rings
Similar to group theory, ring theory deals with studying specific rings. Almost all ring theory deals with commutative rings, in particular – non-commutative rings are kind of niche (though we’ll explore those).
Here’s my notes on ring theory.
-
November 27, 2023.
Introduction to ring theory
Questions:
- What is a ring?
- What kinds of elements are in a ring?
- What is an integral domain, and what is a field?
- How do rings compare to groups?
- What operations can be done on rings?
In 1892, David Hilbert, while working with algebraic number theory, coined the term “Zahlring” (number ring) , which was later shortened to “Ring”, and finally translated in English to “ring” to refer to the structure we’re about to introduce.
(R,+,⋅) is a ring, defined as some underlying set R whose elements have a notion of addition (+) and multiplication (⋅). There are various definitions of a ring (see the appendix) but for our purposes we choose the strongest definition, where the following axioms must hold for all rings:
- (R,+) forms an (additive) abelian group with identity 0 (called the zero element).
- (R,⋅) forms a (multiplicative) commutative monoid with identity 1 (called unity).
- ⋅ distributes over +.
One fact that holds for all rings is the binomial theorem, which we can derive from these axioms. We adopt a common notation for repeated addition and repeated multiplication:
- kr (where k is an integer) is r added to itself k times.
- rk (where k is an integer) is r multiplied by itself k times.
Binomial Theorem: For any r,s∈R for a ring R, (r+s)n=∑k=0n(kn)rksn−k for all nonnegative n.Proof by induction on n.
- Base case n=0: (r+s)0=1=(00)r0s0. Note that this only exists since we have a multiplicative identity 1.
- Inductive case n>0: The inductive hypothesis gives (r+s)n−1=∑k=0n−1(kn−1)rksn−1−k. Note that commutativity of the product lets us express every term of this sum as c⋅risj for some integers i,j and some integer coefficient c=(ii+j−1).
- Now observe (r+s)n=(r+s)(r+s)n−1=r(r+s)n−1+s(r+s)n−1=ri=0∑n−1(in−1)risn−1−i+sj=0∑n−1(jn−1)rjsn−1−j=i=0∑n−1(in−1)ri+1sn−1−i+j=0∑n−1(jn−1)rjsn−j=i=1∑n(i−1n−1)risn−i+j=0∑n−1(jn−1)rjsn−j=i=0∑n(i−1n−1)risn−i+j=0∑n(jn−1)rjsn−j=i=0∑n[(i−1n−1)+(in−1)]risn−i=i=0∑n(in)risn−i by distributivity by IH since (−1n−1)=(nn−1)=0 by Pascal’s identity
In this section, we go over some examples of rings.
Possibly the ring that is the most ring of them all is the integers Z. In fact the axioms above are basically modeled after integer addition and multiplication, which is why it is very easy to check that Z is a ring.
More interestingly, Zp, the integers mod p, form a ring. Just as with integers, addition and multiplication work with the elements aˉ of Zp (called residue classes) where aˉ=bˉ if a,b differ by a factor of p.
Other examples include the rationals Q, the real numbers R, and the complex numbers C. There is also the zero ring (or trivial ring) 0, the ring containing just a zero element 0.
In this section, we study operations on rings.
Just like with groups, we can operate on rings as mathematical objects in their own right.
First, the direct product of two rings R×S is the same as with groups – the elements of R×S are all the pairs (rR,sS), with addition and multiplication defined pointwise. (When we have multiple rings like R and S, we typically distinguish their elements by adding the ring’s name as a subscript. For example, 1R is the multiplicative identity in R, and 0S is the additive identity in S.)
Second, we can adjoin a new element to a ring. Basically this means adding the element to the ring and taking the closure under addition and multiplication. For instance, the ring R[e] is the result of adjoining e∈R to ring R. Here are some examples:
- Q[2] where 2∈R
- Z[i] where i∈C
- R[i]=C
We’ll make heavy use of this when we start talking about polynomial rings, but for now it’s just good to keep in mind that we can do this.
In this section, we define the units of a ring.
We mentioned that the integers Z are the prototypical example of a ring. Integer addition and multiplication are commutative, we have an additive identity 0 and a multiplicative identity 1, there are additive inverses, and multiplication distributes over addition. So all the ring axioms hold on the integers.
What about multiplicative inverses? Do they exist for the integers? The multiplicative inverse of an integer z is a value z−1 such that z⋅z−1=1. But the only integers that can satisfy this are z=1 and z=−1. So it seems like only unit values of the integers can be multiplicative inverses.
Generalizing from integers to arbitrary rings R, invertible elements of a ring (with respect to multiplication) are called its units. The units of any ring R form a multiplicative group, denoted R× or sometimes R∗. Note that R× is never a ring, because rings require the additive identity 0, and 0 is never a unit.
Theorem: 0 is never a unit of a ring R.To be a unit, we’d have to have 0⋅0−1=1, but that’s impossible since 0 multiplied by anything is zero.
Theorem: u,v are units iff their product uv is a unit.- If u,v are units then (uv)(v−1u−1)=u(vv−1)u−1=u1u−1=1 shows that uv is a unit.
- If uv is a unit then u(v(uv)−1)=(uv)(uv)−1=1 shows u is a unit, and a symmetric argument shows v is a unit.
A ring comprised of only zero and units is called a field. We know that all nonzero elements in a field are invertible and have the identity element 1, so the nonzero elements of a field F actually form a multiplicative group F×.
Theorem: The multiplicative group F× of a field F has order ∣F∣−1.The multiplicative group takes only the units of F, of which there are ∣F∣−1 since everything but zero is a unit in F.
Fields have many special properties, which we’ll dive into in depth in a different exploration.
In this section, we introduce zero divisors.
Unlike the integers, however, in a ring it is possible for a⋅b=0 for nonzero a,b. We call such a,b zero divisors because they effectively divide zero into two nonzero elements.
Zero divisors are generally undesirable, because their presence implies a lack of cancellability in the ring. In other words, when we have a⋅b=a⋅c, we’d like to claim that b=c as a result. But this relies on the fact that the map x↦a⋅x is injective, which is not the case when a is a zero divisor, because then both a⋅b=0 and a⋅0=0. So you can think of zero divisors as uncancellable elements in a ring.
A ring with no (nonzero) zero divisors is called an integral domain. Essentially, integral domains are exactly the rings that have cancellability, which is desirable. We also enforce the requirement that nonzero elements exist in integral domains, so as a special case, the zero ring 0 is not an integral domain.
Let’s see some examples:
Theorem: Zp is an integral domain if p is prime.- Since p is prime, when p∣ab for a,b∈Zp then either p∣a or p∣b.
- In Zp, this translates to: when ab≡0 mod p, then either a≡0 mod p or b≡0 mod p.
- So a,b cannot be both zero divisors (ab≡0 mod p) and nonzero (a,b≡0 mod p).
- Therefore there are no nonzero zero divisors, making Zp an integral domain.
Theorem: The direct product of nonzero rings cannot be an integral domain.- The result of a direct product of nonzero rings always contains the elements (1,0) and (0,1).
- Since (1,0)(0,1)=(0,0), both are zero divisors.
- Since there are zero divisors, the direct product is not an integral domain.
Let’s see how zero divisors and units interact.
Theorem: No element can be both a zero divisor and a unit.A zero divisor a satisfies ab=0 for some nonzero b. But if a is a unit, then no such b exists since left-multiplying ab=0 by a−1 gives b=0.
Corollary: Every field is an integral domain.An integral domain must have no nonzero zero divisors. But every nonzero in a field is a unit by definition, and therefore not a zero divisor.
Theorem: Every finite integral domain is a field.- Take any nonzero a∈R, so that the set {a,a2,a3,…} is not all zeros.
- Since we’re in a finite ring, {a,a2,a3,…} eventually repeats, so that there is some an equal to am where n>m.
- Since we’re in an integral domain, we can cancel am from both sides of an=am, producing an−m=1 since n>m.
- Note that n−m>0, so this can be rewritten as a⋅an−m−1=1, proving that a is a unit.
- Since every nonzero a∈R is a unit, R must be a field.
In this section, we introduce idempotents.
An idempotent in a ring R is an element e∈R such that e2=e, and therefore ek=e for all k≥1. For every ring, 0 and 1 are trivially idempotent since 02=0 and 12=1.
Theorem: Every nontrivial idempotent is a zero divisor.For idempotents e that aren’t 0 or 1, we can show that since e2=e, we have e2−e=0 and therefore e(e−1)=0 by distributivity. Since e=1 implies e−1 is nonzero, and e=0, e and e−1 must both be zero divisors.
Therefore the nontrivial idempotents are a special subset of zero divisors. This means that if a nontrivial idempotent exists in a ring, the ring is not an integral domain.
Studying the idempotents themselves gives rise to some interesting structures:
Theorem: The idempotents of a ring form a partially ordered set.A partially ordered set (poset) is a set where a partial order a≤b is defined for all elements a,b, so that ≤ satifies
- reflexivity ∀a.a≤a,
- antisymmetry ∀a,b.a≤b∧b≤a⟹a=b, and
- transitivity ∀a,b,c.a≤b∧b≤c⟹a≤c.
On the idempotents, define e≤f iff ef=e or ef=f. The idea is that all factors are “less than” their products. This satisfies the requirements:
- Reflexivity: ee=e2=e, therefore e≤e.
- Antisymmetry: Assuming ef=e and fe=f we get e=ef=fe=f.
- Transitivity: Assuming ef=f end fg=g we get eg=efg=fg=g.
Thus the idempotents form a poset.
Theorem: The idempotents of a ring form a boolean algebra.A boolean algebra is a poset together with the operators ¬,∨,∧ corresponding to negation, disjunction, and conjunction respectively, as well as two distinguished elements 0 and 1, all satisfying the following:
- ¬x=0 iff x=1, ¬x=1 iff x=0
- x∨y=0 iff x=y=0, otherwise x∨y=1
- x∧y=1 iff x=y=1, otherwise x∧y=0
- ∨ and ∧ are commutative
- ∨ and ∧ are associative
Define:
- negation ¬e as 1−e.
- disjunction e∨f as e+f−ef.
- conjunction e∧f as ef.
- 0 as the additive identity 0.
- 1 as the multiplicative identity 1.
Then:
- ¬e=1−e, which is 0 if e=1 and 1 if e=0.
- e∨f=e+f−ef, which is 0 if e=f=0 and 1 otherwise.
- e∧f=ef, which is 1 if e=f=1 and 0 otherwise.
- Commutativity can be shown by observing that both e+f−ef and ef are unchanged when you swap e and f.
- Associativity of ∧ comes from associativity of the product in a ring. Associativity of ∨ is harder but routine: e∨(f∨g)=e∨(f+g−fg)=e+(f+g−fg)−e(f+g−fg)=e+f+g−fg−(ef+eg−efg)=e+f−ef+g−(eg+fg−efg)=(e+f−ef)+g−g(e+f−ef)=(e+f−ef)∨g=(e∨f)∨g
Corollary: Every finite ring contains 2k idempotents for some k.The proof of this isn’t really a ring theory proof, so I left it out. But it is a property of boolean algebras that every boolean algebra is isomorphic to the power set of a k-element set, therefore every finite ring contains 2k idempotents.
If every element in a ring is idempotent, then the whole ring is a boolean algebra, so we call it a boolean ring.
In this section, we introduce nilpotents.
Another special case of zero divisors are those elements that, when raised to a suitable power, become zero. These are elements a that satisfy ∃k.ak=0, and they are called nilpotents. The zero element 0 is always a nilpotent in every ring.
Theorem: A nonzero element e cannot be both idempotent and nilpotent.An idempotent element e is still itself when raised to an arbitrary power ek=e. That means that, unless e=0, powers of e never become zero, therefore e cannot be nilpotent.
Theorem: If r,s are nilpotent elements of a ring R, then r+s and r−s are also nilpotent.Say rn=0 and sm=0. Then using the binomial theorem, (r+s)n+m=∑k=0n+m(kn+m)rksn+m−k. Ignoring the coefficient, notice that each term rksn+m−k vanishes, because if k≥n then rk=0 and if k≤n then n+m−k≥m thus sn+m−k=0. Therefore r+s is nilpotent. The same argument works for r−s.
Like all zero divisors, nilpotents cannot be units. However, the existence of nilpotents is special since it always implies the existence of units:
Theorem: For every nilpotent a in a ring R, the element 1−a is a unit of R.If ak=0 for some k, then let S=∑i=0k−1ai be the sum of all the powers of a up to ak−1, which is an element of R. Observe that because ak=0, aS=(∑i=1kai) is exactly every element of S except for a0=1. Then their difference S−aS must be equal to 1, and by factoring out S, we have S(1−a)=1, meaning 1−a is a unit of R.
Corollary: If a is nilpotent in a ring R and u is a unit, u+ka for all k∈Z are also units of R.For u−a, use the same argument as above with the series S=∑i=0k−1(au−1)i. (u−a)(u−1S)=S−(au−1)S=1 This implies (u−a)−a is a unit as well, and so on, thus u+ka is a unit for all k≤0.
Similarly, for u+a, use the series S=∑i=0k−1(−au−1)i. (u+a)(u−1S)=S−(−au−1)S=1 This implies (u+a)+a is a unit as well, and so on, thus u+ka is a unit for all k≥0.
Corollary: u+b is a unit for every unit u and nilpotent b.In this section, we introduce the characteristic of a ring.
The above proof that ∀k∈Z.u+ka is a unit seems to imply that every nilpotent can produce an infinite number of units. However, this isn’t always true — some rings are finite. Can you think of one?
You might have come up with the ring of integers mod n, denoted Zn. Specifically let’s try Z8, so that 2 is a nilpotent element because 23=0 in Z8. Using our formula 1−k2, this implies that 1,3,5,7 are units of the ring. But because 1+2+2+2+2=1, the ring “loops back” on itself at some point, so we don’t get any additional units.
This special ring property where addition “loops back” is called the characteristic. The characteristic of a ring R is the number of times you have to add 1 to itself before you get 0. This makes sense in the ring of integers mod n, because in that ring, adding 1 to itself n times gives 0. So Zn has characteristic n, and we write char Zn=n. For rings like the integers Z, however, no amount of adding 1 to itself will give 0, so for those rings the characteristic is defined to be 0. Thus char Z=0. The idea is that the only way to get 0 is to add 1 zero times to itself.
Since most rings we work with have characteristic 0, we will only mention characteristic when it matters. For instance, it turns out that characteristic 2 rings are particularly strange. Here’s an example of why.
Theorem: In a characteristic 2 ring R, addition is the same as subtraction.Since a+a=2a=0 for every a∈R, every element in R is its own additive inverse: a=−a Thus a+b=a−b=−a+b=−a−b
While rings can be of any nonnegative characteristic in general, this is not true of integral domains.
Theorem: The characteristic of an integral domain is either 0 or a prime number p.(ab)1=ab=0 is precisely the requirement for the characteristic to be a composite number ab. But since integral domains have no nonzero zero divisors, it’s not possible that ab=0 for nonzero a,b. Therefore, the characteristic is either prime or zero.
Corollary: The characteristic of a field is either 0 or a prime number p.
Important note: Recall that when we adjoin an element from one ring to another, we take the additive and multiplicative closure of the result. For closure to make sense, the two rings must be of the same characteristic. So you can only adjoin elements of one ring to another if they have the same characteristic.
In this section, we talk about subrings.
A subring is a subset of elements of a ring R that satisfies the ring axioms. Additionally, it must includes 1 as the multiplicative identity. This is enough to show it includes 0 as the additive identity as well, since 1−1=0.
This last requirement is curious, but it’s certainly possible for R to have subsets that are rings with a different multiplicative identity. They’re just not considered subrings.
Theorem: Every ring R of characteristic 0 includes a subring isomorphic to the integers Z.We can define a correspondence between the integers and a subring of R. Assign every integer n∈Z to n1, which is 1 added to itself n times. Since char R=0, each n1 is a unique element in R. Then we know that the subset of these n1 elements is a ring, because we can use the ring Z to define addition and multiplication on the n part of these elements. Thus R includes Z as a subring.
Theorem: The intersection of two subrings is a subring of both.- The intersection is an additive group, since both subrings are additive groups, and the intersection of additive groups is also an additive group.
- The intersection has 1 from the original ring, since that’s present in both subrings.
- The intersection is closed under product, since both subrings are closed under product.
- The intersection inherits the multiplicative identity and distributive laws from the original ring.
- Since the intersection is a subset of both given subrings, is an additive group, contains 1, is closed under product, and satisfies identity and distributive laws, it is a subring of both.
Theorem: Every subring of an integral domain is an integral domain.Since integral domains don’t have zero divisors, none of its subrings can have zero divisors, so every subring is also an integral domain.
Appendix A
Our earlier definition actually breaks down into four ring axioms:
- (R,+) forms an (additive) group with zero element 0.
- (R,⋅) forms a (multiplicative) monoid with unity (identity) 1.
- ⋅ distributes over +, and this actually implies + is commutative, so (R,+) must be an abelian group.
- ⋅ is also commutative.
While we will assume all of these axioms hold for a ring, one might define more general rings by relaxing these axioms. For completeness, here are the names for some ring variants:
- A rig or a semiring is a ring where (R,+) is also a monoid, dropping the requirement for additive inverses (n egatives).
- A rng is a ring where (R,⋅) is a semigroup rather than a monoid, dropping the requirement for 1 (the multiplicative i dentity). A ring with a multiplicative identity is sometimes explicitly called a unital ring.
- A near-ring doesn’t require + or ⋅ to be commutative. When ⋅ is not commutative, then left near-rings only require left distributivity (so only products on the left distribute), and similarly for right near-rings.
- Noncommutative rings are those where ⋅ is not commutative. Otherwise it’s a commutative ring. For our purposes, we assume all rings are commutative unless otherwise specified.
So what we call rings are technically what some people call unital commutative rings. We won’t mention these other names very much since having to deal with non-unital or non-commutative rings introduces a lot of complexity, and I’d rather get into that complexity much later.
-
November 28, 2023.
Exploration 1: Rings and ideals
Questions:
- How do you take quotients of rings?
- What is an ideal?
- How do you work with ideals?
- What do the elements in an ideal imply about the ideal?
Recall from group theory that a normal subgroup can be used to define a quotient group, by sending every element of the normal subgroup to the group identity.
If we do the same thing with rings, we reach a slight problem. Taking R/H where H is a normal subgroup of R’s additive group fails certain ring axioms. Let’s see why.
Given a ring R, let’s say that H is a subgroup of the additive subgroup within R. H is normal, so by definition, R/H (sending elements of H to 0) is a quotient group. To be a quotient ring, however, we need to define multiplication in R/H.
Recall that the elements of R/H are equivalence classes [a] under the relation a∼b iff b−a∈H. Being a quotient group means we already have addition defined as [a]+[b]=[a+b]. To see what multiplication [x][a] must be, we’ll have to rely on the ring axioms:
- Multiplicative identity: if 1a=a=a1 in R, then [1][a]=[a]=[a][1] in R/H.
- Multiplication is associative: if (ab)c=a(bc) in R, then ([a][b])[c]=[a]([b][c]) in R/H.
- Multiplication is distributive: if a(b+c)=ab+ac in R, then [a]([b]+[c])=[a][b]+[a][c] in R/H.
So we get three constraints. The first constraint implies that the definition [a][b]=[ab] could work, and in fact this definition satisfies all the constraints:
- Multiplicative identity: [1][a]=[1a]=[a]=[a1]=[a][1]
- Multiplication is associative: ([a][b])[c]=[(ab)c]=[a(bc)]=[a]([b][c])
- Multiplication is distributive: [a]([b]+[c])=[a(b+c)]=[ab+ac]=[a][b]+[a][c]
So the definition [a][b]=[ab] seemingly allows R/H satisfies the ring axioms. The only step left is to show well-definedness of [a][b]=[ab].
Therefore: In order for R/H to be a ring, H must be a subgroup of R’s additive subgroup, and additionally xH=H for all x∈R.Recall that [x]+[a]=[x+a] only works because we showed x+[a]=[x+a], making it well defined. In the same vein, for [x][a]=[xa], we need to show that x[a]=[xa] for all x∈[x]. This is the same as proving that xa∼xb iff a∼b. Let’s see how this works out: ⟺⟺⟺⟺⟺⟺xa∼xbxb∈[xa]xb−xa∈Hx(b−a)∈Hb−a∈Hb∈[a]a∼b Note that the cancellation step x(b−a)∈H⟺b−a∈H requires xH=H. This imposes xH=H as a requirement for multiplication in R/H to be well-defined.
These “additive subgroups that absorb multiplication” are known as ideals. Just as you need a normal subgroup to quotient a group, you need an ideal to quotient a ring. The elements of a quotient ring are still known as cosets, just like for quotient groups in group theory.
Theorem: I is an ideal of R iff I is nonempty, and that for any a,b∈I and r∈R, we have a−b∈I and ra∈I.- We just showed that an ideal I is an additive subgroup of R that absorbs multiplication by elements r∈R.
- a−b∈I implies closure under additive inverse (let a=0) and addition (let b=−b), thus I is an additive subgroup of R.
- ra∈I implies that I absorbs multiplication by elements r∈R.
In this section, we classify a ring by its ideals.
In general, to find all the ideals of a ring, you need to find all the additive subgroups of the ring’s additive group. Then the ideals are those additive subgroups that also absorb product. Let’s see some examples.
0 and R are always ideals of every ring R, where 0 refers to the zero ring that only contains the zero element 0.
Therefore: Proper ideals do not contain 1.What happens if an ideal contains 1? Since every product with 1 must be in the ideal, that means every element of the ring is in the ideal, thus the ideal must be equal to the ring itself.
Therefore: Proper ideals do not contain units.What happens if an ideal contains a unit? Then a−1a=1 is also in the ideal, which means the ideal must contain 1. But as we just observed, proper ideals don’t contain 1.
Now we are ready to explore specific kinds of ideals and how they interact with rings.
First, there is the ideal generated by an integer, nR, containing every element in R added to itself n times. These ideals are generally only found in finite rings, or the ring of integers.
Second, every element a∈R can generate a principal ideal (a) containing every possible product with a. 0 and R are both principal ideals, generated by 0 and 1 respectively, and so they are sometimes written (0) and (1).
Sometimes aR, the product of every element in R with a, is used to denote the principal ideal (a) because it’s the same thing. For example:
Theorem: Zp, the integers mod p, is isomorphic to Z/pZ, the integers quotiented by the principal ideal (p).The integers mod p essentially set p=0, which is the same as what happens when you send the principal ideal (p) to 0.
Principal ideals (a) have an important property that if the generator a factors into non-units bc, each factor b or c generates a strictly larger principal ideal.
Theorem: Given a principal ideal (a) and a non-unit b, the ideal (ab) is strictly contained in (a).Since a generates ab, it is clear that (ab)⊆(a). The case that (ab)=(a) is not possible — this implies that ab generates a, i.e. there is some b−1 such that abb−1=a, implying that b is a unit. Therefore, if b is a non-unit, (ab)⊊(a).
Third, let’s look at prime ideals. They are similar to prime numbers: if p divides a product ab, then either p divides a or p divides b. By replacing “p divides” with “P contains”, you get a prime ideal P, an ideal with the property that if ab is in a prime ideal, either a or b is also in the prime ideal.
Theorem: Quotienting by a prime ideal results in an integral domain.- Let [a],[b] be two nonzero cosets in the quotient. Let P be a prime ideal, so that ab∈P implies a∈P or b∈P.
- Translating this into coset terms, we have [ab]=[0] implies [a]=[0] or [b]=[0], both of which are false since [a] and [b] are defined to be nonzero.
- But that means [a][b]=[0] has no nonzero solutions, i.e. there are no zero divisors.
- No zero divisors is the definition of an integral domain.
Finally, we have one last type of ideal: a maximal ideal, one that isn’t contained in a larger (proper) ideal. It is possible that there are no maximal ideals (in certain infinite rings), or more than one maximal ideal.
Theorem: Quotienting by a maximal ideal results in a field.- Let M be a maximal ideal of a ring R.
- We must show that every nonzero coset [a] in the quotient R/M is a unit, i.e. there is always some coset [b] such that [b][a]=[1].
- Note that since [a]=[0], a∈M. Therefore the ideal ⟨a,M⟩, which is generated by M plus an element a∈M, is a larger ideal.
- But since M is maximal, no larger proper ideal contains M. So ⟨a,M⟩ must not be proper – it must be the whole ring R, and therefore 1∈⟨a,M⟩.
- This means that we somehow obtained 1 by adding some multiple of a to an element m∈M. That is, ka+m=1 for some k∈R.
- In coset terms, we have [k][a]+[m]=[1]. Since m∈M, [m]=[0], so this simplifies to [k][a]=[1].
- This implies that every element [a] of the quotient is a unit, and therefore the quotient is a field.
A final note: a simple ring is one where the only ideals are 0 and R. Since we’re only talking about commutative rings, we actually find that simple rings and fields coincide.
Theorem: The simple rings are exactly the fields.- Since an ideal containing a unit must be R itself, and fields only contain zero and units, fields only have the ideals {0} and R.
- Conversely, a ring with only ideals {0} and R implies that any nontrivial principal ideal (a) is equal to R, which contains 1. That means some multiple of a is equal to 1, and ka=1 implies that every (nonzero) element a is a unit, therefore the ring only contains zero and units and is therefore a field.
Corollary: All maximal ideals are prime.In this section, we learn how to manipulate ideals.
First, let’s talk about the sum of two ideals. It is an ideal.
Theorem: The sum of two ideals A+B, defined as the set {a+b∣a∈A,b∈B}, is an ideal.- To prove it is an ideal, we need to prove it is a normal subgroup of the additive group of the ring, and that it absorbs product.
- The group product A+B of two normal subgroups A,B is a normal subgroup. (proof)
- Since r(A+B)=rA+rB=A+B, we know A+B also absorbs product.
- Therefore A+B is an ideal.
What about the union and intersection of two ideals?
Theorem: The intersection of two ideals A∩B is an ideal.- To prove it is an ideal, we need to prove it is a normal subgroup of the additive group of the ring, and that it absorbs product.
- The intersection A∩B of two normal subgroups A,B is a normal subgroup. (proof)
- Since rA=A and rB=B, then by definition of A∩B, we know A∩B also absorbs product as well (r(A∩B)=A∩B).
- Therefore A∩B is an ideal.
Theorem: The union of two ideals A∩B is not always an ideal.Consider the counterexample (2)∪(3) in Z, which contains all multiples of 2 and 3. But this subset of Z is not closed under addition (e.g. 2+3=5) and is therefore not an ideal.
In this section, we explore what kinds of elements an ideal can contain.
We’ve already established that a proper ideal cannot contain units. What are some other limitations on what an ideal can contain?
First, consider: when does an ideal contain a zero divisor?
Therefore: Nontrivial ideals always contain a zero divisor, if one exists.- Let’s say that the ring contains a zero divisor r and some ideal A.
- Since product with a zero divisor results in either zero or a zero divisor, rA contains nothing but zero and zero divisors. Then since ideals absorb product, rA⊆A.
- If rA has a zero divisor, then that zero divisor is in A and we are done. Otherwise rA={0}, but that means ra=0 for all a∈A, meaning for all nonzero a∈A, a is a zero divisor.
- Either way, as long as A is nontrivial (not the zero ring), then it contains a zero divisor.
Next, when does an ideal contain an idempotent?
Therefore: Prime ideals contain an idempotent element, if one exists.- Let’s say that the ring contains an idempotent a and some ideal A.
- a2=a implies 0=a(1−a). For a prime ideal, this is interesting: since all ideals contain 0, a prime ideal must contain one of the factors of 0, i.e. either a or (1−a).
- Both are idempotent: a is by definition, and (1−a)2=a2−2a+1=a−2a+1=1−a.
Finally, when does an ideal contain a nilpotent?
Theorem: Every prime ideal P contains every nilpotent element.- Like every ideal, P contains 0. Since 0 is nilpotent, every ideal contains at least one nilpotent element. So let r be an arbitrary nilpotent element so that rn=0 for some n.
- This means 0 can be factored into r⋅rn−1. By the property of prime ideals, either r∈P (so that we are done), or rn−1∈P, in which case we recursively apply this logic for rn−1. Eventually you get to r⋅r which proves that r∈P.
- Since r is an arbitrary nilpotent element, this shows that every nilpotent element is in P.
There is a deeper result here, though it requires Zorn’s lemma to prove.
Theorem: The intersection of all prime ideals in R is exactly the set N of all nilpotent elements of R.- Since every prime ideal contains N, so does the intersection of all prime ideals. To prove that N contains the intersection of all prime ideals, we must prove every element of the intersection r is nilpotent. Assume towards contradiction that r is not nilpotent.
- Then the set S={s∈R∣rns=0 for some n≥1} is a nonempty set (since s=0 is in S) of proper ideals (since s=1 can’t be in S, as it would imply rn=0, and including 1 implies not being a proper ideal).
- Note that S cannot contain r or any of its powers ri, because otherwise rnri=0 would imply r is nilpotent, violating our assumption.
- Zorn’s lemma (for ideals): Every nonempty set of proper ideals S ordered by inclusion includes some maximal ideal M.
- Zorn’s lemma states that every poset that defines an upper bound for every nonempty chain in the poset contains a maximal element.
- Ideals ordered by inclusion form a typical poset. Then a chain of ideals looks like I1⊆I2⊆I3⊆….
- The union of a chain of ideals is an ideal as well. It’s an upper bound since it contains every ideal in the chain. Therefore every nonempty chain has an upper bound.
- Then by Zorn’s lemma, every nonempty set of proper ideals contains a maximal element, which is a maximal ideal.
- So by Zorn’s lemma, S contains a maximal ideal M.
- Since all maximal ideals are prime, this means M is a prime ideal that doesn’t contain r.
- But this contradicts the fact that r is in the intersection of prime ideals. Therefore r must be nilpotent in order to be in the intersection of prime ideals.
- This means the intersection of prime ideals is exactly all the nilpotent elements of R.
-
November 30, 2023.
Exploration 2: Ring homomorphisms
Questions:
- TODO
Just like with groups, there are ring homomorphisms: maps between rings that preserve the ring properties. While group homomorphisms need only preserve the identity and the group product, ring homomorphisms must preserve addition, multiplication, and the multiplicative identity. (Since 1−1=0, preserving the multiplicative identity 1 also preserves the additive identity 0.) Therefore all ring homomorphisms are also group homomorphisms of the rings’ additive abelian groups.
Theorem: Ring homomorphisms θ preserve rational expressions (expressions involving addition, subtraction, multiplication, integer scalar multiplication, powers, and division by units).- By induction on the rational expression.
- ∀a,b∈R.a+b∈R⟹θ(a)+θ(b)∈R since rings are closed under addition by definition, and homomorphisms preserve addition.
- ∀a,b∈R.a−b∈R⟹θ(a)−θ(b)∈R since rings are closed under addition and additive inverse by definition, and homomorphisms preserve addition and additive inverse.
- ∀a,b∈R.ab∈R⟹θ(a)θ(b)∈R since rings are closed under multiplication by definition, and homomorphisms preserve multiplication. This also implies that units are preserved, because ab=1 implies θ(a)θ(b)=θ(1).
- ∀a∈R,k∈Z.ka∈R⟹kθ(a)∈R since this is just repeated addition, and rings are closed under addition by definition, and homomorphisms preserve addition.
- ∀a∈R,k∈Z.ak∈R⟹θ(a)k∈R since this is just repeated multiplication, and rings are closed under multiplication by definition, and homomorphisms preserve multiplication.
- ∀a∈R,b∈R×.a/b∈R⟹θ(a)/θ(b)∈R since this is just multiplication by multiplicative inverse, and rings are closed under multiplication by definition, and homomorphisms preserve multiplication and units.
Theorem: Ring homomorphisms preserve units, idempotents, and nilpotents.- Since a ring homomorphism must preserve equations composed of only rational expressions, it preserves the equation ab=1. But that’s just the definition of being a unit.
- The same goes for r2=r (idempotents) and rn=0 (nilpotents).
Theorem: Ring homomorphisms preserve characteristic.- This is a direct consequence of preserving addition and the multiplicative identity 1: if n⋅1R=0 in R, then that maps to n⋅1S=0 in S.
The kernel ker θ of a ring homomorphism θ:R→S is the subset of elements in R that get mapped to 0S by θ.
Theorem: The kernel of a ring homomorphism θ:R→S is an ideal of R.Kernel is always an additive subgroup of R, like from group theory. To show it absorbs product and is therefore an ideal, note that θ(ker θ)={0} by definition, and 0 absorbs all products.
The image im θ of a ring homomorphism θ:R→S is the subset of elements in S that get mapped to θ.
Theorem: The image of a ring homomorphism θ:R→S is a subring of S.Since θ is a ring homomorphism, this is implied. im θ is an additive subgroup closed under multiplication, and θ preserves unity.
Just like with group homomorphisms, if a ring homomorphism has trivial kernel, it is injective — θ(r)=θ(s) implies r=s.
Theorem: If a ring homomorphism θ:R→S has trivial kernel, then it is injective.- (→) If the kernel is trivial (only 0 maps to 0), then θ(r)=θ(s) i.e. θ(r−s)=0 implies r−s must be 0, which means r=s.
- (←) If θ(r)=θ(s) implies r=s, then in particular θ(r)=θ(0)=0 implies r=0, i.e. only 0 can map to 0, which means the kernel is trivial.
If R is a field F, then ring homomorphisms become field homomorphisms. Field homomorphisms are just ring homomorphisms in the sense that they need only respect the ring axioms. However, the nature of fields gives all field homomorphisms certain properties:
Theorem: Every field homomorphism is injective.- Since the kernel of a ring homomorphism θ:F→K is an ideal of F, and the only ideals in a field F are 0 and F itself, the kernel is either trivial (0) or F itself.
- But since ring homomorphisms must preserve the multiplicative identity 1, the kernel cannot include 1 (since it doesn’t get mapped to zero).
- Therefore the kernel is trivial, so θ is injective.
In this section, we learn some ways to construct ring homomorphisms.
We learned earlier that we can quotient a ring R by an ideal I to get a quotient ring R/I where all elements of I are sent to 0. Since the result is a ring, the coset map π:R→R/I is always a ring homomorphism.
What happens if we send an element r∈R to another element s?
Therefore: Renaming r∈R to s∈R, i.e. making the two elements equal in R, is a ring homomorphism.- Sending an element r∈R to s∈R is the same as making the two elements equal in R.
- That is, we’re enforcing the equation r=s in R.
- One way to do this is to note that the equation is equal to r−s=0. Then sending the element r−s to 0 is the same as making r=s in R.
- But that’s the same as quotienting by the principal ideal (r−s), and we know that quotient is always a ring homomorphism.
In this section, we show how to use the First Isomorphism Theorem to quickly prove facts about rings by constructing a homomorphism.
First Isomorphism Theorem: Given a ring homomorphism θ:R→S, R/ker θ≅im θ.- Just like we did in proving the First Isomorphism Theorem for groups, we prove that the map θˉ=[r]↦θ(r):R/ker θ→im θ is a ring isomorphism.
- θˉ is well defined: ker θ is an ideal of R (proof) so R/ker θ is a well-defined factor ring. Then from the universal property of the group quotient, we know that θˉ is a well-defined group homomorphism.
- θˉ
preserves unity and product: they are basically inherited from
θ.
- θˉ([1])=θ(1)=1
- θˉ([a][b])=θˉ([ab])=θ(ab)=θ(a)θ(b)
- Therefore, θˉ is also a ring homomorphism.
- θˉ is bijective: θˉ is onto, since the output is θ(r) for all r∈R, which encompasses im θ. The reverse direction of the proof above for [a]=[b]⟺θ(a)=θ(b) shows θˉ is one-to-one.
- Therefore, θˉ is an isomorphism.
In general, we define a isomorphism θ:R→S. Then the first isomorphism theorem gives you R/(ker θ)≅S. Here’s an example of how it can be used:
Theorem: For n∈Z, the quotient Z/(n) is isomorphic to Zn, the integers mod n.- Define the map θ:Z→Zn, which is just the residue map from the integers to their corresponding equivalence class in Zn. This map is obviously surjective, since each class in Zn is typically represented by some integer in Z.
- The kernel of θ is exactly every multiple of n, i.e. the principal ideal generated by n.
- By the First Isomorphism Theorem, we have R/ker θ≅im θ. With ker θ=(n) and im θ=Z/(n) (since it is surjective), we get R/(n)≅Z/(n).
Here’s another isomorphism theorem:
Theorem: (R×S)/(A×B)≅R/A×S/B.- The map (r,s)↦([r]A,[s]B) has kernel A×B and image R/A×S/B.
- By the First Isomorphism Theorem, (R×S)/ker θ≅im θ, so we get (R×S)/(A×B)≅R/A×S/B immediately.
Recall that the sum of two ideals is an ideal.
Chinese Remainder Theorem: Given A,B ideals of R, A+B=R⟹R/(A∩B)≅R/A×R/BLet ψ=r↦([r]A,[r]B), which you can check is a surjective homomorphism. Then the result is provided by the First Isomorphism Theorem, since ker ψ=A∩B, and by surjectivity, im ψ=R/A×R/B.
Corollary: When A∩B={0}, we get R/{0}≅R≅R/A×R/B.
-
December 1, 2023.
Exploration 3: Polynomials
Questions:
- How do we factor a polynomial with coefficients in a ring?
- How do we study the rest of ring theory from the lens of polynomial rings?
- What does the derivative of a polynomial mean in the context of ring theory?
Recall that to adjoin an element a to a ring R is to create a ring R[a] generated by the two: something like ⟨a,R⟩.
When you adjoin a symbol x that commutes with the entire ring R, the result is a polynomial ring. It turns out polynomial rings are fundamental in the sense that much of ring theory is built upon generalizing the properties of polynomials, such as irreducibility.
The elements f of a polynomial ring R[x] are called polynomials with coefficients in R, and look like this:
where ai∈R are known as the coefficients of the polynomial f, x is known as an indeterminate over R, and the exponent of the leading xi is known as the degree of the polynomial, denoted deg f. The degree of a constant polynomial c∈R is zero, and the degree of the zero polynomial 0 is undefined.
Let’s show some basic facts that hold when we form a polynomial ring.
Theorem: R is an integral domain iff R[x] is an integral domain.- WTS the product of two nonzero polynomials f,g in R[x] is always nonzero.
- Let an and bm be the leading coefficients of f,g respectively. Since f,g are nonzero, an and bm are nonzero.
- Then the leading coefficient of fg is anbm. Since R is an integral domain, this product is nonzero.
- Then since the leading coefficient of fg is nonzero, fg is nonzero, and we are done.
In this section, we define the operations possible on polynomials.
Polynomial addition/subtraction is straightforward – it is pairwise addition/subtraction of corresponding coefficients.
Polynomial multiplication is more complex. In general, it looks like (i=0∑nrixi)(j=0∑msjxj)=(k=0∑n+mrksn+m−kxk) Note that this means that the resulting coefficients are the convolution of the coefficients ri and sj. Also note that this implies that deg fg=deg f+deg g.
What about polynomial division? Dividing a polynomial f by a polynomial g=0 with remainder r means finding unique polynomials q,r where deg r<deg g (or r=0) such that f=gq+r. Let’s explore how this can be done.
Therefore: For any two polynomials f,g∈R[x] (where g=0) we can find unique polynomials q,r (where deg r<deg g or r=0) such that f=gq+r, but only if the leading coefficient of g is a unit. This theorem is known as the division algorithm.- Let n=deg f and m=deg g.
- First of all, if f=0 then the only solution is q=r=0. Otherwise if n<m, then the only solution is q=0 and r=f. Therefore we can induct on n with the assumption that n≥m.
- If
n=0,
then
n≥m
implies
m=0
and therefore
f,g
are both constant polynomials
∈R.
- Then we have f=qg+r in R. In R, the condition that either r=0 or deg r<m collapses to just r=0 since m=0.
- Since r=0, f=qg+r becomes qg=f in R. Thus the solution is q=fg−1 and r=0. This requires g be a unit in R so when g is constant it must be a unit.
- Otherwise, assume that for all
deg f<n,
there is some
q,r
such that
f=gq+r.
WTS that’s true for
deg f=n
as well.
- With the intention of applying the induction hypothesis, we’d like to obtain a polynomial of degree less than n. This is easy when f and g have the same leading coefficient and degree; then f−g has degree less than n. Otherwise, we must use f−kg where k is a factor that transforms the leading coefficient and degree of g to match those of f.
- Let f=∑inaixi and g=∑jmbjxj, where an and bm are nonzero. Then the value of k that lets us do this is k=anbm−1xn−m.
- Note that this means that the leading coefficient bm of g must be a unit. (This matches our earlier finding that when g is constant, it must be a unit.) Then we have kgkgkgkg=kj∑mbjxj=k(bmxm+j∑m−1bjxj)=anbm−1xn−m(bmxm+j∑m−1bjxj)=anxn+j∑m−1anbm−1bjxj+n−m
- Since f and kg have the same leading term anxn, the difference f−kg cancels out the leading terms and therefore has degree less than n. Then the induction hypothesis with f−kg and g gives us unique polynomials q′,r′ such that f−kg=q′g+r (where either r=0 or deg r<deg g). f−kgf=q′g+r=(k+q′)g+r′
- Thus we have a solution q=k+q′ and r=r′.
Corollary: The division algorithm above produces a unique solution q,r.To see this, towards contradiction assume we have any two distinct solutions q,r and q′,r′ where f=gq+r=gq′+r implies g(q−q′)=r′−r.
- We know that deg r<deg g and therefore the RHS r′−r has degree <deg g.
- Then the LHS g(q−q′) has degree ≥deg g+deg (q−q′).
- Since the LHS and RHS should have the same degree, this is a contradiction.
In summary, we always have addition, subtraction, and product defined for R[x]. But you can only divide by polynomials whose leading coefficient is a unit in R. This means polynomial rings in general don’t admit a division algorithm, because they have nonzero polynomials that you can’t divide by. Rings that do admit such a division algorithm are known as Euclidean domains.
Theorem: If R is a field, then R[x] is a Euclidean domain.You can only divide by nonzero polynomials in R[x] whose leading coefficient is a unit in R, but every leading coefficient is a unit when R is a field. Thus you can divide by any nonzero polynomial in R[x], making R[x] a Euclidean domain.
Corollary: For any two polynomials f,g∈R[x] where g is a nonzero monic polynomial (a polynomial whose leading coefficient is 1), we can find unique polynomials q,r (where deg r<deg g or r=0) such that f=gq+r.Following from the division algorithm, you can only divide by polynomials whose leading coefficient is a unit, and 1 is always a unit. Therefore you can always divide by monic polynomials.
Corollary: Same, but for nonzero polynomials whose leading coefficient is a unit.
Theorem: Every field is a Euclidean domain.Since every nonzero element in a field is a unit, you can already divide by every element in a field: a=qb. Therefore all fields have a division algorithm and are Euclidean domains.
Note that the division algorithm in question requires a notion of degree for every nonzero element in the ring. To generalize the notion of degree to non-polynomial rings, this means having some function ϕ:R∖{0}→N mapping each nonzero to a natural number ≥0 called the Euclidean norm, where ϕ(r)=0 for all units r∈R. The Euclidean norm also needs to satisfy the divisibility condition where for every a∈R and nonzero b∈R, there is a division a=bq+r where either r=0 or ϕ(r)<ϕ(b). (We don’t need to mention the norm ϕ in the above proof, since r=0 in that proof.)
Theorem: If a Euclidean norm ϕ exists in an integral domain R, then a division algorithm exists in R (making R a Euclidean domain.)The Euclidean condition norm requires that for every a,b∈R, we have either a=qb+r or where either r=0 or ϕ(r)<ϕ(b). This is exactly the required division.
Then in general, a Euclidean domain is an integral domain for which a Euclidean norm is defined.
Remember that for polynomial rings R[x] that are not Euclidean domains, you can only divide by polynomials whose leading coefficient is a unit in R. Then:
Theorem: Let f and g be nonzero monic polynomials, each of which divides the other. Then f=g.- If f and g divide each other, we have f=gq and g=fq′.
- deg f=deg gq implies deg f≥deg g.
- deg g=deg fq′ implies deg g≥deg f.
- Therefore deg f=deg g, which implies that q,q′ are constant polynomials that don’t affect the degree of the product.
- The fact that both f,g are monic shows that the leading coefficient is 1 before and after multiplying by q,q’, which implies that q,q′ are both 1.
- Therefore f=g.
This last theorem actually applies in all integral domains. Let’s modify the statement a bit:
Theorem: Let f and g be nonzero elements in an integral domain R. Each of f and g generates the other iff they differ by a unit.- f and g being nonzero in an integral domain implies that neither of them are zero divisors.
- If f and g generate each other, we have f=gq and g=fq′, and therefore f=fqq′.
- Then 0=f(qq′−1) where f is not a zero divisor, implying qq′−1=0.
- This means qq′=1, i.e. q,q′ are units.
- Thus f=gq means f differs from g by a unit.
- The converse is trivial — if f,g differ by a unit u, then they generate each other via the unit: f=ug and g=u−1f.
In this section, we explore the consequences of evaluating polynomials.
One of the most important things we can do with polynomials is evaluation, in which we substitute x with a∈R.Therefore: we can evaluate a polynomial to an element of R by substituting x with b.- Such a mapping is always a ring homomorphism.
- The resulting expression ∑iaibi is a rational expression, made up of elements of R connected with addition, subtraction, multiplication, integer scalar multiplication, powers, and division by units.
- Since ring homomorphisms preserve rational expressions, the resulting expression is an element of R.
This substitution is formalized as the evaluation map (a ring homomorphism) φb:R[x]→R. Applying the evaluation map to a polynomial f can be denoted φb(f), but is more often denoted f(b), the evaluation of f at b.
Lemma: The evaluation map is surjective.Since there is a constant polynomial r∈R[x] for every r∈R, and constant polynomials remain unchanged by the evaluation map, every element of R gets mapped to.
Theorem: R[x]/(x)≅R.- The evaluation map φ0:R[x]→R, which evaluates a polynomial at 0, has kernel (x). To see this, notice that for every f∈R[x], φ0(f)=f(0)=0 implies the constant coefficient is 0, and therefore f(x)f(x)f(x)f(x)=anxn+…+a2x2+a1x+0a0=anxn+…+a2x2+a1x=x(anxn−1+…+a2x+a1)∈(x) so the kernel of φ0 is (x).
- The first ring isomorphism theorem says R[x]/ker φ0≅im φ0. We just showed ker φ=(x), and since φ0 is surjective, im φ0=R, therefore the above becomes R[x]/(x)≅R.
Remember that you can always divide by a monic polynomial in polynomial rings. We’ll see that division relates to evaluation in multiple ways:
Remainder Theorem: When f∈R[x] is divided by x−a, the remainder is f(a).Since x−a is monic, the division algorithm implies some unique q,r such that f=(x−a)q+r. Evaluating at a gives f(a)=(a−a)q+r=r. Therefore, the remainder r is f(a).
Factor Theorem: In polynomial rings over a field F[x], f(a)=0 iff f=(x−a)q for some unique polynomial q.The evaluation f(a) replaces x with a. If f=(x−a)q, then f(a)=(a−a)q=0q=0. Conversely, if f(a)=0, then since x−a is monic, by the remainder theorem f divided by x−a results in f=(x−a)q+f(a). But f(a)=0, so this becomes f=(x−a)q.
When f(a)=0, then a is called a root of f, and the following are equivalent:
- f(a)=0
- f=(x−a)q for some polynomial q
- f∈(x−a), the principal ideal generated by x−a
Since the factor theorem lets you factor a polynomial by finding its roots, finding the roots of polynomials is pretty important if you want to factor polynomials.
Theorem: A degree n polynomial has at most n roots.This is easily proved by induction by applying the factor theorem n times.
The theorems below are useful for factoring a polynomial (i.e. find roots) in a given polynomial ring. Here is an important one for integer polynomials ∈Z[x]:
Rational Roots Theorem: Let f=a0+a1x+a2x2+…+anxn∈Z[x]. If a0=0 and an=0, then for every rational root c/d, c divides the constant a0 and d divides the leading coefficient an.- Let c/d be a rational root of the polynomial f=a0+a1x+a2x2+…+anxn∈Z[x].
- Assume c,d are coprime integers – if they are not, divide both c and d by their GCD to make them coprime.
- Since c/d is a root of f, we have f(c/d)=0: a0+a1(c/d)+a2(c/d)2+…+an(c/d)n=0
- Multiply both sides by dn: a0dn+a1dn−1c+a2dn−2c2+…+ancn=0
- From here, we can go in two directions. First, isolate the a0dn term and factor out c from the other terms: c(a1dn−1+a2dn−2c+…+ancn−1)=−a0dn This means c is a factor of −a0dn. Since c,d are coprime integers, c must divide a0.
- Second, isolate the ancn term instead and factor out d from the other terms: d(a0dn−1+a1dn−2c+a2dn−3c2+…+an−1cn−1)=−ancn Similarly, this means d is a factor of −ancn. Since c,d are coprime integers, d must divide an.
Corollary: when f is monic, the only rational roots are all the integer factors of a0.
To remember this theorem, you can think about the polynomial x−c which obviously has a root c/1. So the numerator divides the constant c, and the denominator divides the leading coefficient 1.
Corollary: m is irrational (∈Q) unless m is the square of an integer.- Try to interpret m as a rational root (∈Q) of some polynomial ∈Z[x].
- If m∈Q, it would be a rational root c/d of the polynomial x2−m. We know m is one such root.
- By Rational Roots Theorem, c∣m and d∣1, therefore d=±1. Then c/d=±c so the root m must be some integer ±c. Therefore m is the square of some integer.
Corollary: nm∈Q unless m is the nth power of an integer.- (Same proof as above)
- If nm∈Q, it would be a rational root c/d of the polynomial xn−m. We know nm is one such root.
- By Rational Roots Theorem, c∣m and d∣1, therefore d=±1. Then c/d=±c so the root nm must be some integer ±c. Therefore m is the nth power of some integer.
In this section, we classify the unique factorization of real and complex polynomials.
All the work involved in factoring complex polynomials rests on this one theorem:
Fundamental Theorem of Algebra (FTA): If f∈C[x] is a nonconstant polynomial, then f has a root in C.The proof often requires complex analysis or topology. Here is a proof due to Artin, trying not to use many ideas outside of ring theory:
- It is a theorem that if you treat evaluation of the polynomial f∈C[x] as a map C→C, then f is continuous.
- Evaluate f at each point on a circle Cr of radius r around the origin of the complex plane. Since f is continuous, the images f(Cr) represent some loop on the complex plane. Each point on the circle Cr can be represented in polar coordinates as z=reiθ for some angle θ. Let its corresponding point on the loop f(Cr) be f(z).
- There are two loops we want to consider:
- First, with r approaching 0, we know the images f(Cr) are all close to the constant coefficient c0 of f. So f(Cr) is a tiny loop around c0. We assume c0 is nonzero – if it’s zero then f(0)=0 implies 0 is a root and we are done.
- Second, with r approaching ∞, we know the images f(Cr) are very large but also represent some loop. Since for large values the leading term cnzn of f(z) dominates the other terms, which we can write as f(z)−cnzn, we know ∣f(z)−cnzn∣<∣cnzn∣ and (because ∣cnzn∣=cn∣rneinθ∣=cnrn) therefore ∣f(z)−cnzn∣<cnrn. This implies the distance between f(z) and the leading term cnzn is always less than cnrn, no matter what θ is. If you imagine θ increasing, then as cnzn=cnrneinθ walks a circle of radius cnrn around the origin, while f(z) (being continuous) is following a distance less than cnrn behind and therefore the loop it traces must also enclose the origin.
- Importantly, the first loop does not enclose the origin, while the second one does. Since f is continuous, varying r within (0,∞) will continously vary the corresponding loop between one that doesn’t enclose the origin and one that does. So at some r between 0 and ∞, the resulting loop crosses the origin, and therefore we get a root f(reiθ)=0 for some θ.
Corollary (FTA in C[x]): For every complex polynomial f∈C[x], you can write it in the form f=k∏i(x−ui) where k is the leading coefficient and ui are all the roots.This is repeated application of the FTA. You apply FTA to find a root a, factor it out with the factor theorem to get f=(x−a)g, and repeat with g until g is a constant polynomial k. Since we’re always factoring out a monic polynomial x−a, the leading coefficient never changes, and so the final k is the leading coefficient of f.
Conjugate Root Theorem: if a+bi∈C is a root of a real polynomial f∈R[x], then a−bi is also a root.- Since complex conjugation x fixes the real numbers, f(a+bi)=f(a+bi) when f is a real polynomial.
- Therefore, if f(a+bi)=0, then f(a+bi)=0 and therefore f(a−bi)=f(a−bi)=0 implies a−bi is also a root of f.
Corollary (FTA in R[x]): For every real polynomial f∈R[x], you can write it in the form f=k∏i(x−ui)∏iqi where k is the leading coefficient, ui are all the real roots, and qi are all the monic irreducible real quadratics.- Do the same thing you did for complex polynomials, factoring f into a product f=k∏i(x−ui) where the roots ui are complex.
- Since the coefficients of f are real, by the Conjugate Root Theorem, the complex roots come in conjugate pairs. Then the product of their corresponding factors, (x−(a+bi))(x−(a−bi))=x2−2ax+(a2+b2), is a monic irreducible real quadratic, i.e one of the qi.
- Therefore, after combining all complex factors into monic real quadratic factors, f can be written in the form k∏i(x−ui)∏iqi where qi are the product of each conjugate pair of complex factors within the original ui.
Corollary: all irreducible polynomials in R[x] are linear or quadratic (have degree 1 or 2).
We see that the Fundamendal Theorem of Algebra implies that (nonconstant) polynomials in C[x] or R[x] factor uniquely into a constant times a product of (monic) irreducible factors.
In this section, we examine the ideals of a polynomial ring.
Let’s explore what the ideals A of a polynomial ring R[x] look like.
Therefore: If R[x] is a Euclidean domain, then every ideal in R[x] is principal – generated by a single element, in this case a unique monic polynomial.- If A is the zero ideal, it is generated by 0 and we are done.
- Otherwise, A contains a nonzero polynomial.
- We can divide by monic polynomials, but A doesn’t necessarily contain one, unless R[x] is a Euclidean domain – then we can make any polynomial monic by dividing the polynomial by the leading coefficient. Since any product with an element in the ideal A is also in A, A always contains a monic polynomial.
- Take a monic polynomial of minimal degree g in A. Every polynomial f∈A must have g as a factor because the division algorithm lets us divide by monic polynomials.
- Then the division algorithm says f=gq+r where either r=0 or deg r<deg g.
- Since r=f−gq, r must also be in A. We can also make r monic and the result is also in A.
- Since deg r<deg g contradicts g being the monic polynomial of minimal degree in A. Therefore r=0.
- This means f=gq. Since f was arbitrary, g generates A.
- To show that
g
uniquely generates
A,
assume that
h
is another generator of
A.
Then
g
and
h
generate each other:
g=hq
and
h=gq′.
But monic polynomials that divide each other are
equal,
so
g=h.
- deg g=deg hq implies deg g≥deg h, and deg h=deg gq′ implies deg h≥deg g. Therefore deg g=deg h.
- deg g=deg h implies that q,q′ are constant polynomials that don’t affect the degree of the product. The fact that both g,h are monic (leading coefficient is 1 before and after multiplying by q,q’) implies that q,q′ are both 1. This implies g=h.
This means we can write all quotient rings of F[x] (F a field) as F[x]/(h), where h is some monic polynomial. Since the generator of every ideal is unique, this implies a bijection between monic polynomials in F[x] and nonzero ideals in F[x].
When every ideal of a ring is principal, we have a principal ideal domain (PID).
It turns out every Euclidean domain is a PID.
Theorem: All Euclidean domains are PIDs.- Let R be a Euclidean domain with norm f. Then for every element a∈R, we can divide a by nonzero b∈R to get a=bq+r where either r=0 or f(r)<f(b).
- We can show that for every ideal I in R, every element a of I is generated by some element $b$ with the smallest norm f(b). That is, a=bq for some q∈R.
- This follows immediately from the division algorithm. We have a=bq+r, and since f(b) is minimal by definition, there is no f(r) such that f(r)<f(b), therefore r=0.
In this section, we determine what it means to quotient in polynomial rings defined over a field F.
In particular, when F is a field, then F[x] is a Euclidean domain and therefore a PID. Let’s explore polynomial rings defined over a field F.
Therefore: The elements of F[x]/(h) are every polynomial in F[x] with degree less than deg h, under the relation h(x)=0.- When you quotient by some ideal ⟨h⟩, you’re effectively sending the polynomial h to 0 and therefore enforcing the relation h(x)=0 on the polynomial ring. That means whenever f=hq, f=0.
- But in a Euclidean domain, every polynomial f of degree at least deg h can factor out h: f=hq. This means every polynomial of degree deg h and above gets sent to 0.
- The remaining polynomials are necessarily of degree less than deg h.
Example: F[x]/(x2)≅ all linear and constant polynomials in F[x].We identify x2 with 0, so all the degree 2+ polynomials get sent to 0, leaving only the degree 1 and 0 polynomials (and the zero polynomial).
Example: R[x]/(x2+1)≅C.- Here we identify x2+1 with 0. We can understand this as x=−1=i (in C).
- Since every resulting polynomial is at most degree 1, they are in the form c0+c1x.
- In other words, the elements of R[x]/(x2+1) are c0+c1i.
- This is exactly how we write elements a+bi of C, so the two rings are isomorphic.
Example: Q[x]/(x3−2)≅Q(32).- Here we identify x3−2 with 0. We can understand this as x=32 (in R).
- Since every resulting polynomial is at most degree 2, they are in the form c0+c1x+c2x2.
- In other words, the elements of R[x]/(x2+1) are c0+c132+c2322.
- But this is the same as adjoining an element 32 to Q.
To generalize these last two examples, when F is a field and h is irreducible, we can take the quotient F[x]/(h) to form a ring isomorphic to F[c], where c is a solution to h=0 (i.e. a root of h). It turns out the result is a field:
Theorem: F[x]/(h) is a field iff h is irreducible.- Since F[x] is a PID, the result follows directly from this theorem.
- (Note that if h is reducible, then F[x]/(h) sends h=fg to 0, meaning there are zero divisors f,g so the result fails to be even an integral domain.)
In other words, the quotient rings of polynomial rings can be used to construct field extensions, which we’ll explore in depth later on.
In this section, we introduce how the derivative of a polynomial helps determine roots.
The derivative f′ of the polynomial f∈F[x] can be constructed by taking each term of f (aixi), and mapping it to iaixi−1, where i is mapped into F using the canonical homomorphism Z→F (i.e. taking 1+1+… but i times.)
The derivative helps us determine when a polynomial has multiple roots. α is a multiple root of f if f has a factor (x−α)n for some n≥2.
Theorem: If the derivative of a polynomial f shares a root α with f, then α is a multiple root of f.- Since f has α as a root, factor out f=(x−α)g. To show that α is a multiple root, we can show that g also has α as a root, i.e. g(α)=0.
- By the product rule, f′=(x−α)g′+g. Since f′(α)=0, we have 0=(α−α)g′(α)+g(α), implying 0=g(α), implying α is a root of g.
Corollary: If the derivative of an irreducible polynomial f is nonzero, then f and f′ share no factors.Irreducible polynomials f can only share a factor (itself) with either 0 or polynomials of greater or equal degree. Since the derivative f′ always has lesser degree, f′ has to be zero in order for f and f′ to share a factor.
-
December 4, 2023.
Exploration 4: Factorization
Questions:
- When is a factorization unique?
To factor an element is to consider it as a product of other elements in the ring. For instance, in the ring of integers Z, the integer 6 typically factors into 2⋅3. By multiplying both factors by the unit −1, we obtain −2⋅−3 as another valid factorization. Are these the only factorizations of 6 (up to reordering)?
No — we also have 1⋅6 and −1⋅−6. general, factorizations like a=1a, or a=u(u−1a) (where u is a unit) are trivial factorizations, because such factorizations exist in any ring and are therefore not interesting. So when we talk about factorizations we generally mean nontrivial factorizations, i.e. factorizations into nonzero non-units.
When an nonzero, non-unit element cannot be factored further because all of its factorizations are trivial, we call it an irreducible element, or simply an irreducible. Otherwise, the element is reducible.
Another way to define an irreducible element is the following:
Theorem: If an irreducible a factors into bc, then either b or c is a unit.The fact that a is irreducible means any factorization bc is trivial, so either b or c is a unit.
In this section, we explore whether factorization terminates.
Let a be a reducible element. If we repeatedly perform nontrivial factorizations on a, we’d first obtain a=bc. Then nontrivial factorizations of b and c gives us a=(de)(fg). Ideally this process terminates once there are no more nontrivial factorizations possible, i.e. all our factors are irreducibles. But does this process ever terminate?
a1=a2b2=(a3b3)b2=((a4b4)b3)b2=… assume a2 is reducible assume a3 is reducible assume a4 is reducible
With every step we shave off some nonzero non-unit factor bi. But nothing says that ai eventually becomes irreducible, and nothing says that this process must terminate. In fact, even if the ring is finite, it’s possible to find an infinite amount of factors bi that you can shave off from a given element a1. We’ll actually see an example of that later.
When we’re in an integral domain, there is a better way to characterize this process that avoids introducing extraneous variables like bi. We use a chain of inclusions of principal ideals — the above can be summarized as (a1)⊊(a2)⊊(a3)⊊(a4)⊊… The expression (a1)⊊(a2) says two things:
- (a1), being a subset of (a2), implies a2∣a1, equivalent to our a1=a2b2 above.
- (a1), being a proper subset of (a2), means this a1=a2b2 cannot be a trivial factorization, because in an integral domain a1,a2 differ by a unit b2 if and only if (a1)=(a2).
Therefore the existence of this “ascending chain” of principal ideals expresses the existence of a sequence of nontrivial factorizations, exactly what we were expressing before with ai and bi. Then in order to ensure that the process of factoring a1 terminates, we must guarantee that every such chain starting from (a1) is finite.
Expanding this guarantee to all elements in the ring results in a condition called the ascending chain condition on principal ideals (ACCP): the guarantee that there exists no infinite strictly ascending chain of principal ideals in the ring. If an integral domain satisfies the ACCP, then factorization always terminates, leaving you with a product of irreducibles.
Theorem: If a ring R satisfies the ACCP, then so does its polynomial ring R[x].- Let (f1)⊊(f2)⊊… be an ascending chain of principal ideals in R. WTS this chain is finite.
- As mentioned previously, this is just a fancy way of saying fi−1=fiq where q is not a unit. For polynomial rings, where nonzero non-units are the non-constant polynomials, this means that fi divides fi−1 in a way that decreases the degree of fi−1.
- Since degree is finite and is strictly decreasing as you go up the chain, the chain must include an ideal generated by a polynomial of degree 0, i.e. a constant polynomial c∈R.
- But since R satisfies ACCP, there cannot be an infinite ascending chain of ideals starting from c, and therefore the inclusion of (c) in the chain implies it is finite. Therefore R[x] satisfies the ACCP.
If we are guaranteed that the process of factorization always terminates, then every (nonzero, nonunit) element a can be factored into a product of irreducibles ∏ipi (times some unit u). For this reason, integral domains for which ACCP holds are called factorization domains.
In this section, we briefly examine how zero divisors complicate factorization.
Our assumption above of being in an integral domain is in fact required, because the existence of zero divisors loses the guarantee that factorization terminates if the ring satisfies the ACCP.
The easiest example of this is when you have a nontrivial idempotent e, a special zero divisor. In that case, we have e=e⋅e=e⋅e⋅e=e⋅e⋅e⋅e=… implying that e factors into an infinite copies of itself, never reaching an irreducible element. Therefore the existence of a nontrivial idempotent shows that not every nonzero nonunit can be factored into a product of irreducibles, even if the ring satisfies the ACCP.
This makes integral domains, which have no zero divisors, particularly suited for nontrivial factorizations. Here’s one property that showcases this fact:
Theorem: In an integral domain, two distinct nontrivial factorizations cannot share a factor.Since cancellability holds in integral domains, if an element a has two nontrivial factorizations a=bc=bd that share the factor b, then we cancel b to get c=d, implying that the two factorizations are not distinct.
We can use this to prove a useful fact about irreducibles in an integral domain:
Corollary: In an integral domain, two elements a,b that differ by an element differ by a unique element c.If a=bc for some c that is not unique, then there are at least two distinct factorizations a=bc=bd, which isn’t possible in an integral domain as we just proved. Therefore c is unique.
Corollary: In an integral domain, if two irreducible elements a,b differ by an element, then they differ by a unique unit c.This is the above theorem combined with the fact that if a=bc for some c, then irreducibles only have trivial factorizations, and thus c can only be a unnit.
In this section, we explore what is required to make factorizations unique.
Recall the fundamental theorem of arithmetic: “every integer greater than 1 can be factored into a unique product of prime numbers.”
This statement mirrors the guarantee provided by factorization domains: every element can be factored into irreducibles. But is this factorization unique? In other words, does the fundamental theorem of arithmetic extend to all factorization domains? Let’s see:
Therefore: in a factorization domain, if every irreducible p dividing some product ∏ipi must divide one of the factors pi, then factorization is unique (up to units).- Let R be an factorization domain, i.e. an integral domain that satisfies the ACCP. Then every nonzero non-unit element a∈R can be written as a product of irreducible elements pi (and a unit u): a=ui=1∏npi
- Recall that in an integral domain, an irreducible element b dividing a product a implies that a,b differ by a unique factor c. That means if a has two nontrivial factorizations that share a factor p1, then a=p1b, so they differ by a unique element b. If this b also has two nontrivial factorizations that share a factor p2, then b=p2c, so they differ by a unique element c, and so on.
- Thus if we enforce the property that every two factorizations of the same element must share a factor, then eventually this process stops at 1=1, where every factor pi must be unique, implying that factorizations are unique.
Note that in a factorization domain, every two factorizations a=bc=bd share a factor b iff they share some irreducible factor p, so given p, we have a=pn for some unique n. Then: a⟺bc=pn=pn Since p is irreducible, it must be a factor of b or of c. Then the other factors (c or b respectively) divide n, so either n=cc′ or n=bb′. ⟺bc=p(cc′)⟺b=pc′⟺p∣b or bc=p(bb′) or c=pb′ or p∣c So our original condition that two factorizations share a factor b is equivalent to saying that if an irreducible factor p divides a factorization bc, then either p divides b or p divides c. p∣bc⟹p∣b or p∣c When this condition holds for an element p for all factorizations, we say that p is prime.
Theorem: In an integral domain, if p is prime, then its only non-unit divisor is p.- Say that q is a non-unit divisor of p, so p=qr for some non-unit r. Then p∣p implies p∣qr. By the prime property, either p∣q or p∣r.
- If p∣q, then p,q divide each other, meaning q=p and we are done.
- If p∣r, then r=ps for some s, meaning p=q(ps). Since we’re in an integral domain, we cancel p on both sides to get 1=qs, implying that q is a unit.
Thus if every irreducible in an factorization domain R has this property (every irreducible is prime), then the fundamental theorem of arithmetic holds, thus factorization in R is unique. When every irreducible is prime, we call R a unique factorization domain (UFD).
In fact, this property is enough to show the converse of the fundamental theorem:
Theorem: UFDs are exactly the factorization domains in which every irreducible is prime.- (→):
Assuming factorization is unique, we must show that for an irreducible
p,
p∣ab
implies
p∣a
or
p∣b.
- If p∣ab, then we have pq=ab for some q.
- Let the unique factorizations of a,b,q be ua∏iai,ub∏ibi,uq∏iqi respectively. Then p(uqi∏qi)=(uai∏ai)(ubi∏bi)
- Since factorization is unique, p appearing on the LHS implies it appears on the RHS as well (perhaps after multiplying by a unit). Then it will appear as either a factor ai or a factor bi.
- That means either p∣a or p∣b, and therefore the arbitrary irreducible p is prime.
- (←): proved earlier.
In this section, we explore the ideals generated by irreducibles.
Before we get deeper into primes, let’s check out the ideals generated by irreducibles. One reason irreducibles are interesting is because they are exactly the elements that generate maximal principal ideals:
Theorem: In an integral domain, only the irreducible elements generate maximal principal ideals.- (→)
If
p
is irreducible, WTS
(p)
is a maximal principal ideal.
- (p) is maximal among proper principal ideals if (p)⊆(q) for some other proper principal ideal (q) implies (p)=(q).
- (p)⊆(q) means p=qr for some r, which must be a unit because p is irreducible and q (being in a proper ideal (q)) is not a unit. (proof) So we can write q=r−1p.
- But that means (q)⊆(p). Therefore (p)=(q) and (p) is indeed maximal among proper principal ideals.
- (←)
If
(p)
is a maximal principal ideal, then WTS
p
is irreducible.
- We just need to show that whenever p=qr, either q or r is a unit.
- If neither are units then we have (p)=(qr)⊊(q) (proof). Again since q is not a unit, (q) is a proper principal ideal. (proof)
- But then (p) is not maximal since it is properly contained in a proper principal ideal, contradiction. Therefore either q or r is a unit, and so p is irreducible.
Corollary: In a PID, irreducible elements are the elements that generate maximal ideals.
Recall that a principal ideal domain (PID) is one where every ideal is a principal ideal. They, too, are UFDs:
Theorem: Every PID is a UFD.- WTS PIDs satisfy the ACCP and thus are a factorization domain.
- In a PID, the union of any ascending chain of ideals (a1)⊊(a2)⊊… is a principal ideal (an).
- But this union contains every ideal in the chain, meaning all (ai)⊆(an). Importantly, any ideal after (an) in the chain must be equal to (an), and therefore any ascending chain of ideals cannot grow infinitely.
- Therefore PIDs satisfy the ACCP.
- WTS every irreducible in a PID is prime, so that the PID is a UFD.
- Let p be an irreducible and say p=ab.
- Irreducibles are the elements that generate maximal principal ideals, so in particular, (p) is maximal.
- Assume WLOG that p∣ a, so that proving p∣b is enough to show that p is prime.
- Let (p,a) be the ideal generated by p and a.
- If p∣ a, then (p)=(p,a). In fact, since (p) is maximal and (p,a) is strictly larger than (p), then (p,a) must be the ideal (1) which is the entire ring.
- In that case, some linear combination of p and a generates 1, so we have some xp+ya=1 for some x,y. Multiply by b to get (xp)b+y(ab)=b, showing that xp and ab generate b. But p divides xp and ab, therefore p divides any element they generate, including b. Therefore p is prime.
Corollary: Every polynomial ring over a field is a UFD.Recalling that the integers Z are a PID, we get an interesting result: the integer polynomials form a UFD.
Lemma: R is a PID and p is prime iff R/(p) is a field.Theorem: If p prime in Z, then Zp[x] is a UFD.Corollary: R is a PID and p is irreducible in R iff R/(p) is a field.This is just a restatement of the above, since PIDs are UFDs and irreducibles are prime in UFDs.
In this section, we explore the ideals generated by primes.
Let’s first get a little more intuition of why prime ideals are called prime:
Theorem: Prime elements p generate prime principal ideals (p).We need to show that ab∈(p) implies either a∈(p) or b∈(p). ababpp∣a a=k1p a∈(p) ∈(p)=kp∣abor p∣bor b=k2por b∈(p) for some k because p is prime for some k1,k2 Therefore, (p) is a prime ideal.
The converse holds in integral domains, with a similar proof.
Theorem: In an integral domain, all principal prime ideals (p) are generated by primes p.Given (p) is a prime ideal, we need to show that p∣ab implies p∣a or p∣b. pababa∈(p) a=k1p p∣a ∣ab=kp∈(p)or b∈(p)or b=k2por p∣b for some k since kp∈(p) because (p) is a prime ideal for some k1,k2
Corollary: In an integral domain, the principal prime ideals are exactly the ideals generated by primes.
Corollary: p is prime iff R/(p) is an integral domain.We know that if every irreducible is prime, then we must be in a UFD. But when is every prime irreducible?
Theorem: Every prime is irreducible exactly when the ring is an integral domain.If a prime p is reducible to p=ab, then p∣a or p∣b. WLOG assume p∣a, so a=kp for some k. Then: ppp−kpbp(1−kb)1−kb1=ab=kpb=0=0=0=kb since we’re in an integral domain implies that b is a unit, and since p=ab implies b is a unit, p is irreducible.
-
December 5, 2023.
Exploration 5: Irreducibility
Questions:
- When is a polynomial irreducible?
- What happens to irreducibility when you turn a ring into a polynomial ring?
- How do you determine irreducibility given an element?
Recall that in a UFD, every element factors into a unique product of irreducible elements. For instance, in the ring of integers Z, element uniquely factor into positive factors. In the polynomial ring R[x], elements uniquely factor into monic factors.
In an arbitrary UFD, there is no general way to identify such elements (like “positive” or “monic”), but we can do something else: call two elements associate (denoted a∼b) if they differ by a unit.
Theorem: Only the units are associate to 1.If an element r is associate to 1, it means r=1u for some unit u, which implies r is that unit.
Then instead of saying that a factorization is unique up to multiplication by units, we can equivalently say factorization is unique up to associates.
Here are some properties of associate elements:
Theorem: In an integral domain, two nonzero elements are associate iff each generates the other.
Corollary: In an integral domain, two nonzero elements are associate iff they divide each other.This is because if two nonzero elements a,b generate each other, then a=bx and b=ay implying a∣b and b∣a.
Theorem: In an integral domain, if a divides b, so do all the associates of a.Assume a∣b. If c is an arbitrary associate of a (c∼a), then a=uc for some unit u, thus: aucuccc∣b∣b=bd=b(u−1d)∣b for some d
In this section, we define GCD and LCM and their implications for UFDs.
The greatest common divisor (GCD) of two elements gcd(a,b) is a “greatest” element in the ring that divides both a and b, in the sense that any other divisor of both a and b divides a GCD.
Similarly, the least common multiple (LCM) of two elements lcm(a,b) is a “least” element in the ring that is a multiple of both a and b, in the sense that a LCM divides any other multiple of both a and b.
Note that this notion of “least” and “greatest” rely on some divisibility partial order, which only exists in some rings. gcd(a,b) is a greatest element among all divisors of both a and b, and lcm(a,b) is a least element among all multiples of both a and b.
Also note that there can exist multiple GCDs and LCMs in a ring, a fact that we’ll deal with immediately:
Theorem: In an integral domain, GCD and LCM are uniquely determined up to associates, if they exist.- Recall that elements that divide each other are associate.
- If there are two GCDs, then by definition they divide each other and are thus associates.
- Similarly, if there are two LCMs, then by definition they are a multiple of each other, meaning they divide each other, and are thus associates.
The GCD is very powerful, as the rest of this exploration will demonstrate. But first we need this important property of the GCD:
Theorem: gcd(ca,cb)∼c⋅gcd(a,b)- It is enough to prove that the two sides divide each other.
- gcd(ca,cb)∣c⋅gcd(a,b): any divisor of both a and b must divide gcd(a,b), by definition of GCD. Multiplying by c, any divisor of both ca and cb must divide c⋅gcd(a,b). But gcd(ca,cb) is such a divisor.
- c⋅gcd(a,b)∣gcd(ca,cb): since gcd(a,b) divides both a and b, multiply by c to find that c⋅gcd(a,b) divides both ca and cb. Therefore it also divides their greatest common divisor, gcd(ca,cb).
Using this we can prove that, in fact, the existence of GCDs in a factorization domain is equivalent to saying that every irreducible is prime.
Theorem: In a factorization domain, every irreducible is prime iff GCDs exist.- (→)
- Since every irreducible is prime in a factorization domain, it’s a UFD (proof) and therefore every element has a unique factorization into prime elements.
- Then to get the GCD, you can just take the unique product of all the common factors of two elements, which means taking the minimum exponent of each common prime power factor.
- (Note that you can similarly get the LCM by taking the unique product of all the common multiples of two elements, which means taking the maximum exponent of each common prime power factor.)
- (←)
- Given irreducible p, WTS it is prime.
- If p∣ab, then d=gcd(a,p) is a divisor of p.
- Since p is irreducible, either d∼p or d∼1.
- If d∼p, we already know that d∣a by definition of GCD. Since associates of divisors are also divisors (proof), we have p∣a.
- Otherwise, d∼1 means gcd(a,p)∼1. Multiply by b on both sides to get gcd(a,p)b∼b. Then by the lemma, gcd(ab,pb)∼b, and therefore ab∣b. Recalling that p∣ab, this implies p∣b.
- So either p∣a or p∣b, meaning irreducible p is prime.
Corollary: A factorization domain is a UFD iff GCDs exist.This is because a factorization domain is a UFD iff every irreducible is prime, which we just proved is equivalent to saying GCDs exist.
In this section, we introduce the Bézout identity relating GCDs to elements in the ring.
We know that fields and Euclidean domains permit division by some division algorithm. Observe that both also have GCDs:
The existence of GCDs in a Euclidean domain imply support for what is called the extended Euclidean algorithm in Euclidean domains. This algorithm calculates the GCD of some given f and nonzero g as a linear combination of f and g, resulting in the Bézout identity gcd(f,g)=af+bg.
Theorem: For every f and nonzero g in a Euclidean domain R, their GCD can be expressed gcd(f,g)=af+bg for some a,b∈R.- If we divide some f∈R by some nonzero g∈R, we have f=gq1+r1 for some q1,r1∈F[x] (where either r1=0 or deg r1<deg g.)
- If r1=0, we are done: then gcd(f,g)=f and we have gcd(f,g)=1f+0g.
- Otherwise, dividing g by r1 gives g=r1q2+r2.
- If r2=0, we are done: then gcd(f,g)=r1 and f=gq1+r1 implies gcd(f,g)=1f−q1g.
- Otherwise, dividing r1 by r2 gives r1=r2q3+r3.
- If r3=0, we are done: then gcd(f,g)=r2 and g=r1q2+r2 implies gcd(f,g)=g−r1q2, which simplifies to gcd(f,g)=g−r1q2=g−(f−gq1)q2=g−fq2+gq1q2=(−q2)f+(1+q1q2)g using f=gq1+r1
- Otherwise, the idea is to continue doing this until you get rk=0, thus gcd(f,g)=rk−1 and you can backsubstitute each ri to express the GCD as a linear combination gcd(f,g)=af+bg for some a,b.
Finally, two elements are coprime if their GCD is a unit, i.e. the GCD is associate to 1.
Corollary: If f or g are coprime in a Euclidean domain R, 1=af+bg for some a,b∈R.Coprime means the GCD is associate to 1, so gcd(f,g)=af+bg becomes 1=af+bg.
Corollary: If f is prime, then for every nonzero g, gcd(f,g) must be either 1 or f.Since f is prime, its only nonunit divisor is f. Therefore gcd(f,g)=f if f∣g, and gcd(f,g)=1 otherwise.
Theorem: In a PID, nonzero prime ideals (p) are maximal.(p) (being a nonzero principal ideal) contains every element with a factor of p, so any element r∈R outside of (p) must be coprime to p. Since adding any outside element r to (p) makes it equal to (p,r)=(gcd(p,r))=(1)=R, i.e. not a proper ideal anymore, (p) must be maximal.
Theorem: Every quotient of a Euclidean domain R by a prime ideal is a Euclidean domain.Since Euclidean domains are PIDs, and nonzero prime ideals (p) are maximal in PIDs, either (p) is zero or a maximal ideal. If (p) is zero then R/(p)≅R results in the same ring, which is a Euclidean domain. If (p) is maximal, then R/(p) is a field and therefore a Euclidean domain.
In this section, we revisit the relationship between rings and polynomial rings defined over them.
We already have enough to prove an interesting fact about polynomial rings that are also PIDs:
Theorem: If R[x] is a PID, R is a field.Corollary: If R[x] is a PID, then it is also a Euclidean domain.This is because polynomial rings defined over a field are Euclidean domains.
Now just like we did in rings in general, we call a non-constant polynomial f∈R[x] irreducible if it can’t be factored into two non-units. However, there are a number of facts about polynomials that help us determine whether a polynomial is irreducible.
First, since x has no inverse, the units in a polynomial ring can only be the units in R as constant (deg 0) polynomials.
Second, the inability to factor into two non-units is a hard property to prove in general, but there is a shortcut for polynomial rings:
Theorem: For polynomials with degree ≥2, irreducibility implies having no roots.According to the factor theorem, having a root a means f=(x−a)q, where deg q is at least 1 since deg f is at least 2. But that means you just factored into two non-unit factors (x−a) and q, meaning that f is reducible.
This means saying a polynomial is irreducible is one way to say it has no roots. Take the contrapositive, and you get a way to check irreducibility: if a polynomial has roots, then the polynomial is reducible.
The converse is not true in general, but it is true for degree 2 and 3 polynomials:
Theorem: For degree 2,3 polynomials, having no roots implies irreducibility.When we factor a polynomial f into a product ab, we have f=ab implies deg f=deg a+deg b. If deg f is 2 or 3 and has no roots (i.e. linear (deg 1) factors, by the factor theorem), necessarily one of deg a and deg b must be 0, meaning f is irreducible.
Otherwise, determining irreducibility in polynomial rings R[x] can be largely reduced to finding roots. For instance, x2+1 has no roots in R but does in C, so it’s irreducible in R[x] but reducible in C[x].
If we’re in Q[x] or Z[x] we could think about using the Rational Roots Theorem to classify all the rational roots of the polynomial. However, finding these roots is also an enumerative task, and we’d like to avoid that.
There is a theorem that leads to fast irreducibility checking for polynomials in Z[x], and it relies on the reduction homomorphism, which applies mod p (p prime) to coefficients of an integer polynomial f∈Z[x]. This gives you the reduction of f modulo p, written fˉ. (Formally: f↦fˉ=∑iaixi↦∑aˉixi:Z[x]→Zp[x].)
Modular Irreducibility Test: For a nonzero polynomial f∈Z[x], suppose there is a prime p where- p doesn’t divide the leading coefficient of f
- reduction fˉ mod p is irreducible in Zp[x].
- Towards contradiction, assume f is not irreducible in Q[x]. Then there is a proper factorization f=gh, where deg g<deg f.
- We know that deg gˉ≤deg g since it’s possible that the leading coefficient of g gets mapped to 0, decreasing its degree. This isn’t possible for fˉ since it’s given that p doesn’t divide the leading coefficient of f. So overall, we have deg gˉ≤deg g<deg f=deg fˉ
- Similarly for h, deg hˉ≤deg h<deg f=deg fˉ
- But since f=gh, we know fˉ=gˉhˉ where deg gˉ<deg fˉ and deg hˉ<deg hˉ, implying there is a proper factorization for f in Zp[x]. But this contradicts our second assumption.
Example: x3+4x2+6x+2 is irreducible in Q[x].The rational roots theorem works, but reduction mod 3 is much easier. Reduction becomes x3+x2+2 in Z3[x]. Trying each of x=0,1,2 shows that this has no root, therefore irreducible, therefore the original polynomial is irreducible.
Example: x4+2x3+2x2−x+1 is irreducible in Q[x].Reduction mod 2 gives x4+x2+1 in Z2[x]. Trying each of x=0,1 shows that this has no root, so to be irreducible it must factor into two quadratics with no root. The only quadratic with no root in Z2[x] is x2+x+1 (Example 5) so that must be the factor. But (x2+x+1)2=x4+2x3+3x2+2x+1 which is not f. So there is no proper factorization of x4+x2+1 in Z2[x], so x4+2x3+2x2−x+1 is irreducible in Q[x].
In this section, we draw an equivalence between irreducibility in Z[x] and in Q[x].
In Z[x], we can look at the GCD of every coefficient of a polynomial. For instance, if f=3x3+6x+9, then let c(f)=gcd(3,6,9)=3. c(f) is the content of f. In general, content is defined for any ring that defines a GCD, including UFDs.
Gauss’ Lemma: In a UFD, c(fg)∼c(f)c(g) for nonzero polynomials f,g.- If ai and bj are the coefficients of f and g respectively, then every coefficient of fg is some sum ∑aibj.
- But c(fg), being the GCD of every coefficient ∑aibj, contains exactly the irreducible factors common to all aibj.
- In a UFD, factorization is unique (up to associates), so containing all irreducible factors common to all aibj implies containing all irreducible factors common to all ai (=c(f)) along with all irreducible factors common to all bj (=c(g)).
- This implies c(fg) and c(f)c(g) have the same unique factorization up to associates, and are therefore associate.
If c(f)∼1 (i.e. is a unit) then call f a primitive polynomial.
Corollary: In a UFD, products of primitive polynomials are primitive.
Lemma: Any polynomial ring R[x] over a UFD R is a UFD.- We need to prove that (1) the ACCP holds in R[x] and (2) all irreducible elements of R[x] are prime.
- Since R is a UFD, it satisfies ACCP, and therefore R[x] satisfies ACCP.
- WTS irreducibles are primes. Say we have some irreducible p. Then, note that the quotient R[x]/(p), polynomials where p is sent to 0, is isomorphic to Rp[x], polynomials where coefficents are mod p.
- Then for every irreducible p∈R:
Theorem: R[x] is a UFD iff R is a UFD.- This requires proving the converse of the above: R[x] is a UFD implies R is a UFD.
- Take any constant polynomial c∈R[x]. Since R[x] is a UFD, there is a unique factorization of c into irreducibles in R[x]. Since for c=ab we must have deg c=deg a+deg b, and deg c=0, the degree of every factor in the factorization of c must be 0. This implies that any factorization of c involves only constant polynomials ∈R, and therefore if it’s unique in R[x], it’s unique in R.
- Then we need only prove that the units of
R[x]
are the units of
R,
and that the irreducibles in
R[x]
are also irreducible in
R.
- If r∈R[x] is a unit, then rr−1=1 by the same degree argument means both r and r−1 must be constant polynomials, and therefore units in R.
- Any a∈R reducible in R is reducible in R[x]. Taking the contrapositive, any a∈R irreducible in R[x] is irreducible in R.
- Therefore, the unique factorization of c into irreducibles in R[x] (up to associates in R[x]) is also a unique factorization of c into irreducibles in R (up to associates in R). Since this is true for every c∈R, R is a UFD.
Now let’s get into irreducibility in Q and Z.
Imagine taking all the nonzero non-units a in an integral domain R and making them units by adjoining all the elements a−1. (You can’t do this when a is a zero divisor, since you can’t invert zero, which is why we require an integral domain.) The result is a field, since every nonzero element is now a unit. We call this the field of fractions of R. The representative example is that Q is isomorphic to the field of fractions of Z.
Lemma: Taking the field of fractions preserves GCDs.- WTS if gcd(a,b)=c in R, then gcd(1a,1b)=1c in F.
- Take any common divisor d/f of 1a,1b in F. Since F is a field, we can consider numerators and denominators separately. The numerators imply d∣a and d∣b in R, and since 1 has only the divisor 1, the denominators imply f=1.
- WTS 1d divides the GCD 1c. Since d is a common divisor of a,b in R, and c is the GCD of a,b in R, d divides c. But then 1d divides 1c. Therefore, 1c is also the GCD in F.
Corollary: The content of polynomials in R[x] is the same as the content of polynomials in F[x], where F is the field of fractions of R. In particular, if a polynomial is primitive in R[x], then it is primitive in F[x].
Theorem: If F is the field of fractions of the UFD R, then the factorization for f∈R[x] is the same as its factorization in F[x], but only when f is primitive.- (→) Let f be a primitive polynomial in R[x]. By Gauss’ lemma, which states c(ab)∼c(a)c(b), any factors fi of f are also primitive. Since primitive polynomials in R[x] are primitive in F[x], fi are primitive in F[x]. That means there are no factors to be pulled out of each fi in F[x], implying the two factorizations are the same (up to associates).
- (←) Let f be a primitive polynomial in F[x]. Let f=ba⋅dc for a,b,c,d∈R[x] where b,d are nonzero. Then bdf=ac, and this equation should also hold true in R[x]. Since f is primitive, ac is also primitive (by Gauss’ lemma), and therefore bd must be a unit. Therefore f=ac, and the factorizations are the same (up to associates)
Corollary: Primitive polynomials are reducible in R[x] iff they are reducible in F[x], since they have the same factorization.
Corollary: Primitive polynomials are irreducible in R[x] iff they are irreducible in F[x].
Corollary: A primitive polynomial f is irreducible in Z[x] iff f is irreducible in Q[x].Recall that the representative example of fields of fractions is Q being the field of fractions of Z.
This result leads to a very useful test for irreducibility in Q[x].
Eisenstein Criterion: For a polynomial f∈Z[x] of degree ≥1, suppose there is a prime p where- p divides all coefficients of f, except
- p does not divide the leading coefficient, and
- p2 does not divide the constant coefficient.
- First, we prove that if
p
divides all coefficients of
f∈Z[x]
except the leading coefficient, then
f
being reducible in
Z[x]
implies
p2
must divide the constant coefficient.
- If every coefficient of f but the leading coefficient has a factor p, then take the reduction mod p to get fˉ=axn∈Zp[x].
- Since f is reducible in Z[x], it is reducible and therefore has a proper factorization in Zp[x].
- p is prime, so Zp[x] is a UFD. (proof) Then the unique proper factorization of axn looks like axn=(bxi)(cxj).
- Since the factors bxi,cxj are all zero in their non-leading coefficients, then back in Z[x] they both must have a factor p in all non-leading coefficients.
- But this implies that the constant coefficient of axn=(bxi)(cxj) in Z[x] has a factor p2.
- Take the contrapositive: if the constant coefficient has no factor p2, then f is irreducible in Z[x].
- Then use Gauss’ Lemma: f irreducible over Z[x] iff f irreducible over Q[x].
Corollary: f(x) is irreducible if f(x+a) is irreducible.- This shift is an automorphism on R[x], therefore it preserves irreducibility.
- Combine with Eisenstein to show that if the criterion holds after a shift, the original polynomial is irreducible.
- TODO explain this better
Corollary: xn±p (for any n≥1 and prime p) is always irreducible by Eisenstein.
Here are a couple of examples of applying the Eisenstein criterion on various polynomials.
Example: 2x5+27x3−18x+12 is irreducible in Q[x]Eisenstein criterion with p=3.
Example: Q[x] contains an irreducible polynomial of every degree n≥1.This polynomial is xn−2, which is irreducible by the Eisenstein criterion with p=2.
Example: For a prime p, xn±p is always irreducible, except in characteristic p.Eisenstein Criterion: For a polynomial f∈Z[x] of degree ≥1, suppose there is a prime p where
- p divides all coefficients of f, except
- p does not divide the leading coefficient, and
- p2 does not divide the constant coefficient.
Then f is irreducible in Q[x].
TODO
Example: The pth cyclotomic polynomial Φp=∑ixp−i is irreducible (for prime p).Replace x with x+1 and apply binomial theorem. TODO
TODO prove that every polynomial ring over any field has at least one nonconstant irreducible polynomial
Summary
In this exploration we touched on a number of ways to determine reducibility and irreducibility for polynomial rings. Here we introduce a grab-bag of methods:
Proving f not irreducible:
- If there’s no constant term, then 0 is a root.
- If the coefficients sum to 0, then 1 is a root.
- (in Zp[x]) If there’s a factorization in Z[x] then there is a factorization in its quotient Zp[x].
- (in Q[x]) Rational Roots Theorem. If you find a rational root then not irreducible over Q. (This does not help in Zp[x] – everything divides everything there.)
Proving f irreducible:
- (general) Irreducible in Q[x] implies irreducible in Z[x] implies irreducible in Zp[x].
- (in Q[x]) Modular Irreducibility Test. If coefficients are integers, take reduction mod p (p prime) where p doesn’t divide leading coefficient. Try all elements in Zp[x] to see if they are roots – if not, it’s irreducible in Zp[x] and therefore irreducible in Q[x].
- (in Q[x]) Eisenstein criterion. If there is a prime p dividing all coefficients such that p doesn’t divide the leading coefficient and p2 doesn’t divide the constant term, then irreducible in Q[x].
- (in Q[x]) Reduce to Eisenstein criterion by replacing x with x+a. For example: x2+1 is irreducible via x↦x+1 giving x2+2x+2. x3+1 is irreducible via x↦x+2 giving x3+6x2+12x+9. x4+1 is irreducible via x↦x+1 giving x4+4x3+6x2+4x+2.
- (in Z[x]) Gauss’ Lemma. If you can show Eisenstein criterion for irreducibility in Q[x], then assuming the polynomial is primitive (can’t factor out a unit) the polynomial is also irreducible in Z[x].
- Last resort: try every possible factorization (e.g. given deg 5, try deg 4 and deg 1, then deg 3 and deg 2), letting variables stand in for coefficients. If there is no possible assignment of variables in F such that f=gh, then no possible factorization.
Both:
- Degree 2 or 3? Then having no roots is the same as irreducibility. (for quadratics: use discriminant)
We end with a classification of polynomial rings as integral domains, based on all we’ve proved.
-
December 6, 2023.
Exploration 5.1: Norm
Questions:
- What is a norm?
Recall that Euclidean domains have a division algorithm. This division algorithm required a notion of degree, which is defined as the degree of the polynomial in the case of polynomial rings. In non-polynomial rings, this notion of degree generalizes to a function R∖{0}→N mapping each nonzero to a natural number ≥0 called the Euclidean norm.
In this exploration, we’ll be looking at the Euclidean domain Z[i]. This is a fine example of an Euclidean domain that is not a field – it contains 2 and not 1/2 so it lacks multiplicative inverses, thus not a field, but you can define a division algorithm on it.
Theorem: The Gaussian integers Z[i] are a Euclidean domain.- We can define an explicit division for Gaussian integers, thus proving the condition for being a Euclidean domain.
- We can just use division in the complex numbers C except with remainder. Given two Gaussian integers a+bi and c+di, transform c+dia+bi as we do in C: c+dia+bi=(c+di)(c−di)(a+bi)(c−di)=c2+d2ac−adi+bci+bd=c2+d2ac+bd+c2+d2bc−adi
- The remaining divisions by c2+d2 are in the integers Z, a Euclidean domain. Therefore we can use the division algorithm in the integers to obtain q1,r1,q2,r2, and rewrite the above to q1+q2i with remainder r1+r2i. These satisfy the property that q1=round(c2+d2ac+bd)andq2=round(c2+d2bc−ad) and due to the rounding, ∣r1∣,∣r2∣<2c2+d2 Thus a+bi=(q1+q2i)(c+di)+(r1+r2i) This completes the division algorithm.
This division algorithm differs from the one for polynomial rings — instead of enforcing that the remainder has degree less than that of the divisor, we enforce that the magnitude of the remainder is less than 2c2+d2, which is the magnitude of c+di divided by 2. If we define the Euclidean norm N(⋅) in the Gaussian integers to be N(a+bi)=a2+b2, then we can make a statement about the norm of the remainder r1+r2i:
N(r1+r2i)=r12+r22≤(2c2+d2)2+(2c2+d2)2=2c2+d2≤N(c+di)
This shows N(r1+r2i)≤N(c+di), which is the generalized form of deg r<deg g in the polynomial version. Indeed, N(⋅)=deg ⋅ is the Euclidean norm in polynomial rings.
So in general, in particular for non-polynomial rings, a Euclidean domain defines a Euclidean norm N:R∖{0}→N, and admits a division algorithm that lets you divide a by nonzero b to obtain a quotient q and remainder r such that N(r)<N(b).
TODO proof that norm is all that is required to define a division algorithm
In this section, we explore how to define PIDs via norms.
We just saw that an integral domain R is a Euclidean domain if and only if it admits a Euclidean norm. Can we extend this kind of definition to other types of domains?
The answer is yes: for PIDs, we can similarly define such a norm.
We will use this to prove that the Gaussian integers are a PID, without using the fact that it is a Euclidean domain.
Let N(a+bi)=a2+b2
R∖{0}→N
Previously we only discussed irreducibility in the context of polynomial rings. However, elements in non-polynomial rings can also be irreducible – we only require that the element be not factorable into two nonunits.
-
December 10, 2023.
Exploration 6: Finite fields
Questions:
- How do we work with positive characteristic?
- What do finite fields look like?
Recall that the characteristic of every integral domain must be either zero or prime. Since all fields are integral domains, we can categorize each field F as either an infinite field (char F=0) or a finite field (char F=p).
Let’s begin with the finite fields. By the end of this exploration, we will have classified all of the finite fields.
In this section, we discuss the ring of integers mod n.
All we know so far about a finite field is that it must be of some prime characteristic p. Let’s first study the case where its order is exactly p — in other words, let’s study the ring of integers mod p.
First we prove that the integers mod p form a field:
Theorem: If p is prime, Zp is a field.- Recall that quotienting a Euclidean domain by a prime ideal results in a Euclidean domain. But Zp≅Z/(p) where Z is a Euclidean domain (since integer division exists) and (p) is a prime ideal, therefore Zp is a Euclidean domain as well.
- To show that Zp is also a field, recall that in a Euclidean domain, Bezout’s identity for coprime integers n,m gives 1=an+bm for some a,b∈R. Then since [p]=[0] in Zp, and p is coprime to every positive integer k less than p, we can use Bezout’s identity with [p] and [k] to get [1]=[a][0]+[b][k]=[b][k] which implies every [k] for 1≤k<p is a unit in Zp. Therefore every nonzero element in Zp is a unit, making Zp a field.
Why study Zp when this is about finite fields? It turns out every finite field (with prime characteristic p) contains Zp:
Theorem: Every prime characteristic ring contains a copy of Zp, the integers mod p.- Every ring contains the elements {1,(1+1),(1+1+1),…}, but for prime characteristic rings where p⋅1=0, this only goes up to adding p−1 copies of 1.
- These are exactly the elements that form Zp, the integers mod p, so every prime characteristic ring contains Zp in the sense that you can define an isomorphism between those elements and Zp.
In this section, we study the effects of prime characteristic.
Rings of prime characteristic have some interesting properties. For instance, recall the binomial theorem true for all rings: for every a,b∈R and every nonnegative integer n, we have (a+b)n=k=0∑n(kn)akbn−k
In a ring of prime characteristic, this sum simplifies significantly to: (a+b)p=ap+bp
Theorem: (a+b)p=ap+bp for all a,b in a ring of prime characteristic p.- By the binomial theorem, (a+b)p=∑k=0p(kp)akbp−k. Let’s focus on the coefficients (kp).
- (kp)=k!(p−k)!p! always includes a factor p in the numerator, but p (being prime) is not a factor of the denominator unless k=0 or k=p.
- Thus for other values of k, the coefficient (kp) must be zero since it includes a factor p in a field of characteristic p. For the special cases k=0 and k=p, the coefficient (kp) is equal to 1.
- Therefore (a+b)p=1ap+0+…+0+1bp=ap+bp.
This theorem is rather important, because it makes the map a↦ap look awfully like an homomorphism on rings of prime characteristic p. Which it is:
Theorem: The Frobenius endomorphism a↦ap is an endomorphism on a ring of prime characteristic p.- Let ϕ be the map a↦ap. By the previous proof we observe ϕ(a+b)=ϕ(a)+ϕ(b).
- To be a homomorphism,
ϕ
must also preserve additive inverses and multiplication.
- Preserving subtraction is easy for odd primes p, because ϕ(−a)=(−a)p=−ap=−ϕ(a). For the remaining prime p=2, recall that every element is its own additive inverse in characteristic 2, so we can directly write ϕ(a)=−ϕ(a).
- Preserving multiplication is straightforward. ϕ(ka)=(ka)p=kpap=ϕ(k)ϕ(a).
- Thus ϕ is a homomorphism from the ring to itself, i.e. an endomorphism.
Note that Fermat’s little theorem states that for any integer a, we have ap≡a mod p. So specifically for the integers mod p, Zp, the Frobenius endomorphism a↦ap(≡a) is actually the identity automorphism, mapping every a to itself. We’ll make use of this fact soon.
In this section, we classify the finite fields.
Now let’s use our knowledge of the properties of prime characteristic to study all finite fields.
Let F[x] be a polynomial ring over a finite field F.
Theorem: Every element of Zp is a root of the polynomial xp−x∈Zp[x].- Fermat’s little theorem implies that for any integer a not divisible by p (i.e. any nonzero, since p is prime), we have ap−1−1≡0 mod p.
- In other words, the polynomial xp−1−1 has every nonzero element of Zp[x] as a root. We can add the zero element as a root if we multiply by x to get xp−x.
- Thus, if you have a polynomial ring defined over a prime characteristic field like Zp[x], xp−x is a polynomial that has all p distinct roots.
TODO extend to arbitrary finite field F.
Now csonsider the quotient F[x]/(f) for some polynomial f∈F[x]. We actually already know two facts about F[x]/(f):
Theorem: F[x]/(f) is a field iff f is irreducible.
Theorem: F[x]/(f) is finite with ∣F∣deg f elements.F[x]/(f) consists of cosets [f] whose representatives are polynomials f∈F[x]. Earlier we proved that the degree of every representative is less than deg f, and therefore has at most deg f terms with ∣F∣ possible coefficients for each term. This implies that there are ∣F∣deg f distinct cosets in F[x]/(f).
Corollary: Given an irreducible degree n polynomial f∈F[x], if F is a finite field of prime order p, then F[x]/(f) is a finite field of prime power order pn.
So we can create fields of prime power order pn by taking the quotient Zp[x]/(f), where deg f=n.
One way to visualize a finite field created in this manner is by considering its elements as polynomials, whose coefficients are essentially a tuple. The elements of the prime order finite field Zp are constant polynomials represented by 1-tuples: for example, Z5 is just the set {(0),(1),(2),(3),(4)}. Quotienting Z5 by x5−3 (which is irreducible by Eisenstein) gives us a quotient field whose cosets are represented by polynomials up to degree 4, as shown earlier. Degree 4 polynomials ax4+bx3+cx2+dx+e can be represented by 5-tuples (a,b,c,d,e), where there ∣Z5∣=5 choices for each component representing the coefficient of its representative polynomial.
In this section, we prove the uniqueness of the finite fields up to isomorphism.
We just established that a finite field of prime power order pn exists for every prime p and n≥1, and that we can construct said field as Zp[x]/(f) where f is a degree n irreducible polynomial over Zp. It is a well-established fact that its multiplicative group (consisting of all nonzero elements) is cyclic:
Theorem: Given F a finite field of prime power order pn, its multiplicative group F× is cyclic.F×, like all finite abelian groups, decomposes into cyclic groups of prime power order: F×≅Cq1×Cq2×…×Cqn Since the order of the component cyclic fields q1,q2,…,qi are pairwise coprime, their direct product is cyclic.
This has a direct implication about the fields of prime power order.
Theorem: All fields of prime power order pn are unique up to isomorphism.- We just showed that for an irreducible degree n polynomial g∈F[x], the quotient Zp[x]/(g) is a finite field of order pn. So finite fields of order pn exist for every prime p and integer n≥1.
- If we can define a field homomorphism between two arbitrary fields of prime power order pn, then they are isomorphic because all field homomorphisms are injective and the domain and codomain have the same order pn.
- Consider the multiplicative group K× of an arbitrary field K of prime power order pn. The order of K× is exactly pn−1. By Lagrange’s theorem, the order of every element a of K× must divide the order of K×, so apn−1=1, which can be rearranged to apn−a=0.
- Then apn−a=0 holds for every a∈K×. But since 0pn−0=0, this extends to all a∈K. Since this holds for arbitrary fields of prime power order, let K1,K2 be two such fields.
- Then every element of a∈K1 or b∈K2 is a distinct root of the polynomial f=xpn−x, in the sense that f(a)=0 for all a∈K1 and f(b)=0 for all b∈K2.
- Recall that ring homomorphisms (and therefore field homomorphisms) preserve rational expressions, including polynomial expressions. This means if f(a)=0, then applying ϕ to both sides gives ϕ(f(a))=f(ϕ(a))=0, implying that ϕ(a) is a root of f as well.
- Since f, by construction, has pn distinct roots, ϕ maps all pn elements of K1 to some element in K2. Therefore ϕ is a well-defined field homomorphism and we are done.
Since all fields of order pn are isomorphic to each other, this means that instead of writing the cumbersome term Zp[x]/(f), we can just refer to the field of prime power order q=pn, which is denoted Fq or sometimes GF(q).
Significantly, it turns out there are no other finite fields.
Theorem: every ring not of a prime power order is not a field.- If a ring R is not of a prime power order, then the prime factorization of its order p1k1p2k2…pnkn must contain at least two distinct prime powers.
- Consider the principal ideal pikiR for some i. Since prime powers are pairwise coprime, that means the Chinese Remainder Theorem can be used to show R≅R/p1k1R×R/p2k2R×…×R/pnknR.
- But since a direct product of rings contains zero divisors, and zero divisors cannot be units, R contains nonzero nonunits and is therefore not a field.
Corollary: The only finite fields are the ones of prime power order.
In this section we describe primitive elements.
The fact that Fq× is cyclic implies that every finite field Fq has a primitive element α, the generator of F×.
Recall that we can adjoin elements of one ring to another ring of the same characteristic. What happens when we adjoin α to another finite field of the same characteristic?
Note that the finite fields of any given characteristic p have a subfield ordering:
Theorem: Fpn is a subfield of Fpm iff n∣m.The result follows pretty quickly after we prove a number theoretic lemma:
Lemma: n∣m iff pn−1∣pm−1.- (→) This is a straightforward calculation. nmpmpm−1pm−1pn−1∣m=kn=pkn=pkn−1=(pn−1)(pn(k−1)+pn(k−2)+…+pn+1)∣pm−1
- (←) We know that n<m. Then gcd(pm−1,pn−1)=gcd(pm−npn−1,pn−1)=gcd(pm−npn−1−(pn−1),pn−1)=gcd(pm−npn−pn,pn−1)=gcd(pm−npn−pn,pn−1)=gcd(pn(pm−n−1),pn−1)=gcd(pm−n−1,pn−1) using gcd(a,b)=gcd(a−kb,b) because pn and pn−1 are coprime Thus gcd(pm−1,pn−1)=gcd(pm−n−1,pn−1). Applying this recursively amounts to applying the Euclidean algorithm on the powers (m,n), resulting in gcd(pm−1,pn−1)=gcd(pgcd(m,n)−1,pgcd(m,n)−1)=pgcd(m,n)−1 Since pn−1∣pm−1 implies pn−1 is the GCD of the two, the LHS becomes pn−1. Then: pn−1pnnn=pgcd(m,n)−1=pgcd(m,n)=gcd(m,n)∣m as required.
Then:
- (→) By Lagrange’s theorem, the order of the subfield’s multiplicative group ∣Fpn×∣ divides that of the larger field ∣Fpm×∣. Thus pn−1∣pm−1, so n∣m by the lemma.
- (←) If n∣m, then npn−1xpn−1−1f⋅(xpn−1−1)f⋅(xpn−x)∣m∣pm−1∣xpm−1−1=xpm−1−1=xpm−x by the lemma by the lemma for some polynomial f∈Z[x] multiply both sides by x which shows that every root of xpn−x is a root of xpm−x. But since the roots of xpn−x are exactly Fpn, this implies every element of Fpn is in Fpm, i.e. Fpn is a subfield of Fpm.
Corollary: Adjoining the primitive element α of Fpn to Fpm results the larger of the two finite fields.- If Fpn is larger, then Fpm is a subfield of Fpn. Since α generates Fpn, the resulting field is Fpn, since that already includes Fpm.
- If Fpm is larger, then Fpn is a subfield of Fpm and therefore α is already in Fpm, so the resulting field is Fpm.
Corollary: Adjoining two primitive elements α,β is the same as adjoining the one with larger order.This follows directly from the previous result. WLOG assume α generates the larger field. Then α generates β, thus you need only adjoin α.
-
December 11, 2023.
Exploration 7: Fields
Questions:
- TODO
Recall that we can categorize each field F as either an infinite field (char F=0) or a finite field (char F=p). Last time we discussed finite fields (char F=p). Now we extend the discussion to infinite fields (char F=0).
Theorem: Every infinite field (where char F=0) contains the rationals Q.In characteristic 0, the rationals Q are generated by 1: first by generating the integers Z via repeated addition and subtraction, then treating each integer as a unit and taking closure under product and inverses of every integer to get Q. Since every ring contains 1, which generates Q, every field in characteristic 0 contains Q.
Now recall that constructing a finite field Fq (for some prime power q=pn) is done by quotienting Zp (i.e. Fp) by an irreducible polynomial ∈Zp[x] of degree n. We can do this with infinite fields as well. Let F be a field, and let f be an irreducible polynomial in F[x], so that (f) is maximal and therefore F[x]/(f) is a field. This exploration will be all about studying the characteristics of these quotient fields F[x]/(f).
In this section, we study quotient fields.
First of all, quotienting by (f) sends f∈F[x] to 0. Where does this quotient send x∈F[x]?
Therefore: for polynomials f irreducible in F[x], the quotient F[x]/(f) maps x to a root of f that exists outside of the field F.- Let’s say we have f=x2+1, which is irreducible in R[x]. Then the quotient R[x]/(f) sends f to the zero coset [0], meaning we have [x2+1]=[0] which implies [x]2+[1]=[0].
- This means that x gets mapped to some element that is a root of the polynomial x2+[1] (where coefficients are cosets from the quotient R[x]/(f)).
- In summary, x2+1 has no roots R but it does in R[x]/(f) (the coset [x]). The idea is that the act of adjoining x and then quotienting creates this root.
Since R[x]/(f) contains R as a subfield, R[x]/(f) is an extension of R. So just like with finite fields, our new field is “larger” in some sense, which we’ll learn how to measure later. The important point is that when we extend a field in this manner, we’re doing so by adding a new root of an irreducible polynomial f∈F[x] to F!
In this section, we show another perspective for extending fields.
Recall that one way to turn any ring into a field is to adjoin units to it. That is, for every nonzero element a, adjoin an element a−1 so that a becomes a unit. This results in a field known as the field of fractions, the idea being that for every a∈F, you adjoin a1 to F, so now everything in F looks like a fraction.
The field of fractions gives us another way to extend fields. If we adjoin some new element α to an existing field F, and then take the field of fractions of the result, you get a new field, which we denote F(α). This operation is known as a simple extension of F by α. In this case, α is the generator of the simple extension.
So we have two ways of extending a field F: the first way is to quotient its polynomial ring by an irreducible polynomial, and the second way is to adjoin a new element and take the field of fractions. Surprisingly, these turn out ot be equivalent. We’ll first prove a very interesting lemma about simple extensions.
Lemma: If α is the root of any polynomial f∈F[x], then F[α]=F(α).WLOG we can assume f is irreducible in F[x]. This is because if f is reducible, α must be a root of at least one of the irreducible factors of f, and we can take that factor to be f instead.
F[α] is exactly what you get when you evaluate every polynomial F[x] at this new root α. To show that F[α] is a field, let g(α) be an arbitrary nonzero element of F[α], where g is some nonzero polynomial in F[x]. WTS g(α) is a unit.
- By the extended Euclidean algorithm, we have gcd(f,g)=af+bg for some a,b∈F[x].
- Since f is irreducible in F[x], and therefore prime, gcd(f,g) must be 1 or f. Because g(α) is nonzero, α is not a root of g, implying g doesn’t have a factor f (which does have α as a root.) Therefore gcd(f,g) must be 1.
- Using the assumption that α is a root of f, we get f(α)=0. Then apply the evaluation map at α to both sides: gcd(f,g)gcd(f,g)(α)11=a⋅f+b⋅g=a(α)⋅f(α)+b(α)⋅g(α)=a(α)⋅0+b(α)⋅g(α)=b(α)⋅g(α) which shows that our arbitrary nonzero g(α) is a unit.
Therefore every nonzero element of F[α] is a unit, and thus F[α] is its own field of fractions equal to F(α).
Now we show that the two methods of extending a field — quotienting by an irreducible and doing a simple extension — are equivalent.
Theorem: If f is irreducible over F, the quotient F[x]/(f) is isomorphic to a simple extension F(α) where α is some root of f.- Define a kind of evaluation map g↦g(α) and call it φα:F[x]→F(α).
- The kernel of φα is every polynomial that evaluates to 0 at α. f is one such polynomial.
- Since f is irreducible, it generates a maximal ideal (f) of F[x], which contains every polynomial that also has α as a root. Therefore the kernel of φα is exactly (f), since they all evaluate to 0 at α.
- As for the image of φα, note that evaluating all polynomials in F[x] at α results in exactly F[α], which by the above lemma is exactly F(α).
- Then by the first isomorphism theorem, which states F[x]/ker φα≅im φα, we have F[x]/(f)≅F(α).
Since there are two isomorphic ways to extend fields, in general, should we write the quotient field F[x]/(f) or should we write simple extension F(α)? A quotient field makes explicit that we add roots of f to the field, so implicitly the result has the root α of f. A simple extension makes explicit that we add α to the field, so implicitly we’ve added the roots of its polynomial f.
In fact we can ignore this detail, and simply write K/F or “K is a field extension of F” (not to be confused with the identical notation used for quotients). Unlike the above, this notation can express any size of field extension. Specifically, K/F could denote that K is a (perhaps infinite) composition of simple extensions of F, for example, K=F(α)(β)(γ)(δ).
The general definition of a field extension of F, written K/F, is any field K that contains F as a subfield. Since you can theoretically build K from F by continually taking simple extensions of elements in K not in F, every field extension can be expressed as a (perhaps infinite) composition of simple extensions.
Another notation is useful when we start getting into field extensions of field extensions (called towers): K⊇L⊇F. This notation pretty much only exists since K/L/F is ambiguous (is the slash quotienting or a field extension?). Like K/F, it doesn’t tell you how the extensions were obtained, but it does tell you about the existence of an intermediate extension L.
But for the purposes of this exploration where we are explicitly focusing on the structure of quotient fields, we’ll use the F[x]/(f) form throughout.
In this section, we explore the properties of the roots within the extended fields.
The lemma we proved earlier about F(α)=F[α] is actually quite foundational. In fact, we can prove a kind of converse:
Theorem: F(α)≅F[α] iff α is the root of some polynomial f∈F[x].- To show the forward direction, note that if F(α)≅F[α], then F[α] is a field, so in particular α−1 is an element in F[α] corresponding to some polynomial g∈F[x].
- Since α−1α=1, we have α−1α−1=0.
- Then the corresponding polynomial f=gx−1∈F[x] has α as a root, by construction.
- The aforementioned lemma proves the backward direction.
This is a pretty important equivalence to have, so important that when α is the root of a polynomial in F[x], where F is a field, we say that α is algebraic over F.
Corollary: F(α)=F[α] iff α is algebraic over F..
Whenever we have an element α that is algebraic over F, we know that the simple extension F(α), by the theorem we proved, results in a field isomorphic to F[x]/(f) for some irreducible polynomial f with root α.
Consider the relationship between the root α and its irreducible polynomial f. It’s easy to identify the root α given f — α is exactly the coset [x] in F[x]/(f). But given α, can we identify a irreducible polynomial f where α is a root?
For this, we need look no further than the kernel of the evaluation map φα, which is defined to be all the polynomials ∈F[x] for which f(α)=0. In fact, since F[x] is an Euclidean domain and therefore a PID, the ideal ker φα must be principal i.e. generated by some polynomial f. If we can identify f, then we have identified a polynomial where α is a root. We can deduce a couple things about f. First of all, f is irreducible:
Theorem: Over a field F, the polynomial f∈F[x] generating ker φα is irreducible.Since F (being a field) has no zero divisors, the equation φα(f)=0 means any nonzero factor of φα(f) would constitute a zero divisor, therefore φα(f) is irreducible and so f is irreducible.
Second, f is unique up to associates:
Theorem: Over a field F, the polynomial f∈F[x] generating ker φα is unique (up to associates).If g also generates ker φα, then f and g divide each other and therefore differ by a unit. Then f is unique up to associates. (If we make f monic, then it is unique, period.)
Corollary: Over a field F, the monic polynomial f∈F[x] generating ker φα is unique.
Thus, is some unique monic irreducible polynomial f that generates the kernel of φα, and it is known as the minimal polynomial of α over F. So indeed, every root α has a minimal polynomial f∈F[x] that is unique, irreducible over the base field F, and has α as a root.
Thus every time we quotient by some irreducible polynomial f (i.e. F[x]/(f)) we’re actually adjoining a new root α=[x], and any time we adjoin a root α (i.e. F(α)), we’re actually quotienting F by its minimal polynomial f.
Corollary: F(α)≅F[x]/(f) whenever f is the minimal polynomial of α.
This lets us prove an interesting fact about simple extensions. If a minimal polynomial f has two roots α,β, then adjoining α has the same effect as adjoining β. The converse is also true.
Theorem: Any two simple extensions by algebraic elements are isomorphic, F(α)≅F(β), iff α and β have the same minimal polynomial.If α and β have the same minimal polynomial f, then both F(α) and F(β) are both isomorphic to F[x]/(f), and therefore to each other.
Corollary: Equivalently, if α and β are roots of the same irreducible polynomial f over F, then F(α)≅F(β).
There is also a deeper theorem about automorphisms of field extensions that we’ll use later. We prove it here now:
Theorem: Every automorphism σ:F(α)→F(α) that fixes F will permute the roots of the minimal polynomial f of α.Suppose f(α)=0 for f a minimal polynomial over F. Every automorphism σ:K→K that fixes F must satisfy f(α)σ(f(α))f(σ(α))=0=σ(0)=0 since coefficients∈F are fixed by σ implying that σ(α) is a root of f as well.
In summary, what we’ve shown here is that given any algebraic element α, we can refer to its minimal polynomial, which is unique and always exists. Different simple extensions, then, can be identified with the minimal polynomial of its generator.
What about larger extensions? Are we able to identify extensions like F(α)(β)=F(α,β) with some kind of minimal polynomial?
In this section, we demonstrate how non-simple extensions can be reduced to a simple extension.
If we find that F(α,β) is equal to some simple extension F(γ), then we can classify the extension with the minimal polynomial of γ. But when does such a γ exist?
Lemma: Every extension F(α,β) by two elements α,β algebraic over F is equal to a simple extension, provided that the minimal polynomials of α and β have distinct roots.First, if F is a finite field, then F(α,β) is the same as F(α) if α has a larger order, and F(β) otherwise. (proof) This trivially makes F(α,β) a simple extension.
Now we prove the case where F is infinite. Consider an arbitrary two-element extension F(α,β) by algebraic elements α,β. We will argue that this extension is equal to the simple extension F(α+cβ) for some nonzero c∈F.
The goal is to choose c such that β∈F(α+cβ). This is because then (α+cβ)−cβ=α∈F(α+cβ) as well, making F(α+cβ) equal to F(α,β).
To do this, we will prove that the number of nonzero c∈F for which β∈F(α+cβ) is finite. Since the base field F is infinite, that leaves infinitely many c for which β∈F(α+cβ).
- Since β∈F(α+cβ), F(α+cβ) is a subfield of F(α,β).
- Adjoin every root of the the minimal polynomials f,g of α,β respectively to F(α+cβ). This results in a field K, which has F(α+cβ) as a subfield. Then every automorphism σ that fixes F(α+cβ) must permute the roots of f and g.
- Then we have: α+cβα+cβα−σ(α)α−σ(α)σ(β)−βα−σ(α)=σ(α+cβ)=σ(α)+cσ(β)=cσ(β)−cβ=c(σ(β)−β)=c For such a nonzero element c to exist, we must ensure that both the numerator and denominator are nonzero, i.e. σ(α) must not map to α, and σ(β) must not map to β. Here we must use the assumption that f and g have distinct roots, so that there exists some σ(α)=α and σ(β)=β.
- This implies there are finitely many c that exist, since both f,g have finitely many other roots (deg f−1,deg g−1 that α,β can be permuted to.
Since β∈F(α+cβ) implies that there are only finitely many choices for c, the contrapositive says that all other choices of c∈F imply β∈F(α+cβ). Since F is an infinite field, there are infinitely many choices, so such a c exists such that β∈F(α+cβ), implying F(α+cβ)=F(α,β).
Given a couple of definitions, this lemma implies our main result:
Primitive Element Theorem: Every finite separable extension of F is simple.A finite extension is one obtained by adjoining finitely many elements TODO they have to be algebraic. F(α,β,…). We can iteratively apply the lemma to show that all finite extensions of F are simple.
A algebraic extension is simply a field extension by algebraic elements. All finite extensions are algebraic.
When a polynomial has distinct roots (i.e. no multiple roots) in some extension field, we call it a separable polynomial. Similarly, when every minimal polynomial is separable for elements in a field extension K/F, we say it is a separable extension.
Then we can reword the above lemma concisely as a key theorem:
This is called the Primitive Element Theorem because when a field extension K/F can be expressed as a simple extension F(α), we say that α is a primitive element for the extension K/F, since α generates the extension K/F. So another way to word it is:
Primitive Element Theorem: Every finite separable extension has a primitive element.
In this section, we discuss separability.
So how do we prove separability?
In characteristic 0, recall that one can identify multiple roots using the derivative of a polynomial. Recall that the derivative of a polynomial f=anxn+…+a2x2+a1x+a0 is defined f′=nanxn−1+…+2a2x+a1 The product rule of derivatives states that the derivative of a product is always (fg)′=f′g+fg′
The implication for multiple roots is this. If f has a multiple root α, then it factors into (x−α)2g. The product rule guarantees that the derivative of f is === ((x−α)2g)′ ((x−α)(x−α))′g+(x−α)2g′ 2(x−α)g+(x−α)2g′ (x−α)(2g+(x−α)g′)
This implies that if f has multiple root α, then f′ also has α as a root. Since the converse is also true, this means having multiple roots is the same as sharing roots with the derivative.
In other words, to check if f is separable, all we need to do is check if f shares any roots with its derivative f′ in its splitting field. As a matter of fact, this is true for any irreducible polynomial in characteristic 0.
Theorem: In characteristic 0, every irreducible polynomial is separable.- It is enough to prove that gcd(f,f′) is constant in the splitting field, because that means they cannot share any factor (x−α), and therefore f has no multiple root.
- Since f is irreducible, gcd(f,f′) is equal to either f or a constant polynomial. If it’s constant, we are done. Otherwise, gcd(f,f′)=f is only possible if f′=0, since f′ has smaller degree than f.
- But in characteristic 0, the only polynomials that have a zero derivative are the constant polynomials. This is because any nonconstant akxkk would contribute the term kakxkk−1, which is always nonzero in characteristic 0.
- Since f is irreducible, it is not a constant polynomial, and therefore f′ is nonzero, and thus gcd(f,f′) cannot be f and must be a constant.
Corollary: Every field extension in characteristic 0 is separable.Since minimal polynomials are irreducible, every minimal polynomial is separable by the above theorem, and therefore every extension in characteristic 0 is separable.
Since characteristic 0 fields are precisely the infinite fields, this gives us a corollary of the Primitive Element Theorem: Every finite extension of an infinite field has a primitive element.
In summary, since this exploration deals only with finite extensions of infinite fields, we can pretty much always assume that field extensions are simple, unless otherwise stated.
In this section, we go wild with adding roots to a field.
When we add a root α to a field via quotienting by some polynomial f irreducible over F, we’re also making it so that f is actually reducible over the resulting field, in the sense that f now factors into (x−α)g for some g. You can imagine factoring g into irreducibles, and repeating the process of adjoining their roots to make more linear factors (x−β), until you’ve decomposed the original f into linear factors over an extension field K/F.
The resulting field is known as a splitting field of f over F. If K is a splitting field of f, we say that f splits over K, or equivalently f splits in K[x]. For example: x2+1 splits over Z(i), because x2+1=(x+i)(x−i).
You could go even further than splitting fields. Imagine constructing an extension field K by splitting every polynomial over F, and then every polynomial over the resulting splitting field, and repeating until you’ve created a field extension K/F so large such that every polynomial in K[x] splits.
Then we’ve taken the algebraic closure of F. We say E is an algebraically closed field, i.e. one in which every nonconstant polynomial in E[x] has a root in E. The canonical example of an algebraically closed field is C. The proof that C is algebraically closed is called the Fundamental Theorem of Algebra, which we’ve previously proved.
In this section, we examine how to compute the splitting field of a given polynomial over F.
How can we identify the splitting field of f over F? It turns out that splitting fields are unique (up to isomorphism):
Lemma: For any symbols α,β, F(α)(β)=F(β)(α).- When we do a simple extension by an element F(α), we adjoin the element α to F and take the field of fractions. By definition, this is the smallest field containing F and α.
- Then F(α)(β) is the smallest field containing F(α) and β, i.e. it is the smallest field containing F, α, and β.
- Likewise, F(β)(α) is the smallest field containing F(β) and α, i.e. it is the smallest field containing F, β, and α.
- Therefore these are the exact same field.
Theorem: The splitting field of f over F is unique up to isomorphism.- The splitting field always exists, since we can always quotient by the non-linear irreducible part of f to adjoin a new root α.
- So the process takes f and adjoins a root to F to get f=(x−α)g for some g∈F(α).
- Repeating this, we get a splitting field isomorphic to F(α1)(α2)…(αn).
- By the lemma, all reorderings of simple extensions are equal to each other. Since that means constructing a splitting field gives you a field isomorphic to F(α1)(α2)…(αn) regardless of the order you adjoin roots, all splitting fields of f are isomorphic.
Just like how we can refer to the minimal polynomial of a given root α, this theorem lets us refer to the splitting field of a given polynomial f.
As an example, take the splitting field of x3−2 over F, which is irreducible over F. The roots of this polynomial (in C) are 32, ζ332, and −ζ332, where ζ3 is the third root of unity. None of these roots exist in F, since x3−2 is irreducible over F.
In general, taking the splitting field of a polynomial f over F, means finding the minimal extension field K/F that contains all deg f roots of f, so that f splits into linear factors in K. When f is irreducible, this means adding all deg f roots to F.
Since splitting fields are unique up to isomorphism, we can add the roots in any order. First, let’s adjoin 32 to obtain F(32). If the base field contains ζ3, this would add all the other roots as well, and we are done. Otherwise, the other roots are not added, since it is impossible to express ζ332 in F(32) without ζ3.
The next step is to adjoin ζ332. But then taking the closure means this operation adds the remaining root is −ζ332, and since we’ve added all roots, the result is the splitting field of x3−2.
Therefore, the process of constructing a splitting field for a polynomial f∈F[x] is inherently tied to knowing the roots of the polynomial, and involves the following steps:
- Find new roots αi of f that generate extensions F(αi) which are linearly disjoint over F: extensions where each element in α1,α2,… cannot be expressed in terms of the others.
- Adjoin each αi to the base field F, obtaining F(α1,α2,…).
- Done!
Now the problem becomes: how do we find roots that generate linearly disjoint extensions? What does it take for two roots to be linearly disjoint?
In this section, we discover the conditions for when two elements generate linearly disjoint extensions.
Recall that given a base field F, all simple extensions of F can be distinguished by its minimal polynomial, in the sense that different simple extensions have different minimal polynomials.
The degree of an extension is the degree of its minimal polynomial, or infinity if the extension is infinite. If the extension is written K/F, then its degree is written [K:F].
Theorem: Finite field extensions K/F have finite degree [K:F].Since all algebraic elements have a minimal polynomial (necessarily of finite degree), every extension by algebraic element(s) are finite. This means TODO
Theorem: Two simple extensions F(α) and F(β) are linearly disjoint iff the degree [F(α,β):F] is equal to the product of [F(α):F]⋅[F(β):F]To be linearly disjoint, the two extensions must have the property that F(α) doesn’t contain β and F(β) does not contain α.
WLOG assume the first case where F(α) doesn’t contain β. That would mean the minimal polynomial of β over F(α) is the same as the minimal polynomial of β over F, i.e. [F(α)(β):F(α)]=[F(β):F]. By a symmetric argument, we have [F(β)(α):F(β)]=[F(α):F]. This implies that [F(α,β):F]=[F(α)(β):F(β)]⋅[F(β):F]=[F(α):F]⋅[F(β):F]=.
TODO verify this
TODO left off here
we’ve covered:
primitive element theorem: every finite extension is a simple extension, which is generated by a primitive element
field has degree equal to the minimal polynomial of its primitive element
two extensions of F are linearly disjoint iff its degree is equal to the product of degrees of its components
splitting field definition based on linear disjointness
theorem: finite field extensions have finite degree
An element that is not algebraic over F is called transcendental over F. A key property of transcendental elements α is that the extensions F(α) they generate are linearly disjoint from every extension of F (except the ones that include α).
Theorem: If α is transcedental over F, then F(α) is linearly disjoint from any extension of F that doesn’t include α.TODO
But in general if you have two algebraic elements α and β, then whether they are linearly disjoint depends on their minimal polynomials.
Theorem: Two algebraic elements α and β generate linearly disjoint extensions if their minimal polynomials are coprime. TODO this only works one direction, non-coprime polynomials can still generate linearly disjoint extensionLet f and g be the minimal polynomials of α and β respectively.
To be honest, this rigorous construction of the splitting field of f is just a minor detail. Just like with minimal polynomials, we can ignore this actual construction, and just refer to the fact that given any polynomial f, we can refer to its splitting field, which is unique (up to isomorphism) and always exists.
-
December 12, 2023.
Exploration 8: Galois theory
Questions:
- Which polynomial equations can be solved?
In the finite fields exploration, we’ve seen that given the finite field Fp of prime order p, taking the quotient Fp/f by an irreducible polynomial f of degree n gives you the finite field Fpn of prime power order pn.
We’ve also seen that quotienting by an irreducible polynomial is equivalent to adjoining a root α of that irreducible polynomial f. In other words, if you extend a finite field F by an algebraic element α, then F(α) has its order raised to the nth power, where n is the degree of the minimal polynomial of α.
So we have two notions of field extension that are equivalent:
- We can quotient its polynomial ring by a degree n irreducible polynomial, or
- we can adjoin an algebraic element whose minimal polynomial is degree n.
For simplicity, we might want to just refer to the field extension K/F that raises its order by n. Call that a degree n extension, and we denote degree with [K:F]=n. Then the degree of an algebraic element is the degree of its minimal polynomial.
Note that this notion of degree carries over to infinite fields too. Although a degree n extension of an infinite field results in a field that is just as infinite, the idea is that every element in the new field is a n-tuple of elements in the original field. TODO describe finite fields as tuples
and the degree of a simple extension F(α) be the degree of its primitive element α. We can also define the degree [E:F] of a finite field extension E/F in general: decompose it into a composition of simple extensions by algebraic elements, and multiply the degrees of each simple extension.
Using the concept of the degree of an extension, we can start classifying some field extensions.
Theorem: A degree 1 field extension gives back a field isomorphic to the original field.- If F(α) is degree 1, its minimal polynomial is x−α.
- We can show that
F[x]/(x−α)≅F
using the
first
ring isoomorphism theorem.
- The evaluation map at α, φα:F[x]→F, has a kernel consisting of all polynomials with α as a root. In other words, all polynomials that have the factor x−α, which is just the ideal (x−α).
- Since the evaluation map is surjective, im φα=F.
- The theorem states that F[x]/ker φα≅im φα. In other words, F[x]/(x−α)≅F.
Let’s explore the degree 2 extensions.
The quadratic extensions
The canonical example of a degree 2 extension, or a quadratic extension, is R[x]/(x2+1)≅C, which we proved a while ago.
Since degree 2 extensions are formed by quotienting by a monic irreducible degree 2 polynomial, the general form of a quadratic extension must be the quotient F[x]/(x2+bx+c). We’ll now prove a theorem that simplifies this.
Theorem: If F is of characteristic =2, every quadratic extension of F can be written as F[x]/(x2−δ), which is isomorphic to F(δ), for some element δ∈F.- By definition, quadratic extensions are extensions of degree 2. Since finite field extensions are quotients by a suitable irreducible polynomial of the same degree, the quotient F[x]/(x2+bx+c) can be used to represent any degree 2 extension.
- You can always find the roots of
x2+bx+c
using the quadratic formula
21(−b±b2−4c).
- Since 2 is in the denominator, this requires the field to not be of characteristic 2 (otherwise 2=0 and you can’t divide by zero).
- This means every root adjoined by quotienting by (x2+bx+c) can be expressed in terms of elements of F together with b2−4c. Since b2−4c∈F, this means we need only adjoin a square root of an element in F to add every root of x2+bx+c, implying that F[x]/(x2+bx+c)≅F(b2−4c).
- The minimal polynomial of b2−4c is x2−(b2−4c).
- Therefore, every quadratic extension F[x]/(x2+bx+c) is isomorphic to the quadratic extension F[x]/(x2−(b2−4c)). If we let δ=b2−4c, then this becomes F[x]/(x2−δ), which is isomorphic to F(δ).
The implication is that every quadratic extension can be obtained by a square root of some element in the base field. So the general form of a quadratic extension is F(δ) for some δ∈F. Note that the proof implies that the roots of a quadratic extension are ±δ. Therefore the roots are symmetric in a sense – adding one root δ always adds the other root, because you can obtain it via −δ.
Whenever two roots of the same irreducible polynomial can be expressed in terms of each other within the base field, we call them algebraic conjugates, or just conjugates. This generalizes the concept of complex conjugates in C to any field extension by an algebraic element. In general, quadratic extensions always produce two conjugate roots, but larger extensions might have a larger set of roots (that are all conjugate to each other). We’ll see an example now.
The cyclotomic extensions
A nth root of unity ζnk=exp(2πink) is primitive if it can be used to express all the other nth roots of unity. This is true whenever k is coprime to n.
The nth cyclotomic polynomial, Φn, is the minimal polynomial over Q for any primitive nth root of unity ζn. It’s irreducible and unique by definition of minimal polynomial, therefore we can use it to write the nth cyclotomic extension Q[x]/(Φn).
Theorem: The roots of the nth cyclotomic polynomial are exactly the primitive nth roots of unity.- First of all it is clear that all primitive nth roots of unity ζn share the same minimal polynomial (Φn), and are therefore roots of Φn.
- Now we need to show these are the only roots of Φn. To do this, we make a degree argument.
- First, note that the polynomial xn−1 contains all nth roots of unity, not just the primitive ones. Since every nth root of unity is a primitive dth root of unity for some divisor d of n, and xn−1 (by virtue of containing all nth roots of unity) must contain all these primitive dth roots of unity for each d, we can conclude that each Φd is a factor of xn−1. This includes Φn.
- Second, note that these Φd are disjoint. If ∏d1 and ∏d2 share a root ζ, then by definition both of those polynomials must be the minimal polynomial of ζ. But minimal polynomials are unique, which implies ∏d1=∏d2.
- This proves the identity xn−1=∏d∣nΦd.
- Finally, note that if any root ζ of Φn is not a primitive nth root of unity, then it must be a primitive dth root of unity for some d∣n. But then Φd and Φn would share a root ζ, which contradicts the fact that each Φd is disjoint. Thus the only roots of Φn are all the primitive nth roots of unity ζn.
Since primitive nth roots of unity, by definition, can express all the nth roots of unity, adding one root adds them all. In other words, the roots of Φn are conjugate. Like the quadratic extensions, the cyclotomic extensions are an example of where all of the roots of the minimal polynomial are conjugate.
Since there are φ(n) primitive nth roots of unity, cyclotomic extensions are degree φ(n). Note that when n is prime, then φ(n)=n−1, and thus pth cyclotomic extensions are always of degree p−1.
In this section, we discover properties of conjugate roots.
In both quadratic and cyclotomic extensions, all the roots we adjoined were conjugate to each other.
In general, not all roots adjoined by a field extension are conjugate to each other. One case is when a field extension is made up of multiple extensions. For example, a biquadratic extension F(α)(β) consists of two different quadratic extensions where there is no q∈F such that α=q2β. That last condition ensures that α and β cannot be expressed in terms of the other in the base field F. This means we’ve added the roots ±α (which are conjugates) and ±β (which are conjugates), but α is not conjugate to β.
Here’s a more concrete example. Over F, take the splitting field of x3−2, whose roots could be expressed as 32, ζ332, and ζ3232. Taking F[x]/(x3−2) will give us one of the roots — perhaps 32 — but not the others. In order to split x3−2, we must add one of the remaining roots, say ζ332. Note that each of these three roots can be expressed with the other two:
- 32=(ζ332)−1(ζ3232)2
- ζ332=(32)−1(ζ3232)2
- ζ3232=(32)−1(ζ332)2
So we only need to adjoin two of the roots in order to split x3−2. Unlike the previous example, where taking a single quotient F[x]/(x2+1) was enough to split x2+1, taking a single quotient F[x]/(x3−2) is not enough to create the splitting field of x3−2, since it only adds one root. We can distinguish these two types of extensions.
Define a normal extension K/F as a field extension of F such that K is the splitting field for some polynomial f over F. Then F[x]/(x2+1) is clearly normal, since it’s the splitting field of x2+1. To show that F[x]/(x3−2) is not normal, we rely on the following theorem:
Theorem: If K/F is normal, then every polynomial irreducible over F that has a root in K splits in K.- If K/F is normal, then by definition K is the splitting field for some polynomial f over F.
- Any polynomial g irreducible over F with a root in K is a factor of f, since K (being the splitting field of f) adds only roots of f and nothing more.
- But since f splits in its splitting field K, any factor of f splits in K, therefore g splits in K.
Corollary: By the contrapositive, if some polynomial irreducible over F with a root in K doesn’t split in K, then K/F is not normal.
So to prove an extension K/F is normal, we need to show that it is the splitting field for some polynomial over F. To prove an extension not normal, we need to show that it doesn’t split some polynomial irreducible over F with a root in K. Since F[x]/(x3−2) doesn’t split x3−2 but contains one of its roots, F[x]/(x3−2) is not normal.
Normal extensions are interesting because they have the following property that we like to have:
Theorem: If K/F is normal and contains a root α, then it contains all the conjugates of α.By the previous theorem, if K contains a root α, then it splits its minimal polynomial f. Therefore it contains all the roots of f, which are the conjugate roots of α.
We’ll see the implications of this property in the next section.
If we work with splitting fields, which are always normal extensions by definition, then we can always assume the following:
Therefore: Splitting fields in characteristic 0 are Galois extensions.- Splitting fields are normal by definition of normal definitions being splitting fields. Thus it contains all conjugates.
- Splitting fields are finite since they need only add finitely many roots to split a finite polynomial, and all field extensions in characteristic 0 are separable. Being finite separable means the splitting fields in characteristic 0 are simple extensions F(α). Since splitting fields are normal, α generates every root (not just some roots) of every irreducible polynomial over F whose roots are in K.
- Such extensions (finite separable and normal) are known as Galois extensions, and they have some very interesting properties which we will explore in the next section.
In this section, we explore the intermediate fields of a Galois extension.
Again, consider the splitting field of x3−2: K=F(32,ζ332). The intermediate fields of K/F refers to all the subfields of K that contain F (including K and F). It turns out that K has six intermediate fields:
The basic idea is that you can try to adjoin every combination of elements in K not in F, i.e. every expression composed of the roots adjoined. The intermediate fields are the result. Unfortunately, there are infinite possibilities of what to adjoin, and adjoining one set of elements often gives you the same field as adjoining a different set of elements. In general, finding intermediate fields is highly non-trivial without the tools we’re about to present.
The main way we define intermediate fields of K/F is by defining F-automorphisms, automorphisms σ:K→K that fix F.
Theorem: Elements in K/F fixed by an F-automorphism σ on K form an intermediate field of K/F.- All automorphisms fix the identities
0
and
1.
So to prove the fixed elements of
σ
form a subfield of
K,
we just check that they contain all additive inverses, all nonzero
multiplicative inverses, and are closed under addition and
multiplication.
- Inverses: σ(−a)=−σ(a)=−a and for nonzero a, σ(a−1)=σ(a)−1=a−1
- Closure: σ(a+b)=σ(a)+σ(b)=a+b and σ(ab)=σ(a)σ(b)=ab
- Since all F-automorphisms fix F by definition, F is included in the fixed elements, which we just proved is a subfield of K. That means the fixed elements must form an intermediate field of K/F.
This means the task of finding intermediate fields of K/F can be reduced to the task of identifying F-automorphisms of K/F.
F-automorphisms have a number of properties that we can leverage in order to find them. First of all:
Theorem: If K/F is a finite separable extension of F, any F-automorphism σ:K→K that fixes F must map each root to one of its conjugates.We have already proved this for the case that K is a simple extension F(α) of F. Since the Primitive Element Theorem guarantees that all finite separable extensions are simple, the proof extends to all finite separable extensions.
Corollary: As all automorphisms are permutations of the given field, F-automorphisms are exactly permutations that only permute roots of the given field extension.
Corollary: Since normal extensions K/F contain all conjugate roots, F-automorphisms of a normal extension represents a permutation of all roots adjoined to K.
Corollary: Consider Galois extensions, which are normal and also separable (the roots adjoined to them are all distinct). This means that unique permutations on those roots correspond to unique F-automorphisms.
Thus for non-Galois extensions it is possible that two distinct F-automorphisms correspond to the same intermediate field, but for Galois extensions we can simply identify all permutations on roots to identify all F-automorphisms and therefore all intermediate fields. This is the goal of the next section.
Side note: the reason normal extensions are called normal is the same reason normal subgroups are called normal subgroups – their F-automorphisms happen to be invariant under conjugation.
Theorem: If σ and τ are F-automorphisms of a normal extension K/F, then στσ−1 is also a F-automorphism of K/F.- First of all, since each of σ,τ,σ−1 fix F, the composition fixes F as well.
- Second, since each of σ,τ,σ−1 are automorphisms in a normal extension, they represent permutations on the roots of polynomials.
- Permutations compose, so the composition also permutes the roots of polynomials, and is thus a F-automorphism of K/F.
In this section, we identify the permutations on roots of a field extension.
The last corollary showed that for Galois extensions, we can count the number of F-automorphisms by counting the number of permutations of the roots in K. Define the Galois group G(K/F) of an extension K/F as the set of all F-automorphisms on K, which represent permutations on the roots adjoined to K. These permutations form a group, since you can always invert a permutation, and the composition of two permutations is a permutation and is an associative operation, and there is an identity permutation that swaps no roots.
Here are some theorems about Galois groups and extensions which we’ll use later:
Theorem: The degree of any Galois extension K/F is equal to the order of its Galois group G(K/F).- The order of G(K/F) is precisely the number of F-automorphisms of K.
- Recall that a Galois extension is finite separable, and therefore has a primitive element α (which is a root). Since every root adjoined to K can be expressed in terms of the primitive element α, each F-automorphism σ is characterized by where it sends α.
- Since K/F is normal, every root of f is in K and can be mapped to (i.e. are candidates for σ(α)). Since K/F is separable, these roots are distinct. Thus there are deg f possible F-automorphisms, one for each of the deg f distinct roots of f.
- In other words, the order of the Galois group ∣G(K/F)∣ is equal to the degree of f, which is the degree of K/F by definition.
Theorem: The roots of an irreducible polynomial are interchangeable under the Galois group. In other words, if K/F is a Galois extension and f is irreducible over F, the Galois group G(K/F) acts transitively on the roots of f.If α and β are roots of f, then F(α) and F(β) are isomorphic. But this isomorphism is an F-automorphism in the splitting field K, since it fixes F and swaps α and β. Therefore there is indeed a F-automorphism in G(K/F) that maps arbitrary α to arbitrary β.
Theorem: If K/F is Galois of prime degree p, its Galois group G(K/F) is cyclic.Lemma: A Galois extension K/F is also a Galois extension K/L over every intermediate field L of K/F.- Lemma 1: If K/F is normal, then for any intermediate field L, K/L is normal.
K/F, being normal, is the splitting field for some polynomial f over F. Since it is a splitting field, K is already the minimal field containing F together with the roots of f. Then K is also the minimal field containing any intermediate field L of K/F together with the roots of f, meaning it is also the splitting field for f over L, and thus K/L is normal.
- Lemma 2: If K/F is separable, then for any intermediate field L, K/L is separable.
- Recall that an extension K/F is separable if every element of K is the root of a separable polynomial over F. Recall that a separable polynomial has no repeated roots.
- Every minimal polynomial g over L is potentially of lesser degree than the corresponding minimal polynomial f over F, due to L containing more roots than F. Thus, g divides f over L.
- That means every root of g is a root of f. That implies that f∈F[x] is has distinct roots, g∈L[x] has distinct roots too. So separable polynomials in F[x] are also separable polynomials in L[x].
- K/F is separable, so every element of K is a root of some separable polynomial over F, which we just showed are also separable polynomials over L, implying that K/L is separable.
- A Galois extension is one that is normal and separable. If K/F is normal and separable, then K/L is normal by Lemma 1, and separable by Lemma 2, thus Galois.
Recall that quadratic extensions (degree 2 Galois extensions) are always obtainable by adjoining a square root. We can generalize this to prime degree Galois extensions. It turns out that, like quadratic extensions, they are always obtainable by adjoining a pth root, provided that the base field contains the pth roots of unity. This last requirement was not necessary for quadratic extensions, since the 2nd roots of unity are 1 and −1, which always exist.
Theorem: Degree 2 extensions are Galois.- Quadratic extensions are always expressible by adjoining a square root. Thus they are simple extensions, and simple extensions are finite and separable.
- Degree 2 is the minimum degree required to split an irreducible quadratic polynomial. Since every irreducible with a root in the quadratic extension must split in the extension, quadratic extensions are normal.
- So quadratic extensions are finite separable and normal, meaning they’re Galois extensions.
Kummer’s Theorem: (for prime p) A degree p extension K/F is Galois iff K is expressible by adjoining a pth root of an element a∈F, whenever F is a subfield of C containing the pth roots of unity ζp.- (→)
If
K/F
is Galois of degree
p,
then
K=F(α)
for some
pth
root
α
of an element in
F.
- Since K/F is Galois of degree p, its Galois group G(K/F) is cyclic with a generator σ.
- Since p=1, σ is not the identity. Therefore there must be some element α∈K not fixed by σ. Let f be the minimal polynomial of α.
- The orbit of σ under G(K/F) contains all the roots of f, since G(K/F) must act transitively on the roots of f. Since K/F is separable, these roots are distinct, and therefore there are p roots.
- As f is a degree p irreducible polynomial in a field F containing the pth roots of unity, it must be the polynomial xp−a for some a∈F. This implies α is a pth root.
- Since every root is expressible in terms of α, F(α) is a splitting field of f. But since K/F is normal, K is also a splitting field of f containing the exact same roots. Thus they must be the same field: K=F(α) (not merely an isomorphism)
- Thus K is obtained by adjoining a pth root.
- (←)
If
K=F(α)
for some
pth
root
α
of an element
a
in
F,
then
K/F
is Galois of degree
p.
- α is a root of its minimal polynomial xp−a, and therefore is a pth root of a. We can write the pth roots of a as ζpkα, and they are all in K since we assume ζp∈F. Thus xp−a splits in K.
- The derivative of xp−a is pxp−1. Assuming we’re not in characteristic p, xp−a shares no roots with its derivative and is therefore separable.
- Any polynomial with a root in K can express that root in terms of α, since K=F(α) is simple. Since the minimal polynomial of α splits in K into distinct roots, any polynomial with a root in K must split in K as well into distinct roots. Therefore, K/F is normal and separable and therefore Galois. Since xp−a is the minimal polynomial of α and is of degree p, K/F is of degree p.
Such extensions K are Kummer extensions, characterized by the fact that if a field contains the pth roots of unity, you can obtain a degree p Galois extension by adjoining any pth root that isn’t in the base field. This is a generalization of quadratic extensions (where p=2), in which you obtain a degree 2 Galois extension by adjoining any square root not in the base field.
In this section, we generalize a correspondence between the Galois group of an extension and its intermediate fields.
Let’s revisit the intermediate fields of the splitting field of x3−2:
It turns out the Galois group for this extension is the symmetric group S3. Now notice how the subgroup diagram of S3 below looks exactly like the intermediate field diagram above, but flipped upside-down:
In fact, the subgroups of S3 directly correspond a set of permutations of the three roots of x3−2. The correspondence between subgroups of S3 and the corresponding intermediate field is that each intermediate field L contains all the elements KH that are fixed by every F-automorphism in the corresponding subgroup H of the Galois group G(K/F). Call KH the fixed field of H.
Lemma: The intersection of two subfields is a subfield of both.- Since F1 and F2 are fields and therefore integral domains, their subring F1∩F2 is also an integral domain.
- All that is left is to show every nonzero element of F1∩F2 has a multiplicative inverse. But since F1 and F2 both have the same multiplicative inverses for all their nonzero elements, so does F1∩F2.
Theorem: The fixed field KH of a subgroup H of a field extension K/F is an intermediate field of K/F.We already know that a single F-automorphism defines an intermediate field of K/F. A subgroup containing multiple F-automorphisms will fix elements KH corresponding to the intersection of the fixed elements of each individual F-automorphism. Being an intersection of subfields of K, KH must be a subfield of each of those subfields, and is therefore also a subfield of K containing F (i.e. an intermediate field of K/F.)
This is enough to prove that in general, the intermediate fields of a Galois extension correspond to the subfields of the Galois group.
Fundamental Theorem of Galois Theory: If K/F is Galois, its intermediate fields L are in a one-to-one correspondence with the subgroups of its Galois group G(K/F).First, for every intermediate field L, we can identify the permutations of K that fix L, which is the Galois group G(K/L). Call this map σ=L↦G(K/L).
Second, for every subgroup H≤G(K/F), we can identify the elements of K fixed by every permutation in H, which is its fixed field KH. Call this map τ=H↦KH.
The theorem states that σ and τ are inverses. In other words, the subset relations below are actually equalities:
This essentially only requires us to prove two things:
For σ=L↦G(K/L): we must have [K:L]=∣G(K/L)∣.
- Let G=G(K/L). Recall that G is exactly all the automorphisms of K that fix L. This is a subgroup of G(K/F).
- Since K/L is finite and separable, it has a primitive element α. Let f be its minimal polynomial.
- Apply the orbit-stabilizer theorem on the action of G on the roots of f. The orbit-stabilizer theorem states that the size of the orbit of α is equal to the size of the group divided by the size of the stabilizer of α: ∣Oα∣=∣G∣/∣Gα∣. Choosing α as a primitive element makes it so its stabilizer Gα is trivial, since if an automorphism fixes α, it fixes the whole extension.
- We know that ∣Gα∣=1, therefore the order of G matches the order of the orbit of α. We just need to show that there are [K:L] elements in the orbit of α.
- Since the minimal polynomial of α is irreducible over L, its Galois group G acts transitively on its roots. Therefore all of its roots are in the orbit of α. Since K/L is separable, the roots α are distinct, meaning the number of roots is equal to the degree [K:L] of the extension.
For τ=H↦KH: we must have ∣H∣=[K:KH].
- Since KH is an intermediate field of K/F, we know K/KH is Galois, and therefore ∣G(K/KH)∣=[K:KH].
- The automorphisms of K that fix the fixed group of H are exactly H, so G(K/KH)=H by definition. Therefore ∣H∣=[K:KH].
Because of this fundamental correspondence, the arduous task of studying the intermediate fields of a Galois extension can be reduced to the much simpler tasks of studying the subgroups of its Galois group.
Recall that all splitting fields in characteristic 0 are Galois extensions. Since each splitting field is defined over an irreducible polynomial, we can assign to each irreducible polynomial the Galois group of its splitting field. In fact, you can go to this website to look up the Galois group of every irreducible polynomial in Z[x]!
-
December 21, 2023.
Exploration 9: Solvability
Questions:
- When exactly does a formula for the roots of a polynomial exist?
Recall that we discussed quadratic extensions and cyclotomic extensions. What are their degrees and Galois groups?
For quadratic extensions, it is very straightforward. Since all quadratic extensions are simple extensions by a root of a degree 2 polynomial, every quadratic extension is degree 2, with Galois group C2.
What about cyclotomic extensions? Recall that the nth cyclotomic extension is created by adjoining a primitive nth root of unity. Since the minimal polynomial of such a root is the nth cyclotomic polynomial, whose roots are the φ(n) primitive nth roots of unity, the degree of a cyclotomic extension is φ(n) with a cyclic Galois group Z/nZ× of order φ(n).
Now let’s move on to cubics.
Solving cubic polynomials
Cubic polynomials have the form x3+a2x2+a1x+a0. That’s a lot, but we can eliminate the a2x2 term with the substitution x↦x−3a2 (the depressed cubic substitution):
==== (x−3a2)3+a2(x−3a2)2+a1(x−3a2)+a0 (x3−33a2x2+93a22x−27a23)+a2(x2−32xa2+9a22)+a1(x−3a2)+a0 x3−a2x2+3a22x−27a23+a2x2−32a22x+9a23+a1x−3a1a2+a0 x3+(a1−3a22)x+272a23−3a1a2+a0 x3+33a1−a22x+272a23−9a1a2+27a0
Thus we can always express cubic polynomials as x3+a1x+a0. In the splitting field, we have x3+a1x+a0=(x−α1)(x−α2)(x−α3) Expanding the RHS symmetric polynomial gives us
α1+α2+α3α1α2+α2α3+α1α3α1α2α3=0=a1=−a0
The first equation, α1+α2+α3=0, shows that α3 is generated by α1,α2. Thus the splitting field K/F can be written F(α1,α2) if α1 does not generate α2, and F(α1) otherwise.
So there’s a tower of fields:
Consider f=(x−α1)h over F(α1). Either h splits (so α1 generates α2) and the top two fields are equal, or h doesn’t split and is irreducible (so α2 is degree 2, since h is quadratic).
This means the degree of the splitting field of a cubic is either [K:F]=3 or [K:F]=6.
Splitting fields of a polynomial over F are Galois extensions over F. Since the degree of this splitting field is either 3 or 6, and the Galois group must consist of permutations of the three roots, G(K/F) must be a subgroup of the symmetric group S3, so it must be either the dihedral group S3 or the cyclic group C3.
In conclusion: while the splitting fields of quadratics are always degree 2 with Galois group C2, splitting fields of cubics are either degree 3 or 6, with Galois group either S3 or C3.
Solving quartic polynomials
There’s some dark magic involving nested square roots and factoring into quadratics, so I’ve ignored this bit. Just know that for any quartic polynomial f, you can define a resolvent cubic g and a discriminant D, which together determine the Galois group.
It turns out that the Galois group G for splitting fields of quartic polynomials are also subgroups of S4 for the same reason (they permute the four roots). S4 is order 24, so there are a lot more than just two subgroups like in the cubic case.
The full breakdown is as follows:
- If g is irreducible, then G≅A4 when D is a rational square, and G≅S4 otherwise.
- If g splits partially into a linear times quadratic, then G≅D4 when f is irreducible over F(D), and G≅C4 otherwise.
- If g splits completely, then G≅K4.
Again, I won’t get into quartics too much, since the important one is quintics. Just know that we can solve quartics similarly to how we solved cubics.
Solving quintic polynomials
Solving quintic (degree 5) equations was the original goal of Galois.
Like with the other cases, the Galois group of the splitting field is a subgroup of S5. It turns out S5 is not solvable in the sense of S4 and S3.
In this section, we describe solvability and what it means.
A root α∈C is solvable over F if you can use radicals (like square roots, nth roots, nested roots) in F to write α.
Motivation: Galois showed that the roots α∈C of certain irreducible f∈Q[x] of degree 5 are not solvable.
For instance, take the root 510 of x5−10∈Q[x]. It is solvable over Q since we expressed it as a radical over Q. In other words, Q⊆Q(510)=Q(α).
Another example: take the root 51+32 of (x5−1)3−2∈Q[x]. It is solvable over Q since we could express it in radicals over Q. In other words, Q⊆Q(32)⊆Q(51+32).
In general, to prove α is solvable over F, we prove there’s a chain of fields F⊆F1⊆F2⊆F3⊆…⊆K such that (conditions A):
- α∈K (root is in the final extension)
- ∀i.∃αi∈Fi.Fi=Fi−1(αi) (each extension is built by adjoining to previous extension)
- ∀i.∃m>0.αim∈Fi−1 (adjoined element is a mth root of an element in the previous extension)
We shall prove that to prove the above, it is enough to prove the following:
α is solvable over F if there’s a chain of subfields F⊆F1⊆F2⊆F3⊆…⊆K such that (conditions B):
- α∈K (root is in the final extension)
- ∀i.Fi/Fi−1 is Galois of prime degree
Theorem: Every Galois extension K/F of prime degree p can be broken down into a cyclotomic and a Kummer extension.- Since K is Galois and thus normal, K is a splitting field for xp−a for some a∈F, which implies K contains the pth roots of unity.
- Let L=F(ζp) so that L/F is a cyclotomic extension that contains the pth roots of unity, so that L is a subfield of K that extends F, i.e. K⊇L⊇F.
- Then since K/F is Galois, K/L is also Galois. Since L contains the pth roots of unity, and K/L is Galois, by Kummer’s theorem, K/L is a Kummer extension of degree p.
Since both cyclotomic and Kummer extensions are obtained by adjoining some root of an element in their base field, this means every Galois extension is equivalent to extensions that satisfy conditions A. Thus, given a chain that satisfies conditions B, we can construct a chain that satisfies conditions A.
Because of the Fundamental Theorem of Galois Theory, towers of field extensions F⊆F1⊆F2⊆F3⊆…⊆K correspond to chains of subgroups. In particular, towers of Galois extensions correspond to chains of normal subgroups:
Theorem: Every intermediate Galois extension L1/L2 corresponds to a normal subgroup relation H1⊲H2 in the original Galois group G(K/F).- (→)
- According to the fundamental theorem of Galois theory, L1/L2 indeed corresponds to a subgroup relation H1≤H2 between unique subgroups H1 and H2. To prove that this is a normal subgrouping, we use the fact that L1/L2 is Galois, and therefore normal.
- Since H1=G(K/L1) and H2=G(K/L2) under the correspondence, we can see that the elements of H1 are L1-automorphisms and the elements of H2 are L2-automorphisms. In particular, the subgrouping H1≤H2 implies that all L1-automorphisms are L2-automorphisms.
- Recall that in normal extensions like L1/L2, L2-automorphisms are invariant under conjugation. Thus, the elements of H1, being L2-automorphisms, are invariant under conjugation, implying that H1⊲H2.
- (←)
- Say you have H1⊲H2. Again, H1=G(K/L1) contains L1-automorphisms τ and H2=G(K/L2) contains L2-automorphisms σ under the correspondence. The normal subgrouping implies that σ−1τσ is also a L1-automorphism in H1.
- Let α∈L1 be the root of some polynomial f irreducible over L2. Since G(K/L2)=H2 permutes the roots of f, σ(α) represents an arbitrary conjugate of α. To show L1/L2 is normal, we just need to show that σ(α) is in L1, implying that f splits in L1, and thus L1/L2 is normal.
- But since σ−1τσ fixes L1, it must fix α∈L1. So we have σ−1τ(σ(α))=α, implying τ(σ(α))=σ(α), implying that τ fixes σ(α). But τ is a L1-automorphism, meaning elements it fixes are in L1.
This implies:
Theorem: Every Galois extension K/F whose Galois group is abelian can be broken down into cyclotomic and Kummer extensions.- If G(K/F) is abelian, every subgroup H is normal, and by the above theorem, must correspond to an intermediate Galois field extension K/L.
- If G(K/F) is abelian, then it decomposes into a direct product of cyclic groups. By the Chinese Remainder Theorem we can decompose those cyclic groups into a direct product of cyclic groups of prime order. Write this decomposition in any order: G(K/F)≅Cp1×Cp2×…×Cpk Then we can construct a chain of normal subgroups (where each quotient is of prime order) by incrementally popping off the rightmost factor: {1} ⊲ Cp1 ⊲ Cp1×Cp2 ⊲ … ⊲ Cp1×Cp2×…×Cpk
- These subgroups all correspond to a prime degree intermediate Galois field extension, and we can break each of those down into a cyclotomic and Kummer extension.
This gives us conditions C:
α is solvable over F if there’s a chain of subfields F⊆F1⊆F2⊆F3⊆…⊆K such that (conditions C):
- α∈K (root is in the final extension)
- ∀i.Fi/Fi−1 is Galois with an abelian Galois group
Finally, we can convert this into the realm of group theory using the fact that intermediate Galois extensions correspond to normal Galois subgroups. This gives us conditions D:
α is solvable over F if there’s a chain of normal subgroups {1}⊲…⊲G(K/L2)⊲G(K/L1)⊲G(K/F) such that (conditions D):
- α∈K (root is in the final extension)
- ∀i.∣G(K/Li)∣/∣G(K/Li+1)∣ is abelian
Using this final version of conditions for solvability, we can prove some basic theorems about solvability.
Theorem: Subgroups of solvable groups are solvable.Let H be said subgroup and let Gi be an element in the chain that proves the group solvable. Then in each Gi of the chain, just take the intersection Hi=H∩Gi. This just gets rid of some elements in each Gi, which doesn’t change the condition “its elements commute with everything” in the definition of normal subgroup and abelian quotient. So each subgroup relation in the chain is still normal, and each quotient is still abelian.
Theorem: Non-abelian simple groups are not solvable.If G is simple, then the only proper normal subgroup is {1}, meaning our chain can only look like {1}⊲G. But G/{1} is non-abelian, and thus the only possible chain does not satisfy conditions D, thus not solvable.
In this section, we prove that degree 5 polynomials are not solvable.
Note that all degree 5 polynomials have 5 roots, and thus the Galois group is at maximum S5, the symmetric group for five elements. This means all it takes to show not all degree 5 polynomials are solvable is to prove that S5 is not solvable.
Theorem: S5 is not solvable. -
April 15, 2024.
Exploration 10: Noncommutative rings
Questions:
- TODO
Domains
In our travels we’ve built up a hefty classification of integral domains: PIDs, UFDs, fields, Euclidean domains, and more. Here is a complete classification:
Now is the time to get into noncommutative rings. We begin with the ring at the bottom, a domain: a noncommutative integral domain.
In this section, we describe left and right versions of zero divisors.
The definition of domain is not exactly “no zero divisors”, though that is a sufficient definition. A more precise definition is to say that a domain has no left zero divisors and no right zero divisors. This is to distinguish elements a where some nonzero b exists so that ab=0 (making a a left zero divisor and b a right zero divisor) and elements a where some nonzero b exists so that ba=0 (making b a left zero divisor and a a right zero divisor). Our original notion of zero divisor in a commutative ring is a two-sided zero divisor, which is an element that is both a left and right zero divisor.
The distinction becomes important because if a ring has right zero divisors and no left zero divisors, for instance, then you partially get the cancellation property of integral domains, because you can cancel factors on the left: ab=ac implies b=c.
A domain is then a ring (not necessarily commutative) with no nonzero left or right zero divisors.
In this section, we describe left and right versions of ideals.
What happens to ideals in the noncommutative scenario? Let’s again go through how we defined an ideal, and spot where commutativity was used.
Therefore: for noncommutative rings, a left ideal can be defined as one that absorbs multiplication on the left.We need to show that x[a]=[xa] for all x∈[x]. This is the same as proving that xa∼xb iff a∼b. Let’s see how this works out: ⟺⟺⟺⟺⟺⟺xa∼xbxb∈[xa]xb−xa∈Hx(b−a)∈Hb−a∈Hb∈[a]a∼b Note that the cancellation step x(b−a)∈H⟺b−a∈H requires xH=H. This imposes xH=H as a requirement for multiplication in R/H to be well-defined.
Similarly, a right ideal absorbs multiplication on the right, and our original notion of ideal is a two-sided ideal, which are both left and right ideals.
To quotient a ring with an ideal it must be both a left and right ideal, so there are no changes needed for our understanding of quotient rings.
In this section, we measure the degree of commutativity of a ring.
Just like with groups, we can see how commutative a ring is by studying elements that commute with all other elements. Just like with groups, the set of all such elements is called the center Z(R) of the ring R.
Theorem: Forming a polynomial ring R[x] from a ring R preserves its center Z(R). That is, Z(R)[x] is in Z(R[x]).- The center of a ring Z(R) is all elements that (multiplicatively) commute with every element in R.
- We must show that an arbitrary element ∑izixi∈Z(R)[x] commutes with every element in R[x].
- Let r be an arbitrary element of R[x]. Since each term zixi commutes with everything, we can show that r(i∑zixi)=i∑rzixi=i∑zixir=(i∑zixi)r
- Therefore an arbitrary element ∑izixi∈Z(R)[x] commutes with all of R[x]. Therefore Z(R)[x]⊆Z(R[x]).
- The converse, Z(R[x])⊆Z(R)[x] is similarly straightforward; if an element ∑irixi is in the center of R[x], then we need to show that ri commutes with an arbitrary element s∈R. s(i∑rixi)i∑srixii∑srixisri=(i∑rixi)s=i∑rixis=i∑risxi=ris implying each coefficient ri is in Z(R), meaning the polynomial ∑irixi is in Z(R)[x].
Corollary: If R is a commutative ring, so is R[x].