Download The congruent number problem - Institut für Mathematik

INSTITUT FÜR MATHEMATIK
DER JULIUS–MAXIMILIANS–UNIVERSITÄT WÜRZBURG
The congruent number problem
and the conjecture of Birch and Swinnerton-Dyer
Masterarbeit
von
Eduard Göbl
Betreuer:
Zweitgutachter:
Abgabetermin:
Prof. Dr. Jörn Steuding, Julius–Maximilians–Universität Würzburg
Prof. Dr. Ernesto Girondo, Universidad Autónoma de Madrid
20. März 2015
Abstract
The purpose of this present thesis is to give a summary on the congruent number
problem and the connection of this ancient problem to rational points on elliptic
curves.
The first chapter explores this particular problem and outlines its historical development, involving especially the contributions of Pierre de Fermat.
In the following chapter, the reader is introduced to the theory of elliptic curves and
the astonishing group law of points on these special curves.
Furthermore, the third chapter highlights the conjecture of Birch and SwinnertonDyer, which leads to a conjectural solution to the congruent number problem.
This thesis concludes with a generalization of the congruent number problem by not
only considering right triangles over Q, but with sides over an algebraic number field.
The major objective of this study is to find pairs of congruent numbers over number
fields of degree 2 and 3.
i
Contents
Abstract
i
1. Preliminary
1
1.1. A thousand year old problem . . . . . . . . . . . . . . . . . . . . . .
2
1.2. Rational right triangles and Pythagorean triples
. . . . . . . . . . .
3
1.3. A second formulation: Arithmetic progressions of three squares . . .
6
1.4. History of the congruent number problem: From Diophantus to Fermat
8
1.5. A third formulation: Rational points on elliptic curves . . . . . . . .
2. Introduction to elliptic curves
14
18
2.1. The projective plane P G(2, F) . . . . . . . . . . . . . . . . . . . . . .
18
2.2. The affine plane AG(2, F) . . . . . . . . . . . . . . . . . . . . . . . .
19
2.3. Algebraic curves . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
2.4. Elliptic curves . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
29
2.5. The group law . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
2.6. Rational points on elliptic curves . . . . . . . . . . . . . . . . . . . .
40
3. The conjecture of Birch and Swinnerton-Dyer
45
3.1. Elliptic curves over finite fields . . . . . . . . . . . . . . . . . . . . .
45
3.2. The weak version – a first approach
. . . . . . . . . . . . . . . . . .
48
3.3. The Hasse-Weil L-function . . . . . . . . . . . . . . . . . . . . . . . .
51
3.4. Tunnell’s Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . .
54
4. A generalization of the congruent number problem
57
4.1. Number fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
57
4.2. Right triangles with algebraic sides . . . . . . . . . . . . . . . . . . .
58
4.3. Congruent numbers over real quadratic fields . . . . . . . . . . . . .
60
4.4. Congruent numbers over cubic fields . . . . . . . . . . . . . . . . . .
62
4.5. Pairs of congruent numbers . . . . . . . . . . . . . . . . . . . . . . .
64
4.5.1. Pairs of congruent numbers over quadratic fields . . . . . . .
65
4.5.2. Pairs of congruent numbers over cubic fields . . . . . . . . . .
67
4.6. Conclusion
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ii
70
Contents
Appendix
71
A.
Listings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
71
B.
Figures
73
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
List of Figures
76
List of Tables
77
List of algorithms and program code
78
Bibliography
80
Index
81
Eidesstattliche Erklärung
83
iii
1. Preliminary
“It is impossible for a cube to be written as a sum of two cubes, or a fourth
power to be written as the sum of two fourth powers, or, in general, for any
number which is a power greater than the second to be written as the sum of
two like powers. I have a truly marvelous demonstration of this proposition
which this margin is too narrow to contain.”
— Pierre de Fermat, Observations sur Diophante
The beauty of number theory lies in the fact that many of its well-known conjectures
can be easily stated and comprehended without having a solid background in mathematics, whereas their proof needs tools from many branches of higher and modern
mathematics.
One of the most widespread and best known examples for such a problem is directly
connected to the above given quotation from Fermat. While his claimed proof
probably never existed, it has been Andrew Wiles who proved Fermat’s Last
Theorem 358 years later. The fascinating part is that this was made possible by
using a rather new branch of mathematics – the theory of elliptic curves.
However, this thesis gives an insight into the the so called congruent number problem
that has been studied for over a thousand years by famous mathematicians and is
intimately connected to a Millennium Prize Problem stated by the Clay Mathematics Institute in the year 2000. Similar to the first example, we can use the
theory of elliptic curves to study this problem in all its details.
Although a proper definition of a congruent number will be given later, let us have
a brief introduction to the congruent number problem. Given a natural number n, it
is called to be congruent if it occurs as the area of a right triangle with rational sides.
The congruent number problem now asks for a criterion to decide whether or not
a given natural number n ∈ N is congruent. It was due to the efforts of Tunnell,
who was able to deliver a remarkable solution to this problem. Unfortunately, there
is still a catch, as this criterion only holds if a certain conjecture of Birch and
Swinnerton-Dyer is true. Thus, a possible last step to finally solve this everlasting
problem is to prove this famous and prize-winning hypothesis.
Hence, the aim of this thesis is to build a bridge between the ancient problem of
finding rational right triangles with certain area and the modern approach to this
1
1. Preliminary
geometrical problem by using the powerful tools that are gained by analyzing it in
the context of elliptic curves.
The next sections give the promised proper definition of a congruent number and
even more, an equivalent formulation that has been analyzed by Diophantus of
Alexandria in some special cases and later, in general, by Arabian mathematicians.
We will develop some basic propositions on congruent numbers and rephrase the
work that has been done on this topic by Fibonacci in the 13th and Fermat in
the 17th century. Following this, we will state a third equivalent formulation based
on rational points on special elliptic curves to finally close the gap between these
two approaches.
The solid ground of this paper is being built up in the second chapter. After a
brief introduction to projective geometry, algebraic curves and modular forms, we
can present the necessary theory of elliptic curves and finally study the previous
mentioned conjecture of Birch and Swinnerton-Dyer in the third chapter.
The fourth chapter rounds up this thesis and generalizes the problem by considering
congruent numbers that exist as the area of a right triangle with sides from certain
number fields as it has been done by Girondo et. al. in [GGDGJ+ 09]. We will see
that it is possible to analyze the conjecture of Birch and Swinnerton-Dyer not
only over Q, but also in this more general case and even more, give an explicit
construction for these triangles.
1.1. A thousand year old problem
As it was described in the beginning, we have to search for right triangles with
rational sides to check whether or not a given natural number is a congruent number.
To be more precise, we define a congruent number as follows.
Definition 1.1.1. A natural number n ∈ N is called a congruent number if there
exist a, b, c ∈ Q such that
(i) a2 + b2 = c2
and
1
(ii) n = ab .
2
The right triangle with area n ∈ N formed by the rational sides a, b and c is denoted
as triple (a, b, c).
Obviously, the first equation assures that the rational sides a, b, c ∈ Q form a right
triangle, while the second equation guarantees that the triangle has area n. Note that
it has has been tacitly adopted that the side c is the hypotenuse and the sides a and
b the legs of the right triangle. Even more, we can state the following proposition.
2
1. Preliminary
Proposition 1.1.1. There exists no congruent number n ∈ N with a, b, c ∈ Q such
that a = b.
Proof. Assuming that n ∈ N is a congruent number with a, b, c ∈ Q and a = b,
√
the first condition leads to a2 + a2 = 2a2 = c2 and thus c = 2a ∈
/ Q. This is a
contradiction to all three sides being rational.
This proposition helps us to sort the three rational sides according to their length
and hence, we can assume throughout this thesis without loss of generality that
a < b < c. Furthermore, we do not want to distinguish between right triangles
with same sides but different signs. Thus, if it is not explicit needed, we declare the
triangles (a, b, c), (−a, −b, c), (a, b, −c) and (−a, −b, −c) to be identical.
Before we start to take a closer look on the historical approach to the congruent
number problem, let us state another proposition that turns out to be useful when
it comes to decide whether or not a given natural numbers is a congruent number.
We will see that if n ∈ N is a congruent number, so is nr2 for any r ∈ N and
vice versa. Thus we can simplify the congruent number problem by considering only
squarefree natural numbers.
Proposition 1.1.2. Let be n, r ∈ N. Then n is a congruent number if and only if
nr2 is a congruent number.
Proof. Suppose n ∈ N is a congruent number and a, b, c ∈ Q the sides of the
corresponding right triangle satisfying a2 + b2 = c2 and
three sides by r ∈ N gives us
(ra)2 + (rb)2
=
(rc)2
and
1
2 ab
= n. Multiplying all
1
2 (ra)(rb)
= r2 n, respectively.
Thus ra, rb and rc are rational sides of a right triangle with area r2 n.
As we proved this by doing simple arithmetic, the proof of the other direction is
completely analogous.
In the next section we develop an algorithm for computing congruent numbers and,
following this, take a closer look on special cases of the congruent number problem.
This will finally yield the very first examples of congruent numbers to get a first
impression of this topic.
1.2. Rational right triangles and Pythagorean triples
While one deals with right triangles, Euclid’s formula for generating Pythagorean
triples comes naturally to mind. This connection can be used to conclude the abovementioned algorithm and compute a table of congruent numbers. To begin with, we
recall the definition of a Pythagorean triple.
3
1. Preliminary
Definition 1.2.1. A triple (x, y, z) with x, y, z ∈ N is called Pythagorean triple if
x2 + y 2 = z 2 . If in addition a Pythagorean triple satisfies gcd(x, y, z) = 1, it is said
to be primitive.
Thus, a Pythagorean triple defines a right triangle whose sides are integers. The
following theorem gives an explicit parametrization and by computing these triples,
we achieve the first examples for congruent numbers. A proof for this theorem can
be found for example in [Kos07, Theorem 13.1].
Theorem 1.2.1 (Euclid). Let x, y and z be positive integers where x is even. Then
(x, y, z) is a primitive Pythagorean triple if and only if there are relatively prime
integers i and j of different parity with j > i such that x = 2ij, y = j 2 − i2 and
z = j 2 + i2 .
Now, as we have a explicit parametrization of Pythagorean triples, we can compute
the very first examples for congruent numbers. Notice that a full implementation of
the following algorithm in Sage can be found in the appendix.
The underlying algorithm is, as one can imagine, very simple. For a given upper
bound k ∈ N, it generates tuples of natural numbers i, j ≤ k with gcd(i, j) = 1 and
of opposite parity. For every tuple generated this way, the algorithm now computes
the area of the right triangle obtained by the corresponding Pythagorean triple.
Algorithm 1.1: Generating congruent numbers
Input : k ∈ N
Output : C ⊂ N
1
2
3
4
5
6
7
8
9
10
C := ∅
for i ← 1 to k − 1 do
for j ← i + 1 to k do
if gcd(i, j) = 1 and
i 6≡ j mod 2 then
2
2
n = ij j − i
C := C ∪ {n}
end
end
end
return C
The following table lists the areas of the right triangles that are gained by using
Theorem 1.2.1 for appropriate i, j ≤ 6. As it was stated in Proposition 1.1.2, we can
remove the quadratic factors from these computed areas and thus, the last column
will in addition list the squarefree part of the respective congruent number.
First off, it will be observable that the congruent numbers created this way are not
ordered in any manner and in addition, they appear multiple times, e. g. the congruent number 210 appears as area of the right triangles (12, 35, 37) and (20, 21, 29).
4
1. Preliminary
Table 1.1.: Congruent numbers gained by using Theorem 1.2.1
i
1
1
1
2
2
3
4
5
j
2
4
6
3
5
4
5
6
(x, y, z)
(4, 3, 5)
(8, 15, 17)
(12, 35, 37)
(12, 5, 13)
(20, 21, 29)
(24, 7, 25)
(40, 9, 41)
(60, 11, 61)
n
6
60
210
30
210
84
180
330
Squarefree part
6
15
210
30
210
21
5
330
Although this method gives us a list of congruent numbers, it does not solve the
congruent number problem. Given any squarefree number n ∈ N, we would have to
search the list for an entry of the form s2 n with s ∈ N. Since one cannot tell if this
value will ever occur or predict how far down in the list it will appear for the first
time, it is impossible to decide whether or not n is a congruent number.
Nevertheless, this list gave us the veryfirstexamples for congruent numbers, e. g. the
area 5 of the right triangle
9 40 41
6, 6 , 6
3 20 41
2, 3 , 6
=
and 6 as the area of the corre-
sponding right triangle (3, 4, 5).
Figure 1.1.: Congruent numbers 5 and 6 and their corresponding triangles
Another, rather more complicated, example is the congruent number n = 157 as the
area of the right triangle that can be seen in Figure 1.2 below. This is the simplest
triangle for the congruent number 157 and was initially mentioned by Don Zagier
in his article [Zag90].
5
1. Preliminary
Figure 1.2.: Congruent number 157 and its corresponding triangle
1.3. A second formulation: Arithmetic progressions of three
squares
Let us now analyze the remaining numbers 1 to 4 and, in the course of this, have
a deeper insight into the work that has been done on this topic since ancient times.
For this, we state a second formulation of the congruent number problem, the so
called arithmetic progression of three squares.
Definition 1.3.1. Given three squares x2 , y 2 , z 2 of rational numbers x, y, z ∈ Q,
they are called to be in arithmetic progression if there exists a natural number n ∈ N
such that
(i) x2 = y 2 − n
and
(ii) z 2 = y 2 + n .
H Example 1.3.1
For instance, the three squares 12 = 1, 52 = 25 and 72 = 49 are in arithmetic
progression with common difference 24.
This example of a 3-term sequence of squares in arithmetic progression will be directly related to a congruent number we got to know earlier in this chapter. The
correspondence will be clear with the following proposition.
6
1. Preliminary
Proposition 1.3.1. A natural number n is a congruent number if and only if there
exists x ∈ Q such that (x − n, x, x + n) is an arithmetic progression of three squares.
Proof. Let n ∈ N be a congruent number and a, b, c ∈ Q the sides of the corresponding right triangle of area n, i. e. a2 + b2 = c2 and
a2
+
b2
=
c2
1
2 ab
= n. Adding 4n to
on both sides or subtracting 4n from both sides leads to
1
a2 + b2 ± 4 · ab = c2 ± 4n ,
2
which can be written as a2 ± 2ab + b2 = c2 ± 4n. Applying the Binomial Theorem
to the left side gives us (a ± b)2 = c2 ± 4n and after dividing both sides by 4, we
ultimately see
Thus, x :=
c 2
2
a±b
2
as well as x−n =
2
a−b
2
=
2
2
c
2
± n.
and x+n =
a+b
2
2
are squares of rational
numbers and hence, (x − n, x, x + n) is an arithmetic progression of three squares.
Conversely, let x ∈ Q be a square such that (x − n, x, x + n) is an arithmetic progres√
√
√
√
sion of three squares. Then, by setting a := x + n− x − n, b := x + n+ x − n
√
and c := 2 x we see that a < b < c. Moreover, it follows that
√
√
√
1 √
1
1
ab = ( x + n − x − n)( x + n + x − n) = (x + n − x + n)
2
2
2
=n
and
√
√
√
√
a2 + b2 = ( x + n − x − n)2 + ( x + n + x − n)2
√
√
√
√
= (x + n − 2 x + n x − n + x − n) + (x + n + 2 x + n x − n + x − n)
= 4x = c2 .
Thus, the rationals a :=
√
√
√
√
√
x + n − x − n, b := x + n + x − n and c := 2 x do
indeed define a right triangle with area n.
Corollary 1.3.1. There is a one-to-one correspondence between the set of arithmetic
progressions (x − n, x, x + n) of three squares and the set of rational right triangles
(a, b, c). It is given by
a−b
2
2 2 !
c
a+b 2
,
,
(a, b, c) 7→
2
2
√
√
√
√
√ x + n − x − n, x + n + x − n, 2 x .
(x − n, x, x + n) 7→
7
1. Preliminary
Proof. Given an arbitrary right triangle(a, b, c) with rational sides a, b, c ∈ Q, it
2
a+b 2
a−b
c 2
is mapped to the arithmetic progression
of three squares.
, 2 , 2
2
This in turn is mapped back to
triangle we started with initially.
a+b
2
−
a−b
2
, a+b
2 +
a−b
2
,2 ·
c
2
= (a, b, c), the
Similarly, starting with an arithmetic progression (x − n, x, x + n) of three squares,
√
√
√
√
√ it is mapped to the right triangle
x + n − x − n, x + n + x − n, 2 x . This
in turn is mapped back to (x − n, x, x + n), as one can easily verify.
Hence, the given mappings are inverse to each other and thus, the correspondence
is one-to-one.
H Example 1.3.2
Let us recall the previous given example (1, 25, 49) for an arithmetic progression
of three squares. Using Corollary 1.3.1, we obtain a right triangle with sides
√
√
√
√
√
a = 49 − 1 = 6, b = 49 + 1 = 8 and c = 2 25 = 10. Its area is given
by n =
1
2
· 6 · 8 = 24 and after taking out the quadratic factor 4 out of n, we
ultimately meet a well-known example for a congruent number.
1.4. History of the congruent number problem: From
Diophantus to Fermat
As it was stated before, this formulation has been known to Diophantus of
Alexandria in some special cases. An example for this is the 19th problem1 in
book III and the 7th problem2 in book V of his famous work “Arithmetica”:
“19. To find four numbers such that the square of their sum plus or minus
(cf. [Hea10, p. 166])
any one singly gives a square.”
“7. To find three numbers such that the square of any one ± the sum of
(cf. [Hea10, p. 205])
the three gives a square.”
The first systematic research on congruent numbers can be found in an anonymous
Arab manuscript that is dated before 972 A.D. and has been translated into French
language by Woepcke. The anonymous author knew the one-to-one-correspondence
that was given in Proposition 1.3.1, but he preferred the second formulation in the
sense of a 3-term arithmetic progression of squares:
Note that Gustav Wertheim denotes this problem in his German translation [Wer90] that bases
on Bachet’s version of the Arithmetica as the 22nd problem in book III.
2
In this case, this problem is denoted as the 9th problem in book V.
1
8
1. Preliminary
“L’auteur énonce ici en termes explicites le probléme des nombres congruents, c’est à dire le probléme de satisfaire simultanément aux deux
équations indéterminées
1) s2 + k = u2 ,
2) s2 − k = r2
(cf. [Woe61, p. 22])
k étant un nombre donné.”
Although Diophantus solved the two equations (x1 + x2 + x3 + x4 )2 ± xi = and
respectively x2i ± (x1 + x2 + x3 ) = , Woepcke found no indication that the Arab
mathematicians knew Diophantus’ work prior to the translation by Aboul Wafâ
(† 998). Following Dickson in [Dic20, Chap. XVI], the origin of the Arab work on
this topic may be traced back to the Hindu mathematicians, who were familiar to
Diophantine analysis.
In the above mentioned anonymous Arab manuscript, Woepcke also found the very
first table of the following 29 computed congruent numbers:
“La septième colonne est celle qui contient les nombres congruents. En
appelant nombres congruents primitifs les nombres congruents débarrassés des tous leurs facteurs quadratiques, on trouve que la table de l’auteur
arabe contient les nombres congruents primitifs suivants:”
5
6
14
15
21
30
34
65
70
110
154
210
221
231
286
330
390
429
546
1155
1254
1785
1995
2730
3570
4290
5610
7854
10374
(cf. [Woe61, p. 27])
The trace of the congruent number problem to European mathematicians reveals two
significant paths. Following again [Dic20, p. 460], it was Fibonacci who mentioned
the problem around 1220. It was proposed to him by John of Palermo to find a
square which when either increased or decreased by 5 gives a square.
“After being brought to Pisa by Master Dominick to the feet of your
celestial majesty, most glorious prince, Lord F., I met Master John of
Palermo; he proposed to me a question that had occurred to him, pertaining not less to geometry than to arithmetic: find a square number from
which, when five is added or subtracted, always arises a square number.
Beyond this question, the solutions of which I have already found, I saw,
upon reflection, that this solution itself and many others have origin in
the squares and the numbers which fall between the squares.”
(cf. [Sig87, p. 3])
9
1. Preliminary
Although Fibonacci had access to material from Arabic language sources, he was
not familiar with the earlier Arab work on arithmetic progressions of three squares, as
this special problem has been already solved in the previous mentioned manuscript.
Moreover, he did not observe the equivalence of this problem to one of finding
Pythagorean triples, other than the anonymous Arab author hundred of years before.
“In his history Number Theory, Mr. Weil points out that the problem can
be reduced to one of finding Pythagorean triples, but there is no indication
that Leonardo made this observation.”
(cf. [Sig87, p. 80])
Fibonacci generalized the question and devoted it to his publication Liber Quadratorum, which was translated by Sigler in [Sig87]. It was Fibonacci, who introduced
the term congruous, i. e. an integer of the form
ab(a + b)(a − b) if the factor (a + b) is even
or
4ab(a + b)(a − b) if the factor (a + b) is odd.
In the 14th Proposition of Liber Quadratorum, he searched for numbers “which
added to a square number and subtracted from a square number yields always a
square number” and after observing that the system x2 + c = y 2 and y 2 + c = z 2 has
integer solutions only if c is congruous, he named this common difference between
the three squares likewise congruous, which means “agreeing, according” in Latin.
Thus, the origin of the nowadays common term congruent number can be traced
back to the influence of Fibonacci.
Like the anonymous Arab author, he gave a list of 52 congruent numbers, but of
which only 14 are squarefree and most of them already have been listed in the Arab
manuscript. Even more, he suggested that 1 can not be a congruent number since
no perfect square can be a congruous number, but was never able to give a proof for
this.
This is where the second trace of the congruent number problem comes to light. It
was Fermat in the 17th century who examined Bachet’s translation of Diophantus’ Arithmetica and especially the 20th problem “to find a right-angled triangle
such that its area is equal to a given number” in the appendix added by the translator. He developed a special method, called the method of infinite descent, to finally
prove that 1 is not a congruent number.
“The area of a right-angled triangle the sides of which are rational numbers cannot be a square. This proposition, which is my own discovery, I
have at length succeeded in proving, though not without much labour and
hard thinking.
10
1. Preliminary
I give the proof here, as this method will enable extraordinary developments to be made in the theory of numbers.
If the area of a right-angled triangle were a square, there would exist two
biquadrates the difference of which would be a square number. Consequently there would exist two square numbers the sum and difference of
which would both be squares. Therefore we should have a square number
which would be equal to the sum of a square and the double of another
square, while the squares of which this sum is made up would themselves
[i. e. taken once each] have a square number for their sum. But if a square
is made up of a square and the double of another square, its side, as I can
very easily prove, is also similarly made up of a square and the double
of another square. From this we conclude that the said side is the sum
of the sides about the right angle in a right-angled triangle, and that the
simple square contained in the sum is the base and the double of the other
square the perpendicular.
This right-angled triangle will thus be formed from two squares, the sum
and the difference of which will be squares. But both these squares can be
shown to be smaller than the squares originally assumed to be such that
both their sum and their difference are squares. Thus, if there exist two
squares such that their sum and difference are both squares, there will also
exist two other integer squares which have the same property but have a
smaller sum. By the same reasoning we find a sum still smaller than that
last found, and we can go on ad infinitum finding integer square numbers
smaller and smaller which have the same property. This is, however,
impossible because there cannot be an infinite series of numbers smaller
than any given integer we please. — The margin is too small to enable
me to give the proof completely and with all detail.”
(cf. [Hea10, p. 293])
Although, to quote Weil, “Fortunately, just for once, he had found room for this
mystery in the margin of the very last proposition of Diophantus” [Wei83, p. 77],
Fermat only wrote down an incomplete sketch of his proof. The next theorem
therefore directly follows his original idea and rephrases it in a rigorous and modern
way.
Theorem 1.4.1 (Fermat). The area of a rational right-angled triangle cannot be
a square.
Proof. To prove the above given theorem, we assume that there exists a rational
right triangle whose area is a square. Following this, we shall construct another
11
1. Preliminary
corresponding right triangle having a hypotenuse of shorter length. By the method
of infinite descent, we will finally obtain a contradiction to our assumption.
Given a right triangle with sides a, b, c ∈ N and area d2 , we can assume without
loss of generality that the sides a and b are relatively prime. If the two sides a and
b are not relatively prime, there exists a g ∈ N with g = gcd(a, b) 6= 1. Because of
a2 + b2 = (ga′ )2 + (gb′ )2 = g 2 (a′2 + b′2 ) = c2 and ab = g 2 a′ b′ = 2d2 , we have g 2 |c2
and g 2 |2d2 . Thus, the common divisor g of a and b must also divide c and, as g 2
can not divide 2, it must also divide d. Therefore, we can
divide a, b and c by g to
2
d
obtain a right triangle with area equal to the square g . Repeating this with all
common divisors of a and b, we finally get a right triangle whose area is a square,
so that a and b are relatively prime.
Now, as a and b are relatively prime with ab = 2d2 , either a or b, but not both, must
be even. Without loss of generality, we assume that a is even and b is odd. If not, as
a and b are symmetric, one could simply change the roles of these two sides.
By Theorem 1.2.1, we can now find a corresponding primitive Pythagorean triple,
i. e. there are relatively prime i and j of opposite parity with j > i such that
a = 2ij,
b = j 2 − i2 ,
c = j 2 + i2
and d2 = ij(j + i)(j − i) .
Since i and j are relatively prime, all the factors of the square d2 = ij(j + i)(j − i)
must be pairwise relatively prime and it follows that each of the factors of d2 must
be also a square.
Thus, we can find x, y, u, v ∈ N with
i = x2 ,
j = y2,
j + i = u2
and j − i = v 2 ,
so that u and v are relatively prime and odd, the latter statement follows from i and
j being of opposite parity.
Because of u2 = j + i = j − i + 2i = v 2 + 2x2 or, equivalently, 2x2 = u2 − v 2 =
(u − v)(u + v) we see that the greatest common divisor of the two factors (u − v)
and (u + v) must be 2. Hence, one of the factors u − v and u + v can be written as
2r2 and the other as t2 for appropriate integers r and t, the latter being even.
It follows that 2u = u + v + u − v = 2r2 + t2 and thus, there exists s ∈ N such that
t2 = 4s2 and u = r2 +2s2 . Similarly, it follows from 2v = u+v −(u−v) = ±(2r2 −t2 )
that we can write v as ±(r2 − 2s2 ), whereas the sign of v depends on which of the
factors of 2x2 can be written as 2r2 .
Finally, following from x2 = a = 12 (a + b) + (a − b) =
obtain a rational right triangle (2s2 , r2 , x) whose area
12
1
2
1
2
u2 + v 2 = r4 + 4s4 , we
· 2s2 · r2 = (sr)2 is a square.
1. Preliminary
The hypotenuse x of the second triangle is smaller than the hypotenuse c = j 2 +i2 =
y 4 + x4 of the first triangle and by repeating the whole procedure infinite times, we
get an infinite series of triangles with diminishing hypotenuses and areas equal to
a square. As this is not possible for positive integers, we get a contradiction to our
assumption that there exists a rational right triangle whose area is a square.
This proof hides another very interesting point that is directly connected to the very
first quotation from Fermat in the beginning of this thesis. It can be easily deduced
from above that the equation x4 − y 4 = z 2 has no positive integer solutions or, to
speak in the words of Fermat that “the difference of two biquadrates cannot be a
square number”. As z 4 − x4 = (y 2 )2 is equivalent to x4 + y 4 = z 4 , we unwittingly
proved Fermat’s Last Theorem for the special case n = 4.
As a direct consequence of the above stated theorem, we can answer the question
whether or not 1 is a congruent number as follows:
Corollary 1.4.1. 1 is not a congruent number.
Proof. If 1 would be a congruent number, so would be any perfect square r2 with
r ∈ N as consequence of Proposition 1.1.2. This is a contradiction to Theorem 1.4.1
and thus, 1 is not a congruent number.
The method of infinite descent is also qualified to prove that 2 and 3 are not congruent numbers, which has been also known to Fermat. The proof for 2 is more or
less similar to the proof for 1, whereas the proof for 3 is very harsh, as one has to
distinguish between several cases. Both arguments can be found in [SS07, Theorem
8.5] and in [SS07, Theorem 8.8], respectively.
We have now decided for almost every single-digit number whether or not it is a
congruent number. Fermat proved that 1, 2 and 3 are not. Moreover, 4 and 9
are perfect squares and thus, cannot be congruent numbers either. Since 8 = 22 · 2
includes the quadratic factor 22 and the remaining factor 2 is not a congruent number,
the number 8 is neither a congruent number. For 5 and 6, we already computed
corresponding right triangles.
Before we step into the next section and take a great leap into the 20th century,
the next figure shows, as a reward for the interested reader, a right triangle with
rational sides and area 7.
13
1. Preliminary
Figure 1.3.: Congruent number 7 and its corresponding triangle
1.5. A third formulation: Rational points on elliptic curves
Let us, just for the moment, generalize the two equations a2 + b2 = c2 and 12 ab = n
for arbitrary a, b, c ∈ R and fixed n ∈ R. Each of the above given equations defines
a surface in R3 and, as one can image, they intersect in a particular curve that is of
our interest. The Figure B.1 in the appendix visualizes the two surfaces and their
intersection for the well-known example n = 6.
Following [Con08], we can calculate this particular curve and after making some
minor adjustments, we finally are able to derive a third formulation of the congruent
number problem.
Proposition 1.5.1. A natural number n is a congruent number if and only if there
exists a point (x, y) ∈ Q2 with y 6= 0 on the curve Y 2 = X 3 − n2 X.
Proof. Suppose n ∈ N is a congruent number with sides a, b, c ∈ Q of a corre-
sponding right triangle. Setting c := a + t for appropriate t ∈ Q, the first equation
a2 + b2 = c2 can be rewritten as a2 + b2 = (a + t)2 and after applying the Binomial Theorem to the right side, we obtain a2 + b2 = a2 + 2at + t2 or, equivalently,
2at = b2 − t2 .
Since n is a natural number, ab = 2n 6= 0 and thus, neither a nor b are zero. As we
can now divide by b, the second equation can be rewritten as a =
the previous equation, we obtain
if we multiply both sides by b.
4nt
b
=
b2
−
14
t2 ,
2n
b .
Together with
which is the same as 4nt = b3 − t2 b
1. Preliminary
As a = c is not possible for a right triangle, t is not zero. Thus, we can divide without
any concern by t3 and after multiplying by n3 , we finally obtain the desired equation
of our interest
4n4
t2
=
b3
t3
− bt , which is the same as
2n2
t
By setting x :=
2
Y =
X3
−
nb
c−a
and y :=
!2
=
2n2
c−a ,
nb
t
3
− n2
nb
t
.
we have found a rational point on the curve
n2 X.
Conversely, let be x, y ∈ Q with y 6= 0 such that y 2 = x3 − n2 x. Since y 6= 0, we can
set a :=
x2 −n2
y ,
b :=
2nx
y
and c :=
x2 +n2
y
to obtain
2nx x2 − n2
2nx3 − 2n3 x
2n x3 − n2 x
2ny 2
1
ab =
)
=
=
=
=n
2
2y 2
2y 2
2y 2
2y 2
and
2
x2 − n2
y
2
a +b =
!2
+
2nx
y
2
=
x2 − n2
2
+ 4n2 x2
y2
x4 − 2x2 n2 + n4 + 4n2 x2
x2 + n2
=
=
y2
y2
2
= c2 .
Again, as it was the case with the second formulation of the congruent number
problem, we can define a one-to-one correspondence between right triangles with
rational sides and rational points on a specific curve.
Corollary 1.5.1. For n ∈ N, there is a one-to-one correspondence between the set
of rational points (x, y) ∈ Q2 with y 6= 0 on the curve Y 2 = X 3 − n2 X and the set
of rational right triangles (a, b, c). It is given by
(a, b, c) 7→
(x, y) 7→
nb
2n2
,
c−a c−a
!
x2 − n2 2nx x2 + n2
,
,
y
y
y
!
.
Proof. Similarly, as it has been done in the proof of Corollary 1.3.1, it can be easily
verified that every right triangle (a, b, c) with given area n is mapped back to (a, b, c)
and conversely, every rational point (x, y) with y 6= 0 on the curve Y 2 = X 3 − n2 X
is mapped back to (x, y).
15
1. Preliminary
Before we proceed with the second chapter where the necessary theory of algebraic
curves and in particular of elliptic curves is build up, let us do some more calculations
to motivate one of the most powerful advantage of this third point of view on the
congruent number problem. This is basically inspired from the work that has been
done in [Con08, pp. 7 - 9].
For this, although we do not want to distinguish between the ordering and the sign
of the sides in a right triangle (a, b, c), we shall now analyze how the eight possibilities (a, b, c), (−a, −b, c), (a, b, −c), (−a, −b, −c), (b, a, c), (−b, −a, c), (b, a, −c) and
(−b, −a, −c) of the same right triangle are corresponding to rational points on the
curve Y 2 = X 3 − n2 X and, which is of our interest, how this can be interpreted
geometrically.
Suppose that n is a congruent number with associated rational right triangle (a, b, c).
Then,
by Corollary 1.5.1, this triangle corresponds to the rational point (x, y) =
nb 2n2
2
3
2
c−a , c−a on the curve Y = X − n X. Obviously, the triangle (a, b, −c) satisfies
again
Corollary 1.5.1,
the equation a2 + b2 = (−c)2 , hasarea 12 ab = n and following
2n2 ·(c−a)
nb·(c−a)
c−a
2n2
c−a
nb
it is mapped to −c−a , −c−a = − (c+a)(c−a) , − (c−a)(c+a) = −x · c+a
, −y · c+a
.
Since c =
n2
x2
x2 +n2
y
and a =
x2 −n2
y
by Corollary 1.5.1, we have
c−a
c+a
=
y·(x2 +n2 −x2 +n2 )
y·(x2 +n2 +x2 −n2 )
=
and thus, the rational right triangle (a, b, −c) corresponds to the rational point
2
2
− nx , − nx2y
.
Applying the calculation above to the remaining six variations of (a, b, c), we finally
obtain the following table.
Table 1.2.: Corollary 1.5.1 regarding sign and ordering changes
Right Triangle
(a, b, c)
(−a, −b, −c)
(−a, −b, c)
(a, b, −c)
(b, a, c)
(−b, −a, −c)
(−b, −a, c)
(b, a, −c)
Rational Point on y 2 = x3 − n2 x
(x, y)
(x,
2 −y)
2
− nx , nx2y
2
2
− nx , − nx2y
n(x+n) 2n2 y
,
(x−n) (x−n)2 2 n(x+n)
2n y
, − (x−n)
2
(x−n)
n(x−n) 2n2 y
− (x+n) , (x+n)2
2n2 y
− n(x−n)
(x+n) , − (x+n)2
Note that is not possible for two points from the above given table to be identical,
since this would imply y = 0. Hence, the eight different right triangles correspond
to eight different rational points on the curve Y 2 = X 3 − n2 X.
As we have now calculated how every variation of (a, b, c) corresponds to rational
points on the curve Y 2 = X 3 − n2 X, we are ready to illustrate this for the congruent
number n = 6.
16
1. Preliminary
Notice, that in the following figure the relevant points on the curve are labeled with
their corresponding right triangle.
Figure 1.4.: Corollary 1.5.1 regarding sign and ordering changes for n = 6
One can observe two decisive properties of the rational points on the curve. Firstly,
consider a given variation of the right triangle (a, b, c), e. g. (a, b, −c). Changing all
signs simultaneously yields the right triangle (−a, −b, c). Regarding the corresponding rational points on the particular curve, the latter point is obtained by reflecting
the first point across the y-axis.
Moreover, any two rational points that come from a variation of (a, b, c) lie on a
straight line through these points and in addition, through a third point with y = 0
and x ∈ {0, n, −n}. In other words, by drawing a straight line through a rational
point on the given curve and a point on the x-axis with x ∈ {0, n, −n}, one obtains
a third point that corresponds to a variation of the right triangle we initially started
with.
As we will see in the next chapter, these two observations lead to an astonishing
effect on the arithmetic of elliptic curves. The geometrical constructions are not
only possible for our special elliptic curve Y 2 = X 3 − n2 X, but for any elliptic
curve and we can define an additive group law for the set of rational points on these
curves.
17
2. Introduction to elliptic curves
“Doughnuts. Is there anything they can’t do?”
— Homer Simpson
The next sections summarize the necessary prerequisites for the further understanding of this thesis’ main part. After a brief introduction to projective geometry, we
study algebraic curves in general and the definition of elliptic curves in particular.
Finally, by introducing lattices and the Weierstrass ℘-function, we are able to define
the previously hinted group structure of the set of points on an elliptic curve.
2.1. The projective plane P G(2, F)
The following definitions and propositions are adopted from [KK10, Chap. 13] and
give us the necessary insight into the subject of projective geometry. However, we
do not give the proofs here.
Definition 2.1.1. Let P be a set, called the set of points and G a set of subsets of
P, called the set of lines. The pair (P, G) is called a projective plane if the following
three conditions are satisfied.
(P1) Given any two distinct points P, Q ∈ P, there exists exactly one line G ∈ G
with P, Q ∈ G.
(P2) Given any two distinct lines G, H ∈ G, there exists exactly one point P ∈ G∩H
lying on both lines.
(P3) There are at least four distinct points P, Q, R, S ∈ P of which no three lie on
a line, i. e. |{P, Q, R, S} ∩ G| ≤ 2 for all G ∈ G.
The most notable property is the second one, as this guarantees that there are no
parallel lines in a projective plane. We use this to construct a projective plane in
which all lines intersect with exactly one designated line – the so called line at
infinity.
18
2. Introduction to elliptic curves
Let F be an arbitrary field and F3 the three-dimensional vector space over F. To
finally introduce the projective plane P G(2, F), we need to define the following relation. Thus, for p, q ∈ F3 \ {0}, the point p is related the point q if they lie on the
same line through the origin, i. e.
p ∼ q :⇔ ∃λ ∈ F \ {0} with λp = q .
As one can easily prove, the above given relation is indeed an equivalent relation
and thus, we can define the equivalence class [p] of a point p = (p1 , p2 , p3 ) ∈ F3 .
The equivalence class [p] shall be written as (p1 : p2 : p3 ) and we call this triple the
homogeneous coordinates of the point p.
We now define the the set P of points of the projective plane P G(2, F) as the quotient
set of F3 \ {0} by the equivalent relation ∼, i. e.
n
o
P := F3 \ {0} / ∼ = [p] : p ∈ F3 \ {0} .
For any two distinct points P := [p] and Q := [q], the line P Q through P and Q is
given by
P Q = {[λp + µq] : λ, µ ∈ F, (λ, µ) 6= (0, 0)} .
The set G of lines of the projective plane P G(2, F) is simply the set of all lines
between any two arbitrary but distinct points, i. e.
n
o
G = P Q : P, Q ∈ P, P 6= Q .
Altogether, the pair P G(2, F) := (P, G) of these two definitions is indeed a projective
plane and we call it the projective plane over F.
Lemma 2.1.1. Let F be a field. The pair P G(2, F) = (P, G) with P and G defined
above is a projective plane.
2.2. The affine plane AG(2, F)
In order to be able to visualize the elliptic curves, we have to introduce a second
type of geometry – the so called affine planes.
Definition 2.2.1. Let A be a set, called the set of points and G a set of subsets of
A, called the set of lines. The pair (A, G) is called an affine plane if |G| ≥ 2 for all
G ∈ G and the following three conditions are satisfied.
(A1) Given any two distinct points a, b ∈ A, there exists exactly one line G ∈ G
with a, b ∈ G.
19
2. Introduction to elliptic curves
(A2) Given a line G ∈ G and a point a ∈ A \ G, there exists exactly one line G′ ∈ G
with a ∈ G′ and G ∩ G′ = ∅. The line G′ is said to be parallel to the line G.
(A3) There are at least three distinct points a, b, c ∈ A such that all three do not
lie on the same line, i. e. |{a, b, c} ∩ G| ≤ 2 for all G ∈ G.
To introduce the affine plane AG(2, F) for a given field F, we define the vector space
F2 as the set of points A. For any two distinct points a, b ∈ A, the line ab through
a and b is defined as
ab := {a + λb : λ ∈ F}
and hence, the set G shall be the set of all lines through any two arbitrary but
distinct points a, b ∈ A with b 6= 0, i. e.
n
o
G := ab : a, b ∈ A, b 6= 0 .
As one can easily prove, these two sets define an affine plane and we call the pair
AG(2, F) := (A, G) the affine plane over F.
Lemma 2.2.1. Let F be a field. The pair AG(2, F) = (A, G) with A and G defined
above is an affine plane.
For instance, the affine plane AG(2, R) over R is nothing but the well-known Euclidean plane R2 and thus, every object in AG(2, R) can be simply visualized in the
Cartesian xy-plane.
Since we want to be able to represent elliptic curves in the Cartesian plane, we have
to find an isomorphism between the projective plane over F and the corresponding
affine plane.
Let U := P Q be the line through P := (1 : 0 : 0) and Q := (0 : 1 : 0) in P G(2, F).
We call this set U = {(u : v : w) ∈ P : w = 0} the line at infinity in the projective
plane over F. Similarly, the points lying on U are called points at infinity.
Furthermore, we denote PU as the set P without the points lying on U and likewise
GU as the set G without the designated line U , i. e.
PU := P \ U
and GU := {G \ U : G ∈ G \ {U }} .
These two sets satisfy all conditions of Definition 2.2.1 and hence, we obtain an affine
plane after removing the line U from the projective plane P G(2, F).
Lemma 2.2.2. Let F be a field and U the line at infinity in P G(2, F). Then, the
pair (PU , GU ) defined as above is an affine plane.
We are now finally able to define the isomorphism between the points in the affine
plane AG(2, F) and most, but not all, points in P G(2, F).
20
2. Introduction to elliptic curves
Lemma 2.2.3. Let F be a field and U the line at infinity in P G(2, F). The map
Φ : F2 → PU , (x, y) 7→ (x : y : 1)
is an isomorphism and maps lines in AG(2, F) to lines in (PU , GU ). The inverse of
Φ is given by
−1
Φ
2
: PU → F , (x : y : z) 7→
x y
,
z z
.
Notice, that since PU consists of all points (x : y : z) with z 6= 0, the inverse of Φ
is well-defined.
As a last point of this section, we want to calculate the intersection point of all
lines in AG(2, F) parallel to the y-axis under the isomorphism Φ. These lines can be
parametrized via the equation
(a, 0) + λ(0, 1) with a, λ ∈ F .
For a given coordinate a ∈ F, the point (a, 0) is mapped to the projective point
(a : 0 : 1) = [(a, 0, 1)] and likewise, the points λ(0, 1) for λ ∈ F are mapped to the
projective points (0 : λ : 1) = [(0, λ, 1)]. The projective line G through these points
is now given by
G = {[µ(a, 0, 1) + ν(0, λ, 1)] : µ, ν, λ ∈ F, (µ, ν) 6= (0, 0)}
= {[µ̃(a, 0, 1) + ν̃(0, 1, 0)] : µ̃, ν̃ ∈ F, (µ̃, ν̃) 6= (0, 0)}
= (a : 0 : 1) (0 : 1 : 0) .
Thus, the point of intersection in P G(2, F) of all affine lines parallel to the y-axis is
O := (0 : 1 : 0) and since O lies on the line at infinity U , it is a point at infinity.
This special point will play an important role when it comes to define the addition
operation on the set of points of an elliptic curve.
2.3. Algebraic curves
This section recapitulates the concept of algebraic curves and all theorems necessary
to prepare the desired introduction to the theory of elliptic curves. We follow the
definitions and statements in the textbooks [KK10], [Kir92], [Kna92], [ST92] and in
the lecture notes [RS10].
For a given field F, we let F[X, Y ] and F[X, Y, Z] denote the ring of polynomials in
X and Y over the field F and the ring of polynomials in the variables X, Y and Z
over F, respectively.
21
2. Introduction to elliptic curves
The degree d of a polynomial
P̃ (X, Y, Z) =
X
i,j,k
aijk X i Y j Z k ∈ F[X, Y, Z]
is defined as the highest total degree among all monomials that occur with non-zero
coefficients , i. e.
deg P̃ = max{i + j + k : aijk 6= 0} .
Definition 2.3.1. A non-zero polynomial
P̃ (X, Y, Z) =
X
i,j,k
aijk X i Y j Z k ∈ F[X, Y, Z]
is called homogeneous of degree d, if every monomial in P̃ with non-zero coefficient
has total degree d.
We can now define a projective plane curve to be the locus of projective points
(x : y : z) satisfying P̃ (x, y, z) = 0 for a homogeneous polynomial of degree d > 0.
Definition 2.3.2. Let F be a field and P̃ ∈ F[X, Y, Z] a homogeneous polynomial
of degree d > 0. The equation
C˜ : P̃ (X, Y, Z) = 0
is called a projective plane curve of degree d. Furthermore, for any extension field
F′ of F, the locus of projective points (x : y : z) over F′ satisfying P̃ (x, y, z) = 0 is
˜ ′ ).
called the set of F′ -rational points of the curve C˜ and denoted as C(F
˜ ′ ) of
Although the points in P G(2, F′ ) are equivalence classes, the above given set C(F
F′ -rational points is well-defined. Given two points (x : y : z) and (x′ : y ′ : z ′ ) with
(x : y : z) = (x′ : y ′ : z ′ ), there exists a λ ∈ F′ \ {0} with (x′ , y ′ , z ′ ) = (λx, λy, λz).
Since the defining polynomial P̃ (X, Y, Z) of C˜ is homogeneous of degree d > 0, we
have
P̃ (x′ , y ′ , z ′ ) = P̃ (λx, λy, λz) = λd P̃ (x, y, z)
˜ ′ ) if and only if (x : y : z) ∈ C(F
˜ ′ ). In other words, the
and thus, (x′ : y ′ : z ′ ) ∈ C(F
polynomial P̃ needs to be homogeneous since this assures that a F′ -rational point
˜ ′ ) does indeed satisfy P̃ (x′ , y ′ , z ′ ) = 0 for all (x′ , y ′ , z ′ ) ∈ [(x, y, z)].
[(x, y, z)] ∈ C(F
Likewise to Definition 2.3.2, an affine plane curve C is defined by the equation
P (X, Y ) = 0 for a polynomial P ∈ F[X, Y ] of degree d > 0. Again, for any extension
field F′ of F, the locus of affine points (x, y) ∈ F′2 satisfying P (x, y) = 0 is called the
set of F′ -rational points of C and denoted as C(F′ ).
22
2. Introduction to elliptic curves
Given a polynomial P (X, Y ) ∈ F[X, Y ] of degree d > 0, it can be written in homoge-
neous form by multiplying an appropriate power of Z to every monomial of P and
hence, raising the total degree of every monomial to d.
Lemma 2.3.1. The homogeneous polynomial P̃ (X, Y, Z) ∈ F[X, Y, Z] of a given
polynomial P (X, Y ) ∈ F[X, Y ] with degree d > 0 is given by
d
P̃ (X, Y, Z) = Z P
X Y
,
Z Z
.
Given a homogeneous polynomial P̃ (X, Y, Z) ∈ F[X, Y, Z], the non-homogeneous
polynomial P (X, Y ) ∈ F[X, Y ] is obtained by setting Z = 1, i. e.
P (X, Y ) = P̃ (X, Y, 1) .
Let us now analyze how the points on an affine plane curve C defined by a polynomial
P ∈ F[X, Y ] correspond to the points on an associated projective curve C˜ defined by
the homogeneous polynomial P̃ .
By applying the isomorphism Φ of Lemma 2.2.3 to a point (x, y) ∈ C(F′ ) on the
˜ ′ ) and vice versa. Thus, the set
affine curve C, we obtain a point (x : y : 1) ∈ C(F
˜ ′ ) is equal to the set of points (x, y) ∈ C(F′ ) under the isomorphism Φ plus a set
C(F
˜ i. e.
of infinite points satisfying the defining equation of C,
n
o
n
o
˜ ′ ) = Φ (x, y) : (x, y) ∈ C(F′ ) ∪ ∞ ∈ U : P̃ (∞) = 0 .
C(F
˜ ′ ) is also called the projective completion of the
To emphasize this fact, the set C(F
affine curve C.
The next example demonstrates that the set of infinite points in the projective
completion of the affine plane curve C : X 3 − n2 X − Y 2 = 0 consists of exactly one
point at infinity.
H Example 2.3.1
For instance, the polynomial
P (X, Y ) = X 3 − n2 X − Y 2 ∈ F[X, Y ]
which was derived in Proposition 1.5.1 has degree 3 and corresponds to the
homogeneous polynomial
P̃ (X, Y, Z) = X 3 − n2 XZ 2 − Y 2 Z ∈ F[X, Y, Z] .
By setting Z = 0, we obtain the polynomial P̃ (X, Y, 0) = X 3 and thus, the
˜ ′ ) if and only if x = 0.
projective point (x : y : 0) is in C(F
23
2. Introduction to elliptic curves
˜ ′ ) defined by P̃ (X, Y, Z) = 0 is equal to the set of points
Hence, the set C(F
(x, y) ∈ C(F′ ) defined by P (X, Y ) = 0 under Φ plus exactly one point at infinity
O = (0 : 1 : 0).
For a given field F, we let F denote an algebraic closure of F, i. e. F is an algebraic extension of the given field F and every non-constant polynomial f (X) in the
polynomial ring F[X] splits completely over F.
Definition 2.3.3. Let F be a field and C˜ a projective plane curve defined by the
˜ ′ ) is called singular if all
polynomial P̃ ∈ F[X, Y, Z]. A point S := (x : y : z) ∈ C(F
partial derivatives of P̃ vanish at the point S, i. e.
∂ P̃
∂ P̃
∂ P̃
(S) =
(S) =
(S) = 0
∂X
∂Y
∂Z
˜
and likewise
A curve C˜ is said to be singular if it contains a singular point S ∈ C(F)
˜
non-singular or “smooth” if all points in C(F)
are not singular.
Again, we extend this definition to affine plane curves and call them accordingly
singular if there exists a point S ∈ C(F) with
∂P
∂X (S)
=
∂P
∂Y
(S) = 0.
For the next two examples we set F = F′ = R.
H Example 2.3.2
The previously given projective plane curve C˜ defined by the polynomial
P̃ (X, Y, Z) = X 3 − n2 XZ 2 − Y 2 Z
with n ∈ N
is non-singular. To prove this, we examine the three partial derivatives of P̃
∂ P̃
= 3X 2 − n2 Z 2 ,
∂X
∂ P̃
= −2Y Z,
∂Y
∂ P̃
= −2n2 XZ − Y 2 .
∂X
The partial derivative with respect to Y vanishes if either Y or Z is equal to
zero. In the first case with Y = 0, the partial derivative
either X = 0 or Z = 0 and since
∂ P̃
∂X
=
3X 2
−
n2 Z 2
∂ P̃
∂Z
is equal to zero for
we have X = Y = Z = 0.
Conversely, if Z = 0, the partial derivative with respect to X vanishes for X = 0
and thus, the partial derivative
∂ P̃
∂Z
is equal to 0 for Y = 0. Altogether, the
three partial derivatives vanish at the same time if and only if X = Y = Z = 0.
However, since (0 : 0 : 0) ∈
/ P, the projective plane curve C̃ is non-singular.
24
2. Introduction to elliptic curves
Contrary to the previous example, the next curve is singular.
H Example 2.3.3
Another example is the projective plane curve defined by Q̃(X, Y, Z) = X 3 −
3XZ 2 + 2Z 3 − Y 2 Z. The partial derivatives are given by
∂ Q̃
= 3X 2 − 3Z 2 ,
∂X
∂ Q̃
= −2Y Z,
∂Y
∂ Q̃
= −6XZ + 6Z 2 − Y 2 .
∂X
Again, the partial derivative with respect to Y vanishes if either Y or Z is equal
Q̃
∂ Q̃
and ∂∂Z
vanish if X and Z are
to zero. For Y = 0, the partial derivatives ∂X
′
˜
equal. Thus, the point S := (1 : 0 : 1) ∈ C (C) is singular and so is the curve.
In the case where R is the underlying field, the property of a point P to be nonsingular corresponds to the possibility to draw a tangent line to the particular curve
at the point P . The next figure clarifies the difference between singular and nonsingular points for the previously given examples.
(a) C : X 3 − 9X − Y 2 = 0
(b) C ′ : X 3 − 3X + 2 − Y 2 = 0
Figure 2.1.: Non-singular curve C versus singular curve C ′
Notice that the second curve C ′ has a “node” at the point (1, 0) ∈ R2 . It is not
possible to draw a tangent line to the curve at this particular point, whereas this is
possible for all points on the non-singular curve C.
As we have introduced tangent lines to a plane curve at a given point, the next
definition will formalize this object which proves to be a curve of degree 1 in the
sense of Definition 2.3.2.
25
2. Introduction to elliptic curves
Definition 2.3.4. Given a projective curve C˜ defined by a polynomial P̃ and a
˜ ′ ), the locus of points (u : v : w) ∈ P satisfying the
non-singular point S ∈ C(F
equation
∂ P̃
∂ P̃
∂ P̃
(S) u +
(S) v +
(S) w = 0
∂X
∂Y
∂Z
is called the tangent line to the curve C˜ at the point S and is denoted as TS .
Indeed, as one can easily show, the tangent line TS to a projective plane curve at a
given non-singular point S is defined by a homogeneous polynomial and thus, it is a
projective plane curve of degree 1. Moreover, any tangent line to a point at infinity
∞ ∈ U is equal to the line at infinity U .
While one deals with curves and tangent lines, the natural question arises whether
these geometrical objects intersect with each other and more precisely, in how many
points they intersect. The answer to this is attributed to Bézout. A modern proof for
this remarkable theorem can be found for example in the previously cited textbooks
[Kna92] or [Kir92].
When it comes to count the intersection points of two projective plane curves, we
have to assure that these curves are “distinct” enough and even more, we have to
take into consideration the multiplicity of an intersection point. Thus, before we finally proceed with Bézout’s theorem, we introduce the definitions of the previously
mentioned terms.
Definition 2.3.5. Consider an algebraically closed field F. Let
P̃ (X, Y, Z) = a0 (Y, Z) + a1 (Y, Z)X + . . . + an (Y, Z)X n
and
Q̃(X, Y, Z) = b0 (Y, Z) + b1 (Y, Z)X + . . . + bm (Y, Z)X m
be homogeneous polynomials of degree n and m with a0 , a1 , . . . , an ∈ F[Y, Z] and
b0 , b1 , . . . , bm ∈ F[Y, Z] such that an bm 6≡ 0. The resultant RP̃ ,Q̃ of P̃ and Q̃ with
respect to X is given by the determinant of the m + n by m + n matrix

0
...
0
. . . an
0
...
a0
a1
...
. . . bm
0
...







an 

.
0


0

.. 
. 

a1
. . . an

0

.
.
.

0


 b0


0

.
 ..

a0
a1
0
...
0
...
b1
b0
0
. . . bm 0 . . .
b1
...
...
0

0
a0
b0
b1
26
0
..
.
. . . bm
2. Introduction to elliptic curves
Notice, that the first m rows of the resultant matrix consist of shifts of (a0 , a1 , . . . , an )
and the last n rows of shifts of (b0 , b1 , . . . , bm ).
Definition 2.3.6. Given a projective plane curve C˜ defined by a polynomial P̃ , we
shall say that a curve D̃ : Q(X, Y, Z) = 0 is a component of C˜ if P̃ = Q̃R̃ for
an appropriate polynomial R̃ ∈ F[X, Y, Z]. Moreover, the component D̃ is called
irreducible if the defining polynomial Q̃ is irreducible over the algebraic closure F.
Thus, we can say that two projective plane curves have no common component if
and only if their irreducible components are distinct. Moreover, we can state the
following lemma.
Lemma 2.3.2. Let P̃ (X, Y, Z) and Q̃(X, Y, Z) be non-constant homogeneous polynomials over an algebraically closed field F such that
P̃ (1, 0, 0) 6= 0 6= Q̃(1, 0, 0) .
Then P̃ (X, Y, Z) and Q̃(X, Y, Z) have a non-constant homogeneous common factor
in F[X, Y, Z] if and only if the resultant RP̃ ,Q̃ in Y and Z is identically zero.
The next step is to define the multiplicity of an intersection point between two
projective plane curves. An extensive treatise on multiplicities of intersection points
can be found in [Kir92, Chapter 3]. Although the definitions and statements in this
book are made only over C, they even hold for any algebraically closed field F.
Definition 2.3.7. Let C˜ and C˜′ be two projective plane curves with no common
component which are defined by the homogeneous polynomials P̃ and Q̃ over an
algebraically closed field. Choose a projective coordinate system such that the conditions
˜
(i) (1 : 0 : 0) does not belong to C(F)
∪ C˜′ (F),
˜
(ii) (1 : 0 : 0) does not lie on any line containing two distinct points of C(F)∩
C˜′ (F),
˜
(iii) (1 : 0 : 0) does not lie on the tangent line to C˜ or C˜′ at any point of C(F)∩
C˜′ (F)
˜ C˜′ ) of C˜ and C˜′ at a point
are satisfied. The intersection multiplicity νS (C,
˜
S := (a : b : c) ∈ C(F)
∩ C˜′ (F)
is then given by the largest integer k such that (bZ − cY )k divides RP̃ ,Q̃ .
We are now finally able to state the most important theorem of this section, which
is the primary reason for analyzing algebraic curves in the projective plane.
27
2. Introduction to elliptic curves
Theorem 2.3.1 (Bézout). Suppose C˜ and C˜′ are projective plane curves of degree
m and n, respectively. If C˜ and C˜′ have no common factor, the number of intersection
points of C˜ and C˜′ counted with appropriate multiplicities is given by
X
˜
S∈C(F)∩
C˜′ (F)
˜ C˜′ ) = mn .
νS (C,
Following Bézout’s theorem, any two projective plane curves with no common
component have at most mn intersection points and by counting the multiplicities
of these points, we can state that they intersect in exactly mn points.
H Example 2.3.4
Consider the projective plane curve C˜ : P̃ = 0 with P̃ := X 3 − 36XZ 2 − Y 2 Z
˜
and the point S := (−3 : 9 : 1) ∈ C(R)
over the field R. By the fundamental
theorem of algebra, the algebraic closure of R is the field of complex numbers.
The tangent line to the curve C˜ at the point S is given by
TS : G̃ = 0 with G̃ := −X − 2Y + 15Z .
One can easily check that both polynomials P̃ and G̃ are irreducible over C and
thus, the projective plane curves C˜ and TS share no common component.
Figure 2.2.: C : X 3 − 36X − Y 2 = 0 with tangent line at S := (−3, 9)
28
2. Introduction to elliptic curves
Since C˜ has degree 3 and TS has degree 1 the two curves have at most 3 points
of intersection in C by Bézout’s theorem.
The first point of intersection is obviously S and the second point of intersection
S ′ = (50 : 35 : 8) can be found by considering the curves in the affine plane, as
seen in the figure above. The point at infinity O does not lie on TS and thus,
either S or S ′ has a intersection multiplicity greater than 1.
We now compute the intersection multiplicity of S by determining the resultant
of P̃ and G̃. Notice, that all conditions of Definition 2.3.7 are satisfied.
RP̃ ,G̃

−Y 2

−2Y + 15Z

= det 

0

0
−36Z 2
−1
−2Y + 15Z
0

0
1
0
0

−1


0

−2Y + 15Z −1
= 8Y 3 − 179Y 2 Z + 1278Y Z 2 − 2835Z 3
= (8Y − 35Z)(Y − 9Z)2
Since (Y − 9Z)2 divides RP̃ ,G̃ , the intersection point S = (−3 : 9 : 1) has
multiplicity 2 and we are finished.
2.4. Elliptic curves
We have already seen various examples for elliptic curves. In this section, we give a
proper definition and restate some basic properties of this special case of algebraic
curves.
Definition 2.4.1. Let C˜ be a non-singular plane curve of degree d ≥ 1. The genus
g of the curve C˜ is then given by
1
g = (d − 1)(d − 2) .
2
If C˜ is defined over the field of complex numbers C, the genus of C˜ coincides with
the topological genus of the Riemann surface defined by the manifold of the complex
˜
points of C(C).
Thus, a non-singular plane curve over C of degree 1 and a complex
torus are topologically identical. Even more, this connection simplifies the proof of
the group structure of an elliptic curve, as we are going to see in the next section.
29
2. Introduction to elliptic curves
Definition 2.4.2. An elliptic curve over a field F is a pair (Ẽ, O), where Ẽ is a
non-singular projective plane curve of genus 1 such that O ∈ Ẽ(F).
The definition of an elliptic curve (Ẽ, O) requires the non-singular curve Ẽ to have
at least one F-rational point, the so called base point of Ẽ. For the sake of simplicity,
it is convenient to suppress the base point and just write Ẽ for (Ẽ, O).
Definition 2.4.3. Let Ẽ be an elliptic curve over F. Any equation of the form
Y 2 Z + a1 XY Z + a3 Y Z 2 = X 3 + a2 X 2 Z + a4 XZ 2 + a6 Z 3
is called a Weierstrass equation for the elliptic curve Ẽ.
The above given equation is sometimes referred to as general Weierstrass equation. If
the characteristic of the ground field F is not 2 or 3, i. e. 1+1 6= 0 and 1+1+1 6= 0 in
F, the general form of the Weierstrass equation can be simplified via a linear change
of variables to the so called short Weierstrass equation given by
Y 2 Z = X 3 + aXZ 2 + bZ 3 .
This leads us to a second possibility to introduce elliptic curves, which in turn proves
to be equivalent to Definition 2.4.2. The corresponding proof of the next theorem
can be found in the textbook [Mil06].
Theorem 2.4.1. Let F be a field of characteristic not equal to 2 or 3. Every elliptic
curve (Ẽ, O) is isomorphic to a curve of the form
Ẽa,b : Y 2 Z = X 3 + aXZ 2 + bZ 3
with
a, b ∈ F,
such that O = (0 : 1 : 0) ∈ Ẽa,b (F). Conversely, the curve Ẽa,b is non-singular and
thus an elliptic curve if and only if ∆ := 4a3 + 27b2 6= 0.
The quantity ∆ := 4a3 + 27b2 is called the discriminant of the appropriate short
Weierstrass equation. Moreover, we define the j-invariant of an elliptic curve Ẽa,b
given in short Weierstrass equation to be the quantity
j(Ẽ) :=
1728(4a3 )
.
∆
Proposition 2.4.1. Two elliptic curves Ẽ and Ẽ ′ are isomorphic over F if and only
if j(Ẽ) = j(Ẽ ′ ).
Notice, that this statement does not hold for any field F. Two elliptic curves can
have the same j-invariant without being isomorphic over F.
30
2. Introduction to elliptic curves
Again, by applying the isomorphism of Lemma 2.2.3 to the set of rational points
on an elliptic curve Ẽa,b , we obtain a non-homogeneous algebraic curve in the affine
plane given by
Ea,b : Y 2 = X 3 + aX + b .
As one can easily prove, the point O = (0 : 1 : 0) is the only point at infinity on
Ẽa,b and thus, we have
n
o
Ẽa,b (F) = Φ (x, y) : (x, y) ∈ Ea,b (F) ∪ {O} .
Throughout the rest of this thesis an elliptic curve is referred to as the corresponding
curve Ea,b in non-homogeneous coordinates, always keeping in mind the extra point
O at infinity.
Proposition 2.4.2. Let F be a field of characteristic not equal to 2 or 3 and a, b ∈ F
such that ∆ := 4a3 + 27b2 6= 0. Then
Ea,b : Y 2 = X 3 + aX + b
is an elliptic curve over F. The locus of points over F satisfying the above given
equation together with the point at infinity O is given by
o
n
Ea,b (F) = y 2 = x3 + ax + b : (x, y) ∈ F2 ∪ {O} .
According to the initial topic of this thesis, the elliptic curve defined by the equation
Y 2 = X 3 − n2 X with n ∈ N is denoted as En . Since ∆ = 4 · (n2 )3 + 27 · 02 = 4n6 6= 0
for any natural number n, the algebraic curve En is indeed an elliptic curve in the
sense of Proposition 2.4.2.
2.5. The group law
As it was mentioned in the previous section, an elliptic curve over the field of complex
numbers is topologically identical to a complex torus. By finding an isomorphism
between these two objects, the addition law on an elliptic curve can be inherited
from the respective group structure of a complex torus. For this, we begin with
the definition of a torus which is mainly achieved by “gluing together” the opposite
boundaries of a parallelogram.
Definition 2.5.1. Given two linear independent complex numbers ω1 and ω2 , the
set of all integral linear combinations of ω1 and ω2 is called complex lattice and
denoted with Ω(ω1 , ω2 ), i. e.
Ω(ω1 , ω2 ) := Zω1 + Zω2 = {mω1 + nω2 | m, n ∈ Z} .
31
2. Introduction to elliptic curves
If the periods ω1 and ω2 are fixed, the corresponding lattice is written as Ω. Moreover,
for a given lattice Ω(ω1 , ω2 ), the fundamental parallelogram π(Ω) of Ω is defined as
π(Ω) := {µω1 + νω2 | 0 ≤ µ, ν ≤ 1} .
For instance, consider the two complex number ω1 := 2 + 3i and ω2 := 4 + i in
the Gaussian plane. Notice, that ω1 and ω2 do not lie on the same line through the
origin and thus, they define a lattice in the complex plane. The next figure visualizes
Ω(ω1 , ω2 ) and its corresponding fundamental parallelogram π(Ω).
Figure 2.3.: Ω(2 + 3i, 4 + i) with corresponding fundamental parallelogram π(Ω)
By “gluing together”, we mean to find an equivalence relation on C such that the
points on the left boundary of the fundamental parallelogram are related to the
points on the right boundary and likewise, the points on the lower boundary are
related to the points on the upper boundary.
Lemma 2.5.1. Let Ω(ω1 , ω2 ) be a complex lattice. The relation on C defined by
z ≡ z ′ :⇔ z ′ = z + mω1 + nω2 with m, n ∈ Z
is an equivalence relation.
Notice, that the quotient space of C by the above defined equivalent relation is simply
the field of complex numbers modulo the lattice Ω(ω1 , ω2 ) and a representative of
C/Ω is given by the corresponding fundamental parallelogram π(Ω).
32
2. Introduction to elliptic curves
Thus, the point µω1 with 0 ≤ µ ≤ 1 on the left boundary of π(Ω) is equivalent
to the point µω1 + ω2 on the right boundary and the point νω2 with 0 ≤ ν ≤ 1
on the lower boundary of π(Ω) is equivalent to the point νω2 + ω1 on the upper
boundary. As one can see in the following figure, this topological handicraft does
indeed yield a complex torus. Notice that a larger version of this figure can be found
in the appendix.
Figure 2.4.: “Gluing together” the opposite sides of a fundamental parallelogram
Definition 2.5.2. Given a complex lattice Ω(ω1 , ω2 ), a meromorphic function f on
C is said to be an elliptic function relative to the lattice Ω if
f (z + ω) = f (z)
for all ω ∈ Ω and z ∈ C .
In other words, an elliptic function on C relative to a lattice Ω(ω1 , ω2 ) is doubly
periodic with periods ω1 and ω2 . The values of f on the opposite boundaries of
π(Ω) are the same, i. e. f (µω1 + ω2 ) = f (µω1 ) for any µ with 0 ≤ µ ≤ 1 and
f (ω1 + νω2 ) = f (νω2 ) for any ν with 0 ≤ ν ≤ 1. Hence, such a function maps points
in the Gaussian plane C to points on the complex torus C/Ω.
We now define an example for a non-constant elliptic function which is directly
connected to elliptic curves. This specific function goes back to the work of Karl
Weierstrass, who looked for an elliptic function with a pole of order 2 at the
origin z = 0.
Definition 2.5.3. Let Ω(ω1 , ω2 ) be a complex lattice. The Weierstrass ℘-function
relative to the lattice Ω is defined by the series
X
1
1
1
.
−
℘(z; ω1 , ω2 ) := 2 +
z
(z − ω)2 ω 2
ω∈Ω
ω6=0
If the lattice is clear from the context, the Weierstrass ℘-function is denoted as ℘(z).
The next figure illustrates |℘(z)| for the particular lattice Ω defined by the periods
ω1 := 2 and ω2 := 2i. As one can observe, the Weierstrass ℘-function has a pole at
each lattice point of Ω.
33
2. Introduction to elliptic curves
Figure 2.5.: Absolute value of ℘(z; 2, 2i) with corresponding lattice Ω
Proposition 2.5.1. Let Ω(ω1 , ω2 ) be a complex lattice. The series defining the
Weierstrass ℘-function converges absolutely and uniformly on every compact subset of C \ Ω. It defines an even elliptic function on C having a double pole with
residue 0 at each lattice point and no other poles.
Moreover, any given elliptic function can be expressed solely in terms of the Weierstrass ℘-function and its derivative. Thus, the set of elliptic functions EΩ relative to
a lattice Ω is generated by ℘(z) and ℘′ (z) as the following proposition states.
Proposition 2.5.2. Let Ω be a complex lattice. The set of elliptic functions relative
to Ω is a field and finitely generated by ℘(z) and ℘′ (z), i. e. EΩ = C (℘, ℘′ ).
The connection of the Weierstrass ℘-function to elliptic curves can be established
by computing the Laurent series expansion for ℘(z; ω1 , ω2 ) near the origin z = 0. By
introducing the Eisenstein series for the corresponding lattice Ω(ω1 , ω2 ) relative to
the Weierstrass ℘-function, we can write ℘′ (z)2 as a cubic polynomial in ℘(z). This
in turn defines an elliptic curve and on the contrary, every elliptic curve given as in
Proposition 2.4.2 can be expressed in terms of ℘(z).
Definition 2.5.4. The Eisenstein series of weight 2k for the lattice Ω(ω1 , ω2 ) is
given by
G2k (Ω) =
X
ω∈Ω
ω6=0
34
ω −2k .
2. Introduction to elliptic curves
If the lattice Ω is fixed, the corresponding Eisenstein series is referred to as G2k .
The Laurent series for ℘ relative to the lattice Ω near the origin z = 0 is therefore
given by
℘(z) = z −2 +
∞
X
(2k + 1)G2k+2 z 2k
k=1
and thus we have
1
+ 3G4 z 2 + 5G6 z 4 + 7G8 z 6 + · · · ,
z2
1
℘(z)2 = 4 + 6G4 + 10G6 z 2 + · · · ,
z
1
1
3
℘(z) = 6 + 9G4 2 + 15G6 + · · · ,
z
z
2
℘′ (z) = − 3 + 6G4 z + 20G6 z 3 + 42G8 z 5 + · · · ,
z
1
4
′
2
℘ (z) = 6 − 24G4 2 − 80G6 + · · · .
z
z
℘(z) =
Comparing the expansion of ℘′ (z)2 with the expansions of ℘(z)3 and ℘(z) gives us
the differential equation
℘′ (z)2 = 4℘(z)3 − g2 ℘(z) − g3
with standard notation g2 = g2 (Ω) = 60G4 and g3 = g3 (Ω) = 140G6 . The polynomial
on the right-hand side has distinct roots with discriminant ∆ = g23 − 27g32 6= 0. By
dividing both sides by 4, replacing
℘′ (z)
2
with Y and ℘(z) with X we have given
an elliptic curve Ea,b with a = −15G4 and b = −35G6 as in Proposition 2.4.2.
Conversely, given an elliptic curve E : Y 2 = X 3 + aX + b in Weierstrass form with
a, b ∈ C, one can find two linear independent periods ω1 and ω2 of a complex lattice
Ω(ω1 , ω2 ) such that −15G4 (Ω) = a and −35G6 (Ω) = b.
Proposition 2.5.3. Let Ω(ω1 , ω2 ) be a complex lattice. The map

 ℘(z),
Ψ : C/Ω → E(C), z →
7
O
℘′ (z) 2
if z 6= 0
otherwise
is an analytic one-to-one correspondence and a group homomorphism between the
complex torus C/Ω and the set of points E(C) on the elliptic curve E defined by
Y 2 = X 3 − 15G4 X − 35G6 .
35
2. Introduction to elliptic curves
This correspondence carries over the ordinary addition law in C/Ω to the set E(C).
′
1)
∈ E(C) with z1 ∈ C/Ω
The sum of two given points Pz1 := Ψ(z1 ) = ℘(z1 ), ℘ (z
2
′
2)
and Pz2 := Ψ(z2 ) = ℘(z2 ), ℘ (z
∈ E(C) with z2 ∈ C/Ω is thus given by
2
Pz1 + Pz2 = Ψ(z1 ) + Ψ(z2 ) = Ψ(z1 + z2 ) = ℘(z1 + z2 ),
℘′ (z1 + z2 ) ∈ E(C) .
2
Theorem 2.5.1. Let E be an elliptic curve in Weierstrass form defined over the
field of complex numbers. Then the set of points E(C) together with the above defined
addition is an abelian group.
The addition law for elliptic curves has a simple geometric interpretation based on
drawing a line through two given points Pz1 , Pz2 ∈ E(C) or a tangent line at Pz to
calculate the sum Pz1 + Pz2 or 2Pz , respectively.
′
Let Pz ∈ E(C) denote the point Ψ(z) = ℘(z), ℘ 2(z) with corresponding non-zero
′
′
z ∈ C. Since Pz + O = Ψ(z) + Ψ(0) = ℘(z + 0), ℘ (z+0)
= ℘(z), ℘ 2(z) = Pz , the
2
identity element of the addition law for elliptic curves is the point at infinity O.
Moreover, since Ψ(z) + Ψ(−z) = Ψ(z − z) = Ψ(0) = O, the additive inverse of Pz is
′
given by P−z = ℘(−z), ℘ (−z)
. As the Weierstrass ℘-function is even, its derivative
2
℘′ is odd and thus we obtain
−Pz = P−z = ℘(−z),
℘′ (−z) ℘′ (z) = ℘(z), −
.
2
2
Geometrically speaking for the projection to the real line, the inverse element of the
point Pz is the symmetric point on the other side of the x-axis. Recall, that this was
already hinted in the first chapter; the two right triangles (a, b, c) and (−a, −b, −c)
with area n correspond to symmetric points on the elliptic curve En .
Figure 2.6.: Additive inverse −Pz obtained by reflecting Pz across the x-axis
36
2. Introduction to elliptic curves
As it was already mentioned above, the addition formula is based on drawing a line
through two given points or a tangent at the particular point. Both geometrical
objects, the line and the tangent, can be described by a projective plane curve of
degree 1. Since an elliptic curve E is defined by a cubic polynomial and hence has
degree 3, there are counted with appropriate multiplicity three intersection points
of E and the particular line or tangent, respectively.
Let l = Pz1 Pz2 denote the straight line joining the two distinct points Pz1 , Pz2 on
the elliptic curve E. This line can be parametrized by the equation Y = mX + t
with corresponding slope m and y-intercept t given by
m=
1
2
(℘′ (z2 ) − ℘′ (z1 ))
℘(z2 ) − ℘(z1 )
and t =
℘′ (z1 )
− m℘(z1 ) .
2
Both points Pz1 and Pz2 have an intersection multiplicity of one as it can be easily
calculated with the previous given formula. Thus there must be a third point shared
by l and the elliptic curve E. We let Pz3 denote this third point of intersection and
since Pz3 ∈ E(C), there must exist a z3 ∈ C/Ω such that Ψ(z3 ) = Pz3 . Our next aim
is to calculate Pz3 depending on the z-values of the two given points Pz1 and Pz2 .
Substituting Y with (mX + t)2 gives us (mX + t)2 = X 3 − 15G4 X − 35G6 which in
turn can be written as 0 = X 3 − m2 X 2 − (15G4 + 2mt) X − 35G6 + t2 . The latter
equation has three zeros in C which are given by ℘(z1 ), ℘(z2 ) and ℘(z3 ) and thus
we can write
X 3 − m2 X 2 − (15G4 + 2mt) X − 35G6 + t2 = (X − ℘(z1 )) (X − ℘(z2 )) (X − ℘(z3 )) .
Equating the coefficients of the quadratic term on both sides of the above derived
equation gives us m2 = ℘(z1 ) + ℘(z2 ) + ℘(z3 ) and thus we finally conclude
℘(z3 ) = m2 − ℘(z1 ) − ℘(z2 ) and ℘′ (z3 ) = 2 (m℘(z3 ) + t) .
According to Proposition 2.5.2, the function f (z) := ℘′ (z) − m℘(z) − t generated
by ℘ and ℘′ is an elliptic function and has three zeros, namely z1 , z2 and z3 . These
zeros must sum up to 0 modulo the lattice Ω and thus we have
z3 ≡ −(z1 + z2 ) mod Ω .
For a complete proof of the last given statements one can consult for example the
textbooks [Kna92] and [Rob86].
37
2. Introduction to elliptic curves
In summary, for two given points Pz1 = Ψ(z1 ) and Pz2 = Ψ(z2 ) the sum of both
points is given by
Pz1 + Pz2 = Ψ(z1 ) + Ψ(z2 ) = Ψ(z1 + z2 ) = Ψ(−z3 ) = ℘(z3 ), −℘′ (z3 )
with ℘(z3 ) and ℘′ (z3 ) as derived previously.
Figure 2.7.: Addition of two points Pz1 and Pz2 on an elliptic curve
In the case where Pz1 is equal to Pz2 , we have to draw the tangent line to E at the
point Pz1 . This is possible without any concerns since E is non-singular in C and we
denote this line with t.
The slope of the tangent line t can be calculated by implicit differentiation and is
then given by
m=
3℘(z1 )2 − 15G4
d℘′ (z1 )
=
.
d℘(z1 )
℘′ (z1 )
Similarly as for the addition of two distinct points, the intersection point Pz1 of E
and t has a multiplicity of 2 and thus the tangent line must intersect E in a third
point. Hence we can compute the duplication of Pz2 as
[2]Pz2 = Ψ(2z1 ) = Ψ(−z3 ) = ℘(z3 ), −℘′ (z3 )
with ℘(z3 ) and ℘′ (z3 ) derived as in the previous case and corresponding slope m as
given above.
38
2. Introduction to elliptic curves
Figure 2.8.: Duplication of a points Pz1 on an elliptic curve
For the sake of clarity, we now summarize the group law for an elliptic curve defined
as in Proposition 2.4.2 and regular points in the affine plane C2 .
Proposition 2.5.4. Let Ea,b be an elliptic curve defined by Y 2 = X 3 + aX + b with
a, b ∈ C and P1 := (x1 , y1 ), P2 := (x2 , y2 ) two arbitrary points of E(C). The addition
law of the abelian group E(C), + is then given by
•
•
•
•
•
−O = O
−P1 = (x1 , −y1 )
P1 + O = O + P1 = P1
P1 + P2 = O if P1 = −P2
P1 + P2 = (x3 , y3 ) with
m=
and

 y2 −y1
x2 −y1
 3x21 +a
2y1
x3 = m2 − x1 − x2 ,
if P1 6= P2 ,
if P1 = P2
y3 = m(x1 − x3 ) − y1 .
Notice that the addition law is composed just of rational functions of the coordinates
x1 , x2 , y1 , y2 and the coefficient a of the elliptic curve Ea,b . Hence the addition law
holds even for any subfield F of C.
Conversely we could have started by defining the group structure of an elliptic
curve E over F and then prove the axioms of an abelian group step by step. If the
characteristic of the field is not 2 or 3, we can represent E by a short Weierstrass
equation and use the above deduced addition law.
39
2. Introduction to elliptic curves
In the remaining cases we have to use a general Weierstrass equation and the addition
formulas are a bit more complicated.
The advantage of this method is the avoidance of the Weierstrass ℘-function and thus
we would not have to restrict ourselves to C or any suitable subfield. Unfortunately
we would have to prove the associativity of the addition law by hand since it is not
passed on by a group homomorphism. This is the hardest axiom to prove and thus
we state the following Theorem by Poincaré without a proof.
Theorem 2.5.2 (Poincaré). Let E be an elliptic curve over F. Then E(F) is an
abelian group. If the characteristic of F is not 2 or 3, the addition law is given as in
Proposition 2.5.4.
As usual, the order of a group element P ∈ E(F) of an elliptic curve E is given by
the smallest integer m with
[m]P = P
+P +
. . . + P} = O
{z
|
m−times
and defined as infinite if there is no such integer. The points having finite order are
called torsion points of E and the set of all these points is denoted as E(F)tors .
2.6. Rational points on elliptic curves
In this section we are returning to the original topic of this thesis, namely whether
or not a given natural number n is a congruent number. As we have seen in the
first chapter, this corresponds to the existence of a rational point P = (x, y) with
y 6= 0 on the elliptic curve En . Thus we now leave the field of complex numbers and
concentrate on rational points on elliptic curves.
In the year 1901 Henri Poincaré introduced in his pioneering article [Poi01] the
definition of the rank of an elliptic curve E as the minimum number of necessary
“points rationnels fondamentaux” to generate the group E(Q). Beside this, he proposed that this designated number must be finite which was proved successfully by
Louis Mordell in the year 1922 and extended to elliptic curves over any algebraic
number field by André Weil in 1928.1
Since we do not need this furthergoing generalization for our purposes, we now state
the so-called weak version of this remarkable theorem for elliptic curves over Q as it
was originally given by Mordell. A rigorous proof of both versions can be found
for example in the textbook [ST92].
1
For a comprehensive overview of the history of this theorem one may refer for example to the
book [IR90].
40
2. Introduction to elliptic curves
Theorem 2.6.1 (Mordell–Weil). Let E be an elliptic curve over Q. Then the
group E(Q) is finitely generated.
The fundamental theorem of finitely generated abelian groups now implies that E(Q)
is isomorphic to the direct sum of a finite set of torsion points and a finite number
of copies of Z, i. e.
E(Q) ≈ E(Q)tors ⊕ Zr
with nonnegative r ∈ Z called the (algebraic) rank of E. Notice that this definition
of the rank of an elliptic curves agrees with the definition originally introduced by
Poincarè. Let B := P1 , P2 , . . . , Pr be a fundamental system of rational points
generating E(Q). Every rational point P on the elliptic curve E can then be written
uniquely as
P = Ptors + [m1 ]P1 + [m2 ]P2 + . . . + [mr ]Pr
with m1 , m2 , . . . , mr ∈ Z and Ptors ∈ E(Q)tors . This corresponds to the decomposition of E(Q) as given above.
This theorem yields two important questions which are strongly connected to the
congruent number problem:
1. What are the points of finite order of a given elliptic curve E?
2. How to compute the rank of a given elliptic curve E?
An answer to the first question was given independently by Trygve Nagell in the
year 1935 and Élisabeth Lutz two years later. For a complete proof of this theorem
we refer to the textbook [ST92].
Theorem 2.6.2 (Nagell–Lutz). Let Ea,b be an elliptic curve defined by
Y 2 = X 3 + aX + b
with a, b ∈ Z and P := (x, y) ∈ E(Q)tors a nonzero torsion point of Ea,b . Then
(i) x, y ∈ Z and
(ii) either y = 0, or else y 2 divides ∆ = 4a3 + 27b2 .
Our next step is to apply the Theorem of Nagell and Lutz to the elliptic curve
En : Y 2 = X 3 − n2 X with squarefree positive integer n ∈ N. The discriminant of En
is given by ∆ = 4n6 and thus a torsion point of En must either have y-coordinate 0
or it must divide 2n3 .
41
2. Introduction to elliptic curves
Suppose P = (x, y) is a torsion point with nonzero y-coordinate. Then [2]P = (x′ , y ′ )
is likewise a torsion point and the addition formula shows that
x′ =
=
=
3x2 − n2
2y
!2
− 2x =
9x4 − 6x2 n2 + n4 − 8xy 2
4y 2
x4 + 2x2 n2 + n4
9x4 − 6x2 n2 + n4 − 8x(x3 − n2 x)
=
4y 2
4y 2
x2 + n2
2y
!2
.
The Nagell-Lutz-Theorem implies that x′ must be an integer and as calculated above
it is also a square. Furthermore, by adding n to x′ we get
x′ + n =
=
x4 + 2x2 n2 + n4 + 4x3 n − 4xn3
x4 + 2x2 n2 + n4 + 4y 2 n
=
4y 2
4y 2
x2 + 2xn − n2
2y
!2
and equally, by subtracting n from x′ we get
x′ − n =
=
x4 + 2x2 n2 + n4 − 4x3 n + 4xn3
x4 + 2x2 n2 + n4 − 4y 2 n
=
4y 2
4y 2
x2 − 2xn − n2
2y
!2
.
Since both x′ − n and x′ + n are squares, the triple (x′ − n, x′ , x′ + n) is an arithmetic
progression of three integer squares with common difference n.
Note that a square is either 0 or 1 modulo 4 and thus the even difference 2n of
the two squares x′ + n and x′ − n must be a multiple of 4, i. e. 2n ≡ 0 modulo 4.
On the other hand, the difference n of the two squares x′ + n and x′ must be 0, 1
or 3 modulo 4 by the same argument. But this yields n ≡ 0 modulo 4, which is a
contradiction to n being squarefree. Hence En has no torsion points with non-zero
y-coordinate.
Obviously, the point at infinity O is a torsion point and if we set y = 0, we find
that (0, 0), (n, 0) and (−n, 0) satisfy the defining equation of En . The latter three
points have order 2 since P1 + P2 = O if P1 = −P2 and thus the elliptic curve En
has exactly four torsion points.
Corollary 2.6.1. En (Q)tors = {O, (0, 0), (n, 0), (−n, 0)}
Since all torsion points of En (Q) have y-coordinate 0 and Proposition 1.5.1 requires
the rational point (x, y) to have non-zero y-coordinate, we can restate the congruent
number problem as follows.
42
2. Introduction to elliptic curves
Corollary 2.6.2. A natural number n is a congruent number if and only if En (Q)
has nonzero rank r.
This leads us directly to our second question on the computation of the rank of an
elliptic curve. However, there is no known algorithm to solve this problem. The only
ray of hope is the former mentioned conjecture of Birch and Swinnerton-Dyer
which relates the behaviour of the so called Hasse-Weil L-function L(En , s) at the
“critical value” s = 1 and the rank r of the elliptic curve En .
But before we proceed to the next chapter where we study this particular function
in depth, we now give a neat example on how to use the above deduced theory to
solve an apparently ordinary problem.
Suppose one wants to sell n2 oranges. Is it possible to stack all oranges on our
vendors stall into a perfect square pyramid2 as shown in the figure below?
Figure 2.9.: Oranges stacked as a square pyramid
If we want to arrange our oranges in this manner, we need 11 = 1 orange on the top,
22 = 4 oranges on the second layer from the top, 32 = 9 oranges on the third layer
from the top and so on. Thus, to stack n2 oranges into a square pyramid we need
to solve the equation
n2 =
m
X
i=1
i2
with m, n ∈ N .
The sum on the right-hand side can be written as
m
X
i=1
2
i2 =
m(m + 1)(2m + 1)
1
1
1
= m3 + m2 + m .
6
3
2
6
Incidentally, this is the most stable way to stack round objects as Johannes Kepler conjectured
in the year 1611 and Thomas Hale successfully proved nearly 400 years later by extensive use
of computers.
43
2. Introduction to elliptic curves
Hence, our problem of stacking n2 oranges into a square pyramid corresponds to
integer points on the elliptic curve
1
1
1
E : Y 2 = X3 + X2 + X
3
2
6
given in general Weierstrass form with Y := n and X := m.
Next, we need to find a morphism which translates E into an elliptic curve E ′ given
in short Weierstrass form with integer coefficients a, b such that an integer point
on E is mapped to an integer point on E ′ . This is for example satisfied by the
mapping
σ : E(Q) → E ′ (Q), (x, y) 7→ (12x + 6, 72y)
with E ′ : Y 2 = X 3 − 36X in short Weierstrass form. The inverse of σ is given by
σ
−1
′
: E (Q) → E(Q), (x, y) 7→
x−6 y
,
12 72
.
We already know some integer points on the elliptic curve E ′ , namely the torsion
points (0, 0), (6, 0) and (−6, 0). Following Corollary 1.5.1, the right triangle (3, 4, 5)
with area 6 corresponds to the point (12, 36) on the elliptic curve E ′ and thus we
have found another integer point on E ′ . From Table 1.2 we can deduce more points
on E ′ that correspond to variations of the right triangle (3, 4, 5). These are given by
(12, −36), (−3, 9), (−3, −9), (18, 72), (18, −72), (−2, 8) and (−2, −8).
In the year 1921 Carl Ludwig Siegel proved that there are only finitely many integer
points on an elliptic curve defined over a number field F. Moreover, Serge Lang and
Don Zagier gave an effective method to compute this finite set of integer points.
For an extensive introduction to integer points on elliptic curves we refer to the
textbook [Sil09]. The corresponding algorithm can be found in [Zag87].
The algorithm is implemented into Sage and we can use it to calculate the remaining
integer points on E ′ .
Listing 2.1: Computing all integer points on E ′
1
2
E = EllipticCurve ([0 ,0 ,0 , -36 ,0]);
E . integral_points ( both_signs = True )
This gives us the last two integer points (294, 5040) and (294, −5040) on E ′ we have
not computed so far.
The solution to our orange stacking problem is then given by all points under σ −1
having integer coordinates, namely (0, 0), (1, ±1) and (24, ±70). Hence, if we ignore
the trivial solutions of stacking 0 or 1 orange, the only square amount of oranges
that can be stacked as a square pyramid is 702 = 4900.
44
3. The conjecture of Birch and Swinnerton-Dyer
“This remarkable conjecture relates the behaviour of a function L at a point
where it is not present known to be defined, to the order of a group X, which
is not known to be finite.”
— John Tate, The arithmetic of elliptic curves
As we have seen in the previous chapter, the set of F-rational points on an elliptic
curve over a given field F is an abelian group under the chord-tangent addition law.
In particular, if the underlying field is Q, this group is finitely generated and splits
into a closed subgroup of torsion points and finitely many copies of Z.
Moreover, our special elliptic curve En has only four points of finite order and these
have all y-coordinate zero. Hence they can not correspond to right triangles with
area n as seen in the first chapter. Thus, n is a congruent number if and only if
the elliptic curve En has positive rank. However, there is no algorithm known to
efficiently solve this problem.
While it is hard to conclude the number of points on an elliptic curve E over the
field of rational numbers, this problem is simplified significantly if we consider E
over a prime field Fp . The idea of Birch and Swinnerton-Dyer is mainly based
on the local-global principle of Helmut Hasse, namely: Is it possible to predict the
number of points on an elliptic curve E over the global field Q if we analyze E over
all local fields?
3.1. Elliptic curves over finite fields
By considering elliptic curves over finite fields we have to take into account two
decisive conditions such that the defining equation is indeed an elliptic curve.
1. The (projective) curve must be of degree 3 and
2. the curve must be smooth.
Let p be a prime and Ea,b an elliptic curve defined by Y 2 = X 3 + aX + b. If p = 2,
the defining equation simplifies to Y ≡ X + aX + b by Fermat’s Little Theorem.
Likewise, if p = 3, we can write Ea,b as Y 2 ≡ X + aX + b by the same argument.
45
3. The conjecture of Birch and Swinnerton-Dyer
Altogether, both curves are neither of degree 3 as desired and thus we consider only
reductions modulo a prime p > 3.
On the other hand, if p divides the discriminant ∆ = 4a3 + 27b2 of Ea,b , the corresponding curve is obviously singular since ∆ ≡ 0 mod p. Hence we have to distinguish
between “good” reductions modulo primes p which lead to smooth curves over Fp
and “bad” reductions which lead to singular curves over the respective finite field.
However, sometimes an elliptic curve E has bad reduction modulo a prime p, but
there exists an isomorphic elliptic curve E ′ such that E ′ has good reduction modulo
p. This issue can be resolved by declaring the minimal model of an elliptic curve.
Definition 3.1.1. Let S be the set of all elliptic curves E ′ that are isomorphic to E
over Q such that the discriminant ∆E ′ of E ′ is an integer. The minimal discriminant
of E is the integer ∆E ′ that attains the minimum of the set {|∆E ′ | : E ′ ∈ S}. If E ′
is the model for E with minimal discriminant, we say that E ′ is a minimal model
for E.
Following this, we can now introduce the reduction of an elliptic curve given by a
minimal model.
Definition 3.1.2. Let p 6= 2, 3 be a prime and Ea,b an elliptic curve given by a
minimal model with a, b ∈ Z. We say that Ea,b has a good reduction modulo p if the
prime p does not divide the discriminant ∆ = 4a3 + 27b2 and a bad reduction modulo
p if ∆ ≡ 0 modulo p.
Thus for any prime p > 3 with p ∤ ∆ we may consider a given elliptic curve Ea,b over
the finite field Fp and by Theorem 2.5.2, the underlying set of points is an abelian
group. Since ∆ has only finitely many prime factors there are likewise only finitely
many bad reductions in which case the particular elliptic curve is singular modulo p.
In other words, the set of points Ea,b (Fp ) of an elliptic curve Ea,b over Fp is a finite
abelian group for almost all primes.
Since the underlying field Fp is finite, the number of points on an elliptic curve over
this field must obviously be finite as well. Thus our next aim is to compute the size
of a reduced elliptic curve modulo a prime.
Recall that the Legendre symbol is defined by
a
p
=



+1



0




−1
if a is a quadratic residue modulo p
if a ≡ 0 mod p
if a is a quadratic non-residue modulo p
and hence we can state the following proposition on the number of points on the
elliptic curve Ea,b over the finite field Fp .
46
3. The conjecture of Birch and Swinnerton-Dyer
Proposition 3.1.1. Let p > 3 be a prime such that p ∤ ∆ and Ea,b an elliptic curve.
Then the number of points on Ea,b over Fp together with the point at infinity is given
by
Np (Ea,b ) := |Ea,b (Fp )| = p + 1 +
p−1
X
x=0
!
x3 + ax + b
.
p
Proof. Let σ denote the polynomial X 3 + aX + b on the right hand side of the
defining equation of the elliptic curve Ea,b . If σ(x) ∈ Fp is a quadratic residue
modulo p, the equation Y 2 = σ(x) has two solutions y1 , y2 ∈ Fp . Likewise, if σ(x) is
a quadratic non-residue modulo p, the equation Y 2 = σ(x) has no solutions in the
finite field Fp and exactly one solution if σ(x) ≡ 0 modulo p.
Altogether, the number of affine points on an elliptic curve Ea,b over the finite field
Fp is given by
p−1
X
x=0
1+
σ(x)
p
=p+
p−1
X
x=0
!
x3 + ax + b
.
p
Including the point at infinity in the above equation concludes the proof of the
previous proposition.
While
σ(x)
p
can be computed efficiently for relatively small primes, this formula
becomes less feasible with increasing primes. Therefore we shall limit ourselves to
approximations for the desired size of reduced elliptic curves.
A generous bound for Np (Ea,b ) is obviously given by
1 ≤ Np (Ea,b ) ≤ 2p + 1.
The inequality on the left hand side holds since there is at least one point on any
elliptic curve by definition, namely the point at infinity. Otherwise, given a congruence class x ∈ Fp , there are at most two solutions to the defining equation Y 2 ≡ σ(x)
and thus there at most two points for each of the p congruence classes of Fp .
However, a sharper bound was conjectured by Emil Artin and proved by Helmut
Hasse in the year 1933. In consequence, the particular interval or bound is sometimes referred to as Hasse interval and Hasse bound, respectively. For a proof of this
important theorem, we refer again to the textbook [Sil09].
Theorem 3.1.1 (Hasse). Let p > 3 be a prime and Ea,b an elliptic curve such that
Ea,b has a good reduction modulo p. Then
√
|p + 1 − Np (Ea,b )| ≤ 2 p.
We have now collected all important tools to finally proceed to the core of this
present thesis – the conjecture of Birch and Swinnerton-Dyer.
47
3. The conjecture of Birch and Swinnerton-Dyer
3.2. The weak version – a first approach
Recall that our aim is to gain information on the number of points on an elliptic curve
over Q by analyzing it locally over all prime fields. The following example compares
the number of points Np on the elliptic curves E4 and E6 modulo increasing primes
to get a first impression of this idea.
H Example 3.2.1
These tables were created with Sage and the particular Listings A.3, A.4 and
A.5 can be found in the Appendix.
First off, consider the elliptic curve E4 : Y 2 = X 3 − 16X. In this case, the
number of points Np (E4 ) is lower than the “expected” value p + 1 for the primes
p = 13, 17, 41 and 53.
Table 3.1.: Np (E4 ) for 5 ≤ p ≤ 53
p
Np
5
8
7
8
11
12
13
8
17
16
19
20
23
24
29
40
31
32
37
40
41
32
43
44
47
48
53
40
By computing the particular density of Np (E4 ) we get the following figure.
Np (E4 )/p
1.6
1.4
1.2
1
0.8
p
0.6
0
10
20
30
40
50
Figure 3.1.: Density of Np (E4 ) for 5 ≤ p ≤ 53
On the other hand, consider the elliptic curve E6 : Y 2 = X 3 − 36X associated
to the congruent number n = 6. Contrary to the first curve, the number of
points Np (E6 ) is lower than p + 1 only for the primes p = 37 and 53.
Table 3.2.: Np (E6 ) for 5 ≤ p ≤ 53
p
Np
5
8
7
8
11
12
13
20
17
20
19
20
23
24
For E6 we get the following figure.
48
29
40
31
32
37
36
41
52
43
44
47
48
53
40
3. The conjecture of Birch and Swinnerton-Dyer
Np (E )/p
6
1.6
1.5
1.4
1.3
1.2
1.1
1
0.9
0.8
p
0
10
20
30
40
50
Figure 3.2.: Density of Np (E6 ) for 5 ≤ p ≤ 53
To finally compare the density of Np (E4 ) and Np (E6 ) we now introduce the
function
πEa,b (x) :=
Y
5≤p≤x
p∈P,p∤∆
Np (Ea,b )
p
and compute πEa,b (x) for both elliptic curves modulo primes up to x = 10000.
πE (x)
πE6 (x)
14
12
10
8
6
4
2
0
πE4 (x)
2000
4000
6000
8000
10000
x
Figure 3.3.: πE4 (x) versus πE6 (x) up to x = 10000
One can observe that
1. πE6 (x) is significantly larger than πE4 (x) and
2. πE6 (x) has logarithmic growth for x → ∞ whereas πE4 (x) is bounded by a
constant for almost all x ∈ N.
More precisely, πE4 (x) ∼ C with C = 1.6 and πE6 (x) ∼ 1.3104 · log x for x → ∞.
Note that the particular coefficients have been computed by using the curve
fitting algorithms which are natively supported by Sage.
49
3. The conjecture of Birch and Swinnerton-Dyer
πE (x)
1.3104 ·log(x)
πE6 (x)
C πE4 (x)
x
Figure 3.4.: πE4 (x) versus πE6 (x) with corresponding fitting curves
The main idea of the conjecture of Birch and Swinnerton-Dyer has already been
hinted in the previous example. By comparing the density of points Np (E) on an
elliptic curve E modulo all primes p we try to gain information on the number of
points on E over the field of rational numbers.
For instance, the elliptic curve E6 has positive rank since 6 is a congruent number.
Moreover, we have seen that πE6 behaves asymptotically like C·log(x) with a positive
constant C.
Otherwise, the elliptic curve E4 has rank zero since 4 is not a congruent number. In
this case, the product of the density
Np (E4 )
p
over increasingly primes p is bounded
by a constant C, i. e. πE4 ∼ C for x → ∞.
Many numerical computations for various elliptic curves confirm this observation
and we state the following first weak version of the Birch and Swinnerton-Dyer
conjecture.
Conjecture 3.2.1 (Weak B-SD conjecture). Let Ea,b be an elliptic curve with a, b ∈
Z. Then
πEa,b (x) :=
Y
5≤p≤x
p∈P,p∤∆
Np (Ea,b )
∼ CEa,b (log(x))r
p
for x → ∞ where CEa,b is a positive constant solely depending on the elliptic curve
Ea,b and r the rank of Ea,b .
50
3. The conjecture of Birch and Swinnerton-Dyer
3.3. The Hasse-Weil L-function
If not stated other, the following definitions and statements are adopted from [Loz11],
[AG12] and [Kob93].
In Definition 3.1.2 we distinguished between good and bad reductions of an elliptic
curve E modulo a prime p. If E has a good reduction modulo p, the number of
points Np on the reduced curve E modulo p is given by
Np = p + 1 − ap ,
√
√ where ap lies in the interval −2 p, 2 p by Theorem 3.1.1. Conversely, if E has
a bad reduction modulo p, the reduced curve E modulo p has one singular point
which is not taken into account. Hence, for bad reductions, one has
Np = p − ap .
Moreover, the number ap can be given explicitly in this case, for which we have to
refine the definition of a bad reduction at a prime p.
Suppose Ea,b is a singular curve defined by f (X, Y ) = 0 with
f (X, Y ) := Y 2 − X 3 − aX − b .
Moreover, let P := (x0 , y0 ) ∈ Ea,b (F) be the unique singular point of Ea,b over the
field F.
Then
∂f
∂x
(x0 , y0 ) =
∂f
∂y
(x0 , y0 ) = 0 and thus we can write the Taylor expansion of f
around P as follows:
f (X, Y ) − f (x0 , y0 )
= λ1 (X − x0 )2 + λ2 (X − x0 )(Y − y0 ) + λ3 (Y − y0 )2 − (X − x0 )3
=
((Y − y0 ) − α(X − x0 )) · ((Y − y0 ) − β(X − x0)) − (X − x0 )3
for some λi ∈ F and α, β ∈ F.
Definition 3.3.1. Let Ea,b be an elliptic curve over a field F defined by f (X, Y ) = 0
as above. The singular point P ∈ Ea,b (F) is a node if α 6= β in the Taylor expansion
of f around P . If α = β, then the point P is referred to as cusp.
In Figure 2.1 we have already seen an example of a singular curve. The curve C has
a node at the singular point P = (1, 0). Its counterpart, a cusp, can be seen on the
right of the following figure, where the singular curve X 3 − Y 2 = 0 is presented.
51
3. The conjecture of Birch and Swinnerton-Dyer
(a) C : X 3 − 3X + 2 − Y 2 = 0
(b) C ′ : X 3 − Y 2 = 0
Figure 3.5.: Node of C versus cusp of C ′
By this distinction between the two types of singular points we are now able to
introduce the following characterization of altogether three different kinds of bad
reductions.
Definition 3.3.2. Let Ea,b be an elliptic curve given by a minimal model and let
p ≥ 2 be a prime such that Ea,b has bad reduction at p. If Ea,b has a cusp at the
singular point P ∈ Ea,b (Fp ), then we say that Ea,b has additive reduction. On the
other hand, if P is a node, then we say that Ea,b has multiplicative reduction and in
addition, if α and β as above are in Fp , the reduction is said to be split multiplicative.
Recalling our initial investigation, we can now give ap explicitly in the case that the
elliptic curve E has bad reduction at the prime p. A full treatise on this result can
be found for example in [AG12, Chap. 9].
Table 3.3.: Counting points on singular curves
Type of reduction
Additive
Multiplicative
Split Multiplicative
ap
0
−1
1
Np
p
p−1
p+1
We are now finally able to introduce the Hasse-Weil L-function and examine its
connection to the congruent number problem.
Definition 3.3.3. The Hasse-Weil L-function of the elliptic curve E is defined to
be
L(E, s) =
Y
p∈S
Y
1
1
,
−s
−s
1 − ap p p∈S
1 − ap p + p1−2s
/
where S is the set of primes p for which E has bad reduction at p.
52
3. The conjecture of Birch and Swinnerton-Dyer
The Hasse-Weil L-function of an elliptic curve can be rewritten as a Dirichlet series,
simplifying it drastically. The arithmetic steps of this transformation can be looked
up in the textbook [AG12, Chap. 13] or [Loz11, Chap. 5].
Proposition 3.3.1. The Hasse Weil L-function of an elliptic curve E can be written
as the series
X an
L(E, s) =
n≥1
ns
,
where an is defined as ap if n is equal to a prime p. Moreover, if n = pr for some
r ≥ 1, we define apr recursively using the relation
ap · apr = apr+1 + p · apr−1
if E has good reduction at p
and apr = (ap )r if E has bad reduction at p. Finally, if gcd(m, n) = 1, then we set
amn = am an .
As it was already mentioned, we are especially interested in the value of the function
L(En , s) attached to our special elliptic curve En at the “critical” value s = 1. To
be able to study the L-function further, we need to introduce some more definitions,
which are directly adopted from [Loz11].
Definition 3.3.4. Let E be an elliptic curve over Q and L(E, s) the corresponding
L-function. For each prime p ∈ P we define the quantitiy fp as
fp =



0,






1,


2,





2 + δ ,
p
if E has good reduction at p,
if E has multiplicative reduction at p,
if E has additive reduction at p and p 6= 2, 3 ,
if E has additive reduction at p = 2 or p = 3,
where δp is defined as in [ST92].
Following this, the conductor NE(Q) of E(Q) is then defined to be
NE(Q) =
Y
pfp .
p∈P
Our last step to point out the connection between the algebraic rank of an elliptic
curve E and the behaviour of the corresponding L-function at the value s = 1 is
to carry out the analytic properties of this function. The next results follow from
the well-known Taniyama-Shimura-Weil conjecture, which was proved by the work
of Wiles, Taylor, and Breuil et. al. in the late 20th century.
53
3. The conjecture of Birch and Swinnerton-Dyer
Theorem 3.3.1. The L-series L(E, s) has an analytic continuation to the entire
complex plane and it satisfies the functional equation
Λ(E, s) = ω · Λ(E, 2 − s)
with
ω = ±1 ,
where ω is usually referred to as the root number of E,
Λ(E, s) = NE(Q)
and Γ(s) denotes the Gamma function
s
2
R∞
0
(2π)−s Γ(s)L(E, s) .
ts−1 e−t dt.
We can now finally close the gap between the conjecture as it was given in the previous section and the L-function of an elliptic curve as it was introduced throughout
the last pages. By computing the Taylor expansion of L(E, s) at s = 1 we get
L(E, s) = C0 (s − 1)RE + C1 (s − 1)RE +1 + C2 (s − 1)RE +2 + . . .
where C0 is a non-zero constant.
We refer to RE , the power of the first non-vanishing term in the Taylor expansion
of L(E, s) at s = 1 as the analytic rank of the elliptic curve E. The weak Birch–
Swinnerton-Dyer-conjecture now states, exactly at it was hinted in the previous
section, that the analytic rank RE of an elliptic curve E corresponds to the algebraic
rank r of E.
Conjecture 3.3.1 (Birch and Swinnerton-Dyer). Let E be an elliptic curve
over Q and let L(E, s) be the corresponding L-function of E. Then L(E, s) has a
zero at s = 1 of order equal to the algebraic rank r of E, i. e. the Taylor expansion
of L(E, s) is of the form
L(E, s) = C0 (s − 1)r + higher order terms
with
C0 6= 0.
Note that we referred to Conjecture 3.3.1 only as its weak version. In fact, the two
namesakes of this conjecture gave a much more detailed description of the leading
coefficient C0 of the Taylor expansion of L(E, s) at s = 1. For a comprehensive summary of the strong version, we refer the interested reader to the textbook [Loz11].
3.4. Tunnell’s Theorem
As it was shown in the previous section, the Conjecture 3.3.1 relates the rank of an
elliptic curve E to the behaviour of the L-function of E at the critical value s = 1.
54
3. The conjecture of Birch and Swinnerton-Dyer
This conjecture leads to an effective method of deciding whether or not n is a congruent number, which was proven by Jerrold B. Tunnell in the year 1983. A comprehensive sketch of a proof for Tunnell’s Theorem can be found in the textbook
[Kob93].
Theorem 3.4.1 (Tunnell). For a given squarefree positive integer n, define
n
o
An = (a, b, c) ∈ Z3 | n = 2x2 + y 2 + 32z 2 n
o
Bn = (a, b, c) ∈ Z3 | n = 2x2 + y 2 + 8z 2 n
Cn = (a, b, c) ∈ Z3 | = 4x2 + y 2 + 32z 2 2
n
Dn = (a, b, c) ∈ Z3 | = 4x2 + y 2 + 8z 2 .
2
If n is an odd (respectively, even) congruent number, then
2An = Bn
(respectively, 2Cn = Dn ).
Conversely, if the Conjecture 3.3.1 is true, then these equalities imply that n is a
congruent number.
The four sets An , Bn , Cn and Dn depend on a sum of three squares, hence a, b, c are
√
bounded at most by ± n. For instance, one may loop through all possibilities of a
and b in the corresponding interval to check whether or not there exists a suitable
c ∈ Z satisfying the particular equation. Thus, the cardinality of these sets can be
computed in linear time, which implies that - assuming that the underlying conjecture holds - the congruent number problem can be decided by an deterministic
algorithm in polynomial time, i. e. the congruent number problem lies in the complexity class P . Note that a simple implementation of this particular algorithm on
the next page in Sage can be found in the appendix.
For instance, by using this algorithm to determine whether or not n is a congruent
number for n ≤ 900, we obtain Figure B.3. The integers are arranged in a spiral
starting with 1 at the center, comparable to the Ulam spiral for prime numbers.
Before we proceed to the fourth chapter where the congruent number problem is
generalized to certain number fields, we conclude this chapter with an apt quotation:
“It is remarkable that the nearly complete solution that we now have to
such an old and naive question as the congruent number problem, has
required some of the most powerful and sophisticated tools from diverse
branches of twentieth century mathematics.”
55
(cf. [Kob93, p. 222])
3. The conjecture of Birch and Swinnerton-Dyer
Algorithm 3.1: Determining whether or not n is a congruent number (conditional
on the Conjecture 3.3.1)
Input : Squarefree positive integer n
Output : True if n is a congruent number, False otherwise
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
if n mod 2 = 1
An := 0
Bn := 0
18
19
20
j q k
n
2
lq m
n
2
to
do
for a ← −
√
√
for b ←
q ⌊− n⌋ to ⌈ n ⌉ do
if
21
22
n−2a2 −b2
∈Z
32
An = An + 1
q
2
2
else if n−2a8 −b ∈ Z
Bn = Bn + 1
end
end
end
if 2An = Bn
return True
else
return False
end
23
24
25
26
27
28
29
30
31
32
33
34
35
56
else if n mod 2 = 0
Cn := 0
Dn := 0
j q k
for a ← −
n
8
to
j q k
for b ← −
qn
n
2
lq m
n
8
to
−4a2 −b2
∈Z
32
Cn = Cn + 1
qn
−4a2 −b2
2
else if
8
Dn = Dn + 1
if
2
end
end
end
if 2Cn = Dn
return True
else
return False
end
end
do
lq m
n
2
∈Z
do
4. A generalization of the congruent number
problem
“Like any empire, its borders have subsequently grown. The higher reaches of
algebraic number theory are now one of the crown jewels of mathematics.”
— H.P.F. Swinnerton-Dyer, A Brief Guide to Algebraic Number Theory
This chapter abandons the classical definition of the congruent number problem and
looks toward a natural generalization of this ancient problem by allowing the sides
of the corresponding right triangles to belong to an algebraic number field. For the
origin of this treatise, we refer to [Tad01] and [GGDGJ+ 09].
4.1. Number fields
We begin this section by introducing the so-called algebraic numbers as roots of
certain polynomials. If not indicated other, the particular definitions and theorems
are adopted from [NZM91] and [IR90].
Definition 4.1.1. An algebraic number is a complex number ξ that satisfies some
polynomial equation a0 xn +a1 xn−1 +a2 xn−2 +· · ·+an = 0 where a0 , a1 , a2 , . . . , an ∈ Q
and a0 6= 0.
Given an algebraic number ξ, there is a unique irreducible monic polynomial g(x)
of lowest degree under all polynomials over Q having ξ as root. This particular
polynomial is referred to as minimal polynomial of ξ.
Definition 4.1.2. The degree of an algebraic number ξ is defined to be the degree
of the minimal polynomial of ξ.
H Example 4.1.1
The complex number i satisfies the polynomial equation x2 + 1 = 0. The polynomial x2 + 1 is irreducible, monic and of lowest degree under all polynomials
having i as root. Hence i is an algebraic number of degree 2.
57
4. A generalization of the congruent number problem
The remarkable thing is, that the set of all algebraic numbers A is closed under
addition, multiplication and taking inverses, i. e. if ξ1 and ξ2 are algebraic numbers,
so are ξ1 + ξ2 , ξ1 ξ2 and their corresponding inverses. In other words, A is a field
under the complex addition and multiplication.
In general, we introduce the following definition of an algebraic number field.
Definition 4.1.3. Let ξ be an algebraic number of degree n. The set of all complex
numbers
p(ξ)
q(ξ)
with polynomials p, q over Q such that q(ξ) 6= 0 is called an algebraic
number field and denoted by Q(ξ).
Let ξ be again an algebraic number of degree n. As one can easily check, the algebraic
number field Q(ξ) is a simple field extension of Q generated by adjoining ξ to the
field Q. The degree of the extension Q(ξ) of Q is defined by the dimension of Q(ξ)
as Q vector space and we can state the following proposition.
Proposition 4.1.1. Let ξ be an algebraic number of degree n. Then Q(ξ) is a simple
field extension of Q with degree [Q(ξ) : Q] = n and base B = 1, ξ, ξ 2 , . . . , ξ n−1 .
In addition, if the degree [Q(ξ) : Q] of the algebraic number field Q(ξ) is 2 or 3, the
particular number field is called quadratic or cubic, respectively.
H Example 4.1.2
As we have seen in the previous example, the imaginary unit i is an algebraic
number of degree 2. According to the previous proposition, Q(i) is an quadratic
number field and its elements are algebraic numbers of the form a + bi with
a, b ∈ Q.
√
Moreover, any quadratic number field can be written as Q( d) with a suitable
squarefree d ∈ Z. If the radicand d is positive, the number field is called real quadratic
and imaginary quadratic field otherwise.
4.2. Right triangles with algebraic sides
In this section, we generalize the congruent number problem by considering right
triangles with area n and sides lengths in certain algebraic number fields.
Definition 4.2.1. Let Q(ξ) be a number field and let n be a positive integer. We
say that n is a Q(ξ)-congruent number if there exist a, b, c ∈ Q(ξ) such that
(i) a2 + b2 = c2
and
58
1
(ii) n = ab .
2
4. A generalization of the congruent number problem
If ξ is an algebraic number of degree 1, i. e. ξ is of the form a · 1 with a ∈ Q, we
have Q(ξ) ∼
= Q(1) ∼
= Q and the Q(ξ)-congruent numbers are nothing but the usual
congruent numbers. These have already been treated in the previous chapters and
hence we consider only algebraic number fields of degree d ≥ 2.
In the first chapter we have seen that any right triangle (a, b, c) over Q with area
n corresponds to a particular point P on the elliptic curve En . Additionally, this
point must be a non-torsion point of En since all torsion points of En over Q have
y-coordinate zero. Unfortunately, this relation is not true for the generalized set of
right triangles with sides over an algebraic number field as the following example
shows.
H Example 4.2.1
√
√
The sides a = 2, b = 2 and c = 2 form a right triangle over the quadratic
√ √
√
field Q( 2). The area of this triangle is n = 21 · 2 · 2 = 1 and thus 1 is
√
According to Corollary 1.5.1, the right triangle
a Q( 2)-congruent number.
√
√
√
(a, b, c) yields the point 1 + 2, 2 + 2 on the elliptic curve E1 over Q( 2).
In chapter 2 we deduced the duplication formula [2]P = (x′ , y ′ ) with
′
x =
x2 + n2
2y
!2
for a point
P = (x, y) on
the elliptic curve En . By applying this formula to the
√ √
point 1 + 2, 2 + 2 we get
[2] 1 +
√
2, 2 +
√ 2 = (1, 0)
√ √
√ which in turn is a torsion point of E1 Q( 2) . Hence 1 + 2, 2 + 2 is a
torsion point of order 4 since [2](1, 0) = O.
The previous example demonstrates that Corollary 2.6.2
does not hold for elliptic
√ √
curves over algebraic number fields. The right triangle
2, 2, 2 with sides over
√
√
Q( 2) yields a torsion point on the elliptic curve E1 over Q( 2). Hence, the existence
of a right triangle with area n and sides over an algebraic number field does alone not
imply that the corresponding elliptic curve En over this number field has positive
rank.
Hence, to fix this issue, we now introduce the following extended definition of a
Q(ξ)-congruent number.
59
4. A generalization of the congruent number problem
Definition 4.2.2. Let ξ be an algebraic number and n a Q(ξ)-congruent number.
We say that n is a properly Q(ξ)-congruent number if there are infinitely many right
triangles (a, b, c) with a, b, c ∈ Q(ξ) and area n.
Obviously, every properly Q(ξ)-congruent number is also a Q(ξ)-congruent number.
For the special case ξ = 1, the converse is also true. Since every Q-congruent number
n ∈ N involves infinitely many rational points on the corresponding elliptic curve
En over Q, there are likewise infinitely many right triangles (a, b, c) with area n
and a, b, c ∈ Q. Hence, every Q-congruent number is also a properly Q-congruent
number. Nevertheless, this is not true for any arbitrary algebraic number field. As
Masatomo Tada showed in [Tad01], the following statement holds.
Theorem 4.2.1 (Tada). If n is not a Q-congruent number, then it is a properly
√
Q( m)-congruent number if and only if nm is a Q-congruent number.
For instance, since 1 and 2 are both not congruent over Q, the previous theorem
√
yields that 1 is neither a properly Q( 2)-congruent number.
4.3. Congruent numbers over real quadratic fields
The natural questions arises, whether, if at all, 1 is a properly Q(ξ)-congruent number
for any suitable algebraic number ξ ∈ A. The answer to this question was given by
Girondo et. al. in their article [GGDGJ+ 09].
√
Proposition 4.3.1. Every positive integer n is a properly Q( d)-congruent number
for some squarefree d ∈ N.
√
Proof. To check whether or not n ∈ N is a properly Q( d)-congruent number, we
√
have to find infinitely many solutions a, b, c ∈ Q( d) to the system
(i) a2 + b2 = c2
and
1
(ii) n = ab .
2
We choose b to be any rational number. The second equation yields a =
first equation can thus be written as
4n2 + b4 = c2 b2 .
Therefore, the third side c is given by
c=
√
4n2 + b4
.
b
60
2n
b
and the
4. A generalization of the congruent number problem
The radicand m := 4n2 + b4 can
be written
as m = s2 d with s, d ∈ N such that d is
√ √
squarefree and it follows that a, b, s b d is a right triangle over Q( d) with area n.
√
Hence, n is a Q( d)-congruent number.
√ From [Kwo97, Corollary 2] we know, that the torsion group Ea,b Q( d)
of
tors
√
an elliptic curve Ea,b over a quadratic field Q( d) is equal to the torsion group
Ea,b (Q)tors of Ea,b over Q for all but finitely many squarefree d ∈ N. In the special
case Ea,b = En , these finitely many exceptions are given by n = 1, m = 1 and n = 1,
m = 2 as Tada [Tad01, Proposition 1] proved.
√ √
Note that the above deduced right triangle a, b, s b d over Q( d) corresponds
√
to a Q( d)-rational
point P = (x, y) on the elliptic curve En . Since y 6= 0 and
√ is equal to Ea,b (Q)tors , this particular point has infinite order. Hence
Ea,b Q( d
tors
√
there are infinitely many right triangles (a′ , b′ , c′ ) with area n over Q( d) and thus
√
n is a properly Q( d)-congruent number.
We now return to the question whether 1 is a properly Q(ξ)-congruent number for
any suitable algebraic number ξ ∈ A.
H Example 4.3.1
With Proposition 4.3.1 we are able to find a right triangle having area 1 and
side lengths over a particular quadratic number field. By choosing b = 1, the
√
other sides of such a triangle can be calculated to a = 2 and c = 5. As one
can easily verify, this is indeed a right triangle having area 1 and side lengths
√
over the quadratic number field Q( 5).
√
Figure 4.1.: Properly Q( 5)-congruent number 1
√
61
1
2
and c =
260
4
√
65
2 , which
√
altogether form a right triangle of area 1 having side lengths over Q( 65).
If we choose b = 4 in the beginning, we get a =
=
4. A generalization of the congruent number problem
4.4. Congruent numbers over cubic fields
In the previous section we have seen that every positive integer n is a properly
congruent number over some real quadratic field. As Girondo et. al. showed, this is
also true over certain cubic number fields depending on n.
Before we can actually state and give a proof of this result, we need to introduce an
important definition of a special class of elliptic curves.
Definition 4.4.1. An elliptic curve E over a subfield of C has complex multiplication
if End(E(C)) 6= Z.
Theorem 4.4.1. Every positive integer n is properly congruent over some real cubic
number field. More precisely, for a positive integer n let λ = λ(n) be the unique real
solution of the cubic equation
32λ3 − 32λ2 + 8λ + n2 = 0 .
Then the point Pλ = (xλ , yλ ) with coordinates given by
xλ =
1
2
4
2
4
λ
256
+
992n
+
65n
+
1024
−
2688n
−
28n
4(n2 − 16)2
2
+ 1024 + 1920n + 4n
4
λ
2
and
yλ =
1
2
32(n − 16)3
− 16384 + 72704n2 + 80960n4 + 2868n6 − n8
+ 196608 − 462848n2 − 145152n4 − 1456n6 λ
+ 196608 + 421888n2 + 100608n4 + 208n6 λ2
is of infinite order in the Mordell-Weil group of the elliptic curve En over Q (λ).
Proof. The particular cubic equation 32λ3 −32λ2 +8λ+n2 = 0 having λ = λ(n) as
unique real solution can be deduced from an identity of Adolphe Desboves which
can be found in [Des79]. As he proved, the following equation holds
Y 2 + 2XY − X 2
4
+ 2X 3 Y + X 2 Y 2
= X 4 + Y 4 + 10X 2 Y 2 + 4XY 3 + 12X 3 Y
62
2X + 2Y
2
4
4. A generalization of the congruent number problem
and by the substitution X = 1 − 2λ, Y = 4λ we get the identity
1 − 12λ + 4λ2
4
2 + 8λ 2λ − 1
= 1 + 40λ − 104λ2 + 160λ3 + 16λ4
4
2(1 + 2λ)
2
.
By setting d = d(λ) = 8λ(2λ − 1)2 , this equation simplifies to
y 2 = x3 + dx ,
where
1 − 12λ + 4λ2
x = x(λ) =
and
y = y(λ) =
1 − 12λ + 4λ2
2
4 1 + 2λ
2
2
1 + 40λ − 104λ2 + 160λ3 + 16λ4
8 1 + 2λ
3
.
In other words, we have thereby found the point Pλ = (x, y) on the elliptic curve E
defined by the equation Y 2 = X 3 + dX.
Recall, that we are trying to prove that n is a properly congruent number over a
cubic field. We therefore have to prove that the elliptic curve E is indeed of the form
Y 2 = X 3 − n2 X. Hence, we consider the equation
−n2 = d = 8λ(2λ − 1)2 .
As one can verify by simple calculation, this equation has exactly one unique real
solution given by
λ = λ(n) =
where κ = κ(n) =
q
3
1
1
1
+ κ+
,
3 12
3κ
√
−8 − 27n2 + 3 48n2 + 81n4 is chosen to be the unique real
third root which is negative for all n ∈ N.
Again, as one can check by computation, the coordinates of the point P = (xλ , yλ )
are given as in Theorem above and the point does indeed lie on the elliptic curve
E : Y 2 = X 3 − n2 X defined over the cubic field Q(λ), i. e. P ∈ E(Q(λ)).
To conclude the proof, we now have to show that the point P has infinite order on
the elliptic curve E over Q(λ). For this, we use a result on bounds for the order
of the subgroup of torsion points on an elliptic curve with complex multiplication
defined over a number field.
Recall, that there exists a one-to-one correspondence between an elliptic curve defined by the equation Y 2 = X 3 − 15G4 X − 35G6 and the complex torus C/Ω defined
by the complex lattice Ω(ω1 , ω2 ). In our particular case, the Eisenstein series of
weight 4 and 6 must satisfy 15G4 = n2 and 35G6 = 0. Either by use of a computer
63
4. A generalization of the congruent number problem
algebra package or by hand computation we see that the half periods ω1 and ω2 of
the lattice Ω are then of the form ω1 = µ and ω2 = iµ for some µ ∈ R.
′
Now let P = (x, y) = ℘(z), ℘ 2(z)
with corresponding z ∈ C be a point on the
elliptic curve E over C. We can see that
℘(iz) =
X
X 1
1
1
1
1
1
+
−
+
−
=
(iz)2 ω∈Ω (iz − ω)2 ω 2
(iz)2 iω∈Ω (iz − iω)2 (iω)2
ω6=0
iω6=0
= ℘(iz)
and ℘′ (iz) = i℘′ (z) by the same argument. We now denote with r the map that
sends the point P = (x, y) on the elliptic curve to (−x, iy). Since
r2 (P ) = r(−x, iy) = (x, −y) = −P ,
the map r is an endomorphism on the elliptic curve E which implies that E has
complex multiplication by Z [i].
Applying the previously mentioned results of [PY01] and [Sil92], we obtain that if
M is the order of a torsion point of En (Q(λ), then φ(M ) ≤ 6 where φ is Euler’s
φ-function. Therefore
M ∈ B = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 14, 18} .
Hence, if the order of Pλ is not in B, it must necessarily have infinite order. To prove
this, we either can compute [2]Pλ , [3]Pλ , . . . , [18]Pλ to show that [n]Pλ 6= O for all
n ≤ 18 or use the idea of Girondo et. al. who use the m-division polynomial Ψm (x)
associated with the elliptic curve En to accomplish this in a more elegant way. For
an insight into the latter idea, we refer to the corresponding article [GGDGJ+ 09].
Nevertheless, both methods prove that Pλ has infinite order and hence n is a properly
congruent number.
4.5. Pairs of congruent numbers
We conclude this thesis with an interesting question: Given a pair (n, m) of two
positive integers n and m, is there a number field Q(α) such that n and m are
properly Q(α)-congruent?
Definition 4.5.1. Given two squarefree positive integers n and m, the pair (n, m)
is called properly Q(α)-congruent if n and m are properly Q(α)-congruent.
Obviously, if at least one of the integers n and m is congruent over Q, for example n
without loss of generality, then the pair (n, m) is properly Q(α)-congruent for some
64
4. A generalization of the congruent number problem
algebraic number α such that m is properly Q(α)-congruent since all congruent
numbers over Q are congruent over any number field. Moreover, suppose that n
is properly Q(α)-congruent for some algebraic number α. Then the pair (n, m) is
always properly Q(α)-congruent if m is of the form m = r2 n where r is a positive
integer as consequence of Proposition 1.1.2. Hence we require n and m to be
1. not congruent over Q and
2. m 6= r2 n for all positive integers r.
If n is properly Q(α)-congruent for an algebraic number α of degree d1 and m is
properly Q(β)-congruent for an algebraic number β of degree d2 , then the pair (n, m)
is of course congruent over the algebraic number field Q(α, β) of degree d1 d2 .
Q(α, β)
d2
d1
Q(α)
Q(β)
d1
d2
Q
Figure 4.2.: Field diagram of Q, Q(α), Q(β) and Q(α, β)
√
For instance, if n is properly congruent over the field Q( d) and m is properly
congruent over a field Q(λ) of degree 3 then (n, m) is properly congruent over the field
√
Q( d, α) of degree 6. This is not very interesting and hence we focus on congruent
number pairs over number fields of prime degree.
4.5.1. Pairs of congruent numbers over quadratic fields
In the quadratic case, this question can be answered easily by using Theorem 4.2.1.
Suppose n and m are two squarefree positive integers which are both not congruent
√
over Q. According to Proposition 4.3.1, the integer n must be properly Q( d)congruent for some squarefree d ∈ N. Since m is not a Q-congruent number by
√
assumption, it is properly Q( d)-congruent if and only if md is congruent over Q.
Corollary 4.5.1. Let n and m be two squarefree positive integers such that neither
√
n nor m are congruent over Q. Then (n, m) is a properly Q( d)-congruent pair if
and only if nd and md are congruent over Q.
65
4. A generalization of the congruent number problem
Proof. Suppose n and m are two squarefree positive integers which are both not
congruent over Q. Then, without loss of generality, we can find by Theorem 4.4.1
√
some squarefree d ∈ N such that n is a properly Q( d)-congruent number. Furthermore, if md is congruent over Q, then there exist three sides a, b and c such that
√
√
√
a2 + b2 = c2 and 21 ab = md holds. By setting a′ = ad d, b′ = db d and c′ = dc d, we
√
find three sides over Q( d) such that
(a′ )2 + (b′ )2 = (
b √ 2 a2 + b2
c2
a√ 2
d) + (
d) =
=
= (c′ )2
d
d
d
d
and
1 ′ ′
ab √
a b = 2 ( d)2 = m .
2
2d
√
Hence m is a properly congruent number over Q( d) with corresponding right tri-
angle (a′ , b′ , c′ ).
Conversely, if nd and md are congruent over Q, there are two right triangles with
a2 + b2 = c2 , 12 ab = nd and e2 + f 2 = g 2 , 21 ef = md, respectively. As prior, we can
√
√
√
√
√
√
set a′ = ad d, b′ = db d, c′ = dc d, e′ = de d, f ′ = fd d and g ′ = dg d to find
√
√
two right triangles (a′ , b′ , c′ ) over Q( d) with area n and (e′ , f ′ , g ′ ) over Q( d) with
√
area m. Thus, (n, m) is a pair of properly congruent numbers over Q( d).
Note that the radicand d is not unique, i. e. there is a set D ⊂ N of squarefree
√
integers di ∈ D such that n is properly Q( di )-congruent. Hence, if md is not Qcongruent, one may try to choose another squarefree integer d′ ∈ D hoping that md′
is Q-congruent in this particular case.
H Example 4.5.1
In this example we choose n = 1 and n = 3 and try to find a squarefree d ∈ N
√
such that (1, 3) is a properly Q( d)-congruent pair. As we already know, the
√
5) with corresponding right triangle
integer
1
is
properly
congruent
over
Q(
√ √
2, 1, 5 . By Theorem 4.2.1, the integer 3 is properly Q( 5)-congruent if and
only if 15 is congruent over Q. In the very beginning we have computed the
right triangle (8, 15, 17) with area 60 by using Euclid’s formula for generating
primitive Pythagorean
triples. Removing the square factor 22 yields the right
17
with area 15 and hence, 15 is congruent over Q.
triangle 4, 15
2 , 2
√
√
√ 17 √ 15
5 yields the right triangle 54 5, 10
5, 10 5 with area
√
√
3 and side lengths over Q( 5). Thus, the integer 3 is properly Q( 5)-congruent
√
and altogether, the pair (1, 3) is also properly Q( 5)-congruent.
Dividing all sides by
66
4. A generalization of the congruent number problem
√
Figure 4.3.: Properly Q( 5)-congruent pair (1, 3)
Note that this pair can be extended by 11, 12, 16, 17, . . . since 55 = 11 · 5, 60 =
12 · 5, 80 = 16 · 5, 85 = 17 · 5, . . . are congruent over Q.
4.5.2. Pairs of congruent numbers over cubic fields
By requiring the underlying field of a congruent number pair to be of degree three,
the difficulty of finding such pairs changes. In summary, we are looking for two
properly congruent numbers m, n over an algebraic field Q(α) of degree 3 such that
m and n are not congruent over Q.
To start with, let n be a positive integer which is not congruent over Q. Following
Theorem 4.4.1, there exists an algebraic number λ = λ(n) of degree 3 such that n is
congruent over the cubic field Q(λ) defined by the equation 32λ3 −32λ2 +8λ+n2 = 0.
Furthermore, let m 6= n be another positive integer which is neither congruent over Q.
Our present aim is to find a µ ∈ Q(λ) such that the equality 32µ3 −32µ2 +8µ+m2 = 0
holds.
As we are operating in a field, there exists an algebraic number χ ∈ Q(λ) with
µ = λ + χ. Hence, the second equality can be written as
32(λ + χ)3 − 32(λ + χ)2 + 8(λ + χ) + m2 = 0 .
67
4. A generalization of the congruent number problem
Expanding the left hand side gives us
32λ3 − 32λ2 + 8λ + 32χ3 − 32χ2 + 8χ + 96λ2 χ + 96λχ2 − 64λχ = −m2
and since 32λ3 − 32λ2 + 8λ = −n2 the equation simplifies to
32χ3 − 32χ2 + 8χ + 96λ2 χ + 96λχ2 − 64λχ = n2 − m2 .
All in all we are thus looking for a χ ∈ Q(λ) such that the left hand side of the
above given equation is equal to an integer.
Since χ ∈ Q(λ), there exist a, b, c ∈ Q such that χ = a + bλ + cλ2 . Note that we
want to ignore shifts of such a form that µ = λ + χ ∈ Q, i. e. we require furthermore
(b, c) 6= (−1, 0). This in turn leads to the equation
n2 − m2 = 32a3 − 32a2 + 8a + 96a2 b + 96a2 − 64ab − 64a + 8b λ
+ 96a2 c + 96ab2 + 192ab − 64ac + 96a − 32b2 − 64b + 8c λ2
+ 192abc + 192ac + 32b3 + 96b2 − 64bc + 96b − 64c λ3
+ 96ac2 + 96b2 c + 192bc − 32c2 + 96c λ4
+ 96bc2 + 96c2 λ5 + 32c3 λ6 .
The 3rd, 4th, 5th and 6th power of λ can be written as
n2
1
,
λ3 =λ2 − λ −
4
32
3
8 + n2
n2
λ4 = λ2 −
λ−
,
4
32
32
16 − n2 2 6 + n2
3n2
λ5 =
λ −
λ−
and
32
32
128
10 − 2n2 2 16 + 2n2
16n2 − n4
λ6 =
λ −
λ−
.
32
128
1024
Thus the previous equation is equivalent to
n2 − m2 = fn (a, b, c) + g(a, b, c)λ + h(a, b, c)λ2
where fn , gn and hn are polynomials in a, b, c ∈ Q given by
fn (a, b, c) := 32a3 − 32a2 − 6abcn2 − 3ac2 n2 − 6acn2 + 8a − b3 n2 − 3b2 cn2 − 3b2 n2
c3 n4 c3 n2 5c2 n2
9
−
−
− cn2 ,
− bc2 n2 − 4bcn2 − 3bn2 +
4
32
2
4
68
4. A generalization of the congruent number problem
gn (a, b, c) := 96a2 b + 96a2 − 48abc − 64ab − 3ac2 n2 − 24ac2 − 48ac − 64a − 8b3
− 3b2 cn2 − 24b2 c − 24b2 − 3bc2 n2 − 18bc2 − 6bcn2 − 32bc
− 16b −
c3 n 2
− 4c3 − 2c2 n2 − 10c2 − 3cn2 − 8c
2
and
hn (a, b, c) := 96a2 c + 96ab2 + 192abc + 192ab + 72ac2 + 128ac + 96a + 32b3
+ 72b2 c + 64b2 − 3bc2 n2 + 48bc2 + 80bc + 32b − 2c3 n2 + 10c3
− 3c2 n2 + 24c2 + 16c.
Theorem 4.5.1. Let n be a non-congruent positive integer. Given another noncongruent positive integer m 6= r2 n for r ∈ N, the pair (n, m) is properly Q(λ)-
congruent if the system of polynomial equations
has a solution in Q3 such that

 g(a, b, c) = 0
 h(a, b, c) = 0
(b, c) 6= (−1, 0)
and
m2 = n2 − fn (a, b, c) .
For instance, if we use an computer algebra package to solve the above given system
of polynomial equations, we see that
gn (0, 3, −6) = 0 and hn (0, 3, −6) = 0
holds for all n ∈ N. This gives us
n2 − m2 = fn
with fn (0, 3, −6) = −3n2 −
or in other words
m2 = 4n2 +
27n4
4
27n4
.
4
By using the following algorithm in Sage for a given upper bound b ∈ N, we can
find candidates (n, m) for pairs of properly congruent numbers n ≤ b and m over a
cubic field.
69
4. A generalization of the congruent number problem
Listing 4.1: Finding pairs of congruent numbers over cubic field
1
2
3
4
5
6
def FindingPairsCubic ( b ):
col = [[ ’n ’ , ’m ’ ]];
for i in [1..1000000]:
if (4* i ^2+(27* i ^4)/4). is_square ():
col . append ([ i , sqrt (4* i ^2+(27* i ^4)/4))]);
return table ( columns = col , frame = True , header_column = True )
For the bound b = 106 , we find the following three candidates which satisfy the
conditions in Theorem 4.5.1:
Table 4.1.: Candidates for congruent number pairs over a cubic field
n
20
1040
54060
m
1040
2810080
7592835120
The first pair (20, 1040) can be ruled out, since 20 = 22 · 5 is congruent over the field
of fractions.1 The same argument applies to the second pair (1040, 2810080) since
2810080 is congruent over Q as consequence of Tunnell’s Theorem.
The third and last pair for the bound b is more interesting. Since the computation
whether or not 54060 and 7592835120 are congruent over Q was not finished until the
submission deadline of this present thesis, this exercise is left open to the interested
reader.
4.6. Conclusion
We have seen that it is possible to find pairs of properly congruent numbers over the
√
quadratic field Q( d) with a suitable radicand d ∈ N. Moreover, we have deduced
three polynomial equations which give us a pair of properly congruent numbers
over a cubic field under certain conditions. Nevertheless, this latter problem is not
exhausted at all. Analyzing the given polynomial equation and the corresponding
system of these equation may reveal additional possibilities to achieve a more feasible
condition to the existence of such pairs.
To conclude with, we rephrase an interesting but difficult question adopted from
[GGDGJ+ 09]: Given a number field Q(α), what are the properly congruent number
pairs over Q(α)?
1
Nevertheless, it is worth mentioning that both positive integers 20 and 1040 appear as area of a
right triangle having side lengths in Q(λ) \ Q.
70
Appendix
A. Listings
Listing A.2: Implementation of Algorithm 1.1 in Sage
1
2
3
4
5
6
7
8
def Pythagorean ( k ):
C = Set ();
for i in [1.. k -1]:
for j in [ i +1.. k ]:
if gcd (i , j )==1 and ( i % 2) != ( j % 2):
n = i * j *( j ^2 - i ^2)
C = C . union ( Set ([ n ]))
return C
Listing A.3: Np (Ea,b ) for increasingly primes p
1
2
3
4
5
6
7
8
9
def NmbFinPoints (k ,a , b ):
i = 5;
col = [[ ’p ’ , ’ N_p ’ ]];
while i <= k :
if not i . divides (4* a ^3+27* b ^2):
E = EllipticCurve ( GF ( i ) ,[0 ,0 ,0 , a , b ]);
col . append ([ i , E . cardinality ()]);
i = next_prime ( i );
return table ( columns = col , frame = True , header_column = True )
Listing A.4: Density of Np (Ea,b ) for increasingly primes p
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
def densityPlot (k ,a , b ):
i = 5;
listG = [];
listB = [];
while i <= k :
if not i . divides (4* a ^3+27* b ^2):
E = EllipticCurve ( GF ( i ) ,[0 ,0 ,0 , a , b ]);
l = E . cardinality ();
dens = ( l / i );
if dens > 1:
listG . append (( i , dens ));
if dens < 1:
listB . append (( i , dens ));
i = next_prime ( i );
return listG , listB
71
Appendix
Listing A.5: πE (x) for increasingly primes p
1
2
3
4
5
6
7
8
9
10
11
12
def piPlot (k ,a , b ):
i = 5;
dens = 1;
list = [];
while i <= k :
if not i . divides (4* a ^3+27* b ^2):
E = EllipticCurve ( GF ( i ) ,[0 ,0 ,0 , a , b ]);
l = E . cardinality ();
dens = dens * ( l / i );
list . append (( i , dens ));
i = next_prime ( i );
return list
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
def tunnell ( n ):
n = squarefree_part ( n );
if n % 2 == 1:
A = 0;
B = 0;
a_lim = RR ( sqrt ( n /2) + 1). ceil ();
b_lim = RR ( sqrt ( n ) + 1). ceil ();
for a in range ( - a_lim , a_lim +1):
for b in range ( - b_lim , b_lim +1):
i = (n -2* a ^2 - b ^2);
if sqrt ( i /32). is_integer ():
A = A +1;
elif sqrt ( i /8). is_integer ():
B = B +1;
if 2* A == B :
return True
else :
return False
if n % 2 == 0:
C = 0;
D = 0;
a_lim = RR ( sqrt ( n /8) + 1). ceil ();
b_lim = RR ( sqrt ( n /2) + 1). ceil ();
for a in range ( - a_lim , a_lim +1):
for b in range ( - b_lim , b_lim +1):
i = (( n /2) -4* a ^2 - b ^2);
if sqrt ( i /32). is_integer ():
C = C +1;
elif sqrt ( i /8). is_integer ():
D = D +1;
if 2* C == D :
return True
else :
return False
Listing A.6: Implementation of Tunnell’s Theorem
72
Appendix
B. Figures
Figure B.1.: Intersection of the two surfaces a2 + b2 = c2 and 21 ab = 6
73
Appendix
Figure B.2.: “Gluing together” the opposite sides of a fundamental parallelogram
74
Appendix
Figure B.3.: Congruent numbers up to 900 arranged in a spiral
75
List of Figures
1.1. Congruent numbers 5 and 6 and their corresponding triangles . . . .
5
1.2. Congruent number 157 and its corresponding triangle . . . . . . . .
6
1.3. Congruent number 7 and its corresponding triangle . . . . . . . . . .
14
1.4. Corollary 1.5.1 regarding sign and ordering changes for n = 6 . . . .
17
2.1. Non-singular curve C versus singular curve C ′ . . . . . . . . . . . . .
25
2.2. C :
X3
2
− 36X − Y = 0 with tangent line at S := (−3, 9)
. . . . . .
28
2.3. Ω(2 + 3i, 4 + i) with corresponding fundamental parallelogram π(Ω)
32
2.4. “Gluing together” the opposite sides of a fundamental parallelogram
33
2.5. Absolute value of ℘(z; 2, 2i) with corresponding lattice Ω . . . . . . .
34
2.6. Additive inverse −Pz obtained by reflecting Pz across the x-axis
. .
36
2.7. Addition of two points Pz1 and Pz2 on an elliptic curve . . . . . . . .
38
2.8. Duplication of a points Pz1 on an elliptic curve . . . . . . . . . . . .
39
2.9. Oranges stacked as a square pyramid . . . . . . . . . . . . . . . . . .
43
3.1. Density of Np (E4 ) for 5 ≤ p ≤ 53 . . . . . . . . . . . . . . . . . . . .
48
3.2. Density of Np (E6 ) for 5 ≤ p ≤ 53 . . . . . . . . . . . . . . . . . . . .
49
3.3. πE4 (x) versus πE6 (x) up to x = 10000 . . . . . . . . . . . . . . . . .
49
3.4. πE4 (x) versus πE6 (x) with corresponding fitting curves
. . . . . . .
50
. . . . . . . . . . . . . . . . . . . . . . .
52
√
4.1. Properly Q( 5)-congruent number 1 . . . . . . . . . . . . . . . . . .
61
3.5. Node of C versus cusp of
C′
4.2. Field diagram of Q, Q(α), Q(β) and Q(α, β) . . . . . . . . . . . . . .
√
4.3. Properly Q( 5)-congruent pair (1, 3) . . . . . . . . . . . . . . . . . .
65
B.1. Intersection of the two surfaces a2 + b2 = c2 and 12 ab = 6 . . . . . . .
73
B.2. “Gluing together” the opposite sides of a fundamental parallelogram
74
B.3. Congruent numbers up to 900 arranged in a spiral . . . . . . . . . .
75
76
67
List of Tables
1.1. Congruent numbers gained by using Theorem 1.2.1 . . . . . . . . . .
5
1.2. Corollary 1.5.1 regarding sign and ordering changes . . . . . . . . . .
16
3.1. Np (E4 ) for 5 ≤ p ≤ 53 . . . . . . . . . . . . . . . . . . . . . . . . . .
48
3.2. Np (E6 ) for 5 ≤ p ≤ 53 . . . . . . . . . . . . . . . . . . . . . . . . . .
48
3.3. Counting points on singular curves . . . . . . . . . . . . . . . . . . .
52
4.1. Candidates for congruent number pairs over a cubic field . . . . . . .
70
77
List of algorithms and program code
1.1. Generating congruent numbers . . . . . . . . . . . . . . . . . . . . .
4
2.1. Computing all integer points on E ′ . . . . . . . . . . . . . . . . . . .
44
3.1. Determining whether or not n is a congruent number (conditional on
the Conjecture 3.3.1) . . . . . . . . . . . . . . . . . . . . . . . . . . .
56
4.1. Finding pairs of congruent numbers over cubic field . . . . . . . . . .
70
A.2. Implementation of Algorithm 1.1 in Sage . . . . . . . . . . . . . . .
71
A.3. Np (Ea,b ) for increasingly primes p . . . . . . . . . . . . . . . . . . . .
71
A.4. Density of Np (Ea,b ) for increasingly primes p . . . . . . . . . . . . .
71
A.5. πE (x) for increasingly primes p . . . . . . . . . . . . . . . . . . . . .
72
A.6. Implementation of Tunnell’s Theorem . . . . . . . . . . . . . . . . .
72
78
Bibliography
[AG12] A. Ash and R. Gross, Elliptic Tales: Curves, Counting, and Number Theory, Princeton University Press, Princeton, NJ, 2012.
[Con08] K. Conrad, The congruent number problem, The Harvard College Mathematics Review 2 (2008), no. 2, 58–74.
[Des79] A. Desboves, Sur l’emploi des identités algébriques dans la résolution, en nombres
entiers, des équations d’un degré supérieur au second., C. R. Acad. Sci., Paris 87
(1879), 159–161.
[Dic20] L.E. Dickson, History of the theory of numbers, Vol. II, Carnegie Institution of Washington, Washington, 1920.
[GGDGJ+ 09] E. Girondo, G. González-Diez, E. González-Jiménez, R. Steuding, and J. Steuding,
Right triangles with algebraic sides and elliptic curves over number fields, Mathematica Slovaca 59 (2009), no. 3, 299–306.
[Hea10] T.L. Heath, Diophantus of Alexandria: A study in the history of Greek algebra, 2nd
ed., University Press, Cambridge, 1910. Reprinted in 2007.
[IR90] K. Ireland and M.I. Rosen, A classical introduction to modern number theory, 2nd
ed., Graduate Texts in Mathematics, Springer-Verlag, New York, 1990.
[Kir92] F.C. Kirwan, Complex algebraic curves, London Mathematical Society Student Texts,
Cambridge University Press, Cambridge, 1992.
[KK10] C. Karpfinger and H. Kiechle, Kryptologie – Algebraische Methoden und Algorithmen,
Vieweg+Teubner Verlag, Wiesbaden, 2010.
[Kna92] A.W. Knapp, Elliptic curves, Princeton Mathematical Notes, Princeton University
Press, Princeton, 1992.
[Kob93] N. Koblitz, Introduction to elliptic curves and modular forms, 2nd ed., Graduate
Texts in Mathematics, Springer-Verlag, New York, 1993.
[Kos07] T. Koshy, Elementary number theory with applications, 2nd ed., Academic Press,
Amsterdam, 2007.
[Kwo97] S. Kwon, Torsion subgroups of elliptic curves over quadratic extensions, Journal of
Number Theory 62 (1997), no. 1, 144 –162.
[Loz11] Á. Lozano-Robledo, Elliptic Curves, Modular Forms, and Their l-Functions, Student
Mathematical Library, American Mathematical Society, Providence, Rhode Island,
2011.
[Mil06] J.S. Milne, Elliptic curves, BookSurge Publishers, North Charleston, 2006.
[NZM91] I. Niven, H.S. Zuckerman, and H.L. Montgomery, An introduction to the theory of
numbers, 5th ed., John Wiley & Sons, Inc., New York, 1991.
79
BIBLIOGRAPHY
[Poi01] H. Poincaré, Sur les propriétés arithmétiques des courbes algébriques, Journal de
Mathématiques Pures et Appliquées 7 (1901), no. 5, 161–233.
[PY01] D. Prasad and C.S. Yogananda, Bounding the torsion in CM elliptic curves, C. R.
Math. Acad. Sci., Soc. R. Can. 23 (2001), no. 1, 1–5.
[Rob86] A. Robert, Elliptic curves: Notes from Postgraduate Lectures given in Lausanne
1971/72, 2nd ed., Lecture Notes in Mathematics, Springer-Verlag, Berlin, 1986.
[RS10] S. Reith and J. Steuding, Elliptische Kurven mit Anwendungen in der Kryptographie,
Fakultät für Mathematik und Informatik, Würzburg, 2010.
[Sig87] L.E. Sigler, The book of squares, Academic Press, Orlando, Florida, 1987.
[Sil09] J.H. Silverman, The arithmetic of elliptic curves, 2nd ed., Graduate Texts in Mathematics, Springer-Verlag, New York, 2009.
[Sil92] A. Silverberg, Points of finite order on abelian varieties, Contemp. Math 133 (1992),
175–193.
[SS07] J.D. Sally and P. Sally, Roots to research: A vertical development of mathematical
problems, American Mathematical Society, Providence, R.I., 2007.
[ST92] J.H. Silverman and J. Tate, Rational points on elliptic curves, Undergraduate Texts
in Mathematics, Springer-Verlag, New York, 1992.
[Tad01] M. Tada, Congruent numbers over real quadratic fields, Hiroshima Math. J. 31 (2001),
no. 2, 331–343.
[Wei83] A. Weil, Number theory: An approach through history from Hammurapi to Legendre,
Modern Birkhäuser Classics, Birkhäuser, Boston, 1983. Reprinted in 2001.
[Wer90] G. Wertheim, Die Arithmetik und die Schrift über Polygonalzahlen des Diophantus
von Alexandria, B. G. Teubner, Leipzig, 1890.
[Woe61] F. Woepcke, Recherches sur plusieurs ouvrages de Léonard de Pise découverts et
publié par M. le Prince Balthasar Boncompagni et sur les rapports qui existent entre ces ouvrages et les travaux mathématiques des Arabes, Imprimerie des Sciences
Mathématiques et Physiques, Rome, 1861.
[Zag87] D. Zagier, Large integral points on elliptic curves, Math. Comput. 48 (1987), 425–
436.
[Zag90]
, Elliptische Kurven: Fortschritte und Anwendungen, Jahresbericht der
Deutschen Mathematiker-Vereinigung 92 (1990), no. 2, 58–76.
80
Index
good reduction modulo p, 46
Symbols
Q(ξ)-congruent number, 58
H
O, 21
Hasse interval, 47
℘, see Weierstrass ℘-function
Hasse-Weil L-function, 52
A
homogeneous coordinates, 19
affine plane, 19
homogeneous polynomial, 22
affine plane curve, 22
homogenized polynomial, 23
algebraic number, 57
I
algebraic number field, 58
infinite descent, 10
algebraic rank, 41
intersection multiplicity, 27
analytic rank, 54
arithmetic progression, 6
J
j-invariant, 30
B
bad reduction modulo p, 46
L
lattice, see complex lattice
C
line at infinity, 20
common component, 27
complex lattice, 31
M
complex multiplication, 62
minimal model, 46
conductor, 53
congruent number, 2
N
cubic number field, 58
node, 51
D
O
discriminant, 30
order, 40
E
P
Eisenstein series, 34
point at infinity, 20
elliptic curve, 30
projective completion, 23
elliptic function, 33
projective plane, 18
projective plane curve, 22
G
properly Q(ξ)-congruent number, 60
genus, 29
Pythagorean triple, 3
81
Index
Q
quadratic number field, 58
R
rank, see algebraic rank
resultant, 26
root number, 54
S
singular, 24
T
tangent line, 25
torsion points, 40
W
Weierstrass ℘-function, 33
Weierstrass equation, 30
82
Eidesstattliche Erklärung
Ich, Eduard Göbl, versichere hiermit, dass ich die vorliegende Arbeit selbständig
verfasst und keine anderen als die angegebenen Quellen und Hilfsmittel benutzt
habe, wobei ich alle wörtlichen und sinngemäßen Zitate als solche gekennzeichnet
habe. Die Arbeit wurde bisher keiner anderen Prüfungsbehörde vorgelegt und auch
nicht veröffentlicht.
Friesenried, den 17. März 2015
Eduard Göbl
83