Elliptic curve

In mathematics, an elliptic curve is a smooth, projective, algebraic curve of genus one, on which there is a specified point. An elliptic curve is defined over a field and describes points in, the Cartesian product of with itself. If the field's characteristic is different from 2 and 3, then the curve can be described as a plane algebraic curve which consists of solutions for:
for some coefficients and in. The curve is required to be non-singular, which means that the curve has no cusps or self-intersections. It is usually understood that the curve is embedded in the projective plane, with the point being the unique point at infinity. Many sources define an elliptic curve to be simply a curve given by an equation of this form.
An elliptic curve is an abelian variety – that is, it has a group law defined algebraically, with respect to which it is an abelian group – and serves as the identity element.
If, where is any polynomial of degree three in with no repeated roots, the solution set is a nonsingular plane curve of genus one, an elliptic curve. If has degree four and is square-free this equation again describes a plane curve of genus one; however, it has no natural choice of identity element. More generally, any algebraic curve of genus one, for example the intersection of two quadric surfaces embedded in three-dimensional projective space, is called an elliptic curve, provided that it is equipped with a marked point to act as the identity.
Using the theory of elliptic functions, it can be shown that elliptic curves defined over the complex numbers correspond to embeddings of the torus into the complex projective plane. The torus is also an abelian group, and this correspondence is also a group isomorphism.
Elliptic curves are especially important in number theory, and constitute a major area of current research; for example, they were used in Andrew Wiles's proof of Fermat's Last Theorem. They also find applications in elliptic curve cryptography and integer factorization.
An elliptic curve is not an ellipse in the sense of a projective conic, which has genus zero: see elliptic integral for the origin of the term. However, there is a natural representation of real elliptic curves with shape invariant as ellipses in the hyperbolic plane. Specifically, the intersections of the Minkowski hyperboloid with quadric surfaces characterized by a certain constant-angle property produce the Steiner ellipses in . Further, the orthogonal trajectories of these ellipses comprise the elliptic curves with, and any ellipse in described as a locus relative to two foci is uniquely the elliptic curve sum of two Steiner ellipses, obtained by adding the pairs of intersections on each orthogonal trajectory. Here, the vertex of the hyperboloid serves as the identity on each trajectory curve.
Topologically, a complex elliptic curve is a torus, while a complex ellipse is a sphere.

Elliptic curves over the real numbers

Although the formal definition of an elliptic curve requires some background in algebraic geometry, it is possible to describe some features of elliptic curves over the real numbers using only introductory algebra and geometry.
In this context, an elliptic curve is a plane curve defined by an equation of the form
after a linear change of variables. This type of equation is called a Weierstrass normal form, Weierstrass form, or Weierstrass equation.
The definition of elliptic curve also requires that the curve be non-singular. Geometrically, this means that the graph has no cusps, self-intersections, or isolated points. Algebraically, this holds if and only if the discriminant,, is not equal to zero, where is defined as:
The discriminant is zero when for some real. Although the factor −16 is irrelevant to whether or not the curve is non-singular, this definition of the discriminant is useful in a more advanced study of elliptic curves.
The real graph of a non-singular curve has two components if its discriminant is positive, and one component if it is negative. For example, in the graphs shown in figure to the right, the discriminant in the first case is 64, and in the second case is −368.

Group law

When working in the projective plane, the equation in homogeneous coordinates becomes
This equation is not defined on the line at infinity, but we can multiply by to get one that is:
This resulting equation is defined on the whole projective plane, and the curve it defines projects onto the elliptic curve of interest. To find its intersection with the line at infinity, we can just posit. This implies, which in a field means. on the other hand can take any value, and thus all triplets satisfy the equation. In projective geometry this set is simply the point, which is thus the unique intersection of the curve with the line at infinity.
Since the curve is smooth, hence continuous, it can be shown that this point at infinity is the identity element of a group structure whose operation is geometrically described as follows:
Since the curve is symmetric about the axis, given any point, we can take to be the point opposite it. We then have, as lies on the plane, so that is also the symmetrical of about the origin, and thus represents the same projective point.
If and are two points on the curve, then we can uniquely describe a third point in the following way. First, draw the line that intersects and. This will generally intersect the cubic at a third point,. We then take to be, the point opposite.
This definition for addition works except in a few special cases related to the point at infinity and intersection multiplicity. The first is when one of the points is. Here, we define, making the identity of the group. If, we only have one point, thus we cannot define the line between them. In this case, we use the tangent line to the curve at this point as our line. In most cases, the tangent will intersect a second point, and we can take its opposite. If and are opposites of each other, we define. Lastly, if is an inflection point, we take to be itself, and is simply the point opposite itself, i.e. itself.
center
Let be a field over which the curve is defined and denote the curve by. Then the -rational points of are the points on whose coordinates all lie in, including the point at infinity. The set of -rational points is denoted by. is a group, because properties of polynomial equations show that if is in, then is also in, and if two of,, are in, then so is the third. Additionally, if is a subfield of, then is a subgroup of.

Algebraic interpretation

The [|above] groups can be described algebraically as well as geometrically. Given the curve over the field , and points and on the curve, assume first that . Let be the equation of the line that intersects and, which has the following slope:
The line equation and the curve equation intersect at the points,, and, so the equations have identical values at these values.
which is equivalent to
Since,, and are solutions, this equation has its roots at exactly the same values as
and because both equations are cubics, they must be the same polynomial up to a scalar. Then equating the coefficients of in both equations
and solving for the unknown,
follows from the line equation
and this is an element of, because is.
If, then there are two options: if , including the case where , then the sum is defined as 0; thus, the inverse of each point on the curve is found by reflecting it across the axis.
If, then and . The slope is given by the tangent to the curve at.
A more general expression for that works in both case 1 and case 2 is
where equality to relies on and obeying.

Non-Weierstrass curves

For the curve , the formulas are similar, with and.
For a general cubic curve not in Weierstrass normal form, we can still define a group structure by designating one of its nine inflection points as the identity. In the projective plane, each line will intersect a cubic at three points when accounting for multiplicity. For a point, is defined as the unique third point on the line passing through and. Then, for any and, is defined as where is the unique third point on the line containing and.
For an example of the group law over a non-Weierstrass curve, see Hessian curves.

Elliptic curves over the rational numbers

A curve E defined over the field of rational numbers is also defined over the field of real numbers. Therefore, the law of addition by the tangent and secant method can be applied to E. The explicit formulae show that the sum of two points P and Q with rational coordinates has again rational coordinates, since the line joining P and Q has rational coefficients. This way, one shows that the set of rational points of E forms a subgroup of the group of real points of E.

Integral points

This section is concerned with points P = of E such that x is an integer.
For example, the equation y² = x³ + 17 has eight integral solutions with y > 0:
As another example, Ljunggren's equation, a curve whose Weierstrass form is y² = x³ − 2x, has only four solutions with y ≥ 0 :

The structure of rational points

Rational points can be constructed by the method of tangents and secants detailed above, starting with a finite number of rational points. More precisely the Mordell–Weil theorem states that the group E is a finitely generated group. By the fundamental theorem of finitely generated abelian groups it is therefore a finite direct sum of copies of Z and finite cyclic groups.
The proof of the theorem involves two parts. The first part shows that for any integer m > 1, the quotient group E/''mE is finite. Second, introducing a height function h'' on the rational points E defined by h = 0 and if P has as abscissa the rational number x = p/''q. This height function h'' has the property that h grows roughly like the square of m. Moreover, only finitely many rational points with height smaller than any constant exist on E.
The proof of the theorem is thus a variant of the method of infinite descent and relies on the repeated application of Euclidean divisions on E: let P ∈ E be a rational point on the curve, writing P as the sum 2P₁ + Q₁ where Q₁ is a fixed representant of P in E/2E, the height of P₁ is about of the one of P. Redoing the same with P₁, that is to say P₁ = 2P₂ + Q₂, then P₂ = 2P₃ + Q₃, etc. finally expresses P as an integral linear combination of points Q_i and of points whose height is bounded by a fixed constant chosen in advance: by the weak Mordell–Weil theorem and the second property of the height function P is thus expressed as an integral linear combination of a finite number of fixed points.
The theorem however doesn't provide a method to determine any representatives of E/''mE.
The rank of E'', that is the number of copies of Z in E or, equivalently, the number of independent points of infinite order, is called the rank of E. The Birch and Swinnerton-Dyer conjecture is concerned with determining the rank. One conjectures that it can be arbitrarily large, even if only examples with relatively small rank are known. The elliptic curve with the currently largest exactly-known rank is
It has rank 20, found by Noam Elkies and Zev Klagsbrun in 2020. Curves of rank higher than 20 have been known since 1994, with lower bounds on their ranks ranging from 21 to 29, but their exact ranks are not known and in particular it is not proven which of them have higher rank than the others or which is the true "current champion".
As for the groups constituting the torsion subgroup of E, the following is known: the torsion subgroup of E is one of the 15 following groups : Z/NZ for N'' = 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, or 12, or Z'/2Z × Z/2NZ with N = 1, 2, 3, 4. Examples for every case are known. Moreover, elliptic curves whose Mordell–Weil groups over Q''' have the same torsion groups belong to a parametrized family.