Nostr Web Client

A curious, if admittedly useless fact about Bitcoin' elliptic curve equation:

The 19th century French mathematician V. A. Lebesgue (*not* he of the famous "measure"; different guy), proved that there are *no* solutions in the integers (Z) for y^2 = x^3 + 7.

(That's the equation for secp256k1, except we don't calculate over Z, the infinite set of integers).

How?

First he points out that x is odd, since 8k+7 is never a square (if this bothers you, look up "quadratic residues").

Then he rewrites: y^2 + 1 = x^3 + 8 then factors the RHS as (x+2)(x^2 - 2x + 4) and completes the square of the second factor, and claims (x-1)^2 + 3 = 3 mod 4. (Do you see why x has to be odd?). This, he says, proves there is at least one prime p that is 3 mod 4 which divides x^2 -2x + 4. But y^2 +1 = 0 mod p is not possible if the prime p is 3 mod 4 (why? see: Legendre symbol; something that gets referred to quite regularly in libsecp and related calculations, btw, e.g. in BIP340).

Source : Silverman's "Arithmetic of Elliptic Curves" IX.7

#mathematics #bitcoin #cryptography

Reply to this note

Please Login to reply.

Discussion

modulo 10mo ago

thenks for sharing!

lontivero 10mo ago

I was always asking myself how is that nobody had solved it, and now I finally have the answer in a post that for you was just a useless curiosity. Thank you.

waxwing 10mo ago

You were always asking how come people couldn't find integer solns? Is that what you meant?

I guess, it would be nicer, when teaching/explaining to people, if there were some easy to calculate point, like (1,3) or something.

jimmysong 10mo ago

Not completely useless. I wanted to use this equation as an example for Chapter 2 of my book and realized this, so changed to y^2=x^3+5x+7 instead, which has a bunch of integer solutions.

Also, wen MathJAX for Nostr?

waxwing 10mo ago

Yeah math formatting would be nice. I guess it's a client thing, though a 5 billionth NIP may also help :)