If E is a ¬nite ¬eld of characteristic p, then E/Fp is a Galois extension. The Galois group

is cyclic and is generated by the Frobenius automorphism σ(x) = xp , x ∈ E.

Proof. E is a splitting ¬eld for a separable polynomial over Fp , so E/Fp is Galois; see

(6.3.1). Since xp = x for each x ∈ Fp , Fp is contained in the ¬xed ¬eld F( σ ). But

each element of the ¬xed ¬eld is a root of X p ’ X, so F( σ ) has at most p elements.

Consequently, F( σ ) = Fp . Now Fp = F(Gal(E/Fp ) by (6.1.2), so by the fundamental

theorem, Gal(E/Fp ) = σ . ™

6.4.3 Corollary

Let E/F be a ¬nite extension of a ¬nite ¬eld, with |E| = pn , |F | = pm . Then E/F is a

Galois extension. Moreover, m divides n, and Gal(E/F ) is cyclic and is generated by the

m

automorphism „ (x) = xp , x ∈ E. Furthermore, F is the only sub¬eld of E of size pm .

Proof. If the degree of E/F is d, then as in (6.4.1), (pm )d = pn , so d = n/m and m | n.

m

We may then reproduce the proof of (6.4.2) with Fp replaced by F , σ by „ , xp by xp ,

m

and X p by X p . Uniqueness of F as a sub¬eld of E with pm elements follows because

m

there is only one splitting ¬eld over Fp for X p ’ X inside E; see (3.2.1). ™

How do we know that ¬nite ¬elds (other than the Fp ) exist? There is no problem.

Given any prime p and positive integer n, we can construct E = GF (pn ) as a splitting

n

¬eld for X p ’ X over Fp . We have just seen that if E contains a sub¬eld F of size pm ,

then m is a divisor of n. The converse is also true, as a consequence of the following basic

result.

6.4.4 Theorem

The multiplicative group of a ¬nite ¬eld is cyclic. More generally, if G is a ¬nite subgroup

of the multiplicative group of an arbitrary ¬eld, then G is cyclic.

Proof. G is a ¬nite abelian group, hence contains an element g whose order r is the

exponent of G, that is, the least common multiple of the orders of all elements of G; see

Section 1.1, Problem 9. Thus if x ∈ G then the order of x divides r, so xr = 1. Therefore

each element of G is a root of X r ’ 1, so |G| ¤ r. But |G| is a multiple of the order of

every element, so |G| is at least as big as the least common multiple, so |G| ≥ r. We

conclude that the order and the exponent are the same. But then g has order |G|, so

G = g and G is cyclic. ™

6.4.5 Proposition

GF (pm ) is a sub¬eld of E = GF (pn ) if and only if m is a divisor of n.

Proof. The “only if” part follows from (6.4.3), so assume that m divides n. If t is any

positive integer greater than 1, then m | n i¬ (tm ’ 1) | (tn ’ 1). (A formal proof is not

di¬cult, but I prefer to do an ordinary long division of tn ’ 1 by tm ’ 1. The successive

12 CHAPTER 6. GALOIS THEORY

quotients are tn’m , tn’2m , tn’3m , . . . , so the division will be successful i¬ n ’ rm = 0 for

some positive integer r.) Taking t = p, we see that pm ’ 1 divides |E — |, so by (6.4.4)

and (1.1.4), E — has a subgroup H of order pm ’1. By Lagrange™s theorem, each x ∈ H∪{0}

m

satis¬es xp = x. As in the proof of (6.4.1), H ∪ {0} coincides with the set of roots of

m m

X p ’ X. Thus we may construct entirely inside GF (pn ) a splitting ¬eld for X p ’ X

over Fp . But this splitting ¬eld is a copy of GF (pm ). ™

In practice, ¬nite ¬elds are constructed by adjoining roots of carefully selected irre-

ducible polynomials over Fp . The following result is very helpful.

6.4.6 Theorem

n

Let p be a prime and n a positive integer. Then X p ’ X is the product of all monic

irreducible polynomials over Fp whose degree divides n.

n

Proof. Let us do all calculations inside E = GF (pn ) = the set of roots of f (X) = X p ’X.

If g(X) is any monic irreducible factor of f (X), and deg g = m, then all roots of g lie

in E. If ± is any root of g, then Fp (±) is a ¬nite ¬eld with pm elements, so m divides n by

(6.4.5) or (6.4.3). Conversely, let g(X) be a monic irreducible polynomial over Fp whose

degree m is a divisor of n. Then by (6.4.5), E contains a sub¬eld with pm elements,

and this sub¬eld must be isomorphic to Fp (±). If β ∈ E corresponds to ± under this

isomorphism, then g(β) = 0 (because g(±) = 0) and f (β) = 0 (because β ∈ E). Since g is

the minimal polynomial of β over Fp , it follows that g(X) divides f (X). By (6.4.1), the

roots of f are distinct, so no irreducible factor can appear more than once. The theorem

is proved. ™

6.4.7 The Explicit Construction of a Finite Field

By (6.4.4), the multiplicative group E — of a ¬nite ¬eld E = GF (pn ) is cyclic, so E — can

be generated by a single element ±. Thus E = Fp (±) = Fp [±], so that ± is a primitive

element of E. The minimal polynomial of ± over Fp is called a primitive polynomial. The

key point is that the nonzero elements of E are not simply the nonzero polynomials of

degree at most n ’ 1 in ±, they are the powers of ±. This is signi¬cant in applications to

coding theory. Let™s do an example over F2 .

The polynomial g(X) = X 4 + X + 1 is irreducible over F2 . One way to verify this is

to factor X 16 ’ X = X 16 + X over F2 ; the factors are the (necessarily monic) irreducible

polynomials of degrees 1,2 and 4. To show that g is primitive, we compute powers of ±:

±0 = 1, ±1 = ±, ±2 = ±2 , ±3 = ±3 , ±4 = 1 + ± (since g(±) = 0),

±5 = ± + ±2 , ±6 = ±2 + ±3 , ±7 = ±3 + ±4 = 1 + ± + ±3 , ±8 = ± + ±2 + ±4 = 1 + ±2

(since 1+1=0 in F2 ),

±9 = ±+±3 , ±10 = 1+±+±2 , ±11 = ±+±2 +±3 , ±12 = 1+±+±2 +±3 , ±13 = 1+±2 +±3 ,

±14 = 1 + ±3 ,

and at this point we have all 24 ’ 1 = 15 nonzero elements of GF (16). The pattern now

repeats, beginning with ±15 = ± + ±4 = 1.

For an example of a non-primitive polynomial, see Problem 1.

6.5. CYCLOTOMIC FIELDS 13

Problems For Section 6.4

1. Verify that the irreducible polynomial X 4 + X 3 + X 2 + X + 1 ∈ F2 [X] is not primitive.

2. Let F be a ¬nite ¬eld and d a positive integer. Show that there exists an irreducible

polynomial of degree d in F [X].

3. In (6.4.5) we showed that m | n i¬ (tm ’ 1) | (tn ’ 1) (t = 2, 3, . . . ). Show that an

equivalent condition is (X m ’ 1) divides (X n ’ 1).

If E is a ¬nite extension of a ¬nite ¬eld, or more generally a ¬nite separable extension

of a ¬eld F , then by the theorem of the primitive element, E = F (±) for some ± ∈ E.

We now develop a condition equivalent to the existence of a primitive element.

4. Let E/F be a ¬nite extension, with E = F (±) and F ¤ L ¤ E. Suppose that the min-

r’1

imal polynomial of ± over L is g(X) = i=0 bi X i + X r , and let K = F (b0 , . . . , br’1 ).

If h is the minimal polynomial of ± over K, show that g = h, and conclude that

L = K.

5. Continuing Problem 4, show that there are only ¬nitely many intermediate ¬elds L

between E and F .

6. Conversely, let E = F (±1 , . . . , ±n ) be a ¬nite extension with only ¬nitely many inter-

mediate ¬elds between E and F . We are going to show by induction that E/F has a

primitive element. If n = 1 there is nothing to prove, so assume the result holds for

all integers less than n. If L = F (±1 , . . . , ±n’1 ), show that E = F (β, ±n ) for some

β ∈ L.

7. Now assume (without loss of generality) that F is in¬nite. Show that there are distinct

elements c, d ∈ F such that F (cβ + ±n ) = F (dβ + ±n ).

8. Continuing Problem 7, show that E = F (cβ + ±n ). Thus a ¬nite extension has a

primitive element i¬ there are only ¬nitely many intermediate ¬elds.

9. Let ± be an element of the ¬nite ¬eld GF (pn ). Show that ± and ±p have the same

minimal polynomial over Fp .

10. Suppose that ± is an element of order 13 in the multiplicative group of nonzero

elements in GF (3n ). Partition the integers {0, 1, . . . , 12} into disjoint subsets such

that if i and j belong to the same subset, then ±i and ±j have the same minimal

polynomial. Repeat for ± an element of order 15 in GF (2n ). [Note that elements of

the speci¬ed orders exist, because 13 divides 26 = 33 ’ 1 and 15 = 24 ’ 1.]

6.5 Cyclotomic Fields

6.5.1 De¬nitions and Comments

Cyclotomic extensions of a ¬eld F are formed by adjoining nth roots of unity. Formally, a

cyclotomic extension of F is a splitting ¬eld E for f (X) = X n ’ 1 over F . The roots of f

are called nth roots of unity, and they form a multiplicative subgroup of the group E — of

nonzero elements of E. This subgroup must be cyclic by (6.4.4). A primitive nth root of

unity is one whose order in E — is n.

14 CHAPTER 6. GALOIS THEORY

It is tempting to say “obviously, primitive nth roots of unity must exist, just take a

generator of the cyclic subgroup”. But suppose that F has characteristic p and p divides n,

say n = mp. If ω is an nth root of unity, then

0 = ω n ’ 1 = (ω m ’ 1)p

so the order of ω must be less than n. To avoid this di¬culty, we assume that the

characteristic of F does not divide n. Then f (X) = nX n’1 = 0, so the greatest common

divisor of f and f is constant. By (3.4.2), f is separable, and consequently E/F is Galois.

Since there are n distinct nth roots of unity, there must be a primitive nth root of unity ω,

and for any such ω, we have E = F (ω).

If σ is any automorphism in the Galois group Gal(E/F ), then σ must take a primitive

root of unity ω to another primitive root of unity ω r , where r and n are relatively prime.

(See (1.1.5).) We can identify σ with r, and this shows that Gal(E/F ) is isomorphic to a

subgroup of Un , the group of units mod n. Consequently, the Galois group is abelian.

Finally, by the fundamental theorem (or (3.5.9)), [E : F ] = | Gal(E/F )|, which is a

divisor of |Un | = •(n).

Cyclotomic ¬elds are of greatest interest when the underlying ¬eld F is Q, the rational

numbers, and from now on we specialize to that case. The primitive nth roots of unity

are ei2πr/n where r and n are relatively prime. Thus there are •(n) primitive nth roots

of unity. Finding the minimal polynomial of a primitive nth root of unity requires some

rather formidable equipment.

6.5.2 De¬nition

The nth cyclotomic polynomial is de¬ned by

(X ’ ωi )

Ψn (X) =

i

where the ωi are the primitive nth roots of unity in the ¬eld C of complex numbers. Thus

the degree of Ψn (X) is •(n).

¿From the de¬nition, we have Ψ1 (X) = X ’ 1 and Ψ2 (X) = X + 1. In general, the

cyclotomic polynomials can be calculated by the following recursion formula, in which d

runs through all positive divisors of n.

6.5.3 Proposition

Xn ’ 1 = Ψd (X).

d|n

In particular, if p is prime, then

Xp ’ 1

= X p’1 + X p’2 + · · · + X + 1.

Ψp (X) =

X ’1

6.5. CYCLOTOMIC FIELDS 15

Proof. If ω is an nth root of unity, then its order in C— is a divisor d of n, and in this

case, ω is a primitive dth root of unity, hence a root of Ψd (X). Conversely, if d | n, then

any root of Ψd (X) is a dth , hence an nth , root of unity. ™

¿From (6.5.3) we have

Ψ3 (X) = X 2 + X + 1,

Ψ4 (X) = X 2 + 1, Ψ5 (X) = X 4 + X 3 + X 2 + X + 1,

X 6 ’1 X 6 ’1 3

Ψ6 (X) = (X’1)(X+1)(X 2 +X+1) = (X 3 ’1)(X+1) = X +1 = X 2 ’ X + 1.

X+1

It is a natural conjecture that all coe¬cients of the cyclotomic polynomials are integers,

and this turns out to be correct.

6.5.4 Proposition

Ψn (X) ∈ Z[X].

Proof. By (6.5.3), we have

Xn ’ 1 = [ Ψd (X)]Ψn (X).

d|n,d<n

By de¬nition, the cyclotomic polynomials are monic, and by induction hypothesis, the

expression in brackets is a monic polynomial in Z[X]. Thus Ψn (X) is the quotient of two

monic polynomials with integer coe¬cients. At this point, all we know for sure is that

the coe¬cients of Ψn (X) are complex numbers. But if we apply ordinary long division,

even in C, we know that the process will terminate, and this forces the quotient Ψn (X)

to be in Z[X]. ™

We now show that the nth cyclotomic polynomial is the minimal polynomial of each

primitive nth root of unity.

6.5.5 Theorem

Ψn (X) is irreducible over Q.

Proof. Let ω be a primitive nth root of unity, with minimal polynomial f over Q. Since

ω is a root of X n ’ 1, we have X n ’ 1 = f (X)g(X) for some g ∈ Q[X]. Now it follows

from (2.9.2) that if a monic polynomial over Z is the product of two monic polynomials f

and g over Q, then in fact the coe¬cients of f and g are integers.

If p is a prime that does not divide n, we will show that ω p is a root of f . If not,

then it is a root of g. But g(ω p ) = 0 implies that ω is a root of g(X p ), so f (X) divides

g(X p ), say g(X p ) = f (X)h(X). As above, h ∈ Z[X]. But by the binomial expansion

modulo p, g(X)p ≡ g(X p ) = f (X)h(X) mod p. Reducing the coe¬cients of a polynomial

k(X) mod p is equivalent to viewing it as an element k ∈ Fp [X], so we may write g(X)p =

f (X)h(X). Then any irreducible factor of f must divide g, so f and g have a common

factor. But then X n ’ 1 has a multiple root, contradicting (3.4.2). [This is where we use

the fact that p does not divide n.]

Now we claim that every primitive nth root of unity is a root of f , so that deg f ≥

•(n) =deg Ψn , and therefore f = Ψn by minimality of f . The best way to visualize this

16 CHAPTER 6. GALOIS THEORY

is via a concrete example with all the features of the general case. If ω is a primitive nth

root of unity where n = 175, then ω 72 is a primitive nth root of unity because 72 and 175

are relatively prime. Moreover, since 72 = 23 — 32 , we have

ω 72 = (((((ω)2 )2 )2 )3 )3

and the result follows. ™

6.5.6 Corollary

The Galois group G of the nth cyclotomic extension Q(ω)/Q is isomorphic to the group Un

of units mod n.

Proof. By the fundamental theorem, |G| = [Q(ω) : Q] = deg Ψn = •(n) = |Un |. Thus the

monomorphism of G and a subgroup of Un (see (6.5.1)) is surjective. ™

Problems For Section 6.5

1. If p is prime and p divides n, show that Ψpn (X) = Ψn (X p ). (This formula is sometimes

useful in computing the cyclotomic polynomials.)

2. Show that the group of automorphisms of a cyclic group of order n is isomorphic to

the group Un of units mod n. (This can be done directly, but it is easier to make use

of the results of this section.)

We now do a detailed analysis of subgroups and intermediate ¬elds associated with the

cyclotomic extension Q7 = Q(ω)/Q where ω = ei2π/7 is a primitive 7th root of unity.

The Galois group G consists of automorphisms σi , i = 1, 2, 3, 4, 5, 6, where σi (ω) = ω i .

3. Show that σ3 generates the cyclic group G.

4. Show that the subgroups of G are 1 (order 1), σ6 (order 2), σ2 (order 3), and

G = σ3 (order 6).

5. The ¬xed ¬eld of 1 is Q7 and the ¬xed ¬eld of G is Q. Let K be the ¬xed ¬eld

of σ6 . Show that ω + ω ’1 ∈ K, and deduce that K = Q(ω + ω ’1 ) = Q(cos 2π/7).

6. Let L be the ¬xed ¬eld of σ2 . Show that ω + ω 2 + ω 4 belongs to L but not to Q.

7. Show that L = Q(ω + ω 2 + ω 4 ).

8. If q = pr , p prime, r > 0, show that

Ψq (X) = tp’1 + tp’2 + · · · + 1

r’1

where t = X p .

9. Assuming that the ¬rst 6 cyclotomic polynomials are available [see after (6.5.3)], cal-

culate Ψ18 (X) in an e¬ortless manner.

6.6. THE GALOIS GROUP OF A CUBIC 17

6.6 The Galois Group of a Cubic

Let f be a polynomial over F , with distinct roots x1 , . . . , xn in a splitting ¬eld E over F .

The Galois group G of f permutes the xi , but which permutations belong to G? When f

is a quadratic, the analysis is straightforward, and is considered in Section 6.3, Problem 4.

In this section we look at cubics (and some other manageable cases), and the appendix

to Chapter 6 deals with the quartic.

6.6.1 De¬nitions and Comments

Let f be a polynomial with roots x1 , . . . , xn in a splitting ¬eld. De¬ne

(xi ’ xj ).

∆(f ) =

i<j

The discriminant of f is de¬ned by

(xi ’ xj )2 .

D(f ) = ∆2 =

i<j

√

Let™s look at a quadratic polynomial f (X) = X 2 + bX + c, with roots 1 (’b ± b2 ’ 4c).

2

In order to divide by 2, we had better assume that the characteristic of F is not 2, and

this assumption is usually made before de¬ning the discriminant. In this case we have

(x1 ’x2 )2 = b2 ’4c, a familiar formula. Here are some basic properties of the discriminant.

6.6.2 Proposition

Let E be a splitting ¬eld of the separable polynomial f over F , so that E/F is Galois.

(a) D(f ) belongs to the base ¬eld F .

(b) Let σ be an automorphism in the Galois group G of f . Then σ is an even permutation

(of the roots of f ) i¬ σ(∆) = ∆, and σ is odd i¬ σ(∆) = ’∆.

(c) G ⊆ An , that is, G consists entirely of even permutations, i¬ D(f ) is the square of

an element of F (for short, D ∈ F 2 ).

Proof. Let us examine the e¬ect of a transposition σ = (i, j) on ∆. Once again it is

useful to consider a concrete example with all the features of the general case. Say

n = 15, i = 7, j = 10. Then

x3 ’ x7 ’ x3 ’ x10 , x3 ’ x10 ’ x3 ’ x7

x10 ’ x12 ’ x7 ’ x12 , x7 ’ x12 ’ x10 ’ x12

x7 ’ x8 ’ x10 ’ x8 , x8 ’ x10 ’ x8 ’ x7

x7 ’ x10 ’ x10 ’ x7 .

The point of the computation is that the net e¬ect of (i, j) on ∆ is to take xi ’ xj to

its negative. Thus σ(∆) = ’∆ when σ is a transposition. Thus if σ is any permutation,

we have σ(∆) = ∆ if ∆ is even, and σ(∆) = ’∆ if σ is odd. Consequently, σ(∆2 ) =

18 CHAPTER 6. GALOIS THEORY

(σ(∆))2 = ∆2 , so D belongs to the ¬xed ¬eld of G, which is F . This proves (a), and (b)

follows because ∆ = ’∆ (remember that the characteristic of F is not 2). Finally G ⊆ An

i¬ σ(∆) = ∆ for every σ ∈ G i¬ ∆ ∈ F(G) = F . ™

6.6.3 The Galois Group of a Cubic

In the appendix to Chapter 6, it is shown that the discriminant of the abbreviated cubic

X 3 + pX + q is ’4p3 ’ 27q 2 , and the discriminant of the general cubic X 3 + aX 2 + bX + c

is

a2 (b2 ’ 4ac) ’ 4b3 ’ 27c2 + 18abc.

Alternatively, the change of variable Y = X + a eliminates the quadratic term without

3

changing the discriminant.

We now assume that the cubic polynomial f is irreducible as well as separable. Then

the Galois group G is isomorphic to a transitive subgroup of S3 (see Section 6.3, Prob-

lem 3). By direct enumeration, G must be A3 or S3 , and by (6.6.2(c)), G = A3 i¬ the

discriminant D is a square in F .

If G = A3 , which is cyclic of order 3, there are no proper subgroups except {1}, so

there are no intermediate ¬elds strictly between E and F . However, if G = S3 , then the

proper subgroups are

{1, (2, 3)}, {1, (1, 3)}, {1, (1, 2)}, A3 = {1, (1, 2, 3), (1, 3, 2)}.

If the roots of f are ±1 , ±2 and ±3 , then the corresponding ¬xed ¬elds are

F (±1 ), F (±2 ), F (±3 ), F (∆)

where A3 corresponds to F (∆) because only even permutations ¬x ∆.

6.6.4 Example

Let f (X) = X 3 ’ 31X + 62 over Q. An application of the rational root test (Section 2.9,

Problem 1) shows that f is irreducible. The discriminant is ’4(’31)3 ’27(62)2 = 119164’

103788 = 15376 = (124)2 , which is a square in Q. Thus the Galois group of f is A3 .

We now develop a result that can be applied to certain cubics, but which has wider

applicability as well. The preliminary steps are also of interest.

6.6.5 Some Generating Sets of Sn

(i) Sn is generated by the transpositions (1, 2), (1, 3), . . . , (1, n).

[An arbitrary transposition (i, j) can be written as (1, i)(1, j)(1, i).]

(ii) Sn is generated by transpositions of adjacent digits, i.e., (1, 2), (2, 3), . . . , (n’1, n).

[Since (1, j ’ 1)(j ’ 1, j)(1, j ’ 1) = (1, j), we have

(1, 2)(2, 3)(1, 2) = (1, 3), (1, 3)(3, 4)(1, 3) = (1, 4), etc.,

and the result follows from (i).]

6.6. THE GALOIS GROUP OF A CUBIC 19

(iii) Sn is generated by the two permutations σ1 = (1, 2) and „ = (1, 2, . . . , n).

[If σ2 = „ σ1 „ ’1 , then σ2 is obtained by applying „ to the symbols of σ1 (see Section 5.2,

Problem 1). Thus σ2 = (2, 3). Similarly,

σ3 = „ σ2 „ ’1 = (3, 4), . . . , σn’1 = „ σn’2 „ ’1 = (n ’ 1, n),

and the result follows from (ii).]

(iv) Sn is generated by (1, 2) and (2, 3, . . . , n).

[(1, 2)(2, 3, . . . , n) = (1, 2, 3, . . . , n), and (iii) applies.]

6.6.6 Lemma

If f is an irreducible separable polynomial over F of degree n, and G is the Galois group

of f , then n divides |G|. If n is a prime number p, then G contains a p-cycle.

Proof. If ± is any root of f , then [F (±) : F ] = n, so by the fundamental theorem, G

contains a subgroup whose index is n. By Lagrange™s theorem, n divides |G|. If n = p,

then by Cauchy™s theorem, G contains an element σ of order p. We can express σ as a

product of disjoint cycles, and the length of each cycle must divide the order of σ. Since

p is prime, σ must consist of disjoint p-cycles. But a single p-cycle already uses up all the

symbols to be permuted, so σ is a p-cycle. ™

6.6.7 Proposition

If f is irreducible over Q and of prime degree p, and f has exactly two nonreal roots in

the complex ¬eld C, then the Galois group G of f is Sp .

Proof. By (6.6.6), G contains a p-cycle σ. Now one of the elements of G must be complex

conjugation „ , which is an automorphism of C that ¬xes R (hence Q). Thus „ permutes

the two nonreal roots and leaves the p ’ 2 real roots ¬xed, so „ is a transposition. Since

p is prime, σ k is a p-cycle for k = 1, . . . , p ’ 1. It follows that by renumbering symbols if

necessary, we can assume that (1, 2) and (1, 2, . . . , p) belong to G. By (6.6.5) part (iii),

G = Sp . ™

Problems For Section 6.6

In Problems 1“4, all polynomials are over the rational ¬eld Q, and in each case, you are

asked to ¬nd the Galois group G.

1. f (X) = X 3 ’ 2 (do it two ways)

2. f (X) = X 3 ’ 3X + 1

3. f (X) = X 5 ’ 10X 4 + 2

4. f (X) = X 3 + 3X 2 ’ 2X + 1 (calculate the discriminant in two ways)

5. If f is a separable cubic, not necessarily irreducible, then there are other possibilities

for the Galois group G of f besides S3 and A3 . What are they?

20 CHAPTER 6. GALOIS THEORY

6. Let f be an irreducible cubic over Q with exactly one real root. Show that D(f ) < 0,

and conclude that the Galois group of f is S3 .

7. Let f be an irreducible cubic over Q with 3 distinct real roots. Show that D(f ) > 0,

√ √

so that the Galois group is A3 or S3 according as D ∈ Q or D ∈ Q /

6.7 Cyclic and Kummer Extensions

The problem of solving a polynomial equation by radicals is thousands of years old, but

it can be given a modern ¬‚avor. We are looking for roots of f ∈ F [X], and we are only

allowed to use algorithms that do ordinary arithmetic plus the extraction of nth roots.

The idea is to identify those polynomials whose roots can be found in this way. Now if

√

a ∈ F and our algorithm computes θ = n a in some extension ¬eld of F , then θ is a root

of X n ’ a, so it is natural to study splitting ¬elds of X n ’ a.

6.7.1 Assumptions, Comments and a De¬nition

Assume

(i) E is a splitting ¬eld for f (X) = X n ’ a over F , where a = 0.

(ii) F contains a primitive nth root of unity ω.

These are natural assumption if we want to allow the computation of nth roots. If θ is

any root of f in E, then the roots of f are θ, ωθ, . . . , ω n’1 θ. (The roots must be distinct

because a, hence θ, is nonzero.) Therefore E = F (θ). Since f is separable, the extension

E/F is Galois (see (6.3.1)). If G = Gal(E/F ), then |G| = [E : F ] by the fundamental

theorem (or by (3.5.9)).

In general, a cyclic extension is a Galois extension whose Galois group is cyclic.

6.7.2 Theorem

Under the assumptions of (6.7.1), E/F is a cyclic extension and the order of the Galois

group G is a divisor of n. We have |G| = n if and only if f (X) is irreducible over F .

Proof. Let σ ∈ G; since σ permutes the roots of f by (3.5.1), we have σ(θ) = ω u(σ) θ.

[Note that σ ¬xes ω by (ii).] We identify integers u(σ) with the same residue mod n. If

σi (θ) = ω u(σi ) θ, i = 1, 2, then

σ1 (σ2 (θ)) = ω u(σ1 )+u(σ2 ) θ,

so

u(σ1 σ2 ) = u(σ1 ) + u(σ2 )

and u is a group homomorphism from G to Zn . If u(σ) is 0 mod n, then σ(θ) = θ, so σ is

the identity and the homomorphism is injective. Thus G is isomorphic to a subgroup of

Zn , so G is cyclic and |G| divides n.

If f is irreducible over F , then |G| = [E : F ] = [F (θ) : F ] = deg f = n. If f is not

irreducible over F , let g be a proper irreducible factor. If β is a root of g in E, then β is

also a root of f , so E = F (β) and |G| = [E : F ] = [F (β) : F ] = deg g < n. ™

6.7. CYCLIC AND KUMMER EXTENSIONS 21

Thus splitting ¬elds of X n ’ a give rise to cyclic extensions. Conversely, we can prove

that a cyclic extension comes from such a splitting ¬eld.

6.7.3 Theorem

Let E/F be a cyclic extension of degree n, where F contains a primitive nth root of

unity ω. Then for some nonzero a ∈ F , f (X) = X n ’ a is irreducible over F and E is a

splitting ¬eld for f over F .

Proof. Let σ be a generator of the Galois group of the extension. By Dedekind™s lemma

(6.1.6), the distinct automorphisms 1, σ, σ 2 , . . . , σ n’1 are linearly independent over E.

Thus 1 + ωσ + ω 2 σ 2 + · · · + ω n’1 σ n’1 is not identically 0, so for some β ∈ E we have

θ = β + ωσ(β) + · · · + ω n’1 σ n’1 (β) = 0.

Now

σ(θ) = σ(β) + ωσ 2 (β) + · · · + ω n’2 σ n’1 (β) + ω n’1 σ n (β) = ω ’1 θ

since σ n (β) = β. We take a = θn . To prove that a ∈ F , note that

σ(θn ) = (σ(θ))n = (ω ’1 θ)n = θn

and therefore σ ¬xes θn . Since σ generates G, all other members of G ¬x θn , hence a

belongs to the ¬xed ¬eld of Gal(E/F ), which is F .

Now by de¬nition of a, θ is a root of f (X) = X n ’ a, so the roots of X n ’ a

are θ, ωθ, . . . , ω n’1 θ. Therefore F (θ) is a splitting ¬eld for f over F . Since σ(θ) = ω ’1 θ,

the distinct automorphisms 1, σ, . . . , σ n’1 can be restricted to distinct automorhisms

of F (θ). Consequently,

n ¤ | Gal(F (θ)/F )| = [F (θ) : F ] ¤ deg f = n

so [F (θ) : F ] = n. It follows that E = F (θ) and (since f must be the minimal polynomial

of θ over F ) f is irreducible over F . ™

A ¬nite abelian group is a direct product of cyclic groups (or direct sum, in additive

notation; see (4.6.4)). It is reasonable to expect that our analysis of cyclic Galois groups

will help us to understand abelian Galois groups.

6.7.4 De¬nition

A Kummer extension is a ¬nite Galois extension with an abelian Galois group.

6.7.5 Theorem

Let E/F be a ¬nite extension, and assume that F contains a primitive nth root of unity ω.

Then E/F is a Kummer extension whose Galois group G has an exponent dividing n if

and only if there are nonzero elements a1 , . . . , ar ∈ √ such that E is a splitting ¬eld of

F √

(X ’ a1 ) · · · (X ’ ar ) over F . [For short, E = F ( a1 , . . . , n ar ).]

n n n

22 CHAPTER 6. GALOIS THEORY

Proof. We do the “if” part ¬rst. As in (6.7.1), we have E = F (θ1 , . . . , θr ) where θi is a

root of X n ’ ai . If σ ∈ Gal(E/F ), then σ maps θi to another root of X n ’ ai , so

σ(θi ) = ω ui (σ) θi .

Thus if σ and „ are any two automorphisms in the Galois group G, then σ„ = „ σ and G

is abelian. [The ui are integers, so ui (σ) + ui („ ) = ui („ ) + ui (σ).] Now restrict attention

to the extension F (θi ). By (6.7.2), the Galois group of F (θi )/F has order dividing n, so

σ n (θi ) = θi for all i = 1, . . . , r. Thus σ n is the identity, and the exponent of G is a divisor

of n.

For the “only if” part, observe that since G is a ¬nite abelian group, it is a direct

product of cyclic groups C1 , . . . , Cr . For each i = 1, . . . , r, let Hi be the product of the

Cj for j = i; by (1.5.3), Hi G. We have G/Hi ∼ Ci by the ¬rst isomorphism theorem.

=

(Consider the projection mapping x1 · · · xr ’ xi ∈ Ci .) Let Ki be the ¬xed ¬eld of Hi . By

the fundamental theorem, Ki /F is a Galois extension and its Galois group is isomorphic

to G/Hi , hence isomorphic to Ci . Thus Ki /F is a cyclic extension of degree di = |Ci |,

and di is a divisor of n. (Since G is the direct product of the Ci , some element of G has

order di , so di divides the exponent of G and therefore divides n.) We want to apply

(6.7.3) with n replaced by di , and this is possible because F contains a primitive dth root i

d

of unity, namely ω n/di . We conclude that Ki = F (θi ), where θi i is a nonzero element

d (n/di ) n/d

bi ∈ F . But θi = θi i = bi i = ai ∈ F .

n

Finally, in the Galois correspondence, the intersection of the Hi is paired with the

r

composite of the Ki , which is F (θ1 , . . . , θr ); see Section 6.3, Problem 7. But i=1 Hi = 1,

so E = F (θ1 , . . . , θr ), and the result follows. ™

Problems For Section 6.7

√√√√

1. Find the Galois group of the extension Q( 2, 3, 5, 7) [the splitting ¬eld of (X 2 ’

2)(X 2 ’ 3)(X 2 ’ 5)(X 2 ’ 7)] over Q.

2. Suppose that E is a splitting ¬eld for f (X) = X n ’ a over F , a = 0, but we drop

the second assumption in (6.7.1) that F contains a primitive nth root of unity. Is it

possible for the Galois group of E/F to be cyclic?

3. Let E be a splitting ¬eld for X n ’ a over F , where a = 0, and assume that the

characteristic of F does not divide n. Show that E contains a primitive nth root of

unity.

We now assume that E is a splitting ¬eld for f (X) = X p ’ c over F , where c = 0, p is

prime and the characteristic of F is not p. Let ω be a primitive pth root of unity in E (see

Problem 3). Assume that f is not irreducible over F , and let g be an irreducible factor

of f of degree d, where 1 ¤ d < p. Let θ be a root of g in E.

4. Let g0 be the product of the roots of g. (Since g0 is ± the constant term of g, g0 ∈ F .)

p

Show that g0 = θdp = cd .

5. Since d and p are relatively prime, there are integers a and b such that ad + bp = 1.

Use this to show that if X p ’ c is not irreducible over F , then it must have a root

in F .

6.8. SOLVABILITY BY RADICALS 23

6. Continuing Problem 5, show that if X p ’ c is not irreducible over F , then E = F (ω).

7. Continuing Problem 6, show that if X p ’ c is not irreducible over F , then X p ’ c

splits over F if and only if F contains a primitive pth root of unity.

Let E/F be a cyclic Galois extension of prime degree p, where p is the characteristic of F .

Let σ be a generator of G = Gal(E/F ). It is a consequence of Hilbert™s Theorem 90 (see

the Problems for Section 7.3) that there is an element θ ∈ E such that σ(θ) = θ + 1.

Prove the Artin-Schreier theorem:

8. E = F (θ).

9. θ is a root of f (X) = X p ’ X ’ a for some a ∈ F .

10. f is irreducible over F (hence a = 0).

Conversely, Let F be a ¬eld of prime characteristic p, and let E be a splitting ¬eld for

f (X) = X p ’ X ’ a, where a is a nonzero element of F .

11. If θ is any root of f in E, show that E = F (θ) and that f is separable.

12. Show that every irreducible factor of f has the same degree d, where d = 1 or p. Thus

if d = 1, then E = F , and if d = p, then f is irreducible over F .

13. If f is irreducible over F , show that the Galois group of f is cyclic of order p.

6.8 Solvability By Radicals

6.8.1 De¬nitions and Comments

We wish to solve the polynomial equation f (X) = 0, f ∈ F [X], under the restriction that

we are only allowed to perform ordinary arithmetic operations (addition, subtraction,

multiplication and division) on the coe¬cients, along with extraction of nth roots (for

any n = 2, 3, . . . ). A sequence of operations of this type gives rise to a sequence of

extensions

F ¤ F (±1 ) ¤ F (±1 , ±2 ) ¤ · · · ¤ F (±1 , . . . , ±r ) = E

where ±1 1 ∈ F and ±i i ∈ F (±1 , . . . , ±i’1 ), i = 2, . . . , r. Equivalently, we have

n n

F = F0 ¤ F1 ¤ · · · ¤ Fr = E

where Fi = Fi’1 (±i ) and ±i i ∈ Fi’1 , i = 1, . . . , r. We say that E is a radical extension

n

of F . It is convenient (and legal) to assume that n1 = · · · = nr = n. (Replace each ni

by the product of all the ni . To justify this, observe that if ±j belongs to a ¬eld L, then

±mj ∈ L, m = 2, 3, . . . .) Unless otherwise speci¬ed, we will make this assumption in all

hypotheses, conclusions and proofs.

We have already seen three explicit classes of radical extensions: cyclotomic, cyclic

and Kummer. (In the latter two cases, we assume that the base ¬eld contains a primitive

nth root of unity.)

24 CHAPTER 6. GALOIS THEORY

We say that the polynomial f ∈ F [X] is solvable by radicals if the roots of f lie in

some radical extension of F , in other words, there is a radical extension E of F such

that f splits over E.

Since radical extensions are formed by successively adjoining nth roots, it follows that

the transitivity property holds: If E is a radical extension of F and L is a radical extension

of E, then L is a radical extension of F .

A radical extension is always ¬nite, but it need not be normal or separable. We

will soon specialize to characteristic 0, which will force separability, and we can achieve

normality by taking the normal closure (see (3.5.11)).

6.8.2 Proposition

Let E/F be a radical extension, and let N be the normal closure of E over F . Then N/F

is also a radical extension.

Proof. E is obtained from F by successively adjoining ±1 , . . . , ±r , where ±i is the nth

root of an element in Fi’1 . On the other hand, N is obtained from F by adjoining

not only the ±i , but their conjugates ±i1 , . . . , ±im(i) . For any ¬xed i and j, there is an

automorphism σ ∈ Gal(N/F ) such that σ(±i ) = ±ij (see (3.2.3), (3.5.5) and (3.5.6)).

Thus

±ij = σ(±i )n = σ(±i )

n n

n n

and since ±i belongs to F (±1 , . . . , ±i’1 ), it follows from (3.5.1) that σ(±i ) belongs to

i’1

the splitting ¬eld Ki of j=1 min(±j , F ) over F . [Take K1 = F , and note that since

±1 = b1 ∈ F , we have σ(±1 ) = σ(b1 ) = b1 ∈ F. Alternatively, observe that by (3.5.1), σ

n n

must take a root of X n ’ b1 to another root of this polynomial.] Thus we can display N

as a radical extension of F by successively adjoining

±11 , . . . , ±1m(1) , . . . , ±r1 , . . . , ±rm(r) . ™

6.8.3 Preparation for the Main Theorem

If F has characteristic 0, then a primitive nth root of unity ω can be adjoined to F to

reach an extension F (ω); see (6.5.1). If E is a radical extension of F and F = F0 ¤

F1 ¤ · · · ¤ Fr = E, we can replace Fi by Fi (ω), i = 1, . . . , r, and E(ω) will be a radical

extension of F . By (6.8.2), we can pass from E(ω) to its normal closure over F . Here is

the statement we are driving at:

Let f ∈ F [X], where F has characteristic 0. If f is solvable by radicals, then there is

a Galois radical extension N = Fr ≥ · · · ≥ F1 ≥ F0 = F containing a splitting ¬eld K for

f over F , such that each intermediate ¬eld Fi , i = 1, . . . , r, contains a primitive nth root

of unity ω. We can assume that F1 = F (ω) and for i > 1, Fi is a splitting ¬eld for X n ’ bi

over Fi’1 . [(Look at the end of the proof of (6.8.2).] By (6.5.1), F1 /F is a cyclotomic

(Galois) extension, and by (6.7.2), each Fi /Fi’1 , i = 2, . . . , r is a cyclic (Galois) extension.

We now do some further preparation. Suppose that K is a splitting ¬eld for f over F ,

and that the Galois group of K/F is solvable, with

···

Gal(K/F ) = H0 H1 Hr = 1

6.8. SOLVABILITY BY RADICALS 25

with each Hi’1 /Hi abelian. By the fundamental theorem, we have the corresponding

sequence of ¬xed ¬elds

F = K0 ¤ K1 ¤ · · · ¤ Kr = K

with Ki /Ki’1 Galois and Gal(Ki /Ki’1 ) isomorphic to Hi’1 /Hi . Let us adjoin a primitive

nth root of unity ω to each Ki , so that we have ¬elds Fi = Ki (ω) with

F ¤ F0 ¤ F 1 ¤ · · · ¤ F r .

We take n = | Gal(K/F )|. Since Fi can be obtained from Fi’1 by adjoining everything

in Ki \ Ki’1 , we have

Fi = Fi’1 Ki = Ki Fi’1

the composite of Fi’1 and Ki , i = 1, . . . , r. We may now apply Theorem 6.2.2. In the

diamond diagram of Figure 6.2.1, at the top of the diamond we have Fi , on the left Ki ,

on the right Fi’1 , and on the bottom Ki © Fi’1 ⊇ Ki’1 (see Figure 6.8.1). We conclude

that Fi /Fi’1 is Galois, with a Galois group isomorphic to a subgroup of Gal(Ki /Ki’1 ).

Since Gal(Ki /Ki’1 ) ∼ Hi’1 /Hi , it follows that Gal(Fi /Fi’1 ) is abelian. Moreover, the

=

exponent of this Galois group divides the order of H0 , which coincides with the size of

Gal(K/F ). (This explains our choice of n.)

u i uuuu

F

uu uu

uu uu

uu uu

uu

u

Fi’1

Ki s

ss ss

ss ss

ss ss

ss s

s ss

Ki © Fi’1

Ki’1

Figure 6.8.1

6.8.4 Galois™ Solvability Theorem

Let K be a splitting ¬eld for f over F , where F has characteristic 0. Then f is solvable

by radicals if and only if the Galois group of K/F is solvable.

Proof. If f is solvable by radicals, then as in (6.8.3), we have

F = F 0 ¤ F 1 ¤ · · · ¤ Fr = N

26 CHAPTER 6. GALOIS THEORY

where N/F is Galois, N contains a splitting ¬eld K for f over F , and each Fi /Fi’1 is

Galois with an abelian Galois group. By the fundamental theorem, the corresponding

sequence of subgroups is

···

1 = Hr Hr’1 H0 = G = Gal(N/F )

with each Hi’1 /Hi abelian. Thus G is solvable, and since

Gal(K/F ) ∼ Gal(N/F )Gal(N/K)

=

[map Gal(N/F ) ’ Gal(K/F ) by restriction; the kernel is Gal(N/K)], Gal(K/F ) is solv-

able by (5.7.4).

Conversely, assume that Gal(K/F ) is solvable. Again as in (6.8.3), we have

F ¤ F 0 ¤ F1 ¤ · · · ¤ Fr

where K ¤ Fr , each Fi contains a primitive nth root of unity, with n = | Gal(K/F )|,

and Gal(Fi /Fi’1 ) is abelian with exponent dividing n for all i = 1, . . . , r. Thus each

Fi /Fi’1 is a Kummer extension whose Galois group has an exponent dividing n. By

(6.7.5) (or (6.5.1) for the case i = 1), each Fi /Fi’1 is a radical extension. By transitivity

(see (6.8.1)), Fr is a radical extension of F . Since K ⊆ Fr , f is solvable by radicals. ™

6.8.5 Example

Let f (X) = X 5 ’ 10X 4 + 2 over the rationals. The Galois group of f is S5 , which is not

solvable. (See Section 6.6, Problem 3 and Section 5.7, Problem 5.) Thus f is not solvable

by radicals.

There is a fundamental idea that needs to be emphasized. The signi¬cance of Galois™

solvability theorem is not simply that there are some examples of bad polynomials. The

key point is there is no general method for solving a polynomial equation over the rationals

by radicals, if the degree of the polynomial is 5 or more. If there were such a method,

then in particular it would work on Example (6.8.5), a contradiction.

Problems For Section 6.8

In the exercises, we will sketch another classical problem, that of constructions with ruler

and compass. In Euclidean geometry, we start with two points (0, 0) and (1, 0), and we

are allowed the following constructions.

(i) Given two points P and Q, we can draw a line joining them;

(ii) Given a point P and a line L, we can draw a line through P parallel to L;

(iii) Given a point P and a line L, we can draw a line through P perpendicular to L;

(iv) Given two points P and Q, we can draw a circle with center at P passing through Q;

(v) Let A, and similarly B, be a line or a circle. We can generate new points, called

constructible points, by forming the intersection of A and B. If (c, 0) (equivalently

(0, c)) is a constructible point, we call c a constructible number. It follows from (ii)

and (iii) that (a, b) is a constructible point i¬ a and b are constructible numbers. It

6.8. SOLVABILITY BY RADICALS 27

can be shown that every rational number is constructible, and that the constructible

numbers form a ¬eld. Now in (v), the intersection of A and B can be found by

ordinary arithmetic plus at worst the extraction of a square root. Conversely, the

square roof of any nonnegative constructible number can be constructed. Therefore

c is constructible i¬ there are real ¬elds Q = F0 ¤ F1 · · · ¤ Fr such that c ∈ Fr and

each [Fi : Fi’1 ] is 1 or 2. Thus if c is constructible, then c is algebraic over Q and

[Q(c) : Q] is a power of 2.

1. (Trisecting the angle) If it is possible to trisect any angle with ruler and compass, then

in particular a 60 degree angle can be trisected, so that ± = cos 20—¦ is constructible.

Using the identity

ei3θ = cos 3θ + i sin 3θ = (cos θ + i sin θ)3 ,

reach a contradiction.

2. (Duplicating the cube) Show that it is impossible to construct, with ruler and compass,

√

a cube whose volume is exactly 2. (The side of such a cube would be 3 2.)

3. (Squaring the circle) Show that if it were possible to construct a square with area π,

then π would be algebraic over Q. (It is known that π is transcendental over Q.)

To construct a regular n-gon, that is, a regular polygon with n sides, n ≥ 3,we must

be able to construct an angle of 2π/n; equivalently, cos 2π/n must be a constructible

number. Let ω = ei2π/n , a primitive nth root of unity.

Show that [Q(ω) : Q(cos 2π/n)] = 2.

4.

5. Show that if a regular n-gon is constructible, then the Euler phi function •(n) is a

power of 2.

Conversely, assume that •(n) is a power of 2.

6. Show that Gal(Q(cos 2π/n)/Q) is a 2-group, that is, a p-group with p = 2.

7. By Section 5.7, Problem 7, every nontrivial ¬nite p-group has a subnormal series in

which every factor has order p. Use this (with p = 2) to show that a regular n-gon is

constructible.

8. ¿From the preceding, a regular n-gon is constructible if and only if •(n) is a power

of 2. Show that an equivalent condition is that n = 2s q1 · · · qt , s, t = 0, 1, . . . , where

the qi are distinct Fermat primes, that is, primes of the form 2m + 1 for some positive

integer m.

Show that if 2m + 1 is prime, then m must be a power of 2. The only known Fermat

9.

primes have m = 2a , where a = 0, 1, 2, 3, 4 (232 + 1 is divisible by 641). [The key

point is that if a is odd, then X + 1 divides X a + 1 in Z[X]; the quotient is X a’1 ’

X a’2 + · · · ’ X + 1 (since a ’ 1 is even).]

Let F be the ¬eld of rational functions in n variables e1 , . . . , en over a ¬eld K with

characteristic 0, and let f (X) = X n ’ e1 X n’1 + e2 X n’2 ’ · · · + (’1)n en ∈ F [X]. If

±1 , . . . , ±n are the roots of f in a splitting ¬eld over F , then the ei are the elementary

symmetric functions of the ±i . Let E = F (±1 , . . . , ±n ), so that E/F is a Galois

extension and G = Gal(E/F ) is the Galois group of f .

Show that G ∼ Sn .

10. =

11. What can you conclude from Problem 10 about solvability of equations?

28 CHAPTER 6. GALOIS THEORY

6.9 Transcendental Extensions

6.9.1 De¬nitions and Comments

An extension E/F such that at least one ± ∈ E is not algebraic over F is said to be

transcendental. An idea analogous to that of a basis of an arbitrary vector space V turns

out to be pro¬table in studying transcendental extensions. A basis for V is a subset of V

that is linearly independent and spans V . A key result, whose proof involves the Steinitz

exchange, is that if {x1 , . . . , xm } spans V and S is a linearly independent subset of V ,

then |S| ¤ m. We are going to replace linear independence by algebraic independence

and spanning by algebraic spanning. We will ¬nd that every transcendental extension has

a transcendence basis, and that any two transcendence bases for a given extension have

the same cardinality. All these terms will be de¬ned shortly. The presentation in the

text will be quite informal; I believe that this style best highlights the strong connection

between linear and algebraic independence. An indication of how to formalize the devel-

opment is given in a sequence of exercises. See also Morandi, “Fields and Galois Theory”,

pp. 173“182.

Let E/F be an extension. The elements t1 , . . . , tn ∈ E are algebraically dependent

over F (or the set {t1 , . . . , tn } is algebraically dependent over F ) if there is a nonzero

polynomial f ∈ F [X1 , . . . , Xn ] such that f (t1 , . . . , tn ) = 0; otherwise the ti are alge-

braically independent over F . Algebraic independence of an in¬nite set means algebraic

independence of every ¬nite subset.

Now if a set T spans a vector space V , then each x in V is a linear combination

of elements of T , so that x depends on T in a linear fashion. Replacing “linear” by

“algebraic”, we say that the element t ∈ E depends algebraically on T over F if t is

algebraic over F (T ), the ¬eld generated by T over F (see Section 3.1, Problem 1). We

say that T spans E algebraically over F if each t in E depends algebraically on T over F ,

that is, E is an algebraic extension of F (T ). A transcendence basis for E/F is a subset

of E that is algebraically independent over F and spans E algebraically over F . (From

now on, we will frequently regard F as ¬xed and drop the phrase “over F ”.)

6.9.2 Lemma

If S is a subset of E, the following conditions are equivalent.

(i) S is a transcendence basis for E/F ;

(ii) S is a maximal algebraically independent set;

(iii) S is a minimal algebraically spanning set.

Thus by (ii), S is a transcendence basis for E/F i¬ S is algebraically independent and E

is algebraic over F (S).

Proof. (i) implies (ii): If S ‚ T where T is algebraically independent, let u ∈ T \ S.

Then u cannot depend on S algebraically (by algebraic independence of T ), so S cannot

span E algebraically.

6.9. TRANSCENDENTAL EXTENSIONS 29

(ii) implies (i): If S does not span E algebraically, then there exists u ∈ E such

that u does not depend algebraically on S. But then S ∪ {u} is algebraically independent,

contradicting maximality of S.

(i) implies (iii): If T ‚ S and T spans E algebraically, let u ∈ S \ T . Then u depends

algebraically on T , so T ∪ {u}, hence S, is algebraically dependent, a contradiction.

(iii) implies (i): If S is algebraically dependent, then some u ∈ S depends algebraically

on T = S \ {u}. But then T spans E algebraically, a contradiction. ™

6.9.3 Proposition

Every transcendental extension has a transcendence basis.

Proof. The standard argument via Zorn™s lemma that an arbitrary vector space has a

maximal linearly independent set (hence a basis) shows that an arbitrary transcendental

extension has a maximal algebraically independent set, which is a transcendence basis

by (6.9.2). ™

For completeness, if E/F is an algebraic extension, we can regard … as a transcendence

basis.

6.9.4 The Steinitz Exchange

If {x1 , . . . , xm } spans E algebraically and S ⊆ E is algebraically independent, then

|S| ¤ m.

Proof. Suppose that S has at least m + 1 elements y1 , . . . , ym+1 . Since the xi span E

algebraically, y1 depends algebraically on x1 , . . . , xm . The algebraic dependence relation

must involve at least one xi , say x1 . (Otherwise, S would be algebraically dependent.)

Then x1 depends algebraically on y1 , x2 , . . . , xm , so {y1 , x2 , . . . , xm } spans E algebraically.

We claim that for every i = 1, . . . , m, {y1 , . . . , yi , xi+1 , . . . , xm } spans E algebraically. We

have just proved the case i = 1. If the result holds for i, then yi+1 depends algebraically on

{y1 , . . . , yi , xi+1 , . . . , xm }, and the dependence relation must involve at least one xj , say

xi+1 for convenience. (Otherwise, S would be algebraically dependent.) Then xi+1 de-

pends algebraically on y1 , . . . , yi+1 , xi+2 , . . . , xm , so {y1 , . . . , yi+1 , xi+2 , . . . , xm } spans E

algebraically, completing the induction.

Since there are more y™s than x™s, eventually the x™s disappear, and y1 , . . . , ym span E

algebraically. But then ym+1 depends algebraically on y1 , . . . , ym , contradicting the alge-

braic independence of S. ™

6.9.5 Corollary

Let S and T be transcendence bases of E. Then either S and T are both ¬nite or they

are both in¬nite; in the former case, |S| = |T |.

Proof. Assume that one of the transcendence bases, say T , is ¬nite. By (6.9.4), |S| ¤ |T |,

so S is ¬nite also. By a symmetrical argument, |T | ¤ |S|, so |S| = |T |. ™

30 CHAPTER 6. GALOIS THEORY

6.9.6 Proposition

If S and T are arbitrary transcendence bases for E, then |S| = |T |. [The common value

is called the transcendence degree of E/F .]

Proof. By (6.9.5), we may assume that S and T are both in¬nite. Let T = {yi : i ∈ I}.

If x ∈ S, then x depends algebraically on ¬nitely many elements yi1 , . . . , yir in T . De¬ne

I(x) to be the set of indices {i1 , . . . , ir }. It follows that I = ∪{I(x) : x ∈ S}. For if j

belongs to none of the I(x), then we can remove yj from T and the resulting set will still

span E algebraically, contradicting (6.9.2) part (iii). Now an element of ∪{I(x) : x ∈ S}

is determined by selecting an element x ∈ S and then choosing an index in I(x). Since

I(x) is ¬nite, we have |I(x)| ¤ „µ0 . Thus

|I| = | {I(x) : x ∈ S}| ¤ |S|„µ0 = |S|

since S is in¬nite. Thus |T | ¤ |S|. By symmetry, |S| = |T |. ™

6.9.7 Example

Let E = F (X1 , . . . , Xn ) be the ¬eld of rational functions in the variables X1 , . . . , Xn

with coe¬cients in F . If f (X1 , . . . , Xn ) = 0, then f is the zero polynomial, so S =

{X1 , . . . , Xn } is an algebraically independent set. Since E = F (S), E is algebraic over

F (S) and therefore S spans E algebraically. Thus S is a transcendence basis.

Now let T = {X1 1 , . . . , Xn n }, where u1 , . . . , un are arbitrary positive integers. We

u u

claim that T is also a transcendence basis. As above, T is algebraically independent.

Moreover, each Xi is algebraic over F (T ). To see what is going on, look at a concrete

example, say T = {X1 , X2 , X3 }. If f (Z) = Z 3 ’ X2 ∈ F (T )[Z], then X2 is a root of f , so

5 3 4 3

X2 , and similarly each Xi , is algebraic over F (T ). By (3.3.3), E is algebraic over F (T ),

so T is a transcendence basis.

Problems For Section 6.9

1. If S is an algebraically independent subset of E over F , T spans E algebraically over F ,

and S ⊆ T , show that there is a transcendence basis B such that S ⊆ B ⊆ T .

2. Show that every algebraically independent set can be extended to a transcendence

basis, and that every algebraically spanning set contains a transcendence basis.

3. Prove carefully, for an extension E/F and a subset T = {t1 , . . . , tn } ⊆ E, that the

following conditions are equivalent.

(i) T is algebraically independent over F ;

(ii) For every i = 1, . . . , n, ti is transcendental over F (T \ {ti });

(iii) For every i = 1, . . . , n, ti is transcendental over F (t1 , . . . , ti’1 ) (where the state-

ment for i = 1 is that t1 is transcendental over F ).

4. Let S be a subset of E that is algebraically independent over F . Show that if t ∈ E \ S,

then t is transcendental over F (S) if and only if S ∪ {t} is algebraically independent

over F .

6.9. TRANSCENDENTAL EXTENSIONS 31

[Problems 3 and 4 suggest the reasoning that is involved in formalizing the results of this

section.]

5. Let F ¤ K ¤ E, with S a subset of K that is algebraically independent over F , and T

a subset of E that is algebraically independent over K. Show that S ∪T is algebraically

independent over F , and S © T = ….

6. Let F ¤ K ¤ E, with S a transcendence basis for K/F and T a transcendence basis

for E/K. Show that S ∪T is a transcendence basis for E/F . Thus if tr deg abbreviates

transcendence degree, then by Problem 5,

tr deg(E/F ) = tr deg(K/F ) + tr deg(E/K).

7. Let E be an extension of F , and T = {t1 , . . . , tn } a ¬nite subset of E. Show that

F (T ) is F -isomorphic to the rational function ¬eld F (X1 , . . . , Xn ) if and only if T is

algebraically independent over F .

8. An algebraic function ¬eld F in one variable over K is a ¬eld F/K such that there

exists x ∈ F transcendental over K with [F : K(x)] < ∞. If z ∈ F , show that z is

transcendental over K i¬ [F : K(z)] < ∞.

9. Find the transcendence degree of the complex ¬eld over the rationals.

Appendix To Chapter 6

We will develop a method for calculating the discriminant of a polynomial and apply the

result to a cubic. We then calculate the Galois group of an arbitrary quartic.

A6.1 De¬nition

If x1 , . . . , xn (n ≥ 2) are arbitrary elements of a ¬eld, the Vandermonde determinant of

the xi is

···

1 1 1

···

x1 x2 xn

det V = .

.

.

···

xn’1 xn’1 xn’1

n

1 2

A6.2 Proposition

(xj ’ xi ).

det V =

i<j

Proof. det V is a polynomial h of degree 1 + 2 + · · · + (n ’ 1) = ( n ) in the variables

2

x1 , . . . , xn , as is g = i<j (xj ’ xi ). If xi = xj for i < j, then the determinant is 0, so

by the remainder theorem (2.5.2), each factor of g, hence g itself, divides h. Since h and

g have the same degree, h = cg for some constant c. Now look at the leading terms of h

32 CHAPTER 6. GALOIS THEORY

and g, i.e., those terms in which xn appears to as high a power as possible, and subject

to this constraint, xn’1 appears to as high a power as possible, etc. In both cases, the

leading term is x2 x2 · · · xn’1 , and therefore c must be 1. (For this step it is pro¬table to

3 n

regard the xi as abstract variables in a polynomial ring. Then monomials xr1 · · · xrn with

n

1

di¬erent sequences (r1 , . . . , rn ) of exponents are linearly independent.) ™

A6.3 Corollary

If f is a polynomial in F [X] with roots x1 , . . . , xn in some splitting ¬eld over F , then the

discriminant of f is (det V )2 .

Proof. By de¬nition of the discriminant D of f (see 6.6.1), we have D = ∆2 where

∆ = ± det V . ™

A6.4 Computation of the Discriminant

The square of the determinant of V is det(V V t ), which is the determinant of

® ®

··· ··· xn’1

1 1 1 1 x1 1

x1 1 xn’1

··· ···

x2 xn x2

2

. .

° »° »

. .

. .

···

xn’1 xn’1 xn’1 xn’1

1 xn ...

n

1 2 n

and this in turn is

···

t0 t1 tn’1

···

t1 t2 tn

.

.

.

···

tn’1 tn t2n’2

where the power sums tr are given by

n

xr , r ≥ 1.

t0 = n, tr = i

i=1

We must express the power sums in terms of the coe¬cients of the polynomial f . This

will involve, improbably, an exercise in di¬erential calculus. We have

n n

(1 ’ xi z) = ci z i with c0 = 1;

F (z) =

i=1 i=0

the variable z ranges over real numbers. Take the logarithmic derivative of F to obtain

∞ ∞

n n

’xi

F (z) d

xj+1 z j = ’

=’ tj+1 z j .

= log F (z) =

1 ’ xi z i

F (z) dz i=1 i=1 j=0 j=0

6.9. TRANSCENDENTAL EXTENSIONS 33

Thus

∞

tj+1 z j = 0,

F (z) + F (z)

j=0

that is,

∞

n n

i’1 i

tj z j’1 = 0.

ici z + ci z

i=1 i=0 j=1

Equating powers of z r’1 , we have, assuming that n ≥ r,

rcr + c0 tr + c1 tr’1 + · · · + cr’1 t1 = 0; (1)

if r > n, the ¬rst summation does not contribute, and we get

tr + c1 tr’1 + · · · + cn tr’n = 0. (2)

Our situation is a bit awkward here because the roots of F (z) are the reciprocals of the xi .

n

The xi are the roots of i=0 ai z i where ai = cn’i (so that an = c0 = 1). The results can

be expressed as follows.

A6.5 Newton™s Identities

n

If f (X) = i=0 ai X i (with an = 1) is a polynomial with roots x1 , . . . , xn , then the power

sums ti satisfy

tr + an’1 tr’1 + · · · + an’r+1 t1 + ran’r = 0, r ¤ n (3)

and

tr + an’1 tr’1 + · · · + a0 tr’n = 0, r > n. (4)

A6.6 The Discriminant of a Cubic

First consider the case where the X 2 term is missing, so that f (X) = X 3 + pX + q. Then

n = t0 = 3, a0 = q, a1 = p, a2 = 0 (a3 = 1). Newton™s identities yield

t1 + a2 = 0, t1 = 0; t2 + a2 t1 + 2a1 = 0, t2 = ’2p;

t3 + a2 t2 + a1 t1 + 3a0 = 0, t3 = ’3a0 = ’3q;

t4 + a2 t3 + a1 t2 + a0 t1 = 0, t4 = ’p(’2p) = 2p2

’2p

3 0

’2p ’3q = ’4p3 ’ 27q 2 .

D= 0

’2p ’3q 2p2

We now go to the general case f (X) = X 3 + aX 2 + bX + c. The quadratic term can be

eliminated by the substitution Y = X + a . Then

3

a a a

f (X) = g(Y ) = (Y ’ )3 + a(Y ’ )2 + b(Y ’ ) + c

3 3 3

34 CHAPTER 6. GALOIS THEORY

a2 2a3 ba

p = b ’ ,q = ’

3

= Y + pY + q where + c.

3 27 3

Since the roots of f are translations of the roots of g by the same constant, the two

polynomials have the same discriminant. Thus D = ’4p3 ’ 27q 2 , which simpli¬es to

D = a2 (b2 ’ 4ac) ’ 4b3 ’ 27c2 + 18abc.

We now consider the Galois group of a quartic X 4 + aX 3 + bX 2 + cX + d, assumed

irreducible and separable over a ¬eld F . As above, the translation Y = X + a eliminates

4

the cubic term without changing the Galois group, so we may assume that f (X) =

X 4 + qX 2 + rX + s. Let the roots of f be x1 , x2 , x3 , x4 (distinct by separability), and

let V be the four group, realized as the subgroup of S4 containing the permutations

(1, 2)(3, 4), (1, 3)(2, 4) and (1, 4)(2, 3), along with the identity. By direct veri¬cation (i.e.,

brute force), V S4 . If G is the Galois group of f (regarded as a group of permutations

of the roots), then V © G G by the second isomorphism theorem.

A6.7 Lemma

F(V © G) = F (u, v, w), where

u = (x1 + x2 )(x3 + x4 ), v = (x1 + x3 )(x2 + x4 ), w = (x1 + x4 )(x2 + x3 ).

Proof. Any permutation in V ¬xes u, v and w, so GF (u, v, w) ⊇ V © G. If σ ∈ G

but σ ∈ V © G then (again by direct veri¬cation) σ moves at least one of u, v, w. For

/

example, (1,2,3) sends u to w, and (1,2) sends v to w. Thus σ ∈ GF (u, v, w). Therefore

/

GF (u, v, w) = V © G, and an application of the ¬xed ¬eld operator F completes the

proof. ™

A6.8 De¬nition

The resolvent cubic of f (X) = X 4 + qX 2 + rX + s is g(X) = (X ’ u)(X ’ v)(X ’ w).

To compute g, we must express its coe¬cients in terms of q, r and s. First note that

u ’ v = ’(x1 ’ x4 )(x2 ’ x3 ), u ’ w = ’(x1 ’ x3 )(x2 ’ x4 ), v ’ w = ’(x1 ’ x2 )(x3 ’ x4 ).

Thus f and g have the same discriminant. Now

X 4 + qX 2 + rX + s = (X 2 + kX + l)(X 2 ’ kX + m)

where the appearance of k and ’k is explained by the missing cubic term. Equating

coe¬cients gives l + m ’ k 2 = q, k(m ’ l) = r, lm = s. Solving the ¬rst two equations for

m and adding, we have 2m = k 2 + q + r/k, and solving the ¬rst two equations for l and

adding, we get 2l = k 2 + q ’ r/k. Multiply the last two equations and use lm = s to get

a cubic in k 2 , namely

k 6 + 2qk 4 + (q 2 ’ 4s)k 2 ’ r2 = 0.

(This gives a method for actually ¬nding the roots of a quartic.) To summarize,

f (X) = (X 2 + kX + l)(X 2 ’ kX + m)

6.9. TRANSCENDENTAL EXTENSIONS 35

where k 2 is a root of

h(X) = X 3 + 2qX 2 + (q 2 ’ 4s)X ’ r2 .

We claim that the roots of h are simply ’u, ’v, ’w. For if we arrange the roots of f so

that x1 and x2 are the roots of X 2 + kX + l, and x3 and x4 are the roots of X 2 ’ kX + m,

then k = ’(x1 + x2 ), ’k = ’(x3 + x4 ), so ’u = k 2 . The argument for ’v and ’w

is similar. Therefore to get g from h, we simply change the sign of the quadratic and

constant terms, and leave the linear term alone.

A6.9 An Explicit Formula For The Resolvent Cubic:

g(X) = X 3 ’ 2qX 2 + (q 2 ’ 4s)X + r2 .

We need some results concerning subgroups of Sn , n ≥ 3.

A6.10 Lemma

(i) An is generated by 3-cycles, and every 3-cycle is a commutator.

(ii) The only subgroup of Sn with index 2 is An .

Proof. For the ¬rst assertion of (i), see Section 5.6, Problem 4. For the second assertion

of (i), note that

(a, b)(a, c)(a, b)’1 (a, c)’1 = (a, b)(a, c)(a, b)(a, c) = (a, b, c).

To prove (ii), let H be a subgroup of Sn with index 2; H is normal by Section 1.3,

Problem 6. Thus Sn /H has order 2, hence is abelian. But then by (5.7.2), part 5,

Sn ¤ H, and since An also has index 2, the same argument gives Sn ¤ An . By (i),

An ¤ Sn , so An = Sn ¤ H. Since An and H have the same ¬nite number of elements

n!/2, it follows that H = An . ™

A6.11 Proposition

Let G be a subgroup of S4 whose order is a multiple of 4, and let V be the four group

(see the discussion preceding A6.7). Let m be the order of the quotient group G/(G © V ).

Then

(a) If m = 6, then G = S4 ;

(b) If m = 3, then G = A4 ;

(c) If m = 1, then G = V ;

(d) If m = 2, then G = D8 or Z4 or V ;

(e) If G acts transitively on {1, 2, 3, 4}, then the case G = V is excluded in (d). [In all

cases, equality is up to isomorphism.]

36 CHAPTER 6. GALOIS THEORY

Proof. If m = 6 or 3, then since |G| = m|G © V |, 3 is a divisor of |G|. By hypothesis, 4 is

also a divisor, so |G| is a multiple of 12. By A6.10 part (ii), G must be S4 or A4 . But

|S4 /(S4 © V )| = |S4 /V | = 24/4 = 6

and

|A4 /(A4 © V )| = |A4 /V | = 12/4 = 3

proving both (a) and (b). If m = 1, then G = G © V , so G ¤ V , and since |G| is a multiple

of 4 and |V | = 4, we have G = V , proving (c).

If m = 2, then |G| = 2|G © V |, and since |V | = 4, |G © V | is 1, 2 or 4. If it is 1,

then |G| = 2 — 1 = 2, contradicting the hypothesis. If it is 2, then |G| = 2 — 2 = 4, and

G = Z4 or V (the only groups of order 4). Finally, assume |G © V | = 4, so |G| = 8. But a

subgroup of S4 of order 8 is a Sylow 2-subgroup, and all such subgroups are conjugate and

therefore isomorphic. One of these subgroups is D8 , since the dihedral group of order 8

is a group of permutations of the 4 vertices of a square. This proves (d).

If m = 2, G acts transitively on {1, 2, 3, 4} and |G| = 4, then by the orbit-stabilizer

theorem, each stabilizer subgroup G(x) is trivial (since there is only one orbit, and its size

is 4). Thus every permutation in G except the identity moves every integer 1, 2, 3, 4. Since

|G © V | = 2, G consists of the identity, one other element of V , and two elements not in V ,

which must be 4-cycles. But a 4-cycle has order 4, so G must be cyclic, proving (e). ™

A6.12 Theorem

Let f be an irreducible separable quartic, with Galois group G. Let m be the order of

the Galois group of the resolvent cubic. Then:

(a) If m = 6, then G = S4 ;

(b) If m = 3, then G = A4 ;

(c) If m = 1, then G = V ;

(d) If m = 2 and f is irreducible over L = F (u, v, w), where u, v and w are the roots of

the resolvent cubic, then G = D8 ;

(e) If m = 2 and f is reducible over L, then G = Z4 .

Proof. By A6.7 and the fundamental theorem, [G : G © V ] = [L : F ]. Now the roots of

the resolvent cubic g are distinct, since f and g have the same discriminant. Thus L is

a splitting ¬eld of a separable polynomial, so L/F is Galois. Consequently, [L : F ] = m

by (3.5.9). To apply (A6.11), we must verify that |G| is a multiple of 4. But this follows

from the orbit-stabilizer theorem: since G acts transitively on the roots of f , there is only

one orbit, of size 4 = |G|/|G(x)|. Now (A6.11) yields (a), (b) and (c), and if m = 2, then

G = D8 or Z4 .

To complete the proof, assume that m = 2 and G = D8 . Thinking of D8 as the

group of symmetries of a square with vertices 1,2,3,4, we can take D8 to be generated by

(1, 2, 3, 4) and (2, 4), with V = {1, (1, 2)(3, 4), (1, 3)(2, 4), (1, 4)(2, 3)}. The elements of V

are symmetries of the square, hence belong to D8 ; thus V = G©V = Gal(E/L) by (A6.7).

6.9. TRANSCENDENTAL EXTENSIONS 37

[E is a splitting ¬eld for f over F .] Since V is transitive, for each i, j = 1, 2, 3, 4, i = j,

there is an L-automorphism „ of E such that „ (xi ) = xj . Applying „ to the equation

h(xi ) = 0, where h is the minimal polynomial of xi over L, we see that each xj is a root

of h, and therefore f | h. But h | f by minimality of h, so h = f , proving that f is

irreducible over L.

Finally, assume m = 2 and G = Z4 , which we take as {1, (1, 2, 3, 4), (1, 3)(2, 4),

(1, 4, 3, 2)}. Then G © V = {1, (1, 3)(2, 4)}, which is not transitive. Thus for some i = j,

xi and xj are not roots of the same irreducible polynomial over L. In particular, f is

reducible over L. ™

A6.13 Example

Let f (X) = X 4 + 3X 2 + 2X + 1 over Q, with q = 3, r = 2, s = 1. The resolvent cubic is,

by (A6.9), g(X) = X 3 ’ 6X 2 + 5X + 4. To calculate the discriminant of g, we can use the

general formula in (A6.6), or compute g(X + 2) = (X + 2)3 ’ 6(X + 2)2 + 5(X + 2) + 4 =

X 3 ’ 7X ’ 2. [The rational root test gives irreducibility of g and restricts a factorization

of f to (X 2 + aX ± 1)(X 2 ’ aX ± 1), a ∈ Z, which is impossible. Thus f is irreducible

as well.] We have D(g) = ’4(’7)3 ’ 27(’2)2 = 1264, which is not a square in Q. Thus

m = 6, so the Galois group of f is S4 .

Chapter 7

Introducing Algebraic Number

Theory

(Commutative Algebra 1)

The general theory of commutative rings is known as commutative algebra. The main

applications of this discipline are to algebraic number theory, to be discussed in this

chapter, and algebraic geometry, to be introduced in Chapter 8.

Techniques of abstract algebra have been applied to problems in number theory for

a long time, notably in the e¬ort to prove Fermat™s Last Theorem. As an introductory

example, we will sketch a problem for which an algebraic approach works very well. If p

is an odd prime and p ≡ 1 mod 4, we will prove that p is the sum of two squares, that is,

p can be expressed as x2 + y 2 where x and y are integers. Since p’1 is even, it follows

2

that -1 is a quadratic residue (that is, a square) mod p. [Pair each of the numbers 2,3,

. . . ,p ’ 2 with its inverse mod p and pair 1 with p ’ 1 ≡ ’1 mod p. The product of the

numbers 1 through p ’ 1 is, mod p,

p’1 p’1

1 — 2 — ··· — — ’1 — ’2 — · · · — ’

2 2

and therefore p’1 ! 2 ≡ ’1 mod p.]

2

If ’1 ≡ x2 mod p, then p divides x2 + 1. Now we enter the ring of Gaussian integers

and factor x2 + 1 as (x + i)(x ’ i). Since p can divide neither factor, it follows that p is

not prime in Z[i], so we can write p = ±β where neither ± nor β is a unit.

De¬ne the norm of γ = a + bi as N (γ) = a2 + b2 . Then N (γ) = 1 i¬ γ = ±1 or ±i

i¬ γ is a unit. (See Section 2.1, Problem 5.) Thus

p2 = N (p) = N (±)N (β) with N (±) > 1 and N (β) > 1,

so N (±) = N (β) = p. If ± = x + iy, then p = x2 + y 2 .

1

2 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

Conversely, if p is an odd prime and p = x2 + y 2 , then p is congruent to 1 mod 4. (If x

is even, then x2 ≡ 0 mod 4, and if x is odd, then x2 ≡ 1 mod 4. We cannot have x and y

both even or both odd, since p is odd.)

It is natural to conjecture that we can identify those primes that can be represented as

√

x + |d|y 2 , where d is a negative integer, by working in the ring Z[ d]. But the Gaussian

2

integers (d = ’1) form a Euclidean domain, in particular a unique factorization domain.

On the other hand, unique factorization fails for d ¤ ’3 (Section 2.7, Problem 7), so the

above argument collapses. [Recall from (2.6.4) that in a UFD, an element p that is not

prime must be reducible.] Di¬culties of this sort led Kummer to invent “ideal numbers”,

which later became ideals at the hands of Dedekind. We will see that although a ring of

algebraic integers need not be a UFD, unique factorization of ideals will always hold.

7.1 Integral Extensions

If E/F is a ¬eld extension and ± ∈ E, then ± is algebraic over F i¬ ± is a root of a

polynomial with coe¬cients in F . We can assume if we like that the polynomial is monic,

and this turns out to be crucial in generalizing the idea to ring extensions.

7.1.1 De¬nitions and Comments

In this chapter, unless otherwise speci¬ed, all rings are assumed commutative. Let A be

a subring of the ring R, and let x ∈ R. We say that x is integral over A if x is a root of a

monic polynomial f with coe¬cients in A. The equation f (X) = 0 is called an equation

of integral dependence for x over A. If x is a real or complex number that is integral

√

over Z, then x is called an algebraic integer. Thus for every integer d, d is an algebraic

integer, as is any nth root of unity. (The monic polynomials are, respectively, X 2 ’ d

and X n ’ 1.) In preparation for the next result on conditions equivalent to integrality,

note that A[x], the set of polynomials in x with coe¬cients in A, is an A-module. (The

sum of two polynomials is a polynomial, and multiplying a polynomial by a member of A

produces another polynomial over A.)

7.1.2 Proposition

Let A be a subring of R, with x ∈ R. The following conditions are equivalent:

(i) x is integral over A;

(ii) The A-module A[x] is ¬nitely generated;

(iii) x belongs to a subring B of R such that A ⊆ B and B is a ¬nitely generated A-

module.

Proof. (i) implies (ii). If x is a root of a monic polynomial over A of degree n, then xn