|Kaz Kobara on Wed, 29 Jan 2014 23:46:54 +0100|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|RE: Your help needed|
Dear Bill and all, > Not unless you know the factorisation of the order of the elliptic curve, > or some similar useful information Thank you for this information. That's why the manual of ellorder() http://pari.math.u-bordeaux.fr/dochtml/html/Functions_related_to_elliptic_cu rves.html suggests to supply o of ? N = p+1-ellap(E,p); o = [N, factor(N)]; This solved our problem. Thank you very much. I have another favor to ask you or pari-users. E = ellinit([a,b], 2) defines EC over F2, but how EC over GF(2^m) can be defined on PARI/GP? Best regards, Kaz > -----Original Message----- > From: Bill Allombert [mailto:Bill.Allombert@math.u-bordeaux1.fr] > Sent: Tuesday, January 28, 2014 10:18 PM > To: SeongHan Shin > Cc: firstname.lastname@example.org; =?UTF-8?B?5Y+k5Y6f5ZKM6YKm?= > Subject: Re: Your help needed > > On Tue, Jan 28, 2014 at 08:05:27AM +0900, SeongHan Shin wrote: > > Dear Bill, > > > > >I assume you want to compute the order of a point on a elliptic curve > > >over a finite field of size around 512bit. > > >Unfortunately the number of points on the curve is too hard to be > > >factored by PARI. > > Yes, that's exactly what I want to do. > > Is there any way to compute a 512-bit order? > > Not unless you know the factorisation of the order of the elliptic curve, > or some similar useful information > > Cheers, > Bill.