Share this page!

Gro-Tsen Profile picture
Twitter logo
4 Mar, 12 tweets, 3 min read
This thread attempts to answer the question “why do we use elliptic curves in cryptography (for things like discrete logarithms)” and I think makes a very good job at explaining it, but there is one point which is a bit glossed over. •1/12
Basically what we want is a group C which is “cyclic but not trivially cyclic”, i.e., that there be an isomorphism ℤ/ℓℤ → C, easily computable (given a choice of generator of C) as well as the group operation in C, but that the reverse isomorphism be hard. •2/12
This is a bizarre quest, because in mathematics we aren't used to distinguishing isomorphic objects, even less the existence of an isomorphism in one direction from that in the other! (Of course here both exist, but one is “easy” and the other is “hard”.) •3/12
Note that the easiness of computing ℤ/ℓℤ → C follows from the easiness of computing in C (by fast exponentiation), though there is maybe the issue of computing the order ℓ itself (for elliptic curves this isn't a problem, but there's room for further discussion here). •4/12
Also, this is because ℤ/ℓℤ has some extra structure besides addition, namely, multiplication. So essentially we're looking for a cyclic group without that extra structure, because it would make computing the reverse map C → ℤ/ℓℤ easy in exactly the same way. •5/12
But anyway, elliptic curves (over finite fields) give us this sort of group C. The big question is why specifically elliptic curves? Sophie gives a very convincing explanation if we assume that C comes from algebraic geometry, … •6/12
… but I think this doesn't do justice to the question “why polynomials? why algebraic geometry?”. And, to be fair, I don't think anyone really has an answer to this question! I see it as a mystery. •7/12
I mean, groups (arising as symmetries (automorphisms) of various structures) abound nearly everywhere in mathematics, and cyclic groups are the simplest of them. So we might expect to have lots of examples of “cyclic but not trivially cyclic” groups. •8/12
Galois groups? Class groups? Drinfel'd modules? Subgroups generated by elements of large orders in linear algebraic groups? Cohomology? Even if we don't look too far away, apparent candidates abound. Yet all seem to fail for various reasons. •9/12
I get the point that polynomials (hence algebraic groups) are something natural to look at because it's easy to add and multiply numbers, but there are all sorts of other computational structures in mathematics which “might have” provided cyclic groups to work with. •10/12
This is all the more mysterious in that we aren't looking for a complicated structure with a lot of conditions: on the contrary, we are looking for an absence of complicated structure: just a cyclic group in “pure” form, that we can compute in. •11/12
I really don't have an answer to why we end up with such a dearth of “cyclic but not trivially cyclic”, and I don't think anyone has a good answer. I see it as a rather profound mystery. Is it our ignorance or is there a deeper reason? [See also: ‌] •12/12

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Gro-Tsen

Gro-Tsen Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @gro_tsen

Gro-Tsen Profile picture
5 Mar
Some more numerical examples illustrating various possible outcomes of an epidemic with two viral variants — and, ultimately, how impossible to predict these things are. Let me explain what these graphs show. ⤵️ •1/20
Both images illustrate the behavior of an epidemic with two different pathogen forms: one starting with basic reproduction number 1.0 (the “ancestral form”), another starting with basic reproduction number 1.4 (the “variant”). Infection by either induces immunity to both. •2/20
In each scenario we start with the same initial conditions: 0.75% of the population is infected, and ✳︎of✳︎ those, 1% are by the variant, the rest by the ancestral strain. •3/20
Read 20 tweets
Gro-Tsen Profile picture
5 Mar
Pourquoi est-ce si difficile même pour des gens éduqués de comprendre la morale de l'histoire du garçon qui criait au loup?
Ma réponse de fond à ce fil est ici: — à quoi il faudrait sans doute ajouter la remarque importante qu'il est faux de considérer les variants comme des épidémies indépendantes dès lors que les formes du virus causent une forte immunité croisée entre elles.
Mais à la limite ce n'est pas le propos. Peut-être que dans qqs semaines les variants vont causer une explosion des cas: je ne prétends pas le contraire. D'ailleurs, dans la fable du garçon qui criait au loup, IL Y A un loup à la fin! Ça n'empêche que le garçon avait tort.
Read 4 tweets
Gro-Tsen Profile picture
4 Mar
Hi @jenniferdaniel! I enjoyed your @unicode talk “Race is Not a Skin Tone, Gender is Not a Haircut”, and I have a question: could you tell me something about the decision not to allow skin tone modifiers on smiley emojis like U+1F928 FACE WITH ONE EYEBROW RAISED? Specifically: …
‣ Am I correct in understanding that the choice of which emoji are or are not skin-tone-able is basically just down to the ones which Apple made explicitly Caucasian in their original set? (as opposed to some more carefully considered choice, that is).
‣ Has the success of the skin tone modifiers on emoji like hand gestures (which I feel convey the same kind of feelings / intention as smileys) led to debates, among vendors or inside Unicode, about reconsidering smiley + skin tone combinations?
Read 5 tweets
Gro-Tsen Profile picture
2 Mar
Ce n'est pas la première fois que je vois passer des affirmations du genre «Macron ignore le conseil scientifique et c'est pour ça qu'il n'y a pas de nouveau confinement / zéro-covid», mais y a-t-il eu des recommandations du c.s. dans ce sens?
L'avis du conseil scientifique du 2021-02-12, solidarites-sante.gouv.fr/IMG/pdf/avis_c… (le dernier à ce jour) ne fait aucune référence au confinement, encore moins au zéro-covid. Il est dit explicitement (page 13) qu'il n'y a pas unanimité du c.s. (moi je devine «grosses engueulades»).
Les avis précédents évoquent les confinements (sans jamais vraiment les recommander explicitement, mais ils sont présentés comme efficaces pour contenir la situation) mais certainement pas le zéro-covid.
Read 5 tweets
Gro-Tsen Profile picture
1 Mar
La séance précédente j'ai parlé de jeux en forme normale et je crois que j'ai été assez mauvais (confus), par contre, cette semaine j'espère m'en être mieux tiré sur les jeux de Gale-Stewart.
Un jeu de Gale-Stewart est défini par un ensemble X≠∅ et une partie A⊆X^ℕ: Alice choisit x₀∈X (sans contrainte) puis Bob choisit x₁ (idem) puis Alice choisit x₂, etc., et au bout d'un nombre infini de coups, si la suite formée appartient à A alors Alice gagne, sinon Bob.
La question est: un des joueurs a-t-il forcément une stratégie gagnante? En général la réponse est négative, mais si on fait l'hypothèse que A est ouvert ou bien fermé («détermination ouverte») elle l'est, ou même si A est borélien («détermination borélienne»).
Read 7 tweets
Gro-Tsen Profile picture
12 Feb
OK, I may be guilty of a DoS attack attempt on mathematicians' brains here, so lest anyone waste too much precious brain time decoding this deliberately cryptic statement, let me do it for you. •1/15
First, as some asked, it is to be parenthesized as: “∀x.∀y.((∀z.((z∈x) ⇒ (((∀t.((t∈x) ⇒ ((t∈z) ⇒ (t∈y))))) ⇒ (z∈y)))) ⇒ (∀z.((z∈x) ⇒ (z∈y))))” (the convention is that ‘⇒’ is right-associative: “P⇒Q⇒R” means “P⇒(Q⇒R)”), but this doesn't clarify much. •2/15
Maybe we can make it a tad less abstruse by using guarded quantifiers (“∀u∈x.(…)” stands for “∀u.((u∈x)⇒(…))”): it is then “∀x.∀y.((∀z∈x.(((∀t∈x.((t∈z) ⇒ (t∈y)))) ⇒ (z∈y))) ⇒ (∀z∈x.(z∈y)))”. •3/15
Read 15 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @gro_tsen has new unrolls!

Check out other threads from @gro_tsen!

Read all threads by @gro_tsen