Posted by: matheuscmss | June 13, 2010

## Symposium “Abel Prize 2010”

Since the end of March (more precisely March 30), I’m participating of the “Dynamics and PDEs” trimester at Institut Mittag-Leffler. During this trimester (ending on June 15), I had several opportunities to attend interesting talks and minicourses. In fact, they have 4 talks (of 1 hour) each Tuesday and Thursday and J. C. Yoccoz is giving his minicourse (1 hour every Wednesday) on his ${\approx}$ 220 pages long paper with J. Palis (about Nonuniformly Hyperbolic Horseshoes) during “normal” weeks, while special thematic weeks (varying from abstract Ergodic Theory, interval exchange maps, non-uniformly hyperbolic dynamics and KAM theorems for PDEs) had 4 talks per day. In particular, I got a lot of new ideas for future posts, although it will take some time to publish them. Indeed, the excellent scientific ambient provided by Institut Mittag-Leffler stimulated me (and my coauthors) to write down our ongoing projects in a more systematic way during the available period between the talks, so that my time for new posts was somewhat reduced (besides that, I should confess that it is difficult to resist taking a bicycle to visit Stockholm during summer weekends :) ).

In any case, I would like to start the series of posts related to my stay in Stockholm with the symposium “Abel Prize 2010” held at the Royal Swedish Academy of Sciences. This symposium occurred on May 31 (Monday) and there were 2 non-technical talks (of 5 and 15 min. describing the Abel Prize) and the following 4 mathematical talks:

• Applications of Tate’s work to cyptography by J. Håstad (KTH, Stockholm);
• The arithmetic of elliptic curves by the Abel Prize 2010 laureate John Tate;
• Point count statistics for families of curves over a fixed finite field by P. Kurlberg (KTH, Stockholm);
• Detecting elements in the Grothendieck ring of varieties by T. Ekedahl (Stockholm University).

As one could expect from this kind of symposium, it was mostly accessible to a non-specialist (like me). In fact, I attended the first 3 talks and they were really joyful: the speakers went directly to the heart of the matter with the minimum possible technicalities. In particular, I decided to take the advice of my friend David Damanik to write down a sketch of these lectures. Of course, the curious reader may ask me why I skipped the last talk and the reason is very simple: at the beginning of the symposium, they provided lecture notes for the fourth talk, and the most basic definition (appearing in the first page of these notes) was the concept of Grothendieck-Kontsevich universal group of varieties (in a not-so-simple-to-follow language from category theory); after seeing that the 3 previous talks started with much humble concepts (such as elliptic and hyperelliptic curves), I thought that this 4th talk would not be suited for a dynamicist (in other words, the propaganda of the 4th talk made at the beginning of the symposium had the opposite effect on me).

Concerning the talks of J. Håstad and P. Kurlberg, let me make a few comments on them before passing to the main focus of this post, namely, J. Tate’s lecture.

Firstly, J. Håstad started his lecture by reviewing some basic facts about crytography: in particular, he explained some well-known basic principles in public-key crytography via the standard Alice and Bob example. After that, he mentioned that N. Koblitz and V. Miller (independently) proposed the use of elliptic curves to perform more efficient (in the sense that the size of the key is smaller [say 70 digits] when compared with previous methods [whose keys have 300 digits say]). This subject is nowadays known as elliptic curve cryptography. Here, the advantage of the algebraic (Abelian group) structure of elliptic curves over finite cyclic groups (for instance) for the public-key cryptography is related to the unfeasibility of solving the so-called discrete logarithm problem: in fact, as it is explained in this Wikipedia article here, when trying to communicate a message ${g}$ (encrypted as an element of an Abelian group), we usually lock it by taking powers ${g^a}$ and sending this data through insecure networks; thus, the key-exchange protocol is more secure when the solvability of the discrete logarithm problem (i.e., given ${b}$ and ${c}$, find ${x}$ such that ${b^x=c}$) on a given Abelian group becomes hard; since the discrete logarithm problem is notably harder over elliptic curves than finite cyclic groups, the use of elliptic curves in such cryptography tasks is more than justified. Nevertheless, by the end of his lecture, J. Håstad explained how one can use the so-called Weil pairing and its properties to make the slight improvements in elliptic curve based protocols.

Secondly, P. Kurlberg gave a nice lecture (based on his paper with Z. Rudnick) about the problem of counting points on hyperelliptic curves over finite fields. More precisely, let ${\mathbb{F}_q}$ be a finite field (of odd cardinality ${q}$) and consider square-free monic polynomials ${F\in \mathbb{F}_q[X]}$ of degree ${d}$. Since ${F}$ is assumed to be square-free, we have that

$\displaystyle Y^2=F(X)$

is a smooth projective hyperelliptic curve ${C_F}$ of genus ${g=(d-2)/2}$ or ${(d-1)/2}$ (depending on the parity of ${d}$). We denote by ${|C_F(\mathbb{F}_q)|}$ the number of ${\mathbb{F}_q}$-points (i.e., points whose coordinates belong to ${\mathbb{F}_q}$). The leitmotiv of Kurlberg’s talk was the limit average behavior of ${|C_F(\mathbb{F}_q)|}$ when the genus and/or the cardinality of ${\mathbb{F}_q}$ grows. In order to attack this problem, he recalled the cute approach of comparing our problem with an appropriate random matrix model. Roughly speaking, we write ${|C_F(\mathbb{F}_q)| = q+1-\sum\limits_{i=1}^{2g}\alpha_i}$, where ${\alpha_i}$ are the eigenvalues of Frobenius action on certain cohomology groups. During his proof of the Riemann hypothesis over finite fields, A. Weil showed that ${|\alpha_i|=\sqrt{q}}$ for any ${1\leq i\leq 2g}$ (compared it with Hasse’s bound over elliptic curves). This allows us to write

$\displaystyle |C_F(\mathbb{F}_q)| = q+1-\sqrt{q}\cdot tr(U_{C_F})$

where ${U_{C_F}\in U(2g)}$ is a ${2g\times 2g}$ unitary matrix (which is well-defined modulo conjugation) and ${tr(X)}$ stands for the trace of the matrix ${X}$. Therefore, one can hope to apply some techniques from random matrix theory (see, e.g., these posts by Terence Tao for an excellent introduction to the subject) to control ${tr(U_{C_F})}$ and, a fortiori, ${|C_F(\mathbb{F}_q)|}$, at least when ${U_{C_F}}$ (or, more precisely, its conjugacy class) becomes “equidistributed”. Using this point of view, N. Katz and P. Sarnak used Deligne’s equidistribution theorem to show that, for a fixed genus ${g}$, we have that, when ${q\rightarrow\infty}$, the limiting distribution of ${tr(U_{C_F})}$ is the Haar measure on ${USp(2g)}$ (unitary symplectic group). On the other hand, P. Diaconis and M. Shahshahani showed that the limiting distribution of ${\{tr(U): U\in USp(2g)\}}$ is a Gaussian distribution with zero mean and variance 1. Therefore, the limiting distribution of

$\displaystyle S(C_F):=(|C_F(\mathbb{F}_q)|-q-1)/\sqrt{q}$

is a Gaussian distribution (of zero mean and variance 1) when ${q\rightarrow\infty}$ and ${g\rightarrow\infty}$ (in this order). Of course, one can ask what happens when we let ${g}$ and ${q}$ grow at the same time. In this direction, P. Kurlberg and Z. Rudnick showed (in their loc. cit. paper) that one still gets a Gaussian distribution with zero mean and variance 1. Also, by the end of his lecture, he mentioned the problem of understanding the limiting distribution of ${S(C)}$ (where ${C}$ is a smooth curve [not necessarily hyperelliptic]) when ${q}$ is fixed but the genus ${g}$ grows. In this situation, as P. Kurlberg pointed out, a naive approach using random matrix theory can’t work: in fact, since our original problem concerns point counting, we have a trivial constraint

$\displaystyle 0\leq |C(\mathbb{F}_q)| = q+1-\sqrt{q}\cdot tr(U_C)$

which is clearly not taken into account by the Gaussian distribution (as the previous inequality is violated for any ${U\in USp(2g)}$ close to the identity [when ${g>(q+1)/\sqrt{q}}$]). In this context, P. Kurlberg mentioned a recent paper joint with E. Wigman where they constructed specific families of curves of increasing genus over fixed finite field whose limiting distribution is Gaussian.

Finally, after all these preliminaries, let’s start discussing Tate’s lecture.

Remark: Besides my notes, I used also some nice pictures (taken by my wife Aline G. Cerqueira) to illustrate today’s post.

-Elliptic curves-

Let ${K}$ be a field, e.g., ${K=\mathbb{Q},\mathbb{R},\mathbb{C}}$ or ${\mathbb{F}_p}$. An elliptic curve ${E|K}$ is a smooth projective curve of genus 1 (i.e., topologically a torus) defined over ${K}$ with a ${K}$-rational point ${0}$. Any elliptic curve admits an algebraic (plane) curve model ${y^2=x^3+Ax+B}$ with non-vanishing discriminant ${\Delta:=-4a^3-27b^2\neq 0}$ (this last condition is the algebraic incarnation of the smoothness assumption on our elliptic curve). For some introductory material on elliptic curves (and some references), see these links here and here.

We denote by ${E(K)}$ the set of ${K}$-rational points of ${E|K}$. It is well-known that ${E(K)}$ is an Abelian group: from the naive point of view, we declare that ${P+Q+R=0}$ whenever ${P,Q,R\in E(K)}$ are collinear (this makes sense because a line intersects the zero set of a cubic equation within 3 points [counting multiplicities]), and from the advanced point of view, we say that the map ${P\mapsto (P)-(0)}$ from ${E(K)}$ to the group of divisor classes of degree 0. See the photo of Tate’s slide below and this link for nice illustrations of the naive point of view, and this post (from the nice blog “Rigorous Trivilities”) for more comments on the advanced point of view.

Abelian group structure on E(K)

Below, we find a photo showing J. Tate explaining the example of the elliptic curve ${y^2+y=x^3-x}$: here, it is indicated 14 integral points, namely, ${\pm nP}$ where ${n\in\{1,2,\dots,7\}}$ and ${P=(0,0)}$, the discriminant ${\Delta=37}$ and the fact that the (Abelian) group of ${\mathbb{Q}}$-rational points ${E(\mathbb{Q})}$ is isomorphic to ${\{nP\}_{n\in\mathbb{Z}}\simeq\mathbb{Z}}$ in the present case is mentioned. Also, J. Tate introduces a height function

${H((x,y)) := H(x):=\max\{|n|,|m|\}}$

where ${(x,y)\in E(\mathbb{Q})}$, ${x=n/m}$ (${n}$ and ${m}$ coprimes), so that ${H(13P) = 3741}$ because ${13P=(-3741/3481, -43355/205374)}$.

An example

-Mordell-Weil theorem-

Once we know that ${E(K)}$ is an Abelian group, one may ask what kind of Abelian group ${E(K)}$ can be. The answer is provided by the Mordell-Weil theorem:

Theorem 1 (Mordell-Weil) Let ${K}$ be a number field. Then, ${E(K)}$ is a finitely generated Abelian group.

Remark 1 This theorem was proved by L. Mordell in the case ${E|\mathbb{Q}}$ and by A. Weil in the general case ${A|K}$.

Remark 2 In the sequel, we’ll present Mordell’s “accidental” proof. As pointed out by J. Tate (compare with the photo below), he says that Mordell’s proof was “accidental” because when he asked (personally) L. Mordell about how the idea of the proof came out, Mordell said that he was trying to prove other results when he realized that his arguments gave a proof of this theorem.

Mordell-Weil theorem

Proof: The argument can be divided into two parts:

• firstly, one shows that ${E(K)/2E(K)}$ is a finite group;
• secondly, one construct a height function ${h:E(K)\rightarrow\mathbb{R}^+}$ verifying the following properties
• (a) for every ${M}$, the set ${\{P\in E(K): h(P)\leq M\}}$ is finite;
• (b) there exists a constant ${C_E}$ (depending on the elliptic curve ${E}$) such that ${|h(2P)-4h(P)|\leq C_E}$ for all ${P\in E(K)}$;
• (c) ${h(P\pm Q)\leq 2h(P)+C_{E,Q}'}$ for some constant ${C_{E,Q}'}$ depending on the elliptic curve ${E}$ and the point ${Q\in E(K)}$.

The first part of the argument (claiming that ${E(K)/2E(K)}$ is finite) is known as weak Mordell-Weil theorem. Since its proof is beyond the scope of this post, we recommend to the interested reader this link here for a proof using group cohomology and this .ps file here for a proof using some commutative algebra (and number theory).

The second part of the argument involves the construction of appropriate height functions: while this is not hard ([at least when ${K=\mathbb{Q}}$] since an adequate modification of the height function ${H(x,y)}$ introduced above does the job), we’ll assume its existence because it is not the main point of Mordell’s proof (in the sense that any height function with the previous properties is sufficient to perform the argument, as we’re going to see). We refer the reader to the loc. cit. .ps file for further details on the construction of these height functions.

From this point, we can derive the Mordell-Weil theorem as follows. From the weak Mordell-Weil theorem, we can select ${\{P_1,\dots,P_n\}}$ a finite set of representatives of the (finite) set ${E(K)/2E(K)}$. By definition, given a point ${P\in E(K)}$, there exists ${i\in\{1,\dots,n\}}$ such that ${P-P_i\in 2E(K)}$, i.e., ${P-P_i=2P'}$ for some ${P'\in E(K)}$. Using the properties of the height function, we see that

$\displaystyle 4h(P')-C_E\leq h(2P')=h(P-P_i)\leq 2h(P)+C_{E,P_i}'$

so that

$\displaystyle h(P')\leq \frac{1}{2}h(P)+ \frac{1}{2}C$

where ${C:=\max\{C_E,\max\{C_{E,P_i}':1\leq i\leq n\}\}}$. For our future purposes, we introduce ${C_0:=\max\{C,h(P_i):i=1,\dots,n\}}$. We claim that the previous estimate implies that ${E(K)}$ is generated by the finite set

${\{Q\in E(K): h(Q)\leq 2C_0\}}$

of ${K}$-rational points with height ${C}$ at most (we’re using here the property (a) of ${h}$). Indeed, this fact is easy to derive intuitively (via a modification of Fermat’s infinite descent argument): if we start with a point ${P}$ of height ${h(P)}$, we can write it as ${P=P_i+2P'}$ where ${h(P_i)\leq C}$ and ${h(P')}$ we saw that any ${P}$ can be written as ${P=P_i+2P'}$ where ${h(P')\leq h(P)/2+C_0/2}$, which is, roughly speaking, half of the size of ${h(P)}$; hence, we can iterate this procedure finitely many times (i.e., ${P=P_i+2P'=P_i+2(P_j+2P'')=\dots}$) to write ${P}$ as a finite combination of elements of heights ${2C_0}$ at most (since the height decrease by half at each iteration). More formally, given a point ${P\in E(K)}$, we take an integer ${k}$ such that ${h(P)\leq kC_0}$ (e.g., ${k=[h(P)/C_0]+1}$), and we write ${P=P_i+P'}$ with ${P_i}$ and ${P'}$ as above. Since ${h(P')\leq (h(P)+C)/2}$, we see that ${h(P')\leq (k+1)C_0/2}$. By iterating this process, we see that, after ${n}$ steps, we can write ${P}$ as a sum of ${1+2+\dots+2^n = 2^{n+1}-1}$ points of heights ${\leq\max\{C_0,(k/2^n+\sum\limits_{l=1}^n 1/2^l)C_0\}\leq (1+k/2^n)C_0}$. Thus, by taking ${n=[\log_2 k]+1}$, we get that ${P}$ is the sum of ${2^{n+1}-1}$ points of heights ${\leq 2C_0}$, as it was claimed. $\Box$

Remark 3 Although the previous argument allows to bound the number of elements of the finite set ${\{Q\in E(K): h(Q)\leq 2C_0\}}$ used to generate a given point ${P}$, it is not effective because, for instance, there is no efficient method (to the best of my knowledge) to find explicit representatives of ${E(K)/2E(K)}$.

A direct consequence of Mordell-Weil theorem and the fundamental theorem of finitely generated Abelian groups is:

Corollary 2 ${E(K)}$ is isomorphic to ${\mathcal{T}\oplus\mathbb{Z}^r}$ where ${\mathcal{T}}$ is a finite (Abelian) group and ${r\in\mathbb{N}}$.

In the literature, ${\mathcal{T}}$ is called the torsion subgroup and ${r}$ is the rank of ${E|K}$. For example, we saw that ${E(\mathbb{Q})\simeq\mathbb{Z}}$ in the case of the elliptic curve ${y^2+y=x^3-x}$, so that its torsion group is trivial and its rank is 1.

In the photo below, we see J. Tate showing an example of N. Elkies (discovered in 2006) of an elliptic curve with trivial torsion group and rank ${r\geq 28}$ (although the precise value of the rank is not known). Also, a list of (the coordinates of) 28 rationally independent points is presented.

N. Elkies example (2006)

-Birch-Swinnerton-Dyer conjecture-

The previous proof of the Mordell-Weil theorem hints a natural way to investigate finer properties of ${E(K)}$. In fact, as explained by J. Tate in the photo below, one can use some group cohomology to induce some short exact sequence (starting from ${E(K)/mE(K)}$) leading to the Selmer (${S^{(m)}}$) and Shafarevich groups. See this link for more details.

Selmer and Shafarevich groups

As J. Tate pointed out, although Selmer groups ${S^{(m)}}$ are understood (in the sense that they’re finite and computable by the method of descent), it is a hard open problem to decide whether the Shafarevich group is finite!

After this, we can start doing some number theory with elliptic curves in the following way: loosely speaking, given an elliptic curve ${E}$, we can use the quantities ${\#E(\mathbb{F}_{p^n})}$ to construct zeta functions

$\displaystyle \zeta(E,\mathbb{F}_p,z)=\exp\left(\sum_{n=1}^\infty \#E(\mathbb{F}_{p^n})z^n/n\right).$

From the expressions of these zeta functions as rational functions of ${z}$, we can produce numbers ${a_p:=p-\#E(\mathbb{F}_p)}$ (for each prime ${p}$), which in turn can be put together to define a L-series ${L(E|\mathbb{Q},s)}$ (called Hasse-Weil zeta function) via a Euler product (type) expression. See this Wikipedia article on elliptic curves for more discussion and references.

It is know that ${L(E|\mathbb{Q},s)}$ converges absolutely when ${\textrm{Re}(s)>3/2}$ (essentially in view of Hasse’s theorem). Furthermore, after the celebrated works of A. Wiles and R. Taylor (among others), we know that this L-series is an entire function of the complex plane ${\mathbb{C}}$ satisfying a functional equation relating ${L(E|\mathbb{Q},s)}$ to ${L(E|\mathbb{Q},2-s)}$: technically speaking, this was derived from the proof of the so-called Shimura-Tanyama conjecture asserting that elliptic curves are completely related to modular forms (some objects with nice L-series attached to them). Another famous consequence of this relationship between elliptic curves and modular forms is Fermat’s last theorem: after Frey, Serre and Ribet, we have that the existence of a solution of ${a^p+b^p+c^p=0}$ (with ${p>5}$ prime) would imply that the elliptic curve ${y^2=(x-a^p)(x+b^p)x}$ has too little ramifications to be related to modular forms. See this photo of a slide of J. Tate where these facts are resumed.

Consequences of the modularity of elliptic curves

Comments on some possible extensions of the results

As we can see in the previous picture, J. Tate also states the Birch and Swinnerton-Dyer conjecture giving a precise prediction of the behaviour of the L-series (zeta function) ${L(E|\mathbb{Q},s)}$ near ${s=1}$: its expansion (in terms of ${(s-1)}$) starts with ${C(s-1)^r}$ where ${r}$ is the rank of ${E|\mathbb{Q}}$ and ${C}$ is an explicit constant depending on the cardinalities of the Shafarevich group and the torsion subgroup (besides some “local” factors ${\alpha_p}$). Nevertheless, he stated his theorem (with Artin) saying that the Birch-Swinnerton-Dyer is true over function fields if and only if the Shafarevich group is finite, and the results of Gross-Zagier and Kolyvagin saying that the Birch-Swinnerton-Dyer conjecture over ${\mathbb{Q}}$ is true if ${L(E|\mathbb{Q})}$ has a zero of order ${\leq 1}$. Concerning these results, J. Tate thinks that they will be extended to totally real fields ${K}$, but we’re still not capable of attacking the cases of higher rank (${r>1}$) elliptic curves (or ${K}$ not totally real).

Closing his lecture, J. Tate reported on three recent results. The first one is due to Manjul Bhagarva. Given an elliptic curve ${E|\mathbb{Q}}$, we consider its algebraic curve model ${y^2=x^3+Ax+B}$. This permits to order them using the height function ${h(E)=\max\{|A|^3,|B|^2\}}$ (the exponents of ${A}$ and ${B}$ are chosen in view of the formula ${\Delta=-4A^3-27B^2}$ of the discriminant of the elliptic curve).

Theorem 3 Using the previous ordering on elliptic curves, we have:

• the average rank is ${<1.17}$;
• a positive proportion of elliptic curves have ${L(E|\mathbb{Q},1)\neq 0}$, so that, by the results of Gross-Zagier and Kolyvagin, the Shafarevich group is finite, the Birch-Swinnerton-Dyer conjecture is true and the rank ${r}$ is zero for a positive proportion of elliptic curves (over ${\mathbb{Q}}$);
• If the Shafarevich group is finite for every elliptic curve ${E|\mathbb{Q}}$, then a positive proportion of elliptic curves have rank ${r}$ equal to 1.

In the picture below, J. Tate stresses out that the first item (on the average rank) is an unconditional result (in the sense that it doesn’t depend on any conjecture such as the generalized Riemann hypothesis or Birch-Swinnerton-Dyer conjecture). Also, he pointed out other interesting results of M. Bhagarva (such as the fact that the average size of the Selmer group ${S^{(2)}}$ is 3).

Potpourri of results of M. Bhagarva

The second and third results concern elliptic curves and Hilbert’s 10th problem (about the existence of algorithms capable of solving Diophantine equations). More precisely, after the works of B. Poonen, A. Shlapentokh and K. Eisenträger, we have:

Theorem 4 Suppose that, for every cyclic extension ${L|K}$ of prime degree of number fields, we can find an elliptic curve ${E}$ such that the ${r(E|L)=r(E|K)}$ (i.e., there are elliptic curves whose rank doesn’t increase with the extension ${L|K}$). Then, Hilbert’s 10th problem has a negative solution over the ring of integers of number fields.

While at a first glance, the hypothesis of this theorem maybe strange, it turns out that, after the work of B. Mazur and K. Rubin (accepted for publication in Inventiones Mathematicae), we have an explicit criterion for the verification of this hypothesis:

Theorem 5 If the Shafarevich group is finite, then the hypothesis of the previous theorem is always satisfied.

In other words, these two results together say that the conjecture of the finiteness of the Shafarevich group implies a negative answer to Hilbert’s 10th problem over the ring of integers of number fields.

Elliptic curves and Hilbert's tenth problem

About these ads