7 Legendre, Jacobi, & Quadratic Reciprocity
Tải bản đầy đủ
1.7. Legendre, Jacobi, & Quadratic Reciprocity
59
Proof. As seen in Example 1.23, part (1) is a corollary of Euler’s Criterion.
This may now be used to establish part (2) as follows.
b
p
c
p
≡ b(p−1)/2 c(p−1)/2 ≡ (bc)(p−1)/2 ≡
bc
p
(mod p).
Part (3) is an immediate consequence of the deﬁnition of a quadratic residue.✷
To establish Gauss’s Quadratic Reciprocity Law, we ﬁrst need a technical
result proved by him.
☞ Lemma 1.2 Gauss’s Lemma on Residues
Let p > 2 be a prime and c ∈ Z such that p c. Suppose that c denotes the
cardinality of the set
{jc : 1 ≤ j ≤ (p − 1)/2, jc > p/2},
where the jc denotes reduction of jc to its least positive residue modulo p. Then
c
p
= (−1)c .
Proof. For each natural number j ≤ (p − 1)/2, deﬁne
cj =
jc
p − jc
if jc < p/2,
if jc > p/2.
If 1 ≤ j, k ≤ (p − 1)/2, then it is a simple veriﬁcation that cj ≡ ck (mod p)
if and only if j = k. Hence, cj ≡ ck (mod p) for all j = k with 1 ≤ j, k ≤
(p − 1)/2. Thus, we have (p − 1)/2 incongruent natural numbers, all less than
p/2. Therefore,
(p−1)/2
cj ≡
j=1
p−1
2
! (mod p).
(1.6)
Also, since p − jc ≡ (−1)(jc) (mod p), then
(p−1)/2
cj ≡ (−1)c · c(p−1)/2 ·
j=1
p−1
! (mod p).
2
(p−1)/2
By equating the two versions of
through by (−1)c · ( p−1
2 )!, we get
j=1
cj in (1.6)–(1.7), and dividing
c(p−1)/2 ≡ (−1)c (mod p),
and by Euler’s Criterion in Example 1.23,
c(p−1)/2 ≡
© 2007 by Taylor & Francis Group, LLC
c
p
(1.7)
(mod p),
60
1. Mathematical Basics
✷
so the result follows.
An important consequence of Gauss’s Lemma that we will need to prove his
quadratic reciprocity law is contained in the following.
☞ Corollary 1.4 Let c ∈ Z be odd, and p > 2 prime such that p c. Then
c
p
= (−1)M ,
where
(p−1)/2
jc/p .
M=
j=1
Proof. For each natural number j ≤ (p − 1)/2, we have jc = qj p + rj , where
rj ∈ N with rj < p, by the Division Algorithm. In the notation of the proof of
Gauss’s Lemma, this means that rj = jc, so
if rj < p/2,
if rj > p/2,
rj
p − rj
cj =
and qj = jc/p . Arrange the rj so that rj > p/2 for j = 1, 2, . . . , c, and
rj < p/2 for j = c + 1, c + 2, . . . , (p − 1)/2, which is allowed since we know from
the proof of Gauss’s Lemma that the cj are just the values 1, 2, . . . , (p − 1)/2 in
some order. Thus, we have
(p−1)/2
(p−1)/2
jc =
j=1
(p−1)/2
p jc/p +
j=1
rj .
(1.8)
j=1
Also, since the cj are just a rearrangement of the numbers 1, 2, . . . , (p − 1)/2,
then
(p−1)/2
(p−1)/2
c
(p − rj ) +
j=
j=1
j=1
j=c+1
j=1
jc/p − c + 2
j=1
Now we reduce (1.10) modulo 2 to get
(p−1)/2
j=1
rj .
(1.9)
j=c+1
c
rj .
j=1
jc/p − c (mod 2),
0≡
© 2007 by Taylor & Francis Group, LLC
(p−1)/2
j = p
(c − 1)
rj +
j=1
Subtracting (1.9) from (1.8), we get
(p−1)/2
(p−1)/2
c
rj = pc −
(1.10)
1.7. Legendre, Jacobi, & Quadratic Reciprocity
61
since c ≡ p ≡ 1 (mod 2), which means that
(p−1)/2
c≡
jc/p (mod 2).
j=1
✷
By Gauss’s Lemma, we are now done.
We are now in a position to establish Gauss’s famous result, which he ﬁrst
proved in his masterpiece [35].
Theorem 1.23 The Quadratic Reciprocity Law
If p = q are odd primes, then
q
p
p
q
= (−1)
p−1 q−1
2 · 2
.
Equivalently,
q
p
=−
p
q
q
p
if p ≡ q ≡ 3 (mod 4), and
=
p
q
otherwise.
Proof. First we establish that
p−1 q−1
·
=
2
2
(p−1)/2
(q−1)/2
kq/p +
k=1
jp/q .
(1.11)
j=1
Let
S = {(jp, kq) : 1 ≤ j ≤ (q − 1)/2; 1 ≤ k ≤ (p − 1)/2}.
q−1
The cardinality of S is p−1
2 · 2 . Also, it is an easy check to verify that jp = kq
for any 1 ≤ j ≤ (q − 1)/2, or 1 ≤ k ≤ (p − 1)/2. Furthermore, set
S = S1 ∪ S2 ,
where
S1 = {(jp, kq) ∈ S : jp < kq},
and
S2 = {(jp, kq) ∈ S : jp > kq}.
If (jp, kq) ∈ S1 , then j < kq/p. Also, kq/p ≤ (p−1)q/(2p) < q/2. Therefore,
kq/p < q/2, from which it follows that
kq/p ≤ (q − 1)/2.
(p−1)/2
Hence, the cardinality of S1 is k=1
kq/p . Similarly, the cardinality of S2
(q−1)/2
is j=1
jp/q . This establishes (1.11).
© 2007 by Taylor & Francis Group, LLC
62
1. Mathematical Basics
Now set M =
Corollary 1.4, then
(p−1)/2
k=1
(q−1)/2
j=1
kq/p , and N =
q
p
= (−1)M .
p
q
= (−1)N .
jp/q . If we let q = c in
Similarly,
Hence,
p
q
q
p
= (−1)M +N .
✷
The result now follows from (1.11).
Example 1.24 Let p = 7 and q = 991. Then by the Quadratic Reciprocity
Law,
p
q
q
p
=
7
991
7
991
=−
991
7
3·495
= (−1)
= (−1)
so
991
7
=−
4
7
2
7
=−
p−1 q−1
2 · 2
= −1,
2
= −1.
Hence, x2 ≡ 7 (mod 991) has no solutions x ∈ Z.
Exercises 1.124–1.125 on page 66 are applications of the Quadratic Reciprocity Law. We conclude this section with a generalization of the Legendre
symbol, which we will require later in the text.
Deﬁnition 1.19 The Jacobi Symbol
e
Let n > 1 be an odd natural number with n = j=1 pj j where ej ∈ N and the
pj are distinct primes. Then the Jacobi Symbol of a with respect to n is given
by
k
e
a
a j
,
=
n
pj
j=1
k
for any a ∈ Z, where the symbols on the right are Legendre Symbols.
Biography 1.20 Carl Gustav Jacob Jacobi (1804–1851) was born in Potsdam
in Prussia on December 10, 1804, to a wealthy German banking family. In
August of 1825, Jacobi obtained his doctorate from the University of Berlin
on an area involving partial fractions. The next year he became a lecturer at
the University of K¨
onigsberg and was appointed as a professor there in 1831.
Jacobi’s ﬁrst major work was his application of elliptic functions to number
theory. Also, he made contributions to analysis, geometry, and mechanics. He
died of smallpox on February 18, 1851.
© 2007 by Taylor & Francis Group, LLC
1.7. Legendre, Jacobi, & Quadratic Reciprocity
63
We will require the following result to establish properties of the Jacobi
Symbol. This result is known as the Supplement to the Quadratic Reciprocity
Law. Such supplements also exist for the higher reciprocity laws (see [62, pp.
273–332].
Proposition 1.8 Let p be an odd prime. Then the following Legendre Symbol
identity holds,
p2 −1
2
= (−1) 8 .
p
Proof. Let M =
(p−1)/2
j=1
(p−1)/2
j=1
jc/p where c ∈ Z such that p c, and note that
j = (p − 1)/8 by Theorem 1.4 on page 10.
From (1.10) in the proof of Corollary 1.4 on page 60,
2
c
(c − 1)(p2 − 1)/8 = p(M − c) + 2
rj .
j=1
Therefore,
(p2 − 1)
(c − 1) (mod 2).
8
If c = 2, then M = 0, since 2j/p = 0 for all j ∈ N with j < p/2, so
c≡M+
c≡
(p2 − 1)
(mod 2).
8
This establishes the result via Gauss’s Lemma 1.2 on page 59.
✷
Corollary 1.5 Let p be an odd prime. Then
2
p
=
1
if p ≡ ±1 (mod 8),
−1 if p ≡ ±3 (mod 8).
Proof. By Proposition 1.8, 2 is a quadratic residue modulo p if and only
if (p2 − 1)/8 is even, namely whenever p2 ≡ 1 (mod 16). This occurs precisely
when p ≡ ±1 (mod 8). Similarly, 2 is a quadratic nonresidue modulo p when
(p2 − 1)/8 is odd, namely whenever p2 ≡ 9 (mod 16), and this occurs precisely
when p ≡ ±3 (mod 8).
✷
The Jacobi Symbol satisﬁes the following properties.
Theorem 1.24 Properties of the Jacobi Symbol
Let m, n ∈ N, with n odd, and a, b ∈ Z. Then
(1)
ab
n
=
a
n
b
.
n
© 2007 by Taylor & Francis Group, LLC
64
(2)
1. Mathematical Basics
a
=
n
b
n
if a ≡ b (mod n).
a
a
=
mn
m
(3) If m is odd, then
(4)
−1
n
(5)
2
n
a
.
n
= (−1)(n−1)/2 .
= (−1)(n
2
−1)/8
.
(6) If gcd(a, n) = 1 where a ∈ N is odd, then
a
n
a−1 n−1
n
= (−1) 2 · 2 ,
a
which is the Quadratic Reciprocity Law for the Jacobi Symbol.
Proof. Properties (1)–(2) follow from the results for the Legendre Symbol
given in Theorem 1.22 on page 58. Property (3) is an easy consequence of
Deﬁnition 1.19. For part (4), observe that if n = j=1 pj where the pj are (not
necessarily distinct) primes, then
(pj − 1 + 1) ≡ 1 +
n=
j=1
(pj − 1) (mod 4),
j=1
since all pj − 1 are even. Thus,
n−1
≡
2
(pj − 1)/2 (mod 2).
(1.12)
j=1
(pj − 1)/2. Therefore, by part (3)
For convenience’s sake, we set S =
j=1
proved above and part (1) of Theorem 1.22 in conjunction with (1.12),
−1
n
=
j=1
−1
pj
(−1)(pj −1)/2 = (−1)S = (−1)(n−1)/2 ,
=
j=1
which is part (4). For part (5), ﬁrst observe that
n2 =
(p2j − 1 + 1) ≡ 1 +
p2j =
j=1
j=1
(p2j − 1) (mod 16),
j=1
since p2j ≡ 1 (mod 8) for all such j. Therefore,
n2 − 1
≡
8
© 2007 by Taylor & Francis Group, LLC
2
j=1 (pj
8
− 1)
(mod 2),
1.7. Legendre, Jacobi, & Quadratic Reciprocity
and we set T =
2
n
j=1
65
(p2j − 1)/8 for convenience. By Proposition 1.8 on page 63,
=
j=1
2
pj
(p2j −1)/8
=
(−1)
T
= (−1) = (−1)(n
2
−1)/8
,
j=1
t
which secures part (5). For part (6), let a = j=1 qj , where the qj are (not
necessarily distinct) primes. Since gcd(a, n) = 1, then pj = qk for any j, k.
Thus, by properties (1) and (3), established above,
a
n
t
j=1 k=1
n
=
a
j=1
t
qk
pj
k=1 j=1
pj
qk
t
a
pj
n
qk
k=1
t
=
j=1 k=1
=
pj
qk
qk
,
pj
and by Theorem 1.23, this equals
t
(−1)
pj −1 q −1
· k2
2
= (−1)U ,
j=1 k=1
where
t
U=
j=1 k=1
pj − 1 q k − 1
·
=
2
2
j=1
pj − 1
2
t
k=1
qk − 1
.
2
However, as shown for the pj in (1.12),
t
k=1
qk − 1
a−1
≡
(mod 2),
2
2
✷
so the result follows.
Example 1.25 We have the following for n = 15,
2
15
=
2
3
2
5
= (−1)(−1) = 1.
However, 2 is not a quadratic residue modulo 15. Thus, more caution must be
exercised with the interpretation of the use of the Jacobi Symbol. See Exercises
1.126–1.127.
The use of the Jacobi Symbol for primality testing will become apparent as
we travel through the text.
© 2007 by Taylor & Francis Group, LLC
66
1. Mathematical Basics
Exercises
1.124. Prove that if p > 2 is prime, then
3
p
=
if p ≡ ±1 (mod 12),
if p ≡ ±5 (mod 12).
1
−1
1.125. Verify the Legendre Symbol identity,
p−1
j=1
j
p
= 0,
where p is an odd prime by showing that there are (p − 1)/2 quadratic
residues and (p − 1)/2 quadratic nonresidues modulo p. Then use this fact
to establish the Legendre Symbol identity,
p−1
j=0
(j − a)(j − b)
p
=
p − 1 if a ≡ b (mod p),
−1
if a ≡ b (mod p).
1.126. Let a ∈ Z, and n ∈ N odd. Prove that if
a
pt
= 1 for all primes p such
that p ||n for some t ∈ N, then a is a quadratic residue modulo n (see
Footnote 1.6 on page 49).
t
1.127. Let n ∈ N be odd. Prove that m
n = 1 for all m ∈ N with m < n such
that gcd(m, n) = 1 if and only if n is a perfect square.
1.128. Let f (x) = ax2 + bx + c where a, b, c ∈ Z, and set ∆ = b2 − 4ac. Suppose
p−1
= − ap .
that p > 2 is a prime not dividing ∆. Prove that x=0 f (x)
p
1.129. Let f (x) = ax2 + bx + c where a, b, c ∈ Z, and set ∆ = b2 − 4ac. Suppose
that p > 2 is a prime such that p|∆. Prove that
p−1
x=0
Sums of the form
f (x)
p
= (p − 1)
a
p
.
( f (x)
p ) are called Jacobsthal sums.
Biography 1.21 Ernst Jacobsthal (1882–1965) was born in Berlin on October
16, 1882. He received his doctorate in Berlin in 1906 with his doctoral advisors
being Georg Frobenius and Issai Schur. From 1913 he was a lecturer at the
technical university of Berlin. In 1934, he emigrated to Norway where he took
a position as a professor at the technical university of Trondheim. After the
occupation of Norway, he ﬂed in January of 1943 to Sweden. When the war
ended, he returned to Trondheim to resume his position there. He died in
Ueberlingen in 1965.
© 2007 by Taylor & Francis Group, LLC
1.8. Complexity
1.8
67
Complexity
The amount of time required for
the execution of an algorithm on a
computer is measured in terms of bit
operations, which are deﬁned as follows: addition, subtraction, or multiplication of two binary digits; the division of a two-bit integer by a onebit integer; or the shifting of a binary
digit by one position. (The reader
unfamiliar with computer arithmetic
should consult Appendix B.) The number of bit operations necessary to complete the performance of an algorithm
is called its computational complexity
or simply its complexity. This method
of estimating the amount of time taken
to execute a calculation does not take
into account such things as memory
access or time to execute an instruction. However, these executions are
very fast compared with a large number of bit operations, so we can safely
ignore them. These comments are
made more precise by the introduction
of the following notation introduced by
Edmund Landau.
Biography 1.22 Edmund
Georg
Hermann Landau (1877–1938) was
born on February 14, 1877, in Berlin,
Germany. He attended the French
Lyc´ee in Berlin, then entered the University of Berlin to study mathematics
at the age of sixteen. He received his
doctorate in 1899 in number theory,
having studied under Frobenius. (See
Biography 1.21 on page 66.) In 1901,
he submitted his Habilitation on analytic number theory. Then he taught
at the University of Berlin from 1899
until 1909, when he was appointed to
G¨
ottingen as a successor to Minkowski
(1864–1909). In 1909, he published
the ﬁrst systematic presentation of
analytic number theory. In 1933, he
was forced out of G¨
ottingen by the
National Socialist regime. After this
he lectured only outside Germany. He
died on February 19, 1938, in Berlin.
Deﬁnition 1.20 Big O Notation
Suppose that f and g are positive real-valued functions. If there exists a
positive real number c such that
f (x) < cg(x)
(1.13)
for all suﬃciently large1.7 x, then we write
f (x) = O(g(x)) or simply f = O(g).
(1.14)
(Mathematicians also write f << g to denote f = O(g) — see Biography 1.23
on page 68.)
Big O is the order of magnitude of the complexity, an upper bound on the
number of bit operations required for execution of an algorithm in the worstcase scenario, namely in the case where even the trickiest or the nastiest inputs
1.7 Here suﬃciently large means that there exists some bound B ∈ R+ such that f (x) < cg(x)
for all x > B. We just may not know explicitly the value of B. Often f is deﬁned on N rather
than R and occasionally over any subset of R.
© 2007 by Taylor & Francis Group, LLC
68
1. Mathematical Basics
are given. It is possible that most often for a given algorithm even less time will
be used, but we must always account for the worst-case scenario.
The comments made before Deﬁnition 1.20 may now be put into perspective.
The deﬁnition of the time taken to
perform a given algorithm does not Biography 1.23 The notation << was
take into consideration time spent introduced by I.M. Vinogradov, a Rusreading and writing such as memory sian mathematician who proved in 1937
access, timings of instructions, even that every suﬃciently large positive intethe speed or amount of memory of ger is the sum of at most four primes.
a computer, all of which are negligi- This is related to Goldbach’s Conjecture,
ble in comparison with the order of which says that every even n ∈ N with
magnitude complexity. The greatest n > 2 is a sum of two primes. The “=”
merit of this method for estimating in (1.14) should be considered as a < and
execution time is that it is machine the “O” should be considered as a conindependent. In other words, it does stant multiple. The equality is a means
not rely upon the speciﬁcs of a given of saying that f is a member of the family
computer, so the order of magnitude satisfying (1.13).
complexity remains the same, irrespective of the computer being used.
In the analysis of the complexity of an algorithm, we need not know exactly how
long it takes (namely, the exact number of bit operations required to execute
the algorithm), but rather it suﬃces to compare with other objects, and these
comparisons need not be immediate but rather long-term. In other words, what
Deﬁnition 1.20 says is that if f is O(g), then eventually f (x) is bounded by
some constant multiple cg(x) of g(x). We do not know exactly what c happens
to be or just how big x must be before (1.13) occurs. However, for reasons given
above, it is enough to account for the eﬃciency of the given algorithm in the
worst-case scenario.
Example 1.26 A simple illustration of the use of Big O is to determine the
number of bits in a base b integer. If n is a tn -bit base b integer, then
btn −1 ≤ n < btn .
Therefore, tn = logb n + 1, so an estimate on the size of tn is, in general,
tn = O(logb n). Shortly, we will demonstrate that the base b of the logarithm is
irrelevant in determining complexity.
Another simple illustration of the use of the Big O notation is to refer to
Appendix B, where we introduced the algorithms for adding, subtracting, multiplying, and dividing two s-bit integers. Review of these algorithms shows us
that addition or subtraction take O(s) bit operations, which is also the number of bit operations required to compare them (determine which is larger, or
whether they are equal). On the other hand, the multiplication of an s-bit integer with an t-bit integer requires O(st) bit operations (see Exercise 1.130 on
© 2007 by Taylor & Francis Group, LLC
1.8. Complexity
69
page 78). By Exercise 1.140, division of an s-bit integer by an t-bit integer, with
s ≤ t, takes O(st) bit operations.
If a number n has no more than s bits, then n ≤ 2s , so if we wish to
describe complexity in terms of the numbers themselves rather than their respective bit sizes, then we can rephrase the above as follows. The addition,
subtraction or comparison of two integers less than n takes O(log2 (n)) bit operations, and the multiplication of two such integers takes O(log22 (n)) bit operations, while division of n by m ≤ n takes O(log2 m log2 n) bit operations.
The amount of time taken by a
computer to perform a task is (essentially) proportional to the number of
bit operations. In the simplest possible terms, the constant of proportionality, which is the number of nanoseconds per bit operation, depends upon
the computer being used. (A nanosecond is 1/109 of a second — a billionth
of a second.) This accounts for the
machine independence of the Big O
method of estimating complexity since
the constant of proportionality is of
no consequence in the determination
of Big O.
◆ Time Estimates
Some Basic Facts: (1) Recall that
ln n means loge n, the logarithm to the
base e, the natural or canonical base,
where we often use exp(x) in place of ex
for convenience. In the mathematical
literature, log x is often used for loge x.
Also, recall that logb x = ln x/ ln b.
(2) To say that a is proportional to b
means that a/b = c, a constant, called
the constant of proportionality. This relationship is often written as a ∝ b in
the literature.
(3) Recall that a (nonconstant) polynomial is a function of the form
n
i
i=0 ai x for n ∈ N, where the ai are
the coeﬃcients (see page 311).
A fundamental time estimate in
executing an algorithm is polynomial
time (or simply polynomial). In other words, an algorithm is polynomial when
its complexity is O(nc ) for some constant c ∈ R+ , where n is the bitlength
of the input to the algorithm, and c is independent of n. (Observe that any
polynomial of degree c is O(nc ).) In general, these are the desirable algorithms,
since they are the fastest. Therefore, roughly speaking, the polynomial time
algorithms are the good or eﬃcient algorithms. For instance, the algorithm is
constant if c = 0; if c = 1, it is linear; if c = 2, it is quadratic; and so on.
Examples of polynomial time algorithms are those for the ordinary arithmetic
operations of addition, subtraction, multiplication, and division. On the other
hand, those algorithms with complexity O(cf (n) ) where c is constant and f is a
polynomial on n ∈ N are exponential time algorithms or simply exponential. A
subexponential time algorithm is one for which the complexity for input n ∈ N
is
O(exp((c + o(1))(ln n)r (ln ln n)1−r )
where r ∈ R with 0 < r < 1 and c is a constant, where o(1) denotes a function
f (n) such that limn→∞ f (n) = 0. (In general, f (n) = o(g(n)) means that
limn→∞ f (n)/g(n) = 0. Thus, o(1) is used to symbolize a function whose limit
© 2007 by Taylor & Francis Group, LLC