Must Read GaloisTheory

Fields and Galois Theory
MATH5246
Andrew Hubery
ahubery@maths.leeds.ac.uk
Chapter 1
Introduction
Galois Theory has its orgins in the study of roots of polynomials. It is not
concerned with finding the roots, which can be done using, say, the NewtonRaphson Method (see also here for an analysis of various techniques used in
computing for finding square-roots); rather, Galois Theory is interested in the
form that the roots can take.
In particular, we can ask which polynomials are solvable by radicals: given
a polynomial
f = X n + a1 X n1 + + an1 X + an Q[X],
we say f is solvable by radicals
if we can express a root of f using only the field
r
.
operations +, , , and
Some polynomials are always solvable by radicals. In school one learns that for
a quadratic equation
f = X 2 + 2pX + q,
one can complete the square to write
f = (X + p)2 + (q p2 ),
and hence has roots
p
p2 q.
This was essentially known to the Babylonians (ca. 1600BC).

Similarly, a polynomial of the form
f = Xn a
clearly has
a as a root.
The question thus becomes: is every polynomial of degree n solvable by radicals?

If yes, is there a general formula giving a root of all polynomials of degree n? If
no, can we determine which polynomials are solvable by radicals?
1
In the sixteenth century, Ferro and Fontana (nicknamed Tartaglia because of

his stutter) discovered a general formula which workes for all cubic polynomials.
For example, the polynomial
f = X 3 + 3X + 2
has as a root the number
q
3
1 +
q
3
1
2+
2.
On the other hand, you should be careful what you wish for: this general method
gives, for the polynomial
f = X 3 15X 4,
the root
2 + 11i +
2 11i,
which is a rather complicated way of expressing the number 4.

Soon after, Ferrari gave a general method for solving quartic polynomials. These
methods were published by Cardano, Ferraris mentor, in his Ars Magna in 1545.
This proved that all polynomials of degree four are solvable by radicals, and in
fact that there is a general formula which works for all such polynomials. It took
another three hundred years until Abel showed in 1824 that there is no formula
giving a radical expression for the root of all quintic polynomials. His result was
based on an incomplete proof by Ruffini, and used the ideas of permutations,
so was the beginning of group theory.
Finally Galois in 1830 developed the ideas of group theory in order to decide
which polynomials are solvable by radicals and which are not, and hence explain
why there is no general method for finding roots of polynomials of degree five.
His method allows one to prove, for example, that the polynomial X 5 X 1
is not solvable by radicals.
1.1
A Modern Approach
From a modern perspective, we replace the study of a polynomial by the study

of the field extension generated by its roots. We then consider the group of all
field automorphisms of this field extension, called the Galois group of the field
extension. So, if K is a subfield of L, we consider the group
Gal(L/K) := {field automorphisms of L fixing every element of K}.
If f K[X] is a polynomial, and L is the field generated by all the roots of f ,
then we write Gal(f ) for Gal(L/K).
As a simple example, the roots of f = X 2 +1 R[X] are i C. Since C = R(i),
we need to understand the group of all field automorphisms of C which fix R.
Any such automorphism is determined by (i), and since i2 = 1, we must

have (i)2 = 1, so (i) = i. In fact, both of these are allowed, so
Gal(X 2 + 1) = Gal(C/R)
= Z/2Z
is a cyclic group of order two. This group is generated by the automorphism
: x + iy 7 x iy, which is just complex conjugation.
In other words we can construct C from R by adding in a root of the polynomial
X 2 + 1. From the point of view of R, however, we cannot distinguish between
the two roots i, and in a sense this is why complex conjugation exists.
As a more involved
example,
f = X 3 2 Q[X].
we can consider1 the polynomial
3
3
2 3
This has roots 2, 2, 2, where = 2 (1 + i 3) is a primitive cube root
of unity, so the field generated by the roots is Q( 3 2, ).

Now, any field automorphism must
permute
the roots; for if 3 = 2, then

3
3
3
() = 2. Also, since = 2 / 2 is a quotient of two such roots, we
see that is completely determined by how it permutes the roots. This in fact
gives an injective group homomorphism from the Galois group to the symmetric
group Sym3 .
Next, since exactly two of the roots are complex, we see that complex conjugation is a field automorphism, giving
3
3
3
Gal(Q( 2, )/Q),
2 7 2,
7 2 .
On the other hand, the general theory will tell us that the map 3 2 7 3 2 can
be extending to a field automorphism, giving
3
3
3
Gal(Q( 2, )/Q),
2 7 2, 7 .
Looking at the corresponding permutations, we get that is a transposition,
whereas is a 3-cycle. We know that these elements generate the full symmetric
group, so
3
Gal(Q( 2, )/Q)
= Sym3 .
If instead we had just added in one of the roots, say 3 2, then we wouldnt
have had enough symmetries. In fact, the only field automorphism of Q( 3 2)

is the identity. This helps explain why we need to include all the roots of the
polynomial.
1.2
Galois Theorem
One of the main theorems of this course will be the following.

Theorem 1.1. A polynomial f is solvable by radicals if and only if the group
Gal(f ) is solvable.
Moreover, there exists for each n an irreducible polynomial f Q[X] having
Galois group Gal(f ) = Symn .
3
Since Symn is solvable if and only if n 4, we conclude that there exist quintic
polynomials which are not solvable by radicals. The polynomial X 5 X 1
mentioned earlier is one such quintic.
The Galois group of a field extension L/K tells us a lot about the internal
structure of the field L. In fact, in certain nice cases, there is an order-reversing
bijection between the lattice of subfields of L containing K and the lattice of
subgroups of Gal(L/K). This is called the Galois Correspondence. As a
consequence we see that in these cases there are only finitely many subfields of
L containing K, a fact which is far from obvious.
This passing between subgroups and subfields is an important and extremely
useful observation. One should remark that group theory was in its infancy at
that time, and in fact the abstract notion of a group had yet to be given. Galois
was one of the first to appreciate the fundamental importance of groups, and
nowadays this idea of studying an object by first understanding its symmetries
is prevalent in modern mathematics and physics.
Let us discuss our approach to proving Galois Theorem. Recall that a polynomial
f is solvable by radicals if we can write a root of f using just +, , , and
r
. More generally, we say that a field extension L/K is a radical extension
if there exists a chain of subfields
K = K0 K1 Kn = L
such that Ki+1 is formed from Ki by extracting an r-th root of an element in
Ki . In other words, we adjoin an element i such that ri Ki . We observe
that if L/K is
radical, then every element of L can be obtained by repeated use
r
.
of +, , , ,
The Galois correspondence now furnishes us with a chain of subgroups
{id} = Gal(L/L) Gal(L/K1 ) Gal(L/K).
We would like to say that if Ki+1 /Ki is formed by adjoining an r-th root,
then Gal(Ki1 /Ki ) is a cyclic group of order r. From this it would follow that
the chain of subgroups described above is a subnormal series (each subgroup
is normal in the next) with cyclic subquotients, and hence that Gal(L/K) is a
solvable group.
Unfortunately this is not true in general, but it is true once we assume that we
have enough roots of unity in the field K. We therefore have to apply a few
technical tricks to complete the proof.
Chapter 2
Background Material
2.1
Rings and Algebras
As mentioned in the introduction, Galois Theory involves the study of automorphisms of fields. In fact, we often consider a field L containing another field K
as a subfield, and we want to understand the field automorphisms of L which fix
every element of K. For example, complex conjugation is a field automorphism
of C which fixes every element of R.
The appropriate language is therefore that of algebras. Given a field K, a Kalgebra is a ring R containing K as a subfield. A K-algebra homomorphism
f : R S is a ring homomorphism such that f (x) = x for all x K. We observe
that every K-algebra is a fortiori a K-vector space, and that every K-algebra
homomorphism is a K-linear map.1
Examples include the polynomial ring K[X] and field extensions such as Q
R or R C. Also, if R is a K-algebra and I C RA a proper ideal, then
the quotient ring R/I is again a K-algebra. For, we have a non-zero ring
homomorphism K R R/I, which is therefore injective since K is a field.
We may subsequently identify K with its image inside R/I, giving the quotient
R/I the structure of a K-algebra. In particular, if f K[X] is a non-constant
polynomial, then the quotient ring K[X]/(f ) is a K-algebra.
2.2
Polynomial Rings
Let K be a field, and let K[X] be the ring of polynomials in one variable over
K. The degree map on K[X] is given by
deg(f ) = d provided f = a0 X d + + a1 X + ad with a0 6= 0,
deg(0) = .
1 It is sometimes better to consider R together with a ring homomorphism : K R.

R
Then a K-algebra homomorphism f : R S is a ring homomorphism such that R = S f .
This satisfies
deg(f g) = deg(f ) + deg(g)
and
deg(f ) = 0 f K .
Using this we see that K[X] is an integral domain (it has no zero-divisors), and
also that the only units in K[X] are the non-zero constants, so elements of K .
Theorem 2.1. The polynomial ring K[X] is a principal ideal domain.
In fact, every non-zero ideal is generated by a monic polynomial, and this polynomial is uniquely determined by the ideal.
Proof. The zero ideal (0) is clearly principal, so let I be a non-zero ideal in
K[X] and let 0 6= f I have minimal degree. By dividing through, we may
further assume that f is monic. We will show that I = (f ).
Take g I. By the Division Algorithm we can write g = qf + r for some q and
r with deg(r) < deg(f ). Rearranging gives r = g qf I, so by the minimality
of f we must have r = 0, and hence g = qf (f ). This proves that I (f ),
and since f I we have equality.
To see that f is unique, suppose that g is monic and I = (g). Swapping the
roles of f and g in the above argument gives f = q 0 g, and so f = qq 0 f . Hence
qq 0 = 1, so q, q 0 K . Finally, since both f and g are monic and g = qf , we
deduce that q = 1 and that f = g.
We call a polynomial f irreducible provided that f is non-constant and whenever f = gh, one of g or h is a unit. Similarly, we call a polynomial f prime
provided that f is non-constant and if f divides gh, then f divides one of g or
h. Clearly every prime is irreducible, but in fact the converse also holds.
Proposition 2.2. Every irreducible polynomial f is prime, and (f ) is even a
maximal ideal.
Proof. Let f K[X] be irreducible, and suppose that (f ) (g). Then f = gh
for some h, and since f is irreducible, either g is a unit, in which case (g) = K[X],
or else h is a unit, in which case (g) = (f ). Thus (f ) is a maximal ideal.
To see that f is prime, suppose that f divides gh, but that f does not divide
g. Since (f ) is a maximal ideal and g 6 (f ) we must have that (f, g) = K[X].
Thus there exist polynomials a and b with af + bg = 1. Multiplying by h gives
af h + bgh = h, and since f divides gh, it divides the left-hand side, and hence
f divides h.
The next theorem states that K[X] is a unique factorisation domain.
Theorem 2.3. Every non-zero polynomial f K[X] can be written as f =
af1 fn , where a K is a unit and the fi K[X] are monic and irreducible.
Moreover, such an expression is unique up to the ordering of the fi .
Proof. Let f K[X] be non-constant. If f is irreducible, then we can write

f = af1 , where f1 is monic and a K . Otherwise, if f is not irreducible, then
there exists some expression f = gh with g and h non-constant polynomials.
Now 0 < deg(g), deg(h) < deg(f ), so by induction on degree we can express
both g and h, and hence also f , in the desired form.
Suppose now that f = af1 fm = bg1 gn , where a, b K and fi , gj
K[X] are monic and irreducible. By comparing leading coefficients we see that
a = b.
for the
From Proposition 2.2 we know that K[X]/(f1 ) is a field. Writing h
image of a polynomial h in K[X]/(f1 ), we have that f = 0, so g1 gn = 0 and

hence gi = 0 for some i. After reordering, we may assume that g1 = 0. Then
g1 (f1 ), so g1 = uf1 for some u. Since g1 is irreducible and f1 is not a unit, u
must be a unit. Finally, since f1 and g1 are both monic, u = 1 and so f1 = g1 .
It follows that f2 fm = g2 gn , so by induction on degree we have m = n
and, after reordering, fi = gi for all i.
2.3
Roots of Polynomials
Given K, we have a K-algebra homomorphism ev : K[X] K sending

X 7 . This is called the evaluation map. We write f () for the image
of f in K and say that is a root of a polynomial f K[X] provided that
f () = 0.
Now, the evaluation map is surjective, so its kernel I is a maximal ideal. Clearly
X I, but by Proposition 2.2 the ideal (X ) is also maximal, so
I = (X ). Therefore is a root of f if and only if f (X ), which is if
and only if X divides f .
Using that K[X] is a unique factorisation domain, Theorem 2.3, it now follows that a polynomial of degree d has at most d roots in K, counted with
multiplicities.
We say that a polynomial f splits over K provided that it has precisely d roots
in K, counted with multiplicities. Equivalently, f factorises as a product of
linear polynomials in K[X].
2.4
Irreducibility Criteria
We now recall some facts about integer polynomials f Z[X].

Analogous to the case of polynomials over fields, we can talk about divisibility
of integer polynomials, and hence about irreducible and prime polynomials.
The situation is slightly more complicated, however, since although Z[X] is still
a unique factorisation domain, it is no longer a principal ideal domain. For
example, the ideal (2, X 2 + X + 1) is prime but not principal. In fact, the
quotient ring Z[X]/(2, X 2 + X + 1) is a field with four elements.
7
We therefore introduce a new concept. An integer polynomial f = a0 X d +

+ ad1 X + ad Z[X] is said to be primitive if gcd(a0 , a1 , . . . , ad ) = 1. In
particular, all monic polynomials are primitive.
We recall the following three results concerning the irreducibility of integer
polynomials. Their proofs are included in the handout.
Lemma 2.4 (Gauss Lemma). If f Z[X] is primitive, then it is irreducible
over Z if and only if it is irreducible over Q.
Lemma 2.5 (Eisensteins Criterion). Let f = a0 X d + + ad1 X + ad Z[X]
be primitive. Suppose that there exists a prime p such that p|ai for i = 1, . . . , d,
but p - a0 and p2 - ad . Then f is irreducible.
Lemma 2.6 (Rational Root Test). Let f = a0 X d + + ad Z[X]. If =
p/q Q is a root of f such that gcd(p, q) = 1, then p|ad and q|a0 .
In general, it is difficult to determine whether a given polynomial is irreducible
or not, and to find its decomposition into irreducible factors. One can compare
this to the problem of determining whether a given number is prime, and of
finding its prime factorisation.
Let K be a field and f K[X]. Clearly if deg(f ) = 1, then f is irreducible.
Also, if deg(f ) = 2 or 3, then f is irreducible if and only if it has no linear
factor, which is if and only if it has no root in K. If deg(f ) = 4, though, it
could have a decomposition into two irreducible quadratic polynomials.
Suppose K = Q. Clearing denominators, we may assume f Z[X] is primitive.
Then by Gauss Lemma, f is irreducible over Q if and only if it is irreducible
over Z. Moreover, by the Rational Root Test, we know the possible rational
roots of f . In particular, if f is monic, then any rational root is in fact integral.
For higher degrees, we can also use Eisensteins Criterion. This is particularly
useful if we combine it with a suitable linear change of variables Y = X a.
For example, if p is a prime, then the polynomial f = X p1 + + X + 1 is
irreducible. For, we have f = (X p 1)/(X 1), and so applying the linear
change of variables Y = X 1 we see that

p
f (Y ) = ((Y + 1)p 1)/Y = Y p1 + pY p2 + +
Y r1 + + p.
r

Since p is a prime, each binomial coefficient pr for 0 < r < p is divisible by
p. We can therefore use Eisensteins Criterion to deduce that f (Y ), and hence
also f (X), is irreducible.
Another powerful method is reduction modulo a prime p. We write Fp for the
field Z/pZ. Consider the surjective ring homomorphism Z[X] Fp [X], f 7 f.
Fp [X]. Thus if f is irreducible over Fp
If f = gh Z[X], then clearly f = gh
for some prime p, then f itself must be irreducible over Z.
Variations of this idea can also be applied. For example, suppose that we are
given f Z[X] of degree 4. Using the Rational Root Test, we may assume
8
that f has no linear factors, so that if f = gh has a proper factorisation, then

deg(g) = deg(h) = 2. Now suppose that f Fp [X] factors as f = rs with r, s
irreducible, deg(r) = 1, deg(s) = 3. This is incompatible with any factorisation
f = gh with deg(g) = deg(h) = 2, so f must itself be irreducible.
Finally we remark that there are computer algorithms for factorising polynomials. Over the integers one can use the LLL algorithm, whereas over a finite field
one can use the Cantor-Zassenhaus algorithm. Both of these algorithms run in
polynomial time (viewed in terms of the degree of the polynomial).
Examples
1. f = X 2 2 Z[X]. Eisenstein tells us that f is irreducibleover Z, so
by Gauss Lemma, f is irreducible over Q. In other words, 2 is not a
rational number.
2. f = 29 X 5 + 53 X 4 + X 3 + 13 . Clearing denominators we have g = 9f =
2X 5 + 15X 4 + 9X 3 + 3. We can use Eisensteins Criterion with p = 3 to
deduce that g, and hence f , is irreducible.
3. f = X 3 7X 2 + 3X + 3. The only possible rational roots are 1, 3.
Checking, we see that f = (X1)(X 2 6X3) as a product of irreducibles.
4. f = X 4 + 15X 3 + 7. Working over F2 , we have f = X 4 + X 3 + 1. This
has no linear factor, since neither 0, 1 are roots of f over F2 . Suppose
f = (X 2 + aX + b)(X 2 + cX + d)
= X 4 + (a + c)X 3 + (b + ac + d)X 2 + (ad + bc)X + bd.
From the constant term we see that b = d = 1. Therefore the the coefficient of X gives a + c = 0, whereas the coefficient of X 3 gives a + c = 1, a
contradiction. So f is irreducible over F2 , whence f is irreducible over Z.
5. Consider f = X 4 + 1 and its factorisations over various finite fields:
p
(X + 1)4
(X 2 + 3X + 1)(X 2 3X + 1)
(X 2 + X 1)(X 2 X 1)
11
(X 2 + 3X 1)(X 2 3X 1)
(X 2 + 2)(X 2 2)
13
(X 2 + 5)(X 2 5)
Either f is irreducible or else the product of two irreducible quadratics,

but the above data give no further information. However, making the
substitution Y = X 1 we get (Y + 1)4 + 1 = Y 4 + 4Y 3 + 6Y 2 + 4Y + 2.
Applying Eisenstein with p = 2 we see that f is irreducible.
Chapter 3
Field Extensions
3.1
The Tower Law
Let L be a field and K L a subfield. We write L/K and call L a field

extension of K. We observe that L is a K-algebra, so in particular a K-vector
space. We denote its dimension by [L : K] and call this the degree of the
extension. We say that L/K is a finite field extension if [L : K] is finite.
Clearly L = K if and only if [L : K] = 1.
Let M/L and L/K be field extensions. Then M/K is again field extension, and
we call M/L/K a tower of fields.
Theorem 3.1 (Tower Law). Let M/L/K be a tower of fields. Then
[M : K] = [M : L][L : K].
In particular, M/K is finite if and only if both M/L and L/K are finite.
Proof. Let {i : i I} be a K-basis of L and {j : j J} an L-basis of M . We
claim that the set of products {i j : (i, j) I J} is a K-basis of M .
P
Linear Independence. Suppose that we have a finite sum
i,j ij i j = 0,

P P
where ij K. We can rewrite this as
=
0. Since the
i,j
i
j
jP
i
coefficients of the j lie in L we deduce that i i,j i = 0 for all i, and then
that i,j = 0.
P
Spanning. Take M . We can write
j j j as a finite sum with
P =
coefficients j L. P
Now write j = i ij i as a finite sum with coefficients
ij K. Then = i,j ij i j as required.
3.2
Algebraic and Transcendental Elements
Let L/K be a field extension. Given L we have a K-algebra homomorphism

ev : K[X] L sending X 7 , which we again call the evaluation map. We
10
say that L is a root of f K[X] provided that f () = 0; this is if and only

if X divides f as polynomials in L[X]. As before, a polynomial f K[X]
of degree d has at most d roots in L (with multiplicities).
Changing perspective, we say that L is algebraic over K provided it is the
root of some polynomial f K[X]; otherwise, we say that is transcendental
over K. We call a field extension L/K algebraic provided that every L is
algebraic over K.
The image of the evaluation map ev : K[X] L is a subring of L, so an
integral domain, which we denote by K[]. Moreover, since L is a field, the
quotient field K() of K[] is a subfield of L. We observe that K[] is the
smallest subring of L containing both K and , and similarly that K() is the
smallest subfield of L containing both K and .
Since the image of the evaluation map is an integral domain its kernel must be
a prime ideal of K[X].
Theorem 3.2. Let L/K be a field extension and L. Then there are two
possibilities:
1.
(i)
(ii)
(iii)
(iv)
is algebraic over K.
Ker(ev ) = (m/K ) for some monic irreducible polynomial m/K .
K() = K[].
[K() : K] = deg(m/K ) is finite.
2.
(i)
(ii)
(iii)
(iv)
is transcendental over K.
ev injective.
K() 6= K[].
[K() : K] is infinite.
Proof. By definition, is algebraic over K if and only if the kernel of the

evaluation map ev is non-zero, and then by Proposition 2.2 it is a maximal
ideal generated by a monic irreducible polynomial m/K . This in turn implies
that K[] = K[X]/(m/K ) is a field, so equals K(), and hence [K() : K] =
deg(m/K ) is finite.
On the other hand, is transcendental over K if and only if the kernel is
zero, or equivalently the evaluation map is injective. This in turn implies that
K[]
= K[X] is not a field, so K[] 6= K() and K() is infinite dimensional
over K.
This proves that, for both cases, (i) is equivalent to (ii), and these imply both (iii)
and (iv). Finally, if either K() = K[] or [K() : K] is finite, then cannot
be transcendental, so must be algebraic. Similarly, if either K() 6= K[] or
[K() : K] is infinite, then cannot be algebraic, so must be transcendental.
For a field extension L/K and an element L algebraic over K, we call the
monic irreducible polynomial m/K K[X] the minimal polynomial of
over K. It is uniquely determined by and K.
11
Corollary 3.3. Let L/K be a field extension, L algebraic over K, and

f K[X]. Then L is a root of f if and only if m/K divides f as
polynomials in K[X].
Proof. We know that is a root of f if and only if f () = 0, which is if and
only if f lies in the ideal Ker(ev ) = (m/K ).
The next result is important since it allows us to construct field extensions of
K without reference to any other field.
Corollary 3.4 (Kronecker). Let f K[X] be non-constant. Then there exists
a finite field extension L/K in which f has a root. In fact, we may assume that
[L : K] deg(f ).
Proof. Let g be a monic irreducible factor of f in K[X] and set L := K[X]/(g).
Then L is a finite-dimensional K-algebra, of dimension deg(g) deg(f ), and
since (g) is a maximal ideal it is also a field. Thus L/K is a finite field extension.
Set to be the image of X in L. Then the evaluation map ev/K has kernel
(g), so contains f . In other words, is a root of f in L.
Examples
1. C/R and i C. Then mi/R = X 2 + 1.
2. C/Q and 2 C. Then m2/Q = X 2 2.
3. C/R and 2 R. Then m2/R = X 2.

4. C/Q and = exp(2i/5) C. Then m/Q = X 4 + X 3 + X 2 + X + 1.
5. , e R are transcendental over Q (hard).
In fact, Hilberts Seventh Problem, from his address to the ICM in 1900, posed
the following problem:
If a and b are algebraic, with a 6= 0, 1 and b irrational, then is ab
necessarily transcendental?
This was provedin 1934, independently by Gelfond and Schneider. For example,

2
is transcendental (but note that (( 2) 2 ) 2 = 2 is again
the number 2
rational).
We remark that being algebraic or transcendental is a relative notion, since it
depends on the base field. For example, it is known that R is transcendental
over Q, but it is clearly algebraic over R. In fact, for any field K, K is
algebraic over K.
12
3.3
Intermediate Fields
Let L/K be a field extension. An intermediate field of L/K is a subfield E

of L containing K, in which case L/E/K is a tower of fields.
Given a subset S L, we write K[S] for the smallest subring of L containing
both K and S, and K(S) for the smallest such subfield. Note that K[S] is an
integral domain and K(S) is its quotient field.
This definition makes sense since if Ai are subrings (respectively
subfields) of L
T
containing K and S, then so too is their intersection i Ai .
If S = {1 , . . . , n } is a finite set, then we can describe K[S] = K[1 , . . . , n ]
as the image of the K-algebra homomorphism
K[X1 , . . . , Xn ] L,
Xi 7 i .
This extends the case discussed above of a single element K[].

We say that L/K is finitely generated provided L = K(1 , . . . , n ) for some
finite set of elements 1 , . . . , n . Every finite field extension is finitely generated, since if 1 , . . . , n is a K-basis for L, then clearly L = K(1 , . . . , n ). If
L = K(), then we say that the field extension L/K is simple, and call a
primitive element for the field extension.
If E and F are two intermediate fields of L/K, then we define their compositum EF to be the smallest subfield of L containing both of them. In the
notation above we have EF = E(F ) = F (E).
We remark that in all of the above constructions we need the ambient field
L. In particular, if we are given two field extensions E/K and F/K, there is
no natural way to construct a field extension L/K containing both E and F ;
we can only talk about the compositum EF when both E and F are already
subfields of some larger field L.
Remark
The definition of a compositum of two fields requires an ambient field. If E
and F are field extensions of K, we could instead consider the tensor product
E K F and take a maximal ideal I. Then E K F/I is again a field and we have
embeddings E, F E K F/I. The problem is that this definition depends on
the choice of I.
For example, if
3
E
=F
= Q[X]/(X 3 2)
= Q( 2),
then
E K F
= Q[X, Y ]/(X 3 2, X 3 Y 3 )

Q[X, Y ]/ X 3 2, (X Y )(X 2 + XY + Y 2 ) .
=
13
We have maximal ideals

I = (X 3 2, X Y )
and
J = (X 3 2, X 2 + XY + Y 2 ),
giving fields
3
E K F/I
= Q( 2),
= Q[X]/(X 3 2)
3
E K F/J
= Q( 2, ).
= Q[X, Z]/(X 3 2, Z 2 + Z + 1)
Here we have made the substitution Z = Y /X and written for a primitive
cube root of unity.
We observe that
[E K F/I : Q] = 3
and [E K F/J : Q] = 6,
so the fields are not isomorphic.
3.4
Primitive Element Theorem
Recall that a field extension L/K is simple if there exists some L such that
L = K(), in which case we call a primitive element for L/K. We now give
a useful criterion showing when a finite field extension is simple.
Theorem 3.5 (Primitive Element). Let L/K be a finite extension. Then L/K
is simple if and only if L/K has only finitely many intermediate fields.
Proof. Suppose first that L = K() is a finite and simple field extension of K.
Then is algebraic over K, say with minimal polynomial m = m/K K[X].
Consider the map sending an intermediate field F of L/K to the polynomial
m/F , viewed as a polynomial over L. Since is a root of m, we know that
m/F divides m over F , and hence also over L. Thus (F ) is a monic polynomial
dividing m over L, so the image of is a finite set.
We also have a map from the monic polynomials dividing m to the intermediate fields of L/K, sending the polynomial f = X n + an1 X n1 + + a1 X + a0
to the field F = K(a0 , a1 , . . . , an1 ) generated over K by the coefficients of f .
We wish to show that = id, so that is a left inverse for , and hence that
is injective. Since the image of is finite we deduce that L/K has only finitely
many intermediate fields.
Let F be an intermediate field of L/K and let f := (F ) = m/F be the
minimal polynomial of over F . Then L = F (), so [L : F ] = deg(f ). Now let
F 0 := (f ) be the intermediate field generated by the coefficients of f . Since
each coefficient of f lies in F we clearly have F 0 F , and so [L : F 0 ] [L :
F ] = deg(f ). On the other hand we also have L = F 0 (), and since is a root
of f F 0 [X] we must have [L : F 0 ] deg(f ). Thus [L : F 0 ] = deg(f ), so by the
Tower Law [F : F 0 ] = 1, whence F = F 0 . This proves that = id.
14
For the other direction, we separate the proof into two cases, depending on
whether or not K is an infinite field.
Let L/K be a finite field extension having only finitely many intermediate fields.
Suppose that K is an infinite field. We show that for any , L there exists
K such that K(, ) = K( + ).
For convenience set := + . Now, since L/K has only finitely many
intermediate fields, but K is infinite, there exist 6= K with K( ) =
K( ). Thus both
=
and =
lie in K( ), so that K(, ) = K( ). This proves the claim.

By induction, given 1 , . . . , n L, there exist 2 , . . . , n K such that
K(1 , . . . , n ) = K(1 + 2 2 + + n n ).
Since L/K is finite, it is finitely generated and hence simple.
If, on the other hand, K is a finite field, then so too is L, and hence L is a
cyclic group by the lemma below. Let be a generator for this group. Then
clearly L = K(), so L/K is simple.
It remains to prove the following lemma.
Lemma 3.6. Let G be a finite group such that, for all m 1, there are at most
m elements x G such that xm = 1. Then G is cyclic.
In particular, if G is a finite subgroup of the multiplicative group K of some
field K, then G is cyclic. If K is a finite field, then K is a cyclic group.
Proof. Write (m) for the number of elements in G of order m. If (m) > 0,
then there exists some element g G of order m, and so hgi G is a cyclic
group of order m. This contains m elements, all of which satisfy xm = 1, so by
our assumption on G these are the only such elements. We deduce that (m)
equals the number of generators of this subgroup, which we know is given by
Eulers totient (or phi) function:
(m) := |{1 d m : gcd(d, m) = 1}|.
It follows that (m) is either zero or equals (m).
Now, Lagranges P
Theorem tells us that every element in G has order dividing
n := |G|, so n = m|n (m). On the other hand, by considering the case of a
P
cyclic group, we know that n = m|n (m). Since (m) (m) for all m|n, we
deduce that (m) = (m) for all m|n. In particular, (n) = (n) > 0, so G has
an element of order n, so G is cyclic.
If K is a field, then there are at most m solutions to the equation X m = 1 in
K. Thus each finite subgroup of K is cyclic. If K is a finite field, then K
itself is a finite group, so cyclic.
15
Chapter 4
Field Embeddings
Let L be a field. Recall that a field automorphism of L is a bijective ring
homomorphism : L L. We denote the set of all field automorphisms of L
by Aut(L), and observe that this is a group under composition.
Let G Aut(L) be a subgroup of field automorphisms of L. We define its fixed
field to be
LG := {x L : (x) = x for all G}.
Note that LG is indeed a subfield of L.
Conversely, if K is a subfield of L, then we may consider the set of K-algebra
automorphisms, or simply K-automorphisms, of L
Gal(L/K) := { Aut(L) : (x) = x for all x K}.
Note that this is a subgroup of Aut(L). We call Gal(L/K) the Galois group
of the field extension L/K.
More generally, let F/K be another field extension. We write HomK (F, L) for
the set of K-algebra homomorphisms, or simply K-embeddings, F L
HomK (F, L) := { : F L : (x) = x for all x K}.
Recall that every such K-embedding is an injective linear map of K-vector
spaces. In particular, if L/K is finite, then HomK (L, L) = Gal(L/K).
The next proposition relates some of these concepts. As usual, given a group G
and a subgroup H G, we write (G : H) for the set of left cosets of H in G, and
[G : H] for the number of such cosets. Thus [G : H] = |G|/|H| by Lagranges
Theorem.
Proposition 4.1. Let L/F/K be a tower of field extensions.
1. Composing with the inclusion F , L gives an injection Gal(F/K) ,
HomK (F, L), whose image is precisely those field embeddings having image
F ; that is, the set of : F L with (F ) = F .
16
2. Gal(L/F ) Gal(L/K) is a subgroup, and restriction to F gives an injection Gal(L/K) : Gal(L/F ) , HomK (F, L).
Proof. 1. Composition with the inclusion map is clearly injective, and if
Gal(F/K), then clearly has image F . Conversely, if HomK (F, L)
has image F , then it restricts to a K-automorphism of F , so = and
Gal(F/K).
2. Since K F , any F -automorphism of L is necessarily a K-automorphism,
whence Gal(L/F ) Gal(L/K). Restriction to F now gives a map Gal(L/K)
HomK (F, L). Moreover, and restrict to the same K-embedding if and only
if 1 fixes F . This happens if and only if 1 Gal(L/F ), or equivalently
Gal(L/F ), giving the required injective map from left cosets to field
embeddings.
4.1
Artins Extension Theorem
Let F/K and L/K be finite field extensions. We saw above that we are interested in K-embeddings F L. One way of constructing these is to start with
the field embedding K L, and then to iteratively add in the elements of F .
More precisely, suppose that F = K(1 , . . . , n ), and set Fi := K(1 , . . . , i ).
Then Fi = Fi1 (i ) is a simple field extension, so if we have constructed a field
embedding i : Fi L, we just need to understand when we can extend this
to a field embedding i+1 : Fi+1 L. This is the content of Artins Extension
Theorem.
We need some terminolgy. Let F/K be a field extension and : K L a field
embedding. We say that a field embedding : F L extends provided that
(x) = (x) for all x K.
Theorem 4.2 (Artins Extension Theorem). Let K()/K be a finite, simple
field extension.
1. If L/K is another field extension, then the K-embeddings : K() L
are in bijection with the roots of m/K in L, the bijection being given by
7 ().
2. More generally, if : K L is a field embedding, then the extensions
: K() L of are in bijection with the roots of (m/K ) in L.
Proof. For convenience set m := m/K . We have a K-algebra isomorphism
K[X]/(m)
K() via X 7 . By the Factor Lemma we know that Kembeddings : K() L are in bijection with K-algebra homomorphisms
: K[X] L such that

(m) = 0. Now, each K-algebra homomorphism
: K[X] L is completely determined by the element :=

(X), in which
(m) = 0 if and only if is a root of m.
case
= ev , and then
17
For the general case we observe that is injective, so induces an isomorphism

of K with its image K 0 , say, and that L/K 0 is a field extension. We have a ring
isomorphism K[X]
= K 0 [X], which just acts via on the coefficients, and hence
a field isomorphism K[X]/(m)
= K 0 [X]/((m)). Using this isomorphism, field
embeddings K[X]/(m) L extending are in bijection with K 0 -embeddings
K 0 [X]/((m)) L, which we have just shown are in bijection with the roots of
(m) in L.
Examples
Artins Extension Theorem is actually very easy to use.
1. Let 2 C. Then m2/Q = X 2 2. This has roots 2 in C. We
therefore have
twoembeddings
Q( 2) C. These are given by the
identity 1 : 2 7 2 and 2 : 2 7 2.
In fact, both of these restrict to automorphisms of Q( 2), so
Gal(Q( 2)/Q)
= Z/2Z.
2. Let := exp(2i/3) = 12 (1 + i 3) C. This has minimal polynomial

m/Q = X 2 + X + 1, with roots and 2 =
. We therefore have
two embeddings Q() C given by the identity 7 and complex
conjugation 7
.
Again, both of these restrict to automorphisms of Q(), giving
Gal(Q()/Q)
= Z/2Z.
3. Let = 3 2 R. Then m/Q = X 3 2. This has a unique root in R, so

there is only the identity map Q() R. On the other hand, X 3 2 has
roots , , 2 in C, so we have three embeddings Q() C. These are
given by : 7 , : 7 and : 7 2 .
We have therefore shown that
Gal(Q()/Q) = {id}
and
HomQ (Q(), C) = {, , }.
In particular, we can have a strict inequality in Proposition 4.1 (1).
4. Consider the tower L/F/Q, where L = Q( 4 2) and F

= Q( 2).
Then
2
2. On
there are two embeddings
F
L,
given
as
in
(1)
by
4
the other hand,
2 has minimal polynomial X 4 2 over Q. This has
two real roots, 4 2, and two complex
roots,
i 4 2. Therefore there are
4
two automorphisms
of L, given by 2 7 4 2. Finally, both of these
necessarily fix 2, and hence F . Thus
4
4
Gal(Q( 2)/Q) = Gal(Q( 2)/Q( 2))
= Z/2Z.
18
In particular, we can have a strict inequality in Proposition 4.1 (2).
We observe that the field embedding 1 : F L, 2 7 2, can be

extended in two different
ways
to an automorphism of L, namely the
4
4
two automorphisms
2
2.
On the other hand, the field embedding
2 : F L, 2 7 2 cannot be extended to an automorphism of L.

This agrees
Theorem, since the
polyno with Artins Extension
minimal
2
2
mial of 4 2 over F is X 2 2 (why?).
Then
(X
2)
=
X
2, and
1
4
2
this has
two
roots
in
L,
namely
2.
On
the
other
hand,
(X
2) =
2
X 2 + 2, and this has no roots in L, since both its roots are complex.
6
6
5. Consider
instead M =3 Q( 2). Then the minimal polynomial of 2 over
1 (n) = n has exactly one root in M ,
F = Q( 2) is n := X 2. Then
6
3
namely
2,
and
(n)
=
X
2
also
has exactly one root in M , namely
+
2
6 2. Thus 1 and 2 can both be extended uniquely to automorphisms

of M .
6. We now compute all embeddings Q(, ) C, where = 3 2 and =

exp(2i/3) as above. We begin by noting that [Q(, ) : Q] = 6. For,
we know that [Q() : Q] = 2 and that [Q() : Q] = 3. It follows from
the Tower Law that both 2 and 3, and hence 6, divide [Q(, ) : Q].
On the other hand, we know that is a root of X 3 2 over Q(), so
[Q(, ) : Q()] 3, whence [Q(, ) : Q] 6.
In particular, X 3 2 is the minimal polynomial of over Q().
We have already computed all embeddings Q() C, namely the identity
and complex conjugation : 7 2 . Clearly both fix the minimal polynomial X 3 2 of , and since this polynomial has three distinct roots in
C, we see that both id and extend in three different ways to embeddings
Q(, ) C.
Finally, all of these embeddings restrict to automorphisms of Q(, ).
Therefore we have in fact computed the Galois group Gal(Q(, )/Q).
We list these six automorphisms in the table below, showing their actions
on and .
id
7
7
7
7
7
7 2
7 2
7
7 2
7
7 2
7 2
Note that still denotes complex conjugation. Also, the names exhibit
some of the compositions in the Galois group. For example,
2 () = () = ,
2 () = () = ()() = = 2 .
Similarly,
() = ( 2 ) = ()2 = 2 ,
19
() = () = .
Moreover, since
() = () = 2 ,
() = () = () () = 2 ,
we have that = 2 . Since we also have 3 = 2 = id we deduce

that the Galois group is isomorphic to Sym3 . We observe for later that
|Sym3 | = 6 = [Q(, ) : Q].
4.2
Linear Independence of Characters
Let G be a group and L a field. A character1 of G in L is a group homomorphism : G L . The trivial character is the group homomorphism
(g) = 1 for all g G.
Note that if : K L is a field embedding, then we obtain a character
: K L . In particular, all field automorphisms of L induce characters.
Given characters 1 , . . . P
, n of G in L and elements 1 , . . . , n ofP
L we may form
the linear combination i i i , sending g G to the element i i i (g) L.
This is a well-defined map, but is no longer a character of G. We say that
the characters i are linearly independent over L if the only solution to
P
i i i = 0 is when i = 0 for all i.
Theorem 4.3 (Dedekind). For any group G and field K, distinct characters
G K are linearly independent.
Pn
Proof. Suppose we have a non-trivial expression
i=1 i i = 0 for distinct
characters i and coefficients i K. Assume further that such an expression
has a minimum number of coefficients i , soPeach i is non-zero. Dividing
n1
through, we may assume that n = 1. Thus i=1 i i = n .
Now, since 1 and n are distinct, there exists g G such that 1 (g) 6= n (g).
Pn1
Set i := i (g) n (g) and consider the linear expression i=1 i i i . Then
for each h G we have
n1
X
i i i (h) =
i=1
n1
X
i i (g)i (h)
i=1
n1
X
n1
X
i n (g)i (h)
i=1
i i (gh) n (g)
n1
X
i i (h)
i=1
i=1
= n (gh) n (g)n (h) = 0,

Pn1
using that characters are multiplicative. It follows that i=1 i i i = 0, so we
have a new equation of linear dependence, but having fewer terms. Thus each
i i = 0, so each i = 0, but 1 = 1 (g) n (g) 6= 0, a contradiction.
We deduce that i = 0 for all i, so that the i are linearly independent.
1 Such a character is called an irreducible character of degree one in courses on group
representation theory.
20
Corollary 4.4. Let L/K and F/K be field extensions, and assume that F/K
is finite. Then | HomK (F, L)| [F : K].
In particular, if L/K is finite, then | Gal(L/K)| [L : K].
Proof. Let x1 , . . . , xn be a K-basis for F , and let 1 , . . . , m be distinct elements
of HomK (F, L). Form the matrix M := (i (xj )) Mmn (L), and view M t as
a linear map M t : Lm Ln . If m > n, then this has a non-zero kernel, so we
can find elements i L, not all zero, with
X
i i (xj ) = 0 for all j.
i
P
Since the xj form a K-basis for FP
and the i fix K, we deduce that i i i (x) =
0 for all x F , and hence that i i i = 0, contradicting the linear independence of the i . Thus m n, and hence | HomK (F, L)| [F : K].
21
Chapter 5
Galois Extensions
We saw in the previous section that if L/K is a finite field extension, then
Gal(L/K) is a finite group of size at most [L : K]. We call L/K a Galois extension provided | Gal(L/K)| = [L : K], which is to say that the field extension
L/K has the maximal amount of symmetry.
We remark that in Section 4.1, Example (1) we proved that Q( 2)/Q is a

Galois
extension with Galois group Sym2 , and in Example (6) we proved that
Q( 3 2, )/Q is a Galois extension with Galois group Sym3 .
On the other hand, Q( 3 2)/Q has no non-trivial automorphism by Example (3),

but has degree 3, so is not Galois.
We begin by showing that Galois extensions arise as fixed fields of field automorphisms.
Proposition 5.1. Let L be a field and G Aut(L) a finite group of field
automorphisms of L. Set K := LG to be its fixed field. Then L/K is a Galois
extension, and Gal(L/K) = G.
Proof. Clearly G Gal(L/K). We will show that |G| [L : K]; hence L/K is
a finite extension, and since by Corollary 4.4 we have [L : K] | Gal(L/K)|, it
follows that L/K is Galois and G = Gal(L/K).
The proof is similar in style to that of Theorem 4.3.
Let G = {1 , . . . , m } and take x1 , . . . , xn L, linearly independent over K.
Form the matrix M = (i (xj )) Mmn , and view it as a linear map M : Ln
Lm . If m < n, then this has non-trivial kernel, so there exist j L, not all
zero, with
X
j i (xj ) = 0 for all i.
j
Take such a solution having a minimal number of non-zero terms. Dividing

through and renumbering, we may assume that n = 1.
22
P
Now, the j cannot all lie in K, since otherwise i ( j j xj ) = 0, whence
P
j j xj = 0, contradicting the linear independence of the xj . So without loss
of generality we may assume that 1 6 K. Next, since K = LG , we have
(1 ) 6= 1 for some G. Applying to our list of equations, and using that
G = {i }, we get
X
(j )i (xj ) = 0 for all i.
j
Subtracting then gives

X
j i (xj ) = 0
for all i,
where j := j (j ).
Since n = 0, this has fewer non-zero terms, so by minimality j = 0 for all j.

On the other hand, 1 6= 0, a contradiction.
We conclude that m n, and so |G| [L : K].
Corollary 5.2. Let L/K be a Galois extension with Galois group G. Then
K = LG .
Proof. Since L/K is a Galois extension we have |G| = [L : K], and so G is a
finite group. Then, by the proposition, |G| = [L : LG ]. Clearly K LG , so the
Tower Law gives us that [LG : K] = 1, whence LG = K.
We observe that L/K is Galois if and only if K is the fixed field of Gal(L/K).
This condition is used by some authors as the definition of a Galois extension.
5.1
The Galois Correspondence
The next theorem is of great importance: it states that intermediate fields of

Galois extensions correspond to subgroups of the Galois group. In particular,
there are only finitely many intermediate fields.
Theorem 5.3 (Fundamental Theorem of Galois Theory). Let L/K be Galois
with Galois group G. Then there exists a bijection
{subgroups of G}
{intermediate fields of L/K}
LH
Gal(L/F )
In particular, for each intermediate field F , the extension L/F is Galois.

Proof. Let H be a subgroup of G and set F := LH . Since H is a subgroup of
G = Gal(L/K) we know that K F , so that F is an intermediate field of L/K.
Moreover, H is a finite group (since G is), so we can apply Proposition 5.1 to
23
deduce that L/F is Galois with Galois group H. This proves that Gal(L/LH ) =
H.
Conversely, let F be an intermediate field of L/K and set H := Gal(L/F ).
Since K F , we see that H fixes K, and so H is a subgroup of G. Now, by
Corollary 4.4 we know that [L : F ] |H| and [F : K] | HomK (F, L)|, whereas
by Proposition 4.1 we know that | HomK (F, L)| [G : H]. We can now use the
Tower Law to deduce that
[L : K] = [L : F ][F : K] |H|[G : H] = |G|.
Since L/K is Galois we have |G| = [L : K], and so we must have equality above.
It follows that |H| = [L : F ], and thus L/F is Galois with Galois group H.
Hence H has fixed field F by Corollary 5.2.
For convenience we record the following result, shown during the above proof
and improving Proposition 4.1.
Corollary 5.4. Let L/K be Galois with Galois group G. Let F be an intermediate field of L/K and set H := Gal(L/F ). Then there is a bijection
(G : H)
= HomK (F, L), with both sides having size [F : K].
The next result investigates the correspondence between subgroups and intermediate fields more closely.
We need some terminology. If F is an intermediate field of a Galois extension
L/K, then we call Gal(L/F ) the Galois group associated to F .
Theorem 5.5 (Galois Correspondence). Let L/K be Galois with Galois group
G. Let H, Hi be subgroups of G, with fixed fields F, Fi .
1. H1 H2 if and only if F1 F2 .
2. H1 H2 has fixed field the compositum F1 F2 .
3. F1 F2 has associated group hH1 , H2 i.
4. If G, then (F ) has associated group H 1 .
5. F/K is Galois if and only if (F ) = F for all G, which is if and
only if H C G is a normal subgroup. In this case, F/K has Galois group
(isomorphic to) G/H.
Recall that if H1 , H2 G are subgroups, then we write hH1 , H2 i for the smallest
subgroup of G containing both H1 and H2 .
Proof. 1. If H1 H2 , then everything fixed by all elements of H2 is necessarily
fixed by all elements of H1 , so F1 F2 . Conversely, if F1 F2 , then every
automorphism fixing all elements of F1 necessarily fixes all elements of F2 , so
H1 H2 .
24
2. Let H1 H2 have fixed field M , and let F1 F2 have associated Galois group
B. Since F1 F2 Fi we have B Hi , and hence B H1 H2 . Conversely,
since H1 H2 Hi we have M Fi , and hence M F1 F2 . Applying (1) then
gives H1 H2 B. Thus B = H1 H2 and M = F1 F2 .
3. This is similar. Let hH1 , H2 i have fixed field M , and let F1 F2 have associated Galois group B. Since Fi F1 F2 we have Hi B, and hence
hH1 , H2 i B. Conversely, since Hi hH1 , H2 i we have Fi M , and hence
F1 F2 M . Applying (1) then gives B hH1 , H2 i. Thus B = hH1 , H2 i and
M = F1 F2 .
4. The Galois group associated to (F ) consists of all automorphisms such
that (x) = (x) for all x F , or equivalently 1 (x) = x for all x F .
Thus Gal(L/(F )) if and only if 1 Gal(L/F ) = H, which is if and
only if H 1 .
5. By (4) we know that H is a normal subgroup if and only if (F ) = F for all
G. Next, by Corollary 5.4 we have a bijection (G : H)
= HomK (F, L), so
every K-embedding F L is the restriction to F of some element in G. Thus
H is normal if and only if every K-embedding : F L has image F .
On the other hand we have an inclusion : Gal(F/K) , HomK (F, L) by Proposition 4.1, whose image is precisely those satisfying (F ) = F . Therefore H
is normal if and only if is a bijection, and since | HomK (F, L)| = [F : K] by
Corollary 5.4, this is equivalent to | Gal(F/K)| = [F : K], and hence to F/K
being Galois.
Finally, if this holds, then we have a (set-theoretic) bijection G/H
= Gal(F/K).
This sends a coset H to its restriction : F L, which we know has image
F so lies in Gal(F/K). An easy check shows that this bijection respects the
multiplication and preserves the identity, so is a group isomorphism.
Remarks
The first statement says that the bijection between subgroups of G and intermediate fields of L/K is inclusion-reversing. The next two statements say
that the bijection preserves the lattice structure.
Later we will introduce the notion of a normal field extension, and then (5) says
that H is a normal subgroup if and only if F/K is a normal field extension. In
fact, this is the origin of the term normal subgroup.
We have the following two pictures representing properties (2) and (3) above.
25
{1}
F1 F2
H1 H2
F2
F1
Galois
correspondence
H2
H1
F1 F2
hH1 , H2 i
Example
Set = 3 2 and = exp(2i/3). We know that the field extension Q(, )/Q
is Galois with Galois group Sym3 . Moreover, the automorphisms are given by
id
7
7
7
7
7
7 2
7 2
7
7 2
7
7 2
7 2
Now, the proper subgroups of Sym3 are {id}, the group of order three hi, and
the three groups of order two h i, h i, h 2 i.
The subgroup hi has fixed field Q(). For, fixes , so Q() is contained in
the fixed field. On the other hand, the subgroup has index two, and Q()/Q
has degree two, so we must have equality.
The subgroup h i has fixed field Q(). For, fixes , and we can again argue
by degrees.
Similarly, the subgroup h i has fixed field Q( 2 ), and h 2 i has fixed field
Q().
We usually display this by drawing the lattices of subgroups and intermediate
fields.
{1}
h i
L = Q(, )
h i
h 2 i
Q() Q( 2 ) Q()
hi
Q()
S3
Note that hi = Alt3 is a normal subgroup, and that Q()/Q is Galois.

26
5.2
Transitive Group Actions
Let a group G act on a set X. We say that the action is transitive provided
that, for x, y X there exists g G with g(x) = y. We are going to show
that if L/K is a Galois extension with Galois group G, then for each L its
minimal polynomial m/K splits into distinct linear factors over L and G acts
transitively on the roots.
Proposition 5.6. Let L/K be Galois with Galois group G. Let L and set
d = [L : K()]. Then
Y

X () = (m/K )d .
G
Moreover, m/K splits into distinct linear factors over L.

Proof. Set f :=
(f ) =

X () . If G, then
Y
Y

X () =
X () = f.
Thus every coefficient of f is in the fixed field of G, so f K[X].

Consider H := Stab() = { G : () = }. Then clearly H = Gal(L/K()),
so d := |H| = [L : K()] and [G : H] = [K() : K].
Q If we take coset representatives i for H in G, then f = md , where m = i X i () . Note that m
is a monic polynomial of degree [G : H] = [K() : K], and splits into distinct
linear factors over L. Moreover, since each G just permutes the roots of f ,
the same is true for m. Thus (m) = m for all G, so m K[X]. Finally,
since is a root of m, we conclude that m = m/K .
We say that two elements and of L are K-conjugates if they have the
same minimal polynomial over K.
Corollary 5.7. Let L/K be Galois with Galois group G. Then , L are
K-conjugates if and only if there exists G with () = . In particular, G
acts transitively on the roots of m/K .

Q
Proof. We have just seen that m/K = i X i () , where i are coset
representatives for Gal(L/K()) in G. Now, is a K-conjugate of if and only
if it is a root of m/K , which is if and only if it is of the form () for some
G.
27
Chapter 6
Calculating Galois Groups

6.1
Example 1
Consider the irreducible polynomial f = X 4 2 Q[X] and set := 4 2 R.

Over the complex numbers f has roots , i. Set L = Q(, i). We will show
that L/Q is Galois with Galois group D8 , the dihedral group of order eight, or
symmetry group of a square.
There are four embeddings Q() L given by 7 im for 0 m < 4. Also,
since R we see that i 6 Q(), and hence that i has minimal polynomial
X 2 +1 over Q(). By Artins Extension Theorem, each embedding 7 im can
be extended in two ways by i 7 i. This gives the eight elements of Gal(L/Q)
7 im
i 7 i
and
7 im
i 7 i.
Set to be the map 7 i, i 7 i and to be the map 7 , i 7 i. Then

has order four, is complex conjugation, so has order two, and = 3 .
Hence Gal(L/Q)
= D8 , the dihedral group of order 8, or the symmetry group
of a square.
In fact, the four roots im of f in C form the four vertices of a square, with
diagonals along the real and imaginary axes. In this picture, is just the
rotation anticlockwise by /2 and is reflection in the real axis.
28
As usual we draw the lattices of subgroups and intermediate fields. Note that
all inclusions of subgroups have index 2.
{1}
h 2 i
L = Q(, i)
h i
h 2 i
h i
h 2 , i
hi
h 2 , i
h 3 i
Q(i)
Q() Q(2 , i)
Q(2 )
D8
Q(i)
To find the fixed fields we can proceed as follows. Clearly fixes i, so Q(i) is
contained in the fixed field of hi. On the other hand, hi has index two in D8
and Q(i)/Q has degree two, so Q(i) is the fixed field of hi.
Similar reasoning shows that h i has fixed field Q().
We now apply the Galois Correspondence. Using that h i 1 = h 1 i =
h 2 i, we see that h 2 i has fixed field Q(()) = Q(i).
Next, the subgroup h, 2 i = h 2 , i has fixed field the intersection Q()
Q(i). This equals Q(2 ), since we obviously have one inclusion and the degrees
coincide. It now follows that the group h 2 i = hi h 2 , i has fixed field
Q(2 , i).
It remains to calculate the intermediate fields E, F and G.
The subfield G is contained in Q(2 , i) = Q( 2, i), and

we have seen such field
extensions before. We deduce that G = Q(i2 ) = Q(i 2).
Consider . Viewing the four roots im of f as the points of a square in
C, we observe that swaps and i, and hence fixes the midpoint (1 + i)
of the side connecting with i. Now, (1 + i) has four distinct conjugates
(1+i), (1i), so Q((1+i))/Q has degree four, and hence E = Q((1+i)).
Finally, we can conjugate by to deduce that F = (E) = Q((1 i)).
We seem to have lost some symmetry in our diagram of intermediate fields, but
we can reclaim this by applying some more thought to the fields E and F . We
begin by noting that the primitive eighth root of unity := exp(2i/8) can be
written as
1+i
1+i
= =
.
2
2
It follows that L = Q(, ). Furthermore, 2 = i and 2 = + 1 , so Q(2 , i) =
Q(). Also, F is generated by
1+i
2
=
= ,
(1 i)
29
and similarly E is generated by

3
2
=
= 1 = 3 .
(1 + i)
1+i
Observe that
1+i
=
2
() =
and () =
1i
= 1 .
2
We can therefore rewrite the lattice of intermediate fields as

Q(, )
Q( 2 )
Q()
Q()
Q( 3 )
Q(2 )
Q( 2 )
Q(2 2 )
Q
The proper normal subgroups of D8 are
h 2 , i,
hi,
h 2 , i,
hi,
and so their respective fixed fields are Galois over Q

Q(2 ),
Q(i),
Q(i2 ),
30
Q().
Q()
6.2
Example 2
Let = (2 + 2)(3 + 3). We will show that L = Q() is Galois over Q and
has Galois group Q8 , the quaternion group.
2
2
Observe
that = (2 + 2)(3 + 3) = 6 + 3 2 + 2 3 + 6. Thus Q( )
Q( 2, 3), which we know is Galois over Q with Galois group V = (Z/2Z)2 .

We can write V = {1,
, ,
}, where
( 2) = 2
( 2) = 2
and
( 3) = 3
( 3) = 3.
Consider the four conjugates of 2
6 + 3 2 + 2 3 + 6, 6 3 2 + 2 3 6
6 + 3 2 2 3 6, 6 3 2 2 3 + 6.

Since {1, 2, 3, 6} is a Q-basis for Q( 2, 3), we observe that
these
four
elements are all distinct. Thus 2 is a primitive element for Q( 2, 3). In
particular, Q(2 )/Q is Galois with Galois group V .
Clearly [Q()
Q(2 )] 2, so to prove equality, we must show
that
6
:
2
Q( ) = Q( 2, 3). Suppose for a contradiction that Q(2, 3) and
consider
(). This must lie in the fixed field of h
i, namely Q( 2). On the
other hand
(
())2 = 2 (2 ) = (2 + 2)(3 + 3) (2 + 2)(3 3) = 6(2 + 2)2 .
Thus
2
()
()
Q( 2).
and hence
6=
2+ 2
2+ 2
This yields the required contradiction. Therefore [Q() : Q] = 8.

6=

We have shown that
the minimal
polynomial of over Q(2 ) = Q( 2, 3) is
simply X 2 (2 + 2)(3 + 3). By Artins Extension Theorem we can extend

each of the four embeddings Q(2 ) C, given by the elements of V , in two
ways. This gives the eight possible embeddings Q() C
q
7 (2 2)(3 3),
where we can choose the signs independently of one another.
Observe that we can now find the minimal polynomial of over Q, since this is
the polynomial of degree eight having precisely these roots. We calculate
m := m/Q = X 8 24X 6 + 144X 4 288X 2 + 144.
Now,
q
2 2=
(2 2)(2 + 2)
2
2 2+ 2
2+ 2
p
=p
=
=
2+ 2
1+ 2
2+ 2
2+ 2
31
and similarly
6
2 3+ 3
=
3 3= p
.
1+ 3
3+ 3
Therefore
1+ 2
(2 + 2)(3 3) =
1+ 3
2 6
2 3
(2 2)(3 3) =
=
and since Q(2 ) = Q( 2, 3), we see that 2, 3, 6 Q(), and hence each
of the roots lies in Q(). We conclude that each embedding Q() C has
image Q(), so restricts to an automorphism of Q(). Thus Gal(Q()/Q) has
order eight and so Q()/Q is Galois.
q
(2
2)(3 +
3) =
We now show that the Galois group is isomorphic to the quaternion group Q8 .
Define to be the following extension of
.
3 7 3, 7 (2 2)(3 + 3) =
: 2 7 2,
1+ 2
Similarly define to be the following extension of
:
2 7
2,
3 7 3,
q
(2 +
2)(3
2
.
3) =
1+ 3
Then
/(1 + 2)
()
=
=
() =
(1 + 2)
1 2
( 2)
2/(1 + 3)
=
2 () =
= .
(1 + 3)
1 3
Hence 2 = 2 and 4 = 1. Also ( 3) = 3 and
( 2)
2/(1 + 2)
2
2 3
=
=
() =
,
=
(1 + 3)
1+ 3
(1 + 2)(1 + 3)
2
so ( )2 () = . It follows from the discussion below that Gal(Q()/Q)

= Q8 .
We recall that the quaternions are given as
H := {a + bi + cj + dk : i2 = j 2 = k 2 = ijk = 1,
a, b, c, d R}.
This is a non-commutative R-algebra. Note that ij = k, jk = i and ki = j,

whereas ji = k, kj = i, ik = j.
32
The quaternion group Q8 is given as the multiplicative subgroup

Q8 := {1, i, j, k} H.
This has the presentation
Q8 = hi, j : i2 = j 2 = (ij)2 , i4 = 1i,
so Q8
= Gal(Q()/Q) via i 7 and j 7 .
We next compute all possible subgroups of Q8 .
The subgroup Z = h1i is central, so normal, and the quotient group Q8 /Z
is isomorphic to the Klein four group V
= (Z/2Z)2 . The Third Isomorphism
Theorem now tells us that the subgroups of Q8 containing Z are in bijection
with the subgroups of V . This yields the subgroups hii, hji and hki, each of
which is isomorphic to Z/4Z. In fact, together with Z, these are the only proper
subgroups of Q8 . For, let H Q8 be a proper subgroup and take 1 6= h H.
Then either h2 = 1, or else h2 = 1 and so h = 1. In either case we see that
1 H, so Z H and H is on our list.
We can now draw the lattices of subgroups and intermediate fields. Again, all
inclusions of subgroups have index 2.
h i
{1}
Q()
h 2 i

Q( 2, 3)
hi
Q( 2)
h i
Q8
Q( 3)
Q( 6)
For, we know that fixes 3,

so by degrees Q( 3) is the fixedfield of hi.
Similarly, h i has fixed field Q( 2) and h i has fixed field Q( 6). Finally,
by
the
Galois Correspondence, the intersection hi h i = h 2 i has fixed field
Q( 2, 3).
Note that all subgroups are normal, so all intermediate fields are Galois over Q.
33
Chapter 7
Some Applications
We now consider two particular cases of Galois extensions.
7.1
Symmetric Functions
Let k be a field. Let k[t1 , . . . , tn ] be a polynomial ring over k with n indeterminates, and set L := k(t1 , . . . , tn ) to be its quotient field. Alternatively we
can construct L via a sequence of simple transcendental field extensions: setting ki := k(t1 , . . . , ti ) we see that ki = ki1 (ti ) is a simple transcendental field
extension.
The symmetric group Symn acts on the set {t1 , . . . , tn } via (ti ) := t(i) . This
therefore extends to a k-algebra automorphism of k[t1 , . . . , tn ]. Note that Symn
acts faithfully, in the sense that (f ) = f for all f implies = id.
Using that L is the quotient field of k[t1 , . . . , tn ] we deduce that Symn acts on L
as k-automorphisms. In other words we have an injective group homomorphism
Symn Gal(L/k). We can now apply Proposition 5.1 to deduce that L/LSymn
is a Galois extension with Galois group Symn . The fixed field LSymn is called
the field of symmetric functions.
For 1 r n define
X
sr :=
ti1 tir ,
i1 <<ir
so that in particular
s1 = t1 + t2 + + tn
and sn = t1 t2 tn .
We can view the summands of sr as being indexed by the r-element subsets of

{1, . . . , n}. Since the group Symn acts transitively on the set of all r-element
subsets we see that each sr is fixed by Symn , so lies in the fixed field. We set
K := k(s1 , . . . , sn ),
34
the subfield of L generated over k by the elements s1 , . . . , sn .

Theorem 7.1 (Fundamental Theorem of Symmetric Functions). The extension
L/K is Galois with Galois group Symn . In particular, any symmetric function
(a rational function of the ti which is fixed by Symn ) can be expressed as a
rational function of the si .
Moreover, any symmetric polynomial (a polynomial in the ti which is fixed by
Symn ) can be expressed as a polynomial in the si . Hence the fixed ring of
k[t1 , . . . , tn ] is k[s1 , . . . , sn ].
Proof. As observed above, L/LSymn is a Galois extension with Galois group
Symn , so [L : LSymn ] = |Symn | = n!. We also have K LSymn , so [L : K] n!.
It therefore suffices to prove that [L : K] n!, for then [L : K] = n!, and so
K = LSymn .
Set Ki := K(t1 , . . . , ti ). Then Ki = Ki1 (ti ), so by the Tower Law it is enough
to show that [Ki+1 : Ki ] n i. Consider the polynomial
f := (X t1 )(X t2 ) (X tn ) = X n s1 X n1 + s2 X n2 + + (1)n sn .
Then f K[X]. Moreover, since t1 , . . . , ti Ki we deduce that
fi := (X ti+1 ) (X tn ) = f /(X t1 ) (X ti ) Ki [X].
Now, ti+1 is a root of the polynomial fi , so [Ki+1 : Ki ] = [Ki (ti+1 ) : Ki ]
deg(fi ) = n i as required.
This proves that [L : K] n!, and hence that K = LSymn is the fixed field.
To prove the second statement we set S := k[s1 , . . . , sn ]. Then S is a subring
of K, so an integral domain, and clearly K is the quotient field of S. More
generally, set Si := S[t1 , . . . , ti ], so that Si is a subring of Ki and has quotient
field Ki .
We saw above that f0 = f S[X]. Moreover, since each polynomial (X
t1 ) (X ti ) Si [X] is monic and divides f over Ki , we must have that
fi = f /(X 1) (X ti ) Si [X].
We claim that any polynomial in k[t1 , . . . , tn ] can be written as a sum of elements
of the form gm, where g S and
m M := {ta1 1 tann : 0 ai < n i}.
Take a polynomial h k[t1 , . . . , tn ]. Since tn is a root of fn1 Sn1 [X] and
fn1 has degree one, we can replace any occurrence of tn with an element of
Sn1 . Similarly, since tn1 is a root of fn2 Sn2 [X] and fn2 has degree
two, we can replace all occurrences of tdn1 for d > 1 by a linear polynomial
in tn2 with coefficients in Sn2 . Continuing in this way, we can use that
fi1 Si1 [X] to replace all occurrences of tdi for d > n i by a polynomial of
degree n i in ti with coefficients in Si1 . Doing this for all i = n, . . . , 1, we
can express h in the given form, proving the claim.
35
It follows that the monomials in M form a K-basis of L. For, [L : K] = n! =

|M|, so it is enough to show that they span. Any element in L canQbe written
:=
as a fraction g/h with g, h k[t1 , . . . , tn ] and h 6= 0. Set h
6=id (g),
so that H := hh is fixed by Symn , so lies in K, and G := g h k[t1 , . . . , tn ].

Now, g/h = G/H and we have just shown that G can be written as a K-linear
combination of elements in M. Thus the same is true of G/H = g/h, so M is
a spanning set as required.
Finally, let h k[t1 , . . . , tn ] be a symmetric polynomial. Then h K, and also
h is an S-linear combination of elements in M. Since M is a K-basis, these two
expressions must agree, so h S.
It is instructive to see an example of this procedure. Take n = 3. We wish to
write the polynomial h := t21 t3 + t32 as an S-linear combination of elements of
M, where S = k[s1 , s2 , s3 ] and M = {1, t1 , t2 , t21 , t1 t2 , t21 t2 }.
We have the polynomials
f0 = (X t1 )(X t2 )(X t3 ) = X 3 s1 X 2 + s2 X s3
f0
= X 2 (s1 t1 )X + (s2 s1 t1 + t21 )
f1 = (X t2 )(X t3 ) =
X t1
f1
= X (s1 t1 t2 )
f2 = X t3 =
X t2
It follows that we can make the following replacements
t3 = s1 t1 t2
t22 = (s1 t1 )t2 (s2 s1 t1 + t21 )
t31 = s1 t21 s2 t1 + s3
Replacing t3 in h gives
h = s1 t21 t31 t21 t2 + t32 .
We next observe that
t32 = t2 t22 = (s1 t1 )t22 (s2 s1 t1 + t21 )t2
= (s1 t1 )2 t2 (s1 t1 )(s2 s1 t1 + t21 ) (s2 s1 t1 + t21 )t2
= (s21 s2 s1 t1 )t2 (s1 s2 s21 t1 s2 t1 + 2s1 t21 t31 ).
Substituting in gives
h = (s21 s2 s1 t1 t21 )t2 + (s1 s2 + s21 t1 + s2 t1 s1 t21 )
= s1 s2 + (s21 + s2 )t1 + (s21 s2 )t2 s1 t21 s1 t1 t2 t21 t2 .
36
7.2
The J-Invariant
We wish to define an action of the group Sym3 on the field k(t). Recall that
Sym3 has the presentation
Sym3 = h, : 3 = 2 = ( )2 = idi.
Consider the k-algebra homomorphisms
, : k[t] k(t),
(t) := (1 t)1 ,
(t) := t1 .
Since (1 t)1 and t1 are both transcendental over k, these k-algebra homomorphisms extend to k-embeddings
, : k(t) k(t).
Moreover, a quick check reveals that 3 = 2 = ( )2 = id, so we obtain that
Sym3 acts as on k(t) as k-automorphisms. In other words we have a group
homomorphism Sym3 Gal(k(t)/k). Finally, computing g(t) for all g Sym3
shows that this action is faithful, so the group homomorphism is injective.
Let L = k(t) and K = LSym3 . Then Proposition 5.1 tells us that L/K is Galois
with Galois group Sym3 .
Theorem 7.2. We have K = k(J), where J =
(t2 t + 1)3
.
t2 (t 1)2
Proof. A short calculation gives that both (J) = J and (J) = J, so that J
lies in the fixed field K. Since L/K is Galois with Galois group Sym3 we know
that [L : K] = |Sym3 | = 6, so [L : k(J)] 6. It is therefore enough to show
that [L : k(J)] 6. For this, we just observe that t is a root of the polynomial
(X 2 X + 1)3 JX 2 (X 1)2 k(J)[X].
In other words, the set of functions f k(t) for which
f (t) = f ((1 t)1 ) = f (t1 )
is precisely the field k(J) of functions in J.
We remark that
(X 2 X + 1)3 JX 2 (X 1)2 =

X g(t) .
gSym3
For, t, and hence each g(t) for g Sym3 , is a root of the left-hand side, which
is a monic polynomial of degree six.
We can view
: t 7 (1 t)1 and : t
7 t1
as functions on C \ {0, 1}. In fact, we can even extend these to functions on the
Riemann Sphere P1 := C {}. This defines an action of Sym3 on P1 .
37
Proposition 7.3. Two numbers , P1 lie in the same Sym3 orbit if and
only if J() = J().
Proof. Since J is in the fixed field we have J(g()) = J() for all g Sym3 .
Conversely, suppose that J() = J() 6= . Then is a root of the polynomial
Y
(X 2 X + 1)3 J()X 2 (X 1)2 =
(X g()).
gSym3
Finally, if J() = , then {0, 1, } and these three points form a single
Sym3 orbit.
This action of Sym3 on P1 arises in the definition of the cross-ratio. Recall
that the cross-ratio of four complex numbers may be defined as
[z1 , z2 ; w1 , w2 ] :=
(z1 w1 )(z2 w2 )
P1 := C {}.
(z1 w2 )(z2 w1 )
However, reordering the four complex numbers generally gives a different value.
In fact, the symmetry group Sym4 acts on the quadruple (z1 , z2 , w1 , w2 ) by
place-permutation. Since
[z1 , z2 ; w1 , w2 ] = [z2 , z1 ; w2 , w1 ] = [w1 , w2 ; z1 , z2 ] = [w2 , w1 ; z2 , z1 ]
we see that the subgroup
V := {id, (12)(34), (13)(24), (14)(23)}
acts trivially. Now V C S4 is a normal subgroup and the factor group is isomorphic to Sym3 . If we define := [z1 , z2 ; w1 , w2 ], then
[z1 , w1 ; w2 , z2 ] = (1 )1 = ()
and
[z1 , z2 ; w2 , w1 ] = 1 = (),
so we recover the action of Sym3 on P1 .

The function J is important in the study of elliptic curves. The Legendre
normal form of an elliptic curve E is
Y 2 = X(X 1)(X )
with C \ {0, 1}.
Moreover, two elliptic curves E, E 0 are isomorphic if and only if the numbers
, 0 lie in the same Sym3 -orbit, so if and only if J() = J(0 ). We therefore
define J(E) := J(), and this parameterises the isomorphism classes of elliptic
curves. (It is common to define j(E) := 28 J(E) and declare this to be the
j-invariant of the elliptic curve E.)
For more interesting facts about cubics, elliptic curves and Sym3 , try here.
38
Chapter 8
Normal Extensions
Recall from Proposition 5.6 that if L/K is Galois, then for every L, its
minimal polynomial over K splits over L. In this chapter we investigate this
property further.
8.1
Splitting Field Extensions
Let L/K be a field extension and f K[X] a non-constant polynomial. We

say that f splits over L provided it factorises as a product of linear polynomials
over L; equivalently if f has deg(f ) roots in L (counted with multiplicities).
We say that L/K is a splitting field extension for f provided that f splits
over L, but not over a proper intermediate field of L/K.
Lemma 8.1. Let L/K be a field extension, f K[X] and assume that f splits
over L. Then there is a unique intermediate field of L/K which is a splitting field
extension for f , namely E = K(1 , . . . , n ), where 1 , . . . , n are the distinct
roots of f in L.
Proof. Let F be an intermediate field of L/K. Then f splits over F if and only
if F contains every root of f , which is if and only if F contains E. In particular,
f splits over E, but not over any intermediate field of E/K, so that E/K is a
splitting field extension for f .
We can combine the previous lemma with Kroneckers Theorem and induction to
prove that splitting field extensions always exist, and then use Artins Extension
Theorem to prove that they are unique up to isomorphism.
Theorem 8.2 (Existence and Uniqueness of Splitting Field Extensions). Let
f K[X] be non-constant. Then there exists a splitting field extension L/K of
f , and [L : K] deg(f )!. Moreover, if L0 /K is another splitting field extension
of f , then there exists a K-isomorphism L

L0 .
39
More generally, let : K

K 0 be a field isomorphism, L/K a splitting field
0
0
extension for f , and L /K a splitting field extension for (f ). Then there exists
a field isomorphism L
L0 extending .
Proof. Existence. By Kroneckers Theorem there exists a simple field extension K(1 )/K of degree at most deg(f ) such that 1 is a root of f . This is
constructed by taking an irreducible factor m of f , forming the field extension
K[X]/(m) of K, and letting 1 be the image of X.
Now, over K(1 ), we can write f = (X 1 )g, and deg(g) = deg(f ) 1. By
induction on degree there exists a splitting field extension L/K(1 ) for g, and
[L : K(1 )] deg(g)!. It follows from the Tower Law that [L : K] deg(f )!.
Let 2 , . . . , n be the roots of g in L. Since L/K(1 ) is a splitting field extension
for g we must have by the previous lemma that
L = K(1 )(2 , . . . , n ) = K(1 , . . . , n ).
Now, 1 , . . . , n are the roots of f in L, so by the previous lemma once more
we obtain that L/K is a splitting field extension for f .
Uniqueness. We want to apply the same kind of induction argument to prove
uniqueness, which is why we need the more general statement concerning isomorphisms extending , and not just K-isomorphisms.
Suppose that : K
K 0 is a field isomorphism and that L0 /K 0 is a splitting
0
field extension of f := (f ) K 0 [X].
Let L be a root of f , and let m = m/K be the minimal polynomial of
over K. Then m K[X] is a factor of f , so (m) K 0 [X] is a factor of f 0 .
Since f 0 splits over L0 , so too does (m). Let 0 L0 be a root of (m). Set
E := K() and E 0 := K 0 (0 ). By Artins Extension Theorem the map 7 0
induces a field isomorphism : E

E 0 extending .
Now, over E, we can write f = (X )g and L/E is a splitting field extension of
g. Similarly, over E 0 , we can write f 0 = (X 0 )g 0 and L0 /E 0 is a splitting field
extension of g 0 . Since (f ) = f 0 and () = 0 , we must have that (g) = g 0 .
We therefore have a field isomorphism : E

E 0 , a splitting field extension
L/E of g E[X], and a splitting field extension L0 /E 0 of g 0 := (g). By
induction on degree we can extend to a field isomorphism : L

L0 .
Finally, since extends : K

K 0 , so too does .
We can also define splitting field extensions of sets of polynomials S K[X].
This is a field extension L/K over which every f S splits, but where no
intermediate field has this property.
Corollary 8.3. Let S K[X] be a finite subset. Then there exists a splitting
field extension for S over K, and this is unique up to isomorphism.
Proof. If S = {f1 , . . . , fn }, then L/K is a splitting field extension for S if and
only if it is a splitting field extension for f = f1 fn .
40
A much harder result is that splitting field extensions exist and are unique up
to isomorphism for arbitrary subsets S K[X]. This follows from the existence
of the algebraic closure of a field. See Chapter 14.
8.2
Normal Extensions
An algebraic field extension L/K is called normal if, for all L, its minimal
polynomial m/K splits over L.
We begin by relating normal extensions to the seemingly weaker condition of
splitting field extensions.
Theorem 8.4. A finite field extension L/K is normal if and only if it is a
splitting field extension for some polynomial f K[X].
Proof. Suppose first that L/K is normal. Since L/K is finite, it is finitely
generated, say L = K(1 , . . . , n ). Let mi = mi /K be the minimal polynomial
of i over K, and set f := m1 mn . Using that L/K is normal, we know that
each mi splits over L, so f also splits over L. As L is generated over K by
roots of f , we can apply Lemma 8.1 to conclude that L/K is a splitting field
extension for f .
Conversely, let L/K be a splitting field extension for f K[X]. Take L
and let m = m/K be its minimal polynomial. We need to show that m splits
over K. To this end, let M/L be a splitting field extension of m.
Take M a root of m. By Artins Extension Theorem we know that there is
a K-isomorphism : K()
K(), 7 .
Now, let 1 , . . . , n be the roots of f in L. Since L/K is a splitting field extension
of f , we know that L = K(1 , . . . , n ). It follows that
L() = K(, 1 , . . . , n ) = K()(1 , . . . , n ),
so that L()/K() is also a splitting field extension for f .
We therefore have a K-isomorphism : K()

K(), a splitting field extension
L/K() for f K[X], and a splitting field extension L()/K() for (f ) = f .
We can therefore apply Theorem 8.2 to obtain a field isomorphism : L

L()
extending . In particular, since is a K-isomorphism, so too is . It follows
that [L : K] = [L() : K], so by the Tower Law we have [L() : L] = 1, and
hence L() = L. In other words, L, so every root of m lies in L, so m splits
over L.
8.3
Normal Closure
One has to be careful when dealing with normal extensions, since it is possible
to have a tower M/L/K of fields with both M/L and L/K normal, but M/K
not normal.
41
4
For example, take K = Q, L = Q( 2) and M = Q( 2). Then
L/Q is the
2
2
splitting field of X 2 and M/L is the splitting field
of
X
2. However,
4
M/Q is not normal. For, theminimalpolynomial
of
2
over
Q
is
m
:= X 4 2,
4
4
2
which decomposes
as (X 2)(X + 2)(X + 2) over M . Since M R but
the roots of X 2 + 2 are complex, we see that m does not split over M .
For this reason, we make the following definition. Let L/K be finite. A field
extension M/L is called a normal closure of L/K if M/K is normal, but
M 0 /K is not normal for a proper intermediate field of M/L. (Note the relevant
base fields.)
Theorem 8.5 (Existence and Uniqueness of Normal Closures). Let L/K be
finite. Then there exists a normal closure M/L of L/K, of finite degree, and
unique up to isomorphism.
Proof. Since L/K is finite, it is finitely generated, say L = K(1 , . . . , n ). Let
mi = mi /K be the minimal polynomial of i over K, and set f := m1 mn .
Let M/L be a field extension such that M/K is normal. Then each i M , so
mi splits over M , and hence f splits over M .
Conversely, let M/L be a splitting field extension for f . By Lemma 8.1, if
S M is the set of roots of f , then M = L(S). Since each i is a root of f , we
have i S, and so M = L(S) = K(1 , . . . , n , S) = K(S). Therefore M/K
is a splitting field extension for f , by the same lemma, and hence is normal by
Theorem 8.4.
It follows that a field extension N/L is a normal closure for L/K if and only
if it is a splitting field extension for f . The finiteness and uniqueness are now
immediate consequences of Theorem 8.2.
42
Chapter 9
Finite Fields
A finite field is a field with only finitely many elements. Examples include the
fields Fp := Z/pZ for each prime number p. In this chapter we will construct
all finite fields, and compute the Galois groups of all field extensions involving
finite fields. We will show that two finite fields are isomorphic if and only if
they have the same number of elements, and that all field extensions of finite
fields are Galois with cyclic Galois groups.
Recall that the characteristic of a ring R is the integer n 0 generating the
kernel of the (unique) ring homomorphism Z R. The characteristic of a field
is either 0 or a prime number.
In particular, the characteristic of a finite field F is always a prime number p,
so F has prime subfield Fp . Moreover, if F/Fp has degree n, then F has pn
elements.
Finally we shall need the derivative of a polynomial. Let K be any field. Then
the linear map
D : K[X] K[X], X n 7 nX n1
satisfies the product rule D(f g) = D(f )g +f D(g). We usually write f 0 for D(f )
and call it the derivative.
9.1
Frobenius Homomorphism
Let K be any field of characteristic p > 0. The Frobenius homomorphism

is defined to be the map
Fr : K K,
x 7 xp .
Lemma 9.1. The Frobenius homomorphism is a field homomorphism. In particular, it is injective.
43
Proof. We need to check that

(x + y)p = xp + y p ,
(xy)p = xp y p ,
0p = 0
and
1p = 1.
The last three are obvious, so we just need to check that (x + y)p = xp + y p .
Using the binomial formula, we have
p
X
p r pr
(x + y)p =
x y
.
r
r=0

Since pr = p!/r!(p r)! and p does not divide r! for any 0 r < p, we
deduce that p divides pr for each 0 < r < p. Since char(K) = p, we get
(x + y)p = xp + y p as required.
Note that, by induction, (x1 + + xn )p = xp1 + + xpn .
As usual we may extend the Frobenius homomorphism to the polynomial ring
K[X] via

Fr a0 X n + + an1 X + an = ap0 X n + + apn1 X + apn .
Lemma 9.2. Let f K[X]. Then Fr(f )(X p ) = f (X)p .
P p P p
Proof. Write f = a0 X n + + an1 X + an . As noted above,
i xi =
i xi ,
so
f (X)p = ap0 X pn + + apn1 X p + apn = Fr(f )(X p ).
9.2
Finite Fields
Consider the polynomial X p X over FP . We know that 1 is a root of this

polynomial, and since
(1 + + 1)p = 1p + + 1p = 1 + + 1,
we see that every element of Fp is a root. This gives p distinct roots, so
Y
X p X = X(X 1)(X 2) (X p + 1) =
(X ).
Fp
Note that equating coefficients of X gives (p 1)! (1)p mod p, and since
(1)p 1 mod p for all primes p, we deduce Wilsons Theorem, that (p1)!
1 mod p.
Proposition 9.3. Let F/Fp be a field extension of degree n. Then this extension
is Galois with cyclic Galois group generated by the Frobenius homomorphism,
n
and the elements of F are precisely the roots of X p X, so
Y
n
Xp X =
(X ).
F
44
Proof. We know that F is a finite field with pn elements. Now the Frobenius
homomorphism is a field endomorphism of F , so injective, and hence bijective
since F is a finite set. Thus Fr is a field automorphism of F . The fixed field of
Fr is the set of F such that p = , so the set of roots of X p X, which
is just the prime subfield Fp . Thus, by Proposition 5.1, F/FP is Galois with
Galois group the cyclic group hFri. Since this group has order [F : Fp ] = n, we
have
Gal(F/Fp ) = hFri
= Z/nZ.
n
Next, we know that Frn = id on F , so every element F satisfies p = , so

n
is a root of X p X. Since F has pn elements, we deduce that this polynomial
splits over F as
Y
n
Xp X =
(X ).
F
Proposition 9.4. For each prime p and integer n 1 there exists a finite field
n
with pn elements. It is a splitting field extension of X p X over Fp , so is
unique up to isomorphism
n
Proof. Let F/Fp be a splitting field extension of X p X. We first observe that

the roots of f in F are all distinct. For, if is a repeated root, then over F
we can write f = (X )2 g for
some polynomial g. Taking derivatives gives
1 = (X ) 2g + (X )g 0 , a contradiction by considering degrees.
Now consider the fixed field of the cyclic group hFrn i. This consists of those
n
elements F satisfying p = , so equals the set of roots of f in F . Therefore
the set of roots of f form a subfield of F of size pn . Since F is a splitting field
extension for f , it equals this fixed field, so F has size pn .
Conversely, if F has pn elements, then the proposition tells us that F is a
n
splitting field extension of X p X.
Since all finite fields of size pn are isomorphic, we usually abuse notation and
denote any such field by Fpn .
We can now apply the Galois Correspondence to deduce that the intermediate
fields of Fpn /Fp are in bijection with the subgroups of the Galois group hFri
=
Z/nZ. The subgroups are given as hFrr i
= Z/(n/r)Z for each r|n. This group
has index r, so the fixed field of Frr has degree r over Fp , and hence is isomorphic
to Fpr .
This yields the following result.
Theorem 9.5. The finite field Fpn contains Fpr as a subfield if and only if r
divides n, in which case Fpn /Fpr is Galois with cyclic Galois group generated
r
by Frr : x 7 xp .
In general we simplify notation by taking our base field to be Fq for some prime
power q = pr . Then each finite field extension of Fq is of the form Fqn /Fq , and
the Galois group is generated by Frq : x 7 xq .
45
Recall from Proposition 5.6 that if L/K is Galois with Galois group G, and if
L, then m/K splits over L and has distinct roots. Moreover, the roots are
all of the form () for some G.
Corollary 9.6. Let f Fq [X] be irreducible of degree n. Then Fq [X]/(f )
= Fq n
r
is a Galois extension, and the roots of f are of the form q for 0 r < n,
where Fq [X]/(f ) denotes the image of X.
9.3
Irreducible Polynomials over Finite Fields
Proposition 9.7. Let q = pr be a prime power. Over Fq we have the factorisation

Y
n
Xq X =
f.
f monic,irred
deg(f )|n
Proof. We have already seen that

n
Xq X =
(X ).
Fqn
On the other hand, consider the product g of all monic irreducible polynomials
over Fq of degree dividing n. Let f be an irreducible factor of g, of degree r.
Then f splits into distinct linear factors over the subfield Fqr of Fqn , so also
over Fqn . Hence g splits into distinct linear factors over Fqn . Since deg(g) =
q n = |Fqn | we get that
Y
g=
(X ),
Fqn
n
proving that g = X q X.
Define d (q) to be the number of monic irreducible polynomials of degree d over
Fq . We wish to obtain a formula for d (q). For this we will need the Mobius
function (n), which is defined as follows:
(
(1)r if n = p1 pr is a product of distinct primes;
(n) :=
0
if d2 |n for some d 2.
We immediately see that (1) = 1 and that (mn) = (m)(n) provided m and
n are coprime (i.e. is a multiplicative function).
The following is a fundamental result.
Lemma 9.8.
X
d|n
(
1
(d) =
0
46
if n = 1;
if n 2.
P
Proof. Set N (n) := d|n (d). Since is a multiplicative function, so too is
N . In other words, if m and n are coprime, then N (mn) = N (m)N (n). We are
reduced to the case of a prime power n = pr . Now N (1) = 1 whereas if r 1,
then N (pr ) = (1) + (p) = 0.
The importance is revealed by the next result, which allows us to invert formulae
involving sums over divisors.
Lemma 9.9. Suppose we have functions fn and gn for all positive integers n.
Then
X
X

fn =
gd if and only if gn =
nd fd .
d|n
d|n
We now use this technique to obtain a formula for n (q).

Theorem 9.10.
n (q) =
1X
(d)q n/d .
n
d|n
Proof. We have from Proposition 9.7 that

Y
n
Xq X =
f.
d|n f monic,irred
deg(f )=d
Comparing degrees we get

qn =
dd (q).
d|n
Inverting this formula (with fn = q n and gn = nn (q)), we obtain that

X
X

nn (q) =
nd q d =
(d)q n/d
d|n
d|n
as required.
Examples
We know that 1 (q) = q, and the irreducible polynomials of degree 1 over Fq
are just the linear polynomials X for Fq .
Next we have
2 (q) =

1 2
q q ,
2
3 (q) =

1 3
q q ,
3
4 (q) =

1 4
q q2 .
4
We can compute the irreducible polynomials over F2 or F3 using the Sieve of

Erastothenes, but taking irreducible polynomials over a finite field instead of
prime numbers in the integers. (That this method works is due to the fact that
K[X], like Z, is a Euclidean domain.)
47
We have the following irreducible polynomials over F2 .

X2 + X + 1
X 3 + X + 1,
X 4 + X + 1,
X3 + X2 + 1
X 4 + X 3 + 1,
X 4 + X 3 + X 2 + X + 1.
Over F3 we have three irreducible quadratics.

X 2 + 1,
X 2 + X 1,
48
X 2 X 1.
Chapter 10
Separable Extensions
Recall from Proposition 5.6 that if L/K is Galois, then for every L, its
minimal polynomial over K has distinct roots in L. In this chapter we investigate
this property further.
10.1
Separable Polynomials
We call an irreducible polynomial f K[X] separable over K if f has distinct

roots in a splitting field extension. Since splitting field extensions are unique
up to isomorphism, this definition depends only on f and K. We say that a
general polynomial f K[X] is separable over K if each irreducible factor is
separable over K.
Changing perspective, let L/K be an algebraic field extension and L. We
say that is separable over K if its minimal polynomial m/K is separable over
K. We say that L/K itself is separable if each L is separable over K.
We start by giving a criterion for when an irreducible polynomial is separable.
Theorem 10.1. Let f K[X] be irreducible. Then the following are equivalent.
1. f is inseparable over K.
2. gcd(f, f 0 ) 6= 1.
3. f 0 = 0.
4. char(K) = p > 0 and f (X) = g(X p ) for some g K[X] (necessarily
irreducible).
Proof. (1) (2) Let L/K be a splitting field extension for f . Since f has a
2
repeated root in L, say , we can can write f = (X
) g for some g L[X].
0
0
Taking derivatives gives f = (X ) 2g + (X )g , so that is again a root
of f 0 . Hence m/K divides both f and f 0 over K, so gcd(f, f 0 ) 6= 1.
49
(2) (3) Since f is irreducible, if gcd(f, f 0 ) 6= 1, then it must equal f . Therefore f divides f 0 but deg(f ) > deg(f 0 ). This can only happen if f 0 = 0.
P
P
n
n1
(3) (4) Write f =
K[X]. Then 0 = f 0 =
, so
n an X
n nan X
nan = 0 K for all n. If char(K) = 0, then an = 0 for all n 1, so that
f = a0 K is constant, contradicting the assumption that f is irreducible.
Thus
= p > 0 and an = 0 unless p|n, so that f (X) = g(X p ) with g =
P char(K)
r
r apr X K[X]. To see that g is irreducible, suppose that g = g1 g2 K[X].
Then f (X) = g(X p ) = g1 (X p )g2 (X p ) K[X], so f irreducible implies one of
the gi is constant, and so g is irreducible.
(4) (1) Let char(K) = p > 0 and f (X) = g(X p ) K[X]. Let L/K be the
splitting field extension for f . If L is a root of f , then 0 = f () = g(p ), so
p is a root of g. Thus X p divides g over L, which implies that X p p =
(X )p divides g(X p ) = f (X). Thus is a repeated root of f in L, so f is
inseparable.
We call a field K perfect if every irreducible polynomial f K[X] is separable.
We observe that all fields of characteristic 0 are separable. Also, all algebraically
closed fields are perfect (since all irreducible polynomials are linear). Finally, it
follows from Corollary 9.6 that all finite fields are perfect.
It is instructive to see an example of an inseparable field extension.
Lemma 10.2. Let K be a field of characteristic p > 0, and let K. Then
the polynomial X p is either irreducible, or else factors as (X )p .
Proof. Let L/K be a splitting field extension for X p , and let L be
a root of this polynomial. Then p = , so over L we have the factorisation
X p = (X )p . By unique factorisation in K[X], any irreducible factor of
X p must be of the form (X )m for some 1 m p. In particular, the
constant term m must lie in K.
Suppose m K for some 1 < m < p. Since p is prime there exist integers a, b
with ap + bm = 1. Then a ( m )b = ap+bm = K. Therefore either K
and X p = (X )p over K, or else X p is irreducible over K.
Proposition 10.3. Consider the transcendental extension Fp (x)/Fp . Let y =
xp . Then the minimal polynomial of x over Fp (y) is X p y, and the field
extension Fp (x)/Fp (y) is inseparable of degree p.
Proof. Clearly x is a root of m = X p y, so by the previous lemma we just
need to prove that x 6 Fp (y).
Note that y is transcendental over Fp . So, if x Fp (y), then there exist polynomials f, g Fp [X] such that x = f (y)/g(y), or equivalently f (y) = g(y)x. Since
y = xp , this gives f (xp ) = g(xp )x. As x is transcendental over Fp , this implies
f (X p ) = g(X p )X in Fp [X], a contradiction by comparing degrees.1
1
Alternatively, apply Exercise Sheet 4, Question (7).
50
We next want to show that the set of separable elements in a field extension
L/K forms an intermediate field.
Lemma 10.4. Let K be a field of characteristic p > 0, and let L/K be a field
extension. For L, algebraic over K, we have the following dichotomy.
1. is separable over K if and only if [K() : K(p )] = 1.
2. is inseparable over K if and only if [K() : K(p )] = p.
Proof. If is separable over K, then it is separable over any intermediate field
E of L/K. For, m/E divides m/K , so also has distinct roots in a splitting field
extension. In particular, is separable over K(p ). On the other hand, the
minimal polynomial of over K(p ) divides X p p , and by Lemma 10.2 this
polynomial is either irreducible, so is inseparable over K(p ), or else factors
as (X )p , so K(p ). We deduce that [K() : K(p )] = 1.
Conversely, if is inseparable over K, then m/K (X) = f (X p ) for some monic
irreducible polynomial f K[X]. Since p is a root of f , we see that f =
mp /K , so that [K(p ) : K] = deg(f ) and [K() : K] = deg(m) = p deg(f ).
Thus [K() : K(p )] = p.
Theorem 10.5. Let L/K be a field extension and write Lsep/K for the set of
elements L which are separable over K. Then Lsep/K is an intermediate
field of L/K, and is a separable field extension of K.
Proof. This is trivial when char(K) = 0, so let char(K) = p > 0. Clearly each
element of K is separable over K, so K Lsep/K . It remains to show that
Lsep/K is a closed under sums, products and inverses, so is a subfield of L. In
other words, we need to show that if , Lsep/K with non-zero, then
and 1 are all separable over K.
Let be any one of these elements. Then K(, ) = K(, ), and by applying
the Frobenius homomorphism we also have K( p , p ) = K(p , p ). Now is
separable over K, so it is also separable over any intermediate field E of L/K,
and so E( p ) = E() by the previous lemma. Similarly is separable over K,
so K(p ) = K(). Combining these results for E = K() gives K(p , p ) =
K(, ). We deduce that K( p , p ) = K(, ), so by the Tower Law
[K() : K( p )] =
[K(, ) : K( p )]
[K( p , p ) : K( p )]
=
.
[K(, ) : K()]
[K(, ) : K()]
Finally, let m be the minimal polynomial of over K(). Applying the Frobenius homomorphism we have Fr(m)(X p ) = m(X)p , so p is a root of Fr(m).
Since m K()[X] we see that Fr(m) K( p )[X]. Therefore the minimal
polynomial n of p over K( p ) divides Fr(m), so
[K( p , p ) : K( p )] = deg(n) deg(Fr(m)) = deg(m) = [K(, ) : K()].
Thus [K() : K( p )] 1, so K() = K( p ) and is separable over K.
51
10.2
Characterisation of Galois Extensions
We now come to an important result, which states that a finite field extension
is Galois if and only if it is separable and normal. This characterisation is often
taken to be the definition of a Galois extension, but the approach we have taken
has the benefit of emphasising the symmetries of a Galois extension.
Theorem 10.6. Let L/K be a field extension. The following are equivalent.
1. L/K is Galois.
2. L/K is finite, separable and normal.
3. L/K is a splitting field extension of a separable polynomial f K[X].
Proof. (1) (2) Let L/K be Galois. Then it is necessarily finite. Furthermore,
we saw in Proposition 5.6 that for each L, its minimal polynomial m/K
splits into distinct linear factors over L. Thus L/K is also separable and normal.
(2) (3) Let L/K be finite, separable and normal. Then it is a splitting field
extension for some polynomial f K[X] by Theorem 8.4. Let m be a monic
irreducible factor of f , and let L be a root of m. Then m is necessarily the
minimal polynomial of over K, so is separable by assumption. Thus f is a
separable polynomial.
(3) (1) Let f K[X] be a separable polynomial, and let L/K be a splitting
field extension for f . We are going to prove that L/K is Galois by induction on
the degree [L : K]. Set G := Gal(L/K) and let E be the fixed field of G.
Let L \ K be a root of f , so m := m/K is a separable polynomial. Then
L/K() is again a splitting field extension for f , but of smaller degree, so is
Galois by induction. Then Gal(L/K()) G is a subgroup, so the fixed field
of G is contained in the fixed field of Gal(L/K()); that is, E K().
Set n + 1 := [K() : K]. Given E K() we can write
= a0 n + + an1 + an
for some ai K.
Set g := a0 X n + + an1 X + (an ) E[X].

Let L be a root of m. We claim that g() = 0. By Artins Extension
Theorem there exists a K-isomorphism : K()

K(), 7 . Now L/K()
is also a splitting field extension for f = (f ), so by Theorem 8.2 there exists a
field automorphism of L extending . Since is a K-isomorphism, so too is ,
and hence Gal(L/K).
By assumption fixes every element of E, and also that () = . Therefore
= () = a0 n + + an1 + an ,
so g() = 0 as required.
Since m has n + 1 distinct roots but deg(g) n we deduce that g = 0, so
= an K. Thus E = K and L/K is Galois by Proposition 5.1.
52
Corollary 10.7. Let L/K be a finite, separable field extension. Then L/K is
simple. In particular, all Galois extensions are simple.
Proof. Let L = K(1 , . . . , n ), let mi be the minimal polynomial of i over
K, and let m = m1 mn . Since L/K is separable, each i is separable over
K, so each mi is an irreducible separable polynomial. Hence m is a separable
polynomial.
Now, if M/L is the normal closure for L/K, then M/K is a splitting field extension for m, so is Galois by the theorem. By the Fundamental Theorem,
the intermediate fields of M/K are in bijection with the subgroups of the Galois group. Thus there are only finitely many intermediate fields of M/K, so
there can be only finitely many subfields of L/K. Hence L/K is simple by the
Primitive Element Theorem.
In the exercises we will construct a finite field extension L/K which has infinitely
many intermediate fields, and hence is not simple.
Another important consequence of the theorem is that we can view Galois groups
as transitive subgroups of symmetric groups. If f K[X] is a separable polynomial, we write Gal(f ) for the Galois group of a splitting field extension L/K
for f . This is well-defined by Theorem 8.2.
Proposition 10.8. Let f K[X] be a separable irreducible polynomial of degree
n. Then the action of Gal(f ) on the roots of f induces an injective group
homomorphism Gal(f ) , Symn with image a transitive subgroup.
Proof. Let L/K be a splitting field extension for f , so a Galois extension by
the theorem. If 1 , . . . , n are the roots of f in L, then L = K(1 , . . . , n ),
so the action of Gal(f ) = Gal(L/K) is completely determined by its action on
the roots of f . This yields an injective group homomorphism Gal(f ) , Symn .
Finally, Gal(f ) acts transitively on the roots of f by Corollary 5.7, so its image
in Symn must be a transitive subgroup.
This result restricts the possible Galois groups quite considerably. For example,
if f Q[X] is an irreducible cubic, then Gal(f ) is isomorphic to either Z/3Z or
Sym3 . If f Q[X] is an irreducible quartic, then Gal(f ) is isomorphic to one
of
Sym4 , Alt4 , D8 , Z/4Z, (Z/2Z)2 .
The group D8 is the dihedral group with 8 elements, or the symmetry group
of a square. We can view it as a transitive subgroup of Sym4 by taking
h(1234), (12)(34)i. The group V := (Z/2Z)2 is often called the Klein four group
(Kleinsche Vierergruppe), and can be viewed as a transitive subgroup of Sym4
by taking h(12)(34), (13)(24)i.
53
As an example of how useful this is, consider the following result.

Proposition 10.9. Let p be a prime. The only transitive subgroup of Symp
containing a transposition is Symp itself.
In particular, if f Q[X] is an irreducible polynomial of degree p having precisely two non-real roots, then Gal(f )
= Symp .
Proof. Let G Symp be a transitive subgroup. Then G acts transitively on the
set {1, 2, . . . , p}, so by the Orbit-Stabiliser Theorem, H = StabG (1) has index
p in G. Thus p divides |G|, so G contains an element of order p, and hence a
p-cycle , by Cauchys Theorem.
Suppose further that G contains a transposition (1 a). Note that, for some
1 r < p we have r = (1 a ), and that this is again a p-cycle. Relabelling,
we may assume that G contains (1 2) and (1 2 p). Conjugating the transposition shows that G also contains (i i + 1) for all i, and we know that these
transpositions generate the full symmetric group. Thus G = Symp .
Now let f Q[X] be irreducible of degree p, and having precisely two complex
roots. Then Gal(f ) Symp is a transitive subgroup. Moreover, complex conjugation fixes f , so permutes the roots of f , and hence acts as a transposition.
Thus Gal(f ) contains a transposition, so Gal(f ) = Symp .
For example, the Galois group of f = X 5 4X + 2 Q[X] is Sym5 . For, f is
irreducible by Eisenstein, and has precisely three real roots, as seen by drawing
its graph. We can therefore apply the proposition.
X 5 4X + 2
10.3
Changing the Base Field
Let E and F be intermediate fields of a field extension L/K. It is often useful to

be able to translate results about the field extension E/K to the field extension
EF/F , which we call base change.
54
Theorem 10.10. Let L/K be a field extension, and E, F intermediate fields.

1. If E/K is Galois, then so is EF/F , and Gal(EF/F ) is isomorphic to the
subgroup Gal(E/E F ) of Gal(E/K).
2. If both E/K and F/K are Galois, then so too are EF/K and E F/K.
If E F = K, then Gal(EF/K) is isomorphic to the direct product
Gal(E/K) Gal(F/K).
Proof. 1. Since E/K is Galois, it is a splitting field extension of some separable
polynomial f K[X] by Theorem 10.6. Then EF/F is a splitting field extension
of f , now viewed in F [X], so is Galois by the same theorem.
Now let Gal(EF/F ). Then is completely determined by its action on the
roots of f , and all of these lie in E. So restricts to a K-automorphism of E,
inducing an injective map Gal(EF/F ) , Gal(E/K), which is easily seen to be
a group homomorphism.
Finally, let G Gal(E/K) be the image of Gal(EF/F ). Then x E is fixed by
G if and only if x EF is fixed by Gal(EF/F ), which is if and only if x F .
Thus the fixed field of G is E F , so G = Gal(E/E F ).
2. Suppose that F/K is also Galois, so a splitting field extension of some separable polynomial g K[X]. Then EF/K is a splitting field extension of f g,
which is separable, so EF/K is Galois.
Since EF/K is finite and separable, so too is E F/K. To see that the latter
field extension is also normal, and hence Galois, take E F . Then m/K
splits over E, since E/K is normal, and similarly also over F/K. Therefore all
the roots of m/K necessarily lie in E F , so m/K splits over E F .
Assume now that E F = K. As in (1), restriction to E yields a group homomorphism Gal(EF/K) Gal(E/K). For, E/K is a splitting field extension
of f and any Gal(EF/K) must permute these roots, so restricts to an
automorphism of E. Similarly, F/K is a splitting field for g, so restriction to F
yields a group homomorphism Gal(EF/K) Gal(F/K). Together these give
a group homomorphism
: Gal(EF/K) Gal(E/K) Gal(F/K).
Since EF/K is a splitting field extension for f g, any Gal(EF/K) is completely determined by its action on the roots of f and g, so by its restrictions
to E and F . Thus is injective. Finally, by (1) we know that
[EF : F ] = | Gal(EF/F )| = | Gal(E/E F )| = | Gal(E/K)| = [E : K],
so by the Tower Law
[EF : K] = [EF : F ][F : K] = [E : K][F : K]
and hence
| Gal(EF/K)| = | Gal(E/K)|| Gal(F/K)|.
This implies that must be a bijection, and hence a group isomorphism.
55
Corollary 10.11. Let L/K be a field extension, and E and F intermediate

fields. If E/K is Galois, then [EF : F ] divides [E : K].
Proof. By part (1) of the theorem we have
[EF : F ] = | Gal(EF/F )| = | Gal(E/E F )| = [E : E F ],
which divides [E : K] by the Tower Law.
This result
is not true if E/K is not Galois. For example, let E = Q( 3
2) and
3
F = Q( 2), where is a primitive cube root of unity. Then EF = Q( 3 2, ),
so [E : Q] = [F : Q] = 3 and [EF : Q] = 6, whence [EF : F ] = 2.
56
Chapter 11
Cyclotomic and Cyclic

Extensions
In this chapter we shall examine two special types of field extensions cyclotomic extensions, given by adjoining a primitive n-th root of unity, and cyclic
extensions, given by adjoining an arbitrary n-th root under the assumption
that the base field already contains a primitive n-th root of unity. Both of
these cases are relatively easy to study, and have far reaching generalisations to
abelian Kummer theory and class field theory.
11.1
Cyclotomic Extensions
Recall that K is called a primitive n-th root of unity if n = 1 but

d 6= 1 for all 1 d < n. For example we could take = exp(2i/n) C.
Let K be a primitive n-th root of unity. We make the following observations.
1. The n numbers r for 1 r n are all distinct. For, if r = s with
1 r < s n, then sr = 1 and 1 s r < n, contradicting the fact
that was a primitive n-th root of unity.
2. The set n := { r : 1 r n} is a cyclic group under multiplication,
generated by . Hence n is isomorphic to the additive group Z/nZ.
3. If 1 r n, then r is a primitive n/d-th root of unity, where d =
gcd(r, n).
4. n contains d for all d|n. In particular, if is an n/d-th root of unity,
then = ds for some 1 s n/d.
57
We define the n-th cyclotomic polynomial as

Y
Y
n (X) :=
(X r ) =
1rn
gcd(r,n)=1
(X ).
primitive n-th
root of unity
We therefore have the factorisation

Y
Y
d (X).
Xn 1 =
(X r ) =
1rn
d|n
Note also that deg(n ) = (n), where (n) is Eulers totient (or phi) function
(n) = |{1 r n : gcd(r, n) = 1}|.
Theorem 11.1. The polynomial n (X) lies in Z[X] and is irreducible.
If C is a primitive n-th root of unity, then Q()/Q is Galois with abelian Galois group. In fact, Gal(Q()/Q)
= (Z/nZ) via r () := r for r (Z/nZ) .
Proof. We first observe that eachQd (X) is monic. By induction we may assume
d (X) Z[X] for d < n. Since d|n d (X) = X n 1, the Division Algorithm
tells us n (X) Q[X], and then Gausss Lemma gives that n (X) Z[X].
Now let f Q[X] be the minimal polynomial of , a primitive n-th root of
unity. We claim that if is any root of f , then so is p for all primes p - n. It
will follow that r is a root of f for all 1 r n with gcd(r, n) = 1, and hence
that n (X) = f is irreducible.
Since is a root of X n 1, we can write X n 1 = f (X)g(X). Again, both
polynomials are monic with rational coefficients, so Gausss Lemma tells us
that f, g Z[X]. Let be a root of f , p a prime not dividing n and assume
for contradiction that p is not a root of f . Then p must be a root of g(X),
so that is a root of g(X p ). Since f is the minimal polynomial of , it divides
g(X p ). Hence g(X p ) = f (X)h(X), and by Gausss Lemma once more we see
that h Z[X] and is monic.
respectively the
We now reduce coefficients modulo p. Denote by f, g and h
images of f , g and h in Fp [X]. By Lemma 9.2 we have g(X)p = g(X p ) =
f(X)h(X).
Thus gcd(f, g) 6= 1. Since X n 1 = f(X)
g (X), we see that X n 1
n
has repeated roots. It follows that X 1 and its derivative nX n1 have a
common divisor, but since p - n this cannot happen, proving the claim.
We have shown that n (X) is the minimal polynomial of over Q. Thus
[Q() : Q] = deg(n ) = (n). Since all n-th roots of unity (primitive or not)
are powers of , we see that Q()/Q is the splitting field extension of n (or
equivalently of X n 1). Hence Q()/Q is Galois.
Let G = Gal(Q()/Q), so |G| = (n). By Artins Extension Theorem the
elements of G are in bijection with the roots of n , so are all of the form r : 7
r for some 1 r n coprime to n. Consider the bijection (Z/nZ) G,
r 7 r . Since 1 7 1 = id and r s () = r ()s = rs , this map is a group
isomorphism.
58
Recall from Proposition 9.3 that every finite extension of a finite field is Galois
with cyclic Galois group.
Theorem 11.2. Let K = Fq be a finite field and L/K a splitting field extension
of X n 1. Then L contains a primitive n-th root of unity if and only if the
characteristic of K does not divide n, in which case L/K has degree d, where d
is the order of q modulo n, so Gal(L/K) , (Z/nZ) .
Proof. Suppose first that p := char(K) divides n, say n = pm. Let L be an
n-th root of unity. Then m is a root of X p 1 = (X 1)p , so m = 1. Hence
L cannot contain a primitive n-th root of unity.
Conversely, suppose that p does not divide n. Then q (Z/nZ) , so let d be
the order of q in this group. Note that Z/dZ
= hqi , (Z/nZ) . Let M/K be
e
a field extension of degree e, so M has size q . Now, X n 1 is coprime to its
derivative, so has no repeated roots in a splitting field extension. Therefore, by
e
Proposition 9.7, X n 1 splits over M if and only if X n 1 divides X q 1 1,
which is if and only if n divides q e 1, and hence if and only if d divides e.
Therefore the splitting field extension L of X n 1 must be Fqd .
Finally, we know from Lemma 3.6 that L is cyclic, say with generator . Thus
has order q d 1 = mn, so = m has order n, so is a primitive n-th root of
unity.
Corollary 11.3. Let L/K be a field extension, and suppose L is a primitive
n-th root of unity. Then K()/K is Galois, and Gal(K()/K) , (Z/nZ) .
Proof. Let k be the prime subfield of K. Then k()/k is Galois with Galois
group a subgroup of (Z/nZ) , by Theorem 11.1 in characteristic zero or by
Theorem 11.2 in positive characteristic. Then K() is the compositum of K
and k(), so K()/K is Galois with Gal(K()/K) isomorphic to a subgroup of
Gal(k()/k) by Theorem 10.10.
Since we will need this result later, we now show that the compositum of two
cyclotomic field extensions is again cyclotomic.
Lemma 11.4. Let L/K be a field extension containing a primitive m-th root
of unity and a primitive n-th root of unity . Set d := gcd{m, n} and l :=
lcm{m, n}. Then L contains a primitive l-th root of unity , and K(, ) =
K().
Proof. We begin by adjoining a primitive l-th root of unity to L. Then ,
K(). Conversely, for some integers r and s we have l/m = r and l/n = s .
By Euclids Algorithm we can find integers a and b such that am + bn = d.
Then, using that mn = dl, we see that br as = (am+bn)/d = , so K(, ).
Thus K(, ) = K().
59
11.2
Hilberts Theorem 90
Let L/K be a Galois field extension with Galois group G. The trace and norm
of in L/K are given by
X
Y
TrL
() and NL
().
K () :=
K () :=
G
We observe that
L
L
TrL
K ( + ) = TrK () + TrK ()
and
L
L
NL
K () = NK () NK (),
so that TrL
K : L K is an additive group homomorphism, and NK : L K
is a multiplicative group homomorphism.
Theorem 11.5 (Hilberts Theorem 90). Let L/K be Galois with Galois group
Gal(L/K)
= Z/nZ. Let be a generator for Gal(L/K). Then for L we
have NL
K () = 1 if and only if there exists L such that = ()/.
Proof. Suppose that = ()/. Then
n1
NL
() =
K () = ()
n ()
() 2 ()
n ()
=
n1
= 1.
()
()
Conversely, suppose that NL

K () = 1. Define
i := i () n1 () =
1
.
() i1 ()
By the Linear Independence of Characters the i are linearly independent over

L. Hence there exists L such that
:=
n1
X
i i () 6= 0.
i=0
Now, (i ) = i+1 and 0 = n = 1. Therefore

() =
n1
X
(i ) i+1 () =
i=0
n1
X
i+1 i+1 () =
i=0
n
X
i i () = ,
i=1
so = ()/ as required.
Pythagorean Triples
As a cute application of this we can prove that every Pythagorean triple (x, y, z),
that is, integers x, y, z such that x2 + y 2 = z 2 , is of the form
(x, y, z) = c(a2 b2 , 2ab, a2 + b2 ) a, b Z coprime,
60
2c Z.
For, let us consider the field of Gaussian numbers Q(i). This is a quadratic
extension of Q, so has Galois group Z/2Z, induced by complex conjugation,
and Q contains a primitive second root of unity, namely 1.
Note that the norm of = x + yi (with x, y Q) is N () = (x + yi)(x yi) =
x2 + y 2 .
Therefore by Hilberts Theorem 90 we see that x2 + y 2 = 1 if and only if there
exists = a bi with
x + yi =
a + bi
(a2 b2 ) + 2abi
=
.
a bi
a2 + b2
Therefore every rational solution to x2 + y 2 = 1 is of the form

a2 b2
2ab
(x, y) =
,
.
a2 + b2 a2 + b2
Now, (x, y, z) is a Pythagorean triple if and only if (x/z) + (y/z)i has norm 1.
Therefore there exist rational numbers a, b with x/z = (a2 b2 )/(a2 + b2 ) and
y/z = 2ab/(a2 + b2 ). Clearing denominators and removing common factors, we
may even assume that a, b Z are coprime. Therefore (x, y, z) is a Pythagorean
triple if and only if there exist coprime integers a, b and a rational number c
such that
(x, y, z) = c(a2 b2 , 2ab, a2 + b2 ).
Finally, since x, y, z are integers, the denominator of c must divide both a2 b2
and a2 + b2 , and hence must divide their sum 2a2 and difference 2b2 . Since a
and b are coprime we see that the denominator of c is at most 2, so 2c Z.
11.3
Cyclic Extensions
A Galois extension L/K is called cyclic if its Galois group is cyclic. We will
now study cyclic extensions under the assumption that the base field has enough
roots of unity.
Proposition 11.6. Let L/K be a cyclic Galois extension of degree n, and
assume that K contain a primitive n-th root of unity. Then L/K is a splitting
field extension of some X n a K[X].
Proof. Let be a generator for the Galois group. If K is a primitive n-th
n
root of unity, then () = , so NL
K () = = 1. By Hilberts Theorem 90 there
exists L with = ()/. Thus () = , so r () = r . Then has n
conjugates in L, so K()/K has degree n, and hence L = K(). Moreover, the
minimal polynomial of over K is
Y
Y
m/K =
(X r ) = n ((X/) r ) = n ((X/)n 1) = X n n .
r
Therefore n = a K and L/K is a splitting field extension of X n a.

61
Importantly, the converse also holds.

Proposition 11.7. Let L/K be a splitting field extension of some X n a
K[X], and assume that K contains a primitive n-th root of unity. Then L/K
is Galois with cyclic Galois group of order dividing n.
Proof. Let L be a root of X n a. Then the other roots are just r , where
K is a primitive n-th root of unity. Therefore L = K(). Moreover, since
X n a has distinct roots it is a separable polynomial, so L/K is Galois by
Theorem 10.6.
Now, the minimal polynomial m of over K divides X n a, so the roots of
m are given by r for r in some subset R Z/nZ containing 0. By Artins
Extension Theorem the elements of the Galois group G = Gal(L/K) are of
the form r : 7 r for r R. Finally, r s () = r+s = r+s (), and
r1 () = r = r (). Therefore R Z/nZ is a subgroup, and the bijection
R G, r 7 r , is a group isomorphism.
This proves that the Galois group of L/K is cyclic of order dividing n.
62
Chapter 12
Radical Extensions
We now come back to our motivating question of whether we can express the
roots of an irreducible polynomial as radical expressions in the coefficients of
the polynomial. This has a beautiful answer in terms of the structure of the
Galois group: an irreducible polynomial f over a field of characteristic zero is
solvable by radicals if and only if Gal(f ) is a solvable group.
The main difficulty in the proof is that the base field usually does not contain
enough roots of unity. We therefore have to adjoin these in order to make our
deductions. Finally we show that every root of unity has a radical expression,
finishing the proof.
12.1
Radical Extensions
Informally, if L/K is a field extension, then a radical expression of L is

one involving only the elements of K, the field operations +, , , and n-th
roots. For example, the following element
q
q
7
4
3
5
11
=
3
2 + 9 15 12 1 + 6
is a radical expression for over Q.
More precisely, we say that a field extension L/K is radical if there exists a
tower
K = K0 K1 Kr = L
such that each field extension Ki /Ki+1 is given by extracting an ni -th root, so
Ki = Ki1 (i ) is simple and ini Ki1 . We call such a tower a radical tower
for L/K. Note that all radical extensions are necessarily finite.
Given a radical tower L = Kr / /K1 /K0 = K for L/K, there exists an integer
n such that each Ki /Ki1 is given by extracting an n-th root. For, we know
that Ki = Ki1 (i ) with ini Ki1 . Let n = lcm(n1 , . . . , nr ). Then ni divides
63
n, so in Ki1 . We will call such an integer n an exponent for the radical

extension L/K. (N.B. This is non-standard terminology, but useful.)
We will need two properties about radical extensions. The first concerns base
change, the second, normal closures.
Lemma 12.1. Let L/K be a field extension, and E and F intermediate fields.
If E/K is radical of exponent n, then so is EF/F .
Proof. Let
K = K0 K1 Kr = E
be a radical tower of exponent n. Write Ki = Ki1 (i ) where in Ki1 . Set
Fi := F Ki . Then Fi = Fi1 (i ) and in Fi1 . Hence
F = F0 F1 Fr = EF
is a radical tower for EF/F of exponent n.
Proposition 12.2. Let M/L be a normal closure of L/K. If L/K is radical of
exponent n, then so is M/K.
Proof. Let
K = K0 K1 Kr = L
be a radical tower of exponent n. Write Ki = Ki1 (i ) with in Ki1 .
Let M/L be a normal closure of L/K and set Mi to be the normal closure of
Ki /K inside M . Observe that Ki = K(1 , 2 , . . . , i ), so if mi is the minimal
polynomial of i over K, then Mi /K is the splitting field extension of fi :=
m1 m2 mi inside M . In particular, Mi /Mi1 is the splitting field extension
of mi inside M , so Mi is generated over Mi1 by the roots of mi .
We claim that each Mi /Mi1 is radical of exponent n, so by concatenating their
radical towers we will obtain a radical tower for M/K of exponent n. In fact,
we will show that if i is any other root of mi , then in Mi1 .
By Artins Extension Theorem there is a K-isomorphism : K(i ) K(i )
sending i to i . Since Mi /K is the splitting field extension of fi , so too
are Mi /K(i ) and Mi /K(i ). Also, fi K[X], so (fi ) = fi . Therefore, by
Theorem 8.2, there is a K-automorphism of Mi extending .
Finally, Mi1 /K is the unique splitting field extension of fi1 inside M and
(fi1 ) = fi1 . It follows that induces a K-automorphism of Mi1 . Thus
n = (n ) Mi1 as required.
Warning
If L/K is radical and E is an intermediate field, then E/K is not in general
radical. This is not surprising: just because every element of E has a radical
64
expression, we do not expect that every element which can be expressed using
the same radicals necessarily lies in E.
For this reason we make the following definition. A polynomial f K[X]
is solvable by radicals if there exists a radical extension M/K containing
every root of f . Since normal closures of radical extensions are again radical,
Proposition 12.2, we may even assume that M/K is normal, so contains a
splitting field extension L for f . We do not require that L/K is itself radical.
12.2
Solvable Groups
Before we continue, we will need to recall some facts about solvable groups.
Given a finite group G, a chain of subgroups {1} = Gr G0 = G is
called a subnormal series if Gi C Gi+1 for all i. The factor groups Gi1 /Gi
are called the subquotients of the subnormal series. A chain is called a normal
series if each Gi is a normal subgroup of G. (Some authors call a subnormal
series a normal series, but then have no name for a normal series.)
A finite group G is called solvable provided there exists a subnormal series
for G such that all subquotients are cyclic. We observe that a simple group is
solvable if and only if it is cyclic of prime order.
We say that a chain of subgroups {1} = G0n G00 = G is a refinement
of a chain {1} = Gm G0 = G provided that each Gi occurs as some G0j .
Lemma 12.3. A group is solvable if and only if it has a subnormal series
whose subquotients are all cyclic of prime order, which is if and only if it has a
subnormal series whose subquotients are all abelian.
Proof. All finite abelian groups are direct products of cyclic groups, and all
cyclic groups have a normal series whose subquotients are cyclic of prime order.
Thus, given a subnormal series with abelian subquotients, we can refine it to a
subnormal series whose subquotients are cyclic of prime order.
The next two propositions show that subnormal series pass to subgroups and
to quotient groups.
Proposition 12.4. Let G be a finite group and let {1} = Gr C C G0 = G be
a subnormal series for G. If H G is a subgroup, then setting Hi := H Gi
gives a subnormal series {1} = Hr C CH0 = H for H. Moreover, Hi1 /Hi
Gi1 /Gi .
In particular, G solvable implies H solvable.
Proof. We have Hi1 Gi1 , Gi C Gi1 and Hi = Hi1 Gi , so by the Second
Isomorphism Theorem, Hi C Hi1 and Hi1 /Hi
= (Hi1 Gi )/Gi Gi1 /Gi .
For the second part we observe that subgroups of abelian (respectively cyclic)
groups are again abelian (respectively cyclic).
65
Proposition 12.5. Let G be a finite group and let {1} = Gr C C G0 = G

be a subnormal series for G. If H C G is a normal subgroup, then setting
i := (Gi H)/H gives a subnormal series {1} = G
r C C G
0 = G/H for G/H.
G
i1 /G
i.
Moreover, Gi1 /Gi G
In particular, G solvable implies G/H solvable.
Proof. We first observe that Gi H C Gi1 H is a normal subgroup. This can be
done using the Isomorphism Theorems, but it is just as easy to prove it directly.
Let xy Gi H, where x Gi and y H. Similarly let gh Gi1 H, where
g Gi1 and h H. Then

(gh)(xy)(gh)1 = ghxyh1 g 1 = (gxg 1 )g (x1 hx)yh1 g 1 .
Since Gi C Gi1 we have gxg 1 Gi ; since H C G we have x1 hx H,
so (x1 hx)yh1 H, and hence g (x1 hx)yh1 g 1 H. This proves that
Gi H C Gi1 H.
i = (Gi H)/H is a
It now follows from the Third Isomorphism Theorem that G
i1 = (Gi1 H)/H, with quotient
normal subgroup of G
i1 /G
i
G
= (Gi1 H)/(Gi H).
This in turn is isomorphic to Gi1 /(Gi1 (Gi H)) by the Second Isomorphism
Theorem, since Gi1 H = Gi1 (Gi H).
i1 /G
i.
We therefore have an epimorphism Gi1 Gi1 /(Gi1 Gi H)
= G
As Gi lies in the kernel, the First Isomorphism Theorem gives an epimorphism
i1 /G
i as required.
Gi1 /Gi G
The second part follows as in the previous proposition, since quotients of abelian
(respecively cyclic) groups are again abelian (respectively cyclic).
Theorem 12.6. Let H C G be finite groups. Then G is solvable if and only if
both H and G/H are solvable.
Proof. Using the propositions above, it only remains to prove that if H and G/H
are both solvable, then G is solvable. Denote by : G G/H the canonical
epimorphism.
s C C G
0 = G/H be a subnormal series for G/H and let
Let {1} = G
i)
{1} = Hr C C Hs = H be a subnormal series for H. Define Gi := 1 (G
1
for 0 i s and Gi := Hi for s i r. Since (Gs ) = H, this definition is
consistent.
Then {1} = Gr C CG0 = G is a subnormal series for G. Moreover, Gi1 /Gi
=
i1 /G
i for 0 < i s. The first of these
Hi1 /Hi for s < i r and Gi1 /Gi
=G
is clear, and the second follows from the Third Isomorphism Theorem.
i1 /G
i is abelian (respectively cyclic), then
In particular, if each Hi1 /Hi and G
so is each Gi1 /Gi . Hence if H and G/H are both solvable, then so is G.
66
It is easy to show that every p-group for p a prime is a solvable group. In fact,
any such group is nilpotent, meaning that we even have a normal series with
abelian subquotients.
Theorem 12.7. Let p be a prime and G a finite p-group. Then G is nilpotent,
so solvable.
Proof. We recall that Z(G) is the centre of G, so the set of elements z commuting with all g G. Then Z(G) C G is clearly a normal subgroup.
Now, since G is a p-group, it has non-trivial centre. For, we let G act on itself by
conjugation. The orbits of size one are given by the elements of the centre Z(G),
and note that |Z(G)| 1 since 1 Z(G). Let X be a set of representatives for
the conjugacy classes of size at least 2. For x X let Gx = StabG (x) be the
stabiliser of x, so by the Orbit-Stabiliser Theorem [G : Gx ] = |OrbG (x)| > 1.
Since G isPa p-group, we see that p divides each [G : Gx ]. Therefore |G| =
|Z(G)| + xX [G : Gx ], so p divides |Z(G)|. In particular, G has non-trivial
centre.
We can define a normal series of G by setting Z0 := {1} and iteratively defining
Zi+1 to be the preimage in G of Z(G/Zi ), so that Z1 = Z(G). For, G/Zi is a
p-group, so has non-trivial centre, so Zi < Zi+1 is a strict inclusion.
More generally, we have the following famous theorem. John Thompson was
recently awarded the Abel Prize for this and other work on finite groups.
Theorem 12.8 (Feit-Thompson). Every finite group of odd order is solvable.
In particular, if G is a finite simple group, then either G is cyclic of prime order
or else |G| is even.
We shall need the following result, concerning the solvablility of the symmetric
and alternating groups.
Theorem 12.9. The alternating group Altn is solvable if n 4 and simple if
n 5. In particular, the symmetric group Symn is solvable if and only if n 4.
Proof. For n = 4 we have the normal series {1} C V C Alt4 C Sym4 , where
V = h(12)(34), (13)(24)i is the Klein four group. Since each quotient is abelian,
we have the result. Moreover, since Sym4 /V
= Sym3 , we also obtain that Sym3
is solvable.
On the other hand, if n 5, then Altn is simple but not cyclic, so not solvable.
Since Altn C Symn , the full symmetric group Symn is not solvable for n 5.
12.3
Solvable Galois Extensions
We now come to one of the highlights of Galois Theory. We assume throughout

that all fields have characteristic zero.
67
Proposition 12.10. Let L/K be Galois and radical. Then Gal(L/K) is solvable.
Proof. Let L/K be radical of exponent n, say having a radical tower
K = K0 K1 Kr = L
with Ki = Ki1 (i ) and in Ki1 . Let M/L be a splitting field extension of
X n 1, and let M be a primitive n-th root of unity.
Note that L/K and K()/K are both Galois, so their compositum L() = M is
Galois over K by Theorem 10.10. By the Galois Correspondence we know that
Gal(M/K()) is a normal subgroup of Gal(M/K) with quotient Gal(K()/K),
and this latter group is abelian by Corollary 11.3. So, by Theorem 12.6,
Gal(M/K) is solvable if and only if Gal(M/K()) is solvable.
On the other hand, we similarly have that Gal(M/L) is a normal subgroup of
Gal(M/K) with quotient Gal(L/K). So Gal(M/K) solvable implies Gal(L/K)
solvable. Putting this together we see that Gal(M/K()) solvable implies
Gal(L/K) solvable.
Now, M = L(), so Lemma 12.1 implies that M/K() is radical of exponent n.
In fact, setting Mi := Ki (), we obtain the radical tower
K() = M0 M1 Mr = M
with Mi = Mi1 (i ) and in Mi1 . Since Mi1 contains , a primitive n-th
root of unity, we know from Proposition 11.7 that Mi /Mi1 is Galois with cyclic
Galois group (of order dividing n). It follows from the Galois Correspondence
that, setting Gi := Gal(M/Mi ), we have a subnormal series
{1} = Gr C C G1 C G0 = Gal(M/K())
with cyclic subquotients Gi1 /Gi
= Gal(Mi /Mi1 ). Hence Gal(M/K()) is a
solvable group as required.
The converse is slightly trickier, since we have not shown that each root of unity
has a radical expression. In fact, we prove this simultaneously.
Proposition 12.11. Let L/K be Galois with solvable Galois group. Then there
exists an extension M/L such that M/K is Galois and radical.
Proof. Let L/K have degree n. We shall prove by induction on n that there
exists a root of unity such that L()/K is Galois and radical. Note that the
case n = 1 is trivial.
Consider K()/K, where is a primitive n-th root of unity. We know from
Corollary 11.3 that this field extension is Galois of degree dividing (n) with
abelian Galois group. Therefore, by induction, there exists a root of unity
such that K(, )/K is Galois and radical. If is a primitive m-th root of unity,
68
then Lemma 11.4 tells us that K(, ) = K(), where is a primitive l-th root
of unity for l = lcm{m, n}.
Now let L()/L be a splitting field extension of X l 1, where is a primitive
l-th root of unity. Note that L/K and K()/K are both Galois, so their compositum L() is Galois over K by Theorem 10.10. Therefore it is enough to
prove that L()/K() is radical, since then we can concatenate radical towers
for L()/K() and K()/K to deduce that L()/K is radical.
By Theorem 10.10 once more we know that Gal(L()/K()) is isomorphic to a
subgroup of Gal(L/K), so is solvable by Theorem 12.6 and has order dividing
n. Let {1} = Gr C C G0 = Gal(L()/K()) be a subnormal series for
Gal(L()/K()) with cyclic subquotients. Let Mi be the fixed field of Gi , so
K() = M0 M1 Mr = L()
is a tower of field extensions. By the Galois Correspondence we have that
Mi /Mi1 is Galois with Galois group Gi1 /Gi , so cyclic of order dividing n.
Since Mi1 contains a primitive n-th root of unity, we can apply Proposition 11.6
to get that Mi = Mi1 (i ) with in Mi1 . Hence L() = Mr / /M0 = K()
is a radical tower of exponent n. This proves that L()/K() is radical.
We summarise this discussion in the following theorem.
Theorem 12.12 (Galois). A Galois field extension L/K has solvable Galois
group if and only if there exists an extension M/L with M/K Galois and radical.
In particular, a polynomial f K[X] is solvable by radicals if and only if Gal(f )
is a solvable group.
Proof. The first part is immediate from the previous two propositions. For the
second, let f K[X] and let L/K be a splitting field extension of f . Then f
is solvable by radicals if and only if there exists an extension M/L such that
M/K is Galois and radical, which is equivalent to Gal(f ) = Gal(L/K) being a
solvable group.
Corollary 12.13. There exist quintic polynomials f Q[X] which are not
solvable by radicals.
Proof. We saw at the end of Section 10.2 that f = X 5 4X + 2 Q[X] is
irreducible and has Galois group Sym5 . Therefore Gal(f ) is not solvable, so f
is not solvable by radicals.
69
Chapter 13
Cubics and Quartics

In this chapter we apply the above considerations to cubic and quartic polynomials, and in so doing obtain radical expressions for their roots. In particular,
we recover Cardanos formula from Exercise Sheet 1, and motivate the constructions involved. The formula for the quartic is due to Ferrari, a student of
Cardano. We will assume throughout that K is a field of characteristic zero,
though in fact it is enough to take characteristic different from 2 or 3.
13.1
Solving the Cubic
Let f = X 3 s1 X 2 + s2 X s3 K[X] be irreducible and let i for i = 1, 2, 3 be

the roots of f in a splitting field extension L/K. Thus the si are the elementary
symmetric functions in the roots
s1 = 1 + 2 + 3 ,
s2 = 1 2 + 2 3 + 3 1 ,
s3 = 1 2 3 .
Let G Sym3 be the Galois group of f . Recall that we have the subnormal
series {1} C Alt3 C Sym3 with cyclic subquotients of degrees 3 and 2. We need
to compute the fixed field of G Alt3 . Define
Y
=
(i j ) = (12 2 + 22 3 + 32 1 ) (1 22 + 2 32 + 3 12 ),
i<j
so that the discriminant of f is

(f ) = 2 = s21 s22 4s31 s3 4s32 + 18s1 s2 s3 27s23 .
Now, () = sgn(), so G fixes if and only if it is an even permutation.
Thus G Alt3 has fixed field K(). Note that, since f is irreducible, G is a
transitive subgroup, so G Alt3 = Alt3 .
70
This also gives a criterion for the Galois group of an irreducible cubic f K[X].
Gal(f )
not in K
Sym3
in K
Alt3
In order to obtain radical expressions for the roots we need to adjoin a primitive
cube root of unity . So, from now on assume that K. Then by Proposition
11.6 we have L = K(, u) with u3 K(). In fact, if is a generator for Alt3 ,
say = (123), then (u) = u, and conversely any such u works. An obvious
choice is
u := 1 + 2 + 2 3 .
An easy calculation shows that u3 equals
(13 + 23 + 33 ) + 61 2 3 + 3(12 2 + 22 3 + 32 1 ) + 3 2 (1 22 + 2 32 + 3 12 ).
Now, using the formulae
(12 2 + 22 3 + 32 1 ) + (1 22 + 2 32 + 3 12 ) = s1 s2 3s3
(12 2 + 22 3 + 32 1 ) (1 22 + 2 32 + 3 12 ) =
as well as
13 + 23 + 33 = s31 3s1 s2 + 3s3
we can write
u3 = s31 92 s1 s2 +
+ 32 ( 2 ) = 12 ( + 3( 2 )),
where = 2s31 9s1 s2 + 27s3 . Note also that 2 = 3.

We can similarly form the sum v = 1 + 2 2 + 3 , so that
27
2 s3
v 3 = 21 ( 3( 2 ))
and
uv = s21 3s2 .
Finally we can solve for i using the three expressions

X
X
X
s1 =
i , u =
i1 i , v =
2(i1) i .
i
This gives
1 = 31 (s1 + u + v),
2 = 13 (s1 + 2 u + v),
3 = 13 (s1 + u + 2 v).
Observe that u3 and v 3 are the roots of the auxillary quadratic

X 2 X + 14 (2 + 27) K[X].
This recovers the formula from Exercise Sheet 1 when s1 = 0 (except the u and
v used there are one third of the u and v used above).
71
13.2
Solving the Quartic
Now let f = X 4 s1 X 3 + s2 X 3 s3 X + s4 K[X] be an irreducible quartic.

Let L/K be a splitting field extension and let i L for i = 1, 2, 3, 4 be the
roots of f . Let G Sym4 be the Galois group of f . Note that the si are again
the elementary symmetric functions in the roots
s1 = 1 + 2 + 3 + 4 ,
s2 = 1 2 + 1 3 + 1 4 + 2 3 + 2 4 + 3 4 ,
s3 = 1 2 3 + 1 2 4 + 1 3 4 + 2 3 4 ,
s4 = 1 2 3 4 .
Recall that Sym4 has a normal series {id} C V C Alt4 C Sym4 with abelian
subquotients. In fact, for solving the quartic, the most important subgroup is
V , since Sym4 /V
= Sym3 . Therefore the fixed field of V corresponds to the
splitting field of a cubic, called the auxillary cubic. Since V
= (Z/2Z)2 it has
three subgroups of order two, which we can then use, together with the roots of
the auxillary cubic, to obtain radical expressions for the roots.
Note that, under the isomorphism Sym4 /V
= Sym3 , the preimage of Alt3 is
Alt4 , and the preimages of the three subgroups of order two give three subgroups
of Sym4 containing V and isomorphic to D8 . These have fixed fields generated
by the individual roots of the auxillary cubic.
Fixed Fields
We want to find the fixed fields of the subgroups G V and G Alt4 . In fact,
we will also need the fixed fields for G D and G T , where
D = {id, (12), (34), (12)(34), (13)(24), (14)(23), (1324), (1423)}
= D8
and
T = {id, (12)(34)}
= Z/2Z.
Note that {1}CT CV CD is a subnormal series, with all subquotients isomorphic

to Z/2Z.
We will prove the following.
subgroup
GT
GV
GD
G Alt4
fixed field
F (1 + 2 , 1 2 )
K(a)
K()
The notation is as follows. As usual we have set

Y
X
X
3
2
2
3
=
(i j ) =
(1)
(2)
(3)
(1) (2)
(3)
,
i<j
Alt4
Alt4
so that the discriminant of f is (f ) = 2 .
72
Also, F = K(a, b, c), where

a := (1 + 2 )(3 + 4 ),
b := (1 + 3 )(2 + 4 ),
c := (1 + 4 )(2 + 3 )
are the roots of the auxillary cubic

g := X 3 2s2 X 2 + (s22 + s1 s3 4s4 )X + (s23 + s21 s4 s1 s2 s3 ) K[X].
We first compute the fixed field of G Alt4 . Note that, as before, if G, then
() = sgn(). It follows that K and Gal(L/K()) = G Alt4 .
Next consider G V . We have V = {id, (12)(34), (13)(24), (14)(23)}, so it is
natural to look at the elements a, b, c given above. We calculate that
a + b + c = 2s2 ,
ab + bc + ca = s22 + s1 s3 4s4 ,
abc = s23 s21 s4 + s1 s2 s3
so that a, b, c are indeed the roots of the auxillary cubic g.

Note that the roots a, b, c of g are all distinct (although g need not be irreducible). In fact, f and g have the same (non-zero) discriminant: for,
a b = (1 4 )(2 3 ),
b c = (1 2 )(3 4 ),
a c = (1 3 )(2 4 ),
so that
(a b)(a c)(b c) =
(i j ) = .
i<j
It follows that K(a) is the fixed field of G D. Moreover, doing this for K(b)
and K(c) and using the Galois Correspondence shows that K(a, b, c) is the fixed
field of G V .
We remark that K(a, b, c)/K is Galois, since it is the splitting field extension
of g. This reflects the fact that G V is normal in G. We immediately get
that Gal(g)
= Sym3 . Since the
= G/(G V ), which is a subgroup of Sym4 /V
preimage of Alt3 is just Alt4 it is no great surprise that f and g have the same
discriminant.
Finally consider G T . There is a slight technicality in computing the fixed
field for this subgroup, since it may be that one of 1 + 2 or 1 2 lies in F .
We begin by observing that (X 1 )(X 2 ) 6= (X 3 )(X 4 ), since they
have distinct roots. Therefore either 1 + 2 6= 3 + 4 or 1 2 6= 3 4 .
Assume that 1 + 2 6= 3 + 4 . Then 1 + 2 = i + j implies {i, j} = {1, 2},
and so K(1 + 2 ) is the fixed field of G h(12), (34)i. Thus F (1 + 2 ) is the
fixed field of G V h(12), (34)i = G T .
If instead 1 2 6= 3 4 , then we see that the fixed field of G T is F (1 2 ).
In either case, we get that the fixed field is F (1 + 2 , 1 2 ).
We remark that
s3 = s1 1 2 +
1 + 2
(s4 12 22 ).
1 2
73
In particular, if 1 2 6= 3 4 , then 1 + 2 K(1 2 ). Similarly

s3 21 s1 s2 + 81 s31 = 1 + 2 21 s1 s2 a + 21 s1 (1 + 2 12 s2 ) 21 2 ,
and recall that a = (1 + 2 )(s1 1 2 ). So, if 1 + 2 6= 3 + 4 , then
1 2 K(1 + 2 ).
These expressions seem to be new at least I could not find them in the
standard literature.
Galois Group
We can now calculate the Galois group G of f .
g K[X]
splits
irreducible
irreducible
root a
root a
in K
not in K
s21 4a,
(s2 a)2 4s4
Gal(f )
V
Alt4
Sym4
Z/4Z
D8
both in K( )
not both in K( )
Recall that G is a transitive subgroup of Sym4 , so is one of

Sym4 ,
Alt4 ,
D8 = hZ/4Z, V i,
Z/4Z,
V.
Also, we saw above that G/(G V ) = Gal(g). So, if g splits over K, then
G = GV , and hence G = V . On the other hand, if g is irreducible, then Gal(g),
and hence G, contains a 3-cycle. Since g and f have the same discriminant
= 2 , we see that either K, so Gal(g) = Alt3 and G = Alt4 , or else
6 K, so Gal(g) = Sym3 and G = Sym4 .
Finally, suppose that g has a single root a K. Then also b + c, bc K, and
= (a2 a(b + c) + bc)(b c) 6= 0. So K if and only if b c K, which
is if and only if g splits over K. By assumption this does not happen, so we
have K < K() = F . Therefore G > G Alt4 = G V . It follows that G is
either D8 or Z/4Z. Now, either 1 + 2 , 1 2 are both in K(), in which case
G T = G V and G
= Z/4Z, or else they are not both in K(), in which case
G T < G V and G
= D8 .
Note that 1 + 2 , 3 + 4 are the roots of the quadratic X 2 s1 X + a, whereas
1 2 , 3 4 are the roots of the quadratic X 2 pX + s4 . These have respective
discriminants s21 4a and (s2 a)2 4s4 , so the result follows.
74
Radical Expressions
We can also use this information to find radical expressions for the roots of f .
We already know how to solve the cubic
g = X 3 2s2 X 2 + (s22 4s4 + s1 s3 )X (s1 s2 s3 s21 s4 s23 ),
assuming thatK contains a primitive cube root of unity . We set
= 2(2s2 )3 9(2s2 )(s22 4s4 + s1 s3 ) + 27(s1 s2 s3 s21 s4 s23 )
= 2s32 27s23 27s21 s4 + 72s2 s4 + 9s1 s2 s3 .
and take
u3 = 21 ( + 3( 2 )),
v 3 = 21 ( 3( 2 ))
with
uv = (2s2 )2 3(s22 4s4 + s1 s3 ) = s22 + 12s4 3s1 s3 .
Then the roots of g are
a = 31 (2s2 + u + v),
b = 13 (2s2 + 2 u + v),
c = 31 (2s2 + u + 2 v).
This gives the field F = K(a, b, c).

There are now two possible approaches. The theory says we should take a
square root to get F (1 + 2 , 1 2 ), and then another square root to get L.
Unfortunately, due to the technicality
mentioned
above, we do not know which
p
p
square root to take, either s21 4a or (s2 a)2 4s4 .
The alternative is to take three square roots and construct F (1 +2 ), F (1 +3 )
and F (1 + 4 ). Then L is the compositum of these three fields: for example,
(1 + 2 ) + (1 + 3 ) + (1 + 4 ) = 21 + s1 .
We therefore solve the three quadratics
X 2 s1 X + a,
X 2 s1 X + b,
X 2 s1 X + c,
but making sure that the square roots of the discriminants are chosen such that
q

1 = 14 s21 a = 1 + 2 21 s1 = 12 (1 + 2 ) (3 + 4 )
q

2 = 14 s21 b = 1 + 3 21 s1 = 12 (1 + 3 ) (2 + 4 )
q

3 = 14 s21 c = 1 + 4 21 s1 = 12 (1 + 4 ) (2 + 3 ) .
Note that, after relabelling the roots i , we may assume that 2 , 3 are in the
correct form. Then
2 3 = s2 a + 21 s1 (1 + 2 21 ) 21 2 ,
75
so (by our earlier computation relating 1 + 2 and 1 2 ) the assumption on

the i is equivalent to the compatibility condition
1 2 3 = s3 21 s1 s2 + 18 s31 .
This in effect says that we only need take two square roots, since the third can
then be obtained using this expression. Having done this we can solve for 1 :
21 = 12 s1 + 1 + 2 + 3 .
Summary
In summary, given a quartic
f = X 4 s1 X 3 + s2 X 2 s3 X + s4 K[X],
where K contains a primitive cube root of unity, we solve the auxillary cubic
g = X 3 2s2 X 2 + (s22 + s1 s3 4s4 )X + (s23 + s21 s4 s1 s2 s3 )
to get the roots a, b, c. We then take square roots
q
q
q
1 = 14 s21 a, 2 = 14 s21 b, 3 = 14 s21 c
with signs chosen such that
1 2 3 = s3 21 s1 s2 + 18 s31 .
The roots of f are then given by
21 = 21 s1 + 1 + 2 + 3
23 = 21 s1 1 + 2 3
22 = 21 s1 + 1 2 3
24 = 21 s1 1 2 + 3 .
Biquadratic Polynomials
As a special case, consider a biquadratic polynomial1
f = X 4 + s2 X 2 + s4 K[X].
When f is irreducible we have the following possibilities for Gal(f ).
if s4 is a square in K
V
Gal(f )
= Z/4Z if s4 (s22 4s4 ) is a square in K
otherwise
D8
1 This is standard terminology, but a biquadratic extension is not a splitting field extension
of
a general
biquadratic polynomial, but rather of two quadratic polynomials, for example
Q( 2, 3)/Q.
76
For, the auxillary polynomial is

g = X(X 2 2s2 X + (s22 4s4 )),
so g always has the root a = 0 in K, and the discriminant is = 16s4 (s22 4s4 )2 .
Therefore K if and only if s4 is a square in K, and then the splitting field
extension of g is F = K( s4 ) = F (). Finally, s21 4a = 0, so we only need ask
2
whether s2 4s4 is a square in K( s4 ). Note here that since f is irreducible,
2
s2 4s4 is not a square in K.
We can now apply the previous criterion. If s4 is a square in K, then g splits
over K and G = V . Assume a = 0 is the only root of g in K. Then G = Z/4Z
if and only if s22 4s4 is a square in K( s4 ), otherwise G = D8 .
Finally, s22 4s4 is a square in K( s4 ) if and only if s4 (s22 4s4 ) is a square in
K. For, assume that s22 4s4 = (x + y s4 )2 with x, y K. Multiplying out

and equating coefficients gives that xy = 0. Since s22 4s4 is not a square in K,
we cannot have y = 0. Therefore x = 0 and s4 (s22 4s4 ) = (s4 y)2 is a square
in K. Conversely, suppose that s4 (s22 4s4 ) is a square in K. Since s22 4s4 is
not a square in K, neither is s4 , but then s22 4s4 is a square in K( s4 ).
77
Chapter 14
Algebraically Closed Fields

This chapter is non-examinable, and is included only for completeness.
A field L is called algebraically closed if every non-constant polynomial f has
a root in L. In other words, the only irreducible polynomials are those of degree
one. An algebraic closure of K is an algebraic field extension L/K with L
algebraically closed.
Algebraic closures are special cases of normal field extensions, or of splitting
field extensions.
Lemma 14.1. L is an algebraic closure of K if and only if if is the splitting
field extension for the set of all polynomials in K[X].
Proof. Let L be an algebraic closure of K and take f K[X] non-constant.
Then f factorises over L as a product of degree one polynomials; in other
words, f splits over L. It follows that L/K contains a unique intermediate field
F which is a splitting field extension for the set of all polynomials in K[X].
For, we can take the intersection over all such intermediate fields. Since L/K
is algebraic, if L \ F , then the minimal polynomial m/K cannot split over
F , a contradiction. Thus L = F .
Conversely, let L/K be a splitting field extension for the set of all polynomials
in K[X]. Then L/K is necessarily generated by the set of all roots of all polynomials in K[X], all of which are algebraic elements, so L/K is algebraic. Now
take f L[X] and let be a root of f in some extension of L. Then, by the
transitivity of algebraic extensions, Exercsie Sheet 7, Question 2, we know that
is algebraic over K. By assumption m/K K[X] splits over L, so L.
Therefore L is algebraically closed.
Having made this connection, we can try and prove the existence and uniqueness
of algebraic closures. As is often the case, we will need to replace the induction
proof of Theorem 8.2 with an application of Zorns Lemma.
78
Before we begin, we make a further observation, which will simplify considerably

the construction of an algebraic closure.
Proposition 14.2. Let L/K be algebraic. If every f K[X] has a root in L,
then L is algebraically closed.
Proof. Take f L[X] and let be a root of f in some field extension of L. By
the transitivity of algebraic extensions, is algebraic over K, say with minimal
polynomial m. Let L0 /L be a splitting field extension of m, and let M L0
be the splitting field extension of m over K. We want to show that M L, so
that in particular L.
We know that M/K is finite and normal, so we can use the results from Exercise
Sheet 7, Question 7; that is, let E = M sep/K and let F = M Gal(M/K) . Then
both E/K and M/F are Galois, with isomorphic Galois groups, and both M/E
and F/K are purely inseparable. Finally, M = EF is the compositum of E and
F . Therefore, it is enough to show that both E and F are subfields of L.
Since E/K is Galois, it is simple by Corollary 10.7, say E = K(). Then
E = K( 0 ) for any root 0 of m/K , and by assumption L contains a root of
m/K . This proves that E L.
Since F/K is purely inseparable, if F , then m/K = X q q where q = pn
is a power of the characteristic (or q = 1 in characteristic zero). This polynomial
has a unique root, namely , so again our assumption on L implies that L.
It follows that F L.
Theorem 14.3 (Existence of Algebraic Closures). Every field K has an algebraic closure.
Proof. For each non-constant polynomial f K[X] we take an indeterminate
Xf and form the ring R := K[{Xf : f K[X] \ K}]. (In fact, it is enough to
take just the monic irreducible polynomials.) Consider the ideal I CR generated
by the elements f (Xf ) R.
We claim that I is a proper ideal, and hence is contained in a maximal ideal
J C R by Theorem B.3 (which uses Zorns Lemma).
It will follow that L := R/J is a field extension of K generated by the images
xf of the Xf . Since f (Xf ) I we have f (xf ) = 0 in L, so each xf is algebraic
over K and hence L/K is algebraic. Finally, each non-constant polynomial
f K[X] has a root in L, namely xf . Therefore, by the previous proposition,
L is an algebraic closure of K.
It remains to prove the claim. If I is not proper, then it contains the identity,
so we can write 1 = g1 f1 (Xf1 ) + + gn fn (Xfn ) for some distinct non-constant
polynomials fi K[X] and some elements gi R. Now, each gj uses only
finitely many variables, so the expression above only uses finitely many variables,
say X1 , . . .P
, Xm with the convention that Xi = Xfi for 1 i n. We can now
n
write 1 = i=1 gi (X1 , . . . , Xm )fi (Xi ) K[X1 , . . . , Xm ].
79
Let E/K be a finite extension in which each fi has a root, say fi (i ) = 0. Set
i = 0 for n < i
Pm. Applying the evaluation map K[X1 , . . . , Xm ] E,
Xi 7 i , give 1 = i gi (1 , . . . , m )fi (i ) = 0 in E, a contradiction. Thus I
is a proper ideal and the claim is proved.
Before we continue, recall from Exercise Sheet 5, Question 7, that if L/K is
transcendental, then there exist K-endomorphisms of L which are not automorphisms. We now show that this cannot happen when L/K is algebraic.
Proposition 14.4. Let L/K be algebraic and let be a K-endomorphism of
L. Then is a K-automorphism.
Proof. Since is necessarily injective, we just need to show that is surjective.
It will follow that 1 is a K-embedding, and hence that is K-automorphism.
Let L, say with minimal polynomial m = m/K . Let = 1 , . . . , n be the
distinct roots of m in L. (Note: we are not assuming that m splits over L, or
that it is separable.) Since (m) = m, we know that (i ) is again a root of m,
so (i ) {1 , . . . , n }. Since is injective, it induces an injective map from
{1 , . . . , n } to itself, which is necessarily a bijection. Thus each i lies in the
image of . In particular, (L), so is surjective.
Theorem 14.5 (Uniqueness of Algebraic Closures). Let : K

K 0 be a field
0
isomorphism, let L/K be algebraic, and let L be an algebraic closure of K 0 .
Then there exists a field embedding : L L0 extending .
Moreover, if L is algebraically closed, then is an isomorphism.
Proof. To prove the existence of we shall use Zorns Lemma.
Let S denote the set of all pairs (F, ) such that F is an intermediate field of
L/K and : F L0 is a field embedding extending . We endow S with a
partial order by setting (E, ) (F, ) if E F and extends . Clearly S is
non-empty, since it contains (K, ). Moreover, every chain
S has an upper bound.
For, if {(Fi , i )} is a totally ordered subset, then F := i Fi is an intermediate
field of L/K and we can define : F L0 by setting () = i () for any i
such that Fi . Then (F, ) is an upper bound for the chain {(Fi , i )}.
By Zorns Lemma, S contains a maximal element (F, ). We claim that F =
L. Otherwise, let L \ F . Then is algebraic over F , say with minimal
polynomial m = m/F . Now (m) L0 [X] has a root 0 L0 since L0 is
algebraically closed. Therefore, by Artins Extension Theorem, we can extend
to a field embedding : F () L0 via 7 0 . Thus (F, ) < (F (), ),
contradicting the maximality of (F, ). Therefore F = L and there exists a field
embedding : L L0 extending .
Now suppose that L is an algebraic closure of K. Then we have a field embedding
: L L0 extending , and a field embedding : L0 L extending 1 . It
follows that is a K 0 -endomorphism of L0 , so an automorphism by the previous
proposition. In particular, is surjective, and hence an isomorphism.
80
Since all algebraic closures of K are isomorphic, it is common to fix one of them
and denote it by K.
By the transitivity of algebraic extensions, it is easy to see that if L/K is a field
extension with L algebraically closed, then K = Lalg/K is an algebraic closure
of K. For example, since C is algebraically closed, we have Q = Calg/Q .
Another useful corollary concerns splitting field extensions of arbitrary subsets
S K[X].
Corollary 14.6. Let S K[X] be an arbitrary subset. Then a splitting field
extension of S over K exists, and is unique up to isomorphism.
Proof. Let K be an algebraic closure of K. Then each f S splits over K, so
there is a unique intermediate field L, minimal with respect to this property.
For, as usual, we take the intersection over all such intermediate fields.
0
If : K
K 0 is a field isomorphism and K an algebraic closure of K 0 , then
0
K extending . Now, there is a

there exists a field isomorphism : K
0
unique splitting field extension L0 of S 0 := (S) inside K . Since (L) is also a
splitting field extension of S 0 we must have that (L) = L0 . In other words,
L 0
restricts to an isomorphism L
extending .
Using this we see that many results actually extend from the finite case to the
algebraic case. For example, normal field extensions are the same as splitting
field extensions, and normal closures of algebraic extensions always exist.
81
Chapter 15
Selected Topics
15.1
The Normal Basis Theorem
The Normal Basis Theorem is due to Hensel (1888) in the case of finite fields,
and Noether (1932) and Deuring (1933) for general Galois extensions. It states
that for a Galois extension L/K, there is a K-basis of L given by a single orbit
{() : Gal(L/K)} of the Galois group.
This basis has applications to cryptography, since it is easy to manipulate and
is computationally very efficient.
Theorem 15.1 (Normal Basis). Let L/K be Galois. Then there exists an
element L such that the set {() : Gal(L/K)} is a K-basis for L,
called a normal basis.
We shall split the proof into two cases: when the field is infinite, or when the
Galois group is cyclic (which includes all finite fields).
15.1.1
Proof for infinite fields
Recall that, for an irreducible polynomial f K[X] with roots 1 , . . . , n , we

n Q
have the discriminant (f ) := (1)( 2 ) i6=j (i j ). We can generalise this
notion as follows.
Let L/K be a Galois extension with Galois group G = {1 , . . . , n }. For
{1 , . . . , n } L we define

(1 , . . . , n ) := det TrL
K (i j ) K.
We observe that we can rewrite this as follows. Set

A := i (j ) Mn (L).
82
Then
At A =

i (i j ) = TrL
K (i j ) Mn (K),
using that
TrL
K =
i ,
as shown in Proposition 15.9. Therefore

(1 , . . . , n ) = det(A)2 .
This definition generalises the discriminant for f . For, let L/K be the splitting
field of f and let 1 , . . . , n be the roots of f in L. We may assume that the
Galois group acts via i (1 ) = i . Therefore, using the subset {1, 1 , . . . , 1n1 },
we obtain as above that

A := i (1j1 ) = ij1 .
This is a Van der Monde matrix, so
Y
det(A) =
(i j ), whence (1, 1 , . . . , 1n1 ) = det(A)2 = (f ).
i>j
Proposition 15.2. Let L/K be Galois. Then {1 , . . . , n } is a K-basis for L

if and only if (1 , . . . , n ) 6= 0.
Proof. Let Gal(L/K) = {i } and set A := (i (j )) as before. Then A is nonsingular if and only if (1 , . . . , n ) 6= 0.
Suppose first that APis singular. Then there exists i L such that (i )A = 0,
for all j. If the
or in other words, i i i (j ) = 0 P
Pj were a K-basis, then
.
Then
for
any
L
we
could
write
=
j
j
j
i i i () = 0, so that
P
Linear
Independence
of
Characters.
Hence the
=
0,
contradicting
the
i
i
i
i do not form a K-basis of L.
Conversely, suppose
P that A is non-singular. Then the i are linearly independent
over
K.
For,
if
j j j = 0 for some j K, then applying i yields that
P
j i (j )j = 0 for all i. Therefore A(i ) = 0. Since A is non-singular, we
deduce that j = 0 for all i.
We can now prove the Normal Basis Theorem for infinite fields.
Let L/K be Galois with Galois group Gal(L/K) = {i }. By the Primitive
Element Theorem, we can write L = K().
Set f K[X] to be the minimal
Q
polynomial of . Over L we have f = i (X i ()), by Proposition 15.9. For
convenience we assume that 1 = id and 1 = , and write i = i ().
The idea is now to use the Chinese Remainder Theorem to obtain
L[X]/(f )
= Ln ,
X 7 (1 , . . . , n )
83
where n := deg(f ) = [L : K].
In particular, we have a complete set of pairwise orthogonal idempotents in Ln

given by ei having 1 in place i and 0 elsewhere.
More explicitly, set
gi :=
Y X j
.
i j
j6=i
Then clearly gi (j ) = 0 for i 6= j and gi (i ) = 1 (so that gi 7 ei Ln ). Note

also that i (g1 ) = gi . Furthermore, if i 6= j, then each l is a root of ghi gj , so
f divides gi gj in L[X] (corresponding
to ei ej = 0 for i 6= j in Ln ). Finally,
P
P we
have the polynomial identity i gi = 1 in L[X] (corresponding to 1 = i ei in
Ln ). For, the left hand side is a polynomial of degree at most n 1, and takes
the value 1 at each l ; therefore it is identically 1.
P
Thus, in L[X], we have gi gj 0 mod f for i 6= j, and gj = i gi gj gj2 mod f .
From this we obtain that, in K[X], we have TrL
K (gi gj ) 0 mod f for i 6= j and
L
L
2
TrK (gi ) TrK (gi ) = 1 mod f . This yields the polynomial identity

(gi ) = det TrL
K (gi gj ) 1 mod f,
since the off-diagonal entries vanish, and the diagonal entries are all 1.
We can now define a polynomial h K[X] via h(X) = (gi ). As a polynomial,
this is non-zero, since it is congruent to 1 modulo f . Since K is an infinite field,
there exists some K such that h() 6= 0 (and h() = (gi ())). Setting
:= g1 (), we have gi () = i (), and hence (i ()) = h() 6= 0. By the
previous Proposition, we deduce that {i ()} is a normal basis for L/K.
As a simple example, consider Q(i)/Q. Then f = X 2 + 1, and g1 =
and g2 = 1
2i (X i). Hence
1
2i (X
+ i)
1
1
1
Tr(g12 ) = Tr(X 2 + 2iX 1) = (X 2 1) = 1 f.
4
2
2
Similarly
1
Tr(g22 ) = 1 f
2
and Tr(g1 g2 ) =
1
f,
2
so that

h(X) = det Tr(gi gj ) = 1 f = X 2 .
1
( + i), 1
The result then says that {g1 (), g2 ()} = { 2i
2i ( i)} is a Q-basis if
and only if 6= 0.
15.1.2
Proof for cyclic Galois groups
Let Gal(L/K) be a generator for the Galois group. We observe that any
normal basis for L/K is of the form {, (), . . . , n1 ()}, where n = [L : K].
Recall that L is a K-vector space of dimension n and that is a K-linear endomorphism of L. In particular, we can talk about the characteristic polynomial
84
of , and also its minimal polynomial m. Clearly n = 1, so that the minimal

polynomial m divides X n 1. On the other hand, by the Linear Independence
of Characters, we know that 1, , . . . , n1 are linearly independent, so that
does not satisfy any polynomial relation of degree less then n. Since [L : K] = n
we deduce that m = = X n 1.
The normal basis theorem therefore follows from the a general result in linear
algebra. Let V be a K-vector space of dimension n and let S EndK (V ).
A cyclic vector for S is a vector v V such that {v, S(v), , S n1 (v)} is a
K-basis of V .
Theorem 15.3. The endomorphism S has a cyclic vector if and only if its
minimal polynomial equals its characteristic polynomial.
The proof of this is essentially a special case of the rational normal form for
matrices. (The rational normal form is a generalisation of the Jordan normal
form which works for arbitrary fields, not just algebraically closed fields.) Our
approach will be via polynomials.
Let = pr11 prss be the characteristic polynomial of S, where pi K[X] are
pairwise coprime, monic irreducible polynomials. Again, the Chinese Remainder
Theorem tells us that
K[X]/()
= K[X]/(pr11 ) K[X]/(prss ).
We again have a complete set of pairwise orthogonal idempotents ei having 1
in the i-th factor and 0 elsewhere.
Explicitly, set
Y r
pj j = m/pri i .
fi :=
j6=i
P
Then gcd(f1 , . . . , fs ) = 1, so there exist gP
i with
i gi fi = 1. We observe
that divides fi fj for i 6= j. Hence fj = i gi fi fj gj fj2 mod (), so that
(gi fi )2 gi fi mod (). In summary,
Pi := gi fi ,
Pi Pj 0 mod () for i 6= j,
Pi2 Pi mod ().
(Thus Pi
7 ei .)
Set Pi := Pi (S) = gi (S)fi (S). By the Cayley-Hamilton Theorem, we know that
(S) = 0 on V . Thus
X
Pi2 = Pi , Pi Pj = 0 for i 6= j, and
Pi = id.
i
Using this we can write

V =
Vi ,
where
85
Vi = Im(Pi ).
P
For, we know that v = i Pi (v). On the other hand, if Pi (v) = Pj (w) for some
v, w V and some i 6= j, then Pj (w) = Pj2 (w) = Pj Pi (v) = 0. This shows that
the sum is direct.
Note that Vi = Ker(pi (S)ri ), so that the Vi are generalised eigenspaces. For,
if v = Pi (w) Vi , then since pri i fi = , we have pi (S)ri Pi P
= 0, so v
Ker(pi (S)ri ). Conversely, if pi (S)ri (v) = 0, then writing v =
j Pj (v) and
using that pri i divides fj for i 6= j, we see that Pj (v) = 0 for all j 6= i. Hence
v = Pi (v) Vi .
Next we note that each Vi is S-invariant; i.e. if v Vi , then S(v) Vi . For,
Pi S = SPi , which follows from the fact that Pi = gi (S)fi (S) is a polynomial in S. Therefore S can be represented as a block diagonal matrix S =
diag(S1 , . . . , Ss ), where Si represents the induced action of S on Vi .
We can now reduce to the case when V P
= Vi for some i. For, if vi Vi is a
cyclic vector for Si for each i, then v = i vi V is a cyclic vector for S. To
see this, we just note that vi = Pi (v) W := Span{v, S(v), S 2 (v), . . .}. Thus
Vi W for each i, whence W = V . Also, the characteristic polynomial i of Si
on Vi is just pri i , whereas if the minimal polynomial of S equals m = pa1 1 pas s
with 1 ai ri , then the minimal polynomial mi of Si equals mi = pai i . So
m = if and only if ai = ri for all i, which is if and only if mi = i for all i.
Therefore it is enough to prove the result when = pr for some monic irreducible
polynomial p.
Suppose first that m 6= . Then for each vector v V the subspace W :=
Span{v, S(v), S 2 (v), . . .} has dimension at most deg(m) < deg() = dim V .
Therefore V cannot have a cyclic vector. (As a trivial example, think of S = id,
which has minimal polynomial X 1 and characteristic polynomial (X 1)n .
If n 2, then S does not have a cyclic vector.)
Now suppose that m = , and consider pr1 . By definition, p(S)r1 6= 0, so
there exists v V such that p(S)r1 (v) 6= 0. We claim that such a vector
is a cyclic vector for S. Again, set W := Span{v, S(v), S 2 (v), . . .}. We know
that W V is an S-invariant subspace. It follows from the First Isomorphism
Theorem that S induces an action on the quotient V /W . In particular, we can
represent S as an upper-triangular block matrix

S1 S3
S=
, where S1 = S|W EndK (W ), S3 = S EndK (V /W ).
0 S2
Therefore = 1 2 , where i is the characteristic polynomial of Si . (We have
already mentioned this fact in the Remark following Theorem 15.4 about the
norm and trace.) Since = pr is a power of an irreducible polynomial, we deduce
that 1 = pa for some 1 a r. By the Cayley-Hamilton Theorem once more,
we know that p(S)a = 0 on W , whereas by construction p(S)r1 (v) 6= 0. Thus
a r, so that a = r and dim W = deg(pr ) = dim V , so that V = W .
This completes the proof of Theorem 15.3, and hence the proof of the Normal
Basis Theorem when the Galois group is cyclic.
86
15.2
The Norm and Trace
Let L/K be a finite field extension and L. Then multiplication by

induces a K-linear endomorphism A of L. The Cayley-Hamilton Theorem says
that every endomorphism satisfies its own characteristic equation A (X) =
det(X A) K[X]; that is, A (A) is the zero-map on L. We observe that
Ar () = r for all L, so that A (A) acts on L as multiplication by A ().
Therefore is a root of the polynomial A (X).
Note that the characteristic polynomial A (X) is a monic polynomial and is
independent of the choice of basis, so depends only on and L/K. We denote
it by L
/K and call it the field equation of /K with respect to L.
Theorem 15.4. Let L/k be a finite field extension and let L. Then
k()
/k = m/k
and
[L:k()]
L
.
/k = (m/k )
Proof. Suppose first that L = k(). Since is a root of the polynomial L

/k ,
we know that m/k divides L
.
Since
they
are
both
monic
polynomials
of
/k
degree [k() : k], they must be equal. This proves the first result.
Now let K = k() (or more generally any subfield of L containing k()). Let
{ui }i be a K-basis of L and {vp }p a k-basis of K. Then {ui vp }(i,p) is a k-basis
of L. Let A : L L and B : K K be the k-linear maps corresponding to
multiplication by . Let B = (bpq ) be the matrix with respect to {vp } and
A = (aipjq ) the matrix with respect to {ui vp }. Then
X
X
bpq uj vp .
aipjq ui vp = uj vq = uj vq =
p
i,p
Hence aipjq = ij bpq , so A can be written in block-diagonal form, with [L : K]

copies of B on the diagonal. This proves the second statement.
Remark. A different proof can be constructed using the following general result
from linear algebra: if V is a k-vector space, A : V V a k-linear endomorphism
of V and U V a subspace such that A(U ) U , then A induces endomorphisms
B : U U and C : V /U V /U . Choosing a basis for U and extending to a
basis for V , we can write the matrix for A in block form, with the matrices for
B and C on the diagonal, and zero in the bottom left corner. Thus A = B C .
Let L/K be a finite field extension, L and A the K-linear automorphism
of L induced by multiplication by . We define the norm of in L/K to be
L
NK
() := det(A) and the trace of in L/K to be TrL
K () := Tr(A).
Proposition 15.5. Let L/K be a finite field extension and , L. Then
L
1. NK
: L K is a group homomorphism between multiplicative groups.
L
L
L
In particular, NK
() = NK
()NK
().
87
2. TrL
K : L K is a group homomorphism between additive groups. In parL
L
ticular, TrL
K ( + ) = TrK () + TrK ().
Proof. Let A and B be the K-linear automorphisms of L induced by multiplication by and respectively. Then AB corresponds to multiplication by ,
so
L
L
L
NK
() = det(AB) = det(A) det(B) = NK
()NK
().
L
If L is non-zero, then A is invertible, so that NK
() = det(A) 6= 0. If
L
L
= 1, then A = idL so that NK (1) = 1. This shows that NK
: L K is a
group homomorphism.
Similarly, A + B corresponds to multiplication by + , so
L
L
TrL
K ( + ) = Tr(A + B) = Tr(A) + Tr(B) = TrK () + TrK ().
L
If = 0, then A = 0 so TrL
K (0) = 0. Thus TrK : L K is a group homomorphism.
Theorem 15.6. Let L/K/k be finite field extensions. Then

L
NkL = NkK NK
and
K
L
TrL
k = Trk TrK .
A proof of this is outlined in the exercises, although we will provide a different

proof later on using Galois Theory in the special case when L/k is separable.
15.3
Norm and Trace Revisited
In this section we relate the minimal polynomial and the field equation of an
element to its conjugates (). This is often easier to work with than the
original definition.
We begin with a useful observation, which generalises Theorem ?? (6). Let
L/K be finite, with normal closure M/L. Let E denote the set of K-embeddings
L M . We let Gal(M/K) act (on the left) on E via : L M , x 7 ( (x)).
Note that id = |L .
Proposition 15.7. Gal(M/K) acts transitively on E, and the stabiliser of id
E equals Gal(M/L). In particular, the map Gal(M/K) E, 7 |L induces
a natural bijection between the cosets of Gal(M/L) in Gal(M/K) and E.
Proof. Let E. By Theorem ??, we can extend to Gal(M/K). In
particular, id = |L = , so Gal(M/K) acts transitively on E. Clearly
id = id if and only if Gal(M/L), so by the Orbit-Stabiliser Theorem the
map 7 id = |L induces a bijection between the cosets of Gal(M/L) in
Gal(M/K) and E as required.
88
We observe that the number |E| of distinct K-embeddings L M equals the

index of Gal(M/L) in Gal(M/K). If L/K is separable, then M/K is Galois, so
|E| = [L : K] by the Fundamental Theorem of Galois Theory. This proves the
next corollary.
Corollary 15.8. Let L/K be finite and separable, with normal closure M/L.
Then there are precisely [L : K] distinct K-embeddings L M .
[In fact, this has a converse: L/K is separable if and only if there are precisely
[L : K] distinct K-emebddings L M . This leads some authors define L/K
to be separable if there are [L : K] distinct K-embeddings L M .]
Proposition 15.9. Let L/K be finite and separable, with normal closure M/L.
Let 1 , . . . , n be the distinct K-embeddings L M . Then for L we have

L
/K = X 1 () X n () .
In particular,
L
NK
() =
j ()
and
TrL
K () =
j ().
Proof. Let M/K be Galois, say with Galois group G := Gal(M/K). For an
intermediate field L let 1 , . . . , n be the distinct K-embeddings L M . We
know that n = [L : K] by Corollary 15.8. For L define
L
f/K
:=
n
Y

X i () .
i=1
L
We wish to show that f/K
= L
/K for all L and all L.
We observe that
M
f/K
=

X () ,
whereas by Artins Extension Theorem

K()
f/K = m/K ,
since the distinct K-embeddings K() M are in bijection with the roots of
m/K .
[M :L]
M
L
= f/K
.
For L we can apply Proposition 15.7 to deduce that f/K
For, the value of () depends only on the restriction |L . In particular, for
[M :K()]
M
M
L = K() we have f/K
= m/K
, so f/K
= M
/K by Theorem 15.4.
From this it follows that
[M :L]
[M :L]
M
L
L
= M
.
/K = f/K = f/K
/K
L
Therefore L
/K = f/K by unique factorisation in L[X].
n
n1
By definition, if L
+ + (1)n an , then TrL
K () = a1 and
/K = X a1 X
L
NK () = an .
89
P
Q
Note that, by Proposition 15.7, j j () and j j () are fixed by Gal(M/K),
P
so these elements really do lie in K. Also, we may write TrL
K =
j j as a linear
combination of the characters j .
As promised, we can now prove transitivity of norm and trace for separable
extensions.
Theorem 15.10. Let L/K/k be finite, separable extensions. Then for L
we have

K
L
L
NkL () = NkK NK
()
TrL
k () = Trk TrK () .
Proof. Let M/L be the normal closure of L/K and consider the chain of subgroups Gal(M/L) Gal(M/K) Gal(M/k). Let j be coset representatives
of Gal(M/L) in Gal(M/K), and let i be coset representatives of Gal(M/K) in
Gal(M/k). Thus 1 i [K : k] and 1 j [L : K].
We claim that the i j are coset representatives for Gal(M/L) in Gal(M/k).
[This is actually quite general, applying to all finite groups.] For, suppose
i j = r s . We know that j Gal(M/L) Gal(M/K). Since the i Gal(M/K)
are distinct inside Gal(M/k), we must therefore have i = r. Then since the
j Gal(M/L) are distinct in Gal(M/K), we must have j = s. Therefore the
i j represent distinct cosets. Since there are [L : K][K : k] = [L : K] of them,
we are done.
Now, using Proposition 15.7, we can write
Y
Y
Y
Y
L
(i j )() = NkL (),
NkK NK
() =
i
j () =
i j () =
i
i,j
i,j
and similarly for Tr.
15.4
Infinite Galois Extensions
In general we call a field extension L/K Galois provided it is normal and separable. Then Gal(L/K) is a profinite group, which we endow with the (Krull) topology. The Fundamental Theorem of Galois Theory then describes a inclusionreversing bijection between the lattice of intermediate fields and the lattice of
closed subgroups of Gal(L/K).
15.5
Theorems of Frobenius and Tchebotarev
Take f Z[X] be monic and irreducible of degree n and let G = Gal(f ) be the
Galois group of f over Q. As usual we can view G as a subgroup of Symn .
Frobeniuss Theorem states that if p is a prime and f Fp [X]
P factorises as a
product of irreducible polynomials of degrees d1 , d2 , . . . (with i di = n), then
90
G contains an element of cycle type (d1 , d2 , . . .). This is proved using algebraic number theory, and requires lifting the Frobenius homomorphism (which
necessarily has this cycle type) to an element of the Galois group G.
Much harder is Tchebotarevs
Theorem, which states that, given a set of numP
bers d1 , d2 , . . . with i di = n, the frequency with which these numbers occur
as the degrees of the irreducibles in the factorisation modulo p as we take a
larger and larger number of primes p coincides with the proportion of elements
of G which have this cycle type.
A special case is given by considering f = X 2 q for a prime number q. Then
G = Z/2Z, so half its elements have cycle type (2), and the other half have cycle
type (1, 1).

Now, modulo p, either f is irreducible, which is if and only if pq = 1, or
else f factorises as a product of two linear polynomials, which is if and only if
q
p = 1.
Suppose for simplicity
that
q 1 mod 4. then by the Law of Quadratic Reciprocity we have pq = pq . Then Tchebotarevs Theorem reduces to the statement that, as we take larger and larger numbers of primes, approximately half
of them are quadratic residues modulo q.
Now, the weaker version of Dedekinds Theorem on primes in arithmetical progressions says that for each 1 a < q, there are infinitely many primes p
congruent to a modulo q. The stronger version of this theorem then states that,
as we take larger and larger numbers of primes p, they are approximately evenly
distributed between the different residue classes, so that approximately 1/(q 1)
primes are congruent modulo q to any give a (with gcd{a, q} = 1). Since there
are as many quadratic residues as there are non-residues, we finally obtain this
special case of Tchebotarevs Theorem.
The same ideas can be used to prove the result for a general quadratic extension
of Q, so taking f = X 2 d for an arbitrary non-square integer d.
91
Appendix A
Background
This is a summary of some background material about groups and rings.
A.1
Groups
A group is a set G together with a map G G G, (a, b) 7 a b, called the

group law, satisfying
associative a (b c) = (a b) c for all a, b, c G.
unital there exists e G with e a = a = a e for all a G.
admits inverses for each a G there exists b G with a b = e = b a.
The cardinality |G| is called the order of the group.
We often write the group law as multiplication, so we write ab instead of a b,
1 for the unit, and a1 for the inverse of a.
A group is called abelian, or commutative, provided ab = ba for all a, b G.
In this case we sometimes write the group law as addition, so we write a + b
instead of a b, 0 for the unit, and a for the inverse of a.
A subset H G is a subgroup, denoted H G, provided it is
non-empty e H.
closed under multiplication ab H for all a, b H.
closed under inverses a H implies a1 H.
It follows that the group law on G restricts to a group law on H, so that H is
itself a group.
Clearly G is a subgroup of itself; all other subgroups are called proper. The
subset {e} is always a subgroup, called the trivial subgroup.
Let H G be a subgroup. We define an equivalence relation on G by setting
a b if a1 b H. The equivalence classes aH := {ah : h H} are called the
left cosets of H. The set of all left cosets is denoted (G : H); its cardinality
is denoted [G : H] and called the index of H in G. A complete set of coset
92
representatives is a subset S G such that the cosets aH for a S are

distinct, and every coset is of this form.
Theorem A.1 (Lagrange). Let H G be a subgroup and let a G. Then the
map H aH, h 7 ah is a bijection. It follows that [G : H] = |G|/|H|.
If H, H 0 G are subgroups, then so too is their intersection H H 0 . It follows
that there is a smallest subgroup of G containing any given subset A G, called
the subgroup generated by A and denoted hAi; for we can define it to be the
intersection of all subgroups of G containing A. In particular the subgroups of
G form a lattice with respect to inclusions.
As a special case we have the subgroup hai generated by a single element, called
a cyclic subgroup. The order of an element a G is the order of the subgroup
it generates.
If H G is a subgroup and a G, then aHa1 = {aha1 : h H} is again a
subgroup of G, called a conjugate of H. We call a subgroup normal, denoted
H C G, provided that it is equal to all of its conjugates; that is, aHa1 = H for
all a G, or equivalently aH = Ha for all a G.
For a normal subgroup H C G we can define a group law on the set of cosets
(G : H) via aH bH := abH. The resulting group is denoted G/H and called
the quotient group of G by H.
A map f : G G0 between groups is called a group homomorphism provided
that it
respects the multiplication f (ab) = f (a)f (b) for all a, b G.
preserves the unit f (1) = 1.
The image Im(f ) := {f (a) G0 : a G} of f is a subgroup of G0 ; conversely, if H G is a subgroup, then the inclusion map : H , G is a group
homomorphism.
The kernel Ker(f ) := {a G : f (a) = 1} of f is a normal subgroup of G;
conversely, if N C G is normal, then the canonical map : G G/N is a group
homomorphism.
If g : G0 G00 is another group homomorphism, then the composition gf : G
G00 is again a group homomorphism. We say that f is an isomorphism provided
that there exists a group homomorphism g : G0 G such that gf = idG and
f g = idG0 .
Lemma A.2. Let f : G G0 be a group homomorphism. Then
1. f is injective if and only if Ker(f ) is trivial.
2. f is an isomorphism if and only if it is bijective.
Lemma A.3 (Factor Lemma). Let N C G be a normal subgroup. Then the
set of group homomorphisms G/N G0 is in bijection with the set of group
homomorphisms f : G G0 with N Ker(f ).
93
Theorem A.4 (Isomorphism Theorems).

1. Let f : G G0 be a group ho
momorphism. Then f induces an isomorphism G/ Ker(f )
Im(f ).
2. Let H G be a subgroup, and N C G a normal subgroup. Then HN :=
{hn : h H, n N } is a subgroup of G. Moreover, N CHN and HN CH
are normal subgroups, and there is an isomorphism H/H N

HN/N .
3. Let M, N C G be normal subgroups with M N . Then N/M C G/M is a
normal subgroup, and there is an isomorphism (G/M )/(N/M )

G/N .
Group Actions
Given a set X we can consider the set SymX of all bijections : X X. Then
SymX is a group under composition. If X = {1, . . . , n} we usually write Symn
and call this the symmetric group.
A k-cycle in Symn is a permutation of the form = (a1 a2 ak ), denoting
the function
ai 7 ai+1 for 1 i < k,
ak 7 a1 ,
all other elements fixed.
A 2-cycle is also called a transposition. There is a group homomorphism

sgn : Symn {1}, called the sign map, sending each k-cycle to (1)k1 .
The kernel Altn of the sign map is called the alternating group.
We say that a group G acts on X if there exists a group homomorphism f : G
SymX . Equivalently, we can regard this as a map G X X, (a, x) 7 ax
which is
associative
unital
a(bx) = (ab)x for all a, b G and x X.

1x = x for all x X.
It is clear that G acts on itself by left multiplication, (a, b) 7 ab. We also have
that G acts on itself by conjugation, (a, b) 7 aba1 . If H G is a subgroup,
then G acts on the set of cosets (G : H) by (a, bH) 7 abH.
The orbit of x X is the subset Orb(x) := {ax : a G} of X. The stabiliser
of x is the subgroup Stab(x) := {a G : ax = x} of G. We observe that
Stab(ax) = aStab(x)a1 , which is a conjugate of the subgroup Stab(x).
We have the following theorem, generalising Lagranges Theorem in the case of
the action of G on the set of cosets (G : H).
Theorem A.5 (Orbit-Stabiliser). Let a group G act on a set X, and let x X.
Then the map G X, a 7 ax induces a bijection (G : Stab(x))

Orb(x). It
follows that |Orb(x)||Stab(x)| = |G|.
We say that an action of G on X is faithful if the group homomorphism G
SymX is injective, which is the same as saying that if ax = x for all x X,
then a = 1. We say that the action is transitive provided that for all x, y X
there exists a G with ax = y.
94
Examples
1. The integers form an abelian group under addition. This is cyclic, generated by either 1 or 1. For each n Z we have the cyclic subgroup
hni = nZ = { , n, 0, n, 2n, }. The factor group Z/nZ has coset
representatives 0, 1, . . . , n 1.
2. The non-zero complex numbers form an abelian group under multiplication. For each n we have the cyclic subgroup n := hexp(2i/n)i =
{exp(2ik/n) : k Z}.
3. There is a group homomorphism Z n , k 7 exp(2ki/n). This is
onto with kernel nZ, so induces an isomorphism Z/nZ

n . Note
that the group law on the left is written additively, whereas it is written
multiplicatively on the right.
4. The symmetric group Symn is generated by all transpositions. The alternating group Altn is generated by all 3-cycles.
5. The set of symmetries of a geometric figure is a group with respect to
composition, and the subset of all rotations is a normal subgroup. This
fits nicely with the idea that conjugation can be thought of as a change of
point of view.
A.2
Rings
An (associative, unital) ring is a set R together with two operations RR R,

(a, b) 7 a + b (addition) and (a, b) 7 ab (multiplication), satisfying
addition R is an abelian group under addition.
multiplication the multiplication is associative and unital.
distributivity a(b + c) = ab + ac, (a + b)c = ac + bc for all a, b, c R.
A ring is called commutative provided that the multiplication is commutative.
From now on we will only consider commutative rings, and so shall simply call
them rings. A ring R is called trivial if 1 = 0, in which case R = {0}.
A subset S R is a subring, denoted S R, provided that it
additive subgroup a + b, a S for all a, b S.
contains the unit 1 S.
closed under multiplication ab S for all a, b S.
It follows that the ring structure on R restricts to a ring structure on S.
If S, S 0 R are subrings, then so too is their intersection S S 0 . It follows
that there is a smallest subring of R containing any given subset A G, called
the subring generated by A and denoted hAi; for we can define it to be the
intersection of all subrings of R containing A. In particular the subrings of R
form a lattice with respect to inclusions.
The prime subring of R is the smallest subring of R.
95
A subset I R is an ideal, denoted I C R, provided that it

additive subgroup a + b, a I for all a, b I.
closed under multiplication by R ab I for all a R and b I.
Clearly R is an ideal of itself; all other ideals are called proper. The subset
{0} is an ideal, called the trivial ideal, or zero ideal.
If I, I 0 R are ideals, then so too is their intersection I I 0 . It follows that
there is a smallest ideal of R containing any given subset A G, called the ideal
generated by A and denoted (A); for we can define it to be the intersection
of all ideals of R containing A. In particular the ideals of R form a lattice with
respect to inclusions.
As a special case we have the ideal (a) generated by a single element, called a
principal ideal.
Let I C R be an ideal. Then I is an additive subgroup, hence normal, so we can
form the quotient R/I as an additive group. We may now define a multiplication
on R/I by (a + I) (b + I) := ab + I, making R/I into a ring, called the quotient
ring of R by I.
A map f : R R0 between two rings is called a ring homomorphism provided
that it
respects the addition f (a + b) = f (a) + f (b) for all a, b R.
respects the multiplication f (ab) = f (a)f (b) for all a, b R.
preserves the zero and unit f (0) = 0 and f (1) = 1.
In particular, f is an additive group homomorphism.
The image Im(f ) := {f (a) R0 : a R} of f is a subring of R0 ; conversely, if
S R is a subring, then the inclusion map : S , R is a ring homomorphism.
The kernel Ker(f ) := {a R : f (a) = 0} of f is an ideal of R; conversely, if
I C R is an ideal, then the canonical map : R R/I is a ring homomorphism.
If g : R0 R00 is another ring homomorphism, then the composition gf : R
R00 is again a ring homomorphism. We say that f is an isomorphism provided
that there exists a ring homomorphism g : R0 R such that gf = idR and
f g = idR0 .
Lemma A.6. Let f : R R0 be a group homomorphism. Then
1. f is injective if and only if Ker(f ) is trivial.
2. f is an isomorphism if and only if it is bijective.
Lemma A.7 (Factor Lemma). Let I C R be an ideal. Then the set of ring
homomorphisms R/I R0 is in bijection with the set of ring homomorphisms
f : R R0 with I Ker(f ).
Theorem A.8 (Isomorphism Theorems).
1. Let f : R R0 be a ring ho
momorphism. Then f induces an isomorphism R/ Ker(f )
Im(f ).
2. Let S R be a subgroup, and I C R an ideal. Then S + I := {a + b : a
S, b I} is a subring of R. Moreover, I C S + I and S I C S are ideals,
and there is an isomorphism S/S I

(S + I)/I.
96
3. Let I, J C R be ideals with I J. Then J/I C R/I is an ideal, and there
is an isomorphism (R/I)/(J/I)
R/J.
Principal Ideal Domains

We write R := {a R : b R with ab = 1} for the set of units of a ring R.
Note that R is an abelian group under multiplication. We call two elements a
and b associates if they differ by a unit, so a = ub for some unit u. Equivalently
(a) = (b) as ideals.
A field is a non-trivial ring K such that every non-zero element is a unit, so
K = K \ {0}. More generally, an integral domain is a non-trivial ring R
with no zero-divisors, i.e. ab = 0 implies a = 0 or b = 0. Equivalently, R has
cancellation, so that if ax = bx for some x 6= 0, then a = b.
If R is an integral domain, then we can form the field of fractions Quot(R) of R
in exactly the same way that the field of rational numbers Q is constructed from
the ring of integers Z. We first define an equivalence relation on R (R \ {0})
by (a, b) (c, d) if ad = bc. The equivalence class of (a, b) is denoted by a/b.
We can now define a ring structure of the set Quot(R) of all equivalence classes
by
a
c
ad + bc
a c
ac
+ :=
adn
:= .
b
d
bd
b d
bd
We identify R with the subring {a/1 : a R} of Quot(R).
The field of fractions satisfies the following universal property: if R is an integral
domain, K a field, and f : R K a ring homomorphism, then there is a unique
field homomorphism f: Quot(R) K extending f ; that is, f(a/1) = f (a) for
all a R.
We say that an ideal I C R is
maximal if I is proper, and I J C R implies J = I or J = R.
prime if xy I implies x I or y I.
Proposition A.9. Let R be a ring and I C R an ideal of R. Then
1. R/I is a field if and only if I is maximal. Equivalently R is a field if and
only if (0) and R are the only ideals of R.
2. R/I is an integral domain if and only if I is prime. Equivalently R is an
integral domain if and only if (0) is prime.
3. I maximal implies I prime. Equivalently, if R is a field, then it is an
integral domain.
In particular, if f : K R is a ring homomorphism from a field K to a nontrivial ring R, then f is injective.
A principal ideal domain is an integral domain R for which every ideal is
principal, so of the form (a) for some a R.
97
Proposition A.10. The ring of integers Z is a principal ideal domain. In fact,

the ideal generated by two integers a and b equals the ideal generated by their
greatest common divisor d.
Proof. Let I C Z be a non-zero ideal, and let a > 0 be minimal such that b I.
Let b I. By the Euclidean Algorithm, there exist integers q, r with a > r 0
such that b = qa + r. Now, r = b qa I, so the minimality of a gives r = 0
and b = qa. Thus I = (a).
Let R be a non-trivial ring. Then there exists a unique ring homomorphism
f : Z R. We define the characteristic of R to be char(R) := n where
Ker(f ) = (n) and n 0.
By an analogous argument using the division algorithm, one can show that the
polynomial ring K[X] is also a principal ideal domain.
We say that an element a R divides b, written a|b, if there exists x R such
that b = ax. Equivalently, b (a), or (b) (a). Note that 1 divides every other
element, and each element divides 0.
If R is an integral domain, then a|b and b|a if and only if there exists a unit
u R such that b = au. For, there exist u, v R such that b = au and
a = bv. If b = 0 then a = 0. Otherwise, since b = buv, we have uv = 1, so that
u, v R are units.
Let R be an integral domain and a R non-zero and not a unit. We call a
prime if a|xy implies a|x or a|y.
irreducible if a = xy implies x is a unit or y is a unit.
Proposition A.11. Let R be an integral domain and a R non-zero and not
a unit.
1. a is prime if and only if (a) is a prime ideal.
2. a prime implies a irreducible. The converse holds if R is a principal ideal
domain, in which case (a) is a maximal ideal.
Proof. 1. Let a be prime and suppose that xy (a). Then a|xy, whence a|x
or a|y. In other words, x (a) or y (a), so that (a) is a prime ideal. The
converse is similar.
2. Let a be prime and suppose that a = xy. Without loss of generality a|x, so
that x = ab for some b. Now a = xy = aby, so by = 1 and y is a unit. Thus a is
irreducible.
Now suppose that R is a principal ideal domain and let a be irreducible. Suppose
that (a) (x). Then a = xy for some y, and since a is irreducible, either x is a
unit, in which case (x) = R, or else y is a unit, in which case (a) = (x). Hence
(a) is a maximal ideal.
98
Unique Factorisation Domains

An integral domain R is called a unique factorisation domain if every element can be written uniquely as a product of irreducibles
existence each a R which is non-zero and not a unit can be written
as a product of irreducibles a = x1 xm .
uniqueness if a = x1 xm and a = y1 yn with each xi and yj irreducible, then m = n and (after re-ordering) xi and yi are
associates (so yi = ui xi for some unit ui R ).
Clearly if R is a unique factorisation domain, then every irreducible element is
prime. For, if a is irreducible and xy (a), then xy = ab for some b. Since a
is irreducible and factorisations are unique, a must occur in the factorisation of
either x or y, whence x (a) or y (a).
One important result is that if R is a unique factorisation domain, then so too
is the ring of polynomials R[X]. To see this we first prove the special case when
R is a field; in fact, we show that every principal ideal domain. The general
case then follows from Gausss Lemma.
Theorem A.12. Every principal ideal domain is a unique factorisation domain.1
Proof. Let R be a principal ideal domain. We first show that every increasing
sequence of ideals stabilises (so that R is Noetherian).
Suppose
S we have an increasing sequence of ideals I1 I2 . Then the union
I := i Ii is again an ideal, and since
S R is a principal ideal domain we can write
Ii = (ai ) and I = (a). Now, a i Ii , so a Ii for some i. Therefore I Ii , so
I = Ii , and hence I = In for all n i.
Now take a1 R non-zero and not a unit, and suppose for contradiction that
a1 cannot be written as a product of irreducibles. Then a1 is not irreducible, so
we can write a1 = a2 a02 with neither a2 nor a02 a unit. If both a2 and a02 can be
expressed as a product of irreducibles, then the same would be true of a1 , so we
may assume that a2 cannot be written as a product of irreducibles. Repeating
the argument yields an increasing sequence of ideals (a1 ) (a2 ) . Also,
by construction, (ai1 ) 6= (ai ), since ai1 = ai a0i and a0i is not a unit. Therefore
this sequence of ideals does not stabilise, contradicting the above result.
To see that this expression is unique, let a = x1 xm = y1 yn with each xi
and yj irreducible. Since (x1 ) is a prime ideal (in fact maximal), R/(x1 ) is an
integral domain (in fact a field) and y1 yn = a
= 0 in R/(x1 ). Thus, after
re-ordering, y1 = 0. Hence y1 (x1 ), say y1 = u1 x1 . Since both x1 and y1 are
irreducible, u1 must be a unit. Therefore (x1 ) = (y1 ) and x2 xm = u1 y2 yn .
Since y20 := u1 y2 is irreducible and (y20 ) = (y2 ), the result follows by induction
on m + n.
1 In fact, if R is a Noetherian integral domain, then R is a unique factorisation domain if
and only if all irreducible elements are prime. The proof is the same, but using the Noetherian
property to deduce that the ascending chain of ideals stabilises.
99
For the remainder of this section, R will denote a unique factorisation domain
and K its field of fractions.
Lemma A.13. Any two elements in R have a greatest common divisor,
and this is unique up to associates.
mn
1
Proof. Given a and b, write ab = uxm
for some unit u and pairwise
1 xn
non-associate irreducible elements xi (so (xi ) 6= (xj ) for i 6= j). We can now
write a = u0 xr11 xrnn and b = u00 xs11 xsnn for some units u0 , u00 . Note that
mi = ri + si . Set gcd(a, b) := xl11 xlnn , where li := min(ri , si ).
Clearly gcd(a, b) divides both a and b, and any other element which divides both
a and b must divide gcd(a, b) by unique factorisation.
Given a non-zero polynomial f = an X n + +a0 R[X], we define its content
cont(f ) to be the greatest common divisor of the coefficients ai . We call f
primitive if cont(f ) is a unit. Note that, if 0 6= d R, then cont(df ) =
d cont(f ).
More generally, let f K[X] be non-zero. By clearing denominators, there exists 0 6= d R such that df R[X]. We therefore define cont(f ) := cont(df )/d
K. To see that this is well-defined let 0 6= d0 R also satisfy d0 f R[X]. Then
d0 cont(df ) = cont(dd0 f ) = d cont(d0 f ),
so that cont(df )/d = cont(d0 f )/d0 . It follows as before that if d K and
f K[X], then cont(df ) = d cont(f ).
Lemma A.14. Let f, g K[X] be non-zero.
1. f /cont(f ) R[X] and is primitive. Conversely, if c K is such that
f /c R[X] is primitive, then c = cont(f ) (up to a unit of R).
2. cont(f ) R if and only if f R[X].
3. cont(f g) = cont(f )cont(g).
Proof. 1. Suppose first that f R[X] and has coefficients ai . Since cont(f ) =
gcd(ai ) we know that ai /cont(f ) R and that these elements are coprime. Thus
f /cont(f ) R[X] is primitive.
Now let f K[X]. Taking 0 6= d R such that df R[X] we see that
f /cont(f ) = df /cont(df ) R[X] is primitive.
Finally, let c K be such that f /c R[X] is primitive. Then 1 = cont(f /c) =
cont(f )/c, so that c = cont(f ).
2. By (1) we can write f = cont(f )f 0 for some f 0 R[X] primitive, so cont(f )
R implies f R[X]. The converse is immediate.
3. Set c := cont(f ) and d := cont(g). By (1) we can write f = cf 0 and g = dg 0
for some f 0 , g 0 R[X] primitive. Then f g = cdf 0 g 0 and f 0 g 0 R[X], so if we
can show that f 0 g 0 is primitive, then cont(f g) = cd as required.
100
Let p R be prime and consider the quotient ring (R/(p))[X]. Since R/(p) is
an integral domain, so too is (R/(p))[X]. Since f 0 and g 0 are primitive, we know
that p does not divide every coefficient of f 0 or g 0 , so f 0 and g 0 are non-zero in
(R/(p))[X]. Thus f 0 g 0 = f 0 g 0 is non-zero, so p does not divide cont(f 0 g 0 ).
It follows that cont(f 0 g 0 ) is not divisible by any irreducible element of R, hence
is a unit, and f 0 g 0 is primitive.
Lemma A.15 (Gausss Lemma). If f R[X] is irreducible over R, then it is
irreducible over K. The converse holds when f is primitive.
Proof. We prove the contrapositive. Suppose f = gh K[X]. Since cont(f ) =
cont(g)cont(h) we can factorise f over R as
f = cont(f ) (g/cont(g)) (h/cont(h)).
Conversely let f R[X] be primitive and suppose that f is irreducible over K.
Let f = gh be a factorisation over R. Since f is irreducible over K we may
assume without loss of generality that g is a unit in K[X], so deg(g) = 0 and
hence g R. Therefore g divides cont(f ), which is a unit since f is primitive.
Hence g is a unit, so f is irreducible over R.
Theorem A.16. The polynomial ring R[X] is again a unique factorisation
domain. The units of R[X] are the units of R. The irreducible elements of
R[X] are the irreducible elements of R together with the primitive irreducible
polynomials.
Proof. Since R is an integral domain, we can consider leading terms of polynomials to deduce that R[X] is also an integral domain and that the units of
R[X] are just the units of R. Also, by considering degrees, we see that each
irreducible in R remains irreducible in R[X].
Let f R[X] be non-constant. Since K[X] is a principal ideal domain, it
is a unique factorisation domain, so we can write f = g1 gr with each gi
irreducible in K[X]. Set ci := cont(gi ), c := c1 cr and fi := gi /ci , so fi
R[X] is a primitive irreducible polynomial by Gausss Lemma and f = cf1 fr .
Then c = cont(f ) R, so can be written as a product of irreducibles in R. Thus
each polynomial can be written as a product of irreducible elements.
To see that this expression is unique, suppose that f = cg1 gr and f =
dh1 hs with c, d R and gi , hj R[X] primitive irreducible polynomials.
Then gi , hj K[X] are irreducible by Gausss Lemma, so using that K[X]
is a unique factorisation domain we deduce that, after reordering, r = s and
hi = ui gi for some ui K . Then ui = cont(hi ) R , so gi and hi are
associates. Finally, setting u := u1 ur R gives that c = ud R, so c and
d are associates. Since R is a unique factorisation domain, we are done.
We finish with some methods to investigate the irreducibility of polynomials in
R[X] for a unique factorisation domain R.
101
Theorem A.17 (Eisensteins Criterion). Let f = a0 X d + + ad1 X + ad

R[X] be primitive. Suppose that there exists a prime p R such that p|ai for
1 i d, but p - a0 and p2 - ad . Then f is irreducible.
Proof. Since p is prime we know that R/(p) is an integral domain. Let F be its
field of fractions.
Suppose that f = gh for some non-constant polynomials g, h R[X]. Write
g = b0 X r + + br and h = c0 X s + + cs , so that d = r + s, a0 = b0 c0 ,
= f = a
ad = br cs and r, s 1. Consider gh
0 X d (R/(p))[X]. Since F [X] is
= c0 X s in
a unique factorisation domain we must have that g = b0 X r and h
F [X], so also in (R/(p))[X]. In particular, p divides bi for all 1 i r and cj
for all 1 j s. Thus p2 divides br cs = ad , a contradiction.
Theorem A.18 (Rational Root Test). Let f = a0 X d + + ad R[X] and
suppose that K is a root of f . Write = p/q with p, q R coprime. Then
q|a0 and p|ad .
Proof. We have the equality
0 = q d f (p/q) = a0 pd + a1 pd1 q + + ad1 pq d1 + ad q d .
Thus p divides ad q d and q divides a0 pd . Since gcd(p, q) = 1 we conclude that
p|ad and q|a0 .
This theorem is often used in the following form.
Corollary A.19. Let f = X n + an1 X n1 + + a0 R[X] be a monic
polynomial. Then any root K of f actually lies in R and is a divisor of a0 .
Examples
1. C C with component-wise addition and multiplication is a ring, with
zero (0, 0) and unit (1, 1), but is not an integral domain. Why not?
2. If R is a ring, then we can form the polynomial ring R[X]. Its elements
are the polynomials f (X) = a0 X n + a1 X n1 + + a0 with coefficients
ai R, on which we have the usual addition and multiplication. We write
deg(f ) = max{n : an 6= 0} if f 6= 0, and set deg(0) := .
If R is an integral domain, then so too is R[X]. Moreover the units of
R[X] are just the units of R.
If I C R, then there is a surjective ring homomorphism R[X] (R/I)[X],
aX n 7 a
X n . This has kernel I[X], the set of polynomials, all of whose
coefficients lie in I, so giving a ring isomorphism R[X]/I[X]
= (R/I)[X].
3. More generally, if {Xi } is a (possibly infinite) set of indeterminates, then
R[{Xi }] is a ring whose elements are finite R-linear combinations of monomials, where each monomial is a finite product of powers of the Xi .
102
4. Z, Z[X] and Z[X, Y ] are all unique factorisation domains, but only Z is a
principal ideal domain. For example, (2, X) C Z[X] is not principal.
If K is a field, then K, K[X] and K[X, Y ] are all unique factorisation
domains, but only K and K[X] are principal ideal domains. For example,
(X, Y ) C K[X, Y ] is not principal.
5. Z[ 2] = {a + b 2 : a, b Z} is a principal ideal domain, in fact a

Euclidean domain (there is a version of the Euclidean Algorithm). The
only units are 1.
With a little bit more theory one can describe the primes in Z[ 2]. If
p Zis an odd prime, then either p 1, 3 mod 8, in which case p is prime
2
2
in Z[ 2],
or else p 5, 7 mod 8, in which case we can solve
a + 2b = p
and a + b 2 is prime. The only other prime element is 2 itself.
Z[ 5] is not a unique factorisation domain, since 1 + 5 is irreducible

but not prime. Can you prove this?
103
Appendix B
Zorns Lemma
This chapter is non-examinable.
A partially ordered set, or poset, (S, ) is a set with a relation satisfying
Reflexivity
Antisymmetry
Transitivity
a a for all a.
a b and b a imply a = b.
a b and b c imply a c.
The poset (S, ) is totally ordered if, for all a, b S, either a b or b a.

A maximal element of S is an element a S such that if a b, then a = b.
If (S, ) is a poset, then a chain in S is a non-empty subset which is totally
ordered by . If C S is a subset, then an upper bound for C is an element
a S such that c a for all c C.
Zorns Lemma. Let (S, ) be a non-empty poset in which every chain has an
upper bound. Then S has a maximal element.
Zorns Lemma is logically equivalent in Zermelo-Fraenkel Set TheoryQto the
Axiom of Choice, which says that if Si are sets, then the product i Si is
non-empty. In other words, we can make an infinite number of arbitrary choices.
We often use Zorns Lemma when proving statements for infinte sets when we
would have used induction for finite sets.
Typical examples are the following three results, the first of which uses the
Axiom of Choice; the latter two, Zorns Lemma.
Theorem B.1. Every surjective map between sets has a right inverse.
Proof. Let f : X Y be a surjective map between two sets. A right inverse g
of f is a map g : Y X such that f g = idY . Therefore, to construct g, we need
to choose an element in the fibre f 1 (y) X for each element y Y . Thus,
if Y is infinite, we need to make an infinite number of arbitrary choices, hence
require the Axiom of Choice.
104
Theorem B.2. Every vector space has a basis.

Proof. Let S be the collection of linearly independent subsets of a non-zero
vector space V over a field K. This is non-empty, since each non-zero vector
is linearly independent. We endow S with the partial order coming from
inclusion.
Let CS= {Bi } be a chain in S. Then C has an upper
P bound, namely the union
B = i Bi . For, consider a finite linear relation j j bj = 0 with j K and
bj B. Since there are only finitely many bj in this relation, they all lie in
some Bi , so are linearly independent. Thus j = 0 for all j and B is linearly
independent.
Zorns Lemma implies that S has a maximal element B. We claim that B is a
spanning set for V , and thus a basis. For, if not, then there exists some v V
which cannot be written as a finite linear combination of elements of B. Thus
B {v} is a linearly independent set, which contradicts the maximality of B.
Theorem B.3. Every proper ideal of a ring is contained in a maximal ideal.
Proof. Let R be a ring. Let S be the set of proper ideals of R, ordered by
inclusion .
S This is non-empty, since (0) C R. Let C = {Ii } be a chain in S.
Then I = i Ii is an upper bound for C. We need to check that I is a proper
ideal. It is an ideal, since if x, y I, then x, y Ii for some i. Hence x + y
and rx for r R are both containedPin Ii I. To see that I is proper, suppose
otherwise. Then we can write 1 = j rj xj as a finite linear combination with
rj R and xj I. Since there are only finitely many xj in this relation, they
all lie in some Ii . Hence 1 Ii , a contradiction since Ii was assumed to be
proper. Hence I C R is proper.
Zorns Lemma implies that S has a maximal element I, which is necessarily a
maximal ideal.
One should remark that, although generally assumed to hold, Zorns Lemma,
or equivalently the Axiom of Choice, also yield several paradoxes, for example
the Banach-Tarski Paradox.
For some nice quotations on the Axiom of Choice, visit here.
105

Must Read GaloisTheory

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Must Read GaloisTheory

Uploaded by

Copyright:

Available Formats

Fields and Galois Theory

This was essentially known to the Babylonians (ca. 1600BC).

The question thus becomes: is every polynomial of degree n solvable by radicals?

In the sixteenth century, Ferro and Fontana (nicknamed Tartaglia because of

which is a rather complicated way of expressing the number 4.

From a modern perspective, we replace the study of a polynomial by the study

Any such automorphism is determined by (i), and since i2 = 1, we must

we can consider1 the polynomial

of unity, so the field generated by the roots is Q( 3 2, ).

have had enough symmetries. In fact, the only field automorphism of Q( 3 2)

One of the main theorems of this course will be the following.

Rings and Algebras

1 It is sometimes better to consider R together with a ring homomorphism : K R.

Proof. Let f K[X] be non-constant. If f is irreducible, then we can write

image of a polynomial h in K[X]/(f1 ), we have that f = 0, so g1 gn = 0 and

Given K, we have a K-algebra homomorphism ev : K[X] K sending

We now recall some facts about integer polynomials f Z[X].

We therefore introduce a new concept. An integer polynomial f = a0 X d +

that f has no linear factors, so that if f = gh has a proper factorisation, then

Either f is irreducible or else the product of two irreducible quadratics,

The Tower Law

Let L be a field and K L a subfield. We write L/K and call L a field

Algebraic and Transcendental Elements

Let L/K be a field extension. Given L we have a K-algebra homomorphism

say that L is a root of f K[X] provided that f () = 0; this is if and only

Proof. By definition, is algebraic over K if and only if the kernel of the

Corollary 3.3. Let L/K be a field extension, L algebraic over K, and

2. C/Q and 2 C. Then m2/Q = X 2 2.

3. C/R and 2 R. Then m2/R = X 2.

Let L/K be a field extension. An intermediate field of L/K is a subfield E

This extends the case discussed above of a single element K[].

We have maximal ideals

so the fields are not isomorphic.

Primitive Element Theorem

lie in K( ), so that K(, ) = K( ). This proves the claim.

Artins Extension Theorem

: K[X] L such that

: K[X] L is completely determined by the element :=

For the general case we observe that is injective, so induces an isomorphism

1. Let 2 C. Then m2/Q = X 2 2. This has roots 2 in C. We

In fact, both of these restrict to automorphisms of Q( 2), so

2. Let := exp(2i/3) = 12 (1 + i 3) C. This has minimal polynomial

3. Let = 3 2 R. Then m/Q = X 3 2. This has a unique root in R, so

In particular, we can have a strict inequality in Proposition 4.1 (1).

4. Consider the tower L/F/Q, where L = Q( 4 2) and F

necessarily fix 2, and hence F . Thus

In particular, we can have a strict inequality in Proposition 4.1 (2).

We observe that the field embedding 1 : F L, 2 7 2, can be

2 : F L, 2 7 2 cannot be extended to an automorphism of L.

6 2. Thus 1 and 2 can both be extended uniquely to automorphisms

6. We now compute all embeddings Q(, ) C, where = 3 2 and =

we have that = 2 . Since we also have 3 = 2 = id we deduce

Linear Independence of Characters

= n (gh) n (g)n (h) = 0,

We remark that in Section 4.1, Example (1) we proved that Q( 2)/Q is a

On the other hand, Q( 3 2)/Q has no non-trivial automorphism by Example (3),

Take such a solution having a minimal number of non-zero terms. Dividing

Subtracting then gives

Since n = 0, this has fewer non-zero terms, so by minimality j = 0 for all j.

The Galois Correspondence

The next theorem is of great importance: it states that intermediate fields of

{intermediate fields of L/K}

In particular, for each intermediate field F , the extension L/F is Galois.

Note that hi = Alt3 is a normal subgroup, and that Q()/Q is Galois.