Chapter 2

The Basic Theory

2.1 Weierstrass Equations

For most situations in this topic, an elliptic curve E is the graph of an

equation of the form

y 2 = x 3 + Ax + B,

where A and B are constants. This will be referred to as the Weierstrass

equation for an elliptic curve. We will need to specify what set A , B , x ,and

y belong to. Usually, they will be taken to be elements of a field, for example,

the real numbers R , the complex numbers C , the rational numbers Q ,oneof

the finite fields F p (= Z p )foraprime p , or one of the finite fields F q ,where

q = p k with k ≥ 1. In fact, for almost all of this topic, the reader who is

not familiar with fields may assume that a field means one of the fields just

listed. If K is a field with A, B ∈ K ,thenwesaythat E is defined over

K . Throughout this topic, E and K will implicitly be assumed to denote an

elliptic curve and a field over which E is defined.

If we want to consider points with coordinates in some field L ⊇ K ,we

write E ( L ). By definition, this set always contains the point ∞ defined later

in this section:

{∞} ∪ ( x, y )

y 2 = x 3 + Ax + B .

E ( L )=

∈

L

×

L

|

It is not possible to draw meaningful pictures of elliptic curves over most

fields. However, for intuition, it is useful to think in terms of graphs over the

real numbers. These have two basic forms, depicted in Figure 2.1.

The cubic y 2 = x 3

− x in the first case has three distinct real roots. In the

second case, the cubic y 2 = x 3 + x has only one real root.

What happens if there is a multiple root? We don't allow this. Namely, we

assume that

4 A 3 +27 B 2

=0 .

If the roots of the cubic are r 1 ,r 2 ,r 3 , then it can be shown that the discrimi-

nant of the cubic is

(( r 1 − r 2 )( r 1 − r 3 )( r 2 − r 3 )) 2 = − (4 A 3 +27 B 2 ) .