GALOIS REPRESENTATIONS AND THE MODULARITY THEOREM

THOMAS MORRILL

Abstract. We wish to study the algebraic closure of Q, denoted Q and its associated ringof integers Z. Often classical Galois theory is employed to examine the finite extensionsof Q, but this analysis fails to apply to the infinite extension Q. Following a brief reviewof Galois theory, we introduce the absolute Galois group over Q and examine its grouprepresentations in `-adic vector spaces. These Galois representations have fundamentalconnections to modular forms and elliptic curves.

Dedicated to Dr. Mic Jackson.

1. Introduction

We are interested in the roots of polynomials. Restricting to polynomials with coefficientsin Q yields a rich theory. The roots of polynomials in Z[x] are called algebraic numbers. Itcan be shown that the set of all algebraic numbers forms a field containing the set of allrational numbers Q. One method of studying algebraic numbers is to examine the finitedegree extensions of Q using Galois Theory. Here we assume the reader is familiar withabstract algebra. Foundational material may be found in [DF04].

Evariste Galois developed his theory in the early 1800s as a tool to study the solutions ofpolynomial equations. Rather than study a field extension K/F directly, Galois examinedits group of automorphisms, specifically those that fixed some subfield of K. So long as K isGalois over F , there is a one-to-one correspondence between the subgroups of the automor-phism groups of K and fields H that lie between F and K. This fundamental theorem, alongwith the simplicity of the alternating group A5, was enough to demonstrate that there is nogeneral formula to derive the roots of quintic polynomials using radicals. Algebraic numbertheory typically begins by applying Galois theory to finite degree extensions of Q. However,because the algebraic numbers are an infinite degree field extension of the rationals, theseresults do not apply to Q.

In Section 2, we begin with a brief overview of algebraic number theory and some intro-ductory results. Although classical Galois theory does not apply to infinite extensions, wemay attempt to generalize its methods. We are motivated to study the automorphism groupof Q, which we denote GQ. This group becomes our main object of study.

In order to get a handle on the structure ofGQ, we introduce the inverse limit of topologicalgroups and rings in Section 3. We assume the reader is familiar with the basics of point-set topology, which may be found in [Mun00]. Inverse limits allow us to decompose anautomorphism of Q into a sequence of automorphisms of number fields. Moreover, otherobjects which arise from inverse limits, such as the `-adic numbers Q`, their analog λ-adicnumber Kλ, and the Tate module of torsion subgroups have a natural affinity with GQ.

With the automorphism group in hand, in Section 4 we compare the algebraic structureof Q to the number fields from Section 2. Often in group theory, the problem of studying an

1

abstract group may be simplified by mapping it into matrix groups, or equivalently viewingits group action on vector spaces. These tools allow us to apply linear algebra to the studyof GQ.

In Section 5 we introduce modular forms, another large topic in number theory, in orderto showcase some results using Galois representations. First, we define the modular groupΓ , also known as SL2(Z), and establish its group action on the upper half plane H of C.A modular form f(z) is a holomorphic function whose values are influenced by this groupaction. We assume the reader is familiar with complex analysis. Additional informationmay be found in [Ash71]. The space of modular forms is a complex vector space, with abasis given by newforms. The Fourier coefficients of newforms give rise to number fields, andsubsequently Galois representations ρf . With this in place we prove a theorem by the Frenchmathematician J.P. Serre regarding congruences, prime density, and the irreducibility of ρf .All figures were made in [S+11].

Elliptic curves are introduced in Section 6, and they also give rise to Galois representa-tions. An elliptic curve is the solution set of a cubic polynomial in two variables, as viewedin projective space. As long as the curve is non-singular, it may be equipped with a geomet-rically powered group structure. The torsion subgroups of elliptic curves subsequently allowfor the influence of GQ.

Finally, in Section 7 we close the paper with some statements of the modularity theorem,a deep connection found between elliptic curves and modular forms. In plain language, thetheorem states that all elliptic curves exhibit properties inherited from modular forms. Itwas the partial proof of this theorem in 1993 by Andrew Wiles that yielded the proof ofFermat’s Last Theorem. The proof is too large for the scope of this paper, much less themargin of a textbook, but we give a sketch of how modularity relates to xn + yn = zn. Weinclude it here as Wiles proved his version of modularity as stated in the language of Galoisrepresentations.

2. Algebraic Number Theory

We are interested in the collection of all roots of polynomials with coefficients over Q,denoted Q, called the algebraic closure of Q. Recall the Fundamental Theorem of Algebra:

Theorem 1. If f(x) ∈ C[x], then f has a root in C.

A proof may be found in Chapter 14 of [DF04]. By inducting on the number of roots of apolynomial f , we see that Q ⊂ C. A number α ∈ C is called algebraic if there exists anirreducible polynomial f with coefficients in Z such that f(α) = 0. We call f the minimalpolynomial for α if f is irreducible and monic. Complex numbers that are not the rootof some polynomial over Z are not algebraic. These are called transcendental numbers.Although transcendence theory is a very rich topic in number theory, we will not exploretranscendental numbers further in this paper.Any polynomial g ∈ Z[x] that has α as a rootmust be divisible by f . If α is the root of a irreducible monic (lead coefficient 1) polynomialin Z, then α is called an algebraic integer. The set of algebraic integers is denoted by Z.

For example, consider the golden ratio φ = (1 +√

5)/2. As φ is a root of the irreduciblepolynomial

f(x) = x2 − x− 1,2

and f is a monic polynomial in Z[x], we see that φ is an algebraic integer. By factoring f(x)in C,

x2 − x− 1 =

(x− 1 +

√5

2

)(x− 1−

√5

2

),

we find a second algebraic integer, (1 −√

5)/2, which we denote φ′ for brevity. Note thatthe only difference between φ and φ′ is the sign of

√5; we will revisit this when dealing with

automorphisms of quadratic fields. Also note that −φφ′ = 1. That is, both φ and φ′ areunits in Z, as they both have a multiplicative inverse. Units will become important whenwe try to factor algebraic integers.

More generally, if α is an algebraic number with minimal polynomial f and β is anotherroot of f , then we say that α and β are algebraic conjugates. For example, the polynomialx2 + 1 is irreducible in Z[x]. Its complex roots are i and −i, which means that i and −i arealgebraic conjugates as well as complex conjugates. In fact, complex conjugation is a specialcase of algebraic conjugation. To see this, let p(x) be an irreducible polynomial in Z andsuppose that α is a root of p. Then

p(α) = 0 = 0 = p(α) = p(α).

That is, the complex conjugate of α is also one of its algebraic conjugates. However, manyalgebraic numbers have more than one algebraic conjugate. To clarify terminology, we willrefer to the distinct roots of the minimal polynomial of α as the conjugates of α and referto the operation a+ bi = a− bi as complex conjugation.

In algebraic number theory, we do not study Q directly; rather, we examine its smallersubfields. A number field F is a field Q ⊆ F ⊆ C which is a finite dimensional vector spaceover Q. The degree of F over Q, written [F : Q], is the dimension of F as a vector spaceover Q. If α1, . . . , αn ∈ C, the set Q adjoin α1, . . . , αn is given by

Q(α1, . . . , αn) :=

{f(α1, . . . , αn)

g(α1, . . . , αn)

∣∣∣∣ f, g ∈ Q[x1, . . . , xn], g(α1, . . . , αn) 6= 0

}.

We see that Q(α1, . . . , αn) is a subfield of C. Likewise, Z adjoin α1, . . . , αn is given by

Z[α1, . . . , αn] := {f(α1, . . . , αn) | f ∈ Z[x1, . . . , xn]} ,which forms a subring of C. Note that Q(α) contains multiplicative inverses for all itselements, whiles Z[α] does not. We state the following theorem without proof.

Theorem 2. A number α ∈ C is algebraic if and only if Q(α) is a number field. Moreover,if F is a number field, then there exists α ∈ Q such that F = Q(α).

A proof may be found in Chapters 1 and 2 of [ST02]. We immediately see that if β isan element of the number field F = Q(α), then Q(β) must be a finite dimensional Q vectorspace, as it is a subspace of Q(α). Therefore β is algebraic.

We now consider our first examples of number fields. Let N be a squarefree rationalinteger, i.e., not divisible by any n2 6= 1 in Z. We make this distinction in order to avoidcataloging the same number field twice, since if

√N =

√n2M = n

√M , then we have that

Q(√N) = Q(

√M). In general, if c 6= 0 is rational, then Q(α) = Q(cα). The number field

Q(√N) is called a quadratic field. Each quadratic field is classified as real or imaginary,

depending on whether N > 0 or N < 0.3

To clarify notation, we define the sets N and Z+ as

N := {n ∈ Z | n ≥ 0}Z+ := {n ∈ Z | n ≥ 1}

Let N ∈ Z+ and define the Nth root of unity as

ζN := e2πiN .

Then we call the number field Q(ζN) ⊂ C the Nth cylcotomic field. (The first and secondcyclotomic fields are just Q.) Note that

ζ4 = eπi2 = i.

That is, Q(i) is both a quadratic and a cyclotomic field.We turn our attention to field embeddings in preparation for Galois theory. An embedding

is an injective field homomorphism. Suppose σ is an embedding

σ : Q(α) −→ C.Then we claim σ(α) is a conjugate of α. Note that any such field homomorphism must fix1 and therefore all of Q. If f(x) is the minimal polynomial for α, then we find that

f(α) = 0 = σ(0) = σ(f(α)) = f(σ(α)).

Note that if σ(α) is known, then every value of σ is determined, since every β ∈ Q(α) canbe written as a rational function of α. In general, if τ is a field automorphism, then

τ(f(x)) = f(τ(x))

for all f ∈ Q(x). We will frequently take advantage of this fact. We see that

σ(β) = σ(f(α)) = f(σ(α)),

which is determined by σ(α). Therefore, if α = α1, . . . , αn are the distinct conjugates of α,then there are exactly n embeddings of Q(α) into C, one for each conjugate.

If σ is an embedding and σ(F ) ⊆ F , then we find that σ(F ) = F , since fields have nonontrivial ideals. Therefore, σ is an automorphism of F . Conversely, as F ⊂ C, everyautomorphism of F is also an embedding of F into C. Note however, that it not always thecase that σ(F ) ⊆ F . For example, 3

√2 is algebraic as it is a root of the polynomial

f(x) = x3 − 2 =(x− 3√

2)(x− 3√

2ζ3

)(x− 3√

2ζ23

).

Consider the number field Q( 3√

2). Then the embedding defined by

σ : Q(3√

2) −→ C3√

2 7−→ 3√

2ζ3

contains complex numbers, where Q( 3√

2) does not. We say that a number field F is Galoisover Q if the number of distinct automorphisms τ : F → F is equal to [F : Q]. Fromthe previous argument, this is equivalent to the condition σ(F ) ⊆ F for all embeddingsσ : F → C. If F is Galois over Q then we define the Galois group of F over Q as thegroup of automorphisms which fix Q pointwise, with group operation given by functioncomposition. We denote this group as Gal(F/Q). In general, the Galois group of K over Fis the group of automorphisms of K that fix F pointwise.

4

In the special case of a field extension over Q, we have already seen that every embeddingfixes Q pointwise. We therefore abbreviate the Galois group of F over Q as Gal(F ). Likewise,if F is a number field that is Galois over Q we say that F is a Galois number field.

While Galois theory is a good tool for studying finite extensions of Q, it will not applyto Q, which is an infinite dimensional vector space over Q. However, the study of finiteextensions of Q and their associated Galois groups will serve as an analog to the study ofQ and its automorphisms, the absolute Galois group. If H is a subgroup of Gal(F/K), thenwe define the fixed field of H Fix(H) to be the collection of all α ∈ F with σ(α) = α for allσ ∈ H. We state in part the Fundamental Theorem of Galois Theory.

Theorem 3. Let K be a Galois field extension of F . There is a bijection between fieldsF ⊆ L ⊆ K and subgroups of Gal(K/F ).

A proof may be found in Chapter 14 of [DF04]. If F and K are Galois number fields, thenwe define the composite of F and K to be the intersection of all subfields of C containingboth F and K. field is denoted as FK. It is demonstrated in Chapter 14 of [DF04] that ifboth F and K are number fields, then FK is also a Galois number field.

Let N be a squarefree integer and F = Q(√N). Then the conjugates of

√N are ±

√N ,

which both lie in F . Therefore, there are two embeddings of F into C, the trivial embeddingand the map σ given by

σ : F −→ C√N 7−→ −

√N

which satisfies σ(F ) ⊆ F . We conclude that every quadratic number field is Galois over Q.As an example, let N = 5. We see that

σ

(1 +√

5

2

)=σ(1 +

√5)

σ(2)=σ(1) + σ(

√5)

σ(2)=

1−√

5

2.

If N = −1, let σ be the automorphism of Q(i) given by σ(i) = −i. Then we have

σ(a+ bi) = σ(a) + σ(b)σ(i) = a− bifor a and b ∈ Q. Regardless of choice of N , we find that Gal(

√N) ∼= Z/2Z. The only normal

subgroups of Z/2Z are the trivial subgroup and itself. Therefore the only subfields of F areF and Q.

Recall that the N th cyclotomic field is defined as Q(ζN , where ζN = e2πiN . The conjugates

of ζN are roots of the polynomialxN − 1.

By the Fundamental Theorem of Algebra, this polynomial has N roots, which we parame-terize as

{ζkN | 1 ≤ k ≤ N}For the above values of k, if gcd(k,N) > 1, then ζkN is also a root of

xNk − 1,

but ζN = e2πiN is not. We conclude that ζN has exactly ϕ(N) conjugates, where ϕ is the

Euler totient function. each of which is a power of ζN . Each conjugate ζkN is a power of ζN ,and therefore is an element of Q(ζN) We conclude that Q(ζN), is a Galois number field.

5

Let σk be the automorphism defined by

σk : Z(ζN) −→ Q(ζN)

ζN 7−→ ζkN

Then Gal(Q(ζN)) = {σk | k ∈ I}. For all σj, σk ∈ Gal(Q(ζN) we have that

σj(σk(ζN)) = ζjkN .

Since ζNN = 1, for any m ∈ Z, we have that

ζjkN = ζ ij+mNN .

It follows that σj ◦σk = σik, where we reduce ij modulo N . There is a group homomorphismψ from Gal(Q(ζN) to the multiplicative group (Z/NZ)× given by

ψ : Gal(Q(ζN) −→ (Z/NZ)×

σk 7−→ k (mod N)

with kernel given by

ker(ψ) = {σk | k ≡ 1 (mod N)}= {σ1}.

Because |Gal(Q(ζN)| = φ(N) = |(Z/NZ)×|, we conclude that ψ is an isomorphism andGal(Q(ζN) ∼= (Z/NZ)×.

We return our attention to the algebraic integers Z. We state the following lemma:

Lemma 1. For all α and β ∈ Z, both α + β and αβ ∈ Z.

A proof may be found in Chapter 2 of [ST02]. If F is a number field, we define the ring ofintegers of F , denoted OF , as F ∩Z. In this situation, it is necessary to distinguish betweenthe usual integers Z and members of OF . We use the word rational to make this distinction.For example, a rational prime p is any irreducible element of Z. Note that Q ∩ Z = Z. Inplain English, “rational integers are rational integers.” The containment Z ⊂ Q ∩ Z is easy.A proof of the reverse containment may be found in Chapter 2 of [Mar91].

In general, if α1, . . . , αn are algebraic integers and F = Q(α1, . . . , αn) is a number field,its ring of integers OF is not always given by Z[α1, . . . , αn]. Consider the field F = Q(

√5).

The minimal polynomial for√

5 is x2 − 5, so√

5 is an algebraic integer. Clearly the ringZ[√

5] ⊂ OF . However, the golden ratio φ = (1 +√

5)/2 ∈ F . We have already seen that φis an algebraic integer. But φ /∈ Z[

√5]. Fortunately we do not need to extend very far to

capture all of OF . In general, if N is a squarefree rational integer and F = Q(√N), then

OF =

Z[√N ] : N ≡ 2, 3 (mod 4)

Z[

1+√N

2

]: N ≡ 1 (mod 4)

Note that N ≡ 0 modulo 4 is excluded by assumption. A proof of this result can be foundin Chapter 2 of [Mar91]. Just as in Z, we study OF by examining how numbers factor.

In order to discuss factorization, we need to make a distinction between prime numbersand irreducible numbers in OF . Recall that a unit of a ring R is any element that hasa multiplicative inverse. Let x be a nonzero, non-unit element of a ring R. We say x is

6

irreducible if whenever x = αβ, one of α or β must be a unit. We say x is prime if wheneverx divides a product αβ, x divides one of α or β.

When factoring numbers, we must be careful of units. Recall the golden ratio φ = (1 +√2/2) is an algebraic integer. In the ring Z[φ], we can factor the number 2 as

2 = −

(1 +√

5

)(1 +√

5

2

).

The second factor, (1 −√

5)/2, is the conjugate of φ, which we denoted previously as φ′.Both φ and φ′ are units in Z[φ]. This factorization of 2 is actually

2 = −(1 +√

5)(φ′) = −2φ(φ′) = 2.

In general, if α, β and µ are ring elements such that α = βµ and µ is a unit, then we saythat α and β are associates. Recall that a unique factorization domain is an integral domainR in which every 0 6= r ∈ R can be written as a product of irreducible elements

r = p1 . . . pn

and if there exists a second factorization of r into irreducibles

r = q1 . . . qm

then m = n and the factors pi and qi may be reindexed such that for all 1 ≤ i ≤ n we havethat pi and qi are associates.

Consider the quadratic field Q(i) = {x + iy ∈ C | x, y,∈ Q}. From the previous result,its ring of integers is given by Z[i] = {x + iy ∈ C | x, y ∈ Z}. This ring is also known asthe Gaussian integers. As is the case with Z, the Gaussian integers can be equipped with aEuclidean algorithm. For any two Gaussian integers a, d, with d 6= 0 it is possible to writea = qd + r, where 0 ≤ |r| < |d|. It is a fact that any integral domain which admits aEuclidean algorithm is a unique factorization domain. For proof and further discussion ofEuclidean domains, see Chapter 8 of [DF04]. We concude that Z[i] is a unique factorizationdomain.

In general, unique factorization is not guaranteed for rings of integers. Many imaginaryquadratic fields have rings of integers that are not unique factorization domains. To give oneexample, consider Q[

√−5]. Its ring of integers is given by Z[

√−5]. Here we find that the

number 6 has both its usual factorization, 2 · 3, and a new one: (1 +√−5)(1 −

√−5). By

checking the moduli of these complex numbers, we find there are no non-units in Z[√−5]

that divide 2, 3, (1+√−5), or (1−

√−5). We claim that each of these numbers is irreducible

in Q[√−5]. To prove this, we must define the norm of an algebraic number.

If α is any element of the number field F , then we define the norm of α as

NF (α) =n∏i=1

σi(α)

where σ1, . . . , σn are the distinct embeddings of F into C. Because each σi is an embedding,we immediately see that if α and β ∈ F are conjugates, then NF (α) = NF (β). Moregenerally, for any α and β ∈ F we have that

NF (αβ) = NF (α)NF (β).7

If α is an algebraic integer, then NF (α) is a rational integer. This is proven in Chapter 2of [ST02]. If α divides β in OF then it follows that NF (α) divides NF (β) in Z. Let µ be aunit. Since the norm function is multiplicative,

NF (µ)NF (µ−1) = NF (1) =n∏i=1

σi(1) = 1.

Therefore, NF (µ) = ±1 for any unit µ. Moreover, if α and β are associates, then we have

NF (α) = NF (µ)NF (β) = ±NF (β).

Returning to Q(√−5), if a+ b

√−5 is in OF , the norm of a+ b

√−5 is given by

NF

(a+ b

√−5)

=(a+ b

√−5) (a− b

√−5)

= a2 + 5b2.

Then we see that NF (2) = 4, NF (3) = 9 and NF (1±√−5) = 6. Suppose α = a+b

√−5 ∈ OF

divides 2. Then NF (a+b√−5) must divide 4. That is, a2 +5b2 must be one of ±1 or ±2. We

find that b = 0 and NF (a+ b√−5) = 1. Therefore, a+ b

√−5 is a unit and 2 is irreducible.

A similar argument holds for 3.If α = a + b

√−5 divides 1 +

√−5, then either α is a unit or NF (α) = 6. There are only

four such α, given by

α = ±1±√

5, α = ±1∓√

5.

Note that −1−√−5 is an associate to 1 +

√−5. Furthermore,

1 +√−5

1−√−5

=

(1 +√−5

1−√−5

)(1 +√−5

1 +√−5

)=−2 +

√−5

3/∈ Z[√−5].

Because NF (2) 6= NF (1 ±√−5), we conclude that Q(

√−5) is not a unique factorization

domain. Where unique factorization fails, we can still get results by considering idealsrather than lone integers. For α1, . . . , αn ∈ OF , we denote the ideal generated by α1, . . . , αnas

(α1, . . . , αm) :=

{n∑i=1

αiβi | βi ∈ OF

}.

If A and B are ideals of a ring R, then the product of A and B is defined by

AB :=

{n∑i=1

aibi

∣∣∣∣∣ ai ∈ A, bi ∈ B}.

Recall that an ideal A 6= R is called maximal if for any ideal B with A ⊂ B ⊂ R eitherA = B or B = R. That is, the only ideal that contains A is the trivial ideal R. A primeideal satisfies the condition

αβ ∈ A⇒ α ∈ A or β ∈ A.The following result guarantees the existence of maximal ideals.

Lemma 2. If F is a number field and

I0 ⊆ I1 ⊆ . . .

is an ascending chain of ideals in OF , then there exists N ∈ N such that for all n < N wehave that In = IN .

8

A proof is given in Chapter 4 of [ST02]. Therefore, if A0 is any nontrivial ideal of OF , wecan find a maximal ideal M containing A0 as follows. If A0 is not maximal, then there existsan ideal A1 ⊃ A0. If A1 is maximal, we stop. Otherwise, there exists an ideal A2 ⊃ A1 ⊃ A0,and so on. By the previous lemma, this process must eventually terminate.

Theorem 4. Every nontrivial ideal of OF may be written as a product of maximal ideals,uniquely up to the order of the factors.

A proof may be found in Chapter 5 of [ST02]. Returning to the example in Z[√−5], we

have factored the ideal (6) as

(6) = (2)(3) = (1 +√−5)(1−

√−5).

Therefore none of these ideals are maximal. We turn to non-principal ideals. The ideals (2)and (3) factor as

(2) = (2, 1 +√−5)2

(3) = (3, 1 +√−5)(3, 1−

√−5)

(1 +√−5) = (2, 1 +

√−5)(3, 1 +

√−5)

(1−√−5) = (2, 1 +

√−5)(3, 1−

√−5)

which is shown in more detail in Chapter 3 of [Mar91]. Thus we have found the uniquefactorization of the ideal (6). It is possible to extend the norm function to encompass idealsas well as individual numbers. If A is an ideal of OF , we define the norm of an ideal A by

N(A) := |OF/A|.

Lemma 3. Let R be an integral domain and let A be an ideal of R. Then A is prime if andonly if R/A is an integral domain. Moreover, A is maximal if and only if R/A is a field.

A proof may be found in Chapter 5 of [ST02]. Let p be a rational prime and F be a Galoisnumber field. Suppose p be a maximal ideal containing the ideal (p). Because p is maximal,OF/p is a field. Moreover, repeated addition of 1 + p in OF/p eventually reaches 0, since

p∑i=1

(1 + p) = p+ p = p

We find that {n+ p | n = 1, . . . , p} is a subfield of OF/p with exactly p elements. Therefore,OF/p is a field extension of Fp.

We may construct a homomorphism φ from Gal(F ) to Aut(OF/p) by

φ : Gal(F ) −→ Aut(OF/p)

σ 7−→ σ

where

σ(α + p) := σ(α) + p.

Because OF/p has characteristic p, we claim that the Frobenius transformation τ(x) = xp isan automorphism of OF/p. With regard to multiplication, we find that

((α + p)(β + p))p = (α + p)p(β + p)p.9

For addition, since OF/p has characteristic p,

((α + p) + (β + p))p = (α + p)p + (β + p)p,

which comes easily from expanding the binomial coefficient. Lastly, if

(α + p)p = (β + p)p,

we see that((α + p)p − (β + p))p = 0,

which implies that (α + p) = (β + p). We define a Frobnenius element of Gal(F ) as anyautomorphism Frobp ∈ Gal(F ) satisfying

Frobp(x) ≡ xp (mod p)

for all x ∈ OF . In other words, each Frobenius element is a preimage of the Frobeniusautomorphism of OF/p.

In order to motivate the following constructions, we close the section with an example ofan extension field of Q, consisting entirely of algebraic numbers, that is not a number field.Fix a prime number `. We now define

Q(ζ`∞) :=∞⋃n=1

Q(ζ`n).

We claim that Q(ζ`∞) is a subfield of Q with infinite degree over Q. Let α, β ∈ Q(ζ`∞). Thenboth α and β are finite sums and products of elements α1, . . . αr and β1, . . . , βr from someQ(ζ`n). Therefore there exists N such that Q(ζ`N ) contains all of the αi and βj. It followsthat, α, β ∈ Q(ζ`N ), which shows that they are algebraic numbers. Since Q(ζ`N ) is a field,α + β, α− β, αβ (and and α

βif β 6= 0) are defined as elements of Q(ζ`N ) ⊂ Q(ζ`∞).

To show that Q(ζ`∞) is an infinite degree extension of Q, it is suffient to show that Q(ζ`∞)is a vector space containing subspaces of arbitrarily high dimension over Q. Fix N ∈ N.Then there exists M ∈ N such that ϕ(`M) > N . Recall that ϕ(`N) is the dimension of Q(ζN)over Q. Because Q(ζN) is a subspace of Q(ζ`∞), we conclude that Q(ζ`∞) is not a numberfield.

3. Inverse Limits

The inverse limit is a powerful structure that can be defined on families of either groupsor rings. We will use inverse limits to impose a topological structure on the automorphismgroup of Q in Section 4 and relate it to other inverse limits.

Definition 1. Let (I,≤) be a nonempty set with a partial order. Let {Ri | i ∈ I} be acollection of rings (or groups) and {µij : Rj → Ri |i ≤ j ∈ I} be a collection of surjectivering (group) homomorphisms with the following two properties:

(1) µij ◦ µjk = µik for all i ≤ j ≤ k.(2) µii is the identity map for all i.

The inverse limit of {Ri} is the subset of the direct product∏

i∈I Ri consisting of all tuples(ri)i∈I that satisfy µij(rj) = ri for all i ≤ j. We denote the inverse limit of {Ri} as

lim←−i∈I

Ri.

10

The inverse limit is a ring (or group) with addition and multiplication defined compo-nentwise. Proof and additional information about inverse limits is presented as exercises inChapter 7 of [DF04]. Before we give an important example, it is necessary to employ somepoint-set topology. We assume the reader has a working knowledge of the basics: basis of atopology, subspaces, product spaces, and continuity, which may be found in [Mun00]. Let

R = lim←−i∈I

Ri,

and suppose that each Ri is a topological ring (i.e., addition and multiplication are contin-uous) and that the µij are continuous. By definition, R is a subspace of the infinite productspace

X :=∏i∈I

Ri,

which we equip with the product topology. The Krull topology on R is defined as the subspacetopology R inherits from X.

While constructing inverse limits, we will be dealing exclusively with finite groups andrings, which we equip with the discrete topology. That is, all subsets of Ri are open sets.To find a basis element of the Krull topology, fix a finite collection of rings

Ri1 , . . . , Rin .

In each of these, take a singleton open set

Uij = {xij} ⊆ Ri.

This gives us a basic open set in R

U := {(ri)i∈J | rij = xij , 1 ≤ j ≤ n}.

Fix a rational prime `. We are now ready to construct an important example of inverselimits, `-adic integers. For every pair i ≤ j, let I = Z+ with the standard order. LetRi = Z/`iZ for all i. Let µij be the projection map

µij : Z/`jZ −→ Z/`iZa (mod `j) 7−→ a (mod `i).

Then the ring of `-adic integers is defined to be

Z` := lim←−i∈Z+

Z/`iZ.

We will need the following result:

Lemma 4. If ` is a rational prime, then Z` is an integral domain.

This lemma is given as an exercise in Chapter 7 of [DF04]. It is possible to embed Z intoZ` as follows. Let φi be the projection map given by

φi : Z −→ Z/`iZn 7−→ n (mod `i).

11

Define φ by

φ : Z −→ Z`n 7−→ (φi(n))i∈I .

Each φi is a ring homomorphism. Because the ring operations of Z` are defined component-wise we have that φ is a ring homomorphism. Moreover, φ is injective, since

ker(φ) = {n ∈ Z | n ≡ 0 (mod `i) ∀i ∈ Z+}= {0}.

This allows us to multiply tuples in Z` with integers by defining

n(ai) := φ(n)(ai).

Recall the definition of the Krull topology. A basic open set U ⊂ Z` is the collection oftuples that agree in a fixed, finite number of components. The rings Z/`iZ used to constructZ` were ordered with respect to Z+. Therefore there is a largest component n that all ofthese tuples agree on. But once we have fixed the nth component, for any m < n the mth

component is also determined:

am = µmn(an)

Let (ai), (bi) ∈ U . For 1 ≤ j ≤ n, the ith component of (ai)− (bi) is given by ai − bj, whichmust be 0 by the previous argument. For j > n because aj − bj ≡ 0 modulo `n, we concludethat aj − bj is an integer divisible by `n. Then we have that U is actually the coset

U = (ai) + `nZ`.

We define the `-adic numbers Q` to be the field of fractions of Z`. To extend the Krulltopology to Q`, define a basis of open sets B by

B = {x+ `iZ` | i ∈ Z+, x ∈ Q`},

where

x+ `iZ` := {x+ α | α ∈ `Z`}.Note that `iZ` is not an ideal of Q`, so these open sets are not cosets; we are just borrowingthe notation. Without delving much further, we mention that Q` can also be constructed asthe metric completion of Q with respect to the `-adic metric:

d`(x, y) := |x− y|`where the `-adic norm | · |` is given by∣∣∣m

n`k∣∣∣`

:=

{`−k : (`,m) = (`, n) = (m,n) = 10 : m = 0

,

Frequently we will look for Galois representations in the λ-adic numbers, a field extensionof the `-adics. Let K be a number field (not necessarily Galois over Q) with ring of integersOK . Fix a prime `. Recall that the ideal (`) factors uniquely as a product of maximal ideals

`OK =∏λ|`

(λ)eλ

12

where each (λ) is a maximal ideal lying over the ideal (`). Fix such a (λ). We define theλ-adic integers as

OK,λ := lim←−n

OK/(λ)n.

The λ-adic numbers Kλ are then given by the field of fractions of OK,λ. Since (λ) contains(`), equivalence modulo (`)n implies equivalence modulo (λ)n. This is sufficient to see thatZ` ⊂ OK,`. Consequently Kλ is a field extension of Q`. If we are working with a field thatis already labeled with a subscript, for example Kf , we write the λ-adic numbers as Kf,λ.

4. The Absolute Galois Group

Rather than study number fields one at a time, we would like to investigate Q and learnabout all number fields in one fell swoop. The success of algebraic number theory motivatesus to study the automorphisms of Q. We therefore define (slightly abusively) the absoluteGalois group of Q to be the collection of all field automorphisms of Q under the operation offunction composition. We denote this group GQ. Our main method of studying the absoluteGalois group is to give it an inverse limit structure.

Lemma 5. The group GQ is isomorphic to the inverse limit of the groups Gal(F ), where Franges over all Galois number fields.

Proof. Consider the family of groups

{Gal(F ) | [F : Q] <∞, F is Galois over Q}

To construct the inverse limit, we must index this set with a partial ordering and findassociated group homomorphisms. We take our indexing set to be

I = {F | [F : Q] <∞, F is Galois over Q},

with the subset ordering. That is, F ≤ K if and only if F ⊆ K. As for homomorphisms,suppose F ⊆ K and σ ∈ Gal(K). Let ι : F ↪→ K be the inclusion map. We claim that thedomain restriction of σ

σ|F :F −→ K

α 7−→ σ(ι(α))

is an element of Gal(F ). Because σ is an automorphism of K and K ⊂ C, we find thatσ|F is an embedding of F into C. Since F is Galois, then σ|F (F ) = F , which shows thatσ|F ∈ Gal(F ). Suppose F ⊂ K ⊂ L with inclusion maps ι : F ↪→ K and ι′ : K ↪→ L. Thenι′ ◦ ι is the inclusion map from F to L. For all σ ∈ Gal(L), we have that

(σ|K)|F = σ|K ◦ ι = σ ◦ ι′ ◦ ι = σ ◦ (ι′ ◦ ι) = σ|F .

To show that group operations are preserved in the restriction map, recall that σ(F ) = F .Then we have that ι ◦ (σ ◦ ι) = σ ◦ ι. Then for all σ′ ∈ Gal(K) we have that

(σ′ ◦ σ)|F = σ′ ◦ σ ◦ ι = σ′ ◦ ι ◦ σ ◦ ι = σ′|F ◦ σ|F .

It is not difficult to show that (idK)|F = idF . We conclude that |F is a homomorphismbetween Gal(K) and Gal(F ). Note that for σ ∈ Gal(K), we have that σ|K = σ. Then for

13

any two Galois number fields F ⊆ K the map

µF,K :Gal(K)→ Gal(F )

σ → σ|Fhas the properties required by inverse limits. This is sufficient to show that the group

G = lim←−F∈I

Gal(F )

exists. To show that G ∼= GQ, let σ ∈ GQ. From the previous argument, σ|F ∈ Gal(F ) forany F ∈ I. Moreover, if F ⊆ K ∈ I, we have that (σ|K)|F = σF . To map σ to G, we define

φ(σ) := (σ|F )F∈I .

From our results on domain restriction, we see that φ is a homomorphism. Moreover, because1G = (idF )F∈I , any field automorphism in the kernel of this homomorphism must fix everyalgebraic number pointwise. Therefore, ker(φ) = {idGQ} and φ is injective.

To show that φ is surjective, let (σF )F∈I ∈ G. We claim that (σF )F∈I defines a fieldautomorphism from Q to itself. Let α ∈ Q and K ∈ I containing α. We define

[(σF )F∈I ](α) := σK(α).

To show that this is well defined, suppose F is another Galois number field containing α.Recall that FK is a Galois number field containing both F and K. From the definition ofG, we have that

σF (α) = σFK(α) = σK(α).

Because each component σF is a field automorphism, then (σF )F∈I is bijective. For all αand β we have that

[(σF )F∈I ](α + β) = [(σF )F∈I ](α) + [(σF )F∈I ](β)

and[(σF )F∈I ](αβ) = [(σF )F∈I ](α)[(σF )F∈I ](β).

Therefore, (σF )F∈I defines an element σ in GQ. We find that φ(σ) = (σF )F∈I and concludethat GQ ∼= G. �

The benefit of this construction is that we may now impose the Krull topology on GQ. Theopen and closed sets of this topology carry information about the subfields of Q. Recall ouroverview of the Krull topology on Z`. Fix a finite number of Galois number fields F1, . . . , Fn.Each has an associated finite Galois group Gal(Fi). In each, take the open singleton set{σi}, where σi ∈ Gal(Fi). This gives us a basic open set in the Krull topology on GQ,

U = {σ ∈ GQ | σ|Fi = σi, 1 ≤ i ≤ n}.If each σi is the identity automorphism on Fi, the U is the collection of all automorphisms σthat fix Fi pointwise. Let F be a Galois number field. Then by using the argument above,we see that the mapping φ

φ : GQ −→ Gal(F )

σ 7−→ σ|Fis a surjective homomorphism. Then the kernel,

ker(σ) ={τ ∈ GQ | σ|F = 1Gal(F )

},

14

is an open normal subgroup of GQ.Recall, when looking at finite extensions of Q, we defined Frobenius elements. We wish

to do the same with the infinite extension Q. Let p be a rational prime and let p be anymaximal ideal in Z containing p. Just as we saw in Section 2, the field Z/p is a field extensionof Fp. The decomposition group of p is given by

Dp = {σ ∈ GQ : σ(p) = p}.For all σ ∈ Dp, we see that σ is a preimage of the Frobenius automorphism on Fp. Anabsolute Frobenius element over p is any of these preimages, which we denote Frobp. Ifwe map Dp → GFp , then Frobp is only defined up to the kernel of this mapping, as it is apreimage. We call the kernel of this map the inertia group of p,

Ip = {σ ∈ Dp : xσ ≡ x (mod p) for all x ∈ Z}.Absolute Frobenius elements are essential to characterizing GQ:

Theorem 5. Let P be a finite set of rational primes. For each maximal ideal p lying over arational prime p /∈ P, choose an absolute Frobenius element Frobp. The set of such elementsis dense in GQ

A proof may be found in Chapter 9 of [DS05]. Even with the Krull topology, GQ is a largeand unwieldy group. Any given automorphism σ permutes the elements of infinitely manynumber fields simultaneously. We use Galois representations to simplify our problems.

Definition 2. Let d be a positive integer, let F be a field, and let d ∈ Z+. A d-dimensionalGalois representation is a continuous homomorphism

ρ : GQ −→ GLd(F ),

where GLd(F ) is the group of invertible d× d matrices with entries in F .

Mapping an abstract group into a matrix group is a common technique in group theory.See [FH91] for examples of representations of finite groups. Galois representations allow usto apply linear algebra to help analyze GQ. In particular, we can assign automorphismsmatrix invariants, such as determinant and trace. This is essential to our results in Section5.

We require Galois representations to be continuous because the topology on GQ carriesinformation about the subfields of Q that we want to preserve. Recall from linear algebrathat any given matrix only defines a linear transformation with respect to an establishedbasis. We can create a new transformation by changing the basis without changing theinformation carried in the matrix.

We say that two Galois representations ρ and ρ′ are equivalent if there exists an invertiblematrix m ∈ GL(F ) such that

ρ′(σ) = m−1ρ(σ)m

for all σ ∈ GQ. We denote equivalent representations by ρ ∼ ρ′.We will mostly be interested in Galois representations into vector spaces over Q`. Because

Frobp is only defined up to Ip, ρ(Frobp) is only well defined if Ip ⊂ ker ρ. We say that ρ isunramified at p if Ip ⊂ ker ρ for any p containing (p). Otherwise, ρ is ramified at p.

Let N ∈ Z+. Let φ be a group homomorphism

φ : (Z/NZ)× −→ C×15

A Dirichlet character modulo N is a function

χ : Z+ −→ C×

n 7−→

{φ(n) : gcd(n,N) = 1

0 : otherwise.

Because φ is a homomorphism, the only values χ can take are ϕ(N)th roots of unity and 0,as these are the only complex numbers with multiplicative order dividing ϕ(N). The trivialcharacter is given by the constant function

χ(n) ≡ 1.

Lemma 6. The set of homomorphisms

φ : (Z/NZ)× 7−→ C×

form a group with multiplication defined by

(φψ)(n) = φ(n)ψ(n).

This group is isomorphic to (Z/NZ)×.

This is presented as an exercise in Chapter 5 of [DF04]. This group is called the dualgroup of (Z/NZ)× and denoted

(Z/NZ)×.

We now construct an example of a Galois representation. Recall that for all N ,

Gal(Q(ζN)) ∼= (Z/NZ)×.

Let πN be the projection map

πN : GQ −→ Gal(Q(ζN)

σ 7−→ σ|Q(ζN .

Let χ be homomorphism

χ : (Z/NZ)× −→ C×

and φ be an isomorphism

ψ : Gal(Q(ζN) −→ (Z/NZ)×.

Then we have a group homomorphism ρχ = ψ ◦ φ ◦ πNρχ : GQ −→ C× = GL1(C).

Because the image of ρχ consists of finitely many points, to see that ρχ is continuous, weonly need to consider the inverse image of a single point. When ρ−1

χ (z) is nonempty, we havethat

ρ−1χ (z) = π−1

N ({σ1, . . . , σn | σi ∈ Gal(Q(ζN)})

=n⋃j=1

{(σi) ∈ GQ | σi|j = σj}

which is open in GQ. Therefore, ρχ is a Galois representation.16

For another example, recall from Section 2:

Q(ζ`∞) =∞⋃n=1

Q(ζ`n).

Let GQ,` = Aut(Q(ζ`∞)). In the same way we decomposed GQ, we can write GQ,` as aninverse limit:

GQ,` ∼= lim←−i∈Z

Gal(Q(ζ`i)) ∼= lim←−i∈Z

Z/`iZ = Z`.

Thus we can define the `-adic cyclotomic character of GQ by

χ` : GQ −→ Q×`σ 7−→ (mi)i∈Z

where ζmi`i

= σ(ζ`i). The following sections demonstrate applications of Galois representa-tions in the studies of modular forms and elliptic curves.

5. Modular Forms

In order to discuss modular forms, first we must define the modular group Γ and its groupaction on the upper half plane of C. For our purposes, Γ is defined to be the group ofmatrices {(

a bc d

)∣∣∣∣ a, b, c, d ∈ Z, det

(a bc d

)= 1

},

under the operation of matrix multiplication. Another name for this group is SL2(Z), thespecial linear group of degree 2 over Z. Be aware that other texts define the modular groupdifferently. For example, [Leh69] defines the modular group as the quotient space of SL2(Z)with the normal subgroup generated by

( −1 00 −1

).

The complex upper half plane is given by H = {z ∈ C | Im(z) > 0}. For γ =(a bc d

)∈ Γ

and z ∈ H, we define the linear fractional transformation of γ on z by(a bc d

)z :=

az + b

cz + d.

Note that (−1 00 −1

)z =−z−1

= z =

(1 00 1

)z,

which motivates the alternative definition of the modular group. There is the possibility fordivision by 0 that we must be careful about. If cz+d = 0, because z 6= 0, then c and d mustboth not be zero. If one was zero, then cz + d = 0 implies that the other would be zero,which contradicts det(γ) = 1. We can conclude that z = −d/c, a rational number, which isnot in H.

Allowing linear fractional transformation on the rationals requires us to formally define thepoint at infinity, which we write as ∞. For rational numbers x, we define linear fractionaltransformation as above, so long as cx + d 6= 0. Otherwise, we define γx = ∞. Linearfractional transformation won’t be a group action if we get stuck at ∞, so we also define(

a bc d

)∞ :=

a

c,

17

where again, if c = 0, we take a/0 to mean ∞. For our purposes, it is convenient to thinkof ∞ as lying infinitely far along the positive i axis above 0. Strictly speaking we are usingthe one point compactification of C. We will prove the following result.

Lemma 7. The group Γ acts on both H and Q ∪ {∞} by linear fractional transformation.

Proof. To show that linear fractional transformation is a group action on H, we first showthat Im(γz) > 0 for all γ ∈ Γ and z ∈ H. Let γ =

(a bc d

)∈ Γ and z = x + iy with x, y ∈ R

and y > 0. Then(a bc d

)z =

az + b

cz + d=

(ax+ b) + iay

(cx+ d) + icy=

((ax+ b) + iay

(cx+ d) + icy

)((cx+ d)− icy(cx+ d)− icy

).

Simplifying yields

[(ax+ b)(cx+ d) + acy2] + i[ay(cx+ d)− cy(ax+ b)]

(cx+ d)2 + (cy)2

The imaginary part of this complex number is given by

ay(cx+ d)− cy(ax+ b)

(cx+ d)2 + (cy)2=acxy + ady − acxy − bcy

(cx+ d)2 + (cy)2=

(ad− bc)y(cx+ d)2 + (cy)2

.

We have already shown that cz + d 6= 0. A similar argument holds for cz + d 6= 0. Since thedenominator is the sum of squares of real numbers and nonzero, it must be positive. As forthe numerator, note that ad − bc is the determinant of γ. By definition of Γ this is just 1.Because y > 0 and the denominator is positive, Im(γz) > 0.

We’ve already seen that the identity matrix satisfies(1 00 1

)z = z

for all z ∈ H. All that remains is to show that γ′(γz) = (γ′γ)z. Let γ =(a bc d

)and γ′ =

(e fg h

).

Then for any z ∈ H,

γ(γ′z) =

(e fg h

)[(a bc d

)z

]=

(e fg h

)az + b

cz + d=e(az+b

cz+d) + f

g(az+bcz+d

) + h.

Multiplying by cz+dcz+d

yields

aez + be+ cfz + df

agz + bg + chz + dh=

(ae+ cf)z + (be+ df)

(ag + ch)z + (bg + hf)=

(ae+ cf be+ dfag + ch bg + dh

)z = (γγ′)z.

Therefore, Γ acts on H.As for x ∈ Q ∪ {∞}, either γx is a rational number or γx =∞, so we land in the correct

set. The previous calculations will hold so long as x and(a bc d

)x are both not ∞. If x =∞,

then either c = 0 or c 6= 0. If the former, then(e fg h

)∞ =

e

g=ae

ag=

(ae+ 0f be+ dfag + 0g bg + dh

)∞

Otherwise, (e fg h

)a

c=e(a

c) + f

g(ac) + h

=ae+ cf

ga+ ch=

(ae+ cf be+ dfag + ch bg + dh

)∞.

18

If γx =∞ and x = mn

, then we must have cm+ dn = 0. Then,(ae+ cf be+ dfag + ch bg + dh

)m

n=

(ae+ cf)(mn

) + (be+ df)

(ag + ch)(mn

) + (bg + dh)=aem+ cfm+ ben+ dfn

agm+ chm+ bgn+ dhn.

Collecting the coefficients of e, f, g, and h yields

e(am+ bn) + f(cm+ dn)

g(am+ bn) + h(cm+ dn)=e(am+ bn)

g(am+ bn)=e

g=

(e fg h

)∞,

which is what we want. Note that am + bn cannot be zero. Otherwise, the vector (m,n)T

would be a nontrivial element of ker(γ), which contradicts det(γ) 6= 0. �

We say that two points z and w are Γ-equivalent if they belong to the same orbit underthe Γ-action. One consequence of this result is that all points of Q ∪ {∞} are Γ-equivalent.This is because we can write any rational number in lowest terms as m/n. Since m and nare relatively prime, the Euclidean Algorithm grants the existence of integers a and b suchthat am− bn = 1. Then the matrix (

m bn a

)∈ Γ

and we have (m bn a

)∞ =

m

n.

Since each rational number is Γ-equivalent to ∞ and Γ-equivalence is transitive, thereis exactly one Γ-equivalence class of Q ∪ {∞}. Note that if Γ′ is a subgroup of Γ, thenpoints that are Γ-equivalent may not be Γ′-equivalent. For example, consider the principalcongruence subgroup of level N ,

Γ(N) :=

{(a bc d

)∈ Γ

∣∣∣∣( a bc d

)≡(

1 00 1

)(mod N)

},

where matrix equivalence modulo N means a ≡ b ≡ 1 and b ≡ c ≡ 0 modulo N . Suppose∞ is Γ(3) equivalent to 2. Then for some a = 3m + 1 and c = 3n, with m and n ∈ Z, wefind that (

m bn a

)∞ = 2 =

a

c=

1 + 3m

3n,

which implies that

6n = 1 + 3m

3(2n−m) = 1

which is impossible. We conclude that Γ(3) has more orbits than Γ. We call the Γ′-orbits ofQ ∪ {∞} the cusps of Γ′.

If Γ′ is a subgroup of the modular group with finite index in Γ that also contains Γ(N),we say that Γ′ is a congruence subgroup of level N . If N is understood, we may also saythat Γ′ is a congruence subgroup. If we have integers M and N satisfying N |M , then

19

equivalence modulo M implies equivalence modulo N . Therefore Γ(M) ⊂ Γ(N). Thefollowing congruence subgroups are valuable to study.

Γ0(N) :=

{(a bc d

)∈ Γ : c ≡ 0 (mod N)

}Γ1(N) :=

{(a bc d

)∈ Γ : a, b ≡ 1 mod N ; c ≡ 0 (mod N)

}.

It is apparent that Γ(N) ⊂ Γ1(N) ⊂ Γ0(N). To study the orbits of this group action,we need to establish a good collection of orbit representatives. For any subgroup Γ′ of themodular group, a fundamental region for Γ′ is an open set RΓ′ ⊂ H∪{∞} such that no twopoints in RΓ′ are Γ′ equivalent and the closure of RΓ′ contains at least one point from eachorbit under Γ′.

We claim that every matrix in Γ may be written as a product in terms of the matrices

S =

(1 10 1

), T =

(0 −11 0

).

This result is given as an exercise in Chapter 1 of [DS05]. Notice that Sz = z + 1 andTz = −1/z. This allows us to choose representatives orbit under Γ. If z1 and z2 satisfy theconditions

−1

2< Re(zi) <

1

2, 1 < |zi|

then z1 and z2 cannot be Γ equivalent. We obtain a fundamental region of Γ,

RΓ =

{z ∈ H

∣∣∣∣ −1

2< Re(z) <

1

2, 1 < |z|

},

which is shown in Figure 1. Recal from Section 4 the definition of a Dirichlet character. Wemay now define a modular form.

Definition 3. Let k ∈ Z. Let χ be a Dirichlet character. Let Γ′ be a congruence subgroupof level N . A function f : H∪ {∞} → C is called a holomorphic modular form of weight k,level N , and Nebentypus χ if

(1) f is holomorphic on H,(2) f(γz) = χ(d)(cz + d)kf(z) for all γ =

(a bc d

)∈ Γ′

(3) f is holomorphic at the cusps of Γ′

The set of holomorphic modular forms is denoted Mk(Γ′, χ). Our first example of a

modular form is the constant function f(z) ≡ 0. If f and g ∈Mk(Γ′, χ) and w ∈ C, then for

all γ ∈ Γ we have that

wf(γz) = wχ(d)(cz + d)kf(z) = χ(d)(cz + d)kwf(z)

and

f(γz) + g(γz) = χ(d)(cz + d)kf(z) + χ(d)(cz + d)kg(z) = χ(d)(cz + d)k(f(z) + g(z))

That is, Mk(Γ′, χ) is a complex vector space.

20

Figure 1. A fundamental region for Γ.

Let k > 2 be an even integer. The Eisenstien series of weight k is given by

Gk(z) :=∑

(0,0)6=(m,n)∈Z2

1

(mz + n)k.(1)

We omit the proof that this sum converges to a holomorphic function, which is presented asan exercise in Chaper 1 of [DS05]. For all γ =

(a bc d

)∈ Γ′ we have that

Gk(γz) =∑

(0,0)6=(m,n)∈Z2

1

(m(a bc d

)z + n)k

=∑

(0,0)6=(m,n)∈Z2

1

(maz+bcz+d

+ n)k

=∑

(0,0)6=(m,n)∈Z2

1

(maz +mb+ cnz + nd)k

=∑

(0,0)6=(m,n)∈Z2

1

((ma+ cn)z + (mb+ nd))k.(2)

21

Because det(γ) = det(γT )=1, we find that the linear transformation A : Z2 → Z2 given by

A

(mn

)=

(a cb d

)(mn

)is invertible. That is, the sum in (2) is just a permutation of the summands from (1).

If f is holomorphic on H∪{∞}, it is convenient to make the coordinate change q = e2πiz.Because z = x+ iy ∈ H, we see that q = e−ye2πix is in the open unit disk

{w ∈ C | |w| < 1}.The function ez is 2πi periodic, so this coordinate change is bijective when we restrict to RΓ.We take q = 0 to correspond with z = ∞. Because f is holomorphic at ∞, we can write fas a power series in q,

f(z) =∑n≥0

a(n)qn; a : N→ C, z ∈ RΓ

Note thatqn = (e−ye2πix)n = e−nyen2πix = e−ny(cos(n2πx) + i sin(n2πx)).

We call the values of a(n) the Fourier coefficients of f .By taking a Fourier expansion of f at ∞, we can treat f as a formal power series in q.

Let K be a number field with ring of integers OK . The set of formal power series in q withcoefficients in OK is denoted by

OK [[q]] =

{∞∑n=0

a(n)qn | a(n) ∈ OK for all n

}.

We consider these power series abstractly, without any regard to convergance or domain.Let m be an ideal of OK [[q]]. For any f ∈ OK [[q]], we define the order of f with respect tom as

ordm(f) := min{n ∈ N | a(n) /∈ m},We also define ordm(f) := ∞ if a(n) ∈ m for all n. We say that two power series f and gare congruent modulo m if

ordm(f − g) =∞,or equivalently,

af (n) ≡ ag(n) (mod m) for all n,

where af (n) and ag(n) denote the Fourier coefficients of f and g respectively. We denotethis equivalence

f ≡ g (mod m).

If f =∑a(n)qn ∈ Mk(Γ0(N), χ) is a modular form whose Fourier coefficients lie in some

number field K, then we may consider f as an element of OK [[q]]. In this case, we can ruleout certain values of ordm(f), depending on the index of Γ0(N) in Γ and k, the weight of f .

Lemma 8. Let K be a number field with ring of integers OK. Let N > 0 and k ∈ Z. Let χbe a Dirichlet character. Let f(z) =

∑a(n)qn ∈ Mk(Γ0(N), χ) ∩ OK [[q]]. Suppose m is an

ideal of OK. If

ordm(f) >k

12[Γ : Γ0(N)]

then ordm(f) =∞.22

A proof of this lemma may be found in [Stu87]. Another way to phrase this result isthat there exists an integer M depending only on N and k such that if the first M Fouriercoefficients of f are elements of m, then all of the Fourier coefficients of f are in m. We willrevisit this lemma at the end of the section.

Different spaces of modular forms arise from replacing property (3) of holomorphic modularforms with other conditions. A weakly holomorphic modular form is allowed to have poles atthe cusps of Γ′. The set of weakly holomorphic modular forms of weight k for Γ′ is denotedM !

k(Γ′, χ). A cusp form must vanish at each cusp of Γ′. The set of cusp forms of weight k

for Γ′ is denoted Sk(Γ′, χ). When the character χ is the trivial character, we abbreviate the

notation as Mk(Γ′), M !

k(Γ′), and Sk(Γ

′), respectively. We have that

Sk(Γ′) ⊂Mk(Γ

′) ⊂M !k(Γ

′).

Recall that if N and M are integers and N |M , then Γ(M) ⊆ Γ(N). When we considerthe spaces of modular forms associated to these groups, the inclusion reverses. As Γ(N)contains more elements than Γ(M), any function that is modular of level N must meet morerestrictions. Therefore,

Mk(Γ(N)) ⊆Mk(Γ(M)).

For a given modular form f , we are interested in finding the least N such that f is modularof level N . This question can be answered by using a special class of linear operators onMk(Γ

′).

Definition 4. Let f(z) ∈ Mk(Γ0(N), χ) with Fourier coefficients a(n), n ≥ 0. Let p be arational prime. The Hecke operator Tk,N,χ(p) acts on f via

f(z)|Tk,N,χ(p) :=∑[

a(pn) + χ(p)pk−1a

(n

p

)]qn

where we define a(np) = 0 if n is not divisible by p.

This is extended to Tk,N,χ(n) for composite n as follows:

(1) For all ν ≥ 1, Tk,N,χ(pν+1) = Tk,N,χ(pν)Tk,N,χ(p)− χ(p)pk−1Tk,N,χ(pν−1)(2) If (m,n) = 1, then Tk,N,χ(mn) = Tk,N,χ(m)Tk,N,χ(n).

The theory of Hecke operators is covered in great detail by [DS05]. If there exists λ ∈ Csuch that

f(z)|Tk,N,χ(n) = λf(z),

then we say that f is an eigenform of Tk,N,χ(n). A newform is a cusp form f ∈ Sk(Γ′, χ)that is an eigenform ofl Tk,N,χ(n) for all n and has a(1) = 1. The latter requirement allowsus to select representatives of newforms. The set of newforms of weight k, level N , andNebentypus χ is denoted Snew

k (Γ0(N), χ). It can be shown that Sk(Γ0(N), χ) always has afinite basis of newforms {f1, f2, . . . fd}. Specifically, every cusp form f ∈ Sk(Γ′, χ) may bewritten as a finite sum

f(z) =∑

α(i, δ)fi(δ),

where δ ranges over the set of integral divisors of N . This is demonstrated in chapter 5 of[DS05]. In order to provide interesting results involving Galois representations, we next citetheorems whose proofs are beyond the scope of this paper.

23

Theorem 6. Let f =∑a(n)qn ∈ Snew

2 (Γ1(N)) be a newform.

(1) The Fourier coefficients of f are algebraic integers.(2) Q({a(n) | n ≥ 0}) is a number field. We denote this field Kf .(3) For all n,

f |Tk,N,χ(n) = a(n)f(z).

The proof comes from manipulating Hecke operators, which is given in [DS05]. These areused to construct a Galois representation associated to a newform.

Theorem 7. Let f ∈ S2(N,χ) be a newform with number field Kf . Let ` be prime. Thenfor each maximal ideal (λ) ⊃ (`) of OKF , there is a two dimensional Galois representation

ρf,λ : GQ −→ GL2(Kf,λ)

The proof of this theorem may be found in Chapter 9 of [DS05], which goes beyond thescope of this paper.

Theorem 8. Let f(z) ∈ Snewk (Γ0(N), χ) be a newform with

f(z) =∞∑n=1

a(n)qn.

Let F be a number field containing the Fourier coefficients a(n) and the values of χ. If (m)is an ideal of OF with norm M , then there is a Galois representation

ρ : GQ → GL2(OK/mOK)

such that

(1) ρ is unramified at all primes p -MN , and(2) for every prime p -MN,

Tr(ρ(Frobp)) ≡ a(p) (mod m).

That is, the coefficients of newforms are determined modulo m by the trace of the Frobeniuselements Frobp. A proof of this may be found in [Ser76]. We will also need a result regardingprime numbers. Let P be the set of all prime numbers. Suppose P is a subset of P. Thenwe say that P contains a positive proportion of primes if

limn→∞

|{p ∈ P | p < n}||{p ∈ P | p < n}|

> 0.

This implies that P contains infinitely many primes.

Theorem 9. (The Tchebotarev Density Theorem) Let σ ∈ GQ. Then the set

{p ∈ P | τFrobpτ−1 = σ for some τ in GQ}

contains a positive proportion of primes.

Proof of this theorem is given in Chapter 8 of [Mar91]. With these ingredients, we areable to close the section by proving a theorem first demonstated by J.P. Serre, adapting theproof from [Tre06].

24

Theorem 10. Let k ∈ Z and N ∈ Z+, and let χ be a Dirichlet character modulo N . Supposethat F is a number field with ring of integers OF , and let m be an ideal of OF with normM . Then a positive proportion of the rational primes p satisfying p ≡ −1 modulo MN alsosatisfy

f(z)|Tk,N,χ(p) ≡ 0 (mod m)

for all cuspforms f ∈ Sk(Γ0(N), χ) with Fourier coefficients in OF .

Proof. Let f1, f2, . . . , fd be a basis of newforms for Sk(Γ0(N), χ), with Fourier expansions at∞ given by

fi(z) =∞∑n=1

ai(n)qn.

Suppose that K is a finite field extension of F containing the set

{ai(n) | 1 ≤ i ≤ d, n ∈ Z+}⋃{χ(n) | n ∈ Z+}.

Let Sk(Γ0(N), χ)OF /m be the set of equivalence classes of cusp forms Sk(Γ0(N), χ)∩OF [[q]] re-duced modulo m. For each g(z) ∈ Sk(Γ0(N), χ)OF /m, we may choose an hg(z) ∈ Sk(Γ0(N), χ)with coefficients in OF such that

hg(z) ≡ g(z) (mod m).

Because K is a number field, m has finitely many cosets. Lemma 8 implies that for g(z) notcongruent to 0 modulo m,

ordm(hg) ≤k

12[Γ : Γ0(N)].

That is, there are only finitely many equivalence classes in Sk(Γ0(N), χ)OF /m and only finitelymany hg. Write each hg in terms of the basis {f1, . . . , fd}

hg(z) =d∑i=1

α(i, δ)fi(δz).

Using Theorem 6, the coefficients α(i, δ) are algebraic numbers. Since there are finitelymany g(z), there are only finitely many α(i, δ). Then we may extend K to contain all theα(i, δ). Because every algebraic number α is the ratio of two algebraic integers, there existsan algebraic integer D such that αD is also an algebraic integer. Moreover, we may assumethat D is a rational integer by replacing D with NK(D). Applying this processes to eachα(i, δ) there exists a nonzero integer C =

∏C(i, δ) such that Cα(i, δ) ∈ OK for all α(i, δ).

Let m′ = (C)m and M ′ = CM . Since the fi(z) are newforms, if p - N then

fi(δz)|Tk,N,χ(p) = ai(p)fi(δz)

for each i and δ. Then

hg(z)|Tk,N,χ(p) =d∑i=1

∑δ|N

α(i, δ)ai(p)fi(δiz).

Since each f(z) ∈ Sk(Γ0(N), χ) is congruent modulo m to one of the hg(z), it is sufficient toshow that a positive proportion of primes p ≡ −1 modulo MN also satisfy ai(p) ≡ 0 modulom′ for each i. For each i, Theorem 8 implies the existence of a Galois representation

ρi : GQ → GL2(OK/m′OK),25

unramified outside M ′N , such that

Tr(ρ(Frobp) ≡ ai(p) mod m′

for each p -M ′N . Consider ζMN . Define a homomorphism

φ : GQ −→ (Z/MNZ)×

σ 7−→ a

where σ(ζMN) = ζaMN . Now take the direct sum

ρ := φ⊕d⊕i=1

ρi : GQ → (Z/MNZ)× ⊕d⊕i=1

GL2(OK/m′OK).

Let H be the kernel of ρ and let E be the fixed field of H. Since H is normal and closedin GQ, the extension E/Q is Galois and Gal(E) ∼= GQ/H is isomorphic to the image of ρ,which is finite. Therefore E is a number field and ρ factors through Gal(E). The restrictionρ|E must also be unramified outside of M ′N .

Let c ∈ Gal(E) be the automorphism c(α) = α. Then ρi(c) is conjugate to the matrix(1 00 −1

)for each i, so Tr(ρi(c)) = 0. The Tchebotarev density theorem implies that there is a positiveproportion of primes p -M ′N such that Frobp is conjugate to c in GQ. For each such p,

ai(p) ≡ Tr(ρi(Frobp) ≡ Tr(ρi(c)) ≡ 0 (mod m′)

for each i. Now Frobp|Q[ζ] : ζ → ζp, so φ(Frobp) = p. But φ(c) = ζ−1, so ε(c) = −1. SinceFrobp is conjugate to c, we have p ≡ −1 mod MN , which is what we want. �

6. Elliptic Curves

In order to discuss elliptic curves, we must first define the projective plane. Let F be anyfield. We will most often use C, but thinking of the field as R can be more geometricallyintuitive. For more detail, see Appendix C of [LR11] or Appendix A of [ST92]. We makethe convention that F 3 consists of points (X, Y, Z) while F 2 consists of points (x, y). Definea relation on F 3\{(0, 0, 0)},

(X, Y, Z) ∼ (λX, λY, λZ); λ ∈ F\{0}.Intuitively, (X1, Y1, Z1) is related to (X2, Y2, Z2) if and only if the two points lie on a linethrough the point (0, 0, 0). Showing that ∼ is an equivalence relation amounts to showingthat F\{0} contains 1 and is closed under multiplication and division. Because F is a field,this is trivial. The set of such equivalence classes is called the projective plane over F andis denoted by P2(F ). If the field F is fixed, then we abbreviate this either as the projectiveplane or symbolically as P2.

The equivalence classes in P2 are denoted by [X : Y : Z]. In order to minimize jargon,we continue to refer to these classes as points in homogeneous coordinates, or just points forshort. Note that any point can be represented with different coordinates. For example,

[1 : 2 : 3] =

[1

3:

2

3: 1

].

26

Note that [0 : 0 : 0] is not a point on the projective plane.Any ordered pair (x, y) ∈ F 2 can be viewed uniquely as the point [x : y : 1] in the

projective plane. If [x : y : 1] = [X : Y : 1], because the Z coordinates of these points areboth 1, we can conclude that (X, Y ) = (x, y).

On the other hand, if Z 6= 0, the points [X : Y : Z] and [X/Z : Y/Z : 1] are identical.Points in the set

{[X : Y : Z] | Z 6= 0}may be uniquely represented as ordered pairs (X/Z, Y/Z), as scaling X, Y, and Z has noeffect on the new coordinates. Therefore, this set is a copy of F 2 sitting in the projectiveplane. We call the set {[X : Y : 1] ∈ P2} affine space. The remaining points have the form[X : Y : 0]. These are called points at infinity.

In Euclidean geometry, we are interested in finding rational points on curves, i.e., points(x, y) ∈ Q2. Identifying rational points in homogeneous coordinates takes an extra step,though. For example, a point can have irrational coordinates when written as [

√2 :√

8 : 0]and rational coordinates as [1 : 2 : 0]. We say that a point [X : Y : Z] ∈ P2(C) is rational ifthere exists a nonzero λ such that λX, λY, and λZ are all rational numbers. More generally,if F is a subfield of C, a point [X : Y : Z] is in the set P2(F ) if there exists nonzero λ suchthat λX, λY, and λZ ∈ F .

To study the geometry of the projective plane, we can lift structures up from the Euclideanplane F 2. If p(x, y) is a polynomial with coefficients in F , then we say p gives rise to thecurve

C = {(x, y) ∈ F 2 | p(x, y) = 0}.This is denoted by C : p(x, y) = 0. A set of the form p−1(0) is also called a zero locus.We can associate the algebraic properties of the polynomial p to C. We claim that F [x, y]is a unique factorization domain, which is proven in Chapter 9 of [DF04]. Therefore anypolynomial factors uniquely (up to multiplication by a constant) as

p(x, y) =n∏i=1

pi(x, y),

where pi is an irreducible polynomial for all i. Then if C is the curve associated to p, we saythat the irreducible components of C are the curves Ci associated to the pi. Because a point(x, y) ∈ C satisfies p(x, y) = 0 and F is a field, it follows that pi(x, y) = 0 for some i. Thenwe have that

C = ∪ni=1Ci.

If C has one irreducible component, or equivalently if p is irreducible, then we say that C isirreducible. If C1 and C2 are curves with distinct irreducible components we say that theyhave no common components.

For polynomials in multiple variables, the total degree of a term is the sum of the degreesfor each variable separately. For example, in two variables, the degree of xmyn is m+n. Thedegree of p is just the maximum of the total degrees of its terms. If deg(p) = 1 , then callC : p(x, y) = 0 a line. If deg(p) = 2, then C is a quadratic. If deg(p) = 3 then C is a cubicand the pattern follows as in elementary geometry.

We must establish how to evaluate polynomials on projective points before we can studythe curves they generate. For example, let p(X, Y, Z) = Y 2 − X3. Then for the point[1 : 1 : 1] = [2 : 2 : 2], we find that p([X : Y : Z]) is not well defined. It could be 0, -2, or

27

one of infinitely many other choices. To avoid this, we restrict our attention to homogeneouspolynomials. A homogeneous polynomial is any polynomial where each term has the sametotal degree. A homogeneous polynomial of degree N has the form

p(X, Y, Z) =∑I∈I

αIXnXY nY ZnZ .

In the summation above, we multi-index the terms to conserve space. That is, the index Iis actually the ordered triple (nX , nY , nZ) coming from the finite set

I = {I = (nX , nY , nZ) ∈ N | nX + nY + nZ = N}.

Then for any nonzero λ ∈ F , we have that

p(λX, λY, λZ) =∑I∈I

αI(λX)nX (λY )nY (λZ)nZ

=∑I∈I

λ(nX+nY +nZ)αIXnXY nY ZnZ

=∑I∈I

λNαIXnXY nY ZnZ

= λN∑I∈I

αIXnXY nY ZnZ

= λNp(X, Y, Z).

That is, if P = [X : Y : Z] is a point on the projective plane and p(X, Y, Z) = 0, we cansay that p(P ) = 0 regardless of the choice of X, Y and Z. (Hence the name homogeneouscoordinates.) So the set C = {[X : Y : Z] | p(X, Y, Z) = 0} is well defined. Note thatthis does not work if we try to solve p(X, Y, Z) = α 6= 0, but we only care about thezeros of p anyway. We call the curve C ⊂ P2 a projective curve. Again, we write this asC : p(X, Y, Z) = 0.

Just as in the Euclidean case, we label C according to the degree of p. Consider thepolynomial

p(X, Y, Z) = Z.

Note that any polynomial with a single term is homogeneous by default. This defines thecurve C = {[X, Y, Z] | Z = 0}, which is the collection of points at infinity. Because deg(p) =1, the points at infinity all lie on a projective line, called the line at infinity.

If C is a curve given by the polynomial p(x, y) in F 2, we can find a corresponding curvein the projective plane by homogenizing p. First, replace x and y in the expression of p withX/Z and Y/Z respectively. Then multiply by ZN , where N is the degree of p. This processyields p(X, Y, Z), which is a homogeneous polynomial in X, Y, and Z of degree N . Moreexplicitly, if p is a degree N polynomial,

28

p(x, y) =∑

aijxiyj

p

(X

Z,Y

Z

)=∑

aij

(X

Z

)i(Y

Z

)jZNp

(X

Z,Y

Z

)= ZN

∑aij

(X

Z

)i(Y

Z

)j=∑

aijXiY jZN−i−j

=: p(X, Y, Z)

Note that for [X : Y : 1] in affine space, p(X, Y, 1) = p(X, Y ), so the curve C defined by pin the projective plane passes through the affine points that correspond to C in F 2. We takethis as grounds to relax the notation, writing points [X : Y : 1] in affine space as (X, Y ).

In affine space, the line between two points (a1, b1) and (a2, b2) is given by

C : −(b2 − b1)x+ (a2 − a1)y + [a1(b2 − b1)− b1(a2 − a1)],

which comes from manipulating the point-slope formula. For any two points P1 and P2 inP2, with

Pi = [Ai : Bi : Ci]

the projective line passing between P1 and P2 is given by the curve

C : [B1(C2 − C1)− C1(B2 −B1)]X

+[C1(A2 − A1)− A1(C2 − C1)]Y

+[A1(B2 −B1)−B1(A2 − A1)]Z = 0.

We verify this formula by evaluating the coordinates of P1 and P2. Note that we have notproven that C is the only line passing through P1 and P2. So even in cases where our intuitionfails, such as P2(C) or P2(Z/`Z) we can still work from a purely computational point of view.

Let p1(x, y) = ax + by + c1 and p2(x, y) = ax + by + c2, where c1 6= c2 and not both ofa and b are zero. Then their associated projective lines C1 and C2 do not intersect in F 2.However, when we move to projective space, we can find a point of intersection. Let Z = 0.Then we have

aX + bY + cZ = aX + bY + dZ = 0

which implies that

aX + bY = 0.

Either X = (−b/a)Y , or Y = (−a/b)X, depending on whether a or b is zero. In either case,we have a solution that is a point at infinity, [−b/a : 1 : 0] or [1 : −a/b : 0]. Note that ifboth a and b are both nonzero, this is the same point. Therefore, any two parallel projectivelines meet at a point at infinity. Moreover, the point of intersection is unique.

When solving p1 − p2 = 0, it may be the case that p1 − p2 has repeated roots. Consider atangent intersection. Let p1(x, y) = y − x2 and p2(x, y) = y − 2x− 1. Then we see that

p1(x, y)− p2(x, y) = y − x2 − y + 2x+ 1 = −x2 + 2x+ 1 = −(x− 1)2

29

If P = (x, y) is a root of p1 − p2, then the curves generated by p1 and p2 intersect at P .Note that if these curves are tangent to one another at P , then P will be a double root ofp1 − p2. In general, if P occurs as a root p1 − p2 with n times, then we say that C1 and C2

intersect at P with multiplicity n. In the example above, C1 and C2 intersect at (1, 1) withmultiplicity 2.

It is no accident that the intersection a line with another line (defined by polynomialsof degree 1) is exactly one (1 × 1) point. Note that this only holds as long as the linesare not identical, i.e., they do not share a component. More generally, if C1 and C2 have acommon component, then their intersection is much larger than if they did not have commoncomponents. We state without proof the following theorem.

Theorem 11. (Bezout’s Theorem) Let C1 : p1(x, y) = 0 and C2 : p2(x, y) = 0 be projectivecurves over an algebraically closed field F with no common components, where p1 and p2 havedegree d1 and d2 respectively. Then C1 and C2 intersect at d1d2 points counting multiplicity.

A proof is outlined in Appendix A of [ST92], along with more advanced intersection results.As a corollary, the line L1 passing between two points in projective space is unique, since anyother line L2 passing through the same points must share a component with L1. Becausepolynomials of degree 1 have only one irreducible factor, we find that L1 = L2. Note thatthe intersection of a cubic and a line that have no common components consists of exactlythree points in the projective plane, counting multiplicity. We are ready to define ellipticcurves.

Let p(x, y) be a cubic polynomial in Q[x, y]. An elliptic curve E over Q is the projectivecurve C in P2(Q) given by the homogenization of p. The expression E/Q is shorthand for“E is an elliptic curve over Q.” An elliptic curve is smooth if the tangent vector does notvanish, i.e., (

∂p

∂x,∂p

∂y

)6= (0, 0).

If E is smooth and there exists a rational point O on E, we can then take advantage ofBezout’s theorem to define a group structure on the points of E. For two points P and Q,the line PQ must intersect E at a third point, which we call P ∗ Q. We can repeat thisprocess with the points O and P ∗Q. Then P +Q is defined to be O∗(P ∗Q). If P = Q, thenwe take PP to be the line tangent to E at P . This is the reason we are restricted to smoothelliptic curves. Note that because any line intersects E in only three points, O∗(P ∗O) = P .That is, O is the identity element. We call it the origin. A proof that + is associative andadditional details are available in Chapter 1 of [ST92].

We say that two elliptic curves E : p(X, Y, Z) = 0 and E ′ : p′(X, Y, Z) = 0 with ori-gins O and O′ respectively are birationally equivalent if there exists an invertible change ofcoordinates φ : P2 → P2

[X ′ : Y ′ : Z ′] = P ′ = f(P )

X ′ = fX(X, Y, Z)

Y ′ = fY (X, Y, Z)

Z ′ = fZ(X, Y, Z)

30

Figure 2. Addition on an elliptic curve viewed in R2.

where fX , fY , and fZ are rational functions in X, Y, and Z such that O′ = f(O) andp′(f(P )) = 0 if and only if p(P ) = 0. Thus, we can simplify a polynomial using a change ofvariables without disturbing its geometric structure.

If F is a field with characteristic different from 2 and 3, the expression of an elliptic curveE/F can be simplified to the form

E : y2 = x3 + ax2 + bx+ c.

The specifics are explained in [ST92]. An equation in this form is called a Weierstraussequation. In this form, E being smooth is equivalent to p(x) having no repeated roots. Thehomogenized form of E is given by

E : Y 2Z = X3 + AX2Z +BXZ2 + CZ3

We can see that a curve given in Weierstrauss form has a unique point at infinity: [0 : 1 : 0].Since this is a rational point, any elliptic curve in Weierstrauss form has the group structureoutlined above, where we take O to be [0 : 1 : 0]. Recall that [0 : 1 : 0] = [0 : λ : 0] for allnonzero λ ∈ F . In affine space, we can think of O as sitting infinitely far from (0, 0) in they direction. Further, for any P 6= O, we can assume P has the form [X : Y : 1]. ThereforeP can be expressed in affine coordinates as (X, Y ).

We claim that a point P = (X, Y ) = [X : Y : 1] in affine coordinates is in E(F ) if andonly if X and Y ∈ F . Clearly if X and Y are in F then P ∈ E(F ). As for the converse,suppose there exists nonzero t such that tX, tY , and tZ ∈ F . As Z = 1, we have that t ∈ F .Then both X and Y ∈ F .

When an elliptic curve is given by a Weierstrauss equation, we can find explicit formulasfor the group law. If P = (x1, y1) and Q = (x2, y2) are points on E with P 6= Q then the

31

line passing between P and Q is given by

y = λx+ ν,

where

λ :=

(y2 − y1

x2 − x1

), ν := y1 − λx1.

Note that if x2 = x1, then either P = −Q or P = Q. In the former case, we knowthat P − P = O and forgo any further derivation. The latter is excluded by assumption.Substituting the right hand side of this equation for y in the Weierstrauss equation yields

y2 = (λx+ ν)2 = x3 + ax2 + bx+ c,

which reduces to

0 = x3 + (a− λ2)x2 + (b− 2λν)x+ (c− ν2) = (x− x1)(x− x2)(x− x3).

The third root of this cubic, x3 is the x coordinate of P +Q in affine coordinates. Equatingthe coefficients of the x2 term gives

λ2 − a = x1 + x2 + x3

Therefore we conclude that

P +Q = (λ2 − a− x1 − x2, λx3 + ν).

To find the affine coordinates of P + P , we must use implicit differentiation. Replacing λabove with

∂x

∂y=

3x2 + 2ax+ b

2y

yields the formula for the x coordinate of P + P ,

x3 =x4 − 2bx2 − 8cx+ b2 − 4ac

4x3 + 4ax2 + 4bx+ 4c.

Similar formulas may be derived for the y coordinates, which may be found in [ST92] Forany field K ⊂ C we define the set E(K) = {[X : Y : Z] ∈ P2(K) | p(X, Y, Z) = 0]}. Becausethe point addition formulas are rational functions of x and y, we find that E(K) is a ofE(C). When F is a Galois number field, we have the following result.

Lemma 9. If F is a Galois number field and E/Q is an elliptic curve in Weierstraussform, then Gal(F ) acts on E(F ). Moreover, for all points P and Q ∈ E(F ), we have thatσ(P +Q) = σ(P ) + σ(Q). If P has order N , then σ(P ) has order N .

Proof. For σ ∈ Gal(F ) and P ∈ E(F ) define

σ(P ) :=

{(σ(x), σ(y)) : P = (x, y)

O : P = O.

To show σ(P ) ∈ E(F ), it suffices to show that σ(P ) satisfies the Weierstrauss equation. Thisholds trivially for O. For P 6= O, we find that

σ(y2) = σ(x3 + ax+ c)

(σ(y))2 = (σ(x))3 + aσ(x) + c

32

Figure 3. Repeated roots in f(x) give rise to singular curves y2 = f(x).Viewed in R2.

Because F is Galois, σ(x) and σ(y) ∈ F . Observe that the identity automorphism fixes xand y. Suppose σ and τ ∈ Gal(F ). Then for P 6= O,

τ(σ(P )) = τ((σ(x), σ(y))) = (τ(σ(x)), τ(σ(y)))

= ((τ ◦ σ)(x), (τ ◦ σ)(y)) = (τ ◦ σ)(P )

Recall that the point addition formula is a rational function of x1, x2, y1 and y2, whetherP 6= Q or P = Q. Writing x3(x1, x2, y1, y2) and y3(x1, x2, y1, y2) as rational functions ofthese coordinates, we see that

σ(P +Q) = (σ(x3(x1, x2, y1, y2)), σ(y3(x1, x2, y1, y2)))

= (x3(σ(x1), σ(x2), σ(y1), σ(y2)), y3(σ(x1), σ(x2), σ(y1), σ(y2)))

= σ(P ) + σ(Q)

Note that if x1 = x2 then σ(x1) = σ(x2). That is, σ(P + Q) and σ(P ) + σ(Q) are derivedusing the same formula. Again, cases involving O are trivial. �

We must introduce additional structure in order to study the torsion points of E. Let ω1

and ω2 be complex numbers that are linearly independent over R with ω1/ω2 ∈ H. A latticein C is the additive group

Λ := ω1Z⊕

ω2Z = {n1ω1 + n2ω2 | n1, n2 ∈ Z},

which is a subgroup of (C,+). The quotient group C/Λ is called a complex torus. For anyz ∈ C, the Weierstrauss ℘-function is given by

33

Figure 4. If f(x) has distinct roots, then E : y2 = f(x) is a smooth ellipticcurve. Viewed in R2.

℘(z) :=1

z2+∑

06=ω∈Λ

(1

(z − ω)2− 1

ω2

).

Clearly ℘ has poles of order 2 at all z ∈ Λ. We omit the proof that this sum convergesuniformly to a holomorphic function on compact subsets of C/Λ , which is outlined in Chapter1 of [DS05]. We can therefore find its derivative is found by differentiating termwise:

℘′(z) = −2∑ω∈Λ

1

(z − ω)3

Note for any ω′ ∈ Λ, we may rewrite ((z + ω′) − ω) = (z − (ω − ω′)), which only permutesthe summands. Therefore, ℘(z + ω) = ℘(z) and ℘′(z + ω) = ℘′(z) for any z ∈ C\Λ. Recallthe Eisenstein series introduced in Section 5:

Gk(z) =∑

(0,0)6=(c,d)∈Z

1

(cz + d)k; k > 2 even, z ∈ H.

Generalize Gk as a function of lattices,

Gk(Λ) =∑

06=ω∈Λ

1

ωk; k > 2 even.

We see that Gk(z) = Gk(Λ) for Λ = zZ⊕

1Z. For z /∈ Λ,

(℘′(z))2) = 4(℘(z))3 − g2(Λ)℘(z)− g3(Λ),

34

Figure 5. Points with order dividing 2 on a complex torus.

where g2(Λ) := 60G4(Λ), and g3(Λ) := 140G6(Λ).This is proved in [DS05] by analyzing the asymptotic behavior of ℘ and ℘′. We conclude

that (℘′(z), ℘(z)) is a point on the elliptic curve E : y2 = 4x3 − g2(Λ)x− g3(Λ). Conversely,suppose that E : y2 = 4x3 − ax = c is a smooth elliptic curve. We claim that the modularfunction j : H → C given by

j(z) :=1728(g2(z))3

(g2(z))3 − 27(g3(z))2,

is surjective. Then there exists a z ∈ H such that

1728(g2(z))3

(g2(z))3 − 27(g3(z))2=

a3

a3 − 27c2.

Careful manipulation of this equation yields the lattice we are looking for. Additional detailsare available in Chapter 1 of [DS05]. Thus, complex tori give rise to smooth elliptic curves,and every smooth elliptic curve gives rise to a complex torus. Note that each of theseconstructions is a group. Again, [DS05] explains why mapping these groups to each other isan isomorphism.

As E is an abelian group, we may view it as a Z module. For any point P ∈ E(C) and anypositive N ∈ Z, define the operation NP via repeated addition, i.e., 3P := P + P + P . Weextend to nonpositive integers by defining −NP := N(−P ), where −P denotes the additiveinverse of P with respect to the group action, and 0P := O. The N-torsion subgroup of E isgiven by

E[N ] := {P ∈ E(C) : NP = O}.Because E is abelian it is easy to verify that E[N ] is a subgroup of E. By moving from Eto its associated complex torus, we can find that E[N ] is isomorphic to (Z/NZ)2. Considerthe parallelogram defined by ω1 and ω2 in C. We can view addition in C/Λ as addition in Cfollowed by the quotient map φ : C→ C/Λ.

35

Lemma 10. If (x, y) ∈ E[N ], then both x and y are algebraic numbers. Moreover, ifE[N ] = {O, (x1, y1), . . . , (xm, ym)} then the field extension Q(E[N ]), defined as

Q(E[N ]) := Q(x1, . . . , xm, y1, . . . , ym)

is a Galois number field.

A proof is given in Chapter 6 of [ST92]. Fix ` a prime. Then for all i ≤ j ∈ Z+, we havea natural mapping µij : E[`j]→ E[`i] given by

µij(P ) := `j−iP.

Here we view multiplication by `j−i in the group E. It is apparent that µijµjk = µjk for alli ≤ j ≤ k. We also have µii = id as multiplying by 1 fixes E pointwise. Then the groupsE[`n] indexed over n meet the requirements for defining an inverse limit.

Let E be an elliptic curve over Q and let ` be prime. Then the `-adic Tate module of Eis the inverse limit

Ta`(E) := lim←−n

E[`n].

For each n, we know that E[`n] ∼= Z/`nZ2. Therefore, we can choose an ordered basis(Pn, Qn) for E[`n]. We make the restriction that for all n,

`Pn = Pn−1, `Qn = Qn−1.

Each choice of basis (Pn, Qn) gives an isomorphism

φn : E[`n] −→ (Z/`nZ)2

anPn + bnQn 7−→ (an, bn).

Therefore, we find that the mapping

φ : Ta`(E) −→ Z2`

(anPn + bnQn)n∈Z+ 7−→ ((an, bn))n∈Z+

is an isomorphism. For each n, we have that Q(E[`n]) is a Galois number field. Moreover,we have seen that Q acts on E[`n]. Specifically, for P ∈ E[`n], we have that

σ(`P ) = `σ(P ) ∈ E[`n−1]

for all σ ∈ GQ. Therefore we may define the action of σ on tuples

σ((an)n∈Z+) := (σ(an))n∈Z+ ,

which is an automorphism of Ta`(E). The choice of ordered basis (Pn, Qn) determines anisomorphism

Aut(E[`n])) −→ GL2(Z/`nZ),

which gives us the isomorphism

Aut(Ta`(E)) −→ GL2(Z`) ⊂ GL2(Q`).

Taken together, we have constructed a map

ρE,` : GQ −→ GL2(Q`).

We claim that ρE,` is continuous, which is given in Chapter 9 of [DS05]. Therefore, ρE,` is aGalois representation. With this representation and ρf,λ from the previous section, we maynow state the Modularity Theorem.

36

7. The Modularity Theorem

We began the paper by outlining the basics of algebraic number theory. In order to studythe algebraic numbers, we examined finite degree field extensions of Q. The elements of sucha field F share their minimal polynomials with their conjugates, which allowed us to definea norm on F and study divisibility of elements and ideals in the ring of integers OF . Asa finite degree field extension, F is the perfect candidate for applying Galois theory, whichdetermines the subfields of F .

We moved on to study Q as an infinite degree field extension of Q. In order to buildup tools analogous to the previous setting, we started with the automorphism group of Q.Using the inverse limit construction, we can decompose these automorphisms as elementsof the Galois groups of Galois number fields. This allowed us to topologize GQ such thatthe open and closed sets were related to the field structure of Q. To simplify our study ofthis automorphism group, we constructed Galois representations, which are just continuoushomomorphisms of GQ into matrix groups.

We developed everything after this point in order to demonstrate the usefulness of Galoisrepresentations as a tool. In the study of modular forms, every newform has a Fourierexpansion

f(z) =∞∑i=1

a(n)qn,

where the coefficients a(n) are algebraic numbers. When we examined the values of a(n)with Galois representations, we found extraordinary congruence results. In elliptic curves,we started by defining a geometric group structure on the zero locus of

y2 = x3ax2 + bx+ c.

For any field F ⊂ C, the set of ordered pairs in F 2 on the elliptic curve formed a subgroup thatis preserved by field automorphisms on the coordinates. This provided another opportunityto construct Galois representations.

It is no accident that both modular forms and elliptic curves give rise to Galois repre-sentations. One of the great feats of mathematics in the 20th century was the proof of theModularity Theorem. Generally speaking, the theorem states that all elliptic curves overQ inherit properties from specific modular forms. Although it is well beyond the scope ofthis already ambitious paper to give a proof of the Modularity Theorem, we would like toconclude with an overview.

What is now called the Modularity Theorem began in the 1950s as the Taniyama-Shimura-Weil conjecture. It involves many fields, including algebraic geometry, analysis and numbertheory. There are many equivalent statements of the Modularity Theorem, the differencebetween statements being the type of structure linking the modular forms to the ellipticcurves. Our labels for the statements of the Modularity Theorem are taken from [DS05].

The famed proof of Fermat’s Last Theorem by Andrew Wiles is actually a corollary to his1995 proof of a special case of the Modularity Theorem. (The general theorem was provedin 2001 by Breuil, Conrad, Diamond, and Taylor working in collaboration.) According to[ST02], Wiles was only able to make the bulk of his progress after working in isolation forseven years.

37

The version that Wiles proved is phrased in the language of Galois representations. Toassociate arbitrary Galois representations to those arising from modular forms, we definemodular Galois representations.

Definition 5. An irreducible Galois representation ρ : GQ → GL(Q`) with det ρ = χ` iscalled modular if there exists a newform f ∈ S2(Γ0(Mf )) such that Kf,λ = Q` for somemaximal ideal λ of OK lying over ` and that ρf,λ ∼ ρ.

Recall that ρ and ρf,λ are equivalent if for a fixed matrix m we have that, m−1ρf,λm = ρ.In other words, ρ(GQ) and ρ′(GQ) are conjugate subgroups.

Theorem 12. (Modularity Theorem, version R) Let E be an elliptic curve over Q. ThenρE,` is modular for some `.

According to [DS05], Andrew Wiles was able to prove the preceding theorem in the specialcase where E is semistable. An elliptic curve E : y2 = p(x) is semistable if whenever an oddprime p divides the discriminant of E, only two of the roots of p(x) are congruent modulop. The adventurous reader can find his result spread between [Wil95] and [TW95].

Theorem 13. (Modularity Theorem, strong Version R) Let E be an elliptic curve overQ with conductor N . Then there exists a newform f ∈ S2(Γ0(N)) with rational Fouriercoefficients such that

ρf,` ∼ ρE,`

for all `.

Consider the equation xn + yn = zn. If n = st is composite, and a, b and c are a nontrivialsolution, then as, bs and cs is a solution of the reduced equation xt + yt = zt. Therefore, itis sufficient to prove Fermat’s Last Theorem for odd prime powers. The proof of Fermat’sLast Theorem is a contradiction proof. We adapt the summaries as presented in [DS05] and[ST02]. Let p be an odd prime and suppose there exist nonzero integers a, b and c with nocommon factor such that

ap + bp = cp.

Either c ≡ 1 or c ≡ 0 modulo 2. If c ≡ 1, then a and b cannot both be odd. In this casewe may assume b is even. Otherwise, if c ≡ 0, then because p is odd we may rearrange theequation

ap + (−c)p = (−b)p

and relabel b and c. Therefore, we may assume without loss of generality that b is even. Wedefine the Frey elliptic curve associated to this solution

F : y2 = x(x− ap)(x+ bp)

We wish to show that F has impossible properties. Following from the Modularity Theorem,F is modular for some `. Therefore, we can find a newform f ∈ S2(Γ0(2)), where N is theconductor of F . However, there are no such newforms. See [DS05] for more details.

That is, the existence of F implies the existence of a newform that does not exist. BecauseF was obtained from the solution ap + bp = cp, such a solution cannot exist.

38

References

[Ash71] Robert B. Ash. Complex variables. Academic Press, New York, 1971.[DF04] David S. Dummit and Richard M Foote. Abstract Algebra. John Wiley and Sons, Inc, Hoboken,

2004. Third Edition.[DS05] Fred Diamond and Jerry Shurman. A first course in modular forms, volume 228 of Graduate Texts

in Mathematics. Springer-Verlag, New York, 2005.[FH91] William Fulton and Joe Harris. Representation theory, volume 129 of Graduate Texts in Mathe-

matics. Springer-Verlag, New York, 1991. A first course, Readings in Mathematics.[Leh69] Joseph Lehner. Lectures on modular forms, volume 61 of National Bureau of Standards, Applied

Mathematics Series. Superintendent of Documents, U.S. Government Printing Office, Washington,D.C., 1969.

[LR11] Alvaro Lozano-Robledo. Elliptic curves, modular forms, and their L-functions, volume 58 of Stu-dent Mathematical Library. American Mathematical Society, Providence, RI, 2011. IAS/Park CityMathematical Subseries.

[Mar91] Daniel A. Marcus. Number Fields. Springer, New York, 1991.[Mun00] James R. Munkres. Topology: Second Edition. Prentice-Hall Inc., Upper Saddle River, N.J., 2000.[S+11] W. A. Stein et al. Sage Mathematics Software (Version 4.7.1). The Sage Development Team, 2011.

http://www.sagemath.org.[Ser73] Jean-Pierre Serre. Congruences et formes modulaires [d’apres H. P. F. Swinnerton-Dyer]. In

Seminaire Bourbaki, 24e annee (1971/1972), Exp. No. 416, pages 319–338. Lecture Notes in Math.,Vol. 317. Springer, Berlin, 1973.

[Ser75] Jean-Pierre Serre. Valeurs propres des operateurs de Hecke modulo l. pages 109–117. Asterisque,Nos. 24–25, 1975.

[Ser76] Jean-Pierre Serre. Divisibilite de certaines fonctions arithmetiques. Enseignement Math. (2), 22(3-4):227–260, 1976.

[ST92] Joseph H. Silverman and John Tate. Rational points on elliptic curves. Undergraduate Texts inMathematics. Springer-Verlag, New York, 1992.

[ST02] Ian Stewart and David Tall. Algebraic number theory and Fermat’s last theorem. A K Peters Ltd.,Natick, MA, third edition, 2002.

[Stu87] Jacob Sturm. On the congruence of modular forms. In Number theory (New York, 1984–1985),volume 1240 of Lecture Notes in Math., pages 275–280. Springer, Berlin, 1987.

[Tay02] R. Taylor. Galois representations. pages 449–474, 2002.[Tre06] S. Treneer. Congruences for coefficients of weakly holomorphic modular forms. Ph.D. Thesis (Ad-

visor: S. Ahlgren), 2006.[TW95] Richard Taylor and Andrew Wiles. Ring-theoretic properties of certain Hecke algebras. Ann. of

Math. (2), 141(3):553–572, 1995.[Wil95] Andrew Wiles. Modular elliptic curves and Fermat’s last theorem. Ann. of Math. (2), 141(3):443–

551, 1995.

39