Ciro Santilli @cirosantilli 34

math.mit.edu/classes/18.783, Wow, good slides! Well organized site! This is a good professor! And brutal course. 25 lectures, and lecture one ends in BSD conjecture!

Some points from math.mit.edu/classes/18.783/2022/LectureSlides1.pdf:

The BSD conjecture states that if your name is long enough, it will always count as two letters on a famous conjecture.

Maybe also insert a joke about BSD Operating Systems if you're into that kind of stuff.

The conjecture states that Equation 1. "BSD conjecture" holds for every elliptic curve over the rational numbers (which is defined by its constants $a$ and $b$)

The conjecture, if true, provides a (possibly inefficient) way to calculate the rank of an elliptic curve over the rational numbers, since we can calculate the number of elements of an elliptic curve over a finite field by Schoof's algorithm in polynomial time. So it is just a matter of calculating $N_p$ like that up to some point at which we are quite certain about $r$.

The Wikipedia page of the this conecture is the perfect example of why it is not possible to teach natural sciences on Wikipedia. A million dollar problem, and the page is thoroughly incomprehensible unless you already know everything!

Summary:

An elliptic curve is defined by numbers $a$ and $b$. The curve is the set of all points $(x,y)$ of the real plane that satisfy the Equation 1. "Definition of the elliptic curves"

Equation 1. "Definition of the elliptic curves" definies elliptic curves over any field, it doesn't have to the real numbers. Notably, the definition also works for finite fields, leading to elliptic curve over a finite fields, which are the ones used in Elliptic-curve Diffie-Hellman cyprotgraphy.

The algorithm is completely analogous to Diffie-Hellman key exchange in that you efficiently raise a number to a power $n$ times and send the result over while keeping $n$ as private key.

The only difference is that a different group is used: instead of using the cyclic group, we use the elliptic curve group of an elliptic curve over a finite field.

Variant of Diffie-Hellman key exchange based on elliptic curve cryptography.

The elliptic curve group of an elliptic curve is a group in which the elements of the group are points on an elliptic curve.

The group operation is called elliptic curve point addition.

Bibliography:

Elliptic curve point addition is the group operation of an elliptic curve group, i.e. it is a function that takes two points of an elliptic curve as input, and returns a third point of the elliptic curve as its output, while obeying the group axioms.

The operation is defined e.g. at en.wikipedia.org/w/index.php?title=Elliptic_curve_point_multiplication&oldid=1168754060#Point_operations. For example, consider the most common case for two different points different. If the two points are given in coordinates:then the addition is defined in the general case as:with some slightly different definitions for point doubling $P+P$ and the identity point.

This definition relies only on operations that we know how to do on arbitrary fields:and it therefore works for elliptic curves defined over any field.

Just remember that:means:and that $y^{-1}$ always exists because it is the inverse element, which is guaranteed to exist for multiplication due to the group axioms it obeys.

The group function is usually called elliptic curve point addition, and repeated addition as done for DHKE is called elliptic curve point multiplication.