Re: Your help needed

[Firas Kraiem <firas.kraiem@etu.u-bordeaux1.fr>]

On 29/01/14 23:46, Kaz Kobara wrote:
> [...]
>
> I have another favor to ask you or pari-users.
>
> E = ellinit([a,b], 2)
>
> defines EC over F2, but how EC over GF(2^m) can be defined on PARI/GP?

A short Weierstrass equation is always singular (and thus never defines 
an elliptic curve) in characteristic 2, so you need to use the long 
form. Then pass a generator of the desired finite field (as returned by 
ffgen()) as the second argument of ellinit(), like so:

(00:07) gp > t = ffgen((t^163+t^7+t^6+t^3+1)*Mod(1,2));
(00:08) gp > E = ellinit([1,0,1,0,1],t);
(00:08) gp > ellgroup(E)
[11692013098647223345629483507196896696658237148126]
(00:08) gp > E = ellinit([1,0,1,0,1],2);
(00:08) gp > ellgroup(E)
[2]

Of course if you want to use an element of F_{2^k}\F_2 in the equation 
of your curve you can use it (for example as a polynomial in t) in the 
array you pass to ellinit() (then you don't need a second argument):

(00:17) gp > E = ellinit([t,0,t^54+t^3+1,0,1]);
(00:18) gp > ellgroup(E)
[11692013098647223345629473880242739878671255430896]

Firas

> Best regards,
> Kaz
>
> > -----Original Message-----
> > From: Bill Allombert [mailto:Bill.Allombert@math.u-bordeaux1.fr]
> > Sent: Tuesday, January 28, 2014 10:18 PM
> > To: SeongHan Shin
> > Cc: pari-users@pari.math.u-bordeaux.fr; =?UTF-8?B?5Y+k5Y6f5ZKM6YKm?=
> > Subject: Re: Your help needed
> >
> > On Tue, Jan 28, 2014 at 08:05:27AM +0900, SeongHan Shin wrote:
> > > Dear Bill,
> > >
> > > > I assume you want to compute the order of a point on a elliptic curve
> > > > over a finite field of size around 512bit.
> > > > Unfortunately the number of points on the curve is too hard to be
> > > > factored by PARI.
> > > Yes, that's exactly what I want to do.
> > > Is there any way to compute a 512-bit order?
> >
> > Not unless you know the factorisation of the order of the elliptic curve,
> > or some similar useful information
> >
> > Cheers,
> > Bill.