sign in sign up
<<
Home , Quadratic field

arXiv:1902.01773v1 [math.NT] 5 Feb 2019 aiiso eladiaiayqartcfilswt dasta iers t rise give that ideals with fields exhibit authors quadratic the imaginary lattices. [5] well-rounded and In real topic. of the on families results and information more Let Introduction 1 sa is mi:[email protected] email: ou ilb nltie htaiefo dasi h ulrn finteger of ring full the in ideals well-rounded. from lattice field arise a quadratic that computationally such real lattices call a be has on We that to be lattice will vectors. considered a in focus such is interested only is it of one as Therefore comprising role them. lattice find key a to quantum a difficult in a vectors play of Non-zero norm threats systems. Euclidean possible established crypt the hitherto for the defeat tool on to new a claiming as theory, forefront the coding into come have lattices ideal md4 and 4) (mod opeecasfiaino elruddreal well-rounded of classification complete A ∗ an oi nvriy ardCmu,AeiadlVle3,203Ma 28003 34, Valle del Avenida Campus, Madrid University- Louis Saint d Z eso htteiel htgv iet uhltie r pre divisors are lattices to such correspond to that rise ones give that ideals the that show We rsn rmra udai fields quadratic real from arising efil iciiat htis that , field be ouegnrtdby generated module epoieacmlt lsicto fwl-one da l ideal well-rounded of classification complete a provide We d 4 ssur rewith free square is udai da lattices ideal quadratic Q ( √ ntaSrinivasan Anitha d .Terae sdrce o[] 5 n 6 for [6] and [5] [1], to directed is reader The ). n ieryidpnetvcosin vectors independent linearly Abstract Q d a d 4 1 ( of ≡ √ ≡ d d md4 ssur re or free, square is 4) (mod 1 where ) r3(o ) atc in lattice A 4). (mod 3 or 2 htsatisfy that , ∗ d safil discriminant. field a is q d 3 < a < ieythe cisely R gah and ography √ attices n Recently . 3 rd Spain. drid, ihleast with d. infinite basis a attack d Our ≡ of s R o 0 n d √ In [6] the authors consider divisors of d that satisfy 3

2.1 Forms A binary is a function f(x, y) = ax2 + bxy + cy2, where a, b, c are real numbers (called the coefficients of f) and d = b2 4ac is the discriminant. A form is called positive definite if the discriminant− is negative. We consider only integral forms, that is a, b, c are integers. In the case when gcd(a, b, c) = 1, the form is primitive. Often we will suppress the variables x and y, writing a form f(x, y) as simply f =(a, b, c).

2 Two forms f and f ′ are said to be equivalent, written as f f ′, if for some α β ∼ A = SL (Z) we have f ′(x, y)= f(αx + βy,γx + δy). It is easy to γ δ ∈ 2 see that is an equivalence relation on the set of forms of discriminant d. A form∼ f is said to represent an integer m if there exist coprime integers x and y, such that f(x, y)= m. Note that equivalent forms represent the same integers and hence sometimes we refer to a class of forms f that represents a given integer. The set of equivalence classes of primitive forms is an abelian group called the form class group, with group law as composition given in Definition 2.1 in the next section. If f = (a, b, c), then the form (a, b, c) is the inverse of f. The identity −d 1 d form e is defined as the form (1, 0, −4 ) or (1, 1, −4 ) depending on whether d is even or odd respectively. A useful fact is that any form that represents the integer 1 is equivalent to the identity form. The infimum of a f is defined as m(f) = inf f(x, y) : {|1 | x, y Z , where x, y are not both 0. Note that m(f) = m(f − ) and m(kf∈)= }km(f) for any k. A form (a, b, c) of negative discriminant is reduced if b a c where b> 0 in the case when b = a or a = c. Symmetric forms satisfy| |≤ a≤= c. | | 2.2 Ideals Recall that d 0, 1(mod 4) denotes a field discriminant and all ideals are in ≡ the ring of integers. We present below a description of an ideal and the rule for composing two primitive ideals. The reader may refer to [3, Sections 1.1 and 1.2] for more information. Let 1+√d , d 1 (mod4) 2 ≡ w = d ( , d 0 (mod4). 4 ≡ The ring of algebraic integersq is the module with basis [1,w]. A primitive ideal I can be written in the form

b + √d I = aZ + − Z, (1) 2 where a, b are integers such that a > 0 is the norm of the ideal, 0 b < 2a and 4a divides b2 d. ≤ − 3 b2 d If c = 4−a then gcd(a, b, c) = 1as d is a field discriminant and so (a, b, c) = ax2 + bxy + cy2 is a primitive form of discriminant d. Also, if I is not primitive then there is a primitive ideal J such that I = (γ)J for some integer γ. In the following definition we present the formula for the product of ideals which leads to composition of forms.

bk+√d Definition 2.1. (Composition law) Let Ik = akZ+ − 2 Z, k =1, 2, be two primitive ideals. Let f1 =(a1, b1,c1) and f2 =(a2, b2,c2) be the corresponding binary quadratic forms of discriminant d. Let g = gcd(a1, a2, (b1 +b2)/2) and let v1, v2,w be integers such that

v1a1 + v2a2 + w(b1 + b2)/2= g.

If a3 and b3 are given by a a a = 1 2 , 3 g2 a b b b = b +2 2 1 − 2 v c w mod 2a , 3 2 g 2 2 − 2 3  

b3+√d then I I is the ideal a Z + − Z. Also, the composition of the forms 1 · 2 3 2 (a1, b1,c1) and (a2, b2,c2) is the form (a3, b3,c3), where c3 is computed using the discriminant equation. Note that this gives the multiplication in the class group.

2.3 Lemmas on binary quadratic forms The following lemma contains some elementary results on binary quadratic forms that we use in the proof of the main theorem. Lemma 2.1.

1. The form (a, b, c) is equivalent to the form (a, b +2aδ, aδ2 + bδ + c) for any integer δ.

2. The form (a, b, c) is equivalent to the form (c, b, a). − 3. If f =(a, b, c) is a reduced form of negative discriminant, then a and c are the two smallest integers represented by f.

4 1 δ Proof. Parts are 1 and 2 are achieved by the transformation matrices 0 1   0 1 and . For the third part see [4, Chapter 6, Section 8]. 1− 0   In the following lemma we present an elementary fact on forms of order dividing two that is the principal tool in proving our main result. Lemma 2.2. Let f = (a, b, c) be a positive definite form of discriminant d 2 2 a d such that f e. Then either a divides b or 2 | | . ∼ (gcd(a,b)) ≥ 4 Proof. Let the composition of f with itself using the composition law (Def- 2 a inition 2.2) be (A,B,C). Then A = gcd(a,b) , and as equivalent forms represent the same integers, the identity form erepresents A. As e is either d 1 d (1, 0, −4 ) or (1, 1, −4 ) (depending on the parity of d), from Lemma 2.1, part 2 a d 3, if A = 1 then A = | | . Note that A = 1 corresponds to 6 gcd(a,b) ≥ 4 a b.   | 2.4 Real quadratic ideal lattices Let I be an ideal in the ring of integers of a real quadratic field Q(√d) with b √d basis a, −2 . The lattice associated to I denoted by LI has a basis matrix h i b √d a −2 AI = b+√d , a 2 !

m 2 m so that if Z , the elements of the lattice are given by x = AI , n ∈ n with norm form   2 T m QI = x = m n A AI . (2) || || I n   The lattice is well-rounded or WR if there is a basis of elements both of which have the shortest norm. We call an ideal well-rounded if the corresponding lattice is WR.

Lemma 2.3. An ideal I is WR if and only if its norm form QI = tQ, for some positive integer t and Q a primitive form that is equivalent to a reduced symmetric form.

5 Proof. Let I = (γ)J where J is a primitive ideal. Then AI = γAJ and 2 from the norm equation (2), it follows that QI = γ QJ . Let Q be the primitive form obtained by dividing the three coefficients of QJ by their 2 greatest common divisor g. Then QI = γ gQ and the least positive integers 2 represented satisfy m(QI ) = γ gm(Q). Clearly I is WR if and only if Q is WR. By Lemma 2.1, part 3, Q is WR if and only if it is equivalent to a reduced symmetric form and the result follows.

3 Proof of Theorem 1.1

b √d Let I = aZ + −2 Z be a primitive ideal. Recall that d is a field discriminant 2 and hence gcd(a, b, c) = 1, where d = b 4ac. The corresponding lattice LI − has norm form (given by (2))

b2 + d Q =2a2m2 +2abmn + n2. I 2

2 Note that QI is a positive definite form of discriminant 4a d. 2 2 b +d 2 − Let g = gcd(2a , 2ab, 2 ). As d = b 4ac we have g gcd(a, b). It follows that − ≤ Q 2a2 2ab b2 + d Q = I = m2 + mn + n2 g g g 2g a2d is a primitive form of discriminant 4 2 . − g Claim 1 Q2 e if and only if a b. ∼ | Proof. It is easy to see from Definition 2.2 that for any primitive form (A,B,C), if A B, then the composition of the form with itself gives the | 2 identity form (as a3 = 1 in Definition 2.1 ). Therefore if a b then Q e. 2 Now assume that Q2 e. We have gcd( 2a , 2ab ) = 2a gcd(a,| b). By Lemma∼ ∼ g g g 2.2 either a b or | 2 2a2 g a2 a2 2 = 2 2 d. 2a   gcd(a, b) ≥ g g gcd(a, b)   g2 The above gives d 2 1 (as g gcd(a, b)), which is not possible. ≤ gcd(a,b) ≤ ≤

6 Claim 2 If a b then Q is equivalent to a reduced symmetric form if and only | d √ if a = b and 3 0 and to 3

[1] M.T. Damir, D Karpuk, Well-rounded twists of ideal lattices from real quadratic fields, Journal of Number Theory, 196 (March 2019), 168–196.

7 [2] O.W. Gnilke, H.T.N Tran, A. Karrila, C. Hollanti, Well-Rounded Lat- tices for Reliability and Security in Rayleigh Fading SISO Channels, https://arxiv.org/pdf/1605.00419.pdf

[3] R. A. Mollin, Quadratics. CRC press, Boca Raton, 1996.

[4] P. Ribenboim, My Numbers, My Friends, Popular Lectures on Number Theory. Springer-Verlag, 2000.

[5] L. Fukshansky and K. Peterson On well-rounded ideal lattices, Int. J. of Number Theory 8 (1) (2012) 189-206.

[6] L. Fukshansky, G. Henshaw, P. Lao, M. Prince, X. Sun, S. Whitehead, On well-rounded ideal lattices - II, Int. J. of Number Theory 9 (1) (2013) 139-154.

8