Vorapong Suppakitpaisarn mr_t_dtone

Discrete Methods in Mathematical InformaticsLecture 1: What is Elliptic Curve?

9th October 2012

Vorapong Suppakitpaisarnhttp://www-imai.is.s.u-tokyo.ac.jp/~mr_t_dtone/

[email protected], Eng. 6 Room 363Download Slide at: https://www.dropbox.com/s/xzk4dv50f4cvs18/Lecture

%201.pptx?m

First Section of This Course [5 lectures]

Lecture 1: What is

Elliptic Curve?

Lecture 2: Elliptic Curve

Cryptography

Lecture 3-4:

Fast Implementation

for Elliptic Curve Cryptography

Lecture 5: Factoring

and Primality Testing

L. C. Washington, “Elliptic Curves: Number Theory and Cryptography”, Chapman &

Hall/CRC, 2003.

• Lecture 1: Chapter 1, Chapter 2 (2.1, 2.2)

• Lecture 2: Chapter 6 (6.1 – 6.6)

• Lecture 5: Chapter 7

Recommended Reading

H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, F. Vercauteren, "Handbook of Elliptic and Hyperelliptic

Curve Cryptography", Chapman & Hall/CRC, 2005.

A. Cilardo, L. Coppolino, N. Mazzocca, L. Romano, "Elliptic Curve Cryptography Engineering", Proc. of IEEE Vol. 94,

No. 2, pp. 395-406 (2006).

In each lecture, 1-2 exercises will be given,

Choose 3 Problems out of them.

Submit to

[email protected]

before 31 Dec 2012

Grading


Lecture 1: What is

Elliptic Curve?


Cryptography

Lecture 3-4:

Fast Implementation





Hall/CRC, 2003.




Recommended Reading




No. 2, pp. 395-406 (2006).



Submit to

[email protected]

before 31 Dec 2012

Grading

Problem 1: The Artillerymens Dilemma (is not a) Puzzle

http://cashflowco.hubpages.com/

?

Height = 0: 0 Ball Square

Height = 1: 1 Ball Square

Height = 2: 1 + 4 = 5 Balls Not Square

Height = 3: 1 + 4 + 9 = 14 Balls Not Square

Height = 4: 1 + 4 + 9 + 16 = 30 Balls Not Square

2232222

61

21

31

6121321 yxxx)x)(x(xx...

Elliptic Curve

Problem 1: The Artillerymens Dilemma (is not a) Puzzle (cont.)

223

61

21

31 yxxx

(0,0)

(1,1)

y = x

223

61

21

31 xxxx

021

23 23 xxx

0)()(

0))()((23

abcxbcacabxcbaxcxbxax

a,b,cequation the of roots

are that Suppose

solution. another is 21 y ,

21 x thatknow We

21

2310

c

ccba

(1/2,1/2)

Problem 1: The Artillerymens Dilemma (is not a) Puzzle (cont.)

223

61

21

31 yxxx

(0,0)

(1,1)

y = x

(1/2,1/2)

(1/2,-1/2)

y = 3x-2

223 )23(61

21

31

xxxx

0...251 23 xx

2511

21

x

70,24 yx

2222 7024...21

70 Length Square for 24 Height Pyramid

Problem 2: Right Triangle with Rational Sides

We want to find a right triangle with rational sides

in which area = 5

3

4

5

6

15

8

17

60

15/2

4

17/2

155

5

510

Problem 2: Right Triangle with Rational Sides (cont.)

a

b

c

ab/2 = 5

22210 cb, aab

524

1024

22

22222

ccbababa

524

1024

22

22222

ccbababa

numbers rational of square are 2c

2c

numbers rational are

5,2

,5

2,

2,

2222

c

bacba

23 25)5()5( yxxxxx

Elliptic Curve

425

x

num rational of square

a not is 45 but

curve,elliptic of solution a is

445,

Note


23 25 yxx

(-4,6)1223

)6(225)4(3

2253

2)253(

)()25(

22

2

23

yx

xy

yyxxyxx

341)4(

1223)6(

1223

c

cxy341

1223

xy


23 )341

1223(25 xxx

0...144529 23 xx

0)()(

0))()((23

abcxbcacabxcbaxcxbxax

a,b,cequation the of roots

are that Suppose

2

641

1441681

14452944

0)))(4())(4((

x

x

cxxx

23 25 yxx

(-4,6)

341

1223

xy

(1681/144,62279/1728)


22

22

22

21249

14424015

21231

1449615

21241

bax

bax

cx

23,

320

6492

1249

6312

1231

6412

1241

ba

ba

ba

c

20/3

3/2

41/6

5

23 25 yxx

(-4,6)

341

1223

xy

(1681/144,62279/1728)

Exercises

5. area withtriangle right another find to

at line tangent the Use )172862279,

1441681(),( yx

Exercise 1

Exercise 2

numbers. rational of squares are that such point a in curve the intersects

at curve this to line tangent the then , and

satisfying numbers rational are if thatShow integer. an be Let

nn,x,xx),y(x(x,y)n,xxnxy

x, yn

11111

232 0,

Problem 3: Fermat’s Last Theorem

http://wikipedia.com/

nnn cba

a,b,cn

that such integers nonzero no is there

, Given 3

• Conjectured by Pierre de Fermat in Arithmetica (1637).

“I have discovered a marvellous proof to this theorem, that this margin

is too narrow to contain”

• There are more than 1,000 attempts, but

the theorem is not proved until 1995 by

Andrew Wiles.

• One of his main tools is Elliptic Curve!!!

Problem 3: Fermat’s Last Theorem (cont.)

nnn cbaa,b,c

n

that such integers nonzero no is there

, Given 3• Fermat kindly provided the proof for the case when n = 4

2

22

2

22 )(4,a

cbbya

cbx

xxy 432 Elliptic Curve

By several elliptic curves techniques, Fermat found that all rational solutions of the elliptic curve are (0,0),

(2,0), (-2,0)

Formal Definitions of Elliptic Curve

0274 2332 BABAxxy when

B}AxxL|yL{(x,y)}{E(L) 32

223

61

21

31 yxxx

(0,0)

(1,1)

y = x

(1/2,1/2)

(1/2,-1/2)

Weierstrass Equation

Elliptic Curve

.

)(),(),,(

33

33

21

2211

)y,(xQP

),y(xRQP

Q PxxLEyxQyxP

3.curve. the cut line the that

point another , point Find 2. and point pass that line aDraw 1.

:follows as define we, If

Point Addition

)21,

21()1,1()0,0(

Formal Definitions of Elliptic Curve (cont.)

.

)(),(),,(

33

33

21

2211

)y,(xQP

),y(xR

QPQ Pxx

LEyxQyxP

3.

curve. the cut line the thatpoint another , point Find 2.

and point pass that line aDraw 1.:follows as define we, If

Point Addition

)( 11

12

12

xxmyyxxyym

0...

))((223

311

32

xmx

BAxxyxxmBAxxy

212

3 xxmx

1133 )( yxxmy


223

61

21

31 yxxx

x = 1/2

(1/2,1/2)

(1/2,-1/2)

QPyyxxLEyxQyxP

, , If 2121

2211 )(),(),,(

Point Addition

,PP

)y, (xP P PQ P

),y(xR

yyxxLEyxQyxP

33

33

221

2211

2

)(),(),,(

3.curve. the cut

line the that point another Find 2.P. point at curve the touching line aDraw 1.

, If 1

Point Double

172862279,

1441681)6,4()6,4()6,4(2

23 25 yxx

(-4,6)

341

1223

xy

(1681/144,62279/1728)


Point Double

)( 11 xxmyy

0...

))((223

311

32

xmx

BAxxyxxmBAxxy

12

3 2xmx

1133 )( yxxmy

)y, (xP P PQ P

),y(xR

yyxxLEyxQyxP

33

33

221

2211

2

)(),(),,(

3.

curve. the cutline the that point another Find 2.

P. point at curve the touching line aDraw 1. , If 1

yAx

xym

xAxyyBAxxy

23

)3(22

2

32


Lecture 1: What is

Elliptic Curve?


Cryptography

Lecture 3-4:

Fast Implementation





Hall/CRC, 2003.




Recommended Reading




No. 2, pp. 395-406 (2006).



Submit to

[email protected]

before 31 Dec 2012

Grading

Exercises

5. area withtriangle right another find to

at line tangent the Use )172862279,

1441681(),( yx

Exercise 1

Exercise 2

numbers. rational of squares are that such point a in curve the intersects

at curve this to line tangent the then , and

satisfying numbers rational are if thatShow integer. an be Let

nn,x,xx),y(x(x,y)n,xxnxy

x, yn

11111

232 0,

Thank you for your attentionPlease feel free to ask questions or comment.

Scalar Multiplication• Scalar Multiplication on Elliptic Curve

S = P + P + … + P = rP

when r1 is positive integer, S,P is a member of the curve• Double-and-add method• Let r = 14 = (01110)2

Compute rP = 14P r = 14 = (0 1 1 1 0)2 Weight = 3

P 3P 7P 14P

6P2P 14P

3 – 1 = 2 Point Additions

4 – 1 = 3 Point Doubles

r times

O

Documents

Vorapong Suppakitpaisarn mr_t_dtone