Skip to content

Instantly share code, notes, and snippets.

@defeo

defeo/TD-EMA.ipynb

Created May 22, 2017 08:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save defeo/cfd23964bca77b2597015be70b311463 to your computer and use it in GitHub Desktop.
Save defeo/cfd23964bca77b2597015be70b311463 to your computer and use it in GitHub Desktop.
Download ZIP
TD SageMath pour l'École Mathématique Africaine 2017, Thiés
Display the source blob
Display the rendered blob
Raw
TD-EMA.ipynb
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Cryptographie à base d'isogénies – Travaux pratiques "
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Fonctionnalités de base\n",
"\n",
"Voici comment créer un corps premier"
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Finite Field of size 11"
]
},
"execution_count": 1,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"K = GF(11)\n",
"K"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"et une courbe à coefficients sur le corps"
]
},
{
"cell_type": "code",
"execution_count": 2,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Elliptic Curve defined by y^2 = x^3 + x + 2 over Finite Field of size 11"
]
},
"execution_count": 2,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"EllipticCurve(K, [1, 2])"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut aussi définir la courbe à partir de son j-invariant"
]
},
{
"cell_type": "code",
"execution_count": 3,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Elliptic Curve defined by y^2 = x^3 + 5*x + 8 over Finite Field of size 11"
]
},
"execution_count": 3,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E = EllipticCurve(j=K(-1))\n",
"E"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"La courbe est définie à tordue près, bien sûr"
]
},
{
"cell_type": "code",
"execution_count": 4,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"True"
]
},
"execution_count": 4,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E2 = E.quadratic_twist()\n",
"E2.j_invariant() == E.j_invariant()"
]
},
{
"cell_type": "code",
"execution_count": 5,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"False"
]
},
"execution_count": 5,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E2.is_isomorphic(E)"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"Avec un corps non-premier, maintenant. `z` est le générateur du corps"
]
},
{
"cell_type": "code",
"execution_count": 6,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"x^10 + x^6 + x^5 + x^3 + x^2 + x + 1"
]
},
"execution_count": 6,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"K.<z> = GF(2^10)\n",
"z.minpoly()"
]
},
{
"cell_type": "code",
"execution_count": 7,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Elliptic Curve defined by y^2 + x*y = x^3 + (z^9+z^5+z^4+z^2+z+1) over Finite Field in z of size 2^10"
]
},
"execution_count": 7,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E = EllipticCurve(j=z); E"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On construit des points sur la courbe à partir de leur abscisse"
]
},
{
"cell_type": "code",
"execution_count": 8,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(3 : 20 : 1)"
]
},
"execution_count": 8,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E = EllipticCurve(j=GF(101)(10))\n",
"P = E.lift_x(3)\n",
"P"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut aussi construire les points en donnant toutes les coordonnés"
]
},
{
"cell_type": "code",
"execution_count": 9,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(0 : 1 : 0)"
]
},
"execution_count": 9,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"Q = E.point([3, -20])\n",
"P + Q"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"ou aléatoirement"
]
},
{
"cell_type": "code",
"execution_count": 10,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(63 : 86 : 1)"
]
},
"execution_count": 10,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E.random_element()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"Cardinalité d'une courbe et ordres des points"
]
},
{
"cell_type": "code",
"execution_count": 11,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"105"
]
},
"execution_count": 11,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"N = E.order()\n",
"N"
]
},
{
"cell_type": "code",
"execution_count": 12,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(0 : 1 : 0)"
]
},
"execution_count": 12,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"N*P"
]
},
{
"cell_type": "code",
"execution_count": 13,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"21"
]
},
"execution_count": 13,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"P.order()"
]
},
{
"cell_type": "code",
"execution_count": 14,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"True"
]
},
"execution_count": 14,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"22*P == P"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"Quelques polynômes utiles: le polynôme de division (polynôme s'annulant sur la m-torsion)"
]
},
{
"cell_type": "code",
"execution_count": 15,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"3*x^4 + 79*x^2 + 63*x + 9"
]
},
"execution_count": 15,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E.division_polynomial(3)"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"et la fraction rationnelle de la multiplication"
]
},
{
"cell_type": "code",
"execution_count": 16,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"((x^9 + 44*x^7 + x^6 + 33*x^5 - 43*x^4 - 14*x^3 - 46*x^2 + 16*x + 42)/(9*x^8 - 31*x^6 - 26*x^5 + 33*x^4 - 45*x^3 + 38*x^2 + 23*x - 20),\n",
" (18*x^12*y - 38*x^10*y - 16*x^9*y - 35*x^8*y + 41*x^7*y - x^6*y - 9*x^5*y + 10*x^4*y - 48*x^3*y + 28*x^2*y + 50*x*y + 18*y)/(-19*x^12 + 14*x^10 + 15*x^9 - 38*x^8 - 18*x^7 + 29*x^6 - 46*x^5 + 30*x^3 - 40*x^2 + 34*x - 8))"
]
},
"execution_count": 16,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E.multiplication_by_m(3)"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### Exercice\n",
"\n",
"Construire un point de $3$-torsion sur $E$ de deux façons différentes"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### Exercice\n",
"Implanter la méthode de factorisation $(p-1)$. L'utiliser pour factoriser $N$ ci-dessous."
]
},
{
"cell_type": "code",
"execution_count": 17,
"metadata": {},
"outputs": [],
"source": [
"N = 199214358783833785496649131630759414803916321139456200129431155042143170897974614023327"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### Exercice\n",
"Implanter la méthode de factorisation ECM. Factoriser 2535301200456606295881202795651 et 29642774844752946049324366737590977992482623274839098226894115410059389791374319."
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut interroger quelques propriétés du Frobenius, mais le support reste limité"
]
},
{
"cell_type": "code",
"execution_count": 18,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"-3"
]
},
"execution_count": 18,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E.trace_of_frobenius()"
]
},
{
"cell_type": "code",
"execution_count": 19,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"x^2 + 3*x + 101"
]
},
"execution_count": 19,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"P = E.frobenius_polynomial(); P"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut, par exemple, étudier le comportement du Frobenius sur certains sous-groupes de torsion"
]
},
{
"cell_type": "code",
"execution_count": 20,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"-1 * 5 * 79"
]
},
"execution_count": 20,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"P.discriminant().factor()"
]
},
{
"cell_type": "code",
"execution_count": 21,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Order in Number Field in phi with defining polynomial x^2 + 3*x + 101"
]
},
"execution_count": 21,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"O = E.frobenius_order(); O"
]
},
{
"cell_type": "code",
"execution_count": 22,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Number Field in phi with defining polynomial x^2 + 3*x + 101"
]
},
"execution_count": 22,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"K = O.number_field(); K"
]
},
{
"cell_type": "code",
"execution_count": 23,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"1"
]
},
"execution_count": 23,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"O.index_in(K.ring_of_integers())"
]
},
{
"cell_type": "code",
"execution_count": 24,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Univariate Polynomial Ring in x over Finite Field of size 5"
]
},
"execution_count": 24,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"A.<x> = GF(5)[]\n",
"A"
]
},
{
"cell_type": "code",
"execution_count": 25,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"x^2 + 3*x + 1"
]
},
"execution_count": 25,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"A(P)"
]
},
{
"cell_type": "code",
"execution_count": 26,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(x + 4)^2"
]
},
"execution_count": 26,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"A(P).factor()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut appliquer les formules de Vélu pour calculer une isogénie"
]
},
{
"cell_type": "code",
"execution_count": 27,
"metadata": {},
"outputs": [],
"source": [
"P = E.point([41,21])"
]
},
{
"cell_type": "code",
"execution_count": 28,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Isogeny of degree 3 from Elliptic Curve defined by y^2 = x^3 + 30*x + 81 over Finite Field of size 101 to Elliptic Curve defined by y^2 = x^3 + 2*x + 84 over Finite Field of size 101"
]
},
"execution_count": 28,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi = E.isogeny(P)\n",
"phi"
]
},
{
"cell_type": "code",
"execution_count": 29,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Elliptic Curve defined by y^2 = x^3 + 2*x + 84 over Finite Field of size 101"
]
},
"execution_count": 29,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi.codomain()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"On peut évaluer l'isogénie"
]
},
{
"cell_type": "code",
"execution_count": 30,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(30 : 50 : 1)"
]
},
"execution_count": 30,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi(E.random_point())"
]
},
{
"cell_type": "code",
"execution_count": 31,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"(0 : 1 : 0)"
]
},
"execution_count": 31,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi(P)"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"En obtenir les fractions rationnelles"
]
},
{
"cell_type": "code",
"execution_count": 32,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"((x^3 + 19*x^2 + 10*x - 21)/(x^2 + 19*x - 36),\n",
" (x^3*y - 22*x^2*y + 48*x*y + 36*y)/(x^3 - 22*x^2 - 7*x - 39))"
]
},
"execution_count": 32,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi.rational_maps()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"Et en particulier le dénominateur"
]
},
{
"cell_type": "code",
"execution_count": 33,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"x^2 + 19*x + 65"
]
},
"execution_count": 33,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"phi.kernel_polynomial()^2"
]
},
{
"cell_type": "code",
"execution_count": 34,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"0"
]
},
"execution_count": 34,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E.division_polynomial(3) % phi.kernel_polynomial()"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### Exercice\n",
"On considère la courbe d'équation $y^2=x^3+486x+765$ définie sur $GF(1429)$.\n",
"- Calculer la trace de la courbe.\n",
"- Calculer le discriminant de son endomorphisme de Frobenius.\n",
"- Quelle est la hauteur de son volcan des 3-isogénies? Combien de courbes contient le volcan?\n",
"- En construisant le volcan des 3-isogénies, déduire le niveau de la courbe et son anneau des endomorphismes."
]
},
{
"cell_type": "code",
"execution_count": 35,
"metadata": {},
"outputs": [
{
"data": {
"text/plain": [
"Elliptic Curve defined by y^2 = x^3 + 486*x + 765 over Finite Field of size 1429"
]
},
"execution_count": 35,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"E = EllipticCurve(GF(1429), [486, 765])\n",
"E"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true
},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "SageMath",
"language": "",
"name": "sage_6_9_beta7"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 2
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython2",
"version": "2.7.13"
}
},
"nbformat": 4,
"nbformat_minor": 2
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment