Translations
of
M&THEMATICAL MONOGRAPHS
Volume 186
Number
Fermat’s
Theory
Dream
1
Kazuya Kato Nobushige Kurokawa Takeshi Saito
Translated by Masato Kuwata
lallalllllllllllllllllllllllllllllllllllllllllll
FUDAN BOO12090492443 B '!$
American
Mathematical
Society
Providence,
Rhode
Ilsand
Contents
Preface Preface to the English Edition Objectives Notation Chapter 0. Introduction
Fermat and Number Theory ~
ix xi
x111
and Outline
of these Books
. ..
xv
0.1. Before Fermat 0.2. Prime numbers and the sum of two squares 0.3. p = x2 + 2y2, p = x2 + 3y2,. . . 0.4. Pell’s equations 0.5. Triangular numbers, quadrangular numbers, pentagonal 8 numbers 10 0.6. Triangular numbers, squares, cubes 11 0.7. Right triangles and elliptic curves 12 0.8. Fermat’s Last Theorem 14 Exercises Chapter 1.1. 1.2. 1.3. 1. Rational Points on Elliptic Curves Fermat and elliptic curves Group structure of an elliptic curve Mordell’s theorem Summary Exercises 2. Conies and padic Numbers Conies Congruence Conies and quadratic residue symbols padic number fields
vii
17 17 25 30 43 43 45 45 49 53 58
Chapter 2.1. 2.2. 2.3. 2.4.
“Ill
CONTENTS
2.5. 2.6.
Multiplicative structure of the padic Rational points on tonics Summary Exercises 3. < Three wonders of the values Values at positive integers Values at negative integers Summary Exercises
number
field
69 74 78 78 81 81 84 89 99 100 103 104 113 124 127 132 132 135 135 136 139 145 153
Chapter 3.1. 3.2. 3.3.
of the < function
Chapter 4.1. 4.2. 4.3. 4.4.
4. Algebraic Number Theory Method of algebraic number theory The heart of algebraic number theory The class number formula for imaginary quadratic fields Fermat’s Last Theorem and Kummer Summary Exercises A. Rudiments on Dedekind domains Definition of a Dedekind domain Fractional ideal to Questions to Exercises
Appendix A.l. A.2. Answers Answers Index
Preface
This book was written in 1996, two hundred years after 1796, which was a very fruitful year for the great Gauss, who made many fundamental contributions to modern number theory. Gauss was in his late teens at the time. On March 30 he discovered a method of construction of a regular 17gon. On April 8 he proved the quadratic reciprocity law (see $2.2 in this volume), which he himself called a gem. On May 31 he conjectured what would later be called “the prime number theorem” concerning the distribution of prime numbers. On July 10 he proved that any natural number can be expressed as a sum of at most three triangular numbers (see 50.5). On October 1 he obtained a result on the number of solutions for an equation with coefficients in a finite field, which had a great impact on mathematics in later eras. All these contributions are discussed in these volumes, Number Theory 1, 2, 3. One, two, three, four.. . as naive as it is, the world of numbers encompasses many wonders that fascinated young Gauss. A discovery in one epoch induces a more profound discovery by the following generation. A hundred years later, in 1896, the prime number theorem was proved. After some 120 years, the quadratic reciprocity law had grown into the class field theory. After 150 years, Andre Weil, who had examined Gauss’s result of October 1, proposed the socalled Weil conjectures. These conjectures influenced a great deal of algebraic geometry in the twentieth century. The brilliance of the gems polished by Gauss has increased through the efforts of the mathematicians of following generations. It is said that there is no unexplored place on the earth any longer, but the world of numbers is still full of mysteries. That makes us think of the profoundness and richness of nature. Wandering naively in the wonderland of numbers, we would like to describe in this book the intricate world of numbers that modern
x
PREFACE
number theory has discoverd. We will be very happy if the reader discovers the wonders of numbers and the grandeur of nature. Kazuya Kato, Nobushige Kurokawa, Takeshi Saito
Preface
to the English
Edition
The authors hope that the readers enjoy the wonderful world of modern number theory through the book. Our special thanks are due to Dr. Masato Kuwata, who not only translated the Japanese edition into English but also suggested many improvements on the text so that the present English edition is more readable than the original Japanese edition.
xi
Objectives
and
Outline
of these
Books
In thses books, Number Theory 1, 2, 3, we introduce core theories in modern number theory, such as class field theory, Iwasawa theory, the theory of modular forms, etc. The structure of this book is as follows. The starting point of number theory is astonishment at the wonders of numbers. The work of Fermat, who is considered to be a founding father of modern number theory, illustrates very well the wonder of numbers. We first discuss the work of Fermat on number theory in the introduction to Number Theory 1. The reader will learn how mathematicians of later eras little by little found a fascinating world behind each fact discovered by Fermat. In Number Theory 1 we study some important topics in modern number theory, such as elliptic curves (Chapter l), padic numbers (Chapter 2), the Cfunction (Chapter 3)) and number fields (Chapter 4). These chapters are more or less independent; the material in the earlier chapters is not necessary to understand each succeeding chapter. Chapters 2 and 3 may be easier to read than Chapter 1. The reader should not hesitate to skip parts that are difficult to understand. Number Theory 2 is devoted to class field theory. We also study the <function once again. In Number Theory 3 we explain Iwasawa theory and the theory of modular forms, before coming back to elliptic curves once again. These books are part of the series Fundamentals of Modern Mathematics, but we were not satisfied with the introduction of fundamentals. We tried to include today’s developments in number theory. For example, we included some important theories developed in recent years, such as the arithemetic theory of elliptic curves, which is part of arithmetic algebraic geometry, and Iwasawa theory, to which we did not find an introduction elsewhere. We hope that we convey the best of modern number theory. Xl,,
xiv
OBJECTIVES
AND
OUTLINE
OF
THESE
BOOKS
We wanted to include more topics, but we had to omit many of them due to the limitation on the number of pages. We regret that we could not mention Diophantine approximations and transcendental number theory, both of which are seeing new developments in recent years. Prerequisites to Number Theory 1 are the fundamentals of groups, rings and fields. In Number Theory 2 we recommend that the reader be familiar with Galois theory. The reader is advised to write down simple and easy examples on scratch paper. Just as astronomical observations are indispensable to the study of astronomy, it is indispensable to observe the numbers in order to study number theory. The wonders are there to be discovered. Also, number theory has a long history, which teaches us interesting lessons. We advise you to take an interest in the history of mathematics.
Notation
Throughout the book we use the following all all all all integers rational numbers real numbers complex numbers symbols:
Z the set of Q the set of lR the set of C the set of
A ring is always assumed to have an identity element (written l), and a homomorphism of rings is assumed to send 1 to 1. If A is a ring, AX denotes the group of invertible elements of A. In particular, if A is a field, AX is the multiplicative group consisting of all the nonzero elements of A.
CHAPTER
0
Introduction
 Fermat and Number Theory
which
In September states:
1994 Andrew
Wiles
proved
Fermat’s
Last Theorem, no
“For n greater than or equal to 3, there exist natural numbers x, y, z satisfying the equation xn + yn = Zn.”
Fermat’s Last Theorem had resisted a proof for more than 350 years. Fermat (160165) wrote his “Last Theorem” around 1630 in the margin of a book he owned. Fermat also left a phrase (‘1 found a remarkable proof for this fact, but this margin is too narrow to write it down.” In spite of the efforts of many people, the proof has not been discovered. In this chapter we focus on Fermat, who is considered to be a “founder of modern number theory”. We review his work on number theory, and see how his work has been developed and extended in later eras. We introduce our treatment of Fermat’s work in this book from a modern viewpoint.
0.1. Before
Fermat
Fermat wrote down his “Last Theorem” in the margin of his copy of Arithmetica by Diophantus, an ancient Greek mathematician. It was on the page where the positive integral solutions of the equation x2 + y2 = z2 were discussed. Fermat replaced the power of the equation by 3,4,5, . . . . There are many positive integral solutions to x2 + y2 = ,z2, such as 32 + 42 = 52, 52 + 122 = 132, 82 + 152 = 172
2
0. INTRODUCTION
5 / 4Lll
4 13 3 5’ Z.
FIGURE 0.1. Pythagorean Theorem
\D
12 17 15 /
a
(see92.1). By the Pythagorean Theorem, such a solution corresponds to the three sides of a right triangle as we see in Figure 0.1. As a result, this equation has been studied since ancient times. In the middle of this century archaeologists succeeded in deciphering the writings on a plate found at an ancient Babylonian site of 4000 years ago. On it were inscribed many solutions to z2 + y2 = z2, such as 11g2 + 1202 = 16g2. The author of this plate apparently knew how to find such x, y and In ancient Greece many superb mathematicians emerged, and Pythagoras (572492 B.C.) is among them. The theorem is named for Pythagoras because he is considered to be the first to prove it. Some people consider Pythagoras to be the originator of number theory. He was fascinated by the mystery of numbers, and he said “Everything is a number.” Pythagoras found that two chords whose length have an integer ratio give a beautiful harmony, and he invented a musical scale. He attached great importance to integer ratios, but he is considered to be the first one to find the existence of irrational numbers, namely numbers which cannot be expressed as the ratio of two integers. Rational numbers, which can be expressed as the ratio of two integers, seemto be tightly packed in the line formed by real numbers, but there are numbers such as & which are not rational numbers. This fact cannot be seen by the naked eye. We are capable of seeing it through the method known as “proof”, which was invented by the ancient Greeks. Pythagoras was astonished by the proved existence of an irrational number. He proved it by himself, but he agonized over the interpretation of this fact. (Pythagoras thought that the existence
0.1.
BEFORE
FERMAT
3
of an irrational number was an error of the gods. So, he prohibited his disciples from telling this fact to anyone else. Legend has it that a disciple broke the ban, and then lost his life in a shipwreck because of the anger of the gods.) Euclid’s Elements, which was written in the third century B.C., is a compilation of ancient Greek mathematics. It includes a proof of the existence of infinitely many prime numbers, and it discusses greatest common divisors and least common multiples (volumes 7 and 9 in the thirteen volumes of Elements). Knowing the existence of irrational numbers, Elements treats the question “How can we give a foundation for real numbers based on rational numbers?“, and it develops an excellent theory of real numbers (Elements, volume 5). Pythagoras agonized over this question, and Elements discusses it a great deal. It was only in the nineteenth century that a complete answer was given (see $2.4 in this volume). However, the theory of real numbers developed in the nineteenth century did not put to rest the question posed by the ancient Greeks: Around a hundred years ago, using a “What are the numbers?” method similar to the construction of real numbers out of rational numbers, a world of numbers called “$adic numbers” was established for each prime number p out of rational numbers. They form a quite different world from the world of real numbers, but they turn out to be as natural and as important as the world of real numbers. {padic numbers} > {rational numbers} c {real numbers)
Diophantus was a mathematician of the third century, and he was a descendant of the ancient Greek school of mathematicians. He wrote the book Arithmetica, which discusses rational solutions to algebraic equations. After Diophantus, the development of number theory slowed down until Fermat. The Renaissance revived the free spirits of the ancient Greece, and Arithmetica was republished. Fermat was stimulated by Arithmetica and began to study number theory. Fermat was a lawyer in Toulouse in France. He founded a method of describing a geometric figure by an equation (for example, expressing an ellipse by the equation $ + $ = 1) independent of Descartes. He obtained maxima and minima of a function using a method similar to calculus. Later this work served as a clue to the discovery of calculus. He also did some important work on number theory. He was the greatest mathematician of the first half of the seventeenth century.
4
0. INTRODUCTION
In the following sections we introduce some propositions Fermat claimed to have proved. Each of them surpassed the level of ancient mathematics, and they began the epoch of modern number theory. Fermat himself seldom wrote down a proof, but mathematicians of later eras made efforts to give a proof to each of these propositions. These propositions concern integral or rational solutions to algebraic equations. It appears as if they are just a compilation of bits of facts on different equations. Indeed, his contemporaries had a tendency to think that way. However, we believe that Fermat, who had a deep affection for these propositions, understood intuitively that the study of integral or rational solutions to equations leads us to a profound part of mathematics. As it turned out, these theorems are the tip of the iceberg of deep mathematics.
0.2. Prime numbers and the sum of two squares
Fermat left fortyeight comments in the margin of his copy of Arithmetica about his work related to the text. These comments were published after the death of Fermat by his son. The socalled “Last Theorem” is the second among these comments. (See, for example, Number Theory by A. Weil.) The seventh comment is related the following propositions obtained by Fermat.
PROPOSITION
ulo 4 sides right (e.g.,
0.1. Let p be a prime number congruent to 1 mod(e.g., 5,13,17). Then there exists a right triangle with integer such that the length of tile hypotenuse is p. Conversely, no such triangle exists for any prime number congruent to 3 modulo 4 3,7,11).
Notice that in Figure 0.1 the prime numbers 5,13,17 are hypotenuses of right triangles. It can be shown, however, that there is no right triangle having 21 (which is not a prime) as its hypotenuse, even though 21 is congruent to 1 modulo 4. As we mentioned earlier, right triangles whose sides are integers have been studied since ancient times. However, Fermat was the first to discover such relations between prime numbers and right triangles.
PROPOSITION
4, then there
0.2. If p is a prime number congruent exist natural numbers x and y satisfying p=x2+y2.
to 1 module
0.2.
PRIME
NUMBERS
AND
THE
SUM
OF
TWO
SQUARES
5
For example,
we have
Conversely, for a prime number p congruent not exist rational numbers x and y satisfying
to 3 module 4 there p = x2 + y2.
do
Propositions 0.1 and 0.2 were “preludes” to class field theory, which is one of the greatest theories of twentieth century mathematics. We will discuss class field theory in Volume 2. Using the complex number i = a, we can interpret Proposition 0.2 as follows. A prime number p congruent to 1 modulo 4 loses its irreducibility as a prime number in the ring Z[i]={a+bi/ and it factors a,bEZ} into the product (Z is the ring of all integers) of two numbers, such as
5 = 22 + l2 = (2 + i)(2  i), 13 = 32 + 22 = (3 + 2i)(3  2i),
17 = 42 + l2 = (4 + i)(4  i). The numbers such as 2 + i, 2  i a.nd 3 + 2i that appear in the above factorizations are “prime elements” in Z[i] which correspond to prime numbers in Z. Just as any nonzero integer can be uniquely factored into the product of prime numbers up to a multiple of fl, any nonzero element of Z[i] can be factored into the product of prime elements up to a multiple of fl or fi. A prime number congruent to 1 modulo 4 is the product of two prime elements in Z[i], while a prime number congruent to 3 modulo 4 is a prime element in Z[i]. This is the idea behind Proposition 0.2. We can also prove Proposition 0.1 using the idea of “prime factorization in Z[i]“, as we see 52 = (2 + i)2(2 132 = (3 + 2i)2(3 172 = (4 + i)2(4  i)2 = (3 + 4i)(3  4i) = 32 + 42,  12i) = 52 + 122,  8i) = 152 + 82.
 2i)2 = (5 + 12i)(5  iy = (15 + 8i)(15
Therefore, Propositions 0.1 and 0.2 are reflections of the fact that as we extend the notion of numbers from Z to Zbi], the factorization of a prime number in Z[i] is determined by its residue modulo 4. One of the main themes of class field theory is the factorization of prime numbers when we extend the world of numbers, and Fermat’s
6
0. INTRODUCTION
Propositions 0.1 and 0.2 may be called the “prelude to class field theory”. We will come back to class field theory once again in $0.3. 0.3. p = x2 + 2y2, p = x2 + 3y2,. . . Fermat also discovered the following fact.
PROPOSITION 0.3. If p is a prime number congruent to 1 or 3 modulo 8, then there exist natural numbers x and y satisfying
p=x2+2y? For example, we have 3=12+2x12, 11=32+2x12, 17=32+2x22. Conversely, for a prime number p congruent to 5 or 7 module 8 there do not exist rational numbers x and y satisfying p = x2 + 2y2.
PROPOSITION 0.4. If p is a prime number congruent ulo 3, then there exist natural numbers x and y satisfying
to 1 mod
p=x2+3y? For example, we have 7=22+3x12, 13=12+3x22, 19=42+3x12. to 2 module 3 there do p = x2 + 3y2. Conversely, for a prime number p congruent not exist rational numbers x and y satisfying
PROPOSITION 0.5. If p is a prime number congruent to 1 or 7 module 8, then there exist natural numbers x and y satisfying
p=xa2y2. For example, we have 7 = 32  2 x 12, 17 = 52  2 x 22, 23 = 52  2 x 12. Conversely, for a prime number p congruent to 3 or 5 modulo 8 there do not exist rational numbers x and y satisfying p = x2  2y2. We will give a proof of these propositions in Chapter 4, together with a proof of Propositions 0.1 and 0.2. Through the eyes of modern mathematics, all these propositions may be regarded as preludes to class field theory. Consider the identities 3 = l2 + 2 x l2 = (1+ G)(l 7 = 22 + 3 x l2 = (2 + Q)(2  J2),  a),
7 = 32  2 x l2 = (3 + Jz)(3  Jz).
0.4. PELL'S TABLE
EQUATIONS
7
0.1
~ primes congruent to 1 or 3 modulo 8
acm
I
primes congruent
to 1 or 7 modulo 8
We see that Propositions 0.3, 0.4 and 0.5 are reflections of how prime numbers are factorized in Q(n) = {u + b&2 1 a, b E Q} (where Q is the set of all rational numbers), Q(a), and Q(d), respectively. Together with Proposition 0.2, we summarize the factorization of prime numbers in Table 0.1. Class field theory tells us the correspondence between the extensions of the rational number field Q and the factorization of prime numbers. Furthermore, it tells us the correspondence between the extensions Q( Jr) and Q(a) and the factorization of prime elements of Q(&i) and Q(a). See Chapter 4 for details. Class field theory is one of the summits attained by Teiji Takagi around 1920 after contributions by Fermat, Gauss, Kummer, Weber, Hilbert , and others. Also, there is an interesting theory on the existence of rational solutions to equations of the type a~’ + by2 = c (a, b, c are rational numbers), such as x2 + y2 = 5, x2 + 2y2 = 7. We will discuss it in Chapter 2. 0.4. Fermat
square
Pell’s
equations
also declared that he proved the following.
0.6. Let N be a natural number natural number. Then the equation x2  Ny’ = 1 solutions. which is not a
PROPOSITION
of another
has injinitely
many natural number
For example, the equation x2  2y2 = 1 has infinitely many natural number solutions such as 32  2 x 22 = 1, 172  2 x 122 = 1, 9g2  2 x 702 = 1.
equation.
An equation cf the form x2  Ny2 = 1 is called a Pell’s
8
0. INTRODUCTION
Through the eyes of modern mathematics Proposition 0.6 may be regarded as a statement about the ring Z[&V] = {a+bfl ( a, b E Z}. If integers z and y satisfy 2’  Ny2 = 1, then x + yfl is a unit of the ring Z[&V] ( an element that has an inverse in %[&I), since we have the relation (x + yv%)(z  yfi) = 1. For example, it can be seen that the set of units of Z[Jz] is the set {f(l + a)” j n E Z}, and the fact that iZ[fi] h as infinitely many units is the reason why the equation x2  2y2 = 1 has infinitely many solutions in natural numbers. The situation is significantly different with the ring Z[i], whose set of units is the finite set (51, rti}. We will study such sets of units in Chapter 4, where we introduce “Dirichlet’s unit theorem” (see 54.2; the proof will be given in 56.2). In $4.2 we will prove Proposition 0.6 using Dirichlet’s unit theorem.
0.5.
Triangular
numbers, quadrangular pentagonal numbers of Fermat
numbers,
The eighteenth comment is the following proposition.
in the margin of Arithmetica
PROPOSITION 0.7. If n > 3, any natural number can be expressed as the sum of less than or equal to n ngonal numbers.
Here, an ngonal number is the number of dots when you draw a regular ngon in such a way as in Figure 0.2. Pythagoras and his disciples showed great interest in these numbers. For example, 1,3,6,10 ,... are triangular numbers, which can be expressed as iz(x + 1) with a natural number z. Quadrangular numbers are nothing but squares. In the place where he wrote down Proposition 0.7, Fermat said that Proposition 0.7 was related to many profound mysteries in number theory and that he intended to write a book about them. Unfortunately, however, the book was never written. If we extract the part about the quadrangular numbers from Proposition 0.7, we have the following.
PROPOSITION
integers
0.8. Let n be a natural number. x, y, z and u satisfying
n=x2+y2+z2+u2.
Then,
there
exist
0.5.
TRIANGULAR,
QUADRANGULAR..
PENTAGONAL
NUMBERS
9
. OQtsl
FIGURE 0.2. ngonal numbers For example, we have 7=22+12+12+12, 5=22+12+02+02, 15 = 32 + 22 + 12 + 12. Euler, the greatest mathematician of the eighteenth century, was quite impressed by Fermat’s Proposition 0.7, and was disappointed that Fermat had not written the proof. He became the successor to Fermat in number theory by giving proofs to many of the statements Fermat made. It is said that Euler struggled greatly when he attempted to prove Proposition 0.8. A proof of Proposition 0.8 was given in 1772 by Lagrange, who took over Euler’s effort. In 1882 Jacobi gave a new proof of Proposition 0.8 using automorphic forms. We will present Jacobi’s proof in Chapter 9 on automorphic forms in Volume 3 (Theorem 9.22). Jacobi’s method of proof is so strong that it gives the number a(n) of quadruples (5, y, z, U) that
10
0. INTRODUCTION
satisfy n = x2 + y2 + z2 + u2 for each integer n > 0. Jacobi’s method uses the fact that the series
g a(n)Fnz n=O is an automorphic form, and it is a typical example of applications of automorphic forms to the arithmetic of quadratic forms. Propositons 0.10.8 solve some of the problems of representing integers or rational numbers by quadratic forms such as x2 + y2 and x2 + y2 + z2 + u2. The arithmetic of quadratic forms grew out of these questions. 0.6. Triangular numbers, squares, cubes
Until now, all the work of Fermat we introduced concerns squares of numbers. We now consider cubes of numbers. A natural number that is the cube of another natural number is called a cubic number. Fermat compared cubic numbers to triangular numbers, and cubic numbers to square numbers. He stated the following. PROPOSITION 0.9. A triangular number
cubic number. dinerent a square from
1 is not a
added
PROPOSITION 0.10.
to 2 becomes to 4 becomes
The only case where a cubic number is 52 + 2 = 33.
number
PROPOSITION 0.11. The only caseswhere a square number added a cubic number are 22 + 4 = 23 and 112 + 4 = 53. Propositions 0.9, 0.10 and 0.11 concern natural number solutions
to
iY(Y
+ 1) = x3,
y2+2=x3,
y2+4=23.
It is very difficult to prove these propositions (as well as Propositions 0.10.8) by hand without using any significant tools. In attempting to prove these propositions we are naturally led to profound mathematics. In $4.1 we will prove Propositions 0.10 and 0.11 by methods of algebraic number theory. Rewriting the equations y2 + 2 = x3 and y2 + 4 = x3 as
(y + d=)(y
 J2)
= x3
and
(y + 2a)(y
 2&i)
= x3,
0.7.
RIGHT
TRIANGLES
AND
ELLIPTIC
CURVES
11
FIGURE
0.3. The elliptic curve y2 = x3  2
respectively, we can prove Propositions 0.10 and 0.11 using the arithmetic of iZ[J“i] and Z[&i], respectively. We can view Propositions 0.90.11 as solving the equations of the form (0.1) y2 = (polynomial of degree 3),
where the cubic polynomial on the righthand side has no multiple root. (In Proposition 0.9 we can rewrite iy(y+ 1) = x3 as (2y+ 1)2 = (2~)~ + 1, and we obtain an equation of the form (0.1) by replacing 2~ + 1 by Y.) A curve defined by an equation of the form (0.1) is called an elliptic curme (see Figure 0.3). An elliptic curve is not an ellipse; it is so named due to the fact that it is related to the length of the perimeter of an ellipse. From here on all the work of Fermat we discuss will be related to elliptic curves. Fermat studied elliptic curves a great deal, although he did not realize it consciously. Elliptic curves are rich mathematical objects. We will discuss elliptic curves in Chapter 1 and in Volume 3. 0.7. Right triangles and elliptic curves
Fermat’s twentythird comment in the margin of Arithmetica is Proposition 0.12, and his fortyfifth comment is Proposition 0.13. He also mentions Proposition 0.14.
12
0. INTRODUCTION PROPOSITION
0.12. Given a triangle
length, there exist infinitely many triangles have the same area as the given triangle.
whose sides have rational with rational sides that
For example, the area of the triangle whose sides are 3,4,5 is 6, and Fermat explained a method to obtain the triangle (&, y, w) that has the same area 6.
PROPOSITION 0.13. The area of a right integers is not a square. PROPOSITION
triangle whose sides are
triangle whose sides are
0.14. The area of a right
a square.
integers
is not twice
Propositions 0.13 and 0.14 say that there does not exist a triangle whose sides are rational numbers and whose area is 1 or 2, respectively. If such a triangle existed, we would be able to obtain, by multiplying all three sides by a suitable integer, a triangle whose sides are integers and whose area is a square or twice a square. As we will show in §l. 1, finding a right triangle whose sides are rational numbers and whose area is a positive rational number d is essentially the sameas finding a rational solution to the equation y2 = x3  d2x other than (x, y) = (O,O), (fd, 0). Thus, Proposition 0.13 and 0.14 state that the equation y2 = x3  d2x for d = 1,2 does not have a rational solution except for (x, y) = (O,O), (fd,O) (which we will show in the case d = 1 in §1.3), whereas Proposition 0.12 states that if y2 = x3  d2x has a rational solution other than (O,O), (fd, 0), then it has infinitely many rational solutions. A very important conjecture, called the Birch and SwinnertonDyer conjecture, has been proposed to provide a method of determining whether or not an equation of an elliptic curve with rational coefficients has a rational solution (see $12.1(e) in Volume 3); this is currently an active field of research. Wiles, who proved Fermat’s Last Theorem, started his career by studying the Birch and SwinnertonDyer conjecture (3. Coats and A. Wiles, On the conjecture of Birch and SwinnertonDyer, Invent. Math. 39 (1977), 2233251).
0.8. Fermat’s Last Theorem
Statements made by Fermat have been proved by the efforts of mathematicians of later eras; however, Fermat’s Last Theorem remained unproved, and thus was called the “Last Theorem”. It is known that Fermat had a complete proof for the case n = 4 (i.e., nonexistence of nontrivial solutions to the equation x4+y4 = z4).
0.8.
FERMAT’S
LAST
THEOREM
13
Fermat seldom wrote a proof of his results, but he actually wrote down a proof of Proposition 0.13 in the margin of Arithmetica. The proof of Proposition 0.13 gives a proof of the Last Theorem for the case n = 4 as a byproduct (see 31.1). Fermat told his acquaintances about the results mentioned in this chapter over and over again except for the Last Theorem. Later in life, he also mentioned the case n = 3 of the Last Theorem as his important discovery. Considering what he wrote about those results and the outline of the proofs in the letters, we guess that Fermat had a proof or something closer to a proof for those results. However, Fermat never discussed the Last Theorem in the case where n is greater than or equal to 5 except in t,he margin of Arithmetica. Considering how hard it was to prove the Last Theorem for the mathematicians of later eras, it is believed that Fermat thought wrongly that he had a proof for the Last Theorem. Some attempts to prove Fermat’s Last Theorem by mathematicians of later eras brought advancements in mathematics. Among those are the work of Kummer and of Wiles. Kummer did the following. Fermat ‘s equation xn + y” = zn can be rewritten
Xn
in the product
form
= (2  Y)(Z  GLY) . ‘. (2  c,“‘YL primitive root of unity cos(27r/n) + isin(2r/n).
where cn is the nth If the ring
q&l = (a0 +
a1Cn
+
. .
+
a,(~
1r 2
0,
~0,.
. , a,
E Z}
has the unique factorization property (i.e., the property that “any nonzero element can be factored uniquely into the product of prime elements” just as in Z), we can prove Fermat’s Last Theorem by factoring z and z  <ky (Ic = 0, 1, . . , n  1). Unfortunately, for most n, Z[<J does not have a unique factorization property like Z or the ring Z[i] that appeared in 30.2. Kummer discovered that in Z[&] there is a law called the unique factorization into prime ideals (see 34.2) which replaces the unique factorization into prime numbers. His discovery pioneered algebraic number theory (the study of rings such as Z[&]), and he managed to prove Fermat’s Last Theorem for many n (94.4). In the course of his work Kummer came close to discovering the notion of padic numbers, and he discovered a mysterious relation
14
0. INTRODUCTION
among three objects: the < function
the arithmetic
of Z[&],
padic numbers,
and
which was discovered by Euler in eighteenth century (see Chapter 3). Kummer’s work grew into Iwasawa theory in the twentieth century. We will discuss Iwasawa theory (see Chapter 10 in Volume 3). Wiles extended Iwasawa theory, used the theory of automorphic forms (see Chapter 9 in Volume 3), and studied the arithmetic of elliptic curves very deeply in order to prove Fermat’s Last Theorem. Details of the proof given by Wiles will be discussed in the book Fermat’s Last Theorem in the Iwanami series The Development of Modern Mathematics. We will also explain the highlights of his proof in 512.2 in Volume 3. We have seen the relation between the work of Fermat and modern mathematics. Fermat, who was the founder of modern number theory, noticed the depth of the world of numbers. Recently, a deeper part of number theory has been found to be tied up with a deeper part of theoretical physics as if it makes a harmony with the philosophy of Pythagoras that “everything is a number.” We think that the reason for the depth of the world of numbers fascinated Pythagoras, Fermat and many others is that it is a reflection of the depth of the universe. As number theory has been developed during the 350 years since Fermat’s era, we have discovered the enormous depth of the world of numbers.
Exercises 0.1. Show that the nth root of 5 is an irrational number for n greater than 1.
0.2. Show that fi
+ fi
is an irrational number.
0.3. Express 29, 37, 41, and 53 in the form x2 +y2 (x, y integers). 0.4. Diophantus states “65 = 5 x 13 is the product of 5 and 13, both of which can be the length of the hypotenuse of a right triangle with rational sides. Therefore, 65 can be the length of the hypotenuse of two different right triangles with rational sides as we have 652 = 632 + 162 = 562 + 332.” Explain this fact using prime factorization in Z[i] as in $0.2.
EXERCISES
15
0.5. If we form the fraction z/y from a natural number solution to x2  2y2 = 1, such as 172  2 x 122 = 1 and 9g2  2 x 702 = 1, we obtain a rational number very close to fi = 1.41421.. . as we have 17 = 1416 “‘> 99 . . Explain why. 70 = 1.41428.. 12 . 0.6. Show that there are infinitely many integers which multaneously both a triangular number and a square. are si
CHAPTER
1
Rational
Points
on Elliptic
Curves
The aim of this chapter is to introduce elliptic curves and the main part of the proof of Mordell’s theorem, which plays an important role in the arithmetic of elliptic curves.
1.1. Fermat
and elliptic
curves
we explained in “there does not whose area is a of Arithmetica.
(a) x4 + y4 = z4 and elliptic curves. As $0.7, Fermat wrote down a proof of the fact that exist a right triangle whose sides are integers and square”(Proposition 0.13) in the margin of his copy His proof implies the following proposition. PROPOSITION 1.1. There
satisfying xyz # 0. is no solution
(cc, y, z) to x4 + y4 = z4
In modern language, Fermat’s proof of Proposition 0.13 can be considered a study of the elliptic curve y2 = z3  z. As we will see later in (c), Proposition 0.13 is equivalent to Proposition 1.2 below. Proposition 1.1 is also a consequence of Proposition 1.2.
PROPOSITION 1.2.
(z,y)
The only rational = (0,O) and
solutions (kl,O).
to y2 = x3 x
are
We can see that Proposition 1.1 is a consequence of Proposition 1.2 as follows. If there exist natural numbers 5, y and z satisfying x*+y4=z4, we see (by moving that they satisfy y4 to the other side and then multiplying by z2/y”)
(Ye),= This implies that ing y # 0, which the equation contradicts
($)3Y;. y2 = x3  x has a solution satisfyProposition 1.2. Thus, we see that
17
18
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
FIGURE
1.1. Elliptic
curves
Proposition 1.1 follows from Proposition 1.2. We will give a proof of Proposition 1.2 in (d). Our proof is a translation of Fermat’s proof of Proposition 0.13 written in the margin of Arithmetica. (b) Elliptic curves. In the Introduction we explained that Fermat’s statement “No triangular number different from 1 is the cube of a natural number” can be interpreted as a statement about the integer solutions to the equation y ’ = z3 + 1. We also said that Fermat stated that the only natural number solutions to y2 = x3  4 are (z, y) = (2,2) and (5,ll). The graphs of the elliptic curves y2 = x3  5, y2 = x3 + 1,
y2
= 23  4 of the
are shown in Figure 1.1. An elliptic curve over Q is a curve given by an equation following form:
y2 = ax3 + bx2 + cx + d (a,b,c,d~Q!, a#O), (*I where the cubic polynomial of the righthand side does not have a multiple root. If K is a field of characteristic different from 2, then we define an elliptic curve over K by replacing a, b, c, d E Q by a, b, c, d E K in (*). In this section we consider only elliptic curves over Q, and we omit the definition of elliptic curves over a field of characteristic 2. The curves defined by
y2
zz 53
and
y2 = x2 (z + 1)
1.1.
FERMAT
AND
ELLIPTIC
CURVES
19
FIGURE
1.2. Curves
that are not elliptic
curves
are not elliptic curves since the cubic polynomials on the righthand side have a multiple root. This can be seen in Figure 1.2 as they are graphically different from elliptic curveseach of them has a singular point at (0,O). In Figure 1.1 the points indicated by . are integral points (points whose z and ycoordinates are both integers) of each elliptic curve. A point whose x and ycoordinates are rational numbers is called a rational point. Studying integral and rational points on a elliptic curve was Fermat’s favorite theme, and as we will explain in the book, it leads us to a profound part of mathematics. The only integral points of elliptic curve in Figure 1.1 are the points marked by the dots . . (For y2 = x3 + 1, this statement contains Proposition 0.9. For y2 = x3  4, this statement corresponds to Proposition 0.11. A proof of Proposition 0.11 will be given in $4.1.) In general, it is known that an elliptic curve over Q has only a finite number of integral points (Mordell, Siegel). Since y2 = x3 and y2 = x2(x+1) are not elliptic curves, they may have infinitely integral points. Indeed, (n3, n2) (n E Z) are integral points of y2 = z3, and (n2  1, n(n2  1)) (n E Z) are integral points of y2 = x2(x + 1). This suggests that the geometrical difference is related to the arithmetical difference. On the other hand, an elliptic curve over Q may have a finite or infinite number of rational points. In Figure 1.1, all the rational points of y2 = x3 x are the points indicated by the dots . (Proposition 1.2), and all the rational points of y2 = x3 + 1 are also the points indicated
20
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
by the dots . . However, there exit infinitely many rational points on y2 = x3  4, such as (7, 9). In 51.3 we will introduce Mordell’s theorem, which concerns rational points on elliptic curves. Studying rational points on an elliptic curve is still an active area of research where many studies are being done around the conjecture of Birch and SwinnertonDyer and other conjectures.
(c) Right triangles and elliptic curves. Fermat’s Proposition 0.13 is equivalent to the statement “There is no triangle whose sides are rational numbers and whose area is 1.” This statement is equivalent to Proposition 1.2, which concerns the elliptic curve follows from the case d = 1 in Y 2 = x3  z. This equivalence Lemma 1.3.
LEMMA 1.3.
conditions (i) (ii) (iii)
Let d be a positive rational (i) through (iii) are equivalent.
number.
The following
There exists a triangle whose three sides are rational numbers and whose area is d. There exist three squares of rational numbers that form an arithmetic progression of difference d. There exists a rational solution to y2 = x3  d2x other than (x, y) = (0,O) and (fd, 0).
For example, the area of the right triangle having sides 3, 4, 5 is 6. The sequence (f)‘, (f)‘, (g)” is an arithmetic progression of difference 6. The question “For which d does there exist a sequence of three squares of rational numbers that forms an arithmetic progression of difference d?” (which is equivalent to the question “Which numbers d can be the area of a right triangle whose sides are rational numbers” by Lemma 1.3) has drawn a great deal of attention for long time. In fact, we can find a reference in Arabian mathematics more than one thousand years ago. (Around that time ancient Greek mathematics was forgotten in Europe, but it was imported to the Arabic culture where it grew steadily. During the Renaissance, Europeans reintroduced Arabic mathematics.) Lemma 1.3 follows from Lemma 1.4 below, since conditions (i), (ii) and (iii) in Lemma 1.3 imply that the sets Ad, Bd and cd in Lemma 1.4, respectively, are not empty when K = Q.
1.1.
FERMAT
AND
ELLIPTIC
CURVES
21
LEMMA
1.4.
For d E K define
Let K be a field of characteristic different the sets Ad, Bd and Cd as ~0110~s: = d),
from
2.
Ad = {(x, y, z) E K x K x K ) x2 + y2 = z2, ;xy Bd={(u,u,w)EKxKxKIu2+d=u2, Cd = {(x, y) E K x K ) y2 = x3  d2x, Then there Indeed, exist bijections between
v2+d=w2}, y # O}.
any two of Ad, Bd, and Cd.
between Ad+Bd; Bd + Ad;
Ad and Bd we have two maps (x,y,z)++ (u, u, w) y,;,+ (w  u, w + 21, au), For example, (3,4,5) E A6
and these maps are inverse corresponds to metic progression (i,$,g) with
to each other.
E BG, and (f)“,(%)‘,(g)’ is an arithdifference 6. (5,12,13) E A30 corresponds to
, (q)” is an arithmetic progression (S, y, 7) E B3o, and ($)’ , (y)’ with difference 30. The fact that there is a onetoone correspondence between Bd and Cd follows from the case a = d, b = 0, c = d in Lemma 1.5.
LEMMA 1.5. Let K be a field of characteristic different from 2, and let a, b, and c be distinct elements in K. Define B, C and C by
B={(u,v,w)~KxKxK(u~+a=v~+b=w~+c}, C?= {(x,y) C = {(x,y) E K x K 1 y2 = (x  a)(x E K x K / y2 = (x  a)(x  b)(x  c)},  b)(x  c), y # 0)
= 6’  {(a, 01, (b, 01, (c, 0)). Then (1) f(u,
dX,Yl)
There exist mutually given by
inverse
maps
f :B
+ C and g : C + B + u)),
v, w) = (u2 + a + u21+ VW + wu,
=
(u + v)(u + w)(w a)),
$((x
 a)2  (b  a)(c
&((x (2) There
 b)2  (a  b)(c  b)), &(x is a map h : B + 6’ given
 c)~  (a  c)(b  c))) by h(u, u, w) = (u2+a, uvw).
22
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
The proof of Lemma 1.5 is straightforward, reader.
and we leave it to the
REMARK 1.6. The composition of two maps in Lemma 1.5, hog : C + C, is a map called the multiplicationby2 map of the elliptic curve y2 = (x  a)(x  b)(x  c) (see 51.2). From the definition of h we see that the image of h o g (which coincides with the image of h since g is surjective) is
{(x,y) E K x K 1 y2 = (x  u)(x  b)(x  c), xa, We will use this fact later. We now have seen that Proposition equivalent. 0.13 and Proposition 1.2 are xb, 5 c are squares in K}
(d) Proof of Proposition 1.2. We will now prove that the only rational solutions to y2 = x3  x are (0,O) and (kl,O). Let a be a rational number and write a = z as a fraction in lowest terms. Define the height H(a) to be max(lm), In/), where max(a, b) indicates the greater of a and b. (If a = b, we define max(u, b) = a = b.) Also, min(u, b) i.s defined as the smaller of a and b, and if a = b, min(u, b) is defined as a (and thus b). For example, we have H(g) ~8, H(S) =7, H(O)=1 since O=i.
Suppose there is a rational solution to y2 = x3  x other than (0, (0, (fl, 0). Ch oose one of the solutions such that the height of the xcoordinate is the smallest possible, and denote it by (xo, ye). The strategy of the proof is to show that we can construct another rational solution to y 2 = x3  x different from (0,O) and (fl, 0) such that the height of xcoordinate is smaller than that of xc. Fermat often used this method of construction of a “smaller solution” to the same equation. He called it the method of “infinite descent”. The proof consists of the following three steps. (i) Show that we may assumexc > 1. (ii) Letxe>l. Sincewehave(xcl)xc(xe+l)=x$xe=yg, (x0  1)X0(X0 + 1) is a square of a rational number. We show that each of xc  1, xc and x0 + 1 is the square of a rational number.
1.1.
FERMAT
AND
ELLIPTIC
CURVES
23
(iii)
Consider the case K = Q, a = 1, b = 0, c = 1 in Lemma 1.5 and consider the map in that lemma h 0 g : c = {(XT, y) E Q x Q 1 y2 = x3  2, y # 0) + c = { (2, y) E Q x Q ) y2 = x3  22).
Since ze  1, 20 and 50 + 1 are all squares, it follows from Remark 1.6 that there exists a point (zi,yl) E C such that h o g(zi, yi) = (ze, ye). We then show H(zi) < H(Q). Let us show first that we may assumezo > 1. If (z, y) is a rational solution to y2 = x3  II: different from (0, 0), then (i, 3) is another solution, and we have H(z) = H (i). Thus, we may assumex0 > 0. If ~0 > 0, then we have (20  l)zo(ze + 1) = yi > 0, and thus 50 > 1. Let us move on to the step (ii). Suppose ~0 > 1, and write 20 = z, m > n > 0, as a fraction in lowest terms. We first show that one of m and n is an even number. Suppose both m and n are odd numbers, and let
xb = * = cm + n)P
20  1
(mn)/2
Then (zb, 2yo/(sc  1)2) is another solution to y2 = x3  5. Since both y and “2” are positive integers, we have m+n mn < max(m,n) = H(Q).
This contradicts the minimality of H(Q). Thus one of m and n is even, and the other is odd since m and n are relatively prime. Since we have mn(m  n)(m + n) (20  l)so(zo + 1) = n4 is the square of a rational number, it follows that mn(m  n) (m + n) is the square of an integer.
QUESTION 1. Here we used the fact, “If rational number, a is the square of an integer.” an integer Prove this a is the fact. square of a
Next we show that any two of m, n, mn and m+n are relatively prime. The only thing we worry is that m  n and m + n may not be relatively prime. But a common factor of these two divides both 2m = (m  n) + (m + n) and 2n = (m + n)  (m  n), and thus it must be 2. Since m  n and m + n are both odd, 2 is not a common factor either.
24
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
It now follows from the case Ic = 2 in Lemma 1.7 below ofm,n,mnandm+naresquares. Thus,ze=z,scl=y and 20 + 1 = 9 are all squares of rational numbers.
that
all
LEMMA 1.7. Let k be a natural number and let al, . . , a, be pairwise relatively prime natural numbers such that the product al . . . a, is the kth power of a natural number. Then ai is the kth power of a natural number for each i = 1,. . . , r. QUESTION prime numbers). 2. Prove Lemma 1.7. (Hint: Factor each a, into the product of
Next we move on to step (iii). Let (si, yi) be the solution to y2 = 23  x that is described in the outline of the proof. We show H(zi) < H(sc). By the definition of h o g we have (XT + 1)” x” = 4(X?  Xl). Writing xi = i as a fraction in lowest
(r2 xo = 4rs(r2
terms,
we have
+ s2)2 s2) '
Here the greatest common divisor of the numerator and the denominator is at most 4. (Reason: It is easy to show that the common prime factor of the numerator and the denominator is at most 2, and thus the greatest common divisor is a power of 2. If r2 + s2 is even, both r and s must be odd. Thus, both r2 and s2 are congruent to 1 modulo 4, and r2 + s2 is congruent to 2 modulo 4. This implies that (r” + s2)2 is not divisible by 8.) Hence, we have 23(x0) 2 a(r2 + s2)2 2: a max(lrl, 1~1)~ >
m=4rl, IsI) = ff(zl).
Here the last > follows from the fact H(xi) 2 2 since xi # 0, &l. This completes the proof of Proposition 1.2. This proof uses the group structure of an elliptic curve (which will be defined in $1.2) and the notion of “height”. In fact, as we see from Remark 1.6, we used the multiplicationby2 map in step (iii). In steps (i) and (ii), given a point P(z, y) in y2 = x3  5, we considered the group two points Q ( $, 3) they correspond and and R to structure, ( 3, A). In terms of
Q=P+(O,O)
R=P+(l,O).
1.2.
GROUP
STRUCTURE
OF
AN
ELLIPTIC
CURVE
25
1.2.
Group
structure
of an elliptic
curve
Given a rational point in an elliptic curve, there is a way to obtain another rational point. Consider the elliptic curve y2 = z3  4 in Figure 1.1. If we draw a tangent line to this elliptic curve at the rational point (2,2), we obtain the point (5,ll) as the other point of intersection between the elliptic curve and the tangent line. The third point of intersection between the elliptic curve and the line passing through (2,2) and (5, 11) is the rational point (y,  y). This process is possible because an elliptic curve has a group structure. The theme of 51.2 is this group structure on an elliptic curve.
(a) Definition
of the group structure
different
on an elliptic
curve.
the equa
Let K be a field of characteristic tion
from 2. Consider
y2 = ax3 + bz2 + cx + d of an elliptic curve E over K. (Here, we assume a, b, c, d E K, a # 0, and the cubic polynomial of the righthand side does not have a multiple root.) Let E(K) be the set of points in E defined over K together with a point 0, i.e.,
E(K)
= {(x,y)
E K x K / y2 = ax3 + bz2 + cz + d} u (0).
Note that 0 is not the point (0, 0), but it is an added point outside the plane. (The precise meaning of 0 will be discussed later.) We define using the following a group structure on E(K) (wri tt en additively) principles (i)(iii) (i) 0 is the identity element. (ii) If P,Q E E(K), P # 0, Q # 0, and R(z, y) is the third point of intersection between the elliptic curve and the line passing through P and Q, then the point (2, y) E E(K) is P + Q (see Figure 1.3). (iii) If P E E(K), P # 0, and the coordinates of P are (5, y), then the inverse element of P is (5, y). For example, consider K = Qp and the elliptic curve y2 = x3  4. If P = (2,2), Q = (5,ll), then P + Q = (y, 9). The above principle does not define P + Q when P and Q coincide. Let us define the sum of P + Q in E(K) more precisely. IfP=O,thendefineO+Q=Q;ifQ=O,thendefineP+O= P. Suppose P # 0, Q # 0 and the coordinates of P are (xi, yi) and
26
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
R P u
p+Y
<
FIGURE
1.3
the coordinates of Q are (52, ~2). First we assume 51 # x2. Then the line passing through P and Q is given by the equation
(1.1)
y =
S(x

Xl)
+ y1.
In order to find the intersection points, substitute (1.1) in y2 = ax3 + bx2 + cx + d, and we have a cubic equation of the form 4x3 + TX2 + sx + t = 0 (4, r, s, t E K, 9 # 0).
qx3 + rx2 +
Since x = x1 and x = x2 are solutions to this equation, sx + t is divisible by (x  x1)(2  x2) and it factors as
qx3 +rx2 + sx+t = q(xx1)(x x2)(x x3)
(x3
E w.
Substitute x = x3 in (1.1) and solve for y. Denote the solution by y4 and set ya = y4. Then (xs,y4) is the third point of intersection, and (x3, ys) is P + Q. Explicitly, we have (14
x3 y3 = = 1 a _ ~2 ~ ( x2 53 52 YI Xl > + Y2Xl 2
x122,
a 511x2
b
92  Yl
x251 . x1 Next, consider the case xi = x2. If yi = y2, define P + Q = 0. Suppose x1 = x2, and yi # y/2. Then we have P = Q, and yi # 0. In this case the line joining P and Q in (ii) must be interpreted as the tangent line to the elliptic curve at P, which is given by
(1.3)
Y=
3ax;
+ 2bxl + c
2Yl
(x Xl) + Yl.
1.2.
GROUP
STRUCTURE
OF
AN
ELLIPTIC
CURVE
27
In order to find the points of intersection, substitute (1.3) in y2 = ax3 + bx2 + cx + d, and we have a cubic equation of the form 4x3 + ?x2 + sx + t = 0 (q,T,S,t E K, 4 # 0).
Since (1.3) is a tangent line, x = x1 is a double root of this equation, and thus the cubic factors to 9x3 + TX2 + sx + t = q(x  x1)2(x  53)
(23 E K).
Substitute x = x3 in (1.3) and solve for y. Denote the solution by ~4, and set y3 = y4. We define P + Q(= P + P = 2P) as (x3, ~3). Explicitly, we have (1.4) L(a2xf x3 =4ayf 4 y3 =8ayf  2acxf  8adxl + c2  4bd), a3xy + 2a2bxT + 5a2cxt
+ 20a2dxT + (20abd  5ac2)xT + (8b2d  2bc2  4acd)xl + (4bcd  8ad2  c”)). elliptic curve y2 = x3  4.
For example, consider K = Q and the If P = (2,2), then we have 2P = (5, 11). We have defined P + Q. It is possible abelian group under this addition. (The to prove. We can prove the associativity geometry, but we do not discuss it here.)
QUESTION 3. Show that the set {P E E(K) nonzero elements of E(K) whose ycoordinates algebraically closed field, we have an isomorphism {P E E(K) 1 2P = 0) E Z/22
to prove that E(K) is an associative law is difficult elegantly using algebraic
1 2P = 0) consists of 0 and are 0. Show that if K is an of groups @ Z/22.
Let K be a field of characteristic different from 2, and a, b, c distinct elements in K. Consider the elliptic curve defined by y2 = (x  a)(x  b)(x  c). We have {P E E(K) 1 2P = 0) = (0, (a,O), (b,O), (c,O)} tion 3). The map in Lemma 1.5 h o g: C = E(K)  (0, (a, 0), (b, 0), (c, 0)) + c = E(K) (see Ques (0)
is nothing but the multiplicationby2 map. This can be seen by comparing the definition of h o g and the formula (1.4), which gives the multiplicationby2 map.
lllllllllllllllllllllllllllllllllllllll 11111 lllll lllll l~llllll~lllll
F(,lDAN BOO12090492443 B km
28
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
(b) The meaning of 0. We now consider the meaning of 0. If K is the field Iw of real numbers, then 0 is geometrically interpreted as the point at infinity. This can be seen as follows. If K = iw, then { (2, y) E R x lR 1 y2 = ax3 + bx2 + cx + d} is the graph of the elliptic curve. 0 can be thought of as the limit point as we go higher and higher. It is also considered to be the limit as we go lower and lower. This is consistent with the definition of P + Q. As an example, consider the elliptic curve y2 = x3  4 (see Figure 1.1). The sum of the points (2,2) and (2, 2) is 0 by definition. Let P be the point (2,2) and Q a point on the curve very close to but different from the point (2, 2). If Q approaches to (2, 2) from below, the sum P + Q goes higher and higher to infinity. If Q approaches to (2, 2) from above, then P + Q goes lower and lower. Therefore, it is natural to think that the limit to the upper direction and the limit to the lower direction should coincide, and the elliptic curve is connected at the point 0. Also, this interpretation is consistent with the fact P + 0 = P. When a point Q on the elliptic curve goes up or down to infinity, P + Q approaches P. Let K be any field of characteristic different from 2. Let us consider the meaning of 0 in this case. Identify E(K) with the set X = {ratio(x : y : Z) 1 z,y, z E K, (5, y, Z) # (O,O,O)
y2z = ax3 + bx2z + cxz2 + dz3} as follows. Identify (2, y) E K x K that satisfies y2 = az”+bx2+cx+d with the ratio (CC : y : 1) E X, and identify 0 E E(K) with (0 : 1 : 0) E X. Here, we consider the ratio (x : y : 2) and the ratio (2’ : y’ : z’) to be the same if and only if there is a nonzero element c in K such that x’ = cx, y’ = cy, Z’ = cz. In X the point 0 acquires the same legitimacy as the points in E(K). (X is a subset of the projective plane consisting of all the ratios (x : y : z). For more detail on projective spaces, see, for example, J. H. Silverman and J. Tate, Rational Points on Elliptic Curves, Appendix A, and the references listed therein.) If K = Iw, we give a natural topology to X. When the point (x, y) on the elliptic curve goes higher and higher, or goes lower and lower, the point point (x, y) = ratio(x : y : 1) = ratio (f : 1 : $) converges to the 0 = (0 : 1 : 0).
1.2. GROUP
STRUCTURE
OF
AN
ELLIPTIC
CURVE
29
FIGURE
1.4. y2 =x3
+1
(c) of E(Q)
Examples. Let us see some examples of the group structure of an elliptic curve over Q.
EXAMPLE 1.8. If E is y2 = zr3  5, then each element of the set E(a) = (0, (O,O), (&l,O)} satisfies 2P = 0 (see Question 3). Thus, as a group we have
E(Q)
= z/az
a? z/az.
EXAMPLE 1.9. If E is y2 = x3 + 1, let P = (2,3) and we see that 2P = (0, I), 3P = (l,O), 4P = (0, l), 5P = (2, 3), 6P = 0 (see Figure 1.4). It can be proven that E(Q) consists of only these points, and thus
E(Q)
g Z/6Z.
EXAMPLE 1.10. If E is y2 = 5s  4, let P = (2,2) and we see that 2P = (5, ll), 3P = (7, v). We do not prove it in this book, but it can be proved that we have
Z%E(Q);wmP.
EXAMPLE 1.11. If E is y2 = IC’  2, let P = (3,5) and we have 2P = (#,$$). W e d o not prove it in this book, but it can be proved that we have
zrE(Q);nHnP.
30
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
(d) Fermat’s method. As we mentioned in $0.7 (Proposition 0.12), Fermat wrote that he had found a method to construct infinitely many right triangles whose sides are rational numbers and whose area is the same as that of a given right triangle with rational sides. He essentially found the fact that can be stated as follows using the notation in Lemma 1.4. Let d be a positive rational number. If (x, y, z) E Ad, then so is y2  x2 z4 + 4xzyz E Ad. 22 ’ 2(y2  x2)z > The map Ad + Ad that sends (x, y, z) E Ad to this point (for example, is nothing but the multiplicationit maps (3,4,5) to (y, &, +)) by2 map of y2 = x3 d2x passing through the identification Ad g cd in Lemma 1.4. As in the proof of Proposition 1.2 in $1.1, Fermat made the most out of the multiplicationby2 map, even though he did not realize that an elliptic curve has a group structure. The multiplicationby2 map yielded very strong results for Fermat because the height (H(x) in $1.1) of the xcoordinate of 2P is usually much greater than that of P (see Example 1.11). For example, consider the point P = (5,ll) on the curve y2 = x3  4. The xcoordinate of 2P is $$, and its height is 785 since the numerator and the denominator are relatively prime. This phenomenon appeared in the proof of Proposition 1.2 at the end of 51.1, and it will be the key point to the proof of Mordell’s theorem in the next section. (The idea of the proof given by Mordell was probably influenced by Fermat .) 1.3. Mordell’s (a) Statement of Mordell’s following theorem in 1922. theorem theorem. Mordell proved the 2xy.z y2 52’
THEOREM 1.12 (Mordell’s theorem). Let E be an elliptic curve over Q. Then the group E(Q) is a finitely generated abelian group.
By the fundamental theorem on abelian groups, a finitely generated abelian group is isomorphic to (1.5) Z@’ @finite abelian group (r 2 01,
where Z@’ denotes the direct sum of r copies of Z. This number r is called the rank of the elliptic curve. For example, the rank of elliptic
1.3.
MORDELL’S
THEOREM
31
curves y2 = x3  2, y2 = x3 + 1, y2 = 53  4, g
= x3 _ 2
are, respectively, O,O, 1,1 (see Examples 1.81.11 in $1.2). It is generally believed that the rank of an elliptic curve over Q can be arbitrarily large, but this is an unsolved problem at present. On the other hand, Mazur proved in 1977 that the finite abelian group part of (1.5), that is, the subgroup of E(Q) consisting of all the elements of finite order, must be one of the groups in the following list: (1) Z/n& (2) Z/nZ where 1 5 n 5 10 or n = 12; @ Z/2& where n = 2,4,6,8. occurs as the elliptic curve of Mordell’s 3. Mordell’s
(It is known that each of the groups in the above list subgroup of all the elements of finite order of some over Q.) In this section we give the main part of the proof theorem. The rest of the proof will be given in Volume (b) Outline of the proof of Mordell’s theorem. theorem is proved using the following two facts.
(I) The weak Mordell theorem, which states that the quotient group E(Q)/2E(Q) is finite. (II) The properties of heights of the rational points on E(Q). We will explain (I) later. Here we discuss (II). In $1.1 we defined the height H(x) of x by max()ml, Inl) if we write z = E in lowest terms. For a rational point P on an elliptic curve E over Q we define the height H(P) as the height of the xcoordinate of P if P # 0, and we define H (0) = 1. We use the following two facts about the height. (IIA) For any positive real number C the set I H(P) I C>
{P E E(Q) is a finite set.
This follows from the trivial fact that for any real number C, the set {x E Q 1 H(x) 5 C} is finite. (IIB) There exists a positive two conditions: real number C satisfying the following
(1) For any P E E(Q), C. H(2P) > H(P)4;
32
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
(2)
For any P, Q E E(Q), C. H(P)H(Q) L min(H(P
+
Q), H(P  Q)).
at the end of 51.2, from (I), (IIA) and
(1) formulates the phenomenon we mentioned namely, “H(2P) is much larger than H(P)". Let us prove that Mordell’s theorem follows (IIB). More precisely, we prove
PROPOSITION 1.13. Let Q1,. of the elements of E(Q)/2E(Q). 1 . . > n} equals E(Q)/2E(U3)). iijies the properties (1) and (2) H(Ql), . , H(Q,) and C. Th en
. . , Qn E E(Q) be representatives (That is, {Qz mod 2E(Q) 1i = Suppose a positive number C satin (IIB). Let M be the largest of E(a) is generated by the finite set I H(P) 5 Ml.
{P E E(Q)
PROOF. Suppose there exist elements of E(Q) outside the subgroup of E(a) generated by the set {P E E(Q) 1 H(P) 5 M}. Let PO be such an element whose height is the smallest. Clearly, we have H(Po) > M. The image of PO in E(Q)/2E(Q) coincides with Qi for some i. For this i, PO + Qi and PO  Qi belong to 2E(a). Let R be the one of these whose height is smaller, and let PI E E(a) be an element satisfying R = 2Pl. By (1) of (IIB) we have
Hi
By (2) of (IIB) we have H(R) Thus, we have I C.
< C.H(R) ff(Po)ff(Qi)
< M.H(R)
5 M2WPo).
ffpq4
I M3w%).
Since H(Po) > M, we obtain Hi < H(Po)4. Thus, we have of H(Po) implies that PI belongs ff(Pl) < H(h). Th e minimality to the subgroup generated by {P E E(Q) 1 H(P) < Ad}. Since PO equals either 2Pl + Qz or 2Pl  Qi, PO also belongs to the subgroup generated by {P E E(Q) 1 H(P) 5 hl}, which is a contradiction. This proves Proposition 1.13. 0
QUESTION 4. Let A be an abelian group. Show that A/2A is a finite group if A is finitely generated. On the other hand, show that A is not necessarily finitely generated even if A/2A is a finite group. (Thus, Mordell’s theorem cannot be derived solely from the weak Mordell theorem, but we need the notion of height.)
1.3.
MORDELL’S
THEOREM
33
(c) Main part of the proof of Mordell’s theorem. The remaining portion of this section is dedicated to the main part of the proof of the weak Mordell theorem for elliptic curves of the form y/“=(xa)(xb)(xc) and the proof above equation, in this section. The proof that advised to skip
Consider
(a, b, c are distinct
rational
numbers),
of part (IIB). Thus, for elliptic curves given by the the proof of Mordell’s theorem will be completed The general case will be treated later in Volume 3. follows is rather complicated; the firsttime reader is it and go directly to Chapter 2.
1.14. Let a, b, and c be distinct curve E defined by y2 = (xu)(xb)(xc).
PROPOSITION
the elliptic
rational numbers.
If P # 0, map
we denote
the xcoordinate
of P simply
by x.
Define
the
8: E(Q) by d(P) = (xa, xb,
+ Q”/(Qx)2
x Q”/W)”
x Qx/Wx)2
xc)
((ub)(ac), ab, ac) ~~__ (b  a, (b  a)(b  c), b  c) (cu, I (Ll, 1) Then cb, (ca)(cb))
ZfP # 0, (a, O>> (h 01, Cc, 01, ifP=(a,O), if P = (b,O), ifP=(c,O), ifP=O. we have
(Here  means mod(Qx)2.)
(1) The map i3 is a group homomorphism. (2) The kernel ofa is 2E(Q). (3) Let G be the subgroup of Qx/(Qx)” generated by the prime factors of a  b, b  c, c  a and 1. Then the image of d is
contained in G x G x G.
For those elliptic curves treated in Proposition 1.14, the weak Mordell theorem follows easily from Proposition 1.14. Indeed, Proposition 1.14 shows that E(Q)/2E(Q) is embedded in the finite group G x G x G by the homomorphism d. Let us prove Proposition 1.14.
34
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
PROOF OF PROPOSITION 1.14( 1). We show that the first component of d is a homomorphism from E(a) to Qx/(a”)2. (The same argument holds for the second and third components.) Suppose P,Q E E(Q) and P, Q, and P + Q are not 0 or (a, 0). (If one of P, Q, P + Q equals 0 or (a, 0), the proof is simpler and it is left to the reader.) Let (~1, yl) be the coordinates of P, (22,~~) those of Q, and (~3, ~3) those of P + Q. It suffices to show (aa)(22 a)(23 a) E (@y2.
(For this implies that 23  a and (51  U)(XZ  u) represent the same element in Cjx/(a”)2.) If y = AZ + /L is the equation of the line passing through P and Q, then (xu)(xb)(xc)(Xx+p)2=0 is the equation for the xcoordinates of the points of intersection tween the line and the elliptic curve. Thus, we have
(x u)(x b)(x  c) (Xx +p)2 = (xx1)(xx2)(x 23).
be
Letting
x = a, we have (x1  u)(m
 u)(x3  u) = (Au + p)2 E (uyy2.
0 1.14(3).
This completes
the proof.
Proposition 1.14(2) follows from Remark 1.6 in 51.1. We need some preparation before proving Proposition
DEFINITION 1.15. For a prime number p and a nonzero rational number t, we define the padic valuation of t, denoted by ord,(t), as the number m in the factorization t = pmu/v, m E Z, where u and v are not divisible by p. Then the following properties (i) and (ii) hold.
(i) ord,(st) = ord,(s) + ord,(t). (ii) For any nonzero rational numbers ord,(s If s and 
s and t
t) 2 min(ord,(s),ord,(t)).
t satisfy ord,(s) # ord,(t), then ord,(s  t) = min(ord,(s), ordp(t)).
PROOF OF PROPOSITION 1.14(3). Let p be a prime number that does not divide either the denominator or the numerator of any of a  b, b  c, and c  a. It suffices to show that for a rational solution (x,y) of y2 = (zu)(xb)(zc) satisfying y # 0, each of ord,(xa),
1.3.
MORDELL’S
THEOREM
35
ord,(x  b) , and ord, (x  c) is an even number. y2 = (x  u)(x  b)(x  c) and (i) that (*I ord,(x  a) + ord,(x  6) + ordP(x  c)
It follows is even.
from
Suppose one of ord,(x  a), ord,(x  b), or ord,(x  c) is negative. Using property (ii), we see in this case that the fact that ord, of the difference of any two of x  a, x  b, and x  c is 0 implies that ord,(x  u) = ordP(x  b) = ord,(x  c). From this and (*) we see that ord,(x  a), ord,(x  b) and ord,(x  c) are all even. Suppose one of ord,(x  a), ord,(x  b) and ord,(x  c) is positive. In this case, the fact that ord, of the difference of any two of x  a, x  b and x  c is 0 implies that any two of ord, (x  u) , ord, (x  b) and ord, (x  c) are 0. From (*) we see that ord,(x  a), ord,(x  b), ord,(x  c) are all even. 0 Next we prove (IIB). Since the proof is complicated, the outline first. Let E be an elliptic curve over Q with equation y2 = ax3 + bz2 + cz + d. Outline of proof of (IIB) (1). We may omit P E E(Q) such that 2P = 0. That is, it suffices to find a positive real number C satisfying C.H(2P) 2 H(P)* for any P E E(Q) such that 2P # 0. For, if C’ is a number greater than both C and H(P)4 for all P E E(Q) satisfying 2P = 0 (there are at most 4 such P’s), then C’ . H(2P) 2 H(P)4 holds for any P E E(Q). Define polynomials f(T) and g(T) by f(T) = uT3 + bT2 f CT + d,  2acT2  8adT + c2  4bd). we describe
g(T) = &(a2T4
If (x, y) are the coordinates of P E E(Q) such that 2P # 0, it follows from (1.4) that the xcoordinate of 2P is given by #. As we will see later, f(T) and g(T) are relatively prime as polynomials (i.e., there is no polynomial of positive degree dividing both). Therefore, it suffices to show Lemma 1.16 below, which has nothing to do with elliptic curves.
LEMMA 1.16. Letf(T) and g(T) be relatively prime polynomials with Q coeficients. Let d be the greater of the degrees of f(T) and
36
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
g(T).
Then
there is a positive
real number
C such that
holds for
all x satisfying
f(x)
# 0.
We will prove this lemma later. The outline of (IIB)(Z). It suffices to show that there is a positive real number C such that H(P + Q) . H(P  Q) 5 C. H(P)‘H(Q)’ holds for P, Q in each of the following cases: (i) P,QEE(Q), P=OorQ=O; (ii) P, Q E E(Q), P + Q = 0 or P  Q = 0; (iii) P, Q E E(Q), P # 0, Q # 0, P + Q # 0, P  Q # 0. Case (i) is clear. As for case (ii), we need to show that there exists a positive real number C such that H(2P) < c . H(P)4
for all P E E(Q). the relation between the xcoordinate C onsidering of P and that of 2P, it suffices to show Lemma 1.17 below, which has nothing to do with elliptic curves.
LEMMA
cients. greater number
1.17. Let f(T) and g(T) be polynomials with Q coefiSuppose that the degree off(T) and that of g(T) are both no than a given natural number d. Then there is a positive real C such that
jg& 5 c . Iqxy (f(x) >
f(x) # 0.
holds for any x satisfying
Finally, consider case (iii). Suppose P, Q E E(Q) , P # 0, Q # 0, P + Q # 0, and P  Q # 0. Write the xcoordinate of P, Q, P + Q and P  Q as xl, x2, x+, and x, respectively. Define s = xi + x2, t = x152, s’ = x+ +x, and t’ = x+x. Then we will later show that s’ and t’ can be expressed as sI _ ds, t) f (% t) ’ t’ = h(s,t) f (% t) ’
of two variables where f (5 T), s(S, T) and h(S, T) are polynomials with Q coefficients whose total degree with respect to S and T is 2. For rational numbers u and u define the height H(u, V) of the pair
1.3.
MORDELL’S
THEOREM
37
(u, u) as follows. Write u and ‘u as a fraction in lowest terms, respectively, and let n be the greatest common divisor of the denominators. Write u = z and v = r$ and define
H(wv) = max(l4, Id, 14)
Then the question to do with elliptic is reduced to Lemma 1.18 below, curves. For we have which has nothing
H(z+)H(z)
5 2H(s’, t’) I 2c. H(s, t)2 < 4c. H(x#H(Llg
(by Lemma (by Lemma (by Lemma 1.18(2).
1.18(l)) 1.18(2)) 1.18(l)) it suffices
for the real number C appearing in Lemma to replace C by 4C to prove the case (iii).
Thus,
LEMMA 1.18. (1) F or any rational ;H(U)f(v)
numbers
u and v we have
< H(u + v, UV) 5 2H(u)H(v).
(2) Let f(S, T), s(S, T) and h(S, T)
be polynomials in two variables with Q coeficients. Suppose that the total degree with respect to S and T of each off (S, T), g(S, T) and h(S, T) is no greater than a given natural number d. Then there is a positive real number C such that
jg
ds,t) ( f(s,t)’
h(s,t) f(s,t) >
< 
c.
H(s ’
qd
holds for any rational
numbers
s and t satisfying
f (s, t) # 0.
We will prove Lemmas 1.17 and 1.18 later. Now we discuss the details of the proof of (IIB). First, in the outline of the proof of (IIB)(l) the fact that f(T) and g(T) are relatively prime follows from the fact that g(T) = if’(T)” ( 2T + $ 1 f(T)
(where f’(T) = 3aT2 + 2bT + c is a derivative of f(T)) and the fact that f(T) and f’(T) are relatively prime as polynomials, since f(T) does not have a multiple root. In the outline of proof of (IIB)(2)
38
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
case (iii) it suffices to define f(S, T), g(S, T) and h(S, T) as follows: f(S,T) = S2  4T; + 2cS + 4bT + 4d);  2acT  4adS + c2  4bd).
g(S, T) = ;(2aST h(S, T) = $(a2T2
This can be seen from the addition formula (1.2) for the points on an elliptic curve. In order to complete the proof of (IIB), it remains to prove Lemmas 1.16, 1.17 and 1.18. We prove them in order of increasing difficulty. (The proof of Lemma 1.16 is the hardest, but the others are relatively easy.)
PROOFOF LEMMA 1.18(l). Writeuandvasu= in lowest terms, respectively. We have
u+w=
zandw
= 5
mn’ + m’n mm’ lLw=. nn’ ’ nn’ We show that the greatest common divisor of mn’ + m/n, mm’, and 7272’is 1. Suppose 1 is a common prime factor of mn’ + m’n, mm’, and nn’. Then 1 divides mm’, and thus 1 divides either m or m’. If 1 divides m, then it divides m’n since it divides mn’ + m’n. Since m and n are relatively prime, 1 divides m’. On the other hand, 1 divides nn’, and thus it divides n’. This contradicts the fact that m’ and n’ are relatively prime. This shows that the greatest common divisor is 1. Consequently, we have H(u + 21,UW) = max(lmn’ by definition of the height. H(u)H(v) + m’nl, lmm’l, Inn’/)
On the other hand, we have lmn’l, Im’nl, (7272’1).
= max()mm’l,
It follows easily from these that H(u + V,UV) 5 2H(u)H(v). To show @?(u)H(v) 5 H(u + U, UZI), it suffices to show that i lmn’l and ilrn’nl are less than or equal to max(lmn’ + m’nl, Imm’l, Inn’/). Consider ilrnn’l (the proof for ilrn’nl is similar). We may assume mn’ # 0. Dividing by mn’, and setting y = 2 and y = 5, we need to show that
i I mdll
holds for all real numbers
+ 4,bI,
Ivl)
z and y.
1.3.
MORDELL’S
THEOREM
39
This follows from the fact that the inequality i holds when 1x1 < $, and IyI < i.
11+xyl
2 1  (i) 2 > 0
PROOF OF LEMMA 1.17. By multiplying f(T) and g(T) by a common nonzero integer if necessary, we may assume that the coefficients of f(T) and g(T) are integers. Let C be d + 1 times the largest of the absolute value of all the coefficients of f(T) and g(T). If we define
f(T) = gaiTi, i=o g(T) = k biTi, i=o f(x) # 0 as a fraction z in
and write a rational number x satisfying lowest terms, then we have
g(x) i$obimi,di  = fCx) z$o aimindi.
Therefore, we have
PROOFOF LEMMA 1.18(2). By multiplying f(S, T), g(S, T) and h(S, T) by a common nonzero integer if necessary, we may assume that the coefficients of these polynomials are integers. Let C be i (d + 1) (d + 2) times the largest of the absolute value of the coefficients of these polynomials. Define
f (S, T) = C aijSiT’, Z>j h(S,T) g(S, T) = c bi,S”TJ, id = &SiT3, i>j
where (i, j) runs through all the pairs satisfying i > 0, j 2 0, i+j < d. For rational numbers s and t satisfying f(s, t) # 0, let n be the least common multiple of the denominators of s and t when we write them
40
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
in lowest
terms, and let s = T and
t
= $.
Then we have
& b,jmz(mf)jndi.i d% ___t) =
f(S, t)
ZJ
h(s,t)
fo =
c Cymym’)~ndz~ .>’
5 i.j u,.pn~(m')~?zdiJ .
Hence we have
< max
C aijrn’(n~‘)jn~~~ i>j
,
I c . H(s, t)d.
PROOFOF LEMMA 1.16. By multiplying f(T) and g(T) by a common nonzero integer if necessary, we may assume that the coefficients of these polynomials are integers. We will show that there exist a nonzero integer R, a nonnegative integer e 2 0, and polynomials cI(T) (j = 1,2,3,4) with integer coefficients such that the degree of cl (T) is no greater than e for any j, and
(1.6)
cl (VP(T)
c3(T)f(T)
+ c2V)dT)
+ c4(T)g(T)
= R
= RTd+“.
Let C be 2(e + 1) times the largest of the absolute values of all the coefficients of c3 (T) (j = 1,2,3,4). For any rational number II: satisfying f(x) # 0, we show that Hi lowest terms. Set
d d
5 C. H
. Write x = E in
e
f(T)
= c
i=O
aiTi,
g(T) = c
i=O
biTi,
~1
(T) = C CijT’. a=0
1.3.
MORDELL’S
THEOREM
41
Then d f(x)nd = jy aimindz,
i=O cj (x)ne = 2 cijminee2 a=0 g(z)nd = c bimzndei, z=o
are all integers, and by (1.6) we have (1.7)
(cl(x)ne)(f(x)nd) + (cz(x)n”)(g(x)nd) = Rndfe
i (c3(x)ne)(f(x)nd)
+ (c4(x)n”)(g(x)nd)
= Rmdte.
From (1.7) we see that the greatest common divisor of f (x)nd and g(x)nd divides both Rndte and Rmdte, and thus it divides R since m and n are relatively prime. It follows from (1.8) that # > R‘max(lf(x)ndl, lg(x)ndl). ( > (This is the key point of the proof; it showsthat the denominator and the numerator of righthand side of (1.8) will not cancel each other (1.9) very much, and thus H M stays large.) ( > On the other hand, from the expression of cJ(x)ne in lowest terms we have lc3(x)nel < 2I C. H(s)“. Thus, by (1.7) we obtain the following inequality:
R. Hi+”
H
= Rmax(lmld+e, Inld+e)
5 C. ~(xYm~(lf(xb4,
In other words, we have (1.10) H(xjd I CRl max(lf(x)ndl,
ldx)ndl).
ldx)d)
From (1.9) and (1.10) we have
42
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
Finally, we show the existence of e, R and q(T) (j = 1,2,3,4) satisfying (1.6). Since f(T) and g(T) are relatively prime, there exist polynomials ~1 (7’) and IQ(T) with Q coefficients satisfying
Also from the fact that f(T) and g(T) are relatively prime we see easily that f ($) Td and g ($) Td are relatively prime polynomials with Q coefficients. Therefore, there exist polynomials VI(T) and 212(T) with Q coefficients satisfying
Let e be an integer greater than the degrees of ~1 (T), uz(T), q(T), and 212 , and let R be a nonzero integer such that all of Rui (T) , (T) Rwi(T) (i = 1,2) have integer coefficients. Define cl(T) = Rw(T),
~~(5‘3 = Ru2(T),
Then cI)(T) (j = 1,2,3,4) are polynomials degree at least e, and they satisfy (1.6).
REMARK
with
integer coefficients
of 0
log(H(2nP))/4n
1.19. For a point P in E(Q), it can be shown that converges when n tends to infinity. So, we define h(P) = Jim & log(H(2”P)).
For any P,Q E E(tJ), (P,
define +
Q) = ; (W
Q)  h(P)  h(Q)).
We have h(P) = (P, P), and we can show that the pairing ( , ) has properties of an “inner product”. Namely, for P, Q, R E E(Q) we have (9 (P, Q) = (Q, P), (4 V’, Q + R) = P, Q) + (P, R), (iii) (P, P) > 0, and (P, P) = 0 if and only if P is a point of finite order.
EXERCISES
43
Summary 1.1. An elliptic curve is a curve given by an equation of the form: y2 = (polynomial of degree 3 in z without a multiple root).
1.2. The set of points definied over K of an elliptic curve over K, together with the point 0, forms an abelian group. 1.3. The set of rational points of an elliptic curve defined over Q, together with 0, forms a finitely generated abelian group (Mordell’s theorem). 1.4. In order to study rational points on an elliptic curve, it is important to use properties of the height of a rational point.
Exercises 1.1. Let E be the elliptic curve y2 = x3 + 1. Find the set I3P = 0).
{P E E(C)
1.2. If the zcoordinate of a rational point P of y2 = x3  4 is given by E, the xcoordinate of 2P is given by $>~~$))~. Using this fact, show that 144. H(zcoordinate of 2P) 2 H(zcoordinate of P)4. points
Using this fact, show that there exist infinitely in y 2=x34. 1.3. Let K be a field of characteristic Take k E KX, and set
many rational
different
from 2 and 3.
X = {(x, y) E K x K ) x3 + y3 = k}, Y = {(x,y) E K x K 1 y’ = 7x3  f, z # 01.
Show that there is a map from X to Y given by
and that it is a bijection.
1. RATIONAL
POINTS
ON
ELLIPTIC
CURVES
1.4. Let K be a field of characteristic kEKX,andset X={(x,y)~KxKIy~=x~+k}, Y = {(x, y) E K x K 1y2 = x3  4kx,
different
from 2. Take
(x, y) # (O,O)}.
Show that there is a map from X to Y given by x + y; (X,Y) +x2 and that it is a bijection. +y),4x(x2 +Y)),
1.5. Let K be a field of characteristic different from 2. For k E KX, let E be the elliptic curve over K defined by y2 = x3 + kx. Let E’ be the elliptic curve over K defined by y2 = x3  4kx. Show that there are two maps f : E(K) + E’(K) and g : E’(K) + E(K) given by
f(P) = o i
g(P) =
(x+;,Y(l$))
if P = (2, Y) # (O,O),
if P = (O,O), or P = 0. = (x, y) # (O,O), = (O,O), or P = 0. o g: E’(K) the map + E’(K) are
2  2,; (1+ $)) if P ( if P { 0 Show that g of : E(K) f E(K) and f the multiplicationby2 maps. Show that X + Y c E’(K)
3 E(K)
obtained by the composition with the map in Exercise 1.4 sends C&Y) to (X24Y). 1.6. Using Exercises 1.4 and 1.5 and Proposition 1.2, find all the rational points on the following elliptic curves: (i) y2 = x3 +4x, (ii) y2 = x4  1, (iii) y2 = x4 + 4
CHAPTER
2
Conies
and padic
Numbers
In the previous chapter we studied rational points on elliptic curves. In this chapter we study rational points on tonics, which are simpler objects than elliptic curves. The main goal of this chapter is to determine whether or not a given conic has a rational point, and if it does, to describe all the rational points. Even though they are “simpler” than elliptic curves, some interesting theories, such as quadratic residues and padic numbers, arise in order to answer the question of the existence of a rational point on a conic. In addition, another goal of this chapter is to introduce padic numbers. 2.1. (a) equation Rational points on Conies tonics. An integral solution of the
x2 + y2 = z2 with z # 0 determines a rational point on the circle x2 + y2 = 1, since we have (z)’ + (y)” = 1. F or example, 3’ + 4’ = 5’ determines the rational point (g, $) on t,he circle x2 + y2 = 1, and 5’ + 122 = 13’ determines the point (&, g). Conversely, if a rational point on the circle x2 + y2 = 1 is given, we obtain an integer solution of x2 + y2 = .z2 satisfying z # 0 by clearing the denominators. Then, how many rational points does the circle x2 + y2 = 1 have? It turns out that it has infinitely many rational points, as we explain below. Let us consider another circle x2 + y2 = 3. The fact is that this circle does not have any rational point at all. Can you tell by looking at Figures 2.1 and 2.2 that the right one does not have any rational points while the left one has infinitely many? I suspect not. Human vision cannot distinguish such a thing. In these figures rational numbers are hidden completely by real numbers, and under this
45
46
2. CONICS
AND
PADIC
NUMBERS
FIGURE
2.1.
FIGURE
2.2.
circumstance it is very difficult to tell something about rational numbers. Rational numbers must be seen under different lights, namely, under “the lights of prime numbers” (see Figure 2.3). In this chapter we consider the conic (2.1)
ax2 + by2 = c
for nonzero rational numbers a, b and c. In s2.1 we prove that if the conic (2.1) has one rational point (as is the case for x2 + y2 = l), it has infinitely many of them. Moreover, we can write down all the rational points explicitly. On the other hand, it requires a deeper argument to determine whether or not the conic (2.1) has a rational point (see Theorem 2.3 in 52.3). Theorem 2.3 implies that the true feature about rational numbers emergesfrom obscurity if we seethem under “the lights of prime numbers”, together with the light of real numbers. It turns out that, for any prime number p, there exists “a world of padic numbers” analogous to the world of real numbers (see $2.4). In short, we can understand rational points on a conic if we consider it not only in the world of real numbers but also in the world of padic numbers for each prime number p. For example, we know that x2 + y2 = 1 does not have a rational point since it does not have a solution in the world of real numbers. The fact that x2 + y2 = 3 does not have a rational point cannot be seen under the light of real numbers, but it can be seen by looking at it under the light of the prime number 2 or 3 since it has a solution
2.1.
CONICS
47
A the lights of 2 T/prime numbers+
1” t., ,,” n:‘”
5 2~ the light of fr 7, real numbers V (supplements each other) ‘/
thz/Zght
$
s +
the light of 3
& T
,/ 2 the light 3 of 5 a the light 5 / C’. ’ ‘” 3 of 7 3” .( )..“3 2 thelight 2 _.nj of 11 =? ._. 4 9
FIGURE 2.3. The light of real numbers of prime numbers neither in the world of 2adic numbers numbers. We will discuss this in $2.5.
and the lights
nor in the world
of 3adic
(b) The case of x2 + y 2 = 1. Let us consider rational points on x2 + y2 = 1 (see Figure 2.4). If (x, y) is a rational point on the circle x2 t y2 = 1 and if (x, y) # (l,O), the slope of the line joining (x, y) and (1,O) is the rational number $. Conversely, for a given rational number t, the points of intersection between the circle and the line of slope t passing through The latter is of course a rational (1,O) are (1,O) and (&$, &). point.
FIGURE
2.4. Rational points of x2 + y” = 1
48
2. CONICS
AND
PADIC
NUMBERS
For example,
if we replace
t by i, i, i, i, $ successively,
we obtain
If we let t = A,
we obtain
(#,
z)
Clearing
the denominators
of
(E)’ + (s)’ = 1, we obtain the identity 11g2 + 1202 = 16g2 of the ancient Babylonian plate mentioned in the introduction. To sum up, we have the following onetoone correspondence: rational different points on x2 + y2 = 1 from ( 1,O) (GY) r {rational &? numbers},
1  t2 2t 1+ t2 ’ 1+ t2 >
(c) nonzero Conies rational that have a rational numbers. If the conic

t.
point. Let a, b and c be
ax2 + by2 = c has at least one rational point, by the same method as above. have the correspondence
{(x,Y)
we can obtain all the rational points If Q(xe, ye) is its rational point, we
I X,Y
E Q, ax2 + by2 = cl r Q U {co}  {at most 2 elements)
by associating a rational point P on ax2 + by2 = c to the slope of the line joining Q and P (called the line QP). When P = Q, we interpret the line QP as the tangent line to the conic at Q. Further, if the line QP is parallel to the yaxis, we interpret the slope as 00. The meaning of “at most 2 elements” is that we remove km from Q U {co} if a/b is th e sq uare of a rational number, and we do not remove anything from Q U {oo} otherwise. When a/b is the square of a rational number, the curve ax2 + by2 = c is a hyperbola, and km are the slopes of its asymptotes. The reason for the existence of the onetoone correspondence is the same as in the case x2 + y 2 = 1. If the slope of a line passing through Q is in (IJ U {co}, and it is different from *Jalb, the line intersects the conic in another point P, and P is a rational point. The problem of finding the points of intersection amounts to solving a quadratic equation in rational coefficients, and Q gives one of the
2.2.
CONGRUENCE
49
two roots. Since it is a rational root, we see that the other root is also rational in view of the relations between the roots and the coefficients of the equation. That is why P is a rational point. We can avoid the exceptions, i.e., the part “at most 2 elements”, in the above onetoone correspondence in the following way. We put X = { ratio (3~ : y : z) ( 5, y, z E Q, (2, y, z) # (O,O, O), ax2 + by2 = cz2}. As we did in $1.2 (b), we identify a solution (z, y) E Q x Q to ax2 + by2 = c with the ratio (z : y : 1) E X. Then the above onetoone correspondence can be extended to the correspondence
If u/b is the square of a rational number T, we associate r E Q to the element (1 : T : 0) in X. The fact that we can describe all the rational points on a conic as soon as it has one point can be generalized to the case where the conic is defined over any field K of characteristic different from 2. Let a, b, c E KX and suppose there is an (z, y) E K x K satisfying ax2 + by2 = c. Then we obtain similarly the onetoone correspondence X = { ratio (x : y : 75) ( z,y, z E K, (5, y, z) # (O,O, 0), ax2 + by2 = cz”} ‘;T’“Ub+
QUESTION ztl). 1. Find a rational point on x2 + y2 = 5 other than (3~1, k2), and
(k2,
QUESTION 2. In the ancient Babylonian identity 119’ + 120’ = 169’, which we mentioned in the Introduction, the ratio s of two sides of the corresponding right triangle is very close to 1. (The Babylonian who wrote the plate sorted the solutions of x2 + y2 = *2 according to the ratio of I and y, and thus the above solution is found at the top of the list.) Find a solution whose ratio of z and y is closer to 1.
2.2.
Congruence
If a conic ax2 + by2 = c with ra,tional coefficients has one rational point, we can find all the rational points, as we have seen in the previous section. On the contrary, it is a deeper question to determine whether or not a conic has a rational point. This question is related
50
2. CONICS
AND
PADIC
NUMBERS
to congruence equations explain congruence.
and quadratic
residues.
In this
section
we
(a) Congruence
a natural number
and its fundamental
The ab modm of m. 5,
properties.
notation
Let m be
and a, b two integers.
means that a  b is a multiple modulo m” .) For example, 28 ~3 mod
(We say “a is congruent 35O mod5.
to b
We review here briefly the basic properties The quadratic reciprocity law will be introduced Chapter 5 in Volume 2. First, we immediately see the following: (2.2) (2.3) (2.4) (2.5) a E a mod m. a E b mod a E b mod m implies b E a mod m. m imply
of the congruence. here and proved in
m and b z c mod
a E c mod
m.
arbmodmandcrdmodmimplya+c~b+dmodm and ac E bd mod m.
In order to explain why congruences are useful when we study integral or rational solutions to an equation, we present a simple example. The equation x2 + y2 = a does not have an integral solution (z, y) if a is an integer satisfying a E 3 mod 4. Suppose there exist such integers x and y. Then we have x2 + y2 E 3 mod 4. On the other hand, we have 0’ = 0, l2 E 1, 22 E 0, and 32 E 1 mod 4, and thus x2 + y2 = 3 mod 4 cannot be satisfied no matter how we choose x and y. The properties (2.2), (2.3) and (2.4) show that the relation “ = mod m” is an equivalence relation. Taking (2.5) into account, we obtain a ring Z/mZ by identifying integers a and b satisfying a E b mod m. We assume that the reader is familiar with this fact. For a E Z we write a mod pm to indicate the class of a in Z/pZ. Often, we abuse the notation to simply write a instead of a mod pm. For example, Z/6Z consists of six elements 0, 1, 2, 3, 4 and 5, and it is a ring by the operations such as 3 + 4 = 7 = 1 and 2 x 3 = 6 = 0. The proof of the following proposition will be left to the reader.
PROPOSITION 2.1. Let m be a natural
(1) Z/mZ is a field
number. number.
if and only if m is a prime
2.2.
CONGRUENCE
51
(2) Let p be a prime number. (In this case we often use the notation F, instead of iZ/pZ.) The group IF: consisting of the nonzero elements of F, is a cyclic group of order p  1. (3) Let a be an integer. The image of a in Z/mZ is an invertible element in Z?/mZ if and only if a is relatively prime to m. (4) (Chinese Remainder Theorem) Let m = pyl . . .p:r be the prime factorization of m. ( We assumepl, . . . ,p, are distinct prime numbers.) Then there is a natural isomorphism Z/miZ+Z/p~‘Z x . . . x Z/pFrZ. (The map from left to right is given by regarding an integer mod m as an integer modpz” for each i.) In other words, if an integer ai is given for each i = 1,. . . , r, there exists an integer b satisfying b E ai mod p&’
(i=
l,...,r)
(the surjectivity of the map from left to right); and if b’ is another integer satisfying the same equations, we have b E b’ mod m (the injectivity of the map). (b) Quadratic reciprocity law. The field iF5 has a square root of 1. Indeed, since we have 22 = 4 z 1 mod 5, 2 is a square root of 1 in Fs. By contrast, we can verify that iF7 does not have a square root of 1. In fact, if p is an odd prime number, F, has a square root of 1 if and only if p z 1 mod 4. For which prime numbers does there exist a square root of 5 in IF,? How about a square root of 3? The answers to these questions are given by the quadratic reciprocity law proved by Gauss in 1796. We introduce first the quadratic residue symbols. Let p be an odd prime and a an integer prime to p. The quadratic residue symbol (%) E {f 1) is defined as follows. If there exists a square root of a in IF, (i.e., there exists an integer x satisfying z2 E a mod p), define (E) = 1, and if there is no such x, define (E) = 1. For example, since we have O2E 0, l2 = 42 E 1, 22 s 32 E 4 mod 5, we see that (k) = (f!) = 1, (g) = (X) = 1.
From Proposition 2.1(2), the quotient group H,X/(F,X)2 is isomorphic to the multiplicative group {&l} of order 2. The symbol (E) E {fl} is nothing but the image of the class of a under the isomorphism of groups F,X/(!F,X)2 2 {fl}. Hence, for any integers a and
52
2. CONICS
AND
PADIC
NUMBERS
b prime
to p, we have
THEOREM
2.2.
Let p be an odd prime
number. number dif
(1)
(Quadratic reciprocity law) ferent from p, we have
If q is an odd prime
(2)
(First
supplementary 1 (1 P = (p supplementary
law) 1 1 law) Zfp=l ifpz3 mod4, mod4.
(3)
(Second
The proof using a cyclotomic field will be given in Chapter 5 in Volume 2. The law (2) tells us the existence or nonexistence of a square root of 1 inIF,. As an example of (l), let us consider a prime number p different from 2 and 5. Then we see from
(F) = (l,+y)
= (g)
that a square root of 5 exists in IF, if and only if p E 1 or 4 mod 5 (we have already determined (T)). If p is a prime number different from 2 and 3, a square root of 3 exists in F, if and only if p G 1 or 11 mod 12. We can see this from
(;) = (l)w+
and the facts
QUESTION
square root of 3
(i) = ($+
(5)
(i)
3.
= I,
Let exists
(2) = 1.
number different from only if p = 1 mod 3. 2 and 3. Show that a
p be a prime in FP if and
divide only which square
QUESTION 4. Let m be an 2m. Show that the existence
by p mod 41ml (i.e., if p’
integer and p a prime number that does not of a square root of m in lFP can be determined is a prime number which does not divide 2m and “there exists a
satisfies p z p’ mod 41ml, then we have the equivalence root of m in FP H there exists a square root of m in F+“).
2.3.
CONICS
AND
QUADRATIC
RESIDUE
SYMBOLS
53
2.3.
Conies
and
quadratic
residue
symbols
(a) Existence of a rational point on a conic. In this section we state Theorem 2.3, which gives a criterion for the existence of a rational point on the conic ax2 + by2 = c (a, b, c E Q”). The proof of this theorem will be given in 52.6. Note first that it suffices to consider the case c = 1 since we can divide both sides of the equation by c. Let a,b E Q”. We will define (a, b), E {fl} for each prime number p and (a, b)= E {kl}. The symbol (a,b)v (ZJ is a prime or co) is called the Hilbert symbol. (a, b), will be defined later using the quadratic residue symbol (p). We define
(a,bb=
We see immediately that
if a > 0 or b > 0, if a < 0 and b < 0.
there
exist
real numbers
II: and y such that
ax2 + by2 = 1.
If there exist rational numbers x and y satisfying ax2 + by2 = 1, that means there exist real numbers satisfying ax2 + by2 = 1. The symbol (a, b)co tells us if this is the case. Of course, that is not sufficient to determine the existence of a rational solution. Not only “the light of reals” ( , )(x1 but also “the light of a prime number” ( , ), for every p is necessary to determine whether or not there exists a rational solution. To be precise, we will prove the following theorem after we finish defining ( , )P.
THEOREM 2.3. Let a, b E Q”. There exist rational numbers x and y satisfying ax2 + by2 = 1 if and only if we have (a, b)m = 1 and (a, b), = 1 for all prime numbers p.
(b) Definition and fore stating the definition number p, we need some define a subring Zc,) of Q
z
properties of the Hilbert symbol. Beof the Hilbert symbol (a, b), for a prime preliminaries. For a prime number p we by by p}
(PI
=
{ f / a, b E Z, b is not divisible
54
2. CONICS
AND
PADIC
NUMBERS
For n 2 1, the natural homomorphism Z + Z/pnZ (obtained by considering an integer modulo p”) is extended to the ring homomorphism a mod pn H bmodp”
a
b
(a, b E Z, b is not divisible by p).
Here we used the fact that b mod pn is invertible in Z/pniZ. This homomorphism can also be understood in the following way. The natural homomorphism Z/p% + Z(,) /pnZc,) is an isomorphism, and the above homomorphism is nothing but the composition %) ) zb)lp”zb)
5 Z/p”Z.
For an element 2 in Zc,), its image in Z/pnZ will be written 2 mod pn. The set of all the units in iZ(,), denoted by (77,~~)) is the set x, { % 1 a, b E Z, a, b are not divisible by p }. Any nonzero rational number can be written uniquely as pmzl (m E Z, u E (Zc,)) “). For a prime number p and a, b E Q” , we define the Hilbert symbol (a, b)P as follows. Write
a = piu, b =pjv (i,j E z, %V E (q,,Y),
and put r = (l)i3a3b” If p # 2, we define
(a,b), = (T),
= (1)‘ju3Ci
E (ZC~))~.
where the righthand side is the quadratic residue symbol. If p = 2, we define
(a,b)2 = (I)+
. (l)q.w,
Here, the exponents of 1 in the righthand side are elements of Z(z), but we regard them as elements of iZ/2iZ via the homomorphism
ZC2) + z/22.
PROPOSITION 2.4. Let v be a prime
we have the following. (1) (a, bL = (ha),.
number
or 0~7. For a, b E Q”
(2) (a,bc), = (a, b),(a,c),. (3) (a, a), = 1. Ifa # 1, then (a, 1  a),
= 1.
2.3. CONICS
AND
QUADRATIC
RESIDUE
SYMBOLS
55
(4)
If p is an odd prime the following. (4l) (a, b), = 1, (42) (a,pb), = (T)
number
and a, b E (Zt,))x,
then we have
(5) If a, b E Z?y2,, then (5l) ifalmod4orbElmod4,
(a,b)2 = { i,
ifaEb=1mod4. ifa~1mod8ora~12bmod8, otherwise. the definition of
(52) (a, 2b)z
1 ={ ~  1
The proof of this proposition follows easily from the Hilbert symbols, and we leave it to the reader. (c) Product formula for Hilbert theorem is a translation of the quadratic plementary laws using Hilbert symbols.
THEOREM
symbols. The following reciprocity law and the sup
for a finite
2.5. Let a, b E Q”. Then number of ‘vu, and we have
(a, b)V is equal
to 1 except
where
v runs
through
all the prime
numbers
and oo.
REMARK 2.6. By this theorem we only have to check the condition (a, b)V = 1 for all but one v in order to use Theorem 2.3, which requires that we verify the condition (a, b)V = 1 for all ZI. PROOF OF THEOREM 2.5. The fact that (a, b)V is equal to 1 except for a finite number of v follows from the fact that a, b E (FE(,))’ for all but a finite number of primes p and Proposition 2.4(4l). In order to show that the product for all the V’S is 1, it suffices to show since we have to prove it only for it in the following cases (i)(iii), each prime factor of a and b and for 1 thanks to Proposition 2.4(l), (2) and (3).
(i) (ii) (iii)
a and b are two distinct odd prime numbers. a is an odd prime number, and b = 1 or 2. a = 1, and b = 1 or 2.
2. CONICS
AND
PADIC
NUMBERS
In case (i),
0
b a a 0b
(q+k$
ifv=a, if v = b, ifw=2, for other U.
(a, b)v =
1
but the quadratic Thus, the fact n,(a, b)v = 1 is in this case nothing reciprocity law (Theorem 2.2(l)). In case (ii), it follows from Proposition 2.4 that
1 (1
(a, l)v =
ifv=a, if u = 2, for other v;
i
(r)+
2 0 (a,
if ‘u = a, ifv=2, for other v. but the supple
2), =
(Q1)+ 1
Thus, the fact n, (a, b)v = 1 is in this case nothing mentary laws (Theorem 2.2(2) and (3)). As for case (iii), a calculation shows that
(1, l)v = ,’
(1,2), = 1
if z1 is 2 or 03, otherwise; for all v.
q REMARK 2.7. Once we translate into the form of Theorem 2.5 (which realize that the quadratic reciprocity “the light of real numbers” and “the
the quadratic reciprocity law was done first by Hilbert), we law expresses the harmony of lights of prime numbers”.
2.3. CONICS
AND
QUADRATIC
RESIDUE
SYMBOLS
57
(d) Examples. Let us determine the existence of a rational point for some explicit examples using Theorem 2.3. As a preliminary, we note the following. If a, b, c E Q”, the following conditions are equivalent. (a) There exist 2, y E Q satisfying ax2 + by2 = c. (b) There exist 5, y, z E Q, (x, y, z) # (O,O, 0), satisfying ax2 + by2 = cz2. (a) + (b) is trivial. It suffices to put z = 1. Conversely, suppose
ax2 + by2 = cz2, X,Y,Z E Q,
(X,Y,Z)
# (O,O,O).
IfzfO,
= c. If z = 0, then x # 0, and we have a = c ($)’  b(z)‘. Using th e results of 31.1, we see that the conic a = cu2  bv2 has infinitely many rational points, and thus it has a rational point satisfying 21# 0. Hence we have a (i) 2 + b ($) 2 = c.
PROPOSITION 2.8.
we have a (z)” + b (z)’
Let p be a prime
number.
(1) There exist x, y E Q satisfying p = x2 +y2 if and only if p E 1 mod4 orp=2. (2) There exist x, y E Q satisfying p = x2 + 5y2 if and only if pal or9mod20, orp=5. (3) There exist x, y E Q satisfying p = x2 + 26y2 if and only if pal or3mod8, andp=1,3,4,9,10 or12mod13.
PROOF. Let a E Q”. Rewriting pz” = x2 + ay2 as x2 = pz2 ay2 and using the equivalence of (a) and (b) above, we see that the existence of x, y E Q satisfying p = x2+ay2 is equivalent to (p, a), = 1 for all prime numbers v = p and co. By Remark 2.6, we do not have to check the case v = p. Proof of (1). A s we have already calculated in the proof of Theorem 2.5, we have (p, l)V = 1 if v # 2,p, and (p, 1)~ = (l)q if p # 2. Then (1) follows from these facts. Proof of (2). By Proposition 2.4(4l), (p, 5), = 1 if v # 2,5,p. We also have (p, 5)~ = (l)q if p # 2, and (p, 5)s = (E) if p # 5. Now (2) follows from these. Proof of (3). By Proposition 2.4(4l) we have (p, 26), = 1 if v # 2,13,p. Also, we have (p, 26)~ = 1 if p E 1 or 3 mod 8, and (p, 26)2 = 1 if p E 5 or 7mod 8. If p # 13, we have (p, 13)13 = (6). c a1 1 t ing the square of each element of Z/132, cu a we see that (fi) = 1 if a s 1,3,4,9,10,12 mod 13 and (&) = 1 if cl a E 2,5,6,7,8,11 mod 13. Now (3) follows from these.
58
2. CONICS
AND
PADIC
NUMBERS
In Proposition 2.8 we looked for rational solutions to a quadratic equation. How about integral solutions? As Fermat says (see Chapter 0, §0.2), there exist 5, y E Z satisfying p = x2 + y2 if and only if p E 1 mod 4 or p = 2. This is the same as the condition for the existence of a rational solution. For the equation p = x2 + 5y2, the conditions for the existence of a rational solution and that of an integral solution are the same. As for p = x2 + 26y2, there exists a rational solution to 3 = x2 + 26y2 by Proposition 2.8(3). (For example, solution rational theory, 3 = ($) 2 + 26 (i)“.) Clearly, however, there to 3 = x2 + 26~~. The difference between the solution and an integral solution is related to and we will discuss it in Chapter 5, §5.3(b) in
5.
is no integral existence of a the class field Volume 2.
15x236 =
QUESTION
y2 does not have
In Arithmetzca Diophantus says that the equation a rational solution. Verify this using Theorem 2.3.
2.4. The we have meaning
padic
number symbol
fields ( , )oo is that for a, b E Q”
of the Hilbert th ere exist
(a, b)co = 1 ++
x, y E Iw satisfying
ax2 + by2 = 1.
For each prime number p we can interpret Namely, for each p there is an extension Q” we have (a, b)P = 1 _ th ere exist
(a, b)P in the same manner. field Qp of Q, and for a, b E ax2 + by2 = 1.
x, y E U& satisfying
Qp is called the pudic number field, and its elements are called padic numbers. In this section we introduce the padic number fields, which are very important objects in number theory. The padic numbers were originally introduced by Hensel around 1900. In the long history of mathematics a number meant a real number, and it is only relatively recently that we realized that there is a world of padic numbers. It is as if those who had seen the sky only during the day are marvelling at the night sky. The mathematical scenery is completely different. Q, emits “the light of prime number p” in the night sky as if it were a star that we could not see because of the sun, or the real number field R, which emits “the light of real numbers” during the day. Just as there are countless stars in the night sky, there is one U&, for each p. What each star is to the sun is what each Q, is to W. Just as we can see space objects better at
2.4.
pADIC
NUMBER
FIELDS
59
1 26
a00
@(zj
51
. 31
FIGURE
2.5.
Classification
by mod
5” universe through
night, we began to see the profound mathematical the padic numbers. We introduce the padic number fields in three (b), Cc) and (d). W e would like you to get acquainted to your taste.
different ways in with it according
(a) padic sense of distance. The sense of distance in the world of U&, is completely different from that of R. In Q,, p is close to 0 and the sequence p2 p” p4 . . approaches 0 rapidly. We explain here this “feeling” of d&&e.’ The distance in Q, comes from the congruence modulo p in the following sense. For example, classifying the integers into the classes module 5 is analogous to putting them in five different rooms, one for the numbers congruent to 0 modulo 5, one for the numbers congruent to 1 modulo 5, and so on. We feel that the integers that enter the same room are close. We then divide the members of each room into the classes modulo 25; the room for the numbers congruent to 1 modulo 5, for example, is divided into five smaller rooms, one for the numbers congruent to 1 modulo 25, one for the numbers congruent to 6 modulo 25, one for the numbers congruent to 11 modulo 25, and so on. The numbers 1, 6 and 51 are all in the same room modulo 5. While 6 and 1 enter different small rooms, 51 and 1 still share the same small room. We thus think that 6 is closer to 1 than 4 is to 1, but 51 is even closer to 1 (see Figure 2.5).
60
2.
CONICS
AND
PADIC
NUMBERS
Pushing this analogy further, we feel two integers a, b are very close to each other when we have a = b mod pn for a large number R. We call this sense of distance the padic sense of distance. If we push this to the limit, the padic number field emerges. At present we know two different senses of distance in numbers: the sense coming from the real line and the sense coming from congruence. Both of them are compatible with addition and multiplication. In the case of congruence, the compatibility is nothing but the property (2.5). Among the distances coming from congruences, we consider only the congruence mod pn (p prime) for the following reason. Let m be a natural number and m = py’ . . p:r (pi, . , p, disFor integers a, b, the congruence tinct) be its prime factorization. a s b mod m is equivalent to a E b mod p:’ for all i = 1,. . . , r. This is a consequence of the Chinese Remainder Theorem (Proposition 2.1(4)). Th us, the sense of distance “mod m” is a composition of the distances “mod pn”, and the sense of distance mod pn is fundamental. Let p be a prime number. For a rational number a we define the padic valuation ord,(a) in the following way. As in Definition 1.15, for a # 0 we write a=p “2 u (m E Z, U, ‘u are not divisible by p),
and we define ord,(a) = m. In other words, ord,(a) indicates exactly which power of p divides a. We also set ord,(O) = co. We have the following: (2.6) (2.7) (2.8) ord,(ab) ord,(a ord,(a) = ord,(a) + ordp(b); ord,(b)); ord,(a+b) = min(ord,(a), ord,(b)).
+ b) > min(ord,(a), # ord,(b) implies
Here we used the conventions oo+cc = co, 03 2 00, cx+n = n+cc = co, and 03 2 n for any integer n. We generalize the padic distance to the rational numbers, and we consider two rational numbers a and b to be “padically close” if ord,(a  b) is large. We say that a sequence of rational numbers (z~)~~I converges to a rational number a padically if we have ord,(z,  u) + cc as n f 00.
2.4.
pADIC
NUMBER
FIELDS
61
For example,
if we let
2
n = 1  5 + 52  53 +. . . + (5)“, of In
the sequence (x~)~>I diverges in the ordinary sense in the world real numbers, but we can show that it converges 5adically to i. general, for a rational number a # 1, we have
an+l 1+a+a”+...+al’A=
la’ 1 (l)n5n+l 6 .
Replacing
a by 5,
we have 6
Thus,
X71 as n + 00, we have ordg(x,,i)
=ordi((l)i’“+‘)
=n+l+m. in the padic sense is quite difsense. If we express the fact that
As this example shows, convergence ferent from convergence in ordinary (xn)+l converges to i by
(2.9)
2(B)” i=o
= f put x = 5
(5adically), in the ordinary ifl<x<l formula
it is as if we mistakenly 2x’=& z=o
in the world of real numbers, of 5adic convergence.
QUESTION 1. Show that 6. Let p be a prime
but formula
(2.9)
is correct
in the sense
number,
c a rational
number,
and
ordp(c)
2
g i.e., if we put zrL = CFzo
c’ = cz, the
&
(padically);
sequence
(z,),>
1 converges
padically
to
&
Formula (2.9) can be interpreted in the following way. For n 2 1, it says that 1  5 + 52  ... + (5)“l is the inverse in Z/5nZ. For example, in Z/252, 1  5 = 4 is the inverse while in Z/1252, 1  5 + 5’ = 21 is the inverse of 6. Indeed, we 6 x 21 = 126 EE 1 mod 125.
each of 6 of 6, have
62
2. CONICS QUESTION 7. Using of 6 in Z/5nZ. (2.9),
AND explain
PADIC why
NUMBERS 1  5 + 5’  ‘.. + (5)n1 is the
inverse
QUESTION
8.
Find
the inverse
of 4 in Z/34jz.
The padic convergence defined above can be considered to be convergence in a metric space. For a rational number a we define the padic absolute value /alp by
if a # 0 and For example,
101, = 0. Thus
lalp is the size of a in the padic
sense.
Ii,.=;>
The padic absolute value converges to 0. (All the replace the definition of 0 < T < 1. However, it choice, as we will explain From properties (2.6)
IP21p=$.
expresses well that the sequence p, p2, p3, . . . arguments in this section work well if we Ialp by lalp = T”‘~P(~) for any T satisfying turns out that T = b is the most natural at the end of subsection (c).) and (2.7) of ord, we see that
(2.10) I4
(2.11) If we define
= MP . I%
lblP) (In particular, d,(a, b) by (a+ bl, i Ialp + IblP). the padic metric
la+ bl, 5 max(lal,,
&(a, b) = la  bl,,
then d, satisfies d,(a, d,(a, b) 2 0, d,(a, 6) = 0 if and only if a = b; b) = d,(b, a); b) + d,(b, 4.
(2.12) (2.13)
(2.14) &,(a, 4 5 &(a,
Thus Q is a metric space with respect to d, (see Introduction to Geometry 2 in the series Introduction to Modern Mathematics). A sequence (x~)Q~ of rational numbers converges padically to a if and only if &(Zn,a) + 0 (n + oo), but this is the same as saying that (~~)+l converges to a with respect to the padic metric d,.
2.4.
pADIC
NUMBER
FIELDS
63
(b) QP as a completion of Q. In the world of real numbers a sequence of rational numbers may converge to a number which is not a rational number, as the following example shows: 1.4,1.41,1.414,1.4142,. + fi @ Q.
The world of rational numbers is an incomplete world where sequences such as the one above may not have a limit even if it “should converge”. From this point of view lR is an extension of Q where all the sequences that “should converge” in the ordinary sense do converge. (We will lat,er define the meaning of “should converge” precisely.) With respect to padic convergence, the world of rational numbers is also incomplete, where some sequences that “should converge” may not have a limit. Q, is an extension of Q constructed so that all the sequences that “should converge” do converge with respect to padic convergence. In this regard both Iw and Q, are extensions introduced with the same motivation. We first review the precise definition of R, and then we introduce the definition of Q,. As we stated in the Introduction, 50.1, ancient Greek mathematicians agonized over the problem “What are the real numbers with (“How should we define the real respect to the rational numbers?” numbers precisely based on the rational numbers?“), and it is only in the nineteenth century that this problem was finally solved. Here, we introduce the definition of the real numbers as the limits of sequences that “should converge”. This definition is due to Cantor at the end of the nineteenth century. A sequence of rational numbers (xn)+i that “should converge” is defined to be a sequence satisfying condition (C) below. Such a sequence is called a Cauchy sequence. (C) For any given rational number N such that m,n 2 N number E, we can choose a natural IX,  2,1 < E.
implies
In the world of rational numbers, a sequence that converges to a rational number (in the ordinary sense) is a Cauchy sequence, but there are Cauchy sequences such as 1.4,1.41,1.414,1.4142,. . . that do not converge to a rational number. In the world of real numbers, however, a sequence is a Cauchy sequence if and only if it converges. Cantor’s idea is to reverse the direction and define a real number to be “the Cauchy sequences that converge to that number”. To be precise, let S be the set of all the Cauchy sequences of rational numbers,
64
2.
CONICS
AND
PADIC
NUMBERS
and define an equivalence relation on S by saying (~~)~>i are equivalent if “for any rational number a natural number N such that n>N implies Ix,  ynl < 2’.
that (x,),21 and E, we can choose
We define R to be the quotient of S by this equivalence relation. (That two sequences are equivalent means that they converge to the same real number.) We can define addition and multiplication in lR by class of (x~)~z~ class of (z,),>i + class of (yn)n>i . class of (yn)+r = class of (2, + yn)+i, = class of (z,y/,),>i,
and we can prove that lR is a field with respect to these operations. We now define Q,. We call a sequence of rational numbers (x~)~z~ a padic Cauchy sequence (a sequence that “should converge” with respect to padic convergence) if it satisfies the following condition (C,): (C,) For any given rational number N accordingly m,n>N number E, we can choose such that 15,  Ic& < E. a natural
implies
Let S, be the set of all padic Cauchy sequences, and define an equivalence relation on S, by saying that (x~)~z~ and (yn)+i are equivalent if “for any rational number E, we can choose a natural number N such that n>N implies 15,  ylnlp < E”.
We define Q, as the quotient of S, by this equivalence relation. As in the case of R, we can define addition and multiplication in Q,, and QP becomes a field with respect to these operations. The method of obtaining lR or QP from Q is known in general as completion of a metric space. IR is the completion of the metric space Q under the ordinary metric, and QP is the completion of Q under the padic metric. We identify a rational number a with the element of Q, given by “the sequence identically equal to a” (which is a padic Cauchy sequence). This identification gives us an embedding of Q in QP. We extend the padic valuation ordp, padic absolute value I IP, For an element a in QP we define and padic metric dp to Q,. ord,(a) E zU{m} in the following way. If a = 0, we put ord,(a) = co. Suppose a # 0. If we choose a padic Cauchy sequence of rational
2.4. pADIC NUMBER
FIELDS
65
numbers (z,),>r whose class is a, we can prove that ord,(z,) is constant for sufficiently large n using (2.6)(2.8) (readers should check this). We define ord,(a) to be this constant. We can prove that ord,(a) defined in this way depends only on a and not on the choice of the padic Cauchy sequence (x~)~>I. For an element a in U& we define /alp = 0 if a = 0, and lalp = pP or’1p(a) if a # 0. We define &(a, b) = (a  bj, for a, b E QP. Then ordp, I lP, and d, defined this way in Q, satisfy (2.6)(2.8), (2.10)(2.14) for all a, b E Q,. We regard QP as a metric space with respect to d,. A sequence (z,),>i of Q, converges if and only if (z,),>i satisfies condition (C,). Q is dense in Qip (i.e., each element of U&, is the limit of a certain sequence in Q). Indeed, if (x,),21 is a sequence of rational numbers and a is an element in Q,, then (%,),>I converges to a if and only if (zr,),>i is a Cauchy sequence and its class is a. In QP the condition for the convergence of an infinite series is somewhat easier than in R. LEMMA 2.9. Let alL E Q, (n 2 1). The series Cr=, a, converges in Qp (i.e., if we put s, = Cz=“=, ai, the sequence (s,),>l converges) if and only if lulLIp tends to 0 in Iw as n tends to 03 (i.e., ordr,(a,) tends to cc as n tends to CQ). In R, x:=1 i does not converge even though n + 03, and thus the situation is more complicated. comes from the fact that we have Iz+y[, 5 max(lzl,, we do not have Ix + y// 5 max(lzl, lyl) in R. 1; / t 0 when The difference IyIP) in QP, but
PROOF OF LEMMA 2.9. As we have already seen, (s~).,~>~ converges if and only if (s,,),>i satisfies the condition (C,). The latter can be seen equivalent to the condition (u~~(~ + 0 using the properties (2.10) and (2.11). I7 (c) Qp as an inverse limit. Define > O}. fact that ord, : Qp + of Z, is called a padic can think of Z, as an in a different manner.
Z, = {a E QP / ord,(a) Z,
ZU
is a subring of QP. (This follows from the {oo} satisfies (2.6) and (2.7).) An element integer. In this subsection (c) we explain that we “inverse limit” and that we can introduce Q,
66
2. CONICS
AND
PADIC
NUMBERS
DEFINITION
maps fn : Xn+i
2.10. If a sequence of sets X, + X, (n = 1,2,3,. . . )
(n = 1,2,3,.
. . ) and
are given, the subset of n,,,  X, defined by {(G)QI E &Xn I .fn(an+l) = a, for all n L 1)
is called the inverse limit and is denoted l&,X,. In Definition 2.10 we let X, jection from Z/p n+lZ to Z/p”& @,Z/p”Z of the sequence . . . + z/p4z + z/p3z = Z/pnZ and fn the natural proand we consider the inverse limit 3 z/p% * z/pz.
An element (un)+i of l@,Z/p”Z has the following meaning. When we divide the set of all integers and put them into p rooms following their values modulo p, al E Z/pZ is in one of the rooms. us is an element of Z/p2Z satisfying fi (us) = al. When we divide the room of al into p small rooms mod p2, us corresponds to one of them. us is an element of Z/p”Z satisfying f2 (~3) = ~2. When we divide the room of u2 into p tiny rooms mod p3, u3 corresponds to one of them. To give an element of l@,Z/p”Z is to choose one of the small rooms in a room, then one of the tiny rooms in the small room, and so on. As a matter of fact, l@,Z/p”Z is isomorphic to Z,. First we give the map l@,Z/p”Z + Z,. Let (a,),21 E l&,Z/p”Z. For each n > 1 we choose an integer x, such that the image of x, in Z/p”Z is a,. Then all x,, belong to the room al, they belong to u2 if n > 2, they belong to us if n > 3, and so on. This makes us feei that “(xn)n>i converges to something”. Indeed, we have x, = x, mod pN (i.e, /x,  x,1 < $) if m, n 2 A;. Thus (x~)~Z~ is a padic Cauchy sequence, and it converges in Q,. Since ord,(x,) 2 0 for all n, the limit belongs to Z,. We thus obtain a map l@,Z/p”Z + Z, by sending the element (un)~21 E l@,Z/pnZ to the limit of the padic Cauchy sequence (GLQI in z,.
2.4. pADIC LEMMA
NUMBER
FIELDS
67
2.11.
The map
defined
as above is a bijection.
We will prove this lemma later. We now explain the definition of Q, using the inverse limit. We first define Z, as l@ JZ/p”Z. In Definition 2.10, if all the X, (n > 1) are rings and all the fn are homomorphisms of rings, we can define a structure of ring on l&rnXn; we define addition and multiplication of (GJ~~I and b&l by (a, + bn)+l and (anbnJnkl, respectively. We can prove that Z, so defined is an integral domain. We define QP as the quotient field of Z,. In this definition we obtain Z, by letting n tend to infinity in Z/P’~Z. This definition is based on the idea that looking at an integer modulo pn for various n, we finally arrive at the world of Q,. Before giving a proof of Lemma 2.11, we prove the following lemma. In the statement, Qp is the one defined in (b) as the completion of Q, and Z, is the subset {u E Q 1 ord,(a) 2 0) in Qp defined in (c).
LEMMA
(2)
2.12. (1) Z, is both open and closed in U&,. If m is an integer, then we have
pmZp
= {u E Qp 1ord,(a) > m} .
(3) Z(,) c 27,. In U& we have Q (4) For all integers m 2 0 z/pmz : Z&p?& of Z&J
n Z, = ?A(,).
% z,/pmz$. It is also the closure of Z
(5) Z, is the closure in Qp.
in Qp.
The image of a E Z, in Z/p”Z
PrnZ,
2 Z,/pmZ,
is written a mod
PROOF. The proofs of (l), (2), (3) and the first isomorphism of (4) are easy, and we leave them to the reader. Let us prove the second isomorphism of (4). It follows from (2) and (3) that YE(,)np “z, = p"z(,). Hence, ~(,)/P”~(,) ) WP”% is injective. Take a E Z,. There exists 5 E Q satisfying ord,(a:  a) > m since Q is dense in Qp. Since x  a E pm&, m 2 0 and a E Z,, weseethatsEQnZ,=Zc,). Thus,wehavea=z+(az)E
68
2. CONICS
AND
PADIC
NURlBEKS
Z(,) + p”Z,, which shows that the map Z~,)/p’“Z&) f Z,/p”Z, sends z to a. Thus this map is surjective. To show (5), it suffices to show that Z and Zc,) are dense in Z,. 0 But, this follows from (2) and (4). PROOF OF LEMMA 2.11. image of a under the map Z, + Z,/p”Z, Thus we have a map Z, + l&Z/p”“Z; a H (a,),>~. of the map in Lemma 2.11. For an element (Lemma a in Z,, 2.12(4)). let a, be the
2 Z/p”Z
It is easy to see that this map is the inverse
We not,e in passing that the definition of the padic absolute value / lp is a “natural” one. In the real field R, the scaling factor of the homothety R + R; 2 H az is the absolute value \a\. In other words, if 1 is an interval of length 1, the length of the interval al = {uz / 5 E I} is (a(. 1. On the other hand, in Q, the scaling factor of the homothety Q$ + Qp given by n: H us is the padic absolute value Ialp. For example, pZ, is a subgroup of iz, of index p, and we should think of the size of pZ, as $ the size of Z,. This means that the homothety of scaling factor p reduces the size of Z, by $. In this way, the definition factor of a homothety. in Volume 2. In this section we of lplp = i has a natural meaning as the scaling We will discuss this scaling factor, or “module”, (d) Definition of QP by padic explain that Qp may be defined by Q, = For example, expansion.
pl} 2 GLPn mEZ,c,E{0,1,..., { 1L=VJ. 1 we define an element of Qs to be something
1 like
2~;+3~1+4~5+2~5”+4~5”+1x5”+~~~. If m E Z and c, E Z (n = m, m+ 1, m+2,. ), the series c,“=,, c,pn converges in Qp as defined in subsection (b) (Lemma 2.9)) and thus the sum is an element of Q,. Conversely, we can prove that any element of Qp can be expressed in the form c,“=, c,pTL (m E Z, c,, E (0, 1, . . . ,p  1)) in a unique way. (We call it the padic expansion of an element of Qp.)
2.5.
MULTIPI,ICATIVE
STRUCTURE
OF
THE
pADIC
NUMBER
FIELD
69
Take an integer element of Z,, and such that its image
m satisfying ord,(a) > m. Then pPrna is an there exists an integer c, E (0, 1, . ,p  l} in Z,/pZ, coincides with that of pnLa, since
5 Z,/pZ, is an isomorphism. Since pema  c,, the map Z/pZ belongs to pZ,, we have ord,(a pmc,,) 2 m+ 1. The same argument shows that there exists an integer c,+r E (0, 1, . . . ,p  l} such that ord,(a  pmc,,,  pm+l~m+l) 2 m + 2. Repeating this process, we obtain the expansion
Examining expansion
the argument given above carefully, we see that the padic is unique since each c, is uniquely determined.
REMARK 2.13. Let S be a subset of Z, such that the composition 5’ + Z, + i&/pZ, is a bijection. (The set (0, 1, ... ,p  1) is an example of such a subset.) Then the same argument shows that any element of Q, can be written
2 cnpn 71=?7l in a unique manner.
(m E Z, c, E S)
QUESTION 9. A real number has a decimal expansion as we use it in everyday life. Instead of 10, we can choose any natural number N > 2, and we can have an Nary expansion of a real number. In particular, we can choose a prime number p. What is the difference between the pary expansion of a real number in this sense and the padic expansion of a padic number?
2.5.
Multiplicative
structure
of the
padic
number
field
The real number field Iw has exponential and logarithmic functions, and they give an isomorphism between the additive group Iw and the multiplicative group formed by the positive real numbers additive group Iw cz multiplicative x H ex, log(t) group tl t. {t E R 1 t > 0},
(Here, e is the base of the natural logarithm log.) Is there anything similar in Q,? In this section we introduce the exponential and logathe structure of the mulrithmic functions in Qp, and we determine tiplicative group Q,” of nonzero padic numbers using these functions (Propositions 2.16 and 2.17). An element a in Iwx is a square in IF?.’
70
2. CONIC3
AND
PADIC
NUMBERS
if and only if a > 0. Which elements in Q$ are squares? Proposition 2.18 gives an answer to this question. For example, in Q)5” numbers such as 6 and 11, which are 5adically close to the square 1, are squares, and 1, which is close to the square 4, is also a square. Just as in Rx, elements close to squares are also squares. (In this sense, the algebraic structure of lR or Qp is simpler than that of Q.) (a) Exponential @ we have and logarithmic functions in Q,. In R or
(also written (where the righthand side always converges), ‘Yl
exp(z)) and when It  11 < 1,
log(t) = c
n=l
(t  1)“.
We consider
an analog in Q,. 2.14. (1) Let IC E Q,. 2 5 n=O (written The series exp(z))
PROPOSITION
converges
if and only converges if and only means the exponential
if x E pZ, in the case p # 2, and it if x E 422 in the case p = 2. (That function in Q, does not converge on all of Q,, as compared to the case o.f Iw or C.)
2 (1Y1
n
n=l
(t  1)”
(written
log(t))
(3)
converges if and only if t  1 E pZ,. If x1 and 22 are in the domain of convergence if tl and t2 are in the domain of convergence we have
+ x2) = exp(xl) ew(x2), log(tlt2) = log(tl)
of exp(z), and of log(t), then
exp(xl
+
log(t2).
(4)
Weletm>lifp#2,andm>2ifp=2.
log are isomorphisms,
additive group pmZ, % multiplicative
and they are inverse
Thenexpand to each other:
group
1 + p”Z,
= { 1 + pma 1 a E Z,}.
2.5.
MULTIPLICATIVE
STRUCTURE
OF
THE
pADIC
NUMBER
FIELD
71
In order to prove Proposition lemma first.
LEMMA
2.14 we need to show the following
n > 0, we have
2.15. (1) For any integer ord,(n!) = e
is1
[1
F ,
which signifies the nc  ord,(n!) The condition c > 0.
where [x] is the “Gauss symbol” of z, largest integer less than or equal to x. (2) Let c be a real number. The condition as n f co is equivalent to c > &. ord,(n) f cc as n + m is equivalent to (3) If c > &, then for any n > 1 we have nc  ord,(n!) 2 c.
f co
nc 
PROOF. We leave the proof of (1) to the reader. Let us prove (2). It follows from (1) that
nc
 ord,(n!)
2 nc  2
i=l
s 2 nc
.
Pl
n Also, if we put 1
The righthand side tends to m as n + 00 if c > &. n=pm, it follows from (1) that nc  ord,(n!) = pmc  epmz
i=l
= pm (c  ~
1 >
+ ~.
Pl
Pl
The righthand side tends to 00 if and only if c > &. If log,(n) is the logarithm of n with base p in the real number field, we have nc  ord,(n) >
nc
 log,(n)
since ord,(n) 5 logp(n). The righthand side tends to cc if c > 0. Letting n = pm, we have nc  ord,(n) = pmc  m. The righthand side tends to 03 if and only if c > 0. Let us prove (3). Since ord,(n!) < C,“=, 5 = & and an integer smaller than * is no greater than 2, we have ord,(n!) 5 3. Hence, nc  ord,(n!)  c 2 (n 
l,(c &)
20.
0
72
2. CONICS
AND
PADIC
NUMBERS
PROOF OF PROPOSITION 2.14. In order to show (1) and (2), it suffices by Lemma 2.9 to find the conditions for the convergence of the following: = nerd,(x)  ord,(n!), = nord,(t  1)  ord,(n).
(1)1 k$t)
But they are given and 5 = 1 if p = c. Next we show exp(x) E l+p’“Z,, we have log(t)
by Lemma 2.15(2). (Note that & < 1 if p # 2, 2.) The proof of (3) is similar to the case of IR or (4). By Lemma 2.15(3), if x E pm&,, we have since ord, (5) > m for n > 1; and if t E l+p”Z$,, since ord, ( (l)+‘v > _ > m for 72 2 1.
E pm&,,
We can prove log(exp(x)) = x, t = exp(log(t)) for x and t in these domains of convergence in just the same way as the case of Iw or @. q
(b) Structure of Q,“.
PROPOSITION 2.16. (1) 1fp # 2, Q,” E Z @Z/(p  1)Z CE Z,. (2) Ifp=2, Q,” “Z@Z/2Z@Z~. This proposition follows from the following proposition and the fact F; g Z/(p  1)Z (Proposition 2.1). PROPOSITION 2.17. (1) Any element
(n E Z, u E Z,“) in a unique of Q$ can be written manner. In other words, pnu,
zez;
‘Q;;
(n,u) t+pnu,
where ZF is the multiplicative group consisting of all the units in Z,. (2) Let G = {x E Zp” ( xpr = l}, and let Zp” + Fp” be the group homomorphism induced by the map Z, + Z,/pZ, = IF,. Then the composition G + Zc + IF; is a bijection, and Zc is the direct product of G and 1 + pZ,. group 1 +pZ, is isomorphic to Z,. (3) UP # 2, th e multiplicative If p = 2, the multiplicative group 1t 222 is the direct product of the subgroup {fl} and the subgroup 1 + 422. Moreover, we have 1+4& EC&.
PROOF. First, from the fact that Z?i = Ker(ord, : Q,” + Z) and ord,(p) = 1, (1) fo11 ows easily. If p # 2, then (3) follows from the
2 5. MULI’IPLICATIVE
STRUCTURE
OF
THE
pADIC
NUMBER
FIELD
73
fact that 1 + pZ, E pZ, via exp and log, and the fact that the map Z, + pZ, given by a H pa is an isomorphism. If p = 2, then (3) follows from the fact that 1 + 4& ” 422 via exp and log, and the fact that iz2 ” 422. Let us prove (2). Since the kernel of izz + IF: is 1 + pZ,, it suffices to show that the composition map G + IF: is a bijection. For injectivity, it suffices to show that G n (1 + pZ,) = { 1). This is trivial if p = 2, since G = (1). If p # 2, it follows from the fact that 1 + pZ, E Z, does not have any element of finite order except for the identity. We now prove that G + lFi is surjective. This is trivial if p = 2, since IF,X = (1). If p # 2, let a E “p” and let u E Z, be an element whose image in IF, is a. Since up’ = 1, we have upl E 1 +pz,. Put u = exp ( and w = uuI. Then exp(log(uPI)) = upl. equal to a. (c) Squares in Qp. 5 log(uPl) >
we have w E G, because we have up’ = Since v E 1 +pZ,, the image of w in ‘Fc is cl
PROPOSITION 2.18. If we express an element a in Q: aspnu (n E Z, u E Zc ) (Proposition 8.17( I)), a is a square in 0,” if and only if the following two conditions are satisfied.
(i) 72 is even. (ii) If p # 2, u mod p;Z, is a square If p = 2, u E 1 mod 822. in ‘Ft.
PROOF. By Proposition n is even and u is a square
1 + PZ, = exp(pZ,)
2.17, a is a square in Q,” if and only in Z:. If p # 2, we have
= w$W,) = {exdp~p))2,
if
and thus an element of 1 + pZ, is a square Zc/(l +pZ,) 2 “c, the case p # 2 is proved. 1 + 822 = exp(8Z2) = exp(2.42~)
in Et. Since we have If p = 2, we have = {exp(4Z2)}2, in Zc. Since we have the case p = 2 is also 0
and thus an element of 1 + 822 is a square Zc /(l + 8Z2) E (Z/8Z)x E Z/2Z C$ Z/22, proved.
74
2. CONICS
AND
PADIC
NUMBERS
The following Proposition 2.18.
PROPOSITION
proposition 2.19.
follows
from either
Proposition
2.16 or
(1)
Ifp
#
2, Q,“/(Q,“)2
S! Z/2Z CB Z/2Z.
(2) Q2”/(Q,“)”
there QUESTION 10. exists a square QUESTION mod4. 11.
E z/az
@? z/22 63z/22.
satisfying a = zkl mod 5. Show that
Let a be an integer root of a in Qs Show that there exists
a square
root
of 1
in U& if and only
ifp=l
QUESTION tensions of U&
12. Show Determine
that if p # 2, there exist exactly three all three quadratic extensions of Q5.
quadratic
ex
2.6. Rational
We begin of 52.4: If a, b E Q” this section
points on tonics
the statement at the beginning
by proving number,
and p is a prime there
(a, b)p = 1 _ (This is contained Theorem 2.3.
exist
II:, y E Qp such that 2.20.) We then
ax2 + by2 = 1.
use it to prove
in Proposition
(a) Conies defined over Qp. The Hilbert
Q” + (51) can b e extended for a, b E 0; we write a = p’u, and we put T = (1)qgbi If p # 2, define = (1)i&3212 naturally to Qt
symbol ( , )p : Q” x x Q: + {fl}. Indeed,
b =ph
(i,j E z, u,u E Z,x),
E q
(a,b),= (yq,
and if p = 2, define (a,b)2 = (I)+ x QG + (l)++. { z!~l}, Proposition 2.4 holds if
For this symbol ( , )p : Q: we replace (Zc,) ) ’ by Zc.
2.6. RATIONAL
POINTS
ON
CONICS
75
PROPOSITION 2.20. For a, b E Q,“, the following two conditions are equivalent. (i) (a, b)P = 1. (ii) There exist x, y E QP such that ax2 + by2 = 1. PROOF. First we suppose that there exist z,y E Q, satisfying ax2 + by2 = 1, and we show (a, b), = 1. If z = 0, then b E (Q,X)“, and if y = 0, then a E (Q,“)2. In both cases we have (a, b)P = 1. Suppose II: # 0, y # 0. Then (a, b)P = (ax2, by2)p = (ax’, 1  UZ~)~, and we have (ax2, 1  ax2 ), = 1, since Proposition 2.4(3) still holds for ( , ), : Q$ x Q,” 4 (51). Next we suppose (a, b)P = 1 and show the existence of 5, y E Qp satisfying ax2 + by2 = 1. Conditions (i) and (ii) depend only on the image of a, b E 0,” in Q,“/(Q):)“. Thus, we may assume, by multiplying a and b by a suitable element in (Q,X)“, that a and b are both elements of Zc U pZc. If both a and b are in pZF, we may replace a by ab‘; indeed, for (i) we have
(abK1, b)P = (a, b)P . (b, b)P = (a, b)P and for (ii) we have 32, y E Q, such that ab‘x2 M w u
a,bEZ,X.
(Proposition 2.4(3)),
+ by2 = 1 + by2 = z2 and (x,Y,z) # (0,&O)
3 z, y, z E Qp such that ab‘x2
3 x, y, z E Q, such that (by)2 = ax2 + bz2
and (2, Y, z) # (0,&O)
3x, y E U& such that ax2 + by2 = 1.
b E p. Z$ and the case
Hence, it suffices to consider the case a E Zt,
(a) ThecaseaEZ,X, bEp.Z,X. means that a mod p E “c is a square. By If P # 2, (a,b), = 1 Proposition 2.18, there exists t E Q,” such that t2 = a, and we have a (i)’ + b. O2= 1. If p = 2, (a, b)P = 1 means that “a E 1 mod 822 orazlbmod822”. (This is because Proposition 2.4(52) holds for the Hilbert symbol extended to Q$ x Qc .) If a E 1 mod 8&, there exists t E Qc such that t2 = a (Proposition 2.18), and we have a (i) 2 + b . O2 = 1. If a E 1  b mod 822, there exists t E Q,” such that t2 = e (Proposition 2.18), and we have at2 + b. l2 = 1.
76
2. CONICS
AND
PADIC
NUMBERS
and We {au2 thus 2, y
(b) The case a, b E Zp”. Suppose p # 2. Then the condition (a,b), = 1 always holds, thus we must show that ax2 + by2 = 1 has a solution in U&. denote by a,& the images of a, b in IF,. Each of the two subsets / u E IF,} and {I  bv2 ( v E IF,) has cardinality q, and t,heir intersection is nonempty. This implies that there exist E Z, such that ax2 z 1  by2 mod pZ,. If x $ 0 mod pZ,, there
exists t E Q,” such that t 2  e by Proposition 2.18, and we have at2 + by2 = 1. If x = 0 mod pZ,, then 1 = by2 mod pZ,. Hence, there exists t E Q,” such that t2 = b by Proposition 2.18, and we have a. O2 + b ($)” = 1. Now suppose p = 2. Since (a, b)2 = 1, we have or b = 1 mod 422. Suppose, say, a = 1 mod 422 mod 422 is similar). Then we have a = 1 mod 822 or If a = 1 mod 822, there exists t E Q,” such that t2 a z (the a E = a 1 mod 422 case b G 1 5 mod 822. by Proposi
tion 2.18, and we have a (f)” + b. O2 = 1. If a = 5 mod 822, then 4b G 4 mod 822 and thus we have a F 1  46 mod 822. Hence, there exists t E Qg such that t2 = e by Proposition 2.18, and we have at2+b+22=1. 0 (b) Proof can be rewritten “Let lent. (i) ux2 + by” = 1 has a solution in Q. (ii) ax2 + by 2 = 1 has a solution QV in for all primes 21 = m.” Clearly, (i). Let u,b E QX, and suppose ax2 + by2 = 1 has a solution in Qv for all primes u and u = co. We need to prove that it has a solution in Q. If we multiply a and b by the square of a rational number, it does not affect the existence of a solution in Q to ax2 + by2 = 1. Thus, we may assume that a and b are squarefree integers. We prove the statement by induction on max(lal, lb\). If either a or b is 1, ux2 + by” = 1 clearly has a solution in Q. (i) implies (ii). So, all we need to prove is that u and of Theorem 2.3. By Proposition 2.20, Theorem 2.3 in the following form. Here, we write Qoc for R. The following conditions (i) and (ii) are equiva
a, b E Q”.
(ii) implies
2.6.
EtA’I’IONAL
POINTS
ON
CONICS
77
If max(luj, lbl) = 1, we have a > 0 or b > 0, since we assumed that the equation has a solution in Iw. This means we have a = 1 or b = 1, and it has a solution in Q. Suppose max([al, lb]) > 1. The statement is symmetric with respect to a, b, so we may assume Ial < lb/. Since b is square free, lb1 is a product of distinct prime numbers. Let us prove that a mod b is a square in Z/bZ. If not, a mod p is not a square in F, for some prime factor p of b. (This follows from the Chinese Remainder Theorem.) Then p # 2, and we have (u,b), = (;) =  1. This implies that uz2 + by2 = 1 does not have a solution in Qp, which is a contradiction. Hence, a mod b is a square in Z/biZ. We thus have an integer r such that r2 E a mod b. Since any element of Z/bZ has a representative in y 5 n 5 T, we may assumeO<r< 
@J. Put 2
r‘J 
a = bc,
c E z. means that
If c = 0, we have a = r2 and a (b)” + b. O2 = 1, which there is a solution in Q. Suppose c # 0. We have
(The last inequality is due to the fact that Ibl > 2.) By Lemma 2.21 below, all we need to consider is the case ax* + cy* = 1. If Ial < lbl, we can use the inductive hypothesis (since ICI < lbl). If Ial = lbl, we can reduce to the case Ial < lbl, since /c( < Ibl. 0
LEMMA
bc. Then
2.21. Let K be a field; a, b, c E KX; there is a bijection between two sets
r E K;
and r2 a
=
X = {(x, y, z) E K x K x K I ax2 + by* = z2, (2, y, z) # (O,O, 0)}, Y = {(x, y, z) E K x K x K I ax* + cy” = z2, (x, y, z) # (O,O, 0)).
PROOF.
Define f(x, dx,
f : X + Y, g : Y + X by y, z) = (rx + z, by, ax + rz),
Y,
~1 = (rx  z,
CY,
ax + rz), of X and Y, respec0
and verify that tively.
g o f and f o g are the identities
78
2. CONICS
AND
PADIC
NUMBERS
Summary
2.1. If a conic defined over the rational tional point, it has infinitely many rational scribe them explicitly. (However, the main not this, but 2.2 and 2.3 below.) number field has a rapoints, and we can detheme of the chapter is
2.2. For each prime number p there is an extension field of the rational number field called the padic number field. Each padic number field is considered to be as important as the real number field. The padic number field has a notion of convergence as does the real number field, but the properties of convergence are quite different from those in the real number field. 2.3. A conic defined over the rational number field has a rational point if and only if its equation has a solution in the real number field and in the Q, for all prime numbers p. The existence of a solution in Q, can be determined by the Hilbert symbol, which is related to the quadratic residue symbol.
Exercises
2.1. Find an example of a sequence of rational numbers which converges to 1 in Iw and which converges to 0 in Qz. Also find an example of a sequence of rational numbers which converges to 1 in Q3 and which converges to 0 in Qz. 2.2. Define
and define a ring structure on the from Z [l/p] /Z to itself, denoted by defining the sum of f and g by z E ;Z [l/p] /Z, and the product off Show that there is an isomorphism Z, “Horn (Z[i]/Z,
set of all group homomorphisms by Horn (Z [l/p] /Z, Z [l/p] /Z), (f + g)(z) = f(z) + g(z) for all and g by the composition fog. of rings z[~]/z) .
2.3. Find ords(4n  1) (n E Z). (Hint: number field to get 4”  1 = exp(nlog(4)) tion 2.14(4).
Use exp, log in the 3adic  1, then use Proposi
EXERCISES
79
2.4. (1) (2) (3)
Let p be a prime number. Show the following: x2 = 2 has a solution in QP w p E 1,3 mod 8. x2 +y2 = 2 has a solution in QP u p # 2. x2 + y2 + 22 = 2 has a solution in QP for any p.
CHAPTER.
3
In this chapter zeta function).
we introduce
an important
!illlction
called
< (the
3.1. The (3.1)
Three formula
wonders
of the
values
of the
< function
was discovered by Euler around the infinite sum of the lefthand pleased to find the mysterious number 7r. The formula
1735. 1Ie had attempted to determine side for many years, and he was quit,e fact that, the sum is related t,o t,he
is called Leibniz’s formula. He discovered it in 1673, and he felt that he found t,he mystery of Nature. It is said t,hat he decided t,o quit being a lawyer and diplomat, in order to pursue mat,hematics because of this discovery. Leibniz’s formula, however, had been discovered by Gregory shortly before Leibniz. and also by an Indian mat,hematician, Madhava, around 1400. These formulas t,ogether wit,h Euler’s formula
(3.4) (3.5)
1$+&$+&&+... 1;++;+
Xl
=E’ . ..= “iT 3&’
7r3
82 and Dirichlet’s (3.6) formula l~;+~+L~iL+~ +... = 5
3. c
(k signs repeat log(1 + v5)
every 8 terms)
are the formulas on the values of a class of functions called < functions. These formulas reveal their secrets as we study them more and more. In this section we introduce < functions and three interesting properties on the values of < functions. Define
This function c(s) is called the Riemann C function, named after Riemann who made important contributions to the study of this function in t,he 19th century. The formulas (3.1) and (3.3) may be expressed as c(2) = $ and C(4) = $,
respectively, and thus they may be regarded as formulas for the values of the Riemann < function C(s). Let N be a natural number and (Z/NZ)x be the multiplicative group of units in the ring Z/NZ. A homomorphism from (Z/NZ) ’ to the multiplicative group of nonzero complex numbers Cx x : (Z/NZ)X is called a Dirichlet character (modulo + Cx N). We define
L(s,x) = 2 9
n=l
This is called the Dirichlet L function (with respect to x). Here, x(n) is defined as x(n mod N) if n and N are relatively prime, and 0 otherwise. The formulas (3.2) and (3.4) may be expressed respectively using the Dirichlet L functions as L(l, xc) = : and L(3, x) = g,
I
3.1.
THREE
WONDERS
OF
THE
VALUES
OF
THE
C FUNCTION
83
where the character
x is given by ={1mod4,3mod4}+@X, x(3 mod 4) = 1. as a formula for the value of
~:(2/42)~
x(1 mod 4) = 1,
The formula (3.5) may be regarded Dirichlet L function L(s, x) L(l,x) with the Dirichlet x: character (Z/SZ)’
= !I3&i> x given by x(2 mod 3) = 1. as a formula for the value of
={1mod3,2mod3}+(GX,
x(1 mod 3) = 1,
The formula (3.6) may be regarded Dirichlet L function L(s, x) L(l,x) with the Dirichlet x: (Z/8Z)x character
= +2 log(1 + J2) x given by
= (1 mod8,3mod8,5mod8,7mod8}+~X, x(1 mod 8) = x(7 mod 8) = 1, x(3 mod 8) = x(5 mod 8) = 1.
These c(s) and L(s, x) are examples of the class of functions called < functions. c functions are so important in number theory that some people even claim that number theory is the study of < functions. The first mystery of the values of C functions is that there exist unexpected formulas such as (3.1)(3.6), where one side of the identities is quite different in nature from the other side. Many formulas of the following type have been known: the value of a C function = (rational number) similar to log(1 + A)). ($3.2, Corollary 3.9). at s = integer
x (the power of 7r or something For example, if T is a positive c(r) = (rational number) x 7rr
even integer, Euler proved the formula
The second mystery of < functions is that their values at s = integers are related to the world of padic numbers in a quite unexpected way. For example, if T is a positive even integer, <(r)rPT is a rational number as mentioned above, and this rational number has
x.2
3. c
some padic properties. It was first studied by Kummer in the nineteenth century, and Kubota and Leopoldt clarified it around 1964. It seems as if the homeland where < functions originally come from is an unknown world which governs both the world of real numbers and the world of padic numbers. The third mystery of < functions is that some values of < functions have subtle arithmetic meanings. For example, Leibniz’s formula (3.2) tells us that Z[i] is a principal ideal domain, as we will see in 54.3. This can be explained by the class number formula (see $4.3, and Chapter 7 on < function in Volume 2), which was discovered by Dirichlet in the nineteenth century. In the late twentieth century, an effort to understand the meanings of values of < functions more deeply than the class number formula turned into a theory called “Iwasawa theory”. In $3.2 we discuss the first mystery about the values of c(s) and L(s,x) at s = positive integers, and we prove (3.1)(3.5). (For the proof of (3.6), see Exercise 3.3.) In $3.3 we introduce the analytic continuation of these < functions to the entire complex plane, and we discuss the first mystery of the values of < functions at s = negative integers. We mention the second and third mysteries at the end of $3.3. We will further discuss these two mysteries in Chapter 10 in Volume 3. We named this chapter “<” instead of “I functions”. We dropped the word “functions” because we feel more and more as we study < functions that C functions are something more than just functions. 3.2. Values at positive integers Euler gave to the fol
(a) C(2). We first g’ive one of the proofs lowing theorem of Euler.
THEOREM 3.1.
C(2) = g . for the sine function
PROOF. We use the product
(3.7)
formula
sin(7rz) =fi(l$),
TX n=l
which was also discovered by Euler (see N. Bourbaki, Fonctions dine variable re’elle, Chapter VI $2, Theorem 2, or L. Ahlfors, Complex Analysis, Chapter 5, $2.3). We compare the Taylor expansion of
3.2. VALUES
AT POSITIVE
INTEGERS
85
both
sides of (3.7) a t z = 0. By the Taylor
3 27
expansion + sr  ... )
X9
of sin(z),
sin(x) we have lefthand
= z  5
+ $
 T
T2 side of (3.7) = 1  31x2 hand, the Taylor
+ terms
of degree
4 or higher. side of
On the other (3.7) gives righthand
expansion
of the righthand
side of (3.7) x2 + terms of degree 4 or higher
Therefore,
we have &1
(b) Values at a general 3.8 concern the values of c(s)
DEFINITION
positive integer. Theorems 3.4 and and L(s, x) at positive integers. functions h,(t) (r = 1,2,3,. ..)
with
rational
3.2. Define rational coefficients by
hi(t) = JLiL
2(1  t) ’
r1 (hl (t)) (r >
1).
t + 49 + t”
(1 
For example
(3.8)
b(t)
= (1 ” t)2 > b(t)
T greater than
= (1 _ tj3>
or equal
t + t”
b(t) =
ty
.
For any integer
to 1 we have
h7.(t) E Q t, L
. [ 1t 1
86 PROPOSITION (1)
3. c 3.3. Let x E @, x $! Z and t = e2Tix.
w=f&.(&+J). nEz
(2) If r 2 2, then
h,(t) (&Tc =l)!. >nEZ (r (x :c
cot(7rx) = &c nEZ & + Jxn
PROOF.
Take $& log( ) of both sides of (3.7), and we have . >
(3.9)
Since cot(y) = a sin(y) = we see that
i(eXSi cot(7rx) =
and we have
eYi eYi eYi + 2 eY2 7
2i
’
COS(Y)
=
+ _
e~Zi) em2
eTxi
= 2ihl(t)
(t = e2rzs),
which proves Proposition 3.3(l). Applying (t$)r1 = (&)rl both sides of the above formula, we obtain Proposition 3.3(2). Prom Proposition 3.3 we deduce Theorems 3.4 and 3.8.
to 0
THEOREM 3.4. Let N be a natural number greater than 1, x a Dirichlet character modulo N, and r a natural number. Suppose x(l) = (1)‘. If we put CN = e2xi/N, then we have
Prom Theorem 3.4 we deduce the formulas (3.2), (3.4), and (3.5) in 53.1.
3.2. VALUES EXAMPLE
AT
POSITIVE
INTEGERS
87
3.5. l;+;+L+...
zz
EXAMPLE
+$().;.(3&2L) 0
2?ri 4 1 ‘?=4. lr 3.6.
=&.
(4 >
27G
. ; . (hi(i)
 h&.3))
1;+;+i+...
=
EXAMPLE
(I.27ri 3
1
i
n3&’
2
A=
3.7.
=&
( >
2Ti
3 1
. 5.
4
(h&)

h3(i3))
=~.(~)“+.(+$) =. 1
2
THEOREM
(from(3.8)) 3 1
z. (q = g. even integer. (a~ri)’ . ; . b1). then rY<(r) is We have
27ri (3 4 3.8. c(r)
Let r be a positive . 2’ \ 1
= (r T l)! 3.9.
COROLLARY
If r is a positive
even integer,
a rational
number.
This is because h,(t) is a rational function with rational coefficients, and thus its value h,( 1) at 1 is a rational number. We deduce the formulas (3.1) and (3.3) from Theorem 3.8.
(from
(3.8))
72 6
EXAMPLE
C(4) = &y irJ 90 . 3.8 does not say anything about c(3), . Apkry proved that C(3) is an irrational number C(5). C(7), 1‘(g), .: in 1978. It is cori,jectured that c(5), c(7), c(9), are also irrational numbers, and if r is an odd integer at least 3, C(r) cannot be expressed as the product or sum of rational numbers and 7r unlike the case where T is even. But these conjectures have not been proved.
3.11
ii,
(&4J.
; . l’,.?  l
(from
(3.8))
REMARK 3.12 Theorem
PROOF OF THEOREM 3.4.
sum C y(~)h,.((~~.) at(Z/R;Z) x
Using Proposition 3.3, we rewrite the in th e righthand side. If n 2 0, we have
If n < 0, we put
n,’ =
n

1 2 0 and we have
zzzN’
By Proposition 3.3 we obtain
c
x(m) m’.’
PROOF OF THEOREM 3.8. x be the trivial homomorphism
In
Theorem 3.4 take N = 2 and let y : (Z/2Z)” f Cx. Then. for a
3.3.
V.L\LUES
AT
NEGATIVE
INTEGERS
positive
even integer L(r,x)
r we have 27ri = (1: we have ( 2 1 T 1 . 2 h,.(1).
I
On the other
hand,
Theorem
3.8 follows
from
this.
0
QUESTION
1.
By letting
z = i in Proposition
3.3, show
the formula
2x + 1 ,27T  1
QUESTION
the previous
2. Using Proposition 3.3(2) question, show the formula $e4T
with
r = 2, I = i and the formula  ;
in
•t 2n2e2” (e 2n  1)2
These formulas are not about thezvalues of ( functions, belong to the same world as c(2) = $, and it has a flavor
but they of <.
3.3. Values at negative
integers
(a) Analytic continuation. If we consider s to be a complex variable, C(s) and L(s,x) can be extended beyond the domain of convergence of the original infinite series, and we can consider their values at negative integers as we see in Proposition 3.15. In order to study the properties of the values at negative integers, it is convenient to introduce the partial Riemann < function and Hurwitz < function.
DEFINITION
3.13.
For a natural
number
N and an integer
a de
fine
where t,he sum is taken a mod N. This function respect to a mod N.
over all natural is called partial
numbers Riemann
72 satisfying < function
n E with
90 For example, we have
3. c
&(4)(S) DEFINITION
= 1 + ,,: + ;
+ &
+ $
+ ‘. .
3.14. For a positive C(s,x) =go
real number z define (,:,,i
This is called the Hurwitz
zeta function
We note that the notation &N)(S) is our own and it is not generally used. From the definitions we have the following properties. (3.10)
La(l)W = I(s), as> 1) = C(s).
For x a Dirichlet character mod N N (3.11)
a=1
(define x(a) = 0 for a that is not prime to N). For a natural number N and an integer a satisfying 1 < a 5 N (3.12) < (s, ;> = N” . L(N)(S).
PROPOSITION 3.15. (1) The defining series of C(s), L(s,x) (x is a Dirichlet character), C&~)(S) (N is a natural number and a is an integer) and C(s, x) (x is a positive real number) all converge absolutely for s satisfying Re(s) > 1, and they
(2) are holomorphic in this domain. The functions c(s), L(s, x), &(N)(S) and <(s, CC) have analytic continuation to the entire complex plane, and they are meromorphic functions. They are holomorphic in s # 1, and
we have liil (s  l)C(s) = 1, ;il (s l)&(N)(S)
= ;>
liil (s  l)C(s,x)
= 1.
(3) If the image of x : (Z/NZ)X + Cx is not {l}, the defining series of L(s, x) converge (the sum is taken in the order n = 1, 2, 3,. . . ) for s satisfying Re(s) > 0, and it is a holomorphic function in this domain. For such a x L(s, x) is holomorphic
in the entire complex
plane.
3.3.
VALUES
AT
NEGATIVE
INTEGERS
91
We give a proof of Proposition
3.15 at the end of this section.
(b) Values at negative integers and Bernoulli nwnbers and Bernoulli polynomials. Theorem 3.18 shows that the Riemann < function has rational values at nonpositive integers, and they can be expressed in terms of Bernoulli numbers and Bernoulli polynomials.
DEFINITION 3.16. The Bernoulli is defined by the formula
number B, (n = 0, 1, 2, 3,. . . )
Prom the formula ~ = ez  1 x+$+$+. =I( we see that (3.13) B. = 1, B8 = $ In particular, even function (3.14) B1 = ;, B”=;, B4 = &,
2 2
1 = I+%+$+...
x . x2 1 2 ..., s+y+*
;+g+...
.
>
+
(
5 691 7 BIO = , Blz = ’ B14 = ,.... 66 2730 6 B,‘s are all rational numbers. Since &  1 + 5 is an (i.e., invariant under J: H x), we see that for n an integer greater than or equal to 3. polynomial B,(z) (n = 0, 1, 2,
B, = 0
DEFINITION 3.17. The Bernoulli 3,. . . ) is defined by
B,(z) where (1) = &.
= 2 (:) i=o
BiFi,
From (3.13) we have (3.15) B,,(z) B3(x) = 1, Bl(s) =x;, By B2(2) =x2 x+, 1 6
3 = x3  p2 + $x,
= x4 2x3+x2$,....
92
3. c
In particular, have
R,(z)
is a polynomial B,(O)
in rational = B,.
coefficients,
and we
THEOREM
3.18.
(1) F or a natural number r and a positive
real
number x we have <(l  7,x) = r&.(x) (2) For natural numbers 1 5 a 5 N we have
r
and N,
and an integer
a satisfying
COROLLARY m a nonpositive
3.19. Let N be a natural integer. Then, we have
number,
a an integer,
and
CE ,(iv)(m) E Q.
In particular, we have C(m) E Q for any nonpositive integer m.
This can be seen from Theorem 3.18(2)
EXAMPLE
3.20. From Theorem 3.18 (2) and (3.15) we see
L a(N)(O) ; = <@+l)
&q2)
+ ;, + ;  ;,
+ ;  Jp.
= &
= &
COROLLARY 3.21. Let N be a natural number. If the image of a Dirichlet character x : (Z/NZ) ’ + Cx is diflerent from {l}, then we have
L(0, x) = kc
a=1
ax(a).
This follows from Example 3.20 and the fact ~~=“=, x(a) = 0 (see Question 3).
QUESTION 3. Let G be a finite group and x: G ) Cx a homomorphism whose image is different from (1). Show that CcAtc x(a) = 0.
3.3.
VALIJES
A’l’
NEGATIVE
INTEGERS
93
Theorem 3.18(2) follows from Theorem 3.18(l) and the relation (3.12) between the Hurwitz < function and partial Riemann < function. Before giving a proof of Theorem 3.18( 1) at the end of this section, we explain first why Theorem 3.18(l) is a natural . property in view of the nature of the Hurwitz < function and Bernoulli polynomials. The Bernoulli polynomials first appeared in the formula for the sum of kth power. For natural numbers T and 5, we have a formula
Xl
(3.16) For example, 1+2+3+.. 1+ 2” + 32 +
c 72l n=o we have
= g?(x)
 8.).
. + (x  1) = :(X2 . + (x  1)2 = ; ( x3  Es2 + ix >
On the other
hand,
the Hurwitz
< function
satisfies
by definition
C(%X+ 1)  C(%X) = ;>
and therefore (3.17) for any natural
X1 c n=l
number
= <(.5,x)
x we have
+ C(s).
1 ns

In other words, when we consider the formula of the sum of I;th powers when Ic is positive, Bernoulli polynomials appear, while we consider it when k is negative, the Hurwitz < function appears. This fact makes us feel that the formula ((1  T, Z) = f&(x) is very natural. We now explain briefly why (3.16) holds. Let us consider the linear operator
D: Wd + @bl; f(x) H &XI
on the polynomial ring @[xl. W e see from the theory of Taylor pansion that the linear operator eD = c,“=,, $$ satisfies eD(f(4) = f(x + 1) ex
94
3. c
for all f(x) (3.18)
E @[xl . From the definition
of B, we have
D = (8  1) 2 $I. n=O
Operate (3.18) on zT and use the formula
F $D’“(x’) n=O = 2 (r,) n=O BnsFn = BT(x),
and we obtain
(3.19) rx r1 = B,.(z + 1)  BT(z)
The formula (3.16) follows easily from this.
QUESTION 4. If we tend s 1 in (3.17), we have
for any natural number 2. Find the righthand side when z = 5/2. (If we let r 2 = f in this formula, the lefthand side does not make sense, but it seems like the sum of i from 1 to ?j.)
COROLLARY
3.22. (1) C(0) = $.
(2) If r is a natural number greater than or equal to 2, we have <(l  r) = fB,. (3) If m is a negative even number, we have c(m) = 0.
PROOF.
From Theorem 3.18(2) we have ((1 r) = iB,(l)
for a natural number r. Since B1 (x) = z  5, we obtain c(O) = $. If r 2 2, it follows from (3.19) that B,(l) = BT(0) = B,. From (3.14) we have B, = 0 for an odd integer r less than or equal to 3, and thus we have ((1  r) = 0. 0
3.3. VALUES EXAMPLE
AT
NEGATIVE
INTEGERS
95
3.23. = ;, = 
Prom ((1)
3.22 and (3.13) = A, ((7) <(11) = = ((3) l 24X3X5) 691 23X32X5X7X13’ = l 23X3X5’
((0) ((5)
l 22 x 32 x 7’ l 22 x 3 x 11’
<(9)=C(13)
= A,.
“.
(c) Proof
PROOF OF
of Proposition
PROPOSITION
3.15 and Theorem
3.18.
tion L(s, x). (Similar proofs let Re( s) = g > 1, we have
3.15( 1). We prove this for the funcwork for &N)(s) and <(s! z).) If we
x(n)
ll ns If n > 2, we have
5;.
n J
12l
&dz,
and thus ~$,,.~=$dz=l+& n=l This shows that the series C,“=, 9 converge absolutely, and, for any c > 1, they converge uniformly in the domain Re(s) > c. Since the limit of a uniformly convergent sequence of holomorphic functions 0 is again holomorphic, Proposition 3.15(l) is proved.
PROOF OF PROPOSITIONS 3.15(2) AND 3.18(l). To prove Proposition 3.15(2) it is sufficient to prove it for ((s, x). We prove it together with Proposition 3.18(l). As a preliminary, we introduce the I function. For a complex number s satisfying Re(s) > 0 define
r(s)
=
f. IXe“p
If s is a natural number, we hzve I’(s) = (s  l)!. l?(s) has an analytic continuation to a meromorphic function on the entire plane. We denote this extended function by I’(s) also. Then it is known
that I’(s) has the following properties. r(s) is holomorphic except for s = 0, 1. 2, 3, . , where it has a pole of order 1. I’(s) does not have a 0. For m > 0 we have &Em(s Now, if Re(s) + m)r(s) = (1)“;.
> 1, we have
x==e(s+n)uUs *u We =J’ n=o c 0
=r In other was, We divide words, (, eCsu Gus;. du we have f(s, u)du, where p(s,u)
let u = ~ L7C+n’ >
t
4 = JX
0
= &u
Sl
.
the integral
into two parts: = /’ o f(s, u)du + lx f(s, u)du.
J’
()_ f(s, u)du
J’
Since the function ePszL approaches the integral s;” f( s , u )d u converges it is holomorphic B, (z) we have on s. Consider
0 rapidly as u tends to infinity, for any complex number s, and J, f(s,u)du. uexu 12. = e”  1’ By the definition of
x Kc(s) CTU 77=0 Therefore
3.3. VALUES
AT
NEGA'I'IVE
INTEGERS
97
This has an analytic continuation to a meromorphic function s in the entire complex plane. It is holomorphic except at s = 1, 0,  1, 2, 3,. . . ) where it has a pole of order 1. to a meromorphic function on the Thus, r(s)(‘( s,x ) is extended whole complex plane, and it is holomorphic except at s = 1, 0,  1, 2, 3,. . , where it has a pole of order 1. Therefore, C(s,z) has an analytic continuation to the whole complex plane, and it is holomorphic except at, s = 1, where it has a pole of order 1. For an integer n > 0 we have
sJ~n(s + 71 l)(r(s)((s,
If we let 72 = 0 and take the fact l?(l) lii (s  l)<(s,z)
x)) = y
= 1 into = &(z)
. (1)” account, = 1. = (l)“’ . A, and we have
If R > 1, we have lim,,l,(s thus we have {(l
+ 12  l)r(s)
n,.,5) = ~ Bn (xl
n
PROOF
OF
PROPOSITION
3.15(3).
For
s satisfying
Re(s)
>
0
and m 2 0, define
We have L( s, x) = fo (s) + Cz= (3.20) 5 I.fm(s)l 77?=1 I N.
1 fr,, (s) . In the following ISI . (1 + &)
we prove
es
The inequality (3.20) shows that the series X:=1 fnL(s) converge uniformly in the domain {s E @ 1 IsI < C, Re( s) > C’}, for any real numbers C and C’, and thus the sum is holomorphic when Re(s) > 0. Let us prove (3.20). Since the image of x : (Z/NE) ’ + @’ is not {l}, we have C,“=,
x(n)
= 0 ( see Question
3). Hence,
we have
98
3. c
We write
and thus,
if we write
mN+n s (@$+n)‘&=mN s
dx, xs+l 0 for Re(s), we have
Therefore,
we have
and thus we have
ii: I.fm(s)l N. ISI2 & I N. ISI.(1 + ;) . 5
m=l
m=l
(d) Functional equation. In Chapter 7, $7.2 in Volume 2 we will explain the fact that, when x : (i%/NZ) x + cx is a Dirichlet character and xl : (Z/NZ)X f cx is a Dirichlet character defined by x‘(a) = ~(a)i, th ere is a relation between L(s,x) and L(1 s,x‘) called th e f uric t’zonal equation. It follows from the functional equation that we have the property that for an even number r no less than 2, we have <(l  r) = 2 x (r  l)! x & for the Riemann < function. For example, for r = 2 we have
<(1) (see Example = 2 x 1x & 3.23). x a4
=
2
x&
7r2 X=6
1
12
(e) The second and third mysteries. We now discuss the second and third mysteries of the values of the < function. The second mystery was proved by Kummer in the nineteenth century and part (2) of the following proposition is called “Kummer’s congruence”.
PROPOSITION
3.24.
Let p be a prime integer
number. m $ 1 mod (p  l),
(1)
If m is a nonpositive then me have
satisfying
SUMMARY
99
(2) If m and m’ are negative integers satisfying m c m’ q.k 1 mod (p  l), then we have C(m) = <Cm’) mod PZ(,).
EXAMPLE 3.25. For a prime number p different from 2 and 3 we have  1 $ 1 mod (p  1). By Example 3.23 we have
<(1) = &
E Z(,).
The above congruence relations mod p satisfied by the values of the Riemann < function at negative integers are generalized to congruence relations mod pn (n > l), and extended to the theory of padic L functions, which takes its values in padic numbers (theory of padic L functions of Kubota and Leopoldt).
QUESTION 5. Show by using Proposition 3.24 that if m is a nonpositive integer, any prime factor of the denominator of C(m) when we express C(m) as a quotient of relatively prime integers is no greater than 2  m. (For example, in Example 3.23 the prime factors of the denominator of c(11) are 2,3,5,7,13, and they are no greater than 2  (11) = 13.
As for the third mystery, we will discuss in 54.4 that some arithmetic information of the field obtained by adjoining a 691st root of unity to the field Q is related to the fact that in Example 3.23 the numerator of <( 11) has the prime factor 691. In $4.3 we also discuss the arithmetic meaning of the values L(l,x) and L(0, x) for the Dirichlet character satisfying x( 1) = 1. For the second and third mysteries, see Chapter 10 in Volume 2. The values of C functions appear in many areas of mathematics in an unexpected way, and they do not ceaseto mystify us.
Summary 3.1. The value of the Riemann C function at a positive even integer r is of the form rational number x 7rT. The Riemann < function has an analytic continuation to the entire complex plane, and its value at a negative integer or 0 is a rational number. 3.2. The Dirichlet L function is a generalization of the Riemann < function. It has similar (but not exactly the same) properties to the Riemann C function.
100
3. c
3.3. The value at an integer of such a function called the < function has some mysterious arithmetical properties. (We will see later that it is related to the padic numbers and the ideal class group defined in Chapter 4.)
Exercises 3.1. Find the following (1) (l+~~+)+(~+&~~)+.... sums:
(2) (l+~++)+(i51;1+~+&+..
3.2. (2) (1) Show that if Re(s) > 1, we have (1  2l“)<(s) l~+~&t~&+.... Using log(2) = 1  i + f  i + i  i + . . , show lili,(” Here lim,,r+e real line. means  l)<(s) = 1. 1 from the right on the =
s approaches
3.3. Let
For a = 1,3,5,7
define
S a=
33 =  c‘“) c ETlog(l
71=1 n 8 .
Prove
formula
(3.6) by calculation . . , ck be positive
sr  ss  sg + ~7. real numbers and define
3.4. Let x,cr,.
(This is called the multiple Hurwitz < function.) Comparing to the proofs of Proposition 3.15(2) and Theorem 3.18, prove the following more general situation. 1 converges whenever (1) The series c 7x1,” ,%>O (z+clnl+...+cknk)” Re(s) > k. As a function on s, it has an analytic continuation to a meromorphic function on the entire complex plane, and it is holomorphic except at 1,2,. . , k.
EXERCISES
101
(2)
Let m be a negative integer or 0. By multiplying by the product cl . . . ck, <(m, 2; cl,. . . , ck) becomes a polynomial in
Z,Cl,..., ck in ($ coefficients.
CHAPTER
4
Algebraic
Number
Theory
Algebraic number theory was founded by Kummer in the middle of the nineteenth century, and it was later developed by Dedekind and Kronecker. Kummer had hoped that, by using his new theory, he could prove Fermat’s Last Theorem: If n is no less than 3, the equation x7%+ yn = zn does not have an integral solution x, y, z satisfying xyz # 0. We can rewrite the equation x” + y* = zn as
(4.1)
k=O
where & is the primitive nth root of unity cos (%) + isin (s), and (k is the Icth power of &. Both sides of (4.1) are in a product form, and we are tempted to apply the law of unique factorization to both sides of the equation. However, the formulas contain the number &, which is not a rational number, and thus Kummer was obliged to examine whether or not the law of unique factorization holds in the world of numbers containing such numbers as Cn. A finite extension of the rational number field Q is called an algebraic number field. For example, Q(<,) is an algebraic number field. Algebraic number theory is a subject which studies how the unique factorization property for the natural numbers can be generalized (in a modified way, if necessary). Even if a question is posed within the rational number field, it may not be answered within the rational number field, and it is often necessary to go to the world of algebraic number fields in order to answer the question. As a matter of fact, Kummer obtained a significant results to Fermat’s Last Theorem (see §4.4), which is originally a question within the rational number field. In this chapter we will discuss the method and important results of algebraic number theory.
103
104
4. ALGEBRAIC
NUMBER
‘THEORY
4.1.
Method
of algebraic
number
theory
In this section we will prove some of Fermat’s statements which we mentioned in the introduct,ion using the method of algebraic number theory, i.e., the method that enlarges the world of numbers. We also give a proof of Fermat’s Last Theorem in the case n = 3. (a) Proof of Propositions 0.10.5, 0.10 and 0.11. We show the propositions in the title by enlarging the world of numbers from Z to the rings such as Z[i] = {a+& 1 a, b E Z}, Z[J2] = {a+bn j a,b~ Z},Z[&] = {u+b& 1u,b~ Z},Z[fi] = {u+b&I u,b~ Z}. In the proofs below we will use the fact that these rings have the unique prime factorization property. Namely, if A is one of the following rings Z[i], Z[J2], Z[&], Z[Jz], then A has the following property: (*) If an element factored into a in A is nonzero the form and not a unit, then a can be in A), below.
a = a!1 “‘Q,
(r 2 1, (~1, . . , (Y, are prime is unique
elements
and this factorization
in the sense explained
The definition of a “prime element” is as follows. Rings such are integral domains (see Appendix A, §A. 1 for as Z[i] and Z[J2] the definition of an integral domain). An element (Y in an integral domain A is a prime element if the following conditions (i) and (ii) are satisfied: (i) (ii) Q is nonzero and not a unit. If a, b E A and ub E aA, then a E cuA or b E aA, where aA = {OX 1 x E A}. (Condition (ii) says that if ub is divisible by CY,then a or b is divisible by CE.)
For example, a prime element in Z is a number of the form &prime number. The meaning of the uniqueness is that if we have another factorizationofu,u=~~...ab(s>l, c~~,...,~~~isaprimeelementofA), then we have T = s, and if we renumber a!;, . , (Y: suitably, we have c(A = oiA (i.e., 0: = CQ x unit) for i = 1,. ,T. An integral domain that has the property (*) is called a unique factorization domain. In 54.3 we will verify by using < functions that the rings Z[i], Z[J2], and Z[&] are unique factorization domains.
PROOF OF PROPOSITION 0.2.
is the following:
The statement
of Proposition
0.2
4.1.
METHOD
OF
ALGEBRAIC
NUMBER
THEORY
105
(1) If p is a prime number congruent to 1 modulo exist 2, y E Z satisfying p = x2 + y2. (2) If p is a prime number congruent to 3 modulo do not exist x, y E Z satisfying p = x2 + y2.
4, then 4, then
there there
We have already proved (2) as part of Proposition 2.8. Since we have a~ = x2 + y2 for an element o = II: + yi (x, y E Z) of Z[i] (where cu is the complex conjugate of a), the statement (1) follows from the following Proposition 4.1(l), which expresses the law of unique prime factorization. number congruent modulo 4, then there is a prime element Q in Z[i] such p = ~5 (5 is also a prime element ofZ[i]). Moreover, &[i] nZ[i]. as a P’rzme number congruent to 3 modulo 4, then p (2)UP’ prime element in Z[i]. (3) 2 = (1 + i)2 x (i), and 1 + z are prime elments in whereas i is a unit in Z[i]. (4) Any prime element ofZ[i] is of the form (prime element peared in (1) (2) and (3)) x (unit). (5) The set of units of Z[i] is {fl, &}.
PROPOSITION 4.1. (1) If p is a prime
to 1 that # is a Z[i], up
PROOF. (1)
Since we have such that
Let p be a prime
number
congruent there
to 1 modulo an integer
4. a
3 = 1 (Theorem 2.2(2)), ( P > a2 E 1 mod p. Since we have  i) = a2 + 1 E pZ[i],
exists
(a + i)(a
a + i $! pZ[i],
a  i $J pZ[i], other hand, since factorization of p dividing p. Write is not a unit. We
we see that p is not a prime element in Z[i]. On the p is not a unit in Z[i], it follows from the prime in Z[i] that there exists a prime element Q in Z[i] p = a!p, p E Z[i]. s ince p is not a prime element, p have p2=a!yp.cYyp=cyG.pp,
and since both a~ and ,B,??are natural numbers, cvcv must be one of the divisors of p2, namely 1, p, p2. If CVG = 1, (Y would be a unit, and it is a contradiction. If a6 = p2, then ,B would be a unit since /3p = 1. Thus, we have p = CUCU. Suppose &Z[i] = ZZ[i], and we deduce a contradiction. Take an integer a E Z such that (u + i)(a  i) E pZ[i]. Since a is a prime element, we have either a + i E (YZ[i] or a  i E aZ[i]. Take the complex conjugates of these elements and use the fact
106
4. ALGEBRAIC
NUMBER
THEORY
oZ[i] = &Z[i], and we see that both a + i and a  i belong to crZ[i]. Since we have 2i = (a + i)  (u  i) E &Z[i], we have 2,p E aZ[i]. It follows that 1 is in &Z[i] and a is a unit, a contradiction. (2) Let p be a prime number congruent to 3 modulo 4, and let (1~be a prime element in Z[i] dividing p. We set p = a$ (,b E Z[i]). Then, as before, we have p2 = a~ ’ pp. Since we have a~ # 1 and we cannot write p = x2 + y2 (x, y E Z), we see p # as. Therefore, wehavec@%=p2, /3p=l, and p is a unit. Hence p = (Y/? is a prime element. (3) We show that 1 + i is a prime element. Let cy be a prime element in Z[i] dividing 1 + i, and set 1 + i = ~$3. Then we have 2 = (1+ i)(l i) = a3 . /3p. Since cucU# 1, we have a?%= 2, ,8p = 1, and therefore /3 is a unit. Hence 1 + i = cup is a prime element. (4) Let cr be a prime element in Z[i]. Considering the prime factorization of the natural number a~, which is not equal to 1, we see that (Y divides a prime number. (5) If 0 is a unit in Z[i], we set /3r = 1 (y E Z[i]). Then 1 = /3p. 77, and thus ,Dp = 1. If we write p = z + yi(z,y E Z), we have x2 + y2 = 1. The integer solutions of this equation are (x, y) = (fl,O), (0, *l). Hence, we have /3 E {fl, +A}. 0
PROOF OF PROPOSITION 0.1. Proposition 0.1 is about a prime number that can be the hypotenuse of a right triangle with rational sides. Let p be a prime number congruent to 1 modulo 4. By Proposition 4.1( 1) p can be written as p = a~, where o is a prime element in Z[i]. Ifweseto2=x+yi(x,yEZ),wehavep2=(r2~2=x2+y2. If we show x # 0, y # 0, we see that p is the length of the hypotenuse of the triangle whose three sides are 1x1, ]y], and p. If x = 0 or y = 0, the argument of cr is a multiple of 7r/4, and thus there exists an integer m such that a=mp,
wherep
E (1, 1 + i, i, 1 + i}.
This contradicts the uniqueness of the prime factorization in Z[i]. Next, it is easy to see that the equation 22 = x2 + y2 does not have a solution satisfying x # 0, y # 0. Let p be a prime number congruent to 3 modulo 4, and let p2 = x2 + y2 (IL.,y E Z). If we set a: = x + yyi, then we have p2 = a~%. By Proposition 4.1(2), p is a prime element in Z[i]. It follows from the uniqueness of factorization that Q = p x (kl, or * i ). This implies x=Oory=O. 0
4.1. METHOD PROOF OF PROPOSITION
OF
ALGEBRAIC
NUMBER
THEORY
107
only solutions to the equation We rewrite the equation as
x3
0.11. Proposition 0.11 states that the y2 = x3  4 are (x, y) = (2,2), (5,ll).
(y + 2i)(y 2i).
= y2 + 4 =
Notice that the product of y + 2i and y  2i is a cube. We will later show by using the unique factorization properties of Z[i] that each of y + 2i and y  2i is a cube in Z[i]. Thus we have r
(4.2) y + 2i = (a + bi)3
(a, b E Z).
Expanding
(4.3)
the righthand
2
side and comparing
I both side& we have ,,/
\ _ /
//’
= 3a2b  b3 = (3a2  b2)b. 12. If we rerespectively.
Therefore, b is a divisor of 2, and thus b equals one of kl, place b = 1, 1,2, 2 in (4.3), we have 3a2 = 3, 1,5,3, Thus (a, b) = (fl, 1) or (fl, 2).
It follows from this and (4.2) that y = 2 or 5, and we obtain 2 by substituting y in the equation y2 = x3  4. We use the following Lemma 4.2 for the remaining part of the proof.
LEMMA 4.2. Let A be one of Z[i], Z[a], Z[<a], and Z[v!?]. Let cq,.. , (Y,, p be nonzero elements of A, k a natural number, and a1 “‘cl, = /3”. Furthermore, if i # j, suppose oi and a3 are prime to each other. Then for each i, cq can be written as cq = u& with an element ,0i in A and a unit ui.
This lemma can be proved by counting how many times each prime element appears in the prime factorization of 01, . . , Q,, /3, just as the proof of Lemma 1.7 in $1.1. We now show that the equation x3 = (y + Zi)(y  2i) (x, y E Z) implies that y + 2i, y  2i are cubes in Z[i]. Let y be a prime element of Z[i] dividing both y + 2i and y  2i. Since y divides (y + 2i)  (y  2i) = 4i = i( 1 + i)“, we have y = (1 + i) x (unit). Writing y + 2i = (1 + i)e~, e 2 1, (Y element of iZ[i] not dividing 1+ i, we have y  2i = (1  i)“??, 1  i = (i) x (1+ i), and thus y  2i = (unit) x (1 + i)%. Hence,
Ql(Y2Q3 =X3,
(~1 = (unit)
x (1t i)2e,
~2 = Q,
03 = Cr.
108
4. ALGEBRAIC
NUMBER
THEORY
Any two of al, (~2, and a3 do not have a common prime factor. By Lemma 4.2 all of al, CQ, and 0s are of the form (unit) x (cube in Z[i]). It follows from this that e is a multiple of 3. Thus, y + 2i = (1 + i)“o is of the form (unit) x (cube in Z[i]). But the units fl, fi in Z[i] are all cubes. Hence y + 2i is a cube in Z[i]. 0
PROOF OF PROPOSITION 0.3. Proposition 0.3 is about the quation p = z2 + 2y2 (p is a prime number) and the residue of p dulo 8. If p f 5,7 mod 8, then (2,~)s = 1. Thus, there do no exist rational numbers 5 and y satisfying p = x2 + 2y2 (see the pr of of L Proposition 2.8). Next, let p = 1,3 mod 8. We prove that there exist z,y E Z satisfying p = x2 + 2y2. For an element o = x + yfl (z, y E Z) in Z[J2] we have CG = x2 + 2y2. Therefore, it suffices to show the existence of Q E Z[Jsatisfying p = CUZ. This can be done by replacing Z[i] by Z[v’Z] in the proof of Proposition 0.2 and using
the fact ( 2 > = 1. 0
PROOF OF PROPOSITION 0.10. Proposition 0.10 states that the only solution in natural numbers to the equation y2 = x3  2 is (x, y) = (3,5). Rewriting the equation as x3=(Y+J2)(yvq, we can show that both y + &2 and y  n are cubes in as in the proof of Proposition 0.11. (Here we replace Z[i] by Instead of the prime element 1+ i in Z[i], the prime element Z[J2] appears in the proof. We also use the fact that the Z[Jare fl instead of the fact that the units of Z[i] are We have y+J2=(a+bdq3 Expanding both sides and comparing Z[ J, Z[J. fl in units of ztl, zti.)
(a, b E Z).
the imaginary parts, we have
1 = 3a2b  2b3 = (3a2  2b2)b.
Therefore,
b is a divisor
of 1, and thus b = fl. (a, b) = (fl, I),
It follows
that
and we obtain
y = 55, x = 3.
0
PROOF OF PROPOSITION 0.4. Proposition 0.4 is about the equation p = x2 + 3y2 (p prime) and the residue of p modulo 3. If p s 2 mod 3, then we have (3,~)s = 1, and thus there do not exist
4.1.
METHOD
OF
ALGEBRAIC
NUMBER
THEORY
109
rational numbers z, y satisfying p = z2 + 3y” (see the proof of Proposition 2.8). Next, let p = 1 mod 3. We show the existence of 2, y E Z satisfying p = x2 + 3y2. For an element o = z + y&3 in Z[a] = it suffices to {a+bfl / a, b E Z}, we have 05 = x2 + 3y2. Therefore, show the existence of (Y E Z[&?] satisfying p = cr~r. Using the fa 3 = 1 and replacing Z[i] by Z’[&] in the proof of Proposition 0. , ( P > we can show the existence of ,6 E ?!?[<a] satisfying p = pp. On the ? other hand, it is easy to show that any element of Z[&] belongs to Z[a] after multiplying one of 51, &<s, &<i (these are all of the units of Z[&?]). If we set ck = up E Z[a], u E {*I, *<s, *@}, then we have p = pp = CUZ. 0
PROOF OF PROPOSITION 0.5. Proposition 0.5 is about the equation p = x2  2y2 (pprime number) and the residue of p congruent modulo 8. The proof of Proposition 0.5 is similar to that of Proposition 0.2. For an element o in Z[i] we considered the element (Y. For an element (Y = x + yfi(x, y E Z) in Z[Jz] we consider the element o’ = x  yfi. If p = 1,7 mod 8, then there exists cy = x + yfi E Z[Jz] (x, y E Z) such that
p = 3xm’ = *(x2  2y2). If p = cyo’,
QUESTION x3  1. QUESTION main, show that and (15, &58).
we set /? = (1 + a)~:
1. Show that
and obtain
is the only
p = ,0@‘.
integral solution
0
to y2 =
(z, y) = (1,O)
2.
Using the only
the fact that integral
Z [W]
is a unique of y2 = x3  11 are
factorization
do
solutions
(x, y) = (3, f4)
(b) x3 + y3 = z’. We give a proof of Fermat’s Last Theorem in the case 11 = 3. Our proof is essentially the same as the proof given by Euler. First, we give an outline without giving any detail in order to help understand the proof better. The strategy of the proof is to use the method we used to find integer solutions to the equation y2 = x3  4 and the method of “infinite descent”, which we used to prove Proposition 1.2 in $1.1.
and PROOF. Suppose we have integers x # 0, y # 0, z # 0. Among x, y, z satisfying x3 + y” = z3 those we choose x, y, z such
110
4. ALGEBRAIC
NUMBER
THEORY
that max(]z], ]y], ]z]) is the smallest. We then induce a contradiction by showing that there is another solution x’, y’, z’ such that
madx’l,
IY’I, Iz’l) < max(l4,
Ivl, 14,
2’ # 0, Y’ # 0, z’ # 0. The
outline of the proof is as follows. (i) First we show that we may assume that y, z are odd without loss of generality. (ii) Rewrite x3 + y3 = z3 as
x3 = (2  Y)(Z  C3Y)(Z  33Y).
(Notice that <,” = c3.) Use the same argument as the one we used to show that x3 = (y + 2i)(y  2i) implies both y + 2i and y  2i are cubes in Z[i], and we obtain the following. (iil) If x is not divisible by 3, then there exist c E Z and Q E Z[&] such that (1) z  y = 9,
(2) z  3Y = T3a3, (3) z  <3y = <37x3.
(ii2) If z is a multiple of 3, then there exist c E Z and o E Z[&] such that (1) z  y = 92,
(2) z  C3Y = (1  C3)03>
(3) z  c3y = (1  T3)$. (iii) Seta=a+b&(a,bEZ). (iiil) If x is not divisible by 3, it follows from (iil)(2)
y=u33ub2+b3,
that
z = u3 + 3a2b  b3.
Comparing
Hence we have zy = (a+b)(2ub)(2ba). this with (iil)(l), we have
c3 = (a + b)(2u  b)(2b  a).
We can show that any two of a + b, 2u  b, and 2b  a are relatively prime. Therefore, each of a + b, 2u  b, and 2b  a is the cube of an integer. Setting a + b =
(z’)~, 2u  b = (x’)~, 0, max(l4,
2b  a = (Y’)~
(d, y’, z’ E Z),
we have (x’)” + (Y’)~ = (z’)~, x’ # 0, y’ # 0, z’ #
IY’I, VI) < max(l4,
1~1,14).
(iii2) If x is a multiple of 3, it follows from (ii2) (2) that we have
~=a”6u2b+3ub2+b3, z=u3+3u2b6ub2+b3.
4.1.
METHOD
OF
ALGEBRAIC
NUMBER
THEORY
111
Thus, we have zy (ii2)(l), we have
= 9ab(a  b). Comparing
this with
c3 = ab(a  b). We can show that any two of a, b, and a  b are relatively prime. Hence, each of a, b, and a  h is the cube of an integer. Setting a = (z’)“, b = ‘)3, a  b = (1~‘)~(d, y’, z’ E Z), we obtain (z’)” + (Y’)~ (z’)3, 2’ # 0, Y’ # 0, z’ # 0, max(b’I, IY’I, 14) / “;
max(l4, lyl, 14.
To complete the details of (i), preliminaries (a) through (d). (ii), (iii), we need the fo> / mg (a) 1  (3 is a prime element in Z[&]. (We can prove this by the same method as the proof of 1 + i being a prime element in Z[i].) 3 = (1  <3)2 x (T3). In fact, if a prime 1 (b) IC, y, z are pairwise relatively prime. divides two of x, y, z, it divides the third because of the relation x3 + y3 = z3. Thus, (7, 7, f) is another integer solutiontoz3+y3=z3, and it contradicts to the minimality of
max(lxl, IYI, 1~1).
(c) If a prime element (Y of Z[&] divides two of z  y, z  <a y, and z  T3y, then o = (1  (3) x ( unit). In fact, if CYdivides, say, zy and z&y, then o divides (zy)(z&y) = (1&)y, and thus cy divides y unless cy is of the form (1  (3) x (unit). Since 01 also divides z  y, o divides both y and z, which contradicts the fact that y and z are relatively prime. The cases where o divides zy and z  <sy, or z  <3y and z  c3y are similar. (4 The ring ~[CY]/~Z[C 3 1consists of four elements 0, 1, C;, and 1 + <a. Thus any nonzero element in this ring is a third root of unity. The set of units in Z[&] consists of 3~1, zt&, iC3. The image of Ifrl in Z[&]/2Z[<3] is the class of 1, the image of i<3 is the class of <3, and the image of ztc3 is the class of 1+<3. About (i). It follows from (b) that only one of 2, y, z is even. Replacing (x, y, z) by (y, 2,~) or (z, y, z) if necessary, we may assume that both y and z are odd. About (iil). By (a), (c) and the fact that z is not a multiple of 3 we see that any two of z  y, z  cay/, and z  c3y are not divisible bv a common mime element in Zlt,~l. It follows from Lemma 4.2 that
112
4. ALGEBRAIC
NUMBER
THEORY
each of 2  y, z  &y, in Z[&]. Setting zy
and z  c3y is the product of a cube and a unit = up3 (U is a unit in Z[&], p E Z[(s]), we have (z  y)” = up”T$” = (L@)“.
Therefore (Z  y)” is the cube of an integer. By factoring into prime elements, we see that z  y is the cube of an integer. Next, we set _____j\___ z  &y = ucy3 (U is a unit in Z[&,] o E Z[(;]). It suffices to show ‘u = +c3. We consider it modulo 2Z[&]. Since y E z E 1 mod 2, we have wa3 E z  &y E 1  (3 E <, mod 2Z[&].
From this and the fact that the cube of any nonzero eleme in z[&]/2z[<3] becomes 1 (by (d)) we see that u = c3 mo 1 %I. Hence, we conclude v = *t3. About (ii2). Since 5 is divisible by 3, 2 is divisible by 1  &. We have x3 = (z  y) (z  &y) (z  <,y) and z  y G z  &y E z  t3y mod (1  &)iZ[&].
Therefore, each of zy, z &y, and z  c3y is divisible by 1  (3. We have z  Cay $ 32[&] = (1  &)‘Z[&], since if z  Cay E 32[&], both z and y are divisible by 3, contradiction to (b). If we set orda(5) = m and ords(z  y) = R, the equation x3 = (z  y)(z  &y)(z  <,y) implies 6m = 2n + 1 + 1. Thus, we have n 2 2. Hence, we have z  y = 9r,
z <3Y = (1 C3)P, iJ .3Y = (IC3)P
= rcpq, and no two of r, cp, and (r E z, cp E W31). W e h ave (;)” (p are divisible by a common factor in Z[&]. It follows from these and Lemma 4.2 that each of r, cp, and $5 is the product of a unit and a cube in Z[<s]. Therefore, we have z  y = 9c3 (c E Z) and z  &y = w(l  &)(Y3 ( v is a unit in Z[<3], Q E Z[(3]). It suffices to show that u = fl. By taking modulo 2Z[&], we have
Since the cube of any nonzero element in Z[C3]/2Z[&] equals 1, we have u E 1 mod 2iZ[c3], and thus w = &l. About (iiil). First, we have to show that a + b, 2a  b, and a  2b are pairwise prime. If 1 divides two of these elements, 1 divides 3a = (u + b) + (au  b) and 3b = 2(u + b)  (2~  b). But 1 divides zy, which is the product of these three numbers. Therefore 1 divides x3, and thus x. Hence 1 # 3 by hypothesis. Thus, 1 divides a and b, and by the expression of y and z in terms of a and b, 1 divides
4.2.
‘I’HE
HEART
OF
ALGERHAIC
NUMl%ER
‘I’HEOHY
11:1
both
y and (iii2)
Z, which
contradicts to (iiil)
(b).
Iv’l,
Next,
it is easy to see that tl
2’ # 0, Y’ # 0, 2’ # 0 and max(l4,
is similar
Iz’l) < max(l4, Ml 14).
and we leave it to the reader.
This proof of Fermat’s Last Theorem in the case n = 3 is related to elliptic curves. By setting X = &, Y = z. the equation x3 + y” = .z~ is written as
We denote this elliptic curve by E. Fermat’s Last Theorem in the case n = 3 is equivalent to the fact E(Q) = (0, (O,fl)}, which means that E(Q) is a group of order 3; i.e., E(Q) z Z/32. Suppose that we have an elment Q in E(Q) such that Q # 0, Q # (0, 51). When we replaced (2, y, 2) by (y, 2, Z) or (z, y, CC) in the proof above, it corresponds to replacing Q by (0,l)  Q or (0, 1)  Q. Finding (z’, y’, z’) corresponds to finding P E E(Q) such that Q = 3P. The fact max(]5’], ly’], ]z’]) < max(]z], ]y], ]z]) is reflection of the fact that the height of 3P is far greater than that of P.
,,,/
/’
4.2.
The
heart
of algebraic
number
theory
We will discuss the central facts in algebraic number theory, namely, about the ring of integers of an algebraic number field, prime factorization, the finiteness of class number and Dirichlet’s unit theorem. The last two are the two big theorems of algebraic number theory. (a) The ring of integers of an algebraic number field. All the rings appeared in the previous section, ;Z[i], E:[n], Z[&], and Z[fi] are examples of the ring of integers of an algebraic number field. We explain the ring of integers of an algebraic number field. Just as the rational number field Q contains the ring of integers Z, each algebraic number field K contains a subring called the “ring of integers of K” (written OK). For example, if K = Q(&), then it is known that
OK = z[<n] = { kai<:, z=o 1T
10,
~,...,a,
E Z}
114
4. ALGEBRAIC TABLE
NUMBER
THEORY
4.1 Q(a) Q(A)
Algebraic Its ring
number
field
Q
Q( &)
of integers
The definition of OK is as follows: such that Q: satisfies the equation an + Clck n1 +
0~
is the set of elements
0 in K
. . + c,, 1 0
for some n 2 1 and cl,...,c,, E Z. (The point here is that the coefficient of the highest degree (degree n) is 1.) An element in 0~ is called an integer of K, or an algebraic integer if we want to distinguish it from the usual integers. For example, <n satisfies (<7L)n  1 = 0, and thus it is an integer of Q(&). If we use the terminology of algebra, “integral closure”, 0~ is nothing but the “integral closure of Z in K”. See Appendix A, §A.1 for the generalities of “integral closure”. When K is a quadratic field (degree 2 extension of Q), then 0~ is given as follows. We write K = Q(6), where m is a square free integer different from 1. Then we have
We remark that i.e., it satisfies
if m E 1 mod 4, v
is a solution
of 1~’  z  v;
(See Table 4.1; note that Q(o) is the field consisting of all numbers obtained from Q and cy by four fundamental operations, and Z[o] is the set of numbers cv written as a polynomial with Z coefficients.) The ring of integers 0~ of K is isomorphic to iZ@” (n = [K : Q]) as additive group. In other words, there exist (3~1,. j Q~ E OK (n = [K: Q]) such that each element of 0~ can be writ,ten uniquely as , c, E Z). This can be shown as follows using Clcyl Jr. ..+CT,N,(C1,... the general theory of integral closure. In general, if A is an integrally closed Noetherian domain (see Appendix A, §A.l), F is the quotient field of A, K is a finite separable extension of F, and B is the integral closure of A in K, then it is known that B is a finitely generated
4.2. THE
HEART
OF
ALGEBRAIC
NUMBER
THEORY
115
Amodule. Let A = Z (and thus F = Q). Then we have B = 0~. and 0~ is a finitely generated Zmodule, that is, a finitely generated abelian group. Since 0~ does not have an element of finite order except for 0, the fundamental theorem of finitely generated abelian groups implies that there exists an integer n > 0 such that 0~ E Z@“. It is easy to see that this n is [K : Q].
scribed QUESTION above. 3. Prove that the ring of integers of a quadratic field is as de
(b) Failure of unique prime factorization. In the ring of integers of an algebraic integer field, the law of unique prime factorization (the condition (*) at the beginning of 54.1) may not hold, unlike Z, Z[JT], Z[n], Z[&], Z[Jz]. For example, in the ring of integers Z[J?Z?] = {u + bm / a, b E Z} of Q(m), there is no prime element dividing 3. In fact, we have (4.4) 3” = (1t
J26)(1  J26)
and even though the product of 1 + J26 and 1  &!% is in 3i%[q], neither is in 3Z[m]. Thus 3 is not a prime element in Z[J26]. If a: were a prime element of Z[a] dividing 3, the argument of Proposition 4.1 and the fact that 3 is not a prime element would impliy that 3 = ~3. If we write Q = IC + y&% (2, y E Z), we have 3 = x2 + 26y2, but it is easy to see that there are not such x and y. As this argument shows, the prime factorization does not work well with Z[&QG]. Thus, we cannot apply Lemma 4.2 to (4.4). In fact, 1 + &??6 and 1  m are not cubes in Z[m].
(c) Decomposition into prime ideals. As is explained in the previous paragraph, the prime factorization law may not hold for the ring of integers of an algebraic number field. However, the ring of intergers of algebraic number field has the “decomposition in prime ideals” instead. We now explain “ideals” and “prime ideals”.
DEFINITION
is called
an ideal
4.3. Let A be a commutative in A if it satisfies conditions group
ring. A subset (i) and (ii).
a of A
(i) a is a subgroup of the additive and “a,bEa =+ a+b,abEa”). (ii) a E A, b E a implies ab E a.
A (i.e., we have 0 E a
EXAMPLE 4.4. (1) For elements ~1,. , cy,, in A the set {uIcyl + . . + anan / ai, . . , a, E A} is an ideal of A. We call it the ideal of A generated by ~1,. , cy,, and we denote it by (~1,. . , a,,). In
116
4. ALGEBRAIC
NUMBER
THEORY
particular, for an elment o in A we have (a) = cuA. An ideal of the form (0) is called a principal ideal. We abbreviate (0) = (0) to 0 in what follows. (2) All the ideals of Z are principal ideals (n), n integer. In fact, if a is a nonzero ideal of Z, it is easy to show that a = (n), where n is a element of a whose absolute value is the smallest. An integral domain such that all of its ideals are principal ideals, such as Z, is called a principal ideal domain. We often abbreviate principal ideal domain to PID. Z[i], Z[J2], Z[&] and Z[Jz] are principal ideal domains (for Z[i], Z[G] and Z[&] see $4.3). DEFINITION 4.5. Let A be a commutative ring. An ideal p in A is a prime ideal if (i) and (ii) hold. (i) If a,b E A, ab E p, then a E p or b E p. (ii) 1 6 A (this is equivalent to p # A). EXAMPLE 4.6. (1) If A is an integral domain and o is a nonzero element of A, then we have (cy) is a prime ideal ++ a is a prime element
(2) All the prime ideals of Z are (p), where p is a prime number, and 0. DEFINITION 4.7. For ideals a, b in a commutative ring A define the product ab as the set of elements of the form Cy=“=,azbi (n > 1, ui E a, b, E 6). ab is an ideal of A. THEOREM 4.8. Let K be an algebraic number field and a an ideal of the ring of integers OK of K. Then a can be decomposed into the product of prime ideals of the form
a=pl...p, (r 2 0, pl,...,b
are nonzero in the following
prime
ideals
in OK),
and this decomposition is unique another decomposition
a=p\...pb (~20, pi,..
sense. If a admits
prime ideals in OK), we have
. , pb are nonzero pi,.
then we have r = s, and by renumbering p:=pz foralli=l,...,r.
. . , pb suitably,
The above decomposition of a is called the prime decomposition of a. Among pi,. . . ,pT, we regroup the same prime ideals and we
4.2. THE HEART OF ALGEBRAIC often write .pp
NIJMBEH
THEORY
117
a=pyl.
(g > 0, pi are distinct nonzero prime ideals of 0~ eZ 2 1). i; Thi theorem is a result of the fact that 0~ is a Dedekind domain (see AppL dix A, sA.1). Though it is an important theorem, we consider it to be~patimmof the general theory of algebra, instead of number theory. Thus, we do not give a proof here. We give a summary of the theory of the Dedekind domain in Appendix A. We recommend that the reader look up any booki of ring theory for detail. The argument goes roughly as follows. The ring Z is a principal ideal domain (see Example 4.4), and a principal ideal domain is a Dedekind domain. Thus, Z is a Dedekind domain, and OK, the integral closure of Z in K, is also a Dedekind domain (see Appendix A, sA.1; the integral closure of a Dedekind domain in a finite extension of its field of fraction is once again a Dedekind domain). In a Dedekind domain any nonzero ideal admits a unique decomposition into prime ideals (see Appendix A, 5A.2) An ideal of a Dedekind domain can be written as (~1,. . . , a,) with a finite number of elements (~1,. . . , cy, (see Appendix A, sA.1). However, a Dedekind domain is not necessarily a principal ideal domain, and an ideal may not be written as (a). EXAMPLE 4.9. Let K = Q(m). Consider an ideal GZ) ideals J26) but which = 6”. as an ideal it are not
a = (3, 1+ J?%),
in 01~ = Z[JZ%]. principal. We have The ideals
b = (3,1a, b are prime
(3) = llb,
Both sides decomposes of (4.4) as
(1 + J26)
cannot
= 113,
(1further,
be factored = ((1t J26)(1
(3”) = a”b”
 J26)).
Theorem 4.8 can be generalized to Theorem 4.12 below, which is a theorem concerning “the decomposition of fractional ideals into prime ideals”. ‘See, for example, M. Atiyah and I. G. MacDonald, Introduction to Commutatzwe Algebra, AddisonWesley, Reading, Mass., or Chapter 7 of N. Bourbaki Algibre Commutatzve, Herman, Paris.
118
4. ALGEBRAIC
NUMBER
THEORY
DEFINITION 4.10. Let K be an algebraic number a of K is a fractional ideal of 0~ if one of the following conditions holds.
field. A subset two equivalent ca is a nonzero of K.
an element finitely
c in 0~ generated
such that OKsubmodule
For an elementninKX1Ye denote by (0) @OK. A fractional ideal of the form (cr) (o E KX) fractional ideal.
the fractional ideal is called a principal
DEFINITION 4.11. Let K be an algebraic number field. For fractional ideals a, b in K we define the product ab as the set of all elements of the form Cy=“_, aibi (n 2 1, ai E a, b, E 6). ab is a fractional ideal of OK. THEOREM
tional
ideal
4.12. Let K be an algebraic of OK. Then a is written as a= Jp,
P
numberfield,
and a a frac
where p runs all nonzero prime ideals of except for a finite number of p. The set of is a group under the multiplication defined its identity element and the inverse of a is a ’
OK, ep E Z and ep = 0 all fractional ideals of 0~ in Definition 4.11; 0~ is given by
= {x E K / xa c OK}
This theorem, too, follows from the theory of the Dedekind dosince 0~ is a Dedekind domain (see Appendix A, ljA.2) It was Kummer who first showed, around 1845, that the law of prime factorization fails for the ring Z[&] (n > l), but the law of prime decomposition of ideals holds. To be precise, Kummer introduced the notion of “ideal numbers” instead of ideals. It was Dedekind who, around 1863, defined the ring of integers of an algebraic number field and the notion of ideal, and proved the law of unique prime decomposition for the ideals. The notion of ideals, which was born in number theory, became quite important in all areas of mathematics such as algebraic geometry (see, for example, D. Eisenbud and J. Harris, SchemesThe Language of Modern Algebraic Geometry). main
4.2.THE
HEART
OF
ALGEBRAIC
NUMBER
THEORY
119
(d) Ideal class the ideal class group braic number theory,
DEFINITION
group and unit’ group. It is considered that is the most impbrtant group appearing in algeand the unit group is the second. Let K be an algebraic number field.
4.13.
(1)
(2)
The ideal class group of K is the quotient ot the group of fractional ideals of 0~ (Theorem 4.12) by the subgroup consisting of principal fractional ideals (Definition 4.10). We denote it by Cl(K) or C1(0~). The unit group of K is the group Og, the group that consists all the units in OK. 4.14. and Let K be an algebraic (iii) are equivalent. number field. Then, condi
LEMMA
tions
(i), (ii) (i)
(ii) (iii)
The ideal class group Cl(K) is reduced to the identity element. The integer ring 0~ is a principal ideal domain. Every nonzero element in 0~ can be factored into the product of prime elements, and the factorization is unique in the sense of $4.1. The proof is left to the reader. consists of only one element, 0
PROOF. EXAMPLE
and the unit
4.15. If K = Q, Cl(Q) group of Q is Zx = {il}.
We discuss the meaning and importance of the ideal class group and the unit group. We can say that the ideal class group and the unit group measure the difference between “numbers and ideals”. The ideal class group is the cokernel of the homomorphism from Kx to the group of fractional ideals given by cy H (a), while the unit group is its kernel. The sizes of the kernel and the cokernel indicate how this homomorphism differs from an isomorphism. Also, Lemma 4.14 shows that the ideal class group measures the “failure of the prime factorization law”. For example, consider the prime factorization of 7 in the ring Z[J2]. We have (4.5) 7=(3+&?)(3Jz)=(5+3Jz)(53Jz) = (27 + 19&)(27  19fi) = ...
As we can see from the identity 3 + &’ = (5  3&)(1 + a)“, many different prime factorizations of 7 shown in (4.5) are obtained by
120
4. ALGEBRAIC
NUMBER
THEORY
such as (1 + a)“. Thus, the prime multiplying by a unit in a(&) factorization of 7 is unique in the sense of §4.1(*). But, since there are infinitely many units in Q(a), the situation of prime factorization in Z[fi] seems somewhat different from that of Z, as we can see in (4.5). Fermat did not arrive at the notion of the ring Z[Jz] or the units thereof, but he realized that “the equation 7 = x2  2y2 has infinitely many solutions suchas 7 = 322x12 = 522~32 = 27”2x1g2 = ... because the equation 1 = x2  2y2 has many solutions”, and he began to study Pell’s equation in Proposition 0.6 As this shows, the ideal class group and the unit gr of K indicate how the law of prime factorization in 0~ is different r that of Z. If we understand how different the properties are, w expect that we can understand K well (even if, for example, the 1 w of prime factorization, which played an essential role in $4.1,3 not hold). For this purpose it is important to know the ideal class group and the unit group. As we will see later, the ideal class group and the unit group play some mysterious roles, as they are related to zeta functions and class field theory. (e) Two main theorems in algebraic number theory. Here we introduce two important theorems, Theorems 4.16 and 4.21, concerning the ideal class group and the unit group. Proofs of these theorems will be given in Chapter 6, 56.4 in Volume 2.
THEOREM
field braic field.
is a jinite
DEFINITION
4.16. The group.
ideal
class
group
of an algebraic
number
number
4.17. The order of the ideal class group of an algefield is called the class number of the algebraic number K = Q(m). is 6. Setting pi%), We will see in 54.3 a = (3,l + &%), c =
EXAMPLE 4.18. Consider that the class number of K (2, v’?%?I), we have
a3 = (1+ and we have Z/32 (m,n) CE Z/2Z
c2 = (2),
3
Cl(Q(J26)); of c)” of real places
H (class of a)nL(class
In order to state Theorem and imaginary places.
4.21 we define the notion
1.2. THE
HEAItT
OF
ALGEBRAIC
NUMBER
?'HEORY
121
4.19. Let K be an algebraic number field. (1) A real place of K is a homomorphism from K to IR. (2) An imaginary place of K is a homomorphism 0 from K to @ such that u does not satisfy a(K) c R. We regard 0 and its conjugate a : K + @; 5 H g(z) as the same place.
DEFINITION
PROPOSITION 4.20.
the number of imaginary
Let r1 be the number of real places places. Then, we have [K: Q] =rl +27z.
and r2
PROOF. We know from field theory that there are [K: Q,] homomorphisms from K to C. Among those there are r1 homomorphisms whose image is contained in IR, and 2~ whose image is not in If& 0
THEOREM 4.21 (Dirichlet’s unit theorem). The unit group of an algebraic number field K is a finitely genera.ted abelian group. More precisely, if r1 is the number of real places, r2 is the number of imaginary places and r = r1 + r2  1, then we have
,,’
0; The finite cyclic of unities in K.
EXAMPLE
” i%” group
@ (finite
cyclic
group). formed by all the roots
above is the group
4.22.
For K = Q(a)
we have ri = 2, r2 = 0, and 1 nEZ}“Z@z/22.
o;r{f(l+JZ)n
In general, for a real quadratic field K (a quadratic field Q(Jm) with positive m) we have ri = 2, r2 = 0, and K does not contain roots of unity except for *l. Thus, there is an element E in 0: such that 0; = {*En 1 n E 25). unit in K. For example 1 + fi
Such a unit E is called a fundamental is a fundamental unit in Q(a).
EXAMPLE
4.23. 0;
If K = Q(fi),  q5)“;
we have ri = 1, rz = 1 and
n E Z} rzC3z/2z.
” {*(l
EXAMPLE 4.24. We have ri + r2  1 = 0 only when K = Q or K is a quadratic imaginary field (i.e., K = Q(Jm), m a negative integer; in this case we have r1 = 0, r2 = 1). Therefore,
OKx is a finite
group M K = Q or K is an imaginary quadratic field.
122
4.ALGEBRAIC
NUMBER
THEORY
EXAMPLE 4.25. Let c7 be a primitive Q(<T), then ~1 = 0 and r2 = 3.
7th root of unity.
If K =
EXAMPLE
4.26. If K = Q(cT + C;l),
then we have r1 = 3 and
We 4.26 are Let to Pell’s
square.
will explain below only Example 4.22. Examples 4.25 and parts of Iwasawa theory. They are also related to 54.4. us use Dirichlet’s unit theorem to prove a statement related equation (§0.4), in particular Fermat’s Proposition 0.6. 4.27. Let N be a natural number
PN = {(x, p& = {(x,!/) y) E Z x Z ) x2  Ny2 = H}, E
PN
’
’
PROPOSITION
that
is not
a
Define
1 32 > 1, !/ > 1). (x,y) H consisting 2 + yfl of all the
(1) There
is a bijection 0: PN + Z[m]‘; between the multiplicative group Z[fl] x units in Z[JN] and the set PN. of Pf, whose (2) Let (XO,YO) b e an elem,ent smallest. Then, (x0, yo) is an element of nate is also the smallest, and we have Z[Jlvl” Q(Ph) = {&(x0 + yoJNy
xcoordinate is the PA whose ycoordi
1 n E Z}, 1 n 2 l}.
= ((x0 + y0JN)”
From Proposition 4.27(2) we see that Z[filx = {k(l + fi)lL 1 n E Z}, since both z and ycoordinates of (1,l) E Pi are clearly minimal in Pk.
PROOF OF PROPOSITION
4.27. We show (1). The map
f:Z[v%]+Z;
x+yv%+(x+yv%)(xym)=x”Ny”,
4.2.
THE
HEART
OF
ALGEBRAIC
NUMBER
THEORY
123
(z, y E Z) preserves multiplication. Thus, to the units in Z, namely, fl. Therefore, x + yv% E I+‘%]’ M
it maps the units we have x2  Ny2 = zkl
in ;Z[fi]
for any 2, y E Z. (1) follows from this. To prove (2) we note that if u = ~7:+ yfi we have {&IL, &ul} = {x + y&v, xyyJN,x+yJN,xy&v).
E Z[filx
(2, y E Z),
\
Therefore, if u # 61, one and only one of fu and fu’ belongs to 0(%). We prove (2) using Dirichlet’s unit theorem. First we show that the group Z[&V] x is an infinite group. Let K = Q(m). We have Z[&V] C OK, and it is easy to see that there exists a natural number m such that mOK c Z[fi]. By Dirchlet’s unit theorem 0; has an element u of infinite order. We prove that un E ZIJNlx for a certain n > 1. Since (O,/mO,)X is a group of finite order, there exists n > 1 such that the image of un in (O,/mOK)’ is 1. Thus, both n  1 and U~  1 belong to mOK, and both un and uAn belong to ;,fi]. H ence we obtain un E Z[V%]’ . Therefore, Z[fi] ’ is an infinite subgroup of 02 E Z@iZ/2Z, and it contains fl. Thus there exists E E Z[&Vlx such that Z[fi]’ = {ztzn / R E Z}. By replacing E by 3~ or fe’ if necessary, we may assume that E E d(Pf,i). Let E = XI+ ylv’% (21, y1 natural numbers). Then for n > 2, we have (Xl + y1 JN)” = 2’ + y’fi, x’, y’ E z, 5’ > Xl, y’ > y1. and ) 0
This means that (21, yi) is an element in PA whose zcoordiante ycoordinate are minimal. Hence we have @(PA) = ((51 + ylfi)” n 2 l}. Finally, we prove Fermat’s Proposition 0.6.
PROOF OF PROPOSITION 0.6. Ifo E Z[v’8]‘, we have f(o”) = f(a)” = (11)2 = 1, where f is the map defined above. Therefore, elements (z> y) in the subset of P,TJ that corresponds to the infinite set {cy” 1 a E Z[&V]x} through Proposition 4.27(l) satisfy the equation x2  Ny2 = 1. Therfore, this equation admits an infinitely many soulutions. cl
124
4. ALGEBRAIC
NUMBER
THEORY
4.3. The class for imaginary
number quadratic
formula fields
In order to study the arithmetic of an algebraic number field, it is important to know its class number. In this section we explain how the class number of an imaginary quadratic field is related to a value of a < function, and how it can be computed using this relation. Let K be an imaginary quadratic field (a quadratic field that cannot be in R). We have K = Q(e), where m is a square free integer satisfying m < 0. Define N= i By computing there is a unique ( y using ) Dirichlet x: such that for any prime I;“‘, ifmcl if m E 2,3 the quadratic character + {il} c Cx m we have mod4, mod 4. law, we see that
m
reciprocity
(Z/NZ)X number
m (1 P
p not dividing = x(p mod N)
(4.6)
(see Question 4 in Chapter 2). The character explicitly as follows. For an integer a relatively
x can be expressed prime to N we have
x(u mod N) = (n
where 1 runs as follows. (1) If m (2) If m mod (3) If m 0(u) all odd prime numbers
I
(:))
dividing
O(U),
m,
and e(a)
is defined
E 1 mod 4, then 19(a) = 1. E 3 mod 4 and a E 1 mod 4, then 6(u) = 1; if m E 3 4 and a E 3 mod 4, then e(u) = 1. is even, then 19(u) = 1 for a E 1, 1  m mod 8 and = 1, otherwise.
The above definition of x may seem complicated. It is possible to define it in a simpler way using the material in Chapter 5, $5.2 of Volume 2 as follows. Since K c Q(<N) (<N is a primitive Nth root of unity), we define x using Galois theory as follows: (Z/NZ)X ” Gal(Q(C,v)/Q) ir) Gal(K/Q) ” {*l}
c
cx.
4.3.
THE
CLASS
NUMBER
FORMULA
125
(We will explain is the restriction
the first isomorphism of an automorphism
in Chapter 5 in Volume of Q(&) to K.)
2. (*)
THEOREM 4.28. Let K be an imaginary quadratic field and m, N, and x as above. Let hK be the class number of K, and wK the number of roots of unity contained in h’. Then we have
hK = yL(o,X) Theorem 4.28 will be proved = FL&X). in Chapter 7, 57.5 in Volume 2.
WKfi
QUESTION 4. Show that WK = 4 if K = (@(Jl), WK = 6 if K = Q(&3), and UJK = 2 for any other quadratic imaginary field K.
By Corollary
3.21 we have Let K, m, hK = $c
a=1
COROLLARY 4.29.
and N be as above. ax(a).
We have
Theorem 4.28 or Corollary 4.29 is called the class number formula for the imaginary quadratic fields. Let us compute the class number of some examples using the class number formula.
EXAMPLE 4.30.
and x : (iZ/4Z)’ 1. By Corollary
K = Q(a). + Cx is given 4.29 we have eax(a)
a=1
Then, we have WK = 4, N = 4, by x(1 mod 4) = 1, x(3 mod 4) =
hK = & Note that using
wKV@
= i(l
 3) = 1.
Theorem
4.28, we have 4x2 = 7 . L(l, x) = ; . L(l> x) .
hK = FL&X) Therefore, Leibniz’s formula
L(l,x)=l~+::+~lll+...a shows that hK = 1. It seems rather mysterious that Leibniz’s formula is related to the fact that the class number of Q(n) is 1. This is the entrance to the “third mystery of the C function”.
126
4. ALGEBRAIC EXAMPLE
NUMBER
'THEORY
and 1.
x : (Z/S@’ By Corollary
4.31. K = Q(a). + cx is given 4.29 we have 2 z 3 &zx(u)
a=1
Then, we have WK = 6, N = 3, by x(1 mod 3) = 1, x(2 mod 3) =
hK=
= (l we have 7T
 2) = 1.
Using
Theorem
K
4.28 once again, ~.
h =sxa
Thus, Euler’s
L(l,x) = 27r formula L(l,x) = &
expresses
the fact that
the
class number of Q(a) is 1. Note that even if we do not know that the exact value of L(1, x) is &, we may be able to obtain hK = 1 from the formula hK = @ . L(1, x). 7r For, the formula L(l,x) implies = 1  ; + ;  ; +. . . < 1
hK = *.
T
L(l,x)
and hK = 1 follows from this inequality number. As we can see from this example, we may be able to compute hK from together with some the class number formula hK = eL(l,y), approximate value of L( 1, x) .
EXAMPLE 4.32. K = Q(m). We have WK = 2 and N = 4 x 26 = 104. In the proof of Proposition 2.8(3), we calculated (fi) for an integer a relatively prime to 104. Using this, we see that x(u) = 1 if and only if a mod 104 is one of the following:
< !+ < 2, 7r since hK is a natural
1, 3, 5, 7, 9, 15, 17, 21, 25, 27, 31, 35, 37, 43, 45, 47, 49, 51, 63, 71, 75, 81, 85, 93. It follows from this that Cp!i UX(U) = 624, x (624)
number following formula fields:
and thus we have = 6.
for the Q( J??), imaginary Q(JT), quadratic Q(Jq)
hK =  &
QUESTION find the Q(J10). 5. Using the class class number of the
fields, and
4.4.
FERMAT’S
LAST
THEOREM
AND
KUMMER
127
Baker and Stark proved in 1967 that the only imaginary quadratic fields whose class number is 1 are the following nine fields: Q(Ji), Q(m), Q(J2), Q(m), Qw1, Q(v3, Q(d=@), Q(Jil), Q(d=%).
Gauss conjectured that there are infinitely many real quadratic fields whose class number is 1, but this assertion has not been proved to this date.
4.4. Fermat’s
In order
Last Theorem
Last Theorem:
and Kummer
to show Fermat’s
If n 2 3 and (z, y, Z) is an integer then it is odd n = have
solution
to x7L + yTL = zn,
zyz = 0,
sufficient to show this assertion when n = 4 and when n is an prime number. For, if Fermat’s Last Theorem holds for m and m . I, the equation xn + yn = 2” implies xyz = 0 because we (z~)~~ + (y”)” = (z’)~. We proved the case n = 4 in Chapter 1, 51.1 and the case n = 3 in Chapter 4, $4.1. We consider the case where n is an odd prime number greater than or equal to 5. Following Kummer, we divide this into two cases: the case where none of x, y, z is divisible by p (the first case), and the case where one of 5, y; z is divisible by p (the second case). Kummer proved Fermat’s Last Theorem in the case n = p under the assumption that the class number of Q(&,) is not divisible by p. In the following we discuss Kummer’s proof in the first case.
(a) Proof
of the first case.
PROPOSITION 4.33. Let p be a prime number greater than or equal to 5. Suppose that the class number of Q(&) is not divisible by p. If none of x, y, z E Z is divisible by p, then x, y, z do not satisfy
xp + yp = 2. Unlike Q(&), x3 + y3 = z3 in often fails. This the class number In the proof of which $4.1, the is where of Q(6) Proposition we considered in relation to the equation law of unique prime factorization in Q(&,) the difficulty lies. (In fact, it is known that is not 1 if p is greater than or equal to 23.) 4.33 below we overcome this difficulty
128
4.ALGEBRAIC
NUMBER
THEORY
by studying the ideal class group and the unit group. The ideal class group appears in Proposition 4.33 under the form of the “class number”, and the unit group plays an important role in the proof of Proposition 4.33 (see Lemma 4.36 below). The following lemma replaces Lemma 4.2, which was proved in 54.1 using the unique prime factorization.
LEMMA 4.34. Let K be an algebraic number field, al,. , a, and b nonzero ideals of OK, k a natural n,umber and al . . . aT = 6”. Furthermore, if i # j, we suppose that a, and a3 are relatively prime (i.e., there is no prime ideal dividing a, and a3 simultaneously). Then for each i there is a nonzero ideal bi in 0~ such that ai = 6:.
This lemma can be proved by considering how many times each prime ideal of OK appears in the prime ideal decomposition of a,. and 6. This is similar to the proofs of Lemmas 1.7 and al,..., 4.2, where we used the unique prime factorization of numbers. We will prove the following Lemma 4.35 in Chapter 6, 56.3(e) in Volume 2.
LEMMA
Q(c)
(2)
4.35. Let p be a prime number. by A for simplicity. Then we have:
We denote
cP by <, and
(1) A = WI. [Q(c): Q] = p  1 (lefth an d sz.d e is the degree of jield eztension). (3) The only roots of unity in Q(c) are of the form *(pth root of unity) . (4) The ideal (1  <) zs a p rzme ideal of A, and (p) = (1  0Pl is the prime ideal decomposition of the ideal (p) in A. (5) For 1 < i 2 p  1, we have (1  <) = (1  <“).
PROOF OF PROPOSITION 4.33. We keep the notation < and A of Lemma 4.35. We suppose (z, y, 2) is an integer solution of zp+y” = 9 satisfying p { xyz, and we derive a contradiction. By dividing by t,he greatest common divisor of (x, y, z), we may assume that the greatest common divisor of (2, y, 2) is 1. Because of the equation XP + yp = 9, a prime factor of any two of x, y, z divides the third. Thus, x, y, z are pairwise relatively prime. Moving y” to righthand side and factoring the equation in A = Z[<], we have
(4.7)
1.4.
FERhlA’l”S
L4S’I’
THEOIIE~l
AN13
KU~IIVE:H
129
Using the fact that p does not divide the class number, we show there exist a unit u in A and an element a in A such that
(4.8) z <y = u. ap.
that
To do so, we first show that the ideals (Z <‘y) (0 < i < p l), which relatively prime. appear in the righthand side of (4.7), are pairwise Let 0 < i < j 5 p  1 and let p be a nonzero prime ideal that divides both (Z  <“y) and (z  <J y). It follows from the fact z <“y, z  CJy E p that (C’  <J)y/, (<”  <J)z E p. Thus, we have cc1  PHY, 2) c P. s ince y and z are relat)ively prime: we have (y,z) = (1). By Lemma 4.35(5), we have (1  <I“) = (1  <). Since (1  <) is a prime ideal (Lemma 4.35(4)), we have (1  <) = p. By (4.7) we have xP E p. and t)hus we have x E p. Since p n Z = (p), we have p 1 x, which contradicts the hypothesis p + xyz. It follows from Lemma 4.34 that the ideal (z<“y) (0 < i 5 p 1) is the pth power of an ideal 6, in A. If we set (Z  <y) = ap, the pth power of the class of a in Cl(A) is the identity element. But, the order of Cl(A) does not divide p, and thus the only element whose pth power is the identity is the identity itself. Therefore, a is a principal ideal. Let a be a generator of a. Then we have (Z  <y) . aep E AX, and (4.8) is proved. Before going further, we show that we may assume y $ z mod p. If y E z mod p? then we use the substitution xi = 2, zi = x. Then we have ~7 + y” = z:. It suffices to show that y $ 21 mod p. If not, we have IC E y E Z mod p, and thus we see 2s” E xv mod p by substituting in xp + yP = zP. S’mce p # 3, we have x 3 0 mod p, which is a contradiction. In order to derive a corkradiction from (4.8) we use the following Lemmas 4.36 and 4.37.
LEMMA 4.36. Let p be an odd prime number, and let < und A be the same as in Lemma 4.35. Let r : Q(() + Q(c) be the complex conjugution, and let B = {a E A 1 T(Q) = a}. If p,, = {CL 1 0 < i < p  l}, then we have
AX = pP x BX. We will prove Lemma 4.36 later using Dirichlet’s unit theorem.
LEMMA 4.37. We denote also by r the automorphzsm of 2 = A/pA mduced by 7. Let 2 = {a E A ( ~(01) = 0~). Then we have the following: (1) ,4 basis of 2 over IF, is given by {Cl 1 1 ( % 2 p  l}.
130
4. ALGEBRAIC
NUMBER
THEORY
(2) A basis of B ower IF, is given (3) xp = {a” in B. Let us show Lemmas 4.36 and exist <’ E pp and and from Lemma <‘l (z  <y) mod cording to C’. In E 2 ) cu E A}
by {<’ + CPi 1 1 < i < q}. to IF,, and it is contained
is equal
that (4.8) induces a contradiction once we admit 4.37. First, it follows from Lemma 4.36 that there u E BX such that u = <‘u. We have u mod pA E B, 4.37 we have ap mod pA E B. Thus, we have pA = uap mod pA E B. We divide into cases acthe following we omit “mod PA” for simplicity.
(a) If <’ = 1, then z  <y E B. Since z E B, we have y< E B. It follows from Lemma 4.37(l) and (2) that y = 0 mod p, which contradicts the assumption. (b) If C’ = <, then z . Cl  y E B. Since y E B, we have z Cl E B. It follows from Lemma 4.37(l) and (2) that z E 0 mod p, which is a contradiction. (c) If I’ # 1, <, then z. C’’  y<<‘l E B. By Lemma 4.37(l) and (2) we have C’ = <<‘l and y z z mod p. This also contradicts the assumption. Therefore, if we admit Lemmas 4.36 and 4.37, we have finished the proof of Proposition 4.33. We now prove Lemmas 4.36 and 4.37. We first prove Lemma 4.37.
PROOF OF LEMMA 4.37. From Lemma 4.35(l), (2) and the fact 1+ < + ‘. . + p1 T 0, we can take {<” 1 1 5 i < p  l} as a basis of A over Z. Thus, {<” 1 1 < i < p l} is a basis for 2 = A/pA over IF,. This shows (1). Since 7 sends <” to <“, (2) follows easily from (1). Let us show (3). Take cy = CrI; aici E 3, a, E F,. In a ring, such as A, in which p equals 0, the pth power map preserves addition and multiplication. Thus, we have ap = CTil aL E F,. Therefore, we have A” = F,. The other assertion is clear. 0 PROOF OF LEMMA 4.36. It suffices to show that the canonical Consider the homomorphism map pup + AX/B x is an isomorphism. of groups f : Ax + AX given by f(a) = Q/~(Q). The kernel of this homomorphism is given by (0 E AX I (u = T(D)} and it equals Bx Thus the image f(AX) is isomorphic t,o AX /BX. On the other hand, the restriction of f to pp is the square map pp + pp, and it, is an isomorphism onto pp. Thus, it suffices to show that the image f(AX)
equals
fbp)
= Pp.
4.4.
FERMAT’S
LAST
THEOREM
AND
KUMMER
131
First we show that f(AX) is finite. It suffices to show that BX has finite index in AX; i.e., the ranks of AX and BX as finitely generated abelian groups are the same. (An T such that ” 2ZBr @ (finite abelian group) is called the rank.) Let K = {cl E a$(() I T(Q) = a} = Q!(( + <I).
The ring B is the ring of integers of K. We compute the rank of AX and of BX using Dirichlet’s unit theorem. First Q(c) does not have a real place and the number of the complex places is $ [Q(C) : Q] = q. Thus, by Dirichlet’s unit theorem, the rank of AX is &$  1. Next, K does not have a complex place and the number of the real places is[K:Q]=%$. Th us, by Dirichlet’s unit theorem the rank of BX is also &$  1. Thus the finiteness of f(AX) g Ax/B’ is proved. consists of roots of unity in Q(&). Therefore, the image f(AX) It follows from Lemma 4.35(3) that the set of all the roots of unity in Q(c) equals {+$ 1 0 5 i 5 p  1). We have already seen that pLp c f(AX), and thus it suffices to show 1 @ f(A”) in order to prove ,+ = f(AX). It suffices to derive a contradiction assuming cy E AX and T(Q) = (Y. It follows from Lemma 4.35(5) that 7 preserves the ideal (<  1). S’mce A/(<  1) g IF,, the action of 7 on A/(<  1) is trivial. This contradicts the fact T(Q) E a~ mod (<  1). 0 (b) Kummer’s criterion. For which prime number p does Kummer’s assumption, “p divides the class number of a(&)“, hold? Kummer proved the following theorem, which relates this question to the values of the < function. The following theorem is called Kummer’s criterion.
THEOREM
(i), (ii), (i) (ii) (iii)
4.38. Let p be a prime and (iii) are equivalent. prime number p does not
number. divide
Then
the conditions number of
The
the class
Q,(G). For any negative odd number m the numerator of ((m) is not divisible by p. For any negative odd number m satisfying Irnl < p  4, the denominator of C(m) is not divisible by p. between c(m) and ((1 m) to the following condition shown (iii)‘. in 53.3, to p  3,
Thanks to the relation condition (iii) is equivalent (iii)’
For all positive even numbers f less than or equal the numerator of <(r)r?’ is not divisible by p.
132
4. AI,GEUI~AI(
NUMBER
THEORY
Using Example 3.23, we see (iii). The above theorem implies that all the prime numbers p less than or equal to 17 satisfy the condition, “p does not divide the class number of Q(&)“, but 691 divides the class number of Q(&i). We discuss Kummer’s criterion at the beginning of Chat,per 10 in Volume 3.
Summary 4.1. A finite extension of the rational algebraic number field. Algebraic number that studies algebraic number fields. number field is called an theory is a poweful theory
4.2. Just as we have the ring of integers in the rational number field, an algebraic number field K contains a ring called the ring of integers of K and it is denoted by 01~. In 0~ each element may not be factored uniquely into the product of prime elements, but any ideal may be factored uniquely into the product of prime ideals. 4.3. For an algebraic number field two important groups, the ideal class group and the unit group, are defined. These groups measure the difference between numbers and ideals. There are two important theorems: finiteness of the ideal class group and Dirchlet’s unit theorem. 4.4. These groups are related to { functions. In this chapter the relation between the ideal class groups of quadratic number fields and C functions (the class group formula for the quadratic number fields) is discussed.
Exercises 4.1. Let p be a prime properties (i) and (ii) are number of Q(n) is 1. (i) There exist integers (ii) p E 1,2,4 mod 7 or number. equivalent, Show that the following two using the fact, that the class p = x2 + zy + 2y2. t,wo
z and y satisfying p = 2,7.
4.2. Let n be a natural number. Show t,hat, the following properties (i) and (ii) are equivalent. (i) There exist integers z and y satisfying n = 2’ + y2.
EXERC‘ISES
1x3
(ii)
ord,(n) ulo 4.
is even for any prime
number
p congruent
to 3 mod
4.3. Let p be a prime number congruent t,o 1 modulo 4 and let n be a natural number. Show that there exists a unique triangle with integer sides such that the length of the hypotenuse is p” and the greatest of common divisor of the length of three sides is 1. 4.4. Show that the unit group of Q(d) ideals that is {~t(2+&)” of a Dedekind 1 rl E Z}. domain
4.5. Let a and b be fractiona. (see Appendix A. 5h.2). Suppose a= rJPQ>
P
A
b = npb,
P
are prime factorizations of a and 6. (Here p runs tjhrough all nonzero prime ideals of A: and up and b, are integers that nonzero only for a finitely many p’s) Define cP = max(aZp, and d, = min(ap, hp). Show that the prime factorization of fractional ideals of A, a n b and a + b = (2: + y 1 z E a. y E 6) given by
the are bp) t)wo are
P
(see Appendix
A, 9A.2): is 2. and the only t,he fact Fermat‘s
4.6. Using t,he fact that the class number of Q(a) thus it is not divisible by 3, show that (2, ;y) = (6,14) is natural number solution of y2 = 2”  20. (In 54.4 we used that the class number Q(&) is not divisible by p to prove Last Theorem in the first case. Use a similar method.)
APPENDIX
A
Rudiments
In this appendix Dedekind domains. ring. A.l. A ring tions:
on Dedekind
domains
we give a summary on the fundamentals on In what follows a ring means a commutative
Definition
of a Dedekind
domain the following condi
A is a Dedekind domain if A satisfies
(1) A is a Noether ring. (2) A is an integrally closed domain. (3) Any nonzero prime ideal of A is maximal. tion. This Let us explain the terminology that appears in the above definiA ring A is a Noether ring if A satisfies the following condition: (1) Any condition ideal of A is finitely generated. conditions: is equivalent to any of the following
chain of ideals of A, (2) If ai c a2 c a3 c . . is an ascending then there exists N such that aN = aN+i = a&7+2 = . (3) If Q is a nonempty set of ideals of A, then there exists an ideal a in Q satisfying the condition: If b E 9 and b > a, then b = a. (4) Any submodule of a finitely generated Amodule is again finitely generated. A ring A is a domain the condition: for a, b E A if A is different from (0) and if it satisfies
ab = 0 implies
a = 0 or b = 0.
If A is a subring of B, an element z in B is said to be integral over A if x satisfies an equation with coefficients in A:
xn + UlX n1 +.
+ (Jr2= 0
(a, E A, n is a natural
13 :,
number
).
The set {X E B 1 J: is integral over A} is a subring of B. This subring is called the inte.qml closure of A in B. If A is a domain, the integral closure of A in its field of fractions is called the integral closure of A. If the integral closure of A equals A itself, then A is said to be integrally closed. An ideal a in A is a prime ideal if the quotient ring A/a is a domain. This is equivalent to (1) and (2) below: (1) If ab E a, then a E a or b E a. ring .4/a is
(2)
1$
a.
An ideal a in A is called a maximal ideal if the quotient a field. This is equivalent to (1) and (2) below: (1) An ideal of A containing a is eit,her A or a.
(2)
I@ a.
A maximal ideal is a prime ideal, but the converse does not, hold in general. For example, the zero ideal of Z is a prime ideal but not a maximal ideal.
EXAMPLE A.1 (Dedekind domain). (1) A principal domain (see Example 4.4) is a Dedekind domain. (2) Let A be a Dedekind domain, and K its field of fractions. If L is a finite extension of K and B is the integral closure of A in L, then B is a Dedekind domain.
A.2. Fractional ideal
Let, A be a domain. A fractional ideal of A is a nonzero finitely generated Asubmodule in the field of fractions K of A. For a nonzero ideal element a E KX , the set (a) = {ab 1 b E A} c K is a fractional of A. Such a fractional ideal is called a principal fractional ideal. For fractional ideals a and b of A we define the product a. b as the Asubmodule of K generated by a. b (a E a, b E 6). If for a fractional ideal a of A there exists a fractional ideal b satisfying a. b = A, a is said to be invertible. Since (a) . (a‘) = A, any principal fractional ideal is invertible. The set D(A) consisting of all invertible fractional ideals of A is an abelian group under the multiplication defined above. The ideal A is the identity element, and the inverse of a E D(A) is given by f D(A) given by a H (a) is a‘={bEK/bacA}. ThemapKX a homomorphism of groups, and its kernel equals AX.
THEOREM A.2.
all nonzero prime
Let A be a Dedekind ideals of A. Then
domain
and 5’~ the
set
of
R.2.
FRACTIONAI>
InEAL
I37
(1)
(2)
Any fractional ideal of A is in,vertible. Let Z(‘.l) be the free abelian group generated
the natural map
by S.4.
Then
Z(““)
is an (3) that isomorphism for any
+ D(A);
(eP)PESa
H
n
PESA
p’p
of groups. an,{1 b = n have
For a = n p’p
p”; , a c b is equivalent
to the
fact
p we
ep > eb.
For a Dedekind domain A the cokernel of the natural map KX + D(A) is called the ideal class group of A and written Cl(A). We rincipal fractional ideals}. A is a have Cl(A) = {fractional ideals}/{p principal ideal domain if and only if Cl(A) = 0.
Answers
In what follows we write p divides the integer
to Questions
ord,(a) a (see to indicate which 51.3 and 52.4). power of the prime
number
Chapter
1 T. For any 1 0, we have 2 0 for all
1.1. Suppose that a is the square of a rational number prime number p we have ord,(a) = 2ord,(r). Since ord,(a) ord,(r) 2 0. The number T is an integer since we have ord,(r) prime numbers p.
1.2. Suppose that p is a prime factor of a,. By hypothesis we have ord,(a,) = 0 for all j different from i. Thus, we have ord,(ar . ..a.) = ord,(a,). On the other hand, since ai a, is a kth power, ord,(ur a,) is a multiple of k. Thus, for any prime number p, ord,(a,) is a multiple of k. This implies that a, is the product of integers of the form pkn’ (m is a natural number), and thus u7. is a kth power. 1.3. Let (~,y) be the coordinates of the nonzero element P in E(K). Then, the coordinates of P are (2, y). The condition 2P = 0 is equivalent to the condition P = P. Thus, it is equivalent to y = y, i.e., y = 0. If K is an algebraically closed field, there are three nonzero elements P in E(K) whose ycoordinate is 0. Therefore, {P E E(K) 1 2P = 0} is a group of order 4. Since twice of every element in the group E(K) is 0, we see that E(K) is isomorphic to Z/22 G? Z/22. 1.4. The first part we have A/2A = {0}, is easy. As for the but A is not finitely second part, generated. take A = Q. Then,
Chapter 2.1. For example, (y, g). circle and the line with slope Th’ is is the 3 passing
2 point of intersection through (2,l). between the
2.2. is very C1,0)
It
suffices to the (&,
to find rational &)
a rational point 
point (h55).
on the The , while
circle slope the
r2
+ yi line
=
1 that joining line
close and
of the slope
is fi
1 =
0.414
of the
joining (1,0) and ($$. =) is & = 0.416’.., as we have seen in the text. Thus, it suffices to take the line passing through (0, 1) whose slope is 0.415 and to find the other point of intersection with the circle. A calculation shows tha.t the coordinate of the other point of intersection is given by (&cug), and we see that 33111’ + 33200’ = 46889’.
2.3.
(@ = ($) (;) = (1’, (;)(1,“”
= (5).
numbers
2.4. Factor and T E {&2”
m as rn = 11 lk .T, where 11, , lk are odd prime / n. > O}. If n, is odd, we have T E {fl}, and
(F) =(~)...($)(k)
=G).~4>
Similarly, if rrt is even, we have 2.5. The fact that the circle point can be seen from the fact or p = 3. 2.6. 2.7. ord,(C:l,,c’ The equation shows large. that (2.9) we &)
x
(number
determined
by p mod
4).
(;) =C)...(%>
x
(number
determined
by p mod
8).
gr’ that
 &y2 = 1 does not have a rational (g, $)P = (15, l)P = 1 if p = 2
= ord,, is equivalent have Crl,,
(K) to c,“=,, 6 x (5)’
> n + 1. 6 x (5)’ c = 1 (5addically). 5” when ?TL is
The latter sufficiently
1 mod
2.8.
3” 
Wehave~=~=13+3233"+3'3~++3"...=6133;'+ Therefore, 61 is the inverse greater cy as ‘I, of i. than 1, then the Nadic expansion
2.9. If N is a natural number of a real number cy is to express cY= 2 a,3 Il=nL
a,,~{O,l,...,
Nl}.
On the other hand, the padic expansion of a padic number is of the form c,TTV=,, a7&. The difference is that in the padic expansion of a real number, the terms p7’ with negative n may appear infinitely many times and the terms p” with positive n appear only finitely many times, whereas in the padic expansion of a gadic number the terms p” with negative n may
ANSLVERY
‘I‘0
QUES’l’IONS
141
appear infinitely
only finitely many many times. The existence fact that &1 If Q,
times
and
the
terms
P’~ with
from
positive
n appear
2.10.
and the 2.11.
of a square root are squares in IF5 from of 1
of a follows
Proposition
2.18
p # 2, it follows
has a square root
Proposition u
2.18 Fp has and
that root 1 of 1 8 that
a square the fact
If @
p = 2, it follows
does not have
from Proposition 2.18 a square root of 1.
$ 1 mod
2.12. It follows K of characteristic and
from field theory that any quadratic different from 2 is of the form K(A),
extension of a field (u E K, J71 @ K),
K( \/;;)
= K(A)
u
ab5 ’ is a square
in K
Thus, the correspondence that associates a mod (KX)” (u E K, fi 6 K) to K( ,,6) is a onetoone correspondence between the quadratic extensions of K and the elements of KX/(KX)* different from the identity. If p # 2, then the order of Q,” /(Qc)” is 4 (Proposition 2.19(l)). Thus, the number of quadratic extensions of Qj is 4  1 = 3. Furthermore, the group Qc /(at )” consists of classes of 1, 2, 5 and 10, and thus Q5 (A), Q5 (A) and Q, ( fl) are all the quadratic extensions of QR.
Chapter
3.1. By Proposition 3.3(l) we have 1
fP i + n
3
h,(i)= 1.127~iCC 2
,,FE
1
2n > =&~A&
On
the 3.2.
other Use (n2 :
hand, the 1)”
we have
hr (i)
=  &
,‘~~~~~~~~~~.
formula 1 = q&p 1 1
i+n +& >
4(i ~ n)”
4i +
3.3. The image of x is the set of all the nth roots of unity {C:; 1 1 < T < n} for some rt > 2. Let k be the order of the kernel of x. For each ‘r satisfying 1 < T < n, x takes the value <ii on I; different elements in G. Thus, C,ec; x(a) = x;:, k. C,‘; = 0.
142
ANSWERS
7’0
QUESTIONS
3.4.
We
have
Thus,
we have
c (%g) +c(s))
=;li~22”)c(s4+2+;
= !@IG(s
= ;  21og(2). Here, we used equality. lim,,r(s  l)<(s) = 1 (Proposition
 l)C(s)+ 2 + g
3.15(2))
to prove
the
last
3.5. By Proposition satisfiesmzlmodp1. Hence p 5 2  m.
3.24(l), a prime factor of the Sincepldivideslm,wehavep121m.
denominator
of C(m)
Chapter
4.1. Factor as in Proposition the equation as x3 = (y+i)(yi), 0.11 to obtain y+i=(a+bi)“, Comparing (3~’  b’)b. 4.2. similar the imaginary parts of both Thus, we have b = 51. The the equation as z3 as in Proposition (a+b1+y)3, fact *&ii that 1 = the and only A2.)
4
and use a similar argument
U,bEZ sides, we obtain rest is easy. 1 = 3a2b  b” =
Factor argument
= (y + &ii)(y 0.10 to obtain a,b
&ii),
and
use
a
y+&ii= (Here, we used and y  &ii both (3a2 sides, the are
E Z.
common prime factors of y + a Comparing the imaginary parts $ 11 (g)“. ~t2}. From The this rest we.obtain is easy. b E {fl,
of
we obtain
3 (a + $)’ we have
+ 3ab  2b2)b
= 2. Thus,
ANSWERS
TO
QUESTIONS
143
4.3. Let m be an integer that is not divisible by any square except for 1. LetK=Q(J\/m) ,o=z+y&(x,y~Q) andcr’=zye. (i) First we show that LY E 0~ is equivalent to the fact that the rational numbers 01 + o’ = 2s and cro = x2  my2 both belong Z If o E OK., then by replacing (Y by o’ in the equation on + crcrnpl + ‘. + cn = 0 (n > 1, ~1,. , cn E Z), we see that 01’ E OK. Therefore, we have 01 + cy’, eta’ E OK. Thus, these numbers belong to 0~ n Q = Z. Conversely, if we have cx + CY’, cycv’ E Z, then LY satisfies the equation o2 + crcy + cs = 0 with cl = (o + o’) and c2 = oo’. This implies that cy belongs to OK. (ii) By (i) it suffices to show the following: For x, y E Q 2x,x2my2EZ ifmE2,3mod4,and 2z,z2my2EZ u 2x,2yEZandxyEZ, I x,yEZ,
if m E 1 mod 4. (iii) Show first that if x, y E Q satisfies 2x, x2  my2 E Z, then we have 2y E Z. If 1 is an odd prime number, it follows from ordl(x) 2 0 and x2  my’ E Z that ordi(m) + 2ordl(y) > 0. Since ordl(m) < 1, we have 2ordl(y) > 1. Thus we have ordl(y) > 0. Since ordz(x) 2 1 and x2  my” E $ we have ords(m) + 2ords(y) 2 2. Since ordn(m) < 1, we have 2ord2(y) 2 3. Thus, we have ords(y) > 1. Summing it all up, we see that 2y E Z. (iv) To show the equivalence in (ii), we may assume 2x, 2y E Z because of (iii). Suppose 2x = u and 2y = v (u, u E Z). If m E 2,3 mod 4, it suffices to show u 2 mv2=0 mod4 u UEUEO mod2, and if m E 1 mod u These 4.4. are easy
2
4, it suffices mv2s0
to show mod4 I UEZI mod2
to show. to the proof or Proposition 4.1(5) we treat + Cx is
Similar
4.5. The answers are 1, 2, 2 and 2, respectively. As an example, the case Q(&2). We have WK = 2 and N = 8, and x : (Z/8Z)’ given by x(1 mod 8) = x(3 mod 8) = 1, = Y&C”,=, x(5 mod 8) = x(7 x(a)a mod
8) = 1. = 1.
ByCorollary4.29wehavehK
= $(1+357)
Answers
to Exercises
Chapter
0
0.1. Suppose that the nth root of 5 is a rational number it factors as fpP1 .. .psT (~1,. ,P,. distinct primes, e, integers e, # 0). Taking the nth power, we have 5 = py” .‘.pF”“. contradiction to the uniqueness of prime factorization since n 2
and that satisfying This is a 2.
0.2. If & + v’? is a rational number, so is 5 + 2&. Thus, & is a rational number. But we can show that I/% is an irrational number by a similar method as Exercise 0. 1. 0.3. 29 = 2’ + 5’, 37 = 1’ + 6’, 41 = 4’ + 52, 53 = 2’ + 72. 5 = (2+i)(2i) and 13 = (3+2i)(32i),
0.4. Combiningfactorizations we have
652 = ((2 + i)(3 + 2i))2((2 = (33 + 56i)(33
 i)(3  2i))”
 56i) = 33’ + 56”,  i)(3 + 2i))”
652 = ((2 + i)(3  2i))‘((2 = (63  16i)(63 0.5. to fi
+ 16i) = 63” + 162. =
If x and y satisfy x2  2y2 = 1, then we have ($a)(;+dq as y gets bigger. numbers
$. Thus, we have 0 < E  ~‘2 < &.
This shows that z becomes closer
0.6. It suffices to show that infinitely many pairs of natural (2, y) satisfy iy(y + 1) = x2. Rewrite this equation as (2y + 1)2  2(2x)2 For n 2 1, define a, and b, by (1 + fi)”
a:  2b: = (an + b,h)(a,  b,h) =
= 1. = an + b,&. We have  fi)” = (1)‘“.
(1+
&)“(l
By expanding (1 + a)“, we see that a, = 1 + (even number) and b, = n + (even number). Thus, if we take an even number as n, then we have
145
146
ANSWERS
TO
EXERCISES
2zien
2bz
=
1 with (2y
a,
odd
and
b, even.
= 1.
If we set y =
%$
andx=
3,
we have,
+ 1)2  2(2~)~
Chapter 1.1.
Answer: The set in question
1
consists of nine points where we see that by x(P) the 0, (0,&l),
(@,*g), ($‘%&,&a) and (%C~,zt~), itive cube root of unity. The method of finding these points: First, equivalent to 2P = P. In general, if we denote of P E E(C), P # 0, then we have
<3 is aprim
3P = 0 is
xcoordinate
x(P)
for any
= x(Q) u
we have
Q = fP =x(P) Pf 0.
P,Q E E(C). 3P=
Thus,
0, P# P in E(C)
0
_
x(2P)
and
For or
any @G. 1.2.
point
satisfying
(§1.2(1.4)).
Therefore,
x(2P)
n be relatively + 32n3)ml
2P # 0 we have x(2P) = z~~‘c4pJfzc(l~) = x(P) if and only if x(P) = 0, @, NC3
prime and integers and let  4n3)nl. to show of 144. (n # 0)
Let
m and
A = l(m3
B = 14(m3
Denote by D the greatest common divisor of the inequality in question, it suffices to show For, if that is the case and if the xcoordinate in lowest terms, then we have H(xcoordinate of
A and
B. In order that D is a divisor of P is given by f
2P) = H
0
A E
= A max(A, n)4
B) of
2 % max(m,
= $H(xcoordinate
P)“.
Let p be a prime number. We have ord,(D) = min(ord,(A),ord,(B)) (since ord, indicates how many times p divides the number). If p is a prime factor of D, then p does not divide n (since if it does, p does not divide m, and thus p does not divide m3 + 32n3 and A). If p is a prime factor of D and p # 2, then p does not divide m (since if p # 2 and p divides m, then p does not divide B). Thus, if p is a prime factor of D and p # 2, then we have ord,(D) = min(ord,(m3 5 ord, ( (m3 + 32n3), + 32n3) (m3 ord,(m”  4n”))  4n3))
= ord,(36n3) Hence, we have
= ord,(36).
p=
3 and
ordy
(D) < 2.
ANSWERS
TO
EXERCISES
147
Next, we consider ordz(D). If m is odd, then ordz(A) = 0. If m is even, then ordz(m”  47~‘) = 2 since n is even. Hence we have ordz(B) = 4. Therefore, D is a divisor of 24 ~3~ = 144, and thus the inequality in question is proved. If T > 6, then we have the inequality &r4 > r. If a rational point P on the elliptic curve in question satisfies H(zcoordinate of P) > 6, then we have H(zcoordinate of P) > H(zcoordinate of 2P). Then the height of the xcoordinate of P, 2P, 4P, 8P, 16P,. . are all different. Thus, these points are all distinct. This means there are infinitely many rational points on this elliptic curve. (To be more precise, we can show the following. If integers m and n satisfy m $ 0 mod 3 or n $ 0 mod 3, then m3  4n” $ 0 mod 9. This can be done by checking all the possibilities of 0 2 m 5 8, 0 5 n 5 8. Thus we see that D is a divisor of 24 x 3 = 48 and that 48 H(zcoordinate of 2P) 2 H(zcoordinate of P)”
If T > 4, then &r” > T. Thus, if P = (5, ll), then the zcoordinates of P, 2P, 4P, 8P, all have different heights. This implies that we see the existence of infinitely many rational points as soon as we find one rational point (5, ll).) 1.3. Since for (z,y) xy (H x+Y E X we have (x + Y)” 4k 3 1 (x+y)3’
2 +$+x2xy+~2=._
we have (A, z) E Y. This map is bijective since the map Y + X given by (x, y) H (g, 2) IS t the inverse. (We omit the proof of the fact that we have (5, 2) E X for (x, y) E Y and that the compositions X + Y + X and Y + X + Y are both identities.) 1.4. The inverse is given by (x, y) H (&, $ + :). is straightforward,
1.5. We omit the proof of 1.5 since each verification as was the case with 1.3 and 1.4.
1.6. (i) Answer: (x, y) = (O,O), (2, f4). Reason: If (x, y) # (0,O) is a rational point on the curve y2 = x3 + 4x, then by considering the case k = 1 in Question 1.5, we see that g(z, y) = (2  $, i (1  3)) is a rational point on the curve y2 = x3  x. Prom Proposition 1.2 we know that this point is one of (O,O), (*l, 0). Therefore, we have i (1  $2) = 0. Hence y = 0 or x = f2. R eason: If (x, y) is a rational point on (ii) Answer: (x, y) = (&l,O). the curve y2 = x4  1, then by considering the case k = 1 in 1.4 and 1.5, the image of (x, y) by the map X + Y 4 E(K) given by (x, y) H (x2, xy) is a rational point on the curve y2 = x3  x. Thus, we obtain xy = 0.
148
ANSWERS
TO
EXERCISES
(iii) Answer: (z, y) = (0,12). R eason: Just as (ii), we see that if (z:, y) is a rational point on the curve y2 = z4 + 4, then (x2, z:y) is a rational point it follows from (i) that (x2, zy) equals on the curve y2 = z3 + 42. Thus, one of (O,O), (2, *4).
Chapter 2.1. For example, $& $$ converges
2 to 1 in 88, but (since 3” it converges + 0), but to 0 in QZ it converges
The sequence to 1 in Ql. 2.2. we denote fn : (*q/z Let
converges
to 1 in Qa
f be an element by fn the + restriction Z [:I map /Z
of Horn
(Z
[t] ( $Z
/z,
z [t]
/z)
For image ( &Z
any of the
n 2 1 map
of f to is contained
/Z. The > in the kernel every Thus, with element
multiplicationbyp” ( *Z > /Z becomes /Z of to
5 /Z [I 0 if it is multiplied ($Z) for some /Z, and
of Z
( since by p”).
/Zofthe > of the subgroup
fn is a homomorphism the multiplicationbya ring homomor
from
(&Z)
it coincides a,. Thus,
czrL map phism
Z/p”Z
(z
element
we obtain
cp : Horn Conversely,
[i] find
P,
z [i] a ring
P)
+
l&Z/p”Z; n
p(f)
= (anJn>l.
we can
homomorphism + Horn (Z For /Z > E Horn = (Z f. [i] It /z, [b] /z, 1c E Z z [ $1 /z)
1~ : lhr+Z/p”Z as follows. itive We f(z) integer obtain = a,~. the Let (an)%>1 that
E l@,Z/p”Z. z E ( f $Z
[I
b P /z,
/Z
there = U,>l /z) that
exists ($) by
a pos/z. defining
n such
since ( Z [t]
Z [ ;]
a homomorphism Define identities $((a,,),ri) of Horn
z [i] to check and
is easy
$ o cp and re
cp o + are spectively.
z [t ] /z)
!im n~/pn~,
Hence,
we have
n
2.3. For the following. n # 0 define k = orda(n). From Since 4 belongs to 1 + 3&, nlog(4) belongs Proposition but not to 2.14(4) 1 + 9&, we see log(4)
belongs to 323, but not to 9Za. Thus, to 3k+2Z:3. Thus, 4’” = exp(nlog(4))
belongs to 3kf1Zs, but not to 1 + 3k+1Z:s, but not to
ANSWERS
TO
EXERCISES
149
1+ 3”+“&. have ords(4” 2.4. prime First, number
Thus 4”  1 belongs  1) = lc + 1. (1) follows from p we have
to 3k+1Zs,
but
not
to 3”+“&.
Hence,
we
Proposition
2.18
and
the
fact
that
for an odd
2
(>
P
=l
u
pz1,3
mod8
Next, the equation x2 + y2 = 2 in (2) can be written as ix’  ay” = 1. The necessary and sufficient condition for the existence of z, y E U& satisfying the equation is (i,  $), = 1 by Proposition 2.20. But, if p # 2, we have ($,f), = 1, (i, i), = 1. In order to show (3), it suffices
to show the existence of elements x, y and z in @ satisfying x2 + y2 + z2 = 2 (since if p # 2, a solution of x2 + y2 = 2 satisfies x2 + y2 +02 = 2). In Q2, 14 is very close to 2, and we have 12+22+32 = 14. Since $!j = 7 E 1 mod 8, it follows Thus, from we have Proposition 2 = 2 2.18 = (i)’ that there exists + (z)‘. a E Q,” such that a2 = 3;. + (p)”
Chapter
3
x(1 (1)
3.1. (1) Consider the Dirichlet character x : (Z/8Z) x + Cx given by mod 8) = x(3 mod 8) = 1 and x(5 mod 8) = x(7 mod 8) = 1. Then is to find L(1, x). Since x(l) = 1, it follows from Theorem 3.4 that L(l,x) = F ; (hl(C8) + hl(&  h(G)  hi(C)) = 5.
x(1 (2)
(2) Consider the Dirichlet character x : (Z/8Z)x + Cx given by mod 8) = x(7 mod 8) = 1, x(3 mod 8) = x(5 mod 8) = 1. Then is to find L(2, x). Since x(l) = 1, it follows from Theorem 3.4 that
L(2,x) 3.2.
‘&+.... 5.3 (1)
=
(
F
2
1 z
(h2(<8)
5
h2(&)

WC3
+
h2CC87))
=
$x2.
>
= c;=, = lim,+l+s  2 c;& &.(l &s & = 1  +s + jk  $ + & & + ‘. ‘) + =
(1  2l.“)<(s)
(2) lim,++r+o(sl)<(s) &log2=1. 3.3. By calculating
sr  ss  s:, + ~7, we have
log where x is the
(l  G)(l  G8’)= (C8 <;  <,j <,7)q1,x), + ( (1<;)(1<,5) >
same character log as the one in Exercise = 2JZULX). 3.1(2). We have ( (1 +1Jz)2)
150
ANSWERS
TO
EXERCISES
Hence,
L(1,
x)
= & log(1
+ a). and we explain the integers. For simplicity, We have 1
3.4. We omit the proof of absolute convergence, analytic continuation and the values at nonpositive we denote the sum over ni, , nk > 0 just by c.
r(s)(‘(s, 2; cl, , ck) =
ett"$ .c J=e(z+cllL1+...+ckn =JC o (1 ."T =JW,plU) (1eck~)us~
0
(x
+ Clnl
+
+ Cknk)’
0
U
Let a > 0. Divide the integral sow = s,” + saw. Since eeZcu approaches very rapidly as u goes to 00, the part s,” can be analytically continued to the entire plane as a holomorphic function in s. Take a small enough that 1  eeCZ” (1 5 i 5 Ic) does not have a zero in 0 < IuI 5 a. Then, in 0 < u 5 a we have
epxu c1 “‘ck (1 eclu). (1  eck”) = u k g AnUn, n=O
where
A, is a polynomial
Q...Ck.
in x, cl,
aw SC
= 0 TX=0
, ck with
Q coefficients.
s+nk
Thus,
we have
A,.
a s+nk’
1,2, continued to the entire , k. If m is a negative
Therefore, [(s, xc; cl,. , ck) may be plane and we see that it is holomorphic integer or 0, then we have cl ck ((m; x, cl, . , ck)
analytically outside
= sml(s) Akm z lim 1.
Chapter 4.1.
Sincex2+Zy+2y2= (i) u ThereexistsatZ[w] argument to the proofs (x+yv)
= z4km(1)” Iml!.
4
(x+yv),wehave suchthat of Propositions 0.2,
~=a%.
0.3 and 0.4 in
Using a similar $4.1, we have The if above
condition
u
p # 2,7.
ANSWERS
TO
EXERCISES
151
4.2. If (ii) is satisfied, then we have n = m2 n,‘=, p,, natural number, r 2 0, and p, is a prime number congruent or p, = 2. We have p, = (Y~??~, crj E Z[&i]. Writing mn5=1 puttingP=z+yi (x,y~Z), wehaven=pp=x2+y2. If (ii) is not satisfied, then there exists a prime number such that ord,(n) is odd. Since (l,n), = (9) = 1, we do not exist Z, y E Q such that n = x2 + y2.
where m is a to 1 modulo 4 oj as /? and p = 3 mod 4 see that there
4.3. Put p = crb (o is a prime element of Z[i]), and put cr2n = z + yi. Then we have pzn = cr2n~2n = x2 + y2. Because of the unique prime factorization property we have x # 0, y # 0. Thus, pn is the hypotenuse of the right triangle formed by x, y and p”. Since c?’ is not divisible p, the greatest common divisor of the three sides is 1. We show that this is the only triangle up to congruence. Suppose that p2” = x2 + y2 with x, y natural numbers. We have p2” = (x + yi) (x  yi) . Consider the prime factorization of both sides, we see that x+yi = CY~&~P, xyi = (Y%~F, T 2 0, s > 0, T + s = 2n, p E {fl, =ti}. If T # 0, s # 0, x + yi is divisible by p, and thus x, y,p” are all divisible by p. If r = 0 or s = 0, we have x + yi = oyznp or x + yi = Eznp. Each gives a triangle equivalent to the one we obtained above. 4.4. Using the notation of Proposition 4.27, we see that (2,l) E 91 is the element in Pj whose ycoordinate is the smallest. The assertion now follows from Proposition 4.27. 4.5. By ideal in A Similarly, and 6, and Theorem contained flp pdp is a + b has A.2 in the the in Appendix A, n,, pep is the largest fractional both a and 6, and a n b has the same property. smallest fractional ideal in A containing both a same property.
4.6. We have < = (y + 2a)(y  2&5). We show that y + 2&5 is a cube in Z[&5]. A prime ideal that contains both (y + 2J5) and (y2) contains the element (y+2)(y2) = 40. Wecan show that the prime factorization of (2) is (2) = a’, where a = (2,1+), and (fl) is a prime ideal. Thus, we have (y + 2J5) = a”(&%)“b, (y  2&%) = am(G)“c, m 2 0, n 2 0,
where a, (v’?), b and c are pairwise relatively prime ideals. Prom (x)” = a2”(fl)2n bc we see that m and n are multiples of 3, and that b and c are cubes. Thus, (y + 2G) is the cube of an idea 0. This means that the cube of a is a principal ideal. But, since the class number is not divisible by 3, b itself is a principal ideal by a similar argument as the one used in s4.4. Put a = (o), cy E Z[J51. Prom (y + a&%) = (03),  see that we y + 2v’3 = *a” = (I&)~. Hence, y + 2fl is a cube in Z[J51; i.e., y + 2J5 = (CL+ h/T)“, a, b E Z[J51.
152
ANSWERS
TO
EXERCISES
Thus, latter
we have y = a3 shows that b = fl,
15ab2 and 2 = 3a2b  56” 52. The rest is easy.
=
(3a2

5b’)b.
The
Index
algebraic analytic arithmetic automorphic Bernoulli Bernoulli number continuation, field, 103 90 form, 10 ideal, 115 ideal class group, 119 infinite descent, 22, 109 integral point, 19 51 inverse Iwasawa Kummer’s metric module, Mordell’s 10 ngonal Dedekind Dirichlet Dirichlet Dirichlet’s elliptic factorization factorization domain, L function, 117 82 8, 121 padic padic padic padic padic padic padic padic partial Pell’s point prime prime principal principal principal Pythagorean quadratic absolute expansion, value, 68 62 number, 8 space, 68 limit, 66 theory, criterion, 62 30 14 131 Hilbert Hurwitz symbol, 53 C function,
90
of quadratic form, 9 number, polynomial, 91 91
Chinese Remainder Theorem, class field theory, 5 class number, 120 class number formula, 125 completion, congruence, conic, 46 cubic number, 64 50
theorem.
character, 82 unit theorem, curve, 11, 18
in prime elements, into prime ideals,
13 13
integer, 65 L function, 99 metric, 62 number, 3, 58 number valuation, Riemann equation, at infinity, element, number, field, 60 7 28 5, 104 5 ideal, 116 2 law, 50, 52 118 58 89
Fermat’s Last Theorem, 14 First supplementary law, 52 fractional ideal, 118 functional equation, 98 fundamental theorem on abelian fundamental groups, unit, 30 121
C function,
fractional ideal, 116 ideal domain, Theorem,
P function, 95 group structure, height, 22, 31
25
reciprocity
153
154 rational number field, 7 rational point, 19, 45 Riemann < function, 82 ring homomorphism, 54 ring of integers, 113 Second square triangular unique unique supplementary numbers, 10 number, 10 law, 52
INDEX
factorization domain, 104 prime factorization property, 104 unit, 8 unit group, 119 weak Mordell 82 theorem, 31
C function,