Randomness in number theory Edgar Costa (MIT) November 29th, 2018 - PowerPoint PPT Presentation

Randomness in number theory Edgar Costa (MIT) November 29th, 2018 Colorado State University Slides available at edgarcosta.org under Research

Randomness principle in number theory Number theoretic dichotomy [Sarnak] Given a problem, either • Understanding and/or proving the probability law deep understanding of the phenomenon • Real world applications • pseudo random numbers • cryptography • quasi-Monte Carlo methods 1. there is a rigid structure ⇝ rigid solution, or 2. the answer is difficult to determine ⇝ random behaviour

Randomness principle in number theory Number theoretic dichotomy [Sarnak] Given a problem, either • Understanding and/or proving the probability law • Real world applications • pseudo random numbers • cryptography • quasi-Monte Carlo methods 1. there is a rigid structure ⇝ rigid solution, or 2. the answer is difficult to determine ⇝ random behaviour ⇝ deep understanding of the phenomenon

Randomness principle in number theory Number theoretic dichotomy [Sarnak] Given a problem, either • Understanding and/or proving the probability law • Real world applications • pseudo random numbers • cryptography • quasi-Monte Carlo methods 1. there is a rigid structure ⇝ rigid solution, or 2. the answer is difficult to determine ⇝ random behaviour ⇝ deep understanding of the phenomenon

Counting roots of polynomials Question How many roots does f have? • What about over ? For quadratic polynomials, x 2 ax b the answer just depends on the sign of a 2 4 b f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0

Counting roots of polynomials Question How many roots does f have? • At most d • What about over ? For quadratic polynomials, x 2 ax b the answer just depends on the sign of a 2 4 b f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0

Counting roots of polynomials Question How many roots does f have? • What about over ? For quadratic polynomials, x 2 ax b the answer just depends on the sign of a 2 4 b f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0 • Over C or Q al we know that it has d roots.

Counting roots of polynomials Question How many roots does f have? For quadratic polynomials, x 2 ax b the answer just depends on the sign of a 2 4 b f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0 • Over C or Q al we know that it has d roots. • What about over R ?

Counting roots of polynomials Question How many roots does f have? f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0 • Over C or Q al we know that it has d roots. • What about over R ? For quadratic polynomials, x 2 + ax + b , the answer just depends on the sign of ∆ := a 2 − 4 b .

Counting roots of polynomials over finite fields Question How many roots does f have? Question How often does each value occur? f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0 N f ( p ) :=# { x ∈ { 0 , . . . , p − 1 } : f ( x ) ≡ 0 mod p } =# { x ∈ { 0 , . . . , p − 1 } : p | f ( x ) } =# { x ∈ F p : f ( x ) = 0 } ∈ { 0 , 1 , . . . , d }

Counting roots of polynomials over finite fields Question How many roots does f have? Question How often does each value occur? f ( x ) ∈ Z [ x ] a monic irreducible polynomial of degree d > 0 N f ( p ) :=# { x ∈ { 0 , . . . , p − 1 } : f ( x ) ≡ 0 mod p } =# { x ∈ { 0 , . . . , p − 1 } : p | f ( x ) } =# { x ∈ F p : f ( x ) = 0 } ∈ { 0 , 1 , . . . , d }

N f p N f p Quadratic polynomials 1 is a square modulo p 1 2 0 2 2 Hence, if It is easy to describe for which primes is a square p . For example, 5 is a square for p 1 4 5 and p isn’t a square, then Half of the numbers modulo p are squares. 2. 1 2 0 f ( x ) = x 2 + ax + b , ∆ := a 2 − 4 b  if ∆ is not a square modulo p    Quadratic formula = ⇒ N f ( p ) = if ∆ ≡ 0 mod p   if ∆ is a square modulo p 

N f p N f p Quadratic polynomials 1 is a square modulo p 1 2 0 2 2 Hence, if It is easy to describe for which primes is a square p . For example, 5 is a square for p 1 4 5 and p isn’t a square, then Half of the numbers modulo p are squares. 2. 1 2 0 f ( x ) = x 2 + ax + b , ∆ := a 2 − 4 b  if ∆ is not a square modulo p    Quadratic formula = ⇒ N f ( p ) = if ∆ ≡ 0 mod p   if ∆ is a square modulo p 

Quadratic polynomials 1 5 and p 1 4 For example, 5 is a square for p p . is a square It is easy to describe for which primes 2 Half of the numbers modulo p are squares. 2 2. 0 f ( x ) = x 2 + ax + b , ∆ := a 2 − 4 b  if ∆ is not a square modulo p    Quadratic formula = ⇒ N f ( p ) = if ∆ ≡ 0 mod p   if ∆ is a square modulo p  Hence, if ∆ ∈ Z isn’t a square, then Prob(∆ is a square modulo p ) = 1 / 2 = ⇒ Prob( N f ( p ) = 0 ) = Prob( N f ( p ) = 2 ) = 1

Quadratic polynomials 0 2 Half of the numbers modulo p are squares. 2 1 f ( x ) = x 2 + ax + b , ∆ := a 2 − 4 b  if ∆ is not a square modulo p    Quadratic formula = ⇒ N f ( p ) = if ∆ ≡ 0 mod p   if ∆ is a square modulo p  Hence, if ∆ ∈ Z isn’t a square, then Prob(∆ is a square modulo p ) = 1 / 2 = ⇒ Prob( N f ( p ) = 0 ) = Prob( N f ( p ) = 2 ) = 1 It is easy to describe for which primes ∆ is a square mod p . For example, 5 is a square for p ≡ 1 , 4 mod 5 and p = 2.

N f p Cubic polynomials 3 f g i Theorem (Frobenius) 3 g S 3 f g fixes i roots 2 3 3 √ √ √ f ( x ) = x 3 − 2 = ( ) ( 2 e 2 π i / 3 ) ( 2 e 4 π i / 3 ) x − x − x −  1 / 3 if k = 0    ( ) Prob N f ( p ) = k = 1 / 2 if k = 1   1 / 6 if k = 3 .  g ( x ) = x 3 − x 2 − 2 x + 1 = ( x − α 1 ) ( x − α 2 ) ( x − α 3 )  2 / 3 if k = 0  Prob ( N g ( p ) = k ) = 1 / 3 if k = 3 . 

Cubic polynomials 3 f S 3 g 3 Theorem (Frobenius) 3 3 2 √ √ √ f ( x ) = x 3 − 2 = ( ) ( 2 e 2 π i / 3 ) ( 2 e 4 π i / 3 ) x − x − x −  1 / 3 if k = 0    ( ) Prob N f ( p ) = k = 1 / 2 if k = 1   1 / 6 if k = 3 .  g ( x ) = x 3 − x 2 − 2 x + 1 = ( x − α 1 ) ( x − α 2 ) ( x − α 3 )  2 / 3 if k = 0  Prob ( N g ( p ) = k ) = 1 / 3 if k = 3 .  Prob( N f ( p ) = i ) = Prob( g ∈ Gal( f ) : g fixes i roots ) ,

Cubic polynomials 3 Theorem (Frobenius) 3 3 2 √ √ √ f ( x ) = x 3 − 2 = ( ) ( 2 e 2 π i / 3 ) ( 2 e 4 π i / 3 ) x − x − x −  1 / 3 if k = 0    ( ) Prob N f ( p ) = k = ⇒ Gal( f ) = S 3 1 / 2 if k = 1   1 / 6 if k = 3 .  g ( x ) = x 3 − x 2 − 2 x + 1 = ( x − α 1 ) ( x − α 2 ) ( x − α 3 )  2 / 3 if k = 0  Prob ( N g ( p ) = k ) = ⇒ Gal( g ) = Z / 3 Z 1 / 3 if k = 3 .  Prob( N f ( p ) = i ) = Prob( g ∈ Gal( f ) : g fixes i roots ) ,

Elliptic curves An elliptic curve is a smooth curve defined by or There is a natural group structure ! If P , Q , and R are colinear, then P Q R 0 Applications: • cryptography • integer factorization • pseudorandom numbers, … y 2 = x 3 + ax + b Over R it might look like Over C this is a torus

Elliptic curves An elliptic curve is a smooth curve defined by or There is a natural group structure ! If P , Q , and R are colinear, then Applications: • cryptography • integer factorization • pseudorandom numbers, … y 2 = x 3 + ax + b Over R it might look like Over C this is a torus P + Q + R = 0

Elliptic curves An elliptic curve is a smooth curve defined by or There is a natural group structure ! If P , Q , and R are colinear, then Applications: • cryptography • integer factorization • pseudorandom numbers, … y 2 = x 3 + ax + b Over R it might look like Over C this is a torus P + Q + R = 0

E p for many p , what can we say about E ? Elliptic curves • Given studying the statistical properties E p . E : y 2 = x 3 + ax + b , a , b ∈ Z Write E p := E mod p • What can we say about # E p for an arbitrary p ?

studying the statistical properties Elliptic curves E p . E : y 2 = x 3 + ax + b , a , b ∈ Z Write E p := E mod p • What can we say about # E p for an arbitrary p ? • Given # E p for many p , what can we say about E ?

Elliptic curves E : y 2 = x 3 + ax + b , a , b ∈ Z Write E p := E mod p • What can we say about # E p for an arbitrary p ? • Given # E p for many p , what can we say about E ? ⇝ studying the statistical properties # E p .

Hasse’s bound Theorem (Hasse, 1930s) In other words, p p 1 E p p 2 2 What can we say about the error term, p , as p ? | p + 1 − # E p | ≤ 2 √ p .

Hasse’s bound Theorem (Hasse, 1930s) In other words, | p + 1 − # E p | ≤ 2 √ p . λ p := p + 1 − # E p √ p ∈ [ − 2 , 2 ] What can we say about the error term, λ p , as p → ∞ ?

Two types of elliptic curves ordinary special E E p 0 1 p p 0 1 2 λ p := p + 1 − # E p √ p ∈ [ − 2 , 2 ] There are two limiting distributions for λ p

Two types of elliptic curves p 0 p p 1 0 1 2 E special ordinary E λ p := p + 1 − # E p √ p ∈ [ − 2 , 2 ] There are two limiting distributions for λ p - 2 - 1 1 2 - 2 - 1 0 1 2

Two types of elliptic curves p 0 p p 1 0 1 2 special ordinary λ p := p + 1 − # E p √ p ∈ [ − 2 , 2 ] There are two limiting distributions for λ p End E al = Z End E al ̸ = Z - 2 - 1 1 2 - 2 - 1 0 1 2