Jump to content

Wikipedia:Reference desk/Mathematics

From Wikipedia, the free encyclopedia
Welcome to the mathematics section
of the Wikipedia reference desk.
Select a section:
Want a faster answer?

Main page: Help searching Wikipedia

   

How can I get my question answered?

  • Select the section of the desk that best fits the general topic of your question (see the navigation column to the right).
  • Post your question to only one section, providing a short header that gives the topic of your question.
  • Type '~~~~' (that is, four tilde characters) at the end – this signs and dates your contribution so we know who wrote what and when.
  • Don't post personal contact information – it will be removed. Any answers will be provided here.
  • Please be as specific as possible, and include all relevant context – the usefulness of answers may depend on the context.
  • Note:
    • We don't answer (and may remove) questions that require medical diagnosis or legal advice.
    • We don't answer requests for opinions, predictions or debate.
    • We don't do your homework for you, though we'll help you past the stuck point.
    • We don't conduct original research or provide a free source of ideas, but we'll help you find information you need.



How do I answer a question?

Main page: Wikipedia:Reference desk/Guidelines

  • The best answers address the question directly, and back up facts with wikilinks and links to sources. Do not edit others' comments and do not give any medical or legal advice.
See also:


November 29

[edit]

In finite fields of large characteristics, what does prevent shrinking the modulus field size down to their larger order in order to solve discrete logarithms ?

[edit]

In the recent years, several algorithms were proposed to leverage elliptic curves for lowering the degree of a finite field and thus allow to solve discrete logairthm modulo their largest suborder/subgroup instead of the original far larger finite field. https://arxiv.org/pdf/2206.10327 in part conduct a survey about those methods. Espescially since I don’t see why a large chararcteristics would be prone to fall in the trap being listed by the paper.

I do get the whole small characteristics alogrithms complexity makes those papers unsuitable for computing discrete logarithms in finite fields of large charateristics, but what does prevent applying the descent/degree shrinking part to large characteristics ? 2A01:E0A:401:A7C0:68A8:D520:8456:B895 (talk) 11:00, 29 November 2024 (UTC)[reply]

Try web search for Lim-Lee small subgroup attack. 2601:644:8581:75B0:0:0:0:C426 (talk) 23:09, 1 December 2024 (UTC)[reply]
First the paper apply when no other information is known beside the 2 finite field’s elements and then this is different from https://arxiv.org/pdf/2206.10327. While Pollard rho can remain more efficient, if the subgroup is too large, then it’s still not enough fast. I’m talking about shrinking modulus size directly. 2A01:E0A:401:A7C0:69D2:554C:93AF:D6AC (talk) 15:17, 2 December 2024 (UTC)[reply]

The problem with descent methods like the one described in large characteristic is that the complexity is . This is explained more clearly in [1]. If the characteristic is small, then the problem is O(k) bits, and the complexity id pseudo-polynomial in the number of bits. If the characteristic is large, then the compexity is which is exponential in the number of bits of q. Tito Omburo (talk) 16:36, 2 December 2024 (UTC)[reply]

Are you sure ? I’m not talking about the complexity of the index calculus part like chosing the factor base or computing individual discrete logarithms or the linear algebra phase. Only about the part consisting of shrinking the modulus through lowering it’s degree… 82.66.26.199 (talk) 10:26, 3 December 2024 (UTC)[reply]
The paper I cited above finds the intermediate polynomials by a brute force search in small degree, which is thus polynomial in q. The general heuristic is that the search for intermediate polynomials takes about as long as the index calculus phase. But it looks like no one has a really good way to do it. Tito Omburo (talk) 10:45, 3 December 2024 (UTC)[reply]
And in my case, elliptic curves are used to lower the degree and thus the modulus instead of brutefore. The person who wrote the paper told me in fact the idea was developed initially for medium characteristics but refused to give details for large characteristics. 82.66.26.199 (talk) 11:06, 3 December 2024 (UTC)[reply]
I'm not really convinced that the approach actually works. How are the elliptic curves constructed? The construction given is very implicit. I'm betting that if one actually writes out the details, it involves lifting something from the prime field. Tito Omburo (talk) 16:02, 3 December 2024 (UTC)[reply]
Yes. My request to have more details wasn’t well received. https://sympa.inria.fr/sympa/arc/cado-nfs/2024-12/msg00002.html 2A01:E0A:401:A7C0:5985:1F5D:4595:AA09 (talk) 01:48, 4 December 2024 (UTC)[reply]

November 30

[edit]

Linear differential function

[edit]

Differential 102.213.69.166 (talk) 04:35, 30 November 2024 (UTC)[reply]

What are you talking about? hamster717🐉(discuss anything!🐹✈️my contribs🌌🌠) 14:02, 30 November 2024 (UTC)[reply]



December 4

[edit]

How much is this

[edit]

37.162.46.235 (talk) 11:00, 4 December 2024 (UTC)[reply]

1 for n even, 0 for n odd. For see Grandi's series. --Wrongfilter (talk) 11:18, 4 December 2024 (UTC)[reply]
I hope this is not homework. Note that (for finite ) this is a finite geometric series.  --Lambiam 21:51, 4 December 2024 (UTC)[reply]


December 6

[edit]

Is there anything that would prevent peforming Weil Descent on binary curves of large characteristics ?

[edit]

The ghs attack involve creating an hyperlliptic curve cover for a given binary curve. The reason the attack fails most of the time is the resulting genus grows exponentially relative to the curve’s degree.

We don’t hear about the attack on finite fields of large characteristics since such curves are already secure by being prime. However, I notice a few protocol relies on the discrete logarithm security on curves with 400/500 bits modulus resulting from extension fields of characteristics that are 200/245bits long.

Since the degree is most of the time equal to 3 or 2, is there anything that would prevent creating suitable hyperelliptic cover for such curves in practice ? 2A01:E0A:401:A7C0:28FE:E0C4:2F97:8E08 (talk) 12:09, 6 December 2024 (UTC)[reply]

December 7

[edit]

Mathematical operation navigation templates

[edit]
RDBury is right, this discussion belongs at Wikipedia talk:WikiProject Mathematics
The following discussion has been closed. Please do not modify it.

If anyone with some mathematical expertise is interested, I'd appreciate some additional input at Talk:Exponentiation#funny table at end. The question is whether our articles on various mathematical operations could use a navigational template (aka "{{Navbox}}"). Our Exponentiation article tried to use {{Mathematical expressions}} for this purpose, but it doesn't really work. I've created {{Mathematical operations}} as a potential alternative, but the categorization and presentation I've created is probably naïve. (The whole effort may or not be worth it at all.) —scs (talk) 00:36, 7 December 2024 (UTC)[reply]

Wikipedia talk:WikiProject Mathematics is a better forum for this kind of thing, since it's focused on Wikipedia's mathematical articles. --RDBury (talk) 04:07, 7 December 2024 (UTC)[reply]
@RDBury: Excellent point. Thanks. —scs (talk) 13:49, 7 December 2024 (UTC)[reply]

December 8

[edit]

For each positive integer , which primes are still primes in the ring ?

[edit]

For each positive integer , which primes are still primes in the ring ? When , is the original integer ring, when , is the ring of Gaussian integers, when , is the ring of Eisenstein integers, and the primes in the Gaussian integers are the primes , and the primes in the Eisenstein integers are the primes , but how about larger ? 218.187.66.163 (talk) 04:50, 8 December 2024 (UTC)[reply]

A minuscule contribution: for the natural Gaussian primes and are composite:
So is the least remaining candidate.  --Lambiam 09:00, 8 December 2024 (UTC)[reply]
It is actually easy to see that is composite, since is a perfect square:
Hence, writing by abuse of notation for we have:
More in general, any natural number that can be written in the form is not prime in This also rules out the Gaussian primes and  --Lambiam 11:50, 8 December 2024 (UTC)[reply]
So which primes are still primes in the ring ? How about and ? 220.132.216.52 (talk) 06:32, 9 December 2024 (UTC)[reply]
As I wrote, this is only a minuscule contribution. We do not do research on command; in fact, we are actually not supposed to do any original research here.  --Lambiam 09:23, 9 December 2024 (UTC)[reply]
Moreover, is also a perfect square. (As in the Gaussian integers, the additive inverse of a square is again a square.) So natural numbers of the form are also composite. This further rules out and A direct proof that, e.g., is composite: There are no remaining candidates below and I can in fact not find any larger ones either. This raises the conjecture:
Every prime number can be written in one of the three forms and
Is this a known theorem? If true, no number in is a natural prime. (Note that countless composite numbers cannot be written in any of these forms; to mention just a few: )  --Lambiam 11:46, 9 December 2024 (UTC)[reply]
I'll state things a little more generally, in the cyclotomic field . (Your n is twice mine.) A prime q factors as , where each is a prime ideal of the same degree , which is the least positive integer such that . (We have assumed that q does not divide n, because if it did, then it would ramify and not be prime. Also note that we have to use ideals, because the cyclotomic ring is not a UFD.) In particular, stays prime if and only if generates the group of units modulo . When n is a power of two times an odd composite, the group of units is not cyclic, and so the answer is never. When n is a prime or twice a prime, the answer is when q is a primitive root mod n. If n is 4 times a power of two times a prime, the answer is never. Tito Omburo (talk) 11:08, 8 December 2024 (UTC)[reply]
For your , and are the same, as well as and , this is why I use instead of . 61.229.100.34 (talk) 20:58, 8 December 2024 (UTC)[reply]
Also, what is the class number of the cyclotomic field ? Let be the class number of the cyclotomic field , I only know that:
  • for (is there any other such )?
  • If divides , then also divides , thus we can let
  • For prime , divides if and only if is Bernoulli irregular prime
  • For prime , divides if and only if is Euler irregular prime
  • for (is there any other such )?
  • is prime for (are there infinitely many such ?)
Is there an algorithm to calculate quickly? 61.229.100.34 (talk) 21:14, 8 December 2024 (UTC)[reply]

Can we say anything special about every pair of functions f,g, satisfying f(g(x))=f(x) for every x?

[edit]

Especially, is there an accepted term for such a pair?

Here are three simple examples, for two functions f,g, satisfying the above, and defined for every natural number:

Example #1:

f is constant.

Example #2:

f(x)=g(x), and is the smallest even number, not greater than x.

Example #3:

f(x)=1 if x is even, otherwise f(x)=2.
g(x)=x+2.

2A06:C701:746D:AE00:ACFC:490:74C3:660 (talk) 09:31, 8 December 2024 (UTC)[reply]

One way to consider such a pair is dynamically. If you consider the dynamical system , then the condition can be stated as " is constant on -orbits". More precisely, let be the domain of , which is also the codomain of . Define an equivalence relation on by if for some positive integers . Then is simply a function on the set of equivalence classes (=space of orbits). In ergodic theory, such a function is thought of as an "observable" or "function of state", being the mathematical analog of a thermodynamic observable such as temperature. Tito Omburo (talk) 11:52, 8 December 2024 (UTC)[reply]
After you've mentioned temprature, could you explain what are f,g, as far as temprature is concerned? Additionally, could you give another useful example from physics for such a pair of functions? 2A06:C701:746D:AE00:ACFC:490:74C3:660 (talk) 19:49, 8 December 2024 (UTC)[reply]
This equation is just the definition of function g. For instance if function f has the inverse function f−1 then we have g(x)=x. Ruslik_Zero 20:23, 8 December 2024 (UTC)[reply]
If f is the temperature, and g is the evolution of an ensemble of particles in thermal equilibrium (taken at a single time, say one second later), then because temperature is a function of state, one has for all ensembles x. Another example from physics is when is a Hamiltonian evolution. Then the functions with this property (subject to smoothness) are those that (Poisson) commute with the Hamiltonian, i.e. "constants of the motion". Tito Omburo (talk) 20:33, 8 December 2024 (UTC)[reply]
Thx. 2A06:C701:746D:AE00:ACFC:490:74C3:660 (talk) 10:43, 9 December 2024 (UTC)[reply]
Let be a function from to and a function from to Using the notation for function composition, the property under discussion can concisely be expressed as An equivalent but verbose way of saying the same is that the preimage of any set under is closed under the application of  --Lambiam 08:54, 9 December 2024 (UTC)[reply]
Thx. 2A06:C701:746D:AE00:ACFC:490:74C3:660 (talk) 10:43, 9 December 2024 (UTC)[reply]

IEEE Xplore paper claim to acheive exponentiation inversion suitable for pairing in polynomial time. Is it untrustworthy ?

[edit]

I just found https://ieeexplore.ieee.org/abstract/document/6530387. Given the multiplicative group factorization in the underlying finite field of a target bn curve, they claim to acheive exponentiation inversion suitable for pairing inversion in seconds on a 32 bits cpu.

On 1 side, the paper is supposed to be peer reviewed by the iee Xplore journal and they give examples on 100 bits. On the other side, in addition to the claim, their algorithm 2 and 3 are very implicit, and as an untrained student, I fail to understand how to implement them, though I fail to understand things like performing a Weil descent.

Is the paper untrustworthy, or would it be possible to get code that can be run ? 2A01:E0A:401:A7C0:152B:F56C:F8A8:D203 (talk) 18:53, 8 December 2024 (UTC)[reply]

About the paper, I agree to share the paper privately 2A01:E0A:401:A7C0:152B:F56C:F8A8:D203 (talk) 18:54, 8 December 2024 (UTC)[reply]

December 9

[edit]

If the Mersenne number 2^p-1 is prime, then must it be the smallest Mersenne prime == 1 mod p?

[edit]

If the Mersenne number 2^p-1 is prime, then must it be the smallest Mersenne prime == 1 mod p? (i.e. there is no prime q < p such that 2^q-1 is also a Mersenne prime == 1 mod p) If p is prime (no matter 2^p-1 is prime or not), 2^p-1 is always == 1 mod p. However, there are primes p such that there is a prime q < p such that 2^q-1 is also a Mersenne prime == 1 mod p:

but for these primes p, 2^p-1 is not prime, and my question is: Is there a prime p such that 2^p-1 is a prime and there is a prime q < p such that 2^q-1 is also a Mersenne prime == 1 mod p?

  • If 2^11-1 is prime, then this is true, since 2^11-1 is == 1 mod 31 and 2^31-1 is prime, but 2^11-1 is not prime
  • If 2^23-1 or 2^67-1 is prime, then this is true, since 2^23-1 and 2^67-1 are == 1 mod 89 and 2^89-1 is prime, but 2^23-1 and 2^67-1 are not primes
  • If 2^29-1 or 2^43-1 or 2^71-1 or 2^113-1 is prime, then this is true, since 2^29-1 and 2^43-1 and 2^71-1 and 2^113-1 are == 1 mod 127 and 2^127-1 is prime, but 2^29-1 and 2^43-1 and 2^71-1 and 2^113-1 are not primes
  • If 2^191-1 or 2^571-1 or 2^761-1 or 2^1901-1 is prime, then this is true, since 2^191-1 and 2^571-1 and 2^761-1 and 2^1901-1 are == 1 mod 2281 and 2^2281-1 is prime, but 2^191-1 and 2^571-1 and 2^761-1 and 2^1901-1 are not primes
  • If 2^1609-1 is prime, then this is true, since 2^1609-1 is == 1 mod 3217 and 2^3217-1 is prime, but 2^1609-1 is not prime

Another question: For any prime p, is there always a Mersenne prime == 1 mod p? 220.132.216.52 (talk) 19:03, 9 December 2024 (UTC)[reply]

Neither question is easy. For the first, relations would imply that the integer 2 is not a primitive root mod p, and that its order divides for the prime q. This is a sufficiently infrequent occurrence that it seems likely that all Mersenne numbers could be ruled out statistically, but not enough is known about their distribution. For the second, it is not even known if there are infinitely many Mersenne primes. Tito Omburo (talk) 19:23, 9 December 2024 (UTC)[reply]
I found that: 2^9689-1 is the smallest Mersenne prime == 1 mod 29, 2^44497-1 is the smallest Mersenne prime == 1 mod 37, 2^756839-1 is the smallest Mersenne prime == 1 mod 47, 2^57885161-1 is the smallest Mersenne prime == 1 mod 59, 2^4423-1 is the smallest Mersenne prime == 1 mod 67, 2^9941-1 is the smallest Mersenne prime == 1 mod 71, 2^3217-1 is the smallest Mersenne prime == 1 mod 97, 2^21701-1 is the smallest Mersenne prime == 1 mod 101, and none of the 52 known Mersenne primes are == 1 mod these primes p < 1024: 79, 83, 103, 173, 193, 197, 199, 227, 239, 277, 307, 313, 317, 349, 359, 367, 373, 383, 389, 409, 419, 431, 443, 461, 463, 467, 479, 487, 503, 509, 523, 547, 563, 587, 599, 613, 647, 653, 659, 661, 677, 709, 727, 733, 739, 743, 751, 757, 769, 773, 797, 809, 821, 823, 827, 829, 839, 853, 857, 859, 863, 887, 907, 911, 919, 929, 937, 941, 947, 971, 977, 983, 991, 1013, 1019, 1021 220.132.216.52 (talk) 20:51, 9 December 2024 (UTC)[reply]
Also,
but none of these primes p has 2^p-1 is known to be prime, the status of 2^(2^89-1)-1 and 2^(2^107-1)-1 are still unknown (see double Mersenne number), but if at least one of them is prime, then will disprove this conjecture (none of the 52 known Mersenne primes are == 1 mod 2^61-1 or 2^127-1), I think that this conjecture may be as hard as the New Mersenne conjecture. 220.132.216.52 (talk) 20:55, 9 December 2024 (UTC)[reply]
Also, for the primes p < 10000, there is a prime q < p such that 2^q-1 is also a Mersenne prime == 1 mod p only for p = 73, 151, 257, 331, 337, 353, 397, 683, 1321, 1613, 2113, 2731, 4289, 4561, 5113, 5419, 6361, 8191, 9649 (this sequence is not in OEIS), however, none of these primes p have 2^p-1 prime. 220.132.216.52 (talk) 02:23, 10 December 2024 (UTC)[reply]

December 10

[edit]

More on the above conjecture

[edit]

Above I posed:

Conjecture. Every prime number can be written in one of the three forms and

If true, it implies no natural prime is a prime in the ring .

The absolute-value bars are not necessary. A number that can be written in the form is also expressible in the form

It turns out (experimentally; no proof) that a number that can be written in two of these forms can also be written in the third form. The conjecture is not strongly related to the concept of primality, as can be seen in this reformulation:

Conjecture. A natural number that cannot be written in any one of the three forms and is composite.

The first few numbers that cannot be written in any one of these three forms are

They are indeed all composite, but why this should be so is a mystery to me. What do and which appear later in the list, have in common? I see no pattern.

It seems furthermore that the primorials, starting with make the list. (Checked up to )  --Lambiam 19:23, 10 December 2024 (UTC)[reply]

Quick note, for those like me who are curious how numbers of the form can be written into a form of , note that , and so . GalacticShoe (talk) 02:20, 11 December 2024 (UTC)[reply]
A prime is expressible as the sum of two squares if and only if it is congruent to , as per Fermat's theorem on sums of two squares. A prime is expressible of the form if and only if it is congruent to , as per OEIS:A002479. And a prime is expressible of the form if and only if it is congruent to , as per OEIS:A035251. Between these congruences, all primes are covered. GalacticShoe (talk) 05:59, 11 December 2024 (UTC)[reply]
More generally, a number is not expressible as:
  1. if it has a prime factor congruent to that is raised to an odd power (equivalently, .)
  2. if it has a prime factor congruent to that is raised to an odd power
  3. if it has a prime factor congruent to that is raised to an odd power
It is easy to see why expressibility as any two of these forms leads to the third form holding, and also we can see why it's difficult to see a pattern in numbers that are expressible in none of these forms, in particular we get somewhat-convoluted requirements on exponents of primes in the factorization satisfying congruences modulo 8. GalacticShoe (talk) 06:17, 11 December 2024 (UTC)[reply]
Thanks. Is any of this covered in some Wikipedia article?  --Lambiam 10:06, 11 December 2024 (UTC)[reply]

Assume p is 3 mod 4. Suppose that (2|p)=1. Then where . Because the cyclotomic ideal has norm and is stable under the Galois action it is generated by a single element , of norm .

If (2|p)=-1, then the relevant ideal is stable under and so is generated by , of norm . Tito Omburo (talk) 14:43, 11 December 2024 (UTC)[reply]

December 11

[edit]

Unique normal ultrafilter

[edit]

So I'm supposed to know the answer to this, I suppose, but I don't seem to :-)

"Everyone knows" that, in , Gödel's constructible universe relative to an ultrafilter on some measurable cardinal , there is only a single normal ultrafilter, namely itself. See for example John R. Steel's monograph here, at Theorem 1.7.

So I guess that must mean that the product measure , meaning you fix some identification between and and then say a set has measure 1 if measure 1 many of its vertical sections have measure 1, must not be normal. (Unless it's somehow just equal to but I don't think it is.)

But is there some direct way to see that? Say, a continuous function with such that the set of fixed points of is not in the ultrafilter no singleton has a preimage under that's in the ultrafilter? I haven't been able to come up with it. --Trovatore (talk) 06:01, 11 December 2024 (UTC)[reply]


December 13

[edit]