliptic curvesDefinition 5.1.18. Let K be a perfect field. Let φ : C 1 → C 2 be a non-constant morphismbetween algebraic curves defined over K. Different homomorphisms between the divisors of thecurves can be defined from a morphism between them:• φ ∗ : Div(C 2 ) → Div(C 1 ), Q ↦→ ∑ P ∈φ −1 (Q) e φ(P )P ,• φ ∗ : Div(C 1 ) → Div(C 2 ), P ↦→ ∑ Pφ(P ).Proposition 5.1.19 ([244, Proposition II.3.6]). Let K be a perfect field. Let φ : C 1 → C 2 be anon-constant morphism between algebraic curves defined over K. Then• φ ∗ (div(f)) = div(φ ∗ (f)),• φ ∗ (div(f)) = div(φ ∗ (f)),• f(φ ∗ (D)) = φ ∗ (f)(D),• f(φ ∗ (D)) = φ ∗ (f)(D).Proposition 5.1.20 (Weil’s reciprocity [244, Exercise 2.11], [19, Theorem IX.3]). Let K be aperfect field and C an algebraic curve defined over K. Let f, g ∈ K(C) ∗ be two functions withdisjoint supports. Thenf(div(g)) = g(div(f)) .5.1.3 PairingsThere exist important bilinear applications, both for theoretical questions and practical applications,which can be defined on elliptic curves: pairings.Definition 5.1.21 (Pairing). Let A be a ring and M, N and L A-modules. A pairing is anA-bilinear map from M × N into L (or equivalently an A-linear from M ⊗ A N into L).We first define the Tate pairing. Let K be a perfect field and E an elliptic curve definedover K. Let m ≥ 2 be an integer co-prime to the characteristic of K. Let P ∈ E(K)[m] andQ ∈ E(K)/mE(K). There exists a function f ∈ K(E) such thatdiv(f) = m(P ) − m(O E ) .We now choose a representative of Q in E(K) and a divisor D ∼ (Q) − (O E ) with support disjointfrom that of div(f) so that we can compute f(D).Definition 5.1.22 (Tate pairing). Let K be a perfect field and E an elliptic curve definedover K. Let m ≥ 2 be an integer co-prime to the characteristic of K. Let P ∈ E(K)[m] andQ ∈ E(K)/mE(K). The Tate pairing is defined as above:〈P, Q〉 m = f(D) ∈ K ∗ /(K ∗ ) m .It can be shown that this map is well defined (up to m-th powers) and does not depend onthe different choices we have to make [19, Lemma IX.4], [19, Lemma IX.5].Theorem 5.1.23 ([19, Theorem IX.7]). Let K be a perfect field and E an elliptic curve definedover K. Let m ≥ 2 be an integer co-prime to the characteristic of K. Let P, P 1 , P 2 , Q, Q 1 , Q 2 ∈E(K) and σ ∈ Gal(K/K). The Tate pairing satisfies the following properties:1. Bilinearity: 〈P 1 + P 2 , Q〉 m = 〈P 1 , Q〉 m 〈P 2 , Q〉 m and 〈P, Q 1 + Q 2 〉 m = 〈P, Q 1 〉 m 〈P, Q 2 〉 m .
5.1. Further background on elliptic curves 1372. Non-degeneracy: if K is finite and contains the m-th roots of unity, then the Tate pairingis non-degenerate.3. Galois invariance: 〈σP, σQ〉 m = σ〈P, Q〉 m .The bilinearity is a consequence of Weil’s reciprocity. A proof of the non-degeneracy is givenin [104]. A more elementary and specific one has been devised by Heß [130].We now define the Weil pairing. With the same notation as before, let P ∈ E[m] be anm-torsion point. There exists a function f ∈ K(E) such that:div(f) = m(P ) − m(O E ) .Multiplication by m is a surjective map on E(K), so we can choose P ′ such that [m]P ′ = P .There exists a function g ∈ K(E) such thatdiv(g) = [m] ∗ ((P ) − (O E )) =∑(P ′ + R) − (R) ,because [m 2 ]P ′ = O E . Furthermoreso that (g ◦ τ Q /g) ∈ K. FinallyR∈E[m]div(g ◦ τ Q ) = div(τ ∗ Qg) = τ ∗ Q div(g) = div(g) ,div(f ◦ [m]) = div([m] ∗ f) = [m] ∗ div(f) = m div(g) = div(g m )and so f ◦ [m] = g m up to a non-zero multiplicative constant. If Q ∈ E[m] and S ∈ E(K), theng((S + Q)) m = f([m](S + Q)) = f([m](S)) = g((S)) m , so g(S+Q)g(S)is an m-th root of unity.Definition 5.1.24 (Weil pairing). Let K be a perfect field and E an elliptic curve defined over K.Let m ≥ 2 be an integer co-prime to the characteristic of K. Let P, Q ∈ E(K)[m] be m-torsionpoints. We define the Weil pairing as above:e m (P, Q) =g(S + Q)g(S).Theorem 5.1.25 ([19, Theorem IX.10], [244, Proposition III.8.1]). Let K be a perfect field andE an elliptic curve defined over K. Let m ≥ 2 be an integer co-prime to the characteristic of K.Let P, P 1 , P 2 , Q, Q 1 , Q 2 ∈ E(K)[m] and σ ∈ Gal(K/K). The Weil pairing satisfies the followingproperties:1. Bilinearity:2. Alternance: e m (P, Q) = e m (Q, P ) −1 .e m (P 1 + P 2 , Q) = e m (P 1 , Q)e m (P 2 , Q) ,and e m (P, Q 1 + Q 2 ) = e m (P, Q 1 )e m (P, Q 2 ) .3. Non-degeneracy: if E(K) contains E[m], then e m (P, Q) ≠ 1.4. Galois invariance: e m (σP, σQ) = σe m (P, Q).The Weil pairing and the Tate pairing are closely related. In fact, the following proposition isoften used to define the Weil pairing.
Page 1:
2012-ENST-003EDITE de ParisDoctorat
Page 4 and 5:
Jean-Pierre Flori: Boolean function
Page 7:
AbstractThe core of this thesis is
Page 11 and 12:
AcknowledgmentsVladimir. — Quand
Page 13 and 14:
ContentsList of symbols and notatio
Page 15 and 16:
Contentsxv4 Efficient characterizat
Page 17 and 18:
List of figures1.1 The filter model
Page 19 and 20:
List of symbols and notationGeneral
Page 21 and 22:
List of symbols and notationxxil(t)
Page 23 and 24:
List of symbols and notationxxiiidi
Page 25:
List of symbols and notationxxvu
Page 28 and 29:
2 Introduction1 Mathematics and cry
Page 30 and 31:
4 Introductiongiving more general b
Page 33 and 34:
Chapter 1Boolean functions incrypto
Page 35 and 36:
1.1. Cryptographic criteria for Boo
Page 37 and 38:
1.2. Families of Boolean functions
Page 39 and 40:
Page 41 and 42:
Page 43:
Page 46 and 47:
20 Chapter 2. On a conjecture about
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113: 86 Chapter 2. On a conjecture about
Page 119: Part IIBent functions and pointcoun
Page 122 and 123: 96 Chapter 3. Bent functions and al
Page 124 and 125: 98 Chapter 3. Bent functions and al
Page 126 and 127: 100 Chapter 3. Bent functions and a
Page 136 and 137: 110 Chapter 4. Efficient characteri
Page 155: Part IIIComplex multiplication and
Page 158 and 159: 132 Chapter 5. Complex multiplicati
Page 185 and 186: Chapter 6Complex multiplication in
Page 187 and 188: 6.1. Abelian varieties 1616.1 Abeli
Page 189 and 190: 6.1. Abelian varieties 163Theorem 6
Page 191 and 192: 6.1. Abelian varieties 165A homomor
Page 193 and 194: 6.1. Abelian varieties 1676.1.5 Hom
Page 195 and 196: 6.2. Class groups and units 169The
Page 197 and 198: 6.2. Class groups and units 171in [
Page 199 and 200: 6.3. Complex multiplication 173If t
Page 201 and 202: 6.3. Complex multiplication 175•
Page 203 and 204: 6.3. Complex multiplication 177We h
Page 205 and 206: 6.3. Complex multiplication 179pola
Page 207 and 208: 6.4. Class polynomials for genus 2
Page 209 and 210: 6.4. Class polynomials for genus 2
Page 211: Appendices
Page 214 and 215:
Table A.3: Coefficients for d = 3,
Page 216 and 217:
Table A.8: Coefficients for d = 8,
Page 218 and 219:
192 Bibliography[13] Elwyn Ralph Be
Page 220 and 221:
194 Bibliography[42] Claude Carlet,
Page 222 and 223:
196 Bibliography[72] Cunsheng Ding,
Page 224 and 225:
198 Bibliography[102] David Freeman
Page 226 and 227:
200 Bibliography[132] Marc Hindry a
Page 228 and 229:
202 Bibliography[161] Philippe Lang
Page 230 and 231:
204 Bibliography[191] Willi Meier a
Page 232 and 233:
206 Bibliography[222] Oscar Seymour
Page 234 and 235:
208 Bibliography[254] Marco Streng.
Page 236 and 237:
210 Bibliography[286] Chia-Fu Yu. T
Page 238 and 239:
212 IndexForm class group . . . . .
Page 240 and 241:
214 IndexKKloosterman sum . . . . .
Page 243 and 244:
Résumé longFauĆ.Werd’ iĚ beru
Page 245 and 246:
1. Des fonctions booléennes et d
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
2. Fonctions courbes et comptage de
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
3. Multiplication complexe et polyn
Page 263 and 264:
Page 265 and 266:
Page 267:
show all

here - Sites personnels de TELECOM ParisTech - TÃ©lÃ©com ParisTech

Create successful ePaper yourself

Delete template?

Save as template?