A survey of computational class field theory

(1)

J

OURNAL DE

T

HÉORIE DES

N

OMBRES DE

B

ORDEAUX

H

ENRI

C

OHEN

A survey of computational class field theory

Journal de Théorie des Nombres de Bordeaux, tome

11, n

o

_{1 (1999),}

p. 1-13

<http://www.numdam.org/item?id=JTNB_1999__11_1_1_0>

L’accès aux archives de la revue « Journal de Théorie des Nombres de Bordeaux » (http://jtnb.cedram.org/) implique l’accord avec les condi-tions générales d’utilisation (http://www.numdam.org/conditions). Toute uti-lisation commerciale ou impression systématique est constitutive d’une infraction pénale. Toute copie ou impression de ce fichier doit conte-nir la présente mention de copyright.

Article numérisé dans le cadre du programme Numérisation de documents anciens mathématiques

(2)

A

_Survey

of

_{Computational}

Class Field

_Theory

par HENRI COHEN

RÉSUMÉ. Le but de cet article est de décrire les avancées récentes

dans la théorie

_{algorithmique}

du _corpsde classes. Nous

expliquons

comment _{calculer les groupes de}classes de _rayonainsi _queles dis-criminants des corps de classes

correspondants.

Nous donnons

ensuites les trois méthodes

_principales

utilisées pour le calcul des

équations

des corps de classes : la théorie de

Kummer,

les unités

de Stark et la

_{multiplication complexe.}

En utilisant ces

tech-niques, nous avons _puconstruire de nombreux nouveaux _corps

de nombres _{intéressants,}en

particulier

_ayantun discriminant très

proche

des bornes

_d’odlyzko.

ABSTRACT. We

_give

a _surveyof

_{computational}

class field

_theory.

We first

_explain

how to _compute_ray_{class groups and} discrimi-nants of the

_{corresponding}

ray class fields. We then

explain

the three main methods in use for

_computing

an _equationfor the class

fields themselves: Kummer

_theory,

Stark units and

_complex

mul-tiplication. Using

these

techniques

we can _{construct many}new

number

_{fields, including}

fields of _verysmall root discriminant.

Let K be a number field and let m =

momoo be a modulus in

K,

i.e. _mois an

integral

ideal and moo is a set of real

_places

of K. To such a modulus is

attached a _rayclass _group

Clm(K)

which

generalizes

the notion of

ordinary

class _{group. In}

_addition,

to each

_subgroup

C of

_Clm(K)

_including

the

trivial

_subgroups

is attached an

(isomorphism

class

of)

Abelian extension

L/K

by

class field

_theory,

such

_that,

_{among other}

_properties,

C

The main

_problems

of

_{computational}

class field

_theory

deal with the

ex-plicit computations

of all these

_{objects. Thus,}

this _{paper is}divided in three

parts.

In the first

_part,

we

_explain

the

_computation

of

Clm (K)

and its

subgroups,

and we

explain

how to

_compute

the discriminant of the

corre-sponding

extension

_L/K,

which is _{very easy}to do once one has the tools

for

_computing

_Clm(K).

In the second

_part,

we

_explain

the three known methods for

_computing

an

explicit equation

for In the last _part,we

(3)

The work described here is

_essentially

work done

_jointly

with F. Diaz _y Diaz and M.

_Olivier,

with extra references to work of R.

_Schertz,

X.

_Roblot,

M. Pohst and C. Fieker.

1. COMPUTATION OF RAY CLASS GROUPS

We will denote

_{by 7~K}

the

_ring

of

_integers

of the number field

_K,

_by

Cl(K)

its _{class group and}

_U(K)

_{its unit group.}If m is a modulus of

K,

the

basic _{exact sequence}

_involving

the _rayclass _group

_Clm(K)

is

Thus,

to

_compute

_Clm(K)

and its

_subgroups,

we need to do four

_things:

.

_Compute

_Cl(K)

_and

_U(K).

Deal with exact _sequencesof Abelian _groups

_(in

_particular

when

_they

are

_nonsplit).

~

_Compute

~

Compute

the

_subgroups

of a

_given

Abelian _group.

We consider these

_problems

in turn.

1.1.

_Computation

of

_Cl(K)

and

_U(K).

The

_computation

of

_Cl(K)

and of

_U(K)

has been the

_subject

of intensive work in the

_past

_years

(Hafner-McCurley,

Buchmann et

_al,

Pohst et

_al,

Cohen-Diaz y

Diaz-Olivier,

see

for

_example

_[4]

and

_[7]).

It is now

_possible

to _compute_{these groups}

un-conditionally

for number fields of

_degree

_{up to}12 to 15 and not too

_large

discriminant,

and under the Generalized Riemann

_Hypothesis

_(GRH)

for

number fields _{up to}

_degree

40 and reasonable discriminant.

Together

with this

_computation,

one also solves the

_principal

ideal

prob-lem : _expressan ideal on the class _group

_generators,

and even more

impor-tantly

find

_generators

of

_principal

ideals.

The main idea to

_perform

this

_computation

is to choose an a

_priori

set of

generators

(gi)m2k

for the class _{group, the}so-called

_{factor base,}

and to find

sufficiently

many relations between these

generators

by

looking

for elements of small norm or

_by

_reducing

ideal

_products,

we refer to loc. cit. for details. The main difference between the conditional and unconditional

_algorithms

comes from the choice of these

_generators:

if we assume

_GRH,

we _maytake

the gi

to be the ideal classes of

_prime

ideals of norm less than

equal

to

according

to a theorem of E. Bach

(see

~1~).

If on the other

hand GRH is not

_assumed,

one must take a bound such as the Minkowski

bound or a similar

_bound,

which is

_proportional

to

Vld(K)1,

hence _very

large.

Although

quite

difficult and

_long

to

_implement,

this is now

classical,

(4)

1.2.

_Computation

on Exact

_Sequences

of Abelian

_Groups.

_Since

exact _sequencescan

_always

be considered as the

_composition

of 3-term

exact sequences, we consider

only

those

(although

in

_practice

we

proceed

slightly

differently).

The

_problem

is

_simply

as follows. Given such a three

term exact _sequenceof Abelian _groups

with

_{explicitly given}

_mapsbetween the _groups

_(in

some well defined

_sense),

given

two of the _groups,

_compute

the third one.

First,

we need to

_explain

how to

_"give"

an Abelian _group,A. The canonical

way is to write it in Smith Normal Form

_(SNF),

i.e. to write

where for all i m we have

ai+i

_{ai, a2}> 1 for all

_i,

and ai E .A of order

exactlyai.

The

_{elementary divisors ai}

_(not

the

_{cx2 )}

are

_unique,

and the SNF

of an Abelian _groupA can

_easily

be obtained from _any

_complete

_system

of

generators

and relations for ,A

_by

_using

the SNF

_algorithm

_(see

for

_example

[4],

Algorithm 2.4.14).

We will set

_DA

to be the

_diagonal

matrix of the

ai, A to be the row vector of the _{ai ,}and write

_simply

_

(A, DA).

Note

that,

in the

_above,

we have

_carefully

avoided

_isomorphisms

and used

_explicit

equalities.

This is essential in all

_{computational}

work

_(strictly

_speaking,

the

use of

_implies

an

_isomorphism,

but it is an

_extremely

convenient

shorthand) .

An Abelian _{group is however}often not considered as an abstract struc-ture, but as a

_subgroup

of a

larger

_{group. In this}_case,there is another

representation

which is

_preferable.

To define

_it,

we need another

_special

form of

_matrices,

which is even more essential than that of

SNF,

the notion

of Hermite Normal Form

_(HNF).

We will _saythat a matrix H is in HNF

if it is a _{square upper}

_triangular

matrix H = with

strictly

positive

diagonal

coefficients

_hi,i,

and with the

_off-diagonal

coefficients

_satisfying

0

_hi,j

_hi,i

_{for j}

> i. The main theorem about the HNF is that

_given

any k

x m matrix M of maximal rank k

(so

that m >

1~),

there exist a

_unique

HNF matrix

_H,

and a unimodular matrix U such that MU = The

columns of H form a Z-basis of the module

generated by

the columns of

M,

and the m - k first columns of U form a Z-basis of the Z-kernel of M. In

_addition,

there are efficient

algorithms

to _computesuch a

_{decomposition}

(see

for

_example

_[4],

_Algorithm

_2.4.8).

Let us come back to the

representation

of

subgroups.

Let B =

(B, DB)

be an Abelian _group.Then it is easy to show that

_subgroups

of ,~3 are in one to one

correspondence

with left divisors H of

DB

(i.e.

_integral

matrices H such that

_{H-1 DB}

is also

_integral)

which are in

_HNF,

the columns of H

giving

the

_generators

of the

_subgroup

in terms of the _generatorsB of the

(5)

group B. It is not difficult to go back and forth from a

_subgroup

to an SNF

representation

of a

subgroup.

For exact _sequences

we have three

problems

to solve:

given

A and

l3,

_compute

C

(computing

a

quotient),

given

Band

_C,

_{compute A}

_(computing

a

kernel),

and

_given

A

and

_C,

_compute

t3

_(computing

an

extension).

Of course it is essential that

the

_{maps 0}

_{and 1b}

be

_specified

_explicitly

in some _way,otherwise the

_problem

does not make sense.

All these

_problems

can be solved _very

_simply

_using

the HNF and SNF

algorithms

(see

[8]

for

_details).

In

_particular,

there is no

difficulty

in

com-puting

group extensions in

practice,

even when the exact _sequencedoes not

split.

For the reader’s

interest,

we

_give

the method in that case.

Let A =

(A, DA)

and C =

(C, Dc)

be

given,

_aswell _asthe

maps 0

and

Write A =

(ai),

DA

=

(ai),

C = and

Dc

=

(ci).

Since 0

is

surjective,

we choose

arbitrary

lifts

of 7i

to

_,L3,

i.e. such that

_{~(~3Z) _}

and let B’

be the row vector of the

_Oi’.

Then =

1C,

hence there exists

0152~

_EA

such that

_{~(a~,) _}

Let P be the matrix whose columns are the

exponents

of

_0152~

on the

_given

_generators

_aiof A. If G =

(O(A)IB’)

and

M =

-P ,

then

(G, M)

is a

_complete

_system

of

_generators

and

B

Lt

_C

relations for _{the group}

_B,

from which one

_computes

the SNF

(B, DB)

_using

the SNF

_algorithm.

1.3.

_Computation

of and of

_Clm(K).

_Although

a _verynatural

problem,

the

_{explicit computation}

of is not at all _{easy in}

_theory.

There is a _paper

by

Nakagoshi

[17]

dealing

with this

problem,

but the answer

is not at all

_{satisfactory,}

even for

_algorithmic

_purposes.We

_explain

here

how the

_computation

can

easily

be done in

_practice,

although

it leaves _open a more theoretical answer

(which

probably

does not exist in

simple

terms).

By

the Chinese remainder

_theorem,

we can

easily

reduce to the case

where the modulus m is of the form

p k

for a

prime

ideal p. Let _pbe the

prime

number below p.

To

_compute

we first remove the

prime

to p

_part,

which is

isomorphic

to

_{(ZK/P)* -}

(7G/(pf -

_1)Z),

where

_f

=

f (p/p)

is the residual

index of _pover _p.This is easy, and of course must be done without

using

isomorphisms.

We are left with the _group

G pk=

(1

+

_p)/(1

+

To

_compute

this _group,two methods can be used. The first natural one is the use of

p-adic

logarithms.

Indeed,

additive structures are much

easier to _computethan

_{multiplicative}

_ones,and

_{if p}

is not too

_ramified,

more

_precisely

when

_e(p/p)

_{p -}

_1,

the

_p-adic

_logarithm

function

_gives

(6)

group which can

_easily

be

_computed

_(once

_{again using}

HNF and SNF

techniques) .

When this method

_fails,

i.e. when

_{e(p/p) >}

_{p -}

_1,

we must use another

method,

which is the

_computation

_by

induction. Such a method was

already

used

_by

Hasse and revitalized

_by

Pohst and

_{collaborators,}

who _compute

_Gpk

in terms of

_{G, k-1.}

_{To go}

_faster,

we

prefer

_doubling

the _exponentat each

step

and use induction on the exact _sequences

together

with the trivial

_isomorphisms

Of course the above exact _sequencesare treated

_using

the tools mentioned

in the

_preceding

section.

Once has been

_computed,

we use once

_again

the tools

_developed

for

_computing

on exact _sequencesto

_compute

the _ray_{class group}

_{Cl m (K) .}

We note that at the same

_time,

_{it is easy}to

_develop

a

principal

ideal

algo-rithm in

_{Clm (K),}

which not

_only

_saysif an ideal becomes trivial in the ray

class group, but finds a

_generator

_{multiplicatively}

_congruent

to 1 modulo m

if it is.

1.4.

_Computation

of the

_Subgroups

of an Abelian

Group.

Once

Clm(K)

is

_computed,

to obtain all Abelian extensions of .K of modulus m

by

class field

_theory,

we also need to

_compute

all

_possible

_subgroups

of the

Abelian _groupG =

Clm(K).

To do

this,

_we

proceed

_asfollows. First write

G ~

_EBGp,

where

_Gp

is the

_{p-Sylow subgroup}

of G. Then

_subgroups

A of G

are in a

_unique

_wayof the form A = where

Ap

is a

_subgroup

of

Gp.

Thus,

we can reduce the

_problem

to

_finding

all

_subgroups

of _{a p-group.}Note that in the above

_description,

it is essential to chase

_though

all the

_implicit

isomorphisms using

Chinese remainder theorem

_techniques,

and this is a

little

_painful

but

_absolutely

_necessary.

Thus,

assume now that G is _{a p-group}of SNF D =

According

to the

_{correspondence explained above,}

_{finding subgroups}

of G amounts to

finding

all the HNF left divisors H of D.

If D is of _verysmall

size,

this is _easy. For

_example,

if m =

1,

then

H

_{= (ei)}

with _{el ~}

_I

_{cl .}If m =

2,

then _animmediate calculation shows that

H =

0 e 2

with

_c2

for i = 1 and

2,

and

_fi

=

0

2

with 0 1k

_{gcd(el, c2/e2).}

For

_larger

values of m, the answer to this

_problem

has been

_given

com-pletely by

G. Birkoff in 1934

_[2],

and is too

_complicated

to state here. It is however

_{completely algorithmic.}

I was not aware of this result at the

(7)

time of _my

_talk,

and I am

grateful

to L.

_Habsieger

and L. Butler for

hav-ing

pointed

it out to me. Birkhoff’s _papercontains _many

_misprints,

and

I refer to L. Butler’s memoir

_[3]

for a detailed statement and

improve-ment of Birkhoff’s theorem

_(K.

Belabas has

_implemented

Butler’s version

of Birkhoff’s theorem in

_Pari,

with

_apparently

correct

_results,

and Butler herself has done so, hence

presumably

there are no

_misprints

in her

state-ment).

2. COMPUTATION OF RAY CLASS FIELDS

We now come to the more difficult but more

_interesting

_part

of the

_theory:

the

_computation

of the class fields themselves.

2.1.

_Computation

of Conductors and Discriminants.

_Using

the tools

explained

in Part 1 that are now at our

disposal,

we can

already perform

quite

a number of

interesting

computations,

as we now

_explain.

For all the

details on these

_{computations,}

I refer to

_[9].

First,

let

_{(m, C)}

be a _congruence

_subgroup,

in other words C is a

_subgroup

of the _group

1m

of fractional ideals

_coprime

to m

_containing

the _group

Pm

of

_principal

ideals

_{generated by}

an element

multiplicatively

_congruent

to 1 modulo m, or

_equivalently

the set C of ideal classes is a

_subgroup

of

Cln,(K).

We need to

_compute

the conductor of this congruence

subgroup,

i.e. the smallest modulus n for which C can be defined modulo n. This

is now _very

simple.

If n

I

_m,denote

by

the natural

surjection

from

Clm(K)

to and set

_{h(m, C) _}

Then for _every

_place

p

dividing

m

(finite

or

infinite),

_compute

If for _any_pthis

is

_equal

to

_{h(m, C),}

_replace

m

by

m/p

and start

again

the whole _process.We

stop

when

_h(m/p,

_sm,m/p(C))

_{h(m, C)}

for all p, and

(m, C)

is our desired

conductor.

Second,

let

_L/K

be an Abelian extension

(unique

_{up to}

isomorphism)

corresponding

to a _congruence

subgroup

(m, C)

by

class field

theory.

Then even without

_assuming

that

(m, C)

is minimal

(i.e.

that m is the conductor

of the

_extension,

or

equivalently

of the congruence

subgroup

(m, C)),

we can

easily give

some information on the field L. The

signature

is

easily

obtained

(in

fact it is trivial if m is known to be the

conductor,

since in that case the

real

_places

which

_ramify

in

_L/K

are

exactly

those

dividing

m).

But there also exists a nice formula for the relative discriminant

-O(LIK)

(hence

also for the absolute discriminant

_{d(L) =}

(8)

with

Thus,

although

the field L is in

_general

not

_uniquely

determined

_by

its

signature

and

_{discriminant,}

we have

_pretty

_good

control over it. For

exam-ple,

if we are

_looking

for number fields of

_reasonably

small discriminants

(see

applications

below),

one can

_immediately

tell whether a field L will be

interesting

or not before

_computing

_explicitly

an

_equation

for it.

Third,

we can

_easily

_compute

the norm _groupof a

_given

Abelian extension

L/K.

Here,

we assume that

L/K

is

_{given explicitly}

_(this

will be the case

later).

We

_proceed

as follows. Let m be a known

multiple

of the conductor

of

_L/K,

for

_example

the relative discriminant

_c~(L/K)

_together

with the

real

_places

of K which

_ramify

in

_L/K.

Let

_{(C, Dc)}

be the SNF of the _ray class group

Clm(K),

and denote

_by

n the relative

degree

[L : K].

Initialize a matrix M to the

_diagonal

matrix

_Dc.

For each

_prime

ideal p of K not

dividing

m do as

_follows,

until the determinant of M is

_equal

to n.

Compute

the factorization of

_p7GL

into

_prime

_{ideals q3}

of

Z L.

Since

_L/K

is

_Abelian,

all the relative residual

_degrees

_f(fl3/p)

will be

_equal,

_sayto

_{f .}

Let L be

the column vector of the

exponents

of p on the

_generators

C of

Clm(K).

Finally,

concatenate M with the one column matrix

_{f L,}

and

_replace

M

_by

the HNF of this concatenation. It _{is easy}to show that the determinant of

M will

_always

be a

multiple

of n, and that after a small number of

_steps

the

matrix M will have determinant

_exactly

_equal

to n. When this

happens,

M

is a left divisor of

Dc

which

_gives

the norm _group

(i.e.

the kernel

of the Artin

_map)

on the

_given

_generators

C of the class _group.

>From

_this,

it is of course trivial to

_compute

the conductor of the Abelian

extension

_L/K:

set m

equal

to a known

_multiple

of the conductor of

L/K,

say as above the relative discriminant

together

with the ramified real

places.

Let C be the norm _groupfor the modulus m as

computed

above. Then the

conductor of _{the congruence}

_subgroup

_{(m, C)}

_computed

as

_explained

at the

beginning

of this section is the conductor of the Abelian extension

_L/K.

If

_desired,

it is also _easyto

_compute

the conductors of individual

charac-ters of the extension

_L/K.

2.2. Generalities on Class Field Constructions. We now must deal with the more difficult task of

finding

an

explicit

relative or absolute

equa-tion for the extension

_{L / K,}

_knowing

_only

that it

_corresponds

to a

_given

congruence

subgroup

(m, C)

by

class field

theory.

To _my

_knowledge,

there are three methods to do

_this,

which we shall

examine in turn

_(there

is a fourth

method,

used

long

_ago

by

a

_{distinguished}

colleague,

which is

_{essentially using}

one’s nose, but this does not count as an

algorithm).

(9)

. Kummer

_theory.

This method has the

_advantage

_of

_complete

gen-erality,

and in fact is also the method used in the theoretical

_proof

of the

Takagi

existence theorem of class field

_theory.

Its main

_disadvantage

is that

it

_requires

_sufficiently

_manyroots of

_unity

in the base

_field,

hence in

_general

these have to be

_adjoined

to the base

_field,

so the

_computations

are done in much

_larger

fields than

_apparently

_{necessary. In}

_addition,

_{it is necessary}to

have suitable tools to _goback down from the

_larger

fields to the fields that

we want.

9 The use of Stark’s

_conjectures.

The

_explicit

construction of _ray class fields

_by

the use of elements

(in

fact

units)

obtained

by

_analytical

means was one of the main motivations for Stark’s

_conjectures.

The use

of these

_conjectures

has now been

_put

in a

_precise

and

_{general algorithmic}

form

_by

X. Roblot

_(see

_{[18], [19]}

and

_[10]).

This method can be used

_only

when the base field K is

_totally

real

(al-though

I have been told that it may be

_possible

to treat also the case where

K has a

_single

_complex

_place,

i.e. 2

_complex

_conjugate

_embeddings).

The fact that an

_{unproved conjecture}

is used here is

_completely

_unimportant,

since once the field L is

_obtained,

_{it is easy}to show that it is the desired

ray class field.

. The _useof

_complex

_{multiplication.}

This method _is_very

_efficient,

but

_{applies only}

when the base field is an

_{imaginary quadratic}

field. The

principles

behind the method have been known for a

_century

(the

use of the

values of the

_elliptic

modular

_{invariant j (T)}

at

_quadratic

_points),

but it is

only recently

in

_particular

thanks to work of R. Schertz

_(see

_{[20], [21]}

and

[22])

that the method has become

_{algorithmically}

useful.

We consider these methods in turn in a little more detail.

2.3. Kummer

_Theory.

An _easyreduction which can be made

(in

_every

method,

not

_simply

in Kummer

_theory),

is to reduce to

_cyclic

extensions of

prime

power

degree.

The desired extension

L/K

will

simply

be the

composi-tum of its

_cyclic

_prime

_power

_degree

_{subextensions,}

and the

_{corresponding}

congruence

subgroups

are

completely

under control. This reduction should

be made _{in any}case.

>From

_there,

two methods can be used. One is to reduce the

_cyclic

extension of

_prime

_power

_degree

to a tower of

_cyclic

extensions of

_prime

degree,

in order to

_apply

a theorem of Hecke

specific

to such extensions

describing completely

the ramification

_properties.

The other method is to use

directly

the Artin _mapfrom ideals to the

Ga-lois _groupof the desired

_extension,

and

_{implicitly forget}

about ramification

properties.

This method has been introduced

_by

C. Fieker

_(see

_[11])

and

is

_certainly

much more efficient in the

_general

case. I refer to his _paperfor details. Here we describe

_briefly

the first method.

(10)

Thus,

assume that we want to find a

_cyclic

extension

_L/K

of

_prime

degree I

corresponding

to a

given

_congruence

subgroup

(m, C).

Thanks to

the

_preceding

_section,

we _mayassume that

(m, C)

is

_minimal,

i.e. that it is the conductor of the extension

_L/K.

To

_apply

Kummer

_theory,

we need to

_adjoin

to K the f-th roots of

_unity,

which in

_general

are not all in K.

_Hence,

_{if (}

is a

_primitive

f-th root of

unity replace

L/K

by

the extension

_Lz/Kz

=

L(~)/K(~).

Then Kummer

theory

tells us several

things.

. There exists 0152 E

_Kz

such that

Lz

=

. The number 0152 must

_{satisfy ramification}

conditions

_coming

from a the-orem of Hecke which

completely

describes the ramification

_properties

and

the relative discriminant of such a Kummer extension.

~ The number a must

_satisfy

Galois conditions

_coming

from the fact that

the extension

_Lz/K,

which is the

_compositum

of the Abelian extensions

L/K

and is Abelian. This is

_equivalent

to the use of

_Lagrange

resolvents.

These conditions can be transformed into conditions

_involving

only

linear

algebra,

and we can thus reduce to a small finite set of a. There is almost

no search in this _step.

For each of the tentative _a,we then

_compute

the norm _group

_using

the

method

_explained

in the

_preceding

_section,

and

_exactly

one of the a will

give

a norm _group

equal

to C. Once the correct a is

obtained,

it is easy to

compute

the relative

_equation

for

_L/K,

and also the absolute

_equation

for

L/Q

if desired.

2.4. The use of Stark’s

Conjectures.

For this

section,

I refer to

[18],

[19]

and

_[10].

The main

_inefficiency

of the

_algorithmic

use of Kummer

theory

is the

necessity

of

_adjoining

an f-th root of

_{unity (,}

which transforms the base field K into a base field

_Kz

=

K(()

of much

larger degree.

When K is

_{totally real,}

there exists a

completely

different method which uses Stark’s

conjectures

and Stark units.

Let

_L/K

be an Abelian extension of

K,

and let S be the set of infinite

places

of K

_together

with the

_prime

ideals of K which

_ramify

in

_L/K.

Let Art be the Artin map from the ideals of K

coprime

to S to

Gal(L~K).

For Q E

_Gal(L/K),

define

If there exists a

unique

real

embedding

T of K into C which is unramified

in

_{L/K (i.e.}

which has

_only

real

_extensions),

then Stark’s

_conjecture

asserts

(11)

we have

To obtain an extension

L’/K

satisfying

the condition of the

_conjecture,

it

is

_enough

to choose L’ =

L(fl)

for _a

satisfying

suitable conditions. Once

the unit E’ E L’ is

_found,

one can come down to L

_{by setting}

c = e’ +

_{1/ ê,’,}

and it can be shown that L =

K(e).

Several non-trivial technical details must be

_solved,

in

_particular

the numerical

_computation

of but this leads to a

_reasonably

efficient

method. The

_{generating polynomials}

which are obtained

_usually

have

_large

coefficients and must be reduced

_using

well known

_polynomial

reduction methods such as the Polred

_algorithm

of Pari

(see

[6]).

When

_applicable

(i.e.

when the base field K is

_totally

_real),

this method

_performs

much faster than the method

_using

Kummer

_theory,

_except

when K

_already

contains

all the necessary roots of

_unity

_(for

_example

when

_{[L : K]}

= 2 _{or more}

generally

when

_Gal(L/K)

is an

_elementary

2-group).

_Only

in that case is

it

_preferable

to use Kummer

theory

or _genus

_theory

when

_applicable.

2.5. The use of

Complex

Multiplication.

For this

_section,

I refer to

[20], [21]

and

_[22]

_(see

also

_[23]

and

_[12]).

Let K be an

_{imaginary quadratic}

fields.

If j (T)

denotes the usual modular

function,

the modular invariance

_implies

that one can

define j (a)

for an ideal

a, and the

polynomial

is an irreducible

polynomial

which defines the Hilbert class field of

K,

i.e. the

ray class field

corresponding

to the trivial modulus m =

7GK.

Modifications of this construction

_using

the Weierstraf5 p function

gives

also ray class fields.

The

_problem

with this method is that the size of the coefficients of the

polynomials

obtained in this _wayis _very

_large

₍₁₀

or 20

digits

even for small

discriminants).

The use of other functions such as Weber’s functions is well known to

improve

dramatically

the situation

_(see

_{[23], [12]).}

The

_problem

with these functions is that

_they

do not work in all cases

(one

often has to assume that

the discriminant of the

_quadratic

field is

_prime

to

_3,

or in

_given

_congruence

classes modulo

_8).

In the _{worst cases,}

_they

_give

_polynomials

with coefficients

which are

_again

too

_large

to be

_practical.

A

_systematic

treatment of this

_{algorithmic problem}

_using

a

_quotient

of a

product

of

_{two 71}

functions has been

_given

in the 1980’s

_by

R.

_Schertz,

together

with non-trivial

_{generalizations}

to the case of _rayclass fields. This

(12)

fields of

_{imaginary quadratic}

fields _{in very}little time. This method

_always

gives polynomials having relatively

small coefficients

_(although

_necessarily

still

_{exponentially growing}

with the size of the

_{discriminant,}

as will all

methods based on modular

functions),

_although

the coefficients are a little

larger

than the ones obtained with the Weber functions in the

special

cases

where these functions

_give

_good

results.

For

_instance,

we have the

following

theorem of Schertz. Note that

con-dition

₍₂₎

was

forgotten

in his _papers.

Theorem 1. Let be a

_system

of

_{representatives of}

the ideal

classes

_of

K = chosen to be

primitive.

Let

p and q be ideals

of

K

of

norm _pand _q

respectively.

Assume that:

1. The ideals p and q are

primitive

ideals which are

non-principal.

2.

_If

both the classes

_of

p and q are

of

order 2 in the class _group,these

classes are

equal.

3. For

_{all i,}

pqt1i is a

_primitive

ideal.

4. e is a

positive integer

chosen such that 24

e(p - 1)(q - 1).

Set

, I , ,. , .. ~ h

where aipq =

ai (pqZ

Then

_P(X)

E

_Z[X],

it is irreducible in

_Z[X]

and also in

_K[X],

its constant term is

_equal

to

_::i:1,

and the

_field

obtained

_{by adjoining}

to K a

root

_{of P is}

the Hilbert class

_{field of}

K.

For similar results

_leading

to the construction of _{ray class}

_fields,

see

[21]

and

_[22].

3. APPLICATIONS AND SOFTWARE

3.1.

_{Applications. Apart}

from the intrinsic interest of

_computing

ray class

fields,

the main

_application

of the above

_algorithms

is the construction of

new number

_fields,

in

_particular

number fields of small

discriminant,

or

large

tables of number fields

_having

_given

Galois _group.As

_{already mentioned,}

all the

_{implementations}

and the

_{applicationss}

are

_joint

work with F. Diaz

y Diaz and M. Olivier.

~ Small discriminants. We have found _manynumber fields

having

smaller discriminants than

_previously

known ones, and very close to the

GRH bounds

_(often

less than

_1%).

For

_example,

in the

_{totally complex.}

case, J. Martinet in

[16]

gives

a table of the best known fields for

_degree

_up

to 80

_(using

similar

_methods,

but more

adapted

to hand

_{computation).}

We

have obtained better fields for 10 cases

_ranging

from

_degree

12 to

_degree

(13)

found

_by

Leutbecher and Niklash in

_[15]

while

_searching

for small Euclidean

fields).

For

_example,

in

_degree

_12,

the

_{totally complex}

field of smallest known discriminant is

_{generated by}

the

_polynomial

whose root discriminant is

_only

0.843%

above the GRH bound. I refer to

[9]

for the other

_examples

and details.

o Tables of octic fields. We have made extensive

_systematic

tables of

all octic fields

_containing

a

_{quartic subfield,}

with more than 10000 fields _per

signature.

In

_addition,

we have

computed

all the minimum discriminants

for the

_possible

_pairs

Galois _group,

_signature,

for such fields. Some were

missing

from the tables obtained from the main

_computation,

hence we

extended the tables as

needed, using

the

specific

_properties

of the Galois

group we were

_looking

for.

In

_particular,

we found a

large

number of

nonisomorphic

arithmetically

equivalent

fields

_(i.e.

_having

the same Dedekind zeta

_function)

correspond-ing

to

_exactly

2

_specific

Galois groups in

degree

8,

and we also found

many sets of

nonisomorphic

number fields

having

the same

discriminant,

the

_{largest having}

11 elements.

3.2. Software. Two

_packages

can be used

_freely

for the above

computa-tions :

The

_KANT/KASH

_package

from

_Berlin,

under the

_supervision

of

M. Pohst. This is available from:

ftp.math.tu-berlin.de

The

_PARI/GP

_package

from

_Bordeaux,

under _my

_supervision

_(and

now

under the

_supervision

of K.

_Belabas).

This is available from:

megrez . math . u-bordeaux . f r

Mention should be also made of the much

_larger

software

_package

MAGMA which contains KANT and a

_part

of _PARI,under the

supervision

of J. Cannon in

_Sidney.

Number

_theory

is

_only

a minor

_part

of this

pack-age, which also contains functionalities for many other

algebraic subjects,

Although

non-commercial,

this

_package

is not

_free,

however.

Finally,

the C++ software

_library

LiDIA from Darmstadt under the

su-pervision

of J . Buchmann is also a remarkable

_package,

and will soon contain

(14)

REFERENCES

[1] E. _Bach,_Explicitbounds for primality testing and related _problems,Math. Comp. 55 _(1990), p. 355-380.

[2] G. _Birkhoff,_Subgroupsof Abelian groups, Proc. Lond. Math. Soc. ₍₂₎38 _(1934-5),_p. 385-401.

[3] L. Butler, Subgroup Lattices and Symmetric Functions, Memoirs of the A.M.S. 539 _(1994).

[4] H. Cohen, A Course in Computational Algebraic Number _Theory,GTM 138, Springer-Verlag, Berlin, Heidelberg, New-York _(1993).

[5] H. _Cohen,Hermite and Smith normal form algorithms over Dedekind domains, Math. Comp. 65 _(1996),p. 1681-1699.

[6] H. Cohen and F. Diaz y Diaz A polynomial reduction _algorithm,Sém. Th. des Nombres

Bordeaux _{(série 2),}3 _(1991),_{p. 351-360.}

[7] H. _Cohen,_{F. Diaz y Diaz}and M. _{Olivier, Subexponential}_algorithmsfor class and unit

group computations, J. _Symb.Comp. 24 _(1997),_{p. 433-441.}

[8] H. Cohen, F. Diaz y Diaz and M. Olivier, Algorithmic methods for _{finitely generated}Abelian

groups, J. Symb. Comp., to appear.

[9] H. _Cohen,F. Diaz y Diaz and M. Olivier, Computing ray class groups, conductors and

discriminants, Math. Comp. 67 _(1998),p. 773-795.

[10] H. Cohen and X. _Roblot,_Computingthe Hilbert class field of real quadratic fields,

Math. Comp., to appear.

[11] C. Fieker, Computing class fields via the Artin map, J. Symb. Comput., to appear.

[12] A. Gee, Class invariants by Shimura’s reciprocity law, J. Théor. Nombres Bordeaux 11

(1999), 45-72.

[13] E. _Hecke,Lectures on the theory of _algebraicnumbers GTM 77, Springer-Verlag, Berlin,

Heidelberg, New York _(1981).

[14] A. _Leutbecher,Euclidean fields _havinga _largeLenstra _constant,Ann. Inst. Fourier 35, 2

(1985), p. 83-106.

[15] A. Leutbecher and G. _Niklasch,On _cliquesof _exceptionalunits and Lenstra’s construction

of Euclidean _fields,TUM Math. Inst. preprint M8705 _(1987).

[16] J. _Martinet,Petits discriminants des corps de nombres, Journées arithmétiques 1980

(J.V. Armitage, Ed.), London Math. Soc. Lecture Notes Ser. 56 _(1982),p. 151-193.

[17] N. Nakagoshi, The structure of the multiplicative group of residue classes modulo PN+1, Nagoya Math. J. 73 _(1979),p. 41-60.

[18] X.-F. Roblot, Unités de Stark et corps de classes de Hilbert, C. R. Acad. Sci. Paris 323

(1996), p. 1165-1168.

[19] X.-F. Roblot, Stark’s Conjectures and Hilbert’s Twelfth _Problem,J. Number Theory, sub-mitted, and Algorithmes de Factorisation dans les Extensions Relatives et _Applicationsde la _Conjecturede Stark à la Construction des _Corpsde Classes de _{Rayon, Thesis,}Université Bordeaux _{I (1997).}

[20] R. Schertz, Zur _expliciten_Berechnungvon Ganzheitbasen in _{Strahlklassenkörpern}über einem _{imaginär-quadratischen Zahlkörper,}J. Number _Theory34 _(1990),_{p. 41-53.}

[21] R. Schertz, Problèmes de Construction en _{Multiplication Complexe,}Sém. Th. des Nombres Bordeaux _{(Séries 2),}4 _(1992),_{p. 239-262.}

[22] R. Schertz, Construction of ray class fields by elliptic units, J. Th. des Nombres Bordeaux 9 _(1997),_{p. 383-394.}

[23] N. Yui and D. _Zagier,On the _singularvalues of Weber modular functions, Math. _Comp.66

(1997), p. 1645-1662. Henri COHEN

Laboratoire A2X

Institut _{Math6matiques}Bordeaux

351 cours de la Lib6ration

F-33405 Talence Cedex