Abstract:Given a supersingular elliptic curve, the supersingular endomorphism ring problem is to compute all of its endomorphisms. We use the correspondence between maximal orders in quaternion algebra $B_{p,\infty}$ and positive ternary quadratic forms with discriminant $p$ to solve the supersingular endomorphism ring problem. Let $c<3p/16$ be a prime or $c=1$. Let $E$ be a $\mathbb{Z}[\sqrt{-cp}]$-oriented supersingular elliptic curve defined over $\mathbb{F}_{p^2}$. There exists a subgroup $G$ of order $c$, and $\text{End}(E,G)$ is isomorphic to an Eichler order in $B_{p,\infty}$ of level $c$. If the endomorphism ring $\text{End}(E,G)$ is known, then we can compute $\text{End}(E)$ by solving two square roots in $\mathbb{F}_c$. In particular, let $D<p$ be a prime. If an imaginary quadratic order with discriminant $-D$ or $-4D$ can be embedded into $\text{End}(E)$, then we can compute $\text{End}(E)$ by solving one square root in $\mathbb{F}_D$ and two square roots in $\mathbb{F}_c$. As we know, isogenies between supersingular elliptic curves can be translated to kernel ideals of endomorphism rings. We study the action of these kernel ideals and express right orders of them by ternary quadratic forms.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is to calculate the endomorphism ring (Endomorphism Ring) of supersingular elliptic curves. Specifically, given a supersingular elliptic curve $E$, the problem of its endomorphism ring refers to calculating all possible endomorphisms. This problem is of great significance in isogeny - based cryptography, especially in constructing and analyzing cryptographic schemes. ### Main problem description: 1. **Endomorphism ring problem**: - Given a supersingular elliptic curve $E$, how to calculate all of its endomorphisms, that is, to solve for $\text{End}(E)$. 2. **Methodology**: - The author uses the correspondence between the maximal order in the quaternion algebra $B_{p,\infty}$ and positive ternary quadratic forms to solve the above problem. In particular, for supersingular elliptic curves $E$ that satisfy specific conditions, $\text{End}(E)$ can be determined by studying these ternary quadratic forms. 3. **Specific applications**: - The isogenies between supersingular elliptic curves are studied, and these isogenies are transformed into the kernel ideals of the endomorphism ring. In this way, the right order of these kernel ideals can be further expressed, and finally the endomorphism ring of the target elliptic curve can be calculated. 4. **Algorithm complexity**: - A polynomial - time - complexity algorithm is proposed to solve for square roots in a finite field, thereby effectively calculating the endomorphism ring. ### Key formulas and concepts: - **Quaternion algebra $B_{p,\infty}$**: This is the unique quaternion algebra that is ramified at $p$ and $\infty$. - **Maximal order**: The maximal order $O$ in $B_{p,\infty}$, whose discriminant is $p^{2}$. - **Ternary quadratic form**: A quadratic form of the form $Q(x,y,z)=ax^{2}+by^{2}+cz^{2}+uyz + vxz+wxy$. - **Binary quadratic form**: A quadratic form of the form $f(x,y)=ax^{2}+bxy + cy^{2}$. - **Endomorphism ring $\text{End}(E)$**: The ring composed of all endomorphisms on the supersingular elliptic curve $E$. ### Conclusion: By establishing an explicit correspondence between the maximal order in the quaternion algebra and the ternary quadratic form, the author provides an effective method to calculate the endomorphism ring of supersingular elliptic curves. This method not only theoretically solves the endomorphism ring problem, but also provides feasible algorithm support for practical applications, especially in the field of isogeny - based cryptography. ### References: - Deuring, M. (1941). Die Typen der Multiplikatorenringe elliptischer Funktionenkörper. - Brandt, J., & Sohn, S. (20XX). Explicit bijection between ternary quadratic forms and maximal orders in quaternion algebras. I hope the above summary can help you understand the main content of this paper and the problems it attempts to solve. If you have more questions or need more detailed explanations, please feel free to let me know.

Endomorphism Rings of Supersingular Elliptic Curves and Quadratic Forms

The Endomorphism Rings of Supersingular Elliptic Curves over $\mathbb{F}_p$ and the Binary Quadratic Forms

Endomorphism rings of supersingular elliptic curves over and binary quadratic forms

Endomorphism Rings of Supersingular Elliptic Curves over F P

Oriented Supersingular Elliptic Curves and Eichler Orders

The supersingular endomorphism ring problem given one endomorphism

Computing supersingular endomorphism rings using inseparable endomorphisms

The supersingular Endomorphism Ring and One Endomorphism problems are equivalent

Supersingular Curves With Small Non-integer Endomorphisms

Connecting Kani's Lemma and path-finding in the Bruhat-Tits tree to compute supersingular endomorphism rings

Supersingular elliptic curves, quaternion algebras and applications to cryptography

On the Mordell-Weil Ranks of supersingular abelian varieties over $\mathbb{Z}_p^2$-extensions

On the Zeta functions of supersingular isogeny graphs and modular curves

On fine Mordell-Weil groups over $\mathbb{Z}_p$-extensions of an imaginary quadratic field

Super Congruences and Elliptic Curves over $\bbb F_p$

Quadratic forms, $K$-groups and $L$-values of elliptic curves

The maximal abelian extension contained in a division field of an elliptic curve over $\mathbb{Q}$ with complex multiplication

Distribution of supersingular primes for abelian surfaces

Modulo $\ell$ distinction problems

On some mod $p$ representations of quaternion algebra over $\mathbb{Q}_p$

Imaginary quadratic fields $F$ with $X_0(15)(F)$ finite