The Congruent Number Problem and the Birch and Swinnerton-Dyer Conjecture. Florence Walton MMathPhil

The Congruent Number Problem and the Birch and Swinnerton-Dyer Conjecture Florence Walton MMathPhil Hilary Term 015

Abstract This dissertation will consider the congruent number problem (CNP), the problem of finding a single criterion for determining whether or not a given natural number is the area of some rational-sided right-angled triangle. The CNP is intimately tied to elliptic curves, since a rational-sided right-angled triangle with area N corresponds to a rational point on the elliptic curve E N : y = x 3 N x. This gives a different approach to solving the CNP, and one which proves more fruitful. Indeed, this allows us to reduce the question of whether a given natural number is congruent to one of whether the algebraic rank of its congruent number elliptic curve is non-zero. This is significant progress, but we are not able to calculate the algebraic rank of an elliptic curve in general, so we need another change of approach to solve the CNP. This is what, if true, the Birch and Swinnerton-Dyer Conjecture (BSD) provides, since it says that the algebraic rank of an elliptic curve is equal to its analytic rank. The BSD Conjecture has not yet been proven but, if it is true, then we have simplified the congruent number problem to one of calculating the analytic ranks of the elliptic curves E N.

Contents 1 The Congruent Number Problem 4 1.1 The problem............................ 5 1. Constructing congruent numbers................ 6 1.3 A simplification.......................... 8 1.4 Two Theorems and a Conjecture................ 9 1.5 The plan of attack........................ 11 Elliptic Curves 15.1 A group law............................ 15. The torsion subgroup....................... 19..1 Finding the torsion subgroup.............. 0.. The Nagell-Lutz Theorem................ 1.3 Mordell s Theorem........................ 3.3.1 Part 1: Height....................... 3.3. Part : The Weak Mordell-Weil Theorem........ 40.3.3 Mordell s Theorem at last................ 48.4 Examples: calculating the algebraic rank............ 51 3 The Birch and Swinnerton-Dyer Conjecture 59 3.1 The L-function.......................... 59 3. Congruent Numbers and the BSD Conjecture......... 6 3

Chapter 1 The Congruent Number Problem We shall consider the Congruent Number Problem (CNP), a question of which natural numbers are areas of right-angled triangles with rational side lengths. The aim is to find a single criterion for whether or not a given natural number is such an area (that is, is congruent). The CNP is one of the oldest unsolved mathematical problems, tracing back at least to Mohammed Ben Alhocain in a tenth century Arab manuscript [1]. He wrote that the key goal in the theory of right-angled triangles is to find a square number that, when a certain number N is either added or subtracted, still yields square numbers. We can see that this is essentially the CNP, since it sets up a progression: ( α β ) ( γ ) ( ) α + β,,, with common difference N and we can consider N as the area of a rightangled triangle with sides α, β, γ. An elementary change of variables then allows us to interpret this problem as one of finding a nontrivial rational solution pair (x, y) to the equation E N : y = x 3 N x, the congruent number elliptic curve. In this dissertation, we shall explore the relationship between congruent numbers and elliptic curves. We begin by defining congruent numbers and understanding how we can generate them. Although this is a relatively straightforward question, the reverse process (that is, the process of determining whether or not a given natural number is congruent) is far more 4

1.1. THE PROBLEM 5 complex and will form our focus. Firstly, we find a correspondence between the lengths α, β of the shorter sides of a right-angled triangle with area N and a rational solution (x, y) on the elliptic curve E N : y = x 3 N x. So we focus on rational points on elliptic curves, finding that the group of rational points on a given curve is made up of the points of finite order, which are relatively straightforward to calculate, and the points of infinite order, which are less easily found. This is shown in Mordell s Theorem, which not only says that the set of rational points on a curve forms a finitely generated group, but also allows us to identify the group structure, demonstrating the significance of the algebraic rank. The algebraic rank is a key constant in our work: indeed, determining whether N is a congruent number is the same as determining whether the algebraic rank of the corresponding curve E N is non-zero. Understanding the algebraic rank of an elliptic curve is a difficult and, in general, open problem, so we turn to the Birch and Swinnerton-Dyer (BSD) Conjecture, that the algebraic rank is equal to the analytic rank. This gives us another way of approaching the problem. Though no complete proof of the CNP has been given, some solid foundations have been built. In the seventeenth century, Fermat (1640) [8] proved the first key theorem on this topic, that 1 is not a congruent number. He also noted that this implied that there are no rational (x, y) with x, y 0 such that x 4 + y 4 = 1, which was perhaps what led him to claim Fermat s Last Theorem, that there are no non-trivial integer solutions to x a + y a = z a for any integer a 3. More recently, Tian (01)[1] proved that, for any natural number k 1, there exist infinitely many square-free congruent numbers of the form 8n + 5, 8n + 6, 8n + 7 with precisely k distinct odd prime factors, also giving a method for their construction. Tian s result goes a certain distance towards proving part of Birch and Swinnerton-Dyer s prediction that every integer of the form 8n + 5, 8n + 6 or 8n + 7 is congruent. By Tunnell s Theorem (1983) [] and the BSD Conjecture (1965) [], we have a single criterion for determining whether a given natural number N is congruent, but no proof has yet emerged of the BSD Conjecture. It has become of such central interest that it was named one of the Clay Mathematics Institute s million dollar Millennium Problems [?]. 1.1 The problem We begin by defining congruent numbers and stating the Congruent Number Problem. We predominantly owe the exposition of this chapter to Coates [5], Brown [4] and Koblitz [1].

6 CHAPTER 1. THE CONGRUENT NUMBER PROBLEM Definition 1.1.1. A congruent number is a natural number N which is the area of a right-angled triangle with rational-length sides. The congruent number problem is the problem of finding a simple criterion by which to determine whether a given natural number is a congruent number. Much progress has been made towards understanding what its solution would depend on, but it remains an open problem. Looking at the problem the other way around, however, soon yields fairly basic methods for constructing congruent numbers from Pythagorean triples. 1. Constructing congruent numbers Definition 1..1. A Pythagorean triple is a triple (α, β, γ), α, β, γ Q such that α + β = γ. We use the notation hcf(a, b) for the highest common factor of a and b. Definition 1... A primitive Pythagorean triple is a Pythagorean triple (α, β, γ), such that α, β, γ Z and hcf(α, β, γ) = 1. Theorem 1..3 (Euclid s Formula). A triple (α, β, γ) is a primitive Pythagorean triple if and only if there exist natural numbers, m and n, such that m > n and α = mn, β = m n, γ = m + n. Proof. We largely follow [3]. The backwards direction is obvious on considering the equation with natural numbers m > n: α + β = (mn) + (m n ) = (m + n ) = γ. For the forwards direction, consider α + β = γ. Suppose, for a contradiction, that α and β are both odd. We know that squares modulo 4 are 0 or 1, so that α β 1 (mod 4) and so γ (mod 4), which contradicts squares modulo 4 being 0 or 1. So at least one of α and β must be even. Supposing both to be even yields γ, contradicting hcf(α, β, γ) = 1. So exactly one of α and β is even. Then α + β = γ gives γ β = α. Therefore, (γ β)(γ + β) = α γ + β α = α γ β.

1.. CONSTRUCTING CONGRUENT NUMBERS 7 Defining m n := γ+β α γ+β (which we can do as α is rational) gives: γ β α = ( 1 ) α γ β = 1 ) ( γ+β α = n m. So we can see β α = 1 ( m n n ) m and thus γ α + β α = m n γ α = m + n mn and γ γ α β α = n m β α = m n mn. Since α, β, γ are coprime, and β are in their lowest terms. Given our α α assumption that m is in its lowest terms, we have that hcf(m, n) = 1. But n if m, n were both even, the numerator would clearly be divisible by and if ( m +n ) both were odd, then would be a ratio of two odd numbers, and yet mn be equal to γ, where one of γ, α is even. So the right hand sides are in their α lowest terms if and only if one of m, n is odd and the other is even, since then the numerators are odd. Thus, we can equate numerators and denominators, giving β = m n α = mn γ = m + n where m and n are coprime and one is odd and one even.

8 CHAPTER 1. THE CONGRUENT NUMBER PROBLEM We can now construct congruent numbers by taking any m, n N, m > n and calculating α = mn β = m n, which gives, for the area of the triangle N = 1 αβ = mn(m n ). So we can now generate a congruent number from any two integers. For example, m = 3 and n = yields N = 30 is a congruent number. But this has brought us no closer to being able to determine, for a given integer, whether it is congruent. For this, we shall need a different line of attack. 1.3 A simplification We are helped by the fact that we do not need to check every single integer to see if it is a congruent number: some sets go together, such that we only need to show one member of the set is congruent to know that all the others are, without independent verification. Proposition 1.3.1. There is a right-angled triangle with area N N and sides α, β, γ Q if and only if there exists a right-angled triangle with area c N for c Z and rational sides (cα, cβ, cγ). Proof. Given a right-angled triangle, with area N and sides α, β, γ Q, we can multiply out by denominators to give a right-angled triangle with integer sides cα, cβ, cγ and area c N where c is the lowest common multiple of the denominators of α and β. For the converse, we can reverse this method, taking the right-angled triangle with integer sides (a, b, d) and area M and finding a right-angled triangle with area M c and rational sides ( a c, b c, d c ). The area of the triangle we reach as a result of this backwards direction may be an integer (and so congruent number), or merely a rational (in which case we discard it). We know from Proposition 1.3.1 that c N is congruent if and only if N is, that is that we only need to consider congruent numbers modulo nonzero rational squares (the set of squares of nonzero rational numbers), the set of which we shall denote (Q ). So, from now on, it suffices to consider only square-free congruent numbers.

1.4. TWO THEOREMS AND A CONJECTURE 9 1.4 Two Theorems and a Conjecture No full solution to the congruent number problem has been found. Here, we give a brief overview of some historically significant steps towards understanding the CNP. Fermat s result showed that 1 is not a congruent number and similar arguments show that and 3 are not congruent numbers. Tunnell s Theorem gives a partial solution to the congruent number problem and, if the weak form of the Birch and Swinnerton-Dyer Conjecture is true, then there is a complete solution. Before we give Fermat s result, we need the following: Lemma 1.4.1. Two positive coprime integers a, b whose product is a perfect square are each perfect squares. Proof. Let ab = n for some n N. Then n n, so n ab. Now let n := p a 1 1 p a...p a k k for distinct primes p i and natural numbers a j. For any p i, p i n and so p i ab. This means that we have one of the following cases: 1. p i a and p i b. p i b and p i a 3. p i a and p i b (yields a contradiction by the coprimality assumption). Now we can see that, for each p i n, p i a or b and, since any c which divides ab also divides n = p a 1 1 p a...p a k k, we have that a and b are perfect squares (since they are each a product of perfect squares). Theorem 1.4. (Fermat). 1 is not a congruent number. Proof. We follow Conrad [6]. Suppose, for a contradiction, that there is a right-angled triangle with area 1. Let the lengths of the sides be α c, β c and γ c for α, β, γ, c Z +. Then α + β = γ and 1 αβ = c. These give α + β = γ αβ = c. (1.1) Suppose, for a contradiction, that there is a solution to (1.1) in the positive integers. Let h := hcf(α, β) so h α and h β. Then h γ and h c and so h γ and h c. So α, β, γ, c is another 4-tuple of positive integers with h h h h hcf( α, β ) = 1. Therefore, since we are assuming that there is a solution in h h positive integers, we have that there is a solution with α and β coprime. So now we can construct a new 4-tuple of positive integers α, β, γ, c, satisfying (1.1), such that (α, β ) = 1 and 0 < γ < γ. Continually repeating this

10 CHAPTER 1. THE CONGRUENT NUMBER PROBLEM process we shall reach a contradiction: Since αβ = c and α and β are coprime, α and β must be of different parity. So then γ = α + β is odd, so γ is odd. Since α and β are positive and coprime, with αβ twice a square, one is a square and the other is twice a square by Proposition 1.4.1. Without loss of generality, α is even and β is odd. Then α = k, β = l for some positive integers k and l and (since β is odd) we know that l is too. From the first part of (1.1), we now have 4k 4 +β = γ, yielding k 4 = γ+β γ β. Since β and γ are odd and coprime, γ+β and γ β are coprime (by Theorem 1..3). This means that γ+β = r 4 and γ β = s 4 for some coprime r, s Z +. Adding and subtracting these equations gives β = r 4 s 4 and γ = r 4 + s 4, so that l = β = (r + s )(r s ). Now since l is odd, any common factor of (r + s ) and (r s ) would be odd and it would also divide their sum and difference, r and s. Thus it is a factor of hcf(r, s ), which we know to be 1. This means that they have no common factor and (r + s ) and (r s ) are coprime. Since (r + s )(r s ) is an odd square and one of the factors is positive, the other must be positive and hence a square by Lemma 1.4.1, so that r + s = t r s = u, (1.) where t, u are odd, positive, coprime integers. We have that u 1 (mod 4) (since u is odd), r s 1 (mod 4), giving that r is odd and s is even (as r, s coprime). Now, solving for r in (1.), we get ( ) r = t + u ( ) t + u t u = +, (1.3) with t±u Z as t and u are both odd. Equation 1.3 gives a Pythagorean triple: if we set α = t + u β = t u γ = r, then α + β = γ. Since hcf(t, u) = 1, hcf(α, β ) = 1 as well. From (1.), α β = t u = s = ( s. 4 4 ) Taking c := s Z, we see that (α, β, γ, c ) provides a new solution to (1.1). As 0 < γ = r r 4 < r 4 + s 4 = γ, we get a contradiction by descent.

1.5. THE PLAN OF ATTACK 11 Theorem 1.4.3 (Tunnell s Theorem []). If N is a square-free odd congruent number, then: #{x, y, z Z N = x +y +3z } = 1 #{x, y, z Z N = x +y +8z }. Similarly, if N is a square-free even congruent number, then: #{x, y, z Z N = 4x +y +3z } = 1 #{x, y, z Z N = 4x +y +8z }. The proof of Tunnell s Theorem involves a careful study of modular forms, which is beyond the scope of this work. Conjecture 1 (Birch and Swinnerton-Dyer Conjecture []). The algebraic rank of an elliptic curve is equal to its analytic rank. Birch and Swinnerton-Dyer developed their conjecture in the 1960s, aided by machine computation. The proof of this conjecture has still not been given in its complete form but, if it is true, then the converse of Tunnell s Theorem also holds, and a single criterion for congruency of an integer is yielded. We shall see the relevance of the BSD Conjecture in the next section, when we show that a natural number N is congruent if and only if the algebraic rank (a key constant which we shall define in Chapter ) of the elliptic curve y = x 3 N x is not equal to zero. Since this is the direction in which we are heading, we will devote a significant portion of this thesis to giving an overview of the key properties of elliptic curves. 1.5 The plan of attack The congruent number problem can be viewed as a problem about an object which is central to modern number theory, the elliptic curve. This enables us to attack the problem from a different direction, so we begin by introducing the properties of elliptic curves with some definitions. Definition 1.5.1. A curve f(x, y) = 0 is singular at the point P = (x 0, y 0 ) if f(x 0, y 0 ) = f = f (x0,y 0 = 0. ) (x0,y 0 ) x y Definition 1.5.. A curve is nonsingular if it is nonsingular at all points. Otherwise, the curve is singular. Definition 1.5.3. An elliptic curve over a field F is a nonsingular curve defined by the equation y + a 1 xy + a 3 y = x 3 + a x + a 4 x + a 6, with a i F together with one special point at infinity, O. Any elliptic curve over a field K with chark, 3 can be expressed in Weierstrass Normal Form: y = x 3 + Ax + B,

1 CHAPTER 1. THE CONGRUENT NUMBER PROBLEM with A, B F. Thus, as we are normally working over Q (since we are focussing on the link between rational-sided right-angled triangles and elliptic curves), we are not making any unwarranted assumptions. However, this should be borne in mind for general results. We are now ready to proceed. Proposition 1.5.4. If N is a congruent number, then a rational right-angled triangle with short sides x,y and area N gives a rational solution (x, y) to the elliptic curve y = x 3 N x. Proof. Clearly, N is a congruent number if and only if there exist rational numbers α, β and γ such that N = 1 αβ (1.4) γ = α + β. (1.5) Finding the sum and the difference of (1.5) and 4 times (1.4) gives: (β + α) = γ + 4N (β α) = γ 4N. Then multiplying together and dividing by 16 yields: ( ) β α ( γ ) 4 = N. 4 Setting u = γ and v = β α 4 gives that Multiplying by u, gives: v = u 4 N. (uv) = u 6 N u. Now setting x = u and y = uv shows that a rational right-angled triangle with short sides x, y and area N gives a rational solution to y = x 3 N x. And a partial converse:

1.5. THE PLAN OF ATTACK 13 Theorem 1.5.5. Let (x, y) Q Q such that y = x 3 N x and x: 1. has even denominator;. is the square of a rational number; 3. has numerator coprime to N. Then there correspondingly exists a right-angled, rational-sided triangle with area N. Proof. Let u = x Q. Set v := y. Then we have u v = (x3 N x) x v = x N v + N = x. (1.6) Let t be the denominator of u. We have u = x and, by assumption, x has even denominator, so t. Now N is an integer and so, by (1.6), v and x have the same denominator. Multiplying (1.6) by t 4 yields t N, t v, t x as a Pythagorean triple. The numerator of x has no common factor with N, so hcf(t N, t v, t x) = 1. Now applying Theorem 1..3 gives the existence of natural numbers m, n such that t N = mn, t v = m n and t x = m +n. Then setting α = m, β = n, γ = n yields t t α + β = 4 t (m + n ) = 4 t (t x) = 4x = (u) = γ, and we see that (α, β, γ) is a Pythagorean triple. The area of the corresponding triangle is 1 αβ = 1 m n t t = mn t = N.

14 CHAPTER 1. THE CONGRUENT NUMBER PROBLEM We see from the above that a right-angled triangle with rational sides α, β, γ and area N yields a rational point in the xy-plane (x, y), lying on the curve y = x 3 N x. Indeed, given the sides α, β, γ of a right-angled triangle with area N, we can find the corresponding rational point on the elliptic curve E : y = x 3 ( 1 αβ) x: ( γ (x, y) = 4, (β α )γ 8 Note here that α and β are interchangeable. This makes sense from the interchangeability of sides of the right-angled triangle, and we can check that the two different y-coordinates both yield points which lie on the curve, since the curve is symmetric about the x-axis and the y-coordinates are merely negatives of each other. Example 1.5.6. From the (3, 4, 5) triangle, we can see that 6 is a congruent number. This corresponds to a solution pair on the elliptic curve y = x 3 36x: the points ( 5, ± ) 35 4 8. Example 1.5.7. There are two different rational-sided right-angled triangles with area 10: (0, 1, 9) and (1, 35, 37). These correspond to two different rational point pairs on the elliptic curve y = x 3 10 x: ( ) 841 (x, y) = 4, ±1189 8 ). and ( ) 1369 4, ±39997. 8 Curves of the form y = x 3 N x are a particular kind of elliptic curve, so elliptic curves can be used to answer many key questions about congruent numbers. We shall investigate their key properties in the next chapter.

Chapter Elliptic Curves Let E be the elliptic curve y = x 3 + Ax + B with A, B Q..1 A group law We begin with some notation. We use E(Q) to denote the set of points on the curve E with coordinates in the field Q. This section is mostly based on Brown [4], Koblitz [1], and Silverman and Tate [17]. Our aim is first to prove: Proposition.1.1. The set of points E(Q) forms an abelian group. First, we need to define a group operation. Addition of points on elliptic curves is much more simply explained geometrically, so we initially consider it in this way. Then we shall derive explicit algebraic formulae for addition. Method.1. (Adding points on elliptic curves). Given two points, P 1 and P on E, drawing the line passing through both gives a unique third point of intersection of this line with the curve (note that the third point may be O), which we call P 1 P. If P 1 = P =: P here, we draw the tangent to P and then find the other point of intersection with the curve, P P. We define O O := O (since O is taken to be a point of inflection). Then we define P 1 + P as the third intersection point of the line through O and P 1 P. This gives P 1 + P = O (P 1 P ). 15

16 CHAPTER. ELLIPTIC CURVES P 1 P P P 1 P 1 + P Proposition.1.3. If P 1 = (x 1, y 1 ) and P = (x, y ), then P 1 + P := (x 3, y 3 ) = (λ x 1 x, λx 3 + ν), where λ := y y 1 x x 1 ν := y 1 λx 1 = y λx. Proof. Let P 1 := (x 1, y 1 ), P := (x, y ), P 1 P := (x 3, y 3 ), P 1 + P := (x 3, y 3 ) Firstly, we consider the line through P 1 and P, which has equation y = λx + y 1 λx 1 (note that we could just as easily have used (x, y ), since we are defining a straight line through both these points). Now we can find the points of intersection of the line with the elliptic curve: x 3 + Ax + B = y = (λx + ν) = λ x + ν + λνx 0 = x 3 λ x + (A λν)x + (B ν ) = (x x 1 )(x x )(x x 3 ) λ = x 1 x x 3 x 3 = λ x 1 x y 3 = λx 3 + ν. There is a special case of this we note now, when P 1 = P :

.1. A GROUP LAW 17 Proposition.1.4 (The duplication formula: doubling a point). Let P = (x 1, y 1 ) be a point on an elliptic curve, E. Then P = P + P has coordinates x(p ) = x4 1 Ax 1 8Bx 1 + A 4(x 3 1 + Ax 1 + B) y(p ) = x6 1 5Ax 4 1 0Bx 3 1 + 5A x 1 + 4ABx 1 + A 3 + 8B. 8y1 3 Proof. Let y = λx + ν, with with λ, ν defined as before, define the tangent to E at P. Then: λ = dy dx P y = f(x) λ = f (x 1 ) y 1 ( ) f (x 1 ) x(p ) = x 1 (from previous) y 1 = x4 1 Ax 1 8Bx 1 + A. 4y1 y(p ) = λx(p ) + ν = f (x 1 ) x(p ) + ν y 1 = (3x 1 + A) (x 4 1 Ax 1 8Bx 1 + A ) + ν y 1 4y1 = (3x6 1 5Ax 4 1 4Bx 3 1 + 3A x 1 A x 1 8ABx 1 + A 3 ) + y 8y1 3 1 f (x 1 ) x 1 y 1 = x6 1 5Ax 4 1 0Bx 3 1 + 5A x 1 + 4ABx 1 + A 3 + 8B. 8y1 3 Proposition.1.5. (E(Q), +) is an abelian group. Proof. Firstly, we verify commutativity: Commutativity: For all P, Q E(Q), P + Q = Q + P Clearly, P Q = Q P, since there is a unique line through P and Q and so the third point of intersection with the curve is the same in both cases. But then P + Q is uniquely determined by P Q, so that P + Q = Q + P. Next, we verify the group laws:

18 CHAPTER. ELLIPTIC CURVES Binary operation of addition: For all P, Q E(Q), P + Q E(Q): From Proposition.1.3, it is clear that if P 1, P E(Q), then P 1 +P E(Q). Associativity: For all P, Q, R E(Q), P + (Q + R) = (P + Q) + R: f P P (Q + R) P + R e Q (P + Q) R R P R d P Q P + Q O a b c Here the labelled points are those which intersect with the curve E. We are required to prove that P (Q + R) = (P + Q) R. To do this, we consider the two cubic curves defined respectively by the lines a, b, c and d, e, f. Now each of these curves shares 8 points with E: O, P, Q, R, P Q, P + Q, P R, P + R. Then, by an application of Bézout s Theorem [1], the ninth point of intersection must be the same for all three curves. Thus, P (Q + R) = (P + Q) R and so P + (Q + R) = (P + Q) + R. Identity: There exists I E(Q) such that for all P E(Q), P + I = P = I + P : Considering the point at infinity, O, P + O = (P O) O = P. We can see this since, if P = (x, y) then P O = (x, y) so (P O) O = (x, y). By commutativity, we have the result. Inverses: For all P = (x, y), there exists P = (x, y) such that P +( P ) = O: We define Q := P (O O) and show that Q is the inverse of P, which we

.. THE TORSION SUBGROUP 19 shall call P. P + Q = O (P Q) = O (P (P (O O))) = P. We can also see this from the picture of the elliptic curve, since there are no other points of intersection of E and the line through P and P.. The torsion subgroup We begin by investigating the torsion points on an elliptic curve. The algebraic rank of an elliptic curve is key in our quest to solve the congruent number problem. The algebraic rank is the number of independent nontorsion points and, in order to understand this constant fully, we need to prove Mordell s Theorem, which gives the structure of the group of rational points on the curve. The group is made up of torsion points and points of infinite order. This section is a compilation of Brown [4], Koblitz [1] and Silverman and Tate [17]. Definition..1. The order, m, of a group element, P is the least m N such that mp = P + P +... + P = O (the sum of m P s). Definition... The torsion points on an elliptic curve are those points with finite order. Definition..3. P has finite order if such an m exists. We use E(Q) tors to denote the set of all torsion points. Theorem..4. The point P = (x, y) on the elliptic curve E, P O, has order if and only if y = 0. Proof. We consider points of order : P = O, P O P = P y = y y = 0 P 1 = (α 1, 0), P = (α, 0), P 3 = (α 3, 0), where α i are the roots of the cubic x 3 + Ax + B.

0 CHAPTER. ELLIPTIC CURVES Theorem..5. The point P on E, P O, has order 3 if and only if x is a root of ψ 3 (x) := 3x 4 + 6Ax + 1Bx A. Proof. Considering points of order 3: Conversely, x(p ) = x(p ) P = ±P 3P = O P = P x(p ) = x( P ) = x(p ) x(p ) = x(p ). either P = O (yielding a contradiction by assumption); or 3P = O. Therefore, points of order 3 are points satisfying x(p ) = x(p ). So, by the Duplication Formula, we set x = x4 Ax 8Bx + A 4(x 3 + Ax + B) 4x(x 3 + Ax + B) = x 4 Ax 8Bx + A 4x 4 + 4Ax + 4Bx = x 4 Ax 8Bx + A 3x 4 + Ax 4Bx + A = 0...1 Finding the torsion subgroup Here, we state Mazur s Theorem to describe the rational torsion points on an elliptic curve and use the Nagell-Lutz Theorem to find some of these points. We begin by giving some important invariants of an elliptic curve. Definition..6. The discriminant of E, (E) (or just ) is (E) = 16(4A 3 + 7B ). Since we shall often want to talk of elliptic curves of this form, we establish the notation E N to denote the elliptic curve y = x 3 N x.

.. THE TORSION SUBGROUP 1 Example..7. The discriminant of E N is (E N ) = 16(4A 3 + 7B ) = 64N 6 Proposition..8. We have (E) 0 if and only if the roots of f(x) = x 3 + Ax + B are distinct. Proof. We can factor f over C, into Then, by lengthy calculations, f(x) = (x α 1 )(x α )(x α 3 ). = (α 1 α ) (α 1 α 3 ) (α α 3 ). Therefore, we can see that (E) 0 if and only if each of these three factors is non-zero; that is, if and only if α 1, α, α 3 are distinct. Since E being nonsingular is equivalent to E having three distinct roots, E is nonsingular if and only if (E) 0... The Nagell-Lutz Theorem In this subsection, we prove the Nagell-Lutz Theorem, a stronger version of which will allow us to calculate some of the points of finite order on elliptic curves. The results are based on Silverman and Tate [17], with examples from my workings of their exercises and the L-functions and Modular Forms Database (LMFDB) [14]. Lemma..9. Given a rational number q and a prime p, we can express q as q = m n pν for some integer ν, where hcf(m, n) = hcf(m, p) = hcf(n, p) = 1. We do not prove this here, as it is quite intuitive. Definition..10. Fixing a prime p, the order of a rational number is the integer ν in the number s expression in the form m n pν, where m, n Z such that m and n are coprime with p, n > 0 and m is in its lowest terms: n ( m ) ord n pν = ν.

CHAPTER. ELLIPTIC CURVES Proposition..11. Let p be a fixed prime, let R be the ring of rational numbers with denominator coprime to p and let E(p ν ) be the set of O together with the rational points (x, y) on E such that the denominator of x is divisible by p ν. Then 1. E(p) consists of O and all rational points (x, y) for which one of the denominators of x and y is divisible by p.. For every ν 1, E(p ν ) is a subgroup of E(Q). 3. The map such that T : E(p ν ) E(p ν ) pν R p 3ν R T : (x, y) x y is a one-to-one homomorphism. We define T (O) = (0, 0). Proof. (1) Let us consider a rational point P = (x, y) on E, where p divides the denominator of x, say x = m np µ y = u wp, σ where µ > 0, m, n, u, w, µ, σ Z and p does not divide m, n, u, w. Using this in the equation for an elliptic curve and putting things over a common denominator, we find u w p σ = m3 + Amn p µ + Bn 3 p 3µ n 3 p 3µ. Now p u and p w, so ( ) u ord = σ. w p σ Since µ > 0 and p m, it follows that p (m 3 + Amn p µ + Bn 3 p 3µ )

.. THE TORSION SUBGROUP 3 and hence ( ) m 3 + Amn p µ + Bn 3 p 3µ ord = 3µ. n 3 p 3µ Thus, σ = 3µ. In particular, σ > 0, and so p divides the denominator of y. Further, the relation σ = 3µ means that µ and 3 σ, so we have µ = ν and σ = 3ν for some integer ν > 0. Thus, if p appears in the denominator of either x or y, then it is in the denominator of both of them, and in this case the exact power is p ν in x and p 3ν in y for some positive integer ν > 0. Thus, we have proved (1). This suggests define E(p ν ) as in the statement of the proposition. In other words, E(p ν ) = {(x, y) E(Q) : ord(x) ν and ord(y) 3ν}. Obviously, we have inclusions E(Q) E(p) E(p ) E(p 3 )..., The inclusion of the identity element O in every E(p ν ) is by convention. In order to prove (), our objective is to show that if (x, y) is a point of finite order, then x and y are integers. We do this by showing that for every prime p, p doesn t divide the denominators of x and y. That is, we want to show that a point of finite order cannot lie in E(p). We start by proving that each of the sets E(p ν ) is a subgroup of E(Q). First, we change coordinates and move the point at infinity to a finite place. The identity element O on our curve is mapped to the origin (0, 0) in the (t, s) plane and, when y 0: t = x y s = 1 y. Then y = x 3 + Ax + B becomes s = t 3 + Ats + Bs 3 in the (t, s) plane. In the (t, s) plane we have all of the points in the old (x, y) plane except for the points where y = 0. We can visualise the situation in terms of these two views of the curve. The view in the (x, y) plane shows everything except O and the points of order. Ignoring these exceptions, there is a one-to-one correspondence between points on the curve in the (x, y) plane and points on the curve in the (t, s) plane.

4 CHAPTER. ELLIPTIC CURVES y t x s Further, a line y = λx + ν in the (x, y) plane corresponds to a line in the (t, s) plane. Namely, if we divide y = λx + ν by νy, we get 1 ν = λ x ν y + 1 y s = λ ν t + 1 ν. Thus, we can add points in the (t, s) plane by the same procedure as in the (x, y) plane. We want the explicit formula. It is convenient to look at the ring of all rational numbers with denominator coprime to p, which we denote R or R p. We see that R is a ring because, if α and β have denominators coprime to p, then the same is true of α ± β and αβ. We can also describe R by saying that it consists of zero together with all non-zero rational numbers x such that ord(x) 0. The ring R is a certain subring of the field of rational numbers, with unique factorisation and only one prime, p. The units of R are just the rational numbers of order zero, that is, numbers with numerator and denominator prime to p. We now consider the divisibility of our coordinates s, t by powers of p, particularly for points in E(p). Let (x, y) be a rational point of E in the (x, y) plane lying in E(p ν ), so we can write m x = for some i 0. Then y = np (ν+i) u wp 3(ν+i) t = x y = mw nu pν+i s = 1 y = w u p3(ν+i).

.. THE TORSION SUBGROUP 5 Thus, our point (t, s) is in E(p ν ) if and only if t p ν R and s p 3ν R. This says that p ν divides the numerator of t and p 3ν divides the numerator of s. To prove that the E(p ν ) s are subgroups, we have to add points and show that if a higher power of p divides the t-coordinate of two points, then the same power of p divides the t-coordinate of their sum. This is simply a question of noting the formulae. Let P 1 = (t 1, s 1 ) and P = (t, s ) be distinct points. If t 1 = t, then P 1 = P, so P 1 + P is certainly in E(p ν ). Assume now that t 1 t and let s = αt + β be the line through P 1 and P. The slope α is given by α = s s 1 t t 1. We can rewrite this as follows. The points (t 1, s 1 ) and (t, s ) satisfy the equation s = t 3 + Ats + Bs 3. Subtracting the equation for P 1 from the equation for P and factoring gives s s 1 = (t 3 t 3 1) + A(t s t 1 s 1) + B(s 3 s 3 1) = (t 3 t 3 1) + A[(t t 1 )s + t 1 (s s 1)] + B(s 3 s 3 1). We can now factor out (s s 1 ) and (t t 1 ) and express their ratio in terms of what is left. After some calculation, this yields: α = s s 1 t t 1 = t + t 1 t + t 1 + As 1 At 1 (s 1 + s ) B(s 1 + s 1 s + s ) (.1) This has given us the 1 in the denominator of α, so that the denominator of α will be a unit in R. Similarly, if P 1 = P, then the slope of the tangent line to E at P 1 is α = ds dt (P 1) 3t 1 + As 1 =. 1 At 1 s 1 3Bs 1

6 CHAPTER. ELLIPTIC CURVES t (t 3, s 3 ) (t, s ) s (t 1, s 1 ) Now this is the same slope we get by substituting t = t 1 and s = s 1 into the right-hand side of (.1). So we may use (.1) in all cases. Let P 3 = (t 3, s 3 ) be the third point of intersection of the line s = αt + β with the curve. To get the equation whose roots are t 1, t, t 3, we substitute αt + β for s in the equation of the curve: αt + β = t 3 + At(αt + β) + B(αt + β) 3. Multiplying this out and collecting powers of t gives 0 = (1 + Aα + Bα 3 )t 3 + (Aαβ + 3Bα β)t + lower order terms. The equation has roots t 1, t, t 3, so the right hand side equals c(t t 1 )(t t )(t t 3 ), for some constant c. Comparing the coefficients of t 3 and t, we find that the sum of the roots is t 1 + t + t 3 = Aαβ + 3Bα β 1 + Aα + Bα 3. We now have all the formulae we will need except for the trivial one β = s 1 αt 1, saying that the line goes through P 1. We now have a formula for t 3, so we can find P 1 + P by drawing the line through (t 3, s 3 ) and (0, 0) and taking the third intersection with the curve. It is clear from the equation of the curve that if (t, s) is on the curve, then so is ( t, s). So this third intersection is ( t 3, s 3 ). Examining the expression for α, we see that the numerator of α lies in p ν R, because t 1, s 1, t, s p ν R. For the same reason, the quantity At 1 (s +

.. THE TORSION SUBGROUP 7 s 1 ) B(s + s 1 s + s 1) is in p ν R, so the denominator of α is a unit of R (we now see the relevance of the 1 in the denominator). Thus, α p ν R. Next, since s 1 p 3ν R and α p ν R and t 1 p ν R, the formula β = s 1 αt 1 gives that β p 3ν R. We also see that the denominator 1 + Aα + Bα 3 of t 1 + t + t 3 is a unit in R. Looking at the expression for t 1 + t + t 3 given above, we have t 1 + t + t 3 p 3ν R. Because t 1, t p ν R, it follows that t 3 p ν R, and so also t 3 p ν R. This proves that if the t-coordinates of P 1 and P lie in p ν R then the t- coordinate of P 1 + P lies in p ν R. It is then clear that, if the t-coordinate of P lies in p ν R, the t-coordinate of P = ( t, s) also lies in p ν R. This shows that E(p ν ) is closed under addition and taking negatives and is hence a subgroup of E(Q) proving (). In fact, we have proven a stronger result, showing that if P 1, P E(p ν ), then T (P 1 ) + T (P ) T (P 1 + P ) p 3ν R. We can write this last formula a little more suggestively (noting that, although the + in P 1 + P is the addition on our cubic curve, the + in T (P 1 ) + T (P ) is addition in R, simply addition of rational numbers): T (P 1 + P ) T (P 1 ) + T (P ) (mod p 3ν R). (3) So the map P T (P ) is almost a homomorphism from E(p ν ) into the additive group of rational numbers, but for the fact that T (P 1 + P ) is not actually equal to T (P 1 ) + T (P ). However, we do get a homomorphism from by sending P to T (P ), and the kernel consists of all points P with T (P ) p 3ν R. Thus, the kernel is just E(p 3ν ), so we finally obtain a one-to-one homomorphism E(p ν ) to the quotient group pν R p 3ν R E(p ν ) E(p ν ) pν R p 3ν R such that T : (x, y) x y. It is straightforward to see that the quotient group pν R is a cyclic group of p 3ν R order p ν. Thus, the quotient group E(pν ) is a cyclic group of order E(p 3ν ) pσ for some 0 σ ν.

8 CHAPTER. ELLIPTIC CURVES Corollary..1. Let P = (x, y) Q Q with P O be a rational, finite order point. Then: 1. The subgroup E(p), for any prime p, contains precisely one point of finite order, O.. We have x, y Z. Proof. (1): Let P have finite order m. We know P O, so m 1. We take any prime p and aim to show that P / E(p). So suppose, for a contradiction, that P E(p). Now P may be contained in a smaller group E(p ν ), but cannot be in every group E(p ν ), because x s denominator cannot be divisible by arbitrarily large powers of p. So there is some ν > 0 such that P E(p ν ) but P / E(p ν+1 ). There are two cases: p m and p m. We first consider the case in which p m. We have the congruence T (P 1 + P ) T (P 1 ) + T (P ) (mod p 3ν R). Repeated application of this yields: T (mp ) mt (P ) (mod p 3ν R). Given that mp = O, T (mp ) = T (O) = 0. We also know that m is coprime with p, so m is a unit in R and 0 T (P ) (mod p 3ν R). Thus, P E(p 3ν ), which contradicts the assumption that p / E(p ν+1 ). We run the case where p m similarly. We let m = pn and consider the point P = np. As P has order m, P clearly has order p. We also have P E(p) and E(p) is a subgroup, so P E(p). We can therefore find some ν > 0 so that P E(p ν ) but P / E(p ν +1 ). So, as in the previous case, this yields 0 = T (O) = T (pp ) pt (P ) (mod p 3ν R). Thus, as in the previous case, T (P ) 0 (mod p 3ν 1 R). This contradicts P / E(p ν +1 ), as 3ν 1 ν + 1. (): Since P is a point of finite order, P / E(p) for all primes p. Therefore, the denominators of x and y are not divisible by any primes and x, y Z. Proposition..13. Let E : f(x) = x 3 + Ax + B be a polynomial. Then (f(x)) is in the ideal of Z[x] generated by f(x) and f (x). Proof. We have = 7B 4A 3 = (18Ax 7B)(x 3 + Ax + B) + ( 6Ax + 9Bx 4A )(3x + A) = (18Ax 7B)f(x) + ( 6Ax + 9Bx 4A )f (x).

.. THE TORSION SUBGROUP 9 Defining r(x) := 18Ax 7B s(x) := 6Ax + 9Bx 4A yields that the discriminant can be written in the form = r(x)f(x) + s(x)f (x), where r(x) and s(x) have integer coefficients. We use this to prove that if a point and its double both have integer coordinates, then y = 0 or y : Proposition..14. Suppose P = (x, y) is a point on the curve E such that both P and P have integer coordinates. Then either y = 0 or y. Proof. Suppose that y 0. Then P O. By assumption, x, y, x(p ), y(p ) Z. The duplication formula yields: x + x(p ) = λ A λ = f (x) y. Since x, x(p ) and A are integers, we can see that λ is as well, so that y f (x) and y f (x). Now = r(x)f(x) + s(x)f (x). The coefficients of r and s are integers and so r and s take integer values when x is an integer. Therefore, y divides. This has given us a method to find some of the torsion points on an elliptic curve, which is summed up in the following versions of the Nagell- Lutz Theorem. Theorem..15 (Nagell-Lutz Theorem). Let E be an elliptic curve with A, B Z. Let P = (x, y) be a rational point of finite order. Then x, y Z and either y = 0, in which case P has order, or y. Proof. By Corollary..1, we know that points of finite order have integer coordinates. If P has order, then y = 0, in which case we are done. So consider the case P O. We know P has finite order, and so integer coordinates. Then Proposition..14completes the proof.

30 CHAPTER. ELLIPTIC CURVES Theorem..16 (Stronger form of the Nagell-Lutz Theorem). Let E be an elliptic curve with A, B Z. Let P = (x, y) be a rational point of finite order with y 0. Then y. Proof. By Theorem..15, we have that y. But then, by Proposition..8, is a product of squares, so that, for any prime p 1 that divides, we also have p 1. So, since y, y and we have the result. Armed with this theorem, we can now find the rational points of finite order in a finite number of steps. We start by considering the finite number of y-values such that y and substituting each in turn into f(x). Since f(x) has integer coefficients and leading coefficient 1, any integer root will divide B. So there are only a finite number of things to check. Example..17 (Determining the points of finite order on an elliptic curve). We consider the curve E : y = x 3. Using the strong form of the Nagell- Lutz theorem, we consider integers y such that y : = 16.7B (A = 0) = 16.7.4 = 3 3. 6. So y = ±1, ±, ±3, ±4, ±6, ±8, ±1, ±4. We have one point of order 1: O. For points of order, y = 0, so x 3 =, which has no integer solutions and thus there are no points of order. We have: y = ±1 x 3 = 3 y = ± x 3 = 6 y = ±3 x 3 = 11 y = ±4 x 3 = 18 y = ±6 x 3 = 38 y = ±8 x 3 = 66 y = ±1 x 3 = 146 y = ±4 x 3 = 578. None of these yield integer points, so there are no more points of finite order on E.

.. THE TORSION SUBGROUP 31 So we can find torsion points for some elliptic curves. Remarkably, Mazur s Torsion Theorem (1977) [15] gives the exact possibilities for the torsion subgroup of an elliptic curve. Theorem..18 (Mazur s Torsion Theorem). E(Q) tors is either: 1. Z/MZ for 1 M 10 or M = 1 or. Z/Z Z/MZ for 1 M 4. The proof of Mazur s Theorem involves a study of group schemes and Néron models. As such, it is far beyond the scope of our work here. However, we can say something more specific about the torsion subgroup of E N : Example..19. For N a positive square-free integer, and E N (Q) tors = {(0 : 1 : 0), (0 : 0 : 1), (±N : 0 : 1)} For a proof, see Koblitz [1]. E N (Q) tors = Z/Z Z/Z. Example..0. We give an example of each possible torsion subgroup: Elliptic curve LMFDB label [14] torsion structure y = x 3 + x + 3 1976.a1 Z y = x 3 1 144.a3 Z/Z y = x 3 + 36 97.a Z/3Z y = x 3 174987x 8159866 15.a Z/Z Z/Z y = x 3 7x + 8694 15.a7 Z/4Z y = x 3 43x + 808 11.a3 Z/5Z y = x 3 178x + 19008 0.a3 Z/6Z y = x 3 3483x + 11014 6.b Z/7Z y = x 3 511x + 319734 4.a5 Z/8Z y = x 3 799387x 180779146 15.a5 Z/Z Z/4Z y = x 3 17739x + 105766 54.b Z/9Z y = x 3 58347x + 3954150 66.c3 Z/10Z y = x 3 157707x + 78888006 90.c7 Z/1Z y = x 3 4003x + 19670 30.a6 Z/Z Z/6Z y = x 3 1386747x + 368636886 10.e6 Z/Z Z/8Z

3 CHAPTER. ELLIPTIC CURVES.3 Mordell s Theorem The goal of this section is to prove Mordell s Theorem: Theorem.3.1 (Mordell s Theorem). The group E(Q) of rational points on an elliptic curve is a finitely generated abelian group. Now we already know that E(Q) is an abelian group from Proposition.1.5. The proof that it is finitely generated naturally splits into two parts: the first is working with a height function on E(Q) (for which we largely owe the exposition to Silverman and Tate) [17] and the second proving the Weak Mordell-Weil Theorem (predominantly based on [9]). Once we have reached the results needed in each of these two areas, we can bring them together in the final proof..3.1 Part 1: Height Definition.3.. The height of x = m Q, where m n n ( m ) H(x) = H n = max{ m, n } Z +. is in lowest terms, is: Proposition.3.3. For a fixed constant k Z +, the set {x Q : H(x) < k} is finite. Proof. We have: ( m ) H(x) = H < k n max{ m, n } < k m < k and n < k. So there are only finitely many possible values of m and n. Definition.3.4. The height of P = (x, y) E(Q) is H(P ) := H(x). Definition.3.5. The small h height of a point P on E is h(p ) := log H(P ) R\{0}.

.3. MORDELL S THEOREM 33 Definition.3.6. The height of O, the point at infinity, is defined as: Therefore: H(O) := 1. h(o) = logh(o) = log(1) = 0. Lemma.3.7. For each M R, {P E(Q) : h(p ) M} is finite. This is clear, since there are only finitely many choices for the x-coordinate (by Proposition.3.3) and there are only two possibilities of y-coordinate for each x-coordinate. Proposition.3.8. For P = (x, y) E(Q), x = m r and y = n r 3 for some m, n, r Z such that r > 0 and hcf(m, r) = hcf(n, r) = 1. Proof. Firstly, we suppose x = m and y = n in lowest terms such that M N M, N > 0. We need to prove that N = M 3, which we do in two parts: y = x 3 + Ax + B n N = m3 M + A m 3 M + B M 3 n = N m 3 + AN M m + BN M 3 (.) N RHS N M 3 n hcf(n, N) = 1 N M 3. For the reverse direction, we have M N m 3 by (.). Since hcf(m, M) = 1, we get M N. Substituting back into (.), we find M N m 3 M N M 3 N m 3 M 3 N. Therefore M 3 = N. Now we are required to prove that x = m r and y = n r 3. We have M N from the previous. So let r = N M, giving r = N M = M 3 M = M r 3 = N 3 M 3 = N 3 N = N.

34 CHAPTER. ELLIPTIC CURVES Proposition.3.9. There exists a constant κ > 0, depending on A, B, such that n κh(p ) 3. Proof. We start with ( m P = r, n ) H(P ) = max{ m, r } r 3 m H(P ) r H(P ). Now we know that P satisfies the equation of the curve. So, substituting in, multiplying by r 6 and using the triangle inequality yields n y = x 3 + Ax + B r = m3 6 r + Am 6 r + B n = m 3 + Amr 4 + Br 6 n m 3 + Ar 4 m + Br 6 H(P ) 3 + A H(P ) 3 + B H(P ) 3 Let κ = 1 + A + B n κ H(P ) 3 n κh(p ) 3. Remark.3.10. Let P 0 be a fixed rational point on E. For some finite number of P, we can consider the differences h(p + P 0 ) h(p ) and choose a κ 0 larger than the finite number of values yielded. This means that, in proving the existence of κ 0 in the next lemma, it is sufficient to prove that the inequality holds for all P in some fixed finite set. Lemma.3.11. For any fixed point P E(Q), there exists a constant κ 0 dependent on P 0, A, B such that for all P E(Q), h(p + P 0 ) h(p ) + κ 0. Proof. We shall prove the statement for P / {P 0, P 0, O} (which is sufficient by previous remark). This is trivial if P 0 = O. So suppose O P 0 = (x 0, y 0 ). Setting P + P 0 = (ξ, η) and using the formulae derived in Proposition.1.4 gives ξ + x + x 0 = λ where λ = y y 0 x x 0. Rearranging, multiplying out and

.3. MORDELL S THEOREM 35 using y x 3 = Ax + B yields: ξ = (y y 0) (x x 0 ) x x 0 = (y y 0) (x x 0 ) (x + x 0 ) (x x 0 ) = y y 0 y + y 0 (x + x 0 x 0 x)(x + x 0 ) x x 0 x + x 0 = y y 0 y + y 0 x 3 x 0 x x 0 x x 0 3 + x 0 x + x 0 x x x 0 x + x 0 = Ax + B + Ax 0 + B y 0 y x 0 x x 0 x + x 0 x + x 0 x x x 0 x + x 0 = Ax + Ax 0 + B y 0 y + x 0 x + x 0 x x x 0 x + x 0 = ( y 0)y + (x 0 )x + (A + x 0 )x + (Ax 0 + B). x + ( x 0 )x + (x 0 ) The specific constants here are irrelevant, so we just consider the equation ξ = c 1y + c x + c 3 x + c 4 x + c 5 x + c 6. We may assume c 1, c, c 3, c 4, c 5, c 6 Z: if they are not already, we can achieve this by multiplying the numerator and denominator of ξ by the lowest common denominator of c 1, c, c 3, c 4, c 5, c 6. Substituting in x = m, y = n and r r 3 multiplying numerator and denominator by r 4 gives: ξ = c 1nr + c m + c 3 mr + c 4 r 4 m + c 5 mr + c 6 r 4. Since the numerator and denominator are both integers, this is a rational number. It may not be in lowest terms but, if not, cancelling will reduce the

36 CHAPTER. ELLIPTIC CURVES height. Therefore, H(ξ) { c1 nr + c m + c 3 mr + c 4 r 4, m + c 5 mr + c 6 r 4 } c1 nr + c m + c 3 mr + c 4 r 4 c1 nr + c m + c3 mr + c4 r 4 r H(P ) 1 c 1 nh(p ) 1 + c m + c3 mh(p ) + c4 H(P ) n κh(p ) 3 c1 κh(p ) + c m + c3 mh(p ) + c4 H(P ) m H(P ) c1 κh(p ) + c H(P ) + c3 H(P ) + c4 H(P ) ( c 1 κ + c + c 3 + c 4 )H(P ). Similarly m + c 5 mr + c 6 r 4 m + c5 mr + c6 r 4 (1 + c 5 + c 6 )H(P ) H(P + P 0 ) = H(ξ) max{ c 1 κ + c + c 3 + c 4, 1 + c 5 + c 6 }H(P ) h(p + P 0 ) h(p ) + κ 0. Lemma.3.1. Suppose φ(x) and ψ(x) are polynomials with integer coefficients and no common roots, and let d be the maximum of their degrees. Then: 1. There is an integer R 1, dependent on φ and ψ, so that for any m Q, n ( ( m ) ( m )) hcf n d φ, n d ψ R n n. There exist constants κ 1, κ, dependent on φ and ψ, so that for any m n which is not a root of ψ: ( ( m ) ( φ m ) ) ( n m ) dh κ 1 h n ψ ( ) dh + κ m. n n Proof. (1) Preliminaries: Note Since φ and ψ have degree at most d, we have n d φ ( m n ), n d ψ ( m n ) Z.

.3. MORDELL S THEOREM 37 Note We have φ and ψ interchangeable, so we take deg(φ) = d and deg(ψ) = e d. So we now have: ( m ) n d φ = a 0 m d + a 1 m d 1 n +... + a d n d ( n m ) n d ψ = b 0 m e n d e + b 1 m e 1 n d e+1 +... + b e n d, n with a 0, b 0 0. Notation For brevity, we use: ( m ) Φ(m, n) := n d φ ( n m ) Ψ(m, n) := n d ψ. n Given that φ(x), ψ(x) have no common roots, they are coprime in Q[X]. So they generate the unit ideal and thus we can find polynomials F (X), G(X) with rational coefficients such that F (X)φ(X) + G(X)ψ(X) = 1. (.3) Let A be large enough that AF (X) and AG(X) have integer coefficients and let D be the maximum of the degrees of F and G (bearing in mind that A and D are independent of m and n). Now, substituting X = m into (.3) n and multiplying through by An D+d yields ( m ) ( m ) ( m ) ( m ) n D AF n d φ + n D AG n d ψ = An D+d, n n n n so that [ ( m )] [ ( m )] n D AF Φ(m, n) + n D AG Ψ(m, n) = An D+d. n n Now, defining γ := hcf(φ(m, n), Ψ(m, n)) gives γ An D+d, since each of the quantities in square brackets are integers. We want to show that γ divides one fixed number which is independent of n. So we aim to show that γ Aa D+d 0, where a 0 is the leading coefficient of φ(x). For this, we note that γ divides Φ(m, n) and so also divides An D+d 1 Φ(m, n) = Aa 0 m d n D+d 1 + Aa 1 m d 1 n D+d +... + Aa d n D+d 1. Every term other than the first on the right hand side contains An D+d (which γ divides) as a factor. So γ must divide the first term, Aa 0 m d n D+d 1 as