2025-12-05 02:51:52
This post is a side quest in the series on navigating by the stars. It expands on a footnote in the previous post.
There are six pieces of information associated with a spherical triangle: three sides and three angles. I said in the previous post that given three out of these six quantities you could solve for the other three. Then I dropped a footnote saying sometimes the missing quantities are uniquely determined but sometimes there are two solutions and you need more data to uniquely determine a solution.
Todhunter’s textbook on spherical trig gives a thorough account of how to solve spherical triangles under all possible cases. The first edition of the book came out in 1859. A group of volunteers typeset the book in TeX. Project Gutenberg hosts the PDF version of the book and the TeX source.
I don’t want to duplicate Todhunter’s work here. Instead, I want to summarize when solutions are or are not unique, and make comparisons with plane triangles along the way.
The easiest cases to describe are all sides or all angles. Given three sides of a spherical triangle (SSS), you can solve for the angles, as with a plane triangle. Also, given three angles (AAA) you can solve for the remaining sides of a spherical triangle, unlike a plane triangle.
When you’re given two sides and an angle, there is a unique solution if the angle is between the two sides (SAS), but there may be two solutions if the angle is opposite one of the sides (SSA). This is the same for spherical and plane triangles.
There could be even more than two solutions in the spherical case. Consider a triangle with one vertex at the North Pole and two vertices on the equator. Two sides are specified, running from the pole to the equator, and the angles at the equator are specified—both are right angles—but the side of the triangle on the equator could be any length.
When you’re given two angles and a side, there is a unique solution if the side is common to the two angles (ASA).
If the side is opposite one of the angles (AAS), there may be two solutions to a spherical triangle, but only one solution to a plane triangle. This is because two angles uniquely determine the third angle in a plane triangle, but not in a spherical triangle.
The example above of a triangle with one vertex at the pole and two on the equator also shows that an AAS problem could have a continuum of solutions.
Note that spherical triangles have a symmetry that plane triangles don’t: the spherical column above remains unchanged if you swap S’s and A’s. This is an example of duality in spherical geometry.
The post Solving spherical triangles first appeared on John D. Cook.2025-12-05 00:44:23
The previous post introduced the idea of finding your location by sighting a star. There is some point on Earth that is directly underneath the star at any point in time, and that location is called the star’s GP (geographic position). That is one vertex of the navigational triangle. The other two vertices are your position and the North Pole.
Unless you’re at Santa’s workshop and observing a star nearly directly overhead, the navigational triangle is a big triangle, so big that you need to use spherical geometry rather than plane geometry. We will assume the Earth is a sphere [1].
Let a be the side running from your position to the GP. In the terminology of the previous post a is the radius of the line of position (LOP).
Let b be the side running from the GP to the North Pole. This is the GP’s lo-latitude, the complement of latitude.
Let c be the side running from your location to the North Pole. This is your co-latitude.
Let A, B, and C be the angles opposite a, b, and c respectively. The angle A is known as the local hour angle (LHA) because it is proportional to the time difference between noon at your location and noon at the GP.
Given three items from the set {a, b, c, A, B, C} you can solve for the other three [2]. Note that one possibility is knowing the three angles. This is where spherical geometry differs from plane geometry: you can’t have spherical triangles that are similar but not congruent because the triangle excess determines the area.
If you know the current time, you can look up the GP coordinates in a table. The complement of the GP’s latitude is the side b.
Also from the current time you can determine your longitude, and from that you can find the LHA (angle A).
As described in the previous post, the altitude of the star, along with its GP, determines the LOP. From the LOP you can determine the arc between you and the GP, i.e. side a. We haven’t said how you could determine a, only that you could.
If you know two sides (in our case a and b) and the angle opposite one of the sides (in our case A) you can solve for the rest.
This post is more detailed than the previous, but still talks about what can be calculated but now how. We’re adding detail as the series progresses.
To motivate future posts, note that just because something can in theory be computed from an equation, that doesn’t mean it’s best to use that equation. Maybe the equation is sensitive to measurement error, or is numerically unstable, or is hard to calculate by hand.
Since we’re talking about navigating by the stars rather than GPS, we’re implicitly assuming that you’re using pencil and paper because for some reason you can’t use GPS.
[1] To first approximation, the Earth is a sphere. To second approximation, it’s an oblate spheroid. If you want to get into even more detail, it’s not exactly an oblate spheroid. How much difference does all this make? See this post.
[2] In some cases there are two solutions for one of the missing elements and you’ll need to use additional information, such as your approximate location, to rule out one of the possibilities. More on when solutions are unique here.
The post The Navigational Triangle first appeared on John D. Cook.2025-12-04 20:42:34
The previous post touched on how Lewis and Clark recorded celestial observations so that the data could be turned into coordinates after they returned from their expedition. I intend to write a series of posts about celestial navigation, and this post will discuss one fundamental topic: line of position (LOP).
Pick a star that you can observe [1]. At any particular time, there is exactly one point on the Earth’s surface directly under the star, the point where a line between the center of the Earth and the star crosses the Earth’s surface. This point is called the geographical position (GP) of the star.
This GP can be predicted and tabulated. If you happen to be standing at the GP, and know what time it is, these tables will tell your position. Most likely you’re not going to be standing directly under the star, and so it will appear to you as having some deviation from vertical. The star would appear at the same angle from vertical for ring of observers. This ring is called the line of position (LOP).
The LOP is a “small circle” in a technical sense. A great circle is the intersection of the Earth’s surface with a plane through the Earth’s center, like a line of longitude. A small circle is the intersection of the surface with a plane that does not pass through the center, like a line of latitude.
The LOP is a small circle only in contrast to a great circle. In fact, it’s typically quite large, so large that it matters that it’s not in the plane of the GP. You have to think of it as a slice through a globe, not a circle on a flat map, and therein lies some mathematical complication, a topic for future poss. The center of the LOP is the GP, and the radius of the LOP is an arc. This radius is measured along the Earth’s surface, not as the length of a tunnel.
One observation of a star reduces your set of possible locations to a circle. If you can observe two stars, or the same star at two different times, you know that you’re at the intersection of the two circles. These two circles will intersect in two points, but if you know roughly where you are, you can rule out one of these points and know you’re at the other one.
[1] At the time of the Lewis and Clark expedition, these were the stars of interest for navigation in the northern hemisphere: Antares, Altair, Regulus, Spica, Pollux, Aldeberan, Formalhaut, Alphe, Arieties, and Alpo Pegas. Source: Undaunted Courage, Chapter 9.
The post Line of position (LOP) first appeared on John D. Cook.2025-12-01 22:31:47
I read Undaunted Courage, Stephen Ambrose’s account of the Lewis and Clark expedition, several years ago [1], and now I’m listening to it as an audio book. The first time I read the book I glossed over the accounts of the expedition’s celestial observations. Now I’m more curious about the details.
The most common way to determine one’s location from sextant measurements is Hilare’s method [2], developed in 1875. But the Lewis and Clark expedition took place between 1804 and 1806. So how did the expedition calculate geolocation from their astronomical measurements? In short, they didn’t. They collected data for others to turn into coordinates later. Ambrose explains
With the sextant, every few minutes he would measure the angular distance between the moon and the target star. The figures obtained could be compared with tables show how those distances appeared at the same clock time in Greenwich. Those tables were too heavy to carry on the expedition, and the work was too time-consuming. Since Lewis’s job was to make the observations and bring them home, he did not try to do the calculations; he and Clark just gathered the figures.
The question remains how someone back in civilization would have calculated coordinates from the observations when the expedition returned. This article by Robert N. Bergantino addresses this question in detail.
Calculating latitude from measurements of the sun was relatively simple. Longitude was more difficult to obtain, especially without an accurate way to measure time. The expedition had a chronometer, the most expensive piece of equipment on the expedition that was accurate enough to determine the relative time between observations, but not accurate enough to determine Greenwich time. A more accurate chronometer would have been too expensive and too fragile to carry on the voyage.
For more on calculating longitude, see Dava Sobel’s book Longitude.
[1] At least 17 years ago. I don’t keep a log of what I read, but I mentioned Undaunted Courage in a blog post from 2008.
[2] More formally known as Marcq Saint-Hilaire’s intercept method.
The post Lewis & Clark geolocation first appeared on John D. Cook.2025-11-30 00:53:35
A zero knowledge proof (ZKP) answers a question without revealing anything more than answer. For example, a digital signature proves your possession of a private key without revealing that key.
Here’s another example, one that’s more concrete than a digital signature. Suppose you have a deck of 52 cards, 13 of each of spades, hearts, diamonds, and clubs. If I draw a spade from the deck, I can prove that I drew a spade without showing which card I drew. If I show you that all the hearts, diamonds, and clubs are still in the deck, then you know that the missing card must be a spade.
You can think of Fermat’s primality test as a zero knowledge proof. For example, I can convince you that the following number is composite without telling you what its factors are.
n = 244948974278317817239218684105179099697841253232749877148554952030873515325678914498692765804485233435199358326742674280590888061039570247306980857239550402418179621896817000856571932268313970451989041
Fermat’s little theorem says that if n is a prime and b is not a multiple of n, then
bn−1 = 1 (mod n).
A number b such that bn−1 ≠ 1 (mod n) is a proof that n is not prime, i.e. n is composite. So, for example, b = 2 is a proof that n above is composite. This can be verified very quickly using Python:
>>> pow(2, n-1, n)
10282 ... 4299
I tried the smallest possible base [1] and it worked. In general you may have to try a few bases. And for a few rare numbers (Carmichael numbers) you won’t be able to find a base. But if you do find a base b such that bn−1 is not congruent to 1 mod n, you know with certainty that n is composite.
The converse of Fermat’s little theorem is false. It can be used to prove a number is not prime, but it cannot prove that a number is prime. But it can be used to show that a number is probably prime. (There’s some subtlety as to what it means for a number to probably be prime. See here.)
Fermat’s little theorem can give you a zero knowledge proof that a number is composite. Can it give you a zero knowledge proof that a number is prime? There are a couple oddities in this question.
First, what would it mean to have a zero knowledge proof that a number is prime? What knowledge are you keeping secret? When you prove that a number is composite, the prime factors are secret (or even unknown), but what’s the secret when you say a number is prime? Strictly speaking a ZKP doesn’t have to keep anything secret, but in practice it always does.
Second, what about the probability of error? Zero knowledge proofs do not have to be infallible. A ZKP can have some negligible probability of error, and usually do.
It’s not part of the definition, but practical ZKPs must be easier to verify than the direct approach to what they prove. So you could have something like a primality certificate that takes far less computation to verify than the computation needed to determine from scratch that a number is prime.
You could think of non-constructive proofs as ZKPs. For example, you could think of the intermediate value theorem as a ZKP: it proves that a function has a zero in an interval without giving you any information about where that zero may be located.
What makes ZKPs interesting in application is that they can prove things of more general interest than mathematical statements [2]. For example, cryptocurrencies can provide ZKPs that accounting constraints hold without revealing the inputs or outputs of the transaction. You could prove that nobody tried to spend a negative amount and that the sum of the inputs equals the sum of the outputs.
[1] You could try b = 1, but then bn−1 is always 1. This example shows that the existence of a base for which bn−1 = 1 (mod n) doesn’t prove anything.
[2] You might object that accounting rules are mathematical statements, and of course they are. But they’re of little interest to mathematicians and of great interest to the parties in a transaction.
The post Zero knowledge proof of compositeness first appeared on John D. Cook.2025-11-29 05:23:32
Monero has a way of generating new addresses analogous to the way HD wallets generate new addresses for Bitcoin. In both cases, the recipient’s software can generate new addresses to receive payments that others cannot link back to the recipient.
Monero users have two public/private keys pairs: one for viewing and one for spending. Let Ks and ks be the public and private spending keys, and let Kv and kv be the public and private viewing keys. Then the user’s ith subaddress is given by
Here G is a generator for the elliptic curve Ed25519 and H is a hash function. The hash function output and kv are integers; the public keys, denoted by capital Ks with subscripts and superscripts, are points on Ed25519. The corresponding private keys are
As with hierarchical wallets, the user scans the blockchain to see which of his addresses have received funds.
A user may choose to give a different subaddress for each transaction for added security, or to group transactions for accounting purposes.
Note that in addition to subaddresses, Monero uses stealth addresses. An important difference between subaddresses and stealth addresses is that recipients generate subaddresses, and senders generate stealth addresses. Someone could send you money to the same subaddress twice, failing to create a new stealth address. This is not possible if you give the sender a different subaddress each time.
