f1.3ye2/f1.3yk3 algebra and analysis part 2: …jim/f13ye2/algebra_notes.pdf · algebra and...

F1.3YE2/F1.3YK3

ALGEBRA AND ANALYSIS

Part 2: ALGEBRA.

RINGS AND FIELDS

LECTURE NOTES AND EXERCISES

Contents

1 Revision of Group Theory 31.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2 Binary Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.3 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.4 Cayley tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61.5 Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71.6 Homomorphisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91.7 Quotient Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111.8 Finitely generated abelian groups . . . . . . . . . . . . . . . . . . . . . 12

2 Rings, fields and integral domains 152.1 Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152.2 Product rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172.3 Some elementary properties . . . . . . . . . . . . . . . . . . . . . . . . 182.4 Subrings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192.5 Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202.6 Integral domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

3 Homomorphisms, ideals, and quotient rings 273.1 Homomorphisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273.2 Ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293.3 Quotient Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313.4 More Isomorphism Theorems . . . . . . . . . . . . . . . . . . . . . . . 33

4 Special types of ideals 374.1 Principal ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374.2 Maximal ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394.3 Prime ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

5 Polynomial Rings 455.1 Polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455.2 Polynomials with coefficients in a field . . . . . . . . . . . . . . . . . . 465.3 Long division and the euclidean algorithm . . . . . . . . . . . . . . . . 47

1

2 CONTENTS

5.4 Reducible and irreducible polynomials . . . . . . . . . . . . . . . . . . 495.5 Testing for irrecucibility . . . . . . . . . . . . . . . . . . . . . . . . . . 51

6 Field Extensions 556.1 Extending a given field . . . . . . . . . . . . . . . . . . . . . . . . . . . 556.2 Algebraic number fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 586.3 Finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Chapter 1

Revision of Group Theory

1.1 Introduction

The Algebra section of this course is about certain types of algebraic structure thatgeneralise – and include as examples – many such structures with which we are alreadyfamiliar.

For example, given two natural numbers a, b, we can add and multiply them to getnew natural numbers a + b and ab. We can also subtract one from the other, but theresult a− b is not always a natural number. (It may be a negative integer.)

If we allow a, b to be arbitrary integers, we can add, multiply and subtract themand the result will also be an integer. We can also divide a by b (provided b 6= 0), butthe result will not always be an integer.

If a, b are arbitrary rational numbers (or real numbers, or complex numbers) thenwe can add, multiply and subtract to get a new number of the same type. We can alsodivide a by b if b 6= 0.

We will be interested in properties of Z, Q, R and C with respect to the algebraicoperations of addition, subtraction, multiplication and division, but we will also beinterested in similar algebraic operations on other objects.

For example, we know that we can add or subtract two vectors in Rn to get a newvector in Rn. If A,B are n×n matrices, we can add, subtract and multiply to get newn × n matrices A + B, A − B and AB. These operations share many of the familiarproperties of arithmetic of numbers – but not all of them.

For example, if a, b are numbers then we know that ab = ba. But there are examplesof 2×2 matrices A,B such that AB 6= BA. We are interested in developing an abstracttheory that will apply to a wide variety of different algebraic situations.

All the above examples have a common feature: they are abelian groups with respectto addition. The purpose of this chapter is to revise the features of group theory thatare relevant to our later studies.

3

4 CHAPTER 1. REVISION OF GROUP THEORY

1.2 Binary Operations

A binary operation ∗ on a set A is a map A× A→ A, written (a, b) 7→ a ∗ b.Examples include most of the standard arithmetic operations on the real or complex

numbers, such as addition (a + b), multiplication (a × b), subtraction (a − b). Otherexamples of binary operations (on suitably defined sets) are exponentiation ab (onthe set of positive reals, for example), composition of functions, matrix addition andmultiplication, subtraction, vector addition, vector product of 3-dimensional vectors,and so on.

Definition A binary operation ∗ on a set A is commutative if a ∗ b = b ∗ a ∀a, b ∈ A.

Addition and multiplication of numbers is commutative, as is addition of matrices orvectors, union and intersection of sets, etc. Subtraction of numbers is not commutative,nor is matrix multiplication.

Definition A binary operation ∗ on a set A is associative if a ∗ (b ∗ c) = (a ∗ b) ∗ c∀a, b, c ∈ A.

Addition and multiplication (of numbers and matrices) are associative. Examplesof nonassociative binary operations are subtraction (of anything), exponentiation ofpositive reals, and vector product.

Definition An identity for a binary operation ∗ on a set A is an element e ∈ A suchthat e ∗ a = a = a ∗ e ∀a ∈ A.

Examples are 0 for addition of numbers, 1 for multiplication of numbers, the identityn × n matrix for matrix multiplication. Not all binary operations have identities,however: an example is subtraction of numbers.

Definition Let ∗ be a binary operation on a set A and let a ∈ A. An inverse for a(with respect to ∗) is an element b ∈ A such that a ∗ b and b ∗ a are identities for ∗.

Thus for example −5 is an inverse for 5 with respect to addition of integers; 23

is aninverse for 3

2with respect to multiplication of positive real numbers. Other examples

are matrix inverses (matrix multiplication) and appropriately defined inverse functions(function composition).

Lemma 1.1 If a binary operation on a set has an identity, then this identity is unique.

Proof. Suppose that e and f are both identities for a binary operation ∗ on a set A.Then e = e∗f = f . The first equality holds because f is an identity. The second holdsbecause e is an identity.

Lemma 1.2 If a ∈ A has an inverse with respect to an associative binary operation ∗on A, then the inverse is unique.

Proof. Suppose that b and c are both inverses for a. Then b = b∗ (a∗c) = (b∗a)∗c = c.The first equality holds because a∗ c is an identity, the second because ∗ is associative,and the third because b ∗ a is an identity.

1.3. GROUPS 5

In the last result, the associativity of ∗ is definitely used in the proof. In fact theresult is not in general true for nonassociative binary operations.

1.3 Groups

Definition A group (G, ∗) is a set G together with a binary operation ∗ on G suchthat

1. ∗ is associative;

2. there is an identity e ∈ G for ∗;

3. every element of G has an inverse with respect to ∗.

If the binary operation ∗ is also commutative, then G is called a commutative, orabelian group (after a 19th century Norwegian mathematician Niels Abel1).

Examples

1. Z, Q, R and C are all abelian groups with respect to addition. In each case 0 isthe identity and the inverse of x is −x.

2. Any vector space V is a group with respect to vector addition. The identity isthe zero vector, and the inverse of v ∈ V is −v.

3. The set Q∗ of nonzero rational numbers is a group with respect to multiplication.The identity is 1, and the inverse of a

bis b

a. Similarly the sets R∗ and C∗ of nonzero

real and complex numbers, respectively, are groups with respect to multiplication.

4. The set S1 = {z ∈ C : |z| = 1} of complex numbers of modulus 1 is a group withrespect to multiplication of complex numbers.

5. The set of invertible n× n matrices forms a group with respect to matrix multi-plication. The identity element is the n× n identity matrix In.

6. Let X be a set. Then the set S(X) of all permutations of X, that is, bijectivemaps X → X, forms a group with respect to composition of maps. The identitymap X → X is the identity element. This group is called the symmetric group onX. In the particular case where X is the set {1, 2, . . . , n}, this group is denotedSn, and called the symmetric group of degree n.

1http://www-history.mcs.st-andrews.ac.uk/history/Mathematicians/Abel.html


7. Let n > 0 be an integer, and let Zn denote the set {0, 1, . . . , n − 1}. Define abinary operation ∗ on Zn by a ∗ b = a + b if a + b < n, and a ∗ b = a + b − notherwise. Then Zn is an abelian group with respect to ∗, with identity 0. Theinverse of a > 0 in Zn is n−a (the inverse of 0 is 0). This group is called the cyclicgroup of order n. The binary operation ∗ is usually denoted +, and referred toas addition modulo n.

1.4 Cayley tables

One way of describing a binary operation ∗ on a set G (provided G is not too big) isto form a grid with rows and columns labelled by the elements of G, and enter theelement a ∗ b in the cell in row a and column b (for all a, b ∈ G). This is called amultiplication table or a Cayley table or (in the case where (G, ∗) is a group) a grouptable.

Example

+ 0 1 2 30 0 1 2 31 1 2 3 02 2 3 0 13 3 0 1 2

This is the Cayley table for Z4, the cyclic group of order 4.

Example

∗ e a b ce e a b ca a e c bb b c e ac c b a e

This describes a binary operation on the set G = {e, a, b, c} with respect to whichG is a group.

Two groups G and H are said to be isomorphic if they have Cayley tables whichare identical, except for relabelling of the elements. For example G = {1, i,−1,−i}is a group with respect to multiplication of complex numbers. It is isomorphic to Z4,because its Cayley table

× 1 i -1 -i1 1 i -1 -ii i -1 -i 1

-1 -1 -i 1 i-i -i 1 i -1

1.5. SUBGROUPS 7

is identical to that of Z4, if we relabel elements of Z4 by the rule 0 7→ 1, 1 7→ i,2 7→ −1, 3 7→ −i (in other words, k 7→ ik, k = 0, 1, 2, 3).

Question Is the group G = {e, a, b, c} in the second example above isomorphic to Z4?

If G is a group containing only two elements, then G is isomorphic to Z2. To seethis, note that one of the elements of G is the identity e. Let g be the other elementof G. The e ∗ g = g = g ∗ e, where ∗ is the binary operation in G. What is g−1? Sinceg−1 ∗ g = e 6= g = e ∗ g, g−1 6= e, so g−1 = g. Hence g ∗ g = e, and this determines theCayley table of G as

∗ e ge e gg g e

Clearly this is the same as that of Z2, using the relabelling 0 7→ e, 1 7→ g.

Exercise Show that any group containing exactly three elements is isomorphic to Z3.

1.5 Subgroups

A subgroup of a group G is a subset H ⊆ G that is also a group with respect to thesame binary operation as G. Examples include Z as a subgroup of R (with respect toaddition), R∗ and S1 as subgroups of C∗ with respect to multiplication.

It is important to recognise when a subset of a group G is actually a subgroup ofG. The following result gives a useful criterion.

Theorem 1.3 (The subgroup test) Let G be a group with respect to a binary operation∗, and let H be a subset of G. Then H is a subgroup of G if and only if the followingthree conditions are satisfied:

1. Closure: x ∗ y ∈ H ∀x, y ∈ H.

2. Identity: eG ∈ H, where eG is the identity element of G.

3. Inverse: x−1 ∈ H ∀x ∈ H, where x−1 is the inverse of x in G (with respect to ∗).

Proof. Suppose first that H is a subgroup with respect to ∗. Then in particular ∗ isa binary operation on H, in other words a function H × H → H. Thus x ∗ y ∈ Hwhenever x, y ∈ H, giving the closure property.

Being a group, H has an identity eH , say. Thus eH ∗ eH = eH in G, so

eG = eH ∗ e−1H = (eH ∗ eH) ∗ e−1

H = eH ∗ (eH ∗ e−1H ) = eH ∗ eG = eH ∈ H

(where e−1H denotes the inverse of eH in G, and all the calculations are carried out in

G.


Finally, let x ∈ H and let x denote the inverse of x in H. Then

x−1 = x−1 ∗ eG = x−1 ∗ eH = x−1 ∗ (x ∗ x) = (x−1 ∗ x) ∗ x = eG ∗ x = x ∈ H.

Conversely, suppose that H is a subset of G satisfying the three listed properties.Since eG ∈ H, H is nonempty.By the closure property, ∗ defines a binary operation on H.This binary operation is associative, since it is already associative on the bigger set

G:

(x ∗ y) ∗ z = x ∗ (y ∗ z) ∀ x, y, z ∈ G⇒ (x ∗ y) ∗ z = x ∗ (y ∗ z) ∀ x, y, z ∈ H.

Finally, for any x ∈ H, since x−1 ∈ H, x has an inverse in H.Hence (H, ∗) is a group. In other words, H is a subgroup of G.

Examples

1. Let n > 0 be an integer and let nZ = {nx : x ∈ Z}, the set of integers divisibleby n. Then nZ is a subgroup of Z with respect to addition. For the closureproperty, note that nx + ny = n(x + y). The identity element is 0 = n.0 ∈ nZ.The inverse in Z of nx ∈ nZ is −(nx) = n(−x) ∈ nZ.

2. Let G be the group of n× n invertible matrices with respect to matrix multipli-cation, and let H be the set of matrices A ∈ G such that det(A) = 1. Then H isa subgroup of G. The closure property follows since det(AB) = det(A) det(B);In ∈ H since det(In) = 1; and finally if det(A) = 1 then det(A−1) = 1.

3. Let G = Sn and let H = {σ ∈ G : σ(1) = 1}. Then H is a subgroup of G. Tocheck the closure property, if σ, τ ∈ H then σ(1) = τ(1) = 1, so (σ ◦ τ)(1) =σ(τ(1)) = σ(1) = 1, and so σ ◦ τ ∈ H. Clearly the identity map sends 1 to 1, sobelongs to H. Finally, if σ ∈ H then σ(1) = 1, so σ−1(1) = 1 and σ−1 ∈ H.

Definition The order of a group G is the number of elements in G (finite or infinite).It is denoted |G|. Note that |G| ≥ 1, since every group contains at least one element,namely the identity. The order of an element g ∈ G is the least positive integer k suchthat gk is equal to the identity element of G, where gk denotes g ∗ g ∗ . . . ∗ g (k times).If no such positive integer k exists, then g has infinite order.

Lemma 1.4 Let G be a group and g ∈ G. Then the set 〈g〉 = {gk : k ∈ Z} is asubgroup of G, and its order is equal to that of g.

(Here g0 = eG, g−1 is the inverse of g in G, and if k > 0 then g−k denotes (g−1)k,which is the inverse of gk.)

1.6. HOMOMORPHISMS 9

Proof. The set 〈g〉 is clearly nonempty and closed under ∗. It contains eG = g0, and theinverse g−k of each of its elements gk. Hence 〈g〉 is a subgroup of G, by the subgrouptest.

Suppose that there are integers j < k with gj = gk. Then gk−j = eG, so g has finiteorder n ≤ k − j. It follows that the n elements g0 = eG, g

1 = g, g2, . . . , gn−1 of G arepairwise distinct elements of 〈g〉, so |〈g〉| ≥ n.

On the other hand, every integer k can be expressed in the form k = an + b forsome k ∈ Z and some b = 0, 1, . . . , n− 1, so

gk = (gn)agb = (eG)agb = gb ∈ {g0, g1, . . . , gn−1},

and |〈g〉| ≤ n.Hence |〈g〉| = n.If gj 6= gk whenever j 6= k, then in particular gk 6= eG whenever k > 0, so g has

infinite order. In this case 〈g〉 also has infinite order, since the elements gk, k ∈ Z, arepairwise distinct.

Theorem 1.5 (Lagrange’s Theorem) Let G be a finite group and H a subgroup of G.Then the order of H divides that of G.

Corollary 1.6 Let G be a group and g ∈ G. Then the order of g divides that of G.

Definition Let H be a subgroup of G, and g ∈ G. Then the left coset of H in Grepresented by g is the subset gH = {gh, h ∈ H} of G, and the right coset of H in Grepresented by g is the subset Hg = {hg, h ∈ H} of G.

Exercise Show that:

1. the left cosets form a partition of G;

2. the map h 7→ gh is a bijection from H to gH.

Hence prove Lagrange’s Theorem.

Definition A subgroup N ⊂ G is normal if each left coset is also a right coset. (Thatis gN = Ng for all g ∈ G.) Equivalently, gng−1 ∈ N for all g ∈ G and all n ∈ N .

1.6 Homomorphisms

Definition Let (G, ∗) and (H, †) be groups. A map f : G→ H is a homomorphism if

f(x ∗ y) = f(x)†f(y) ∀ x, y ∈ G.

Example The exponential map from (R,+) to (R+,×) is a homomorphism (sinceexp(x+ y) = exp(x) exp(y)).


Lemma 1.7 Let f : G→ H be a homomorphism. Then the image of f ,

Im(f) := {f(x), x ∈ G} ⊂ H,

is a subgroup of H, and the kernel of f ,

Ker(f) := {x ∈ G, f(x) = eH} ⊂ G,

is a normal subgroup of G.

Proof. I will prove the first part, and leave the second as an exercise – see the examplesheet at the end of this chapter.

We use the subgroup test to check that I := Im(f) is a subgroup of H.Firstly, the closure property. If x, y ∈ I, then there are elements a, b ∈ G such that

f(a) = x and f(b) = y (by definition of Im(f)). Then, since f is a homomorphism, wehave

x†y = f(a)†f(b) = f(a ∗ b) ∈ Im(f) = I.

Next, the identity property. Let eH be the identity element of H, and eG the identityelement of G. Then

f(eG)†f(eG) = f(eG ∗ eG) = f(eG),

so

f(eG) =(f(eG)−1†f(eG)

)†f(eG) = f(eG)−1† (f(eG)†f(eG)) = f(eG)−1†f(eG) = eH .

In particular, eH = f(eG) ∈ Im(f) = I.Finally, the inverse property. If x = f(a) ∈ Im(f) = I, then

x†f(a−1) = f(a)†f(a−1) = f(a ∗ a−1) = f(eG) = eH ,

, so x−1 = f(a−1) ∈ Im(f) = I.Hence Im(f) is a subgroup of H, as claimed.

Clearly, a homomorphism f : G → H is surjective iff Im(f) = H. Less obvi-ously (but easily checked), it is injective iff Ker(f) = {eG}, the trivial subgroup ofG. A homomorphism that is both injective and surjective (ie bijective) is called anisomorphism, and two groups G,H are isomorphic (denoted G ∼= H) if there is anisomorphism G→ H.(Exercise: understand why this is the same thing as the less formal definition of iso-morphic groups given earlier.)(Another exercise: check that ∼= is an equivalence relation between groups.)

Example The exponential map from (R,+) to (R+,×) is an isomorphism. It is ahomomorphism, and bijective (with inverse ln : R+ → R). Hence the groups (R,+)and (R+,×) are isomorphic.

1.7. QUOTIENT GROUPS 11

1.7 Quotient Groups

Let G be a group, and N a normal subgroup. The quotient group (or factor group) of Gby N , denoted G/N or G

N, is defined to be the set of left cosets gN for all g ∈ G. (Since

N is normal, this is the same as the set of right cosets Ng.) The binary operation onG/N is defined by

(xN)(yN) := (xy)N ∀ x, y ∈ G.

Of course, one needs to check some things - firstly that the definition does not dependon the choices x, y of representatives of the two cosets, and then that the resultingbinary operation on G/N satisfies all the axioms for a group.

Let us check the first of these. The second will be an exercise: see the examplesheet at the end of the chapter.

Suppose that x′, y′ are different choices of coset representatives. In other words,x′N = xN and y′N = yN . Then x′ = xn1 and y′ = yn2 for some n1, n2 ∈ N . We mustshow that (x′y′)N = (xy)N .

Now

(x′y′)N = xn1yn2N = xn1(yN) = xn1(Ny) = x(n1N)y = x(Ny) = x(yN) = (xy)N.

More specifically, since n1y ∈ Ny = yN , there is an element n3 ∈ N with n1y = yn3.Then

xn1yn2 = (xy)(n3n2) ∈ (xy)N.

Example The set 2Z of even integers is a normal subgroup of the group (Z,+). Thequotient group Z/2Z has two elements: 0 + 2Z = 2Z (the set of all even integers and1 + 2Z (the set of all odd integers). The Cayley table of this group is:

+ 0 + 2Z 1 + 2Z0 + 2Z 0 + 2Z 1 + 2Z1 + 2Z 1 + 2Z 0 + 2Z

Note that this is just like addition modulo 2. In fact Z/2Z ∼= Z2. This is a specialcase of an important theorem.

Theorem 1.8 (First Isomorphism Theorem) Let f : G→ H be a homomorphism.Then

G

Ker(f)∼= Im(f).

Proof. Let K = Ker(f) and I = Im(f). We must define a map θ : G/K → I and provethat it is an isomorphism.

There is only one natural way to define θ: namely θ(gK) := f(g) ∈ I.


First, we should check that this is well-defined. In other words, given a differentchoice of coset representative g′ ∈ gK, the definition gives the same element of I forθ(g′K) = θ(gK). We can write g′ = gk for some k ∈ K. Then

f(g′) = f(gk) = f(g)f(k) = f(g)eH = f(g).

Hence θ is indeed well-defined.Next, we should check that θ is a homomorphism. But

θ(g1K.g2K) = θ((g1g2)K) = f(g1g2) = f(g1)f(g2) = θ(g1K)θ(g2K).

Next, that θ is surjective. But if x ∈ I then x = f(a) for some a ∈ G. Thenx = θ(aK).

Finally, that θ is injective. Suppose that θ(gK) = θ(g′K). Then f(g) = f(g′), so

f(g−1g′) = f(g−1)f(g′) = f(g)−1f(g) = eH ,

so g−1g′ ∈ Ker(f) = K, so g′K = gK.

1.8 Finitely generated abelian groups

An abelian group (A,+) is said to be generated by a finite set S = {s1, . . . , sk} if everyelement of A can be expressed as a = n1s1 + · · · + nksk for some integers n1, . . . , nk.Here, for n ∈ Z and s ∈ A, we define ns = (−n)(−s) ∈ A by induction on |n| by0s = 0A (the identity element of A, and (n+ 1)s = ns+ s for n ≥ 0.

Finitely generated abelian groups are completely understood, in the sense that wehave the following structure theorem for them.

Theorem 1.9 If A is a finitely generated abelian group, there are integers r, s ≥ 0and m(1), . . . ,m(s) ≥ 2, which are uniquely determined by A, such that m(i) dividesm(i+ 1) for 1 ≤ i ≤ s− 1, and

A ∼= Zr × Zm(1) × · · · × Zm(s).

Corollary 1.10 If A is a finite abelian group, then there are integers s ≥ 0 andm(1), . . . ,m(s) ≥ 2, which are uniquely determined by A, such that m(i) divides m(i+1) for 1 ≤ i ≤ s− 1, and

A ∼= Zm(1) × · · · × Zm(s).

1.8. FINITELY GENERATED ABELIAN GROUPS 13

Exercises on group theory

1. Define a binary operation ∗ on the set G = R\{0} by a∗ b = 5ab for all a, b ∈ G.Show that (G, ∗) is a group, and determine whether or not it is an abelian group.

2. Let M = Mn(R) be the set of 3×3 matrices with real coefficients, and let S ⊂Mbe the set of symmetric matrices (that is, matrices A such that A = AT ). Use thesubgroup test to show that S is a subgroup of (M,+) (where + denotes matrixaddition).

3. Find all subgroups of the group Z8.

4. Let φ:G → G′ be a homomorphism of groups. Prove that Ker(φ) is a normalsubgroup of G.

5. Let H be a normal subgroup of (G, ∗). Define an operation ⊕ on cosets by

(a ∗H)⊕ (b ∗H) = (a ∗ b) ∗H

Assuming this is well defined (as shown in the notes) show that this gives (G/H,⊕)the structure of a group.

6. Describe the elements in each of the following quotient groups (i.e. describe theappropriate cosets).

(i) C/R;

(ii) Z/3Z;

Can these quotient groups be described in more familiar terms i.e. are theyisomorphic to other groups you know about?

7. Let S = {x ∈ R : x 6= −1}. If the binary operation ∗ is defined by a∗b = a+b+ab,show that (S, ∗) is a group. Prove that (S, ∗) is isomorphic to (R \ {0}, ·).

8. Let n ∈ N. Use the First Isomorphism Theorem for Groups to show that Z/nZ ∼=Zn. [Hint: Define an appropriate function φ:Z→ Zn].

Chapter 2

Rings, fields and integral domains

2.1 Rings

Definition A ring (R,+, ·) is a set R together with two binary operations + (calledaddition) and · (called multiplication) that satisfy the following axioms.

1. (R,+) is an abelian group. In other words, + is associative and commutative,with an identity (which we denote 0 or 0R), and each element x ∈ R has aninverse with respect to + (which we denote −x).

2. · is associative. That is, x(yz) = (xy)z ∀ x, y, z ∈ R.

3. · is left distributive and right distributive over +. That is,

(a) x(y + z) = (xy) + (xz) ∀ x, y, z ∈ R.

(b) (y + z)x = (yx) + (zx) ∀ x, y, z ∈ R.

Remarks

1. Multiplication · need not be commutative. If it is, then we say that R is acommutative ring. (In this case, the left and right distributive conditions areequivalent.)

2. R need not have an identity for ·. If it does, then we often denote it by 1 or 1R.We then say that R is a ring with identity, or ring with unity.

3. If R has an identity 1, then elements of R do not in general have inverses withrespect to multiplication. Those elements that do have inverses are called invert-ible elements or units of R. If R is a ring with identity, then the units of R forma group U(R).

15

16 CHAPTER 2. RINGS, FIELDS AND INTEGRAL DOMAINS

Examples

1. Z, Q, R, C are commutative rings with identity, with the usual operations ofaddition and multiplication.

2. Let S = {m + n√

2; m,n ∈ Z} ⊂ R, and let +, · be the usual addition andmultiplication of real numbers. Then (S,+, ·) is a commutative ring with identity.

To see this, note first that S is closed with respect to addition and additiveinverses: (m1 + n1

√2) + (m2 + n2

√2) = (m1 + m2) + (n1 + n2)

√2 ∈ S and

−(m + n√

2) = (−m) + (−n)√

2 ∈ S, and contains the identity 0 = 0 + 0√

2of (R,+), so is a subgroup of (R,+) by the subgroup test. Addition in S iscommutative, since it is commutative in the larger group R. Hence S is anabelian group.

Also, S is closed under multiplication, since (m1 +n1

√2)(m2 +n2

√2) = (m1m2 +

2n1n2) + (m1n2 +m2n1)√

2 ∈ S. Hence multiplication in R gives a binary oper-ation S ×S → S on S. The associative and distributive properties of · in S holdbecause they hold in the larger set R.

3. For similar reasons, the set Z[i] := {m+ni; m,n ∈ Z} ⊂ C is a ring with respectto addition and multiplication of complex numbers, where i ∈ C denotes a squareroot of −1.

The elements of Z[i] are called Gaussian integers.

4. Let n ≥ 2 be an integer. Then the set Zn = {0, 1, . . . , n − 1} is a commutativering with identity, with respect to addition and multiplication modulo n:

ab mod n is the integer r ∈ Zn such that ab = qn+ r in Z for some q ∈ Z.

5. Let Mn(R) denote the set of all n× n matrices with real entries. Then Mn(R) isa ring with respect to addition and multiplication of matrices. It has an identity,namely the n × n identity matrix I = In. It is not commutative when n ≥ 2,since, for example,(

1 10 1

)(1 01 1

)=

(2 11 1

)6=(

1 11 2

)=

(1 01 1

)(1 10 1

).

Similarly, the sets Mn(Z), Mn(Q), Mn(C) of n×n matrices with integer, rationaland complex entries, respectively, are noncommutative rings with identity, underaddition and multiplication of matrices.

6. Let X be any set, and let RX denote the set of all functions X → R. Defineaddition and multiplication pointwise on RX , that is:

(f + g)(x) := f(x) + g(x) ∀ x ∈ X; (fg)(x) := f(x)g(x) ∀ x ∈ X.

2.2. PRODUCT RINGS 17

Then RX is a commutative ring with identity. The additive identity is the con-stant function 0, and the multiplicative identity is the constant function 1.

7. Define R[x] to be the set of all polynomials with real coefficients in the variablex. Elements of R[x] are formal sums

p(x) =m∑k=0

akxk = amx

m + am−1xm−1 + · · ·+ a1x+ a0,

where m ∈ N and a0, a1, . . . , am ∈ R. We can also think of a polynomial p(x) asa function p : R→ R defined by the above formula.

There is a natural way to define addition and multiplication on R[x]. As functions,p(x) + q(x) and p(x)q(x) are defined pointwise, as in the previous example. Asformal sums, we can define these as follows.

m∑k=0

akxk +

n∑k=0

bkxk =

N∑k=0

ckxk,

where N = max(m,n), ck = ak+bk for 0 ≤ k ≤ min(m,n), ck = ak if n < k ≤ m,and ck = bk if m < k ≤ n.(

m∑k=0

akxk

)(n∑k=0

bkxk

)=

m+n∑k=0

dkxk,

where dk =∑{aibj; 0 ≤ i ≤ m, 0 ≤ j ≤ n, i+ j = k}.

A polynomial p(x) = a0 (with m = 0) is constant. The constant polynomial 0 isan additive identity, and the constant polynomial 1 is a multiplicative identity. Anonconstant polynomial can be uniquely written as p(x) = amx

m + am−1xm−1 +

· · · + a1x + a0 with m > 0 and am 6= 0. The integer m is then called the degreeof the polynomial p(x). Constant polynomials have degree 0.

It is not hard to check that R[x] is a commutative ring with identity. The unitsof R[x] are precisely the nonzero constant polynomials.

In a similar way, we can construct rings Z[x], Q[x], C[x] of polynomials in onevariable x with coefficients from Z, Q, C respectively.

2.2 Product rings

Suppose that R, S are two rings. We consider the set R×S of ordered pairs (r, s) withr ∈ R and s ∈ S, and define addition and multiplication on this set coordinatewise:

(r1, s1) + (r2, s2) = (r1 + r2, s1 + s2), (r1, s1)(r2, s2) = (r1r2, s1s2),


where the operations in the first coordinate position are taking place in R and thosein the second coordinate position are taking place in S.

It is easy to check that this makes R × S into a ring. The additive identity is(0R, 0S).

If (a, b) ∈ R× S is a multiplicative identity, than for any (r, s) ∈ R× S we have

(ar, bs) = (a, b)(r, s) = (r, s) = (r, s)(a, b) = (ra, sb),

so ar = r = ra in R and bs = s = sb in S. In other words, a is a multiplicativeidentity in R and b is a multiplicative identity in S. Conversely, if each ring R, S hasan identity, then R× S has an identity (1R, 1S).

2.3 Some elementary properties

The following result lists some easy facts which are true in any ring.

Lemma 2.1 Let R be a ring, and let a, b, c ∈ R. Then

1. if a+ b = a+ c, then b = c;

2. a.0 = 0 = 0.a;

3. (−a)b = −(ab) = a(−b);

4. (−a)(−b) = ab.

Proof.

1. This follows from the fact that (R,+) is a group. In detail:

b = 0+ b = (−a+a)+ b = −a+(a+ b) = −a+(a+ c) = (−a+a)+ c = 0+ c = c.

2. 0 = 0 + 0, so0 + 0a = 0a = (0 + 0)a = 0a+ 0a.

By the previous property, 0 = 0a. Similarly 0 = a0.

3. ab+ (−a)b = (a− a)b = 0b = 0, so (−a)b = −(ab). Similarly a(−b) = −(ab).

4. By the previous property, ab = −(−ab) = −(a(−b)) = (−a)(−b).

Remark The first property in the above lemma says that addition is cancellative –we can cancel an equal term from each side of an equation involving addition. Thecorresponding property is not true in general for multiplication. In other words, it ispossible that ab = ac but b 6= c. Easy examples of this come from the second propertyby taking a = 0: 0b = 0 = 0c for all b, c ∈ R. But there are also more subtle examplesof this phenomenon, such as a = 2, b = 1, c = 7 in Z12: ab = 2 = ac in Z12, but b 6= cin Z12.

2.4. SUBRINGS 19

2.4 Subrings

Just as we can find many examples of groups as subgroups of other groups, many ringsnaturally exist as subrings of other rings.

Definition A subring of a ring R is a subset S of R which is itself a ring with respectto the same addition and multiplication as R.

Examples

1. Each of Z, Q, R, Z[i] is a subring of C.

2. R[x] can be thought of as a subring of RR (the ring of all functions R→ R withpointwise addition and multiplication). Here we think of polynomials as functionsR→ R and note that addition and multiplication are defined pointwise.

3. Mn(Z) is a subring of Mn(R), etc.

There is an easy test for a subset of a ring to be a subring, analogous to the subgrouptest in group theory.

Lemma 2.2 (The Subring Test) A subset S of a ring R is a subring if and only if

1. S is a subgroup of (R,+) (which can be checked using the subgroup test);

2. S is closed under multiplication (x, y ∈ S ⇒ xy ∈ S).

Proof. Suppose that S is a subring of R. Then it is a ring with respect to the additionand multiplication of R. In particular it is a group with respect to the addition ofR, in other words a subgroup of (R,+). It must also be closed with respect to themultiplication of R, since multiplication on R gives a binary operation on S.

Conversely, suppose that the two conditions of the lemma hold. In particular, theaddition and multiplication of R give binary operations on S, and (S,+) is a group,being a subgroup of (R,+). Indeed, since (R,+) is an abelian group, so is any of itssubgroups, so (S,+) is an abelian group. Multiplication on S is associative, since it isassociative on the larger set R. For the same reason, multiplication on S is both leftand right distributive over +. Hence (S,+, ·) is a ring, so S is a subring of R.

Remark If R is a commutative ring, then every subring of R is also commutative. IfR has identity, then a subring of R may have identity, but need not.

Examples

1. The set 2Z of all even integers is a subring of Z. It is a subgroup of (Z,+) whichis closed with respect to multiplication. This subring is of course commutative,but has no identity (since, for example, 2n 6= 2 for any even integer n).


2. The set S of 2× 2 matrices

S =

{(a b0 d

): a, b, d ∈ R

}is a subring of M2(R). Clearly S is a subgroup of (M2(R),+), and it is easy tocheck that the product of two matrices in S also belongs to S. This ring S isnot commutative. (See this by writing down a formula for the product of twomatrices in S, for example.) It contains the identity matrix I2, which is clearlyan identity for S also.

3. The set T of 2× 2 matrices

S =

{(a 00 0

): a ∈ R

}is a commutative subring of M2(R). It does not contain the identity matrix ofM2(R). Nevertheless, the matrix (

1 00 0

)belongs to T and acts as an identity for T .

2.5 Fields

A ring is an algebraic object in which we can add, subtract, and multiply, but notnecessarily divide (since elements do not need to have inverses).

In many of our nicest rings (such as Q or C, we can divide by any element except0, since every nonzero element has an inverse. Rings like this are called fields.

Definition A field is a commutative ring with identity element 1 6= 0, in which everynonzero element x 6= 0 has an inverse x−1.

Remark It is important to allow 0 to be an exceptional element with no inverse.Suppose that R is a ring with identity, in which 0 has an inverse. Then 1 = 0.0−1 = 0,and so, for each r ∈ R, we have r = 1.r = 0.r = 0. In other words, R = {0}, which isa ring but not a very interesting one.

Examples

1. Q, R and C are fields with respect to the usual addition and multiplication.

2. The subring Q[i] := {a + bi ∈ C; a, b ∈ Q} of C is a field, called the field ofGaussian rationals.

2.5. FIELDS 21

To check that it is a subring, we use the subring test: Q[i] is closed under additionand multiplication ((a+ bi)+(c+di) = (a+ c)+(b+d)i ∈ Q[i], (a+ bi)(c+di) =(ac− bd) + (ad+ bc)i ∈ Q[i]); contains the zero element 0 + 0i, and the additiveinverse −a− bi of each of its elements a+ bi.

Q[i] is certainly commutative, being a subring of C, and it contains the identity1 = 1 + 0i of C. Finally, if a + bi 6= 0 in Q[i], then its multiplicative inverse isa− bia2 + b2

∈ Q[i].

3. Zp is a field if p is a prime number.

We already know that Zp is a commutative ring with identity, so we need onlycheck that every nonzero element has an inverse. Suppose x 6= 0 in Zp. Considerthe map f : Zp → Zp given by f(k) = xk mod p. If f(j) = f(k) for some j, kwith 0 ≤ j < k < p, then x(k − j) = xk − xj = f(k) − f(j) = 0 in Zp, so theinteger x(k − j) is divisible by the prime number p, and hence one of x, k − j isdivisible by p (since p is a prime). But this is a contradiction, since 0 < x < pand 0 < k − j < p by hypothesis.

Hence f is injective, and so by the pigeonhole principle it is also surjective. Hencethere is a (unique) y ∈ Zp with xy = f(y) = 1.

4. Let F denote the set {0, 1, x, y} of four elements, and let addition and multipli-cation on F be defined by the Cayley tables:

+ 0 1 x y

0 0 1 x y1 1 0 y xx x y 0 1y y x 1 0

× 0 1 x y

0 0 0 0 01 0 1 x yx 0 x y 1y 0 y 1 x

Then (F,+,×) is a field. (Exercise: check the field axioms for F .)

5. Let H denote the subset of M2(C) consisting of matrices A =

(a b

−b a

)where

a, b ∈ C and · denotes the complex conjugate. Then H is a subring of M2(C)which contains the identity matrix I2. Moreover, if A 6= 0 in H, then det(A) =

|a|2 + |b|2 > 0, so A is invertible, and its inverse A−1 =1

det(A)

(a −bb a

)∈ H.

Hence every nonzero element of H has an inverse.

However, H is not a field, since it is not commutative.

The ring H is known as the Quaternions, or Hamiltonians. It is an example ofa division-ring, or skew-field – a ring which is not necessarily commutative, inwhich every nonzero element is a unit.


Remark In a field F , the group of units is U(F ) = F \ {0}. When F is finite, theCayley table for U(F ) can be found from the multiplication table for F by strippingoff the row and column marked 0.

For the 4-element field in the example above, the unit group is clearly isomorphicto the cyclic group of order 3. For the field Z5 we have, for example, 22 = 4, 23 = 3,24 = 1, so 2 has order 4 in U(Z5), and U(Z5) is isomorphic to the cyclic group of order4.

2.6 Integral domains

Definition A zero-divisor, or divisor of zero in a ring R is an element x ∈ R such thatx 6= 0, but xy = 0 in R for some y ∈ R with y 6= 0.

Example. In Z6 we have 2× 3 = 0 = 3× 2, so 2 and 3 are zero-divisors.

In a field F , there are no zero-divisors. For example, if xy = 0 with x 6= 0, theny = 1y = (x−1x)y = x−1(xy) = x−10 = 0.

It follows that the same property holds for subrings of fields. If F is a field, and Ra subring of F , then any zero-divisor in R would also be a zero-divisor in F .

In particular, Z has no zero-divisors. The notion of integral domain is intended tomean a ring with properties resembling those of Z.

Definition An integral domain is a commutative ring with identity, in which there areno zero-divisors.

Examples

1. Any field is an integral domain. In particular, Q, R, C are integral domains, asis Zp for any prime number p.

2. Any subring of a field, which contains the identity, is an integral domain. Inparticular the ring of integers Z and the ring of Gaussian integers Z[i] are integraldomains.

3. If R is an integral domain, then so is the ring R[x] of polynomials with coefficientsin R. Certainly R[x] is a commutative ring with identity. To see that R[x] has nozero-divisors, suppose that p(x) = amx

m + . . . and q(x) = bnxn + . . . are nonzero

polynomials in R[x] of degrees m,n respectively. Then am 6= 0 6= bn in R. SinceR is an integral domain, ambn 6= 0, so

p(x)q(x) = ambnxm+n + . . .

is a nonzero polynomial of degree m+ n in R[x].

A useful property of integral domains is that multiplication by nonzero elements iscancellative.

2.6. INTEGRAL DOMAINS 23

Lemma 2.3 Let R be an integral domain, and a, b, c ∈ R such that ac = bc and c 6= 0.Then a = b.

Proof. By hypothesis, (a− b)c = ac− bc = 0. But c 6= 0 and R has no zero divisors, soa− b = 0. Thus a = b as claimed.

The following result is a generalisation of the fact that Zp is a field for any primep. It is proved in exactly the same way.

Theorem 2.4 Every finite integral domain is a field.

Proof. Let R be a finite integral domain. Then R is a commutative ring with identity.To prove that R is a field, we need only check that every nonzero element has aninverse.

Suppose that x ∈ R with x 6= 0. Then, by the Lemma above, xy 6= xz whenevery 6= z in R. Thus the map f : R → R defined by f(y) = xy is injective. Since R isfinite, the pigeonhole principle implies that f is also surjective. In particular, ∃ y ∈ Rwith xy = f(y) = 1R. Hence x has an inverse, as required.


Exercises on rings, fields and integral domains

1. Which of the following are rings?

(a) (S,+, ·), where S = {2k + 1 : k ∈ Z} ∪ {0} and + and · denote the usualaddition and multiplication of real numbers.

(b) (S,+, ·), where S denotes the family of all functions from R to R, and +and · denote the usual (pointwise) addition and multiplication of functions:(f + g)(x) = f(x) + g(x), (fg)(x) = f(x)g(x).

(c) (S,+, ◦), where S denotes the family of all functions from R to R, and +denotes pointwise addition and ◦ denotes composition of functions.

(d) (S,+, ·), where S is the family of all subsets of a given set E and + and ·are defined by

A+B = (A \B) ∪ (B \ A) ; A ·B = A ∩B .

2. Find all the units in the rings Z4, Z6, and Z3 × Z3.

3. In the ring Z48, find all elements x satisfying x2 = 0, and all elements y satisfyingy3 = 0.

4. In the ring Z7 × Z7, find all elements x satisfying x2 = (−1, 1), and all elementsy satisfying y3 = (1, 0).

5. Let (R,+, ·) be a ring such that x2 = x for all x ∈ R. Show that for all x, y ∈ R,xy = −yx. [Hint: consider (x+ y)2.] Deduce that R is commutative.

6. Let S denote the set of all rational numbers of the form a/2n, where a, n ∈ Zand n ≥ 0. Show that S is a subring of Q.

7. Show that the set R of complex numbers of the form a + 2bi, with a, b ∈ Z, is asubring of C.

8. Which of the following are subrings of C?

(a) {z ∈ C : |z| = 1}.(b) {0 + iy; y ∈ R}.(c) {(a+ ib

√3); a, b ∈ Z}.

(d) {(a+ ib√

3)/2; a, b ∈ Z, a+ b even}.

9. Show that (R,⊕,⊗) is a field where

a⊕ b = a+ b+ 1 ; a⊗ b = a+ b+ ab .

2.6. INTEGRAL DOMAINS 25

10. Let (F,+, ·) be a field and let x, y ∈ F . Is it necessarily true that x3 = y3 impliesx = y?

11. Let p be a prime number. Find all elements in the field (Zp,+, ·) which are theirown multiplicative inverses.

12. Let R and S be two rings, each with more than one element. Show that there arenonzero elements x and y in R× S such that xy = 0. In the case where R = Z2

and S = Z3, find all such pairs x, y ∈ R× S.

13. Determine the units and the divisors of zero of (Z12,+, ·). Write down the grouptable of the group of units of Z12.

14. Show that Z× Z is not an integral domain.

15. Show that a subring R 6= {0} of a field F is an integral domain if and only if1F ∈ R.

16. Let (R,+, ·) be a commutative ring with identity. Prove that R is an integraldomain if for a, b, c ∈ R with a 6= 0 the relation ab = ac implies that b = c.

Chapter 3

Homomorphisms, ideals, andquotient rings

In group theory, we construct the quotient group G/N of a group G over a normalsubgroup N . The normal subgroups are precisely the kernels of homomorphisms be-tween groups. In this chapter we follow the entirely analogous story in ring theory. Asin group theory, a ring homomorphism is a map which respects the binary operations.The analogue of a normal subgroup is something called an ideal in a ring. Given anideal, we can construct a quotient ring.

3.1 Homomorphisms

Definition A homomorphism from a ring R to a ring S is a map f : R→ S such that

f(x+ y) = f(x) + f(y) and f(xy) = f(x)f(y) ∀ x, y ∈ R.

(In each case the operation of + or · on the left side of the equation takes place in R,while that on the right side takes place in S.)

If the homomorphism f : R→ S is bijective, then it is called an isomorphism, andwe say that the rings R and S are isomorphic (denoted R ∼= S). The relation ∼= is anequivalence relation between rings. We regard isomorphic rings as being ‘the same’.

If f : R→ S is a homomorphism of rings, then in particular f is a homomorphismof groups from (R,+) to (S,+). From this we have an immediate list of properties off :

1. f(0R) = 0S;

2. f(−x) = −f(x) ∀ x ∈ R;

3. Im(f) is a subgroup of (S,+);

27

28 CHAPTER 3. HOMOMORPHISMS, IDEALS, AND QUOTIENT RINGS

4. Ker(f) is a subgroup of (R,+). (Indeed, Ker(f) is a normal subgroup of (R,+).But in any case, since (R,+) is an abelian group, all its subgroups are normal.)

It is not true in general that f(1R) = 1S, even when both rings R, S have identities.For example, the map f : Z → Z × Z given by f(r) = (r, 0) is a homomorphism, butf(1) 6= (1, 1). On the other hand, suppose that f : R → S is an isomorphism Then Shas an identity if and only if R has an identity, and in this case f(1R) = 1S. To seethis, suppose that R has an identity, and let s ∈ S. Then

f(1R)s = f(1R)f(f−1(s)) = f(1Rf−1(s)) = f(f−1(s)) = s

and similarly sf(1R) = s, so f(1R) is an identity for S. Applying the same argumentto the isomorphism f−1 : S → R gives the converse.

Example The rings R and C are not isomorphic. The reason is that C contains a squareroot of −1, but R does not. In detail, suppose that f : C → R is an isomorphism.Then f(0) = 0, so f(1) 6= 0, since f is injective. But f(1) = f(12) = f(1)2, sof(1) ∈ R is a nonzero solution of the equation x2 = x. There is only one suchsolution, namely x = 1, so f(1) = 1, and hence also f(−1) = −f(1) = −1. Finally,f(i)2 = f(i2) = f(−1) = −1, so f(i) is a square root of −1 in R, a contradiction.

Remark This last example depends in a crucial way on the difference between the mul-tiplicative structures of R and C. Indeed, as groups, (R,+) and (C,+) are isomorphic.(They are vector spaces of equal infinite dimension over Q.)

Theorem 3.1 If f : R → S is a ring homomorphism, then Im(f) = {s ∈ S : ∃ r ∈R with f(r) = s} is a subring of S.

Proof. We have already noted that Im(f) is a subgroup of (S,+) (since f is a grouphomomorphism from (R,+) to (S,+)).

It only remains to show that Im(f) is closed under multiplication. So suppose thatx, y ∈ Im(f). Then there are elements a, b ∈ R such that f(a) = x and f(b) = y (bydefinition of Im(f)). Since f is a homomorphism, we have

xy = f(a)f(b) = f(ab) ∈ Im(f).

Examples

1. The map f : Z → Zn given by f(k) = k mod n is a homomorphism, by thedefinition of addition and multiplication in Zn.

2. The map f : C → C given by f(z) = z (the complex conjugate of z), is ahomomorphism, since (w + z) = w + z and (wz) = w · z for all w, z ∈ C.Moreover, since f is bijective, it is an isomorphism.

3.2. IDEALS 29

3. The map f : R → R given by f(x) = −x is not a ring homomorphism. It istrue that f(x + y) = f(x) + f(y), so f is a group homomorphism from (R,+)to (R,+). But f(xy) = −xy, while f(x)f(y) = (−x)(−y) = xy, so if x 6= 0 6= ythen f(xy) 6= f(x)f(y).

4. If R is a ring with identity 1R ∈ R, we can define 2R := 1R+1R, 3R := 1R+1R+1R,etc. (Inductively, if n ∈ N and we have defined nR ∈ R, then we define (n+1)R :=nR + 1R ∈ R.) We can also define (−n)R := −(nR). Then f : Z→ R, f(n) = nR,is a ring homomorphism: (m + n)R = mR + nR, (mn)R = mRnR. (These caneasily be checked by induction on |m|+ |n|.)

5. If R is a ring with identity 1R ∈ R, and r ∈ R, then we can extend the ho-momorphism Z → R, n 7→ nR, to a homomorphism φr : Z[x] → R, called theevaluation homomorphism at r, by φr(p(x)) = p(r). Here we have to interpretintegers as belonging to R via n 7→ nR, substitute x = r in the polynomial p(x),and evaluate the result in R. For example, if p(x) = x2 + 3x − 4, R = C, andr = i =

√−1, then φr(p(x)) = p(i) = i2 + 3i− 4 = −5 + 3i ∈ C.

3.2 Ideals

In this section we study ideals, which are the analogues of normal subgroups in grouptheory. Thus ideals should be the objects that occur as kernels of ring homomorphisms.

Suppose then that R, S are rings, and that f : R→ S is a ring homomorphism. Weknow that Ker(f) is a subgroup of (R,+). It is not difficult to see that in fact Ker(f)is closed with respect to multiplication, so is a subring of R:

x, y ∈ Ker(f)⇒ f(xy) = f(x)f(y) = 0S0S = 0S ⇒ xy ∈ Ker(f).

However, a stronger property holds. In the above equation, in order for f(x)f(y)to be 0 in S, we do not need both f(x), f(y) to be 0. It is sufficient for any one ofthem to be 0 in S.

This suggests the following definition.

Definition An ideal in a ring R is a subset I ⊂ R such that

1. I is a subgroup of (R,+)

2. (∀ x ∈ I) (∀ r ∈ R) xr ∈ I and rx ∈ I.

Thus to check that a given subset I ⊂ R is an ideal of R, we check the above twoproperties. For the first, we can use the subgroup test, or we may already know forother reasons that I is a subgroup of (R,+). The key property to check is usually thesecond property rx, xr ∈ I, which I will refer to as the ideal property. In practice, most


of the rings that we consider will be commutative, in which case the two statementsxr ∈ I and rx ∈ I are equivalent (since rx = xr), so we need only check one of them.

Examples

1. For n ∈ N, the set nZ = {nk; k ∈ Z} is an ideal of Z.

We already know that nZ is a subgroup of (Z,+). To check the ideal property,suppose that x = nk ∈ nZ and r ∈ Z. Then rx = xr = (nk)r = n(kr) ∈ nZ.

2. The set I = {p(x) ∈ R[x]; p(0) = 0} of polynomials with constant term 0 is anideal in R[x].

We first check that I is a subgroup of (R[x],+), using the subgroup test. Ifp(x), q(x) ∈ I then p(0)+q(0) = 0+0 = 0, so p(x)+q(x) ∈ I; and−p(0) = −0 = 0so −p(x) ∈ I. Clearly 0 ∈ I, so I is a subgroup of (R[x],+), as required.

Now if p(x) ∈ I and r(x) ∈ R[x], then p(0)r(0) = 0r(0) = 0, so p(x)r(x) ∈ I.Since R[x] is commutative, we also have r(x)p(x) = p(x)r(x) ∈ I.

3. In any ring R, the sets {0} and R are ideals in R.

These are clearly subgroups of (R,+). The ideal property rx, xr ∈ I for all x ∈ Iand r ∈ R is trivially true for I = R, and for I = {0} it reduces to the propertywe observed earlier, that 0r = 0 = r0 for all r ∈ R.

4. If f : R→ S is a ring homomorphism, then Ker(f) is an ideal in R.

Since f is a group isomorphism from (R,+) to (S,+), Ker(f) is a subgroup of(R,+). For the ideal property, suppose that x ∈ Ker(f) and r ∈ R. Then

f(rx) = f(r)f(x) = f(r)0 = 0 = 0f(r) = f(x)f(r) = f(xr),

so rx, xr ∈ Ker(f), as required.

5. If R is a commutative ring, and x ∈ R, then the set xR = {xr; r ∈ R} is anideal in R, called the principal ideal generated by x.

This generalises the example of nZ ⊂ Z above, and can be checked in a similarway. Specifically, we show that xR is a subgroup of (R,+) using the subgrouptest: xr + xs = x(r + s) ∈ xR by the distributive law, 0 = x0 ∈ xR and −xr =x(−r) ∈ xR. For the ideal property, if r, s ∈ R then s(xr) = (xr)s = x(rs) ∈ xR.

6. If R and S are rings, I is an ideal in R and J is an ideal in S, then I × J is anideal in R× S.

Suppose that w, x ∈ I, y, z ∈ J , r ∈ R and s ∈ S. Then (w, y) + (x, z) =(w + x, y + z) ∈ I × J , (0, 0) ∈ I × J , −(x, z) = (−x,−z) ∈ I × J , (r, s)(x, z) =(rx, sz) ∈ I × J , and (x, z)(r, s) = (xr, zs) ∈ I × J .

3.3. QUOTIENT RINGS 31

7. If F is a field, then the only ideals in F are {0} and F .

Suppose that I 6= {0} is an ideal in F . Since 0 ∈ I, there must be a nonzeroelement x 6= 0 in I. If x is the inverse of x in F , and y ∈ F , then y = 1y =(xx)y = x(xy) ∈ I. Hence I = F .

3.3 Quotient Rings

Let R be a ring and I an ideal of R. Then in particular I is a subgroup of (R,+).Since + is commutative, I is in fact a normal subgroup of (R,+), so we can form thequotient group R/I . The elements of R/I are the cosets r + I for r ∈ R. We willdenote the binary operation in this group as +, and we recall that this is defined bythe rule (r + I) + (s+ I) := (r + s) + I.

We would like to make (R/I,+) into a ring, so we need to define a multiplicationon R/I . We do so in the obvious way, namely: (r + I)× (s+ I) := (rs) + I.

Lemma 3.2 With + and × defined as above, (R/I,+,×) is a ring.

Proof. We already know that (R/I,+) is a group. Indeed, it is an abelian group since+ is commutative in R:

(r + I) + (s+ I) = (r + s) + I = (s+ r) + I = (s+ I) + (r + I).

We need to check that × is well-defined on R/I . Suppose that r′ ∈ r + I ands′ ∈ s+ I. Say r′ = r+x, s′ = s+y, with x, y ∈ I. Then r′s′ = (r+x)(s+y) = rs+ z,where z = xs + ry + xy. But xs, ry, xy ∈ I since x, y ∈ I and r, s ∈ R, by thedefinition of ideal. Hence also z = xs + ry + xy ∈ I, by the definition of ideal. Thus(r′s′) + I = (rs) + I, so × is indeed well-defined on R/I .

We need to check that × is associative on R/I . But

(r + I)[(s+ I)(t+ I)] = (r + I)(st+ I) = r(st) + I

= (rs)t+ I = (rs+ I)(t+ I) = [(r + I)(s+ I)](t+ I),

using the fact that multiplication in R is associative.We need to check that × is distributive over + in R/I . But

(r + I)[(s+ I) + (t+ I)] = (r + I)(s+ t+ I) = r(s+ t) + I = (rs+ rt) + I

= (rs+ I) + (rt+ I) = (r + I)(s+ I) + (r + I)(t+ I),

using the fact that multiplication in R is (left) distributive over +. Thus × is leftdistributive over + in R/I . The right distributive property is verified in a similar way.

We have checked all the ring axioms for (R/I,+,×), so the proof is complete.


Examples

1. The quotient ring Z/nZ has n elements 0 +nZ, 1+nZ, . . . (n−1)+nZ. The sumor product of two cosets a + nZ and b + nZ is the coset containing a + b or ab,respectively. Thus addition and multiplication in Z/nZ are the same as in thering Zn, if we identify k ∈ Zn with the coset k+nZ in Z/nZ. In other words thequotient ring Z/nZ is isomorphic to Zn.

2. Let I be the principal ideal (x2 + 1)R[x] in R[x]. Then for any m ≥ 2 the cosetxm+I is the same as the coset −xm−2+I, since xm−(−xm−2) = (x2+1)xm−2 ∈ I.If p(x) = amx

m + . . .+ a1x+ a0, then

p(x) + I = (amxm + I) + . . .+ (a1x+ I) + (a0 + I) = (a+ bx) + I,

where a = a0 − a2 + a4 − . . . and b = a1 − a3 + a5 − . . .. Hence every element ofR[x]/I can be (uniquely) expressed in the form (a+ bx) + I with a, b ∈ R.

Addition and multiplication in R[x]/I are defined by

(a+ bx+ I) + (c+ dx+ I) = (a+ c) + (b+ d)x+ I,

and

(a+ bx+ I)(c+ dx+ I) = ac+ (ad+ bc)x+ bdx2 + I = (ac− bd) + (ad+ bc)x+ I.

These are similar to the rules for adding and multiplying complex numbers, andindeed the quotient ring R[x]/I is isomorphic to C via the map (a+bx)+I 7→ a+bi.

3. Let I ⊂ R[x] be the principal ideal x2R[x]. As in the previous example, each

coset in R[x]/I can be uniquely expressed as a + bx + I with a, b ∈ R. Asan additive group, R[x]/I ∼= R

2 ∼= C, but the multiplication rule in R[x]/Iis different from that in C. We can regard R[x]/I as R2 with multiplicationgiven by (a, b)(c, d) = (ac, ad + bc). Note that (0, 1)2 = (0, 0) – or, equivalently,(x+ I)2 = x2 + I = I, so that R[x]/I has zero-divisors, and so cannot be a field.

Theorem 3.3 (First Isomorphism Theorem for Rings)Let f : R→ S be a ring homomorphism. Then

R

Ker(f)∼= Im(f).

Proof. We must exhibit an isomorphism from R/K to S, where K = Ker(f) andS = Im(f). Define θ : R/K → S by θ(r + K) = f(r). The proof of the FirstIsomorphism Theorem for groups shows that θ is a well-defined isomorphism of groups.In particular it is bijective. In order to show that it is a ring isomorphism, we needonly check that it preserves multiplication. But

θ((r +K)(s+K)) = θ((rs) +K) = f(rs) = f(r)f(s) = θ(r +K)θ(s+K),

3.4. MORE ISOMORPHISM THEOREMS 33

as required.

Examples

1. Define f : Z→ Zn by f(k) = k mod n. Then f is a surjective homomorphism ofrings, and Ker(f) = nZ, confirming that Z/nZ ∼= Im(f) = Zn.

2. Let f : R[x] → C be the evaluation homomorphism f(p(x)) := p(i). Let K =Ker(f). Then x2 + 1 ∈ K, since f(x2 + 1) = i2 + 1 = 0. By the ideal property,(x2 + 1)p(x) ∈ K for every polynomial p(x) ∈ R[x], so K contains the principalideal I = (x2 + 1)R[x]. As described in a previous example, every coset in R[x]/Ican be uniquely expressed as a+ bx+ I for a, b ∈ R. But f(a+ bx) = a+ bi = 0only if a = b = 0, so the only coset of I contained in K is I itself, from which itfollows that K = I = (x2 + 1)R[x]. The homomorphism f is clearly surjective:given z = a+bi ∈ C, we have z = f(a+bx). This confirms our earlier observationthat R[x]/I ∼= C.

3. Let f : R[x] → R be the evaluation homomorphism f(p(x)) = p(0). Then f issurjective, since for any a ∈ R we have f(a) = a. The kernel of f is the set ofpolynomials with constant term 0. But amx

m+ . . .+a2x2 +a1x+0 = x(amx

m−1 +. . .+ a2x+ a1), so Ker(f) is the principal ideal xR[x]. Hence R[x]/xR[x] ∼= R.

4. Suppose α ∈ C. Let f : Q[x] → C be the evaluation homomorphism f(p(x)) =p(α) ∈ C. We write Q[i] for Im(f). This is a subring of C containing Q andα, and indeed it is the smallest such subring. The First Isomorphism Theoremshows that Q[α] ∼= Q[x]/I for some ideal I ⊂ Q[x]. For example, when α = i weget the field Q[i] of Gaussian rationals, and I turns out to be the principal idealgenerated by x2 + 1. If, on the other hand, we take α = cos(π/5) + i sin(π/5),then Q[α] turns out to be a subfield of C, and I turns out to be the principalideal generated by x4 − x3 + x2 − x+ 1. We will learn more about examples likethis later in the course.

3.4 More Isomorphism Theorems

The First Isomorphism Theorem has two easy corollaries, known as the Second andThird Isomorphism Theorems.

Theorem 3.4 (Second Isomorphism Theorem for Rings)Let R be a ring, S a subring of R, and I an ideal of R. Then the set S + I =

{s+ x; s ∈ S, x ∈ I} is a subring of R that contains I, S ∩ I is an ideal of S, and

S

S ∩ I∼=S + I

I.


Proof. It is not difficult to check that S + I is a subring of R.Define a ring homomorphism f : S → R/I by f(s) = s + I. Then clearly Im(f) =

(S + I)/I, while Ker(f) = S ∩ I. The result follows from the First IsomorphismTheorem.

Example Let R = R[x], S = Z[x], and let I be the principal ideal xR[x] in R[x] – inother words, the ideal consisting of all polynomials with real coefficients and constantterm zero. Then S + I is the set of polynomials in R[x] whose constant term is aninteger. Using the subring test, we can easily check that this is a subring of R[x].The ideal S ∩ I of S = Z[x] consists of all polynomials with integer coefficients, whoseconstant term is zero. Hence S ∩ I is the principal ideal xZ[x]. Finally

Z[x] + xR[x]

xR[x]∼= Z

∼=Z[x]

xZ[x]=

Z[x]

Z[x] ∩ xR[x].

Theorem 3.5 (Third Isomorphism Theorem for Rings)Let R be a ring, and I, J ideals of R such that J ⊂ I. then I/J is an ideal in R/J ,

andR/J

I/J∼=R

I.

Proof. Define a ring homomorphism f : R/J → R/I by f(r + J) = r + I, and applythe First Isomorphism Theorem.

Example In Z4 the set I = {0, 2} is the prinicpal ideal 2Z4. But Z4∼= Z/4Z, and this

ideal I corresponds to the ideal 2Z/4Z in Z/4Z. Thus

Z4

I∼=Z/4Z

2Z/4Z∼=Z

2Z∼= Z2.

3.4. MORE ISOMORPHISM THEOREMS 35

Exercises on homomorphisms, ideals and quotient

rings

1. Show that φ : C→M2(R) given by

φ(a+ ib) =

(a b−b a

)is a ring homomorphism.

2. Show that φ : C→ R defined by φ(a+ ib) = a is not a ring homomorphism.

3. Which of the following are ring homomorphisms?

(a) f : Z→ Z, f(n) = 2n for all n ∈ Z.

(b) f : Z→M2(R), f(n) = nI2 for all n ∈ Z.

(c) f : M2(R)→ R, f(A) = det(A) for all A ∈M2(R).

(d) f : R[x]→ C, f(p(x)) = p(1 + i) for all p(x) ∈ R[x].

4. Let R be a ring with identity and let S be an ideal of R. Prove that

(i) if 1R ∈ S, then S = R;

(ii) if S contains a unit u of R, then S = R.

5. Let R be a ring and let N1 and N2 be ideals of R. Prove that N1 ∩N2 is an idealof R.

6. Let R, S be rings with 1. Show that every ideal A of the product ring R× S hasthe form I × J for some ideals I of R and J of S.(Hint: define I to be {r ∈ R : (r, 0) ∈ A}.)

7. Show that f : Z → Z × Z, defined by f(n) = (n, n), is a ring homomorphism.Hence find a subring of Z× Z which is not an ideal.

8. List the elements in the quotient ring 2Z/8Z. Are 2Z/8Z and Z4 isomorphicrings?

9. Let S2 denote the ideal in Z[x] consisting of all polynomials in which both theconstant term and the x term equal zero: S2 := {p(x) ∈ Z[x]; p(0) = p′(0) = 0},where p′(x) is the derivative of p(x). By using the First Isomorphism Theoremshow that Z[x]/S2 is isomorphic to the ring of matrices{(

a b0 a

): a, b ∈ Z

}.

Chapter 4

Special types of ideals

Throughout this chapter, and indeed for the rest of the course, we will restirct ourattention to rings which are commutative and contain an identity.

In this chapter we study three special kinds of ideals in such rings.

4.1 Principal ideals

Let R be a commutative ring with identity. As defined in the previous chapter, anideal I ⊂ R is principal, with generator x ∈ R if I = xR = {xr : r ∈ R}.

Examples

1. The ideals nZ of Z are principal.

2. The ideal (x2 + 1)R[x] of R[x] is principal, with generator x2 + 1.

3. Let I = {p(x) ∈ Z[x]; p(0) ∈ 2Z}. Then I is an ideal in Z[x] – for examplesince it is the kernel of the evaluation homomorphism f : Z[x] → Z2, f(p(x)) =p(0) mod 2. But I is not principal. To see this, we must show that I 6= p(x)Z[x]for any p(x) ∈ Z[x]. Suppose first that p(x) is the constant polynomial a0 forsome a0 ∈ Z. Then a0 = p(0) ∈ 2Z, so I = a0Z[x] ⊂ 2Z[x], which is impossiblesince for example x ∈ I but x /∈ 2Z[x]. On the other hand, if p(x) has degreem > 0, then p(x)q(x) has degree m or greater for any nonzero polynomial q(x), sothere are no nonzero constant polynomials in I = p(x)Z[x]. But this contradictsthe fact that 2 ∈ Z[x].

The following result is a useful characterisation of the principal ideal xR of a ringR.

Lemma 4.1 Let R be a commutative ring with identity, and let x ∈ R. Then theprincipal ideal xR is the smallest ideal in R that contains x.

37

38 CHAPTER 4. SPECIAL TYPES OF IDEALS

Proof. We have already seen that xR is an ideal. Since R has an identity, we see thatx = x1R ∈ xR.

Conversely, suppose that I is an ideal in R and that x ∈ R. Then the ideal propertysays that xr ∈ I for all r ∈ R, and so xR ⊂ I.

Definition A principal ideal domain (or PID) is an integral domain in which everyideal is principal.

Examples

1. The polynomial ideal Z[x] is an integral domain, but is not a principal idealdomain, since it contains an ideal which is not principal. (See the example above.)

2. Z is a principal ideal domain. We already know that Z is an integral domain.Suppose that I ⊂ Z is an ideal. We need to show that I = nZ for some n ∈ Z.If I = {0} then I = 0Z, so we can suppose that I 6= {0}. Since 0 ∈ I, there mustbe some k ∈ I with k 6= 0. Since I is an additive subgroup of Z, we also have−k ∈ I, and so I contains a positive integer.

Let n be the least positive integer in I. Then n ∈ I so nZ ⊂ I. We will see that,in fact, I = nZ. To see this, let us suppose the statement is false, and derive acontradiction.

If I 6= nZ, then there is an integer k ∈ I with k /∈ nZ. Then −k ∈ I with−k /∈ nZ, so there is a positive integer in I \ nZ.

Let m be the least such positive integer. Then m > n by choice of n as the leastpositive integer in I. Then m − n ∈ I since m ∈ I and −n ∈ nZ ⊂ I. But0 < m− n < m, and so by choice of m as the least positive integer in I \ nZ wemust have m− n ∈ nZ. But then m = (m− n) + n ∈ nZ, since m− n ∈ nZ andn ∈ nZ. This contradicts our choice of m /∈ nZ.

Hence I = nZ as claimed.

3. Every field is a principal ideal domain. The only two ideals in a field F are{0} = 0F and F = 1F . Each of these is principal.

4. If F is a field, then the polynomial ring F [x] is a principal ideal domain. Theproof is similar to the case of Z. We already know that F [x] is an integral domain.The ideal {0} = 0F [x] is principal, so we suppose I 6= {0} is an ideal and showthat it must be principal.

Choose a nonzero polynomial p(x) ∈ I of least degree (m, say). Then p(x)F [x] ⊂I. We will show that I = p(x)F [x].

If I 6= p(x)F [x], let q(x) be a polynomial in I \ p(x)F [x] of least degree (n, say).Then n ≥ m, by choice of p(x). Suppose that the leading coefficient of p(x) isam, while that of q(x) is bn. Let r(x) = amq(x) − bnxn−mp(x). Then r(x) ∈ Iby the ideal properties, since p(x), q(x) ∈ I. Moreover, r(x) has degree at most

4.2. MAXIMAL IDEALS 39

n − 1, since the coeficient of xn in r(x) is ambn − bnam = 0. Hence r(x) ∈p(x)F [x], by choice of q(x). But then q(x) = a−1

m (r(x) + bnxn−mp(x)) ∈ p(x)F [x],

a contradiction.

Hence I = p(x)F [x] as claimed.

5. The ring Z[i] of Gaussian integers is a principal ideal domain. Certainly Z[i] isan integral domain, since it is a subring of the field C that contains the identityof C. The ideal {0} = 0Z[i] is principal. Suppose that I 6= {0} is an ideal. Wemust show that I is principal.

Choose a nonzero element z = a + ib ∈ I such that |z|2 = a2 + b2 ∈ N isleast possible. Clearly zZ[i] ⊂ I. We will show that I = zZ[i]. Suppose thatw = c+ id ∈ I. Then v = (w/z) = x+ iy ∈ C is a complex number. If we let e, fbe the integers closest to x, y respectively, then u = e+ if ∈ Z[i], and |u− v|2 =|x− e|2 + |y− f |2 ≤ 1

2. Now zu−w ∈ I, and |zu−w|2 = |z|2|u− v|2 ≤ 1

2|z|2. By

choice of z, we must have zu− w = 0, so w = zu ∈ zZ[i], as required.

4.2 Maximal ideals

In a given ring R, we can compare ideals using the partial order ⊂. If I ⊂ J then weregard J as ‘bigger than’ I. In this context, the unique ‘smallest’ ideal is {0} and theunique ‘biggest’ ideal is R itself. An ideal I ⊂ R is said to be a proper ideal if I 6= R.In this section we consider proper ideals which are maximal with respect to the partialorder ⊂.

Definition An ideal I ⊂ R is maximal if I 6= R, and for any ideal J ⊂ R withI ⊂ J ⊂ R, either J = I or J = R.

Examples

1. In Z, the ideal 4Z is not maximal, since 4Z ⊂ 2Z ⊂ Z, but 4Z 6= 2Z 6= Z.However, 2Z is maximal.

To see this, suppose that 2Z ⊂ I ⊂ Z for some ideal I. If I 6= 2Z then thereexists an odd integer k ∈ I. Then (k + 1) is even, so (k + 1) ∈ 2Z ⊂ I. Since Iis an ideal, we can deduce that 1 = (k + 1)− k ∈ I, so y = 1y ∈ I for all y ∈ Z.In other words, I = Z.

2. If F is a field, then {0} is a maximal ideal, since the only other ideal of F is Fitself.

3. In R[x], the principal ideal M = (x2 + 1)R[x] is maximal.

To see this, suppose that M ⊂ I for some ideal I of R[x]. If I 6= M then thereexists a polynomial p(x) ∈ I with p(x) /∈ M . In particular p(x) 6= 0. Amongall such p(x), choose one with the least possible degree, d say. Write p(x) =


adxd+· · ·+a1x+a0. If d > 1 then put q(x) = p(x)−adxd−2(x2+1) ∈ I. Then q(x)

has degree less than d, so q(x) ∈M . But then p(x) = q(x)+adxd−2(x2 +1) ∈M ,

contradicting the choice of p(x). We must therefore have d ≤ 1, say p(x) = ax+b,with (a, b) 6= (0, 0) since p(x) 6= 0 in R[x].

Then a2 + b2 = a2(x2 + 1)− (ax− b)p(x) ∈ I. Since a, b ∈ R with (a, b) 6= (0, 0),c = a2 + b2 > 0, and c is a unit in R[x]. Since I contains a unit, it must be thewhole ring. (In other words, p(x) = c(c−1p(x)) ∈ I for all p(x) ∈ R[x].)

The most important property of maximal ideals relates to the corresponding quo-tient rings.

Theorem 4.2 Let R be a commutative ring with identity, and let M be an ideal in R.Then M is a maximal ideal if and only if the quotient ring R/M is a field.

Proof. Suppose first that M is maximal. The ring R/M is commutative, since R iscommutative. ((x+M)(y +M) = xy +M = yx+M = (y +M)(x+M).) It also hasan identity 1R/M = 1R +M . Moreover, 1R/M 6= 0R/M since 1R /∈ M . (If 1R ∈ M , thenM = R, contadicting the definition of maximal ideal.)

To show that R/M is a field, it remains to prove that every nonzero element x+Min R/M has an inverse. Now x /∈ M , since x + M 6= 0 + M . We will show thatI = M + xR = {m+ xr; m ∈M, r ∈ R} is an ideal in R. Clearly M ⊂ I, and M 6= Isince x ∈ I and x /∈ M . Since M is maximal, it follows that I = R, and in particular1R ∈ I – say 1R = m+xy with m ∈M and y ∈ R. Then (x+M)(y+M) = xy+M =(1R −m) +M = 1R +M , so x+M has an inverse in R/M , as required.

We still have to check that I is an ideal. Let m1,m2 ∈ M and r1, r2, s ∈ R.Then (m1 + xr1) + (m2 + xr2) = (m1 + m2) + x(r1 + r2) ∈ I, 0 = 0 + x0 ∈ I,−(m1 +xr1) = (−m1)+x(−r1) ∈ I, and s(m1 +xr1) = (m1 +xr1)s = m1s+x(r1s) ∈ I.Hence I is an ideal, as claimed.

Conversely, suppose that R/M is a field. Then M 6= R, since otherwise 0 = 1 inR/M , contrary to the definition of a field. Suppose I is an ideal of R with M ⊂ I ⊂ R.By the third isomorphism theorem, I/M is an ideal in the field F = R/M . But afield F has only two ideals F and {0}. If I/M = F = R/M then I = R, while ifI/M = {0} = M/M then I = M . Hence M is maximal, as required.

4.3 Prime ideals

Ideals were originally introduced in number theory, in a (failed) attempt to proveFermat’s Last Theorem, that xn + yn = zn has no nontrivial integer solutions whenn > 2. The meaning was something like ‘ideal number’. One should think of anarbitrary ideal as a generalisation of the principal ideals nZ of Z, which correspond tothe natural numbers n.

4.3. PRIME IDEALS 41

In this context, the concept of a prime ideal is a generalisation of prime number.Properties of prime numbers are defined in terms of divisibility of natural numbers. If(say) n divides x, then x = ny for some y, so x ∈ nZ. Thus divisibility of numberscorresponds to membership of ideals. This prompts the following definition.

Definition An ideal P of a ring R is prime if P 6= R and, whenever x, y ∈ R such thatxy ∈ P , then at least one of x ∈ P , y ∈ P holds.

Examples

1. If p is a prime number, then pZ is a prime ideal in Z.

Clearly pZ 6= Z, since p ≥ 2. Suppose that x, y ∈ Z and that xy ∈ pZ. Then theprime number p divides xy, so by the properties of prime numbers, p divides atleast one of x, y. In other words, at least one of x, y belongs to pZ.

2. Let R be a commutative ring with identity. Then every maximal ideal of R isprime.

If M is a maximal ideal of R then M 6= R. Moreover, the quotient ring R/M is afield. If x, y ∈ R with xy ∈M , then (x+M)(y+M) = 0 +M in the field R/M ,which is possible only if one of the elements x+M, y +M is zero in R/M . But,for example, x+M = 0 +M if and only if x ∈M .

3. The ideal xZ[x] is prime, but not maximal, in Z[x].

Certainly, xZ[x] is not maximal, since the quotient ring Z[x]/xZ[x] ∼= Z is not afield. Also xZ[x] 6= Z[x].

Note that p(x) ∈ xZ[x] if and only if p(0) = 0. If p(x), q(x) ∈ Z[x] with p(x)q(x) ∈xZ[x], then p(0)q(0) = 0, so either p(0) = 0 or q(0) = 0 (or both). But p(0) = 0if and only if p(x) ∈ xZ[x], and similarly for q(x).

We characterised maximal ideals in a commutative ring with identity as those forwhich the corresponding quotient ring is a field. There is a similar characterisation ofprime ideals.

Theorem 4.3 Let R be a commutative ring with identity, and let P be an ideal in R.Then P is a prime ideal if and only if the quotient ring R/P is a non-zero integraldomain.

Proof. Suppose first that P is a prime ideal. Then P 6= R, so 1R /∈ P , and R/P is acommutative ring with identity 1 6= 0.

To show that R/P has no zero-divisors, suppose that x, y ∈ R such that (x+P )(y+P ) = (0 + P ) = P . Then xy ∈ P . Since P is prime, at least one of x, y belongs to P ,so at least one of x+ P , y + P is the zero element 0 + P of R/P .

Conversely, suppose that R/P is a non-zero integral domain. Then P 6= R sinceR/P 6= {0}. To show that P is prime, suppose that x, y ∈ R with xy ∈ P . Then


(x + P )(y + P ) = xy + P = P = 0 + P in R/P . But R/P has no zero-divisors, so atleast one of x+P , y+P is equal to 0 +P . In other words, at least one of x, y belongsto P . Hence P is prime, as claimed.

4.3. PRIME IDEALS 43

Exercises on principal ideals, maximal ideals and

prime ideals

1. Let m,n be non-negative integers. In the product ring Z×Z, show that the idealmZ×nZ is principal, with generator (m,n). Deduce that every ideal in Z×Z isprincipal. Why is Z× Z not a principal ideal domain?

2. If φ : R→ S is a ring homomorphism, and I is an ideal in S, show that

φ−1(I) = {r ∈ R; φ(r) ∈ I}

is an ideal in R. Deduce that every ideal in Zn is principal.

3. In the ring Z× Z show that

(a) Z× 2Z is a maximal ideal;

(b) Z× {0} is a prime ideal which is not a maximal ideal;

(c) 2Z× 2Z is not a prime ideal.

4. Find all the maximal ideals in Z12.

5. Determine whether or not 3Z× 5Z× 7Z is a prime ideal in Z× Z× Z.

6. Apply the first isomorphism theorem to the evaluation homomorphism Z[x]→ Z,p(x) 7→ p(1), to show that the ideal J := {p(x) ∈ Z[x]; p(1) = 0} of the ring Z[x]is not maximal. Is J prime?

7. Let R be a finite commutative ring with identity. Show that every prime ideal ofR is a maximal ideal.

Chapter 5

Polynomial Rings

In this chapter we will study rings of the form R[x], the ring of polynomials in onevariable x with coefficients from the ring R.

In practice, we will mainly be interested in the case where R is a field, or at leastan integral domain. But the definition makes sense for any commutative ring R.

5.1 Polynomials

Let R be a commutative ring, and let n ≥ 0 be an integer. A polynomial in x of degreen with coefficients from R is a formal expression

p(x) = anxn + an−1x

n−1 + · · ·+ a1x+ a0,

where a0, . . . , an ∈ R. If d > 0 then we insist that the leading coefficient an is nonzero.If R has an identity 1R, and the leading coefficient of p(x) is 1R, then p(x) is said

to be a monic polynomial.The collection of all polynomials with coefficients from R forms a commutative ring

R[x], with addition and multiplication defined just as for polynomials with coefficientsin familiar rings such as Z or R.

In earlier chapters, we have already noted some properties of polynomials andpolynomial rings. The following have either been proved earlier or are easy to check.

Lemma 5.1 1. If p(x), q(x) ∈ R[x] have degrees m,n respectively, and m 6= n, thenp(x) + q(x) has degree max(m,n). (If m = n, then the degree of p(x) + q(x) is atmost n.)

2. If p(x) ∈ R[x] has degree n, then so does −p(x).

3. If p(x), q(x) ∈ R[x] have degrees m,n respectively, then the degree of p(x)q(x) isat most m + n. If R is an integral domain and p(x) 6= 0 6= q(x), then the degreeof p(x)q(x) is exactly m+ n.

45

46 CHAPTER 5. POLYNOMIAL RINGS

4. If R is an integral domain, then so is R[x].

5. If F is a field, then F [x] is a principal ideal domain.

If S is a ring containing R, α ∈ S, and p(x) ∈ R[x], then R[x] ⊂ S[x], so wecan think of p(x) as having coefficients in S. We can also substitute α for x in theexpression

p(x) = anxn + an−1x

n−1 + · · ·+ a1x+ a0

for p(x) to get an expression

p(α) = anαn + an−1α

n−1 + · · ·+ a1α + a0,

which we can evaluate in S.This gives rise to an evaluation homomorphism φα : R[x]→ S, φα(p(x)) := p(α).

One can also consider polynomial rings in two or more variables, with appropriatedefinitions. One way to think of such a ring R[x1, . . . , xd] is as an iterated polynomialring R[x1][x2] · · · [xd]. In other words, R[x1, . . . , xd] is the ring of polynomials in xdwith coefficients from R[x1, . . . , xd−1], which is itself the ring of polynomials in xd−1

with coefficients from R[x1, . . . , xd−2], etc.This allows us to use inductive arguments, to prove results such as:

Theorem 5.2 If R is an integral domain, and d > 0, then R[x1, . . . , xd] is also anintegral domain.

In this course, we will however concentrate on polynomial rings in one variable only.

5.2 Polynomials with coefficients in a field

Suppose that F is a field. Then we have seen that the polynomial ring F [x] is aprincipal ideal domain. So we can associate, to every ideal, a generator p(x) of thatideal. Suppose that I = p(x)F [x] and J = q(x)F [x] are two ideals in F [x]. Then wecan translate properties of the ideals into properties of their generators.

For example, J ⊂ I if and only if q(x) ∈ I, since J is the smallest ideal containingq(x). But q(x) ∈ I = p(x)F [x] if and only if q(x) = p(x)a(x) for some polynomiala(x) ∈ F [x]. If this happens, we say that q(x) is a multiple of p(x), or that p(x) dividesq(x), or that p(x) is a factor of q(x).

One obvious question to ask is when two different polynomials generate the sameideal. (We cannot expect, in general, that the generator of an ideal will be unique.)

Lemma 5.3 Let F be a field and p(x), q(x) ∈ F [x]. Then p(x)F [x] = q(x)F [x] if andonly if q(x) = ap(x) for some nonzero constant a ∈ F .

5.3. LONG DIVISION AND THE EUCLIDEAN ALGORITHM 47

Proof. Now p(x)F [x] = q(x)F [x] if and only if there are polynomials a(x) and b(x)such that q(x) = p(x)a(x) and p(x) = q(x)b(x). This is true if and only if p(x)(1 −a(x)b(x)) = 0 = q(x)(1−b(x)a(x)). Since F [x] is an integral domain, this means eitherp(x) = 0 = q(x) or a(x)b(x) = 1.

In the second case, the degrees of a(x) and b(x) are both 0, since the producta(x)b(x) has degree 0, so a is a nonzero constant in F , with inverse b.

Conversely, if q(x) = ap(x) ∈ p(x)F [x] with a a nonzero constant, then a is aunit in F , so has an inverse, b ∈ F say, and then p(x) = bq(x) ∈ q(x)F [x], and sop(x)F [x] = q(x)F [x].

Corollary 5.4 Every nonzero ideal I in F [x] has the form p(x) for a monic polynomialp(x). Moreover, this choice of monic polynomial is uniquely determined by I.

Proof. Certainly I is principal, so I = q(x)F [x] for some nonzero polynomial q(x). Sinceq(x) 6= 0, the leading coefficient an (say) of q(x) is nonzero. Define p(x) = a−1

n q(x).Then p(x) has leading coefficient a−1

n an = 1, so is monic. Also, by the lemma, we havep(x)F [x] = q(x)F [x] = I.

If r(x) is another monic polynomial that generates I, then the lemma says thatr(x) = ap(x) for some constant a 6= 0. Comparing leading coefficients, we see that1 = a.1, so a = 1 and r(x) = p(x), as claimed.

5.3 Long division and the euclidean algorithm

If we are given an ideal I 6= {0} in F [x] in some abstract way, how can we find its(monic) generator polynomial? Have another look at the proof that F [x] is a PID toget a hint. I = p(x)F [x] where p(x) is the unique monic polynomial of least degreein I. (This makes sense: suppose that p(x), q(x) ∈ I are monic polynomials of leastpossible degree d, then either p(x) = q(x) or p(x) − q(x) ∈ I is a nonzero polynomialof degree less than d. Some multiple of this will be monic, giving a contradiction.)

Here is a specific example. Suppose that I = p(x)F [x] and J = q(x)F [x] are twononzero ideals in F [x]. Then the set I + J := {x+ y;x ∈ I, y ∈ J} is an ideal in F [x]that contains both I and J . Hence I + J = h(x)F [x] for some polynomial h(x) thatdivides both p(x) and q(x). Can we find h(x)?

Before solving this problem, let us consider the analogous problem in a more familiarPID, namely Z. Given positive integers m,n, the ideal mZ+nZ has the form hZ whereh is a common factor of m and n. Indeed h is the highest common factor of m,n. Thereis a well-known method of finding h called the Euclidean algorithm: interchange m,nif necessary so that m ≤ n. Divide n by m to get a remainder r with 0 ≤ r < m ≤ n.If r = 0 then m is the highest common factor; otherwise replace the pair (m,n) by(r,m) and continue.


Example Find the highest common factor of 63 and 96.

96 = 1× 63 + 33.

63 = 1× 33 + 30.

33 = 1× 30 + 3.

30 = 10× 3 + 0.

The last remainder is zero, so the previous remainder, 3 is the highest common factor.

It turns out that the same algorithm works for polynomials with coefficients from afield F , where the measurement we use for the size of a polynomial is its degree. Theindividual division steps of the algorithm work because of the following result.

Lemma 5.5 Let F be a field and a(x), b(x) ∈ F [x] \ {0}. Then there are uniquepolynomials q(x), r(x) ∈ F [x] such that

1. b(x) = a(x)q(x) + r(x); and

2. either r(x) = 0 or the degree of r(x) is less than that of a(x).

Proof. Let I be the principal ideal a(x)F [x]. If b(x) ∈ I, then we have b(x) = a(x)q(x)for some q(x) ∈ F [x] (which is unique, since F [x] is an integral domain), and the resultis true with r(x) = 0.

Otherwise, choose r(x) to be a polynomial of least possible degree in the cosetb(x) + I. This degree is less than that of a(x), as the following argument shows.Suppose that a(x) has degree m and leading coefficient α, whereas r(x) has degreen ≥ m and leading coefficient ρ. Then r(x)−α−1ρxn−ma(x) ∈ r(x) + I = b(x) + I hasdegree less than n, contrary to the choice of r(x).

It follows that the choice of r(x) is unique – if r′(x) ∈ r(x) + I also has smallerdegree than a(x), then r(x)− r′(x) ∈ I = a(x)F [x] is a multiple of a(x) but has degreeless than that of a(x), so must be zero.

Finally, b(x) − r(x) ∈ I = a(x)F [x], so b(x) − r(x) = a(x)q(x) for a (unique)polynomial q(x).

To perform a division of polynomials – that is, to find q(x) and r(x) in the notationof the lemma – we can proceed in stages corresponding to the terms of b(x). Supposethat b(x) has degree k and leading coefficient β, while a(x) has degree m ≤ k andleading coefficient α, as in the lemma. Then b1(x) = b(x)− α−1βxk−ma(x) has degreeless than k. Iterate this process. If b1(x) = a(x)q1(x)+r(x), then b(x) = a(x)q(x)+r(x),where q(x) = α−1βxk−m + q1(x).

We can lay this calculation out as a long division. For example:

5.4. REDUCIBLE AND IRREDUCIBLE POLYNOMIALS 49

x2 + 2x+ 11

x2 + x+ 1)x4 + 3x3 + 14x2 − 7x− 5

x4 + x3 + x2

2x3 + 13x2

2x3 + 2x2 + 2x

11x2 − 9x

11x2 + 11x+ 11

− 20x− 16

giving x4 + 3x3 + 14x2 − 7x− 5 = (x2 + x+ 1))(x2 + 2x+ 11) + (−20x− 16).

ExampleFind the highest common factor of x3−3x2 +x+2 and x2−4x+4. A long division

shows that x3 − 3x2 + x+ 2 = (x2 − 4x+ 4)(x+ 1) + (x− 2).A second long division shows that x2− 4x+ 4 = (x− 2)(x− 2) + 0. The remainder

is 0, so the previous remainder, x− 2 is the highest common divisor.

5.4 Reducible and irreducible polynomials

Given an ideal I in F [x], we know that the quotient ring F [x]/I will be a field if I ismaximal, and an integral domain if I is prime. But we also know that I is principal,I = p(x)F [x] for some p(x). (Indeed, we know that we can choose p(x) to be eithermonic or the zero polynomial.)

Given p(x), can we decide whether or not I = p(x)F [x] is prime or maximal? Thereis a criterion that we can use.

Definition A polynomial p(x) ∈ F [x] is reducible if it can be expressed as a productof polynomials of lower degrees. A polynomial is irreducible if it is not constant andnot reducible.

Theorem 5.6 Let F be a field, and let p(x) be a non-constant polynomial in F [x]. LetI denote the principal ideal I = p(x)F [x]. Then the following are equivalent:

(i) I is maximal;

(ii) I is prime;

(iii) p(x) is irreducible.

Proof. (i)⇒(ii). If I is maximal, then it is prime.


(ii)⇒(iii). If p(x) is reducible, say p(x) = a(x)b(x) where a(x) and b(x) each hasdegree less than that of p(x), then a(x), b(x) /∈ p(x)F [x] = I, but a(x)b(x) = p(x) ∈ I,so I is not prime.

(iii)⇒(i). It remains to show that, if p(x) is irreducible, then I is maximal. Supposethan that I ⊂ J ⊂ F [x] for some ideal J of F [x]. Since F [x] is a PID, J(x) = a(x)F [x]for some a(x). Now p(x) ∈ I ⊂ J = a(x)F [x], so p(x) = a(x)b(x) for some b(x).Since p(x) is irreducible, it is not possible that both a(x) and b(x) have degrees lessthan p(x). Hence one of a(x), b(x) has degree equal to that of p(x), and the other is anonzero constant (and hence a unit in F [x]).

There are two cases to consider. If a(x) has the same degree as p(x), then b = b(x)is a unit. Then a(x) = b−1p(x) ∈ I, so J ⊂ I and hence in fact I = J . If, on the otherhand, a = a(x) is a unit, then J = aF [x] = F [x]. We have therefore shown that I ismaximal.

Remark Whether or not a given polynomial is irreducible may depend on the field ofcoefficients in which we are working, as the following examples show.

Examples

1. x2 − 1 is reducible in F [x] for any field F , since x2 − 1 = (x− 1)(x+ 1).

2. x2+1 is irreducible in R[x]. Suppose that x2+1 is the product of two polynomialsof degree less than 2 - necessarily each of degree 1. In other words, x2 + 1 =(ax+ b)(cx+ d). Then comparing coefficients gives ac = bd = 1 and ad+ bc = 0.Hence

0 = ab(ad+ bc) = a2(bd) + b2(ac) = a2 + b2,

so a = b = 0 and 1 = ac = 0c = 0, a contradiction.

3. x2 + 1 is reducible in C[x]: x2 + 1 = (x+ i)(x− i).

The ring of polynomials over a field resembles in many ways the ring of integers,with irreducible polynomials playing the part of prime numbers. In particular, thereis the following anaologue of the Fundamental Theorem of Arithmetic, whose proof wewill omit.

Theorem 5.7 Let F be a field, and p(x) ∈ F [x] a nonconstant polynomial. Thenthere is a unique constant c and a list α1(x), . . . , αk(x) (unique up to order) of monicirreducible polynomials, such that

p(x) = cα1(x) · . . . · αk(x).

5.5. TESTING FOR IRRECUCIBILITY 51

5.5 Testing for irrecucibility

Given a (nonconstant) polynomial p(x) ∈ F [x], how can we tell whether p(x) is re-ducible or irreducible?

This partly depends on the field F , but there are some general rules based on theobservation that, if p(x) = a(x)b(x), then deg(p(x)) = deg(a(x)) + deg(b(x)), so thatat least one of the factors a(x), b(x) has degree less than or equal to 1

2deg(p(x)).

Further insight about reducibility comes from the following observation. Supposethat p(x) ∈ F and a ∈ F . Consider the evaluation homomorphism φa : F [x] → F ,φa(p(x)) := p(a). Clearly the linear polynomial x− a belongs to the kernel of φa. Butx− a is irreducible, since it cannot be expressed as a product of constant polynomials.Hence (x−a)F [x] is maximal, and (x−a)F [x] ⊂ Ker(φa) ⊂ F [x]. But Ker(φa) 6= F [x],since for example φa(1) = 1 6= 0. Hence Ker(φa) = (x − a)F [x]. This proves thefollowing result.

Lemma 5.8 Let F be a field, a ∈ F and p(x) ∈ F [x]. Then x− a is a factor of p(x)if and only if a is a root of p(x) (that is, p(a) = 0, or p(x) ∈ Ker(φa)).

Tests for irreducibility

1. Linear (i.e. degree 1) polynomials ax+ b (with a 6= 0) are always irreducible.

2. A quadratic (degree 2) or cubic (degree 3) polynomial p(x) ∈ F [x] is reducible ifand only if p(x) has a root in F .

3. A polynomial p(x) of degree 4 or 5 in F [x] is reducible if and only if p(x) eitherhas a root in F or a quadratic factor.

As mentioned above, questions of irreducibility vary according to the field F . Inparticular, when F = C, everything is completely explained by the remarkable theoremof Gauss:

Theorem 5.9 (Fundamental Theorem of Algebra) Let p(x) ∈ C[x] be a nonconstantpolynomial. then p(x) has a root in C.

Corollary 5.10 A polynomial p(x) ∈ C[x] is irreducible if and only if p(x) is linear.

Corollary 5.11 Every poynomial in R[x] of degree greater than 2 is reducible.

Proof. Let p(x) ∈ R[x] ⊂ C[x] be a polynomial of degree greater than 2. Then p(x) hasa root a ∈ C. If a ∈ R then x− a is a factor of p(x) in R[x]. Otherwise, the complexconjugate a is also a root of p(x), so x− a and x− a are both factors of p(x) (in C[x]).Hence so is (x− a)(x− a) = x2 − (2Re(a))x + |a|2 ∈ R[x]. Hence p(x) has a factor ofdegree at most 2 in R[x], so is reducible.

In a (small) finite field, it is easy to check for roots (and hence linear factors) of apolynomial by direct calculation.

Examples


1. x3 + 2 has no roots in Z7, and so is irreducible:

x 0 1 2 3 4 5 6x3 + 2 2 3 3 1 3 1 1

2. x4 + x+ 1 has no roots in Z2:

x 0 1x4 + x+ 1 1 1

Since x4 + x + 1 has degree 4, this does not necessarily mean that x4 + x + 1 isirreducible. We need to check also that x4 + x+ +1 has no quadratic factors. Infact, it is enough to check for irreducible quadratic factors, since if a polynomialhas a reducible quadratic factor, it has a linear factor and hence a root. But ofthe four quadratic polyomials x2 +ax+ b ∈ Z2[x], only one is irreducible, namelyx2 +x+1. Since (x2 +x+1)2 = x4 +x2 +1 6= x4 +x+1, it follows that x4 +x+1is indeed irreducible in Z2[x].

We can also do computations in Q easily to show that certain polynomials areirredcucible.

Example x3 + x+ 1 is irreducible in Q[x].Otherwise, there would be a root m/n in Q, so an equation

m3

n3+m

n+ 1 = 0.

Multiplying both sides by n3 6= 0, we get m3 +mn2 + n2 = 0. Form this equation, wesee that, if m has a prime factor p, then n3 = 0 mod p, so p is also a prime factor ofn. Similarly, if q is a prime factor of n, then m3 = 0 mod q, so q is also a prime factorof m. But we can choose m,n to have no common factors, so the only possibility ism = ±n = ±1. By direct evaluation, neither 1 nor −1 is a root of x3 + x = 1, sox3 + x = 1 has no rational roots, and so is irreducible.

There are two other results which help us decide questions of reducibility in Q[x]:

Theorem 5.12 (Gauss’ Lemma) Let p(x) ∈ Z[x]. Then p(x) is reducible in Q[x] ifand only if it is reducible in Z[x].

Theorem 5.13 (Eisenstein’s criterion) Let α(x) = anxn + · · · + a1x + a0 ∈ Z[x].

Suppose that p is a prime number such that p divides a0, a1, . . . , an−1 but does notdivide an, and that p2 does not divide a0. Then α(x) is irreducible in Q[x].

Examples

1. x300 − 17 is irreducible in Q[x] (by Eisenstein’s criterion with p = 17).

5.5. TESTING FOR IRRECUCIBILITY 53

2. x4 + x + 1 is irreducible in Q[x]. For otherwise it is reducible in Z[x] by Gauss’lemma. If it has a linear factor, x4 + x + 1 = (ax + b)(cx3 + dx2 + ex + f) inZ[x], then equating coefficients gives ac = bf = 1, so a = ±b = ±1. This isimpossible since ±1 are not roots of x4 +x+1. If there are two quadratic factors:x4 + x+ 1 = (ax2 + bx+ c)(dx2 + ex+ f), then again equating coefficients givesad = cf = 1, and also 0 = ae+ bd = ±(e+ b), and 1 = bf + ce = ±(b+ e). Thisgives a contradiction.


Exercises on polynomial rings

1. Determine whether or not the following polynomials are irreducible in the givenpolynomial rings:

(a) x2 + x+ 1 in Z2[x];

(b) x3 + x2 + 3x+ 5 in Z7[x];

(c) x2 + 5x− 3 in R[x];

(d) x3 − 17x2 + 24x− 1 in R[x];

(e) x345 − 53x77 + 1234567x22 − 2x+ 1 in C[x].

(f) x2 + x− 5 in Q[x];

(g) x5 + x2 + x in Z2[x].

2. In the field Z5, show that a5 = a for every a ∈ Z5. Deduce that

x5 − x = x(x− 1)(x− 2)(x− 3)(x− 4)

in Z5[x].

3. Let F be a field and I 6= F [x] an ideal in F [x]. Let g(x) ∈ F [x] be an irreduciblepolynomial such that g(x) ∈ I. Show that I = g(x)F [x].

4. Use Gauss’ Lemma to show that p(x) = x4 +x3 +x2 +x+1 is irreducible in Q[x].

5. Find all the roots of x6 + 1 in C, and hence factorise x6 + 1 as a product of threeirreducible quadratics in R[x].

6. (a) Explain why Q[x]/(x2 + 3)Q[x] is a field.

(b) Let Q[√−3] = {a + b

√−3 ∈ C | a, b ∈ Q}. This is a ring under addition

and multiplication of complex numbers. Show that there is an isomorphismof rings

Q[x]/(x2 + 3)Q[x] ∼= Q[√−3]

7. We have seen in lectures that, if F is a field, then F [x] is a principal ideal domain.The converse is also true: if R is a commutative ring such that R[x] is a principalideal domain, then R is a field. Prove this in steps as follows:

(a) If R[x] has an identity, then so does R.

(b) If R has zero-divisors, then so does R[x].

(c) If R is an integral domain and r ∈ Rr{0} has no inverse, then I := {p(x) ∈R[x]; p(0) ∈ rR} is a non-principal ideal in R[x]. (Compare the example ofZ[x] in the lecture notes.)

Chapter 6

Field Extensions

6.1 Extending a given field

The techniques we have learnt in previous chapters can be put together to constructnew examples of fields. The basic idea is the following. Start from a familiar fieldF (such as Q or Zp for some prime number p). Find a monic irreducible polynomialp(x) ∈ F [x]. Then the principal ideal I = p(x)F [x] is maximal, and so the quotientring K = F [x]/I is a field.

Examples

1. Let F = R, and let p(x) = x2 + 1, which has no root in R and so is irreduciblein R[x]. As we have already seen, the resulting field K = R[x]/(x2 + 1)R[x] isisomorphic to the field C of complex numbers.

2. Let F = Q, and let p(x) = x2 +1, which is irreducible in Q[x]. Then the quotientfield Q[x]/(x2 + 1)Q[x] is isomorphic to the field Q[i] of Gaussian rationals.

3. Let F = Z2, and let p(x) = x2+x+1 (the only irreducible quadratic polynomial inZ2[x]. Then the resulting field Z2[x]/(x2 +x+1)Z2[x] has four elements 0 = 0+I,1 = 1+I, a = x+I, b = (x+1)+I, where I = (x2 +x+1)Z−2[x]. The additionand multiplication tables can be deduced from the rule that (x2+x+1)+I = 0+I:for example, a2 = x2 + I = x+ 1 + I = b in this field. In fact, it is easy to checkthat this field is isomorphic to the field of four elements we saw in an earlierchapter.

In each of these examples, the first field F is (isomorphic to) a subfield of theresulting field K. Indeed, this is a general feature of our construction. To see this, recallthat the units in the polynomial ring F [x] are just the nonzero constant polynomials,in other words the units of F . Since the maximal ideal I = p(x)F [x] is not the wholering, it cannot contain any units, so the homomorphism f : F → K, f(r) = r + I, isinjective. (Here we are regarding r ∈ F as a constant polynomial in F [x].)

55

56 CHAPTER 6. FIELD EXTENSIONS

It follows from the first isomorphism theorem that Im(f) is isomorphic to F . Wewe will always identify the subfield Im(f) of K with F via the isomorphism f . Wehave thus constructed a field K containing F as a subfield. Furthermore, the largerfield K contains an element α = x + I such that p(α) = p(x) + I = 0 + I. In otherwords, α is a root of p(x) in K.

This is a special case of the following result.

Theorem 6.1 (Kronecker’s Theorem) Let F be a field, and p(x) a non-constant poly-nomial in F [x]. Then there exists a field K, containing F as a subfield, such that p(x)has a root in K.

Proof. If p(x) is irreducible, then the construction described above produces the desiredfield K. If p(x) is reducible, then it has at least one irreducible factor, q(x) say. Ourconstruction produces a field K ⊃ F such that K contains a root α of q(x). Since p(x)is a multiple of q(x), α is also a root of p(x).

Let us take a closer look at the field K = F [x]/I that we have constructed, whereI = p(x)F [x] and p(x) is a monic irreducible polynomial in F [x]. We know that F ⊂ Kand that K contains a root α = x+ I of p(x). What are the other elements of K? Ofcourse, each element of K is a coset a(x)+I = a(α) for some a(x) ∈ F [x]. The elementa(x) is not unique, but if two elements a(x), b(x) ∈ F [x] define the same element of K,then a(x) − b(x) ∈ I = p(x)F [x]. Given a(x) ∈ F [x], there is a unique representationa(x) = q(x)p(x) + r(x) with r(x) = 0 or deg(r(x)) < deg(p(x)). In other words, thereis a unique representative r(x) ∈ a(x) + I with r(x) = 0 or deg(r(x)) < deg(p(x)).

If deg(p(x)) = 1, then this says that every coset of I is represented by an elementof F , so the map f : F → F/I = K is an isomorphism.

If deg(p(x)) = n > 1, then p(x) = xn − c(x) for some c(x) 6= 0 with deg(c(x)) < n.The elements of K correspond to the polynomials of degree less than n in F [x]. Theseform an n-dimensional vector space over F , with basis B = {1, α, α2, . . . , αn−1}. Atypical element has the form

d(α) = λ0 + λ1α + · · ·+ λn−1αn−1 = d(x) + I,

where λ0, . . . , λn−1 ∈ F , so d(x) = λ0 + λ1x + · · · + λn−1xn−1 is a polynomial in F [x]

of degree at most n− 1.The rule (d(x) + I) + (e(x) + I) = (d(x) + e(x)) + I for adding in K = F [x]/I tells

us that we add two such expressions simply by adding the corresponding coefficients ofpowers of α. Hence the additive group (K,+) is isomorphic to the vector space (F n,+)of dimension n over F .

How do we multiply elements of K together? Again, the rule (d(x)+ I)(e(x)+ I) =(d(x)e(x)) + I tells us. However, the polynomial d(x)e(x) may have degree greaterthan n− 1. We can correct that by using the rule p(α) = 0 (or αn = c(α)) to replacehigh powers of α by F -linear combinations of lower powers.

6.1. EXTENDING A GIVEN FIELD 57

Examples

1. In C = R[x]/(x2 + 1)R[x], we write every element (uniquely) in the form a + bi,where i ∈ C is a root of x2 + 1. The elements 1, i form a basis of C as a vectorspace over R, giving the familiar rule for adding complex numbers:

(a+ bi) + (c+ di) = (a+ c) + (b+ d)i.

Multiplying two complex numbers (a + bi), (c + di) together yields ac + (ad +bc)i+bdi2. To get this into the canonical form, we need to apply the rule i2 = −1to get the familiar multiplicaiton rule:

(a+ bi)(c+ di) = (ac− bd) + (ad+ bc)i.

2. Consider the complex number ω = −12

+√

32i. This is a cube root of unity in

C. It is easy to show that ω2 is the complex conjugate ω = −12−√

32i of ω,

and ω3 = 1. Indeed, ω2 + ω + 1 = 0 in C, so ω is a root of the irreduciblepolynomial x2 + x + 1 ∈ Q[x]. Hence the set Q[ω] of all complex numbers ofthe form a + bω, a, b ∈ Q forms a subfield of C isomorphic to the quotient fieldQ[x]/(x2 + x+ 1)Q[x].

The elements of Q[x] have the form a+ bω and addition rule

(a+ bω) + (c+ dω) = (a+ c) + (b+ d)ω.

The multiplication rule in Q[ω] is derived in the same way as that for C, butusing the rule that ω2 + ω + 1 = 0, or alternatively, ω2 = −1− ω. Hence

(a+ bω) + (c+ dω) = (ac− bd) + (ad+ bc− bd)ω.

3. The polynomial p(x) = x3 + x + 1 ∈ Z2[x] has no roots in Z2, since an easycalculation shows that p(0) = p(1) = 1. Hence p(x) is irreducible in Z2[x], sothe ideal I = p(x)Z2[x] is maximal, and the quotient ring K = Z2[x]/I is a field.Since p(x) has degree 3, the field K has precisely 23 = 8 elements: a+ bx+ cx2,a, b, c ∈ Z2.

Different elements are added by adding the coefficients of 1, x and x2 modulo2. For example (1 + x) + (1 + x2) = x + x2. Elements of K are multiplied byexpanding brackets and using the rule x3 = 1 + x to eliminate higher powers ofx. For example

(1 + x2)(x+ x2) = x+ x2 + x3 + x4 = x+ x2 + (1 + x) + (x+ x2) = 1 + x.


6.2 Algebraic number fields

A complex number α is said to be algebraic if it is a root of some nonzero polynomialp(x) ∈ Q[x]. Thus, for example,

√2, i, 1 + i, and 1

2+√

32i are algebraic numbers, being

roots of x2 − 2, x2 + 1, x4 + 4 and x3 + 1 respectively.

Theorem 6.2 Let α ∈ C be an algebraic number. Then there is a unique monicirreducible polynomial m(x) ∈ Q[x] such that m(α) = 0 in C. The smallest subfield ofC containing α is then isomorphic to Q[x]/m(x)Q[x].

Proof. Let φ = φα : Q[x]→ C be the evaluation homomorphism, φ(p(x)) = p(α). ThenK = Im(φ) is a subring of C containing φ(1) = 1, so K is an integral domain. Bythe First Isomorphism Theorem, K ∼= Q[x]/I, where I = Ker(φ). Hence I is a primeideal. Now I 6= {0}, since by definition α is the root of at least one nonzero polynomialin Q[x]. Hence I = p(x)Q[x] for some irreducible polynomial p(x) ∈ Q[x]. We haveseen earlier that p(x) is not unique, but that p(x)Q[x] = I = q(x)Q[x] if and only ifq(x) = ap(x) for some a ∈ Qr {0}. There is a unique choice of a (namely the inverseof the leading coefficent of p(x), such that m(x) = ap(x) is monic, and hence a uniquemonic irreducible polynomial m(x) ∈ Q[x] such that I = m(x)Q[x]. It follows fromthis that I is maximal, and hence that K is a field.

By definition, m(α) = φ(m(x)) = 0, since m(x) ∈ I = Ker(φ). If n(x) is anothermonic irreducible polynomial such that n(α) = 0, then n(x) ∈ I = m(x)Q[x], so n(x) isa multiple of m(x). Since n(x) is irreducible, n(x) = am(x) for some nonzero constanta ∈ Q. But m(x) and n(x) are both monic, so a = 1 and n(x) = m(x). Hence m(x) isthe unique monic irreducible polynomial in Q[x] for which α is a root.

We have also seen that K is a subfield of C that is isomorphic to Q[x]/I =Q[x]/m(x)Q[x]. It is also clear that K contains φ(x) = α, and that, for any a ∈ Q, Kcontains φ(a) = a.

Now suppose that L is another subfield of C containing α. Then 0, 1 ∈ L, and aneasy inductive argument shows that n ∈ L for any non-negative integer n. If m,n arenonnegative integers with n 6= 0, then m,n ∈ L, so n−1 ∈ L, so ±mn−1 ∈ L. HenceQ ⊂ L. Since also α ∈ L, it follows that φ(p(x)) = p(α) ∈ L for any p(x) ∈ Q[x], soK = Im(φ) ⊂ L.

Hence K is the smallest subfield of C containing α, as claimed.

Remarks The monic irreducible polynomial m(x) in this theorem is called the minimalpolynomial of α.

The subfield K = Im(φα) is usually denoted Q[α]. An example is the field Q[i] ofGaussian rationals: the minimal polynomial of i is x2 + 1, and we have already seenthat Q[i] ∼= Q[x]/(x2 + 1)Q[x].

A subfield of C of the form Q[α] for some algebraic number α is called an algebraicnumber field. The study of these fields, there elements and subrings, is a branch ofnumber theory known as algebraic number theory.

6.2. ALGEBRAIC NUMBER FIELDS 59

Not every complex number is algebraic. Indeed, most complex numbers are notalgebraic, in the following sense. The set of algebraic numbers can be shown to becountable, that is, there is a bijection between that set and the set N of natural numbers.On the other hand, the set C of complex numbers can be shown to be uncountable,which means that it is strictly bigger than any countable set. Complex numbers that arenot algebraic are called transcendental. Familiar examples of transcendental numbersare π and the base e of the natural logarithms.

Examples

1. Let α = cos(2π/5) + i sin(2π/5). Then α5 = 1, so α is a root of the polynomialx5 − 1 ∈ Q[x], and so it is an algebraic number. However, the polynomial x5 − 1is not the minimal polynomial of α, because it is reducible. Indeed 1 is a root ofx5 − 1, so x− 1 is a factor of x5 − 1.

If we divide x5 − 1 by x − 1 (for example, using long division), we find thatx5 − 1 = (x− 1)(x4 + x3 + x2 + x+ 1). Since α is not a root of x− 1, it must bea root of the other factor, x4 + x3 + x2 + x+ 1.

It is not difficult to check that x4 +x3 +x2 +x+1 is irreducble in Z[x], and hencealso in Q[x] by Gauss’ Lemma. (A linear factor of x4 + x3 + x2 + x + 1 in Z[x]would have to be of the form ±x±1, but ±1 are not roots of x4 +x3 +x2 +x+1.Similarly, a quadratic factor would have to be of the form ±x2 + ax± 1 for somea ∈ Z, and comparing coefficients shows that x4 + x3 + x2 + x + 1 is not theproduct of two such quadratic factors.)

It follows that m(x) = x4 + x3 + x2 + x+ 1 is the minimal polynomial of α, andso Q[α] ∼= Q[x]/I, where I is the principal ideal generated by m(x).

The elements of Q[α] can all be expressed as Q-linear combinations of 1, α, α2

and α3, and added as a Q-vector space. The multiplication table is derived fromthe rule α4 = −1− α− α2 − α3.

2. Consider the polynomial p(x) = x2 − x − 1 ∈ Q[x]. By the quadratic formulae,the roots of p(x) are (1±

√5)/2, neither of which is rational. (One of these roots

is the golden ratio, the limit of the sequence of ratios of successive Fibonaccinumbers: 1

2, 2

3, 3

5, . . ..)

It follows that p(x) is irreducible, so the minimal polynomial of either of its roots.If α is one of these roots, then the resulting field Q[α] ⊂ R is isomorphic to thequotient ring Q[x]/(x2 − x− 1)Q[x]. The elements of Q[α] have the form a+ bαfor a, b ∈ Q. Addition is defined in the obvious way, and multiplication is definedusing the rule α2 = α + 1.

This example differs from the previous example, since the algebraic number αis not a root of unity. Indeed, |α| 6= 1, so the powers αn of α either increaseunboundedly as n → ∞, or converge to 0 (depending on which root of p(x)


is chosen for α). However, all these powers belong to Q[α], and they can becomputed in the form a+ bα using the rule α2 = 1 + α:

α2 = 1+α, α3 = α+α2 = 1+2α, α4 = α+2α2 = 2+3α, α5 = 2α+3α2 = 3+5α,and so on. Can you spot a pattern?

Similarly, we can compute the negative powers of α. To do this, divide theequation α2 = 1 + α by α and rearrange to get α−1 = −1 + α. Then iterate:

α−2 = −α−1 + 1 = 2−α, α−3 = 2α−1− 1 = −3 + 2α, α−4 = −3α−1 + 2 = 5− 3α,and so on. Can you spot another pattern?

3. Let α be a cube root of 2 in C. Then α is a root of x3 − 2 ∈ Q[x], and so isan algebraic number. However, there is no root of x3 − 2 in Q, so x3 − 2 is amonic irreducible, and is therefore the minimal polynomial of α. Hence Q[α] ={a+bα+cα2 ; a, b, c ∈ Q} is a subfield of C that is isomorphic toQ[x]/(x3−2)Q[x].Addition in Q[x] is defined in the obvious way, and multiplication is defined usingthe rule that α3 = 2.

Notice that in this example there are three different choices for α, since there arethree distinct cube roots of 2 in C. One of these is real, so the resulting fieldQ[α] is contained in R. For the other two choices, Q[α] 6⊂ R since α /∈ R. Thuswe get three distinct subfields F1, F2 and F3 of C. While these subfields are notequal, they are isomorphic to each other: F1

∼= F2∼= F3, since each is isomorphic

to Q[x]/(x3 − 2)Q[x].

6.3 Finite fields

We have seen that Zp is a field for any prime number p. Given any (monic) irreduciblepolynomial m(x) ∈ Zp[x], Kronecker’s Theorem gives an extension of Zp in which m(x)has a root - specifically K = Zp[x]/m(x)Zp[x]. As we have seen, the elements of thisfield can be naturally expressed in the form

a0 + a1x+ · · ·+ ad−1xd−1,

where d = deg(m(x)) and each ai ∈ Zp. There are p possible values for each ai, andhence pd elements in K.

Indeed, the additive group (K,+) is isomorphic to Zdp, the d-dimensional vectorspace over the field Zp.

Examples

1. m(x) = x2+x+1 has no roots in Z2, so it is irreducible in Z2[x], so Z2[x]/m(x)Z2[x]is a field of order 4. Its elements are 0, 1, x, 1+x, with addition and multiplicationtables

6.3. FINITE FIELDS 61

+ 0 1 x 1 + x

0 0 1 x 1 + x1 1 0 1 + x xx x 1 + x 0 1

1 + x 1 + x x 1 0

× 0 1 x 1 + x

0 0 0 0 01 0 1 x 1 + xx 0 x 1 + x 1

1 + x 0 1 + x 1 x

2. Similarly, m(x) = x2 + x+ 1 has no roots in Z5, as we can easily calculate:

x 0 1 2 3 4m(x) 1 3 2 3 1

Hence m(x) is irreducible in Z5[x], and Z5[x]/m(x)Z5[x] is a field of order 52 = 25.Its elements have the form a = bx, a, b ∈ Z5, with addition defined modulo 5,and multiplication defined modulo 5 using the rule x2 = −1− x = 4 + 4x. Thus,for example, we could compute

(1 + 2x)(2 + 3x) = 1 + 7x+ 6x2 = 1 + 2x+ x2 = 1 + 2x+ (4 + 4x) = 5 + 6x = x.

3. m(x) = x3+x+1 has no roots in Z2, so is irreducible in Z2[x]. Hence Z2[x]/m(x)Z2[x]is a field of order 23 = 8. Its elements have the form a + bx + cx2, a, b, c ∈ Z2,with addition and multiplication defined modulo 2 using the rule x3 = 1 +x. Forexample, we can comupte the inverse of x in this field by multiplying both sidesof the equation x3 = 1 + x by x−1 and rearranging, to get x−1 = 1 + x2. Todouble-check:

(1 + x2)x = x+ x3 = x+ (1 + x) = 1.

We refer to the number of elements in a finite field F as its order, denoted |F |.Thus the exmaples that we can construct using Kronecker’s Theorem each have orderof the form pd, a prime power. It turns out that this is no acident.

Theorem 6.3 Let F be a finite field. Then there exist a prime number p and a positiveinteger d such that F has a subfield isomorphic to Zp, and F has order pd.

Proof. Consider the ring homomorphism f : Z→ F defined inductively by f(0) = 0F ,f(n + 1) = f(n) + 1F and f(−n) = −f(n). The image of this homomorphism is asubring of F containing 1F , so it is a finite integral domain. But finite integral domainsare fields, so K = Im(f) is a subfield of F .

By the First Isomorphism Theorem, K ∼= Z/Ker(f), so Ker(f) is a maximal idealof Z, and so of the form pZ for some prime number p. Thus

K = Im(f) ∼= Z/pZ ∼= Zp.


Note also that the additive group of F is a vector space of dimension 1 over F ,where we define scalar multiplication to be the multiplication of F . The rules forscalar multiplication in a vector space are satisfied because of the associativity anddistributivity of multiplication in F :

x(yz) = (xy)z; x(y + z) = xy + xz.

Since K is a subfield of F , (F,+) is also a vector space over K. Since F is finite, itmust be finite-dimensional over K, of dimension d, say. If B = {x1, . . . , xd} is a K-basisfor F , then the elements of F can be uniquely expressed in the form a1x1 + · · ·+ adxdwith a1, . . . , ad ∈ K. Since K has order p, there are p possible values for each ai, so pd

different elements in F . Hence |F | = pd, as required.

The converse of this theorem is also true, in a surprisingly strong form.

Theorem 6.4 Let p be a prime number, and d a positive integer. Then there exists afield of order pd. Moreover, this field is unique up to isomorphism: if F1 and F2 arefields of order pd, then F1

∼= F2.

I will omit the proof of this theorem, but you can probably imagine how it goes. Toprove existence, we do a counting argument to show that there is at least one monicirreducible polynomial in Zp of degree d. (For example, in the case d = 2 there are p2

monic quadratics x2 + ax + b, of which p(p + 1)/2 are products (x + c)(x + d) of twolinears.)

To prove uniqueness, we check that (i) every field of order pd contains an elementwhose minimal polynomial in Zp[x] has degree d; and (ii) if m(x), n(x) ∈ Zp[x] areirreducibles of degree d, then Zp[x]/m(x)Zp[x] ∼= Zp[x]/n(x)Zp[x].

Example Consider the field Z3. Of the three elements in Z3, only two of them, 0 and1, are squares. Thus x2 + 1 has no root in Z3, so is irreducible. Let I = (x2 + 1)Z3[x]and let K = Z3[x]/I be the field of order 9. Let us denote the element x + I of K byα. Then the elements of K are a + bα for a, b ∈ Z3. The addition and multiplicationtables in K are given by

+ 0 1 2 α 1 + α 2 + α 2α 1 + 2α 2 + 2α

0 0 1 2 α 1 + α 2 + α 2α 1 + 2α 2 + 2α1 1 2 0 1 + α 2 + α α 1 + 2α 2 + 2α 2α2 2 0 1 2 + α α 1 + α 2 + 2α 2α 1 + 2αα α 1 + α 2 + α 2α 1 + 2α 2 + 2α 0 1 2

1 + α 1 + α 2 + α α 1 + 2α 2 + 2α 2α 1 2 02 + α 2 + α α 1 + α 2 + 2α 2α 1 + 2α 2 0 1

2α 2α 1 + 2α 2 + 2α 0 1 2 α 1 + α 2 + α1 + 2α 1 + 2α 2 + 2α 2α 1 2 0 1 + α 2 + α α2 + 2α 2 + 2α 2α 1 + 2α 2 0 1 2 + α α 1 + α


and

× 0 1 2 α 1 + α 2 + α 2α 1 + 2α 2 + 2α

0 0 0 0 0 0 0 0 0 01 0 1 2 α 1 + α 2 + α 2α 1 + 2α 2 + 2α2 0 2 1 2α 2 + 2α 1 + 2α α 2 + α 1 + αα 0 α 2α 2 2 + α 2 + 2α 1 1 + α 1 + 2α

1 + α 0 1 + α 2 + 2α 2 + α 2α 1 1 + 2α 2 α2 + α 0 2 + α 1 + 2α 2 + 2α 1 α 1 + α 2α 2

2α 0 2α α 1 1 + 2α 1 + α 2 2 + 2α 2 + α1 + 2α 0 1 + 2α 2 + α 1 + α 2 2α 2 + 2α α 12 + 2α 0 2 + 2α 1 + α 1 + 2α α 2 2 + α 1 2α

respectively. The addition table is self-explanatory, while the multiplication table iscalculated using the rule α2 = 2.

Now x2 + 2 is not the only (monic) irreducible quadratic in Z3[x]. For example,x2 + x + 2 is another monic quadratic with no roots in Z3, so is also irreducible.Therefore F = Z3[x]/(x2 + x + 2)Z3[x] is another example of a field of order 9, andF contains a root β of x2 + x + 2. The theorem classifying finite fields says that F isisomorphic to K. Can we find an explicit isomorphism?

One way to do this is to find a root of x2 + x+ 2 in K. The quadratic formula tellsus that the roots of x2 + x + 2 are (−1 ±

√12 − 4.1.2)/2, or 1 ± 2

√2 modulo 3. The

square roots of 2 in K are precisely ±α, so for example 1 + α = 1 − 2α is a root ofx2 + x+ 2.

If we consider the evaluation homomorphism φ1+α : Z3[x]→ K, defined by

φ1+α(p(x)) = p(1 + α),

then Ker(φ1+α) is precisely the principal ideal (x2 + x + 2)Z3[x], so φ1+α induces anisomorphism from F = Z3[x]/(x2 +x+ 2)Z3[x] to K, defined by a+ bβ 7→ (a+ b) + bα.

In a similar way, 2 + β is a square root of 2 in F : (2 + β)2 = 1 + β + β2 = 2, so theinverse isomorphism K → F is defined by a+ bα 7→ (a+ 2b) + bβ.

In F ∼= K, the group U(F ) = F \ {0} has order 9 − 1 = 8. The multiplicationtable for K tells us that the element β (= 1 + α) has order 8, so that the group U(F )consists precisely of the powers of β: F = {1, β, β2, β3, β4, β5, β6, β7}, with β8 = 1, soU(F ) is isomorphic to the cyclic group of order 8: (U(F ),×) ∼= (Z8,+). This is not anaccident!

Theorem 6.5 Let F be a finite field of order N = pd. Then U(F ) is a cyclic group oforder N − 1.


Proof. The group U(F ) is a finite abelian group. There is a classification theorem forfinite abelian groups which says that any such group is isomorphic to a direct productof cylic groups Zm(1) × Zm(2) × · · · × Zm(k) for some k ≥ 1 and positive integers m(i)such that m(i+ 1) is a muplitple of m(i) for each i.

In particular, if q is a prime number dividing m(1), and k > 1, then there are atleast q2 elements of order dividing q in this group: (am(1)/q, bm(2)/q, 0, . . . , 0), where0 ≤ a ≤ q − 1, 0 ≤ b ≤ q − 1.

But if α1, . . . , αq2 are q-th roots of 1 in F , then xq − 1 has q2 distinct linear factorsx− αi in F [x], and so is divisible by the degree q2 polynomial

(x− α1)(x− α2) · · · (x− αq2).

But this contradicts the rules for the degree of a product in F [x], so is impossible.Hence k = 1, and U(F ) ∼= Zm(1) is a cylic group. Its order is N − 1, since every

element of F except for 0 is a unit in F .

Corollary 6.6 Let F be a finite field of order N = pd. Then there exists an elementα ∈ U(F ) = F \ {0} which has order N − 1 in U(F ).

Definition Let F be a finite field, and α ∈ F \{0}. The order of α in the multiplicativegroup U(F ) is called the multiplicative order of α. If the multiplicative order of α isthe order N − 1 of U(F ), then we say that α is a primitive element of F . In thiscase, the units of F are all powers of α. Indeed, we can list all the elements of F asF = {0, 1, α, α2, . . . , αN−2}.

Examples

1. The polynomial x2 + x + 2 has no roots in Z5, so is irreducible in Z5[x]. HenceK = Z5[x]/(x2 + x+ 2)Z5[x] is a field of order 52 = 25.

The unit group U(K) has order 25− 1 = 24, so its elements have orders dividing24, by Lagrange’s Theorem.

We can compute various powers of x using the rule x2 = 3 + 4x, to find themultiplicative order of x.

x3 = x(3 + 4x) = 3x+ 4x2 = 3x+ (2 + x) = 2 + 4x.

x4 = x(2 + 4x) = 2x+ 4x2 = 2x+ (2 + x) = 2 + 3x.

x6 = (2 + 4x)2 = 4 + x+ x2 = 4 + x+ (3 + 4x) = 2.

x8 = (2 + 3x)2 = 4 + 2x+ 4x2 = 4 + 2x+ (2 + x) = 1 + 3x.

x12 = 22 = 4.

Since xk 6= 1 in K for any divisor of 24 less than 24 itself, the multiplicative orderof x is 24, so x is primitive.


2. In Z7, the third power of any element is either 0 or ±1. In particular, 2 hasno cube roots in Z7, so x3 + 5 is irreducible in Z7[x]. The resulting field K =Z7[x]/(x3 + 5)Z7[x] has order 73 = 343, and so its unit group U(K) has order342 = 2× 9× 19.

The element x of K cannot be primitive, since by construction x3 = 2 in K, sox9 = 23 = 1. Hence x has multiplicative order 9 in K. If we want to find aprimitive element, we could try some other elements of K. Note that elementsof Z7 have orders dividing 6, so cannot be primitive in K. Hence also elementsof the form ax or ax2, with a ∈ Z7, have orders dividing 18. (For example,(ax)18 = a18x18 = 1, since a6 = x9 = 1.)

In fact, there can be at most 18 18-th roots of 1 in K, so the 18 elements axb,a ∈ U(Z7), b = 0, 1, 2, are the only elements of U(K) of orders dividing 18. Theother elements have orders which are multiples of 19.

The next simplest element to try is y = 1+x. We can compute powers of y usingx3 = 2:

y3 = 1 + 3x+ 3x2 + x3 = 3(1 + x+ x2),

y6 = 2(1 + x+ x2)2 = 2(1 + 2x+ 3x2 + 2x3 + x4) = 2(5 + 4x+ 3x2),

y9 = 6(1 + x+ x2)(5 + 4x+ 3x2) = 6(5 + 2x+ 5x2 + 3x4) = 6(5 + x+ 5x2),

y18 = (5 + x+ 5x2)2 = 4 + 3x+ 2x2 + 3x3 + 4x4 = 3 + 4x+ 2x2,

y19 = (1 + x)(3 + 4x+ 2x2) = 3 + 6x2 + 2x3 = 6x2.

Now 6x2 has order dividing 18 but not dividing 6 (since 6x2 /∈ Z7).

(6x2)9 = 69x18 = 6, so 6x2 has order 18, and hence y has order 18 × 19 = 342.Thus y is a primitive element in K.

Remark The unit groups of finite fields are widely used in cryptography - particularlyin the construction of error-correcting codes. The most commonly used fields are thoseof characteristic 2, that is, fields Z2[x]/p(x)Z2[x] for some irreducible p(x) of degree d.This enables the elements of the field to be stored efficiently on a computer, as binarystrings of length d, and the Hamming metric gives a natural distance function betweenfield elements. Messages are encoded using a subset of the field, and messages witherrors are corrected to the nearest element of this subset.

All this requires efficient computation in the finite field under consideration. Toachieve this, one needs to find a primitive element y of the field, and set up a ‘discretelogarithm table’

a 0 1 · · · pd − 2ya 1 y · · · y−1


To multiply two field elements α, β quickly, one locates them on the second rowof the table, and identifies their logarithms a, b from the first row of the table. (Thismeans that α = ya and β = yb.) One then adds a + b (modulo pd − 1) and uses thetable to find the antilogarithm ya+b, which is the desired product ya+b = yayb = αβ.

Similarly, the discrete logarithm table can be used to carry out fast exponentiationin the finite field: (ya)b = yab, so to raise an element to its b-th power one finds itslogarithm, multiplies by b modulo pd−1, and then finds the antilogarithm of the result.


Exercises on field extensions

1. Let F be the field Q[x]/(x3 + x+ 1)Q[x]. Express each of the following elementsof F as Q-linear combinations of 1, x, x2:

(a) x4; [(b)] x6; [(c)] x−2; [(d)] (1 + x2)(2− x− x2).

2. In the field F = Q[x]/(x4 +x3 +x2 +x+ 1)Q[x], find expressions for each of x−1,x5 and x43 of the form a+ bx+ cx2 + dx3, a, b, c, d ∈ Q.

3. Let F be the field Z5[x]/(x2 +x+1)Z5[x]. Express each of the following elementsof F as Z5-linear combinations of 1, x:

(a) x3; [(b)] x322; [(c)] (1 + x)2; [(d)] (1 + 2x)(2 + 3x).

4. Let F be the field Z2[x]/(x6 + x + 1)Z2[x] of order 26 = 64. Calculate x7, x9,x14(= (x7)2) and x21(= (x7)3) in F as Z2-linear combinations of 1, . . . , x5. Hencefind the order of x in the group of units of F .

5. In the field F = Z2[x]/(x4+x+1)Z2[x] of order 16, show that x has multiplicativeorder 15, and hence find all elements of multiplicative order 3 (expressed as Z2-linear combinations of 1, x, x2, x3).

6. In the field F = Z7[x]/(x2 + x+ 3)Z7[x] of order 49, find the multiplicative orderof x. Find an element of multiplicative order 8 in F .

7. If F is a field, and n ≥ 2 an integer, such that the polynomial pn(x) = xn−1 +xn−2 + . . . + x + 1 is irreducible in F [x], show that n is a prime number. [Hint:find a factor for pn(x) if n is composite.]

8. Use the Euclidean Algorithm to find a greatest common divisor of the givenelements in the integral domains indicated

(a) 49349 and 15555 in Z;

(b) 2x3 + x2 + 2x+ 1 and 2x2 + 7x+ 3 in R[x];

9. Find the minimal polynomials (in Q[x]) of the following complex numbers:

(a) 1 + i

(b)√

1 +√

2

(c)1√2− i√

2

f1.3ye2/f1.3yk3 algebra and analysis part 2: …jim/f13ye2/algebra_notes.pdf · algebra and...

Documents