A tour through Elliptic Divisibility Sequences

Similar documents
Divisibility Sequences for Elliptic Curves with Complex Multiplication

p-adic Properites of Elliptic Divisibility Sequences Joseph H. Silverman

Elliptic Nets and Points on Elliptic Curves

arxiv:math/ v1 [math.nt] 25 Feb 2004

Elliptic Nets With Applications to Cryptography

DESCENT ON ELLIPTIC CURVES AND HILBERT S TENTH PROBLEM

Common Divisors of Elliptic Divisibility Sequences over Function Fields

CHARACTERIZING INTEGERS AMONG RATIONAL NUMBERS WITH A UNIVERSAL-EXISTENTIAL FORMULA

Defining Valuation Rings

Elliptic Curves. Akhil Mathew (Department of Mathematics Drew UniversityElliptic MathCurves 155, Professor Alan Candiotti) 10 Dec.

Elliptic Nets How To Catch an Elliptic Curve Katherine Stange USC Women in Math Seminar November 7,

RATIONAL POINTS ON ELLIPTIC CURVES

LECTURE 22, WEDNESDAY in lowest terms by H(x) = max{ p, q } and proved. Last time, we defined the height of a rational number x = p q

arxiv: v2 [math.nt] 23 Sep 2011

Introduction to Arithmetic Geometry Fall 2013 Lecture #24 12/03/2013

Elliptic divisibility sequences

Elliptic Curves and Public Key Cryptography

Elliptic curves and Hilbert s Tenth Problem

A FAMILY OF INTEGER SOMOS SEQUENCES

HTP over Algebraic Extensions of Q: Normforms vs. Elliptic Curves

LINEAR RECURSIVE SEQUENCES. The numbers in the sequence are called its terms. The general form of a sequence is

Lecture Notes. Advanced Discrete Structures COT S

ELLIPTIC CURVES SEMINAR: SIEGEL S THEOREM

CONGRUENT NUMBERS AND ELLIPTIC CURVES

Logic, Elliptic curves, and Diophantine stability

MATH 2400 LECTURE NOTES: POLYNOMIAL AND RATIONAL FUNCTIONS. Contents 1. Polynomial Functions 1 2. Rational Functions 6

PRIME POWER TERMS IN ELLIPTIC DIVISIBILITY SEQUENCES.

Congruent Number Problem and Elliptic curves

The ABC Conjecture and its Consequences on Curves

Formulary for elliptic divisibility sequences and elliptic nets. Let E be the elliptic curve defined over the rationals with Weierstrass equation

The canonical height of an algebraic point on an elliptic curve

Lecture 2: Elliptic curves

Diophantine equations and beyond

Errata List for Rational Points on Elliptic Curves by Joseph H. Silverman and John Tate Version 1.3a July 5, 1994; revised by JEC, 1998

Legendre s Equation. PHYS Southern Illinois University. October 18, 2016

Chapter 8. P-adic numbers. 8.1 Absolute values

How many elliptic curves can have the same prime conductor? Alberta Number Theory Days, BIRS, 11 May Noam D. Elkies, Harvard University

Mathematisches Forschungsinstitut Oberwolfach. Miniworkshop: Hilbert s Tenth Problem, Mazur s Conjecture and Divisibility Sequences

Computing a Lower Bound for the Canonical Height on Elliptic Curves over Q

Katherine Stange. ECC 2007, Dublin, Ireland

On Computably Enumerable Sets over Function Fields

14 Ordinary and supersingular elliptic curves

Elliptic curves and modularity

MTH310 EXAM 2 REVIEW

Introduction to Elliptic Curves

Introduction to Arithmetic Geometry

Rational points on curves and tropical geometry.

A Number Theorist s Perspective on Dynamical Systems

THE MORDELL-WEIL THEOREM FOR Q

Some remarks on diophantine equations and diophantine approximation

NOTES ON DIOPHANTINE APPROXIMATION

Counting points on elliptic curves: Hasse s theorem and recent developments

1. Factorization Divisibility in Z.

Lecture Notes Math 371: Algebra (Fall 2006) by Nathanael Leedom Ackerman

Elliptic Curves, Group Schemes,

according to Alexandra Shlapentokh September 30, 2016

Equations for Hilbert modular surfaces

RECENT RESULTS ON LINEAR RECURRENCE SEQUENCES

Contribution of Problems

ELLIPTIC CURVES OVER FINITE FIELDS

THERE ARE NO ELLIPTIC CURVES DEFINED OVER Q WITH POINTS OF ORDER 11

RANK AND PERIOD OF PRIMES IN THE FIBONACCI SEQUENCE. A TRICHOTOMY

Points of Finite Order

Math 581 Problem Set 3 Solutions

Chapter 1 Why Quadratic Diophantine Equations?

Bjorn Poonen. MSRI Introductory Workshop on Rational and Integral Points on Higher-dimensional Varieties. January 18, 2006

Topics in Number Theory: Elliptic Curves

A Note on Scalar Multiplication Using Division Polynomials

TORSION AND TAMAGAWA NUMBERS

MATH FINAL EXAM REVIEW HINTS

An Introduction to Supersingular Elliptic Curves and Supersingular Primes

Rigid Divisibility Sequences Generated by Polynomial Iteration

Structure of elliptic curves and addition laws

On attaching coordinates of Gaussian prime torsion points of y 2 = x 3 + x to Q(i)

g(x) = 1 1 x = 1 + x + x2 + x 3 + is not a polynomial, since it doesn t have finite degree. g(x) is an example of a power series.

18. Cyclotomic polynomials II

SOME AMAZING PROPERTIES OF THE FUNCTION f(x) = x 2 * David M. Goldschmidt University of California, Berkeley U.S.A.

Counting points on elliptic curves over F q

Prime Numbers and Irrational Numbers

Public-key Cryptography: Theory and Practice

Example: This theorem is the easiest way to test an ideal (or an element) is prime. Z[x] (x)

A Diophantine System and a Problem on Cubic Fields

15. Polynomial rings Definition-Lemma Let R be a ring and let x be an indeterminate.

The Congruent Number Problem and the Birch and Swinnerton-Dyer Conjecture. Florence Walton MMathPhil

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

An Approach to Hensel s Lemma

THE DENSITY OF PRIME DIVISORS IN THE ARITHMETIC DYNAMICS OF QUADRATIC POLYNOMIALS

SYMMETRY AND SPECIALIZABILITY IN THE CONTINUED FRACTION EXPANSIONS OF SOME INFINITE PRODUCTS

LINEAR FORMS IN LOGARITHMS

Some new families of positive-rank elliptic curves arising from Pythagorean triples

Hans Wenzl. 4f(x), 4x 3 + 4ax bx + 4c

Final Exam Review. 2. Let A = {, { }}. What is the cardinality of A? Is

Arithmetic Progressions Over Quadratic Fields

Chapter 6. Approximation of algebraic numbers by rationals. 6.1 Liouville s Theorem and Roth s Theorem

Math 547, Exam 2 Information.

1. multiplication is commutative and associative;

DIOPHANTINE EQUATIONS AND DIOPHANTINE APPROXIMATION

#A11 INTEGERS 12 (2012) FIBONACCI VARIATIONS OF A CONJECTURE OF POLIGNAC

Rings. Chapter Homomorphisms and ideals

1 Overview and revision

Transcription:

A tour through Elliptic Divisibility Sequences Victor S. Miller CCR Princeton Princeton, NJ 08540 15 April 2010

Points and their denominators Let E : y 2 + a 1 xy + a 3 y = x 3 + a 2 x 2 + a 4 x + a 6 be an elliptic curve with a i Z. We can write any point P E(Q) in the form ( a c 2, b ) c 3 for some integers a, b, c with gcd(a, c) = gcd(b, c) = 1. Denote c by den(p ). Thus, if P E(Q) is a point of infinite order we have a sequence C n = den(np ), which we d like to study. In particular Question Are there an infinite number of primes in the sequence {C n }?

Some Properties of the sequence C n If m n then C m C n (a divisibility sequence). In fact gcd(c m, C n ) = C gcd(m,n) strong divisibility. Growth: There is a constant c > 0 such that log(c n ) cn 2. Eventually every C n is divisible by a prime that does not divide any of the earlier elements (primitive divisors). A more complicated recursion (elliptic divisibility sequence).

Divisibility Sequences Definition (Divisibility Sequence) A sequence u 0, u 1, u 2, Z such that when r s u r u s. Example The Trivial Sequence: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,.... The Fibonacci Sequence: 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55,.... The Mersenne Sequence: 2 0 1, 2 1 1, 2 2 1, 2 3 1,.... Many other linear recurrent sequences. Question Do such sequences contain an infinite number of primes? It s thought to be true (though still unproven) for the latter two sequences.

Division Polynomials of Elliptic Curves If E is an elliptic curve in Weierstrass form for every non-negative integer n one has a division polynomial ψ n (X, Y ) which is a function (suitably normalized) on E whose divisor is (T ) (n 2 1)(0), 0 T,nT =0 where T is point in E(Q), and 0 denotes the 0 of the elliptic curve. It s well known that ψ n satisfies the following recurrence ψ 2m+1 = ψ m+2 ψm 3 ψ m 1 ψm+1 3 for m 2 ( ) ψm ψ 2m = (ψ m+2 ψm 1 2 ψ m 2 ψ 2 2Y m+1) for m 3. To start the recursion we need to specify the values ψ 0 = 0, ψ 1 = 1, ψ 2 = 2Y, ψ 3, and ψ 4.

More division polynomials In fact ψ n (X, Y ) is essentially the denominator of the point n(x, Y ), so try to use it in studying the sequence {C n }. There are more general recurrences that ψ n satisfy the Elliptic Divisibility Sequences Turn things on their head: study the recurrences and their properties.

Elliptic Divisibility Sequences First studied by Edouard Lucas in the 19 th century, but mostly unpublished. Extensive monograph by Morgan Ward in 1948. For m > n: Elliptic Divisibility Recurrence u m+n u m n = u m 1 u m+1 u 2 n u n+1 u n 1 u 2 m. Taking m = n shows that u 0 = 0, and n = 1 that u 1 = ±1 (henceforth we assume that u 1 = 1). If u 2 u 3 0 we say that it is non-degenerate. Also u 2 u 4. This recurrence implies that {u n } is a divisibility sequence. And, taking n = 2 shows that u 0, u 1, u 2, u 3, u 4 determines the whole sequence!

Elliptic Curves over the Complex Numbers Recall that elliptic curves over the complex numbers arise from studying doubly-periodic functions where the set of periods forms a lattice L C. An elliptic curve E over C has a complex uniformation: E(C) C/L, for a lattice L C, given by the classical Weierstrass function. Related is the Weierstrass σ function: σ(z; L) = z ( 1 z ) e (z/ω)+ 1 2 (z/ω)2. ω 0 ω L It is not periodic for L but almost so, and can be used to build up elliptic functions.

Theorem of Morgan Ward Theorem (Ward) If {u n } is a non-degenerate EDS then there is a lattice L C and a point z C such that u n = σ(nz; L) σ(z; L) n2, where σ(z; L) is the Weierstrass sigma function. More precisely there is an elliptic curve E : y 2 + a 1 xy + a 3 y = x 3 + a 2 x 2 + a 4 x + a 6, and an integral point P E(Z) such that u n = ψ n (P ), where ψ n (X, Y ) is the n-th division polynomial of the curve E, and the coefficients a i are rational functions of u 2, u 3, u 4.

Edouard Lucas,Karl Weierstrass and Morgan Ward

Growth of Points E an elliptic curve in Weierstrass form with coefficients in Z. P E(Q) a point of infinite order. np = (A n /C 2 n, B n /C 3 n), A n, B n, C n Z and gcd(a n, C n ) = gcd(b n, C n ) = 1. Theorem (Neron-Tate) There is a c = ĥ(p ) > 0 such that log(max(a n, Cn)) 2 cn 2. In fact there is a stronger statement Theorem (Siegel-Silverman) We have log(cn) 2 log( A n ) ĥ(p )n2.

John Tate, Carl Ludwig Siegel, Joe Silverman

Signs The sequence C n is almost an EDS. It needs to be supplied with the right signs. Shipsey showed that it is always possible to attach a proper sign to C n so as to produce an EDS. Set W n = ±C n for n 2, W 1 = 1, W 2 = a 3, W 3 = C 3 Sign(W n 2 W n ) = Sign(A (n 1) ) for n 3. Then W n is an EDS. Silverman and Stephens show that it is possible to produce a fixed irrational number β related to the complex periods of the curve, associated with C n so that the sign is essentially given by ( 1) nβ (this must be slightly modified if the real locus of the curve has two components).

The conjecture of the Chudnovsky s The Chudnovsky brothers used EDS to produce some very large primes: Initial terms Growth rate Prime incidence up to n = 100 0,1,1,1,-2 0.0560 5,7,11,13,23,61,71 0,1,1,1,6 0.1107 5,7,13,23,43,47 0,1,2,1,4 0.1262 5,7,71 0,1,1,2,7 0.1311 11,17,73 0,1,1,1,-9 0.1383 7,47,79 0,1,1,1,10 0.1432 7,13,41,61 0,1,1,4,1 0.1730 71,79 0,1,1,4,3 0.1737 5,7,13,53,71 0,1,1,5,2 0.2010 7,43 Table: EDS from Chudnovsky and Chudnovsky

David and Gregory Chudnovsky

Thue and Thue-Mahler Equations f(x) Z[x]. Set F (x, y) := y deg(f) f(x/y). Definition (Thue Equation) F (x, y) = c, for some 0 c Z, unknowns x, y Z. Definition (Thue-Mahler equation) Let S be a finite set of primes. F (x, y) = c p S pap, for some 0 c Z, unknowns x, y, a p Z, a p 0 Theorem (Thue) deg(f) > 2: Thue: A Thue equation has only a finite number of solutions. Mahler: A Thue-Mahler equation has only a finite number of solutions.

Irrationality Measures Definition (Irrationality Measure) If α R is irrational, then a real number M is an irrationality measure for α if for all ɛ > 0 the equation α p q > 1 q M ɛ is true for all but a finite set of integers p, q. Let Irr(α) = inf{m : M is an irrationality measure for α}.

Liouville, Thue, Siegel, Dyson, Roth Let α be an algebraic number of degree d > 1. Bound on Irr(α) d 1. d/2 + 1. d/(s + 1) + s. 2d. = 2.

Siegel s Theorem Theorem (C. L. Siegel) Let f(x, Y ) Z[X, Y ], and f(x, Y ) = 0 be the equation of a curve of genus 1, and let S be a finite set of primes (possibly empty). Then the set of solutions {(X, Y ) Z S Z S : f(x, Y ) = 0} is finite, where Z S is the ring of S-integers (allow primes in S in the denominators). Proof. Transform the problem into a finite collection of Thue-Mahler equations.

Thue, Mahler and Siegel

A simple lemma Lemma Let f(x), g(x) Z[x], relatively prime. Suppose that there are A(x), B(x) Z[x], 0 D Z such that A(x)f(x) + B(x)g(x) = D. Let F (x, y) = y deg f f(x/y), G(x, y) = y deg g g(x/y). If a, b Z, gcd(a, b) = 1, then gcd(f (a, b), G(a, b)) D In other words the cancellation that we get from plugging a/b for x in f(x)/g(x) and clearing denominators divides D.

Illustrative Example The 37 curve y 2 + y = x 3 x, Q = (0, 0).Conductor = 37. The first elliptic curve over Q with positive rank. Fact: E(Q) has rank 1, no torsion and is generated by Q. For any P E(Q): f(x(p )) x(2p ) = g(x(p )), where f(x) = x 4 + 2x 2 2x + 1, g(x) = 4x 3 4x + 1. Let a(x) = 48x 2 + 64, b(x) = 12x 3 + 20x 27. Then a(x)f(x) + b(x)g(x) = 37. By the lemma, applied to f, g, D = 37, but f(x(p )) = (2y(P ) + 1) 2 so cancellation = 1.

Example continued By p-adic analysis den(x(p )) den(x(2p )). If den(x(2p )) is a prime power, p e, then x(p ) = a/p b for some p a. Thus x(2p ) = a 4 + p b c p b (4a 3 4ap 2b + p 3b ) for some c Z. Thus either b = 0 or b = e. If b = 0, x(p ) is an integeral point: finitely many. In the second case 4a 3 4a(p b ) 2 + (p b ) 3 = 1, a Thue equation, which also has only a finite number of solutions.

EDS with only a finite number of prime powers Definition If E, E are elliptic curves /Q in Weierstrass form and φ : E E is an isogeny of degree > 1, we say that a point P E(Q) is magnified (by φ) if there is a P E (Q) with P = φ(p ). Theorem (Everest, Miller, Stephens) Let S be a finite set of primes. If P E(Q) is a point of infinite order which is magnified then the sequence den(np ) contains only a finite number of terms which are divisible by precisely one prime outside of S.

The Proof Proof. It doesn t hurt to enlarge the set S (by Siegel s theorem). Require S to contain all primes of bad reduction of E, E and those dividing deg(φ). Suppose that p S, is the unique prime outside of S with p den(np ). Since den(np ) den(np ), there are two cases: either all primes dividing den(np ) are in S, in which case by Siegel s theorem, there are only a finite number of such P, or not. In that case let T be a non-trivial point in ker(φ) (over some extension K/Q). Then np + T only has primes in its denominator dividing those in S. Siegel again disposes of that case.

Surjective Isogenies If the isogeny φ : E (Q) E(Q) is surjective, the theorem shows that E(Q) contains only a finite number of points whose denominator has one prime divisor outside of a finite set S. There are a large number of examples of such in the tables of Stephens and of Cremona.

Graham Everest and Nelson Stephens

More prime divisors We generalize things Theorem (Miller) Let K be a number field, and E, E /K elliptic curves in Weierstrass form. If there is an isogeny φ : E E, which can be written as the composition of l non-trivial isogenies defined over K, and P = φ(p ) for some P E(K) of infinite order, then the sequence den(np ) has only a finite number of elements divisible by l or fewer primes of K. Proof. Similar to the above, using induction on l.

More magnification Definition (l-magnified) If l > 0 is a positive integer and E/K is an elliptic curve over a number field, we say that a point P E(K) is l-magnified if there is a finite extension L/K of degree d, and an isogeny φ : E E which can be written as the composition of l isogenies φ i defined over L and deg(φ i ) > d and a point P E (L) with φ(p ) = P. Theorem (Everest and King) The same statement for l-magnified points.

Other aspects of EDS Shipsey and Swart apply EDS to specific cases of ECDLP, and to computation of pairings. Stange generalizes EDS to Elliptic Nets. Silverman studied p-adic properties and applications to arithmetic dynamical systems.

Exotic Applications Theorem (Davis, Putnam, Robinson,Matiyasevich) There is no algorithm that can decide whether a polynomials F (X 1,..., X n ) Z[X 1,..., X n ] has an zero with all integer coordinates. It is still not know whether the same statement holds if we allow rational coordinates. But Theorem (Poonen) There is an infinite set of primes S of relative density 1 such that the undecidability statement holds where the coordinates are allowed to be in R = Z[S 1 ]. The proof uses elliptic divisibility sequences.

Martin Davis, Hilary Putnam, Julia Robinson, Yuri Matiyasevich

Bjorn Poonen

Everest, van der Poorten, Shparlinski and Ward

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback