Overall Objectives
New Software and Platforms
Partnerships and Cooperations
Bibliography
 PDF e-Pub

## Section: Research Program

### Complex multiplication

Participants : Jared Guissmo Asuncion, Karim Belabas, Henri Cohen, Jean-Marc Couveignes, Andreas Enge, Fredrik Johansson, Chloe Martindale, Damien Robert.

Complex multiplication provides a link between number fields and algebraic curves; for a concise introduction in the elliptic curve case, see [38], for more background material, [37]. In fact, for most curves $𝒞$ over a finite field, the endomorphism ring of ${Jac}_{𝒞}$, which determines its $L$-function and thus its cardinality, is an order in a special kind of number field $K$, called CM field. The CM field of an elliptic curve is an imaginary-quadratic field $ℚ\left(\sqrt{D}\right)$ with $D<0$, that of a hyperelliptic curve of genus $g$ is an imaginary-quadratic extension of a totally real number field of degree $g$. Deuring's lifting theorem ensures that $𝒞$ is the reduction modulo some prime of a curve with the same endomorphism ring, but defined over the Hilbert class field ${H}_{K}$ of $K$.

Algebraically, ${H}_{K}$ is defined as the maximal unramified abelian extension of $K$; the Galois group of ${H}_{K}/K$ is then precisely the class group ${Cl}_{K}$. A number field extension $H/K$ is called Galois if $H\simeq K\left[X\right]/\left(f\right)$ and $H$ contains all complex roots of $f$. For instance, $ℚ\left(\sqrt{2}\right)$ is Galois since it contains not only $\sqrt{2}$, but also the second root $-\sqrt{2}$ of ${X}^{2}-2$, whereas $ℚ\left(\sqrt[3]{2}\right)$ is not Galois, since it does not contain the root ${e}^{2\pi i/3}\sqrt[3]{2}$ of ${X}^{3}-2$. The Galois group ${Gal}_{H/K}$ is the group of automorphisms of $H$ that fix $K$; it permutes the roots of $f$. Finally, an abelian extension is a Galois extension with abelian Galois group.

Analytically, in the elliptic case ${H}_{K}$ may be obtained by adjoining to $K$ the singular value $j\left(\tau \right)$ for a complex valued, so-called modular function $j$ in some $\tau \in {𝒪}_{K}$; the correspondence between ${Gal}_{H/K}$ and ${Cl}_{K}$ allows to obtain the different roots of the minimal polynomial $f$ of $j\left(\tau \right)$ and finally $f$ itself. A similar, more involved construction can be used for hyperelliptic curves. This direct application of complex multiplication yields algebraic curves whose $L$-functions are known beforehand; in particular, it is the only possible way of obtaining ordinary curves for pairing-based cryptosystems.

The same theory can be used to develop algorithms that, given an arbitrary curve over a finite field, compute its $L$-function.

A generalisation is provided by ray class fields; these are still abelian, but allow for some well-controlled ramification. The tools for explicitly constructing such class fields are similar to those used for Hilbert class fields.