Table Of Content

On the Product of Small Elkies Primes 3 1 Igor E. Shparlinski 0 2 Department of Computing n a Macquarie University J Sydney, NSW 2109, Australia 1 [email protected] ] T N December 11, 2013 . h t a m Abstract [ 1 Given an elliptic curve E over a finite field Fq of q elements, we v say that an odd prime ℓ ∤ q is an Elkies prime for E if t2E −4q is a 5 quadraticresiduemoduloℓ,wheret = q+1−#E(F )and#E(F )is E q q 3 the number of F -rational points on E. These primes are used in the 0 q 0 presently most efficient algorithm to compute #E(Fq). In particular, . the bound L (E) such that the product of all Elkies primes for E up 1 q 0 to L (E) exceeds 4q1/2 is a crucial parameter of this algorithm. We q 3 showthat thereareinfinitely many pairs (p,E) of primespand curves 1 E over F with L (E) ≥ clogplogloglogp for some absolute constant : p p v c > 0, while a naive heuristic estimate suggests that L (E) ∼ logp. i p X ThiscomplementsrecentresultsofGalbraithandSatoh(2002), condi- r tional under the Generalised Riemann Hypothesis, and of Shparlinski a and Sutherland (2012), unconditional for almost all pairs (p,E). 1 Introduction ForanellipticcurveE overafinitefieldF ofq elementswedenoteby#E(F ) q q the number of F -rational points on E and define the trace of Frobenius q t = q+1−#E(F ); we refer to [1, 12] for a background on elliptic curves. E q We say that an odd prime ℓ ∤ q is an Elkies prime for E if t2 − 4q is a E quadratic residue modulo ℓ; otherwise ℓ ∤ q is called an Atkin prime. 1 These primes play a key role in the Schoof-Elkies-Atkin (SEA) algorithm, see [1, Sections 17.2.2 and 17.2.5], and their distribution affects the perfor- mance of this algorithm in a rather dramatic way. Thus, for an elliptic curve E over F , we define N (E;L) and N (E;L) as the numbers of Atkin and q a e Elkies primes ℓ ∈ [1,L], respectively. Obviously, N (E;L)+N (E;L) = π(L)+O(1), a e where π(L) denotes the number of primes ℓ < L. Furthermore, for any elliptic curve over a finite field, one expects about the same number of Atkin and Elkies primes ℓ < L as L → ∞. That is, naive heuristic suggests that 1 N (E;L) ∼ N (E;L) ∼ π(L), (1) a e 2 as L → ∞. It has been noted by Galbraith and Satoh [10, Appendix A], that under the Generalised Riemann Hypothesis (GRH), using the bound on sums of quadraticcharactersover primes, onederives that(1) holdsforL ≥ (logq)2+ε for any fixed ε > 0 and a sufficiently large q. The unconditional results are much weaker and essentially rely on our knowledge of the distribution of primes in arithmetic progressions; see [5, Section 5.9] or [8, Chapters 4 and 11]. However, for almost all pairs (p,E) of primes p and elliptic curves E over F , Shparlinski and Sutherland [11] have p established the asymtotic formula (1) for L ≥ (logp)ε for any fixed ε > 0, that is, starting from much smaller values of L that those implied by the GRH. In particular, Let L (p) be the set all Elkies primes for an elliptic E curve E over F . We see that the prime number theorem and the result p of [11] implies that for some function L(p) ∼ logp for almost all pairs (p,E) we have ℓ > 4p1/2. (2) Y ℓ∈LE(p) 3≤ℓ≤L(p) Note that this condition is crucial for the SEA point counting algorithm, see [1, Sections 17.2.2 and 17.2.5]. Here we show that this “almost all” result cannot be extended for all primes and curves even for a slightly larger values of L(p). More precisely, we show that there is an absolute constant c > 0 such that for any function L(p) ≤ clogplogloglogp the inequality (2) fails in a very strong sense for infinitely many pairs (p,E). 2 Theorem 1. There is a constant c > 0 so that for infinitely many pairs (p,E) of primes p and curves E over F , and L ≤ clogplogloglogp we have p ℓ = po(1). Y ℓ∈LE(p) 3≤ℓ≤L Wenotethat GalbraithandSatoh[10, Appendix A] have conjectured and actually presented some arguments supporting a result of this kind. More- over, under both the GRH and the conjecture that every positive integer n ≡ 1 (mod 4) can be represented as n = 4p−t2 the argument of Galbraith and Satoh [10, Appendix A] can be made rigorous and in fact under these assumptions it allows to replace logplogloglogp with logploglogp in The- orem 1. Unfortunately, presently the required representation n = 4p − t2 is known to exist only for almost all n (see [2, 6]), which is not enough to complete the argument (even under the GRH). 2 Preparations We recall the notations U = O(V), V = Ω(U), U ≪ V and V ≫ U, which are all equivalent to the statement that the inequality |U| ≤ cV holds asymptotically, with some constant c > 0. We always assume that ℓ and p run through the prime values. For integers a and m ≥ 2, we use (a/m) to denote a Jacobi symbol of a modulo m, see [5, Section 3.5]. We also use τ(k) and µ(k) to denote the number of integer positive divisors and the M¨obius function of k ≥ 1. It is easy to see that for a square-free k we have τ(k) = 2ω(k) where ω(k) is the number of prime divisors of k. Our main tools are bounds of multiplicative character sums. The following estimate is a slight generalisation of [7, Lemma 2.2] and is also given in [11]. Lemma 2. For any integers a and T ≥ 1 and a product m = ℓ ...ℓ of 1 s s ≥ 0 distinct odd primes ℓ ,...,ℓ with gcd(a,m) = 1 we have 1 s t2 −a ≪ T/m+Csm1/2logm, (cid:18) m (cid:19) X |t|≤T 3 for some absolute constant C ≥ 1. We also need a slight extension of [5, Corollary 12.14]. In fact, we present it in much wider generality and strength than is needed for our purpose. First we note that for a square-free integer m and any integers u and v, we have gcd((u−v)2,m) = gcd(u−v,m). (3) Hence, inthecase ofquadratic polynomials, theboundof [5, Theorem 12.10], implies the following results” Lemma 3. Assume that a square-free odd integer m ≥ 3 and an arbitrary integer N ≥ 1 are such that all prime factors of m are at most N1/9. Then for any two integers u,v we have N (n−u)(n−v) ≤ 4N gcd(u−v,m)m−1τ(m)r2+2r 1/r2r , (cid:12) (cid:12) (cid:18) m (cid:19) (cid:12)(cid:12)Xn=1 (cid:12)(cid:12) (cid:16) (cid:17) (cid:12) (cid:12) where(cid:12) r is any positive integ(cid:12)er with Nr > m3. Proof. As in the proof of [5, Corollary 12.14], we note that there is a factori- sation m = m ...m 1 r with m ≤ N4/9, j = 1,...,r. In particular, by [5, Theorem 12.10], recall- j ing (3), we see that for any j = 1,...,r we have N (n−u)(n−v) ≤ 4N gcd(u−v,m )m−1τ(m )r2+2r 1/2r . (cid:12) (cid:18) m (cid:19)(cid:12) j j j (cid:12)(cid:12)Xn=1 (cid:12)(cid:12) (cid:16) (cid:17) (cid:12) (cid:12) Since(cid:12) m is square-free, we s(cid:12)ee that m ,...,m are relatively prime. Using 1 r the multiplicativity the divisor function, we obtain r gcd(u−v,m )m−1τ(m )r2+2r = gcd(u−v,m)m−1τ(m)r2+2r. j j j Yj=1 Therefore, for some j ∈ {1,...,r} we have gcd(u−v,m )m−1τ(m )r2+2r ≤ gcd(u−v,m)m−1τ(m)r2+2r 1/r j j j (cid:16) (cid:17) and the result now follows. 4 We remark that several more stronger and more general results of this type have recently been given by Chang [3]. Furthermore, we also recall the following classical results of Deuring [4]. Lemma 4. For any prime p and an integer t with |t| ≤ 2q1/2, there is a curve E over F with #E(F ) = p+1−t. p p 3 Proof of Theorem 1 Let Q be a sufficiently large integer. We then set L = ⌊0.3logQlogloglogQ⌋, M = logQ(logloglogQ)−1 , T = Q1/2 . (cid:4) (cid:5) (cid:4) (cid:5) Since, by the prime number theorem ℓ = Qo(1), Y ℓ∈≤M we see from Lemma 4 that it is enough to show that for any sufficiently large Q, there is an integer t ∈ [1,T] and a prime p ∈ [Q/2,Q] such that t2 −4p 6= 1 (4) (cid:18) ℓ (cid:19) for all primes ℓ ∈ [M,L]. Clearly, if the condition (4) is violated, then t2 −4p 1− = 0. (cid:18) (cid:18) ℓ (cid:19)(cid:19) Y ℓ∈[M,L] Thus it is enough to show that the sum t2 −4p W = 1+ (cid:18) (cid:18) ℓ (cid:19)(cid:19) X X Y 1≤t≤T Q/2≤p≤Q ℓ∈[M,L] is positive, that is, that W > 0 (5) for the above choice of L, M and T, provided that Q is sufficiently large. 5 Let M be the set of 2π(L)−π(M) square-free products (including the empty product) composed out of primes ℓ ∈ [M,L], and let M∗ = M \ {1}. We have t2 −4p W = µ(m) . (cid:18) m (cid:19) X X X 1≤t≤T Q/2≤p≤Q m∈M Changing the order of summation and separating the term T(π(Q)−π(Q/2)) corresponding to m = 1, we derive W = T(π(Q)−π(Q/2))+ µ(m)S(m) (6) mX∈M∗ where t2 −4p S(m) = . (cid:18) m (cid:19) X X 1≤t≤T Q/2≤p≤Q Thus t2 −4p |S(m)| ≤ . (cid:12) (cid:12) X (cid:12) X (cid:18) m (cid:19)(cid:12) Q/2≤p≤Q(cid:12)1≤t≤T (cid:12) (cid:12) (cid:12) For m ≤ T1/4 we use Lemma 2 an(cid:12)d note that (cid:12) Cω(m) = τ(m)logC/log2 = mo(1), so we obtain S(m) ≪ π(Q) T/m+Csm1/2logm ≪ π(Q)T/m. (cid:0) (cid:1) Thus for the contribution from all such sums we derive 1 |S(m)| ≪ π(Q)T 1/m ≪ π(Q)T  1+ −1. (7) (cid:18) ℓ(cid:19) mX∈M∗ mX∈M∗ ℓ∈Y[M,L] m≤T1/4 m≤T1/4   Furthermore 1 1 1 log 1+ = log 1+ ≪ . (cid:18) ℓ(cid:19) (cid:18) ℓ(cid:19) ℓ Y X X ℓ∈[M,L] ℓ∈[M,L] ℓ∈[M,L] 6 By the Mertens theorem, see [5, Equation (2.15)], 1 logL = log +O(1/logM) ℓ logM X ℓ∈[M,L] loglogQ+loglogloglogQ+log0.3 = log +O(1/logM) loglogQ−loglogloglogQ loglogloglogQ = log 1+O +O(1/logM) (cid:18) (cid:18) loglogQ (cid:19)(cid:19) loglogloglogQ ≪ . loglogQ Therefore 1 loglogloglogQ 1+ = 1+O . (cid:18) ℓ(cid:19) (cid:18) loglogQ (cid:19) Y ℓ∈[M,L] Inserting this bound in (7), we obtain loglogloglogQ |S(m)| ≪ π(Q)T = o(π(Q)T). loglogQ (8) mX∈M∗ m≤T1/4 To estimate the sums S(m) for m > T1/4, using the Cauchy inequality and then extending the summation range over all integers n ≤ 4Q, we derive 2 t2 −4p |S(m)|2 = π(Q) (cid:12) (cid:12) (cid:18) m (cid:19) X (cid:12) X (cid:12) Q/2≤p≤Q(cid:12)1≤t≤T (cid:12) (cid:12) (cid:12) 2 (cid:12) t2 −n (cid:12) ≤ π(Q) (cid:12) (cid:12) (cid:18) m (cid:19) X (cid:12) X (cid:12) n≤4Q(cid:12)1≤t≤T (cid:12) (cid:12)(cid:12) (s2 −n)(cid:12)(cid:12)(t2 −n) = π(Q) . (cid:18) m (cid:19) X X 1≤s,t≤T n≤4Q If gcd(s2 − t2,m) > m1/2, we estimate the inner sum trivially as O(Q). The total contribution from such pairs (s,t), is at most 1 ≤ T (T/d+1)2ω(d) X X X d|m 1≤s,t≤T d|m (9) d>m1/2s2≡t2 (modd) d>m1/2 ≤ T T/m1/2 +1 τ(m)2, (cid:0) (cid:1) 7 since for a square-free d, by the Chinese remainder theorem, any quadratic congruence of the form s2 ≡ a (mod d), 1 ≤ s ≤ d, has at most 2ω(d) solutions. If gcd(s2 −t2,m) ≤ m1/2, we apply Lemma 3 to the inner sum, getting (s2 −n)(t2 −n) ≤ 16Q gcd(s2 −t2,m)m−1τ(m)r2+2r 1/r2r (cid:12) (cid:12) (cid:18) m (cid:19) (cid:12)(cid:12)nX≤4Q (cid:12)(cid:12) (cid:16) (cid:17) (10) (cid:12)(cid:12) (cid:12)(cid:12) ≤ 16Q m−1/2τ(m)r2+2r 1/r2r (cid:16) (cid:17) for any positive integer r with (4Q)r > m3. (11) Therefore, combining (9) and (10), we obtain S(m)2 ≪ π(Q)QT T/m1/2 +1 τ(m)2 +π(cid:0)(Q)QT2 m−(cid:1)1/2τ(m)r2+2r 1/r2r . (12) (cid:16) (cid:17) Furthermore, for m ∈ M we have logQlogloglogQ τ(m) ≤ 2π(L) = exp (log2+o(1)) . (13) (cid:18) loglogQ (cid:19) So if loglogQ r2 +r ≤ 0.01 (14) logloglogQ then for m > T1/4 we have τ(m)r2+2r ≤ Q0.01log2+o(1) = T0.01log2+o(1) ≤ m0.04log2+o(1) ≤ m1/6, provided that Q is large enough. Hence, m−1/2τ(m)r2+2r ≤ m−1/3 ≤ T−1/12. Furthermore, since (13) implies that τ(m) = To(1) for m ∈ M, we see that (12) implies that for m > T1/4, for any r satisfying (11) and (14), we have S(m) ≪ QT1−1/24r2r. 8 Therefore, |S(m)| ≪ 2π(L)QT1−1/24r2r mX∈M∗ m>T1/4 logQlogloglogQ ≤ QT1−1/24r2r exp (log2+o(1)) . (cid:18) loglogQ (cid:19) In particular, if we set r = ⌊logloglogQ⌋ then logQ T1/24r2r = exp . (cid:18)(loglogQ)log2+o(1)(cid:19) Therefore, |S(m)| ≪ QT1−1/25r2r = o(π(Q)T). (15) mX∈M∗ m>T1/4 It is also obvious that (14) is satisfied for the above choice of r. Furthermore, the condition (11) is satisfied as well because (4Q)r ≥ exp((1+o(1))logQlogloglogQ) and maxm = exp((1+o(1))L) = exp((0.3+o(1))logQlogloglogQ). m∈M Substituting (8) and (15) in (6), we see that (5) holds, which concludes the proof. Acknowledgement The author is very grateful to Andrew Sutherland for very useful comments. During the preparation of this work the author was supported in part by theAustralianResearchCouncilgrantDP1092835,andMacquarieUniversity grant MQRDG1465020. 9 References [1] R. Avanzi, H. Cohen, C. Doche, G. Frey, T. Lange, K. Nguyen and F. Vercauteren, Elliptic and hyperelliptic curve cryptography: Theory and practice, CRC Press, 2005. [2] S. Baier and L. Zhao, ‘On primes in quadratric progressions’, Int. J. Number Theory, 5 (2009), 1017–1035. [3] M.-C. Chang, ‘Short character sums for composite moduli’, Preprint, 2011 (available from http://arxiv.org/abs/1201.0299). [4] M. Deuring, ‘DieTypen der Multiplikatorenringe elliptischer Funktio- nenko¨rper’, Abh. Math. Sem. Hansischen Univ., 14 (1941), 197–272. [5] H. Iwaniec and E. Kowalski, Analytic number theory, Amer. Math. Soc., Providence, RI, 2004. [6] G. S., Lu¨, and H. W. Sun, ‘Prime in quadratic progressions on aver- age’, Acta Math. Sin. (Engl. Ser.), 27 (2011), 1187–1194. [7] F. Luca and I. E. Shparlinski, ‘On quadratic fields generated by poly- nomials’, Arch. Math., 91 (2008), 399–408. [8] H. L. Montgomery and R. C. Vaughan, Multiplicative number theory I: Classical theory, Cambridge Univ. Press, Cambridge, 2006. [9] M. Rabin, ‘Probabilistic algorithms for testing primality’, J. Number Theory, 12 (1980), 128–138. [10] T. Satoh, ‘On p-adic point counting algorithms for elliptic curves over finite fields’, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 2369 (2002), 43–66. [11] I. E. Shparlinski and A. V. Sutherland, ‘On the distribution of Atkin and Elkies primes’, Preprint, 2011 (available from http://arxiv.org/abs/1112.3390). [12] J. H. Silverman, The arithmetic of elliptic curves, 2nd ed., Springer, Dordrecht, 2009. 10

ebook img

On the Product of Small Elkies Primes PDF

0.12 MB·English
by  Igor Shparlinski
#additional_collections #journals #arxiv
Save to my drive
Quick download
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview On the Product of Small Elkies Primes

On the Product of Small Elkies Primes 3 1 Igor E. Shparlinski 0 2 Department of Computing n a Macquarie University J Sydney, NSW 2109, Australia 1 [email protected] ] T N December 11, 2013 . h t a m Abstract [ 1 Given an elliptic curve E over a finite field Fq of q elements, we v say that an odd prime ℓ ∤ q is an Elkies prime for E if t2E −4q is a 5 quadraticresiduemoduloℓ,wheret = q+1−#E(F )and#E(F )is E q q 3 the number of F -rational points on E. These primes are used in the 0 q 0 presently most efficient algorithm to compute #E(Fq). In particular, . the bound L (E) such that the product of all Elkies primes for E up 1 q 0 to L (E) exceeds 4q1/2 is a crucial parameter of this algorithm. We q 3 showthat thereareinfinitely many pairs (p,E) of primespand curves 1 E over F with L (E) ≥ clogplogloglogp for some absolute constant : p p v c > 0, while a naive heuristic estimate suggests that L (E) ∼ logp. i p X ThiscomplementsrecentresultsofGalbraithandSatoh(2002), condi- r tional under the Generalised Riemann Hypothesis, and of Shparlinski a and Sutherland (2012), unconditional for almost all pairs (p,E). 1 Introduction ForanellipticcurveE overafinitefieldF ofq elementswedenoteby#E(F ) q q the number of F -rational points on E and define the trace of Frobenius q t = q+1−#E(F ); we refer to [1, 12] for a background on elliptic curves. E q We say that an odd prime ℓ ∤ q is an Elkies prime for E if t2 − 4q is a E quadratic residue modulo ℓ; otherwise ℓ ∤ q is called an Atkin prime. 1 These primes play a key role in the Schoof-Elkies-Atkin (SEA) algorithm, see [1, Sections 17.2.2 and 17.2.5], and their distribution affects the perfor- mance of this algorithm in a rather dramatic way. Thus, for an elliptic curve E over F , we define N (E;L) and N (E;L) as the numbers of Atkin and q a e Elkies primes ℓ ∈ [1,L], respectively. Obviously, N (E;L)+N (E;L) = π(L)+O(1), a e where π(L) denotes the number of primes ℓ < L. Furthermore, for any elliptic curve over a finite field, one expects about the same number of Atkin and Elkies primes ℓ < L as L → ∞. That is, naive heuristic suggests that 1 N (E;L) ∼ N (E;L) ∼ π(L), (1) a e 2 as L → ∞. It has been noted by Galbraith and Satoh [10, Appendix A], that under the Generalised Riemann Hypothesis (GRH), using the bound on sums of quadraticcharactersover primes, onederives that(1) holdsforL ≥ (logq)2+ε for any fixed ε > 0 and a sufficiently large q. The unconditional results are much weaker and essentially rely on our knowledge of the distribution of primes in arithmetic progressions; see [5, Section 5.9] or [8, Chapters 4 and 11]. However, for almost all pairs (p,E) of primes p and elliptic curves E over F , Shparlinski and Sutherland [11] have p established the asymtotic formula (1) for L ≥ (logp)ε for any fixed ε > 0, that is, starting from much smaller values of L that those implied by the GRH. In particular, Let L (p) be the set all Elkies primes for an elliptic E curve E over F . We see that the prime number theorem and the result p of [11] implies that for some function L(p) ∼ logp for almost all pairs (p,E) we have ℓ > 4p1/2. (2) Y ℓ∈LE(p) 3≤ℓ≤L(p) Note that this condition is crucial for the SEA point counting algorithm, see [1, Sections 17.2.2 and 17.2.5]. Here we show that this “almost all” result cannot be extended for all primes and curves even for a slightly larger values of L(p). More precisely, we show that there is an absolute constant c > 0 such that for any function L(p) ≤ clogplogloglogp the inequality (2) fails in a very strong sense for infinitely many pairs (p,E). 2 Theorem 1. There is a constant c > 0 so that for infinitely many pairs (p,E) of primes p and curves E over F , and L ≤ clogplogloglogp we have p ℓ = po(1). Y ℓ∈LE(p) 3≤ℓ≤L Wenotethat GalbraithandSatoh[10, Appendix A] have conjectured and actually presented some arguments supporting a result of this kind. More- over, under both the GRH and the conjecture that every positive integer n ≡ 1 (mod 4) can be represented as n = 4p−t2 the argument of Galbraith and Satoh [10, Appendix A] can be made rigorous and in fact under these assumptions it allows to replace logplogloglogp with logploglogp in The- orem 1. Unfortunately, presently the required representation n = 4p − t2 is known to exist only for almost all n (see [2, 6]), which is not enough to complete the argument (even under the GRH). 2 Preparations We recall the notations U = O(V), V = Ω(U), U ≪ V and V ≫ U, which are all equivalent to the statement that the inequality |U| ≤ cV holds asymptotically, with some constant c > 0. We always assume that ℓ and p run through the prime values. For integers a and m ≥ 2, we use (a/m) to denote a Jacobi symbol of a modulo m, see [5, Section 3.5]. We also use τ(k) and µ(k) to denote the number of integer positive divisors and the M¨obius function of k ≥ 1. It is easy to see that for a square-free k we have τ(k) = 2ω(k) where ω(k) is the number of prime divisors of k. Our main tools are bounds of multiplicative character sums. The following estimate is a slight generalisation of [7, Lemma 2.2] and is also given in [11]. Lemma 2. For any integers a and T ≥ 1 and a product m = ℓ ...ℓ of 1 s s ≥ 0 distinct odd primes ℓ ,...,ℓ with gcd(a,m) = 1 we have 1 s t2 −a ≪ T/m+Csm1/2logm, (cid:18) m (cid:19) X |t|≤T 3 for some absolute constant C ≥ 1. We also need a slight extension of [5, Corollary 12.14]. In fact, we present it in much wider generality and strength than is needed for our purpose. First we note that for a square-free integer m and any integers u and v, we have gcd((u−v)2,m) = gcd(u−v,m). (3) Hence, inthecase ofquadratic polynomials, theboundof [5, Theorem 12.10], implies the following results” Lemma 3. Assume that a square-free odd integer m ≥ 3 and an arbitrary integer N ≥ 1 are such that all prime factors of m are at most N1/9. Then for any two integers u,v we have N (n−u)(n−v) ≤ 4N gcd(u−v,m)m−1τ(m)r2+2r 1/r2r , (cid:12) (cid:12) (cid:18) m (cid:19) (cid:12)(cid:12)Xn=1 (cid:12)(cid:12) (cid:16) (cid:17) (cid:12) (cid:12) where(cid:12) r is any positive integ(cid:12)er with Nr > m3. Proof. As in the proof of [5, Corollary 12.14], we note that there is a factori- sation m = m ...m 1 r with m ≤ N4/9, j = 1,...,r. In particular, by [5, Theorem 12.10], recall- j ing (3), we see that for any j = 1,...,r we have N (n−u)(n−v) ≤ 4N gcd(u−v,m )m−1τ(m )r2+2r 1/2r . (cid:12) (cid:18) m (cid:19)(cid:12) j j j (cid:12)(cid:12)Xn=1 (cid:12)(cid:12) (cid:16) (cid:17) (cid:12) (cid:12) Since(cid:12) m is square-free, we s(cid:12)ee that m ,...,m are relatively prime. Using 1 r the multiplicativity the divisor function, we obtain r gcd(u−v,m )m−1τ(m )r2+2r = gcd(u−v,m)m−1τ(m)r2+2r. j j j Yj=1 Therefore, for some j ∈ {1,...,r} we have gcd(u−v,m )m−1τ(m )r2+2r ≤ gcd(u−v,m)m−1τ(m)r2+2r 1/r j j j (cid:16) (cid:17) and the result now follows. 4 We remark that several more stronger and more general results of this type have recently been given by Chang [3]. Furthermore, we also recall the following classical results of Deuring [4]. Lemma 4. For any prime p and an integer t with |t| ≤ 2q1/2, there is a curve E over F with #E(F ) = p+1−t. p p 3 Proof of Theorem 1 Let Q be a sufficiently large integer. We then set L = ⌊0.3logQlogloglogQ⌋, M = logQ(logloglogQ)−1 , T = Q1/2 . (cid:4) (cid:5) (cid:4) (cid:5) Since, by the prime number theorem ℓ = Qo(1), Y ℓ∈≤M we see from Lemma 4 that it is enough to show that for any sufficiently large Q, there is an integer t ∈ [1,T] and a prime p ∈ [Q/2,Q] such that t2 −4p 6= 1 (4) (cid:18) ℓ (cid:19) for all primes ℓ ∈ [M,L]. Clearly, if the condition (4) is violated, then t2 −4p 1− = 0. (cid:18) (cid:18) ℓ (cid:19)(cid:19) Y ℓ∈[M,L] Thus it is enough to show that the sum t2 −4p W = 1+ (cid:18) (cid:18) ℓ (cid:19)(cid:19) X X Y 1≤t≤T Q/2≤p≤Q ℓ∈[M,L] is positive, that is, that W > 0 (5) for the above choice of L, M and T, provided that Q is sufficiently large. 5 Let M be the set of 2π(L)−π(M) square-free products (including the empty product) composed out of primes ℓ ∈ [M,L], and let M∗ = M \ {1}. We have t2 −4p W = µ(m) . (cid:18) m (cid:19) X X X 1≤t≤T Q/2≤p≤Q m∈M Changing the order of summation and separating the term T(π(Q)−π(Q/2)) corresponding to m = 1, we derive W = T(π(Q)−π(Q/2))+ µ(m)S(m) (6) mX∈M∗ where t2 −4p S(m) = . (cid:18) m (cid:19) X X 1≤t≤T Q/2≤p≤Q Thus t2 −4p |S(m)| ≤ . (cid:12) (cid:12) X (cid:12) X (cid:18) m (cid:19)(cid:12) Q/2≤p≤Q(cid:12)1≤t≤T (cid:12) (cid:12) (cid:12) For m ≤ T1/4 we use Lemma 2 an(cid:12)d note that (cid:12) Cω(m) = τ(m)logC/log2 = mo(1), so we obtain S(m) ≪ π(Q) T/m+Csm1/2logm ≪ π(Q)T/m. (cid:0) (cid:1) Thus for the contribution from all such sums we derive 1 |S(m)| ≪ π(Q)T 1/m ≪ π(Q)T  1+ −1. (7) (cid:18) ℓ(cid:19) mX∈M∗ mX∈M∗ ℓ∈Y[M,L] m≤T1/4 m≤T1/4   Furthermore 1 1 1 log 1+ = log 1+ ≪ . (cid:18) ℓ(cid:19) (cid:18) ℓ(cid:19) ℓ Y X X ℓ∈[M,L] ℓ∈[M,L] ℓ∈[M,L] 6 By the Mertens theorem, see [5, Equation (2.15)], 1 logL = log +O(1/logM) ℓ logM X ℓ∈[M,L] loglogQ+loglogloglogQ+log0.3 = log +O(1/logM) loglogQ−loglogloglogQ loglogloglogQ = log 1+O +O(1/logM) (cid:18) (cid:18) loglogQ (cid:19)(cid:19) loglogloglogQ ≪ . loglogQ Therefore 1 loglogloglogQ 1+ = 1+O . (cid:18) ℓ(cid:19) (cid:18) loglogQ (cid:19) Y ℓ∈[M,L] Inserting this bound in (7), we obtain loglogloglogQ |S(m)| ≪ π(Q)T = o(π(Q)T). loglogQ (8) mX∈M∗ m≤T1/4 To estimate the sums S(m) for m > T1/4, using the Cauchy inequality and then extending the summation range over all integers n ≤ 4Q, we derive 2 t2 −4p |S(m)|2 = π(Q) (cid:12) (cid:12) (cid:18) m (cid:19) X (cid:12) X (cid:12) Q/2≤p≤Q(cid:12)1≤t≤T (cid:12) (cid:12) (cid:12) 2 (cid:12) t2 −n (cid:12) ≤ π(Q) (cid:12) (cid:12) (cid:18) m (cid:19) X (cid:12) X (cid:12) n≤4Q(cid:12)1≤t≤T (cid:12) (cid:12)(cid:12) (s2 −n)(cid:12)(cid:12)(t2 −n) = π(Q) . (cid:18) m (cid:19) X X 1≤s,t≤T n≤4Q If gcd(s2 − t2,m) > m1/2, we estimate the inner sum trivially as O(Q). The total contribution from such pairs (s,t), is at most 1 ≤ T (T/d+1)2ω(d) X X X d|m 1≤s,t≤T d|m (9) d>m1/2s2≡t2 (modd) d>m1/2 ≤ T T/m1/2 +1 τ(m)2, (cid:0) (cid:1) 7 since for a square-free d, by the Chinese remainder theorem, any quadratic congruence of the form s2 ≡ a (mod d), 1 ≤ s ≤ d, has at most 2ω(d) solutions. If gcd(s2 −t2,m) ≤ m1/2, we apply Lemma 3 to the inner sum, getting (s2 −n)(t2 −n) ≤ 16Q gcd(s2 −t2,m)m−1τ(m)r2+2r 1/r2r (cid:12) (cid:12) (cid:18) m (cid:19) (cid:12)(cid:12)nX≤4Q (cid:12)(cid:12) (cid:16) (cid:17) (10) (cid:12)(cid:12) (cid:12)(cid:12) ≤ 16Q m−1/2τ(m)r2+2r 1/r2r (cid:16) (cid:17) for any positive integer r with (4Q)r > m3. (11) Therefore, combining (9) and (10), we obtain S(m)2 ≪ π(Q)QT T/m1/2 +1 τ(m)2 +π(cid:0)(Q)QT2 m−(cid:1)1/2τ(m)r2+2r 1/r2r . (12) (cid:16) (cid:17) Furthermore, for m ∈ M we have logQlogloglogQ τ(m) ≤ 2π(L) = exp (log2+o(1)) . (13) (cid:18) loglogQ (cid:19) So if loglogQ r2 +r ≤ 0.01 (14) logloglogQ then for m > T1/4 we have τ(m)r2+2r ≤ Q0.01log2+o(1) = T0.01log2+o(1) ≤ m0.04log2+o(1) ≤ m1/6, provided that Q is large enough. Hence, m−1/2τ(m)r2+2r ≤ m−1/3 ≤ T−1/12. Furthermore, since (13) implies that τ(m) = To(1) for m ∈ M, we see that (12) implies that for m > T1/4, for any r satisfying (11) and (14), we have S(m) ≪ QT1−1/24r2r. 8 Therefore, |S(m)| ≪ 2π(L)QT1−1/24r2r mX∈M∗ m>T1/4 logQlogloglogQ ≤ QT1−1/24r2r exp (log2+o(1)) . (cid:18) loglogQ (cid:19) In particular, if we set r = ⌊logloglogQ⌋ then logQ T1/24r2r = exp . (cid:18)(loglogQ)log2+o(1)(cid:19) Therefore, |S(m)| ≪ QT1−1/25r2r = o(π(Q)T). (15) mX∈M∗ m>T1/4 It is also obvious that (14) is satisfied for the above choice of r. Furthermore, the condition (11) is satisfied as well because (4Q)r ≥ exp((1+o(1))logQlogloglogQ) and maxm = exp((1+o(1))L) = exp((0.3+o(1))logQlogloglogQ). m∈M Substituting (8) and (15) in (6), we see that (5) holds, which concludes the proof. Acknowledgement The author is very grateful to Andrew Sutherland for very useful comments. During the preparation of this work the author was supported in part by theAustralianResearchCouncilgrantDP1092835,andMacquarieUniversity grant MQRDG1465020. 9 References [1] R. Avanzi, H. Cohen, C. Doche, G. Frey, T. Lange, K. Nguyen and F. Vercauteren, Elliptic and hyperelliptic curve cryptography: Theory and practice, CRC Press, 2005. [2] S. Baier and L. Zhao, ‘On primes in quadratric progressions’, Int. J. Number Theory, 5 (2009), 1017–1035. [3] M.-C. Chang, ‘Short character sums for composite moduli’, Preprint, 2011 (available from http://arxiv.org/abs/1201.0299). [4] M. Deuring, ‘DieTypen der Multiplikatorenringe elliptischer Funktio- nenko¨rper’, Abh. Math. Sem. Hansischen Univ., 14 (1941), 197–272. [5] H. Iwaniec and E. Kowalski, Analytic number theory, Amer. Math. Soc., Providence, RI, 2004. [6] G. S., Lu¨, and H. W. Sun, ‘Prime in quadratic progressions on aver- age’, Acta Math. Sin. (Engl. Ser.), 27 (2011), 1187–1194. [7] F. Luca and I. E. Shparlinski, ‘On quadratic fields generated by poly- nomials’, Arch. Math., 91 (2008), 399–408. [8] H. L. Montgomery and R. C. Vaughan, Multiplicative number theory I: Classical theory, Cambridge Univ. Press, Cambridge, 2006. [9] M. Rabin, ‘Probabilistic algorithms for testing primality’, J. Number Theory, 12 (1980), 128–138. [10] T. Satoh, ‘On p-adic point counting algorithms for elliptic curves over finite fields’, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 2369 (2002), 43–66. [11] I. E. Shparlinski and A. V. Sutherland, ‘On the distribution of Atkin and Elkies primes’, Preprint, 2011 (available from http://arxiv.org/abs/1112.3390). [12] J. H. Silverman, The arithmetic of elliptic curves, 2nd ed., Springer, Dordrecht, 2009. 10

See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users