Table Of ContentAlgorithms and Computation
in Mathematics Volume 20
•
Editors
ArjehM.Cohen HenriCohen
DavidEisenbud MichaelF.Singer BerndSturmfels
Johannes Buchmann
Ulrich Vollmer
Binary Quadratic Forms
An Algorithmic Approach
With17Figuresand5Tables
ABC
Authors
JohannesBuchmann
UlrichVollmer
TechnicalUniversity
DepartmentofComputerScience
Hochschulstraße10
64289Darmstadt
Germany
E-mail:buchmann@cdc.informatik.tu-darmstadt.de
uvollmer@cdc.informatik.tu-darmstadt.de
LibraryofCongressControlNumber:2006938722
MathematicsSubjectClassification(2000):11-01,11Y40,11E12,11R29
ISSN1431-1550
ISBN-10 3-540-46367-4SpringerBerlinHeidelbergNewYork
ISBN-13 978-3-540-46367-2SpringerBerlinHeidelbergNewYork
Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis
concerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation,broadcasting,
reproductiononmicrofilmorinanyotherway,andstorageindatabanks.Duplicationofthispublication
orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,
1965,initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsare
liableforprosecutionundertheGermanCopyrightLaw.
SpringerisapartofSpringerScience+BusinessMedia
springer.com
(cid:1)c Springer-VerlagBerlinHeidelberg2007
Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply,
evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws
andregulationsandthereforefreeforgeneraluse.
Typesetting:bytheauthorsandtechbooksusingaSpringerLATEXmacropackage
Coverdesign:design&productionGmbH,Heidelberg
Printedonacid-freepaper SPIN:10521650 46/techbooks 543210
Contents
Introduction................................................... 1
1 Binary Quadratic Forms ................................... 9
1.1 Computational problems ................................. 9
1.1.1 Finding representations ............................ 9
1.1.2 Finding the minimum.............................. 11
1.2 Discriminant............................................ 12
1.2.1 Definition ........................................ 12
1.2.2 The matrix of a form .............................. 13
1.2.3 Solving the representation problem for ∆(f)<0 ...... 13
1.2.4 Positive definite, negative definite, and indefinite forms. 14
1.3 Reducible forms with integer coefficients.................... 15
1.4 Applications ............................................ 17
1.4.1 Lattice vectors of short and given length ............. 17
1.4.2 Lattice packings................................... 18
1.4.3 Factoring with ambiguous forms..................... 19
1.4.4 Diophantine approximation......................... 19
1.5 Exercises ............................................... 20
Chapter references and further reading ......................... 20
2 Equivalence of Forms ...................................... 21
2.1 Transformation of forms.................................. 21
2.2 Equivalence............................................. 22
2.3 Invariants of equivalence classes of forms ................... 23
2.4 Two special transformations .............................. 24
2.5 Automorphisms of forms ................................. 26
2.5.1 Non-integral forms ................................ 27
2.5.2 Integral forms..................................... 27
2.5.3 Positive definite forms ............................. 29
2.5.4 Indefinite forms ................................... 30
2.6 A strategy for finding proper representations................ 30
VI Contents
2.7 Determining improper representations...................... 32
2.8 Ambiguous classes....................................... 32
2.9 Exercises ............................................... 33
3 Constructing Forms ....................................... 35
3.1 Reduction to finding square roots of ∆ modulo 4a ........... 35
3.2 The case a<0 .......................................... 36
3.3 Fundamental discriminants and conductor .................. 37
3.4 The case of a prime number .............................. 38
3.4.1 The Euler criterion ................................ 41
3.4.2 The law of quadratic reciprocity..................... 42
3.4.3 The Kronecker symbol ............................. 42
3.4.4 Computing square roots modulo p................... 45
3.5 The case of a prime power................................ 49
3.6 The case of a composite integer ........................... 53
3.7 Exercises ............................................... 54
Chapter references and further reading ......................... 56
4 Forms, Bases, Points, and Lattices......................... 57
4.1 Two-dimensional commutative R-algebras .................. 57
4.1.1 Definition ........................................ 57
4.1.2 Notation ......................................... 59
4.1.3 Geometry of multiplication ......................... 60
4.1.4 Units and zero divisors............................. 60
4.1.5 Automorphisms ................................... 60
4.1.6 Norm, trace, and characteristic polynomial ........... 62
4.1.7 Orientation....................................... 65
4.1.8 Discriminant...................................... 66
4.2 Irrational forms, bases, points and lattices .................. 67
4.3 Bases, points, and forms.................................. 69
4.3.1 Oriented norm forms............................... 69
4.3.2 Main results ...................................... 69
4.3.3 Properties of oriented norm forms ................... 70
4.3.4 Action of GL(2,Z) ................................ 72
4.3.5 Bases and points associated to forms................. 73
4.3.6 Proof of the main results ........................... 75
4.4 Lattices and forms....................................... 75
4.4.1 Lattices that correspond to forms ................... 75
4.4.2 Main result....................................... 75
4.4.3 Properties of lattices associated to forms ............. 76
4.4.4 Equivalence of lattices ............................. 78
4.4.5 Forms associated to lattices......................... 79
4.4.6 Proof of the main result............................ 79
4.5 Quadratic irrationalities and forms ........................ 79
4.6 Quadratic lattices and forms .............................. 82
4.7 Exercises ............................................... 83
Contents VII
5 Reduction of Positive Definite Forms ...................... 85
5.1 Negative definite forms................................... 85
5.2 Normal forms ........................................... 86
5.3 Reduced forms and the reduction algorithm................. 87
5.4 Properties of reduced forms............................... 90
5.5 The number of reduction steps ............................ 91
5.6 Bit complexity of the reduction algorithm .................. 92
5.7 Uniqueness of reduced forms .............................. 94
5.8 Deciding equivalence .................................... 96
5.9 Solving the representation problem ........................ 97
5.10 Solving the minimum problem ............................ 98
5.11 Class number ........................................... 98
5.12 Reduction of semidefinite forms ...........................101
5.13 Geometry of reduction ...................................102
5.13.1 Reduced points ...................................102
5.14 The densest two-dimensional lattice packing ................103
5.15 Exercises ...............................................104
Chapter references and further reading .........................105
6 Reduction of Indefinite Forms .............................107
6.1 Normal forms ...........................................107
6.2 Reduced forms ..........................................109
6.3 Another characterization of reduced forms ..................110
6.4 The reduction algorithm..................................112
6.5 The number of reduction steps ............................113
6.6 Complexity of reducing integral forms......................115
6.6.1 Sizes.............................................115
6.6.2 Quadratic complexity ..............................116
6.7 Enumerating integral reduced forms of a given discriminant...118
6.7.1 Fixed discriminant ................................118
6.7.2 Bounded discriminant..............................119
6.8 Reduced forms in an equivalence class......................120
6.8.1 The reduction operator is bijective...................120
6.8.2 Geometric characterization of reduced forms ..........121
6.8.3 The reduction operator is transitive..................124
6.9 Enumeration of the reduced forms in an equivalence class.....126
6.10 Cycles of reduced forms ..................................127
6.11 Deciding equivalence.....................................131
6.12 The automorphism group.................................132
6.12.1 The structure.....................................132
6.12.2 Solving the Pell equation ...........................133
6.13 Complexity .............................................134
6.14 Ambiguous cycles .......................................136
6.15 Solution of the representation problem .....................138
6.16 Solving the minimum problem ............................139
VIII Contents
6.17 Class number ...........................................140
6.18 Exercises ...............................................141
Chapter references and further reading .........................142
7 Multiplicative Lattices.....................................143
7.1 Lattice operations .......................................143
7.2 Quadratic orders ........................................144
7.2.1 Basics ...........................................145
7.2.2 Maximal orders ...................................146
7.3 Multiplicative lattices ....................................147
7.3.1 Ring of multipliers ................................147
7.3.2 Irrational lattices whose product is a lattice ..........149
7.3.3 The group L(O) ..................................150
7.3.4 Computing the product of lattices ...................151
7.4 Composition of forms ....................................153
7.5 Exercises ...............................................156
Chapter references and further reading .........................156
8 Quadratic Number Fields..................................157
8.1 Basics..................................................157
8.2 Algebraic integers .......................................159
8.3 Units of orders ..........................................160
8.3.1 Correspondence to the Pell equation .................161
8.3.2 Units of imaginary quadratic orders .................162
8.3.3 Units of real quadratic orders .......................162
8.4 Ideals of orders..........................................163
8.4.1 Fractional O-ideals ................................164
8.4.2 Invertible O-ideals.................................167
8.5 Factorization of ideals....................................168
8.5.1 Norm ............................................168
8.5.2 Divisibility of O-ideals .............................169
8.5.3 Unique factorization into coprime ideals..............170
8.6 Unique factorization into prime ideals......................171
8.6.1 Prime ideals ......................................172
8.6.2 Unique factorization ...............................174
8.7 Exercises ...............................................176
9 Class Groups ..............................................177
9.1 Ideal classes ............................................177
9.1.1 Equivalence.......................................177
9.1.2 Reduced O-ideals..................................178
9.1.3 Reduction of O-ideals..............................179
9.1.4 Equivalence testing in imaginary quadratic orders .....180
9.1.5 Equivalence testing in real quadratic orders...........181
9.2 Ambiguous ideals and classes .............................182
Contents IX
9.3 Fundamentals on class groups.............................184
9.3.1 Definition ........................................184
9.3.2 Imaginary quadratic class groups....................184
9.3.3 Real quadratic class groups.........................185
9.3.4 The class number formula ..........................186
9.4 Computing in finite Abelian groups........................192
9.4.1 Basic problems....................................193
9.4.2 Structure.........................................194
9.4.3 Connections between the problems ..................194
9.5 Generating systems......................................195
9.6 Computing a generating system in time |∆|1/2+o(1) ..........196
9.6.1 The idea .........................................197
9.6.2 Updating Cl, S, and P .............................197
9.6.3 Examples ........................................199
9.6.4 Analysis..........................................200
9.7 Computing the structure of a finite Abelian group ...........201
9.7.1 The basic algorithm ...............................201
9.7.2 Terr’s algorithm – computing orders .................205
9.7.3 Terr’s algorithm – computing the structure ...........207
9.7.4 Analysis of the structure algorithm HNFRelationBasis 210
9.7.5 Application to class groups .........................214
9.8 Exercises ...............................................214
Chapter references and further reading .........................215
10 Infrastructure .............................................217
10.1 Geometry of reduction ...................................217
10.1.1 Distance between ideals ............................217
10.1.2 Cycles of reduced O-ideals..........................219
10.2 A Terr algorithm ........................................222
10.2.1 Outline of the algorithm ...........................222
10.2.2 Auxiliary algorithms...............................225
10.2.3 Construction of the giant-steps......................227
10.2.4 The complete algorithm............................228
10.2.5 Analysis of the algorithm...........................228
10.3 Further applications .....................................230
10.4 Exercises ...............................................231
Chapter references and further reading .........................232
11 Subexponential Algorithms ................................233
11.1 The function L [a,b].....................................233
x
11.2 Preliminaries ...........................................234
11.3 The factor base .........................................235
11.4 The imaginary quadratic case .............................237
11.4.1 Random relations .................................237
11.4.2 Computing a sublattice of full rank ..................241
X Contents
11.4.3 Computing L([F]).................................243
11.4.4 Computing the structure of Cl .....................246
∆
11.5 The real quadratic case ..................................248
11.5.1 The idea .........................................248
11.5.2 Height ...........................................249
11.5.3 Compact representations ...........................251
11.5.4 Generating random relations........................256
11.5.5 Computing the Extended Relation Lattice............261
11.6 Practice................................................267
11.7 Exercises ...............................................268
Chapter references and further reading .........................269
12 Cryptographic Applications................................273
12.1 Problems...............................................274
12.2 Cryptographic algorithms in imaginary-quadratic orders......277
12.3 Cryptographic algorithms in real-quadratic orders ...........280
12.4 Open Problems .........................................282
12.5 Exercises ...............................................283
Chapter references and further reading .........................283
A Appendix..................................................289
A.1 Vectors and matrices.....................................289
A.2 Action of groups on sets..................................290
A.3 The lemma of Gauss.....................................290
A.4 Lattices ................................................291
A.5 Linear algebra over Z ....................................293
A.5.1 Computing determinants ...........................294
A.5.2 Diagonally dominant matrices.......................295
A.5.3 Hermite normal form ..............................295
A.5.4 Smith normal form ................................300
A.5.5 Algorithms for rectangular matrices .................302
A.6 Exercises ...............................................303
Chapter references and further reading .........................303
Bibliography...................................................305
Index..........................................................315
List of Figures
1.1 Two-dimensional sphere packing .............................. 19
4.1 Geometric interpretation of σ in C............................. 61
4.2 Geometric interpretation of σ in A ............................ 62
1
4.3 Geometric interpretation of norm and trace in C ................ 63
4.4 Geometric interpretation of norm and trace in A ............... 64
1
4.5 The four zeros of c in A .................................... 65
α 1
4.6 Points of positive orientation in A ............................ 66
1
4.7 Geometric interpretation of ∆(α,γ)............................ 67
4.8 The Gaussian integers ....................................... 76
4.9 The hexagonal lattice ........................................ 77
5.1 The reduced points ..........................................103
5.2 Geometric interpretation of the ρ-operator......................103
6.1 Points corresponding to normalized and reduced forms ...........111
6.2 Some minimal points in a 2-dimensional lattice..................121
6.3 A minimal basis of a 2-dimensional lattice ......................122
10.1 Embedding the principle cycle of O into R/RZ ..............218
1001
