25 views

Uploaded by Chung Chee Yuen

Notes

- JTPC1386
- The Prime Facts: From Euclid to AKS
- 7-5
- Prime Numbers and Their Application
- On Cavalieri's Conjecture
- (Lecture Notes in Computer Science 9061) Çetin Kaya Koç, Sihem Mesnager, Erkay Savaş (Eds.)-Arithmetic of Finite Fields_ 5th International Workshop, WAIFI 2014, Gebze, Turkey, Septem
- Math 780 Notes
- Factorization of a 768-Bit RSA Modulus, Thorsten Kleinjung, 2010
- Algebraic Number Theory
- Numbers chap78
- Iyanaga S. - Algebraic Number Theory
- Recommended Elliptic Cur Ves for Federal Government
- 005 Overview
- nbhm_msc05
- Uniqueness Results for Mult Max Variables
- hw3
- Wolstenholme's Theorem
- Implementation of Rsa Key Generation Based on Rns Using Verilog
- Model Theory Notes
- Poincare Birkhoff Witt Type Results for Inclusions of Lie Algebras

You are on page 1of 49

January 2013

These notes are modied from previous versions (due to Neil Dummigan,

Alan Lauder and Roger Heath-Brown) and have been recently revised by

me. They draw mainly upon A Classical Introduction to Modern Num-

ber Theory, by Ireland and Rosen, and Algebraic Number Theory, by

Stewart and Tall. While I take full responsibility for their current contents,

considerable thanks are clearly due to Neil, Alan and Roger.

I will be pleased to hear of any misprints ar errors!

Email me at flynn@maths.ox.ac.uk.

Throughout these notes we use the abbreviation NE for not examinable

in this course.

Lectures will omit some of the non-examinable proofs, and some of the

examples in Section 9. However these should prove helpful for examination

revision.

Useful texts

Algebraic Number Theory and Fermats Last Theorem, I. Stewart and D.

Tall, Third Edition. We shall frequently cite this as S&T.

Older editions under the name Algebraic Number Theory will also suf-

ce.

Other useful but more advanced references:

A Classical Introduction to Modern Number Theory, (Chapter 12) K. Ireland

and M. Rosen

Algebraic Number Theory, A. Frohlich and M.J. Taylor

A Course in Computational Algebraic Number Theory, H. Cohen.

1

1 Introduction

1.1 Motivation

Consider Fermats Last Theorem which asserts that x

n

+ y

n

= z

n

has no

solution x, y, z Z (x, y, z all nonzero) if n N, n 3. It is sucient to

prove this for n = 4 and n = p 3 prime [since any n 3 is divisible by 4

or some prime p 3; if n = 4k, then any solution to x

n

+y

n

= z

n

would give

(x

k

)

4

+ (y

k

)

4

= (z

k

)

4

; similarly if n = pk, then any solution to x

n

+ y

n

= z

n

would give (x

k

)

p

+ (y

k

)

p

= (z

k

)

p

].

Fermat himself proved the result for n = 4 after which it remained to

prove it for n = p 3 prime. Let

p

= exp(2i/p) C and let K := Q(

p

).

Factoring the left hand side in Z[

p

] we see that

(x + y)(x +

p

y) . . . (x +

p1

p

y) = z

p

.

Now in Z it is true that if a

1

. . . a

p

= b

p

and the a

i

have no common factors,

then each a

i

is an p-th power, by the unique factorisation property of Z. To

make progress on Fermats Last Theorem it would be useful to know whether

an analogous result holds true in Z[

p

]. More generally we might ask what

sort of number theory can we do in a ring such as Z[

p

]? In particular do we

still have an analogue of unique factorisation into primes?

These are the questions addressed in this course.

1.2 Background material

We need to know the statements (but not proof) of various pre-requisites

for this course. Firstly we have, some results from Polynomial Rings and

Galois Theory.

Lemma 1.1 (Gausss Lemma). Let p(t) Z[t] be irreducible in Z[t]; then it

is also irreducible in Q[t].

Proof. NE. See S&T, page 18, Lemma 1.7. The broad strategy is to imagine

p(t) were reducible over Q, with p(t) = g(t)h(t) where g(t), h(t) Q[t], and

then show there exists Q, ,= 0, such that g,

1

h Z[t] (the existence

of such is sometimes included in the statement of Gauss Lemma).

Theorem 1.2 (Eisenstein). Let f(t) = a

0

+a

1

t + +a

n

t

n

Z[t]. Suppose

there exists a prime p such that p does not divide a

n

, but p divides a

i

for

2

i = 0, . . . , n 1, and p

2

does not divide a

0

. Then, apart from constant

factors, f(t) is irreducible over Z, and hence irreducible over Q.

Such a polynomial is said to be Eisenstein with respect to the prime p.

Note also: irreducible over K is just another way of saying: irreducible in

K[t].

Proof. NE. See S&T, page 19, Theorem 1.8.

Denition 1.3. A number eld (or algebraic number eld) is a nite ex-

tension K of Q. The index [K : Q] is the degree of the number eld.

Theorem 1.4. If K is a number eld then K = Q() for some (algebraic)

number K.

Proof. NE. See S&T, page 32, Theorem 2.2.

Theorem 1.5. Let K = Q() be a number eld of degree n over Q. Then

there are exactly n distinct monomorphisms (embeddings)

i

: K C (i = 1, . . . , n).

The elements

i

() are the distinct zeros in C of the minimal polynomial m

of over Q.

If

i

(K) R then

i

is called a real embedding, and otherwise it is called

a complex embedding.

Recall that a monomorphism is a one-to-one map satisfying ( + ) =

() + () and () = ()().

Proof. NE. See S&T, page 38, Theorem 2.4.

We now have some elementary results on free abelian groups. We shall

express such groups with the operation written additively.

Denition 1.6. A square matrix over Z is unimodular if it has determinant

1.

Note that A is unimodular if and only if A

1

has coecients in Z.

3

Lemma 1.7. Let G be a free abelian group of rank n with Z-basis x

1

, . . . , x

n

.

Suppose (a

ij

) is an n n matrix with integer entries. Let

y

i

=

j

a

ij

x

j

(1 i n).

Then the elements y

1

, . . . , y

n

form a Z-basis for G if and only if (a

ij

) is

unimodular.

Proof. NE. See S&T, page 28, Lemma 1.15.

Theorem 1.8. Let G be a free abelian group of rank n, and H a subgroup.

Then G/H is nite if and only if H has rank n. Moreover, if G and H have

Z-bases x

1

, . . . , x

n

and y

1

, . . . , y

n

with y

i

=

j

a

ij

x

j

we have

#G/H = [ det(a

ij

)[.

Proof. NE. See S&T, page 30, Theorem 1.17.

2 Discriminants, Norms and Traces

Denition 2.1. Let K/Q be an algebraic number eld of degree n, and let

K. Let

i

: K C be the n embeddings, i = 1, . . . , n. The

i

() are

called the (K-)conjugates of . Dene the trace Tr

K/Q

() =

n

i=1

i

() and

norm Norm

K/Q

() = N

K/Q

() = N() =

n

i=1

i

(). When K = Q()

these are called the absolute conjugates, trace and norm.

For any K = Q(), suppose that has minimal polynomial m

(X). If

1

, . . . ,

n

are the n roots of m

that

i

:

i

.

We record the trivial properties:-

Norm

K/Q

() = Norm

K/Q

()Norm

K/Q

();

Norm

K/Q

() = 0 if and only if = 0;

Norm

K/Q

(q) = q

n

for q Q.

If K = Q() and m

(X) = X

n

+ c

n1

X

n1

+ + c

0

, then we have

Tr

K/Q

() = c

n1

and Norm

K/Q

() = (1)

n

c

0

. In particular the norm and

trace are in Q.

More generally, for any K = Q(), K, the norm and trace of are

symmetric functions of the conjugates

i

(), and are therefore in Q.

4

Denition 2.2. Let w = w

1

, . . . , w

n

be an n-tuple of elements of K, where

n = [K : Q].

The determinant is (w) := det(

i

(w

j

)), i.e., the determinant of the

n n matrix whose (i, j)th entry is

i

(w

j

).

The discriminant of w is (w)

2

. [sometimes also written as

2

(w).]

*Warning*: S&T and some other books use where we write

2

(!).

Lemma 2.3. We have (w)

2

= det(Tr

K/Q

(w

i

w

j

)), and so (w)

2

Q.

Proof. Let A = (

i

(w

j

)). Then

(w)

2

= det(A)

2

= det(A

T

A) = det

_

k

(w

i

)

k

(w

j

)

_

= det

_

k

(w

i

w

j

)

_

= det(Tr

K/Q

(w

i

w

j

)).

Lemma 2.4. If v = v

1

, . . . , v

n

is a basis for K/Q and w = w

1

, . . . , w

n

K, with w

i

=

j

c

ij

v

j

and c

ij

Q, then

(w) = det(C)(v) where C = (c

ij

).

Proof. Left as exercise.

Lemma 2.5. If K = Q() and v = 1, , . . . ,

n1

then

(v)

2

=

i<j

(

j

i

)

2

.

Here

1

, . . . ,

n

are the conjugates of .

Proof. We have

(v) =

1

1

2

1

. . .

n1

1

1

2

2

2

. . .

n1

2

.

.

.

.

.

.

1

n

2

n

. . .

n1

n

5

(This is a so-called van der Monde determinant.) We can view this as a

polynomial of degree n(n 1)/2 in

1

, . . . ,

n

. Since it vanishes when we

set

i

=

j

the polynomial is divisible by

i

j

for all i < j. There

are n(n 1)/2 of these factors. Hence, on checking that the coecient of

2

3

. . .

n1

n

is +1 we deduce that

(w) =

i<j

(

j

i

).

Corollary 2.6. (w

1

. . . , w

n

) ,= 0 if and only if w

1

. . . , w

n

is a basis for

K/Q.

Proof. Suppose K = Q() and v = 1, , . . . ,

n1

are as in the previous

lemma. Since the

i

are distinct, (v) ,= 0. By Lemma 2.4, (w) ,= 0

for any other basis w of K/Q. If w is not a basis then det(C) = 0 and so

(w) = 0.

3 The Ring of Integers

Denition 3.1. We say that K is an algebraic integer if and only if

there exists a monic g(x) Z[x] such that g() = 0. Dene O

K

as the set

of all algebraic integers in K.

We shall see that the set O

K

will bear the same relation to K as Z does

to Q.

Note 3.2

1. Suppose K. Then O

K

if and only if the minimal polynomial

m

2. Suppose K and

d

+ a

d1

d1

+ + a

0

= 0, a

i

Q. If n Z

then

(n)

d

+ na

d1

(n)

d1

+ + n

d

a

0

= 0.

Choosing n to clear the denominators of all the a

i

we can get n O

K

.

3. The mininum polynomial of r Q is x r which is in Z[x] if and only

if r Z. Hence if K = Q then O

K

= Z. Generally, Z O

K

.

6

Example 3.3 Let K = Q(

(i.e. there is no prime p for which p

2

[d). Then [K : Q] = 2, and K has a

Q-basis 1,

d. If a, b Q then = a + b

d K. Since

1

() = a + b

d

and

2

() = a b

d we have Tr

K/Q

() = 2a and Norm

K/Q

() = a

2

db

2

.

Moreover m

(x) = x

2

2ax + (a

2

db

2

) (if b ,= 0). Hence O

K

if and

only if 2a, a

2

db

2

Z.

Suppose O

K

. Then (2a)

2

d(2b)

2

Z, giving d(2b)

2

Z. Writing

2b = u/v (u, v Z) we have du

2

v

2

Z, so that v

2

[du

2

. Since d is squarefree

this implies v[u, giving 2b Z. Write 2a = A, 2b = B, with A, B Z.

Then a

2

db

2

Z, so that A

2

dB

2

mod 4. Now observe that any square

is congruent to 0 or 1 modulo 4.

Case 1: Suppose d 2 or 3 mod 4. Then we must have A, B even, and

a, b Z.

Case 2: Suppose that d 1 mod 4. This implies that A B mod 2,

so a, b are both in Z or both in Z +

1

2

.

Of course we cannot have d 0 mod 4 since d is squarefree. We conclude

that

O

K

=

_

1,

d = m + n

d : m, n Z, d 2, 3 mod 4,

1,

1+

d

2

= m + n

1+

d

2

: m, n Z, d 1 mod 4.

e.g. In Q(i) we have

1

2

+

2

3

i K and 1 + 5i O

K

. In Q(

3) we

have

3

5

3 K,

1

2

+

3

2

O

K

. (The latter has minimal polynomial

x

2

+ x + 1).

We now require a little about modules.

Denition 3.4. Let R be an integral domain. An R-module M is an abelian

group (which we shall write additively) with a map RM M, (r, m) rm

such that

(r

1

+ r

2

)m = r

1

m + r

2

m, (r

1

r

2

)m = r

1

(r

2

m)

r(m

1

+ m

2

) = rm

1

+ rm

2

, 1m = m

for all r, r

1

, r

2

R and m, m

1

, m

2

M.

7

Example 3.5

1. Let R be a eld and M a vector space over R. Then M is an R-module.

2. If R = Z and M is any additive abelian group then M is an R-module.

We say that M is nitely generated if there exist m

1

, . . . , m

k

M such

that

M = r

1

m

1

+ + m

k

r

k

: r

1

, . . . , r

k

R.

Lemma 3.6. K is an algebraic integer if and only if there exists a

nonzero nitely generated Z-module M K such that M M.

Proof. Suppose O

K

, say

d

+ a

d1

d1

+ + a

0

= 0, with a

i

Z. Let

M = Z[] = f() : f(x) Z[x] K. Then M = 1, , . . . ,

d1

and

M M, since (

d1

) =

d

=

d1

i=0

a

i

i

M.

Conversely, suppose M K is a nonzero nitely generated Z-module

such that M M. Take w

1

, . . . , w

s

to be a generating set for M. Let

w

i

=

j

c

ij

w

j

, c

ij

Z.

Putting C = (c

ij

) we see that

(I C)

_

_

_

_

_

w

1

w

2

.

.

.

w

s

_

_

_

_

_

=

_

_

_

_

_

0

0

.

.

.

0

_

_

_

_

_

so that satises det(xI C) = 0, a monic polynomial with integer coe-

cients. Hence O

K

.

Theorem 3.7. Let K be an algebraic number eld. If , O

K

then

+ , O

K

.

Hence O

K

is a ring, called the ring of integers of K.

Proof. Suppose , O

K

. Let M, N K be nitely generated Z-modules,

generated respectively by v

1

, . . . , v

d

and w

1

, . . . , w

e

, such that M M

and N N. Consider

MN :=

k

i=1

m

i

n

i

: m

i

M, n

i

N.

8

Then MN is nitely generatedy (by v

i

w

j

: 1 i d, 1 j e) and in

K. Moreover,

( + )MN (M)N + M(N) MN

()MN (M)(N) MN.

It follows from Lemma 3.6 that + , O

K

.

Corollary 3.8. If O

K

then Tr

K/Q

(), Norm

K/Q

() Z.

Proof. Assume that O

K

. Then all the K/Q-conjugates

1

, . . . ,

n

belong

to O

L

(where L is the splitting eld of the polynomial m

(x)(= m

i

(x))).

Thus Tr

K/Q

() =

1

+ +

n

O

L

and Norm

K/Q

() =

1

. . .

n

O

L

, by

Theorem 3.7. However Tr

K/Q

(), Norm

K/Q

() Q, and Q O

L

= Z.

Denition 3.9. O

K

is a unit if and only if

1

O

K

.

Proposition 3.10. O

K

is a unit if and only if Norm

K/Q

() = 1.

Proof. Suppose is a unit. Then

Norm

K/Q

()Norm

K/Q

(

1

) = Norm

K/Q

(

1

) = Norm

K/Q

(1) = 1.

However Norm

K/Q

() and Norm

K/Q

(

1

) are in Z, so both are 1.

Conversely, suppose that Norm

K/Q

() = 1. Let

1

, . . . ,

n

be the K/Q-

conjugates, with =

1

, say. Then

1

. . .

n

= 1, so that (

2

. . .

n

) =

1. Hence

1

= (

2

. . .

n

), which by Theorem 3.7 lies in O

L

. However

we know that

1

lies in K, and so

1

O

L

K = O

K

.

Denition 3.11. We say that w

1

, . . . , w

n

O

K

is an integral basis for O

K

if O

K

=

j

c

j

w

j

: c

j

Z.

It can easily be shown that the above denition is equivalent to saying

that w

1

, . . . , w

n

is a Z-basis for O

K

. We shall show that every O

K

has an

integral basis. The set w

1

, . . . , w

n

is sometimes called an integral basis for

O

K

, and sometimes just an integral basis for K.

Example 3.12 K = Q(

K

has

integral basis

_

1,

d, d 2, 3 mod 4,

1,

1+

d

2

, d 1 mod 4.

9

Note 3.13 Let v = v

1

, . . . , v

n

and w = w

1

, . . . , w

n

be any two Q-bases

of K. Let M = v

1

, . . . , v

n

Z

and N = w

1

, . . . , w

n

Z

, as Z-submodules of

K. Suppose v, w O

K

, then (v)

2

, (w)

2

Z. (Recall that (v)

2

=

det(Tr

K/Q

(v

i

v

j

)).) Suppose N M. Then there exist c

ij

Z such that

w

i

=

n

j=1

c

ij

v

j

. Let C = (c

ij

). Then by Theorem 1.8 we have

[ det(C)[ = [M : N] = #M/N = m, say,

as additive groups. So by Lemma 2.4 we have

(w)

2

= (det(C))

2

(v)

2

= m

2

(v)

2

.

If M = N then det(C) = 1 by Lemma 1.7, and (w)

2

= (v)

2

.

This allows us to make the following denition.

Denition 3.14. Let M be any subset of O

K

which has a Z-basis. Dene

(M)

2

:= (w)

2

for any Z-basis w of M.

Note that if N M then (N)

2

= m

2

(M)

2

, and so in particular

(M)

2

[(N)

2

.

Theorem 3.15 (Integral Basis Theorem). The ring O

K

has an integral basis

(that is, a Z-basis).

Proof. Let v = v

1

, . . . , v

n

be any Q-basis for K. Multiplying each v

i

by a suciently large integer, we may suppose that v O

K

. Let M =

v

1

, . . . , v

n

Z

. Then (M)

2

,= 0 (and Z) since v

1

, . . . , v

n

are Q-linearly

independent. Choose the basis v such that [(M)

2

[ is minimal.

Claim: M = O

K

, so that v

1

, . . . , v

n

is an integral basis.

Proof of claim: Suppose there exists O

K

such that , M. Certainly

=

n

j=1

c

j

v

j

with c

j

Q. Then for any j and any m Z we have

+ mv

j

O

K

but + mv

j

, M. Hence by adding suitable Z-multiples of

the v

j

to we may assume that [c

j

[ 1/2. Moreover, since , M there

exists j such that c

j

,= 0. Choose such a j.

10

Let w be a new Q-basis for K obtained from v by replacing v

j

by . Then

w O

K

. The change of basis matrix

C =

_

_

_

_

_

_

_

_

_

1 0 . . . 0

0 1 . . . 0

.

.

.

.

.

.

c

1

. . . c

2

. . . c

n

.

.

.

.

.

.

0 0 . . . 0 1

_

_

_

_

_

_

_

_

_

has determinant c

j

. Hence

[(w)

2

[ = c

2

j

[(v)

2

[ < [(v)

2

[,

by Note 3.13, contradicting the minimality of [(v)

2

[. So such does not

exist, and M = O

K

.

We can therefore dene (O

K

)

2

, as in Denition 3.14, to be (w)

2

,

where w is any integral basis of O

K

; we also dene (K)

2

to be the same as

(O

K

)

2

.

The following proposition will be helpful for nding an integral basis

for O

K

.

Proposition 3.16. Let w = w

1

, . . . , w

n

be any Q-basis for K such that

w O

K

. Let M = w

1

, . . . , w

n

Z

and let M ,= O

K

. Then there exist p

prime with p

2

[(M)

2

and c

1

, . . . , c

n

Z, not all divisible by p, such that

1

p

(c

1

w

1

+ . . . + c

n

w

n

) O

K

.

Proof. Let m = [O

K

: M] > 1, so that [(M)

2

[ = m

2

[(O

K

)

2

[. Since

m > 1, there is a prime p dividing m, so that p

2

[(M)

2

. Since m = #O

K

/M

we conclude (by a theorem of Cauchy on nite groups) that O

K

/M has an

element of order p. Let + M be such an element. Then =

d

j

w

j

with

d

j

Q. Moreover p M so that all pd

j

Z. Hence =

1

p

j

c

j

w

j

with

c

j

Z not all being mutiples of p.

We now describe how to go about nding an integral basis for O

K

, where

[K : Q] = n.

1. Let w = w

1

, . . . , w

n

be any Q-basis for K such that w O

K

. Cal-

culate (w)

2

. Let M = w

1

, . . . , w

n

Z

. We know M O

K

.

11

2. If [O

K

: M] = m, then [(M)

2

[ = m

2

[(O

K

)

2

[. If (M)

2

is squarefree

then m = 1 and O

K

= M. Otherwise (and if O

K

,= M), by Proposi-

tion 3.16, there exist p prime with p

2

[(M)

2

and c

1

, . . . , c

n

Z, not

all divisible by p, such that

1

p

(c

1

w

1

+ . . . + c

n

w

n

) O

K

.

3. Hence if (M)

2

is not squarefree than for each prime p such that

p

2

[(M)

2

, we look for O

K

of the form =

1

p

j

c

j

w

j

with c

j

Z,

not all divisible by p. Suppose that p does not divide c

j

for j = k.

Multiplying through by r Z such that rc

k

1 mod p, we may assume

that c

k

1 mod p. Subtracting integer multiples of the w

i

we may

assume that 0 c

i

< p for all i, and so c

k

= 1. Replacing w

k

by our

new we get another basis, spanning a Z-module M

of basis matrix is

_

_

_

_

_

_

_

_

_

1 0 . . . 0 0

0 1 . . . 0 0

.

.

.

.

.

.

c

1

/p . . . . . . c

n

/p

.

.

.

.

.

.

0 0 . . . 0 1

_

_

_

_

_

_

_

_

_

and so (M

)

2

=

1

p

2

(M)

2

.

4. Repeat the whole process with M

(there are only nitely many possibilities to check, since we only need

to check each c

i

in the range 0 c

i

< p) then p cannot divide m.

Eventually we reach a basis for which none of the available primes

divide m, so that m = 1 and we have arrived at an integral basis.

Example 3.17 K = Q(

d.

Then 1,

d O

K

and

(1,

d)

2

=

d

1 +

2

= 4d.

Since d is squarefree the only prime p such that p

2

[(1,

d)

2

is p = 2.

12

Case 1: d 1 mod 4. We nd

1

2

(1 +

d) O

K

(This element has

minimal polynomial x

2

x + (1 d)/4 Z[x]). In this case we nd

(1,

1

2

(1 +

d))

2

=

1

2

2

4d = d.

Case 2: d , 1 mod 4. Then

1

2

(1 +

d) , O

K

since x

2

x +

1d

4

, Z[x].

The only other cases to check are

1

2

,

1

2

K

. Since

we did not nd any , we conclude that 2 does not divide the index

m = [O

K

: 1,

d

Z

]. Hence 1,

d is an integral basis.

4 Cyclotomic elds

None of the proofs in this section are examinable!

Let p > 2 be a prime and

p

:= e

2i/p

, so that

p

p

= 1. Let K = Q(

p

), a

cyclotomic eld. Clearly :=

p

satises

f(x) =

x

p

1

x 1

= x

p1

+ x

p2

+ + x + 1.

Lemma 4.1. f(x) is irreducible in Q[x].

Proof. Let g(x) = f(x + 1). It suces to show g(x) is irreducible. But

g(x) =

(x + 1)

p

1

(x + 1) 1

= x

p1

+ px

p2

+ + p.

Since p divides all the coecients apart from the rst, but p

2

does not divide

the nal coecient p, the polynomial g(x) is irreducible over Z by Eisensteins

criterion and so over Q by Gauss Lemma.

Corollary 4.2. [K : Q] = p 1.

So a regular p-gon can be constructed with a ruler and compass only if

p 1 is a power of 2.

The roots of x

p1

+ x

p2

+ . . . x + 1 are ,

2

, . . . ,

p1

. These are the

conjugates of , and so f(x) =

p1

i=1

(x

i

).

13

Note 4.3

1. Norm

K/Q

(1 ) =

p1

i=1

(1

i

) = f(1) = p

2. Norm

K/Q

(1 ) = Norm

K/Q

( 1) since p 1 is even. Thus 1 has

minimal polynomial g(x) = f(x + 1).

[this last statement uses: f(x+1) = Norm

K/Q

(x+1) = Norm

K/Q

(x

( 1)) = minimal polynomial of 1.]

Lemma 4.4. If w = 1, , . . . ,

p2

then (w)

2

= (1)

(p1)/2

p

p2

.

Proof. From Question 6 on Problem Sheet 1 we see that

(1, , . . . ,

p2

)

2

= (1)

(p1)(p2)/2

Norm

K/Q

(f

()).

Here K = Q() and

f(x) =

x

p

1

x 1

.

Since p is odd the rst factor reduces to (1)

(p1)/2

. Now

f

(x) =

(x 1)px

p1

(x

p

1)

(x 1)

2

and so

f

() =

p

p1

1

.

Hence from Note 4.3 above,

Norm

K/Q

(f

()) =

Norm

K/Q

(p)Norm

K/Q

()

p1

Norm

K/Q

(1 )

=

(p)

p1

1

p1

p

= p

p2

as required.

Theorem 4.5. The set 1, , . . . ,

p2

is an integral basis for O

K

.

Proof. Let = 1. Certainly we have Z[] = Z[]. We shall show that

1, , . . . ,

p2

is an integral basis.

By Lemma 4.4 and Note 3.13 we see that

(Z[])

2

= (Z[])

2

= (1)

(p1)/2

p

p2

.

14

Hence p is the only prime whose square divides (Z[])

2

. It follows that p is

the only prime which may divide [O

K

: Z[]]. If O

K

,= Z[] then there exists

O

K

such that

=

1

p

p2

j=0

c

j

j

,

with c

j

Z not all divisible by p. Let r be minimal such that p does not

divide c

r

. We may assume c

j

= 0 for j < r by subtracting integer multiples

of the basis elements. Now

p2r

O

K

, since and are in O

K

. Write

p2r

=

1

p

(c

r

p2

+ c

r+1

p1

+ + c

p2

2p4r

). (4.1)

Then

p1

= p

p2

p(p 1)

2

p3

p

and so p

1

p1

O

K

. Hence by subtracting multiples of this from both sides

of (4.1) we see that p

1

c

r

p2

O

K

. However

Norm

K/Q

_

c

r

p

p2

_

=

_

c

r

p

_

p1

p

p2

=

c

p1

r

p

,

since Norm

K/Q

() = p and Norm

K/Q

(c

r

/p) = (c

r

/p)

p1

. This, nally, con-

tradicts the fact that Norm

K/Q

() Z for all O

K

, since p does not

divide c

r

.

5 Unique Factorisation Domains

5.1 Revision from Part A Algebra

Let R be an integral domain.

Denition 5.1.

1. R is a unit if and only if there exists R such that = 1. The

units in R form a group under multiplication; the group of units.

2. , R are associates if and only if there exists a unit u R such

that = u.

15

3. A nonzero, non-unit element R is irreducible if ( = or

is a unit). We write [ if there exists R such that = .

4. A nonzero, non-unit element R is prime if ([ [ or [).

A prime element in R is irreducible (Problem Sheet 2).

Denition 5.2. Let R be an integral domain. R is a Euclidean domain (ED)

if and only if there exists a function (a Euclidean function) d : R0

N 0 such that

1. For all a, b R with b ,= 0, there exist q, r R such that a = qb + r

and either r = 0 or d(r) < d(b).

2. For all nonzero a, b R, d(a) d(ab).

Denition 5.3. R is a principal ideal domain (PID) if and only if every

ideal is principal (recall that I is an ideal if it is an additive subgroup of R

and r R, a I, ra I; furthermore I is principal if it is of the form

() = r : r R).

Denition 5.4. R is a unique factorisation domain (UFD) if and only if for

all nonzero and non-unit R there exist irreducible

1

, . . . ,

n

R such

that

1. =

1

. . .

n

2. If =

1

. . .

m

with irreducible

i

, then m = n and there exists a

permutation of 1, . . . , n such that

i

and

(i)

are associates.

In Part A algebra you proved:

R a ED R a PID R a UFD.

In an integral domain R in which factorisation into irreducibles is possible

then this factorisation is unique if and only if all irreducible elements are

prime (Problem Sheet 2).

16

5.2 Some applications of unique factorisation

First, a useful lemma:

Lemma 5.5. Let O

K

be the ring of integers in a number eld K, and ,

O

K

. Then

1. is a unit (in O

K

) if and only if Norm

K/Q

() = 1.

2. If and are associates (in O

K

) then Norm

K/Q

() = Norm

K/Q

().

3. If Norm

K/Q

() is a rational prime, i.e. a prime number in Z, then

is irreducible in O

K

.

Proof. 1. Proposition 3.10.

2. We have = u with u a unit, and so:

Norm

K/Q

() = Norm

K/Q

(u)Norm

K/Q

() = Norm

K/Q

(), by part 1.

3. Let = . Then Norm

K/Q

() = p = Norm

K/Q

()Norm

K/Q

() for

some prime p Z. The result now follows from 1.

The converses of 2 and 3 are false (see later the proof of Proposition 5.8).

Application (1). Take K = Q(i), so that O

K

= Z[i]. This is a UFD (the

Gaussian Integers) see Problem Sheet 2. We have Norm

K/Q

(a + bi) =

a

2

+ b

2

, so that the only units are 1, i, by Proposition 3.10.

Theorem 5.6 (Fermat/Euler). If p is a prime, and p 1 mod 4, then there

exist a, b Z such that p = a

2

+ b

2

, and this decomposition is unique. [here

unique means: up to and up to swapping a and b.]

Proof. Assume p 1 mod 4. Then

_

1

p

_

= 1, so there exists r Z such

that p[1 + r

2

(e.g. r = g

(p1)/4

mod p where g is a primitive root modulo

p). In Z[i], we have p[(1 + ri)(1 ri). If p is irreducible in the UFD Z[i],

then p[(1 + ri) or p[(1 ri), because any irreducible is prime. However p

cannot divide 1 + ri, for example, because

1

p

+

r

p

i , O

K

. Hence there exist

(a +bi), (c +di) Z[i], neither units, such that p = (a +bi)(c +di). Taking

norms

p

2

= (a

2

+ b

2

)(c

2

+ d

2

).

17

Now Z is a UFD and neither a+bi or c+di has norm 1, giving p = a

2

+b

2

=

(a + bi)(a bi). This yields the existence part of the theorem.

If a + bi = in Z[i] then, taking norms, we nd that

p = Norm()Norm().

Thus or must be a unit. Hence a +bi is irreducible in Z[i], and similarly

for a bi. Thus p = (a + bi)(a bi) is the unique factorisation of p into

irreducibles.

If also p = e

2

+f

2

= (e +fi)(e fi), then e +fi is an associate of either

a +bi or a bi, so that e +fi is one of a +bi, (a +bi), i(a +bi), i(a +bi),

or a bi, (a bi), i(a bi), i(a bi). It follows that a

2

, b

2

= e

2

, f

2

,

which proves uniqueness.

Application (2). Take K = Q(

2) so that O

K

= Z[

2]. This is a

UFD (Problem Sheet 2). We have Norm

K/Q

(a + b

2) = a

2

+ 2b

2

, so that

the only units are 1.

Theorem 5.7 (Fermat/Euler). The only integer solutions of y

2

+2 = x

3

are

x = 3, y = 5.

Proof. If y were even then x would be even, giving 8[y

2

+2, which is impossible

since 4[y

2

. So y is odd.

We have (y +

2)(y

2) = x

3

. Suppose there is an irreducible

element which divides both y +

2 and y

dierence 2

2 = (

2)

3

. However

2, which is prime in Z. So we must have =

2. Now

[y +

2[y 2[y

2

,

a contradiction, since y is odd. Hence y +

2 and y

2 have no

irreducible factor in common. Unique factorisation therefore implies that

y +

2 and y

which are both cubes, we deduce that y

We now have

y +

2 = (a + b

2)

3

= a

3

+3a

2

b

2 +3ab

2

(2) +b

3

(2)

2 = (a

3

6ab

2

) +(3a

2

b 2b

3

)

2,

and hence b(3a

2

2b

2

) = 1. Thus b = 1, a = 1, and so

y = a

3

6ab

2

= a(a

2

6b

2

) = 5 and x = 3.

18

More theorems of Fermat

1. If prime p 1 or 3 mod 8 then p = x

2

+ 2y

2

uniquely (Problem Sheet

2).

2. If prime p 1 mod 3 then p = x

2

+ 3y

2

.

Proposition 5.8. For K = Q(

5) the ring O

K

= Z[

5] is not a UFD.

Proof. We have the factorisation 6 = 2.3 = (1

5)(1 +

5) in O

K

. We

claim that the elements in S = 2, 3, 1 +

5, 1

5 are irreducible in

O

K

. Now

Norm

K/Q

(a + b

5) = a

2

+ 5b

2

so the norms of the elements in S are 4, 9, 6, 6, respectively. For S, if =

with non-units , O

K

, then Norm(), Norm() = 2, 3. However

there are no elements in O

K

with norm 2, 3, since a

2

+5b

2

= 2, 3 has

no solutions in integers a, b. This proves the claim.

By Lemma 5.5 Part 2, the elements 2, 3 cannot be associates of 1 +

5,

1

6 Unique Factorisation of Ideals

To recover unique factorisation we will use ideals instead of elements. Recall

that an ideal I of a commutative ring R is a non-empty subset for which

a b I whenever a, b I, and for which ra I whenever r R and a I.

6.1 Statement of the Unique Factorisation Theorem

Denition 6.1. Let R be an integral domain, and let I, J be ideals of R.

Then IJ :=

_

k

i=1

a

i

b

i

: a

i

I, b

i

J, k 1

_

.

Observe that IJ consists of nite sums of arbitrary length k. We write

(a) := ra : r R

for the principal ideal generated by a.

19

Note 6.2 It is easy to check that:

1. IJ is an ideal of R,

2. If I = () and J = (), then IJ = ().

3. If I = () then IJ = ()J = j : j J.

Denition 6.3. Let R be an integral domain. An ideal I of R is prime if it

is proper and (ab I a I or b I). (recall: an ideal I R is proper if

I ,= R).

Comment. We shall prove later (Theorem 6.26) that any nonzero proper

ideal A of O

K

can be written as a product of prime ideals A = P

1

P

2

. . . P

r

and this factorisation is unique up to the order of the factors.

Denition 6.4. Let K, L be elds with K L. Let I be an ideal of O

K

.

Then I O

L

is dened to be the ideal of O

L

generated by products of the form

i, such that i I, O

L

(sometimes called the image of I in O

L

). Note

that, for any ideals I, J of O

K

, any n N and any principal ideal (a) = aO

K

of O

K

, (IJ) O

L

= (I O

L

)(J O

L

), I

n

O

L

= (I O

L

)

n

and (a) O

L

= aO

L

,

the principal ideal of O

L

generated by the same element (Problem Sheet 3).

6.2 Finiteness of the class number

Denition 6.5. If I, J are nonzero ideals of O

K

, we write I J (and say

that I is equivalent to J) if there exist , O

K

0 such that I() = J().

Lemma 6.6. The relation is an equivalence relation on the set of nonzero

ideals of O

K

.

Proof. Problem Sheet 3.

Denition 6.7. Equivalence classes in O

K

under are called ideal classes.

Let C

K

denote the set of ideal classes. The cardinality h

K

= [C

K

[ is the class

number of K.

We shall prove shortly that h

K

< .

Proposition 6.8. We have h

K

= 1 if and only if O

K

is a PID.

20

Proof. (): Suppose O

K

is a PID. Then for any nonzero I O

K

, there

exists O

k

such that I = (). Then I(1) = O

K

(), so I O

K

.

(): Suppose h

K

= 1. Then for all I O

K

there exist , O

K

such

that

I() = O

K

(). (6.1)

Now the right hand side is just (). Since () from Note 6.2 (3), we see

that = i for some i I. Hence / I O

K

. We claim I = (/).

Certainly (/) I. Also, a I = a I() = (), so a = r, for

some r O

K

, giving: a = r/, and so a (/); hence I (/).

Lemma 6.9. Let I O

K

be a nonzero ideal. Then I Z ,= 0.

Proof. Choose any nonzero I. Suppose that

d

+a

d1

d1

+ +a

0

= 0

(all a

i

Z) with a

0

,= 0. Then a

0

= (a

1

+ +

d1

) I Z.

Lemma 6.10. Let I O

K

be a nonzero ideal. Then O

K

/I is a nite ring.

Proof. Choose any nonzero a I Z. Then O

K

I (a). The map from

O

K

/(a) to O

K

/I which takes + (a) to + I is well-dened and onto. It

therefore suces to show that O

K

/(a) is nite. Let w = w

1

, . . . , w

n

be an

integral basis for O

K

. Then O

K

/(a) is isomorphic as an additive group to

n

i=1

(Z/(a))w

i

= (Z/(a))

n

, where n := [K : Q]. So #O

K

/(a) = a

n

< .

Denition 6.11. The norm of I is dened as N(I) := #O

K

/I.

Proposition 6.12. Let : K K be an automorphism. Then I =

(

1

, . . . ,

n

) and I

= (

1

, . . . ,

n

) have the same norm. [So, for example,

in O

Q(

7)

= Z[

7], N

_

(3, 1 +

7)

_

= N

_

(3, 1

7)

_

.]

Proof. Problem Sheet 4.

Proposition 6.13. If I = () then N(I) = [Norm

K/Q

()[.

Proof. Let w = w

1

, . . . , w

n

be an integral basis for O

K

. Then w :=

w

1

, . . . , w

n

will be a Z-basis for I = (). Directly from the denition

one sees that (w) =

_

n

i=1

i

()

_

(w) = Norm

K/Q

()(w). However

I is an additive subgroup of O

K

with index N(I), by Denition 6.11. Thus

if w

i

is expressed in terms of w as w

i

=

c

ij

w

j

, with c

ij

Z, then we

will have N(I) = [ det(c

ij

)[, by Theorem 1.8. On the other hand, we have

(w) = det(c

ij

)(w), by Lemma 2.4. Hence N(I) = [(w)/(w)[ =

[Norm

K/Q

()[.

21

Lemma 6.14 (Hurwitz). Let K be a number eld with [K : Q] = n. Then

there exists a positive integer M, depending only on the choice of integral

basis for O

K

, such that for any K, there exist w O

K

and 1 t M,

t Z with

Norm

K/Q

(t w)

< 1.

Remark. If one could take M = 1 then for any K there would be a

w O

K

with [Norm

K/Q

( w)[ < 1. This is equivalent to the Euclidean

property for the norm function. That is to say, if one can take M = 1 then

O

K

is a Euclidean Domain with Euclidean function d() = [Norm

K/Q

()[.

In general one can regard Hurwitzs lemma as providing a statement

weaker than the Euclidean property, but valid for any number eld.

Proof. Let w

1

, . . . , w

n

be an integral basis for O

K

. For any K we write

=

n

i=1

i

w

i

with

i

Q. Let

i

= a

i

+ b

i

with a

i

Z and 0 b

i

< 1.

We dene (for the duration of this proof only) [] =

n

i=1

a

i

w

i

and =

n

i=1

b

i

w

i

. Hence we will have = [] + and [] O

K

for all K.

Let w

(1)

i

, . . . , w

(n)

i

be the K/Q-conjugates of w

i

, and set

C :=

n

j=1

(

n

i=1

[w

(j)

i

[).

Then if =

n

i=1

i

w

i

and := max

1in

[

i

[, we have

[Norm

K/Q

()[ =

j=1

_

n

i=1

i

w

(j)

i

_

j=1

_

n

i=1

w

(j)

i

_

= C

n

. (6.2)

Choose m to be the rst integer after C

1/n

and let M = m

n

, so that M

depends only on our choice of w

1

. . . , w

n

. Dene a linear map : K R

n

by

_

n

i=1

i

w

i

_

= (

1

, . . . ,

n

). (6.3)

Now () lies in the unit cube

B := (x

1

, . . . , x

n

) R

n

: 0 x

i

< 1 .

Partition B into m

n

subcubes of side 1/m, and consider the points (k),

for 0 k m

n

. There are m

n

+ 1 such points and only m

n

available

22

subcubes. Hence, by the Pigeon-hole principle, there are two points lying

in the same subcube. Suppose these correspond to k = h and l, with h > l.

Letting t = h l, we have 1 t m

n

= M. It follows that t = w +

where w := [h] [l] O

K

and := h l with

() [1/m, 1/m]

n

.

By (6.2) and (6.3), we now nd that

[Norm

K/Q

()[ C(1/m)

n

< 1,

since we took m > C

1/n

. The lemma then follows, since = t w.

Theorem 6.15. The class number h

K

= #C

K

is nite.

Proof. Let I be a nonzero ideal of O

K

. Choose 0 ,= I such that [Norm()[

is minimal, and let M be as in Hurwitzs lemma. Now consider an arbitrary

I, and apply the lemma with := /. Then there exists an integer t

in the range 1 t M such that [Norm(t(/) w)[ < 1 with w O

K

.

Thus t w I and [Norm(t w)[ < [Norm()[. This contradicts

the minimality of [Norm()[ unless t w = 0. We therefore deduce that

t (). In general the integer t will be dierent for dierent values of

, but we can always deduce that M! (). Since was arbitrary we

conclude that

(M!)I (). (6.4)

Let

J := 1/ M! : I.

Then J is an ideal; the only non-trivial part is checking that J O

K

, but

this follows from (6.4). Moreover ()J = (M!)I, so that I J.

By taking = in the denition of J we see that O

K

J (M!). By

Lemma 6.10 we know that O

K

/(M!) is nite, and so there are only nitely

many possibilities for J. Hence I is equivalent to one of nitely many ideals.

It follows that there are nitely many equivalence classes.

6.3 Ideal classes form a group under multiplication

Lemma 6.16. If I, J O

K

are ideals, with I nonzero, and JI = I then

J = O

K

.

23

Proof. Let

1

, . . . ,

n

be a Z-basis for I. Since I = JI there exist b

ij

J

such that

i

=

n

j=1

b

ij

j

. Hence det(b

ij

ij

) = 0, and expanding this

determinant out, one sees that all terms lie in J, except the product of the

1s in the identity matrix. Hence 1 J and so J = (1) = O

K

.

Lemma 6.17. If I is a nonzero ideal of O

K

, and w K with wI I, then

w O

K

.

Proof. Take M = I in Lemma 3.6.

Lemma 6.18. If I, J are nonzero ideals in O

K

, and w O

K

is such that

(w)I = JI, then (w) = J.

Proof. Choose an arbitrary J. Then (w)I ()I, so that /wI I.

By Lemma 6.17 we therefore have /w O

K

, and so (w). Since was

arbitrary we deduce that J (w), giving that w

1

J is an ideal in O

K

. We

then have I = (w

1

J)I and so by Lemma 6.16, we obtain w

1

J = O

K

, so

that J = (w).

Proposition 6.19. For any nonzero ideal I O

K

, there exists k such that

1 k h

K

and I

k

is principal.

Proof. Among the h

K

+ 1 ideals I

i

: 1 i h

K

+ 1 some two must be

equivalent. Suppose that I

i

I

j

with j > i. Then ()I

i

= ()I

j

for some

, O

K

. Let k = j i and J = I

k

. Then ()I

i

= ()I

i

J ()I

i

, so that

/I

i

I

i

. By Lemma 6.17 we have / O

K

. Also (/)I

i

= JI

i

and

so, by Lemma 6.18, (/) = J. It follows that J = I

k

is principal.

Proposition 6.20. The ideal classes form a group C

K

. It is called the class

group of K and its order is the class number h

K

.

Proof. Given two ideal classes [I], [J] we dene the product [I] [J] := [IJ].

This is well-dened (easy). The element [O

K

] acts as an identity, and asso-

ciativity is easily veried. Thus it remains to show the existence of inverses.

Let [I] be the class of I, and [O

K

] = [(1)] the identity. However, given

[I] C

K

, if I

k

is principal, then [I

k1

] is an inverse of [I].

6.4 Proof of the unique factorisation theorem

Lemma 6.21 (Cancellation Lemma). Let A, B, C O

K

be nonzero ideals

with AB = AC. Then B = C.

24

Proof. Let k be such that A

k

= () is principal. Multiplying by A

k1

, we

get ()B = ()C, and so B = C.

Denition 6.22. Let A, B O

K

be nonzero ideals. We write B[A if there

exists an ideal C O

K

such that A = BC.

Proposition 6.23. Let A, B be nonzero ideals in O

K

. Then B A if and

only if there exists an ideal C such that A = BC, i.e., B[A.

So to contain is to divide!

Proof. Let k 1 be such that B

k

= () is principal. If B A then we

have B

k1

A B

k

= (). Let C := 1/B

k1

A, so that C O

K

is an

ideal. Then BC = B1/B

k1

A = A. Hence B[A. Conversely, if B[A then

A = BC

, for some C

; furthermore BC

B A.

Lemma 6.24. Let A, B be nonzero ideals, and P a prime ideal of O

K

such

that P[AB. Then either P[A or P[B.

Proof. Suppose that P[AB and P does not divide A. We must show that

P[B. Now P AB but P , A, so there exists A with , P. For any

B we will have P, since P AB. However P is a prime ideal,

so if P one of or must belong to P. In our case we conclude that

P. Hence P B, so that P[B by Proposition 6.23.

Note 6.25 In general, for any ring, every maximal ideal is prime. In the

case of rings O

K

the converse is true for nonzero ideals. To prove this, note

that if P is a nonzero prime ideal of O

K

then O

K

/P is a nite integral

domain. Any nite integral domain is a eld, and hence O

K

/P is a eld. It

then follows that P is maximal.

This following key theorem is due to Dedekind as is most of the theory

of ideals in number elds.

Theorem 6.26. (Unique Factorisation Theorem for ideals of O

K

). Let A

be any nonzero proper ideal of O

K

. Then there exist prime ideals P

1

, . . . , P

r

such that A = P

1

. . . P

r

. The factorsiation is unique up to the order of the

factors; that is, if A = Q

1

. . . Q

s

is another prime ideal factorisation then

s = r and there exists a permutation such that Q

i

= P

(i)

, 1 i r.

25

Proof. Assume not every ideal A (nonzero and proper) has a prime factori-

sation. Let A be such an ideal with N(A) minimal. There exists a maximal

(hence prime) ideal P

1

containing A. So Proposition 6.23 shows that there

is an ideal C with A = P

1

C.

If A = C then P

1

C = C and P

1

= O

K

, by Lemma 6.16. This is clearly

impossible. Hence A C, and by the denition of the norm (Denition

6.11) we have N(A) = N(C)[C : A] > N(C). Hence, by our minimality

assumption for A, one can factor C into prime ideals as C = P

2

. . . P

r

(or

C = O

K

and A = P

1

). Therefore A = P

1

. . . P

r

, a contradiction. Hence every

nonzero proper ideal has a prime factorisation.

Suppose

A = P

1

P

2

. . . P

r

= Q

1

Q

2

. . . Q

s

.

Now P

1

[Q

1

. . . Q

s

. Let k be minimal such that P

1

[Q

1

. . . Q

k

. If k = 1 then

P

1

[Q

1

. If k > 1 then P

1

[(Q

1

. . . Q

k1

)Q

k

, but P

1

does not divide Q

1

. . . Q

k1

.

Since P

1

is prime, we must have P

1

[Q

k

. We therefore have P

1

[Q

k

(so P

1

Q

k

)

in either case. Since Q

k

is maximal this implies that P

1

= Q

k

. Without loss

of generality we take k = 1 and then, by the cancellation lemma 6.21, we

have P

2

. . . P

r

= Q

2

. . . Q

s

. We may now repeat the process until every P

i

has been shown to equal some Q

j

.

Note that the prime ideals which occur in the factorisation of A are those

which contain A.

Note also that if u O

K

is a unit, then (u) = O

K

and so (u)I = I for any

ideal I R; that is to say, ideals absorb units. Thus unique factorisation

of ideals is simpler to describe than unique factorisation of elements. If

O

K

is a PID then the theorem implies directly that it is a UFD. However, in

general O

K

will not be a PID, that is to say, not all ideals will be principal.

Note 6.27

At this point we explain how to multiply ideals in practice. It is a fact,

which we will not prove here, that every ideal can be written with at most 2

generators. We shall write (, ) for the ideal

(, ) = a + b : a, b O

K

.

Then the product

(, )(, ) =

n

i

:

i

(, ),

i

(, )

26

clearly contains the four elements , , , , giving

(, , , ) (, )(, ).

Moreover any term

i

i

in the sum above is of the shape (a+b)(c+d)

(, , , ), so that

(, )(, ) =

n

i

:

i

(, ),

i

(, ) (, , , ).

Thus we must have

(, )(, ) = (, , , ).

To reduce the 4 generators on the right to at most 2 requires ad hoc

methods (given only the technology from the present course). As an example

consider

(11, 3 +

13)(11, 3

13) = (121, 33 11

13, 33 + 11

13, 22).

All the generators belong to (11), and so

(121, 33 11

13, 33 + 11

On the other hand 11 is the highest common factor of 121 and 22, over Z,

so that one can solve 11 = 121m + 22n over Z. It follows that

(11) (121, 22) (121, 33 11

13, 33 + 11

13, 22).

We can therefore conclude that

(121, 33 11

13, 33 + 11

and hence that

(11, 3 +

13)(11, 3

13) = (11).

27

6.5 Multiplicativity of the Norm

Denition 6.28. Let A, B be ideals. We dene

A + B := a + b : a A, b B,

which is clearly an ideal. We say that A, B are coprime if A + B = O

K

.

This will occur if and only if there does not exist a maximal P such that

P A and P B. Thus, A and B are coprime if and only if they have no

prime ideal factor in common.

Note also that, if A, B are coprime and A[BC then A[C; furthermore, if

A, B are coprime and A[I, B[I then AB[I (Problem Sheet 2).

Lemma 6.29. If A and B are coprime then AB = A B.

Proof. Certainly AB A B, and so A B[AB. On the other hand, since

A[AB and B[AB, it follows by coprimality and unique factorisation that

AB[A B. These two divisibility relations suce for the proof.

Lemma 6.30. If nonzero A, B are coprime then N(AB) = N(A)N(B).

Proof. The Chinese Remainder Theorem gives

O

K

/(A B)

= O

K

/A O

K

/B

when A+B = O

K

, (that is to say, when they are coprime). By the previous

lemma, AB = AB. The lemma then follows on considering the cardinality

of the two sides.

Lemma 6.31. If P is a nonzero prime ideal of O

K

and i 0 then #P

i

/P

i+1

=

#O

K

/P.

Proof. We have P

i+1

P

i

, but by the Cancellation Lemma 6.21, we cannot

have P

i

= P

i+1

. We may therefore choose P

i

with , P

i+1

. Then

P

i

(). Let () = P

i

B with B not divisible by P. Dene a homomorphism

of additive groups by

: O

K

P

i

/P

i+1

.

(So one multiplies by and then reduces modulo P

i+1

.) We now have

() = 0 P

i+1

() P

i+1

()P

i

B P

i+1

28

P

i+1

[()P

i

B P[B() P[().

Hence ker = P.

It now suces to show that is surjective. However

() + P

i+1

= P

i

B + P

i+1

= P

i

since B + P = O

K

. Thus, given any + P

i+1

P

i

/P

i+1

(so that P

i

)

there exist O

K

and P

i+1

such that + = . We then have

() = + P

i+1

, as required. Finally, the First Isomorphism Theorem for

groups gives that:

O

K

/P

= O

K

/ ker

= im = P

i

/P

i+1

.

Taking orders of both sides gives the required result.

Corollary 6.32. If P is a nonzero prime ideal and e 1 then N(P

e

) =

N(P)

e

.

Proof. Considering O

K

and P

i

as additive groups we have

N(P

e

) = #O

K

/P

e

= #O

K

/P #P/P

2

#P

e1

/P

e

= (#O

K

/P)

e

= N(P)

e

.

Corollary 6.33. If A =

i

P

e

i

i

, (P

i

being distinct nonzero prime ideals),

then we have N(A) =

N(P

i

)

e

i

.

Proof. Use the corollary above and Lemma 6.30.

From the Unique Factorisation Theorem 6.26 and this last corollary we

deduce:

Proposition 6.34. If A, B are nonzero ideals then N(AB) = N(A)N(B).

Note that if N(I) = p, a rational prime, then I is automatically prime.

The converse is not true, but we shall soon see that every prime ideal P does

have N(P) = p

k

for some rational prime p and integer k.

Example 6.35 What happens in Z[

6 = 2 3 = [1

5] [1 +

5].

29

In terms of ideals we write this as

(6) = (2)(3) = (1

5)(1 +

5).

Let P

1

= (2, 1 +

5), P

2

= (2, 1

5), Q

1

= (3, 1 +

5) and Q

2

=

(3, 1

5) where (, ) := r + s : r, s O

K

. Now

(2) = (4, 6) P

1

P

2

(2, 6) = (2)

giving P

1

P

2

= (2). We have N((2)) = Norm(2) = 4, and so N(P

1

)N(P

2

) = 4.

Moreover an easy calculation shows that a b mod 2 whenever a +b

5

P

i

, and so P

i

,= O

K

. We therefore deduce that N(P

1

) = N(P

2

) = 2. Similarly

(3) = (9, 6) Q

1

Q

2

(3, 6) = (3), so that Q

1

Q

2

= (3), and N(Q

1

) =

N(Q

2

) = 3. It follows that P

1

, P

2

, Q

1

, Q

2

are all prime ideals. (In fact,

P

1

= P

2

, e.g. 1

5 = 2.1 (1 +

5).1 P

1

.)

We also have P

1

, Q

1

(1+

5) and P

2

, Q

2

(1

5). Consideration

of norms then shows that (1 +

5) = P

1

Q

1

and (1

5) = P

2

Q

2

. Thus

(2)(3) = (1 +

5)(1

5) becomes P

1

P

2

Q

1

Q

2

= P

1

Q

1

P

2

Q

2

,

demonstrating that we have the same factorisation into ideals, even though

the factorisations into irreducibles are dierent.

7 Decomposition into prime ideals

Let K be a number eld of degree [K : Q] = n. Let P be a nonzero prime

ideal of O

K

. Then P Z is a prime ideal of Z, and so is of the form pZ for

some rational prime p. We therefore have P pO

K

= (p). We say that P

lies above the prime p.

Suppose that

(p) = P

e

1

1

. . . P

e

r

r

where P

1

, . . . , P

r

are distinct prime ideals in O

K

. Then P

1

, . . . , P

r

are the

prime ideals lying above the rational prime p. Taking norms we have

p

n

= N(P

1

)

e

1

. . . N(P

r

)

e

r

Hence, each N(P

i

) = p

f

i

and

r

i=1

e

i

f

i

= n.

Note also that P must be one of the P

i

and so N(P) is a power of p.

30

Denition 7.1. The integer e

i

is called the ramication index of P

i

. If

e

i

> 1 we say that P

i

is ramied. If some e

i

> 1 we say that p ramies in

K. The integer f

i

is called the degree of P

i

.

Note that p

f

i

= #O

K

/P

i

and that O

K

/P

i

is isomorphic to the nite eld

with p

f

i

elements.

Theorem 7.2 (Dedekind). Suppose that K = Q() with O

K

having

minimal polynomial m(x) Z[x] of degree n. If p does not divide [O

K

: Z[]]

and m(x) := m(x) mod p F

p

[x] factorises as

m(x) =

r

i=1

g

i

(x)

e

i

with g

i

distinct and irreducible, then

1. P

i

= (p, g

i

()) is a prime ideal of O

K

(here g

i

(x) Z[x] is any polyno-

mial such that g

i

(x) g

i

(x) mod p).

2. The prime ideals P

i

are distinct.

3. The degree of P

i

is the degree of g

i

.

4. (p) =

r

i=1

P

e

i

i

.

Proof. Suppose that p does not divide the index [O

K

: Z[]]. Consider the

natural map Z[] O

K

/pO

K

. An element of the kernel must have the

form p for O

K

. Since p does not divide the index [O

K

: Z[]] we must

have Z[]. The kernel is thus precisely pZ[] and we get an injection

Z[]/pZ[] O

K

/pO

K

. Indeed this must be an isomorphism of rings since

both sides have order p

n

. Now consider the ring homomorphism from Z[x]

to Z[]/pZ[] taking g(x) to g() + pZ[]. This has kernel

g(x) : g(x) = m(x)h(x) + pj(x) = (p, m(x)),

giving

Z[]/pZ[]

= Z[x]/(p, m(x)).

Finally consider the homomorphism from Z[x] to F

p

[x]/( m(x)), sending g(x)

to g(x) + ( m(x)). The kernel of this map is

g(x) : m(x)[ g(x) = g(x) : g(x) = m(x)h(x) + pj(x) = (p, m(x)).

31

Thus Z[x]/(p, m(x))

= F

p

[x]/( m(x)), and composing our various maps we

obtain

O

K

/pO

K

= Z[]/pZ[]

= Z[x]/(p, m(x))

= F

p

[x]/( m(x)).

We are looking for prime ideals P with O

K

P pO

K

. There is a 1 1

correspondence between the prime ideals of O

K

containing (p) and the prime

ideals of O

K

/pO

K

, and between these latter prime ideals and the prime ideals

of F

p

[x]/( m(x)). However the prime ideals of F

p

[x]/( m(x)) are generated by

irreducible factors g

i

(x) of m(x). Tracing back the eect of our various

isomorphisms one sees that these correspond to P

i

= (p, g

i

()) in O

K

. This

proves parts 1 and 2 of the theorem. Moreover one sees, again by checking

the eect of our three isomorphisms, that N(P

i

) = #F

p

[x]/( g

i

(x)), which

proves part 3.

Finally we have

r

i=1

P

e

i

i

=

r

i=1

(p, g

i

())

e

i

i=1

(p, g

i

()

e

i

) (p,

r

i=1

g

i

()

e

i

) = (p).

However p

f

i

= N(P

i

) = p

deg(g

i

)

(by part 3), so that

N

_

r

i=1

P

e

i

i

_

= p

r

i=1

e

i

f

i

= p

r

i=1

e

i

deg(g

i

)

= p

n

.

On the other hand, N((p)) = p

n

and so (p) =

r

i=1

P

e

i

i

. This proves part 4,

the nal assertion of the theorem.

Corollary 7.3. If p ramies then p[(Z[])

2

.

Proof. If p[[O

K

: Z[]] then p[(Z[])

2

. So we may suppose that p does not

divide [O

K

: Z[]]. Then the above theorem shows that if p ramies, with a

factor P

2

, then m(x) has a multiple irreducible factor g(x) over F

p

, for which

g() (p, g()) = P. We then have m(x) = g(x)

2

h(x) + pk(x), say, so that

m

(x) = g(x)2g

(x)h(x) + g(x)h

(x) + pk

say. Thus m

() = g()j() + p with O

K

. It follows that

Norm

K/Q

(m

()) =

(m

()) =

(g()j()) + p

32

for some algebraic integer . We now have

Norm

K/Q

(m

()) = Norm

K/Q

(g())Norm

K/Q

(j()) + p,

so that in particular we see that Z. However, since P[(g()) we will

have N(P)[Norm

K/Q

(g()) and hence p[Norm

K/Q

(g()). We therefore con-

clude that p[Norm

K/Q

(m

2

(Z[]) =

Norm

K/Q

(m

Example 7.4 Let K = Q(

5), so that O

K

= Z[

5] and (Z[

5])

2

=

4(5) = 20. The possible ramied primes are 2 and 5. We have m(x) =

x

2

+ 5, and

x

2

+ 5 x

2

+ 1 (x + 1)

2

mod 2

so that

(2) = (2,

5 + 1)

2

.

Similarly, x

2

+ 5 x

2

mod 5 so that

(5) = (5,

5)

2

= (

5)

2

.

For all primes we have

r

i=1

e

i

f

i

= 2, so r 2. Thus one of the following

cases holds: r = 1, e

1

= 2, f

1

= 1 (ramied case), or r = 1, e

1

= 1, f

1

= 2

(we say p remains inert), or r = 2, e

1

= e

2

= 1, f

1

= f

2

= 1 (we say p splits).

We extend this language to general algebraic number elds, saying that p is

inert if (p) is prime in O

K

, and that p splits otherwise.

We have already dealt with p = 2, 5 so consider p ,= 2, 5.

Case 1:

_

5

p

_

= 1. Then x

2

+ 5 is irreducible modulo p, and

(p) = P := (p,

5

2

+ 5) = (p)

is inert.

Case 2:

_

5

p

_

= 1. Then

x

2

+ 5 (x a)(x + a) mod p

where a , a mod p. In this case (p) = P

1

P

2

where P

1

= (p,

5 a)

and P

2

= (p,

5 + a). e.g. x

2

+ 5 x

2

1 (x 1)(x + 1) mod 3,

so that (3) = (3,

5 1)(3,

p 1, 3, 7, 9 mod 20 by quadratic reciprocity.)

33

8 Minkowski: computation of the class group

8.1 Minkowskis convex body theorem

Let v

1

, . . . , v

n

be any basis for R

n

. Let L =

n

i=1

a

i

v

i

: a

i

Z be

the lattice generated by the v

i

. It is an additive subgroup of R

n

. Let D =

n

i=1

a

i

v

i

: a

i

[0, 1). We call D a fundamental domain for L. Every

v R

n

can be expressed uniquely as v = u + w with u L and w D.

If v

i

=

n

j=1

a

ij

e

j

where e

1

, . . . , e

n

is the standard basis for R

n

, then

we dene Vol(D) := [ det(a

ij

)[; this is sometimes denoted Vol(L). We also

have Vol(D)

2

= det(v

i

v

j

), being the determinant of matrix (a

ij

)(a

ij

)

t

. One

can easily check that Vol(D) is independent of the choice of Z-basis for the

lattice L.

Lemma 8.1 (Blichfeldt). Let L be a lattice in R

n

, and let S be a bounded,

measurable subset of R

n

such that Vol(S) > Vol(L). Then there exist x, y S

with x ,= y and such that x y L.

Proof. (Non-examinable)

Let D be a fundamental domain for L. When a L write S(a) = (Sa)

D. Then S is the disjoint union of the sets S(a)+a as a runs over L. It follows

that Vol(S) =

aL

Vol(S(a)). However Vol(S) > Vol(D) and S(a) D.

Thus some S(b) and S(c) with b ,= c must overlap. Let v S(b)S(c). Then

x = v + b S and y = v + c S, and x y = b c L.

Denition 8.2. We say S R

n

is convex if

x, y S, 0 1 x + (1 )y S.

We say S is symmetric (about the origin) if

x S x S.

Theorem 8.3 (Minkowskis Convex Body Theorem). Let L be a lattice in

R

n

. Let S be a bounded measurable subset of R

n

which is convex and sym-

metric. If Vol(S) > 2

n

Vol(L) then there exists v L 0 with v S.

Proof. (Non-examinable)

We have Vol(

1

2

S) = 2

n

Vol(S) > Vol(L). Thus Blichfeldts result tells us

that there exist x, y

1

2

S such that x y L 0. Now 2x S and, by

symmetry, 2y S. Using convexity we then nd that

1

2

(2x + (2y)) S,

that is to say, x y S.

34

Note 8.4 If S is closed, and therefore compact, then it is enough to have

Vol(S) 2

n

Vol(L).

Example 8.5 We give another proof that if p 1 mod 4 then there exist

x, y Z such that p = x

2

+ y

2

.

We know that

_

1

p

_

= 1, so there is an s such that s

2

1 mod p. If

p = x

2

+ y

2

then x

2

+ y

2

0 mod p and so (x/y)

2

1 mod p. Hence x

sy mod p. We will search for a small integer solution to x sy mod p.

Such points form a lattice L in R

2

. We have

x sy mod p x = sy + pz, with z Z (x, y) = y(s, 1) + z(p, 0).

Hence (s, 1), (p, 0 is a basis for L, and

Vol(L) =

det

_

s p

1 0

_

= p.

Let C be the disc x

2

+y

2

< 2p, with radius

and symmetric about the origin, and

Vol(C) = (

_

2p)

2

= 2p > 2

2

p = 2

2

Vol(L).

Hence by Minkowskis Theorem there exists a nonzero v L such that

v C. Suppose that v = (x, y). Since v L we have x sy mod p, and

hence x

2

+ y

2

0 mod p. However v C implies x

2

+ y

2

< 2p, so that

x

2

+ y

2

= 0 or p. Finally, since v ,= 0 we must have x

2

+ y

2

= p.

8.2 Minkowskis bound

Let [K : Q] := n = r + 2s where r is the number of real embeddings

1

, . . . ,

r

: K R, and s the number of pairs of complex embeddings

r+1

, . . . ,

r+s

,

r+1

, . . . ,

r+s

: K C

Denition 8.6. Let : K R

r

C

s

= R

n

be dened as (x) :=

(

1

(x), . . . ,

r

(x), (

r+1

(x)), (

r+1

(x)), . . . , (

r+s

(x)), (

r+s

(x))) .

35

Let O

K

be the ring of integers of K, and let v

1

, . . . , v

n

be an integral

basis for O

K

. Write A for the matrix whose ith row is (v

i

). By elementary

column operations we nd that

(2i)

s

det(A) = det(

j

(v

i

)) =

_

[

2

[ ,= 0

where

2

:=

2

(K). Thus det(A) ,= 0, and (O

K

) is a lattice in R

n

of

volume

_

[

2

[/2

s

.

If I is an ideal of O

K

, with basis w = w

1

, . . . , w

n

then w

i

=

j

c

ij

v

j

and

N(I) = [O

K

: I] = [ det(c

ij

)[

by Theorem 1.8. Moreover,

2

(w) = det

2

(c

ij

)

2

(v) by Lemma 2.4, and

so

2

(w) = N(I)

2

2

(v). We can now replace the basis v in the previous

calculation by w, to deduce that

Vol((I)) =

_

[

2

(w)[

2

s

=

N(I)

_

[

2

(v)[

2

s

=

N(I)

_

[

2

[

2

s

.

Lemma 8.7. For t > 0 let

R

t

:=

_

(x

1

, . . . , x

r

, z

1

, . . . , z

s

) R

r

C

s

:

r

i=1

[x

i

[ + 2

s

i=1

[z

s

[ t

_

.

Then

1. R

t

is a compact, symmetric, and convex subset of R

n

,

2. Vol(R

t

) = 2

r

t

n

(/2)

s

/n!

Proof. Non-examinable. See Lang, Algebraic Number Theory, (Addison-

Wesley, 1970), page 116.

Theorem 8.8. Let I O

K

be a nonzero ideal. Then there exists a nonzero

I with

[Norm

K/Q

()[ c

K

N(I)

where

c

K

:=

_

4

_

s

n!

n

n

_

[

2

(K)[

is Minkowskis constant for K.

36

Proof. Choose t R so that

s

t

n

/n! = 4

s

_

[

2

(K)[N(I). Then

Vol(R

t

) =

2

r

t

n

(/2)

s

n!

=

2

n

_

[

2

(K)[N(I)

2

s

= 2

n

Vol((I)).

By Minkowskis theorem (compact version), there exists a nonzero I

such that () R

t

. Hence

r

i=1

[

i

()[ + 2

r+s

i=r+1

_

(

i

())

2

+(

i

())

2

t.

This means that

n

i=1

[

i

()[ t and so

1

n

n

i=1

[

i

()[

t

n

.

By the inequality of the arithmetic and geometric means we have

_

n

i=1

[

i

()[

_

1/n

1

n

_

n

i=1

[

i

()[

_

t

n

,

giving [Norm

K/Q

()[

_

t

n

_

n

= c

K

N(I).

Theorem 8.9. Any ideal class c C

K

contains an ideal J such that N(J)

c

K

, that is to say

N(J)

_

4

_

s

n!

n

n

_

[

2

(K)[.

Proof. Let I be any ideal in the inverse class c

1

. We now know there

exists a nonzero I such that [Norm

K/Q

()[ c

K

N(I). Since () I

we have I[(), and so there exists an ideal J such that IJ = (). The

relations I c

1

and IJ = () imply that [J] = c and J c. Moreover

N(I)N(J) = N(IJ) = [Norm

K/Q

()[ c

K

N(I), and so N(J) c

K

.

Note 8.10 For a nonzero ideal J O

K

we have N(J) = #O

K

/J so that

N(J).x J for any x O

K

, by Lagranges Theorem, regarding O

K

/J as

an additive group. Taking x = 1 shows that N(J) J. It follows that

J (N(J)), and hence that J[(N(J)).

We can therefore deduce that every class c contains an ideal J such that

J has an element m J N with m c

K

.

37

Corollary 8.11. If K ,= Q then [

2

(K)[ > 1.

Proof. Since N(J) 1 for any ideal J O

K

, we must have

1

_

4

_

s

n!

n

n

_

[

2

(K)[

_

4

_

n

n!

n

n

_

[

2

(K)[.

Let b

n

:=

_

4

_

n

n

n

n!

. It will suce to show that b

n

> 1 for all n 2. Now

b

2

=

2

/8 > 1. Moreover

b

n+1

b

n

=

4

_

1 +

1

n

_

n

=

4

_

1 + n

1

n

+ . . .

_

2

> 1.

Hence b

n

> 1 for all n 2.

9 Class group computations and Diophantine

applications

Note 9.1 The class group is abelian. Let c be any ideal class. Then

there exists J c with N(J) c

K

. Write J as a product of prime ideals,

J = P

1

. . . P

s

, say. By the multiplicativity of the norm, N(P

i

) c

K

for each

i. Moreover c = [J] = [P

1

. . . P

s

] = [P

1

] . . . [P

s

]. Hence c is in the group

generated by ideal classes of prime ideals of norm at most c

K

. Thus the class

group itself is generated by classes of prime ideals in O

K

of norm at most

c

K

.

In order to nd a suitable set of generators we observe that prime ideals

of norm c

K

are factors of ideals (p) where p N is prime and p c

K

.

Using Dedekinds Theorem 7.2, we can factor all such primes p into prime

ideals, to give a complete set of generators.

To determine the class group it remains to nd any relations satised by

the classes of these prime ideals. Some such relations can be found from the

prime factorisations of the ideals (p), since these are principal, and others can

be obtained by factoring principal ideals () generated by elements O

K

of small norm.

To show that the set of relations found is complete one needs to show that

appropriate combinations of the generators are not principal. In general this

can be awkward, but for complex quadratic elds one can prove that an ideal

38

I is non-principal by nding all elements O

K

with Norm

K/Q

() = N(I),

and checking whether or not I = (). If K is complex quadratic there will

only be nitely many possible with Norm

K/Q

() = N(I) to check.

Example 9.2 Let K = Q(

5), so that O

K

= Z[

Proposition 5.8 that O

K

is not a PID, so that h

K

> 1. We have n = 2, s =

1, r = 0, and

2

(K) = 20. Thus

c

K

=

2!

2

2

_

4

20 =

4

< 3.

It follows that every ideal class contains an ideal of norm at most 2, and

that C

K

is generated by classes of prime ideals of norm at most 2. However

(2) = P

2

2

where P

2

= (2, 1 +

5) with N(P

2

) = 2. Hence [P

2

] generates

C

K

. Moreover P

2

2

= (2), giving [P

2

]

2

= [(2)] = [O

K

], which is the identity in

C

K

. Hence C

K

is cyclic of order 2, and h

K

= 2.

Example 9.3 Next consider K = Q(

K

= Z[

6], with

n = 2, r = 0, s = 1 and

2

(K) = 24. In this case

c

K

=

2!

2

2

_

4

24 =

4

3.1.

The ideal class group C

K

is generated by prime ideals P such that N(P)

c

K

, which means that N(P) = 2 or 3.

Now x

2

+6 x

2

mod 2, and so (2) = P

2

2

where P

2

:= (2,

6). Similarly

x

2

+6 x

2

mod 3, so that (3) = P

2

3

with P

3

:= (3,

2

) = 2

and N(P

3

) = 3. (Indeed e = 2, f = 1 in both cases.) It follows that C

K

is generated by [P

2

] and [P

3

], but we need to see if there are any relations

satised by these classes.

If P

2

is principal then P

2

= (x + y

this gives 2 = [x

2

+ 6y

2

[, which is impossible. Similarly P

3

is not principal,

so that [P

2

], [P

3

] ,= [O

K

] in C

K

.

Since P

2

2

= (2) we have [P

2

]

2

= [O

K

], and similarly [P

3

]

2

= [O

K

].

We next observe that

6 =

6.3 2.

6 P

2

P

3

. We also have

Norm

K/Q

(

6) = P

2

P

3

. It follows

that [P

2

][P

3

] = [O

K

]. Thus [P

3

] = [P

2

]

1

= [P

2

], and C

K

must be cyclic of

order 2, generated by [P

2

], and h

K

= 2.

39

Example 9.4 Find all integer solutions of the equation y

2

+ 54 = x

3

.

Let x, y Z be a solution. If y is even then x

3

54 2 mod 4, which

is impossible. If 3[y then 3[x, and on setting x = 3x

1

, y = 3y

1

we will have

y

2

1

+ 6 = 3x

3

1

. Hence 3[y

1

, and on writing y

1

= 3y

2

we obtain 3y

2

2

+ 2 =

x

3

1

. However 3y

2

2

+ 2 2 or 5 mod 9 while x

3

1

0, 1 or 8 mod 9. This

contradiction shows that we must have y coprime to 3.

It follows that hcf(y, 6) = 1, and hence that hcf(x, 6) = 1.

We now use the ideal factorisation (y + 3

6)(y 3

6) = (x)

3

. We

proceed to show that the factors on the left are coprime. If a prime ideal P

divides both factors then 6

6 = y + 3

6 y 3

6 P, and so

P[(6

6) = P

3

2

P

3

3

. (Recall that (

6) = P

2

P

3

.) Thus P can only be P

2

or P

3

. However P[(y + 3

6) implies P[(x)

3

, and on taking norms we nd

that N(P)[x

6

, which is impossible, since hcf(x, 6) = 1.

It follows that (y +3

6) and (y 3

K

.

By unique factorisation of ideals we have

(y + 3

6) = I

3

for some ideal I. Since I

3

is principal we have [I]

3

= [O

K

], the identity

in C

K

. However we know from above that h

K

= 2 (giving [I]

2

= [O

K

] by

Lagranges Theorem), and so we must have [I] = [O

K

]. Thus I is principal,

so that I = () for some O

K

.

It follows that (y + 3

6) = ()

3

= (

3

), giving y + 3

6 = u

3

with

u a unit. (Recall that if () = () then = u for some unit u O

K

.)

For K = Q(

K

are u = 1, and for both of these

we have u = u

3

. It follows that

y + 3

6 = u

3

= a + b

6

3

,

say. Equating the coecient of

2

6b

2

,

and so 1 = ba

2

2b

2

. Hence b = 1 and a

2

= 1, giving y = a

3

18b

2

a =

aa

2

18b

2

= 17. With these y the only possible x is 7, so that the

complete solution is x = 7, y = 17.

Example 9.5 Let K = Q(

163), so that O

K

= Z[

1

2

(1 +

163)] and

c

K

=

2

Thus the class group C

K

is generated by the classes of prime ideals dividing

(2), (3), (5) and (7), so we proceed to factor (2), (3), (5) and (7) in O

K

.

40

The minimal polynomial of

1

2

1 +

163 is x

2

x + 41. However we

nd that x

2

x + 41 x

2

+ x + 1 mod 2, which is irreducible. Thus (2) is

inert, so that the only prime ideal above 2 is (2), which is principal.

For p = 3, 5 and 7 it is enough to consider the factorisation of the polyno-

mial x

2

+163 mod p, since p does not divide the index [O

K

: Z[

163]] = 2.

x

2

+ 163 x

2

+ 1 mod 3, which is irreducible. Hence (3) is inert.

x

2

+ 163 x

2

+ 3 mod 5, which is irreducible. Hence (5) is inert.

x

2

+ 163 x

2

+ 2 mod 7, which is irreducible. Hence (7) is inert.

Thus the only relevant prime ideals are all principal; hence C

K

is trivial

and h

K

= 1. It follows that O

K

is a UFD. However, it is not a Euclidean

domain. (For this non-examinable fact see S&T, Theorem 4.18)

Note: it is known that there are only nitely many imaginary quadratic

elds K with h

K

= 1 (the proof of this is hard!). On the other hand it is

conjectured that O

K

is a UFD for innitely many real quadratic elds.

Proposition 9.6. The fact that h

K

= 1 for K = Q(

n

2

+ n + 41 is prime for 0 n 39.

Proof. Suppose n

2

+n+41 is not prime for some n < 40. Now n

2

+n+41 <

41

2

, and so n

2

+ n + 41 must have a prime factor q < 41.

Now

q[n

2

+ n + 41 =

_

n +

1

2

_

1 +

163

_

__

n +

1

2

_

1

163

_

_

.

However q clearly does not divide either factor in O

K

, and so q cannot be

prime in O

K

. Since we are in a UFD, it follows that q cannot be irreducible.

Thus q = where Norm

K/Q

() = Norm

K/Q

() = q.

If

= x + y

1 +

163

2

, x, y Z,

then

q = Norm

K/Q

() =

_

x +

y

2

_

2

+ 163

_

y

2

_

2

.

Since q is not a square we have y ,= 0, and we deduce that q 163/4 > 40,

which gives a contradiction.

41

For similar reasons

n

2

+ n + 17 is prime for 0 n 15 (consider Q(

67)).

n

2

+ n + 11 is prime for 0 n 9 (consider Q(

43)).

n

2

+ n + 5 is prime for 0 n 3 (consider Q(

19)).

n

2

+ n + 3 is prime for 0 n 1 (consider Q(

11)).

Example 9.7 [Paper B9 2005] Find the structure of the ideal class group

of O

K

for K = Q(

29).

Since 29 3 mod 4 we have O

K

= Z[

29], and

2

(K) = 4 29 =

116. Moreover n = 2 and s = 1, so that

c

K

=

_

2

Thus C

K

is generated by the classes of prime ideals dividing (2), (3) and (5).

We need to factor (2), (3), (5) in O

K

, using Theorem 7.2.

x

2

+29 (x +1)

2

mod 2, so that (2) = P

2

2

where P

2

:= (2,

29 +1)

is a prime ideal of norm 2.

x

2

+ 29 x

2

1 (x + 1)(x 1) mod 3, so that (3) = P

3

P

3

where

P

3

:= (3,

29 + 1) and P

3

:= (3,

of norm 3.

x

2

+ 29 x

2

1 (x + 1)(x 1) mod 5, so that (5) = P

5

P

5

with

P

5

:= (5,

29 + 1) and P

5

:= (5,

ideals of norm 5.

We have [P

2

]

2

= [P

3

][P

3

] = [P

5

][P

5

] = [O

K

]. Hence C

K

is generated by

[P

2

], [P

3

], [P

5

].

We proceed to nd the orders of these elements, and relations between

them:

We have Norm

K/Q

(x +y

29) = x

2

+ 29y

2

, so there are no elements in

O

K

of norms 2, 3, 5. Thus P

2

, P

3

, P

5

are not principal, and [P

2

] must

have order 2.

The only element O

K

of norm 9 is 3. Thus if P

2

3

= () we

must have P

2

3

= (3) = P

3

P

3

. However this would imply P

3

= P

3

, giving a

42

contradiction. Thus the order of [P

3

] is at least 3. Indeed it cannot have

order 3 since there are no solutions to x

2

+29y

2

= 27. We shall come back

to [P

3

] later.

Turning to [P

5

], note that 3

2

+292

2

= 125, so that N((3+2

29)) = 5

3

.

Hence (3 + 2

3

5

, P

2

5

P

5

, P

5

P

5

2

or P

5

3

. However 2 +

2

29 P

5

, giving 3+2

29 , P

5

. Hence P

5

does not divide (3+2

29).

It follows that (3 + 2

29) = P

5

3

, and, taking conjugates, we also have

(32

29) = P

3

5

. Hence [P

5

] has order dividing 3. Since P

5

is not principal,

it must have order exactly 3.

Finally we note that 30 = 1 +

291

29. Thus

(2)(3)(5) = (1 +

29)(1

29).

Now (2)(3)(5) = P

2

2

P

3

P

3

P

5

P

5

. So, in order to have the correct norm, we

see that (1

2

P

3

P

5

, P

2

P

3

P

5

, P

2

P

3

P

5

or P

2

P

3

P

5

. It

follows that at least one of these products is principal, and so one or other

(and hence both) of [P

3

] and [P

3

] = [P

3

]

1

is in the group generated by [P

2

]

and [P

5

].

We conclude that C

K

is an abelian group generated by an element of

order 2 and an element of order 3. Thus it is cyclic of order 6. (In fact

Norm(2 5

29) = 729 = 3

6

, and by the argument above we nd that

(2 + 5

29) = P

6

3

and (2 5

29) = P

3

6

.)

Example 9.8 [Paper B9 2005] Let K = Q(

K

= 2,

prove there are no integral solutions of the equation y

2

= x

3

37.

Suppose that x, y Z are such that y

2

+37 = x

3

. Then as ideals we have

(y +

37)(y

37) = (x)

3

.

We claim that (y +

37) and (y

that a prime ideal P divides both. Then y

2

37 P. Hence P[(2

or P[(

37).

Since O

K

= Z[

K

by using the decomposition of X

2

+ 37 modulo p. We have X

2

+ 37

(X +1)

2

mod 2, giving (2) = P

2

2

, where P

2

:= (2, 1 +

of norm 2. Similarly X

2

+37 X

2

mod 37 and hence (37) = (37,

37)

2

=

P

2

37

, where P

37

:= (

43

It follows that if P is a common factor of (y +

37) and (y

37)

then P = P

2

or P

37

. In either case, since P[(y +

3

and

taking norms we get 2[x

6

or 37[x

6

respectively. Hence either 2[x or 37[x, as

appropriate.

Suppose rstly that P = P

37

. Then 37[x, and since x

3

= y

2

+ 37 we

must also have 37[y. Thus 37

2

divides x

3

y

2

= 37, which is impossible.

Alternatively if P = P

2

, so that 2[x, we will have 8[x

3

. The equation y

2

+37 =

x

3

then implies that y

2

+ 1 0 mod 4, which is impossible.

Thus (y+

37) and (y

their product is (x)

3

, which is a cube. Hence by unique factorisation of ideals,

each of the two factors is a cube. In particular,

(y +

37) = I

3

for some ideal I. Since I

3

is principal, the order of [I] in C

K

divides 3.

However h

K

= 2, so I must be principal. Thus

(y +

37) = (a + b

37)

3

for some a, b Z. Hence y +

37 = u(a +b

37)

3

for some unit u O

K

.

However the only units are u = 1, which satisfy u = u

3

. Hence, on replacing

a, b by a, b if u = 1, we may assume that u = 1. Expanding and

comparing coecients we obtain

y = aa

2

111b

2

, 1 = b3a

2

37b

2

.

The second equation implies that b = 1 and 3a

2

37 = 1. Hence 3a

2

= 38

or 36, both of which are impossible.

Hence there are no solutions in integers.

10 The equation x

3

+ y

3

= z

3

In this section we will establish Fermats Last Theorem for cubes, that

x

3

+ y

3

= z

3

has no nontrivial (x, y, z all nonzero) solutions in Z.

We shall work in K = Q(

= (1 +

3)/2,

so that O

K

= Z[]. We begin by collecting together some basic facts.

44

Lemma 10.1. Let K = Q(

3) and = (1 +

3)/2.

(i) We have

3

= 1. Moreover the set of units of O

K

is 1, ,

2

.

(ii) The ring O

K

is a UFD.

(iii) The element :=

= ()(1 ) =

2

(1

2

).

Proof. (i) To nd the unit group we note that

Norm

K/Q

(a + b) = a

2

ab + b

2

, a, b Z.

Thus if Norm

K/Q

(a + b) = 1 then (2a b)

2

+ 3b

2

= 4, giving solu-

tions (a, b) = (1, 0), (0, 1) and (1, 1), which produce the six units

specied in the lemma.

(ii) See Problem sheet 2.

(iii) Trivial.

Lemma 10.2. If Z[] and does not divide , then

3

1 mod

4

.

We may use congruences in Z[] in precisely the same way as we are used

to in Z. In particular mod means that [ .

Proof. Since N(()) = 3 the quotient Z[]/() has 3 elements, which are

clearly 0 +(), 1 +() and 1 +(), since these are distinct. It follows that

+ () = 1 + (), so that we may write = 1 + for some Z[].

We now have

3

= 1 + 3 3

2

2

+

3

3

= 1

3

4

+

3

3

,

so that

3

1 + (

3

)

3

mod

4

.

However the coset +() must be one of 0 +(), 1 +() or 1 +(), so

that 0 or 1 mod . It follows that

3

mod whichever of these 3

cases holds. This yields [

3

and so

3

1 mod

4

as required.

To prove the non-existence of nontrivial solutions in Z to x

3

+y

3

= z

3

, it is

sucient to prove there are none in Z[]; if there were a non-trivial solution

in Z[], we could remove any common factor from x, y and z; indeed any two

45

of the variables would then have to be coprime (since any common factor of

two of x, y, z would also divide the remaining variable). We shall rst show

that at least one variable must be divisible by and then that we cannot

have any variable divisible by , to obtain a contradiction.

Lemma 10.3. If

3

+

3

=

3

with , , Z[], then divides at least

one of , or .

Proof. If divides none of , , then Lemma 10.2 yields

0 =

3

+

3

3

(1) + (1) (1) 3 or 1 mod

4

.

However

4

= (3)

2

= 9 which does not divide 3 or 1.

We shall now, over the next few lemmas, show that cannot have precisely

one variable divisible by .

Lemma 10.4. Let

3

+

3

=

3n

3

with n N, with a unit of Z[] and , , Z[] with , coprime and

not divisible by . Then n 2.

Proof. If either of or is a multiple of then the equation shows that

both are, since n 1. However this is impossible, as and are assumed to

be coprime. Thus neither of them is divisible by . Now Lemma 10.2 yields

3n

3

=

3

+

3

(1) + (1) 2 or 0 mod

4

,

so that n ,= 1.

Lemma 10.5. Under the conditions of the previous lemma each of the ele-

ments + , + and +

2

is divisible by . Moreover the quotients

+

,

+

,

+

2

Proof. We have

[

3

+

3

= ( + )( + )( +

2

),

46

so that must divide at least one of these factors. However is an associate

of 1 and 1

2

by Lemma 10.1. Hence

+ + +

2

mod .

It follows that all three factors are divisible by .

Moreover if divides both + and + then it divides

( + ) ( + ) = ( 1)

and also

( + ) ( + ) = (1 ).

Hence [ 1, since and are coprime. Similarly if divides both +

and +

2

then [

2

1, while if divides both + and +

2

then

[

2

. It follows in all three cases that [, since 1,

2

1 and

2

are each associates of . The second assertion of the lemma then follows.

Theorem 10.6. The equation

3

+

3

=

3n

3

with n N and a unit of Z[] has no solutions , , Z[] with ,

coprime and not divisible by .

Proof. We assume we have an admissible solution to

3

+

3

=

3n

3

,

with the minimal possible value of n. Then

3n

3

= ( + )( + )( +

2

)

and the previous two lemmas allow us to write

3(n1)

3

=

_

+

__

+

__

+

2

_

with coprime factors on the right, belonging to Z[]. Since the factors are

coprime there is one factor, ( +

j

)/ say, which is divisible by

3(n1)

.

Write =

j

; then:

3

=

_

+

3n2

__

+

__

+

2

_

47

with coprime factors on the right.

We now use the fact that Z[] is a UFD. We have three coprime factors

whose product is a unit times a cube, and we deduce that each factor must

be a unit times a cube, say

+

3n2

=

1

3

1

,

+

=

2

3

2

,

2

+

2

=

3

3

3

,

with =

1

3

(and where

2

,

3

have absorbed the extra factors ,

2

,

respectively). We now observe that

3(n1)

3

1

+

2

3

2

+

3

3

3

=

1

( + ) + ( +

2

) + (

2

+ )

= 0,

since 1 + +

2

= 0. We therefore obtain an equation

3

2

+

3

3

=

3(n1)

3

1

for appropriate units

and

. Moreover

2

and

3

are coprime, since

( +)/ and ( +

2

)/ were coprime; and does not divide

1

since it

did not divide .

After Lemma 10.4 we know that n 2, so that n 1 1 and

3

2

+

3

3

0 mod

3

.

From Lemma 10.2 we deduce that

1 mod

3

. However

3

does not

divide any of 1 or

2

1 since these are either units or associates of .

Thus only

form

3

2

+ (

3

)

3

=

3(n1)

3

1

,

contradicting the supposed minimality of n. This concludes the proof of the

theorem.

We are now in a position to prove our desired result.

Theorem 10.7. The equation x

3

+ y

3

= z

3

has no nontrivial (x, y, z all

nonzero) solutions in Z.

48

Proof. Any such solution must also give a solution in Z[]. Remove any

common factor from x, y, z, which means they must be coprime in pairs

(since any common factor of two of x, y, z would also divide the remaining

variable). By Lemma 10.3, at least one of x, y, z must be a multiple of ,

and indeed only one, since the variables are coprime in pairs. We extract

the largest possible power of from this variable,

n

say, and use = 1

(and replace some of x, y, z with x, y, z, as needed) to put the equation

into the form described in Theorem 10.6, which we have shown to have no

solution.

49

- JTPC1386Uploaded byadnan.tamim
- The Prime Facts: From Euclid to AKSUploaded byStyles Togashi
- 7-5Uploaded byksr131
- Prime Numbers and Their ApplicationUploaded byTanmayan Pande
- On Cavalieri's ConjectureUploaded bySreekar Saha
- (Lecture Notes in Computer Science 9061) Çetin Kaya Koç, Sihem Mesnager, Erkay Savaş (Eds.)-Arithmetic of Finite Fields_ 5th International Workshop, WAIFI 2014, Gebze, Turkey, SeptemUploaded byYehuda Giay
- Math 780 NotesUploaded byVlad Copil
- Factorization of a 768-Bit RSA Modulus, Thorsten Kleinjung, 2010Uploaded byMike Gordon
- Algebraic Number TheoryUploaded byKoong Suwit
- Numbers chap78Uploaded byRoderick Gatdula
- Iyanaga S. - Algebraic Number TheoryUploaded byJohnny
- Recommended Elliptic Cur Ves for Federal GovernmentUploaded bymehmetibrahim
- 005 OverviewUploaded bymilan_aryal
- nbhm_msc05Uploaded bysaradha_ramachandran
- Uniqueness Results for Mult Max VariablesUploaded byAnatol89
- hw3Uploaded byAswani Kumar
- Wolstenholme's TheoremUploaded byanon020202
- Implementation of Rsa Key Generation Based on Rns Using VerilogUploaded byxsantkomba
- Model Theory NotesUploaded byJoshua
- Poincare Birkhoff Witt Type Results for Inclusions of Lie AlgebrasUploaded byrodi1
- Algebra Abstrata Ufrj LucianeUploaded bychmorais
- Sage TutorialUploaded byzonacolor
- GIAAV2.0-T.pdfUploaded bytbrackman99
- Icpc TrainingUploaded byMahmoud Khalaf

- 【华泰金工】基本面选股3：华泰价值选股系列之相对市盈率20161206.pdfUploaded byChung Chee Yuen
- 北大纵横 - 新太科技战略咨询组织结构设计Uploaded byChung Chee Yuen
- 106罗兰贝格_供应链重组培训材料Uploaded byChung Chee Yuen
- 申万宏源 基于估值、情绪及流动性指标的市场底部分析：主动量化之基本面择时模型 180807Uploaded byChung Chee Yuen
- ZeemanUploaded byChung Chee Yuen
- 5公司估值方法Uploaded byChung Chee Yuen
- 181埃森哲_建立世界级的财务和业绩管理能力Uploaded byChung Chee Yuen
- 11_【方法篇】_wayUploaded byChung Chee Yuen
- 10_【并购及杠杆收购】_malboUploaded byChung Chee Yuen
- 【华泰金工】基本面选股9：华泰价值选股之相对市盈率港股模型20170719Uploaded byChung Chee Yuen
- 9_投行技术面试【估值】_valUploaded byChung Chee Yuen
- 申万宏源 申万主动量化之欧奈尔canslim选股模型：基本面与技术面的共振 180807 (1)Uploaded byChung Chee Yuen
- 187埃森哲--中国电信市场营销再造项目Uploaded byChung Chee Yuen
- 【华泰金工】基本面选股1：华泰基本面选股之高股息率模型20160626Uploaded byChung Chee Yuen
- 107罗兰贝格_连锁经营中的缺货管理Uploaded byChung Chee Yuen
- Discrete Mathematics Asssignment 3Uploaded byChung Chee Yuen
- Problem Set ZeroBonds SOLUploaded byChung Chee Yuen
- Lec 36 Proofs of Hilbert ProjectionsUploaded byChung Chee Yuen
- Module0(1)(2)Uploaded byChung Chee Yuen
- Module0(1)(2)Uploaded byChung Chee Yuen
- Lec 1 and 2 Housekeeping and ExamplesUploaded byChung Chee Yuen
- BF 2011-Sample Final 1 SolutionsUploaded byChung Chee Yuen
- Mast 20009 Exam 2015Uploaded byChung Chee Yuen
- Lec3and4HolderinequalitesUploaded byChung Chee Yuen
- phyc10001_lecture_29_waves5web.pdfUploaded byChung Chee Yuen
- MAST20004 14 Assign4 SolUploaded byChung Chee Yuen
- 2014s2Uploaded byChung Chee Yuen
- Lecture 1 Metric Hilbert 150728Uploaded byChung Chee Yuen
- Phyc10001 Lecture 25 Waves1webUploaded byChung Chee Yuen
- Lec 10 Interiors Closures 16082016Uploaded byChung Chee Yuen

- Curve BookUploaded byviswan2
- Ppl PrologUploaded byapi-3813937
- Abstract AlgebraUploaded byAbigail Mensah
- Natural Neutrosophic Numbers and MOD Neutrosophic NumbersUploaded byAnonymous 0U9j6BLllB
- PBS Secondary 1- Chapter 2(Answer)Uploaded byJaymani Rasiklal
- Hojoo Lee PenUploaded bytranhason1705
- Solutions to Atiyah and MacDonald’s Introduction to Commutative AlgebraUploaded byJan Hula
- Free PDF Modular ArithmeticUploaded byGordo
- Annihilators.dviUploaded byverdos
- Quasi ModuleUploaded byforimmodule
- Maths - Number SystemUploaded byabhishek123456
- Natural NumbersUploaded bydeer11014
- Math202hw3solsUploaded byMorvaridYi
- Number TheoryUploaded byErica S Erica
- ChineseRemainderThm.articleUploaded bymohit009dude
- Jordan Holder Theorem ReferenciaUploaded byVictor Pretti
- Commutative Algebra Sharp PDFUploaded byChris
- Number System1 1Uploaded byAnonymous Ptxr6wl9Dh
- Lifting the Exponent Lemma - Version 4Uploaded bymario
- 413 Notes 10Uploaded byJosue Ccm
- Dedekind - BiographyUploaded bycharlie gotauco
- Bch CodesUploaded byebenpradeep
- Multiply Divide Integers Fact SheetUploaded byayuni87
- exsht1Uploaded byaman1794
- Theta Number Theory Test (1)Uploaded byمحمد حسن أبو حذيفة
- Number TheoryUploaded bykwong
- Ammoi MathsUploaded byAruna Madasamy
- Number Theory(2)Uploaded bySkartoulis Michael
- Knots and PrimesUploaded bymare
- Number Fields SolutionsUploaded byanhsieh