Embed Size (px)
Citation preview
SPLASH! 2012QUADRATIC RECIPROCITY
Michael Belland
Thank you for taking “Is the remainder a square? Elementary Number Theory and Quadratic Reciprocity” at Splash!
This powerpoint is intended to provide a proof of the statement of quadratic reciprocity.
If you read this powerpoint, feel free to take breaks once in a while! There’s a lot of content in here. It took me six weeks of dedicated study to really understand all of this. If you have any questions, please email me!
Introduction
Fermat’s Little Theorem When is -1 a square mod p? Strong Division Gauss’ lemma When is 2 a square mod p? Statement and Proof of Quadratic
Reciprocity Applications (Or, why we should care)
A Brief Outline
Pierre de Fermat, Lawyer (1601-1665) Not a professional mathematician Came up with many conjectures; usually
these were correct, like Fermat’s Last Theorem! But sometimes not (Fermat primes are a good example).
Fermat’s Little Theorem. Given that p is a prime, ap=a (mod a). Alternatively, p always divides ap-a. (Which we can denote p|ap-a.)
Fermat’s Little Theorem (FlT)
In general, a|b means that a divides b. In other words, dividing b by a gives no remainder.
Consider the set of nonzero integers mod p, which is {1,2,…,p-1}. If two integers in this set are i and j, then when can we have ai = aj (mod p)? Assume p doesn’t divide a.
Let the multiplication of this set by a be a set operation. If we can show that this operation is “injective” and “surjective,” then it follows that the sets {1,2,…,p-1} and {a,2a,…,ap-a} are the same, up to reordering of their contents.
Proof of Fermat’s Little Theorem
The important point here is that the numbers 1,2,…p-1 are a rearrangement of the numbers a, 2a, … (p-1)a. If you understand this, you can skip the more rigorous proof in the next slide.
We can prove plenty of nuts and bolts about equivalence relations, but converting to integers is easiest.
If ai=aj (mod p), then p|ai-aj, or p|a(i-j). If a doesn’t have a factor of p, then i-j must; so p divides i-j. But since 0<i,j<p, it follows that –p<i-j<p, so i-j=0. It follows that i=j.
Since we showed ai=aj (mod p) => i=j (mod p), this set operation is injective.
We can check that all elements of the set {1,2,3,…,p-1} are representable as ai, for some i between 1 and p-1. (inverses)
Therefore, this set operation is surjective (by definition).
Proof of FlT, continued
Then, {a,2a,…,ap-a} is a *permutation* of {1,2,…,p-1}. So, it should follow that both products of all of the elements of the individual sets should be equal.
So, Π (ai) = Π (i). Thus, ap-1 * (p-1)! = (p-1)! (mod p).
It follows that ap-1=1 (mod p), if p doesn’t divide a. If p divides a, then as p is a prime we find a=0 (mod p). So, multiplication of both sides by a gives ap=a (mod p), which is true for all integers a.
(A permutation is a reordering of something else)
Proof of FlT, continued
i=1 i=1
p-1 p-1
What would happen if we added all the sets together? Is there some way that adding these sets together could actually be useful?
Should Fermat’s Little Theorem work for composite modulos? (A composite number is not a prime nor 1.) Why or why not? If not, can this statement be saved?
Can you evaluate (n-1)! modulo n for all integers n?
Challenge Question
Some quick observations:
x2=1 (mod p) implies x=1 (mod p) or x=-1 (mod p). We see this is true because p|(x2-1) implies p|x-1 or p|x+1.
xp-1 = 1 (mod p) if x≠0 (modp), by Fermat’s Little Theorem.
Therefore, x(p-1)/2 = 1 or x(p-1)/2 = -1 (mod p).
If x≠0 is a square mod p, then x=u2 for some u in Up (Up is shorthand for the set {1,2,…,p-1}). Then, u(p-1)=1 implies x(p-1)/2=1. So, if x is a square mod p, x(p-1)/2=1.
When is -1 a square mod p?
So evaluate (-1)(p-1)/2 for all odd primes p. Thankfully, since -1 raised to some power can only be 1 or -1, we can evaluate this expression in integers.
(-1)(p-1)/2 = 1 if (p-1)/2 is even, and (-1)(p-1)/2 = -1 if (p-1)/2 is odd.
So, if p=1 mod 4, -1 is a square mod p. So, -1 is a square mod 5, 13, or 17
For example, 22=-1 (mod 5); 52=-1 (mod 13), and 42=-1 (mod 17).
When is -1 a square mod p?
We’re going to assume here a nontrivial but intuitive result about the group of remainders mod p. That is, if polynomials have coefficients that are in {1,2,…p} (this set is also known as Zp), then a polynomial of degree d has no more than d roots. This is intuitive for normal polynomials.
However, this is not always true for stranger polynomials; e.g (x-2)(x-3) = x(x-5) in Z6. Don’t think about that too much; it’s not relevant here.
Challenge Problem! Why should division work for polynomials with prime modulo coefficients but not in general for composite modulo coefficients?
A way to save some time
There are (p-1)/2 nonzero squares modulo p. Notice that a2=(-a)2, so that every square has two distinct numbers squaring to it (p≠2), and that each of these pairs squares to a different number.
So, we know that x(p-1)/2-1 = 0 has at most (p-1)/2 roots; these roots are in fact the nonzero squares mod p. So, since xp-1=0 has p roots, it follows that x(p-1)/2+1=0 has (p-1)/2 roots. These are the nonsquares of Zp.
When is a a square mod p?
Conclusion: x(p-1)/2=1 if and only if x is a square mod p.
Conclusion: If a is a nonsquare mod p, a(p-1)/2=-1. (x≠0 (mod p), and p ≠ 2, like it assumed elsewhere.)
So, what happens if x=-1? Then, the expression x(p-1)/2 evaluates to be 1 if p is 1 (mod 4), and -1 if p is 3 (mod 4).
So, is 6 a square mod 7? Is 10 a square mod 11? 12 mod 13?
When is a a square mod p?
You’ve had to go through a lot of difficult concepts to get to this point. Stop reading this for now and take a break to let everything sink in.
Also remember that some concepts are probably explained in a confusing manner. This all makes sense to me now because I know what I’m trying to say. But it might not have made sense to me when I was trying to learn the material! If there’s something you don’t understand, please ask me questions! I’ll try to explain what’s going on.
Take a break!
Let’s approach a different concept now.
“The division algorithm” for integers states that when we divide and integer a by another integer b, we get two integers q and r such that 0≤r<b and a=bq+r. This is just like normal division; q is our quotient and r is our remainder.
But isn’t this inefficient? Can’t we make the size of r smaller?
Strong Division
If we make –p/2<r<p/2, this should still work. Here, we let p be an odd prime. (Assume r≠0.)
Then, if a=pq+r, 2a = 2pq + 2r. So, 2a/p = 2q + 2*(r/p). If 0<2r<p, then the “floor function” of 2a/p is even (2q) Otherwise, -p<2r<0, and the floor of 2a/p is odd (2q-1). In both cases, r = r0*e, where 0<r0<p/2 and e = -1floor(2a/p).
The floor function is defined to be the greatest integer less than its argument (what it is evaluated at). So, the floor function of 3.14 is 3, and the floor function of -3.2 is -4.
Strong Division
Now let’s see if we can apply a Fermat’s little Theorem type trick to get something useful out of this.
We know that ak=ek*rk, as we described in the strong division formula, for all k in Up. So let’s evaluate this in particular for all k that satisfy 1<k<p/2.
We can multiply all of these equations together! Pi notation will show up again.
Gauss’ Lemma
Π(ak) = Π(rk*ek) (mod p), just by pi notation.
Then, notice that the set of {1,2,3,…,(p-1)/2} is just a permutation of the set of {r1,r2,…,r(p-1)/2}. This is because none of the rk terms appear more than once, and there are (p-1)/2 of them.
So, we ultimately find that Πa = Πek (mod p).
From strong division, we can write the product of the ek terms in sigma notation; a(p-1)/2=-1Σ[floor(2ak/p)].
Try to work this argument out for small odd primes p like 3, 5, or 7.
Gauss’ Lemma
0<k<p/2 0<k<p/2
0<k<p/2 0<k<p/2
Define these to evaluate to 1 if a is a square mod p, else if a is a nonsquare mod p, this should be -1. In this powerpoint, they look like a||p.
The Legendre symbol is multiplicative, and, more importantly, is congruent to a(p-1)/2 (mod p).
This in turn is congruent to (and in fact equal to) -1Σ[floor(2ak/p)], as mentioned before. The limits on the sum go from k=0 to k=(p-1)/2, or just 0≤k<p/2.
Legendre Symbols
A trick yet again.
2||p * b||p = 2||p * (b+p)||p = 2||p * 2||p * [(b+p)/2]||p = [(b+p)/2]||p.
Evaluate -1Σ[floor(2*(b+p)/2*k/p)] with 0≤k<p/2. This is equal to [(b+p)/2]||p. Using the definition of the floor function and some algebra if b=1, we evaluate this to be -1 to the (p2-1)/8 th power. This expression equals 2||p. We can then use this to find b||p = -1Σ[floor(b*k/p)], for all odd b.
So, 2 is a square mod p if and only if p is 1 or 7 (mod 8). Check this. Is 2 a square mod 7? Mod 17? Mod 29?
Is 2 a square mod p?
How many lattice points are in the rectangle defined by 0<x<p/2 and 0<y<q/2, where p and q are distinct odd primes?
One way we can find this out is a simple multiplication problem. This is a rectangle of points with dimensions (p-1)/2 by (q-1)/2, so there are (p-1)(q-1)/4 points all together.
But we can count this in another way…
One Last Theorem
Consider the Cartesian plane, and draw a line segment connecting the points (0,0) and (p,q). Then, we can count how many points in the rectangle are below the line, and how many are to the left of it (above it).
Definitely draw a diagram to follow along!
The number of points under the line segment but still in the rectangle can be counted column-by-column. There are floor(qi/p) points in the rectangle below the line segment, when x=i. What do we get if we add all of these statements together (do this for all columns)?
One Last Theorem
Using Sigma Notation, we find there are Σ floor(qi/p) points in the rectangle below the line segment.
Similarly, there are Σ floor(pj/q) points in the rectangle above the line segment.
Thus there are Σ floor(qi/p) + Σ floor(pj/q) points inside the rectangle. But we already know there are (p-1)(q-1)/4 points inside the rectangle from our first argument, so Σ floor(qi/p) + Σ floor(pj/q) = (p-1)(q-1)/4.
One Last Theorem
0<i<p/2
0<i<p/2
0<i<p/2
0<j<q/2
0<j<q/2
0<j<q/2
Statement. If p and q are both odd primes, p||q * q||p = -1(p-1)*(q-1)/4. So whether p is a square mod q is related to whether or not q is a square mod p.
Proof. We know p||q * q||p = -1Σ[floor(2ak/p)]*-1Σ[floor(2ak/p)] = -1Σ[floor(ak/p)]*-1Σ[floor(ak/p)] = -1(p-1)*(q-1)/4. The first step comes from Legendre symbols, the second as a result of what 2||p evaluates as, and the third from the previous theorem.
Proof of Quadratic Reciprocity
Is 53 a square mod 101? 53 and 101 are odd primes.
From QR, we find that 53||101 * 101||53 = (-1) (53-
1)*(101-1)/4. So, 53||101 * 101||53 = 1. We want to find 53||
101.
Now, 101||53 = -5||53, because 101 = -5 (mod 53).
-1||53 = 1, because -1 is a square mod 53 (as 53 = 1 mod 4).
5||53 * 53||5 = (-1)(5-1)*(53-1)/4 = 1. Since 53||5 = 3||5 = -1, 5||53 = -1.
Because -5||53 = -1||53 * 5||53 = 1*-1 = -1, 53||101 = -1.
Thus, because 53||101 = -1, 53 is not a square mod 101.
Applications of Quadratic Reciprocity
Does x2-x-7=0 have any solutions mod 13? Believe it or not, the quadratic formula works
mod p for all odd primes p. However, we need to define ½ to be (p+1)/2. This is because (p+1)/2 is an integer and because 2 * (p+1)/2 = 1 mod p.
So, (p+1)/2 functions like ½ in multiplication.
There is only one thing that will prevent this equation from having solutions. If the number under the square root isn’t a square, there can’t be a solution!
Applications of Quadratic Reciprocity
The expression under the square root of the quadratic formula is called a discriminant. In other words, the discriminant of a quadratic ax2-bx-c=0 is b2-4ac.
So, x2-x-7=0 has a discriminant of (-1)2-4(1)(-7) = 29. Is 29 a square mod 13?
29 = 3 mod 13, and we can apply QR. 3||13 * 13||3 = (-1) (3-1)*(13-1)/4=1. As 13||3 = 1||3 = 1,
3||13 = 1. Thus, the discriminant is a square, and solutions
exist.
Applications of Quadratic Reciprocity
Can you find them?
