for some function h . Dividing by u and evaluating at Q 1 shows that

2 b + a 1 a + a 3 =0 .

g 1 ( Q 1 )=0

or

If g 1 ( Q 1 )=0,then g − b has at least a double root at Q 1 ,so

div( g − b )=2[ Q 1 ]+[ R ] − 3[ P ]

for some R . Therefore,

div(( g − b ) / ( f − a )) = [ R ] − [ P ] .

b has only a double pole at

P , which is a contradiction. Therefore, g 1 ( Q 1 ) =0,so

By Corollary 11.18, R = P . This means that g

−

− a 4 a − a 6 ) y = b

∂

0=2 b + a 1 a + a 3 =

∂y ( y 2 + a 1 ay + a 3 y − a 3

− a 2 a 2

.

This means that b is a double root, so b = b . Therefore, ψ ( Q 1 )=( a, b )=

( a, b ). Therefore, ψ is surjective.

It is possible to show that not only ψ , but also ψ − 1 , is given by rational

functions. See [109, p. 64]. Since C is assumed to be nonsingular, this implies

that the equation for E is nonsingular, so E is actually an elliptic curve.

It is also possible to show that elliptic curves always have genus one. There-

fore, over algebraically closed fields, genus one curves, with a base point P

specified, are the same as elliptic curves, with P being the origin for the group

law. Over nonalgebraically closed fields, the situation is more complicated. A

genus one curve C such that C ( K ) is nonempty is an elliptic curve, but there

are genus one curves C such that C ( K ) is empty (see Section 8.8). These

curves are not elliptic curves over K , but become elliptic curves over certain

extensions of K .

11.6 Equivalence of the Definitions of the Pair-

ings

In Sections 11.2 and 11.4, we gave two definitions of the Weil pairing. In this

section, we show that these definitions are equivalent. Similarly, in Sections

3.4 and 11.3, we gave two definitions of the Tate-Lichtenbaum pairing. We

show these are equivalent.