The complexity of Diophantine equations

Similar documents
The Arithmetic of Elliptic Curves

Elliptic curves and modularity

Abstracts of papers. Amod Agashe

Rational points on elliptic curves. cycles on modular varieties

BSD and the Gross-Zagier Formula

Congruent number problem

Stark-Heegner points

Laval University, Québec September 2010

Solving Cubic Equations: An Introduction to the Birch and Swinnerton-Dyer Conjecture

A p-adic Birch and Swinnerton-Dyer conjecture for modular abelian varieties

Elliptic curves and Hilbert s Tenth Problem

Pythagoras = $1 million problem. Ken Ono Emory University

Outline of the Seminar Topics on elliptic curves Saarbrücken,

Heegner points, Stark Heegner points, and values of L-series

The Birch & Swinnerton-Dyer conjecture. Karl Rubin MSRI, January

Introduction to Arithmetic Geometry

Elliptic Curves & Number Theory. R. Sujatha School of Mathematics TIFR

Verification of the Birch and Swinnerton-Dyer Conjecture for Specific Elliptic Curves

Introduction to Elliptic Curves

Congruent Number Problem and Elliptic curves

p-adic iterated integrals, modular forms of weight one, and Stark-Heegner points.

Modern Number Theory: Rank of Elliptic Curves

Wiles theorem and the arithmetic of elliptic curves

Darmon points for fields of mixed signature

CONGRUENT NUMBERS AND ELLIPTIC CURVES

Stark-Heegner Points

Projects on elliptic curves and modular forms

The arithmetic of elliptic curves An update. Benedict H. Gross. In 1974, John Tate published The arithmetic of elliptic curves in

The j-function, the golden ratio, and rigid meromorphic cocycles

Two Types of Equations. Babylonians. Solving Certain Cubic Equations: An Introduction to the Birch and Swinnerton-Dyer Conjecture

THE ARITHMETIC OF ELLIPTIC CURVES AN UPDATE

Using Elliptic Curves

6.5 Elliptic Curves Over the Rational Numbers

A Classical Introduction to Modern Number Theory

AVERAGE RANKS OF ELLIPTIC CURVES

Faster computation of Heegner points on elliptic curves over Q of rank 1

On the low-lying zeros of elliptic curve L-functions

LEGENDRE S THEOREM, LEGRANGE S DESCENT

A p-adic Birch and Swinnerton-Dyer conjecture for modular abelian varieties

ELLIPTIC CURVES, RANK IN FAMILIES AND RANDOM MATRICES

Infinite rank of elliptic curves over Q ab and quadratic twists with positive rank

arxiv:math/ v1 [math.nt] 15 Mar 2001

Rank-one Twists of a Certain Elliptic Curve

Hypersurfaces and the Weil conjectures

A Proof of the Full Shimura-Taniyama-Weil Conjecture Is Announced

OLIVIA BECKWITH. 3 g+2

A Motivated Introduction to Modular Forms

arxiv: v2 [math.nt] 4 Jul 2015

CONICS - A POOR MAN S ELLIPTIC CURVES arxiv:math/ v1 [math.nt] 18 Nov 2003

Independence of Heegner Points Joseph H. Silverman (Joint work with Michael Rosen)

A WHIRLWIND TOUR BEYOND QUADRATICS Steven J. Wilson, JCCC Professor of Mathematics KAMATYC, Wichita, March 4, 2017

arxiv:math/ v1 [math.ho] 14 Nov 2006

Calculation and arithmetic significance of modular forms

LECTURE 2 FRANZ LEMMERMEYER

The GL 2 main conjecture for elliptic curves without complex multiplication. by Otmar Venjakob

Elliptic curves over function fields 1

L-functions and Arithmetic. Conference Program. Title: On the conjecture of Birch and Swinnerton-Dyer for elliptic curves with complex multiplication

FERMAT S WORLD A TOUR OF. Outline. Ching-Li Chai. Philadelphia, March, Samples of numbers. 2 More samples in arithemetic. 3 Congruent numbers

Bjorn Poonen. MSRI Introductory Workshop on Rational and Integral Points on Higher-dimensional Varieties. January 18, 2006

Visibility and the Birch and Swinnerton-Dyer conjecture for analytic rank one

Equations for Hilbert modular surfaces

SQUARES FROM SUMS OF FIXED POWERS. Mark Bauer and Michael A. Bennett University of Calgary and University of British Columbia, Canada

RECIPES FOR TERNARY DIOPHANTINE EQUATIONS OF SIGNATURE (p, p, k)

= 1 2x. x 2 a ) 0 (mod p n ), (x 2 + 2a + a2. x a ) 2

Curves, Cryptography, and Primes of the Form x 2 + y 2 D

VISIBILITY FOR ANALYTIC RANK ONE or A VISIBLE FACTOR OF THE HEEGNER INDEX

arxiv: v2 [math.nt] 23 Sep 2011

Class groups and Galois representations

Algorithm for Concordant Forms

Twisted L-Functions and Complex Multiplication

Elementary Number Theory

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Computing a Lower Bound for the Canonical Height on Elliptic Curves over Q

Elliptic Curves, Factorization, and Cryptography

Heuristics for the growth of Mordell-Weil ranks in big extensions of number fields

Elliptic Curves: An Introduction

TATE-SHAFAREVICH GROUPS OF THE CONGRUENT NUMBER ELLIPTIC CURVES. Ken Ono. X(E N ) is a simple

Introduction to Arithmetic Geometry Fall 2013 Lecture #2 09/10/2013

TAMAGAWA NUMBERS OF ELLIPTIC CURVES WITH C 13 TORSION OVER QUADRATIC FIELDS

Numerical Computation of Stark Hegner points in higher level

Rational Points on Conics, and Local-Global Relations in Number Theory

Diophantine and tropical geometry

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Mathematics for Cryptography

Heegner points, Heegner cycles, and congruences

Possibilities for Shafarevich-Tate Groups of Modular Abelian Varieties

Beyond Fermat s Last Theorem

CONGRUENT NUMBERS AND ELLIPTIC CURVES

Congruent numbers via the Pell equation and its analogous counterpart

p-adic Properites of Elliptic Divisibility Sequences Joseph H. Silverman

Three cubes in arithmetic progression over quadratic fields

Counting points on hyperelliptic curves

RAMANUJAN, TAXICABS, BIRTHDATES, ZIPCODES, AND TWISTS. Ken Ono. American Mathematical Monthly, 104, No. 10, 1997, pages

8 Elliptic Curve Cryptography

15 Elliptic curves and Fermat s last theorem

Congruent number elliptic curves of high rank

Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

The powers of logarithm for quadratic twists

COMPUTATIONAL VERIFICATION OF THE BIRCH AND SWINNERTON-DYER CONJECTURE FOR INDIVIDUAL ELLIPTIC CURVES

CONICS - A POOR MAN S ELLIPTIC CURVES

Transcription:

The complexity of Diophantine equations Colloquium McMaster University Hamilton, Ontario April 2005

The basic question A Diophantine equation is a polynomial equation f(x 1,..., x n ) = 0 with integer coefficients, for which one seeks rational or integer solutions. Question. Given a diophantine equation, how hard is it to find a solution? Matijasevich. This problem of determining the existence of a solution is undecidable in general. It is natural to try to develop theories for more restricted classes. 1

The size of a Diophantine equation If a/b Q, Height(a/b) := h(a/b) = log(ab). h((x 1,..., x n )) = h(x 1 ) + + h(x n ). If f = J a J x J is a diophantine equation, h(f) = J h(a J ). The height of an equation is, roughly speaking, the amount of paper required to write it down. 2

Complexity Definition A class C of equations is said to be strictly polynomial if there is an n 1 and an algorithm which for each equation E C produces a solution to E in at most h(e) n operations. Less formally: the time required to find a solution for E is roughly equivalent to the time it takes to write E down. 3

Some examples The following (not very interesting!) classes of Diophantine equations are strictly polynomial: C = {Equations in one variable} C = { systems of linear equations} Question. Are there any other naturally occuring classes of non-linear Diophantine equations in more than one variable which are strictly polynomial? 4

Factorisation Consider FACT := {xy = n, x, y ±1; as n Z}. Conjecture The class FACT is not strictly polynomial. Much of modern cryptography rides on this conjecture, although it seems difficult to prove. 5

Conics Consider CONICS = {ax 2 + by 2 + cz 2 = 0, as a, b, c Z} Theorem (Hasse-Minkowski) Suppose given an oracle for extracting the square root of m modulo n in time which is polynomial in log(n). Then CONICS is strictly polynomial. 6

Sketch of proof 1. Find λ a, λ b, λ c Z such that λ 2 a = b/c (mod a), λ 2 b = a/c (mod b), λ 2 c = a/b (mod c). 2. Let Λ = set of (x, y, z) Z 3 with z = λ a y (mod a), z = λ b x (mod b), y = λ c x (mod c), plus parity conditions. (x, y, z) Λ ax 2 +by 2 +cz 2 = 0 (mod 4abc). 7

Sketch of proof (cont d) 3. Find a short vector (x 0, y 0, z 0 ) Λ. This is similar to a gcd calculation, and can be done very fast (in polynomial time). 4. Geometry of numbers: 4abc divides ax 2 0 + by2 0 + cz2 0 < 4abc hence ax 2 0 + by2 0 + cz2 0 = 0. This algorithm for finding (x 0, y 0, z 0 ) works in time which is polynomial in log(abc). 8

Applications Theorem The classes CONICS a,b := {ax 2 +by 2 +pz 2 = 0, p prime} 2SQUARES := {x 2 + y 2 = p, p prime}; are strictly polynomial. Question. Are there classes of Diophantine equations which can be proved to not be strictly polynomial? 9

Pell s Equation Fermat s favorite Diophantine equation: PELL := {x 2 dy 2 = 1, as d Z}. Group law: (x 1, y 1 ) (x 2, y 2 ) := (x 1 x 2 +dy 1 y 2, x 1 y 2 +y 1 x 2 ). Fundamental solution: (±x, ±y) = (x, y ) k. Theorem. The class PELL is not strictly polynomial. 10

Proof Here are some fundamental solutions. d = 2. x = 3, y = 2. d = 61. x = 1766319049, y = 226153980. d = 109. x = 158070671985249, y = 15140424455100. d = 991. x = 379516400906811930638014896080, y = 12055735790331359447442538767. Induction (à la Fermat): large as d. h(x 0, y 0 ) can be as Hence merely writing down the fundamental solution can take as many as d >> log(d) n operations. 11

Polynomial complexity Problem P(E,h). Given E C and h >> h(e), (more precisely: h > exp(h(e))) find a solution x of E with h(x) < h, if it exists, or terminate with an appropriate message, otherwise. Obvious algorithm: run over all solutions with height h until a solution is found (or not). This requires a number of operations which is exponential in h. Definition. A class C of Diophantine equations is said to be solvable in polynomial time if there is n N and an algorithm that solves P (E, h) in at most h n operations. Less formally: the time required to find a large solution for E is roughly equivalent to the time it takes to write the solution down. Caveat: FACT is trivially solvable in polynomial time according to this definition. 12

Pell s equation Theorem The class PELL is solvable in polynomial time. Algorithm for computing (x, y ): the continued fraction method. d = a0 + x n y n = a 0 + a 1 + 1 a 1 + 1 a 2 + 1 1 a 2 + + an 1 For n >> 0, (x n, y n ) = (x, y ).. This approach requires O(log(x )) operations. 13

Elliptic curves The class ELL := {y 2 = x 3 + ax + b, a, b Q}. The addition law on an elliptic curve 14

The Mordell-Weil theorem Theorem. The set E(Q) is a finitely generated abelian group. E(Q) = T Z r, r 0. Question. Is there an algorithm to compute E(Q) given E? The answer is not known! (It is related to the Shafarevich-Tate conejcture, and the Birch and Swinnerton-Dyer conjecture.) Related Question Is ELL solvable in polynomial time? This question might seem more approachable to the uninitiated. 15

A conjecture/provocation Conjecture The class ELL of elliptic curve equations is solvable in polynomial time. This conjecture asserts that it should be possible to zero in on solutions to elliptic curve equations much more rapidly than by performing an exhaustive search. It appears to be intimately connected to the Birch and Swinnerton-Dyer conjecture. 16

An example of Bremner and Cassels The elliptic curve E : y 2 = x 3 + 877x has rank one and generator given by: x = 6127760831879473681012 78841535860683900210 2 y = 25625626798892680938877 68340455130896486691 53204356603464786949 78841535860683900210 3 17

Another example Consider the equation 101y 2 = x 3 x 2 10x 19/4. The smallest solution has x = 1081624136644692539667084685116849 246846541822770321447579971520100 This solution was found on a computer in a few seconds. 18

The Hasse-Weil L-series Let N :=Conductor(E), and define a p := { p + 1 #E(Z/pZ) if p N; 0, 1, or 1 if p N. a p n = a p a p n 1 pa p n 2, a rs := a r a s, (r, s) = 1. Hasse-Weil L-function attached to E: L(E, s) = n a n n s = p (1 a p p s + p 1 2s ) 1 L(E, 1) = p p #E(Z/pZ). The Hasse-Weil L-series is expected to encode arithmetic information about E, notably its rank. 19

The Birch and Swinnerton-Dyer conjecture Conjecture. The L-function L(E, s) extends to an analytic function of s C, and rank(e(q)) = ord s=1 L(E, s). The leading term of L(E, s) is also expected to be expressible in terms of the heights of the generators of E(Q), and of the conjecturally finite Shafarevich-Tate group. Tate (1974)... this remarkable conjecture relates the behaviour of a function L at a point where it is at present not known to be defined to the order of a group LLI which is not known to be finite. 20

Modularity Problem: Give a closed formula for the a n? Consider the generating series: f E (q) := n=1 a n q n, q := e 2πiτ. Hecke s congruence group: {( ) a b Γ 0 (N) := SL c d 2 (Z) } s.t. N c. Definition. A modular form of weight k and level N is a function f(z) = such that ( az + b f cz + d ) for all n=0 b n e 2πinz = (cz + d) k f(z), ( a b c d ) Γ 0 (N). 21

Wiles Theorem Theorem (Wiles) The generating function f E (z) is a modular form of weight 2 and level N. First consequence: The Hasse-WeilL-series L(E, s) = (2π) s Γ(s) 1 0 f(it)tsdt t extends to an analytic function of s C. Hence the left-hand side of the BSD conjecture makes sense! 22

Modular parametrisations Second consequence: Let exp E : C E(C) be the Lie exponential. There exists λ C such that τ Φ(τ) := exp E (λ f(z)dz i descends to a well-defined analytic map Φ : H/Γ 0 (N) E(C), called the modular parametrisation. H := {z C s.t. I(z) > 0} (the Poincaré upper half-plane.) Key remark. The map Φ can be calculated in polynomial time, in the sense that d digits of accuracy can be obtained in O(d n ) operations. ) 23

The Heegner point construction Let H be a the set of τ H which generate a quadratic imaginary field K: τ = a + b d, with a, b, d Q. Theorem. If τ belongs to H K, then Φ(τ) belongs to E(K ab ). K ab = maximal abelian extension of K. In fact, the smallest abelian extension H τ over which Φ(τ) is defined can be specified explicitly. For τ H, define P τ := trace Hτ /Q (Φ(τ)) is called the Heegner point at- The point P τ tached to τ. Theorem. If h(p τ ) < h, then P τ can be computed in poly(log(h)) operations. 24

Main Properties Theorem (Kolyvagin) If r = rank(e(q)) 1, then P τ is torsion for all τ. Theorem (Gross-Zagier). If ord s=1 L(E, s) = 1, then P τ is of infinite order for infinitely many τ. Corollary Let ELL 1 := {E ELL s.t. ord s=1 L(E, s) 1}. The class ELL 1 is solvable in polynomial time. 25

The number field case In contrast with ELL 1, the complexity of ELL seems very hard to study, and we find ourselves with little of interest to say about it. We seek refuge in the number field case. Let F =finite extension of Q. ELL(F ) := {Elliptic curves over F }; E ELL 1 (F ) ord s=1 L(E/F, s) 1. Hard conjecture The class ELL(F ) is solvable in polynomial time. Easier conjecture The class ELL 1 (F ) is solvable in polynomial time. Thesis. This last conjecture, while seemingly not out of reach, is worthwhile and presents many interesting challenges. 26

Real quadratic fields Let F =real quadratic field. Assume all elliptic curves over F are modular. ELL 1 (F ) = set of elliptic curves E ELL 1(F ) such that there is a prime p of O F which divides N(E) exactly. Theorem (Matt Greenberg, 2005) The class ELL 1 (F ) is solvable in polynomial time. The proof uses ideas arising from the theory of p-adic integration and the theory of overconvergent p-adic modular forms (attached to definite quaternion algebras). What about ELL 1 (F )? 27

The class ELL 1 (F ) There is a conjectural algorithm for solving any equation in ELL 1 (F ) in polynomial time, which works reasonably well in practice. Darmon, Logan. Periods of Hilbert modular forms and rational points on elliptic curves. IMRN (2003) no. 40, 2153-2180. Useful theoretical insights about elliptic curves are to be gained by carefully considering ELL 1 (F ) for other fields F, such as the imaginary quadratic fields. 28

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback