Mike Rosing - Elliptic Curve Cryptography - Extension Fields (Highlights)

# Mike Rosing - Elliptic Curve Cryptography - Extension Fields (Highlights) ![rw-book-cover|256](https://freecontent.manning.com/cultivating-practical-expertise-learning-from-elliptic-cur%20ve-cryptography-for-developers/) ## Metadata **Review**:: [readwise.io](https://readwise.io/bookreview/39014908) **Source**:: #from/readwise #from/reader **Zettel**:: #zettel/fleeting **Status**:: #x **Authors**:: [[Mike Rosing]] **Full Title**:: Elliptic Curve Cryptography - Extension Fields **Category**:: #articles #readwise/articles **Category Icon**:: 📰 **URL**:: [www.embeddedrelated.com](https://www.embeddedrelated.com/showarticle/1600.php) **Host**:: [[www.embeddedrelated.com]] **Highlighted**:: [[2024-03-25]] **Created**:: [[2024-03-25]] ## Highlights - Any polynomial with integer coefficients taken modulo ppp can be reduced to an element in a finite field $F_{p^k}$ with an irreducible polynomial. ([View Highlight](https://read.readwise.io/read/01hstxb4k5hgrx9vw3yvgbdpwa)) ^697736226 The irreducible polynomial has the degree k and acts as the modulas for polynomials. - For use with cryptographic functions, we normally take the coefficients a and b to be constants, and not polynomials. When the values of x and y are polynomials then the curve is over the field $F_{p^k}$. ([View Highlight](https://read.readwise.io/read/01hstxdzqhct47s6t39y3cgbew)) ^697736417 Extension polynomials are finite field so they are isomorphic with number addition with a modulas. - For any polynomial xxx, there may not be a solution for $y^2$. That is, we can't factor the polynomial $x^3 + a x + b$ into two equal terms. That value of x is not on the curve. Computing square roots of polynomials is a neat trick. ([View Highlight](https://read.readwise.io/read/01hstxj9bsapt7d1cnqccp3ae5)) ^697736790 - Elliptic curves over extension fields have some amazing properties. One of those properties is the existence of independent cyclic sets of points. Even more amazing is the structure of those sets - the number of points on the smaller set will divide into the number of points on the larger set. That means both sets have some similar factors. ([View Highlight](https://read.readwise.io/read/01hstxkexf5459g1tjj3ky8d3f)) ^697736944 For pairing - This operation takes two points on an elliptic curve which have similar order and computes an n-th root of unity modulo the irreducible polynomial. The result is not a point on the curve, it is just an element in $F_{p^k}$. ([View Highlight](https://read.readwise.io/read/01hstxq3v88rgtfm432t5b4ytm)) ^697737806 The result is a polynomial $\mu_n$ where $(\mu_n)^n = 1 \mod{p}$ and $p$ is the irreducible polynomial. - The actual computation for a particular version of point pairing involves the use of a function which uses a third point on the curve as a reference. This point divides out after all is said and done, so it does not matter which point is chosen on the curve. But careful analysis will show some points are far more efficient to use than others because they may have a zero value for x. ([View Highlight](https://read.readwise.io/read/01hsty26ejka0wf2t630v53qx9)) ^697741252