<< ÒÚ. 7(‚ÒÂ„Ó 14)—Œƒ≈–∆¿Õ»≈ >>
and all higher powers of x can be expressed as linear combinations of lower powers of x.
Thus 1, x, x2 , , . . . , xn‚à’1 generate A[x] over A.
(ii) implies (iii). Take B = A[x].
7.1. INTEGRAL EXTENSIONS 3

(iii) implies (i). If Œ≤1 , . . . , Œ≤n generate B over A, then xŒ≤i is a linear combination of
n
the Œ≤j , say xŒ≤i = j=1 cij Œ≤j . Thus if Œ≤ is a column vector whose components are the Œ≤i ,
I is an n by n identity matrix, and C = [cij ], then

(xI ‚à’ C)Œ≤ = 0,

and if we premultiply by the adjoint matrix of xI ‚à’ C (as in Cramer‚Ä™s rule), we get

[det(xI ‚à’ C)]IŒ≤ = 0,

hence [det(xI ‚à’ C)]b = 0 for every b ‚àà B. Since B is a ring we may set b = 1 and conclude
that x is a root of the monic polynomial det(XI ‚à’ C) in A[X]. ‚™£
For other equivalent conditions, see Problems 1 and 2.
We are going to prove a transitivity property for integral extensions (analogous to
(3.3.5)), and the following result will be helpful.

7.1.3 Lemma
Let A be a subring of R, with x1 , . . . , xn ‚àà R. If x1 is integral over A, x2 is integral
over A[x1 ], . . . , and xn is integral over A[x1 , . . . , xn‚à’1 ], then A[x1 , . . . , xn ] is a Ô¬Ånitely
generated A-module.
Proof. The n = 1 case follows from (7.1.2), part (ii). Going from n ‚à’ 1 to n amounts
to proving that if A, B and C are rings, with C a Ô¬Ånitely generated B-module and B a
Ô¬Ånitely generated A-module, then C is a Ô¬Ånitely generated A-module. This follows by a
brief computation:
r s r s
Ayj zk . ‚™£
C= Byj , B= Azk so C=
j=1 j=1 k=1
k=1

7.1.4 Transitivity of Integral Extensions
Let A, B and C be subrings of R. If C is integral over B, that is, each element of C is
integral over B, and B is integral over A, then C is integral over A.
Proof. Let x ‚àà C, with xn + bn‚à’1 xn‚à’1 + ¬· ¬· ¬· + b1 x + b0 = 0, bi ‚àà B. Then x is integral
over A[b0 , . . . , bn‚à’1 ]. Each bi is integral over A, hence over A[b0 , . . . , bi‚à’1 ]. By (7.1.3),
A[b0 , . . . , bn‚à’1 , x] is a Ô¬Ånitely generated A-module. By (7.1.2), part (iii), x is integral
over A. ‚™£

If A is a subring of R, the integral closure of A in R is the set Ac of elements of R that
are integral over A. Note that A ‚äÜ Ac because each a ‚àà A is a root of X ‚à’ a. We say that
A is integrally closed in R if Ac = A. If we simply say that A is integrally closed without
reference to R, we assume that A is an integral domain with quotient Ô¬Åeld K, and A is
integrally closed in K.
4 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

If x and y are integral over A, then just as in the proof of (7.1.4), it follows from
(7.1.3) that A[x, y] is a Ô¬Ånitely generated A-module. Since x + y, x ‚à’ y and xy belong to
this module, they are integral over A by (7.1.2) part (iii). The important conclusion is
that

Ac is a subring of R containing A.

If we take the integral closure of the integral closure, we get nothing new.

7.1.6 Proposition
The integral closure Ac of A in R is integrally closed in R.

Proof. By deÔ¬Ånition, Ac is integral over A. If x is integral over Ac , then as in the proof
of (7.1.4), x is integral over A, so that x ‚àà Ac . ‚™£

We can identify a large class of integrally closed rings.

7.1.7 Proposition
If A is a UFD, then A is integrally closed.

Proof. If x belongs to the quotient Ô¬Åeld K, then we can write x = a/b where a, b ‚àà A,
with a and b relatively prime. If x is integral over A, then there is an equation of the form

(a/b)n + an‚à’1 (a/b)n‚à’1 + ¬· ¬· ¬· + a1 (a/b) + a0 = 0

with ai ‚àà A. Multiplying by bn , we have an + bc = 0, with c ‚àà A. Thus b divides an ,
which cannot happen for relatively prime a and b unless b has no prime factors at all, in
other words, b is a unit. But then x = ab‚à’1 ‚àà A. ‚™£

We can now discuss one of the standard setups for doing algebraic number theory.

A number Ô¬Åeld is a subÔ¬Åeld L of the complex numbers C such that L is a Ô¬Ånite extension
of the rationals Q. Thus the elements of L are algebraic numbers. The integral closure
of Z in L is called the ring of algebraic integers (or simply integers) of L. In the next
section, we will Ô¬Ånd the algebraic integers explicitly when L is a quadratic extension.

Problems For Section 7.1
1. Show that in (7.1.2) another equivalent condition is the following:
(iv) There is a subring B of R such that B is a Ô¬Ånitely generated A-module and
xB ‚äÜ B.
If R is a Ô¬Åeld, show that the assumption that B is a subring can be dropped (as long
as B = 0).
7.2. QUADRATIC EXTENSIONS OF THE RATIONALS 5

2. A module is said to be faithful if its annihilator is 0. Show that in (7.1.2) the following
is another equivalent condition:
(v) There is a faithful A[x]-module B that is Ô¬Ånitely generated as an A-module.

Let A be a subring of the integral domain B, with B integral over A. In Problems 3‚Ä“5
we are going to show that A is a Ô¬Åeld if and only if B is a Ô¬Åeld.
3. Assume that B is a Ô¬Åeld, and let a be a nonzero element of A. Then since a‚à’1 ‚àà B,
there is an equation of the form

(a‚à’1 )n + cn‚à’1 (a‚à’1 )n‚à’1 + ¬· ¬· ¬· + c1 a‚à’1 + c0 = 0

with ci ‚àà A. Show that a‚à’1 ‚àà A, proving that A is a Ô¬Åeld.
4. Now assume that A is a Ô¬Åeld, and let b be a nonzero element of B. By (7.1.2) part (ii),
A[b] is a Ô¬Ånite-dimensional vector space over A. Let f be the A-linear transformation
on this vector space given by multiplication by b, in other words, f (z) = bz, z ‚àà A[b].
Show that f is injective.
5. Show that f is surjective as well, and conclude that B is a Ô¬Åeld.
In Problems 6‚Ä“8, let A be a subring of B, with B integral over A. Let Q be a prime
ideal of B and let P = Q ‚à© A.
6. Show that P is a prime ideal of A, and that A/P can be regarded as a subring of B/Q.
7. Show that B/Q is integral over A/P .
8. Show that P is a maximal ideal of A if and only if Q is a maximal ideal of B.

7.2 Quadratic Extensions of the Rationals
‚àö
We will determine the algebraic integers of L = Q( d), where d is a square-free integer
(a product of distinct ‚àö
primes). The restriction on d involves no loss of generality; for
‚àö
‚àö
example, Q( 12) = Q( 3). The minimal polynomial of d over Q is X 2 ‚à’ d, which has
‚àö
roots ¬± d. The extension L/Q is Galois, ‚àö the Galois group consists of the identity
and
‚àö
and the automorphism œÉ(a + b d) = a ‚à’ b d, a, b ‚àà Q.
A remark on notation: To make sure that there is no confusion between algebraic
integers and ordinary integers, we will use the term rational integer for a member of Z.

7.2.1 Lemma
‚àö
If a and b are rational numbers, then a + b d is an algebraic integer if and only if 2a and
a2 ‚à’ db2 belong to Z. In this case, 2b is also in Z.
‚àö ‚àö
Proof. Let x = a + b d, so that œÉ(x) = a ‚à’ b d. Then x + œÉ(x) = 2a ‚àà Q and
xœÉ(x) = a2 ‚à’ db2 ‚àà Q. Now if x is an algebraic integer, then x is a root of a monic
polynomial f ‚àà Z[X]. But f (œÉ(x)) = œÉ(f (x)) since œÉ is an automorphism, so œÉ(x) is
also a root of f and hence an algebraic integer. By (7.1.5), 2a and a2 ‚à’ db2 are also
algebraic integers, as well as rational numbers. By (7.1.7), Z is integrally closed, so 2a
6 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY
‚àö
and a2 ‚à’ db2 belong to Z. The converse holds because a + b d is a root of (X ‚à’ a)2 = db2 ,
i.e., X 2 ‚à’ 2aX + a2 ‚à’ db2 = 0.
Now if 2a and a2 ‚à’ db2 are rational integers, then (2a)2 ‚à’ d(2b)2 = 4(a2 ‚à’ db2 ) ‚àà Z, so
d(2b)2 ‚àà Z. If 2b ‚àà Z, then its denominator would include a prime factor p , which would
/
appear as p in the denominator of (2b)2 . Multiplication of (2b)2 by d cannot cancel the
2

p2 because d is square-free, and the result follows. ‚™£

7.2.2 Corollary
‚àö
The set B of algebraic integers of Q( d), d square-free, can be described as follows.
‚àö
(i) If d ‚â° 1 mod 4, then B consists of all a + b d, a, b ‚àà Z;
‚àö
(ii) If d ‚â° 1 mod 4, then B consists of all u + v d, u, v ‚àà Z, where u and v have the
2 2
same parity (both even or both odd).
[Note that since d is square-free, it is not divisible by 4, so the condition in (i) is d ‚â° 2 or
3 mod 4.]
‚àö
Proof. By (7.2.1), the algebraic integers are of the form u + v d where u, v ‚àà Z and
2 2
u2 2
‚à’ dv ‚àà Z, i.e., u2 ‚à’ dv 2 ‚â° 0 mod 4. It follows that u and v have the same parity.
4 4
(The square of an even number is congruent to 0 and the square of an odd number to 1
mod 4.) Moreover, the ‚Äúboth odd‚Äù case can only occur when d ‚â° 1 mod 4. The ‚Äúboth
even‚Äù case is equivalent to u , v ‚àà Z, and the result follows. ‚™£
22

We can express these results in a more convenient form. We will show in (7.4.10)
that the set B of algebraic integers in any number Ô¬Åeld L is a free Z-module of rank
n = [L : Q]. A basis for this module is called an integral basis or Z-basis for B.

7.2.3 Theorem
‚àö
Let B be the algebraic integers of Q( d), d square-free.
‚àö
(i) If d ‚â° 1 mod 4, then 1 and d form an integral basis of B;
‚àö
(ii) If d ‚â° 1 mod 4, then 1 and 1 (1 + d) form an integral basis.
2
‚àö
Proof. (i) By (7.2.2), 1 and d span B over Z, and they are linearly independent because
‚àö
d is irrational. ‚àö
(ii) By (7.2.2), 1 and 1 (1 + d) are algebraic integers. To show that they span B,
‚àö 2
consider 1 (u + v d), where u and v have the same parity. Then
2

‚àö ‚àö
u‚à’v
1 1
(u + v d) = (1) + v (1 + d)
2 2 2
and v in Z. Finally, to show linear independence, assume that a, b ‚àà Z and
u‚à’v
with 2

‚àö
1
a+b (1 + d) = 0.
2
‚àö
Then 2a + b + b d = 0, which forces a = b = 0. ‚™£
7.3. NORMS AND TRACES 7

Problems For Section 7.2
1. Let L = Q(Œ±), where Œ± is a root of the irreducible quadratic X 2 +bX +c, with b, c ‚àà Q.
‚àö
Show that L = Q( d) for some square-free integer d. Thus the analysis of this section
covers all possible quadratic extensions of Q.
‚àö
2. Show that the quadratic extensions Q( d), d square-free, are all distinct.
3. Continuing Problem 2, show that in fact no two distinct quadratic extensions of Q are
Q-isomorphic.
Cyclotomic Ô¬Åelds do not exhibit the same behavior. Let œân = ei2œÄ/n , a primitive nth root
2
of unity. By a direct computation, we have œâ2n = œân , and
‚à’œâ2n = ‚à’eiœÄ(n+1)/n = eiœÄ eiœÄ eiœÄ/n = œâ2n .
n+1

4. Show that if n is odd, then Q(œân ) = Q(œâ2n ).
5. If x is an algebraic integer, show that the minimal polynomial of x over Q has coeÔ¬É-
cients in Z. (This will be a consequence of the general theory to be developed in this
chapter, but it is accessible now without heavy machinery.) Consequently, an algebraic
integer that belongs to Q in fact belongs to Z. (The minimal polynomial of r ‚àà Q over
Q is X ‚à’ r.)
6. Give an example of a quadratic extension of Q that is also a cyclotomic extension.
7. Show that an integral basis for the ring of algebraic integers of a number Ô¬Åeld L is, in
particular, a basis for L over Q.

7.3 Norms and Traces
If E/F is a Ô¬Åeld extension of Ô¬Ånite degree n, then in particular, E is an n-dimensional
vector space over F , and the machinery of basic linear algebra becomes available. If x is
any element of E, we can study the F -linear transformation m(x) given by multiplication
by x, that is, m(x)y = xy. We deÔ¬Åne the norm and the trace of x, relative to the extension
E/F , as
N [E/F ](x) = det m(x) and T [E/F ](x) = trace m(x).
We will write N (x) and T (x) if E/F is understood. If the matrix A(x) = [aij (x)] repre-
sents m(x) with respect to some basis for E over F , then the norm of x is the determinant
of A(x) and the trace of x is the trace of A(x), that is, the sum of the main diagonal
entries. The characteristic polynomial of x is deÔ¬Åned as the characteristic polynomial of
the matrix A(x), that is,
char[E/F ](x) = det[XI ‚à’ A(x)]
where I is an n by n identity matrix. If E/F is understood, we will refer to the charac-
teristic polynomial of x, written char(x).
8 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.3.2 Example
Let E = C and F = R. A basis for C over R is {1, i} and, with x = a + bi, we have

(a + bi)(1) = a(1) + b(i) and (a + bi)(i) = ‚à’b(1) + a(i).

Thus
a ‚à’b
A(a + bi) = .
ba

The norm, trace and characteristic polynomial of a + bi are

N (a + bi) = a2 + b2 , T (a + bi) = 2a, char(a + bi) = X 2 ‚à’ 2aX + a2 + b2 .

The computation is exactly the same if E = Q(i) and F = Q. Notice that the coeÔ¬Écient
of X is minus the trace and the constant term is the norm. In general, it follows from the
deÔ¬Ånition of characteristic polynomial that

char(x) = X n ‚à’ T (x)X n‚à’1 + ¬· ¬· ¬· + (‚à’1)n N (x).

[The only terms multiplying X n‚à’1 in the expansion of the determinant are ‚à’aii (x),
i = 1, . . . , n. Set X = 0 to show that the constant term of char(x) is (‚à’1)n det A(x).]

7.3.3 Lemma
If E is an extension of F and x ‚àà E, then N (x), T (x) and the coeÔ¬Écients of char(x)
belong to F . If a ‚àà F , then

N (a) = an , T (a) = na, and char(a) = (X ‚à’ a)n .

Proof. The Ô¬Årst assertion follows because the entries of the matrix A(x) are in F . The
second statement holds because if a ‚àà F , the matrix representing multiplication by a
is aI. ‚™£
It is natural to look for a connection between the characteristic polynomial of x and
the minimal polynomial of x over F .

7.3.4 Proposition

char[E/F ](x) = [min(x, F )]r

where r = [E : F (x)].
Proof. First assume that r = 1, so that E = F (x). By the Cayley-Hamilton theorem,
the linear transformation m(x) satisÔ¬Åes char(x), and since m(x) is multiplication by x,
x itself is a root of char(x). Thus min(x, F ) divides char(x). But both polynomials
have degree n, and the result follows. In the general case, let y1 , . . . , ys be a basis for
F (x) over F , and let z1 , . . . , zr be a basis for E over F (x). Then the yi zj form a basis
7.3. NORMS AND TRACES 9

for E over F . Let A = A(x) be the matrix representing multiplication by x in the
extension F (x)/F , so that xyi = k aki yk , and x(yi zj ) = k aki (yk zj ). Order the basis
for E/F as y1 z1 , y2 z1 , . . . , ys z1 ; y1 z2 , y2 z2 , . . . , ys z2 ; . . . ; y1 zr , y2 zr , . . . , ys zr . Then m(x)
is represented in E/F as
Ô£® Ô£π
A 0 ... 0
Ô£Ø0 A . . . 0Ô£∫
Ô£Ø Ô£∫
Ô£Ø. . .Ô£∫
Ô£°. . .Ô£»
.. .
0 0 ... A
Thus char[E/F ](x) = [det(XI ‚à’ A)]r , which by the r = 1 case coincides with
[min(x, F )]r . ‚™£

7.3.5 Corollary
Let [E : F ] = n, and [F (x) : F ] = d. Let x1 , . . . , xd be the roots of min(x, F ) in a splitting
Ô¬Åeld (counting multiplicity). Then
n/d
d d
n
N (x) = xi , T (x) = xi
d
i=1 i=1

and
n/d
d
(X ‚à’ xi )
char(x) = .
i=1

Proof. The formula for the characteristic polynomial follows from (7.3.4). The norm is
(‚à’1)n times the constant term of char(x) (see (7.3.2)), hence is
n/d
d
(‚à’1)n (‚à’1)n xi .
i=1

Finally, if min(x, F ) = X d + ad‚à’1 X d‚à’1 + ¬· ¬· ¬· + a1 X + a0 , then the coeÔ¬Écient of X n‚à’1 in
d
[min(x, F )]n/d is n ad‚à’1 = ‚à’ n i=1 xi . Since the trace is the negative of this coeÔ¬Écient
d d
[see (7.3.2)], the result follows. ‚™£
If E is a separable extension of F , there are very useful alternative expressions for the
trace and norm.

7.3.6 Proposition
Let E/F be a separable extension of degree n, and let œÉ1 , . . . , œÉn be the distinct F -
monomorphisms of E into an algebraic closure of E, or equally well into a normal extension
L of F containing E. Then
n n
T [E/F ](x) = œÉi (x) and N [E/F ](x) = œÉi (x).
i=1 i=1
10 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

Consequently, T (ax + by) = aT (x) + bT (y) and N (xy) = N (x)N (y) for x, y ‚àà E, a, b ‚àà F .
Proof. Each of the d distinct F -embeddings œ„i of F (x) into L takes x into a unique
conjugate xi , and extends to exactly n = [E : F (x)] F -embeddings of E into L, all of
d
which also take x to xi [see (3.5.1), (3.2.3) and (3.5.2)]. Thus
n d
n
œÉi (x) = œ„i (x) = T (x)
d
i=1 i=1

and
n/d
n d
œÉi (x) = œ„i (x) = N (x)
i=1 i=1

by (7.3.5). ‚™£
The linearity of T and the multiplicativity of N hold without any assumption of
separability, since in (7.3.1) we have m(ax + by) = am(x) + bm(y) and m(xy) = m(x) ‚—¦
m(y).

7.3.7 Corollary (Transitivity of Trace and Norm)
If F ‚â¤ K ‚â¤ E, where E/F is Ô¬Ånite and separable, then

T [E/F ] = T [K/F ] ‚—¦ T [E/K] and N [E/F ] = N [K/F ] ‚—¦ N [E/K].

Proof. Let œÉ1 , . . . , œÉn be the distinct F -embeddings of K into L, and let œ„1 , . . . , œ„m be the
distinct K-embeddings of E into L, where L is the normal closure of E over F . By (6.3.1)
and (3.5.11), L/F is Galois, and by (3.5.2), (3.5.5) and (3.5.6), each mapping œÉi and œ„j
extends to an automorphism of L. Therefore it makes sense to allow the mappings to be
composed. By (7.3.6),
n m n m
T [K/F ](T [E/K])(x) = œÉi œ„j (x) = œÉi œ„j (x).
i=1 j=1 i=1 j=1

Now each œÉi œ„j is an F -embedding of E into L, and the number of mappings is
mn = [E : K][K : F ] = [E : F ]. Furthermore, the œÉi œ„j are distinct when restricted
to E. For if œÉi œ„j = œÉk œ„l on E, hence on K, then œÉi = œÉk on K (because œ„j = œ„l =
the identity on K). Thus i = k, so that œ„j = œ„l on E. But then j = l. By (7.3.6),
T [K/F ](T [E/K])(x) = T [E/F ](x). The norm is handled the same way, with sums re-
placed by products. ‚™£

7.3.8 Corollary
If E/F is a Ô¬Ånite separable extension, then T [E/F ](x) cannot be 0 for all x ‚àà E.
n
Proof. If T (x) = 0 for all x, then by (7.3.6), œÉi (x) = 0 for all x. This contradicts
i=1
Dedekind‚Ä™s lemma (6.1.6). ‚™£
7.3. NORMS AND TRACES 11

A statement equivalent to (7.3.8) is that if E/F is Ô¬Ånite and separable, then the ‚Äútrace
form‚Äù [the bilinear form (x, y) ‚Ü’ T [E/F ](xy)] is nondegenerate, i.e., if T (xy) = 0 for all
y, then x = 0. For if x = 0, T (x0 ) = 0, and T (xy) = 0 for all y, choose y so that xy = x0

7.3.9 The Basic Setup For Algebraic Number Theory
Let A be an integral domain with quotient Ô¬Åeld K, and let L be a Ô¬Ånite separable extension
of K. Let B be the set of elements of L that are integral over A, that is, B is the integral
closure of A in L. The diagram below summarizes all the information.
L B
| |
K A
In the most important special case, A = Z, K = Q, L is a number Ô¬Åeld, and B is the ring
of algebraic integers of L. From now on, we will refer to (7.3.9) as the AKLB setup.

7.3.10 Proposition
If x ‚àà B, then the coeÔ¬Écients of char[L/K](x) and min(x, K) are integral over A. In
particular, T [L/K](x) and N [L/K](x) are integral over A, by (7.3.2). If A is integrally
closed, then by (7.3.3), the coeÔ¬Écients belong to A.
Proof. The coeÔ¬Écients of min(x, K) are sums of products of the roots xi , so by (7.1.5)
and (7.3.4), it suÔ¬Éces to show that the xi are integral over A. Each xi is a conjugate of x
over K, so by (3.2.3) there is a K-isomorphism œ„i : K(x) ‚Ü’ K(xi ) such that œ„i (x) = xi .
If we apply œ„i to an equation of integral dependence for x over A, we get an equation of
integral dependence for xi over A. ‚™£

Problems For Section 7.3
‚àö ‚àö
1. If E = Q( d) and x = a + b d ‚àà E, Ô¬Ånd the norm and trace of x.
2. If E = Q(Œ∏) where Œ∏ is a root of the irreducible cubic X 3 ‚à’ 3X + 1, Ô¬Ånd the norm
and trace of Œ∏2 .
3. Find the trace of the primitive 6th root of unity œâ in the cyclotomic extension Q6 .
We will now prove Hilbert‚Ä™s Theorem 90 : If E/F is a cyclic extension with [E : F ] = n
and Galois group G = {1, œÉ, . . . , œÉ n‚à’1 } generated by œÉ, and x ‚àà E, then
(i) N (x) = 1 if and only if there exists y ‚àà E such that x = y/œÉ(y);
(ii) T (x) = 0 if and only if there exists z ‚àà E such that x = z ‚à’ œÉ(z).
4. Prove the ‚Äúif‚Äù parts of (i) and (ii) by direct computation.
By Dedekind‚Ä™s lemma, 1, œÉ, œÉ 2 , . . . , œÉ n‚à’1 are linearly independent over E, so
1 + xœÉ + xœÉ(x)œÉ 2 + ¬· ¬· ¬· + xœÉ(x) ¬· ¬· ¬· œÉ n‚à’2 (x)œÉ n‚à’1
is not identically 0 on E.
12 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

5. Use this to prove the ‚Äúonly if‚Äù part of (i).
By (7.3.8), there is an element u ‚àà E whose trace is not 0. Let
w = xœÉ(u) + (x + œÉ(x))œÉ 2 (u) + ¬· ¬· ¬· + (x + œÉ(x) + ¬· ¬· ¬· + œÉ n‚à’2 (x))œÉ n‚à’1 (u)
hence
œÉ(w) = œÉ(x)œÉ 2 (u) + (œÉ(x) + œÉ 2 (x))œÉ 3 (u) + ¬· ¬· ¬· + (œÉ(x) + œÉ 2 (x) + ¬· ¬· ¬· + œÉ n‚à’1 (x))œÉ n (u)

If T (x) = 0, show that w ‚à’ œÉ(w) = xT (u).
6.
If z = w/T (u), show that z ‚à’ œÉ(z) = x, proving the ‚Äúonly if‚Äù part of (ii).
7.
8. In Hilbert‚Ä™s Theorem 90, are the elements y and z unique?
‚àö
Let Œ∏ be a root of X 4 ‚à’ 2 over Q. Find the trace over Q of Œ∏, Œ∏2 , Œ∏3 and 3Œ∏.
9.
‚àö
Continuing Problem 9, show that 3 cannot belong to Q[Œ∏].
10.

7.4 The Discriminant
We have met the discriminant of a polynomial in connection with Galois theory (Sec-
tion 6.6). There is also a discriminant in algebraic number theory. The two concepts are
unrelated at Ô¬Årst glance, but there is a connection between them. We assume the basic
AKLB setup of (7.3.9), with n = [L : K].

7.4.1 DeÔ¬Ånition
The discriminant of the n-tuple x = (x1 , . . . , xn ) of elements of L is
D(x) = det(T [L/K](xi xj )).
Thus we form a matrix whose ij element is the trace of xi xj , and take the determinant
of the matrix. By (7.3.3) and (7.3.10), D(x) belongs to K and is integral over A, hence
belongs to A if A is integrally closed.
The discriminant behaves quite reasonably under linear transformation:

7.4.2 Lemma
If y = Cx, where C is an n by n matrix over K and x and y are n-tuples written as
column vectors, then D(y) = (det C)2 D(x).
Proof. The trace of yr ys is

T cri csj xi xj = cri T (xi xj )csj
i,j i,j

hence
(T (yr ys )) = C(T (xi xj ))C
where C is the transpose of C. The result follows upon taking determinants. ‚™£
7.4. THE DISCRIMINANT 13

Here is an alternative expression for the discriminant.

7.4.3 Lemma
Let œÉ1 , . . . , œÉn be the K-embeddings of L into an algebraic closure of L, as in (7.3.6).
Then D(x) = [det(œÉi (xj ))]2 .
Thus we form the matrix whose ij element is œÉi (xj ), take the determinant and square
the result.

Proof. By (7.3.6),

T (xi xj ) = œÉk (xi xj ) = œÉk (xi )œÉk (xj )
k k

so if C is the matrix whose ij entry is œÉi (xj ), then

(T (xi xj )) = C C

and again the result follows upon taking determinants. ‚™£

The discriminant ‚Äúdiscriminates‚Äù between bases and non-bases, as follows.

7.4.4 Proposition
If x = (x1 , . . . , xn ), then the xi form a basis for L over K if and only if D(x) = 0.

Proof. If j cj xj = 0, with the cj ‚àà K and not all 0, then j cj œÉi (xj ) = 0 for all i, so the
columns of the matrix B = (œÉi (xj )) are linearly dependent. Thus linear dependence of
the xi implies that D = 0. Conversely, assume that the xi are linearly independent (and
therefore a basis since n = [L : K]). If D = 0, then the rows of B are linearly dependent,
so for some ci ‚àà K, not all 0, we have i ci œÉi (xj ) = 0 for all j. Since the xj form a basis,
we have i ci œÉi (u) = 0 for all u ‚àà L, so the monomorphisms œÉi are linearly dependent.

We now make the connection between the discriminant deÔ¬Åned above and the discrim-
inant of a polynomial deÔ¬Åned previously.

7.4.5 Proposition
Assume that L = K(x), and let f be the minimal polynomial of x over K. Let D be the
discriminant of the basis 1, x, x2 , . . . , xn‚à’1 for L over K. Then D is the discriminant of
the polynomial f .

Proof. Let x1 , . . . , xn be the roots of f in a splitting Ô¬Åeld, with x1 = x. Let œÉi be the
K-embedding that takes x to xi , i = 1, . . . , n. Then œÉi (xj ) = xj , so by (7.4.3), D is the
i
14 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

square of the determinant of the matrix
Ô£® Ô£π
¬·¬·¬· xn‚à’1
1 x1 x2 1 1
Ô£Ø1 x2 x2 xn‚à’1 Ô£∫
¬·¬·¬·
Ô£Ø Ô£∫
2 2
Ô£Ø. Ô£∫
. .
Ô£°. Ô£»
. .
. . .
x2 xn‚à’1
1 xn ...
n n

and the result follows from the formula for a Vandermonde determinant; see (A6.2). ‚™£

7.4.6 Corollary
Under the hypothesis of (7.4.5),
n
2
D = (‚à’1) N [L/K](f (x))
where f is the derivative of f .
n
2
Proof. Let a = (‚à’1) . By (7.4.5),

(xi ‚à’ xj )2 = a (xi ‚à’ xj ) = a (xi ‚à’ xj ).
D=
i<j i j=i
i=j

But f (X) = (X ‚à’ x1 ) ¬· ¬· ¬· (X ‚à’ xn ), so

(X ‚à’ xj )
f (xi ) =
k j=k

with X replaced by xi . When X is replaced by xi , only the k = i term is nonzero, hence

(xi ‚à’ xj ).
f (xi ) =
j=i

Consequently,
n
D=a f (xi ).
i=1

But
f (xi ) = f (œÉi (x)) = œÉi (f (x))
so by (7.3.6),
D = aN [L/K](f (x)). ‚™£

The discriminant of an integral basis for a number Ô¬Åeld has special properties. We
will get at these results by considering the general AKLB setup, adding some additional
conditions as we go along.
7.4. THE DISCRIMINANT 15

7.4.7 Lemma
There is a basis for L/K consisting entirely of elements of B.

Proof. Let x1 , . . . , xn be a basis for L over K. Each xi is algebraic over K, and therefore
satisÔ¬Åes a polynomial equation of the form

am xm + ¬· ¬· ¬· + a1 xi + a0 = 0
i

with am = 0 and the ai ‚àà A. (Initially, we only have ai ‚àà K, but then ai is the ratio of
two elements in A, and we can form a common denominator.) Multiply the equation by
am‚à’1 to obtain an equation of integral dependence for yi = am xi over A. The yi form
m
the desired basis. ‚™£

7.4.8 Theorem
Suppose we have a nondegenerate symmetric bilinear form on an n-dimensional vector
space V , written for convenience using inner product notation (x, y). If x1 , . . . , xn is any
basis for V , then there is a basis y1 , . . . , yn for V , called the dual basis referred to V , such
that

1, i = j;
(xi , yj ) = Œ¥ij =
0, i = j.

This is a standard (and quite instructive) result in linear algebra, and it will be de-
veloped in the exercises.

7.4.9 Theorem
If A is a principal ideal domain, then B is a free A-module of rank n.

Proof. By (7.3.8), the trace is a nondegenerate symmetric bilinear form on the
n-dimensional vector space L over K. By (7.1.7), A is integrally closed, so by (7.3.10),
the trace of any element of L belongs to A. Now let x1 , . . . , xn be any basis for L over K,
and let y1 , . . . , yn be the dual basis referred to L (see (7.4.8)). If z ‚àà B, then we can write
n
z = j=1 aj yj with aj ‚àà K. We know that the trace of xi z belongs to A, and we also
have
n n n
T (xi z) = T aj xi yj = aj T (xi yj ) = aj Œ¥ij = ai .
j=1 j=1 j=1

Thus each ai belongs to A, so that B is an A-submodule of the free A-module ‚ä•n Ayj .j=1
By (4.6.2), B is a free A-module of rank at most n. But by (7.4.7), B contains a basis for
L over K, and if we wish, we can assume that this basis is x1 , . . . , xn . Then B contains
the free A-module ‚ä•n Axj , so the rank of B as an A-module is at least n, and hence
j=1
exactly n. ‚™£
16 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.4.10 Corollary
The set B of algebraic integers in any number Ô¬Åeld L is a free Z-module of rank n = [L : Q].
Therefore B has an integral basis. The discriminant is the same for every integral basis;
it is known as the Ô¬Åeld discriminant.
Proof. Take A = Z in (7.4.9) to show that B has an integral basis. The transformation
matrix C between two integral bases (see (7.4.2)) is invertible, and both C and C ‚à’1 have
rational integer coeÔ¬Écients. Take determinants in the equation CC ‚à’1 = I to conclude
that det C is a unit in Z. Therefore det C = ¬±1, so by (7.4.2), all integral bases have the
same discriminant. ‚™£

Problems For Section 7.4
Let x1 , . . . , xn be a basis for the vector space V , and let (x, y) be a nondegenerate sym-
metric bilinear form on V . We now supply the details of the proof of (7.4.8).
1. For any y ‚àà V , the mapping x ‚Ü’ (x, y) is a linear form l(y), i.e., a linear map from
V to the Ô¬Åeld of scalars. Show that the linear transformation y ‚Ü’ l(y) from V to V ‚à— ,
the dual space of V (i.e., the space of all linear forms on V ), is injective.
2. Show that any linear form on V is l(y) for some y ‚àà V .
3. Let f1 , . . . , fn be the dual basis corresponding to x1 , . . . , xn . Thus each fj belongs to
V ‚à— (not V ) and fj (xi ) = Œ¥ij . If fj = l(yj ), show that y1 , . . . , yn is the required dual
basis referred to V .
n
4. Show that xi = j=1 (xi , xj )yj . Thus in order to compute the dual basis referred to
V in terms of the original basis, we must invert the matrix ((xi , xj )).
5. A matrix C with coeÔ¬Écients in Z is said to be unimodular if its determinant is ¬±1.
Show that C is unimodular if and only if C is invertible and its inverse has coeÔ¬Écients
in Z.
‚àö
6. Show that the Ô¬Åeld discriminant of the quadratic extension Q( d), d square-free, is

if d ‚â° 1 mod 4;
4d
D=
if d ‚â° 1 mod 4.
d

7. Let x1 , . . . , xn be arbitrary algebraic integers in a number Ô¬Åeld, and consider the
determinant of the matrix (œÉi (xj )), as in (7.4.3). The direct expansion of the deter-
minant has n! terms. Let P be the sum of those terms in the expansion that have
plus signs in front of them, and N the sum of those terms preÔ¬Åxed by minus signs.
Thus the discriminant D of (x1 , . . . , xn ) is (P ‚à’ N )2 . Show that P + N and P N are
Ô¬Åxed by each œÉi , and deduce that P + N and P N are rational numbers.
8. Continuing Problem 7, show that P + N and P N are rational integers.
9. Continuing Problem 8, prove Stickelberger‚Ä™s theorem: D ‚â° 0 or 1 mod 4.
10. Let L be a number Ô¬Åeld of degree n over Q, and let y1 , . . . , yn be a basis for L over Q
consisting of algebraic integers. Let x1 , . . . , xn be an integral basis. Show that if the
discriminant D(y1 , . . . , yn ) is square-free, then each xi can be expressed as a linear
combination of the yj with integer coeÔ¬Écients.
7.5. NOETHERIAN AND ARTINIAN MODULES AND RINGS 17

11. Continuing Problem 10, show that if D(y1 , . . . , yn ) is square-free, then y1 , . . . , yn is
an integral basis.
12. Is the converse of the result of Problem 11 true?
13. In the standard AKLB setup (see (7.3.9)), show that L is the quotient Ô¬Åeld of B.

7.5 Noetherian and Artinian Modules and Rings
In this section, rings are not assumed commutative. Let M be an R-module, and suppose
that we have an increasing sequence of submodules M1 ‚â¤ M2 ‚â¤ M3 ‚â¤ . . . , or a decreasing
sequence M1 ‚â• M2 ‚â• M3 ‚â• . . . . We say that the sequence stabilizes if for some t,
Mt = Mt+1 = Mt+2 = . . . . The question of stabilization of sequences of submodules
appears in a fundamental way in many areas of abstract algebra and its applications. We
have already made contact with the idea; see (2.6.6) and the introductory remarks in
Section 4.6.
The module M is said to satisfy the ascending chain condition (acc) if every increasing
sequence of submodules stabilizes; M satisÔ¬Åes the descending chain condition (dcc) if every
decreasing sequence of submodules stabilizes.

7.5.2 Proposition
The following conditions on an R-module M are equivalent, and deÔ¬Åne a Noetherian
module:

(1) M satisÔ¬Åes the acc;
(2) Every nonempty collection of submodules of M has a maximal element (with respect
to inclusion).

The following conditions on M are equivalent, and deÔ¬Åne an Artinian module:

(1‚Ä™) M satisÔ¬Åes the dcc;
(2‚Ä™) Every nonempty collection of submodules of M has a minimal element.

Proof. Assume (1), and let S be a nonempty collection of submodules. Choose M1 ‚àà S.
If M1 is maximal, we are Ô¬Ånished; otherwise we have M1 < M2 for some M2 ‚àà S. If we
continue inductively, the process must terminate at a maximal element; otherwise the acc
would be violated.
Conversely, assume (2), and let M1 ‚â¤ M2 ‚â¤ . . . . The sequence must stabilize; oth-
erwise {M1 , M2 , . . . } would be a nonempty collection of submodules with no maximal
element. The proof is exactly the same in the Artinian case, with all inequalities re-
versed. ‚™£

There is another equivalent condition in the Noetherian case.
18 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.5.3 Proposition
M is Noetherian iÔ¬Ä every submodule of M is Ô¬Ånitely generated.

Proof. If the sequence M1 ‚â¤ M2 ‚â¤ . . . does not stabilize, let N = ‚à™‚àû Mr . Then N is a
r=1
submodule of M , and it cannot be Ô¬Ånitely generated. For if x1 , . . . , xs generate N , then
for suÔ¬Éciently large t, all the xi belong to Mt . But then N ‚äÜ Mt ‚äÜ Mt+1 ‚äÜ ¬· ¬· ¬· ‚äÜ N ,
so Mt = Mt+1 = . . . . Conversely, assume that the acc holds, and let N ‚â¤ M . If
N = 0, choose x1 ‚àà N . If Rx1 = N , then N is Ô¬Ånitely generated. Otherwise, there
exists x2 ‚àà Rx1 . If x1 and x2 generate N , we are Ô¬Ånished. Otherwise, there exists
/
x3 ‚àà Rx1 + Rx2 . The acc forces the process to terminate at some stage t, in which case
/
x1 , . . . , xt generate N . ‚™£

The analogous equivalent condition in the Artinian case (see Problem 8) is that every
quotient module M/N is Ô¬Ånitely cogenerated, that is, if the intersection of a collection of
submodules of M/N is 0, then there is a Ô¬Ånite subcollection whose intersection is 0.

A ring R is Noetherian [resp. Artinian] if it is Noetherian [resp. Artinian] as a module
over itself. If we need to distinguish between R as a left, as opposed to right, R-module,
we will refer to a left Noetherian and a right Noetherian ring, and similarly for Artinian
rings. This problem will not arise until Chapter 9.

7.5.5 Examples
1. Every PID is Noetherian.

This follows from (7.5.3), since every ideal is generated by a single element.

2. Z is Noetherian (a special case of Example 1) but not Artinian. There are many
descending chains of ideals that do not stabilize, e.g.,

Z ‚äÉ (2) ‚äÉ (4) ‚äÉ (8) ‚äÉ . . . .

We will prove in Chapter 9 that an Artinian ring must also be Noetherian.
3. If F is a Ô¬Åeld, then the polynomial ring F [X] is Noetherian (another special case of
Example 1) but not Artinian. A descending chain of ideals that does not stabilize is

(X) ‚äÉ (X 2 ) ‚äÉ (X 3 ) ‚äÉ . . . .

4. The ring F [X1 , X2 , . . . ] of polynomials over F in inÔ¬Ånitely many variables is neither
Artinian nor Noetherian. A descending chain of ideals that does not stabilize is con-
structed as in Example 3, and an ascending chain of ideals that does not stabilize
is

(X1 ) ‚ä‚ (X1 , X2 ) ‚ä‚ (X1 , X2 , X3 ) ‚ä‚ . . . .
7.5. NOETHERIAN AND ARTINIAN MODULES AND RINGS 19

7.5.6 Remark
The following observations will be useful in deriving properties of Noetherian and Artinian
modules. If N ‚â¤ M , then a submodule L of M that contains N can always be written in
the form K +N for some submodule K. (K = L is one possibility.) By the correspondence
theorem,

(K1 + N )/N = (K2 + N )/N implies K1 + N = K2 + N and
(K1 + N )/N ‚â¤ (K2 + N )/N implies K1 + N ‚â¤ K2 + N.

7.5.7 Proposition
If N is a submodule of M , then M is Noetherian [resp. Artinian] if and only if N and
M/N are Noetherian [resp. Artinian].

Proof. Assume M is Noetherian. Then N is Noetherian by (2) of (7.5.2), since a submod-
ule of N must also be a submodule of M . By (7.5.6), an ascending chain of submodules
of M/N looks like (M1 + N )/N ‚â¤ (M2 + N )/N ‚â¤ ¬· ¬· ¬· . But then the Mi + N form an as-
cending sequence of submodules of M , which must stabilize. Consequently, the sequence
(Mi + N )/N, i = 1, 2, . . . , must stabilize.
Conversely, assume that N and M/N are Noetherian, and let M1 ‚â¤ M2 ‚â¤ ¬· ¬· ¬· be
an increasing sequence of submodules of M . Take i large enough so that both sequences
{Mi ‚à© N } and {Mi + N } have stabilized. If x ‚àà Mi+1 , then x + N ‚àà Mi+1 + N = Mi + N ,
so x = y + z where y ‚àà Mi and z ‚àà N . Thus x ‚à’ y ‚àà Mi+1 ‚à© N = Mi ‚à© N , and since
y ‚àà Mi we have x ‚àà Mi as well. Consequently, Mi = Mi+1 and the sequence of Mi ‚Ä™s
has stabilized. The Artinian case is handled by reversing inequalities (and interchanging
indices i and i + 1 in the second half of the proof). ‚™£

7.5.8 Corollary
If M1 , . . . , Mn are Noetherian [resp. Artinian] R-modules, then so is M1 ‚ä• M2 ‚ä• ¬· ¬· ¬· ‚ä• Mn .

Proof. It suÔ¬Éces to consider n = 2 (induction will take care of higher values of n). The
submodule N = M1 of M = M1 ‚ä• M2 is Noetherian by hypothesis, and M/N ‚àº M2 =
is also Noetherian (apply the Ô¬Årst isomorphism theorem to the natural projection of M
onto M2 ). By (7.5.7), M is Noetherian. The Artinian case is done the same way. ‚™£

7.5.9 Corollary
If M is a Ô¬Ånitely generated module over the Noetherian [resp. Artinian] ring R, then M
is Noetherian [resp. Artinian]

Proof. By (4.3.6), M is a quotient of a free module L of Ô¬Ånite rank. Since L is the direct
sum of a Ô¬Ånite number of copies of R, the result follows from (7.5.8) and (7.5.7). ‚™£

Ascending and descending chains of submodules are reminiscent of normal and sub-
normal series in group theory, and in fact we can make a precise connection.
20 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.5.10 DeÔ¬Ånitions
A series of length n for a module M is a sequence of the form
M = M0 ‚â• M1 ‚â• ¬· ¬· ¬· ‚â• Mn = 0.
The series is called a composition series if each factor module Mi /Mi+1 is simple. [A
module is simple if it is nonzero and has no submodules except itself and 0. We will study
simple modules in detail in Chapter 9.] Thus we are requiring the series to have no proper
reÔ¬Ånement. Two series are equivalent if they have the same length and the same factor
modules, up to isomorphism and rearrangement.
By convention, the zero module has a composition series, namely {0} itself.

7.5.11 Jordan-H¬®lder Theorem For Modules
o
If M has a composition series, then any two composition series for M are equivalent. Fur-
thermore, any strictly decreasing sequence of submodules can be reÔ¬Åned to a composition
series.
Proof. The development of the Jordan-H¬®lder theorem for groups can be taken over ver-
o
batim if we change multiplicative to additive notation. In particular, we can reproduce the
preliminary lemma (5.6.2), the Zassenhaus lemma (5.6.3), the Schreier reÔ¬Ånement theo-
rem (5.6.5), and the Jordan-H¬®lder Theorem (5.6.6). We need not worry about normality
o
of subgroups because in an abelian group, all subgroups are normal. As an example of
the change in notation, the Zassenhaus lemma becomes
.
=
This type of proof can be irritating, because it forces readers to look at the earlier de-
velopment and make sure that everything does carry over. A possible question is ‚ÄúWhy
can‚Ä™t a composition series S of length n coexist with an inÔ¬Ånite ascending or descending
chain?‚Äù But if such a situation occurs, we can form a series T for M of length n + 1. By
Schreier, S and T have equivalent reÔ¬Ånements. Since S has no proper reÔ¬Ånements, and
equivalent reÔ¬Ånement have the same length, we have n ‚â• n + 1, a contradiction. ‚™£
We can now relate the ascending and descending chain conditions to composition
series.

7.5.12 Theorem
The R-module M has a composition series if and only if M is both Noetherian and
Artinian.
Proof. The ‚Äúonly if‚Äù part was just done at the end of the proof of (7.5.11). Thus as-
sume that M is Noetherian and Artinian. Assuming (without loss of generality) that
M = 0, it follows from (2) of (7.5.2) that M0 = M has a maximal proper submodule M1 .
Now M1 is Noetherian by (7.5.7), so if M1 = 0, then M1 has a maximal proper submodule
M2 . Continuing inductively, we must reach 0 at some point because M is Artinian. By
construction, each Mi /Mi+1 is simple, and we have a composition series for M . ‚™£
7.5. NOETHERIAN AND ARTINIAN MODULES AND RINGS 21

Here is a connection with algebraic number theory.

7.5.13 Proposition
In the basic AKLB setup of (7.3.9), assume that A is integrally closed. If A is a Noetherian
ring, then so is B. In particular, the ring of algebraic integers in a number Ô¬Åeld is
Noetherian.

Proof. By the proof of (7.4.9), B is a submodule of a free A-module M of Ô¬Ånite rank.
(The assumption that A is a PID in (7.4.9) is used to show that A is integrally closed,
and we have this by hypothesis. The PID assumption is also used to show that B is
a free A-module, but we do not need this in the present argument.) By (7.5.8), M is
Noetherian, so by (7.5.7), B is a Noetherian A-module. An ideal of B is, in particular,
an A-submodule of B, hence is Ô¬Ånitely generated over A and therefore over B. Thus B is
a Noetherian ring. ‚™£

Problems For Section 7.5
1. Let p be a Ô¬Åxed prime, and let A be the abelian group of all rational numbers a/pn ,
n = 0, 1, . . . , a ‚àà Z, where all calculations are modulo 1, in other words, A is a subgroup
of Q/Z. Let An be the subgroup {0, 1/pn , 2/pn , . . . , (pn ‚à’ 1)/pn }. Show that A is not
a Noetherian Z-module.
2. Continuing Problem 1, if B is a proper subgroup of A, show that B must be one of
the An . Thus A is an Artinian Z-module. [This situation cannot arise for rings, where
Artinian implies Noetherian.]
3. If V is a vector space, show that V is Ô¬Ånite-dimensional iÔ¬Ä V is Noetherian iÔ¬Ä V is
Artinian iÔ¬Ä V has a composition series.
4. DeÔ¬Åne the length of a module M [notation l(M )] as the length of a composition series
for M . (If M has no composition series, take l(M ) = ‚àû.) Suppose that we have a
short exact sequence

GN GM G M/N G0
f g
0

Show that l(M ) is Ô¬Ånite if and only if l(N ) and l(M/N ) are both Ô¬Ånite.
5. Show that l is additive, that is,

l(M ) = l(N ) + l(M/N ).

6. Let S be a subring of the ring R, and assume that S is a Noetherian ring. If R is
Ô¬Ånitely generated as a module over S, show that R is also a Noetherian ring.
7. Let R be a ring, and assume that the polynomial ring R[X] is Noetherian. Does it
8. Show that a module M is Artinian if and only if every quotient module M/N is Ô¬Ånitely
cogenerated.
22 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.6 Fractional Ideals
Our goal is to establish unique factorization of ideals in a Dedekind domain, and to do
this we will need to generalize the notion of ideal. First, some preliminaries.

7.6.1 DeÔ¬Ånition
If I1 , . . . , In are ideals, the product I1 ¬· ¬· ¬· In is the set of all Ô¬Ånite sums i a1i a2i ¬· ¬· ¬· ani ,
where aki ‚àà Ik , k = 1, . . . , n. It follows from the deÔ¬Ånition that the product is an ideal
contained in each Ij .

7.6.2 Lemma
If P is a prime ideal that contains a product I1 ¬· ¬· ¬· In of ideals, then P contains Ij for
some j.

Proof. If not, let aj ‚àà Ij \ P , j = 1, . . . , n. Then a1 ¬· ¬· ¬· an belongs to I1 ¬· ¬· ¬· In ‚äÜ P , and
since P is prime, some aj belongs to P , a contradiction. ‚™£

7.6.3 Proposition
If I is a nonzero ideal of the Noetherian integral domain R, then I contains a product of
nonzero prime ideals.

Proof. Assume the contrary. If S is the collection of all nonzero ideals that do not contain
a product of nonzero prime ideals, then since R is Noetherian, S has a maximal element J,
and J cannot be prime because it belongs to S. Thus there are elements a, b ‚àà R with
a ‚àà J, b ‚àà J, and ab ‚àà J. By maximality of J, the ideals J + Ra and J + Rb each contain
/ /
a product of nonzero prime ideals, hence so does (J + Ra)(J + Rb) ‚äÜ J + Rab = J. This
is a contradiction. [Notice that we must use the fact that a product of nonzero ideals is
nonzero, and this is where the hypothesis that R is an integral domain comes in.] ‚™£

7.6.4 Corollary
If I is an ideal of the Noetherian ring R (not necessarily an integral domain), then I
contains a product of prime ideals.

Proof. Repeat the proof of (7.6.3) with the word ‚Äúnonzero‚Äù deleted. ‚™£

Ideals in the ring of integers are of the form nZ, the set of multiples of n. A set of the
form 3 Z is not an ideal because it is not a subset of Z, yet it behaves in a similar manner.
2
The set is closed under addition and multiplication by an integer, and it becomes an ideal
of Z if we simply multiply all the elements by 2. It will be proÔ¬Åtable to study sets of this
type.
7.6. FRACTIONAL IDEALS 23

7.6.5 DeÔ¬Ånitions
Let R be an integral domain, with K its quotient Ô¬Åeld, and let I be an R-submodule
of K. We say that I is a fractional ideal of R if rI ‚äÜ R for some nonzero r ‚àà R. We will
call r a denominator of I. An ordinary ideal of R is a fractional ideal (take r = 1), and
will often be referred to an as integral ideal.

7.6.6 Lemma
(i) If I is a Ô¬Ånitely generated R-submodule of K, then I is a fractional ideal.
(ii) If R is Noetherian and I is a fractional ideal of R, then I is a Ô¬Ånitely generated
R-submodule of K.
(iii) If I and J are fractional ideals with denominators r and s respectively, then I ‚à© J,
I + J and IJ are fractional ideals with respective denominators r (or s), rs and rs.
[The product of fractional ideals is deÔ¬Åned exactly as in (7.6.1).]

Proof. (i) If x1 = a1 /b1 , . . . , xn = an /bn generate I and b = b1 ¬· ¬· ¬· bn , then bI ‚äÜ R.
(ii) If rI ‚äÜ R, then I ‚äÜ r‚à’1 R. As an R-module, r‚à’1 R is isomorphic to R and is
therefore Noetherian. Consequently, I is Ô¬Ånitely generated.
(iii) It follows from the deÔ¬Ånition (7.6.5) that the intersection, sum and product of
fractional ideals are fractional ideals. The assertions about denominators are proved by
noting that r(I ‚à© J) ‚äÜ rI ‚äÜ R, rs(I + J) ‚äÜ rI + sJ ‚äÜ R, and rsIJ = (rI)(sJ) ‚äÜ R. ‚™£

The product of two nonzero fractional ideals is a nonzero fractional ideal, and the
multiplication is associative (since multiplication in R is associative). There is an identity
element , namely R, since RI ‚äÜ I = 1I ‚äÜ RI. We will show that if R is a Dedekind
domain, then every nonzero fractional ideal has a multiplicative inverse, so the nonzero
fractional ideals form a group.

A Dedekind domain is an integral domain R such that

(1) R is Noetherian,
(2) R is integrally closed, and
(3) Every nonzero prime ideal of R is maximal.

Every PID is a Dedekind domain, by (7.5.5), (7.1.7), (2.6.8) and (2.6.9). We will prove
that the algebraic integers of a number Ô¬Åeld form a Dedekind domain. But as we know,
the ring of algebraic integers need not be a PID, or even a UFD (see the discussion at the
beginning of this chapter, and the exercises in Section 7.7).

7.6.8 Lemma
Let I be a nonzero prime ideal of the Dedekind domain R, and let J = {x ‚àà K : xI ‚äÜ R}.
Then R ‚ä‚ J.
24 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

Proof. Since RI ‚äÜ R, it follows that R is a subset of J. Pick a nonzero element a ‚àà I,
so that I contains the principal ideal Ra. Let n be the smallest positive integer such
that Ra contains a product P1 ¬· ¬· ¬· Pn of n nonzero prime ideals. Since R is Noetherian,
there is such an n by (7.6.3), and by (7.6.2), I contains one of the Pi , say P1 . But in a
Dedekind domain, every nonzero prime ideal is maximal, so I = P1 . Assuming n ‚â• 2, set
I1 = P2 ¬· ¬· ¬· Pn , so that Ra ‚äá I1 by minimality of n. Choose b ‚àà I1 with b ‚àà Ra. Now
/
‚à’1
II1 ‚äÜ Ra, in particular, Ib ‚äÜ Ra, hence Iba ‚äÜ R. (Note that a has an inverse in K,
but not necessarily in R.) Thus ba‚à’1 ‚àà J, but ba‚à’1 ‚àà R, for if so, b ‚àà Ra, contradicting
/
the choice of b.
The case n = 1 must be handled separately. In this case, P1 = I ‚äá Ra ‚äá P1 , so
I = Ra. Thus Ra is a proper ideal, and we can choose b ‚àà R with b ‚àà Ra. Then /
‚à’1 ‚à’1 ‚à’1 ‚à’1
ba ‚àà R, but ba I = ba Ra = bR ‚äÜ R, so ba ‚àà J. ‚™£
/

We now prove that in (7.6.8), J is the inverse of I.

7.6.9 Proposition
Let I be a nonzero prime ideal of the Dedekind domain R, and let J = {x ‚àà K : xI ‚äÜ R}.
Then J is a fractional ideal and IJ = R.

Proof. By deÔ¬Ånition, J is an R-submodule of K. If r is a nonzero element of I and x ‚àà J,
then rx ‚àà R, so rJ ‚äÜ R and J is a fractional ideal. Now IJ ‚äÜ R by deÔ¬Ånition of J, so
IJ is an integral ideal. Since (using (7.6.8)) I = IR ‚äÜ IJ ‚äÜ R, maximality of I implies
that either IJ = I or IJ = R. In the latter case, we are Ô¬Ånished, so assume IJ = I.
If x ‚àà J, then xI ‚äÜ IJ = I, and by induction, xn I ‚äÜ I for all n = 1, 2, . . . . Let r be
any nonzero element of I. Then rxn ‚àà xn I ‚äÜ I ‚äÜ R, so R[x] is a fractional ideal. Since
R is Noetherian, part (ii) of (7.6.6) implies that R[x] is a Ô¬Ånitely generated R-submodule
of K. By (7.1.2), x is integral over R. But R, a Dedekind domain, is integrally closed, so
x ‚àà R. Therefore J ‚äÜ R, contradicting (7.6.8). ‚™£

Problems For Section 7.6
1. Show that a proper ideal P is prime if and only if for all ideals A and B, P ‚äá AB
implies that P ‚äá A or P ‚äá B.

We are going to show that if an ideal I is contained in the union of the prime ideals
P1 , . . . , Pn , then I is contained in some Pi . Equivalently, if for all i = 1, . . . , n, we have
I ‚äÜ Pi , then I ‚äÜ ‚à™n Pi . There is no problem when n = 1, so assume the result holds
i=1
for n ‚à’ 1 prime ideals. By the induction hypothesis, for each i there exists xi ‚àà I with
xi ‚àà Pj , j = i.
/

2. Show that we can assume without loss of generality that xi ‚àà Pi for all i.
n
x1 ¬· ¬· ¬· xi‚à’1 xi+1 ¬· ¬· ¬· xn . Show that x ‚àà I but
3. Continuing Problem 2, let x = i=1
x ‚àà ‚à™n Pi , completing the proof.
/ i=1
4. If I and J are relatively prime ideals (I +J = R), show that IJ = I ‚à©J. More generally,
if I1 , . . . , In are relatively prime in pairs (see (2.3.7)), show that I1 ¬· ¬· ¬· In = ‚à©n Ii .
i=1
7.7. UNIQUE FACTORIZATION OF IDEALS IN A DEDEKIND DOMAIN 25

5. Show that if a Dedekind domain R is a UFD, then R is a PID.
6. Suppose that in (7.6.9), we would like to invert every maximal ideal of R, rather than
the nonzero prime ideals. What is a reasonable hypothesis to add about R?
7. Let R be an integral domain with quotient Ô¬Åeld K. If K is a fractional ideal of R,
show that R = K.
r s
8. Let P1 and P2 be relatively prime ideals in the ring R. Show that P1 and P2 are
relatively prime for arbitrary positive integers r and s.

7.7 Unique Factorization of Ideals in a Dedekind
Domain
In the previous section, we inverted nonzero prime ideals in a Dedekind domain. We must
now extend this result to nonzero fractional ideals.

7.7.1 Theorem
If I is a nonzero fractional ideal of the Dedekind domain R, then I can be factored uniquely
as P1 1 P2 2 ¬· ¬· ¬· Pr r where the ni are integers. Consequently, the nonzero fractional ideals
n n n

form a group under multiplication.
Proof. First consider the existence of such a factorization. Without loss of generality, we
can restrict to integral ideals. [Note that if r = 0 and rI ‚äÜ R, then I = (Rr)‚à’1 (rI).] By
convention, we regard R as the product of the empty collection of prime ideals, so let S
be the set of all nonzero proper ideals of R that cannot be factored in the given form,
with all ni positive integers. [This trick will yield the useful result that the factorization
of integral ideals only involves positive exponents.] Since R is Noetherian, S, if nonempty,
has a maximal element I0 , which is contained in a maximal ideal I. By (7.6.9), I has an
inverse fractional ideal J. Thus by (7.6.8) and (7.6.9),
I0 = I0 R ‚äÜ I0 J ‚äÜ IJ = R.
Therefore I0 J is an integral ideal, and we claim that I0 ‚ä‚ I0 J. For if I0 = I0 J, the
last paragraph of the proof of (7.6.9) can be reproduced with I replaced by I0 to reach a
contradiction. By maximality of I0 , I0 J is a product of prime ideals, say I0 J = P1 ¬· ¬· ¬· Pr
(with repetition allowed). Multiply both sides by the prime ideal I to conclude that I0 is
a product of prime ideals, contradicting I0 ‚àà S. Thus S must be empty, and the existence
of the desired factorization is established.
To prove uniqueness, suppose that we have two prime factorizations
P1 1 ¬· ¬· ¬· Pr r = Qt1 ¬· ¬· ¬· Qts
n n
s
1

where again we may assume without loss of generality that all exponents are positive.
[If P ‚à’n appears, multiply both sides by P n .] Now P1 contains the product of the Pini ,
so by (7.6.2), P1 contains Qj for some j. By maximality of Qj , P1 = Qj , and we may
renumber so that P1 = Q1 . Multiply by the inverse of P1 (a fractional ideal, but there is
no problem) to cancel P1 and Q1 , and continue inductively to complete the proof. ‚™£
26 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

7.7.2 Corollary
A nonzero fractional ideal I is an integral ideal if and only if all exponents in the prime
factorization of I are nonnegative.

Proof. The ‚Äúonly if‚Äù part was noted in the proof of (7.7.1). The ‚Äúif‚Äù part follows because
a power of an integral ideal is still an integral ideal. ‚™£

7.7.3 Corollary
Denote by nP (I) the exponent of the prime ideal P in the factorization of I. (If P does
not appear, take nP (I) = 0.) If I1 and I2 are nonzero fractional ideals, then I1 ‚äá I2 if
and only if for every prime ideal P of R, nP (I1 ) ‚â¤ nP (I2 ).

‚à’1
Proof. We have I2 ‚äÜ I1 iÔ¬Ä I2 I1 ‚äÜ R, and by (7.7.2), this happens iÔ¬Ä for every P ,
nP (I2 ) ‚à’ nP (I1 ) ‚â• 0. ‚™£

7.7.4 DeÔ¬Ånition
Let I1 and I2 be nonzero integral ideals. We say that I1 divides I2 if I2 = JI1 for some
integral ideal J. Just as with integers, an equivalent statement is that each prime factor
of I1 is a factor of I2 .

7.7.5 Corollary
If I1 and I2 are nonzero integral ideals, then I1 divides I2 if and only if I1 ‚äá I2 . In other
words, for these ideals,

DIVIDES MEANS CONTAINS.

Proof. By (7.7.4), I1 divides I2 iÔ¬Ä nP (I1 ) ‚â¤ nP (I2 ) for every prime ideal P . By (7.7.3),
this is equivalent to I1 ‚äá I2 . ‚™£

The next result explains why Dedekind domains are important in algebraic number
theory.

7.7.6 Theorem
In the basic AKLB setup of (7.3.9), if A is a Dedekind domain, then so is B. In particular,
the ring of algebraic integers in a number Ô¬Åeld is a Dedekind domain. In addition, B is a
Ô¬Ånitely generated A-module and the quotient Ô¬Åeld of B is L.

Proof. By (7.1.6), B is integrally closed in L. The proof of (7.4.7), with xi replaced by an
arbitrary element of L, shows that L is the quotient Ô¬Åeld of B. Therefore B is integrally
closed. By (7.5.13), B is a Noetherian ring, and the proof of (7.5.13) shows that B is a
Noetherian, hence Ô¬Ånitely generated, A-module.
7.8. SOME ARITHMETIC IN DEDEKIND DOMAINS 27

It remains to prove that every nonzero prime ideal Q of B is maximal. Choose any
nonzero element x of Q. Since x ‚àà B, x satisÔ¬Åes a polynomial equation
xn + an‚à’1 xn‚à’1 + ¬· ¬· ¬· + a1 x + a0 = 0
with the ai ‚àà A. If we take the positive integer n as small as possible, then a0 = 0 by
minimality of n. Solving for a0 , we see that a0 ‚àà Bx ‚à© A ‚äÜ Q ‚à© A, so P = Q ‚à© A = 0. But
P is the preimage of the prime ideal Q under the inclusion map of A into B. Therefore P
is a nonzero prime, hence maximal, ideal of the Dedekind domain A. Consequently, A/P
is a Ô¬Åeld.
Now A/P can be identiÔ¬Åed with a subring of the integral domain B/Q via y + P ‚Ü’
y + Q. Moreover, B/Q is integral over A/P . [B is integral over A, and we can simply use
the same equation of integral dependence.] It follows from Section 7.1, Problem 5, that
B/Q is a Ô¬Åeld, so Q is a maximal ideal. ‚™£

Problems For Section 7.7
‚àö ‚àö
By (7.2.3), the ring B of algebraic integers in Q( ‚à’5) is Z[ ‚à’5]. We will show that
‚àö
Z[ ‚à’5] is not a unique factorization domain. (For a diÔ¬Äerent approach, see Section 2.7,
Problems 5‚Ä“7.) Consider the factorization
‚àö ‚àö
(1 + ‚à’5)(1 ‚à’ ‚à’5) = (2)(3).

1. By computing norms, verify that all four of the above factors are irreducible.
2. Show that the only units of B are ¬±1.
3. Show that no factor on one side of the above equation is an associate of a factor on
the other side, so unique factorization fails.
4. We can use the prime factorization of ideals in a Dedekind domain to compute the
greatest common divisor and the least common multiple of two nonzero ideals I and J,
exactly as with integers. Show that the greatest common divisor of I and J is I + J
and the least common multiple is I ‚à© J.
5. A Dedekind domain R comes close to being a PID in the following sense. (All ideals
are assumed nonzero.) If I is an integral ideal, in fact if I is a fractional ideal, show
that there is an integral ideal J such that IJ is a principal ideal of R.
‚àö
6. Show that the ring of algebraic integers in Q( ‚à’17) is not a unique factorization
domain.
7. In Problem 6, the only algebraic integers of norm 1 are ¬±1. Show that this property
‚àö
does not hold for the algebraic integers in Q( ‚à’3).

7.8 Some Arithmetic in Dedekind Domains
Unique factorization of ideals in a Dedekind domain permits calculations that are analo-
gous to familiar manipulations involving ordinary integers. In this section, we illustrate
some of the ideas.
28 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

Let P1 , . . . , Pn be distinct nonzero prime ideals of the Dedekind domain R, and let
J = P1 ¬· ¬· ¬· Pn . Let Qi be the product of the Pj with Pi omitted, that is,

Qi = P1 ¬· ¬· ¬· Pi‚à’1 Pi+1 ¬· ¬· ¬· Pn .

(If n = 1, we take Qi = R.) If I is any nonzero ideal of R, then by unique factorization,
IQi ‚äÉ IJ. For each i = 1, . . . , n, choose an element ai belonging to IQi but not to IJ,
n
and let a = i=1 ai .

7.8.1 Lemma
a ‚àà I but for each i, a ‚àà IPi . (In particular, a = 0.)
/

Proof. Since each ai belongs to IQi ‚äÜ I, we have a ‚àà I. Now ai cannot belong to IPi , for
if so, ai ‚àà IPi ‚à© IQi , which is the least common multiple of IPi and IQi (see Section 7.7,
Problem 4). But by deÔ¬Ånition of Qi , the least common multiple is simply IJ, and this
contradicts the choice of ai . We break up the sum deÔ¬Åning a as follows:

a = (a1 + ¬· ¬· ¬· + ai‚à’1 ) + ai + (ai+1 + ¬· ¬· ¬· + an ). (1)

If j = i, then aj ‚àà IQj ‚äÜ IPi , so the Ô¬Årst and third terms of (1) belong to IPi . Since
ai ‚àà IPi , as found above, we have a ‚àà IPi . ‚™£
/ /

In Section 7.7, Problem 5, we found that any nonzero ideal is a factor of a principal
ideal. We can sharpen this result as follows.

7.8.2 Proposition
Let I be a nonzero ideal of the Dedekind domain R. Then there is a nonzero ideal I such
that II is a principal ideal (a). Moreover, if J is an arbitrary nonzero ideal of R, I can
be chosen to be relatively prime to J.

Proof. Let P1 , . . . , Pn be the distinct prime divisors of J, and choose a as in (7.8.1). Then
a ‚àà I, so (a) ‚äÜ I. Since divides means contains (see (7.7.5)), I divides (a), so (a) = II
for some nonzero ideal I . If I is divisible by Pi , then I = Pi I0 for some nonzero ideal I0 ,
and (a) = IPi I0 . Consequently, a ‚àà IPi , contradicting (7.8.1). ‚™£

7.8.3 Corollary
A Dedekind domain with only Ô¬Ånitely many prime ideals is a PID.

Proof. Let J be the product of all the nonzero prime ideals. If I is any nonzero ideal,
then by (7.8.2) there is a nonzero ideal I such that II is a principal ideal (a), with I
relatively prime to J. But then the set of prime factors of I is empty, so that I = R.
Thus (a) = II = IR = I. ‚™£

The next result shows that a Dedekind domain is not too far away from a principal
ideal domain.

7.8.4 Corollary
Let I be a nonzero ideal of the Dedekind domain R, and let a be any nonzero element
of I. Then I can be generated by two elements, one of which is a.

Proof. Since a ‚àà I, we have (a) ‚äÜ I, so I divides (a), say (a) = IJ. By (7.8.2) there is
a nonzero ideal I such that II is a principal ideal (b) and I is relatively prime to J. If
gcd stands for greatest common divisor, then the ideal generated by a and b is

gcd((a), (b)) = gcd(IJ, II ) = I

since gcd(J, I ) = (1). ‚™£

Problems For Section 7.8
1. Let I(R) be the group of nonzero fractional ideals of a Dedekind domain R. If P (R) is
the subset of I(R) consisting of all nonzero principal fractional ideals Rx, x ‚àà K, show
that P (R) is a subgroup of I(R). The quotient group C(R) = I(R)/P (R) is called the
ideal class group of R. Since R is commutative, C(R) is abelian, and it can be shown
that C(R) is Ô¬Ånite.
2. Continuing Problem 1, show that C(R) is trivial iÔ¬Ä R is a PID.

We will now go through the factorization of an ideal in a number Ô¬Åeld. The neces-
sary background is developed in a course in algebraic number theory, but some of the
manipulations are accessible to us now. By (7.2.3), the ring B of algebraic integers of the
‚àö ‚àö
number Ô¬Åeld Q( ‚à’5) is Z[ ‚à’5]. (Note that ‚à’5 ‚â° 3 mod 4.) If we wish to factor the
result is x2 + 5 ‚â° (x + 1)2
ideal (2) = 2B in B, the idea is to factor x2 + 5 mod 2, and the ‚àö
‚àö
mod 2. Identifying x with ‚à’5, we form the ideal P2 = (2, 1 + ‚à’5), which turns out to
be prime. The desired factorization is (2) = P2 . This technique works if B = Z[Œ±], where
2

the number Ô¬Åeld L is Q(Œ±).
‚àö
3. Show that 1 ‚à’ ‚à’5 ‚àà P2 , and conclude that 6 ‚àà P2 . 2

4. Show that 2 ‚àà P2 , hence (2) ‚äÜ P2 .
2 2
‚àö ‚àö
5. Expand P2 = (2, 1 + ‚à’5)(2, 1 + ‚à’5), and conclude that P2 ‚äÜ (2).
2 2

6. Following the technique suggested in the above problems, factor x2 + 5 mod 3, and
‚àö
conjecture that the prime factorization of (3) in the ring of integers of Q( ‚à’5) is
(3) = P3 P3 for appropriate P3 and P3 .
7. With P3 and P3 as found in Problem 6, verify that (3) = P3 P3 .

We will give a very informal introduction to this basic area of number theory. ( For further
details, see Gouvea, ‚Äúp-adic Numbers‚Äù.) Throughout the discussion, p is a Ô¬Åxed prime.
30 CHAPTER 7. INTRODUCING ALGEBRAIC NUMBER THEORY

A p-adic integer can be described in several ways. One representation is via a series

x = a0 + a1 p + a2 p2 + ¬· ¬· ¬· , ai ‚àà Z. (1)

(Let‚Ä™s ignore the problem of convergence for now.) The partial sums are xn = a0 + a1 p +
¬· ¬· ¬· + an pn , so that xn ‚à’ xn‚à’1 = an pn . A p-adic integer can also be deÔ¬Åned as a sequence
of integers x = {x0 , x1 , . . . , } satisfying

xn ‚â° xn‚à’1 mod pn , n = 1, 2, . . . . (2)

Given a sequence satisfying (2), we can recover the coeÔ¬Écients of the series (1) by

x1 ‚à’ x0 x2 ‚à’ x1
a0 = x0 , a1 = , a2 = ,....
p2
p

The sequences x and y are regarded as deÔ¬Åning the same p-adic integer iÔ¬Ä xn ‚â° yn mod
pn+1 , n = 0, 1, . . . . Replacing each xn by the smallest nonnegative integer congruent to
it mod pn+1 is equivalent to restricting the ai in (1) to {0, 1, . . . , p ‚à’ 1}. [We call this the
standard representation.] Thus (1) is the limiting case in some sense of an expansion in
base p.
Sums and products of p-adic integers can be deÔ¬Åned by polynomial multiplication if (1)
is used. With the representation (2), we take

x + y = {xn + yn }, xy = {xn yn }.

With addition and multiplication deÔ¬Åned in this way, we get the ring of p-adic integers,
denoted by Œ∏p . (A more common notation is Zp , with the ring of integers modulo p
written as Z/pZ. Since the integers mod p occur much more frequently in this text than
the p-adic integers, and Zp is a bit simpler than Z/pZ, I elected to use Zp for the integers
mod p.) The rational integers Z form a subring of Œ∏p via x = {x, x, x, . . . }.
We now identify the units of Œ∏p .

7.9.2 Proposition
The p-adic integer x = {xn } is a unit of Œ∏p (also called a p-adic unit) if and only if x0 ‚â° 0
mod p. In particular, a rational integer a is a p-adic unit if and only if a ‚â° 0 mod p.

Proof. If (a0 + a1 p + ¬· ¬· ¬· )(b0 + b1 p + ¬· ¬· ¬· ) = 1, then a0 b0 = 1, so a0 ‚â° 0 mod p, proving
the ‚Äúonly if‚Äù part. Thus assume that x0 ‚â° 0 mod p. By (2), xn ‚â° xn‚à’1 ‚â° ¬· ¬· ¬· ‚â° x0
mod p, so xn ‚â° 0 mod p. Therefore xn and pn+1 are relatively prime, so there exists
yn such that xn yn ‚â° 1 mod pn+1 , hence mod pn . Now by (2), xn ‚â° xn‚à’1 mod pn , so
xn yn‚à’1 ‚â° xn‚à’1 yn‚à’1 ‚â° 1 mod pn . Thus xn yn ‚â° xn yn‚à’1 mod pn , so yn ‚â° yn‚à’1 mod pn .
The sequence y = {yn } is therefore a p-adic integer, and by construction, xy = 1. ‚™£