MAS 6396: Elliptic Curves
The course assumes familiarity with elementary concepts from algebra, as covered by an introductory algebra course, for instance. After completion of this course you should be acquainted with the basic definitions and results from the theory of elliptic curves. You should understand and be able to explain essential algebraic properties of elliptic curves over fields of different characteristics. Moreover, after completion of this course, you should know how to perform basic algorithmic tasks related to elliptic curves, like computing in a group defined by an elliptic curve, evaluating a Weil pairing or counting the number of points on an elliptic curve.
Most of the material will be taken from the book Elliptic Curves: Number Theory and Cryptography, second edition (Lawrence C. Washington, Chapman & Hall/CRC, 2008), subsequently referred to as [Was08].
The following topics are to be discussed:
- Basic theory of elliptic curves
- Torsion points
- Elliptic curves over finite fields
- Elliptic curves over the rational numbers
- Complex multiplication
- Divisors
- Zeta functions
More information on the course is available in the syllabus, and comments are welcome.
Topics Discussed in Class
- 08/25/09: Weierstrass equations, group law for an elliptic curve
Literature: [Was03, Ch. 2.1, Ch. 2.2]
- 08/27/09: projective space, j-invariant in characteristic not 2 or 3
Literature: [Was08, Ch. 2.3, Ch. 2.7]
- 09/01/09: j-invariant in arbitrary characteristic, endomorphisms and separability
Literature: [Was08, Ch. 2.8], [H. Cohen and G. Frey: Handbook of Elliptic and Hyperelliptic Curve Cryptography, Ch. 4.4.2.a]
- 09/03/09: examples of separable endomorphisms, Frobenius map
Literature: [Was08, Ch. 2.8]
- 09/08/09: kernel size and surjectivity of endormorphisms
Literature: [Was08, Ch. 2.9]
- 09/10/09: (non-)separability of multiplication by n; additive reduction
Literature: [Was08, Ch. 2.9, Ch. 2.10]
- 09/15/09: multiplicative reduction; torsion points; Homework 1 is available
Literature: [Was08, Ch. 2.10, Ch. 3.1]
- 09/17/09: Division polynomials; properties of the Weil pairing
Literature: [Was08, Ch. 3.2, Ch. 3.3]
- 09/22/09: properties of the Weil pairing; Joux's tripartite Diffie-Hellman protocol
Literature: [Was08, Ch. 3.3], A. Joux: A One Round Protocol for Tripartite Diffie-Hellman
- 09/24/09: structure of E(GF(q)); Hasse's Theorem
Literature: [Was08, Ch. 4.1, Ch. 4.2]
- 09/29/09: characteristic polynomial of Frobenius with application to determining the group order of E(GF(q^n)) with small q
Literature: [Was08, Ch. 4.2, Ch. 4.3]
- 10/01/09: determining the order of a point using the baby step, giant step algorithm
Literature: [Was08, Ch. 4.3]
- 10/03/09: zeta function of an elliptic curve over GF(q)
Literature: [Was08, Ch. 14.1]
- 10/08/09: supersingular curves
Litrature: [Was08, Ch. 4.6]
- 10/10/09: supersingular curves and the Legendre form
Literature: [Was08, Ch.4.6]
- 10/15/09: index calculus; MOV attack
Literature: [Was08, Ch. 5.1, Ch. 5.3.1]
- 10/22/09: BDH assumption, non-interactive key establishment; Homework 2 is available
Literature: K.G. Paterson, S. Srinivasan: On the relations between non-interactive key distribution,
identity-based encryption and trapdoor discrete log
groups; Designs Codes and Cryptography 52(2): 219-241, 2009
- 10/22/09: introduction to divisors
Literature: [Was08, Ch. 11.1]
- 10/24/09: elliptic curves as quotient of divisors of degree 0
Literature: [Was08, Ch. 11.1]
- 10/29/09: elliptic curves as quotient of divisors of degree 0 (continuation of proof)
Literature: [Was08, Ch. 11.1]
- 10/31/09: definition and properties of the Weil pairing
Literature: [Was08, Ch. 11.2]
- 11/03/09: computing a Weil pairing
Literature: [Was08, Ch. 11.4]
- 11/05/09: Riemann-Roch theorem
Literature: [Was08, Ch. 11.5]
- 11/10/09: genus one curves; Edwards coordinates of elliptic curves
Literature: [Was08, Ch. 11.5], H.E. Edwards: A normal form for elliptic curves; Bulletin of the AMS 44(3): 393-422, 2007; web site Edwards coordinates for elliptic curves
For questions or comments, please feel free to contact me anytime
(see my homepage for email, phone number, etc.).
Nov 15, 2009