# 타원곡선

## 개요

- a smooth, projective algebraic curve of genus one, on which there is a specified point O
- abelian variety
- 19세기 타원함수론과 함께 발전
- 현대 정수론의 중요한 연구주제
- 유리수체 위에 정의된 타원곡선에 대한 타니야마-시무라 추측(정리) 으로 페르마의 마지막 정리 가 해결
- 타원곡선에 대한 Birch and Swinnerton-Dyer 추측 은 클레이 연구소가 선정한 7개의 밀레니엄 문제 중 하나

## 예

- 합동수 문제 (congruent number problem) 방정식 \(y^2=x^3-n^2x\) 이 등장
- 사각 피라미드 퍼즐\[y^2=\frac{x(x+1)(2x+1)}{6}\]

## 격자와 타원곡선

- 타원곡선 \(y^2=4x^3-g_2(\tau)x-g_3(\tau)\)\[g_2(\tau) = 60G_4=60\sum_{ (m,n) \neq (0,0)} \frac{1}{(m+n\tau )^{4}}\]\[g_3(\tau) = 140G_6=140\sum_{ (m,n) \neq (0,0)} \frac{1}{(m+n\tau )^{6}}\]

## 주기

- 타원곡선 \(y^2=(x-e_1)(x-e_2)(x-e_3)\)의 주기는 다음과 같이 정의된다\[\omega_1=2\int_{\infty}^{e_1}\frac{dx}{\sqrt{(x-e_1)(x-e_2)(x-e_3)}}\]\[\omega_2=2\int_{e_1}^{e_2}\frac{dx}{\sqrt{(x-e_1)(x-e_2)(x-e_3)}}\]
- 타원곡선의 주기

## 군의 구조

- chord-tangent method
- 유리수해에 대한 Mordell theorem
- 유리수체 위에 정의된 타원의 유리수해는 유한생성아벨군의 구조를 가짐
- \(E(\mathbb{Q})=\mathbb{Z}^r \oplus E(\mathbb{Q})_{\operatorname{Tor}}\)
- 여기서 \(E(\mathbb{Q})_{\operatorname{Tor}}\)는 \(E(\mathbb{Q})\)의 원소 중에서 order가 유한이 되는 원소들로 이루어진 유한군

## 덧셈공식

- \(y^2=x^3+ax^2+bx+c\)위의 점 \(P=(x,y)\)에 대하여, \(2P\)의 \(x\)좌표는\(\frac{x^4-2bx^2-8cx-4ac+b^2}{4y^2}\) 로 주어진다

## rank와 torsion

- \(E(\mathbb{Q})_{\operatorname{Tor}}\)는 오직 다음 열다섯가지 경우만이 가능하다(B. Mazur) 크기가 1,2,3,4,5,6,7,8,9,10,12 (11은 불가)인 순환군 또는 \(\frac{\mathbb Z}{2\mathbb Z}\oplus \frac{\mathbb Z}{n\mathbb Z}\) for n=1,2,3,4
- 예) \(E_n : y^2=x^3-n^2x\)의 torsion은 \(\{(\infty,\infty), (0,0),(n,0),(-n,0)\}\)임

## Hasse-Weil 정리

- \(|\#E(\mathbb{F}_p)-p-1|\leq 2\sqrt{p}\)

## 타원곡선의 L-함수

- 타원 곡선 E의 conductor가 N일 때, 다음과 같이 정의됨

\[L(s,E)=\prod_pL_p(s,E)^{-1}\] 여기서 \[L_p(s,E)=\left\{\begin{array}{ll} (1-a_p p^{-s}+p^{1-2s}), & \mbox{if }p\nmid N \\ (1-a_pp^{-s}), & \mbox{if }p||N \\ 1, & \mbox{if }p^2|N \end{array}\right.\]

- 여기서 \(a_p\)는 유한체위에서의 해의 개수와 관련된 정수로 \(a_p=p+1-\#E(\mathbb{F}_p)\) (위의 하세-베유 정리)
- 타원곡선의 L-함수 항목 참조

## 타니야마-시무라 추측(정리)

## Birch and Swinnerton-Dyer 추측

## 타원곡선의 예

## 재미있는 사실

Raussen and Skau: In the introduction to your delightful book Rational Points on Elliptic Curves that you coauthored with your earlier Ph.D. student Joseph Silverman, you say, citing Serge Lang, that it is possible to write endlessly on elliptic curves. Can you comment on why the theory of elliptic curves is so rich and how it interacts and makes contact with so many different branches of mathematics? Tate: For one thing, they are very concrete objects. An elliptic curve is described by a cubic polynomial in two variables, so they are very easy to experiment with. On the other hand, elliptic curves illustrate very deep notions. They are the first nontrivial examples of abelian varieties. An elliptic curve is an abelian variety of dimension one, so you can get into this more advanced subject very easily by thinking about elliptic curves.

On the other hand, they are algebraic curves. They are curves of genus one, the first example of a curve which isn’t birationally equivalent to a projective line. The analytic and algebraic relations which occur in the theory of elliptic curves and elliptic functions are beautiful and unbelievably fascinating. The modularity theorem stating that every elliptic curve over the rational field can be found in the Jacobian variety of the curve which parametrizes elliptic curves with level structure its conductor is mind-boggling.

## 역사

- 1908 포앵카레 E(Q) 는 아벨군이다
- 1922 모델 E(Q)는 유한생성아벨군이다 (Weil generalized )
- 1978 Mazur torsion part of E(Q)
- 수학사 연표

## 관련된 항목들

- complex multiplication
- 타원적분
- periods
- lemniscate 곡선의 길이와 타원적분
- 정수계수 이변수 이차형식(binary integral quadratic forms)
- j-invariant
- 아이젠슈타인 급수(Eisenstein series)
- 베타적분
- 가우스의 class number one 문제
- L-함수, 제타함수와 디리클레 급수
- 무리수와 초월수

## 수학용어번역

## 사전 형태의 자료

- http://ko.wikipedia.org/wiki/타원곡선
- http://en.wikipedia.org/wiki/elliptic_curve
- http://en.wikipedia.org/wiki/Mordell-Weil_theorem
- http://en.wikipedia.org/wiki/Heegner_point

## 리뷰, 에세이, 강의노트

- Carella, N. A. 2011. “Topic In Elliptic Curves Over Finite Fields: The Groups of Points.”
*1103.4560*(March 22). http://arxiv.org/abs/1103.4560. - Conics - a Poor Man's Elliptic CurvesFranz Lemmermeyer, arXiv:math/0311306v1
- Three Fermat Trails to Elliptic Curves Ezra Brown, The College Mathematics Journal, Vol. 31, No. 3 (May, 2000), pp. 162-172
- Elliptic Curves John Stillwell, The American Mathematical Monthly, Vol. 102, No. 9 (Nov., 1995), pp. 831-837
- Taxicabs and Sums of Two Cubes Joseph H. SilvermanThe American Mathematical Monthly, Vol. 100, No. 4 (Apr., 1993), pp. 331-340
- Why Study Equations over Finite Fields? Neal Koblitz, Mathematics Magazine, Vol. 55, No. 3 (May, 1982), pp. 144-149

## 관련논문

- Jennifer S. Balakrishnan, Wei Ho, Nathan Kaplan, Simon Spicer, William Stein, James Weigandt, Databases of elliptic curves ordered by height and distributions of Selmer groups and ranks, arXiv:1602.01894 [math.NT], February 05 2016, http://arxiv.org/abs/1602.01894
- Berghoff, Christian J. “Elliptic Gau{\ss} Sums and Schoof’s Algorithm.” arXiv:1601.03227 [math], January 13, 2016. http://arxiv.org/abs/1601.03227.
- Müller, J. Steffen, and Michael Stoll. “Computing Canonical Heights on Elliptic Curves in Quasi-Linear Time.” arXiv:1509.08748 [math], September 29, 2015. http://arxiv.org/abs/1509.08748.
- Buckley, Anita. “Indecomposable Matrices Defining Plane Cubics.” arXiv:1510.00133 [math], October 1, 2015. http://arxiv.org/abs/1510.00133.
- Guitart, Xavier, Marc Masdeu, and Mehmet Haluk Sengun. “Uniformization of Modular Elliptic Curves via P-Adic Periods.” arXiv:1501.02936 [math], January 13, 2015. http://arxiv.org/abs/1501.02936.
- Alpoge, Levent. “The Average Number of Integral Points on Elliptic Curves Is Bounded.” arXiv:1412.1047 [math], December 2, 2014. http://arxiv.org/abs/1412.1047.
- Rubin, Karl, and Alice Silverberg. “Ranks of Elliptic Curves.” Bulletin of the American Mathematical Society 39, no. 4 (2002): 455–74. doi:10.1090/S0273-0979-02-00952-7.
- Heegner points and derivatives of L-series. II
- Gross, B.; Kohnen, W.; Zagier, D. (1987), Mathematische Annalen 278 (1–4): 497–562

- Heegner points and derivatives of L-series
- Gross, Benedict H.; Zagier, Don B. (1986), Inventiones Mathematicae 84 (2): 225–320

- On the Conjecture of Birch and Swinnerton-Dyer for an Elliptic Curve of Rank 3
- Joe P. Buhler, Benedict H. Gross and Don B. Zagier, Mathematics of Computation, Vol. 44, No. 170 (Apr., 1985), pp. 473-481

- Rational isogenies of prime degree
- Barry Mazur, Inventiones Math. 44 (1978), 129-162

## 관련도서

- Introduction to elliptic curves and modular forms
- Neal Koblitz - 1993

- Rational points on elliptic curves
- Joseph H. Silverman, John Torrence Tate - 1992
- 학부생의 입문용으로 좋은 책

- The Arithmetic of Elliptic Curves
- Silverman, Joseph H. (1986), Graduate Texts in Mathematics, 106, Springer-Verlag

- 도서내검색

## 메타데이터

### 위키데이터

- ID : Q268493

### Spacy 패턴 목록

- [{'LOWER': 'elliptic'}, {'LEMMA': 'curve'}]

## 노트

### 말뭉치

- An elliptic curve is an algebraic function (y2 = x3 + ax + b) which looks like a symmetrical curve parallel to the x axis when plotted.
^{[1]} - Have you heard of elliptic curves before?
^{[2]} - The reason elliptic curve cryptography is gaining popularity is because it’s fundamentally much stronger than the RSA algorithm, the algorithm that we all love and adore.
^{[2]} - Okay I’m going to assume that you know what elliptic curves look like.
^{[2]} - These curves are called elliptic curves.
^{[2]} - The Weierstrass elliptic function describes how to get from this torus to the algebraic form of an elliptic curve.
^{[3]} - Elliptic curves are illustrated above for various values of and .
^{[3]} - An elliptic curve of the form for an integer is known as a Mordell curve.
^{[3]} - Whereas conic sections can be parameterized by the rational functions, elliptic curves cannot.
^{[3]} - Elliptic curves have been studied for many years by pure mathematicians with no intention to apply the results to anything outside math itself.
^{[4]} - And yet elliptic curves have become a critical part of applied cryptography.
^{[4]} - The other day I wrote about Curve1174, a particular elliptic curve used in cryptography.
^{[4]} - There is a connection between elliptic curves and ellipses, but it’s indirect.
^{[4]} - Elliptic curves are also used in several integer factorization algorithms based on elliptic curves that have applications in cryptography, such as Lenstra elliptic-curve factorization.
^{[5]} - The security of elliptic curve cryptography depends on the ability to compute a point multiplication and the inability to compute the multiplicand given the original and product points.
^{[5]} - Elliptic curve cryptography algorithms entered wide use in 2004 to 2005.
^{[5]} - Elliptic curves are especially important in number theory, and constitute a major area of current research; for example, they were used in Andrew Wiles's proof of Fermat's Last Theorem.
^{[6]} - An elliptic curve is not an ellipse in the sense of a projective conic, which has genus zero: see elliptic integral for the origin of the term.
^{[6]} - However, there is a natural representation of real elliptic curves with shape invariant j ≥ 1 as ellipses in the hyperbolic plane H 2 {\displaystyle \mathbb {H} ^{2}} .
^{[6]} - The group law on an elliptic curve is what makes the theory of elliptic curves so special and interesting.
^{[7]} - 2) Implementation of elliptic curves in cryptography requires smaller chip size, less power consumption, increase in speed, etc.
^{[8]} - However, this is hard given the large parameters of our elliptic curve seven tuple.
^{[8]} - Various aspects of elliptic curve cryptography have been patented by a variety of people and companies around the world.
^{[8]} - The only difference is that elliptic curve cryptography has been at its full strength since it was developed.
^{[8]} - Elliptic curves have genus 1.
^{[9]} - This equation denes an elliptic curve.
^{[9]} - Denition (more precise) An elliptic curve (over a eld k) is a smooth projective curve of genus 1 (dened over k) with a distinguished (k-rational) point.
^{[9]} - Not every smooth projective curve of genus 1 corresponds to an elliptic curve, it needs to have at least one rational point!
^{[9]} - With a series of blog posts I'm going to give you a gentle introduction to the world of elliptic curve cryptography.
^{[10]} - The equation above is what is called Weierstrass normal form for elliptic curves.
^{[10]} - With a pencil and a ruler we are able to perform addition involving every point of any elliptic curve.
^{[10]} - It generates security between key pairs for public key encryption by using the mathematics of elliptic curves.
^{[11]} - RSA does something similar with prime numbers instead of elliptic curves, but ECC has gradually been growing in popularity recently due to its smaller key size and ability to maintain security.
^{[11]} - This is why it is so important to understand elliptic curve cryptography in context.
^{[11]} - More sites using ECC to secure data means a greater need for this kind of quick guide to elliptic curve cryptography.
^{[11]} - Each choice of the numbers a and b yields a different elliptic curve.
^{[12]} - One relatively newer class of encryption are the so-called “elliptic curve” algorithms, which derive their security from the mathematic principles of (you guessed it) elliptic curves.
^{[13]} - Elliptic curves have many remarkable properties, and their deeper arithmetic study is one of the most profound subjects in present-day mathematics.
^{[14]} - Elliptic curves over the complex numbers are also interpreted as those worldsheets in string theory whose correlators are the superstring‘s partition function, which is the Witten genus.
^{[14]} - Via the string orientation of tmf this connects to to the role of elliptic curves in elliptic cohomology theory.
^{[14]} - Otherwise the height equals 1 and the elliptic curve is called ordinary.
^{[14]} - A goal of the theory of elliptic curves is to nd all the -rational points on curves of genus one.
^{[15]} - The study of elliptic curves grew in the 1980s.
^{[15]} - An elliptic curve is a smooth projective2 curve of genus 1 dened over a eld , with at least one - rational point (i.e., there is at least one point on with coordinates in ).
^{[15]} - We then call = / the rank of the elliptic curve /.
^{[15]} - What is elliptic curve cryptography, and how does it work?
^{[16]} - You might be curious about what happens at the edge cases of the group law on elliptic curves.
^{[16]} - Readers are reminded that elliptic curve cryptography is a set of algorithms for encrypting and decrypting data and exchanging cryptographic keys.
^{[17]} - The purpose of this article will be to go into elliptic curve pairings in detail, and explain a general outline of how they work.
^{[18]} - p * G = P), then whereas traditional elliptic curve math lets you check linear constraints on the numbers (eg.
^{[18]} - This is where elliptic curves and elliptic curve pairings come in.
^{[18]} - And it is these kinds of supercharged modular complex numbers that elliptic curve pairings are built on.
^{[18]} - But historically the theory of elliptic curves arose as a part of analysis, as the theory of elliptic integrals and elliptic functions (cf.
^{[19]} - Rather than relying on large numbers alone, elliptic curves obtain their security by combining points on mathematical curves.
^{[20]} - Real-world elliptic curves aren’t too different from this, although this is just used as an example.
^{[20]} - Our goal was to introduce you to the basics of elliptic curves, how they’re formed and the types of operations we can do on them.
^{[20]} - Upcoming parts will talk about how we utilize the properties of elliptic curves for the public key and private key cryptography in today’s world.
^{[20]} - What do elliptic curves look like?
^{[21]} - In 1994, Wiles and Taylor-Wiles proved this result for semistable elliptic curves over the rationals and, in so doing, proved Fermat's Last Theorem.
^{[21]} - This correspondence between elliptic curves and cusp forms - through the theory of Galois representations - now motivates an exciting area of research known as the Langlands problem.
^{[21]} - Abelian Varieties can be viewed as generalizations of elliptic curves.
^{[22]} - General purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof.
^{[23]} - This crate provides traits for describing elliptic curves, along with types which are generic over elliptic curves which can be used as the basis of curve-agnostic code.
^{[23]} - Elliptic curves are a very important new area of mathematics which has been greatly explored over the past few decades.
^{[24]} - In 1994 Andrew Wiles, together with his former student Richard Taylor, solved one of the most famous maths problems of the last 400 years, Fermat's Last Theorem, using elliptic curves.
^{[24]} - In the last few decades there has also been a lot of research into using elliptic curves instead of what is called RSA encryption to keep data transfer safe online.
^{[24]} - The elliptic curves corresponding to whole number values of a between -2 and 1 and whole number values of values of b between -1 and 2.
^{[24]} - This book is an introduction to the theory of elliptic curves, ranging from elementary topics to current research.
^{[25]} - The two additional chapters concern higher-dimensional analogues of elliptic curves, including K3 surfaces and Calabi-Yau manifolds.
^{[25]} - Two new appendices explore recent applications of elliptic curves and their generalizations.
^{[25]} - Please see our tracking issue for additional elliptic curves if you are interested in curves beyond the ones listed here.
^{[26]} - Each elliptic curve point is associated with a particular parameter set.
^{[27]} - We use elliptic curves because they provide a cryptographic group, i.e. a group in which the discrete logarithm problem (discussed below) is hard.
^{[28]} - By convention, elliptic curve groups are written additively.
^{[28]} - This is called the elliptic curve discrete log assumption.
^{[28]} - In the case of a cryptographically secure elliptic curve, the isomorphism is hard to compute in the G→Fq direction because the elliptic curve discrete log problem is hard.
^{[28]} - Elliptic Curves Elliptic curves are groups created by de(cid:12)ning a binary operation (addition) on the points of the graph of certain polynomial equations in two variables.
^{[29]} - Choosing random coe(cid:14)cients results in groups with random orders near p. 1 One can use elliptic curves to factor integers, although probably not RSA moduli.
^{[29]} - There is a probabilistic algorithm for proving primality that uses elliptic curves.
^{[29]} - discrete logarithm problem is harder for elliptic curve groups than for the integers modulo p, permitting smaller parameters and faster algo- rithms.
^{[29]} - The use of elliptic curves in cryptography was independently suggested by Neal Koblitz and Victor Miller in 1985.
^{[30]} - From a high level, Crypto++ offers a numbers of schemes and alogrithms which operate over elliptic curves.
^{[30]} - For cryptographic computational purposes, elliptic curves are represented in several different forms.
^{[31]} - You don't need to know much algebra to understand how elliptic curve cryptography works.
^{[32]} - This method can give all such functions and only them; it's not hard to see that only meromorphic functions with this property are allowed on elliptic curve.
^{[33]} - In particular, elliptic curves coincide with their Jacobian and that's another explanation for the additive law.
^{[33]} - Indeed elliptic curves are dominating the cryptography landscape but for people other than Mathematicians the logic behind this may not be so obvious.
^{[34]} - I am therefore writing this post to give a gentle introduction in elliptic curves for people with basic mathematical background and explain why they are so popular amongst cryptographers.
^{[34]} - This is exactly where elliptic curves become relevant in cryptography.
^{[34]} - These groups formed by elliptic curves are the groups used for building elliptic curve cryptosystems.
^{[34]} - Elliptic curve cryptography (ECC) uses the mathematical properties of elliptic curves to produce public key cryptographic systems.
^{[35]}

### 소스

- ↑ Benefits of Elliptic Curve Cryptography
- ↑
^{2.0}^{2.1}^{2.2}^{2.3}Why Are They Called “Elliptic” Curves? - ↑
^{3.0}^{3.1}^{3.2}^{3.3}Elliptic Curve -- from Wolfram MathWorld - ↑
^{4.0}^{4.1}^{4.2}^{4.3}What is an elliptic curve? Informal and formal definition - ↑
^{5.0}^{5.1}^{5.2}Elliptic-curve cryptography - ↑
^{6.0}^{6.1}^{6.2}Elliptic curve - ↑ Brilliant Math & Science Wiki
- ↑
^{8.0}^{8.1}^{8.2}^{8.3}Elliptic curve cryptography methods - ↑
^{9.0}^{9.1}^{9.2}^{9.3}18.783 elliptic curves - ↑
^{10.0}^{10.1}^{10.2}Elliptic Curve Cryptography: a gentle introduction - ↑
^{11.0}^{11.1}^{11.2}^{11.3}What is Elliptic Curve Cryptography? Definition & FAQs - ↑ 2.0 Elliptic Curve Groups over Real Numbers
- ↑ Elliptic Curve - an overview
- ↑
^{14.0}^{14.1}^{14.2}^{14.3}elliptic curve in nLab - ↑
^{15.0}^{15.1}^{15.2}^{15.3}The gra d uate stude nt secti on - ↑
^{16.0}^{16.1}Elliptic Curve Cryptography for Beginners - ↑ A (relatively easy to understand) primer on elliptic curve cryptography
- ↑
^{18.0}^{18.1}^{18.2}^{18.3}Exploring Elliptic Curve Pairings - ↑ Encyclopedia of Mathematics
- ↑
^{20.0}^{20.1}^{20.2}^{20.3}Learning Cryptography, Part 3: Elliptic Curves - ↑
^{21.0}^{21.1}^{21.2}E is for Elliptic Curves - ↑ Elliptic Curve
- ↑
^{23.0}^{23.1}elliptic_curve - ↑
^{24.0}^{24.1}^{24.2}^{24.3}Elliptic cryptography - ↑
^{25.0}^{25.1}^{25.2}Elliptic Curves - ↑ RustCrypto/elliptic-curves: Collection of pure Rust elliptic curve implementations: NIST P-256, P-384, secp256k1
- ↑ Fundamental Elliptic Curve Cryptography Algorithms
- ↑
^{28.0}^{28.1}^{28.2}^{28.3}Elliptic curves - ↑
^{29.0}^{29.1}^{29.2}^{29.3}Elliptic curves - ↑
^{30.0}^{30.1}Elliptic Curve Cryptography - ↑ elliptic-curve
- ↑ How are points on an elliptic curve discretized?
- ↑
^{33.0}^{33.1}Why is an elliptic curve a group? - ↑
^{34.0}^{34.1}^{34.2}^{34.3}Demystifying Elliptic Curve Cryptography - ↑ What is Elliptic curve cryptography (ECC)?

## 메타데이터

### 위키데이터

- ID : Q268493

### Spacy 패턴 목록

- [{'LOWER': 'elliptic'}, {'LEMMA': 'curve'}]