1

I was playing around with sage trying to find some clues for how to answer a question [1] and I found that for all primes $\le 10000$, if there exists a $k \in \mathbf{F}_p$ that is a square but not a fourth power then:

  1. $E(\mathbf{F}_p)$ always has points of order 4 when $E: y^2=x^3 -x$
  2. $E(\mathbf{F}_p)$ never has points of order 4 when $E: y^2=x^3 -kx$ where $k$ is a square but not a fourth power in $\mathbf{F}_p$
  3. $E_1(\mathbf{F}_p) \cong E_2(\mathbf{F}_p)$ where $E_1: y^2=x^3 -k_1x$, $E_2: y^2=x^3 -k_2x$ and $k_i$ are squares but not fourth powers in $\mathbf{F}_p$

I was wondering if this was true $\forall p$. If I can solve the question [1] then we would have #1 $\iff$ #2. From Theorem 4.23 we know that $|E_1(\mathbf{F}_p)| = |E_2(\mathbf{F}_p)|$, but this does not imply that the groups are isomorphic [I think] since the j-invariants are different.

Any advice on how to answer the question [1] or prove/disprove the above 1-3?

[1] exercise 4.5 (part 4) on p115 of Elliptic Curves Number Theory And Cryptography (2nd Edition)

Let $p = 1 \pmod 4$ be prime and let $E$ be given by $y^2 = x^3 - kx$, where $k \neq 0 \pmod p$.

  1. [DONE] Use Theorem 4.23 to show that $|E(\mathbf{F}_p)|$ is a multiple of 4 when $k$ is a square mod $p$.
  2. [DONE] Show that when $k$ is a square mod $p$, then $E(\mathbf{F}_p)$ contains 4 points $P$ satisfying $2P = \infty$. Conclude again that $|E(\mathbf{F}_p)|$ is a multiple of 4.
  3. [DONE] Show that when $k$ is not a square mod $p$, then $E(\mathbf{F}_p)$ contains no points of order 4.
  4. [WIP] Let $k$ be a square but not a fourth power mod $p$. Show that exactly one of the curves $y^2 = x^3 - x$ and $y^2 = x^3 - kx$ has a point of order 4 defined over $\mathbf{F}_p$.

[2] Theorem 4.23

Let $p$ be an odd prime and let $k \neq 0 \pmod p$. Let $N_p =| E(\mathbf{F}_p)|$, where $E$ is the elliptic curve

$$y^2 = x^3 - kx$$

  1. If $p \equiv 3 \pmod 4$, then $N_p = p + 1$.
  2. If $p \equiv 1 \pmod 4$, write $p = a^2 + b^2$, where $a,b$ are integers with $b$ even and $a + b \equiv 1 \pmod 4$. Then

$$ N_p = \begin{cases} p + 1 - 2a & \text{ if $k$ is a fourth power mod $p$} \\ p + 1 + 2a & \text{ if $k$ is a square mod $p$ but not a 4th power mod $p$} \\ p + 1 \pm 2b & \text{ if $k$ is not a square mod $p$}. \end{cases} $$

Stent
  • 145
  • Are you sure about (1)? What about $p=11$? – Aphelli Sep 11 '24 at 09:30
  • For $p=11$ you are right, there are no points of order 4. I need to adjust the context: only look at $p$ where there exist elements of $F_p$ that are squares but not fourth powers. The squares in $F_{11}$ are all fourth powers – Stent Sep 11 '24 at 09:35
  • 1
    Equivalently, you want to restrict to $p \equiv 1 \pmod{4}$, then. – Aphelli Sep 11 '24 at 09:37
  • Would you mind explaining why those are equivalent? Or could you give me a clue to try and figure it out myself? – Stent Sep 11 '24 at 09:48
  • 1
    Re my previous comment, recall that $\mathbb{F}_p^{\times}$ is a cyclic group of order $p-1$. For 3), the same remark implies that you can write $k_2=u^4k_1$ and then there is an explicit bijection between $E_1(\mathbb{F}_p)$ and $E_2(\mathbb{F}_p)$. – Aphelli Sep 11 '24 at 09:50
  • I can't figure out the equivalence. I tried the following: look at the size of the image of the map $x^n$ for $n=2,4$. If the images of the 2 maps are the same size then there all squares are fourth powers. For $n=2$ the kernel is size 2 since $x^2-1$ splits in every field, so the image is size $(p-1)/2$. For $n=4$ the kernel is either size 2 or 4, depending on whether $x^2+1$ splits in the field or not, which depends on whether $x^2 \equiv p-1 (\text{mod } p)$. But I can't relate this to $p \equiv 1 (\text{mod } 4)$ – Stent Sep 11 '24 at 10:47
  • Let us continue this discussion in chat. – Stent Sep 11 '24 at 10:53
  • For the original question in the textbook there is this already: https://math.stackexchange.com/questions/3993764/point-order-on-elliptic-curve?rq=1 – Stent Sep 11 '24 at 15:49

0 Answers0