On the order of unimodular matrices modulo integers

ACTA ARITHMETICA 0.2 (2003) On the order of unimodular matrices modulo integers by Pär Kurlberg (Gothenburg). Introduction. Given an integer b and a prime p such that p b, let ord p (b) be the multiplicative order of b modulo p. In other words, ord p (b) is the smallest nonnegative integer k such that b k mod p. Clearly ord p (b) p, and if the order is maimal, b is said to be a primitive root modulo p. Artin conjectured (see the preface in []) that if b Z is not a square, then b is a primitive root for a positive proportion ( ) of the primes. What about the typical behaviour of ord p (b)? For instance, are there good lower bounds on ord p (b) that hold for a full density subset of the primes? In [3], Erdős and Murty proved that if b 0, ±, then there eists a δ > 0 so that ord p (b) is at least p /2 ep((log p) δ ) for a full density subset of the primes ( 2 ). However, we epect the typical order to be much larger. In [6] Hooley proved that the Generalized Riemann Hypothesis (GRH) implies Artin s conjecture. Moreover, if f : R + R + is an increasing function tending to infinity, Erdős and Murty [3] showed that GRH implies that the order of b modulo p is greater than p/f(p) for a full density subset of the primes. It is also interesting to consider lower bounds for ord N (b) where N is an integer. It is easy to see that ord N (b) can be as small as log N infinitely often (take N = b k ), but we epect the typical order to be quite large. Assuming GRH, we can prove that the lower bound ord N (b) N ε holds for most integers. Theorem. Let b 0, ± be an integer. Assuming GRH, the number of N such that ord N (b) N ε is o(). That is, the set of integers N such that ord N (b) N ε has density one. However, the main focus of this paper is to investigate a related question, namely lower bounds on the order of unimodular matrices modulo N Z. 2000 Mathematics Subject Classification: Primary N37; Secondary A07. Author supported in part by the National Science Foundation (DMS 007503). ( ) The constant is given by an Euler product that depends on b. ( 2 ) Pappalardi has shown [9] that δ can be taken to be approimately 0.5. [4]

42 P. Kurlberg That is, if A SL 2 (Z), what can be said about lower bounds for ord N (A), the order of A modulo N, that hold for most N? It is a natural generalization of the previous questions, but our main motivation comes from mathematical physics (quantum chaos): In [7] Rudnick and I proved that if A is hyperbolic ( 3 ), then a strong form of quantum ergodicity for toral automorphisms follows from ord N (A) being slightly larger than N /2, and we then showed that this condition holds for a full density subset of the integers ( 4 ). Again, we epect that the typical order is much larger. In order to give lower bounds on ord N (A), it is essential to have good lower bounds on ord p (A) for p prime: Theorem 2. Let A SL 2 (Z) be hyperbolic, and let f : R + R + be an increasing function tending to infinity more slowly than log. Assuming GRH, there are at most O ( f() ε log ) primes p such that ordp (A) < p/f(p). In particular, the set of primes p such that ord p (A) p/f(p) has density one. Using this we obtain an improved lower bound on ord N (A) that is valid for most integers. Theorem 3. Let A SL 2 (Z) be hyperbolic. Assuming GRH, the number of N such that ord N (A) N ε is o(). That is, the set of integers N such that ord N (A) N ε has density one. Remarks. If A is elliptic ( tr(a) < 2) then A has finite order (in fact, at most 6). If A is parabolic ( tr(a) = 2), then ord p (A) = p unless A is congruent to the identity matri modulo p, and hence there eists a constant c A > 0 so that ord N (A) > c A N. Apart from the application in mind, it is thus natural to only treat the hyperbolic case. As far as unconditional results for primes go, we note that the proof in [3] relies entirely on analyzing the divisor structure of p, and we epect that their method should give a similar lower bound on the order of A modulo p. An unconditional lower bound of the form () ord p (b) p η for a full proportion of the primes and η > /2 would be quite interesting. In this direction, Goldfeld [5] proved that if η < 3/5, then () holds for a positive, but not full, proportion of the primes. Clearly ord p (A) is related to ord p (ε), where ε is one of the eigenvalues of A. Since A is assumed to be hyperbolic, ε is a power of a fundamental unit in a real quadratic field. The question of densities of primes p such ( 3 ) A is hyperbolic if tr(a) > 2. ( 4 ) More precisely: there eists δ > 0 so that ord N (A) N /2 ep((log N) δ ) for a full density subset of the integers.

Order of unimodular matrices modulo integers 43 that ord p (λ) is maimal, for λ a fundamental unit in a real quadratic field, does not seem to have received much attention until quite recently; in [0] Roskam proved that GRH implies that the set of primes p for which ord p (λ) is maimal has positive density. (The work of Weinberger [2], Cooke and Weinberger [2] and Lenstra [8] does treat the case ord p (λ) = p, but not the case ord p (λ) = p +.) 2. Preliminaries 2.. Notation. If O F is the ring of integers in a number field F, we let ζ F (s) = a O F N(a) s denote the zeta function of F. By GRH we mean that all nontrivial zeros of ζ F (s) lie on the line Re(s) = /2 for all number fields F. Let ε be an eigenvalue of A, satisfying the equation (2) ε 2 tr(a)ε + det(a) = 0. Since A is hyperbolic, K = Q(ε) is a real quadratic field. Let O K be the integers in K, and let D K be the discriminant of K. Since A has determinant one, ε is a unit in O K. For n Z + we let ζ n = e 2πi/n be a primitive nth root of unity, and α n = ε /n be an nth root of ε. Further, with Z n = K(ζ n ), K n = K(ζ n, α n ), and L n = K(α n ), we let σ p denote the Frobenius element in Gal(K n /Q) associated with p. We let F p k denote the finite field with p k elements, and we let Fp F be the norm one elements in F 2 p 2 p 2, i.e., the kernel of the norm map from F to F p 2 p. Let A p be the group generated by A in SL 2 (F p ). Then A p is contained in a maimal torus (of order p or p + ), and we let i p be the inde of A p in this torus. Finally, let π() = {p : p is prime} be the number of primes up to. 2.2. Kummer etensions and Frobenius elements. We want to characterize primes p such that n i p, and we can relate this to primes splitting in certain Galois etensions as follows: Reduce equation (2) modulo p and let ε denote a solution to equation (2) in F p or F p 2. (Note that if p does not ramify in K then the order of A modulo p equals the order of ε modulo p.) If p splits in K then ε F p, and if p is inert, then ε F p 2 \ F p. In the latter case, ε Fp since the norm 2 one property is preserved when reducing modulo p. Now, F p and Fp are 2 cyclic groups of order p and p + respectively. Thus, if p splits in K then ord p (ε) p, whereas if p is inert in K then ord p (ε) p +. Lemma 4. Let p be unramified in K n, and let C n = {, γ} Gal(K n /Q), where γ is given by γ(ζ n ) = ζn and γ(α n ) = αn. Then the condition that n i p is equivalent to σ p C n. Moreover, C n is invariant under conjugation.

44 P. Kurlberg Proof. The split case: Since n i p and i p p we have ζ n F p, i.e. F p contains all nth roots of unity. Moreover, ε is an nth power of some element in F p, and thus the polynomial n ε splits completely in F p. In other words, p splits completely in K n and σ p is trivial. The inert case: Since n divides i p, ε is an nth power of some element in and hence α n F p 2. Moreover, n p 2 implies that ζ n F p 2. Now, F p 2 N F p 2 F p (α n ) = and N F p 2 F p (ζ n ) = ζn p+ = implies that σ p (ζ n ) ζ n mod p, σ p (α n ) α n mod p. For p that does not ramify in K n we thus have (3) σ p (ζ n ) = ζ n, σ p (α n ) = α n. Now, an element τ Gal(K n /Q) is of the form { ζn ζ t τ : n, t Z, α n αnζ u n, s s Z, u {, }. Composing γ and τ then gives { ζn ζn τ γ : α n αn ζ t n, α u n and { ζn ζn t ζn t, γ τ : α n αnζ u n s αn u which shows that γ is invariant under conjugation. ζn s, ζn s, 2.3. The Chebotarev Density Theorem. In [] Serre proved that the Generalized Riemann Hypothesis (GRH) implies the following version of the Chebotarev Density Theorem: Theorem 5. Let E/Q be a finite Galois etension of degree [E : Q] and discriminant D E. For p a prime let σ p G = Gal(E/Q) denote the Frobenius conjugacy class, and let C G be a union of conjugacy classes. If the nontrivial zeros of ζ E (s) lie on the line Re(s) = /2, then for 2, {p : σ p C} = C G π() + O ( ) C G /2 (log D E + [E : Q] log ). Now, primes that ramify in K n divide nd K (see Lemma 0), so as far as densities are concerned, ramified primes can be ignored. The bounds on the size of D Kn (see Lemma 0) and Lemma 4 then give the following: Corollary 6. If GRH is true then 2 (4) {p : n i p } = [K n : Q] π() + O(/2 (log(n))).

Order of unimodular matrices modulo integers 45 Remark. For Theorems 2 and 3 to be true, it is enough to assume that the Riemann hypothesis holds for all ζ Kn, n >. 2.3.. Bounds on degrees. In order to apply the Chebotarev Density Theorem we need bounds on the degree [K n : Q]. We will first assume that ε is a fundamental unit. Lemma 7. If ε is a fundamental unit in K and if n = 4 or n = q for q an odd prime, then Gal(K n /K) is nonabelian. Proof. We start by showing that [K n : Z n ] = n. Consider first the case n = q. If α q Z q then β = N Z q K (α q) = α [Z q:k] q ζq t K R for some integer t. Since q is odd we may assume that α q R, and this forces ζq t =, which in turn implies that α [Z q:k] q K. Because ε is a fundamental unit this means that q [Z q : K]. On the other hand, [Z q : K] φ(q), a contradiction. Thus α q Z q, and hence K q /Z q is a Kummer etension of degree q. For n = 4 we note that i Z 4 = K(i). Thus α 2 = ε Z 4 implies that ε Z4. However, either ε or ε is real and generates a real degree two etension of K, whereas K(i) is a nonreal quadratic etension of K, and hence α 2 Z 4. Now, if α 4 Z 4 (α 2 ) then N Z 4(α 2 ) Z 4 (α 4 ) = α4 2it Z 4 for some t Z, and thus α4 2 = α 2 Z 4, which contradicts α 2 Z 4. Therefore, [Z 4 (α 4 ) : Z 4 ] = [Z 4 (α 4 ) : Z 4 (α 2 )][Z 4 (α 2 ) : Z 4 ] = 4. Finally, we note that the commutator of any nontrivial element σ Gal(K n /Z n ) with any nontrivial element σ 2 Gal(K n /L n ) is nontrivial (we may regard Gal(K n /Z n ) and Gal(K n /L n ) as subgroups of Gal(K n /K)). Hence Gal(K n /K) is nonabelian. Lemma 8. If ε is a fundamental unit then [K n : Z n ] n/2. Proof. Clearly Z n (α q k) K n, and since field etensions of relative prime degrees are disjoint, it is enough to show that if q k n is a prime power then q k [Z n (α q k) : Z n ] if q is odd, and q k [Z n (α q k) : Z n ] if q = 2. If q is odd then Lemma 7 implies that α q Z n since Gal(Z n /K) is abelian. Hence, if m Z and α m Z q k n, we must have q k m. Now, if σ Gal(Z n (α q k)/z n ) then σ(α q k) = α q kζ t σ for some integer t q k σ. Thus there eists an integer t such that β = N Z n(α q k ) Z n (α q k) = α [Z n(α q k ):Z n ] q k ζ t q Z n. Multiplying β by ζq t Z n we find that α [Z n(α q k ):Z n ] q k q k [Z n (α q k) : Z n ]. Z n, and hence

46 P. Kurlberg For q = 2 the proof is similar, ecept that a factor of two is lost if α 2 Z n. Remark. K 2 /Q is a Galois etension of degree four, hence abelian and therefore contained in some cyclotomic etension by the Kronecker Weber Theorem, and it is thus possible that α 2 Z n for some values of n. Lemma 9. We have nφ(n) K [K n : Q] 2nφ(n). Proof. We first observe that [Z n : K] equals φ(n) or φ(n)/2 depending on whether K Q(ζ n ) or not. We also have the trivial upper bound [K n : Z n ] n. For a lower bound of [K n : Z n ] we argue as follows: Let γ K be a fundamental unit. Since the norm of ε is one we may write ε = γ k for some k Z. (Note that k does not depend on n.) As [Z n (γ /n ) : Z n (ε /n )] k, Lemma 8 gives [Z n (ε /n ) : Z n ] n/k. The upper and lower bounds now follow from [K n : Q] = [K n : Z n ][Z n : K][K : Q]. 2.3.2. Bounds on discriminants Lemma 0. If p ramifies in K n then p nd K. Moreover, Proof. First note that log(disc(k n /Q)) K [K n : K] log n. disc(k n /Q) = N K Q (disc(k n /K)) disc(k/q) [K n:k]. From the multiplicativity of the different we get disc(k n /K) = disc(z n /K) [K n:z n] N Z n K (disc(k n/z n )). Since ε is a unit, so is ε /n. Thus, if we let f() = n ε then f () = n n, and therefore the principal ideal f (ε /n )O Kn equals no Kn. In terms of discriminants this means that and similarly it can be shown that Thus disc(k n /Q) divides disc(k n /Z n ) N K n Z n (no Kn ) disc(z n /K) N Z n K (no Z n ). NQ K (N K n K (no K n ) N Z n K (no Z n ) [K n:z n ] ) disc(k/q) [K n:k] = n 4[K n:k] disc(k/q) [Kn:K], which proves the two assertions.

Order of unimodular matrices modulo integers 47 3. Proof of Theorem 2. In order to bound the number of primes p < for which i p > /2 we will need the following lemma: Lemma. The number of primes p such that ord p (A) y is O(y 2 ). Proof. Given A there eists a constant C A such that det(a n I) = O(CA n ). Now, if the order of A modulo p is n, then certainly p divides det(a n I) 0. Putting M = y n= det(an I) we see that any prime p for which A has order n y must divide M. Finally, the number of prime divisors of M is bounded by y log M n log C A y 2. n= First step: We consider primes p such that i p ( /2 log, ). By Lemma the number of such primes is (( ) 2 ) ( ) (5) O /2 = O log log 2. Second step: Consider p such that q i p for some prime q ( /2 log 3, /2 log ). We may bound this by considering primes p such that p ± mod q for q ( /2 log 3, /2 log ). Since q /2 log, Brun s sieve gives (up to an absolute constant) the bound /(φ(q) log ), and the total contribution from these primes is at most (6) q ( /2 log 3,/2 log ) φ(q) log(/q) log q ( /2 log 3,/2 log ) Now, summing reciprocals of primes in a dyadic interval, we get q π(2m) M log M. Hence q ( /2 log 3,/2 log ) q [M,2M] q. q ( /2 ) log log log log log 2 /2 /log 3 log and the right hand side of (6) is O ( log log log 2 Third step: Now consider p such that q i p for some prime q ( f() 2, ) /2. We are now in the range where GRH is applicable; by Corollary 6 log 3 and Lemma 9 we have {p : q i p } ). qφ(q) log + O(/2 log(q 2 )).

48 P. Kurlberg Summing over q ( f() 2 ), /2 log 3 we find that the number of such p is bounded by ( ) (7) q 2 log + O(/2 log(q 2 )). Now, and thus (7) is q (f() 2, /2 log 3 ) q (f() 2, /2 log 3 ) q 2 f() f() log + log 2. Fourth step: For the remaining primes p, any prime divisor q i p is smaller than f() 2. Hence i p must be divisible by some integer d (f(), f() 3 ). Again Lemmas 6 and 9 give {p : d i p } dφ(d) log + O(/2 log(d 2 )). Noting that φ(d) d ε and summing over d (f(), f() 3 ) we find that the number of such p is bounded by ( ) (8) d 2 ε log + O(/2 log(d 2 )). Now, and therefore (8) is d (f(),f() 3 ) d (f(),f() 3 ) d (f(),f() 3 ) d 2 ε f() ε /2 log(d 2 ) f() 3 /2 log( 2 ), f() ε log. 4. Proof of Theorems and 3. Given a composite integer N = p N pa p we wish to use the lower bounds on ord p (b) (or ord p (A)) to obtain a lower bound on ord N (b). The main obstacle is that ord N (b) can be much smaller than p N ord p a p (b). Let λ(n) be the Carmichael lambda function, i.e., the eponent of the multiplicative group (Z/NZ). Clearly ord N (b) λ(n), and it turns out that λ(n) can be much smaller than N. However,

Order of unimodular matrices modulo integers 49 λ(n) N ε for most N (see [4]), and since ord N (b) λ(n) ord p (b) N it suffices to show that most integers are essentially given by a product of primes p such that ord p (b) p/log p. We will only give the details for Theorem 3 since the other case is very similar. If p is prime such that ord p (A) p/log p, or p ramifies in K, we say that p is bad. We let P B denote the set of all bad primes, and we let P B (z) be the set of primes p P B such that p z. Since only finitely many primes ramify in K, Theorem 2 implies that the number of bad primes p is O(/log 2 ε ). A key observation is the following: Lemma 2. We have In particular, if we let p N p P B p <. β(z) = p P B (z) /p, then β(z) tends to zero as z tends to infinity. Proof. Immediate from partial summation and the O(/log 2 ε ) estimate in Theorem 2. Given N Z, write N = s 2 N G N B where N G N B is square-free and N B is the product of bad primes dividing N. By the following lemma, we find that few integers have a large square factor: Lemma 3. We have {N : s 2 N, s y} = O(/y). Proof. The number of N such that s 2 N for s y is bounded by s y /s2 /y. Net we show that there are few N for which N B is divisible by p P B (z). In other words, for most N, N B is a product of small bad primes. Lemma 4. The number of N such that p P B (z) divides N B is O(β(z)). Proof. Let p P B (z). The number of N such that p N is less than /p. Thus, the total number of N such that some p P B (z) divides N, is bounded by p P B (z) p = p P B (z) p = β(z).

50 P. Kurlberg Combining the previous results we find that the number of N = s 2 N G N B such that N B is z-smooth and s y is ( + O(β(z) + /y)). For such N we have N B p z p ez. Letting z = log log and y = log we get N G = N s 2 N N B log 3 for N with at most O((β(log log ) + (log ) )) = o() eceptions. Now, the following proposition shows that, for most N, ord N (A) is essentially given by p N ord p(a). Proposition ([7, Proposition ]). Let D A = 4(tr(A) 2 4). For almost all ( 5 ) N, p d ord N (A) 0 ord p (A) ep(3(log log ) 4 ) where d 0 is given by writing N = ds 2, with d = d 0 gcd(d, D A ) square-free. Finally, since ord p (A) p/log p p ε for p N G and p sufficiently large, we find that p N ord N (A) G ord p (A) ep(3(log log ) 4 ) N ε G ep(3(log log ) 4 ) N 2ε for all but o() integers N. References [] E. Artin, The Collected Papers of Emil Artin, Addison-Wesley, Reading, 965. [2] G. Cooke and P. J. Weinberger, On the construction of division chains in algebraic number rings, with applications to SL 2, Comm. Algebra 3 (975), 48 524. [3] P. Erdős and M. R. Murty, On the order of a (mod p), in: Number Theory (Ottawa, ON, 996), Amer. Math. Soc., Providence, RI, 999, 87 97. [4] P. Erdős, C. Pomerance and E. Schmutz, Carmichael s lambda function, Acta Arith. 58 (99), 363 385. [5] M. Goldfeld, On the number of primes p for which p + a has a large prime factor, Mathematika 6 (969), 23 27. [6] C. Hooley, On Artin s conjecture, J. Reine Angew. Math. 225 (967), 209 220. [7] P. Kurlberg and Z. Rudnick, On quantum ergodicity for linear maps of the torus, Comm. Math. Phys. 222 (200), 20 227. [8] H. W. Lenstra, Jr., On Artin s conjecture and Euclid s algorithm in global fields, Invent. Math. 42 (977), 20 224. [9] F. Pappalardi, On the order of finitely generated subgroups of q (mod p) and divisors of p, J. Number Theory 57 (996), 207 222. ( 5 ) By for almost all N we mean that there are o() eceptional integers N that are smaller than.

Order of unimodular matrices modulo integers 5 [0] H. Roskam, A quadratic analogue of Artin s conjecture on primitive roots, ibid. 8 (2000), 93 09. [] J.-P. Serre, Quelques applications du théorème de densité de Chebotarev, Inst. Hautes Études Sci. Publ. Math. 54 (98), 323 40. [2] P. J. Weinberger, On Euclidean rings of algebraic integers, in: Analytic Number Theory, Proc. Sympos. Pure Math. 24 (St. Louis, MO, 972), Amer. Math. Soc., Providence, RI, 973, 32 332. Department of Mathematics Chalmers University of Technology SE-42 96 Gothenburg, Sweden E-mail: kurlberg@math.chalmers.se URL: www.math.chalmers.se/ kurlberg Received on 5.4.2002 (4262)