<<

. 2
( 4)



>>

gcd((a), (b)) = gcd(IJ, II ) = I

because gcd(J, I ) = (1). ™

3.4.5 The Ideal Class Group
Let I(R) be the group of nonzero fractional ideals of a Dedekind domain R. If P (R) is
the subset of I(R) consisting of all nonzero principal fractional ideals Rx, x ∈ K, then
P (R) is a subgroup of I(R). To see this, note that (Rx)(Ry)’1 = (Rx)(Ry ’1 ) = Rxy ’1 ,
which belongs to P (R). The quotient group C(R) = I(R)/P (R) is called the ideal class
group of R. Since R is commutative, C(R) is abelian, and we will show later that C(R)
is ¬nite.
3.4. SOME ARITHMETIC IN DEDEKIND DOMAINS 9

Let us verify that C(R) is trivial if and only if R is a PID. If C(R) is trivial, then
every integral ideal I of R is a principal fractional ideal Rx, x ∈ K. But I ⊆ R, so x = 1x
must belong to R, proving that R is a PID. Conversely, if R is a PID and I is a nonzero
fractional ideal, then rI ⊆ R for some nonzero r ∈ R. By hypothesis, the integral ideal
rI must be principal, so rI = Ra for some a ∈ R. Thus I = R(a/r) with a/r ∈ K, and
we conclude that every nonzero fractional ideal of R is a principal fractional ideal.

Problems For Section 3.4
We will now go through the factorization of an ideal in a number ¬eld. In the next chapter,
we will begin to develop the necessary background, but some of the manipulations are
accessible to us now. By (2.3.11), the ring B of algebraic integers of the number ¬eld
√ √
Q( ’5) is Z[ ’5]. (Note that ’5 ≡ 3 mod 4.) If we wish to factor the ideal (2) = 2B
of B, the idea is to factor x2 + 5 mod 2, and the result √ x2 + 5 ≡ (x + 1)2 mod 2.
is

Identifying x with ’5, we form the ideal P2 = (2, 1 + ’5), which turns out to be
prime. The desired factorization is (2) = P2 . This technique works if B = Z[±], where
2

the number ¬eld L is Q( ±).

1. Show that 1 ’ ’5 ∈ P2 , and conclude that 6 ∈ P2 . 2

2. Show that 2 ∈ P2 , hence (2) ⊆ P2 √
2 2
.

3. Expand P2 = (2, 1 + ’5)(2, 1 + ’5), and conclude that P2 ⊆ (2).
2 2

4. Following the technique suggested in the above problems, factor x2 + 5 mod 3, and √
conjecture that the prime factorization of (3) in the ring of algebraic integers of Q( ’5)
is (3) = P3 P3 for appropriate P3 and P3 .
5. With P3 and P3 as found in Problem 4, verify that (3) = P3 P3 .
Chapter 4

Factoring of Prime Ideals in
Extensions

4.1 Lifting of Prime Ideals
Recall the basic AKLB setup: A is a Dedekind domain with fraction ¬eld K, L is a ¬nite,
separable extension of K of degree n, and B is the integral closure of A in L. If A = Z,
then K = Q, L is a number ¬eld, and B is the ring of algebraic integers of L.

4.1.1 De¬nitions and Comments
Let P be a nonzero prime ideal of A. The lifting (also called the extension) of P to B is
the ideal P B. Although P B need not be a prime ideal of B, we can use the fact that B
is a Dedekind domain [see (3.1.3)] and the unique factorization theorem (3.3.1) to write
g
Piei
PB =
i=1

where the Pi are distinct prime ideals of B and the ei are positive integers [see (3.3.2)].
On the other hand, we can start with a nonzero prime ideal Q of B and form a prime
ideal of A via
P = Q © A.
We say that Q lies over P , or that P is the contraction of Q to A.
Now suppose that we start with a nonzero prime ideal P of A and lift it to B. We
will show that the prime ideals P1 , . . . , Pg that appear in the prime factorization of P B
are precisely the prime ideals of B that lie over P .

4.1.2 Proposition
Let Q be a nonzero prime ideal of B. Then Q appears in the prime factorization of P B
if and only if Q © A = P .

1
2 CHAPTER 4. FACTORING OF PRIME IDEALS IN EXTENSIONS

Proof. If Q © A = P , then P ⊆ Q, hence P B ⊆ Q because Q is an ideal. By (3.3.5), Q
divides P B. Conversely, assume that Q divides, hence contains, P B. Then

P = P © A ⊆ P B © A ⊆ Q © A.

But in a Dedekind domain, every nonzero prime ideal is maximal, so P = Q © A. ™

4.1.3 Rami¬cation and Relative Degree
g
If we lift P to B and factor P B as i=1 Piei , the positive integer ei is called the rami¬cation
index of Pi over P (or over A). We say that P rami¬es in B (or in L) if ei > 1 for at
least one i. We will prove in a moment that B/Pi is a ¬nite extension of the ¬eld A/P .
The degree fi of this extension is called the relative degree (or the residue class degree, or
the inertial degree) of Pi over P (or over A).

4.1.4 Proposition
We can identify A/P with a sub¬eld of B/Pi , and B/Pi is a ¬nite extension of A/P .
Proof. The map from A/P to B/Pi given by a + P ’ a + Pi is well-de¬ned and injective,
because P = Pi © A, and it is a homomorphism by direct veri¬cation. By (3.1.2), B is a
¬nitely generated A-module, hence B/Pi is a ¬nitely generated A/P -module, that is, a
¬nite-dimensional vector space over A/P . ™

4.1.5 Remarks
The same argument, with Pi replaced by P B, shows that B/P B is a ¬nitely generated
A/P -algebra, in particular, a ¬nite-dimensional vector space over A/P . We will denote
the dimension of this vector space by [B/P B : A/P ].
The numbers ei and fi are connected by an important identity, which does not seem
to have a name in the literature. We will therefore christen it as follows.

4.1.6 Ram-Rel Identity

g
ei fi = [B/P B : A/P ] = n.
i=1


Proof. To prove the ¬rst equality, consider the chain of ideals

B ⊇ P 1 ⊇ P 1 ⊇ · · · ⊇ P1 1
e
2

⊇ P 1 1 P 2 ⊇ P 1 1 P 2 ⊇ · · · ⊇ P 1 1 P2 2
e e e e
2

⊇ · · · ⊇ P1 1 · · · Pg g = P B.
e e


By unique factorization, there can be no ideals between consecutive terms in the sequence.
(Any such ideal would contain, hence divide, P B.) Thus the quotient β/βPi of any two
4.1. LIFTING OF PRIME IDEALS 3

consecutive terms is a one-dimensional vector space over B/Pi , as there are no nontrivial
proper subspaces. (It is a vector space over this ¬eld because it is annihilated by Pi .)
But, with notation as in (4.1.5), [B/Pi : A/P ] = fi , so [β/βPi : A/P ] = fi . For each i,
we have exactly ei consecutive quotients, each of dimension fi over A/P . Consequently,
g
[B/P B : A/P ] = i=1 ei fi , as claimed.
To prove the second equality, we ¬rst assume that B is a free A-module of rank n. By
(2.3.8), this covers the case where A is a PID, in particular, when L is a number ¬eld. If
x1 , . . . , xn is a basis for B over A, we can reduce mod P B to produce a basis for B/P B
n
over A/P , and the result follows. Explicitly, suppose i=1 (ai +P )(xi +P B) = 0 in B/P B.
n
Then i=1 ai xi belongs to P B, hence can be written as j bj yj with bj ∈ B, yj ∈ P .
Since bj = k cjk xk with cjk ∈ A, we have ak = j cjk yj ∈ P for all k.
The general case is handled by localization. Let S = A\P , A = S ’1 A, B = S ’1 B. By
(1.2.6), (1.2.9), and the Dedekind property (every nonzero prime ideal of A is maximal),
it follows that A has exactly one nonzero prime ideal, namely P = P A . Moreover, P
is principal, so A is a discrete valuation ring, that is, a local PID that is not a ¬eld. [By
unique factorization, we can choose an element a ∈ P \(P )2 , so (a) ⊆ P but (a) ⊆ (P )2 .
Since the only nonzero ideals of A are powers of P (unique factorization again), we have
(a) = P .] Now B is the integral closure of A in L, so B is the integral closure of A in
S ’1 L = L. [The idea is that we can go back and forth between an equation of integral
dependence for b ∈ B and an equation of integral dependence for b/s ∈ B either by
introducing or clearing denominators.] We have now reduced to the PID case already
analyzed, and [B /P B : A /P A ] = n.
g
Now P B = i=1 Piei , and Pi is a nonzero prime ideal of B not meeting S. [If
y ∈ Pi © S, then y ∈ Pi © A = P by (4.1.2). Thus y ∈ P © S, a contradiction.] By the
g
basic correspondence (1.2.6), we have the factorization P B = i=1 (Pi B )ei . By the PID
case,
g
n = [B /P B : A /P A ] = ei [B /Pi B : A /P A ].
i=1

We are ¬nished if we can show that B /Pi B ∼ B/Pi and A /P A ∼ A/P . The statement
= =
of the appropriate lemma, and the proof in outline form, are given in the exercises. ™

Problems For Section 4.1
We will ¬ll in the gap at the end of the proof of the ram-rel identity. Let S be a mul-
tiplicative subset of the integral domain A, and let M be a maximal ideal of A disjoint
from S. Consider the composite map A ’ S ’1 A ’ S ’1 A/MS ’1 A, where the ¬rst map
is given by a ’ a/1 and the second by a/s ’ (a/s) + MS ’1 A.
1. Show that the kernel of the map is M, so by the factor theorem, we have a monomor-
phism h : A/M ’ S ’1 A/MS ’1 A.
2. Let a/s ∈ S ’1 A. Show that for some b ∈ A we have bs ≡ 1 mod M.
3. Show that (a/s) + MS ’1 A = h(ab), so h is surjective and therefore an isomorphism.
Consequently, S ’1 A/MS ’1 A ∼ A/M, which is the result we need.
=
4 CHAPTER 4. FACTORING OF PRIME IDEALS IN EXTENSIONS

4.2 Norms of Ideals
4.2.1 De¬nitions and Comments
We are familiar with the norm of an element of a ¬eld, and we are going to extend the
idea to ideals. We assume the AKLB setup with A = Z, so that B is a number ring,
that is, the ring of algebraic integers of a number ¬eld L. If I is a nonzero ideal of B, we
de¬ne the norm of I by N (I) = |B/I|. We will show that the norm is ¬nite, so if P is a
nonzero prime ideal of B, then B/P is a ¬nite ¬eld. Also, N has a multiplicative property
analogous to the formula N (xy) = N (x)N (y) for elements. [See (2.1.3), equation (2).]

4.2.2 Proposition
Let b be any nonzero element of the ideal I of B, and let m = NL/Q (b) ∈ Z. Then m ∈ I
and |B/mB| = mn , where n = [L : Q].
Proof. By (2.1.6), m = bc where c is a product of conjugates of b. But a conjugate of an
algebraic integer is an algebraic integer. (If a monomorphism is applied to an equation
of integral dependence, the result is an equation of integral dependence.) Thus c ∈ B,
and since b ∈ I, we have m ∈ I. Now by (2.3.9), B is the direct sum of n copies of Z,
hence by the ¬rst isomorphism theorem, B/mB is the direct sum of n copies of Z/mZ.
Consequently, |B/mB| = mn . ™

4.2.3 Corollary
If I is any nonzero ideal of B, then N (I) is ¬nite. In fact, if m is as in (4.2.2), then N (I)
divides mn .
Proof. Observe that (m) ⊆ I, hence

B/(m) ∼
= I/(m). ™
B/I

4.2.4 Corollary
Every nonzero ideal I of B is a free abelian group of rank n.
Proof. By the simultaneous basis theorem, we may represent B as the direct sum of n
copies of Z, and I as the direct sum of a1 Z, . . . , ar Z, where r ¤ n and the ai are positive
integers such that ai divides ai+1 for all i. Thus B/I is the direct sum of r cyclic groups
(whose orders are a1 , . . . , ar ) and n ’ r copies of Z. If r < n, then at least one copy of Z
appears, and |B/I| cannot be ¬nite. ™

4.2.5 Computation of the Norm
Suppose that {x1 , . . . , xn } is a Z-basis for B, and {z1 , . . . , zn } is a basis for I. Each zi is
a linear combination of the xi with integer coe¬cients, in matrix form z = Cx. We claim
that the norm of I is the absolute value of the determinant of C. To verify this, ¬rst look
at the special case xi = yi and zi = ai yi , as in the proof of (4.2.4). Then C is a diagonal
4.2. NORMS OF IDEALS 5

matrix with entries ai , and the result follows. But the special case implies the general
result, because any matrix corresponding to a change of basis of B or I is unimodular, in
other words, has integer entries and determinant ±1. [See (2.3.9) and (2.3.10).]
Now with z = Cx as above, the discriminant of x is the ¬eld discriminant d, and the
discriminant of z is D(z) = (det C)2 d by (2.3.2). We have just seen that N (I) = | det C|,
so we have the following formula for computing the norm of an ideal I. If z is a Z-basis
for I, then
1/2
D(z)
N (I) = .
d

There is a natural relation between the norm of a principal ideal and the norm of the
corresponding element.

4.2.6 Proposition
If I = (a) with a = 0, then N (I) = |NL/Q (a)|.
Proof. If x is a Z-basis for B, then ax is a Z-basis for I. By (2.3.3), D(ax) is the square
of the determinant whose ij entry is σi (axj ) = σi (a)σi (xj ). By (4.2.5), the norm of I is
|σ1 (a) · · · σn (a)| = |NL/Q (a)|. ™
In the proof of (4.2.6), we cannot invoke (2.3.2) to get D(ax1 , . . . , axn ) = (an )2 D(x1 , . . . , xn ),
because we need not have a ∈ Q.
We now establish the multiplicative property of ideal norms.

4.2.7 Theorem
If I and J are nonzero ideals of B, then N (IJ) = N (I)N (J).
Proof. By unique factorization, we may assume without loss of generality that J is a
prime ideal P . By the third isomorphism theorem, |B/IP | = |B/I| |I/IP |, so we must
show that |I/IP | is the norm of P , that is, |B/P |. But this has already been done in the
¬rst part of the proof of (4.1.6). ™

4.2.8 Corollary
Let I be a nonzero ideal of B. If N (I) is prime, then I is a prime ideal.
Proof. Suppose I is the product of two ideals I1 and I2 . By (4.2.7), N (I) = N (I1 )N (I2 ),
so by hypothesis, N (I1 ) = 1 or N (I2 ) = 1. Thus either I1 or I2 is the identity element
of the ideal group, namely B. Therefore, the prime factorization of I is I itself, in other
words, I is a prime ideal. ™

4.2.9 Proposition
N (I) ∈ I, in other words, I divides N (I). [More precisely, I divides the principal ideal
generated by N (I).]
6 CHAPTER 4. FACTORING OF PRIME IDEALS IN EXTENSIONS

Proof. Let N (I) = |B/I| = r. If x ∈ B, then r(x + I) is 0 in B/I, because the order of
any element of a group divides the order of the group. Thus rx ∈ I, and in particular we
may take x = 1 to conclude that r ∈ I. ™

4.2.10 Corollary
If I is a nonzero prime ideal of B, then I divides (equivalently, contains) exactly one
rational prime p.
Proof. By (4.2.9), I divides N (I) = pm1 · · · pmt , so I divides some pi . But if I divides
t
1
two distinct primes p and q, then there exist integers u and v such that up + vq = 1. Thus
I divides 1, so I = B, a contradiction. Therefore I divides exactly one p. ™

4.2.11 The Norm of a Prime Ideal
If we can compute the norm of every nonzero prime ideal P , then by multiplicativity, we
can calculate the norm of any nonzero ideal. Let p be the unique rational prime in P , and
recall from (4.1.3) that the relative degree of P over p is f (P ) = [B/P : Z/pZ]. Therefore

N (P ) = |B/P | = pf (P ) .

Note that by (4.2.6), the norm of the principal ideal (p) is |N (p)| = pn , so N (P ) = pm
for some m ¤ n. This conclusion also follows from the above formula N (P ) = pf (P ) and
the ram-rel identity (4.1.6).
Here are two other useful ¬niteness results.

4.2.12 Proposition
A rational integer m can belong to only ¬nitely many ideals of B.
Proof. We have m ∈ I i¬ I divides (m), and by unique factorization, (m) has only ¬nitely
many divisors. ™

4.2.13 Corollary
Only ¬nitely many ideals can have a given norm.
Proof. If N (I) = m, then by (4.2.9), m ∈ I, and the result follows from (4.2.12). ™

Problems For Section 4.2
This problem set will give the proof that a rational prime p rami¬es in the number ¬eld
L if and only if p divides the ¬eld discriminant d = dL/Q .
1. Let (p) = pB have prime factorization i Piei . Show that p rami¬es if and only if the
ring B/(p) has nonzero nilpotent elements.
Now as in (2.1.1), represent elements of B by matrices with respect to an integral basis
ω1 , . . . , ωn of B. Reduction of the entries mod p gives matrices representing elements of
B/(p).
2. Show that a nilpotent element (or matrix) has zero trace.
4.3. A PRACTICAL FACTORIZATION THEOREM 7

Suppose that A(β), the matrix representing the element β, is nilpotent mod p. Then
A(βωi ) will be nilpotent mod p for all i, because βωi is nilpotent mod p.
3. By expressing β in terms of the ωi and computing the trace of A(βωj ), show that if β
is nilpotent mod p and β ∈ (p), then d ≡ 0 mod p, hence p divides d.
/
Now assume that p does not ramify.
4. Show that B/(p) is isomorphic to a ¬nite product of ¬nite ¬elds Fi of characteristic p.
Let πi : B ’ B/(p) ’ Fi be the composition of the canonical map from B onto B/(p)
and the projection from B/(p) onto Fi .
5. Show that the trace form Ti (x, y) = TFi /Fp (πi (x)πi (y)) is nondegenerate, and conclude
that i Ti is also nondegenerate.
We have d = det T (ωi ωj ), in other words, the determinant of the matrix of the bilinear
form T (x, y) on B, with respect to the basis {ω1 , . . . , ωn }. Reducing the matrix entries
mod p, we get the matrix of the reduced bilinear form T0 on the Fp -vector space B/(p).
6. Show that T0 coincides with i Ti , hence T0 is nondegenerate. Therefore d = 0 mod p,
so p does not divide d.
As a corollary, it follows that only ¬nitely many primes can ramify in L.


4.3 A Practical Factorization Theorem
The following result, usually credited to Kummer but sometimes attributed to Dedekind,
allows, under certain conditions, an e¬cient factorization of a rational prime in a number
¬eld.

4.3.1 Theorem
Let L be a number ¬eld of degree n over Q, and assume that the ring B of algebraic
integers of L is Z[θ] for some θ ∈ B. Thus 1, θ, θ2 , . . . , θn’1 form an integral basis of B.
Let p be a rational prime, and let f be the minimal polynomial of θ over Q. Reduce the
coe¬cients of f modulo p to obtain f ∈ Z[X]. Suppose that the factorization of f into
irreducible polynomials over Fp is given by

f = h e1 · · · h e r .
r
1

Let fi be any polynomial in Z[X] whose reduction mod p is hi . Then the ideal

Pi = (p, fi (θ))

is prime, and the prime factorization of (p) in B is

(p) = P1 1 · · · Pr r .
e e


Proof. Adjoin a root θi of hi to produce the ¬eld Fp [θi ] ∼ Fp [X]/hi (X). The assignment
=
θ ’ θi extends by linearity (and reduction of coe¬cients mod p) to an epimorphism
»i : Z[θ] ’ Fp [θi ]. Since Fp [θi ] is a ¬eld, the kernel of »i is a maximal, hence prime,
ideal of Z[θ] = B. Since »i maps fi (θ) to hi (θi ) = 0 and also maps p to 0, it follows that
Pi ⊆ ker »i . We claim that Pi = ker »i . To prove this, assume g(θ) ∈ ker »i . With a
8 CHAPTER 4. FACTORING OF PRIME IDEALS IN EXTENSIONS

subscript 0 indicating reduction of coe¬cients mod p, we have g0 (θi ) = 0, hence hi , the
minimal polynomial of θi , divides g0 . If g0 = q0 hi , then g ’ qfi ≡ 0 mod p. Therefore

g(θ) = [g(θ) ’ q(θ)fi (θ)] + q(θ)fi (θ)

so g(θ) is the sum of an element of (p) and an element of (fi (θ)). Thus ker »i ⊆ Pi , so
Pi = ker »i , a prime ideal.
We now show that (p) divides P1 1 · · · Pr r . We use the identity (I+I1 )(I+I2 ) ⊆ I+I1 I2 ,
e e

where I, I1 and I2 are ideals. We begin with P1 = (p) + (f1 (θ)), and compute

P1 ⊆ (p) + (f1 (θ))2 , . . . , P1 1 · · · Pr r ⊆ (p) + (f1 (θ))e1 · · · (fr (θ))er .
e
2 e

r
But the product of the fi (θ)ei coincides mod p with hi (θ) = f (θ) = 0. We conclude
i=1
r
that i=1 Piei ⊆ (p), as asserted.
We now know that (p) = P1 1 · · · Pr r with 0 ¤ ki ¤ ei . (Actually, ki > 0 since
k k

p ∈ ker »i = Pi , so Pi divides (p). But we will not need this re¬nement.) By hypothesis,
B/Pi = Z[θ]/Pi , which is isomorphic to Fp [θi ], as observed at the beginning of the proof.
Thus the norm of Pi is |Fp [θi ]| = pdi , where di is the degree of hi . By (4.2.6), (4.2.7) and
equation (3) of (2.1.3),
r r
n ki
pdi ki
p = N ((p)) = N (Pi ) =
i=1 i=1

hence n = d1 k1 + · · · + dr kr . But n is the degree of the monic polynomial f , which is the
same as deg f = d1 e1 + · · · + dr er . Since ki ¤ ei for every i, we have ki = ei for all i, and
the result follows. ™

4.3.2 Prime Factorization in Quadratic Fields

We consider L = Q( m), where m is a square-free integer, and factor the ideal (p) in
the ring B of algebraic integers of L. By the ram-rel identity (4.1.6), there will be three
cases:
(1) g = 2, e1 = e2 = f1 = f2 = 1. Then (p) is the product of two distinct prime ideals P1
and P2 , and we say that p splits in L.
(2) g = 1, e1 = 1, f1 = 2. Then (p) is a prime ideal of B, and we say that p remains prime
in L or that p is inert.
2
(3) g = 1, e1 = 2, f1 = 1. Then (p) = P1 for some prime ideal P1 , and we say that p
rami¬es in L.
We will examine all possibilities systematically.
(a) Assume p is an odd prime not dividing m. Then p does not divide the discriminant,
so p does not ramify.
(a1) If m is a quadratic residue mod p, then p splits. Say m ≡ n2 mod p. Then x2 ’ m
√ √
factors mod p as (x + n)(x ’ n), so (p) = (p, n + m) (p, n ’ m).
(a2) If m is not a quadratic residue mod p, then x2 ’ m cannot be the product of two
linear factors, hence x2 ’ m is irreducible mod p and p remains prime.
4.3. A PRACTICAL FACTORIZATION THEOREM 9

(b) Let p be any prime dividing m. Then p divides the discriminant, hence p rami¬es.

Since x2 ’ m ≡ x2 = xx mod p, we have (p) = (p, m)2 .
This takes care of all odd primes, and also p = 2 with m even.
(c) Assume p = 2, m odd.
(c1) Let m ≡ 3 mod 4. Then 2 divides the √
discriminant D = 4m, so 2 rami¬es. We have
x ’ m ≡ (x + 1) mod 2, so (2) = (2, 1 + m)2 .
2 2

(c2) Let m ≡ 1 mod 8, hence m ≡ 1 mod 4. An integral basis is {1, (1 + m)/2}, and
the discriminant is D = m. Thus 2 does not divide D, so 2 does not ramify. We claim
√ √
that (2) = (2, (1 + m)/2) (2, (1 ’ m)/2). To verify this note that the right side is
√ √
(2, 1 ’ m, 1 + √ m, (1 ’ m)/4). This coincides with (2) because (1 ’ m)/4 is an even

integer and 1 ’ m + 1 + m = 2.
If m ≡ 3 or 7 mod 8, then m ≡ 3 mod 4, so there is only one remaining case.
(c3) Let m ≡ 5 mod 8, hence m ≡ 1 mod 4, so D = m and 2 does not ramify. Consider
f (x) = x2 ’ x + (1 ’ m)/4 over B/P , where P is any prime ideal lying over (2). The roots

of f are (1 ± m)/2, so f has a root in B, hence in B/P . But there is no root in F2 ,
because (1 ’ m)/4 ≡ 1 mod 2. Thus B/P and F2 cannot be isomorphic. If (2) factors as
Q1 Q2 , then the norm of (2) is 4, so Q1 and Q2 have norm 2, so the B/Qi are isomorphic
to F2 , which contradicts the argument just given. Therefore 2 remains prime.
You probably noticed something suspicious in cases (a) and (b). In order to apply

(4.3.1), 1 and m must form an integral basis, so m ≡ 1 mod 4, as in (2.3.11). But we
can repair the damage. In (a1), verify directly that the factorization of (p) is as given. The
√ √ √ √
key point is that the ideal (p, n + m) (p, n ’ m) contains p(n + m + n ’ m) = 2np,
and if p divides n, then p divides (m ’ n2 ) + n2 = m, contradicting the assumption of
case (a). Thus the greatest common divisor of p2 and 2np is p, so p belongs to the ideal.
Since every generator of the ideal is a multiple of p, the result follows. In (a2), suppose
(p) = Q1 Q2√Since the norm of p is p2 , each Qi has norm p, so B/Qi must be isomorphic
.
to Fp . But m ∈ B, so m has a square root in B/Qi [see (4.1.4)]. But case (a2) assumes
that there is no square root of m in Fp , a contradiction. Finally, case (b) is similar to
case (a1). We have p|m, but p2 does not divide the square-free integer m, so the greatest
common divisor of p2 and m is p.

Problems For Section 4.3
1. In the exercises for Section 3.4, we factored (2) and (3) in the ring B of algebraic

integers of L = Q( ’5), using ad hoc techniques. Using the results of this section, derive
the results rigorously.
2. Continuing √ Problem 1, factor (5), (7) and (11). √
3. Let L = Q( 3 2), and assume as known that the ring of algebraic integers is B = Z[ 3 2].
Find the prime factorization of (5).
Chapter 5

The Ideal Class Group

We will use Minkowski theory, which belongs to the general area of geometry of numbers,
to gain insight into the ideal class group of a number ¬eld. We have already mentioned
the ideal class group brie¬‚y in (3.4.5); it measures how close a Dedekind domain is to a
principal ideal domain.



5.1 Lattices
5.1.1 De¬nitions and Comments
Let e1 , . . . , en ∈ Rn , with the ei linearly independent over R. Thus the ei form a basis
for Rn as a vector space over R. The ei also form a basis for a free Z-module of rank n,
namely

H = Ze1 + · · · + Zen .

A set H constructed in this way is said to be a lattice in Rn . The fundamental domain
of H is given by
n
T = {x ∈ R : x = ai ei , 0 ¤ ai < 1}.
n

i=1


In the most familiar case, e1 and e2 are linearly independent vectors in the plane, and T is
the parallelogram generated by the ei . In general, every point of Rn is congruent modulo
H to a unique point of T , so Rn is the disjoint union of the sets h + T, h ∈ H. If µ is
Lebesgue measure, then the volume µ(T ) of the fundamental domain T will be denoted by
v(H). If we generate H using a di¬erent Z-basis, the volume of the fundamental domain
is unchanged. (The change of variables matrix between Z-bases is unimodular, hence has
determinant ±1. The result follows from the change of variables formula for multiple
integrals.)

1
2 CHAPTER 5. THE IDEAL CLASS GROUP

5.1.2 Lemma
Let S be a Lebesgue measurable subset of Rn with µ(S) > v(H). Then there exist distinct
points x, y ∈ S such that x ’ y ∈ H.
Proof. As we observed in (5.1.1), the sets h + T, h ∈ H, are (pairwise) disjoint and cover
Rn . Thus the sets S © (h + T ), h ∈ H, are disjoint and cover S. Consequently,

µ(S © (h + T )).
µ(S) =
h∈H

By translation-invariance of Lebesgue measure, µ(S © (h + T )) = µ((’h + S) © T ). Now
if S © (h1 + T ) and S © (h2 + T ) are disjoint, it does not follow that (’h1 + S) © T and
(’h2 + S) © T are disjoint, as we are not subtracting the same vector from each set. In
fact, if the sets (’h + S) © T, h ∈ H, were disjoint, we would reach a contradiction via

v(H) = µ(T ) ≥ µ((’h + S) © T ) = µ(S).
h∈H

Thus there are distinct elements h1 , h2 ∈ H such that (’h1 +S)©(’h2 +S)©T = …. Choose
(necessarily distinct) x, y ∈ S such that ’h1 + x = ’h2 + y. Then x ’ y = h1 ’ h2 ∈ H,
as desired. ™

5.1.3 Minkowski™s Convex Body Theorem
Let H be a lattice in Rn , and assume that S is a Lebesgue measurable subset of Rn that
is symmetric about the origin and convex. If
(a) µ(S) > 2n v(H), or
(b) µ(S) ≥ 2n v(H) and S is compact,
then S © (H \ {0}) = ….
Proof.
(a) Let S = 1 S. Then µ(S ) = 2’n µ(S) > v(H) by hypothesis, so by (5.1.2), there exist
2
distinct elements y, z ∈ S such that y ’ z ∈ H. But y ’ z = 1 (2y + (’2z)), a convex
2
combination of 2y and ’2z. But y ∈ S ’ 2y ∈ S, and z ∈ S ’ 2z ∈ S ’ ’2z ∈ S by
symmetry about the origin. Thus y ’ z ∈ S and since y and z are distinct, y ’ z ∈ H \ {0}.
(b) We apply (a) to (1+1/m)S, m = 1, 2, . . . . Since S, hence (1+1/m)S, is a bounded set,
it contains only ¬nitely many points of the lattice H. Consequently, for every positive
integer m, Sm = (1 + 1/m)S © (H \ {0}) is a nonempty ¬nite, hence compact, subset
of Rn . Since Sm+1 ⊆ Sm for all m, the sets Sm form a nested sequence, and therefore
©∞ Sm = …. If x ∈ ©∞ Sm , then x ∈ H \ {0} and x/(1 + 1/m) ∈ S for every m. Since
m=1 m=1
S is closed, we may let m ’ ∞ to conclude that x ∈ S. ™

5.1.4 Example
With n = 2, take e1 = (1, 0) and e2 = (0, 1). The fundamental domain is the unit square,
closed at the bottom and on the left, and open at the top and on the right. Let S be the
set of all a1 e1 + a2 e2 with ’1 < ai < 1, i = 1, 2. Then µ(S) = 4v(H), but S contains no
nonzero lattice points. Thus compactness is a necessary hypothesis in part (b).
5.2. A VOLUME CALCULATION 3

5.2 A Volume Calculation
We will use n-dimensional integration technique to derive a result that will be needed in
the proof that the ideal class group is ¬nite. We will work in Rn , realized as the product
of r1 copies of R and r2 copies of C, where r1 + 2r2 = n. Our interest is in the set
r1 r2
Bt = {(y1 , . . . , yr1 , z1 , . . . , zr2 ) ∈ R —C |yi | + 2 |zj | ¤ t}, t ≥ 0.
r1 r2
:
i=1 j=1

We will show that the volume of Bt is given by
π r2 t n
r1
V (r1 , r2 , t) = 2 () .
2 n!
The proof is by double induction on r1 and r2 . If r1 = 1 and r2 = 0, hence n = 1, we
are calculating the length of the interval [’t, t], which is 2t, as predicted. If r1 = 0 and
r2 = 1, hence n = 2, we are calculating the area of {z1 : 2|z1 | ¤ t}, a disk of radius t/2.
The result is πt2 /4, again as predicted. Now assume that the formula holds for r1 , r2 , and
all t. Then V (r1 + 1, r2 , t) is the volume of the set described by
r1 r2
|y| + |yi | + 2 |zj | ¤ t
i=1 j=1

or equivalently by
r1 r2
|yi | + 2 |zj | ¤ t ’ |y|.
i=1 j=1


Now if |y| > t, then Bt is empty. For smaller values of |y|, suppose we change y to y + dy.
This creates a box in (n + 1)-space with dy as one of the dimensions. The volume of the
box is V (r1 , r2 , t ’ y)dy. Thus
t
V (r1 , r2 , t ’ |y|)dy
V (r1 + 1, r2 , t) =
’t

t
which by the induction hypothesis is 2 0 2r1 (π/2)r2 [(t ’ y)n /n!] dy. Evaluating the inte-
gral, we obtain 2r+1 (π/2)r2 tn+1 /(n + 1)!, as desired.
Finally, V (r1 , r2 + 1, t) is the volume of the set described by
r1 r2
|yi | + 2 |zj | + 2|z| ¤ t.
i=1 j=1

As above,

V (r1 , r2 , t ’ 2|z|)dµ(z)
V (r1 , r2 + 1, t) =
|z|¤t/2
4 CHAPTER 5. THE IDEAL CLASS GROUP

where µ is Lebesgue measure on C. In polar coordinates, the integral becomes

π r2 (t ’ 2r)n
2π t/2
2r1 ( ) r dr dθ
2 n!
θ=0 r=0

t/2
which reduces to 2r1 (π/2)r2 (2π/n!) r=0 (t ’ 2r)n r dr. We may write the integrand as
(t ’ 2r)n r dr = ’rd(t ’ 2r)n+1 /2(n + 1). Integration by parts yields (for the moment
ignoring the constant factors preceding the integral)
t/2
’(t ’ 2r)n+2
t/2
tn+2
(t ’ 2r)
n+1
dr/2(n + 1) = = .
2(n + 1)2(n + 2) 4(n + 1)(n + 2)
0 0

Therefore V (r1 , r2 + 1, t) = 2r1 (π/2)r2 (2π/n!)tn+2 /4(n + 1)(n + 2), which simpli¬es to
2r1 (π/2)r2 +1 tn+2 /(n + 2)!, completing the induction. Note that n + 2 (rather than n + 1)
is correct, because r1 + 2(r2 + 1) = r1 + 2r2 + 2 = n + 2.


5.3 The Canonical Embedding
5.3.1 De¬nitions and Comments
Let L be a number ¬eld of degree n over Q, and let σ1 , . . . , σn be the Q-monomorphisms
of L into C. If σi maps entirely into R, we say that σi is a real embedding; otherwise it
is a complex embedding. Since the complex conjugate of a Q-monomorphism is also a Q-
monomorphism, we can renumber the σi so that the real embeddings are σ1 , . . . , σr1 and
the complex embeddings are σr1 +1 , . . . , σn , with σr1 +j paired with its complex conjugate
σr1 +r2 +j , j = 1, . . . , r2 . Thus there are 2r2 complex embeddings, and r1 + 2r2 = n.
The canonical embedding σ : L ’ Rr1 — Cr2 = Rn is the injective ring homomorhism
given by

σ(x) = (σ1 (x), . . . , σr1 +r2 (x)).

5.3.2 Some Matrix Manipulations
Let x1 , . . . , xn ∈ L be linearly dependent over Z (hence the xi form a basis for L over Q).
Let C be the matrix whose k th column (k = 1, . . . , n) is

σ1 (xk ), . . . , σr1 (xk ), Re σr1 +1 (xk ), Im σr1 +1 (xk ), . . . , Re σr1 +r2 (xk ), Im σr1 +r2 (xk ).

The determinant of C looks something like a discriminant, and we can be more precise
with the aid of elementary row operations. Suppose that

σj (xk ) x + iy
= .
x ’ iy
σ j (xk )

We are ¬xing j and allowing k to range from 1 to n, so we have two rows of an n by
n matrix. Add the second row to the ¬rst, so that the entries on the right become 2x
5.3. THE CANONICAL EMBEDDING 5

and x ’ iy. Then add ’1/2 times row 1 to row 2, and the entries become 2x and ’iy.
Factoring out 2 and ’i, we get

x Re σj (xk )
’2i = ’2i .
y Im σj (xk )

Do this for each j = 1, . . . , r2 . In the above calculation, σ j appears immediately under
σj , but in the original ordering they are separated by r2 , which introduces a factor of
(’1)r2 when we calculate a determinant. To summarize, we have

det C = (2i)’r2 det(σj (xk ))

Note that j and k range from 1 to n; no operations are needed for the ¬rst r1 rows.
Now let M be the free Z-module generated by the xi , so that σ(M ) is a free Z-module
with basis σ(xi ), i = 1, . . . , n, hence a lattice in Rn . The fundamental domain is a
parallelotope whose sides are the σ(xi ), and the volume of the fundamental domain is the
absolute value of the determinant whose rows (or columns) are the σ(xi ). Consequently
[see (5.1.1) for notation],

v(σ(M )) = | det C| = 2’r2 | det σj (xk )|.

We apply this result in an algebraic number theory setting.

5.3.3 Proposition
Let B be the ring of algebraic integers of a number ¬eld L, and let I be a nonzero integral
ideal of B, so that by (4.2.4) and (5.3.2), σ(I) is a lattice in Rn . Then the volume of the
fundamental domain of this lattice is

v(σ(I)) = 2’r2 |d|1/2 N (I),

in particular, v(σ(B)) = 2’r2 |d|1/2 , where d is the ¬eld discriminant.
Proof. The result for I = B follows from (5.3.2) and (2.3.3), taking the xk as an integral
basis for B. To establish the general result, observe that the fundamental domain for σ(I)
can be assembled by taking the disjoint union of N (I) copies of the fundamental domain
of σ(B). To convince yourself of this, let e1 and e2 be basis vectors in the plane. The
lattice H generated by 2e1 and 3e2 is a subgroup of the lattice H generated by e1 and
e2 , but the fundamental domain T of H is larger than the fundamental domain T of H.
In fact, exactly 6 copies of T will ¬t inside T . ™

5.3.4 Minkowski Bound on Element Norms
If I is a nonzero integral ideal of B, then I contains a nonzero element x such that

|NL/Q (x)| ¤ (4/π)r2 (n!/nn )|d|1/2 N (I).

Proof. The set Bt of Section 5.2 is compact, convex and symmetric about the origin.
The volume of Bt is µ(Bt ) = 2r1 (π/2)r2 tn /n!, with µ indicating Lebesgue measure. We
6 CHAPTER 5. THE IDEAL CLASS GROUP

choose t so that µ(Bt ) = 2n v(σ(I)), which by (5.3.3) is 2n’r2 |d|1/2 N (I). Equating the
two expressions for µ(Bt ), we get

tn = 2n’r1 π ’r2 n! |d|1/2 N (I).

Apply (5.1.3b) with H = σ(I) and S = Bt . By our choice of t, the hypothesis of (5.1.3b)
is satis¬ed, and we have S © (H \ {0}) = …. Thus there is a nonzero element x ∈ I such
that σ(x) ∈ Bt . Now by (2.1.6), the norm of x is the product of the positive numbers
ai = |σi (x)|, i = 1, . . . , n. To estimate N (x), we invoke the inequality of the arithmetic
and geometric means, which states that (a1 · · · an )1/n ¤ (a1 + · · · + an )/n. It follows that
n
a1 · · · an ¤ ( i=1 ai /n)n . With our ai ™s, we have

r +r2
r1
21
1
|N (x)| ¤ [ |σi (x)| + |σi (x)| ]n .
n n j=r
1 +1
i=1


Since σ(x) ∈ Bt , we have |N (x)| ¤ tn /nn . By choice of t,

|N (x)| ¤ (1/nn )2n’r1 π ’r2 n! |d|1/2 N (I).

But n ’ r1 = 2r2 , so 2n’r1 π ’r2 = 22r2 π ’r2 = (4/π)r2 , and the result follows. ™


5.3.5 Minkowski Bound on Ideal Norms
Every ideal class [see (3.4.5)] of L contains an integral ideal I such that

N (I) ¤ (4/π)r2 (n!/nn ) |d|1/2 .

Proof. Let J be a fractional ideal in the given class. We can multiply by a principal
ideal of B without changing the ideal class, so we can assume with loss of generality that
J = (J )’1 is an integral ideal. Choose a nonzero element x ∈ J such that x satis¬es the
norm inequality of (5.3.4). Our candidate is I = xJ .
First note that I is an integral ideal because x ∈ J and JJ = B. Now (x) = IJ, so
by (4.2.6) and (5.3.4),

N (I)N (J) = N (x) ¤ (4/π)r2 (n!/nn ) |d|1/2 N (J).

Cancel N (J) to get the desired result. ™


5.3.6 Corollary
The ideal class group is ¬nite.
Proof. By (4.2.13), there are only ¬nitely many integral ideals with a given norm. By
(5.3.5), we can associate with each ideal class an integral ideal whose norm is bounded
above by a ¬xed constant. If the ideal class group were in¬nite, we would eventually use
the same integral ideal in two di¬erent ideal classes, which is impossible. ™
5.3. THE CANONICAL EMBEDDING 7

5.3.7 Applications
Suppose that a number ¬eld L has a Minkowski bound on ideal norms that is less than 2.
Since the only ideal of norm 1 is the trivial ideal (1) = B, every ideal class must contain
(1). Thus there can be only one ideal class, and the class number of L, that is, the order
of the ideal class group, is hL = 1. By (3.4.5), B is a PID, equivalently, by (3.2.8), a
UFD.
If the Minkowski bound is greater than 2 but less than 3, we must examine ideals
whose norm is 2. If I is such an ideal, then by (4.2.9), I divides (2). Thus the prime
factorization of (2) will give useful information about the class number.
In the exercises, we will look at several explicit examples.

Problems For Section 5.3
1. Calculate the Minkowski bound on ideal norms for an imaginary quadratic ¬eld, in

terms of the ¬eld discriminant d. Use the result to show that Q( m) has class number 1
for m = ’1, ’3, ’7.
2. Calculate the Minkowski bound on ideal norms or a real quadratic ¬eld, in terms

of the ¬eld discriminant d. Use the result to show that Q( m) has class number 1 for
m = 2, 3, 5, 13. √
3. Show that in the ring of algebraic integers of Q( ’5), there is only one ideal whose
norm is 2. Then use the Minkowski bound to prove that the class number is 2.

4. Repeat Problem 3 for Q( 6). √
5. Show that the only prime ideals of norm 2 in the ring of algebraic integers of Q( 17)
are principal. Conclude that the√class number is 1.
6. Find the class number of Q( 14). (It will be necessary to determine the number of
ideals of norm 3 as well as norm 2.)
Problems 7-10 consider bounds on the ¬eld discriminant.
7. Let L be a number ¬eld of degree n over Q, with ¬eld discriminant d. Show that
|d| ≥ an = (π/4)n n2n /(n!)2 .
8. Show that a2 = π 2 /4 and an+1 /an ≥ 3π/4. From this, derive the lower bound
|d| ≥ (π/3)(3π/4)n’1 for n ≥ 2.
9. Show that n/ log |d| is bounded above by a constant that is independent of the
particular number ¬eld.
10. Show that if L = Q, then |d| > 1, hence in any nontrivial extension of Q, at least one
prime must ramify.
Chapter 6

The Dirichlet Unit Theorem

As usual, we will be working in the ring B of algebraic integers of a number ¬eld L. Two
factorizations of an element of B are regarded as essentially the same if one is obtained
from the other by multiplication by a unit. Our experience with the integers, where
the only units are ±1, and the Gaussian integers, where the only units are ±1 and ±i,
suggests that units are not very complicated, but this is misleading. The Dirichlet unit
theorem gives a complete description of the structure of the multiplicative group of units
in a number ¬eld.



6.1 Preliminary Results
6.1.1 Lemma
Let B — be the group of units of B. An element x ∈ B belongs to B — if and only if
N (x) = ±1.
Proof. If xx’1 = 1, then 1 = N (1) = N (xx’1 ) = N (x)N (x’1 ), so the integer N (x) must
be ±1. Conversely, if the norm of x is ±1, then the characteristic equation of x has the
form xn + an’1 xn’1 + · · · + a1 x ± 1 = 0, with the ai ∈ Z [see (2.1.3) and (2.2.2)]. Thus
x(xn’1 + an’1 xn’2 + · · · + a2 x + a1 ) = “ 1. ™


6.1.2 The Logarithmic Embedding
Let σ : L ’ Rr1 — Cr2 = Rn be the canonical embedding de¬ned in (5.3.1). The
logarithmic embedding is the mapping » : L— ’ Rr1 +r2 given by

»(x) = (log |σ1 (x)|, . . . , log |σr1 +r2 (x)|).

Since the σi are monomorphisms, »(xy) = »(x) + »(y), so » is a homomorphism from the
multiplicative group of L— to the additive group of Rr1 +r2 .

1
2 CHAPTER 6. THE DIRICHLET UNIT THEOREM

6.1.3 Lemma
Let C be a bounded subset of Rr1 +r2 , and let C = {x ∈ B — : »(x) ∈ C}. Then C is a
¬nite set.
Proof. Since C is bounded, all the numbers |σi (x)|, x ∈ B — , i = 1, . . . , n, will be con¬ned
to some interval [a’1 , a] with a > 1. Thus the elementary symmetric functions of the
σi (x) will also lie in some interval of this type. But by (2.1.6), the elementary symmetric
functions are the coe¬cients of the characteristic polynomial of x, and by (2.2.2), these
coe¬cients are integers. Thus there are only ¬nitely many possible characteristic polyno-
mials of elements x ∈ C , hence by (2.1.5), only ¬nitely many possible roots of minimal
polynomials of elements x ∈ C . We conclude that x can belong to C for only ¬nitely
many x. ™

6.1.4 Corollary
The kernel G of the homomorphism » restricted to B — is a ¬nite group.
Proof. Take C = {0} in (6.1.3). ™
The following result gives additional information about G.

6.1.5 Proposition
Let H be a ¬nite subgroup of K — , where K is an arbitrary ¬eld. Then H consists of roots
of unity and is cyclic.
Proof. Let z be an element of H whose order n is the exponent of H, that is, the least
common multiple of the orders of all the elements of H. Then y n = 1 for every y ∈ H, so
H consists of roots of unity. Since the polynomial X n ’ 1 has at most n distinct roots,
we have |H| ¤ n. But 1, z, . . . , z n’1 are distinct elements of H, because z has order n.
Thus H is cyclic. ™
For our group G, even more is true.

6.1.6 Proposition
The group G consists exactly of all the roots of unity in the ¬eld L.
Proof. By (6.1.5), every element of G is a root of unity. Conversely, suppose xm = 1.
Then x is an algebraic integer (it satis¬es X m ’ 1 = 0) and for every i,

|σi (x)|m = |σi (xm )| = |1| = 1.

Thus |σi (x)| = 1 for all i, so log |σi (x)| = 0 and x ∈ G. ™

6.1.7 Proposition
B — is a ¬nitely generated abelian group, isomorphic to G — Zs where s ¤ r1 + r2 .
Proof. By (6.1.3), »(B — ) is a discrete subgroup of Rr1 +r2 . [“Discrete” means that any
bounded subset of Rr1 +r2 contains only ¬nitely many points of »(B — ).] It follows that
6.1. PRELIMINARY RESULTS 3

»(B — ) is a lattice in Rs , hence a free Z-module of rank s, for some s ¤ r1 + r2 . The proof
of this is outlined in the exercises. Now by the ¬rst isomorphism theorem, »(B — ) ∼ B — /G,
=
with »(x) corresponding to the coset xG. If x1 G, . . . , xs G form a basis for B — /G and
x ∈ B — , then xG is a ¬nite product of powers of the xi G, so x is an element of G times a
¬nite product of powers of the xi . Since the »(xi ) are linearly independent, so are the xi ,
provided we translate the notion of linear independence to a multiplicative setting. The
result follows. ™
We can improve the estimate of s.


6.1.8 Proposition
In (6.1.7), we have s ¤ r1 + r2 ’ 1.
Proof. If x ∈ B — , then by (6.1.1) and (2.1.6),

r1 +r2
r1
n
±1 = N (x) = σi (x) = σi (x) σj (x)σj (x).
j=r1 +1
i=1 i=1


Take absolute values and apply the logarithmic embedding to conclude that »(x) =
(y1 , . . . , yr1 +r2 ) lies in the hyperplane W whose equation is

r1 +r2
r1
yi + 2 yj = 0.
j=r1 +1
i=1


The hyperplane has dimension r1 + r2 ’ 1, so as in the proof of (6.1.7), »(B — ) is a free
Z-module of rank s ¤ r1 + r2 ’ 1. ™
In the next section, we will prove the Dirichlet unit theorem, which says that s actually
equals r1 + r2 ’ 1.


Problems For Section 6.1
We will show that if H is a discrete subgroup of Rn , in other words, for every bounded set
C ⊆ Rn , H © C is ¬nite, then H is a lattice in Rr for some r ¤ n. Choose e1 , . . . , er ∈ H
such that the ei are linearly independent over R and r is as large as possible. Let T
be the closure of the fundamental domain determined by the ei , that is, the set of all
r
x = i=1 ai ei , with 0 ¤ ai ¤ 1. Since H is discrete, H © T is a ¬nite set.
r
Now let x be any element of H. By choice of r we have x = i=1 bi ei with bi ∈ R.
r
1. If j is any integer, set xj = jx ’ i=1 jbi ei , where y is the maximum of all integers
z ¤ y. Show that xj ∈ H © T .
2. By examining the above formula for xj with j = 1, show that H is a ¬nitely generated
Z-module.
3. Show that the bi are rational numbers.
4. Show that for some nonzero integer d, dH is a free Z-module of rank at most r.
5. Show that H is a lattice in Rr .
4 CHAPTER 6. THE DIRICHLET UNIT THEOREM

6.2 Statement and Proof of Dirichlet™s Unit Theorem
6.2.1 Theorem
The group B — of units of a number ¬eld L is isomorphic to G — Zs , where G is a ¬nite
cyclic group consisting of all the roots of unity in L, and s = r1 + r2 ’ 1.
Proof. In view of (6.1.4)-(6.1.8), it su¬ces to prove that s ≥ r1 + r2 ’ 1. Equivalently,
by the proof of (6.1.7), the real vector space V = »(B — ) contains r1 + r2 ’ 1 linearly
independent vectors. Now by the proof of (6.1.8), V is a subspace of the (r1 + r2 ’ 1)-
dimensional hyperplane W , so we must prove that V = W . To put it another way, every
linear form f that vanishes on V must vanish on W . This is equivalent to saying that if
f does not vanish on W , then it cannot vanish on V , that is, for some unit u ∈ B — we
have f (»(u)) = 0.
Step 1. We apply Minkowski™s convex body theorem (5.1.3b) to the set

S = {(y1 , . . . , yr1 , z1 , . . . , zr2 ) ∈ Rr1 — Cr2 : |yi | ¤ ai , |zj | ¤ ar1 +j }

where i ranges from 1 to r1 and j from 1 to r2 . We specify the ai as follows. Fix
the positive real number b ≥ 2n’r1 (1/2π)r2 |d|1/2 . Given arbitrary positive real numbers
a1 , . . . , ar , where r = r1 + r2 ’ 1, we choose the positive real number ar+1 such that
r1 +r2
r1
a2 = b.
ai j
j=r1 +1
i=1

The set S is compact, convex, and symmetric about the origin, and its volume is
r1 +r2
r1
πa2 = 2r1 π r2 b ≥ 2n’r2 |d|1/2 .
2ai j
j=r1 +1
i=1


We apply (5.1.3b) with S as above and H = σ(B) [see (5.3.3)], to get S © (H \ {0}) = ….
Thus there is a nonzero algebraic integer x = xa , a = (a1 , . . . , ar ), such that σ(xa ) ∈ S,
and consequently,

|σi (xa )| ¤ ai , i = 1, . . . , n,

where we set aj+r2 = aj , j = r1 + 1, . . . , r1 + r2 .
Step 2. We will show that the norms of the xa are bounded by b in absolute value, and

0 ¤ log ai ’ log |σi (xa )| ¤ log b.

Using step 1, along with (2.1.6) and the fact that the norm of an algebraic integer is a
rational integer [see (2.2.2)], we ¬nd
r1 +r2
r1
n
1 ¤ |N (xa )| = |σi (xa )| ¤ a2 = b.
ai j
j=r1 +1
i=1 i=1
6.2. STATEMENT AND PROOF OF DIRICHLET™S UNIT THEOREM 5

But for any i,

a’1 = ai b’1 .
|σj (xa )|’1 ≥
|σi (xa )| = |N (xa )| j
j=i j=i


Thus ai b’1 ¤ |σi (xa )| ¤ ai for all i, so 1 ¤ ai /|σi (xa )| ¤ b. Take logarithms to obtain
the desired chain of inequalities.
Step 3. Completion of the proof. In the equation of the hyperplane W , y1 , . . . , yr can be
speci¬ed arbitrarily and we can solve for yr+1 . Thus if f is a nonzero linear form on W ,
then f can be expressed as f (y1 , . . . , yr+1 ) = c1 y1 + · · · + cr yr with not all ci ™s zero. By
r
de¬nition of the logarithmic embedding [see (6.1.2)], f (»(xa )) = i=1 ci log |σi (xa )|, so if
we multiply the inequality of Step 2 by ci and sum over i, we get
r r r
| ci log ai ’ f (»(xa ))| = | ci (log ai ’ log |σi (xa )|)| ¤ |ci | log b.
i=1 i=1 i=1

Choose a positive real number t greater than the right side of this equation, and for every
r
positive integer h, choose positive real numbers aih , i = 1, . . . , r, such that i=1 ci log aih
coincides with 2th. (This is possible because not all ci ™s are zero.) Let a(h) = (a1h , . . . , arh ),
and let xh be the corresponding algebraic integer xa(h) . Then by the displayed equation
above and the choice of t to exceed the right side, we have |f (»(xh )) ’ 2th| < t, so

(2h ’ 1)t < f (»(xh )) < (2h + 1)t.

Since the open intervals ((2h ’ 1)t, (2h + 1)t) are (pairwise) disjoint, it follows that the
f (»(xh )), h = 1, 2, . . . , are all distinct. But by Step 2, the norms of the xh are all bounded
in absolute value by the same positive constant, and by (4.2.13), only ¬nitely many ideals
can have a given norm. By (4.2.6), there are only ¬nitely many distinct ideals of the
form Bxh , so there are distinct h and k such that Bxh = Bxk . But then xh and xk are
associates, hence for some unit u we have xh = uxk , hence »(xh ) = »(u) + »(xk ). By
linearity of f and the fact that f (»(xh )) = f (»(xk )), we have f (»(u)) = 0. ™


6.2.2 Remarks
The unit theorem implies that there are r = r1 + r2 ’ 1 units u1 , . . . , ur in B such that
every unit of B can be expressed uniquely as

u = z u n 1 · · · u nr
r
1

where the ui are algebraic integers and z is a root of unity in L. We call {u1 , . . . , ur } a
fundamental system of units for the number ¬eld L.
As an example, consider the cyclotomic extension L = Q(z), where z is a primitive
p root of unity, p an odd prime. The degree of the extension is •(p) = p ’ 1, and an
th

embedding σj maps z to z j , j = 1, . . . , p ’ 1. Since these z j ™s are never real, we have
r1 = 0 and 2r2 = p ’ 1. Therefore r = r1 + r2 ’ 1 = (p ’ 3)/2.
6 CHAPTER 6. THE DIRICHLET UNIT THEOREM

6.3 Units in Quadratic Fields
6.3.1 Imaginary Quadratic Fields

First, we look at number ¬elds L = Q( m), where m is a square-free negative integer.
There are no real embeddings, so r1 = 0 and 2r2 = n = 2, hence r2 = 1. But then
r1 + r2 ’ 1 = 0, so the only units in B are the roots of unity in L. We will use (6.1.1) to
determine the units.

Case 1. Assume m ≡ 1 mod 4. By (2.3.11), an algebraic integer has the form x = a+b m
for integers a and b. By (6.1.1) and (2.1.10), x is a unit i¬ N (x) = a2 ’ mb2 = ±1. Thus
if m ¤ ’2, then b = 0 and a = ±1. If m = ’1, we have the additional possibility
a = 0, b = ±1.

Case 2. Assume m ≡ 1 mod 4. By (2.3.11), x = a + b(1 + m)/2, and by (2.1.10),
N (x) = (a + b/2)2 ’ mb2 /4 = [(2a + b)2 ’ mb2 ]/4. Thus x is a unit if and only if
(2a + b)2 ’ mb2 = 4. We must examine m = ’3, ’7, ’11, ’15, . . . . If m ¤ ’7, then
b = 0, a = ±1. If m = ’3, we have the additional possibilities b = ±1, (2a ± b)2 = 1, that
is, a = 0, b = ±1; a = 1, b = ’1; a = ’1, b = 1.
To summarize, if B is the ring of algebraic integers of an imaginary quadratic ¬eld,
then the group G of units of B is {1, ’1}, except in the following two cases:
1. If L = Q(i), then G = {1, i, ’1, ’i}, the group of 4th roots of unity in L.
√ √
2. If L = Q( ’3), then G = {[(1 + ’3)/2]j , j = 0, 1,√ 3, 4, 5}, the group of 6th roots
2,
of unity in L. We may list the elements x = a + b/2 + b ’3/2 ∈ G as follows:
j = 0 ’ x = 1 (a = 1, b = 0)

j = 1 ’ x = (1 + √ ’3)/2 (a = 0, b = 1)
j = 2 ’ x = (’1 + ’3)/2 (a = ’1, b = 1)
j = 3 ’ x = ’1 (a = ’1, b = 0)

j = 4 ’ x = ’(1 + ’3)/2 (a = 0, b = ’1)

j = 5 ’ x = (1 ’ ’3)/2 (a = 1, b = ’1).


6.3.2 Remarks
Note that G, a ¬nite cyclic group, has a generator, necessarily a primitive root of unity.
Thus G will consist of all tth roots of unity for some t, and the ¬eld L will contain only
¬nitely many roots of unity. This is a general observation, not restricted to the quadratic
case.

6.3.3 Real Quadratic Fields

Now we examine L = Q( m), where m is a square-free positive integer. Since the
√ √
Q-automorphisms of L are the identity and a + b m ’ a ’ b m, there are two real
embeddings and no complex embeddings. Thus r1 = 2, r2 = 0, and r1 + r2 ’ 1 = 1. The
only roots of unity in R are ±1, so by (6.2.1) or (6.2.2), the group of units in the ring of
algebraic integers is isomorphic to {’1, 1} — Z. If u is a unit and 0 < u < 1, then 1/u
is a unit and 1/u > 1. Thus the units greater than 1 are hn , n = 1, 2, . . . , where h, the
unique generator greater than 1, is called the fundamental unit of L.
6.3. UNITS IN QUADRATIC FIELDS 7


Case 1. Assume m ≡ 1 mod 4. The algebraic integers are of the form x = a + b m
with a, b ∈ Z. Thus we are looking for solutions for N (x) =√ 2 ’ mb2 = ±1. Note that
a

if x = a + b m is a solution, then the four numbers ±a ± b m are x, ’x, x’1 , ’x’1 in
some order. Since a number and its inverse cannot both be greater than 1, and similarly
for a number and its negative, it follows that exactly one of the four numbers is greater
than one, namely the number with a and b positive. The fundamental unit, which is the
smallest unit greater than 1, can be found as follows. Compute mb2 for b = 1, 2, 3, √ . ,
..
and stop at the ¬rst number mb1 that di¬ers from a square a1 by ±1. Then a1 + b1 m
2 2

is the fundamental unit.
There is a more e¬cient computational technique using the continued fraction expan-

sion of m. Details are given in many texts on elementary number theory.
Case 2. Assume m ≡ 1 mod 4. It follows from (2.2.6) that the algebraic integers are of

the form x = 1 (a+b m), where a and b are integers of the same parity, both even or both
2
odd. Since the norm of x is 1 (a2 ’ mb2 ), x is a unit i¬ a2 ’ mb2 = ±4. Moreover, if a and
4
integers satisfying a2 ’ mb2 = ±4, then a and b must have the same parity, hence
b are √
a + b m is an algebraic integer and therefore a unit of B. To calculate the fundamental
unit, compute mb2 , b = 1, 2, 3, . . . , and stop at the ¬rst number mb2 that di¬ers from a
√ 1
square a1 by ±4. The fundamental unit is 2 (a1 + b1 m).
1
2



Problems For Section 6.3

1. Calculate the fundamental unit of Q( m) for m = 2, 3, 5, 6, 7, 10, 11, 13, 14, 15, 17.
In Problems 2-5, we assume m ≡ 1 mod 4. Suppose that we look for solutions to
a ’ mb2 = ±1 (rather than a2 ’ mb2 = ±4). We get units belonging to a subring
2

B0 = Z[ m] of the ring B of algebraic integers, and √ positive units of B0 form a
the
1
subgroup H of the positive units of B. Let u = 2 (a + b m) be the fundamental unit of
the number ¬eld L.
2. If a and b are both even, for example when m = 17, show that H consists of the powers
of u, in other words, B0 = B — .


3. If a and b are both odd, show that u3 ∈ B0 .
4. Continuing Problem 3, show that u2 ∈ B0 , so H consists of the powers of u3 .
/
5. Verify the conclusions of Problems 3 and 4 when m = 5 and m = 13.
Chapter 7

Cyclotomic Extensions

A cyclotomic extension Q(ζn ) of the rationals is formed by adjoining a primitive nth
root of unity ζn . In this chapter, we will ¬nd an integral basis and calculate the ¬eld
discriminant.


7.1 Some Preliminary Calculations
7.1.1 The Cyclotomic Polynomial
Recall that the cyclotomic polynomial ¦n (X) is de¬ned as the product of the terms X ’ζ,
where ζ ranges over all primitive nth roots of unity in C. Now an nth root of unity is
a primitive dth root of unity for some divisor d of n, so X n ’ 1 is the product of all
cyclotomic polynomials ¦d (X) with d a divisor of n. In particular, let n = pr be a prime
power. Since a divisor of pr is either pr or a divisor of pr’1 , we have
r
Xp ’ 1 tp ’ 1
= 1 + t + · · · + tp’1
¦pr (X) = pr’1 =
t’1
’1
X
r’1
where t = X p . If X = 1 then t = 1, and it follows that ¦pr (1) = p.
Until otherwise speci¬ed, we assume that n is a prime power pr .

7.1.2 Lemma
Let ζ and ζ be primitive (pr )th roots of unity. Then u = (1 ’ ζ )/(1 ’ ζ) is a unit in Z[ζ],
hence in the ring of algebraic integers.
Proof. Since ζ is primitive, ζ = ζ s for some s (not a multiple of p). It follows that
u = (1’ζ s )/(1’ζ) = 1+ζ+· · ·+ζ s’1 ∈ Z[ζ]. By symmetry, (1’ζ))/(1’ζ ) ∈ Z[ζ ] = Z[ζ],
and the result follows. ™

7.1.3 Lemma
Let π = 1 ’ ζ and e = •(pr ) = pr’1 (p ’ 1), where • is the Euler phi function. Then the
principal ideals (p) and (π)e coincide.

1
2 CHAPTER 7. CYCLOTOMIC EXTENSIONS

Proof. By (7.1.1) and (7.1.2),
1’ζ r
(1 ’ ζ ) = )(1 ’ ζ) = v(1 ’ ζ)•(p )
p = ¦pr (1) = (
1’ζ
ζ ζ

where v is a unit in Z[ζ]. The result follows. ™
We can now give a short proof of a basic result, but remember that we are operating
under the restriction that n = pr .

7.1.4 Proposition
The degree of the extension Q(ζ)/Q equals the degree of the cyclotomic polynomial,
namely •(pr ). Therefore the cyclotomic polynomial is irreducible over Q.
Proof. By (7.1.3), (p) has at least e = •(pr ) prime factors (not necessarily distinct) in
the ring of algebraic integers of Q(ζ). By the ram-rel identity (4.1.6), e ¤ [Q(ζ) : Q]. But
[Q(ζ) : Q] cannot exceed the degree of a polynomial having ζ as a root, so [Q(ζ) : Q] ¤ e.
If ζ were a root of an irreducible factor of ¦pr , then the degree of the cyclotomic extension
would be less than •(pr ), contradicting what we have just proved. ™

7.1.5 Lemma
Let B be the ring of algebraic integers of Q(ζ). Then (π) is a prime ideal (equivalently,
π is a prime element) of B. The relative degree f of (π) over (p) is 1, hence the injection
Z/(p) ’ B/(π) is an isomorphism.
Proof. If (π) were not prime, (p) would have more than •(pr ) prime ideal factors, which
is impossible, in view of the ram-rel identity. This identity also gives f = 1. ™
We will need to do several discriminant computations, and to prepare for this, we do
some calculations of norms. The symbol N with no subscript will mean the norm in the
extension Q(ζ)/Q.

7.1.6 Proposition
s s
N (1 ’ ζ) = ±p, and more generally, N (1 ’ ζ p ) = ±pp , 0 ¤ s < r.
Proof. The minimal polynomial of 1’ζ is ¦pr (1’X), which has constant term ¦pr (1’0) =
s
p by (7.1.1). This proves the ¬rst assertion. If 0 < s < r, then ζ p is a primitive (pr’s )th
root of unity, so by the above calculation with r replaced by r ’ s,
s
N1 (1 ’ ζ p ) = ±p
s
where N1 is the norm in the extension Q(ζ p )/Q. By transitivity of norms [see (2.1.7)]
s
applied to the chain Q(ζ), Q(ζ p ), Q, and the formula in (2.1.3) for the norm of an element
of the base ¬eld, we get
s s
N (1 ’ ζ p ) = N1 ((1 ’ ζ p )b )
s s
where b = [Q(ζ) : Q(ζ p )] = •(pr )/•(pr’s ) = ps . Thus N (1 ’ ζ p ) = ±pb , and the result
follows. ™
In (7.1.6), the sign is (’1)•(n) ; see (2.1.3).
7.1. SOME PRELIMINARY CALCULATIONS 3

7.1.7 Proposition
r
. Then D = ±pc , where c =
)’1
Let D be the discriminant of the basis 1, ζ, . . . , ζ •(p
pr’1 (pr ’ r ’ 1).
Proof. By (2.3.6), D = ±N (¦pr (ζ)). Di¬erentiate the equation

r’1 r
’ 1)¦pr (X) = X p ’ 1
(X p

to get

’1 ’1
r’1 r’1 r
’ 1)¦pr (X) + pr’1 X p
(X p ¦pr (X) = pr X p .

Setting X = ζ and noting that ζ is a root of ¦pr , we have

’1 ’1
r r
’ 1)¦pr (ζ) + 0 = pr ζ p
(ζ p .

Thus

pr ζ p ’1
r

¦pr (ζ) = pr’1 .
’1
ζ

The norm of the denominator has been computed in (7.1.6). The norm of ζ is ±1, as
r r’1
ζ is a root of unity. The norm of pr is pr•(p ) = prp (p’1) . By (2.1.3), the norm is
multiplicative, so the norm of ¦pr (ζ) is ±pc , where

c = r(p ’ 1)pr’1 ’ pr’1 = pr’1 (pr ’ r ’ 1). ™


7.1.8 Remarks
In (4.2.5), we related the norm of an ideal I to the ¬eld discriminant d and the discriminant
D(z) of a basis z for I. It is important to notice that the same argument works if I is
replaced by any free Z-module J of rank n. Thus if B is the ring of algebraic integers,
then

D(z) = |B/J|2 d.
r
Applying this result with z = {1, ζ, . . . , ζ •(p } and J = Z[ζ], we ¬nd that
)’1


D = |B/Z[ζ]|2 d.

Thus if we can show that the powers of ζ form an integral basis, so that Z[ζ] = B, then
in view of (7.1.7), we are able to calculate the ¬eld discriminant up to sign. Also, by the
exercises in Section 4.2, the only rami¬ed prime is p.
Let π = 1 ’ ζ as in (7.1.3), and recall the isomorphism Z/(p) ’ B/(π) of (7.1.5).
4 CHAPTER 7. CYCLOTOMIC EXTENSIONS

7.1.9 Lemma
For every positive integer m, we have Z[ζ] + pm B = B.
Proof. We ¬rst prove the identity with p replaced by π. If b ∈ B, then b + (π) = t + (π) for
some integer t, hence b’t ∈ (π). Thus Z[ζ]+πB = B, and consequently πZ[ζ]+π 2 B = πB.
Now iterate: If b ∈ B, then b = b1 + b2 , b1 ∈ Z[ζ], b2 ∈ πB. Then b2 = b3 + b4 , b3 ∈
πZ[ζ] ⊆ Z[ζ], b4 ∈ π 2 B. Observe that b = (b1 + b3 ) + b4 , so Z[ζ] + π 2 B = B. Continue
r
in this fashion to obtain the desired result. Now by (7.1.3), π •(p ) is p times a unit, so if
m = •(pr ), we can replace π m B by pB, so that Z[ζ] + pB = B. But we can iterate this
equation exactly as above, and the result follows. ™

7.1.10 Theorem
r
The set {1, ζ, . . . , ζ •(p )’1 } is an integral basis for the ring of algebraic integers of Q(ζpr ).
Proof. By (7.1.7) and (7.1.8), |B/Z[ζ]| is a power of p, so pm (B/Z[ζ]) = 0 for su¬ciently
large m. Therefore pm B ⊆ Z[ζ], hence by (7.1.9), Z[ζ] = B. ™

Problems For Section 7.1
This problem set will indicate how to ¬nd the sign of the discriminant of the basis
1, ±, . . . , ±n’1 of L = Q(±), where the minimal polynomial f of ± has degree n.
1. Let c1 , . . . , cr1 be the real conjugates of ±, that is, the real roots of f , and let
cr1 +1 , cr1 +1 , . . . , cr1 +r2 , cr1 +r2 be the complex (=non-real) conjugates. Show that the
sign of the discriminant is the sign of
r2
(cr1 +i ’ cr1 +i )2 .
i=1

2. Show that the sign of the discriminant is (’1)r2 , where 2r2 is the number of complex
embeddings.
3. Apply the results to ± = ζ, where ζ is a primitive (pr )th root of unity. (Note that a
nontrivial cyclotomic extension has no real embeddings.)


7.2 An Integral Basis of a Cyclotomic Field
In the previous section, we found that the powers of ζ form an integral basis when ζ is a
power of a prime. We will extend the result to all cyclotomic extensions.

7.2.1 Notation and Remarks
Let K and L be number ¬elds of respective degrees m and n over Q, and let KL be
ai bi with ai ∈ K
the composite of K and L. Then KL consists of all ¬nite sums
and bi ∈ L. This is because the composite can be formed by adjoining basis elements of
K/Q and L/Q one at a time, thus allowing an induction argument. Let R, S, T be the
algebraic integers of K, L, KL respectively. De¬ne RS as the set of all ¬nite sums ai bi
with ai ∈ R, bi ∈ S. Then RS ⊆ T , but equality does not hold in general. For example,
7.2. AN INTEGRAL BASIS OF A CYCLOTOMIC FIELD 5

√ √
look at K = Q( m1 ) and L = Q( m2 ), where m1 ≡ 3 mod 4, m2 ≡ 3 mod 4, hence
m1 m2 ≡ 1 mod 4.


7.2.2 Lemma
Assume that [KL : Q] = mn. Let σ be an embedding of K in C and „ an embedding of
L in C. Then there is an embedding of KL in C that restricts to σ on K and to „ on L.
Proof. The embedding σ has [KL : K] = n distinct extensions to embeddings of KL in
C, and if two of them agree on L, then they agree on KL (because they coincide with
σ on K). This contradicts the fact that the extensions are distinct. Thus we have n
embeddings of KL in C with distinct restrictions to L. But there are only n embeddings
of L in C, so one of them must be „ , and the result follows. ™


<<

. 2
( 4)



>>