pole & zero

https://crypto.stanford.edu/pbc/notes/elliptic/divisor.html

 

Zeroes and Poles

Let $\mathrm{P=(a,b)P=(a,b) be\; a\; point,\; not\; of\; order\; 2.\; Consider\; the rational\; function g(X,Y)=(X-a)kg(X,Y)=(X-a)k for\; some k>0k>0.\; Then\; note g(P)=0g(P)=0.\; We\; say gg has\; a\; zero\; at PP of\; multiplicity kk.\; On\; the\; other\; hand,\; if g(X,Y)=1/(X-a)kg(X,Y)=1/(X-a)k for\; some k>0k>0,\; we\; say gg has\; a\; pole\; at PP of\; multiplicity kk.}$

We can generalize this to all functions, so for example, if a function can be written in the form $(X-a)kh(X,Y)(X-a)kh(X,Y) where h(a,b)\ne 0,\infty h(a,b)\ne 0,\infty ,\; then\; we\; have\; a\; zero\; of\; order kk if k>0k>0,\; or\; a\; pole\; of\; order -k-k if k>0k>0.$

Given an arbitrary function $\mathrm{g(X,Y)g(X,Y),\; it\; may\; not\; be\; immediately\; obvious\; where\; the\; zeroes\; and\; poles\; are.\; Fortunately,\; there\; exists\; an\; efficient\; algorithm\; to\; put\; any\; given gg into\; the\; form (X-a)kh(X-a)kh with h(P)\ne 0,\infty h(P)\ne 0,\infty ,\; provided PP is\; not\; a\; point\; of\; order\; 2.}$

It turns out this definition can be extended to points of order 2, and also the point $\mathrm{OO (when\; we\; homogenize\; the\; functions\; and\; work\; over\; the\; projective\; plane).\; Moreover,\; every\; rational\; function\; has\; as\; many\; zeroes\; as\; poles\; counting\; multiplicities,\; because\; of\; the\; way\; we\; extend\; the\; definition\; to\; the\; point\; at\; infinity.}$

TODO: link to page with proofs

Divisors

Divisors are a device for keeping track of poles and zeroes. For example, suppose a function $\mathrm{gg has\; a\; zero\; at\; a\; point PP of\; order\; 3,\; and\; a\; pole\; at\; another\; point QQ of\; order\; 2,\; and\; a\; pole\; at OO of\; order\; 1.\; (Note\; the\; number\; of\; zeroes\; and\; poles\; are\; equal,\; as\; they\; must\; be.)\; Then\; using\; divisors,\; we\; can\; say\; all\; this\; concisely\; as\; follows:}$

$$\mathrm{divg=⟨g⟩=3⟨P⟩-2⟨Q⟩-⟨O⟩divg=⟨g⟩=3⟨P⟩-2⟨Q⟩-⟨O⟩}$$

We define these concepts more precisely.

The group of divisors is the free abelian group generated by the points of $\mathrm{EE and\; is\; denoted Div(E)Div(E).\; (The\; angle\; brackets\; are\; present\; to\; avoid\; confusion\; between\; points\; of EE and\; elements\; of Div(E)Div(E),\; that\; is,\; to\; make\; it\; clear\; we\; are\; talking\; about\; zeroes\; and\; poles\; at\; points,\; not\; the\; points\; themselves.)}$

Let $\mathrm{\Delta =\sum P\in EmP⟨P⟩\Delta =\sum P\in EmP⟨P⟩ be\; a\; divisor.\; Then\; define\; its\; degree\; by deg\Delta =\sum P\in EmPdeg\Delta =\sum P\in EmP.}$

The subgroup of $\mathrm{Div(E)Div(E) consisting\; of\; all\; divisors\; of\; degree\; zero\; is\; denoted Div0(E)Div0(E).}$

Let $\mathrm{gg be\; a\; nonzero\; rational\; function.\; Then}$

$$\mathrm{divg=⟨g⟩=\sum P\in EordP(g)⟨P⟩divg=⟨g⟩=\sum P\in EordP(g)⟨P⟩}$$

where ${\mathrm{ordP(g)ordP(g) is\; the\; number\; of\; zeroes\; or\; poles\; at PP (and\; is\; negative\; if\; it\; represents\; the\; number\; of\; poles).\; Such\; a\; divisor\; is\; called\; principal,\; that\; is,\; a\; divisor\; is\; a\; principal\; divisor\; if\; it\; represents\; the\; zeroes\; and\; poles\; of\; some\; rational\; function.\; The\; group\; of\; principal\; divisors\; is\; denoted Prin(E)Prin(E).}}^{}$

Since every rational function has as many zeroes as poles, we see that $\mathrm{Prin(E)Prin(E) is\; a\; subgroup\; of Div0(E)Div0(E).}$

Example

Suppose $\mathrm{P=(a,b)P=(a,b) is\; a\; (finite)\; point.\; Let g(X,Y)=X-ag(X,Y)=X-a.\; Then\; we\; have}$

$$⟨g⟩=⟨P⟩+⟨-P⟩-2⟨O⟩⟨g⟩=⟨P⟩+⟨-P⟩-2⟨O⟩$$

(When $\mathrm{PP has\; order\; 2,\; then P=-PP=-P so\; this\; could\; be\; written\; as ⟨g⟩=2⟨P⟩-2⟨O⟩⟨g⟩=2⟨P⟩-2⟨O⟩.)}$

Consider a line $\mathrm{g=Y-(mX+b)g=Y-(mX+b) that\; is\; not\; vertical.\; It\; intersects\; the\; curve\; at\; three\; finite\; points P,Q,RP,Q,R.\; Then}$

$$⟨g⟩=⟨P⟩+⟨Q⟩+⟨R⟩-3⟨O⟩⟨g⟩=⟨P⟩+⟨Q⟩+⟨R⟩-3⟨O⟩$$

Equivalent Divisors

An equivalence relation can be defined on the group of divisors as follows. We say that two divisors ${\mathrm{D1,D2D1,D2 are\; linearly\; equivalent\; (written\; as D1 D2D1 D2)\; if D1-D2\in Prin(E)D1-D2\in Prin(E).}}^{}$

In other words, there exists a rational function whose zeroes and poles are exactly the difference between the ${\mathrm{D1D1 and D2D2.}}^{}$

Pushing zeroes and poles to infinity

Theorem: Let $\mathrm{D\in Div(E)D\in Div(E).\; Then\; there\; exists\; a\; unique\; point P\in EP\in E such\; that}$

$$\mathrm{D ⟨P⟩+(degD-1)⟨O⟩D ⟨P⟩+(degD-1)⟨O⟩}$$

Proof: (Existence:) We find lines with zeroes and poles in the right places to add and subtract from $\mathrm{DD.}$

Let $\mathrm{D=\sum P\in EmP⟨P⟩D=\sum P\in EmP⟨P⟩.\; For\; this\; proof,\; define\; the\; norm\; of\; the\; divisor DD to\; be}$

$$|D|=\sum P\in E\setminus \{O\}|mP||D|=\sum P\in E\setminus \{O\}|mP|$$

If $|D|=1|D|=1 then\; we\; are\; done\; as\; it\; is\; already\; in\; the\; desire\; form.\; Otherwise\; we\; show\; how\; to\; replace DD by\; another\; divisor\; with\; a\; smaller\; norm.\; There\; are\; several\; stages\; to\; the\; algorithm.\; Firstly:$

• If there are two points $\mathrm{P,QP,Q with mP,mQ>0mP,mQ>0,\; subtract\; the\; divisor\; of\; the\; line ll through PP and QQ.\; Then mP,mQmP,mQ are\; both\; reduced\; by\; one.If P\ne -QP\ne -Q then\; the\; line ll also\; intersects EE at\; a\; third\; finite\; point RR,\; and\; in\; this\; case mRmR is\; increased\; by\; one.Either\; way,\; the\; norm\; is\; reduced\; by\; at\; least\; one.}$

• If there are two points $\mathrm{P,QP,Q with mP,mQ<0mP,mQ<0,\; then\; add\; the\; line ll through PP and QQ,\; and\; as\; above,\; the\; norm\; is\; reduced\; by\; at\; least\; one.}$

By repeating the above, eventually we will have reduced $\mathrm{DD to\; the\; form m⟨P⟩-n⟨Q⟩+o⟨O⟩m⟨P⟩-n⟨Q⟩+o⟨O⟩.\; Then:}$

• If $\mathrm{m\ge 2m\ge 2 then\; subtract\; the\; divisor\; of\; the\; tangent\; line\; at PP,\; which\; reduces mm by\; 2\; but\; also\; increases mRmR for\; some\; point RR.\; This\; reduces\; the\; norm\; by\; at\; least\; one.\; If n\ge 2n\ge 2 then\; a\; similar\; procedure\; is\; performed\; on QQ;\; we\; add\; the\; divisor\; of\; the\; tangent\; line\; at QQ.}$

• If $\mathrm{m=n=1m=n=1 then\; we\; first\; add\; the\; line\; through QQ and -Q-Q,\; which\; zeroes mQmQ,\; but\; increases m-Qm-Q.\; We\; are\; then\; left\; with\; the\; first\; case\; described\; in\; the\; previous\; stage,\; so\; we\; subtract\; the\; line\; through PP and -Q-Q.}$

Hence eventually we find a divisor ${\mathrm{D\prime DD\prime D with |D\prime |\le 1|D\prime |\le 1.\; If D\prime D\prime is\; still\; not\; in\; the\; desired\; form:}}^{}$

• If $|D\prime |=0|D\prime |=0 then\; write D\prime =⟨O⟩+(degD-1)⟨O⟩)D\prime =⟨O⟩+(degD-1)⟨O⟩).$

• If ${\mathrm{D\prime =-⟨P⟩+(degD+1)⟨O⟩)D\prime =-⟨P⟩+(degD+1)⟨O⟩),\; then\; we\; add\; the\; divisor\; of\; the\; line\; through PP and -P-P to\; get ⟨-P⟩+(degD-1)⟨O⟩⟨-P⟩+(degD-1)⟨O⟩.}}^{}$

(Uniqueness:) suppose $\mathrm{D ⟨P⟩-o⟨O⟩ ⟨Q⟩-o⟨O⟩D ⟨P⟩-o⟨O⟩ ⟨Q⟩-o⟨O⟩.}$

This implies $⟨P⟩-⟨Q⟩⟨P⟩-⟨Q⟩ is\; principal,\; which\; is\; a\; contradiction\; unless P=QP=Q (for\; it\; would\; imply\; there\; exists\; a\; rational\; function\; with\; only\; one\; finite\; pole\; and\; only\; one\; finite\; zero).$

The procedure used in the proof shows how to build a rational function corresponding to any given principal divisor. In brief: we start with the constant function 1 and the zero divisor and add/subtract divisors of lines to get to the target principal divisor. Every time we add the divisor of a line, we multiply our function by the equation of that line, and similarly, every time we subtract a divisor of a line, we divide the function by the equation of that line.

We shall see later how this is used in the computation of certain bilinear maps.

The sum map

Define the map $\mathrm{sum:Div(E)\to Esum:Div(E)\to E by}$

$$\mathrm{sum(\sum mP⟨P⟩)=\sum mPPsum(\sum mP⟨P⟩)=\sum mPP}$$

In other words, we treat the poles and zeroes as points on the elliptic curve and add and subtract them together according to their multiplicities.

Fact: Let $\mathrm{D=\sum mP⟨P⟩D=\sum mP⟨P⟩ be\; a\; divisor.\; Then DD is\; principal\; if\; and\; only\; if deg(D)=\sum mP=0deg(D)=\sum mP=0 and sum(D)=\sum mPP=Osum(D)=\sum mPP=O.}$

The result about the degree of $\mathrm{DD follows\; from\; the\; fact\; that\; rational\; functions\; have\; equal\; numbers\; of\; poles\; and\; zeroes.}$

The other result in the above fact is not hard to see: from the above proof, we can build a rational function with a given principal divisor by multiplying several equations of lines together. Each line $\mathrm{ll goes\; through\; two\; or\; three\; finite\; points.\; If ll goes\; through\; two\; finite\; points,\; then\; one\; is\; the\; inverse\; of\; the\; other.\; If ll goes\; through\; three\; finite\; points,\; from\; the\; chord-tangent\; composition\; law,\; we\; have\; that\; the\; third\; point\; is\; exactly\; the\; inverse\; of\; the\; sum\; of\; the\; other\; two.\; Either\; way, sum(l)=0sum(l)=0.}$

The converse is similar. Starting with a divisor $\mathrm{DD with sum(D)=Osum(D)=O,\; we\; build\; a\; rational\; function\; by\; multiplying\; lines\; together\; while\; reducing\; the\; norm\; of DD.\; Eventually, DD is\; reduced\; to\; the\; zero\; divisor\; (it\; cannot\; be\; anything\; else,\; otherwise sum(D)\ne 0sum(D)\ne 0),\; and\; the\; rational\; function\; we\; have\; constructed\; has\; divisor DD,\; showing\; that DD is\; principal.}$