Grade 11/12 Math Circles Rational Points on an Elliptic Curves Dr. Carmen Bruni November 11, Lest We Forget

Similar documents
Grade 11/12 Math Circles Elliptic Curves Dr. Carmen Bruni November 4, 2015

Grade 11/12 Math Circles Congruent Number Problem Dr. Carmen Bruni October 28, 2015

Elliptic Curves. Dr. Carmen Bruni. November 4th, University of Waterloo

Modular Arithmetic Instructor: Marizza Bailey Name:


CONGRUENT NUMBERS AND ELLIPTIC CURVES

Table of Contents. 2013, Pearson Education, Inc.

Discrete Mathematics and Probability Theory Fall 2013 Vazirani Note 3

Q 2.0.2: If it s 5:30pm now, what time will it be in 4753 hours? Q 2.0.3: Today is Wednesday. What day of the week will it be in one year from today?

Cool Results on Primes

Some Highlights along a Path to Elliptic Curves

A-2. Polynomials and Factoring. Section A-2 1

MATH 115, SUMMER 2012 LECTURE 4 THURSDAY, JUNE 21ST

PYTHAGOREAN TRIPLES KEITH CONRAD

The next sequence of lectures in on the topic of Arithmetic Algorithms. We shall build up to an understanding of the RSA public-key cryptosystem.

ARITHMETIC PROGRESSIONS OF THREE SQUARES

Proofs. 29th January 2014

Pythagoras = $1 million problem. Ken Ono Emory University

THE CONGRUENT NUMBER PROBLEM

Math101, Sections 2 and 3, Spring 2008 Review Sheet for Exam #2:

Congruent Number Problem and Elliptic curves

that if a b (mod m) and c d (mod m), then ac bd (mod m) soyou aren't allowed to use this fact!) A5. (a) Show that a perfect square must leave a remain

Notes: Pythagorean Triples

Math 109 HW 9 Solutions

Math Lecture 18 Notes

2. Two binary operations (addition, denoted + and multiplication, denoted

Math Review. for the Quantitative Reasoning measure of the GRE General Test

Solutions to Assignment 1

, p 1 < p 2 < < p l primes.

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

Math 101 Study Session Spring 2016 Test 4 Chapter 10, Chapter 11 Chapter 12 Section 1, and Chapter 12 Section 2

Intermediate Math Circles February 26, 2014 Diophantine Equations I

Study Guide for Math 095

HMMT February 2018 February 10, 2018

Math 101 Review of SOME Topics

Discrete Mathematics and Probability Theory Summer 2014 James Cook Note 5

ARITHMETIC PROGRESSIONS OF THREE SQUARES

PELL S EQUATION, II KEITH CONRAD

Section September 6, If n = 3, 4, 5,..., the polynomial is called a cubic, quartic, quintic, etc.

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

x = x y and y = x + y.

CHMC: Finite Fields 9/23/17

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Math Theory of Number Homework 1

Rational Expressions & Equations

Chapter P. Prerequisites. Slide P- 1. Copyright 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

1 Introduction. 2 Solving Linear Equations

2005 Pascal Contest (Grade 9)

FACULTY FEATURE ARTICLE 6 The Congruent Number Problem

Clock Arithmetic and Euclid s Algorithm

MATH 115, SUMMER 2012 LECTURE 12

Section 2.4: Add and Subtract Rational Expressions

MATH CSE20 Homework 5 Due Monday November 4

SECTION 7.4: PARTIAL FRACTIONS. These Examples deal with rational expressions in x, but the methods here extend to rational expressions in y, t, etc.

Solutions to Problem Set 4 - Fall 2008 Due Tuesday, Oct. 7 at 1:00

8 Elliptic Curve Cryptography

Proof 1: Using only ch. 6 results. Since gcd(a, b) = 1, we have

Summer Mathematics Packet Say Hello to Algebra 2. For Students Entering Algebra 2

5.1 Simplifying Rational Expressions

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

1 Quadratic Functions

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

Polynomials; Add/Subtract

Chapter 1 Review of Equations and Inequalities

Chapter 5. Number Theory. 5.1 Base b representations

Winter Camp 2009 Number Theory Tips and Tricks

Rational Points on Conics, and Local-Global Relations in Number Theory

Expanding brackets and factorising

Part V. Chapter 19. Congruence of integers

x 9 or x > 10 Name: Class: Date: 1 How many natural numbers are between 1.5 and 4.5 on the number line?

GRE Quantitative Reasoning Practice Questions

MATH 2112/CSCI 2112, Discrete Structures I Winter 2007 Toby Kenney Homework Sheet 5 Hints & Model Solutions

2005 Cayley Contest. Solutions

Clock Arithmetic. 1. If it is 9 o clock and you get out of school in 4 hours, when do you get out of school?

1. (a) q = 4, r = 1. (b) q = 0, r = 0. (c) q = 5, r = (a) q = 9, r = 3. (b) q = 15, r = 17. (c) q = 117, r = 11.

Partial Fractions. Combining fractions over a common denominator is a familiar operation from algebra: 2 x 3 + 3

Math 110 HW 3 solutions

M381 Number Theory 2004 Page 1

Coach Stones Expanded Standard Pre-Calculus Algorithm Packet Page 1 Section: P.1 Algebraic Expressions, Mathematical Models and Real Numbers

Quadratic Equations Part I

Tomáš Madaras Congruence classes

PUTNAM TRAINING NUMBER THEORY. Exercises 1. Show that the sum of two consecutive primes is never twice a prime.

No Solution Equations Let s look at the following equation: 2 +3=2 +7

1 Rational Exponents and Radicals

Discrete Mathematics and Probability Theory Fall 2018 Alistair Sinclair and Yun Song Note 6

Exercise Sheet 3 - Solutions

There are two main properties that we use when solving linear equations. Property #1: Additive Property of Equality

Algebra Review. Finding Zeros (Roots) of Quadratics, Cubics, and Quartics. Kasten, Algebra 2. Algebra Review

MA094 Part 2 - Beginning Algebra Summary

LESSON 8.1 RATIONAL EXPRESSIONS I

Fermat s Last Theorem for Regular Primes

The Euclidean Algorithm and Multiplicative Inverses

SUMMER REVIEW PACKET. Name:

ELLIPTIC CURVES BJORN POONEN

1 Introduction. 2 Solving Linear Equations. Charlotte Teacher Institute, Modular Arithmetic

Grade 6 Math Circles November 1 st /2 nd. Egyptian Mathematics

Grade 7/8 Math Circles November 21/22/23, The Scale of Numbers

A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties:

Unit 2-1: Factoring and Solving Quadratics. 0. I can add, subtract and multiply polynomial expressions

Pre Calculus with Mrs. Bluell

Transcription:

Faculty of Mathematics Waterloo, Ontario N2L 3G1 Centre for Education in Mathematics and Computing Grade 11/12 Math Circles Rational Points on an Elliptic Curves Dr. Carmen Bruni November 11, 2015 - Lest We Forget Revisit the Congruent Number Problem Congruent Number Problem Determine which positive integers N can be expressed as the area of a right angled triangle with side lengths all rational. For example 6 is a congruent number since it is the area of the 3 4 5 right triangle. Enter Elliptic Curves The associated equations with the congruent number problem, namely x 2 + y 2 = z 2 xy = 2N can be converted to an elliptic curve of the form Y 2 = X 3 N 2 X. We also saw that we can reduce our problem to considering only squarefree numbers N. Going Backwards The belief now is that solving problems related to elliptic curves might be easier than the originally stated problem. The question now that occurs is can we go from an elliptic curve of the form to a rational right triangle with area N? Key Theorems y 2 = x 3 N 2 x Theorem 1. Let (x, y) be a point with rational coordinates on the elliptic curve y 2 = x 3 N 2 x where N is a positive squarefree integer. Suppose that x satisfies three conditions: 1. x is the square of a rational number 2. x has an even denominator 1

3. x has a numerator that shares no common factor with N Then there exists a right angle triangle with rational sides and area N, that is, N is congruent. Theorem 2. A number N is congruent if and only if the elliptic curve y 2 = x 3 N 2 x has a rational point P = (x, y) distinct from (0, 0) and (±N, 0). Thus, determining congruent numbers can be reduced to finding rational points on elliptic curves! Proof of Theorem 1 Let (x, y) be a point with rational coordinates on the elliptic curve y 2 = x 3 N 2 x where N is a positive squarefree integer where x is a rational square, has even denominator (in lowest terms) and has a numerator that shares no common factor with N. Our goal is to trace backwards the proof from last week. Let u = x which is given to be rational. Set v = y u giving v 2 = y2 u = x3 N 2 x 2 x = x 2 N 2. Let d be the smallest integer such that du Z (namely the denominator of u in lowest terms). Note that d is even by assumption and that d 4 is the denominator for u 2 = x. Since v 2 = x 2 N 2 and N 2 is an integer, then d 4 is also the denominator of v 2. Multiplying everything by d 4 gives (d 2 v) 2 = (d 2 x) 2 (d 2 N) 2. Since (d 2 v) 2 = (d 2 x) 2 (d 2 N) 2, the triple (d 2 v, d 2 x, d 2 N) forms a Pythagorean triple. Since the numerator of x shares no common factor with N, we have that this is a primitive triple and thus, by problem set 1, there exist integers a and b of opposite parity such that d 2 N = 2ab d 2 v = a 2 b 2 d 2 x = a 2 + b 2 Create the triangle with sides 2a/d, 2b/d and 2u. This satisfies the Pythagorean Theorem since (2a/d) 2 + (2b/d) 2 = 4a 2 /d 2 + 4b 2 /d 2 = 4/d 2 (a 2 + b 2 ) = 4/d 2 (d 2 x) = 4x = (2u) 2 and it has area N since A = 1 2 2a d 2b d = 2ab d 2 = N. Summary of Theorem 1 From the triple, d 2 N = 2ab d 2 v = a 2 b 2 d 2 x = a 2 + b 2, we can add and subtract twice the first to the last equation to get d 2 (x + N) = a 2 + 2ab + b 2 = (a + b) 2 d 2 (x N) = a 2 2ab + b 2 = (a b) 2 2

Taking square roots yields d x + N = a + b d x N = a b (where above we ve assumed that 0 < b < a). Adding and subtracting and dividing by 2. gives expressions for a and b, namely a = d/2( x + N + x N) b = d/2( x + N x N) Example of Theorem 1 Let s find the triangle for N = 7. On the elliptic curve y 2 = x 3 7 2 x, we close our eyes and pray we can find a triple that consists of integers. After some trying we see that (x, y) = (25, 120) gives a solution. Adding the point to itself gives 2P = (x 2P, y 2P ) where (using the formulas from last time) m = 3x2 7 2 = 913 ( ) 913 b = 120 25 = 1685 2y 120 120 24 x 2P = m 2 2x = 113569 ( ) 2 337 14400 = 120 y 2P = mx 2P + b = 17631503 1728000 Hence 2P = (113569/14400, 17631503/1728000). Now, d is the denominator of x 2P = 337/120 and so d = 120. Finding the a and b values gives... and This gives the triangle a = d/2( x + N + x N) = 120/2( 113569/14400 + 7 + 113569/14400, 7) = 288 b = d/2( x + N x N) = 120/2( 113569/14400 + 7 113569/14400, 7) = 175 2a d = 2 288 = 24 120 5 2b d = 2 175 = 35 120 12 2 x = 337 60 which indeed has area 7 and is a right angle triangle (the side lengths satisfy the Pythagorean Identity) Proof of Theorem 2 Theorem 2. A number N is congruent if and only if the elliptic curve y 2 = x 3 N 2 x has a rational point P = (x, y) distinct from (0, 0) and (±N, 0). We have already seen that if N is congruent, then we can find a rational point on the elliptic curve. 3

Now, suppose our elliptic curve has a rational point P = (x, y) where P is not one of (0, 0) and (±N, 0). Our goal will be to show that 2P satisfies the conditions of the previous theorem. Using the results of adding a point to itself from last time, we see that the x-coordinate of P + P on the elliptic curve y 2 = x 3 + Ax + B is given by ( 3x 2 ) 2 + A 2x = 9x4 + 6Ax 2 + A 2 2y 4y 2 2x = 9x4 + 6Ax 2 + A 2 2x = 9x4 + 6Ax 2 + A 2 + 2x 4(x3 + Ax + B) = 9x4 + 6Ax 2 + A 2 + 8x4 8Ax 2 8Bx = x4 2Ax 2 8Bx + A 2 Using the results of adding a point to itself from last time, we see that the x-coordinate of P + P on the elliptic curve y 2 = x 3 + Ax + B is given by ( 3x 2 ) 2 + A 2x = x4 2Ax 2 8Bx + A 2 2y Specializing to when A = N 2 and B = 0 (that is, on the elliptic curve y 2 = x 3 N 2 x) gives us the formula for the x-coordinate of P + P as Notice that by our restriction on the rational point P, the denominator is nonzero and the numerator is nonzero. satisfies that it is the square of a rational number. It is also true that the numerator shares no common factor with N. Suppose p divides x 2 + N 2 and p divides N for some prime p. Then p x and hence p 3 divides x 3 N 2 x = y 2. Hence p 3 divides y 2. Thus, in the x-coordinate above, we can factor out a p 2 in the numerator and cancel it with a p 2 in the denominator. By repeating this, the numerator can be reduced so that it shares no common factor with N. So it suffices to show that the number has an even denominator. immediately appears to have an even denominator but we need to be careful. What happens if the factor of 4 in the denominator cancels with the numerator? In what cases is this possible? 4

Case 1: x and N are even. Then 2 divides both x and N which means that the numerator and N share a common factor. Applying the previous argument shows that we can reduce the fraction. Case 2: x and N are odd. In this case, write x = 2a+1 and N = 2b+1. Plugging in and simplifying gives (x 2 + N 2 ) 2 = 16(a 2 + a + b 2 + b) 2 + 16(a 2 + a + b 2 + b) + 4 Hence 4 exactly divides the numerator. Since y 2 = x 3 N 2 x, we have that y is even and so at least 16 divides the denominator. Hence the denominator is even. Thus, this point P satisfies the conditions of the previous theorem and so the number N is congruent. Don Zagier To compute a rational point on the elliptic curve y 2 = x 3 157 2 x, Zagier noted that if N 5 is divisible by 8 for a prime N, then each of the factors x and x ± N in y 2 = x 3 N 2 x must be of the form ±s 2, ±2s 2, ±ns 2 or ±2ns 2 where s is a rational number. Then, as an example, if x = A 2, x + n = B 2 and x n = C 2, simplifying gives us that we must solve C 2 B 2 = 2A 2 C 2 A 2 = n Similarly to the techniques we used to find Pythagorean triples, it must hold that A = 2RS M, B = R2 2S 2 M and C = R2 +2S 2 M for suitable integers R, S, M. In this way the problem is reduced to the solvability of M 2 N = R 4 + 4S 4. For N = 5 this has a clear solution but for N = 157, we need to apply this idea a few more times to the equation N = U 2 + 4V 2 and find a solution with UV a rational square. Then take U = R 2 /M and V = S 2 /M. The ideas here are difficult to flesh out but can be done which is what Zagier did. (Thanks to Carlos Beenakker!) Given the previous discussion, we have become interested in the following problem: How can we find a rational point on an elliptic curve of the form y 2 = x 3 + Ax + B? This is a complex problem! Points on Elliptic Curves over Z p Given a complex problem, sometimes we try to simplify it! In some sense the problem is that the rational numbers are too big. What we ll consider is dealing with points over a finite field, in this case, Z p. 5

We define the field Z p for a prime number p to be the set of integers and we state that two integers are equal in Z p provided they differ by a multiple of p. It will turn out over Z p that the group law will still hold. So for example, in Z 7, 1 and 15 are the same number because they differ by 14 which is divisible by 7. We denote this by 1 15 mod 7 and in general by a b mod p. Exercise 1 Which of the following numbers are equivalent to 1 in Z 5? 1. 1 2. 2 3. 6 4. 17 5. 4 6. 3 200 Solutions to Exercise 1 Which of the following numbers are equivalent to 1 in Z 5? 1. 1 Equivalent since 5 divides 1 1 = 0 2. 2 Not equivalent since 5 does not divide 2 1 = 1 3. 6 Equivalent since 5 divides 6 1 = 5 4. 17 Not equivalent since 5 does not divide 17 1 = 16 5. 4 Equivalent since 5 divides 4 1 = 5. 6. 3 200 Equivalent since 5 divides 3 200 1 = (3 4 ) 50 1 = 81 50 1 = (81 1)(81 49 + 81 48 +... + 1) (Think: x 1 is a factor of x 50 1 so 81 1 = 80 is a factor of 81 50 1 and 5 divides 80 so 5 divides 81 50 1). Working in Z p When we think about numbers in Z p for a prime p, we can restrict ourselves to just looking at numbers between 0 and p 1 inclusive since every number is equivalent to one of these numbers (this actually follows quickly from long division with remainders!) Hence, we sometimes write Z p = {0, 1, 2,..., p 1}. Points on Elliptic Curves over Finite Fields Now we can start to look at elliptic curves over different finite fields. Let s look at the elliptic curve y 2 = x 3 x. 6

In order to reduce this elliptic curve over a finite field, we need to avoid primes dividing the discriminant of the elliptic curve (see the problem sheet). In this case, the discriminant is 64 so we can look for points on finite fields over all Z p for odd primes. Over Z 3, we can look at all the possible x values, namely x = 0, 1, 2. These give the equations y 2 = 0 3 0 0 mod 3 y 2 = 1 3 1 = 0 mod 3 y 2 = 2 3 2 = 6 0 mod 3 Hence, this elliptic curve when considered over Z 3 has three points (0, 0), (1, 0), (2, 0) and one more point for the point at infinity. What about the elliptic curve y 2 = x 3 x over Z 5? Again we can look at all the possible x values, namely x = 0, 1, 2, 3, 4. These give the equations y 2 = 0 3 0 = 0 y 2 = 1 3 1 = 0 y 2 = 2 3 2 = 6 1 mod 5 y 2 = 3 3 3 = 24 4 mod 5 y 2 = 4 3 4 = 60 0 mod 5 Thus, we want to know what solutions we have for y 2 0 mod 5, y 2 1 mod 5 and y 2 4 mod 5. We can compute the squares modulo 5 via x 0 1 2 3 4 x 2 mod 5 0 1 4 4 1 Hence, this elliptic curve when considered over Z 5 has seven points (0, 0), (1, 0), (2, 1), (2, 4), (3, 2), (3, 3), (4, 0) and one more point for the point at infinity. What about the elliptic curve y 2 = x 3 4x over Z 5 (If you re quick, change 5 to 7 and 11 and see what happens)? Again we can look at all the possible x values, namely x = 0, 1, 2, 3, 4. These give the equations y 2 = 0 3 4(0) = 0 y 2 = 1 3 4(1) = 3 2 mod 5 y 2 = 2 3 4(2) = 0 y 2 = 3 3 4(3) = 15 0 mod 5 y 2 = 4 3 4(4) = 48 3 mod 5 From the table before, we see that 2 and 3 are not squares in Z 5. Hence the only points here are (0, 0), (2, 0), (3, 0) and the point at infinity. What can we do with these ideas? By taking the information at many primes, we can gain a lot of information about our elliptic curve. Elliptic curves can be used to help factor numbers (Lenstra s Algorithm). Elliptic Curves over finite fields form the basis for a cryptosystem in use today called Elliptic Curve Cryptography. They form a correspondence with certain types of modular forms which are another beautiful mathematical object with many applications. You now have a good foundation to pick up an introductory book on elliptic curves and start to study these objects more deeply. 7

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback