You are on page 1of 49

# B9 Algebraic Number Theory

## Victor Flynn (ynn@maths.ox.ac.uk)

January 2013
These notes are modied from previous versions (due to Neil Dummigan,
Alan Lauder and Roger Heath-Brown) and have been recently revised by
me. They draw mainly upon A Classical Introduction to Modern Num-
ber Theory, by Ireland and Rosen, and Algebraic Number Theory, by
Stewart and Tall. While I take full responsibility for their current contents,
considerable thanks are clearly due to Neil, Alan and Roger.
I will be pleased to hear of any misprints ar errors!
Email me at flynn@maths.ox.ac.uk.
Throughout these notes we use the abbreviation NE for not examinable
in this course.
Lectures will omit some of the non-examinable proofs, and some of the
examples in Section 9. However these should prove helpful for examination
revision.
Useful texts
Algebraic Number Theory and Fermats Last Theorem, I. Stewart and D.
Tall, Third Edition. We shall frequently cite this as S&T.
Older editions under the name Algebraic Number Theory will also suf-
ce.
Other useful but more advanced references:
A Classical Introduction to Modern Number Theory, (Chapter 12) K. Ireland
and M. Rosen
Algebraic Number Theory, A. Frohlich and M.J. Taylor
A Course in Computational Algebraic Number Theory, H. Cohen.
1
1 Introduction
1.1 Motivation
Consider Fermats Last Theorem which asserts that x
n
+ y
n
= z
n
has no
solution x, y, z Z (x, y, z all nonzero) if n N, n 3. It is sucient to
prove this for n = 4 and n = p 3 prime [since any n 3 is divisible by 4
or some prime p 3; if n = 4k, then any solution to x
n
+y
n
= z
n
would give
(x
k
)
4
+ (y
k
)
4
= (z
k
)
4
; similarly if n = pk, then any solution to x
n
+ y
n
= z
n
would give (x
k
)
p
+ (y
k
)
p
= (z
k
)
p
].
Fermat himself proved the result for n = 4 after which it remained to
prove it for n = p 3 prime. Let
p
= exp(2i/p) C and let K := Q(
p
).
Factoring the left hand side in Z[
p
] we see that
(x + y)(x +
p
y) . . . (x +
p1
p
y) = z
p
.
Now in Z it is true that if a
1
. . . a
p
= b
p
and the a
i
have no common factors,
then each a
i
is an p-th power, by the unique factorisation property of Z. To
make progress on Fermats Last Theorem it would be useful to know whether
an analogous result holds true in Z[
p
]. More generally we might ask what
sort of number theory can we do in a ring such as Z[
p
]? In particular do we
still have an analogue of unique factorisation into primes?
These are the questions addressed in this course.
1.2 Background material
We need to know the statements (but not proof) of various pre-requisites
for this course. Firstly we have, some results from Polynomial Rings and
Galois Theory.
Lemma 1.1 (Gausss Lemma). Let p(t) Z[t] be irreducible in Z[t]; then it
is also irreducible in Q[t].
Proof. NE. See S&T, page 18, Lemma 1.7. The broad strategy is to imagine
p(t) were reducible over Q, with p(t) = g(t)h(t) where g(t), h(t) Q[t], and
then show there exists Q, ,= 0, such that g,
1
h Z[t] (the existence
of such is sometimes included in the statement of Gauss Lemma).
Theorem 1.2 (Eisenstein). Let f(t) = a
0
+a
1
t + +a
n
t
n
Z[t]. Suppose
there exists a prime p such that p does not divide a
n
, but p divides a
i
for
2
i = 0, . . . , n 1, and p
2
does not divide a
0
. Then, apart from constant
factors, f(t) is irreducible over Z, and hence irreducible over Q.
Such a polynomial is said to be Eisenstein with respect to the prime p.
Note also: irreducible over K is just another way of saying: irreducible in
K[t].
Proof. NE. See S&T, page 19, Theorem 1.8.
Denition 1.3. A number eld (or algebraic number eld) is a nite ex-
tension K of Q. The index [K : Q] is the degree of the number eld.
Theorem 1.4. If K is a number eld then K = Q() for some (algebraic)
number K.
Proof. NE. See S&T, page 32, Theorem 2.2.
Theorem 1.5. Let K = Q() be a number eld of degree n over Q. Then
there are exactly n distinct monomorphisms (embeddings)

i
: K C (i = 1, . . . , n).
The elements
i
() are the distinct zeros in C of the minimal polynomial m

of over Q.
If
i
(K) R then
i
is called a real embedding, and otherwise it is called
a complex embedding.
Recall that a monomorphism is a one-to-one map satisfying ( + ) =
() + () and () = ()().
Proof. NE. See S&T, page 38, Theorem 2.4.
We now have some elementary results on free abelian groups. We shall
express such groups with the operation written additively.
Denition 1.6. A square matrix over Z is unimodular if it has determinant
1.
Note that A is unimodular if and only if A
1
has coecients in Z.
3
Lemma 1.7. Let G be a free abelian group of rank n with Z-basis x
1
, . . . , x
n
.
Suppose (a
ij
) is an n n matrix with integer entries. Let
y
i
=

j
a
ij
x
j
(1 i n).
Then the elements y
1
, . . . , y
n
form a Z-basis for G if and only if (a
ij
) is
unimodular.
Proof. NE. See S&T, page 28, Lemma 1.15.
Theorem 1.8. Let G be a free abelian group of rank n, and H a subgroup.
Then G/H is nite if and only if H has rank n. Moreover, if G and H have
Z-bases x
1
, . . . , x
n
and y
1
, . . . , y
n
with y
i
=

j
a
ij
x
j
we have
#G/H = [ det(a
ij
)[.
Proof. NE. See S&T, page 30, Theorem 1.17.
2 Discriminants, Norms and Traces
Denition 2.1. Let K/Q be an algebraic number eld of degree n, and let
K. Let
i
: K C be the n embeddings, i = 1, . . . , n. The
i
() are
called the (K-)conjugates of . Dene the trace Tr
K/Q
() =

n
i=1

i
() and
norm Norm
K/Q
() = N
K/Q
() = N() =

n
i=1

i
(). When K = Q()
these are called the absolute conjugates, trace and norm.
For any K = Q(), suppose that has minimal polynomial m

(X). If

1
, . . . ,
n
are the n roots of m

## in C then one can choose the embeddings so

that
i
:
i
.
We record the trivial properties:-
Norm
K/Q
() = Norm
K/Q
()Norm
K/Q
();
Norm
K/Q
() = 0 if and only if = 0;
Norm
K/Q
(q) = q
n
for q Q.
If K = Q() and m

(X) = X
n
+ c
n1
X
n1
+ + c
0
, then we have
Tr
K/Q
() = c
n1
and Norm
K/Q
() = (1)
n
c
0
. In particular the norm and
trace are in Q.
More generally, for any K = Q(), K, the norm and trace of are
symmetric functions of the conjugates
i
(), and are therefore in Q.
4
Denition 2.2. Let w = w
1
, . . . , w
n
be an n-tuple of elements of K, where
n = [K : Q].
The determinant is (w) := det(
i
(w
j
)), i.e., the determinant of the
n n matrix whose (i, j)th entry is
i
(w
j
).
The discriminant of w is (w)
2
. [sometimes also written as
2
(w).]
*Warning*: S&T and some other books use where we write
2
(!).
Lemma 2.3. We have (w)
2
= det(Tr
K/Q
(w
i
w
j
)), and so (w)
2
Q.
Proof. Let A = (
i
(w
j
)). Then
(w)
2
= det(A)
2
= det(A
T
A) = det
_

k
(w
i
)
k
(w
j
)
_
= det
_

k
(w
i
w
j
)
_
= det(Tr
K/Q
(w
i
w
j
)).
Lemma 2.4. If v = v
1
, . . . , v
n
is a basis for K/Q and w = w
1
, . . . , w
n

K, with w
i
=

j
c
ij
v
j
and c
ij
Q, then
(w) = det(C)(v) where C = (c
ij
).
Proof. Left as exercise.
Lemma 2.5. If K = Q() and v = 1, , . . . ,
n1
then
(v)
2
=

i<j
(
j

i
)
2
.
Here
1
, . . . ,
n
are the conjugates of .
Proof. We have
(v) =

1
1

2
1
. . .
n1
1
1
2

2
2
. . .
n1
2
.
.
.
.
.
.
1
n

2
n
. . .
n1
n

5
(This is a so-called van der Monde determinant.) We can view this as a
polynomial of degree n(n 1)/2 in
1
, . . . ,
n
. Since it vanishes when we
set
i
=
j
the polynomial is divisible by
i

j
for all i < j. There
are n(n 1)/2 of these factors. Hence, on checking that the coecient of

2
3
. . .
n1
n
is +1 we deduce that
(w) =

i<j
(
j

i
).
Corollary 2.6. (w
1
. . . , w
n
) ,= 0 if and only if w
1
. . . , w
n
is a basis for
K/Q.
Proof. Suppose K = Q() and v = 1, , . . . ,
n1
are as in the previous
lemma. Since the
i
are distinct, (v) ,= 0. By Lemma 2.4, (w) ,= 0
for any other basis w of K/Q. If w is not a basis then det(C) = 0 and so
(w) = 0.
3 The Ring of Integers
Denition 3.1. We say that K is an algebraic integer if and only if
there exists a monic g(x) Z[x] such that g() = 0. Dene O
K
as the set
of all algebraic integers in K.
We shall see that the set O
K
will bear the same relation to K as Z does
to Q.
Note 3.2
1. Suppose K. Then O
K
if and only if the minimal polynomial
m

## (x) is in Z[x], by Gausss lemma.

2. Suppose K and
d
+ a
d1

d1
+ + a
0
= 0, a
i
Q. If n Z
then
(n)
d
+ na
d1
(n)
d1
+ + n
d
a
0
= 0.
Choosing n to clear the denominators of all the a
i
we can get n O
K
.
3. The mininum polynomial of r Q is x r which is in Z[x] if and only
if r Z. Hence if K = Q then O
K
= Z. Generally, Z O
K
.
6
Example 3.3 Let K = Q(

## d), where d Z, d ,= 1, with d squarefree

(i.e. there is no prime p for which p
2
[d). Then [K : Q] = 2, and K has a
Q-basis 1,

d. If a, b Q then = a + b

d K. Since
1
() = a + b

d
and
2
() = a b

d we have Tr
K/Q
() = 2a and Norm
K/Q
() = a
2
db
2
.
Moreover m

(x) = x
2
2ax + (a
2
db
2
) (if b ,= 0). Hence O
K
if and
only if 2a, a
2
db
2
Z.
Suppose O
K
. Then (2a)
2
d(2b)
2
Z, giving d(2b)
2
Z. Writing
2b = u/v (u, v Z) we have du
2
v
2
Z, so that v
2
[du
2
. Since d is squarefree
this implies v[u, giving 2b Z. Write 2a = A, 2b = B, with A, B Z.
Then a
2
db
2
Z, so that A
2
dB
2
mod 4. Now observe that any square
is congruent to 0 or 1 modulo 4.
Case 1: Suppose d 2 or 3 mod 4. Then we must have A, B even, and
a, b Z.
Case 2: Suppose that d 1 mod 4. This implies that A B mod 2,
so a, b are both in Z or both in Z +
1
2
.
Of course we cannot have d 0 mod 4 since d is squarefree. We conclude
that
O
K
=
_
1,

d = m + n

d : m, n Z, d 2, 3 mod 4,
1,
1+

d
2
= m + n
1+

d
2
: m, n Z, d 1 mod 4.
e.g. In Q(i) we have
1
2
+
2
3
i K and 1 + 5i O
K
. In Q(

3) we
have
3
5

3 K,
1
2
+

3
2
O
K
. (The latter has minimal polynomial
x
2
+ x + 1).
We now require a little about modules.
Denition 3.4. Let R be an integral domain. An R-module M is an abelian
group (which we shall write additively) with a map RM M, (r, m) rm
such that
(r
1
+ r
2
)m = r
1
m + r
2
m, (r
1
r
2
)m = r
1
(r
2
m)
r(m
1
+ m
2
) = rm
1
+ rm
2
, 1m = m
for all r, r
1
, r
2
R and m, m
1
, m
2
M.
7
Example 3.5
1. Let R be a eld and M a vector space over R. Then M is an R-module.
2. If R = Z and M is any additive abelian group then M is an R-module.
We say that M is nitely generated if there exist m
1
, . . . , m
k
M such
that
M = r
1
m
1
+ + m
k
r
k
: r
1
, . . . , r
k
R.
Lemma 3.6. K is an algebraic integer if and only if there exists a
nonzero nitely generated Z-module M K such that M M.
Proof. Suppose O
K
, say
d
+ a
d1

d1
+ + a
0
= 0, with a
i
Z. Let
M = Z[] = f() : f(x) Z[x] K. Then M = 1, , . . . ,
d1
and
M M, since (
d1
) =
d
=

d1
i=0
a
i

i
M.
Conversely, suppose M K is a nonzero nitely generated Z-module
such that M M. Take w
1
, . . . , w
s
to be a generating set for M. Let
w
i
=

j
c
ij
w
j
, c
ij
Z.
Putting C = (c
ij
) we see that
(I C)
_
_
_
_
_
w
1
w
2
.
.
.
w
s
_
_
_
_
_
=
_
_
_
_
_
0
0
.
.
.
0
_
_
_
_
_
so that satises det(xI C) = 0, a monic polynomial with integer coe-
cients. Hence O
K
.
Theorem 3.7. Let K be an algebraic number eld. If , O
K
then
+ , O
K
.
Hence O
K
is a ring, called the ring of integers of K.
Proof. Suppose , O
K
. Let M, N K be nitely generated Z-modules,
generated respectively by v
1
, . . . , v
d
and w
1
, . . . , w
e
, such that M M
and N N. Consider
MN :=
k

i=1
m
i
n
i
: m
i
M, n
i
N.
8
Then MN is nitely generatedy (by v
i
w
j
: 1 i d, 1 j e) and in
K. Moreover,
( + )MN (M)N + M(N) MN
()MN (M)(N) MN.
It follows from Lemma 3.6 that + , O
K
.
Corollary 3.8. If O
K
then Tr
K/Q
(), Norm
K/Q
() Z.
Proof. Assume that O
K
. Then all the K/Q-conjugates
1
, . . . ,
n
belong
to O
L
(where L is the splitting eld of the polynomial m

(x)(= m

i
(x))).
Thus Tr
K/Q
() =
1
+ +
n
O
L
and Norm
K/Q
() =
1
. . .
n
O
L
, by
Theorem 3.7. However Tr
K/Q
(), Norm
K/Q
() Q, and Q O
L
= Z.
Denition 3.9. O
K
is a unit if and only if
1
O
K
.
Proposition 3.10. O
K
is a unit if and only if Norm
K/Q
() = 1.
Proof. Suppose is a unit. Then
Norm
K/Q
()Norm
K/Q
(
1
) = Norm
K/Q
(
1
) = Norm
K/Q
(1) = 1.
However Norm
K/Q
() and Norm
K/Q
(
1
) are in Z, so both are 1.
Conversely, suppose that Norm
K/Q
() = 1. Let
1
, . . . ,
n
be the K/Q-
conjugates, with =
1
, say. Then
1
. . .
n
= 1, so that (
2
. . .
n
) =
1. Hence
1
= (
2
. . .
n
), which by Theorem 3.7 lies in O
L
. However
we know that
1
lies in K, and so
1
O
L
K = O
K
.
Denition 3.11. We say that w
1
, . . . , w
n
O
K
is an integral basis for O
K
if O
K
=

j
c
j
w
j
: c
j
Z.
It can easily be shown that the above denition is equivalent to saying
that w
1
, . . . , w
n
is a Z-basis for O
K
. We shall show that every O
K
has an
integral basis. The set w
1
, . . . , w
n
is sometimes called an integral basis for
O
K
, and sometimes just an integral basis for K.
Example 3.12 K = Q(

## d), d squarefree integer; [K : Q] = 2; O

K
has
integral basis
_
1,

d, d 2, 3 mod 4,
1,
1+

d
2
, d 1 mod 4.
9
Note 3.13 Let v = v
1
, . . . , v
n
and w = w
1
, . . . , w
n
be any two Q-bases
of K. Let M = v
1
, . . . , v
n

Z
and N = w
1
, . . . , w
n

Z
, as Z-submodules of
K. Suppose v, w O
K
, then (v)
2
, (w)
2
Z. (Recall that (v)
2
=
det(Tr
K/Q
(v
i
v
j
)).) Suppose N M. Then there exist c
ij
Z such that
w
i
=

n
j=1
c
ij
v
j
. Let C = (c
ij
). Then by Theorem 1.8 we have
[ det(C)[ = [M : N] = #M/N = m, say,
as additive groups. So by Lemma 2.4 we have
(w)
2
= (det(C))
2
(v)
2
= m
2
(v)
2
.
If M = N then det(C) = 1 by Lemma 1.7, and (w)
2
= (v)
2
.
This allows us to make the following denition.
Denition 3.14. Let M be any subset of O
K
which has a Z-basis. Dene
(M)
2
:= (w)
2
for any Z-basis w of M.
Note that if N M then (N)
2
= m
2
(M)
2
, and so in particular
(M)
2
[(N)
2
.
Theorem 3.15 (Integral Basis Theorem). The ring O
K
has an integral basis
(that is, a Z-basis).
Proof. Let v = v
1
, . . . , v
n
be any Q-basis for K. Multiplying each v
i
by a suciently large integer, we may suppose that v O
K
. Let M =
v
1
, . . . , v
n

Z
. Then (M)
2
,= 0 (and Z) since v
1
, . . . , v
n
are Q-linearly
independent. Choose the basis v such that [(M)
2
[ is minimal.
Claim: M = O
K
, so that v
1
, . . . , v
n
is an integral basis.
Proof of claim: Suppose there exists O
K
such that , M. Certainly
=

n
j=1
c
j
v
j
with c
j
Q. Then for any j and any m Z we have
+ mv
j
O
K
but + mv
j
, M. Hence by adding suitable Z-multiples of
the v
j
to we may assume that [c
j
[ 1/2. Moreover, since , M there
exists j such that c
j
,= 0. Choose such a j.
10
Let w be a new Q-basis for K obtained from v by replacing v
j
by . Then
w O
K
. The change of basis matrix
C =
_
_
_
_
_
_
_
_
_
1 0 . . . 0
0 1 . . . 0
.
.
.
.
.
.
c
1
. . . c
2
. . . c
n
.
.
.
.
.
.
0 0 . . . 0 1
_
_
_
_
_
_
_
_
_
has determinant c
j
. Hence
[(w)
2
[ = c
2
j
[(v)
2
[ < [(v)
2
[,
by Note 3.13, contradicting the minimality of [(v)
2
[. So such does not
exist, and M = O
K
.
We can therefore dene (O
K
)
2
, as in Denition 3.14, to be (w)
2
,
where w is any integral basis of O
K
; we also dene (K)
2
to be the same as
(O
K
)
2
.
The following proposition will be helpful for nding an integral basis
for O
K
.
Proposition 3.16. Let w = w
1
, . . . , w
n
be any Q-basis for K such that
w O
K
. Let M = w
1
, . . . , w
n

Z
and let M ,= O
K
. Then there exist p
prime with p
2
[(M)
2
and c
1
, . . . , c
n
Z, not all divisible by p, such that
1
p
(c
1
w
1
+ . . . + c
n
w
n
) O
K
.
Proof. Let m = [O
K
: M] > 1, so that [(M)
2
[ = m
2
[(O
K
)
2
[. Since
m > 1, there is a prime p dividing m, so that p
2
[(M)
2
. Since m = #O
K
/M
we conclude (by a theorem of Cauchy on nite groups) that O
K
/M has an
element of order p. Let + M be such an element. Then =

d
j
w
j
with
d
j
Q. Moreover p M so that all pd
j
Z. Hence =
1
p

j
c
j
w
j
with
c
j
Z not all being mutiples of p.
We now describe how to go about nding an integral basis for O
K
, where
[K : Q] = n.
1. Let w = w
1
, . . . , w
n
be any Q-basis for K such that w O
K
. Cal-
culate (w)
2
. Let M = w
1
, . . . , w
n

Z
. We know M O
K
.
11
2. If [O
K
: M] = m, then [(M)
2
[ = m
2
[(O
K
)
2
[. If (M)
2
is squarefree
then m = 1 and O
K
= M. Otherwise (and if O
K
,= M), by Proposi-
tion 3.16, there exist p prime with p
2
[(M)
2
and c
1
, . . . , c
n
Z, not
all divisible by p, such that
1
p
(c
1
w
1
+ . . . + c
n
w
n
) O
K
.
3. Hence if (M)
2
is not squarefree than for each prime p such that
p
2
[(M)
2
, we look for O
K
of the form =
1
p

j
c
j
w
j
with c
j
Z,
not all divisible by p. Suppose that p does not divide c
j
for j = k.
Multiplying through by r Z such that rc
k
1 mod p, we may assume
that c
k
1 mod p. Subtracting integer multiples of the w
i
we may
assume that 0 c
i
< p for all i, and so c
k
= 1. Replacing w
k
by our
new we get another basis, spanning a Z-module M

## , say. The change

of basis matrix is
_
_
_
_
_
_
_
_
_
1 0 . . . 0 0
0 1 . . . 0 0
.
.
.
.
.
.
c
1
/p . . . . . . c
n
/p
.
.
.
.
.
.
0 0 . . . 0 1
_
_
_
_
_
_
_
_
_
and so (M

)
2
=
1
p
2
(M)
2
.
4. Repeat the whole process with M

## instead of M. If does not exist

(there are only nitely many possibilities to check, since we only need
to check each c
i
in the range 0 c
i
< p) then p cannot divide m.
Eventually we reach a basis for which none of the available primes
divide m, so that m = 1 and we have arrived at an integral basis.
Example 3.17 K = Q(

d.
Then 1,

d O
K
and
(1,

d)
2
=

d
1 +

2
= 4d.
Since d is squarefree the only prime p such that p
2
[(1,

d)
2
is p = 2.
12
Case 1: d 1 mod 4. We nd
1
2
(1 +

d) O
K
(This element has
minimal polynomial x
2
x + (1 d)/4 Z[x]). In this case we nd
(1,
1
2
(1 +

d))
2
=
1
2
2
4d = d.
Case 2: d , 1 mod 4. Then
1
2
(1 +

d) , O
K
since x
2
x +
1d
4
, Z[x].
The only other cases to check are
1
2
,
1
2

## d, which are not in O

K
. Since
we did not nd any , we conclude that 2 does not divide the index
m = [O
K
: 1,

d
Z
]. Hence 1,

d is an integral basis.
4 Cyclotomic elds
None of the proofs in this section are examinable!
Let p > 2 be a prime and
p
:= e
2i/p
, so that
p
p
= 1. Let K = Q(
p
), a
cyclotomic eld. Clearly :=
p
satises
f(x) =
x
p
1
x 1
= x
p1
+ x
p2
+ + x + 1.
Lemma 4.1. f(x) is irreducible in Q[x].
Proof. Let g(x) = f(x + 1). It suces to show g(x) is irreducible. But
g(x) =
(x + 1)
p
1
(x + 1) 1
= x
p1
+ px
p2
+ + p.
Since p divides all the coecients apart from the rst, but p
2
does not divide
the nal coecient p, the polynomial g(x) is irreducible over Z by Eisensteins
criterion and so over Q by Gauss Lemma.
Corollary 4.2. [K : Q] = p 1.
So a regular p-gon can be constructed with a ruler and compass only if
p 1 is a power of 2.
The roots of x
p1
+ x
p2
+ . . . x + 1 are ,
2
, . . . ,
p1
. These are the
conjugates of , and so f(x) =

p1
i=1
(x
i
).
13
Note 4.3
1. Norm
K/Q
(1 ) =

p1
i=1
(1
i
) = f(1) = p
2. Norm
K/Q
(1 ) = Norm
K/Q
( 1) since p 1 is even. Thus 1 has
minimal polynomial g(x) = f(x + 1).
[this last statement uses: f(x+1) = Norm
K/Q
(x+1) = Norm
K/Q
(x
( 1)) = minimal polynomial of 1.]
Lemma 4.4. If w = 1, , . . . ,
p2
then (w)
2
= (1)
(p1)/2
p
p2
.
Proof. From Question 6 on Problem Sheet 1 we see that
(1, , . . . ,
p2
)
2
= (1)
(p1)(p2)/2
Norm
K/Q
(f

()).
Here K = Q() and
f(x) =
x
p
1
x 1
.
Since p is odd the rst factor reduces to (1)
(p1)/2
. Now
f

(x) =
(x 1)px
p1
(x
p
1)
(x 1)
2
and so
f

() =
p
p1
1
.
Hence from Note 4.3 above,
Norm
K/Q
(f

()) =
Norm
K/Q
(p)Norm
K/Q
()
p1
Norm
K/Q
(1 )
=
(p)
p1
1
p1
p
= p
p2
as required.
Theorem 4.5. The set 1, , . . . ,
p2
is an integral basis for O
K
.
Proof. Let = 1. Certainly we have Z[] = Z[]. We shall show that
1, , . . . ,
p2
is an integral basis.
By Lemma 4.4 and Note 3.13 we see that
(Z[])
2
= (Z[])
2
= (1)
(p1)/2
p
p2
.
14
Hence p is the only prime whose square divides (Z[])
2
. It follows that p is
the only prime which may divide [O
K
: Z[]]. If O
K
,= Z[] then there exists
O
K
such that
=
1
p
p2

j=0
c
j

j
,
with c
j
Z not all divisible by p. Let r be minimal such that p does not
divide c
r
. We may assume c
j
= 0 for j < r by subtracting integer multiples
of the basis elements. Now
p2r
O
K
, since and are in O
K
. Write

p2r
=
1
p
(c
r

p2
+ c
r+1

p1
+ + c
p2

2p4r
). (4.1)
Then

p1
= p
p2

p(p 1)
2

p3
p
and so p
1

p1
O
K
. Hence by subtracting multiples of this from both sides
of (4.1) we see that p
1
c
r

p2
O
K
. However
Norm
K/Q
_
c
r
p

p2
_
=
_
c
r
p
_
p1
p
p2
=
c
p1
r
p
,
since Norm
K/Q
() = p and Norm
K/Q
(c
r
/p) = (c
r
/p)
p1
. This, nally, con-
K/Q
() Z for all O
K
, since p does not
divide c
r
.
5 Unique Factorisation Domains
5.1 Revision from Part A Algebra
Let R be an integral domain.
Denition 5.1.
1. R is a unit if and only if there exists R such that = 1. The
units in R form a group under multiplication; the group of units.
2. , R are associates if and only if there exists a unit u R such
that = u.
15
3. A nonzero, non-unit element R is irreducible if ( = or
is a unit). We write [ if there exists R such that = .
4. A nonzero, non-unit element R is prime if ([ [ or [).
A prime element in R is irreducible (Problem Sheet 2).
Denition 5.2. Let R be an integral domain. R is a Euclidean domain (ED)
if and only if there exists a function (a Euclidean function) d : R0
N 0 such that
1. For all a, b R with b ,= 0, there exist q, r R such that a = qb + r
and either r = 0 or d(r) < d(b).
2. For all nonzero a, b R, d(a) d(ab).
Denition 5.3. R is a principal ideal domain (PID) if and only if every
ideal is principal (recall that I is an ideal if it is an additive subgroup of R
and r R, a I, ra I; furthermore I is principal if it is of the form
() = r : r R).
Denition 5.4. R is a unique factorisation domain (UFD) if and only if for
all nonzero and non-unit R there exist irreducible
1
, . . . ,
n
R such
that
1. =
1
. . .
n
2. If =
1
. . .
m
with irreducible
i
, then m = n and there exists a
permutation of 1, . . . , n such that
i
and
(i)
are associates.
In Part A algebra you proved:
R a ED R a PID R a UFD.
In an integral domain R in which factorisation into irreducibles is possible
then this factorisation is unique if and only if all irreducible elements are
prime (Problem Sheet 2).
16
5.2 Some applications of unique factorisation
First, a useful lemma:
Lemma 5.5. Let O
K
be the ring of integers in a number eld K, and ,
O
K
. Then
1. is a unit (in O
K
) if and only if Norm
K/Q
() = 1.
2. If and are associates (in O
K
) then Norm
K/Q
() = Norm
K/Q
().
3. If Norm
K/Q
() is a rational prime, i.e. a prime number in Z, then
is irreducible in O
K
.
Proof. 1. Proposition 3.10.
2. We have = u with u a unit, and so:
Norm
K/Q
() = Norm
K/Q
(u)Norm
K/Q
() = Norm
K/Q
(), by part 1.
3. Let = . Then Norm
K/Q
() = p = Norm
K/Q
()Norm
K/Q
() for
some prime p Z. The result now follows from 1.
The converses of 2 and 3 are false (see later the proof of Proposition 5.8).
Application (1). Take K = Q(i), so that O
K
= Z[i]. This is a UFD (the
Gaussian Integers) see Problem Sheet 2. We have Norm
K/Q
(a + bi) =
a
2
+ b
2
, so that the only units are 1, i, by Proposition 3.10.
Theorem 5.6 (Fermat/Euler). If p is a prime, and p 1 mod 4, then there
exist a, b Z such that p = a
2
+ b
2
, and this decomposition is unique. [here
unique means: up to and up to swapping a and b.]
Proof. Assume p 1 mod 4. Then
_
1
p
_
= 1, so there exists r Z such
that p[1 + r
2
(e.g. r = g
(p1)/4
mod p where g is a primitive root modulo
p). In Z[i], we have p[(1 + ri)(1 ri). If p is irreducible in the UFD Z[i],
then p[(1 + ri) or p[(1 ri), because any irreducible is prime. However p
cannot divide 1 + ri, for example, because
1
p
+
r
p
i , O
K
. Hence there exist
(a +bi), (c +di) Z[i], neither units, such that p = (a +bi)(c +di). Taking
norms
p
2
= (a
2
+ b
2
)(c
2
+ d
2
).
17
Now Z is a UFD and neither a+bi or c+di has norm 1, giving p = a
2
+b
2
=
(a + bi)(a bi). This yields the existence part of the theorem.
If a + bi = in Z[i] then, taking norms, we nd that
p = Norm()Norm().
Thus or must be a unit. Hence a +bi is irreducible in Z[i], and similarly
for a bi. Thus p = (a + bi)(a bi) is the unique factorisation of p into
irreducibles.
If also p = e
2
+f
2
= (e +fi)(e fi), then e +fi is an associate of either
a +bi or a bi, so that e +fi is one of a +bi, (a +bi), i(a +bi), i(a +bi),
or a bi, (a bi), i(a bi), i(a bi). It follows that a
2
, b
2
= e
2
, f
2
,
which proves uniqueness.
Application (2). Take K = Q(

2) so that O
K
= Z[

2]. This is a
UFD (Problem Sheet 2). We have Norm
K/Q
(a + b

2) = a
2
+ 2b
2
, so that
the only units are 1.
Theorem 5.7 (Fermat/Euler). The only integer solutions of y
2
+2 = x
3
are
x = 3, y = 5.
Proof. If y were even then x would be even, giving 8[y
2
+2, which is impossible
since 4[y
2
. So y is odd.
We have (y +

2)(y

2) = x
3
. Suppose there is an irreducible
element which divides both y +

2 and y

dierence 2

2 = (

2)
3
. However

## 2 is irreducible since its norm is

2, which is prime in Z. So we must have =

2. Now
[y +

2[y 2[y
2
,
a contradiction, since y is odd. Hence y +

2 and y

2 have no
irreducible factor in common. Unique factorisation therefore implies that
y +

2 and y

## 2 are associates of cubes. Since the only units are 1,

which are both cubes, we deduce that y

## 2 are both cubes.

We now have
y +

2 = (a + b

2)
3
= a
3
+3a
2
b

2 +3ab
2
(2) +b
3
(2)

2 = (a
3
6ab
2
) +(3a
2
b 2b
3
)

2,
and hence b(3a
2
2b
2
) = 1. Thus b = 1, a = 1, and so
y = a
3
6ab
2
= a(a
2
6b
2
) = 5 and x = 3.
18
More theorems of Fermat
1. If prime p 1 or 3 mod 8 then p = x
2
+ 2y
2
uniquely (Problem Sheet
2).
2. If prime p 1 mod 3 then p = x
2
+ 3y
2
.
Proposition 5.8. For K = Q(

5) the ring O
K
= Z[

5] is not a UFD.
Proof. We have the factorisation 6 = 2.3 = (1

5)(1 +

5) in O
K
. We
claim that the elements in S = 2, 3, 1 +

5, 1

5 are irreducible in
O
K
. Now
Norm
K/Q
(a + b

5) = a
2
+ 5b
2
so the norms of the elements in S are 4, 9, 6, 6, respectively. For S, if =
with non-units , O
K
, then Norm(), Norm() = 2, 3. However
there are no elements in O
K
with norm 2, 3, since a
2
+5b
2
= 2, 3 has
no solutions in integers a, b. This proves the claim.
By Lemma 5.5 Part 2, the elements 2, 3 cannot be associates of 1 +

5,
1

## 5. So we have two distinct factorisations into irreducibles.

6 Unique Factorisation of Ideals
To recover unique factorisation we will use ideals instead of elements. Recall
that an ideal I of a commutative ring R is a non-empty subset for which
a b I whenever a, b I, and for which ra I whenever r R and a I.
6.1 Statement of the Unique Factorisation Theorem
Denition 6.1. Let R be an integral domain, and let I, J be ideals of R.
Then IJ :=
_

k
i=1
a
i
b
i
: a
i
I, b
i
J, k 1
_
.
Observe that IJ consists of nite sums of arbitrary length k. We write
(a) := ra : r R
for the principal ideal generated by a.
19
Note 6.2 It is easy to check that:
1. IJ is an ideal of R,
2. If I = () and J = (), then IJ = ().
3. If I = () then IJ = ()J = j : j J.
Denition 6.3. Let R be an integral domain. An ideal I of R is prime if it
is proper and (ab I a I or b I). (recall: an ideal I R is proper if
I ,= R).
Comment. We shall prove later (Theorem 6.26) that any nonzero proper
ideal A of O
K
can be written as a product of prime ideals A = P
1
P
2
. . . P
r
and this factorisation is unique up to the order of the factors.
Denition 6.4. Let K, L be elds with K L. Let I be an ideal of O
K
.
Then I O
L
is dened to be the ideal of O
L
generated by products of the form
i, such that i I, O
L
(sometimes called the image of I in O
L
). Note
that, for any ideals I, J of O
K
, any n N and any principal ideal (a) = aO
K
of O
K
, (IJ) O
L
= (I O
L
)(J O
L
), I
n
O
L
= (I O
L
)
n
and (a) O
L
= aO
L
,
the principal ideal of O
L
generated by the same element (Problem Sheet 3).
6.2 Finiteness of the class number
Denition 6.5. If I, J are nonzero ideals of O
K
, we write I J (and say
that I is equivalent to J) if there exist , O
K
0 such that I() = J().
Lemma 6.6. The relation is an equivalence relation on the set of nonzero
ideals of O
K
.
Proof. Problem Sheet 3.
Denition 6.7. Equivalence classes in O
K
under are called ideal classes.
Let C
K
denote the set of ideal classes. The cardinality h
K
= [C
K
[ is the class
number of K.
We shall prove shortly that h
K
< .
Proposition 6.8. We have h
K
= 1 if and only if O
K
is a PID.
20
Proof. (): Suppose O
K
is a PID. Then for any nonzero I O
K
, there
exists O
k
such that I = (). Then I(1) = O
K
(), so I O
K
.
(): Suppose h
K
= 1. Then for all I O
K
there exist , O
K
such
that
I() = O
K
(). (6.1)
Now the right hand side is just (). Since () from Note 6.2 (3), we see
that = i for some i I. Hence / I O
K
. We claim I = (/).
Certainly (/) I. Also, a I = a I() = (), so a = r, for
some r O
K
, giving: a = r/, and so a (/); hence I (/).
Lemma 6.9. Let I O
K
be a nonzero ideal. Then I Z ,= 0.
Proof. Choose any nonzero I. Suppose that
d
+a
d1

d1
+ +a
0
= 0
(all a
i
Z) with a
0
,= 0. Then a
0
= (a
1
+ +
d1
) I Z.
Lemma 6.10. Let I O
K
be a nonzero ideal. Then O
K
/I is a nite ring.
Proof. Choose any nonzero a I Z. Then O
K
I (a). The map from
O
K
/(a) to O
K
/I which takes + (a) to + I is well-dened and onto. It
therefore suces to show that O
K
/(a) is nite. Let w = w
1
, . . . , w
n
be an
integral basis for O
K
. Then O
K
/(a) is isomorphic as an additive group to

n
i=1
(Z/(a))w
i

= (Z/(a))
n
, where n := [K : Q]. So #O
K
/(a) = a
n
< .
Denition 6.11. The norm of I is dened as N(I) := #O
K
/I.
Proposition 6.12. Let : K K be an automorphism. Then I =
(
1
, . . . ,
n
) and I

= (

1
, . . . ,

n
) have the same norm. [So, for example,
in O
Q(

7)
= Z[

7], N
_
(3, 1 +

7)
_
= N
_
(3, 1

7)
_
.]
Proof. Problem Sheet 4.
Proposition 6.13. If I = () then N(I) = [Norm
K/Q
()[.
Proof. Let w = w
1
, . . . , w
n
be an integral basis for O
K
. Then w :=
w
1
, . . . , w
n
will be a Z-basis for I = (). Directly from the denition
one sees that (w) =
_

n
i=1

i
()
_
(w) = Norm
K/Q
()(w). However
I is an additive subgroup of O
K
with index N(I), by Denition 6.11. Thus
if w
i
is expressed in terms of w as w
i
=

c
ij
w
j
, with c
ij
Z, then we
will have N(I) = [ det(c
ij
)[, by Theorem 1.8. On the other hand, we have
(w) = det(c
ij
)(w), by Lemma 2.4. Hence N(I) = [(w)/(w)[ =
[Norm
K/Q
()[.
21
Lemma 6.14 (Hurwitz). Let K be a number eld with [K : Q] = n. Then
there exists a positive integer M, depending only on the choice of integral
basis for O
K
, such that for any K, there exist w O
K
and 1 t M,
t Z with

Norm
K/Q
(t w)

< 1.
Remark. If one could take M = 1 then for any K there would be a
w O
K
with [Norm
K/Q
( w)[ < 1. This is equivalent to the Euclidean
property for the norm function. That is to say, if one can take M = 1 then
O
K
is a Euclidean Domain with Euclidean function d() = [Norm
K/Q
()[.
In general one can regard Hurwitzs lemma as providing a statement
weaker than the Euclidean property, but valid for any number eld.
Proof. Let w
1
, . . . , w
n
be an integral basis for O
K
. For any K we write
=

n
i=1

i
w
i
with
i
Q. Let
i
= a
i
+ b
i
with a
i
Z and 0 b
i
< 1.
We dene (for the duration of this proof only) [] =

n
i=1
a
i
w
i
and =

n
i=1
b
i
w
i
. Hence we will have = [] + and [] O
K
for all K.
Let w
(1)
i
, . . . , w
(n)
i
be the K/Q-conjugates of w
i
, and set
C :=
n

j=1
(
n

i=1
[w
(j)
i
[).
Then if =

n
i=1

i
w
i
and := max
1in
[
i
[, we have
[Norm
K/Q
()[ =

j=1
_
n

i=1

i
w
(j)
i
_

j=1
_
n

i=1

w
(j)
i

_
= C
n
. (6.2)
Choose m to be the rst integer after C
1/n
and let M = m
n
, so that M
depends only on our choice of w
1
. . . , w
n
. Dene a linear map : K R
n
by

_
n

i=1

i
w
i
_
= (
1
, . . . ,
n
). (6.3)
Now () lies in the unit cube
B := (x
1
, . . . , x
n
) R
n
: 0 x
i
< 1 .
Partition B into m
n
subcubes of side 1/m, and consider the points (k),
for 0 k m
n
. There are m
n
+ 1 such points and only m
n
available
22
subcubes. Hence, by the Pigeon-hole principle, there are two points lying
in the same subcube. Suppose these correspond to k = h and l, with h > l.
Letting t = h l, we have 1 t m
n
= M. It follows that t = w +
where w := [h] [l] O
K
and := h l with
() [1/m, 1/m]
n
.
By (6.2) and (6.3), we now nd that
[Norm
K/Q
()[ C(1/m)
n
< 1,
since we took m > C
1/n
. The lemma then follows, since = t w.
Theorem 6.15. The class number h
K
= #C
K
is nite.
Proof. Let I be a nonzero ideal of O
K
. Choose 0 ,= I such that [Norm()[
is minimal, and let M be as in Hurwitzs lemma. Now consider an arbitrary
I, and apply the lemma with := /. Then there exists an integer t
in the range 1 t M such that [Norm(t(/) w)[ < 1 with w O
K
.
Thus t w I and [Norm(t w)[ < [Norm()[. This contradicts
the minimality of [Norm()[ unless t w = 0. We therefore deduce that
t (). In general the integer t will be dierent for dierent values of
, but we can always deduce that M! (). Since was arbitrary we
conclude that
(M!)I (). (6.4)
Let
J := 1/ M! : I.
Then J is an ideal; the only non-trivial part is checking that J O
K
, but
this follows from (6.4). Moreover ()J = (M!)I, so that I J.
By taking = in the denition of J we see that O
K
J (M!). By
Lemma 6.10 we know that O
K
/(M!) is nite, and so there are only nitely
many possibilities for J. Hence I is equivalent to one of nitely many ideals.
It follows that there are nitely many equivalence classes.
6.3 Ideal classes form a group under multiplication
Lemma 6.16. If I, J O
K
are ideals, with I nonzero, and JI = I then
J = O
K
.
23
Proof. Let
1
, . . . ,
n
be a Z-basis for I. Since I = JI there exist b
ij
J
such that
i
=

n
j=1
b
ij

j
. Hence det(b
ij

ij
) = 0, and expanding this
determinant out, one sees that all terms lie in J, except the product of the
1s in the identity matrix. Hence 1 J and so J = (1) = O
K
.
Lemma 6.17. If I is a nonzero ideal of O
K
, and w K with wI I, then
w O
K
.
Proof. Take M = I in Lemma 3.6.
Lemma 6.18. If I, J are nonzero ideals in O
K
, and w O
K
is such that
(w)I = JI, then (w) = J.
Proof. Choose an arbitrary J. Then (w)I ()I, so that /wI I.
By Lemma 6.17 we therefore have /w O
K
, and so (w). Since was
arbitrary we deduce that J (w), giving that w
1
J is an ideal in O
K
. We
then have I = (w
1
J)I and so by Lemma 6.16, we obtain w
1
J = O
K
, so
that J = (w).
Proposition 6.19. For any nonzero ideal I O
K
, there exists k such that
1 k h
K
and I
k
is principal.
Proof. Among the h
K
+ 1 ideals I
i
: 1 i h
K
+ 1 some two must be
equivalent. Suppose that I
i
I
j
with j > i. Then ()I
i
= ()I
j
for some
, O
K
. Let k = j i and J = I
k
. Then ()I
i
= ()I
i
J ()I
i
, so that
/I
i
I
i
. By Lemma 6.17 we have / O
K
. Also (/)I
i
= JI
i
and
so, by Lemma 6.18, (/) = J. It follows that J = I
k
is principal.
Proposition 6.20. The ideal classes form a group C
K
. It is called the class
group of K and its order is the class number h
K
.
Proof. Given two ideal classes [I], [J] we dene the product [I] [J] := [IJ].
This is well-dened (easy). The element [O
K
] acts as an identity, and asso-
ciativity is easily veried. Thus it remains to show the existence of inverses.
Let [I] be the class of I, and [O
K
] = [(1)] the identity. However, given
[I] C
K
, if I
k
is principal, then [I
k1
] is an inverse of [I].
6.4 Proof of the unique factorisation theorem
Lemma 6.21 (Cancellation Lemma). Let A, B, C O
K
be nonzero ideals
with AB = AC. Then B = C.
24
Proof. Let k be such that A
k
= () is principal. Multiplying by A
k1
, we
get ()B = ()C, and so B = C.
Denition 6.22. Let A, B O
K
be nonzero ideals. We write B[A if there
exists an ideal C O
K
such that A = BC.
Proposition 6.23. Let A, B be nonzero ideals in O
K
. Then B A if and
only if there exists an ideal C such that A = BC, i.e., B[A.
So to contain is to divide!
Proof. Let k 1 be such that B
k
= () is principal. If B A then we
have B
k1
A B
k
= (). Let C := 1/B
k1
A, so that C O
K
is an
ideal. Then BC = B1/B
k1
A = A. Hence B[A. Conversely, if B[A then
A = BC

, for some C

; furthermore BC

## B, since B is an ideal. Hence

B A.
Lemma 6.24. Let A, B be nonzero ideals, and P a prime ideal of O
K
such
that P[AB. Then either P[A or P[B.
Proof. Suppose that P[AB and P does not divide A. We must show that
P[B. Now P AB but P , A, so there exists A with , P. For any
B we will have P, since P AB. However P is a prime ideal,
so if P one of or must belong to P. In our case we conclude that
P. Hence P B, so that P[B by Proposition 6.23.
Note 6.25 In general, for any ring, every maximal ideal is prime. In the
case of rings O
K
the converse is true for nonzero ideals. To prove this, note
that if P is a nonzero prime ideal of O
K
then O
K
/P is a nite integral
domain. Any nite integral domain is a eld, and hence O
K
/P is a eld. It
then follows that P is maximal.
This following key theorem is due to Dedekind as is most of the theory
of ideals in number elds.
Theorem 6.26. (Unique Factorisation Theorem for ideals of O
K
). Let A
be any nonzero proper ideal of O
K
. Then there exist prime ideals P
1
, . . . , P
r
such that A = P
1
. . . P
r
. The factorsiation is unique up to the order of the
factors; that is, if A = Q
1
. . . Q
s
is another prime ideal factorisation then
s = r and there exists a permutation such that Q
i
= P
(i)
, 1 i r.
25
Proof. Assume not every ideal A (nonzero and proper) has a prime factori-
sation. Let A be such an ideal with N(A) minimal. There exists a maximal
(hence prime) ideal P
1
containing A. So Proposition 6.23 shows that there
is an ideal C with A = P
1
C.
If A = C then P
1
C = C and P
1
= O
K
, by Lemma 6.16. This is clearly
impossible. Hence A C, and by the denition of the norm (Denition
6.11) we have N(A) = N(C)[C : A] > N(C). Hence, by our minimality
assumption for A, one can factor C into prime ideals as C = P
2
. . . P
r
(or
C = O
K
and A = P
1
). Therefore A = P
1
. . . P
r
nonzero proper ideal has a prime factorisation.
Suppose
A = P
1
P
2
. . . P
r
= Q
1
Q
2
. . . Q
s
.
Now P
1
[Q
1
. . . Q
s
. Let k be minimal such that P
1
[Q
1
. . . Q
k
. If k = 1 then
P
1
[Q
1
. If k > 1 then P
1
[(Q
1
. . . Q
k1
)Q
k
, but P
1
does not divide Q
1
. . . Q
k1
.
Since P
1
is prime, we must have P
1
[Q
k
. We therefore have P
1
[Q
k
(so P
1
Q
k
)
in either case. Since Q
k
is maximal this implies that P
1
= Q
k
. Without loss
of generality we take k = 1 and then, by the cancellation lemma 6.21, we
have P
2
. . . P
r
= Q
2
. . . Q
s
. We may now repeat the process until every P
i
has been shown to equal some Q
j
.
Note that the prime ideals which occur in the factorisation of A are those
which contain A.
Note also that if u O
K
is a unit, then (u) = O
K
and so (u)I = I for any
ideal I R; that is to say, ideals absorb units. Thus unique factorisation
of ideals is simpler to describe than unique factorisation of elements. If
O
K
is a PID then the theorem implies directly that it is a UFD. However, in
general O
K
will not be a PID, that is to say, not all ideals will be principal.
Note 6.27
At this point we explain how to multiply ideals in practice. It is a fact,
which we will not prove here, that every ideal can be written with at most 2
generators. We shall write (, ) for the ideal
(, ) = a + b : a, b O
K
.
Then the product
(, )(, ) =
n

i
:
i
(, ),
i
(, )
26
clearly contains the four elements , , , , giving
(, , , ) (, )(, ).
Moreover any term
i

i
in the sum above is of the shape (a+b)(c+d)
(, , , ), so that
(, )(, ) =
n

i
:
i
(, ),
i
(, ) (, , , ).
Thus we must have
(, )(, ) = (, , , ).
To reduce the 4 generators on the right to at most 2 requires ad hoc
methods (given only the technology from the present course). As an example
consider
(11, 3 +

13)(11, 3

13) = (121, 33 11

13, 33 + 11

13, 22).
All the generators belong to (11), and so
(121, 33 11

13, 33 + 11

## 13, 22) (11).

On the other hand 11 is the highest common factor of 121 and 22, over Z,
so that one can solve 11 = 121m + 22n over Z. It follows that
(11) (121, 22) (121, 33 11

13, 33 + 11

13, 22).
We can therefore conclude that
(121, 33 11

13, 33 + 11

## 13, 22) = (11)

and hence that
(11, 3 +

13)(11, 3

13) = (11).
27
6.5 Multiplicativity of the Norm
Denition 6.28. Let A, B be ideals. We dene
A + B := a + b : a A, b B,
which is clearly an ideal. We say that A, B are coprime if A + B = O
K
.
This will occur if and only if there does not exist a maximal P such that
P A and P B. Thus, A and B are coprime if and only if they have no
prime ideal factor in common.
Note also that, if A, B are coprime and A[BC then A[C; furthermore, if
A, B are coprime and A[I, B[I then AB[I (Problem Sheet 2).
Lemma 6.29. If A and B are coprime then AB = A B.
Proof. Certainly AB A B, and so A B[AB. On the other hand, since
A[AB and B[AB, it follows by coprimality and unique factorisation that
AB[A B. These two divisibility relations suce for the proof.
Lemma 6.30. If nonzero A, B are coprime then N(AB) = N(A)N(B).
Proof. The Chinese Remainder Theorem gives
O
K
/(A B)

= O
K
/A O
K
/B
when A+B = O
K
, (that is to say, when they are coprime). By the previous
lemma, AB = AB. The lemma then follows on considering the cardinality
of the two sides.
Lemma 6.31. If P is a nonzero prime ideal of O
K
and i 0 then #P
i
/P
i+1
=
#O
K
/P.
Proof. We have P
i+1
P
i
, but by the Cancellation Lemma 6.21, we cannot
have P
i
= P
i+1
. We may therefore choose P
i
with , P
i+1
. Then
P
i
(). Let () = P
i
B with B not divisible by P. Dene a homomorphism
: O
K
P
i
/P
i+1
.
(So one multiplies by and then reduces modulo P
i+1
.) We now have
() = 0 P
i+1
() P
i+1
()P
i
B P
i+1
28
P
i+1
[()P
i
B P[B() P[().
Hence ker = P.
It now suces to show that is surjective. However
() + P
i+1
= P
i
B + P
i+1
= P
i
since B + P = O
K
. Thus, given any + P
i+1
P
i
/P
i+1
(so that P
i
)
there exist O
K
and P
i+1
such that + = . We then have
() = + P
i+1
, as required. Finally, the First Isomorphism Theorem for
groups gives that:
O
K
/P

= O
K
/ ker

= im = P
i
/P
i+1
.
Taking orders of both sides gives the required result.
Corollary 6.32. If P is a nonzero prime ideal and e 1 then N(P
e
) =
N(P)
e
.
Proof. Considering O
K
and P
i
N(P
e
) = #O
K
/P
e
= #O
K
/P #P/P
2
#P
e1
/P
e
= (#O
K
/P)
e
= N(P)
e
.
Corollary 6.33. If A =

i
P
e
i
i
, (P
i
being distinct nonzero prime ideals),
then we have N(A) =

N(P
i
)
e
i
.
Proof. Use the corollary above and Lemma 6.30.
From the Unique Factorisation Theorem 6.26 and this last corollary we
deduce:
Proposition 6.34. If A, B are nonzero ideals then N(AB) = N(A)N(B).
Note that if N(I) = p, a rational prime, then I is automatically prime.
The converse is not true, but we shall soon see that every prime ideal P does
have N(P) = p
k
for some rational prime p and integer k.
Example 6.35 What happens in Z[

## 5]? Recall that

6 = 2 3 = [1

5] [1 +

5].
29
In terms of ideals we write this as
(6) = (2)(3) = (1

5)(1 +

5).
Let P
1
= (2, 1 +

5), P
2
= (2, 1

5), Q
1
= (3, 1 +

5) and Q
2
=
(3, 1

5) where (, ) := r + s : r, s O
K
. Now
(2) = (4, 6) P
1
P
2
(2, 6) = (2)
giving P
1
P
2
= (2). We have N((2)) = Norm(2) = 4, and so N(P
1
)N(P
2
) = 4.
Moreover an easy calculation shows that a b mod 2 whenever a +b

5
P
i
, and so P
i
,= O
K
. We therefore deduce that N(P
1
) = N(P
2
) = 2. Similarly
(3) = (9, 6) Q
1
Q
2
(3, 6) = (3), so that Q
1
Q
2
= (3), and N(Q
1
) =
N(Q
2
) = 3. It follows that P
1
, P
2
, Q
1
, Q
2
are all prime ideals. (In fact,
P
1
= P
2
, e.g. 1

5 = 2.1 (1 +

5).1 P
1
.)
We also have P
1
, Q
1
(1+

5) and P
2
, Q
2
(1

5). Consideration
of norms then shows that (1 +

5) = P
1
Q
1
and (1

5) = P
2
Q
2
. Thus
(2)(3) = (1 +

5)(1

5) becomes P
1
P
2
Q
1
Q
2
= P
1
Q
1
P
2
Q
2
,
demonstrating that we have the same factorisation into ideals, even though
the factorisations into irreducibles are dierent.
7 Decomposition into prime ideals
Let K be a number eld of degree [K : Q] = n. Let P be a nonzero prime
ideal of O
K
. Then P Z is a prime ideal of Z, and so is of the form pZ for
some rational prime p. We therefore have P pO
K
= (p). We say that P
lies above the prime p.
Suppose that
(p) = P
e
1
1
. . . P
e
r
r
where P
1
, . . . , P
r
are distinct prime ideals in O
K
. Then P
1
, . . . , P
r
are the
prime ideals lying above the rational prime p. Taking norms we have
p
n
= N(P
1
)
e
1
. . . N(P
r
)
e
r
Hence, each N(P
i
) = p
f
i
and

r
i=1
e
i
f
i
= n.
Note also that P must be one of the P
i
and so N(P) is a power of p.
30
Denition 7.1. The integer e
i
is called the ramication index of P
i
. If
e
i
> 1 we say that P
i
is ramied. If some e
i
> 1 we say that p ramies in
K. The integer f
i
is called the degree of P
i
.
Note that p
f
i
= #O
K
/P
i
and that O
K
/P
i
is isomorphic to the nite eld
with p
f
i
elements.
Theorem 7.2 (Dedekind). Suppose that K = Q() with O
K
having
minimal polynomial m(x) Z[x] of degree n. If p does not divide [O
K
: Z[]]
and m(x) := m(x) mod p F
p
[x] factorises as
m(x) =
r

i=1
g
i
(x)
e
i
with g
i
distinct and irreducible, then
1. P
i
= (p, g
i
()) is a prime ideal of O
K
(here g
i
(x) Z[x] is any polyno-
mial such that g
i
(x) g
i
(x) mod p).
2. The prime ideals P
i
are distinct.
3. The degree of P
i
is the degree of g
i
.
4. (p) =

r
i=1
P
e
i
i
.
Proof. Suppose that p does not divide the index [O
K
: Z[]]. Consider the
natural map Z[] O
K
/pO
K
. An element of the kernel must have the
form p for O
K
. Since p does not divide the index [O
K
: Z[]] we must
have Z[]. The kernel is thus precisely pZ[] and we get an injection
Z[]/pZ[] O
K
/pO
K
. Indeed this must be an isomorphism of rings since
both sides have order p
n
. Now consider the ring homomorphism from Z[x]
to Z[]/pZ[] taking g(x) to g() + pZ[]. This has kernel
g(x) : g(x) = m(x)h(x) + pj(x) = (p, m(x)),
giving
Z[]/pZ[]

= Z[x]/(p, m(x)).
Finally consider the homomorphism from Z[x] to F
p
[x]/( m(x)), sending g(x)
to g(x) + ( m(x)). The kernel of this map is
g(x) : m(x)[ g(x) = g(x) : g(x) = m(x)h(x) + pj(x) = (p, m(x)).
31
Thus Z[x]/(p, m(x))

= F
p
[x]/( m(x)), and composing our various maps we
obtain
O
K
/pO
K

= Z[]/pZ[]

= Z[x]/(p, m(x))

= F
p
[x]/( m(x)).
We are looking for prime ideals P with O
K
P pO
K
. There is a 1 1
correspondence between the prime ideals of O
K
containing (p) and the prime
ideals of O
K
/pO
K
, and between these latter prime ideals and the prime ideals
of F
p
[x]/( m(x)). However the prime ideals of F
p
[x]/( m(x)) are generated by
irreducible factors g
i
(x) of m(x). Tracing back the eect of our various
isomorphisms one sees that these correspond to P
i
= (p, g
i
()) in O
K
. This
proves parts 1 and 2 of the theorem. Moreover one sees, again by checking
the eect of our three isomorphisms, that N(P
i
) = #F
p
[x]/( g
i
(x)), which
proves part 3.
Finally we have
r

i=1
P
e
i
i
=
r

i=1
(p, g
i
())
e
i

i=1
(p, g
i
()
e
i
) (p,
r

i=1
g
i
()
e
i
) = (p).
However p
f
i
= N(P
i
) = p
deg(g
i
)
(by part 3), so that
N
_
r

i=1
P
e
i
i
_
= p

r
i=1
e
i
f
i
= p

r
i=1
e
i
deg(g
i
)
= p
n
.
On the other hand, N((p)) = p
n
and so (p) =

r
i=1
P
e
i
i
. This proves part 4,
the nal assertion of the theorem.
Corollary 7.3. If p ramies then p[(Z[])
2
.
Proof. If p[[O
K
: Z[]] then p[(Z[])
2
. So we may suppose that p does not
divide [O
K
: Z[]]. Then the above theorem shows that if p ramies, with a
factor P
2
, then m(x) has a multiple irreducible factor g(x) over F
p
, for which
g() (p, g()) = P. We then have m(x) = g(x)
2
h(x) + pk(x), say, so that
m

(x) = g(x)2g

(x)h(x) + g(x)h

(x) + pk

## (x) = g(x)j(x) + pl(x),

say. Thus m

() = g()j() + p with O
K
. It follows that
Norm
K/Q
(m

()) =

(m

()) =

(g()j()) + p
32
for some algebraic integer . We now have
Norm
K/Q
(m

()) = Norm
K/Q
(g())Norm
K/Q
(j()) + p,
so that in particular we see that Z. However, since P[(g()) we will
have N(P)[Norm
K/Q
(g()) and hence p[Norm
K/Q
(g()). We therefore con-
clude that p[Norm
K/Q
(m

2
(Z[]) =
Norm
K/Q
(m

## ()), by Problem Sheet 1.

Example 7.4 Let K = Q(

5), so that O
K
= Z[

5] and (Z[

5])
2
=
4(5) = 20. The possible ramied primes are 2 and 5. We have m(x) =
x
2
+ 5, and
x
2
+ 5 x
2
+ 1 (x + 1)
2
mod 2
so that
(2) = (2,

5 + 1)
2
.
Similarly, x
2
+ 5 x
2
mod 5 so that
(5) = (5,

5)
2
= (

5)
2
.
For all primes we have

r
i=1
e
i
f
i
= 2, so r 2. Thus one of the following
cases holds: r = 1, e
1
= 2, f
1
= 1 (ramied case), or r = 1, e
1
= 1, f
1
= 2
(we say p remains inert), or r = 2, e
1
= e
2
= 1, f
1
= f
2
= 1 (we say p splits).
We extend this language to general algebraic number elds, saying that p is
inert if (p) is prime in O
K
, and that p splits otherwise.
We have already dealt with p = 2, 5 so consider p ,= 2, 5.
Case 1:
_
5
p
_
= 1. Then x
2
+ 5 is irreducible modulo p, and
(p) = P := (p,

5
2
+ 5) = (p)
is inert.
Case 2:
_
5
p
_
= 1. Then
x
2
+ 5 (x a)(x + a) mod p
where a , a mod p. In this case (p) = P
1
P
2
where P
1
= (p,

5 a)
and P
2
= (p,

5 + a). e.g. x
2
+ 5 x
2
1 (x 1)(x + 1) mod 3,
so that (3) = (3,

5 1)(3,

## 5 + 1). (Note that for case 2 we have

p 1, 3, 7, 9 mod 20 by quadratic reciprocity.)
33
8 Minkowski: computation of the class group
8.1 Minkowskis convex body theorem
Let v
1
, . . . , v
n
be any basis for R
n
. Let L =

n
i=1
a
i
v
i
: a
i
Z be
the lattice generated by the v
i
. It is an additive subgroup of R
n
. Let D =

n
i=1
a
i
v
i
: a
i
[0, 1). We call D a fundamental domain for L. Every
v R
n
can be expressed uniquely as v = u + w with u L and w D.
If v
i
=

n
j=1
a
ij
e
j
where e
1
, . . . , e
n
is the standard basis for R
n
, then
we dene Vol(D) := [ det(a
ij
)[; this is sometimes denoted Vol(L). We also
have Vol(D)
2
= det(v
i
v
j
), being the determinant of matrix (a
ij
)(a
ij
)
t
. One
can easily check that Vol(D) is independent of the choice of Z-basis for the
lattice L.
Lemma 8.1 (Blichfeldt). Let L be a lattice in R
n
, and let S be a bounded,
measurable subset of R
n
such that Vol(S) > Vol(L). Then there exist x, y S
with x ,= y and such that x y L.
Proof. (Non-examinable)
Let D be a fundamental domain for L. When a L write S(a) = (Sa)
D. Then S is the disjoint union of the sets S(a)+a as a runs over L. It follows
that Vol(S) =

aL
Vol(S(a)). However Vol(S) > Vol(D) and S(a) D.
Thus some S(b) and S(c) with b ,= c must overlap. Let v S(b)S(c). Then
x = v + b S and y = v + c S, and x y = b c L.
Denition 8.2. We say S R
n
is convex if
x, y S, 0 1 x + (1 )y S.
We say S is symmetric (about the origin) if
x S x S.
Theorem 8.3 (Minkowskis Convex Body Theorem). Let L be a lattice in
R
n
. Let S be a bounded measurable subset of R
n
which is convex and sym-
metric. If Vol(S) > 2
n
Vol(L) then there exists v L 0 with v S.
Proof. (Non-examinable)
We have Vol(
1
2
S) = 2
n
Vol(S) > Vol(L). Thus Blichfeldts result tells us
that there exist x, y
1
2
S such that x y L 0. Now 2x S and, by
symmetry, 2y S. Using convexity we then nd that
1
2
(2x + (2y)) S,
that is to say, x y S.
34
Note 8.4 If S is closed, and therefore compact, then it is enough to have
Vol(S) 2
n
Vol(L).
Example 8.5 We give another proof that if p 1 mod 4 then there exist
x, y Z such that p = x
2
+ y
2
.
We know that
_
1
p
_
= 1, so there is an s such that s
2
1 mod p. If
p = x
2
+ y
2
then x
2
+ y
2
0 mod p and so (x/y)
2
1 mod p. Hence x
sy mod p. We will search for a small integer solution to x sy mod p.
Such points form a lattice L in R
2
. We have
x sy mod p x = sy + pz, with z Z (x, y) = y(s, 1) + z(p, 0).
Hence (s, 1), (p, 0 is a basis for L, and
Vol(L) =

det
_
s p
1 0
_

= p.
Let C be the disc x
2
+y
2

## 2p. The set C is clearly convex

and symmetric about the origin, and
Vol(C) = (
_
2p)
2
= 2p > 2
2
p = 2
2
Vol(L).
Hence by Minkowskis Theorem there exists a nonzero v L such that
v C. Suppose that v = (x, y). Since v L we have x sy mod p, and
hence x
2
+ y
2
0 mod p. However v C implies x
2
+ y
2
< 2p, so that
x
2
+ y
2
= 0 or p. Finally, since v ,= 0 we must have x
2
+ y
2
= p.
8.2 Minkowskis bound
Let [K : Q] := n = r + 2s where r is the number of real embeddings

1
, . . . ,
r
: K R, and s the number of pairs of complex embeddings

r+1
, . . . ,
r+s
,
r+1
, . . . ,
r+s
: K C
Denition 8.6. Let : K R
r
C
s

= R
n
be dened as (x) :=
(
1
(x), . . . ,
r
(x), (
r+1
(x)), (
r+1
(x)), . . . , (
r+s
(x)), (
r+s
(x))) .
35
Let O
K
be the ring of integers of K, and let v
1
, . . . , v
n
be an integral
basis for O
K
. Write A for the matrix whose ith row is (v
i
). By elementary
column operations we nd that
(2i)
s
det(A) = det(
j
(v
i
)) =
_
[
2
[ ,= 0
where
2
:=
2
(K). Thus det(A) ,= 0, and (O
K
) is a lattice in R
n
of
volume
_
[
2
[/2
s
.
If I is an ideal of O
K
, with basis w = w
1
, . . . , w
n
then w
i
=

j
c
ij
v
j
and
N(I) = [O
K
: I] = [ det(c
ij
)[
by Theorem 1.8. Moreover,
2
(w) = det
2
(c
ij
)
2
(v) by Lemma 2.4, and
so
2
(w) = N(I)
2

2
(v). We can now replace the basis v in the previous
calculation by w, to deduce that
Vol((I)) =
_
[
2
(w)[
2
s
=
N(I)
_
[
2
(v)[
2
s
=
N(I)
_
[
2
[
2
s
.
Lemma 8.7. For t > 0 let
R
t
:=
_
(x
1
, . . . , x
r
, z
1
, . . . , z
s
) R
r
C
s
:
r

i=1
[x
i
[ + 2
s

i=1
[z
s
[ t
_
.
Then
1. R
t
is a compact, symmetric, and convex subset of R
n
,
2. Vol(R
t
) = 2
r
t
n
(/2)
s
/n!
Proof. Non-examinable. See Lang, Algebraic Number Theory, (Addison-
Wesley, 1970), page 116.
Theorem 8.8. Let I O
K
be a nonzero ideal. Then there exists a nonzero
I with
[Norm
K/Q
()[ c
K
N(I)
where
c
K
:=
_
4

_
s
n!
n
n
_
[
2
(K)[
is Minkowskis constant for K.
36
Proof. Choose t R so that
s
t
n
/n! = 4
s
_
[
2
(K)[N(I). Then
Vol(R
t
) =
2
r
t
n
(/2)
s
n!
=
2
n
_
[
2
(K)[N(I)
2
s
= 2
n
Vol((I)).
By Minkowskis theorem (compact version), there exists a nonzero I
such that () R
t
. Hence
r

i=1
[
i
()[ + 2
r+s

i=r+1
_
(
i
())
2
+(
i
())
2
t.
This means that

n
i=1
[
i
()[ t and so
1
n
n

i=1
[
i
()[
t
n
.
By the inequality of the arithmetic and geometric means we have
_
n

i=1
[
i
()[
_
1/n

1
n
_
n

i=1
[
i
()[
_

t
n
,
giving [Norm
K/Q
()[
_
t
n
_
n
= c
K
N(I).
Theorem 8.9. Any ideal class c C
K
contains an ideal J such that N(J)
c
K
, that is to say
N(J)
_
4

_
s
n!
n
n
_
[
2
(K)[.
Proof. Let I be any ideal in the inverse class c
1
. We now know there
exists a nonzero I such that [Norm
K/Q
()[ c
K
N(I). Since () I
we have I[(), and so there exists an ideal J such that IJ = (). The
relations I c
1
and IJ = () imply that [J] = c and J c. Moreover
N(I)N(J) = N(IJ) = [Norm
K/Q
()[ c
K
N(I), and so N(J) c
K
.
Note 8.10 For a nonzero ideal J O
K
we have N(J) = #O
K
/J so that
N(J).x J for any x O
K
, by Lagranges Theorem, regarding O
K
/J as
an additive group. Taking x = 1 shows that N(J) J. It follows that
J (N(J)), and hence that J[(N(J)).
We can therefore deduce that every class c contains an ideal J such that
J has an element m J N with m c
K
.
37
Corollary 8.11. If K ,= Q then [
2
(K)[ > 1.
Proof. Since N(J) 1 for any ideal J O
K
, we must have
1
_
4

_
s
n!
n
n
_
[
2
(K)[
_
4

_
n
n!
n
n
_
[
2
(K)[.
Let b
n
:=
_

4
_
n
n
n
n!
. It will suce to show that b
n
> 1 for all n 2. Now
b
2
=
2
/8 > 1. Moreover
b
n+1
b
n
=

4
_
1 +
1
n
_
n
=

4
_
1 + n
1
n
+ . . .
_

2
> 1.
Hence b
n
> 1 for all n 2.
9 Class group computations and Diophantine
applications
Note 9.1 The class group is abelian. Let c be any ideal class. Then
there exists J c with N(J) c
K
. Write J as a product of prime ideals,
J = P
1
. . . P
s
, say. By the multiplicativity of the norm, N(P
i
) c
K
for each
i. Moreover c = [J] = [P
1
. . . P
s
] = [P
1
] . . . [P
s
]. Hence c is in the group
generated by ideal classes of prime ideals of norm at most c
K
. Thus the class
group itself is generated by classes of prime ideals in O
K
of norm at most
c
K
.
In order to nd a suitable set of generators we observe that prime ideals
of norm c
K
are factors of ideals (p) where p N is prime and p c
K
.
Using Dedekinds Theorem 7.2, we can factor all such primes p into prime
ideals, to give a complete set of generators.
To determine the class group it remains to nd any relations satised by
the classes of these prime ideals. Some such relations can be found from the
prime factorisations of the ideals (p), since these are principal, and others can
be obtained by factoring principal ideals () generated by elements O
K
of small norm.
To show that the set of relations found is complete one needs to show that
appropriate combinations of the generators are not principal. In general this
can be awkward, but for complex quadratic elds one can prove that an ideal
38
I is non-principal by nding all elements O
K
with Norm
K/Q
() = N(I),
and checking whether or not I = (). If K is complex quadratic there will
only be nitely many possible with Norm
K/Q
() = N(I) to check.
Example 9.2 Let K = Q(

5), so that O
K
= Z[

## 5]. We know from

Proposition 5.8 that O
K
is not a PID, so that h
K
> 1. We have n = 2, s =
1, r = 0, and
2
(K) = 20. Thus
c
K
=
2!
2
2
_
4

20 =
4

< 3.
It follows that every ideal class contains an ideal of norm at most 2, and
that C
K
is generated by classes of prime ideals of norm at most 2. However
(2) = P
2
2
where P
2
= (2, 1 +

5) with N(P
2
) = 2. Hence [P
2
] generates
C
K
. Moreover P
2
2
= (2), giving [P
2
]
2
= [(2)] = [O
K
], which is the identity in
C
K
. Hence C
K
is cyclic of order 2, and h
K
= 2.
Example 9.3 Next consider K = Q(

## 6), for which O

K
= Z[

6], with
n = 2, r = 0, s = 1 and
2
(K) = 24. In this case
c
K
=
2!
2
2
_
4

24 =
4

3.1.
The ideal class group C
K
is generated by prime ideals P such that N(P)
c
K
, which means that N(P) = 2 or 3.
Now x
2
+6 x
2
mod 2, and so (2) = P
2
2
where P
2
:= (2,

6). Similarly
x
2
+6 x
2
mod 3, so that (3) = P
2
3
with P
3
:= (3,

## 6). We have N(P

2
) = 2
and N(P
3
) = 3. (Indeed e = 2, f = 1 in both cases.) It follows that C
K
is generated by [P
2
] and [P
3
], but we need to see if there are any relations
satised by these classes.
If P
2
is principal then P
2
= (x + y

## 6) with x, y Z. Taking norms

this gives 2 = [x
2
+ 6y
2
[, which is impossible. Similarly P
3
is not principal,
so that [P
2
], [P
3
] ,= [O
K
] in C
K
.
Since P
2
2
= (2) we have [P
2
]
2
= [O
K
], and similarly [P
3
]
2
= [O
K
].
We next observe that

6 =

6.3 2.

6 P
2
P
3
. We also have
Norm
K/Q
(

## 6) = 6, and we therefore deduce that (

6) = P
2
P
3
. It follows
that [P
2
][P
3
] = [O
K
]. Thus [P
3
] = [P
2
]
1
= [P
2
], and C
K
must be cyclic of
order 2, generated by [P
2
], and h
K
= 2.
39
Example 9.4 Find all integer solutions of the equation y
2
+ 54 = x
3
.
Let x, y Z be a solution. If y is even then x
3
54 2 mod 4, which
is impossible. If 3[y then 3[x, and on setting x = 3x
1
, y = 3y
1
we will have
y
2
1
+ 6 = 3x
3
1
. Hence 3[y
1
, and on writing y
1
= 3y
2
we obtain 3y
2
2
+ 2 =
x
3
1
. However 3y
2
2
+ 2 2 or 5 mod 9 while x
3
1
0, 1 or 8 mod 9. This
contradiction shows that we must have y coprime to 3.
It follows that hcf(y, 6) = 1, and hence that hcf(x, 6) = 1.
We now use the ideal factorisation (y + 3

6)(y 3

6) = (x)
3
. We
proceed to show that the factors on the left are coprime. If a prime ideal P
divides both factors then 6

6 = y + 3

6 y 3

6 P, and so
P[(6

6) = P
3
2
P
3
3
. (Recall that (

6) = P
2
P
3
.) Thus P can only be P
2
or P
3
. However P[(y + 3

6) implies P[(x)
3
, and on taking norms we nd
that N(P)[x
6
, which is impossible, since hcf(x, 6) = 1.
It follows that (y +3

6) and (y 3

## 6) are coprime as ideals of O

K
.
By unique factorisation of ideals we have
(y + 3

6) = I
3
for some ideal I. Since I
3
is principal we have [I]
3
= [O
K
], the identity
in C
K
. However we know from above that h
K
= 2 (giving [I]
2
= [O
K
] by
Lagranges Theorem), and so we must have [I] = [O
K
]. Thus I is principal,
so that I = () for some O
K
.
It follows that (y + 3

6) = ()
3
= (
3
), giving y + 3

6 = u
3
with
u a unit. (Recall that if () = () then = u for some unit u O
K
.)
For K = Q(

## 6) the only units in O

K
are u = 1, and for both of these
we have u = u
3
. It follows that
y + 3

6 = u
3
= a + b

6
3
,
say. Equating the coecient of

## 6 on both sides gives 3 = b3a

2
6b
2
,
and so 1 = ba
2
2b
2
. Hence b = 1 and a
2
= 1, giving y = a
3
18b
2
a =
aa
2
18b
2
= 17. With these y the only possible x is 7, so that the
complete solution is x = 7, y = 17.
Example 9.5 Let K = Q(

163), so that O
K
= Z[
1
2
(1 +

163)] and
c
K
=
2

## 163 8.13 < 9.

Thus the class group C
K
is generated by the classes of prime ideals dividing
(2), (3), (5) and (7), so we proceed to factor (2), (3), (5) and (7) in O
K
.
40
The minimal polynomial of
1
2
1 +

163 is x
2
x + 41. However we
nd that x
2
x + 41 x
2
+ x + 1 mod 2, which is irreducible. Thus (2) is
inert, so that the only prime ideal above 2 is (2), which is principal.
For p = 3, 5 and 7 it is enough to consider the factorisation of the polyno-
mial x
2
+163 mod p, since p does not divide the index [O
K
: Z[

163]] = 2.
x
2
+ 163 x
2
+ 1 mod 3, which is irreducible. Hence (3) is inert.
x
2
+ 163 x
2
+ 3 mod 5, which is irreducible. Hence (5) is inert.
x
2
+ 163 x
2
+ 2 mod 7, which is irreducible. Hence (7) is inert.
Thus the only relevant prime ideals are all principal; hence C
K
is trivial
and h
K
= 1. It follows that O
K
is a UFD. However, it is not a Euclidean
domain. (For this non-examinable fact see S&T, Theorem 4.18)
Note: it is known that there are only nitely many imaginary quadratic
elds K with h
K
= 1 (the proof of this is hard!). On the other hand it is
conjectured that O
K
is a UFD for innitely many real quadratic elds.
Proposition 9.6. The fact that h
K
= 1 for K = Q(

## 163) implies that

n
2
+ n + 41 is prime for 0 n 39.
Proof. Suppose n
2
+n+41 is not prime for some n < 40. Now n
2
+n+41 <
41
2
, and so n
2
+ n + 41 must have a prime factor q < 41.
Now
q[n
2
+ n + 41 =
_
n +
1
2
_
1 +

163
_
__
n +
1
2
_
1

163
_
_
.
However q clearly does not divide either factor in O
K
, and so q cannot be
prime in O
K
. Since we are in a UFD, it follows that q cannot be irreducible.
Thus q = where Norm
K/Q
() = Norm
K/Q
() = q.
If
= x + y
1 +

163
2
, x, y Z,
then
q = Norm
K/Q
() =
_
x +
y
2
_
2
+ 163
_
y
2
_
2
.
Since q is not a square we have y ,= 0, and we deduce that q 163/4 > 40,
41
For similar reasons
n
2
+ n + 17 is prime for 0 n 15 (consider Q(

67)).
n
2
+ n + 11 is prime for 0 n 9 (consider Q(

43)).
n
2
+ n + 5 is prime for 0 n 3 (consider Q(

19)).
n
2
+ n + 3 is prime for 0 n 1 (consider Q(

11)).
Example 9.7 [Paper B9 2005] Find the structure of the ideal class group
of O
K
for K = Q(

29).
Since 29 3 mod 4 we have O
K
= Z[

29], and
2
(K) = 4 29 =
116. Moreover n = 2 and s = 1, so that
c
K
=
_
2

## 116 6.9 < 7.

Thus C
K
is generated by the classes of prime ideals dividing (2), (3) and (5).
We need to factor (2), (3), (5) in O
K
, using Theorem 7.2.
x
2
+29 (x +1)
2
mod 2, so that (2) = P
2
2
where P
2
:= (2,

29 +1)
is a prime ideal of norm 2.
x
2
+ 29 x
2
1 (x + 1)(x 1) mod 3, so that (3) = P
3
P

3
where
P
3
:= (3,

29 + 1) and P

3
:= (3,

## 29 1) are distinct prime ideals

of norm 3.
x
2
+ 29 x
2
1 (x + 1)(x 1) mod 5, so that (5) = P
5
P

5
with
P
5
:= (5,

29 + 1) and P

5
:= (5,

## 29 1) being distinct prime

ideals of norm 5.
We have [P
2
]
2
= [P
3
][P

3
] = [P
5
][P

5
] = [O
K
]. Hence C
K
is generated by
[P
2
], [P
3
], [P
5
].
We proceed to nd the orders of these elements, and relations between
them:
We have Norm
K/Q
(x +y

29) = x
2
+ 29y
2
, so there are no elements in
O
K
of norms 2, 3, 5. Thus P
2
, P
3
, P
5
are not principal, and [P
2
] must
have order 2.
The only element O
K
of norm 9 is 3. Thus if P
2
3
= () we
must have P
2
3
= (3) = P
3
P

3
. However this would imply P
3
= P

3
, giving a
42
contradiction. Thus the order of [P
3
] is at least 3. Indeed it cannot have
order 3 since there are no solutions to x
2
+29y
2
= 27. We shall come back
to [P
3
] later.
Turning to [P
5
], note that 3
2
+292
2
= 125, so that N((3+2

29)) = 5
3
.
Hence (3 + 2

## 29) must be one of P

3
5
, P
2
5
P

5
, P
5
P

5
2
or P

5
3
. However 2 +
2

29 P
5
, giving 3+2

29 , P
5
. Hence P
5
does not divide (3+2

29).
It follows that (3 + 2

29) = P

5
3
, and, taking conjugates, we also have
(32

29) = P
3
5
. Hence [P
5
] has order dividing 3. Since P
5
is not principal,
it must have order exactly 3.
Finally we note that 30 = 1 +

291

29. Thus
(2)(3)(5) = (1 +

29)(1

29).
Now (2)(3)(5) = P
2
2
P
3
P

3
P
5
P

5
. So, in order to have the correct norm, we
see that (1

## 29) must be one of P

2
P
3
P
5
, P
2
P

3
P
5
, P
2
P
3
P

5
or P
2
P

3
P

5
. It
follows that at least one of these products is principal, and so one or other
(and hence both) of [P
3
] and [P

3
] = [P
3
]
1
is in the group generated by [P
2
]
and [P
5
].
We conclude that C
K
is an abelian group generated by an element of
order 2 and an element of order 3. Thus it is cyclic of order 6. (In fact
Norm(2 5

29) = 729 = 3
6
, and by the argument above we nd that
(2 + 5

29) = P
6
3
and (2 5

29) = P

3
6
.)
Example 9.8 [Paper B9 2005] Let K = Q(

## 37). Given that h

K
= 2,
prove there are no integral solutions of the equation y
2
= x
3
37.
Suppose that x, y Z are such that y
2
+37 = x
3
. Then as ideals we have
(y +

37)(y

37) = (x)
3
.
We claim that (y +

37) and (y

## 37) are coprime ideals. For suppose

that a prime ideal P divides both. Then y

2

37 P. Hence P[(2

or P[(

37).
Since O
K
= Z[

## 37], we may factor (p) = (2) and (p) = (37) in O

K
by using the decomposition of X
2
+ 37 modulo p. We have X
2
+ 37
(X +1)
2
mod 2, giving (2) = P
2
2
, where P
2
:= (2, 1 +

## 37) is a prime ideal

of norm 2. Similarly X
2
+37 X
2
mod 37 and hence (37) = (37,

37)
2
=
P
2
37
, where P
37
:= (

## 37) is prime of norm 37.

43
It follows that if P is a common factor of (y +

37) and (y

37)
then P = P
2
or P
37
. In either case, since P[(y +

## 37), we have P[(x)

3
and
taking norms we get 2[x
6
or 37[x
6
respectively. Hence either 2[x or 37[x, as
appropriate.
Suppose rstly that P = P
37
. Then 37[x, and since x
3
= y
2
+ 37 we
must also have 37[y. Thus 37
2
divides x
3
y
2
= 37, which is impossible.
Alternatively if P = P
2
, so that 2[x, we will have 8[x
3
. The equation y
2
+37 =
x
3
then implies that y
2
+ 1 0 mod 4, which is impossible.
Thus (y+

37) and (y

## 37) are coprime ideals as claimed. However

their product is (x)
3
, which is a cube. Hence by unique factorisation of ideals,
each of the two factors is a cube. In particular,
(y +

37) = I
3
for some ideal I. Since I
3
is principal, the order of [I] in C
K
divides 3.
However h
K
= 2, so I must be principal. Thus
(y +

37) = (a + b

37)
3
for some a, b Z. Hence y +

37 = u(a +b

37)
3
for some unit u O
K
.
However the only units are u = 1, which satisfy u = u
3
. Hence, on replacing
a, b by a, b if u = 1, we may assume that u = 1. Expanding and
comparing coecients we obtain
y = aa
2
111b
2
, 1 = b3a
2
37b
2
.
The second equation implies that b = 1 and 3a
2
37 = 1. Hence 3a
2
= 38
or 36, both of which are impossible.
Hence there are no solutions in integers.
10 The equation x
3
+ y
3
= z
3
In this section we will establish Fermats Last Theorem for cubes, that
x
3
+ y
3
= z
3
has no nontrivial (x, y, z all nonzero) solutions in Z.
We shall work in K = Q(

## 3). It is convenient to write

= (1 +

3)/2,
so that O
K
= Z[]. We begin by collecting together some basic facts.
44
Lemma 10.1. Let K = Q(

3) and = (1 +

3)/2.
(i) We have
3
= 1. Moreover the set of units of O
K
is 1, ,
2
.
(ii) The ring O
K
is a UFD.
(iii) The element :=

## 3 is prime, with norm 3. Moreover we have

= ()(1 ) =
2
(1
2
).
Proof. (i) To nd the unit group we note that
Norm
K/Q
(a + b) = a
2
ab + b
2
, a, b Z.
Thus if Norm
K/Q
(a + b) = 1 then (2a b)
2
+ 3b
2
= 4, giving solu-
tions (a, b) = (1, 0), (0, 1) and (1, 1), which produce the six units
specied in the lemma.
(ii) See Problem sheet 2.
(iii) Trivial.
Lemma 10.2. If Z[] and does not divide , then
3
1 mod
4
.
We may use congruences in Z[] in precisely the same way as we are used
to in Z. In particular mod means that [ .
Proof. Since N(()) = 3 the quotient Z[]/() has 3 elements, which are
clearly 0 +(), 1 +() and 1 +(), since these are distinct. It follows that
+ () = 1 + (), so that we may write = 1 + for some Z[].
We now have

3
= 1 + 3 3
2

2
+
3

3
= 1
3

4
+
3

3
,
so that
3
1 + (
3
)
3
mod
4
.
However the coset +() must be one of 0 +(), 1 +() or 1 +(), so
that 0 or 1 mod . It follows that
3
mod whichever of these 3
cases holds. This yields [
3
and so
3
1 mod
4
as required.
To prove the non-existence of nontrivial solutions in Z to x
3
+y
3
= z
3
, it is
sucient to prove there are none in Z[]; if there were a non-trivial solution
in Z[], we could remove any common factor from x, y and z; indeed any two
45
of the variables would then have to be coprime (since any common factor of
two of x, y, z would also divide the remaining variable). We shall rst show
that at least one variable must be divisible by and then that we cannot
have any variable divisible by , to obtain a contradiction.
Lemma 10.3. If
3
+
3
=
3
with , , Z[], then divides at least
one of , or .
Proof. If divides none of , , then Lemma 10.2 yields
0 =
3
+
3

3
(1) + (1) (1) 3 or 1 mod
4
.
However
4
= (3)
2
= 9 which does not divide 3 or 1.
We shall now, over the next few lemmas, show that cannot have precisely
one variable divisible by .
Lemma 10.4. Let

3
+
3
=
3n

3
with n N, with a unit of Z[] and , , Z[] with , coprime and
not divisible by . Then n 2.
Proof. If either of or is a multiple of then the equation shows that
both are, since n 1. However this is impossible, as and are assumed to
be coprime. Thus neither of them is divisible by . Now Lemma 10.2 yields

3n

3
=
3
+
3
(1) + (1) 2 or 0 mod
4
,
so that n ,= 1.
Lemma 10.5. Under the conditions of the previous lemma each of the ele-
ments + , + and +
2
is divisible by . Moreover the quotients
+

,
+

,
+
2

## are coprime in pairs.

Proof. We have
[
3
+
3
= ( + )( + )( +
2
),
46
so that must divide at least one of these factors. However is an associate
of 1 and 1
2
by Lemma 10.1. Hence
+ + +
2
mod .
It follows that all three factors are divisible by .
Moreover if divides both + and + then it divides
( + ) ( + ) = ( 1)
and also
( + ) ( + ) = (1 ).
Hence [ 1, since and are coprime. Similarly if divides both +
and +
2
then [
2
1, while if divides both + and +
2
then
[
2
. It follows in all three cases that [, since 1,
2
1 and
2

are each associates of . The second assertion of the lemma then follows.
Theorem 10.6. The equation

3
+
3
=
3n

3
with n N and a unit of Z[] has no solutions , , Z[] with ,
coprime and not divisible by .
Proof. We assume we have an admissible solution to

3
+
3
=
3n

3
,
with the minimal possible value of n. Then

3n

3
= ( + )( + )( +
2
)
and the previous two lemmas allow us to write

3(n1)

3
=
_
+

__
+

__
+
2

_
with coprime factors on the right, belonging to Z[]. Since the factors are
coprime there is one factor, ( +
j
)/ say, which is divisible by
3(n1)
.
Write =
j
; then:

3
=
_
+

3n2
__
+

__
+
2

_
47
with coprime factors on the right.
We now use the fact that Z[] is a UFD. We have three coprime factors
whose product is a unit times a cube, and we deduce that each factor must
be a unit times a cube, say
+

3n2
=
1

3
1
,
+

=
2

3
2
,

2
+
2

=
3

3
3
,
with =
1

3
(and where
2
,
3
have absorbed the extra factors ,
2
,
respectively). We now observe that

3(n1)

3
1
+
2

3
2
+
3

3
3
=
1
( + ) + ( +
2
) + (
2
+ )
= 0,
since 1 + +
2
= 0. We therefore obtain an equation

3
2
+

3
3
=

3(n1)

3
1
for appropriate units

and

. Moreover
2
and
3
are coprime, since
( +)/ and ( +
2
)/ were coprime; and does not divide
1
since it
did not divide .
After Lemma 10.4 we know that n 2, so that n 1 1 and

3
2
+

3
3
0 mod
3
.
From Lemma 10.2 we deduce that

1 mod
3
. However
3
does not
divide any of 1 or
2
1 since these are either units or associates of .
Thus only

## = 1 is possible. Hence, nally, we obtain an equation of the

form

3
2
+ (

3
)
3
=

3(n1)

3
1
,
contradicting the supposed minimality of n. This concludes the proof of the
theorem.
We are now in a position to prove our desired result.
Theorem 10.7. The equation x
3
+ y
3
= z
3
has no nontrivial (x, y, z all
nonzero) solutions in Z.
48
Proof. Any such solution must also give a solution in Z[]. Remove any
common factor from x, y, z, which means they must be coprime in pairs
(since any common factor of two of x, y, z would also divide the remaining
variable). By Lemma 10.3, at least one of x, y, z must be a multiple of ,
and indeed only one, since the variables are coprime in pairs. We extract
the largest possible power of from this variable,
n
say, and use = 1
(and replace some of x, y, z with x, y, z, as needed) to put the equation
into the form described in Theorem 10.6, which we have shown to have no
solution.
49