Weil pairing

In mathematics, the Weil pairing is a construction of roots of unity by means of functions on an elliptic curve "E", in such a way as to constitute a pairing (bilinear form, though with multiplicative notation) on the torsion subgroup of "E". The name is for André Weil, who gave an abstract algebraic definition; the corresponding results for elliptic functions were known, and can be expressed simply by use of the Weierstrass sigma function.

Suppose "E" is defined over a field "K". Given an integer "n" > 0 (We require "n" to be prime to char("K") if char("K")> 0) and suppose that "K" contains a primitive nth root of unity. Then the "n"-torsion on "E" has known structure, as a Cartesian product of two cyclic groups of order "n". The basis of the construction is of an "n"-th root of unity

: $w(P,Q) in mu_n$

for given points $P,Q in E [n]$ , where $E [n] ={T in E mid n cdot T = O }$ and $mu_n = {xin K mid x^n =1 }$ , by means of Kummer theory.

By a direct argument one can define a function "F" in the function field of "E" over the algebraic closure of "K", by its divisor:

: $(F)= sum(P+kcdot Q) - sum (kcdot Q)$

with sums for 0 ≤ "k" < "n". In words "F" has a simple zero at each point "P" + "kQ", and a simple pole at each point "kQ". Then "F" is well-defined up to multiplication by a constant. If "G" is the translation of "F" by "Q", then by construction "G" has the same divisor. One can show that

: $frac{G}{F}
e 1$

In fact then "G"/"F" would yield a function on the isogenous curve "E"/"C" where "C" is the cyclic subgroup generated by "Q", having just one simple pole. Such a function cannot exist, as follows by proving the residue at the pole is zero, a contradiction.

Therefore if we define

: $w(P,Q):=frac{G}{F}$

we shall have an "n"-th root of unity (translating "n" times must give 1) other than 1. With this definition it can be shown that "w" is antisymmetric and bilinear, giving rise to a non-degenerate pairing on the "n"-torsion.

The Weil pairing is used in number theory and algebraic geometry, and has also been applied in elliptic curve cryptography and identity based encryption.

Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

Pairing-based cryptography — is the use of a pairing between elements of two groups to a third group to construct cryptographic systems. Usually the same group is used for the first two groups, making the pairing in fact a mapping from two elements from one group to an… … Wikipedia
Pairing — The concept of pairing treated here occurs in mathematics. Definition Let R be a commutative ring with unity, and let M , N and L be three R modules. A pairing is any R bilinear map e:M imes N o L. That is, it satisfies:e(rm,n)=e(m,rn)=re(m,n)for … Wikipedia
Weil cohomology theory — In algebraic geometry, a subfield of mathematics, a Weil cohomology or Weil cohomology theory is a cohomology satisfying certain axioms concerning the interplay of algebraic cycles and cohomology groups. The name is in honour of André Weil. Weil… … Wikipedia
André Weil — Infobox Scientist name = André Weil image width = caption = birth date = birth date|1906|5|6 birth place = Nantes death date = death date and age|1998|8|6|1906|5|6 death place = field = Mathematics work institutions = Lehigh University… … Wikipedia
Dan Boneh — Born Israel … Wikipedia
Boneh/Franklin scheme — The Boneh/Franklin scheme is an Identity based encryption system proposed by Dan Boneh and Matthew K. Franklin in 2001 [Dan Boneh, Matthew K. Franklin, Identity Based Encryption from the Weil Pairing Advances in Cryptology Proceedings of CRYPTO… … Wikipedia
BLS (Cryptography) — In cryptography, the Boneh Lynn Shacham signature scheme allows a user to verify that a signer is authentic . The scheme uses a pairing function for verification and signatures are group elements in some elliptic curve. Working in an elliptic… … Wikipedia
List of mathematics articles (W) — NOTOC Wad Wadge hierarchy Wagstaff prime Wald test Wald Wolfowitz runs test Wald s equation Waldhausen category Wall Sun Sun prime Wallenius noncentral hypergeometric distribution Wallis product Wallman compactification Wallpaper group Walrasian… … Wikipedia
Decisional Diffie-Hellman assumption — The decisional Diffie Hellman (DDH) assumption is a computational hardness assumption about a certain problem involving discrete logarithms in cyclic groups. It is used as the basis to prove the security of many cryptographic protocols, most… … Wikipedia
Decisional Diffie–Hellman assumption — The decisional Diffie–Hellman (DDH) assumption is a computational hardness assumption about a certain problem involving discrete logarithms in cyclic groups. It is used as the basis to prove the security of many cryptographic protocols, most… … Wikipedia

Academic Dictionaries and Encyclopedias

Weil pairing

Look at other dictionaries:

Share the article and excerpts

Academic Dictionaries and Encyclopedias

Wikipedia

Weil pairing

Look at other dictionaries:

Share the article and excerpts

Direct link