An elliptic curve is defined by numbers and . The curve is the set of all points of the real plane that satisfy the Equation 1. "Definition of the elliptic curves"
Equation 1. "Definition of the elliptic curves" definies elliptic curves over any field, it doesn't have to the real numbers. Notably, the definition also works for finite fields, leading to elliptic curve over a finite fields, which are the ones used in Elliptic-curve Diffie-Hellman cyprotgraphy.
The elliptic curve group of an elliptic curve is a group in which the elements of the group are points on an elliptic curve.
The group operation is called elliptic curve point addition.
Elliptic curve point addition is the group operation of an elliptic curve group, i.e. it is a function that takes two points of an elliptic curve as input, and returns a third point of the elliptic curve as its output, while obeying the group axioms.
The operation is defined e.g. at en.wikipedia.org/w/index.php?title=Elliptic_curve_point_multiplication&oldid=1168754060#Point_operations. For example, consider the most common case for two different points different. If the two points are given in coordinates:
then the addition is defined in the general case as:
with some slightly different definitions for point doubling and the identity point.
This definition relies only on operations that we know how to do on arbitrary fields:and it therefore works for elliptic curves defined over any field.
Just remember that:
means:
and that always exists because it is the inverse element, which is guaranteed to exist for multiplication due to the group axioms it obeys.
The group function is usually called elliptic curve point addition, and repeated addition as done for DHKE is called elliptic curve point multiplication.
One major difference between the elliptic curve over a finite field or the elliptic curve over the rational numbers the elliptic curve over the real numbers is that not every possible generates a member of the curve.
This is because on the Equation "Definition of the elliptic curves" we see that given an , we calculate , which always produces an element .
But then we are not necessarily able to find an for the , because not all fields are not quadratically closed fields.
For example: with and , taking gives:
and therefore there is no that satisfies the equation. So is not on the curve if we consider this elliptic curve over the rational numbers.
That would also not belong to Elliptic curve over the finite field , because doing everything we have:
Therefore, there is no element such that or , i.e. and don't have a multiplicative inverse.
For the real numbers, it would work however, because the real numbers are a quadratically closed field, and .
For this reason, it is not necessarily trivial to determine the number of elements of an elliptic curve.
Can be finite or infinite! TODO examples. But it is always a finitely generated group.
The elliptic curve group of all elliptic curve over the rational numbers is always a finitely generated group.
The number of points may be either finite or infinite. But when infinite, it is still a finitely generated group.
For this reason, the rank of an elliptic curve over the rational numbers is always defined.
TODO example.
Mordell's theorem guarantees that the rank (number of elements in the generating set of the group) is always well defined for an elliptic curve over the rational numbers. But as of 2023 there is no known algorithm which calculates the rank of any curve!
TODO list of known values and algorithms? The Birch and Swinnerton-Dyer conjecture would immediately provide a stupid algorithm for it.
web.math.pmf.unizg.hr/~duje/tors/rankhist.html gives a list with Elkies (2006) on top with:TODO why this non standard formluation?
This construction taks as input:and it produces an elliptic curve over a finite field of order as output.
- elliptic curve over the rational numbers
- a prime number
The constructions is used in the Birch and Swinnerton-Dyer conjecture.
To do it, we just convert the coefficients and from the Equation "Definition of the elliptic curves" from rational numbers to elements of the finite field.
For example, suppose we have and we are using .
For the denominator , we just use the multiplicative inverse, e.g. supposing we havewhere because , related: math.stackexchange.com/questions/1204034/elliptic-curve-reduction-modulo-p
The BSD conjecture states that if your name is long enough, it will always count as two letters on a famous conejcture.
Maybe also insert a joke about BSD Operating Systems if you're into that kind of stuff.
The conjecture states that Equation 1. "BSD conjecture" holds for every elliptic curve over the rational numbers (which is defined by its constants and )
The conjecture, if true, provides a (possibly inefficient) way to calculate the rank of an elliptic curve over the rational numbers, since we can calculate the number of elements of an elliptic curve over a finite field by Schoof's algorithm in polynomial time. So it is just a matter of calculating like that up to some point at which we are quite certain about .
The Wikipedia page of the this conecture is the perfect example of why it is not possible to teach natural sciences on Wikipedia. A million dollar problem, and the page is thoroughly incomprehensible unless you already know everything!
Summary:
- overview of the formula of the BSD conjecture
- definition of elliptic curve
- domain of an elliptic curve. Prerequisite: field
- elliptic curve group. Prerequisite: group
- Mordell's theorem lets us define the rank of an elliptic curve over the rational numbers, which is the . Prerequisite: generating set of a group
- reduction of an elliptic curve from to lets us define as the number of elements of the generated finite group
The paper that states the BSD conjecture.
Likely paywalled at: www.degruyter.com/document/doi/10.1515/crll.1965.218.79/html. One illegal upload at: virtualmath1.stanford.edu/~conrad/BSDseminar/refs/BSDorigin.pdf.
The Equation "Definition of the elliptic curves" and definitions on elliptic curve point addition both hold directly.