| Project/Area Number |
12640009
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Single-year Grants |
|---|
| Section | 一般 |
|---|
| Research Field |
Algebra
|
|---|
| Research Institution | Saitama University |
|---|
Principal Investigator |
SATOH Takakazu Saitama Univ., Dept. of Mathematics, Assoc. Prof., 理学部, 助教授 (70215797)
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
GON Yasuro Saitama Univ., Dept. of Mathematics, Assistant, 理学部, 助手 (30302508)
YANAI Hisae Saitama Univ., Dept. of Mathematics, Lecturer, 理学部, 講師 (10008865)
TAKEICHI Kisao Saitama Univ., Dept. of Mathematics, Professor, 理学部, 教授 (00011560)
|
|---|
| Project Period (FY) |
2000 – 2002
|
| Project Status |
Completed (Fiscal Year 2002)
|
| Budget Amount *help |
¥3,800,000 (Direct Cost: ¥3,800,000)
Fiscal Year 2002: ¥1,000,000 (Direct Cost: ¥1,000,000)
Fiscal Year 2001: ¥1,000,000 (Direct Cost: ¥1,000,000)
Fiscal Year 2000: ¥1,800,000 (Direct Cost: ¥1,800,000)
|
|---|
| Keywords | the Frobenius substitutions / finite fields / elliptic curves / order counting / 非アルキメデス的局所体 / フロベニウス写像 / 有理点 / 局所体 / 標準持ち上げ / 楕円曲線暗号 / アルゴリズム |
|---|
| Research Abstract |
We establish and develop a p-adic point counting algorithm for elliptic curves over finite fields of small characteristics. Let p be a fixed small prime and put q to be the N-th power of p. For a given ordinal elliptic curve E defined over the finite field k of q elements, we construct a fast algorithm to compute the number of k-rational points of E. When a small prime p is fixed and N tends to infinity, our algorithm is faster than the so-called SEA algorithm.
Our algorithm is based on the canonical lifts of elliptic curves. First we lift a given ordinal elliptic curve to its canonical lift. We use the fact that two j-invariants of lifted curves are related by the p-th modular polynomial. So, construction of the canonical lifts is reduced to find a solution to a certain system of non-linear equations. Second, we compute the leading coefficient of the dual of the lift of the p-th Frobenius morphism. This should not be confused with the inverse Frobenius substitution, since we are working over the field of characteristic zero once the curve is lifted. Third, by looking at the action of the dual of the lifted Frobenius morphism, we can compute the trace of the q-th Frobenius endomorphism. Using well-known Hasse's equality, we obtain the number of the rational points and we are done.
We further construct a faster algorithm, with some precomputations which depends on only on q. The precomputation is quite feasible for the case that N is less than, say, 500. Hence the cost of precomputation is no problem for practical applications. On the other hand, thanks to the precomputation, we can evaluate the Frobenius substitution quickly. This ameliorates the growth rate of time complexity with respect to a number of bit operations by a factor of at least the square root of N.
|
