Elementary Number Theory: Some Lecture Notes
Elementary Number Theory: Some Lecture Notes
Elementary Number Theory: Some Lecture Notes
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Elementary</strong> <strong>Number</strong> <strong>Theory</strong>:<strong>Some</strong> <strong>Lecture</strong> <strong>Notes</strong>Karl-Heinz FieselerUppsala 20131
Contents1 Survey 32 Distribution of primes: A short abstract 43 Rings 54 Divisibility revisited 85 Residue class rings 106 Further properties of rings 137 Groups of units 158 Polynomial equations over Z n 219 The ring of p-adic integers (optional) 2510 Primitive roots 2911 Quadratic reciprocity 3412 Arithmetic functions 4113 Riemann’s zeta function (optional) 4614 Linear Diophantine Equations: NZM 5415 Sums of two squares and pythagorean triples 5516 Fermat’s Equation for n = 4 6217 The Four Squares Theorem 6418 Pell’s Equation 6919 Continued fractions 722
1 SurveyThis are supplementary lecture notes, intended to give details where we donot follow in our argumentation the textbook NZM or the LAL-notes.We assume the reader to have some basic knowledge of commutative rings,as for example presented in sections 3 - 7: They do not enter into the course,whose main subjects are discussed in the chapters 2, 8, 10 - 12, 14 - 19.The first part of the course is devoted to the solution of a polynomialequationf(x) = 0,in a residue class ring Z n , where f ∈ Z[X] is a polynomial in one variable.By the chinese remainder theorem one can reduce that problem to primepower moduli n = p k and there we may apply in certain favourable cases alifting procedure which creates a solution a k ∈ Z p k for every p k from a givensolution in Z p . But such a chain of solutions in general does not correspond toa solution in Z; nevertheless it turns out to be helpful to consider such chainsas a new sort of numbers, called p-adic integers, see the optional section 9.On the other hand, the polynomialf = X l − aas the simplest polynomial of degree l should be understood, i.e. one wantsto understand whether or not an element a ∈ Z n is an l-th power: We areled to the notion of a primitive root for a modulus n, see section 10.If l = 2 there is a very convenient way to decide, whether some a ∈ Z p isa square or not: This is the famous law of quadratic reciprocity, see section11.There is a short section (12) dealing with arithmetic functions. For thosefamiliar with complex analysis, we mention the connection with Dirichletseries (not part of the course) and discuss basic features of Riemann’s ζ-function in the optional section 13.The second part of the course deals with diophantine equationsf(x 1 , ..., x m ) = 0, f ∈ Z[X 1 , ..., X m ], m > 1and one is interested in solutions (x 1 , ..., x m ) ∈ Z m . We discuss in detail1. linear ones: a 1 x 1 +....+a m x m −b = 0; we give a criterion for solvabilityand a recipe, how to obtain all solutions,3
2. x 2 + y 2 = n ∈ N; we give a criterion for solvability and count thesolutions,3. x 2 + y 2 = z 2 , which one may regard as a special case of the previousequation when fixing n := z 2 . All its solutions (x, y, z) ∈ N 3 , calledpythagorean triples, are given explicitly,4. x 4 + y 4 = z 4 is shown to be unsolvable following Fermat,5. x 2 + y 2 + z 2 + t 2 = n is shown to be solvable for any n ∈ N,6. Pell’s equation x 2 − dy 2 = ±1 with d ∈ N >1 not a square. We seethat all its (infinitely many) solutions can be generated from one basicsolution. In order to assure the existence of solutions (x, y) ≠ (±1, 0)we need continued fractions, section 19.2 Distribution of primes: A short abstractWe only give a short abstract, for details we refer to the LÅL-notes, section2.By a result of Euclid we know that there are infinitely many prime numbers:|P | = ∞holds for the set P ⊂ N of all prime numbers. In order to get some quantitativeinformation one introduces the prime number functionπ : R >0 −→ N, π(x) := |P ≤x |,counting the number of primes below the argument x ∈ R >0 and investigatesthe functionπ(x)xgiving the percentage of prime numbers within all natural numbers below theargument x ∈ R. One expects that prime numbers become more and moresparse; indeed it turns out that it behaves as the inverse logarithm1ln(x)4
as follows: The prime number theorem states thatlimx→∞π(x)x/ ln(x) = 1.It has been proven first by de la Vallée-Poussin und Hadamard with complexanalyticmethods (1896), see also the (optional) section about Riemann’sζ-function, and 50 years later with elementary tools by Erdös and Selberg.Here we can show only a partial result: The estimatelim supx→∞π(x)x/ ln(x) ≥ 1,gives a lower bound for the occurence of prime numbers in certain arbitrarilylong initial segments of N. Remember thatlim sup h(x) ≥ 1x→∞means the following: There is a sequence x n → ∞, h(x n ) → c ≥ 1.A question independent from the prime number theorem is the following:If we write the prime numbers as an increasing sequence p 1 = 2, p 2 = 3, p 3 =5, ......., what can be said about the gaps p n+1 − p n between two successiveprime numbers? It is not difficult to see thatlim sup (p n+1 − p n ) = ∞.n→∞Last year Zhang Yitang has shown that there are also finite points of accumulation,indeedlim infn→∞ (p n+1 − p n ) ≤ 7 · 10 7 ,and now people try to improve that bound with the final aim to showlim infn→∞ (p n+1 − p n ) = 2,i.e. there are infinitely many prime twins (p, p + 2).3 Rings<strong>Number</strong> theory is concerned with the set Z of integers. It admits two binaryoperationsZ × Z −→ Z,5
addition and multiplication. But often it is quite useful also to admit otherauxiliary sets, where these operations are defined, either enlarging Z, e.g.replacing it with the rationals Q ⊃ Z, or ”shrinking” it, e.g. replacing Zwith the set Z/ ∼ of equivalence classes, where ∼ is an equivalence relationon Z compatible with the addition and multiplication of integers.Hence, it turns out to be useful to introduce a general notion, that of aring:Definition 3.1. A commutative ring is a triple (R, α, µ), consisting of a setR and two binary operations, i.e. maps,the “addition”, andthe “multiplication”, such thatα : R × R −→ R, (x, y) ↦→ x + y := α(x, y) ,1. For all x, y ∈ R we haveµ : R × R −→ R, (x, y) ↦→ xy := µ(x, y) ,2. For all x, y, z ∈ R we have3. For all x, y, z ∈ R we havex + y = y + x, xy = yx.(x + y) + z = x + (y + z), (xy)z = x(yz).x(y + z) = xy + xz.4. There are elements 0, 1 ∈ R, such thatholds for all x ∈ R.x + 0 = x, 1 · x = x5. For all x ∈ R there is an element y ∈ R withx + y = 0.6
Example 3.2. 1. The set Z of all integers, Q of rational, R of real andC of complex numbers are rings with the standard addition and multiplicationof complex numbers.2. There are further examples of the above type, i.e. subsets R ⊂ C,which are additively and multiplicatively closed, contain 0, 1 ∈ C andsatisfy R = −R. We mention R = Z + Zi, the set of gaußian integers,i.e. complex numbers with integer real and imaginary part. They forma lattice in the complex plane. Another example is R := Z + Zε withthe third root of unity ε := 1 2 (−1 + i√ 3). For example when dealingwith Fermat’s equation for n = 3 it can be useful to replace Z with Rsince thenx 3 = z 3 − y 3 = (z − y)(z − εy)(z − ε 2 y).On the other hand the ring R is sufficiently close to Z in order to obtaininteresting information even for Z.Here are some features all rings share:Remark 3.3.1. The elements 0, 1 ∈ R are uniquely determined.2. Assume x + y = 0 = x + ỹ. Thenỹ = ỹ + 0 = ỹ + (x + y) = (ỹ + x) + y = 0 + y = y.Thus we may define−x := y.As an immediate consequence one obtains3. We define subtraction as follows:4. Next:−(−x) = x.x − y := x + (−y).0 · x = 0 = x · 0holds, since x = 1 · x = (1 + 0)x = x + 0 · x. Furthermore(−1)x = x(−1) = −xfollows from 0 = (1 + (−1))x = x + (−1)x.7
5. In general there is no cancellation rule for the multiplication, sincethere may be nontrivial “zero divisors”, i.e. elements a ∈ R \ {0}, suchthatab = 0for some b ≠ 0, and it can happen that1 + ... + 1 = 0 .4 Divisibility revisitedDefinition 4.1. A subset a ⊂ Z is called an ideal if1. 0 ∈ a,2. x, y ∈ a =⇒ x + y ∈ a, i.e. an ideal is closed w.r.t. addition,3. x ∈ a =⇒ −x ∈ a, i.e. an ideal lies symmetric to the origin.Remark 4.2. For an ideal a ⊂ Z we havea ∈ a =⇒ ka ∈ a, ∀ k ∈ Z.Example 4.3.1. a = Z is an ideal, the ”unit ideal”.2. a = {0} is an ideal, the ”trivial” or ”zero ideal”.3. Let n ∈ Z. Thenis an ideal.Zn := {kn; k ∈ Z}4. Let a, b ∈ Z. Then(a, b) := Za + Zb = {ka + lb; k, l ∈ Z}is an ideal, it is called the ideal generated by a and b. Note that(n, 0) = Zn.8
Theorem 4.4. Any ideal a ⊂ Z is a principal ideal:a = Znwith a uniquely determined natural number n ∈ N.Proof. If a = {0}, take n = 0. Otherwise we havebecause of a = −a and choosea >0 := {a ∈ a; a > 0} ≠ ∅n := min a >0 .Since n ∈ a and a is closed under multiplication with arbitrary integers, weget Zn ⊂ a. Take now any a ∈ a and writeThen there are two possibilities1. r = 0 and thus a ∈ Zn, ora = qn + r, 0 ≤ r < n.2. r = a − qn ∈ a >0 . But then we find r ≥ min a >0 = n, a contradiction.Finally we want to find explicitly the generatorn := min (a, b) >0 .Obviously there is a problem, since one does not know all k, l ∈ Z withka + lb > 0. Instead we can use a reduction procedure for the generators aoch b. It is based on the following remark:Remark 4.5. If a = qn + r or a = qn − r, then(a, b) = (b, r).The Euclidean algorithm is now an iteration of that reduction step:1. We may asume a ≥ b ≥ 0.9
2. If a = b or b = 0, then (a, b) = Za.3. If a > b > 0, we write a = qb + r or a = qn − r and the above remarkgives(a, b) = (b, r).4. Now we can repeat that step with (b, r) instead of (a, b). If we chooser ∈ Z according to the division algorithm, we have a > b > r ≥ 0, andarrive after finitely many steps at the situation, where (a, b) = (n, 0) =Zn. But when admitting negative remainders, we may even requireb2≥ r ≥ 0, thus making the algorithm a little bit faster.Finally let us justify the title of this section:Proposition 4.6. Ifwhere ab ≠ 0 and n ∈ N, we have(a, b) = Zn,n = gcd(a, b).Proof. We have q := gcd(a, b) ≥ n, since n divides both a and b. On theother hand q divides a and b, hence also n = ra + sb. Butq|n ∧ q ≥ n =⇒ q = n.5 Residue class ringsWe fix a natural number n ∈ N >1 , the ”modulus”.Definition 5.1. Two integers a, b ∈ Z are said to be congruent modulo n,written as:a ≡ b mod (n)ora ≡ n b,iff n divides the difference b − a.10
Remark 5.2.1. .. n ≡ .. is an equivalence relation.2. The equivalence classR n (a) := {b ∈ Z; b n ≡ a}of an integer a ∈ Z isR n (a) = a + Zn := {a + kn; k ∈ Z}.3. RememberR n (a) = R n (b) ⇐⇒ a n ≡ b.4. For 0 ≤ r < n the equivalence class R n (r) consists of all integers givingremainder r after division with n, i.e. a = qn + r, this explains whyone often speaks of residue classes mod n. We thus obtain a partitionZ =n−1⋃i=0R n (i).5. The set of all residue classes mod n is denoted:Z n := {R n (i); i = 0, ..., n − 1} .Making Z n a ring: We want to define addition and multiplicationZ n × Z n −→ Z nfor residue classes mod n. We start with the set theoretic sum of subsetsA, B ⊂ Z, namelyA + B := {a + b; a ∈ A, b ∈ B}andAB := {ab; a ∈ A, b ∈ B}.Proposition 5.3.1. R n (a) + R n (b) = R n (a + b),11
2. R n (a) · R n (b) ⊂ R n (ab),3. R n (ab) = R n (a) · R n (b) + Zn.Proof. We consider the sum and the product of arbitrary integers a + kn ∈R n (a) and b + ln ∈ R n (b) and see thatand(a + kn) + (b + ln) = (a + b) + (k + l)n ∈ R n (a + b)(a + kn)(b + ln) = ab + (kb + la + kln)n ∈ R n (ab).Since all the products lie in the residue class R n (ab), we can simply add Znand obtain the entire residue class R n (ab).Remark 5.4. The set theoretic product of residue classes is not necessarilyagain a residue class, e.g.R n (0) · R n (0) = Zn · Zn = Zn 2 Zn = R n (0).So the addition is set theoreticα : Z n × Z n −→ Z n , (R n (a), R n (b)) ↦→ R n (a + b) = R n (a) + R n (b),while the set theoretic product has to be completed to a residue classµ : Z n × Z n −→ Z n , (R n (a), R n (b)) ↦→ R n (ab) = R n (a) · R n (b) + Zn.A more convenient notation: If the modulus n is understood, we simplywritea := R n (a) = a + Zn.We then haveZ n = {0, 1, ...., n − 1}and addition and multiplication is as easy as possible:a + b = a + banda · b = ab.12
Note: From now on we use the standard notation for the product of residueclassesa · b = R n (a) · R n (b) + Zn = ab,so it is not any longer the set theoretic product!6 Further properties of ringsDefinition 6.1. 1. An element a ∈ R in a commutative ring R is calleda non-zero divisor iff ab = 0 =⇒ b = 0.2. A non-trivial ring (i.e. s.th. 1 ≠ 0), where all elements a ≠ 0 arenon-zero-divisors is called an integral domain.Example 6.2.1. The rings Z, Q, R, C are integral domains.2. Non-zero-divisors a ∈ R can be cancelled in an equation:ax = ay =⇒ x = y.3. A residue class a ∈ Z n is a non-zero-divisor iff gcd(a, n) = 1. We havea · b = ab = 0 ⇐⇒ ∃k ∈ Z : ab = kn.If gcd(a, n) = 1 that implies n|b, i.e. b = 0. On the other hand, ifgcd(a, n) = d > 1, we have n = n 0 d and n|an 0 , i.e.though n 0 ≠ 0.a · n 0 = 0,4. The residue class ring Z n is an integral domain iff n = p is a primenumber, since a natural number is prime iff any number k, 1 ≤ k < nand n are relatively prime.Definition 6.3. 1. An element a ∈ R in a nontrivial commutative ring Ris called invertible or a unit iff there is an element b ∈ R with ab = 1.13
2. The setR ∗ := {a ∈ R; ∃b ∈ R : ab = 1}of all invertible elements is called the group of units of the ring R.Remark 6.4. 1. The number b with ab = 1 is uniquely determined if itexists, we write a −1 := b.2. The group of units is closed w.r.t. multiplication and inversion. Indeed(ab) −1 = b −1 a −1 , (a −1 ) −1 = a.3. Units are non-zero-divisors: If a ∈ R ∗ and ab = 0, we find 0 =a −1 (ab) = (a −1 a)b = 1b = b.4. In a finite (commutative) ring non-zero-divisors are already units, sincefor a non-zero-divisor a ∈ R the map µ a : R −→ R, x ↦→ ax, is injective,and an injective map from a finite set to itself is even bijective. Inparticular there is some b ∈ R with µ a (b) = 1.5. Z ∗ = {±1}.6. Z ∗ n = {a ∈ Z n ; gcd(a, n) = 1}.Example 6.5. In order to invert a unit a ∈ Z ∗ n we have to find integersr, s ∈ Z, such that ra + sn = 1. Then we obtaina −1 = r.Let us compute 70 −1 ∈ Z 101 . The Euclidean algoritm givesand thus101 = 1 · 70 + 31, 70 = 2 · 31 + 8, 31 = 4 · 8 − 11 = 4 · 8 − 31 = 4 · (70 − 2 · 31) − 31 = 4 · 70 − 9 · 31Hence 70 −1 = 13 ∈ Z 101 .= 4 · 70 − 9 · (101 − 70) = 13 · 70 − 9 · 101.14
Definition 6.6. An integral domain R is called a field (kropp på svenska),if all nonzero elements are units, i.e.R ∗ = R \ {0}.Example 6.7. The rings Q, R, C and Z p with a prime number p are fields.There are further interesting elements in a commutative ring:Definition 6.8. Let R be a commutative ring.1. An element a ∈ R is called nilpotent if we have a n = 0 for some n ∈ N >0 .2. An element e ∈ R is called idempotent if we have e 2 = e.Remark 6.9. 1. The elements 0, 1 ∈ R are idempotent. If R is an integraldomain, there are no further idempotents: The equation e 2 = emay also be rewritten as 0 = e 2 − e = e(e − 1).2. An element a ∈ Z n is nilpotent iff a and n have the same prime divisors.3. In Z p n an element is either a unit or nilpotent.4. In Z p n there are no idempotents except 0, 1. An idempotent elemente ≠ 0, 1 would be a zero divisor, hence nilpotent, and thus necessarily0. Contradiction!5. If n is not a prime power, then there are always idempotent elements,as we shall see later on in the chinese remainder theorem.7 Groups of unitsDefinition 7.1. The function ϕ : N >0 −→ N defined by{ 1 , if n = 1ϕ(n) :=|Z ∗ n| , if n ≥ 2is called Eulers ϕ-function.Lemma 7.2. For a prime power n = p k , k ≥ 1, we have:ϕ(p k ) = p k−1 (p − 1) .15
Proof. The complement of Z ∗ consists of the zero divisorsp k0, p, 2p, ...., (p k−1 − 1)p.Thus|Z ∗ p| = |Z k p k| − number of zero divisors = p k − p k−1 = p k−1 (p − 1).In order to compute ϕ(n) for arbitrary n ∈ N we regard the prime factorizationn = p k 11 · .... · p krrand compare the residue class ring Z n with the residue class rings Z pk ii1, ..., r. The set Z n has as many elements as the cartesian product Z k p 11... × Z pkr , in particular there is a bijectionr, i =×ψ : Z n −→ Z pk 11× ... × Z pkrr .We ask, if we can choose ψ = (ψ 1 , ...., ψ r ) in such a way, that we may determineψ(Z ∗ n). First of all the target can be made a ring:Definition 7.3. Let R 1 , ..., R s be rings. The direct product R 1 × .... × R s isthe cartesian product of the sets R 1 , ..., R s endowed with the componentwiseaddition and multplication..Remark 7.4.(R 1 × .... × R s ) ∗ = R ∗ 1 × .... × R ∗ s.Now if we could choose ψ as a ring homomorphism, i.e. compatible withthe ring operations on both sides:ψ(x + y) = ψ(x) + ψ(y), ψ(xy) = ψ(x)ψ(y), ψ(1) = 1,we would find that ψ induces a bijectionZ ∗ nψ−→ Z ∗ p k 11× ... × Z ∗ .p krr16
Definition 7.5. Let R, S be rings. We write R ∼ = S and say ”R is isomorphicto S”, if there is a bijective ring homomorphism (= a ring isomorphism)ψ : R −→ S.So what could we take as the component mapsψ i : Z n −→ Z k p i , i = 1, ..., r?iRemark 7.6. Let m be a divisor of n. ThenZ n −→ Z m , a + Zn ↦→ (a + Zn) + Zm = a + Zmdefines a ring homomorphism.Finally we arrive atTheorem 7.7 (Chinese Remainder Theorem). Letn = p k 11 · .... · p krr .Thenψ : Z n −→ Z pk 11is a ring isomorphism.× ... × Z pkrr , a ↦→ (a + Zpk 11 , ..., a + Zp krr )Proof. Since the domain of definition and the target of ψ have the samenumber of elements, it suffices to show that ψ is injective. Now a ring homomorphismis injective iff ψ(z) = 0 implies z = 0, sinceψ(x) = ψ(y) ⇐⇒ ψ(x − y) = 0.Take z = a ∈ Z n . Now ψ(a) = 0 means (p i ) k i|a for i = 1, ..., r resp. n|a resp.a = 0.Corollary 7.8. Let n = p k 11 · .... · p krr . Thenϕ(n) = ϕ(p k 11 ) · ... · ϕ(p krr ).17
Remark 7.9. For practical purposes it is good to have a formula forψ −1 : Z pk 11× ... × Z pkrr−→ Z n .Denotee i := (0, ..., 0, 1, 0, ..., 0) ∈ Z k p 11the ”i-th unit vector”. Sincewe have(a 1 , ..., a r ) =ψ −1 (a 1 , ..., a r ) =r∑a i e i ,i=1× ... × Z pkrrr∑a i ψ −1 (e i )and it suffices to find ψ −1 (e i ) ∈ Z n for i = 1, ..., r as follows: Writei=1n = n i (p i ) k iand choose integers c i , d i ∈ Z, such thatc i n i + d i (p i ) k i= 1.Then we have ψ(b i ) = e i with b i := c i n i resp.ψ −1 (e i ) = b i .Let us come back to commutative rings! Given a unit z ∈ R ∗ we want tostudy the sequence1, z, z 2 , z 3 , ......of its powers. Then either1. z k ≠ z l for k ≠ l, or2. there are l, k with l > k, such that z l = z k resp. z m = 1 for m =l − k > 0.Obviously the second case applies for a finite group of units.m = |R ∗ | does the job for any z ∈ R ∗ :Indeed18
Theorem 7.10 (Lagrange). Let R be a commutative ring, |R ∗ | = q < ∞.Then we havez q = 1for all z ∈ R ∗ .Proof. The map µ z : R ∗ −→ R ∗ , x ↦→ zx, is bijective, hence∏x = ∏µ z (x) = ∏(zx) = z ∏q x.x∈R ∗ x∈R ∗ x∈R ∗ x∈R ∗Since units are non-zero divisors, we conclude z q = 1.Corollary 7.11.1. Euler: If gcd(a, n) = 1, we havea ϕ(n) ≡ 1mod (n).2. Little Fermat: If p is prime and does not divide a, thena p−1 ≡ 1mod (p).Proof. Little Fermat is a special case of Euler, take n = p, while Euler followsfrom Lagrange with R = Z n .Public Key Cryptography: We shall explain here how one can encodemessages using a public key, such that only receivers with an additionalprivate key can decode them.1. Take a number n = pq ∈ N, which is the product of two different primenumbers p, q.2. Messages, both plain text and encoded, are represented as elementsx ∈ Z n .3. If k = 1 + r(p − 1)(q − 1), we havex k = xfor all x ∈ Z n : Since Z n∼ = Zp × Z q , it is sufficient to prove x k = x forx ∈ Z p and x ∈ Z q . For x = 0, it is clear, and if, say x ∈ Z p \ {0} = Z ∗ p,we findx k = x · (x p−1 ) r(q−1) = x · 1 r(q−1) = x.19
4. Encoding is described by the mapZ n −→ Z n , x ↦→ y = x e ,with an exponent e relatively prime to ϕ(n) = (p − 1)(q − 1).5. The pair (n, e) is public knowledge, but not the factors p, q. The pointhere is, that for great n an effective factorization - at least nowadays -is impossible.6. In order to decode one needs an additonal private key, a number d ∈ N,such that ed ≡ 1 mod (p − 1)(q − 1). An encoded message y ∈ Z n isdecoded applying the mapy ↦→ y d .7. In order to obtain d from the public key (n, e) one needs the factorizationn = pq.Example 7.12. We take n = 77, e = 23, and want to decode y = 4 ∈ Z 77 .Luckily we know 77 = 7 · 11 and ϕ(77) = 60 and computeThus we obtain the decoded messageZ 60 ∋ d = 23 −1 = 47.x = 4 47 ∈ Z 77∼ = Z7 × Z 11 .In order to avoid tedious computations, we use the chinese remainder theorem(of course, in a realistic situation, that is not possible, since the factorizationn = pq is. presumably, unknown to the receiver)Z 77 Z 7 × Z 1122 (1, 0)56 (0, 1)4 (4, 4)4 47 (4 5 , 4 7 )16 (2, 5),so we get finally 16.20
8 Polynomial equations over Z nAny polynomial f ∈ Z[X] induces a functionZ n −→ Z n , x ↦→ f(x).We want to investigate what can be said about the zeros of that function.We denote f the associated polynomial with Z n -coefficients:Z[X] ∋ f ↦→ f ∈ Z n [X].1.) Linear polynomials: The first case we study is that of a linear polynomialf = aX + b.It has a solution in Z n iff there are integers r, s ∈ Z, such thatar + b = sn,and that is the case, iff d := gcd(a, n) divides the constant term b. If a andn are relatively prime, then a ∈ Z ∗ n and we obtainx = −a −1 · bas the unique solution of the equation f(x) = 0. Now, if d > 1 and a =a 0 d, n = n 0 d, b = b 0 d, we havear + b ≡ 0 mod (n) ⇐⇒ a 0 r + b 0 ≡ 0 mod (n 0 ).With other words: The solutions of f(x) = 0 over Z n are the inverse imagesof the unique solution x = r ∈ Z n0 off 0 (x) = 0, f 0 = a 0 X + b 0 ,w.r.t. the natural map Z n −→ Z n0 , namely the residue classesx ν = r + νn 0 ∈ Z n , ν = 0, ..., d − 1.2.) Reduction to prime power moduli: Assumen = p k 11 · .... · p krr ,21
and denoteψ : Z n −→ Z pk 11× ... × Z pkrr , a ↦→ (a + Zpk 11 , ..., a + Zp krr ),the chinese remainder isomorphism. Then we havef(x) = 0 ⇐⇒ 0 = ψ(f(x)) = f(ψ(x)),hence we have to look for x ν ∈ Z pkννwith f(x ν ) = 0 and may takex = ψ −1 (x 1 , ..., x r ).For the computation of ψ −1 we refer to section 7.3.) Raising the exponent of a prime power modulus: We considerthe cmmutative diagramx ∈ Z p k+1↓ϱ(x) ∈ Z p kf−→ Z p k+1↓f−→ Z p k,where the vertical arrows are the natural map ϱ : Z p k+1 −→ Z p k. Obviously,if x := a ∈ Z p k+1 is a zero of f, then ϱ(x) ∈ Z p k is a zero of f as well. On theother hand, if ϱ(x) is a zero of f, thenϱ −1 (ϱ(x)) = {x t = x + t · p k , t = 0, ..., p − 1}holds for the set ϱ −1 (ϱ(x)) of residue classes above ϱ(x). We want to know,for which t, 0 ≤ t < p, the element x t ∈ ϱ −1 (ϱ(x)) is a zero of f.We remark that the assumption f(ϱ(x)) = 0 means that p k |f(a). Indeeda straight forward argument shows:Proposition 8.1. Let x = a ∈ Z p k+1. If f(ϱ(x)) = 0, then we havef(x t ) = 0 ⇐⇒ f ′ (a)t ≡ − f(a)p kmod (p).In particular,1. if p ̸ |f ′ (a), there is exactly one t with f(x t ) = 0,22
2. if p|f ′ (a) and p k+1 |f(a), we have f(x t ) = 0 for all t,3. and finally, if p|f ′ (a) and p k+1 ̸ |f(a), we have f(x t ) ≠ 0 for all t.Proof. We havef(a + Y ) = f(a) + f ′ (a)Y + Y 2 g(Y )with a polynomial g ∈ Z[Y ]. Hence, substituting tp k for Y and passing fromZ to Z p k+1 yieldsZ p k+1 ∋ 0 = f(x + tp k ) = f(x) + tf ′ (x)p k ⇐⇒ p k+1 |f(a) + tf ′ (a)p k ,the latter being equivalent to p|f(a) + tf ′ (a).Theorem 8.2 (Hensel’s lemma). Let f ∈ Z[X], p a prime and a ∈ Z p withf(a) = 0 and f ′ (a) ≠ 0 or equivalently: p ̸ |f ′ (a). Then for any k ∈ N >0there is a unique zero x k = a k ∈ Z p k of f lying above a ∈ Z p .Hensel’s lemma has motivated the construction of new numbers for everyprime p, the so called p-adic integers resp. numbers: For details we refer tothe optional section 9.Proof of Th.8.2. We use induction on k ∈ N >0 . For k = 1 the claim is trueby assumption. Assume a k ∈ Z p k has been found. Since a k ≡ a mod (p),we have as well f ′ (a k ) ≡ f ′ (a) mod (p) resp. p ̸ |f ′ (a k ). So we may applyProp. 8.1.Example 8.3. We take p = 3 and look for zeros of f = 7X 6 + 4X + 12 inZ 27 .1. For x ∈ Z 3 we have f(x) = x 6 + x = x 2 + x = x(x + 1) and find thezeros x = 0, x = −1. We have f ′ = 42X 5 + 4, hence f ′ (x) = 1 for allx ∈ Z 3 . Hence we may apply Hensel’s lemma and find that there aretwo zeros of f in Z 27 .2. Now let us look for the zeros of f in Z 9 . One is of the form t3 witht (3)≡ − f(0)3= − 123 = −4,hence t = −1 is possible and −3 ∈ Z 9 is the zero of f above 0 ∈ Z 3 .23
The other one is of the form −1 + t3, wheret (3)≡ − f(−1)3= − 153 = −5,hence t = 1 is possible and −1 + 3 = 2 ∈ Z 9 is the zero of f above−1 ∈ Z 3 .3. Finally we have to lift the zeros −3, 2 ∈ Z 9 . The first zero is −3 + t9 ∈Z 27 witht (3)≡ − f(−3) = − 7 · 36= −7 · 3 4 ,9 9hence t = 0 is possible and −3 ∈ Z 27 is the zero of f above −3 ∈ Z 9 .The other one is of the form 2 + t9, wheret (3)≡ − f(2)9= − 909 = −10,hence t = −1 is possible and 2 − 9 = −7 ∈ Z 27 is the zero of f above2 ∈ Z 9 .4.) Two term polynomials: If n = p r andf = X l − a,we have to decide, whether a ∈ Z p r is an l-th power. If a = 0, the elementscp s , ls ≥ r, are the solutions of the equation f(x) = 0. On the other hand,any nonzero element in Z p r can be written uniquely in the form ep k with aunit e ∈ Z ∗ p and an exponent k > r. It is an l-th power iff l|k and e is anrl-th power. Thus we have to study which units are l-th powers. For that werefer to section 10.5.) Quadratic polynomials: There is no general recipe how to solvef(x) = 0 over a field Z p . Only for a quadratic polynomial there is a straightforward procdure: The case p = 2 is easy: If we denote f ∈ Z 2 [X] theinduced polynomial, we have no solution for f = X 2 + X + 1, while in theremaining cases they are obvious. If p is odd, we may writef = X 2 + 2aX + b = (X + a) 2 + (b − a 2 )and thus are left with the question, whether the constant term is a square ornot, and may apply the law of quadratic reciprocity.24
9 The ring of p-adic integers (optional)Hensel’s lemma provides solutions of polynomial congruences with arbitrarilyhigh prime powers as moduli. In order to express this fact in a more conciseand satisfactory way, one introduces new numbers, the p-adic integers, whichplay relative to usual integers a rôle analogous to that one of real numbersin relation to rational numbers. But there are also a lot of strange features.Definition 9.1. Let p be a prime number. A p-adic integer is a sequence(or family)∞∏a = (a ν ) ν∈N ∈ Z p ν+1,such that the immediate successor a ν+1 ∈ Z p ν+2 of a ν ∈ Z p ν+1 lies above (oris a lift of) a ν , i.e.Z p ν+2 ∈ a ν+1 ↦→ a ν ∈ Z p ν+1holds for all ν ∈ N >0 . We denoteZ (p) ⊂∞∏ν=0ν=0Z p ν+1the set of all p-adic integers. We add and multiply p-adic integers componentwise.Remark 9.2.1. There is a natural injectionZ ↩→ Z (p) , n ↦→ n := (n + Zp ν+1 ) ν∈N ,i.e. usual integers are also p-adic integers. From now on we treat theabove injection as an inclusion and write n for n.2. The set Z (p) forms a commutative ring.3. We want to define an absolute valueTo do so we start with a valuation| | : Z (p) −→ R ≥0 .v : Z (p) −→ N ∪ {∞}.25
Namely, for a := (a ν ) ν∈N letv(a) := min{ν; a ν ≠ 0}.Then the following holds(a) v(a + b) ≥ min(v(a), v(b))(b) v(ab) = v(a) + v(b)(c) v(a) = ∞ ⇐⇒ a = 0.Now the absolute value of a p-adic integer is|a| := p −v(a)(with p −∞ := 0). It satisfies(a) |a + b| ≤ max(|a|, |b|)(b) |ab| = |a| · |b|(c) |a| = 0 ⇐⇒ a = 0.In particular the rule (b) shows that Z (p) is an integral domain.4. We note that always|a| ≤ 1and that for m = ap n ∈ Z ⊂ Z (p) with a not divisible with p we have|m| = p −n .5. Using the absolute we may define the convergence of a sequence ofp-adic integers:a n → a :⇐⇒ |a n − a| → 0.We see thatand that any seriesp n → 0∞∑a n p nn=026
converges. Indeed any p-adic integer has such an expansion with coefficientsa n = t n ∈ N ⊂ Z (p) , 0 ≤ t n < p.Namely if a = (l ν ) ν∈N with 0 ≤ l ν < p ν+1 , thena = limν→∞l ν .Now we expand l ν w.r.t. the basis p and obtainl ν =ν∑t n p n ,n=0where the digits t n satisfy 0 ≤ t n < p and do not depend on ν due tol ν+1 ≡ l ν mod (p ν+1 ). Finally we arrive at an infinite p-adic expansiona =with unique digits t n , 0 ≤ t n < p.∞∑t n p nn=06. In order to expand a real number we can also work with the prime pas basis (instead of 10), but get series in the opposite directionR ∋ x =∞∑t n p −n .n=l7. Let us return to p-adic integers: We have 1 − p ∈ Z ∗ (p) and(1 − p) −1 =∞∑p n ,so a negative rational number is the infinite sum of positive numbers:This shows that p-adic integers do not admit an order relation compatiblewith ring operations.8. p-adic numbers vs. real and complex numbers: If p ≡ 1 mod (4), thepolynomial X 2 + 1 has a zero in Z p , e.g. for p = 5 we could take2 ∈ Z 5 . Now Hensel’s lemma tells us that there is a p-adic integer27n=0
a ∈ Z (p) with a 2 = −1. Hence it is not possible to find an embeddingZ (p) ↩→ R such that the addition and multiplication of real numberscoincides with the p-adic operations. One can show that there existssuch an embedding Z (p) ↩→ C, but can’t describe it explicitly, so thatresult is not particularly helpful.Theorem 9.3 (Hensel’s lemma). Let f ∈ Z[X]. Then any simple zero a ∈ Z pof f (i.e. f ′ (a) ≠ 0 ∈ Z p ) can be lifted to a unique zero a := (a ν ) ν∈N ∈ Z (p) ,i.e. a 0 = a.We conclude this section with some ”geometric” considerations:Proposition 9.4. 1. The group of units of the ring of p-adic integers isthe p-adic unit sphere:Z ∗ (p) = {a = (a ν ) ν≥0 ; a 0 ≠ 0} = {a ∈ Z (p) ; |a| = 1}.2. Any a = (a ν ) ∈ Z (p) \ {0} can uniquely be written as a producta = p v(a) e, e ∈ Z ∗ p.In particular Z (p) resembles an onion: The set∞⋃Z (p) = {0} ∪ p n Z ∗ (p),n=0is the countable union of the spheres (or shells?) p n Z ∗ (p)and their common center 0 ∈ Z (p) .of radius p−nRemark 9.5. Let p > 2. Though Z ∗ p is cyclic for every m ∈ N, the groupmof units Z ∗ (p)is not. Indeed it is uncountable!Proof. The first part is obvious. Let n := v(a), so a ν = 0 for ν < n anda n ≠ 0, then, writing a ν = k ν + Zp ν+1 , we have k n+ν = p n l ν for ν ≥ 0, andmay take e = (l n+ν + Zp ν+1 ) ν∈N .28
p-adic number fields: Finally one wants to enlarge Z (p) to a field by addingnew shells to the onion Z (p) : One takes{ }aQ p :=p ; a ∈ Z (p), n ∈ N ,nwhere fractions with a p-adic integer as numerator and a p-power as denominatorare added and multiplied in the usual way. We thus get a field, whoseelements are called p-adic numbers; it is an onionQ p = {0} ∪∞⋃n=−∞p n Z ∗ (p)of infinite radius. (The absolute value for p-adic integers extends in a uniqueway to Q p .)10 Primitive rootsLet us start with a consideration about Lagrange’s theorem, Th.7.10: Theexponent shown there to ”kill” all units is best:Proposition 10.1. Assume R is an integral domain and |R ∗ | < ∞. If a l = 1holds for all a ∈ R ∗ , thenl ∈ Z · |R ∗ |,i.e. |R ∗ | divides l.Proof. Let q := |R ∗ |. The exponents l ∈ Z with a l = 1 for all a ∈ R ∗constitute an ideale(R ∗ ) := { l ∈ Z; ∀ a ∈ R ∗ : a l = 1 } ,hencee(R ∗ ) = Znwith some n ∈ N. Lagrange gives q ∈ e(R ∗ ), i.e. n divides q. The polynomialf = X n − 1 ∈ R[X] vanishes on R ∗ and has at most n zeros, hence q ≤ nand thus necessarily n = q.Example 10.2. For a non-integral domain the statement does not hold:29
1. ForZ ∗ 8 = { 1, 3, 5, 7 }we have |R ∗ | = 4, though a 2 = 1 for all a ∈ G.2. Let p, q be two different odd primes. The group of unitshas (p − 1)(q − 1) elements andZ ∗ pq ∼ = Z ∗ p × Z ∗ qa l = 1holds already for l = (p − 1)(q − 1)/2, since l is divisible both withp − 1 and q − 1.Now let us look at the elements of R individually:Definition 10.3. For an element a ∈ R ∗ in the group of units of the ring Rlete(a) := {l ∈ Z; a l = 1}be the ideal of all exponents l ∈ Z with a l = 1. The order of the element ais defined asord(a) := min e(a) >0 ∈ N ∪ {∞},where we use the conventionmin ∅ := ∞.Example 10.4. 1. The elements 3, 5, 7 ∈ Z ∗ 8 have order 2.2. The element 2 ∈ Z 11 has order 10, since2 Z = {2, 4, 8, 5, 10 = −1, −2 = 9, −4 = 7, −8 = 3, −5 = 6, 1}has 10 elements. Furthermore ord(4) = 5 and ord(10) = 2.3. For a complex numberwe haveIndeedif gcd(k, n) = 1.a = re iϑ ∈ C ∗ord(a) < ∞ ⇐⇒ r = 1 ∧ ϑ ∈ Q · 2π.ord(e 2πi(k/n) ) = n30
Remark 10.5. 1. We have ord(a) = ∞ iff e(a) = {0} iff a m ≠ a n form ≠ n. So we obtain a bijectionZ −→ a Z , k ↦→ a k .2. We have ord(a) = d < ∞ iff e(a) = Zd iff a m = a n ⇐⇒ m ≡ nmod (d). Now we obtain a bijectionZ d −→ a Z , k ↦→ a kanda Z = {1, a, ..., a d−1 }.Proposition 10.6.1. Let ord(a) = m. Thenord(a k ) =mgcd(k, m) .2. If m = ord(a) and n = ord(b) are relatively prime, we haveProof. We haveord(ab) = mn.1 = (a k ) l = a kl ⇐⇒ m|kl ⇐⇒ mgcd(k, m) |l.Leti.e. 1 = 1 and1 = (ab) l =⇒ a l = b −l =⇒ ord(a l ) = ord(b −l )=⇒ mgcd(l, m) =ngcd(l, n) ,gcd(l, m) = m, gcd(l, n) = n =⇒ l ∈ Z · mn.31
Theorem 10.7. Assume that the group of units R ∗ of the integral domainR is finite. Then there is a primitive root, i.e. an element a ∈ R ∗ withord(a) = |R ∗ |resp.R ∗ = a Z = {1, a, ...., a |R∗ |−1 }.Proof. We have to find an element a ∈ R ∗ with ord(a) = |R ∗ |. Let|R ∗ | = p k 11 · ... · p kssbe the prime factorization of |R ∗ |. For each i = 1, ..., s we construct anelement a i ∈ G of order ord(a i ) = p k ii and seta = a 1 · ... · a s .According to Th.7.10 the order ord(c) for any c ∈ R ∗ divides the order |R ∗ |of the group of units, i.e.ord(c) = p k 1(c)1 · ... · p ks(c)s med 0 ≤ k i (c) ≤ k i ,and with Prop. 10.1 we see, thatk i = max {k i (c); c ∈ G} , i = 1, ....., s.In particular there is an element c i , whose order is divisible with p k ii , sayord(c i ) = l i p k 1i . We now take a i := c l ii .Corollary 10.8. Let p be a prime number. Then the group of units Z ∗ p ofZ p admits a primitive root.Let us now consider prime power moduli p n , n ≥ 2. We have to investigatecertain subgroups G ⊂ Z ∗ p n of the group of units Z∗ p n.Definition 10.9. A non-empty subset G ⊂ R ∗ is called a subgroup, if it isclosed w.r.t. multiplication and inversion, i.e.x, y ∈ G =⇒ xy, x −1 ∈ G.It is called cyclic if it admits a primitive element a ∈ G, i.e. such thatG = a Z .32
Remark 10.10. If G consists only of elements of finite order, G is a subgroupif G is multiplicatively closed - indeed we havea −1 = a ord(a)−1 .Example 10.11. For R = Z p nand r ≥ 1 we find the subgroupsG r := 1 + p r Z p n ⊂ Z ∗ p n,where r ∈ N. We havea ∈ G r −→ a p ∈ G r+1 ,in particular, since G n = {1}, we find that a pn−1 = 1 for all a ∈ G 1 as well asord(a) = p s , s = s(a) ≤ n − 1.Proposition 10.12.1. For a prime number p > 2 the subgroup1 + pZ p n ⊂ Z ∗ p nis cyclic. Indeed we have1 + pZ p n = a Z ⇐⇒ a = 1 + pt, p ̸ |t.2. The subgroup 1 + 4Z 2 n ⊂ Z ∗ 2n is cyclic withProof. ......1 + 4Z 2 n = a Z ⇐⇒ a = 1 + 4t, t odd.Theorem 10.13. 1. For a prime p > 2 and n ≥ 1 the group of units Z ∗ p nof Z p n is cyclic. Indeed, if n ≥ 2 and σ : Z p n −→ Z p 2 denotes thenatural map, we haveZ ∗ p n = aZ ⇐⇒ Z ∗ p 2 = σ(a)Z .2.Z ∗ 2 n = ±5Z .33
Proof. Let p > 2. We consider the diagramZ p nϱ−→ Z p∪∪ϱ −1 (Z ∗ p) = Z ∗ ϱp −→ Z ∗ n p∪ ∪ ∪ϱ −1 (1) = 1 + pZ p n −→ {1}where the map ϱ is the natural map. Now, given a primitive root b ∈ Z ∗ p,there is a unique element c ∈ Z ∗ pn lying above b with ord(c) = p − 1 = ord(b).Uniqueness follows from the fact that any other element above b is of theform c(1 + pt) and thus has order p − 1 iff the second factor (whose order isa prime power p s ) equals 1.In order to see that there is such an element, take any d ∈ Z p n aboveb ∈ Z p . Its order is a multiple of p − 1 (since ord(b) = p − 1) and divides theorder p n−1 (p − 1) of the group of units Z p n, hence of the form p s (p − 1). Nowwe choose c := d ps . Indeed c lies above b ps = b.Now it follows from Prop.10.12 that a = c(1+pt) ∈ Z ∗ pn is a primitive rootiff p does not divide t - and the same criterion applies to σ(a) = σ(c)(1 + pt).Finally the second part follows also immediately from Prop.10.12 sinceandZ ∗ 2 n = 1 + 2Z 2 n = (1 + 4Z 2 n) ∪ (−1 + 4Z 2 n)−1 + 4Z 2 n = −(1 + 4Z 2 n).,11 Quadratic reciprocityIn this section we explain a celebrated algorithm, which allows to decidewhether a residue class a ∈ Z p is a square or not.Definition 11.1. Denote P >2 the set of all odd primes. The Legendre symbolis the map ( )( a: Z × P >2 −→ {0, ±1}, (a, p) ↦→ ,p)where⎧( a⎨ 1 , if a ∈ Z:=p)∗ p is a square−1 , if a ∈ Z ∗ p is not a square .⎩0 , if p|a in Z p34
Remark 11.2.1. We define( ) ( )k k:=p pfor k ∈ Z p .2. If c ∈ Z ∗ p is a generator of the (cyclic) multiplicative group Z ∗ p, i.e.,Z ∗ p = c Z , we have( ) cν= (−1) ν .p3. {0, ±1} ⊂ K for any field K ⊃ Z p , since p > 2.4. With that convention we may write( ap)= a p−12 ∈ Z pfor all a ∈ Z p .5. The Legendre symbol is multiplicative in the ”numerator”:( ) ( )( ab a b=p p p)for a, b ∈ Z as well as a, b ∈ Z p . In particular it is sufficient to computethe Legendre symbol for a being a prime as well.Theorem 11.3. Let p ∈ P >2 be an odd prime.1. We have ( 2=p){ 1 , if p ≡ ±1 mod (8)−1 , if p ≡ ±3 mod (8),or, more briefly ( 2p)= (−1) p2 −18 .2. Furthermore( ) −1p{= (−1) p−121 , if p ≡ 1 mod (4)=−1 , if p ≡ 3 mod (4).35
3. The law of quadratic reciprocity: For a prime q ∈ P >2 different from pwe have ( )( p= (−1) p−1 q−1 q2 2 .q p)In the proof we take for granted the existence of a field K ⊃ Z p , such thatthere is an element ζ ∈ K ∗ of order 8 - see problem 4.5 - resp. an elementη ∈ K ∗ of order q - see the explanations at the end of this section. For theproof itself we need only to know that the Frobenius mapK −→ K, x ↦→ x p ,is compatible with addition and multiplication:(x + y) p = x p + y p , (xy) p = x p y p ,and that Z p ⊂ K is its fixed point set:Z p = {x ∈ K; x p = x}.The inclusion ”⊂” follows from the little Fermat theorem, while the righthand side is the zero set of the polynomial X p − X, hence has at most pelements.Proof. 1.) For β := ζ + ζ −1 we haveβ 2 = ζ 2 + 2 + ζ −2 = ζ 2 + 2 − ζ 2 = 2,since ζ 4 = −1. As a consequence 2 is a square in Z p iff β ∈ Z p iff β = β p .Nowβ p = ζ p + ζ −p = ζ r + ζ −r ,where p = 8d + r. Thus for r = ±1 we find β p = β, while r = ±3 yieldsβ p = −β.2.): Follows from Rem.11.2.4.3.): In order to simplify notation we write( ) aχ(a) := .qWe need the following auxiliary lemma:36
Lemma 11.4. The square of the Gauß’ sumsatisfiesq−1∑γ := χ(i)η ii=0γ 2 = χ(−1)q ∈ Z ∗ p ⊂ K ∗ p.Let us first finish the proof of the theorem: We apply the Frobenius mapK p −→ K p , x ↦→ x p , to our Gauß’ sum:q−1q−1∑ ∑γ p = χ(i) p η ip = χ(i)η ipi=0i=0q−1q−1∑∑= χ(p 2 i)η ip = χ(p) χ(ip)η ip = χ(p)γ,i=0using χ(i) p = χ(i) = χ(p 2 i) and the fact that Z q −→ Z q , i ↦→ ip, is a bijection.Since γ ≠ 0, we may conclude( ) p= γ p−1 = (γ 2 ) p−12 = (χ(−1)q) p−12q= ((−1) q−12 )p−12 qp−1i=02 = (−1) q−12(p−1 q2 ,p)where we have used Remark 11.2.1 with respect to a = −1 and the prime qas well as a = q and the prime p.Proof of the lemma. First of all we may understand the exponents of η aswell as the argument of χ as elements in Z q . Using that convention weremark the following identities:∑χ(i) = 0, ∑ η i = 0.i∈Z q i∈Z qThe first one follows from the fact that χ(0) = 0 and there are q−1 quadratic2residues as well as q−1 quadratic non-residues in Z2 q , for the second one notesthat the sum not changing when multiplied by η has to be = 0.37
Nowγ 2 =∑(i,j)∈(Z q) 2 χ(i)χ(j)η i+j= ∑ l∈Z q( ∑i+j=l)χ(i)χ(j) η l .Let us now compute the inner sums. The case l = 0 yields∑χ(i)χ(j) = ∑ χ(i)χ(−i) = ∑ χ(−i 2 ) = χ(−1)(q − 1),i∈Z q i∈Z qi+j=0since χ(−i 2 ) = χ(i 2 )χ(−1) = χ(−1) for i ≠ 0, while χ(−0 2 ) = 0.Finally we treat the case l ≠ 0 and get∑χ(i)χ(l − i)i+j=lχ(i)χ(j) = ∑ i∈Z ∗ q= ∑ i∈Z ∗ qχ(i −1 )χ(l − i)= ∑ i∈Z ∗ qχ(li −1 − 1)=∑i∈Z q\{−1}χ(i) = −χ(−1),since χ(0) = 0, χ(i −1 ) = χ(i) and {li −1 − 1; i ∈ Z ∗ q} = Z q \ {−1}. Henceγ 2 = χ(−1)(q − 1) − χ(−1) ∑ l∈Z ∗ qη l= χ(−1)(q − 1) − χ(−1) · (−1) = χ(−1)q.Construction of extension fields K ⊃ Z p admitting a primitive q-throot of unity η ∈ K: If q|(p − 1) we may take K = Z p and η = c (p−1)/q ,where c ∈ Z p is a primitive root. Otherwise there is no q-th root of unity inZ p except 1, the situation we have to deal with.38
We consider a finite dimensional Z p -vector space V and realizeK ⊂ End(V )as a subring of the endomorphism ring of V . Namely we take some linearoperator (or endomorphism) A : V −→ V and consider the set{}K := Z p [A] := f(A) ∈ End(V ); f ∈ Z p [X]of all polynomialsf(A) := λ m A m + .... + λ 1 A + λ 0 E, f =in A. Here E denotes the identity operatorE := id V .m∑a µ X µ ∈ Z p [X]Since A r A s = A r+s = A s+r = A s A r , the ring Z p [A] is even commutative.Furthermore we want that it is a field and that A plays the rôle of η, i.e.thatA q = E, A ≠ E.Since our first choice does not match our expectations we write W insteadof V and B instead of A. We chooseW := (Z p ) qµ=0with the cyclic shift operator B : W −→ W satisfyingB(e i ) = e i+1 , i = 1, ..., q − 1, B(e q ) = e 1 .Here e 1 , ..., e q ∈ (Z p ) q denotes the standard basis. Unfortunately Z p [B] isnot yet a field: We have to replace W with a minimal B-invariant subspaceV ⊂ W , s.th.A := B| V ≠ id Vand may apply the below proposition 11.5. In particular, we obtain a surjective,but in general not injective ring homomorphismZ p [B] −→ Z p [A], C ↦→ C| V .39
It remains to show that the condition B| V ≠ id V can be realized: First of allwe note thatZ p (1, ..., 1)is the eigenspace of B for the eigenvalue 1. It admits the complementaryB-invariant subspaceW 0 := {(x 1 , ..., x n ); x 1 + ... + x n = 0},where we need q ≠ p in order to exclude the possibility (1, ..., 1) ∈ W 0 . Nowwe choose V ⊂ W 0 as a minimal nontrivial B-invariant subspace. Since Bu ≠u for all u ∈ W 0 \{0}, we are done. We remark that we have dim V > 1, sinceotherwise it would consist of eigenvectors of B belonging to an eigenvalueλ ∈ Z p \ {1} satisfying λ q ≠ 1.Proposition 11.5. Let F be a field and V a finite dimensional F -vectorspace. If the linear operator A : V −→ V does not admit nontrivial properinvariant subspaces, the ringis a field.K := F [A] ⊂ End(V )Example 11.6. If V = R 2 and A : R 2 −→ R 2 is the counterclockwiserotation with an angle of 90 degrees, then we obtain R[A] ∼ = C.Proof of Prop. 11.5. We have to show that any operator f(A) ≠ 0 is invertibleand f(A) −1 ∈ F [A]. Indeed, its kernel ker(f(A)) V is a properA-invariant subspace, sincef(A)u = 0 =⇒ f(A)Au = Af(A)u = A(0) = 0,hence trivial. So f(A) is invertible. In particularF [A] −→ F [A], C ↦→ f(A)C,is an injective endomorphism of the finite dimensional vector space F [A],hence an isomorphism and E ∈ f(A)F [A].40
12 Arithmetic functionsDefinition 12.1. An arithmetic function is a complex-valued functionf : N >0 −→ C.It is called multiplicative iff f(1) = 1 andf(ab) = f(a)f(b),whenever a, b ∈ N >0 are relatively prime.Remark 12.2. A multiplicative arithmetic function f is uniquely determinedby its values f(p n ) at prime power arguments, and those values canbe prescribed arbitrarily.Example 12.3. We list here some multiplicative arithmetic functions:1. the power functions p k (n) = n k ,2. the Dirac function3. Eulers ϕ-function,δ(n) ={ 1 , if n = 10 , if n > 1 ,4. the sumσ k (n) := ∑ d|nd kof the k-th powers of all positive divisors of n ∈ N, in particular(a) τ(n) := σ 0 (n) is the number of positive divisors of n and(b) σ(n) := σ 1 (n) their sum,5. the Möbius functionµ(n) :={(−1)ω(n), if n is square free0 , otherwise,where ω(n) denotes the number of different prime divisors of n (i.e.without multiplicities!).41
The following remark is optional, it is intended for readers familiar withcomplex analysis:Remark 12.4. Given an arithmetic function f : N >0 −→ C. one considersthe Dirichlet series∞∑ f(n)Φ f (z) :=n zwith the entire functionsSincen=1n z := e ln(n)z .|n −z | = e − ln(n)R(z)is a decreasing function of R(z), we easily deduce: If∞∑n=1|f(n)|n a< ∞holds for some a ∈ R, then Φ f (z) converges uniformly in the right halfplane R ≥a := {z ∈ C; R(z) ≥ a}, hence defines there a continuous function,holomorphic in R >a . But we can do even better: If for some z 0 ∈ R ≥0the series Φ f (z 0 ) converges (not necessarily absolutely), then Φ f convergesuniformly in any angular segment( [ π])z 0 + R ≥0 exp i2 − ε, −π 2 + ε , ε > 0,with vertex z 0 . In particular it defines a holomorphic function in R >R(z0 ).So there is a unique minimal number a ∈ R∪{±∞}, such that Φ f definesa holomorphic function in R >a , called the abscissa of convergence of Φ f . Letus note that this does not imply absolute convergence in R >a . Instead onecan assure absolute convergence a priori only in R >a+1 , e.g. for f(n) = (−1) none has a = 0 (take z 0 = q ∈ R >0 and note that n −q is a strictly decreasingsequence tending to 0), while absolute convergence requires R >1 . The mostfamous example is the seriesΦ 1 : R >1 −→ Cbelonging to f ≡ 1. It provides a partial definition of Riemann’s ζ-function,see the next (optional) section. It has abscissa of convergence a = 1 and it42
Φ µ (z) = ∏ p∈Pconverges even absolutely in R >1 . The latter is also true for Φ µ , indeed itsabscissa a of convergence satisfies12 ≤ a ≤ 1,but its exact value is not known.For a multiplicative arithmetic function f we may factorize Φ f (z) as aninfinite productΦ f (z) = ∏ p∈PF p (z)withF p (z) :=∞∑ν=0f(p ν )p νz ,valid in the right half plane, where Φ f converges absolutely. E.g. for f = µwe haveF p (z) = 1 − p −zand for f ≡ 1 we obtainF p (z) =∞∑ν=01p = 1νz 1 − p . −zWe obtain thus factorizations(1 − p−z ) , z ∈ R >1 ,and13.1 Φ 1 (z) = ∏ p∈P( 11 − p −z ), z ∈ R >1 .Obviously we haveΦ f + Φ g = Φ f+g .The convolution f ∗ g of two arithmetic functions f, g is defined in order tomake the equalityΦ f · Φ g = Φ f∗ghold in the open half plane, where both Φ f and Φ g converge absolutely.43
Definition 12.5. The convolution f ∗ g of two arithmetic functions f, g isdefined by(f ∗ g)(n) := ∑ ( n)f(d)g = ∑ f(k)g(l).dd|nkl=nRemark 12.6.1. f ∗ g = g ∗ f2. f ∗ (g ∗ h) = (f ∗ g) ∗ h3. δ ∗ f = f4. If f, g : N >0 −→ C are multiplicative, so is f ∗ g.Proof. For gcd(a, b) = 1 we find(f ∗ g)(ab) = ∑ d|ab= ∑ k|a= ∑k|a,l|bf(d)gl|b( ) ab= ∑f(kl)gdk|a,l|b( a) ( bf(k)f(l)g gk l)( ak · b )l( a)f(k)g · ∑ ( bf(l)g = (f ∗ g)(a) · (f ∗ g)(b).k l)5. The following identities for multiplicative arithmetic functions hold,since they hold for prime power arguments.(a) 1 ∗ µ = δ.(b) p k ∗ 1 = σ k .(c) ϕ ∗ 1 = p 1 . (Remember that p 1 (n) = n.)Definition 12.7.Proposition 12.8.ˆf := f ∗ 1, ˜f := f ∗ µ.1. If f is multiplicative, so are ˆf and ˜f.2. The transformations f ↦→ ˆf and f ↦→ ˜f are inverse one to the other.44
Proof.and(f ∗ 1) ∗ µ = f ∗ (1 ∗ µ) = f ∗ δ = f(f ∗ µ) ∗ 1 = f ∗ (µ ∗ 1) = f ∗ δ = f.Example 12.9. 1. ˆp k = σ k .2. ˆϕ = p 1 = id N>0 .3. ˆµ = δ.Remark 12.10. Obviously the set of all arithmetic functions together withargumentwise addition and the convolution as multiplication becomes a commutativering: Indeed it may be regarded as the formal power series ringC[[X p , p ∈ P ]],in countably many indeterminates X p , indexed for convenience by primenumbers p ∈ P . To be more precise: Any function α : P −→ N with finitesupport α −1 (N >0 ) gives rise to a monomialX α := ∏ p∈P(X p ) α(p)of the indeterminates X p , p ∈ P . Then there are countably many such monomials,and a formal power series is an ”infinite linear combination” of thosemonomials. An arithmetic function f : N >0 −→ C corresponds to the series∑f(p α )X α ,αwhere the sum is taken over all functions α : P −→ N with finite supportandp α := ∏ p∈Pp α(p) ∈ N >0 .45
13 Riemann’s zeta function (optional)Riemann’s ζ-functionζ : C \ {1} −→ Cis a holomorphic extension of the Dirichlet series Φ 1 : R >1 −→ C, i.e.ζ| R>1 = Φ 1 .Before we discuss how to find an expression for ζ outside the right half planeR >1 , we note that ζ is unique if it exists and that ζ(z) ≠ 0 for all z ∈ R >1 .This is obvious for z ∈ R >1 and follows in general from the factorization(13.1) and the fact that the locally uniform limit f : G −→ C of a sequenceof nowhere vanishing holomorphic functions f n : G −→ C on a domain G iseither f ≡ 0 or has itself no zeros.The expressions for ζ involve parameter dependent integrals, either animproper ”real” integral or a path integral in the complex plane:1.) For every n ∈ N there is an expression of the first type on the right halfplane R >−n . We discuss only the case n = 0. Indeed, on R >1 we may write14.1 Φ 1 (z) = zz − 1 − z ∫ ∞with the Gauß bracket [t] = max Z ≤t and1t z := e z ln t .t − [t]t dt z+1Now the integral defines a holomorphic function even in R >0 and thus theRHS of 14.1 a meromorphic extension of Φ 1 to R >0 . The proof is an easyexercise: Write∫ N1[t]dtt = ∑ N z+1n=1∫ Nndtt z+1 .2.) The second approach requires complex integration. We start with theentire functionI(z) := 1 ∫(−η) z dη, z ∈ C,2πi C e η − 1 ηwhere for fixed z ∈ C the integrand is regarded as a holomorphic function inη on C \ (R ≥0 ∪ 2πiZ) in the following way: Take(−η) z := e log(−η)z46
with the principal branch log : C \ R ≤0 −→ C of the logarithm, such thatthere are upper and lower limits along R ≥0 . The path of integration isC = (∞, ε] ∪ ∂D ε (0) ∪ [ε, ∞)with ε < 2π. Along the first part (∞, ε] we take the upper limit(−η) z := e (ln(|η|)−πi)z ,while along the third part [ε, ∞) we take the lower limit(−η) z := e (ln(|η|)+πi)z .Since the integrand is holomorphic in D 2π (0) \ [0, 2π), we see that I(z) doesnot depend on the choice of ε.Note that I is an entire function and that for z ∈ R >1 the circle integraltends to 0 for ε → 0, henceI(z) = 1 ∫ ∞2πi · limε→0εexp(z(ln(η) + πi)) − exp(z(ln(η) − πi))dη(e η − 1)η= sin(πz)π= sin(πz)π= sin(πz)π= sin(πz)πlimε→0∫ ∞limε→0ε(∑ ∞∫ ∞εlimε→0limε→014.2 = sin(πz)π∞∑n=1∞∑n=1n=1∫ ∞ε1n z ·η z−1e η − 1 dηη z−1 e −nη )dηη z−1 e −nη dη∫ ∞ε/n· Γ(z) · Φ 1 (z)t z−1 e −t dtwithΓ(z) :=∫ ∞0t z−1 e −t dt, z ∈ R >0 ,47
an expression defining a holomorphic function Γ : R >0 −→ C. One easilychecks Γ(1) = 1, and partial integration leads to the functional equationΓ(z + 1) = zΓ(z).It gives a successive meromorphic extensionΓ(z) =Γ(z + n)z(z + 1) · ... · (z + (n − 1))to any right half plane R >−n . So eventually Γ is a meromorphic functionon the entire plane with simple poles in −N. Now it would be good tohave a formula for Γ valid simultaneously for all z ∈ C. Unfortunately theproducts in the denominator do not form a convergent sequence. Instead wenormalize the constant terms and add to each factor an exponential in orderto guarantee convergence of the infinite product∆(z) := z∞∏n=1(1 + z )e −z/n .nThe remaining numerator is an exponential as well: We finally getΓ(z) = e−γz∆(z)with the Euler-Mascheroni constant( m)∑ 1γ := limm→∞ n − ln(m + 1) = 0, 57721....n=1needed in order to compensate the exponential factors in the infinite product.The auxiliary function ∆(z) has the points in −N as simple zeros, while∆(1 − z) has its zeros in N >0 ; so ∆(z)∆(1 − z) has the integers as its set of(simple) zeros. The same is true for the functionsin(πz) = πz∞∏) (1 − z2,n 2n=1and indeed∆(z)∆(1 − z) = π −1 e −γ sin(πz),48
or equivalently14.3 Γ(z)Γ(1 − z) =πsin(πz) .Solving 14.3 for Γ(z) and substituting the RHS into the expression 14.2 forI(z), z ∈ R >1 , leads us to the following definition of Riemann’s ζ-function14.4 ζ(z) := Γ(1 − z)I(z).Note that at integer arguments z = l ∈ Z the integrals in the expressionfor I(z) over the straight parts of C cancel and thus( ) η14.5 I(l) = (−1) l l−1· Res 0 .e η − 1In particular I(l) = 0 for l ≥ 2 (as it should be, since ζ is holomorphic inR >1 and Γ(1 − z) has poles at the points in N >1 ) and for l = −2k, k ∈ N >0 ,as well. The latter fact follows, sinceη −2k−1 (e η − 1 = η−2k−2 − η )2 + g(η)with an even function g(η). Furthermore ζ(0) = − 1 because of Γ(1) = 1.2Finally we try to evaluate I(z) for R(z) < 0. In that case we have∫1(−η) z dηlimn→∞ 2πie η − 1 η = 0,∂D (2n+1)π (0)and we may regard the integral over C as the limit of the integrals over theloopsC n := [(2n + 1)π, ε] ∪ ∂D ε (0) ∪ [ε, (2n + 1)π] ∪ ∂D (2n+1)π (0) −1 ,to be understood as the negatively oriented boundary ∂G −1 of the domainG := {η; ε < |η| < (2n+1)π}\(ε, (2n+1)π). With other words, for R(z) < 0we have1 (−η)I(z) = limn→∞ 2πi∫C z dηne η − 1 η ,and, according to the residue theorem1 (−η)2πi∫C z dηne η − 1 η = −∑0
So we obtain= − ∑0
the set of zeros of ζ in the critical strip [0, 1]+iR. We use the auxiliary entirefunction( z)ξ(z) := Γ2 + 1 · (z − 1)π −z/2 ζ(z)with zero set Z and functional equationξ(z) = ξ(1 − z).Since furthermore ξ(z) = ξ(z), it follows that its zero set Z is symmetricw.r.t. both the real line and the line R(z) = 1 2 .Now taking Z + = Z ∩ ([0, 1] + iR >0 ) - there are no zeros of ζ on [0, 1) -and pairing the linear factors belonging to ϱ ∈ Z + and 1 − ϱ together, wefindξ(z) = 1 2∏( )1 − z2 − z= 1 ∏[(1 − z ) (1 − z )],ϱ 2 − ϱ 2ϱ 1 − ϱϱ∈Z + ϱ∈Z +with an absolutely convergent infinite product. Here points in Z + have tobe counted with multiplicities - just to be on the safe side: It is conjecturedthat all zeros are simple ones.Finally the formulaζ(z) =( πz/2z)(z − 1) · eC(z/2+1) · ∆2 + 1 · 1 ∏( )1 − z2 − z2 ϱ 2 − ϱϱ∈Z +gives a factorization of ζ.Here are some comments on the set Z = Z + ∪ (1 − Z + ):1. There are infinitely many zeros ϱ n = 1 2 ± iτ n on the line R(z) = 1 2 . Thefirst 20 approximative values are given in the following table:51
nτ n1 14,1347251417346937...2 21,022039638771554993...3 25,010857580145688763...4 30,424876125859513210...5 32,935061587739189690...6 37,586178158825671257...7 40,918719012147495187...8 43,327073280914999519...9 48,005150881167159727...10 49,77383247767230218111 52,970321477714460644...12 56,446247697063394804...13 59,347044002602353079...14 60,831778524609809844...15 65,112544048081606660...16 67,079810529494173714...17 69,546401711173979252...18 72,067157674481907582...19 75,704690699083933168...20 77,144840068874805372...2. There are no zeros on the boundary lines R(z) = 0, 1. This statementis equivalent to the prime number theoremwhere li(x) := ∫ x2dt. ln(t)π(x)limx→∞ li(x) = 1,3. For a number a ∈ [ 12 , 1) the following statements are equivalent:(a) Z ⊂ [1 − a, a],(b) The Dirichlet series Φ µ (z) belonging to the Möbius µ-functionconverges in R >a ,(c) For all ε > 0 we have π(x) − li(x) = O(x 1/2+ε )The implication ”(b) =⇒ (a)” is easy: We haveζ(z)Φ µ (z) = Φ 1 (z)Φ µ (z) = Φ 1∗µ (z) = Φ δ (z) = 152
for z ∈ R >1 , hence by analytic continuationζ(z)Φ µ (z) = 1for z ∈ R >a \ {1}, in particular ζ(z) ≠ 0. But, unfortunately, it is not clearat all whether there is some a ∈ [ 1, 1) satisfying the above three equivalent2conditions.The famous Riemann hypothesis now states that a = 1 is possible or2equivalentlyZ ⊂ 1 2 + iR.Finally, for those interested in more details we state the formula for the(at the jumps modified) prime number functionF (x) := 1 2 · (|P ≤x| + |P 1.The sum is not absolutely convergent: It has to be evaluated with increasingI(ϱ). FurthermoreEi : C \ R ≥0 −→ Cis the exponential integral function, characterized byEi ′ (z) = ezz ,lim Ei(x) = 0.x→−∞53
Remark 13.1. The following ”universality result” by Voronin shows that itdefinitely is not easy to control the behaviour of the ζ-function in the criticalstrip. Namely, given1. a compact set K ⊂ ( 1 , 1) + iR with connected complement C \ K,22. a continuous function g : K −→ C holomorphic in the interior of K,3. and some ε > 0,there is some t ∈ R, such thatholds for all z ∈ K.|g(z) − ζ(z + it)| < ε14 Linear Diophantine Equations: NZMTheorem 14.1.Remark 14.2. Here we describe how to find all the solutions of the diophantineequationa 1 x 1 + ... + a m x m = b.Consider the (m + 1) × m-matrix( )a1 , ..., aA :=m∈ Z m+1,m ,I mtransform it with column operations over Z to a matrix( ) d, 0, ..., 0C =∈ Z m+1,m .C 0Then the solutions of the above equations are of the form⎛ ⎞ ⎛ ⎞x 1b/dx 2⎜ ⎟⎝ . ⎠ = C s 20 ⎜ ⎟⎝ . ⎠x m s mwhere s 2 , ..., s m ∈ Z.54
15 Sums of two squares and pythagorean triplesIn this section we discuss our first non-linear diophantine equation: We considerthe equationx 2 + y 2 = n ∈ Nand ask for which n ∈ N there is a solution (x, y) ∈ Z 2 .We shall identify R 2 with the complex plane C, such that the latticeZ 2 ⊂ R 2 corresponds to the ring of gaussian integersZ[i] := Z + Ziand we are thus hunting for gaussian integers z ∈ Z[i] satisfyingWe start with an easy observation:|z| 2 = n.Lemma 15.1 (Two squares lemma). If m, n ∈ N are sums of two squares,so is mn.Proof. If m = |z| 2 , n = |w| 2 with gaussian integers z, w ∈ Z[i], we havewith the gaussian integer zw ∈ Z[i].mn = |zw| 2So it seems to be reasonable to attack first the case where n = p is aprime. We look for solutions (x, y) ∈ N 2 in the first quadrant and obtainTheorem 15.2. Let p be a prime. The equationhasx 2 + y 2 = p1. for p = 2 in N 2 the unique solution (x, y) = (1, 1),2. for p ≡ 1 mod (4) in N 2 exactly two solutions (x, y), (y, x),3. for p ≡ 3 mod (4) no solution (x, y) ∈ N 2 .Corollary 15.3. On a circle |z| 2 = n of radius √ n in the complex planethere are55
1. 4 gaussian integers for n = 1, 2,2. 8 gaussian integers for n = p with a prime p = 4k + 1,3. no gaussian integers for n = p with a prime p = 4k + 3.Finally we haveTheorem 15.4. Let n ∈ N >1 be a natural number.1. The equation|z| 2 = ncan be solved with a gaussian integer z ∈ Z[i] iff all prime divisorsp ≡ 3 mod (4) of n have even multiplicity.2. If n = a 2 m, where all prime divisors of a are of the form p = 4k+3 andall prime divisors of m are of the form p = 2 or p = 4k + 1, then anysolution of the equation |z| 2 = n is of the form z = aw with |w| 2 = m.3. If all prime divisors of n are of the form p = 2 or p = 4k + 1, anysolution of the equationcan be written as a product|z| 2 = n = p 1 · ... · p rz = z 1 · ... · z rof solutions z i ∈ Z[i] of the equation |z i | 2 = p i , i = 1, ..., r. Here theprimes p 1 , ..., p r are not assumed to be pairwise different.In order to prove both Th.15.4 and Th.15.2 we have to establish uniqueprime factorization in the ring of gaussian integers:Definition 15.5. A non-zero gaussian integer is called prime, if it1. is not a unit and2. can not be factorized as a product of two non-units.Remark 15.6.1. The group of units of the ring of gaussian integers isZ[i] ∗ = {±1, ±i} = {z ∈ Z[i]; |z| = 1}.56
2. If |z| 2 ∈ N is prime, so is the gaussian integer z itself.3. Any non-unit u ∈ Z[i] \ {0} is a product of primes. To be proved byinduction on |u|. If u itself is prime, everything is fine. Otherwise wemay write u = vw with 1 < |v|, |w| < |u|. By induction hypothesis weknow that both v and w admit a factorization, hence u = vw does aswell.The uniqueness up to multiplication with units follows from:Theorem 15.7. For a gaussian prime we havez|uv =⇒ z|u ∨ z|v.Definition 15.8. A non-empty subset a ⊂ R of a ring R is called an ideal if1. a + a ⊂ a2. R · a ⊂ a.Example 15.9. A non-empty subset a ⊂ Z[i] is an ideal iff it is additivelyclosed and invariant under rotations with an angle of 90 degrees, i.e. ia = a.Proposition 15.10. Any ideal a ⊂ Z[i] is a principal ideal:a = Z[i]zwith a gaussian integer z unique up to multiplication with a unit.Proof. If a = {0}, take z = 0. Otherwise take z ∈ a\{0} of minimal absolutevalue. Nowz ∈ a =⇒ Z[i]z ⊂ a.On the other hand given some element u ∈ a, approximate the complexnumber uz −1 ∈ C by a gaussian integer b ∈ Z[i], such that|uz −1 − b| < 1.That is possible, since any complex number lies in a unit square spanned bylattice points. Then the distance of any point in that square to the (or rathera) nearest lattice point is ≤ 1/ √ 2 < 1. In particular|u − bz| < |z|.Since u − bz ∈ a, that means u − bz = 0 resp. u = bz.57
Proof of Th.15.7. If z ̸ |u, we remember Th.15.10 and writea := Z[i]z + Z[i]u = Z[i]d.Since z is prime and d|z, we have either z = ed with a unit e ∈ Z[i] ∗ or ditself is a unit, then w.l.o.g. d = 1. The first case implies z|u, contrary toour assumption. So the second case applies and we may writeresp.1 = az + buv = vaz + b(uv),where both summands are divisible with z. Hence so is their sum v.Proof of Th.15.2. The first part is obvious.looking at the residue classesThe last one is obtained bya := x, b := y ∈ Z ∗ p.They satisfy a 2 + b 2 = 0 resp. c 2 = −1 holds for c := ab −1 , i.e. c ∈ Z ∗ p hasorder 4 and thus 4 divides p − 1 or, equivalently, p ≡ 1 mod (4). And inthat case we have to find a solution (x, y) ∈ N 2 . We know that there is aresidue class j ∈ Z p with j 2 = −1 and consider the mapψ : Z[i] −→ Z p , x + yi ↦→ x + yj.It is a ring homomorphism, i.e. respects both addition and multiplication.We consider its kernelker(ψ) := {u ∈ Z[i]; ψ(u) = 0} Z[i]p,the inclusion being proper, since otherwise the p 2 elementsZ p ∋ ψ(x + yi), 0 ≤ x, y < pwould be pairwise different: Two elements with the same ψ-image differ byan element in the kernel. Now ker(ψ) ⊂ Z[i] is an ideal, hence according toProp. 15.10ker(ψ) = Z[i]z.In particularp = zw.58
and p 2 = |z| 2 · |w| 2 . Since Z[i]p Z[i]z Z[i], we have z, w ∉ Z[i] ∗ , hence|z| 2 = p = |w| 2 .In particular x 2 + y 2 = p for z = x + yi and w = z, furthermore x ≠ y, sincep is odd. Finally let us count the number of gaussian integers u ∈ Z[i] onthe circle of radius p. We havep = zz =⇒ z|p = uu =⇒ z|u ∨ z|u,hence u or u differs from z only by a unit ±1 or ±i, while x ≠ y implies thatthe gaussian integers ±z, ±iz, ±z, ±iz are pairwise different.Before we come to the proof of Th.15.4 let us list, up to multiplicationwith a unit, all gaussian primes:Theorem 15.11. The gaussian primes are, up to multiplication with ±1, ±i,as follows:1. 1 + i,2. for each prime number p = 4k + 1 there are two gaussian primes z =a + bi with 0 < b < a, a 2 + b 2 = p, and z,3. ordinary prime numbers p = 4k + 3.The given gaussian primes are pairwise non-associated, i.e. two different donot only differ by a factor ±1, ±i; the first ones are1 + i, 3, 2 + i, 2 − i, 7, 11, 3 + 2i, 3 − 2i, 4 + i, 4 − i, 19, 23, 5 + 4i, 5 − 4i, 31, .........Denoting the above sequence (z ν ) ν∈N any gaussian integer can uniquely befactorizedz = ez k 11 · ... · zrkrwith e ∈ {±1, ±i} and exponents k 1 , ..., k r ≥ 0, k r > 0.Proof. The given gaussian integers z ν are prime, since either |z ν | = p isprime or |z ν | = p 2 and there is no gaussian integer z with |z| 2 = p. Thatany gaussian integer z ∈ Z actually is a product of the given ones, follows byfirst factorizing zz ∈ N and then identifying z with a partial product, usingTh.15.7.59
Proof of Th.15.4. Take z ∈ Z[i] with |z| 2 = n and compare the prime factorizationsof z and n.Remark 15.12. Here are some hints how to find the prime factorization ofgaussian integers: Let z = x + iy ∈ Z[i]. We start writingz = gcd(x, y)z 0 ,factorize gcd(x, y) ∈ N in the usual way and then the prime divisors p ≡ 1mod (4) as p = ππ och 2 = −i(1 + i) 2 . —From now on we assume gcd(x, y) = 1. Then we knowzz = |z| 2 = 2 lwith prime numbers p ν ≡ 1 mod (4). Since gcd(x, y) = 1, we havez = e(1 + i) lr∏ν=1r∏ν=1p kννρ kνν ,where e ∈ {±1, ±i} and, depending on ν, we have ρ ν = π ν or ρ ν = π ν .Example 15.13. We factorize a = 201+43i ∈ A −1 . We have gcd(201, 43) =1 andaa = |a| 2 = 42250 = 2 · 5 3 · 13 2 .Hencea = e · (1 + i)(ρ 1 ) 3 (ρ 2 ) 2 ,where ρ 1 ∈ {2 ± i} and ρ 2 ∈ {3 ± 2i}. We start the factorization witha = (1 + i)(122 − 79i).We check that 122 − 79i is divisible with 3 + 2i and factorizea = −(1 + i)(2 + 11i)(3 + 2i) 2 .We check that 2 + 11i is divisible with (2 + i); and obtain the factorizationa = −(1 + i)(2 + i) 3 (3 + 2i) 2 .Eventually we want to determine pythagorean triples:60
Definition 15.14. A triple (a, b, c) ∈ (N >0 ) 3 is called a pythagorean tripleif a 2 + b 2 = c 2 . It is called primitive if gcd(a, b, c) = 1.Remark 15.15.1. Obviously any pythagorean triple can be written(a, b, c) = λ(a 0 , b 0 , c 0 )with a primitive pythagorean triple (a 0 , b 0 , c 0 ).2. For a primitive pythagorean triple the first two components a and bhave different parity. Clearly, they can not be both even, while odd aand b are impossible as well: This is easily seen by passing from Z toZ 4 : The only squares in Z 4 are the residue classes 0, 1. Hencea contradiction!c 2 = a 2 + b 2 = 1 + 1 = 2,Here is a recipe how to create all primitive pythagorean triples:Theorem 15.16. Let p, q ∈ N >0 be natural numbers such that1. gcd(p, q) = 1,2. p > q,3. p and q have different parity.Then the triple (a, b, c) ∈ N 3 withor, equivalentlya = p 2 − q 2 , b = 2pq, c = p 2 + q 2 ,a + bi = (p + iq) 2 , c = |p + iq| 2 ,is a primitive pythagorean triple with even b, and every such triple can bewritten in that way with uniquely determined numbers p, q.Proof. Obviously, given p, q as above, the triple (a, b, c) is primitive andpythagorean.Uniqueness: The equation a+bi = w 2 has w = ±(p+iq) as its only solutions.61
Existence: Since gcd(a, b) = 1, we see that z = a + bi and z have no commondivisor in Z[i]: If u is a gaussian prime dividing both z and z, it would implyuu|z if u is not associated to 1 + i, and 2|c 2 otherwise. In particularzz = c 2implies that all prime divisors of z have even multiplicity. As a consequence,z or iz is a square - but the latter is not possible, since I(w 2 ) is even for w ∈Z[i]. Now, if z = w 2 with w = p + iq, we may assume p > 0. The remainingproperties of p, q now follow easily from a, b > 0 and gcd(a, b) = 1.16 Fermat’s Equation for n = 4Theorem 15.16 describes all the solutions of the pythagorean equationx 2 + y 2 = z 2 .Now given an arbitrary exponent n ∈ N, we wonder what can be said aboutthe solutions (x, y, z) ∈ (N >0 ) 3 of Fermat’s equationx n + y n = z n .Unfortunately for n > 3 we do not find any solutions by inspection. So, onesuspects, that there are no solutions (x, y, z) ∈ (N >0 ) 3 . Of course it sufficesto consider the exponent n = 4 or n = p, an odd prime number. FollowingFermat, we shall prove nonsolvability for n = 4. It follows fromTheorem 16.1. There are no triples (x, y, z) ∈ (N >0 ) 3 satisfyingProof. The reasoning is as follows:x 4 + y 4 = z 2 .1. Assuming that there is a solution, we can even find a solution (x, y, z) ∈(N >0 ) 3 with minimal third component z.2. Starting with a solution (x, y, z) ∈ (N >0 ) 3 we construct (or ”descendto”) an other solution (˜x, ỹ, ˜z) ∈ (N >0 ) 3 with ˜z < z.62
The two points are contradictory, hence the assumption in the first pointis wrong.Now let us explain the descent procedure: We apply twice the parametrizationof primitive pythagorean triples.1. If d = gcd(x, y, z) > 1 we have d 2 |z and may take ˜x = x/d, ỹ = y/d, ˜z =z/d 2 .2. If gcd(x, y, z) = 1, we obtain with (x 2 , y 2 , z) a primitive pythagoreantriple. Assuming that x is even, we may write itx 2 = 2pq, y 2 = p 2 − q 2 , z = p 2 + q 2 .3. Then (q, y, p) is an other primitive pythagorean triple, in particular pis an odd number and q even, y being odd. Thus we may writeq = 2lk, y = l 2 − k 2 , p = l 2 + k 2 .4. Since 2pq = x 2 and p is odd and gcd(p, q) = 1, we find that p = ξ 2 , q =2η 2 with suitable ξ, η ∈ N >0 .5. We obtain a further primitive pythagorean triple (l, k, ξ).6. The equality 2η 2 = q = 2lk together with gcd(l, k) = 1, yields thatl = L 2 , k = K 2 with L, K ∈ N >0 .7. Finally ˜x := L, ỹ := K, ˜z := ξ is the solution we are looking for. Indeedz = p 2 + q 2 = ξ 4 + q 2 > ξ 4 ≥ ξ = ˜z.There are further exponents, e.g. n = 3, where the unsolvability of Fermat’sequation is known since a long time; for general p it has been establishedby Andrew Wiles in 1993.63
17 The Four Squares TheoremTheorem 17.1. Any natural number is the sum of 4 squares of integers.Proof. As a consequence of the below four squares lemma we see that itsuffices to write every prime number as a sum of four squares. Sincewe may concentrate on primes p > 2.2 = 1 2 + 1 2 + 0 2 + 0 2 ,Lemma 17.2 (Four squares lemma). Let (x 1 , ..., x 4 ), (y 1 , ..., y 4 ) ∈ R 4 . Thenwe have(x 2 1 + ... + x 2 4)(y 2 1 + ... + y 2 4) = (Q 2 1 + ... + Q 2 4)withQ 1 = ∑ 4ν=1 x νy ν ,Q 2 = −x 1 y 2 + x 2 y 1 − x 3 y 4 + x 4 y 3 ,Q 3 = −x 1 y 3 + x 3 y 1 − x 4 y 2 + x 2 y 4 ,Q 4 = −x 1 y 4 + x 4 y 1 − x 2 y 3 + x 3 y 2 .Proof. Check yourself or use the interpretation of four vectors as quaternions,see the below remark. Then we have(x 1 + x 2 i + x 3 j + x 4 k)(y 1 − y 2 i − y 3 j − y 4 k) = Q 1 + Q 2 i + Q 3 j + Q 4 kand use that the square of the euclidean normis multiplicative.||x 1 + x 2 i + x 3 j + x 4 k|| 2 =Remark 17.3. For those not familiar with quaternions we give here a shortintroduction. We realize them as complex matrices: The set{( ) }z wH :=; z, w ∈ C ⊂ C 2,2−w zforms a real vector subspace of the complex vector space C 2,2 , it is multiplicativelyclosed and all nonzero matrices in H are invertible:H \ {0} ⊂ GL 2 (C).644∑ν=1x 2 ν
Furthermore the euclidean norm( z w||−w z)|| := √ zz + wwsatisfies( z w||−w z) √ ( z w|| = det−w z),thus is obviously multiplicative:||AB|| = ||A|| · ||B||.This is what we have used in the proof of Lemma 17.2. Let us explain that:A basis of the real vector space H is given by the matricesE, I, J, K,with the unit matrix E ∈ C 2,2 and( ) ( i 00 1I :=, J :=0 −i−1 0), K :=( 0 ii 0).The products of the matrices K, I, J are as followsI 2 = J 2 = K 2 = −E, IJ = K = −JI, JK = I = −KJ, KI = J = −IK.In classical notation one writesx 1 + x 2 i + x 3 j + x 4 k = x 1 E + x 2 I + x 3 J + x 4 K,and calls the expression on the LHS a quaternion, since it is determined byfour real parameters. The products are computed using the distributive lawand the analogues of the above relations:i 2 = j 2 = k 2 = −1, i · j = k = −j · i, j · k = i = −k · j, k · i = j = −i · k.This is the way how the ”creator” of the quaternions, the irish mathematicianWilliam Rowan Hamilton, presented them. He was looking for some way howto define a product with nice properties on R 3 , say, making it a field, but didnot succeed. Finally it worked for R 4 - one gets almost a field, abandoning65
only the commutative law for the multiplication. Indeed, this is only possibleon R 2 - then one obtains C - and R 4 .Though we do not really need it, we give some comments on the multiplicativestructure of H. There is a conjugation of quaternions:satisfyingA ↦→ A ∗ := A T ,AA ∗ = det(A)E.Since conjugation is involutive, H is the direct sumH = H 1 ⊕ H −1of the eigenspaces to the eigenvalues ±1. IndeedandH 1 = REH −1 = RI + RJ + RK.For A ∈ H −1 of length ||A|| = 1 we have A 2 = −E, hence there are infinitelymany different possibilities to realize C in H, namely as RE ⊕ RA. Finallythere is also a relation to three dimensional geometry on H −1∼ = R 3 : If wedenoteP : H = H 1 ⊕ H −1 −→ H −1the projection onto H −1 , the mapdescribes the vector product.H −1 × H −1 −→ H −1 , (A, B) −→ P (AB)Theorem 17.1 now follows from two lemmata, the first one being the startpoint for a descent procedure leading after finitely many steps to the desireddecomposition of the prime p as a sum of 4 squares.Lemma 17.4. Let p > 2 be a prime. Then there is a natural number h, 1 ≤h < p, such that hp is a sum of 4 squares.Lemma 17.5. Let p > 2 be a prime. Given h ∈ N, 1 < h < p, such that hpis a sum of four squares, there is sone q ∈ N, 1 ≤ q < h, such that qp is asum of four squares as well.66
Proof of Lemma 17.4. We consider the set{X := i 2 ∈ Z p ; 0 ≤ i ≤ p − 1 }2⊂ Z p .It contains p−1 + 1 elements, since if j 2 = i 2 with 0 ≤ i < j ≤ p−1 , we obtain2 2withp|(j 2 − i 2 ) = (j + i)(j − i)1 ≤ j − i < j + i ≤ p − 1,a contradiction. Now |X| + | − 1 − X| = 2|X| = p + 1 > |Z p | implies that Xand −1 − X have at least one common element, so there are 1 ≤ i, j ≤ p−12withi 2 = −1 − j 2resp.Butwhence0 < 1 + i 2 + j 2 ≤ 1 + 2 ·p|1 + i 2 + j 2 .(p − 1)240 2 + 1 2 + i 2 + j 2 = hp, 1 ≤ h < p.< 1 + p22 < p2 ,Proof of Lemma 17.5. LetWe distinguish two cases:hp =4∑n 2 i .i=11. If the number h is even, we may replace h with q = h as follows: Then2either none, two or all of the numbers n 1 , ..., n 4 are odd: In any case wemay assume that n 1 , n 2 as well as n 3 , n 4 have the same parity. Hencethe numbersm 1 := n 1 + n 2, m 2 := n 1 − n 222andm 3 := n 3 + n 4, m 4 := n 3 − n 42267
are integers and satisfy for q := h the desired equality2qp =4∑m 2 i .i=12. The number h is odd. In that case there are unique integers l 1 , ..., l 4 ,satisfyingl i ≡ n i mod (h) , − h − 12≤ l i ≤ h − 1 .2Since not all n i are divisible with h - otherwise hp would be divisiblewith h 2 - , we have l i ≠ 0 for some i. Henceand thusgives0
18 Pell’s EquationThe second quadratic diophantine equation in two variables (x, y) ∈ Z 2 weshall study is Pell’s equation:x 2 − d y 2 = n ∈ N,where d ∈ N >0 . If d = c 2 we can factorize its left hand side and get for anyfactorization n = ab two linear equationsx + cy = a, x − cy = beasily to be solved or noticed to be unsolvable. From now on we shall assumethat d > 0 is not a square in N. The main emphasis is on the case n = ±1,i.e.x 2 − d y 2 = ±1.We try the same strategy as in the previous section: We look at the ringZ[ √ d] := Z + Z √ d ⊂ Rof ”d-quadratic integers” (no standard terminology!). We remember the twosquares lemma 15.1 and its proof making use of the multiplicativity ofHere we may writex 2 + y 2 = zz, z = x + yi.x 2 − d y 2 = uσ(u)with the d-quadratic integer u = x + y √ d and the ”conjugation” mapa ring automorphism.The functionσ : Z[ √ d] −→ Z[ √ d], x + y √ d ↦→ x − y √ d,N : Z[ √ d] −→ Z, u ↦→ N(u) := uσ(u)associates to u its ”norm” N(u) ∈ Z. It is multiplicative, i.e. satisfiesN(uv) = N(u)N(v).69
Proposition 18.1. The group of units Z[ √ d] ∗ of the ring of d-quadraticintegers isZ[ √ d] ∗ = {u ∈ Z[ √ d]; N(u) = ±1}.Proof. For a d-quadratic integer u ∈ Z[ √ d] ∗ its norm N(u) ∈ Z is a unitas well because of N(1) = 1, hence N(u) = ±1. On the other hand, ifN(u) = ±1, then u −1 = N(a)σ(u) ∈ Z[ √ d].So solving Pell’s equation with n = ±1 turns out to be equivalent todetermining the group of unitsZ[ √ d] ∗ ⊂ Z[ √ d].In order to do that we replace the dense subsetZ[ √ d] ⊂ Rwith a lattice Λ d in the plane R 2 as followsThen the mapinduces a bijectionΛ d := {(x, y √ d) ∈ R 2 ; x, y ∈ Z}.π : R 2 −→ R, (ξ, η) ↦→ ξ + η,π| Λd : Λ d −→ Z[ √ d].Indeed the point x + y √ d ∈ Z[ √ d] ⊂ R corresponding to a lattice point(x, y √ d) ∈ Λ d is the intersection of the x-axis R × {0} = R and the parallelto the line R(1, −1) through that point.Remark 18.2. We haveZ[ √ d] ∗ = π(Λ d ∩ H)with the setH := {(ξ, η); ξ 2 − η 2 = ±1},the union of two hyperbolas composed of a left and right branch H l , H rresp. an upper and a lower branch H + , H − . The map π : R 2 −→ R induceshomeomorphisms∼ =∼ =H + −→ R >0 , H r −→ R >070
andH −∼ =−→ R 1 .(Note that in terms of the lattice that means taking reflections w.r.t. thecoordinate axes!) So the assumption implies that (Z[ √ d] ∗ ) >1 is non-emptyand thus the basic unit is well defined. It remains to show that every unitb ∈ Z[ √ d] ∗ is of the form b = ±a n with some integer n ∈ Z. Again wemay assume b > 1: Then choose n ∈ N with a n ≤ b < a n+1 . We havea −n b ∈ Z[ √ d] ∗ , 1 ≤ a −n b < a, hence a −n b = 1 resp. b = a n .71
Remark 18.5. For the basic unit a = α + β √ d we have α, β ≥ 1. As aconsequence the sequences α n , β n withare strictly increasing:a n = α n + β n√dα n+1 = αα n + dββ n > αα n ≥ α n , β n+1 = αβ n + βα n > αβ n ≥ β n .So in order to show that some d-quadratic unit a = α + β √ d really is thebasic unit, it is sufficient to show that there is no solution (x, y) of Pell’sequation with 1 ≤ x < α, 1 ≤ y < β.Example 18.6. 1. ”d = 2”: We find a = 1 + √ 2.2. ”d = 3”: We find a = 2 + √ 3.3. ”d = 5”: We find a = 2 + √ 5.19 Continued fractionsHere we describe a natural way to approximate an irrational number x 0 byrational numbers (c n ) n∈N , i.e. there are no choices that enter. Indeed, givena real number x 0 ∈ R \ Q we take it as the first member in a sequence(x n ) n∈Nof irrational numbers x n ∈ R, defined by the recursion formulax n+1 :=1x n − [x n ] .Obviously we have x n > 1 for all n ∈ N. We associate to it two furthersequences,1. the sequence of integers (a n ) n∈N defined by a n := [x n ],2. and the sequence (c n ) n∈N of rational numbers satisfyingc n := K n (a 0 , ...., a n ),72
where the functionsare defined by K 0 (t) := t andK n : R × (R ≥1 ) n −→ RK n (t, t 1 , ..., t n ) = K n−1(t, t 1 , .., t n−1 + 1 t n).Remark 19.1.1. In order to simplify notation we usually writeK(t, t 1 , ..., t n ) = K n (t, t 1 , ..., t n ).2. We haveK(t, t 1 ) = t + 1 t 1, K(t, t 1 , t 2 ) = t + 1t 1 + 1 t 2, ....3. The function K(t, t 1 , .., t n ) is strictly increasing w.r.t. t and t 2i andstrictly decreasing w.r.t. t 2i+1 .4. By induction one provesin particular we havex 0 = K(a 0 , a 1 , ..., a n−1 , x n ),c 2n = K(a 0 , a 1 , ..., a 2n−1 , a 2n ) < x 0 < c 2n+1 = K(a 0 , a 1 , ..., a 2n , a 2n+1 ).We shall proveTheorem 19.2. Denote Z×(N >0 ) ω the set of all sequences (a ν ) ν∈N of integerswith a ν ≥ 1 for ν ≥ 1. Then the limitK(a 0 , a 1 , ....) := limn→∞K(a 0 , ..., a n )exists for any sequence (a ν ) ν∈N ∈ Z × (N >0 ) ω and is an irrational number.Indeed the mapis a bijection.K : Z × (N >0 ) ω −→ R \ Q, (a n ) n∈N ↦→ K(a 0 , a 1 , ....)73
Theorem 19.3. Denote Z × (N >0 ) ∞ with(N >0 ) ∞ =∞⋃(N >0 ) nthe set of all finite sequences a 0 , ..., a n ∈ Z of integers with a ν ≥ 1 for ν ≥ 1.The mapn=1K : Z × (N >0 ) ∞ −→ Q, (a 0 , ..., a n ) ↦→ K(a 0 , a 1 , ...., a n )is two to one, i.e. it is onto and all its fibres have order 2. Indeed:K(a 0 , ...., a n ) ={ K(a0 , ...., a n−1 + 1), , if a n = 1, n > 0K(a 0 , ...., a n − 1, 1), , if a n > 1,Proof of Th.19.3. AssumeK(a 0 , ..., a n ) = K(b 0 , ..., b m ), m ≥ n.Choose l ≤ n maximal with a l = b l . If l = n, we have m = n, since m > nwould implyK(a 0 , ..., a n , b n+1 , ..., b m ) = K(a 0 , ..., a n +If l < n, we have1K(b n+1 , .., b m ) ) ≠ K(a 0, ..., a n ).[a l+1 , a l+1 + 1] ∋ K(a l+1 , .., a n ) = K(b l+1 , ..., b m ) ∈ [b l+1 , b l+1 + 1],with the intervals having exactly one boundary point in common. Since byassumption n ≤ m, we find with the below remark n = l + 1, m = n + 1 andb m = a n + 1, as desired.Surjectivity: Take x 0 = u 0u 1∈ Q and define the sequence x ν . Then wehavex 0 = K(a 0 , ..., a n )with a ν = [x ν ].Remark 19.4. For (x 0 , x 1 , ..., x n ) ∈ R × (R ≥1 ) n we have1. K(x 0 , ..., x n ) = x 0 +1K(x 1 ,...,x n) , 74
2. K(x 0 , ..., x n ) ≥ 1 for x 0 ≥ 1,3. x 0 ≤ K(x 0 , x 1 , ..., x n ) ≤ x 0 + 1,4. x 0 = K(x 0 , x 1 , ..., x n ) ⇐⇒ n = 0,5. K(x 0 , x 1 , ..., x n ) = x 0 + 1 ⇐⇒ n = 1, x 1 = 1.Proof of Th.19.2. For a ∈ R letM(a) :=( a 11 0Given (a ν ) ν∈N we define recursively a sequence of matrices (Q n ) n∈N by( ) 1 0Q 0 :=0 1and).Q n+1 = Q n M(a n ).We derive from it two sequences (h ν ) ν≥−2 and (h ν ) ν≥−2 as follows:( )hn−1 hQ n =n−2.k n−1 k n−2More explicitlywithh n = a n h n−1 + h n−2 , k n = a n k n−1 + k n−2h 0 = a 0 , k 0 = 1.Proposition 19.5. For n ≥ 1 and x ∈ R ≥1 we haveK(a 0 , ..., a n−1 , x) = xh n−1 + h n−2xk n−1 + k n−2,in particularK(a 0 , ..., a n−1 , a n ) = h nk n.75
Proof. A straight forward verification.Remark 19.6. Here is a rough estimate for the denominators: We havek n ≥ n, n ≥ 0.Indeed k 0 = 1, k 1 = a 1 k 0 + k −1 = a 1 ≥ 1, while a n ≥ 1 for n ≥ 1 yieldsfor n ≥ 2.k n = a n k n−1 + k n−2 ≥ (n − 1) + 1 = nLemma 19.7. 1. h n k n−1 − h n−1 k n = det Q n+1 = (−1) n+1 ,2. h n k n−2 − h n−2 k n = (−1) n a n ,3. hencec n − c n−1 = (−1) n−1 1k n k n−14. andc n − c n−2 = (−1) n a n.k n k n−2The third point of Lemma 19.7 implies that the sequence ∑ n (c n−c n−1 ) isabsolutely convergent, hence the sequence (c n ) n∈N converges, the fourth onegives that (c 2n ) n∈N is strictly increasing and (c 2n+1 ) n∈N is strictly decreasing.Now assume that x 0 = lim n→∞ c n ∈ Q, sayx 0 = h k .Then we have0
Change language