On the generation of elliptic curves with 16 rational torsion points by Pythagorean triples



Similar documents
Applications of Fermat s Little Theorem and Congruences

PYTHAGOREAN TRIPLES KEITH CONRAD

= = 3 4, Now assume that P (k) is true for some fixed k 2. This means that

Alex, I will take congruent numbers for one million dollars please

Math 319 Problem Set #3 Solution 21 February 2002

minimal polyonomial Example

k, then n = p2α 1 1 pα k

MATH10040 Chapter 2: Prime and relatively prime numbers

I. GROUPS: BASIC DEFINITIONS AND EXAMPLES

CHAPTER 5. Number Theory. 1. Integers and Division. Discussion

The Prime Numbers. Definition. A prime number is a positive integer with exactly two positive divisors.

3 1. Note that all cubes solve it; therefore, there are no more

Winter Camp 2011 Polynomials Alexander Remorov. Polynomials. Alexander Remorov

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

a 1 x + a 0 =0. (3) ax 2 + bx + c =0. (4)

Discrete Mathematics, Chapter 4: Number Theory and Cryptography

a 11 x 1 + a 12 x a 1n x n = b 1 a 21 x 1 + a 22 x a 2n x n = b 2.

SUM OF TWO SQUARES JAHNAVI BHASKAR

Quotient Rings and Field Extensions

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, Notes on Algebra

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

SYSTEMS OF PYTHAGOREAN TRIPLES. Acknowledgements. I would like to thank Professor Laura Schueller for advising and guiding me

FACTORING CERTAIN INFINITE ABELIAN GROUPS BY DISTORTED CYCLIC SUBSETS

Congruent Number Problem

CHAPTER SIX IRREDUCIBILITY AND FACTORIZATION 1. BASIC DIVISIBILITY THEORY

Homework until Test #2

11 Ideals Revisiting Z

CM2202: Scientific Computing and Multimedia Applications General Maths: 2. Algebra - Factorisation

ABSTRACT ALGEBRA: A STUDY GUIDE FOR BEGINNERS

Overview of Number Theory Basics. Divisibility

4. FIRST STEPS IN THE THEORY 4.1. A

9. POLYNOMIALS. Example 1: The expression a(x) = x 3 4x 2 + 7x 11 is a polynomial in x. The coefficients of a(x) are the numbers 1, 4, 7, 11.

Computing exponents modulo a number: Repeated squaring

Continued Fractions and the Euclidean Algorithm

Primality - Factorization

4.2 Euclid s Classification of Pythagorean Triples

Module MA3411: Abstract Algebra Galois Theory Appendix Michaelmas Term 2013

Some practice problems for midterm 2

MATH 537 (Number Theory) FALL 2016 TENTATIVE SYLLABUS

Chapter 17. Orthogonal Matrices and Symmetries of Space

V Quantitative Reasoning: Computers, Number Theory and Cryptography

Integer roots of quadratic and cubic polynomials with integer coefficients

ON GALOIS REALIZATIONS OF THE 2-COVERABLE SYMMETRIC AND ALTERNATING GROUPS

SUBGROUPS OF CYCLIC GROUPS. 1. Introduction In a group G, we denote the (cyclic) group of powers of some g G by

Every Positive Integer is the Sum of Four Squares! (and other exciting problems)

Introduction to Finite Fields (cont.)

of Nebraska - Lincoln

Unique Factorization

Factorization Algorithms for Polynomials over Finite Fields

RSA and Primality Testing

Settling a Question about Pythagorean Triples

The Chinese Remainder Theorem

Number Theory Hungarian Style. Cameron Byerley s interpretation of Csaba Szabó s lectures

Kevin James. MTHSC 412 Section 2.4 Prime Factors and Greatest Comm

Lecture 13 - Basic Number Theory.

ELLIPTIC CURVES AND LENSTRA S FACTORIZATION ALGORITHM

Chapter 4, Arithmetic in F [x] Polynomial arithmetic and the division algorithm.

PROOFS BY DESCENT KEITH CONRAD

8 Primes and Modular Arithmetic

FACTORING POLYNOMIALS IN THE RING OF FORMAL POWER SERIES OVER Z

How To Prove The Dirichlet Unit Theorem

Pythagorean vectors and their companions. Lattice Cubes

COMMUTATIVE RINGS. Definition: A domain is a commutative ring R that satisfies the cancellation law for multiplication:

Solutions to TOPICS IN ALGEBRA I.N. HERSTEIN. Part II: Group Theory

GREATEST COMMON DIVISOR

Five fundamental operations. mathematics: addition, subtraction, multiplication, division, and modular forms

GENERATING SETS KEITH CONRAD

CS 103X: Discrete Structures Homework Assignment 3 Solutions

The last three chapters introduced three major proof techniques: direct,

Primes in Sequences. Lee 1. By: Jae Young Lee. Project for MA 341 (Number Theory) Boston University Summer Term I 2009 Instructor: Kalin Kostadinov

H/wk 13, Solutions to selected problems

Factoring Polynomials

MATH 289 PROBLEM SET 4: NUMBER THEORY

7. Some irreducible polynomials

1 = (a 0 + b 0 α) (a m 1 + b m 1 α) 2. for certain elements a 0,..., a m 1, b 0,..., b m 1 of F. Multiplying out, we obtain

2010 Solutions. a + b. a + b 1. (a + b)2 + (b a) 2. (b2 + a 2 ) 2 (a 2 b 2 ) 2

Section 4.2: The Division Algorithm and Greatest Common Divisors

FACTORING IN QUADRATIC FIELDS. 1. Introduction. This is called a quadratic field and it has degree 2 over Q. Similarly, set

mod 10 = mod 10 = 49 mod 10 = 9.

26 Ideals and Quotient Rings

Matrix Algebra. Some Basic Matrix Laws. Before reading the text or the following notes glance at the following list of basic matrix algebra laws.

Elementary Number Theory and Methods of Proof. CSE 215, Foundations of Computer Science Stony Brook University

Number Theory: A Mathemythical Approach. Student Resources. Printed Version

Lectures on Number Theory. Lars-Åke Lindahl

Solving Linear Systems, Continued and The Inverse of a Matrix

PUTNAM TRAINING POLYNOMIALS. Exercises 1. Find a polynomial with integral coefficients whose zeros include

A number field is a field of finite degree over Q. By the Primitive Element Theorem, any number

GCDs and Relatively Prime Numbers! CSCI 2824, Fall 2014!

THE CONGRUENT NUMBER PROBLEM

SOLVING POLYNOMIAL EQUATIONS

A Second Course in Mathematics Concepts for Elementary Teachers: Theory, Problems, and Solutions

The Division Algorithm for Polynomials Handout Monday March 5, 2012

Algebra I Vocabulary Cards

Revised Version of Chapter 23. We learned long ago how to solve linear congruences. ax c (mod m)

OSTROWSKI FOR NUMBER FIELDS

calculating the result modulo 3, as follows: p(0) = = 1 0,

RESULTANT AND DISCRIMINANT OF POLYNOMIALS

ALGEBRAIC APPROACH TO COMPOSITE INTEGER FACTORIZATION

SOLUTIONS FOR PROBLEM SET 2

Linear Algebra Notes for Marsden and Tromba Vector Calculus

Transcription:

On the generation of elliptic curves with 16 rational torsion points by Pythagorean triples Brian Hilley Boston College MT695 Honors Seminar March 3, 2006 1 Introduction 1.1 Mazur s Theorem Let C be a non-singular rational cubic curve, and suppose that C(Q) contains a point of finite order m. Then either 1 m 10 or m = 12. More precisely, the set of all points of finite order in C(Q) forms a subgroup which has one of the following two forms: (i) A cyclic group of order N with 1 N 10 or N = 12. (ii) The product of a cyclic group of order two and a cyclic group of order 2N with 1 N 4. 1.1.1 The extreme case According to Mazur s Theorem, C(Q) tor must be isomorphic to one of the listed groups. Of these possible torsion subgroups, has the most elements; = 16. Curves with sixteen torsion points are thus considered to be the most extreme legal elliptic curves. Today we ll look at such a type of elliptic curve for which C(Q) tor = 16. 2 Relation to Pythagorean triples A Pythagorean triple is any element (a, b, c) N 3 such that a 2 + b 2 = c 2. If additionally gcd(a, b, c) = 1, then (a, b, c) is called a primitive Pythagorean triple. We showed on the first day of class that a = m 2 n 2, b = 2mn, and c = m 2 + n 2, for some m, n such that m > n, gcd(m, n)= 1, and m and n are not congruent modulo 2. 1

2.1 Claim Let (A, B, C) be a Pythagorean triple. Then let C : y 2 = x(x + A 4 )(x + B 4 ). (1) Then C(Q) tor and C(Q) tor = 16. Before we investigate and prove this claim, let s digress a bit and explore the multitude of curves of this form. 2.2 Algorithm that generates Pythagorean triples Surprisingly, we can use the Euclidean Algorithm to find all Pythagorean triples of the form (x, y, p) where p is prime. Additionally, these Pythagorean triples can be multiplied by scalars or added to generate all other Pythagorean triples. For example, (7,24,25) is a primitive Pythagorean triple that is not of this form. 2.2.1 Proposition Given a prime p, the following statements are equivalent: a) p 1 (mod 4). b) There exists a Pythagorean triple (x, y, p). c) -1 is a square modulo p. 2.2.2 Algorithm, first step Suppose p 1 (mod 4). Fermat proved that there infinitely many primes congruent to 1 modulo 4. We can use an algorithm to find the corresponding Pythagorean triple (x, y, p). First, solve the congruence a 2 1 (mod p). (It may help to cheat by using Mathematica for this step.) Additionally, we already know two facts about a: a) Clearly, ord p (a)= 4. b) Congruences of the form x 2 a (mod p), such that a and p is prime, have 0 or 2 incongruent solutions modulo p. By Proposition 2.2.1, a 2 1 (mod p) has 2 incongruent solutions, which can either be written as ±a, or as a and p a. For the algorithm, we need a to be a positive integer less than p. 2.2.3 Algorithm, second step Next use the Euclidean Algorithm on p and a. Although we usually use the Euclidean Algorithm to find greatest common divisors, we already know that gcd(p, a)=1. In this case, we are interested in the remainders. Let m and n be the two greatest remainders which are less than p, m > n. Then, remarkably, x = m 2 n 2, y = 2mn, and p = m 2 + n 2. 2

2.2.4 Examples Here is a demonstrative example. Let p = 89; a is found to be 34. 89 = 34(2) + 21 34 = 21(1) + 13 21 = 13(1) + 8 13 = 8(1) + 5 8 = 5(1) + 3 p 9.43. Then m = 8 and n = 5. Thus x = (8 2 5 2 ) = 39 and y = 2(8)(5) = 80. Hence, the corresponding Pythagorean triple is (39,80,89). This method is especially useful for finding very large Pythagorean triples. Take the one billionth prime, p = 22801763489. We find that a = 2648497433, p 151002.528, and the 12th and 13th remainders of the Euclidean Algorithm on p and a are 116200 and 96433. This generates the Pythagorean triple (22411029200, 4203116511, 22801763489). 2.2.5 Operations Clearly, we can multiply a Pythagorean triple by a positive integer to generate another Pythagorean triple. Using an analogue in the complex plane, we can also find an operation that generates a third Pythagorean triple from any two. Using these two operations, we can express all Pythagorean triples in terms of triples generated by our algorithm. Suppose (a, b, c) and (e, f, g) are Pythagorean triples. In the complex plane, let z= a + bi and w= e + fi. (a + bi)(e + fi) = (ae bf) + i(af + be) (ae bf) 2 + (af + be) 2 = (a 2 + b 2 )(e 2 + f 2 ) = z 2 w 2 = (cg) 2. (2) Thus ( ae bf, af + be, cg) is a Pythagorean triple. Define this to be the sum of the Pythagorean triples (a, b, c) and (e, f, g). 3 The Pythagorean elliptic curve 3.1 Claim restated Let (A, B, C) be a Pythagorean triple. Then let C : y 2 = x(x + A 4 )(x + B 4 ). (3) Making use of the corresponding triples, we can consider every curve of this form to have the same additive and multiplicative properties as the corresponding triples. Again we claim that C(Q) tor and C(Q) tor = 16. 3

3.2 Nagell-Lutz method Let s try, blindly, to find C(Q) tor using the Nagell-Lutz Theorem. On the curve, f(x)= x(x+a 4 )(x+b 4 ). The theorem tells us that if P =(x, y) C(Q) tor, then y = 0 or y 2 Disc(f). If y = 0, the resulting equation has three solutions: (0, 0), ( A 4, 0) and ( B 4, 0). All three solutions are in fact torsion points of order two. Including the identity, we have found four torsion points. After this, however, things get messy. Using the formula for discriminant, we find that Disc(f) = A 8 B 8 (A 4 B 4 ) 2 (4) This means if y 0, y A 4 B 4 (A 4 B 4 ). For Mathematica, this is good enough, but we would like to have a more efficient method. Take the simplest curve, analogous to (4, 3, 5). Then y 3 4 2 8 5 2 7, a product with 5 9 3 2 = 270 distinct positive divisors to check. 3.3 Lemma Let C : y 2 = (x a)(x b)(x c), a, b, c, and suppose P = (u, v) is a nonidentity rational point on C. Then there exists a rational point Q Csuch that P = 2Q iff (u a), (u b) and (u c) are perfect squares. 3.3.1 Proof Suppose u a = A 2, u b = B 2, and u c = C 2. Define the point Q: Q = (u + AB AC BC, (A + B)(A C)(B C)). (5) Then, we have X(2Q) = u. Suppose P = 2Q, where Q = (r, s). Let L : y = mx + n be the tangent line to C at Q. Then Q = (r, s) and P = Q Q = (u, v) are both on L, which means they satisfy the equation (x a)(x b)(x c) = y 2 = (mx n) 2 Moreover, since L is tangent to C at Q, the equation (x a)(x b)(x c) (mx n) 2 = 0 has the three roots r, r, u. Thus it is the case that: (x a)(x b)(x c) (mx n) 2 = (x r) 2 (x u) (6) Without loss of generality, setting x = a in equation 6 gives (ma n) 2 = (u a)(a r) 2 Suppose a = r. Then Q = (a, s) = (a, 0) and P = 2Q is the identity, a contradiction. Thus u a is a perfect square. Using this Lemma, we can find points that have higher order than two from (0,0), which is a point we can easily verify to be a 2-torsion point. 4

3.4 Finding some torsion points Let s begin with a curve of the form C : y 2 = x(x+r 2 )(x+s 2 ). Applying equation 5 of the Lemma to the 2-torsion point (0, 0), we find that P = (rs, rs(r + s)) is a point of order 4 on C. We also know that ( r 2, 0) is a 2-torsion point on the curve. Because of Mazur s Theorem, this is enough information to show that the torsion subgroup of C : y 2 = x(x + r 2 )(x + s 2 ). either is 4 or. They are the only two possible torsion subgroups by Mazur s Theorem that have a point of order 4 and two different points of order 2. Moreover, the torsion subgroup must contain Let r = A 2 and s = B 2. Then P = (rs, rs(r + s)) = (A 2 B 2, A 2 B 2 C 2 ). Using equation 5 of the Lemma generates the point of order 8 (AB(A + C)(B + C), ABC(A + C)(B + C)(A + B)). The existence of this torsion point proves 4. our original claim, that C(Q) tor and C(Q) tor = 16. 3.5 Finding the rest of the torsion points The fact that C(Q) tor is a group implies a very useful fact that should be explicitly stated: C(Q) tor is closed under addition. 3.5.1 Isomorphism Define a group isomorphism f : C(Q) tor using a table (page 6). Beginning with the chart below, we will use closure under addition to find the others. Note we have several different ways to plug in our points; f is just an example. Other ways will result in other permutations of the 16 torsion points. C(Q) tor (0, 0) O (0, 1) (AB(A + C)(B + C), ABC(A + C)(B + C)(A + C)) (0, 2) (0, 3) (0, 4) (0, 0) (0, 5) (0, 6) (0, 7) (1, 0) ( A 4, 0) (1, 1) (1, 2) (1, 3) (1, 4) ( B 4, 0) (1, 5) (1, 6) (1, 7) 5

4 The torsion subgroup stated Addition on C(Q) tor corresponds with addition on, which is much easier. After adding the corresponding points on the curve, we arrive at the following table, the group isomorphism f: C(Q) tor Order (0, 0) O 1 (0, 1) (AB(A + C)(B + C), ABC(A + C)(B + C)(A + C)) 8 (0, 2) (A 2 B 2, A 2 B 2 C 2 ) 4 (0, 3) (AB(C B)(C A), ABC(A + B)(C A)(C B)) 8 (0, 4) (0, 0) 2 (0, 5) (AB(C B)(C A), ABC(A + B)(C A)(C B)) 8 (0, 6) (A 2 B 2, A 2 B 2 C 2 ) 4 (0, 7) (AB(A + C)(B + C), ABC(A + C)(B + C)(A + C)) 8 (1, 0) ( A 4, 0) 2 (1, 1) (AB(C + A)(B C), ABC(C + A)(C B)(B A)) 8 (1, 2) ( A 2 B 2, A 2 B 2 (A 2 B 2 )) 4 (1, 3) (AB(B + C)(A C), ABC(B A)(C A)(B + C)) 8 (1, 4) ( B 4, 0) 2 (1, 5) (AB(B + C)(A C), ABC(B A)(C A)(B + C)) 8 (1, 6) ( A 2 B 2, A 2 B 2 (A 2 B 2 )) 4 (1, 7) (AB(C + A)(B C), ABC(C + A)(C B)(B A)) 8 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information