(************** Content-type: application/mathematica ************** CreatedBy='Mathematica 5.2' Mathematica-Compatible Notebook This notebook can be used with any Mathematica-compatible application, such as Mathematica, MathReader or Publicon. The data for the notebook starts with the line containing stars above. To get the notebook into a Mathematica-compatible application, do one of the following: * Save the data starting with the line of stars above into a file with a name ending in .nb, then open the file inside the application; * Copy the data starting with the line of stars above to the clipboard, then use the Paste menu command inside the application. Data for notebooks contains only printable 7-bit ASCII and can be sent directly in email or through ftp in text mode. Newlines can be CR, LF or CRLF (Unix, Macintosh or MS-DOS style). NOTE: If you modify the data for this notebook not in a Mathematica- compatible application, you must delete the line below containing the word CacheID, otherwise Mathematica-compatible applications may try to use invalid cache data. For more information on notebooks and Mathematica-compatible applications, contact Wolfram Research: web: http://www.wolfram.com email: info@wolfram.com phone: +1-217-398-0700 (U.S.) Notebook reader applications are available free of charge from Wolfram Research. *******************************************************************) (*CacheID: 232*) (*NotebookFileLineBreakTest NotebookFileLineBreakTest*) (*NotebookOptionsPosition[ 661052, 14661]*) (*NotebookOutlinePosition[ 675540, 15135]*) (* CellTagsIndexPosition[ 672881, 15033]*) (*WindowFrame->Normal*) Notebook[{ Cell[TextData[{ StyleBox["\n\nRen\[EAcute] Schoof\[CloseCurlyQuote]s Algorithm\n for \ Determining the Order of the Group of Points\n on an Elliptic Curve over a \ Finite Field\n\n", FontSize->18], "\nJohn J. McGee\n\n\nThesis submitted to the faculty of the Virginia \ Polytechnic Institute and State University \nin partial fulfillment of the \ requirements for the degree of\n\nMaster of Science\nin\nMathematics\n\n\n\n\n\ \nDr. Ezra Brown, Chair\nDr. Charles Parry\nDr. Michael Williams\n\n\nApril \ 25, 2006\nBlacksburg, Virginia\n\nKeywords: Elliptic Curve, Schoof, \ Cryptography\n" }], "Text", TextAlignment->Center, FontSize->14, CellTags->"i:1"], Cell[TextData[{ StyleBox["Ren\[EAcute] Schoof\[CloseCurlyQuote]s Algorithm\nfor Determining \ the Order of the Group of Points\n on an Elliptic Curve over a Finite Field", FontSize->18], StyleBox["\n\n", FontSize->14], "\nJohn McGee\n\nABSTRACT\n\n\nElliptic curves have a rich mathematical \ history dating back to Diophantus (c. 250 C.E.), who used a form of these \ cubic equations to find right triangles of integer area with rational sides. \ In more recent times the deep mathematics of elliptic curves was used by \ Andrew Wiles et. al., to construct a proof of Fermat's last theorem, a \ problem which challenged mathematicians for more than 300 years. In \ addition, elliptic curves over finite fields find practical application in \ the areas of cryptography and coding theory. For such problems, knowing the \ order of the group of points satisfying the elliptic curve equation is \ important to the security of these applications. In 1985 Ren\[EAcute] Schoof \ published a paper [5] describing a polynomial time algorithm for solving this \ problem. In this thesis we explain some of the key mathematical principles \ that provide the basis for Schoof's method. We also present an \ implementation of Schoof's algorithm as a collection of ", StyleBox["Mathematica", FontSlant->"Italic"], " functions. The operation of each algorithm is illustrated by way of \ numerical examples. " }], "Text", PageBreakAbove->True, TextAlignment->Center, TextJustification->1, FontSize->14], Cell[CellGroupData[{ Cell["Table of Contents", "Section", PageBreakAbove->True, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}, CellTags->"c:1"], Cell[TextData[{ "Chapter 1 - Introduction ", StyleBox["..................................................................\ ..............\t ", "Leader"], Cell[TextData[ButtonBox["1", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:1"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t1.1 Background \ ..............................................................................\ ..\t 1\n\t1.2 When is f(x,y) an Elliptic Curve? \ ..............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox[" 3", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:2"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t1.3 Addition of Points on an Elliptic Curve \ ....................................\t", Cell[TextData[ButtonBox[" 4", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:3"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 1 - Elliptic Curve Point Addition .........................\t\ ", Cell[TextData[ButtonBox[" 7", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:4"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 2 - Arithmetic in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " ......................................................................\t\ ", Cell[TextData[ButtonBox[" 8", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:5"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.1 Elliptic Curves over Finite Fields \ .............................................\t 8\n\t2.2 The Euclidean \ Algorithm ...........................................................\t", Cell[TextData[ButtonBox[" 9", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:6"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.3 The Extended Euclidean Algorithm \ .........................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["10", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:7"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 2 - The Extended Euclidean Algorithm ...............", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["11", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:8"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.4 Finding the modular inverse \ .....................................................\t", Cell[TextData[ButtonBox["11", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:9"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 3 - Multiplicative Inverse (mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], ") ......................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["11", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:10"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.5 Modular Exponentiation \ ..........................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["12", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:11"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 4 - Modular Exponentiation \ ..................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["12", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:12"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.6 Square roots modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], " .............................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["13", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:13"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.7 Shanks-Tonelli Modular Square Root Algorithm \ ......................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["13", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:14"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 5 - Computing Square Roots Modulo ", StyleBox["p", FontSlant->"Italic"], " ................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["14", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:15"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t2.8 The Chinese Remainder Theorem \ ............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["15", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:16"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 6 - Determining the Chinese Remainder ...............", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["15", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:17"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 3 - Arithmetic of Elliptic Curves over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " ......................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["16", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:18"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 7 - Arithmetic in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " .........................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["16", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:19"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 4 - Computing the Order of the Group ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], "............................... ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["18", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:20"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t4.1 A direct method of computing ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], " .....................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["18", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:21"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t4.2 Overview of Schoof's Algorithm \ ...............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["20", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:22"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t4.3 Hasse's Theorem \ .........................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["21", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:23"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t4.4 Reducing the problem to that for ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " .................................... ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["22", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:24"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t4.5 Baby Step, Giant Step Method \ ................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["23", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:25"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 8 - Determining Group Order using Hasse's\n\t\t\tTheorem \ .................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["23", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:26"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 5 - Schoof's Algorithm Implementation \ ........................................ ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["2", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:27"}, ButtonStyle->"PageLink"]], "TOCPage"], "4\n\t5.1 Computing ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]], " ..................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["25", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:28"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.2 Determining if ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], " has a root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " ..............................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["26", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:29"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 9 - Computation of ", Cell[BoxData[ \(TraditionalForm\`t(mod\ 2)\)]], " .................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["27", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:30"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.3 The Division Polynomials \ .........................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["28", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:31"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.4 How many division polynomials? \ .............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["29", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:32"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t\tExample 10 - Computation of the Division Polynomials .... ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["30", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:33"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.5 Computing ", Cell[BoxData[ \(TraditionalForm\`n\ P\)]], " with the Division Polynomials ...........................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["31", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:34"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.6 The Frobenius Endomorphism \ ................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["32", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:35"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.7 The Characteristic Equation of the Frobenius \ ............................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["33", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:36"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.8 Schoof's Algorithm: Case One \ .................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["35", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:37"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.9 Schoof Equation (17) \ ................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["36", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:38"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.10 Schoof Equation (18) \ ..............................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["37", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:39"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.11 Schoof's Algorithm: Case Two \ ..............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["38", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:40"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.12 Schoof Equation (19x) \ ..........................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["39", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:41"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.13 Schoof Equation (19y) \ ..........................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["40", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:42"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t5.14 Schoof's Algorithm Summary \ ...............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["42", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:43"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 6 - Results of Running Schoof's Algorithm \ ...................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["43", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:44"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t6.1 A Detailed Example \ .................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["43", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:28"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t6.2 Other Experiments \ ...................................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["44", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:29"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t6.3 Discussion of Results \ ...............................................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["45", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:31"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nChapter 7 - Applications \ ..............................................................................\ ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["46", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:51"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t7.1 The Elliptic Curve Discrete Log Problem \ ..................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["46", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:52"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\t7.2 Anomalous Curves and the MOV attack \ ...................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["46", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:53"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nReferences \ ..............................................................................\ .......................\t47\nAppendix A - Dictionary of ", StyleBox["Mathematica", FontSlant->"Italic"], " Functions for Elliptic Curves ...", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["48", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:54"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nAppendix B - ", StyleBox["Mathematica", FontSlant->"Italic"], " Code for Our Elliptic Curves Functions ......", StyleBox[".\t", "Leader"], Cell[TextData[ButtonBox["52", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:58"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\tNumber Theoretic Algorithms \ ......................................................... ", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["52", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:60"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\tElliptic Curve Arithmetic Algorithms \ ..............................................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["56", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:69"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\tMethods to Determine the Elliptic Curve Group Order \ ...................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["61", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:80"}, ButtonStyle->"PageLink"]], "TOCPage"], "\n\tThe Functions that Comprise Schoof's Algorithm \ ...........................", StyleBox["\t", "Leader"], Cell[TextData[ButtonBox["65", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:85"}, ButtonStyle->"PageLink"]], "TOCPage"] }], "Text", FontSize->14, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}] }, Open ]], Cell[CellGroupData[{ Cell["List of Figures", "Section", PageBreakAbove->False, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}, CellTags->"c:1"], Cell[TextData[{ "Figure 1", " - Ren", "\[EAcute]", " Schoof ......", StyleBox["..................................................................\ ............\t", "Leader"], Cell[TextData[ButtonBox[" 2", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:1"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nFigure 2", " - Plot of the Elliptic Curve ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 - 5\ x\ - 2\)]], " ", StyleBox[".................................\t", "Leader"], Cell[BoxData[ \(TraditionalForm\`\(\(\ \ \)\(4\)\)\)]], Cell[TextData[ButtonBox["", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:1"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nFigure 3", " - Number of digits in ", StyleBox["p", FontSlant->"Italic"], " vs. number of small primes ", StyleBox["......................\t30", "Leader"], Cell[TextData[ButtonBox["", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:1"}, ButtonStyle->"PageLink"]], "TOCPage"] }], "Text", FontSize->14, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}] }, Open ]], Cell[CellGroupData[{ Cell["List of Tables", "Section", PageBreakAbove->False, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}, CellTags->"c:1"], Cell[TextData[{ "Table 1", " - Points for ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + 46\ x + 74\ over\ \[DoubleStruckCapitalF]\_97\)]], " ......", StyleBox["....................................\t19", "Leader"], Cell[TextData[ButtonBox["", ButtonData:>{ FrontEnd`FileName[ {}, "Thesis06April2006_Test.nb"], "c:1"}, ButtonStyle->"PageLink"]], "TOCPage"], "\nTable 2 - Results from Schoof's Algorithm \ ....................................................\t45" }], "Text", FontSize->14, CounterBoxOptions->{CounterStyle->Automatic, CounterFunction:>RomanNumeral}] }, Open ]], Cell[CellGroupData[{ Cell["Chapter 1 - Introduction", "Section", PageBreakAbove->True, CellTags->"c:2"], Cell["\<\ \"In re mathematica ars propendi pluris facienda est quam solvendi\" - Georg Cantor. \ \>", "Text", PageBreakAbove->Automatic, TextAlignment->-0.5, TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["1.1 Background", "Subsection", CellTags->"c:3"], Cell[TextData[{ "Consider the following cubic polynomial in ", Cell[BoxData[ \(TraditionalForm\`x, y\)]], " over the field of real numbers ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalR]\)]], ":" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x\ + \ \(\(B\)\(.\)\)\)], "NumberedEquation", FontSize->14], Cell[TextData[{ "Suppose further that the right hand side of equation (1) has distinct \ roots. Then the graph of this curve is called an elliptic curve. Elliptic \ curves have a rich mathematical history dating back to Diophantus (c. 200 \ C.E.), who used a form of these cubic equations to find right triangles of \ integer area with rational sides. In more recent times some deep \ mathematical properties of elliptic curves were used by Andrew Wiles et. al., \ to construct a proof of Fermat's last theorem, a problem that had challenged \ mathematicians for more than 300 years. The Birch-Swinnerton-Dyer \ conjecture, one of the Clay Math Institute's million dollar problems, is also \ a question about certain mathematical properties of elliptic curves.\n\nIn \ addition, elliptic curves over the finite field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " for some large integer ", Cell[BoxData[ \(TraditionalForm\`\(\(q\)\(,\)\)\)]], " find practical application in the areas of cryptography and coding \ theory. One example of this is the Massey-Omura encryption method which \ relies on the difficulty of solving the elliptic curve discrete logarithm \ problem for security. For such methods, knowing the order of the group of \ points satisfying (1) with coefficients and coordinates in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], ", written as ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ", is very important because a poor choice of curve parameters can lead to \ a situation that gives a potential eavesdropper the ability to break the code \ in reasonable time. \n\nIn 1985 Ren\[EAcute] Schoof ( Figure 1) published a \ paper entitled \"Elliptic curves over finite fields and the computation of \ square roots mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], "\" [5]. His paper describes a polynomial time algorithm for determining \ ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ". Refinements to his method by Elkies and Atkin have resulted in \ computer algorithms capable of finding results for elliptic curves over \ fields with orders greater than ", Cell[BoxData[ \(TraditionalForm\`10\^100\)]], "[3,6]. \n" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ StyleBox["Figure 1 - Ren\[EAcute] Schoof\n\n", FontWeight->"Bold"], Cell[GraphicsData["Bitmap", "\<\ CF5dJ6E]HGAYHf4PAg9QL6QYHg46@n009cWP03LkicWVnN00=c_PI_WP03Kie[ WF^M009_W@9[O@9_W@06Kge[OF]mKge_WFmm0V]m0Vmm0fnM00][O6MK?O008@@Q48DnLkh2Lih017>nLii_WVnM0VnN0W>n16nN1FnM00=[OFnMKih01VnM00=_OF]m Jgd01FnM00Y[O6MJ:D/08@QS48@MLkig_P9cWP09Lkmc _VnNKiicWVnNLkic_g>N00A_WPA_W@03Kge_WFnM00I_W@03Kge[OF]m009_W@9_O@0=Kie[NelI8BT0 8@QS36N0VnN00Ac _VnNLkic_`A_WPE_W@=_O@05Kie_OFmmKge[O@02Kgd2Jgd2Kid01fmmKie_WFMKF_LHi`01008n17>o00A_WW>NLiic_P=cWPE_WPA_W@9_O@9_ W@03Kge[OFmm009_O@03Kie[O6]l009_O@0AJge_WFnMJe]B]A25124@Y@aR5:@DYQS648D@I0aT36<< @`0324800`@Q2488@P0224801PaS46<<@`aS46@@H`8MKih2Lih00fnNLii_WP04Lih5Kih00g>NKii_WP03Kih2Kgd026nN Kie_WFmmKii_OF]mKid2Jg`03fmmKie_WFnMJga[NdIC26<48A2T38n00McWVnNKiic_W>NKiicWP02Kih2Lih00fnNLiicWP04Kih2 Kgd5Kih00fnMKge_O@02Jg`01fnMKge[O6nMJga[NcW`00848P0636<@Q1BU6:HDYQ1T0Pa30`a200D8 @Pa23488@Pa2008nLiic_g>NKiic_g>NKih2Lih4Kih2Kgd3Kih0 2FmmKie_WFnMJge[O6]LKie_O@02Kid02f]lIeXYJ`001488HaBU6n00=cWVnNLkh017>o00IcWVnNLkmc_fnNLih5Kih2Kgh3Kih2Kgd00fnMKge[O002Jg`3 Kid01fmlJg]O61T70008H`aS008HaP035:H@Q@aS008nMml017_O1Goo00=kggooOol00WoO2goo00=ogg_oNml017_O00=g_gOONml00W_o00=kggNnLkd0 0W>n17>N00=_WG>oLkl00g>o0W>N0W>o00=_WW>NKih02VnN00=_WFmmJgd00V]l00]_OFnMKie_OF]K Jg]FeQC60008H`aT008HaP035:D@Q0aS00@8@P0424488@a2348336<234800`a336<@H`0234<00`aS 46<@H`0336<01A1S46@DQ1RU6:H00QB500T@Q1B558DDQA255:H@QA2448D00Q240a1T0a2400<@QAB5 48@011B500D@QA1T46@@I1B4008@Q08DQ@0646@DQ1B446N00=cWP03Mmmc_g>o00Mc_`03Lii_ WVnN00U_WP03Kie_OF]m00=[O@0?Kge_WFnMJe][NdYc26<8@`aT48DDaQS758DnLkh00W>n00=ggg>oLkl01g>o2VnN16nM00=_WV]mJgh00V]l00U_OFnMIe]WFcW_0004 8PQ348D00QBV00<@I0aS34<00PQS10Q200<o00=g_g>oLkh00g>n1fnN00AcWfnNKii_WP9_W@06Kii[OF]mJge[ O6]m0V]l00UWFSG^0004@PQS4:DHaaBV46@00`a300@8@`PR2488@PLHa:3`5:<0000Q250QB5 0QBU00<@YABU5:D00QBU0Q2400T@QA2446@@Q11T36<UVnN009gg`Ako`9kg`Moo`9ko`Eo o`=ko`Akg`06Mmig_gNoMkmc_WON0g_o00=gggNoMkh00WNn00Mc_WNoLkicWW>oMmmg_`06Lkl4Lkh3 Lih2Lil3Kih2Lih016nNKie_WFnN0V]M0V]m0f]l00iS>BU[0208H`b45:HHaa2534<88Pa324<8@PQ3 0`aS0PaT00<@I0aS34<00Pa30PaS00<@H`aS36<00Pa30a1S00NLkmgg`04Lkl00gNoMmmgg`03Lkl00g>nLkmc_`02Lkl2 Lil3Kih00g>NKii_W@02Kid016]mJee_WFmm0V]l00A[Ne[h5mMmik ggoO0Woo1G_O00=g_W>nLkh00W>o0WOO0g_o0WOO0g>o0W>n00=cWW>nLkl00gOO00=g_gOOMml01WOO 0W>o0W>n26nN0VnM16]m00]WG6]lKie[O4Yc26<0@@b436oMmmggWOO0g_o0WOO00=g_g>oLkl00W>n00=_WW>nMml00WOO00=g_gOOMml01gOO0W>o 00Ec_VnNKii_WVnO00I_WP0;Kie[OF]mJge[O6MLJge[O6MK>Nl8HP0226<01@b46>LDaPb436@00PQ3 00<@I0a334<00Q1T0Pa300<NMkl2Nml00gOOMkmc_`02Lkh017NoMmmggg_o0Woo00=kggOOMkl0 0g>o00Ac_W>oKiic_PAgg`Akg`Igg`06Lkmc_W>nKiicWVnO16nN16]m0V]l0VMK00A_WFmmIe/]K080 8@0836@@QAS65:HnLkic_gNo0W>n00Aggg_ONmmko`9o o`9kg`03Mmmg_g>o009c_`03Mmmc_W>n009kg`04Mmmkgg_ONml7Nol017_OMmmc_W>n1FnN00E[OV]m Jge[OF^M009[O@9[W@05Ie]WG6MLF_PM2@0200401@aT4:DDaQBV48@00PaT00@48<@Q12448D@QPb636H8ARe^Jeag _g_oNmmgg`=kg`03Oomkggoo00Moo`04Nmmg_g>NKgh3Jgd2Ie`016]lJge_WW>o0g_O00Akog_OOomo o`Ikg`=gg`9kg`04Nomkgg_ONol5Nml4Nol017_OMmmc_g>n2FnN0W>o00=cggOOKkh00VMK00]S>eki =LlHj0@R14<46@@ H`a336<@H`aS46@@Q11T48@@QAB55:DDYP8DQ@NKgd2Jgd01VnMLkig_g>oMkmg g`9ko`9gg`0BKieWG6MKJge[O6MJCY@M200126<@Q12336<@I1B548DDW9FLeJD EY=JTeYcEW9FLeZCFW<1EW80000734<OKii_OFnNJge[O6ML009[O003KieggW_o009oo`0nLih3Lkh00gOONomgg`04Mml03W?OLki_WFmmKiiggg>nLkeS>CG>0000 0AB448<258@00a2546@nLke[Nch`0P0000@DQ1BT58@DQ0<@I0@48D@QPaU14@o009c_`=_WP05Jii_OV]LIea_O@02Lkh0 0gOONomko`03Nol2Mml2Nml00g_oOomoo`0nKie[Nch@0P@Q00H@Hac558@DQ11T46<536<4348234<244<00a1T46mJg][O0=_W@06Jie_WW>n Lmmc_fno1G>o00Q__fnNKim_WVmnJge[G6]m0V]l00A[OFnNLmmgg`9ko`05Nmmkog_oNomkg`08Ool0 1GoOOomoogoNNmh017_O00=oog_ONol00W_O00Akog_ONmmkg`=gg`9kg`9g_`06Lkmc_W>nLie[Ncg_ 0PQ100H@HaRT58@@Ha1T46<536<010a3348oMkmg ggNoLkl3Lkh02W>NLke_NdH`224481B446MKgacWG_o Oomko`02Mml9Lkl00fnoKii_WP03Kih03V^NIgeWG6MLJge_WFnNLkig_WOOMmikgg_oNml4Ool01GoO OomoogooNmh01W_O00=ggg_OMml02GOO0W>o0W>n00]c_g>NMkicO4ic224001S546NMkigggoo009kg`9oo`9kg`Aoo`05NmmcWG>NJg]cW@02Ool2Nol0 0gOOLmmc_`02Mml9Lkl016noLkm__fnO0V]m00IWG6]mJge_WG>nMml2Ool00g_oOomoo`02Ool00goO Nmmoo`02Ool6Nml00gOOMkigg`06Mml017NoLkmgggOO17>o00Qg_g>nMkicO5JD244001BU0QB400DD I11T34<@@Pa200<<@`8@I08<@`8nLkmgg`02Lkl2Kkh2Lkl00fnNJga[O003Jg`00gOOOomoo`03 Nol9Ool2Nml2Ool017_OMmmkgg_o1g_O1WOO011g_g_ONmm_NeJe48<48AB446 oLkmcWW>n009c_`03Mkmc_g>o00Ec_P04Lkmc_VnNLid3Lkh0 16nMKiic_W>o17OO00=kogooOol01Goo00Akgg_NNmmko`9kg`=oo`03Nmmoggoo009oo`03Ommkog_O 00Ekg`05Mmi_W5Je3684800348@00`aS44<@@`0346<0211334<@@a1334<nLih00VnN0W>o00Eggg>oLkm_WVnM009_WP0DE9cEYAJU5JD00EFL`03FY=JTUYb009JTP9JT`04FY9FLUIbEW84FY<015IbEW=FLeIb0EIc 00000a2546@@I00546@248@01aB55:DHYQRV5:HDQABU00DHYP8DY@036:HHYABU00nLih00VnM00I_WW>oMkmg_g>oKih2 Kgd046nNLkig_gOOLii_WGNnNmmoog_oLki[OF]lJge[WF^N0fnN00=gggooOol017oo00=kgg>mMmh0 17_O0goO1Woo00=kggooOol00goo00Ekog>mD[D56@HYARU58DHYAB4 46<<@P`Q348@HQc6N00=_W@05Liig_gNo Lki_WP02Kgd027>NMmmkgg_OMmmcWGNnNml3Ool01WNnLki_OF]mKge[O@9_WP03Jgec_W_O00Eoo`03 Nmmg_WOO009kg`04Mmmg_W^nNmh>Ool017_OG_P480@Q0PaS00L@H`aS36<oLih00fnM 00Mg_W_oNomkggOOLkeg_P04Ool01W_oNmmg_W>MLii_WP9c_`04KiicWWOONml4Ool017_oNmmkgg_O 0WOO00=g_gOONml017oo17_o0Woo00]kogooOomoogONG_P000@Q248@Q123008LaJcg>BS5BDP03EY@00eZDFY=JT`02EW800eZCEW9FL`02FY<01EJBEW9JTUJCFW800eZC 00AJLeIbEW9FTP9FLP04FW=FLeYcEW<2FW<1FY<1FW<0000346@@Q12400<@I08@Q08@I00658DHYQRV 6:HHYABU0aRV00`HQARV6:HDQABV5:DDQ1B55:D@QAB55:D258D248@00aB55:DDY@035:D03ARV5:H@ QA246nLkmc_g>NKiecWW>nNml2Ool017_oMmic_GNm1Woo0gNn00McWWNoMmmc _g>MLkig_P05Ool017_ONomkggNo0WOO00Mkgg_oNomkog_OMmig_P02Mmh00gNnMkmkg`02Nml01G_o NmmcWEJf24<00P0000D8@Q2336<@P`aR00@Je644iBEW=FU5ZDEYAJU5JD0UJC00QJTeIbDW9FLUJCFY=FLUJC 0eJB00MJTeJCFY=JLeZCEW=FLP04FY<00ejDFY=JL`03FW<1FY@1FW<000D@I08@Q00846@@Ha1T58@H YARV5:DDQ@@HYP8DQ@036:HDQABU00@DQ@8@Q00758DDYAB558D@Q11T58@00QB500hDYARU5:HDYa25 48@DYQ265:Ln0VnM0VnN00McWW>nLkic_W>NMkikg`02Ool2Nol01G_OMkecWGNnNml00goo00=k ggNnLkh00WNo0WOO00Ec_W>MLieg_W_O009oo`05Nomkgg_ONomg_P02Lkh00g>oLmmgg`02Lkl2Mml3 Lkl2Lkh02g>oLkic_W>oMki_O66:DDYABV5:HDYA2548Ho1g>n00eggg>nLiic_WNnIeY6<@b40008@PaR48<O9cWg>o0WOO1G_O0WOO00=kogooNml00W_O0goo00AkgWNnNmmoo`=kg`0nKki_WF^MJge_WG>nLiic_WNn0WOO00AkggooOomoo`=kg`09MkicWG>nLkec_WNnOomkogOO009g _`07MmmkggOOMkikgg_oNml00W_o0Woo00EggWNnMmic_W>o00Agg`03Lkmc_W>n00Ac_P03Lkmggg?O 009gg`03Lkmc_WOO009ggP04Jg/mk`Q2000248<01PaR46<o00AcggOONmmgg`=kg`05Mmmkgg_oOomk o`02Nml3Ool017_NNmmoogoo0g_O00AggWOOLmi__@=_W@05Kkic_W>nLkig_`02Nml017_oOomoogoo 0W_O00QggWNnMmiggg>nLiec_G_o17OO0W_O0WNn0W_o00QggW_ONomkogooNomg_W_O0WOO00EkggOO Lkmg_g>o009c_PAgg`04NomgggOOLkl2Lkh2Nol3Mmh015KF5:D000aS0Q2300H@HaB458DDQABU48D2 4:D358D00aRU68DHQ@0258D03A1T34<88Pa246o0WOO00=kgg_oNml00W_O 00Eggg_oNomkogoo00=kg`=oo`04MmikggooNol2Nml01G_oMmmggg?NKkd00fnM00E__W>oLkig_WNo 009kg`9oo`03Ommkgg_N00Akg`0CMmmc_W>MLkekggOOLkmg_gOONmmggg>MMkioog_oLkeggW_oNml0 0W_o00=kgg_oMml00WOO0g>o00=ggg>oLkl027OO0W>n00Yggg_oNomkgf]kCW<oMkmg_`9gg`Mkg`0;Oomkog_O MmmcWW>MLkeggW>oKiic_P02Mml027NnLiegggooNomg_W_ONol2Nml2Nol017OOMkic_W>o0gOO00=c _fnNKih016nN00Ac_VnnLkmc_`Ac_P0>Mmmc_EKF8@P000@P368DQ11T58@@Q11T48@DQ@DDY@0>58DD Q11S46<88PPQ6:D]:Sg>BS5BDU9cEY=FU09J]003EYAJU5ZD009FLP9JT`05EY=JTeZCEW=JT`02EW80 1eZCEW9JTeZCEW9FLeJC00=JT`=FL`=FLP04FY=JLUYcFW<2FY<2EW<00eZDFW=FL`02FW<2FY<2EW82 FY<0000344<@I11T00P@I00358DHYQRV008HYP8DY@nLih7 Kih02V]lKie_WF]mKiic_VnNKieJeb490P0000D<@Q1S56@DQ1BT008DQ00@5:DDQAB558DDYARU58@@ H`a2224@Hac6;DY1kdhaDW<2EW<015JDEY=FTeJD0eIc00=FTeIcEW<01UIc00IJTeIcFY=JTeIbEW<5 EW82EY<2EW<01EJCEW9FLUIbFY<00eIb0UZC00AJLeZCFYAJL`9JT`05FW=JTeZCFY=FLP02FY<00003 46@DI11T00L@I0@DQ@075:DHYQBU6:DDQAR558D01ABU00oMmmc_`=gg`03MkmgggOO00=gg`04NmmoogoONml2Nol01Woo LkeggW_oMomgg`9c_P03Mkmc_WNo009_WP9cW`9c_`9_WP04Lkmg_gOOMml3Nml3Nol03G_OLkicWVnM Ie][O6mlKiecWG>nMkmcWVnN009c_P9gg`03Mmikogoo009kg`03Mmmg_WNn00=gg`04LkmcWVnNLkh3 Lkl017OOMkmc_g>o0W>n00mc_fnNLkmggg>oKie[ODHb004000Q1100DQ1bV6:H00QBU00MMkioog_oMmmkggNoLkl6Lih2Lkl2Kih00g>nMmmgg`04Mml03W_oMmmc_g>NKie_O6]l IeYS6FmlLgacWGNNLid3Kg`017>MMkig_WNo0W_o1WOO0g>o00Ac_W>NLkic_P9_WP04Kkm_WW>oKid2 Jg`02VnMKgecWWNnLie_W6MJ>Lh000@00Q1S00NLiicWP9_WP9c_`9c_P04LkmgggOOLkl3Lkh0 2VnNKie_WFnMJgaW>VVLjKg`00Vml00=_W7>NLkh00WOO00Ic_W>oMmmggg>o Lkh3Kih2Kid01VnNKie_WFnNJii[O@9_W@03F_Q6Je>nLkl2Mml3Nol01G_ONomg_WNnNml00Woo011kgW_ONmmkggOOMkig_g_OLkic WVnMLii_WFmmKiicWP9_WP03Kimc_fnN009_WP9_W@0BKiicWWNoMiiW>UZfCU=>DU9BG]IVmfLHI_QR efKhKe]cO7>M0g>n0VnN0W>o0W>n00E_WVnMJge_WFnN009_O@03Kie_WVnM009c_`07Kki_WV]m@S84 @`aU8@T00Re<00DY:QcW24<000@000@DQ00>46Je>g>oMml00W>o00Qggg>oLkmc_W>oMmmgog_o0WOO 00Eg_WOOLkig_W_o00Aoo`03Nomkgg_O009g_P09Nmmg_W>NLiecWVnMJga_OFnM009[O@04Kgi_WV]m Kih3Lkl037OONmmg_V/jF[E>DTX@CS5BoKim_WW>o0VnN00Ec_gOONomkogOO00=c _P04Lkm_WGNnNol5Ool01W_oOomkgg_ONomgg`9g_P9c_P9cW@=_WP04Liic_g>oMkl3Mml02W_OMke[ FekGDU9>DEIBEU5B<5IA0UYb00MJDEIAES5FDUjeIaUcW@03Mkl00g>oKii_WP02Kih00fnnLkic_P03 Lkh2Kih02fmmKii_WW>oKii_WF]lBW@@Q@PR58D01A1T00Li[DHa CU9BLeJCFYAFL`9JT`IFLP9JLPAJL`=FLP9JL`03FW9FLeYc00IJL`9JM006FW=FLeZDFW=FLeYc0UIc 00AJTeYcEW=FL`9JL`EFLP03FW=JLUYc00MJT`03EY=JTeZC00AJL`000Q1T0PaS00P@I11S44<@Ha1T 46<@I1B40aBU1QRV00@DYAB558D@Q@<@Q00546@oMkmg_gOOLkic_`=c_P9gg`03Lkmg_W_O00Ioo`9ko`03Nmmoog_O00Ek g`08Mmmkgg_ONmmggg_ONomkg`9ko`0HNmmgWFmJH_MFTeIbFY=NTeYbGW5NLUiaGW9RTeibES1B<58a EW=W6G=lLieg_WOO0WNo00=c_fnOLkl00W>o0VnN0W>o1FnN00M_WG>nJgaB]A24248HYP0258@0111S 58@HQAB50QB400L@Ha1R58@Pibe[>Je6<002DW<2EY@3EW<01EIbEW=JTeZCFW800UIb0UZC00AJLeYb FW9JL`9JT`08EW9JLeZCFY=JLUIbFW=JT`AJL`9JT`03FW=FLeZD009JU006FW=JU5ZDFY=JU5Yc0UIc 0UZC00YJLeIbEW9JLeIbFW9FLUYcFY=JL`EJT`06EW=JLeZCFW=JTeYc0EIb0000111T48D@I0aS0Q1T 00P<@a1346<@Ha1T58@DYARU1QRV00@HYABU58DDQ@@@Q0@@I00346<@I124008@Q08DQ00:6:DHaa1U 24@00be^Ha][WW>oJih3Kih2Mml2Lkl00g>NLkmc_`02Lkl2Mml00g?OMkikg`03Ool00g_OOomoo`03 Nml017ooNomoogoO1Woo00akog_ONomoog_oNmmg_W>MJcURmeZDEW82G[<2GY803f:cH[9NLEiaGW9N LEH`DS1BoKkic_`03Kih017>NKii_WVmm0fnN00Y[WFnMJgaB]Q25 124DYA2358@@H`@DQ0076:DLYBD7EkFG[AJTejdI]ER/`03GY800eia FW1JD002FU002eH_DRmFDU8aBO1:4EZEIaU_Fg>NMkl017>o00=__VnNKih00fnN00a_WFnNKiicWVnN Kie[O5:e38@08A2U36<246<02ABT6:DDQ1bU:BPaJcf]APm>DP04EY@01E9cDU9FLeIcEW800UIc1UYc 00AFLUYcFY=JT`AFTP=JT`05FY9FLUZCFY=JLP02FY801eIbFW9JTeZCFYAFTeIc00IJL`9JT`07FW=F LeIcFY=JU5ZCFW<00eZC0UYc00=JTeYcFW<01UZC0UYc0EZC0EjD0EZD000246<646@236<00a245:DD Y@026:H011R66:HHYQRV11B50Q241Q1T00<4E9CF[MWFfmm00Ac _P04Kki[WV^MJih2Kid05VnNJie_WVnNLii_WF]kD[DNKii_WP03Lkl02G?O Mmmc_g>nNmmkog_ONomkg`02Nmh7Nml017oONmmoogoo0WoO00Ek_W>LJeYNeUZe009N]003I]EVe6KD 00=V/`04H[9NTV:AHY82GY801F:BGY9RTV:cHY800eib00YFDEIBDS5>44W`BS9NefmKLiig_`=_WP9[ W@03Kii[OFnN00=_WP0DKie[O4Yc248400a1464LY2349<@TaBC4;@HiJ3f:AJ]9c4h?DS1FDPEFL`9F LP03EW=FLUIb009FLP9JL`05EW9JLeYcFW=FLP02FY<01UIbEY9JTeZCFY9JLP=JT`03EY=JTeJC009J T`03EW=FTeJC009FT`04EW=JTeZDFY<2FW<4FY<01eYcEW=FLeYcFY=FLeJC009JT`=JL`08FY=JLeYc FW=JTeYcEW=JL`9JT`9JL`000Q1S00<@I12446@00a1T0PaS0Q2400oKih00V]m00=_WVno Kih00VnN00mcWg>oLkmc_fnnLmmggg>oLkiggg_oNmmkog_OMml01G_O00=kog_OOml00goo00Qogg_O NkicNfLHF[EJTejd0VKE00=Ve6JcI[<00fJc00AZe6JcI[=Vd`=R/`04HY9R/V:cHY83GW803eYbES5B <58@ALhmSDXAEYEW6W>MLii_WW>oKii[WP02Jgd2Kih066^NJie[WF]l?S4080@0444HPRCU:<@XiBd6 :>@]1CDV>DQ1RTG3U8aEU9FLPAFL`04EW9FLeIcEW<2EW801EYcFY=JLeIbFW<015ZC0UJC1UZC 0eJC00AFLeJCFY=JT`EFT`03FY=JU5ZC009JT`0o00YcggOOLkmc_WOONomkgg_oNmmgg`Mkg`08OmmoogooNmmg gW>MJcYNeP9Ne@03G[=VeF[E009R/`MV/`9Ze09R/`05HY9NTUiaFW5FD@02DS003eHaDS1>3dh?DQ19 kcf]?Ji1d59dIaU_OG>MKii[O@02Kih016mmJge_WVnN0V^M00M[O3X@00040111788]1@02;>@03bST :<@/iC46=BLmJDF[BLe=kU8@EU5FLUIcEWAJU002EY<01UZCFW=JLeYcEW=JL`9JT`9JL`06FYAJTeIb EW=FTeZC0UJC00IJTeYcFW=JLeIcEY<6FY<3EY<015ZDFY=JLeYc0eZC00EJLeZCFY=JTeYc009FL`04 FY=FLeIcEY<3FW<00eZDGYAJU002FW<2FY<4FW<2FY<0000448@@Ha1S46@248@246@01PaT36<@I1B5 5:DHYPDa1SU8@H]5[4W^CPmBNKiic_WNoLkmgg`9ko`9c_P04MmmkogOONml2 Mml3Nml00g_oOomko`02Ool02g_OMia[>EkFEW=JTf:eJ_IVe6:cI[@00VJc00=ZdfJcI[<00VJc0VKD 00mV]6:CGW9JLEY@EU1B<4h?BPi5kT7=@Jdm[46]@Ld00TG>0TG^01]5cSf]>H`m[ThcF[MNf6LkKge[ G6mmJge_WW>OKii_WF]K@Q4001118:@Ti2d5;>@`i2cS;>D00RcT00/`iCDW>FU1[4G=BNiB<5IBEW=J LeZD009JL`9FL`=JL`04FYAJTeYcEW<2FY<015IcFY=JTeIb0UZC0UYc1eZC0UYc0UZC0UIc00AFTeZC FW=JL`9JT`AJL`03FY=JLeJC009FT`04FY=JU5ZDFY<4FY@2FW<00eZDFY=JT`07FY<000@@H`D@I004 56@DQAB55:D36:H01QB55:DDQA2548@@Q@@@Q08NLiig_P02Mml027_OMmmc_W>nMmmkogOO Nml2Mml06g_OOomkgg_oOomkog_NMie_FfKgF[EFLeZDH[AV]6[EJ]AV]6KDI[AV/VJcI]=Ve6[dI]AR /`02GY802EibGW5JLE8_CPm9kTG=@Le5k@02ANh01dG_BNm9kdX?CQ1:44G_0099k`91cP91l006@O5> E5JFF]Q[G6]M0fnN00]_WF/j?O0401AS9@`i2cS00@/i00:;>De9cUZ@Ja5cDh?DS5FDUYc FY@8FW<01UZCFW=FLeZDEY=FLP9JT`05EW9JTeJCEW=JL`04FY<2EW801EYcFW9JLeZCFW<00UIc00EJ TeZDFY=JLejC00EJL`AJT`9FT`04FW=JM5YcFW<5FY@00eIcEY=JT`07FY<00003368oJge_O@=[O@04Iea[OFnNKih2Jgd01FnNLkmc_g>NMkl00WOO0W_O00AggW?ONomko`=gg`9go`=k o`0:Mmig_GNmJcYNeeYcEW9NTf:cI[@2J[@00fJdI[=Z/`02I[<2J]@01V[eJ]AR/eYaFU5JL@9FD004 CPi5c46/@J`2@L`00dG=BPm:3`04BQ02BNl00dh@CNm=k`02BNl04dW?@Lm1ccf^?Llml4idG]QW>f]m LiicOF/j?Lh401QS:>H/i2c3008/i003;>De9cUY?H]5[4W^CPmB3P07BNe1[4G44g`CQ1B44h?009=kP9= k`99k`0>?JdiS35;>Hi24E:EG]Q[G6mmKe/i[@`P78@XiP8/i003;>@a1SE8?FY1 RdG=BPm><5IB009FLP03FW=JTeZC00AJL`06FYAJLeIbFY=JLUIb0UZC00AFLUZCFY=FLP=JT`03EW=J LeYc009JL`EJT`9FT`03FY=JLeYc009JLP04FW=JTeYbFW84FY<2EY<3FY<5FY@;FY<000<@H`0348@< Ha24008@I08oLkic_`=gg`9ko`03MkicWW_O 00Ekg`0>OomkogNnLie[>UjfEW=FLUjDH[ARTfJdJ]AZ/`9RTP03IY=V/f[D00=Ze004GY9JLEY@EU02 DRl01Th>ALe5kDW]ANe9k@M9kP9>3`06CQ1B458@DS1B3dg^0U8>0dg^0119cD6<=DTaBcE/?Lm24EJf HaUW6C5[568PaBcU;>@`i0L/i00;:<DTmRTG459AEU9FLP03FY<4FW<02EZCFW=JLUZC FW9FLUJBEY=FTP02FY<01EYbFY=JTeZCFW<00UZC0UYc00=JTeZDFY<00eZC0UJC00AJTeYcFW=JLP9J T`9JL`=JT`AFT`9JT`03EW=JU5ZD009JU0]JT`000Q2300<@Q11S46<01A1S00<@I1B558D00QB50QBU 00o009c_PEgg`9c_P03Nmmkog_O009ko`9kg`04Mke[FfERmFD4h>ANe5cDG<0091c007@Le5kTW^BNi> 3e8?CNh00Th>00Q=kU7_DPmB3e8`ES1B;e8?0dg^011AkTg^CLe9c46:=FXeBSE[D/i@@/i2d6=BLiJD6[ALe:3U8aEU9FLUIc0UJC00=FLeYcFW<015Yc 00IJTeYcFW9JLUIbEY82FY<00eYbFY=JT`04FY<2FW<2FY<00eYcEW=JT`0fLkJea[O@02Kgd3Kih016]mKiic_g>o 0gOO00Mc_g>nLkicWW>nNmmgo`02Mml02g_oMki_O6/iG]IFU5YdGY=RU6JcIY800V:C00aVTfJBGU1J ;f:BJ]A^mFkfI[=FD58_CPh3BNd2AL`00dW]BNi5k@02ALd00dW^CNm>3`04DPl00e8>EPmF3`02DPl2 ERl00e8_DPmB3`02DPl2DPh04Dg]BLa9[46/?H`iS35Z>JdmcCE[220LXbSU;>DXhbcT;><00RcT00<00bcT00d/iC46=DPmRTF/ANe>3e9AEW9BLUIbEW=FLP03FY<2FW<015YbFW=JTeZC0UIb00AF TUZBFY=JLP9JT`9JL`08FY=JU5YcFW=JTeYcEW9FL`=JT`03FW=JTeZC00=JT`05FW9JTeZCFY=FL`02 FY<3EY<2FY<00eJCFY=JU00=FY<0000=1248@PaS2483Th?DPmB409F 3`03ERmF3U8>009F3`AF<00EDRmB3e8?DPmB3U8?CNe=cDW<`i2c3:<@033DW?FU1ZdG=BNi><5IBDU9FLUZCEY=JT`AJL`04FW9JLeZCFY<3 EW800eZBFW9JTP02FY<2EW8025YcFYAJU5ZDFY=JLeIbFW<2FY@2FW<3FY<00eYcFY=JT`07FY<01EJC FY=JTeZCEY<00UZD3EZC00002aB55:HDY@Q200048@aS48@DQ11T56@00QB50a1U0QB500H@I12458D@ Q11T36<246@234<436@0411S58@DQ1BV22@411SZDYQ[OV]mIcaS>f]LJge[G6]m0fmm0fnN00Ec_g?O Lkmc_fnn009_WP9_W`03P02AL`04TG=BNe9cDW=BNe=kTW]@J]1bdG3dh>CNiB3eH?EQ1J;`9F;`9F3`03 DPmF;eH`009F<09B3`0;ERmF3eH?FS1F3e7^CLe9[4F/@H/mR`02@L`00cf[=FTY1@02;@@01BcS;@@00bcS00@00RcS00Ha1CU7@HY5[4W=CPl2DU401EIbFY=FLeJCEW800eZC00=FLUYc FW<00eZC0UZB00=FLUZBFY<01EYc00=JTeYcFW<00UYc0eZC00AJLeIcFY=JT`9FL`UJT`05FW=JTeZC FY=JL`02FY@2FY<3FW<2EW<6FY<00004?Nm243G>7@P200001@@Q248@I11T44<00aAU00@@IAB658DD Q@8@I00448@DQA1T46<346@236@00`a324@fMKIea[O09[ O@9_WP08Kge[WFnNKkic_g?OLkm_WP9[O@0>Kgi_Wg>OKiicWWNoKie[FV;gEY=FDUIAGW9R/`9V/`0= J[=V/fJBIY=VTUiaFRmRLFJCI[=NLE8^BNd00TG<0TG=00A9kTW=BNi5c@95c005@J]9k4W]BPi>3`02 DPl02UH?EQ1J<5X`EPiF;UH`ERmF3eH`0eYA00=F<5H?FS000UH?00eJ<5H?DNi=cDW=BJa1ZdF[@J/m ZcfZ@J/eA`02:><01RcS:>8/hbcT;<@/hbcT;><2;>@02S45>DQ1RdG=BNmB<4h`EW9J TeIb0UJC00AJU5ZCFW=JLP9JL`03FY=JU5jC009JTP04EW9JTUYbFW82FY<8FW<01UZCFW=JLeIcFY=J U09JT`06FYAJTeZCFY=JU5ZC0UYc00=NTeYcFY<00UZC00=JLeZCFY@015ZC00AJLeIcEW=JT`9JU0=J T`0000IS6F]KIcYFeRe/48@224401Q1S368<@QB3463`03DRmF<5X`009J<003FRmB3UH>009J<0AJ D@0?GU5J<5X`FS1J;eH>ERmF3Tg]CLe=kDW@XhbcS;>@X`bcS003e8`EU800UIb0UYb00=JTeIbFY<00UZC00IJLeYbFY=J TeYbFY82FY<01EYcEW9JLeZCFW<01UZC00=NU5YcFY<015ZC0UZD1EZC00IJU5ZCFW=NTeicGY<3FW<0 0ejDFW=JT`04FY@8FY<00007IcY_O6mlIe]:LcF]8@P00QRU00DDQ11S58nKge[>UkfEY=BDU8`FU1RT@02IY80169aIW5Z/fkD0VZc00IVLEX_EPiRLF:B DRl2AL`01DG]BNi:3TG]ALd00dG<0dW=0TW]00IB;eH_DPmB3UH?ERl2FS0015i@FS1F3UH_0UiA1Eib 00MJDEY@FU5J;eH>FRmF;P02DNd01Dg]BLa9c4W<4 ;>@032S3;>fmmKie[Ne[GAU4e[BU98@LLiQS568@258<248@258@0112446@@Q1241A1T00D<@`aS 36<8@a1T008@Q00648L09004:FmJnelm0VfMKJea_O@=[O@0FKge_WW>oLkm_Wf]mJee[G6]l Jge_WW>NMkicO6DNeF3@04DNd0357=CLa9ZdF;@HY5ZdW/@JXiAc4V:>fmmKieWFeKF@S4icBeZ9BPU9bD78>HLaAB40Q230aB4211T10a30Q2400T@QA2700@4 AcheFaeO7F0TW]00I5cD6/ALe=kTW< AJ`2BL`03Dh>CPm=kU8?ES1F3eH>ERmF3eH>FRmND5iA009RTP03HW9RTf:C00=RT`0>HW=NDEX`FRmE kU7]DNa=c57DL]1002:<<2;><00bcT;><00bc3;>@02bcU<@He:3e[AJe5cTg_ES5FDEYcGY<00eYc0UIb00=JLeZCFW<00UYc00IJTeYbFW9JLeZC FW<2FY<015JBFY=JLUYc0eZC00=JLejDG[@00UIc0UZD0eZC00YFLeZCFYAJTeIbFW=NU5ZCEW=JT`]J U0IJT`0000iW>fmmKieS>UKF@Q0e[BeZ9DPYB2e89@LPiQRT0QB300o00AcWV]mIeaWG09[O@=_ WP0UKga[>EkECS1B;eY@HW1VKfI?IU1ZLFIaJ[9ZTVZCIY9VLEi@EPeAk4gBNe1 [4F/@Ja9cDW]ALa5ZdW@2;><3 ;>@2;><3;>@02S3U<@LiBD600Q=kUH?ERmJ<5i@FS1ND5h`0Ui@00=RLFJBHW800Uib0eiB 00eRDeiBFQ1J<5X?EPiJ3UX^EPeAk4g;DNaAc002CJ/03Dg;BJ]9ZdF[BL]5ZT69>DL/i2C2;>@/i33T008/h`8/i00<<>@`iC3U=BQ1RTF/BLe=kU8`FU9NLeYb0UYc0eZC0eYc00EJU5ZC FY=JLeYb009FLP03FW=JTeZC009FT`05EW9JTeZCFY=JL`04FY<00eZDFY=JT`09FY<00eJCFYAJU007 FY@:FY<00008Ica_OVmmIe]B]T8`=J`YB@8Y9`07;BPY9bCV8>HLY1RT58<00Q1R0QAT0Q1T00@<@a1T 46@<@P<<@`0;46@P03Ie`01f]MJea[O6nNMkmcWVmm009[G09[O00: KgecWG>MKg]NmTiACRmFCei`GVl2GRl01V9>ITmVLFZCIY5ZTP9VT@05HW1J;Tg;BJ]=c002AL`4ANd0 2DG<@J]5bdG<@J]1ZTF[ALa9c002BN`3CNd01EH^ERmJ<5X`FU000Ui@00EN<5X_GU1RLEi`00AND@9R LP09GU5J45X`FPmF3UG]FPeEkE7<009Ab`04CL]=ZTg;CL/2BJ/02TV/BLa5ZT6Z@HTa9BC2::8X`S3T 0bcS00@00bcT0S3T00P`iCDV?FQ1RTF[BLe>3eHa15Yb00=FLUYcFY<00UZD0UZC00AJLeZC FW=JL`EFL`9JT`03EW=JTeZC00AJT`03FYANU5ZD00MJT`06FW=JTeZCEW=FTeZD15ZC15ZD1UZC00=J TUZCFY<00EZC00002FLlKgi_OVMKD]I6HY1bCV9>LLaAAS448@Ha1T0QAT 00DfnLii_WV]L Ic][G002Kgd076nMLga_FUkfBRm1c4h=GU1RL69_HU1R;f8]ITmVDFIbIY5Z/fJAIY1J;DW:@HU5RTW< BLe5c4G=0TG<00M5Zd6;@H]5ZdG;@JY1Z`02AL/00dW/BNeB3@02DRh00e8=ERmJ;`04FS02GU0015X? GRmND5h_0Ui@00ANDF9aHU5ND09N<003FPmF3eH>00=Ek@0;DNaAc57;CL]=ZTf[BJY9RTV[CLe=k@02 AJ/014W;>DL/i2S30RcS00<`hc44<@@00RcS12cT0RcS00X/i345>DHiJ46:ALa=kU8@FU9JL`9JLP9F LP05EY=JU5ZDFY=FT`02FY<01EZDFY=JU5ZDFY<00UIc4eZC0eYc00AFLeJDGYAJU09JT`03FW=JTeZC 00aJT`0000MW?6mnJgeWG5KFAS4e[002:DP00bTX:BLY1`028HTmVL6IaHW1NL6JbHW5J;dg[AJY1RD6:AJa5c4F[ BNe5c4G;0091ZP05@HY1ZTG;@J]5b`02BL`01DW/CPeF;UY@FTl00UH^15X_00YJCei?GTmJ;Uh^GTmN ;UX^GTmN;`9RL003GTmRCei?009J3P=F3P04ENeAk57/DL`3CL`2BHX024gERmF;UH_DPiF;PAJ;`08FTmNCei?GTmJ;Ui>GTmNCP=NC`05 HW1RD5h_HTmN;`03FPh01UG^ENeEkE7]DNa=c09=Z`03CLa9Zdg<009Ak@0=BL]=c4g]BNa1ZC4V:<@X`bc3:<<01BcT0RcS0RcT00La1CDV>DPmRDF/BNiB4002EU400eYbFY=JT`02FW<00eIcFYAJ T`02FW<9FY<2EW<5FY<4FY@5FY<00eZDFY=JT`09FY<2FY@00eJCFY=JT`02FY@2FY<00eZDFY=JT`01 FY@00009Ica_OVnNIeaB]T8a=J`YBBU8008Y:00::@LPaB34;BLiRSV[=HX]BB3V58<224401`aR36<8 @PQ234<LH_M5cCf:BJ]Ak57;FNaN3F9>IW1N;Ui?HTmRL6JAHW42I[80157/@HPe9SeX0T6:00E5[4GERiB3UH^FTmF;UX_GU03GTl04Ui>GRiNCV9?GTiN Ceh^HTmVLF9@GRmRD5h_FPiEkUH>ENeEkP9Ek@0:DNe=c4V:BJ]=ZdV[CJa=c57]CN`2ERh02Dg/AJXm J3469:@/``07;>@2;><02RcT<@Da1CDW?FU1RdG=CPmB<5IA0UYb0eYc00=FLeZDFY@01eZC 0UJC0UZC00=JU5ZCFY<00UYc00AJTeYcFYAJM09JU0QJT`9JU0UJT`03FW=JU5ZD009JU09FU0AJU000 01aW?6mnLim[O5:fAS4e[2eY:DPU9bTW:@LPa1bS:@HeRCF:H@PPQ1488@P`aS348<@`88 @`0>36@@IABV12<@QcgCF]]S76VMLIe][O002Kg`056]JH_I:<3eZ AJ]Ac5G/FNaEk5W]HTmRD69?HW1VL69`J[5VTEi`EPd2?FP01CUX?HU1Zd6;ALd00TG<00Q5bd6:?HU1 ZDG:BN]9k4g/0dW/00A>3E8=CNeB3P9F;`06FRmJD5H>GRmND5i?0Ui>00UN;Uh]GRiRCUh^HRiN;V9? IW400V9@00=RLF9@GRl00UX?00aF3UX_ENiAkE7=CLa9RTf[CJa9Zdf[BJ/2DNd02UH^EPi=k4W@/i2cS;<oJgaBeTHa48H00aS9BUINfekkHa]W?6LkIe][FfnMKgeWF`9S6P9WG00AJea_O6]KH_I: ;cEZBLeAkE7/ENaIkEG]FPiND69`IW5VL002IY4046ZbIY5J;T69>BM1RD6:?HY1Rcf;AJa9c46[@HY1 ZTFZ0TG:00=9bTW;BN`00TW/00==kE8=DPd00UH^00QJ;eH_FRmND5X_GU1RD69?0Ui>00=N;EXDTXbS422cT00@`i2cT;<@a9SU8@HY5[4W^DPmB<5YBFW9JLeZCFYAF LeYc00MJT`9JU005EY=JTeZCFY=FL`03FW<2FY<00eYdFW=JM003FY<00eZDFY=JT`02FY<3FY@8FY<6 FY@2EY@3FY@0000CIca_OG>NJgaFeTHa=J/]JBTW9BHY9bdW9>DPY2dW>HXeJSEY>J/00SV/00@aJR3V 488Y>EUkKG_]RnVGS03HW0026ZbJ[=VTEH>AHTe9cU7@JX2?HX2@J/02TW=BNe1 Zcf9AJ]9c4W;AJY9be8=0dg]01AB3Dg]CNaF3EY?FRmF;eY@GU1J;ei?HU1RCei?GTiN;UXDPa1RcT:>@/i2ST00DRmFJ`iZc5Z8>H8@@@034800Q1S00`Y655[IH_]NnV;jIc/2Je`046mlIeYS6E[hHc][ G7>MKgaW659A@J]1ZTW/DNeAc57;0UG/00AAc5X>FRmRL09VL@9ZTP06HU1=c3e7<@HiB46:0Sf:00m1 ZdF/ALa9k4F[@HY5ZdgH/eJSV:?J/iZcV;>J/mc2e95:@<@@<<@P0K36<<@aB5 48D88aS9?O9JfF;jG_YW6fLkJea_O6]LHaUO6E[hIc][G7=mJeY>DSV;@J]9bdg[009Ab`06EL]EjeG[ EL]Ek5X=0VIa0VZB00MRD57GRiN3Uh=HRmVL5i?FRmRD5i@ENiEkE7= CJ/2BH/02TF[BLa5ZdW@]1BST ;>D00RcT0S3T00@00S3T018/i33U<@Da1C46>DQ1RTF/BNeB45IAEU9FLUjDFY=JU5YcFY@2 EW<5FY@2EY<4FY<00ejDFY=JU005FY@2FY<00eZDFW=JT`05FY@=FY<00eZDFY=JT`02FY@1FW<00009 Jee_WV]mIeaFeSh@=J`]JBDV008Y9`0D:@LPaAb4;BPmS3EZ>H/m[3V<=H/eRSV[>JX]B1c43448811S 36<8@P8@Q@0O22<f]KJgaWFfH/iJ4W:CN]Aje6ZEL]I jeG;DL]AZeG]FPh00VJA015VLFZAEPdmB3DW=BQ1JCeY@HY1ZSf:@J]5c46[?HY1ZTFZ0099b`03CNaB 3E7]009=k007CNeB3UH^ERiNKeY?ERh00UY?15X^00mN;Ui?GRiJ3Uh^GRmNCf9?HW1N;eX>GRmF3Tg< CJ`00U7>157^00E=cDg]CLe=kDg=0099c@0?BLa1Zcf:@HY5ZdF;BJ]9c4F[BLa>3Tg]@JXmRCE7008] 1@04;>@Xi2cT:>@4;>@00c3T;>@/i003<>@03BcT<@De9cUX@HY9c4g^DRmFDEYbFW=JTejC00=JT`07 FW=JU5ZCFW=JU5JCEW802UZC00EJU5jDFYAJLeZD00IJT`9JU15JT`5JL`5JT`0000Q[GG>OKgeWFeKF @S0e[2eY0bTW00PY1b357:@a:3V;=FXiRcf/0SV;01LiZcg;>J/iZbdX58<880a1368Y:EE[IHa]W6f`0BPiB0BLe9cDW=@H/iJCU9?FY1RT6;0TF/00I9c4g]BNa5Zcf9>DP2@01RcT:>@`i08/``8`i00@;<NKiiWFeKF@S0eZbeY0RTW0RdW00LP aAbTH/m[002>H/04CV[?L/mZcV[=HXTiQ1R22088@aR46f]LIe/00ekh019W>VLkJcY:4BdY>FU9be7;ELaAZeF[ELaEk5GHS02IW00469?EN`m9SD6 >DPmJSeY@HTmJCf9@JY9c46[>DPmRDW/1EH^0U8=00AF3U8>DPeB3P=F;P0:FPiN;f9?HTmR;Uh=FNaJ 3Eh^HTl2GRl0169@HW1RD5i?0Uh_00AEkU7>DLi=[@EAk`03DO1Akdg?009=cP07CNi9cTW=BLe5[3eZ >DT00SeZ00@iJT6;AJa5c099c003AJ]1ZSUX008eA`08;@DXi2d4;>@X`bSS;>@`i08/``03<>@/i2c3 00NKiiWFe:f@S0eZc5Y0bTW00/Y1bC58:<]9cUZ=FTmZcf/>HXm ZcV:008mZ`0@>J/mcCEZ8>H@HPPP244DQ1BU58D00@029B]BUV;jHaX2Je`03FLjF]MJmekhIcY[FeZE 3EH^FTiJ;UH^EReF;UH>DNeB3UH_0UH^00EF3U8=ENeJ3Eh^009R;P05GRiN3Eh]HRmRC`02 GRl00f9@HW1NC`03FRl035G^DLeAcTf^CNmB457_DO1B45H@DO1Ak`9=cP03CNm9kTW=0095c@09?H/i JSf;>FXeBCeZ@J]5[4G<00=5b`05?HTiJ3UX@00bcS<>@`i003;>@04Rc4;>@`i2cS;>@a 1345>DLmJD6ZBLa>3U8_EU5JLUZCEW9JL`9JT`03GYAJU5Yc009JL`04FY=JLeYbFW8CFY<00eZDFY=J T`0AFY<00008IcacWW>NIe]F]TH`HX00SV[010i [3g=?LdaJQc5468481235:D@Q0@Q004@QT8BE[MRnP9W?00:G_UB]U[GHaU[FVLIAQ0TicUYCL`2CJ/2 DL/2EL`06e7DU1RD6:?HU5bdW/AJXmJ3eYBL]=k58CLe9cTW^BLi5[D6/?H/iJSf;>FXeBCUZ?H]1ZdG< BLa5ZdG;@JX2>FP013E7@`i2cT;<@`i344;>@/hc44008a1@0:>DM1ZTG; BNeB3eI@EW5JLUIbFW82FW<00eZCFYAJL`02FW<2FY<2FW8WFY<0000BJeacWW>NIe]FeTHa=J/]JBTW ;DLY9bT69J/iZ`8i[00N@Ldm[2e97 CWERnVLlIc]Jf5JfF]MS66LiF[H]BBdX?HY9Zdg;DL]=ZU7<0UG<0e7<00aEkEX=GRmN;eG]BHTi9SDV ?DPmJSUY?HT2@HT2BL/03D69?FQ5ZTg/DPaAk5800=RD6IaHU0015X_00UF3U7^DNiAcDf]DNi=kdW>BNh00U7_0dg^00U=cTV/BJa9cDW> BLe5[46/?H/00cUZ00LeBCUZ?FY1RdF/ALa5Z`02BN`02T6Z?HTiJCEX@a12cT0S3T00@00S3T014/i344;>@/i3DV?FU1RTF[CNeB;eIAFY=NTeZCFW9FLUYc009JT`9JL`=JT`03FW=J TeZC00AJT`03FYAJTeZC00AJT`AJU0MJT`03FYAJTeZC00aJT`0000Q[G7=nKii[FeKFAS0eZbeY0bTW 00DY1bC58:D]:3EZ008m[08iRP8mZ`J`mc3V/Dic;BPeBDF[BJ/2CJX00df[DLaAc002DL`02eGDP00T6:00TmJD6:AJY9jdFZ?FQ1RDW;DP`00eH]00]J;EY>EPe=bdVZDPeF3E8>ERmJCei?009RL004 GW1NCei?GTl2GTh04Ei?GRmNCeh_FRmF3UX?FRmF3UH?FS1F3dg^DNi=kTg>BLd00Tg^00A9cDV]BJa9 [095R`95S0A1S003?H]1JSUZ008iB@0@>FXmRd6[@J]5ZdW/CNe5bcf:>HTiJC57;@DXi2cT;>D3;>@0 1BcS;>@/`bcS;>@00S3T0RcT00Pe9SeY@HU1ZdW]CPiB<5Ib0UZC00EJLeIbFW=JLeZC00=JL`03GY=J TeZC00IJT`EJU09JT`AJU003FW=JTeZC00=JT`=JU0aJT`5JU00000U[?6mnKii[G5KF@Q0eZc5Y9BL0 0bTW0R3500DaBCEZ>H`mcCV;00J/mZcV[008iZ`0J>J`eRcF/9BL@P`aR48<@Q0Q300400RD: CWEW>fDL]1J3TV=BLiB3e9 @HY1RCeY@JX2BN`01T69?FM5ZDg[EPeJ;P9JCP03FReJ;UH=009=b`9B3@09ERiJCeY>GTmNKei@FRiJ 3Uh_009RC`07GTiN;UX^EPiJ3UX_FS000UX_00UJ3eH?FS1B3dg^DPmB3Tg^BLd00TF]00=5[4F;AH/0 0dV/00=9S4V/AH`00TF<00]1S46;AH/mRSUZ>DTiJSeZ@H]1ZdG<009=k@0@/hbcT0RcS010`i2c3;>@`i2cT;>3U8`EU9JL`9JT`YJL`04GYAJTeZC FW<2FY<9FY@3FW@00eZDGYAJT`02FY<4FY@H/2?J`06SF;8>DDXaB336<<@`@1004BHe1CDW?FTmRT6[?FXi JDF[CNe9c3eY?FQ9bU8EReF;5X]EPaAje8;009F;@03DPeF;UY?00ENC`08HU1RL5i?GRiJ ;UH=FRiND09J<09F<004DPmF3UX_FRl2EPh2DNh0157>BLe=cDg>157>00MEkUG>DLiEcU7=CJe9S002 BJ`01T6;@F/mJSDY>DXmR`91[00WALe9kTW]BNe5c46:>FTiB346;>D/i2cS;@@/i2cS<>@/i2cS<>@a 133T:<EU5JLUYcGY=JTeYbFW=JTeYc00MJT`9JTP9JL`IJT`IJU09NU15J T`9JU00000Q[G7>OKii[G5:e@S0eZc5Y0RTW00T]:2T78H/00SV[0SV/00@iZcF: ?J/iZ`8iR`8iZ`0D;DPY9bTX6:D@H`@100000ABVBS=S6VLJF[MNef;GCQ0/icDX>DU5RP99ZP08BJ]= Ze6/DL]AZe7;ELaIk@9RC`0@DL/mAc3U=@HiAd6:AJa1RcE9?FU9c4g]@HXmB469DN`2EPd00eX^FTiF ;@02ERd2DP`01UH]ERiF;UH^FTmND0=NC`9RL00;HTmNCf9?GTmNCUX^FRmN;eH?ERmF3`02FS02FRl0 1eY@ERmF3U7^ENiAcU7^009F4004ELmAcUG?ELl4ELh00e6]CHa9S002BH`00d5Z@H]1J`02>DT05Se[ @Ja5[4GBNe1Zcf9>FPiB346;@DXhbcT;@@`i2cS;>@/hbcT0S3T00`/hc45<@Da1SU7?FU1 RTW=CNiB<5IbFW82GY<2FW83FY<2FW<3FY<3FY82FW<6FY<2FY@01EZCFYAJU5ZDGY@015ZC1EZD25ZC 0EZD0EZC0EZC000026/lLgi_WVMKE]I2<3F[H/052e9>J]1kS5[9>P@I0@R00400S5]EYIW6UkGH_MReTG=;>He:3eZ@FX3BJ/06Df[CJaA be6[ELaIk5W]HRiJ3DF9=@He1CU7>FQ1RT6[?HXiBD6:CNe9k3U8>DM9ZUH=009F;@9JCP=F;@03DPaF 3EH^009F;P06ERmND5i`GW1NCeh_0UX^00=N;f9?HTl00Ui?00AF3UH=FRmJ;`AND00FFPiJ;eh`GRmJ 3eH?FQ1EkeX?GS5Il57?ELmAcU6^DJeASE6]EJe=S4e/BF/2ADX04d5:@FY1Jce:>DTmJTF[AJa9c4W] CNe>3Th=AL`mRSeY>FPe9c45008Xh`08;>@/hbcS;>@/h`8`i00:<>Da1CDW>DQ1RTGFY<8FY@3FY<3FY@00eZCFYAJU002FY@00008JcacOW>NIe]FeTH` =J/aJ@HXiRP@mZ`0A=HX]B3f[BPm5kcV=9@PLaacX7>Te STHBE[IJ]UkFH[E5c@02<@H02T6:@FU9ZdV[BH]9Zdf/CJ]AbeW<0eW/015=bceX=@He9SU8>FPmRD6Z ?HXiJD6:DPe5ZcU7?FQ9beH=009F;@9JCP07EReF3EH=DPeF3EH^FRl00UY?00END5i`HW1RL5i?009J 3P03GRmRD69`009NC`9Ak@9J;`9ND09J;`03FPmJ3Uh?009N3`0:GQ1N<5X@GS1RDUhAELmE[e6^CHd2 CH`4CF`00dU;ABY5BP02?BP04SdY?DTiBCU9@HY5RdWDRm=kDF[@HXiJ3E7<@DXh`8/i00E ;<@a1C46>DM1RDG3e8`EU5JLejC009JLPUJT`03FY9JTeZC00YJ T`9JU003FY=JU5ZC00AJU0=JT`04FYAJTeZCFY<3FY@00eZCFYAJU002FY@00008JeecWg>oIe]JedH` =J/aJ@J/i[3V[008eR`8iZ`8iRP0Z?J/mZSf[?J/eRRe8>H]5kTG_?Jd] BSF<@Q5>M4iD@O5:De:DEYAJTd7<;@H/iT6:@FU5RdV;BHY9Zdf/CJ]AbeG;GNaN3EG/CL/i9bc4=@Hi Acf90T6:00TmRSeYAJY=kD6:>BM5RU7/EPd015X^00EF;E80UW^00EIkeX?GQ1RLi1cTY008iB@0@@FY5RdgERmB;TW@2<>@01RcT;<<`i08/i00:<@D/i346?FU1ZdG<5IAFW8BFY<015jCFY=J TeZC0UZD00=JLeZDFY@00eZD2eZC25ZD00002V]MLimc_fMKE]I2<3F[;FTY9bU70RTW00PTiR34:@Lm Zcg<>J/m[3V[0SV;00J/00SV[01TiRSf[?J/eRBdX>Ja5kdH@>JdY:CF]CU=Jee[H@Q924Dic EY=JTd6/:>D]1T6:?FU5RP02BHX04DV[CJ]=ZU7;ENaN3EG/DL]1JBS3::ERiJ;eh_00=J;`03GRmRLF9` 009NC`04EPiJ3Ui?FRh3GRl01EX>GPiIkUG=EJd00eG>00UIkeh@FNm9S3dY@DY5JdF;BJ`00TF;00=5 JTU[ADX00T5:00e1BCD7<>He1cT8>BTmBD5ZAH]=c4g/CNeB3@02ERl03Tg]AJ]1RCf9?FPe9RC3:<<` i2cS;>@/`bcS<@@3<>@03C3U<@D/i2cU?FQ1RTG;eIAFW9JTejC011JT`04GY=JTeZCFY<2FY@0 0eIcFWAJU002FY@00eJDFY=JT`05FY<00eZBFY=JTP02FY<01EZdFYAJTeZCF[@00UZC000046]LLii_ WVMLD]I2<3F[;FTY9be8:DPY1b358<@]9cf[0Sf/00HmZcV[>J/iRcV[>J`2>J/06cVZ>HXmZcV[=HXY 9cV]@Nm643V^:BTaS4YCF[MNf4XcAQ5BLeJCEW8mRRC4<@HmRT5ZAHY9Z`03CJ/034fZDL]J35X=EN]9 ZCDV:<@a1Ce7?FU1ZP8mR00BAJY9bdV[@HXi9ce8CLaF3Uh_GTmJ;UX=EPeJ;EH00ANCf9`GRiJ3@9Ek@05ELeA[56/CH]=J`02DH`05e6]CJe9 S4E[?BPe1STW?DTi:3U9=DTiJCU9?DTi:33V=@Pi:2d7:BP00Se900U1RdF[BLa=kE8>ETmJ Ce8=BJX00T6900LmJCUX:>@TXRcT<@@`i003;><01C3T;>@`i2cT<@D00RcT00TiAcf:ALa9kTh_DU5F LUZCGY<015ZC00AJLeZCFY=JL`AJT`03FW=JTeZC00EJT`9JU003FW=JM5ZD009JU003EYAJTeZC00MJ T`03FY9JTeZC00AJT`5JU05JT`5JT`0000a[G7>OKii[O5KF?S0aZbeY:DL]B2TW:@H28<@022dX?J]1 c3f/>J/iRcf[>H/3>J/00cf/>J/iZP02>J/02CF::DPi[D7_AQ0mcRe:GRmJ;eh_GTmJ;P03FRd2ERh00eX_ERiF;`02ERl2FRl00eH>ERiNL003GU003eH^FRiF ;UX^GU1RL5X=EPeEc5G=DLa=Zdf;CF]9J`03CH`024V;@DU1JT5Y=@HiAd6:@J/2AL`05dG=@J]5[3U9 ;>He1ceZ;@LTYBcV<>Li:Ce9>DQ1RdW3Th=ERmNL5H^CL/00TFZ00DmJ46:=DLT`bS3008a1003 ;>@/hbc3008/h`0<<@D/i345;>D/i3DV?FU1ZdW]CRmB<5Ib1UZC00=JLUYcFW<00UYc0ejC0UYc00AJ TeZDFY=JL`EJT`AJU004EYAJU5ZDFW<5FY<2FY89FY<00009Jeeg_fnNJgaFeT8`=J/]JBTV008]A`07 9@HPa1bTJ/ibcV[=HX]B3V]@Nm6447>;DXeSE9DF[IJUdHAAQ1F LeIbEW4iRRT6=BL2?FT00dF9BHY=Z`03DL/02eG[FPeEjdfZ>DLTXc3U?FU1JD69?FT00T6900M9ZTg[ @HTe1STWBJ]F3P02FRl015H=FRiRCei>0UX]00INCUX^FPiJ;eX^ERh2FRl015H^FTmF3EX_0Ui@00AR LEX^FPiJ;P9N;P03HTmN;UG/009Ac00=CH]9JTUZBHY5BD59BH]AcDg=@F]1JDWLe2CTY=BTmRdW;CNeB3E7/EPeN;eX_CL`00TW;0Sf900De J2T49<8XhbcT00@/hc3T;>OKiiWG5;F@S0eZbeY9BH00RTW00LY1R347:J/00cW;>J/iZP02 >J/05SV:;DPi[D7_BQ11cRTYHXXiC4V?FU1JDF90dfZ0U7;00QEk5X= EN]9RCDV:<009J;@03FRiF 3EX^00=J;`06FTmJ;eX^FRiB3EH>0UX_00]ND5H>EPeJ;Uh^GTiN;UH=DLaA[4V:0091B@0MADU9JTEY AFUAkEX`FU1F;dg]EU1R/ejbFW5FLEZcIaIRmEZcDW5R]6;DCRm>3e9@>HXD@AQR<@Le:@02=DT00cf; AJ]9c003DPd03EH^FTmAkDW;CNa5ZcfZ?HTa9RC2:><]12cS008`i006;<<`i33T;<DU1JLUZC0UYc1eZC00=NU5ZCFY<00eZC00=JTUZCFY<02EZC00AN/ejdFW=FL`9JU003 FWAJU5ZD009JT`07G[=JTeZBFY9JTeZcEY800UZC000026]MLiicWV]lE]I6<3F[;FT2:BH2:BL01RCU 7:Je5kdX@?Jh]:SE]BS<2F[L024HBAQ1FLU9aDW11bbT5@mB003@HT033eX@HU9bdW:@HTmB3DV@HU=k5X_GTmJ ;P9NC`07GTiJ;EX]GTiJCUHDLa= RdV:@FTi:3e9BJ]EkU7]BLaF;f:BI]AZmEjbG[=VmF;DFY=FLUZCIaMRmE:BCU1N/f;D009BD00;FY=: 3Qb3568Y1bd7@/ ``8`h`0=;>OLimWFeKFAS0e Zc6::DLY9RTW;BLTiAbSJ/iRSV[00HiZ`8iZP0G>J/iRbe8>Je5kdH@>JdaBcV>BS9J ]ejgAQ55l5IbEY5FL4G/;BH]1CeX@FQ5R002BJT02dfYDNYJ35HDQ5RTg/FRiJ;eX^HW1RKei>0UX]00=J;5X]EP`00eX^0V9`00INCeX^DPe=k58=EPh2 FRl01UH^EPeJ;UH=DPe=c0A5JP0W?DU5[5H?HW9NLE8>ETmRdflfLeMN/eZcJcMW5eZDBQ1> DDG^DU1JLDh>CPmJLTh`8DLmJD69BLa>3U8`EU5JLejDFYAJLeJCFY@00UYd 00=JLeYdFY@00UZD2UZC00=J/eZCFY800UZC0UYb0UZC00=NU5jdFY@01UZC00EN]5ZCFY9JTUZc009J TP0000U[GG>oLkiWFeKF@S0aRc6:;DP00RTV00@]9bCT7:J/mZcV[00HXiZcV;;BPiS002BQ004CV=;D/eSDHBF[MNf4HAAQ1FTUJAEW15k2dU;@DmJ469AHT00TfY01IAbUG[ FPeF34g:BHTi9S3U<@DmB46:?FU1JDF:AJ]9bd6:>DLmB3eXAHYAk@9J;P06GTmVL6J@GTiJ;EX/0eH< 00eF;EX^FRiRL6J@GTmF;U7/CNaF3UX^GTmJ;P02DPd03EX^EPe=c46:>BQ5RdV]BJa5[58?GY9V/f:b 009FC`0@JaEcEf/fEY5BLFmHJcQ:435:=DYFLe8`?H/eBD6/BLd2@H/03Dg^AL`PY10P7:@TaBd7=BQ1 RdF/ALe9kDh>009B;P9B3@04BNaFCeH_BL`2?FP02SU7:<<`hc44;>oIe]Fed8`J/mZcf[>J/mZ`02>J/2>HX05CV[>H/]:3V/CS5:43F<;B/eSDHAF[IJ]dXABQ1B LUIaEW15k2T5<@DmJ002AHT03Df9DJUEbUW[GPeF34g:@FPdiBcU00IRL6JAGTmF3Dg[CN`2EPd07eH^EPeF 3UX_DPi=c46;;>HPPd6;FU5FDDW=BNeRTfkeJ]=B;Th=I_A_=UZB@J]:3V;eDU4aBSE:?H]9cTG=008m J`0CAJa5Zce9>BQ1JSUY;>HXiC4X<@La:3TX?DTiJCUZ?J]5cDW^CPh00dg]0UY@00M=kCeY?HTmRC4U 9:8X``02<>@2;><00c3S;>8/h`02<>@02Bc3=@DiAceYAJ]9kDh>DS1FLP02FY<01EZDFW=JLeYcFW@0 1EZD2UZC00AJ/eZCFY=NT`9JT`9NU0aJT`03FY9NTeZC009JT`0000Y[GG>oLkiWFeKF@S0eZbeY;DPY A`8Y9`038<@HPcEY00PmZ`03>H/mZcf[008mZ`0@>HXmZcV;;BPm[4X@AO0iSBe;=He:00M1ZdW=CLiAkTg_ BLe=kP02DNh00dW=AH]1JP02?FX2@H/01CE9=DPeBC4X@2;><00c44;>8/h`02<>@02BcT<@De9ceYAJ]9kDh>DS1FLP03FY<00ejD FY=JU008FY@>FY<2GY@2FY<2GY@4FY<00ejCFY=JT`02FY<00ejCFY=NT`01GY<00008Jeec_g>nIe]F eT8`=J`]J@8]B005:BL]9b3468H/00cf[>HXiRP02?H/3?J/08cf/>H/]:3V/BPm5kcf^ ;D/eSDXbF[IN]TXABQ1BLUJBEW51c2d6<@He9dEYBHY=RU6ZFNaN35W[DLY5RCT6;>@a9cUX>FT00T6: 00I1RDF[AHY1JD69@HX2@FT03TgFXiB@02=DT01RdX@00S440S430c3T0S3U00La1SU8@H]5c4h>CRmBD002FY<00ejCGW=J T`02FY@00eYcFY=JU004FY@:FY<2FY@015ZCFYAJU5ZD15ZC0UjD00=JTUZCFY<01EZC0EjD0EjC0EjC 00003f]MLkmcWVnMD[I2<3F/;DTYAbe8:@H]9b347:J/iRSV[>JXiZcf[ 0SV[01Tm[3F;;BPiZdH>APlmcRe;E5JgF[I:4DH@DW9FTUIaANd]9c46=BM5JTV;CJ]Ac002FPd0 1U7;CJY1Ic3S<@@iI`8iJ@08@HXmRD6:AJ]1RSU8@HU5ZP91J@03DNeJ;Ui?009NCP9RK`05EPeAjeH< GTiNC`02GTh2HW02FRh2DN`05Tg[DPaB3E8=DNa9bd699:@HHSE:DS5JLTG>=FY1[DG<@J/mRdW]CNe9 k4W;0U8>00MNLEibES1F<5YAFU1F;`02DPd03Tg3e8`FW=NU5YdGW@015Yd00=JU5jDFY@01eZC00=FTeIbFY<00UZD0UZC0UZD 00ANU5ZDFY=JU0AJT`03G[AJTUZB009JTP=N/`03FY=NU5jC005JT`0000m[OGNoLii[O5:fAS4e[2U8 :DL]B2D6:BLPa1bS=FT013f[1CV[00J/00cV[020eJRdX?Ja63TX@?Jd]BS5/CUAJ]eZfAQ56 459bEW9FLDG/:@Ha1SU8@FU9RU7DM1RDV[ @FU5RE7/FRiNCUX]GTiRCeX^009F3003EPeJ;EX]009J;P9VT@0HFRiAk4g;CN]=bdg[CNa9bdFZ?FPe 9bC48:@iJTW_CS15kT6/BNi>3e8_CPmB;dh>0U8>0UY@00MNLEYADPmF<5iAFRmAk@05CL`02dg=BJa= cDg=BJa9ZdF;@H/iJCU9>FX00SE900/aB359=DTeBCEZ?Ja1[3f:AJa1RTg]009JD006DPi5ZceY?FTa 1BBS0RcT00Ha12cS;><]0c44;><2<@@2;>@01cU7@HU5c4W]BPiB<5Yc009NU0AJM0=NU0MJT`03FYAJ TeJC009JU0AJT`04FYANU5ZDFY@2GY@4FY<00ejcFY=JTP02FY<01EjCFY=JTejCGY@00EZC000056]m MkmcWVMKD[I6J/00cf[>J/iZ`02>J/09SV;>J/i ZcEZ;DTm[4G^BQ0m[Be;DQ5JDV:DLaEk5W/EN]=bdF9=@D/ i3U7?FTiJ3f9@HX2AJX024V[@HTiAd69BJ]5RDF:DN`2GRh02EX]HTmRKeX]CL]Ak5X]FRiF3@02FRh2 IY003EH=CL]9bdW;AJY5bdFZ@HTmRCeY?HTmRSf;0099kP03CPm9kTW^009>3`06DRm9kTh>CPiFD5H_ 0eH`0U8>00AJ<5i@EPmAc@=9Z`95Z`99[00;CLeAkTg=BJa5Rd6;?FXiJSf:>FXiBP02=DT00cE:=FXi JP02@J`2@H/01SeYBNeF;eH_DPi5Z`8mJ@04=BLXa2S3;>@2;@@03bSS;>@a133T;>@iAT69 AL]9kDX>CS1JL`02GY@4FW@2GY@00eZDFY=JT`05FY<00eZDFY=JT`03FY@01eZCFW=JTeZDGYAJU5ZC 009JU0AJT`03G[AJTeZC00IJT`9NT`00015[GGNoLkmWFeKFAS4aRbU9:DL]B2TW:@HTiAbSJ]1kTX@>Jd]BcF=AS9JeeZfAQ5:DPiJ3eX@HU5RT6:AJY9ZceX>BM5RTVZ0TF900aEkEh_ GRiJ;F9_IW1J;DVZCL]J;Ui?FRh2GTl2HW002eG/CL]=bdg3Th? CPm>3Th?BLe=kU8?FU5FD5H`DRmB<4g^ERmJ<5X_DNiAcDg@012d4;><5IbFY=NU0AJU0YJT`=JU005FY=JU5ZDFYAJT`05FY@00ejDFYAJ U005FY@3FY<00ejCFY=JT`02FY<1GY<0000:JeegggNoIe]FeTHa=J`]JBTW;DP2:BL01BCV7:HX00SV[01diRSV[>J/iZcf[>J/eJS5Y>J]5kTH@>Hd]BcF>AS9JeeZfAQ5:Da1P02>DP043eY@HU5RTF:AJY9Zce8?DM9ZdV: AHY9RUX=GTmJ;Uh^0V9_00IF3DVZDNaJ;Ui?FRh2GTl2IW0025H=CL]=k4g]BLa9cDW]BLd3BNd2BNh2 ALd00dW^CPi>3P02CPh00e8_CPmB;`02DPl2DS03DPl0358>DPmF;eH?DPmAkTg^BNe5Zd6:AJ]9c09= c@08BJa5Zd5Z@FY1Zd6;>FXiB@FXmRd6<@Ja5c4W=?FXa1Sf:CNeB3Tg]0TF[00LmJCUX;>DT `bcU;>@a1@02;>@04S44;@@/hbcS<>@a13DU?FM1ZTG<5IBFW=NU5ZDFY=JU0]JT`=JU003FY=J U5ZD00AJU003FY=JU5ZD00YJU004FY=NTejDGY<2FY<1GY<0000FJeag_g>oHc]B]THa>LdYBBDW:DP] B2dW8>DLXc59?J`mc3V[>H/m[3V[>H/2>J/013V:>J/iRSV:0Sf[01HaJBTW>J]63dX@>Hd]BcF>AS9J eeZf@Q564EJCEY9FLD7<;@D/iCeX@FU=ZP9Ek008DL]=bdVZ>BH/iCDW>DPmB091R@06AJY9bdVZAJXm B4580TV[00Q9ZTF:EPeNCeX^HTmRL5i?0Tg;00AF3EX^FRmJ;P9NC`9VT@06EPe9Zdg/DPi=kDW]0Tg^ 00Y9kTW]BNi=kTW^ALe9cDg^DPiB;P9B;`05ES1B<5IAEU5B<004ES0015IADRmB3e8?0Th?0Th>00Y= kTF/@H]5ZdF/BLa=kDW=AJa1RP91Z`04?FXiJSU9=DT3>DX2@H/02D6[ALa9cCUYEPm=k@02 AJ/013eY>DP]1RS30RcT014a1C3T<>@]133T;>@`hc3T<@@e9Ce7@HY5c4W]CRmBDEYc009JU0aJT`03 FYAJTeZD009JU09NU0EJU003EY=JTeZC00=JU005F[AJU5ZDFYAJ]002FY@2GY@00ejCFY=JT`01GY<0 000?Jeag_g>oHe]B]T8@=J`Y:2DW:BL]:2e88De 9cU7?FQ1RD5YAJY9bdVZAJXmB45XBL]=bdV[@FUAc002FRl01V9@GU1B3DFZBL]F3@9J;P03FRmJ;Ui@ 009VT@0PERi9bdgCNi9cDW]CNiB3UH^ETmF;eH`DS1F<5YAEU5F<5Ha EU5F<5YAES5B40A>3`0;DPm=cDF/AJa1Rd6[AJa9kDG=@J`mRP02@J/04SUZ?FXiJSU:>FXiBCU:@Ja5 RdF/BLe=kD6:=BQ5Ze8?DPi9c@95Z`03?FTiB3DV008Xa004;>D`i33T<>D2<>@03RcT<>@`i3D4<@@i AT69AJ]9kDh?DU5FLUZCFY@9FY<01EjCFY=JTeZDFY<00eZD0UjD1EZC0UZD00MJTeZDFYAJU5ZdFYAJ T`04FY@2GY<00eZCGY=NT`01GY<0000DJgec_g>NIe]FeSg_=J`Y:2U8:BL]:2e87<@LY3EY?J`mZcf/ >J/iR`8iZ`04?J`mZcV[>J/2>HX06Sf[?L`eRRTW>HY63dX@?Jh]:cE]CUAF]U[FBS9:DLmJ469@FT4AJX03cU7?FQ=c4g1E8?01EB<58@ES5B<5YAFU9B458`CQ19kTg_EQ1AkdW=AJa1Rd6[AJa5cD6/@H`00d6; 00LiJSe[?F/iJSU:>DTmJP03AJ`03dg=DNi5ZceZBLeF;e8>CNe9c4F[?HTiB3DW;<@X``02<>D00c3T <>D`i@05<>@02S3S>BHmJ4F[BNe:3dh`DU5FLeZD2EZC00ANTeZCFY=NU0=JU003FY=JU5ZD00=JT`QJ U003F[AJU5ZD00AJU003GYANTeZC00=NT`0000U_OG>oKii[G5:f@Q0eS2U8;DP00RD600LaB2CV7:J/mc004>J/2?J/00cV:?J/iRP02>J/033g;=HX]B3V[ANi:43g>;B/eKTiDF[MJ^09:D2>BL2@FP07469BJ]5ZTV[AJXi9T5XCLaAkDg<@FU= beh_GU1RL5i@CLa5RTg;DPeF3EH^EPi=c5H>HW5VTUi@0Tg<00UJ;ei@ES1JDEY@DPmB;dh>CNh0158? 0UH_0Th>00=B3UH_DS000e8?00=F45H`ES400eHa0U8`015=kdg^DPmB3dW=@Ja1RdF/AL`mRcUZ=FXi JSV:>FXiJCf;008iJP0F?FXiBCf:BLa5[4g]DNe=c4V[AH]F3ei@DPi9c4G@2<>@03BcT<>@`i2cT<>@/hcD5>DM1RTW3e9A00AJT`06FYAJLeZDFYAJTeZc1EZC1UZD0UjC 1eZC00=JU5jDFY@01UZC00ANU5ZCFY=NT`9NU00001=[OGNoLii[G5JfAS0eZbU8;FPY9bD6;DPTiAbS =FTmZcV[?L`mZ`02>J/01CV:>J/iZcV[?J/00SV:0SV[01PeRRe8>J]63dX@?Jh]:cF>BS=F]eZgAS96 DL00d5Y@FQ5R@03BJX04DF:>BI1J4g< EPe=k45YBJ]J;f9@HW5ND4gDPd00UH>0Tg<00iF3Ui@FTm=c4g]FU1NDEX`FU5JD58?DRmB 3e8>0e8?0UH`00UB;dh>ERmF;e8?ES1J<5H`EQ000UH`1E8?00YB<58?CNi>3dW=ALe5[46;@J`mR`8i JP06=FTiJSUZ>DTe:3U90SUZ0SeZ00Q1RdW@a1344;>@a1CU7@HU9c4g]CPmFDEZC0ejD00AJU5YcGYAJU0QJT`AJU0IJ T`03G[ANU5ZC00=JT`9JU0AJT`05FYANU5ZDFYAJT`02G[@0000CJeeg_g>NJe]FeTHaH/mZcf/?J/00SV[00DiRSV[>HXiRSV[008iRP0;>J/iRSF:;DPiRdX?BS4i[Bd[=He6 DLiB002@FP054F9AJY9 ZTFZAHTmAdEYCL]F3DgGU1RL5X^AJ]5ZU8=ERh2DPd03EH>CLa9c4gDNi9[4V[@HTmJ3469:@2;>@0333T<@@a12cT<@De9SeXAJ]9c4h>DS1JLP9JT`9J U005FWANU5ZDFY=J/`06FY<015ZDGYAJU5ZD1UZC0UjC1eZC00=NU5ZCFY<00UjD0UZD0EZC0Ejd0Ejd 00001f]LMmmg_fMKE]I6<36;008]B007:BL]B2T68<@PaC59>H/00Sf/1CV[00J/00SV[00lm ZcV:=HX]B3V/APm:43V=;D/eSDHAF]MJ]TH@BS400U9c011><3E8;>He9d6:AHY=Zdg;BJY=jdW:?DP` iCD6>DLiB091J00=AHU9ZTVZAJY5RD5XAHY=be7/DNe1J4F9EPd00Ui@00EB3DFZAJY=kE8>009B3@03 DNe=kE7]009=c006BJ]5ZdgCNh2DPl045H?DPm=cDF/@H/m JS47>DQ1RdF[BLaAkEH>CNe=c5H?0eX_00QF3UG^ENi=[4f[AHXmJ3D60RRS233T00`a133T=@Da1CDW ?FQ1RTF[BNe>3eIAEU82FW<00eYdGYAJT`08FY<3FY@2FY<2GY<3FY<01UYbFY=NTejCGYANT`=JT`03 G[ANU5ZD009N]0=JU09NU00000Q[G7_OMkmWFUKFAS0aRbeX0RTW00H]B2T68<@TiC59>H/2?J`4>J/0 0cf/>J/iZ`02>J/01SV:>J/iRSV:;cE8<@Li:46: 0099Z`0ERmJ<5H>0Tg=00Q=c4V/CJa=c57^FRmND5ia0V9b00ERDEiAGU5J DEY@009F;`03FS1JD5X`00=JD009GU5JDEYAES1B3eH?DPm=kU8?009=k`06DQ59kd6]=BTa:4F]0Tg^ 15H?01]B3e7^BLe5Rc47=BM1RdF[CLaAkEX^EPiAkEX`FRmJ3eX_ENiEkEG=CJaA[4V:?DPe1RS49:80 0S3T00@01C3T014a1C3U<@De9SDW>FQ1ZTW=CPmB<5IAEU9JDUYcFY=J]5Zc00EJT`=JU0YJ T`9NT`03GYANTeZC009JT`9N]003FYAN]5jD009JU05JT`5NU05NU000015_G7^oMkmWFeKFAS0eZbeX :BH]AbTW:@HPa1bT=DTm[3f[008m[0PiZ`0H>HXiZcV:>HXaJCf/APm643V=;D/aK48AF]MNedH?BS1F U5IcCRla9c47>DQ1JDV[0TV:00IAk4g/BL/i9bc4=BH2?DP00d5Y@FQ5R@02BJX04dF9@FQ1J4VZDLaF 3EX>BJY5REH=HW1NCdg/BL]9Zdg/EPiAkUH>00=J;`0=EPmF3UX?FPmEkU7=DLa9ZdV;CLaAkUX?GU40 0V9b00ANDEYAFU1ND@9J<09ND@03GS1F3eX`00=J<0=F;`03DPm=kTg=009=cP9=k`06AJe1S3e[@H]= kU7^0UH?0eX`025F3e7^CLe=c3TX=@LmBDF;DNeF3EH>ENeAkEX_GS1J;eX?ENeJ3UG]DJaEkDV:?BLi 1Rc49:8/i33T;>@a133T;><00S3T00@0134500Ha9SE7?FU5[4g^DPl2ES4015YbFY=N]5jd 1EZC0eZD1eZC00=NTejDGY<015jC0eZC00=N]5jDFY<00UjD1EZC00004FmMMkmgWVMKE]I6<3F/;FTY 9be8:BLY1b357:@eJSf/>H/00Sf/2cV[01deJBe8?Le5kT7_>Hd]BcF=AS9JeeZf@Nm:<5JDEW9:3S46 ;@HiB3eYBJ]9ZTV[EPiAkDF[<>D/a3TW008mB003@HU5R4V900=9ZP0BAHU5RTf[ENeF3UX^CL]5REH< HW1NCe8=BL]9RTg00UEkE7ALd2CLd02Tg^DPmA kUH?FS1NDF9aGU5N<5H>0U7]01e5JSTW?DU9[5H>FRiF3EG]DNeJ<5haGS1J3eW^GRmIkE7;ELa9ZSe8 >BL`iBB2;<@/i2cS008`i004<@@/i2cT<>D2<>@02bcT<@@e9SDW?FU5ZdW]DPmB458aEW80 25ZC0UZD00=J]5ZCFY<015ZC00=NU5ZDFY<00eZD0eZC0UZD0eZC0UjC15ZC00002FmmMkmcWVMKE]I2 43F/;FPY9`02;DP01RdW9H/iZcV/00LiZ`0A?J/aB2dW?Le5kdH?>Jd]BcF> BU=JeeZf@Nm:00I1RRS3;>@mB3eX@FT2AHT014VZCJ]9 ZdV[0TV:00M=be7]DNeJ;U7/AHQAj`02GTl01e8=CN]9RTgFPmN<6IcHU800f9b00=RLF9AHW400V9a00YRLUiaFRmJ;eX`DNi=cDg< CLeAcP9AkP03DPmF3eH?00AF3`9ND@0=IW9VTV9aGU1N;eX>ENe9RSdW>BQ9ReH>FRh00UH=00=EkUX` GS400eX?019N;eW]DLaEc4f[@DPmAc45888X`c45<@@`i2cT;><`i33S<>@2;>@00c3T;>@/i002;>@2 <@D02SDW=DM1RTg^CNm>45IBEW=JTeZB1EZC0UZD00=JTeJCEY<01EZC1UZD0UZC0UZD0UjD00=JTejc G[<015ZC00002VmnNmm_WF]LE[I2<3F[;FT]Abe80RdX00XTiR2T=DY1[3f/>J`m[3f[>J/mZ`HXmZcEY;BPmc@02AO001SV];D/eSDidG]MNeP9:<@03EW9:3d6/008a1`0:?FU5ZdV[BJ]Ak5H> DPi1RRRS<>D3?FP00d69AFQ9R@03BJX2AHX04DVZBJ]=beH=DNa5RDg;FRiNCeH=CNa=Zdg GS000UX?00IN3eh`GPmR<5h`GPl3HU002Eh?FPiEkE6/CJ]9[5G^HW9ND@02HW803f9BIW=RLV9AHW5R LVJCHW9F3Tg009ND00CHU9ZTfZdIW9RDEh`EPiA k4VZ?DTm:4V;EPmJ<57]EPeF3UX_GRl00UG^00]J3Uh?FNeIkE7;CL]5JCe8=@HX`bRS008`i003;>@` i344008`h`<`i003;>@`i33T008`i00:<>Da1CDV=BLmJD6[ALa9kU8`EU42EW8BFY<00eZDFY=JT`08 FY<4FY81G[<00008Kgikgg>NJgaFeTH`=J/aJP8]B005;BLY9b357:@aB@02?J`9>J/05cf[>JXiZT7< >FX]:3f/ANm643f^;D/eSTiDF[IJUDXaCS5BDDG^>HXa9c4X?FT00TF[00Q9ZdgGPmN3UW]0UG]00]=[4V[DNiJ469bHW=RLV9BGU9RLVIb009VT`06 FS1=c4F:DLaAcEH>0Uh_0V9@02iVLF9aHW1J;eH=EPiJ;ei@FS1RDVjeL]I^]69AFPmAcE7;CJ]1BSdX BHaJ3eX@DNeF3UX^GU1N<5X?ENiN3eh_FNeEk57;CJ]5RD5X?DPa1BRR;>@`iBcS<>@a108`h`L`i0@a 1@09<@HiB3f:@H]5cDX?DS1FDEIb011JT`03FYAJTeZD00QJT`06GY=JTeZBGY9NTeZB0EjC000026mN Nkmg_V]LE]M6<3F[JdY:S6>BUAJ]ejfBS400TX`00E1cC58FPiN3eh_0f8` 0Uh?0f8_00QN3V8_GPiIkEX>FRmAkDV[0TV/02QF3f9cIW=RDUiBHW=RLVIcHU9EkTV;BHYEkEW^FPiR <69@IW5ZLFI`GRmN;UX_FRiN;eX_HU5RLFZCK[EbeFZCHU5J3eG]DNa=ZcdY>@M9[09J<00>DNiF3UX_ HW5VLV9AGPmR;eh_FNeEk57;CJ]9RP91J006=BHTXRc3<@Da12cT1S3T0S3S0S3T00ha1345<@@`i2cU =BHiB3eYAJa9kDh?DS1FDEYb2UZC0UZD0UZC0UZD00=JTeZDFY<00eZC00=NTeZCFY<00ejC00AJTUjC GY=JTP5JT`0000Q_GG^oMkmWFe[GAS0eRRe90bdW00H]:2CV8J/013f[>J/mZcfZ0SV: 00`mZcV:EEkHG]L2CS4044G^=FTTiBT6De 9SU80SeX00=1RDF9AHT00TF:0TV[00U9RTF:BJY=beH=GTiJ;U7/BJX00TV[00==kEH>FPh00eX>00=I kUh>HPl00Uh`00IR<5h?GPiR3f8_HRh2IU002V8_GPiJ3EX=ENeAk4g=AH]=[EX`0V9B0UiB00YRLUiA EPm=[4EZDJaN3eh>HRmRC`9VD00;HRmN;UX>GRiJ3UX_GU1N;f9AJY=ZU002K[@02fIbGS1N<5X>ENe= c459?BU=cUhaFS000UX_015ND69bIY9RDEh_HRmJ3UW]ENaEc57;CJY5RD5X>BHXXRS2008a108/h`03 <><`hc3T00D`i00<<@De9SDV=BM1RTG3e8`FW9JTejC25ZC15ZD00AJTeZD FYAJU09JT`ENT`05GYANTeZCGY=N/`03GY<0000J/00SV[0cf[01PmZSf[>HXa:3f/BQ15l3F<;D/eSTHCF[MN]TG`@LhiRRCU :@Ha9cE8?FU5ZdV/CNd2EPh00dV[<@Ha1@03?FP2@FP2AHT2AHX3BJ/02dF:AJY=c5H=FRiNCeH=BJY9 RTg00=IkEh>GPl00eh?00=R3f8_HRl00Uh>168_01AN3UX>FPiF3U7=CJa=cE7^EQ1N DV9cGU9RDUX@DLe5JTV;ENeR<5h?0f8_00ER;Uh>GPiJ3EX]009J3P9N<00JIU9VLVIbJYA^U6IbHU5N <5G^DLa=Zd5:?DY=[UX@EQ1J<5i@HU5RLF9AFPmEkEX>ENaEk@9Ek00:DNa=ZTF9@FPi9bS39:4/i343 ;><2<>@01S44<>@`i344;><`h`8`i08`h`8`i00;<@De1C45=@HmJDF/BLe>3e8`FU9JL`02GY<7FY<0 0ejDFY=JT`04FY@015jDFY=NTeZC15jC00=NU5jCGY<00ejC0Ejc0EjC000026mMNkmc_VJ/iZcV:00H/]:3V;BQ564CF< ;D/eSTXcG]QRecf]=DXeJCE70T6:00=5ZdW;BJ/00TV[00=9bdW0Uh_00IJ3EX>GPiN3Uh?GPh2GPl02V8`IS5V DF8`HRmR<6I@HU1VD69@0Uh_01YJ;eH>ENeEkDf/BH]9[57>FQ1N@/hc3S;><`i33S0S3T 0S3S133T00/a1CD5?FQ1RTGNIc]FeTH`>J/aJRU7008]B006;BPPaB35J/iZ`8iZP8mZ`0JGRh00Uh_00EN3f8?HS1RDFIA009ZLP03IW9ZTfjc009VL@0:HU1N;eX>ENeAc57]ENeAc4g< DL`2CJ`01e7=CJeAcDV/BH]AcEG^009J3`0?FPiN3eh>FNeN;Uh_FPeF3EG]FPiN3eh`IW9ZTfZD009Z T`0;HU5RD5X?ENeAbdEX?BQ1BTf^FQ1ND@04FRl01EH>CLa=Ze7;DN/00e7/00QAjdg;CLa=c4W<>DPX i2SS0RS200@/hbcT<>@`i08a1003<>@/hbcT008`i00?<><`i33S=@Da133T<@@iAceY@J]5cDg_ES1J DUYb009NT`EJT`03GY=N]5ZC009JT`=JU0EJT`03G[ANTeZC009NU005G[AJTeZBFY=N]001G[<0000A KgiggfnNIe]FeT8_=J/]JBU8;FT]B2TW7:DPaCEZ@Ldm[002>J/2=J/5>J/2?J/2>JX06cf[ 00mIkUX>GRmRCeX=DNaEc5X>GPmN46IBIW=^U6jdIW800Uh_00]J3eG]CJY1AcdXBHa=cUH@GU5J;eY? 009J;`04EPmAkE7/DL/2EP`2EPd2DN`04Tg@a 10@`i00<<@@`i33T<>@i9ceY@J]5cDg^DS1FDEYb0UjC0UZC0Ujc00=NTeZCGY<00Ujd0UZD00=JTeZD FY<01UZC00QNU5jdGYAN]5jcFY=J/ejd0Ejc000027>NMmm_WF]KE[E23cF;JX01cg;?LXiZSVZ=HXaBCg=00964007>LhYBSV<@Lhm[D6=BLh0 0UX`00=N;f8`IU400f9@00iVLFJBHU1F3Ce7=BDe9Se7?FPmAd5X@HU1JD690dFZ00E5RTV:AHY5RTg; 009Ak008FReN;UX=BJY1J57;FPeJ309N3@03GRiN3Uh_009N;`08IU5RDFIbJ[A^eFjdJY=ND@9J<003 GU1VLVJB009RD0AVL@04GRmJ3EG/BJX2CJ/0657=FPmF3eH?GU1VTV9bEPiEkEh?HRmN;UG/CL]=ZeX> GPmN3V8`IU5VLfZCIU9N<09N3P05EJa5RSe8?BQ9S@02DNl01eX`ERiJ;eH>FS1J3e7]009Ac0=F3@0< DPe9bdFZ@HXmJTG=ES1JLEI?AL/iAc4U0S4500<00S3S0S44010/hc44<@@`i33S<>@/i345 =BHiB46:BLa9kE8_EU5FDP9NU003FY=JTUjc009N/`03GY=N]5jD00AJT`06GYAJU5ZDFYAJTejD0UZC 00=NU6:dGY@015ZC0Ejd0EZC00002FmmMkmcWV]kE]I6<3F[JX08cfZ>JXiZSVZ?L/mZSVZ?J/iRRe9?Le644X@?LhaBSE;?F`iJdg_EQ1NDF9AIU5R<5h_ FPiEkEh_IW5ZTV9aFRhmJ3DU>DL00T5X00HRmN;Uh_GPmJ3V9@IW5VTVZDJ[AVTf9bGU5RD@9VT`05JY=^/fIaHU5V L@02JY801FJBHU1RD69?EN`00UG]00QAkEh`GU1J<6JCL_I^eF9A0UX?019N3eh^EPa=ZdfZFNeN;eh? HS1VDFIbJY=VLV8`HRmMkE6;AHX2?DT04DV]CJi=cUH?ERiJCeX>GS1F3Tg8/hc44<><`i2cT<>@e1SDW?HT0 0TG<00UB3e8aEU5JLejdFY=JTUjCG[<00UZC0UjD0eZC00MJU5jDGYANU5ZDFY=JU002FY<00ejDG[AJ T`04FY<1G[@1GY<00008Kgeg_g>nJe]FeTH`J/0 0SVZ00@mZSf[?JXiZP8iZ`0L;DPm[DH?BQ0mcC59<@PmJdF/FS5NDV8aIU5ZDEh_FPiAc4f[ENeRD6Yb JY9RD45X=@Di9T5X@HT2@FP2@FT00dF9AJY5ZP03AHX3BJ/024gDNeNCf9@GU5Z]09bmP09K]ARLEX`FPmJ3UG/DJ]=ZUX=009R;`05IS1VD6IAIW9ZD@02HRl06eW] DJ]9RSdX@DY9SDFDNaAkDVZ@HU1JCDX=DU5cP02FW400e8^ CP`mR002<01S44<>@a108`i006<@De9Sf9AL]5c4h?0U8a00AJ LejdGY=JT`9NT`9JT`03GY=NU5ZC00EJT`03FYANU5ZC009NU005FY=NU5jdGY=JT`02G[@1FY<1G[@1 G[@0000?KgekggNoIe]B]D8`;HX]JC5Y;DPY1bTX8>DPY359008m[08mZ`05?H/mZcf[>J/eZP02>J/0 0cVZ?J/mZ`02>J/08Be8>Ja63dX@?J`]1bS6AFYAkUhbGS5N46H`JU5R<5X^DLa=ZU6[FPiZLFjbHU15 RCD5>BI1J4F9@FPmJ45X@HU5R@04AHX01TF[BJ]9ZdW;CL]Ak0=Ek009EPaAje7[EN]Ek5X=GPeN;Uh_ 00=RD005IW5VTVJCJ[AVT`02GU401fIcIY=Z]6ZdIY=^]6Ib009N<003HU5ZTVZC00=ZTP9RD00AGU1J 3Ui?IW5VTVZdJ[E^]G;eI[=JDEX`FRiEk5GBQ1 Bd5[AHaF45ibHW5JCeH=DNd2BH/05eX?GRmN;eG]DLa=ZdEY?DQ1JCU9<@PmJe8`EU5FCe8^AL/iJ345 =DHe9BcS:<800S4400H/hc44;>@2<@@02S3T<@Da1Sf9@JY1[4W^CQ1BJX00cf[02J`Y1RcVBJaJ3eX@FNiMkf8`IU5ZLF9@EPe9RTV9ELaR;fIaHTm5RCT5?DM1RDF9?FPmAd5XAHU9RTF9 0095RP06@HU5RTV[CJ]9Zdf[0U7/00AEk5X=FReF309Aj`05ENaJ3Eh=GRiN;`02HU003fIaIW9Z/fZC IY=RLV9cIW=ZU6JCIW9VTfIbJY=VLP02GS003FIAJW9VLVIbJY=^/fJBIW5RLEi?GRmRLFJB009RL`07 IY=Ze6JcGY=JDEH=DL/00UG/00UIkF8>GPiR3V8_HS1V<6H_GPh00UG<00iAZdEZ>BQ1BT5[CLiNDV9b HY9ND5H>DLa5JTV/0Uh`00AN;eX>ELaAZ`95J@0AAHY1JS48=DY:3eIbFY5FL58^AL/e9cU6>FHa1BS2 :<@a1C44=BDa1CUX?FPmRTG=CNmB45IAEW9JLP9JT`9NT`04FY=NTejD GY<3FY<025jCFY=NTejDFY=NTejdFY@2FY<00eZDG[AN]003FY<1G[@0000:Jgec_g>oHcYB]DIAJ`iZcg;>J/iZP02?J/00cV[;BPic002APl04CF: 8GPmR<6I@JY9ZTEh^BHU5J4V9EN`00V9?00=9RCT5@DP00TF90SeX00E1J4EXAHU5 RDV:0095R@0;BJY=Zdg;CJ]=be7GRmRD69A009VLP04K[AZ TeX`FQ02IW800fjdJY=RLP02IW801FYbHU5N3eh_HS000VIA00=RDFIaJY800VZB00AVLF9aHU1RL@=R LP0KIY=V/f[DJ]ENLU8=CLYEc5G/FNeR3Ug^GNeMkV8?IS1R3UW]ELaIc56;AFTi:3T9@FY=cUiB009R LP05FRmAc4V;BH]Ac@02HU4015X?ENe=Zdf:0Tf[00E5RT5Z>DTeBDG=009JTP9FL00?CPhmRSUW?HQ5 bSeX;>@/i33T008a100?<@D/i345nHcYB]D8`J/2>J`00cV[?L`mb`02?JX05cg;>HX]9cF[ANhmcBTX7:@a1df] FQ1R45h?HS1RD5h_JY5ZTV9?DL]=ZTVYCJX00V9?00E9RCT5@DQ5JDF900=1J095J0=5R@09AFU5RDVZ CL]=Zdg;DL]=beG/009J3@9J;@0FNeEZdeY@DTi1cT8@DU=[EH@GU9RLEH?CJa9Rdf/ENiRDEi@ ENiAk@02CJX2CJ/04DF9@FTiBCDY@JaJTUZCDU1FLEIACPi1ZTG:FTmB3C459:400S4400<`i2cT<>@0 0S440S4500`a133T;>@a1CE7?FU1ZdW]CPmBDEYbGY<3FY<2FW<00eZCGY=NT`03GY<5FY<01EjCGYAN U5jCFY<00ejd0UjD0EZC00004FmnLkmc_fMKD[E2<36[;HXYB2TX;DP]9b348:@eJT7=?L`00SV[00J/00SV/00H/Y1b2U>BU=[EW_HS1VD@02HU0035h_IW1Z /VI`FPiF34fZCJUNCV9?BHTm9P=5R@91J003@HQ5RDEY0095R@91J005AFU9RDfZBJY=b`02DL/01UG/ FPeJ3EX]FRiN;@=N;P04FPiN;f9AIW82K[@026ZDGS1AcU7>HU5VLVYcKY<2HU401f8`IU5R<6H`HU1R ;f8`009RD004GS1ND69@HW42IY82J[<02VJcK]A^e6[DK_E_5V[EK_IZdeX]0eX=00ER;f8>FLeMcF7^ 009V3`0CHRmN3EF;BFU1B3CV?DU9Re7=DNmJ@a1BcT<>@00S4400`a1C44<>@a12cT =BDmRD6ZALa9kU8_EU85FY<2FW<015jCGYANTeic0UjC0UZC00ENTeZCGYANU5jC009JT`03GY=N]5jd 00=N]05JT`0001=_OWOOLiiWFU:eAS0aZc6:;DPYAbe8J/mZ`03>J/00cf[>J/i Z`03?J/04D6/?J/mZbe8>HXmRc4X9:D/aT5ZCJeIkV8`HU5R<69@GU000VIa00URD5h^GRmAk4g:GTmN ;T57?BL00dF900=1JD5XAHT00TEX0TV900A5J458AFQ5R@99ZP04CJ]AbdfZDN/2FPd2FRd00eX>GRiN ;`02HTl015h_GS1VLVjd0VZC00=J3df/FNl0169A00AVDEh_HS1R<09R;`04HU1N;eh_HTl2GRl015X> FPmN;f9@0VIa00=ZTVJBJ[<00VZc01UZe6JcIYA^eFJcFTmJ;UH=FPeR;f8>GNeR3VH_GPiR3Eh>FLeA ZdU8=@H`iCe8BJ]=c002DPh02Tg=AH]1BDf/ENiN;eX_FPiEkEH=0U7]00U=ZdV[AHY5RcU9;@HmReIb EY800UIb00eBDEYaEU1>3D6Z>DLa1RS49<@]1@02<>@3=@@2<@@02cU6@HU5bdW/CPiB<5IA FW=NU5ZCGY<02eZC1UjC00=JTejCGY@00UjD0Ujd0EZC000036mnMkmcWVMJD[E2<36[;HXYB2U7;DP] 9`8Pa005=FTmc3f/>J/m[002>J/01CV;?J/iZcf[?L`013f[00`iZcEY>HXaB2d7;>Li:DF;DJeIkV8` IU82HU404F9aIY9RD5h_HTmRL5X^CL]J;UX=?DLi9TF8AHU5RTF9@FP00TEX00A5R4V9BHU5J@95J009 AHU9ZTVZCJY=bdfZDL]F35X=00AN;PAN;`0:GS1VLVZCHU5RLEX>DLaEkV9@IU42GRl01Eh?FNiR;f8_ GPh01Uh^00IN;eh>FPiIkEh^HTl3HU003F9aHU1RDEiaFU1J<69bHY9JCeH>EPeN;V8_00=R3P0?IRmR ;V8=HRiMcE6:BDPe1S3V@FU=c4V[CLe=kDW<0095JP04DLeN<69@GRl2EPd035X_FRiEkDgDTa:46/EW9JTP=FL@08GY9JL4h=@JXeAc4V;@DX``8a1@04;@D/i33T<>@3=@@02CDU>DHmR46ZBLaB 3UI@EW5JLP02GY<01eYcFY=JTeZCGY=N]5jC00YJT`03GY=N]5jd009N]09JT`9N]05JT`0000QcOWNo LkmWFU;E@S0aZbeY0RU700L]B2TW8<@Pa3E9@J`m[002?J/3>J/2?J/00cV[?J/mZ`02?J/023fZ>HXe RCUZ:@Ha:4F;CJd2DLd035G=HQ1ZLVIBIW9VTVIaFRmNCfJAIW5NC`9F3@0;DN/i9Se7BHU5RDEYAHU5 JDF8@FM5R004AHT01D5XAHU9ZTV9BJX00TfZ00AAbeG/EPaJ;PAN;P0?GRmR;f8`HU1ZLVIaGRmRD5h_ DLaEkF8`IU5R<5h>009MkP0>HPiN3UX=GPiN;Uh>GRiN3EX=GRiJ3UX=FNeJ3@AN3P9N;`9N<09J3`0Q FS1JDEY@EPmF3Uh_HRmN3Ug]HPiVCf8>HNeN3UWM5Zdg]BJa=kDg=AH]5RTg00=F3P0EDNe=c4F:AH/iBC47ALeJLUZCEW9FLEIAFW9FL58^BN`mRCDV<@DX`RcT00Da1009 =@@a13DU>DM1R4G:BNa>3EI@009JTP04FY=NU5jCFW<2GY<;FY<8GY<5G[@00009Kgig_gNoHcYB]D8` J/2?J/083V:>J/iZcf[@L`mZcV:>HTaB2C5>BU=[EG? FNmIkUG^HS1VDV9AIW9ZTf9aGTmRTFZbIY9RL5X_FPi9ZSTVAHT2BHX2AFT01DF9AHQ1Id68AJT00dF9 00A1J4F9BHU9R@==ZP03DL]Ek5H=009J3@=N;P9R;`0BPa:4W^FW9JTeYcEW5BD5Ia0UY`00MFCT6Y<`i002<@@02c45<@@a 1344;Th_DU000UZB00IJTejCGY=JLUZCGY<5FY<5F[<3G[<5FY<01EjCG[AN]5jdGY@0 0Ejd00002FmnMkmg_fLjD[E2;cF[;FTY9`02;DP012T69>DPaCE91Cf/1cf[0000eN;f8_HS1R;fYaGPiAbeh^ ENe=ZUW]GPiR<003IU001f8_GPiJ3Eh=HRiRCUh]009J3003ENaAje7<009Ek00JFNeIk5W/FNaIc5W/ FNeN3Uh`FPm=cE7>DQ1FJU1R3Eg]ELaAR`99J@09>BPi:DW=DNm5[3eZ@H]9 cE8>009F3P0NCJ]9Zdg;CL]=c4W;BJ]5ZTV[BJa5RTF;>DTiJU8`FW9JLeYbEU5BDEIaFW5JL5I?@JXe ASDU:<8/`S440S4500`]12cT;@@a9CE6>HU1bdW]CRmBD5IaFY83FY<00ejCFY=JT`06FY<00eZcF[AN ]002FY<00ejCG[ANT`02FY<2GY<4FY<1FY@1FY<1GY@00009Kgig_gNoIe]B]D8`=J/]JBTW008]B006 :BLTiBC5=FTm[46/0cf/23V[0cf[010mRbSV:ENiN<6IbJ[=^/`9^d`0; IY5F3UX>GU1Ak3e7@FM9RDfZBJU5R@02@FP02d5W@HQ5ZDFYAHU1RCe7@FQ5J4F9BJX00TfZ00AAbe7[ ENaJ3@9N;P03FPiN3Uh^00=R;`0>JW5N3E7:HReN;E7:FPaJ3Eh>GPmR;f9?GRiJ3P9J3@04HRiJ;EX< FP`2EN/3DL/095G/FPeJ3EW/ENaIkEh=FPeJ3Ui@EPi5RdV]CO1F ELeARdE8BFU5[46@Xi345=DLmRDG;BNe>3U8`EW42FY82FY<0 15YcFY=NU5jC2eZC0UjD00=JTejDFY<00eZC00=JU5jDG[@00ejd00003fmnLkmcWVMKD[E2<3F[;FT] :359;DP]:23U9>HeJP03?J`00cV[>J`iZ`03>J/00cf[>J/iZ`02>J/033V;?J/iJRS5<@MAkehbIS9R DS1BD5IaFY<2GY<8FY<2G[@2FY@4FY<2GY@01UjCFY=JTeZCFYANU09N]0ENU00000Y_OgNoKii[FeJe AS0eZc5Y;BPaB@8]:0048J/01cV/?J`mc3f[>J/iRSV[008iR`04?J`eBBS5?DX2 GS8025hAGQ1Iceg_GPmEkEG^HU02JY803F9@FNe9Zd58@FUN<6JBCL/mAT5WBJU=bTV90095J003@DLm Ad5X0095R@=1J095R@05BJU=ZTg:CLYAb`03EN`00eW]EPeJ;P03GRh03F8_GPiVD6IADLaEkFI`FPiE kUX?FNmJ3Tg<00==b`03DNaEk57:00==bP05DL]Ek5G/CL]Ac003EP`00eXDQ1 RS45:<8e9S45>DPmJD6:BLa>3Th_DU000UIb00MJLUjCGY=NTeZCGY=NU007FY<2FY@01UjdFY=JTejD G[EN]0AJT`04FYAN]5jeG[@2GY@3FY@0000:Kgikog>mIeYFeD8_=J`]JRdX;DP2;BP03B359>HeJSf< ?J`iZcV;?J`iZcV;?J`mc3f/008mZ`Ha5cdF]?D]9[EH@HU9R DFYcHU5J3e7Fa5ceIBFU9NDUicHW9JD58?CPi9kTg^CLh2BLd01T6; @JXeB3EYCS1JT`=JLP0DDU5JLeYbBNm1[CE8?H]>3SE89<@a9S45>FM1ZdGH/iZcV[>H/iZcf[>J/iRcf/008m c00M>H/iBS48=BUEl6ICHQ5N45W>DJaE[F8aGNmIcUW_ENiAcEh_GU1AkDf/ENiVTUi@AHTmAdF9AJU9 ZP02AHT0145X?DPmB45Y0TF90T5X00M1R4F8AHU9ZTg:CJY=bP03DLX03EG[FNaF3EG/ENeRCeh_FPiF 3U7^EPi5[3e9009=cP08BJ`i:33VAHY9[58>FU1NL09JC`0:FTiF3EX_FRiF3EX>DNe9ZTV[DN`2CL/0 157]DLaAk57/0UG/01QF3EY?FS1B3d6<=DXa:Rd7<@M1Re7^GU5N<6IbHU5J<5G^AHXi9dF;CNliK22V 9DTiSEZ ?J`mc3f/>H/01SV[018iRcf/?Ja1cCf;<@P/id5[FQ5VDUg`EJi=Je6AHXi:002>BT03DFES1=kcU9;>I5Ze8_GW9RTV:c009R/P07 GY9NDEiaGU5F3eH>DNd00TVZ00Y9bTV:BH]9ZdgDX0 1cf;=DT]2235:@M5cUIb009JT`9BD@0BFW=BDDG^@LdY22T7?J`a:AQR:>H]1SE8?H]1c4G=CPmB;eIA 0UZC00=JTUZCFY<02EZC00=J/ejdG[@00eZC00ANTeZCFY=JT`9NT`03F[AN]5jC00AJT`03GY=N/ejC 005NT`0000Q_OWNoLkiW>U:e@RleZc5Z0RdX00TY:2dX9>HTiCEZ?J`mc3f/>H/01cV[01@m[3V;?J`m Rc48<>M9[EhaHS5IcTU:BDUIcVYAJU9EcU6EW5JLEYbGY=RTf:cI[<3GW801eH?CLe=cDgFa9lE8c CSBJe1BSdX?@LdiS47=BTiJc4Y;@P28:D06abU:@Q1cU9BFYANU5IbEU9JTe9bBPm1 cC59:@LaBBT7420Pa2d6=DTmRdG=BNi>;e8`EW9N/`05FY<00ejDG[AJT`06FY<00eZDG[AN]005FY<2 GY<6FY<015jCFY=JTeZC0UjC000026mNMmmg_fJ/iZcV;>J/iRcV/0Sf[00`m[46/>FXe:3TYDLiRDEg_DF]9BE6FU1RLUiA DNe9S45:?DT`iRB3:<59@EW400UZC 00=J]5ZCFY<01EZC00AN]5ZcFY=FT`9FL`03FY=N]5ZC00EJT`03GY=JTeZC00=JT`03GY=N]5jC00AJ T`0000Q_GWNoMkiS>e:fAS0eZc5Z0Re80RTX0R3500DaJCf/?J`iZcV;00DiZ`0F>J`m[3f[@Ldm[34X <>LmJUX?IU5EcDDXBDUMkVHaFLiASEG>IU=b]VjfJY@2IU8035h>DLaEkUiAFS15RSeXAJY5bTFZ?FTi B@8iB08mB091J@07AFU9RDEXAHQ9R4VYCJX00Tg:00=AjeH=FRh00Ui?02IAk3TV=@I9c58>?FXPPaaS >DU9cTW^ALe=keYbGW=B457_FS5NDUibGY=JLdh`BS1=cTW>CLi1JdF 0Ui`0UX^0UH=01UAkDg/CLaF3Ui?FRiNCfJAHW1NCeX^EPe9ZSTW<@HmJDg>FU9JDdh@=DXiK4G?ANm9 k`02CQ002SU:=@Q5JD4WBDPhiRRT=BP]1aR40P`Q01hTicE[>F/iJd7>DU9JU5jEFW=>447=?Ja:;dh_ ?HXY1RC4684Xi3E7>FQ1ZdG]BPiBD59AEW9JTejCF[<2FY<00eZDFY=JT`02FY<00eZcFY=JT`04FY<0 1EZDFY=JTeZDGY@00UZC0UjD0UZC00INU5jdG[AN]5ZCGY<2FY<1GY<0000nIc]B]TH`=J/a JBe7;DP]:2TW0Qc500DaBCf/?J`iZcV;00DiZ`0K>J`m[3f/@LdiRbSV:DPmJDEjBES1= cU7_DPm=k`9B<091c@07AJdiBSe:=BPmJTV/AJ`00T6;00E5ZdW=CLe9c58>009J;`9F3P9B3@9F3@06 FRiNL69`HTmRL6J@0V9`0V9_00YJ;DFY@FUAkUH`EQ19cT6=<@TmS@95k`0@BQ1BLXYCdX>>I5 B2bS400LPaR37:@PaBCV=FT2?J`06SE9>F]>FPmRD7; BNe:3U9@DW9FLUZCG[@3FY<00eZDFY=JU003FY<01eZDFY=JTejdFY=JU5ZC009JU004GYAJU5ZDFY@2 GY@2FY@00ejDG[AN]002FY<00ejCG[AN]001G[@00009Limg_g>nIe]B]DH`>J/aJBTW008]B004:BPP aB35H/iZ`03>J/05CV:>H/m[46/@LdmRc47=@MEkf9bGPmA[4U:DH]VFTeJ2d6:>Ha1bd6>DPmJ4EYAHU5JDV9BFQ=R@99 R00>CLYAbU7[ENaJ;UX>AHTe9CDVCNaNL6:AERi=k@91RP0:AJa=kUY@EU1>3U8>FS1AkSf<>FX2=DT0 1SfBQ5[4W^BLi1J`02>DT00ceY@HY=k@02EPh00e8>EPiB3P03EPh0?ei@ HW5VTV9AGU1RLFJAJ[9RLF9`FRe9ZDFZERmJD58@AJe1[DF]CO19kd6^ALi9l46]<@PXaSTX>@LdiBB3 88@PaRCW;BPeJcV;?J]1c46/;@Pa247?DU9>4DG>ALe><5YbFY9>3SEX:<@T`bST=BHmJ46ZALa>3Th_ DU5FLP03FY<00ejdFY=JT`02FY@01EjDFY=JTeZCFY@00eZC1eZD15jD00=JU5ZCFY<00UZD0UZC15jd 00004FmoNmm_WFMKD[E2;cF[J`m[47^@Jda:3e: FS5RDEG=DH]9BEF/JU9VDP9Mk`0JFNmVLfjeJ[EVTeiaGW1RCeX=AFTm9d5Y>DPmJCUYDTmJT6:AHY5R@95R005BJU5R4FXBLU=jP02EP`02e8<@FP/`c45AJYNL5Y?ERmF;TW;AJX00dW; 00=F;eY@CNd00TF/00`iJS3W9M1BRc5>@L2=>H01e7^EQ19cS4W:FRmRLFJBIW82HW804fJCJ]=Z/VJaGViF;4W9AJUB3UYAES5>458@DS5JDe8b @Jhm[TG?008m[P05>H]5cTF]?F]1R`02?FX02T6/ALi5cDG]BNe:3Sf:0155cU8aEU5J DEYa@JXXa22R:<J/00cf/>Ja1c@02?J`02T7=?H`eBDFEN`i1RbS=@Li:3U9@Lm:2B3868mJT6;;@PPPbcV?FY1ZdWCN]1RTW=DS1B<@9F<@04ES9FDUYCDS82CQ409dXADU9:44h`DQ1>3dg^ALa1[4h>BNi5kTW^ BNe:3Cf:;@HTaBCWU:e@PheZS5YJ`iR`02>J/04SV;>J`mc47=?J`m[D7=?J`mRe7^GU5N3eG=CDY=JUg^IU5ZDP9R 400KHS1NDTPS3V>DTiJS59LdiS3V864H@2BT0RSV00Xa246;CNi9kDG44h`BPm5 cD6/BNe:3Th>ANd00TG<00m5ZdW;?HX]9bCV:>L]:DG>EU5B;dW]@H/a1R219:800RcT00Pe9T69AL]9 c4h>EU1FDEYb15ZC00AJU5ZCFY=J]0QJU0AJT`03GYAJTeZC009JU003FY=JU5jD00=JT`9N]09JT`AN ]00000U_OWOOLkiS>UKF@RleRS6:J/eRcV/>J`2?J`0 2cf]@LhmS3e[DPmNDEg_EJe9BDeZHPl00Vic02aR45g_GQ1N469BJ[E^eFJBGRmF34fZ>BHTPRS5=DTi JS4XDPmB;e8_ES1F;dg]DPiF3UH?FPmJ;ei@HY5V/`9Ze009HY9JCeH^CPe9c46;>FY1[46]0099 k`0:CO1>4E8bEU=JM5jEFWAFDThaCS03DS001UIAEU1BD4X?ANe=k@99c00G@J/a:2T7:@PY1cEZ@J`i JBcV:<@TXbBR;<@`iBcT>BI1RTW;BLaB3eI@EU5JL`07FY<01EZDFY=JU5ZDGY@015ZD1eZC0UZD00AJ TeZDFYAN]0=JU0ANU0=N]00000Y[OWOOLkiS>UKFARlaRS5YJ`iZcV; 0SV[0SV/0111cCf]?Jdm[CU[@H]F469AHS5IcTe:DFYN3fjCJW9Mk`9N3`06FPmJ46IcK]EVTUh_0Tg; 0151J2BR88FRmF;UY?GW1JCeH^DPh2BN`03DW3Th>CRmBD4h_DRm>;Tg] ALa9kDW=009>3`05CNi5cD6/AJa9kP02ES004Th>CNi=kTW=CNiB3U7^ENiF3UX_GW1RTF:BGW5F;dg] BLa5Z`91Z`0=?F/mRcU[>F/mS4G?BNm=l58AEU9FDeIBFU800UYc01=NLf:dI]ER]6:CH[=JLU8_DPiB 3Dg]AJ`eBBdX8DXi@02:<@04BcU;>@e1C45;<@i9T69AJ]9c58?EU1FDEZCFYAJTejDGY<0 0UZC00AJU5ZCFY=JT`IJU09JT`9NT`03GYAJTeZC00EJU09NU0=JU09NU003FYANU5jD005NU00000m[ OWOOLkiW>UJe@PleZReYH`i JdV^0V9B00QVLaBT6;AJa5RTF9AJY=bdV[>DP2;>D03Ce8BLaAkE7]BLa9bdF[BLaB3UI@DPi9kDg] 00=B3P03ERmJD5i`00=JD00;EU1B;eI@EU1B;dh_EU5JLUZBEW1BC`02DRl03Tg^BNi9cDF]@Ja5[4g^ DRmFDEI@BNi5c4W]BLd2CNh014g]CLe=c58=0UH_00EFCeY@FU1B3Tg=0095Z`07BLe5[46;>FXa:3DY ?F/00T6]00A5cTW_BNm>409FDP03FW=NU5jD009R]003GY=NTUYb009B3`0HCPi9cCf;;@PPaQR3544D HQb39<@XiBcU<@D/i345<>@/`cTV@FU1RTWHTic5:ALe5[3eY@FP00TW;018e9RBS ;>DmJDV[CLaB3E7]AJY1JDF[BLaB3U8_BNe5[4W=CNh3DPh01EH^FTmJD5iaHY400Uia0UjB00AJLUIa EU5JLP=FD00@CRi>3Dg]BLe5cDW=BNiB<5I@EU5B<58?BLe9c4W]BLd2CNh3CNd02U7]DPeB3UH_FU1N LEY@ERm=kDW<0Tg]00A5[46;>DTe:08eB@08<@P]234Y409B<@0CFU=JLeYBFW9FDDh? ALdmRcE9:@LPaAbT78D00RcT01<`iC3T;>@e9Se8@FU5Zdg^DRmFDEZCFYAJTejd GY=JTeZDGYAJT`03GY@4FY@2FY<015ZDG[ANU5jD0UZC1eZD0UjD15ZD0ejD000056nONomcWF]KE[I6 ;cF[;DPaJBe8;BLaB2CU7:@eJT7<>J/mZcV[=HX2>J/3>J`04d7>ANlmSCDZBJmRM68bHS5IcTe[CFYE [68`L[AfeVjdJY=R<5W^009A[00HaBD6/ @J/iJ3eX@HTiAbcT<@I1RDW;BJ]9be8=CLa5RT5YBJa9cDF/BLe5cCf;ALe9kTW]BLe=kE8>FRmND69a HW9RTV:CHY9R/ejcH[ARU5ic0UYa01UJD5I?DRmB3dg^CPiB3e8_EU5F<58_BNe=kTW^CNe9kDF/BLe= kTg]DPiF;UH>DPiF;P02FW001EY@ERmJ<5H?DNd00Tg]0TW<00A1RceY>DTa:08XiP0D:>LTaRC69CQ19kdG>AJe1[3E:;@PTiR3V8D/iC3T;>@/iC45<>@e9Se8 @FU5[4g^DPmFDEYcFY=JLeZC009JL`04FY=JLeYcFW<5FY@00eZdFYAJT`02GY@01UZDGY=JTeZCFYAJ ]0]JU0=NU000011_WgOOKieWFeJeARleRbTX;DPaB2T6Je1[TW`?JdeBTg?IUAN009J3P09CJ`i9cU8?FTTiA10 9>HeJS5:00FQ9bdgFXmJT6;AJa1ZdGLLYAAS548DH`8LY@039>L]:BT9008Ti`03:@PTib36008PiP8U 1`079>HPiAc48<@Ti2SU:>@00bcT0S3T00Pe1CTV?FQ5ZdW]CPiB<5Ia0UZC00IN]5ZCGY=N]5ZDFY<2 GY@3FY<00ejDG[ANT`02FY<00eZDFY=JT`02FY<015jdFY=JTeZC1EZD00AN]5ZCFY=N/`=NT`00011_ WgOOKieW>UJeARliZbe9;DPaB2T6;BLPaAc4Jdm[D7>ANliS3E;DM1RDL063E79<@HHR35LU22dYDM9k4g/AJY9b`==b`09BJY5RDFZBLa5Zd6:?FXeBCDX008iJP0HHY1AR008@HP0?448DPac67:HHQAB47:DPaQc58>LU22DX8>HPaB3V008Ti@03 9<@Xi2ST00@/i33T=BHmB46:BLe=kU8`EW9NT`02G[@2FY<00ejdFYAJT`02GY@3FY<00ejD G[AN/`02FY<00eZDFY=J]002FY<01UZdFY=JTeZCFYAN]0=JU003G[ANU5ZC00AJT`00011_WgOOKieW >UJeARleZc5Y;DPaJ2T7;BPTiB35DHPabU;BT]:P8Pa`0B9>TU2ARV9@Te S2e[F/00Sf;00]1 [4W>CNm=ke8@ES5NLeidHYAV]VJe009R]003HYAJLUYA009JD@03ES5>3dW>00=5c@08@J`eJSf<@Jdm [46/ALe5c095c@04ALa9cEH`GW42ERl025i@HW9NDEX`GU5J;eH^FRh2EPd02e8=DNe9[4WFXeBBdX9>H00QR30QRS01@LYB3V7@/i3450RcT 00/`i2cS<>@e1CU8@HY5c4g^CPmBDEIb009JT`03EY9JTeZC00AJT`04FW=JTeZCFY<2GY<4FY<2F[@0 15ZCF[=JTeZC0UZD00AJ]5ZCFYAJU09NU0EJT`0000Y_WW_OMkiW>UJe@PleRS5Z:BLaB08]:08TiP03 P022388>PU2AS69BTaSBDY8H02cUYBLa9bdFZAJU9 ZTg;BLY5ZTW;CL/00TV[00Q5ZceY>DPiB34W;@H]1c5813UZ01@mS46/AJe9cU8@DS5FDUidHYENM5IB DU5>44G>BLi>44h?ALhmS3U/0SU[01TiS3U[;BTiJcf<>H/iJCUZ@J]>3U8_BLe5c5H_GW5J;eH>FS1V LV9bHU5RLUi@EPiJ;P02EPd00eH>DPi9c002CNd2AL`013f;=DP]9bCU0QbS0Qc40Qc500PLaQc56:DH YB3W;BT]BRTX0RT800H]:2CV8<@TiBSU:>@4;>@3<>@02cD5>DQ1RDF[BNe>3U8`EW9JTeZdF[<015ZC 00ANTeZCFY=NT`MJT`09FY9JTeZCFY=J]5ZCF[=JTeZD00=JT`03FYAJTeZC009JU0=NU00000a_OGOO LkiS>U:D@PhaRS5Z:BL]B2dW;BP29>H012e8=H/iZcV[0SF;00@eZcF;>J`mc08m[00NALdeJC4XBJeE ceG_GQ5RDQ5bdh=@HX]1QQR7:DLYR370RCX00dU2BTZ 7FY9kDF[AJY=k002BLX01Tg;BL]9ZTV[BL]9c09=c008@HTmJ3U8=DP]1bC5;@Le B@Fa1[DG?BNm1cSV<=D/Y22SW;BTeJc5:008Y200E;@T]:2d8;BT]:236;BPe BS4Y=DTmRdG=DPmFD58_CPiF;f9aFS1F3V9@009ZT`04IY=Z/ei@EPh2FRh065h^FRiJ;TgLU1bTX;DTaBP@]:@06H/iBST12cT0c3T00Ta 1CU7?FU1ZdW]CPiB<5IbFY<00UZc1eZC00=JLUZCFY<015ZC00AN/eZCFY=JT`9J/`03FY=J/eZC00EJ T`04FW=JTejDGY<3GY@00008LiikogNnIc]F]D8?HU1c5Y>J/m[3V/=H/00SF[ 01DeRcV/>J/iZd6/?J/aBCE9BJaAcEG_GQ1VPTj@8U2@088>PU:B48124LYCV;@La5[099b`06BJ]9ZTW:CL]9bdVZ0TV[ 00]=c57]BL]5ZTF[AJXmJSE8:>Ha:3E900@a:@03LTiRCW:@LTiQb4:>LeBSU[ALe>3e8_DPmF<5YA0UY@00YRLEh`EPiRD6ZcJY=Z/fkD GU1J3P9N;`06HW1RD5h_DNeF3UX_0Tg]0dg/00A5Zcf9?HTmRP8iRP09=FTeJS59;BPaBCEZHTa2cU008/i@@/i00<<@@`i33T<@De9SU8@HY5c4W^CRmFLEZB15ZC00=NU5jCFY<00UjC 00=JTUYbFY<015ZC00AN/eZCFY=JT`9J/`YJT`03GYANTejD009NU00000Q_OGOOLieW>UJf@RleZbeY 0Re80RTW00FY5Re7>ENmIl68bGO03EJh09UG? GQ5VDVjeL]MZUEhaCHa5JEG]HW9J<4V/;>HPY1b47:DPaQc67PHYQB446<]BCf]@Le5c4F[ BL]=c4FZBL]=k4g;BJX3CL`014g=BLa9ZdW<0TF[00PmRS47FXeBS590SEZ00deBS5::@PT ibC79>PY22CX8FY5cDh?EU5NTUYa009JD@9ND@0C FU1RLEi@FPiRD6ZBK[=^e6kEHW5NCf9@GTmRL69@GU1EkEX_GU000UH>00AF3EH>ERiB3@=9c007ANa1 bcf[>HXeJS4X=DT00S4X00L]:358=FTiRcE99D2;>@4<>@03344<>@a1CU7@J]5c4W]CRmF DEYbFY=NT`9JT`9NU0=JT`03FY9JTeZC00AJT`06G[AJTeZCFY=NTejc25ZC00=NTejDGY<015jC0000 26nNNmmcWVLkE[I23cF[;DT2;DP03RdW;BPPaB3U=FXm[3V[>H/iZcF;=J/iZcV;>J/2?J/0746/@Ldm RdE[DLiEkeX@GQ1IkeW?EJiA[UG?GO5RPXj34ZH]1c4XHXmZc4X008PP`@] 133T00@`i009;>@]1CE7@JY5bdG]CPmFDEYb00=NT`03FY=NU5jD00AJT`03G[ANU5ZC00=JT`06GY=J TeZCFY=NTejc15ZC00MJU5ZCFYAJU5jDGY=JT`04GY<0000AKiikgg>nIcYF]Ch>=JXYBBU7J/01CF;>J/iRcF:>J/00Sf/01i1cDW_?H`mRdF]DNmJ45G`ELiIceF]DHeA[EF^ ELiEceW`ENmAcU7=ELaN3V9bHW5F3T6:;>HTaAbU6:D27H/m[4GFTmRTW]BPi>;e8_EU5FD58`009R]006H[=R]6:DHYAV]6JC0V:C00UVTf:C IY9RLEi@GRmRD6ZcK[<00V9a019ZTV9?GRiNCf9`HU1J;UY?GU1J;eh_GS1N;eX>GRiJ;UH^DPd3CNd0 0dWD`i@05<>@0333S<>@`i345=DLmRD6[ALa>3eIA EW9JTPeJT`UJU0=JT`EJU0IJT`0001I_OWOOLieS>UJe@PleZbeY;DPaJ2e8;BPLY235=FXmcCV/>H/i [3F;>H/iZ`8iRP8m[006@Le5kSfDJeAS5F=009E[@04ELiN45h@GPl2FPh0 25h>FRmAkTg=@H/a:2T77F]1cD6]@Ja1c4W^CPi5k@02 CPh01TW]DRmJLEjCH]ANT`9R]004GY=VeF:DI[@2J]D05VJeJ]EZeFJdIY=V]6JCIW9VTV9AGU1VLFjc J[=RLF9`IY5RCei?HTmRL5i@0UX_00AND5X_FPmN;`=J3P09FRiF3UH=DPeB3Tg]CLa9[4F[00=5RP0< AJ]1RSf:>DTPPa@P78D`i2d4133T00h`hbcT<@DiAd6:AJ]5c4h>DS1FDEYbFY=NU5ZC0UZD 1eZC00=NU5ZDFY@01EZD1EZC15ZD1eZC00003fmnMmmcWVLjDYE2<36:;FT]B35XDLiA[UG>EJh2FLh045g?GPmR3fH`HS1N 3UW^GPmJ3dF;=@La1c4X;BPY1abU0QRT0QRU010PibD87FPiJDF/BNi=kTh?CPiB ;U8>CPiB;eY@EU1NTV:CH[@3I]D02F[EI[EZeVKEK_IZmVJeH[AV]@03J]D036ZdHY=RLVIbIW5RDFIa J[=ZTUi@HU1RL09RC`=NC`9ND003HU1N;eX>009J3P03FPeEkEG]009Ek@9Ak@04CLa9ZdV[CJ/4BJ/0 3TF:>DTa1QA1300HPbCU;@H/iC3T;@@a133T<@@3<>@02C45=BLiJ46ZALa>3U8`DU5JLP02GY<2FY<0 0eZDFY=JT`03FY<7FY@2GY@00eZDFY=JT`03FY<4FY@3FY<00eZcFY=JT`01FY<00008LimkggNoIe]B UD8?J`iZcV;>J/mb`8eRP0<>H/m[DG^?H`aBS4Y?H]9 [4V0eg_00aMkV8?IS1ZD6H_FNiAcD5Z;FTiF ;E8D/i0<]100?<@@`i344<@@/ i345=DLmRDG>HXiZcV;?Ja1cSV<DLiIcP9R400@GNmMkUg^GNiN3V8_DLdi:223400HHabU58@PabD88>H36:D011S67FNeIkEX= FNd3EL`01U7;CJ]=ZdVZBJ]=k099ZP95ZP0??FTe9bcU4448011R6:@U1RSU;>@]12d5<@D]12cT008a 108/i009>DLmRDG;BNi>;e9AFW=JTejD00EJU0=JT`AJU003GYAJU5ZD00EJU0EJT`=JU0AJT`9J/`00 00Q_OWOOLkiS>e:e@RlaRS5Z0Re800L]:2T69H/00cV[>J`iZ`02?L`01Sf/>J/i [D7>>H`aBP8eJ`05>DXe:DFENiEkU7=DLa9[3TY88@8010Q8:DPaQ1S6:DQ223W 7BNm=kdW=BL`2BL/00dg;CN]B3003DN/00e7;DN]Ab`02DL/2 EL/2FN`2ENd00eH=GTmRL002HW03GTl2FRh015i`HW5RLEi@0f9a00AND6:BI[=V/`9V]004I[EZeF[F K_L2L_L00f[FJ[EZ]@03K]D01FJCHW9VLV9AGS000V9@0VI`00IRCeh^GRiN;f9?HRl2GRl0269?GRiR Cf9?GRiN3Uh=FNd2FN`01UGH/ iRcU008]1003<@D/i2cT008a1@0<;>@a1CUX@HU5ZdW]CPmBDEIcFY=NU5ZC1EZD00=JTeJCFY<015ZC 0UZD2UZC0eZD1UZC00002FnNMmm__FHPQ1QT448DQ1c68HRmRD6IaHU1R;f8^ GTiJ;Eh^HTmR;Uh>GPd00UW/00=IjeG;DJX00U6Z0TfZ00=9RTVZBJ/00dF:00A1RSE8@04344;>@/i2d4<@Da13DV>FLmRDF[BNe>3e8aEW9JU5Zd1UZD1eZC0UZD1UZC 0UZD00=JTeZDFY@00UZD1UZC00002FnNNmm__F=H`aJcF<>J`aBQQS8:H/icD8>BT`ibc6::H00R24010LHaQ356LU1bD87LLiPQ1228LacE]BO1>44g^0099c004CN]B35H=EPd2 DN`4EN`2DL/2EN`02UW/FNeJ3EG]DNaF3EX^GTiRCfI_0V9a015VTVZbIY9VTVZcJ[AV/fZcI[=Z/fJB J[AV/fZdJ]EV]6[E009^mP9Ze@05I[ARLUiAIY=ZT`02IW803fJBHU5J;Uh^HTmN;V8^GRiJ3F8_HU1V D6IaHU1R;`02HRh01EXJ`m[D7>>Jd3=H`0135:7:DPYBC60RS7 00TLQ1AS66@D@``Q448DQ1bV8>L00RD800TY22dZ9>PY2BTZ:DXU:Ac66Pm[DG_BNl00TW=00A9c4g/DNeF3@9Ek004DNaF3EH=EN`2DL/00eG[ENaIk@02FPd015H=DNaJ3Eh^ 0Ui>00=RCV9?HW000VJB00ARTVJcJ]AZe09Zd`05J[=V/VZbJ[=V/`02J[<01fJCJ[A^eF[EK]EV]6JC 009RLP9ZT`08JY9VLF9@HTmJ;EX=GRiJ3@=N;P04IW1ZLFI@IW02HTl2HTh01UW/FPaR;Uh=GNaIb`9E b`04ELYEbe6ZDJX3CHT2BHP2BJX2BJ`0845[@a 12cS=BDeASUX@JY9kDh>CQ1BDEZCFYAFTeZDEY<2FY@01eJCFY=JTeZdFY=J/ejd009JU004GYAJU5ZD FY@4FY<6FY@3FY<3GY<0000:LiikgfnLIcYBUCg^=J/aJRTW;BL2;BP01B358:@eJSg<>H/00SV[00@i RcV[=HXmc08m[005>J`m[D7>@Lli[@02=H`0135[9>LTib360RCW00GReEjeXLHHP`P668@@QB27:@Y1Rd6:>@/i2d4;>@a1BcT008a1008U:e@PleRbe9;BL]B358;BLTiB35Ha1cdH@@LheS002LHaQc7008Q200H:BT]BcF=;D/a Bbe;:BTU:B486H]1[4G>0Tg]00AAkEH=DNaEk@9F3@04FReF 3E7;DN/4EN`025X=GRiJ3Uh_HTmVKf9?HTh2HTl00ei?HU1RL@03HW4016JAIY9VTFJ@0VJB00IVLFJB IY9VTVZdK]D2J[@02VJCJY=^]6JBHU5N<5h_FPiIkEX=0UX<00ERCVI`IY1ZTFJA009ZT@09IW1VKf9> HTiN;EXHHHP`P568@@QAS 7:@TiC4V:>@/i2d4;>@a1BcT<@Da13D5=BDe9SUXAJ]5cDW^CS02EW800eJCFYAJU004FY@015ZdEY=F TeJC15ZD00=J]5ZDFY@00eZD15jD0UZD0eZC00=NTeZCFY<00EZC000037>NNmmc_FLjE[E6;cF;H/i[3V<00LDY1c68@PQ1`027>L022TZ;D/]C35]>JleK35/;DX29BT06RD87ERiEkE7/EPeJ3EX^EPd2DN/3EP`02EG/FPeJ3Eh]HTiRCfI`IVmRK`03 HTl3HU000f9aIW5VT@02IY401fI`HW1RL69@IW5VLVZC009^]003J[AVTfIb009VLP04HU5N3eX>FPh2 GPh2HTl00fI`IY5ZT@02K[803FJAJY9VL69_IVmRCUi=GRaN35G[FNaN3Eg/009Ib`03EJYAZE69009= R008CFQ=RE6ZCJYAZTfZBHY5J@95R@05?FTe:2C5648<000244801aB47:DTiC57;@@/i345008/i08a 1@0><>@e13DV=BHiAd6:ALa9kTh@DS1FLUZCFYAJ]0EJU004EYAJ]5ZdF[@6FY@4G[@00ejDFYAJT`05 FY<00ejDFY=JT`01FY<0000nIcYBU4H?=J/aJS58;BPa:2dX0R3500DaJCWJheS08]BP0:>Jde[2D87LLibDXH36:D0411S68@LaRT8=DY1RdW=DPmF3e8=DLaA k5X=FReF35G/0UH<00IJ35HHaAbd4;>@a1@02;>@2<@@03S3T<@@e9SDV>FPmRT7H/i[3V/=H`eJcE/0SF<014YBR3X=H`i[BU99@PY:BdY:@TTj2D89BTQ 22DY9@TY:S5/008eS@04>Lle[Re/;D/2;F/02bDY8@LQ22e:>Jd]JR477>HPiac67LeBDF/DPmF<5H?DNeAk09F3@EF309Ej`9Ek003GReRCV8^009RC`03HW1RKf9`00AVL09ZT@0;IY5V L6J@IVmRCVI?IVmRCfYaKY9VL@03GS000f9AHU1RD003IW401FI@IW5VL6IaJY800fIa00ARD69AHU5R D@9RC`06HVmVKf9^HTiRCEh/0Uh<00EIk5W;FL]IbeW:00=EbP=AZP03CHU9RDV90091B091J00@@FTe :2C5548<811256<<@aRT;BPeJBd5:>@]12cT<@D2<>@2<@@032cT<@DiB3eY@J]9kDh?DU5FLUJCF[AN ]@QJU003EY=JU5ZD00UJU0=JT`AJU0AJT`0000U_OWOOKkeWFU:e@PleRS5YJ`iS004>J/013V/>H/iRcV<0SE[0c5[00L]BRD8H02Ac56:DDQ1RT8HTh01F9`00=RCf9`IW001FI`00AV Kf9>HTiRCP=RC`=VL@0=IW9ZTfjdIW9VLFZBJW5VL69?IW1RD6IaJY800VIa00QVL6I@IU1VDFIaHTmR ;f9?0VI_00=RCEh]GR`00Uh<00AIk5W;FNaEbP9EZP03DJYAZE6Z009AZP03CHU9R4F90091B00?AFU1 JCeYDU1F LUIcF[AN]5ZC0UZD00=JTeZDFY@00UZD00=JTeZDFY@02EZD1UZC1EZD00003fnNMmm_WFJ`3>J/01cV/>H/iS3V;=F/aJc5Z008]JP049BT]JcV]>Jd3;DX0 1Be;;DX]BbU:9@P00RDY00TY:Re/?NlaS2e[=H`00be[00X]BS6;@Nle[1c67LP iP8HY0088HTmVKfI@JW1VLFIbK[=^]7:dIW9VLFZBIW5RD5h^0Uh_00=RD6I` JW400fI`00AVD69@IW5ZL@9RC`03IVmRKUh]009N;007GPeJ35W/FN]Ik5G:EJX00U6Z00EAZE6ZDJYA ZTf900=5J00B@DQ5RD6:@HXa1bSV548@@AAS46888AS5=H/]B2T6;>@a1BcT0c4500`a12d4<>@e1CU8 ?HY5cDW]BPiBDEIbEW<2F[@015JCF[AJTeZC0UZD0eZC0UZD00=NU5ZDFY@01UZD1EZC0UZD00=J]5jD GY@00EjD00004FnNMmm_WFMJD[A23cF:H/00cV[018iZSV:?L`m[3UZ >H/eRc5ZJdm[S5[;D/2HTeRCF9=GRaNC@9N;@0: GRiN;f9@IW5VLVZCK[AZ/f9@GRl2HU02HTl015h_GRiRCfI`0VI_0VI`015RCfYaJW5VL69?IW1RCV8^ GReN35h/GPaJ35W/EN]Ik5G[00=EbPAAbP0UBHU5J4EYAFQ5JD5Y@HTmJC4W9>HD@A1158<@H`a27Da1BcT<>D/i2d5<@Da13D5<@@e9SU8?HY5cDX>CPmBDEIbEY<00UZe0UZD00MNU5ZCFY=NU5ZC EW9JT`08FY@2FY<00eZDGY=NT`04FY<00eZDGYAN]002GY@0000=F`00S5[ 00@]Bbe:;F/]BP8U:@8Y:P0J:DX]Jc5[>Jdmcc6<;D/eS3V^=JdaK36<=JdmcSF/7>HQ1bU9;DXYBBTY 8>LLaRD8;DTeJ`8iR`0;>HXmRdF[BLa=kEH=ERiN;eX^EPaEk002EN/03UHGRiNCf9?IW1V TFI`HVmRCfI_HVl2HTh2GRd00ei=GRaRCP03GRd02Uh^GRmRD6YbJY=^/fZBHU1NCf9@0V9?00=VL6J@ IW000VI`0V9_00QVKf9?IW1^TVZBHTmN3Uh^0V8^00MN3EXHD@AAR0QB300D@Hac5:@LTiBSU008/i00B<>D/i2d4<@Da 1345=@Di9SU8?FU5c4X>CRmBDEIbFY=J]5Ze0UZD00ANTeZCFYANU0EJT`=JU003FY=JU5ZD00=JU0AJ T`05F[=JU5ZDFYAJT`02FY@0000:KiiggfnMHcYBU48?=HXaJBdWHeJSf]?J`00SV; 0cV[0Sf/014i[3F;=J`e[36;:DX]BRe[9@PYBSF<>JdeSCF<@Nli[BDX008YB@09;FXYBS5[;DXU22e9HTiVKf9?GRmRCfIaIW82JY800f9`IW1VL002IW03JY405FZ@IY1RKfI_IY1VKfI`KY9V L5h=GReR;Uh^HRiN;Eh=HReN;Eh=FPaEj`02FN/01UGZELYEbU79DJUAb@9=Z@09BHU5J4F9@FPmB3eX >DPe:2SV008DHP0756D00RcT0S3T00CRmB D5IbFW<00UZD00AFU5ZCFY=NT`IJT`9JU004FY=JU5ZDFY@8FY<01EZcF[AJU5ZDFY<00UZD00002Fmn MkmcWVJ`icCF/:DX] BRe[9@PY:C5[0SF<00Hi[C5[:BTYBRe::DX2;F/2:BX00be[Lh0 148@>Jd]BSF<0Re[00LYBC6;DPiF;UH>ENd4EN`00eXHTmRCUh^HTmRCUh]ITh016I_00ARCf9@IW5RL@=VL@07 JY9VLFIaJY9ZTFI`JY400VJ@00YRKfI`JY1VT69_IW1N;Uh=HRiRC`9R;P03GRiN3Eh=009N;@05FPaI k5XDLmB3U8=BPXiQQR58<@HQB46:DLaR3V9BLmJD6:ALa9kTh_DU5JLeIcEY=JU5JDFY=NTejDF[@02EZC00=JU5ZC FY<02EZC0UZd0eZD00003fmnMkmc_VHeJP02?J`01SV;>J`iRcf/ >H`eR`LdmkSW=;F/2:DX03B48;DXaS3F<H`i[3VDNeEkEG/EL]Ek0AJ3@05FReEk5i>JY5VT002IW002fI_ITmVCfI`IVmRCfI`HVmN;VI_ JY000VI_00=RCf9@IY8016Zc00=ZTVJBIW400fIa00AVL6JAIY5VT09VK`03IY1RKeh^009N;P08HTiR Cf9?ITmRCeh]FPeN;P9N;@03GPeJ35X<009Ej`05ENYAjU7:DLY=b@02CJT01DVYAHU5RD5X>BL00SU8 00da:2d77:@DPaAS58@HYB369>HTiBdW=DLa1@02<>@3<@@2=@D01cTV?FU1RdG;eIA00=JT`=J U003GYAN]5ZC009JT`03G[AJTeZC00AJT`03FYAJTeZC00QJT`9JU003F[AN]5jd005JU00000U_OWOO LkiS>U:D@PleZbe8;BL00S5800@]:2359>HeJP?Jdm[3V;>J`i[CF/>J`mcSW=L]BP8aJ`03;F/aS3F<008]J`08;DXQ2248;D/aK2e;:BX]B` JheS2U:;D/]BS5[=H`iS3f]0091c@05@Je1[4F/ALa=k@02DPh0257]DNaEk5G/EN]Ik5X= GPd2FPd015X]FPeRCfJ@0V9?00AVKf9?HTmRC`AVL00:HTmN;VI_JY5VL69@HW1VLFZcK]D2L_D026jd JY9^/fZCHU1N;f9`IW42IY401FJ@IW1VL69_HTh00UX]00=RCfI_JY000VI_00ARKf9>HRiRCP9N;@03 FPeJ35X<00=Ej`04DNYAbU7:CLT2BJT01DV9AHQ5RD58>BL00SU800LT iRT6@`i08a100:<>@e1CD5=BHmB46[ALa:3Th_EW43FY<2F[@3FY@3FY<00ejdFY=JT`03 GY@3FY@3FY<00ejdFY=JT`02FY<015jDFYAJU5JD0UZd0EZD00002FmnMmmc_VLjD[A23cF[;FP]A`02 H`m[08i[00@=J`i[3V]=H`]JbD88>L]BReZP00be;DPe=k4g<009Ak003ENaF35W]009N3@08GRiN;Eh^HRiR CUX=FReRCP9RC`03HW1VTFJA009VL003HTmNCVI`009ZT@05IY5VLFJBJ[A^m@02LaL02g;eK]E^e6JB FRmJ3V9@IW5VTFJaIY400VI`0V9_00aJ;Ei>HW1VT6jaIY1VKf9>HViRCUh]FR`2GRd2FP`00eG[FP]F 2`02DNX02U7:CLY=bDfYBHU5RDEX?DLi9cU80SE800@TiQbT588DQ08LaP069>LTiRT6NNmm_WVLjD[A23SF[J`m[3f/>J`e[3F;0SF/00PLibe;Ja1cCf/?J]5b`02CNd00e8=DNeAk004EN`01UW]GPeN;Uh^GPeN;P9N;@9J3@0=HTmVL6I` IW1ZTFJAHTmRKf9?HVmVL6JAIW400VJB01IV/f[EK_I^mW;fK]E^e6ZbGTmF3UX^GTmRL6JAI[5VTFI` HW1RCf9_GTiNC`9VT003J[5VKf9_009NCP07GReF2eXDL00SE800@PaART6:LTiRSV;BHXiBS4<@D00S3S00Xa12cS=@De 9SE7?HU5c4W]CPmFD09JTP9JT`06EY=FU5ZDFYAJUEjD0eZD0ejD00UJU5ZCFW=JTeZDF[AJU5ZCGY@0 0UZC0ejC15ZD0EZd0EZD000027>NNmm_WFMJE[A23SF[;FP2J`i S3V<00J`mcSV]=H/i[002>Jd0135[:BP]BS5[0ReZ0S5[00`Y:BDY:DXU223X:BX]BbDY9@T] Bbe[:BX29@T04bDY9@PPib486:HPj2e;=Hd]Bb3X9@Ti[CV^=Hde[SF=;F`aS3F]008aR`04=H`mcD7= @L`2BLd01DWGReN;5X/GRd2GRh2GRd00eXLU208Y200C:BLY1RSU:>@a1C3T<@@`i2cT<@De9SU7@JY9k4h>CRmF LEZCF[<01EZC00=JU5ZCFY<00eZC00AN]5ZCFY=NT`9JT`IJU09JT`=JU09NU003F[AJU5ZD005JU000 00YcWW_OKgeW>U:d@PleZbeX;DL]B08]9`049H`03SV]>J`iS3V<>Jdi[3f]@NhmcC5[ =F/i[Cg>>Jd2;DX2PU2C5[008aS007=JhaSC5/Jd00SV/00Hm[46/BLe9c4W;BL`2CN`01U7/EPaEk5G/EPaJ 309N;@05HReRCUh]GReN;P02HTh02Eh^FReN;V9?HTiNCV9_IW1VK`02HW001fIaHW5VTVkDK]EZe6Zd 00=VTP0:HW1NCf9_JXmVT6JBJ[=ZdfJbIY42IY82IY402fJ@IY5VL69`GTiN;V9>GTiRCUi=GRd00eX= 00MJ;5XBLe9cE8;@LTiQc58>H00RCW0RdY01@a12cS;>@a9SE7>FQ5bdW]CPiB<5IbF[=N/`02FY<2F[<01EZDFY=JTejdFY<00UYc00EN TeZCFY=NTejD009JT`EJU09JT`=JU09NU003G[AJU5ZD005JU000011cWWOOKieS>E:d@PleZbeX;BLa B2T7;BLTiR35=F/m[@8eS0@i[@0G?Jdi[CV]@Ni1cSF<HdaJbe:H`m[46/BLe=kTg/BLa=k57/DPaF35H;EP`3FP`2GRd00ei>HTiN;@02HTh3GRh2HTl01eh^ HTmVL6J@IW1RKf9`009RT@03IY9VTfJc009V/`9VTP06JY9RL5i?HTmVSfJ@0VJB0VJb0fJB0fJA0VZA 00=VL69?GRh00V9>00=N;Uh]FPd015X=00IJ35G[ENYAjU7:CJT2BJT064V8AFQ5J458?DLi9SD6<@Li BC4X:@LPaRD79@PTj2dY;BPY1bT6;@DXi2cT<>@a108/i00:=BHiB3f9BLa>3Th?DU1FLUZdG[@2FY<3 GY<6FY<015jDFY=NTejC0eZC1EZD1EZC00=JU5jDG[@00eZD000046nNMmmcWVLjD[A23cF;;FP]Ac58 ;BL]:2CV8>HeJcg=0SV/0cV]00@m[Cg>>JdmcP91kP07>JdeJc5[=F`i[CF<;DX00S5[00HY:BD8;DTY :BD88>L38@P29@T39>P01RD88@PLaaS67LPabD8:@TPj23W9BTYBbe/H`m[D6]ALe>3U8>BLa=k580V9? 0VI`0VJA00ERTF:BI[=V/fJB009VT`9RTP0:I[9VTF9`GTmRCf:?IY5Z/fJdI]<2I[<016ZcI[9VTFIa 0VI`00aZTFI`HU1N;Ui>GRiN;EXFXeBC4Y008Ti`09:@PY2BD89@LXiRT6:>D]1C4600CRmFDEZC F[ANT`02FY<00ejCFY=NT`02FY<01EYcFY=NU5jdGY@00ejC0eZC1EZD00QNU5ZCFY=JTeZDGYAJ]5ZD 0UZC0EjD000036mnMmmcWVLjD[A23cF:;DPaB3EY;BPaB08TiP03=H/mcCV/00@i[@03?Li1kd7_00JdaJbe:LU223W7PPj1c68>PYBbe/HTl00V9?0fI`00eZ/FkCK]=Ze6keL_I^mFkEJ]AV /f:BI[9VT@02HW42IY403fJaJ]AZeF[dJ]AZdfZcIY9RLF9@HW1VL6JAHW1RC`02GRh015h]FReJ35X< 0UX=0UW/00=EjeGZDLX00U7Z011=bDfYCJU9RD5X@DM1B3T6=>He1cDY>FXaBBdY:@PTi`8Y:@8U1`07 ;BP]9bSV;@H]1BcT<@@00S4500TeASV9@J]9kTh_CS1FLUZCF[@01UZC00ANTejcGYANU09N]09JT`9N T`03GYAJTeZC00IJU0=JT`03GYAN]5Zd00AJT`0000Q_OWOOKieS>U:d@PleRRe80S5800D]9bdX8>DT iSEZ00Jdi[3f]?Ld5?Lh02cV]=H`aK3F<>Jhi[BTZL00RT800@TibD88@LLiP8P i`0:7GRiRCUh]FReEjeX=EPaEk5X=EN`015G[00mEjTfYCJU=ZDV9AFQ1AcdW>@He1SDW =DTmRcE:;BT012TY01HU22TX;DT]:34W;@H/i33T<@@a1CDV>FPmRTG;e8`EW9JTejDFY=N]0AJ T`08GYAJ]5jdG[ANU5ZDFY=NT`9JT`03G[AJTeZD00AJU0AJT`9NU003G[AJ]5Zd00=JT`0000Q_WWOO KieS>E:d@PleRc5Y0S5800ha:2dX8>DU1c5Z>J`iS3V/>JdiS3V]>H`eS3F;0SW=00L00QS50aBU0QRU00@DQARU7BLe9SD6=BPiBSf<=F/aJRe:0RTY00TYBRTY;DTaBC58=DT] 1RST<>D00S4500de9SeY@HY5c4h?CRmBD5IbFY=NU5ZCG[ANU00:FY@00ejdFY=JT`02FY<5FY@01EZC EY=JU5ZDGY@00eZC00=J/eZDFY@00EZC00005VnNNmm_WVHaJSV< =H/iS3F<=H/i[3F<0SF;00@i[CF/>Jdi[@8eS003LPiR478>LH a@H/2@J`024F/BLa=jdg[DN]EjeGZFP/2EN/00eX;GP]Ij`03FP/015h/GPaN3EW/0UG[00aN;Eh= ITmVL5h^HTmVTF9@EPeN;f9aIW<3HW801F:CJ]EZ]6ZcIY800VJc00YZ/fkdJ]AZeFJeJ[AZeFZdIYAV T`9ND@07HY9VTVJBIY9ND5X^EPd00UG/00A=ZUHF/aJc5:;DXU22TY;F/YBBe9HXa33U<@De1CU7@HU5ZdW/CRmBD59A FW83FY<H02359=H/eJcE[=FXaBS59;DT2;BT01S59LU223W5:@@H`LH YQBU7CJY=ZeH>GU1RLF9b0fZd00=V/f:CGY800VJd00=Ze6kE J]D00VJd00EV]F[EJ[ERLeXa009B400=FU9RTfZdIY=RLUiAERiF3U8=CNaF3EX^EPd015X=01eEje7; DL]AbdfZBFU1Ad58?DLi9cDV<@Le:3EZ>F`eK35[;BXY2Be:=H`aJRdX=FXa:2d6:>D/a2cT008e9@08 ?HLmZDG;BNa>;U9?EU5JLP=JT`03G[AJU5ZD00YJU003GY=JTeZC00AJT`03F[AJU5ZD00QJT`9JU05J ]00000U_WWOOKieS>E:C@PliZcEZH01R3V9>HY22dYH]1[002AL`01dW00UJ3UX=ENaEjeG/EL]=ZTEX?BH00SdW028i9SDV=BLiBSU[=F/eK35;;D/]:Re: E:C@PleZc5Y0S580RdX00PY 1bCW:@LU1bCV8H`eK3V==H`aJbTZ8>LY:BeZ0RD700dPiaRU7>HL iQBT46<@Q1B448BL2=BH0134W=DTaBRd90RdZ00TY2RdZ;BXY22TX;BP]1bSV:<@00S4600T`i3U6>FM1ZDG: BNa>3U9?FW400UYb0UZC00=JU5jDFY@00UZD0eZd0eZD0eZC0UjC1EZC00=JU5ZCFY<01EZC0UZD00=J TeZDFY@00EZD000027>OMmm_WFLjD[A23cF;HdeSC5;9@TLabDY;F/00R4700HLiQRU6J`mZd7 DNa=b`=Ej`0YEP]EjeG[FN]AbUG:DJU=ZEW/GRiF34VY?DLiAcTWCNaJD5H_BLa5RTF[BLa1RceZBLe= cTg^EQ1=kdg>BLi5[D6/@H/mJcDY<>LXaRC69:HPY@0278D02R2V90Tg^ 00E9[3TX=BM1RTF:0099Z`9=b`0EDNaAkE7De1STW=BHa9S47;@PY22CX9@PY2BTY;BX] :BT8008]2003:>HXiBST008a1P09=BDmJ3f9@JY5jdh>DRmFD5Ya009JLP9JT`9JU09JT`03FYAJ]5ZD 00IJU003FY=NU5jD009JT`04GY=JTeZCFY@4FY<2GY@00eZDFY=JT`04FY@0000=LiiggfnMHcUB]48> =HXaJ358HdeSBe:8>PH aRD8;F/Q1b3W7>H26HD Q0aR48DQ9c5YaGW5B3`02BLd01dG=>FXa23U:?F/mRdF]0091S091[@07>F/iBSU:=BTa 22C688@00QQS01HDHa1356L01B379>PTj2379>L00RSW00hTiRC4:>D]1C4V<@He9CU7 ?HU5bdG/CPmFD5Ia0eYb0UZC0UZD0UZC0UZd00AJU5JCFY=JT`9JU0=NT`=JT`04GY=JTeZCF[<4FY<2 GY@00eZDFY=JU004FY@0000=KgiggfnMHcUBU48?=JX]B2e7HY1RSV9>Ha:CVHY5c4g]DNe=c4f[CJYAZeG/DL]AbU7[EN]AbUG[DN]AbU7[FPeF3E7/CNa=kDF[@J]=kUYA EU5=kdW^@Jd]222T;@LXibd800F/3=DX01Bd89L2PTib368MIcYB]48_=J/aJC58LXibSV0bT71BT60RT702@]:3E9>H`aBRdZLLabDYHD YABT48@DQ12446@@Q1B448@@I0aS36@LHHb2U8L00bCW00DPaQRU58@D Q11S00<<@P0844<<@Q1S56Pa:C4Y<@Ta:3DX=DTiBC479:@LPbcVLPYQRU0QbV00PPiac67:DLYB369FPmRDG;BPe>3Th`EW800eZC25ZD0UJC 00=JTeZDFY<00UZC0UjC15ZC0UjC00=JTejCFY<00eZC0UjC15ZD0EZC0EZd0EZD000037>oNmm_WFLj D[A23SF[LXiRCV008Y1`HY1P8Y1`0H;@PeJbe:9@PY:RU;9@TLaacW9BTa S2TY7HHiQBT58@@Q11S48@@Ha1T0a2410aS00l@HaBU58@@PaB45:@DQ11S368HdiS3E/;BX]:BT8:@LY22CW9>HPiRCW 9>HLYAAS00@@H`0L58@@H`a2468<8A127:DPaRCW9>HTaR358:DY22C68:DXiRSW9DU1BDEIc00IJT`EJ U09JT`03F[=J]5ZD00=JT`03GY=JTeZC009JT`9NT`05FY=NTeZCG[=JT`02GY<01EjDFYAJU5ZDF[@0 0UZD0EZC00002G>NNmm_OFLjDY@mkSF[H01BT60RSV0RT700D]1bT7 :@LeJS5[008Y:@0=7:HPib3W8>LY:2e9LHY08DH`8@H`0558@@Ha1S46<<@P0246<0 3QAS58@HQ1RU68@HY2357:@LQ2369H38:@02RSV;@PTiQRU58@HQ1RU7:HLYAc50QR4010P aBSU9<@Xi2d5NMmm_O6LjDYA23SV[LY22dY>F]5cDW^AJ`00SU80T6:024iJCeY<@LTXcD6CNeF;U8=CN]=k57]CNa1RCDW =DPiJBd77:@PYBC6:>La:RT87:DHQ1RU68@@HaR57:HU22TY9@P00bCW00`Y22CW:@LY1bCW:@PY:2CW 6:DHQ1B456<246<0111R46<@Ha1R0Pa200`@HQAS58@DPaR47:@HY1b47:DLY1R37:@28:D28Da9S4U=DHiId6YAL]:3Dh_DU1FLEJC009J]003FY=J U5ZC009JT`9NT`9JT`04FYAJ]5ZdF[<5FY<3FY@2FY<00ejCFY=JT`04FY<02EZdFYAJU5ZDFY=JU5Zd FY=J/`01FY<0000:LiiggfmmHcUBU48?=J/aJBe7;FP2;DP00bTW9@HY1`02:@L3:@H01BSU:>HY1Rd7 :>H00Rd700@Xic59=F/]BP8Y:@069@PLaQcW9@PaBbD80QRU0Qc600FTmRSE8788H@3E8CNeB3Th=009B3@08CLa1RS47L00RT700HPaRCW:@PTiaRU58@256<01QB3 46<@HaB448<@H`8<@P0446HXiRT70Rd7018aBCU[=F/]BRTY8>LLaR489@P]BRCW7FXeB@8iJPHPaR3V83e8a009FDP03EW=JLeZC00=JT`9NT`9J T`04GYAJU5ZDFY@2FY<00eZcFY=JT`02FY<3FY@5FY<01EZDF[AJ]5ZDF[@00eZD00AJTeZDFY=JT`9N ]00000Y_OGNoLieS>E:C@PheRS5X;FPaJ@8Y9`03:@LU1RT700@Y1P06;@HY1RT6:>HXiBT70Rd700Pa :359=FXaBRe:;BTTiabU0R3W00HaBCf/ALe:3dW=BNi=kTW=>FT/iP8XiP037:@HQ1bU007:DTibTXHPiR367:DHQ1AS46HPmZTG3e8`0UIB00=JLeZCFY<015ZC00=NTeZCFY<00UZd0UZD25ZC1EZD0UjD2UZD0UZC0Ujd 00002W>NMkm_WFH00RSV00D]1c59=FXi Jc5Z008]:@079@LHYAc68>LU223W8Ha1[D7>ALi1[@95c@07?FX]1R2T688LY1R46:@00QB400DHYAB4468@HaB4008@ H`0D46@DQ1RU7D]1C4V=BLiAcf9@JY5c4W]CPmB<5IBFW<9FY<4FY@015ZCF[=JTeYb1EZC00AJU5ZdF[AJU0=NU0UJ U004GYAJU5ZCGY@1G[@0000:Miig_fmmHaUBU48>=JX]J2TW;DP2;BL2:@L5:@H00bSV:@HY1P02;@L3 :@L02C4X=FTiRcV;L02B366:DLaQRU58@HYB3V5:@@H`0348<01Q1S348<@PQ1 248<@P<LPaQRU8CRmBD5Ib0eZC00IJ/eZdF[=JTeZDFY<3FY@3FY<00eZcFY=JT`05FY<00eZDF[AJ U002FY@2GY@8FY@00ejDG[AJU002FY@1GY@0000:Liig_fmmHcUB]48>=JXaJ2dWHX iP029@H00bCV:@H]9`03;BL042d7;BL]:358PPiaRU58DLab378>LU208Ti`0:9>HTibC69LU21c67:DPaRdYDXiRd6L01b3V7LPaR3V9>LPaQc68F/00SV:00Pa :2357:@HQ1RT58<LPaR35 7D]1CDW=DLiJ3f:@J]9c4h>DRmBDEIbEY801eZC00ANTeZC FY=JT`=JU09JT`03FY9JTeZC009JT`04FYAJTeZCF[<9FY<3FY@015ZEFYAJTeZC0eZD00004W>NNmm_ O6L00S59018]:2SV8FPmJD6[ALa9kDh_DS1BD59aEW9FT`02 FY<3FY@3FY<3FY@2GY@00eZDFY=JT`04FY<2FY@3FY<00eZdFY=JT`05FY<5FY@2FY<1F[@1FY@1FY@0 000:LiiggfnMHaUBTd8?HLYAc56:@HP`DHY00456<@HQAS4682344010a2468@HQ1S 0Pa20Q1S00<@@Pa234800`Q100<<@@a234800Q1S014HPb359>DXiBd6<@Ha9SU7?FU1RTG3U8` EW5FLUJB00EJT`03FYAJTeZD009JT`=JU09NU004FYAJTeZCGY<3FY<2FY@2FY<3F[@6FY<6FY@3F[@1 FY@00009Kgig_g>MGaQBTd8>34HXi@DLmJD6[ BLe9kDh>DU1FLP=JT`03F[AJU5ZD009JU003FY=JLeZD00IJU006FY=JU5jdGY=JU5ZC0UZD0UjD0UZC 0eZd1EZC1UZD00=N]5ZdFY@00EZD00003VmmLkmcWElHCYHLaAc67HLaQc58>HHYAB368@LaB366:@<@AB3 0QB40QRU00D@H`a2368<@Q1S008DQ08HY@0;7Da 1S46=BHiJ46:ALa9kTh_DU1FLEZBFY<00eZd3eZD00=NU5ZCFY<00eZD0UjD0UZC00=JU5ZdFY@025ZC 0eZD00=N]5ZDFY@00EZD00002fnNMkm_O6HLa@026:@03QBT58@DY1BT6:D@PaAT58@<@QAT6:DDQ11S58@246<234800aAT 34888@0234801A1S46@DI1B45:D00a2400/LLaQB47LLYAc57:@HXaR30QRT00LHPaB356<@HQ1S348< @@0234802Pa1348<@Pa236<Da1SDV>DM1RDF[ BNe>3Th_EU5JTP03FY<2EY<00eZDFY=JT`02FY<3FY@015jDFYAJU5ZD0UjD00EJU5ZCFY=JTeZD00AN U0=JT`03G[AJU5ZC00YJT`03GYAJU5ZD005JU00000Y_WW>oJe]S>DjC@PhaRC5X;DLY9`8]B006;BP] B359H]1S46=BLiB3eY@JY5c4W]CPmBD5Ib0eZC0eZD00=J]5ZCFY<00eZC1UZD0UjD0eZC 00AJU5jDFYAJU09NU09JT`9NU0aJT`9NU09JU00000Q_OG>oJgaS>DjC?NdaRS5X0RdW00@aB2e8;BP] B08aB@8eB@03L04Ac66:@PaRCW:@LTibT89>LPaRCV 83P02DU001EIbFY=JTeJCFY<00UZD00EJ/eZCF[=J/eZC00EJU09N U0AJT`9JU003GYAJU5ZD009NU005FY=NU5jDGYANT`03FY<00ejDFY=J/`05FY<3GY@1FY@00008Kgec _V]lHcU>Tcg]>J/aB08]9`06;DPaBBTW;BPaB35Y0c5900HHXaB36:@HQ1B36:@LaQRV46@346<01AAS6:DHYAB436<00a1S00<<@Q1S34800PPQ00@@@aB458@@ P`8@H`8DQ00846<<@Pa2348LLaQbU8>H00RCV0RCW00@TiRC68DY1Bd6;@Da9CE6>FPmZTG;ANe>3e8`CS1FLUZCEW=FLUZC FYAJT`03FY@2F[@4FY@00ejDFY=JT`04FY<4FY@2FY<015ZDG[AJ]5ZD15ZC00ANU5jdGY=NT`IJT`=J U000015_OWNoJgaO64ib?NhiZc58;BH]9bdXH0 1B369>LTaRC69>H00b3500/PY1bT7<@LY1R3468@Ha1R448@Ha1R008<@P0534488@a1348<@@022240 0``Q344@HP0246801Qc47FLmR3fZ@L]5kDh?CS1BDEIb00=JT`9JU0=JT`=J U0AJT`03GYAN]5jd009J/`9JT`03F[AJU5ZD00=JT`03FYAJ]5jd00=JT`9NU09JT`03GY=JTeZC00EJ T`=JU00000Y_OW>nJgaO64jC@NheRS5YHPaBCV008Pa@039>HPaB35008TiP089DS1BD5IBFW=JT`=JU0MJ T`9JU09JT`9NT`9JT`9J/`03FYAJ]5ZD00AJT`03FYAJ]5jd00=JT`9NU0]JT`9JU00000M_OG>NKgaO 65:C@NhaJP02=FT02C58HT iR357:@LaAB3344@@Q1R0Pa100D<@Pa1224<@A12008<@P04344@HQ12444256804AB26:@PiBCU:@Ha 9SU8>FPmRD7;ANa:3Dh_DU1FLUIaFW800eZC0UZD00=JTeZDFY<01EZC0UjD00=NTeZCFY<00eZC00=J ]5jdFY@00eZC1EZD4UZC00004VmmLii_O5lHDY=1kS5Y=FTeB357HPaBC68D00RC6 00LLY1R368@@HPa1468DH`0234401@a2344<@@a134800`a10a1R00lDHQR36:Td8>HXiRbdX7:@DHP`Q58@HYARV6:D@@aAT6:@@Ha1R58<@ HaAS0Q120Q1S00@<@Pa1348<@P8<@@8DQ00:48HPaB358HY1ZdGNKgaS64ic?NhaJS59:DL012e700TaB35Y3e8` EU5NLP=NT`]JT`03GY=JTeZC009JT`04GY=JTeZCGY<3FY<4FY@00eZCFYAJ]004FY@00eZdFY=JT`02 F[@3FY<00eZcFY=JT`04FY<2F[<3FY<0000Lcg==HX]B2e6:BLaJ3580RdX00DaBC58 HX00TG]00@eRQR3 344@HP468HY2CV;BPeJT7NJeaS64ib?LdeRS58;DH]Ac58;BL]1bdX0c5800J]5kTX_ANhTiQ1Q220HQ1RT58;eIaG[<00UZB1EZC0UZD0UZC00=JU5ZCFY<02EZC00AJ]5ZCGYAN U0=JT`08GY=JTeZCFY=FTeZCEY=J/`EJT`=JU0eJT`0000QcOW>NKeaS64ib?NdeRS5X0Re700LaB2dW ;BPaB3E9Ha5kU9BCU4aJQc54680 11B300<@H`a246<00QB40a1S00THHY1B36:<@HQB3 6:@0111S0Q1R00<@HaB458<00a1S0Q1R0Q1S00DDQ1c56:DDPa23008DP`08468@Ha1R46<@@a1S348@ HP8DP`0458@DY1B3468256<01AAR56J]1cDX>CRmB D5IaG[=NTeZB00EJT`9JU09JT`AJU0MJT`03FYAN]5ZC009JT`9NU0=N]09JT`04EY=JTeZCF[<2FY<0 1UZcFYAJTeZCFYAJ]0YJT`=JU00000YcOW>NKgaNn4ib?NdeRC5XHa1c`9FU003@Nhi[2D7008HY00568LT7]=HTaJ357;DL2;BL2FXeBCEZ=DXaBCE9=FX00cE9010eJCEZ=FTeJSE[=DXeJcU/@LmFUE9c@Nm63cF[8>HLa08HY003 6:<@HQ1S008DQ00646<@HPa236888@Q10PaR00@@HQ223448@@8D]B35X>H]1cDH>CS1BD59AEW5JTPIJT`03FYAFTeZC00UJU0=J T`9JU003FY=J]5ZD009JU0MJT`03G[=NTeZC009J/`=JT`07F[AJTeZCF[AJ/eZdFY@00UjD0eZC00=J ]5jdG[@00Ejd00002FmMLge_O5kgDW91kCF:F`044G`EYEFM4H@CU51kRU87<@DPQc36:@DHa1S 58@DQAAT0Pa200<@HPa234800Pa200L@HQ23468HLY@8HP`0358;dh`DU42EW400eIbFW9JT`04FY<00eZDGYAJU002FY<00ejDFY=J T`03FY<3FY@2FY<2FY@015ZCEY=JTeZC0UJC0eZC0eZD0eZC00=N]5ZCF[<00eZC00=JU5ZdF[@00UZC 0UjD00=NTeZCFY<01EZC0002Lgd01VmkG_MBLSg=>HXaB08]A`0:F/iJcf<BRm>D59@EW43EW8015YcFY=JTejC15jD00=J U5ZCFY<00UjC15ZC1UZD0UZd00=JU5JCEY<00UZD0eZC0UZD0ejD00EJTejdEY9J/eZd009JT`03FYAJ TeZC009JT`03G[ANU5jD009NT`EJT`0000QcOG>NJe]S5dib?NdiZc580be800@]BBdX;DLeJ0@eJ@05 =DTiJSEZ=FXeJ@04=FX00cUZ>HXiJP02>HX03cUZ>H/iS3V<>Fa:4EZEEYE><59ADS1BL@02EW800eZCEW9JL`03 FY<3FY@00eZCFYAJT`03FY@2FY<8FY@2FY<00eZdFYAJU002G[@01EZDFY=JU5ZCGY@00UZD0ejC00=J TejDG[@015ZC00QJU5ZCFYANU5jdGYAJU5jd0UZC0EZD0EjD0EZC000027=nLii_FekgCW91kCV[FXiRcU[>F`eK4XAFYEFUDhaDW9B TUJACTm1k35X6:CU1BLEZB0UIb00=JLUIbEW80 0UIb1eZC0UZD0UZC2eZD00=JTeZDF[@00UZC00IJU5ZdFYAJTeJCFY<4FY@3FY<2GY<00eZCGYAN]004 FY<2FY@01UZCFYANU5ZDFY=NU09JT`9NU05JU000015cOW>NKgaNmdib@NhiRc5Y;DPaB2e8;BPaBC58 H/iJSEZ008iRP0:>FXiRcU[>F/eK4XAFYEFU4XaDW82EY80 2EJbCU123BTW588@HAB258<@P`0258@258<02Q1R348<@Q1258<@HQ1246DY9cEZ@Le:3U9@EW5JTUjCFW82FW<4EW87FY<2 FY@2FY<2FY@00eIcFYAJU005FY@2FY<2FY@00eZCEY=JU002G[@00eZDFY=JU003GY@3FY<01UYcFY=N U5ZCFYAN]09JT`UJU005GYAJTeZDFYAJT`01FY@0000>LgicWVmLG_M>LSg^=HXaJBe8FX01SEZ>FXiRcUZ=FXiR`8iJP0A?H/iJcU/>Fa5l5ZEEYA:D3g<:BLHXP0258401aB26:@DPaB36:@DQ11R008<@P0>46<@HPa2468DPaRT7BRmBLEJB009JTP09GY=JLUjC GYAJLeZCFYAFLeZC009JU003FY=NU5jD009JU0=JT`9JU003EWAJU5ZD009JU004FYEJ]5ZdF[@6FY@4 G[@015jDFYAJU5jD0eZC00=JLejCG[@00UZC00ANU5ZCFYAJU0=NU005FYANU5jDGYAJU003GY@2FY<1 FY@00009LgicWVmlG_M>LSg^=HXaBBdX008]B005:BP]BC59=FTeJP02=FT013E9=FTiJSUZ0SEY0SUZ 0SEZ00LiRcUZ=FXiRcV:>FXmR`02>H`023E/AO1JUEJDBS5BLeJCDW42EY80259bCU163C5X6:8DDi@EY9JTeZB FY=NTeYcGY=JU5YcFY=JU5JCFY=JU5jd0eZC00=JU5ZCFY<00UZC2EZD0eZd1eZD0UjD0UZC00aNTeZC FY=NU5jCFY=NTejDGY=JTeZDFY<2FY@3GY@00eZDGYANU005GY@1FY<1FW<1FY<0000?KgicWVmlG_M> LSg^=HXaBBdW;DPaBBdX;DTaJCEY008eJP08=FTeBCEY>FXiRSUZ>HXiJPF/iJSEZ008iR`0? >FXiRcf<>H`eK4G`FYEJ]DXaDW=FU59bDW5BLUIb009>;`0;@N`aJ2D57<HmcEJBFY=F TPAJT`9NT`05GYAN]5ZDFYAN]002FY@5FY<2FY@2GY@2FY@00eZdFYAJU004FY@2GY@00eZDFY=JU006 FY@2FY<3GY@015ZCGY=NTejD0UZC00=NU5ZCFY<00UZD00INU5ZDGYAJU5jDFY@4GY@01EZCGYANTeZC GY<00EjD00002fmnLii_O5kgCW8mkCF:FT01CUZ>HXi RSUZ=FX00SUZ00FX013V;01dmSCf]=Fa645JEFYE:4E9cEYAFLe9aEW9BLEIaDU1>;dH=?L/] AaB2240<@A1R7DY:08YB008@NiJU5ZdFY=J/eIbFW9JL`9JT`07FYANU5ZDFY=JU5ZC G[@01UZC00IJU5jDG[ANU5ZCFY@2FY<01UZDF[AJU5ZDG[ANT`=JT`IJU007FY=JU5jdG[ANU5ZCG[@0 0UjD00=N]5ZDFY@00UZD0ejD1EZD0UjD00MJU5jDFY=NU5jCFY=NU001GY<0000;KgecWFmlG_M>LSg] =HX]B2dX;DPaJ@02;DT00c5Y=FXeJP02=FX00cUY>FXiJ@02>FX00cUY>FXiJP02>FX2>H/04SV:?H/i RcV;>H`m[Cf^>He:4EJEDWA:4E9cEYABLe9aFY=FLP=FL@08DU1:;d7/:BHLhaB2464HY08LaP057:DH Y1B358@DP`0258801QB368FT01CUZ?HXiRSUZ>HX0 0SV;01@mRcV;?H`mS3f=>He:LTiQRT6:@DQ1B30QR400DDPaR36:FX013EZ>HXiJSUZ0SUY0SUZ0SV:00H/00SV;0Sf<0SU/00hi S4XAFYEBLdXaEY=FU59cDU5BLUIbFW9FLUZC0eZB00iFLE9a@NdaJB35444HPb3V8<5IbFY@02EZC 00=JU5ZCFY<025ZC0UjC0UZC00=N]5ZDFY<02EZC00ANTeZCFY=JU09NU09JT`03G[ANTeZC009N/`9J T`03F[=J]5ZC009JT`05GYAN]5jCFYANU002FY@01EjDFYAJU5ZDGY<00UZC00=NTeZCFY<00EZC0002 Kgd02FmKG_M>LSg]=HXaBBe7:BL]B002H/eJP02>FX00cEZ>H/iJP03>FX2>HX00cV;>HXi JP04>H/2?H`02SU[>F`iK4XAFYEFU4XaEWAFU5Ic1EIb00AJLeIcFY=JT`=FTP04BRleRQc356425880 1AbT7<@La1c57:@00QR30QbT0QR30QAR00hHXabT68CS1FLE9ADU1:3dh?EW83FY<2FY@5FY<00eZc F[AJT`08FY<015jCGYAJTeZC0Ujd25ZC0UjC0eZC0UZD0UjD00=NTeZCFY<01UZC0UZc00AJTeZcF[AN ]09JT`04FYANU5ZDGY@3FY@4FY<1F[<1FY<1FY<0009_O@0>Kg]Nmdib?NdeRS5Y;DP]9be8;DT]:CE[ >H/eJP8iJP03=FXiRcV;00F/mK3V=BQ02FYD00dXADW=FU003EW<04EYcEW9F LUIbEU9FLeIbEW5JTUZCEW5>;cg::@DHPA1068800R3400H/iRPLiR`8i[003 >H`iRcf<008mS08mS@07BQ1J]EZEBS5BLeZDEW<00eIb0UYc15Ic00iFLUZBFY9FTUJADTm1jbe76:8D HARR7<DEJBEW9BLP02EY801U9aEW5FLUIAEW9JT`EJU11JT`03GY=JTeZC00IJ T`04F[=JTeZCGY<2GY@7FY<015ZDFY=J/ejd15Zc00EJTeZcF[=JTeZc00=JT`03GY=NU5jD00AJU0EJ T`5J]05JT`5JT`000Vmm00M_O5kgCW8mkC69;FPaB002;BL00cE9H/00cF;>H/iR`03>H/0 13V<>H/i[3V;0SV<00H/00SV;00TmS3V@268801QRR688La2357H/00cV/>H/i R`02=H/00cV/>H/iR`06>H/2?H/3>H/2>F/01SE[>H]1cTX`BQ1BDPAFL`03EW9FDUIb00AFLP=FL`=J T`9JTP08DU163CfZ:@DHXQ10340HPPBS1>DE9bEY=J]09JT`03EY=F LUIb009FT`9JT`03FYAJTeZD009JU003GYAJTeZC009JT`04FYAJTeZCFY<3FY@2FY<2F[<4FY<8FY@8 FY<01EjdGY=JTeZCFY@00eZC00AJ]5jdF[AJU0AJT`03GY=JTeZC009JT`04GY=JTeZCFY<2GY@2FY<6 FY@0009cO@07Kg]NmdYA?NhaJBeX;DP00RdW0S5900H/00SV;0SF;00@i[3V;>J`iS0DiR`8m R`06>F/eRcF;>H/iJcEZ13E[00E>DEZdFY=FTeIc00EFLP05EY9FLUIcEY=FL`03FY<02eYbFY9FLEI` CRhmZRTV7<NJe]NmdYa?NdaJBe80Re7 00<]9c58=DT00cV;0SF:0cV;00H/00SEZ0cUZ0SEZ00<@9J U004FY=FLUZCFY<2EW801EZCEY=FLUIbFY<00UJC011JTeYcEW9JTUjcFY9FTE9?BPdiRBe7:@DPi1RR 5:4HPP8DPP8HP`03568@HQ1R00@DH`09448DQ1R4448<8@a244HXiRcV;0cV:00H/00SV;13EZ00DeBC4YNdaRBe8:BL00Re700H]9cE9>HXmRcV;>HX2>H/00cV:>H/iRP02=FX00cEYFXiRcUZ=FXiRcV:>FXeJSE90S580SE90S5900H/iRc59=FYBDEZCGY=JTP9JLP03GY=JTeZB009FLP=JT`05FYAJTeYcFW=JM002FY@01UYcEW9J LUYbEW9JLP9BD009CTm>;dX^AN`mbcF9;BHTi1c3008HXP8DP@046:8DXQ21464258802A1R48<@H`a2 44<@HaAT448@H`0256<01QB46:@HY1B3568@HPFX2>H/2>HX01CF:>HXi RSV:=HX00SV;00L]BCEZEU9NTeZCEW5JLP04EW801EIaEW9JLUIbEW<015Yc00=JM5jDFY@00eZD00=J LeYbFY<00UZB00mFTEIaEW1>Cdh^BPe1bcVY;DLU9B3S6:4@H1B05:400aB100@DPQ1R488@HP<<@P09 46<@HQAS468DHaR46:DHQ1AS008@HP0668LSg]=HXe JBTV;BLaB34XH/iRSUZ1SV:00DeJS59>F]B DEZC009FLP04FY=JLUYbFW83FW<01UZCFW=FLeZCFW=JM0IJU006G[AJTeZCG[AN/eZC0UZB00]FTE9` CTm>;TX=AP`mbcFYDE9bDW=FLeZD009J T`03EY=JTeZC00MJT`03FYAJTeZC00IJT`03FYAJTeZD009JT`07FYAJTejDGYAJTeZDGY@015ZD0eZC 00ANU5jdGY=JT`9JU003FY=NU5ZC00=JU005F[AJU5ZCF[=J]006FY<00eZDGYANU003FY@01ejdGYAJ TejDG[ANTeZC009J/`03FY=N/ejd009N/`05GY=J/eZcG[=JT`03F[<015ZCF[=JTeZC0UjC0002Kgd0 1V]KF]I:DCg]=HTaJ08]9`@aB@8]:0FTiR@04>HX01SUZ=FXaBCV/ DU5JT`9JTP03FW9FLUYc00=JL`9FLP9FL`9JL`03FWAJU5ZD009JU0EJT`09F[=JTeZBEW9JTUIaDW1B LE9@009>C`0BBRi6347/?L/eRBe69@DPhac26:8DPABR7<@Ha1RS58<@PQBS0QRT0QB300@HPabT7:@H X`8DH`0F6:@LaAc67:DDPaRS58<@HQB37D]B35ZFXeJP02=FT02SF:>HXi RSV:=FTiRSEZ>HXmRSeZ0Sf:00TiRSUY>HXiRSEZ;BPeJe9BG[@00UZB00=JLeZCFW<00eYc00=FLeIb FW<00UYc1UZD25ZC00AJTUJBFY9FLP9JTP03EY9FTE9`009:;P04APe1k3VZD003DW5FTUJC00EJT`03FW=JTeZC00QJT`03FYAJTeZC00UJT`03FYAJTeZC009JU003GYANTeZC 009NU003FY=JU5jd009JU008GYAJTejCGYAJTeYcFYAJM09JT`9JU0=J]09JT`03G[AN/eZC00AJT`9N U003G[ANU5jD00=NU009G[AJTeZCGYANTeZCGY=JTejC00=JT`05GY=JTeZCF[AN]007FY<1G[<1GY<1 GY<00007Kge_O6]KG_M:D47]=FT00S570RdW00HTi RSV9=FTaB3EY>HXeJS4X>F]BDEjdFY<00UYb00MFLUZCFW9JTeYcFW9FLP03FWFXiJSV:008eJ@@iRP8iR@0:=HTeJCEY=FTiRd6/ALe:3eYbFY<2EW80 1EYcFW9JTeYbFY<00UZB2EZC0eZD2eZC00AJ/eZBF[=J/`9FTP9JTP05EW5BL4X^ANe1k003?L/2>JX0 13V[=HXeRS5Y0SF900LiZcVZ:BLPiAB2568La0028>D01bD6:BLU9bU8=H]23U9b00AFT`04F[AN]5Zd F[@3G[@00eZCEW9JL`02EW800ejDFY=JU006FY<00eZDFY=JT`08FY<2FY800eZcFY=JT`02FY<01UZc FY=JTeZdFYAJT`=JU09N]09JT`06F[=JTeZCFYANU5jd0eZC0eZd0UZC0Ujd00=JU5jCGY<00UjC0ejd 0UZD00=J]5ZDFY<00Ujd0UZC00IN/ejCFY=JTeZdFY@2FY<01UjDG[ANU5jDGY=N]09NU09JU003FY=J U5jC009JT`0000mcOFmlJeYNmDY@@N`eRBe7;BH]9c58FX00SEZ13EY00H/01CV: 00Cdi@0di?00e63D7]@Ne63TX^CU16 3SV[D5:B0UZC0eJC00=J/eZCFY<00UZC00=FLUZCFY<015Yc00=N U5ZCGY@01EZC0UZD25ZC00AJTUZCFY9JTPEJT`04F[=JTeZCF[<2FY<2FY@00eZCFYAJ/`05FY<01EZD GYAN]5ZDF[@00eZC00INTeZCFY=N]5jDFY<4GY<035jcG[AJU5ZCFYAJTeZdFY=NU5jdGY=JT`9N]003 FY=JU5ZD009JU0ENU003FY=N]5jD00=NU003FY=NU5ZC009JT`0000mcOFmlJeYJeDia@N`eRC5X:BH] 9c58H/00SV:00DeJSV:>HXiRSEY00@iRP8eJP0;3e9@EU5FLP02 FY<2FW<01EZCFW9FLUIbFY800UIb00AFTUZBFY=JTPQJT`9JU0MJT`08G[ANeEZdG[ANe5jdF[=J]09J /`07FY=FTeZcG[AFTUIaFY800eIa00IFTUZBEW5>;di?CRl2DU001e9`BRm5kD7/@La63DX_009>D008 BRm:;TX_CW1BLUJBEY=JT`9J]007EY=FLUIbFY=NU5ZCEW802EZC00AJLeZCFY=JT`9JU0AJT`03G[=N Tejc009JT`AJTP=JT`03F[=JTeZC009JT`04F[=JTeZCFY@6FY<00eZcFY=JT`02FY@015ZCFYAJ]5Zd 0UZC00ANTejcFY=NT`9JT`9NU005GY=JTeZCG[AJT`02F[@015ZcG[AJ]5ZC0UZc00=JTeZcF[@015ZD 0UjD1EZC0UjD00=JU5jDGY@01EjC000027=mKga[FU[ECW4mk3F9=FP2;DL01C5YHXiRP8eJ@04CRmBD5Ia009JTP9JLP04FW=FLUYcFY<2 EW82FY83EW82FY800eZCEY9JT`02EY<>FY<00eZdFY=JT`02F[<2FY<015JCFYAJTeZC0Ujd00AJTeJB FY=JT`=FTP05EW5>D4X_DU1FL@02DW400eJADW5BD002CTl01E9aEW5J/UJBDW000U9a00MFTUZCFY=J /eZCF[AJU00DFY<00eZDFY=JT`03FY<3GY<00eZCFY9JTP03FY82FY<01EjCF[=JTeZCFY805eZC00EN TeZCFY=NU5ZC009NU003GY=JTeZC00AJ]004F[=N]5jcFY<2F[<2FY<2F[@3FY@2GY@00eZCFW=JT`02 FY<00ejDFYAJT`02GY@3GY<2GY@0000:LgecO6]JF]E>LCg/FX2 >HX3=FT02c5Y=FTeJSV:?J]1c4G^BPm>D59aEW4015ZB00AFLUIaFY9JT`9JLP04FY9FLUZBFY84EW80 0eJBFY9JT`02FY<00eIbEW=FL`0FXiRP02=FT02SUZ=FTaB3F:?J]1c4H>BRm>LEIb 0UJB15ZB00EJTeZBEW9JTUZC009JTP04FW9JLEIaFW83EW801eJCFY9JTUZBFW9FLUYc00AJU09JT`9J L`9JLPEJL`9JLP04FW=JTeZCFY<2FY86FY<015jdFY=FTeIb2EZC0UIb00=JTejcEW400UZB00=JLUZB G[<01UZC00AJTUZCF[=JTPMJT`9J]09JT`9J/`03FY=J/eZc00UJT`9JTP05GY9JTeZBFY=JTP02G[<2 FY<00ejCFY=JT`03FY<00ejCFY=JT`02GY<5FY<00eZcFY=JT`02FY8015ZCGY=JTeZC0Ujc0UZC0eZD 0UZC1EZD00=JTejDFY<00eZD00AN]5ZCGYAJ]0=J/`EJU003G[ANU5ZC009NT`06FY=NTejCGY=JTejD 0eZC00=JTUZCFY<00EZC000027=MLge_FekGBS11kCEYekG CU51kCF9;di?EW1FLEZBGY83FY82FY<015ZBFW9FLUYb0UZB 00EFLUZBFW9JLUYc00IJLP9JL`=JT`9JLP9JT`9JL`03FW9JLeYc00AJLPAJT`03GY=NU5jD009JT`03 GY=JTeZC00EJT`03EW9JTeje00=JT`03FY9JTeZC00AJT`9JL`08FW9FLUYbFW=JLUZBFY=JLP9JT`9J LPAJT`03EW9JTUZC00=JT`9JU09JT`AJU15JT`04GY=JTeZCGY<2FY8015jcFY=J/eZc0UZC00=N]5ZC GY<025ZC00=JU5ZCF[@00UZd0UZC00=N/eZCFY<00UZC00AJ/eZdFY=JT`9NU09JU0IJT`05F[=JTeZC FY=J]002G[@2FY@3FY<5FY@00eZCFYANU002GY@2GY<5GY@00ejCFY=JT`03GY<0000CLgegOFmKG]IB LT7]=FTaAbdV:@H]9cEY?J]1kDX_CTmBD5IaFY800UZA2UZB15Yb00EFLUYcFW9JLUYc00AJLP03FW=J LUYc00=JL`03FW9JLeZC009JT`AJL`9JT`04FY9JTeZCFY82FY<2FW<3FY<2GY<9FY<00ejdFY=JT`0; FY<2FW87FY<00eYcFY=JT`0;eIaEY9FL@02 FY801UZAFW5JTEZBFW5JTP9JL@05FW9FLEIbFW9JL@04FW800eYcFW9JLP02FW<6FW8"], "Graphics", GeneratedCell->False, CellAutoOverwrite->False, ImageSize->{227, 292}, ImageMargins->{{5, 0}, {0, 6}}, ImageRegion->{{0, 1}, {0, 1}}] }], "Text", TextAlignment->Center], Cell[TextData[{ "The purpose of this thesis is to explain the mathematical basis for \ Schoof's algorithm and to provide a ", StyleBox["Mathematica", FontSlant->"Italic"], " reference implementation of it. In order to achieve this goal we first \ present some background on elliptic curves in the ", StyleBox["x", FontSlant->"Italic"], "-", StyleBox["y", FontSlant->"Italic"], " plane. In particular we will see that the set points on the curve have \ the structure of an algebraic group. In chapter 2 we review the finite field \ arithmetic needed to work with elliptic curves over finite fields. In \ chapter 3 we present some basic algorithms for arithmetic in the group of \ points on an elliptic curve over a finite field. Chapter 4 describes some \ methods for computing the elliptic curve group order, and includes an \ introduction to Schoof's algorithm. We present the details of Schoof's \ algorithm in chapter 5. For each algorithm we first give a mathematical \ justification for the method or provide a reference to such. Next we present \ numerical examples that illustrates the operation of the algorithm. In \ chapter 6 we present results of running Schoof's algorithm against various \ curves. We conclude in chapter 7 with some applications that motivate \ efficient solutions to the elliptic curve group order problem. Appendix A \ contains a listing of the ", StyleBox["Mathematica", FontSlant->"Italic"], " functions that implement these algorithms, and Appendix B presents the ", StyleBox["Mathematica", FontSlant->"Italic"], " code for their implementation." }], "Text", TextJustification->1, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["1.2 When is f(x,y) an Elliptic Curve?", "Subsection", CellTags->"c:3"], Cell[TextData[{ "Much of the following discussion is based on material presented in \ Lawrence Washington's book \"Elliptic Curves - Number Theory and Cryptography\ \" [7]. An", StyleBox[" ", FontWeight->"Bold", FontSlant->"Italic"], StyleBox["elliptic curve", FontSlant->"Italic"], " is the set of points satisfying a nonsingular cubic polynomial in two \ variables. If ", Cell[BoxData[ \(TraditionalForm\`K\)]], " is a field, then an elliptic curve can be specified as" }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`\(\(E : {\((x, y)\) \[Element] K\[Cross]K | f(x, y) \[Element] F[x, y], f(x, y) = 0}\)\(,\)\)\)], "NumberedEquation", FontSize->14], Cell[TextData[{ "where ", Cell[BoxData[ \(TraditionalForm\`f(x, y)\)]], " is a particular nonsingular polynomial in ", Cell[BoxData[ \(TraditionalForm\`x, y\)]], " of degree 3. A polynomial is nonsingular if it has distinct roots. If \ the field ", Cell[BoxData[ \(TraditionalForm\`K\)]], " has characteristic other than ", Cell[BoxData[ \(TraditionalForm\`2, 3\)]], ", then by a transformation of variables it can be shown that ", Cell[BoxData[ \(TraditionalForm\`E\)]], " has the same behavior as an elliptic curve of the form:" }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + \(\(B\)\(.\)\)\)], "NumberedEquation", FontSize->14], Cell[TextData[{ "Equation (3) is called Weierstrass equation of an elliptic curve.\n\n\ Suppose ", Cell[BoxData[ \(TraditionalForm\`a, b, c\)]], " are the roots of the right hand side of (3). Then\n\n\t", Cell[BoxData[ \(TraditionalForm\`y\^2 = \(\((x - a)\) \((x - b)\) \((x - c)\) = x\^3 - \((a + b + c)\) x\^2 + \((a\ b + a\ c + b\ c)\)\ x - a\ b\ c\)\)]], ".\n\t\nSince the coefficient of ", Cell[BoxData[ \(TraditionalForm\`x\^2\)]], " is zero we must have ", Cell[BoxData[ \(TraditionalForm\`a + b + c = 0\)]], ". Suppose that (3) has a double root. Without loss of generality let the \ double root be ", Cell[BoxData[ \(TraditionalForm\`a = b\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`2 a + c = 0\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`a = \(-c\)/2\)]], ", and we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 - \(3\/4\) \(c\^2\) x - \(1\/4\) c\^3\)]], ".\n\t\nPut ", Cell[BoxData[ \(TraditionalForm\`A = \(\(-3\)\/4\) c\^2, B = \(\(-1\)\/4\) c\^3\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x + B\)]], " then\n\n\t", Cell[BoxData[ \(TraditionalForm\`4 A\^3 = \(\(-\(27\/16\)\) c\^6 = \(-27\) B\^2\)\)]], ".\n\t\nHence if (3) has a double root then ", Cell[BoxData[ \(TraditionalForm\`4\ A\^2 + 27\ B\^2 = 0\)]], ". The contrapositive gives that (3) has distinct roots only if" }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`4\ A\^2 + 27\ B\^3 \[NotEqual] 0\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "The negative of the left hand side of (4) is called the ", StyleBox["discriminant", FontSlant->"Italic"], " of the elliptic curve." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["1.3 Addition of Points on an Elliptic Curve", "Subsection", CellTags->"c:4"], Cell[TextData[{ "For an elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E\)]], ", take any two points ", Cell[BoxData[ \(TraditionalForm\`\(\(P\)\(,\)\(Q\)\(\ \ \)\)\)]], "that lie on ", Cell[BoxData[ \(TraditionalForm\`E\)]], ", then by Bezout's Theorem, the line between ", Cell[BoxData[ \(TraditionalForm\`P\)]], " and ", Cell[BoxData[ \(TraditionalForm\`Q\)]], " will intersect the curve ", Cell[BoxData[ \(TraditionalForm\`E\)]], " at a third point ", Cell[BoxData[ \(TraditionalForm\`R\)]], ". This is illustrated in Figure 2 for the elliptic curve given by ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 - 5\ x - 2\)]], ". Notice that the line between two points would be vertical if the two \ points had the same ", StyleBox["x", FontSlant->"Italic"], "-coordinate. Such a line does not appear to intersect the curve. In this \ case we define the third point of intersection to be a special point at \ infinity, \[ScriptCapitalO]. This definition is justified based on a \ consideration of the elliptic curve in projective coordinates, where \ \[ScriptCapitalO] is a well-defined point." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ StyleBox["Figure 2 - Plot of the Elliptic Curve ", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 - 5 x\ - 2\)], FontWeight->"Bold"], "\n\n", Cell[GraphicsData["Bitmap", "\<\ CF5dJ6E]HGAYHf4PAg9QL6QYHgOol00g`0Ool03`0AOol001aoo`0300moogoo011o o`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011o o`0300moogoo00ioo`03O01oo`0?015oo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol03Woo00=l07oo 00l04Goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool017`0Oomoo`0?4Goo000LOol00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`0=Ool017`0Oomoo`0?4Goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool0 0`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool0 17`0Oomoo`0?4Goo000>Oold00l00`0000l03`1G00l00g`000l03`0400l>Ool001aoo`0300moogoo 011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo 011oo`0300moogoo00aoo`05O01oogooOol03`0AOol001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00ao o`05O01oogooOol03`0AOol001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`03 00moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00aoo`05O01oogooOol03`0A Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300mo ogoo00moo`0300moogoo011oo`0300moogoo00aoo`05O01oogooOol03`0AOol001aoo`0300moogoo 011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo 011oo`0300moogoo00]oo`03O01oogoo009oo`0300moogoo00moo`0077oo00<03gooOol047oo00<0 3gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<0 3gooOol02goo00=l07ooOol00Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@ Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0; Ool00g`0Oomoo`02Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001o ogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00]oo`03O01o ogoo009oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo 00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol02Woo00=l07ooOol00goo 00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0:Ool00g`0Oomoo`03Ool00`0?Oomo o`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`03 00moogoo00moo`0300moogoo011oo`0300moogoo00Yoo`03O01oogoo00=oo`0300moogoo00moo`00 77oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol0 3goo00<03gooOol047oo00<03gooOol02Woo00=l07ooOol00goo00<03gooOol03goo000LOol00`0? Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`04Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011o o`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011o o`0300moogoo00Uoo`03O01oogoo00Aoo`0300moogoo00moo`0077oo00<03gooOol047oo00<03goo Ool047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03goo Ool02Goo00=l07ooOol017oo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool0 0`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`08Ool0 0g`0Oomoo`05Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo 00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Qoo`03O01oogoo 00Eoo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol027oo00=l07ooOol01Goo00@0 3gooOol03`ioo`003Woo=00?00<0000?00l0D@0?00=l000?00l02P0?3Woo000LOol00`0?Oomoo`0@ Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`07Ool00g`0Oomoo`06Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300mo ogoo00Moo`03O01oogoo00Ioo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol01goo 00=l07ooOol01Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`06Ool00g`0Oomo o`07Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`03 00moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Ioo`03O01oogoo00Moo`03 00moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol0 47oo00<03gooOol03goo00<03gooOol047oo00<03gooOol01Woo00=l07ooOol01goo00<03gooOol0 3goo000LOol00`0?Oomoo`0@Ool0100?Oomoof]J0Woo00Mg_BDYOomoofLiKg]W>@06Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`06Ool00g`0Oomo o`07Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0400moogooJeX8Ool00f]JOomoo`04Ool0 0`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`06Ool0 0g`0Oomoo`07Ool00`0?Oomoo`0?Ool001aoo`0300moogoo00eoo`04MkeNmekg00/2Ool00gNmKg]o o`04Ool2Kg/00f@05Ool2Kg/7Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`05Ool00g`0Oomoo`08Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`03 00m_NeJe009Nm`Eoo`9Nm`03JeYoogoo00Aoo`03001oogoo00moo`0300moogoo011oo`0300moogoo 00moo`0300moogoo011oo`0300moogoo00Eoo`03O01oogoo00Qoo`0300moogoo00moo`0077oo00<0 3gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<0 3gooOol047oo00<03gooOol017oo00=l07ooOol02Goo00<03gooOol03goo000LOol00`0?Oomoo`0@ Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`04Ool00g`0Oomoo`09Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300mo ogoo00Aoo`03O01oogoo00Uoo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol00goo 00=l07ooOol02Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`03Ool00g`0Oomo o`0:Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`03 00moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00=oo`03O01oogoo00Yoo`03 00moogoo00moo`003Woo=00?00<0000?00l0C@0?00=l000?00l03P0?3Woo000LOol00`0?Oomoo`0@ Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`02Ool00g`0Oomoo`0;Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300mo ogoo009oo`03O01oogoo00]oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol00Woo 00=l07ooOol02goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool01@0?OomoogooO0003Woo00<0 3gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool01@0?OomoogooO0003Woo00<03gooOol03goo000LOol0 0`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool0 0`0?Oomoo`0@Ool01@0?OomoogooO0003Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool01@0? OomoogooO0003Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool0100?Oomoog`03goo00<03goo Ool03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0?Ool00`0?Oomoo`0@Ool0100?Oomoog`03goo00<03gooOol03goo000LOol00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomo o`0@Ool0100?Oomoog`03goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool0 0`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Ooml000@Ool0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo011oo`0300moog`0011oo`0300moogoo00moo`0077oo00<0 3gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<0 3gooOol047oo00<03gooO00047oo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@ Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?O01oo`0@ Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300mo ogoo011oo`0300moogoo00moo`0300moogoo011oo`0300ml07oo011oo`0300moogoo00moo`0077oo 00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo 00<03gooOol047oo00<03g`0Ool047oo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomo o`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00g`0Oomo o`0@Ool00`0?Oomoo`0?Ool000iooc@03`0300003`0?04L03`03O0003`0?01@03`Eoo`03IcTYBWoo 00Ioo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03gooOol047oo00=l07ooOol00goo0P002goo00H03gooOomoofLi:DX200000bDY 249BU007Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011o o`0300moogoo00moo`0300moogoo00moo`03O0003goo00Aoo`8000]oo`0400moogooMkd224801FLi BU800000G_L01goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0?Ool00g`000moo`04Ool20009Ool200002`0?Oomooe:D 001BU7oo:DYBU000:DX01goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0?Ool00g`000moo`04Ool20009Ool200001P0? Oomooc6<001_N`=oo`030008@Woo00Ioo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol03Woo00=l07oo00l01Goo1@0000AB U7ooOomoo`H00003Ool0000000Aoo`8000Moo`0077oo00<03gooOol047oo00<03gooOol047oo00<0 07ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol037oo100000<03gooOol00goo 0P000Woo00=Nm`00DY@017oo0P0000<03gooOol00P0017oo0P001goo000LOol00`0?Oomoo`0@Ool0 0`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0L2Kg/00a24249oo`07Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo00eoo`04O00007oo00l5Ool5 00000dYBOomoo`05Ool01P0?OomoogooIcTYBP800003:DY_Ngoo00Moo`0077oo00<03gooOol047oo 00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol03Goo 00Al0000Ool03a9oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol03Goo00Al0000Ool03a9oo`0300mo ogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo 00<03gooOol03goo00<03gooOol037oo00El07oo001oo`0?019oo`0300moogoo00moo`0077oo00<0 3gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<0 3gooOol037oo00El07oo001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03goo Ool047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol037oo00El07oo 001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol0 3goo00<03gooOol047oo00<03gooOol03goo00<03gooOol02goo00Il07ooOol007oo00lBOol00`0? Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011o o`0300moogoo00moo`0300moogoo00]oo`06O01oogoo001oo`0?4Woo00<03gooOol03goo000LOol0 0`0?Oomoo`0@Ool00`0?Oomoo`09Ool00fLiKg]W>@04Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0?Ool00`0?Oomoo`0;Ool01W`0Oomoo`00Ool03a9oo`0300moogoo00moo`003Woo;`0? 00<0300?00l00P0?0P00@`0?00Al000?00l001P03`ioo`0077oo00<03gooOol047oo00<03gooOol0 17oo00Eg_EkgG_MNmgoo009_N`03HaQoogoo009oo`03001oogoo00moo`0300moogoo011oo`0300mo ogoo00moo`0300moogoo00Yoo`07O01oogooOol007oo00l04Woo00<03gooOol03goo000LOol00`0? Oomoo`0@Ool00`0?Oomoo`09Ool2Kg/5Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0? Ool00`0?Oomoo`0:Ool01g`0Oomoogoo001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol0 47oo00<03gooOol02Goo0Ukg00=[FWooOol00Woo00<007ooOol03goo00<03gooOol047oo00<03goo Ool03goo00<03gooOol02Woo00Ml07ooOomoo`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300mo ogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300mo ogoo00Yoo`07O01oogooOol007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`09Ool00g`0 Oomoo`02Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo00Uoo`03O01oogoo009o o`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol02Goo00=l07ooOol00Woo00<007oo 00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`08Ool00g`0Oomoo`03Ool00`00Ool03`0BOol0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo00Qoo`03O01oogoo00=oo`03001oo`0?019oo`0300moogoo 00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03gooOol01goo00=l07ooOol017oo00<007oo00l04Woo00<03gooOol03goo000L Ool00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0? Ool00`0?Oomoo`07Ool00g`0Oomoo`04Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300mo ogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300mo ogoo00Moo`03O01oogoo00Aoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo 00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol01Woo 00=l07ooOol01Goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomo o`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`06Ool00g`0Oomo o`05Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo00Ioo`03O01oogoo00Eoo`03 001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol0 3goo00<03gooOol047oo00<03gooOol03goo00<03gooOol01Goo00=l07ooOol01Woo00<007oo00l0 4Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`05Ool00g`0Oomoo`06Ool00`00Ool03`0BOol00`0? Oomoo`0?Ool000iooc@03`0300003`0?03`03`03O0003`0?00H03`0300003`0?01H03`ioo`0077oo 00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo 00<03gooOol01Goo00=l07ooOol01Woo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomo o`04Ool00g`0Oomoo`07Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`03 00moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo00Aoo`03 O01oogoo00Moo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol0 47oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol017oo00=l07ooOol0 1goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00 Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`04Ool00g`0Oomoo`07Ool00`00 Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00mo o`0300moogoo011oo`0300moogoo00moo`0300moogoo00=oo`03O01oogoo00Qoo`03001oo`0?019o o`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00<03gooOol00goo00=l07ooOol027oo00<007oo00l04Woo00<03goo Ool03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0?Ool00`0?Oomoo`03Ool00g`0Oomoo`08Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0 01aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo 00moo`0300moogoo00=oo`03O01oogoo00Qoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<0 3gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<0 3gooOol00Woo00=l07ooOol02Goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@ Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`02 Ool00g`0Oomoo`09Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo009oo`03O01o ogoo00Uoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00D03gooOomoog`000aoo`03001oo`0? 019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03gooOol03goo00D03gooOomoog`000aoo`03001oo`0?019oo`0300moogoo00mo o`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03goo Ool03goo00D03gooOomoog`000aoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol0 47oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00D03gooOomo og`000aoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00@03gooOoml00eoo`03001oo`0?019o o`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00@03gooOoml00eoo`03001oo`0?019oo`0300moogoo00moo`003Woo =00?00<0000?00l0=`0?00=l000?00l02`0?00<0000?00l05P0?3Woo000LOol00`0?Oomoo`0@Ool0 0`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool0100?Oomoog`03Goo 00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool0100?Oomoog`03Goo00<007oo00l04Woo00<03goo Ool03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0?Ool0100?Oomoog`03Goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Ooml 000>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moog`000ioo`03001oo`0?019oo`03 00moogoo00moo`0077oo00<03gooOol01Woo17`01Woo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03gooOol03goo00<03gooO0003Woo00<007oo00l04Woo00<03gooOol03goo000L Ool00`0?Oomoo`02Ool4O004Ool2O004Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`0?Ool00`0?O01oo`0>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0500mo ogooOoml000:Ool2O002Ool0200?LiaS66mkJeYoogNm9BT2Ool00fLiKg]W>@06Ool00`00Oomoo`0? Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?O01oo`0>Ool00`00Ool03`0BOol00`0?Oomoo`0? Ool001aoo`0400moog`0O00=Ool01W`0Ool03gooLiag_@Qoo`03JeYoogoo00Aoo`80011oo`0300mo ogoo011oo`0300moogoo00moo`0300ml07oo00ioo`03001oo`0?019oo`0300moogoo00moo`0077oo 00<03g`0Ool03Goo00Ag_EkgO01l009oo`03Liag_Goo00Aoo`9_N`03HaQoogoo00Aoo`03001oogoo 00moo`0300moogoo011oo`0300moogoo00moo`03O01oogoo00ioo`03001oo`0?019oo`0300moogoo 00moo`0077oo00=l07ooOol047oo00D03g`0Oomoof]J00Eoo`9_N`Moo`03001oogoo00moo`0300mo ogoo011oo`0300moogoo00moo`03O01oogoo00ioo`03001oo`0?019oo`0300moogoo00moo`006goo 00=l000?Ool04Goo00D03gooO01[FVmk00Eoo`9Nm`03JeYoogoo00Aoo`03001oogoo00moo`0300mo ogoo011oo`0300moogoo00moo`03O01oogoo00ioo`03001oo`0?019oo`0300moogoo00moo`006Woo 00=l07oo00l04Woo00@03gooOoml00moo`03001oogoo00moo`0300moogoo011oo`0300moogoo00io o`03O0003goo00moo`03001oo`0?019oo`0300moogoo00moo`001Woo0P004Woo00=l07oo00l04Woo 00D03gooOomoog`000ioo`03001oogoo00moo`0300moogoo011oo`0300moogoo00ioo`03O0003goo 00moo`03001oo`0?019oo`0300moogoo00moo`001Woo0P004Goo00Al07ooOol03a9oo`0300moogoo 009oo`03O01oogoo00]oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00ioo`03O0003goo 00moo`03001oo`0?019oo`0300moogoo00moo`001Woo0P0047oo00El07ooOomoo`0?019oo`0300mo ogoo00=oo`03O01oogoo00Yoo`03001oogoo00moo`0300moogoo011oo`0300moogoo00ioo`03O000 3goo00moo`03001oo`0?019oo`0300moogoo00moo`001Woo0P0047oo00El07ooOomoo`0?019oo`03 00moogoo00=oo`03O01oogoo00Yoo`03001oogoo00moo`0300moogoo011oo`0300moogoo00ioo`03 O0003goo00moo`03001oo`0?019oo`0300moogoo00moo`001Woo1@0000Ool00`0?Oomoo`0=Ool017`0Oomoo`004Goo 00<03gooOol047oo00<03gooOol02goo00El07ooOomoo`0?011oo`03001oo`0?019oo`0300moogoo 00moo`003Woo100?00=l000?00l0300?00<0000?00l06`0?00Al000?00l003403`03O0003`0?01<0 3`0300003`0?01H03`ioo`004Woo00=l07ooOol01goo00<03gooOol00goo00<007ooOol02Woo00<0 3gooOol03Goo00Al07ooOol0015oo`0300moogoo011oo`0300moogoo00Yoo`03O01oogoo009oo`03 00moogoo00ioo`03001oo`0?019oo`0300moogoo00moo`004Woo00=l07ooOol01goo00<03gooOol0 17oo00<007ooOol02Goo00<03gooOol03Woo00=l07oo00004Goo00<03gooOol047oo00<03gooOol0 2Woo00=l07ooOol00Woo00<03gooOol03Woo00<007oo00l04Woo00<03gooOol03goo000BOol00g`0 Oomoo`07Ool00`0?Oomoo`05Ool00`00Oomoo`08Ool00`0?Oomoo`0>Ool00g`0Ool0000AOol00`0? Oomoo`0@Ool00`0?Oomoo`0:Ool00g`0Oomoo`02Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol00`0? Oomoo`0?Ool0019oo`03O01oogoo00Moo`0300moogoo00Eoo`03001oogoo00Qoo`0300moogoo00io o`03O01oo`00015oo`0300moogoo011oo`0300moogoo00Yoo`03O01oogoo009oo`0300moogoo00io o`03001oo`0?019oo`0300moogoo00moo`004Woo00=l07ooOol01goo00<03gooOol01Woo00<007oo Ool01goo00<03gooOol03Woo00=l07oo00004Goo00<03gooOol047oo00<03gooOol02Goo00=l07oo Ool00goo00<03gooOol03Woo00<007oo00l04Woo00<03gooOol03goo000BOol00g`0Oomoo`07Ool0 0`0?Oomoo`07Ool00`00Oomoo`06Ool00`0?Oomoo`0?Ool00g`0001oo`0@Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0 019oo`03O01oogoo00Moo`0300moogoo00Qoo`03001oogoo00Eoo`0300moogoo00moo`03O00007oo 011oo`0300moogoo011oo`0300moogoo00Uoo`03O01oogoo00=oo`0300moogoo00ioo`03001oo`0? 019oo`0300moogoo00moo`004Goo00=l07ooOol027oo00<03gooOol02Goo00<007ooOol017oo00<0 3gooOol03goo00=l0000Ool047oo00<03gooOol047oo00<03gooOol02Goo00=l07ooOol00goo00<0 3gooOol03Woo00<007oo00l04Woo00<03gooOol03goo000AOol00g`0Oomoo`08Ool00`0?Oomoo`0: Ool00`00Oomoo`03Ool00`0?Oomoo`0?Ool00g`0001oo`0@Ool00`0?Oomoo`0@Ool00`0?Oomoo`09 Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0015oo`03O01o ogoo00Qoo`0400eS66mkJeX:Ool00`00Oomoo`02Ool00`0?Oomoo`0?Ool00g`0001oo`0@Ool00`0? Oomoo`0>Ool017>LHaP03F]J2Woo00=l07ooOol00goo00<03gooOol03Woo00<007>L00`04Woo00<0 3gooOol03goo000AOol00g`0Oomoo`08Ool00`0?Liag_@0;Ool00`00Oomoo`02Ool00`0?Oomoo`0? Ool00g`0001oo`0@Ool00`0?Oomoo`0?Ool00g>L00ioo`0:Ool00g`0Oomoo`03Ool00`0?Oomoo`0= Ool017Nm001Nm`0;4Woo00<03gooOol03goo000AOol00g`0Oomoo`04Ool027NmG_MNmekg00moog>L Mkd;Ool01@00Oomoogoo00l04Goo00=l0000Ool047oo00<03gooOol047oo00<03GNmOol02Goo00=l 07ooOol00goo00<03gooOol03Woo00<007oo00d04Woo00<03gooOol03goo000AOol00g`0Oomoo`08 Ool0100?Oomoof]J37oo00@007ooOol03a5oo`03O00007oo011oo`0300moogoo011oo`0300m[FWoo 00Uoo`03O01oogoo00=oo`0300moogoo00ioo`03001_N`0=019oo`0300moogoo00moo`004Goo00=l 07ooOol027oo00@03f@0=019oo`0300moogoo00moo`00 4Goo00=l07ooOol027oo00<03gooOol03goo00<0000?Ool04Goo00=l07ooOol03goo00<03gooOol0 47oo00<03gooOol02Goo00=l07ooOol00goo00<03gooOol03Woo00<007oo00l04Woo00<03gooOol0 3goo000AOol00g`0Oomoo`08Ool00`0?Oomoo`0@Ool00`00Oomoo`0@Ool00g`0Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol00`0? Oomoo`0?Ool0015oo`03O01oogoo00Qoo`0300moogoo011oo`0300l007oo011oo`03O01oogoo00mo o`0300moogoo011oo`0300moogoo00Uoo`03O01oogoo00=oo`0300moogoo00ioo`03001oo`0?019o o`0300moogoo00moo`004Goo00=l07ooOol027oo00<03gooOol047oo00<03`00Ool047oo00=l07oo Ool03goo00<03gooOol047oo00<03gooOol02Goo00=l07ooOol00goo00<03gooOol03Woo00<007oo 00l04Woo00<03gooOol03goo000>Ool300000g`00000000^00000g`00000000^00000g`00000000] 000>Ool0015oo`03O01oogoo00Qoo`0300l007oo011oo`0400moogoo000?Ool00g`0Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`00Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool0000BOol0 0`0?Oomoo`0?Ool0015oo`03O01oogoo00Qoo`0300moogoo011oo`0500moogooOol0000>Ool00g`0 Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00 Ool03`0BOol00`0?Oomoo`0?Ool0015oo`03O01oogoo00Qoo`0300moogoo011oo`0300moogoo009o o`03001oogoo00]oo`03O01oogoo00Uoo`03Lia:DWoo00=oo`0300moogoo011oo`0300moogoo00Uo o`03O01oogoo00=oo`0300moogoo00ioo`03001oo`0?019oo`0300moogoo00moo`004Goo00=l07oo Ool027oo00<03gooOol047oo00<03gooOol00goo00<007ooOol02Woo00=l07ooOol017oo00McW4YB 000004Ha9BUW>@04Ool00`0?Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0> Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0015oo`03O01oogoo00Qoo`0300moogoo011oo`0300mo ogoo00=oo`03001oogoo00Yoo`03O01oogoo00=oo`05MkdU:BDYLiaS600200000fmkOomoo`02Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol0 0`0?Oomoo`0?Ool0015oo`03O01oogoo00Qoo`0300moogoo011oo`0300moogoo00Aoo`03001oogoo 00Uoo`03O01oogoo00=oo`08DY@006LiOom:DVLi001:DPAoo`0300moogoo011oo`0300moogoo00Uo o`03O01oogoo00=oo`0300moogoo00ioo`03001oo`0?019oo`0300moogoo00moo`004Goo00=l07oo Ool027oo00<03gooOol047oo00<03gooOol01Goo00<007ooOol01goo00=l0000Ool017oo00Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0 015oo`03O01oogoo00Qoo`0300moogoo011oo`0300moogoo00Moo`03001oogoo00Eoo`03O00007oo 00Aoo`8000Aoo`8000Aoo`0300moogoo011oo`0300moogoo00Uoo`03O01oogoo00=oo`0300moogoo 00ioo`03001oo`0?019oo`0300moogoo00moo`004Goo00=l07ooOol027oo00<03gooOol047oo00<0 3gooOol027oo00<007ooOol017oo00=l0000Ool017oo00@02Ool00fLi001Nm`04Ool00`0?Oomoo`0@Ool00`0?Oomoo`09 Ool00g`0Oomoo`03Ool00`0?Oomoo`0>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool0019oo`03O01o ogoo00Moo`0300moogoo011oo`0300moogoo00Uoo`03001oogoo00=oo`03O00007oo00Aoo`03MkdU :Cg_009g_@03LBU800000BU9g_@Eoo`0300moogoo011o o`0300moogoo00Uoo`03O01oogoo00=oo`0300moogoo00ioo`03001oo`0?019oo`0300moogoo00mo o`004Woo00=l07ooOol01goo00<03gooOol047oo00<03gooOol02goo00<007oo00000`004Goo00<0 3gooOol047oo00<03gooOol02Woo00=l07ooOol00Woo00<03gooOol03Woo00<007oo00l04Woo00<0 3gooOol03goo000BOol00g`0Oomoo`07Ool00`0?Oomoo`0@Ool00`0?Oomoo`0Ool00`00Ool03`0BOol00`0? Oomoo`0?Ool0019oo`03O01oogoo00Moo`0300moogoo011oo`0300moogoo00aoo`D0015oo`0300mo ogoo011oo`0300moogoo00Yoo`03O01oogoo009oo`0300moogoo00ioo`03001oo`0?019oo`0300mo ogoo00moo`004Woo00=l07ooOol01goo00<03gooOol047oo00<03gooOol03Goo10004Goo00<03goo Ool047oo00<03gooOol02Woo00=l07ooOol00Woo00<03gooOol03Woo00<007oo00l04Woo00<03goo Ool03goo000>Ool400l00g`000l03`0Z00l017`000l00000<@0?00=l000?00l04`0?00<0000?00l0 5P0?3Woo000BOol00g`0Oomoo`07Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool017`0Ool000004Goo 00<03gooOol047oo00<03gooOol02Woo00=l07ooOol00Woo00<03gooOol03Woo00<007oo00l04Woo 00<03gooOol03goo000BOol00g`0Oomoo`07Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool017`0Oomo o`004Goo00<03gooOol047oo00<03gooOol02goo00El07ooOomoo`0?011oo`03001oo`0?019oo`03 00moogoo00moo`004Woo00=l07ooOol01goo00<03gooOol047oo00<03gooOol037oo00Al07ooOomo o`80011oo`0300moogoo011oo`0300moogoo00]oo`05O01oogooOol03`0@Ool00`00Ool03`0BOol0 0`0?Oomoo`0?Ool001=oo`03O01oogoo00Ioo`0300moogoo011oo`0300moogoo00aoo`07O01oogoo Ool007oo00003goo00<03gooOol047oo00<03gooOol02goo00El07ooOomoo`0?011oo`03001oo`0? 019oo`0300moogoo00moo`004goo00=l07ooOol01Woo00<03gooOol047oo00<03gooOol037oo00El 07ooOomoo`00009oo`03001oogoo00aoo`0300moogoo011oo`0300moogoo00]oo`05O01oogooOol0 3`0@Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001=oo`03O01oogoo00Ioo`0300moogoo011oo`03 00moogoo00]oo`03O01oogoo009oo`05001oogooOol0000=Ool00`0?Oomoo`0@Ool00`0?Oomoo`0; Ool01G`0Oomoogoo00l047oo00<007oo00l04Woo00<03gooOol03goo000COol00g`0Oomoo`06Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0;Ool00g`0Oomoo`02Ool00`00Oomoo`02Ool00`00Oomoo`0:Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0;Ool01G`0Oomoogoo00l047oo00<007oo00l04Woo00<03gooOol0 3goo000COol00g`0Oomoo`06Ool00`0?Oomoo`0@Ool00`0?Oomoo`0:Ool00g`0Oomoo`03Ool00`00 Oomoo`02Ool00`00Oomoo`0:Ool00`0?Oomoo`0@Ool00`0?Oomoo`0FmkIcT01Goo00<007ooOol03goo00D03gooOomoo`0000ioo`0300moogoo00moo`03O01o ogoo00ioo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03g`0Ool047oo00El07ooOomcW7Nm 00Qoo`03JeYoogoo00=oo`80011oo`0500moogooOol0000>Ool00`0?Oomoo`0?Ool00`0?O01oo`0> Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0400moog`0O00=Ool2O0001P0?OomoogooLiag _@Eoo`9_N`03HaQoogoo00=oo`03001oogoo00moo`0300moogoo009oo`03001oogoo00]oo`0300mo ogoo00moo`0300ml07oo00ioo`03001oo`0?019oo`0300moogoo00moo`0077oo00@03gooOomoo`9l 00Qoo`=l009oo`0300moogoo009oo`03JeYoogoo00=oo`9_N`Ioo`03001oogoo00moo`0300moogoo 00=oo`03001oogoo00Yoo`0300moogoo00moo`0300ml07oo00ioo`03001oo`0?019oo`0300moogoo 00moo`0077oo00<03gooOol00goo0W`017oo0W`01Goo00H03gooOomS66]JKg/5Ool2G_L00f]JOomo o`03Ool00`00Oomoo`0?Ool00`0?Oomoo`04Ool00`00Oomoo`09Ool00`0?Oomoo`0?Ool00`0?O01o o`0>Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo00Eoo`Al00Moo`0300moogoo 011oo`03001oogoo00moo`0300moogoo00Eoo`03001oogoo00Qoo`0300moogoo00moo`0300moog`0 00ioo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<0 07ooOol03goo00<03gooOol01Woo00<007ooOol01goo00<03gooOol03goo00<03gooO0003Woo00<0 07oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0? Ool00`0?Oomoo`07Ool00`00Oomoo`06Ool00`0?Oomoo`0?Ool00`0?Ooml000>Ool00`00Ool03`0B Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300mo ogoo00Moo`03001oogoo00Ioo`0300moogoo00moo`0400moogooO00=Ool00`00Ool03`0BOol00`0? Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo00Qo o`03001oogoo00Eoo`0300moogoo00moo`0400moogooO00=Ool00`00Ool03`0BOol00`0?Oomoo`0? Ool000iooc@03`0300003`0?01/03`0300003`0?01T03`03O0003`0?00/03`0300003`0?01H03`io o`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol02Woo00<007oo Ool00goo00<03gooOol03goo00@03gooOoml00eoo`03001oo`0?019oo`0300moogoo00moo`0077oo 00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol02goo00<007ooOol00Woo 00<03gooOol03goo00@03gooOoml00eoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03goo Ool047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol037oo00D007ooOomoo`0?015oo`04 00moogooO00=Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo 011oo`03001oogoo00moo`0300moogoo00eoo`04001oogoo00lAOol01@0?OomoogooO00037oo00<0 07oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0? Ool00`0?Oomoo`0=Ool01000Oomoo`0?4Goo00D03gooOomoog`000aoo`03001oo`0?019oo`0300mo ogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol03Woo 00<007oo00l04Goo00D03gooOomoog`000aoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<0 3gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol03goo00<0000?Ool047oo00D0 3gooOomoog`000aoo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03goo Ool047oo00<007ooOol03goo00<03gooOol047oo00<007ooOol03goo00<03gooOol00Woo00=l07oo Ool02Goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool0 0`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?001oo`0?Ool00`0?Oomoo`02Ool00g`0Oomoo`09Ool0 0`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo 00moo`0300moogoo011oo`0300moo`0000moo`0300moogoo009oo`03O01oogoo00Uoo`03001oo`0? 019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03goo00003goo00<03gooOol00Woo00=l07ooOol02Goo00<007oo00l04Woo00<0 3gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@ Ool0100?Oomoo`003Woo00<03gooOol00goo00=l07ooOol027oo00<007oo00l04Woo00<03gooOol0 3goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool01@0? Oomoogoo00003Goo00<03gooOol00goo00=l07ooOol027oo00<007oo00l04Woo00<03gooOol03goo 000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomo o`02Ool00`00Oomoo`0:Ool00`0?Oomoo`03Ool00g`0Oomoo`08Ool00`00Ool03`0BOol00`0?Oomo o`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`03 00moogoo00=oo`03001oogoo00Uoo`0300moogoo00Aoo`03O01oogoo00Moo`03001oo`0?019oo`03 00moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol0 47oo00<03gooOol017oo00<007ooOol027oo00<03gooOol017oo00=l07ooOol01goo00<007oo00l0 4Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`05Ool00`00Oomoo`07Ool00`0?Oomoo`04Ool00g`0Oomoo`07Ool00`00 Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00mo o`0300moogoo011oo`0300moogoo00Eoo`03001oogoo00Moo`0300moogoo00Aoo`03O01oogoo00Mo o`03001oo`0?019oo`0300moogoo00moo`003Woo=00?00<0000?00l0:`0?00<0000?00l03P0?00=l 000?00l01P0?00<0000?00l05P0?3Woo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`07Ool00`00Oomoo`05Ool00`0?Oomoo`05Ool00g`0Oomo o`06Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00Qoo`03001oogoo00Aoo`0300moogoo00Eoo`03 O01oogoo00Ioo`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol0 47oo00<007ooOol03goo00<03gooOol047oo00<03gooOol02Goo00<007ooOol00goo00<03gooOol0 1Woo00=l07ooOol01Goo00<007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0:Ool00`00Oomoo`02Ool00`0? Oomoo`06Ool00g`0Oomoo`05Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011o o`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00]oo`05001oogooOol0 3`08Ool00g`0Oomoo`05Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`03 00moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00]oo`05001oogooOol03`08 Ool00g`0Oomoo`05Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00aoo`04001oogoo00l9Ool00g`0 Oomoo`04Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00eoo`03001oo`0?00Uoo`03O01oogoo00Ao o`03001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03Woo00<0000?Ool027oo00=l07ooOol017oo00<007oo 00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`00Oomoo`08Ool00g`0Oomoo`03Ool00`00Ool03`0BOol0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300l007oo00Qoo`03O01oogoo00=oo`03001oo`0?019oo`0300moogoo 00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03goo00002Goo00=l07ooOol00Woo00<007oo00l04Woo00<03gooOol03goo000L Ool00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0? Ool00`0?Ool00009Ool00g`0Oomoo`02Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300mo ogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0400mo ogoo0008Ool00g`0Oomoo`02Ool00`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011o o`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0500moogooOol0 0008Ool01g`0Oomoogoo001oo`0?019oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03goo Ool047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol00Woo00<007oo Ool01Goo00Ml07ooOomoo`00Ool03`0BOol00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300mo ogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo00=oo`03001o ogoo00Aoo`07O01oogooOol007oo00l04Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0:Ool00fLiKg]W>@03Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0? Oomoo`04Ool00`00Oomoo`03Ool01g`0Oomoogoo001oo`0?019oo`0300moogoo00moo`003Woo<00? 00@0300?00l03`8003d03`0300003`0?00<03`04O0003`0?000H00l>Ool001aoo`0300moogoo011o o`0300moogoo00Yoo`9_N`05HaQoogooOol0000AOol00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0? Oomoo`05Ool00`00Oomoo`03Ool01W`0Oomoo`00Ool03`Moo`8000=oo`03G_L004Ha00=oo`0300mo ogoo00moo`0077oo00<03gooOol047oo00<03gooOol02Woo0Vmk17oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00<03gooOol01Woo00<007ooOol00Woo00Il07ooOol007oo00l7Ool2 0003Ool00bDY001g_@03Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo00Yoo`9N m`05JeYoogooOol0000AOol00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`07Ool00`00Oomo o`02Ool01G`0Ool007oo00l01goo0P000Woo00=Nm`00E[D017oo00<03gooOol03goo000LOol00`0? Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0? Oomoo`08Ool02@00OomoogooO01oo`00Ool03`07Ool2000017ooKg/003g_1Goo00<03gooOol03goo 000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomo o`0?Ool00`0?Oomoo`09Ool02000Oomoog`0Ool007oo00l7Ool500000dHaOomoo`03Ool00`0?Oomo o`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`03 00moogoo00moo`0300moogoo00Yoo`07001oog`0Ool007oo00l01goo0P000Woo00=S6000BU8017oo 00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0:Ool01`00Oomoog`0001oo`0?00Moo`8000=oo`8000Ao o`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00<03gooOol02goo00H007ooO00007oo00l7Ool20003Ool20004Ool0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo00aoo`<00003Ool03goo00Ioo`80009oo`03JeX004YB00Ao o`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00<03gooOol037oo100000<03gooOol01Goo1@0000=6 Oold00l00`0000l03`1=00l00g`000l03`0>00l>Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00=o o`03O01oogoo00Yoo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol00goo00=l07oo Ool02Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`04Ool00g`0Oomoo`09Ool0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Aoo`03O01oogoo00Uoo`0300moogoo 00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03gooOol047oo00<03gooOol017oo00=l07ooOol02Goo00<03gooOol03goo000L Ool00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0? Ool00`0?Oomoo`0@Ool00`0?Oomoo`04Ool00g`0Oomoo`09Ool00`0?Oomoo`0?Ool001aoo`0300mo ogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300mo ogoo011oo`0300moogoo00Eoo`03O01oogoo00Qoo`0300moogoo00moo`0077oo00<03gooOol047oo 00D03gooOomoof]J009oo`07MkdU:GooOomW>FmkIcT01Goo00<007ooOol03goo00<03gooOol047oo 00<03gooOol03goo00<03gooOol047oo00<03gooOol01Goo00=l07ooOol027oo00<03gooOol03goo 000LOol00`0?Oomoo`0@Ool01@0?OomoogooJeX027oo00=[FWooOol00goo0P0047oo00<03gooOol0 47oo00<03gooOol03goo00<03gooOol047oo00<03gooOol01Goo00=l07ooOol027oo00<03gooOol0 3goo000LOol00`0?Oomoo`0@Ool01P0?OomoogooMke_N`Eoo`9_N`03HaQoogoo00=oo`03001oogoo 00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Ioo`03O01oogoo 00Moo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol00Woo00=W>GooOol00goo0Vmk 1Woo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol0 1Woo00=l07ooOol01goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool0100?Oom_NeJe0Ukg1Goo 0Ukg00=[FWooOol00goo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol0 47oo00<03gooOol01Woo00=l07ooOol01goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0? Oomoo`06Ool00g`0Oomoo`07Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Io o`03O01oogoo00Moo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol01goo00=l07oo Ool01Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`07Ool00g`0Oomoo`06Ool0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Moo`03O01oogoo00Ioo`0300moogoo 00moo`003Woo=00?00<0000?00l0D@0?00=l000?00l02P0?3Woo000LOol00`0?Oomoo`0@Ool00`0? Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0? Oomoo`08Ool00g`0Oomoo`05Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Qo o`03O01oogoo00Eoo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007oo Ool03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol027oo00=l07oo Ool01Goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`09Ool00g`0Oomoo`04Ool0 0`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo 011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00Uoo`03O01oogoo00Aoo`0300moogoo 00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03gooOol047oo00<03gooOol02Goo00=l07ooOol017oo00<03gooOol03goo000L Ool00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0? Ool00`0?Oomoo`0@Ool00`0?Oomoo`0:Ool00g`0Oomoo`03Ool00`0?Oomoo`0?Ool001aoo`0300mo ogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300mo ogoo011oo`0300moogoo00Yoo`03O01oogoo00=oo`0300moogoo00moo`0077oo00<03gooOol047oo 00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo 00<03gooOol02Woo00=l07ooOol00goo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomo o`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomo o`0;Ool00g`0Oomoo`02Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00]oo`03 O01oogoo009oo`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol0 3goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol02goo00=l07ooOol0 0Woo00<03gooOol03goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0;Ool00g`0Oomoo`02Ool00`0? Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo00moo`0300moogoo011o o`0300moogoo00moo`0300moogoo011oo`0300moogoo00]oo`03O01oogoo009oo`0300moogoo00mo o`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03goo Ool03goo00<03gooOol047oo00<03gooOol037oo00El07ooOomoo`0?015oo`0077oo00<03gooOol0 47oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol0 47oo00<03gooOol037oo00El07ooOomoo`0?015oo`0077oo00<03gooOol047oo00<03gooOol047oo 00<007ooOol03goo00<03gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol037oo 00El07ooOomoo`0?015oo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol037oo00El07ooOomoo`0?015o o`003Woo=00?00<0000?00l0E`0?00=l000?00l0100?3Woo000LOol00`0?Oomoo`0@Ool00`0?Oomo o`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomo o`0=Ool017`0Oomoo`0?4Goo000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool017`0Oomoo`0?4Goo 000LOol00`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomo o`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0=Ool017`0Oomoo`0?4Goo000LOol00`0?Oomoo`0@Ool0 0`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@Ool0 0`0?Oomoo`0>Ool00g`0Ool03`0AOol001aoo`0300moogoo011oo`0300moogoo011oo`03001oogoo 00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00ioo`03O01oo`0? 015oo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo00<0 3gooOol03goo00<03gooOol047oo00<03gooOol03goo00=l000?Ool047oo000LOol00`0?Oomoo`0@ Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomoo`0@ Ool00`0?Oomoo`0?Ool00g`000moo`0@Ool001aoo`0300moogoo011oo`0300moogoo011oo`03001o ogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo00moo`03O000 3goo011oo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol047oo 00<03gooOol03goo00<03gooOol047oo00<03gooOol047oo00=l07ooOol03goo000LOol00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0?Oomo o`0@Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011oo`03 001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo011oo`03 00moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03gooOol0 47oo00<03gooOol03goo00<03gooOol047oo00<03gooOol047oo00<03gooOol03goo000LOol00`0? Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool00`0? Oomoo`0@Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo011o o`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo011o o`0300moogoo00moo`0077oo00<03gooOol047oo00<03gooOol047oo00<007ooOol03goo00<03goo Ool047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol047oo00<03gooOol03goo000LOol0 0`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`00Oomoo`0?Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool0 0`0?Oomoo`0@Ool00`0?Oomoo`0@Ool00`0?Oomoo`0?Ool001aoo`0300moogoo011oo`0300moogoo 011oo`03001oogoo00moo`0300moogoo011oo`0300moogoo00moo`0300moogoo011oo`0300moogoo 011oo`0300moogoo00moo`007Goo00<03gooOol03goo00<03gooOol047oo00<007ooOol03goo00<0 3gooOol047oo00<03gooOol03goo00<03gooOol047oo00<03gooOol047oo00<03gooOol03goo0000 \ \>"], "Graphics", ImageSize->{177, 372}, ImageMargins->{{0, 0}, {0, 0}}, ImageRegion->{{0, 1}, {0, 1}}] }], "Text", TextAlignment->Center], Cell[TextData[{ "Using this idea, we can define an addition operation on the elements of ", Cell[BoxData[ \(TraditionalForm\`E\)]], ". We define ", Cell[BoxData[ \(TraditionalForm\`P + Q\)]], " as follows. Let ", Cell[BoxData[ \(TraditionalForm\`R\)]], " be the third point of intersection of the line ", Cell[BoxData[ \(TraditionalForm\`P - Q\)]], " with the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`P + Q\)]], " is the reflection of ", Cell[BoxData[ \(TraditionalForm\`R\)]], " about the line of symmetry of ", Cell[BoxData[ \(TraditionalForm\`E\)]], ", which is the ", Cell[BoxData[ \(TraditionalForm\`x\)]], "-axis for curves in Weierstrass form. If the line ", Cell[BoxData[ \(TraditionalForm\`P - Q\)]], " is vertical we define ", Cell[BoxData[ \(TraditionalForm\`P + Q = \[ScriptCapitalO]\)]], ". To add ", Cell[BoxData[ \(TraditionalForm\`P + P\)]], ", we find the line tangent to the curve at ", Cell[BoxData[ \(TraditionalForm\`P\)]], " and intersect it with the curve to arrive at ", Cell[BoxData[ \(TraditionalForm\`R\)]], ".\n\nWith these definitions it can be shown that ", Cell[BoxData[ \(TraditionalForm\`\((E, +)\)\)]], " actually forms an abelian group with identity \[ScriptCapitalO]. That \ is, the operation is commutative, associative, and every point ", Cell[BoxData[ \(TraditionalForm\`P\)]], " has an inverse ", Cell[BoxData[ \(TraditionalForm\`\(-P\)\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`P + \((\(-P\))\) = \[ScriptCapitalO]\)]], ". In fact, for an elliptic curve in Weierstrass form if ", Cell[BoxData[ \(TraditionalForm\`P = \((x, y)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`\(-P\) = \((x, \(-y\))\)\)]], ", the reflection of ", Cell[BoxData[ \(TraditionalForm\`P\)]], " about the ", StyleBox["x", FontSlant->"Italic"], "-axis. We have demonstrated that every element has an inverse and the \ proof of commutativity follows directly from the fact that the line through \ ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " is the same as a line through ", Cell[BoxData[ \(TraditionalForm\`Q, P\)]], ". The proof of associativity is nontrivial. One method of proof is \ given in Washington [7] \[Section] 2.4\n\nWe can also define this addition \ operation using analytic geometry. Suppose that ", Cell[BoxData[ \(TraditionalForm\`P = \((x\_1, y\_1)\), Q = \((x\_2, y\_2)\)\)]], " are two points on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " with distinct ", StyleBox["x", FontSlant->"Italic"], "-coordinates. Then the slope of the line between the two points is given \ by" }], "Text", TextJustification->1, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \((y\_2 - y\_1)\)/\((x\_2 - x\_1)\)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "The point-slope formula of the line passing through ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " is given by" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`y - y\_1 = \[Lambda](x - x\_1)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "Substituting (6) into the elliptic curve equation (3) yields \n\n\t", Cell[BoxData[ \(TraditionalForm\`\((\[Lambda](x - x\_1) + y\_1)\)\^2 = x\^3 + A\ x + B\)]], ".\n\nExpanding and collecting terms in ", StyleBox["x", FontSlant->"Italic"], " gives the following monic polynomial in \[DoubleStruckCapitalF][x]" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[Cell[BoxData[{ \(TraditionalForm\`x\^3 - \(\[Lambda]\^2\) x\^2 + \((2 \( \[Lambda]\^2\) x\_1 - 2\ \[Lambda]\ y\_1 + A)\) x\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \ \ \(+\ \((B - \(\[Lambda]\^2\) x\_1\^2 - y\_1\^2 + 2\ \[Lambda]\ \(x\_1\) y\_1)\)\) = 0. \)}]]], "NumberedEquation", FontSize->14], Cell[TextData[{ "We know that ", Cell[BoxData[ \(TraditionalForm\`x\_1, x\_2\)]], " satisfy (7) because ", Cell[BoxData[ \(TraditionalForm\`P\ and\ Q\)]], " satisfy both the line and the elliptic curve equations. So we can factor \ the cubic (7) as\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((x - x\_1)\) \((x - x\_2)\) \((x - x\_3)\) = 0\)]], ",\n\nwhere ", Cell[BoxData[ \(TraditionalForm\`x\_3\)]], " must be the ", StyleBox["x", FontSlant->"Italic"], "-coordinate of the third point of intersection. Expanding and collecting \ terms in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " we obtain" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`x\^3 - \((x\_1 + x\_2 + x\_3)\) x\^2 + \((x\_1\ x\_2 + x\_1\ x\_3 + x\_2\ x\_3)\)\ x - \(x\_1\) \(x\_2\) x\_3\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "Because (7) and (8) represent the same polynomial, the coefficients of ", Cell[BoxData[ \(TraditionalForm\`x\^2\)]], " must be equal, giving\n\t", Cell[BoxData[ \(TraditionalForm\`\(-\[Lambda]\^2\) = \(-\((x\_1 + x\_2 + x\_3)\)\)\)]], ".\nHence we can compute the ", StyleBox["x", FontSlant->"Italic"], "-coordinate of the third point of intersection as" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`x\_3 = \[Lambda]\^2 - x\_1 - x\_2\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "We can compute the corresponding ", StyleBox["y", FontSlant->"Italic"], "-coordinate using the equation of the line (6) and then negate the result \ to obtain the ", StyleBox["y", FontSlant->"Italic"], "-coordinate of ", Cell[BoxData[ \(TraditionalForm\`P + Q\)]], "," }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`y\_3 = \(-\((\[Lambda](x\_3 - x\_1) + y\_1)\)\)\)]], " = ", Cell[BoxData[ \(TraditionalForm\`\[Lambda](x\_1 - x\_3) - y\_1\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "On the other hand, if ", Cell[BoxData[ \(TraditionalForm\`x\_1 = x\_2\)]], " then ", Cell[BoxData[ \(TraditionalForm\`\(\(y\_1\%2\)\(=\)\(y\_2\%2\)\(\ \)\)\)]], ", so either ", Cell[BoxData[ \(TraditionalForm\`y\_2 = y\_1\)]], " or ", Cell[BoxData[ \(TraditionalForm\`y\_2 = \(-y\_1\)\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`y\_2 = \(-y\_1\)\)]], " then the line between ", Cell[BoxData[ \(TraditionalForm\`P\ and\ Q\_2\)]], " is vertical, and we define ", Cell[BoxData[ \(TraditionalForm\`P + Q = \[ScriptCapitalO]\)]], ", the identity. Otherwise ", Cell[BoxData[ \(TraditionalForm\`P = Q\)]], ", so we want to compute ", Cell[BoxData[ \(TraditionalForm\`P + P = 2\ P\)]], ". To accomplish this we define ", Cell[BoxData[ \(TraditionalForm\`\[Lambda]\)]], " as the slope of the tangent to the curve at ", Cell[BoxData[ \(TraditionalForm\`\((x\_1, y\_1)\)\)]], ". We can compute this slope by implicit differentiation of (3) giving\n\n\ \t", Cell[BoxData[ \(TraditionalForm\`2 y\ d\ y = \((3\ x\^2 + A)\) d\ x\)]], "\nso that" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ FormBox[ RowBox[{"\[Lambda]", "=", RowBox[{ StyleBox[\(\(d\ y\)\/\(d\ x\)\), FontSize->18], "=", StyleBox[\(\(3\ x\_1\^2 + A\)\/\(2\ y\_1\)\), FontSize->18]}]}], TraditionalForm]]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "Using this \[Lambda] with equations (9) and (10), along with the fact that \ ", Cell[BoxData[ \(TraditionalForm\`x\_1 = x\_2\)]], " and ", Cell[BoxData[ \(TraditionalForm\`y\_1 = y\_2\)]], " gives" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`\((x\_1, y\_1)\) + \((x\_1, y\_1)\) = \((\[Lambda]\^2 - 2\ x\_1, \[Lambda](x\_1 - x\_3) - y\_1)\)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "Equations (5) through (12) are incorporated into the ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", StyleBox["EcAdd", FontSize->12, FontWeight->"Bold"], ", which adds two points on an elliptic curve over \[DoubleStruckCapitalR] \ or \[DoubleStruckCapitalQ]." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 1 - Elliptic Curve Point Addition", "Subsubsection", CellTags->"c:5"], Cell[TextData[{ "Let an elliptic curve be given by ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 2\ x + 1\)]], " over the rational numbers \[DoubleStruckCapitalQ]. Then the discriminant \ is ", Cell[BoxData[ \(TraditionalForm\`d = \(\(-4\) A\^2 - 27 B\^3 = \(\(-4\)*4 - 27 = \(-43\) \[NotEqual] \ 0\)\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalQ])\)]], " is a valid elliptic curve. It is easy to check, by substituting the \ point coordinates into the equation for ", Cell[BoxData[ \(TraditionalForm\`E\)]], ", that the points ", Cell[BoxData[ \(TraditionalForm\`P = \((0, 1)\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`Q = \((1, \(-2\))\)\)]], " are elements of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalQ])\)]], ". Also, the ", Cell[BoxData[ \(TraditionalForm\`x\)]], " coordinates of ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " are distinct so we can compute the slope of the line passing through ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " using (5) so that\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \(\(\(-2\) - 1\)\/\(1 - 0\) = \ \(-3\)\)\)]], ".\n\t\nThen equations (9) and (10) give\n\n\t", Cell[BoxData[ \(TraditionalForm\`x\_3 = \(\((\(-3\))\)\^2 - 0 - 1 = 8\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`y\_3 = \(\(-3\) \((0 - 8)\) - 1 = 23\)\)]], ".\n\t\nSo that ", Cell[BoxData[ \(TraditionalForm\`P + Q = \((8, 23)\)\)]], ", which is also a point in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalQ])\)]], " since ", Cell[BoxData[ \(TraditionalForm\`8\^3 + 2*8 + 1 = \(529 = 23\^2\)\)]], ". We obtain the same result using the ", StyleBox["Mathematica", FontSlant->"Italic"], " function EcAdd[{2,1},{0,1},{1,-2}] which returns ", Cell[BoxData[ \(TraditionalForm\`{8, 23}\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "Chapter 2 - Arithmetic in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]] }], "Section", CellTags->"c:6"], Cell[CellGroupData[{ Cell["2.1 Elliptic Curves over Finite Fields", "Subsection", CellTags->"c:7"], Cell[TextData[{ "Suppose ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " is a finite field of order ", Cell[BoxData[ \(TraditionalForm\`q\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`q = p\^k\)]], " for some integer ", Cell[BoxData[ \(TraditionalForm\`k\)]], " (see, for example Dummit and Foote [2] \[Section]14.3). Suppose also \ that ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " is an element of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q[x, y]\)]], ", which means that ", Cell[BoxData[ \(TraditionalForm\`A, B \[Element] \[DoubleStruckCapitalF]\_q\)]], ". Then, if ", Cell[BoxData[ \(TraditionalForm\`4\ a\^3 + 27\ b\^2 \[NotEqual] 0\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " it can be shown that\n\n\t ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q) = {\((x, y)\) \[Element] \[DoubleStruckCapitalF]\_q\[Cross]\ \[DoubleStruckCapitalF]\_q | y\^2 = x\^3 + A\ x\ + B}\)]], "\n\t \nis an elliptic curve. Further, equations (5) through (12) of the \ previous section still obey the group axioms when arithmetic is done in the \ finite field, so that ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " is a finite abelian group. Since we have at most ", Cell[BoxData[ \(TraditionalForm\`q\)]], " choices for ", Cell[BoxData[ \(TraditionalForm\`x\)]], ", and for each of these at most 2 choices for ", Cell[BoxData[ \(TraditionalForm\`y\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " contains at most ", Cell[BoxData[ \(TraditionalForm\`2\ q\)]], " points. It turns out that the actual bound is closer to ", Cell[BoxData[ \(TraditionalForm\`q\)]], ".\n\nBefore we consider this question in detail, we introduce some of the \ number-theoretic functions which are required for computation on elliptic \ curves over a finite field. For the purpose of our goal, which is to \ determine the group order ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ", it turns out that it will be sufficient to work with fields of prime \ order, ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". This allows us to perform arithmetic in the field using modular \ arithmetic in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]/ p\ \[DoubleStruckCapitalZ]\)]], ". That is, we can perform addition, subtraction and multiplication using \ ordinary integer arithmetic and then reduce each result mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], " by dividing it by ", Cell[BoxData[ \(TraditionalForm\`p\)]], " and keeping the remainder.\n\nConsider the following example in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_7\)]], ":\n\n\t", Cell[BoxData[ \(TraditionalForm\`5*5 = \(25 = \(21 + 4 = 3*7 + 4 \[Congruent] 4\ \((mod\ 7)\)\)\)\)]], ",\n\t\nso that in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_7\)]], ", ", Cell[BoxData[ \(TraditionalForm\`5*5 = 4\)]], ".\n\nPerforming division in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " is a little bit more complicated. To compute ", Cell[BoxData[ \(TraditionalForm\`a/b\)]], " we need to multiply ", Cell[BoxData[ \(TraditionalForm\`a\)]], " by the modular inverse of ", Cell[BoxData[ \(TraditionalForm\`b\)]], ". For example, to compute ", Cell[BoxData[ \(TraditionalForm\`4/5 \((mod\ 7)\)\)]], " we must first find ", Cell[BoxData[ \(TraditionalForm\`c\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`5\ c \[Congruent] 1\ \((mod\ 7)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`4/5 = 4*c\)]], ". By trial and error we can find that ", Cell[BoxData[ \(TraditionalForm\`5*3 = 15 \[Congruent] 1 \((mod\ 7)\)\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`4/5 \[Congruent] 4*3 \[Congruent] 5 \((mod\ 7)\)\)]], ". We will later see how to use the Euclidean algorithm to accomplish this \ for problems involving larger integers.\n\nWe will also have occasion to \ compute ", Cell[BoxData[ \(TraditionalForm\`\(a\^k\)(mod\ p)\)]], ". This can be done by direct computation, for example ", Cell[BoxData[ \(TraditionalForm\`3\^4 = 81 \[Congruent] 4 \((mod\ 7)\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`3\^4 = 4\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\(\(\[DoubleStruckCapitalF]\_7\)\(.\)\)\)]], " Fortunately, for large ", Cell[BoxData[ \(TraditionalForm\`k\ and\ p\)]], ", there exists a much more efficient method based on doubling and reducing \ the result mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], " at each step. The following sections describe these algorithms." }], "Text", TextJustification->1, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["2.2 The Euclidean Algorithm", "Subsection", CellTags->"c:7"], Cell[TextData[{ "The Euclidean Algorithm computes the greatest common divisor ", Cell[BoxData[ \(TraditionalForm\`d\)]], " of the integers ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], ". It dates back to at least 300 B.C.E., where it appeared in geometric \ form in Euclid's ", StyleBox["Elements", FontSlant->"Italic"], ". The most obvious way to find the greatest common divisor is to \ completely factor both ", Cell[BoxData[ \(TraditionalForm\`a\)]], " and ", Cell[BoxData[ \(TraditionalForm\`b\)]], " into powers of primes such as\n\n\t", Cell[BoxData[ \(TraditionalForm\`a = \(\(p\_1\%\(r\_1\)\) p\_2\%\(r\_2\) ... \) p\_n\%\(r\_n\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`b = \(\(p\_1\%\(s\_1\)\) p\_2\%\(\_\(s\_2\)\) ... \) p\_n\%\(\_\(s\_n\)\)\)]], ",\n\t\nwhere ", Cell[BoxData[ \(TraditionalForm\`r\_i\ and\ s\_i\)]], " are integers greater than or equal to zero and ", Cell[BoxData[ \(TraditionalForm\`r\_i = 0\)]], " if ", Cell[BoxData[ \(TraditionalForm\`p\_i\)]], " does not divide ", Cell[BoxData[ \(TraditionalForm\`a\)]], " and ", Cell[BoxData[ \(TraditionalForm\`s\_i = 0\)]], " of ", Cell[BoxData[ \(TraditionalForm\`p\_i\)]], " does not divide ", Cell[BoxData[ \(TraditionalForm\`b\)]], ". Then the greatest common divisor ", Cell[BoxData[ \(TraditionalForm\`d\)]], " is given by\n\n\t", Cell[BoxData[ \(TraditionalForm\`d = \(\(p\_1\%\(t\_1\)\) p\_2\%\(\_\(t\_2\)\) ... \) p\_n\%\(\_\(t\_n\)\)\)]], ", where ", Cell[BoxData[ \(TraditionalForm\`t\_i = min(r\_i, s\_i)\)]], ".\n\t\nFor example, if ", Cell[BoxData[ \(TraditionalForm\`a = \(7960 = 2\^3*\ 5\ *199\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\(\(\ \)\(b = \(6580 = 2\^4*3\^4*5\)\)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b) = \(2\^3*\ 5 = 40\)\)]], ".\n\nHowever the integer factoring problem is currently understood to be \ difficult when the integer has no small prime divisors. The Euclidean \ algorithm is far superior because it can compute the greatest common divisor \ of two integers without factoring them. Suppose we wish to find the greatest \ common divisor of ", Cell[BoxData[ \(TraditionalForm\`a\)]], " and ", Cell[BoxData[ \(TraditionalForm\`b\)]], ", called ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b)\)]], ". Let ", Cell[BoxData[ \(TraditionalForm\`a > b\)]], " and divide ", Cell[BoxData[ \(TraditionalForm\`a\)]], " by ", Cell[BoxData[ \(TraditionalForm\`b\)]], " producing\n\n\t", Cell[BoxData[ \(TraditionalForm\`a = \(s\_0\) b + r\_0\)]], "\twhere ", Cell[BoxData[ \(TraditionalForm\`0 \[LessEqual] r\_0 < b\)]], " (by the division algorithm).\n\t\nIf ", Cell[BoxData[ \(TraditionalForm\`r\_0 = 0\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`b\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`a\)]], " so ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b) = b\)]], ". Otherwise, divide ", Cell[BoxData[ \(TraditionalForm\`b\)]], " by ", Cell[BoxData[ \(TraditionalForm\`r\_0\)]], " giving\n\n\t", Cell[BoxData[ \(TraditionalForm\`b = \(s\_1\) r\_0 + r\_1\)]], "\twhere ", Cell[BoxData[ \(TraditionalForm\`0 \[LessEqual] r\_1 < r\_0\)]], ".\n\t\nIf ", Cell[BoxData[ \(TraditionalForm\`r\_1 = 0\)]], " then ", Cell[BoxData[ \(TraditionalForm\`r\_0\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`b\)]], " and since ", Cell[BoxData[ \(TraditionalForm\`a = \(s\_0\) b + r\_0\)]], " then ", Cell[BoxData[ \(TraditionalForm\`r\_0\)]], " also divides ", Cell[BoxData[ \(TraditionalForm\`a\)]], " giving ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b) = r\_0\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`r\_i \[NotEqual] 0\)]], ", we can continue the process dividing ", Cell[BoxData[ \(TraditionalForm\`r\_\(i - 1\)\)]], " by ", Cell[BoxData[ \(TraditionalForm\`r\_i\)]], " giving\n\t", Cell[BoxData[{ \(TraditionalForm\`r\_0 = \(s\_2\) r\_1 + r\_2\), "\[IndentingNewLine]", \(TraditionalForm\` ... \), "\[IndentingNewLine]", \(TraditionalForm\`r\_\(i - 1\) = \(s\_\(i + 1\)\) r\_i + \(\(r\_\(i + 1\)\)\(.\)\)\)}]], "\n\t\nEventually we must find ", Cell[BoxData[ \(TraditionalForm\`r\_\(n + 1\) = 0\)]], " because at each step ", Cell[BoxData[ \(TraditionalForm\`0 \[LessEqual] r\_i < r\_\(i - 1\)\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`r\_\(n - 1\) = \(s\_\(n + 1\)\) r\_n\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`gcd(r\_\(n - 1\), r\_n) = \(\(r\_n\)\(.\)\)\)]], "\n\nNote, however, that if ", Cell[BoxData[ \(TraditionalForm\`x = q\ y + r\)]], " then ", Cell[BoxData[ \(TraditionalForm\`gcd(x, y) = gcd(y, r)\)]], ". This is true because ", Cell[BoxData[ \(TraditionalForm\`gcd(y, r)\)]], " divides both ", Cell[BoxData[ \(TraditionalForm\`y\)]], " and ", Cell[BoxData[ \(TraditionalForm\`r\)]], ", so it divides ", Cell[BoxData[ \(TraditionalForm\`x\)]], " also, hence ", Cell[BoxData[ \(TraditionalForm\`gcd(y, r)\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`gcd(x, y)\)]], ". But we can write ", Cell[BoxData[ \(TraditionalForm\`gcd(y, r)\)]], " as a linear combination of ", Cell[BoxData[ \(TraditionalForm\`y\)]], " and ", Cell[BoxData[ \(TraditionalForm\`r\)]], " so that\n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(y, r) = \(u\ y + v\ r = \(u\ y + v(x - q\ y) = \((u - v\ q)\) y + v\ x\)\)\)]], ",\n\t\nso ", Cell[BoxData[ \(TraditionalForm\`gcd(x, y)\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`gcd(y, r)\)]], ", hence ", Cell[BoxData[ \(TraditionalForm\`gcd(x, y) = gcd(y, r)\)]], ". Applying this to the chain of divisions above gives ", Cell[BoxData[ \(TraditionalForm\`gcd(r\_\(i - 1\), r\_i) = gcd(r\_\(i - 2\), r\_\(i - 1\))\)]], ", so in particular ", Cell[BoxData[ \(TraditionalForm\`gcd(r\_0, r\_1) = \(gcd(b, r\_0) = gcd(a, b)\)\)]], ". Therefore the last nonzero divisor ", Cell[BoxData[ \(TraditionalForm\`r\_n = gcd(a, b)\)]], ". Euclid's algorithm for computing the greatest common divisor is \ implemented in the ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", StyleBox["EuclideanAlgorithm", FontSize->12, FontWeight->"Bold"], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["2.3 The Extended Euclidean Algorithm", "Subsection", CellTags->"c:8"], Cell[TextData[{ "The Extended Euclidean Algorithm computes the greatest common divisor ", Cell[BoxData[ \(TraditionalForm\`d\)]], " of the integers ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], " and also computes two integers ", Cell[BoxData[ \(TraditionalForm\`r, s\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`d = r\ a\ + \ s\ b\)]], ". This method provides a fast way to compute multiplicative inverses in \ ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". The algorithm proceeds as follows.\n\nStarting with ", Cell[BoxData[ \(TraditionalForm\`r\_0 = 1, \ s\_1 = 0\)]], " we take ", Cell[BoxData[ \(TraditionalForm\`d\_0 = \(a = \(r\_0\) a + \(s\_0\) b\)\)]], ". For step 1 we take ", Cell[BoxData[ \(TraditionalForm\`r\_1 = 0, \ s\_1 = 1\)]], " so we can write ", Cell[BoxData[ \(TraditionalForm\`d\_1 = \(b = \(r\_1\) a + \(s\_1\) b\)\)]], ". At each succeeding step we compute the smallest positive ", Cell[BoxData[ \(TraditionalForm\`d\_i \[Congruent] \(d\_\(\(i\)\(-\)\(2\)\(\ \)\)\)( mod\ d\_\(i - 1\))\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`d\_i = d\_\(i - 2\) - k\ d\_\(i - 1\)\)]], " for some positive integer ", Cell[BoxData[ \(TraditionalForm\`k\)]], ". The algorithm maintains ", Cell[BoxData[ \(TraditionalForm\`d\_i = r\_i\ a + \(s\_i\) b\)]], " at each step so that\n\n\t", Cell[BoxData[{ \(TraditionalForm\`d\_i = \((\(r\_\(i - 2\)\) a + s\_\(i - 2\)\ b)\) - k(\(r\_\(i - 1\)\) a + s\_\(i - 1\)\ b)\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \ \ \(\(=\)\(\((r\_\(i - 2\) - k\ r\_\(i - 1\))\) a + \((s\_\(i - 2\) - k\ s\_\(i - 1\))\) \(\(b\)\(.\)\)\)\)\)}]], "\n\t\nHence, we must have ", Cell[BoxData[ \(TraditionalForm\`r\_i = \(r\_\(i - 2\) - k\ r\_\(i - 1\)\ and\ \ s\_i = s\_\(i - 2\) - k\ s\_\(i - 1\)\)\)]], ", which completes the formulation of the recursion definition. Our ", StyleBox["Mathematica", FontSlant->"Italic"], " implementation is based on Rosen [4] \[Section]3.3." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 2 - The Extended Euclidean Algorithm", "Subsubsection", CellTags->"c:9"], Cell[TextData[{ "If we can find the prime factorization of two numbers then we can write \ down the greatest common divisor directly. It is the product of the largest \ prime powers that divide both numbers. For example, let ", Cell[BoxData[ \(TraditionalForm\`a = \(7960 = 2\^3*\ 5\ *199\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\(\(\ \ \)\(b = \(6580 = 2\^4*3\^4*5\)\)\)\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b) = \(2\^3*\ 5 = 40. \)\)]], " Even for such easy problems, however, the determination of ", Cell[BoxData[ \(TraditionalForm\`gcd(a, b)\)]], " as a linear combination of ", Cell[BoxData[ \(TraditionalForm\`a\)]], " and ", Cell[BoxData[ \(TraditionalForm\`b\)]], " is best accomplished using the Extended Euclidean algorithm. Using \ ExtendedEucideanAlgorithm[ ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], " ] we find\n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(7960, 6480) = \(40 = \(-35\)*7960 + 43*6480\)\)]], "." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["2.4 Finding the modular inverse", "Subsection", CellTags->"c:10"], Cell[TextData[{ "We can also use the Euclidean algorithm to find the modular inverse. The \ extended Euclidean algorithm finds the greatest common divisor of two numbers \ ", Cell[BoxData[ \(TraditionalForm\`d = gcd(a, b)\)]], ". It also computes two numbers ", Cell[BoxData[ \(TraditionalForm\`r, s\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`d = r\ a + s\ b\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is relatively prime to ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", which is always true if ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is a prime and ", Cell[BoxData[ \(TraditionalForm\`1 < a < p\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`gcd(a, p) = 1\)]], ". So to find the modular inverse of ", Cell[BoxData[ \(TraditionalForm\`a\)]], " modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", we use the Euclidean algorithm to compute\n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(a, p) = \(1 = r\ a + s\ p \[Congruent] r\ a\ \((mod\ p)\)\)\)]], ", hence ", Cell[BoxData[ \(TraditionalForm\`a\^\(-1\) \[Congruent] r\ \((mod\ p)\)\)]], ".\n\t\nWe need to compute modular inverses in order to perform the \ divisions in the elliptic curve point addition formulas." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell[TextData[{ "Example 3 - Multiplicative Inverse (mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], ")" }], "Subsubsection", CellTags->"c:11"], Cell[TextData[{ "As an example, lets work over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_19\)]], ", the field with 19 elements ", Cell[BoxData[ \(TraditionalForm\`{0, 1, ... , 18}\)]], " with arithmetic modulo 19, a prime. In a field, every nonzero element \ has a multiplicative inverse, so lets find the inverse of 7. The Euclidean \ algorithm gives \n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(7, 19) = \(1 = \(-8\)*7 + 3*19 \[Congruent] \(-8\)*7 \((mod\ 19)\)\)\)]], ". \n\t\nBut ", Cell[BoxData[ \(TraditionalForm\`\(-8\) \[Congruent] 11 \((mod\ 19)\)\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`11*7 \[Congruent] 1\ \((mod\ 19)\)\)]], ". Hence ", Cell[BoxData[ \(TraditionalForm\`7\^\(-1\) \[Congruent] 11\ \((mod\ 19)\)\)]], ". This is verified by the fact that ", Cell[BoxData[ \(TraditionalForm\`11*7 = \(77 = 4*19 + 1 \[Congruent] 1\ \((mod\ 19)\)\)\)]], "." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["2.5 Modular Exponentiation", "Subsection", CellTags->"c:12"], Cell[TextData[{ "This method uses the binary representation of ", Cell[BoxData[ \(TraditionalForm\`n\)]], " to construct the result.\nStarts with ", Cell[BoxData[ \(TraditionalForm\`a\^1 \[Congruent] a(mod\ p), \ x = 1\)]], " then at each iteration ", Cell[BoxData[ \(TraditionalForm\`k\)]], " we compute\n\n\tIf the ", Cell[BoxData[ \(TraditionalForm\`k\^th\)]], " bit of ", Cell[BoxData[ \(TraditionalForm\`n\)]], " is 1 then ", Cell[BoxData[ \(TraditionalForm\`x \[Congruent] x*\(\(a\^k\)(mod\ p)\)\)]], ".\n\tThen ", Cell[BoxData[ \(TraditionalForm\`a\^\(2 k\) \[Congruent] a\^k*\(\(a\^k\)(mod\ p)\)\)]], " for the next iteration.\n\t\nIn this way the arithmetic is done with \ relatively small integers, even though ", Cell[BoxData[ \(TraditionalForm\`a\^n\)]], " may have hundreds or thousands of digits. In fact, at each step of the \ algorithm we multiply two numbers which are less than ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", so the largest product we ever compute is less than ", Cell[BoxData[ \(TraditionalForm\`p\^2\)]], ". Hence, if the binary representing of ", Cell[BoxData[ \(TraditionalForm\`p\)]], " requires ", Cell[BoxData[ \(TraditionalForm\`m\)]], " bits, then we need no more than ", Cell[BoxData[ \(TraditionalForm\`2 m\)]], " bits to store the intermediate results. On the other hand, if we compute \ ", Cell[BoxData[ \(TraditionalForm\`a\^n\)]], " directly, and ", Cell[BoxData[ \(TraditionalForm\`a\)]], " has ", Cell[BoxData[ \(TraditionalForm\`m\)]], " bits then we would need ", Cell[BoxData[ \(TraditionalForm\`n\ m\)]], " bits to hold the intermediate result." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 4 - Modular Exponentiation", "Subsubsection", CellTags->"c:13"], Cell[TextData[{ "As an example, let's compute ", Cell[BoxData[ \(TraditionalForm\`\(11\^37\) \((mod\ 97)\)\)]], ". The direct method would first compute ", Cell[BoxData[ \(TraditionalForm\`11\^37 = 340039485861577398992406882305761986971\ in\ \ \[DoubleStruckCapitalZ]\)]], " and then find ", Cell[BoxData[ \(TraditionalForm\`11\^37 = 3505561709913169061777390539234659659*97 + 48\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`11\^37 \[Congruent] 48 \((mod\ \ 97)\)\)]], ". However, in binary ", Cell[BoxData[ FormBox[ RowBox[{"37", "=", TagBox[ InterpretationBox[\("100101"\_"2"\), 37, Editable->False], (BaseForm[ #, 2]&)]}], TraditionalForm]]], ", so we can compute ", Cell[BoxData[ \(TraditionalForm\`\(11\^37\) \((mod\ 97)\)\)]], " as follows.\n\n\t", Cell[BoxData[ \(TraditionalForm\`11\^37 = \(11\^\(32 + 4 + 1\) = \(11\^\(2\^5 + 2\^2 \ + 1\) = \(11\^\(\((2\^3 + 1)\) 2\^2 + 1\) = \((\((\((\((11\^2)\)\^2)\)\^2*11)\ \)\^2)\)\^2*11\)\)\)\)]], ".\n\t\nBut ", Cell[BoxData[ \(TraditionalForm\`11\^2 \[Congruent] 24 \((mod\ 97)\)\)]], ", ", Cell[BoxData[ \(TraditionalForm\`24\^2 \[Congruent] 91 \((mod\ 97)\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`91\^2 \[Congruent] 36 \((mod\ 97)\)\)]], " so that\n", Cell[BoxData[ \(TraditionalForm\`11\^37 \[Congruent] \((\((36*11)\)\^2)\)\^2*11 \ \((mod\ 97)\)\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`396 \[Congruent] 8 \((mod\ 97)\)\)]], ", ", Cell[BoxData[ \(TraditionalForm\`\((8\^2)\)\^2 \[Congruent] 22 \((mod97)\)\)]], ",\nhence ", Cell[BoxData[ \(TraditionalForm\`11\^37 \[Congruent] 22*11 \[Congruent] 48 \((mod\ 97)\)\)]], ".\n\nNotice that we performed these computations without using any number \ larger than ", Cell[BoxData[ \(TraditionalForm\`97\^2\)]], ". We will see later how this same idea, applied to polynomial arithmetic \ will allow us to compute ", Cell[BoxData[ \(TraditionalForm\`\(\(f(x)\)\^k\) \((mod\ \(g(x)\))\)\)]], " in an efficient manner." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "2.6 Square roots modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]] }], "Subsection", CellTags->"c:14"], Cell[TextData[{ "One of the steps in Schoof's algorithm requires the solution of the \ congruence ", Cell[BoxData[ \(TraditionalForm\`w\^2 \[Congruent] p\ \((mod\ l)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`w\)]], ", with ", Cell[BoxData[ \(TraditionalForm\`l\)]], " a prime number less than ", Cell[BoxData[ \(TraditionalForm\`\@p\)]], ". In other words we need to find the square root of ", Cell[BoxData[ \(TraditionalForm\`p\)]], " modulo ", Cell[BoxData[ \(TraditionalForm\`l\)]], ". Unlike the multiplicative inverse problem, this problem does not always \ have a solution. When it does, we say that ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is a quadratic residue modulo ", Cell[BoxData[ \(TraditionalForm\`l\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is called quadratic nonresidue. If there is an ", Cell[BoxData[ \(TraditionalForm\`x\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`x\^2 \[Congruent] a\ \((mod\ p)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is a quadratic residue mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], " and \n\n\t", Cell[BoxData[ \(TraditionalForm\`a\^\(\((p - 1)\)/2\) \[Congruent] \((x\^2)\)\^\(\((p \ - 1)\)/2\) \[Congruent] x\^\(p - 1\) \[Congruent] 1 \((mod\ p)\)\)]], " by Fermat's little theorem.\n\t\nOtherwise, for all ", Cell[BoxData[ \(TraditionalForm\`i < p\)]], ", ", Cell[BoxData[ \(TraditionalForm\`gcd(i\ , p) = 1\)]], ". Then for each ", Cell[BoxData[ \(TraditionalForm\`i\)]], " less than ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", ", Cell[BoxData[ \(TraditionalForm\`i\ j \[Congruent] a\ \((mod\ p)\)\)]], " has a unique solution, which can not be ", Cell[BoxData[ \(TraditionalForm\`j = i\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`i\^2 \[Congruent] a(mod\ p)\)]], ". Hence we can group the solutions into ", Cell[BoxData[ \(TraditionalForm\`\((p - 1)\)/2\)]], " pairs, each with product congruent to ", Cell[BoxData[ \(TraditionalForm\`a\ \((mod\ p)\)\)]], ". Taking the product of all of the solutions gives:\n\n\t", Cell[BoxData[ \(TraditionalForm\`a\^\(\((p - 1)\)/2\) \[Congruent] \(\((p - 1)\)!\)\ \((mod\ p)\)\)]], ",\n\t\nsince each number less than ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is included exactly once in the product. Then Wilson's Theorem gives ", Cell[BoxData[ \(TraditionalForm\`\(\((p - 1)\)!\) \[Congruent] \(-1\) \((mod\ p)\)\)]], ", so that \n\n\t", Cell[BoxData[ \(TraditionalForm\`a\^\(\((p - 1)\)/2\) \[Congruent] \(-1\)\ \((mod\ p)\ \)\)]], ".\n\t\nNote that a more efficient algorithm exists which makes use of the \ Quadratic Reciprocity Theorem of Gauss, but we do not need the complexity of \ this method because we will be testing for quadratic residues for only modest \ sized integers." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["2.7 Shanks-Tonelli Modular Square Root Algorithm", "Subsection", CellTags->"c:15"], Cell[TextData[{ "Once we have determined that integer ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is a quadratic residue modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", we need a method to find the square root. One method to accomplish this \ is called the Shanks-Tonelli modular square root algorithm. The details of \ the algorithm, which has performance logarithmic in the number of digits of \ ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", are described in the paper \"Square Roots from 1; 24, 51, 10 to Dan \ Shanks\" by Ezra Brown [1]." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 5 - Computing Square Roots Modulo p", "Subsubsection", CellTags->"c:16"], Cell[TextData[{ "We consider the following nontrivial example. Let \n\n\t", Cell[BoxData[ \(TraditionalForm\`p = 360027784083079948259017962255826129\)]], ".\n\t\nWe want to find ", Cell[BoxData[ \(TraditionalForm\`x\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`x\^2 \[Congruent] 2865\ \((mod\ p)\)\)]], ". The Shanks-Tonelli algorithm gives\n\n\t ", Cell[BoxData[ \(TraditionalForm\`x = 203744876602447660339212047901408164\)]], ".\n\t \nWe could verify that this is the correct solution using the \ modular exponentiation method described above, but since we are only \ computing ", Cell[BoxData[ \(TraditionalForm\`\(x\^2\)(mod\ p)\)]], " we can compute this directly, showing that ", Cell[BoxData[ \(TraditionalForm\`x\^2 \[Congruent] 2865 \((mod\ p)\)\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["2.8 The Chinese Remainder Theorem", "Subsection", CellTags->"c:17"], Cell[TextData[{ "The Chinese Remainder Theorem provides a method to compute the smallest \ positive integer satisfying a set of congruences. It first appeared as a \ method of solution to a particular modular congruence problem in a \ third-century book by Chinese mathematician Sun Tzu [4] \[Section] 4.5. In \ Schoof's algorithm, we compute ", Cell[BoxData[ \(TraditionalForm\`\[Tau]\_i \[Congruent] t\ \((mod\ l\_i)\)\)]], " for a set of small primes ", Cell[BoxData[ \(TraditionalForm\`l\_i\)]], ", where ", Cell[BoxData[ \(TraditionalForm\`t\)]], " satisfies ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ". The Chinese Remainder Theorem allows us to recover ", Cell[BoxData[ \(TraditionalForm\`t\)]], " from this set of congruences, thus determining the order of the group.\n\n\ We are given the following information, for the unknown ", Cell[BoxData[ \(TraditionalForm\`z < N\)]], "\n\n\t", Cell[BoxData[ \(TraditionalForm\`r\_i \[Congruent] z\ \((mod\ n\_i)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`i = 1, 2, ... , k\)]], "\n\t\nwhere ", Cell[BoxData[ \(TraditionalForm\`N = \(n\_1\ n\_2 ... \) n\_k\)]], " and ", Cell[BoxData[ \(TraditionalForm\`gcd(n\_i, n\_j) = 1 when\ i \[NotEqual] j\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`N\)]], " is also the least common multiple of the ", Cell[BoxData[ \(TraditionalForm\`{n\_i}\)]], ".\n\nLet ", Cell[BoxData[ \(TraditionalForm\`a\_i = N\/n\_i\)]], ", ", Cell[BoxData[ \(TraditionalForm\`b\_i = \(a\_i\%\(-1\)\)(mod\ n\_i)\)]], ". The modular inverses\t", Cell[BoxData[ \(TraditionalForm\`b\_i\)]], " exist because ", Cell[BoxData[ \(TraditionalForm\`n\_i\)]], " does not divide ", Cell[BoxData[ \(TraditionalForm\`\(\(a\_i\)\(\ \)\)\)]], "because ", Cell[BoxData[ \(TraditionalForm\`gcd(n\_i, n\_j) = 1 when\ i \[NotEqual] j\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`\(a\_i\) b\_i \[Congruent] 1 \((mod\ n\_i)\)\)]], " and since ", Cell[BoxData[ \(TraditionalForm\`n\_j\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`a\_i\)]], " when ", Cell[BoxData[ \(TraditionalForm\`j \[NotEqual] i\)]], ", hence ", Cell[BoxData[ \(TraditionalForm\`\(a\_i\) b\_i \[Congruent] 0 \((mod\ n\_j)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`j \[NotEqual] i\)]], ". So we can compute\n\n\t ", Cell[BoxData[ \(TraditionalForm\`z = \((\[Sum]\+\(i = 1\)\%k\( a\_i\) \(b\_i\) r\_i)\)\ \((mod\ N)\)\)]], ", \n\t \nwhich is the unique ", Cell[BoxData[ \(TraditionalForm\`0 < z < N\)]], " for which all the congruences hold." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 6 - Determining the Chinese Remainder", "Subsubsection", CellTags->"c:18"], Cell[TextData[{ "For example, suppose we have ", Cell[BoxData[ \(TraditionalForm\`z \[Congruent] 1 \((mod\ 2)\), z \[Congruent] 0\ \((mod\ 5)\), z \[Congruent] 6\ \((mod\ 7)\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`z \[Congruent] 7 \((mod\ 11)\)\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`N = 770\)]], " and the Chinese remainder algorithm gives\n\n\t", Cell[BoxData[ \(TraditionalForm\`a\_i = {385, 154, 110, 70}\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`b\_i = \(\(a\_i\%\(-1\)\)(mod\ n\_i) = {1, 4, 3, 3}\)\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`e\_i = \(\(a\_i\) b\_i = {385, 616, 330, 210}\)\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`z = \(e\[CenterDot]r = 3835 \[Congruent] 755 \((mod\ N)\)\)\)]], "\n\t\nSo ", Cell[BoxData[ \(TraditionalForm\`755\)]], " is the smallest positive integer satisfying this set of congruences." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "Chapter 3 - Arithmetic of Elliptic Curves over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]] }], "Section", PageBreakAbove->True, CellTags->"c:19"], Cell[TextData[{ "Now that we have a set of methods for performing arithmetic in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ", we can apply these to performing arithmetic in the group ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ". We provide a set of ", StyleBox["Mathematica", FontSlant->"Italic"], " functions to implement algorithms for testing if a cubic equation is an \ elliptic curve over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ", for adding points on the curve, and for efficiently computing ", Cell[BoxData[ \(TraditionalForm\`k\ P\)]], ", the sum of ", Cell[BoxData[ \(TraditionalForm\`k\)]], " copies of the point ", Cell[BoxData[ \(TraditionalForm\`P\)]], ". In each case it is assumed, and for efficiency sake not verified, that \ ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is a prime. " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell[TextData[{ "Example 7 - Arithmetic in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]] }], "Subsubsection", CellTags->"c:20"], Cell[TextData[{ "We will now review several of the mathematical ideas and methods related \ to elliptic curves over a prime field by way of an example. Consider the \ elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], ". It has discriminant\n\n\t ", Cell[BoxData[ \(TraditionalForm\`d \[Congruent] \(-\((4\ a\^3 + 27\ b\^2)\)\) \[Congruent] \(-\((4*\ 46\^3 + 27\ *74\^2)\)\) \[Congruent] 537196 \[Congruent] 87 \((mod\ p)\)\)]], "\n\t \nSince the discriminant is nonzero modulo", Cell[BoxData[ \(TraditionalForm\`p\)]], ", ", Cell[BoxData[ \(TraditionalForm\`E\)]], " is a valid elliptic curve." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "At ", Cell[BoxData[ \(TraditionalForm\`x = 1\)]], " we have\n\n\t ", Cell[BoxData[ \(TraditionalForm\`x\^3 + 46\ x + 74 = \(1 + 46 + 74 = 121 \[Congruent] 24 \((mod\ 97)\)\)\)]], "\n\t \nso ", Cell[BoxData[ \(TraditionalForm\`E\)]], " has a point with ", Cell[BoxData[ \(TraditionalForm\`x = 1\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`24\)]], " is a quadratic residue modulo ", Cell[BoxData[ \(TraditionalForm\`97\)]], ". Using modular exponentiation we find with ", Cell[BoxData[ \(TraditionalForm\`p = 97\)]], " that ", Cell[BoxData[ \(TraditionalForm\`24\^\(\((p - 1)\)/2\) \[Congruent] 1 \((mod\ p)\)\)]], ", so that 24 has a square root modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". We then employ the Shanks-Tonelli algorithm to find this square root \ giving ", Cell[BoxData[ \(TraditionalForm\`11\^2 \[Congruent] 24 \((mod\ p)\)\)]], " so that the point ", Cell[BoxData[ \(TraditionalForm\`P = \((1, 11)\)\)]], " is an element of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "Next let us compute ", Cell[BoxData[ \(TraditionalForm\`P + P = 2 P\)]], " using Equation (12) modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], " as\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \(3\ x\^3 + A\)\/\(2\ y\) \[Congruent] \ \((3 + 46)\) \((22\^\(-1\))\) \((mod\ 97)\) \[Congruent] 49*75 \((mod\ 97)\) \[Congruent] 86 \((mod\ 97)\)\)]], ".\n\t\nThen\n\t", Cell[BoxData[ \(TraditionalForm\`x\_3 = \[Lambda]\^2 - 2\ x\_1 \[Congruent] 86\^2 - 2 \((mod\ 97)\) \[Congruent] 22 \((mod\ 97)\)\)]], ", also\n\t", Cell[BoxData[ \(TraditionalForm\`y\_3 = \(\[Lambda](x\_1 - x\_3) - y\_1 = 86 \((1 - 22)\) - 11 \((mod\ 97)\) \[Congruent] 26 \((mod\ 97)\)\)\)]], ".\n\t\nHence ", Cell[BoxData[ \(TraditionalForm\`2*\((1, 11)\) = \((22, 26)\)\)]], " on ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_97)\)]], ". We can also compute ", Cell[BoxData[ \(TraditionalForm\`4*\((1, 11)\)\)]], " by adding ", Cell[BoxData[ \(TraditionalForm\`\((22, 26)\) + \((22, 26)\)\)]], " giving ", Cell[BoxData[ \(TraditionalForm\`\((4, 15)\)\)]], " or obtain the same result using the function ", Cell[BoxData[ \(TraditionalForm\`EcPowerMod[{46, 74}, {1, 11}, 4, 97]\)]], "." }], "Text", TextJustification->1, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "The order of a point ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E(\[DoubleStruckCapitalF]\_p)\)]], " is defined as the smallest ", Cell[BoxData[ \(TraditionalForm\`k\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`k\ P = \[ScriptCapitalO]\)]], ". One way to determine ", Cell[BoxData[ \(TraditionalForm\`k\)]], " is to compute ", Cell[BoxData[ \(TraditionalForm\`n\ P\)]], " for each successive ", Cell[BoxData[ \(TraditionalForm\`n\)]], " starting at 1 until the result is the identity. For the previous example \ with ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], " and ", Cell[BoxData[ \(TraditionalForm\`P = \((1, 11)\)\)]], " we find, using repeated application of ", StyleBox["EcAddMod", FontSize->12, FontWeight->"Bold"], ", that\n\n\t", Cell[BoxData[ \(TraditionalForm\`2 P = \((2, 26)\), 3 P = \((27, 12)\), 4 P = \((4, 15)\), ... , 15 P = \((1, 86)\)\)]], ".\n\t\nSince ", Cell[BoxData[ \(TraditionalForm\`86 + 11 \[Congruent] 0 \((mod\ 97)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`15 P = \(-P\)\)]], ", so we know that ", Cell[BoxData[ \(TraditionalForm\`16 P = \[ScriptCapitalO]\)]], ". Since 16 is the smallest multiple of ", Cell[BoxData[ \(TraditionalForm\`P\)]], " for which this occurs we have the order of ", Cell[BoxData[ \(TraditionalForm\`P\)]], " is 16 and we write ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(P\)\(|\)\) = 16\)]], ". This gives a hint as to one way to determine ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], ". By Lagrange's theorem the order of the element of a finite group must \ divide the order of the group. So we know that 16 divides ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_97)\)\)]], " for our sample curve." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "Chapter 4 - Computing the Order of the Group ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]] }], "Section", PageBreakAbove->True, CellTags->"c:21"], Cell[CellGroupData[{ Cell[TextData[{ "4.1 A direct method of computing ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]] }], "Subsection", CellTags->"c:22"], Cell[TextData[{ "A direct approach to determining ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], " is to compute ", Cell[BoxData[ \(TraditionalForm\`z = x\^3 + A\ x + B\)]], " for each ", Cell[BoxData[ \(TraditionalForm\`x \[Element] \[DoubleStruckCapitalF]\_q\)]], ", and then to test if ", Cell[BoxData[ \(TraditionalForm\`z\)]], " has a square root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`z = 0\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`\((x, 0)\) \[Element] E(\[DoubleStruckCapitalF]\_q)\)]], ". If there exists ", Cell[BoxData[ \(TraditionalForm\`y \[Element] \[DoubleStruckCapitalF]\_q\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`y\^2 = z\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\), \((x, \(-y\))\) \[Element] E(\[DoubleStruckCapitalF]\_q)\)]], ", else there is no point in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " with ", StyleBox["x", FontSlant->"Italic"], "-coordinate ", Cell[BoxData[ \(TraditionalForm\`\(\(x\)\(.\)\)\)]], " This means there are at most ", Cell[BoxData[ \(TraditionalForm\`2\ q + 1\)]], "elements in the group. However, a theorem of finite fields states that \ exactly 1/2 of the non-zero elements of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " are quadratic residues. This means that, on average, there will be \ approximately ", Cell[BoxData[ \(TraditionalForm\`q + 1\)]], " elements in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], ". As we shall see next, specific bounds on ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], " can be established, and this is one key to more efficient methods of \ determining the group order. " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "Before proceeding, we want to fully characterize all of the points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " for our example curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x + 74\ over\ \ \[DoubleStruckCapitalF]\_97\)]], ". We can do this using the ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", StyleBox["FindEcPointSet", FontSize->12, FontWeight->"Bold"], " which encodes the technique above to find every point on the curve. Then \ for each point we can determine its order using the technique outlined at the \ end of chapter 3. This method is encoded in the ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", StyleBox["EcPointOrderMod", FontSize->12, FontWeight->"Bold"], ". The results of applying these methods to our example are shown in the \ table of Figure 3. Note that for each ", StyleBox["x", FontSlant->"Italic"], " there are two values of ", Cell[BoxData[ \(TraditionalForm\`y\)]], ", which are distinct unless ", Cell[BoxData[ \(TraditionalForm\`y = 0\)]], ". This is so because each solution has ", Cell[BoxData[ \(TraditionalForm\`y\^2 \[Congruent] z\ \((mod\ p)\)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`z = x\^3 + A\ x + B\)]], " for a particular value of ", Cell[BoxData[ \(TraditionalForm\`x\)]], ", so if ", Cell[BoxData[ \(TraditionalForm\`y\_1\^2 = z\)]], " then ", Cell[BoxData[ \(TraditionalForm\`\((\(-y\_1\))\)\^2 = z\)]], ". There can be no other distinct solutions because the quadratic equation \ ", Cell[BoxData[ \(TraditionalForm\`y\^2 - z = 0\)]], " can have only two solutions. Observe that for each pair of points in \ Figure 3 with the same value of ", Cell[BoxData[ \(TraditionalForm\`x\)]], " we have ", Cell[BoxData[ \(TraditionalForm\`y\_2 \[Congruent] \(-y\_1\)\ \((mod\ p)\)\)]], ", so that the points ", Cell[BoxData[ \(TraditionalForm\`\((x, y\_1)\), \((x, y\_2)\)\)]], " are indeed inverses in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ".\n\nIf we count these points we find 39 pairs of points ", Cell[BoxData[ \(TraditionalForm\`\((x, y\_1)\), \((x, y\_2)\)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`y\_1 \[NotEqual] y\_2\)]], ". We also have one point, ", Cell[BoxData[ \(TraditionalForm\`\((57, 0)\)\)]], ", with ", Cell[BoxData[ \(TraditionalForm\`y = 0\)]], ". Including the identity \[ScriptCapitalO], there are a total of ", Cell[BoxData[ \(TraditionalForm\`2*39 + 1 + 1 = 80\)]], " points so that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = 80\)]], ". The last column in the table gives the order of each point. Notice also \ that each point order divides 80, the order of the group, as must be so by \ Lagrange's theorem." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ StyleBox["Table 1 - Points for ", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`y\^2 = \(\(x\^3\)\(+\)\(46 x\)\(\ \)\(+\)\(74\)\(\ \)\)\)], FontWeight->"Bold"], StyleBox[" over ", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)], FontWeight->"Bold"], "\n\n", Cell[BoxData[ TagBox[ FrameBox[GridBox[{ {"x", \(y\_1\), \(y\_2\), \(Ord \((P)\)\)}, {"1", "11", "86", "16"}, {"4", "15", "82", "4"}, {"6", "9", "88", "80"}, {"8", "9", "88", "40"}, {"9", "21", "76", "10"}, {"10", "46", "51", "8"}, {"15", "29", "68", "80"}, {"19", "12", "85", "80"}, {"20", "19", "78", "80"}, {"22", "26", "71", "8"}, {"24", "8", "89", "40"}, {"27", "12", "85", "16"}, {"30", "18", "79", "40"}, {"32", "48", "49", "40"}, {"34", "28", "69", "80"}, {"35", "6", "91", "20"}, {"37", "7", "90", "80"}, {"43", "46", "51", "80"}, {"44", "46", "51", "80"}, {"46", "2", "95", "20"}, {"49", "45", "52", "5"}, {"51", "12", "85", "10"}, {"52", "22", "75", "80"}, {"57", "0", "0", "2"}, {"60", "14", "83", "40"}, {"63", "25", "72", "40"}, {"64", "35", "62", "16"}, {"65", "47", "50", "40"}, {"66", "24", "73", "20"}, {"67", "42", "55", "80"}, {"70", "2", "95", "80"}, {"75", "32", "65", "20"}, {"76", "41", "56", "80"}, {"78", "2", "95", "80"}, {"83", "9", "88", "16"}, {"85", "5", "92", "80"}, {"88", "17", "80", "40"}, {"90", "31", "66", "5"}, {"94", "43", "54", "80"}, {"96", "30", "67", "80"} }, RowLines->True, ColumnLines->True]], DisplayForm]]] }], "Text", TextAlignment->Center] }, Open ]], Cell[CellGroupData[{ Cell["4.2 Overview of Schoof's Algorithm", "Subsection", CellTags->"c:23"], Cell[TextData[{ "The method for determining ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " outlined above is feasible only for small ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". In modern cryptographic applications of elliptic curves the cardinality \ of the field is typically a number with at least 50 decimal digits. Thus \ there is a need for an efficient means of computing ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " for large primes ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". Ren\[EAcute] Schoof's 1985 paper entitled \"Elliptic curves over finite \ fields and the computation of square roots mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], "\", details a polynomial time algorithm for determining ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ". Versions of this algorithm, enhanced by Elkies and Atkins, have been \ used successfully for ", Cell[BoxData[ \(TraditionalForm\`q\)]], " with hundreds of decimal digits [3,6]. The following steps sketch the \ outline of Schoof's method.\n\nLet ", Cell[BoxData[ \(TraditionalForm\`E\)]], " be an elliptic curve over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " given by" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x\ + B\)]], ", where ", Cell[BoxData[ \(TraditionalForm\`A, B \[Element] \[DoubleStruckCapitalF]\_q\)]], "." }], "NumberedEquation", FontSize->14], Cell["\<\ Hasse's Theorem tells us that the cardinality of the group of points is\ \>", "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = q + 1 - t\)]], ", with ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(t\)\(|\)\(\(\[LessEqual]\)\(2 \@ \ q\)\)\)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "Let ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\) : E(\[DoubleStruckCapitalF]\&_\_q) \[Rule] \(E(\ \[DoubleStruckCapitalF]\&_\_q)\)\ such\ that\ \(\(\[Phi]\_q\)(\((x, y)\))\) = \((x\^q, y\^q)\)\)]], ". Note that this is map of points with coordinates in the algebraic \ closure of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\)]], " is an endomorphism called the Frobenius map. It has the following \ property, crucial to Schoof's algorithm." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\^2 - t\ \[Phi]\_q + q = 0\)]], " ", Cell[BoxData[ \(TraditionalForm\`\[ForAll] P \[Element] E(\[DoubleStruckCapitalF]\&_\_q)\)]] }], "NumberedEquation", FontSize->14], Cell[TextData[{ "We can use (15) to compute ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ p\_i)\)\)]], " for a set of ", Cell[BoxData[ \(TraditionalForm\`L\)]], " primes ", Cell[BoxData[ \(TraditionalForm\`p\_1, p\_2, ... , p\_L\)]], " such that \n\n\t", Cell[BoxData[ \(TraditionalForm\`K = \[Product]\+\(i = 1\)\%L p\_i > 4 \@ q\)]], ",\n\t\nThe Chinese Remainder Theorem is then applied to compute the unique\ \n\n\t", Cell[BoxData[ \(TraditionalForm\`t\ \ mod\ K\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(t\)\(|\)\(\(\[LessEqual]\)\(2 \@ \ q\)\)\)\)]], ".\n\t\nOnce we know ", Cell[BoxData[ \(TraditionalForm\`t\)]], " we can compute the order of the group as ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = q + 1 - t\)]], ". Schoof showed that this algorithm will run time proportional to ", Cell[BoxData[ \(TraditionalForm\`\(log\^9\) q\)]], ", based on analysis of the number of elementary operations required. The \ following sections will explain the details of this algorithm, along with \ some important observations that permit its efficient implementation." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["4.3 Hasse's Theorem", "Subsection", CellTags->"c:24"], Cell[TextData[{ "The following theorem, first proved by Helmut Hasse in 1933, places \ specific bounds on ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ". Let ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " be an elliptic curve over the finite field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " with ", Cell[BoxData[ \(TraditionalForm\`q = p\^k, k \[Element] \(\[DoubleStruckCapitalZ]\^+\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`p\)]], " a prime. Then there exists a unique ", Cell[BoxData[ \(TraditionalForm\`t \[Element] \[DoubleStruckCapitalZ]\)]], " such that" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = q + 1 - t\)]], " where ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(t\)\(|\)\(\(<\)\(2 \@ q\)\)\)\)]], "\n" }], "NumberedEquation", FontSize->14], Cell[TextData[{ StyleBox["Sketch of the Proof", FontWeight->"Bold"], "\nDefine the map ", Cell[BoxData[ \(TraditionalForm\`\((\[Phi]\_q - 1)\) : E(\[DoubleStruckCapitalF]\&_\_q) \[Rule] E(\[DoubleStruckCapitalF]\&_\_q)\)]], ", then the set of points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], " which are sent to the identity by this map is called the kernel. Then \ ", Cell[BoxData[ FormBox[ RowBox[{ RowBox[{"ker", "(", FormBox[\(\[Phi]\_q - 1\), "TraditionalForm"], ")"}], "=", \(E(\[DoubleStruckCapitalF]\_q)\)}], TraditionalForm]]], ", since ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\)]], " is the identity on ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], ". Further, since ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q - 1\)]], " is a separable polynomial then\n\n\t ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = \(# \( ker(\[Phi]\_q - 1)\) = deg(\[Phi]\_q - 1)\)\)]], ".\n\t \nNow let ", Cell[BoxData[ \(TraditionalForm\`t = q + 1 - # \( E(\[DoubleStruckCapitalF]\_q)\)\)]], ". Then by Washington [7] Proposition 3.16 for ", Cell[BoxData[ \(TraditionalForm\`r, s \[Element] \[DoubleStruckCapitalZ]\ and\ \(gcd(s, q)\) = 1\)]], " we have ", Cell[BoxData[ \(TraditionalForm\`deg(r\ \[Phi]\_q - s)\)]], "\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(\(=\)\(\(r\^2\)( deg\ \[Phi]\_q) + \(s\^2\) \(deg(\(-1\))\) + r\ \(s(deg(\ \[Phi]\_q - 1) - deg(\[Phi]\_q) - deg(\(-1\)))\)\)\)\)]], "\n\t", Cell[BoxData[{ \(TraditionalForm\`\(\(=\)\(\(r\^2\) q + s\^2 + r\ s\ \((\ # \( E(\[DoubleStruckCapitalF]\_q)\) - q - 1)\)\)\)\), "\[IndentingNewLine]", \(TraditionalForm\`\(\(=\)\(\(r\^q\) q + s\^2 + r\ \(\(s(\ q + 1 - t - q - 1)\)\(.\)\)\)\)\)}]], "\n\t\nSo we can conclude that" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[Cell[BoxData[ \(TraditionalForm\`deg(r\ \[Phi]\_q - s) = \(r\^2\) q + s\^2 - r\ s\ \(\(t\)\(.\)\)\)]]], "NumberedEquation", FontSize->14], Cell[TextData[{ "Since ", Cell[BoxData[ \(TraditionalForm\`deg(r\ \[Phi]\_q - s) \[GreaterEqual] 0\)]], " and ", Cell[BoxData[ \(TraditionalForm\`s \[NotEqual] 0\)]], " then dividing through by ", Cell[BoxData[ \(TraditionalForm\`s\^2\)]], " gives" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[Cell[BoxData[ \(TraditionalForm\`q\ \((r\/s)\)\^2 - \[Tau]\ \((r\/s)\) + 1 \[GreaterEqual] 0. \)]]], "NumberedEquation", FontSize->14], Cell[TextData[{ "Having that the set of rational numbers ", Cell[BoxData[ \(TraditionalForm\`r\/s\ with\ \(gcd(s, q)\) = 1\)]], " is dense in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalR]\)]], " implies that for all ", Cell[BoxData[ \(TraditionalForm\`x \[Element] \[DoubleStruckCapitalR]\)]], " we have" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[Cell[BoxData[ \(TraditionalForm\`q\ x\^2 - \[Tau]\ x + 1 \[GreaterEqual] 0. \)]]], "NumberedEquation", FontSize->14], Cell[TextData[{ "So quadratic equation (19) has no real roots, hence its discriminant is \ less than zero. Thus\n\t\t", Cell[BoxData[ \(TraditionalForm\`\(\(\[Tau]\^2 - 4\ q < 0\)\(\[Implies]\)\) | \[Tau] | \(\(<\)\(2 \@ q\)\)\)]], ",\ncompleting the proof of (16)." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "4.4 Reducing the problem to that for ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]] }], "Subsection", CellTags->"c:25"], Cell[TextData[{ "A beautiful result due to Andre Weil, and explained in ", "Washington [7]", " Theorem 4.12, shows that if we can compute ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], ", then we can compute ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(p\^n\))\)\)]], " in a direct manner.\n\nLet ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ". Write ", Cell[BoxData[ \(TraditionalForm\`X\^2 - t\ X + p = \((X - \[Alpha])\) \((X - \[Beta])\)\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`\[Alpha]\^n + \[Beta]\^n \[Element] \ \[DoubleStruckCapitalZ]\)]], " and" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(p\^n\))\) = p\^n + 1 - \((\[Alpha]\^n + \[Beta]\^n)\)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "So we only need to use Schoof's Algorithm to solve for ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], ". Then we can compute ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = # \( E(\[DoubleStruckCapitalF]\_\(p\^n\))\)\)]], " via (20). Of course, if ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is a small prime, then it is easy to determine ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " by direct counting or other simple methods, so the complexity of Schoof's \ method would not be justified. Assuming ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is large enough to warrant the use of Schoof's method we may employ \ another useful result allowing us to determine the integer ", Cell[BoxData[ \(TraditionalForm\`\((\[Alpha]\^n + \[Beta]\^n)\)\)]], " without explicitly computing \[Alpha] and \[Beta]. The following \ recursion relation computes ", Cell[BoxData[ FormBox[ RowBox[{\(s\_n\), "=", " ", FormBox[\((\[Alpha]\^n + \[Beta]\^n)\), "TraditionalForm"]}], TraditionalForm]]], " where" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`s\_0 = 2, \ \ \ \ s\_1 = t, \ \ \ \ \ s\_\(n + 1\) = t\ s\_n - p\ s\_\(n - 1\)\)]], "." }], "NumberedEquation", FontSize->14], Cell[TextData[{ "The ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", Cell[BoxData[ \(TraditionalForm\`ComputeOrderEFq[\ t, p, n\ ]\)]], " implements equations (21) and (22).\n\nFor our example elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], " we determined that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_97)\) = 80\)]], ". By Hasse's theorem ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_97)\) = p + 1 - t\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`80 = 97 + 1 - t\)]], ", hence ", Cell[BoxData[ \(TraditionalForm\`t = 18\)]], ". Then we can determine ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(97\^4\))\)\)]], " using ", Cell[BoxData[ FormBox[ StyleBox["ComputeOrderEFq", FontSize->12, FontWeight->"Bold"], TraditionalForm]]], ", giving ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(p\^4\))\) = 88531200\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["4.5 Baby Step, Giant Step Method", "Subsection", CellTags->"c:26"], Cell[TextData[{ "One way to use Hasse's bound to compute ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " is based on Lagrange's theorem which states that the order of any element \ of a finite group must divide the order of the group. Hence if we can find \ the order ", Cell[BoxData[ \(TraditionalForm\`k\)]], " of a point ", Cell[BoxData[ \(TraditionalForm\`Q \[Element] E(\[DoubleStruckCapitalF]\_p)\)]], " then the group order must be a multiple of ", Cell[BoxData[ \(TraditionalForm\`k\)]], " falling inside of Hasse's bounds. If we compute the order for several \ different points then some common multiple of these orders must fall inside \ of Hasse's bounds. Let ", Cell[BoxData[ \(TraditionalForm\`{k\_i}\)]], " be the set of orders of ", Cell[BoxData[ \(TraditionalForm\`n\)]], " points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ". By Hasse's theorem we have for some integer ", Cell[BoxData[ \(TraditionalForm\`r\)]], " that ", Cell[BoxData[ \(TraditionalForm\`p + 1 - 2 \@ p < r*\(lcm({k\_i}}\) < p + 1 + 2 \@ p\)]], ". If there is only one ", Cell[BoxData[ \(TraditionalForm\`r\)]], " for which this is true, then we must have ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = r*\(lcm({k\_i}}\)\)]], ".\n\nIn order for this method to be efficient we need a high performance \ method to compute point orders, that is, a method far better than exhaustive \ search to find the smallest ", Cell[BoxData[ \(TraditionalForm\`k\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`k\ P = \[ScriptCapitalO]\)]], " in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ". The Baby Step-Giant Step method outlined in Washington [7] ", "\[Section]", " 4.3 provides such a method with runtime proportional to ", Cell[BoxData[ \(TraditionalForm\`\@p\%4\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Example 8 - Determining Group Order using Hasse's Theorem", \ "Subsubsection", CellTags->"c:27"], Cell[TextData[{ "For this example we again take ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], ". Since ", Cell[BoxData[ \(TraditionalForm\`9 < \@97 < 10\)]], ", Hasse's theorem gives\n\n\t", Cell[BoxData[ \(TraditionalForm\`97 - 2*9 = \(79 \[LessEqual] \ # \( E(\[DoubleStruckCapitalF]\_q)\)\ \[LessEqual] 117 = 97 + 2*9\)\)]], ".\n\t\nWe randomly found that ", Cell[BoxData[ \(TraditionalForm\`P = \((64, 35)\)\)]], " is a point on the curve, and that ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(P\)\(|\)\) = 16\)]], ". Since there are three multiples of 16 between 79 and 117, we need to \ choose another point. We randomly found a second point ", Cell[BoxData[ \(TraditionalForm\`Q = \((46, 95)\)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(Q\)\(|\)\) = 20\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`lcm(16, 20) = 80\)]], ". Since ", Cell[BoxData[ \(TraditionalForm\`79 \[LessEqual] 80 \[LessEqual] 117\)]], " we can conclude that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = 80\)]], ", in agreement with the direct counting method." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["Chapter 5 - Schoof's Algorithm Implementation", "Section", PageBreakAbove->True, CellTags->"c:28"], Cell[TextData[{ "\"A four-year-old child could understand that. Run out and find me a \ four-year-old child, I can't make head or tail out of it.\" - Groucho Marx \ (", StyleBox["Duck Soup-1933", FontSlant->"Italic"], ")" }], "Text", TextAlignment->Center, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "In this chapter we present the algorithms that embody the key ideas of \ Schoof's method. For the curve given by ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x\ + B\)]], ", over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ", Hasse's theorem tells us that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ". The main objective of Schoof's algorithm is to determine ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ l)\)\)]], " for a set of small primes ", Cell[BoxData[ \(TraditionalForm\`l\)]], ". For the case of ", Cell[BoxData[ \(TraditionalForm\`l = 2\)]], " we have a special method, so we outline this first. For ", Cell[BoxData[ \(TraditionalForm\`l > 2\)]], " we must employ more sophisticated mathematics including the Frobenius \ endomorphism and the so-called division polynomials. We will examine these \ in more detail after describing the method for computing ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell[TextData[{ "5.1 Computing ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]] }], "Subsection", CellTags->"c:29"], Cell[TextData[{ "As before, let ", Cell[BoxData[ \(TraditionalForm\`E\)]], " be an elliptic curve over the finite field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " given by ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x\ + B\)]], ". A point ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E(\[DoubleStruckCapitalF]\_p)\)]], " has order 2 if and only if ", Cell[BoxData[ \(TraditionalForm\`P + P = \[ScriptCapitalO]\)]], " which means that ", Cell[BoxData[ \(TraditionalForm\`P = \(-P\)\)]], ". As we have seen, this is true only if the ", StyleBox["y", FontSlant->"Italic"], "-coordinate of ", Cell[BoxData[ \(TraditionalForm\`P\)]], " is zero. Now ", Cell[BoxData[ \(TraditionalForm\`y = 0\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x\ + B\ = 0\)]], ".\n\nSuppose that there exists some ", Cell[BoxData[ \(TraditionalForm\`e \[Element] \[DoubleStruckCapitalF]\_p\ such\ that\ \ e\^3 + A\ e + B = 0\)]], " then ", Cell[BoxData[ \(TraditionalForm\`\(\(\ \)\(\((e, 0)\) \[Element] E(\[DoubleStruckCapitalF]\_p)\)\)\)]], ". Also, by the definition of elliptic curve addition, ", Cell[BoxData[ \(TraditionalForm\`2 \((e, 0)\) = \[Infinity]\)]], " , so that ", Cell[BoxData[ \(TraditionalForm\`\((e, 0)\) \[Element] E[2]\)]], ". Then ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " has a point of order 2, so that, by Langrange's Theorem, ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], " is even. Since ", Cell[BoxData[ \(TraditionalForm\`p + 1\)]], " is even then ", Cell[BoxData[ \(TraditionalForm\`t\)]], " also is even, therefore ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ 2)\)\)]], ".\n\nAlternatively, suppose that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], " is even. Then by Theorem 4.1 of Washington [7] either\n\n\t", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p) \[TildeFullEqual] \ \[DoubleStruckCapitalZ]\_n\)]], " or ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p) \[TildeFullEqual] \ \[DoubleStruckCapitalZ]\_\(n\_1\)\[CirclePlus]\[DoubleStruckCapitalZ]\_\(n\_2\ \)\ with\ \ n, n\_1, n\_2 \[Element] \[DoubleStruckCapitalZ]\ and\ n\_1 | \ \(\(n\_2\)\(.\)\)\)]], "\n\t\nIf two groups are isomorphic, there is a 1-1 mapping between the \ elements of the two groups which preserves the group operation. This means, \ in particular, that if one has a nonzero point of order ", Cell[BoxData[ \(TraditionalForm\`2\)]], ", then the other has a nonzero point of order ", Cell[BoxData[ \(TraditionalForm\`2\)]], ".\n\nIf ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p) \[TildeFullEqual] \ \[DoubleStruckCapitalZ]\_n\)]], " then ", Cell[BoxData[ \(TraditionalForm\`n\)]], " is even, because ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " is even. We know that ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]\_n\)]], " is cyclic with generator 1, and ", Cell[BoxData[ \(TraditionalForm\`2*\((n\/2*1)\) = n \[Congruent] 0 \((mod\ n)\)\)]], ", so ", Cell[BoxData[ \(TraditionalForm\`n\/2\)]], " is an element of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]\_n\)]], " of order 2, therefore ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " is cyclic with some generator ", Cell[BoxData[ \(TraditionalForm\`P\_g\)]], " and ", Cell[BoxData[ \(TraditionalForm\`2*\((n\/2*P\_g)\) = \(n\ P\_g = \[Infinity]\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`P\_2 = \(n\/2\) P\_g\)]], " has order 2, therefore ", Cell[BoxData[ \(TraditionalForm\`\(\(P\_2\)\(=\)\((e, 0)\)\(\ \)\)\)]], " for some ", Cell[BoxData[ \(TraditionalForm\`e \[Element] \[DoubleStruckCapitalF]\_p\)]], ".\n\nOtherwise, ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p) \[TildeFullEqual] \ \[DoubleStruckCapitalZ]\_\(n\_1\)\[CirclePlus]\[DoubleStruckCapitalZ]\_\(n\_2\ \)\ and\ \ n\_1*n\_2\)]], " is even, so that either ", Cell[BoxData[ \(TraditionalForm\`n\_2\)]], " is even or ", Cell[BoxData[ \(TraditionalForm\`n\_1\)]], " is even, which implies that ", Cell[BoxData[ \(TraditionalForm\`n\_2\)]], " is even, because ", Cell[BoxData[ \(TraditionalForm\`n\_1 | n\_2\)]], ". So we have that\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((0, n\_2\/2)\)\)]], " is a point of order ", Cell[BoxData[ \(TraditionalForm\`2\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]\_\(n\_1\)\[CirclePlus]\ \[DoubleStruckCapitalZ]\_\(n\_2\)\)]], ",\n\t\ntherefore ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " has a point of order 2, call it ", Cell[BoxData[ \(TraditionalForm\`\(\(P\_2\)\(.\)\)\)]], " So we conclude that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) \[Congruent] 0 \((mod\ 2)\) \[Implies] \[Exists] P\_2 \[Element] \(E(\ \[DoubleStruckCapitalF]\_p)\)\ with\ 2\ P\_2 = \[Infinity]\)]], ".\n\nThe contrapositive gives that if ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " does not have a point of order 2, then ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) \[Congruent] 1 \((mod\ 2)\) \[Implies] t \[Congruent] 1 \(\((mod\ 2)\)\(.\)\)\)]], " Hence to compute ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]], " it suffices to determine if ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], " has a root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "5.2 Determining if ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], " has a root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]] }], "Subsection", CellTags->"c:30"], Cell[TextData[{ "A basic theorem of algebra tells us if ", Cell[BoxData[ \(TraditionalForm\`g(x)\)]], " is a polynomial of degree ", Cell[BoxData[ \(TraditionalForm\`n\)]], " with coefficients in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " then ", Cell[BoxData[ \(TraditionalForm\`g(x)\)]], " has ", Cell[BoxData[ \(TraditionalForm\`n\)]], " roots in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_p\)]], ", the algebraic closure of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". In addition if ", Cell[BoxData[ \(TraditionalForm\`g(x)\)]], " has no roots in common with ", Cell[BoxData[ \(TraditionalForm\`g' \((x)\)\)]], ", then the roots of ", Cell[BoxData[ \(TraditionalForm\`g(x)\)]], " are distinct.\n\nTake ", Cell[BoxData[ \(TraditionalForm\`g(x) = x\^p - x\)]], ". Then", Cell[BoxData[ \(TraditionalForm\`\(\(\ \)\(g' \((x)\) = \(p\ x\^\(p - 1\) - 1 = \(-1\)\), \ since\ p \[Congruent] 0 \((mod\ p)\)\)\)\)]], ", so ", Cell[BoxData[ \(TraditionalForm\`g' \((x)\)\)]], " has no roots in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_p\)]], ". Therefore, the ", Cell[BoxData[ \(TraditionalForm\`p\)]], " roots of ", Cell[BoxData[ \(TraditionalForm\`g(X)\)]], " are distinct, and these are just the set of elements \[Alpha] of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_p\)]], " satisfying ", Cell[BoxData[ \(TraditionalForm\`\[Alpha]\^p - \[Alpha] = \(0 \[Implies] \ \[Alpha]\^\(p - 1\) = 1. \)\)]], " But the ", Cell[BoxData[ \(TraditionalForm\`p - 1\)]], " non-zero elements of ", Cell[BoxData[ \(TraditionalForm\`\(\[DoubleStruckCapitalF]\_p\^\[Times]\)\)]], " all have order ", Cell[BoxData[ \(TraditionalForm\`p - 1\)]], ", so the roots of ", Cell[BoxData[ \(TraditionalForm\`g(X)\)]], " are precisely the elements of ", Cell[BoxData[ \(TraditionalForm\`\(\(\[DoubleStruckCapitalF]\_p\)\(.\)\)\)]], "\n\nThen ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], " has a root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " if and only if it has a root in common with ", Cell[BoxData[ \(TraditionalForm\`g(x)\)]], ". So if ", Cell[BoxData[ \(TraditionalForm\`gcd(x\^3 + A\ x + B, \ x\^p - x) = 1\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], " has no root in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ", else it has at least one such root. From a practical standpoint we can \ compute ", Cell[BoxData[ \(TraditionalForm\`x\_p \[Congruent] \(x\^p\)( mod\ x\^3 + A\ x + B)\)]], " using an efficient algorithm for modular polynomial exponentiation, and \ then compute\n\n\t", Cell[BoxData[ \(TraditionalForm\`g = \(gcd(x\^3 + A\ x + B, \ x\_p - x) = gcd(x\^3 + A\ x + B, \ x\^p - x)\)\)]], ",\n\t\nusing the Euclidean algorithm for polynomials.\n\nGiven ", Cell[BoxData[ \(TraditionalForm\`g\)]], ", we determine ", Cell[BoxData[ \(TraditionalForm\`t(mod\ 2)\)]], " as\n\n\t", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 1 \((mod\ 2)\)\ if\ g = 1, \ else\ t \[Congruent] 0 \((mod\ 2)\)\)]], ".\n\t\nThis method in encoded in the ", StyleBox["Mathematica", FontSlant->"Italic"], " function ", StyleBox["ComputeTModTwo", FontSize->10, FontWeight->"Bold"], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell[TextData[{ "Example 9 - Computation of ", Cell[BoxData[ \(TraditionalForm\`t(mod\ 2)\)]] }], "Subsubsection", CellTags->"c:31"], Cell[TextData[{ "We know from previous examples that for ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x\ + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], " that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = 80\)]], ". Hasse's theorem tells us that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ", hence ", Cell[BoxData[ \(TraditionalForm\`t = 18\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ 2)\)\)]], ". By the previous discussion ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " has a point of order two if and only if\n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(x\^p - x, x\^3 + 46\ x\ + 74) \[NotEqual] 1\)]], "\n\t\nwhere we can compute ", Cell[BoxData[ \(TraditionalForm\`x\^p - x\)]], " modulo ", Cell[BoxData[ \(TraditionalForm\`x\^3 + 46\ x\ + 74\)]], ". We find, using modular polynomial arithmetic, that\n\n\t", Cell[BoxData[ \(TraditionalForm\`x\^p\ \((mod\ x\^3 + 46\ x\ + 74)\) = \(\(30\ x\^2\)\(+\)\(60\ x\)\(+\)\(47\)\(\ \)\)\)]], ".\n\t\nThen using a modular polynomial version of the Euclidean algorithm \ we compute\n\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(30\ x\^2 + 59\ x + 47, x\^3 + 46\ x\ + 74) = x + 40 \[NotEqual] 1\)]], ".\n\t\nHence ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " has at least one point of order two. In fact, the table in Figure 3 \ shows it has exactly one such point, namely ", Cell[BoxData[ \(TraditionalForm\`P = \((57, 0)\)\)]], ", thus ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " is even. Since ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ", and ", Cell[BoxData[ \(TraditionalForm\`p + 1 = 98\)]], " is even, then ", Cell[BoxData[ \(TraditionalForm\`t\)]], " is even. Hence ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ 2)\)\)]], ". " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["5.3 The Division Polynomials", "Subsection", CellTags->"c:32"], Cell[TextData[{ "In order to determine ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ l\_i)\)\)]], " for primes ", Cell[BoxData[ \(TraditionalForm\`l\_i > 2\)]], ", we need to make use of what are called the ", StyleBox["division polynomials", FontSlant->"Italic"], " for ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], ". These are polynomials which go to zero on points of a particular order. \ We define ", Cell[BoxData[ \(TraditionalForm\`E[n]\)]], " as the set of ", StyleBox["n", FontSlant->"Italic"], "-torsion points of an elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], ", that is, the set of points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_p)\)]], " with order dividing ", Cell[BoxData[ \(TraditionalForm\`n\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`E[ n] = {P \[Element] E(\[DoubleStruckCapitalF]\&_\_p) | n\ P = \[ScriptCapitalO]}\)]], ". Note that this set includes points with coordinates in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_p\)]], ", the algebraic closure of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ".\n\nWith this definition the division polynomials ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_n\)]], " of an elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E\)]], " are elements of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p[x, y]\)]], " with the property that ", Cell[BoxData[ \(TraditionalForm\`\(\[Psi]\_n\)(x, y) = 0\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\) \[Element] E[n]\)]], ". These polynomials are defined recursively as follows.\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_0 = 0, \[Psi]\_1 = 1, \[Psi]\_2 = 2\ y\)]], ",\n\t", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_3 = 3\ x\^4 + 6\ a\ x\^2 + 12\ b\ x - a\^2\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_4 = 4\ \(y(x\^6 + 5\ a\ x\^4 + 20\ b\ x\^3 - 5\ a\^2\ x\^2 - 4\ a\ b\ x - 8\ b\^2 - a\^3)\)\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(2 n\) = \(\[Psi]\_n\)(\(\[Psi]\_\(n + 2\)\) \[Psi]\_\(n - 1\)\%2 - \(\[Psi]\_\(n - 2\)\) \[Psi]\_\(n + 1\)\%2)\)]], "\t", Cell[BoxData[ \(TraditionalForm\`n \[Element] \[DoubleStruckCapitalZ], n > 2\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(2 n + 1\) = \(\[Psi]\_\(n + 2\)\) \[Psi]\_n\%3 - \(\[Psi]\_\(n + 1\)\%3\) \[Psi]\_\(n - 1\)\)]], "\t\t", Cell[BoxData[ \(TraditionalForm\`n \[Element] \[DoubleStruckCapitalZ], n > 1\)]], "\n\t\nLets see why ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_3\)]], " is the correct polynomial. First, if ", Cell[BoxData[ \(TraditionalForm\`P = \((x, y)\) \[Element] E[3]\)]], " then ", Cell[BoxData[ \(TraditionalForm\`3 P = 0\)]], " which means that ", Cell[BoxData[ \(TraditionalForm\`2 P = \(-P\)\)]], ", hence the ", StyleBox["x", FontSlant->"Italic"], "-coordinates of ", Cell[BoxData[ \(TraditionalForm\`2 P\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\(-P\)\)]], " must be the same. Using Equations (11,12) to compute ", Cell[BoxData[ \(TraditionalForm\`2 P\)]], " we find\n\n\t ", Cell[BoxData[ \(TraditionalForm\`x = \(\[Lambda]\^2 - 2\ x = \((3\ x\^2 + A)\)\^2\/\(4\ y\^2\) - \ 2\ x\)\)]], " \nso that\n\t ", Cell[BoxData[ \(TraditionalForm\`\((\(-3\)\ x)\) \((4\ y\^2)\) = 9\ x\^4 + 6\ A\ x\^2 + A\^2\)]], ".\n\t \nBut ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x + B\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`\(-12\)\ \((x\^4 + A\ x\^2 + B\ x)\) = 9\ x\^4 + 6\ A\ x\^2 + A\^2\)]], ". Collecting terms and multiplying through by -1 gives\n\n\t ", Cell[BoxData[ \(TraditionalForm\`3\ x\^4 + 6\ A\ x\^2 + 12 B\ x - A\^2 = \[Psi]\_3\)]], ".\n\t \nSo if ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_3 = 0\)]], " then ", Cell[BoxData[ \(TraditionalForm\`2 P = \(\[PlusMinus]P\)\)]], ", meaning that ", Cell[BoxData[ \(TraditionalForm\`P = \[ScriptCapitalO]\)]], " or ", Cell[BoxData[ \(TraditionalForm\`P\)]], " is a point of order 3. In either case ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[3]\)]], ".\n\nThe division polynomials are polynomials in ", Cell[BoxData[ \(TraditionalForm\`x, y\)]], ". Using the elliptic curve equation we can replace ", Cell[BoxData[ \(TraditionalForm\`y\^2\)]], " with ", Cell[BoxData[ \(TraditionalForm\`x\^3 + A\ x + B\)]], ". More generally we can replace ", Cell[BoxData[ \(TraditionalForm\`y\^\(2 k\)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`\((x\^3 + A\ x + B)\)\^k\)]], ". This allows us to express the division polynomials as elements of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p[x]\)]], " or ", Cell[BoxData[ \(TraditionalForm\`y\ \[DoubleStruckCapitalF]\_p[x]\)]], ", so that no power of ", Cell[BoxData[ \(TraditionalForm\`y\)]], " greater than 1 will appear. It can be further proved that we can \ produce polynomials in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p[x]\)]], " with the following replacements.\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(\(f\_n\)(x)\), "=", TagBox[ StyleBox[ RowBox[{"{", StyleBox[GridBox[{ {\(\(\(\[Psi]\_n\)(x, y)\)\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ if\ n\ is\ \ odd\)}, {\(\(\ \)\(\(\(\[Psi]\_n\)(x, y)\)/ y\ \ \ \ \ \ \ \ \ \ \ \ \ if\ n\ is\ even\)\)} }], ShowAutoStyles->True]}], ShowAutoStyles->False], (#&)], " "}], TraditionalForm]]], "\t\n\t\t\t\nThese polynomials, by definition, also have the property that \ ", Cell[BoxData[ \(TraditionalForm\`\(f\_n\)(x) = 0\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`x\)]], " is the ", StyleBox["x", FontSlant->"Italic"], "-coordinate of a point of order ", Cell[BoxData[ \(TraditionalForm\`n\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.4 How many division polynomials?", "Subsection", CellTags->"c:33"], Cell[TextData[{ "How many division polynomials will we need for the execution of Schoof's \ algorithm? As noted in the outline of Schoof's algorithm in chapter 4, we \ need to test Equation (15) for a set of primes ", Cell[BoxData[ \(TraditionalForm\`l\_i\)]], " such the product of these primes is greater than 4", Cell[BoxData[ \(TraditionalForm\`\@p\)]], ". The function ", StyleBox["ComputePrimeSet", FontSize->12, FontWeight->"Bold"], " determines this set. If the cardinality of ", Cell[BoxData[ \(TraditionalForm\`{l\_i} = k\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(k + 2\)\)]], " is the highest order division polynomial required." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "What is the relationship between ", Cell[BoxData[ \(TraditionalForm\`k\)]], " and ", Cell[BoxData[ \(TraditionalForm\`p\)]], "? Figure 4 contains a plot of ", Cell[BoxData[ \(TraditionalForm\`Log\_10[p]\)]], " vs. ", Cell[BoxData[ \(TraditionalForm\`k\)]], ", which indicates that ", Cell[BoxData[ \(TraditionalForm\`k\)]], " grows approximately logarithmically with ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". The horizontal axis is the number of primes ", Cell[BoxData[ \(TraditionalForm\`k\)]], ", the vertical axis is the number of decimal digits in ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", the size ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". A statistical fit of this data gives the approximate relationship for \ ", Cell[BoxData[ \(TraditionalForm\`k > 10. \)]], "\n\n\t", Cell[BoxData[ \(Log\_10[p] = 0.012\ k\^2 + 3.34\ k - 15.98\)], FontFamily->"Times New Roman"], "\n\t\nGiven that we wish to apply Schoof's algorithm to an elliptic curve \ over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " we could use this graph to estimate the number of small primes ", Cell[BoxData[ \(TraditionalForm\`k\)]], " that would be required." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ StyleBox["Figure 3 - Number of digits in ", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`p\)], FontWeight->"Bold"], StyleBox[" vs. number of small primes.", FontWeight->"Bold"], " \n\n", Cell[GraphicsData["Bitmap", "\<\ CF5dJ6E]HGAYHf4PAg9QL6QYHgGoo001JOol00`00Oomoo`02Ool01000Oomoo`00 =Goo1@0000Eoo`00Oomoo`0003Aoo`04001oogoo0002Ool01000Oomoo`00=Goo00@007ooOol0009o o`04001oogoo000dOol01@00Oomoogoo00000Woo00@007ooOol0009oo`03001oogoo03Uoo`00Fgoo 00D007ooOomoo`00009oo`03001oogoo03=oo`04001oogoo0002Ool01000Oomoo`00=7oo0`000goo 00@007ooOol003Ioo`8000=oo`04001oogoo000dOol01@00Oomoogoo00000Woo00@007ooOol0009o o`03001oogoo03Uoo`00FGoo00@007ooOol0009oo`04001oogoo000fOol00`00Ool00002Ool01000 Oomoo`00=Goo00<007ooOol00Woo00@007ooOol003Eoo`04001oogoo0002Ool01000Oomoo`00=7oo 00D007ooOomoo`00009oo`04001oogoo0002Ool00`00Oomoo`0iOol005Yoo`8000Aoo`8003Qoo`80 00=oo`8003Ioo`<000=oo`8003Moo`8000Aoo`8003Aoo`8000Aoo`8000Aoo`8003aoo`00ogooWGoo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomo o`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`03 00moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0 ?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0? Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03ao o`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03goo Ool0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0<7oo0`0000=oo`0000002Woo000F Ool<000501oo001L000;Ool01000Oomoo`002goo000OOol00`00Oomoo`05Ool301l5Ool00`00Oomo o`0goo00<03gooOol0?7oo00<0 3gooOol0?7oo00<03gooOol0goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0<7oo0`00 00=oo`0000002Woo000OOol00`00Oomoo`0DOol201lVOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol0 0`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo01Ioo`807bAoo`03 00moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`00 7goo00<007ooOol067oo0`0O8Goo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<0 3gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0KOol301lNOol00`0?Oomoo`0lOol00`0? Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`8001moo`807aao o`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041o o`007goo00<007ooOol087oo0P0O6Woo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo 00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0ROol301lGOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo 02Eoo`<07aAoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`03 00moogoo041oo`007goo00<007ooOol0:7oo0P0O4Woo00<03gooOol0?7oo00<03gooOol0>goo00<0 3gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0ZOol201l@Ool00`0? Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001mo o`03001oogoo02aoo`807`ioo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300mo ogoo03aoo`0300moogoo041oo`007goo00<007ooOol0;Woo0P0O37oo00<03gooOol0?7oo00<03goo Ool0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol2000aOol201l:Ool0 0`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool0 01moo`03001oogoo039oo`807`Qoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`03 00moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0=7oo0P0O1Woo00<03gooOol0?7oo00<0 3gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0f Ool201l4Ool00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0? Oomoo`10Ool001moo`03001oogoo03Qoo`807`9oo`0300moogoo03aoo`0300moogoo03]oo`0300mo ogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0>Woo0P0O00<03gooOol0 ?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00 Oomoo`0lOol201lmOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10 Ool001moo`03001oogoo03aoo`0400moo`0O01lkOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0? Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0400moogooOol201liOol00`0?Oomo o`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`8003eoo`0300moogoo 00=oo`0301moogoo03Ioo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo 041oo`007goo00<007ooOol0?7oo00<03gooOol017oo0P0O=Woo00<03gooOol0>goo00<03gooOol0 ?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`06Ool201ld Ool00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001o ogoo03aoo`0300moogoo00Qoo`807c9oo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03ao o`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol02Woo0P0O<7oo00<03gooOol0>goo 00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomo o`0goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0BOol201lXOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0l Ool00`0?Oomoo`10Ool001moo`8003eoo`0300moogoo01Aoo`807bIoo`0300moogoo03]oo`0300mo ogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol05Woo 00<07gooOol08goo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0GOol201lSOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol0 0`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo01Uoo`0301moogoo 021oo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<0 07ooOol0?7oo00<03gooOol06Woo0P0O87oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0 ?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0LOol00`0OOomoo`0MOol00`0? Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool000Uoo`D0009oo`8000Ao o`8000Moo`03001oogoo03aoo`0300moogoo01eoo`807aeoo`0300moogoo03]oo`0300moogoo03ao o`0300moogoo03aoo`0300moogoo041oo`002goo00D007ooOomoo`00009oo`04001oogoo0002Ool0 0`00Oomoo`04Ool00`00Oomoo`0lOol00`0?Oomoo`0OOol201lKOol00`0?Oomoo`0kOol00`0?Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool000]oo`05001oogooOol00002Ool01000Oomoo`00 0P0?00<0000?00l0100?0`00H00?0P0OoP0?6Woo000;Ool01@00Oomoogoo00000Woo00@007ooOol0 009oo`03001oogoo00Aoo`03001oogoo03aoo`0300moogoo02=oo`807aMoo`0300moogoo03]oo`03 00moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`002goo00D007ooOomoo`00009oo`04001o ogoo0002Ool00`00Oomoo`04Ool00`00Oomoo`0lOol00`0?Oomoo`0UOol201lEOol00`0?Oomoo`0k Ool00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool000Yoo`8000Aoo`8000Aoo`8000Mo o`03001oogoo03aoo`0300moogoo02Moo`807a=oo`0300moogoo03]oo`0300moogoo03aoo`0300mo ogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0:Goo00<07gooOol047oo 00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomo o`0lOol00`0?Oomoo`0ZOol201l@Ool00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo02aoo`0301moogoo00eoo`0300moogoo 03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<0 3gooOol0;Goo0P0O3Goo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0 @7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0_Ool00`0OOomoo`0:Ool00`0?Oomoo`0kOol00`0? Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`8003eoo`0300moogoo031oo`807`Yo o`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007oo Ool0?7oo00<03gooOol0goo00<03gooOol0?7oo00<03goo Ool0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0cOol201l7Ool00`0?Oomo o`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`03 00moogoo03Eoo`0301moogoo00Aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`03 00moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0=Woo0P0O17oo00<03gooOol0>goo00<0 3gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0h Ool01@0OOomoogoo00l0?Goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol0 0`00Oomoo`0lOol00`0?Oomoo`0iOol201l00goo00moo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0l Ool00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03]oo`807ceoo`0300moogoo03ao o`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03`0O 01l0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol2000mOol00`0?Oomo o`0lOol00`0?Oomoo`0201liOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001mo o`03001oogoo03aoo`0300moogoo03aoo`0300moogoo009oo`807cMoo`0300moogoo03aoo`0300mo ogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol017oo 0P0O=Goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol0 0`0?Oomoo`0lOol00`0?Oomoo`06Ool00`0OOomoo`0bOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo00Moo`807c9oo`03 00moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0 ?7oo00<03gooOol02Goo00<07gooOol0;goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0 @7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0:Ool201l_Ool00`0?Oomoo`0l Ool00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300mo ogoo00aoo`0301moogoo02aoo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo 0P00?Goo00<03gooOol0?7oo00<03gooOol03Goo0P0O;7oo00<03gooOol0?7oo00<03gooOol0?7oo 00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0?Ool00`0OOomo o`0YOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`03 00moogoo03aoo`0300moogoo011oo`807bUoo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo 041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol04Woo0P0O9goo00<03gooOol0 ?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0? Oomoo`0DOol201lUOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001o ogoo03aoo`0300moogoo03aoo`0300moogoo01Ioo`0301moogoo029oo`0300moogoo03aoo`0300mo ogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol05goo 0P0O8Woo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol0 0`0?Oomoo`0lOol00`0?Oomoo`0IOol00`0OOomoo`0OOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo01Yoo`0301moogoo 01ioo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo0P00?Goo00<03gooOol0 ?7oo00<03gooOol06goo00<07gooOol07Goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0 @7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0LOol00`0OOomoo`0LOol00`0? Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03ao o`0300moogoo01eoo`807aaoo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`007goo 00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol07goo00<07gooOol06Goo00<03gooOol0?7oo 00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomo o`0POol201lIOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo 03aoo`0300moogoo03aoo`0300moogoo029oo`0301moogoo01Ioo`0300moogoo03aoo`0300moogoo 03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol08goo0P0O 5Woo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo0009Ool40003Ool20004Ool20007 Ool00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0UOol00`0OOomoo`0COol00`0?Oomoo`0l Ool00`0?Oomoo`0lOol00`0?Oomoo`10Ool000Uoo`03001oogoo00=oo`04001oogoo0002Ool01000 Oomoo`001Woo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol09Woo0P0O4goo00<03gooOol0 ?7oo00<03gooOol0?7oo00<03gooOol0@7oo000:Ool00`00Oomoo`02Ool01000Oomoo`000Woo00@0 000?00l000H03`<00:H03`807kP03aYoo`002goo00D007ooOomoo`00009oo`04001oogoo0002Ool0 0`00Oomoo`04Ool00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0ZOol201l?Ool00`0?Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool000Uoo`04001oogoo0002Ool01000Oomoo`000Woo 00@007ooOol000Ioo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo02aoo`0301moogoo00ao o`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041oo`002Woo0P0017oo0P0017oo0P001goo 00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0;Goo0P0O37oo00<03gooOol0?7oo00<03goo Ool0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0_Ool0 0`0OOomoo`09Ool00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo 03aoo`0300moogoo03aoo`0300moogoo031oo`807`Uoo`0300moogoo03aoo`0300moogoo03aoo`03 00moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0goo00<03`0OOol0?7oo00<03gooOol0?7oo00<03gooOol0@7oo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol0100?Ool07`0O>goo00<03goo Ool0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol0 1@0?Oomoogoo01l0>Woo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0? Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`02Ool201lhOol00`0?Oomoo`0lOol00`0?Oomoo`10 Ool001moo`8003eoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo00Aoo`0301moogoo03Eo o`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03goo Ool0>goo00<03gooOol01Goo0P0O=Goo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`07Ool00`0OOomoo`0bOol00`0?Oomo o`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`03 00moogoo00Qoo`807c9oo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<0 3gooOol0?7oo00<03gooOol0>goo00<03gooOol02Woo00<07gooOol0;goo00<03gooOol0?7oo00<0 3gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0; Ool201l_Ool00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03ao o`0300moogoo03]oo`0300moogoo00eoo`0301moogoo02aoo`0300moogoo03aoo`0300moogoo041o o`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol03Woo0P0O;7oo 00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomo o`0kOol00`0?Oomoo`0@Ool00`0OOomoo`0YOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`80 03eoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo015oo`807bUoo`0300moogoo03aoo`03 00moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0 4goo00<07gooOol09Woo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0? Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0DOol00`0OOomoo`0UOol00`0?Oomoo`0lOol00`0? Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo01Eo o`807bEoo`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo 00<03gooOol0>goo00<03gooOol05goo00<07gooOol08Woo00<03gooOol0?7oo00<03gooOol0@7oo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0HOol201lROol0 0`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo 03]oo`0300moogoo01Yoo`0301moogoo01moo`0300moogoo03aoo`0300moogoo041oo`007goo00<0 07ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol06goo0P0O7goo00<03gooOol0 ?7oo00<03gooOol0@7oo000OOol2000mOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0M Ool00`0OOomoo`0LOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300mo ogoo03aoo`0300moogoo03]oo`0300moogoo01ioo`807aaoo`0300moogoo03aoo`0300moogoo041o o`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol087oo00<07goo Ool06Goo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0QOol201lIOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03 001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo02=oo`0301moogoo01Ioo`03 00moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0 >goo00<03gooOol097oo00<07gooOol05Goo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0UOol00`0OOomoo`0DOol00`0? Oomoo`0lOol00`0?Oomoo`10Ool000Yoo`8000Aoo`8000Aoo`8000Moo`03001oogoo03aoo`0300mo ogoo03aoo`0300moogoo03]oo`0300moogoo02Ioo`0301moogoo01=oo`0300moogoo03aoo`0300mo ogoo041oo`002Goo00@007ooOol0009oo`04001oogoo0002Ool01000Oomoo`001Woo00<007ooOol0 ?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol09goo0P0O4goo00<03gooOol0?7oo00<0 3gooOol0@7oo000;Ool01@00Oomoogoo00000Woo00@007ooOol000803`0300003`0?00@03`<00>D0 3`0301l03`0?07P03aYoo`0037oo00@007ooOol0009oo`04001oogoo0002Ool00`00Oomoo`04Ool0 0`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0ZOol201l@Ool00`0?Oomo o`0lOol00`0?Oomoo`10Ool000Uoo`04001oogoo0002Ool01000Oomoo`000Woo00@007ooOol000Io o`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo02aoo`807`ioo`0300mo ogoo03aoo`0300moogoo041oo`002Woo0P0017oo0P0017oo0P001goo00<007ooOol0?7oo00<03goo Ool0?7oo00<03gooOol0>goo00<03gooOol0;Woo0P0O37oo00<03gooOol0?7oo00<03gooOol0@7oo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0`Ool00`0OOomo o`09Ool00`0?Oomoo`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`03 00moogoo03]oo`0300moogoo035oo`0301moogoo00Qoo`0300moogoo03aoo`0300moogoo041oo`00 7goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0goo00<03goo Ool0=Woo00<07gooOol00goo00<03gooOol0?7oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol0 0`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0gOol201l3Ool00`0?Oomoo`0lOol00`0?Oomo o`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03Uoo`04 01moogoo00lnOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo 03]oo`0300moogoo03Yoo`807`0300moogoo03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo 00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<07gooOol0?7oo00<03gooOol0@7oo 000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?01mo o`0lOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`03 00moogoo03aoo`0300moo`0O03aoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0 ?7oo00<03gooOol0>goo00<03gooOol0?7oo00@03gooOol07c]oo`0300moogoo041oo`007goo0P00 ?Goo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00@03gooOomoo`807cUoo`0300mo ogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo 00<03gooOol00goo0P0O=goo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`05Ool201leOol00`0?Oomoo`10Ool001moo`03 001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo00Moo`03 01moogoo039oo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0 >goo00<03gooOol0?7oo00<03gooOol027oo0P0Ogoo00<03gooOol0?7oo00<03gooOol037oo00<07gooOol0;Goo 00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomo o`0lOol00`0?Oomoo`0=Ool00`0OOomoo`0/Ool00`0?Oomoo`10Ool001moo`8003eoo`0300moogoo 03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo00ioo`807baoo`0300moogoo041oo`00 7goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0 47oo00<07gooOol0:Goo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0? Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0AOol201lYOol00`0?Oomoo`10Ool001moo`03001o ogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo01=oo`0301mo ogoo02Ioo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo 00<03gooOol0?7oo00<03gooOol057oo00<07gooOol09Goo00<03gooOol0@7oo000OOol00`00Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0EOol00`0OOomo o`0TOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`03 00moogoo03aoo`0300moogoo01Ioo`0301moogoo02=oo`0300moogoo041oo`007goo00<007ooOol0 ?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol05goo0P0O8goo00<0 3gooOol0@7oo000OOol2000mOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0? Oomoo`0IOol201lQOol00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300mo ogoo03]oo`0300moogoo03aoo`0300moogoo01]oo`807amoo`0300moogoo041oo`007goo00<007oo Ool0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol07Goo00<07goo Ool077oo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol0 0`0?Oomoo`0lOol00`0?Oomoo`0NOol00`0OOomoo`0KOol00`0?Oomoo`10Ool001moo`03001oogoo 03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo01moo`0301moogoo 01Yoo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<0 3gooOol0?7oo00<03gooOol087oo00<07gooOol06Goo00<03gooOol0@7oo000OOol00`00Oomoo`0l Ool00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0QOol201lIOol00`0? Oomoo`10Ool000]oo`<0009oo`8000Aoo`8000Moo`03001oogoo03aoo`0300moogoo03aoo`0300mo ogoo03]oo`0300moogoo03aoo`0300moogoo02=oo`0301moogoo01Ioo`0300moogoo041oo`0037oo 00@007ooOol0009oo`04001oogoo0002Ool00`00Oomoo`04Ool00`00Oomoo`0lOol00`0?Oomoo`0l Ool00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0TOol201lFOol00`0?Oomoo`10Ool000Uo o`D00005Ool007ooOol00002Ool0100000l03`001P0?0`00o`0?8P0?00<07`0?00l0?00?6Woo0009 Ool01000Oomoo`000Woo00@007ooOol0009oo`04001oogoo0006Ool00`00Oomoo`0lOol00`0?Oomo o`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0WOol00`0OOomoo`0BOol00`0?Oomo o`10Ool000Yoo`03001oo`00009oo`04001oogoo0002Ool01000Oomoo`001Woo00<007ooOol0?7oo 00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0:7oo00<07gooOol04Goo 00<03gooOol0@7oo000;Ool20003Ool20004Ool20007Ool00`00Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0YOol00`0OOomoo`0@Ool00`0?Oomoo`10Ool0 01moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo 02Yoo`807a1oo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0 >goo00<03gooOol0?7oo00<03gooOol0;7oo00<07gooOol03Goo00<03gooOol0@7oo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0]Ool201l= Ool00`0?Oomoo`10Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300mo ogoo03aoo`0300moogoo02moo`807`]oo`0300moogoo041oo`007goo00<007ooOol0?7oo00<03goo Ool0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0goo00<03gooOol0?7oo00<03gooOol0 =7oo0P0O1Woo00<03gooOol0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0k Ool00`0?Oomoo`0lOol00`0?Oomoo`0fOol00`0OOomoo`03Ool00`0?Oomoo`10Ool001moo`03001o ogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03Moo`807`=o o`0300moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03goo Ool0?7oo00<03gooOol0>Goo00@07gooOol03d9oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo 00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0>Woo00<07goo00l0@Woo000OOol00`00Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0O00mo o`11Ool001moo`8003eoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo 03aoo`0301moogoo041oo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<0 3gooOol0?7oo00<03gooOol0?7oo00<03`0O01l0@7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0l Ool00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol0100?Oomoo`0O?goo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol0100? Oomoogoo0P0O?Goo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomo o`0lOol00`0?Oomoo`0lOol00`0?Oomoo`03Ool00`0OOomoo`0jOol001moo`03001oogoo03aoo`03 00moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo00Aoo`03 01moogoo03Uoo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0 ?7oo00<03gooOol0?7oo00<03gooOol01Goo0P0O>Goo000OOol00`00Oomoo`0lOol00`0?Oomoo`0l Ool00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`07Ool00`0OOomoo`0f Ool001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300mo ogoo03aoo`0300moogoo00Qoo`807cIoo`007goo0P00?Goo00<03gooOol0?7oo00<03gooOol0>goo 00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol02Woo00<07gooOol0goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol0 3Goo00<07gooOol0<7oo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0? Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0>Ool201l`Ool001moo`03001oogoo03aoo`0300mo ogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo011oo`0301mo ogoo02eoo`007goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo 00<03gooOol0?7oo00<03gooOol04Goo0P0O;Goo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0COol00`0OOomoo`0ZOol0 01moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo 03aoo`0300moogoo01Aoo`0301moogoo02Uoo`007goo0P00?Goo00<03gooOol0?7oo00<03gooOol0 >goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol05Goo00<07gooOol0:7oo000OOol00`00 Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0? Oomoo`0FOol00`0OOomoo`0WOol001moo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]o o`0300moogoo03aoo`0300moogoo03aoo`0300moogoo01Moo`807bMoo`007goo00<007ooOol0?7oo 00<03gooOol0?7oo00<03gooOol0>goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol06Goo 0P0O9Goo000OOol00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0lOol0 0`0?Oomoo`0lOol00`0?Oomoo`0KOol00`0OOomoo`0ROol001moo`03001oogoo03aoo`0300moogoo 03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo01aoo`0301moogoo 025oo`002Woo0P0017oo0P0017oo0P001goo00<007ooOol0?7oo00<03gooOol0?7oo00<03gooOol0 >goo00<03gooOol0?7oo00<03gooOol0?7oo00<03gooOol07Goo00<07gooOol087oo0009Ool01000 Oomoo`000Woo00@007ooOol0009oo`04001oogoo0006Ool00`00Oomoo`0lOol00`0?Oomoo`0lOol0 0`0?Oomoo`0kOol00`0?Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`10Ool000aoo`04001oogoo 0002Ool01000Oomoo`000P0?00<0000?00l0100?0`00o`0?H@0?6Woo000:Ool20003Ool01000Oomo o`000Woo00@007ooOol000Ioo`03001oogoo03aoo`0300moogoo03aoo`0300moogoo03]oo`0300mo ogoo03aoo`0300moogoo03aoo`0300moogoo041oo`002Woo00<007ooOol00Woo00@007ooOol0009o o`04001oogoo0006Ool00`00Oomoo`0lOol00`0?Oomoo`0lOol00`0?Oomoo`0kOol00`0?Oomoo`0l Ool00`0?Oomoo`0lOol00`0?Oomoo`10Ool000Yoo`<000=oo`8000Aoo`8000Moo`03001oogoo03ao o`0300moogoo03aoo`0300moogoo03]oo`0300moogoo03aoo`0300moogoo03aoo`0300moogoo041o o`00ogooWGoo003oOonMOol00?mooieoo`00ogooWGoo003oOonMOol00?mooieoo`00YGoo0`00PWoo 0`00Kgoo002VOol00`00Oomoo`24Ool00`00Oomoo`1/Ool004Eoo`<00003Ool007oo009oo`H00003 Ool007oo00D000Aoo`<0009oo`@000Uoo`8000=oo`@000Qoo`<0009oo`800005Ool007oo001oo`05 000017oo000000000goo0`002Goo0`000goo10000goo0`0000Moo`00001oo`00Ool00002Ool30002 Ool30009Ool40003Ool20003Ool40008Ool30004Ool300001Goo00000000Ool00P000Woo0P0017oo 0P000goo100027oo0`002Goo1@0000Aoo`00000000Aoo`<000=oo`8000=oo`@000=oo`<000=oo`80 009oo`<00003Ool0000000800004Ool007oo0019Ool004Ioo`04001oo`000002Ool01000Oomoo`00 0Woo00L007oo001oo`00Ool00002Ool01000Oomoo`001Woo00<007ooOol027oo00@007ooOol000=o o`03001oogoo00]oo`09001oogoo001oo`00Ool007oo00@000=oo`03001oogoo00=oo`03001oogoo 00Qoo`04001oogoo0003Ool00`00Oomoo`04Ool02`00Oomoogoo001oo`00Ool007oo000027oo00<0 07ooOol01goo00<007ooOol00Woo00@007ooOol000=oo`03001oogoo00Qoo`04001oogoo0002Ool0 0`00Oomoo`03Ool01000Oomoo`000Woo00@007ooOol0009oo`04001oogoo0003Ool00`00Oomoo`0; Ool00`00Oomoo`06Ool40003Ool00`00Oomoo`02Ool01000Oomoo`000Woo00@007ooOol000=oo`03 001oogoo00Aoo`05001oogooOol00002Ool01000Oomoo`000Woo00P007ooOol007oo001oo`00BGoo 000KOol20002Ool2000UOol01000Ool000000Woo00@007ooOol0009oo`07001oo`00Ool007oo0000 0Woo00<007ooOol010000goo00<007ooOol027oo00@007ooOol000=oo`03001oogoo00Qoo`<000=o o`05001oo`00Ool00004Ool01@00Oomoogoo00001Goo00<007ooOol027oo00@007ooOol000=oo`03 001oogoo00Aoo`0:001oogooOol007oo001oo`00Ool40002Ool3000:Ool00`00Oomoo`02Ool01000 Oomoo`000goo00<007ooOol02goo00@007ooOol000Eoo`04001oogoo0002Ool01000Oomoo`000Woo 00@007ooOol000=oo`03001oogoo00Qoo`<000aoo`05001oogooOol00004Ool01000Oomoo`000Woo 00@007ooOol000=oo`03001oogoo00Aoo`05001oogooOol00005Ool01000Oomoo`000Woo00D007oo 001oo`0004Uoo`005Goo0`0017oo00<007ooOol00P001Goo0P0000Aoo`00000000Aoo`8001Aoo`80 0003Ool007oo00800004Ool00000Ool3000017oo001oogoo0`0017oo0P000goo10002Goo0P000goo 100027oo100000Ioo`00000007oo0003Ool30003Ool00`00Oomoo`03Ool00`00Oomoo`07Ool40003 Ool40003Ool20002Ool300000goo001oo`02Ool20003Ool40008Ool40003Ool20003Ool40009Ool2 0004Ool30002Ool30004Ool20004Ool20003Ool40004Ool01000Oomoogoo10002Goo0`000goo00<0 07ooOol00goo10000Woo0P000goo10000goo0P000Woo1@000Woo0`000Woo0`0000=oo`00Ool0BGoo 000HOol01@00Oomoogoo00000Woo0P001Goo00D007ooOomoo`0000Ioo`03001oogoo019oo`800003 Ool007oo00eoo`03001oogoo01aoo`03001oogoo01]oo`03001oogoo00=oo`03001oogoo03=oo`03 001oogoo01Aoo`04001oogoo0008Ool00`00Oomoo`0@Ool00`00Oomoo`04Ool00`00Oomoo`0DOol0 0`00Oomoo`0JOol00`00Oomoo`03Ool00`00Oomoo`1AOol000Qoo`D000=oo`8000Aoo`<0009oo`80 009oo`8000Eoo`04001oogooOol30004Ool00`00Oomoo`0AOol2000017oo0000000037oo0P007goo 0P006Woo0P0017oo0P0067oo00<007ooOol06goo0P0057oo10001goo0P004goo0P0017oo00<007oo Ool04goo0P0067oo00<007ooOol01Woo0P00Dgoo0009Ool01000Oomoo`000Woo00@007ooOol0009o o`04001oogoo000=Ool01@00Oomoogoo00000Woo00D007ooOomoo`000?moof]oo`002Goo00<007oo Ool00goo00@007ooOol0009oo`04001oogoo000=Ool01@00Oomoogoo00000Woo00D007ooOomoo`00 0?moof]oo`002Goo00<007ooOol017oo0P0017oo100037oo00<007ooOol0100017oo00<007ooOol0 ogooJGoo0009Ool00`00Oomoo`0JOol00`00Oomoo`08Ool00`00Oomoo`3oOomYOol000Qoo`<001]o o`8000Qoo`800?moof]oo`00ogooWGoo003oOonMOol00001\ \>"], "Graphics", TextAlignment->Center, ImageSize->{406, 251.188}, ImageMargins->{{74, 0}, {0, 10}}, ImageRegion->{{0, 1}, {0, 1}}] }], "Text", TextAlignment->Center], Cell[CellGroupData[{ Cell["Example 10 - Computation of the Division Polynomials", "Subsubsection", CellTags->"c:34"], Cell[TextData[{ "For our example ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x\ + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], ", we first compute the set of small primes whose product is greater than \ ", Cell[BoxData[ \(TraditionalForm\`4 \@ 97\)]], ", such that ", Cell[BoxData[ \(TraditionalForm\`p \[NotCongruent] 1 \((mod\ l\_i)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`l\_i > 2\)]], ". The necessary primes are ", Cell[BoxData[ \(TraditionalForm\`2, 5, 7\)]], " whose product is ", Cell[BoxData[ \(TraditionalForm\`70 > 4 \(\(\@ 97\)\(.\)\)\)]], " Then ", Cell[BoxData[ \(TraditionalForm\`p \[Congruent] 2\ \((mod\ 5)\)\)]], ", and ", Cell[BoxData[ \(TraditionalForm\`p \[Congruent] 6 \((mod\ 7)\)\)]], ". Therefore we will need division polynomials up to and including ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_9\)]], ", so we compute these at this time. Note that the odd numbered \ polynomials, such as ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_1, \[Psi]\_3, ... \)]], " are polynomials in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " only, while the even numbered polynomials are polynomials in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " multiplied by ", Cell[BoxData[ \(TraditionalForm\`y\)]], ". More precisely ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(2\ n + 1\) \[Element] \ \[DoubleStruckCapitalF]\_p[x]\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(2\ n\) \[Element] y\ \[DoubleStruckCapitalF]\_p[x]\)]], ".\n\nFor our sample curve we find that the first five division polynomials \ are\n\n", StyleBox["\t", FontFamily->"Times New Roman"], Cell[BoxData[{ \(\(\[Psi]\_1\) \((x, y)\) = 1, \[IndentingNewLine]\(\[Psi]\_2\) \((x, y)\) = 2\ y, \[IndentingNewLine]\(\[Psi]\_3\) \((x, y)\) = 18 + 15\ x + 82\ x\^2 + 3\ x\^4, \(\[Psi]\_4\) \((x, y)\) = \((61 + 50\ x + 69\ x\^2 + 3\ x\^3 + 47\ x\^4 + 4\ x\^6)\)\ y, \[IndentingNewLine]\(\[Psi]\_5\) \((x, y)\) = 23 + 67\ x + 11\ x\^2 + 38\ x\^3 + 77\ x\^4 + 43\ x\^5 + 93\ x\^6\), "\[IndentingNewLine]", \(\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \(+26\)\ x\^7 + 47\ x\^8 + 87\ x\^9 + 39\ x\^10 + 5\ \(\(x\^12\)\(.\)\)\)}], FontFamily->"Times New Roman"] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ "With ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46\ x + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], " we have that ", Cell[BoxData[ \(TraditionalForm\`\((4, 15)\)\)]], " is a point of order 4. Then we must have ", Cell[BoxData[ \(TraditionalForm\`f\_n[4] = 0\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`4 | n\)]], ". To check the function ", StyleBox["ComputeDivisionPolynomials", FontSize->12, FontWeight->"Bold"], " we calculate ", Cell[BoxData[ \(TraditionalForm\`f\_n[4]\)]], " for ", Cell[BoxData[ \(TraditionalForm\`2 \[LessEqual] n \[LessEqual] 8\)]], " giving\n\n\t", Cell[BoxData[ \(TraditionalForm\`f\_2[4] = 2, f\_3[4] = 24, f\_4[4] = 0, f\_5[4] = 47, \[IndentingNewLine]\ \ f\_6[4] = 25, f\_7[4] = 22, f\_8[4] = 0, \)]], "\n\t\nas expected, since ", Cell[BoxData[ \(TraditionalForm\`\((4, 15)\) \[Element] E[4]\)]], " and ", Cell[BoxData[ \(TraditionalForm\`E[4] \[SubsetEqual] E[8]\)]], ". Similarly the point ", Cell[BoxData[ \(TraditionalForm\`\((90, 31)\)\)]], " is of order 5 and we find\n\n\t", Cell[BoxData[ \(TraditionalForm\`f\_2[90] = 2, f\_3[90] = 76, f\_4[90] = 14, f\_5[90] = 0, f\_6[90] = 21, f\_7[90] = 23\)]], ".\n\t\nSo the division polynomials are correct, at least for this \ particular case." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "5.5 Computing ", Cell[BoxData[ \(TraditionalForm\`n\ P\)]], " with the Division Polynomials" }], "Subsection", CellTags->"c:35"], Cell[TextData[{ "If ", Cell[BoxData[ \(TraditionalForm\`P = \((x, y)\)\)]], " is a point in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_p)\)]], " then" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[Cell[BoxData[ \(TraditionalForm\`n\ P = \((x - \(\(\[Psi]\_\(n - 1\)\) \[Psi]\_\(n + \ 1\)\)\/\[Psi]\_n\%2, \(\(\[Psi]\_\(n + 2\)\) \[Psi]\_\(n - 1\)\%2 - \ \(\[Psi]\_\(n - 2\)\) \[Psi]\_\(n + 1\)\%2\)\/\(4\ y\ \[Psi]\_n\%3\))\)\)]]], \ "NumberedEquation", FontSize->14], Cell[TextData[{ "It can be shown that multiplication by ", Cell[BoxData[ \(TraditionalForm\`n\)]], " is an endomorphism ", Cell[BoxData[ \(TraditionalForm\`\[Mu]\_n\)]], " of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_p)\)]], ". This follows from the fact that ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_p)\)]], " is an abelian group so that ", Cell[BoxData[ \(TraditionalForm\`n(P + Q) = n\ P + n\ Q\)]], ". Since ", Cell[BoxData[ \(TraditionalForm\`n\ P = \[ScriptCapitalO]\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[n]\)]], " we have that the kernel of ", Cell[BoxData[ \(TraditionalForm\`\[Mu]\_n\)]], " is ", Cell[BoxData[ \(TraditionalForm\`E[n]\)]], ". Further, because ", Cell[BoxData[ \(TraditionalForm\`\[Mu]\_n\)]], " is expressed as a separable rational polynomial of degree ", Cell[BoxData[ \(TraditionalForm\`n\^2\)]], ", we have that ", Cell[BoxData[ \(TraditionalForm\`# E[n] = \(deg(\[Mu]\_n) = n\^2\)\)]], ". For a proof of (21) see Washington [7] ", "\[Section]", " 9.5.\n\nIt should be noted that Equation (21) does not provide an \ efficient way to compute ", Cell[BoxData[ \(TraditionalForm\`n\ P\)]], " for specific points ", Cell[BoxData[ \(TraditionalForm\`P\)]], ". Rather, it provides the basis of proof for the characteristic equation \ of the Frobenius (15), one of the key equations used in Schoof's method." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.6 The Frobenius Endomorphism", "Subsection", CellTags->"c:36"], Cell[TextData[{ "Let ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\) : E(\[DoubleStruckCapitalF]\&_\_q) \[Rule] E(\[DoubleStruckCapitalF]\&_\_q)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\)(x, y) = \((x\^q, y\^q)\)\)]], ", called the Frobenius endomorphism. Since ", Cell[BoxData[ \(TraditionalForm\`a\^q = a\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`a \[Element] \[DoubleStruckCapitalF]\_q\)]], " this map is the identity for points with coordinates in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], ". Let ", Cell[BoxData[ \(TraditionalForm\`\((x\_1, y\_1)\) \[Element] E(\[DoubleStruckCapitalF]\&_\_q)\)]], " then \n\n\t", Cell[BoxData[ \(TraditionalForm\`y\_1\^2 = x\_1\%3 + A\ x\_1 + B\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_q\)]], ".\n\t\nNow ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\)(x\_1, y\_1) = \((x\_1\%q, y\_1\%q)\)\)]], ". Substituting this into the elliptic curve equation gives\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((y\_1\%q)\)\^2 = \(\((y\_1\%2)\)\^q = \ \(\(\((x\_1\%3 + A\ x\_1 + B)\)\^q\)\(.\)\)\)\)]], "\n\t\nHowever, for all ", Cell[BoxData[ \(TraditionalForm\`a, b \[Element] \[DoubleStruckCapitalF]\&_\_q\)]], " we have ", Cell[BoxData[ \(TraditionalForm\`\((a + b)\)\^q = a\^q + b\^q\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], " so that\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((y\_1\%q)\)\^2 = \(\((x\_1\%3)\)\^q + A\^q\ x\_1\%q + \((B)\)\^q = \((x\_1\%q)\)\^3 + A\ x\_1\%q + B\)\)]], ", since ", Cell[BoxData[ \(TraditionalForm\`A, B \[Element] \[DoubleStruckCapitalF]\_q\)]], ".\n\t\nHence ", Cell[BoxData[ \(TraditionalForm\`\((x\_1\%q, y\_1\%q)\) = \(\[Phi]\_q\)(x\_1, y\_1) \[Element] E(\[DoubleStruckCapitalF]\&_\_q)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\)]], " maps a point on the curve to another point on the curve.\n\nLet ", Cell[BoxData[ \(TraditionalForm\`P = \((x\_1, y\_1)\), Q = \((x\_2, y\_2)\)\)]], " be two points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`x\_1 \[NotEqual] x\_2\)]], ", then with ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \((y\_2 - y\_1)\)/\((x\_2 - x\_1)\)\)]], " we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`P + Q = \((x\_3, y\_3)\)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`x\_3 = \[Lambda]\^2 - x\_1 - x\_2, \ y\_3 = \[Lambda](x\_1 - x\_3) - y\_1\)]], ".\n\t\nUsing the same properties of ", Cell[BoxData[ \(TraditionalForm\`q\^th\)]], " powers in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\&_\_q\)]], " we have\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\)( P + Q) = \((\[Lambda]\^\(2\ q\) - x\_1\%q - x\_2\%q, \(\[Lambda]\^q\)(x\_1\^q - x\_3\%q) - y\_1\%q)\)\)]], " ,\n\t \n\twith ", Cell[BoxData[ \(TraditionalForm\`\[Lambda]\^q = \((y\_2\%q - y\_1\%q)\)/\((x\_2\%q - x\_1\%q)\)\)]], ".\n\t \nTherefore ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_q\)( P + Q) = \(\[Phi]\_q\)(P) + \(\[Phi]\_q\)(Q)\)]], ". It can also be shown that this holds also for ", Cell[BoxData[ \(TraditionalForm\`Q = \(P\ and\ Q = \(-P\)\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\)]], " is a homomorphism from ", Cell[BoxData[ \(TraditionalForm\`\(E(\[DoubleStruckCapitalF]\&_\_q)\) to\ \(E(\[DoubleStruckCapitalF]\&_\_q)\)\)]], ", hence an endomorphism. " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.7 The Characteristic Equation of the Frobenius", "Subsection", CellTags->"c:37"], Cell[TextData[{ "We now proceed to the equation that provides the foundation for Schoof's \ algorithm. Remember that ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " is the set of points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], " who's order divides ", Cell[BoxData[ \(TraditionalForm\`l\)]], ". First we show that ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " is a subgroup of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], ". Clearly ", Cell[BoxData[ \(TraditionalForm\`\[ScriptCapitalO] \[Element] E[l]\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`P, Q \[Element] E[l]\)]], " then, because ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], " is abelian, ", Cell[BoxData[ \(TraditionalForm\`\[ScriptCapitalO] = \(l\ P + l\ Q = l(P + Q)\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`P + Q \[Element] E[l]\)]], ". Further,\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\[ScriptCapitalO] = \(l\ \[ScriptCapitalO] = \(l( P + \((\(-P\))\)) = \(l\ P + l(\(-P\)) = \(\[ScriptCapitalO] + l(\(-P\)) = l(\(-P\))\)\)\)\)\)]], ",\n\t \ntherefore ", Cell[BoxData[ \(TraditionalForm\`\(-P\) \[Element] E[l]\)]], ". Hence ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " is a subgroup of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], ".\n\nSince ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " is an abelian group of order ", Cell[BoxData[ \(TraditionalForm\`l\^2\)]], ", it follows from the structure theorem for finite abelian groups that ", Cell[BoxData[ \(TraditionalForm\`E[ l] \[TildeFullEqual] \[DoubleStruckCapitalZ]\_l\[CirclePlus]\ \[DoubleStruckCapitalZ]\_l\)]], ". The integer ", Cell[BoxData[ \(TraditionalForm\`l\)]], " is a prime so that ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]\_l\)]], " is a cyclic group generated by any number ", Cell[BoxData[ \(TraditionalForm\`1 \[LessEqual] \ a\ < l\)]], ", and there exists points ", Cell[BoxData[ \(TraditionalForm\`\[Beta]\_1, \[Beta]\_2 \[Element] E[l]\)]], " such that any point in ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " can be written as a ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]\_l\)]], "-linear combination ", Cell[BoxData[ \(TraditionalForm\`P = \(m\_1\) \[Beta]\_1 + \(m\_2\) \[Beta]\_2\)]], " with ", Cell[BoxData[ \(TraditionalForm\`m\_1, m\_2 \[Element] \[DoubleStruckCapitalZ]\_l\)]], ". Suppose ", Cell[BoxData[ \(TraditionalForm\`\[Alpha]\)]], " is any homomorphism of ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`\[Alpha](P) \[Element] E[l]\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " because ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(\[Alpha](P)\)\(|\)\)\)]], " divides ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(P\)\(|\)\)\)]], ". Then, in particular, ", Cell[BoxData[ \(TraditionalForm\`\[Alpha](\[Beta]\_1) = s\ \[Beta]\_1 + t\ \[Beta]\_2\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\[Alpha](\[Beta]\_2) = u\ \[Beta]\_1 + v\ \[Beta]\_2\)]], ", so that\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Alpha]( P) = \(\[Alpha](\(m\_1\) \[Beta]\_1 + \(m\_2\) \[Beta]\_2) = \(m\_1\ \) \(\[Alpha](\[Beta]\_1)\) + \(m\_2\) \(\[Alpha](\[Beta]\_2)\)\)\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\(\(=\)\(\(m\_1\) s\ \[Beta]\_1 + \(m\_1\) t\ \[Beta]\_2 + m\_2\ u\ \[Beta]\_1 + \(m\_2\) v\ \(\(\[Beta]\_2\)\(.\)\)\)\)\)]], "\n\t\nWe can express this in matrix form as" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ Cell[BoxData[ FormBox[ RowBox[{\(\[Alpha](P)\), "=", RowBox[{ RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {"s", "t"}, {"u", "v"} }], "\[NegativeThinSpace]", ")"}], RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {\(\(m\_1\) \[Beta]\_1\)}, {\(\(m\_2\) \[Beta]\_2\)} }], "\[NegativeThinSpace]", ")"}]}]}], TraditionalForm]]], ".\n" }], "NumberedEquation", FontSize->14], Cell[TextData[{ "In particular, the action of the Frobenius on ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], ", denoted ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_\(q, l\)\)]], " can be described by such a ", Cell[BoxData[ \(TraditionalForm\`2\[Times]2\)]], " matrix. Applied to ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`deg(\[Phi]\_q - 1) \[Congruent] \(det(\[Phi]\_\(q, l\) - I)\)\ \((mod\ l)\)\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\(\(=\)\(\((s - 1)\) \((v - 1)\) - t\ u = s\ v - t\ u - \((s + v)\) + 1\)\)\)]], ".\n\t\nBut ", Cell[BoxData[ \(TraditionalForm\`s\ v - u\ t = det(\[Phi]\_\(q, l\)) \[Congruent] q\ \((mod\ l)\)\)]], " (by Washington [7] Proposition 3.15).\n\nThen by Hasse's theorem, using \ ", Cell[BoxData[ \(TraditionalForm\`a\)]], " instead of ", Cell[BoxData[ \(TraditionalForm\`t\)]], " to avoid conflicting variable names, we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`#\ \(ker(\[Phi]\_q - 1)\) = q + 1 - a\ \[Congruent] q - \((s + v)\) + 1 \((mod\ l)\)\)]], ".\n\t\nHence we have the following congruences. First, ", Cell[BoxData[ \(TraditionalForm\`a \[Congruent] \((s + v)\) \((mod\ l)\)\)]], ", the trace of ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_\(q, l\)\)]], " . Also ", Cell[BoxData[ \(TraditionalForm\`t\ u \[Congruent] s\ v - q\ \(\((mod\ l)\)\(.\)\)\)]], "\n\nWe can now compute ", Cell[BoxData[ \(TraditionalForm\`\((\[Phi]\_\(q, l\))\)\^2 - a\ \((\[Phi]\_\(q, l\))\) + q\)]], " using *, so that\n\n\t", Cell[BoxData[ FormBox[ RowBox[{ RowBox[{ SuperscriptBox[ RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {"s", "t"}, {"u", "v"} }], "\[NegativeThinSpace]", ")"}], "2"], "-", RowBox[{"a", " ", RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {"s", "t"}, {"u", "v"} }], "\[NegativeThinSpace]", ")"}]}], "+", RowBox[{"q", "(", "\[NegativeThinSpace]", GridBox[{ {"1", "0"}, {"0", "1"} }], "\[NegativeThinSpace]", ")"}]}], "=", RowBox[{ RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {\(s\^2 + t\ u\), \(s\ t\ + t\ v\)}, {\(s\ u + u\ v\), \(t\ u\ + v\^2\)} }], "\[NegativeThinSpace]", ")"}], "-", RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {\(a\ s - q\), \(a\ t\)}, {\(a\ y\), \(a\ v - q\)} }], "\[NegativeThinSpace]", ")"}]}]}], TraditionalForm]]], "\n\t\n\t", Cell[BoxData[ FormBox[ RowBox[{"=", RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {\(s\^2 + t\ u - \ a\ s + q\), \(s\ t + t\ v - a\ t\)}, {\(s\ u + u\ v - a\ u\), \(v\^2 + t\ u\ - a\ v + q\)} }], "\[NegativeThinSpace]", ")"}]}], TraditionalForm]]], ".\n\t\nApplying the congruences yeild\n\t\n\t", Cell[BoxData[{ FormBox[ RowBox[{"\[Congruent]", RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {\(s\^2 + s\ v - q - \((s + v)\) s + q\), \(\((s + v)\) t - \((s + v)\) t\)}, {\(\((s + v)\) u - \((s + v)\) u\), \(v\^2 + s\ v - q - \((s + v)\) v + q\)} }], "\[NegativeThinSpace]", ")"}]}], TraditionalForm], "\[IndentingNewLine]", FormBox[ RowBox[{"\[Congruent]", RowBox[{ RowBox[{"(", "\[NegativeThinSpace]", GridBox[{ {"0", "0"}, {"0", "0"} }], "\[NegativeThinSpace]", ")"}], " ", \(\((mod\ l)\)\(.\)\)}]}], TraditionalForm]}]], ".\n\t\nTherefore ", Cell[BoxData[ \(TraditionalForm\`\((\[Phi]\_\(q, l\))\)\^2 - a\ \((\[Phi]\_\(q, l\))\) + q \[Congruent] 0 \((mod\ l)\)\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`l\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`gcd(l, q) = 1\)]], ". Since there are an infinite number of choices for such ", Cell[BoxData[ \(TraditionalForm\`l\)]], ", the kernel of ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\%2 + q - a\ \[Phi]\_q\)]], " is not finite, hence, as stated in Equation (15),\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\%2 + q - a\ \[Phi]\_q = 0\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E(\[DoubleStruckCapitalF]\&_\_q)\)]], ".\n\t \nIn particular, if ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " then,\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_q\%2 + k \[Congruent] \[Tau]\ \[Phi]\_q\ \ \((mod\ l)\)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`k \[Congruent] q\ \((mod\ l)\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\[Tau] \[Congruent] a\ \((mod\ l)\)\)]], ".\n\t \nSo for a particular point ", Cell[BoxData[ \(TraditionalForm\`P = \((x, y)\) \[Element] E[l]\)]], " it must be true that" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`\(\(\((x\^\(q\^2\), y\^\(q\^2\))\) + k(x, y) \[Congruent] \(\[Tau](x\^q, y\^q)\)\ \((mod\ l)\)\)\(,\)\)\)], "NumberedEquation", FontSize->14], Cell[TextData[{ "where addition is performed in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\&_\_q)\)]], " using (9) through (12), and scalar point multiplication is performed \ using the division polynomials as in Equation (22). We can simplify the \ computation of (24) further by noting that if ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\) \[Element] E[l]\)]], " then the division polynomial ", Cell[BoxData[ \(TraditionalForm\`\(\[Psi]\_l\)(x, y) = 0\)]], ", so we can reduce (24) mod ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_l\)]], " without changing the set of points which satisfy the equation." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.8 Schoof's Algorithm: Case One", "Subsection", CellTags->"c:38"], Cell[TextData[{ "In order to use Equation (24) we must first test if ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], " for some ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], ". We can determine this by computing the test condition for the ", StyleBox["x", FontSlant->"Italic"], " coordinate using ", StyleBox["Schoof (16)", FontWeight->"Bold"], ":\n", StyleBox["\n\t", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`x\^\(p\^2\) \[Congruent] x - \(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\) \((mod\ \ f\_l, p)\)\)]], ".\n\t\nThis is true if and only if\n", StyleBox["\n\t", FontWeight->"Bold"], Cell[BoxData[ \(TraditionalForm\`\(p\_16\)(x, y) = \((x\^\(q\^2\) - x)\) \[Psi]\_k\%2 - \(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\) \[Congruent] 0 \((mod\ f\_l, p)\)\)]], ".\n\t\nFor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " even, ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_k = y\ f\_k\)]], " and since ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + a\ x\ + b\)]], " we obtain\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_16\)( x) = \((x\^\(p\^2\) - x)\) \(\(f\_k\%2\)( x)\) \((x\^3 + a\ x + b)\) + \(\(f\_\(k - 1\)\)( x)\) \(\(f\_\(k + 1\)\)(x)\)\)]], ".\n\t\nFor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " odd, ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(k - 1\) = y\ f\_\(k - 1\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_\(k + 1\) = y\ f\_\(k + 1\)\)]], " so that\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_16\)( x) = \((x\^\(p\^2\) - x)\) \(\(f\_k\%2\)(x)\) + \(\(f\_\(k - 1\)\)( x)\) \(\(f\_\(k + 1\)\)(x)\) \((x\^3 + a\ x + b)\)\)]], ".\n\t\nNotice that ", Cell[BoxData[ \(TraditionalForm\`\(p\_16\)(x, y)\)]], " is a polynomial in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " only. Hence if ", Cell[BoxData[ \(TraditionalForm\`gcd(\(p\_16\)(x), \(f\_l\)(x)) \[NotEqual] 1\)]], " then some point ", Cell[BoxData[ \(TraditionalForm\`P\)]], " exists in ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " which satisfies ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], ", so we are in case 1. Otherwise we must proceed to case 2 where we test \ equation (24) for various values of \[Tau]." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.9 Schoof Equation (17)", "Subsection", CellTags->"c:39"], Cell[TextData[{ "Given that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], " for some ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`t \[Element] {0, \(-2\) w, 2 w}\)]], " where ", Cell[BoxData[ \(TraditionalForm\`w\^2 \[Congruent] k\ \((mod\ l)\)\)]], ". This is shown as follows. Suppose ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = k\ P\)]], ", then, by equation (24) we have ", Cell[BoxData[ \(TraditionalForm\`2 k \[Congruent] \[Tau]\ \[Phi]\_l\)]], ". Squaring both sides gives ", Cell[BoxData[ \(TraditionalForm\`4 k\^2 = \(\(t\^2\) \[Phi]\_l\%2 = \(t\^2\) k\)\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`4 k = t\^2\)]], ", then we must have that ", Cell[BoxData[ \(TraditionalForm\`k\)]], " is a quadratic residue. If so, find ", Cell[BoxData[ \(TraditionalForm\`w\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`w\^2 \[Congruent] k\ \((mod\ l)\)\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`4\ w\^2 = t\^2\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`t = \(\[PlusMinus]2\)\ w\)]], ". Now we can compute\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((\[Phi]\_l - w)\) \((\[Phi]\_l + w)\) = \(\[Phi]\_l\%2 - k = 0\)\)]], ", so ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]w\)\ P\)]], ".\n\t\nIf ", Cell[BoxData[ \(TraditionalForm\`k\)]], " is not a quadratic residue, we can not be in this case, hence ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(-k\)\ P\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P + k\ P = \(0 = \(\[Tau]\[Phi]\_l\) P\)\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`\[Tau] \[Congruent] 0 \((mod\ l)\)\)]], ". \n\nWe can test if ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]\ w\)\ P\)]], " using the point multiplication formula (22) again yielding for the ", StyleBox["x", FontSlant->"Italic"], "-coordinate the test\n\n\t", Cell[BoxData[ \(TraditionalForm\`x\^p \[Congruent] x - \(\(\(\[Psi]\_\(w - 1\)\) \[Psi]\_\(w + 1\)\)\/\[Psi]\_w\%2\) \((mod\ \ f\_l, p)\)\)]], ".\n\t\nMultiplying through by ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_w\%2\)]], " produces Schoof equation (17)\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)(x, y) = \((x\^p - x)\) \[Psi]\_w\%2 - \(\[Psi]\_\(w - 1\)\) \[Psi]\_\(w + 1\)\)]], ".\n\t\nFor ", Cell[BoxData[ \(TraditionalForm\`w\)]], " even or odd this can be reduced to a polynomial in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " only, as in\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)( x) = \((x\^p - x)\) \(\(f\_w\%2\)( x)\) \((x\^3 + a\ x + b)\) + \(\(f\_\(w - 1\)\)( x)\) \(\(f\_\(w + 1\)\)(x)\)\)]], "\t", StyleBox["w", FontSlant->"Italic"], " even,\n\t\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)( x) = \((x\^p - x)\) \(\(f\_w\%2\)(x)\) + \(\(f\_\(w - 1\)\)( x)\) \(\(f\_\(w + 1\)\)(x)\) \((x\^3 + a\ x + b)\)\)]], "\t", StyleBox["w", FontSlant->"Italic"], " odd.\n\t\nIf ", Cell[BoxData[ \(TraditionalForm\`gcd(\(p\_17\)(x), \(f\_l\)(x)) = 1\)]], " then we must have ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(-k\)\ P\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0\ \((mod\ l)\)\)]], ". Otherwise ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(\[PlusMinus]\(w(mod\ l)\)\)\)]], " and we test the ", StyleBox["y", FontSlant->"Italic"], "-coordinate of ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]\ w\)\ P\)]], " to determine the sign." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.10 Schoof Equation (18)", "Subsection", CellTags->"c:40"], Cell[TextData[{ "After we know that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]w\)\ P\)]], " we need test the ", Cell[BoxData[ \(TraditionalForm\`y\)]], "-coordinate of ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = w\ P\)]], ". Equation (22) gives for the ", StyleBox["y", FontSlant->"Italic"], "-coordinate,\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(y\^p\), "\[Congruent]", RowBox[{ StyleBox[\(\(\(\[Psi]\_\(w + 2\)\) \[Psi]\_\(w - 1\)\%2 - \ \(\[Psi]\_\(w - 2\)\) \[Psi]\_\(w + 1\)\%2\)\/\(4\ y\ \ \[Psi]\_w\%3\)\), FontSize->16], \((mod\ \[Psi]\_l, p)\)}]}], TraditionalForm]]], ".\n\t\nMultiplying through by the denominator of the right hand side and \ collecting terms gives\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x, y) = 4\ \ \(\[Psi]\_w\%3\) y\^\(p + 1\) - \(\[Psi]\_\(w + 2\)\) \[Psi]\_\(w - 1\)\%2 - \ \(\[Psi]\_\(w - 2\)\) \[Psi]\_\(w + 1\)\%2\)]], ".\n\nFor ", Cell[BoxData[ \(TraditionalForm\`w\)]], " even:\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x) = 4 \(\((y\^2)\)\^\(\((p + 3)\)/2\)\) \(\(f\_w\%3\)( x)\) - \(\(f\_\(w + 2\)\)(x)\) \(\(f\_\(w - 1\)\%2\)( x)\) + \(\(f\_\(w - 2\)\)(x)\) \(\(f\_\(w + 1\)\%2\)(x)\)\)]], ".\n\nFor ", Cell[BoxData[ \(TraditionalForm\`w\)]], " odd:\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x) = 4 \(\((y\^2)\)\^\(\((p - 1)\)/2\)\) \(\(f\_w\%3\)( x)\) - \(\(f\_\(w + 2\)\)(x)\) \(\(f\_\(w - 1\)\%2\)( x)\) + \(\(f\_\(w - 2\)\)(x)\) \(\(f\_\(w + 1\)\%2\)(x)\)\)]], ".\n\t\nNotice that ", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x)\)]], " is also a polynomial in ", Cell[BoxData[ \(TraditionalForm\`x\)]], " only since all exponents of ", Cell[BoxData[ \(TraditionalForm\`y\)]], " are even.\nIf ", Cell[BoxData[ \(TraditionalForm\`gcd(\(p\_18\)(x), \(f\_l\)(x)) = 1\)]], " then there is no ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " for which ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = w\ P\)]], ", so ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-2\) w\ \((mod\ l)\)\)]], ", else such a point exists and ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 2\ w\ \((mod\ l)\)\)]], ". This completes the equations required to test for case 1." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.11 Schoof's Algorithm: Case Two", "Subsection", CellTags->"c:41"], Cell[TextData[{ "If there is no ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], " then we are in case 2 so we need to test for each ", Cell[BoxData[ \(TraditionalForm\`\[Tau] \[Element] \[DoubleStruckCapitalZ]/ l\ \[DoubleStruckCapitalZ]\^x\)]], " if there exist ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " such that (24) holds. In order to perform this test we apply addition \ formulas ", Cell[BoxData[ \(TraditionalForm\`\((5)\), \((9)\)\ and\ \((10)\)\)]], " to compute polynomials representing\n\n\t", Cell[BoxData[ \(TraditionalForm\`\((x\^\(p\^2\), y\^\(p\^2\))\) + k(x, y)\)]], ",\n\t\nwhere ", Cell[BoxData[ \(TraditionalForm\`k(x, y)\)]], " is computed using the division polynomials and equation (22). Since we \ are in case 2 we know that ", Cell[BoxData[ \(TraditionalForm\`x\_1 \[NotEqual] x\_2\)]], " so we can compute ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \((y\_2 - y\_1)\)/\((x\_2 - x\_1)\)\)]], ". We find\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(y\_2 - y\_1\), "=", RowBox[{ StyleBox[\(\(\(\[Psi]\_\(k + 2\)\) \[Psi]\_\(k - 1\)\%2 - \ \(\[Psi]\_\(k - 2\)\) \[Psi]\_\(k + 1\)\%2\)\/\(4\ y\ \ \[Psi]\_k\%3\)\), FontSize->16], "-", \(y\^\(p\^2\)\)}]}], TraditionalForm]]], ",\n\t\n\t", Cell[BoxData[ FormBox[ RowBox[{\(x\_2 - x\_1\), "=", RowBox[{"x", "-", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16], "-", \(x\^\(p\^2\)\)}]}], TraditionalForm]]], "\nSo then\n\t ", Cell[BoxData[ FormBox[ RowBox[{"\[Lambda]", "=", RowBox[{ StyleBox[\(\(y\_2 - y\_1\)\/\(x\_2 - x\_1\)\), FontSize->16], "=", StyleBox[\(\((\(\[Psi]\_\(k + 2\)\) \[Psi]\_\(k - 1\)\%2 - \ \(\[Psi]\_\(k - 2\)\) \[Psi]\_\(k + 1\)\%2 - 4 \( \[Psi]\_k\%3\) y\^\(p\^2 + 1\))\)\/\(4 y\ \(\(\[Psi]\_k\)(\(-\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\ \) - \(\[Psi]\_k\%2\)(x\^\(p\^2\) - x))\)\)\), FontSize->18]}]}], TraditionalForm]]], ".\n\nPut ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]/\[Beta]\)]], " then\n\t", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = \(\[Psi]\_\(k + 2\)\) \[Psi]\_\(k - 1\)\%2 - \(\[Psi]\_\(k - 2\)\) \[Psi]\_\(k + 1\)\%2 - 4 \( \[Psi]\_k\%3\) y\^\(p\^2 + 1\)\)]], "\nand\n\t", Cell[BoxData[ \(TraditionalForm\`\[Beta] = 4\ y\ \(\(\[Psi]\_k\)(\(\[Psi]\_k\%2\)( x - x\^\(p\^2\)) - \(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\))\)\)]], ".\n\nFor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " even we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = y(\(f\_\(k + 2\)\) f\_\(k - 1\)\%2 - \(f\_\(k - 2\)\) f\_\(k + 1\)\%2 - 4 \( f\_k\%3\) y\^\(p\^2 + 3\))\)]], "\nand\n\t", Cell[BoxData[ \(TraditionalForm\`\[Beta] = 4\ y\^2\ \(\(f\_k\)(\(y\^2\) \(\(f\_k\%2\)( x - x\^\(p\^2\))\) - \(f\_\(k - 1\)\) f\_\(k + 1\))\)\)]], "\t.\n\nOtherwise, for ", Cell[BoxData[ \(TraditionalForm\`k\)]], " odd\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = \(y\^2\)(\(f\_\(k + 2\)\) f\_\(k - 1\)\%2 - \(f\_\(k - 2\)\) f\_\(k + 1\)\%2) - 4 \( f\_k\%3\) y\^\(p\^2 + 1\)\)]], "\nand\n\t", Cell[BoxData[ \(TraditionalForm\`\[Beta] = y(4\ \(\(f\_k\)(\(f\_k\%2\)( x - x\^\(p\^2\)) - \(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\))\))\)]], ".\n\t\nWe use these equations for \[Alpha] and \[Beta] to formulate the \ tests of Schoof equations (19)." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.12 Schoof Equation (19x)", "Subsection", CellTags->"c:42"], Cell[TextData[{ "Using the equations we just derived for ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]/\[Beta]\)]], " we can now compute the addition of points using equation (22) so that if\n\ \n\t", Cell[BoxData[ \(TraditionalForm\`\((x\_3, y\_3)\) = \((x\^\(p\^2\), y\^\(p\^2\))\) + k(x, y)\)]], "\n\t\nthen ", Cell[BoxData[ \(TraditionalForm\`x\_3\)]], " is given by\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(x\_3\), "=", RowBox[{\(\[Lambda]\^2 - x\_1 - x\_2\), "=", RowBox[{\(\[Alpha]\^2\/\[Beta]\^2\), "-", \((x\^\(p\^2\) + x)\), "+", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16]}]}]}], TraditionalForm]]], ".\nAlso ", Cell[BoxData[ \(TraditionalForm\`y\_3\)]], " is given by\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(y\_3\), "=", RowBox[{\(\[Lambda](2 x\_1 + x\_2 - \[Lambda]\^2) - y\_1\), "=", RowBox[{ RowBox[{\(\[Alpha]\/\[Beta]\), RowBox[{"(", RowBox[{\(2\ x\^\(p\^2\)\), "+", "x", "-", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16], StyleBox["-", FontSize->16], \(\[Alpha]\^2\/\[Beta]\^2\)}], ")"}]}], "-", \(y\^\(p\^2\)\)}]}]}], TraditionalForm]]], ".\n\t\nFurther, since ", Cell[BoxData[ \(TraditionalForm\`\(\[Psi]\_n\)(x\^p, y\^p) = \(\(\[Psi]\_n\)(x, y)\)\^p\)]], " we have\n\n\t", Cell[BoxData[ \(TraditionalForm\`\[Tau](x\^p, y\^p) = \((\((x - \(\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] + 1\ \)\)\/\[Psi]\_\[Tau]\%2)\)\^p, \((\(\(\[Psi]\_\(\[Tau] + 2\)\) \[Psi]\_\(\ \[Tau] - 1\)\%2 - \ \(\[Psi]\_\(t - 2\)\) \[Psi]\_\(\[Tau] + 1\)\%2\)\/\(4\ y\ \ \[Psi]\_\[Tau]\%3\))\)\^p)\)\)]], ".\n\nThen (23) holds if and only if (for the ", StyleBox["x", FontSlant->"Italic"], "-coordinate)\n\n\t", Cell[BoxData[ FormBox[ RowBox[{ RowBox[{\(\[Alpha]\^2\/\[Beta]\^2\), "-", \((x\^\(p\^2\) + x)\), "+", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16]}], StyleBox["=", FontSize->16], SuperscriptBox[ RowBox[{ StyleBox["(", FontSize-> 16], \(x - \(\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] + \ 1\)\)\/\[Psi]\_\[Tau]\%2\), ")"}], "p"]}], TraditionalForm]]], ".\n\t\nExpanding and clearing the (nonzero) denominators gives\n\n\t", Cell[BoxData[{ \(TraditionalForm\`\(\[Psi]\_\[Tau]\%\(2 p\)\)(\[Alpha]\ \[Psi]\_k\%2 - \(\[Beta]\^2\) \ \(\(\[Psi]\_k\%2\)( x\^\(p\^2\) + x)\) + \(\[Beta]\^2\)(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)))\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \(\(=\)\(\(\[Psi]\_k\%2\) \(\(\[Beta]\^2\)(\(\ \[Psi]\_\[Tau]\%\(2 p\)\) x\^p - \((\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] - \ 1\))\)\^p)\)\)\)\)}]], ".\n\t\nBringing everything to the left hand side we have\n\n\t", Cell[BoxData[{ \(TraditionalForm\`\(p\_\(19\_x\)\)(x, y) = \(\[Psi]\_\[Tau]\%\(2 p\)\)(\(\[Beta]\^2\)(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\) - \(\[Psi]\_k\%2\)( x\^\(p\^2\) + x\^p + x) + \[Alpha]\ \[Psi]\_k\%2))\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \(+\ \[Psi]\_k\ \%2\) \(\(\[Beta]\^2\)(\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] - \ 1\))\)\^p = 0\)}]], ",\n\t\nwhich is Schoof equation (19) for the ", StyleBox["x", FontSlant->"Italic"], "-coordinate. Since we are testing this equation for points in ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " we perform all of the polynomial arithmetic modulo ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_l\)]], ".\n\nNow there exists a point in ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " satisfying ", Cell[BoxData[ \(TraditionalForm\`p\_\(19\_x\)\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_\(19\_x\), f\_l) \[NotEqual] 1\)]], ". If such a point exist, then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(\[PlusMinus]\(\[Tau]( mod\ l)\)\)\)]], ". We use Schoof equation (19y), explained in the next section, to \ determine the sign of \[Tau]." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.13 Schoof Equation (19y)", "Subsection", CellTags->"c:43"], Cell[TextData[{ "Once we know that there exists ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\) \[Element] E[l]\)]], " such that\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\(\(\((x\^\(p\^2\), y\^\(p\^2\))\) + k(x, y) = \(\[PlusMinus]\(\[Tau](x\^p, y\^p)\)\)\)\(,\)\)\)], FontSize->14], "\n\nwe must test the", StyleBox[" y", FontSlant->"Italic"], "-coordinate to determine the sign of ", Cell[BoxData[ \(TraditionalForm\`\[Tau]\)]], ". We have from the previous section,\n\n\t", Cell[BoxData[ FormBox[ RowBox[{\(y\_3\), "=", RowBox[{ RowBox[{\(\[Alpha]\/\[Beta]\), RowBox[{"(", RowBox[{\(2\ x\^\(p\^2\)\), "+", "x", "-", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16], StyleBox["-", FontSize->16], \(\[Alpha]\^2\/\[Beta]\^2\)}], ")"}]}], "-", \(y\^\(p\^2\)\)}]}], TraditionalForm]]], ".\n\t\nThen if (24) holds for the ", StyleBox["y", FontSlant->"Italic"], "-coordinate we have\n\n\t", Cell[BoxData[ FormBox[ RowBox[{ RowBox[{ RowBox[{\(\[Alpha]\/\[Beta]\), RowBox[{"(", RowBox[{\(2\ x\^\(p\^2\)\), "+", "x", "-", StyleBox[\(\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\)\/\[Psi]\_k\%2\), FontSize->16], StyleBox["-", FontSize->16], \(\[Alpha]\^2\/\[Beta]\^2\)}], ")"}]}], "-", \(y\^\(p\^2\)\)}], "=", \(\((\(\(\[Psi]\_\(t + 2\)\) \[Psi]\_\(t - 1\)\%2 - \ \(\[Psi]\ \_\(t - 2\)\) \[Psi]\_\(t + 1\)\%2\)\/\(4\ y\ \[Psi]\_t\%3\))\)\^p\)}], TraditionalForm]]], ".\n\t\nMultiplying through by ", Cell[BoxData[ \(TraditionalForm\`\(\[Beta]\^3\) \(\[Psi]\_k\%2\) 4 \( y\^p\) \[Psi]\_t\%\(3 p\)\)]], " to clear the denominators we have\n\n\t", Cell[BoxData[{ FormBox[ RowBox[{"4", " ", \(y\^p\), " ", \(\[Psi]\_t\%\(3 p\)\), RowBox[{"(", RowBox[{ RowBox[{"\[Alpha]", " ", RowBox[{\(\[Beta]\^2\), "(", RowBox[{\(\(\[Psi]\_k\%2\)(2\ x\^\(p\^2\) + x)\), "-", StyleBox[\(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\), FontSize->16]}], StyleBox[")", FontSize->16]}]}], StyleBox["-", FontSize-> 16], \(\(\[Psi]\_k\%2\)(\[Alpha]\^3 + \(\[Beta]\^3\) y\^\(p\^2\))\)}], ")"}]}], TraditionalForm], "\[IndentingNewLine]", FormBox[ RowBox[{ " ", \(\(=\)\(\(\[Beta]\^3\) \(\(\(\(\[Psi]\_k\%2\) \((\(\ \[Psi]\_\(t + 2\)\) \[Psi]\_\(t - 1\)\%2 - \ \(\[Psi]\_\(t - 2\)\) \[Psi]\_\(t + 1\)\%2)\)\)\^p\)\(.\)\)\ \)\)}], TraditionalForm]}]], "\n\t\nRearranging gives for Schoof (19y) (corrected)\n\n\t", Cell[BoxData[{ \(TraditionalForm\`\(p\_\(19 y\)\)(x, y) = \(\(4\) \( f\_\[Tau]\%\(3\ p\)\) \(y\^p\)\(\ \)\((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ \[Beta]\^2 - \[Beta]\^3\ \ y\^\(p\^2\) - \[Alpha]\^3)\)\ f\_k\%2 - \[Alpha]\ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\(\ \)\)\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \(-\[Beta]\^3\)\ f\_k\%2\ \(\(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)\(.\)\)\)}]], "\n\t\n", StyleBox["For ", FontSize->16], Cell[BoxData[ \(TraditionalForm\`k\)], FontSize->14], StyleBox[" even, \[Tau] even, we must take ", FontSize->14], Cell[BoxData[ \(TraditionalForm\`\[Alpha] \[Rule] y\ \[Alpha]\)], FontSize->14], " so that,\n\t\n\t ", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x) = 4 \( f\_\[Tau]\%\(3\ p\)\) y\^\(3\ p - 1\)\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \ \[Alpha]\ \[Beta]\^2 - \[Beta]\^3\ y\^\(p\ \^2 - 1\) - \(y\^2\) \[Alpha]\^3)\)\ \(y\^2\) f\_k\%2\[IndentingNewLine] - \[Alpha]\ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \(\[Beta]\^3\) f\_k\%2\ \(\(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)\(.\)\)\)]], "\n \n", StyleBox["For ", FontSize->16], Cell[BoxData[ \(TraditionalForm\`k\)], FontSize->14], StyleBox[" even, \[Tau] odd,\n\n", FontSize->14], "\t", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x) = 4 f\_\[Tau]\%\(3\ p\)\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ \ \[Beta]\^2 - \[Beta]\^3\ y\^\(p\ \^2 - 1\) - \[Alpha]\^3\ y\^2)\)\ \(y\^2\) f\_k\%2\[IndentingNewLine] - \[Alpha]\ \ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \(\[Beta]\^3\) f\_k\%2\ \(\(\(\(y\^\(p + 1\)\)( f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)\(.\)\)\)]], "\n \n", StyleBox["For ", FontSize->14], Cell[BoxData[ \(TraditionalForm\`k\)], FontSize->14], StyleBox[" odd, \[Tau] even we must take ", FontSize->14], Cell[BoxData[ \(TraditionalForm\`\[Beta] \[Rule] y\ \[Beta]\)], FontSize->14], " so that,\n\n\t ", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x) = 4 \( f\_\[Tau]\%\(3\ p\)\) y\^\(3 p - 3\)\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ y\^2\ \[Beta]\^2 - \[Beta]\^3\ \ y\^\(p\^2 + 3\) - \[Alpha]\^3)\)\ f\_k\%2\[IndentingNewLine] - \[Alpha]\ y\^2\ \ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \(\[Beta]\^3\) f\_k\%2\ \(\(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)\(.\)\)\)]], "\n \n", StyleBox["For ", FontSize->14], Cell[BoxData[ \(TraditionalForm\`k\)], FontSize->14], StyleBox[" odd, \[Tau] odd,\n", FontSize->14], "\n ", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x) = 4 f\_\[Tau]\%\(3\ p\)\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ \(y\^2\) \[Beta]\^2 - \[Beta]\^3\ \ y\^\(p\^2 + 3\) - \[Alpha]\^3)\)\ f\_k\%2\[IndentingNewLine] - \[Alpha]\ y\^2\ \ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \[Beta]\^3\ f\_k\%2\ \(\ \(\(\(y\^\(p + 3\)\)( f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)\(.\)\)\)]], "\n \nNow if ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_\(19 y\), f\_l) \[NotEqual] 1\)]], " then ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " has a point satisfying ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P + k\ P = \[Tau]\[Phi]\ P\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \[Tau](mod\ l)\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`t = \(-\(\[Tau](mod\ l)\)\)\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["5.14 Schoof's Algorithm Summary", "Subsection", PageBreakAbove->True, CellTags->"c:44"], Cell[TextData[{ "We can now summarize Schoof's algorithm for ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " as follows. By Hasse's theorem we have ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ".\n\n\t1. If ", Cell[BoxData[ \(TraditionalForm\`gcd(x\^3 + a\ x + b, \ x\^p - x) = 1\)]], " then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0\ \((mod\ 2)\)\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 1\ \((mod\ 2)\)\)]], "\n\t2. Create a set of small primes ", Cell[BoxData[ \(TraditionalForm\`S = {l\_i}\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\[Product]\+\(i = 1\)\%L l\_i > 4\ \@p\)]], ".\n\t3. Compute the first ", Cell[BoxData[ \(TraditionalForm\`l\_L + 2\)]], " division polynomials ", Cell[BoxData[ \(TraditionalForm\`\[Psi]\_k\)]], ".\n\t4. For each ", Cell[BoxData[ \(TraditionalForm\`l \[Element] S\)]], ", compute ", Cell[BoxData[ \(TraditionalForm\`k \[Congruent] p(\ mod\ l)\)]], "\n\t5. \tIf ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_16, f\_l) \[NotEqual] 1\)]], " then there exists ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], ".\n\t6.\t\tIf ", Cell[BoxData[ \(TraditionalForm\`k\)]], " is not a quadratic residue mod ", StyleBox["l", FontSlant->"Italic"], ", then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ l)\)\)]], " else\n\t7.\t\tCompute ", Cell[BoxData[ \(TraditionalForm\`w\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`w\^2 \[Congruent] k\ \((mod\ l)\)\)]], "\n\t8.\t\tIf ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_17, f\_l) = 1\)]], " then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ l)\)\)]], ", else\n\t9.\t\tIf ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_18, f\_l) \[NotEqual] 1\)]], " then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 2 \( w(mod\ l)\)\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-2\) \(w(mod\ l)\)\)]], ". \n\t10.\telse we are in case two\n\t11.\t For each ", Cell[BoxData[ \(TraditionalForm\`\[Tau] \[LessEqual] \((l + 1)\)/2\)]], "\n\t12.\t\tIf ", Cell[BoxData[ FormBox[ RowBox[{ FormBox[\(gcd(p\_19, f\_l)\), "TraditionalForm"], "\[NotEqual]", "1"}], TraditionalForm]]], " then ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_p\^2 + k \[Congruent] \(\[PlusMinus]\[Tau]\)\ \[Phi]\_p\ \((mod\ l)\)\)]], "\n\t13.\t\t for some point in ", Cell[BoxData[ \(TraditionalForm\`E[l]\)]], " so we test\n\t14.\t\t\tIf ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_19, f\_l) \[NotEqual] 1\)]], " then ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \[Tau](mod\ l)\)]], " else ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-\[Tau]\)\ \((mod\ l)\)\)]], " \n\t15.\t Next \[Tau]\n\t16. Next ", Cell[BoxData[ \(TraditionalForm\`l\)]], "\n\t17. At this point we have computed ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ l\_i)\)\)]], " for all ", Cell[BoxData[ \(TraditionalForm\`l\_i \[Element] S\)]], ", \n\t18.\tso we use the Chinese Remainder Theorem to compute\n\t19.\t \ ", Cell[BoxData[ \(TraditionalForm\`T \[Congruent] t\ \((mod\ N)\)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`N = \[Product]\+\(i = 1\)\%L l\_i\)]], ".\n\t20. If ", Cell[BoxData[ \(TraditionalForm\`T\)]], " is within Hasse's bounds then ", Cell[BoxData[ \(TraditionalForm\`t = T\)]], ", else ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-\(T(mod\ N)\)\)\)]], " and\n\t21.\t", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ".\n\nThis completes the description of Schoof's algorithm." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["Chapter 6 - Results of Running Schoof's Algorithm", "Section", PageBreakAbove->True, CellTags->"c:45"], Cell["\<\ This chapter contains the results of running our implementation of Schoof's \ algorithm for several different elliptic curves. We present detailed \ results for one particular curve and then summarize the results for other \ curves in table 1. We conclude this section with a discussion of lessons \ learned from these experiments.\ \>", "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["6.1 A Detailed Example", "Subsection", PageBreakAbove->False, CellTags->"c:54"], Cell[TextData[{ "For our example curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 46 x + 74\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_97\)]], ", Schoof's algorithm produces the following results. First, since ", Cell[BoxData[ \(TraditionalForm\`\[LeftCeiling]4 \@ p\[RightCeiling] = 40\)]], ", we need a product of small primes at least this large so the algorithm \ selects the primes ", Cell[BoxData[ \(TraditionalForm\`{2, 5, 7}\)]], ", with ", Cell[BoxData[ \(TraditionalForm\`\[Product]l\_i = 70\)]], ".\nAlso ", Cell[BoxData[ \(TraditionalForm\`9\ < \@97 < 10\)]], ", so Hasse's theorem gives ", Cell[BoxData[ \(TraditionalForm\`79 \[LessEqual] \ # \( E(\[DoubleStruckCapitalF]\_q)\)\ \[LessEqual] 117\)]], ".\n\nThe next step is to compute ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]], ". For this step we find\n\n\t", Cell[BoxData[ \(TraditionalForm\`\(x\^p\)(\ mod\ x\^3 + a\ x\ + b) = 47 + 60\ x + 30\ x\^2\)]], " and\n\t", Cell[BoxData[ \(TraditionalForm\`gcd(x\^p - x, \ x\^3 + a\ x + b) = 40\ + \ x\)]], "\n\t\nSince the gcd is not equal to ", Cell[BoxData[ \(TraditionalForm\`1\)]], ", ", Cell[BoxData[ \(TraditionalForm\`E[2]\)]], " is not empty so ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((\ mod\ 2)\)\)]], ".\n\nNext we test ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_p\^2\) P = \(\[PlusMinus]k\)\ P\)]], " for ", Cell[BoxData[ \(TraditionalForm\`k \[Congruent] p(mod\ 5)\)]], " and we find \n", StyleBox["\n\t", FontFamily->"Times New Roman"], Cell[BoxData[{ RowBox[{"\<\"f[\"\>", StyleBox["\[InvisibleSpace]", "Text"], "5", StyleBox["\[InvisibleSpace]", "Text"], "\<\"] =\"\>", StyleBox["\[InvisibleSpace]", "Text"], \(23 + 67\ x + 11\ x\^2 + 38\ x\^3 + 77\ x\^4 + 43\ x\^5\)}], "\[IndentingNewLine]", RowBox[{ " ", \(\(+\ 93\)\ x\^6 + 26\ x\^7 + 47\ x\^8 + 87\ x\^9 + 39\ x\^10 + 5\ x\^12\)}]}], FontFamily->"Times New Roman"], StyleBox["\n\t\n\t", FontFamily->"Times New Roman"], Cell[BoxData[{ RowBox[{"\<\"\\!\\(p\\_16\\) = \"\>", StyleBox["\[InvisibleSpace]", "Text"], \(7 + 91\ x + 40\ x\^2 + 24\ x\^3 + 81\ x\^4 + 69\ x\^5\)}], "\[IndentingNewLine]", RowBox[{ " ", \(\(+\ 43\)\ x\^6 + 45\ x\^7 + 39\ x\^8 + 14\ x\^9 + 30\ x\^10 + 79\ x\^11\)}]}], FontFamily->"Times New Roman"], StyleBox["\n", FontFamily->"Times New Roman", FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox["\n\t", FontFamily->"Times New Roman"], Cell[BoxData[ \(TraditionalForm\`gcd(\(p\_16\) f\_l) = 1. \)]], StyleBox["\n", FontFamily->"Times New Roman"], "\t\nHence, there is no point in ", Cell[BoxData[ \(TraditionalForm\`E[5]\)]], " satisfying ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_p\^2\) P = \(\[PlusMinus]k\)\ P\)]], " so we proceed to case two.\n\nNext we test ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_p\^2 + k = \[Tau]\ \[Phi]\_p\)]], " until we find for ", Cell[BoxData[ \(TraditionalForm\`\[Tau] = 2\)]], " that\n\n\t", Cell[BoxData[ \(TraditionalForm\`p\_\(19 x\) \[Congruent] 0 \((mod\ f\_l, p)\)\)]], " and", StyleBox["\n\n\t", FontFamily->"Times New Roman"], Cell[BoxData[{ RowBox[{ RowBox[{"\<\"gcd(\\!\\(p\\_\\(19 x\\)\\),\\!\\(f\\_l\\)) = \"\>", StyleBox["\[InvisibleSpace]", "Text"], "23"}], "+", \(67\ x\), "+", \(11\ x\^2\), "+", \(38\ x\^3\), "+", \(77\ x\^4\), "+", \(43\ x\^5\)}], "\[IndentingNewLine]", RowBox[{ " ", \(\(+\ 93\)\ x\^6 + 26\ x\^7 + 47\ x\^8 + 87\ x\^9 + 39\ x\^10 + 5\ \(\(x\^12\)\(.\)\)\)}]}], FontFamily->"Times New Roman"], StyleBox["\n", FontFamily->"Times New Roman"], "\t\nSince the gcd is not equal to 1, we know that ", Cell[BoxData[ \(TraditionalForm\`\[Tau] = \(\[PlusMinus]2\)\)]], " so we compute\n\n\t", Cell[BoxData[{ RowBox[{"\<\"p19y =\"\>", StyleBox["\[InvisibleSpace]", "Text"], \(39 + 52\ x + 48\ x\^2 + 33\ x\^3 + 91\ x\^4 + 3\ x\^5\)}], "\[IndentingNewLine]", RowBox[{ " ", \(\(+\ 23\)\ x\^6 + 59\ x\^7 + 16\ x\^8 + 37\ x\^9 + 33\ x\^10 + 74\ x\^11\)}]}], FontFamily->"Times New Roman"], StyleBox["\n\t\n\t", FontFamily->"Times New Roman"], Cell[BoxData[ \(TraditionalForm\`gcd(p\_\(19 y\), f\_l) = 1. \)]], StyleBox["\n", FontFamily->"Times New Roman"], "\t\nSince this gcd is 1, there is no point in ", Cell[BoxData[ \(TraditionalForm\`E[5]\)]], " satisfying ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_p\^2 + k = \[Tau]\ \[Phi]\_p\)]], ", so we must have ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-2\) \((mod\ 5)\) \[Congruent] 3 \((mod\ 5)\)\)]], ". Similarly, for ", Cell[BoxData[ \(TraditionalForm\`l = 7\)]], " we find at ", Cell[BoxData[ \(TraditionalForm\`\[Tau] = 3\)]], " that ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_\(19 x\), f\_7) \[NotEqual] 1\)]], " and ", Cell[BoxData[ \(TraditionalForm\`gcd(p\_\(19 y\), f\_7) = 1\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] \(-3\) \((mod\ 7)\) \[Congruent] 4 \((mod\ 7)\)\)]], ". Thus we have the following set of simultaneous conguences. \n\n\t", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ 2)\)\)]], ", ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 3 \((mod\ 5)\)\)]], ", ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 4 \((mod\ 7)\)\)]], ".\n\t\nUsing the Chinese Remainder theorem we find that the smallest \ positive integer satisfying this set of congruences is ", Cell[BoxData[ \(TraditionalForm\`t = 18\)]], ". Since ", Cell[BoxData[ \(TraditionalForm\`p + 1 - t = 80\)]], " and 80 is within Hasse's bounds we can conclude ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = 80. \)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["6.2 Other Experiments", "Subsection", CellTags->"c:54"], Cell[TextData[{ "For many other curves our implementation of Schoof's method also produces \ the correct results, as verified by point counting. For the curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + 1333 x + 1129\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_3571\)]], ", however, the computed point order is incorrect. The correct order, as \ determined by direct numerical tests is 3559, giving ", Cell[BoxData[ \(TraditionalForm\`t = 13\)]], ", so that ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 1 \((mod\ 2)\), \ t \[Congruent] 2\ \((mod\ 11)\)\)]], " and ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0 \((mod\ 13)\)\)]], ". Our implementation of Schoof's algorithm wrongly determines that ", Cell[BoxData[ \(TraditionalForm\`t \[Equal] \(-2\) \((mod\ 11)\)\)]], ". Analysis of this problem indicates that the most likely source of the \ error is an incorrect computation for the ", Cell[BoxData[ \(TraditionalForm\`y\)]], "-coordinate part of Schoof equation (19). We are continuing efforts to \ resolve this issue." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[TextData[{ StyleBox["Table 1 summarizes the results of running Schoof's algorithms on \ several curves. The first column describes the curve ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x + B\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[" over ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[" by giving ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`A, B, p\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[". The second column show the results of computing ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`\[Tau]\_i \[Congruent] t\ \((mod\ l\_i)\)\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[" as pairs ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`{\[Tau]\_i, l\_i}\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[". The third column gives the unique ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`t\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[" within Hasses's bounds that satisfies the congruences of column \ two. ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[" is then computed as ", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(TraditionalForm\`p + 1 - t\)], FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox[". ", FontSize->14, FontColor->RGBColor[0, 0, 1]], StyleBox["\n ", FontSize->14], "\n ", StyleBox["Table 2 - Results from Schoof's Algorithm", FontWeight->"Bold"], "\n ", Cell[BoxData[GridBox[{ {\(A, B, p\), \(t \((mod\ l\_i)\)\), "t", \(# E \((\[DoubleStruckCapitalF]\_p)\)\), "Correct"}, {\(13, 215, 229\), \({0, 2}, {0, 5}, {4, 7}\), \(-10\), "240", "yes"}, {\(106, 166, 197\), \({0, 2}, {2, 3}, {0, 5}, {1, 11}\), \(-10\), "208", "yes"}, {\(31, 16, 137\), \({1, 2}, {0, 3}, {4, 5}, {2, 7}\), "9", "129", "yes"}, {\(503, 367, 523\), \({1, 2}, {0, 5}, {6, 7}, {7, 11}\), \(-15\), "539", "yes"}, {\(1333, 1129, 3571\), \({1, 2}, {9, 11}, {0, 13}\), \(-13\), "3585", "no"} }, GridFrame->True, RowLines->True, ColumnLines->True]]] }], "Text", TextAlignment->Left] }, Open ]], Cell[CellGroupData[{ Cell["6.3 Discussion of Results", "Subsection", CellTags->"c:54"], Cell[TextData[{ "Schoof's method, as here implemented, has only educational value. This is \ so for several reasons. First, as noted in references [3,6], the \ practicality of the algorithm is greatly limited by the quadratic growth of \ the degree of the division polynomials. For example, for an elliptic curve \ over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " where ", Cell[BoxData[ \(TraditionalForm\`p\)]], " has 200 digits, we must perform modular polynomial arithmetic using the \ ", Cell[BoxData[ \(TraditionalForm\`55\^th\)]], " division polynomial, which produces intermediate products of degree \ greater than ", Cell[BoxData[ \(TraditionalForm\`9\[Cross]10\^6\)]], ". The improvements due to Elkies and Atkin, often called the SEA \ algorithm, reduce to nearly linear growth the degree of the division \ polynomials, making the method applicable to elliptic curves of with \ cryptographic utility. Another limiting factor is the peformance of \ modular polynomial arithmetic in ", StyleBox["Mathematica", FontSlant->"Italic"], ". Even for the small problems presented in this section, the run-time of \ our implemention exceeded 10 minutes. Finally, the current implementation \ is limited by an apparent software bug in the implementation of Schoof \ equation (19y).\n\nOn the other hand, the major advantage of our \ implementation is as an exploration tool. All of the algorithms we \ implemented are well-documented, and rely only on low-level functions with ", StyleBox["Mathematica", FontSlant->"Italic"], ", making the operation of the algorithms transparent and open to \ experimentation. The author plans to correct the programming difficiencies \ just cited and to make this suite of elliptic curve functions available as a \ ", StyleBox["Mathematica", FontSlant->"Italic"], " package." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["Chapter 7 - Applications", "Section", PageBreakAbove->True, CellTags->"c:52"], Cell[CellGroupData[{ Cell["7.1 The Elliptic Curve Discrete Log Problem", "Subsection", CellTags->"c:53"], Cell[TextData[{ "One way to apply elliptic curve methods to cryptography is via the \ discrete log problem, which can be described as follows. Suppose ", Cell[BoxData[ \(TraditionalForm\`G\)]], " is a group of finite order and ", Cell[BoxData[ \(TraditionalForm\`g, q\)]], " are elements of G. Then suppose there exists an integer ", Cell[BoxData[ \(TraditionalForm\`k\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`q = g\^k\)]], ". Given the elements ", Cell[BoxData[ \(TraditionalForm\`g, q\)]], " we are asked to find the corresponding exponent ", Cell[BoxData[ \(TraditionalForm\`k\)]], ". Since this looks similar to taking logarithms, we call this the \ discrete log problem or the DLP. For example, we could choose ", Cell[BoxData[ \(TraditionalForm\`G = \[DoubleStruckCapitalF]\_q\%x\)]], ", the multiplicative group of the finite field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\)]], ". \n\nIf ", Cell[BoxData[ \(TraditionalForm\`G\)]], " is a finite abelian group and ", Cell[BoxData[ \(TraditionalForm\`g\)]], " is an element of the group, then for any integer ", Cell[BoxData[ \(TraditionalForm\`k\)]], " we define ", Cell[BoxData[ \(TraditionalForm\`k\[CenterDot]g = \(g + g + ... \) + g\)]], " (a total of ", Cell[BoxData[ \(TraditionalForm\`k\)]], " times). If ", Cell[BoxData[ \(TraditionalForm\`q = k\[CenterDot]g\)]], " and we give someone the two elements ", Cell[BoxData[ \(TraditionalForm\`g, q\)]], " and asks them to find the integer ", Cell[BoxData[ \(TraditionalForm\`k\)]], ", then we have given them the discrete log problem in additive notation. \ Since the elements of ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " form an abelian group we can state the discrete log problem for elliptic \ curves in the following way. Given two points ", Cell[BoxData[ \(TraditionalForm\`P, Q \[Element] E(\[DoubleStruckCapitalF]\_q)\)]], " with ", Cell[BoxData[ \(TraditionalForm\`Q = k\ P\)]], ", find ", Cell[BoxData[ \(TraditionalForm\`k\)]], ". For a given field order ", Cell[BoxData[ \(TraditionalForm\`q\)]], ", this problem is understood to be more difficult than the equivalent \ problem in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_q\%x\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["7.2 Anomalous Curves and the MOV attack", "Subsection", CellTags->"c:54"], Cell[TextData[{ "An elliptic curve is called ", StyleBox["anomalous", FontWeight->"Bold"], " if ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\) = q\)]], ". When this occurs, the discrete log problem for the group ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " can be solved in linear time using an algorithm by Satoh & Araki, \ outlined in Washington [7] \[Section] 5.4.\n\nThe MOV attack, first presented \ by Menezes, Okamoto and Vanstone, uses the Weil pairing to convert the \ discrete log problem for ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_q)\)]], " into a discrete log problem for ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_\(q\^s\)\)]], ". When ", Cell[BoxData[ \(TraditionalForm\`q\)]], ", the characteristic of the field, divides the trace of the Frobenius ", Cell[BoxData[ \(TraditionalForm\`t\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`s\)]], " will be small. In this case the index calculus can be used to attack the \ DLP in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_\(q\^s\)\)]], " (Washington [7] \[Section]5.3). Hence, when selecting an elliptic curve \ for cryptographic applications, it is important to determine the order of the \ resulting group to avoid cases which simplify the discrete log problem for \ potential eavesdroppers. Ren\[EAcute] Schoof's method, and in particular its \ extensions, provide a way of efficiently determining ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_q)\)\)]], " for large integers ", Cell[BoxData[ \(TraditionalForm\`q\)]], ", thus assisting in the creation of secure codes." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["References", "Section", PageBreakAbove->True, CellTags->"c:55"], Cell[TextData[{ "[1] Brown, Ezra - ", StyleBox["Square Roots from 1; 24, 51, 10 to Dan Shanks", FontSlant->"Italic"], ", College Math Journal (1999).\n\n[2] Dummit, D., Foote, R. ", StyleBox["Abstract Algebra", FontSlant->"Italic"], ", John Wiley and Sons (2004)\n\n[3] Lercier, R. and Morain, F., ", StyleBox["Counting the number of points on elliptic curves over finite \ fields: strategies and performances", FontSlant->"Italic"], ", Advances in Cryptology, Proc. Eurocrypt'95, LNCS 921, L.C. Guillou and \ J.J. Quisquater, Eds., Springer-Verlag, 1995, pp. 79--94.\n\n[4] Rosen, \ Kenneth H. - ", StyleBox["Elementary Number Theory and its Applications, ", FontSlant->"Italic"], "Addison and Wesley", " (2000)\n\n[5] Schoof, Ren\[EAcute] - ", StyleBox["Elliptic curves over finite fields and the computation of square \ roots mod p,", FontSlant->"Italic"], " Mathematics of Computation, Vol. 44, No 170 (1985), 482-494\n\n[6] \ Schoof, Ren\[EAcute] - ", StyleBox["Counting points on elliptic curves over finite fields", FontSlant->"Italic"], ", Journal de T\[EAcute]orie des Nombres de Bordeaux 7 (1995), 219-254\n\n\ [7] Washington, Lawrence - ", StyleBox["Elliptic Curves - Number Theory and Cryptography,", FontSlant->"Italic"], " Chapman & Hall (2003)" }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "Appendix A - Dictionary of Our ", StyleBox["Mathematica", FontSlant->"Italic"], " Functions for Elliptic Curves" }], "Section", PageBreakAbove->True, CellTags->"c:56"], Cell[TextData[{ "This section gives a summary of the ", StyleBox["Mathematica", FontSlant->"Italic"], " functions we developed in order to implement, test and explain Schoof's \ algorithm. Many of these functions have value independent of Schoof's method \ and may be useful for other elliptic curve computation projects." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Number Theoretic Functions", "Subsubsection", CellTags->"c:57"], Cell[TextData[{ "EuclideanAlgorithm[ ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], " ]\n\tCompute the greatest common divisor ", Cell[BoxData[ \(TraditionalForm\`d\)]], " of the two integers ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], ".\n\t\n", Cell[BoxData[ \(TraditionalForm\`ExtendedEuclideanAlgorithm[a, b]\)]], "\n\tCompute ", Cell[BoxData[ \(TraditionalForm\`d = gcd(a, b)\)]], " and return ", Cell[BoxData[ \(TraditionalForm\`{d, r, s}\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`d = r\ a + s\ b\)]], "\n\t\n", Cell[BoxData[ \(TraditionalForm\`MultiplicativeInverse[a, p]\)]], "\n\tCompute ", Cell[BoxData[ \(TraditionalForm\`b\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`a\ b \[Congruent] 1 \((mod\ p)\)\)]], "\n\t\nModularExponentiation[ ", Cell[BoxData[ \(TraditionalForm\`a, n, p\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`a\^n\ \((mod\ p)\)\)]], "\n\t\nSquareRootModPShanksTonelli[ ", Cell[BoxData[ \(TraditionalForm\`a, p\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`c\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`c\^2 \[Congruent] a\ \((mod\ p)\)\)]], " if ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is a quadratic residue mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], ".\n\t\n", Cell[BoxData[ \(TraditionalForm\`EcAddMod[\ {a, b}, P\_1, P\_2, p\ ]\)]], "\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`P\_1 + P\)]], " using elliptic curve addition in\n\t ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ".\n\t\nEcPowerMod[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, k, p\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`k\ Q\)]], " in ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ".\n\t\nDetermineChineseRemainder[ ", Cell[BoxData[ \(TraditionalForm\`t\)]], " ]\n\tUses the Chinese Remainder Theorem to solve the set of congruences\n\ \t", Cell[BoxData[ \(TraditionalForm\`z \[Congruent] r\_i\ \((mod\ n\_i)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`i = 1, 2, ... , k\)]], " for the unknown ", Cell[BoxData[ \(TraditionalForm\`z\)]], ",\n\twhere these congruences are represented by the set of ordered pairs\n\ \t", Cell[BoxData[ \(TraditionalForm\`t = {{\(r\_\(\(1\)\(,\)\)\) n\_1}, {r\_2, n\_2}, ... , {r\_k, n\_k}}\)]] }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["Elliptic Curve Functions", "Subsubsection", CellTags->"c:58"], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`EcAdd[{\ a, b}, P, Q]\)]], "\n\tAdd the points ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], "\n\t\n", Cell[BoxData[ \(TraditionalForm\`IsEcQ[\ {a, b}, p\ ]\)]], "\n\tReturns true if ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], " is an elliptic curve, that is,\n\tif ", Cell[BoxData[ \(TraditionalForm\`\(\(E\)\(\ \)\)\)]], "has nonzero discriminant modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], "\n\t\nEcPointQ[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, {x, y}, p\)]], " ]\n\tReturn true if ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\)\)]], " satistfies ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + a\ x + b\)]], " in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ".\n\t\nEcAddMod[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, P, Q, p\)]], " ]\n\tAdd the points ", Cell[BoxData[ \(TraditionalForm\`P, Q\)]], " on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "\n\t\nEcPowerMod[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, k, p\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`k\ Q\)]], " on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "\n\t\nEcPointOrderMod[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, p, m\)]], " ]\n\tDetermines the value of ", Cell[BoxData[ \(TraditionalForm\`k \[LessEqual] m\)]], " for which ", Cell[BoxData[ \(TraditionalForm\`k\ Q = \[ScriptCapitalO]\)]], ", if any.\n\t\nFindEcPointSet[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]\n\tDetermines all points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " for the curve ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + a\ x + \ b\)]], "\n\tby exhaustive search.\n\n", Cell[BoxData[ \(TraditionalForm\`ComputeOrderEFq[\ t, p, n\ ]\)]], "\n\tGiven that ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ", this method computes ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(p\^n\))\)\)]], " as\n\t\t", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_\(p\^n\))\) = p\^n + 1 - \((\[Alpha]\^n + \[Beta]\^n)\)\)]], ", \n\t\twhere ", Cell[BoxData[ FormBox[ RowBox[{ FormBox[\(\(X\^2 + t\ X + p\)\(=\)\), "TraditionalForm"], \((X - \[Alpha])\), \((X - \[Beta])\)}], TraditionalForm]]], "\n\t\tand ", Cell[BoxData[ \(TraditionalForm\`\((\[Alpha]\^n + \[Beta]\^n)\)\)]], " is computed using a recursion relation\n\t\t\nEcPointOrderBabyGiant[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, p\)]], " ]\n\tComputes the order of the point ", Cell[BoxData[ \(TraditionalForm\`Q\)]], " in ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + \ b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "\n\tusing the Baby Step, Giant Step method.\n\t\nGenerateRandomPointEC[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]\n\tFinds a random point on ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + \ b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "\n\t\nEcGroupOrder[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]\n\tDetermines ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + \ b\)]], ".\n\tIt uses EcPointOrderBabyGiant on random points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], "\n\tuntil the least common multiple of their orders implies a\n\tunique \ value of the group order within Hasse's bounds." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]], Cell[CellGroupData[{ Cell["Functions that Comprise Schoof's Algorithm", "Subsubsection", CellTags->"c:59"], Cell[TextData[{ "ComputeTModTwo[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]\n\tDetermines ", Cell[BoxData[ \(TraditionalForm\`t(mod\ 2)\)]], " where ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\) = p + 1 - t\)]], ".\n\t\nComputePrimeSet[ ", Cell[BoxData[ \(TraditionalForm\`p\)]], " ]\n\tDetermines the set of small primes ", Cell[BoxData[ \(TraditionalForm\`{l\_i}\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\[Sum]\+\(i = 1\)\%L l\_i > 4 \@ p\)]], ".\n\t\nComputeDivisionPolynomials[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p, k\)]], " ]\n\tComputes the first ", Cell[BoxData[ \(TraditionalForm\`k\)]], " division polynomials for\n\t ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + \ b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ".\n\t\nComputeEquation16[ ", Cell[BoxData[ \(TraditionalForm\`p, l, {a, b}\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`\(p\_16\)(x, y) = \((x\^\(q\^2\) - x)\) \[Psi]\_k\%2 - \(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\ \((mod\ f\_l, p)\)\)]], "..\n\t\nComputeEquation17[ ", Cell[BoxData[ \(TraditionalForm\`p, l, w, {a, b}\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)(x, y) = \((x\^p - x)\) \[Psi]\_w\%2 - \(\[Psi]\_\(w - 1\)\) \[Psi]\_\(w + 1\)\ \((mod\ f\_l, p)\)\)]], ".\n\t\nComputeEquation18[ ", Cell[BoxData[ \(TraditionalForm\`p, l, w, {a, b}\)]], " ]\n\tComputes ", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x, y) = 4\ \ \(\[Psi]\_w\%3\) y\^\(p + 1\) - \(\[Psi]\_\(w + 2\)\) \[Psi]\_\(w - 1\)\%2 - \ \(\[Psi]\_\(w - 2\)\) \[Psi]\_\(w + 1\)\%2\ \((mod\ f\_l, p)\)\)]], ".\n\t\nComputeTmodLCaseOne[ ", Cell[BoxData[ \(TraditionalForm\`p, l, {a, b}\)]], " ]\n\tUses Schoof equations 16, 17, 18 to compute ", Cell[BoxData[ \(TraditionalForm\`t(mod\ l)\)]], ".\n\t\nComputeAlpha[ ", Cell[BoxData[ \(TraditionalForm\`p, l, {a, b}\)]], " ]\n\tGiven ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]/\[Beta]\)]], " for the elliptic curve addition ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_p\%2\) P + k\ P\)]], ",\n\tcompute the polynomial representing \[Alpha].\n\t\nComputeBeta[ ", Cell[BoxData[ \(TraditionalForm\`p, l, {a, b}\)]], " ]\n\tGiven ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]/\[Beta]\)]], " for the elliptic curve addition ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_p\%2\) P + k\ P\)]], ",\n\tcompute the polynomial representing \[Beta].\n\t\nComputeEquation19X[ \ p ", Cell[BoxData[ \(TraditionalForm\`l, \[Tau], {a, b}\)]], " ]\n\tCompute the polynomial, modulo ", Cell[BoxData[ \(TraditionalForm\`f\_l\)]], " representing Schoof equation (19x):\n\t", Cell[BoxData[{ \(TraditionalForm\`\(p\_\(19\_x\)\)(x, y) = \(\[Psi]\_\[Tau]\%\(2 p\)\)(\(\[Beta]\^2\)(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\) - \(\[Psi]\_k\%2\)( x\^\(p\^2\) + x\^p + x) + \[Alpha]\ \[Psi]\_k\%2))\), "\[IndentingNewLine]", \(TraditionalForm\`\ \ \(+\ \ \[Psi]\_k\%2\) \ \(\(\[Beta]\^2\)(\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] - \ 1\))\)\^p\)}]], ".\n\t\nComputeEquation19Y[ p ", Cell[BoxData[ \(TraditionalForm\`l, \[Tau], {a, b}\)]], " ]\n\tCompute the polynomial, modulo ", Cell[BoxData[ \(TraditionalForm\`f\_l\)]], " representing Schoof equation (19y):\n\t ", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x, y) = 4 \( f\_\[Tau]\%\(3\ p\)\) y\^p\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ \[Beta]\^2 - \[Beta]\^3\ \ y\^\(p\^2\) - \[Alpha]\^3)\)\ f\_k\%2\[IndentingNewLine] - \[Alpha]\ \ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \[Beta]\^3\ f\_k\%2\ \ \((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)]], "\n\t \nComputeGroupOrderSchoof[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]\n\tDetermines ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], " using Schoof's Algorithm " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "Appendix B - ", StyleBox["Mathematica", FontSlant->"Italic"], " Code for Our Elliptic Curve Functions" }], "Section", PageBreakAbove->True, CellTags->"c:60"], Cell[TextData[{ "This appendix provides a listing of ", StyleBox["Mathematica", FontSlant->"Italic"], " code for each of the functions listed in appendix A." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[CellGroupData[{ Cell["Number Theoretic Algorithms", "Subsection", CellTags->"c:62"], Cell[CellGroupData[{ Cell[TextData[{ "EuclideanAlgorithm[ ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], " ]" }], "Subsubsection", CellTags->"c:63"], Cell[TextData[{ "Compute the greatest common divisor of two integers ", Cell[BoxData[ \(TraditionalForm\`a, b\)]], " using the Euclidean Algorithm." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(EuclideanAlgorithm[a_, b_] := Module[{x, y, r1, r2, m}, \[IndentingNewLine]x = Max[a, b]; \ y = Min[a, b]; \[IndentingNewLine]r1 = y; \ r2 = Mod[x, y]; \[IndentingNewLine]While[ r2 > 0, \[IndentingNewLine]m = r2; \[IndentingNewLine]r2 = Mod[r1, r2]; \[IndentingNewLine]r1 = m;\[IndentingNewLine]]; \[IndentingNewLine]Return[ r1];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`ExtendedEucideanAlgorithm[\ a, b\ ]\)]], " " }], "Subsubsection", CellTags->"c:64"], Cell[TextData[{ "Computes ", Cell[BoxData[ \(TraditionalForm\`d = gcd(a, b)\)]], " and returns ", Cell[BoxData[ \(TraditionalForm\`{d, r, s}\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`d = r\ a + s\ b\)]], ". The results are returned as the list ", Cell[BoxData[ \(TraditionalForm\`{d, r, s}\)]], " ." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(ExtendedEucideanAlgorithm[a_Integer, b_Integer] := Module[{s1, s2, t1, t2, r1, r2, q1, q2}, \[IndentingNewLine]{s1, s2} = {1, 0}; {t1, t2} = {0, 1}; \[IndentingNewLine]{r1, r2} = {a, b}; {q1, q2} = {0, 1}; \[IndentingNewLine]While[ r2 > 0, \[IndentingNewLine]{q1, q2} = {q2, Quotient[r1, r2\ ]\ }; \[IndentingNewLine]{r1, r2} = {r2, Mod[r1, r2\ ]\ }; \[IndentingNewLine]{s1, s2} = {s2, s1 - s2*q2}; \[IndentingNewLine]{t1, t2} = {t2, t1 - t2* q2};\[IndentingNewLine]]; \[IndentingNewLine]Return[{r1, s1, t1}];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`MultiplicativeInverse[\ a, p\ ]\)]], " " }], "Subsubsection", CellTags->"c:65"], Cell[TextData[{ "The following ", StyleBox["Mathematica", FontSlant->"Italic"], " function computes the multiplicative inverse of ", Cell[BoxData[ \(TraditionalForm\`a\)]], " modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", ", Cell[BoxData[ \(TraditionalForm\`\(a\^\(-1\)\)(mod\ p)\)]], ". The function returns ", Cell[BoxData[ \(TraditionalForm\`a\^\(-1\)\)]], " if ", Cell[BoxData[ \(TraditionalForm\`gcd(a, p) = 1\)]], ", otherwise ", Cell[BoxData[ \(TraditionalForm\`d | p\)]], " so that ", Cell[BoxData[ \(TraditionalForm\`d \[NotEqual] 1\)]], " is a factor of ", Cell[BoxData[ \(TraditionalForm\`p\)]], " so we throw the message \"Factor of ", Cell[BoxData[ \(TraditionalForm\`p\)]], " found = d\", which of course means that ", Cell[BoxData[ \(TraditionalForm\`p\)]], " was not prime." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(MultiplicativeInverse[a_Integer, p_Integer] := Module[{d, r, s}, \[IndentingNewLine]{d, r, s} = ExtendedEucideanAlgorithm[a, p]; \[IndentingNewLine]If[ d \[NotEqual] 1, Throw[{"\", d}]]; \[IndentingNewLine]r = Mod[r, p]; \[IndentingNewLine]Return[ r];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "ModularExponentiation[ ", Cell[BoxData[ \(TraditionalForm\`a, n, p\)]], " ] returns ", Cell[BoxData[ \(TraditionalForm\`a\^n\ \((mod\ p)\)\)]] }], "Subsubsection", CellTags->"c:66"], Cell[TextData[{ "Compute ", Cell[BoxData[ \(TraditionalForm\`\(a\^n\)(mod\ p)\)]], " - equivalent to the built-in ", StyleBox["Mathematica", FontSlant->"Italic"], " function PowerMod" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ModularExponentiation[a_Integer, n_Integer, p_Integer]\), ":=", RowBox[{"Module", "[", RowBox[{\({t, x, b}\), ",", "\[IndentingNewLine]", RowBox[{\(b = n\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(set\ t \[Congruent] a \((mod\ p)\)\ in\ case\ a\ < \ 0\ or\ a\ > \ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(t = Mod[a, p]\), ";", "\[IndentingNewLine]", \(x = 1\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(for\ each\ bit\ in\ the\ binary\ representation\ \ of\ n\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{\(b \[NotEqual] 0\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(if\ the\ k\^th\ bit\ is\ 1\ set\ x\ \ \[Congruent] \ x*\(a\^k\) \((mod\ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[ Mod[b, 2] \[NotEqual] 0, \[IndentingNewLine]\(x = Mod[x*t, p];\)\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(a\^\(2\^k\)\ \[Congruent] \ \((a\^\(2\^\(k \ - 1\)\))\)\^2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(t = Mod[t*t, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(bring\ the\ next\ bit\ of\ n\ to\ the\ least\ \ significant\ position\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(b = Quotient[b, 2]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[x]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "QuadraticResidueQ[ ", Cell[BoxData[ \(TraditionalForm\`a, p\)]], " ]" }], "Subsubsection", CellTags->"c:67"], Cell[TextData[{ "This function uses Euler's criteria, as explained above, to determine if \ ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is a quadratic residue mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". It returns true if ", Cell[BoxData[ \(TraditionalForm\`a\)]], " is a quadratic residue, else it returns false." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(QuadraticResidueQ[a_, p_] := ModularExponentiation[a, \((p - 1)\)/2, p] \[Equal] 1;\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "RandomNonResidue", "[ ", Cell[BoxData[ \(TraditionalForm\`p\)]], " ]" }], "Subsubsection", CellTags->"c:68"], Cell[TextData[{ "Choose a random quadratic nonresidue mod ", Cell[BoxData[ \(TraditionalForm\`p\)]], ", that is a number ", Cell[BoxData[ \(TraditionalForm\`1 < x < p\)]], " with ", Cell[BoxData[ \(TraditionalForm\`x\^\(\((p - 1)\)/2\) \[Congruent] \(-1\) \((mod\ \ p)\)\)]], ". Since exactly ", Cell[BoxData[ \(TraditionalForm\`1/2\)]], " of all elements of ", Cell[BoxData[ \(TraditionalForm\`\(\[DoubleStruckCapitalF]\_p\%\[Cross]\)\)]], " are quadratic nonresidues, this will occur within 5 trials with better \ than 95% probability." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(RandomNonResidue[p_] := Module[{x}, \[IndentingNewLine]x = 3; \[IndentingNewLine]While[ QuadraticResidueQ[x, p], \[IndentingNewLine]\(x = Random[Integer, {2, p - 1}];\)\[IndentingNewLine]]; \[IndentingNewLine]Return[ x];\[IndentingNewLine]]\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "SquareRootModPShanksTonelli[ ", Cell[BoxData[ \(TraditionalForm\`a, p\)]], " ]" }], "Subsubsection", CellTags->"c:69"], Cell[TextData[{ "This function solves the congruence ", Cell[BoxData[ \(TraditionalForm\`x\^2 \[Congruent] a\ \((mod\ p)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`x\)]], ", which must be quadratic residue modulo the prime ", Cell[BoxData[ \(TraditionalForm\`p\)]], ". It returns ", Cell[BoxData[ \(TraditionalForm\`x\)]], " if it exists, else it returns {}." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(SqrtModPShanksTonelli[a_, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({s, e, n, q, x, b, g, r, y, m\ }\), ",", "\[IndentingNewLine]", RowBox[{\(If[\(! PrimeQ[ p]\), \[IndentingNewLine]Print["\"]; \[IndentingNewLine]\ Return[{}];\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", \(If[\(! QuadraticResidueQ[a, p]\), \[IndentingNewLine]\ Print[a, \ "\< is not quadratic residue mod \>", p]; \[IndentingNewLine]Return[{}];\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ p\ \[Congruent] \ 3\ \((mod\ 4)\)\ x\ \[Congruent] \ \(a\^\(\(p + 1\)\/4\)\) \((mod\ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[ Mod[p, 4] \[Equal] 3, \[IndentingNewLine]x = PowerMod[a, \((p + 1)\)/4, p]; \[IndentingNewLine]Return[ x];\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", \(s = p - 1\), ";", " ", \(e = 0\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ s, e\ \[SuchThat] \ p - 1\ = \ s*2\^e\ and\ s\ is\ odd\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(While[EvenQ[s], s = Quotient[s, 2]; \(++e\);]\), ";", "\[IndentingNewLine]", \( (*\ \(Print["\", s, "\< * 2^\>", e];\)\ *) \), "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Find\ n\ \[SuchThat] \ n\^\(\((p - 1)\)/2\) \[Congruent] \ \(-1\)\ \((mod\ \ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(n = 2\), ";", "\[IndentingNewLine]", \(q = \((p - 1)\)/2\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(\(...\)\(\ \)\(this\)\(\ \)\(won'\) \(t\)\(\ \ \)\(take\)\(\ \)\(long\)\(\ \)\(since\)\(\ \)\(1\/2\)\(\ \)\(elements\)\(\ \)\ \(of\)\(\ \)\(\[DoubleStruckCapitalZ]\_p\)\(\ \)\(are\)\(\ \)\(quadratic\)\(\ \ \)\(nonresidues\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(While[ PowerMod[n, q, p] \[NotEqual] p - 1, \(++n\)]\), ";", "\[IndentingNewLine]", \( (*\ \(Print["\", n];\)\ *) \), "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox["Initialize", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(x = PowerMod[a, \((s + 1)\)/2, p]\), ";", " ", RowBox[{"(*", " ", RowBox[{ StyleBox[\(guess\ at\ square\ root\ \ x\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["\[Congruent]", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SuperscriptBox[ StyleBox["a", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], \(\((s + 1)\)/2\)], FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(b = PowerMod[a, s, p]\), ";", " ", RowBox[{"(*", " ", StyleBox[\(guess\ at\ fudge\ factor\ b\ \[Congruent] \ a\^s\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(g = PowerMod[n, s, p]\), ";", " ", RowBox[{"(*", " ", StyleBox[\(used\ to\ update\ x, \ b\ at\ each\ step\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(r = \ e\), ";", " ", RowBox[{"(*", " ", StyleBox[\(exponent, \ will\ decrease\ at\ each\ step\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \( (*\ \(Print["\"];\)\ *) \), "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{ "True", ",", "\[IndentingNewLine]", \( (*\ \(Print[{x, b, g, r}];\)\ *) \), "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Find\ m\ < \ r\ \[SuchThat] \ b\^\(2\^m\) \[Congruent] \ 1\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(y = b\), ";", " ", \(m = 0\), ";", "\[IndentingNewLine]", \(While[y\ \[NotEqual] \ 1, \ y\ = \ Mod[y*y, p]; \(++m\);]\), ";", "\[IndentingNewLine]", \(If[m \[Equal] 0, Return[x]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ y\ = \ g\^\(2\^\(r - m - 1\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y = g\), ";", "\[IndentingNewLine]", \(For[i = 1, i \[LessEqual] r - m - 1, \(++i\); y = Mod[y*y, p]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(x\ = \ x*g\^\(2\^\(r - m - 1\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(x = Mod[x*y, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(b\ = \ b*g\^\(2\^\(r - m\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y = Mod[y*y, p]\), ";", "\[IndentingNewLine]", \(b = Mod[b*y, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(g\ = \ g\^\(2\^\(r - m\)\)\ , \ r\ = \ m\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(g = y\), ";", " ", \(r = \ m\), ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "DetermineChineseRemainder[ ", Cell[BoxData[ \(TraditionalForm\`t\)]], " ]" }], "Subsubsection", CellTags->"c:70"], Cell[TextData[{ "Solve the set of integer congruences\n\t", Cell[BoxData[ \(TraditionalForm\`z \[Congruent] r\_i\ \((mod\ n\_i)\)\)]], " for ", Cell[BoxData[ \(TraditionalForm\`i = 1, 2, ... , k\)]], ".\nfor ", Cell[BoxData[ \(TraditionalForm\`z\)]], ", where these congruences are represented by the set of ordered pairs\n\t\ ", Cell[BoxData[ \(TraditionalForm\`t = {{\(r\_\(\(1\)\(,\)\)\) n\_1}, {r\_2, n\_2}, ... , {r\_k, n\_k}}\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(DetermineChineseRemainder[t_]\), ":=", RowBox[{"Module", "[", RowBox[{\({k, n, r, m, a, e}\), ",", "\[IndentingNewLine]", RowBox[{\(k = Length[t]\), ";", "\[IndentingNewLine]", \({r, n} = Transpose[t]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[\(Compute\ N\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox[ RowBox[{ RowBox[{\(n\_1\), " ", StyleBox[\(n\_2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["...", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\(n\_k\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(m = Apply[Times, n]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", m]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ RowBox[{ StyleBox["Compute", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SubscriptBox[ StyleBox["a", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox["N", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["/", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SubscriptBox[ StyleBox["n", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(a = Map[m/# &, n]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(a\_i\) = \>\"", a]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ RowBox[{ StyleBox["Compute", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SubscriptBox[ StyleBox["b", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ RowBox[{ SuperscriptBox[ SubscriptBox[ StyleBox["a", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], \(-1\)], RowBox[{"(", RowBox[{"mod", " ", StyleBox[ SubscriptBox[ StyleBox["n", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}], ")"}]}], FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(b = Inner[PowerMod[#1, \(-1\), #2] &, a, n, List]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(b\_i\) = \!\(a\_i\^\(-1\)\)(mod \!\(n\ \_i\)) = \>\"", b]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ RowBox[{ StyleBox["Compute", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SubscriptBox[ StyleBox["e", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ RowBox[{ SubscriptBox[ StyleBox["a", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], "*", \(b\_i\)}], FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(e = a*b\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(e\_i\) = \!\(a\_\(\(i\)\(\\\ \)\)\)\!\ \(b\_i\) = \>\"", e]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ z\ = \ \(e . r\ = \ \(\(e\_1\) r\_1 + \(e\_2\) r\_2 + ... \) + \(e\_k\) r\_k\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(z = e . r\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", z]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(Return[Mod[z, m]]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["Elliptic Curve Arithmetic Algorithms", "Subsection", CellTags->"c:71"], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`EcAdd[\ {a, b}, {x\_1, y\_1}, {x\_2, y\_2}\ ]\)]]], "Subsubsection", CellTags->"c:72"], Cell[TextData[{ "This ", StyleBox["Mathematica", FontSlant->"Italic"], " function performs the elliptic curve group addition ", Cell[BoxData[ \(TraditionalForm\`P\_1 + P\_2\)]], ". The parameters are ", Cell[BoxData[ \(TraditionalForm\`{A, B}\)]], " representing ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " and ", Cell[BoxData[ \(TraditionalForm\`\(\(\ \)\(P\_1 = {x\_1, y\_1}, P\_2 = {x\_2, y\_2}\)\)\)]], ". Note that the arithmetic in ", StyleBox["Mathematica", FontSlant->"Italic"], " is exact, so rational input will return a rational sum." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(EcAdd[{a_, b_}, {x1_, y1_}, {x2_, y2_}\ ]\), ":=", RowBox[{"Module", "[", RowBox[{\({m, x3, y3}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Handle\ identity\ cases\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[x1 \[Equal] \[Infinity], Return[p2]]\), ";", "\[IndentingNewLine]", \(If[x2 \[Equal] \[Infinity], Return[p1]]\), ";", "\[IndentingNewLine]", \(If[x1 \[Equal] x2 && y1 == \(-y2\), Return[{\[Infinity], \[Infinity]}]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ we\ are\ doubling\ a\ point\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(x1 \[Equal] x2 && y1 == y2\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ the\ slope\ of\ the\ tangent\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = \((3\ x1\^2 + a)\)/\((2\ y1)\);\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(else\ compute\ the\ slope\ of\ the\ chord\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = \((y2 - y1)\)/\((x2 - x1)\);\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(x3 = m\^2 - x1 - x2\), ";", "\[IndentingNewLine]", \(y3 = m \((x1 - x3)\) - y1\), ";", "\[IndentingNewLine]", \(Return[{x3, y3}]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`EcDiscriminant[\ {a, b}, p\ ]\)]]], "Subsubsection", CellTags->"c:73"], Cell[TextData[{ "The discriminant of a polynomial is the product of the squares of the \ differences between all distinct pairs of roots. For a cubic polynomial this \ is ", Cell[BoxData[ \(TraditionalForm\`d = \(\((r\_1 - r\_2)\)\^2\) \(\((r\_1 - r\_3)\)\^2\) \((r\_2 - r\_3)\)\^2\)]], ". For the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " this is given by\n\t\t", Cell[BoxData[ \(TraditionalForm\`d \[Congruent] \(-\((4\ a\^3 + 27\ b\^2)\)\) \((mod\ p)\)\)]], " " }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(EcDiscriminant[{a_, b_}, p_] := Mod[\(-\((4\ *ModularExponentiation[a, 3, p] + 27*ModularExponentiation[b, 2, p])\)\), p];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`IsEcQ[\ {a, b}, p\ ]\)]]], "Subsubsection", CellTags->"c:74"], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], " specifies an elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " if and only if the right hand side has distinct roots. This is true if \ and only if the discriminant is nonzero modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(IsEcQ[{a_, b_}, p_] := EcDiscriminant[{a, b}, p] \[NotEqual] 0;\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "EcPointQ[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, {x, y}, p\)]], " ]" }], "Subsubsection", CellTags->"c:75"], Cell[TextData[{ "Returns true if ", Cell[BoxData[ \(TraditionalForm\`\((x, y)\) \[Element] E(\[DoubleStruckCapitalF]\_p)\)]], " if and only if ", Cell[BoxData[ \(TraditionalForm\`y\^2 \[Congruent] x\^3 + a\ x + b\ \((mod\ p)\)\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(IsEcPointQ[{a_, b_}, {x_, y_}, p_] := Mod[ModularExponentiation[x, 3, p] + a\ x\ + \ b - ModularExponentiation[y, 2, p], p] \[Equal] 0;\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`EcAddMod[\ {a, b}, P\_1, P\_2, p\ ]\)]]], "Subsubsection", CellTags->"c:76"], Cell[TextData[{ "This function performs the elliptic curve group addition ", Cell[BoxData[ \(TraditionalForm\`P\_1 + P\_2\)]], " over the finite field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". The parameters are ", Cell[BoxData[ \(TraditionalForm\`{a, b}, \ P\_1 = {x\_1, y\_1}, P\_2 = {x\_2, y\_2}\)]], ", where ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is the characteristic of the field, which must be prime. The function \ accepts and returns ", Cell[BoxData[ \(TraditionalForm\`{\[Infinity], \[Infinity]}\)]], " for the group identity \[ScriptCapitalO]. It returns {} if either point \ does not lie on the elliptic curve." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(EcAddMod[{a_, b_}, p1_, p2_, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({m, x1, y1, x2, y2, x3, y3, w}\), ",", "\[IndentingNewLine]", RowBox[{\({x1, y1} = p1\), ";", " ", \({x2, y2} = p2\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Handle\ identity\ cases\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[x1 \[Equal] \[Infinity], Return[p2]]\), ";", "\[IndentingNewLine]", \(If[x2 \[Equal] \[Infinity], Return[p1]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_1\ + \ \((\(-p\_1\))\)\ = \ \[Infinity]\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[ x1 \[Equal] x2 && Mod[y1 + y2, p] \[Equal] 0, Return[{\[Infinity], \[Infinity]}]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Verify\ that\ the\ points\ lie\ on\ the\ curve\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[\(! IsEcPointQ[{a, b}, {x1, y1}, p]\), Return[{}]]\), ";", "\[IndentingNewLine]", \(If[\(! IsEcPointQ[{a, b}, {x2, y2}, p]\), Return[{}]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ we\ are\ doubling\ a\ point\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(p1 \[Equal] p2\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Check\ for\ vertical\ tangent\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[y1 \[Equal] 0, Return[{\[Infinity], \[Infinity]}]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ the\ slope\ of\ the\ tangent\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(w = MultiplicativeInverse[2\ y1, p]\), ";", "\[IndentingNewLine]", \(m = Mod[\((3\ x1\^2 + a)\)*w, p]\), ";"}], "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(else\ compute\ the\ slope\ of\ the\ chord\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(w = MultiplicativeInverse[x2 - x1, p]; \[IndentingNewLine]m = Mod[\((y2 - y1)\)*w, p];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(x3 = Mod[m\^2 - x1 - x2, p]\), ";", "\[IndentingNewLine]", \(y3 = Mod[m \((x1 - x3)\) - y1, p]\), ";", "\[IndentingNewLine]", \(Return[{x3, y3}]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "EcPowerMod[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, k, p\)]], " ]" }], "Subsubsection", CellTags->"c:77"], Cell[TextData[{ "Compute ", Cell[BoxData[ \(TraditionalForm\`k\ Q\)]], " in the abelian group of points on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], ". This algorithm is similar to the modular exponentiation method, in that \ it uses the binary representation of ", Cell[BoxData[ \(TraditionalForm\`k\)]], " to convert the problem into a series of doublings and additions in ", Cell[BoxData[ \(TraditionalForm\`E\)]], ". The algorithm is based on Washington ", "\[Section]", " 2.2 under \"Integer Times a Point\"." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(EcPowerMod[{a_, b_}, q_, k_, p_] := Module[{i, r, s}, \[IndentingNewLine]i = k; \ r = {\[Infinity], \[Infinity]}; \ s = q; \[IndentingNewLine]While[ i \[NotEqual] 0, \[IndentingNewLine]\(If[ EvenQ[i], \[IndentingNewLine]i = Quotient[i, 2]; \[IndentingNewLine]s = EcAddMod[{a, b}, s, s, p];\[IndentingNewLine], \[IndentingNewLine]i = i - 1; \[IndentingNewLine]r = EcAddMod[{a, b}, r, s, p];\[IndentingNewLine]];\)\[IndentingNewLine]]; \ \[IndentingNewLine]Return[r];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`EcJinvariant[\ {a, b}, p\ ]\)]]], "Subsubsection", CellTags->"c:78"], Cell[TextData[{ "Computes the ", StyleBox["j", FontSlant->"Italic"], "-invariant of ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x\ + b\)]], " as\n\t", Cell[BoxData[ \(TraditionalForm\`j = 1728\ \(4\ a\^3\)\/\(4\ a\^3 + 27\ b\^3\)\)]], "\nIf two elliptic curves have the same j-invariant then there exist an \ isomorphism over the algebraic closure of ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " which transforms one into the other." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(EcJinvariant[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({a3, b2, n, d, di, j}\), ",", "\[IndentingNewLine]", RowBox[{\(a3 = PowerMod[a, 3, p]\), ";", "\[IndentingNewLine]", \(b2 = PowerMod[b, 2, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[\(denominator\ is\ 4 a\^3\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["+", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox["27", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SuperscriptBox[ StyleBox["b", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "3"], FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(d = Mod[4*a3 + 27*b2, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(d\^\(-1\)\ \((mod\ p)\)\ exists\ because\ \ \[DoubleStruckCapitalF]\_p\ is\ a\ field\ and\ d\ \[NotEqual] \ 0\[IndentingNewLine] for\ an\ elliptic\ curve\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(di = MultiplicativeInverse[d, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(j\ = \ 1728\ \(4 a\^3\)\/\(4\ a\^3 + 27\ b\^2\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(j = Mod[1728*4*a3*di, p]\), ";", "\[IndentingNewLine]", \(Return[j]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "EcPointOrderMod[ ", Cell[BoxData[ \(TraditionalForm\`ec, Q, p, m\)]], " ]" }], "Subsubsection", CellTags->"c:79"], Cell[TextData[{ "This function computes the order of a point ", Cell[BoxData[ \(TraditionalForm\`Q\)]], " on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " as the smallest\n\t ", Cell[BoxData[ \(TraditionalForm\`k \[Element] \[DoubleStruckCapitalZ]\_p \[SuchThat] k\ Q = \[ScriptCapitalO]\)]], " on ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ".\nIt works by direct search so is suitable only if the order is small. \ It tries orders up to ", Cell[BoxData[ \(TraditionalForm\`m\)]], " and returns zero if ", Cell[BoxData[ \(TraditionalForm\`\(\(|\)\(Q\)\(|\)\(\(>\)\(m\)\)\)\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(EcPointOrderMod[ec_, p1_, p_, m_]\), ":=", RowBox[{"Module", "[", RowBox[{\({k, p2, pn3}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Test\ for\ special\ case\ orders\ 1, 2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[p1 \[Equal] {\[Infinity], \[Infinity]}, Return[1]]\), ";", "\[IndentingNewLine]", \(p2 = EcAddMod[ec, p1, p1, p]\), ";", "\[IndentingNewLine]", \(If[ p2 \[Equal] {\[Infinity], \[Infinity]}, Return[2]]\), ";", "\[IndentingNewLine]", \(k = 3\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(compute\ - P\ \((mod\ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(pn3 = Mod[p1*{1, \(-1\)}, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(while\ \((k - 1)\) P\ \[NotEqual] \ \(-P\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{\(p2 \[NotEqual] pn3 && k < m\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(kP\ = \ P\ + \ \((k - 1)\) P\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = EcAddMod[ec, p2, p1, p]; \[IndentingNewLine]\(++k\);\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(did\ not\ find\ a\ solution\ < \ m, \ return\ 0\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[k \[GreaterEqual] m, Return[0]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(return\ the\ order\ of\ P\ = \ k\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(Return[k]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`FindEcPointSet[\ {a, b}, p\ ]\)]]], "Subsubsection", PageBreakAbove->True, CellTags->"c:80"], Cell[TextData[{ "Find all points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " by testing every value of ", Cell[BoxData[ \(TraditionalForm\`x \[Element] \[DoubleStruckCapitalF]\_p\)]], " to determine if there are values of ", Cell[BoxData[ \(TraditionalForm\`y \[Element] \[DoubleStruckCapitalF]\_p\)]], " satisfying ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x\ + B\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(FindEcPointSet[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({s, x, e1, x1, y1, y2}\), ",", "\[IndentingNewLine]", RowBox[{\(e1 = x\^3 + a\ x\ + \ b\), ";", "\[IndentingNewLine]", RowBox[{"s", "=", RowBox[{"Reap", "[", "\[IndentingNewLine]", RowBox[{ RowBox[{"For", "[", RowBox[{\(x1 = 0\), ",", \(x1 < p\), ",", \(++x1\), ",", "\[IndentingNewLine]", RowBox[{\(y2 = Mod[e1 /. x \[Rule] x1, p]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(y2 \[Equal] 0\), ",", "\[IndentingNewLine]", \(Sow[{x1, 0, 0}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ y2\ has\ a\ square\ root\ mod\ \ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{ RowBox[{"If", "[", RowBox[{\(QuadraticResidueQ[y2, p]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(find\ the\ smallest\ y1\ \ \[SuchThat] \ y1\^2\ \[Congruent] \ y2 \((mod\ p)\)\), FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y1 = SqrtModPShanksTonelli[y2, p]; \[IndentingNewLine]Sow[{x1, y1, Mod[\(-y1\), p]}];\)}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";"}], "\[IndentingNewLine]", "]"}]}], ";", "\[IndentingNewLine]", \(Return[First[Last[s]]]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`ProduceEcPointTable[\ {a, b}, p\ ]\)]]], "Subsubsection", CellTags->"c:81"], Cell[TextData[{ "This function produces a table of all points in ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], ", along with the order of each point. It returns the order of the group \ ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " by counting the points." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ProduceEcPointTable[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({s, c, t}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Find\ the\ set\ of\ points\ on\ y\^\(\(2\)\(\ \)\) = \ x\^3 + a\ x\ + \ b\ over\ \[DoubleStruckF]\_P\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(s = FindEcPointSet[{a, b}, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ # E \((\[DoubleStruckCapitalF]\_p)\)\ by\ counting\ the\ \ points, \ including\ \[ScriptCapitalO]\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(c = 2*Length[s] + 1 - Length[Select[s, Last[#] \[Equal] 0 &]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Determine\ the\ order\ of\ each\ point\ an\ put\ it\ \ in\ the\ last\ column\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(t = Map[Append[#, EcPointOrderMod[{a, b}, Take[#, 2], p, 2*p]] &, s]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Produce\ a\ nice\ table\ with\ headings\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(t2 = Prepend[t, {"\", "\<\!\(y\_1\)\>", "\<\!\(y\_2\)\>", \ "\"}]\), ";", "\[IndentingNewLine]", \(Print[ FrameBox[ GridBox[t2, RowLines \[Rule] True, ColumnLines \[Rule] True]] // DisplayForm]\), ";", "\[IndentingNewLine]", \(Return[c]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["Methods to Determine the Elliptic Curve Group Order", "Subsection", PageBreakAbove->True, CellTags->"c:82"], Cell[CellGroupData[{ Cell[TextData[Cell[BoxData[ \(TraditionalForm\`ComputeOrderEFq[\ t, p, n\ ]\)]]], "Subsubsection", CellTags->"c:83"], Cell[TextData[{ "Given that ", Cell[BoxData[ \(TraditionalForm\`# E[\[DoubleStruckCapitalF]\_p] = p + 1 - t\)]], ", this method computes and returns ", Cell[BoxData[ \(TraditionalForm\`# E[\[DoubleStruckCapitalF]\_\(p\^n\)]\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(ComputeOrderEFq[t_, p_, n_] := Module[{sn0, sn1, sn2, k}, \[IndentingNewLine]sn0 = 2; \[IndentingNewLine]sn1 = t; \[IndentingNewLine]For[k = 2, k \[LessEqual] n, \(++k\), \[IndentingNewLine]sn2 = t*\ sn1 - p*\ sn0; \[IndentingNewLine]sn0 = sn1; \[IndentingNewLine]sn1 = sn2;\[IndentingNewLine]]; \[IndentingNewLine]Return[ p\^n + 1 - sn2];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "EcPointOrderBabyGiant[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, Q, p\)]], " ]" }], "Subsubsection", CellTags->"c:84"], Cell[TextData[{ "Use the BabyStep-GiantStep method to find order of the point ", Cell[BoxData[ \(TraditionalForm\`Q\)]], ", that is\n\tfind ", Cell[BoxData[ \(TraditionalForm\`m \[Element] \[DoubleStruckCapitalZ]\_q \[SuchThat] m\ Q = \(\[Infinity]\ \ on\ the\ elliptic\ curve\ \(E : y\^2\) = x\^3 + a\ x + b\)\)]], ".\n\tThis method is described in Washington[7] ", "\[Section]", " 4.3." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(EcPointOrderBabyGiant[ec_, P1_, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({Q1, i, j, k, m, b, t1, t2, p2, pm3, pm4, m1, f1, x1, q2, q3, pn5, pn6, pn7}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Check\ for\ small\ order\ directly\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(k = EcPointOrderMod[ec, P1, p, Min[100, p]]\), ";", "\[IndentingNewLine]", \(If[k > 0, \ Return[k]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ Q\ = \ \((p + 1)\) P\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(Q1 = EcPowerMod[ec, P1, p + 1, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Table\ size\ m\ = \ \[LeftCeiling]\@p\%4\ \[RightCeiling]\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = Ceiling[Power[p, 1/4]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Create\ table\ of\ iP\ for\ i = 1, m\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(t1 = {P1}\), ";", "\[IndentingNewLine]", \(p2 = P1\), ";", "\[IndentingNewLine]", \(For[i = 2, i \[LessEqual] m, \(++i\), \[IndentingNewLine]p2 = EcAddMod[ec, p2, P1, p]; \[IndentingNewLine]AppendTo[t1, p2];\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", \(t2 = First[Transpose[t1]]\), ";", "\[IndentingNewLine]", \(q2 = Q1\), ";", "\[IndentingNewLine]", \(q3 = Q1\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Create\ table\ of\ Q\ + \ 2 kmP\ for\ k = \(-m\), ... , m\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(pm3 = EcPowerMod[ec, P1, 2*m, p]\), ";", "\[IndentingNewLine]", \(pm4 = pm3\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ - P \((mod\ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(pn5 = Mod[P1*{1, \(-1\)}, p]\), ";", "\[IndentingNewLine]", \(pn6 = EcPowerMod[ec, pn5, 2*m, p]\), ";", "\[IndentingNewLine]", \(pn7 = pn6\), ";", "\[IndentingNewLine]", \(k = 0\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ for\ k = \(\[PlusMinus]1\), \ \(\[PlusMinus]2\), ... \), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{"True", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Until\ Q\ + \ 2 kmP\ = \ \(\[PlusMinus]jP\)\ or\ ... \), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[ MemberQ[t2, First[q2]], \[IndentingNewLine]\(Break[];\)\ \[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Until\ Q\ - \ 2 kmP\ = \ \(\[PlusMinus]jP\)\ or\ ... \), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[ MemberQ[t2, First[q3]], \[IndentingNewLine]k = \(-k\); \ \[IndentingNewLine]q2 = q3; \[IndentingNewLine]Break[];\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ next\ Q\ \[PlusMinus] \ 2 kmP\ for\ next\ k\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(q2 = EcAddMod[ec, Q1, pm4, p]\), ";", "\[IndentingNewLine]", \(q3 = EcAddMod[ec, Q1, pn7, p]\), ";", "\[IndentingNewLine]", \(pm4 = EcAddMod[ec, pm4, pm3, p]\), ";", "\[IndentingNewLine]", \(pn7 = EcAddMod[ec, pn7, pn6, p]\), ";", "\[IndentingNewLine]", \(++k\), ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Here\ we\ have\ Q\ \[PlusMinus] \ 2 kmP\ = \ \(\[PlusMinus]jP\), \ figure\ out\ j\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(j = First[Flatten[Position[t2, First[q2]]]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Determine\ which\ \[PlusMinus] j\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = t1[\([j]\)]\), ";", "\[IndentingNewLine]", \(If[ Last[q2] \[NotEqual] Last[p2]\ , \[IndentingNewLine]\(If[ Last[q2] \[Equal] Mod[\(-Last[p2]\), p], \[IndentingNewLine]\(j = \(-j\);\)\ \[IndentingNewLine], \[IndentingNewLine]Print["\"]; \[IndentingNewLine]Return[ 0];\[IndentingNewLine]];\)\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ M\ \[SuchThat] \ Order \((P)\)\ | \ M\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m1 = p + 1 + 2*m*k - j\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(TBD\ - \ This\ fails\ if\ m1\ = \ \(0\ = \(\(\(>\)\(\ \ \)\(j\)\)\ = \ p\ + \ 1\ + \ 2*m*k\)\)\), FontSlant->"Italic", FontColor->RGBColor[1, 0, 0]], " ", "*)"}], "\[IndentingNewLine]", \(If[m1\ \[Equal] \ 0, \ Print["\"]; Return[0]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ M\ is\ prime, \ it\ must\ be\ the\ order\ of\ P\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[PrimeQ[m1], \ Return[m1]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Factor\ can\ be\ VERY\ hard\ if\ no\ small\ \ factors\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(f1 = FactorInteger[m1]\), ";", "\[IndentingNewLine]", \(b = True\), ";", "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{"b", ",", "\[IndentingNewLine]", RowBox[{\(b = False\), ";", "\[IndentingNewLine]", RowBox[{"For", "[", RowBox[{\(i = 1\), ",", \(i \[LessEqual] Length[f1]\), ",", \(++i\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Divide\ out\ a\ prime\ factor\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(x1 = m1/First[f1[\([i]\)]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ RowBox[{ RowBox[{ StyleBox["If", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["x", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["P", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\((mod\ p)\), FontSlant->"Plain", FontColor->RGBColor[0, 0, 1]]}], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["P", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], StyleBox[",", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\(M\ = \ x\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(pm3 = EcPowerMod[ec, P1, x1 - 1, p]\), ";", "\[IndentingNewLine]", \(If[ pm3 \[Equal] pn5, \[IndentingNewLine]m1 = x1; \[IndentingNewLine]b = True; \[IndentingNewLine]If[\(--f1[\([i, 2]\)]\)\ \[LessEqual] \ 0, \ f1 = Delete[f1, i]]; \[IndentingNewLine]Break[];\ \[IndentingNewLine]]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[m1]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "GenerateRandomPointEC[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]" }], "Subsubsection", CellTags->"c:85"], Cell[TextData[{ "Generate a random point ", Cell[BoxData[ \(TraditionalForm\`{x, y}\)]], " on the elliptic curve given by ", Cell[BoxData[ \(TraditionalForm\`ec = {A, B}\)]], " such that\n\t", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x\ + B\)]], " with all arithmetic modulo ", Cell[BoxData[ \(TraditionalForm\`p\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(GenerateRandomPointEC[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({x, e1, x1, y1, y2}\), ",", "\[IndentingNewLine]", RowBox[{\(e1 = x\^3 + a\ x\ + \ b\), ";", "\[IndentingNewLine]", \(y2 = 1\), ";", "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{"True", ",", "\[IndentingNewLine]", RowBox[{\(x1 = Random[Integer, {1, p - 1}]\), ";", "\[IndentingNewLine]", \(y2 = Mod[e1 /. x \[Rule] x1, p]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ y2\ has\ a\ square\ root\ mod\ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(QuadraticResidueQ[y2, p]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(find\ the\ smallest\ y1\ \[SuchThat] \ y1\^2\ \[Congruent] \ y2 \((mod\ p)\)\), FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y1 = SqrtModPShanksTonelli[y2, p]; \[IndentingNewLine]Break[];\)}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[{x1, y1}]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["GenerateRandomEC[ p ]", "Subsubsection", CellTags->"c:86"], Cell[TextData[{ "Generate a random elliptic curve over the field ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " where ", Cell[BoxData[ \(TraditionalForm\`p\)]], " is a prime greater than 3.\n\tThe curve is of the form ", Cell[BoxData[ \(TraditionalForm\`y\^2 = x\^3 + A\ x\ + B\)]], " with ", Cell[BoxData[ \(TraditionalForm\`4 A\^2 + 27 B\^3 \[NotEqual] 0\)]], "\n\tReturns {A,B}" }], "Text", FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(GenerateRandomEC[p_] := Module[{a, b, e}, \[IndentingNewLine]a = 0; b = 0; e = False; \[IndentingNewLine]While[\(! e\), \[IndentingNewLine]a = Random[Integer, {1, p - 1}]; \[IndentingNewLine]b = Random[Integer, {0, p - 1}]; \[IndentingNewLine]e = IsEcQ[{a, b}, q];\[IndentingNewLine]]; \[IndentingNewLine]Return[{a, b}];\[IndentingNewLine]];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "EcGroupOrder[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]" }], "Subsubsection", CellTags->"c:87"], Cell[TextData[{ "This function determines ", Cell[BoxData[ \(TraditionalForm\`# \( E(\[DoubleStruckCapitalF]\_p)\)\)]], " by determining the order of random points on the curve until there is \ only one multiple of the least common multiple of these orders within Hasse's \ bounds." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(EcGroupOrder[ec_, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({pr2, h0, h1, p1, p2, k1, k2, or1, or3, t, k}\), ",", "\[IndentingNewLine]", RowBox[{\(pr2 = Floor[2*Sqrt[p]]\), ";", "\[IndentingNewLine]", \(h0 = p + 1 - pr2\), ";", " ", \(h1 = p + 1 + pr2\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", h0, \*"\"\< \[LessEqual] \ #E(\!\(\[DoubleStruckCapitalF]\_p\)) \[LessEqual] \>\"", \ h1]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(or1 = 0\), ";", "\[IndentingNewLine]", \(t = {}\), ";", "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{"True", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Generate\ a\ random\ point\ on\ E \((\ \[DoubleStruckCapitalF]\_p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(p1 = GenerateRandomPointEC[ec, p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\

", p1]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Determine\ | p1 | \), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(k1 = EcPointOrderBabyGiant[ec, p1, p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\

", k1]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(If[ k1\ \[NotEqual] \ 0, \[IndentingNewLine]\(t = Union[t, {k1}];\)\[IndentingNewLine]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ the\ LCM\ of\ all\ orders\ found\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(or1 = Apply[LCM, t]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", or1]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(There\ is\ a\ solution\ if\ p\ + \ 1\ - \ 2 \@ p\ \[LessEqual] \ LCM\ \[LessEqual] \ p\ + \ 1\ + 2 \@ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[ h0\ \[LessEqual] \ or1\ && \ or1\ \[LessEqual] \ h1, \ Return[or1]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Determine\ #\ of\ multiples\ of\ the\ LCM\ \ within\ Hasse' s\ bounds\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(k2 = Quotient[h1, or1] - Quotient[h0, or1]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ there\ is\ only\ one\ multiple\ of\ the\ \ LCM\ within\ Hasse' s\ bounds, \ it\ must\ be\ the\ order\ of\ the\ group\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(k2\ \[Equal] \ 1\), ",", "\[IndentingNewLine]", \(or3 = Quotient[h0, or1]*or1; \[IndentingNewLine]If[ or3\ < \ h0, \ or3 += or1]; \[IndentingNewLine]Return[or3];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", StyleBox[\(Print["\", k2, \ "\< multiples of the LCM within Hasses's \ bounds\>"];\), FontColor->RGBColor[1, 0, 0]]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[{}]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell["The Functions that Comprise Schoof's Algorithm", "Subsection", CellTags->"c:88"], Cell[CellGroupData[{ Cell[TextData[{ "ComputeTModTwo[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]" }], "Subsubsection", CellTags->"c:89"], Cell[TextData[{ "Compute ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ 2)\)\)]], " by determining if ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + a\ x + b\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " has any points of order 2." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ComputeTModTwo[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({y2, xp, g}\), ",", "\[IndentingNewLine]", RowBox[{\(y2 = x\^3 + a\ x + b\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ x\^p\ \((mod\ x\^3\ + \ a\ x\ + \ b, \ p)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(xp = PolynomialPowerMod[x, p, {y2, p}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(x\^p\) (mod \!\(x\^3\) + a x + b) = \ \>\"", xp]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ GCD \((\ x\^p\ - \ x, \ x\^3 + \ a\ x\ + \ b)\)\ = \ 1\ then\ t\ \[Congruent] \ 1 \((mod\ 2)\), \ else\ t\ \[Congruent] \ 0 \((mod\ 2)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(g = PolynomialGCD[xp - x, y2, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], \(If[SameQ[g, 1], Return[1], Return[0]\ ]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "ComputePrimeSet[ ", Cell[BoxData[ \(TraditionalForm\`p\)]], " ]" }], "Subsubsection", CellTags->"c:90"], Cell[TextData[{ "Creates a set ", Cell[BoxData[ \(TraditionalForm\`S\)]], " of the first ", Cell[BoxData[ \(TraditionalForm\`k\)]], " prime numbers ", Cell[BoxData[ \(TraditionalForm\`l\_i\)]], " with the smallest ", Cell[BoxData[ \(TraditionalForm\`\(\(k\)\(\ \)\)\)]], " such that \n\t", Cell[BoxData[ \(TraditionalForm\`M = \[Product]\+\(i = 1\)\%k l\_i > 4 \@ p\)]], " with ", Cell[BoxData[ \(TraditionalForm\`p\ \((mod\ l\_i)\) > 1\)]], "\nand returns ", Cell[BoxData[ \(TraditionalForm\`{M, {l\_i}}\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ComputePrimeSet[p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({i, x, m, r, s}\), ",", "\[IndentingNewLine]", RowBox[{\(x = 2\), ";", " ", RowBox[{"(*", " ", StyleBox[\(l\_i\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = x\), ";", " ", RowBox[{"(*", " ", RowBox[{ StyleBox["M", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox["\[Product]", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SubscriptBox[ StyleBox["l", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "i"], FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(r = 4*Ceiling[Sqrt[p]]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\[LeftCeiling]4\!\(\@p\)\[RightCeiling] = \ \>\"", r]\), FontColor->RGBColor[1, 0, 0]], ";", "\[IndentingNewLine]", RowBox[{"s", "=", RowBox[{"Reap", "[", "\[IndentingNewLine]", RowBox[{\(Sow[x]\), ";", "\[IndentingNewLine]", RowBox[{"While", "[", RowBox[{\(m \[LessEqual] r\), ",", "\[IndentingNewLine]", RowBox[{\(x = NextPrime[x]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Exclude\ l\_i\ if\ p\ \[Congruent] \ 1\ mod\ l\_i\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[ Mod[p, x] > 1, \[IndentingNewLine]m *= x; \[IndentingNewLine]Sow[ x];\[IndentingNewLine]]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";"}], "\[IndentingNewLine]", "]"}]}], ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\[Product] \!\(l\_i\) = \>\"", m]\), FontColor->RGBColor[1, 0, 0]], ";", "\[IndentingNewLine]", \(Return[{m, Flatten[Last[s]]}]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ StyleBox["Mathematica", FontSlant->"Italic"], " Code to generate the plot" }], "Subsubsection", CellTags->"c:91"], Cell[BoxData[ \(\(t = Table[\[Product]\+\(i = 1\)\%k Prime[i], {k, 1, 110}] // N;\)\)], "Input"], Cell[CellGroupData[{ Cell[BoxData[ \(\(ListPlot[Log[10, \((t\/4)\)\^2], PlotLabel -> "\", AxesLabel \[Rule] {"\", "\<\!\(Log\_10\)[p]\>"}, PlotStyle \[Rule] Blue, PlotJoined \[Rule] True, GridLines \[Rule] Automatic];\)\)], "Input"], Cell[GraphicsData["PostScript", "\<\ %! %%Creator: Mathematica %%AspectRatio: .61803 MathPictureStart /Mabs { Mgmatrix idtransform Mtmatrix dtransform } bind def /Mabsadd { Mabs 3 -1 roll add 3 1 roll add exch } bind def %% Graphics %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10 scalefont setfont % Scaling calculations 0.0238095 0.00865801 0.0154325 0.00119161 [ [.19697 .00293 -6 -9 ] [.19697 .00293 6 0 ] [.37013 .00293 -6 -9 ] [.37013 .00293 6 0 ] [.54329 .00293 -6 -9 ] [.54329 .00293 6 0 ] [.71645 .00293 -6 -9 ] [.71645 .00293 6 0 ] [.88961 .00293 -9 -9 ] [.88961 .00293 9 0 ] [1.025 .01543 0 -6.28125 ] [1.025 .01543 10 6.28125 ] [.01131 .13459 -18 -4.5 ] [.01131 .13459 0 4.5 ] [.01131 .25376 -18 -4.5 ] [.01131 .25376 0 4.5 ] [.01131 .37292 -18 -4.5 ] [.01131 .37292 0 4.5 ] [.01131 .49208 -18 -4.5 ] [.01131 .49208 0 4.5 ] [.01131 .61124 -18 -4.5 ] [.01131 .61124 0 4.5 ] [.02381 .64303 -24.4375 0 ] [.02381 .64303 24.4375 12.5625 ] [.5 .63053 -137 0 ] [.5 .63053 137 12.5625 ] [ 0 0 0 0 ] [ 1 .61803 0 0 ] ] MathScale % Start of Graphics 1 setlinecap 1 setlinejoin newpath 0 0 .5 r .25 Mabswid [ ] 0 setdash .02381 0 m .02381 .61803 L s .19697 0 m .19697 .61803 L s .37013 0 m .37013 .61803 L s .54329 0 m .54329 .61803 L s .71645 0 m .71645 .61803 L s .88961 0 m .88961 .61803 L s 0 .01543 m 1 .01543 L s 0 .13459 m 1 .13459 L s 0 .25376 m 1 .25376 L s 0 .37292 m 1 .37292 L s 0 .49208 m 1 .49208 L s 0 .61124 m 1 .61124 L s 0 g .19697 .01543 m .19697 .02168 L s [(20)] .19697 .00293 0 1 Mshowa .37013 .01543 m .37013 .02168 L s [(40)] .37013 .00293 0 1 Mshowa .54329 .01543 m .54329 .02168 L s [(60)] .54329 .00293 0 1 Mshowa .71645 .01543 m .71645 .02168 L s [(80)] .71645 .00293 0 1 Mshowa .88961 .01543 m .88961 .02168 L s [(100)] .88961 .00293 0 1 Mshowa .125 Mabswid .0671 .01543 m .0671 .01918 L s .11039 .01543 m .11039 .01918 L s .15368 .01543 m .15368 .01918 L s .24026 .01543 m .24026 .01918 L s .28355 .01543 m .28355 .01918 L s .32684 .01543 m .32684 .01918 L s .41342 .01543 m .41342 .01918 L s .45671 .01543 m .45671 .01918 L s .5 .01543 m .5 .01918 L s .58658 .01543 m .58658 .01918 L s .62987 .01543 m .62987 .01918 L s .67316 .01543 m .67316 .01918 L s .75974 .01543 m .75974 .01918 L s .80303 .01543 m .80303 .01918 L s .84632 .01543 m .84632 .01918 L s .9329 .01543 m .9329 .01918 L s .97619 .01543 m .97619 .01918 L s .25 Mabswid 0 .01543 m 1 .01543 L s gsave 1.025 .01543 -61 -10.2813 Mabsadd m 1 1 Mabs scale currentpoint translate 0 20.5625 translate 1 -1 scale /g { setgray} bind def /k { setcmykcolor} bind def /p { gsave} bind def /r { setrgbcolor} bind def /w { setlinewidth} bind def /C { curveto} bind def /F { fill} bind def /L { lineto} bind def /rL { rlineto} bind def /P { grestore} bind def /s { stroke} bind def /S { show} bind def /N {currentpoint 3 -1 roll show moveto} bind def /Msf { findfont exch scalefont [1 0 0 -1 0 0 ] makefont setfont} bind def /m { moveto} bind def /Mr { rmoveto} bind def /Mx {currentpoint exch pop moveto} bind def /My {currentpoint pop exch moveto} bind def /X {0 rmoveto} bind def /Y {0 exch rmoveto} bind def 63.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 63.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (K) show 69.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 1.000 setlinewidth grestore .02381 .13459 m .03006 .13459 L s [(100)] .01131 .13459 1 0 Mshowa .02381 .25376 m .03006 .25376 L s [(200)] .01131 .25376 1 0 Mshowa .02381 .37292 m .03006 .37292 L s [(300)] .01131 .37292 1 0 Mshowa .02381 .49208 m .03006 .49208 L s [(400)] .01131 .49208 1 0 Mshowa .02381 .61124 m .03006 .61124 L s [(500)] .01131 .61124 1 0 Mshowa .125 Mabswid .02381 .03926 m .02756 .03926 L s .02381 .0631 m .02756 .0631 L s .02381 .08693 m .02756 .08693 L s .02381 .11076 m .02756 .11076 L s .02381 .15843 m .02756 .15843 L s .02381 .18226 m .02756 .18226 L s .02381 .20609 m .02756 .20609 L s .02381 .22992 m .02756 .22992 L s .02381 .27759 m .02756 .27759 L s .02381 .30142 m .02756 .30142 L s .02381 .32525 m .02756 .32525 L s .02381 .34908 m .02756 .34908 L s .02381 .39675 m .02756 .39675 L s .02381 .42058 m .02756 .42058 L s .02381 .44441 m .02756 .44441 L s .02381 .46825 m .02756 .46825 L s .02381 .51591 m .02756 .51591 L s .02381 .53974 m .02756 .53974 L s .02381 .56358 m .02756 .56358 L s .02381 .58741 m .02756 .58741 L s .25 Mabswid .02381 0 m .02381 .61803 L s gsave .02381 .64303 -85.4375 -4 Mabsadd m 1 1 Mabs scale currentpoint translate 0 20.5625 translate 1 -1 scale /g { setgray} bind def /k { setcmykcolor} bind def /p { gsave} bind def /r { setrgbcolor} bind def /w { setlinewidth} bind def /C { curveto} bind def /F { fill} bind def /L { lineto} bind def /rL { rlineto} bind def /P { grestore} bind def /s { stroke} bind def /S { show} bind def /N {currentpoint 3 -1 roll show moveto} bind def /Msf { findfont exch scalefont [1 0 0 -1 0 0 ] makefont setfont} bind def /m { moveto} bind def /Mr { rmoveto} bind def /Mx {currentpoint exch pop moveto} bind def /My {currentpoint pop exch moveto} bind def /X {0 rmoveto} bind def /Y {0 exch rmoveto} bind def /MISOfy { /newfontname exch def /oldfontname exch def oldfontname findfont dup length dict begin {1 index /FID ne {def} {pop pop} ifelse} forall /Encoding WindowsANSIEncoding def currentdict end newfontname exch definefont pop } def 63.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier %%BeginResource: font Courier-MISO %%BeginFont: Courier-MISO /Courier /Courier-MISO MISOfy %%EndFont %%EndResource %%IncludeResource: font Courier-MISO %%IncludeFont: Courier-MISO /Courier-MISO findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 63.000 12.813 moveto %%IncludeResource: font Courier-MISO %%IncludeFont: Courier-MISO /Courier-MISO findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (Log) show 81.000 15.188 moveto %%IncludeResource: font Courier-MISO %%IncludeFont: Courier-MISO /Courier-MISO findfont 7.125 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (10) show %%IncludeResource: font Mathematica2Mono %%IncludeFont: Mathematica2Mono /Mathematica2Mono findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 89.875 12.813 moveto (@) show 95.875 12.813 moveto %%IncludeResource: font Courier-MISO %%IncludeFont: Courier-MISO /Courier-MISO findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (p) show %%IncludeResource: font Mathematica2Mono %%IncludeFont: Mathematica2Mono /Mathematica2Mono findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 101.875 12.813 moveto (D) show 107.875 12.813 moveto %%IncludeResource: font Courier-MISO %%IncludeFont: Courier-MISO /Courier-MISO findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 1.000 setlinewidth grestore gsave .5 .63053 -198 -4 Mabsadd m 1 1 Mabs scale currentpoint translate 0 20.5625 translate 1 -1 scale /g { setgray} bind def /k { setcmykcolor} bind def /p { gsave} bind def /r { setrgbcolor} bind def /w { setlinewidth} bind def /C { curveto} bind def /F { fill} bind def /L { lineto} bind def /rL { rlineto} bind def /P { grestore} bind def /s { stroke} bind def /S { show} bind def /N {currentpoint 3 -1 roll show moveto} bind def /Msf { findfont exch scalefont [1 0 0 -1 0 0 ] makefont setfont} bind def /m { moveto} bind def /Mr { rmoveto} bind def /Mx {currentpoint exch pop moveto} bind def /My {currentpoint pop exch moveto} bind def /X {0 rmoveto} bind def /Y {0 exch rmoveto} bind def 63.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 63.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (Number) show 105.000 12.813 moveto (of) show 123.000 12.813 moveto (small) show 159.000 12.813 moveto (primes) show 201.000 12.813 moveto (for) show 225.000 12.813 moveto (Schoof) show 261.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (') show 267.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor (s) show 279.000 12.813 moveto (algorithm) show 333.000 12.813 moveto %%IncludeResource: font Courier %%IncludeFont: Courier /Courier findfont 10.000 scalefont [1 0 0 -1 0 0 ] makefont setfont 0.000 0.000 0.000 setrgbcolor 0.000 0.000 rmoveto 1.000 setlinewidth grestore 0 0 m 1 0 L 1 .61803 L 0 .61803 L closepath clip newpath 0 0 1 r .5 Mabswid .03247 .01472 m .04113 .01585 L .04978 .01752 L .05844 .01953 L .0671 .02201 L .07576 .02467 L .08442 .0276 L .09307 .03065 L .10173 .03389 L .11039 .03738 L .11905 .04093 L .12771 .04467 L .13636 .04851 L .14502 .05241 L .15368 .05639 L .16234 .0605 L .171 .06472 L .17965 .06898 L .18831 .07333 L .19697 .07774 L .20563 .08218 L .21429 .0867 L .22294 .09128 L .2316 .09592 L .24026 .10066 L .24892 .10544 L .25758 .11023 L .26623 .11507 L .27489 .11992 L .28355 .12482 L .29221 .12983 L .30087 .13488 L .30952 .13997 L .31818 .14508 L .32684 .15026 L .3355 .15545 L .34416 .16068 L .35281 .16595 L .36147 .17125 L .37013 .17659 L .37879 .18195 L .38745 .18734 L .3961 .19277 L .40476 .19822 L .41342 .20369 L .42208 .20917 L .43074 .2147 L .43939 .2203 L .44805 .22592 L .45671 .23154 L Mistroke .46537 .23718 L .47403 .24285 L .48268 .24853 L .49134 .25425 L .5 .25999 L .50866 .26576 L .51732 .27155 L .52597 .27735 L .53463 .28317 L .54329 .289 L .55195 .29485 L .56061 .30072 L .56926 .30665 L .57792 .31259 L .58658 .31854 L .59524 .3245 L .6039 .33051 L .61255 .33653 L .62121 .34258 L .62987 .34864 L .63853 .35472 L .64719 .36081 L .65584 .36692 L .6645 .37305 L .67316 .37919 L .68182 .38535 L .69048 .39152 L .69913 .39772 L .70779 .40392 L .71645 .41014 L .72511 .41639 L .73377 .42265 L .74242 .42893 L .75108 .43521 L .75974 .44151 L .7684 .44781 L .77706 .45413 L .78571 .46047 L .79437 .46682 L .80303 .47317 L .81169 .47954 L .82035 .48592 L .829 .49233 L .83766 .49874 L .84632 .50517 L .85498 .51161 L .86364 .51806 L .87229 .52454 L .88095 .53102 L .88961 .53753 L Mistroke .89827 .54405 L .90693 .5506 L .91558 .55715 L .92424 .56372 L .9329 .57029 L .94156 .57687 L .95022 .58347 L .95887 .59008 L .96753 .5967 L .97619 .60332 L Mfstroke % End of Graphics MathPictureEnd \ \>"], "Graphics", ImageSize->{288, 177.938}, ImageMargins->{{0, 0}, {0, 0}}, ImageRegion->{{0, 1}, {0, 1}}, ImageCacheValid->False] }, Open ]], Cell[CellGroupData[{ Cell[BoxData[{ \(Clear[a, b, c, x]\), "\[IndentingNewLine]", \(s = FindFit[Log[10, \((t\/4)\)\^2], a\ x\^2 + b\ x + c, {a, b, c}, x]\)}], "Input"], Cell[BoxData[ \({a \[Rule] 0.012115471354886581`, b \[Rule] 3.340347527516106`, c \[Rule] \(-15.97631001356808`\)}\)], "Output"] }, Open ]] }, Closed]], Cell[CellGroupData[{ Cell[TextData[{ "ComputeDivisionPolynomials[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p, k\)]], " ]" }], "Subsubsection", CellTags->"c:92"], Cell[TextData[{ "Compute the first ", Cell[BoxData[ \(TraditionalForm\`k\)]], " division polynomials for the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeDivisionPolynomials[{a_, b_}, p_, k_]\), ":=", RowBox[{"Module", "[", RowBox[{\({t, i, d, m}\), ",", "\[IndentingNewLine]", RowBox[{\(t = {\(-1\), 0, 1, 2\ y}\), ";", "\[IndentingNewLine]", \(d = 3 x\^4 + 6\ \ a\ x\^2 + 12\ b\ x\ - \ a\^2\), ";", "\[IndentingNewLine]", \(d = PolynomialMod[d, p]\), ";", "\[IndentingNewLine]", \(d = Collect[d, {x}]\), ";", "\[IndentingNewLine]", \(AppendTo[t, d]\), ";", "\[IndentingNewLine]", \(d = 4\ y \((x\^6 + 5\ a\ x\^4 + 20\ b\ x\^3 - 5\ a\^2\ x\^2 - 4\ a\ b\ x - 8\ b\^2 - a\^3)\)\), ";", "\[IndentingNewLine]", \(d = PolynomialMod[d, p]\), ";", "\[IndentingNewLine]", \(d = Collect[d, {y, x}]\), ";", "\[IndentingNewLine]", \(AppendTo[t, d]\), ";", "\[IndentingNewLine]", RowBox[{"For", "[", RowBox[{\(i = 5\), ",", \(i \[LessEqual] k + 4\), ",", \(++i\), ",", "\[IndentingNewLine]", RowBox[{ RowBox[{"If", "[", RowBox[{\(EvenQ[i]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Even\ case\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = 2 + i/2; \[IndentingNewLine]d = t[\([m]\)]*\((t[\([m + 2]\)]*\((t[\([m - 1]\)])\)\^2 - t[\([m - 2]\)]*\((t[\([m + 1]\)])\)\^2)\)/\((2\ \ y\ )\);\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Odd\ case\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = 2 + \((i - 1)\)/2; \[IndentingNewLine]d = t[\([m + 2]\)]*\((t[\([m]\)])\)\^3 - t[\([m - 1]\)]*\((t[\([m + 1]\)])\)\^3;\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Replace\ all\ y\^2\ with\ x\^3 + \ a\ x\ + \ b\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(d = d /. y\^w_ \[RuleDelayed] \((x\^3\ + \ a\ x\ + \ b)\)\ \^\(w/2\) /; EvenQ[w]\), ";", "\[IndentingNewLine]", \(d = d /. y\^w_ \[RuleDelayed] y\ \((x\^3\ + \ a\ x\ + \ b)\)\^\(\((w - 1)\)/2\) \ /; OddQ[w]\), ";", "\[IndentingNewLine]", \(d = PolynomialMod[d, p]\), ";", "\[IndentingNewLine]", \(d = Collect[d, {y, x}]\), ";", "\[IndentingNewLine]", \(AppendTo[t, d]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[t]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`f[n\ ]\)]], " - Compute the n'th division polynomial in ", Cell[BoxData[ \(TraditionalForm\`\(f\_n\)(x)\)]] }], "Subsubsection", CellTags->"c:93"], Cell[TextData[{ "We have the following relation\n\t", Cell[BoxData[ FormBox[ RowBox[{\(\(f\_n\)(x)\), "=", TagBox[ StyleBox[ RowBox[{"{", StyleBox[GridBox[{ {\(\(\(\[Psi]\_n\)(x, y)\)\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ if\ n\ is\ \ odd\)}, {\(\(\ \)\(\(\(\[Psi]\_n\)(x, y)\)/ y\ \ \ \ \ \ \ \ \ \ \ \ \ if\ n\ is\ even\)\)} }], ShowAutoStyles->True]}], ShowAutoStyles->False], (#&)], " "}], TraditionalForm]]], "\t\t\t\n", "\nNOTE: ", Cell[BoxData[ \(TraditionalForm\`f[n], \[Psi][n]\)]], " rely on the global variable ", StyleBox["psi", FontSlant->"Italic"], " containing the raw information for the division polynomials. This can be \ accomplished by executing the following statement before the first call to ", Cell[BoxData[ \(TraditionalForm\`f[n]\ \ or\ \ \[Psi][n]\)]], ".\n\n\t", Cell[BoxData[ \(TraditionalForm\`psi = ComputeDivisionPolynomials[{a, b}, p, k]\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ \(\(f[n_] := Module[{}, \[IndentingNewLine]If[ n < \(-1\)\ || \ n > \((Length[psi] - 2)\), Throw["\"]]; \[IndentingNewLine]Return[ psi[\([n + 2]\)] /. y \[Rule] 1];\[IndentingNewLine]];\)\)], "Input"], Cell[BoxData[ \(\(\[Psi][n_] := psi[\([n + 2]\)];\)\)], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeEquation16[ p, l, {a, b} ]", "Subsubsection", PageBreakAbove->True, CellTags->"c:94"], Cell[TextData[{ "Computes ", Cell[BoxData[ \(TraditionalForm\`\(p\_16\)(x, y) = \((x\^\(q\^2\) - x)\) \[Psi]\_k\%2 - \(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\)\ \((mod\ f\_l, p)\)\)]], " in order to test if ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]q\)\ P\)]], " for some ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], "." }], "Text", TextJustification->0, FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeEquation16[p_, l_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({k, fl, y2, p1, p2, p3, p16x}\), ",", "\[IndentingNewLine]", RowBox[{\(fl = f[l]\), ";", "\[IndentingNewLine]", \(k = Mod[p, l]\), ";", "\[IndentingNewLine]", \(y2 = x\^3 + a\ x + b\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p1\ = \ x\^\(q\^2\)\ \((mod\ f\_l)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[x, p, {fl, p}]\), ";", "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[p1, p, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_2\ = \ \((x\^\(q\^2\) - x)\) \(f\_k\%2\) \((x)\)\ \((mod\ f\_l)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[k], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[\((p1 - x)\)*p2, 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p3\ = \ \(f\_\(k - 1\)\) \((x)\) \(f\_\(k + 1\)\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = f[k - 1]*f[k + 1]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[ SubscriptBox[ StyleBox["p", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "16"], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ RowBox[{ RowBox[{\((x\^\(q\^2\) - x)\), \(f\_k\%2\), \((x)\), SuperscriptBox[ StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "2"]}], "+", \(\(f\_\(k - 1\)\) \((x)\) \(f\_\(k + 1\)\) \((x)\)\ k\ even\)}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(p16x = p2*y2 + p3;\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[ SubscriptBox[ StyleBox["p", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "16"], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ RowBox[{\(\((x\^\(q\^2\) - x)\) \(\(f\_k\%2\) \((x)\)\)\), "+", RowBox[{\(\(f\_\(k - 1\)\) \((x)\)\), \(f\_\(k + 1\)\), \((x)\), SuperscriptBox[ StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "2"], " ", "k", " ", "odd"}]}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(p16x = p2 + p3*y2;\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(p16x = PolynomialPowerMod[p16x, 1, {fl, p}]\), ";", "\[IndentingNewLine]", \(Return[p16x]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeEquation17[ p, l, w, {a, b} ]", "Subsubsection", PageBreakAbove->True, CellTags->"c:95"], Cell[TextData[{ "Given that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]q\)\ P\)]], " for some ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], ", then ", Cell[BoxData[ \(TraditionalForm\`t \[Element] {0, \(-2\) w, 2 w}\)]], " where ", Cell[BoxData[ \(TraditionalForm\`w\^2 \[Congruent] q\ \((mod\ l)\)\)]], ". If ", Cell[BoxData[ \(TraditionalForm\`q\)]], " has no square root mod ", Cell[BoxData[ \(TraditionalForm\`l\)]], " then we must have ", Cell[BoxData[ \(TraditionalForm\`t = 0\)]], ".\n\nOtherwise we find ", Cell[BoxData[ \(TraditionalForm\`w \[SuchThat] w\^2 \[Congruent] q\ \((mod\ l)\)\)]], " and use ", StyleBox["Schoof (17) ", FontWeight->"Bold"], " to test if ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]w\)\ P\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)( x) = \((x\^q - x)\) \(\(f\_w\%2\)( x)\) \((x\^3 + a\ x + b)\) + \(\(f\_\(w - 1\)\)( x)\) \(\(f\_\(w + 1\)\)(x)\)\)]], "\t", StyleBox["w", FontSlant->"Italic"], " even\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_17\)( x) = \((x\^q - x)\) \(\(f\_w\%2\)(x)\) + \(\(f\_\(w - 1\)\)( x)\) \(\(f\_\(w + 1\)\)(x)\) \((x\^3 + a\ x + b)\)\)]], "\t", StyleBox["w", FontSlant->"Italic"], " odd\nIf ", Cell[BoxData[ \(TraditionalForm\`gcd(\(p\_17\)(x), \(f\_l\)(x)) = 1\)]], " then neither ", Cell[BoxData[ \(TraditionalForm\`w\)]], " nor ", Cell[BoxData[ \(TraditionalForm\`\(-w\)\)]], " is an eigenvalue of ", Cell[BoxData[ \(TraditionalForm\`\[Phi]\_l\)]], " so ", Cell[BoxData[ \(TraditionalForm\`t \[Congruent] 0\ \((mod\ l)\)\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeEquation17[p_, l_, w_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({y2, fl, p1, p2, p3, p17}\), ",", "\[IndentingNewLine]", RowBox[{\(y2 = x\^3 + a\ x\ + \ b\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p2\ = \ \((x\^q - x)\) \(f\_w\%2\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[x, p, {fl, p}]\), ";", "\[IndentingNewLine]", \(p2\ = \((p1 - x)\)* PolynomialPowerMod[f[w], 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p3\ = \ \(f\_\(w - 1\)\) \((x)\)\ \(f\_\(w + 1\)\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = f[w - 1]*f[w + 1]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[w]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{\(p \((x)\)\), " ", "=", " ", RowBox[{ RowBox[{ StyleBox[\((x\^q - x)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\(f\_w\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\((x)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], SuperscriptBox[ StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "2"]}], " ", "+", " ", \(\(f\_\(w - 1\)\) \((x)\) \(f\_\(w + 1\)\) \((x)\)\)}]}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p17 = p2*y2 + p3;\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p \((x)\)\ = \ \((x\^q - x)\) \(f\_w\%2\) \((x)\)\ + \ \(f\_\(w - 1\)\) \((x)\) \(f\_\(w + 1\)\) \((x)\) y\^2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p17 = p2 + p3*y2;\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(p17 = PolynomialPowerMod[p17, 1, {fl, p}]\), ";", "\[IndentingNewLine]", \(Return[p17]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeEquation18[ p, l, w, {a, b} ]", "Subsubsection", PageBreakAbove->True, CellTags->"c:96"], Cell[TextData[{ "After we know from using ", StyleBox["Schoof(17)", FontWeight->"Bold"], " that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = \(\[PlusMinus]w\)\ P\)]], " we use ", StyleBox["Schoof (18)", FontWeight->"Bold"], " to test the ", Cell[BoxData[ \(TraditionalForm\`y\)]], " coordinate of ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\) P = w\ P\)]], ".\nFor ", Cell[BoxData[ \(TraditionalForm\`w\)]], " even:\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x) = 4 \(\((y\^2)\)\^\(\((q + 3)\)/2\)\) \(\(f\_w\%3\)( x)\) - \(\(f\_\(w + 2\)\)(x)\) \(\(f\_\(w - 1\)\%2\)( x)\) + \(\(f\_\(w - 2\)\)(x)\) \(\(f\_\(w + 1\)\%2\)(x)\)\)]], "\nFor ", Cell[BoxData[ \(TraditionalForm\`w\)]], " odd:\n\t", Cell[BoxData[ \(TraditionalForm\`\(p\_18\)(x) = 4 \(\((y\^2)\)\^\(\((q - 1)\)/2\)\) \(\(f\_w\%3\)( x)\) - \(\(f\_\(w + 2\)\)(x)\) \(\(f\_\(w - 1\)\%2\)( x)\) + \(\(f\_\(w - 2\)\)(x)\) \(\(f\_\(w + 1\)\%2\)(x)\)\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeEquation18[p_, l_, w_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({y2, fl, k, p1, p2, p3, p4, p18y}\), ",", "\[IndentingNewLine]", RowBox[{\(y2 = x\^3 + a\ x\ + \ b\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(k\ = \ \((p + 3)\)/2\ \((w\ even)\), \ k\ = \ \((p - 1)\)/2\ \((w\ odd)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[EvenQ[w], \(k = \((p + 3)\)/2;\), k = \((p - 1)\)/2]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{"p1", " ", "=", " ", RowBox[{\(\((x\^3\ + \ a\ x\ + \ b)\)\^k\), "=", " ", SuperscriptBox[ RowBox[{ StyleBox["(", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], SuperscriptBox[ StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "2"], ")"}], "k"]}]}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[y2, k, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p2\ = \ \(f\_w\%3\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[w], 3, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p3\ = \ \(f\_\(w + 2\)\) \((x)\) \(f\_\(w - 1\)\%2\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[f[w - 1], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(p3\ = PolynomialPowerMod[\ f[w + 2]*p3, 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p4\ = \ \(f\_\(w - 2\)\) \((x)\)\ \(f\_\(w + 1\)\%2\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p4 = PolynomialPowerMod[f[w + 1], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(p4 = PolynomialPowerMod[f[w - 2]*p4, 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p18y\ = \ 4 \( y\^\(2 k\)\) \(f\_w\%3\) \((x)\) - \(f\_\(w + 2\)\) \((x)\) \(f\_\(w - 1\)\%2\) \((x)\) + \(f\_\(w - 2\)\) \((x)\) \(f\_\(w + 1\)\%2\) \((x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p18y = 4*p1*p2 - p3 + p4\), ";", "\[IndentingNewLine]", \(p18y = PolynomialPowerMod[p18, 1, {fl, p}]\), ";", "\[IndentingNewLine]", \(Return[p18y]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeTmodLCaseOne[ p, l, {a, b} ]", "Subsubsection", PageBreakAbove->True, CellTags->"c:97"], Cell[TextData[{ "Compute ", Cell[BoxData[ \(TraditionalForm\`t\ \((mod\ l)\)\)]], " for the case when there exists ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " such that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P = \(\[PlusMinus]k\)\ P\)]], ". This method uses Schoof equations (17) and (18) to perform these \ tests." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeTmodLCaseOne[p_, l_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({j, tl, w, fl, p17, p18}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ p\ is\ a\ quadratic\ nonresidue\ of\ l\ \[IndentingNewLine] \ then\ t\ \[Congruent] \ 0\ \((mod\ l)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(If[\(! QuadraticResidueQ[p, l]\), Return[0]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Else\ find\ w\ such\ that\ w\^2\ \[Congruent] \ p\ \((mod\ l)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(w = SqrtModPShanksTonelli[p, l]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", w]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", l, "\<] = \>", fl]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Use\ Schoof\ 17\ to\ test\ \(\[Phi]\_l\) P\ = \ \(\[PlusMinus]w\)*P\ \((x\ coord)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p17 = ComputeEquation17[p, l, w, {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(p\_17\) = \>\"", p17]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], \(g = PolynomialGCD[p17, fl, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(g\ = \ 1\ means\ no\ such\ P, \ so\ t\ \[Congruent] \ 0\ \((mod\ l\ )\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[SameQ[g, 1], Return[0]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Use\ Schoof\ 18\ to\ test\ \(\[Phi]\_l\) P\ = \ w*P\ \((y\ coord)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p18 = ComputeEquation18[p, l, w, {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(p\_18\) = \>\"", p18]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], \(g = PolynomialGCD[p18, fl, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(g\ = \ 1\ means\ no\ such\ P, \ so\ t\ = \ \(-2\) w, \ else\ t\ = \ 2 w\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(If[SameQ[g, 1], \ tl = Mod[\(-2\) w, l], tl = Mod[2 w, l]]\), ";", "\[IndentingNewLine]", \(Return[tl]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeAlpha[ p, l, {a, b} ]", "Subsubsection", PageBreakAbove->True, CellTags->"c:98"], Cell[TextData[{ "ComputeAlpha", Cell[BoxData[ \(TraditionalForm\`\([p, l, {a, b}]\)\)]], "\n\tCompute \[Alpha], where ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]\/\[Beta]\)]], " is the slope of the line between ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P\)]], " and ", Cell[BoxData[ \(TraditionalForm\`k\ P\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = \ \(\[Psi]\_\(k + 2\)\) \[Psi]\_\(k - 1\)\%2 - \(\[Psi]\_\(k - 2\)\) \[Psi]\_\(k + 1\)\%2 - 4 \( y\^\(p\^2 + 1\)\) \[Psi]\_k\%3\)]], "\nfor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " even\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = y\ \((\(f\_\(k + 2\)\) f\_\(k - 1\)\%2 - \(f\_\(k - 2\)\) f\_\(k + 1\)\%2 - 4 \(\((y\^2)\)\^\(\((p\^2 + 3)\)/2\)\) f\_k\%3)\)\)]], " \n\thowever we return ", Cell[BoxData[ \(TraditionalForm\`\[Alpha]/y\)]], " in this case and compensate at a higher level\nfor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " odd\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Alpha] = \(y\^2\)(\(f\_\(k + 2\)\) f\_\(k - 1\)\%2 - \(f\_\(k - 2\)\) f\_\(k + 1\)\%2) - 4 \(\((y\^2)\)\^\(\((p\^2 + 1)\)/2\)\) f\_k\%3\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ComputeAlpha[p_, l_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({k, fl, y2, y4, p1, p2, p3, p4, p5, \[Alpha]}\), ",", "\[IndentingNewLine]", RowBox[{\(k = Mod[p, l]\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[\(y\^2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[",", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox[ SuperscriptBox[ StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "4"], FontColor->RGBColor[0, 0, 1]], StyleBox["are", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["polynomials", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["in", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["x", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(y2 = x\^3 + a\ x + b\), ";", "\[IndentingNewLine]", \(y4 = PolynomialPowerMod[y2, 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_1\ = \ \(f\_\(k + 2\)\) f\_\(k - 1\)\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[f[k - 1], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[f[k + 2]*p1, 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_2\ = \ \(f\_\(k - 2\)\) f\_\(k + 1\)\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[k + 1], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[k - 2]*p2, 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_3\ = \ \(\((y\^2)\)\^\(\((p\^2 - 1)\)/2\) = \ \ \((y\^2)\)\^\(\((p - 1)\) \((p + 1)\)/2\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[y2, \((p - 1)\), {fl, p}]\), ";", "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[p3, \((p + 1)\)/2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_4\ = \ f\_k\%3\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p4 = PolynomialPowerMod[f[k], 3, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k]\), ",", "\[IndentingNewLine]", RowBox[{"(*", RowBox[{ RowBox[{" ", StyleBox[ FormBox[\(\[Alpha]\ = \ \(\(y\)\((\)\(\(f\_\(k + 2\)\) f\_\(k - 1\)\%2\ - \ \(f\_\(k - 2\)\) f\_\(k + 1\)\%2\ - \ 4 \(\((y\^2)\)\^\(\((p\^2 + 3)\)/2\)\) f\_k\%3\)\)\), "TraditionalForm"], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[")", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], StyleBox["/", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["y", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], "\[IndentingNewLine]", \(p5 = PolynomialPowerMod[4*y4*p3*p4, 1, {fl, p}]; \[IndentingNewLine]\[Alpha] = PolynomialPowerMod[p1 - p2 - p5, 1, {fl, p}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\[Alpha]\ = \ \(y\^2\)(\(f\_\(k + 2\)\) f\_\(k - 1\)\%2\ - \ \(f\_\(k - 2\)\) f\_\(k + 1\)\%2)\ - \ 4 \(\((y\^2)\)\^\(\((q\^2 + 1)\)/2\)\) f\_k\%3\), "TraditionalForm"], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p5 = PolynomialPowerMod[4*y2*p3*p4, 1, {fl, p}]; \[IndentingNewLine]\[Alpha] = PolynomialPowerMod[y2*\((p1 - p2)\) - p5, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[\[Alpha]]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["ComputeBeta[ p, l, {a, b} ]", "Subsubsection", CellTags->"c:99"], Cell[TextData[{ Cell[BoxData[ \(TraditionalForm\`ComputeBeta[p, l, {a, b}]\)]], "\n\tCompute \[Beta], where ", Cell[BoxData[ \(TraditionalForm\`\[Lambda] = \[Alpha]\/\[Beta]\)]], " is the slope of the line between ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P\)]], " and ", Cell[BoxData[ \(TraditionalForm\`k\ P\)]], "\n\t", Cell[BoxData[ \(TraditionalForm\`\[Beta] = 4 y\ \[Psi]\_k\ \((\((x - x\^\(p\^2\))\) \[Psi]\_k\%2 - \(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\))\)\)]], "\nfor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " even\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Beta] = 4\ \(y\^2\) \(\(f\_k\)(\((\ x - x\^\(p\^2\))\) \(y\^2\) f\_k\%2 - \(f\_\(k - 1\)\) f\_\(k + 1\))\)\)]], "\nfor ", Cell[BoxData[ \(TraditionalForm\`k\)]], " odd\n\t ", Cell[BoxData[ \(TraditionalForm\`\[Beta] = 4\ y\ \(\(f\_k\)(\((\ x - x\^\(p\^2\))\) f\_k\%2 - \(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\))\)\)]], "\n\t however we return ", Cell[BoxData[ \(TraditionalForm\`\[Beta]/y\)]], " in this case and compensate at a higher level" }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ComputeBeta[p_, l_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({k, fl, y2, p1, p2, p3, p4, \[Beta]}\), ",", "\[IndentingNewLine]", RowBox[{\(k = Mod[p, l]\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(y\^2\ is\ a\ polynomial\ in\ x\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y2 = x\^3 + a\ x + b\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p1\ = \ x\ - \ x\^\(p\^2\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[x, p, {fl, p}]\), ";", "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[p1, p, {fl, p}]\), ";", "\[IndentingNewLine]", \(p1 = x - p1\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_2\ = \ \(f\_\(k - 1\)\) f\_\(k + 1\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[k - 1]*f[k + 1], 1, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_3\ = \ f\_k\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[f[k], 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k]\), ",", "\[IndentingNewLine]", RowBox[{"(*", StyleBox[ RowBox[{" ", StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}]], StyleBox[ FormBox[\(\[Beta]\ = \ 4 \( y\^2\) \(\(f\_k\)(\((\ x\ - \ x\^\(p\^2\))\) \(y\^2\) f\_k\%2\ - \ \(f\_\(k - 1\)\) f\_\(k + 1\))\)\), "TraditionalForm"], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p4 = PolynomialPowerMod[p1*y2*p3 - p2, 1, {fl, p}]; \[IndentingNewLine]\[Beta] = PolynomialPowerMod[4*y2*f[k]*p4, 1, {fl, p}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{ FormBox[\(\[Beta]\ = \ 4\ y\ \(\(f\_k\)(\((\ x\ - \ x\^\(p\^2\))\) f\_k\%2\ - \ \(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\))\)\), "TraditionalForm"], "/", "y"}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p4 = PolynomialPowerMod[p1*p3 - y2*p2, 1, {fl, p}]; \[IndentingNewLine]\[Beta] = PolynomialPowerMod[4*f[k]*p4, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[\[Beta]]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["\<\ ComputeEquation19X[ p, l, \[Tau], {a, b} ]\ \>", "Subsubsection", PageBreakAbove->True, CellTags->"c:100"], Cell[TextData[{ "Compute the polynomial, modulo ", Cell[BoxData[ \(TraditionalForm\`f\_l\)]], " representing Schoof equation (19x) as\n\t", Cell[BoxData[{ \(TraditionalForm\`\(p\_\(19\_x\)\)(x, y) = \(\[Psi]\_\[Tau]\%\(2 p\)\)(\(\[Beta]\^2\)(\(\[Psi]\_\(k - 1\)\) \[Psi]\_\(k + 1\) - \(\[Psi]\_k\%2\)( x\^\(p\^2\) + x\^p + x) + \[Alpha]\ \[Psi]\_k\%2))\), "\[IndentingNewLine]", \(TraditionalForm\`\(+\[Psi]\_k\%2\) \ \(\(\[Beta]\^2\)(\(\[Psi]\_\(\[Tau] - 1\)\) \[Psi]\_\(\[Tau] - \ 1\))\)\^p\)}]], "." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeEquation19X[p_, l_, \[Tau]_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({y2, fl, k, \[Alpha], \[Beta], \[Alpha]2, \[Beta]2, p1, p2, p3, p4, p5, p6, p7, p8, p9, p19}\), ",", "\[IndentingNewLine]", RowBox[{\(k = Mod[p, l]\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(y\^2\ is\ a\ polynomial\ in\ x\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y2 = x\^3 + a\ x + b\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(\[Lambda]\ = \ \[Alpha]/\[Beta], \ note\ these\ are\ actually\ \[Alpha]/ y\ for\ k\ even, \ \[Beta]/y\ for\ k\ odd\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", StyleBox[\( (*\ Note\ \[Alpha], \[Beta]\ are\ globals\ so\ we\ can\ share\ \ them\ with\ Equation19Y\ *) \), FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], \(\[Alpha] = ComputeAlpha[p, l, {a, b}]\), ";", "\[IndentingNewLine]", \(\[Beta] = ComputeBeta[p, l, {a, b}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_1\ = \ \(f\_\(k - 1\)\) f\_\(k + 1\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = f[k - 1]*f[k + 1]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p2\ = \ x\^p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[x, p, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p3\ = \ x\^\(p\^2\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[p2, p, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p4\ = \ \((x\^\(p\^2\)\ + \ x\^p\ + \ x)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p4 = p3 + p2 + x\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p5\ = \ f\_k\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p5 = PolynomialPowerMod[f[k], 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p6\ = \ \((\(f\_\(\[Tau] - 1\)\) f\_\(\[Tau] + \ 1\))\)\^p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p6 = PolynomialPowerMod[f[\[Tau] - 1]*f[\[Tau] + 1], p, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ \[Alpha]\^2, \ \[Beta]\^2\ compensating\ \ for\ single\ y' s\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(for\ k\ even\ \[Alpha]\^2\ = \ \(y\^2\) \((\ \[Alpha]/y)\)\^2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(\[Alpha]2 = y2*PolynomialPowerMod[\[Alpha], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(\[Beta]2 = PolynomialPowerMod[\[Beta], 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", StyleBox[ FormBox[ RowBox[{" ", RowBox[{"p7", " ", "=", " ", FormBox[\(\((\(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(y\^2\) \ \(\(f\_k\%2\)(x\^\(p\^2\) + x\^p + x)\))\) \[Beta]\^2 + \(y\^2\) \ \(f\_k\%2\) \[Alpha]\^2\), "TraditionalForm"]}]}], "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p7 = PolynomialPowerMod[p1 - y2*p5*p4, 1, {fl, p}]\), ";", "\[IndentingNewLine]", \(p7 = PolynomialPowerMod[p7*\[Beta]2 + y2*p5*\[Alpha]2, 1, {fl, p}]\), ";"}], "\[IndentingNewLine]", ",", " ", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{\(for\ k\ odd\ \[Beta]\^2\), " ", "=", " ", RowBox[{\(y\^2\), SuperscriptBox[ RowBox[{"(", RowBox[{ StyleBox["\[Beta]", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "/", "y"}], ")"}], "2"]}]}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(\[Alpha]2 = PolynomialPowerMod[\[Alpha], 2, {fl, p}]\), ";", "\[IndentingNewLine]", \(\[Beta]2 = y2*PolynomialPowerMod[\[Beta], 2, {fl, p}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", StyleBox[ FormBox[ RowBox[{" ", RowBox[{"p7", " ", "=", " ", FormBox[\(\((\(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(f\_k\%2\)( x\^\(p\^2\) + x\^p + x))\) \[Beta]\^2 + \(f\_k\%2\) \ \[Alpha]\^2\), "TraditionalForm"]}]}], "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p7 = PolynomialPowerMod[y2*p1 - p5*p4, 1, {fl, p}]\), ";", "\[IndentingNewLine]", \(p7 = PolynomialPowerMod[p7*\[Beta]2 + p5*\[Alpha]2, 1, {fl, p}]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k] && EvenQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", FormBox[ RowBox[{ StyleBox[ FormBox[\(\((\((\(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(y\^2\) \ \(\(f\_k\%2\)(x\^\(p\^2\) + x\^p + x)\))\) \[Beta]\^2\ + \ \(y\^2\) \(f\ \_k\%2\) \[Alpha]\^2)\) \(y\^\(2 p\)\) f\_\[Tau]\%\(2 p\)\ + \ \(f\_\(\[Tau] - 1\)\%p\) \(f\_\(\[Tau] + 1\)\%p\) \(\[Beta]\^2\) \(y\^2\) f\_k\%2\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " "}], "TraditionalForm"], "*)"}], "\[IndentingNewLine]", \(p8 = PolynomialPowerMod[f[\[Tau]], 2*p, {fl, p}]; \[IndentingNewLine]p9 = PolynomialPowerMod[y2, p, {fl, p}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p7*p9*p8 + p6*\[Beta]2*y2*p5, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k] && OddQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\((\((\(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(y\^2\) \ \(\(f\_k\%2\)(x\^\(p\^2\) + x\^p + x)\))\) \[Beta]\^2\ + \ \(y\^2\) \(f\ \_k\%2\) \[Alpha]\^2)\) f\_\[Tau]\%\(\(2\) \(p\)\(\ \)\) + \ \(y\^\(2 p + 2\)\) \(f\_\(\[Tau] - 1\)\%p\) \(f\_\(\[Tau] + 1\)\%p\) \(\[Beta]\^2\) f\_k\%2\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p8 = PolynomialPowerMod[f[\[Tau]], 2*p, {fl, p}]; \[IndentingNewLine]p9 = PolynomialPowerMod[y2, p + 1, {fl, p}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p7*p8 + p9*p6*\[Beta]2*p5, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(OddQ[k] && EvenQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\((\((\(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(f\_k\%2\)( x\^\(p\^2\) + x\^p + x))\) \[Beta]\^2\ + \ \(f\_k\%2\) \ \[Alpha]\^2)\) \(y\^\(2 p\)\) f\_\[Tau]\%\(2 p\)\ + \ \(f\_\(\[Tau] - 1\)\%p\) \(f\_\(\[Tau] + 1\)\%p\) \(\[Beta]\^2\) f\_k\%2\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p8 = PolynomialPowerMod[f[\[Tau]], 2*p, {fl, p}]; \[IndentingNewLine]p9 = PolynomialPowerMod[y2, p, {fl, p}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p7*p9*p8 + p6*\[Beta]2*p5, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(OddQ[k] && OddQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\((\((\(y\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\)\ - \ \(f\_k\%2\)( x\^\(p\^2\) + x\^p + x))\) \[Beta]\^2 + \(f\_k\%2\) \ \[Alpha]\^2)\) f\_\[Tau]\%\(2 p\)\ + \ \(y\^\(2 p\)\) \(f\_\(\[Tau] - 1\)\%p\) \(f\_\(\[Tau] + 1\)\%p\) \(\[Beta]\^2\) f\_k\%2\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p8 = PolynomialPowerMod[f[\[Tau]], 2*p, {fl, p}]; \[IndentingNewLine]p9 = PolynomialPowerMod[y2, p, {fl, p}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p7*p8 + p9*p6*\[Beta]2*p5, 1, {fl, p}];\)}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[p19]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["\<\ ComputeEquation19Y[ p, l, \[Tau], {a, b} ]\ \>", "Subsubsection", PageBreakAbove->True, CellTags->"c:101"], Cell[TextData[{ "Compute the polynomial, modulo ", Cell[BoxData[ \(TraditionalForm\`f\_l\)]], " representing Schoof equation (19y) as\n\t ", Cell[BoxData[ \(TraditionalForm\`\(p\_\(19 y\)\)(x, y) = 4 \( f\_\[Tau]\%\(3\ p\)\) y\^p\ \((\((\((2\ x\^\(p\^2\) + x)\)\ \[Alpha]\ \[Beta]\^2 - \[Beta]\^3\ \ y\^\(p\^2\) - \[Alpha]\^3)\)\ f\_k\%2\[IndentingNewLine] - \[Alpha]\ \ \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \[Beta]\^3\ f\_k\%2\ \ \((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^p\)]] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeEquation19Y[q_, l_, \[Tau]_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({y2, fl, k, \[Alpha], \[Beta], a2, a3, b2, b3, y4, yq, p1, p2, p3, p4, p5, p6, p19}\), ",", "\[IndentingNewLine]", RowBox[{\(fl = f[l]\), ";", "\[IndentingNewLine]", \(k = Mod[q, l]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Make\ sure\ we\ have\ no\ junk\ floating\ around\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(Print[{q, l, \[Tau], x}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(y\^2\ is\ a\ polynomial\ in\ x\ only\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(y2 = x\^3 + a\ x\ + \ b\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(\[Lambda]\ = \ \[Alpha]/\[Beta], \ note\ these\ are\ actually\ \[Alpha]/ y\ for\ k\ even, \ \[Beta]/y\ for\ k\ odd\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", StyleBox[\( (*\ Use\ the\ \[Alpha], \[Beta]\ computed\ for\ Equation\ 19 X\ *) \), FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], StyleBox[\(\[Alpha]\ = \ ComputeAlpha[q, l, {a, b}]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", StyleBox[\(\[Beta]\ = \ ComputeBeta[q, l, {a, b}]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], RowBox[{"(*", " ", RowBox[{ RowBox[{ StyleBox["Compute", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", StyleBox[\(\[Alpha]\^3\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], StyleBox[",", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\(\[Beta]\^2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[",", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\(\[Beta]\^3\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]]}], " ", "*)"}], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], \(a3 = PolynomialPowerMod[\[Alpha], 3, {fl, q}]\), ";", "\[IndentingNewLine]", \(b2 = PolynomialPowerMod[\[Beta], 2, {fl, q}]\), ";", "\[IndentingNewLine]", \(b3 = PolynomialPowerMod[\[Beta], 3, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{\(p\_1\), " ", "=", " ", RowBox[{"\[Alpha]", " ", SuperscriptBox[ StyleBox["\[Beta]", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "2"], " ", \((\(f\_\(k - 1\)\) f\_\(k + 1\))\)}]}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p1 = \[Alpha]*b2*f[k - 1]*f[k + 1]\), ";", "\[IndentingNewLine]", \(p1 = PolynomialPowerMod[p1, 1, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_2\ = \ f\_k\%2\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p2 = PolynomialPowerMod[f[k], 2, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_3\ = \ 2\ x\^\(q\^2\) + \ x\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[x, q, {fl, q}]\), ";", "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[p3, q, {fl, q}]\), ";", "\[IndentingNewLine]", \(p3 = PolynomialPowerMod[2*p3 + x, 1, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox[\(p\_4\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox[\(4 f\_\[Tau]\%\(3 q\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["=", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[ SuperscriptBox[ StyleBox[\((4 f\_\[Tau]\%3)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "q"], FontColor->RGBColor[0, 0, 1]]}]}], " ", "*)"}], "\[IndentingNewLine]", \(p4 = 4*PolynomialPowerMod[f[\[Tau]], 3\ q, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_5\ = \ \((\(f\_\(\[Tau] - 1\)\%2\) f\_\(\[Tau] \ + 2\)\ - \ \(f\_\(\[Tau] - 2\)\) f\_\(\[Tau] + 1\)\%2)\)\^q\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p5 = f[\[Tau] + 2]*PolynomialPowerMod[f[\[Tau] - 1], 2, {fl, q}]\), ";", "\[IndentingNewLine]", \(p5 = p5 - f[\[Tau] - 2]* PolynomialPowerMod[f[\[Tau] + 1], 2, {fl, q}]\), ";", "\[IndentingNewLine]", \(p5 = PolynomialPowerMod[p5, q, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", StyleBox[" ", FontSize->8], StyleBox[\(p\_6\ = \ \(y\^\(q\^2 - 1\)\ = \ \ \((y\^2)\)\^\(\((q - 1)\) \((q + 1)\)/2\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSize->10], "*)"}], "\[IndentingNewLine]", \(p6 = PolynomialPowerMod[y2, \((q - 1)\), {fl, q}]\), ";", "\[IndentingNewLine]", \(p6 = PolynomialPowerMod[p6, \((q + 1)\)/2, {fl, q}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\<{k,\[Tau]} = \>", {k, \[Tau]}]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[k]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\(4\^q\) \(\(f\_\[Tau]\%\(3 q\)\)(\((\((2\ x\^\(q\^2\) + x)\) \[Alpha]\ \[Beta]\^2\ - \ \(\ \[Beta]\^3\) y\^\(q\^2 - 1\)\ - \ \(y\^2\) \[Alpha]\^3)\)\ \(y\^2\) f\_k\%2\ - \ \[Alpha]\ \(\[Beta]\^2\) \ \(f\_\(k - 1\)\) f\_\(k + 1\)\ )\)\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", RowBox[{\(p19 = PolynomialPowerMod[p3*\[Alpha]*b2 - b3*p6 - y2*a3, 1, {fl, q}]\), ";", "\[IndentingNewLine]", \(p19 = PolynomialPowerMod[p4*\((p19*y2*p2 - p1)\), 1, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\(4\^q\) \(f\_\[Tau]\%\(3 q\)\) y\^\(3 q + 1\)\ \((\((\((2\ x\^\(q\^2\) + x)\) \[Alpha]\ \[Beta]\^2\ - \ \(\ \[Beta]\^3\) y\^\(q\^2 - 1\)\ - \ \(y\^2\) \[Alpha]\^3)\)\ \(y\^2\) f\_k\%2\ - \[Alpha]\ \(\[Beta]\^2\) \ \(f\_\(k - 1\)\) f\_\(k + 1\)\ )\)\ - \ \(\[Beta]\^3\) \(y\^2\) f\_k\%2\ \((f\_\(\[Tau] - 1\)\%2\ f\_\(\ \[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + 1\)\%2)\)\^q\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p19 *= PolynomialPowerMod[ y2, \((3 q + 1)\)/2, {fl, q}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p19 - b3*y2*p2*p5, 1, {fl, q}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", FormBox[ StyleBox[\(\(\(4\^q\) f\_\[Tau]\%\(3 q\)\ \((\((\((2\ \ x\^\(q\^2\) + x)\) \[Alpha]\ \[Beta]\^2\ - \ \(\[Beta]\^3\) y\^\(q\^2 - 1\) - \ \(y\^2\) \[Alpha]\ \^3)\)\ \(y\^2\) f\_k\%2\ - \ \[Alpha]\ \(\[Beta]\^2\) \(f\_\(k - 1\)\) f\_\(k + 1\)\ )\)\ - \(\[Beta]\^3\) f\_k\%2\ \(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\ \[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + 1\)\%2)\)\^q\) y\^\(q + 1\)\)\(\n\) \), FontColor->RGBColor[0, 0, 1]], "TraditionalForm"], "*)"}], "\[IndentingNewLine]", \(yq = PolynomialPowerMod[ y2, \((q + 1)\)/2, {fl, q}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p19 - b3*p2*p5*yq, 1, {fl, q}];\)}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(OddQ[k]\), ",", "\[IndentingNewLine]", RowBox[{\(y4 = PolynomialPowerMod[y2, 2, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(p\_7\ = \ \(\[Beta]\^3\ \ \((y\^2\()\^\(\((q\^2 + 3)\)/ 2\)\)\)\ = \ \[Beta]\^3\ \((y\^2\()\^2\ \)\) \((y\^2\()\^\(\((q\^2 - 1)\)/2\)\)\)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p7 = PolynomialPowerMod[b3*y4*p6, 1, {fl, q}]\), ";", "\[IndentingNewLine]", \(p19 = PolynomialPowerMod[p3*\[Alpha]*b2*y2 - p7 - a3, 1, {fl, q}]\), ";", "\[IndentingNewLine]", \(p19 -= \ PolynomialPowerMod[p4*\((p19*p2 - y4*p1)\), 1, {fl, q}]\), ";", "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(EvenQ[\[Tau]]\), ",", "\[IndentingNewLine]", RowBox[{"(*", StyleBox[ FormBox[\(\(\ \)\(\(4\^q\) \(f\_\[Tau]\%\(3 q\)\) y\^\(3 q - 3\)\ \((\((\((2\ x\^\(q\^2\) + x)\)\ \[Alpha]\ \(\[Beta]\^2\) y\^2\ - \ \(\[Beta]\^3\) y\^\(q\^2 + 3\) - \ \[Alpha]\^3)\) f\_k\%2\ - \ \(y\^4\) \[Alpha]\ \(\ \[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \ \(\(\[Beta]\^3\)\(\ \)\(f\_k\%2\)\(\ \)\(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] \ + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + 1\)\%2)\)\^q\)\(\ \)\)\)\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p19 *= PolynomialPowerMod[ y2, \((3 q - 3)\)/2, {fl, q}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p19 - b3*p2*p5, 1, {fl, q}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", FormBox[\(4 \(\( f\_\[Tau]\%\(3 q\)\)(\((\((2 x\^\(q\^2\) + x)\) \[Alpha]\ \(\[Beta]\^2\) y\^\(\(2\)\(\ \)\) - \ \(\[Beta]\^3\) y\^\(q\^2 + 3\)\ - \[Alpha]\^3\ )\) f\_k\%2\ - \ \[Alpha]\ \[Beta]\^2\ \(y\ \^4\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \[Beta]\^3\ f\_k\%2\ \((\ \(f\_\(\ \[Tau] - 1\)\%2\) f\_\(\[Tau] + 2\)\ - \ \(f\_\(\[Tau] - 2\)\) f\_\(\[Tau] + \ 1\)\%2)\)\^q\ y\^\(q + 3\)\), "TraditionalForm"], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ FormBox[\(\(4\^q\) \(\(f\_\[Tau]\%\(3 q\)\)(\((\((x\^\(q\^2\) + x)\)\ \[Alpha]\ \(\[Beta]\^2\) y\^2\ - \ \(\[Beta]\^3\) y\^\(q\^2 + 3\) - \ \[Alpha]\^3)\)\ f\ \_k\%2\ - \ \[Alpha]\ \(y\^4\) \(\[Beta]\^2\) f\_\(k - 1\)\ f\_\(k + 1\)\ )\)\ - \ \[Beta]\^3\ f\_k\%2\ \(\((f\_\(\[Tau] - 1\)\%2\ f\_\(\[Tau] + 2\) - f\_\(\[Tau] - 2\)\ f\_\(\[Tau] + \ 1\)\%2)\)\^q\) y\^\(q + 3\)\), "TraditionalForm"], FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(yq = PolynomialPowerMod[y2, \((q + 3)\)/2, 1, {fl, q}]; \[IndentingNewLine]p19 = PolynomialPowerMod[p19 - b3*p2*p5*yq, 1, {fl, q}];\)}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", \(Return[p19]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell["\<\ ComputeTmodLCaseTwo[ q, l, \[Tau], {a, b} ]\ \>", "Subsubsection", PageBreakAbove->True, CellTags->"c:102"], Cell[TextData[{ "Given that ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P \[NotEqual] \(\[PlusMinus]k\)\ P\)]], " for any ", Cell[BoxData[ \(TraditionalForm\`P \[Element] E[l]\)]], " we must test equation (12) for each \[Tau] in ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalZ]/ l\ \(\[DoubleStruckCapitalZ]\^\[Cross]\)\)]], " as ", Cell[BoxData[ \(TraditionalForm\`\(\[Phi]\_l\%2\) P + q\ P = \(\[PlusMinus]\[Tau]\)\ \(\[Phi]\_l\) P\)]], ". These tests are performed using the equations of ", StyleBox["Schoof(19).", FontWeight->"Bold"] }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{\(ComputeTmodLCaseTwo[q_, l_, {a_, b_}]\), ":=", RowBox[{"Module", "[", RowBox[{\({fl, k, \[Tau], g, p19x, p19y}\), ",", "\[IndentingNewLine]", RowBox[{\(fl = f[l]\), ";", "\[IndentingNewLine]", \(k = Mod[q, l]\), ";", "\[IndentingNewLine]", RowBox[{"For", "[", RowBox[{\(\[Tau] = 1\), ",", \(\[Tau] < l\), ",", \(++\[Tau]\), ",", "\[IndentingNewLine]", RowBox[{\(p19x = ComputeEquation19X[q, l, \[Tau], {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(p\_\(19\_x\)\) = \>\"", p19x]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(g = PolynomialGCD[p19x, fl, Modulus \[Rule] q]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(g\ \[NotEqual] \ 1\ means\ such\ P\ exists, \ so\ check\ the\ y\ coordinate\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(! SameQ[g, 1]\), ",", "\[IndentingNewLine]", RowBox[{\(p19y = ComputeEquation19Y[q, l, \[Tau], {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(p\_\(19\_y\)\) = \>\"", p19y]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(g = PolynomialGCD[p19x, fl, Modulus \[Rule] q]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(If[SameQ[g, 1], Return[l - \[Tau]], Return[\[Tau]]]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(No\ solution\ for\ any\ \[Tau], \ return\ 0\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(Return[0]\), ";"}]}], "\[IndentingNewLine]", "]"}]}]], "Input"] }, Open ]], Cell[CellGroupData[{ Cell[TextData[{ "ComputeGroupOrderSchoof[ ", Cell[BoxData[ \(TraditionalForm\`{a, b}, p\)]], " ]" }], "Subsubsection", PageBreakAbove->True, CellTags->"c:103"], Cell[TextData[{ "Computes the order of the group of points ", Cell[BoxData[ \(TraditionalForm\`E(\[DoubleStruckCapitalF]\_p)\)]], " on the elliptic curve ", Cell[BoxData[ \(TraditionalForm\`E : y\^2 = x\^3 + A\ x + B\)]], " over ", Cell[BoxData[ \(TraditionalForm\`\[DoubleStruckCapitalF]\_p\)]], " using Schoof's Algorithm." }], "Text", FontSize->14, FontColor->RGBColor[0, 0, 1]], Cell[BoxData[ RowBox[{ RowBox[{\(ComputeGroupOrderSchoof[{a_, b_}, p_]\), ":=", RowBox[{"Module", "[", RowBox[{\({s, t, l, fl, tl, prmprod, m, i, g, gy, \[Tau], p16, p19x, p19y, r, grpord}\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Create\ a\ set\ of\ smallest\ primes\ S\ such\ that\ \ \(\[Product]\+\(i = 1\)\%m l\_i\)\ > \ 4 \@ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\({prmprod, s} = ComputePrimeSet[p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", s]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Compute\ t\ \((mod\ 2)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(tl = ComputeTModTwo[{a, b}, p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\<\[Tau] (mod 2 ) = \>", tl\ ]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(t = \ {{2, tl}}\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Create\ the\ required\ division\ polynomials\ f\_k \ . \ psi\ is\ a\ \(global!\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(m = Last[s]\), ";", "\[IndentingNewLine]", \(psi = ComputeDivisionPolynomials[{a, b}, p, m]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Now\ for\ each\ other\ l\ \[Element] \ S\ compute\ t\ mod\ l\ as\ follows\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{"For", "[", RowBox[{\(i = 2\), ",", \(i \[LessEqual] Length[s]\), ",", \(++i\), ",", "\[IndentingNewLine]", RowBox[{\(l = s\[LeftDoubleBracket]i\[RightDoubleBracket]\), ";", "\[IndentingNewLine]", \(fl = f[l]\), ";", "\[IndentingNewLine]", StyleBox[\(Print\ ["\", l, "\<] = \>", fl]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ \(\[Exists] \ P\ \[Element] \ E[l]\)\ \[SuchThat] \ \(\[Phi]\_q\%2\) P\ = \ \(\[PlusMinus]kP\)\ we\ are\ in\ case\ \ 1\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], "*)"}], "\[IndentingNewLine]", \(p16 = ComputeEquation16[p, l, {a, b}]\), ";", "\[IndentingNewLine]", \(g = PolynomialGCD[p16, fl, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\!\(p\_16\) = \>\"", p16]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], StyleBox[\(Print[\*"\"\\"", g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], StyleBox["\[IndentingNewLine]", FontColor->RGBColor[1, 0, 0]], RowBox[{"If", "[", RowBox[{\(! SameQ[g, 1]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Determine\ t\ \((mod\ l)\)\ using\ \ Schoof\ \((17)\)\ and\ \((18)\)\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(tl = ComputeTmodLCaseOne[p, l, {a, b}]; \[IndentingNewLine]AppendTo[ t, {l, tl}];\), "\[IndentingNewLine]", ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(Else, \ we\ are\ in\ case\ 2\ testing\ \(\[Phi]\_q\%2\) P\ + \ kP\ = \ \(\[PlusMinus]\[Tau]\[Phi]\_q\) P\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \( (*\ Determine\ if\ \(\[Exists] \ \[Tau]\ < \ l\ satisfying\ Schoof\ \((19)\)\)\ *) \), "\[IndentingNewLine]", RowBox[{ RowBox[{"For", "[", RowBox[{\(\[Tau] = 1\), ",", \(\[Tau] < \((l + 1)\)/2\), ",", \(++\[Tau]\), ",", "\[IndentingNewLine]", RowBox[{ StyleBox[\(Print[\*"\"\<\!\(\[Tau]\_l\) = \ \>\"", \[Tau]]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(If\ \((19 X)\)\ holds\ for\ some\ x\ \ \[Element] \ E[l]\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(p19x = ComputeEquation19X[p, l, \[Tau], {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", p19x]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(g = PolynomialGCD[p19x, fl, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", \ g]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"If", "[", RowBox[{\(! SameQ[g, 1]\), ",", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(then\ \(\[Phi]\_q\%2\) P\ + \ kP\ = \ \ \(\[PlusMinus]\[Tau]\[Phi]\_q\) P, \ use\ \((19 y)\)\ to\ determine\ the\ sign\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", RowBox[{\(p19y = ComputeEquation19Y[p, l, \[Tau], {a, b}]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\", p19y]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(gy = PolynomialGCD[p19y, fl, Modulus \[Rule] p]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\\"", \ gy]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(If[\(! SameQ[ gy, 1]\), tl = \[Tau], tl = l - \[Tau]]\), ";", "\[IndentingNewLine]", \(AppendTo[ t, {l, tl}]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(There\ can\ be\ only\ one\ \ such\ \[Tau]\ for\ each\ l\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(Break[]\), ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";"}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\[Tau] (mod \!\(l\_i\)) = \>\"", t]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]]}]}], "\[IndentingNewLine]", "]"}], ";", "\[IndentingNewLine]", RowBox[{"(*", " ", RowBox[{ StyleBox["Convert", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["t", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox["from", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[" ", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], RowBox[{ StyleBox["{", FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], StyleBox[\({l, \ t\ \((mod\ l)\)}\ to\ {{l}, {tl}}\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " "}]}], "*)"}], "\[IndentingNewLine]", \(t = Transpose[t]\), ";", "\[IndentingNewLine]", StyleBox[\(Print[\*"\"\<\[Tau] (mod \!\(l\_i\)) = \>\"", t]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[ RowBox[{\(Use\ the\ Chinese\ Remainder\ Theorem\ to\ \ compute\ the\ smallest\[IndentingNewLine] \ r\), " ", ">", " ", RowBox[{"0", " ", "such", " ", "that", " ", StyleBox["r", FontColor->RGBColor[0, 0, 1]]}], " ", "\[Congruent]", " ", \(t\_i\ \((mod\ l\_i)\)\ for\ each\ i\)}], FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(r = DetermineChineseRemainder[Last[t], First[t]]\), ";", "\[IndentingNewLine]", RowBox[{"(*", " ", StyleBox[\(force\ - 2 \@ p\ \[LessEqual] \ r\ \[LessEqual] \ 2 \@ p\), FontSlant->"Italic", FontColor->RGBColor[0, 0, 1]], " ", "*)"}], "\[IndentingNewLine]", \(If[r\ > \ 2 \@ p, r -= prmprod]\), ";", "\[IndentingNewLine]", StyleBox[\(Print["\<\[Tau] = \>", \ r]\), FontColor->RGBColor[1, 0, 0]], StyleBox[";", FontColor->RGBColor[1, 0, 0]], "\[IndentingNewLine]", \(grpord = p + 1 - r\), ";", "\[IndentingNewLine]", \(Return[grpord]\), ";"}]}], "\[IndentingNewLine]", "]"}]}], ";"}]], "Input"] }, Open ]] }, Open ]] }, Open ]] }, FrontEndVersion->"5.2 for Macintosh", ScreenRectangle->{{29, 1024}, {0, 746}}, WindowSize->{806, 461}, WindowMargins->{{6, Automatic}, {Automatic, 15}}, PrintingCopies->1, PrintingStartingPageNumber->-3, PrintingPageRange->{1, 200}, TaggingRules:>{"NextIndexingNumber" -> 2, "IndexEntries" -> {{"i:1", {}}}, \ "PaginationCache" -> {{2006, 4, 7, 10, 52, 19.1728592`9.035261820282226}, {1, \ 2, 3, 6, 7, 7, 7, 7, 8, 8, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 11, 12, 12, \ 12, 12, 12, 12, 12, 12, 13, 13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 15, 16, \ 16, 17, 17, 18, 18, 18, 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 22, 22, 22, \ 22, 23, 23, 23, 23, 24, 24, 24, 24, 24, 25, 25, 26, 26, 26, 27, 28, 29, 29, \ 29, 29, 29, 29, 29, 30, 30, 30, 30, 30, 30, 30, 30, 31, 31, 31, 31, 31, 31, \ 31, 31, 31, 32, 32, 32, 32, 33, 33, 33, 34, 35, 35, 35, 36, 36, 37, 38, 38, \ 38, 39, 39, 40, 40, 40, 41, 41, 41, 41, 42, 42, 43, 43, 43, 44, 44, 45, 45, \ 45, 46, 46, 47, 47, 48, 49, 49, 50, 50, 51, 52, 52, 53, 54, 54, 55, 56, 56, \ 56, 57, 57, 58, 58, 59, 59, 60, 60, 61, 62, 62, 63, 64, 64, 64, 64, 64, 64, \ 64, 64, 64, 64, 64, 65, 65, 65, 65, 65, 65, 65, 65, 66, 66, 66, 66, 66, 66, \ 67, 67, 67, 68, 68, 68, 68, 69, 69, 69, 69, 69, 69, 69, 69, 69, 69, 70, 70, \ 70, 70, 70, 71, 71, 71, 71, 71, 71, 72, 72, 72, 72, 73, 73, 73, 73, 73, 73, \ 73, 73, 73, 75, 75, 75, 76, 76, 76, 76, 76, 76, 77, 77, 77, 77, 78, 78, 78, \ 78, 78, 78, 78, 78, 78, 78, 78, 78, 79, 79, 79, 80, 80, 80, 80, 80, 81, 81, \ 81, 81, 81, 82, 82, 82, 83, 83, 83, 84, 84, 84, 85, 85, 85, 87, 87, 87, 88, \ 88, 88, 89, 89, 89, 90}, Automatic}}, Magnification->1, StyleDefinitions -> "ArticleClassic.nb" ] (******************************************************************* Cached data follows. If you edit this Notebook file directly, not using Mathematica, you must remove the line containing CacheID at the top of the file. The cache data will then be recreated when you save this file from within Mathematica. *******************************************************************) (*CellTagsOutline CellTagsIndex->{ "i:1"->{ Cell[1754, 51, 671, 14, 592, "Text", CellTags->"i:1"]}, "c:1"->{ Cell[4032, 99, 160, 4, 57, "Section", PageBreakAbove->True, CellTags->"c:1"], Cell[21332, 538, 159, 4, 57, "Section", PageBreakAbove->False, CellTags->"c:1"], Cell[22728, 585, 158, 4, 57, "Section", PageBreakAbove->False, CellTags->"c:1"]}, "c:2"->{ Cell[23542, 613, 86, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:2"]}, "c:3"->{ Cell[23891, 631, 55, 1, 42, "Subsection", CellTags->"c:3"], Cell[196027, 2816, 78, 1, 42, "Subsection", CellTags->"c:3"]}, "c:4"->{ Cell[199685, 2940, 84, 1, 42, "Subsection", CellTags->"c:4"]}, "c:5"->{ Cell[267142, 4015, 85, 1, 32, "Subsubsection", CellTags->"c:5"]}, "c:6"->{ Cell[269342, 4087, 153, 5, 58, "Section", CellTags->"c:6"]}, "c:7"->{ Cell[269520, 4096, 79, 1, 42, "Subsection", CellTags->"c:7"], Cell[274845, 4252, 68, 1, 42, "Subsection", CellTags->"c:7"]}, "c:8"->{ Cell[281781, 4495, 77, 1, 42, "Subsection", CellTags->"c:8"]}, "c:9"->{ Cell[284175, 4563, 88, 1, 32, "Subsubsection", CellTags->"c:9"]}, "c:10"->{ Cell[285451, 4605, 73, 1, 42, "Subsection", CellTags->"c:10"]}, "c:11"->{ Cell[286969, 4657, 156, 6, 32, "Subsubsection", CellTags->"c:11"]}, "c:12"->{ Cell[288270, 4702, 68, 1, 42, "Subsection", CellTags->"c:12"]}, "c:13"->{ Cell[290213, 4768, 79, 1, 32, "Subsubsection", CellTags->"c:13"]}, "c:14"->{ Cell[292631, 4845, 130, 5, 42, "Subsection", CellTags->"c:14"]}, "c:15"->{ Cell[295940, 4952, 90, 1, 42, "Subsection", CellTags->"c:15"]}, "c:16"->{ Cell[296727, 4977, 88, 1, 32, "Subsubsection", CellTags->"c:16"]}, "c:17"->{ Cell[297766, 5010, 75, 1, 42, "Subsection", CellTags->"c:17"]}, "c:18"->{ Cell[300783, 5107, 90, 1, 32, "Subsubsection", CellTags->"c:18"]}, "c:19"->{ Cell[301971, 5148, 199, 6, 58, "Section", PageBreakAbove->True, CellTags->"c:19"]}, "c:20"->{ Cell[303222, 5190, 163, 5, 32, "Subsubsection", CellTags->"c:20"]}, "c:21"->{ Cell[309132, 5384, 207, 6, 58, "Section", PageBreakAbove->True, CellTags->"c:21"]}, "c:22"->{ Cell[309364, 5394, 174, 5, 43, "Subsection", CellTags->"c:22"]}, "c:23"->{ Cell[316940, 5624, 76, 1, 42, "Subsection", CellTags->"c:23"]}, "c:24"->{ Cell[321351, 5764, 61, 1, 42, "Subsection", CellTags->"c:24"]}, "c:25"->{ Cell[326245, 5926, 171, 5, 43, "Subsection", CellTags->"c:25"]}, "c:26"->{ Cell[330216, 6056, 74, 1, 42, "Subsection", CellTags->"c:26"]}, "c:27"->{ Cell[332429, 6122, 104, 2, 32, "Subsubsection", CellTags->"c:27"]}, "c:28"->{ Cell[333998, 6174, 108, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:28"]}, "c:29"->{ Cell[335638, 6226, 134, 5, 42, "Subsection", CellTags->"c:29"]}, "c:30"->{ Cell[342000, 6419, 233, 8, 43, "Subsection", CellTags->"c:30"]}, "c:31"->{ Cell[345985, 6553, 144, 5, 32, "Subsubsection", CellTags->"c:31"]}, "c:32"->{ Cell[348490, 6634, 70, 1, 42, "Subsection", CellTags->"c:32"]}, "c:33"->{ Cell[355274, 6844, 76, 1, 42, "Subsection", CellTags->"c:33"]}, "c:34"->{ Cell[388939, 7321, 97, 1, 32, "Subsubsection", CellTags->"c:34"]}, "c:35"->{ Cell[393159, 7452, 159, 6, 42, "Subsection", CellTags->"c:35"]}, "c:36"->{ Cell[395537, 7534, 72, 1, 42, "Subsection", CellTags->"c:36"]}, "c:37"->{ Cell[399576, 7654, 90, 1, 42, "Subsection", CellTags->"c:37"]}, "c:38"->{ Cell[410625, 7975, 74, 1, 42, "Subsection", CellTags->"c:38"]}, "c:39"->{ Cell[413388, 8064, 66, 1, 42, "Subsection", CellTags->"c:39"]}, "c:40"->{ Cell[417680, 8201, 67, 1, 42, "Subsection", CellTags->"c:40"]}, "c:41"->{ Cell[420461, 8286, 75, 1, 42, "Subsection", CellTags->"c:41"]}, "c:42"->{ Cell[424775, 8406, 68, 1, 42, "Subsection", CellTags->"c:42"]}, "c:43"->{ Cell[429752, 8540, 68, 1, 42, "Subsection", CellTags->"c:43"]}, "c:44"->{ Cell[437397, 8744, 97, 2, 42, "Subsection", PageBreakAbove->True, CellTags->"c:44"]}, "c:45"->{ Cell[441824, 8889, 112, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:45"]}, "c:54"->{ Cell[442370, 8905, 89, 2, 42, "Subsection", PageBreakAbove->False, CellTags->"c:54"], Cell[448844, 9097, 63, 1, 37, "Subsection", CellTags->"c:54"], Cell[453037, 9223, 67, 1, 37, "Subsection", CellTags->"c:54"], Cell[457905, 9364, 81, 1, 37, "Subsection", CellTags->"c:54"]}, "c:52"->{ Cell[455133, 9275, 87, 2, 49, "Section", PageBreakAbove->True, CellTags->"c:52"]}, "c:53"->{ Cell[455245, 9281, 85, 1, 37, "Subsection", CellTags->"c:53"]}, "c:55"->{ Cell[459885, 9418, 73, 2, 49, "Section", PageBreakAbove->True, CellTags->"c:55"]}, "c:56"->{ Cell[461402, 9460, 198, 7, 49, "Section", PageBreakAbove->True, CellTags->"c:56"]}, "c:57"->{ Cell[462021, 9482, 71, 1, 28, "Subsubsection", CellTags->"c:57"]}, "c:58"->{ Cell[464942, 9587, 69, 1, 28, "Subsubsection", CellTags->"c:58"]}, "c:59"->{ Cell[469473, 9732, 87, 1, 28, "Subsubsection", CellTags->"c:59"]}, "c:60"->{ Cell[474252, 9872, 188, 7, 49, "Section", PageBreakAbove->True, CellTags->"c:60"]}, "c:62"->{ Cell[474695, 9892, 69, 1, 37, "Subsection", CellTags->"c:62"]}, "c:63"->{ Cell[474789, 9897, 140, 6, 28, "Subsubsection", CellTags->"c:63"]}, "c:64"->{ Cell[475664, 9927, 144, 5, 28, "Subsubsection", CellTags->"c:64"]}, "c:65"->{ Cell[476998, 9969, 140, 5, 28, "Subsubsection", CellTags->"c:65"]}, "c:66"->{ Cell[478552, 10027, 220, 8, 28, "Subsubsection", CellTags->"c:66"]}, "c:67"->{ Cell[481790, 10111, 139, 6, 28, "Subsubsection", CellTags->"c:67"]}, "c:68"->{ Cell[482515, 10142, 141, 7, 28, "Subsubsection", CellTags->"c:68"]}, "c:69"->{ Cell[483696, 10186, 149, 6, 28, "Subsubsection", CellTags->"c:69"]}, "c:70"->{ Cell[492315, 10373, 144, 6, 28, "Subsubsection", CellTags->"c:70"]}, "c:71"->{ Cell[501196, 10596, 78, 1, 37, "Subsection", CellTags->"c:71"]}, "c:72"->{ Cell[501299, 10601, 148, 3, 28, "Subsubsection", CellTags->"c:72"]}, "c:73"->{ Cell[504393, 10678, 123, 2, 28, "Subsubsection", CellTags->"c:73"]}, "c:74"->{ Cell[505464, 10712, 114, 2, 28, "Subsubsection", CellTags->"c:74"]}, "c:75"->{ Cell[506171, 10738, 143, 6, 28, "Subsubsection", CellTags->"c:75"]}, "c:76"->{ Cell[506873, 10766, 136, 3, 28, "Subsubsection", CellTags->"c:76"]}, "c:77"->{ Cell[511540, 10870, 143, 6, 28, "Subsubsection", CellTags->"c:77"]}, "c:78"->{ Cell[513195, 10921, 121, 2, 28, "Subsubsection", CellTags->"c:78"]}, "c:79"->{ Cell[516127, 10996, 144, 6, 28, "Subsubsection", CellTags->"c:79"]}, "c:80"->{ Cell[519556, 11082, 147, 3, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:80"]}, "c:81"->{ Cell[522990, 11161, 135, 3, 28, "Subsubsection", CellTags->"c:81"]}, "c:82"->{ Cell[525682, 11230, 117, 2, 37, "Subsection", PageBreakAbove->True, CellTags->"c:82"]}, "c:83"->{ Cell[525824, 11236, 122, 2, 28, "Subsubsection", CellTags->"c:83"]}, "c:84"->{ Cell[526795, 11265, 151, 6, 28, "Subsubsection", CellTags->"c:84"]}, "c:85"->{ Cell[539752, 11531, 148, 6, 28, "Subsubsection", CellTags->"c:85"]}, "c:86"->{ Cell[542213, 11597, 66, 1, 28, "Subsubsection", CellTags->"c:86"]}, "c:87"->{ Cell[543290, 11630, 139, 6, 28, "Subsubsection", CellTags->"c:87"]}, "c:88"->{ Cell[549361, 11763, 88, 1, 37, "Subsection", CellTags->"c:88"]}, "c:89"->{ Cell[549474, 11768, 141, 6, 28, "Subsubsection", CellTags->"c:89"]}, "c:90"->{ Cell[551830, 11835, 134, 6, 28, "Subsubsection", CellTags->"c:90"]}, "c:91"->{ Cell[555831, 11943, 139, 5, 28, "Subsubsection", CellTags->"c:91"]}, "c:92"->{ Cell[568124, 12585, 156, 6, 20, "Subsubsection", CellTags->"c:92"]}, "c:93"->{ Cell[572257, 12677, 215, 7, 28, "Subsubsection", CellTags->"c:93"]}, "c:94"->{ Cell[574109, 12736, 102, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:94"]}, "c:95"->{ Cell[580084, 12874, 105, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:95"]}, "c:96"->{ Cell[585472, 13015, 105, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:96"]}, "c:97"->{ Cell[590647, 13141, 104, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:97"]}, "c:98"->{ Cell[595967, 13266, 97, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:98"]}, "c:99"->{ Cell[603769, 13451, 72, 1, 28, "Subsubsection", CellTags->"c:99"]}, "c:100"->{ Cell[609066, 13582, 120, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:100"]}, "c:101"->{ Cell[623309, 13881, 120, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:101"]}, "c:102"->{ Cell[641634, 14250, 121, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:102"]}, "c:103"->{ Cell[645826, 14352, 175, 7, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:103"]} } *) (*CellTagsIndex CellTagsIndex->{ {"i:1", 663138, 14699}, {"c:1", 663215, 14702}, {"c:2", 663515, 14712}, {"c:3", 663622, 14716}, {"c:4", 663776, 14721}, {"c:5", 663860, 14724}, {"c:6", 663947, 14727}, {"c:7", 664029, 14730}, {"c:8", 664185, 14735}, {"c:9", 664269, 14738}, {"c:10", 664357, 14741}, {"c:11", 664443, 14744}, {"c:12", 664533, 14747}, {"c:13", 664619, 14750}, {"c:14", 664708, 14753}, {"c:15", 664795, 14756}, {"c:16", 664881, 14759}, {"c:17", 664970, 14762}, {"c:18", 665056, 14765}, {"c:19", 665145, 14768}, {"c:20", 665257, 14772}, {"c:21", 665347, 14775}, {"c:22", 665459, 14779}, {"c:23", 665546, 14782}, {"c:24", 665632, 14785}, {"c:25", 665718, 14788}, {"c:26", 665805, 14791}, {"c:27", 665891, 14794}, {"c:28", 665981, 14797}, {"c:29", 666093, 14801}, {"c:30", 666180, 14804}, {"c:31", 666267, 14807}, {"c:32", 666357, 14810}, {"c:33", 666443, 14813}, {"c:34", 666529, 14816}, {"c:35", 666618, 14819}, {"c:36", 666705, 14822}, {"c:37", 666791, 14825}, {"c:38", 666877, 14828}, {"c:39", 666963, 14831}, {"c:40", 667049, 14834}, {"c:41", 667135, 14837}, {"c:42", 667221, 14840}, {"c:43", 667307, 14843}, {"c:44", 667393, 14846}, {"c:45", 667507, 14850}, {"c:54", 667619, 14854}, {"c:52", 667953, 14864}, {"c:53", 668064, 14868}, {"c:55", 668150, 14871}, {"c:56", 668261, 14875}, {"c:57", 668373, 14879}, {"c:58", 668462, 14882}, {"c:59", 668551, 14885}, {"c:60", 668640, 14888}, {"c:62", 668752, 14892}, {"c:63", 668838, 14895}, {"c:64", 668928, 14898}, {"c:65", 669018, 14901}, {"c:66", 669108, 14904}, {"c:67", 669199, 14907}, {"c:68", 669290, 14910}, {"c:69", 669381, 14913}, {"c:70", 669472, 14916}, {"c:71", 669563, 14919}, {"c:72", 669650, 14922}, {"c:73", 669741, 14925}, {"c:74", 669832, 14928}, {"c:75", 669923, 14931}, {"c:76", 670014, 14934}, {"c:77", 670105, 14937}, {"c:78", 670196, 14940}, {"c:79", 670287, 14943}, {"c:80", 670378, 14946}, {"c:81", 670497, 14950}, {"c:82", 670588, 14953}, {"c:83", 670704, 14957}, {"c:84", 670795, 14960}, {"c:85", 670886, 14963}, {"c:86", 670977, 14966}, {"c:87", 671067, 14969}, {"c:88", 671158, 14972}, {"c:89", 671245, 14975}, {"c:90", 671336, 14978}, {"c:91", 671427, 14981}, {"c:92", 671518, 14984}, {"c:93", 671609, 14987}, {"c:94", 671700, 14990}, {"c:95", 671819, 14994}, {"c:96", 671938, 14998}, {"c:97", 672057, 15002}, {"c:98", 672176, 15006}, {"c:99", 672294, 15010}, {"c:100", 672385, 15013}, {"c:101", 672506, 15017}, {"c:102", 672627, 15021}, {"c:103", 672748, 15025} } *) (*NotebookFileOutline Notebook[{ Cell[1754, 51, 671, 14, 592, "Text", CellTags->"i:1"], Cell[2428, 67, 1579, 28, 364, "Text", PageBreakAbove->True], Cell[CellGroupData[{ Cell[4032, 99, 160, 4, 57, "Section", PageBreakAbove->True, CellTags->"c:1"], Cell[4195, 105, 17100, 428, 1097, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[21332, 538, 159, 4, 57, "Section", PageBreakAbove->False, CellTags->"c:1"], Cell[21494, 544, 1197, 36, 64, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[22728, 585, 158, 4, 57, "Section", PageBreakAbove->False, CellTags->"c:1"], Cell[22889, 591, 616, 17, 46, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[23542, 613, 86, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:2"], Cell[23631, 617, 235, 10, 82, "Text", PageBreakAbove->Automatic], Cell[CellGroupData[{ Cell[23891, 631, 55, 1, 42, "Subsection", CellTags->"c:3"], Cell[23949, 634, 289, 10, 28, "Text"], Cell[24241, 646, 123, 3, 29, "NumberedEquation"], Cell[24367, 651, 2385, 46, 319, "Text"], Cell[26755, 699, 167514, 2075, 334, "Text"], Cell[194272, 2776, 1718, 35, 208, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[196027, 2816, 78, 1, 42, "Subsection", CellTags->"c:3"], Cell[196108, 2819, 588, 17, 64, "Text"], Cell[196699, 2838, 190, 4, 28, "NumberedEquation"], Cell[196892, 2844, 668, 21, 64, "Text"], Cell[197563, 2867, 123, 3, 29, "NumberedEquation"], Cell[197689, 2872, 1595, 47, 307, "Text"], Cell[199287, 2921, 140, 5, 28, "NumberedEquation"], Cell[199430, 2928, 218, 7, 28, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[199685, 2940, 84, 1, 42, "Subsection", CellTags->"c:4"], Cell[199772, 2943, 1254, 36, 100, "Text"], Cell[201029, 2981, 57088, 714, 412, "Text"], Cell[258120, 3697, 2995, 92, 244, "Text"], Cell[261118, 3791, 155, 5, 28, "NumberedEquation"], Cell[261276, 3798, 201, 7, 28, "Text"], Cell[261480, 3807, 138, 5, 28, "NumberedEquation"], Cell[261621, 3814, 416, 11, 100, "Text"], Cell[262040, 3827, 367, 7, 46, "NumberedEquation"], Cell[262410, 3836, 726, 25, 100, "Text"], Cell[263139, 3863, 243, 7, 28, "NumberedEquation"], Cell[263385, 3872, 477, 14, 64, "Text"], Cell[263865, 3888, 141, 5, 28, "NumberedEquation"], Cell[264009, 3895, 374, 14, 46, "Text"], Cell[264386, 3911, 240, 8, 28, "NumberedEquation"], Cell[264629, 3921, 1239, 41, 118, "Text"], Cell[265871, 3964, 337, 11, 39, "NumberedEquation"], Cell[266211, 3977, 296, 11, 28, "Text"], Cell[266510, 3990, 231, 7, 28, "NumberedEquation"], Cell[266744, 3999, 373, 12, 46, "Text"], Cell[CellGroupData[{ Cell[267142, 4015, 85, 1, 32, "Subsubsection", CellTags->"c:5"], Cell[267230, 4018, 2051, 62, 247, "Text"] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[269342, 4087, 153, 5, 58, "Section", CellTags->"c:6"], Cell[CellGroupData[{ Cell[269520, 4096, 79, 1, 42, "Subsection", CellTags->"c:7"], Cell[269602, 4099, 5206, 148, 540, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[274845, 4252, 68, 1, 42, "Subsection", CellTags->"c:7"], Cell[274916, 4255, 6828, 235, 719, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[281781, 4495, 77, 1, 42, "Subsection", CellTags->"c:8"], Cell[281861, 4498, 2289, 61, 228, "Text"], Cell[CellGroupData[{ Cell[284175, 4563, 88, 1, 32, "Subsubsection", CellTags->"c:9"], Cell[284266, 4566, 1136, 33, 118, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[285451, 4605, 73, 1, 42, "Subsection", CellTags->"c:10"], Cell[285527, 4608, 1417, 45, 154, "Text"], Cell[CellGroupData[{ Cell[286969, 4657, 156, 6, 32, "Subsubsection", CellTags->"c:11"], Cell[287128, 4665, 1093, 31, 136, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[288270, 4702, 68, 1, 42, "Subsection", CellTags->"c:12"], Cell[288341, 4705, 1847, 59, 190, "Text"], Cell[CellGroupData[{ Cell[290213, 4768, 79, 1, 32, "Subsubsection", CellTags->"c:13"], Cell[290295, 4771, 2287, 68, 255, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[292631, 4845, 130, 5, 42, "Subsection", CellTags->"c:14"], Cell[292764, 4852, 3139, 95, 354, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[295940, 4952, 90, 1, 42, "Subsection", CellTags->"c:15"], Cell[296033, 4955, 669, 18, 82, "Text"], Cell[CellGroupData[{ Cell[296727, 4977, 88, 1, 32, "Subsubsection", CellTags->"c:16"], Cell[296818, 4980, 899, 24, 190, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[297766, 5010, 75, 1, 42, "Subsection", CellTags->"c:17"], Cell[297844, 5013, 2914, 90, 324, "Text"], Cell[CellGroupData[{ Cell[300783, 5107, 90, 1, 32, "Subsubsection", CellTags->"c:18"], Cell[300876, 5110, 1034, 31, 172, "Text"] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[301971, 5148, 199, 6, 58, "Section", PageBreakAbove->True, CellTags->"c:19"], Cell[302173, 5156, 1024, 30, 84, "Text"], Cell[CellGroupData[{ Cell[303222, 5190, 163, 5, 32, "Subsubsection", CellTags->"c:20"], Cell[303388, 5197, 858, 24, 118, "Text"], Cell[304249, 5223, 1257, 43, 137, "Text"], Cell[305509, 5268, 1442, 43, 198, "Text"], Cell[306954, 5313, 2129, 65, 174, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[309132, 5384, 207, 6, 58, "Section", PageBreakAbove->True, CellTags->"c:21"], Cell[CellGroupData[{ Cell[309364, 5394, 174, 5, 43, "Subsection", CellTags->"c:22"], Cell[309541, 5401, 2072, 63, 122, "Text"], Cell[311616, 5466, 3085, 89, 229, "Text"], Cell[314704, 5557, 2199, 62, 739, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[316940, 5624, 76, 1, 42, "Subsection", CellTags->"c:23"], Cell[317019, 5627, 1410, 36, 140, "Text"], Cell[318432, 5665, 239, 8, 29, "NumberedEquation"], Cell[318674, 5675, 143, 4, 28, "Text"], Cell[318820, 5681, 276, 10, 30, "NumberedEquation"], Cell[319099, 5693, 666, 18, 48, "Text"], Cell[319768, 5713, 259, 8, 29, "NumberedEquation"], Cell[320030, 5723, 1284, 36, 212, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[321351, 5764, 61, 1, 42, "Subsection", CellTags->"c:24"], Cell[321415, 5767, 784, 24, 48, "Text"], Cell[322202, 5793, 264, 9, 48, "NumberedEquation"], Cell[322469, 5804, 2148, 61, 252, "Text"], Cell[324620, 5867, 166, 3, 28, "NumberedEquation"], Cell[324789, 5872, 340, 13, 29, "Text"], Cell[325132, 5887, 163, 3, 32, "NumberedEquation"], Cell[325298, 5892, 410, 13, 31, "Text"], Cell[325711, 5907, 143, 3, 26, "NumberedEquation"], Cell[325857, 5912, 351, 9, 66, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[326245, 5926, 171, 5, 43, "Subsection", CellTags->"c:25"], Cell[326419, 5933, 804, 24, 85, "Text"], Cell[327226, 5959, 204, 6, 29, "NumberedEquation"], Cell[327433, 5967, 1278, 32, 102, "Text"], Cell[328714, 6001, 195, 6, 28, "NumberedEquation"], Cell[328912, 6009, 1267, 42, 104, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[330216, 6056, 74, 1, 42, "Subsection", CellTags->"c:26"], Cell[330293, 6059, 2111, 59, 197, "Text"], Cell[CellGroupData[{ Cell[332429, 6122, 104, 2, 32, "Subsubsection", CellTags->"c:27"], Cell[332536, 6126, 1401, 41, 139, "Text"] }, Open ]] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[333998, 6174, 108, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:28"], Cell[334109, 6178, 317, 10, 46, "Text"], Cell[334429, 6190, 1184, 32, 101, "Text"], Cell[CellGroupData[{ Cell[335638, 6226, 134, 5, 42, "Subsection", CellTags->"c:29"], Cell[335775, 6233, 6188, 181, 533, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[342000, 6419, 233, 8, 43, "Subsection", CellTags->"c:30"], Cell[342236, 6429, 3724, 120, 379, "Text"], Cell[CellGroupData[{ Cell[345985, 6553, 144, 5, 32, "Subsubsection", CellTags->"c:31"], Cell[346132, 6560, 2309, 68, 284, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[348490, 6634, 70, 1, 42, "Subsection", CellTags->"c:32"], Cell[348563, 6637, 6674, 202, 673, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[355274, 6844, 76, 1, 42, "Subsection", CellTags->"c:33"], Cell[355353, 6847, 775, 22, 65, "Text"], Cell[356131, 6871, 1410, 46, 158, "Text"], Cell[357544, 6919, 31370, 398, 292, "Text"], Cell[CellGroupData[{ Cell[388939, 7321, 97, 1, 32, "Subsubsection", CellTags->"c:34"], Cell[389039, 7324, 2544, 72, 249, "Text"], Cell[391586, 7398, 1524, 48, 209, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[393159, 7452, 159, 6, 42, "Subsection", CellTags->"c:35"], Cell[393321, 7460, 255, 10, 29, "Text"], Cell[393579, 7472, 290, 5, 39, "NumberedEquation"], Cell[393872, 7479, 1628, 50, 137, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[395537, 7534, 72, 1, 42, "Subsection", CellTags->"c:36"], Cell[395612, 7537, 3927, 112, 510, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[399576, 7654, 90, 1, 42, "Subsection", CellTags->"c:37"], Cell[399669, 7657, 4013, 122, 337, "Text"], Cell[403685, 7781, 549, 15, 61, "NumberedEquation"], Cell[404237, 7798, 5417, 146, 722, "Text"], Cell[409657, 7946, 200, 4, 34, "NumberedEquation"], Cell[409860, 7952, 728, 18, 65, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[410625, 7975, 74, 1, 42, "Subsection", CellTags->"c:38"], Cell[410702, 7978, 2649, 81, 371, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[413388, 8064, 66, 1, 42, "Subsection", CellTags->"c:39"], Cell[413457, 8067, 4186, 129, 467, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[417680, 8201, 67, 1, 42, "Subsection", CellTags->"c:40"], Cell[417750, 8204, 2674, 77, 312, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[420461, 8286, 75, 1, 42, "Subsection", CellTags->"c:41"], Cell[420539, 8289, 4199, 112, 646, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[424775, 8406, 68, 1, 42, "Subsection", CellTags->"c:42"], Cell[424846, 8409, 4869, 126, 682, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[429752, 8540, 68, 1, 42, "Subsection", CellTags->"c:43"], Cell[429823, 8543, 7537, 196, 859, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[437397, 8744, 97, 2, 42, "Subsection", PageBreakAbove->True, CellTags->"c:44"], Cell[437497, 8748, 4278, 135, 483, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[441824, 8889, 112, 2, 57, "Section", PageBreakAbove->True, CellTags->"c:45"], Cell[441939, 8893, 406, 8, 64, "Text"], Cell[CellGroupData[{ Cell[442370, 8905, 89, 2, 42, "Subsection", PageBreakAbove->False, CellTags->"c:54"], Cell[442462, 8909, 6345, 183, 822, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[448844, 9097, 63, 1, 37, "Subsection", CellTags->"c:54"], Cell[448910, 9100, 1222, 30, 161, "Text"], Cell[450135, 9132, 2865, 86, 207, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[453037, 9223, 67, 1, 37, "Subsection", CellTags->"c:54"], Cell[453107, 9226, 1977, 43, 348, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[455133, 9275, 87, 2, 49, "Section", PageBreakAbove->True, CellTags->"c:52"], Cell[CellGroupData[{ Cell[455245, 9281, 85, 1, 37, "Subsection", CellTags->"c:53"], Cell[455333, 9284, 2535, 75, 281, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[457905, 9364, 81, 1, 37, "Subsection", CellTags->"c:54"], Cell[457989, 9367, 1847, 45, 246, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[459885, 9418, 73, 2, 49, "Section", PageBreakAbove->True, CellTags->"c:55"], Cell[459961, 9422, 1404, 33, 365, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[461402, 9460, 198, 7, 49, "Section", PageBreakAbove->True, CellTags->"c:56"], Cell[461603, 9469, 393, 9, 76, "Text"], Cell[CellGroupData[{ Cell[462021, 9482, 71, 1, 28, "Subsubsection", CellTags->"c:57"], Cell[462095, 9485, 2810, 97, 458, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[464942, 9587, 69, 1, 28, "Subsubsection", CellTags->"c:58"], Cell[465014, 9590, 4422, 137, 696, "Text"] }, Open ]], Cell[CellGroupData[{ Cell[469473, 9732, 87, 1, 28, "Subsubsection", CellTags->"c:59"], Cell[469563, 9735, 4640, 131, 732, "Text"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[474252, 9872, 188, 7, 49, "Section", PageBreakAbove->True, CellTags->"c:60"], Cell[474443, 9881, 227, 7, 42, "Text"], Cell[CellGroupData[{ Cell[474695, 9892, 69, 1, 37, "Subsection", CellTags->"c:62"], Cell[CellGroupData[{ Cell[474789, 9897, 140, 6, 28, "Subsubsection", CellTags->"c:63"], Cell[474932, 9905, 220, 7, 42, "Text"], Cell[475155, 9914, 472, 8, 134, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[475664, 9927, 144, 5, 28, "Subsubsection", CellTags->"c:64"], Cell[475811, 9934, 413, 16, 42, "Text"], Cell[476227, 9952, 734, 12, 159, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[476998, 9969, 140, 5, 28, "Subsubsection", CellTags->"c:65"], Cell[477141, 9976, 967, 37, 76, "Text"], Cell[478111, 10015, 404, 7, 84, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[478552, 10027, 220, 8, 28, "Subsubsection", CellTags->"c:66"], Cell[478775, 10037, 264, 10, 25, "Text"], Cell[479042, 10049, 2711, 57, 280, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[481790, 10111, 139, 6, 28, "Subsubsection", CellTags->"c:67"], Cell[481932, 10119, 414, 14, 59, "Text"], Cell[482349, 10135, 129, 2, 34, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[482515, 10142, 141, 7, 28, "Subsubsection", CellTags->"c:68"], Cell[482659, 10151, 650, 21, 59, "Text"], Cell[483312, 10174, 347, 7, 97, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[483696, 10186, 149, 6, 28, "Subsubsection", CellTags->"c:69"], Cell[483848, 10194, 468, 16, 42, "Text"], Cell[484319, 10212, 7959, 156, 677, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[492315, 10373, 144, 6, 28, "Subsubsection", CellTags->"c:70"], Cell[492462, 10381, 550, 17, 76, "Text"], Cell[493015, 10400, 8132, 190, 260, "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[501196, 10596, 78, 1, 37, "Subsection", CellTags->"c:71"], Cell[CellGroupData[{ Cell[501299, 10601, 148, 3, 28, "Subsubsection", CellTags->"c:72"], Cell[501450, 10606, 698, 23, 76, "Text"], Cell[502151, 10631, 2205, 42, 223, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[504393, 10678, 123, 2, 28, "Subsubsection", CellTags->"c:73"], Cell[504519, 10682, 720, 20, 93, "Text"], Cell[505242, 10704, 185, 3, 47, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[505464, 10712, 114, 2, 28, "Subsubsection", CellTags->"c:74"], Cell[505581, 10716, 441, 13, 59, "Text"], Cell[506025, 10731, 109, 2, 22, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[506171, 10738, 143, 6, 28, "Subsubsection", CellTags->"c:75"], Cell[506317, 10746, 319, 10, 25, "Text"], Cell[506639, 10758, 197, 3, 47, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[506873, 10766, 136, 3, 28, "Subsubsection", CellTags->"c:76"], Cell[507012, 10771, 781, 22, 93, "Text"], Cell[507796, 10795, 3707, 70, 348, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[511540, 10870, 143, 6, 28, "Subsubsection", CellTags->"c:77"], Cell[511686, 10878, 754, 22, 93, "Text"], Cell[512443, 10902, 715, 14, 172, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[513195, 10921, 121, 2, 28, "Subsubsection", CellTags->"c:78"], Cell[513319, 10925, 572, 17, 78, "Text"], Cell[513894, 10944, 2196, 47, 172, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[516127, 10996, 144, 6, 28, "Subsubsection", CellTags->"c:79"], Cell[516274, 11004, 782, 23, 93, "Text"], Cell[517059, 11029, 2460, 48, 247, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[519556, 11082, 147, 3, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:80"], Cell[519706, 11087, 523, 16, 42, "Text"], Cell[520232, 11105, 2721, 51, 248, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[522990, 11161, 135, 3, 28, "Subsubsection", CellTags->"c:81"], Cell[523128, 11166, 398, 11, 42, "Text"], Cell[523529, 11179, 2104, 45, 198, "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[525682, 11230, 117, 2, 37, "Subsection", PageBreakAbove->True, CellTags->"c:82"], Cell[CellGroupData[{ Cell[525824, 11236, 122, 2, 28, "Subsubsection", CellTags->"c:83"], Cell[525949, 11240, 317, 10, 25, "Text"], Cell[526269, 11252, 489, 8, 134, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[526795, 11265, 151, 6, 28, "Subsubsection", CellTags->"c:84"], Cell[526949, 11273, 496, 14, 59, "Text"], Cell[527448, 11289, 12267, 237, 1084, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[539752, 11531, 148, 6, 28, "Subsubsection", CellTags->"c:85"], Cell[539903, 11539, 433, 16, 59, "Text"], Cell[540339, 11557, 1837, 35, 198, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[542213, 11597, 66, 1, 28, "Subsubsection", CellTags->"c:86"], Cell[542282, 11600, 493, 15, 47, "Text"], Cell[542778, 11617, 475, 8, 122, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[543290, 11630, 139, 6, 28, "Subsubsection", CellTags->"c:87"], Cell[543432, 11638, 354, 9, 59, "Text"], Cell[543789, 11649, 5523, 108, 519, "Input"] }, Open ]] }, Open ]], Cell[CellGroupData[{ Cell[549361, 11763, 88, 1, 37, "Subsection", CellTags->"c:88"], Cell[CellGroupData[{ Cell[549474, 11768, 141, 6, 28, "Subsubsection", CellTags->"c:89"], Cell[549618, 11776, 366, 13, 42, "Text"], Cell[549987, 11791, 1806, 39, 148, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[551830, 11835, 134, 6, 28, "Subsubsection", CellTags->"c:90"], Cell[551967, 11843, 646, 25, 60, "Text"], Cell[552616, 11870, 3178, 68, 259, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[555831, 11943, 139, 5, 28, "Subsubsection", CellTags->"c:91"], Cell[555973, 11950, 120, 3, 71, "Input"], Cell[CellGroupData[{ Cell[556118, 11957, 303, 5, 125, "Input"], Cell[556424, 11964, 11301, 602, 70, 11179, 598, "GraphicsData", "PostScript", \ "Graphics", ImageCacheValid->False] }, Open ]], Cell[CellGroupData[{ Cell[567762, 12571, 171, 4, 84, "Input"], Cell[567936, 12577, 139, 2, 70, "Output"] }, Open ]] }, Closed]], Cell[CellGroupData[{ Cell[568124, 12585, 156, 6, 20, "Subsubsection", CellTags->"c:92"], Cell[568283, 12593, 362, 13, 42, "Text"], Cell[568648, 12608, 3572, 64, 406, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[572257, 12677, 215, 7, 28, "Subsubsection", CellTags->"c:93"], Cell[572475, 12686, 1220, 34, 159, "Text"], Cell[573698, 12722, 303, 6, 72, "Input"], Cell[574004, 12730, 68, 1, 22, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[574109, 12736, 102, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:94"], Cell[574214, 12740, 523, 17, 42, "Text"], Cell[574740, 12759, 5307, 110, 306, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[580084, 12874, 105, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:95"], Cell[580192, 12878, 1876, 65, 141, "Text"], Cell[582071, 12945, 3364, 65, 249, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[585472, 13015, 105, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:96"], Cell[585580, 13019, 1148, 36, 114, "Text"], Cell[586731, 13057, 3879, 79, 284, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[590647, 13141, 104, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:97"], Cell[590754, 13145, 439, 14, 42, "Text"], Cell[591196, 13161, 4734, 100, 334, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[595967, 13266, 97, 2, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:98"], Cell[596067, 13270, 1397, 41, 155, "Text"], Cell[597467, 13313, 6265, 133, 403, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[603769, 13451, 72, 1, 28, "Subsubsection", CellTags->"c:99"], Cell[603844, 13454, 1285, 40, 146, "Text"], Cell[605132, 13496, 3897, 81, 328, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[609066, 13582, 120, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:100"], Cell[609189, 13588, 664, 18, 62, "Text"], Cell[609856, 13608, 13416, 268, 905, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[623309, 13881, 120, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:101"], Cell[623432, 13887, 694, 17, 62, "Text"], Cell[624129, 13906, 17468, 339, 1013, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[641634, 14250, 121, 4, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:102"], Cell[641758, 14256, 698, 21, 59, "Text"], Cell[642459, 14279, 3330, 68, 278, "Input"] }, Open ]], Cell[CellGroupData[{ Cell[645826, 14352, 175, 7, 28, "Subsubsection", PageBreakAbove->True, CellTags->"c:103"], Cell[646004, 14361, 417, 13, 42, "Text"], Cell[646424, 14376, 14588, 280, 863, "Input"] }, Open ]] }, Open ]] }, Open ]] } ] *) (******************************************************************* End of Mathematica Notebook file. *******************************************************************)