◀ Zeroes & PolesTorsion Points ▶
Contents

Rational Maps

A rational map of an elliptic curve \(E(K)\) to itself is an element of the elliptic curve \(E(K(E))\). (Recall \(K(E)\) denotes the function field of \(E\).)

Let us examine what this means. Suppose \((g_x, g_y) \in E(K(E))\), so that \(g_x(X,Y), g_y(X,Y)\) are rational functions that happen to satisfy the equation for \(E\). Then if \(P = (x, y)\) is a point on the elliptic curve \(E(K)\), we see that \((g_x(x, y), g_y(x, y))\) is also a point on an elliptic curve \(E(K)\). So a rational map describes how to map points of \(E(K)\) to other points of \(E(K)\).

Fact: A rational map is either surjective or constant

A rational map is called an endomorphism or an isogeny if it maps the point \(O\) to itself. The set of all endomorphism is denoted \(\mathrm{End}(E)\).

It is not hard to check that \(\mathrm{End}(E)\) is a ring (where addition is point addition, and multiplication is composition).

Identity Map

This is the pair of rational functions \(X\) and \(Y\).

\[ id = (X,Y) \]

It is also the multiplicative identity of \(\mathrm{End}(E)\).

Constant Map

Let \(P\) be a point \((x,y)\). Then the constant map that takes every point to \(P\) is given by

\[ C_P = (x,y) \]

(both rational functions are constants). The map \(C_O\) is only constant isogeny, and it is the additive identity of \(\mathrm{End}(E)\).

Translation Map

Let \(P\) be a point \((x,y)\). Then the translation map that adds \(P\) to every point is

\[ \tau_P = id + C_P \]

Here the addition refers to point addition done over \(E(K(E))\). The map can be explicitly given as follows. Set \(\lambda\) to the rational function \((Y-y)/(X-x)\). Let

\[ g_x(X, Y) = \lambda^2 + a_1 \lambda - a_2 - X - x \]

and

\[ g_y(X, Y) = -a_1 g_x(X, Y) -a_3 -\lambda x_3 + \lambda x_1 - y_1 \]

Then \(\tau_P = (g_x, g_y)\).

Multiplication Map

The multiplication-by-\(m\) map \([m]\) takes a point \(P\) to \(mP\), and hence it can be defined as follows \([0] = C_O, [1] = id, [m] = [m-1] + [1] (m > 1), [m] = -[-m] (m < 0)\).

Explicit descriptions of the rational functions involved are usually given in terms of division polynomials (TODO).

Frobenius Map

Suppose we are working with a curve \(E\) over \(\mathbb{F}_q\). The Frobenius map is given by

\[ \phi = (X^q, Y^q) \]

It is easily verified that this is indeed an isogeny.

Twists

Certain curves have useful maps often called twists. In the following section \(p\) denotes a prime.

  • \(E: y^2 = x^3 + x\), \(p = 3 \mod 4\), Twist on \(E(\mathbb{F}_{p^2})\): \((-X, iY)\), where \(i\) is a square root of \(-1\).

  • \(E: y^2 = x^3 + 1\), \(p = 2 \mod 3\), Twist on \(E(\mathbb{F}_{p^2})\): \((\zeta X, Y)\), where \(\zeta\) is a nontrivial cube root of \(1\).

◀ Zeroes & PolesTorsion Points ▶
Contents
Ben Lynn blynn@cs.stanford.edu 💡