Cryptography Reference
In-Depth Information
By Proposition 8.26, there exist integers
m, n
with gcd(
m, n
) = 1 such that
s
=
m
2
− n
2
,
t
=
m
2
+
n
2
.
2
e
=2
mn,
Therefore,
pr
2
=
s
2
+2
e
2
=(
m
2
n
2
)
2
+2(
mn
)
2
=
m
4
+
n
4
.
−
Let
q
be a prime dividing
r
. Proposition 8.26 says that
m ≡ n
(mod 2), which
implies that
pr
2
must be odd. Therefore,
q
=2. Sincegcd(
m, n
) = 1, at least
one of
m, n
is not divisible by
q
. It follows that both
m, n
are not divisible by
q
,since
m
4
+
n
4
≡
0(mod
q
). Therefore,
(
m/n
)
4
≡−
1(mod
q
)
.
It follows that
m/n
has order 8 in
F
q
,so
q ≡
1 (mod 8). Since
r
is a positive
integer and all prime factors of
r
are 1 mod 8, we obtain
r ≡
1(mod
.
Therefore,
r
2
≡
1 (mod 16), so
m
4
+
n
4
=
pr
2
≡
9
(mod 16)
.
But, for an arbitrary integer
j
,wehave
j
4
≡
0
,
1 (mod 16). Therefore,
m
4
+
n
4
≡
0
,
1
,
2
(mod 16)
,
so
pr
2
=
m
4
+
n
4
. This contradiction proves that
C
1
,p,p
has no rational points.
We now need to show that
C
1
,p,p
has
q
-adic points for all primes
q ≤∞
.
The proof breaks into four cases:
q
=
∞
,
q
=2,
q
=
p
,andallother
q
.
The case of the reals is easy. Let
u
be large enough that
u
2
>
2
p
.Then
choose
v, w
satisfying (8.14).
For
q
=2,write
u
=1
/
2
,
v
=
v
1
/
2
,
w
=
w
1
/
2
.
The equations for
C
1
,p,p
become
1
− pv
1
=8
p,
1
− pw
1
=
−
8
p.
We need to solve
v
1
=(1
w
1
=(1+8
p
)
/p
−
8
p
)
/p,
in the 2-adics. Since
(1
±
8
p
)
/p ≡
1(mod
,
and since any number congruent to 1 mod 8 has a 2-adic square root (see
Appendix A),
v
1
,w
1
exist. Therefore,
C
1
,p,p
has a 2-adic point.
Search WWH ::
Custom Search