Elliptic Curves. Kenneth A. Ribet. PARC Forum October 17, UC Berkeley

Similar documents
Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

Modularity of Abelian Varieties

Math Topics in Algebra Course Notes: A Proof of Fermat s Last Theorem. Spring 2013

15 Elliptic curves and Fermat s last theorem

Elliptic Curves & Number Theory. R. Sujatha School of Mathematics TIFR

Number Theory Seminar Spring, 2018: Modularity

CONGRUENT NUMBERS AND ELLIPTIC CURVES

Introduction. Question 1

Fermat s Last Theorem for Regular Primes

Elementary Number Theory

ELLIPTIC CURVES BJORN POONEN

Elliptic curves and modularity

Exploring Number Theory via Diophantine Equations

Rational Points on Conics, and Local-Global Relations in Number Theory

Calculation and arithmetic significance of modular forms

Endomorphism algebras of semistable abelian varieties over Q of GL(2)-type

Outline of the Seminar Topics on elliptic curves Saarbrücken,

LECTURE 2 FRANZ LEMMERMEYER

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

= 5 2 and = 13 2 and = (1) = 10 2 and = 15 2 and = 25 2

Modular Arithmetic Instructor: Marizza Bailey Name:

Overview of the proof

SUMS OF SQUARES WUSHI GOLDRING

Elliptic Curves and the abc Conjecture

24/10/ Dr Ray Adams

Recent Work on Serre s Conjectures

CHMC: Finite Fields 9/23/17

Shi Feng Sheng Danny Wong

Workshop on Serre s Modularity Conjecture: the level one case

What is proof? Lesson 1

Mod p Galois representations attached to modular forms

Class groups and Galois representations

Proof of Beal s Conjecture

Logic and Mathematics. 1. Lecture

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

THE CONGRUENT NUMBER PROBLEM

An Intuitive Introduction to Motivic Homotopy Theory Vladimir Voevodsky

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

C.T.Chong National University of Singapore

Elliptic Curves: An Introduction

History of Mathematics

EULER S THEOREM KEITH CONRAD

Section 20: Arrow Diagrams on the Integers

Grade 11/12 Math Circles Congruent Number Problem Dr. Carmen Bruni October 28, 2015

Table of Contents. 2013, Pearson Education, Inc.

Tables of elliptic curves over number fields

Direct Proof and Counterexample I:Introduction

Direct Proof and Counterexample I:Introduction. Copyright Cengage Learning. All rights reserved.

A Proof of the Full Shimura-Taniyama-Weil Conjecture Is Announced

Introduction to Arithmetic Geometry

Hans Wenzl. 4f(x), 4x 3 + 4ax bx + 4c

Counting points on elliptic curves: Hasse s theorem and recent developments

A Classical Introduction to Modern Number Theory

Math 31 Lesson Plan. Day 2: Sets; Binary Operations. Elizabeth Gillaspy. September 23, 2011

Square-Triangular Numbers

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

MATH G9906 RESEARCH SEMINAR IN NUMBER THEORY (SPRING 2014) LECTURE 1 (FEBRUARY 7, 2014) ERIC URBAN

are essentially different? Imagine them as made out of string. No fidgeting with them (without cutting) can make them look identical!

A STUDY ON THE CONCEPT OF DIOPHANTINE EQUATIONS

Diophantine equations and beyond

Polynomial analogues of Ramanujan congruences for Han s hooklength formula

WHAT THIS BOOK IS ABOUT

5.4 Continuity: Preliminary Notions

Airo International Research Journal September, 2016 Volume VII, ISSN:

Beautiful Mathematics

Residual modular Galois representations: images and applications

Arithmetic Progressions Over Quadratic Fields

Elementary Introduction to the Langlands Program. III

6: Polynomials and Polynomial Functions

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

SOME AMAZING PROPERTIES OF THE FUNCTION f(x) = x 2 * David M. Goldschmidt University of California, Berkeley U.S.A.

AQA Level 2 Further mathematics Further algebra. Section 4: Proof and sequences

Errata List for Rational Points on Elliptic Curves by Joseph H. Silverman and John Tate Version 1.3a July 5, 1994; revised by JEC, 1998

approximation of the dimension. Therefore, we get the following corollary.

0. Introduction 1 0. INTRODUCTION

Elliptic Curves and Mordell s Theorem

Q 2.0.2: If it s 5:30pm now, what time will it be in 4753 hours? Q 2.0.3: Today is Wednesday. What day of the week will it be in one year from today?

Math 308 Midterm Answers and Comments July 18, Part A. Short answer questions

chapter 12 MORE MATRIX ALGEBRA 12.1 Systems of Linear Equations GOALS

Contest Number Theory

Fermat s Last Theorem

The complexity of Diophantine equations

Discrete Mathematics and Probability Theory Fall 2014 Anant Sahai Note 7

LECTURE 1. ZETA FUNCTIONS: AN OVERVIEW

Solving Cubic Equations: An Introduction to the Birch and Swinnerton-Dyer Conjecture

A Generalization of Wilson s Theorem

Grade 11/12 Math Circles Rational Points on an Elliptic Curves Dr. Carmen Bruni November 11, Lest We Forget

EXAMPLES OF MORDELL S EQUATION

The Arithmetic of Noncongruence Modular Forms. Winnie Li. Pennsylvania State University, U.S.A. and National Center for Theoretical Sciences, Taiwan

Balanced subgroups of the multiplicative group

1. multiplication is commutative and associative;

Pythagoras = $1 million problem. Ken Ono Emory University

this to include the explicit maps, please do so!

Review Sheet for the Final Exam of MATH Fall 2009

22. The Quadratic Sieve and Elliptic Curves. 22.a The Quadratic Sieve

UMASS AMHERST MATH 300 SP 05, F. HAJIR HOMEWORK 8: (EQUIVALENCE) RELATIONS AND PARTITIONS

Number Theory. Introduction

Number Theory, Algebra and Analysis. William Yslas Vélez Department of Mathematics University of Arizona

Elliptic Curves and Public Key Cryptography

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

Transcription:

UC Berkeley PARC Forum October 17, 2008

In talking about elliptic curves, one can do no better than to quote the Yale mathematician Serge Lang (1927 2005), who began one of his many monographs as follows: It is possible to write endlessly on elliptic curves. (This is not a threat.)

Although I have no intention of talking endlessly today, my goal is to recall how elliptic curves intervened in the proof of Fermat s Last Theorem to discuss some subsequent developments. Elliptic curves are initially cubic equations such as y 2 = x 3 + 1, y 2 = x 3 x, y 2 = x 3 + x. They become curves when we draw their graphs.

In antiquity, elliptic curves arose in connection with Diophantine problems. (Diophantus of Alexandria lived in the third century AD.) For a simple example, we might consider solutions to y 2 = x 3 + 1 when x and y are integers (or whole numbers). For x, y 0, there are the solutions 1 2 = 0 3 + 1 and 3 2 = 2 3 + 1. If we allow y to be negative, we get a few more solutions by flipping the sign of y. If we allow x to be negative as well, then we get the genuinely new solution 0 2 = ( 1) 3 + 1. Are there any more solutions with x and y integral? In turns out in fact that there are no other solutions even if we allow x and y to be fractions (rational numbers).

The embarrassing fact is that problems like this are still hard, even 1700 years after Diophantus. Indeed, if a and b are integers, it is nowadays not hard to figure out whether there are finitely many or infinitely many solutions to y 2 = x 3 + ax + b in rational numbers. However, the methods that are used do not yield an algorithm that decides between finite and infinite in a predictable amount of time.

Fortunately, a tremendous amount is known about the set of solutions to y 2 = x 3 + ax + b in rational numbers. A basic fact is that this set is actually an abelian group! To make up the group structure, it is necessary to add to the set of points one additional point the point at infinity. This point is the one extra point that we discover when we consider solutions to y 2 = x 3 + ax + b in the projective plane, not just in the regular (affine) plane. If one considers this extra point to be the 0-point of the abelian group, we get a group structure by declaring that three points P, Q and R sum to the 0-point whenever they are distinct and all lie on a straight line.

Equivalently, to get the sum M 3 of two distinct points M 1 and M 2, draw a line through them and find the three points where this line intersects the elliptic curve. Two of the three are M 1 and M 2 ; the third (P, in this diagram that I grabbed off the web) is (M 1 + M 2 ) in the group law.

The process of adding points together is called the chord and tangent process. Tangents arise if you add a point to itself: the chord connecting two close points on the curve becomes a tangent line in the limiting case when the points coalesce. A fundamental theorem of L. E. Mordell (1922) states that the group of rational points on an elliptic curve is finitely generated in the sense that there s a finite set of points P 1,..., P t such that each point on the curve with rational x and y can be gotten from this initial stock of points by repeated application of the geometric chord and tangent process. What we don t have is a finitely terminating algorithm that inputs rational numbers a and b and outputs points P 1,..., P t that generate all rational points on y 2 = x 3 + ax + b.

Perhaps because the group of rational points on an elliptic curve is so intractable, one is led to consider the easier problem is counting the number of solutions to equations y 2 = x 3 + ax + b modulo prime numbers. The idea is the following: We fix a and b and let p be a (varying) prime number. Instead of considering y 2 = x 3 + ax + b as a literal equation, we think of it as defining a congruence modulo p and ask for the number of solutions of this congruence. The number is finite because there are only a finite number of x and y modulo p. In fact, since there are only p possibilities for each of x and y, the number of solutions to the congruence is at most p p = p 2. (If we want to count the point at infinity, we should add 1 to get the total number of projective points.)

One might imagine that the number of solutions is close to p 2, but in fact a theorem of H. Hasse (c. 1937) states that the number is approximately p. If N p is the number of (affine) solutions to y 2 = x 3 + ax + b mod p, then we have N p p 2 p. It is traditional to define an error term a p by the equation N p = p a p, so that a p is an integer satisfying a p 2 p.

For an especially nice example, consider the elliptic curve y 2 = x 3 x and take p to be a prime number other than 2 or 3. We have p 3 5 7 11 13 17 19 23 29 31 37 41 a p 0 2 0 0 6 2 0 0 10 0 2 10. The table suggests that the error term is 0 for primes that are 3 mod 4 and is twice an odd number for the primes that are 1 mod 4.

The first observation can be explained by a relatively elementary argument. The second is explained by Gauss s beautiful formula for the error term a p when p is 1 mod 4. Such primes can be written r 2 + t 2 where r and t are positive integers; r and s are unique once we agree that r will be odd and s will be even. What Gauss showed is that a p = ±2r; the sign is determined by the requirement that ±r + s 1 should be divisible by 4. For example, 29 = 5 2 + 2 2, while 41 = 5 2 + 4 2. To make ±5 + 2 1 be divisible by 4, we take the minus sign; to make ±5 + 4 1 be divisible by 4, we take the plus sign.

That there s an explicit recipe for the error terms a p as p varies turns out to be an accident that can be traced to the extra symmetry of the equation y 2 = x 3 x. For random integers a and b, the elliptic curve y 2 = x 3 + ax + b has no symmetry and there is no explicit formula for the error terms a p. On the other hand, the link between elliptic curves and modular forms (established in the 1990s) provides an amazing far-reaching generalization of Gauss s formula.

The modularity of elliptic curves was first stated as a conjecture in the middle of the last century. There is some dispute as to the origin of the conjecture, but there is no doubt that Goro Shimura was one of the first people to understand that every elliptic curve would be linked to modular forms. Shimura s The Map of My Life was published several weeks ago. It s a slim volume that s about Shimura s early life in Japan and about his mathematical career in Princeton.

The proof that elliptic curves are modular was initiated in Andrew Wiles s 1995 Fermat article and completed (for a large class of curves) in the companion article by Taylor and Wiles.

Over the next several years, the class of elliptic curves for which modularity could be proved was enlarged in a series of articles that culminated in the 2001 article On the modularity of elliptic curves over Q : Wild 3-adic exercises by Christophe Breuil, Brian Conrad, Fred Diamond, and Richard Taylor.

The idea of modularity is that there is a stock of special complex functions modular forms that are defined in a branch of mathematics that might not seem to be related to number theory. The modular forms are described by formal power series (Fourier series) f = c 1 q + c 2 q 2 + c 3 q 3 + in which c 1 = 1 and the other coefficients are complex numbers. If it so happens that the cs are all integers, then there is an associated elliptic curve y 2 = x 3 + ax + b whose arithmetic is linked to f via the relation c p = a p for all prime numbers p. The conjecture, now a theorem, is that the process could be reversed: for each elliptic curve there is a form f so that the c p for f are the same numbers as the a p for the curve.

When we study elliptic curves, we often list them in order of their conductor, a positive integer whose divisors are the prime numbers p for which the equation defining the curve leads to a singularity mod p. For such p, a p cannot be defined by the rule that I explained, and there s an alternative definition that yields one of the three values 1, 0, +1 for a p. In any event, the smallest possible conductor is 11. For the curves with this conductor, the associated modular form is the infinite series obtained by expanding out the product q (1 q m ) 2 (1 q 11m ) 2. m=1 In this (rather special) case, the product can be viewed as yielding a formula for the a p, but the formula is different-looking from the formula that Gauss gave.

Before recalling the relation between modularity and Fermat s Last Theorem, we should pause to review the history of this result. The story starts with Pierre de Fermat s marginal note to the effect that a n + b n = c n has no solutions in non-zero integers a, b and c when n is an integer 2. This assertion was actually proved by Fermat himself for n = 4; Fermat proved that a fourth power plus a square can never be a fourth power, which is more than enough to prove what is wanted for n = 4.

In the 17th century, Euler treated the case n = 3 by a method that is recounted in many textbooks; see for example A Classical Introduction to Modern Number Theory by K. Ireland and M. Rosen. Both Fermat and Euler implicitly considered elliptic curves!

Once one knows the cases n = 4 and n = 3, one can concentrate on the case n = r, where r is a prime number 5. There is a well known false proof for this case that relies on the implicit assumption that cyclotomic integers (expressions involving e 2πi/r as well as ordinary integers) factor uniquely in the same way that ordinary whole numbers factor. Unique factorization is true only for primes < 23. Kummer set everyone straight by showing that a modified form of unique factorization is all we need and by giving a simple criterion to decide whether or not this weak unique factorization is true for r. It s true, for example, for all primes less than 37, but false if r = 37. We believe that it s true for about 67% of all primes, but no one knows how to prove this!

The modern subject of algebraic number theory grew out of attempts to prove FLT by modifications of Kummer s techniques. Two books by Paulo Ribenboim make good reading: one is his 13 Lectures on Fermat s Last Theorem and the other is Fermat s Last Theorem for Amateurs. It seems to be abundantly clear that the techniques of algebraic number theory alone are not sufficient to prove the Theorem, but people keep trying. I receive many manuscripts and e-mail messages from amateur mathematicians who believe that they have found direct proofs of FLT.

The proof that works the only one that we have so far arose as follows. If a r + b r = c r (where a, b and c are non-zero, and r is a prime 5), G. Frey promoted the idea that it should be possible to prove that no modular form could be associated with the elliptic curve y 2 = x(x a r )(x + b r ). After Frey s idea has circulated for some months, I proved (in 1986) that his idea was indeed correct. Once the modularity of elliptic curves was established, we had a proof of Fermat by contradiction: since a solution to Fermat s equation would give a non-modular elliptic curve, there are no solutions to Fermat s equation because there are no non-modular curves.

In the 15 years since the proof of FLT was completed (Fall, 1994), we have seen increasing generalizations of and applications of the modularity techniques that Taylor and Wiles pioneered in their article. As we stressed in the 1990s, what Taylor and Wiles did in their article was to link modular forms to Galois representations. Since elliptic curves are tightly associated with Galois representations, it is nearly a tautology that modular forms are linked with elliptic curves whenever they are linked with the Galois representations that one attaches to elliptic curves.

Basically, Galois representations are all about symmetry. When I thought about explaining things that way, I remembered that there s a book by Avner Ash and Rob Gross that attempts exactly this approach. Lots of books have been written about Fermat s Last Theorem. This one is written for a general reader and tries to do justice to the actual proof.

Maybe it s fruitful to give the general idea. We need to introduce some fields, systems of numbers that are closed under addition, subtraction, multiplication and division (by non-zero numbers). The set of rational numbers forms a field, Q. The set of complex numbers forms a field C. In between them is the field of algebraic numbers, Q. (A number is algebraic if it s a root of a a non-zero polynomial with rational coefficients.) The Galois group of Q is the group G of symmetries of the field Q. This group is infinite and fear-inducing. People study it by looking at finite images of G. In the old days (starting with Galois and running through the mid-20th century) people explored G by starting with a polynomial like x 4 3x 2 + 2x + 1 and looking at the smallest field that contains all the roots of the equation in Q. Taniyama, Shimura, Serre, Tate and others stressed the importance of considering objects other than polynomials things like elliptic curves.

If you take an elliptic curve and fix an auxiliary prime number l, you end up with a finite image of G inside a group of 2 2 matrices, whose entries are integers mod l. The association that yields a matrix for each symmetry in G is a Galois representation; it s the mod l representation attached to the curve. What is new is that you don t get finite images of G by starting with a polynomial and looking at its roots. Instead you start with an object coming from algebraic geometry and look at the symmetries of a finite set that s associated with the object. There s a famous 1967 article of Shimura that studies the mod l Galois representations attached to the elliptic curves of conductor 11 that I mentioned before.

The proof of Fermat s last theorem leverages the fact that the various numbers a p mod l are visible from the mod l Galois representation attached to an elliptic curve. If there s a modular form f whose prime-indexed coefficients agree with the a p mod l, we say that the representation is modular. When Wiles announced his proof in 1993, he had at his disposal at theorem of Langlands to the effect that the mod 3 Galois representations attached to elliptic curves are all modular. The Taylor Wiles article and its successors parlayed this input into the conclusion that elliptic curves are modular.

There s an increasingly sophisticated technology that enables one to prove that big things are modular if one knows that little pieces of the big things are modular. The buzzword for this technique is relative modularity ; relative modularity is an outgrown of Taylor Wiles. Amazingly, there s a companion technique that tends to prove that the little pieces are modular. I m thinking of the recent work by Khare and Wintenberger that establishes the modularity of mod l representations like those coming from elliptic curves. How do they do this you can t get something from nothing?! Their work builds very elaborate bridges from the initial starting point back to a representation that is known already to be modular. It s as is Langlands theorem about mod 3 representations is a sourdough starter that has enabled bakers around the world to make new bread.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback