🔢Elliptic Curves Unit 6 – Elliptic Curves: Algebraic Geometry Foundations

Key Concepts

• Elliptic curves are cubic equations of the form $y^2 = x^3 + ax + b$ where $a$ and $b$ are constants and the discriminant $\Delta = 4a^3 + 27b^2 \neq 0$
• Elliptic curves form an abelian group under the chord-and-tangent addition law
• The group law on elliptic curves is geometrically defined using the intersection of lines with the curve
• Elliptic curves over finite fields have applications in cryptography such as in the Elliptic Curve Digital Signature Algorithm (ECDSA)
• The Mordell-Weil theorem states that the group of rational points on an elliptic curve is finitely generated
• The rank of an elliptic curve is the number of independent points of infinite order in the Mordell-Weil group
  • Determining the rank of an elliptic curve is a difficult problem with no known general algorithm
• The Birch and Swinnerton-Dyer conjecture relates the rank of an elliptic curve to the behavior of its L-function at $s=1$

Historical Context

• Elliptic curves were first studied in connection with the problem of computing the arc length of an ellipse in the 17th century
• In the 19th century, Niels Henrik Abel and Carl Gustav Jacobi discovered the group law on elliptic curves and their connection to elliptic functions
• In the early 20th century, Henri Poincaré and others developed the geometric approach to elliptic curves and the group law
• In the 1920s, Louis Mordell proved the finite generation of the group of rational points on an elliptic curve (Mordell-Weil theorem)
• In the 1960s, Bryan Birch and Peter Swinnerton-Dyer formulated their famous conjecture relating the rank of an elliptic curve to its L-function
• The use of elliptic curves in cryptography was proposed independently by Neal Koblitz and Victor Miller in 1985
  • This led to the development of elliptic curve cryptography (ECC) and its widespread use in modern cryptographic protocols
• Andrew Wiles' proof of Fermat's Last Theorem in 1995 used techniques from the theory of elliptic curves and modular forms

Algebraic Geometry Basics

• Algebraic geometry studies geometric objects defined by polynomial equations
• Affine varieties are sets of points in affine space that satisfy a system of polynomial equations
  • For example, the curve $y^2 = x^3 + ax + b$ is an affine variety in the affine plane $\mathbb{A}^2$
• Projective varieties are sets of points in projective space that satisfy a system of homogeneous polynomial equations
  • Projective space adds points at infinity to affine space, allowing for a more uniform treatment of geometric objects
• The Zariski topology on an affine or projective variety is defined by taking closed sets to be the zero loci of polynomial equations
• Regular functions on an affine variety are functions that can be expressed as polynomials in the coordinates
• Rational functions on a variety are ratios of regular functions (polynomials) defined on open subsets of the variety
• Morphisms between varieties are maps that can be locally expressed as polynomials or rational functions in the coordinates

Defining Elliptic Curves

• An elliptic curve over a field $K$ is a smooth, projective curve of genus 1 with a specified base point $O$
• The most common form of an elliptic curve is the Weierstrass equation: $y^2 = x^3 + ax + b$, where $a, b \in K$ and the discriminant $\Delta = 4a^3 + 27b^2 \neq 0$
  • The non-vanishing of the discriminant ensures that the curve is smooth (has no cusps or self-intersections)
• Elliptic curves can also be defined as cubic curves in projective space $\mathbb{P}^2$ with a specified base point $O = [0:1:0]$
• The group law on an elliptic curve is defined geometrically using the chord-and-tangent method
  • Three points on the curve sum to zero if and only if they are collinear
  • The negative of a point is its reflection across the $x$-axis
• The group law can also be expressed algebraically using explicit formulas derived from the Weierstrass equation
• Elliptic curves over the complex numbers $\mathbb{C}$ can be parametrized by the Weierstrass $\wp$-function and its derivative

Properties and Structure

• The set of points on an elliptic curve $E$ over a field $K$, denoted $E(K)$, forms an abelian group under the chord-and-tangent addition law
  • The identity element is the specified base point $O$
  • The inverse of a point $P = (x, y)$ is the point $-P = (x, -y)$
• The group $E(K)$ is a finitely generated abelian group by the Mordell-Weil theorem
  • It is isomorphic to $\mathbb{Z}^r \oplus E(K)_{\text{tors}}$, where $r$ is the rank and $E(K)_{\text{tors}}$ is the torsion subgroup
• The torsion subgroup $E(K)_{\text{tors}}$ consists of points of finite order and is always finite
  • For $K = \mathbb{Q}$, the possible torsion subgroups are classified by Mazur's theorem
• The rank $r$ is the number of independent points of infinite order in $E(K)$
  • Computing the rank is a difficult problem, and there is no known general algorithm
• Elliptic curves over finite fields $\mathbb{F}_q$ have a finite number of points, denoted $\#E(\mathbb{F}_q)$
  • Hasse's theorem bounds the number of points: $|\#E(\mathbb{F}_q) - (q+1)| \leq 2\sqrt{q}$
• The endomorphism ring of an elliptic curve over a field $K$ is the ring of all morphisms from the curve to itself that fix the base point $O$

Geometric Interpretation

• Elliptic curves can be visualized as smooth, symmetric curves in the affine or projective plane
• The group law has a geometric interpretation using the chord-and-tangent method
  • To add two points $P$ and $Q$, draw a line through $P$ and $Q$ (or the tangent line if $P = Q$) and find the third intersection point $R$; then $P + Q = -R$
• The base point $O$ serves as the identity element and is often chosen to be the "point at infinity" in the projective plane
• Torsion points on an elliptic curve have a geometric interpretation as points of finite order under the group law
  • For example, a point $P$ of order 2 is a point such that the tangent line at $P$ intersects the curve at $O$
• The rank of an elliptic curve can be interpreted as the number of independent "holes" or "handles" on the curve when viewed as a topological surface
• Elliptic curves over the complex numbers $\mathbb{C}$ can be viewed as complex tori $\mathbb{C}/\Lambda$, where $\Lambda$ is a lattice in the complex plane
  • The group law on the torus corresponds to the addition law on the elliptic curve under the Weierstrass parametrization

Applications in Cryptography

• Elliptic curve cryptography (ECC) is based on the difficulty of the elliptic curve discrete logarithm problem (ECDLP)
  • Given points $P$ and $Q$ on an elliptic curve, it is computationally infeasible to find an integer $k$ such that $Q = kP$
• ECC requires smaller key sizes than other public-key cryptosystems (RSA, DSA) for the same level of security
  • This makes ECC well-suited for resource-constrained environments like mobile devices and smart cards
• The Elliptic Curve Digital Signature Algorithm (ECDSA) is a widely used digital signature scheme based on ECC
  • ECDSA is employed in various protocols, including Bitcoin and Ethereum cryptocurrencies
• Elliptic curve Diffie-Hellman (ECDH) is a key agreement protocol that allows two parties to establish a shared secret over an insecure channel
• Supersingular isogeny-based cryptography is a post-quantum cryptographic approach that uses isogenies between supersingular elliptic curves
  • This is believed to be resistant to attacks by quantum computers, unlike ECC based on the ECDLP
• Pairing-based cryptography uses bilinear pairings on elliptic curves to construct advanced cryptographic primitives
  • Examples include identity-based encryption, attribute-based encryption, and short digital signatures

Advanced Topics and Open Problems

• The Birch and Swinnerton-Dyer (BSD) conjecture relates the rank of an elliptic curve to the behavior of its L-function at $s=1$
  • The BSD conjecture is one of the Clay Mathematics Institute's Millennium Prize Problems
• Elliptic curves over $\mathbb{Q}$ can be classified up to isogeny using their j-invariant and conductor
  • The modular curve $X_0(N)$ parametrizes isogeny classes of elliptic curves with conductor $N$
• The Langlands program seeks to unify various areas of mathematics, including the theory of elliptic curves and modular forms
  • The Taniyama-Shimura conjecture (now a theorem) states that every elliptic curve over $\mathbb{Q}$ is modular, i.e., its L-function coincides with the L-function of a modular form
• Elliptic curves over number fields and function fields have a rich arithmetic structure and are the subject of active research
• The Sato-Tate conjecture describes the distribution of the number of points on an elliptic curve over $\mathbb{F}_p$ as $p$ varies
  • The conjecture was proved for certain classes of elliptic curves by Richard Taylor and others in the early 2000s
• The ranks of elliptic curves over $\mathbb{Q}$ are conjectured to be unbounded, but the largest known rank is 28 (as of 2021)
  • Finding high-rank elliptic curves and understanding the distribution of ranks is an ongoing area of research