## Section: Research Program

### Complex multiplication

Participants : Jared Guissmo Asuncion, Karim Belabas, Henri Cohen, Jean-Marc Couveignes, Andreas Enge, Fredrik Johansson, Chloe Martindale, Damien Robert.

Complex multiplication provides a link between number fields and
algebraic curves; for a concise introduction in the elliptic curve case,
see [38], for more background material,
[37]. In fact, for most curves $\mathcal{C}$ over a
finite field, the endomorphism ring of ${Jac}_{\mathcal{C}}$, which determines
its $L$-function and thus its cardinality, is an order in a special
kind of number field $K$, called *CM field*. The CM field
of an elliptic curve is an imaginary-quadratic field $\mathbb{Q}\left(\sqrt{D}\right)$
with $D<0$, that of a hyperelliptic curve of genus $g$ is an
imaginary-quadratic extension of a totally real number field of
degree $g$. Deuring's lifting theorem ensures that $\mathcal{C}$ is the reduction
modulo some prime of a curve with the same endomorphism ring, but defined
over the *Hilbert class field* ${H}_{K}$ of $K$.

Algebraically, ${H}_{K}$ is defined as the maximal unramified abelian
extension of $K$; the Galois group of ${H}_{K}/K$ is then precisely the
class group ${Cl}_{K}$. A number field extension $H/K$ is called
*Galois* if $H\simeq K\left[X\right]/\left(f\right)$ and $H$ contains all
complex roots of $f$. For instance, $\mathbb{Q}\left(\sqrt{2}\right)$
is Galois since it contains not only $\sqrt{2}$, but also the second
root $-\sqrt{2}$ of ${X}^{2}-2$, whereas $\mathbb{Q}\left(\sqrt[3]{2}\right)$ is not
Galois, since it does not contain the root ${e}^{2\pi i/3}\sqrt[3]{2}$
of ${X}^{3}-2$. The *Galois group* ${Gal}_{H/K}$ is the group of
automorphisms of $H$ that fix $K$; it permutes the roots of $f$. Finally,
an *abelian* extension is a Galois extension with abelian Galois
group.

Analytically, in the elliptic case ${H}_{K}$ may be obtained by adjoining to
$K$ the *singular value* $j\left(\tau \right)$ for a complex valued, so-called
*modular* function $j$ in some $\tau \in {\mathcal{O}}_{K}$; the correspondence
between ${Gal}_{H/K}$ and ${Cl}_{K}$ allows to obtain the different roots
of the minimal polynomial $f$ of $j\left(\tau \right)$ and finally $f$ itself.
A similar, more involved construction can be used for hyperelliptic curves.
This direct application of complex multiplication yields algebraic
curves whose $L$-functions are known beforehand; in particular, it is
the only possible way of obtaining ordinary curves for pairing-based
cryptosystems.

The same theory can be used to develop algorithms that, given an arbitrary curve over a finite field, compute its $L$-function.

A generalisation is provided by *ray class fields*; these are
still abelian, but allow for some well-controlled ramification. The tools
for explicitly constructing such class fields are similar to those used
for Hilbert class fields.