Fields and Galois Theory MATH5246 - School of Mathematics

Fields and Galois TheoryMATH5246Andrew Huberyahubery@maths.leeds.ac.uk

Chapter 1IntroductionGalois Theory has its orgins in the study of roots of polynomials. It is notconcerned with finding the roots, which can be done using, say, the Newton-Raphson Method (see also here for an analysis of various techniques used incomputing for finding square-roots); rather, Galois Theory is interested in theform that the roots can take.In particular, we can ask which polynomials are solvable by radicals: givena polynomialf = X n + a 1 X n−1 + · · · + a n−1 X + a n ∈ Q[X],we say f is solvable by radicals if we can express a root of f using only the fieldoperations +, −, ×, ÷ and r√ .Some polynomials are always solvable by radicals. In school one learns that fora quadratic equationf = X 2 + 2pX + q,one can complete the square to writeand hence has rootsf = (X + p) 2 + (q − p 2 ),−p ± √ p 2 − q.This was essentially known to the Babylonians (ca. 1600BC).Similarly, a polynomial of the formclearly has n √ a as a root.f = X n − aThe question thus becomes: is every polynomial of degree n solvable by radicals?If yes, is there a general formula giving a root of all polynomials of degree n? Ifno, can we determine which polynomials are solvable by radicals?1

In the sixteenth century, Ferro and Fontana (nicknamed Tartaglia because ofhis stutter) discovered a general formula which workes for all cubic polynomials.For example, the polynomialf = X 3 + 3X + 2has as a root the number√3−1 + √ 2 + 3√ −1 − √ 2.On the other hand, you should be careful what you wish for: this general methodgives, for the polynomialf = X 3 − 15X − 4,the root3√2 + 11i +3 √ 2 − 11i,which is a rather complicated way of expressing the number 4.Soon after, Ferrari gave a general method for solving quartic polynomials. Thesemethods were published by Cardano, Ferrari’s mentor, in his Ars Magna in 1545.This proved that all polynomials of degree four are solvable by radicals, and infact that there is a general formula which works for all such polynomials. It tookanother three hundred years until Abel showed in 1824 that there is no formulagiving a radical expression for the root of all quintic polynomials. His result wasbased on an incomplete proof by Ruffini, and used the ideas of permutations,so was the beginning of group theory.Finally Galois in 1830 developed the ideas of group theory in order to decidewhich polynomials are solvable by radicals and which are not, and hence explainwhy there is no general method for finding roots of polynomials of degree five.His method allows one to prove, for example, that the polynomial X 5 − X − 1is not solvable by radicals.1.1 A Modern ApproachFrom a modern perspective, we replace the study of a polynomial by the studyof the field extension generated by its roots. We then consider the group of allfield automorphisms of this field extension, called the Galois group of the fieldextension. So, if K is a subfield of L, we consider the groupGal(L/K) := {field automorphisms σ of L fixing every element of K}.If f ∈ K[X] is a polynomial, and L is the field generated by all the roots of f,then we write Gal(f) for Gal(L/K).As a simple example, the roots of f = X 2 +1 ∈ R[X] are ±i ∈ C. Since C = R(i),we need to understand the group of all field automorphisms of C which fix R.2

Any such automorphism σ is determined by σ(i), and since i 2 = −1, we musthave σ(i) 2 = −1, so σ(i) = ±i. In fact, both of these are allowed, soGal(X 2 + 1) = Gal(C/R) ∼ = Z/2Zis a cyclic group of order two. This group is generated by the automorphismσ : x + iy ↦→ x − iy, which is just complex conjugation.In other words we can construct C from R by ‘adding in’ a root of the polynomialX 2 + 1. From the point of view of R, however, we cannot distinguish betweenthe two roots ±i, and in a sense this is why complex conjugation exists.As a more involved example, we can consider the polynomial f = X 3 −2 ∈ Q[X].This has roots 3√ 2, ω 3√ 2, ω 2 3 √ 2, where ω = 1 2 (−1 + i√ 3) is a primitive cube rootof unity, so the field generated by the roots is Q( 3√ 2, ω).Now, any field automorphism σ must permute the roots; for if α 3 = 2, thenσ(α) 3 = 2. Also, since ω = ( ω 3√ 2 ) / ( 3 √ 2 ) is a quotient of two such roots, wesee that σ is completely determined by how it permutes the roots. This in factgives an injective group homomorphism from the Galois group to the symmetricgroup Sym 3 .Next, since exactly two of the roots are complex, we see that complex conjugationis a field automorphism, givingτ ∈ Gal(Q( 3√ 2, ω)/Q),3√2 ↦→3 √ 2, ω ↦→ ω 2 .On the other hand, the general theory will tell us that the map 3√ 2 ↦→ ω 3√ 2 canbe extending to a field automorphism, givingσ ∈ Gal(Q( 3√ 2, ω)/Q),3√2 ↦→3 √ 2, ω ↦→ ω.Looking at the corresponding permutations, we get that τ is a transposition,whereas σ is a 3-cycle. We know that these elements generate the full symmetricgroup, soGal(Q( 3√ 2, ω)/Q) ∼ = Sym 3 .If instead we had just added in one of the roots, say 3√ 2, then we wouldn’thave had enough symmetries. In fact, the only field automorphism of Q( 3√ 2)is the identity. This helps explain why we need to include all the roots of thepolynomial.1.2 Galois’ TheoremOne of the main theorems of this course will be the following.Theorem 1.1. A polynomial f is solvable by radicals if and only if the groupGal(f) is solvable.Moreover, there exists for each n an irreducible polynomial f ∈ Q[X] havingGalois group Gal(f) = Sym n .3

Since Sym n is solvable if and only if n ≤ 4, we conclude that there exist quinticpolynomials which are not solvable by radicals. The polynomial X 5 − X − 1mentioned earlier is one such quintic.The Galois group of a field extension L/K tells us a lot about the internalstructure of the field L. In fact, in certain nice cases, there is an order-reversingbijection between the lattice of subfields of L containing K and the lattice ofsubgroups of Gal(L/K). This is called the Galois Correspondence. As aconsequence we see that in these cases there are only finitely many subfields ofL containing K, a fact which is far from obvious.This passing between subgroups and subfields is an important and extremelyuseful observation. One should remark that group theory was in its infancy atthat time, and in fact the abstract notion of a group had yet to be given. Galoiswas one of the first to appreciate the fundamental importance of groups, andnowadays this idea of studying an object by first understanding its symmetriesis prevalent in modern mathematics and physics.Let us discuss our approach to proving Galois’ Theorem. Recall that a polynomialf is solvable by radicals if we can write a root of f using just +, −, ×, ÷ andr√. More generally, we say that a field extension L/K is a radical extensionif there exists a chain of subfieldsK = K 0 ⊂ K 1 ⊂ · · · ⊂ K n = Lsuch that K i+1 is formed from K i by extracting an r-th root of an element inK i . In other words, we adjoin an element λ i such that λ r i ∈ K i. We observethat if L/K is radical, then every element of L can be obtained by repeated useof +, −, ×, ÷, r√ .The Galois correspondence now furnishes us with a chain of subgroups{id} = Gal(L/L) ≤ · · · ≤ Gal(L/K 1 ) ≤ Gal(L/K).We would like to say that if K i+1 /K i is formed by adjoining an r-th root,then Gal(K i−1 /K i ) is a cyclic group of order r. From this it would follow thatthe chain of subgroups described above is a subnormal series (each subgroupis normal in the next) with cyclic subquotients, and hence that Gal(L/K) is asolvable group.Unfortunately this is not true in general, but it is true once we assume that wehave enough roots of unity in the field K. We therefore have to apply a fewtechnical tricks to complete the proof.4

Chapter 2Background Material2.1 Rings and AlgebrasAs mentioned in the introduction, Galois Theory involves the study of automorphismsof fields. In fact, we often consider a field L containing another field Kas a subfield, and we want to understand the field automorphisms of L which fixevery element of K. For example, complex conjugation is a field automorphismof C which fixes every element of R.The appropriate language is therefore that of algebras. Given a field K, a K-algebra is a ring R containing K as a subfield. A K-algebra homomorphismf : R → S is a ring homomorphism such that f(x) = x for all x ∈ K. We observethat every K-algebra is a fortiori a K-vector space, and that every K-algebrahomomorphism is a K-linear map. 1Examples include the polynomial ring K[X] and field extensions such as Q ⊂R or R ⊂ C. Also, if R is a K-algebra and I ⊳ RA a proper ideal, thenthe quotient ring R/I is again a K-algebra. For, we have a non-zero ringhomomorphism K → R → R/I, which is therefore injective since K is a field.We may subsequently identify K with its image inside R/I, giving the quotientR/I the structure of a K-algebra. In particular, if f ∈ K[X] is a non-constantpolynomial, then the quotient ring K[X]/(f) is a K-algebra.2.2 Polynomial RingsLet K be a field, and let K[X] be the ring of polynomials in one variable overK. The degree map on K[X] is given bydeg(f) = d provided f = a 0 X d + · · · + a 1 X + a d with a 0 ≠ 0,deg(0) = −∞.1 It is sometimes better to consider R together with a ring homomorphism ι R : K → R.Then a K-algebra homomorphism f : R → S is a ring homomorphism such that ι R = ι S f.5

This satisfiesdeg(fg) = deg(f) + deg(g) and deg(f) = 0 ⇔ f ∈ K × .Using this we see that K[X] is an integral domain (it has no zero-divisors), andalso that the only units in K[X] are the non-zero constants, so elements of K × .Theorem 2.1. The polynomial ring K[X] is a principal ideal domain.In fact, every non-zero ideal is generated by a monic polynomial, and this polynomialis uniquely determined by the ideal.Proof. The zero ideal (0) is clearly principal, so let I be a non-zero ideal inK[X] and let 0 ≠ f ∈ I have minimal degree. By dividing through, we mayfurther assume that f is monic. We will show that I = (f).Take g ∈ I. By the Division Algorithm we can write g = qf + r for some q andr with deg(r) < deg(f). Rearranging gives r = g − qf ∈ I, so by the minimalityof f we must have r = 0, and hence g = qf ∈ (f). This proves that I ⊂ (f),and since f ∈ I we have equality.To see that f is unique, suppose that g is monic and I = (g). Swapping theroles of f and g in the above argument gives f = q ′ g, and so f = qq ′ f. Henceqq ′ = 1, so q, q ′ ∈ K × . Finally, since both f and g are monic and g = qf, wededuce that q = 1 and that f = g.We call a polynomial f irreducible provided that f is non-constant and wheneverf = gh, one of g or h is a unit. Similarly, we call a polynomial f primeprovided that f is non-constant and if f divides gh, then f divides one of g orh. Clearly every prime is irreducible, but in fact the converse also holds.Proposition 2.2. Every irreducible polynomial f is prime, and (f) is even amaximal ideal.Proof. Let f ∈ K[X] be irreducible, and suppose that (f) ⊂ (g). Then f = ghfor some h, and since f is irreducible, either g is a unit, in which case (g) = K[X],or else h is a unit, in which case (g) = (f). Thus (f) is a maximal ideal.To see that f is prime, suppose that f divides gh, but that f does not divideg. Since (f) is a maximal ideal and g ∉ (f) we must have that (f, g) = K[X].Thus there exist polynomials a and b with af + bg = 1. Multiplying by h givesafh + bgh = h, and since f divides gh, it divides the left-hand side, and hencef divides h.The next theorem states that K[X] is a unique factorisation domain.Theorem 2.3. Every non-zero polynomial f ∈ K[X] can be written as f =af 1 · · · f n , where a ∈ K × is a unit and the f i ∈ K[X] are monic and irreducible.Moreover, such an expression is unique up to the ordering of the f i .6

Proof. Let f ∈ K[X] be non-constant. If f is irreducible, then we can writef = af 1 , where f 1 is monic and a ∈ K × . Otherwise, if f is not irreducible, thenthere exists some expression f = gh with g and h non-constant polynomials.Now 0 < deg(g), deg(h) < deg(f), so by induction on degree we can expressboth g and h, and hence also f, in the desired form.Suppose now that f = af 1 · · · f m = bg 1 · · · g n , where a, b ∈ K × and f i , g j ∈K[X] are monic and irreducible. By comparing leading coefficients we see thata = b.From Proposition 2.2 we know that K[X]/(f 1 ) is a field. Writing ¯h for theimage of a polynomial h in K[X]/(f 1 ), we have that ¯f = 0, so ḡ 1 · · · ḡ n = 0 andhence ḡ i = 0 for some i. After reordering, we may assume that ḡ 1 = 0. Theng 1 ∈ (f 1 ), so g 1 = uf 1 for some u. Since g 1 is irreducible and f 1 is not a unit, umust be a unit. Finally, since f 1 and g 1 are both monic, u = 1 and so f 1 = g 1 .It follows that f 2 · · · f m = g 2 · · · g n , so by induction on degree we have m = nand, after reordering, f i = g i for all i.2.3 Roots of PolynomialsGiven α ∈ K, we have a K-algebra homomorphism ev α : K[X] → K sendingX ↦→ α. This is called the evaluation map. We write f(α) for the imageof f in K and say that α is a root of a polynomial f ∈ K[X] provided thatf(α) = 0.Now, the evaluation map is surjective, so its kernel I is a maximal ideal. ClearlyX − α ∈ I, but by Proposition 2.2 the ideal (X − α) is also maximal, soI = (X − α). Therefore α is a root of f if and only if f ∈ (X − α), which is ifand only if X − α divides f.Using that K[X] is a unique factorisation domain, Theorem 2.3, it now followsthat a polynomial of degree d has at most d roots in K, counted withmultiplicities.We say that a polynomial f splits over K provided that it has precisely d rootsin K, counted with multiplicities. Equivalently, f factorises as a product oflinear polynomials in K[X].2.4 Irreducibility CriteriaWe now recall some facts about integer polynomials f ∈ Z[X].Analogous to the case of polynomials over fields, we can talk about divisibilityof integer polynomials, and hence about irreducible and prime polynomials.The situation is slightly more complicated, however, since although Z[X] is stilla unique factorisation domain, it is no longer a principal ideal domain. Forexample, the ideal (2, X 2 + X + 1) is prime but not principal. In fact, thequotient ring Z[X]/(2, X 2 + X + 1) is a field with four elements.7

We therefore introduce a new concept. An integer polynomial f = a 0 X d +· · · + a d−1 X + a d ∈ Z[X] is said to be primitive if gcd(a 0 , a 1 , . . . , a d ) = 1. Inparticular, all monic polynomials are primitive.We recall the following three results concerning the irreducibility of integerpolynomials. Their proofs are included in the handout.Lemma 2.4 (Gauss’ Lemma). If f ∈ Z[X] is primitive, then it is irreducibleover Z if and only if it is irreducible over Q.Lemma 2.5 (Eisenstein’s Criterion). Let f = a 0 X d + · · · + a d−1 X + a d ∈ Z[X]be primitive. Suppose that there exists a prime p such that p|a i for i = 1, . . . , d,but p ∤ a 0 and p 2 ∤ a d . Then f is irreducible.Lemma 2.6 (Rational Root Test). Let f = a 0 X d + · · · + a d ∈ Z[X]. If α =p/q ∈ Q is a root of f such that gcd(p, q) = 1, then p|a d and q|a 0 .In general, it is difficult to determine whether a given polynomial is irreducibleor not, and to find its decomposition into irreducible factors. One can comparethis to the problem of determining whether a given number is prime, and offinding its prime factorisation.Let K be a field and f ∈ K[X]. Clearly if deg(f) = 1, then f is irreducible.Also, if deg(f) = 2 or 3, then f is irreducible if and only if it has no linearfactor, which is if and only if it has no root in K. If deg(f) = 4, though, itcould have a decomposition into two irreducible quadratic polynomials.Suppose K = Q. Clearing denominators, we may assume f ∈ Z[X] is primitive.Then by Gauss’ Lemma, f is irreducible over Q if and only if it is irreducibleover Z. Moreover, by the Rational Root Test, we know the possible rationalroots of f. In particular, if f is monic, then any rational root is in fact integral.For higher degrees, we can also use Eisenstein’s Criterion. This is particularlyuseful if we combine it with a suitable linear change of variables Y = X − a.For example, if p is a prime, then the polynomial f = X p−1 + · · · + X + 1 isirreducible. For, we have f = (X p − 1)/(X − 1), and so applying the linearchange of variables Y = X − 1 we see that( pf(Y ) = ((Y + 1) p − 1)/Y = Y p−1 + pY p−2 + · · · + Yr)r−1 + · · · + p.Since p is a prime, each binomial coefficient ( pr)for 0 < r and hencealso f(X), is irreducible.Another powerful method is reduction modulo a prime p. We write F p for thefield Z/pZ. Consider the surjective ring homomorphism Z[X] → F p [X], f ↦→ ¯f.If f = gh ∈ Z[X], then clearly ¯f = ḡ¯h ∈ F p [X]. Thus if ¯f is irreducible over F pfor some prime p, then f itself must be irreducible over Z.Variations of this idea can also be applied. For example, suppose that we aregiven f ∈ Z[X] of degree 4. Using the Rational Root Test, we may assume8

that f has no linear factors, so that if f = gh has a proper factorisation, thendeg(g) = deg(h) = 2. Now suppose that ¯f ∈ F p [X] factors as ¯f = rs with r, sirreducible, deg(r) = 1, deg(s) = 3. This is incompatible with any factorisationf = gh with deg(g) = deg(h) = 2, so f must itself be irreducible.Finally we remark that there are computer algorithms for factorising polynomials.Over the integers one can use the LLL algorithm, whereas over a finite fieldone can use the Cantor-Zassenhaus algorithm. Both of these algorithms run inpolynomial time (viewed in terms of the degree of the polynomial).Examples1. f = X 2 − 2 ∈ Z[X]. Eisenstein tells us that f is irreducible over Z, soby Gauss’ Lemma, f is irreducible over Q. In other words, √ 2 is not arational number.2. f = 2 9 X5 + 5 3 X4 + X 3 + 1 3. Clearing denominators we have g = 9f =2X 5 + 15X 4 + 9X 3 + 3. We can use Eisenstein’s Criterion with p = 3 todeduce that g, and hence f, is irreducible.3. f = X 3 − 7X 2 + 3X + 3. The only possible rational roots are ±1, ±3.Checking, we see that f = (X−1)(X 2 −6X−3) as a product of irreducibles.4. f = X 4 + 15X 3 + 7. Working over F 2 , we have ¯f = X 4 + X 3 + 1. Thishas no linear factor, since neither 0, 1 are roots of ¯f over F 2 . Suppose¯f = (X 2 + aX + b)(X 2 + cX + d)= X 4 + (a + c)X 3 + (b + ac + d)X 2 + (ad + bc)X + bd.From the constant term we see that b = d = 1. Therefore the the coefficientof X gives a + c = 0, whereas the coefficient of X 3 gives a + c = 1, acontradiction. So ¯f is irreducible over F 2 , whence f is irreducible over Z.5. Consider f = X 4 + 1 and its factorisations over various finite fields:p ¯f p ¯f2 (X + 1) 4 7 (X 2 + 3X + 1)(X 2 − 3X + 1)3 (X 2 + X − 1)(X 2 − X − 1) 11 (X 2 + 3X − 1)(X 2 − 3X − 1)5 (X 2 + 2)(X 2 − 2) 13 (X 2 + 5)(X 2 − 5)Either f is irreducible or else the product of two irreducible quadratics,but the above data give no further information. However, making thesubstitution Y = X − 1 we get (Y + 1) 4 + 1 = Y 4 + 4Y 3 + 6Y 2 + 4Y + 2.Applying Eisenstein with p = 2 we see that f is irreducible.9

Chapter 3Field Extensions3.1 The Tower LawLet L be a field and K ⊂ L a subfield. We write L/K and call L a fieldextension of K. We observe that L is a K-algebra, so in particular a K-vectorspace. We denote its dimension by [L : K] and call this the degree of theextension. We say that L/K is a finite field extension if [L : K] is finite.Clearly L = K if and only if [L : K] = 1.Let M/L and L/K be field extensions. Then M/K is again field extension, andwe call M/L/K a tower of fields.Theorem 3.1 (Tower Law). Let M/L/K be a tower of fields. Then[M : K] = [M : L][L : K].In particular, M/K is finite if and only if both M/L and L/K are finite.Proof. Let {α i : i ∈ I} be a K-basis of L and {β j : j ∈ J} an L-basis of M. Weclaim that the set of products {α i β j : (i, j) ∈ I × J} is a K-basis of M.Linear Independence. Suppose that we have a finite sum ∑ i,j λ ijα i β j = 0,where λ ij ∈ K. We can rewrite this as ∑ ( ∑j i λ )i,jα i βj = 0. Since thecoefficients of the β j lie in L we deduce that ∑ i λ i,jα i = 0 for all i, and thenthat λ i,j = 0.Spanning. Take θ ∈ M. We can write θ = ∑ j µ jβ j as a finite sum withcoefficients µ j ∈ L. Now write µ j = ∑ i λ ijα i as a finite sum with coefficientsλ ij ∈ K. Then θ = ∑ i,j λ ijα i β j as required.3.2 Algebraic and Transcendental ElementsLet L/K be a field extension. Given α ∈ L we have a K-algebra homomorphismev α : K[X] → L sending X ↦→ α, which we again call the evaluation map. We10

say that α ∈ L is a root of f ∈ K[X] provided that f(α) = 0; this is if and onlyif X − α divides f as polynomials in L[X]. As before, a polynomial f ∈ K[X]of degree d has at most d roots in L (with multiplicities).Changing perspective, we say that α ∈ L is algebraic over K provided it is theroot of some polynomial f ∈ K[X]; otherwise, we say that α is transcendentalover K. We call a field extension L/K algebraic provided that every α ∈ L isalgebraic over K.The image of the evaluation map ev α : K[X] → L is a subring of L, so anintegral domain, which we denote by K[α]. Moreover, since L is a field, thequotient field K(α) of K[α] is a subfield of L. We observe that K[α] is thesmallest subring of L containing both K and α, and similarly that K(α) is thesmallest subfield of L containing both K and α.Since the image of the evaluation map is an integral domain its kernel must bea prime ideal of K[X].Theorem 3.2. Let L/K be a field extension and α ∈ L. Then there are twopossibilities:1. (i) α is algebraic over K.(ii) Ker(ev α ) = (m α/K ) for some monic irreducible polynomial m α/K .(iii) K(α) = K[α].(iv) [K(α) : K] = deg(m α/K ) is finite.2. (i) α is transcendental over K.(ii) ev α injective.(iii) K(α) ≠ K[α].(iv) [K(α) : K] is infinite.Proof. By definition, α is algebraic over K if and only if the kernel of theevaluation map ev α is non-zero, and then by Proposition 2.2 it is a maximalideal generated by a monic irreducible polynomial m α/K . This in turn impliesthat K[α] = K[X]/(m α/K ) is a field, so equals K(α), and hence [K(α) : K] =deg(m α/K ) is finite.On the other hand, α is transcendental over K if and only if the kernel iszero, or equivalently the evaluation map is injective. This in turn implies thatK[α] ∼ = K[X] is not a field, so K[α] ≠ K(α) and K(α) is infinite dimensionalover K.This proves that, for both cases, (i) is equivalent to (ii), and these imply both (iii)and (iv). Finally, if either K(α) = K[α] or [K(α) : K] is finite, then α cannotbe transcendental, so must be algebraic. Similarly, if either K(α) ≠ K[α] or[K(α) : K] is infinite, then α cannot be algebraic, so must be transcendental.For a field extension L/K and an element α ∈ L algebraic over K, we call themonic irreducible polynomial m α/K ∈ K[X] the minimal polynomial of αover K. It is uniquely determined by α and K.11

Corollary 3.3. Let L/K be a field extension, α ∈ L algebraic over K, andf ∈ K[X]. Then α ∈ L is a root of f if and only if m α/K divides f aspolynomials in K[X].Proof. We know that α is a root of f if and only if f(α) = 0, which is if andonly if f lies in the ideal Ker(ev α ) = (m α/K ).The next result is important since it allows us to construct field extensions ofK without reference to any other field.Corollary 3.4 (Kronecker). Let f ∈ K[X] be non-constant. Then there existsa finite field extension L/K in which f has a root. In fact, we may assume that[L : K] ≤ deg(f).Proof. Let g be a monic irreducible factor of f in K[X] and set L := K[X]/(g).Then L is a finite-dimensional K-algebra, of dimension deg(g) ≤ deg(f), andsince (g) is a maximal ideal it is also a field. Thus L/K is a finite field extension.Set α to be the image of X in L. Then the evaluation map ev α/K has kernel(g), so contains f. In other words, α is a root of f in L.Examples1. C/R and i ∈ C. Then m i/R = X 2 + 1.2. C/Q and √ 2 ∈ C. Then m √ 2/Q = X2 − 2.3. C/R and √ 2 ∈ R. Then m √ 2/R = X − √ 2.4. C/Q and ζ = exp(2πi/5) ∈ C. Then m ζ/Q = X 4 + X 3 + X 2 + X + 1.5. π, e ∈ R are transcendental over Q (hard).In fact, Hilbert’s Seventh Problem, from his address to the ICM in 1900, posedthe following problem:If a and b are algebraic, with a ≠ 0, 1 and b irrational, then is a bnecessarily transcendental?This was proved in 1934, independently by Gelfond and Schneider. For example,the number √ 2√2is transcendental (but note that ((√2)√2) √2 = 2 is againrational).We remark that being algebraic or transcendental is a relative notion, since itdepends on the base field. For example, it is known that π ∈ R is transcendentalover Q, but it is clearly algebraic over R. In fact, for any field K, α ∈ K isalgebraic over K.12

3.3 Intermediate FieldsLet L/K be a field extension. An intermediate field of L/K is a subfield Eof L containing K, in which case L/E/K is a tower of fields.Given a subset S ⊂ L, we write K[S] for the smallest subring of L containingboth K and S, and K(S) for the smallest such subfield. Note that K[S] is anintegral domain and K(S) is its quotient field.This definition makes sense since if A i are subrings (respectively subfields) of Lcontaining K and S, then so too is their intersection ⋂ i A i.If S = {α 1 , . . . , α n } is a finite set, then we can describe K[S] = K[α 1 , . . . , α n ]as the image of the K-algebra homomorphismK[X 1 , . . . , X n ] → L, X i ↦→ α i .This extends the case discussed above of a single element K[α].We say that L/K is finitely generated provided L = K(α 1 , . . . , α n ) for somefinite set of elements α 1 , . . . , α n . Every finite field extension is finitely generated,since if α 1 , . . . , α n is a K-basis for L, then clearly L = K(α 1 , . . . , α n ). IfL = K(α), then we say that the field extension L/K is simple, and call α aprimitive element for the field extension.If E and F are two intermediate fields of L/K, then we define their compositumEF to be the smallest subfield of L containing both of them. In thenotation above we have EF = E(F ) = F (E).We remark that in all of the above constructions we need the ambient fieldL. In particular, if we are given two field extensions E/K and F/K, there isno natural way to construct a field extension L/K containing both E and F ;we can only talk about the compositum EF when both E and F are alreadysubfields of some larger field L.RemarkThe definition of a compositum of two fields requires an ambient field. If Eand F are field extensions of K, we could instead consider the tensor productE ⊗ K F and take a maximal ideal I. Then E ⊗ K F/I is again a field and we haveembeddings E, F → E ⊗ K F/I. The problem is that this definition depends onthe choice of I.For example, ifthenE ∼ = F ∼ = Q[X]/(X 3 − 2) ∼ = Q( 3 √2),E ⊗ K F ∼ = Q[X, Y ]/(X 3 − 2, X 3 − Y 3 )∼= Q[X, Y ]/ ( X 3 − 2, (X − Y )(X 2 + XY + Y 2 ) ) .13

We have maximal idealsgiving fieldsI = (X 3 − 2, X − Y ) and J = (X 3 − 2, X 2 + XY + Y 2 ),E ⊗ K F/I ∼ = Q[X]/(X 3 − 2) ∼ = Q( 3 √2),E ⊗ K F/J ∼ = Q[X, Z]/(X 3 − 2, Z 2 + Z + 1) ∼ = Q( 3 √2, ω).Here we have made the substitution Z = Y/X and written ω for a primitivecube root of unity.We observe that[E ⊗ K F/I : Q] = 3 and [E ⊗ K F/J : Q] = 6,so the fields are not isomorphic.3.4 Primitive Element TheoremRecall that a field extension L/K is simple if there exists some α ∈ L such thatL = K(α), in which case we call α a primitive element for L/K. We now givea useful criterion showing when a finite field extension is simple.Theorem 3.5 (Primitive Element). Let L/K be a finite extension. Then L/Kis simple if and only if L/K has only finitely many intermediate fields.Proof. Suppose first that L = K(α) is a finite and simple field extension of K.Then α is algebraic over K, say with minimal polynomial m = m α/K ∈ K[X].Consider the map φ sending an intermediate field F of L/K to the polynomialm α/F , viewed as a polynomial over L. Since α is a root of m, we know thatm α/F divides m over F , and hence also over L. Thus φ(F ) is a monic polynomialdividing m over L, so the image of φ is a finite set.We also have a map ψ from the monic polynomials dividing m to the intermediatefields of L/K, sending the polynomial f = X n + a n−1 X n−1 + · · · + a 1 X + a 0to the field F = K(a 0 , a 1 , . . . , a n−1 ) generated over K by the coefficients of f.We wish to show that ψφ = id, so that ψ is a left inverse for φ, and hence that φis injective. Since the image of φ is finite we deduce that L/K has only finitelymany intermediate fields.Let F be an intermediate field of L/K and let f := φ(F ) = m α/F be theminimal polynomial of α over F . Then L = F (α), so [L : F ] = deg(f). Now letF ′ := ψ(f) be the intermediate field generated by the coefficients of f. Sinceeach coefficient of f lies in F we clearly have F ′ ⊂ F , and so [L : F ′ ] ≥ [L :F ] = deg(f). On the other hand we also have L = F ′ (α), and since α is a rootof f ∈ F ′ [X] we must have [L : F ′ ] ≤ deg(f). Thus [L : F ′ ] = deg(f), so by theTower Law [F : F ′ ] = 1, whence F = F ′ . This proves that ψφ = id.14

For the other direction, we separate the proof into two cases, depending onwhether or not K is an infinite field.Let L/K be a finite field extension having only finitely many intermediate fields.Suppose that K is an infinite field. We show that for any α, β ∈ L there existsλ ∈ K such that K(α, β) = K(α + λβ).For convenience set θ λ := α + λβ. Now, since L/K has only finitely manyintermediate fields, but K is infinite, there exist λ ≠ µ ∈ K with K(θ λ ) =K(θ µ ). Thus bothβ = θ λ − θ µλ − µandα = λθ µ − µθ λλ − µlie in K(θ λ ), so that K(α, β) = K(θ λ ). This proves the claim.By induction, given α 1 , . . . , α n ∈ L, there exist λ 2 , . . . , λ n ∈ K such thatK(α 1 , . . . , α n ) = K(α 1 + λ 2 α 2 + · · · + λ n α n ).Since L/K is finite, it is finitely generated and hence simple.If, on the other hand, K is a finite field, then so too is L, and hence L × is acyclic group by the lemma below. Let α be a generator for this group. Thenclearly L = K(α), so L/K is simple.It remains to prove the following lemma.Lemma 3.6. Let G be a finite group such that, for all m ≥ 1, there are at mostm elements x ∈ G such that x m = 1. Then G is cyclic.In particular, if G is a finite subgroup of the multiplicative group K × of somefield K, then G is cyclic. If K is a finite field, then K × is a cyclic group.Proof. Write θ(m) for the number of elements in G of order m. If θ(m) > 0,then there exists some element g ∈ G of order m, and so 〈g〉 ≤ G is a cyclicgroup of order m. This contains m elements, all of which satisfy x m = 1, so byour assumption on G these are the only such elements. We deduce that θ(m)equals the number of generators of this subgroup, which we know is given byEuler’s totient (or phi) function:φ(m) := |{1 ≤ d ≤ m : gcd(d, m) = 1}|.It follows that θ(m) is either zero or equals φ(m).Now, Lagrange’s Theorem tells us that every element in G has order dividingn := |G|, so n = ∑ m|nθ(m). On the other hand, by considering the case of acyclic group, we know that n = ∑ m|nφ(m). Since θ(m) ≤ φ(m) for all m|n, wededuce that θ(m) = φ(m) for all m|n. In particular, θ(n) = φ(n) > 0, so G hasan element of order n, so G is cyclic.If K is a field, then there are at most m solutions to the equation X m = 1 inK. Thus each finite subgroup of K × is cyclic. If K is a finite field, then K ×itself is a finite group, so cyclic.15

Chapter 4Field EmbeddingsLet L be a field. Recall that a field automorphism of L is a bijective ringhomomorphism σ : L → L. We denote the set of all field automorphisms of Lby Aut(L), and observe that this is a group under composition.Let G ≤ Aut(L) be a subgroup of field automorphisms of L. We define its fixedfield to beL G := {x ∈ L : σ(x) = x for all σ ∈ G}.Note that L G is indeed a subfield of L.Conversely, if K is a subfield of L, then we may consider the set of K-algebraautomorphisms, or simply K-automorphisms, of LGal(L/K) := {σ ∈ Aut(L) : σ(x) = x for all x ∈ K}.Note that this is a subgroup of Aut(L). We call Gal(L/K) the Galois groupof the field extension L/K.More generally, let F/K be another field extension. We write Hom K (F, L) forthe set of K-algebra homomorphisms, or simply K-embeddings, F → LHom K (F, L) := {σ : F → L : σ(x) = x for all x ∈ K}.Recall that every such K-embedding is an injective linear map of K-vectorspaces. In particular, if L/K is finite, then Hom K (L, L) = Gal(L/K).The next proposition relates some of these concepts. As usual, given a group Gand a subgroup H ≤ G, we write (G : H) for the set of left cosets of H in G, and[G : H] for the number of such cosets. Thus [G : H] = |G|/|H| by Lagrange’sTheorem.Proposition 4.1. Let L/F/K be a tower of field extensions.1. Composing with the inclusion F ↩→ L gives an injection Gal(F/K) ↩→Hom K (F, L), whose image is precisely those field embeddings having imageF ; that is, the set of σ : F → L with σ(F ) = F .16

2. Gal(L/F ) ≤ Gal(L/K) is a subgroup, and restriction to F gives an injection( Gal(L/K) : Gal(L/F ) ) ↩→ Hom K (F, L).Proof. 1. Composition with the inclusion map ι is clearly injective, and ifσ ∈ Gal(F/K), then ισ clearly has image F . Conversely, if τ ∈ Hom K (F, L)has image F , then it restricts to a K-automorphism σ of F , so τ = ισ andσ ∈ Gal(F/K).2. Since K ⊂ F , any F -automorphism of L is necessarily a K-automorphism,whence Gal(L/F ) ≤ Gal(L/K). Restriction to F now gives a map Gal(L/K) →Hom K (F, L). Moreover, σ and τ restrict to the same K-embedding if and onlyif σ −1 τ fixes F . This happens if and only if σ −1 τ ∈ Gal(L/F ), or equivalentlyτ ∈ σ Gal(L/F ), giving the required injective map from left cosets to fieldembeddings.4.1 Artin’s Extension TheoremLet F/K and L/K be finite field extensions. We saw above that we are interestedin K-embeddings F → L. One way of constructing these is to start withthe field embedding K → L, and then to iteratively ‘add in’ the elements of F .More precisely, suppose that F = K(α 1 , . . . , α n ), and set F i := K(α 1 , . . . , α i ).Then F i = F i−1 (α i ) is a simple field extension, so if we have constructed a fieldembedding σ i : F i → L, we just need to understand when we can extend thisto a field embedding σ i+1 : F i+1 → L. This is the content of Artin’s ExtensionTheorem.We need some terminolgy. Let F/K be a field extension and ι: K → L a fieldembedding. We say that a field embedding σ : F → L extends ι provided thatσ(x) = ι(x) for all x ∈ K.Theorem 4.2 (Artin’s Extension Theorem). Let K(α)/K be a finite, simplefield extension.1. If L/K is another field extension, then the K-embeddings σ : K(α) → Lare in bijection with the roots of m α/K in L, the bijection being given byσ ↦→ σ(α).2. More generally, if ι: K → L is a field embedding, then the extensionsσ : K(α) → L of ι are in bijection with the roots of ι(m α/K ) in L.Proof. For convenience set m := m α/K . We have a K-algebra isomorphismK[X]/(m) −→ ∼ K(α) via X ↦→ α. By the Factor Lemma we know that K-embeddings σ : K(α) → L are in bijection with K-algebra homomorphisms˜σ : K[X] → L such that ˜σ(m) = 0. Now, each K-algebra homomorphism˜σ : K[X] → L is completely determined by the element β := ˜σ(X), in whichcase ˜σ = ev β , and then ˜σ(m) = 0 if and only if β is a root of m.17

In particular, we can have a strict inequality in Proposition 4.1 (2).We observe that the field embedding ι 1 : F → L, √ 2 ↦→ √ 2, can beextended in two different ways to an automorphism of L, namely thetwo automorphisms 4√ 2 ↦→ ± 4√ 2. On the other hand, the field embeddingι 2 : F → L, √ 2 ↦→ − √ 2 cannot be extended to an automorphism of L.This agrees with Artin’s Extension Theorem, since the minimal polynomialof 4√ 2 over F is X 2 − √ 2 (why?). Then ι 1 (X 2 − √ 2) = X 2 − √ 2, andthis has two roots in L, namely ± 4√ 2. On the other hand, ι 2 (X 2 − √ 2) =X 2 + √ 2, and this has no roots in L, since both its roots are complex.5. Consider instead M = Q( 6√ 2). Then the minimal polynomial of6√2 overF = Q( √ 2) is n := X 3 − √ 2. Then ι 1 (n) = n has exactly one root in M,namely 6√ 2, and ι 2 (n) = X 3 + √ 2 also has exactly one root in M, namely− 6√ 2. Thus ι 1 and ι 2 can both be extended uniquely to automorphismsof M.6. We now compute all embeddings Q(α, ω) → C, where α = 3√ 2 and ω =exp(2πi/3) as above. We begin by noting that [Q(α, ω) : Q] = 6. For,we know that [Q(ω) : Q] = 2 and that [Q(α) : Q] = 3. It follows fromthe Tower Law that both 2 and 3, and hence 6, divide [Q(α, ω) : Q].On the other hand, we know that α is a root of X 3 − 2 over Q(ω), so[Q(α, ω) : Q(ω)] ≤ 3, whence [Q(α, ω) : Q] ≤ 6.In particular, X 3 − 2 is the minimal polynomial of α over Q(ω).We have already computed all embeddings Q(ω) → C, namely the identityand complex conjugation τ : ω ↦→ ω 2 . Clearly both fix the minimal polynomialX 3 − 2 of α, and since this polynomial has three distinct roots inC, we see that both id and τ extend in three different ways to embeddingsQ(α, ω) → C.Finally, all of these embeddings restrict to automorphisms of Q(α, ω).Therefore we have in fact computed the Galois group Gal(Q(α, ω)/Q).We list these six automorphisms in the table below, showing their actionson α and ω.id σ σ 2 τ στ σ 2 τω ↦→ ω ω ↦→ ω ω ↦→ ω ω ↦→ ω 2 ω ↦→ ω 2 ω ↦→ ω 2α ↦→ α α ↦→ ωα α ↦→ ω 2 α α ↦→ α α ↦→ ωα α ↦→ ω 2 αNote that τ still denotes complex conjugation. Also, the names exhibitsome of the compositions in the Galois group. For example,σ 2 (ω) = σ(ω) = ω, σ 2 (α) = σ(ωα) = σ(ω)σ(α) = ω · ωα = ω 2 α.Similarly,στ(ω) = σ(ω 2 ) = σ(ω) 2 = ω 2 ,στ(α) = σ(α) = ωα.19

Corollary 4.4. Let L/K and F/K be field extensions, and assume that F/Kis finite. Then | Hom K (F, L)| ≤ [F : K].In particular, if L/K is finite, then | Gal(L/K)| ≤ [L : K].Proof. Let x 1 , . . . , x n be a K-basis for F , and let σ 1 , . . . , σ m be distinct elementsof Hom K (F, L). Form the matrix M := (σ i (x j )) ∈ M m×n (L), and view M t asa linear map M t : L m → L n . If m > n, then this has a non-zero kernel, so wecan find elements λ i ∈ L, not all zero, with∑λ i σ i (x j ) = 0 for all j.iSince the x j form a K-basis for F and the σ i fix K, we deduce that ∑ i λ iσ i (x) =0 for all x ∈ F , and hence that ∑ i λ iσ i = 0, contradicting the linear independenceof the σ i . Thus m ≤ n, and hence | Hom K (F, L)| ≤ [F : K].21

Chapter 5Galois ExtensionsWe saw in the previous section that if L/K is a finite field extension, thenGal(L/K) is a finite group of size at most [L : K]. We call L/K a Galois extensionprovided | Gal(L/K)| = [L : K], which is to say that the field extensionL/K has the maximal amount of symmetry.We remark that in Section 4.1, Example (1) we proved that Q( √ 2)/Q is aGalois extension with Galois group Sym 2 , and in Example (6) we proved thatQ( 3√ 2, ω)/Q is a Galois extension with Galois group Sym 3 .On the other hand, Q( 3√ 2)/Q has no non-trivial automorphism by Example (3),but has degree 3, so is not Galois.We begin by showing that Galois extensions arise as fixed fields of field automorphisms.Proposition 5.1. Let L be a field and G ≤ Aut(L) a finite group of fieldautomorphisms of L. Set K := L G to be its fixed field. Then L/K is a Galoisextension, and Gal(L/K) = G.Proof. Clearly G ≤ Gal(L/K). We will show that |G| ≥ [L : K]; hence L/K isa finite extension, and since by Corollary 4.4 we have [L : K] ≥ | Gal(L/K)|, itfollows that L/K is Galois and G = Gal(L/K).The proof is similar in style to that of Theorem 4.3.Let G = {σ 1 , . . . , σ m } and take x 1 , . . . , x n ∈ L, linearly independent over K.Form the matrix M = (σ i (x j )) ∈ M m×n , and view it as a linear map M : L n →L m . If m < n, then this has non-trivial kernel, so there exist λ j ∈ L, not allzero, with∑λ j σ i (x j ) = 0 for all i.jTake such a solution having a minimal number of non-zero terms.through and renumbering, we may assume that λ n = 1.Dividing22

Now, the λ j cannot all lie in K, since otherwise σ i ( ∑ ∑j λ jx j ) = 0, whencej λ jx j = 0, contradicting the linear independence of the x j . So without lossof generality we may assume that λ 1 ∉ K. Next, since K = L G , we haveσ(λ 1 ) ≠ λ 1 for some σ ∈ G. Applying σ to our list of equations, and using thatG = {σσ i }, we get∑σ(λ j )σ i (x j ) = 0 for all i.jSubtracting then gives∑µ j σ i (x j ) = 0 for all i, where µ j := λ j − σ(λ j ).jSince µ n = 0, this has fewer non-zero terms, so by minimality µ j = 0 for all j.On the other hand, µ 1 ≠ 0, a contradiction.We conclude that m ≥ n, and so |G| ≥ [L : K].Corollary 5.2. Let L/K be a Galois extension with Galois group G.K = L G .ThenProof. Since L/K is a Galois extension we have |G| = [L : K], and so G is afinite group. Then, by the proposition, |G| = [L : L G ]. Clearly K ⊂ L G , so theTower Law gives us that [L G : K] = 1, whence L G = K.We observe that L/K is Galois if and only if K is the fixed field of Gal(L/K).This condition is used by some authors as the definition of a Galois extension.5.1 The Galois CorrespondenceThe next theorem is of great importance: it states that intermediate fields ofGalois extensions correspond to subgroups of the Galois group. In particular,there are only finitely many intermediate fields.Theorem 5.3 (Fundamental Theorem of Galois Theory). Let L/K be Galoiswith Galois group G. Then there exists a bijection{subgroups of G} ←→ {intermediate fields of L/K}H ↦−→ L HGal(L/F ) ←− FIn particular, for each intermediate field F , the extension L/F is Galois.Proof. Let H be a subgroup of G and set F := L H . Since H is a subgroup ofG = Gal(L/K) we know that K ⊂ F , so that F is an intermediate field of L/K.Moreover, H is a finite group (since G is), so we can apply Proposition 5.1 to23

deduce that L/F is Galois with Galois group H. This proves that Gal(L/L H ) =H.Conversely, let F be an intermediate field of L/K and set H := Gal(L/F ).Since K ⊂ F , we see that H fixes K, and so H is a subgroup of G. Now, byCorollary 4.4 we know that [L : F ] ≥ |H| and [F : K] ≥ | Hom K (F, L)|, whereasby Proposition 4.1 we know that | Hom K (F, L)| ≥ [G : H]. We can now use theTower Law to deduce that[L : K] = [L : F ][F : K] ≥ |H|[G : H] = |G|.Since L/K is Galois we have |G| = [L : K], and so we must have equality above.It follows that |H| = [L : F ], and thus L/F is Galois with Galois group H.Hence H has fixed field F by Corollary 5.2.For convenience we record the following result, shown during the above proofand improving Proposition 4.1.Corollary 5.4. Let L/K be Galois with Galois group G. Let F be an intermediatefield of L/K and set H := Gal(L/F ). Then there is a bijection(G : H) ∼ = Hom K (F, L), with both sides having size [F : K].The next result investigates the correspondence between subgroups and intermediatefields more closely.We need some terminology. If F is an intermediate field of a Galois extensionL/K, then we call Gal(L/F ) the Galois group associated to F .Theorem 5.5 (Galois Correspondence). Let L/K be Galois with Galois groupG. Let H, H i be subgroups of G, with fixed fields F, F i .1. H 1 ≤ H 2 if and only if F 1 ⊃ F 2 .2. H 1 ∩ H 2 has fixed field the compositum F 1 F 2 .3. F 1 ∩ F 2 has associated group 〈H 1 , H 2 〉.4. If σ ∈ G, then σ(F ) has associated group σHσ −1 .5. F/K is Galois if and only if σ(F ) = F for all σ ∈ G, which is if andonly if H ⊳ G is a normal subgroup. In this case, F/K has Galois group(isomorphic to) G/H.Recall that if H 1 , H 2 ≤ G are subgroups, then we write 〈H 1 , H 2 〉 for the smallestsubgroup of G containing both H 1 and H 2 .Proof. 1. If H 1 ≤ H 2 , then everything fixed by all elements of H 2 is necessarilyfixed by all elements of H 1 , so F 1 ⊃ F 2 . Conversely, if F 1 ⊃ F 2 , then everyautomorphism fixing all elements of F 1 necessarily fixes all elements of F 2 , soH 1 ≤ H 2 .24

2. Let H 1 ∩ H 2 have fixed field M, and let F 1 F 2 have associated Galois groupB. Since F 1 F 2 ⊃ F i we have B ≤ H i , and hence B ≤ H 1 ∩ H 2 . Conversely,since H 1 ∩ H 2 ⊂ H i we have M ⊃ F i , and hence M ⊃ F 1 F 2 . Applying (1) thengives H 1 ∩ H 2 ⊂ B. Thus B = H 1 ∩ H 2 and M = F 1 F 2 .3. This is similar. Let 〈H 1 , H 2 〉 have fixed field M, and let F 1 ∩ F 2 have associatedGalois group B. Since F i ⊃ F 1 ∩ F 2 we have H i ≤ B, and hence〈H 1 , H 2 〉 ≤ B. Conversely, since H i ≤ 〈H 1 , H 2 〉 we have F i ⊃ M, and henceF 1 ∩ F 2 ⊃ M. Applying (1) then gives B ≤ 〈H 1 , H 2 〉. Thus B = 〈H 1 , H 2 〉 andM = F 1 ∩ F 2 .4. The Galois group associated to σ(F ) consists of all automorphisms τ suchthat τσ(x) = σ(x) for all x ∈ F , or equivalently σ −1 τσ(x) = x for all x ∈ F .Thus τ ∈ Gal(L/σ(F )) if and only if σ −1 τσ ∈ Gal(L/F ) = H, which is if andonly if τ ∈ σHσ −1 .5. By (4) we know that H is a normal subgroup if and only if σ(F ) = F for allσ ∈ G. Next, by Corollary 5.4 we have a bijection (G : H) ∼ = Hom K (F, L), soevery K-embedding F → L is the restriction to F of some element in G. ThusH is normal if and only if every K-embedding σ : F → L has image F .On the other hand we have an inclusion ι: Gal(F/K) ↩→ Hom K (F, L) by Proposition4.1, whose image is precisely those σ satisfying σ(F ) = F . Therefore His normal if and only if ι is a bijection, and since | Hom K (F, L)| = [F : K] byCorollary 5.4, this is equivalent to | Gal(F/K)| = [F : K], and hence to F/Kbeing Galois.Finally, if this holds, then we have a (set-theoretic) bijection G/H ∼ = Gal(F/K).This sends a coset σH to its restriction σ : F → L, which we know has imageF so lies in Gal(F/K). An easy check shows that this bijection respects themultiplication and preserves the identity, so is a group isomorphism.RemarksThe first statement says that the bijection between subgroups of G and intermediatefields of L/K is inclusion-reversing. The next two statements saythat the bijection preserves the lattice structure.Later we will introduce the notion of a normal field extension, and then (5) saysthat H is a normal subgroup if and only if F/K is a normal field extension. Infact, this is the origin of the term normal subgroup.We have the following two pictures representing properties (2) and (3) above.25

L{1}F 1 F 2F 1correspondenceF 2 GaloisF 1 ∩ F 2H 1 ∩ H 2H 1H 2〈H 1 , H 2 〉KGExampleSet α = 3√ 2 and ω = exp(2πi/3). We know that the field extension Q(α, ω)/Qis Galois with Galois group Sym 3 . Moreover, the automorphisms are given byid σ σ 2 τ στ σ 2 τω ↦→ ω ω ↦→ ω ω ↦→ ω ω ↦→ ω 2 ω ↦→ ω 2 ω ↦→ ω 2α ↦→ α α ↦→ ωα α ↦→ ω 2 α α ↦→ α α ↦→ ωα α ↦→ ω 2 αNow, the proper subgroups of Sym 3 are {id}, the group of order three 〈σ〉, andthe three groups of order two 〈τ〉, 〈στ〉, 〈σ 2 τ〉.The subgroup 〈σ〉 has fixed field Q(ω). For, σ fixes ω, so Q(σ) is contained inthe fixed field. On the other hand, the subgroup has index two, and Q(ω)/Qhas degree two, so we must have equality.The subgroup 〈τ〉 has fixed field Q(α). For, τ fixes α, and we can again argueby degrees.Similarly, the subgroup 〈στ〉 has fixed field Q(ω 2 α), and 〈σ 2 τ〉 has fixed fieldQ(ωα).We usually display this by drawing the lattices of subgroups and intermediatefields.{1}L = Q(α, ω)〈σ〉S 3〈τ〉〈στ〉〈σ 2 τ〉Q(ω)Q(α)QQ(ω 2 α) Q(ωα)Note that 〈σ〉 = Alt 3 is a normal subgroup, and that Q(ω)/Q is Galois.26

5.2 Transitive Group ActionsLet a group G act on a set X. We say that the action is transitive providedthat, for x, y ∈ X there exists g ∈ G with g(x) = y. We are going to showthat if L/K is a Galois extension with Galois group G, then for each α ∈ L itsminimal polynomial m α/K splits into distinct linear factors over L and G actstransitively on the roots.Proposition 5.6. Let L/K be Galois with Galois group G. Let α ∈ L and setd = [L : K(α)]. Then∏ ( )X − σ(α) = (mα/K ) d .σ∈GMoreover, m α/K splits into distinct linear factors over L.Proof. Set f := ∏ ( )σ∈G X − σ(α) . If τ ∈ G, then( ) ∏ ( )X − τσ(α) = X − σ(α) = f.τ(f) = ∏ σ∈Gσ∈GThus every coefficient of f is in the fixed field of G, so f ∈ K[X].Consider H := Stab(α) = {σ ∈ G : σ(α) = α}. Then clearly H = Gal(L/K(α)),so d := |H| = [L : K(α)] and [G : H] = [K(α) : K]. If we take coset representativesσ i for H in G, then f = m d , where m = ∏ i(X − σi (α) ) . Note that mis a monic polynomial of degree [G : H] = [K(α) : K], and splits into distinctlinear factors over L. Moreover, since each τ ∈ G just permutes the roots of f,the same is true for m. Thus τ(m) = m for all τ ∈ G, so m ∈ K[X]. Finally,since α is a root of m, we conclude that m = m α/K .We say that two elements α and β of L are K-conjugates if they have thesame minimal polynomial over K.Corollary 5.7. Let L/K be Galois with Galois group G. Then α, β ∈ L areK-conjugates if and only if there exists σ ∈ G with σ(α) = β. In particular, Gacts transitively on the roots of m α/K .Proof. We have just seen that m α/K = ∏ i(X − σi (α) ) , where σ i are cosetrepresentatives for Gal(L/K(α)) in G. Now, β is a K-conjugate of α if and onlyif it is a root of m α/K , which is if and only if it is of the form σ(α) for someσ ∈ G.27

Chapter 6Calculating Galois Groups6.1 Example 1Consider the irreducible polynomial f = X 4 − 2 ∈ Q[X] and set α := 4√ 2 ∈ R.Over the complex numbers f has roots ±α, ±iα. Set L = Q(α, i). We will showthat L/Q is Galois with Galois group D 8 , the dihedral group of order eight, orsymmetry group of a square.There are four embeddings Q(α) → L given by α ↦→ i m α for 0 ≤ m < 4. Also,since α ∈ R we see that i ∉ Q(α), and hence that i has minimal polynomialX 2 +1 over Q(α). By Artin’s Extension Theorem, each embedding α ↦→ i m α canbe extended in two ways by i ↦→ ±i. This gives the eight elements of Gal(L/Q)α ↦→ i m αi ↦→ iandα ↦→ i m αi ↦→ −i.Set σ to be the map α ↦→ iα, i ↦→ i and τ to be the map α ↦→ α, i ↦→ −i. Thenσ has order four, τ is complex conjugation, so has order two, and τσ = σ 3 τ.Hence Gal(L/Q) ∼ = D 8 , the dihedral group of order 8, or the symmetry groupof a square.In fact, the four roots i m α of f in C form the four vertices of a square, withdiagonals along the real and imaginary axes. In this picture, σ is just therotation anticlockwise by π/2 and τ is reflection in the real axis.σiα−αατ−iα28

As usual we draw the lattices of subgroups and intermediate fields. Note thatall inclusions of subgroups have index 2.{1}L = Q(α, i)〈σ 2 τ〉〈τ〉〈σ 2 〉〈στ〉〈σ 3 τ〉Q(iα) Q(α) Q(α 2 , i) E F〈σ 2 , τ〉〈σ〉〈σ 2 , στ〉Q(α 2 ) Q(i) GD 8QTo find the fixed fields we can proceed as follows. Clearly σ fixes i, so Q(i) iscontained in the fixed field of 〈σ〉. On the other hand, 〈σ〉 has index two in D 8and Q(i)/Q has degree two, so Q(i) is the fixed field of 〈σ〉.Similar reasoning shows that 〈τ〉 has fixed field Q(α).We now apply the Galois Correspondence. Using that σ〈τ〉σ −1 = 〈στσ −1 〉 =〈σ 2 τ〉, we see that 〈σ 2 τ〉 has fixed field Q(σ(α)) = Q(iα).Next, the subgroup 〈τ, σ 2 τ〉 = 〈σ 2 , τ〉 has fixed field the intersection Q(α) ∩Q(iα). This equals Q(α 2 ), since we obviously have one inclusion and the degreescoincide. It now follows that the group 〈σ 2 〉 = 〈σ〉 ∩ 〈σ 2 , τ〉 has fixed fieldQ(α 2 , i).It remains to calculate the intermediate fields E, F and G.The subfield G is contained in Q(α 2 , i) = Q( √ 2, i), and we have seen such fieldextensions before. We deduce that G = Q(iα 2 ) = Q(i √ 2).Consider στ. Viewing the four roots i m α of f as the points of a square inC, we observe that στ swaps α and iα, and hence fixes the midpoint α(1 + i)of the side connecting α with iα. Now, α(1 + i) has four distinct conjugates±α(1+i), ±α(1−i), so Q(α(1+i))/Q has degree four, and hence E = Q(α(1+i)).Finally, we can conjugate by σ to deduce that F = σ(E) = Q(α(1 − i)).We seem to have lost some symmetry in our diagram of intermediate fields, butwe can reclaim this by applying some more thought to the fields E and F . Webegin by noting that the primitive eighth root of unity ζ := exp(2πi/8) can bewritten asζ = 1 + i √2= 1 + iα 2 .It follows that L = Q(α, ζ). Furthermore, ζ 2 = i and α 2 = ζ +ζ −1 , so Q(α 2 , i) =Q(ζ). Also, F is generated by2α(1 − i) = 1 + iα= αζ,29

and similarly E is generated by2α(1 + i) = α31 + i = αζ−1 = −αζ 3 .Observe thatσ(ζ) = 1 + i1 − i= −ζ and τ(ζ) =−α2 α 2 = ζ −1 .We can therefore rewrite the lattice of intermediate fields asQ(α, ζ)Q(αζ 2 ) Q(α) Q(ζ) Q(αζ 3 ) Q(αζ)Q(α 2 ) Q(ζ 2 ) Q(α 2 ζ 2 )QThe proper normal subgroups of D 8 are〈σ 2 , τ〉, 〈σ〉, 〈σ 2 , στ〉, 〈σ〉,and so their respective fixed fields are Galois over QQ(α 2 ), Q(i), Q(iα 2 ), Q(ζ).30

6.2 Example 2√Let α = (2 + √ 2)(3 + √ 3). We will show that L = Q(α) is Galois over Q andhas Galois group Q 8 , the quaternion group.Observe that α 2 = (2 + √ 2)(3 + √ 3) = 6 + 3 √ 2 + 2 √ 3 + √ 6. Thus Q(α 2 ) ⊂Q( √ 2, √ 3), which we know is Galois over Q with Galois group V ∼ = (Z/2Z) 2 .We can write V = {1, ¯σ, ¯τ, ¯σ¯τ}, where¯σ( √ 2) = − √ 2¯σ( √ 3) = √ 3Consider the four conjugates of α 2and¯τ( √ 2) = √ 2¯τ( √ 3) = − √ 3.6 + 3 √ 2 + 2 √ 3 + √ 6, 6 − 3 √ 2 + 2 √ 3 − √ 66 + 3 √ 2 − 2 √ 3 − √ 6, 6 − 3 √ 2 − 2 √ 3 + √ 6.Since {1, √ 2, √ 3, √ 6} is a Q-basis for Q( √ 2, √ 3), we observe that these fourelements are all distinct. Thus α 2 is a primitive element for Q( √ 2, √ 3). Inparticular, Q(α 2 )/Q is Galois with Galois group V .Clearly [Q(α) : Q(α 2 )] ≤ 2, so to prove equality, we must show that α ∉Q(α 2 ) = Q( √ 2, √ 3). Suppose for a contradiction that α ∈ Q( √ 2, √ 3) andconsider α¯τ(α). This must lie in the fixed field of 〈¯τ〉, namely Q( √ 2). On theother hand(α¯τ(α)) 2 = α 2¯τ(α 2 ) = (2 + √ 2)(3 + √ 3) · (2 + √ 2)(3 − √ 3) = 6(2 + √ 2) 2 .Thus ( ) 2 α¯τ(α)6 =2 + √ √ α¯τ(α)and hence 6 = ±22 + √ 2 ∈ Q(√ 2).This yields the required contradiction. Therefore [Q(α) : Q] = 8.We have shown that the minimal polynomial of α over Q(α 2 ) = Q( √ 2, √ 3) issimply X 2 − (2 + √ 2)(3 + √ 3). By Artin’s Extension Theorem we can extendeach of the four embeddings Q(α 2 ) → C, given by the elements of V , in twoways. This gives the eight possible embeddings Q(α) → C√α ↦→ ± (2 ± √ 2)(3 ± √ 3),where we can choose the signs independently of one another.Observe that we can now find the minimal polynomial of α over Q, since this isthe polynomial of degree eight having precisely these roots. We calculateNow,√2 − √ 2 =m := m α/Q = X 8 − 24X 6 + 144X 4 − 288X 2 + 144.√(2 − √ 2)(2 + √ 2)√2 +√2=√ √ √ √ √ √2 2 2 + 2 2 + 2√ √ =2 + 2 2 + √ =2 1 + √ 231

and similarlyTherefore√3 − √ √ √ √ √6 2 3 + 33 = √ √ =3 + 3 1 + √ .3√(2 − √ 2)(3 + √ α3) =1 + √ 2√(2 + √ 2)(3 − √ 3) = α√ 21 + √ 3√(2 − √ 2)(3 − √ 3) =√2√6α= 2√ 3αand since Q(α 2 ) = Q( √ 2, √ 3), we see that √ 2, √ 3, √ 6 ∈ Q(α), and hence eachof the roots lies in Q(α). We conclude that each embedding Q(α) → C hasimage Q(α), so restricts to an automorphism of Q(α). Thus Gal(Q(α)/Q) hasorder eight and so Q(α)/Q is Galois.We now show that the Galois group is isomorphic to the quaternion group Q 8 .Define σ to be the following extension of ¯σσ : √ 2 ↦→ − √ √ √√2, 3 ↦→ 3, α ↦→ (2 − √ 2)(3 + √ α3) =1 + √ 2 .Similarly define τ to be the following extension of ¯ττ : √ 2 ↦→ √ 2,√3 ↦→ −√3, α ↦→√(2 + √ 2)(3 − √ 3) = α√ 21 + √ 3 .Thenσ 2 (α) =σ(α)σ(1 + √ 2) = α/(1 + √ 2)1 − √ = −α2τ 2 (α) = τ(α√ 2)τ(1 + √ 3) = 2α/(1 + √ 3)1 − √ = −α.3Hence σ 2 = τ 2 and σ 4 = 1. Also στ( √ 3) = − √ 3 andστ(α) = σ(α√ 2)σ(1 + √ 3) = −α√ 2/(1 + √ 2)1 + √ −α √ 2=3 (1 + √ 2)(1 + √ 3) = −2√ 3α ,so (στ) 2 (α) = −α. It follows from the discussion below that Gal(Q(α)/Q) ∼ = Q 8 .We recall that the quaternions are given asH := {a + bi + cj + dk : i 2 = j 2 = k 2 = ijk = −1,a, b, c, d ∈ R}.This is a non-commutative R-algebra. Note that ij = k, jk = i and ki = j,whereas ji = −k, kj = −i, ik = −j.32

The quaternion group Q 8 is given as the multiplicative subgroupThis has the presentationQ 8 := {±1, ±i, ±j, ±k} ⊂ H.Q 8 = 〈i, j : i 2 = j 2 = (ij) 2 , i 4 = 1〉,so Q 8∼ = Gal(Q(α)/Q) via i ↦→ σ and j ↦→ τ.We next compute all possible subgroups of Q 8 .The subgroup Z = 〈−1〉 is central, so normal, and the quotient group Q 8 /Zis isomorphic to the Klein four group V ∼ = (Z/2Z) 2 . The Third IsomorphismTheorem now tells us that the subgroups of Q 8 containing Z are in bijectionwith the subgroups of V . This yields the subgroups 〈i〉, 〈j〉 and 〈k〉, each ofwhich is isomorphic to Z/4Z. In fact, together with Z, these are the only propersubgroups of Q 8 . For, let H ≤ Q 8 be a proper subgroup and take 1 ≠ h ∈ H.Then either h 2 = −1, or else h 2 = 1 and so h = −1. In either case we see that−1 ∈ H, so Z ⊂ H and H is on our list.We can now draw the lattices of subgroups and intermediate fields. Again, allinclusions of subgroups have index 2.{1}Q(α)〈σ 2 〉Q( √ 2, √ 3)〈τ〉〈σ〉〈στ〉Q( √ 2) Q( √ 3) Q( √ 6)Q 8QFor, we know that σ fixes √ 3, so by degrees Q( √ 3) is the fixed field of 〈σ〉.Similarly, 〈τ〉 has fixed field Q( √ 2) and 〈στ〉 has fixed field Q( √ 6). Finally,by the Galois Correspondence, the intersection 〈σ〉 ∩ 〈τ〉 = 〈σ 2 〉 has fixed fieldQ( √ 2, √ 3).Note that all subgroups are normal, so all intermediate fields are Galois over Q.33

Chapter 7Some ApplicationsWe now consider two particular cases of Galois extensions.7.1 Symmetric FunctionsLet k be a field. Let k[t 1 , . . . , t n ] be a polynomial ring over k with n indeterminates,and set L := k(t 1 , . . . , t n ) to be its quotient field. Alternatively wecan construct L via a sequence of simple transcendental field extensions: settingk i := k(t 1 , . . . , t i ) we see that k i = k i−1 (t i ) is a simple transcendental fieldextension.The symmetric group Sym n acts on the set {t 1 , . . . , t n } via σ(t i ) := t σ(i) . Thistherefore extends to a k-algebra automorphism of k[t 1 , . . . , t n ]. Note that Sym nacts faithfully, in the sense that σ(f) = f for all f implies σ = id.Using that L is the quotient field of k[t 1 , . . . , t n ] we deduce that Sym n acts on Las k-automorphisms. In other words we have an injective group homomorphismSym n → Gal(L/k). We can now apply Proposition 5.1 to deduce that L/L Sym nis a Galois extension with Galois group Sym n . The fixed field L Sym n is calledthe field of symmetric functions.For 1 ≤ r ≤ n defineso that in particulars r :=∑i 1

the subfield of L generated over k by the elements s 1 , . . . , s n .Theorem 7.1 (Fundamental Theorem of Symmetric Functions). The extensionL/K is Galois with Galois group Sym n . In particular, any symmetric function(a rational function of the t i which is fixed by Sym n ) can be expressed as arational function of the s i .Moreover, any symmetric polynomial (a polynomial in the t i which is fixed bySym n ) can be expressed as a polynomial in the s i . Hence the fixed ring ofk[t 1 , . . . , t n ] is k[s 1 , . . . , s n ].Proof. As observed above, L/L Sym n is a Galois extension with Galois groupSym n , so [L : L Sym n ] = |Symn | = n!. We also have K ⊂ L Sym n , so [L : K] ≥ n!.It therefore suffices to prove that [L : K] ≤ n!, for then [L : K] = n!, and soK = L Sym n .Set K i := K(t 1 , . . . , t i ). Then K i = K i−1 (t i ), so by the Tower Law it is enoughto show that [K i+1 : K i ] ≤ n − i. Consider the polynomialf := (X − t 1 )(X − t 2 ) · · · (X − t n ) = X n − s 1 X n−1 + s 2 X n−2 + · · · + (−1) n s n .Then f ∈ K[X]. Moreover, since t 1 , . . . , t i ∈ K i we deduce thatf i := (X − t i+1 ) · · · (X − t n ) = f/(X − t 1 ) · · · (X − t i ) ∈ K i [X].Now, t i+1 is a root of the polynomial f i , so [K i+1 : K i ] = [K i (t i+1 ) : K i ] ≤deg(f i ) = n − i as required.This proves that [L : K] ≤ n!, and hence that K = L Sym n is the fixed field.To prove the second statement we set S := k[s 1 , . . . , s n ]. Then S is a subringof K, so an integral domain, and clearly K is the quotient field of S. Moregenerally, set S i := S[t 1 , . . . , t i ], so that S i is a subring of K i and has quotientfield K i .We saw above that f 0 = f ∈ S[X]. Moreover, since each polynomial (X −t 1 ) · · · (X − t i ) ∈ S i [X] is monic and divides f over K i , we must have thatf i = f/(X − 1) · · · (X − t i ) ∈ S i [X].We claim that any polynomial in k[t 1 , . . . , t n ] can be written as a sum of elementsof the form gm, where g ∈ S andm ∈ M := {t a11 · · · tan n : 0 ≤ a i < n − i}.Take a polynomial h ∈ k[t 1 , . . . , t n ]. Since t n is a root of f n−1 ∈ S n−1 [X] andf n−1 has degree one, we can replace any occurrence of t n with an element ofS n−1 . Similarly, since t n−1 is a root of f n−2 ∈ S n−2 [X] and f n−2 has degreetwo, we can replace all occurrences of t d n−1 for d > 1 by a linear polynomialin t n−2 with coefficients in S n−2 . Continuing in this way, we can use thatf i−1 ∈ S i−1 [X] to replace all occurrences of t d i for d > n − i by a polynomial ofdegree n − i in t i with coefficients in S i−1 . Doing this for all i = n, . . . , 1, wecan express h in the given form, proving the claim.35

It follows that the monomials in M form a K-basis of L. For, [L : K] = n! =|M|, so it is enough to show that they span. Any element in L can be writtenas a fraction g/h with g, h ∈ k[t 1 , . . . , t n ] and h ≠ 0. Set ¯h := ∏ σ≠id σ(g),so that H := h¯h is fixed by Sym n , so lies in K, and G := g¯h ∈ k[t 1 , . . . , t n ].Now, g/h = G/H and we have just shown that G can be written as a K-linearcombination of elements in M. Thus the same is true of G/H = g/h, so M isa spanning set as required.Finally, let h ∈ k[t 1 , . . . , t n ] be a symmetric polynomial. Then h ∈ K, and alsoh is an S-linear combination of elements in M. Since M is a K-basis, these twoexpressions must agree, so h ∈ S.It is instructive to see an example of this procedure. Take n = 3. We wish towrite the polynomial h := t 2 1t 3 + t 3 2 as an S-linear combination of elements ofM, where S = k[s 1 , s 2 , s 3 ] and M = {1, t 1 , t 2 , t 2 1, t 1 t 2 , t 2 1t 2 }.We have the polynomialsf 0 = (X − t 1 )(X − t 2 )(X − t 3 ) = X 3 − s 1 X 2 + s 2 X − s 3f 1 = (X − t 2 )(X − t 3 ) = f 0X − t 1= X 2 − (s 1 − t 1 )X + (s 2 − s 1 t 1 + t 2 1)f 2 = X − t 3 = f 1X − t 2= X − (s 1 − t 1 − t 2 )It follows that we can make the following replacementsReplacing t 3 in h givesWe next observe thatt 3 = s 1 − t 1 − t 2t 2 2 = (s 1 − t 1 )t 2 − (s 2 − s 1 t 1 + t 2 1)t 3 1 = s 1 t 2 1 − s 2 t 1 + s 3h = s 1 t 2 1 − t 3 1 − t 2 1t 2 + t 3 2.t 3 2 = t 2 · t 2 2 = (s 1 − t 1 )t 2 2 − (s 2 − s 1 t 1 + t 2 1)t 2Substituting in gives= (s 1 − t 1 ) 2 t 2 − (s 1 − t 1 )(s 2 − s 1 t 1 + t 2 1) − (s 2 − s 1 t 1 + t 2 1)t 2= (s 2 1 − s 2 − s 1 t 1 )t 2 − (s 1 s 2 − s 2 1t 1 − s 2 t 1 + 2s 1 t 2 1 − t 3 1).h = (s 2 1 − s 2 − s 1 t 1 − t 2 1)t 2 + (−s 1 s 2 + s 2 1t 1 + s 2 t 1 − s 1 t 2 1)= −s 1 s 2 + (s 2 1 + s 2 )t 1 + (s 2 1 − s 2 )t 2 − s 1 t 2 1 − s 1 t 1 t 2 − t 2 1t 2 .36

7.2 The J-InvariantWe wish to define an action of the group Sym 3 on the field k(t). Recall thatSym 3 has the presentationSym 3 = 〈σ, τ : σ 3 = τ 2 = (στ) 2 = id〉.Consider the k-algebra homomorphismsσ, τ : k[t] → k(t), σ(t) := (1 − t) −1 , τ(t) := t −1 .Since (1 − t) −1 and t −1 are both transcendental over k, these k-algebra homomorphismsextend to k-embeddingsσ, τ : k(t) → k(t).Moreover, a quick check reveals that σ 3 = τ 2 = (στ) 2 = id, so we obtain thatSym 3 acts as on k(t) as k-automorphisms. In other words we have a grouphomomorphism Sym 3 → Gal(k(t)/k). Finally, computing g(t) for all g ∈ Sym 3shows that this action is faithful, so the group homomorphism is injective.Let L = k(t) and K = L Sym 3 . Then Proposition 5.1 tells us that L/K is Galoiswith Galois group Sym 3 .Theorem 7.2. We have K = k(J), where J = (t2 − t + 1) 3t 2 (t − 1) 2 .Proof. A short calculation gives that both σ(J) = J and τ(J) = J, so that Jlies in the fixed field K. Since L/K is Galois with Galois group Sym 3 we knowthat [L : K] = |Sym 3 | = 6, so [L : k(J)] ≥ 6. It is therefore enough to showthat [L : k(J)] ≤ 6. For this, we just observe that t is a root of the polynomial(X 2 − X + 1) 3 − JX 2 (X − 1) 2 ∈ k(J)[X].In other words, the set of functions f ∈ k(t) for whichf(t) = f((1 − t) −1 ) = f(t −1 )is precisely the field k(J) of functions in J.We remark that(X 2 − X + 1) 3 − JX 2 (X − 1) 2 = ∏g∈Sym 3(X − g(t)).For, t, and hence each g(t) for g ∈ Sym 3 , is a root of the left-hand side, whichis a monic polynomial of degree six.We can viewσ : t ↦→ (1 − t) −1 and τ : t ↦→ t −1as functions on C \ {0, 1}. In fact, we can even extend these to functions on theRiemann Sphere P 1 := C ∪ {∞}. This defines an action of Sym 3 on P 1 .37

Proposition 7.3. Two numbers λ, µ ∈ P 1 lie in the same Sym 3 orbit if andonly if J(λ) = J(µ).Proof. Since J is in the fixed field we have J(g(λ)) = J(λ) for all g ∈ Sym 3 .Conversely, suppose that J(µ) = J(λ) ≠ ∞. Then µ is a root of the polynomial(X 2 − X + 1) 3 − J(λ)X 2 (X − 1) 2 = ∏g∈Sym 3(X − g(λ)).Finally, if J(λ) = ∞, then λ ∈ {0, 1, ∞} and these three points form a singleSym 3 orbit.This action of Sym 3 on P 1 arises in the definition of the cross-ratio. Recallthat the cross-ratio of four complex numbers may be defined as[z 1 , z 2 ; w 1 , w 2 ] := (z 1 − w 1 )(z 2 − w 2 )(z 1 − w 2 )(z 2 − w 1 ) ∈ P1 := C ∪ {∞}.However, reordering the four complex numbers generally gives a different value.In fact, the symmetry group Sym 4 acts on the quadruple (z 1 , z 2 , w 1 , w 2 ) byplace-permutation. Since[z 1 , z 2 ; w 1 , w 2 ] = [z 2 , z 1 ; w 2 , w 1 ] = [w 1 , w 2 ; z 1 , z 2 ] = [w 2 , w 1 ; z 2 , z 1 ]we see that the subgroupV := {id, (12)(34), (13)(24), (14)(23)}acts trivially. Now V ⊳ S 4 is a normal subgroup and the factor group is isomorphicto Sym 3 . If we define λ := [z 1 , z 2 ; w 1 , w 2 ], then[z 1 , w 1 ; w 2 , z 2 ] = (1 − λ) −1 = σ(λ) and [z 1 , z 2 ; w 2 , w 1 ] = λ −1 = τ(λ),so we recover the action of Sym 3 on P 1 .The function J is important in the study of elliptic curves.normal form of an elliptic curve E isThe LegendreY 2 = X(X − 1)(X − λ) with λ ∈ C \ {0, 1}.Moreover, two elliptic curves E, E ′ are isomorphic if and only if the numbersλ, λ ′ lie in the same Sym 3 -orbit, so if and only if J(λ) = J(λ ′ ). We thereforedefine J(E) := J(λ), and this parameterises the isomorphism classes of ellipticcurves. (It is common to define j(E) := 2 8 J(E) and declare this to be thej-invariant of the elliptic curve E.)For more interesting facts about cubics, elliptic curves and Sym 3 , try here.38

Chapter 8Normal ExtensionsRecall from Proposition 5.6 that if L/K is Galois, then for every α ∈ L, itsminimal polynomial over K splits over L. In this chapter we investigate thisproperty further.8.1 Splitting Field ExtensionsLet L/K be a field extension and f ∈ K[X] a non-constant polynomial. Wesay that f splits over L provided it factorises as a product of linear polynomialsover L; equivalently if f has deg(f) roots in L (counted with multiplicities).We say that L/K is a splitting field extension for f provided that f splitsover L, but not over a proper intermediate field of L/K.Lemma 8.1. Let L/K be a field extension, f ∈ K[X] and assume that f splitsover L. Then there is a unique intermediate field of L/K which is a splitting fieldextension for f, namely E = K(α 1 , . . . , α n ), where α 1 , . . . , α n are the distinctroots of f in L.Proof. Let F be an intermediate field of L/K. Then f splits over F if and onlyif F contains every root of f, which is if and only if F contains E. In particular,f splits over E, but not over any intermediate field of E/K, so that E/K is asplitting field extension for f.We can combine the previous lemma with Kronecker’s Theorem and induction toprove that splitting field extensions always exist, and then use Artin’s ExtensionTheorem to prove that they are unique up to isomorphism.Theorem 8.2 (Existence and Uniqueness of Splitting Field Extensions). Letf ∈ K[X] be non-constant. Then there exists a splitting field extension L/K off, and [L : K] ≤ deg(f)!. Moreover, if L ′ /K is another splitting field extensionof f, then there exists a K-isomorphism L ∼ −→ L ′ .39

More generally, let ι: K ∼ −→ K ′ be a field isomorphism, L/K a splitting fieldextension for f, and L ′ /K ′ a splitting field extension for ι(f). Then there existsa field isomorphism L ∼ −→ L ′ extending ι.Proof. Existence. By Kronecker’s Theorem there exists a simple field extensionK(α 1 )/K of degree at most deg(f) such that α 1 is a root of f. This isconstructed by taking an irreducible factor m of f, forming the field extensionK[X]/(m) of K, and letting α 1 be the image of X.Now, over K(α 1 ), we can write f = (X − α 1 )g, and deg(g) = deg(f) − 1. Byinduction on degree there exists a splitting field extension L/K(α 1 ) for g, and[L : K(α 1 )] ≤ deg(g)!. It follows from the Tower Law that [L : K] ≤ deg(f)!.Let α 2 , . . . , α n be the roots of g in L. Since L/K(α 1 ) is a splitting field extensionfor g we must have by the previous lemma thatL = K(α 1 )(α 2 , . . . , α n ) = K(α 1 , . . . , α n ).Now, α 1 , . . . , α n are the roots of f in L, so by the previous lemma once morewe obtain that L/K is a splitting field extension for f.Uniqueness. We want to apply the same kind of induction argument to proveuniqueness, which is why we need the more general statement concerning isomorphismsextending ι, and not just K-isomorphisms.Suppose that ι: K ∼ −→ K ′ is a field isomorphism and that L ′ /K ′ is a splittingfield extension of f ′ := ι(f) ∈ K ′ [X].Let α ∈ L be a root of f, and let m = m α/K be the minimal polynomial of αover K. Then m ∈ K[X] is a factor of f, so ι(m) ∈ K ′ [X] is a factor of f ′ .Since f ′ splits over L ′ , so too does ι(m). Let α ′ ∈ L ′ be a root of ι(m). SetE := K(α) and E ′ := K ′ (α ′ ). By Artin’s Extension Theorem the map α ↦→ α ′induces a field isomorphism τ : E ∼ −→ E ′ extending ι.Now, over E, we can write f = (X −α)g and L/E is a splitting field extension ofg. Similarly, over E ′ , we can write f ′ = (X − α ′ )g ′ and L ′ /E ′ is a splitting fieldextension of g ′ . Since τ(f) = f ′ and τ(α) = α ′ , we must have that τ(g) = g ′ .We therefore have a field isomorphism τ : E ∼ −→ E ′ , a splitting field extensionL/E of g ∈ E[X], and a splitting field extension L ′ /E ′ of g ′ := τ(g). Byinduction on degree we can extend τ to a field isomorphism σ : L ∼ −→ L ′ .Finally, since τ extends ι: K ∼ −→ K ′ , so too does σ.We can also define splitting field extensions of sets of polynomials S ⊂ K[X].This is a field extension L/K over which every f ∈ S splits, but where nointermediate field has this property.Corollary 8.3. Let S ⊂ K[X] be a finite subset. Then there exists a splittingfield extension for S over K, and this is unique up to isomorphism.Proof. If S = {f 1 , . . . , f n }, then L/K is a splitting field extension for S if andonly if it is a splitting field extension for f = f 1 · · · f n .40

A much harder result is that splitting field extensions exist and are unique upto isomorphism for arbitrary subsets S ⊂ K[X]. This follows from the existenceof the algebraic closure of a field. See Chapter 14.8.2 Normal ExtensionsAn algebraic field extension L/K is called normal if, for all α ∈ L, its minimalpolynomial m α/K splits over L.We begin by relating normal extensions to the seemingly weaker condition ofsplitting field extensions.Theorem 8.4. A finite field extension L/K is normal if and only if it is asplitting field extension for some polynomial f ∈ K[X].Proof. Suppose first that L/K is normal. Since L/K is finite, it is finitelygenerated, say L = K(α 1 , . . . , α n ). Let m i = m αi/K be the minimal polynomialof α i over K, and set f := m 1 · · · m n . Using that L/K is normal, we know thateach m i splits over L, so f also splits over L. As L is generated over K byroots of f, we can apply Lemma 8.1 to conclude that L/K is a splitting fieldextension for f.Conversely, let L/K be a splitting field extension for f ∈ K[X]. Take α ∈ Land let m = m α/K be its minimal polynomial. We need to show that m splitsover K. To this end, let M/L be a splitting field extension of m.Take β ∈ M a root of m. By Artin’s Extension Theorem we know that there isa K-isomorphism ι: K(α) ∼ −→ K(β), α ↦→ β.Now, let γ 1 , . . . , γ n be the roots of f in L. Since L/K is a splitting field extensionof f, we know that L = K(γ 1 , . . . , γ n ). It follows thatL(β) = K(β, γ 1 , . . . , γ n ) = K(β)(γ 1 , . . . , γ n ),so that L(β)/K(β) is also a splitting field extension for f.We therefore have a K-isomorphism ι: K(α) ∼ −→ K(β), a splitting field extensionL/K(α) for f ∈ K[X], and a splitting field extension L(β)/K(β) for ι(f) = f.We can therefore apply Theorem 8.2 to obtain a field isomorphism σ : L ∼ −→ L(β)extending ι. In particular, since ι is a K-isomorphism, so too is σ. It followsthat [L : K] = [L(β) : K], so by the Tower Law we have [L(β) : L] = 1, andhence L(β) = L. In other words, β ∈ L, so every root of m lies in L, so m splitsover L.8.3 Normal ClosureOne has to be careful when dealing with normal extensions, since it is possibleto have a tower M/L/K of fields with both M/L and L/K normal, but M/Knot normal.41

For example, take K = Q, L = Q( √ 2) and M = Q( 4√ 2). Then L/Q is thesplitting field of X 2 − 2 and M/L is the splitting field of X 2 − √ 2. However,M/Q is not normal. For, the minimal polynomial of 4√ 2 over Q is m := X 4 − 2,which decomposes as (X − 4√ 2)(X + 4√ 2)(X 2 + √ 2) over M. Since M ⊂ R butthe roots of X 2 + √ 2 are complex, we see that m does not split over M.For this reason, we make the following definition. Let L/K be finite. A fieldextension M/L is called a normal closure of L/K if M/K is normal, butM ′ /K is not normal for a proper intermediate field of M/L. (Note the relevantbase fields.)Theorem 8.5 (Existence and Uniqueness of Normal Closures). Let L/K befinite. Then there exists a normal closure M/L of L/K, of finite degree, andunique up to isomorphism.Proof. Since L/K is finite, it is finitely generated, say L = K(α 1 , . . . , α n ). Letm i = m αi/K be the minimal polynomial of α i over K, and set f := m 1 · · · m n .Let M/L be a field extension such that M/K is normal. Then each α i ∈ M, som i splits over M, and hence f splits over M.Conversely, let M/L be a splitting field extension for f. By Lemma 8.1, ifS ⊂ M is the set of roots of f, then M = L(S). Since each α i is a root of f, wehave α i ∈ S, and so M = L(S) = K(α 1 , . . . , α n , S) = K(S). Therefore M/Kis a splitting field extension for f, by the same lemma, and hence is normal byTheorem 8.4.It follows that a field extension N/L is a normal closure for L/K if and onlyif it is a splitting field extension for f. The finiteness and uniqueness are nowimmediate consequences of Theorem 8.2.42

Chapter 9Finite FieldsA finite field is a field with only finitely many elements. Examples include thefields F p := Z/pZ for each prime number p. In this chapter we will constructall finite fields, and compute the Galois groups of all field extensions involvingfinite fields. We will show that two finite fields are isomorphic if and only ifthey have the same number of elements, and that all field extensions of finitefields are Galois with cyclic Galois groups.Recall that the characteristic of a ring R is the integer n ≥ 0 generating thekernel of the (unique) ring homomorphism Z → R. The characteristic of a fieldis either 0 or a prime number.In particular, the characteristic of a finite field F is always a prime number p,so F has prime subfield F p . Moreover, if F/F p has degree n, then F has p nelements.Finally we shall need the derivative of a polynomial. Let K be any field. Thenthe linear mapD : K[X] → K[X], X n ↦→ nX n−1satisfies the product rule D(fg) = D(f)g +fD(g). We usually write f ′ for D(f)and call it the derivative.9.1 Frobenius HomomorphismLet K be any field of characteristic p > 0. The Frobenius homomorphismis defined to be the mapFr: K → K, x ↦→ x p .Lemma 9.1. The Frobenius homomorphism is a field homomorphism. In particular,it is injective.43

Proof. We need to check that(x + y) p = x p + y p , (xy) p = x p y p , 0 p = 0 and 1 p = 1.The last three are obvious, so we just need to check that (x + y) p = x p + y p .Using the binomial formula, we havep∑( p(x + y) p = xr)r y p−r .r=0Since ( pr)= p!/r!(p − r)! and p does not divide r! for any 0 ≤ r < p, wededuce that p divides ( pfor each 0 < r < p. Since char(K) = p, we get(x + y) p = x p + y p as required.Note that, by induction, (x 1 + · · · + x n ) p = x p 1 + · · · + xp n.As usual we may extend the Frobenius homomorphism to the polynomial ringK[X] viaFr ( a 0 X n + · · · + a n−1 X + a n)= ap0 Xn + · · · + a p n−1 X + ap n.Lemma 9.2. Let f ∈ K[X]. Then Fr(f)(X p ) = f(X) p .Proof. Write f = a 0 X n + · · · + a n−1 X + a n . As noted above, ( ∑ ) ∑i xp i =i xp i ,sof(X) p = a p 0 Xpn + · · · + a p n−1 Xp + a p n = Fr(f)(X p ).9.2 Finite FieldsConsider the polynomial X p − X over F P . We know that 1 is a root of thispolynomial, and since(1 + · · · + 1) p = 1 p + · · · + 1 p = 1 + · · · + 1,we see that every element of F p is a root. This gives p distinct roots, soX p − X = X(X − 1)(X − 2) · · · (X − p + 1) = ∏α∈F p(X α ).Note that equating coefficients of X gives (p − 1)! ≡ (−1) p mod p, and since(−1) p ≡ −1 mod p for all primes p, we deduce Wilson’s Theorem, that (p−1)! ≡−1 mod p.Proposition 9.3. Let F/F p be a field extension of degree n. Then this extensionis Galois with cyclic Galois group generated by the Frobenius homomorphism,and the elements of F are precisely the roots of X pn − X, soX pn − X = ∏ α∈F(X − α).44

Proof. We know that F is a finite field with p n elements. Now the Frobeniushomomorphism is a field endomorphism of F , so injective, and hence bijectivesince F is a finite set. Thus Fr is a field automorphism of F . The fixed field ofFr is the set of α ∈ F such that α p = α, so the set of roots of X p − X, whichis just the prime subfield F p . Thus, by Proposition 5.1, F/F P is Galois withGalois group the cyclic group 〈Fr〉. Since this group has order [F : F p ] = n, wehaveGal(F/F p ) = 〈Fr〉 ∼ = Z/nZ.Next, we know that Fr n = id on F , so every element α ∈ F satisfies α pn = α, sois a root of X pn − X. Since F has p n elements, we deduce that this polynomialsplits over F asX pn − X =α∈F(X ∏ − α).Proposition 9.4. For each prime p and integer n ≥ 1 there exists a finite fieldwith p n elements. It is a splitting field extension of X pn − X over F p , so isunique up to isomorphismProof. Let F/F p be a splitting field extension of X pn −X. We first observe thatthe roots of f in F are all distinct. For, if α is a repeated root, then over Fwe can write f = (X − α) 2 g for some polynomial g. Taking derivatives gives−1 = (X − α) ( 2g + (X − α)g ′) , a contradiction by considering degrees.Now consider the fixed field of the cyclic group 〈Fr n 〉. This consists of thoseelements α ∈ F satisfying α pn = α, so equals the set of roots of f in F . Thereforethe set of roots of f form a subfield of F of size p n . Since F is a splitting fieldextension for f, it equals this fixed field, so F has size p n .Conversely, if F has p n elements, then the proposition tells us that F is asplitting field extension of X pn − X.Since all finite fields of size p n are isomorphic, we usually abuse notation anddenote any such field by F p n.We can now apply the Galois Correspondence to deduce that the intermediatefields of F p n/F p are in bijection with the subgroups of the Galois group 〈Fr〉 ∼ =Z/nZ. The subgroups are given as 〈Fr r 〉 ∼ = Z/(n/r)Z for each r|n. This grouphas index r, so the fixed field of Fr r has degree r over F p , and hence is isomorphicto F p r.This yields the following result.Theorem 9.5. The finite field F p n contains F p r as a subfield if and only if rdivides n, in which case F p n/F p r is Galois with cyclic Galois group generatedby Fr r : x ↦→ x pr .In general we simplify notation by taking our base field to be F q for some primepower q = p r . Then each finite field extension of F q is of the form F q n/F q , andthe Galois group is generated by Fr q : x ↦→ x q .45

Recall from Proposition 5.6 that if L/K is Galois with Galois group G, and ifα ∈ L, then m α/K splits over L and has distinct roots. Moreover, the roots areall of the form σ(α) for some σ ∈ G.Corollary 9.6. Let f ∈ F q [X] be irreducible of degree n. Then F q [X]/(f) ∼ = F q nis a Galois extension, and the roots of f are of the form α qr for 0 ≤ r < n,where α ∈ F q [X]/(f) denotes the image of X.9.3 Irreducible Polynomials over Finite FieldsProposition 9.7. Let q = p r be a prime power. Over F q we have the factorisation∏X qn − X =f.Proof. We have already seen thatX qn − X =f monic,irreddeg(f)|n∏α∈F q n(X − α).On the other hand, consider the product g of all monic irreducible polynomialsover F q of degree dividing n. Let f be an irreducible factor of g, of degree r.Then f splits into distinct linear factors over the subfield F q r of F q n, so alsoover F q n. Hence g splits into distinct linear factors over F q n. Since deg(g) =q n = |F q n| we get thatg =∏(X − α),proving that g = X qn − X.α∈F q nDefine ϕ d (q) to be the number of monic irreducible polynomials of degree d overF q . We wish to obtain a formula for ϕ d (q). For this we will need the Möbiusfunction µ(n), which is defined as follows:{(−1) r if n = p 1 · · · p r is a product of distinct primes;µ(n) :=0 if d 2 |n for some d ≥ 2.We immediately see that µ(1) = 1 and that µ(mn) = µ(m)µ(n) provided m andn are coprime (i.e. µ is a multiplicative function).The following is a fundamental result.Lemma 9.8.∑µ(d) =d|n{1 if n = 1;0 if n ≥ 2.46

Proof. Set N(n) := ∑ d|nµ(d). Since µ is a multiplicative function, so too isN. In other words, if m and n are coprime, then N(mn) = N(m)N(n). We arereduced to the case of a prime power n = p r . Now N(1) = 1 whereas if r ≥ 1,then N(p r ) = µ(1) + µ(p) = 0.The importance is revealed by the next result, which allows us to invert formulaeinvolving sums over divisors.Lemma 9.9. Suppose we have functions f n and g n for all positive integers n.Thenf n = ∑ g d if and only if g n = ∑ µ ( )nd fd .d|nd|nWe now use this technique to obtain a formula for ϕ n (q).Theorem 9.10.ϕ n (q) = 1 ∑µ(d)q n/d .nd|nProof. We have from Proposition 9.7 thatX qn − X = ∏ d|n∏f monic,irreddeg(f)=df.Comparing degrees we getq n = ∑ d|ndϕ d (q).Inverting this formula (with f n = q n and g n = nϕ n (q)), we obtain thatnϕ n (q) = ∑ d|nµ ( )nd q d = ∑ µ(d)q n/dd|nas required.ExamplesWe know that ϕ 1 (q) = q, and the irreducible polynomials of degree 1 over F qare just the linear polynomials X − α for α ∈ F q .Next we haveϕ 2 (q) = 1 2(q 2 − q ) , ϕ 3 (q) = 1 3(q 3 − q ) , ϕ 4 (q) = 1 (q 4 − q 2) .4We can compute the irreducible polynomials over F 2 or F 3 using the Sieve ofErastothenes, but taking irreducible polynomials over a finite field instead ofprime numbers in the integers. (That this method works is due to the fact thatK[X], like Z, is a Euclidean domain.)47

We have the following irreducible polynomials over F 2 .X 2 + X + 1X 3 + X + 1, X 3 + X 2 + 1X 4 + X + 1, X 4 + X 3 + 1, X 4 + X 3 + X 2 + X + 1.Over F 3 we have three irreducible quadratics.X 2 + 1, X 2 + X − 1, X 2 − X − 1.48

Chapter 10Separable ExtensionsRecall from Proposition 5.6 that if L/K is Galois, then for every α ∈ L, itsminimal polynomial over K has distinct roots in L. In this chapter we investigatethis property further.10.1 Separable PolynomialsWe call an irreducible polynomial f ∈ K[X] separable over K if f has distinctroots in a splitting field extension. Since splitting field extensions are uniqueup to isomorphism, this definition depends only on f and K. We say that ageneral polynomial f ∈ K[X] is separable over K if each irreducible factor isseparable over K.Changing perspective, let L/K be an algebraic field extension and α ∈ L. Wesay that α is separable over K if its minimal polynomial m α/K is separable overK. We say that L/K itself is separable if each α ∈ L is separable over K.We start by giving a criterion for when an irreducible polynomial is separable.Theorem 10.1. Let f ∈ K[X] be irreducible. Then the following are equivalent.1. f is inseparable over K.2. gcd(f, f ′ ) ≠ 1.3. f ′ = 0.4. char(K) = p > 0 and f(X) = g(X p ) for some g ∈ K[X] (necessarilyirreducible).Proof. (1) ⇒ (2) Let L/K be a splitting field extension for f. Since f has arepeated root in L, say α, we can can write f = (X − α) 2 g for some g ∈ L[X].Taking derivatives gives f ′ = (X − α) ( 2g + (X − α)g ′) , so that α is again a rootof f ′ . Hence m α/K divides both f and f ′ over K, so gcd(f, f ′ ) ≠ 1.49

(2) ⇒ (3) Since f is irreducible, if gcd(f, f ′ ) ≠ 1, then it must equal f. Thereforef divides f ′ but deg(f) > deg(f ′ ). This can only happen if f ′ = 0.(3) ⇒ (4) Write f = ∑ n a nX n ∈ K[X]. Then 0 = f ′ = ∑ n na nX n−1 , sona n = 0 ∈ K for all n. If char(K) = 0, then a n = 0 for all n ≥ 1, so thatf = a 0 ∈ K is constant, contradicting the assumption that f is irreducible.Thus char(K) = p > 0 and a n = 0 unless p|n, so that f(X) = g(X p ) with g =∑r a prX r ∈ K[X]. To see that g is irreducible, suppose that g = g 1 g 2 ∈ K[X].Then f(X) = g(X p ) = g 1 (X p )g 2 (X p ) ∈ K[X], so f irreducible implies one ofthe g i is constant, and so g is irreducible.(4) ⇒ (1) Let char(K) = p > 0 and f(X) = g(X p ) ∈ K[X]. Let L/K be thesplitting field extension for f. If α ∈ L is a root of f, then 0 = f(α) = g(α p ), soα p is a root of g. Thus X − α p divides g over L, which implies that X p − α p =(X − α) p divides g(X p ) = f(X). Thus α is a repeated root of f in L, so f isinseparable.We call a field K perfect if every irreducible polynomial f ∈ K[X] is separable.We observe that all fields of characteristic 0 are separable. Also, all algebraicallyclosed fields are perfect (since all irreducible polynomials are linear). Finally, itfollows from Corollary 9.6 that all finite fields are perfect.It is instructive to see an example of an inseparable field extension.Lemma 10.2. Let K be a field of characteristic p > 0, and let α ∈ K. Thenthe polynomial X p − α is either irreducible, or else factors as (X − β) p .Proof. Let L/K be a splitting field extension for X p − α, and let β ∈ L bea root of this polynomial. Then β p = α, so over L we have the factorisationX p − α = (X − β) p . By unique factorisation in K[X], any irreducible factor ofX p − α must be of the form (X − β) m for some 1 ≤ m ≤ p. In particular, theconstant term β m must lie in K.Suppose β m ∈ K for some 1 < m < p. Since p is prime there exist integers a, bwith ap + bm = 1. Then α a (β m ) b = β ap+bm = β ∈ K. Therefore either β ∈ Kand X p − α = (X − β) p over K, or else X p − α is irreducible over K.Proposition 10.3. Consider the transcendental extension F p (x)/F p . Let y =x p . Then the minimal polynomial of x over F p (y) is X p − y, and the fieldextension F p (x)/F p (y) is inseparable of degree p.Proof. Clearly x is a root of m = X p − y, so by the previous lemma we justneed to prove that x ∉ F p (y).Note that y is transcendental over F p . So, if x ∈ F p (y), then there exist polynomialsf, g ∈ F p [X] such that x = f(y)/g(y), or equivalently f(y) = g(y)x. Sincey = x p , this gives f(x p ) = g(x p )x. As x is transcendental over F p , this impliesf(X p ) = g(X p )X in F p [X], a contradiction by comparing degrees. 11 Alternatively, apply Exercise Sheet 4, Question (7).50

We next want to show that the set of separable elements in a field extensionL/K forms an intermediate field.Lemma 10.4. Let K be a field of characteristic p > 0, and let L/K be a fieldextension. For α ∈ L, algebraic over K, we have the following dichotomy.1. α is separable over K if and only if [K(α) : K(α p )] = 1.2. α is inseparable over K if and only if [K(α) : K(α p )] = p.Proof. If α is separable over K, then it is separable over any intermediate fieldE of L/K. For, m α/E divides m α/K , so also has distinct roots in a splitting fieldextension. In particular, α is separable over K(α p ). On the other hand, theminimal polynomial of α over K(α p ) divides X p − α p , and by Lemma 10.2 thispolynomial is either irreducible, so α is inseparable over K(α p ), or else factorsas (X − α) p , so α ∈ K(α p ). We deduce that [K(α) : K(α p )] = 1.Conversely, if α is inseparable over K, then m α/K (X) = f(X p ) for some monicirreducible polynomial f ∈ K[X]. Since α p is a root of f, we see that f =m α p /K, so that [K(α p ) : K] = deg(f) and [K(α) : K] = deg(m) = p deg(f).Thus [K(α) : K(α p )] = p.Theorem 10.5. Let L/K be a field extension and write L sep/K for the set ofelements α ∈ L which are separable over K. Then L sep/K is an intermediatefield of L/K, and is a separable field extension of K.Proof. This is trivial when char(K) = 0, so let char(K) = p > 0. Clearly eachelement of K is separable over K, so K ⊂ L sep/K . It remains to show thatL sep/K is a closed under sums, products and inverses, so is a subfield of L. Inother words, we need to show that if α, β ∈ L sep/K with β non-zero, then α ± βand αβ ±1 are all separable over K.Let γ be any one of these elements. Then K(β, γ) = K(α, β), and by applyingthe Frobenius homomorphism we also have K(β p , γ p ) = K(α p , β p ). Now β isseparable over K, so it is also separable over any intermediate field E of L/K,and so E(β p ) = E(β) by the previous lemma. Similarly α is separable over K,so K(α p ) = K(α). Combining these results for E = K(α) gives K(α p , β p ) =K(α, β). We deduce that K(β p , γ p ) = K(β, γ), so by the Tower Law[K(γ) : K(γ p )] = [K(β, γ) : K(γp )][K(β, γ) : K(γ)]= [K(βp , γ p ) : K(γ p )].[K(β, γ) : K(γ)]Finally, let m be the minimal polynomial of β over K(γ). Applying the Frobeniushomomorphism we have Fr(m)(X p ) = m(X) p , so β p is a root of Fr(m).Since m ∈ K(γ)[X] we see that Fr(m) ∈ K(γ p )[X]. Therefore the minimalpolynomial n of β p over K(γ p ) divides Fr(m), so[K(β p , γ p ) : K(γ p )] = deg(n) ≤ deg(Fr(m)) = deg(m) = [K(β, γ) : K(γ)].Thus [K(γ) : K(γ p )] ≤ 1, so K(γ) = K(γ p ) and γ is separable over K.51

10.2 Characterisation of Galois ExtensionsWe now come to an important result, which states that a finite field extensionis Galois if and only if it is separable and normal. This characterisation is oftentaken to be the definition of a Galois extension, but the approach we have takenhas the benefit of emphasising the symmetries of a Galois extension.Theorem 10.6. Let L/K be a field extension. The following are equivalent.1. L/K is Galois.2. L/K is finite, separable and normal.3. L/K is a splitting field extension of a separable polynomial f ∈ K[X].Proof. (1) ⇒ (2) Let L/K be Galois. Then it is necessarily finite. Furthermore,we saw in Proposition 5.6 that for each α ∈ L, its minimal polynomial m α/Ksplits into distinct linear factors over L. Thus L/K is also separable and normal.(2) ⇒ (3) Let L/K be finite, separable and normal. Then it is a splitting fieldextension for some polynomial f ∈ K[X] by Theorem 8.4. Let m be a monicirreducible factor of f, and let α ∈ L be a root of m. Then m is necessarily theminimal polynomial of α over K, so is separable by assumption. Thus f is aseparable polynomial.(3) ⇒ (1) Let f ∈ K[X] be a separable polynomial, and let L/K be a splittingfield extension for f. We are going to prove that L/K is Galois by induction onthe degree [L : K]. Set G := Gal(L/K) and let E be the fixed field of G.Let α ∈ L \ K be a root of f, so m := m α/K is a separable polynomial. ThenL/K(α) is again a splitting field extension for f, but of smaller degree, so isGalois by induction. Then Gal(L/K(α)) ≤ G is a subgroup, so the fixed fieldof G is contained in the fixed field of Gal(L/K(α)); that is, E ⊂ K(α).Set n + 1 := [K(α) : K]. Given θ ∈ E ⊂ K(α) we can writeθ = a 0 α n + · · · + a n−1 α + a n for some a i ∈ K.Set g := a 0 X n + · · · + a n−1 X + (a n − θ) ∈ E[X].Let β ∈ L be a root of m. We claim that g(β) = 0. By Artin’s ExtensionTheorem there exists a K-isomorphism ι: K(α) ∼ −→ K(β), α ↦→ β. Now L/K(β)is also a splitting field extension for f = ι(f), so by Theorem 8.2 there exists afield automorphism σ of L extending ι. Since ι is a K-isomorphism, so too is σ,and hence σ ∈ Gal(L/K).By assumption σ fixes every element of E, and also that σ(α) = β. Thereforeso g(β) = 0 as required.θ = σ(θ) = a 0 β n + · · · + a n−1 β + a n ,Since m has n + 1 distinct roots but deg(g) ≤ n we deduce that g = 0, soθ = a n ∈ K. Thus E = K and L/K is Galois by Proposition 5.1.52

Corollary 10.7. Let L/K be a finite, separable field extension. Then L/K issimple. In particular, all Galois extensions are simple.Proof. Let L = K(α 1 , . . . , α n ), let m i be the minimal polynomial of α i overK, and let m = m 1 · · · m n . Since L/K is separable, each α i is separable overK, so each m i is an irreducible separable polynomial. Hence m is a separablepolynomial.Now, if M/L is the normal closure for L/K, then M/K is a splitting field extensionfor m, so is Galois by the theorem. By the Fundamental Theorem,the intermediate fields of M/K are in bijection with the subgroups of the Galoisgroup. Thus there are only finitely many intermediate fields of M/K, sothere can be only finitely many subfields of L/K. Hence L/K is simple by thePrimitive Element Theorem.In the exercises we will construct a finite field extension L/K which has infinitelymany intermediate fields, and hence is not simple.Another important consequence of the theorem is that we can view Galois groupsas transitive subgroups of symmetric groups. If f ∈ K[X] is a separable polynomial,we write Gal(f) for the Galois group of a splitting field extension L/Kfor f. This is well-defined by Theorem 8.2.Proposition 10.8. Let f ∈ K[X] be a separable irreducible polynomial of degreen. Then the action of Gal(f) on the roots of f induces an injective grouphomomorphism Gal(f) ↩→ Sym n with image a transitive subgroup.Proof. Let L/K be a splitting field extension for f, so a Galois extension bythe theorem. If α 1 , . . . , α n are the roots of f in L, then L = K(α 1 , . . . , α n ),so the action of Gal(f) = Gal(L/K) is completely determined by its action onthe roots of f. This yields an injective group homomorphism Gal(f) ↩→ Sym n .Finally, Gal(f) acts transitively on the roots of f by Corollary 5.7, so its imagein Sym n must be a transitive subgroup.This result restricts the possible Galois groups quite considerably. For example,if f ∈ Q[X] is an irreducible cubic, then Gal(f) is isomorphic to either Z/3Z orSym 3 . If f ∈ Q[X] is an irreducible quartic, then Gal(f) is isomorphic to oneofSym 4 , Alt 4 , D 8 , Z/4Z, (Z/2Z) 2 .The group D 8 is the dihedral group with 8 elements, or the symmetry groupof a square. We can view it as a transitive subgroup of Sym 4 by taking〈(1234), (12)(34)〉. The group V := (Z/2Z) 2 is often called the Klein four group(Kleinsche Vierergruppe), and can be viewed as a transitive subgroup of Sym 4by taking 〈(12)(34), (13)(24)〉.53

As an example of how useful this is, consider the following result.Proposition 10.9. Let p be a prime. The only transitive subgroup of Sym pcontaining a transposition is Sym p itself.In particular, if f ∈ Q[X] is an irreducible polynomial of degree p having preciselytwo non-real roots, then Gal(f) ∼ = Sym p .Proof. Let G ≤ Sym p be a transitive subgroup. Then G acts transitively on theset {1, 2, . . . , p}, so by the Orbit-Stabiliser Theorem, H = Stab G (1) has indexp in G. Thus p divides |G|, so G contains an element of order p, and hence ap-cycle σ, by Cauchy’s Theorem.Suppose further that G contains a transposition (1 a). Note that, for some1 ≤ r and that this is again a p-cycle. Relabelling,we may assume that G contains (1 2) and (1 2 · · · p). Conjugating the transpositionshows that G also contains (i i + 1) for all i, and we know that thesetranspositions generate the full symmetric group. Thus G = Sym p .Now let f ∈ Q[X] be irreducible of degree p, and having precisely two complexroots. Then Gal(f) ≤ Sym p is a transitive subgroup. Moreover, complex conjugationfixes f, so permutes the roots of f, and hence acts as a transposition.Thus Gal(f) contains a transposition, so Gal(f) = Sym p .For example, the Galois group of f = X 5 − 4X + 2 ∈ Q[X] is Sym 5 . For, f isirreducible by Eisenstein, and has precisely three real roots, as seen by drawingits graph. We can therefore apply the proposition.X 5 − 4X + 2−2 −1 0 1 210.3 Changing the Base FieldLet E and F be intermediate fields of a field extension L/K. It is often useful tobe able to translate results about the field extension E/K to the field extensionEF/F , which we call base change.54

Theorem 10.10. Let L/K be a field extension, and E, F intermediate fields.1. If E/K is Galois, then so is EF/F , and Gal(EF/F ) is isomorphic to thesubgroup Gal(E/E ∩ F ) of Gal(E/K).2. If both E/K and F/K are Galois, then so too are EF/K and E ∩ F/K.If E ∩ F = K, then Gal(EF/K) is isomorphic to the direct productGal(E/K) × Gal(F/K).Proof. 1. Since E/K is Galois, it is a splitting field extension of some separablepolynomial f ∈ K[X] by Theorem 10.6. Then EF/F is a splitting field extensionof f, now viewed in F [X], so is Galois by the same theorem.Now let σ ∈ Gal(EF/F ). Then σ is completely determined by its action on theroots of f, and all of these lie in E. So σ restricts to a K-automorphism of E,inducing an injective map Gal(EF/F ) ↩→ Gal(E/K), which is easily seen to bea group homomorphism.Finally, let G ≤ Gal(E/K) be the image of Gal(EF/F ). Then x ∈ E is fixed byG if and only if x ∈ EF is fixed by Gal(EF/F ), which is if and only if x ∈ F .Thus the fixed field of G is E ∩ F , so G = Gal(E/E ∩ F ).2. Suppose that F/K is also Galois, so a splitting field extension of some separablepolynomial g ∈ K[X]. Then EF/K is a splitting field extension of fg,which is separable, so EF/K is Galois.Since EF/K is finite and separable, so too is E ∩ F/K. To see that the latterfield extension is also normal, and hence Galois, take γ ∈ E ∩ F . Then m γ/Ksplits over E, since E/K is normal, and similarly also over F/K. Therefore allthe roots of m γ/K necessarily lie in E ∩ F , so m γ/K splits over E ∩ F .Assume now that E ∩ F = K. As in (1), restriction to E yields a group homomorphismGal(EF/K) → Gal(E/K). For, E/K is a splitting field extensionof f and any σ ∈ Gal(EF/K) must permute these roots, so σ restricts to anautomorphism of E. Similarly, F/K is a splitting field for g, so restriction to Fyields a group homomorphism Gal(EF/K) → Gal(F/K). Together these givea group homomorphismθ : Gal(EF/K) → Gal(E/K) × Gal(F/K).Since EF/K is a splitting field extension for fg, any σ ∈ Gal(EF/K) is completelydetermined by its action on the roots of f and g, so by its restrictionsto E and F . Thus θ is injective. Finally, by (1) we know that[EF : F ] = | Gal(EF/F )| = | Gal(E/E ∩ F )| = | Gal(E/K)| = [E : K],so by the Tower Lawand hence[EF : K] = [EF : F ][F : K] = [E : K][F : K]| Gal(EF/K)| = | Gal(E/K)|| Gal(F/K)|.This implies that θ must be a bijection, and hence a group isomorphism.55

Corollary 10.11. Let L/K be a field extension, and E and F intermediatefields. If E/K is Galois, then [EF : F ] divides [E : K].Proof. By part (1) of the theorem we have[EF : F ] = | Gal(EF/F )| = | Gal(E/E ∩ F )| = [E : E ∩ F ],which divides [E : K] by the Tower Law.This result is not true if E/K is not Galois. For example, let E = Q( 3√ 2) andF = Q(ω 3√ 2), where ω is a primitive cube root of unity. Then EF = Q( 3√ 2, ω),so [E : Q] = [F : Q] = 3 and [EF : Q] = 6, whence [EF : F ] = 2.56

Chapter 11Cyclotomic and CyclicExtensionsIn this chapter we shall examine two special types of field extensions — cyclotomicextensions, given by adjoining a primitive n-th root of unity, and cyclicextensions, given by adjoining an arbitrary n-th root under the assumptionthat the base field already contains a primitive n-th root of unity. Both ofthese cases are relatively easy to study, and have far reaching generalisations toabelian Kummer theory and class field theory.11.1 Cyclotomic ExtensionsRecall that ζ ∈ K is called a primitive n-th root of unity if ζ n = 1 butζ d ≠ 1 for all 1 ≤ d < n. For example we could take ζ = exp(2πi/n) ∈ C.Let ζ ∈ K be a primitive n-th root of unity. We make the following observations.1. The n numbers ζ r for 1 ≤ r ≤ n are all distinct. For, if ζ r = ζ s with1 ≤ r < s ≤ n, then ζ s−r = 1 and 1 ≤ s − r < n, contradicting the factthat ζ was a primitive n-th root of unity.2. The set µ n := {ζ r : 1 ≤ r ≤ n} is a cyclic group under multiplication,generated by ζ. Hence µ n is isomorphic to the additive group Z/nZ.3. If 1 ≤ r ≤ n, then ζ r is a primitive n/d-th root of unity, where d =gcd(r, n).4. µ n contains µ d for all d|n. In particular, if ξ is an n/d-th root of unity,then ξ = ζ ds for some 1 ≤ s ≤ n/d.57

We define the n-th cyclotomic polynomial as∏∏Φ n (X) := (X − ζ r ) =1≤r≤ngcd(r,n)=1ξ primitive n-throot of unityWe therefore have the factorisationX n − 1 =1≤r≤n(X ∏− ζ r ) = ∏ Φ d (X).d|n(X − ξ).Note also that deg(Φ n ) = φ(n), where φ(n) is Euler’s totient (or phi) functionφ(n) = |{1 ≤ r ≤ n : gcd(r, n) = 1}|.Theorem 11.1. The polynomial Φ n (X) lies in Z[X] and is irreducible.If ζ ∈ C is a primitive n-th root of unity, then Q(ζ)/Q is Galois with abelian Galoisgroup. In fact, Gal(Q(ζ)/Q) ∼ = (Z/nZ) × via σ r (ζ) := ζ r for r ∈ (Z/nZ) × .Proof. We first observe that each Φ d (X) is monic. By induction we may assumeΦ d (X) ∈ Z[X] for d < n. Since ∏ d|n Φ d(X) = X n − 1, the Division Algorithmtells us Φ n (X) ∈ Q[X], and then Gauss’s Lemma gives that Φ n (X) ∈ Z[X].Now let f ∈ Q[X] be the minimal polynomial of ζ, a primitive n-th root ofunity. We claim that if ξ is any root of f, then so is ξ p for all primes p ∤ n. Itwill follow that ζ r is a root of f for all 1 ≤ r ≤ n with gcd(r, n) = 1, and hencethat Φ n (X) = f is irreducible.Since ζ is a root of X n − 1, we can write X n − 1 = f(X)g(X). Again, bothpolynomials are monic with rational coefficients, so Gauss’s Lemma tells usthat f, g ∈ Z[X]. Let ξ be a root of f, p a prime not dividing n and assumefor contradiction that ξ p is not a root of f. Then ξ p must be a root of g(X),so that ξ is a root of g(X p ). Since f is the minimal polynomial of ξ, it dividesg(X p ). Hence g(X p ) = f(X)h(X), and by Gauss’s Lemma once more we seethat h ∈ Z[X] and is monic.We now reduce coefficients modulo p. Denote by ¯f, ḡ and ¯h respectively theimages of f, g and h in F p [X]. By Lemma 9.2 we have ḡ(X) p = ḡ(X p ) =¯f(X)¯h(X). Thus gcd( ¯f, ḡ) ≠ 1. Since X n − 1 = ¯f(X)ḡ(X), we see that X n − 1has repeated roots. It follows that X n − 1 and its derivative nX n−1 have acommon divisor, but since p ∤ n this cannot happen, proving the claim.We have shown that Φ n (X) is the minimal polynomial of ζ over Q. Thus[Q(ζ) : Q] = deg(Φ n ) = φ(n). Since all n-th roots of unity (primitive or not)are powers of ζ, we see that Q(ζ)/Q is the splitting field extension of Φ n (orequivalently of X n − 1). Hence Q(ζ)/Q is Galois.Let G = Gal(Q(ζ)/Q), so |G| = φ(n). By Artin’s Extension Theorem theelements of G are in bijection with the roots of Φ n , so are all of the form σ r : ζ ↦→ζ r for some 1 ≤ r ≤ n coprime to n. Consider the bijection (Z/nZ) × → G,r ↦→ σ r . Since 1 ↦→ σ 1 = id and σ r σ s (ζ) = σ r (ζ) s = ζ rs , this map is a groupisomorphism.58

Recall from Proposition 9.3 that every finite extension of a finite field is Galoiswith cyclic Galois group.Theorem 11.2. Let K = F q be a finite field and L/K a splitting field extensionof X n − 1. Then L contains a primitive n-th root of unity if and only if thecharacteristic of K does not divide n, in which case L/K has degree d, where dis the order of q modulo n, so Gal(L/K) ↩→ (Z/nZ) × .Proof. Suppose first that p := char(K) divides n, say n = pm. Let ζ ∈ L be ann-th root of unity. Then ζ m is a root of X p − 1 = (X − 1) p , so ζ m = 1. HenceL cannot contain a primitive n-th root of unity.Conversely, suppose that p does not divide n. Then q ∈ (Z/nZ) × , so let d bethe order of q in this group. Note that Z/dZ ∼ = 〈q〉 ↩→ (Z/nZ) × . Let M/K bea field extension of degree e, so M has size q e . Now, X n − 1 is coprime to itsderivative, so has no repeated roots in a splitting field extension. Therefore, byProposition 9.7, X n − 1 splits over M if and only if X n − 1 divides X qe −1 − 1,which is if and only if n divides q e − 1, and hence if and only if d divides e.Therefore the splitting field extension L of X n − 1 must be F q d.Finally, we know from Lemma 3.6 that L × is cyclic, say with generator θ. Thusθ has order q d − 1 = mn, so ζ = θ m has order n, so is a primitive n-th root ofunity.Corollary 11.3. Let L/K be a field extension, and suppose ζ ∈ L is a primitiven-th root of unity. Then K(ζ)/K is Galois, and Gal(K(ζ)/K) ↩→ (Z/nZ) × .Proof. Let k be the prime subfield of K. Then k(ζ)/k is Galois with Galoisgroup a subgroup of (Z/nZ) × , by Theorem 11.1 in characteristic zero or byTheorem 11.2 in positive characteristic. Then K(ζ) is the compositum of Kand k(ζ), so K(ζ)/K is Galois with Gal(K(ζ)/K) isomorphic to a subgroup ofGal(k(ζ)/k) by Theorem 10.10.Since we will need this result later, we now show that the compositum of twocyclotomic field extensions is again cyclotomic.Lemma 11.4. Let L/K be a field extension containing a primitive m-th rootof unity ξ and a primitive n-th root of unity η. Set d := gcd{m, n} and l :=lcm{m, n}. Then L contains a primitive l-th root of unity ζ, and K(ξ, η) =K(ζ).Proof. We begin by adjoining a primitive l-th root of unity ζ to L. Then ξ, η ∈K(ζ). Conversely, for some integers r and s we have ζ l/m = ξ r and ζ l/n = η s .By Euclid’s Algorithm we can find integers a and b such that am + bn = d.Then, using that mn = dl, we see that ξ br η as = ζ (am+bn)/d = ζ, so ζ ∈ K(ξ, η).Thus K(ξ, η) = K(ζ).59

11.2 Hilbert’s Theorem 90Let L/K be a Galois field extension with Galois group G. The trace and normof α in L/K are given byTr L K(α) := ∑ σ∈Gσ(α) and N L K(α) := ∏ σ∈Gσ(α).We observe thatTr L K(α + β) = Tr L K(α) + Tr L K(β) and N L K(αβ) = N L K(α) N L K(β),so that Tr L K : L → K is an additive group homomorphism, and N L K : L × → K ×is a multiplicative group homomorphism.Theorem 11.5 (Hilbert’s Theorem 90). Let L/K be Galois with Galois groupGal(L/K) ∼ = Z/nZ. Let σ be a generator for Gal(L/K). Then for β ∈ L wehave N L K(β) = 1 if and only if there exists α ∈ L such that β = σ(α)/α.Proof. Suppose that β = σ(α)/α. ThenN L K(β) = βσ(β) · · · σ n−1 (β) = σ(α) σ 2 (α)α σ(α) · · · σ n (α)α n−1 (α) = σn (α)= 1.αConversely, suppose that N L K(β) = 1. Defineλ i := σ i (β) · · · σ n−1 (β) =1βσ(β) · · · σ i−1 (β) .By the Linear Independence of Characters the σ i are linearly independent overL. Hence there exists γ ∈ L such thatn−1∑α := λ i σ i (γ) ≠ 0.i=0Now, σ(λ i ) = βλ i+1 and λ 0 = λ n = 1. Thereforen−1∑n−1∑σ(α) = σ(λ i )σ i+1 (γ) = βλ i+1 σ i+1 (γ) = βi=0so β = σ(α)/α as required.i=0n∑λ i σ i (γ) = αβ,i=1Pythagorean TriplesAs a cute application of this we can prove that every Pythagorean triple (x, y, z),that is, integers x, y, z such that x 2 + y 2 = z 2 , is of the form(x, y, z) = c(a 2 − b 2 , 2ab, a 2 + b 2 ) a, b ∈ Z coprime, 2c ∈ Z.60

For, let us consider the field of Gaussian numbers Q(i). This is a quadraticextension of Q, so has Galois group Z/2Z, induced by complex conjugation,and Q contains a primitive second root of unity, namely −1.Note that the norm of β = x + yi (with x, y ∈ Q) is N(β) = (x + yi)(x − yi) =x 2 + y 2 .Therefore by Hilbert’s Theorem 90 we see that x 2 + y 2 = 1 if and only if thereexists α = a − bi withx + yi = a + bia − bi = (a2 − b 2 ) + 2abia 2 + b 2 .Therefore every rational solution to x 2 + y 2 = 1 is of the form(x, y) =( a 2 − b 2a 2 + b 2 , 2ab)a 2 + b 2 .Now, (x, y, z) is a Pythagorean triple if and only if (x/z) + (y/z)i has norm 1.Therefore there exist rational numbers a, b with x/z = (a 2 − b 2 )/(a 2 + b 2 ) andy/z = 2ab/(a 2 + b 2 ). Clearing denominators and removing common factors, wemay even assume that a, b ∈ Z are coprime. Therefore (x, y, z) is a Pythagoreantriple if and only if there exist coprime integers a, b and a rational number csuch that(x, y, z) = c(a 2 − b 2 , 2ab, a 2 + b 2 ).Finally, since x, y, z are integers, the denominator of c must divide both a 2 − b 2and a 2 + b 2 , and hence must divide their sum 2a 2 and difference 2b 2 . Since aand b are coprime we see that the denominator of c is at most 2, so 2c ∈ Z.11.3 Cyclic ExtensionsA Galois extension L/K is called cyclic if its Galois group is cyclic. We willnow study cyclic extensions under the assumption that the base field has enoughroots of unity.Proposition 11.6. Let L/K be a cyclic Galois extension of degree n, andassume that K contain a primitive n-th root of unity. Then L/K is a splittingfield extension of some X n − a ∈ K[X].Proof. Let σ be a generator for the Galois group. If ζ ∈ K is a primitive n-throot of unity, then σ(ζ) = ζ, so N L K(ζ) = ζ n = 1. By Hilbert’s Theorem 90 thereexists α ∈ L with ζ = σ(α)/α. Thus σ(α) = ζα, so σ r (α) = ζ r α. Then α has nconjugates in L, so K(α)/K has degree n, and hence L = K(α). Moreover, theminimal polynomial of α over K ism α/K = ∏ r(X − ζ r α) = α n ∏ r((X/α) − ζ r ) = α n ((X/α) n − 1) = X n − α n .Therefore α n = a ∈ K and L/K is a splitting field extension of X n − a.61

Importantly, the converse also holds.Proposition 11.7. Let L/K be a splitting field extension of some X n − a ∈K[X], and assume that K contains a primitive n-th root of unity. Then L/Kis Galois with cyclic Galois group of order dividing n.Proof. Let α ∈ L be a root of X n − a. Then the other roots are just ζ r α, whereζ ∈ K is a primitive n-th root of unity. Therefore L = K(α). Moreover, sinceX n − a has distinct roots it is a separable polynomial, so L/K is Galois byTheorem 10.6.Now, the minimal polynomial m of α over K divides X n − a, so the roots ofm are given by ζ r α for r in some subset R ⊂ Z/nZ containing 0. By Artin’sExtension Theorem the elements of the Galois group G = Gal(L/K) are ofthe form σ r : α ↦→ ζ r α for r ∈ R. Finally, σ r σ s (α) = ζ r+s α = σ r+s (α), and(α) = ζ −r α = σ −r (α). Therefore R ≤ Z/nZ is a subgroup, and the bijectionR → G, r ↦→ σ r , is a group isomorphism.σ −1rThis proves that the Galois group of L/K is cyclic of order dividing n.62

Chapter 12Radical ExtensionsWe now come back to our motivating question of whether we can express theroots of an irreducible polynomial as radical expressions in the coefficients ofthe polynomial. This has a beautiful answer in terms of the structure of theGalois group: an irreducible polynomial f over a field of characteristic zero issolvable by radicals if and only if Gal(f) is a solvable group.The main difficulty in the proof is that the base field usually does not containenough roots of unity. We therefore have to adjoin these in order to make ourdeductions. Finally we show that every root of unity has a radical expression,finishing the proof.12.1 Radical ExtensionsInformally, if L/K is a field extension, then a radical expression of α ∈ L isone involving only the elements of K, the field operations +, −, ×, ÷ and n-throots. For example, the following elementis a radical expression for α over Q.α = 11√ 3 7 √ √2+ 93 √ 15 − 12 4 √1 + 5√ 6More precisely, we say that a field extension L/K is radical if there exists atowerK = K 0 ⊂ K 1 ⊂ · · · ⊂ K r = Lsuch that each field extension K i /K i+1 is given by extracting an n i -th root, soK i = K i−1 (α i ) is simple and α nii ∈ K i−1 . We call such a tower a radical towerfor L/K. Note that all radical extensions are necessarily finite.Given a radical tower L = K r / · · · /K 1 /K 0 = K for L/K, there exists an integern such that each K i /K i−1 is given by extracting an n-th root. For, we knowthat K i = K i−1 (α i ) with α nii ∈ K i−1 . Let n = lcm(n 1 , . . . , n r ). Then n i divides63

n, so α n i ∈ K i−1 . We will call such an integer n an exponent for the radicalextension L/K. (N.B. This is non-standard terminology, but useful.)We will need two properties about radical extensions. The first concerns basechange, the second, normal closures.Lemma 12.1. Let L/K be a field extension, and E and F intermediate fields.If E/K is radical of exponent n, then so is EF/F .Proof. LetK = K 0 ⊂ K 1 ⊂ · · · ⊂ K r = Ebe a radical tower of exponent n. Write K i = K i−1 (α i ) where αinF i := F K i . Then F i = F i−1 (α i ) and αin ∈ F i−1. Hence∈ K i−1 . SetF = F 0 ⊂ F 1 ⊂ · · · ⊂ F r = EFis a radical tower for EF/F of exponent n.Proposition 12.2. Let M/L be a normal closure of L/K. If L/K is radical ofexponent n, then so is M/K.Proof. LetK = K 0 ⊂ K 1 ⊂ · · · ⊂ K r = Lbe a radical tower of exponent n. Write K i = K i−1 (α i ) with αin ∈ K i−1.Let M/L be a normal closure of L/K and set M i to be the normal closure ofK i /K inside M. Observe that K i = K(α 1 , α 2 , . . . , α i ), so if m i is the minimalpolynomial of α i over K, then M i /K is the splitting field extension of f i :=m 1 m 2 · · · m i inside M. In particular, M i /M i−1 is the splitting field extensionof m i inside M, so M i is generated over M i−1 by the roots of m i .We claim that each M i /M i−1 is radical of exponent n, so by concatenating theirradical towers we will obtain a radical tower for M/K of exponent n. In fact,we will show that if β i is any other root of m i , then β n i ∈ M i−1 .By Artin’s Extension Theorem there is a K-isomorphism ι: K(α i ) → K(β i )sending α i to β i . Since M i /K is the splitting field extension of f i , so tooare M i /K(α i ) and M i /K(β i ). Also, f i ∈ K[X], so ι(f i ) = f i . Therefore, byTheorem 8.2, there is a K-automorphism σ of M i extending ι.Finally, M i−1 /K is the unique splitting field extension of f i−1 inside M andσ(f i−1 ) = f i−1 . It follows that σ induces a K-automorphism of M i−1 . Thusβ n = σ(α n ) ∈ M i−1 as required.WarningIf L/K is radical and E is an intermediate field, then E/K is not in generalradical. This is not surprising: just because every element of E has a radical64

expression, we do not expect that every element which can be expressed usingthe same radicals necessarily lies in E.For this reason we make the following definition. A polynomial f ∈ K[X]is solvable by radicals if there exists a radical extension M/K containingevery root of f. Since normal closures of radical extensions are again radical,Proposition 12.2, we may even assume that M/K is normal, so contains asplitting field extension L for f. We do not require that L/K is itself radical.12.2 Solvable GroupsBefore we continue, we will need to recall some facts about solvable groups.Given a finite group G, a chain of subgroups {1} = G r ≤ · · · ≤ G 0 = G iscalled a subnormal series if G i ⊳ G i+1 for all i. The factor groups G i−1 /G iare called the subquotients of the subnormal series. A chain is called a normalseries if each G i is a normal subgroup of G. (Some authors call a subnormalseries a normal series, but then have no name for a normal series.)A finite group G is called solvable provided there exists a subnormal seriesfor G such that all subquotients are cyclic. We observe that a simple group issolvable if and only if it is cyclic of prime order.We say that a chain of subgroups {1} = G ′ n ≤ · · · ≤ G ′ 0 = G is a refinementof a chain {1} = G m ≤ · · · ≤ G 0 = G provided that each G i occurs as some G ′ j .Lemma 12.3. A group is solvable if and only if it has a subnormal serieswhose subquotients are all cyclic of prime order, which is if and only if it has asubnormal series whose subquotients are all abelian.Proof. All finite abelian groups are direct products of cyclic groups, and allcyclic groups have a normal series whose subquotients are cyclic of prime order.Thus, given a subnormal series with abelian subquotients, we can refine it to asubnormal series whose subquotients are cyclic of prime order.The next two propositions show that subnormal series pass to subgroups andto quotient groups.Proposition 12.4. Let G be a finite group and let {1} = G r ⊳ · · · ⊳ G 0 = G bea subnormal series for G. If H ≤ G is a subgroup, then setting H i := H ∩ G igives a subnormal series {1} = H r ⊳· · ·⊳H 0 = H for H. Moreover, H i−1 /H i ≤G i−1 /G i .In particular, G solvable implies H solvable.Proof. We have H i−1 ≤ G i−1 , G i ⊳ G i−1 and H i = H i−1 ∩ G i , so by the SecondIsomorphism Theorem, H i ⊳ H i−1 and H i−1 /H i∼ = (Hi−1 G i )/G i ≤ G i−1 /G i .For the second part we observe that subgroups of abelian (respectively cyclic)groups are again abelian (respectively cyclic).65

Proposition 12.5. Let G be a finite group and let {1} = G r ⊳ · · · ⊳ G 0 = Gbe a subnormal series for G. If H ⊳ G is a normal subgroup, then settingḠ i := (G i H)/H gives a subnormal series {1} = Ḡr ⊳ · · ·⊳Ḡ0 = G/H for G/H.Moreover, G i−1 /G i ↠ Ḡi−1/Ḡi.In particular, G solvable implies G/H solvable.Proof. We first observe that G i H ⊳ G i−1 H is a normal subgroup. This can bedone using the Isomorphism Theorems, but it is just as easy to prove it directly.Let xy ∈ G i H, where x ∈ G i and y ∈ H. Similarly let gh ∈ G i−1 H, whereg ∈ G i−1 and h ∈ H. Then(gh)(xy)(gh) −1 = ghxyh −1 g −1 = (gxg −1 )g ( (x −1 hx)yh −1) g −1 .Since G i ⊳ G i−1 we have gxg −1 ∈ G i ; since H ⊳ G we have x −1 hx ∈ H,so (x −1 hx)yh −1 ∈ H, and hence g ( (x −1 hx)yh −1) g −1 ∈ H. This proves thatG i H ⊳ G i−1 H.It now follows from the Third Isomorphism Theorem that Ḡi = (G i H)/H is anormal subgroup of Ḡi−1 = (G i−1 H)/H, with quotientḠ i−1 /Ḡi ∼ = (G i−1 H)/(G i H).This in turn is isomorphic to G i−1 /(G i−1 ∩ (G i H)) by the Second IsomorphismTheorem, since G i−1 H = G i−1 (G i H).We therefore have an epimorphism G i−1 ↠ G i−1 /(G i−1 ∩ G i H) ∼ = Ḡi−1/Ḡi.As G i lies in the kernel, the First Isomorphism Theorem gives an epimorphismG i−1 /G i ↠ Ḡi−1/Ḡi as required.The second part follows as in the previous proposition, since quotients of abelian(respecively cyclic) groups are again abelian (respectively cyclic).Theorem 12.6. Let H ⊳ G be finite groups. Then G is solvable if and only ifboth H and G/H are solvable.Proof. Using the propositions above, it only remains to prove that if H and G/Hare both solvable, then G is solvable. Denote by π : G → G/H the canonicalepimorphism.Let {1} = Ḡs ⊳ · · · ⊳ Ḡ0 = G/H be a subnormal series for G/H and let{1} = H r ⊳ · · · ⊳ H s = H be a subnormal series for H. Define G i := π −1 (Ḡi)for 0 ≤ i ≤ s and G i := H i for s ≤ i ≤ r. Since π −1 (Ḡs) = H, this definition isconsistent.Then {1} = G r ⊳· · ·⊳G 0 = G is a subnormal series for G. Moreover, G i−1 /G i∼ =H i−1 /H i for s and G i−1 /G i∼ = Ḡ i−1 /Ḡi for 0 of theseis clear, and the second follows from the Third Isomorphism Theorem.In particular, if each H i−1 /H i and Ḡi−1/Ḡi is abelian (respectively cyclic), thenso is each G i−1 /G i . Hence if H and G/H are both solvable, then so is G.66

It is easy to show that every p-group for p a prime is a solvable group. In fact,any such group is nilpotent, meaning that we even have a normal series withabelian subquotients.Theorem 12.7. Let p be a prime and G a finite p-group. Then G is nilpotent,so solvable.Proof. We recall that Z(G) is the centre of G, so the set of elements z commutingwith all g ∈ G. Then Z(G) ⊳ G is clearly a normal subgroup.Now, since G is a p-group, it has non-trivial centre. For, we let G act on itself byconjugation. The orbits of size one are given by the elements of the centre Z(G),and note that |Z(G)| ≥ 1 since 1 ∈ Z(G). Let X be a set of representatives forthe conjugacy classes of size at least 2. For x ∈ X let G x = Stab G (x) be thestabiliser of x, so by the Orbit-Stabiliser Theorem [G : G x ] = |Orb G (x)| > 1.Since G is a p-group, we see that p divides each [G : G x ]. Therefore |G| =|Z(G)| + ∑ x∈X [G : G x], so p divides |Z(G)|. In particular, G has non-trivialcentre.We can define a normal series of G by setting Z 0 := {1} and iteratively definingZ i+1 to be the preimage in G of Z(G/Z i ), so that Z 1 = Z(G). For, G/Z i is ap-group, so has non-trivial centre, so Z i < Z i+1 is a strict inclusion.More generally, we have the following famous theorem. John Thompson wasrecently awarded the Abel Prize for this and other work on finite groups.Theorem 12.8 (Feit-Thompson). Every finite group of odd order is solvable.In particular, if G is a finite simple group, then either G is cyclic of prime orderor else |G| is even.We shall need the following result, concerning the solvablility of the symmetricand alternating groups.Theorem 12.9. The alternating group Alt n is solvable if n ≤ 4 and simple ifn ≥ 5. In particular, the symmetric group Sym n is solvable if and only if n ≤ 4.Proof. For n = 4 we have the normal series {1} ⊳ V ⊳ Alt 4 ⊳ Sym 4 , whereV = 〈(12)(34), (13)(24)〉 is the Klein four group. Since each quotient is abelian,we have the result. Moreover, since Sym 4 /V ∼ = Sym 3 , we also obtain that Sym 3is solvable.On the other hand, if n ≥ 5, then Alt n is simple but not cyclic, so not solvable.Since Alt n ⊳Sym n , the full symmetric group Sym n is not solvable for n ≥ 5.12.3 Solvable Galois ExtensionsWe now come to one of the highlights of Galois Theory. We assume throughoutthat all fields have characteristic zero.67

Proposition 12.10. Let L/K be Galois and radical. Then Gal(L/K) is solvable.Proof. Let L/K be radical of exponent n, say having a radical towerK = K 0 ⊂ K 1 ⊂ · · · ⊂ K r = Lwith K i = K i−1 (α i ) and αin ∈ K i−1. Let M/L be a splitting field extension ofX n − 1, and let ζ ∈ M be a primitive n-th root of unity.Note that L/K and K(ζ)/K are both Galois, so their compositum L(ζ) = M isGalois over K by Theorem 10.10. By the Galois Correspondence we know thatGal(M/K(ζ)) is a normal subgroup of Gal(M/K) with quotient Gal(K(ζ)/K),and this latter group is abelian by Corollary 11.3. So, by Theorem 12.6,Gal(M/K) is solvable if and only if Gal(M/K(ζ)) is solvable.On the other hand, we similarly have that Gal(M/L) is a normal subgroup ofGal(M/K) with quotient Gal(L/K). So Gal(M/K) solvable implies Gal(L/K)solvable. Putting this together we see that Gal(M/K(ζ)) solvable impliesGal(L/K) solvable.Now, M = L(ζ), so Lemma 12.1 implies that M/K(ζ) is radical of exponent n.In fact, setting M i := K i (ζ), we obtain the radical towerK(ζ) = M 0 ⊂ M 1 ⊂ · · · ⊂ M r = Mwith M i = M i−1 (α i ) and αin ∈ M i−1 . Since M i−1 contains ζ, a primitive n-throot of unity, we know from Proposition 11.7 that M i /M i−1 is Galois with cyclicGalois group (of order dividing n). It follows from the Galois Correspondencethat, setting G i := Gal(M/M i ), we have a subnormal series{1} = G r ⊳ · · · ⊳ G 1 ⊳ G 0 = Gal(M/K(ζ))with cyclic subquotients G i−1 /G i∼ = Gal(Mi /M i−1 ). Hence Gal(M/K(ζ)) is asolvable group as required.The converse is slightly trickier, since we have not shown that each root of unityhas a radical expression. In fact, we prove this simultaneously.Proposition 12.11. Let L/K be Galois with solvable Galois group. Then thereexists an extension M/L such that M/K is Galois and radical.Proof. Let L/K have degree n. We shall prove by induction on n that thereexists a root of unity ζ such that L(ζ)/K is Galois and radical. Note that thecase n = 1 is trivial.Consider K(η)/K, where η is a primitive n-th root of unity. We know fromCorollary 11.3 that this field extension is Galois of degree dividing φ(n) withabelian Galois group. Therefore, by induction, there exists a root of unity ξsuch that K(ξ, η)/K is Galois and radical. If ξ is a primitive m-th root of unity,68

then Lemma 11.4 tells us that K(ξ, η) = K(ζ), where ζ is a primitive l-th rootof unity for l = lcm{m, n}.Now let L(ζ)/L be a splitting field extension of X l − 1, where ζ is a primitivel-th root of unity. Note that L/K and K(ζ)/K are both Galois, so their compositumL(ζ) is Galois over K by Theorem 10.10. Therefore it is enough toprove that L(ζ)/K(ζ) is radical, since then we can concatenate radical towersfor L(ζ)/K(ζ) and K(ζ)/K to deduce that L(ζ)/K is radical.By Theorem 10.10 once more we know that Gal(L(ζ)/K(ζ)) is isomorphic to asubgroup of Gal(L/K), so is solvable by Theorem 12.6 and has order dividingn. Let {1} = G r ⊳ · · · ⊳ G 0 = Gal(L(ζ)/K(ζ)) be a subnormal series forGal(L(ζ)/K(ζ)) with cyclic subquotients. Let M i be the fixed field of G i , soK(ζ) = M 0 ⊂ M 1 ⊂ · · · ⊂ M r = L(ζ)is a tower of field extensions. By the Galois Correspondence we have thatM i /M i−1 is Galois with Galois group G i−1 /G i , so cyclic of order dividing n.Since M i−1 contains a primitive n-th root of unity, we can apply Proposition 11.6to get that M i = M i−1 (α i ) with αin ∈ M i−1. Hence L(ζ) = M r / · · · /M 0 = K(ζ)is a radical tower of exponent n. This proves that L(ζ)/K(ζ) is radical.We summarise this discussion in the following theorem.Theorem 12.12 (Galois). A Galois field extension L/K has solvable Galoisgroup if and only if there exists an extension M/L with M/K Galois and radical.In particular, a polynomial f ∈ K[X] is solvable by radicals if and only if Gal(f)is a solvable group.Proof. The first part is immediate from the previous two propositions. For thesecond, let f ∈ K[X] and let L/K be a splitting field extension of f. Then fis solvable by radicals if and only if there exists an extension M/L such thatM/K is Galois and radical, which is equivalent to Gal(f) = Gal(L/K) being asolvable group.Corollary 12.13. There exist quintic polynomials f ∈ Q[X] which are notsolvable by radicals.Proof. We saw at the end of Section 10.2 that f = X 5 − 4X + 2 ∈ Q[X] isirreducible and has Galois group Sym 5 . Therefore Gal(f) is not solvable, so fis not solvable by radicals.69

Chapter 13Cubics and QuarticsIn this chapter we apply the above considerations to cubic and quartic polynomials,and in so doing obtain radical expressions for their roots. In particular,we recover Cardano’s formula from Exercise Sheet 1, and motivate the constructionsinvolved. The formula for the quartic is due to Ferrari, a student ofCardano. We will assume throughout that K is a field of characteristic zero,though in fact it is enough to take characteristic different from 2 or 3.13.1 Solving the CubicLet f = X 3 −s 1 X 2 +s 2 X −s 3 ∈ K[X] be irreducible and let α i for i = 1, 2, 3 bethe roots of f in a splitting field extension L/K. Thus the s i are the elementarysymmetric functions in the rootss 1 = α 1 + α 2 + α 3 , s 2 = α 1 α 2 + α 2 α 3 + α 3 α 1 , s 3 = α 1 α 2 α 3 .Let G ≤ Sym 3 be the Galois group of f. Recall that we have the subnormalseries {1} ⊳ Alt 3 ⊳ Sym 3 with cyclic subquotients of degrees 3 and 2. We needto compute the fixed field of G ∩ Alt 3 . Defineδ = ∏ i

This also gives a criterion for the Galois group of an irreducible cubic f ∈ K[X].√∆Gal(f)not in K Sym 3in K Alt 3In order to obtain radical expressions for the roots we need to adjoin a primitivecube root of unity ω. So, from now on assume that ω ∈ K. Then by Proposition11.6 we have L = K(δ, u) with u 3 ∈ K(δ). In fact, if σ is a generator for Alt 3 ,say σ = (123), then σ(u) = ωu, and conversely any such u works. An obviouschoice isu := α 1 + ωα 2 + ω 2 α 3 .An easy calculation shows that u 3 equals(α 3 1 +α 3 2 +α 3 3)+6α 1 α 2 α 3 +3ω(α 2 1α 2 +α 2 2α 3 +α 2 3α 1 )+3ω 2 (α 1 α 2 2 +α 2 α 2 3 +α 3 α 2 1).Now, using the formulaeas well aswe can write(α 2 1α 2 + α 2 2α 3 + α 2 3α 1 ) + (α 1 α 2 2 + α 2 α 2 3 + α 3 α 2 1) = s 1 s 2 − 3s 3(α 2 1α 2 + α 2 2α 3 + α 2 3α 1 ) − (α 1 α 2 2 + α 2 α 2 3 + α 3 α 2 1) = δα 3 1 + α 3 2 + α 3 3 = s 3 1 − 3s 1 s 2 + 3s 3u 3 = s 3 1 − 9 2 s 1s 2 + 27 2 s 3 + 3 2 (ω − ω2 )δ = 1 2 (λ + 3(ω − ω2 )δ),where λ = 2s 3 1 − 9s 1 s 2 + 27s 3 . Note also that ω − ω 2 = √ −3.We can similarly form the sum v = α 1 + ω 2 α 2 + ωα 3 , so thatv 3 = 1 2 (λ − 3(ω − ω2 )δ) and uv = s 2 1 − 3s 2 .Finally we can solve for α i using the three expressionss 1 = ∑ iα i ,u = ∑ iω i−1 α i ,v = ∑ iω 2(i−1) α i .This givesα 1 = 1 3 (s 1 + u + v), α 2 = 1 3 (s 1 + ω 2 u + ωv), α 3 = 1 3 (s 1 + ωu + ω 2 v).Observe that u 3 and v 3 are the roots of the auxillary quadraticX 2 − λX + 1 4 (λ2 + 27∆) ∈ K[X].This recovers the formula from Exercise Sheet 1 when s 1 = 0 (except the u andv used there are one third of the u and v used above).71

13.2 Solving the QuarticNow let f = X 4 − s 1 X 3 + s 2 X 3 − s 3 X + s 4 ∈ K[X] be an irreducible quartic.Let L/K be a splitting field extension and let α i ∈ L for i = 1, 2, 3, 4 be theroots of f. Let G ≤ Sym 4 be the Galois group of f. Note that the s i are againthe elementary symmetric functions in the rootss 1 = α 1 + α 2 + α 3 + α 4 , s 2 = α 1 α 2 + α 1 α 3 + α 1 α 4 + α 2 α 3 + α 2 α 4 + α 3 α 4 ,s 3 = α 1 α 2 α 3 + α 1 α 2 α 4 + α 1 α 3 α 4 + α 2 α 3 α 4 , s 4 = α 1 α 2 α 3 α 4 .Recall that Sym 4 has a normal series {id} ⊳ V ⊳ Alt 4 ⊳ Sym 4 with abeliansubquotients. In fact, for solving the quartic, the most important subgroup isV , since Sym 4 /V ∼ = Sym 3 . Therefore the fixed field of V corresponds to thesplitting field of a cubic, called the auxillary cubic. Since V ∼ = (Z/2Z) 2 it hasthree subgroups of order two, which we can then use, together with the roots ofthe auxillary cubic, to obtain radical expressions for the roots.Note that, under the isomorphism Sym 4 /V ∼ = Sym 3 , the preimage of Alt 3 isAlt 4 , and the preimages of the three subgroups of order two give three subgroupsof Sym 4 containing V and isomorphic to D 8 . These have fixed fields generatedby the individual roots of the auxillary cubic.Fixed FieldsWe want to find the fixed fields of the subgroups G ∩ V and G ∩ Alt 4 . In fact,we will also need the fixed fields for G ∩ D and G ∩ T , whereandD = {id, (12), (34), (12)(34), (13)(24), (14)(23), (1324), (1423)} ∼ = D 8T = {id, (12)(34)} ∼ = Z/2Z.Note that {1}⊳T ⊳V ⊳D is a subnormal series, with all subquotients isomorphicto Z/2Z.We will prove the following.subgroup G ∩ T G ∩ V G ∩ D G ∩ Alt 4fixed field F (α 1 + α 2 , α 1 α 2 ) F K(a) K(δ)The notation is as follows. As usual we have setδ = ∏ (α i − α j ) = ∑ασ(1) 3 α2 σ(2) α σ(3) −∑α σ(1) ασ(2) 2 α3 σ(3) ,i

Also, F = K(a, b, c), wherea := (α 1 + α 2 )(α 3 + α 4 ), b := (α 1 + α 3 )(α 2 + α 4 ), c := (α 1 + α 4 )(α 2 + α 3 )are the roots of the auxillary cubicg := X 3 − 2s 2 X 2 + (s 2 2 + s 1 s 3 − 4s 4 )X + (s 2 3 + s 2 1s 4 − s 1 s 2 s 3 ) ∈ K[X].We first compute the fixed field of G ∩ Alt 4 . Note that, as before, if σ ∈ G, thenσ(δ) = sgn(σ)δ. It follows that ∆ ∈ K and Gal(L/K(δ)) = G ∩ Alt 4 .Next consider G ∩ V . We have V = {id, (12)(34), (13)(24), (14)(23)}, so it isnatural to look at the elements a, b, c given above. We calculate thata + b + c = 2s 2 , ab + bc + ca = s 2 2 + s 1 s 3 − 4s 4 , abc = −s 2 3 − s 2 1s 4 + s 1 s 2 s 3so that a, b, c are indeed the roots of the auxillary cubic g.Note that the roots a, b, c of g are all distinct (although g need not be irreducible).In fact, f and g have the same (non-zero) discriminant: for,a − b = −(α 1 − α 4 )(α 2 − α 3 ),b − c = −(α 1 − α 2 )(α 3 − α 4 ),a − c = −(α 1 − α 3 )(α 2 − α 4 ),so that(a − b)(a − c)(b − c) = − ∏ i

In particular, if α 1 α 2 ≠ α 3 α 4 , then α 1 + α 2 ∈ K(α 1 α 2 ). Similarlys 3 − 1 2 s 1s 2 + 1 8 s3 1 = ( α 1 + α 2 − 1 2 s 1)(s2 − a + 1 2 s 1(α 1 + α 2 − 1 2 s 2) − 2α 1 α 2),and recall that a = (α 1 + α 2 )(s 1 − α 1 − α 2 ). So, if α 1 + α 2 ≠ α 3 + α 4 , thenα 1 α 2 ∈ K(α 1 + α 2 ).These expressions seem to be new — at least I could not find them in thestandard literature.Galois GroupWe can now calculate the Galois group G of f.g ∈ K[X]δ√s21 − 4a, √ (s 2 − a) 2 − 4s 4Gal(f)splitsVirreducible in K Alt 4irreducible not in K Sym 4root a both in K( √ ∆) Z/4Zroot a not both in K( √ ∆) D 8Recall that G is a transitive subgroup of Sym 4 , so is one ofSym 4 , Alt 4 , D 8 = 〈Z/4Z, V 〉, Z/4Z, V.Also, we saw above that G/(G ∩ V ) = Gal(g). So, if g splits over K, thenG = G∩V , and hence G = V . On the other hand, if g is irreducible, then Gal(g),and hence G, contains a 3-cycle. Since g and f have the same discriminant∆ = δ 2 , we see that either δ ∈ K, so Gal(g) = Alt 3 and G = Alt 4 , or elseδ ∉ K, so Gal(g) = Sym 3 and G = Sym 4 .Finally, suppose that g has a single root a ∈ K. Then also b + c, bc ∈ K, andδ = (a 2 − a(b + c) + bc)(b − c) ≠ 0. So δ ∈ K if and only if b − c ∈ K, whichis if and only if g splits over K. By assumption this does not happen, so wehave K < K(δ) = F . Therefore G > G ∩ Alt 4 = G ∩ V . It follows that G iseither D 8 or Z/4Z. Now, either α 1 + α 2 , α 1 α 2 are both in K(δ), in which caseG ∩ T = G ∩ V and G ∼ = Z/4Z, or else they are not both in K(δ), in which caseG ∩ T < G ∩ V and G ∼ = D 8 .Note that α 1 + α 2 , α 3 + α 4 are the roots of the quadratic X 2 − s 1 X + a, whereasα 1 α 2 , α 3 α 4 are the roots of the quadratic X 2 − pX + s 4 . These have respectivediscriminants s 2 1 − 4a and (s 2 − a) 2 − 4s 4 , so the result follows.74

Radical ExpressionsWe can also use this information to find radical expressions for the roots of f.We already know how to solve the cubicg = X 3 − 2s 2 X 2 + (s 2 2 − 4s 4 + s 1 s 3 )X − (s 1 s 2 s 3 − s 2 1s 4 − s 2 3),assuming thatK contains a primitive cube root of unity ω. We setand takewithλ = 2(2s 2 ) 3 − 9(2s 2 )(s 2 2 − 4s 4 + s 1 s 3 ) + 27(s 1 s 2 s 3 − s 2 1s 4 − s 2 3)= −2s 3 2 − 27s 2 3 − 27s 2 1s 4 + 72s 2 s 4 + 9s 1 s 2 s 3 .Then the roots of g areu 3 = 1 2 (λ + 3(ω − ω2 )δ),v 3 = 1 2 (λ − 3(ω − ω2 )δ)uv = (2s 2 ) 2 − 3(s 2 2 − 4s 4 + s 1 s 3 ) = s 2 2 + 12s 4 − 3s 1 s 3 .a = 1 3 (2s 2 + u + v), b = 1 3 (2s 2 + ω 2 u + ωv), c = 1 3 (2s 2 + ωu + ω 2 v).This gives the field F = K(a, b, c).There are now two possible approaches. The theory says we should take asquare root to get F (α 1 + α 2 , α 1 α 2 ), and then another square root to get L.Unfortunately, due to the technicality mentioned above, we do not know whichsquare root to take, either √ s 2 1 − 4a or √ (s 2 − a) 2 − 4s 4 .The alternative is to take three square roots and construct F (α 1 +α 2 ), F (α 1 +α 3 )and F (α 1 + α 4 ). Then L is the compositum of these three fields: for example,(α 1 + α 2 ) + (α 1 + α 3 ) + (α 1 + α 4 ) = 2α 1 + s 1 .We therefore solve the three quadraticsX 2 − s 1 X + a, X 2 − s 1 X + b, X 2 − s 1 X + c,but making sure that the square roots of the discriminants are chosen such thatβ 1 =β 2 =β 3 =√1((α1 + α 2 ) − (α 3 + α 4 ) )4 s2 1 − a = α 1 + α 2 − 1 2 s 1 = 1 2((α1 + α 3 ) − (α 2 + α 4 ) )√14 s2 1 − b = α 1 + α 3 − 1 2 s 1 = 1 2√14 s2 1 − c = α 1 + α 4 − 1 2 s 1 = 2( 1 (α1 + α 4 ) − (α 2 + α 3 ) ) .Note that, after relabelling the roots α i , we may assume that β 2 , β 3 are in thecorrect form. Thenβ 2 β 3 = s 2 − a + 1 2 s 1(α 1 + α 2 − 1 2 ) − 2α 1α 2 ,75

so (by our earlier computation relating α 1 + α 2 and α 1 α 2 ) the assumption onthe β i is equivalent to the compatibility conditionβ 1 β 2 β 3 = s 3 − 1 2 s 1s 2 + 1 8 s3 1.This in effect says that we only need take two square roots, since the third canthen be obtained using this expression. Having done this we can solve for α 1 :2α 1 = 1 2 s 1 + β 1 + β 2 + β 3 .SummaryIn summary, given a quarticf = X 4 − s 1 X 3 + s 2 X 2 − s 3 X + s 4 ∈ K[X],where K contains a primitive cube root of unity, we solve the auxillary cubicg = X 3 − 2s 2 X 2 + (s 2 2 + s 1 s 3 − 4s 4 )X + (s 2 3 + s 2 1s 4 − s 1 s 2 s 3 )to get the roots a, b, c. We then take square roots√1β 1 =4 s2 1 − a, β 2 =with signs chosen such thatThe roots of f are then given by√14 s2 1 − b, β 3 =β 1 β 2 β 3 = s 3 − 1 2 s 1s 2 + 1 8 s3 1.√14 s2 1 − c2α 1 = 1 2 s 1 + β 1 + β 2 + β 3 2α 3 = 1 2 s 1 − β 1 + β 2 − β 32α 2 = 1 2 s 1 + β 1 − β 2 − β 3 2α 4 = 1 2 s 1 − β 1 − β 2 + β 3 .Biquadratic PolynomialsAs a special case, consider a biquadratic polynomial 1f = X 4 + s 2 X 2 + s 4 ∈ K[X].When f is irreducible we have the following possibilities for Gal(f).⎧⎪⎨ V if s 4 is a square in KGal(f) ∼ = Z/4Z if s 4 (s⎪⎩2 2 − 4s 4 ) is a square in KotherwiseD 81 This is standard terminology, but a biquadratic extension is not a splitting field extensionof a general biquadratic polynomial, but rather of two quadratic polynomials, for exampleQ( √ 2, √ 3)/Q.76

For, the auxillary polynomial isg = X(X 2 − 2s 2 X + (s 2 2 − 4s 4 )),so g always has the root a = 0 in K, and the discriminant is ∆ = 16s 4 (s 2 2−4s 4 ) 2 .Therefore δ ∈ K if and only if s 4 is a square in K, and then the splitting fieldextension of g is F = K( √ s 4 ) = F (δ). Finally, s 2 1 − 4a = 0, so we only need askwhether s 2 2 − 4s 4 is a square in K( √ s 4 ). Note here that since f is irreducible,s 2 2 − 4s 4 is not a square in K.We can now apply the previous criterion. If s 4 is a square in K, then g splitsover K and G = V . Assume a = 0 is the only root of g in K. Then G = Z/4Zif and only if s 2 2 − 4s 4 is a square in K( √ s 4 ), otherwise G = D 8 .Finally, s 2 2 − 4s 4 is a square in K( √ s 4 ) if and only if s 4 (s 2 2 − 4s 4 ) is a square inK. For, assume that s 2 2 − 4s 4 = (x + y √ s 4 ) 2 with x, y ∈ K. Multiplying outand equating coefficients gives that xy = 0. Since s 2 2 − 4s 4 is not a square in K,we cannot have y = 0. Therefore x = 0 and s 4 (s 2 2 − 4s 4 ) = (s 4 y) 2 is a squarein K. Conversely, suppose that s 4 (s 2 2 − 4s 4 ) is a square in K. Since s 2 2 − 4s 4 isnot a square in K, neither is s 4 , but then s 2 2 − 4s 4 is a square in K( √ s 4 ).77

Chapter 14Algebraically Closed FieldsThis chapter is non-examinable, and is included only for completeness.A field L is called algebraically closed if every non-constant polynomial f hasa root in L. In other words, the only irreducible polynomials are those of degreeone. An algebraic closure of K is an algebraic field extension L/K with Lalgebraically closed.Algebraic closures are special cases of normal field extensions, or of splittingfield extensions.Lemma 14.1. L is an algebraic closure of K if and only if if is the splittingfield extension for the set of all polynomials in K[X].Proof. Let L be an algebraic closure of K and take f ∈ K[X] non-constant.Then f factorises over L as a product of degree one polynomials; in otherwords, f splits over L. It follows that L/K contains a unique intermediate fieldF which is a splitting field extension for the set of all polynomials in K[X].For, we can take the intersection over all such intermediate fields. Since L/Kis algebraic, if α ∈ L \ F , then the minimal polynomial m α/K cannot split overF , a contradiction. Thus L = F .Conversely, let L/K be a splitting field extension for the set of all polynomialsin K[X]. Then L/K is necessarily generated by the set of all roots of all polynomialsin K[X], all of which are algebraic elements, so L/K is algebraic. Nowtake f ∈ L[X] and let α be a root of f in some extension of L. Then, by thetransitivity of algebraic extensions, Exercsie Sheet 7, Question 2, we know thatα is algebraic over K. By assumption m α/K ∈ K[X] splits over L, so α ∈ L.Therefore L is algebraically closed.Having made this connection, we can try and prove the existence and uniquenessof algebraic closures. As is often the case, we will need to replace the inductionproof of Theorem 8.2 with an application of Zorn’s Lemma.78

Before we begin, we make a further observation, which will simplify considerablythe construction of an algebraic closure.Proposition 14.2. Let L/K be algebraic. If every f ∈ K[X] has a root in L,then L is algebraically closed.Proof. Take f ∈ L[X] and let α be a root of f in some field extension of L. Bythe transitivity of algebraic extensions, α is algebraic over K, say with minimalpolynomial m. Let L ′ /L be a splitting field extension of m, and let M ⊂ L ′be the splitting field extension of m over K. We want to show that M ⊂ L, sothat in particular α ∈ L.We know that M/K is finite and normal, so we can use the results from ExerciseSheet 7, Question 7; that is, let E = M sep/K and let F = M Gal(M/K) . Thenboth E/K and M/F are Galois, with isomorphic Galois groups, and both M/Eand F/K are purely inseparable. Finally, M = EF is the compositum of E andF . Therefore, it is enough to show that both E and F are subfields of L.Since E/K is Galois, it is simple by Corollary 10.7, say E = K(β). ThenE = K(β ′ ) for any root β ′ of m β/K , and by assumption L contains a root ofm β/K . This proves that E ⊂ L.Since F/K is purely inseparable, if γ ∈ F , then m γ/K = X q − γ q where q = p nis a power of the characteristic (or q = 1 in characteristic zero). This polynomialhas a unique root, namely γ, so again our assumption on L implies that γ ∈ L.It follows that F ⊂ L.Theorem 14.3 (Existence of Algebraic Closures). Every field K has an algebraicclosure.Proof. For each non-constant polynomial f ∈ K[X] we take an indeterminateX f and form the ring R := K[{X f : f ∈ K[X] \ K}]. (In fact, it is enough totake just the monic irreducible polynomials.) Consider the ideal I ⊳R generatedby the elements f(X f ) ∈ R.We claim that I is a proper ideal, and hence is contained in a maximal idealJ ⊳ R by Theorem B.3 (which uses Zorn’s Lemma).It will follow that L := R/J is a field extension of K generated by the imagesx f of the X f . Since f(X f ) ∈ I we have f(x f ) = 0 in L, so each x f is algebraicover K and hence L/K is algebraic. Finally, each non-constant polynomialf ∈ K[X] has a root in L, namely x f . Therefore, by the previous proposition,L is an algebraic closure of K.It remains to prove the claim. If I is not proper, then it contains the identity,so we can write 1 = g 1 f 1 (X f1 ) + · · · + g n f n (X fn ) for some distinct non-constantpolynomials f i ∈ K[X] and some elements g i ∈ R. Now, each g j uses onlyfinitely many variables, so the expression above only uses finitely many variables,say X 1 , . . . , X m with the convention that X i = X fi for 1 ≤ i ≤ n. We can nowwrite 1 = ∑ ni=1 g i(X 1 , . . . , X m )f i (X i ) ∈ K[X 1 , . . . , X m ].79

Let E/K be a finite extension in which each f i has a root, say f i (α i ) = 0. Setα i = 0 for n and the claim is proved.Before we continue, recall from Exercise Sheet 5, Question 7, that if L/K istranscendental, then there exist K-endomorphisms of L which are not automorphisms.We now show that this cannot happen when L/K is algebraic.Proposition 14.4. Let L/K be algebraic and let σ be a K-endomorphism ofL. Then σ is a K-automorphism.Proof. Since σ is necessarily injective, we just need to show that σ is surjective.It will follow that σ −1 is a K-embedding, and hence that σ is K-automorphism.Let α ∈ L, say with minimal polynomial m = m α/K . Let α = α 1 , . . . , α n be thedistinct roots of m in L. (Note: we are not assuming that m splits over L, orthat it is separable.) Since σ(m) = m, we know that σ(α i ) is again a root of m,so σ(α i ) ∈ {α 1 , . . . , α n }. Since σ is injective, it induces an injective map from{α 1 , . . . , α n } to itself, which is necessarily a bijection. Thus each α i lies in theimage of σ. In particular, α ∈ σ(L), so σ is surjective.Theorem 14.5 (Uniqueness of Algebraic Closures). Let ι: K ∼ −→ K ′ be a fieldisomorphism, let L/K be algebraic, and let L ′ be an algebraic closure of K ′ .Then there exists a field embedding σ : L → L ′ extending ι.Moreover, if L is algebraically closed, then σ is an isomorphism.Proof. To prove the existence of σ we shall use Zorn’s Lemma.Let S denote the set of all pairs (F, τ) such that F is an intermediate field ofL/K and τ : F → L ′ is a field embedding extending ι. We endow S with apartial order by setting (E, ρ) ≤ (F, τ) if E ⊂ F and τ extends ρ. Clearly S isnon-empty, since it contains (K, ι). Moreover, every chain has an upper bound.For, if {(F i , τ i )} is a totally ordered subset, then F := ⋃ i F i is an intermediatefield of L/K and we can define τ : F → L ′ by setting τ(α) = τ i (α) for any isuch that α ∈ F i . Then (F, τ) is an upper bound for the chain {(F i , τ i )}.By Zorn’s Lemma, S contains a maximal element (F, σ). We claim that F =L. Otherwise, let α ∈ L \ F . Then α is algebraic over F , say with minimalpolynomial m = m α/F . Now σ(m) ∈ L ′ [X] has a root α ′ ∈ L ′ since L ′ isalgebraically closed. Therefore, by Artin’s Extension Theorem, we can extendσ to a field embedding τ : F (α) → L ′ via α ↦→ α ′ . Thus (F, σ) < (F (α), τ),contradicting the maximality of (F, σ). Therefore F = L and there exists a fieldembedding σ : L → L ′ extending ι.Now suppose that L is an algebraic closure of K. Then we have a field embeddingσ : L → L ′ extending ι, and a field embedding τ : L ′ → L extending ι −1 . Itfollows that στ is a K ′ -endomorphism of L ′ , so an automorphism by the previousproposition. In particular, σ is surjective, and hence an isomorphism.80

Since all algebraic closures of K are isomorphic, it is common to fix one of themand denote it by K.By the transitivity of algebraic extensions, it is easy to see that if L/K is a fieldextension with L algebraically closed, then K = L alg/K is an algebraic closureof K. For example, since C is algebraically closed, we have Q = C alg/Q .Another useful corollary concerns splitting field extensions of arbitrary subsetsS ⊂ K[X].Corollary 14.6. Let S ⊂ K[X] be an arbitrary subset. Then a splitting fieldextension of S over K exists, and is unique up to isomorphism.Proof. Let K be an algebraic closure of K. Then each f ∈ S splits over K, sothere is a unique intermediate field L, minimal with respect to this property.For, as usual, we take the intersection over all such intermediate fields.If ι: K ∼ −→ K ′ is a field isomorphism and K ′ an algebraic closure of K ′ , thenthere exists a field isomorphism σ : K ∼ −→ K ′ extending σ. Now, there is aunique splitting field extension L ′ of S ′ := ι(S) inside K ′ . Since σ(L) is also asplitting field extension of S ′ we must have that σ(L) = L ′ . In other words, σrestricts to an isomorphism L L −→ ′ extending ι.Using this we see that many results actually extend from the finite case to thealgebraic case. For example, normal field extensions are the same as splittingfield extensions, and normal closures of algebraic extensions always exist.81

Chapter 15Selected Topics15.1 The Normal Basis TheoremThe Normal Basis Theorem is due to Hensel (1888) in the case of finite fields,and Noether (1932) and Deuring (1933) for general Galois extensions. It statesthat for a Galois extension L/K, there is a K-basis of L given by a single orbit{σ(θ) : σ ∈ Gal(L/K)} of the Galois group.This basis has applications to cryptography, since it is easy to manipulate andis computationally very efficient.Theorem 15.1 (Normal Basis). Let L/K be Galois. Then there exists anelement θ ∈ L such that the set {σ(θ) : σ ∈ Gal(L/K)} is a K-basis for L,called a normal basis.We shall split the proof into two cases: when the field is infinite, or when theGalois group is cyclic (which includes all finite fields).15.1.1 Proof for infinite fieldsRecall that, for an irreducible polynomial f ∈ K[X] with roots α 1 , . . . , α n , wehave the discriminant ∆(f) := (−1) (n 2) ∏ i≠j (α i − α j ). We can generalise thisnotion as follows.Let L/K be a Galois extension with Galois group G = {σ 1 , . . . , σ n }.{α 1 , . . . , α n } ⊂ L we define∆(α 1 , . . . , α n ) := det ( Tr L K(α i α j ) ) ∈ K.We observe that we can rewrite this as follows. SetA := ( σ i (α j ) ) ∈ M n (L).For82

Thenusing thatA t A = ( ∑σ i (α i α j ) ) = ( Tr L K(α i α j ) ) ∈ M n (K),iTr L K = ∑ σ i ,ias shown in Proposition 15.9. Therefore∆(α 1 , . . . , α n ) = det(A) 2 .This definition generalises the discriminant for f. For, let L/K be the splittingfield of f and let α 1 , . . . , α n be the roots of f in L. We may assume that theGalois group acts via σ i (α 1 ) = α i . Therefore, using the subset {1, α 1 , . . . , α1 n−1 },we obtain as above thatA := ( σ i (α j−11 ) ) = ( α j−1 )i .This is a Van der Monde matrix, sodet(A) = ∏ (α i − α j ), whence ∆(1, α 1 , . . . , α1 n−1 ) = det(A) 2 = ∆(f).i>jProposition 15.2. Let L/K be Galois. Then {α 1 , . . . , α n } is a K-basis for Lif and only if ∆(α 1 , . . . , α n ) ≠ 0.Proof. Let Gal(L/K) = {σ i } and set A := (σ i (α j )) as before. Then A is nonsingularif and only if ∆(α 1 , . . . , α n ) ≠ 0.Suppose first that A is singular. Then there exists λ i ∈ L such that (λ i )A = 0,or in other words, ∑ i λ iσ i (α j ) = 0 for all j. If the α j were a K-basis, thenfor any θ ∈ L we could write θ = ∑ j µ jα j . Then ∑ ∑i λ iσ i (θ) = 0, so thati λ iσ i = 0, contradicting the Linear Independence of Characters. Hence theα i do not form a K-basis of L.Conversely, suppose that A is non-singular. Then the α i are linearly independentover K. For, if ∑ j λ jα j = 0 for some λ j ∈ K, then applying σ i yields that∑j σ i(α j )λ j = 0 for all i. Therefore A(λ i ) = 0. Since A is non-singular, wededuce that λ j = 0 for all i.We can now prove the Normal Basis Theorem for infinite fields.Let L/K be Galois with Galois group Gal(L/K) = {σ i }. By the PrimitiveElement Theorem, we can write L = K(α). Set f ∈ K[X] to be the minimalpolynomial of α. Over L we have f = ∏ i (X − σ i(α)), by Proposition 15.9. Forconvenience we assume that σ 1 = id and α 1 = α, and write α i = σ i (α).The idea is now to use the Chinese Remainder Theorem to obtainL[X]/(f) ∼ = L n , X ↦→ (α 1 , . . . , α n ) where n := deg(f) = [L : K].83

In particular, we have a complete set of pairwise orthogonal idempotents in L ngiven by e i having 1 in place i and 0 elsewhere.More explicitly, setg i := ∏ j≠iX − α jα i − α j.Then clearly g i (α j ) = 0 for i ≠ j and g i (α i ) = 1 (so that g i ↦→ e i ∈ L n ). Notealso that σ i (g 1 ) = g i . Furthermore, if i ≠ j, then each α l is a root of gh i g j , sof divides g i g j in L[X] (corresponding to e i e j = 0 for i ≠ j in L n ). Finally, wehave the polynomial identity ∑ i g i = 1 in L[X] (corresponding to 1 = ∑ i e i inL n ). For, the left hand side is a polynomial of degree at most n − 1, and takesthe value 1 at each α l ; therefore it is identically 1.Thus, in L[X], we have g i g j ≡ 0 mod f for i ≠ j, and g j = ∑ i g ig j ≡ gj 2 mod f.From this we obtain that, in K[X], we have Tr L K(g i g j ) ≡ 0 mod f for i ≠ j andTr L K(gi 2) ≡ TrL K(g i ) = 1 mod f. This yields the polynomial identity∆(g i ) = det ( Tr L K(g i g j ) ) ≡ 1 mod f,since the off-diagonal entries vanish, and the diagonal entries are all 1.We can now define a polynomial h ∈ K[X] via h(X) = ∆(g i ). As a polynomial,this is non-zero, since it is congruent to 1 modulo f. Since K is an infinite field,there exists some λ ∈ K such that h(λ) ≠ 0 (and h(λ) = ∆(g i (λ))). Settingθ := g 1 (λ), we have g i (λ) = σ i (θ), and hence ∆(σ i (θ)) = h(λ) ≠ 0. By theprevious Proposition, we deduce that {σ i (θ)} is a normal basis for L/K.As a simple example, consider Q(i)/Q. Then f = X 2 + 1, and g 1 = 1 2i(X + i)and g 2 = −12i(X − i). HenceTr(g 2 1) = − 1 4 Tr(X2 + 2iX − 1) = − 1 2 (X2 − 1) = 1 − 1 2 f.SimilarlyTr(g 2 2) = 1 − 1 2 f and Tr(g 1g 2 ) = 1 2 f,so thath(X) = det ( Tr(g i g j ) ) = 1 − f = X 2 .The result then says that {g 1 (λ), g 2 (λ)} = { 1 −12i(λ + i),2i(λ − i)} is a Q-basis ifand only if λ ≠ 0.15.1.2 Proof for cyclic Galois groupsLet σ ∈ Gal(L/K) be a generator for the Galois group. We observe that anynormal basis for L/K is of the form {θ, σ(θ), . . . , σ n−1 (θ)}, where n = [L : K].Recall that L is a K-vector space of dimension n and that σ is a K-linear endomorphismof L. In particular, we can talk about the characteristic polynomial84

χ of σ, and also its minimal polynomial m. Clearly σ n = 1, so that the minimalpolynomial m divides X n − 1. On the other hand, by the Linear Independenceof Characters, we know that 1, σ, . . . , σ n−1 are linearly independent, so that σdoes not satisfy any polynomial relation of degree less then n. Since [L : K] = nwe deduce that m = χ = X n − 1.The normal basis theorem therefore follows from the a general result in linearalgebra. Let V be a K-vector space of dimension n and let S ∈ End K (V ).A cyclic vector for S is a vector v ∈ V such that {v, S(v), · · · , S n−1 (v)} is aK-basis of V .Theorem 15.3. The endomorphism S has a cyclic vector if and only if itsminimal polynomial equals its characteristic polynomial.The proof of this is essentially a special case of the rational normal form formatrices. (The rational normal form is a generalisation of the Jordan normalform which works for arbitrary fields, not just algebraically closed fields.) Ourapproach will be via polynomials.Let χ = p r11 · · · prs s be the characteristic polynomial of S, where p i ∈ K[X] arepairwise coprime, monic irreducible polynomials. Again, the Chinese RemainderTheorem tells us thatK[X]/(χ) ∼ = K[X]/(p r11 ) × · · · × K[X]/(prs s ).We again have a complete set of pairwise orthogonal idempotents e i having 1in the i-th factor and 0 elsewhere.Explicitly, setf i := ∏ j≠ip rjj= m/p rii .Then gcd(f 1 , . . . , f s ) = 1, so there exist g i with ∑ i g if i = 1. We observethat χ divides f i f j for i ≠ j. Hence f j = ∑ i g if i f j ≡ g j fj 2 mod (χ), so that(g i f i ) 2 ≡ g i f i mod (χ). In summary,(Thus ˜P i ↦→ e i .)˜P i := g i f i , ˜Pi ˜Pj ≡ 0 mod (χ) for i ≠ j, ˜P2i ≡ ˜P i mod (χ).Set P i := ˜P i (S) = g i (S)f i (S). By the Cayley-Hamilton Theorem, we know thatχ(S) = 0 on V . Thus∑Pi 2 = P i , P i P j = 0 for i ≠ j, and P i = id.Using this we can writeiV = ⊕ iV i , where V i = Im(P i ).85

For, we know that v = ∑ i P i(v). On the other hand, if P i (v) = P j (w) for somev, w ∈ V and some i ≠ j, then P j (w) = P 2 j (w) = P jP i (v) = 0. This shows thatthe sum is direct.Note that V i = Ker(p i (S) ri ), so that the V i are generalised eigenspaces. For,if v = P i (w) ∈ V i , then since p rii f i = χ, we have p i (S) ri P i = 0, so v ∈Ker(p i (S) ri ). Conversely, if p i (S) ri (v) = 0, then writing v = ∑ j P j(v) andusing that p rii divides f j for i ≠ j, we see that P j (v) = 0 for all j ≠ i. Hencev = P i (v) ∈ V i .Next we note that each V i is S-invariant; i.e. if v ∈ V i , then S(v) ∈ V i . For,P i S = SP i , which follows from the fact that P i = g i (S)f i (S) is a polynomialin S. Therefore S can be represented as a block diagonal matrix S =diag(S 1 , . . . , S s ), where S i represents the induced action of S on V i .We can now reduce to the case when V = V i for some i. For, if v i ∈ V i is acyclic vector for S i for each i, then v = ∑ i v i ∈ V is a cyclic vector for S. Tosee this, we just note that v i = P i (v) ∈ W := Span{v, S(v), S 2 (v), . . .}. ThusV i ≤ W for each i, whence W = V . Also, the characteristic polynomial χ i of S ion V i is just p rii , whereas if the minimal polynomial of S equals m = pa1 1 · · · pas swith 1 ≤ a i ≤ r i , then the minimal polynomial m i of S i equals m i = p aii . Som = χ if and only if a i = r i for all i, which is if and only if m i = χ i for all i.Therefore it is enough to prove the result when χ = p r for some monic irreduciblepolynomial p.Suppose first that m ≠ χ. Then for each vector v ∈ V the subspace W :=Span{v, S(v), S 2 (v), . . .} has dimension at most deg(m) < deg(χ) = dim V .Therefore V cannot have a cyclic vector. (As a trivial example, think of S = id,which has minimal polynomial X − 1 and characteristic polynomial (X − 1) n .If n ≥ 2, then S does not have a cyclic vector.)Now suppose that m = χ, and consider p r−1 . By definition, p(S) r−1 ≠ 0, sothere exists v ∈ V such that p(S) r−1 (v) ≠ 0. We claim that such a vectoris a cyclic vector for S. Again, set W := Span{v, S(v), S 2 (v), . . .}. We knowthat W ≤ V is an S-invariant subspace. It follows from the First IsomorphismTheorem that S induces an action on the quotient V/W . In particular, we canrepresent S as an upper-triangular block matrix( )S1 SS =3, where S0 S 1 = S| W ∈ End K (W ), S 3 = ¯S ∈ End K (V/W ).2Therefore χ = χ 1 χ 2 , where χ i is the characteristic polynomial of S i . (We havealready mentioned this fact in the Remark following Theorem 15.4 about thenorm and trace.) Since χ = p r is a power of an irreducible polynomial, we deducethat χ 1 = p a for some 1 ≤ a ≤ r. By the Cayley-Hamilton Theorem once more,we know that p(S) a = 0 on W , whereas by construction p(S) r−1 (v) ≠ 0. Thusa ≥ r, so that a = r and dim W = deg(p r ) = dim V , so that V = W .This completes the proof of Theorem 15.3, and hence the proof of the NormalBasis Theorem when the Galois group is cyclic.86

15.2 The Norm and TraceLet L/K be a finite field extension and α ∈ L. Then multiplication by αinduces a K-linear endomorphism A of L. The Cayley-Hamilton Theorem saysthat every endomorphism satisfies its own characteristic equation χ A (X) =det(X − A) ∈ K[X]; that is, χ A (A) is the zero-map on L. We observe thatA r (β) = α r β for all β ∈ L, so that χ A (A) acts on L as multiplication by χ A (α).Therefore α is a root of the polynomial χ A (X).Note that the characteristic polynomial χ A (X) is a monic polynomial and isindependent of the choice of basis, so depends only on α and L/K. We denoteit by χ L α/Kand call it the field equation of α/K with respect to L.Theorem 15.4. Let L/k be a finite field extension and let α ∈ L. Thenχ k(α)α/k = m α/k and χ L α/k = (m α/k) [L:k(α)] .Proof. Suppose first that L = k(α). Since α is a root of the polynomial χ L α/k ,we know that m α/k divides χ L α/k. Since they are both monic polynomials ofdegree [k(α) : k], they must be equal. This proves the first result.Now let K = k(α) (or more generally any subfield of L containing k(α)). Let{u i } i be a K-basis of L and {v p } p a k-basis of K. Then {u i v p } (i,p) is a k-basisof L. Let A: L → L and B : K → K be the k-linear maps corresponding tomultiplication by α. Let B = (b pq ) be the matrix with respect to {v p } andA = (a ipjq ) the matrix with respect to {u i v p }. Then∑a ipjq u i v p = αu j v q = u j αv q = ∑ pi,pb pq u j v p .Hence a ipjq = δ ij b pq , so A can be written in block-diagonal form, with [L : K]copies of B on the diagonal. This proves the second statement.Remark. A different proof can be constructed using the following general resultfrom linear algebra: if V is a k-vector space, A: V → V a k-linear endomorphismof V and U ≤ V a subspace such that A(U) ⊂ U, then A induces endomorphismsB : U → U and C : V/U → V/U. Choosing a basis for U and extending to abasis for V , we can write the matrix for A in block form, with the matrices forB and C on the diagonal, and zero in the bottom left corner. Thus χ A = χ B χ C .Let L/K be a finite field extension, α ∈ L and A the K-linear automorphismof L induced by multiplication by α. We define the norm of α in L/K to beN L K (α) := det(A) and the trace of α in L/K to be TrL K(α) := Tr(A).Proposition 15.5. Let L/K be a finite field extension and α, β ∈ L. Then1. N L K : L∗ → K ∗ is a group homomorphism between multiplicative groups.In particular, N L K (αβ) = N L K (α)N L K (β).87

2. Tr L K : L → K is a group homomorphism between additive groups. In particular,Tr L K(α + β) = Tr L K(α) + Tr L K(β).Proof. Let A and B be the K-linear automorphisms of L induced by multiplicationby α and β respectively. Then AB corresponds to multiplication by αβ,soN L K(αβ) = det(AB) = det(A) det(B) = N L K(α)N L K(β).If α ∈ L is non-zero, then A is invertible, so that NK L (α) = det(A) ≠ 0. Ifα = 1, then A = id L so that NK L(1) = 1. This shows that N K L : L∗ → K ∗ is agroup homomorphism.Similarly, A + B corresponds to multiplication by α + β, soTr L K(α + β) = Tr(A + B) = Tr(A) + Tr(B) = Tr L K(α) + Tr L K(β).If α = 0, then A = 0 so Tr L K(0) = 0. Thus Tr L K : L → K is a group homomorphism.Theorem 15.6. Let L/K/k be finite field extensions. ThenN L k = N K k ◦ N L K and Tr L k = Tr K k ◦ Tr L K.A proof of this is outlined in the exercises, although we will provide a differentproof later on using Galois Theory in the special case when L/k is separable.15.3 Norm and Trace RevisitedIn this section we relate the minimal polynomial and the field equation of anelement α to its conjugates σ(α). This is often easier to work with than theoriginal definition.We begin with a useful observation, which generalises Theorem ?? (6). LetL/K be finite, with normal closure M/L. Let E denote the set of K-embeddingsL → M. We let Gal(M/K) act (on the left) on E via σ·τ : L → M, x ↦→ σ(τ(x)).Note that σ · id = σ| L .Proposition 15.7. Gal(M/K) acts transitively on E, and the stabiliser of id ∈E equals Gal(M/L). In particular, the map Gal(M/K) → E, σ ↦→ σ| L inducesa natural bijection between the cosets of Gal(M/L) in Gal(M/K) and E.Proof. Let τ ∈ E. By Theorem ??, we can extend τ to σ ∈ Gal(M/K). Inparticular, σ · id = σ| L = τ, so Gal(M/K) acts transitively on E. Clearlyσ · id = id if and only if σ ∈ Gal(M/L), so by the Orbit-Stabiliser Theorem themap σ ↦→ σ · id = σ| L induces a bijection between the cosets of Gal(M/L) inGal(M/K) and E as required.88

We observe that the number |E| of distinct K-embeddings L → M equals theindex of Gal(M/L) in Gal(M/K). If L/K is separable, then M/K is Galois, so|E| = [L : K] by the Fundamental Theorem of Galois Theory. This proves thenext corollary.Corollary 15.8. Let L/K be finite and separable, with normal closure M/L.Then there are precisely [L : K] distinct K-embeddings L → M.[In fact, this has a converse: L/K is separable if and only if there are precisely[L : K] distinct K-emebddings L → M. This leads some authors define L/Kto be separable if there are [L : K] distinct K-embeddings L → M.]Proposition 15.9. Let L/K be finite and separable, with normal closure M/L.Let σ 1 , . . . , σ n be the distinct K-embeddings L → M. Then for α ∈ L we haveIn particular,χ L α/K = ( X − σ 1 (α) ) · · · (X− σ n (α) ) .N L K(α) = ∏ jσ j (α) and Tr L K(α) = ∑ jσ j (α).Proof. Let M/K be Galois, say with Galois group G := Gal(M/K). For anintermediate field L let σ 1 , . . . , σ n be the distinct K-embeddings L → M. Weknow that n = [L : K] by Corollary 15.8. For α ∈ L definenfα/K L := ∏ (X − σi (α) ) .We wish to show that fα/K L = χL α/Kfor all L and all α ∈ L.We observe thatfα/K M = ∏ ( )X − σ(α) ,σ∈Gi=1whereas by Artin’s Extension Theoremf K(α)α/K= m α/K,since the distinct K-embeddings K(α) → M are in bijection with the roots ofm α/K .For α ∈ L we can apply Proposition 15.7 to deduce that f M α/K = ( f L α/K) [M:L].For, the value of σ(α) depends only on the restriction σ| L . In particular, forL = K(α) we have fα/K M = ( ) [M:K(α)],m α/K so fMα/K= χ M α/Kby Theorem 15.4.From this it follows that( )χL [M:L]α/K = χMα/K = fα/K M = ( fα/KL ) [M:L].Therefore χ L α/K = f α/K L by unique factorisation in L[X].By definition, if χ L α/K = Xn − a 1 X n−1 + · · · + (−1) n a n , then Tr L K(α) = a 1 andN L K (α) = a n.89

Note that, by Proposition 15.7, ∑ j σ j(α) and ∏ j σ j(α) are fixed by Gal(M/K),so these elements really do lie in K. Also, we may write Tr L K = ∑ j σ j as a linearcombination of the characters σ j .As promised, we can now prove transitivity of norm and trace for separableextensions.Theorem 15.10. Let L/K/k be finite, separable extensions. Then for α ∈ Lwe haveNk L (α) = NkK (NLK (α) ) Tr L k (α) = Tr K (k TrLK (α) ) .Proof. Let M/L be the normal closure of L/K and consider the chain of subgroupsGal(M/L) ≤ Gal(M/K) ≤ Gal(M/k). Let σ j be coset representativesof Gal(M/L) in Gal(M/K), and let τ i be coset representatives of Gal(M/K) inGal(M/k). Thus 1 ≤ i ≤ [K : k] and 1 ≤ j ≤ [L : K].We claim that the τ i σ j are coset representatives for Gal(M/L) in Gal(M/k).[This is actually quite general, applying to all finite groups.] For, supposeτ i σ j = τ r σ s . We know that σ j Gal(M/L) ⊂ Gal(M/K). Since the τ i Gal(M/K)are distinct inside Gal(M/k), we must therefore have i = r. Then since theσ j Gal(M/L) are distinct in Gal(M/K), we must have j = s. Therefore theτ i σ j represent distinct cosets. Since there are [L : K][K : k] = [L : K] of them,we are done.Now, using Proposition 15.7, we can writeNkK (NLK (α) ) = ∏ ( ∏τ i σ j (α) ) = ∏ (τ i σj (α) ) = ∏ (τ i σ j )(α) = Nk L (α),i ji,ji,jand similarly for Tr.15.4 Infinite Galois ExtensionsIn general we call a field extension L/K Galois provided it is normal and separable.Then Gal(L/K) is a profinite group, which we endow with the (Krull) topology.The Fundamental Theorem of Galois Theory then describes a inclusionreversingbijection between the lattice of intermediate fields and the lattice ofclosed subgroups of Gal(L/K).15.5 Theorems of Frobenius and TchebotarevTake f ∈ Z[X] be monic and irreducible of degree n and let G = Gal(f) be theGalois group of f over Q. As usual we can view G as a subgroup of Sym n .Frobenius’s Theorem states that if p is a prime and ¯f ∈ F p [X] factorises as aproduct of irreducible polynomials of degrees d 1 , d 2 , . . . (with ∑ i d i = n), then90

G contains an element of cycle type (d 1 , d 2 , . . .). This is proved using algebraicnumber theory, and requires lifting the Frobenius homomorphism (whichnecessarily has this cycle type) to an element of the Galois group G.Much harder is Tchebotarev’s Theorem, which states that, given a set of numbersd 1 , d 2 , . . . with ∑ i d i = n, the frequency with which these numbers occuras the degrees of the irreducibles in the factorisation modulo p as we take alarger and larger number of primes p coincides with the proportion of elementsof G which have this cycle type.A special case is given by considering f = X 2 − q for a prime number q. ThenG = Z/2Z, so half its elements have cycle type (2), and the other half have cycletype (1, 1).Now, modulo p, either ¯f is irreducible, which is if and only if ( qp)= −1, or( else ¯f factorises as a product of two linear polynomials, which is if and only ifq)p = 1.Suppose for simplicity that q ≡ 1 mod 4. then by the Law of Quadratic Reciprocitywe have ( qp)=( pq). Then Tchebotarev’s Theorem reduces to the statementthat, as we take larger and larger numbers of primes, approximately halfof them are quadratic residues modulo q.Now, the weaker version of Dedekind’s Theorem on primes in arithmetical progressionssays that for each 1 ≤ a < q, there are infinitely many primes pcongruent to a modulo q. The stronger version of this theorem then states that,as we take larger and larger numbers of primes p, they are approximately evenlydistributed between the different residue classes, so that approximately 1/(q−1)primes are congruent modulo q to any give a (with gcd{a, q} = 1). Since thereare as many quadratic residues as there are non-residues, we finally obtain thisspecial case of Tchebotarev’s Theorem.The same ideas can be used to prove the result for a general quadratic extensionof Q, so taking f = X 2 − d for an arbitrary non-square integer d.91

Appendix ABackgroundThis is a summary of some background material about groups and rings.A.1 GroupsA group is a set G together with a map G × G → G, (a, b) ↦→ a · b, called thegroup law, satisfyingassociative a · (b · c) = (a · b) · c for all a, b, c ∈ G.unital there exists e ∈ G with e · a = a = a · e for all a ∈ G.admits inverses for each a ∈ G there exists b ∈ G with a · b = e = b · a.The cardinality |G| is called the order of the group.We often write the group law as multiplication, so we write ab instead of a · b,1 for the unit, and a −1 for the inverse of a.A group is called abelian, or commutative, provided a·b = b·a for all a, b ∈ G.In this case we sometimes write the group law as addition, so we write a + binstead of a · b, 0 for the unit, and −a for the inverse of a.A subset H ⊂ G is a subgroup, denoted H ≤ G, provided it isnon-empty e ∈ H.closed under multiplication ab ∈ H for all a, b ∈ H.closed under inverses a ∈ H implies a −1 ∈ H.It follows that the group law on G restricts to a group law on H, so that H isitself a group.Clearly G is a subgroup of itself; all other subgroups are called proper. Thesubset {e} is always a subgroup, called the trivial subgroup.Let H ≤ G be a subgroup. We define an equivalence relation on G by settinga ∼ b if a −1 b ∈ H. The equivalence classes aH := {ah : h ∈ H} are called theleft cosets of H. The set of all left cosets is denoted (G : H); its cardinalityis denoted [G : H] and called the index of H in G. A complete set of coset92

epresentatives is a subset S ⊂ G such that the cosets aH for a ∈ S aredistinct, and every coset is of this form.Theorem A.1 (Lagrange). Let H ≤ G be a subgroup and let a ∈ G. Then themap H → aH, h ↦→ ah is a bijection. It follows that [G : H] = |G|/|H|.If H, H ′ ≤ G are subgroups, then so too is their intersection H ∩ H ′ . It followsthat there is a smallest subgroup of G containing any given subset A ⊂ G, calledthe subgroup generated by A and denoted 〈A〉; for we can define it to be theintersection of all subgroups of G containing A. In particular the subgroups ofG form a lattice with respect to inclusions.As a special case we have the subgroup 〈a〉 generated by a single element, calleda cyclic subgroup. The order of an element a ∈ G is the order of the subgroupit generates.If H ≤ G is a subgroup and a ∈ G, then aHa −1 = {aha −1 : h ∈ H} is again asubgroup of G, called a conjugate of H. We call a subgroup normal, denotedH ⊳ G, provided that it is equal to all of its conjugates; that is, aHa −1 = H forall a ∈ G, or equivalently aH = Ha for all a ∈ G.For a normal subgroup H ⊳ G we can define a group law on the set of cosets(G : H) via aH · bH := abH. The resulting group is denoted G/H and calledthe quotient group of G by H.A map f : G → G ′ between groups is called a group homomorphism providedthat itrespects the multiplication f(ab) = f(a)f(b) for all a, b ∈ G.preserves the unit f(1) = 1.The image Im(f) := {f(a) ∈ G ′ : a ∈ G} of f is a subgroup of G ′ ; conversely,if H ≤ G is a subgroup, then the inclusion map ι: H ↩→ G is a grouphomomorphism.The kernel Ker(f) := {a ∈ G : f(a) = 1} of f is a normal subgroup of G;conversely, if N ⊳ G is normal, then the canonical map π : G ↠ G/N is a grouphomomorphism.If g : G ′ → G ′′ is another group homomorphism, then the composition gf : G →G ′′ is again a group homomorphism. We say that f is an isomorphism providedthat there exists a group homomorphism g : G ′ → G such that gf = id G andfg = id G ′.Lemma A.2. Let f : G → G ′ be a group homomorphism. Then1. f is injective if and only if Ker(f) is trivial.2. f is an isomorphism if and only if it is bijective.Lemma A.3 (Factor Lemma). Let N ⊳ G be a normal subgroup. Then theset of group homomorphisms G/N → G ′ is in bijection with the set of grouphomomorphisms f : G → G ′ with N ⊂ Ker(f).93

Theorem A.4 (Isomorphism Theorems). 1. Let f : G → G ′ be a group homomorphism.Then f induces an isomorphism G/ Ker(f) −→ ∼ Im(f).2. Let H ≤ G be a subgroup, and N ⊳ G a normal subgroup. Then HN :={hn : h ∈ H, n ∈ N} is a subgroup of G. Moreover, N ⊳HN and H∩N ⊳Hare normal subgroups, and there is an isomorphism H/H ∩ N ∼ −→ HN/N.3. Let M, N ⊳ G be normal subgroups with M ⊂ N. Then N/M ⊳ G/M is anormal subgroup, and there is an isomorphism (G/M)/(N/M) ∼ −→ G/N.Group ActionsGiven a set X we can consider the set Sym X of all bijections σ : X → X. ThenSym X is a group under composition. If X = {1, . . . , n} we usually write Sym nand call this the symmetric group.A k-cycle in Sym n is a permutation of the form σ = (a 1 a 2 · · · a k ), denotingthe functiona i ↦→ a i+1 for 1 ≤ i < k, a k ↦→ a 1 , all other elements fixed.A 2-cycle is also called a transposition. There is a group homomorphismsgn: Sym n → {±1}, called the sign map, sending each k-cycle to (−1) k−1 .The kernel Alt n of the sign map is called the alternating group.We say that a group G acts on X if there exists a group homomorphism f : G →Sym X . Equivalently, we can regard this as a map G × X → X, (a, x) ↦→ axwhich isassociative a(bx) = (ab)x for all a, b ∈ G and x ∈ X.unital 1x = x for all x ∈ X.It is clear that G acts on itself by left multiplication, (a, b) ↦→ ab. We also havethat G acts on itself by conjugation, (a, b) ↦→ aba −1 . If H ≤ G is a subgroup,then G acts on the set of cosets (G : H) by (a, bH) ↦→ abH.The orbit of x ∈ X is the subset Orb(x) := {ax : a ∈ G} of X. The stabiliserof x is the subgroup Stab(x) := {a ∈ G : ax = x} of G. We observe thatStab(ax) = aStab(x)a −1 , which is a conjugate of the subgroup Stab(x).We have the following theorem, generalising Lagrange’s Theorem in the case ofthe action of G on the set of cosets (G : H).Theorem A.5 (Orbit-Stabiliser). Let a group G act on a set X, and let x ∈ X.Then the map G → X, a ↦→ ax induces a bijection (G : Stab(x)) ∼ −→ Orb(x). Itfollows that |Orb(x)||Stab(x)| = |G|.We say that an action of G on X is faithful if the group homomorphism G →Sym X is injective, which is the same as saying that if ax = x for all x ∈ X,then a = 1. We say that the action is transitive provided that for all x, y ∈ Xthere exists a ∈ G with ax = y.94

Examples1. The integers form an abelian group under addition. This is cyclic, generatedby either 1 or −1. For each n ∈ Z we have the cyclic subgroup〈n〉 = nZ = {· · · , −n, 0, n, 2n, · · · }. The factor group Z/nZ has cosetrepresentatives 0, 1, . . . , n − 1.2. The non-zero complex numbers form an abelian group under multiplication.For each n we have the cyclic subgroup µ n := 〈exp(2πi/n)〉 ={exp(2πik/n) : k ∈ Z}.3. There is a group homomorphism Z → µ n , k ↦→ exp(2πki/n). This isonto with kernel nZ, so induces an isomorphism Z/nZ ∼ −→ µ n . Notethat the group law on the left is written additively, whereas it is writtenmultiplicatively on the right.4. The symmetric group Sym n is generated by all transpositions. The alternatinggroup Alt n is generated by all 3-cycles.5. The set of symmetries of a geometric figure is a group with respect tocomposition, and the subset of all rotations is a normal subgroup. Thisfits nicely with the idea that conjugation can be thought of as a change ofpoint of view.A.2 RingsAn (associative, unital) ring is a set R together with two operations R×R → R,(a, b) ↦→ a + b (addition) and (a, b) ↦→ ab (multiplication), satisfyingaddition R is an abelian group under addition.multiplication the multiplication is associative and unital.distributivity a(b + c) = ab + ac, (a + b)c = ac + bc for all a, b, c ∈ R.A ring is called commutative provided that the multiplication is commutative.From now on we will only consider commutative rings, and so shall simply callthem rings. A ring R is called trivial if 1 = 0, in which case R = {0}.A subset S ⊂ R is a subring, denoted S ≤ R, provided that itadditive subgroup a + b, −a ∈ S for all a, b ∈ S.contains the unit 1 ∈ S.closed under multiplication ab ∈ S for all a, b ∈ S.It follows that the ring structure on R restricts to a ring structure on S.If S, S ′ ≤ R are subrings, then so too is their intersection S ∩ S ′ . It followsthat there is a smallest subring of R containing any given subset A ⊂ G, calledthe subring generated by A and denoted 〈A〉; for we can define it to be theintersection of all subrings of R containing A. In particular the subrings of Rform a lattice with respect to inclusions.The prime subring of R is the smallest subring of R.95

A subset I ⊂ R is an ideal, denoted I ⊳ R, provided that itadditive subgroup a + b, −a ∈ I for all a, b ∈ I.closed under multiplication by R ab ∈ I for all a ∈ R and b ∈ I.Clearly R is an ideal of itself; all other ideals are called proper. The subset{0} is an ideal, called the trivial ideal, or zero ideal.If I, I ′ ≤ R are ideals, then so too is their intersection I ∩ I ′ . It follows thatthere is a smallest ideal of R containing any given subset A ⊂ G, called the idealgenerated by A and denoted (A); for we can define it to be the intersectionof all ideals of R containing A. In particular the ideals of R form a lattice withrespect to inclusions.As a special case we have the ideal (a) generated by a single element, called aprincipal ideal.Let I ⊳ R be an ideal. Then I is an additive subgroup, hence normal, so we canform the quotient R/I as an additive group. We may now define a multiplicationon R/I by (a+I)·(b+I) := ab+I, making R/I into a ring, called the quotientring of R by I.A map f : R → R ′ between two rings is called a ring homomorphism providedthat itrespects the addition f(a + b) = f(a) + f(b) for all a, b ∈ R.respects the multiplication f(ab) = f(a)f(b) for all a, b ∈ R.preserves the zero and unit f(0) = 0 and f(1) = 1.In particular, f is an additive group homomorphism.The image Im(f) := {f(a) ∈ R ′ : a ∈ R} of f is a subring of R ′ ; conversely, ifS ≤ R is a subring, then the inclusion map ι: S ↩→ R is a ring homomorphism.The kernel Ker(f) := {a ∈ R : f(a) = 0} of f is an ideal of R; conversely, ifI ⊳ R is an ideal, then the canonical map π : R ↠ R/I is a ring homomorphism.If g : R ′ → R ′′ is another ring homomorphism, then the composition gf : R →R ′′ is again a ring homomorphism. We say that f is an isomorphism providedthat there exists a ring homomorphism g : R ′ → R such that gf = id R andfg = id R ′.Lemma A.6. Let f : R → R ′ be a group homomorphism. Then1. f is injective if and only if Ker(f) is trivial.2. f is an isomorphism if and only if it is bijective.Lemma A.7 (Factor Lemma). Let I ⊳ R be an ideal. Then the set of ringhomomorphisms R/I → R ′ is in bijection with the set of ring homomorphismsf : R → R ′ with I ⊂ Ker(f).Theorem A.8 (Isomorphism Theorems). 1. Let f : R → R ′ be a ring homomorphism.Then f induces an isomorphism R/ Ker(f) −→ ∼ Im(f).2. Let S ≤ R be a subgroup, and I ⊳ R an ideal. Then S + I := {a + b : a ∈S, b ∈ I} is a subring of R. Moreover, I ⊳ S + I and S ∩ I ⊳ S are ideals,and there is an isomorphism S/S ∩ I ∼ −→ (S + I)/I.96

3. Let I, J ⊳ R be ideals with I ⊂ J. Then J/I ⊳ R/I is an ideal, and thereis an isomorphism (R/I)/(J/I) ∼ −→ R/J.Principal Ideal DomainsWe write R × := {a ∈ R : ∃b ∈ R with ab = 1} for the set of units of a ring R.Note that R × is an abelian group under multiplication. We call two elements aand b associates if they differ by a unit, so a = ub for some unit u. Equivalently(a) = (b) as ideals.A field is a non-trivial ring K such that every non-zero element is a unit, soK × = K \ {0}. More generally, an integral domain is a non-trivial ring Rwith no zero-divisors, i.e. ab = 0 implies a = 0 or b = 0. Equivalently, R hascancellation, so that if ax = bx for some x ≠ 0, then a = b.If R is an integral domain, then we can form the field of fractions Quot(R) of Rin exactly the same way that the field of rational numbers Q is constructed fromthe ring of integers Z. We first define an equivalence relation on R × (R \ {0})by (a, b) ∼ (c, d) if ad = bc. The equivalence class of (a, b) is denoted by a/b.We can now define a ring structure of the set Quot(R) of all equivalence classesbyab + c ad + bc:=d bdadnab · c ac:=d bd .We identify R with the subring {a/1 : a ∈ R} of Quot(R).The field of fractions satisfies the following universal property: if R is an integraldomain, K a field, and f : R → K a ring homomorphism, then there is a uniquefield homomorphism ˆf : Quot(R) → K extending f; that is, ˆf(a/1) = f(a) forall a ∈ R.We say that an ideal I ⊳ R ismaximal if I is proper, and I ⊂ J ⊳ R implies J = I or J = R.prime if xy ∈ I implies x ∈ I or y ∈ I.Proposition A.9. Let R be a ring and I ⊳ R an ideal of R. Then1. R/I is a field if and only if I is maximal. Equivalently R is a field if andonly if (0) and R are the only ideals of R.2. R/I is an integral domain if and only if I is prime. Equivalently R is anintegral domain if and only if (0) is prime.3. I maximal implies I prime. Equivalently, if R is a field, then it is anintegral domain.In particular, if f : K → R is a ring homomorphism from a field K to a nontrivialring R, then f is injective.A principal ideal domain is an integral domain R for which every ideal isprincipal, so of the form (a) for some a ∈ R.97

Proposition A.10. The ring of integers Z is a principal ideal domain. In fact,the ideal generated by two integers a and b equals the ideal generated by theirgreatest common divisor d.Proof. Let I ⊳ Z be a non-zero ideal, and let a > 0 be minimal such that b ∈ I.Let b ∈ I. By the Euclidean Algorithm, there exist integers q, r with a > r ≥ 0such that b = qa + r. Now, r = b − qa ∈ I, so the minimality of a gives r = 0and b = qa. Thus I = (a).Let R be a non-trivial ring. Then there exists a unique ring homomorphismf : Z → R. We define the characteristic of R to be char(R) := n whereKer(f) = (n) and n ≥ 0.By an analogous argument using the division algorithm, one can show that thepolynomial ring K[X] is also a principal ideal domain.We say that an element a ∈ R divides b, written a|b, if there exists x ∈ R suchthat b = ax. Equivalently, b ∈ (a), or (b) ⊂ (a). Note that 1 divides every otherelement, and each element divides 0.If R is an integral domain, then a|b and b|a if and only if there exists a unitu ∈ R × such that b = au. For, there exist u, v ∈ R such that b = au anda = bv. If b = 0 then a = 0. Otherwise, since b = buv, we have uv = 1, so thatu, v ∈ R × are units.Let R be an integral domain and a ∈ R non-zero and not a unit. We call aprime if a|xy implies a|x or a|y.irreducible if a = xy implies x is a unit or y is a unit.Proposition A.11. Let R be an integral domain and a ∈ R non-zero and nota unit.1. a is prime if and only if (a) is a prime ideal.2. a prime implies a irreducible. The converse holds if R is a principal idealdomain, in which case (a) is a maximal ideal.Proof. 1. Let a be prime and suppose that xy ∈ (a). Then a|xy, whence a|xor a|y. In other words, x ∈ (a) or y ∈ (a), so that (a) is a prime ideal. Theconverse is similar.2. Let a be prime and suppose that a = xy. Without loss of generality a|x, sothat x = ab for some b. Now a = xy = aby, so by = 1 and y is a unit. Thus a isirreducible.Now suppose that R is a principal ideal domain and let a be irreducible. Supposethat (a) ⊂ (x). Then a = xy for some y, and since a is irreducible, either x is aunit, in which case (x) = R, or else y is a unit, in which case (a) = (x). Hence(a) is a maximal ideal.98

Unique Factorisation DomainsAn integral domain R is called a unique factorisation domain if every elementcan be written uniquely as a product of irreduciblesexistence each a ∈ R which is non-zero and not a unit can be writtenas a product of irreducibles a = x 1 · · · x m .uniqueness if a = x 1 · · · x m and a = y 1 · · · y n with each x i and y j irreducible,then m = n and (after re-ordering) x i and y i areassociates (so y i = u i x i for some unit u i ∈ R × ).Clearly if R is a unique factorisation domain, then every irreducible element isprime. For, if a is irreducible and xy ∈ (a), then xy = ab for some b. Since ais irreducible and factorisations are unique, a must occur in the factorisation ofeither x or y, whence x ∈ (a) or y ∈ (a).One important result is that if R is a unique factorisation domain, then so toois the ring of polynomials R[X]. To see this we first prove the special case whenR is a field; in fact, we show that every principal ideal domain. The generalcase then follows from Gauss’s Lemma.Theorem A.12. Every principal ideal domain is a unique factorisation domain.1Proof. Let R be a principal ideal domain. We first show that every increasingsequence of ideals stabilises (so that R is Noetherian).Suppose we have an increasing sequence of ideals I 1 ⊂ I 2 ⊂ · · · . Then the unionI := ⋃ i I i is again an ideal, and since R is a principal ideal domain we can writeI i = (a i ) and I = (a). Now, a ∈ ⋃ i I i, so a ∈ I i for some i. Therefore I ⊂ I i , soI = I i , and hence I = I n for all n ≥ i.Now take a 1 ∈ R non-zero and not a unit, and suppose for contradiction thata 1 cannot be written as a product of irreducibles. Then a 1 is not irreducible, sowe can write a 1 = a 2 a ′ 2 with neither a 2 nor a ′ 2 a unit. If both a 2 and a ′ 2 can beexpressed as a product of irreducibles, then the same would be true of a 1 , so wemay assume that a 2 cannot be written as a product of irreducibles. Repeatingthe argument yields an increasing sequence of ideals (a 1 ) ⊂ (a 2 ) ⊂ · · · . Also,by construction, (a i−1 ) ≠ (a i ), since a i−1 = a i a ′ i and a′ i is not a unit. Thereforethis sequence of ideals does not stabilise, contradicting the above result.To see that this expression is unique, let a = x 1 · · · x m = y 1 · · · y n with each x iand y j irreducible. Since (x 1 ) is a prime ideal (in fact maximal), R/(x 1 ) is anintegral domain (in fact a field) and ȳ 1 · · · ȳ n = ā = 0 in R/(x 1 ). Thus, afterre-ordering, ȳ 1 = 0. Hence y 1 ∈ (x 1 ), say y 1 = u 1 x 1 . Since both x 1 and y 1 areirreducible, u 1 must be a unit. Therefore (x 1 ) = (y 1 ) and x 2 · · · x m = u 1 y 2 · · · y n .Since y ′ 2 := u 1 y 2 is irreducible and (y ′ 2) = (y 2 ), the result follows by inductionon m + n.1 In fact, if R is a Noetherian integral domain, then R is a unique factorisation domain ifand only if all irreducible elements are prime. The proof is the same, but using the Noetherianproperty to deduce that the ascending chain of ideals stabilises.99

For the remainder of this section, R will denote a unique factorisation domainand K its field of fractions.Lemma A.13. Any two elements in R have a greatest common divisor,and this is unique up to associates.Proof. Given a and b, write ab = ux m11 · · · x mnn for some unit u and pairwisenon-associate irreducible elements x i (so (x i ) ≠ (x j ) for i ≠ j). We can nowwrite a = u ′ x r11 · · · xrn n and b = u ′′ x s11 · · · xsn n for some units u ′ , u ′′ . Note thatm i = r i + s i . Set gcd(a, b) := x l11 · · · xln n , where l i := min(r i , s i ).Clearly gcd(a, b) divides both a and b, and any other element which divides botha and b must divide gcd(a, b) by unique factorisation.Given a non-zero polynomial f = a n X n +· · ·+a 0 ∈ R[X], we define its contentcont(f) to be the greatest common divisor of the coefficients a i . We call fprimitive if cont(f) is a unit. Note that, if 0 ≠ d ∈ R, then cont(df) =d · cont(f).More generally, let f ∈ K[X] be non-zero. By clearing denominators, there exists0 ≠ d ∈ R such that df ∈ R[X]. We therefore define cont(f) := cont(df)/d ∈K. To see that this is well-defined let 0 ≠ d ′ ∈ R also satisfy d ′ f ∈ R[X]. Thend ′ · cont(df) = cont(dd ′ f) = d · cont(d ′ f),so that cont(df)/d = cont(d ′ f)/d ′ . It follows as before that if d ∈ K × andf ∈ K[X], then cont(df) = d · cont(f).Lemma A.14. Let f, g ∈ K[X] be non-zero.1. f/cont(f) ∈ R[X] and is primitive. Conversely, if c ∈ K × is such thatf/c ∈ R[X] is primitive, then c = cont(f) (up to a unit of R).2. cont(f) ∈ R if and only if f ∈ R[X].3. cont(fg) = cont(f)cont(g).Proof. 1. Suppose first that f ∈ R[X] and has coefficients a i . Since cont(f) =gcd(a i ) we know that a i /cont(f) ∈ R and that these elements are coprime. Thusf/cont(f) ∈ R[X] is primitive.Now let f ∈ K[X]. Taking 0 ≠ d ∈ R such that df ∈ R[X] we see thatf/cont(f) = df/cont(df) ∈ R[X] is primitive.Finally, let c ∈ K × be such that f/c ∈ R[X] is primitive. Then 1 = cont(f/c) =cont(f)/c, so that c = cont(f).2. By (1) we can write f = cont(f)f ′ for some f ′ ∈ R[X] primitive, so cont(f) ∈R implies f ∈ R[X]. The converse is immediate.3. Set c := cont(f) and d := cont(g). By (1) we can write f = cf ′ and g = dg ′for some f ′ , g ′ ∈ R[X] primitive. Then fg = cdf ′ g ′ and f ′ g ′ ∈ R[X], so if wecan show that f ′ g ′ is primitive, then cont(fg) = cd as required.100

Let p ∈ R be prime and consider the quotient ring (R/(p))[X]. Since R/(p) isan integral domain, so too is (R/(p))[X]. Since f ′ and g ′ are primitive, we knowthat p does not divide every coefficient of f ′ or g ′ , so f ′ and g ′ are non-zero in(R/(p))[X]. Thus f ′ g ′ = f ′ · g ′ is non-zero, so p does not divide cont(f ′ g ′ ).It follows that cont(f ′ g ′ ) is not divisible by any irreducible element of R, henceis a unit, and f ′ g ′ is primitive.Lemma A.15 (Gauss’s Lemma). If f ∈ R[X] is irreducible over R, then it isirreducible over K. The converse holds when f is primitive.Proof. We prove the contrapositive. Suppose f = gh ∈ K[X]. Since cont(f) =cont(g)cont(h) we can factorise f over R asf = cont(f) · (g/cont(g)) · (h/cont(h)).Conversely let f ∈ R[X] be primitive and suppose that f is irreducible over K.Let f = gh be a factorisation over R. Since f is irreducible over K we mayassume without loss of generality that g is a unit in K[X], so deg(g) = 0 andhence g ∈ R. Therefore g divides cont(f), which is a unit since f is primitive.Hence g is a unit, so f is irreducible over R.Theorem A.16. The polynomial ring R[X] is again a unique factorisationdomain. The units of R[X] are the units of R. The irreducible elements ofR[X] are the irreducible elements of R together with the primitive irreduciblepolynomials.Proof. Since R is an integral domain, we can consider leading terms of polynomialsto deduce that R[X] is also an integral domain and that the units ofR[X] are just the units of R. Also, by considering degrees, we see that eachirreducible in R remains irreducible in R[X].Let f ∈ R[X] be non-constant. Since K[X] is a principal ideal domain, itis a unique factorisation domain, so we can write f = g 1 · · · g r with each g iirreducible in K[X]. Set c i := cont(g i ), c := c 1 · · · c r and f i := g i /c i , so f i ∈R[X] is a primitive irreducible polynomial by Gauss’s Lemma and f = cf 1 · · · f r .Then c = cont(f) ∈ R, so can be written as a product of irreducibles in R. Thuseach polynomial can be written as a product of irreducible elements.To see that this expression is unique, suppose that f = cg 1 · · · g r and f =dh 1 · · · h s with c, d ∈ R and g i , h j ∈ R[X] primitive irreducible polynomials.Then g i , h j ∈ K[X] are irreducible by Gauss’s Lemma, so using that K[X]is a unique factorisation domain we deduce that, after reordering, r = s andh i = u i g i for some u i ∈ K × . Then u i = cont(h i ) ∈ R × , so g i and h i areassociates. Finally, setting u := u 1 · · · u r ∈ R × gives that c = ud ∈ R, so c andd are associates. Since R is a unique factorisation domain, we are done.We finish with some methods to investigate the irreducibility of polynomials inR[X] for a unique factorisation domain R.101

Theorem A.17 (Eisenstein’s Criterion). Let f = a 0 X d + · · · + a d−1 X + a d ∈R[X] be primitive. Suppose that there exists a prime p ∈ R such that p|a i for1 ≤ i ≤ d, but p ∤ a 0 and p 2 ∤ a d . Then f is irreducible.Proof. Since p is prime we know that R/(p) is an integral domain. Let F be itsfield of fractions.Suppose that f = gh for some non-constant polynomials g, h ∈ R[X]. Writeg = b 0 X r + · · · + b r and h = c 0 X s + · · · + c s , so that d = r + s, a 0 = b 0 c 0 ,a d = b r c s and r, s ≥ 1. Consider ḡ¯h = ¯f = ā 0 X d ∈ (R/(p))[X]. Since F [X] isa unique factorisation domain we must have that ḡ = ¯b 0 X r and ¯h = ¯c 0 X s inF [X], so also in (R/(p))[X]. In particular, p divides b i for all 1 ≤ i ≤ r and c jfor all 1 ≤ j ≤ s. Thus p 2 divides b r c s = a d , a contradiction.Theorem A.18 (Rational Root Test). Let f = a 0 X d + · · · + a d ∈ R[X] andsuppose that α ∈ K is a root of f. Write α = p/q with p, q ∈ R coprime. Thenq|a 0 and p|a d .Proof. We have the equality0 = q d f(p/q) = a 0 p d + a 1 p d−1 q + · · · + a d−1 pq d−1 + a d q d .Thus p divides a d q d and q divides a 0 p d . Since gcd(p, q) = 1 we conclude thatp|a d and q|a 0 .This theorem is often used in the following form.Corollary A.19. Let f = X n + a n−1 X n−1 + · · · + a 0 ∈ R[X] be a monicpolynomial. Then any root α ∈ K of f actually lies in R and is a divisor of a 0 .Examples1. C × C with component-wise addition and multiplication is a ring, withzero (0, 0) and unit (1, 1), but is not an integral domain. Why not?2. If R is a ring, then we can form the polynomial ring R[X]. Its elementsare the polynomials f(X) = a 0 X n + a 1 X n−1 + · · · + a 0 with coefficientsa i ∈ R, on which we have the usual addition and multiplication. We writedeg(f) = max{n : a n ≠ 0} if f ≠ 0, and set deg(0) := −∞.If R is an integral domain, then so too is R[X]. Moreover the units ofR[X] are just the units of R.If I ⊳ R, then there is a surjective ring homomorphism R[X] → (R/I)[X],aX n ↦→ āX n . This has kernel I[X], the set of polynomials, all of whosecoefficients lie in I, so giving a ring isomorphism R[X]/I[X] ∼ = (R/I)[X].3. More generally, if {X i } is a (possibly infinite) set of indeterminates, thenR[{X i }] is a ring whose elements are finite R-linear combinations of monomials,where each monomial is a finite product of powers of the X i .102

4. Z, Z[X] and Z[X, Y ] are all unique factorisation domains, but only Z is aprincipal ideal domain. For example, (2, X) ⊳ Z[X] is not principal.If K is a field, then K, K[X] and K[X, Y ] are all unique factorisationdomains, but only K and K[X] are principal ideal domains. For example,(X, Y ) ⊳ K[X, Y ] is not principal.5. Z[ √ −2] = {a + b √ −2 : a, b ∈ Z} is a principal ideal domain, in fact aEuclidean domain (there is a version of the Euclidean Algorithm). Theonly units are ±1.With a little bit more theory one can describe the primes in Z[ √ −2]. Ifp ∈ Z is an odd prime, then either p ≡ 1, 3 mod 8, in which case p is primein Z[ √ −2], or else p ≡ 5, 7 mod 8, in which case we can solve a 2 + 2b 2 = pand a + b √ −2 is prime. The only other prime element is √ −2 itself.Z[ √ −5] is not a unique factorisation domain, since 1 + √ −5 is irreduciblebut not prime. Can you prove this?103

Appendix BZorn’s LemmaThis chapter is non-examinable.A partially ordered set, or poset, (S, ≤) is a set with a relation ≤ satisfyingReflexivity a ≤ a for all a.Antisymmetry a ≤ b and b ≤ a imply a = b.Transitivity a ≤ b and b ≤ c imply a ≤ c.The poset (S, ≤) is totally ordered if, for all a, b ∈ S, either a ≤ b or b ≤ a.A maximal element of S is an element a ∈ S such that if a ≤ b, then a = b.If (S, ≤) is a poset, then a chain in S is a non-empty subset which is totallyordered by ≤. If C ⊂ S is a subset, then an upper bound for C is an elementa ∈ S such that c ≤ a for all c ∈ C.Zorn’s Lemma. Let (S, ≤) be a non-empty poset in which every chain has anupper bound. Then S has a maximal element.Zorn’s Lemma is logically equivalent in Zermelo-Fraenkel Set Theory to theAxiom of Choice, which says that if S i are sets, then the product ∏ i S i isnon-empty. In other words, we can make an infinite number of arbitrary choices.We often use Zorn’s Lemma when proving statements for infinte sets when wewould have used induction for finite sets.Typical examples are the following three results, the first of which uses theAxiom of Choice; the latter two, Zorn’s Lemma.Theorem B.1. Every surjective map between sets has a right inverse.Proof. Let f : X → Y be a surjective map between two sets. A right inverse gof f is a map g : Y → X such that fg = id Y . Therefore, to construct g, we needto choose an element in the fibre f −1 (y) ⊂ X for each element y ∈ Y . Thus,if Y is infinite, we need to make an infinite number of arbitrary choices, hencerequire the Axiom of Choice.104

Theorem B.2. Every vector space has a basis.Proof. Let S be the collection of linearly independent subsets of a non-zerovector space V over a field K. This is non-empty, since each non-zero vectoris linearly independent. We endow S with the partial order ⊂ coming frominclusion.Let C = {B i } be a chain in S. Then C has an upper bound, namely the unionB = ⋃ i B i. For, consider a finite linear relation ∑ j λ jb j = 0 with λ j ∈ K andb j ∈ B. Since there are only finitely many b j in this relation, they all lie insome B i , so are linearly independent. Thus λ j = 0 for all j and B is linearlyindependent.Zorn’s Lemma implies that S has a maximal element B. We claim that B is aspanning set for V , and thus a basis. For, if not, then there exists some v ∈ Vwhich cannot be written as a finite linear combination of elements of B. ThusB∪{v} is a linearly independent set, which contradicts the maximality of B.Theorem B.3. Every proper ideal of a ring is contained in a maximal ideal.Proof. Let R be a ring. Let S be the set of proper ideals of R, ordered byinclusion ⊂. This is non-empty, since (0) ⊳ R. Let C = {I i } be a chain in S.Then I = ⋃ i I i is an upper bound for C. We need to check that I is a properideal. It is an ideal, since if x, y ∈ I, then x, y ∈ I i for some i. Hence x + yand rx for r ∈ R are both contained in I i ⊂ I. To see that I is proper, supposeotherwise. Then we can write 1 = ∑ j r jx j as a finite linear combination withr j ∈ R and x j ∈ I. Since there are only finitely many x j in this relation, theyall lie in some I i . Hence 1 ∈ I i , a contradiction since I i was assumed to beproper. Hence I ⊳ R is proper.Zorn’s Lemma implies that S has a maximal element I, which is necessarily amaximal ideal.One should remark that, although generally assumed to hold, Zorn’s Lemma,or equivalently the Axiom of Choice, also yield several ‘paradoxes’, for examplethe Banach-Tarski Paradox.For some nice quotations on the Axiom of Choice, visit here.105

Fields and Galois Theory MATH5246 - School of Mathematics

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?