Outline of the Seminar Topics on elliptic curves Saarbrücken,

Similar documents
LECTURE 2 FRANZ LEMMERMEYER

The Arithmetic of Elliptic Curves

Hans Wenzl. 4f(x), 4x 3 + 4ax bx + 4c

Elliptic Curves: An Introduction

15 Elliptic curves and Fermat s last theorem

Math Topics in Algebra Course Notes: A Proof of Fermat s Last Theorem. Spring 2013

Fermat s Last Theorem

Elliptic curves and modularity

Introduction to Arithmetic Geometry

Congruent number elliptic curves of high rank

Cubic curves: a short survey

Theorem 6.1 The addition defined above makes the points of E into an abelian group with O as the identity element. Proof. Let s assume that K is

Algebraic Geometry: Elliptic Curves and 2 Theorems

LECTURE 7, WEDNESDAY

IN POSITIVE CHARACTERISTICS: 3. Modular varieties with Hecke symmetries. 7. Foliation and a conjecture of Oort

Introduction to Modular Forms

Congruent Number Problem and Elliptic curves

The complexity of Diophantine equations

Elliptic Curves and the abc Conjecture

Introduction to Elliptic Curves

24/10/ Dr Ray Adams

Elliptic Curves and Public Key Cryptography

THERE ARE NO ELLIPTIC CURVES DEFINED OVER Q WITH POINTS OF ORDER 11

ABC Triples in Families

Igusa Class Polynomials

Arithmetic Progressions Over Quadratic Fields

When 2 and 3 are invertible in A, L A is the scheme

Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

Equations for Hilbert modular surfaces

Exploring Number Theory via Diophantine Equations

Modular forms and the Hilbert class field

Elliptic Curves and Mordell s Theorem

Introduction to Arithmetic Geometry Fall 2013 Lecture #24 12/03/2013

Modern Number Theory: Rank of Elliptic Curves

On the Torsion Subgroup of an Elliptic Curve

ELLIPTIC CURVES AND CRYPTOGRAPHY

Elliptic Curves with 2-torsion contained in the 3-torsion field

Elliptic Curves. Akhil Mathew (Department of Mathematics Drew UniversityElliptic MathCurves 155, Professor Alan Candiotti) 10 Dec.

A Generalization of Wilson s Theorem

Elliptic Curves and Elliptic Functions

Cusp forms and the Eichler-Shimura relation

Elliptic Curves & Number Theory. R. Sujatha School of Mathematics TIFR

Introduction to Arithmetic Geometry Fall 2013 Lecture #23 11/26/2013

Why Should I Care About Elliptic Curves?

Public-key Cryptography: Theory and Practice

Riemann surfaces with extra automorphisms and endomorphism rings of their Jacobians

Calculation and arithmetic significance of modular forms

AN INTRODUCTION TO ELLIPTIC CURVES

Classical modular group

Constructing genus 2 curves over finite fields

INTRODUCTION TO ELLIPTIC CURVES

ELLIPTIC CURVES, RANK IN FAMILIES AND RANDOM MATRICES

THE NUMBER OF TWISTS WITH LARGE TORSION OF AN ELLITPIC CURVE

Elliptic Curves: Theory and Application

Some. Manin-Mumford. Problems

Some new families of positive-rank elliptic curves arising from Pythagorean triples

Rational points on elliptic curves. cycles on modular varieties

20 The modular equation

20 The modular equation

COMPLEX MULTIPLICATION: LECTURE 13

Diophantine equations and beyond

Elliptic Curves and Public Key Cryptography (3rd VDS Summer School) Discussion/Problem Session I

Points of Finite Order

Congruence Subgroups

12. Hilbert Polynomials and Bézout s Theorem

Projects on elliptic curves and modular forms

Formal groups. Peter Bruin 2 March 2006

A Motivated Introduction to Modular Forms

Constructing Class invariants

Elliptic Curves over Q

ON A FAMILY OF ELLIPTIC CURVES

The Canonical Sheaf. Stefano Filipazzi. September 14, 2015

The Galois Representation Associated to Modular Forms (Part I)

A SHORT INTRODUCTION TO HILBERT MODULAR SURFACES AND HIRZEBRUCH-ZAGIER DIVISORS

Introduction to Algebraic Geometry. Jilong Tong

Integral points of a modular curve of level 11. by René Schoof and Nikos Tzanakis

On values of Modular Forms at Algebraic Points

CONGRUENT NUMBERS AND ELLIPTIC CURVES

On a Problem of Steinhaus

ABSTRACT NONSINGULAR CURVES

Math 418 Algebraic Geometry Notes

Elliptic Curves as Complex Tori

Independence of Heegner Points Joseph H. Silverman (Joint work with Michael Rosen)

Number Fields Generated by Torsion Points on Elliptic Curves

Isogeny invariance of the BSD conjecture

Arithmetic Progressions over Quadratic Fields

Introduction. Axel Thue was a Mathematician. John Pell was a Mathematician. Most of the people in the audience are Mathematicians.

Elliptic Curves, Group Schemes,

Math 213a: Complex analysis Notes on doubly periodic functions

Elliptic Nets and Points on Elliptic Curves

where m is the maximal ideal of O X,p. Note that m/m 2 is a vector space. Suppose that we are given a morphism

Topics in Number Theory: Elliptic Curves

Period Domains. Carlson. June 24, 2010

Algorithm for Concordant Forms

The Birch & Swinnerton-Dyer conjecture. Karl Rubin MSRI, January

CORRESPONDENCE BETWEEN ELLIPTIC CURVES IN EDWARDS-BERNSTEIN AND WEIERSTRASS FORMS

Algebraic Varieties. Chapter Algebraic Varieties

Elliptic Curves Spring 2013 Lecture #12 03/19/2013

Katherine Stange. ECC 2007, Dublin, Ireland

Transcription:

Outline of the Seminar Topics on elliptic curves Saarbrücken, 11.09.2017 Contents A Number theory and algebraic geometry 2 B Elliptic curves 2 1 Rational points on elliptic curves (Mordell s Theorem) 5 2 Fermat s Last Theorem and Frey curves 5 3 Elliptic functions and elliptic curves over C 5 4 Moduli space of elliptic curves over C 6 5 Modular forms 7 6 Elliptic curve cryptography 7 The following two problems can be seen as motivation to study elliptic curves. Are there 3 consecutive integers/rationals whose product is a perfect square? Are there 3 integers/rationals differing by 5, whose product is a perfect square? Points in C 1 = {(x, y) Q 2 : y 2 = x(x + 1)(x + 2)} (0, 0), ( 1, 0), ( 2, 0) and C 2 = {(x, y) Q 2 : y 2 = x(x + 5)(x + 10)} (0, 0), ( 5, 0), ( 10, 0) Answer: C 1 contains no further points. C 2 contains infinitely many! In how many ways can n > 0 be written as the sum of four squares? The function f(z) = n 1 r 4 (n)e 2πinz where r 4 (n) = #{(a, b, c, d) Z 4 : n = a 4 +b 4 +c 4 +d 4 }, is a modular form of weight 2 for Γ 0 (4). Answer: r 4 (n) equals the n-th coefficient of the Fourier expansion of f(z). 1

A Number theory and algebraic geometry We start by introducing some necessary concepts in number theory and algebraic geometry. Throughout the course K will denote a field (usually K = Q, R, C, F p or F p k) and K[x 1,..., x n ] the polynomial ring in n variables over K. Assume that a collection of polynomials f 1,..., f m K[x 1,..., x n ] generates an ideal I K[x 1,..., x n ]. An algebraic set is a set of the form V I := {(a 1,..., a n ) K n : f 1 (a 1,..., a n ) =... = f m (a 1,..., a n ) = 0}. An algebraic set is an algebraic variety if I is a prime ideal, that is if whenever f g I for some f, g K[x 1,..., x n ], then either f I or g I. If K L is a field extension and E = V I for some ideal I K[x 1,..., x n ], we write E(L) = {(a 1,..., a n ) L n : f(a 1,..., a n ) = 0, f I}. Note that E(K) E(L). Example: V (f) for f(x, y) = y 2 x(x + 1)(x + 2) Q[x, y] is an algebraic variety V (g) for g(x, y) = y 2 x(x + 5)(x + 10) Q[x, y] is an algebraic variety V (h) for h(x, y) = xy is an algebraic set but not an algebraic variety Figure 1: V (f) and V (h) seen as curves over R. Let I be a prime ideal and V = V I. We denote by K[V ] = K[x 1,..., x n ]/I the coordinate ring of V and by K(V ) its fraction field. The dimension dim(v ) of V is defined as the transcendence degree of K(V ) over K. We are interested in smooth algebraic varieties, that is varieties V (f1,...,f m) such that the matrix ( f i / x j (P )) has rank n dim(v ) for every P V (see Figure 2). B Elliptic curves Let K be a field of characteristic char K 2, 3. An elliptic curve over K is a smooth cubic curve E (that is, a smooth curve given by a polynomial f(x, y) K[x, y] of degree 3), with at least a K-rational point (that is, a point with coordinates x, y K). Note that this point may be a point at infinity. By a change of coordinates, one can always assume that E is given by an equation E : y 2 = x 3 + Ax + B, A, B K, (1) 2

Figure 2: Two non-smooth curves. called the Weierstraß form of E. The algebraic curve given by such an equation is smooth if and only if its discriminant E = 16(4A 3 + 27B 2 ) is not zero in K. Whenever K is algebraically closed, one can also write E in Legendre normal form (this will be relevant when we study elliptic curves over C): E : y 2 = x(x 1)(x λ), λ K. Figure 3: The elliptic curve y 2 = x 3 3x + 3 over the fields C, R and F 101. Let E(K) be an elliptic curve over K in Weierstraß form as in equation (1). By adding a point O at infinity (equivalently, by considering E(K) as the affine part of a projective curve) one can define a group structure on E(K) in a geometric way. Let P, Q E(K) and consider the line l through these two points (if Q = P, then l is the tangent line to E(K) at P ). Note that, if P = (x P, y P ) and Q = (x Q, y Q ) are different, then l is given by y y P = y Q y P x Q x P (x x P ), (2) which is a linear equation on (x, y) with coefficients in K. Therefore there exists a third point of intersection R of E(K) and l with coordinates in K. In fact, plugging the value of y from (2) into the equation (1) of the elliptic curve, we get a polynomial of degree 3 in x. Since we already know two roots of this polynomial, namely x = x P and x = x Q, we can divide by (x x P )(x x Q ) and find a third solution x R. Substituting now x = x R into (2) gives us y = y R. We then define the sum of P and Q as P Q = R := (x R, y R ), that is the reflection of R along the real line y = 0 (see Figure 4 for a graphic version). One potential problem arises if we try to add the points P = (x P, y P ) and (x P, y P ). Then the line l passing through them is x = x P and it does not intersect E in further points. 3

Figure 4: The sum operation on E : y 2 = x 3 10x + 4 for E(R) and E(F 19 ). We denote (x P, y P ) by P and in this case we define the sum P ( P ) as the point O at infinity. It turns out that the operation thus defined turns (E(K), ) into an abelian group, with O as neutral element and inverse given by P P. Whenever it is clear, we will use the signs + and instead of and. Similarly, for any P E(K) and n N we will write np = P + n... +P. Note that there can be torsion (or finite order) points, that is points P E for which there exists n N such that np = O (see Figure 5). Figure 5: The point P = (2, 3) on E : y 2 = x 3 + 1 has order 6, that is 6P = P + 5P = O. 4

1 Rational points on elliptic curves (Mordell s Theorem) The study of the structure of the group of rational points E(Q) of an elliptic curve is one of the main objectives of the subject. The principal result in this directions is given by Mordell s Theorem. Theorem (Mordell, 1922). The group E(Q) is a finitely generated abelian group, that is there exist P 1,..., P n E(Q) such that for each Q E(Q) In particular we can write Q = a 1 P 1 +... + a n P n, for some a i Z. E(Q) = E(Q) tor Z r E, where E(Q) tor is the torsion part and r E N is called the rank of E. The proof of this fact uses some properties of the height function H : E(Q) Q, (x, y) max{ x, y }, and a key lemma (often called weak Mordell) stating that E(Q)/2E(Q) is finite. Mordell s Theorem can be generalized to elliptic curves E(K) (and even abelian varieties A(K)) over number fields K (Mordell-Weil Theorem). 2 Fermat s Last Theorem and Frey curves Fermat first formulated (without proof) his famous Last Theorem in 1637, in the margin of a copy of the Arithmetica of Diophantus. Theorem (Wiles, 1994). Let n 3. There exists no three positive integers a, b, c > 0 such that a n + b n = c n. The conjecture remained unproved until 1994, when Andrew Wiles proved a special case of the modularity theorem (Taniyama-Shimura-Weil conjecture) that implied Fermat s Last Theorem. The relationship between the Theorem and elliptic curves goes as follows. First, it is easy to prove that it is enough to prove the Theorem for n = 4 and n = p odd prime (the case n = 4 was actually already proved by Fermat). Now, given a solution (a, b, c) of Fermat s equation a p + b p = c p we could construct the Frey elliptic curve E a,b,c : y 2 = x(x a p )(x + b p ). Therefore, proving Fermat s Last Theorem amounts to showing that no such curve can exist. In 1984, Gerhard Frey stated that this curve could not be modular, a fact finally proved later by Serre and Ribet. This would contradict the Taniyama-Shimura-Weil conjecture, which claimed that every elliptic curve over Q is modular, and therefore a proof of this conjecture would make impossible the existence of such a curve, implying in particular Fermat s Last Theorem. 3 Elliptic functions and elliptic curves over C Given two (non-real multiples of each other) complex numbers ω 1, ω 2 C, an elliptic function relative to the periods (ω 1, ω 2 ) is a meromorphic function f : C C { } such that f(z + ω 1 ) = f(z) = f(z + ω 2 ) for all z C. Note that this implies that the function f is well defined on C/Λ, where Λ = ω 1, ω 2 Z is the lattice (Z-module) generated by ω 1 and ω 2 5

in C (see Figure 6). It is also immediate that the derivative f (z) of an elliptic function is again an elliptic function for the same periods and that the set of elliptic functions for given periods forms a field. Figure 6: Lattice generated by ω 1 = 3 + i and ω 2 = 2 + 4i. Elliptic functions take the same values at z and at its translates z + aω 1 + bω 2, for a, b Z. For any choice of periods (ω 1, ω 2 ) one can explicitly write down an elliptic function (z) called the Weierstraß elliptic function. This function has the two remarkable properties that it satisfies the first-order differential equation (z) = 4 3 (z) g 2 (z) g 3, for complex numbers g 2 := g 2 (Λ), g 2 := g 3 (Λ) depending on Λ, and that the field C (, ) is precisely the field of elliptic functions relative to the periods (ω 1, ω 2 ). One can then create a morphism C/Λ E(C) : y 2 = 4x 3 g 2 x g 3 z ( (z), (z)) which turns out to be an isomorphism. In particular, this allows us to see the complex elliptic curve E(C) = {(x, y) C 2 : y 2 = 4x 3 g 2 x g 3 } as a torus C/Λ. Conversely, for every complex elliptic curve E one can make a change of coordinates so that E : y 2 = 4x 3 Ax B, for some A, B C, and find a lattice Λ = ω 1, ω 2 Z satisfying A = g 2 (Λ) and B = g 3 (Λ) so that, in particular, E = C/Λ. 4 Moduli space of elliptic curves over C The next plan is to consider the space M 1,1 of all (isomorphism classes of) elliptic curves over C and give it some structure. To each elliptic curve E one can associate the corresponding lattice Λ C which, after rotating and rescaling, can be assumed to be generated by elements Λ = 1, τ Z, for some τ H := {z C : Im z > 0}. However this choice is not unique. The group SL(2, Z) of 2 2 integral matrices with determinant 1 acts naturally on the upper half-space H by Möbius transformations γ(z) = az + b cz + d, for γ = ( ) a b SL(2, Z), c d and two lattices Λ = 1, τ Z and Λ = 1, τ Z turn out to define isomorphic elliptic curves if and only if τ and τ are related by an element γ of SL(2, Z), that is τ = γ(τ). 6

In particular, one can identify the space M 1,1 with the quotient space Y (1) = H/ SL(2, Z). This space, which is called the modular curve, can be seen topologically as a sphere without one point via the j-invariant, a function j : H C invariant under the action of SL(2, Z). The modular group SL(2, Z) is a very important group in number theory. It can be generated by the two matrices T = 5 Modular forms ( ) 1 1 0 1 and S = ( ) 0 1. 1 0 As we saw in the previous talk, the space H/ SL(2, Z) parametrises all possible elliptic curves over C. Modular forms (and modular functions) are functions in H which are almost well defined on the quotient. More precisely, let k Z be an integer. A modular form of weight k (for SL(2, Z)) is a holomorphic function f : H C which is bounded at infinity and such that f(z + 1) = f(z) and f( 1/z) = z k f(z). Note that T (z) = z + 1 and S(z) = 1/z. In particular, the second condition implies that ( ) f(γ(z)) = (cz + d) k a b f(z), for all γ = SL(2, Z). c d It is easy to see that non-zero modular forms have necessarily even weight 2k. Among them, Eisenstein series G 2k are especially important. They are defined by the following formula 1 G 2k (z) = (mz + n) 2k. m,n Z (m,n) (0,0) The vector space M 2k of modular forms of weight 2k turns out to be finite dimensional. In fact, the graded ring k=0 M 2k is generated by G 4 and G 6. 6 Elliptic curve cryptography Elliptic curve cryptography is a public-key cryptographic system that uses the group structure of elliptic curves over finite fields. Public-key cryptography is based on the use of two keys: a public key which is known to everyone, and a private key which is known only to the owner. The encoding uses functions whose inverse is hard to compute unless the private key is known. Usually, the stability of the system relies on two factors: the unsolvability of the inverse problem and the secure interchange of private keys through unsafe channels. An example of a hard-to-invert function is the exponential function in finite fields. Given a finite field F q, its (multiplicative) group of units F q is known to be a cyclic group, hence generated by an element g: F q = {1 = g 0, g, g 2,..., g q 2 }. Now, fixed a generator g of F q and given an element h F q, the discrete logarithm problem is the problem of finding an exponent x Z such that g x = h. The hardness of the discrete logarithm problem can be used to create a cryptographic system. This problem uses only the abelian structure of the group F q. One can therefore generalise it to any abelian group, such as an elliptic curve E(F q ) over a finite field: for a fixed point P E of large (prime) order p and a given point Q E, the discrete logarithm problem is the problem of finding (if there exists) a coefficient m Z such that mp = Q E. 7

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback