Algebraic Geometry of Curves

Home , Complete variety, Curve, Field of definition, Geometric genus, Rational variety

Andrew Kobin Fall 2016 Contents Contents

Contents

0 Introduction 1 0.1 Geometry and Number Theory ...... 2 0.2 Rational Curves ...... 4 0.3 The p-adic Numbers ...... 6

1 Algebraic Geometry 9 1.1 Aﬃne and Projective Space ...... 9 1.2 Morphisms of Aﬃne Varieties ...... 15 1.3 Morphisms of Projective Varieties ...... 19 1.4 Products of Varieties ...... 21 1.5 Blowing Up ...... 22 1.6 Dimension of Varieties ...... 24 1.7 Complete Varieties ...... 26 1.8 Tangent Space ...... 27 1.9 Local Parameters ...... 32

2 Curves 33 2.1 Divisors ...... 34 2.2 Morphisms Between Curves ...... 36 2.3 Linear Equivalence ...... 38 2.4 Diﬀerentials ...... 40 2.5 The Riemann-Hurwitz Formula ...... 42 2.6 The Riemann-Roch Theorem ...... 43 2.7 The Canonical Map ...... 45 2.8 B´ezout’sTheorem ...... 45 2.9 Rational Points of Conics ...... 47

3 Elliptic Curves 52 3.1 Weierstrass Equations ...... 53 3.2 Moduli Spaces ...... 55 3.3 The Group Law ...... 56 3.4 The Jacobian ...... 58

4 Rational Points on Elliptic Curves 61 4.1 Isogenies ...... 62 4.2 The Dual Isogeny ...... 65 4.3 The Weil Conjectures ...... 67 4.4 Elliptic Curves over Local Fields ...... 69 4.5 Jacobians of Hyperelliptic Curves ...... 75

5 The Mordell-Weil Theorem 77 5.1 Some Galois Cohomology ...... 77 5.2 Selmer and Tate-Shafarevich Groups ...... 80 5.3 Twists, Covers and Principal Homogeneous Spaces ...... 84

i Contents Contents

5.4 Descent ...... 89 5.5 Heights ...... 97

6 Elliptic Curves and Complex Analysis 99 6.1 Elliptic Functions ...... 99 6.2 Elliptic Curves ...... 105 6.3 The Classical Jacobian ...... 110 6.4 Jacobians of Higher Genus Curves ...... 115

7 Complex Multiplication 117 7.1 Classical Complex Multiplication ...... 117 7.2 Torsion and Rational Points ...... 120 7.3 Class Field Theory with Elliptic Curves ...... 123

ii 0 Introduction

0 Introduction

These notes come from a course in algebraic geometry and elliptic curves taught by Dr. Lloyd West at the University of Virginia in Fall 2016. The first part of the notes are a survey of the main concepts in algebraic geometry, with an emphasis on curves (i.e. varieties of dimension 1). Key topics include: Affine and projective varieties Dimension Singular and nonsingular points and tangent spaces Morphisms between varieties Intersection theory Divisors Genus The Riemann-Hurwitz theorem and Riemann-Roch theorem Jacobian of a curve The main algebraic geometry reference used is Shafarevich’s Basic Algebraic Geometry 1. The second part of the course covers the basic results in the arithmetic geometry of elliptic curves, including: Abelian varieties and isogenies Models over local and global fields Moduli Reduction mod p Zeta functions Statement of the Weil conjectures for curves Heights Descent (àla Fermat) Hasse’s local-global principle Torsors and Galois actions Galois cohomology in degrees 0, 1 and 2 Selmer and Tate-Shafarevich groups Additional topics include the application of elliptic curves to cryptography, higher genus curves and L-functions. The main text used is Silverman’s Arithmetic of Elliptic Curves.

1 0.1 Geometry and Number Theory 0 Introduction

0.1 Geometry and Number Theory

Consider the following questions: Question 1. Describe the set of all right triangles with integer sides. Question 2. A rational number n is said to be congruent if there exists a rational right triangle with area n. Which rational numbers n are congruent? We will see that Question 1 is easy to answer, while Question 2 is still unsolved. The fundamental difference lies in the geometry of each situation. Definition. We say (a, b, c) ∈ Z3 is a pythagorean triple if a2 + b2 = c2. For example, (3, 4, 5) and (5, 12, 13) are pythagorean triples. Notice that multiplying any pythagorean triple by an integer n ∈ Z yields another pythagorean triple (in particular, there are infinitely many pythagorean triples), so we may assume a, b, c are coprime. Such a triple is called a primitive pythagorean triple. Theorem 0.1.1. Denote the set of all primitive pythagorean triples by Π. Then there is a bijection Π ↔ {(x, y) ∈ Q2 | x2 + y2 = 1}. Proof. It is easy to check that the assignments a b (a, b, c) 7−→ , c c a b (a, b, c) 7−→ (x, y) = , with a, b, c coprime c c exhibit the desired bijection. Thus the problem of rational triangles and pythagorean triples reduces to studying the rational points of the unit circle in the xy-plane. Definition. Let k be a field and fix a polynomial f ∈ k[x, y] which is irreducible over the ¯ algebraic closure k. Then the curve associated to f is a functor C = Cf given by

C : Fieldsk −→ Sets 2 K/k 7−→ Ck(K) := {(x, y) ∈ K | f(x, y) = 0}. For a ﬁeld extension K/k, the set C(K) is called the K-rational points of the curve C. 2 2 In this language, Question 1 reads, “What is #Cf (Q) when f = x + y − 1”? Example 0.1.2. Let f = x2 + y2 − 1 and consider the geometric objects deﬁned by C(K) = Cf (K) for K = R and K = Q.

C(R) = S1 ⊆ R2 C(C), the Riemann sphere in C2

2 0.1 Geometry and Number Theory 0 Introduction

Also note that since f ∈ Q[x, y], we can view f as a polynomial with coefficients in any finite field Fq, and consequently the Fq-rational points C(Fq) are defined. Next, fix the point (−1, 0) on C(K) for any field K and consider the line L : x = 0.

slope = t

(−1, 0)

2 2 Theorem 0.1.3. Let k be any ﬁeld and C = Cf the curve deﬁned by f = x + y − 1. Then there is a bijection

C(k) r {(−1, 0)} −→ L(k) (x, y) 7−→ (0, χ(x, y)) (ψ(t), φ(t)) 7−→ t where χ, ψ and φ are rational functions, i.e. χ ∈ k(x, y) and ψ, φ ∈ k(t). Proof. The rational functions y 1 − t2 2t χ(x, y) = , ψ(t) = and φ(t) = x + 1 1 + t2 1 + t2 exhibit the bijection. Theorems 0.1.1 and 0.1.3 answer Question 1: the set of all primitive pythagorean triples is completely described by the line L given by x = 0, and this description holds over any field k. For Question 2, we must understand the set of congruent numbers over a field k. For n ∈ Q, define the set 3 2 2 2 1 Cn(k) = (a, b, c) ∈ k : a + b = c and 2 ab = n .

Deﬁnition. We say n is congruent over k if Cn(k) is nonempty.

In particular, Question 2 reduces to deciding when Cn(Q) is nonempty. Notice that we may assume n is a squarefree integer. Above, we parametrized the circle S1 by a line L. Here, we parametrize Cn(k) with a zero set of a diﬀerent polynomial. Deﬁne a bijection

2 2 3 Cn(k) −→ En(k) := {(x, y) ∈ k | y = x − nx, y 6= 0} nb 2n2 (a, b, c) 7−→ , c − a c − a x2 − n2 2nx x2 + n2 , , 7−→ (x, y). y y y

The set En(k) is called an elliptic curve over k.

3 0.2 Rational Curves 0 Introduction

Example 0.1.4. The elliptic curve deﬁned by y2 = x3 − 25x over R is shown below, with some points of En(Q) highlighted.

0.2 Rational Curves

Let C be a plane curve deﬁned by an irreducible polynomial f ∈ k[x, y].

Deﬁnition. We say C is unirational over k if there exist nonconstant rational functions ψ, φ ∈ k(t) such that f(ψ(t), φ(t)) = 0 for all t.

Deﬁnition. We say C is rational over k if it is unirational and there exists a rational function χ ∈ k(x, y) such that ψ(χ(x, y)) = x and φ(χ(x, y)) = y for all x, y ∈ k, with the possible exception of ﬁnitely many points.

1 2 2 Example 0.2.1. By Theorem 0.1.3, the circle S = Cf for f = x +y −1 is rational over Q. This example illustrates the idea that a curve is rational if it has a ‘rational parametrization’ by a line.

In general, the notions of unirationality and rationality are equivalent for curves (this is not true for higher dimensional varieties):

Theorem 0.2.2 (L¨uroth). A curve C over k is unirational if and only if it is rational.

To prove Lüroth’stheorem, we formulate the statement in terms of field theory. ¯ Definition. Let f ∈ k[x, y] be an irreducible polynomial over k and let C = Cf be the associated plane curve. Then a rational function on C is an equivalence class of functions p ¯ p1 u(x, y) ∈ k(x, y), with u = , p, q ∈ k[x, y] and f q over k, where we say u1 = and q - q1 p2 u2 = are equivalent if f divides p1q2 − p2q1. q2

4 0.2 Rational Curves 0 Introduction

1 2 2 Example 0.2.3. On the circle S = Cf , f = x + y − 1, the functions y 1 − x u (x, y) = and u = 1 1 + x 2 y are equivalent, so they deﬁne a common rational function on C.

Definition. The set of rational functions on C with coefficients in k is called the function field of C, denoted k(C).

Lemma 0.2.4. k(C) is a ﬁeld.

Proof. Routine.

Proposition 0.2.5. A curve C is unirational over k if and only if k(C) ⊆ k(t).

Proof. ( =⇒ ) is clear. ( ⇒ = ) k(C) ⊆ k(t) implies that the functions x, y ∈ k(t), so x = ψ(t) and y = φ(t) for some rational functions ψ, φ ∈ k(t). Since f(x, y) = 0, we have f(ψ, φ) ≡ 0 so C is unirational by deﬁnition.

Proposition 0.2.6. A curve C is rational over k if and only if k(C) = k(t).

Proof. Similar to Lemma 0.2.5.

Then L¨uroth’stheorem is proven using the fact that tr degk k(C) = 1 when C is a curve, which means k(C) ⊆ k(t) if and only if k(C) = k(t). The situation for S1, i.e. that existence of rational points is determined by rational parametrization by a line, in fact holds for all curves deﬁned by a degree 2 polynomial. (Such a curve is called a quadratic curve or conic.)

Proposition 0.2.7. Let f ∈ k[x, y] be an irreducible quadratic polynomial. Then the curve C = Cf is rational over k if and only if C(k) is nonempty.

Proof. (Sketch) Fix a point (x0, y0) ∈ C(k) and construct the line ` of slope t through (x0, y0) 2 in the plane k , calling the intersection with C(k)r{(x0, y0)} (x, y). Then f(x, t(x−x0)+y0) is the quadratic polynomial deﬁning x coordinates of ` ∩ C, and the polynomial

f(x, t(x − x ) + y ) ψ(t) = 0 0 x − x0 is linear with coefficients in k. A similar parametrization of y coordinates gives a rational function φ(t) which, together with ψ(t), shows that C is unirational over k. Hence by Lüroth’stheorem, C is rational over k. Thus the theory of conics reduces to the problem of finding if a conic curve has a rational point over a given field.

2 2 Example 0.2.8. For the quadratic polynomial f = x + y + 1, Cf (R) is empty and so of course Cf (Q) is empty. Thus by Proposition 0.2.7, f is not rational over Q.

5 0.3 The p-adic Numbers 0 Introduction

Example 0.2.9. Consider the quadratic polynomial f = x2 +y2 −3 and its associated conic C = Cf . We will show C(Q) = ∅. Suppose there exist a, b ∈ Q such that f(a, b) = 0. Write x y a = z and b = z for x, y, z ∈ Z coprime, z 6= 0 (this step is called homogenization of the quadratic polynomial, corresponding to viewing C inside its projective closure). This gives us an equation 3z2 = x2 + y2. (∗)

We study roots of this equation by reducing modulo different primes. In the finite field F3, the only squares are x2, y2, z2 ≡ 0 or 1 (mod 3), so the only possible solutions are (0, 0, z). Since z 6= 0, we must have z2 ≡ 1 (mod 3). Next, in Z/9Z we have 3z2 ≡ 1 (mod 9) since z ≡ 1 (mod 3). However, the only squares mod 9 are x2, y2 ≡ 1, 4, 7 (mod 9) so we see that there are no solutions to (*) mod 9, and thus no solutions to (*) in integers. Hence x2 +y2 −3 is not rational over Q. The strategy of studying roots mod primes p to understand the structure of solutions in Z illustrates Hasse’s so-called ‘local-global principle’. Part of this theory is formalized in the next section.

0.3 The p-adic Numbers

In this section we make the formal the notion of studying solutions modulo pn for primes p and exponents n ≥ 1. This leads to the introduction of a new ring Zp, the ring of p-adic integers, and its ﬁeld of fractions Qp. We will see that

Theorem 0.3.1. For an irreducible quadratic polynomial f ∈ Q[x, y], if Cf (Qp) 6= ∅ for all primes p and Cf (R) 6= ∅, then Cf (Q) 6= ∅. Deﬁnition. Let p be a prime. The ring of p-adic integers are the inverse limit of the sequence Z/pZ ← Z/p2Z ← Z/p3Z ← · · · , that is,

( ∞ ) n Y n n p := lim /p = (α0, α1, α2,...) ∈ /p : αn ≡ αn−1 (mod p ) . Z ←− Z Z Z Z n=1

A useful way to view an element α = (α0, α1, α2,...) in Zp is as a “power series” in p:

2 α = α0 + α1p + α2p + ...

Remarks. Let p be a prime number. The following facts are standard in a commutative algebra course. There is a natural embedding Z ,→ Zp given by x 7→ (x, x, x, . . .). Zp is a local ring with maximal ideal m = {(0, α1, α2,...) ∈ Zp}. Deﬁne the p-adic valuation vp : Zp → N0 by setting vp(0) = ∞ and for α 6= 0,

n vp(α) = ordp(α) = inf{n ∈ N0 | α 6∈ m } = inf{n ∈ N0 | αn 6= 0}.

6 0.3 The p-adic Numbers 0 Introduction

n 2 If k = p m where p - m then vp(k) = n. For example, v3(9) = v3(3 ) = 2. Then Zp is a discrete valuation ring (DVR) with

m = {α ∈ Zp | vp(α) > 0} × and Zp = {α ∈ Zp | vp(α) = 0} = Zp r m.

The p-adic valuation determines an absolute value function | · |p on Zp, called the (normalized) p-adic absolute value:

−vp(α) |α|p := p .

This has the following important properties: For all α, β ∈ Zp,

(i) |αβ|p = |α|p|β|p

(ii) |α + β|p ≤ max{|α|p, |β|p}. Define the p-adic rational field Qp to be the field of fractions of the domain Zp. Elements in Qp can be viewed as Laurent series in powers of p:

−n 2 α = αnp + ... + α0 + α1p + α2p + ...

where n < ∞. Note that since Q = Frac(Z) and Z ,→ Zp, we get an embedding Q ,→ Qp. The p-adic valuation extends to a valuation on Qp, also denoted vp, given by

α vp β = vp(α) − vp(β).

The following results are standard.

Theorem 0.3.2. For each prime p, (Qp, | · |p) is a complete metric space.

Theorem 0.3.3 (Ostrowski). If K is a completion of Q then K = Qp for some prime p or K = R. A famous result of Hensel establishes a connection between approximate solutions to polynomial equations in a complete DVR and exact solutions. The more common form of Hensel’s Lemma follows as a corollary. Theorem 0.3.4 (Hensel’s Lemma). Let R be a complete DVR with valuation v and ﬁx a 0 0 polynomial f ∈ R[t]. Suppose α0 ∈ R such that v(f(α0)) > 2v(f (α0)), where f is the formal derivative of f. Then there exists α ∈ R such that f(α) = 0 and v(α − α0) > 0 2 v(f(α0))/f (α0) ). Proof. (Sketch) One uses Newton’s method to prove the existence of a solution α in the f(αn) following way. Given α , deﬁne the sequence α = α − 0 and show that it is Cauchy 0 n+1 n f (αn) with respect to v. Since R is complete, there exists a limit α ∈ R of this sequence. Then one checks that f(α) = 0, using the fact that polynomials are continuous with respect to the 0 2 topology on R induced by v, and v(α − α0) > v(f(α0))/f (α0) .

7 0.3 The p-adic Numbers 0 Introduction

Corollary 0.3.5. If f is a polynomial with roots in Z with a simple root mod p, then it lifts to a root in Zp.

× 2 2 Corollary 0.3.6. Let β ∈ Zp . Then x = β has a solution in Zp if and only if x ≡ β mod pε has a solution, where ε = 3 when p = 2 and ε = 1 otherwise.

2 0 Proof. Let f(x) = x − β ∈ Z[x] so that f (x) = 2x. Suppose α0 ∈ Zp is a solution to ε 2 f(x) ≡ 0 mod p , i.e. v(f(α0)) ≥ ε. Then α0 ≡ β 6= 0 mod p so since Zp is a DVR, α0 must be a unit, i.e. v(α0) = 0. Now we have

0 2vp(f (α0)) = 2vp(2a0) = 2(vp(a0) + vp(2)) ( 2, p = 2 = 2vp(2) = 0, p 6= 2

< v(f(α0)) in all cases.

Therefore Hensel’s Lemma applies.

8 1 Algebraic Geometry

1 Algebraic Geometry

1.1 Aﬃne and Projective Space

Let k be a ﬁeld and let k¯ denote its algebraic closure.

Definition. For each n ∈ N, we define affine n-space over k to be

n n A = Ak = {(x1, . . . , xn) | xi ∈ k}.

As sets, An = kn, but the new notation carries with it the implication that An is viewed geometrically.

¯ n Remark. Alternatively, for any field k ⊆ K ⊆ k, one can define Ak (K) to be the fixed points n ¯ n n ¯n Gk of Ak under the action of the Galois group Gal(k/K). In particular, Ak = Ak (k) = (k ) ¯ where Gk = Gal(k/k) is the absolute Galois group of the field k.

We will let A denote the polynomial ring k[t1, . . . , tn]. Deﬁnition. For a polynomial f ∈ A, deﬁne its zero set (or zero locus) to be

n Z(f) = {P ∈ A | f(P ) = 0}.

We extend the deﬁnition of zero set to sets of polynomials f1, . . . , fr ∈ A by

r \ Z(f1, . . . , fr) = Z(fi). i=1 The deﬁnition of zero set can be extended to arbitrary subsets F ⊆ A by \ Z(F) = Z(f). f∈F

Notice that if I = (F) is the ideal of A generated by F, then Z(F) = Z(I). By Hilbert’s basis theorem, there exists a ﬁnite subset {f1, . . . , fr} ⊆ F such that Z(F) = Z(f1, . . . , fr).

Deﬁnition. A subset X ⊆ An is called an algebraic set if X = Z(F) for a set F ⊆ A, that is, X is algebraic if it is the zero set of some collection of polynomials in k[t1, . . . , tn]. By the remark, it is equivalent to say X is a zero set if X = Z(I) for some ideal I ⊂ A. Thus the operation Z(·) takes a subset of a ring and assigns to it a geometric space. There is a dual notion:

Deﬁnition. For any subset X ⊆ An, we deﬁne the vanishing ideal of X to be J(X) = {f ∈ A | f(P ) = 0 for all P ∈ X}.

Lemma 1.1.1. For all X ⊆ An, J(X) is a radical ideal of A.

9 1.1 Aﬃne and Projective Space 1 Algebraic Geometry

Proof. Take f, g ∈ J(X) and r ∈ A. Then for any P ∈ X,(f − g)(P ) = f(P ) − g(P ) = 0 and (rf)(P ) = r(P )f(P ) = 0 so f + g, rf ∈ J(X) and thus J(X) is an ideal. Moreover, for any m ∈ N, f m(P ) = 0 if and only if f(P ) = 0 so we see that r(J(X)) = J(X). Examples.

1 ∅ = Z(A) and An = Z(0) are both algebraic sets.

n n 2 If U ⊆ A is an aﬃne subspace, i.e. U = P0 + V for a point P0 ∈ A and a linear n subspace V ⊆ k , then U = Z(L1,...,Ln−d) where d = dimk V and L1,...,Ln−d are linear polynomials in A.

n 3 For any point P = (a1, . . . , an) ∈ A , {P } = Z(t1 − a1, . . . , tn − an). Consider the maximal ideal mP = (t1 − a1, . . . , tn − an) ⊂ A. Then {P } = Z(mP ). When k is n algebraically closed, points of Ak are in one-to-one correspondence with the maximal ideals of A via the association P ↔ mP .

4 In A2, an example of an algebraic curve is C = {(T 2 −1,T (T 2 −1))} = Z(x2 +x3 −y2):

2 2 5 The algebraic set Z(y, y − x ) = Z(x, y) consists of just the point (0, 0) in Ak:

Z(y − x2)

Z(y)

Z(y, y − x2)

n ¯ ¯ Definition. If X = Z(S) ⊆ Ak (k) is an algebraic set and K is a field such that k ⊆ K ⊆ k, n GK ¯ define the K-points of X by X(K) := X ∩ Ak (K) = X , where GK = Gal(k/K). Moreover, we say X is defined over K if J(X) has a generating set consisting of elements of K[t1, . . . , tn].

10 1.1 Aﬃne and Projective Space 1 Algebraic Geometry

n Lemma 1.1.2. Let X,Y ⊆ A be sets and I,I1,I2 and I` ⊂ A be ideals, with ` ∈ L some indexing set. Then (a) If Y ⊆ X then J(Y ) ⊇ J(X).

(b) If I2 ⊆ I1 then Z(I2) ⊇ Z(I1). (c) Z(J(X)) ⊇ X.

(d) J(Z(I)) ⊇ I.

(e) Z(J(Z(I))) = Z(I).

(f) J(Z(J(X))) = J(X).

(g) Z(I1) ∪ Z(I2) = Z(I1 ∩ I2) = Z(I1I2). ! ! \ [ X (h) Z(I`) = Z I` = Z I` . `∈L `∈L `∈L Proof. (a) – (d) are obvious from the deﬁnitions of Z and J. (e) By (c), Z(I) ⊆ Z(J(Z(I))) so it remains to prove the reverse containment. However, we have that I ⊆ J(Z(I)) by (d) so then applying Z gives Z(I) ⊇ Z(J(Z(I))) by (b). (f) is similar to (e). Here, (d) gives us J(X) ⊆ J(Z(J(X))). On the other hand, we have X ⊆ Z(J(X)) by (c), so applying J yields J(X) ⊇ J(Z(J(X))) by (a). (g) We get Z(I1) ∪ Z(I2) ⊆ Z(I1 ∩ I2) ⊆ Z(I1I2) immediately from the containments I1 ⊇ I1 ∩ I2 ⊇ I1I2 and I2 ⊇ I1 ∩ I2 ⊇ I1I2, using (b). Suppose P ∈ Z(I1I2) and P 6∈ Z(I1). Then there is some f ∈ I1 such that f(P ) 6= 0, but for any g ∈ I2, we have (fg)(P ) = f(P )g(P ) = 0. Since A = k[t1, . . . , tn] is a domain and f(P ) 6= 0, we must have g(P ) = 0. This shows P ∈ Z(I2). Hence Z(I1) ∪ Z(I2) ⊇ Z(I1I2) so we have established all three equalities. S P S P (h) The containments I` ⊆ I` ⊆ I` give us Z(I`) ⊇ Z I` ⊇ Z I` `∈L T `∈L S `∈LP `∈L for each ` ∈ L, by (b), and therefore Z(I`) ⊇ Z I` ⊇ Z I` . Suppose T `∈L `∈L `∈L P P ∈ Z(I`). Then for every f` ∈ I`, f`(P ) = 0. In particular, for any f = f` ∈ P `∈L P T `∈L I`, f`(P ) = 0 for each ` so f(P ) = 0. Thus P ∈ Z I` . This shows Z(I`) ⊆ `∈PL `∈L `∈L Z `∈L I` , so we have all three equalities. In particular, these properties demonstrate that the algebraic subsets of An form the closed sets of a topology on An. Deﬁnition. The topology on An having as its closed sets all algebraic subsets of An is called the Zariski topology on An. In (c) and (d), we see that Z and J are not quite inverse operations.

Lemma 1.1.3. If X ⊆ An is any subset and X is the Zariski-closure of X in An, then (a) J(X) = J(X).

(b) Z(J(X)) = X.

11 1.1 Aﬃne and Projective Space 1 Algebraic Geometry

Proof. (a) Since X ⊆ X, we immediately get J(X) ⊇ J(X) by Lemma 1.1.2(a). On the other hand, if f ∈ J(X), f(P ) = 0 for all P ∈ X. In other words, X ⊆ Z(f) but Z(f) is closed by definition, so Z(f) ⊇ X. Thus f ∈ J(X). (b) X is algebraic by definition so there exists some ideal I ⊂ A such that Z(I) = X. Now by (a), Z(J(X)) = Z(J(X)) = Z(J(Z(I))) which by Lemma 1.1.2(e) equals Z(I) = X. So Z(J(X)) = X as required. The key development so far is that J and Z establish a correspondence, though not always bijective, between the ideals of A and the closed subsets of An. Hilbert’s Nullstellensatz says that when k is algebraically closed, there is a bijective correspondence between algebraic sets n in Ak and radical ideals of A = k[t1, . . . , tn]. Theorem 1.1.4 (Hilbert’s Nullstellensatz). If k is algebraically closed, then J(Z(I)) = r(I) for every ideal I ⊂ A. Next, we introduce projective space and projective algebraic setes in a manner parallel to the presentation of affine algebraic sets.

Definition. For n ∈ N, we define projective n-space over k to be the quotient space n n n+1 ∗ P = Pk = A r{0}/ ∼ where (a0, . . . , an) ∼ (b0, . . . , bn) if and only if there is some λ ∈ k n such that (b0, . . . , bn) = (λa0, . . . , λan). The coordinates of P are written [a0, . . . , an], called homogeneous coordinates. ¯ n As in the affine case, for k ⊆ K ⊆ k we can define Pk (K) = {[a0, . . . , an]: ai ∈ K}.

¯ n n ¯ GK ¯ Lemma 1.1.5. For any k ⊆ K ⊆ k, Pk (K) = (Pk (k)) , where GK = Gal(k/K). Proof. Apply Hilbert’s Theorem 90. n ¯ Definition. For a point P = [a0, . . . , an] ∈ Pk (k), the minimal field of definition for P a0 an ¯G(P ) over k is the field k(P ) = k ,..., where ai 6= 0. Alternatively, k(P ) = k where ai ai G(P ) = {σ ∈ Gk | σ(P ) = P } ≤ Gk. √ √ √ Example 1.1.6. The point P = ( 2, 2, 2) ∈ 3 ( ) has minimal field of definition PQ Q (P ) = since scaling by √1 gives (1, 1, 1) ∈ 3 . Q Q 2 AQ

Let S = k[t0, . . . , tn] be the polynomial ring in n + 1 indeterminates. Recall that S is a graded ring with graded pieces given by total degree:

∞ M S = Sd where Sd = {f ∈ S | deg f = d}. d=0 An arbitrary polynomial in S does not have a well-deﬁned vanishing set in Pn. However, homogeneous polynomials do have vanishing sets:

Deﬁnition. For f ∈ Sd, deﬁne the zero set of f to be

n Z(f) = {P ∈ P | f(P ) = 0},

where f(P ) = f(p0, . . . , pn) if P = [p0, . . . , pn]. This set is well-deﬁned, since f ∈ Sd implies d ∗ f(λa0, . . . , λan) = λ f(a0, . . . , an) for all λ ∈ k .

12 1.1 Aﬃne and Projective Space 1 Algebraic Geometry

h S∞ h Set S = Sd. For a collection of homogeneous polynomials F ⊆ S , deﬁne the zero d=0 T set of this collection by Z(F) = f∈F Z(f).

Deﬁnition. Let S = k[t0, . . . , tn] and suppose I ⊂ S is an ideal. Then S is homogeneous L∞ if I = d=0 Id where Id = I ∩ Sd for each d ∈ N0.

Deﬁnition. Let X ⊆ Pn be any subset. The (homogeneous) vanishing ideal of X is deﬁned to be J(X) = {f ∈ Sh | f(P ) = 0 for all P ∈ X}. X is called a (projective) algebraic subset if X = Z(I) for some homogeneous ideal I ⊂ S.

Lemma 1.1.7. Let I be an ideal of S and X ⊆ Pn a subset. Then Tm (a) If I = (f1, . . . , fm) then Z(I) = i=1 Z(fi). (b) J(X) is a homogeneous, radical ideal of S.

Proof. Similar to the proof of Lemma 1.1.1.

As in the aﬃne case, the sets Z(I) form the closed sets in the Zariski topology on Pn. Theorem 1.1.8 (Hilbert’s Nullstellensatz, Projective Version). Let k be an algebraically closed ﬁeld and set S = k[t0, . . . , tn]. Then for any homogeneous ideal I ⊂ S,

(a) J(Z(I)) = r(I) if Z(I) 6= ∅.

(b) Z(I) = ∅ if and only if I = S or r(I) = (t0, . . . , tn). Deﬁnition. A nonempty topological space X is said to be irreducible if for any two closed subsets X1,X2 ⊆ X such that X1 ∪ X2 = X, we have X = X1 or X = X2.

Definition. An affine algebraic variety over k is an irreducible algebraic subset of An. A quasi-affine variety is a nonempty, open subset of an affine variety.

Deﬁnition. A projective variety is an irreducible closed subset of Pn.A quasi-projective variety is a nonempty, open subset of a projective variety. A quasi-projective variety is a nonempty, open subset of a projective variety.

n ¯ n ¯ Deﬁnition. If X is an irreducible algebraic set in Ak (k) or Pk (k), then X is called geometrically irreducible.

Lemma 1.1.9. Let Y be a subspace of a topological space X. Then Y is irreducible if and only if for any closed sets X1,X2 ⊆ X such that Y ⊆ X1 ∪ X2, we have Y ⊆ X1 or Y ⊆ X2. Proof. Obvious.

Lemma 1.1.10. A set X ⊆ An is irreducible if and only if J(X) is a prime ideal of A.

13 1.1 Aﬃne and Projective Space 1 Algebraic Geometry

Proof. ( =⇒ ) Assume f, g ∈ A such that fg ∈ J(X). Then X ⊆ X(fg) = Z(f) ∪ Z(g) by Lemma 1.1.2(g), so we can write X = (Z(f) ∩ X) ∪ (Z(g) ∩ X) – note that each of these sets is closed in X. If X is irreducible, then we must have X = Z(f) ∩ X or X = Z(g) ∩ X. In particular, X ⊆ Z(f) or X ⊆ Z(g), so f ∈ J(X) or g ∈ J(X). Hence J(X) is prime. n ( ⇒ = ) Given that J(X) is prime, suppose X ⊆ X1 ∪X2 for two closed sets X1,X2 ⊆ A . Then there exist ideals I1,I2 ⊂ A such that Z(I1) = X1 and Z(I2) = X2. By Lemma 1.1.2(g), X ⊆ Z(I1) ∪ Z(I2) = Z(I1I2) so applying J, we get J(X) ⊇ J(Z(I1I2)) ⊇ I1I2 by Lemma 1.1.2(a) and (d). Since J(X) is prime, we must have J(X) ⊇ I1 or J(X) ⊇ I2, but then X ⊆ Z(J(X)) ⊆ Z(I1) = X1 or X ⊆ Z(J(X)) ⊆ Z(I2) = X2. By Lemma 1.1.9 we are done. Deﬁnition. A subset Y of a noetherian space X is called an irreducible component of X if Y is a maximal irreducible subspace of X.

Example 1.1.11. Consider the aﬃne plane A2. Take f = xy in k[x, y]. Then V(f) is the union of the x and y axes, each of which is an irreducible subspace of A2:

y A2

Example 1.1.12. Take an irreducible polynomial f ∈ k[x, y]. Since k[x, y] is a UFD, (f) is a prime ideal so C := Z(f) is irreducible by Lemma 1.1.10. C is called the (affine) algebraic curve defined by f, sometimes written f(x, y) = 0. In general, an irreducible polynomial in n k[x1, . . . , xn] corresponds to an affine variety Y = Z(f) ⊆ A , called an (affine) algebraic hypersurface. Proposition 1.1.13. If X is a nonempty algebraic set, then it has finitely many irreducible Sm components X1,...,Xm such that X = i=1 Xi.

Deﬁnition. Given a polynomial f ∈ k[t1, . . . , tn] of degree d, we obtain a homogeneous form fh ∈ k[t0, . . . , tn] by deﬁning d x1 xn fh(x0, . . . , xn) = x0f ,..., , x0 x0 called the homogenization of f. Conversely, a homogeneous polynomial F ∈ k[t0, . . . , tn] determines a polynomial F(i) ∈ k[t1, . . . , tn] for each 0 ≤ i ≤ n given by

F(i)(x1, . . . , xn) = F (x1, . . . , xi−1, 1, xi, . . . , xn), called the ith dehomogenization of F .

14 1.2 Morphisms of Aﬃne Varieties 1 Algebraic Geometry

Deﬁnition. For an ideal I ⊆ k[t1, . . . , tn], deﬁne the homogenization of I by

Ih = {fh | f ∈ I} ⊆ k[t0, . . . , tn].

Likewise, for an ideal J ⊆ k[t0, . . . , tn], the ith dehomogenization of J is

J(i) = {F(i) | F ∈ J} ⊆ k[t1, . . . , tn].

n n Deﬁne the ith projective hyperplane by Hi = Z(ti) ⊂ P for 0 ≤ i ≤ n. Set Ui = P rHi, n n Sn an open set in P . Then P = i=0 Ui, that is, the complements of the coordinate hyperplanes are an open cover of Pn.

n n Proposition 1.1.14. Each Ui is homeomorphic to A . That is, P is locally aﬃne. n a0 ai−1 ai+1 an Proof. Deﬁne ϕi : Ui → by ϕi[a0, . . . , an] = ,..., , ,..., . This is Zariski- A ai ai ai ai continuous and has a continuous inverse given by ψi(b1, . . . , bn) = [b1, . . . , bi, 1, bi+1, . . . , bn]. Therefore ϕi is a Zariski-homeomorphism for each 0 ≤ i ≤ n.

n Sn Corollary 1.1.15. If Y ⊆ P is a projective variety, then Y = i=0(Y ∩ Ui). In particular, every projective variety may be covered by open sets which are homeomorphic to aﬃne varieties in An.

n For a projective algebraic set Y ⊂ Pk , where Y = Z(J) for an ideal J ⊆ k[t0, . . . , tn], −1 we get n + 1 aﬃne algebraic sets Yi = ϕi (Y ∩ Ui) = Z(J(i)). These are called the deho- k mogenizations of Y . Conversely, for an aﬃne algebraic set X ⊆ An, with X = Z(I), the n n projective closure of X in Pk is the Zariski closure in Pk of ϕ0(X), denoted X. Note that X = Z(I(ϕ0(X))) = Z(Ih).

Lemma 1.1.16. The map ϕ0|X : X → X ∩ ϕ0(X) is a homeomorphism.

1.2 Morphisms of Aﬃne Varieties

Deﬁnition. We call a topological space X a ringed space (over a ﬁeld k) if it possesses a sheaf of k-valued functions, that is, an assignment U 7→ OX (U) to each open set U ⊆ X a k-algebra OX (U) of functions U → k, such that S (a) If U = α Uα for open sets Uα ⊆ X, then f ∈ OX (U) if and only if f ∈ OX (Uα) for every Uα.

(b) If f ∈ OX (U), the set D(f) = {P ∈ U | f(P ) 6= 0} is an open set in U and 1 f ∈ OX (D(f)). Deﬁnition. A morphism between ringed spaces is a map ϕ : X → Y such that for any open set V ⊆ Y and regular function f ∈ OY (V ), the pullback

ϕ∗f : x 7→ f ◦ ϕ(x)

−1 ∗ −1 is a regular function on ϕ (V ), i.e. ϕ f ∈ OX (ϕ (V )).

15 1.2 Morphisms of Aﬃne Varieties 1 Algebraic Geometry

∗ −1 A morphism ϕ : X → Y determines a k-algebra homomorphism ϕ : OY (V ) → OX (ϕ (V )) for every open set V ⊆ Y . Deﬁnition. An isomorphism of ringed spaces is an invertible morphism ϕ : X → Y such that ϕ−1 is also a morphism.

1 Example 1.2.1. Consider the varieties X and Y deﬁned by X = Ak (the aﬃne line) and 2 3 2 Y = Z(y − x ) ⊆ Ak. Then the map ϕ : X −→ Y t 7−→ (t2, t3) is both invertible and a morphism, but its inverse is not a morphism so ϕ is not an isomorphism of ringed spaces.

n Definition. For an algebraic set X ⊆ Ak , we define the coordinate ring of X to be the ¯ quotient ring k[X] := k[t1, . . . , tn]/J(X). For any intermediate field k ⊆ K ⊆ k, if X is defined over K we also set K[X] = K[t1, . . . , tn]/JK (X). The coordinate ring is defined n similarly for X ⊆ Pk . Proposition 1.2.2. Suppose k is algebraically closed and X is an affine variety over k. Then

(a) OX (X) = k[X], that is, the coordinate ring of X consists of regular k-valued functions X → k.

(b) For any f ∈ k[X] r {0}, OX (D(f)) = k[X]f , the localization of k[X] at the element f.

n Notice that by Lemma 1.1.10, X ⊆ Ak is a variety if and only if k[X] is an integral domain.

n Definition. For an affine algebraic variety X ⊆ Ak , the function field of X over k is the fraction field k(X) := Frac k[X]. An element of k(X) is called a rational function on X. If X is defined over some k ⊆ K ⊆ k¯, then the field K(X) := Frac K[X] is called the field of K-rational functions on X.

Lemma 1.2.3. For any tower k ⊆ K ⊆ k¯ over which X is deﬁned, K[X] = k¯[X]GK and K(X) = k¯(X)GK . Remark. Let X be an algebraic variety. By Hilbert’s Nullstellensatz, there are one-to-one correspondences closed subvarieties ←→ Spec k¯[X] Y ⊆ X Y 7−→ I(Y ) Z(p) 7−→ p {points P ∈ X} ←→ MaxSpec k¯[X] ¯ P 7−→ mP := {f ∈ k[X] | f(P ) = 0}. For any ﬁeld k we call elements of MaxSpec k[X] the closed points of X over k.

16 1.2 Morphisms of Aﬃne Varieties 1 Algebraic Geometry

Theorem 1.2.4. The closed points of X over a field k are in bijective correspondence with ¯ the orbits of Gk on MaxSpec k[X]. Example 1.2.5. Let X ⊆ 1 be the algebraic variety defined by the irreducible polynomial AQ √ 3701 3701 ∼ 3701 f = x −2. Then Q[X] = Q[x]/(x −2) = Q( 2) is a field, so MaxSpec Q[X] consists of a single point. On the other hand, MaxSpec Q[X] contains 3701 points. Fix a variety X over k. The embedding i : k[X] ,→ k¯[X] induces a map on maximal ideals i∗ : MaxSpec k¯[X] −→ MaxSpec k[X] with the following properties:

For every maximal ideal m ∈ MaxSpec k[X], the ﬁbre α(m) := (i∗)−1(m) is ﬁnite and nonempty.

The absolute Galois group Gk acts transitively on each ﬁbre α(m), and ¯ MaxSpec k[X] = (MaxSpec k[X])/Gk.

In other words, we can view i∗ as a covering space.

If k is a perfect ﬁeld, #α(m) = [k(P ): k] for any point P ∈ α(m).

The k-points of X are in correspondence with the orbits of size one of this action.

Elements of MaxSpec k[X] are called irreducible 1-cycles. For curves, these irreducible 1-cycles are also called irreducible divisors.

Let X/k¯ be an aﬃne algebraic set. Then X is a ringed space whose structure sheaf OX : U 7→ OX (U) is deﬁned on open sets U ⊆ X by

S gα there exists a cover U = Uα such that f|U = ¯ α hα OX (U) = f : U → k ¯ for gα, hα ∈ k[X] with hα(P ) 6= 0 for all P ∈ Uα

Proposition 1.2.6. Let X be an affine algebraic set defined over k¯. Then ¯ (a) OX (X) = k[X]. h i ¯ ¯ ¯ 1 ¯ (b) For any f ∈ k[X], OX (D(f)) = k[X]f = k[X] f , the localization of k[X] at powers of f. ¯ ¯ (c) For any prime ideal p ⊆ k[X], OX (X r Z(p)) = k[X]p. Definition. For a point P ∈ X, the local ring of X at P is

n f ¯ o OX,P = g : f, g ∈ kx, g(P ) 6= 0 .

17 1.2 Morphisms of Aﬃne Varieties 1 Algebraic Geometry

Remark. For any P ∈ X, the local ring at P can alternatively be characterized by a localization or a direct limit: ¯ OX,P = k[X]m = lim OX (U). P −→ U3P ¯ Then indeed OX,P is a local ring with maximal ideal mP k[X]mP ; by abuse of notation, we will also denote this maximal ideal by mP . Also note that the residue field κ(P ) := OX,P /mP is isomorphic to k¯. We will prove that when X is a curve, ¯ \ k[X] = OX,P . P ∈X We can now define morphisms between affine varieties. Definition. A morphism of affine varieties is a map ϕ : X → Y that is a morphism of ringed spaces, that is, for any open set V ⊆ Y and regular function f ∈ OY (V ), the pullback ∗ −1 ϕ f is a regular function in OX (ϕ (V )). Such a map is also sometimes called regular.

There is a more useful equivalent deﬁnition that we introduce now. Suppose X ⊆ An with m k[X] = k[t1, . . . , tn]/J(X) and Y ⊆ A with k[Y ] = k[t1, . . . , tm]/J(Y ). Then a morphism of varieties ϕ : X → Y induces a k-algebra homomorphism

ϕ∗ : k[Y ] −→ k[X].

∗ For each 1 ≤ j ≤ m, we get ϕj := ϕ (tj) ∈ k[t1, . . . , tn]/J(X) so we can view ϕj as a polynomial in t1, . . . , tn. Lemma 1.2.7. A morphism ϕ : X → Y is given by polynomials

ϕ(P ) = (ϕ1(P ), . . . , ϕm(P )) for P ∈ X,

where ϕ1, . . . , ϕm ∈ k[t1, . . . , tn] such that f(ϕ1, . . . , ϕm) ≡ 0 for any f ∈ J(Y ). ¯ Remark. Suppose k ⊆ K ⊆ k and X and Y are defined over K. If ϕ = (ϕ1, . . . , ϕm): X → Y is a morphism such that each ϕi ∈ K[t1, . . . , tn], we say the morphism is defined over K. In particular, any ϕ : X → Y induces a morphism of K-rational points, ϕK : X(K) → Y (K), that is defined over K. Theorem 1.2.8. For any affine varieties X and Y , there is an isomorphism ∼ ¯ ¯ HomAffk (X,Y ) = Homk-alg(k[Y ], k[X]).

In particular, there is an equivalence of categories between Affk, the affine varieties over k together with variety morphisms, and (k-alg)op, the opposite category of finitely generated k-algebras together with k-algebra homomorphisms. Definition. A rational map between affine varieties over a field k is a partial morphism ϕ : X 99K Y consisting of a pair of open sets U ⊆ X and V ⊆ Y and a morphism of quasi-affine varieties U → Y .

18 1.3 Morphisms of Projective Varieties 1 Algebraic Geometry

By Lemma 1.2.7, a rational map ϕ : X 99K Y is given by polynomials ϕ = (ϕ1, . . . , ϕm): n m A → A such that ϕi ∈ OX (U) for each 1 ≤ i ≤ m. A rational map ϕ defines a homomorphism of k-algebras ϕ∗ : k[Y ] −→ k(X) f 7−→ f ◦ ϕ. Note that if ϕ(U) is dense in Y , the induced homomorphism extends to an inclusion of function fields: ϕ∗ : k(Y ) ,−→ k(X) f ϕ∗(f) 7−→ . g ϕ∗(g) This property is so important that such morphisms are given a name. Definition. A morphism ϕ : X → Y is said to be dominant if ϕ(X) is dense in Y .

Definition. Let X and Y be affine varieties over k. If there exists a rational ϕ : X 99K Y which has a rational inverse, that is a rational map ψ : Y 99K X such that ϕ ◦ ψ and ψ ◦ ϕ are equal to the identity where they are defined, then X and Y are said to be birationally equivalent over k. Lemma 1.2.9. X and Y are birationally equivalent over k if and only if k(X) ∼= k(Y ) as k-algebras. A major area of interest in algebraic geometry is the classification of varieties up to birational equivalence. For curves, there is a canonical invariant called the genus which completely classifices curves up to birational equivalence over the algebraic closure k¯ of a field k. Definition. A rational variety is a variety X over k which is birationally equivalent to An for some n.

1.3 Morphisms of Projective Varieties

n Using the affine patches Ui as charts on P , we can define regular functions and morphisms on projective varieties as follows. Let Ui be the ith affine patch of projective n-space, as defined at the end of Section 1.1. n n Definition. A function on X ⊆ Pk is regular if it pulls back along Ui ,→ Pk (i.e. restricts) to a regular function on each affine patch Xi = Ui ∩ X. n Definition. Let X ⊆ Pk be a projective variety. A rational function on X is an equivalence class of quotients of homogeneous forms of the same degree, F (x , . . . , x ) f = 0 n G(x0, . . . , xn)

F1 F2 for F,G ∈ k[t0, . . . , tn], G 6∈ J(X), where we say f = and g = are equivalent if G1 G2 F1G2 − F2G1 ∈ J(X).

19 1.3 Morphisms of Projective Varieties 1 Algebraic Geometry

n Definition. The function field of X ⊆ Pk is the set of rational functions on X, denoted k(X). ∼ Lemma 1.3.1. For each affine patch Xi = X ∩ Ui, k(X) = k(Xi) as k-algebras. n ∼ In particular, if Y ⊆ Ak is an affine variety, then k(Y ) = k(Y ), where Y is the projective closure of Y . F Definition. A function f ∈ k(X) is regular at a point P ∈ X if f can be written f = G for homogeneous forms F,G ∈ k[t0, . . . , tn] such that G(P ) 6= 0. n Proposition 1.3.2. A projective variety X ⊆ Pk is a ringed space with structure sheaf OX : U 7→ OX (U) defined on open sets U ⊆ X by

OX (U) = {f ∈ k(X) | f is regular at P for all P ∈ U}. We can now define morphisms between projective varieties using this ringed space structure. Definition. A morphism of (quasi-)projective varieties is a map ϕ : X → Y that is a morphism of the ringed spaces. The definition of rational maps between affine varieties extends to projective varieties in the following way. n m Definition. For projective varieties X ⊆ Pk and Y ⊆ Pk , a rational map ϕ : X 99K Y is a pair of open sets U ⊆ X and V ⊆ Y and a morphism ϕ = (ϕ0, . . . , ϕm): U → V , such that each ϕi ∈ k[t0, . . . , tm] is a homogeneous polynomial, ϕ(P ) ∈ Y for each P ∈ X and some ϕi 6∈ J(X).

Definition. A map ϕ : X → Y is regular at a point P ∈ X if at least one ϕi(P ) 6= 0. We say ϕ is a regular map if it is regular at every P ∈ X. Lemma 1.3.3. A map ϕ : X → Y is regular if and only if it is a morphism of varieties. Note that a quasi-projective set with the Zariski topology is not Hausdorff in general. Indeed, if X is irreducible, then any nonempty open set is dense. Thus we need a notion to replace the Hausdorff condition for algebraic sets. Proposition 1.3.4. A quasi-projective set is T1.

Proof. If P = [α0, . . . , αn] ∈ X is a point then P = Z((αitj − αjti)i,j) = Z(mP ). Thus points are closed in the Zariski topology.

Corollary 1.3.5. If U ⊆ X is open, P,Q ∈ X and f(P ) = f(Q) for all f ∈ OX (U), then P = Q. Corollary 1.3.6. Let X and Y be quasi-projective sets and ϕ, ψ : X → Y two morphisms. Then if the set Uϕ,ψ := {P ∈ X | ϕ(P ) = ψ(P )} contains an open dense set, we have ϕ = ψ. Deﬁnition. For a function f ∈ k[X], deﬁne the principal open subset of f by D(f) := {P ∈ X | f(P ) 6= 0}. Lemma 1.3.7. If X is a quasi-projective variety, then the collection {D(f) | f ∈ k[X]} is a basis for the Zariski topology on X.

20 1.4 Products of Varieties 1 Algebraic Geometry

1.4 Products of Varieties

Consider two ringed spaces X and Y . We may take their set-theoretic product X × Y and, if each space is a topological space, endow X × Y with the product topology. Unfortunately, in the category of algebraic varieties, this operation does not preserve the structure of two varieties X and Y ; that is, the product topology arising from the spaces’ Zariski topologies does not suﬃce to do algebraic geometry. Instead, consider the projections πX : X × Y → X and πY : X × Y → Y . For any ringed space Z, we must have a bijection

Hom(Z,X × Y ) ←→ Hom(Z,X) × Hom(Z,Y )

ϕ 7−→ (ϕ ◦ πX , ϕ ◦ πY ).

We thus make X × Y into a ringed space with OX×Y (U × V ) deﬁned for all open sets U ⊆ X,V ⊆ Y by stipulating that anything of the form

X ∗ ∗ f = (πX gi)(πY hi), for gi ∈ OX (U) and hi ∈ OY (V ),

∗ is regular on U × V . If g ∈ OX (U), we must have πX g ∈ OX×Y (U × V ) and likewise, if ∗ h ∈ OY (V ), then πY h ∈ OX×Y (U ×V ). Thus for such an f as above, D(f) is an open subset of X × Y that would not be open in the usual product topology.

n m ∼ n+m Example 1.4.1. Under the above description of products of affine varieties, A ×A = A for any n, m ∈ N. Note that even for n = m = 1, the Zariski topology on A2 is not equivalent to the product topology on A1 × A1. Lemma 1.4.2. If X and Y are affine varieties, then (a) X × Y is an affine variety.

(b) k[X × Y ] = k[X] ⊗k k[Y ]. To deﬁne products of projective varieties requires a little more care.

Proposition 1.4.3 (Segre Embedding). For any n, m ∈ N, there is an embedding

n m (n+1)(m+1)−1 σn,m : P × P −→ P ([x0, . . . , xn], [y0, . . . , ym]) 7−→ [xiyj]i,j

n m such that the image Σn,m := σn,m(P × P ) has the structure of an algebraic subset that coincides with the Zariski topology of the product Pn × Pm. Proof. (Sketch) Viewing P(n+1)(m+1)−1 as a space of (n + 1) × (m + 1) matrices, we have that

Σn,m = {[zij]i,j | all 2 × 2 minors of (zij) vanish}.

Then clearly Σn,m = Z((zijzk` − zkjzi`)i,j,k,`), so Σn,m is an algebraic set. The fact that σn,m is a bijection is obvious. One can now verify that the induced topology corresponds to the topology on Pn × Pm.

21 1.5 Blowing Up 1 Algebraic Geometry

Deﬁnition. Let V be a vector space over k. The set of lines, i.e. 1-dimensional subspaces, of V is called the projective space over V , denoted P(V ).

n n Example 1.4.4. If V = k is ﬁnite dimensional, then P(V ) can be identiﬁed with Pk . ∼ Lemma 1.4.5. If V and W are k-vector spaces, then P(V ) × P(W ) = P(V ⊗k W ).

Now if X ⊆ Pn and Y ⊆ Pm are projective algebraic sets, we can realize X × Y as a (n+1)(m+1)−1 subset of P by identifying it with the embedded image σn,m(X × Y ). Setting

OX×Y (U × V ) := OP(n+1)(m+1)−1 (σn,m(U × V )) gives X × Y the structure of a ringed space which coincides with the previous description of the product of two varieties.

Proposition 1.4.6. Subvarieties of Pn × Pm are zero sets of polynomials of the form

G(x0, . . . , xn, y0, . . . , ym),

where G is homogeneous in the xi of degree d and homogeneous in the yj of degree e.

Proof. Without loss of generality, suppose d ≥ e. Then G(x0, . . . , ym) = 0 if and only if d−e yi G(x0, . . . , ym) = 0 and the latter polynomial is homogeneous of a single degree. Viewing n m (n+1)(m+1)−1 P × P as the embedded image Σn,m ⊆ P gives the result.

1 1 3 Example 1.4.7. Consider the Segre embedding Pk ×Pk ,→ Pk and set Q = Σ1,1 = Z(z00z11 − z01z10). The polynomial z00z11 − z01z10 is called a quadric and the embedded image Q is 1 called a quadric surface. For each α, β ∈ Pk, one gets lines on the quadric surface realized 1 1 by {α} × Pk ,→ Q and Pk × {β} ,→ Q. Note that lines of these forms cover Q, for which reason Q is called a ruled surface.

1.5 Blowing Up

We now have a working notion of products of varieties, so consider the space An × Pn−1. Coordinates in this space are (P, [`]), where P ∈ An is a point and [`] ∈ Pn−1 is the class of some line through the origin ` in An. Consider the set B ⊆ An × Pn−1 deﬁned by B = {(P, [`]) | P ∈ `}.

n n−1 Then B is an algebraic subset: B = Z((xiyj − xjyi)i,j) if A = {(x1, . . . , xn)} and P = {[Y1,...,Yn]}. In dimension n = 2, notice that for any point P = (u, v) and line [`] = [α, β], we have u α P ∈ ` ⇐⇒ = ⇐⇒ uβ − vα = 0. v β

2 1 This explains why we can write B = Z(x1Y2 − x2Y1) ⊆ A × P .

22 1.5 Blowing Up 1 Algebraic Geometry

Now let π : An × Pn−1 → An be the canonical projection. If P 6= 0 in An, then π−1(P ) = (P, [`P ]) is deﬁned, where `P is the unique line through the origin containing P . Therefore π is an isomorphism on an open subset of B:

n π : B r {(P, [`]) | P = 0} −→ A r {0}.

On the other hand, if P = 0, the set π−1(0) = {(0, [`]) ∈ An × Pn−1} is isomorphic to Pn−1. In the dimension 2 case, B is covered by the following aﬃne patches:

U1 = {((x, y), [Y1,Y2]) | Y1 6= 0} ∩ B and U2 = {((x, y), [Y1,Y2]) | Y2 6= 0} ∩ B

Y2 ∼ 2 On U1, set t = so that in local coordinates (x, y, t), U1 = Z(xt − y) = . Likewise, for Y1 A Y1 ∼ 2 U2, set s = so that in the coordinates (x, y, s), U2 = Z(x − ys) = . Thus we see that Y2 A 2 each affine patch Ui is a quadric surface. Effectively, we have replace a point (0, 0) in A with a copy of P1 so that every line through the origin in A2, all of which are indistinguishable in P1 to begin with, now corresponds to a unique line on one of the affine quadric surfaces.

n n Deﬁnition. The set B is called the blowup of A at the point 0, denoted B = Bl0 A . The n −1 ∼ n−1 set E0A := π (0) = P is called the exceptional divisor of the blowup.

Definition. Let X ⊆ An be an affine variety and π : An × Pn−1 → An the canonical projection. The pullback π−1(X) is called the total transform of X, while the proper (or strict) transform of X is defined as

−1 Bl0 X := π (X r {0}). As the notation suggests, this set is also called the blowup of X at 0. The set

n E0X := Bl0 X ∩ E0A is called the exceptional divisor of the blowup of X.

Remark. More generally, for any subvariety Z ⊆ X, one can deﬁne the blowup of X along Z, a variety BlZ X that is birationally equivalent to X, such that Z is a codimension 1 subvariety of BlZ X.

Example 1.5.1. Consider the plane curve X = Z(y2 − x2(x + 1)) ⊆ A2.

23 1.6 Dimension of Varieties 1 Algebraic Geometry

Note that this variety has a singularity at the point (0, 0). Using the blowup of A2 defined 2 above, Bl0 A , we can blowup X to ‘remove the singularity’ at 0. Let U1 be the first affine 2 patch and ϕ : U1 → A the standard isomorphism. We make the substitution y = xt, so that ϕ(π−1(X)) = Z(x2(t2 − x − 1)). The x2 factor of this polynomial corresponds to the exceptional divisor E0X under this blowup, so the proper transform of X at 0 looks like

2 ϕ(Bl0(X)) = Z(t − x − 1) on the aﬃne patch U1. Note also that

2 2 2 E0X = Bl0 X ∩ E0A = Z(t − x − 1) ∩ Z(x) = Z(t − 1) = {±1}, so the exceptional set of X consists of two points.

Lemma 1.5.2. The projection π : Bl0 X 99K X is a birational equivalence. Blowing up allows us to replace singular curves (or more generally, varieties) with nonsingular curves by a sequence of blowups, such that in each step the birational equivalence class of the curve is preserved. The problem of finding such a nonsingular blowup is known as resolution of singularities. Much progress has been made on this problem (e.g. Hironaka’s theorem says that nonsingular blowups exist for any finite dimensional variety over a field of characteristic zero), but there is still much to be done (e.g. in finite characteristic cases).

1.6 Dimension of Varieties

In this section we explore various notions of dimension in commutative algebra and geometry and see how they coincide for algebraic varieties.

Deﬁnition. If X is a topological space, the dimension of X is deﬁned by there exists a chain of closed, irreducible subsets dim X = sup ` ∈ N0 . Y0 ( Y1 ( ··· ( Y` with Yi ⊆ X On the algebraic side, we have a similar notion of dimension due to Krull.

Deﬁnition. If A is a ring and p ⊂ A is prime, the height of p is deﬁned as

ht(p) = sup{` ≥ 0 | there is a chain of prime ideals p0 ( p1 ( ··· ( p`−1 ( p}. The Krull dimension of A is then deﬁned by

dim A = sup{ht(p) | p ⊂ A is prime}.

n Proposition 1.6.1. Let X ⊆ Ak be an aﬃne variety. Then (a) dim X ≤ dim k[X].

(b) If k is algebraically closed, then dim X = dim k[X].

24 1.6 Dimension of Varieties 1 Algebraic Geometry

Proof. (a) If Y0 ( Y1 ( ··· ( Y` is a chain of closed, irreducible subsets of X, then J(X0) ) J(Y1) ) ··· ) J(Y`) is a chain of prime ideals in k[X], by Lemma 1.1.10. (The inclusions are strict since Z(J(Yi)) = Yi for each 0 ≤ i ≤ `, by Lemma 1.1.3(b).) Thus dim X ≤ dim k[X]. (b) Assume k is algebraically closed and let p0 ( p1 ( ··· ( pm be a strictly ascending 0 0 chain of prime ideals in k[X]. For each i, pi = pi/J(X) for some prime ideal pi ⊂ A = 0 0 k[t1, . . . , tn] containing J(X). Thus by Hilbert’s Nullstellensatz, J(Z(pi)) = pi for each i, which gives us 0 0 0 Z(p0) ) Z(p1) ) ··· ) Z(pm), n 0 a strictly descending chain of aﬃne subsets of A . Since each pi contains J(X), this is a chain of closed, irreducible subsets of X. Hence dim k[X] ≤ dim X so we have equality.

Corollary 1.6.2. Suppose k is algebraically closed and X ⊆ An is an aﬃne variety. Then dim X = tr degk k(X), the transcendence degree of the function ﬁeld of X.

Proof. It is well known from commutative algebra that dim k[X] = tr degk k(X). Apply Proposition 1.6.1. Proposition 1.6.3. For an affine variety X with projective closure X, k(X) = k(X). We extend the notion of dimension to projective and quasi-projective varieties by using the transcendence degree definition. Proposition 1.6.3 says that this definition agrees with the topological definition of dimension. Definition. For any quasi-projective variety X, the dimension of X is defined by

dim X := tr degk k(X). The following is a classic result due to Krull, which is proven by an algebraic statement about height of prime ideals in k[t1, . . . , tn]. Theorem 1.6.4 (Krull’s Hauptidealsatz). Suppose k is algebraically closed. Then

(a) If I = (f1, . . . , fs) is an ideal of A = k[t1, . . . , tn], then dim Z(I) ≥ n − s.

n (b) If X ⊆ A is any algebraic subset with irreducible components X1,...,Xm ⊆ X, then dim Xi = n − 1 for all 1 ≤ i ≤ m if and only if there exists an f ∈ A r k with X = Z(f).

n Corollary 1.6.5. A variety X ⊆ Ak¯ has codimension 1 if and only if X = Z(f) for a nonconstant, irreducible polynomial f ∈ k[t1, . . . , tn]. n ¯ Example 1.6.6. For affine space, dim Ak¯ = dim k[t1, . . . , tn] = n. Example 1.6.7. If f ∈ k[x, y] is an irreducible polynomial, then Corollary 1.6.5 says dim Z(f) = 1. This gives meaning to the name curve for zero sets of irreducible polynomials in A2: they are the codimension 1 subvarieties, as we would like. Corollary 1.6.8. If X is an affine variety with dimension n and r ≤ n, then any polynomials f1, . . . , fr ∈ k[X] have a common zero. 2 Corollary 1.6.9. In P , for any forms F and G defining curves C1 = Z(F ) and C2 = Z(G), we have C1 ∩ C2 6= ∅.

25 1.7 Complete Varieties 1 Algebraic Geometry

1.7 Complete Varieties

Deﬁnition. A variety X is complete if for any variety Y , the projection map X × Y → Y, (x, y) 7→ y, is a closed map.

Proposition 1.7.1. Let X be a complete variety. Then

(1) Any closed subvariety of X is complete.

(2) If Y is complete then X × Y is also complete.

(3) For every morphism ϕ : X → Y , ϕ(X) is closed in Y and complete.

(4) If X ⊆ Y as a subvariety, then X is closed.

Proof. (1) Let X0 ⊆ X be a closed subvariety and Y any variety, and consider π0 : X0 × Y → Y . Suppose Z ⊆ X0 × Y is a closed subset. In general {x0} × Y is closed in X × Y so the diagram i Z ⊆ X0 × Y X × Y

π0 π

commutes and thus the image of Z is closed. (2) Assume Y is complete and let Z be an arbitrary variety. We can factor the map X × Y × Z → Z as X × Y × Z → Y × Z → Z but both of these maps are closed since X and Y are each complete. The composition of closed maps is closed, so X × Y is complete. (3) Let Γ = {(x, ϕ(x)) | x ∈ X} ⊆ X × Y be the graph of ϕ.. Then Γ is closed, so ϕ(X) is the projection of Γ = X × ϕ(X) onto Y , and since X is complete, ϕ(X) is closed. For completeness, use (1). (4) follows from applying (3) to the inclusion i : X → Y .

Theorem 1.7.2. Every projective variety is complete.

Proof. We proved that every closed subvariety of a complete variety is complete, so it suﬃces to prove Pn is complete for all n ≥ 1. In other words we will show that if π : Pn × Y → Y is the projection map and C ⊂ Pn × Y is closed then π(C) ⊆ Y is closed. Set A = k[Y ] and n+1 B = A[T0,T1,...,Tn]. Then B is a ring of k-valued functions on k × Y . For every proper homogeneous ideal I ⊂ B, deﬁne

∗ ∗ n Z (I) = {(x , y) | f(x, y) = 0 for all f ∈ I} ⊆ P × Y.

Then the Z∗(I) are the closed subsets of Pn × Y so it suﬃces to prove π(Z∗(I)) is closed for all proper homogeneous ideals I ⊂ B. We may assume Z∗(I) is irreducible, i.e. I is prime.

26 1.8 Tangent Space 1 Algebraic Geometry

∗ We may also assume π|Z∗(I) is dominant (changing the target to π(Z (I)) if necessary). Then we must show for every y ∈ Y , there exists x∗ ∈ Pn so that (x∗, y) ∈ Z∗(I), since then we will have π(Z∗(I)) = π(Z∗(I)). Take M ⊂ A to be the maximal ideal that vanishes at y. Then J = MB + I is a homogeneous ideal so Z∗(J) is deﬁned, and if we show Z∗(J) is nonempty, we’ll be done. ∗ k Assume to the contrary that Z (J) = ∅. Then there is a k > 0 such that Ti ∈ J for each Ti. Equivalently, there is an m > 0 so that Bm, the set of all degree m homogeneous polynomials in B, is contained in J. Set N = Bm/(Bm ∩ I). This is a ﬁnitely generated A-module in the obvious way. Moreover, notice that MN = N. Then by Nakayama’s Lemma, this implies ∗ N = 0. But then Bm = Bm ∩I so it follows that Z (I) = ∅, which is impossible for a proper ideal I ⊂ B. Hence Z∗(J) 6= ∅ so the theorem is proved.

Example 1.7.3. Consider the variety X = Z(xy − 1) ⊆ A2. Then under the projection A2 → A1, the image of X is A1 r {0} which is not a closed set, so X is not complete. We will see below that aﬃne varieties are not complete in general.

Corollary 1.7.4. Let X be a connected complete variety. Then OX (X) = k. That is, every regular k-valued function on X is constant.

1 Proof. Take f ∈ OX (X). Then f is a map f : X → k = A . Extend this to a map

1 1 g : X → A ,→ P ,

so g is not surjective onto P1. By completeness of X, g(X) is closed in P1, but the only 1 proper closed subsets of P are point-sets. Since X is connected, we must have g(X) = {x0}, or in other words, g is constant. This implies f is constant. This fact is analagous to the theorem in complex analysis that every holomorphic function on a connected compact domain is constant.

Corollary 1.7.5. Let X be a projective variety. Then any morphism X → Y into an irreducible, projective curve Y is either surjective or constant.

Corollary 1.7.6. Nontrivial aﬃne varieties are not projective.

Proof. Let X be an aﬃne variety of dimension at least 1. View X as a proper subset of aﬃne n n-space A , which has coordinate algebra k[T1,...,Tn]. Then some coordinate function Ti does not vanish on X, so Ti ∈ OX (X) is a nonconstant regular function on X.

1.8 Tangent Space

Suppose k is algebraically closed and X ⊆ AN is an aﬃne variety over k. For a point N P = (α1, . . . , αN ) ∈ X, take a line through P , Lα = {αt + P | t ∈ k} for some α ∈ k r {0}. Then if J(X) = (f1, . . . , fm), we see that X ∩Lα = Z(g1, . . . , gm), where gi(t) = fi(αt) ∈ k[t]. For Lα to be tangent to X at P , we need these gi to vanish ‘to a higher multiplicity’, as in complex analysis.

27 1.8 Tangent Space 1 Algebraic Geometry

Lα P

Deﬁnition. If L is a line and P ∈ X ∩ L, the multiplicity of X ∩ L at P is deﬁned to be the multiplicity of t = 0 as a root of the polynomial

fα(t) := gcd(f1(αt), . . . , fm(αt)).

(Formally, we say that the multiplicity of any t as a root of the zero polynomial is ∞.) Then L is tangent to X at P if the multiplicity of X ∩ L at P is at least 2.

N Deﬁnition. The tangent space to X at P is a linear subspace TP X of A consisting of P all lines through the origin Lα = {αt | t ∈ k} such that the aﬃne line Lα = {αt + P | t ∈ k} is tangent to X at P .

N Proposition 1.8.1. For any P ∈ X, TP X is a well-deﬁned vector subspace of A .

Proof. If J(X) = (f1, . . . , fm), write

∞ X (`) fi = fi `=1

(`) (0) where fi is the homogeneous part of fi of degree `. If P ∈ X, then fi (P ) = 0. Thus (1) 2 (2) (1) fi(αt) = tfi (α) + t fi (α) + ... This shows that Lα ⊆ TP X if and only if fi (α) which is N a linear condition. Thus TP X is a linear subspace of A as claimed. Examples.

N N N 1 For any P ∈ A , TP A = A .

2 If X = Z(f) ⊆ AN is a hypersurface deﬁned by an irreducible polynomial f ∈ (1) k[t1, . . . , tN ], then for any P ∈ X, TP X = Z(f ). Notice that

N X ∂f f (1)(t , . . . , t ) = (t − α ) 1 N ∂t i i i=1 i

∂f so it is immediate that TP X is equal to the kernel of the 1 × N matrix ∂x . j 1≤j≤N We see once again that TP X is a vector space since it is the kernel of a linear map. In ∂f particular, dim TP X = N − rank . ∂tj

28 1.8 Tangent Space 1 Algebraic Geometry

∂fi 3 More generally, if J(X) = (f1, . . . , fm), then is an m × N matrix and ∂tj ∂fi TP X = ker . ∂tj ∂fi This shows that dim TP X = N − rank . ∂tj We can use this notion of tangency to formalize the property of “singularity” at a point of a variety.

Deﬁnition. For an aﬃne variety X, write sX = min{dim TP X | P ∈ X}. Then a point P ∈ X is nonsingular (or, X is nonsingular at P ) if dim TP X = sX . Otherwise, P is said to be singular.

Proposition 1.8.2. The subset Sing X = {P ∈ X | P is singular} is a proper, Zariski- closed subset of X. In particular, X has a dense, open subset of nonsingular points.

Proof. The condition that dim TP X = ` is equivalent to the nonvanishing of the (N − `) × (N − `) minors of the matrix ∂fi . These minors are polynomials over k, so their zero ∂xj locus, Sing X, is closed. The next theorem connects the dimension of the tangent space to the topological dimension of the space X. By Proposition 1.6.1, this also relates the dimension of the tangent space to the Krull dimension of the coordinate ring of X.

Theorem 1.8.3. If P ∈ X is a nonsingular point of an aﬃne variety X, then dim TP X = dim X.

Proof. Let ϕ : X → Y be an isomorphism of varieties. This determines an isomorphism of vector spaces TP X → Tϕ(P )Y . By the proof of Proposition 1.8.2, dim TP X = ` is an open condition, so it suﬃces to consider any variety that is birationally equivalent to X. It is a general fact that any aﬃne variety is birationally equivalent to a hypersurface; thus we may assume X ⊆ AN is a hypersurface, with J(X) = (f) for some irreducible polynomial f ∈ k[t1, . . . , tN ]. We need to show that sX = dim X = N − 1. Note that

N ! X ∂f T X = Z (P )(x − α ) . P ∂x i i i=1 i

Since X is a hypersurface, dim TP X ≥ N − 1. However, the only way for us to have ∂f dim TP X = N is if each partial derivative is identically zero on X. If char k = 0, this ∂xi is only true for f = 0 so we are done. If char k = p > 0, the above condition holds if and p p p only if f = g(x1, . . . , xN ) = [g(x1), . . . , xN )] for some g ∈ k[t1, . . . , tN ]. But J(X) is radical, which implies g ∈ J(X), so (f) 6= J(X). This a contradiction of course, so in all cases, dim TP X = N − 1. as required.

29 1.8 Tangent Space 1 Algebraic Geometry

N Deﬁnition. Let f ∈ k[t1, . . . , tN ] and P = (α1, . . . , αN ) ∈ A . The linear term in the homogeneous expansion of f at P ,

N X ∂f d f := (P )(x − α ), P ∂x i i i=1 i is called the diﬀerential of f at P .

N Lemma 1.8.4. For any P ∈ A , the diﬀerential dP is a derivation:

(a) dP (f + g) = dP f + dP g.

(b) dP (fg) = (dP f)g + f(dP g).

N Corollary 1.8.5. If X ⊆ A is a variety with J(X) = (f1, . . . , fm) and P ∈ X, then

TP X = Z(dP f1, . . . , dP fm).

Remark. For g ∈ k[X], we can represent g by a form G ∈ k[t1, . . . , tN ], so that g = G+J(X). Set dP g := dP G. This is only well-defined up to elements of the form dP f for f ∈ J(X). 0 0 Thus, if G = G + f for f ∈ J(X), then dP G = dP G + dP f but since TP X = Z(f1, . . . , fm) and f ∈ (f1, . . . , fm), the differential of f disappears. Thus we can define dP g by

dP g = dP G|TP X

for any lift G ∈ k[t1, . . . , tN ] such that g = G + J(X).

The diﬀerential dP induces a map into the dual of the tangent space:

∗ k[X] −→ (TP X)

g 7−→ dP G where g = G + J(X).

N Theorem 1.8.6. Let X ⊆ A be an aﬃne variety and P ∈ X. Then the diﬀerential dP 2 ∗ induces an isomorphism mP /mP → (TP X) .

∗ Proof. Restricting dP to mP gives a map dP : mP → (TP X) , which is linear since dP is a N derivation. Now any linear form λ on TP X is induced by a linear function ` on A with `(P ) = 0. Then dP ` = λ, so dP is surjective. Next, suppose g ∈ mP with dP g = 0 and take a lift G ∈ k[t1, . . . , tN ] with G|X = g. Then Pm Pm 0 = dP g = dP G|TP X , so if g = i=1 aifi then dP G = i=1 aidP fi. Then

m 0 X G := G − aifi i=1

0 has no linear term by construction and thus G ∈ (t1 − α1, . . . , tN − αN ). On the other hand, 0 0 2 2 G |X = G|X = g so if G ∈ (t1 − α1, . . . , tN − αN ) then we must have g ∈ mP . This shows 2 that ker dP ⊆ mP . The reverse inclusion is shown similarly, so by the ﬁrst isomorphism 2 ∼ ∗ theorem, mP /mP = (TP X) .

30 1.8 Tangent Space 1 Algebraic Geometry

Corollary 1.8.7. For any aﬃne variety X over an algebraically closed ﬁeld k, dim X = 2 dimk mP /mP for any nonsingular point P ∈ X. Proof. Apply Theorems 1.8.3 and 1.8.6.

2 Deﬁnition. The vector space mP /mP is called the cotangent space to X at P . It is the dual of the tangent space by Theorem 1.8.6. Deﬁnition. If ϕ : X → Y is a morphism of varieties, the induced map ϕ∗ : k[Y ] → k[X] 2 2 determines a linear map mϕ(P )/mϕ(P ) → mP /mP . The dual of this map,

dP ϕ : TP X −→ Tϕ(P )Y, is called the diﬀerential of ϕ at P ∈ X.

Theorem 1.8.8. If ϕ : X → Y is an isomorphism of varieties, then the diﬀerential dP ϕ : TP X → Tϕ(P )Y is a linear isomorphism for all P ∈ X.

Remark. The above description shows that TP X is an ‘intrinsic object’ to X; that is, it only depends on the isomorphism class of X. The next result says that the tangent space is also a local object.

∗ ∼ 2 Theorem 1.8.9. For any P ∈ X, (TP X) = mP OX,P /(mP OX,P ) .

∗ ∗ Proof. We can extend dP : k[X] → (TP X) to a map dP : OX,P → (TP X) by: f gd f − fd g d = P P . P g g2 Then the proof of Theorem 1.8.6 goes through with appropriate modifications. Definition. For any quasi-projective variety X and point P ∈ X, we define the tangent space to X at P by 2 ∗ TP X = (mP OX,P /(mP OX,P ) ) .

By Theorem 1.8.9, this description agrees with TP (X ∩ Ui) for any aﬃne patch Ui (i.e. the tangent spaces are isomorphic).

N Deﬁnition. For a projective variety X ⊆ P such that J(X) = (F1,...,Fm), and a point P ∈ X ∩ Ui, we deﬁne the projective tangent space to X at P to be

−1 TP X = T −1 (ϕ (X ∩ Ui)). ϕi (P ) i

N Lemma 1.8.10. TP X is a linear subvariety of P . Proof. This follows from the fact that

( N )! X ∂Fi T X = Z : 1 ≤ j ≤ m . P ∂X i=0 i

31 1.9 Local Parameters 1 Algebraic Geometry

As with aﬃne tangent spaces, we have ∂Fi dim TP X = dim TP X = N − rank (P ) . ∂Xj Deﬁnition. A quasi-projective variety X is nonsingular at a point P ∈ X if

∂F dim X = N − rank i (P ) . ∂Xj

Example 1.8.11. A hypersurface X = Z(F ) is nonsingular at P if and only if ∂F (P ) 6= 0 ∂Xi for some 1 ≤ i ≤ N.

1.9 Local Parameters

Deﬁnition. Let X be a nonsingular variety of dimension n. We say t1, . . . , tn ∈ OX,P are local parameters at P if

(1) ti(P ) = 0 for each i; that is, ti ∈ mP . ¯ ¯ 2 (2) t1,..., tn form a basis of the vector space mP /mP . Proposition 1.9.1. Local parameters generate the maximal ideal at P .

Proof. This follows from Nakayama’s Lemma.

Deﬁnition. Let A be a local ring with maximal ideal m and residue ﬁeld k = A/m. Then A 2 is said to be a regular ring if dim A = dimk m/m .

Proposition 1.9.1 shows that P ∈ X is nonsingular if and only if the local ring OX,P is a regular ring.

Remark. For a nonsingular point P ∈ X, the topological completion of OX,P at mP , denoted ObX,P , is isomorphic to the power series ring k[[t1, . . . , tn]], where t1, . . . , tn are local parameters at P . This can be used, for example, to show that OX,P is a UFD, since power series rings are UFDs in general. In the next chapter, we will prove directly that the local rings of X are UFDs when X is a curve.

32 2 Curves

2 Curves

In this chapter we further study the geometry of algebraic varieties of dimension 1.

Deﬁnition. An irreducible, projective algebraic variety X of dimension dim X = 1 is called an algebraic curve.

For the rest of the chapter, X will denote an algebraic curve. The ﬁrst important result is that the local rings OX,P of a nonsingular curve are discrete valuation rings.

Theorem 2.0.1. Let X be an algebraic curve and P ∈ X a nonsingular point. Then OX,P is a DVR.

Proof. Fix P ∈ X and let OP = OX,P be the local ring at P , with maximal ideal mP and residue ﬁeld κ(P ) = OP /mP . Then by Proposition 1.9.1, OP is a regular local ring. Thus 2 Corollary 1.8.7 gives us dimκ(P )(mP /mP ) = dim X = 1. Let t ∈ mP such that dP t 6= 0; that ¯ r is, t is a local parameter at P . Then for f ∈ k(X) with f(P ) = 0, we have f = t u in OP , × for some u ∈ OP . Deﬁne a map

ordP : OP −→ Z d f 7−→ ordP (f) = max{d ∈ Z | f ∈ mP }.

r Explicitly, if f = t u where u is a unit, then ordP (f) = r. Formally, we also set ordP (f) = 0 ¯ if f(P ) 6= 0, to get a map on all of k(X). One then shows that ordP is a discrete valuation with OP as its valuation ring.

Corollary 2.0.2. For any nonsingular point P ∈ X, OP is a PID and therefore a UFD.

r Proof. By the above, every ideal of OP is of the form (t ) where t ∈ mP is a local parameter.

Deﬁnition. A local parameter t ∈ mP is called a uniformizer at P . Deﬁnition. Fix a rational function f ∈ k(X) and an integer r > 0. We say f has a pole of order r at P if ordP (f) = −r, and a zero of order r at P if ordP (f) = r.

Remark. A rational function f ∈ k(X) is regular at P if and only if ordP (f) ≥ 0. Proposition 2.0.3. Every nonconstant, rational function f ∈ k¯(X) has at least one pole.

Proof. A rational function f ∈ k¯(X) with no poles is regular everywhere on X, and therefore constant by Corollary 1.7.4, since X is projective.

Remark. Each f ∈ k¯(X) has only ﬁnitely many zeroes and poles, or none at all.

33 2.1 Divisors 2 Curves

2.1 Divisors

Deﬁnition. Let X be a variety. An irreducible divisor on X is a closed, irreducible k-subvariety x of X of codimension 1.

When X is a curve over k, an irreducible divisor is a closed point of MaxSpec k[X ∩ Ui] ¯ for some aﬃne patch Ui, or alternatively, a Gk-orbit of points in X(k). ¯ Deﬁnition. The degree of an irreducible divisor x on X is the size of the Gk-orbit in X(k) corresponding to x, i.e. deg(x) = [κ(P ): k] for any P ∈ x.

1 1 1 Example 2.1.1. Let X = P . On an affine patch A ,→ Ui ⊆ P , the irreducible divisors correspond to irreducible polynomials in k[A1] = k[t]. Definition. Let X be a curve over k. The divisor group on X, Div(X), is the free abelian group on the set of irreducible divisors on X: ( ) X Div(X) = D = nxx : nx ∈ Z, nx 6= 0 for finitely many x . x∈X P The elements of Div(X) are called divisors on X. For a divisor D = nxx ∈ Div(X), P x∈X the degree of D is deg(D) = x∈X nx deg(x). Example 2.1.2. If k is algebraically closed, then the irreducible divisors are the points of P X, so each D ∈ Div(X) is a weighted sum of points of X: D = nxx. The degree of P x∈X such a divisor is just the sum of the weights: deg(D) = x∈X nx. Now assume X is a nonsingular curve. For f ∈ k(X)∗, we can define a divisor D(f) = P x∈X ordx(f)x, called the principal divisor of f. This defines a map D : k(X)∗ −→ Div(X) whose image is denoted PDiv(X), the group of principal divisors on X. Definition. The Picard group, or divisor class group, of X is the quotient group Pic(X) = Div(X)/ PDiv(X).

This defines an equivalence relation on divisors: D1 ∼ D2 if D1 = D2 + D(f) for some f ∈ k(X)∗. Example 2.1.3. Consider the variety E = Z(y2 − x3 − 3x2 − 2x). This is the elliptic curve defined by y2 = f(x) where f = x3 + 3x2 + 2x = x(x + 1)(x + 2). The projective closure of E is E = Z(fh), where 2 3 2 2 fh = ZY − X − 3X Z − 2XZ . Y Setting y = Z , we can compute its divisor on E: X D(y) = ordP (y)P. P ∈X On the affine part, there are only zeroes of y, and they occur precisely at P = (−2, 0), (−1, 0) and (0, 0).

34 2.1 Divisors 2 Curves

Note that t ∈ OE,P is a uniformizer whenever dP t 6= 0. Viewing t ∈ k[x, y], i.e. as a lift of [t] ∈ OE,P , we have that ∂f t = x is a uniformizer as long as d x = x| 6= 0, which is equivalent to (P ) 6= 0. P TP E ∂y ∂f t = y is a uniformizer as long as d y = y| 6= 0, that is, (P ) 6= 0. P TP E ∂x In particular, we can always ﬁnd a uniformizer! For P = (−2, 0), (−1, 0) and (0, 0), t = y is a uniformizer. It follows that ordP (y) = 1 at each of these points, and ordQ(y) = 0 for any other point Q ∈ E. Thus the divisor for y is

(y) = (−2, 0) + (−1, 0) + (0, 0) + ord∞(y)∞.

The point at infinity is where Z = 0, so by the defining equation for E, X = 0 and, in projective space, Y = 1. Set P = ∞ = [0, 1, 0]. On a different affine patch containing P , we Z X 1 1 have coordinates ζ = Y and ξ = Y . Then y = ζ so ordP (Y ) = ordP ζ = − ordP (ζ). In these coordinates, the defining equation for E becomes

g = ζ − (ξ3 + 3ξ2ζ + 2ξζ2).

∂g Notice that ∂ζ (0, 0) = 1, so ξ is a uniformizer on this patch. Now

3 2 2 3 2 2 ordP (ζ) = ordP (ξ + 3ξ ζ + 2ξζ ) ≥ min{ordP (ξ ), ordP (3ξ ζ), ordP (2ξζ )}.

35 2.2 Morphisms Between Curves 2 Curves

3 2 2 We have ordP (ξ ) = 3 and ordP (3ξ ζ), ordP (2ξζ ) ≥ 3. If all three orders are equal to 3, then by the ultrametric inequality ordP (ζ) must be strictly greater than the minimum, which is 2 2 3 in this case. But then ordP (3ξ ζ) = ordP (ξ ) + ordP (ζ) > 2 + 3 > 3, so in fact we cannot have all three orders equal to 3. Hence ordP (ζ) = 3. We have thus calculated the divisor of y on the elliptic curve E:

(y) = (−2, 0) + (−1, 0) + (0, 0) − 3∞.

2.2 Morphisms Between Curves

Proposition 2.2.1. Let C be an algebraic curve and X a projective variety, and suppose ϕ : C 99K X is a rational map. If P ∈ C is a nonsingular point then ϕ is regular at P .

Proof. A more general result is that if Y is a normal variety, i.e. the local rings OY,P are normal rings, then the locus of nondeterminacy of such a rational map ϕ : Y 99K X is a subvariety of codimension at least 2. For Y = C a curve, this means there are no points where ϕ fails to be regular.

A nonconstant rational map ϕ : C1 99K C2 between curves induces a field extension k(C2) ,→ k(C1). Since both function fields have transcendence degree 1, this is in fact a finite field extension.

Definition. For curves C1 and C2 and a rational map ϕ : C1 99K C2, define the degree of ϕ by deg ϕ = [k(C1): k(C2)]; the separable degree of ϕ by degs ϕ = [k(C1): k(C2)]s; and the inseparable degree of ϕ by degi ϕ = [k(C1): k(C2)]i. We say ϕ is separable if k(C1) ⊇ k(C2) is a separable extension. Definition. Any finitely generated field extension of k with transcendence degree 1 over k is called a function field of degree 1 over k.

Proposition 2.2.2. There is an equivalence of categories

nonsingular curves over k function ﬁelds of deg. 1 over k ←→ . with nonconstant, rational maps with k-homomorphisms

Proof. (Sketch) The assignment X 7→ k(X) determines one direction: we have seen that k(X) is indeed a function field over k. Conversely, for a function field K/k, we associate an abstract algebraic curve XK to K by putting a Zariski topology on the maximal ideals T of the valuation rings O ⊂ K. The structure sheaf is given by OXK (U) = P ∈U OP where U ⊆ XK is open and OP is the valuation ring corresponding to P . This determines the reverse assignment K 7→ XK . One now checks that these assignments are inverse and preserve categorical structure. Now fix nonsingular curves X and Y over k and a morphism ϕ : X → Y defined over k. Then an irreducible divisor y ∈ Div(Y ) corresponds to a maximal ideal mY (on some affine patch) with uniformizer ty ∈ k(Y ).

36 2.2 Morphisms Between Curves 2 Curves

Deﬁnition. The pullback of ϕ is a map ϕ∗ : Div(Y ) → Div(X) deﬁned on irreducible divisors by ∗ X ∗ ϕ y = ordX (ϕ ty)x, x∈X

where ty is a uniformizer at y, and extended linearly.

Example 2.2.3. Let X be the plane curve deﬁned by y2 −x and Y = P1 the projective line, and let ϕ : X → Y be the x-coordinate projection.

x2 X

Y y0 y1

∗ ∗ ∗ ∗ Then ϕ y0 = 2x0 + ord∞(ϕ ty0 )∞ and ϕ y1 = x1 + x2 + ord∞(ϕ ty1 )∞. Definition. Let ϕ : X → Y be a morphism, x ∈ X and y = ϕ(x) ∈ Y . The number ∗ eϕ(x) = ordx(ϕ ty) is called the ramification index of ϕ at x. If eϕ(x) = 1 and the residue field extension κ(x)/κ(y) is separable, we say ϕ is unramified at x. Otherwise, we say ϕ is ramified at x, and y is called a branch point of ϕ. Proposition 2.2.4. Fix a morphism ϕ : X → Y , x ∈ X and y = ϕ(x) ∈ Y . Then

(1) eϕ(x) does not depend on the choice of uniformizer ty. P (2) For any Q ∈ Y , P ∈ϕ−1(Q) eϕ(P ) = deg ϕ.

−1 (3) All but ﬁnitely many Q ∈ Y have #ϕ (Q) = degs ϕ.

(4) If ψ : Y → Z is a morphism then eψϕ(x) = eϕ(x)eψ(y).

Deﬁnition. Given a morphism ϕ : X → Y , the pushforward of ϕ is a map ϕ∗ : Div(X) → Div(Y ) deﬁned on irreducible divisors x ∈ X by

ϕ∗x = [κ(x): κ(ϕ(x))]ϕ(x)

and extended linearly.

37 2.3 Linear Equivalence 2 Curves

Proposition 2.2.5. Let ϕ : X → Y be a morphism and D ∈ Div(Y ) and D0 ∈ Div(X) divisors. Then (1) deg(ϕ∗D) = (deg ϕ)(deg D). (2) ϕ∗(f) = (ϕ∗f) for any function f ∈ k(Y ).

0 0 (3) deg(ϕ∗D ) = deg(D ).

∗ (4) ϕ∗ϕ D = (deg ϕ)D. Corollary 2.2.6. For any function f ∈ k(X) on a curve X, deg(f) = 0.

Proof. View f as a function X → P1. Then deg(f) = deg(ϕ∗(0) − ϕ∗(∞)) = 0. Let Div0(X) be the subgroup of Div(X) consisting of divisors of degree zero. Then Corollary 2.2.6 shows that PDiv(X) ⊆ Div0(X). Set

Pic0(X) := Div0(X)/ PDiv(X).

Then the degree map determines an exact sequence

0 → k× → k(X)× −→D Div0(X) → Pic0(X) → 0.

If X is deﬁned over the algebraic closure k¯, write Pic(X/k¯) for Pic(X(k¯)). Consider Div(X/k¯)Gk . Then we have an embedding

Pic0(X/k) ,→ Pic0(X/k¯)Gk .

Unfortunately, this map is not surjective in general.

2.3 Linear Equivalence

Deﬁnition. The classes [D] = {D + (f): f ∈ k(X)×} in the Picard group of X determines a linear equivalence: D ∼ D0 if there exists an f ∈ k(X)× such that D + (f) = D0. Lemma 2.3.1. For two divisors D,D0 ∈ Div(X), D ∼ D0 if and only if deg(D) = deg(D0). Therefore the degree map descends to a map on the Picard group,

deg : Pic(X) −→ Z. P Definition. A divisor D = nxx on X is called effective if nx ≥ 0 for all x ∈ X. In this case we will write D ≥ 0. Also, if D1,D2 ∈ Div(X) and D1 − D2 is an effective divisor, we write D1 ≥ D2. This defines an ordering on Div(X). Definition. Let D be an effective divisor on X. Then the Riemann-Roch space associated to D is the k-vector space

L(D) = {f ∈ k(X)× | D + (f) ≥ 0} ∪ {0}.

We denote its dimension by `(D) = dimk L(D).

38 2.3 Linear Equivalence 2 Curves

P The condition that D + (f) ≥ 0 can be restated as (f) ≥ −D, or if D = nxx then ordx f ≥ −nx for all x ∈ X. Example 2.3.2. Let x ∈ X and n > 0. For the divisor D = nx, the space L(D) consists of all f ∈ k(X)× with no poles except possibly at x of order at most n.

Deﬁnition. Fix a divisor D ∈ Div(X). The projective space

0 0 0 ∼ |D| := {D ∈ Div(X):[D ] = [D] and D ≥ 0} = P(L(D)) is called the complete linear system of D on X. Any projective subspace of |D| is called a linear system of D on X.

Note that D is linearly equivalent to an eﬀective divisor if and only if L(D) 6= 0.

Theorem 2.3.3. For any D ∈ Div(X), L(D) is ﬁnite dimensional.

Lemma 2.3.4. If D1,D2 ∈ Div(X) are linearly equivalent, say D1 − D2 = (g) for some g ∈ k(X)×, then there is an isomorphism

L(D1) −→ L(D2) f 7−→ gf.

In particular, `(D) is a well-defined invariant of each class [D] ∈ Pic(X). ¯ Remark. If X is defined over an extension k ⊆ K ⊆ k, write LK (D) and `K (D) for the Riemann-Roch space of D on X(K) and its dimension. Then Lk¯(D) has a basis consisting × of functions f ∈ k(X) , so `k¯(D) = `k(D). Thus we are justified in writing `(D) for any of these.

Proposition 2.3.5. Let D,D1,D2 ∈ Div(X). Then (1) `(D) ≤ deg(D) + 1 if D ≥ 0.

(2) If D1 ≤ D2 then L(D1) ⊆ L(D2).

Example 2.3.6. For X = P1, any divisor D is linearly equivalent to d∞ for some d ∈ Z. Then L(D) ∼= L(d∞) = {f ∈ k[t] : deg f ≤ d} which has dimension exactly d + 1. Thus the equality `(D) = deg(D) + 1 holds for any divisor on P1.

Example 2.3.7. If X 6= P1 and D is an eﬀective divisor, then `(D) ≤ deg(D). In particular, if deg(D) ≤ 0 then `(D) = 0.

Next, we explore how much less than deg(D) + 1 the dimension `(D) can be. This culminates with the Riemann-Roch theorem in Section 2.6. Set γ(D) = deg(D) + 1 − `(D).

Theorem 2.3.8 (Riemann Inequality). For an nonsingular algebraic curve X, there is a bound γX such that γ(D) ≤ γX and 1 + deg(D) − γX < `(D) for all divisors D ∈ Div(X).

39 2.4 Diﬀerentials 2 Curves

The Riemann-Roch spaces are useful for constructing maps X → PN and in particular N embeddings into projective space. Given a rational map ϕ = (ϕ0, . . . , ϕN ): X 99K P with ϕi ∈ k(X), deﬁne the divisor of ϕ to be

Dϕ = gcd{(ϕ0),..., (ϕN )}.

Then for each ϕi,(ϕi) − Dϕ ≥ 0 so ϕi ∈ L(−Dϕ). Set D = Dϕ. Let M be the subspace of L(−D) spanned by (ϕ0),..., (ϕN ). We may assume that these (ϕi) are linearly independent, lowering N if necessary. Then dim M = N + 1. Next, δ = {(g) − D | g ∈ M} is a linear N system of dimension N, i.e. a subspace of | − D|. Thus every rational map X 99K P determines a linear system of D, and it turns out the converse is also true. Given δ ≤ |D| a linear subspace of |D| ⊆ PN of dimension N, deﬁne the base locus of δ by n 0 X o B(δ) = P ∈ X : nP 6= 0 for all D = nP P ∈ δ .

Choose a basis f0, . . . , fN of functions for L(D) corresponding to δ. Then ϕδ = (f0, . . . , fN ): N X 99K P is a rational map that restricts to a morphism on X r B(δ). This is in fact unique up to automorphism of PN – corresponding to a choice of basis. Deﬁnition. A linear system δ ≤ |D| is called basepoint-free if B(δ) = ∅. N A basepoint-free linear system δ determines a regular map ϕδ : X → P .

Deﬁnition. If the complete linear system |D| is basepoint-free and the morphism ϕ|D| : X → PN is an embedding, we say |D| is very ample. If for some m > 0, the complete linear system |mD| is very ample, then we say |D| is ample. P Theorem 2.3.9. Let X be a curve and D = nxx an eﬀective divisor on X. Then

(1) D is basepoint-free if and only if for all x ∈ X such that nx 6= 0, `(D − x) < `(D). (2) |D| is very ample if and only if `(D − P − Q) < `(D − P ) < `(D) for all P,Q ∈ X.

2.4 Diﬀerentials

Definition. For a curve X, the space of meromorphic differentials on X is the k(X)- × vector space ΩX consisting of formal differentials df for each f ∈ k(X) satisfying d(f + g) = df + dg, dα = 0 if α ∈ k, d(fg) = f dg + g df. If ϕ : X → Y is a morphism of curves, we get a map of fields ϕ∗ : k(Y ) → k(Y ). Define the induced map on meromorphic differentials by

∗ ϕ :ΩY −→ ΩX ∗ X X ∗ ∗ ϕ fi dti 7−→ ϕ fi d(ϕ ti).

40 2.4 Diﬀerentials 2 Curves

Lemma 2.4.1. For any algebraic curve X, dimk(X) ΩX = dim X = 1. Proposition 2.4.2. For any f ∈ k(X), the following are equivalent:

(i) df 6= 0.

(ii) df is a basis for ΩX . (iii) k(X)/k(f) is ﬁnite and separable.

(iv) f 6∈ k if char k = 0, or f 6∈ k(X)p if char k = p > 0.

Lemma 2.4.3. A nonconstant morphism ϕ : X → Y is separable if and only if the induced ∗ map ϕ :ΩY → ΩX is nonzero.

For a point P ∈ X, choose a uniformizer t = tP in OX,P . Then ΩX is generated by dt. Hence for any ω ∈ ΩX , there exists g ∈ k(X) such that ω = g dt.

Definition. Define the order of ω at P ∈ X to be ordP (ω) = ordP (g), where ω = g dt. The principal divisor associated to ω is then defined to be X (ω) = ordP (ω)P. P ∈X

Proposition 2.4.4. Let X be a curve, P ∈ X, f ∈ k(X) and ω ∈ ΩX . Then

(1) If f is regular at P then df = f dt for t = tP a local uniformizer.

(2) For any s ∈ k(X) such that s(P ) = 0, ordP (f ds) = ordP (f) + ordP (s) − 1 if p - ordP (s), and ordP (f ds) ≥ ordP (f) + ordP (s) if p | ordP (s).

(3) ordP (ω) = 0 for all but ﬁnitely many P ∈ X.

Definition. The canonical class on a curve X is the class KX = [(ω)] in Pic(X) for any nonzero differential ω ∈ ΩX . Lemma 2.4.5. The canonical class is well-defined, i.e. does not depend on the choice of ω ∈ ΩX .

× Proof. For nonzero ω1, ω2 ∈ ΩX , write ω1 = fω2 for some f ∈ k(X) . Then (ω1) = (fω2) = (f) + (ω2). Thus [(ω1)] = [(ω2)].

Definition. We say ω ∈ ΩX is a holomorphic (or regular) differential on X if ordP (ω) ≥ 0 for all P ∈ X. We denote the space of holomorphic differentials on X by Ω[X].

Note that Ω[X] is a k-vector space but need not be a k(X)-vector space.

Deﬁnition. The geometric genus of X is deﬁned as g(X) := `(KX ), the dimension of the Riemann-Roch space L(KX ) of the canonical class.

Lemma 2.4.6. There is an isomorphism L(KX ) → Ω[X].

41 2.5 The Riemann-Hurwitz Formula 2 Curves

Proof. The map is f 7→ fω for any ﬁxed ω ∈ Ω[X] deﬁning the canonical class.

Corollary 2.4.7. For any curve X, g(X) = dimk Ω[X]. ¯ Remark. For any divisor D ∈ Div(X), `k(D) = `k¯(D) implies g(X(k)) = g(X(k)), so the geometric genus is unchanged when passing to the algebraic closure k¯. Moreover, g(X) is a birational invariant of X.

Example 2.4.8. Let X = P1 and let t be a coordinate function on some aﬃne patch U of 1 ∼ 1 P . We claim that (dt) = −2∞. Indeed, for any α ∈ U = A , t − α is a local uniformizer at 1 α. Thus ordα(dt) = ordα(d(t − α)) = 0. At inﬁnity, t is a local uniformizer so we can write 2 1 dt = −t d t . Hence 2 1 1 1 ord∞(dt) = ord∞ −t d t = ord∞ − t−2 + ord∞ d t = −2 + 0 = −2.

So (dt) = −2∞ as claimed. Now for any ω ∈ ΩP1 , deg(ω) = −2 so we see that `(KP1 ) = `(−2∞) = 0. Hence the genus of the projective line is g(P1) = 0. Corollary 2.4.9. There are no holomorphic diﬀerentials on P1. 1 1 Proof. By Corollary 2.4.7, g(P ) = dimk Ω[P ] but by the calculations above, the genus of P1 is zero.

2.5 The Riemann-Hurwitz Formula

Let ϕ : X → Y be a nonconstant morphism of curves and ﬁx P ∈ X. Then eϕ(P ) = ∗ ordP (ϕ tϕ(P )) where tϕ(P ) is a local uniformizer. We would like to see what happens to the canonical class KX under a morphism. Take t to be a uniformizer at Q = ϕ(P ) and set ∗ ∗ ∗ e eϕ(P ) = e. Then ϕ (dt) = d(ϕ t). Moreover, if s is a uniformizer on X at P , then ϕ t = us × ∗ e e e−1 for some unit u ∈ OP . Now d(ϕ t) = d(us ) = s du + ues ds. Write du = g ds for a regular function g ∈ OP ; this is possible by (1) of Proposition 2.4.4. Then d(ϕ∗t) = seg ds + euse−1 ds ∗ e e−1 =⇒ ordP (d(ϕ t)) = ordP (s g + eus ) e e−1 = min{ordP (s g), ordP (eus )}.

If char k - e, then this minimum is e − 1; otherwise, when char k | e the minimum is at least e.

Definition. If ϕ is ramified and char k - eϕ(P ) for all P ∈ X, we say ϕ is tamely ramified. Otherwise ϕ is wildly ramified.

∗ Remark. If ϕ is tamely ramified, then ordP (d(ϕ t)) = eϕ(P ) − 1 for each P . If ϕ is wildly ∗ ramified at P , then ordP (d(ϕ t)) ≥ eϕ(P ). Definition. For a morphism ϕ : X → Y , define the ramification divisor

X ∗ Rϕ = ordP (d(ϕ t))P. P ∈X

42 2.6 The Riemann-Roch Theorem 2 Curves

Now for ω ∈ ΩY , the canonical classes on X and Y can be deﬁned by KY = [(ω)] and ∗ ∗ KX = [(ϕ ω)]. On the other hand, the pullback deﬁnes a divisor ϕ KY ∈ Div(X). We want to determine the relation between these three divisors.

∗ Lemma 2.5.1. If ϕ : X → Y is a morphism of curves, then KX = ϕ KY + [Rϕ], where Rϕ is the ramiﬁcation divisor of ϕ.

Proof. If ω = f dt ∈ ΩY , then

∗ ∗ ∗ ∗ ∗ ordP (ϕ ω) = ordP (ϕ f d(ϕ t)) = ordP (ϕ f) + ordP (d(ϕ t)),

∗ ∗ so we see that ordP (ϕ ω) gives the coefficient in KX , ordP (ϕ f) gives the coefficient in ∗ ∗ ϕ KY and ordP (d(ϕ t)) gives the coefficient in Rϕ. Summing over P ∈ X gives the desired equality. P Taking ϕ to be tamely ramified, Rϕ = P ∈X (eϕ(P ) − 1)P so the degree function applied to the equation in Lemma 2.5.1 gives

∗ X deg(KX ) = deg(ϕ KY ) + (eϕ(P ) − 1). P ∈X

We will show in Section 2.6 that deg(KX ) = 2g(X) − 2. This proves: Theorem 2.5.2 (Riemann-Hurwitz Formula). For any morphism ϕ : X → Y , X 2g(X) − 2 = (deg ϕ)(2g(Y ) − 2) + (eϕ(P ) − 1). P ∈X

Corollary 2.5.3. For any morphism ϕ : X → Y , g(X) ≥ g(Y ).

2.6 The Riemann-Roch Theorem

Recall from Theorem 2.3.8 that `(D) ≥ 1+deg(D)−γX . The classic Riemann-Roch theorem gives a precise value for γX in terms of the dimensions of the Riemann-Roch spaces of X and the genus.

Theorem 2.6.1 (Riemann-Roch). For an algebraic curve X with genus g = g(X), γX = g satisﬁes the Riemann Inequality. Moreover,

`(D) − `(K − D) = 1 − g + deg(D), where K = KX is the canonical divisor of X. Remark. One typically proves the Riemann-Roch theorem using sheaf cohomology – the vector spaces L(D) form a sheaf on X – as well as Serre duality. See Hartshorne for details.

Corollary 2.6.2. If KX is the canonical divisor on X, then deg(KX ) = 2g − 2.

43 2.6 The Riemann-Roch Theorem 2 Curves

Proof. Set D = K = KX . Then the Riemann-Roch theorem says that `(K) − `(0) = deg(K) + 1 − g but `(K) = g by deﬁnition and `(0) = 1. Solving for deg(K) we get deg(K) = 2g − 2. Corollary 2.6.3. Suppose deg(D) > 2g − 2 for some divisor D ∈ Div(X). Then `(D) = deg(D) + 1 − g. The genus is a discrete invariant of nonsingular curves. There are two natural questions that arise:

(1) What are the curves with genus g for a particular g ∈ N0? (2) How do we describe the structure of the collection of all genus g curves? We will see that one can put the structure of a variety on the collection of genus g curves. ∼ 1 Lemma 2.6.4. Let X be an algebraic curve. Then X = P if and only if there is some divisor D ∈ Div(X) such that deg(D) = 1 and `(D) ≥ 2. ∼ 1 1 Proof. ( =⇒ ) If X = P then g(X) = g(P ) = 0 by Example 2.4.8. Take a point P ∈ X and set D = P ∈ Div(X); of course deg(D) = 1. Then by the Riemann-Roch theorem, `(D) = 1 − g + deg(D) + `(K − D) = 1 − 0 + 1 + `(K − D) = 2 + `(K − D) ≥ 2. ( ⇒ = ) Since `(D) ≥ 2, there exists a nonconstant function g ∈ L(D). Then D ∼ D + (g) ≥ 0 so we may assume D is eﬀective. The only way for deg(D) = 1 is for D = P for some 1 ∗ point P ∈ X(k). Now g determines a map g : X → P , under which g ∞ = ord∞(g) = P , so we must have deg(g) = 1. Hence g is an isomorphism of curves. Proposition 2.6.5. For an algebraic curve X with genus g = g(X), the following are equivalent: ∼ 1 (1) X = P . (2) g = 0 and there exists a divisor D ∈ Div(X) with deg(D) = 1.

(3) g = 0 and X(k) 6= ∅. Proof. (1) =⇒ (2) follows immediately from Lemma 2.6.4. (2) =⇒ (1) Since the genus is 0, deg(D) > 2g − 2 = −2 is certainly true. By Corol- lary 2.6.3, `(D) = deg(D) + 1 − g = 1 + 1 − 0 = 2, so Lemma 2.6.4 once again applies. (2) =⇒ (3) follows from the proof of Lemma 2.6.4. (3) =⇒ (2) Any rational point P ∈ X(k) is a divisor on X of degree 1. This shows that the main interest for curves of genus 0 is in ﬁnding rational points P ∈ X(k). Moreover, when g(X) = 0, the complete linear system |KX | is very ample by 2 Theorem 2.3.9 and the Riemann-Roch theorem, and the embedding ϕ|KX | : X,→ P realizes X as a plane conic. Remark. If ϕ : P1 → X is a morphism, Corollary 2.5.3 says that g(X) = 0. Further, when ∼ 1 k is algebraically closed or we consider the k¯-points X(k¯), one has X = P . Notice that this gives another proof of L¨uroth’s theorem (0.2.2).

44 2.7 The Canonical Map 2 Curves

2.7 The Canonical Map

We saw in the last section that the theory of genus 0 curves for the most part reduces to 2 studying whether X has rational points and describing the embedding ϕ|KX | : K,→ P . What about higher genus curves?

Proposition 2.7.1. Let X be a nonsingular algebraic curve over k of genus g ≥ 1. If KX is the canonical divisor of X then the complete linear system |KX | is basepoint-free.

Proof. This follows from the Riemann-Roch theorem and Theorem 2.3.9, taking D = KX .

Thus |KX | determines a regular map into projective space.

g−1 Deﬁnition. The canonical map of a genus g ≥ 1 curve X is the map ϕ|KX | : X → P . Deﬁnition. A hyperelliptic curve is a smooth curve X together with a separable, degree 2 map X → P1. Example 2.7.2. When char k 6= 2, a hyperelliptic curve is of the form X = Z(y2 − f(x)) for a polynomial f ∈ k[x]. More generally, the minimal degree of a nonconstant morphism X → P1 is called the gonality of X. Thus, a hyperelliptic curve is a curve of gonality 2.

g−1 Proposition 2.7.3. If X is not hyperelliptic and g ≥ 2, the canonical map ϕ|KX | : X → P is an embedding.

Proposition 2.7.4. If X is a nonsingular algebraic curve of genus g and D ∈ Div(X), then

(1) If deg(D) ≥ 2g then |D| is basepoint-free.

(2) If deg(D) ≥ 2g + 1 then |D| is very ample.

5g−6 Corollary 2.7.5. If g ≥ 2 then ϕ|3KX | : X → P is an embedding.

Deﬁnition. The map ϕ|3KX | is called the tricanonical map of a curve X.

Theorem 2.7.6 (Faltings). If X is a curve of genus g ≥ 2 then #X(Q) is ﬁnite. We have for the most part dealt completely with the cases of curves of genus g = 0 and g ≥ 2, so the most interesting work remains to be done for curves of genus g = 1.

2.8 B´ezout’sTheorem

For this section let k be algebraically closed, ﬁx X ⊆ PN a projective curve and Y ⊆ PN a hypersurface deﬁned by Y = Z(F ) for some F ∈ k[X0,...,XN ]. Further suppose that X 6⊂ Y , i.e. that F 6∈ J(X). Then by counting codimensions, X ∩Y must be some dimension 0 variety in PN , i.e. X and Y intersect in some discrete set of points. We want to count these points, including some notion of multiplicity, in a rigorous way.

45 2.8 B´ezout’sTheorem 2 Curves

Definition. The intersection multiplicity of X and Y = Z(F ) at a point P ∈ X ∩ Y , denoted (X · F )P , is defined as follows. Let G ∈ k[X0,...,XN ] be any form of the same degree as F such that G(P ) 6= 0. Then F/G ∈ k(X) so the intersection multiplicity at P is defined: (X · F )P := ordP (F/G). Further, the intersection divisor of F on X is X divX (F ) = (X · F )P P, P ∈X∩Y P and its order (X · F ) := P ∈X∩Y (X · F )P is called the intersection number of X and Y .

Q P

If L is the linear form representing the line in the ﬁgure, then (X · L)P = 1, (X · L)Q = 2 and the intersection number is (X · L) = 1 + 2 = 3.

Proposition 2.8.1. If F1 ∈ k[X0,...,XN ] r J(X) is another form with deg F1 = deg F , then (X · F ) = (X · F1).

Proof. Set f = F/F1 ∈ k(X). Then divX (F ) ∼ divX (F1), so deg(divX (F )) = deg(divX (F1)), and thus the intersection number is well-deﬁned. Corollary 2.8.2. If deg F = m and L is any linear form such that L 6∈ J(X), then (X ·F ) = m(X · L). Proof. Since intersection multiplicity at a point is multiplicative, this formula is clear.

Lemma 2.8.3. For any form F 6∈ J(X) and any point P ∈ X ∩ Z(F ), (X · F )P = 1 if and only if F (P ) = 0 and TP X 6⊂ TP Z(F ). Stated another way, Lemma 2.8.3 says that the intersection multiplicity at P is 1 if and only if X and Z(F ) meet transversely.

Lemma 2.8.4. For any smooth curve X, there exists a linear form L such that (X ·L)P ≤ 1 for all P ∈ X ∩ Z(L). Deﬁnition. The degree of a projective curve X ⊆ PN is deﬁned to be

degPN X := max{#(X ∩ H): H is a hyperplane and X 6⊂ H}. N Corollary 2.8.5. Let X be a projective curve in P . Then degPN X = (X ·L) for any linear form L. N Theorem 2.8.6 (B´ezout). Let X ⊂ P be a projective curve and F ∈ k[X0,...,XN ] a form such that F 6∈ J(X). Then (X · F ) = (degPN X)(deg F ). 2 Example 2.8.7. If X ⊂ P is a planar curve given by a form G = 0, then degP2 X = deg G so we can count intersection multiplicities in the plane by: (X · F ) = (deg G)(deg F )

for any F ∈ k[X0,X1,X2] r J(X).

46 2.9 Rational Points of Conics 2 Curves

2.9 Rational Points of Conics

Given a plane conic C over a ﬁeld of characteristic char k 6= 2, say

C : ax2 + 2bxy + 2cx + dy2 + 2ey + f = 0

2 2 in Ak, we can homogenize to get a curve in Pk: C : F (X,Y,Z) = aX2 + 2bXY + 2cXZ + dY 2 + 2cY Z + fZ2 = 0.

Then F is a quadratic form on the vector space V = k3.

Deﬁnition. For a k-vector space V , a function q : V → k is a quadratic form if

(a) q(λv) = λ2v for all λ ∈ k and v ∈ V .

1 (b) The pairing bq(v, w) = 2 (q(v + w) − q(v) − q(w)) is symmetric and k-bilinear. ∼ ∗ A quadratic form q is said to be nondegenerate if bq induces an isomorphism V = V . Otherwise q is degenerate.

If F (X,Y,Z) is a quadratic form on V = k3, then there is a matrix

a b c MF = d e f g h i

t such that F (X,Y,Z) = (XYZ)MF (XYZ) . The determinant deg MF is called the discriminant of F .

Lemma 2.9.1. A quadratic form F (X,Y,Z) is nondegenerate if and only if deg MF 6= 0.

Since MF is symmetric when F is quadratic, we may transform it by some invertible t 3 matrix T ∈ GL3(k) to a diagonal form DF = T MF T . In these coordinates of k , we have

3 X 2 F = aiXi . i=1

Further, if k = Q, we may assume the ai ∈ Z are squarefree and relatively prime. Deﬁnition. A quadratic form F represented by a diagonal matrix M with squarefree, coprime integer entries is called a primitive quadratic form.

The crucial Hasse-Minkowski theorem says that a plane conic having a Q-rational point is equivalent to the conic having a rational point over every completion of Q.

Theorem 2.9.2 (Hasse-Minkowski). Let F ∈ Q[X0,...,Xn] be a primitive quadratic form and let X = Z(F ) ⊆ n . Then X( ) 6= if and only if X( ) 6= for all places v of . PQ Q ∅ Qv ∅ Q

47 2.9 Rational Points of Conics 2 Curves

This theorem is the classic example of Hasse’s “local-to-global principle”: points over the local ﬁelds Qv determine points over Q. Note that the Hasse-Minkowski theorem does not hold for general varieties X, nor for general ﬁelds k.

Example 2.9.3. For a conic X, X(R) 6= ∅ if and only if there is a change of sign among the coefficients ai in the form F defining X. This condition is easily checked as long as one can diagonalize MF . Thus to find rational points of a conic, we need only ask if there is an algorithm for checking whether X has points over each p-adic field Qp.

n n n n n Example 2.9.4. Let X = P . Then P (Q) = P (Z) and for any prime p, P (Qp) = P (Zp), n so it’s enough to look for integer solutions. If P = [α0, . . . , αn] ∈ P (Qp), then we can clear × denominators so that P = [β0, . . . , βn] for βi ∈ Zp and some βj ∈ Zp . The reduction mod p ¯ ¯ n of P is then given by Pe = [β0,..., βn] ∈ P (Fp). It turns out that quadratic forms always have points over ﬁnite ﬁelds. To prove this, we will need the following counting lemma.

P k1 kn Lemma 2.9.5. For a sum s = n α ··· α , where α = (α1, . . . , αn) and ki ∈ ≥0, if α∈Fq 1 n Z at least one ki is not a positive integer multiple of q − 1, then s = 0. Proof. Write n   X k1 kn Y X ki s = α1 ··· αn =  a  . n α∈Fq i=1 a∈Fq

If any k = 0 then P aki = P 1 = q ≡ 0 so we may assume all k 6= 0. Let φ be a i a∈Fq a∈Fq i × ki generator of the cyclic group Fq and write ψ = φ . If ki is not a positive multiple of q − 1, then ψ 6= 1. Now we have

q−2 X X X aki = aki = (φm)ki a∈ × m=0 Fq a∈Fq q−2 X 1 − ψq−1 1 − 1 = ψm = ≡ = 0. 1 − ψ 1 − ψ m=0 Therefore s = 0.

Theorem 2.9.6 (Chevalley-Warning). Let Fq be a ﬁnite ﬁeld of characteristic p and let Pr f0, . . . , fr ∈ Fq[X1,...,Xn] be polynomials satisfying n > j=1 deg fj. Set X = Z(f0, . . . , fr) ⊆ n . Then AFq

(a) #X(Fq) ≡ 0 (mod p).

(b) If (0,..., 0) ∈ X(Fq) is a point on the curve then #X(Fq) ≥ p.

48 2.9 Rational Points of Conics 2 Curves

Proof. Deﬁne the indicator function for X(Fq):

r Y q−1 P (X1,...,Xn) = (1 − fj(X1,...,Xn) ). j=1

Notice that P (α) = 1 if α ∈ X(Fq) and 0 otherwise. Then X #X(Fq) = P (α) mod p. α∈Fq Now we have r n X X deg P = deg fi(q − 1) < n(q − 1) i=1 i=1

k1 kn by hypothesis. So for each monomial term X1 ··· Xn in P (X1,...,Pn), k1 + ... + kn < n(q − 1), so at least one ki must be less than q − 1. Hence by Lemma 2.9.5, X #X(Fq) = P (α) = 0 mod p. n α∈Fq

This proves (a), and (b) follows trivially.

Corollary 2.9.7. Every quadratic form in at least three variables has a point over each ﬁnite ﬁeld.

The theory of Hasse-Minkowski extends more generally to number fields K/Q, with similar local-global principles at work. We next determine when solutions to quadratic equations F = 0 over finite fields lift to solutions in Zp, similar to Hensel’s Lemma. To do so, we introduce the notion of an integral model for a variety over Q. Definition. For a projective variety X ⊆ N , an integral model for X is a choice of PQ homogenous forms F1,...,Fm ∈ Z[X0,...,Xn] such that X = Z(F1,...,Fm). Denote these forms {F1,...,Fm} by X .

Note that we may assume the set of all coeﬃcients of an integral model X = {F1,...,Fm} is coprime.

Deﬁnition. Let X = {F1,...,Fm} be an integral model of X over Q. For a prime p, the reduction of X mod p is the variety

X = Z(F ,..., F ) ⊆ N , Fp 1 m PFp where F i = Fi mod p. We say XFp is geometrically reduced if the ideal (F 1,..., F m) is radical in Fp[X0,...,XN ].

Notice that XFp depends on the integral model X chosen for X.

49 2.9 Rational Points of Conics 2 Curves

Deﬁnition. We say an integral model X has good reduction mod p if XFp is geometrically reduced and nonsingular, and bad reduction mod p otherwise.

Lemma 2.9.8. An integral model X = {F1,...,Fm} has good reduction mod p if and only if Z[X0,...,XN ]/(F1,...,Fm) ⊗ Fp is a regular ring. Example 2.9.9. If X ⊆ 2 is a plane conic and X is an integral model of X over given PQ Q by a primitive quadratic form F ∈ Z[X0,X1,X2], then X has bad reduction at a prime p if and only if p divides the discriminant ∆(F ).

Corollary 2.9.10. A primitive quadratic form F ∈ Z[X0,X1,X2] has bad reduction at only ﬁnitely many primes.

The following is a stronger version of Hensel’s Lemma (Theorem 0.3.4) that we will need for lifting solutions of quadratic forms.

Theorem 2.9.11. Let (R, v) be a complete DVR, f ∈ R[x1, . . . , xN ] and suppose (a1, . . . , aN ) ∈ RN such that ∂f v(f(a1, . . . , aN )) > 2v (a1, . . . , aN ) ∂xi for some 1 ≤ i ≤ N. Then f has a root in RN .

Corollary 2.9.12. If X = Z(F ) is an integral model over Zp and P is a smooth point of X (Fp), then P lifts to a point of X (Zp). This leaves the question of lifting singular points.

Pn 2 Theorem 2.9.13. Let F = i=0 aiXi be a primitive quadratic form over Zp and set X = Z(F ) ⊆ 2 . Suppose β , . . . , β ∈ such that ord (β ) = 0 for some 0 ≤ j ≤ n, with PQp 0 n Zp p j ε+1 F (β0, . . . , βn) = 0 mod p , where ( 1, p 6= 2 ε = 3, p = 2.

n Then there exists a nontrivial root of F in Zp, that is, α = (α0, . . . , αn) ∈ Zp , with α` 6= 0 for some 0 ≤ ` ≤ n, and F (α0, . . . , αn) = 0.

× Proof. Since F is primitive, ai, βj ∈ Zp for some 0 ≤ i, j ≤ n. If i = j, then the point ¯ ¯ P = (β0,..., βn) is a smooth point of XFp . By Theorem 2.9.11, P lifts to a solution in × × Zp. On the other hand, assume without loss of generality that β0 ∈ Zp and a0 6∈ Zp . Then 0 0 × 2 2 0 2 ε+1 a0 = pa0 for some a0 ∈ Zp . Set c = a1β1 +...+anβn. Then pa0β +c ≡ 0 (mod p ) so p | c; 0 0 2 0 ε 0 × 0 ε write c = pc . Then pa0β0 + c ≡ 0 (mod p ). This implies c ∈ Zp – in fact, c ∈ 1 + p Op c0 × c0 c0 2 – so 0 ∈ p . In particular, − 0 is a square in p by Corollary 0.3.6. Write − 0 = θ for a0 Z a0 Z a0 θ ∈ Zp. Then α = (θ, β1, . . . , βn) is a solution to F (α) = 0 over Zp as required. We have proven the following theorem characterizing rational points of quadratic forms (conics) over Q.

50 2.9 Rational Points of Conics 2 Curves

Theorem 2.9.14. Let F be a nondegenerate, primitive quadratic form over Z and let X = Z(F ) be the corresponding conic over Q. Then X(Q) 6= ∅ if and only if

(1) There is a sign change in the coeﬃcients – i.e. X(R) 6= ∅.

(2) F = 0 has a primitive solution mod 16 – i.e. X(Q2) 6= ∅.

2 (3) F = 0 has a primitive solution mod p for all primes p > 2 – i.e. X(Qp) 6= ∅. In practice, one need only check (2) and (3) for primes at which X has bad reduction, and by Corollary 2.9.10 there are only ﬁnitely many of these.

51 3 Elliptic Curves

3 Elliptic Curves

If X is a nonsingular algebraic curve of genus g = 1, then the canonical divisor K = KX has degree 0 by Corollary 2.6.2, so there is no good canonical map of X into projective space. However, we have:

Proposition 3.0.1. Suppose X is a curve with g(X) = 1 and there exists a rational point 2 O ∈ X(k). Then the complete linear system |3O| gives an embedding ϕ|3O| : X → P . Proof. Set D = 3O. Then deg(D) = 3 so by the Riemann-Roch theorem, `(D) = 3. Choose a basis {1, α} for L(2O). Then since L(2O) ⊆ L(3O), this extends to a basis {1, α, β} of L(D). The map ϕ = ϕ|D| is given by ϕ : P 7→ [α(P ), β(P ), 1]. Notice that 1, α, β, α2, αβ, α3, β2 ∈ L(6O), but L(6O) = 6 so there is some linear relation

Aβ2 + Bαβ + Cβ = Dα3 + Eα2 + F α + G.

Since 1, α, β, α2, αβ all have diﬀerent orders at O, we must have A 6= 0 and D 6= 0. Replace α with ADα, β with AD3β and divide by A3D4 to obtain:

2 3 2 y + a1xy + a3y = x + a2x + a4x + a6.

2 ∼ This deﬁnes a curve E ⊂ P , and under the map ϕ, we get X = E. Deﬁnition. A curve of genus 1 with a choice of rational point O ∈ X(k) is called an elliptic curve over k. An equation

2 3 2 y + a1xy + a3y = x + a2x + a4x + a6

deﬁning X in P2 is called a Weierstrass equation of X. Choosing diﬀerent α0, β0 ∈ L(3O) gives an alternate Weierstrass equation:

0 2 0 0 0 0 0 0 3 0 0 2 0 0 0 (y ) + a1x y + a3y = (x ) + a3(x ) + a4x + a6.

0 0 Moreover, since Span{1, α} = Span{1, α } = L(2O), we must have α = u1α + r for some × 0 0 × u1 ∈ k and r ∈ k. Similarly, β = u2β + s2α + t for u2 ∈ k and s2, t ∈ k. Substituting these into the original Weierstrass equation in x, y gives the relation u2 = u3. Set u = u2 2 1 u1 s2 and s = u2 . Then the transformation of coordinates between the two Weierstrass equations has the form x = u2x0 + r, y = u3y0 + su2x0 + t. Since every elliptic curve has a Weierstrass equation, the above can be taken as the general form of an isomorphism between elliptic curves.

52 3.1 Weierstrass Equations 3 Elliptic Curves

3.1 Weierstrass Equations

2 3 2 Let y + a1xy + a3y = x + a2x + a4x + a6 be the Weierstrass equation of an elliptic curve E over k. If char k 6= 2, one can complete the square on the left side of the equation by 1 substituting y 7→ 2 (y − a1x − a3) to get a simpler expression 2 3 2 y = 4x + b2x + 2b4x + b6

x−3b2 y where b2, b4, b6 ∈ Z[ai]. Moreover, if char k 6= 3 as well, the substitution (x, y) 7→ 36 , 108 givves 2 3 y = x − 27c4x − 54c6

for c4, c6 ∈ Z[bi]. Typically we set A = −27c4 and B = −54c6 to get an equation y2 = x3 + Ax + B. Deﬁnition. An equation of the form y2 = x3 +Ax+B is called a short Weierstrass form for E. The transformations preserving a short Weierstrass form are of the form x = u2x0 and y = u3y0 for u ∈ k×.

3 0 3 4 0 6 0 c4 (c4) Under such a transformation, c4 = u c4 and c6 = u c6 so we immediately see that 2 = 0 2 . c6 (c6) Thus this ratio is an isomorphism invariant of E. Conversely, we may ask the question, ‘When does a Weierstrass equation define an elliptic curve over k?’ Definition. Let y2 = x3 + Ax + B be a short Weierstrass form. Then the number ∆ = −16(4A3 + 27B2) is called the discriminant of the Weierstrass equation. Note that if two Weierstrass forms describe the same curve, then their discriminants are related by ∆ = u12∆0 for some u ∈ k×. Proposition 3.1.1. The curve defined by a Weierstrass equation is nonsingular if and only if ∆ 6= 0. Proof. To study nonsingularity, we compute the Jacobian criteria for the curve X defined by y2 = x3 + Ax + B: The point at infinity is always a nonsingular point of such an equation. On an affine patch, X is defined by the vanishing of f(x, y) = y2 − x3 − Ax − B. Thus ∂f 2 ∂f ∂x = −3x − A and ∂y = 2y. 2 ∂f ∂f Then X is singular at P ∈ Ak if and only if f(P ) = ∂x (P ) = ∂y (P ) = 0, but these conditions are equivalent to ( −x3 − Ax − B = 0, −3x2 − A = 0. That is, X is singular at P if and only if the cubic −x3 − Ax − B and its derivative vanish, but this is governed by the discriminant of the cubic, D(−x3 − Ax − b) = −4A3 − 27B2. Thus f being nonsingular at P is equivalent to ∆ = 16D(−x3 − Ax − B) 6= 0.

53 3.1 Weierstrass Equations 3 Elliptic Curves

Proposition 3.1.2. A Weierstrass equation deﬁnes (1) A nonsingular curve if ∆ 6= 0;

(2) A nodal curve if ∆ = 0 and c4 6= 0;

(3) A cuspidal curve if ∆ = 0 and c4 = 0.

nodal cuspidal

2 3 Definition. The invariant differential of a Weierstrass equation y + a1xy + a3y = x + 2 dx a2x + a4x + a6 is the meromorphic differential ω = . 2y+a1x+a3 Proposition 3.1.3. The invariant differential ω of a Weierstrass equation for an elliptic curve E is regular and nonvanishing. In particular, deg(ω) = 0. Example 3.1.4. Let X be a curve over k of genus g = 1 and let D ∈ Div(X) be a divisor of minimal degree. In many cases this minimal degree determines important properties of the curve: If deg(D) = 1, D is linearly equivalent to a point O ∈ X(k) and therefore X is an elliptic curve defined over k. As we saw in Proposition 3.0.1, |3O| determines an embedding X,→ P2 as a Weierstrass equation. If deg(D) = 2, `(D) = 2 by Riemann-Roch (Corollary 2.6.3), so we get a map ϕ = 1 ϕ|D| : X → P . By the Riemann-Hurwitz formula (Theorem 2.5.2), ϕ is branched at exactly 4 points. It is known that such a curve is of the form Y 2Z = U(X,Z) for a quartic U. When one of the branch points is rational, dehomogenizing gives a Weierstrass equation y2 = u(x) where u is a cubic in x. 2 If deg(D) = 3, `(D) = 3 by Corollary 2.6.3, so ϕ = ϕ|D| is an embedding X,→ P . The image of X is defined by U(X,Y,Z) = 0 for some ternary cubic U. In this case, U(X,Y,Z) = 0 is a Weierstrass equation if and only if there is only one point at infinity, which in turn means D = 3P for some point P ∈ X(k). When deg(D) = 4, Riemann-Roch gives `(D) = 4 and the canonical map is an embedding ϕ : X,→ P3. In this case, the elements of L(2D)/L(D) are quadratic forms on P3. The space of all quadratic forms on P3 has dimension 6, while `(2D) = 8 by Riemann-Roch, so dim L(2D)/L(D) = 4. Thus there are two linearly independent quadratic forms on P3 that vanish on X, and in fact these forms define ϕ(X) as an algebraic subset of P3.

54 3.2 Moduli Spaces 3 Elliptic Curves

3.2 Moduli Spaces

Recall that if E1 and E2 are isomorphic elliptic curves deﬁned by Weierstrass equations

2 3 y = x − 27c4(Ej)x − 54c6(Ej), j = 1, 2,

3 c4(Ej ) then the ratio 2 is the same for j = 1, 2. c6(Ej ) Deﬁnition. The j-invariant of an elliptic curve deﬁned by the Weierstrass equation y2 = 3 x − 27c4x − 54c6 is the number c3 −1728(4A)3 j(E) = 4 = , ∆ ∆ where ∆ = 4A3 − 27B2.

Proposition 3.2.1. Let E1 and E2 be elliptic curves over k. If E1 is isomorphic to E2 then ¯ j(E1) = j(E2). Conversely, if E1 and E2 are defined over k then j(E1) = j(E2) implies E1 ¯ and E2 are isomorphic over k. Proof. The first statement follows from the definition of the j-invariant, together with the 3 c4 fact that the ratio 2 is an isomorphism invariant. On the other hand, let E1 and E2 be c6 defined by short Weierstrass equations

2 3 2 3 0 0 E1 : y = x + Ax + B and E2 : y = x + A x + B .

Then j(E1) = j(E2) implies (4A)3 (4A0)3 = =⇒ A3(B0)2 = (A0)3B2. 4A3 − 27B2 4(A0)3 − 27(B0)2

A 1/4 B 1/6 If AB 6= 0, i.e. j(E) 6= 0, 1728, then set u = = ∈ k¯. Then u is the A0 B0 2 transformation of P realizing the isomorphism E1 → E2. The cases j(E) = 0 and 1728 are similar. The j-invariant gives a map isomorphism classes of j −−−−→ 1(k¯). elliptic curves over k¯ A Moduli spaces allow us to understand when this mapping is a bijection. 1 ¯ 2 ¯ Proposition 3.2.2. Let j ∈ A (k) and let Ej be the curve in P (k) deﬁned by  y2 + xy = x3 − 36 x − 1 , j 6= 0, 1728  j−1728 j−1728 y2 + y = x3, j = 0 y2 = x3 + x, j = 1728.

Then Ej is an elliptic curve with j-invariant equal to j.

55 3.3 The Group Law 3 Elliptic Curves

Corollary 3.2.3. The j-invariant is a bijection between isomorphism classes of elliptic curves over k¯ and A1(k¯). This bijection does not hold in general with classes of elliptic curves over a non-algebraically closed field. However, Proposition 3.2.2 shows that j is a surjection in general; that is, it is possible to construct an elliptic curve of any prescribed j-invariant. Example 3.2.4. If E is given by the short Weierstrass form y2 = x3 + Ax + B, then for × × 2 2 3 any d ∈ k /(k ) , the twist Ed : dy = x + Ax + B is not isomorphic to E. Further, when j 6= 0, 1728 we will see that Aut(E) = Z/2Z. One can then construct these twists of E using cocycles in the Galois cohomology group H1(k, Aut(E)). Definition. Let C be a collection of objects in a category. If there is a space M such that the isomorphism classes of objects in C are in bijection with the points of M, then M is called a moduli space for C. n Example 3.2.5. The projective space Pk is a moduli space for the collection of lines through the origin in kn+1. Likewise, the Grassmannian Gr(k, n) is a moduli space for the k-dimensional subspaces of a vector space V . ¯ 1 ¯ Corollary 3.2.3 says that M1(k) = A (k) is a moduli space for the collection of elliptic curves E defined over the algebraic closure k¯. There are more complicated moduli spaces ¯ Mg(k) that parametrize the curves of genus g up to isomorphism, for g ≥ 2.

3.3 The Group Law

By studying the arc length of an ellipse and related shapes, giving rise to elliptic functions, mathematicians such as Abel, Jacobi and Weierstrass discovered that the points on an elliptic curve can be “added” in a certain way so as to define a group structure. Geometrically, this group structure may be realized as the so-called “chord-and-tangent method”. Let E be an elliptic curve over k, let O ∈ E(k) be the point at infinity and fix two points P,Q ∈ E(k). In the plane P2, there is a unique line containing P and Q; call it L. (If P = Q, then take L = TP E.) Then by Bézout’stheorem (2.8.6), E ∩ L = {P, Q, R} for some third point R ∈ E(k), which may not be distinct from P and Q if multiplicity is counted. Let L0 be the line through R and O and call its third point R0.

Q P

P + Q

56 3.3 The Group Law 3 Elliptic Curves

Deﬁnition. Addition of two points P,Q ∈ E(k) is deﬁned by P + Q = R0, where R0 is the unique point lying on the line through R and O. If R = O, we set R0 = O.

Proposition 3.3.1. Let E be an elliptic curve with O ∈ E(k). Then

(a) If L is a line in P2 such that E ∩ L = {P, Q, R}, then (P + Q) + R = O. (b) For all P ∈ E(k), P + O = P .

(d) For all P ∈ E(k), there exists a point −P ∈ E(k) satisfying P + (−P ) = O.

(e) For all P, Q, R ∈ E(k), (P + Q) + R = P + (Q + R).

Together, (b) – (e) say that chord-and-tangent addition of points defines an associative, commutative group law on E(k). The proofs of (a) – (d) are rather routine using the definition of this addition law, whereas verifying associativity is notoriously difficult. We will obtain all of these facts as a consequence of the relation between E(k) and Pic0(X) in Section 3.4.

Proposition 3.3.2. Suppose E is an elliptic curve given by Weierstrass equation

2 3 2 y + a1xy + a3y = x + a2x + a4x + a6.

Let P = (x, y) and Pi = (xi, yi), i = 1, 2, 3, be points in E(k) such that P1 + P2 = P3. Then

(a) −P = (x, −(y + a1x + a3).

(b) If x1 = x2 and y1 + y2 + a1x + a3 = 0, then P1 + P2 = O.

2 2 2 3x1 + 2a2x1 + a4 − a1y1 3x1 + 2a2x1 + a4 − a1y1 x3 = + a1 − a2 − 2x1 2y1 + a1x1 + a3 2y1 + a1x1 + a3 2 3 3x1 + 2a2x1 + a4 − a1y1 −x1 + a4x1 + 2a6 − a3y1 and y3 = − + a1 x3 − − a3. 2y1 + a1x1 + a3 2y1 + a1x1 + a3

(d) Otherwise, if x1 6= x2, then

2 y2 − y1 y2 − y1 x3 = + a1 − a2 − x1 − x2 x2 − x1 x2 − x1 y2 − y1 y1x2 − y2x1 and y3 = − + a1 x3 − − a3. x2 − x1 x2 − x1

57 3.4 The Jacobian 3 Elliptic Curves

3.4 The Jacobian

For a smooth algebraic curve X over k of genus g, the quotient Pic0(X) = Div0(X)/ PDiv(X) has the structure of a group. Remarkably, we can also give this object the structure of an algebraic variety in a way that is compatible with the group structure, such that its dimension as a variety is g.

Definition. An algebraic group over a field k is a variety G over k together with morphisms µ : G × G → G and i : G → G such that µ(a, b) = ab and i(a) = a−1 define a group structure on G, with identity element e ∈ G(k).

Remark. For any extension K ⊃ k, the variety G(K) is also an algebraic group. The terminology from Chapter 1 carries over to algebraic groups with appropriate modifications, e.g. an algebraic group is defined over k if it is defined over k as a variety and the multiplication and inversion morphisms are defined over k.

1 Example 3.4.1. For any ﬁeld k, the additive group Ga = Ak is an algebraic group under 1 addition µ(a, b) = a + b. The multiplicative group Gm = Ak r {0} is also an algebraic group under multiplication µ(a, b) = ab.

We will prove that the k-rational points on an elliptic curve form an algebraic group. One can show that these are essentially all of the dimension 1 algebraic groups:

Theorem 3.4.2. Any connected algebraic group of dimension 1 is isomorphic over k¯ to Ga, Gm or an elliptic curve E. Deﬁnition. An abelian variety is an irreducible, projective algebraic group.

Example 3.4.3. For any n ≥ 1, GLn(k) is an algebraic group deﬁned as a variety by the nonvanishing of the polynomial det(xij). Thus GLn(k) is an aﬃne – not a projective – variety.

Theorem 3.4.4. Every abelian variety is a commutative group.

An important construction in algebraic geometry is that of the Jacobian of a variety X, which is an abelian variety into which X embeds. A special case of this for curves is given by the following theorem, which we prove later in the section.

Theorem 3.4.5. Let X be a nonsingular algebraic curve of genus g which is geometrically connected. Then there exists an abelian variety J(X) defined over k of dimension g with ∼ 0 compatible group isomorphisms JK (X) = Pic (X/K) for any field extension K ⊃ k for ∼ 0 which X(K) 6= ∅. In particular, J(X) = Pic (X). Definition. The abelian variety J(X) is called the Jacobian of X.

When E is an elliptic curve, we will prove that J(E) ∼= E as curves. To do this, we ﬁrst construct a bijection Pic0(E) ↔ E(k) to get a group structure on E(k). We then show that this determines the structure of an abelian variety on E.

58 3.4 The Jacobian 3 Elliptic Curves

Lemma 3.4.6. Suppose X is a curve of genus g = 1. Then for any P,Q ∈ X(k), [P ] ∼ [Q] if and only if P = Q.

Proof. ( ⇒ = ) is trivial. For ( =⇒ ), write P = Q + (f) for some f ∈ k(X)×. Then f ∈ L(Q) but since `(Q) = 1 by Riemann-Roch and L(Q) contains the constants, f itself must be constant. Therefore 0 = (f) = P − Q so P = Q.

Lemma 3.4.7. Let E be an elliptic curve with ﬁxed point O ∈ E(k). For all D ∈ Div0(E), there exists a unique point P ∈ E such that D ∼ P − O. Moreover, the map

0 ξO := Div (E) −→ E(k) D 7−→ P

0 is surjective, and if D1,D2 ∈ Div (E), then ξO(D1) = ξO(D2) if and only if D1 ∼ D2. Proof. For D ∈ Div0(E), we have `(D + O) = 1 by Riemann-Roch, so take f ∈ L(D + O) with f 6= 0 and (f) + D + O ≥ 0. Since deg(f) = 0, (f) = (−D − O) + P for some point P ∈ E(k). Thus D ∼ P −O. To see that P is unique, suppose D ∼ P 0 −O for another point P ∈ E(k). Then P ∼ D − O ∼ P 0, or P ∼ P 0 by transitivity, so P = P 0 by Lemma 3.4.6. This deﬁnes the map ξO : D 7→ P on the divisors of degree 0. It is clear that ξO is surjective: if P ∈ E(k), D = P − O is a degree 0 divisor and ξO(P − O) = P . Finally, set ξO(D1) = P1 and ξO(D2) = P2. Then if D1 ∼ P1−O and D2 ∼ P2−O then D1−D2 ∼ P1−P2. So

ξO(D1) = ξO(D2) ⇐⇒ P1 = P2

⇐⇒ P1 − P2 ∼ O by Lemma 3.4.6

⇐⇒ D1 − D2 ∼ O

⇐⇒ D1 ∼ D2.

Theorem 3.4.8. There is a bijection Pic0(E) ∼= E(k) given by

Pic0(E) ←→ E(k) D 7−→ P where D ∼ P − O [P − O] 7−→ P.

0 Deﬁnition. The inverse of ξO is the map κ : E(k) → Pic (E),P 7→ [P − O], called the Abel-Jacobi map.

For points P,Q ∈ E(k), the Abel-Jacobi map deﬁnes an abelian group law by P + Q := 0 ξO(κ(P ) + κ(Q)), with κ(P ) + κ(Q) taking place in Pic (E). We now show that this group law matches the chord-and-tangent operation from Section 3.3.

Lemma 3.4.9. The chord-and-tangent and Abel-Jacobi operations on E(k) are the same.

59 3.4 The Jacobian 3 Elliptic Curves

Proof. Fix the points P, Q, R, R0 ∈ E(k) and lines L, L0 be as in Section 3.3. Then L is a f line given by some linear form f(X1,X2,X3) = αX1 + βX2 + γX3. Note that deﬁnes X3 f a rational function on E, and divE(f) = = P + Q + R − 3O – we can deduce that X3 f 0 ordO(f) = 3 since the divisor must have degree 0. On the other hand, L is given by X3 0 0 f 0 0 some other linear form f (X1,X2,X3), for which we have divE(f ) = = R+O+R −3O. X3 Subtracting these equations gives:

0 0 f R − P − Q + O = divE(f) − divE(f ) = f 0 ∼ 0. Adding and subtracting O, we get (R − O0) − ((P − O) + (Q − O)) ∼ O =⇒ κ(R0) − (κ(P ) + κ(Q)) = 0 in Pic0(E) =⇒ κ(R0) = κ(P ) + κ(Q). 0 Finally, since ξO is a bijection, ξO(κ(P ) + κ(Q)) = R = P + Q as required. Corollary 3.4.10. The chord-and-tangent law is an associative group law on E(k). Theorem 3.4.11. The operation µ :(P,Q) 7→ P + Q is a morphism on E(k). Proof. Suppose E is given by a short Weierstrass form y2 = x3 + Ax + B and ﬁx points P = (x1, y1),Q = (x2, y2) ∈ E(k). Then −P = (x1, −y1). The line L through P and Q is explicitly given by the linear form

y2 − y1 f : y − y1 = λ(x − x1) where λ = . x2 − x1 Substituting this into the the Weierstrass equation, we get 2 3 (y1 + λ(x − x1)) = x + Ax + B 3 2 2 2 2 2 =⇒ 0 = x − λ x + (2λy1 − A)x + (y1 − 2λy1x1 − 2λx1 + λ x1 − B).

This cubic equation has three solutions, two of which are known already: x1 and x2. Further, if P + Q + R = 0 for R = (x3, y3), then the trace of the cubic polynomial is given by 2 λ = x1 + x2 + x3 when P and Q are distinct. Therefore we get the following formula for R: 2 R = (x3, y3) = (λ − x1 − x2, λ(x3 − x1) + y1). (Compare this to the formulas in Proposition 3.3.2.) Similarly, for P = Q we get

2 2 2 3 ! 3x1 + A 3x1 + A −x1 + Ax1 + 2B R = (x3, y3) = − 2x1, − x3 − . 2y1 2y1 2y1 In both cases, the map (P,Q) 7→ −R = P + Q is given by rational functions on the affine patch of E(k) away from the point at ∞, and the argument at ∞ is similar. Corollary 3.4.12. E(k) is an abelian variety, and therefore so is the Jacobian J(E) Remark. In cryptography, it is vital to be able to compute nP quickly, say over a finite field Fq. To do this efficiently, one writes n as a binary sequence and employs a fast adding- and-doubling formula for the coordinates of a point. For example, 10P = 2(2(2P ) + P ) can be computed in a small number of steps. An alternative is to use different coordinates for an elliptic curve, such as the Jacobian-Edwards coordinates.

60 4 Rational Points on Elliptic Curves

4 Rational Points on Elliptic Curves

Let E be an elliptic curve deﬁned over a ﬁeld k with point O ∈ E(k). We saw in Chapter 3 that the rational points E(k) form an abelian group, and in fact an abelian variety over k. In this chapter we will describe the structure of this group.

Deﬁnition. The n-torsion points of E(k) form a subset

En(k) = {P ∈ E(k) | nP = O} of E(k). The torsion subgroup of E(k) is the union of all of these subgroups:

∞ [ Etors(k) = En(k). n=0

Lemma 4.0.1. For each n ≥ 0, En(k) is a subgroup of E(k). Proof. A consequence of Theorem 3.4.11 is that for any n, the map [n]: E → E,P 7→ nP is regular. Clearly the kernel of this map is En(k). We will prove:

Theorem 4.0.2. Let [n]: E → E be the multiplication by n map, P 7→ nP , suppose char k = 0. Then

(1) [n] is unramiﬁed at O.

2 (2) deg[n] = n and for every d | n, the set of d-torsion points of En(k) has size 2 #En(k)[d] = d . ∼ (3) En(k) = Z/nZ × Z/nZ.

Ultimately, our goal is to characterize Q-rational points of an elliptic curve. The classic result in this direction is the Mordell-Weil theorem:

Theorem 4.0.3 (Mordell-Weil). For any elliptic curve E, E(Q) is ﬁnitely generated.

r As a consequence, we can write E(Q) = Etors(Q) ⊕ Z where r is called the rank of E. Then Theorem 4.0.2 and its analogues in characteristic p give a characterization of the torsion part of E(k). It turns out that Etors(Q) can be eﬀectively computed from the Weierstrass equation for E. There are countless other interesting results about this group of rational points, such as Mazur’s suprising theorem:

Theorem 4.0.4 (Mazur). For any elliptic curve E, #Etors(Q) ≤ 16. Thus the mystery lies in the rank of E. There is a method for ﬁnding the generators of the free part of E(k), known as descent. To understand this here and in Chapter 5, we will study isogenies, height functions and the Selmer and Tate-Shafarevich groups.

61 4.1 Isogenies 4 Rational Points on Elliptic Curves

4.1 Isogenies

The class of elliptic curves E over k with speciﬁed point O ∈ E(k) form a category, and the morphisms in this category are called isogenies.

Deﬁnition. An isogeny between two elliptic curves (E1,O1) and (E2,O2) is a nonconstant morphism ϕ : E1 → E2 such that ϕ(O1) = O2. Example 4.1.1. For the purpose of studying the group E(k), an important isogeny is the multiplication map [n]: E → E,P 7→ nP . This is regular by Theorem 3.4.11.

Proposition 4.1.2. An isogeny is a morphism of algebraic groups.

Proof. The pushforward map ϕ∗ : Div(E1) → Div(E2) descends to the Picard group, induc- ing a commutative diagram ϕ 0 ∗ 0 Pic (E1) Pic (E2)

κ κ

E E 1 ϕ 2

Here, the vertical arrows are the Abel-Jacobi maps, which are isomorphisms by Theo- rem 3.4.8. Assuming ϕ(O1) = O2, the diagram shows ϕ(P + Q) = ϕ(P ) + ϕ(Q) so the group structure is preserved.

Remark. Let P ∈ E be a point on an elliptic curve and deﬁne a morphism τP : E → E

by Q 7→ Q + P . Then for any regular map α : E1 → E2, the composition τ−α(O1) ◦ α is an isogeny. That is, every regular map is an isogeny up to translation.

Deﬁnition. For two elliptic curves E1,E2 over k, deﬁne the k-morphisms

Homk(E1,E2) = {isogenies E1 → E2 deﬁned over k} ∪ {[0]}.

For any elliptic curve E over k, we also deﬁne the endomorphisms and automorphisms of E by: × Endk(E) = Homk(E,E) and Aut(E) = Endk(E) .

Lemma 4.1.3. Homk(E1,E2) is an abelian group under pointwise addition: (ϕ + ψ)(P ) = ϕ(P ) + ψ(P ). Further, Endk(E) is a ring under function composition. Proof. Obvious.

Proposition 4.1.4. (a) For any elliptic curve E, the multiplication map [m]: E → E is an isogeny for all nonzero m ∈ Z.

(b) Homk(E1,E2) is torsion-free.

62 4.1 Isogenies 4 Rational Points on Elliptic Curves

Proof. Silverman III.4.2. Remark. For any elliptic curve E, Proposition 4.1.4(c) implies that there is an embedding Z ,→ Endk(E) given by m 7→ [m]. When char k = 0, Endk(E) = Z for almost all elliptic curves, but in some exceptional cases Endk(E) is an order in an imaginary quadratic number ﬁeld. Such an elliptic curve is said to have complex multiplication (see Chapter 7).

2 3 Example 4.1.5. Consider the elliptic curve E : y = x − x. Then Z[i] ,→ Endk(E) by mapping i 7→ [i], where [i] is the isogeny (x, y) 7→ (−x, iy). We have seen that [m]: P 7→ mP are an important family of isogenies on an elliptic curve. We can come up with many more isogenies by recalling that morphisms of curves correspond bijectively to embeddings of function fields (Proposition 2.2.2). For an elliptic curve E, the field k(E) is sometimes referred to as the “field of elliptic functions” defined by E. This terminology has roots in the study of elliptic functions over Riemann surfaces, which was the original motivation for understanding elliptic curves. ∼ Example 4.1.6. If k = C, elliptic curves are canonically identified with complex tori E = C/Λ. Therefore if E1 = C/Λ1 and E2 = C/Λ2 are complex tori, then HomC(E1,E2) = {α ∈ C : αΛ1 ⊆ Λ2}. The field of elliptic functions C(E) is generated as a function field over C by special functions ℘(z) and ℘0(z), where ℘(z) is called the Weierstrass ℘-function. ¯ Theorem 4.1.7. Let ϕ : E1 → E2 be an isogeny over the algebraic closure k. Then

−1 (1) #ϕ (Q) = degs ϕ for all Q ∈ E2. Therefore eϕ(Q) = degi ϕ. (2) The map

∗ ker ϕ −→ Aut(k(E1)/ϕ k(E2)) ∗ P 7−→ τP is an isomorphism.

−1 0 Proof. (1) degs ϕ = #ϕ (Q) for all but ﬁnitely many Q ∈ E2. Fix such a Q and let Q ∈ E2 0 −1 −1 0 and R ∈ E1 such that ϕ(R) = Q − Q. Then τR : ϕ (Q) → ϕ (Q ) is a bijection, so all points in E2 have the same number of preimages. ∗ ∗ It is clear that τP induces an automorphism of k(E1) so we need only check it ﬁxes ϕ k(E2). For P ∈ ker ϕ, ϕ ◦ τP = ϕ since ϕ(P ) = O. Thus for f ∈ k(E2),

∗ ∗ ∗ ∗ τP (ϕ f) = (τP ◦ ϕ) f = ϕ f

∗ ∗ so ϕ k(E2) is ﬁxed. Also, it is clear that P 7→ τP is a group homomorphism by deﬁnition of the τP . From (1), we know that # ker ϕ = degs ϕ, but

∗ # Aut(k(E1)/ϕ k(E2)) ≤ degs ϕ.

∗ Thus it’s enough to show the map is injective. If τP is the identity ﬁeld automorphism, then ∗ τP ﬁxes k(E1), so f ◦τP = f for all f ∈ k(E1). In particular, f(P ) = f(O1) for all f ∈ k(E1), but by Corollary 1.3.5, this implies P = O1.

63 4.1 Isogenies 4 Rational Points on Elliptic Curves

If k is not algebraically closed, then each P ∈ ker ϕ may not be defined over k. However, ∼ ∗ if this condition is satisfied, we would still have ker ϕ = Aut(k(E1)/ϕ k(E2)). Remark. In the language of Grothendieck’s algebraic geometry, (1) says that “separable isogenies are étalecovers”, while (2) says that “separable isogenies are Galois covers”. Thus we see the connections between Galois theory, covering space theory and isogenies between elliptic curves begin to emerge.

Corollary 4.1.8. Suppose ϕ : E1 → E2 and ψ : E1 → E3 are isogenies, where ϕ is separable and ker ϕ ⊆ ker ψ. Then there is a unique isogeny λ making the following diagram commute: ϕ E1 E2

ψ λ

∗ Proof. Set G = Gal(k(E1)/ϕ k(E2)); we may use this notation since by hypothesis the field ∼ ∼ ∗ extension is Galois. Then G = ker ϕ ⊆ ψ = Aut(k(E1)/ψ k(E3)), so in particular G fixes ∗ ∗ ∗ ∗ ψ k(E3). Since k(E1)/ϕ k(E2) is Galois, we have inclusions of fields ψ k(E3) ⊆ ϕ k(E2) ⊆ k(E1), so by Proposition 2.2.2, we get a regular map λ : E2 → E3. (Finish: show λ is an isogeny and is unique.)

Proposition 4.1.9. Let Φ ⊂ E be a ﬁnite, Gk-invariant subgroup of E. Then there exists a unique choice of elliptic curve E0 and isogeny ϕ : E → E0 such that ker ϕ = Φ.

∗ Proof. (Sketch) There is an embedding Φ ,→ Aut(k(E)/k) given by P 7→ τP . This induces an action of Φ on k(E), so consider the subfield k(E)Φ ⊆ k(E). By Proposition 2.2.2, there is a curve E0/k with k(E0) = k(E)Φ and an isogeny ϕ : E → E0 corresponding to the field embedding k(E0) ,→ k(E). Using the Riemann-Hurwitz formula (Theorem 2.5.2), one now shows that ϕ is unramified and E0 is an elliptic curve. In particular, quotients of elliptic curves by kernels of isogenies again give elliptic curves.

Remark. Suppose E1 and E2 are elliptic curves in short Weierstrass form. Then for any isogeny ϕ : E1 → E2 over k, we can write u(x) s(x) ϕ(x, y) = , y for u, v, s, t ∈ k[x]. v(x) t(x)

In this case deg ϕ = max{deg u, deg v}, and ϕ is inseparable if and only if u = f(xp) and v = g(xp) for f, g ∈ k[x], where p = char k.

Diﬀerentials (Section 2.4) are useful for characterizing separability of isogenies.

Theorem 4.1.10. An isogeny ϕ : E1 → E2 is separable if and only if the induced map ∗ ϕ :ΩE2 → ΩE1 is nonzero.

64 4.2 The Dual Isogeny 4 Rational Points on Elliptic Curves

Recall that the invariant differential of an elliptic curve in Weierstrass form is the mero- dx morphic differential ω = ∈ ΩE. By Lemma 2.4.1, dim ΩE = 1 so ω is a 2y+a1x+a3 k(E) generator. The following proposition explains the name of the invariant differential.

∗ Proposition 4.1.11. For every point P ∈ E, τP ω = ω.

Theorem 4.1.12. If ϕ, ψ : E1 → E2 are isogenies and ω ∈ ΩE2 is the invariant diﬀerential ∗ ∗ ∗ on E2, then (ϕ + ψ) ω = ϕ ω + ψ ω.

Corollary 4.1.13. Let E be an elliptic curve, ω ∈ ΩE the invariant diﬀerential on E, and for m ∈ Z, let [m]: E → E be the multiplication by m map. Then [m]∗ω = mω. Therefore [m] is separable if and only if char k - m. Proof. The ﬁrst property is clear for m = 0, 1. Now induct on m, using Theorem 4.1.12 on [m + 1]∗ω = [m]∗ω + ω.

Corollary 4.1.14. If k = Fq is a ﬁnite ﬁeld, E is an elliptic curve over k and πq : E → E is the qth power Frobenius map, then the map [n] + [m]πq : E → E is separable if and only if q - n. Example 4.1.15. An important application is that the map [1] − π is always separable. Notice that [1] − π : E(Fq) → E(F q) has kernel E(Fq).

4.2 The Dual Isogeny

In this section we introduce the notion of a dual isogeny, which is vital for calculating degrees of isogenies.

Theorem 4.2.1 (Dual Isogeny). Let ϕ : E1 → E2 be an isogeny. Then there exists a unique isogeny ϕb : E2 → E1 satisfying ϕb ◦ ϕ = [deg ϕ] ∈ Endk(E1). Proof. For the construction, recall the Abel-Jacobi map and its inverse from Theorem 3.4.8:

0 0 κ : E2 −→ Div (E2) and ξO1 : Div (E1) −→ E1 X X P 7−→ P − O2 nQQ 7−→ [nQ]Q.

Then the dual isogeny may be deﬁned as the following composition:

∗ ξ κ 0 ϕ 0 O1 ϕb : E2 −→ Div (E2) −→ Div (E1) −−→ E1. (See Silverman for the rest of the details.)

Proposition 4.2.2. The dual isogeny satisﬁes the following properties:

(1) If ϕ : E1 → E2 is separable, then the dual isogeny ϕb is also separable. ψ ϕ (2) ϕ[◦ ψ = ψb ◦ ϕb for any isogenies E1 −→ E2 −→ E3.

65 4.2 The Dual Isogeny 4 Rational Points on Elliptic Curves

(3) ϕ\+ ψ = ϕb + ψb for any ϕ, ψ : E1 → E2. (4) For m ∈ Z and the isogeny [m]: E → E, [cm] = [m]. In particular, deg[m] = m2 when char k - m.

(5) deg ϕb = deg ϕ.

(6) ϕb = ϕ.

Proposition 4.2.3. For any pair of elliptic curves E1,E2, degree map deg : Hom(E1,E2) → Z is a positive deﬁnite quadratic form, meaning for all ϕ, ψ ∈ Hom(E1,E2), (1) deg(−ϕ) = deg(ϕ); (2) deg ϕ ≥ 0 and deg ϕ = 0 if and only if ϕ = 0. (3) The pairing hϕ, ψi = deg(ϕ + ψ) − deg ϕ − deg ψ is bilinear.

Deﬁnition. The trace of an endomorphism ψ ∈ Endk(E) is the endomorphism tr ψ = ψ+ψb.

Lemma 4.2.4. For any endomorphism ψ ∈ Endk(E), the trace is equal to tr ψ = 1 + [deg ψ] − [deg(1 − ψ)]. Proof. Using Proposition 4.2.3, we have

[deg(1 − ψ)] = (1\− ψ) ◦ (1 − ψ) = (1 − ψb) ◦ (1 − ψ) = 1 − ψ − ψb + ψb ◦ ψ = 1 − tr ψ + [deg ψ]. Rearranging gives the desired expression for tr ψ.

Deﬁnition. The characteristic polynomial of an endomorphism ψ ∈ Endk(E) is cψ(x) = x2 − (tr ψ)x + deg ψ. Remark. As with linear endomorphisms and the Cayley-Hamilton theorem in linear algebra, an endomorphism ψ : E → E satisﬁes its own characteristic polynomial:

cψ(ψ) = ψ ◦ ψ − (tr ψ) ◦ ψ + [deg ψ] = ψ ◦ ψ − (ψ + ψb) ◦ ψ + [deg ψ] = ψ ◦ ψ − ψ ◦ ψ − ψb ◦ ψ + [deg ψ] = 0.

Theorem 4.2.5 (Cauchy-Hasse)√ . For all endomorphisms ψ ∈ Endk(E) and r ∈ Q, cψ(r) ≥ 0. Therefore | tr ψ| ≤ 2 deg ψ. m Proof. Let r = n ∈ Q with m, n ∈ Z and n 6= 0. Then 2 2 2 n cψ(r) = m + mn(tr ψ) + n (deg ψ) = (m + nψ) ◦ (m + nψb) = (m + nψ) ◦ (m\+ nψ) = deg(m + nψ) ≥ 0.

2 Since n ≥ 0, we get cψ(r) ≥ 0. In particular, the discriminant of cψ(x) is nonpositive, but 2 disc(cψ) = (tr ψ) − 4 deg ψ ≥ 0 so this implies the second statement.

66 4.3 The Weil Conjectures 4 Rational Points on Elliptic Curves

Corollary 4.2.6 (Hasse Bound). Let E be an elliptic curve over a ﬁnite ﬁeld and π : Fq √q E → E the qth power Frobenius map. Then #E(Fq) = q+1−tr πq. Moreover, | tr πq| ≤ 2 q.

q q Proof. The map πq : E → E is given by (x, y) 7→ (x , y ) on the aﬃne piece of E. Then (x, y) ∈ E(Fq) if and only if πq(x, y) = (x, y). Thus

#E(Fq) = #{ﬁxed points of πq} = # ker(1 − πq)

= degs(1 − πq) by Example 4.1.15

= deg(1 − πq) since 1 − πq is separable by Corollary 4.1.14

= (1\− πq) ◦ (1 − πq) = (1 − πbq) ◦ (1 − πq) = 1 − (πq + πbq) + πbq ◦ πq = 1 − tr πq + deg πq = q + 1 − tr πq. √ The inequality | tr πq| ≤ 2 q now follows from the Cauchy-Hasse theorem.

Proposition 4.2.7. Let E be an elliptic curve over k and m ∈ Z. Then

(1) If char k - m then Em(k) = Z/mZ × Z/mZ.

e (2) If char k = p > 0, then for any e ≥ 1, either Epe (k) = 0 or Epe (k) = Z/p Z. Proof. (1) follows from (4) of Proposition 4.2.3. (2) For any e ≥ 1, let π : E → E be the pth power Frobenius map, which is inseparable by Corollary 4.1.14. Then

e #Epe (k) = degs[p ] by (1) of Theorem 4.1.7 e = degs((πb ◦ π) ) e e = degs(πb ◦ π ) e e = degs(πb ) degs(π ) e = degs(πb )

e e since π is inseparable. Now degs(πb ) = 1 when πb is inseparable and p when πb is separable, so the two cases follow.

Deﬁnition. An elliptic curve E over a ﬁeld k of characteristic p > 0 is called supersingular e if Epe (k) = 0 for any e ≥ 1. Otherwise if Epe (k) = Z/p Z for all e ≥ 1, E is said to be ordinary.

By the proof of Proposition 4.2.7, E is supersingular exactly when πb is inseparable, where π : E → E is the Frobenius map.

4.3 The Weil Conjectures

Suppose X is a smooth projective variety over a ﬁnite ﬁeld Fq.

67 4.3 The Weil Conjectures 4 Rational Points on Elliptic Curves

Deﬁnition. The zeta function of X over Fq is the formal power series ∞ ! X tr Z(X/ , t) = exp N Fq r r r=1

where Nr = #X(Fqr ) for each r ≥ 1. The zeta functions of curves have many parallels to Dedekind zeta functions of number ﬁelds in algebraic number theory. 1 r Example 4.3.1. For X = P , the projective line, we have Nr = q + 1 for every r. In particular, one can show that 1 Z( 1/ , t) = . P Fq (1 − t)(1 − qt)

In particular, Z(P1, t) is a rational function! The following statements were conjectured by Weil and proven in the 20th century by Weil (for curves), Artin, Grothendieck and Deligne.

Theorem 4.3.2 (Weil Conjectures). Let X be a smooth projective variety over Fq of dimension n. Then

(a) (Rationality) The zeta function Z(X/Fq; t) is rational. (b) (Functional Equation) There is an integer e = e(X), called the Euler characteristic of X, for which the zeta function satisﬁes

n ne/2 e Z(X/Fq, 1/q t) = ±q t Z(X/Fq, t).

p1(t)p3(t) ··· p2n−1(t) Z(X/Fq, t) = p0(t)p2(t) ··· p2n(t)

n Qbi with p0(t) = 1 − t, p2n(t) = 1 − q t and for each 0 ≤ i ≤ 2n, pi(t) = j=1(1 − αijt) 1/2 for αij ∈ C satisfying |αij| = q . r Recall that Nr is the number of fixed points of π , where π = πq : X → X is the qth power Frobenius map. In topology, one studies fixed points using Lefschetz’s fixed point theorem, which requires knowing the trace of maps on cohomology groups. In algebraic geometry, topological (singular) cohomology theory does not suffice to give such a description. However, Artin, Grothendieck and others were able to devise a cohomology theory called étalecohomology for which the following fixed point property holds: ∞ r X i r ∗ i i #{fixed points of π } = (−1) tr((π ) : H (X, Q`) → H (X, Q`)), i=0 i where H (X, Q`) is the `th étalecohomology group of X. As a sidenote, the étalecohomology i ∼ i groups satisfy H (X, Q`) ⊗ C = H (X(C); C), where the latter is the topological (singular) cohomology of X with coefficients in C.

68 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

−s Remark. Setting t = q , the zeta function of a variety X/Fq can be written −s ζX/FQ (s) := Z(X/Fq, q ).

Then the functional equation has a nice form: ζX/Fq (1 − s) = ζX/Fq (s), as with Dedekind

zeta functions. Also, the Riemann hypothesis says that ζX/Fq (s) = 0 for s ∈ C satisfying s √ 1 |q | = q, i.e. Re(s) = 2 .

Example 4.3.3. For an elliptic curve E/Fq, one can prove that (1 − αt)(1 − βt) 1 − tr π + qt2 Z(E/ , t) = = . Fq (1 − t)(1 − qt) (1 − t)(1 − qt)

2 1 1 Then by the Hasse bound (Corollary 4.2.6), (tr π) − 4q ≥ 0, so the roots t = α and β are complex conjugates. Thus |α| = |β|, but since αβ = q, we get |α| = q1/2. Thus the Riemann hypothesis holds for elliptic curves.

4.4 Elliptic Curves over Local Fields

Let K be a local field (e.g. K = Qp) with valuation ring R, valuation ideal m ⊂ R, residue field k = R/m and valuation v. Our goal is to understand when an elliptic curve has points over K. To do this, we introduce the notion of minimal models, imitating the use of integral models for conics over Q in Section 2.9. Definition. For an elliptic curve E over K, a model for E over R is a polynomial f = y2 − x3 − Ax − B, where A, B ∈ R, such that E(K) = Z(f). Given a Weierstrass equation for E over K, we may always change coordinates by A = u4A0 and B = u6B0 so that the Weierstrass equation becomes a model for E over R. Such a change in coordinates changes the discriminant of the Weierstrass equation by ∆ = u12∆0. Definition. A minimal model for E over R is a model such that v(∆) is minimal among the discriminants of all models for E over R. Example 4.4.1. When char k 6= 2, 3, a model is minimal if and only if v(∆) < 12, or equivalently, v(c4) < 4 where c4 is the coefficient in the long Weierstrass equation. There is a more sophisticated algorithm to determine minimal models, due to Tate, in the case char k = 2, 3. Suppose f = y2 − x3 − Ax − B is a minimal model for E over R. Denote the reduction of E over k = R/m by 2 3 2 Ee = Z(y − x − Ax − B) ⊆ Ak. Then Ee is a curve over k. Lemma 4.4.2. A minimal (long) Weierstrass equation is unique up to a change of coordinates of the form x = u2x0 + r y = u3y0 + u2sx0 + t for u ∈ R× and r, s, t ∈ R.

69 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

Corollary 4.4.3. The reduction Ee is unique up to a change of Weierstrass equation over k. In particular, the isomorphism class of Ee over k is well-defined. By clearing denominators, 2 2 2 PK (R) = PK (K), so one can write the reduction of a point P = [α0, α1, α2] ∈ PK (K) as 2 Pe = [¯α0, α¯1, α¯2] ∈ Pk, whereα ¯i = αi + m ∈ k = R/m. Definition. Let E be an elliptic curve over a local field K, with reduction Ee over k, and define the following sets:

Eens = {P ∈ Ee : P is nonsingular} E(0)(K) = {P ∈ E(K): Pe ∈ Eens(k)} E(1)(K) = {P ∈ E(K): Pe = Oe}.

Then Eens is called the nonsingular locus of the reduction; E(0)(K) the points of nonsingular reduction; and E(1)(K) the kernel of reduction. Notice that E(1)(K) ⊆ E(0)(K).

Proposition 4.4.4. Let E be an elliptic curve over a local ﬁeld K with reduction Ee. Then (a) Ee is a curve over k with at most one singular point.

(b) Eens is a connected algebraic group.

(d) If ∆e = 0 and Ae 6= 0, then Ee has a nodal singular point. Moreover, if y = a1x + β1 and y = a2x + β2 are the equations of the two tangent lines at the nodal point of Ee, then there is an isomorphism of algebraic groups

ns 1 Ee −→ Gm = Ak r {0} y − α x − β (x, y) 7−→ 1 1 . y − a2x − β2

(e) If ∆e = 0 and Ae = 0, then Ee has a cuspidal singular point. Moreover, if y = αx + β is the tangent line at this cusp (x0, y0), then there is an isomorphism of algebraic groups

ns 1 Ee −→ Ga = Ak x − x (x, y) 7−→ 0 . y − αx − β

Deﬁnition. The reduction scenarios in (c) – (e) are given names:

If ∆e 6= 0, E is said to have good reduction. Otherwise, E has bad reduction. If ∆e = 0 and Ae 6= 0, then E is said to have multiplicative reduction. If ∆e = 0 and Ae = 0, then E is said to have additive reduction.

70 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

Proposition 4.4.5. There is a short exact sequence of groups

0 → E(1)(K) → E(0)(K) → Eens(k) → 0.

This gives us the beginning of a ﬁltration of Eens(k). Lemma 4.4.6. Suppose P = [X,Y,Z] ∈ E(K). Then P ∈ E(0)(K) if and only if for some N ≥ 1, v(X) = 2N, v(Y ) = 0 and v(Z) = 3N.

Definition. For a point P = [X,Y,Z] ∈ E(K), the N satisfying Lemma 4.4.6 is called the level of P . We formally define the level of O to be ∞. For each N ≥ 1, define

E(N)(K) = {P ∈ E(0)(K): the level of P is N}.

Theorem 4.4.7. Let E be an elliptic curve over K. Then

(1) For each N ≥ 1, E(N)(K) is a subgroup of E(K).

(2) E(0)(K)/E(1)(K) ∼= Eens(k). (N) (N+1) ∼ (3) For each N ≥ 1, E (K)/E (K) = Ga(k). Proof. (1) easy. (2) in Silverman. 2N 3N (3) Assume K = Qp and put XN = p X,YN = Y and ZN = p Z for N ≥ 1. Then if E is given by the homogeneous form

E : Y 2Z = X3 + AXZ2 + BZ3 over K, then the curve EN deﬁned by

2 3 4N 2 6N 3 EN : YN ZN = XN + p AXN ZN + p BZN

2 3 is also a curve over K. Moreover, the reduction EeN is given by Y N ZN = XN which is a (N) (0) cuspidal curve, so EeN has additive reduction. Also observe that E (K) = EN (K) and (N+1) (1) E (K) = EN (K) for any N ≥ 1. Applying the short exact sequence from Proposi- tion 4.4.5 to these groups gives isomorphisms

(N) (N+1) (0) (1) ∼ ns ∼ E (K)/E (K) = EN (K)/EN (K) = Ee (k) = Ga(k) by Proposition 4.4.4(e). Hence each intermediate quotient is Ga(k) as claimed. This gives us important information about torsion points over local ﬁelds. We will lever- age this to embed certain torsion parts of E(K) into the reduction Ee(k). Corollary 4.4.8. Suppose the residue ﬁeld k has characteristic p > 0. If P ∈ E(1)(K) is a torsion point then its order is pr for some r ≥ 1.

71 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

Proof. Suppose nP = O for n ∈ Z. Write n = prm where p - m. Set Q = prP so that mQ = nP = O. Suppose Q 6= O. Then Q ∈ E(N)(K) but Q 6∈ E(N+1)(K) for some N ≥ 1, (N) (1) since the E (K) are a filtration of E (K). With k = Fq a finite field of characteristic p, (3) of Theorem 4.4.7 gives

(N) (N+1) ∼ E (K)/E (K) = Ga(k) = Fq which means pQ ∈ E(N+1)(K). Thus mQ, pQ ∈ E(N+1)(K), but p and m are relatively prime, so it follows that Q ∈ E(N+1)(K), a contradiction. Hence prP = Q = O.

Theorem 4.4.9. Suppose K = Qp and p - m. Then (1) E(1)(K)[m] = 0.

(2) If E has good reduction then there is an embedding E(K)[m] ,→ Ee(k). Proof. (1) follows directly from Corollary 4.4.8. (2) Consider the exact sequence from Proposition 4.4.5:

0 → E(1)(K) → E(0)(K) → Ee(k) → 0.

Then by (1), E(1)(K) has no m-torsion and by good reduction, E(0)(K) = E(K). Therefore E(K)[m] → Ee(k) is an injection. Theorem 4.4.10. Assume E has a minimal model in short Weierstrass form. Then E(1)(K) is torsion-free.

For K = Qp, this says that all torsion points in E(Qp) have coordinates in Zp. For any point P ∈ E(K), deﬁne the element ( x ,P = (x, y) u(P ) = y 0,P = O.

Then |u(P )| = p−N where N is the level of P . To prove Theorem 4.4.10, we need two lemmas.

(1) Lemma 4.4.11. Take P1,P2 ∈ E (K) and suppose none of P1,P2,P1 + P2 are O. Then

5 5 |u(P1 + P2) − u(P1) − u(P2)| ≤ max{|u(P1)| , |u(P2)| }.

Proof. Without loss of generality we may assume |u(P1)| ≥ |u(P2)|. Let N be the level of 2N 3N P1, and set XN = p X,YN = Y and ZN = p Z, deﬁning the curve EN as in the proof of Theorem 4.4.7. Then EN has additive reduction with singular point (0, 0). Further, since (1) (0) P1,P2 ∈ E (K) ⊆ E (K), neither of these reduces to the singular point. Now the line between Pe1 and Pe2 does not pass through (0, 0), so before reduction, the line between P1 and P2 has the form

ZN = `XN + mYN for l, m ∈ Z, |`| ≤ 1, |m| ≤ 1.

72 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

The third point of intersection between this line and EN is calculated by:

3 4N 2 6N 3 0 = −YN (`XN + mYN ) + XN + p AXN (`XN + mYN ) + p B(`XN + mYN ) 3 2 2 3 = c3XN + c2XN YN + c1XN YN + c0YN . (∗)

Rearranging, we get the following relations:

4N 3 6N 3 c3 = 1 + p A` + p B` (1) 4N 6N 2 c2 = 2p A`m + 3p Bm` . (2)

−4N Then (1) implies |c3| = 1, while (2) implies |c2| ≤ p . On the other hand, dehomogenizing −N −N −N (∗), we ﬁnd that the roots of the equation are p u(P1), p u(P2) and p u(P1 + P2). The sum of the roots must be −c2 , so combining all of this information gives us c3

5 5 |u(P1 + P2) − u(P1) − u(P2)| ≤ max{|u(P1)| , |u(P2)| }.

(1) Lemma 4.4.12. For all P ∈ E (Qp) and m ∈ Z, |u([m]P )| = |m| |u(P )|. Proof. This is trivial when m = 0. For m > 0, Lemma 4.4.11 implies |u(mP ) − mu(P )| ≤ |u(P )|5. When p - m, |u(mP )| = p−N and |mu(P )| = p−L for some N ≥ L > 1. If L 6= N, then |u(mP ) − mu(P )| = p−L > |u(P )|5 by the ultrametric inequality, but this contradicts Lemma 4.4.11. Thus L = N, so |u(mP )| = |m| |u(P )|. A similar proof works for the case p = m. Finally, if p | m, the equality is veriﬁed by induction on the power of p dividing m. We now give the proof of Theorem 4.4.10.

(1) Proof. If P ∈ E (Qp) is a nontrivial torsion point, then [m]P = O for some m ∈ Z. However, by Lemma 4.4.12, 0 = |u(O)| = |u([m]P )| = |m| |u(P )|= 6 0, a contradiction. (1) Hence E (Qp) has no nontrivial torsion. Remark. If E is not in short Weierstrass form, e.g. if p = 2, the theorem may be false. (2) However, in that case the same proof shows that E (Qp) is torsion-free. Corollary 4.4.13. If E is an elliptic curve with good reduction over K, then there is an embedding Etors(K) ,→ Ee(k). Proof. By Proposition 4.4.5, there is a short exact sequence

0 → E(1)(K) → E(0)(K) → Eens(k) → 0.

Then E(1)(K) is torsion-free by Theorem 4.4.10, and by hypothesis Eens(k) = Ee(k) and (0) therefore E (K) = E(K). Hence Etors(K) ,→ Ee(k) is an embedding.

Corollary 4.4.14. If E is an elliptic curve with good reduction over K, then Etors(K) is a ﬁnite group.

73 4.4 Elliptic Curves over Local Fields 4 Rational Points on Elliptic Curves

Suppose E is an elliptic curve over Q with good reduction mod p. Then there are embeddings Etors(Q) ,→ Etors(Qp) ,→ Ee(Fp). This proves:

Corollary 4.4.15. For any elliptic curve E/Q, Etors(Q) is ﬁnite. Example 4.4.16. Consider the elliptic curve

E : y2 + y = x3 − x + 1.

Then ∆E = −611 = −13·47 so E has good reduction mod 2. One can see that Ee(F2) = {O}, so it follows that E(Q) is torsion-free. Example 4.4.17. Consider the elliptic curve

E : y2 = x3 + 3.

4 5 Here ∆E = −3888 = −2 ·3 , so E has good reduction mod p for all primes p ≥ 5. Using the methods described, one can check that #Ee(F5) = 6, while #Ee(F7) = 13, so it follows that E(Q) has no torsion. Notice that (1, 2) ∈ E(Q) is a rational point. Then (1, 2) has inﬁnite order, a completely nontrivial fact.

Example 4.4.18. Let E be the elliptic curve given by

E : y2 = x3 + x.

Then its discriminant is ∆E = −64. One checks that (0, 0) is a point of order 2 in E(Q), and that #Ee(F3) = 4, #Ee(F5) = 4 and #Ee(F7) = 8. So the trick in the previous two examples will not work here. However, one can further show that ∼ Ee(F3) = {O, (0, 0), (2, 1), (2, 2)} = Z/4Z, ∼ while Ee(F5) = {O, (0, 0), (2, 0), (3, 0)} = Z/2Z × Z/2Z.

So Etors(Q) can only consist of {O, (0, 0)}. Theorem 4.4.19. Let (K,R) be an arbitrary local ﬁeld whose residue ﬁeld k has characteristic p > 0. Consider an elliptic curve E over K and a point P = (x, y) ∈ E(K). Then

(1) If P ∈ E(K)[m] for p - m, then x, y ∈ R. v(p) (2) If P ∈ E(K)[pn] for n ≥ 1, then π2rx, π3ry ∈ R where r = . pn−1(p − 1) Theorem 4.4.20 (Lutz-Nagell). Let E : y2 = x3 + Ax + B be an elliptic curve with integral coeﬃcients and take P = (x, y) ∈ Etors(Q). Then x, y ∈ Z, and either y = 0, in which case 2P = O, or y2 | 4A3 + 27B2.

74 4.5 Jacobians of Hyperelliptic Curves 4 Rational Points on Elliptic Curves

Proof. For any prime p at which E has good reduction, there is an embedding Etors(Q) ,→ Etors(Qp), but we know by Theorem 4.4.10 that x, y ∈ Zp. Since Zp ∩ Q = Z, it follows that x, y ∈ Z. Next, it is clear that [2]P = O if and only if y = 0, so suppose [2]P = (x2, y2). Since P is torsion, [2]P is also torsion, so x2, y2 ∈ Z by the ﬁrst paragraph. From the addition formula (Proposition 3.3.2), we see that

3x2 + A2 x = + 2x, 2 2y

2 2 2 but since x2, 2x ∈ Z, we must have y | (3x + A) . On the other hand, (3x2 + 4A)(3x2 + A)2 ≡ 4A3 + 27B2 (mod x3 + Ax + B)

and y2 = x3 + Ax + B, so we see that 4A3 + 27B2 ≡ 0 mod y2. This proves the result.

Theorem 4.4.21. A point P ∈ E(Q) is non-torsion if and only if there exists some n ∈ Z such that [n]P has non-integral coordinates.

This statement is proven by Siegel’s result that an elliptic curve over Q has at most ﬁnitely many integral points.

4.5 Jacobians of Hyperelliptic Curves

Take a curve C of genus 1, perhaps with no k-rational points. That is, C is a hyperelliptic curve. Then E = J(C) is an elliptic curve and there is an isomorphism C 99K E deﬁned over k¯; that is, E is a twist of C (see Section 5.3). Taking a divisor D ∈ Div(C) of degree deg(D) = n, we get a map

αD : C −→ E = J(C) P 7−→ [n]P − D.

This endows C with the structure of an [n]-cover of E (again, see Section 5.3). For example, 1 a divisor D ∈ Div(C) of degree n = 2 determines a map ϕD : C → P whose image is a variety given by the equation Y 2Z2 = U(X,Z), where U is a quartic in X,Z. There is an SL2(k) action on the set of all quartic forms:

α β · U(X,Z) = U(αX + βZ, γX + δZ). γ δ

In particular, SL2(k) acts on k[a1, . . . , a5], and it turns out that the invariant subring is of SL2(k) ∼ the form k[a1, . . . , a5] = k[I,J] for two invariant generators I,J. If V is the space of all quartic forms, these deﬁne maps I,J : V → k which are equivariant:

g g g g I(U ) = I(U) and J(U ) = J(U) for all g ∈ SL2(k).

This shows that V is a 5-dimensional representation of SL2(k).

75 4.5 Jacobians of Hyperelliptic Curves 4 Rational Points on Elliptic Curves

There are particular forms g(X,Z) and h(X,Z) such that the SL2(k)-covariance of V is given by Cov(V ) ∼= k[U, I, J, g, h]/(h2 − (4g3 − Igu2 − JU 3)). Further, one can show that the embedding C,→ E = J(C) is given by

g(X,Z) h(X,Z) [X,Y,Z] 7→ , . Y 2Z2 Y 3Z3

Under this embedding, E is an elliptic curve given by the Weierstrass form

E : y2 = 4x3 − Ix − J,

J 2 with j-invariant j(E) = . I3

76 5 The Mordell-Weil Theorem

5 The Mordell-Weil Theorem

Now that we understand Etors(Q), our goal is to prove Mordell’s theorem that E(Q) is ﬁnitely generated. Our strategy is as follows, and will take the entirety of Chapter 5 to describe.

(1) (Weak Mordell-Weil Theorem) Show that E(Q)/mE(Q) is ﬁnitely generated for m > 1. This is achieved by constructing a certain short exact sequence

(m) 0 → E(Q)/mE(Q) → Sel (E/Q) → X(E/Q)[m] → 0,

(m) where Sel (E/Q) is a ﬁnite group called the Selmer group and X(E/Q) is the Tate- Shafarevich group. ˆ (2) Use height functions to construct a function h : E(Q) → R≥0 which satisﬁes

(i) For all B > 0, the set {P ∈ E(Q): hˆ(P ) < B} is ﬁnite. (ii) hˆ([m]P ) = m2hˆ(P ) for all m ∈ Z. (iii) hˆ is a quadratic form, and thus there is a pairing

1 ˆ ˆ ˆ hP,Qi = 2 (h(P + Q) − h(P ) − h(Q)) which is symmetric and bilinear.

(3) Combining the weak Mordell-Weil theorem and height functions gives a proof that E(Q) is ﬁnitely generated.

5.1 Some Galois Cohomology

To introduce the Selmer and Tate-Shafarevich groups, we first need to review some basic results in Galois cohomology. Let G be a profinite group, i.e. an inverse limit G = lim Gi ←− of some inverse system {Gi} of finite groups. For example, the p-adic integers are profinite n group: p = lim /p (see Section 0.3). The primary example we will be interested in is Z ←− Z Z the absolute Galois group of a field k, defined as ¯ Gk = Gal(k/k) := lim Gal(L/k) ←− where the inverse limit is over all finite extensions L/k. Let A be an abelian group with the discrete topology and suppose G acts on A continuously. Specifically, for each σ ∈ G there is a map A → A, a 7→ aσ, which satisfies

(i) a1 = a for all a ∈ A.

(ii)( a + b)σ = aσ + bσ for all a, b ∈ A.

(iii) If σ, τ ∈ G then (aσ)τ = aστ .

77 5.1 Some Galois Cohomology 5 The Mordell-Weil Theorem

σ (iv) For each a ∈ A, StabG(a) = {σ ∈ G : a = a} is a subgroup of ﬁnite index in G. Notice that (i) – (iii) are the axioms for a right group action of G on A, while (iv) says that the action is continuous.

Deﬁnition. For a continuous action of G on A, the set of G-invariants of A is

AG := {a ∈ A : aσ = a for all σ ∈ G}.

Example 5.1.1. The key situation for our purposes is when G = Gk is the absolute Galois group of a field k and A = E(k¯) is the points of an elliptic curve over the algebraic closure, with the continuous action described in Section 1.1 (for any variety). In particular, for any ¯ ¯ P ∈ E(k), StabG(P ) = Gal(k/k(P )) is a finite index subgroup, where k(P ) is the field of definition of P . In this situation, the fixed points of the Galois action are just the k-rational points of E: E(k¯)G = E(k).

In general, the assignment A 7→ AG is a functor from the category of G-modules to the category of abelian groups, called the invariant functor.

Lemma 5.1.2. A 7→ AG is a left exact functor, meaning for every short exact sequence of G-modules 0 → A → B → C → 0, there is an exact sequence 0 → AG → BG → CG.

[m] Example 5.1.3. Consider the short exact sequence 0 → E[m] → E −−→ E → 0. Then G applying the invariant functor (−) , where G = Gk, fails to preserve exactness on the right. Deﬁnition. The ith group cohomology of G with coeﬃcients in a G-module A is the ith right derived functor of the invariant functor:

Hi(G, A) := Ri(−)G(A).

Theorem 5.1.4. Let G be a proﬁnite group. Then

(1) H0(G, A) = AG for any G-module A.

(2) For any short exact sequence of G-modules 0 → A0 → A → A00 → 0, there is a long exact sequence in cohomology

0 → H0(G, A0) → H0(G, A) → H0(G, A00) → H1(G, A0) → H1(G, A) → H1(G, A00) → · · ·

which is functorial in each of A0, A, A00. ¯ Deﬁnition. When G = Gk = Gal(k/k), the group cohomology functors are called Galois cohomology, written Hi(k, A) := Hi(Gal(k/k¯ ),A).

Example 5.1.5. If a proﬁnite group G acts trivially on A, then H0(G, A) = A and 1 H (G, A) = Homcts(G, A), the group of continuous homomorphisms G → A.

78 5.1 Some Galois Cohomology 5 The Mordell-Weil Theorem

Group cohomology can also be constructed as the homology of a certain cochain complex:

Hi(G, A) = Zi(G, A)/Bi(G, A), where Zi(G, A) are the i-cocycles, or maps G×· · ·×G → A satisfying a certain combinatorial τ condition (e.g. for ξ : G → A, the cocycle condition is that ξστ = (ξσ) +ξτ for any σ, τ ∈ G), and Bi(G, A) are the i-coboundaries, i.e. the cocycles of the form ξ : σ 7→ aσ − a for some a ∈ A. For a closed subgroup H ≤ G, any G-module A is also an H-module by restricting the G-action to H. This determines a map called restriction:

Res : Hi(G, A) −→ Hi(H,A).

On 0th cohomology, this is just given by AG ,→ AH . On the other hand, for a normal, finite-index subgroup H ≤ G, the quotient G/H is a finite group and AH has the structure of a G/H-module. This allows one to define an induced map called inflation:

Inf : Hi(G/H, AH ) −→ Hi(G, A).

Theorem 5.1.6 (Inflation-Restriction Sequence). For a profinite group G, a normal finite- index subgroup H and a G-module A, there is an exact sequence

0 → H1(G/H, AH ) −→Inf H1(G, A) −−→Res H1(H,A).

Example 5.1.7. If K is a number ﬁeld, v is a place on K and Kv is the completion of K at v, then the Galois group Gv := Gal(Kv/Kv) is a subgroup of G = Gal(K/K). In this case, there is a local restriction sequence at v:

1 Res 1 1 Resv : H (K,A) −−→ H (Kv,A) → H (Kv,A(Kv)).

(for any Galois module A).

1 1 Proposition 5.1.8. For any ﬁeld K, H (K, Ga) = 0 and H (K, Gm) = 1. Further, if 1 ∼ × × m char K = 0 or char K - m, then there is an isomorphism H (K, µm) = K /(K ) , where µm is the group of mth roots of unity lying in K. Proof. The ﬁrst statement is Hilbert’s Theorem 90. For the second statement, consider the short exact sequence [m] 1 → µm → Gm −−→ Gm → 0. Applying Galois cohomology gives a sequence

× m × 1 1 1 → µm(K) → K −→ K → H (K, µm) → H (K, Gm) = 0. Taking the quotient gives the result.

79 5.2 Selmer and Tate-Shafarevich Groups 5 The Mordell-Weil Theorem

5.2 Selmer and Tate-Shafarevich Groups

In this section we introduce the Selmer and Tate-Shafarevich groups of an isogeny between elliptic curves. Let ϕ : A → B be such an isogeny over a ﬁeld K. Set A[ϕ] = ker ϕ, we have a short exact sequence in the category of elliptic curves:

ϕ 0 → A[ϕ] → A −→ B → 0.

Applying Galois cohomology gives a long exact sequence

ϕ ϕ 0 → A[ϕ](K) → A(K) −→ B(K) −→δ H1(K,A[ϕ]) → H1(K,A) −→ H1(K,B) → · · ·

We isolate part of this sequence as a short exact sequence:

0 → B(K)/ϕA(K) −→δ H1(K,A[ϕ]) → H1(K,A)[ϕ] → 0.

We will construct the Selmer group as a subgroup of H1(K,A[ϕ]), avoiding the obstacles of working with the inﬁnite group H1(K,A[ϕ]). Notice that when A = B = E and ϕ = [m], the ﬁrst term in this sequence is E(K)/mE(K), sometimes called the weak Mordell-Weil group. If P ∈ B(K), choose Q ∈ A(K) with ϕ(Q) = P . Then the image of P under δ : 1 σ B(K)/ϕA(K) → H (K,A[ϕ]) is the cocycle ξ = δ(P ): σ 7→ ξσ = Q − Q. Example 5.2.1. In the case A = B = E, suppose ϕ = [m] where E[m] ⊆ E(K). Then by Proposition 4.2.7 and Proposition 5.1.8,

1 ∼ × × m × × m H (K,E[m]) = Homcts(GK ,E[m]) = Homcts(GK , Z/mZ×Z/mZ) = K /(K ) ×K /(K ) . Lemma 5.2.2. Let K be a number ﬁeld and v a place of K. Then for any isogeny of elliptic curves ϕ : A → B over K, there is a commutative diagram

0 B(K)/ϕA(K) H1(K,A[ϕ]) H1(K,A)[ϕ] 0

Resv

1 1 0 B(Kv)/ϕA(Kv) H (Kv,A[ϕ]) H (Kv,A)[ϕ] 0

Since we have such a diagram for every place of K, we can take the product over all places of K to obtain a commutative diagram

δ 0 B(K)/ϕA(K) H1(K,A[ϕ]) H1(K,A)[ϕ] 0 α

Y Y 1 Y 1 0 B(Kv)/ϕA(Kv) H (Kv,A[ϕ]) H (Kv,A)[ϕ] 0 v v v

80 5.2 Selmer and Tate-Shafarevich Groups 5 The Mordell-Weil Theorem

Here the vertical arrow in the middle is given by a product of local restrictions: ξ 7→ (ξv)v. Let ξ ∈ δ(B(K)). Then ξv must lie in δ(B(Kv)) for each place v. This puts a condition on the cocycles in the image of δ; deﬁne

1 Lv := {ξ ∈ H (K,A[ϕ]) : ξv ∈ δ(B(Kv))}

1 T 1 and set HL(K,A[ϕ]) = v Lv. Then we see that δ(B(Kv)) ⊆ HL(K,A[α]). Deﬁnition. The Selmer group of ϕ : A → B is the group

(ϕ) 1 Sel (A/K) := HL(K,A[ϕ]) = ker α,

1 Q 1 where α : H (K,A[α]) → v H (Kv,A)[ϕ] is the product of the local restriction maps. The key observation is that im δ ⊆ Sel(ϕ)(A/K), so in order to prove the weak Mordell- Weil theorem, it will be enough to show that the Selmer group is ﬁnite. The cokernel of the map δ : B(K)/ϕA(K) → Sel(ϕ)(A/K) has an important role as well. Deﬁnition. The Tate-Shafarevich group of ϕ : A → B is the group ! 1 Y 1 X(A/K) := ker Res : H (K,A) → H (Kv,A) . v Proposition 5.2.3. For any isogeny ϕ : A → B, there is a short exact sequence

0 → B(K)/ϕA(K) → Sel(ϕ)(A/K) → X(A/K)[ϕ] → 0.

Proof. Consider the diagram

B(K)/ϕA(K) Sel(ϕ)(A/K) X(A/K)[ϕ]

0 B(K)/ϕA(K) H1(K,A[ϕ]) H1(K,A)[ϕ] 0 α

Y 1 ∼= Y 1 0 0 H (Kv,A)[ϕ] H (Kv,A) 0 v v

Applying the Snake Lemma gives the desired short exact sequence.

ur Fix a place v of K and let Kv be the maximal unramiﬁed extension of the completion ur Kv, so that Gal(Kv/Kv ) = Iv, the inertia group of Kv. Set Gv = Gal(Kv/Kv). For any Gv-module A, we have a map

1 Resv 1 ur ∼ 1 H (Kv,A) −−→ H (Kv ,A) = H (Iv,A).

1 1 Denote by Hur(Kv,A) the kernel of this map. Elements of Hur(Kv,A) are called unramiﬁed 1 1 cocycles; for an element ξ ∈ H (K,A), we say ξ is unramiﬁed at v if ξv ∈ Hur(Kv,A).

81 5.2 Selmer and Tate-Shafarevich Groups 5 The Mordell-Weil Theorem

Definition. For a finite set of places S on K, we define

1 1 HS(K,A) = {ξ ∈ H (K,A) | ξ is unramiﬁed at all places v 6∈ S}.

Proposition 5.2.4. Let K be a number field, A an elliptic curve over K and ϕ : A → B an isogeny defined over K. Let S the finite set consisting of all archimedean places of K, places at which A has bad reduction and places dividing m = deg ϕ. Then Sel(ϕ)(A/K) is a 1 subset of HS(K,A[ϕ]). Proof. Let ξ ∈ Sel(ϕ)(A/K) and fix a place v 6∈ S. By definition of the Selmer group, 1 ξv = 1 in H (Kv,A)[ϕ], so by the exact sequence in Lemma 5.2.2, ξv = δ(P ) for some σ point P ∈ B(Kv). Explicitly, δ(P ) = ξ, where ξ : σ 7→ Q − Q for some Q ∈ A(Kv) with ϕ(Q) = P . Since v 6∈ S, A has good reduction at v, so in the residue field kv = Ov/mv, the σ reduction of ξσ = Q − Q for any σ ∈ Iv is give by

¯ σ σ σ ξσ = Q − Q = Q − Q = (Q) − Q = Q − Q = 0

(1) (1) since σ ∈ Iv acts trivially on kv. This shows that ξσ ∈ A (Kv)[ϕ] ⊆ A (Kv)[m], where deg ϕ = m. Further, since A has good reduction at v and v - m, then by Theorem 4.4.9, ¯ A(Kv)[m] ,→ Ae(kv) is an injection. Hence ξv = 0 in Ae(kv) implies ξσ = 0 in A(Kv). Thus we have shown ξσ is trivial for all σ ∈ Iv, i.e. ξ is unramified at every v 6∈ S. Hence (ϕ) 1 Sel (A/K) ⊆ HS(K,A[ϕ]). Proposition 5.2.5. Let S be a finite set of places of K and let M be any finite abelian 1 GK -module. Then HS(K,M) is finite.

Proof. Since M is finite and GK acts continuously on m, there exists an open subgroup of finite index in GK that fixes every element of M. Such a subgroup corresponds, by infinite Galois theory, to an extension K0/K. For this extension, we have an inflation-restriction sequence (Theorem 5.1.6):

1 0 GK0 1 1 0 0 → HS(K ,M ) → HS(K,M) → HS(K ,M).

1 0 GK0 1 0 Since M is finite, HS(K ,M ) is finite, so it’s enough to show HS(K ,M) is finite to imply 1 that HS(K,M) is finite. 0 By definition, K is the extension of K for which GK0 acts trivially on M, so after replacing 0 K with K , we may assume M is in fact a trivial GK -module. Also assume µn ⊆ K for some 1 S n. Since GK acts trivially on M, we have that HS(K,M) = Homcts(GK ,M). However, such homomorphisms are in correspondence with abelian extensions of K of exponent m which are unramified outside S. By Lemma 5.2.6 below, there are finitely many of these, so 1 HS(K,M) is finite.

Lemma 5.2.6. Let K be a number field and M a finite abelian GK -module. If m is the exponent of M (i.e. the smallest integer such that mx = 0 for all x ∈ M), and L/K is the maximal abelian extension of exponent m which is unramified outside S, then [L : K] is finite.

82 5.2 Selmer and Tate-Shafarevich Groups 5 The Mordell-Weil Theorem

× n Proof. Assume µn ⊆ K. By Kummer theory, the short exact sequence 1 → µn → K −→ K× → 0 induces a long exact sequence

× n × 1 1 × 0 → µn → K −→ K → H (K, µn) → H (K,K ) = 0

(the last term is 0 by Hilbert’s Theorem 90). Thus there is an isomorphism

× × n 1 δ : K /(K ) −→ H (K, µn) σ(β) n α 7−→ ξ : σ 7→ β where β = α.

In particular, this exhibits a Galois correspondence

cyclic subgroups of cyclic extensions of L/K ←→ K×/(K×)n with Gal(L/K) = Z/nZ √ hαi 7−→ K( n α)/K.

Let OS be the ring of S-integers in K, i.e.

OS = {x ∈ K : |x|v ≤ 1 for all v 6∈ S}.

By algebraic number theory, there are finitely many degree d extensions L/K unramified × outside S for any given d > 0. Further, by Dirichlet’s S-unit theorem, OS is a finitely generated abelian group of rank r(S) = r + s − 1 + #S, where r and s are, respectively, the numbers of real and complex embeddings of Q in K. By class field theory, the class group C(OS) is finite and generated by some fractional ideals a1,..., an. Adding all the primes 0 dividing the aj to S, we get a finite set of places S for which C(OS0 ) = 1. Therefore we may assume from the start that OS is a PID. With these reductions, we will now prove L/K is finite. In fact, we will show

1/m × (1) L = K(α | α ∈ OS ) ∼ r(S)+1 (2) Gal(L/K) = (Z/mZ) . By Kummer theory, the maximal abelian extension of K with exponent m is K(α1/m | α ∈ × 1/m × 0 1/m × 0 K ). Thus L ⊆ K(α | α ∈ K ). Let L = K(α | α ∈ OS ). We want to show L = L. First, for any α ∈ K× and place v for which v(m) = 0, we claim v is unramified in K(α1/m) rm if and only if ordv(α) ≡ 0 mod m. Indeed, if ordv(α) ≡ 0 mod m, then α = uπv for × 1/m 1/m 1/m m some u ∈ Ov and r ∈ Z. Then Kv(α ) = Kv(u ) so u satisfies x − u = 0. This polynomial has discriminant ∆ = mmum−1, so in particular v(∆) = 0 and thus v is unramified in K(α1/m). Conversely, if v is unramified in K(α1/m) then v(K(α1/m)×) = v(K×) = Z. So r if α = uπv then m | r and hence ordv(α) = r ≡ 0 (mod m). Thus the claim holds. The paragraph above shows that L is the compositum of all K(α1/m) for α ∈ K× with ordv(α) ≡ 0 mod m for all v 6∈ S. That is, for all v 6∈ S, ordv(α) = rvm for some rv ∈ Z. × Take such an α ∈ K and v 6∈ S and let pv be the corresponding prime of OS. By our reductions, OS is a PID, so Y rv pv = (β) v6∈S

83 5.3 Twists, Covers and Principal Homogeneous Spaces 5 The Mordell-Weil Theorem

0 −m × 1/m 0 1/m 0 for some β ∈ K. Then α = αβ ∈ OS and K(α ) = K((α ) ) ⊆ L . This holds for all α ∈ K×, so L ⊆ L0. On the other hand, L0 ⊆ L is obvious so we get L0 = L and (1) is proven. For (2), apply Dirichlet’s S-unit theorem to get

× × m r(S)+1 Gal(L/K) = OS /(OS ) = (Z/mZ)

where the extra copy of Z/mZ comes from the torsion part since µm ⊆ K. Remark. Consider the situation when M = A[m] and A[m] ⊆ A(K). As in the proof of Lemma 5.2.6, we may assume µm ⊆ K and that OS is a PID. Then

1 1+r(S) 2 HS(K,A[m]) = Homcts(Gal(L/K),A[m]) = Homcts((Z/mZ) , (Z/mZ) )

1 2(1+r(S)) 2(1+r(A)) so |HS(K,A[m])| = m . On the other hand, #A(K)/[m]A(K) = m and since 1 there is an embedding A(K)/[m]A(K) ,→ HS(K,A[m]), we get a bound on the rank of the elliptic curve A: r(A) ≤ 2r(S) = 2(r + s − 1 + #S). Corollary 5.2.7. For any isogeny of elliptic curves ϕ : A → B over a number ﬁeld K, the Selmer group Sel(ϕ)(A/K) is a ﬁnite group.

Corollary 5.2.8 (Weak Mordell-Weil Theorem). For any elliptic curve E over Q, E(Q)/mE(Q) is ﬁnite for all m ≥ 2.

Remark. Let ϕ : E → E0 be an isogeny over Q. There is a bilinear, alternating pairing

0 X(E/Q) × X(E /Q) −→ Q/Z called Cassel’s pairing, whose kernel consists of divisible elements. As a result, one obtains the following useful fact:

Theorem 5.2.9. For any elliptic curve E, the order of X(E/Q) is divisible by 2.

5.3 Twists, Covers and Principal Homogeneous Spaces

Before making the leap from the weak Mordell-Weil theorem to the full Mordell-Weil theorem, we take a couple sections to describe the Selmer and Tate-Shafarevich groups explicitly. This allows one to write down explicit generators for E(K)/ϕE(K) which ultimately lead to an effective proof of Mordell-Weil. Definition. Let X be an algebro-geometric object over a field k. Then a twist of X is an element of the set

Twist(X/k) = {objects Y of the same category | Y ∼= X over k¯}.

Example 5.3.1. By Proposition 0.2.7 (or 2.6.5), every conic in P2 is isomorphic over k¯ to P1, but is only isomorphic over k if it has a k-point. Therefore Twist(P1/k) is the set of conics in P2.

84 5.3 Twists, Covers and Principal Homogeneous Spaces 5 The Mordell-Weil Theorem

The next result is a sort of “meta-proposition” about twists of algebro-geometric objects. One can repeat the proof in any speciﬁc category of algebro-geometric objects to obtain a bijection between the twists and the given cohomology set.

Proposition 5.3.2. Let X be an algebro-geometric object over a ﬁeld k. Then there is a 1 ∼ bijection H (k, Autk¯(X)) = Twist(X/k). Proof. Given Y ∈ Twist(X/k), there is an isomorphism ϕ : Y → X deﬁned over k¯. Then each σ ∈ Gk acts on ϕ in the natural way, and

σ −1 ξ : σ 7→ ϕ ◦ ϕ ∈ Autk¯(X)

1 is a 1-cocycle in H (k, Autk¯(X)). 1 Conversely, for ξ : σ 7→ ξσ in H (k, Autk¯(X)), we may view ξ as a continuous map Gk → Autk¯(X). Since Autk¯(X) has the discrete topology, ker ξ is an open normal subgroup of Gk, so by Galois theory, there is an extension L/k with ker ξ = Gal(L/k). We deﬁne a twisted action of Gal(L/k) on X(L) by

Gal(L/k) × X(L) −→ X(L) σ (σ, P ) 7−→ ξσ(P ).

Then the coset space Y := X(L)/ Gal(L/k) is an object deﬁned over k of the same type as X that is isomorphic to X over k¯, hence a twist of X over k. It is easy to check that the assignments are inverses of each other.

Deﬁnition. Let A be an algebraic group over a ﬁeld k.A principal homogeneous space (or PHS) for A is a variety X over k equipped with a simply transitive action of A as an algebraic group action over k. In other words, there is a morphism

µ : X × A −→ X, (x, P ) 7→ x P satisfying

(1) x 0 = x for all x ∈ X.

(2) x (P + Q) = (x P ) Q for all P,Q ∈ A and x ∈ X.

(3) For any x0 ∈ X, the map

θx0 : A −→ X,P 7→ x0 P

is an isomorphism deﬁned over over any ﬁeld L such that x0 ∈ X(L). ∼ In particular, (3) says that X is a twist of A. Notice that if x0 ∈ X(k), then X = A over k, i.e. X is a trivial twist of A, and vice versa. In this case, we will say X is a trivial principal homogeneous space of A.

Lemma 5.3.3. Every twist of A over k is a principal homogeneous space.

85 5.3 Twists, Covers and Principal Homogeneous Spaces 5 The Mordell-Weil Theorem

¯ Proof. Let X be a twist of A, with isomorphism θ = θx0 : A → X deﬁned over k. Then for any x ∈ X and P ∈ A,

−1 −1 −1 θ(θ (x) + P ) = x0 (θ (x) + P ) = (x0 θ (x)) P = x P. Therefore the action µ : X × A → X can be written µ(x, P ) = θ(θ−1(x) + P ). ¯ Lemma 5.3.4. Given an isomorphism θ = θx0 : A → X over k, there is a subtraction map

−1 −1 ν : X × X −→ A, (x, y) 7→ x y = θ (x) − θ (y) which is deﬁned over k.

Deﬁnition. Two principal homogeneous spaces (X, µ) and (X0, µ0) of A over k are isomorphic over k if there exists an isomorphism i : X → X0 deﬁned over k such that the following diagram commutes: µ X × A X

i × 1 i

X0 × A X0 µ0

There is a related notion of a “torsor” for A, which turns out to be equivalent to the deﬁnition of a PHS of A.

Deﬁnition. A torsor for A over k is a pair (X, θ) where X is an algebraic variety over k and θ : A → X is an isomorphism deﬁned over k¯.

Deﬁnition. Two torsors (X, θ) and (X0, θ0) for A over k are isomorphic as torsors if there exists an isomorphism of varieties i : X → X0 deﬁned over k and a point P ∈ A such that the following diagram commutes:

θ A X

τP i

A X0 θ0

Proposition 5.3.5. The equivalence classes of principal homogeneous spaces of A over k are in bijection (as pointed sets) with the equivalence classes of torsors for A over k.

Proof. Let X be a PHS and pick x0 ∈ X. Then θ = θx0 : A → X is an isomorphism, so

(X, θ) is a torsor. For a diﬀerent choice of point y0 ∈ X, we get an isomorphic torsor (X, θy0 ), where the isomorphism is given by the diagram

86 5.3 Twists, Covers and Principal Homogeneous Spaces 5 The Mordell-Weil Theorem

θx0 A X

τP id

A X θy0

(Here, P = x0 y0.) Conversely, a torsor (X, θ) determines a PHS (X, µ) of A by µ(x, P ) = θ(θ−1(x) + P ). Definition. The set of equivalence classes of principal homogeneous spaces of A over k, or equivalently the equivalence classes of torsors for A over k, is called the Weil-Châtelet group of A, denoted WC(A/k). Remark. Let A be an algebraic group over k. 1 Given a twist X ∈ Twist(A/k), then up to isomorphism of torsors, there are | Aut(A)| different torsor structures we can put on X. For an elliptic curve E, the typical case is that Aut(E) = Z/2Z, so there are two torsor structures on each twist of E. 2 The automorphism group of A as a torsor for A is isomorphic to A itself. Hence by Proposition 5.3.2,

WC(A/k) −→ H1(k, A) σ (X, µ) 7−→ (ξ : σ 7→ x0 x0) is a bijection. Viewing WC(A/k) as an equivalence class of torsors, the isomorphism is σ −1 given by (X, θ) 7→ (ξ : σ 7→ Pσ), where Pσ is the point such that (θ ) ◦θ(Q) = Q+Pσ in A. Recall that when A is an elliptic curve over a number ﬁeld K, X(A/K) ⊆ H1(K,A) and 1 1 elements of X(A/K) are those cocycles ξ ∈ H (K,A) such that ξv ∈ H (Kv,A) is trivial 1 for each place v of K. Interpreting each H (Kv,A) as WC(A/Kv), the restriction map is given by Y WC(A/K) −→ WC(A/Kv) v Y X/K 7−→ (X/Kv). v

Lemma 5.3.6. A torsor X for A is trivial in WC(A/K) if and only if X(K) 6= ∅. Theorem 5.3.7. Let ϕ : A → B be an isogeny of elliptic curves over a number ﬁeld K. Then X(A/K) is the set of equivalence classes of PHSs for A over K having a point over Kv for every place v of K. On the other hand, recall that Sel(ϕ)(A/K) ⊆ H1(K,A[ϕ]). By Proposition 5.3.2, H1(K,A[ϕ]) can be viewed as the set of twists of A with automorphism group isomorphic to A[ϕ]. This naturally leads to the idea of twists of an isogeny, also known as ϕ-covers.

87 5.3 Twists, Covers and Principal Homogeneous Spaces 5 The Mordell-Weil Theorem

Definition. Let ϕ : A → B be an isogeny. Then a ϕ-cover is a curve C and a covering map π : C → B defined over K such that there exists an isomorphism α : C → A defined over K making the following diagram commute: π C B

α id

A ϕ B

If π : C → B is a ϕ-cover, then C is a torsor for A over K, so C ∈ WC(A/K). Note that 0 if α : C → A is another isomorphism over K then it diﬀers from α by τP for some P ∈ A[ϕ]; thus [(C, α)] = [(C, α0)] in WC(A/K).

Deﬁnition. Let ϕ : A → B be an isogeny. An isomorphism of ϕ-covers (C, π) → (C0, π0) is an isomorphism of curves i : C → C0 making the following diagram commute: π C B

i id

C0 B π0

Remark. For any isogeny ϕ, Twist(ϕ/K) is the set of ϕ-covers up to isomorphism of ϕ- covers. This is a pointed set with trivial element ϕ : A → B itself. Moreover, the automorphism group of ϕ as a ϕ-cover is in correspondence with A[ϕ], since any ϕ-cover isomorphism ϕ → ϕ must be of the form τP for some P ∈ A[ϕ]. Proposition 5.3.8. For any isogeny ϕ : A → B, there is a bijection

{equivalence classes of ϕ-covers} ←→ H1(K,A[ϕ]).

The Selmer-Tate-Shafarevich sequence (Proposition 5.2.3) can now be written:

δ 0 B(K)/ϕA(K) H1(K,A[ϕ]) WC(A/K) 0

[C −→π B] [C]

Proposition 5.3.9. If C −→π B is a ϕ-cover and there is a point x ∈ C(K), then [C −→π B] = δ(P ) for P = π(x) ∈ B(K).

88 5.4 Descent 5 The Mordell-Weil Theorem

Proof. For any P ∈ B(K), δ(P ): σ 7→ xσ − x. In particular, if P = ϕ ◦ α(x) = π(x), then

δ(P )(σ) = (ϕ ◦ α(x))(σ) = [α(x)]σ − α(x) = ασ(xσ) − α(x) σ σ −1 = τPσ ◦ α(x ) − α(x) since τPσ = α ◦ α σ = α(x ) + ξσ − α(x)

= α(x) + ξσ − α(x) = ξσ where ξ is the cocycle in H1(K,A[ϕ]) corresponding (via Proposition 5.3.8) to C −→π B. Thus δ(P ) = [C −→π B]. Now viewing Sel(ϕ)(A/K) as a subset of H1(K,A[ϕ]), the Selmer group consists of those ϕ-covers (up to isomorphism) which are everywhere locally trivial, that is, have a point over (ϕ) Kv for all completions Kv of K. Moreover, the map Sel (A/K) → X(A/K)[ϕ] takes a ϕ-cover C −→π B to the space C as a PHS of A. In order to compute B(K)/ϕA(K), and in particular the weak Mordell-Weil groups E(Q)/mE(Q), one constructs principal homogeneous spaces C ∈ X(A/K)[ϕ] which have points in every Kv and use the Selmer-Tate-Shafarevich sequence (Proposition 5.2.3) to pull C back to a generator of B(K)/ϕA(K). This strategy is known as descent.

5.4 Descent

The goal of descent is to construct torsion elements of the Tate-Shafarevich group X(A/K) and lift them to generators of B(K)/ϕA(K). We will describe this construction in the relatively tractable case of 2-torsion elements of an elliptic curve. The general procedure can be found in Silverman and in Cremona’s “Higher Descent on Elliptic Curves”. Let E be an elliptic curve with a rational 2-torsion point P ∈ E(K); then hP i is a subgroup of order 2 in E(K). We can construct a 2-isogeny of E as follows. Change coordinates of E to move P to the point (0, 0). Then E is given by the Weierstrass form

E : y2 = x(x2 + ax + b).

If we set a0 = −2a, b0 = a2 − 4b and assume bb0 6= 0, then

E0 : y2 = x(x2 + a0x + b0)

is an elliptic curve and there is an isogeny

ϕ : E −→ E0 y2 y(b − x2) (x, y) 7−→ , . x2 x2

Lemma 5.4.1. If ϕ : E → E0 is an isogeny, then E and E0 have good/bad reduction at the same primes.

89 5.4 Descent 5 The Mordell-Weil Theorem

Proof. (Move?) Silverman VII.7.2. Let S be the set of primes of bad reduction for E and E0; that is,

0 2 0 2 0 S = {archimedean primes} ∪ {primes dividing ∆E0 = 16(b ) ((a ) − 4b )}.

Set × × 2 K(S, 2) = {β ∈ K /(K ) : ordv(β) ≡ 0 mod 2 for all v 6∈ S}. ∼ Then E[ϕ] = {(0, 0),O} = µ2 as a Galois module, so by Kummer theory, there is a bijection

1 K(S, 2) −→ HS(K,E) ( √ √ 0, if ( β)σ = β β 7−→ ξ(β): σ 7→ √ √ P, if ( β)σ = − β.

We use this correspondence to construct a ϕ-cover C −→π B corresponding to ξ(β). Consider the ﬁeld K(E)ξ deﬁned as the set K(E) with twisted Galois action

Z : K(E) −→ K(E)ξ f 7−→ Z(f)

σ σ GK such that Z(f) = Z(f ◦ τξ(β)σ ). Then K(E)ξ , the fixed field of K(E)ξ under the Galois action of GK defined above, is a function field. Let Cβ be the corresponding curve (by Proposition 2.2.2). Looking at the addition formula (Proposition 3.3.2) for E, one can compute the translation map τP = τ(0,0) to be

b by τ (x, y) = , − . P x x2

√ √ √ 2 Let L = K( β), so that GL/K = hσi where σ : β 7→ − β. Then L(E)ξ = L(x, y)/(y − x(x2 + ax + b)) with b by (pβ)σ = −pβ, xσ = and yσ = − . x x2

√ 2 βx √ b x Observe that z = y and w = β x − x y are GL/K -invariant and satisfy the equation

Y : βw2 = β2 − 2aβz2 + (a2 − 4b)z4.

In fact, Y is a nonsingular (since b(a2 − 4b) 6= 0 by nonsingularity of E) hyperelliptic curve of genus 1. We claim that Y = Cβ. Over L, there is a bijection

θ : E r {(0, 0),O} −→ Cβ √ ! βx b x2 (x, y) 7−→ (z, w) = , pβ x − . y x y

90 5.4 Descent 5 The Mordell-Weil Theorem

x xy y Since y = y2 = x2+ax+b , this can be extended to all points Q ∈ E by √ √  βy β(x2 − b)  , ,Q 6= (0, 0),O  x2 + ax + b x2 + ax + b θ(Q) = √ (0, − β),Q = (0, 0)  √ (0, β),Q = O. One can also compute the inverse α = θ−1 explicitly:

α : Cβ −→ E √ √ √ βw − az2 + β βw − a βz2 + β β (z, w) 7−→ , . 2z2 2z3 Thus θ and α are isomorphisms. Now consider the diagram

π 0 Cβ E

α id

0 E ϕ E β βw where π is given by (z, w) 7→ , − . Then π = ϕ ◦ α so π : C → E0 is a ϕ-cover. z2 z3 β

π 0 Lemma 5.4.2. The cocycle associated to Cβ −→ E is ξ(β). Now recall that the connecting morphism δ : E0(K)/ϕE(K) → Sel(ϕ)(E/K) is given by δ(P 0): σ 7→ Qσ − Q where ϕ(Q) = P 0. Note that ϕ(O) = O, so when P 0 = O, δ(O): σ 7→ O and thus 1 ∈ K(S, 2). If P 0 = P = (0, 0), the 2-torsion point, then Q must have y = 0 and √ 2 −a± a2−4b x a root of x + ax + b, so Q = 2 , 0 . This implies √ ( 2 σ O, if σ acts trivially on a − 4b ξ(β)ξ = Q − Q = (0, 0), otherwise. From this, we see that β = a2 − 4b, so δ(P ) = β ∈ K(S, 2). Finally, for P 0 = (x, y) 6= (0, 0), 0 π 0 one can show that δ(P ) = δ(x, y) = x. These explicit ϕ-covers Cβ −→ E allow us to pull back to generators of E0(K)/ϕE(K), as demonstrated in the next examples. Example 5.4.3. Let E be the elliptic curve over Q deﬁned by E : y2 = x3 − 6x2 + 17x.

Our goal is to compute E(Q)/2E(Q). First, ∆ = −147968 = −29 · 172, so S = {∞, 2, 17} 0 and Q(S, 2) = {±1, ±2, ±17, ±34}. The above formulas for E and the ϕ-covers Cβ give the following curves: E0 : y2 = x3 + 12x2 − 32x 2 2 2 4 Cβ : βw = β + 12βz − 32z , β ∈ Q(S, 2).

91 5.4 Descent 5 The Mordell-Weil Theorem

2 × 2 Notice that δ(0, 0) = a − 4b = −32 ≡ −2 mod (Q ) so the ϕ-cover C−2 is the image under δ of (0, 0). Hence [C−2] is trivial in X(E/Q)[ϕ]. (In particular, this shows that E has a point over Q!) For β = 2, we get the ϕ-cover

2 2 4 C2 : 2w = 4 + 24z − 32z .

Setting t = 2z, we can write this as

2 2 4 C2 : w = 2 + 3t − t .

1 Notice that (t, w) = (1, 2) is a point on C2, corresponds to a point (z, w) = 2 , 2 on E, and 1 0 hence π 2 , 2 = (8, −32) ∈ E (Q). Once again, by Proposition 5.3.9, [C2] is trivial in the Tate-Shafarevich group. Next, let β = 17. The corresponding ϕ-cover is

2 2 2 4 C17 : 17w = 17 + 12 · 17z − 32z .

(ϕ) Here we show that [C17] 6∈ Sel (E/Q). Suppose to the contrary that there exists a point 2 4 (z, w) ∈ C17(Q17). Then ord17(17w ) is odd and ord17(32z ) is even, which implies that 2 2 4 4 ord17(17 + 12 · 17z − 32z ) 6= ord17(32z ) = 4 ord17(z). On the other hand,

2 2 4 ord17(17 + 12 · 17z − 32z ) ≥ min{2, 1 + 2 ord17(z), 4 ord17(z)} and the only way this is possible is if ord17(z) > 0. However, this contradicts the deﬁning (ϕ) equation for C17. Hence C17(Q17) = ∅, so by Theorem 5.3.7, [C17] 6∈ Sel (E/Q). Further, (ϕ) (ϕ) since Sel (E/Q) is a group, we must have [C−17], [C34], [C−34] 6∈ Sel (E/Q) as well. We have therefore shown that

(ϕ) ∼ Sel (E/Q) = {C1,C−1,C2,C−2} = {±1, ±2}. 0 ∼ (ϕ) ∼ Further, X(E/Q)[ϕ] = 0 so we have an isomorphism E (Q)/ϕE(Q) = Sel (E/Q) = Z/2Z × Z/2Z. 0 Now consider the dual isogeny ϕb : E → E. Here, we still have Q(S, 2) = {±1, ±2, ±17, ±34} and one can determine the following formulas for ϕb-covers: 0 2 2 2 4 Cβ : βw = β − 24βz + 272w , β ∈ Q(S, 2).

0 Observe that if β < 0, Cβ(R) = ∅ since the signs don’t alternate. Also, δ(0, 0) = 272 = 4 × 2 0 0 2 · 17 ≡ 17 mod (Q ) so C17 is the image of (0, 0) ∈ E (Q)/ϕEb (Q) under δ. Lastly, for β = 2, we have 0 2 4 C2 : 2w = 4 − 12t + 17t 0 0 (ϕb) 0 (with t = 2z). A similar proof as above shows that C2(Q2) = ∅, so [C2] 6∈ Sel (E /Q). In all, this shows that (ϕ) 0 ∼ Sel b (E /Q) = {C1,C17} = {1, 17}, 0 but C1 and C17 are images under δ of the points O and (0, 0), respectively, so X(E /Q)[ϕb] = 0 in this case.

92 5.4 Descent 5 The Mordell-Weil Theorem

Let’s put this together to determine the weak Mordell-Weil group E(Q)/2E(Q). From 0 ∼ above, E (Q)/ϕE(Q) = Z/2Z × Z/2Z, where the generators are (0, 0) and (8, −32). On 0 ∼ (ϕ) 0 ∼ the other hand, the previous paragraph implies that E(Q)/ϕEb (Q) = Sel b (E /Q) = Z/2Z, with explicit generator (0, 0). The composition ϕ ◦ ϕb = [2] gives us an exact sequence 0 0 E (Q)[ϕb] E(Q) E(Q) E (Q) 0 → → 0 → → → 0. ϕ(E(Q)[ϕ]) ϕEb (Q) 2E(Q) ϕE(Q) Inserting the terms we know, this becomes

E(Q) 0 → Z/2Z → Z/2Z → → Z/2Z × Z/2Z → 0. 2E(Q) ∼ Hence by exactness, E(Q)/2E(Q) = h(0, 0), (8, −32)i = Z/2Z × Z/2Z. Furthermore, since ∼ Etors(Q) = E(Q)[2] = Z/2Z = h(0, 0)i, we deduce that (8, −32) is a point of inﬁnite order on E(Q). This implies the ﬁnal result: ∼ E(Q) = h(0, 0), (8, −32)i = Z/2Z × Z.

0 In the above example, we were able to determine X(E/Q)[ϕ] = 0 and X(E /Q)[ϕb] = 0 and use this to deduce E(Q)/2E(Q), and ultimately E(Q). However, sometimes one may discover a ϕ-cover Cβ not mapping to the trivial class in X(E/Q)[ϕ]. In such a situation, one may require a method known as ‘second descent’ (cf. Cremona’s paper entitled “Higher Descents on Elliptic Curves”). Let ϕ : A → B and ϕb : B → A be dual isogenies such that ϕ ◦ ϕb = [m]. Then we have a commutative diagram with exact rows and columns: 0 0 0 0

0 H A(Q)/ϕBb (Q) B(Q)/mB(Q) B(Q)/ϕA(Q) 0

(ϕ) (m) (ϕ) 0 H Sel b (B/Q) Sel (B/Q) Sel (A/Q) 0

0 X(B/Q)[ϕb] X(B/Q)[m] X(A/Q)[ϕ] 0

0 0 0

(ϕ) (Here, H = B(Q)[ϕ]/ϕ(A(Q)[ϕ]).) Take C ∈ Sel (A/Q) and use exactness of the middle b (m) row to ﬁnd a lift D ∈ Sel (B/Q); then these are ϕ- and ϕb-covers, respectively:

93 5.4 Descent 5 The Mordell-Weil Theorem

$ π D C B ∼= ∼= id

B A ϕ B ϕb

Such a D is called a descendant of C. The key insight is that a point on D (over any field, but in particular over local fields) gives a point on C via $. In general, points on D will have smaller height than those on C (see Section 5.5), so it will be easier in theory to find points on D. If points cannot be found on D, replace ϕ with [m], ϕb with [m] and m = deg ϕ with m2 = deg[m] and repeat the argument. In principle, this can be repeated indefinitely. However, each step yields an exact sequence:

(ϕ,j) j j 0 → B(Q)/ϕA(Q) → Sel (A/Q) → m X(A/Q)[m ] → 0

(ϕ,j) (ϕ) (mj ) where, for j ≥ 2, Sel (A/Q) denotes the elements of Sel (A/Q) coming from Sel (A/Q). Eventually, the last term in these sequences becomes 0 as long as the Tate-Shafarevich group X(A/Q) is not infinitely m-divisible. It is conjectured that this is true for all elliptic curves, but has not been proven. Thus it is believed that the descent procedure always terminates in a finite number of steps. (In fact, the Birch-Swinnerton-Dyer Conjecture would imply that the Tate-Shafarevich group is always finite, in which case descent always terminates.)

Example 5.4.4. For D ∈ Z, let E : y2 = x3 + Dx be the congruent number elliptic curve (see Section 0.1). For simplicity, we will assume 3 D = p, a prime number congruent to 1 mod 8. Then ∆E = −4p and S = {∞, 2, p}, so ∼ Q(S, 2) = {±1, ±2, ±p, ±2p}. One can show using normal means that Etors(Q) = h(0, 0)i = Z/2Z. Further, we have the following formulas for the ϕ- and ϕb-covers in the Selmer groups: 2 2 4 (ϕ) Cβ : βw = β − 4pz in Sel (E/Q) 0 2 2 4 (ϕb) 0 Cβ : βw = β + pz in Sel (E Q).

For the 2-torsion point P = (0, 0), notice that δ(P ) = −4p3 ≡ −p mod (Q×)2 and δb(P ) ≡ p × 2 (ϕ) 0 (ϕb) 0 mod (Q ) . So C−p ∈ Sel (E/Q) and Cp ∈ Sel (E /Q). Also, if β < 0, the coeﬃcients in 0 the second equation above fail to alternate, so Cβ(R) = ∅. Consider the ϕb-cover for β = 2:

0 2 4 C2 : 2w = 4 + pz .

Over Q2, any point (z, w) must then satisfy 1 + 2 ord2(w) ≥ min{2, 4 ord2(z)}, but 2 and 4 ord2(z) are both even and never equal, so the inequality is an equality. However, 1 + 0 0 (ϕb) 0 2 ord2(w) is odd, so this is impossible. Hence C2(Q2) = ∅, and thus C2 6∈ Sel (E /Q). We (ϕ) have now shown that Sel b (E0/Q) = {1, p}. (ϕ) To ﬁnish computing Sel (E/Q), we have

2 4 2 4 C−1 : −w = 1 − 4pz , or w + 1 = 4pz .

94 5.4 Descent 5 The Mordell-Weil Theorem

2 Over Fp, the reduction Ce−1(Fp) is given by w + 1 = 0, and since we assumed p ≡ 1 (mod 8), there is a solution by quadratic reciprocity. Check that this point is nonsingular on the reduction, so that it lifts to a point of C−1(Qp). Now over Q2, make the change of z w variables (z, w) 7→ 4 , 8 so that the ϕ-cover C−1 is given by 2 4 C−1 : w + 64 = pz .

Then (1, 1) is a solution mod 8 and satisﬁes Hensel’s criterion, so C−1(Q2) 6= ∅. This proves (ϕ) C−1 ∈ Sel (E/Q). Now for β = −2, the cover is given by

2 4 2 4 C−2 : −2w = 4 − 4pz , or w + 2 = 2pz .

2 Over Fp, the equation becomes w + 2 = 0 which again has a solution since p ≡ 1 (mod 8). As above, one can check that the point is nonsingular and then lift it to a point of C−2(Qp). Likewise, the proof that C−2(Q2) is nonempty is similar. (ϕ) The above work shows that Sel (E/Q) = {±1, ±2, ±p, ±2p}. Now consider the sequences

0 0 E (Q)[ϕb] E (Q) E(Q) E(Q) 0 → → → → 0 → 0 (A) ϕ(E(Q)[ϕ]) ϕE(Q) 2E(Q) ϕEb (Q) 0 E (Q) (ϕ) 0 → → Sel (E/Q) → X(E/Q)[ϕ] → 0 (B) ϕE(Q) 0 0 → X(E/Q)[ϕ] → X(E/Q)[2] → X(E /Q)[ϕb] → 0. (C)

The terms in all three sequences are F2-vector spaces, so we can add dimensions as follows: 0 0 E (Q)[ϕb] E(Q) E (Q) E(Q) dim + dim = dim + dim 0 ϕ(E(Q)[2]) 2E(Q) ϕE(Q) ϕEb (Q) (ϕ) = dim Sel (E/Q) − dim X(E/Q)[ϕ] (ϕ) 0 0 + dim Sel b (E /Q) − dim X(E /Q)[ϕb] 1+rank(E) (where dim = dimF2 ). On the other hand, E(Q)/2E(Q) = (Z/2Z) , by the proof 0 of Lemma 5.2.6, and since Etors(Q) = Z/2Z, we must have Z/2Z ⊆ E(Q)/ϕEb (Q). By 0 (ϕ) 0 sequence (B) however, E(Q)/ϕEb (Q) injects into Sel b (E /Q) = {1, p}, so we must have 0 0 E(Q)/ϕEb (Q) = Z/2Z. This further implies that X(E /Q)[ϕb] = 0 in sequence (B). Finally, sequence (C) gives us dim X(E/Q)[ϕ] = dim X(E/Q)[2]. Putting these together with the dimension formula, we get

(ϕ) (ϕ) 0 1 + (1 + rank(E)) = dim Sel (E/Q) + dim Sel b (E /Q) − dim X(E/Q)[2] = 3 + 1 − dim X(E/Q)[2].

So dim X(E/Q)[2] + rank(E) = 2. By Cassel’s pairing (Theorem 5.2.9), dim X(E/Q)[2] is even, so each of {dim X(E/Q)[2], rank(E)} can be either 0 or 2. In fact, both situations occur. For example, the congruent number curve

E : y2 = x3 + 73x

95 5.4 Descent 5 The Mordell-Weil Theorem

9 411 has rank 2 and has rational points 16 , 64 and (36, 222) which generate E(Q). To ﬁnd an example which has rank(E) = 0, assume 2 is a quartic non-residue mod p (e.g. p = 17 will work). Consider the β = ±2 covers:

2 4 C±2 : ±w = 2 − 2pz .

r 2s Suppose (z, w) ∈ C±2(Q). Writing z in lowest terms, we may assume (z, w) = t , t2 , where r, s, t ∈ Z are coprime integers satisfying ±2s2 = t4 − pr4. (∗)

p Let q be an odd prime factor of s. Then reducing (∗) mod p shows that q = 1. On the q other hand, since p ≡ 1 (mod 8), quadratic reciprocity implies p = 1 as well. Reciprocity 2 e0 e1 en also implies p = 1, so if s = 2 q1 ··· qn for distinct primes q1, . . . , qn, then we can write

s 2e0 q e2 q en = 1 ··· n = 1 · 1 ··· 1 = 1. p p p p

Hence s is a quadratic residue mod p, which means s2 is a quartic residue mod p. From (∗), ±2s2 −1 we get p = 1, but Gauss’s quartic reciprocity implies p = 1 when p ≡ 1 (mod 8). 4 4 2 So this means p = 1 by multiplicativity of the 4th power Legendre symbol. Thus in the 4 case when 2 is not a quartic residue mod p (as with p = 17), we must have C±2(Q) = ∅. This is exactly the condition that C±2 are nontrivial in X(E/Q)[2], so we have found an entire class of elliptic curves for which X(E/Q)[2] is nontrivial. In particular, we ﬁnd that E has rank 0. We can similarly show that C−1 is nontrivial in the Tate-Shafarevich group. Write

2 4 C−1 : −w = 1 − 4pz .

r s Suppose (z, w) ∈ C−1(Q) and rewrite this as (z, w) = 2t , 2t2 for r, s, t ∈ Z coprime such that s2 + 4t2 = pr4. (∗∗) Write p = a2 +b2 for a = 1 (mod 2) and b ≡ 0 (mod 2); this is possible by Fermat’s theorem on primes of the form p = x2 +y2, since p ≡ 1 (mod 4). Using Gauss’s composition formulas for quadratic forms, one can write

(pr2 + 2bt2)2 = p(br2 + 2t2)2 + a2s2 =⇒ (pr + 2bt2 − as)(pr + 2bt2 + as) = p(br2 + 2t2)2.

These together imply that for some u, v ∈ Z,  br2 + 2t2 = uv or 2uv  pr2 + 2bt2 ± as = pu2 or 2pu2 pr2 + 2bt2 ∓ as = v2 or 2v2.

96 5.5 Heights 5 The Mordell-Weil Theorem

The second and third lines combine to give us ( 2pr2 + 4bt2 = pu2 + v2 (†) = br2 + 2t2 = uv.

2 ab/4 2 By quartic reciprocity, p = (−1) , but by assumption p 6= 1, so 8 - b. Thus b ≡ 0 4 4 (mod 2) implies that b ≡ 4 (mod 8). Reducing (†) mod 8 yields ( 2r2 = u2 + v2 4r2 + 2t2 = uv.

These imply u and v are both even, so r is even and therefore so is t. But this contradicts the assumption that r and t are coprime. Hence C−1(Q) = ∅.

5.5 Heights

Fix an elliptic curve in short Weierstrass form

2 3 E : y = x + Ax + B, A, B ∈ Z.

p Definition. For any t ∈ Q, write t = q for coprime integers p, q ∈ Z. The height of t is defined by H(t) = max{|p|, |q|}. Next, for a point P = [x , . . . , x ] ∈ N , we may assume 0 N PQ gcd(x , . . . , x ) = 1. Then the height function H : N → is defined by 0 N PQ R≥0

H(P ) = max{|xi| : 0 ≤ i ≤ N}

for all P = [x , . . . , x ] ∈ N , and H(∞) = 1. 0 N PQ Setting h(P ) = log H(P ) deﬁnes a function

N h : PQ −→ R≥0.

This can be extended to any ﬁeld extension K/Q by 1 X h(P ) = log max{|x | : 0 ≤ i ≤ N} [K : ] i v Q v

N for any P = [x0, . . . , xN ] ∈ P (K), where the sum is over all valuations v on K and |x|v = − ordv(x) (#OK /pv) is the normalized pv-adic valuation on K.

Proposition 5.5.1. Let E be an elliptic curve over Q and ﬁx P0 ∈ E(Q). Then

(1) There is some constant C1, which depends on P0,A and B, such that h(P + P0) ≤ 2h(P ) + C1 for all P ∈ E(Q).

(2) There is some constant C2, which depends only on A and B, such that h([2]P ) ≥ 4h(P ) − C2 for all P ∈ E(Q).

97 5.5 Heights 5 The Mordell-Weil Theorem

(3) {P ∈ E(Q): h(P ) < B} is a ﬁnite set for all B > 0. Proof. Silverman.

N Remark. More generally, any projective embedding X,→ Pk of a variety gives a height function. Recall (Section 2.3) that such embeddings arise from very ample divisors. The whole theory of heights can be derived from this perspective (see Diophantine Geometry by Hindry-Silverman).

Definition. The canonical height function for any extension K/Q is defined for a point P ∈ N (K) by PQ 1 hˆ(P ) := lim h([2n]P ). n→∞ 4n Proposition 5.5.2. The canonical height function for any elliptic curve E satisfies

(i) For all B > 0, the set {P ∈ E(Q): hˆ(P ) < B} is ﬁnite.

(ii) For each m ∈ Z and each point P ∈ E(Q), hˆ([m]P ) = m2hˆ(P ). 1 ˆ ˆ ˆ (iii) The pairing hP,Qi = 2 (h(P + Q) − h(P ) − h(Q)) is symmetric and bilinear. Proof. Silverman. We are now prepared to give the proof the full Mordell-Weil theorem using the weak version (Corollary 5.2.8) and heights.

Theorem 5.5.3 (Mordell-Weil). For every elliptic curve E over Q, the group E(Q) is ﬁnitely generated.

Proof. Fix m ∈ Z. By Corollary 5.2.8, the weak Mordell-Weil group E(Q)/mE(Q) is finitely generated, so pick generators P1,...,Ps ∈ E(Q)/mE(Q). Set c0 = max{|Pi| : 1 ≤ i ≤ s}, q where |P | = hˆ(P ) for any P ∈ E(Q). By Proposition 5.5.2(i), it’s enough to show that S := {P ∈ E(Q): |P | ≤ c0} generates E(Q), since this set is finite. The proof follows Fermat’s strategy of ‘descent’. Suppose Q0 ∈ E(Q). If Q0 6∈ S, then |Q0| > c0. Since E(Q)/mE(Q) is finitely generated,

we may write Q0 = Pi1 + mQ1 for some Pi1 ,Q1 ∈ E(Q). Now q q ˆ 2ˆ m|Q1| = m h(Q1) = m h(Q1) q ˆ = h(mQ1) = |mQ1| by Proposition 5.5.2(ii)

= |Q0 − Pi1 | ≤ |Q0| + |Pi1 | from Proposition 5.5.2(iii)

< 2|Q0| since |Q0| > c0 ≥ |Pi1 |.

So |Q1| ≤ |Q0|. Now repeat: either Q1 ∈ S or |Q1| > c0. In the latter case, Q1 = Pi2 + mQ2

for Pi2 ,Q2 ∈ E(Q) satisfying |Q2| ≤ |Q1| ≤ |Q0|. Now, by Proposition 5.5.2(i), the set {P ∈ E(Q): |P | ≤ |Q0|} is ﬁnite, so this descent process must terminate. This shows that Q0 is a sum of elements of S, so S generates E(Q) and the theorem is proven.

98 6 Elliptic Curves and Complex Analysis

6 Elliptic Curves and Complex Analysis

In this chapter we review the classical theory of complex algebraic curves, starting with the construction and basic properties of elliptic functions, their connection to elliptic curves and their Jacobians, and then describing the construction in arbitrary dimension.

6.1 Elliptic Functions

Let Λ ⊆ C be a lattice, i.e. a free abelian subgroup of rank 2. Then Λ can be written

ω1 Λ = Zω1 + Zω2 for some ω1, ω2 ∈ C such that 6∈ R. ω2

Deﬁnition. A function f : C → C ∪ {∞} is doubly periodic with lattice of periods Λ if f(z + `) = f(z) for all ` ∈ Λ and z ∈ C.

Deﬁnition. An elliptic function is a function f : C → C ∪ {∞} that is meromorphic and doubly periodic.

It is not obvious that doubly periodic functions even exist! We will prove this shortly.

Deﬁnition. Let Λ ⊆ C be a lattice. The set

Π = Π(ω1, ω2) = {t1ω1 + t2ω2 | 0 ≤ ti < 1}

is called the fundamental parallelogram, or fundamental domain, of Λ. We say a subset Φ ⊆ C is fundamental for Λ if the quotient map C → C/Λ restricts to a bijection on Φ.

ω1

ω2 Π

Lemma 6.1.1. For any choice of basis [ω1, ω2] of Λ, Π(ω1, ω2) is fundamental for Λ. Lemma 6.1.2. Let Λ be a lattice. Then

99 6.1 Elliptic Functions 6 Elliptic Curves and Complex Analysis

(a) If Π is the fundamental domain of Λ, then for any α ∈ C, Πα := Π+α is fundamental for Λ. [ (b) If Φ is fundamental for Λ, then C = Φ + `. `∈Λ Corollary 6.1.3. Suppose f is an elliptic function with lattice of periods Λ and Φ fundamental for Λ. Then f(C) = f(Φ). Proposition 6.1.4. A holomorphic elliptic function is constant.

Proof. Let f be such an elliptic function and let Φ be the fundamental domain for its lattice of periods. Then Π is compact and hence f(Π) is as well. In particular, f(C) = f(Π) ⊆ f(Π) is bounded, so by Liouville’s theorem, f is constant. The prominence of tools from complex analysis (e.g. Liouville’s theorem in the above proof) is obvious in the study of elliptic functions. Another important result for computations is the residue theorem:

Theorem (Residue Theorem). For any meromorphic function f on a region R ⊆ C, with isolated singularities z1, . . . , zk ∈ R. Then if ∆ = ∂R,

k Z X f(z) dz = 2πi Res(f; zi). ∆ i=1

Proposition 6.1.5. Let f be an elliptic function. If α ∈ C is a complex number such that ∂Πα does not contain any of the poles of f, then the sum of the residues of f inside ∂Πα equals 0.

Proof. Fix a basis [ω1, ω2] of Λ and set ∆ = ∂Πα. By the residue theorem, it’s enough to R show ∆ f(z) dz = 0. We parametrize the boundary of Π as follows:

γ1 = α + tω1

γ2 = α + ω1 + tω2

γ3 = α + (1 − t)ω1 + ω2

γ4 = α + (1 − t)ω2.

γ3

γ4 Πα γ2

γ1 α

100 6.1 Elliptic Functions 6 Elliptic Curves and Complex Analysis

We show that R f(z) dz+R f(z) dz = 0 and leave the proof that R f(z) dz+R f(z) dz = 0 γ1 γ3 γ2 γ2 for exercise. Consider Z Z Z 1 Z 1 f(z) dz + f(z) dz = f(α + tω1)(ω1 dt) + f(α + (1 − t)ω1 + ω2)(−ω1 dt) γ1 γ3 0 0 Z 1 Z 0 = ω1 f(α + tω1) dt + ω1 f(α + sω1) ds since f is elliptic 0 1 Z 1 Z 1 = ω1 f(α + tω1) dt − f(α + sω1) ds = 0. 0 0 Hence the sum of the residues equals 0. Corollary 6.1.6. Any elliptic function has either a pole of order at least 2 or two poles on the fundamental domain of its lattice of periods.

Proposition 6.1.7. Suppose f is an elliptic function with fundamental domain Π and α ∈ C n such that ∆ = ∂Πα does not contain any zeroes or poles of f. Let {aj}j=1 be a ﬁnite set of Pn zeroes and poles in Πα, with mj the order of the pole aj. Then j=1 mj = 0. m Proof. For a pole z0, we can write f(z) = (z − z0) g(z) for some holomorphic function g(z), with g(z0) 6= 0. Then f 0(z) g0(z) = (z − z )−1 m + (z − z ) . f(z) 0 0 g(z)

f 0 Hence Res f ; z0 = m. Then the statement follows from Proposition 6.1.5. Proposition 6.1.7 may be viewed as a complex-geometric analogue of the statement for algebraic curves in Corollary 2.2.6: the divisor of a rational function on an algebraic curve has degree zero. Continuing in the complex setting, let f be an elliptic function and let a1, . . . , ar be the

poles and zeroes of f in the fundamental domain of Λ. Write ordai f = mi if ai is a pole Pr of order −mi or if ai is a zero of multiplicity mi. The sum ord(f) = i=1 mi is called the order of f. Then Corollary 6.1.6 says that there are no elliptic functions of order 1. We will show that the ﬁeld of elliptic functions with period lattice Λ is generated by an order 2 and an order 3 function.

Let f be elliptic and z0 ∈ C with ordz0 f = m. Then for any ` ∈ Λ, ordz0+` f = m as well. Indeed, if z0 is a zero then

(m−1) 0 = f(z0) = f(z0) = ... = f (z0)

(k) but f (z) is also elliptic for all k ≥ 1. If z0 is a pole of f, the same result can be obtained 1 using f instead of f. If Φ1 and Φ2 are any two fundamental domains for Λ, then for all a1 ∈ Φ1, there is a unique a2 ∈ Φ2 such that a2 = a1 + ` for some ` ∈ Λ. Thus Propositions 6.1.5 and 6.1.7 hold for any fundamental domain of Λ, so it follows that ord(f) is well-deﬁned on the quotient C/Λ.

101 6.1 Elliptic Functions 6 Elliptic Curves and Complex Analysis

Now given any meromorphic function f(z) on C, we would like to construct an elliptic function F (z) with lattice Λ. Put X F (z) = f(z + `). `∈Λ

There are obvious problems of convergence and (in a related sense) the order of summation. 1 It turns out we can do this construction with f(z) = zm , m ≥ 3 though. First, we need the following result from complex analysis, which can be proven using Cauchy’s integral formula and Morera’s theorem.

Lemma 6.1.8. Let U ⊆ C be an open set and suppose (fn) is a sequence of holomorphic functions on U such that fn → f uniformly on every compact subset of U. Then f is 0 0 holomorphic on U and fn → f uniformly on every compact subset of U.

Proposition 6.1.9. Let Λ be a lattice with basis [ω1, ω2]. Then the sum X 1 |ω|s ω∈Λr{0} converges for all s > 2.

Proof. Extend the fundamental domain by translation by the vectors ω1, ω2 and ω1 + ω2, and call the boundary of the resulting region ∆:

Λ Λ ∆

Λ Λ

Then ∆ is compact, so there exists c > 0 such that |z| ≥ c for all z ∈ ∆. We claim that for all m, n ∈ Z, |mω1 + nω2| ≥ c · max{|m|, |n|}. The cases when m = 0 or n = 0 are trivial, so without loss of generality assume m ≥ n > 0. Then n |mω + nω | = |m| ω + ω ≥ |m|c. 1 2 1 m 2 Hence the claim holds. Set M = max{|m|, |n|} and arrange the sum in question so that the 1 |ω|s are added in order of increasing M values. Then the sum can be estimated by

∞ ∞ X 1 X 8M X 1 ≤ ∼ . |ω|s csM s M s−1 ω∈Λr{0} M=1 M=1 This converges for s > 2 by p-series.

102 6.1 Elliptic Functions 6 Elliptic Curves and Complex Analysis

Proposition 6.1.10. Let n ≥ 3 and deﬁne X 1 F (z) = . n (z − ω)n ω∈Λ

Then Fn(z) is holomorphic on C r Λ and has poles of order n at the points of Λ. Moreover, Fn is doubly periodic and hence elliptic.

Proof. Fix r > 0 and let Br = Br(0) be the open complex r-ball centered at the origin in C. Let Λr = Λ ∩ Br be the lattice points contained in the closed r-ball. Then the function X 1 F (z) = n,r (z − ω)n ω∈ΛrΛr 1 C is holomorphic on Br. To see this, one has |z−ω|n ≤ |ω|n for some constant C and for all C z ∈ Br, ω ∈ Λ r Λr. Then |ω|n converges by Proposition 6.1.9, so by the Weierstrass M-test, 1 |z−ω|n converges uniformly and hence Fn,r(z) is holomorphic. It follows from the definition that Fn has a pole of order n at each ω ∈ Λ. Finally, for ` ∈ Λ, we have X 1 X 1 F (z + `) = = = F (z) n (z + ` − ω)n (z − η)n n ω∈Λ η∈Λ since the series is absolutely convergent and we can rearrange the terms. This shows that elliptic functions exist and more specifically that for each n ≥ 3, there is at least one elliptic function of order n. Unfortunately the previous proof won’t work to construct an elliptic function of order 3. However, Weierstrass discovered the following elliptic function. Definition. The Weierstrass ℘-function for a lattice Λ is defined by 1 X 1 1 ℘(z) = + − . z2 (z − w)2 ω2 ω∈Λr{0} Theorem 6.1.11. For any lattice Λ, ℘(z) is an elliptic function with poles of order 2 at the 0 points of Λ and no other poles. Moreover, ℘(−z) = ℘(z) and ℘ (z) = −2F3(z). Proof. (Sketch) To show ℘(z) is meromorphic, one estimates the summands by

1 1 D − ≤ (z − ω)2 ω2 |ω|3

for some constant D and all z ∈ Br, ω ∈ Λ r Λr as in the previous proof. 0 Next, ℘(z) can be diﬀerentiated term-by-term to obtain the expression ℘ (z) = −2F3(z). And proving that ℘(z) is odd is straightforward: 1 X 1 1 ℘(−z) = + − (−z)2 (−z − ω)2 ω2 ω∈Λr{0} 1 X 1 1 = + − = ℘(z) z2 (z − (−ω))2 (−ω)2 −ω∈Λr{0}

103 6.1 Elliptic Functions 6 Elliptic Curves and Complex Analysis

after switching the order of summation. Finally, proving ℘(z) is doubly periodic is diﬃcult since we don’t necessarily have absolute convergence. However, one can reduce to proving ℘(z + ω1) = ℘(z) = ℘(z + ω2). Then using the formula for ℘0(z), we have d [℘(z + ω ) − ℘(z)] = −2F (z + ω ) + 2F (z) dz 1 3 1 3 = −2F3(z) + 2F3(z) = 0

since F3(z) is elliptic by Proposition 6.1.10. Hence ℘(z + ω1) − ℘(z) = c is constant. Evalu- ω1 ω1 ω1 ating at z = − 2 , we see that c = ℘ 2 − ℘ − 2 = 0 since ℘(z) is odd. Hence c = 0, so it follows that ℘(z) is doubly periodic and therefore elliptic.

Lemma 6.1.12. Let ℘(z) be the Weierstrass ℘-function for a lattice Λ ⊆ C and let Π be the fundamental domain of Λ. Then

(1) For any u ∈ C, the function ℘(z) − u has either two simple roots or one double root in Π.

0 ω1 ω2 ω1+ω2 (2) The zeroes of ℘ (z) in Π are simple and they only occur at 2 , 2 and 2 .

ω1 ω2 ω1+ω2 (3) The numbers u1 = ℘ 2 , u2 = ℘ 2 and u3 = ℘ 2 are precisely those u for which ℘(z) − u has a double root. Proof. (1) follows from Corollary 6.1.6. 0 ω1 ω2 ω1+ω2 (2) By Theorem 6.1.11, deg ℘ (z) = 3 so it suﬃces to show that 2 , 2 and 2 are all ω1 roots. For z = 2 , we have ω ω ω ω ℘0 1 = −℘0 − 1 = −℘0 1 − ω = −℘0 1 2 2 2 1 2

0 0 ω1 since ℘ (z) is elliptic. Thus ℘ 2 = 0. The others are similar. (3) The double roots occur exactly when ℘0(u) = 0, so use (2). We now prove that any elliptic function can be written in terms of ℘(z) and ℘0(z).

Theorem 6.1.13. Fix a lattice Λ ⊆ C and let E(Λ) be the ﬁeld of all elliptic functions with lattice of periods Λ. Then E(Λ) = C(℘, ℘0). Proof. Take f(z) ∈ E(Λ). Then f(−z) ∈ E(Λ) as well and thus we can write f(z) as the sum of an even and an odd elliptic function: f(z) + f(−z) f(z) − f(−z) f(z) = f (z) + f (z) = + . even odd 2 2 We will prove that every even elliptic function is rational in ℘(z), but this will imply the fodd(z) theorem, since then feven(z) = ϕ(℘(z)) and ℘0(z) = ψ(℘(z)) for some ϕ, ψ ∈ C(℘(z)) and we can then write f(z) = ϕ(℘(z)) + ℘0(z)ψ(℘(z)). Assume f(z) is an even elliptic function. It’s enough to construct ϕ(℘(z)) such that f(z) ϕ(℘(z)) only has (potential) zeroes and poles at z = 0 in the fundamental parallelogram

104 6.2 Elliptic Curves 6 Elliptic Curves and Complex Analysis

f(z) for Λ, since then by Corollary 6.1.6, ϕ(℘(z)) is holomorphic and then by Proposition 6.1.4 it is constant. Suppose f(a) = 0 for a some zero of order m. Consider ℘(z) = u. If ω1 ω2 ω1+ω2 u 6= ℘ 2 , ℘ 2 , ℘ 2 then ℘(z) = u has precisely two solutions in the fundamental parallelogram, z = a and z = a∗ where  ω1 + ω2 − a if a ∈ Int(Π) ∗  a = ω1 − a if a is parallel to ω1  ω2 − a if a is parallel to ω2.

∗ (Notice that since f is even, f(a) = 0 implies f(a ) = 0 as well.) Moreover, if orda f = 0 then ∗ ω1 ω2 ω1+ω2 ∗ orda f = m. Note that a = a holds precisely when a is in the set Θ := 0, 2 , 2 , 2 . Let Z (resp. P ) be the set of zeroes (resp. poles) of f(z) in Π. Then the assignment a 7→ a∗ is in fact an involution on Z and P , so we can write

0 0 00 00 Z = Z1 ∪ · · · ∪ Zr ∪ Z1 ∪ · · · ∪ Zs 0 0 00 00 P = P1 ∪ · · · ∪ Pu ∪ P1 ∪ · · · ∪ Pv

0 0 00 00 where the Zi and Pi are the 2-element orbits of the involution and the Zj and Pj are the 0 0 0 00 00 1-element orbits. Of course then s, v ≤ 3. For a ∈ Z , set ord 0 f = m and for a ∈ Z , i i ai i j j 00 0 0 0 00 00 set ord 00 f = m , which is even. Likewise, for b ∈ P , set ord 0 f = n and for b ∈ P , set ai i i i bi i j j 00 ord 00 f = n which is even. Then we deﬁne ϕ(℘(z)) by bi i

r 0 s 00 Q 0 mi Q 00 mj /2 i=1(℘(z) − ℘(ai)) j=1(℘(z) − ℘(aj )) ϕ(℘(z)) = u 0 v . Q 0 ni Q 00 nj i=1(℘(z) − ℘(bi)) j=1(℘(z) − ℘(bj )) Then ϕ(℘(z)) has only potential zeroes/poles at z = 0 in the fundamental parallelogram, so we are done.

6.2 Elliptic Curves

Let Λ ⊆ C be a lattice. There is a canonical way to associate to the complex torus C/Λ ∼ an elliptic curve E such that C/Λ = E(C). We would also like to reverse this process, i.e. ∼ given an elliptic curve E, deﬁne a lattice Λ ⊆ C such that C/Λ = E(C). This procedure generalizes for a curve C of genus g > 1 and produces its Jacobian, C,→ Cg/Λ = J(C). We need the following lemma from complex analysis.

Lemma 6.2.1. Suppose f0, f1, f2,... is a sequence of analytic functions on the ball Br(z0) with Taylor expansions ∞ X (n) k fn(z) = ak (z − z0) . k=0 P∞ Then if F (z) = n=0 fn(z) converges uniformly on Bρ(z0) for all ρ < r, each series Ak = P∞ (n) n=0 ak converges and F (z) has Taylor expansion ∞ X k F (z) = Ak(z − z0 ). k=0

105 6.2 Elliptic Curves 6 Elliptic Curves and Complex Analysis

Let ℘(z) be the Weierstrass ℘-function for Λ. Then ℘0(z)2 is an even elliptic function, so 0 2 by Theorem 6.1.13, ℘ (z) ∈ C(℘). On a small enough neighborhood around z0 = 0, 1 X 1 1 ℘(z) − = − z2 (z − ω)2 ω2 ω∈Λr{0}

is analytic. Moreover, for each ω ∈ Λ r {0} we have 1 1 2z 3z2 = + + + ... (z − ω)2 ω2 ω3 ω4 1 1 2z 3z2 =⇒ − = + + ... (z − ω)2 ω2 ω2 ω4 which is uniformly convergent. Hence Lemma 6.2.1 shows that

∞ ∞ 1 X X k + 1 X ℘(z) − = zk = (k + 1)G zk z2 ωk+2 k+2 ω∈Λr{0} k=1 k=1 where G = G (Λ) := P 1 . These G are examples of modular forms. m m ω∈Λr{0} ωm m Deﬁnition. The series G (Λ) = P 1 is called the Eisenstein series for Λ of m ω∈Λr{0} ωm weight m. From the above work, we obtain the following formulas: 1 ℘(z) = + 3G z2 + 5G z4 + 7G z6 + ... z2 4 6 8 1 ℘(z)2 = + 6G + ... z4 4 1 9G ℘(z)3 = + 4 + 15G + ... z6 z2 6 2 ℘0(z) = − + 6G z + ... z3 4 4 24G ℘0(z)2 = − 4 − 80G − ... z6 z2 6 This implies: Proposition 6.2.2. The functions ℘ and ℘0 satisfy the following relation:

0 2 3 ℘ (z) = 4℘(z) − g2℘(z) − g3

where g2 = 60G4 and g3 = 140G6.

3 Consider the polynomial p(x) = 4x − g2x − g3, where the gn are deﬁned for the lattice Λ ⊆ C.

ω1 ω2 Proposition 6.2.3. p(x) = 4(x − u1)(x − u2)(x − u3) where u1 = ℘ 2 , u2 = ℘ 2 and ω1+ω2 u3 = ℘ 2 are distinct roots.

106 6.2 Elliptic Curves 6 Elliptic Curves and Complex Analysis

0 2 3 Thus (x, y) = (℘(z), ℘ (z)) determine an equation y = 4x −g2x−g3 which is the deﬁning 2 equation for an elliptic curve E0 over C. Let E = E0 ∪ {[0, 1, 0]} ⊆ P be the projective closure of E0. Denote the point [0, 1, 0] by ∞. Theorem 6.2.4. The map

ϕ : C/Λ −→ E(C) ( [℘(z), ℘0(z), 1], z 6∈ Λ z + Λ 7−→ ϕ(z + Λ) = [0, 1, 0], z ∈ Λ

is a bijective, biholomorphic map.

Proof. Assume z1, z2 ∈ C are such that z1 + Λ 6= z2 + Λ. Without loss of generality we may assume z1, z2 ∈ Π, the fundamental domain of Λ (otherwise, translate). If ℘(z1) = ℘(z2) and 0 0 ∗ ℘ (z1) = ℘ (z2), then with the notation of Theorem 6.1.13, we must have z2 = z1 6= z1 and ω1 ω2 ω1+ω2 0 0 0 0 thus z1, z2 6∈ Θ = 0, 2 , 2 , 2 . Since ℘ (z) is odd, we get ℘ (z1) = ℘ (z2) = −℘ (−z2) = 0 −℘ (z1), but this implies ℘(z1) = 0, contradicting z1 6∈ Θ. Therefore ϕ is one-to-one. 0 Next, we must show that for any (x0, y0) ∈ E(C), x0 = ℘(z) and y0 = ℘ (z) for some 0 z ∈ C. If ℘(z1) = x0, then it’s clear that ℘ (z1) = y0 or −y0. Now one shows as in the 0 previous paragraph that we must have ℘ (z1) = y0. 2 3 Now consider F (x, y) = y − p(x), where p(x) = 4x − g2x − g3. If (x0, y0) satisfies ∂F F (x0, y0) = 0 and y0 6= 0, then ∂y (x0, y0) 6= 0 and thus the assignment (x, y) 7→ x is a local chart about (x0, y0). Likewise, (x, y) 7→ y defines a local chart about (x0, y0) when x0 6= 0. Finally, we conclude by observing that a locally biholomorphic map is biholomorphic. Recall from Chapter 3 that an elliptic curve can be defined by a Weierstrass equation

E : y2 = f(x) = ax3 + bx2 + cx + d.

X Y This embeds into projective space via (x, y) 7→ [x, y, 1]. Setting x = Z and y = Z , we also obtain a homogeneous equation for the curve:

E : ZY 2 = aX3 + bX2Z + cXZ2 + dZ3.

The single point at inﬁnity, [0, 1, 0], can be studied by dehomogenizing via the coordinates Z X z˜ = Y andx ˜ = Y , which yield E :z ˜ = ax˜3 + bx˜2z˜ + ax˜z˜2 + dz˜3.

We have shown that a lattice Λ ⊆ C determines elliptic functions ℘(z) and ℘0(z) that satisfy 0 2 3 ℘ (z) = 4℘(z) − g2℘(z) − g3 and that this polynomial expression has no multiple roots. Therefore the mapping z 7→ (℘(z), ℘0(z)) determines a bijective correspondence C/Λr{0} → E(C) r {∞} which can be extended to all of C/Λ → E(C) (this is Theorem 6.2.4). There is a natural group structure on C/Λ induced from C, but what is not so obvious is that this coincides precisely with the “chord-and-tangent” group law on E(C) from Section 3.3.

Theorem 6.2.5. The map ϕ : C/Λ → E(C) is an isomorphism of abelian groups.

107 6.2 Elliptic Curves 6 Elliptic Curves and Complex Analysis

Proof. Consider the diagram ϕ × ϕ C/Λ × C/Λ E(C) × E(C)

α β

/Λ E( ) C ϕ C

where α and β are the respective group operations. Since C/Λ × C/Λ is a topological group, it’s enough to show the diagram commutes on a dense subset of C/Λ × C/Λ. Consider

2 Xe = {(u1, u2) ∈ C | u1, u2, u1 ± u2, 2u1 + u2, u1 + 2u2 6∈ Λ}.

∼ 2 Then Xe = C so X = Xe mod Λ × Λ is dense in C/Λ × C/Λ. Take (u1 + Λ, u2 + Λ) ∈ X and set u3 = −(u1 + u2). Then u1 + u2 + u3 = 0 in C/Λ. Set P = ϕ(u1),Q = ϕ(u2) and R = ϕ(u3) ∈ E(C). By the assumptions on X, the points P, Q, R are distinct. We want to 0 show ϕ(u1 + u2) = ϕ(u1) + ϕ(u2) = P + Q. Since ℘(z) is even and ℘ (z) is odd, we see that ϕ(−z) = −ϕ(z) for all z ∈ C/Λ. Thus ϕ(u1 + u2) = −ϕ(−(u1 + u2)) = −R so we need to show P + Q + R = O, i.e. P, Q, R are colinear. Since u1 6= u2, the line PQ is not vertical, 0 so there exist a, b such that ℘ (ui) = a℘(ui) + b for i = 1, 2. Consider the elliptic function

f(z) = ℘0(z) − (a℘(z) + b).

Then on the fundamental domain Π, f only has a pole at 0, so ord0 f = −3. Also, u1 and u2 are distinct zeroes of f, so there is a third point ω ∈ Π such that deg(f) = u1+u2+ω−3·0 = 0, i.e. u1 + u2 + ω = 0. Solving for ω, we get ω = −(u1 + u2) = u3. It follows that R = ϕ(u3) is on the same line as P and Q, so we are done.

The compatibility of the group operations of C/Λ and E(C) is highly useful. For example, ﬁx N ∈ N and let E[N] = {P ∈ E(C) | [N]P = O}, be the N-torsion points of E. For N = 2, the points P such that P = −P are exactly the intersection points of E with the x-axis along with O = [0, 1, 0]:

108 6.2 Elliptic Curves 6 Elliptic Curves and Complex Analysis

Theorem 4.0.2 said that #E[N] = N 2. This is hard to see from the geometric picture, ∼ but working with the isomorphism E(C) = C/Λ from Theorem 6.2.5, we see that since 1 1 C/Λ = R/Z×R/Z as an abelian group, the N-torsion is given by (C/Λ)[N] = N Z/Z× N Z/Z. This is a group of order N 2, so we have proven (3) of Theorem 4.0.2. The other statements of the theorem are straightforward to prove. Recall that morphism in the category of elliptic curves is called an isogeny. Explicitly, ϕ : E1 → E2 is an isogeny between two elliptic curves if it is a (nonconstant) morphism of schemes that takes the basepoint O1 ∈ E1 to the basepoint O2 ∈ E2.

Proposition 6.2.6. Suppose Λ1, Λ2 ⊆ C are lattices and f : C/Λ1 → C/Λ2 is a holomorphic map. Then there exist a, b ∈ C such that aΛ1 ⊆ Λ2 and

f(z mod Λ1) = az + b mod Λ2.

Proof. As topological spaces, C/Λ1 and C/Λ2 are complex tori with the same universal covering space C, so any f : C/Λ1 → C/Λ2 lifts to F : C → C making the diagram commute: F C C

π1 π2

C/Λ1 C/Λ2 f

Since covers are local homeomorphisms, it follows that F is holomorphic as well. Thus for any z ∈ C, ` ∈ Λ1,

π2(F (z + `) − F (z)) = f(π1(z + `) − π1(z)) = f(π1(z) − π1(z)) = f(0) = 0.

So F (z + `) − F (z) ∈ Λ1 for any ` ∈ Λ1 and the function L(z) = F (z + `) − F (z) is constant. It follows that F 0(z + `) = F 0(z), so F 0 is holomorphic and elliptic, but this means by Proposition 6.1.4 that F 0(z) = a for some constant a. Hence F (z) = az + b as claimed.

109 6.3 The Classical Jacobian 6 Elliptic Curves and Complex Analysis

Corollary 6.2.7. For two lattices Λ1, Λ2, the elliptic curves C/Λ1 and C/Λ2 are isomorphic if and only if there exists an a ∈ C such that Λ1 = aΛ2.

Deﬁnition. Two lattices Λ1 and Λ2 are said to be homothetic if Λ1 = aΛ2 for some a ∈ C. Thus the set of homothety classes of lattices is naturally identiﬁed with the set of isomorphisms of complex elliptic curves.

Corollary 6.2.8. Any holomorphic map f : C/Λ1 → C/Λ2 is, up to translation, a group homomorphism. In particular, if f(0) = 0 then f is a homomorphism.

Corollary 6.2.9. For any elliptic curve E, the group of endomorphisms End(E) has rank at most 2.

Proof. Viewing E(C) = C/Λ for some Λ = Z + Zτ, we get End(E) = {f : E → E | f is an isogeny} = {f : C/Λ → C/Λ | f is holomorphic and f(0) = 0} by Corollary 6.2.8 = {z ∈ C | zΛ ⊆ Λ} = {z ∈ C | z(Z + Zτ) ⊆ (Z + Zτ)} ⊆ Z + Zτ. Hence rank End(E) ≤ 2. It turns out that there are two possible cases for the structure of End(E):

End(E) = Z.

End(E) is an order O in some imaginary quadratic number ﬁeld K/Q. In this case, E is said to have complex multiplication.

6.3 The Classical Jacobian

For the isomorphism ϕ : C/Λ → E(C) in Theorem 6.2.5, let ψ = ϕ−1 : E(C) → C/Λ be the inverse map. To understand this map explicitly, we will show how to construct a torus for ∼ every elliptic curve, i.e. ﬁnd a lattice Λ ⊆ C such that C/Λ = E(C).

Lemma 6.3.1. Any lattice Λ ⊆ C can be written Z P Λ = dz : P ∈ Λ . 0

Notice that each differential form dz on C satisfies d(z + `) = dz for all ` ∈ Λ by Lemma 6.3.1. Thus dz descends to a differential form on C/Λ, which by abuse of notation we will also denote by dz. Formally, this is the pushforward of dz along the quotient π : C → C/Λ. This implies:

110 6.3 The Classical Jacobian 6 Elliptic Curves and Complex Analysis

Lemma 6.3.2. Any lattice Λ ⊆ C can be written Z Λ = dz : γ is a closed curve in C/Λ passing through 0 . γ For an elliptic curve E defined by the equation y2 = f(x), fix a holomorphic differential form ω on E(C). (In general, the space of holomorphic differential forms on a curve has dimension equal to the genus of the curve, so in the elliptic curve case, there is exactly one such ω, up to scaling.) Definition. The lattice of periods for an elliptic curve E is Z Λ = ω : γ is a closed curve in E passing through P γ

where P ∈ E(C) is ﬁxed. Example 6.3.3. Under the map ϕ : C/Λ → E(C), z 7→ (x, y) = (℘(z), ℘0(z)), we see that dx = ℘0(z) dz = y dz

dx dx 2 so ω = y is a differential form on E(C). In fact, ω = f 0(x) , where E is defined by y = f(x), is holomorphic because f 0(x) 6≡ 0. This differential form is also holomorphic at O = [0, 1, 0], so up to scaling, this is the unique holomorphic form on E. Historically, mathematicians were interested in studying solutions to elliptic integrals, or integrals of the form Z dx √ . ax3 + bx + c When f(x) = ax3 + bx + c, the expression ω = √ dx is precisely the holomorphic ax3+bx+c differential form defining the lattice of periods of the elliptic curve E : y2 = f(x). For a more functorial description, let VE = Γ(E, ΩE) be the space of all holomorphic differential forms on E. If γ is a curve in E(C), there is an associated linear functional ∗ ϕγ ∈ VE defined by

ϕγ : VE −→ C Z ω 7−→ ω. γ

Fixing the basepoint O ∈ E(C), the lattice of periods for E can be written

Λ = {ϕγ : γ ∈ π1(E(C),O)}.

∗ In other words, this deﬁnes a map π1(E(C),O) → VE , γ 7→ ϕγ. ∗ Deﬁnition. The Jacobian of an elliptic curve E is the quotient J(E) = VE /Λ.

For each point P ∈ E(C), the coset ϕγ + Λ is an element of the Jacobian, where γ is a path from O to P . This deﬁnes an injective map i : E,→ J(E).

111 6.3 The Classical Jacobian 6 Elliptic Curves and Complex Analysis

Proposition 6.3.4. Suppose σ : E1 → E2 is an isogeny between elliptic curves, so that σ(O1) = O2. Then there is a map τ : J(E1) → J(E2) making the following diagram commute: σ E1 E2

i1 i2

J(E ) J(E ) 1 τ 2

∗ ∗ Proof. The pullback gives a contravariant map σ : VE2 → VE1 , ω 7→ σ ω = ω ◦ σ. Taking ∗∗ ∗ ∗ ∗∗ ∗ the dual of this gives a linear map σ : VE1 → VE2 deﬁned by (σ ρ)(ω) = ρ(σ ω) for any ∗ ρ ∈ VE1 and ω ∈ VE2 . Taking ρ = ϕγ1 for a path γ1 in E1 gives Z Z ∗ ∗ ∗ ρ(σ ω) = ϕγ1 (σ ω) = σ ω = ω = ϕσ(γ1)ω. γ1 σ(γ1)

∗∗ Thus σ ϕγ1 = ϕσ(γ1). If γ1 is a closed curve through O1, then σ(γ1) is a closed curve passing through O2 = σ(O1). Hence if ΛE1 , ΛE2 are the lattices of periods for E1,E2, respectively, ∗∗ ∗∗ we have σ (λE1 ) ⊆ ΛE2 . So σ factors through the quotients, deﬁning τ:

∗∗ ∗ ∗ τ = σ : VE1 /ΛE1 −→ VE2 /ΛE2 . It is immediate the diagram commutes. Lemma 6.3.5. For any elliptic curve E, the inclusion i : E,→ J(E) induces an isomorphism

∗ i : π1(E,O) −→ π1(J(E), i(O)).

Unfortunately, the construction of the Jacobian given so far is not algebraic so it would be hard to carry over to curves over an arbitrary ground ﬁeld. To construct Jacobians algebraically, we will prove Abel’s theorem:

Theorem 6.3.6 (Abel). Suppose Λ ⊆ C is a lattice with fundamental domain Π and take P P any set {ai} ⊂ Π such that there are integers mi ∈ Z satisfying mi = 0 and miai ∈ Λ. Then there exists an elliptic function f(z) whose set of zeroes and poles is {ai} and whose orders of vanishing/poles are ordai f = mi.

Given a lattice Λ ⊆ C, we may assume Λ = Z + Zτ for some τ ∈ C with im τ > 0. Deﬁnition. The theta function for a lattice Λ is

∞ X 2 θ(z, τ) = eπi(n τ+2nz). n=−∞

2 2 One has |eπi(n τ+2nz)| = e−π(n im τ+2n im z) for any z ∈ C, which implies that the above series converges absolutely. Proposition 6.3.7. Fix a theta function θ(z) = θ(z, τ). Then

112 6.3 The Classical Jacobian 6 Elliptic Curves and Complex Analysis

(1) θ(z) = θ(−z).

(2) θ(z + 1) = θ(z).

(3) θ(z + τ) = e−πi(τ+2z)θ(z).

Properties (2) and (3) together say that θ(z) is what’s known as a semielliptic function. 1+τ For our purposes, this will be good enough. Notice that for z = 2 , we have 1 + τ 1 + τ θ = θ − + (1 + τ) 2 2 πi τ+2 − 1+τ 1 + τ = e ( ( 2 ))θ − 2 1 + τ 1 + τ = eπiθ − = −θ . 2 2

1+τ Thus z = 2 is a zero of θ(z). 1+τ Lemma 6.3.8. All zeroes of θ(z, t) are simple and are of the form 2 + ` for ` ∈ Λ. (x) 1+τ (x) (x) Lemma 6.3.9. For x ∈ C, set θ (z, τ) = θ z − 2 − x . Then θ (z) = θ (z, τ) satisﬁes:

(1) θ(x)(z + 1) = θ(x)(z).

(2) θ(x)(z + τ) = e−πi(2(z−x)−1)θ(x)(z).

We now prove Abel’s theorem (6.3.6).

Proof. Given such a set {ai} ⊂ Π, let x1, . . . , xn be the list of all ai with mi > 0, listed with repetitions corresponding to the number mi. For example, if m1 = 2 then x1 = x2 = a1. Likewise, let y1, . . . , yn be the list of all ai with mi < 0, once again with repetitions. By the P hypothesis mi = 0, there are indeed an equal number of each. Set

Qn (xi) i=1 θ (z) f(z) = n . Q (yi) i=1 θ (z) Then by Lemma 6.3.9, f(z + 1) = f(z). On the other hand, the lemma also gives

Qn (xi) i=1 θ (z + τ) f(z + τ) = n Q (yi) i=1 θ (z) 2πi Pn x −Pn y = e ( i=1 i i=1 i)f(z) P = e2πi miai f(z) X = f(z) since miai = 0.

Therefore f(z) is elliptic.

113 6.3 The Classical Jacobian 6 Elliptic Curves and Complex Analysis

Note that θ(z) is a meromorphic function, so by complex analysis, the integral

1 Z θ0(z) dz 2πi ∂Π θ(z) counts the number of zeroes of θ(z) in the fundamental domain Π, up to multiplicity. To ensure no zeroes lying on ∂Π are missed, we may shift Π → Πα for an appropriate α ∈ C. Parametrize ∂Π as in Proposition 6.1.5. Then once again the integrals along γ2 and γ4 cancel since θ(z + 1) = θ(z). On the other hand,

θ(z + τ) = e−πi(τ+2z)θ(z) =⇒ θ0(z + τ) = e−πi(τ+2z)(−2πiθ(z) + θ0(z)) θ0(z + τ) θ0(z) =⇒ = −2πi + . θ(z + τ) θ(z)

This implies

Z θ0(z) Z θ0(z) Z θ0(z) Z θ0(z) Z θ0(z) dz = dz + dz + dz + dz ∂Π θ(z) γ1 θ(z) γ2 θ(z) γ3 θ(z) γ4 θ(z) Z θ0(z) Z θ0(z) Z θ0(z) Z θ0(z) = dz + dz + dz + dz γ1 θ(z) γ3 θ(z) γ2 θ(z) γ4 θ(z) Z θ0(z) Z θ0(z) = dz − dz + 2πi + 0 γ1 θ(z) γ1 θ(z) = 2πi.

1+τ It follows that θ(z) has exactly one zero in Π, and it must be z = 2 . The inverse map ψ : E → C/Λ extends to the group of divisors on E:

Ψ : Div(E) −→ C/Λ X X nP P 7−→ nP ψ(P ).

Definition. The map Ψ : Div(E) → C/Λ is called the Abel-Jacobi map. Recall that ψ : P 7→ R ω + Λ ∈ /Λ where ω is a fixed holomorphic differential form γP C 0 0 on E and γP is a path connecting O ∈ E(C) to P . If O is another basepoint and ψ is the corresponding map, we have ψ(P ) = ψ(O0) + ψ0(P ) for all P ∈ E. So it appears that Ψ is 0 P not well-defined. However, this issue vanishes when we restrict Ψ to Div (E): if D = nP P is a degree 0 divisor, then X Ψ(D) = nP ψ(P )

X 0 0 = nP (ψ(O ) + ψ (P ))

0 X X 0 = ψ(O ) nP + nP ψ (P )

X 0 0 = 0 + nP ψ (P ) = Ψ (D).

114 6.4 Jacobians of Higher Genus Curves 6 Elliptic Curves and Complex Analysis

0 0 ∼ Corollary 6.3.10. The map Ψ : Div (E) → C/Λ induces an isomorphism Pic (E) = C/Λ. Proof. One can prove that Ψ is a surjective group homomorphism. Moreover, Abel’s theorem (6.3.6) implies that ker Ψ = PDiv(E).

0 Consider the map iO : E → Div (E) that sends P 7→ P −O. This ﬁts into a commutative diagram:

Div0(E) Ψ

iO C/Λ

ψO E

On the level of the Picard group, this diagram looks like

Pic0(E) Ψ

iO C/Λ

ψO E

and every arrow is a bijection.

6.4 Jacobians of Higher Genus Curves

Let C be a complex curve of genus g ≥ 2 and let V = Γ(C, ΩC ) be the vector space of ∗ ∼ g holomorphic differential forms on C. Then dimC V = g, so V = C . As in the previous R ∗ section, for any path ω in C the assignment ϕγ : ω 7→ γ ω defines a functional ϕγ ∈ V . As for elliptic curves, we define: Definition. The lattice of periods for C is

∗ Λ = {ϕγ ∈ V | γ is a closed curve in C}. Lemma 6.4.1. Λ is a lattice in V ∗. Deﬁnition. The Jacobian of C is the quotient space J(C) = V ∗/Λ. As with elliptic curves, we have a map ψ : C → J(C) called the Abel-Jacobi map, which sends P 7→ ϕγP + Λ, where γP is a curve through P . Also, ψ extends to the divisor group of C as a map Ψ : Div(C) −→ J(C) which is canonical when restricted to Div0(C). The Abel-Jacobi theorem generalizes Theo- rem 6.3.6 and Corollary 6.3.10.

115 6.4 Jacobians of Higher Genus Curves 6 Elliptic Curves and Complex Analysis

Theorem 6.4.2. Let C be a curve of genus g > 0 and let Ψ : Div0(C) → J(C) be the Abel-Jacobi map. Then

(1) (Abel) ker Ψ = PDiv(C).

(2) (Jacobi) Ψ is surjective.

Therefore Ψ induces an isomorphism Pic0(C) ∼= J(C).

0 Just as with elliptic curves, if we ﬁx a basepoint O ∈ C, the map iO : C → Div (C),P 7→ P − O determines a commutative diagram

Pic0(C) Ψ

iO J(C)

ψO C

However, this time not every map is a bijection. In particular, dim C = 1 < g = dim J(C). To remedy this, let Cg be the g-fold product of C and consider the map

ψg : Cg −→ J(C)

(P1,...,Pg) 7−→ ψ(P1) + ... + ψ(Pg)

where + denotes the group law on J(C).

Theorem 6.4.3 (Jacobi). ψg : Cg −→ J(C) is surjective.

There is still work to do to show that the natural map Cg → Pic0(C) is surjective. It turns out that J(C) is birationally equivalent to the symmetric power C(g) = Cg/ ∼, where (P1,...,Pg) ∼ (Pσ(1),...,Pσ(g)) for any permutation σ ∈ Sg. Jacobi proved that this birational equivalence is enough to endow Pic0(C) ∼= J(C) with the structure of an algebraic group.

Theorem 6.4.4. J(C) is an abelian variety.

116 7 Complex Multiplication

7 Complex Multiplication

We saw in Section 4.1 that many endomorphisms of an elliptic curve are of the form [m]: P 7→ mP for m ∈ Z. In fact, for most elliptic curves, these are the only endomorphisms, but a special class of curves admit extra endomorphisms which are the starting place for a beautiful theory of complex multiplication in number theory. In class field theory, one classifies all abelian extensions of a number field K by studying complex roots of unity, i.e. torsion points of the group scheme Gm(C), and using them to construct cyclotomic extensions of K – by the Kronecker-Weber theorem, all abelian extensions are subfields of such cyclotomic fields. In a completely analogous way, the theory of complex multiplication allows one to construct, for an elliptic curve E for which End(E) has extra elements coming from a number field K, abelian extensions of K. Namely, torsion points of E along with the j-invariant will generate all such fields.

7.1 Classical Complex Multiplication

For an elliptic curve E/C, let Λ ⊂ C be the lattice associated to E by Theorem 6.2.5. Write Λ = [ω1, ω2] for ω1, ω2 ∈ C. Definition. An order in a number field K/Q is a subring O of K that is finitely generated as an abelian group and satisfies O ⊗Z Q = K.

Proposition 7.1.1. For a complex elliptic curve E = C/Λ, where Λ = [ω1, ω2], either ∼ (1) End(E) = Z; or (2) End(E) is an order in the imaginary quadratic ﬁeld ω2 . Q ω1

Proof. We may assume ω1 = 1 and ω2 = τ ∈ CrR. As we saw in the proof of Corollary 6.2.9,

End(E) = {z ∈ C | zΛ ⊆ Λ}. So for any z ∈ End(E), we can ﬁnd integers a, b, c and d such that z = a+bτ and τz = c+dτ. Solving for τ in each and combining the equations, we obtain

z2 − (a + d)z + (ad − bc) = 0,

so in particular z is an algebraic integer. This shows End(E) is an integral extension of Z. If End(E) 6= Z, take z ∈ End(E) r Z. Then b 6= 0 and we can solve for z in each of the equations above to produce bτ 2 − (a − d)τ − c = 0. Since b 6= 0, this means τ is a complex root of a quadratic polynomial, so Q(τ) is an imaginary quadratic field. Further, End(E) is contained in Q(τ) and is an integral extension of Z, so it is therefore an order. Definition. An elliptic curve E over the complex numbers has complex multiplication, abbreviated CM, if End(E) is an order in an imaginary quadratic field.

117 7.1 Classical Complex Multiplication 7 Complex Multiplication

Proposition 7.1.2. Let E/C be an elliptic curve with complex multiplication via an order O ⊂ K. Then there is a unique isomorphism of abelian groups [·]: O → End(E) such that ∗ for any invariant diﬀerential ω ∈ ΩE, we have [α] ω = αω for all α ∈ O. ∼ Proof. Fix an isomorphism ϕ : C/Λ −→ E for a lattice Λ and for each α ∈ O, deﬁne [α] ∈ End(E) by the following commutative diagram:

mα C/Λ C/Λ

ϕ ϕ [α] E E

where mα denotes multiplication by α. Let ω ∈ ΩE be an invariant diﬀerential on E. By ∗ Lemma 2.4.1, ω ∈ ΩE and dz ∈ ΩC/Λ are each unique up to scaling, so ϕ ω = a dz for ∗ ∗ ∗ ∗ some a ∈ C. By commutativity, we get ϕ [α] ω = mαϕ ω = mαa dz = αa dz which implies [α]∗ω = αω as desired.

Corollary 7.1.3. Suppose ϕ : E1 → E2 is an isogeny between elliptic curves with complex ∼ ∼ multiplication via the same order O. Write [·]1 : O −→ End(E1) and [·]2 : O −→ End(E2). Then for all α ∈ O, ϕ ◦ [α]1 = [α]2 ◦ ϕ.

Proof. Take ω ∈ ΩE2 . Then by Proposition 7.1.2,

∗ ∗ ∗ ∗ ∗ ∗ ∗ ∗ (ϕ ◦ [α]1) ω = [α]1ϕ ω = αϕ ω = ϕ (αω) = ϕ [α]2ω = ([α]2 ◦ ϕ) ω.

∗ ∗ ∗ Therefore (ϕ ◦ [α]1) = ([α]2 ◦ ϕ) , but since ϕ is nonzero by Theorem 4.1.10, we must have (ϕ ◦ [α]1 = [α]2 ◦ ϕ. For an order O in an imaginary quadratic ﬁeld K, let Ell(O) denote the set of isomorphism ∼ classes of elliptic curves E/C with End(E) = O.

Theorem 7.1.4. Let K be a number ﬁeld with ring of integers OK , class group CK and nonzero fractional ideals a, b ⊂ K. Then for any lattice Λ ⊂ C with associated elliptic curve E = C/Λ lying in Ell(OK ), (a) aΛ and bΛ are lattices. ∼ (b) If Ea = C/aΛ, then End(Ea) = OK . ∼ (c) Ea = Eb if and only if [a] = [b] in CK .

(d) CK acts simply transitively on Ell(OK ).

(e) In particular, # Ell(OK ) = hK , the class number of K.

118 7.1 Classical Complex Multiplication 7 Complex Multiplication

Proof. (a) follows from the fact that aΛ is a discrete subgroup of Λ; this is standard to prove. (b) For all α ∈ C, αaΛ ⊆ Λ is equivalent to αΛ ⊆ Λ, after multiplying through by a−1. This shows that

End(Ea) = {α ∈ C | αaΛ ⊆ aΛ} = {α ∈ C | αΛ ⊆ Λ} = End(E) = OK by Corollary 6.2.9. ∼ (c) By Corollary 6.2.7, Ea = Eb if and only if the lattices aΛ and bΛ are homothetic, i.e. aΛ = cbΛ for some c ∈ C. So ∼ Ea = Eb ⇐⇒ aΛ = cbΛ for some c ∈ C −1 −1 −1 ⇐⇒ Λ = ca bΛ and Λ = c ab Λ for some c ∈ C −1 −1 −1 ⇐⇒ ca b, c ab ⊆ OK for some c ∈ C −1 −1 −1 ⇐⇒ ca b = OK = c ab for some c ∈ C ⇐⇒ a = cb for some c ∈ K

⇐⇒ [a] = [b] in CK .

(d) Define the action of CK on Ell(OK ) by [a] · E = Ea−1 . Fix E1,E2 ∈ Ell(OK ) with −1 E1 = C/Λ1 and E2 = C/Λ2. For j = 1, 2, choose λj ∈ Λj and set aj = λj Λj. By the proof of Proposition 7.1.1, aj ⊂ K and it is a finitely generated abelian group since Λj is, so aj is −1 −1 −1 a fractional ideal of K. Set a = a2 a1. Then Λ2 = λ1 λ2a1 a2Λ1 so we have −1 −1 ∼ [a] · E1 = Ea−1 = C/a Λ1 = C/λ1 λ2Λ2 = C/Λ2 = E2. Thus the action is transitive. To see that it is simply transitive, note that by (c), if [a] · E = [b] · E then [a] = [b]. Then (e) follows immediately. Example 7.1.5. For the lattice Λ = Z[i], the Gaussian integers, set E = C/Λ. Then ∼ ∼ End(E) = Z[i] so E has complex multiplication. Moreover, Aut(E) = {±1, ±i} = Z/4Z and j(E) = 1728 by analysis of the Weierstrass equation, so E is isomorphic to the elliptic 2 3 curve given by y = x + x. To see this explicitly, note that iΛ = Λ implies g3(Λ) = g3(iΛ) = 6 i g3(Λ) = −g3(Λ), where g3(Λ) is the normalized Eisenstein series for Λ (see Section 6.2). Thus g3(Λ) = 0 so by Theorem 6.2.4, E has Weierstrass equation 2 3 E : y = 4x − g2(Λ)x. This also confirms that j(E) = 1728. Note that although E is isomorphic to a rational elliptic curve, e.g. y2 = x3 + x, the above Weierstrass equation is not rational. In fact, Z 1 dt 4 g2(Λ) = 64 √ . 4 0 1 − t Example 7.1.6. Similarly, consider the lattice Λ = Z[ρ] where ρ = e2πi/3 is a primitive third root of unity. Then for E = C/Λ, we have End(E) = Z[ρ] so once again, E has complex multiplication. Let us describe E explicitly as in the previous example. First, ρΛ = Λ 4 implies g2(Λ) = g2(ρΛ) = ρ g2(Λ) = ρg2(Λ), so g2(Λ) = 0. By Theorem 6.2.4, E is given by the Weierstrass equation 2 3 E : y = 4x − g3(Λ) 2 ∼ so j(E) = 0. Moreover, Aut(E) = {±1, ±ρ, ±ρ } = Z/6Z and E is isomorphic to the rational elliptic curve y2 = x3 + 1.

119 7.2 Torsion and Rational Points 7 Complex Multiplication

7.2 Torsion and Rational Points

Elliptic curves with complex multiplication possess richer structure than those without CM, in several way. In this section we will study how the group of torsion points on a CM curve change. Then we will see how rational points can be studied systematically. We begin by generalizing the torsion subgroup E[m] = Em introduced in Chapter 4. Suppose E ∈ Ell(OK ) for an imaginary quadratic ﬁeld K. For each ideal a ⊂ OK , deﬁne

E[a] = {P ∈ E | [α]P = O for all α ∈ a}

∼ where [·] is the isomorphism OK −→ End(E) deﬁned in Proposition 7.1.2.

Proposition 7.2.1. For any OK -ideal a, there is an isogeny ϕa : E → [a] · E such that

(a) ker ϕa = E[a].

(b) E[a] is a free module over OK /a of rank 1.

−1 Proof. The isogeny is given by ϕa : C/Λ → C/a Λ, z 7→ z which is well-deﬁned since −1 Λ ⊆ a Λ when a is an (integral) ideal of OK . Then (a) is easily veriﬁed and (b) can be proven using the Chinese remainder theorem – see Silverman’s Advanced Topics for details.

Corollary 7.2.2. Let N = NK/Q be the ideal norm of the extension K/Q. Then

(a) For any ideal a ⊂ OK , the isogeny ϕa : E → [a] · E has degree Na.

(b) In particular, for all α ∈ OK , the isogeny [α]: E → E has degree |Nα| where

N = NK/Q is the ﬁeld norm.

Proof. (a) By Proposition 7.2.1, deg ϕa = #E[a] = Na. (b) This follows from the fact that if a = (α), then [a] = [α], the image of α in End(E)

under the isomorphism in Proposition 7.1.2. In this case, we have deg[α] = N(α) = |NK/Qα| by part (a). Next, we turn to a discussion of rational points of elliptic curves with complex multiplication. Note that for any complex elliptic curve E, there is an isomorphism End(Eσ) ∼= End(E) for any automorphism σ : C → C. Proposition 7.2.3. Let K be an imaginary quadratic ﬁeld. Then

(a) For any elliptic curve E/C with complex multiplication by OK , j(E) ∈ Q.

(b) Ell(OK ) is equal to the set of Q-isomorphism classes of elliptic curves deﬁned over Q ∼ with End(E) = OK .

Proof. (a) Set L = Q(j(E)); we must show that [L : Q] < ∞. For any σ ∈ Aut(C), Eσ is the curve obtained by letting σ act on the Weierstrass equation for E, so by deﬁnition σ σ σ ∼ j(E ) = j(E) . Since End(E ) = OK for each σ, there are only ﬁnitely many C-isomorphism classes that Eσ can take on. By Proposition 3.2.1, elliptic curves over C are in bijective

120 7.2 Torsion and Rational Points 7 Complex Multiplication

correspondence with j-invariants, so {j(E)σ | σ ∈ Aut(C)} is a finite set. Hence [L : Q] < ∞ as desired. (b) For each subfield L ⊆ C, let EllL(OK ) denote the set of L-isomorphism classes of ∼ elliptic curves defined over L with End(E) = OK . Any fixed embedding Q ,→ C induces a map Ell (O ) → Ell (O ). To show this is a bijection, first take E ∈ Ell (O ). Then Q K C K C K by (a), j(E) ∈ Q and by Propositions 3.2.1 and 3.2.2, there exists an elliptic curve E0 defined over (j(E)) with j(E0) = j(E) and E0 ∼ E over . Thus Ell (O ) → Ell (O ) is Q = C Q K C K surjective. Injectivity follows from Proposition 3.2.1.

We will later show that in the above situation, j(E) ∈ Z. To lay the groundwork for this, we next find the field of definition for each isogeny [α]: E → E from Proposition 7.1.2. Theorem 7.2.4. Let E be an elliptic curve with complex multiplication via some order O ⊂ C. Then σ (1) For all α ∈ O and σ ∈ Aut(C), [α]E = [σα]Eσ . (2) Suppose E is defined over a subfield L ⊆ C and O ⊆ K for an imaginary quadratic field K. Then every element of End(E) is defined over LK. (3) If, in addition, E0 is an elliptic curve defined over L, then every isogeny E → E0 is defined over some finite extension M/L.

Proof. (1) For any ω ∈ ΩE, σ · ω ∈ ΩEσ so by Proposition 7.1.2,

∗ ∗ ∗ σ [σα]Eσ (σ · ω) = σα(σ · ω) = σ · (αω) = σ · [α]Eω = ([α]E) (σ · ω).

∗ ∗ σ σ Hence [σα]Eσ = ([α]E) so Theorem 4.1.10 implies [σα]Eσ = [α]E since we are in characteristic 0. σ σ (2) Take σ ∈ Aut(C/L). Then E = E so by (a), we have [α]E = [σα]Eσ = [σα]E for σ all α ∈ O. Given that O ⊆ K, if σ also fixes K then σα = α. Thus [α]E = [α]E for all σ ∈ Aut(C/LK), meaning [α] = [α]E is defined over LK. But by Proposition 7.1.2, these are all the elements of End(E). (3) Fix an isogeny ϕ : E → E0 and suppose σ ∈ Aut(C/L). Then ϕσ is an isogeny E → E0 as well, since the Weierstrass equations of E,E0 are fixed under σ. By Proposition 4.1.9, ϕ is determined by its kernel which is a finite subgroup of E(C). There are only finitely many finite subgroups of E(C), so we see that there are only finitely many isogenies E → E0 of a given degree. Therefore {ϕσ | σ ∈ Aut(C), σ fixes L} is a finite set (noting that deg ϕσ = deg ϕ) which implies ϕ is defined over a finite extension of L. Repeating the argument for any ϕ gives an extension M/L, but since Hom(E,E0) is finitely generated, we may take M/L to be a finite extension.

Corollary 7.2.5. If E is an elliptic curve with complex multiplication via OK where K is an imaginary quadratic ﬁeld, then [Q(j(E)) : Q] ≤ hK , the class number of K.

We will later show that [Q(j(E)) : Q] = hK , so in particular j(E) is rational if and only if K is an imaginary quadratic field with class number 1. As there are only a finite number of such number fields, it follows that only a finite number of Q-isomorphism classes of elliptic curves have complex multiplication.

121 7.2 Torsion and Rational Points 7 Complex Multiplication

Example 7.2.6. Consider the elliptic curve E deﬁned by y2 = x3 + x, which admits an isomorphism [·]: Z[i] → End(E) by Proposition 7.1.2. Explicitly, [·] is determined by [i]:(x, y) 7→ (−x, iy) since if τ ∈ Aut(C) is complex conjugation, then ([i](x, y))τ = (−x, iy)τ = (−τ · x, τ · (iy)) = (−τ · x, −i(τ · x)) = [−i](τ · x, τ · y) = [i]τ (x, y)τ .

Thus [i]τ = [τ · i], which conﬁrms (2) of Theorem 7.2.4.

Theorem 7.2.7. Let E be a complex elliptic curve with complex multiplication by OK and let L = K(j(E),Etors) be the ﬁeld extension generated by j(E) along with all torsion points of E. Then L is an abelian extension of K(j(E)).

0 0 0 Proof. Set L = K(j(E)) and for each m ≥ 1, let Lm = L (E[m]) be the extension of L S generated by the m-torsion points of E. Then L = m≥1 Lm so it suﬃces to show each 0 0 Lm/L is abelian. For each σ ∈ Gal(Lm/L ), P ∈ E[m] and α ∈ OK , Theorem 7.2.4 gives us

([α]P )σ = [α](P σ)

0 so the actions of Gal(Lm/L ) and OK on E[m] commute. This induces a group homomorphism 0 ρ : Gal(K/L ) −→ AutOK /mOK (E[m]) where K is an algebraic closure of K, which descends to an injective homomorphism

0 Gal(Lm/L ) ,→ AutOK /mOK (E[m]) ∼ but by Proposition 7.2.1(b), E[m] is a free OK /mOK -module of rank 1. Thus AutOK /mOK (E[m]) = × 0 (OK /mOK ) which is abelian, so Gal(Lm/L ) is abelian as required.

Let K be an imaginary quadratic ﬁeld with ring of integers OK and deﬁne

F : Gal(K/K) −→ CK

σ by sending σ to the unique element F (σ) = [a] ∈ CK such that [a] · E = E for all elliptic curves E ∈ Ell(OK ). (Existence and uniqueness of this element follow from Theorem 7.1.4). The following results highlight an interesting fact: F converts the algebraic information of the absolute Galois group of K into the analytic information of elliptic curves over Q, via their j-invariants.

Lemma 7.2.8. For all σ ∈ Gal(K/K) and all elliptic curves E ∈ Ell(OK ),

σ j(E) = j(EF (σ)).

Proposition 7.2.9. The map F : Gal(K/K) → CK is a group homomorphism.

Proof. For all σ, τ ∈ Gal(K/K) and E ∈ Ell(OK ), we have

F (στ) · E = Eστ = (Eτ )σ = (F (τ) · E)σ = F (σ)F (τ) · E

so by deﬁnition, F (στ) = F (σ)F (τ).

122 7.3 Class Field Theory with Elliptic Curves 7 Complex Multiplication

Proposition 7.2.10. For all elliptic curves E ∈ Ell(OK ), classes [a] ∈ CK and automorphisms σ ∈ Gal(Q/Q), ([a] · E)σ = [a]σ · Eσ. Proof. By Proposition 7.2.3 we may assume E is deﬁned over Q, so Eσ makes sense. Choose ∼ a lattice Λ ⊂ C so that E = C/Λ. Also, since a is a ﬁnitely generated OK -module, we have an exact sequence m n OK → OK → a → 0

for some m, n ∈ N. Note that for any OK -module M, the map

−1 a M −→ HomOK (a,M) x 7−→ (α 7→ αx)

∼ −1 ∼ is an isomorphism of OK -modules. In particular, HomOK (a, Λ) = a Λ and HomOK (a, C) =

C. Now applying HomOK (a, −) to the exact sequence

0 → Λ → C → E → 0 yields the top row in the following commutative diagram: 0 0 0

0 a−1Λ C Hom(a,E)

0 Λn Cn En 0

0 Λm Cm Em 0

m n (The other rows come from applying Hom(OK , −) and Hom(OK , −) to the same sequence.) Applying the Snake Lemma to the bottom rows gives an exact sequence

−1 n m n m 0 → a Λ → C → ker(E → E ) → coker(Λ → Λ ).

This identiﬁes the C-points of the variety [a] · E = C/a−1Λ with the identity component of ker(En → Em). The same argument shows that the C-points of [a]σ · Eσ may be identiﬁed with the identity component of ker((Eσ)n → (Eσ)m), but the latter is precisely ker(En → Em)σ, so we conclude that [a]σ · Eσ = ([a] · E)σ.

7.3 Class Field Theory with Elliptic Curves

Let K be an imaginary quadratic ﬁeld with ring of integers K. Our goal in this section is to prove that for any elliptic curve E ∈ Ell(OK ), K(j(E)) is the maximal unramiﬁed abelian

123 7.3 Class Field Theory with Elliptic Curves 7 Complex Multiplication

extension of K, also known as the Hilbert class field of K. To start, note that the kernel of the homomorphism F : Gal(K/K) → CK from Proposition 7.2.9 is a finite quotient of Gal(K/K) since any elliptic curve E ∈ Ell(OK ) is defined over a finite extension L/K, so F (σ) = 1 for any σ ∈ Gal(K/L). Also observe that since CK is an abelian group, F factors through a homomorphism ab Gal(K /K) −→ CK where Kab is the maximal abelian extension of K. We will also denote this by F . Recall that for a field extension L/K and a prime ideal p ⊂ OK , a Frobenius element of p is an element FrobL/K (p) ∈ Gal(L/K), uniquely determined up to conjugacy by the identity

Np FrobL/K (p)(x) ≡ x mod P for all x ∈ OL, where N = NK/Q is the numerical norm on K and P is any prime ideal of OL lying over p. For an arbitrary fractional ideal a = Q pnp of K, the deﬁnition of Frobenius elements extends to the Artin symbol:

L/K Y = Frob (p)np . a L/K Below we summarize the Artin reciprocity theorem and its main consequence for ray class fields, which constitute most of the information from global class field theory needed for this section. If a ⊂ OK is an integral ideal, let IK (a) and PK (a) denote respectively the ideal class group and principal subgroup mod a, meaning the group (and principal subgroup) of ideal classes [b] such that (a, b) = 1. Theorem 7.3.1 (Artin Reciprocity). Let L/K be a finite abelian extension of number fields with conductor fL/K . Then L/K L/K (a) The Artin map : I (f ) → Gal(L/K), a 7→ is surjective. · K L/K a L/K (b) The kernel of is N (I )P (f ), where N is the ideal norm of L/K. · L/K L K L/K L/K

(c) For any ideal a ⊂ OK , there exists a unique finite abelian extension Ka of K, called a ray class field for a, such that for any finite abelian extension M/K, if fM/K | a then M ⊆ Ka.

(d) The set of primes in K that split completely in Ka are precisely the prime ideals in PK (a).

Proposition 7.3.2. For all but ﬁnitely many prime integers p ∈ Z, if p splits in K then

F (FrobL/K (p)) = [p] in CK

for each of the two primes p ⊂ OK lying over p.

Theorem 7.3.3. Let K be an imaginary quadratic ﬁeld with ring of integers OK and let E be an elliptic curve with complex multiplication via OK . Then

124 7.3 Class Field Theory with Elliptic Curves 7 Complex Multiplication

(a) K(j(E)) is the Hilbert class ﬁeld of K.

(b) [K(j(E)) : K] = [Q(j(E)) : Q] = hK , the class number of K.

(c) If E1,...,Em is a list of representatives of the isomorphism classes in Ell(OK ), then m = hK and j(E1), . . . , j(Em) are all the Galois conjugates of j(E). (d) For any nonzero fractional ideal a of K,

j(E)θ(a) = j([a] · E)

K(j(E))/K where θ = is the Artin symbol for the Hilbert class ﬁeld of K. ·

ker F Proof. (a) As noted above, F : Gal(K/K) → CK has a ﬁnite kernel. Let L = K be the corresponding ﬁnite extension of K. Then

Gal(K/L) = ker F = {σ ∈ Gal(K/K) | F (σ) = 1} = {σ ∈ Gal(K/K) | F (σ) · E = E} by Theorem 7.1.4(d) = {σ ∈ Gal(K/K) | Eσ = E} by deﬁnition of F (σ) = {σ ∈ Gal(K/K) | j(E)σ = j(Eσ) = j(E)} by Proposition 3.2.1 = Gal(K/K(j(E))).

By the fundamental theorem of Galois theory, this shows L = K(j(E)). On the other hand, F restricts to an injection Gal(L/K) ,→ CK so L/K is an abelian extension. Let f = fL/K be the conductor of the extension L/K and consider the composition

Frob F I(f) −−→ Gal(L/K) −→ CK

of F with the Artin map. We claim ϕ(a) = [a] for all ideals a ∈ I(f). By Proposition 7.3.2, there exists a ﬁnite set of prime integers S ⊂ Z such that F (Frob(p)) = [p] ∈ CK for all p lying over primes p 6∈ S which split in K. By Dirichlet’s theorem on number ﬁelds, there × exists such a prime p with [p] = [a] in CK , say with a = (α)p for α ∈ K , α ≡ 1 mod f. Then F (Frob((α))) = 1 in CK so

F (Frob(a)) = F (Frob((α)p)) = F (Frob(p)) = [p] = [a].

In fact this now implies that F (Frob((α))) = 1 for any principal ideal in I(f), but since F is L/K injective, this means = 1 for all (α) ∈ I(f). By definition of the conductor, we get α f = 1 so L/K is unramified and thus L is contained in the Hilbert class field. On the other hand, I(f) = IK → CK is now surjective, hence an isomorphism, so we get

[L : K] = | Gal(L/K)| = |CK | = hK

which is precisely the degree of the Hilbert class ﬁeld over K, so L is the Hilbert class ﬁeld.

125 7.3 Class Field Theory with Elliptic Curves 7 Complex Multiplication

(b) The above shows [K(j(E)) : K] = hK and in Corollary 7.2.5 we already showed that [Q(j(E)) : Q] ≤ hK , but since [K : Q] = 2, we must have [Q(j(E)) : Q] = hK as well. (c) From Theorem 7.1.4 we have m = hK and CK acts transitively on these curves, but then by Proposition 3.2.1, CK acts transitively on the j-invariants of these curves, j(E1), . . . , j(Em). In fact the homomorphism F : Gal(K/K) → CK identiﬁes the action of Gal(K/K) on j-invariantes with the action of CK on elliptic curves, so Gal(K/K) also acts transitively on j(E1), . . . , j(Em) and hence these are the hK Galois conjugates of j(E). (d) By (a), θ(a) = [a] for any a ∈ IK , so the statement holds.

126