Learning Modern Algebra

“book2” — 2013/5/24 — 8:18 — page i — #1
i i
Learning Modern Algebra

From Early Attempts to Prove
Fermat’s Last Theorem
i i
“book2” — 2013/5/24 — 8:18 — page ii — #2
i i
c 2013 by

The Mathematical Association of America (Incorporated)
Library of Congress Control Number: 2013940990
Print ISBN: 978-1-93951-201-7
Electronic ISBN: 978-1-61444-612-5
Printed in the United States of America
Current Printing (last digit):
10 9 8 7 6 5 4 3 2 1
i i
“book2” — 2013/5/24 — 8:18 — page iii — #3
i i
Learning Modern Algebra

From Early Attempts to Prove
Al Cuoco
EDC, Waltham MA
and
Joseph J. Rotman
University of Illinois at Urbana–Champaign
Published and distributed by

The Mathematical Association of America
i i
“book2” — 2013/5/24 — 8:18 — page iv — #4
i i
Committee on Books
Frank Farris, Chair
MAA Textbooks Editorial Board
Zaven A. Karian, Editor
Matthias Beck
Richard E. Bedient
Thomas A. Garrity
Charles R. Hampton
John Lorch
Susan F. Pustejovsky
Elsa J. Schaefer
Stanley E. Seltzer
Kay B. Somers
MAA TEXTBOOKS
Bridge to Abstract Mathematics, Ralph W. Oberste-Vorth, Aristides Mouzakitis, and
Bonita A. Lawrence
Calculus Deconstructed: A Second Course in First-Year Calculus, Zbigniew H. Nitecki
Combinatorics: A Guided Tour, David R. Mazur
Combinatorics: A Problem Oriented Approach, Daniel A. Marcus
Complex Numbers and Geometry, Liang-shin Hahn
A Course in Mathematical Modeling, Douglas Mooney and Randall Swift
Cryptological Mathematics, Robert Edward Lewand
Differential Geometry and its Applications, John Oprea
Elementary Cryptanalysis, Abraham Sinkov
Elementary Mathematical Models, Dan Kalman
An Episodic History of Mathematics: Mathematical Culture Through Problem Solving,
Steven G. Krantz
Essentials of Mathematics, Margie Hale
Field Theory and its Classical Problems, Charles Hadlock
Fourier Series, Rajendra Bhatia
Game Theory and Strategy, Philip D. Straffin
Geometry Revisited, H. S. M. Coxeter and S. L. Greitzer
Graph Theory: A Problem Oriented Approach, Daniel Marcus
Knot Theory, Charles Livingston
Learning Modern Algebra: From Early Attempts to Prove Fermat’s Last Theorem, Al
Cuoco and and Joseph J. Rotman
Lie Groups: A Problem-Oriented Introduction via Matrix Groups, Harriet Pollatsek
Mathematical Connections: A Companion for Teachers and Others, Al Cuoco
Mathematical Interest Theory, Second Edition, Leslie Jane Federer Vaaler and James
W. Daniel
i i
“book2” — 2013/5/24 — 8:18 — page v — #5
i i
Mathematical Modeling in the Environment, Charles Hadlock

Mathematics for Business Decisions Part 1: Probability and Simulation (electronic text-
book), Richard B. Thompson and Christopher G. Lamoureux
Mathematics for Business Decisions Part 2: Calculus and Optimization (electronic text-
book), Richard B. Thompson and Christopher G. Lamoureux
Mathematics for Secondary School Teachers, Elizabeth G. Bremigan, Ralph J. Bremi-
gan, and John D. Lorch
The Mathematics of Choice, Ivan Niven
The Mathematics of Games and Gambling, Edward Packel
Math Through the Ages, William Berlinghoff and Fernando Gouvea
Noncommutative Rings, I. N. Herstein
Non-Euclidean Geometry, H. S. M. Coxeter
Number Theory Through Inquiry, David C. Marshall, Edward Odell, and Michael Star-
bird
A Primer of Real Functions, Ralph P. Boas
A Radical Approach to Lebesgue’s Theory of Integration, David M. Bressoud
A Radical Approach to Real Analysis, 2nd edition, David M. Bressoud
Real Infinite Series, Daniel D. Bonar and Michael Khoury, Jr.
Topology Now!, Robert Messer and Philip Straffin
Understanding our Quantitative World, Janet Andersen and Todd Swanson
MAA Service Center

P.O. Box 91112
Washington, DC 20090-1112
1-800-331-1MAA FAX: 1-301-206-9789
i i
“book2” — 2013/5/24 — 8:18 — page vi — #6
i i
i i
“book2” — 2013/5/24 — 8:18 — page vii — #7
i i
vii
Per Micky: Tutto quello che faccio, lo faccio per te.
i i
“book2” — 2013/5/24 — 8:18 — page viii — #8
i i
i i
“book2” — 2013/5/24 — 8:18 — page ix — #9
i i
Contents
Preface xiii
Some Features of This Book . . . . . . . . . . . . . . . . . . . . . xiv
A Note to Students . . . . . . . . . . . . . . . . . . . . . . . . . . xv
A Note to Instructors . . . . . . . . . . . . . . . . . . . . . . . . . xv
Notation xvii
1 Early Number Theory 1

1.1 Ancient Mathematics . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Diophantus . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Geometry and Pythagorean Triples . . . . . . . . . . . . . 8
The Method of Diophantus . . . . . . . . . . . . . . . . . 11
Fermat’s Last Theorem . . . . . . . . . . . . . . . . . . . 14
Connections: Congruent Numbers . . . . . . . . . . . . . . 16
1.3 Euclid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Greek Number Theory . . . . . . . . . . . . . . . . . . . . 21
Division and Remainders . . . . . . . . . . . . . . . . . . 22
Linear Combinations and Euclid’s Lemma . . . . . . . . . 24
Euclidean Algorithm . . . . . . . . . . . . . . . . . . . . . 30
1.4 Nine Fundamental Properties . . . . . . . . . . . . . . . . . . 36
1.5 Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Trigonometry . . . . . . . . . . . . . . . . . . . . . . . . 41
Integration . . . . . . . . . . . . . . . . . . . . . . . . . . 42
2 Induction 45
2.1 Induction and Applications . . . . . . . . . . . . . . . . . . . 45
Unique Factorization . . . . . . . . . . . . . . . . . . . . . 53
Strong Induction . . . . . . . . . . . . . . . . . . . . . . . 57
Differential Equations . . . . . . . . . . . . . . . . . . . . 60
2.2 Binomial Theorem . . . . . . . . . . . . . . . . . . . . . . . 63
Combinatorics . . . . . . . . . . . . . . . . . . . . . . . . 69
2.3 Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
An Approach to Induction . . . . . . . . . . . . . . . . . . 73
Fibonacci Sequence . . . . . . . . . . . . . . . . . . . . . 75
3 Renaissance 81
3.1 Classical Formulas . . . . . . . . . . . . . . . . . . . . . . . 82
3.2 Complex Numbers . . . . . . . . . . . . . . . . . . . . . . . 91
ix
i i
“book2” — 2013/5/29 — 16:18 — page x — #10
i i
x Contents
Algebraic Operations . . . . . . . . . . . . . . . . . . . . 92
Absolute Value and Direction . . . . . . . . . . . . . . . . 99
The Geometry Behind Multiplication . . . . . . . . . . . . 101
3.3 Roots and Powers . . . . . . . . . . . . . . . . . . . . . . . . 106
3.4 Connections: Designing Good Problems . . . . . . . . . . . . 116
Norms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Pippins and Cheese . . . . . . . . . . . . . . . . . . . . . 118
Gaussian Integers: Pythagorean Triples Revisited . . . . . . 119
Eisenstein Triples and Diophantus . . . . . . . . . . . . . . 122
Nice Boxes . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Nice Functions for Calculus Problems . . . . . . . . . . . 124
Lattice Point Triangles . . . . . . . . . . . . . . . . . . . . 126
4 Modular Arithmetic 131

4.1 Congruence . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
4.2 Public Key Codes . . . . . . . . . . . . . . . . . . . . . . . . 149
4.3 Commutative Rings . . . . . . . . . . . . . . . . . . . . . . . 154
Units and Fields . . . . . . . . . . . . . . . . . . . . . . . 160
Subrings and Subfields . . . . . . . . . . . . . . . . . . . . 166
4.4 Connections: Julius and Gregory . . . . . . . . . . . . . . . . 169
4.5 Connections: Patterns in Decimal Expansions . . . . . . . . . 177
Real Numbers . . . . . . . . . . . . . . . . . . . . . . . . 177
Decimal Expansions of Rationals . . . . . . . . . . . . . . 179
Periods and Blocks . . . . . . . . . . . . . . . . . . . . . . 182
5 Abstract Algebra 191

5.1 Domains and Fraction Fields . . . . . . . . . . . . . . . . . . 192
5.2 Polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Polynomial Functions . . . . . . . . . . . . . . . . . . . . 204
5.3 Homomorphisms . . . . . . . . . . . . . . . . . . . . . . . . 206
Extensions of Homomorphisms . . . . . . . . . . . . . . . 213
Kernel, Image, and Ideals . . . . . . . . . . . . . . . . . . 216
5.4 Connections: Boolean Things . . . . . . . . . . . . . . . . . . 221
Inclusion-Exclusion . . . . . . . . . . . . . . . . . . . . . 227
6 Arithmetic of Polynomials 233

6.1 Parallels to Z . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Divisibility . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Roots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Greatest Common Divisors . . . . . . . . . . . . . . . . . 243
Unique Factorization . . . . . . . . . . . . . . . . . . . . . 248
Principal Ideal Domains . . . . . . . . . . . . . . . . . . . 255
6.2 Irreducibility . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Roots of Unity . . . . . . . . . . . . . . . . . . . . . . . . 264
6.3 Connections: Lagrange Interpolation . . . . . . . . . . . . . . 270
7 Quotients, Fields, and Classical Problems 277

7.1 Quotient Rings . . . . . . . . . . . . . . . . . . . . . . . . . 277
7.2 Field Theory . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Characteristics . . . . . . . . . . . . . . . . . . . . . . . . 287
Extension Fields . . . . . . . . . . . . . . . . . . . . . . . 289
i i
“book2” — 2013/5/24 — 8:18 — page xi — #11
i i
Contents xi
Algebraic Extensions . . . . . . . . . . . . . . . . . . . . 293

Splitting Fields . . . . . . . . . . . . . . . . . . . . . . . . 300
Classification of Finite Fields . . . . . . . . . . . . . . . . 305
7.3 Connections: Ruler–Compass Constructions . . . . . . . . . . 308
Constructing Regular n-gons . . . . . . . . . . . . . . . . 320
Gauss’s construction of the 17-gon . . . . . . . . . . . . . 322
8 Cyclotomic Integers 329

8.1 Arithmetic in Gaussian and Eisenstein Integers . . . . . . . . 330
Euclidean Domains . . . . . . . . . . . . . . . . . . . . . 333
8.2 Primes Upstairs and Primes Downstairs . . . . . . . . . . . . 337
Laws of Decomposition . . . . . . . . . . . . . . . . . . . 339
8.3 Fermat’s Last Theorem for Exponent 3 . . . . . . . . . . . . 349
Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . 350
The First Case . . . . . . . . . . . . . . . . . . . . . . . . 351
Gauss’s Proof of the Second Case . . . . . . . . . . . . . . 354
8.4 Approaches to the General Case . . . . . . . . . . . . . . . . 359
Cyclotomic integers . . . . . . . . . . . . . . . . . . . . . 360
Kummer, Ideal Numbers, and Dedekind . . . . . . . . . . . 365
8.5 Connections: Counting Sums of Squares . . . . . . . . . . . . 371
A Proof of Fermat’s Theorem on Divisors . . . . . . . . . 373
9 Epilog 379
9.1 Abel and Galois . . . . . . . . . . . . . . . . . . . . . . . . . 379
9.2 Solvability by Radicals . . . . . . . . . . . . . . . . . . . . . 381
9.3 Symmetry . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
9.4 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
9.5 Wiles and Fermat’s Last Theorem . . . . . . . . . . . . . . . 396
Elliptic Integrals and Elliptic Functions . . . . . . . . . . . 397
Congruent Numbers Revisited . . . . . . . . . . . . . . . . 400
Elliptic Curves . . . . . . . . . . . . . . . . . . . . . . . . 404
A Appendices 409
A.1 Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
A.2 Equivalence Relations . . . . . . . . . . . . . . . . . . . . . . 420
A.3 Vector Spaces . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Bases and Dimension . . . . . . . . . . . . . . . . . . . . 427
Linear Transformations . . . . . . . . . . . . . . . . . . . 435
A.4 Inequalities . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
A.5 Generalized Associativity . . . . . . . . . . . . . . . . . . . . 442
A.6 A Cyclotomic Integer Calculator . . . . . . . . . . . . . . . . 444
Eisenstein Integers . . . . . . . . . . . . . . . . . . . . . . 445
Symmetric Polynomials . . . . . . . . . . . . . . . . . . . 446
Algebra with Periods . . . . . . . . . . . . . . . . . . . . . 446
References 449
Index 451
About the Authors 459
i i
“book2” — 2013/5/24 — 8:18 — page xii — #12
i i
i i
“book2” — 2013/5/24 — 8:18 — page xiii — #13
i i
Preface
This book is designed for college students who want to teach mathematics in
high school, but it can serve as a text for standard abstract algebra courses as
well. First courses in abstract algebra usually cover number theory, groups,
and commutative rings. We have found that the first encounter with groups is
not only inadequate for future teachers of high school mathematics, it is also
unsatisfying for other mathematics students. Hence, we focus here on number
theory, polynomials, and commutative rings. We introduce groups in our last
chapter, for the earlier discussion of commutative rings allows us to explain
how groups are used to prove Abel’s Theorem: there is no generalization of the
quadratic, cubic, and quartic formulas giving the roots of the general quintic
polynomial. A modest proposal: undergraduate abstract algebra should be a
sequence of two courses, with number theory and commutative rings in the
first course, and groups and linear algebra (with scalars in arbitrary fields) in
the second.
We invoke an historically accurate organizing principle: Fermat’s Last The-
orem (in Victorian times, the title of this book would have been Learning Mod-
ern Algebra by Studying Early Attempts, Especially Those in the Nineteenth
Century, that Tried to Prove Fermat’s Last Theorem Using Elementary Meth-
ods). To be sure, another important problem at that time that contributed to
modern algebra was the search for formulas giving the roots of polynomials.
This search is intertwined with the algebra involved in Fermat’s Last Theo-
rem, and we do treat this part of algebra as well. The difference between our
approach and the standard approach is one of emphasis: the natural direction
for us is towards algebraic number theory, whereas the usual direction is to-
wards Galois theory.
Four thousand years ago, the quadratic formula and the Pythagorean The-
orem were seen to be very useful. To teach them to new generations, it was
best to avoid square roots (which, at the time, were complicated to compute),
and so problems were designed to have integer solutions. This led to Pythag-
orean triples: positive integers a; b; c satisfying a2 C b 2 D c 2 . Two thousand
years ago, all such triples were found and, when studying them in the seven-
teenth century, Fermat wondered whether there are positive integer solutions
to an C b n D c n for n > 2. He claimed in a famous marginal note that there
are no solutions, but only his proof of the case n D 4 is known. This problem,
called Fermat’s Last Theorem, intrigued many of the finest mathematicians,
but it long resisted all attempts to solve it. Finally, using sophisticated tech-
niques of algebraic geometry developed at the end of the twentieth century,
Andrew Wiles proved Fermat’s Last Theorem in 1995.
xiii
i i
“book2” — 2013/5/24 — 8:18 — page xiv — #14
i i
xiv Preface
Before its solution, Fermat’s Last Theorem was a challenge to mathemati-

cians (as climbing Mount Everest was a challenge to mountaineers). There are
no dramatic applications of the result, but it is yet another triumph of human in-
tellect. What is true is that, over the course of 350 years, much of contemporary
mathematics was invented and developed in trying to deal with it. The num-
ber theory recorded in Euclid was shown to have similarities with the behavior
of polynomials, and generalizations of prime numbers and unique factoriza-
tion owe their initial study to attempts at proving Fermat’s Last Theorem. But
these topics are also intimately related to what is actually taught in high school.
Thus, abstract algebra is not merely beautiful and interesting, but it is also a
valuable, perhaps essential, topic for understanding high school mathematics.
Some Features of This Book

We include sections in every chapter, called Connections, in which we explic-
itly show how the material up to that point can help the reader understand and
implement the mathematics that high school teachers use in their profession.
This may include the many ways that results in abstract algebra connect with
core high school ideas, such as solving equations or factoring. But it may also
include mathematics for teachers themselves, that may or may not end up “on
the blackboard;” things like the use of abstract algebra to make up good prob-
lems, to understand the foundations of topics in the curriculum, and to place
the topics in the larger landscape of mathematics as a scientific discipline.
Many students studying abstract algebra have problems understanding
proofs; even though they can follow each step of a proof, they wonder how
anyone could have discovered its argument in the first place. To address such
problems, we have tried to strike a balance between giving a logical develop-
ment of results (so the reader can see how everything fits together in a coherent
package) and discussing the messier kinds of thinking that lead to discovery
and proofs. A nice aspect of this sort of presentation is that readers participate
in doing mathematics as they learn it.
One way we implement this balance is our use of several design features,
such as the Connections sections described above. Here are some others.
Sidenotes provide advice, comments, and pointers to other parts of the text
related to the topic at hand. What could be more fitting for a book related to
Fermat’s Last Theorem than to have large margins?
Interspersed in the text are boxed “callouts,” such as How to Think About
It, which suggest how ideas in the text may have been conceived in the
first place, how we view the ideas, and what we guess underlies the formal
exposition. Some other callouts are:
Historical Note, which provides some historical background. It often helps
to understand mathematical ideas if they are placed in historical con-
text; besides, it’s interesting. The biographies are based on those in the
MacTutor History of Mathematics Archive of the School of Mathemat-
ics and Statistics, University of St. Andrews, Scotland. It can be found
on the internet: its URL is
www-history.mcs.st-andrews.ac.uk
Etymology, which traces out the origin of some mathematical terms. We
believe that knowing the etymology of terms often helps to understand
the ideas they name.
i i
“book2” — 2013/5/24 — 8:18 — page xv — #15
i i
Preface xv
Etymology. The word mathematics comes from classical Greek; it

means “knowledge,” “something learned.” But in ancient Rome through
the thirteenth century, it meant “astronomy” and “astrology.” From the
Middle Ages, it acquired its present meaning.
The word arithmetic comes from the Greek word meaning “the art of
counting.” The word geometry, in classical Greek, meant “science of
measuring;” it arose from an earlier term meaning “land survey.”
It is a pleasure to acknowledge those who have contributed valuable com-

ments, suggestions, ideas, and help. We thank Don Albers, Carol Baxter, Bruce
Berndt, Peter Braunfeld, Keith Conrad, Victoria Corkery, Don DeLand, Ben Conrad’s website
Fischer, Andrew Granville, Heini Halberstam, Zaven Karian, Tsit-Yuen Lam, www.math.uconn.edu/
Paul Monsky, Beverly Ruedi, Glenn Stevens, and Stephen Ullom. ˜kconrad/blurbs/
is full of beautiful ideas.
A Note to Students
The heart of a mathematics course lies in its problems. We have tried to or-
chestrate them to help you build a solid understanding of the mathematics in
the sections. Everything afterward will make much more sense if you work
through as many exercises as you can, especially those that appear difficult.
Quite often, you will learn something valuable from an exercise even if you
don’t solve it completely. For example, a problem you can’t solve may show
that you haven’t fully understood an idea you thought you knew; or it may
force you to discover a fact that needs to be established to finish the solution.
There are two special kinds of exercises.
Those labeled Preview may seem to have little to do with the section at hand;
they are designed to foreshadow upcoming topics, often with numerical ex-
periments.
Those labeled Take it Further develop interesting ideas that are connected
to the main themes of the text, but are somewhat off the beaten path. They
are not essential for understanding what comes later in the text.
An exercise marked with an asterisk, such as 1.8*, means that it is either
used in some proof or it is referred to elsewhere in the text. For ease of finding
such exercises, all references to them have the form “Exercise 1.8 on page 6”
giving both its number and the number of the page on which it occurs.
A Note to Instructors
We recommend giving reading assignments to preview upcoming material.
This contributes to balancing experience and formality as described above, and
it saves time. Many important pages can be read and understood by students,
and they should be discussed in class only if students ask questions about them.
It is possible to use this book as a text for a three hour one-semester course,
but we strongly recommend that it be taught four hours per week.
—Al Cuoco and Joe Rotman
i i
“book2” — 2013/5/24 — 8:18 — page xvi — #16
i i
i i
“book2” — 2013/5/24 — 8:18 — page xvii — #17
i i
Notation
.a; b; c/ 4 triangle with sides of lengths a; b; c

ABC 4 triangle with vertices A; B; C
N 21 natural numbers
Z 21 integers
ajb 21 a is a divisor of b
gcd.a; b/ 24 greatest common divisor
bxc 29 greatest integer in x
Q 36 rational numbers
R 36 real numbers
) 46 implies
lcm.a; b/ 55 least common multiple
n

r
63 binomial coefficient
<.z/ 92 real part of complex number z
=.z/ 92 imaginary part of complex number z
C 92 complex numbers
!
PQ 93 arrow from P to Q
z 96 conjugate of z
jzj 99 modulus of z
arg.z/ 100 argument of z
ez 108 complex exponential
.n/ 111 Euler -function
N.z/ 116 norm of z
ZŒi 119 Gaussian integers
ZŒ!/ 120 Eisenstein integers
a b mod m 132 a is congruent to b modulo m
ci mr
m1 m 147 expression with mi deleted
Œa 154 congruence class of integer a
Zm 154 integers mod m
ZŒ 157 cyclotomic integers
RS 157 ring of functions R ! S
C.X/ 157 ring of continuous functions X ! R
xvii
i i
“book2” — 2013/5/24 — 8:18 — page xviii — #18
i i
xviii Notation
Fun.R/ 157 ring of functions R ! R

F4 165 field with 4 elements
2X 167 Boolean ring of subsets of set X
j.m/ 172 calendar month function
Frac.D/ 194 fraction field of domain D
a=b 195 element of Frac.D/
deg.f / 198 degree of polynomial f
RŒŒx 198 all power series over R
RŒx 198 all polynomials over R
x 200 indeterminate in RŒx
f 0 .x/ 202 derivative of f .x/ 2 RŒx
f# 204 associated polynomial function of f
Poly.R/ 204 all polynomials functions over R
k.x/ 205 field of rational functions over k
Fq 205 finite field with exactly q elements
RŒx1 ; : : : ; xn 205 polynomials in several variables over R
D.x1 ; : : : ; xn/ 206 rational functions in several variables over
domain D
RŠS 207 rings R and S are isomorphic
ker ' 217 kernel of homomorphism '
im ' 217 image of homomorphism '
.b1 ; : : : ; bn / 218 ideal generated by b1 ; : : : ; bn
.a/ 218 principal ideal generated by a
.0/ 219 zero ideal D f0g
IJ 220 product of ideals I and J
I CJ 220 sum of ideals I and J
RS 221 direct product of rings R and S
a_b 223 binary operation in Boolean ring
jAj 227 number of elements in finite set A
PID 255 principal ideal domain
UFD 258 unique factorization domain
ˆd .x/ 265 cyclotomic polynomial
aCI 278 coset of element a mod ideal I
a b mod I 279 congruent mod ideal I
R=I 280 quotient ring R mod I
˝ ˛
X 293 subfield generated by subset X
ŒK W k 291 degree of extension field K= k
k.z1 ; : : : ; zn / 294 extension field adjoining z1 ; : : : ; zn to k
irr.z; k/ 296 minimal polynomial of z over k
PQ 310 line segment with endpoints P; Q
PQ 310 length of segment PQ
i i
“book2” — 2013/5/24 — 8:18 — page xix — #19
i i
Notation xix
L.P; Q/ 309 line determined by points P; Q

C.P; Q/ 309 circle with center P , radius PQ
@ 333 size function on Euclidean domain
348 D1 !
350 valuation
r .n/ 371 number of non-associate z 2 ZŒi of norm n
Q1 372 first quadrant
.s/ 374 Riemann zeta function
.n/ 375 a multiplicative function on ZŒi
Gal.f / 386 Galois group of polynomial f
Gal.E= k/ 387 Galois group of field extension E= k
Sn 389 symmetric group on n letters
G=N 392 quotient group
a2A 409 a is an element of set A
1X 411 identity function on set X
f W a 7! b 411 f .a/ D b
U V 410 U is a subset of set V
U ¨V 410 U is a proper subset of V
¿ 410 empty set
gıf 414 composite f followed by g
Œa 421 equivalence class of element a
SpanhXi 427 subspace spanned by subset X
dim.V / 433 dimension of vector space V
V 437 dual space of vector space V
A> 438 transpose of matrix A
i i
“book2” — 2013/5/24 — 8:18 — page xx — #20
i i
i i
“book2” — 2013/5/24 — 8:18 — page 1 — #21
i i
1 Early Number Theory
Algebra, geometry, and number theory have been used for millennia. Of course,
numbers are involved in counting and measuring, enabling commerce and ar-
chitecture. But reckoning was also involved in life and death matters such as
astronomy, which was necessary for navigation on the high seas (naval com-
merce flourished four thousand years ago) as well as to predict the seasons,
to apprise farmers when to plant and when to harvest. Ancient texts that have
survived from Babylon, China, Egypt, Greece, and India provide evidence for
this. For example, the Nile River was the source of life in ancient Egypt, for
its banks were the only arable land in the midst of desert. Mathematics was
used by the priestly class to predict flooding as well as to calculate area (taxes
were assessed according to the area of land, which changed after flood waters
subsided). And their temples and pyramids are marvels of engineering.
1.1 Ancient Mathematics

The quadratic formula was an important mathematical tool, and so it was
taught to younger generations training to be royal scribes. Here is a problem
from an old Babylonian cuneiform text dating from about 1700 BCE. We quote
from van der Waerden [35], p. 61 (but we write numbers in base 10 instead
of in base 60, as did the Babylonians). We also use modern algebraic notation
that dates from the fifteenth and sixteenth centuries (see Cajori [6]).
I have subtracted the side of the square from the area, and it is 870. What
is the side of my square?
The text rewrites the data as the quadratic equation x 2 x D 870; it then
gives a series of steps showing how to find the solution, illustrating that the
Babylonians knew the quadratic formula.
Historians say that teaching played an important role in ancient mathe-
matics (see van der Waerden [35], pp. 32–33). To illustrate, the coefficients
of the quadratic equation were chosen wisely: the discriminant b 2 4ac D
1 4. 870/ D 3481 D 592 is a perfect square. Were the discriminant not a The number 59 may have
perfect square, the problem would have been much harder, for finding square been chosen because
the Babylonians wrote
roots was not routine in those days. Thus, the quadratic in the text is well-
numbers in base 60, and
chosen for teaching the quadratic formula; a good teaching prize would not be 59 D 60 1.
awarded for x 2 47x D 210.
The Babylonians were not afraid of cubics. Another of their problems from
about the same time is
1
i i
“book2” — 2013/5/24 — 8:18 — page 2 — #22
i i
2 Chapter 1 Early Number Theory
Solve 12x 3 D 3630,
and the answer was given. The solution was, most likely, obtained by using
tables of approximations of cube roots.
A standard proof of the quadratic formula is by “completing the square.”
This phrase can be taken literally. Given a quadratic x 2 C bx D c with b and c
positive, we can view x 2 C bx as the shaded area in Figure 1.1. Complete the
Figure 1.1. Completing the Square.
figure to a square by attaching the corner square having area 12 b 21 b D 41 b 2 ;

the new square has area
c C 14 b 2 D x 2 C bx C 14 b 2 D .x C 12 b/2 :
q
Thus, x C 12 b D c C 14 b 2, which simplifies to the usual formula giving
2
the roots of x C bx c. The algebraic proof of the validity of the quadratic
formula works without assuming that b and c are positive, but the idea of the
proof is geometric.
b a b
a a a2
c2
b b b2
In [35], pp. 26–35, van
der Waerden considers a
the origin of proofs in
mathematics, suggesting Figure 1.2. Pythagorean Theorem.
that they arose in Europe
and Asia in Neolithic
(late Stone Age) times,
The Babylonians were aware of the Pythagorean Theorem. Although they
4500 BCE –2000 BCE . believed it, there is no evidence that the Babylonians had proved the Pythag-
orean Theorem; indeed, no evidence exists that they even saw a need for a
proof. Tradition attributes the first proof of this theorem to Pythagoras, who
Exercise 1.4 on page 5
asks you to show that the lived around 500 BCE, but no primary documents extant support this. An ele-
rhombus in Figure 1.2 gant proof of the Pythagorean Theorem is given on page 354 of Heath’s 1926
with sides of length c is a translation [16] of Euclid’s The Elements; the theorem follows from equality
square. of the areas of the two squares in Figure 1.2.
i i
“book2” — 2013/5/24 — 8:18 — page 3 — #23
i i
1.1 Ancient Mathematics 3
Here is an ancient application of the Pythagorean Theorem. Aristarchus

(ca. 310 BCE–250 BCE) saw that the Moon and the Sun appear to be about
the same size, and he wondered how far away they are. His idea was that at
the time of the half-moon, the Earth E, Moon M , and Sun S form a right
triangle with right angle †M (that is, looking up at the Moon, the line of sight
seems to be perpendicular to the Sun’s rays). The Pythagorean Theorem gives
S M
a
E
Figure 1.3. Earth, Moon, and Sun.
jSEj2 D jSM j2 C jMEj2. Thus, the Earth is farther from the Sun than it is
from the Moon. Indeed, at sunset, ˛ D †E seems to be very close to 90ı: if we
are looking at the Moon and we wish to watch the Sun dip below the horizon,
we must turn our head all the way to the left. Aristarchus knew trigonometry;
he reckoned that cos ˛ was small, and he concluded that the Sun is very much
further from the Earth than is the Moon.
Example 1.1. Next, we present a geometric problem from a Chinese collec-

tion of mathematical problems, Nine Chapters on the Mathematical Art, writ-
ten during the Han Dynasty about two thousand years ago. Variations of this
problem still occur in present day calculus books!
There is a door whose height and width are unknown, and a pole whose There are similar problems
length p is also unknown. Carried horizontally, the pole does not fit by 4 from the Babylonians and
other ancient cultures.
ch’ihI vertically, it does not fit by 2 ch’ihI slantwise, it fits exactly. What
are the height, width, and diagonal of the door?
p
p–2
p–4
Figure 1.4. Door Problem.
The data give a right triangle with sides p 4, p 2, and p, and the Py-
thagorean Theorem gives the equation .p 4/2 C .p 2/2 D p 2, which
simplifies to p 2 12p C 20 D 0. The discriminant b 2 4ac is 144 80 D 64,
a perfect square, so that p D 10 and the door has height 8 and width 6 (the
other root of the quadratic is p D 2, which does not fit the physical data).
The sides of the right triangle are 6, 8, 10, and it is similar to the triangle with
sides 3; 4; 5. Again, the numbers have been chosen wisely. The idea is to teach
i i
“book2” — 2013/5/24 — 8:18 — page 4 — #24
i i
students how to use the Pythagorean Theorem and the quadratic formula. As
we have already remarked, computing square roots was then quite difficult, so
that the same problem for a pole of length p D 12 would not have been very
The word hypotenuse bright because there is no right triangle with sides of integral length that has
comes from the Greek verb hypotenuse 12. N
meaning to stretch.
Are there right triangles whose three sides have integral length that are not
similar to the 3; 4; 5 triangle? You are probably familiar with the 5; 12; 13 tri-
angle. Let’s use 4.a; b; c/ (lower case letters) to denote the triangle whose
sides have length a, b, and c; if 4.a; b; c/ is a right triangle, then c denotes
the length of its hypotenuse, while a and b are its legs. Thus, the right trian-
gle with side-lengths 5, 12, 13 is denoted by 4.5; 12; 13/. (We use the usual
notation, 4ABC , to denote a triangle whose vertices are A; B; C .)
Definition. A triple .a; b; c/ of positive integers with a2 C b 2 D c 2 is called

a Pythagorean triple.
If .a; b; c/ is a Pythagorean triple, then the triangles 4.a; b; c/ and 4.b; a; c/

are the same. Thus, we declare that the Pythagorean triples .a; b; c/ and .b; a; c/
are the same.
Historical Note. Pythagorean triples are the good choices for problems teach-
ing the Pythagorean Theorem. There are many of them: Figure 1.5 shows a
Babylonian cuneiform tablet dating from the dynasty of Hammurabi, about
1800 BCE, whose museum name is Plimpton 322, which displays fifteen
Pythagorean triples (translated into our number system).
b a c
120 119 169
3456 3367 4825
4800 4601 6649
13500 12709 18541
72 65 97
360 319 481
2700 2291 3541
960 799 1249
600 481 769
6480 4961 8161
60 45 75
2400 1679 2929
240 161 289
2700 1771 3229
90 56 106
Figure 1.5. Plimpton 322.
i i
“book2” — 2013/5/24 — 8:18 — page 5 — #25
i i
1.1 Ancient Mathematics 5
It is plain that the Babylonians had a way to generate large Pythagorean

triples. Here is one technique they might have used. Write
a2 D c 2 b 2 D .c C b/.c b/:
If there are integers m and n with
c C b D m2
c b D n2 ;
then
p
aD .c C b/.c b/ D mn: (1.1)
We can also solve for b and c:

bD 1
2 m2 n2 (1.2)
1

cD 2
m2 C n2 : (1.3)
Summarizing, here is what we call the Babylonian method. Choose odd num-
bers m and n (forcing m2 C n2 and m2 n2 to be even, so that b and c are
integers), and define a, b, and c by Eqs. (1.1), (1.2), and (1.3). For example, if
m D 7 and n D 5, we obtain 35, 12, 37. If we choose m D 179 and n D 71,
we obtain 13500, 12709, 18541, the largest triple on Plimpton 322.
The Babylonian method does not give all Pythagorean triples. For example,
.6; 8; 10/ is a Pythagorean triple, but there are no odd numbers m > n with
6 D mn or 8 D mn. Of course, .6; 8; 10/ is not signifcantly different from
.3; 4; 5/, which arises from 3 > 1. In the next section, we will show, follow-
ing Diophantus, ca. 250 CE, how to find all Pythagorean triples. But now we
should recognize that practical problems involving applications of pure math-
ematics (e.g., surveying) led to efforts to teach this mathematics effectively, After all, what practi-
which led to more pure mathematics (Pythagorean triples) that seems at first to cal application does
have no application outside of teaching. The remarkable, empirical, fact is that the Pythagorean triple
.13500; 12709; 18541/
pure mathematics yields new and valuable applications. For example, we shall
have?
see in the next section that classifying Pythagorean triples leads to simplifying
the verification of some trigonometric identities as well as the solution of cer-
tain integration problems (for example, we will see a natural way to integrate
sec x).
Exercises
1.1 Prove the quadratic formula for the roots of ax 2 C bx C c D 0 whose coefficients
a, b, and c may not be positive.
1.2 Give a geometric proof that .a C b/2 D a2 C 2ab C b 2 for a; b positive.
1.3 * Let f .x/ D ax 2 C bx C c be a quadratic whose coefficients a; b; c are rational.
Prove that if f .x/ has one rational root, then its other root is also rational.
1.4 *
(i) Prove that the rhombus with side lengths c in the left square of Figure 1.2 is The book by Loomis [20]
a square. contains 370 different
(ii) Prove the Pythagorean Theorem in a way suggested by Figure 1.2. proofs of the Pythagorean
Theorem, by the author’s
(iii) Give a proof of the Pythagorean Theorem different from the one suggested count.
by Figure 1.2.
i i
“book2” — 2013/5/24 — 8:18 — page 6 — #26
i i
1.5 Here is another problem from Nine Chapters on the Mathematical Art. A pond is
10 ch’ih square. A reed grows at its center and extends 1 ch’ih out of the water.
If the reed is pulled to the side of the pond, it reaches the side precisely. What are
the depth of the water and the length of the reed?
Answer: Depth = 12 ch’ih and length = 13 ch’ih.
1.6 *
(i) Establish the algebraic identity
2 2
aCb a b
D ab:
2 2
(ii) Use (i) to establish the Arithmetic–Geometric Mean Inequality: if a and b

are positive reals, then
p
ab 21 .a C b/:
When is there equality?

(iii) Show how to dissect an a b rectangle so that it fits inside a square with
side-length .a C b/=2. How much is “left over?”
Hint: Try it with numbers. Cut an 8 14 rectangle to fit inside an 11 11
square.
(iv) Show that a rectangle of maximum area with fixed perimeter is a square.
(v) The hyperbolic cosine is defined by
cosh x D 21 .ex C e x
/:
Prove that cosh x 1 for all real numbers x, while cosh x D 1 if and only if
x D 0.
(vi) Use Figure 1.6 to give another proof of the Arithmetic-Geometric Mean In-
equality.
a b
Figure 1.6. Arithmetic–Geometric Mean Inequality.
1.7 * Prove that there is no Pythagorean triple .a; b; c/ with c D 12.

1.8 * Let .a; b; c/ be a Pythagorean triple.
(i) Prove that the legs a and b cannot both be odd.
(ii) Show that the area of 4.a; b; c/ is an integer.
i i
“book2” — 2013/5/24 — 8:18 — page 7 — #27
i i
1.2 Diophantus 7
1.9 * Show that 5 is not the area of a triangle whose side-lengths form a Pythagorean
triple.
1.10 * Let .a; b; c/ be a Pythagorean triple. If m is a positive integer, prove that
.ma; mb; mc/ is also a Pythagorean triple.
1.11 .Converse of Pythagorean Theorem/: * Let 4 D 4.a; b; c/ be a triangle with
sides of lengths a; b; c (positive real numbers, not necessarily integers). Prove that
if a2 C b 2 D c 2 , then 4 is a right triangle.
Hint: Construct a right triangle 40 with legs of lengths a; b, and prove that 40 is
congruent to 4 by side-side-side.
1.12 * Prove that every Pythagorean triple .a; b; c/ arises from a right triangle 4.a; b; c/
having sides of lengths a; b; c.
1.13 If P D .a; b; c/ is a Pythagorean triple, define r.P / D c=a. If we label the Py-
thagorean triples on Plimpton 322 as P1 ; : : : ; P15 , show that r.Pi / is decreasing:
r.Pi / > r.Pi C1 / for all i 14.
1.14 * If .a; b; c/ is a Pythagorean triple, show that .a=c; b=c/ is a point on the graph
of x 2 C y 2 D 1. What is the graph of x 2 C y 2 D 1?
1.15 Preview: Let L be the line through . 1; 0/ with slope t .
1
(i) If t D 2, find all the points where L intersects the graph of x 2 C y 2 D 1.
Answer: . 35 ; 54 /.
3
(ii) If t D 2, find all the points where L intersects the graph of x 2 C y 2 D 1.
Answer: . 135 ; 12
13 /.
1
(iii) Pick a rational number t , not 2 or 32 , and find all the points where L intersects
the graph of x 2 C y 2 D 1.
(iv) Suppose ` is a line that contains . 1; 0/ with slope r. If r is a rational number,
show that ` intersects the graph of x 2 C y 2 D 1 in two points, each of which
has rational number coordinates.
1.16 Preview: A Gaussian integer is a complex number a C bi where both a and b
are integers. Pick six Gaussian integers r C si with r > s > 0 and square them.
State something interesting that you see in your results.
1.17 Preview: Consider a complex number z D q C ip, where q > p are positive
integers. Prove that
.q 2 p2 ; 2qp; q 2 C p2 / If z is a complex number,

say z D a Cp bi, then we
is a Pythagorean triple by showing that jz 2 j D jzj2 . define jzj D a2 C b 2 .
1.18 Preview: Show, for all real numbers m and n, that

h i2
1 1
2 .m C n/ C 2 .m n/i D mn C 12 .m2 n2 /i:
1.2 Diophantus
We are going to classify Pythagorean triples using a geometric method of Dio-
phantus that describes all Pythagorean triples.
Historical Note. We know very little about the life of Diophantus. He was
a mathematician who lived in Alexandria, Egypt, but his precise dates are
i i
“book2” — 2013/5/24 — 8:18 — page 8 — #28
i i
unknown; most historians believe he lived around 250 CE. His extant work
shows systematic algebraic procedures and notation, but his leaps of intuition
strongly suggest that he was thinking geometrically; indeed, Newton called
Diophantus’s discussion of Pythagorean triples the chord method (see Fig-
ure 1.7). Thus, geometry (the Pythagorean Theorem) and applied problems
(teaching) suggested an algebraic problem (find all Pythagorean triples), and
we now return to geometry to solve it. Here is evidence that the distinction
between algebra and geometry is an artificial one; both are parts of the same
subject.
Geometry and Pythagorean Triples

Before we get into the technicalities of Diophantus’s classification of Pythag-
orean triples, let’s note that geometry is lurking nearby. Exercise 1.14 above
makes a natural observation: if .a; b; c/ is a Pythagorean triple, then
a 2 b 2
C D 1;
c c
a point on the unit circle, the circle having radius 1, center the origin, and
equation x 2 C y 2 D 1. Dividing through by c 2 is a good idea. For example,
.6; 8; 10/ is a “duplicate” of .3; 4; 5/, and both of these Pythagorean triples
determine the same point, .3=5; 4=5/, on the unit circle.
Here is the main idea of Diophantus. Even though those points arising from
Pythagorean triples are special (for example, they lie in the first quadrant and
both their coordinates are rational numbers), let’s parametrize all the points P
on the unit circle. Choose a point on the unit circle “far away” from the first
quadrant; the simplest is . 1; 0/, and let ` D `.P / be the line joining it to P .
We shall see that the slopes of such lines parametrize all the points on the
unit circle. In more detail, any line ` through . 1; 0/ (other than the tangent)
l
slope = t
P = (x, y)
(–1, 0)
Figure 1.7. Geometric Idea of Diophantus.
intersects the unit circle in a unique second point, P D .x; y/; let t be the
slope of `. As t varies through all real numbers, 1 < t < 1, the intersection
points P of ` and the unit circle trace out the entire circle (except for . 1; 0/).
Proposition 1.2. The points P on the unit circle .other than . 1; 0// are
parametrized as

1 t2 2t
P D ; ; wher e 1 < t < 1:
1 C t2 1 C t2
i i
“book2” — 2013/5/24 — 8:18 — page 9 — #29
i i
1.2 Diophantus 9
Proof. The line through points .a; b/ and .c; d / has equation y b D t.x a/,
where t D .d b/=.c a/, so the line ` through . 1; 0/ and a point P D
.x; y/ on the unit circle has an equation of the form y D t.x C 1/, so that
x D .y t/=t. Thus, .x; y/ is a solution of the system
y D t.x C 1/
x C y 2 D 1:
2
An obvious solution of this system is . 1; 0/, because this point lies on both
the line and the circle. Let’s find x and y in terms of t. If the slope t D 0,
then ` is the x-axis and the other solution is .1; 0/. To find the solutions when
t ¤ 0, eliminate x: the equations
y t
Dx and x2 C y2 D 1
t
give
2
y t
C y 2 D 1:
t
Expanding and simplifying, we obtain

y .1 C t 2 /y 2t D 0:
We knew at the outset that y D 0 makes this true. If y ¤ 0, then canceling

gives
2t
yD ;
1 C t2
and solving for x gives
2t
y t 1Ct 2
t 1 t2
xD D D :
t t 1 C t2
In Exercise 1.12 on page 7, we saw that every Pythagorean triple .a; b; c/
arises from a right triangle 4.a; b; c/ having sides of integral lengths a; b; c.
Conversely, the Pythagorean Theorem says that every right triangle 4.a; b; c/
whose sides have integral length gives the Pythagorean triple .a; b; c/. Thus,
Pythagorean triples and certain right triangles are merely two ways to view the
same idea, one algebraic, one geometric. At any given time, we will adopt that
viewpoint which is most convenient.
We have already run across distinct Pythagorean triples that are essentially
the same; Exercise 1.10 on page 7 shows that if .a; b; c/ is a Pythagorean
triple, then so is .ma; mb; mc/, where m is a positive integer. The right trian-
gles 4.a; b; c/ and 4.ma; mb; mc/ determined by these Pythagorean triples
are similar, for their sides are proportional. More generally, the Pythagorean
triples .6; 8; 10/ and .9; 12; 15/ are not really different, for each arises from
.3; 4; 5/; however, neither .6; 8; 10/ nor .9; 12; 15/ is obtained from the other
by multiplying its terms by some integer m.
Definition. Two Pythagorean triples .a; b; c/ and .u; v; z/ are similar if their
right triangles 4.a; b; c/ and 4.u; v; z/ are similar triangles.
i i
“book2” — 2013/5/24 — 8:18 — page 10 — #30
i i
The method of Diophantus will give a formula for certain special Pythago-
rean triples, and it will then show that every Pythagorean triple is similar to a
special one.
Definition. A point .x; y/ in the plane is a rational point if both x and y are
rational numbers.
A Pythagorean point is a rational point in the first quadrant, lying on the
unit circle, and above the diagonal line with equation y D x.
Remember that we regard Pythagorean triples .a; b; c/ and .b; a; c/ as the

same. Recall some analytic geometry: if a ¤ b, P D .a; b/, and Q D .b; a/,
then the diagonal is the perpendicular bisector of the segment PQ. (The line
through P and Q has equation y D x C a C b; it is perpendicular to the
diagonal for the product of their slopes is 1; the line intersects the diagonal
in the point . aCb
2
; aCb
2
/, which is equidistant from P and Q. If a b, then P
is above the diagonal and Q is below.)
Proposition 1.3. A triple .a; b; c/ of integers is a Pythagorean triple if and

only if .a=c; b=c/ is a Pythagorean point.
Proof. Let .a; b; c/ be a Pythagorean triple. Dividing both sides of the defining
equation a2 C b 2 D c 2 by c 2 gives
.a=c/2 C .b=c/2 D 1;
so that the triple gives an ordered pair of positive rational numbers .x; y/ D
.a=c; b=c/ with x 2 C y 2 D 1. Thus, the rational point P D .x; y/ lies in the
first quadrant. As both .a; b; c/ and .b; a; c/ are the same Pythagorean triple,
we may assume that
x D a=c b=c D y;
so that .x; y/ lies above the diagonal line with equation y D x. Hence, .x; y/
is a Pythagorean point.
Conversely, let’s now see that a Pythagorean point .x; y/ gives rise to a
Pythagorean triple. Write the rational numbers x y with the same denomi-
nator, say, x D a=c and y D b=c, where a; b; and c are positive integers and
a b c. Now
a2 b2
1 D x2 C y2 D 2 C 2 ;
c c
so that a2 C b 2 D c 2 and hence .a; b; c/ is a Pythagorean triple.
In summary, the problem of finding all Pythagorean triples corresponds to
the problem of finding all Pythagorean points. This is exactly what the geo-
metric idea of Diophantus does. In fact, a Pythagorean point .x; y/ gives rise
to infinitely many Pythagorean triples. Write the coordinates with another de-
nominator, say x D u=z and y D v=z. The calculation at the end of the proof
of Proposition 1.3 shows that .u; v; z/ is another Pythagorean triple arising
from .x; y/.
Etymology. Here are sources of some common words of mathematics.

Proposition: From Latin, meaning a statement or something pictured in the
mind.
i i
“book2” — 2013/5/24 — 8:18 — page 11 — #31
i i
1.2 Diophantus 11
Theorem: From the Greek word meaning “spectacle” or “contemplate.” Re-

lated words are “theory” and “theater.” Theorems are important propositions.
Corollary: From the Latin word meaning “flower.” In ancient Rome, it meant
a “gratuity;” flowers were left as tips. In mathematics, corollaries follow eas-
ily from theorems; they are gifts bequeathed to us.
Lemma: From Greek; it meant something taken for granted. In mathematics
nowadays, it is usually a technical result, a minor theorem, which can be
used in the course of proving a more important theorem.
Proof: From Medieval French, meaning an argument from evidence estab-
lishing the truth. The adage, “The exception proves the rule,” uses the word
in the sense of testing: it originally meant a kind of indirect proof. We test
whether a rule is true by checking whether an exception to it leads to a con-
tradiction. Nowadays, this adage seems to have lost its meaning.
The Method of Diophantus

Proposition 1.2 parametrizes all the points P on the unit circle other than
. 1; 0/. We are now going to see which values of t produce Pythagorean
points: rational points on the unit circle lying in the first quadrant above the
diagonal line with equation y D x.
Theorem 1.4. Let P D .x; y/ ¤ . 1; 0/ be a point on the unit circle, and let
t be the slope of the line ` joining . 1; 0/ and P .
(i) The slope t is a rational number if and only if P is a rational point.
(ii) The point p
P is a Pythagorean point if and only if t is a rational number
satisfying 2 1 < t < 1.
Proof. (i) The parametrization P D .x; y/ gives a pair of equations:
1 t2 2t
xD and y D :
1 C t2 1 C t2
Clearly, if t is rational, then both x and y are rational. Conversely, if

P D .x; y/ is a rational point, then the slope t of ` is t D x y. 01/ D xC1
y
,
and so t is a rational number.
(ii) Pythagorean points correspond to rational points on the unit circle that lie
in the first quadrant above the line y D x. Points on the circle lying in the
first quadrant arise from lines having slope t with 0 < t < 1. The point The slope of the line joining
in the first p
quadrant that is the intersection of the unit circle andpthe p
line . 1; 0/ to .0; 1/ is 1.
p
y D x is . 22 ; 22 /, and the slope of the line joining . 1; 0/ to . 22 ; 22 /
is
p
2 p
2
tD p D 2 1 :414:
1 C 22
Therefore, Pythagorean points correspond

p to the lines ` through . 1; 0/
having rational slope t satisfying 2 1 < t < 1.
i i
“book2” — 2013/5/24 — 8:18 — page 12 — #32
i i
p Let’s look at this more closely. If t D p=q is a rational number between

2 1 and 1, then the Pythagorean point it gives can be expressed in terms of
p and q:
0 2 1
2 1 p
2 p
1 t 2t B q q C
; D@ 2 ; 2 A
1 C t2 1 C t2 p p
1C q
1C q

q2 p2 2qp
D ; 2 : (1.4)
q C p q C p2
2 2
Theorem 1.5 (Diophantus). Every Pythagorean triple .a; b; c/ is similar to a

Pythagorean triple of the form
.2qp; q 2p 2 ; q 2 C p 2/;
p
where p and q are positive integers with q > p > 2 1.
Proof. Since .a; b; c/ is a Pythagorean triple, P D .a=c; b=c/ is a Pythago-

rean point. By Eq. (1.4),
a b 1 t2 2t q 2 p 2 2qp
; D ; D ; :
c c 1 C t2 1 C t2 q2 C p2 q2 C p2
It follows that 4.a; b; c/ is similar to 4.2pq; q 2 p 2 ; q 2 C p 2/, because their

sides are proportional. Therefore, the Pythagorean triple .a; b; c/ is similar to
.2qp; q 2 p 2 ; q 2 C p 2/, as claimed.
How to Think About It. The strategy of Diophantus is quite elegant. The
problem of determining all Pythagorean triples is reduced from finding three
unknowns, a; b; and c, to two unknowns, x D a=c and y D b=c, to one
unknown, t D p=q. In effect, all Pythagorean triples p are parametrized by t;
that is, as t varies over all rational numbers between 2 1 and 1, the formulas
involving t vary over all Pythagorean points and hence over all Pythagorean
triples.
We can now show that the Babylonians had, in fact, found all Pythagorean
We are tacitly using a
technique of proof called triples.
Infinite Descent. If, for a
given positive integer n Corollary 1.6. Every Pythagorean triple is similar to one arising from the
with certain properties, Babylonian method.
there always exists a
strictly smaller positive
integer n1 having the Proof. By Theorem 1.5, every Pythagorean triple is similar to one of the form
same properties, then .2qp; q 2 p 2 ; q 2 C p 2 /, where q > p are positive integers. If both q and p are
there are infinitely many even, then we can replace q > p by 21 q > 12 p, obtaining a Pythagorean triple
such integers. But this is
impossible; there are only . 14 2qp; 41 .q 2 p 2/; 14 .q 2 C p 2// similar to the original one. If both parameters
finitely many integers with of the new triple are still even, replace 12 q > 12 p by 41 q > 14 p. Eventually, we
n > n1 > n2 > > 0. arrive at a Pythagorean triple .2r s; r 2 s 2 ; r 2 C s 2 /, similar to the original
triple, that arises from parameters r > s, at least one of which is odd.
i i
“book2” — 2013/5/24 — 8:18 — page 13 — #33
i i
1.2 Diophantus 13
There are two possibilities. If r and s have different parity, define m D r Cs

and n D r s. Both m and n are odd, and the Pythagorean triple given by the
Babylonian method from m > n is

B D mn; 12 .m2 n2 /; 12 .m2 C n2 / :
Substitute:
mn D .r Cs/.r s/ D r 2 s 2; 1
2 .m
2
n2 / D 2r s; and 12 .m2 n2/ D r 2 Cs 2:
Thus, the Pythagorean triple B is similar to .2r s; r 2 s 2; r 2 C s 2/.

If both r and s are odd, then the Pythagorean triple given by the Babylo-
nian method from r > s is .r s; 21 .r 2 s 2 /; 12 .r 2 C s 2// which is similar to
.2r s; r 2 s 2 ; r 2 C s 2 /.
Not every Pythagorean triple .a; b; c/ is equal to .2qp; q 2 p 2; q 2 C p 2 /

for some q > p, nor does the theorem say that it is; the theorem asserts only
that .a; b; c/ is similar to a Pythagorean triple arising from the formula. For
example, let us show that .9; 12; 15/ is not of this form. Since the leg 9 is odd,
the even leg 12 must be 2qp, so that qp D 6, and the only possible parameters
are 3 > 2 or 6 > 1. But 3 > 2 gives .5; 12; 13/ and 6 > 1 gives .12; 35; 37/,
neither of which is similar to .9; 12; 15/. However, .9; 12; 15/ is similar to
.3; 4; 5/, and .3; 4; 5/ arises from 2 > 1.
A Pythagorean triple .a; b; c/ is primitive if there is no integer d > 1 that
is a divisor of a; b, and c. Thus, .3; 4; 5/ is primitive but .9; 12; 15/ is not.
In Theorem 1.25, we’ll give a rigorous proof that every Pythagorean triple is
similar to exactly one primitive Pythagorean triple.
Exercises
1.19 Find q and p in Theorem 1.5 for each of the following Pythagorean triples.
(i) .7; 24; 25/.
Answer: q D 5 and p D 3.
(ii) .129396; 261547;291805/:
Answer: q D 526 and p D 123.
1.20 * Show that every Pythagorean triple .x; y; z/ with x; y; z having no common
factor d > 1 is of the form
.r 2 s 2; 2rs; r 2 C s 2 /
for positive integers r > s having no common factor > 1; that is,
x D r2 s 2; y D 2rs; z D r 2 C s2:
1.21 A line in the plane with equation y D mx C c is called a rational line if m and c
are rational numbers. If P and Q are distinct rational points, prove that the line
joining them is a rational line.
1.22 A lattice point is a point in the plane whose coordinates are integers. Let P D
.x; y/ be a Pythagorean point and ` the line through P and the origin. Prove that
if Q D .a; b/ is a lattice point on ` and c is the distance from Q to the origin,
then .a; b; c/ is a Pythagorean triple.
i i
“book2” — 2013/5/24 — 8:18 — page 14 — #34
i i
1.23 * Let P D .x0 ; y0 / be a Pythagorean point and L the line joining P and the origin
(so the equation of L is y D mx, where m D y0 =x0 ). Show that if .a=c; b=c/ is
a rational point on L, then .a; b; c/ is a Pythagorean triple.
1.24 Does every rational point in the plane correspond to a Pythagorean point? If so,
prove it. If not, characterize the ones that do.
Answer: No. For example, . 12 ; 12 / does not correspond.
2 2
1.25 * Prove the identity x 2 C y 2 D x 2 y 2 C .2xy/2 :
1.26 *
(i) Show that the same number can occur as a leg in two nonsimilar Pythagorean
triangles.
(ii) Prove that the area of 4.a; b; c/, a right triangle with integer side lengths, is
an integer.
(iii) A Heron triangle is a triangle with integer side lengths and area. Find a Heron
triangle that is not a right triangle.
Hint: Use parts (i) and (ii).
1.27 Show that every integer n 3 occurs as a leg of some Pythagorean triple.
Hint: The cases n even and n odd should be done separately.
1.28 Distinct Pythagorean triples can have the same hypotenuse: both .33; 56; 65/ and
.16; 63; 65/ are Pythagorean triples. Find another pair of distinct Pythagorean
triples having the same hypotenuse.
1.29 * If .cos ; sin / is a rational point, prove that both cos. C30ı / and sin. C30ı/
are irrational.

About fourteen centuries after Diophantus, Fermat (1601–1665) proved that
there are no positive integers a; b; c with a4 C b 4 D c 4 . He was studying
his copy of Diophantus’s Arithmetica, published in 1621, and he wrote in its
margin,
: : : it is impossible for a cube to be written as a sum of two cubes or a

fourth power to be written as a sum of two fourth powers or, in general,
for any number which is a power greater than the second to be written
as a sum of two like powers. I have discovered a truly marvelous demon-
stration of this proposition which this margin is too narrow to contain.
Fermat was not the first Fermat never returned to this problem (at least, not publicly) except for his
mathematician to write a proof of the case n D 4, which we give below. The statement: If n > 2,
marginal note in a copy
there are no positive integers a; b; c with an C b n D c n , was called Fer-
of Diophantus. Next to
the same problem, the mat’s Last Theorem, perhaps in jest. The original text in which Fermat wrote
Byzantine mathematician his famous marginal note is lost today. Fermat’s son edited the next edition
Maximus Planudes wrote, of Diophantus, published in 1670; this version contains Fermat’s annotations,
Thy soul, Diophantus, be including his famous “Last Theorem;” it contained other unproved assertions
with Satan because of the
as well, most true, some not. By the early 1800s, only Fermat’s Last Theorem
difficulty of your theorems.
remained undecided. It became a famous problem, resisting the attempts of
mathematicians of the highest order for 350 years, until it was finally proved,
in 1995, by Wiles. His proof is very sophisticated, and most mathematicians
i i
“book2” — 2013/5/24 — 8:18 — page 15 — #35
i i
1.2 Diophantus 15
believe that Fermat did not have a correct proof. The quest for a proof of Fer-
mat’s Last Theorem generated much beautiful mathematics. In particular, it led
to an understanding of complex numbers, factorization, and polynomials. We’ll
see, in the Epilog, that extending the method of Diophantus from quadratics to
cubics involves elliptic curves, the study of which is the setting for Wiles’
proof of Fermat’s Last Theorem.
Fermat proved the next theorem (which implies the case n D 4 of Fermat’s
Last Theorem) because he was interested in the geometric problem of deter-
mining which right triangles having all sides of rational length have integer
area (we’ll soon discuss this problem in more detail).
Theorem 1.7 (Fermat). There is no triple .x; y; z/ of positive integers with

x4 C y4 D z2 : (1.5)
This proof is not difficult,
Proof. The proof will be by infinite descent (Fermat invented infinite descent but it uses several elemen-
for this very problem). Given a triple of positive integers .x; y; z/ satisfying tary divisibility results we’ll
prove later. Since we feel
Eq. (1.5), we’ll show there is another triple .u; v; w) of the same sort with
that this is the appropriate
w < z, and so repeating this process leads to a contradiction. place for this theorem, we’ll
Let’s say that integers x and y are relatively prime if there is no integer just refer to the needed
d > 1 dividing both of them; that is, it’s not true that x D da and y D db. things.
We can assume that x and y are relatively prime, for otherwise a common
factor of x and y would also be a factor of z, and we could divide it out. It
follows (and we’ll prove it in the next chapter) that x 2 and y 2 are also relatively
prime. And note that x 4 C y 4 D z 2 implies that
2 2
x2 C y2 D z2
so that .x 2 ; y 2 ; z/ form a Pythagorean triple.
We also observe that x 2 and y 2 can’t both be odd; if x 2 D 2k C 1 and
y 2 D 2j C 1, then
.2k C 1/2 C .2j C 1/2 D z 2 :
Expanding and collecting terms gives z 2 D 4hC 2 for some integer h. But you
can check that the square of any integer is either of the form 4h or 4h C 1.
We can now assume that .x 2 ; y 2 ; z/ is a Pythagorean triple in which x and
y are relatively prime, x is odd, and y is even. By Exercise 1.20 on page 13,
there are relatively prime integers r and s with r > s > 0 such that
x2 D r 2 s 2 ; y 2 D 2r s; and z D r 2 C s 2 :
The first equation says that x 2 C s 2 D r 2; that is, .x; s; r / is another Pythago-
rean triple with x odd. Moreover, x and s have no common factor (why?), so
that Exercise 1.20 gives relatively prime integers a and b such that
x D a2 b 2 ; s D 2ab; and r D a2 C b 2 :
Now,
y 2 D 2r s D 2.a2 C b 2 /.2ab/ D 4ab.a2 C b 2/:
Since y is even, we have an equation in integers:
y 2
D ab.a2 C b 2 /: (1.6)
2
i i
“book2” — 2013/5/24 — 8:18 — page 16 — #36
i i
As a and b are relatively prime (no common factor d > 1), each pair from
the three factors on the right-hand side of Eq. (1.6) is relatively prime. Since
the left-hand side .y=2/2 is a square, each factor on the right is a square (Ex-
ercise 2.12 on page 59). In other words, there are integers u, v, and w such
that
a D u2 ; b D v 2 ; and a2 C b 2 D w 2 :
And, since a and b are relatively prime, so, too, are u and v relatively prime.
Hence, we have
u4 C v 4 D w 2 :
This is our “smaller” solution to Eq. (1.5), for
0 < w < w 2 D a2 C b 2 D r < r 2 < r 2 C s 2 D z:
We can now repeat this process on .u; v; w/. By infinite descent, there is no
solution to Eq. (1.5).
Corollary 1.8 (Fermat’s Last Theorem for Exponent 4). There are no pos-
itive integers x; y; z with
x4 C y4 D z4:
Proof. If such a triple existed, we’d have

2
x4 C y4 D z2 ;
and that’s impossible, by Theorem 1.7.

Call an integer n 2 good if there are no positive integers a; b; c with
an C b n D c n . If n is good, then so is any multiple nk of it. Otherwise, there
are positive integers r; s; t with r nk C s nk D t nk , and this gives the contradic-
tion an C b n D c n , where a D r k , b D s k , and c D t k . For example, Corol-
lary 1.8 shows that that any positive integer of the form 4k is good. Since every
n 2 is a product of primes, it follows that Fermat’s Last Theorem would be
true if every odd prime is good.
Connections: Congruent Numbers

Fermat’s motivation for Theorem 1.7 came, not from a desire to prove there
are no non-trivial integer solutions to x 4 C y 4 D z 4 , but from a problem
in the intersection of arithmetic and geometry. In more detail, suppose that
4 D 4.a; b; c/ is the right triangle arising from a Pythagorean triple .a; b; c/.
Since 4 is a right triangle, the leg a is an altitude and the area of 4.a; b; c/ is
1
2
ab; since .a; b; c/ is a Pythagorean triple, the area is an integer (Exercise 1.8
on page 6). Tipping this statement on its head, we ask which integers are areas
of right triangles having integer side-lengths. Certainly 6 is, because it’s the
area of 4.3; 4; 5/. But 5 is not the area of such a triangle (Exercise 1.9 on
page 7).
However, we claim that 5 is the area of a right triangle whose side-lengths
are rational numbers. Consider the Pythagorean triple .9; 40; 41/; its right tri-
angle 4 D 4.9; 40; 41/ has area 12 .9 40/ D 180. Now 180 D 36 5. Scaling
i i
“book2” — 2013/5/24 — 8:18 — page 17 — #37
i i
1.2 Diophantus 17

the side-lengths of 4 by 16 scales the area by 36
1
, so that 4 32 ; 20
3
; 41
6
has area
180=36 D 5.
So, the question arises: “Is every integer the area of a right triangle with
rational side-lengths?” Fermat showed that 1 and 2 are not, and his proof for 2
involved Eq. (1.5).
Theorem 1.9. There is no right triangle with rational side-lengths and area 2.
Proof. Suppose, on the contrary, that the rational numbers r; s; t are the lengths
of the sides of a right triangle with area 2. Then we have two equations:
r 2 C s2 D t 2
1
2
rs D 2:
Multiply the first equation by r 2 to obtain
r 4 C .r s/2 D .r t/2 ;
so that (since r s D 4),
r 4 C 24 D .r t/2 :
Write the rational numbers r and t as fractions with the same denominator:
r D a=c and t D b=c. When we clear denominators, we get a4 C z 4 c 4 D t 2 ,
an equation in integers x; y; z of the form
x4 C y4 D z2 :
This is Eq. (1.5), and Theorem 1.7 says that this cannot occur.
So, not every positive integer is the area of a right triangle with rational
side-lengths.
Definition. A congruent number is a positive integer n that is the area of a

right triangle having rational side-lengths.
Theorem 1.9 says that 2 is not a congruent number. Using similar ideas,
Fermat showed that 1 is not a congruent number (Exercise 1.31 below).
One way to generate congruent numbers is to scale a Pythagorean triple
using the largest perfect square that divides its area. For example, the area of We have already used this
4.7; 24; 25/ is 84 D 22 21. Since 4 D 22 is the largest perfect square in 84, method on the Pythag-
orean triple .9; 40; 41/
scaling the sides by 2 will produce a triangle of area 21, so that 21 is the area of
when we showed that 5 is
4. 72 ; 12; 25
2
/ and, hence, 21 is a congruent number. More generally, we have a congruent number.
Proposition 1.10. Let .a; b; c/ be a Pythagorean triple. If its right triangle

4.a; b; c/ has area m2 n, where n is squarefree, then n is a congruent number.
Moreover, every squarefree congruent number is obtained in this way.
Proof. Since .a; b; c/ is a Pythagorean triple, 4 D 4.a; b; c/ is a right trian-

gle. Now area.4/ D m2 n D 12 ab, so that
2
a b c
area 4. m ; m ; m / D 12 ma b
m
D mm2n D n;
and so n is a congruent number.
i i
“book2” — 2013/5/24 — 8:18 — page 18 — #38
i i
Conversely, if n is a square-free congruent number, then there are rational

numbers r , s, and t so that
r 2 C s2 D t 2
1
2
rs D n:
Clearing denominators, we find integers a, b, c, and m so that
a2 C b 2 D c 2
1
2 ab D m2 n:
The first few congruent numbers are
5; 6; 7; 13; 14; 15; 20; 21; 22; 23:
In light of Exercise 1.33 on page 20, we now have a method for determin-
ing all congruent numbers: generate the areas of all Pythagorean triangles (we
know how to do that), and then divide out its largest perfect square factor: case
closed.
Not quite. The trouble with this method is that you have no idea how many
triangle areas to calculate before (if ever) you get to an area of m2 n for a
particular n. For some congruent numbers, it takes a long time. For example,
157 is a congruent number, but the smallest rational right triangle with area
157 has side lengths
224403517704336969924557513090674863160948472041
This triangle was found ;
by Don Zagier, using
8912332268928859588025535178967163570016480830
sophisticated techniques
investigating elliptic curves,
6803294847826435051217540 411340519227716149383203
; :
and using a substantial 411340519227716149383203 21666555693714761309610
amount of computer power
(see [19] for more details). A method for effectively determining whether or not an integer is a congru-
ent number is an unsolved problem (this problem is at least a thousand years
old, for historians have found it in manuscripts dating from the late tenth cen-
A readable account of tury). A detailed discussion of the Congruent Number Problem is in [19].
the congruent prob-
lem, with more exam-
ples than we provide How to Think About It. Proposition 1.10 shows that every squarefree con-
here, can be found at
gruent number n is the area of a scaled Pythagorean triangle. But there might
www.math.uconn.edu/
˜kconrad/blurbs/
be more than one Pythagorean triangle whose area has n as its squarefree
part. The search for more than one rational right triangle with the same area
leads to some fantastic calculations. For example, we saw that 5 is the area of
4 32 ; 20 41
3 ; 6 , which comes from the Pythagorean triangle 4.9; 40; 41/ whose
area is 5 62 . But 5 is also the area of

1519 4920 3344161
4 ; ; ;
492 1519 747348
and this comes from the Pythagorean triangle 4.2420640; 2307361; 3344161/
whose area is 5 7473482.
As usual, this isn’t magic; in Chapter 9, we’ll show how to find infinitely
many rational right triangles with the same congruent number as area.
i i
“book2” — 2013/5/24 — 8:18 — page 19 — #39
i i
1.2 Diophantus 19
There’s a surprising connection between congruent numbers and 3-term

arithmetic sequences of perfect squares of rational numbers: positive rationals
s 2 < t 2 < u2 with u2 t 2 D t 2 s 2 , like 1; 25; 49 (common difference 24)
and
961 1681 2401
; ;
36 36 36
(common difference 20). Note that 24 D 4 6 and 20 D 4 5. So, for these
examples, at least, the common difference is 4 times a congruent number. This
suggests that something’s going on. One approach is due to Fibonacci.
Our two equations
a2 C b 2 D c 2
ab D 2n
might lead us to think that we could find a and b by finding their sum and
product, for this would lead to a quadratic equation whose roots are a and b.
Well, we know ab, and
.a C b/2 D a2 C b 2 C 2ab D c 2 C 4n:

p
So, a C b D c 2 C 4n (why can we take the positive square root?), and hence
a and b are roots of the quadratic equation
p
x2 c 2 C 4n x C 2n:
The quadratic formula gives us a and b:
p p p p
c 2 C 4n C .c 2 C 4n/ 4.2n/ c 2 C 4n C c 2 4n
aD D
2 2
and
p p p p
c 2 C 4n .c 2 C 4n/ 4.2n/ c 2 C 4n c2 4n
bD D :
2 2
But we want a and b to be rational, so we want c 2 ˙4n to be perfect squares.
That produces an arithmetic sequence of three perfect squares:
c2 4n; c 2; c 2 C 4n:
There are details to settle, but that’s the gist of the proof of the following theo-
rem.
Theorem 1.11. An integer n is a congruent number if and only of there is a

3-term arithmetic sequence of perfect squares whose common difference is 4n.
Exercises
1.30 * Show that 1 is not a congruent number.
1.31 Show that there are no positive rational numbers x and y so that
x4 ˙ 1 D y 2:
i i
“book2” — 2013/5/24 — 8:18 — page 20 — #40
i i
1.32 Show that if n is a congruent number and m is an integer, then m2 n is also a

congruent number.
1.33 Show that there are no right triangles with rational side-lengths whose area is a
perfect square or twice a perfect square.
1.34 Show that 7 and 14 are congruent numbers.
1.35 Take It Further. Show that 13 is a congruent number.
1.36 * Prove Theorem 1.11.
1.3 Euclid
Euclid of Alexandria (ca. 325 BCE–ca.265 BCE) is one of the most prominent
mathematicians of antiquity. He is best known for The Elements, his treatise
consisting of thirteen books: six on plane geometry, four on number theory,
and three on solid geometry. The Elements has been used for over two thou-
sand years, which must make Euclid the leading mathematics teacher of all
time. We do not know much about Euclid himself other than that he taught in
Alexandria, Egypt around 270 BCE. We quote from Sir Thomas Heath [16],
the great translator and commentator on The Elements.
It is most probable that Euclid received his mathematical training in

Athens from the students of PlatoI for most of the geometers who could
Pappus (ca. 290 CE – have taught him were of that school ... Pappus says ... such was .Euclid’s/
ca. 350 CE ), was one scrupulous fairness and his exemplary kindliness towards all who could
of the last great classic
advance mathematical science to however small an extentI .he was/ in
geometers.
no wise contentious and, though exact, yet no braggart.
Eight hundred years after Euclid, Proclus (412 CE–485 CE) wrote:
Not much younger than these .pupils of Plato/ is Euclid, who put to-
gether The Elements, collecting many of Eudoxus’s theorems, perfecting
many of Theaetetus’s, and also bringing to irrefragable demonstration
the things which were only somewhat loosely proved by his predecessors.
This man lived in the time of the first Ptolemy .323 BCE 283 BCE /. For
Archimedes, who came immediately after the first Ptolemy makes men-
tion of EuclidI and further they say that Ptolemy once asked him if there
were a shorter way to study geometry than The Elements, to which he
replied that there was no royal road to geometry. He is therefore younger
than Plato’s circle, but older than Eratosthenes and ArchimedesI for
these were contemporaries, as Eratosthenes somewhere says.
The Elements is remarkable for the clarity with which its theorems are stated
and proved. The standard of rigor was a goal (rarely achieved!) for the inven-
tors of calculus centuries later. As Heath writes in the preface to the second
edition of his translation [16] of The Elements,
. . . so long as mathematics is studied, mathematicians will find it neces-

sary and worthwhile to come back again and again . . . to the twenty-two-
centuries-old book which, notwithstanding its imperfections, remains the
greatest elementary textbook in mathematics that the world is privileged
to possess.
i i
“book2” — 2013/5/24 — 8:18 — page 21 — #41
i i
1.3 Euclid 21
More than one thousand editions of The Elements have been published since
it was first printed in 1482. In the Encyclopedia Britannica, van der Waerden
wrote,
Almost from the time of its writing and lasting almost to the present,
The Elements has exerted a continuous and major influence on human
affairs. It was the primary source of geometric reasoning, theorems, and
methods at least until the advent of non-Euclidean geometry in the 19th
century. It is sometimes said that, next to the Bible, The Elements may
be the most translated, published, and studied of all the books produced
in the Western world.
Greek Number Theory

In spite of the glowing reviews of The Elements, we must deviate a bit from
Euclid, for the Greeks, and Euclid in particular, recognized neither negative
numbers nor zero.
Notation. The natural numbers is the set

N D f0; 1; 2; 3; : : :g:
The set of all integers, positive, negative, and 0, is denoted by The set of integers is
denoted by Z because the
Z D f˙n W n 2 Ng: German word for numbers
is Zahlen.
We are going to assume that the set N of natural numbers satisfies a certain
property—a generalized version of Infinite Descent.
Definition. The Least Integer Axiom (often called the Well-Ordering Axiom)
states that every nonempty collection C of natural numbers contains a smallest Note that the set of positive
element; that is, there is a number c0 2 C with c0 c for all c 2 C . rationals QC does not
satisfy an analogous
property: the nonempty
This axiom is surely plausible. If 0 2 C , then c0 D 0. If 0 … C and 1 2 C , subset fx 2 QC W x 2 > 2g
then c0 D 1. If 0; 1 … C and 2 2 C , then c0 D 2. Since C is not empty, you contains no smallest
will eventually bump into C , and c0 is the first number you’ll meet. element.
We now define some familiar terms.
Definition. If a and b are integers, then a divides b, denoted by

a j b;
if there is an integer c with b D ca. We also say that a is a divisor (or a factor)
of b, and that b is a multiple of a.
Note that 0 divides itself:
Example 1.12. Consider some special cases. Every number a divides itself, 0 j 0 is true. Do not confuse
for a D a 1; similarly, 1 divides every number. Every number a divides 0: the notation a j b, which is
taking c D 0, we have 0 D a 0. On the other hand, if 0 divides b, then b D 0, the relation “a is a divisor
for b D 0 c D 0. Note that 3 j 6, because 6 D 3 2, but 3 − 5 (that is, 3 does of b” with a=b, which is a
number. In particular, we
not divide 5): even though 5 D 3 35 , the fraction 53 is not an integer. N
are not saying that 0=0 is a
number.
Lemma 1.13. If a and b are positive integers and a j b, then a b.
i i
“book2” — 2013/5/24 — 8:18 — page 22 — #42
i i
Inequalities are discussed Proof. There is a positive integer c with b D ca; note that 1 c, for 1 is
in Appendix A. 4. the smallest positive integer. Multiplying by the positive number a, we have
a ac D b.
Every integer a has 1; 1; a; a as divisors. A positive integer a ¤ 1 having

only these divisors is called prime.
Definition. An integer a is prime if a 2 and its only divisors are ˙1 and

˙a; if a 2 has other divisors, then it is called composite.
The first few primes are 2, 3, 5, 7, 11, 13; : : : : We will soon see that there
are infinitely many primes.
The reason we do not consider 1 to be a prime is that theorems about primes
would then require special cases treating the behavior of 1. For example, we
will prove later that every positive integer a 2 has exactly one factorization
of the form a D p1 p2 p t , where p1 p2 p t are primes. This
statement would be more complicated if we allowed 1 to be a prime.
We allow products having Proposition 1.14. Every integer a 2 is a product of primes.

only one factor; it’s okay to
say that a single prime is a
product of primes.
Proof. Let C be the set of all natural numbers a 2 that are not products of
primes. If the proposition is false, then C is nonempty, and the Least Integer
Axiom gives a smallest such integer, say, c0 . Since c0 2 C , it is not prime;
hence, it factors, say, c0 D ab, where a; b ¤ 1. As a j c0 , we have a c0 , by
Lemma 1.13; but a ¤ c0, lest b D 1, so that a < c0 . Therefore, a … C , for
c0 is the smallest number in C , and so a is a product of primes: a D p1 pm
for m 1. Similarly, b is a product of primes: b D q1 qn . Therefore,
c0 D ab D p1 pm q1 qn is a product of primes, a contradiction, and so
C is empty.
Division and Remainders

Dividing an integer b by a positive integer a gives
b=a D q C r=a;
where q is an integer and 0 r=a < 1. If we clear denominators, we get the

statement b D qa C r which involves only integers. For example, 22
5 D 4C 5
2
becomes 22 D 4 5 C 2.
b = 4a + r
A A A A
a a a a r
B
b
Figure 1.8. Division Algorithm.
Euclid viewed division geometrically, as in Figure 1.8. Suppose B is a line

segment of length b, and that A is a shorter segment of length a. Lay off copies
of A along B as long as possible. If there’s nothing left over, then a is a divisor
of b; if some segment of length, say r , is left over, then r is the remainder.
i i
“book2” — 2013/5/24 — 8:18 — page 23 — #43
i i
1.3 Euclid 23
Theorem 1.15 (Division Algorithm). If a and b are positive integers, then

there are unique .i.e.,exactly one/ integers q .the quotient/ and r .the remain-
der/ with
b D qa C r and 0 r < a:
The hypothesis of Theo-
Proof. We first prove that q and r exist; afterward, we’ll prove their unique- rem 1.15 can be weakened
ness. to a; b 2 Z and a ¤ 0; the
inequalities for the remain-
If b < a, set q D 0 and r D b. Now b D qa C r D 0 a C b, while
der now read 0 r < jaj.
0 b < a. Hence, we may assume that b a; that is, b a 0. Consider the
sequence b > b a > b 2a > b 3a > . There must be an integer q 1
with b qa 0 and b .q C1/a < 0 (this is just Infinite Descent, described on
page 12; in more down-to-earth language, there can be at most b steps before
this sequence becomes negative). If we define r D b qa, then b D qa C r . If a b, the quotient q is
We also have the desired inequalities. Clearly, 0 r . If r D b qa a, then the largest multiple qa with
qa b. This is very much
b qa a 0; that is, b .q C 1/a 0, contradicting the definition of q.
the way young children are
Let’s prove uniqueness. If there are integers Q and R with b D Qa C R taught to find the integer
and 0 R < a, then qa C r D b D Qa C R and quotient in division when a
and b are small.
.Q q/a D r R:
If Q ¤ q, there is no loss in generality in assuming that Q > q; that is,

0 < Q q. By Lemma 1.13, a .Q q/a D r R. But r < a and R 0
gives r R < r < a. Therefore, a .Q q/a D r R < a; that is, a < a,
a contradiction. Hence Q D q. It follows that R D r , and we are done.
For example, there are only two possible remainders after dividing by 2,
namely, 0 and 1. An integer b is even if the remainder is 0; b is odd if the
remainder is 1. Thus, either b D 2q or b D 2q C 1.
The equation b D qa C r is of no value at all without the restriction on
the remainder r . For example, the equations 1000 D 3 25 C 925 and 1000 D
2 53 C 894 are true and useless.
How to Think About It. We have been trained to regard the quotient q as
more important than the remainder; r is just the little bit left over. But our
viewpoint now is just the reverse. Given a and b, the important question for us
is whether a is a divisor of b. The remainder is the obstruction: a j b if and
only if r D 0. This will be a common strategy: to see whether a j b, use the
Division Algorithm to get b D qa C r , and then try to show that r D 0.
The next result shows that there is no largest prime. The proof shows, given
any finite set of primes, that there always exists another one.
Corollary 1.16. There are infinitely many primes.
Proof. .Euclid/ Suppose, on the contrary, that there are only finitely many
primes. If p1 ; p2; : : : ; pk is the complete list of all the primes, define
M D .p1 pk / C 1:
By Proposition 1.14, M is a product of primes. But M has no prime divisor

pi , for dividing M by pi gives remainder 1 and not 0. For example, dividing
i i
“book2” — 2013/5/24 — 8:18 — page 24 — #44
i i
M by p1 gives M D p1 .p2 pk / C 1, so that the quotient and remainder are

q D p2 pk and r D 1; dividing M by p2 gives M D p2 .p1 p3 pk / C 1,
so that q D p1 p3 pk and r D 1; and so forth. The assumption that there
are only finitely many primes leads to a contradiction, and so there must be an
infinite number of them.
Linear Combinations and Euclid’s Lemma

The greatest common divisor of two integers is a fundamental tool in studying
factorization.
Definition. A common divisor of integers a and b is an integer c with c j a

and c j b. The greatest common divisor of a and b, denoted by gcd.a; b/ (or,
more briefly, by .a; b/ ), is defined by
(
0 if a D 0 D b
gcd.a; b/ D
the largest common divisor of a and b otherwise.
We saw, in Lemma 1.13, that if a and m are positive integers with a j m,

then a m. It follows, if at least one of a; b is not zero, that gcd’s exist: there
are always common divisors (1 is always a common divisor), and there are
only finitely many positive common divisors maxfjaj; jbjg.
Lemma 1.17. If p is a prime and b is an integer, then

(
p if p j b
gcd.p; b/ D
1 otherwise.
Proof. A common divisor c of p and b is, in particular, a divisor of p. But the

only positive divisors of p are p and 1, and so gcd.p; b/ D p or 1; it is p if
p j b, and it is 1 otherwise.
If b 0, then gcd.0; b/ D b (why?).
Definition. A linear combination of integers a and b is an integer of the form
sa C tb;
where s; t 2 Z (the numbers s; t are allowed to be negative).
Example 1.18. The equation b D qa C r in the Division Algorithm displays

b as a linear combination of a and r (for b D qa C 1 r ). Note that 0 is a linear
combination of any pair of integers: 0 D 0 a C 0 b. There are infinitely many
linear combinations of 12 and 16, each of which is divisible by 4 (why?). It
follows that 5, for example, is not such a linear combination. N
The next result is one of the most useful properties of gcd’s.

See Exercise 1.47 on
page 30.
Theorem 1.19. If a and b are integers, then gcd.a; b/ is a linear combination
of a and b.
i i
“book2” — 2013/5/24 — 8:18 — page 25 — #45
i i
1.3 Euclid 25
Proof. We may assume that at least one of a and b is not zero (otherwise,
the gcd is 0 and the result is obvious). Consider the set I of all the linear
combinations of a and b:
I D fsa C tb W s; t 2 Zg:
Both a and b are in I (take s D 1 and t D 0 or vice versa). It follows that The proof of Theorem 1.19
I contains positive integers (if a < 0, then a is positive, and I contains contains an idea that
will be used again, as in
a D . 1/a C 0b); hence, the set C of all those positive integers lying in I is
Exercise 1.49 on page 30.
nonempty. By the Least Integer Axiom, C contains a smallest positive integer,
say, d ; we claim that d is the gcd. In other words, d is the
Since d 2 I , it is a linear combination of a and b: there are integers s and smallest positive linear
combination of a and b.
t with
d D sa C tb:
We’ll show that d is a common divisor by trying to divide each of a and b
by d . The Division Algorithm gives integers q and r with a D qd C r , where
0 r < d . If r > 0, then
r Da qd D a q.sa C tb/ D .1 qs/a C . qt/b 2 C;
contradicting d being the smallest element of C . Hence r D 0 and d j a; a
similar argument shows that d j b.
Finally, if c is a common divisor of a and b, then Exercise 1.46 on page 29
shows that c divides every linear combination of a and b; in particular, c j d .
By Lemma 1.13, we have c d .
If d D gcd.a; b/ and if c is a common divisor of a and b, then c d , by
Lemma 1.13. The next corollary shows that more is true: c is a divisor of d ;
that is, c j d for every common divisor c.
Corollary 1.20. Let a and b be integers. A nonnegative common divisor d is In some treatments of num-
their gcd if and only if c j d for every common divisor c of a and b. ber theory, Corollary 1.20
is taken as the definition
of gcd. Later, we will want
Proof. Necessity (the implication )). We showed that any common divisor of
to define greatest common
a and b divides gcd.a; b/ at the end of the proof of Theorem 1.19. divisor in other algebraic
Sufficiency (the implication (). Let d D gcd.a; b/, and let D 0 be a structures. It often will not
common divisor of a and b with c j D for every common divisor c of a and make sense to say that one
b. Now D is a common divisor, so that d j D, by hypothesis; hence, d D, element of such a structure
is greater than another, but
by Lemma 1.13. But the definition of gcd (d is the greatest common divisor)
it will make sense to say
gives D d , and so D D d . that one element divides
another. Corollary 1.20
The next theorem is of great interest: not only is it very useful, but it also will allow us to extend the
characterizes prime numbers. notion of gcd.
Theorem 1.21 (Euclid’s Lemma). If p is a prime and p j ab for integers

a; b, then p j a or p j b. Conversely, if m 2 is an integer such that m j ab
always implies m j a or m j b, then m is a prime.
Proof. ()): Suppose that p j ab and that p − a; that is, p does not divide a;
we must show that p j b. Since gcd.p; a/ D 1 (by Lemma 1.17), Theorem 1.19
gives integers s and t with 1 D sp C ta. Hence,
b D spb C tab:
i i
“book2” — 2013/5/24 — 8:18 — page 26 — #46
i i
Now p divides both expressions on the right, for p j ab, and so p j b, by

The contrapositive of a Exercise 1.46 on page 29.
statement P implies ((): We prove the contrapositive. If m is composite, then m D ab, where
Q is “not Q” implies
a < m and b < m. Now m j m D ab, but m − a and m − b, by Lemma 1.13.
“not P ”. For example, the
contrapositive of “If I live Thus, m divides a product but it divides neither factor.
in Chicago, then I live in
Illinois” is “If I don’t live To illustrate: 6 j 12 and 12 D 4 3, but 6 − 4 and 6 − 3. Of course, 6 is not
in Illinois, then I don’t live prime.
in Chicago.” A statement We will generalize Euclid’s Lemma in the next chapter. Theorem 2.8 says
and its contrapositive are that if p is a prime and p j a1 an for integers a1 ; : : : ; an , where n 2, then
either both true or both
p j ai for some i .
false. Thus, to prove a
statement, it suffices to
prove its contrapositive. Definition. Call integers a and b relatively prime if their gcd is 1.
Thus, a and b are relatively prime if their only common divisors are ˙1.
For example, 2 and 3 are relatively prime, as are 8 and 15.
Here is a generalization of Euclid’s Lemma having the same proof.
Corollary 1.22. Let a, b, and c be integers. If c and a are relatively prime and
c j ab, then c j b.
Proof. Theorem 1.19 gives integers s and t with 1 D sc C ta. Hence, b D

scb C tab. Now c divides both expressions on the right, for c j ab, and so
c j b, by Exercise 1.46 on page 29.
How to Think About It.

We have just seen one reason why it is important to know proofs: Corol-
lary 1.22 does not follow from the statement of Euclid’s Lemma, but it does
follow from its proof. See Exercise 1.54 on page 34 for another example of
this.
Proposition 1.23. Let a and b be integers.

(i) gcd.a; b/ D 1 .that is, a and b are relatively prime/ if and only if 1 is a
linear combination of a and b.
(ii) If d D gcd.a; b/ ¤ 0, then the integers a=d and b=d are relatively prime.
Proof. (i) By Theorem 1.19, the gcd d is a linear combination; here, d D 1.

Conversely, if 1 D sa C tb and c is a common divisor of a and b, then
c j 1, by Exercise 1.46 on page 29. Hence, c D ˙1.
(ii) There are integers s and t with d D sa C tb. Divide both sides by d D
gcd.a; b/:
a
b s t
1Ds Ct D aC b:
d d d d
Since d is a common divisor, both a=d and b=d are integers, and part (i)
applies.
Definition. An expression a=b for a rational number (where a and b are inte-
gers and b ¤ 0) is in lowest terms if a and b are relatively prime.
i i
“book2” — 2013/5/24 — 8:18 — page 27 — #47
i i
1.3 Euclid 27
Proposition 1.24. Every nonzero rational number a=b has an expression in

lowest terms.
a a0 d a0
Proof. If d D gcd.a; b/, then a D a0 d , b D b 0 d , and D 0 D 0 . But
b bd b
a b
a0 D and b 0 D , so gcd.a0 ; b 0 / D 1 by Lemma 1.23.
d d
We can now complete our discussion of Pythagorean triples.
Definition. A Pythagorean triple .a; b; c/ is primitive if a; b; c have no com-

mon divisor d 2; that is, there is no integer d 2 which divides each of
a; b, and c.
Theorem 1.25 (Diophantus). Every Pythagorean triple .a; b; c/ is similar to

a unique primitive Pythagorean triple.
Proof. We show first that .a; b; c/ is similar to a primitive Pythagorean triple.

If d is a common divisor of a; b; c, then a D du, b D dv, and c D dz, and
.u; v; z/ is a Pythagorean triple similar to .a; b; c/ (why?). If d is the largest
common divisor of a; b; c, we claim that .u; v; z/ is primitive. Otherwise, there
is an integer e 2 with u D eu0 , v D ev 0, and z D ez 0 ; hence, a D du D
deu0 , b D dv D dev 0 , and c D dz D dez 0 . Thus, de > d is a common
divisor of a; b; c, contradicting d being the largest such.
To prove uniqueness, suppose that .a; b; c/ is similar to two primitive Py-
thagorean triples, say .u; v; z/ and .r; s; t/. It follows that the right triangles
4.u; v; z/ and 4.r; s; t/ are similar, and so their sides are proportional, so
there is some positive number h with
u D hr; v D hs; and z D ht:
Since the side lengths are integers, h is rational, say h D m=`, and we may
assume that it is in lowest terms; that is, gcd.m; `/ D 1. Cross multiply:
mu D `r; mv D `s and mz D `t:
By Corollary 1.22, ` is a common divisor of u, v, and z and m is a common

divisor of r , s, and t. Since both .u; v; z/ and .r; s; t/ are primitive, ` D 1 D m,
and so .u; v; z/ D .r; s; t/.
This next result is significant in the history of mathematics.
Proposition 1.26. There is no rational number a=b whose square is 2.
Proof. Suppose, on the contrary, that .a=b/2 D 2. We may assume that a=b is An indirect proof or proof
in lowest terms; that is, gcd.a; b/ D 1. Since a2 D 2b 2, Euclid’s Lemma gives by contradiction has the
following structure. We
2 j a, and so 2m D a. Hence, 4m2 D a2 D 2b 2, and 2m2 D b 2. Euclid’s
assume that the desired
Lemma now gives 2 j b, contradicting gcd.a; b/ D 1. statement is false and
reach a contradiction. We
conclude that the original
It follows that the legs of a Pythagorean triple .a; b; c/ cannot be equal, for statement must be true.
if a D b, then a2 C a2 D c 2 , which implies that 2 D .c=a/2 .
i i
“book2” — 2013/5/24 — 8:18 — page 28 — #48
i i
p
Proposition 1.26 is often stated as “ 2 is irrational,”p
which is a stronger
statement than what we’ve just proved. We can assert that 2 is irrational only
if we further assume that there exists a number u with u2 D 2.
Our proof can be made more elementary; we need assume only that at least
one of a; b is odd. Also, see Exercise 1.75 on page 41.
Historical Note. The ancient Greeks defined number to mean “positive inte-
ger.” Rationals were not viewed as numbers but, rather, as ways of comparing
two lengths. They called two segments of lengths a and b commensurable
if there is a third segment of
p length c with a D mc and b D nc for posi-
tive integers m and n. That 2 is irrational was a shock to the Pythagoreans
(ca. 500 BCE); given a square with p sides of length 1, its diagonal and side
are not commensurable; that is, 2 cannot be defined in terms of numbers
(positive integers) alone. Thus, there is no numerical solution to the equation
To bridge the gap between x 2 D 2, but there is a geometric solution.
numbers and geometric By the time of Euclid, around 270 BCE, this problem had been resolved by
magnitudes, Eudoxus
splitting mathematics into two disciplines: number theory and geometry.
(408 BCE–355 BCE) intro-
duced the sophisticated In ancient Greece, algebra as we know it did not really exist. Euclid and
notion of proportions (this the Greek mathematicians did geometric algebra. For simple ideas, e.g.,
idea, discussed in The Ele- .a C b/2 D a2 C 2ab C b 2 or completing the square, geometry clarifies al-
ments, is equivalent to our gebraic formulas (for example, see the right-hand part of Figure 1.2 on page 2
contemporary definition of
without the dashed lines). For more difficult ideas, say equations of higher de-
real numbers).
gree, the geometric figures involved are very complicated, so that geometry is
no longer clarifying. As van der Waerden writes in [34], p. 266,
one has to be a mathematician of genius, thoroughly versed in trans-
forming proportions with the aid of geometric figures, to obtain results
by this extremely cumbersome method. Anyone can use our algebraic
notation, but only a gifted mathematician can deal with the Greek theory
of proportions and with geometric algebra.
The problem of defining number has arisen several times since the classical
Greek era. Mathematicians had to deal with negative numbers and with com-
plex numbers in the 1500s after the discovery of the Cubic Formula, because
that formula often gives real roots of a cubic polynomial, even integer roots, in
unrecognizable form (see Chapter 3). The definition of real numbers generally
accepted today dates from the late 1800s. But there are echos of ancient Athens
in our time. Kronecker (1823–1891) wrote,
Die ganzen Zahlen hat der liebe Gott gemacht, alles andere ist Men-
schenwerk. (God created the integers; everything else is the work of
Man.)
Even today some logicians argue for a new definition of number.
Exercises
1.37 True or false, with reasons. Of course, it is important to get the right answer, but
most attention should be paid to your reasoning.
(i) 6 j 2. Answer: False. (ii) 2 j 6. Answer: True.
(iii) 6 j 0. Answer: True. (iv) 0 j 6. Answer: False.
(v) 0 j 0. Answer: True.
i i
“book2” — 2013/5/24 — 8:18 — page 29 — #49
i i
1.3 Euclid 29
1.38 True or false, with reasons.

(i) gcd.n; n C 1/ D 1 for every natural number n. Answer: True.
(ii) gcd.n; n C 2/ D 2 for every natural number n. Answer: False.
(iii) 113 is a sum of distinct powers of 2. Answer: True.
(iv) If a and b are natural numbers, there there are natural numbers s and t with
gcd.a; b/ D sa C t b. Answer: False.
(v) If an integer m is a divisor of a product of integers ab, then m is a divisor of
either a or b (or both). Answer: False.
1.39 Prove, or disprove and salvage if possible. “Disprove” here means
“give a concrete counterex-
(i) gcd.0; b/ D b
ample.” “Salvage” means
(ii) gcd.a2 ; b 2/ D gcd.a; b/2 “add a hypothesis to make
(iii) gcd.a; b/ D gcd.a; b C ka/ for all k 2 Z it true.”
(iv) gcd.a; a/ D a
(v) gcd.a; b/ D gcd.b; a/
(vi) gcd.a; 1/ D 1
(vii) gcd.a; b/ D gcd. a; b/
(viii) gcd.a; 2b/ D 2 gcd.a; b/
1.40 * If x is a real number, let bxc denote the greatest integer n with n x. (For
example, 3 D bc and 5 D b5c.) If q is the quotient in Theorem 1.15, show that
q D bb=ac.
1.41 *
(i) Given integers a and b (possibly negative) with a ¤ 0, prove that there exist
unique integers q and r with b D qa C r and 0 r < jaj.
Hint: Use the portion of the Division Algorithm that has already been proved.
(ii) If b and a are positive integers, do b and b have the same remainder after
dividing by a? Answer: No.
1.42 For each of the following pairs a; b, find the largest nonnegative integer n with
n b=a < n C 1.
(i) a D 4 and b D 5. Answer: n D 1.
(ii) a D 5 and b D 4. Answer: n D 0.
(iii) a D 16 and b D 36. Answer: n D 2.
(iv) a D 36 and b D 124. Answer: n D 3.
(v) a D 124 and b D 1028. Answer: n D 7.
1.43 Let p1 ; p2 ; p3 ; : : : be the list of the primes in ascending order: p1 D 2, p2 D 3,
p3 D 5, and so forth. Define fk D 1 C p1 p2 pk for k 1. Find the smallest
k for which fk is not a prime.
Hint: 19 j f7 , but 7 is not the smallest k.
1.44 What can you say about two integers a and b with the property that a j b and
b j a? What if both a and b are positive?
1.45 * Show that if a is positive and a j b, then gcd.a; b/ D a. Why do we assume
that a is positive?
1.46 *.Two Out of Three/: Suppose that m, n, and q are integers and m D n C q. If c
is an integer that divides any two of m; n; q, show that c divides the third one as
well.
i i
“book2” — 2013/5/24 — 8:18 — page 30 — #50
i i
1.47 *
(i) For each a and b, give the smallest positive integer d that can be written as
Allow for positive and sa C t b for integers s and t :
negative values of s and t.
a D 12 and b D 16. Answer: d D 4.
(ii) How is “smallest positive integer d expressible as sa C t b” related to a and b
in each case? Is d a divisor of both a and b?
1.48 * Show that the set of all linear combinations of two integers is precisely the set
of all multiples of their gcd.
1.49 * Let I be a subset of Z such that
(i) 0 2 I
(ii) if a; b 2 I , then a b2I
(iii) if a 2 I and q 2 Z, then qa 2 I .
Prove that there is a nonnegative integer d 2 I with I consisting precisely of all
the multiples of d .
1.50 How might one define the gcd.a; b; c/ of three integers? When applied to a prim-
itive Pythagorean triple .a; b; c/, your definition should say that gcd.a; b; c/ D 1.
Euclidean Algorithm
Our discussion of gcd’s is incomplete. What is gcd.12327; 2409/? To ask the
question another way, is the expression 2409/12327 in lowest terms? The next
result enables us to compute gcd’s efficiently. We first prove another lemma
from Greek times.
Lemma 1.27. Let a and b be integers.

(i) If b D qa C r , then gcd.a; b/ D gcd.r; a/.
(ii) If b a, then gcd.a; b/ D gcd.b a; a/.
Proof. (i) In light of Corollary 1.20, it suffices to show that an integer c is a

common divisor of a and b if and only if it is a common divisor of a and
r . Since b D qa C r , this follows from Exercise 1.46 on page 29.
(ii) This follows from part (i) because b D 1 a C .b a/.
The hypothesis b a in part (ii) of Lemma 1.27 is not necessary; it is there

only to put you in the mood to accept the next example showing a method
the Greeks probably used to compute gcd’s. This method of computation is
nowadays called the Euclidean Algorithm; it is Theorem 1.29.
Example 1.28. In this example, we will abbreviate gcd.b; a/ to .b; a/. Com-
puting .b; a/ is simple when a and b are small. If b a, then Lemma 1.27
i i
“book2” — 2013/5/24 — 8:18 — page 31 — #51
i i
1.3 Euclid 31
allows us to replace .b; a/ by .b a; a/; indeed, we can continue replacing

numbers, .b 2a; a/, .b 3a; a/; : : : ; .b qa; a/ as long as b qa > 0. Since
the natural numbers b a; b 2a; : : : ; b qa are strictly decreasing, the Least
Integer Axiom (or Infinite Descent) says that they must reach a smallest such
integer: r D b qa; that is, 0 < r < a. Now .b; a/ D .r; a/. (We see the proof
of the Division Algorithm in this discussion.) Since .r; a/ D .a; r / and a > r ,
they could continue replacing numbers: .a; r / D .a r; r / D .a 2r; r / D
(remember that the Greeks did not recognize negative numbers, so it was nat-
ural for them to reverse direction). This process eventually ends, computing
gcd’s; we call it the Euclidean Algorithm. The Greek term for this method is
antanairesis, a free translation of which is “back and forth subtraction.” Let us
implement this idea before we state and prove the Euclidean Algorithm.
Antanairesis computes gcd.326; 78/ as follows:
.326; 78/ D .248; 78/ D .170; 78/ D .92; 78/ D .14; 78/:
So far, we have been subtracting 78 from the other larger numbers. At this
point, we now start subtracting 14 (this is the reciprocal, direction-changing,
aspect of antanairesis), for 78 > 14.
.78; 14/ D .64; 14/ D .50; 14/ D .36; 14/ D .22; 14/ D .8; 14/:
Again we change direction:
.14; 8/ D .6; 8/:
Change direction once again to get .8; 6/ D .2; 6/, and change direction one
last time to get
.6; 2/ D .4; 2/ D .2; 2/ D .0; 2/ D 2:
Thus, gcd .326; 78/ D 2.

The Division Algorithm and Lemma 1.27(i) give a more efficient way of
performing antanairesis. There are four subtractions in the passage from
.326; 78/ to .14; 78/; the Division Algorithm expresses this as
326 D 4 78 C 14:
There are then five subtractions in the passage from .78; 14/ to .8; 14/; the
Division Algorithm expresses this as
78 D 5 14 C 8:
There is one subtraction in the passage from .14; 8/ to .6; 8/:
14 D 1 8 C 6:
There is one subtraction in the passage from .8; 6/ to .2; 6/:
8 D 1 6 C 2;
and there are three subtractions from .6; 2/ to .0; 2/ D 2:
6 D 3 2: N
i i
“book2” — 2013/5/24 — 8:18 — page 32 — #52
i i
Theorem 1.29 (Euclidean Algorithm I). If a and b are positive integers,

The beginning of the proof there is an algorithm computing gcd.a; b/.
of the theorem gives the
algorithm.
Proof. Let us set b D r0 and a D r1 , so that the equation b D qa C r reads
r0 D q1 a C r2 . There are integers qi and positive integers ri such that
b D r0 D q1 a C r2 ; r2 < a
a D r1 D q2 r2 C r3 ; r3 < r2
r2 D q3 r3 C r4 ; r4 < r3
:: ::
: :
rn 3 D qn 2 rn 2 C rn 1; rn 1 < rn 2
rn 2 D qn 1 rn 1 C rn ; rn < rn 1
rn 1 D qn rn
(remember that all qj and rj are explicitly known from the Division Algo-
Lamé (1795–1870) proved rithm). There is a last remainder: the procedure stops (by Infinite Descent!)
that the number of steps because the remainders form a strictly decreasing sequence of nonnegative in-
in the Euclidean Algorithm
cannot exceed 5 times
tegers (indeed, the number of steps needed is less than a).
the number of digits in the We now show that the last remainder rn is the gcd.
smaller number (see [26],
p. 49). b D q1 a C r2 ) gcd.a; b/ D gcd.a; r2 /
a D q2 r2 C r3 ) gcd.a; r2 / D gcd.r2 ; r3 /
r2 D q3 r3 C r4 ) gcd.r2 ; r3 / D gcd.r3 ; r4 /
::
:
rn 2 D qn 1 rn 1 C rn ) gcd.rn 2 ; rn 1 /D gcd.rn 1 ; rn /
rn 1 D qn rn ) gcd.rn 1 ; rn / D rn :
All the implications except the last follow from Lemma 1.27. The last one
follows from Exercise 1.45 on page 29.
Let’s rewrite the previous example in the notation of the proof of Theo-
rem 1.29. The passage from one line to the line below it involves moving the
boldface numbers “southwest.”
326 D 4 78 C 14 (1.7)
78 D 5 14 C 8 (1.8)
14 D 1 8 C 6 (1.9)
8D16C2 (1.10)
6 D 3 2:
The Euclidean Algorithm also allows us to find a pair of integers s and t

expressing the gcd as a linear combination.
Theorem 1.30 (Euclidean Algorithm II). If a and b are positive integers,

there is an algorithm computing a pair of integers s and t with gcd.a; b/ D
sa C tb.
i i
“book2” — 2013/5/24 — 8:18 — page 33 — #53
i i
1.3 Euclid 33
Proof. It suffices to show, given equations
b D qa C r
a D q 0r C r 0
r D q 00 r 0 C r 00;
how to write r 00 as a linear combination of b and a (why?). Start at the bottom,

and write
r 00 D r q 00 r 0 :
Now rewrite the middle equation as r 0 D a q 0 r , and substitute:

r 00 D r q 00 r 0 D r q 00 .a q 0 r / D .1 q 00 q 0 /r q 00 a:
Now rewrite the top equation as r D b qa, and substitute:
r 00 D .1 q 00 q 0 /r q 00 a D .1 q 00 q 0 /.b qa/ q 00 a:
Thus, r 00 is a linear combination of b and a.
We use the equations to find coefficients s and t expressing 2 as a linear
combination of 326 and 78. Work from the bottom up.
2D8 16 by Eq. (1.10)
D8 1 .14 1 8/ by Eq. (1.9)
D 2 8 1 14
D 2 .78 5 14/ 1 14 by Eq. (1.8)
D 2 78 11 14
D 2 78 11 .326 4 78/ by Eq. (1.7)
D 46 78 11 326:
Thus, s D 46 and t D 11.
How to Think About It. The algorithm produces one pair of coefficients that
works. However, it’s not the only pair. For example, consider gcd.2; 3/ D 1.
A moment’s thought gives s D 1 and t D 1; but another moment’s thought
gives s D 2 and t D 1 (see Exercise 1.57 on page 35). However, the Eu-
clidean Algorithm always produces a specific pair of coefficients; assuming
that no mistakes in arithmetic are made, two people using the algorithm al-
ways come up with the same s and t.
Students usually encounter greatest common divisors in elementary school,

sometimes as early as the fifth grade, when they learn how to add fractions
and put the sum in lowest terms. As we have seen, putting a fraction in lowest Putting a fraction in lowest
terms involves the gcd of numerator and denominator. The preferred method terms is not always wise.
For example,
of finding gcd’s in early grades involves prime factorization, for if integers a
and b are small, then it is easy to factor them into primes: after several cancel- 2
C 1
D 10 3
3 5 15 C 15
lations, the expression a=b is in lowest terms. Pedagogically, this may be the 13
D 15 :
right choice, but finding gcd’s using prime factorization is practical only when
numbers are small; can you put the fraction 167291=223377 in lowest terms
using prime factorization?
i i
“book2” — 2013/5/24 — 8:18 — page 34 — #54
i i
How to Think About It. In calculating gcd’s with the Euclidean Algorithm,
many students get confused keeping track of the divisors and remainders. We
illustrate one way to organize the steps that has been effective with high school
students. Arrange the steps computing gcd.124; 1028/ as on the left:
8
4 D 36 2 16
124 1028 &
992 3 D 36 2 .124 3 36/

36 124 D 2 124 C 7 36
108 2 &
D 2 124 C 7 .1028 8 124/
16 36
D 7 1028 58 124
32 4

4 16
16
0
The last nonzero remainder is the gcd, so gcd.124; 1028/ D 4. This arrange-
ment can be used to read off coefficients s and t so that 4 D 124s C 128t. Start
at the next to last division and solve for each remainder.
Exercises
1.51 If a and b are positive integers, then gcd.a; b/ D sa C t b. Prove that either s or t
is negative.
1.52 * Use Infinite Descent to prove that every positive integer
p a has a factorization
a D 2k m, where k 0 and m is odd. Now prove that 2 is irrational using this
fact instead of Euclid’s Lemma.
1.53 Prove that if n is squarefree (i.e., n > 1 and n is not divisible by the square of
any prime), then there is no rational number x with x 2 D n.
Hint: Adapt the proof of Proposition 1.26.
1.54 * Assuming there is a real number x with x 3 D 2, prove that x is irrational.
1.55 (i) Find d D gcd.326; 78/, find integers s and t with d D 326s C 78t , and put
the expression 326/78 in lowest terms.
163
Answer: d D 2, s D 11, t D 46, and 39 .
(ii) Find d D gcd.12327;2409/, find integers s and t with d D 12327s C 2409t ,
and put the expression 2409/12327 in lowest terms.
803
Answer: d D 3, s D 299, t D 1530, and 4109 .
(iii) Find d D gcd.7563; 526/, and express d as a linear combination of 7563 and
526.
Answer: d D 1, s D 37, t D 532.
(iv) Find d D gcd.73122; 7404621/ and express d as a linear combination of
73122 and 7404621.
Answer: d D 21, s D 34531, t D 7404621.
i i
“book2” — 2013/5/24 — 8:18 — page 35 — #55
i i
1.3 Euclid 35
1.56 * Prove that if gcd.r; m/ D 1 and gcd.r 0 ; m/ D 1, then gcd.rr 0 ; m/ D 1. Con-

clude that if both r and r 0 are relatively prime to m, then so is their product rr 0 .
Hint: If ar C bm D 1 and s r 0 C t m D 1, consider .ar C bm/.s r 0 C t m/.
1.57 * Let a; b, and d be integers. If d D sa C t b, where s and t are integers, find
infinitely many pairs of integers .sk ; tk / with d D sk a C tk b.
Hint: If 2s C 3t D 1, then 2.s C 3/ C 3.t 2/ D 1.
1.58 * If a and b are relatively prime and each divides an integer n, prove that their
product ab also divides n.
Hint: Use Corollary 1.22.
1.59 If m > 0, prove that m gcd.b; c/ D gcd.mb; mc/. (We must assume that m > 0
lest m gcd.b; c/ be negative.)
Hint: Show that if k is a common divisor of mb and mc, then k j m gcd.b; c/.
1.60 Write d D gcd.a; b/ as a linear combination of a and b.
(i) a D 4 and b D 16.
Answer: d D 4 D 5 4 C . 1/ 16 (or, 4 D 1 4 C 0 16).
(ii) a D 16 and b D 36.
Answer: d D 4 D . 2/ 16 C 1 36.
(iii) a D 36 and b D 124.
Answer: d D 4 D 7 36 C . 2/ 124.
(iv) a D 124 and b D 1028.
Answer: d D 4 D . 58/ 124 C 7 1028.
1.61 Given integers a, b, and c with c j a and c j b, prove that c divides every linear
combination sa C t b.
1.62 Is anything wrong with this calculation? Explain your answer.
4

7 37
28
1.63 Given integers b, c, d , and e satisfying b D 7c C 2 and d D 7e C 4,

(i) What’s the remainder when b C d is divided by 7?
Answer: 6.
(ii) What’s the remainder when bd is divided by 7?
Answer: 1.
(iii) Explain your answers.
1.64 A lattice point is a point .x; y/ in the plane with both x and y integers.
(i) Which lattice points are on the line whose equation is 4x C 6y D 24?
(ii) Which lattice points are on the line whose equation is 3x C 6y D 24?
(iii) Find a line whose equation has integer coordinates but that never passes
through a lattice point.
(iv) Explain how to tell whether the line with equation y D axCb contains lattice
points.
i i
“book2” — 2013/5/24 — 8:18 — page 36 — #56
i i
1.65 Consider the calculation of gcd.124; 1028/ on page 34. Show that the integer pairs
.124; 1028/; .36; 124/; .16; 36/; .4; 16/; .0; 4/
have the same greatest common divisor.

1.66 Most calculators have functions computing quotients and remainders. Let r.b; a/
denote the remainder when b is divided by a, and let q.b; a/ denote the quotient.
Find r.b; a/ and q.b; a/ if
(i) a D 12, b D 16. Answer: q.16; 12/ D 1; r.16; 12/ D 4.
(ii) a D 16, b D 12. Answer: q.12; 16/ D 0; r.12; 16/ D 12.
(iii) a D 124, b D 1028. Answer: q.1028; 124/ D 8; r.1028; 24/ D 36.
(iv) a D 78, b D 326. Answer: q.326; 78/ D 4; r.326; 78/ D 14.
The functions can be pro- 1.67 Preview. Using the notation in Exercise 1.66, consider the pair of recursively
grammed into a calculator. defined functions on N:
(
0 aD0
s.a; b/ D
t .r.b; a/; a/ q.b; a/ s .r.b; a/; a/ a>0
(
1 aD0
t .a; b/ D
s .r.b; a/; a/ a > 0:
Find s.a; b/ and t .a; b/ if
(i) a D 124; b D 1028. Answer: s.124; 1028/ D 58; t .124; 1028/ D 7.

(ii) a D 36; b D 124. Answer: s.36; 124/ D 7; t .36; 124/ D 2.
(iii) a D 78; b D 326. Answer: s.78; 326/ D 46; t .78; 326/ D 11.
(iv) a D 12327; b D 2409. Answer: s.1237;2409/ D 1186; t .1237;2409/ D
609.
(v) a D 7563; b D 526. Answer: s.7563; 526/ D 37; t .7563; 526/ D 532.
(vi) a D 167291; b D 223377. Answer: s.167291; 223377/ D 4,
t .167291; 223377/ D 3.
1.4 Nine Fundamental Properties

We now focus on a small number (nine) of properties of arithmetic, for it turns
out that many of the usual rules follow from them. This obviously simplifies
things, making explicit what we are allowed to assume. But we have an ulterior
motive. The properties will eventually be treated as axioms that will describe
addition and multiplication in other systems, such as complex numbers, poly-
nomials, and modular arithmetic; these systems lead naturally to their common
generalization, commutative rings.
Notation. The set of all rational numbers is denoted by Q, and the set of all
real numbers is denoted by R.
We begin by stating some basic properties of real numbers (of course, inte-
gers and rationals are special cases). These properties undergird a great deal of
high school algebra; they are essential for the rest of this book and, indeed, for
abstract algebra.
Functions are discussed in Addition and multiplication are functions R R ! R, namely, .a; b/ 7!
Appendix A.1. a C b and .a; b/ 7! ab. The Laws of Substitution say that if a; a0 ; b; b 0 are
i i
“book2” — 2013/5/24 — 8:18 — page 37 — #57
i i
1.4 Nine Fundamental Properties 37
real numbers with a D a0 and b D b 0 , then
a C b D a0 C b 0 and ab D a0 b 0 :
The Laws of Substitution are used extensively (usually tacitly) when solving
equations or transforming expressions, and they merely say that addition and
multiplication are single-valued. For example, since 5 C 5 D 0, we have
. 5 C 5/ . 1/ D 0 . 1/ D 0:
Here are the properties of addition we are emphasizing.

Addition W For all real numbers a; b, and c,
(i) Commutativity: a C b D b C a,
(ii) 0 C a D a,
(iii) there is a number a, called the negative of a (or its additive inverse),
with a C a D 0,
(iv) Associativity: a C .b C c/ D .a C b/ C c.
Let’s say a bit more about associativity. Addition is defined as an operation
performed on two numbers at a time, but it’s often necessary to add three or
more numbers. Associativity says that, when evaluating, say 2 C 5 C 3, we Given associativity for
can first add 2 and 5, giving 7 C 3 D 10, or we can first add 5 and 3, giving the sum or product of
3 numbers, generalized
2 C 8 D 10. In other words, we don’t need parentheses: writing 2 C 5 C 3
associativity is also true:
is unambiguous because .2 C 5/ C 3 D 2 C .5 C 3/. This is not the case we don’t need parentheses
with subtraction. What is 8 3 2? If we first subtract 8 3, then the answer for the sum or product of
is 5 2 D 3. However, if we evaluate 8 .3 2/ D 8 1, we obtain a n 3 numbers. A proof is
different answer. Thus, subtraction R2 ! R, defined by .a; b/ 7! a b, is not in Appendix A.5.
associative, and we do need parentheses for it.
Here are the properties of multiplication that we are emphasizing; note that
they are, formally, the same as those for addition: just replace “plus” by “times”
(we usually denote the product of numbers a and b by ab, although we will
occasionally write a b or a b).
Multiplication W For all real numbers a; b, and c,
(i) Commutativity: ab D ba,
(ii) 1 a D a,
1
(iii) If a ¤ 0, there is a number a , called its (multiplicative) inverse (or its
reciprocal) with a a 1 D 1, Why do we assume that
a ¤ 0? Read on.
(iv) Associativity: a.bc/ D .ab/c.
Finally, we highlight a property involving both addition and multiplication.
Distributivity: a.b C c/ D ac C ab:
Reading from left to right, distributivity says that we can “multiply a through;”
reading from right to left, distributivity says that we can “factor a out.”
Aside from the two Laws of Substitution, one for addition and one for mul-
tiplication, we have now listed nine properties of addition and multiplication.
Subtraction and division are defined as follows.
i i
“book2” — 2013/5/24 — 8:18 — page 38 — #58
i i
Definition. If a and b are numbers, define subtraction by
b a D b C . a/;
where a is the negative of a; that is, a is the number which, when added
to a, gives 0.
Quotient (or division) is defined similarly.
Definition. If a and b are numbers with b ¤ 0, then the quotient of a by b

is ab 1 , where b 1 is the number which, when multiplied by b, gives 1. We
often denote ab 1 by a=b.
The word quotient is used here in a different way than in the Division Algo-
rithm, where it is bb=ac, the integer part of b=a (see Exercise 1.40 on page 29).
How to Think About It. Almost all the properties just listed for the set R
of real numbers also hold for the set Z of integers—these properties are “in-
herited” from R because integers are real numbers. The only property that Z
doesn’t inherit is the existence of multiplicative inverses. While every nonzero
integer does have an inverse in R, it may not be an integer; in fact, the only
nonzero integers whose inverses also lie in Z are 1 and 1. There are other
familiar algebraic systems that are more like Z than R in the sense that multi-
plicative inverses may not exist in the system. For example, all polynomials in
one variable with rational coefficients form such a system, but the multiplica-
tive inverse 1=x of x is not a polynomial.
Other familiar “rules” of arithmetic are easy consequences of these fundamen-

tal ones. Here are some of them.
Proposition 1.31. For every number a, we have 0 a D 0.
Proof. By Addition Rule (ii), we have 0 C 0 D 0. Therefore,
0 a D .0 C 0/a D .0 a/ C .0 a/:
Now subtract 0 a from both sides to obtain 0 D 0 a.

What is the meaning of division by 5? When we say that 20 5 D 4, we
mean that 20=5 is a number (namely 4), and that .20=5/ 5 D 20. Dividing
is the “opposite” of multiplying: dividing by 5 undoes multiplying by 5. This
agrees with our formal definition. The inverse of 5 is 5 1 , and 20 5 1 D
Multiplication by 5 is a 20=5 D 4.
bijection, and we are Can we divide by zero? If so, then 1=0 would be a number with 0 .1=0/ D
saying that division by 5
1. But we have just seen that 0 a D 0 for any number a. In particular,
is its inverse function.
See Example A.10 in 0 .1=0/ D 0, giving the contradiction 1 D 0. It follows that 1=0 D 0 1 is
Appendix A. 1. not a number; we cannot divide by 0.
Here is another familiar consequence of the nine fundamental properties.
Proposition 1.32. For a number a, we have
. a/ . 1/ D a:
i i
“book2” — 2013/5/24 — 8:18 — page 39 — #59
i i
1.4 Nine Fundamental Properties 39
In particular,
. 1/ . 1/ D 1:
Proof. The distributive law gives The Law of Substitution

allows us to replace 0 by
0 D 0 . a/ D . 1 C 1/. a/ D . 1/ . a/ C . a/: 1 C 1.
Now, add a to both sides to get a D . 1/. a/.

Even though its proof is very simple, Proposition 1.32 is often presented to
high school students as something mysterious and almost magical. We can only
guess at a reason. From Euclid’s time until the 1500s, numbers were always
positive; either negative numbers were not recognized at all or, if they did
appear, they were regarded with suspicion, as not being bona fide (the complex
numbers, which came on the scene around the same time, were also suspected
of witchcraft). In the proof of Proposition 1.32, we treated negative numbers
without prejudice, and we assumed that they obey the same elementary rules
as positive numbers do. And we have reaped a reward for clear thinking.
Addition Rule (iii) states that every real number has a negative, an additive
inverse. Can a number a have more than one negative? Intuition tells us no,
and this can be proved using the nine fundamental properties.
Proposition 1.33. Negatives in R are uniqueI that is, for a 2 R, there is

exactly one number b in R with b C a D 0.
Multiplicative inverses of nonzero real numbers are uniqueI that is, for
nonzero c 2 R, there is exactly one real number d with cd D 1.
Proof. Suppose b is a number with a C b D 0. Add a to both sides:
a C .a C b/ D a:
We can now use associativity to calculate, like this.
a C .a C b/ D a
. a C a/ C b D a
0Cb D a
b D a:
This argument can be adapted to prove uniqueness of multiplicative in-

verses; merely replace + by and “additive inverse” by “multiplicative in-
verse.”
Uniqueness theorems like Proposition 1.33 are useful because they show
that certain objects are characterized by their behavior. For example, to show
that a number b is equal to a, add b to a and see if you get 0. This is the
strategy in the next proof.
Corollary 1.34. For every real number a, we have a D . 1/a. Similarly, if

b ¤ 0, then .b 1 / 1 D b.
i i
“book2” — 2013/5/24 — 8:18 — page 40 — #60
i i
Proof. We add . 1/a to a and see if we get 0.
. 1/a C a D . 1/a C 1 a D a. 1 C 1/ D a 0 D 0:
We do get 0, and so Proposition 1.33 guarantees that a D . 1/a.

To prove the second statement, interpret the equation bb 1 D 1 as saying
that b is an element which, when multiplied by b 1 , gives 1.
We can now prove the distributive law for subtraction.
Corollary 1.35. If a; b; c are real numbers, then a.b c/ D ab ac.
Proof. By definition, b c D b C . c/. But b c D b C . 1/c, by Corol-

lary 1.34. Therefore, distributivity gives

a.b c/ D a b C . 1/c
D ab C a. 1/c
D ab C . 1/.ac/
D ab ac:
We have just displayed some properties of addition and multiplication of

real numbers following from the nine fundamental properties. The proofs fol-
low only from the nine properties; we did not use any other properties of R,
such as decimal expansions or inequalities. Hence, if we show, for example,
that addition and multiplication of complex numbers or of polynomials satisfy
the nine properties, then each of these systems satisfy the “other properties,”
Propositions 1.31, 1.32, and 1.33, as well.
Exercises
1.68 (i) Prove the additive cancellation law using only the nine properties: if a; b; c
are real numbers with a C c D b C c, then a D b.
(ii) Prove the multiplicative cancellation law for real numbers using only the nine
properties: if a; b; c are real numbers with ac D bc and c ¤ 0, then a D b.
1.69 Suppose that b ¤ 0. Show that a=b is the unique real number whose product with
b is a.
1.70 (i) Prove that a real number a is a square if and only if a 0.
(ii) Prove that every complex number is a square.
1.71 * Let a; b; c be numbers.
(i) Prove that ac, the negative of ac, is equal to . a/c; that is, ac C. a/c D 0.
(ii) In the proof of Corollary 1.35, we stated that
ab C a. 1/c D ab ac:
Prove this.
Hint: Evaluate a.0 C 0/ in two ways.
1.72 * Suppose that e and f are integers and let m D minfe; f g and M D maxfe; f g.
Show that
m C M D e C f:
i i
“book2” — 2013/5/24 — 8:18 — page 41 — #61
i i
1.5 Connections 41
1.73 *
(i) If a is a positive real number such that an D 1 for an integer n 1, prove
that a D 1.
(ii) If a is a real number such that an D 1 for an integer n 1, prove that
a D ˙1.
1.74 The Post Office has only 5 and 8 cent stamps today. Which denominations of
postage can you buy?
1.75 * Later in this book, we’ll prove Theorem 2.10: every integer can be factored into
primes in essentially only one way. You may use this theorem here.
(i) If a 2 Z, prove that every prime p that divides a2 shows up with even expo-
nent; that is, if p j a2 , then p2 j a2 .
(ii) Show that there are no integers a and b so that 2a2 D b 2 .
(iii) Use part(ii) to show that there is no rational number x with x 2 D 2.
1.76 Use Euclid’s idea of a geometric Division Algorithm (see Figure 1.8 on page 22)
to give a geometric version of the Euclidean Algorithm that uses repeated geo-
metric division. Apply your geometric algorithm to
(i) two segments of length 12 and 90.
(ii) the diagonal and the side of a square.
1.5 Connections
This section applies the method of Diophantus to trigonometry and to calculus.
Trigonometry
The formulas x D .1 t 2 /=.1 C t 2 / and y D 2t=.1 C t 2 /, where t is a
real number, parametrize all the points on the unit circle except . 1; 0/. But
we know that if A D .x; y/ is a point on the unit circle, then x D cos and
y D sin , where D †DOA (see Figure 1.9).
A = (cos q, sin q)
q
O D
Figure 1.9. Cosine and Sine.

p
If D 30o , then .cos ; sin / D . 23 ; 12 /; one coordinate is irrational and
one is rational. Are there any acute angles with both cos and sin rational?
If .x; y/ is the Pythagorean point arising from .3; 4; 5/, then x D cos D 53
and y D sin D 45 . With a little more work, we can prove that there are
infinitely many angles with both cos and sin rational (is it obvious that
Pythagorean triples arising from distinct Pythagorean points are not similar?)
i i
“book2” — 2013/5/24 — 8:18 — page 42 — #62
i i
and also infinitely many angles with both cosine and sine irrational (see Exer-
cise 1.29 on page14).
The parametrization of the unit circle in Proposition 1.2,
1 t2 2t
cos D and sin D ; 1 < t < 1;
1 C t2 1 C t2
enables us to prove some trigonometric identities. For example, let’s prove the
identity
1 C cos C sin
D sec C tan :
1 C cos sin
First, rewrite everything in terms of sin and cos . The left-hand side is fine;
the right-hand side is .1= cos / C .sin = cos /. Now replace these by their
formulas in t. The left-hand side is
1 t2 2t
1C 1Ct 2
C 1Ct 2
;
1 t2 2t
1C 1Ct 2 1Ct 2
and this simplifies to a rational function of t (that is, a quotient of two poly-
nomials). Similarly, the right-hand side is also a rational function of t, for
1 1 C t2 2t
sec D D and tan D . Thus, verifying whether the
cos 1 t2 1 t2
trigonometric identity is true is the same thing as verifying whether one ra-
tional expression is equal to another. This problem involves no ingenuity at
all. Just cross multiply and check whether the polynomials on either side are
equal; that is, check whether the monomials on either side having the same
degree have the same coefficients.
Integration
The parametrization of the unit circle is useful for certain integration problems.
In Figure 1.10, we see that 4AOB is isosceles, for two sides are radii; thus, the
B = (cos q, sin q)
q
(–1,0) = A O
Figure 1.10. Tangent Half-Angle.

We denote the line de-
termined by points A base angles are equal. But the exterior angle is their sum, and so †BAO D
and B by L.A; B /, but =2. Therefore,
!
the notation AB is the
convention in geometry sin
tD D slope L.A; B/ D tan.=2/I
and precalculus books. 1 C cos
i i
“book2” — 2013/5/24 — 8:18 — page 43 — #63
i i
1.5 Connections 43
t D tan.=2/ is called the tangent half-angle formula. Now

2 dt
D 2 arctan t and d D :
1 C t2
R Let’s apply this substitution. In most calculus courses, the indefinite integral
sec d D log j sec C tan j is found by some unmotivated trick, but this
integration is quite natural when we use the method of Diophantus.
Z Z Z Z
d 1 C t 2 2 dt 2 dt
sec d D D 2
2
D :
cos 1 t 1Ct 1 t2
Since
2 1 1
D C ;
1 t2 1Ct 1 t
we have
Z Z Z
2 dt dt dt
D C D log j1 C tj log j1 tj:
1 t2 1Ct 1 t
The hard part is now done;
ˇ1 C t ˇ
log j1 C tj log j1 tj D log ˇ ˇ;
1 t
and it is cosmetic to rewrite, using the formula relating t and
1Ct .1 C t/2 1 C 2t C t 2 1 C t2 2t
D D D C D sec C tan :
1 t 1 t2 1 t2 1 t2 1 t2
Other integrands can also be integrated using the tangent half-angle formula
(see Exercise 1.78 below). Similar parametrizations of other conic sections also
lead to integration formulas (see Exercises 1.80–1.82 below and [28, pp. 86–
97]).
Exercises
1.77 Verify the following trigonometric identities.
cos cot
(i) 1 C csc D .
1 sin
1 1
(ii) D 2 cot .
csc cot csc C cot
(iii) cot4 C cot2 D csc4 csc2 :

1.78 Integrate the following using the tangent half-angle formula.
Z
sin
(i) d .
2 C cos
ˇ ˇ
ˇ 2ˇ
Answer: ln ˇ 1Ct
3Ct 2
sin
ˇ, where t D 1Ccos
.
Z
sin cos
(ii) d .
sin C cos
ˇ ˇ
ˇ 1Ct 2 ˇ
Answer: ln ˇ 1C2t Dt 2 ˇ, which leads to ln j cos C sin j.
i i
“book2” — 2013/5/24 — 8:18 — page 44 — #64
i i
1.79 * Preview.
(i) Sketch the graph of x 2 xy C y 2 D 1.
(ii) Find a “sweeping lines” parametrization for the points on the graph of
x 2 xy C y 2 D 1.
(iii) Find a scalene triangle with integer side lengths and a 60ı angle.
1.80 Take It Further.
(i) Find a “sweeping lines” parametrization for the points on the graph of the
parabola x D y 2 , using lines joining A D .0; 0/ to points P D .x; y/ on the
parabola.
Z
dx
(ii) Use this parametrization to evaluate p .
1C x
1.81 Take It Further. Show that a “sweeping lines” parametrization for the points
on the ellipse x 2 =a2 C y 2 =b 2 D 1, using lines joining A D . a; 0/ to points
P D .x; y/ on the ellipse, is
a.b 2 a2 t 2 / 2ab 2 t
xD and :
b 2 C a2 t 2 b2 C a2 t 2
1.82 Take It Further. Show that a “sweeping lines” parametrization for the points on
the hyperbola x 2 =a2 y 2 =b 2 D 1, using lines joining A D . a; 0/ to points
P D .x; y/ on the hyperbola, is
a.b 2 C a2 t 2/ 2ab 2t
xD and y D :
b 2 a2 t 2 b2 a2 t 2
1.83 * Take It Further. Most high school texts derive the quadratic formula by “com-
pleting the square,” a method we’ll discuss and generalize in Chapter 3. Here’s
another way to derive the formula.
(i) Show that if r and s are the roots of x 2 C bx C c D 0, then
r Cs D b and
rs D c
(ii) If r C s D b and rs D c, show that
.r s/2 D b 2 4c;
p
so that r s D ˙ b2 4c.
(iii) Solve the system
r Cs D b
p
r s D ˙ b2 4c
for r and s.
i i
“book2” — 2013/5/24 — 8:18 — page 45 — #65
i i
2 Induction
In Chapter 1, we proved some basic theorems of ordinary arithmetic: Division

Algorithm; Euclidean Algorithm; prime factorization. We are now going to
prove the Fundamental Theorem of Arithmetic: any two people writing an in-
teger as a product of primes always get the same factors. We need a very useful We shall see later that
tool in order to do this, and so we interrupt our historical account to introduce many interesting number
systems do not have
mathematical induction, a method of proof that finds application throughout
unique factorization.
mathematics. We’ll go on here to use induction to discuss the Binomial Theo- Indeed, not recognizing
rem and some combinatorics. this fact is probably
responsible for many false
“proofs” of Fermat’s Last
Theorem.
2.1 Induction and Applications
The term induction has two meanings. The most popular one is inductive rea-
soning: the process of inferring a general law from the observation of partic-
ular instances. For example, we say that the Sun will rise tomorrow morning
because, from the dawn of time, the Sun has risen every morning. Although
this notion of induction is used frequently in everyday life, it is not adequate
for mathematical proofs, as we now show.
Consider the assertion: “f .n/ D n2 n C 41 is prime for every positive
integer n.” Evaluating f .n/ for n D 1; 2; 3; : : : ; 40 gives the numbers
41; 43; 47; 53; 61; 71; 83; 97; 113; 131;
151; 173; 197; 223; 251; 281; 313; 347; 383; 421;
461; 503; 547; 593; 641; 691; 743; 797; 853; 911;
971; 1033; 1097; 1163; 1231; 1301; 1373; 1447; 1523; 1601:
It is tedious, but not very difficult (see Exercise 2.2 on page 52), to show that
every one of these numbers is prime. Inductive reasoning leads you to expect
that all numbers of the form f .n/ are prime. But the next number, f .41/ D
1681, is not prime, for f .41/ D 412 41 C 41 D 412 , which is obviously
composite.
An even more spectacular example of the failure of inductive reasoning is
given by the harmonic series 1 C 21 C 13 C C n1 C , which diverges
(first proved by Oresme (ca.1320–1382)), and so its partial sums get arbitrarily
large. Given a number N , there is a partial sum
Xm
1
†m D D1C 1
2
CC 1
m
nD1
n
45
i i
“book2” — 2013/5/24 — 8:18 — page 46 — #66
i i
46 Chapter 2 Induction
with †m > N . A high school student, unaware of this, playing with his cal-
culator and seeing that †315 6:33137, would probably make the reasonable
guess that †m < 100 for all m. But he’s wrong; the series diverges! It is
known that if m < 1:5 1043 , then †m < 100. The most generous estimate
of the age of the Earth is ten billion (10,000,000,000) years, or 3:65 1012
days, a number insignificant when compared to 1:5 1043 . Therefore, starting
from the Earth’s very first day, if the statement †m < 100 was verified on the
mth day, then there would be today as much evidence of the general truth of
these statements as there is that the Sun will rise tomorrow morning. And yet
most statements †m < 100 are false!
Inductive reasoning is valuable in mathematics, as it is in natural science,
because seeing patterns in data often helps us guess what may be true in general
(see Exercise 2.1 on page 52, for example). However, merely checking whether
the first few (or first few trillion) statements are true is not enough. We have
just seen that checking the first 1:5 1043 statements is inadequate to establish
a general rule.
Let’s now discuss mathematical induction. Suppose we are given a se-
quence of statements
S.1/; S.2/; S.3/; : : : ; S.n/; : : : :
For example, the formula 2n > n for all n 1 can be viewed as the sequence
of statements
21 > 1; 22 > 2; 23 > 3; :::; 2n > n; ::::
Mathematical induction is a technique for proving that all the statements are
true.
The key idea is just this. Imagine a stairway to the sky. We claim that if
its bottom step is white and the next step above any white step is also white,
then all the steps of the stairway are white. Here’s our reasoning. If some steps
aren’t white, walk up to the first non-white step; call it Fido. Now Fido can’t
be at the bottom, for the bottom step is white, and so there is a step just below
Fido. This lower step must be white, because Fido is the first non-white one.
But Fido, being the next step above a white step, must also be white. This is a
contradiction; there is no Fido. All the steps are white.
To sum up, given a list of statements, we are claiming that if
(i) the first statement is true, and
(ii) whenever a statement is true, so is the next one,
then all the statements on the list are true.
Let’s apply this idea to the list of inequalities S.n/W 2n > n. Now S.1/ is
true, for 21 D 2 > 1. Suppose we believe, for every n > 1, that the implication
The symbol ) means 2n 1 > n 1 ) 2n > n is true. Since S.1/ is true and S.1/ ) S.2/ is true,
implies. we have S.2/ true; that is, if 21 > 1 and 21 > 1 ) 22 > 2 are both true,
then 22 > 2. Since 22 > 2 is true and 22 > 2 ) 23 > 3 is true, we have
23 > 3; since 23 > 3 is true and 23 > 3 ) 24 > 4 is true, we have 24 > 4;
and so forth. Mathematical induction replaces the phrase and so forth with
statement (ii), which guarantees, for every n, that there is never an obstruction
in the passage from the truth of any statement S.n 1/ to the truth of the next
one S.n/. We will prove 2n > n for all n 1 in Proposition 2.2.
Here is the formal statement of mathematical induction.
i i
“book2” — 2013/5/24 — 8:18 — page 47 — #67
i i
2.1 Induction and Applications 47
Theorem 2.1 (Mathematical Induction). Let k be an integer. If S.k/;

S.k C 1/; S.k C 2/; : : : is a sequence of statements such that
(i) Base StepW S.k/ is true, and
(ii) Inductive StepW If, for n > k, S.n 1/ being true implies S.n/ true,
Many people prefer to
then the statements S.n/ are true for all n k. write the inductive step as
S.n/ ) S.n C 1/ instead
of S.n 1/ ) S.n/ as
We’ll prove this in Theorem 2.17 (you’ll see then that the proof is our story we do. The difference is
about Fido), but let’s use the theorem now to prove some interesting results. cosmetic; the important
We start by completing our argument that 2n > n. thing is the passage from
one statement to the next
Proposition 2.2. 2n > n for all n 1. one.
Proof. Here k D 1, and the statements are
S.1/ W 21 > 1; :::; S.n 1/ W 2n 1

>n 1; S.n/ W 2n > n; :::
Base Step: If n D 1, then 21 D 2 > 1, so S.1/ is true.

Inductive Step: We need to show that if n > 1 and S.n 1/ is true, then S.n/
is true. It is always a good idea to write the statements out so that we can see
what needs to be proved. Here, we must show that if the inductive hypothesis
S.n 1/ W 2n 1
>n 1
is true, then so is S.n/; that is, 2n 1 > n 1 implies 2n > n. Multiply both
sides of the inequality S.n 1/ by 2: if 2n 1
> n 1, then
2n D 2 2n 1
> 2.n 1/ D .n 1/ C .n 1/ .n 1/ C 1 D n
(the last inequality holds because n > 1 implies n 1 1). Thus, if 2n 1 >
n 1 is true, then 2n > n is also true.
Since both the base step and the inductive step hold, Theorem 2.1 says that
all the statements are true: 2n > n for all n 1.
Etymology. The word induction comes from the Latin word meaning to lead
into or to influence. It is used here because, as we have just seen, the truth of
the nth statement arises from the truth of the previous statement.
Usually the base step in an inductive proof occurs when k D 1, although Define S.0/ W 20 > 0.
many proofs occur when k D 0 (see Exercise 2.4 on page 52). Here is an Suppose we had taken
example of an induction whose base step occurs when k D 5. Consider the the base step in Propo-
sition 2.2 at k D 0. Can
statements you write out a proof that
S.0/ ) S.1/?
S.n/ W 2n > n2 :
This is not true for small values of n: if n D 2 or 4, then there is equality, not
inequality; if n D 3, the left side, 8, is smaller than the right side, 9. However,
S.5/ is true: 32 > 25.
Proposition 2.3. 2n > n2 for all integers n 5.
i i
“book2” — 2013/5/24 — 8:18 — page 48 — #68
i i
Proof. We have just checked the base step S.5/. Suppose that n > 5 and that
2n 1
> .n 1/2 : (2.1)
Can we use this to show that 2n > n2 ? Multiply both sides of inequality (2.1)
by 2 to obtain
2n > 2.n 1/2 :
We’ll be done if we show, for n > 5, that 2.n 1/2 > n2 . Now
2.n 1/2 D .n 1/2 C .n 1/.n 1/

> .n 1/2 C 4.n 1/ since n 1>4
2

n 2n C 1 C 4.n 1/
2
D n C 2n 3:
But 2n 3 is positive, because n > 5, and so n2 C 2n 3 > n2 .
We now use induction to prove a geometric result.
Definition. A polygon P in the plane is convex if, for every pair of distinct
points A; B on its perimeter, the line segment AB lies inside of P .
For example, every triangle is convex, but there are quadrilaterals that are
not convex. For example, the shaded quadrilateral in Figure 2.1 is not convex,
for the line segment joining boundary points A and B is not wholly inside it.
B
A
Figure 2.1. Non-convex polygon.
Proposition 2.4. Let P be a convex polygon with vertices V1 ; : : : ; Vn . If i is

the .interior/ angle at Vi , then
1 C C n D .n 2/180ı:
Proof. The proof is by induction on n 3. For the base step n D 3, the

polygon is a triangle, and it is well known that the sum of the interior angles
is 180ı. For the inductive step n > 3, let P be a convex polygon with vertices
V1 ; : : : ; Vn . Since P is convex, the segment joining V1 and Vn 1 lies wholly
inside P ; it divides P into the triangle D V1 Vn Vn 1 and the polygon P 0
having vertices V1 ; : : : ; Vn 1 . Now P 0 is convex (why?), so that the inductive
hypothesis says that the sum of its interior angles is .n 3/180ı . Figure 2.2
shows that the sum of the interior angles of P is the sum of the angles of
and those of P 0 , which is 180ı C .n 3/180ı D .n 2/180ı.
i i
“book2” — 2013/5/24 — 8:18 — page 49 — #69
i i
V1
V2
q1
q2 V3
D q3
Vn qn P¢
qn–1
qn–2
Vn – 1
Vn – 2
Figure 2.2. Convex polygon.
In any proof by induction, we must verify both the base step and the induc-
tive step; verification of only one of them is insufficient. For example, consider
the statements S.n/W n2 D n. The base step, S.1/, is true, but the inductive
step is false; of course, these statements S.n/ are false for all n > 1. Another
example is given by the statements S.n/W n D n C 1. It is easy to see that the
inductive step is true: if S.n 1/ is true, i.e., if n 1 D .n 1/C 1, then adding
1 to both sides gives n D .n 1/ C 2 D n C 1, which is the next statement,
S.n/. But the base step is false; of course, all these statements S.n/ are false.
How to Think About It. When first seeing induction, many people sus-
pect that the inductive step is circular reasoning. Why are you allowed to use
statement S.n 1/, which you don’t know is true, to prove that S.n/ is true?
Isn’t the truth of S.n 1/ essentially what you are supposed to be proving?
A closer analysis shows that this is not at all what is happening. The inductive
step, by itself, does not prove that S.n/ is true. Rather, it says that if S.n 1/
is true, then S.n/ is also true. In other words, the inductive step proves that the
implication “If S.n 1/ is true, then S.n/ is true” is correct. The truth of this
implication is not the same thing as the truth of its conclusion. For example,
consider the two statements: “Your grade on every exam is 100%” and “Your
grade for the course is A.” The implication “If all your exams are perfect, then
you will get the highest grade for the course” is true. Unfortunately, this does
not say it is inevitable that your grade for the course will be A. Here is a math-
ematical example: the implication “If n 1 D n, then n D n C 1” is true, but
the conclusion “n D n C 1” is false.
From now on, we usually abbreviate mathematical induction to induction.

Here is the first example of a proof by induction often given in most texts.
Proposition 2.5. For every integer n 1, we have

1 C 2 C C n D 12 n.n C 1/:
Proof. The proof is by induction on n 1.

Base step. If n D 1, then the left-hand side is 1 and the right-hand side is
1
2
1.1 C 1/ D 1, as desired.
Inductive step. The .n 1/st statement is
S.n 1/W 1 C 2 C C .n 1/ D 12 .n 1/n;
i i
“book2” — 2013/5/24 — 8:18 — page 50 — #70
i i
and we must show

1 C 2 C C n D 1 C 2 C C .n 1/ C n:
By the inductive hypothesis, the right-hand side is

1
2
.n 1/n C n:
But 12 .n 1/n C n D 1
2
n.n C 1/. By induction, the formula holds for all
n 1.
Historical Note. Here is one version of a popular story. As a 7-year old

prodigy, Gauss was examined by two mathematicians to evaluate his mathe-
matical ability. When asked to add up all the numbers from 1 to 100, he thought
a moment and then said the answer was 5050. Gauss let s denote the sum of
all the numbers from 1 to 100: s D 1 C 2 C C 99 C 100. Of course,
s D 100 C 99 C C 2 C 1. Arrange these nicely
s D 1 C 2 C C 99 C 100
s D 100 C 99 C C 2 C 1
and add
2s D 101 C 101 C C 101 C 101;
the sum 101 occurring 100 times. We now solve: s D 21 .100 101/ D 5050.
This argument is valid for any number n in place of 100 (and there is no obvi-
ous use of induction!). Not only does this give a new proof of Proposition 2.5,
it shows how the formula could have been discovered.
Example 2.6. Another proof of the formula in Proposition 2.5 comes from an
analysis of the square in Figure 2.3.
Pn
Figure 2.3. kD1 k.
We have n D 7 in Fig- Imagine an .n C 1/ .n C 1/ square. It contains .n C 1/2 small unit squares.

ure 2.3. Since there are n C 1 unit squares on the diagonal, there are
.n C 1/2 .n C 1/ D n2 C n
unit squares off the diagonal. Half of them, 12 .n2 C n/, are above the diagonal.
But, if you count by rows, there are
1C2CCn
i i
“book2” — 2013/5/24 — 8:18 — page 51 — #71
i i
unit squares above the diagonal. Hence
1 C 2 C C n D 21 .n2 C n/: N
How to Think About It. Proposition 2.5 illustrates a common problem stu-
dents have when learning induction. Induction itself is a technique of proof
(involving just two steps), but it is not a method of discovery. However, the
two notions of proof and discovery are often intertwined. For example, merely
applying mathematical induction, as we did in the proof of Proposition 2.5,
is straightforward. But many beginning students get confused because, at the
same time as they are following the steps of the proof, they are also wonder-
ing where the formula for the sum comes from. In contrast, neither Gauss’s
proof nor the proof using the .n C 1/ .n C 1/ square is confusing, for the
ideas of these proofs and their techniques of proof are separate. In Section 2.3,
we’ll describe a method for introducing mathematical induction to high school
students that usually minimizes this confusion.
Aside from proving statements, induction can also be used to define terms.
For example, here is an inductive definition of factorial. Inductive definitions are
often called recursive
definitions.
Definition. Define 0Š D 1 and, if n > 0, define nŠ D n .n 1/Š. In other
words, nŠ is defined by Defining 0Š D 1 is con-
( venient, as we shall see
1 if n D 0 in the next section when
nŠ D we discuss the Binomial
n .n 1/Š if n > 0: Theorem.
Induction allows us to define the powers of a number.
Definition. If a 2 R, define the powers of a, for n 0, by induction:

(
n 1 if n D 0
a D
an 1 a if n > 0:
If a D 0, we have defined 00 D 1.
Etymology. The terminology x square and x cube for x 2 and x 3 is, of

course, geometric in origin. Usage of the term power in this context arises
from a mistranslation of the Greek dunamis (from which the word dynamo
comes) as used by Euclid. The standard European rendition of dunamis was
“power;” for example, the first English translation of Euclid’s Elements by
H. Billingsley in 1570, renders a sentence of Euclid as “The power of a line is
the square on the same line” (which doesn’t make much sense to us). However,
contemporaries of Euclid, e.g., Plato and Aristotle, used dunamis to mean “am-
plification.” This seems to be a more appropriate translation, for Euclid was
probably thinking that a one-dimensional line segment can sweep out a two-
dimensional square. We thank Donna Shalev for informing us of the classical
usage of dunamis.
i i
“book2” — 2013/5/24 — 8:18 — page 52 — #72
i i
Proposition 2.7 (Laws of Exponents). Let a 2 R and m; n 0 be integers.

(i) amCn D am an .
(ii) .am /n D amn .
Proof. (i) The statement is true for all n 0 when m D 0. We prove

amCn D am an is true for all n by induction on m 1. The base step
says that aan D anC1 , which is just the definition of powers. For the
inductive step,
amCn D amCn 1
a definition of powers
m 1Cn
Da a
m 1 n
Da a a inductive hypothesis
m 1 nC1
Da a definition of powers
m 1CnC1
Da inductive hypothesis
mCn
Da :
(ii) The statement is true for all m 0 when n D 0. We prove .am /n D amn
is true for all m by induction on n 1. The base step says that .am /1 D
am1 D am , which is obvious. For the inductive step,
.am /n D .am /n 1 m
a definition of powers
m.n 1/ m
Da a inductive hypothesis
m.n 1/Cm
Da part (i)
D amn :
Historical Note. The earliest known occurrence of mathematical induction

is in Sefer ha-Mispar (also called Maaseh Hoshev, whose Hebrew title means
practical and theoretical calculating), written by Levi ben Gershon in 1321
(he is also known as Gersonides or as RaLBaG, the acronym for Rabbi Levi
ben Gershon). Induction appears later in Arithmeticorum libri duo, written by
Maurolico in 1557, and also in Traité du Triangle Arithmetique, written by
Pascal around 1654 (in which Pascal discusses the Binomial Theorem).
Exercises
P
2.1 * Guess a formula for 1 C jnD1 j Šj , and use mathematical induction to prove
that your formula is correct.
p
2.2 * Prove that if m 2 is an integer not divisible by any prime p with p m,
then m is a prime. Use this to prove that the numbers n2 n C 41 are prime for
all n 40.
2.3 * Let m1 ; m2 ; : : : ; mn be integers such that gcd.mi ; mj / D 1 for all i ¤ j . If
each mi divides an integer k, prove that their product m1 m2 mn also divides k.
Hint: Use Exercise 1.58 on page 35.
2.4 * If a is positive, give two proofs that
an 1
1 C a C a2 C C an 1
D ;
a 1
by induction on n 0 and by multiplying the left-hand expression by .a 1/.
i i
“book2” — 2013/5/24 — 8:18 — page 53 — #73
i i
2.5 Let x > 1 be a real number. Prove that .1 C x/n 1 C nx for all n 1.
2.6 What is the smallest value of k so that 2n > n3 for all n k? Why?
2.7 Assuming the product rule for derivatives, .fg/0 D f 0 g C fg0 , prove that
.x n /0 D nx n 1
for all integers n 1:
2.8 In high school, nŠ is usually defined as 1 2 3 n. Show that this agrees with
the definition on page 51 for all n 1.
2.9 (Double Induction) Let k; k 0 be integers, and let S.m; n/ be a doubly indexed
family of statements, one for each pair of integers m k and n k 0 . Suppose
that
(i) S.k; k 0 / is true,
(ii) if S.m 1; k 0 / is true, then S.m; k 0 / is true,
(iii) if S.m; n 1/ is true for all m k, then S.m; n/ is true for all m k.
Prove that S.m; n/ is true for all m k and n k 0 .
2.10 Prove that .m C 1/n > mn for all m; n 1.
2.11 Prove the Laws of Exponents by Double Induction.
Unique Factorization
Induction is useful in number theory. As a simple example, we generalize Eu-
clid’s Lemma to more than two factors.
Theorem 2.8 (Euclid’s Lemma). If p is a prime and p j a1 a2 an , where

n 2, then p j ai for some i .
Proof. The proof is by induction on n 2. The base step is Theorem 1.21. To “The proof is by induction
prove the inductive step, suppose that p j a1 a2 an . We may group the fac- on n 2” not only
indicates the base step, it
tors on the right side together so there are only two factors: .a1 a2 an 1 /an .
also tells which variable
By Theorem 1.21, either p j a1 a2 an 1 or p j an . In the first case, the in- will be changing in the
ductive hypothesis gives p j ai for some i n 1 and we are done. In the inductive step.
second case, p j an , and we are also done.
This proof illustrates an empirical fact. It is not always the case, in an in-
ductive proof, that the base step is very simple. In fact, all possibilities can
occur: both steps can be easy, both can be difficult, or one can be harder than
the other.
Here is an amusing inductive proof (due to Peter Braunfeld) of the existence
of the quotient and remainder in the Division Algorithm.
Proposition 2.9. If a and b are positive integers, then there are integers q
and r with b D qa C r and 0 r < a.
Proof. We do induction on b 1.
The base step: b D 1. Now a 1, because it is a positive integer. If a D 1,
choose q D 1 and r D 0; if a > 1, choose q D 0 and r D 1.
Let’s prove the inductive step. The inductive hypothesis is b 1 D qa C r ,
where 0 r < a. It follows that b D qaCr C1. Now r < a implies r C1 a.
If r C 1 < a, we are done. If r C 1 D a, then b D qa C .r C 1/ D qa C a D
.q C 1/a, and we are done in this case as well.
i i
“book2” — 2013/5/24 — 8:18 — page 54 — #74
i i
We now use induction to prove unique factorization into primes.
Theorem 2.10 (Fundamental Theorem of Arithmetic). Every integer a 2

We often use the word is a product of primes. Moreover, if
product even when there
is only one factor. Thus, a D p1 pm and a D q1 qn ;
a prime is a product of
primes. where the p’s and q’s are primes, then n D m and the q’s can be re-indexed
so that qi D pi for all i .
Proof. The existence of a factorization is Theorem 1.14. To prove uniqueness,

we may assume that m n, and we use induction on m 1. The base step is
obvious: if m D 1, then n D 1 and the given equations are a D p1 D q1 . For
the inductive step, the equation
p1 pm D q1 qn
gives pm j q1 qn . By Euclid’s Lemma, there is some i with pm j qi . But

qi , being a prime, has no positive divisors other than 1 and itself, so that
qi D pm . Re-indexing, we may assume that qn D pm . Canceling, we have
p1 pm 1 D q1 qn 1 . By the inductive hypothesis, n 1 D m 1 (so
that n D m) and the q’s may be re-indexed so that qi D pi for all i m.
Corollary 2.11. If a 2 is an integer, then there are distinct primes pi and

integers ei > 0 with
e
a D p11 pnen :
Moreover, if there are distinct primes qj and integers fj > 0 with

e f
p11 pnen D q1 1 qm
fm
;
then m D n, qi D pi and fi D ei for all i .after re-indexing the q 0 s/.
Proof. Just collect like terms in a prime factorization.

The Fundamental Theorem of Arithmetic says that the exponents e1 ; : : : ; en
e
in the prime factorization a D p11 pnen are well-defined integers determined
by a. It would not make sense to speak of the exponent of q dividing a if the
Fundamental Theorem were false; if an integer a had two factorizations, say,
a D p 2 q 5 r 6 and a D p 2 q 3 s 7 , where p; q; r; s are distinct primes, would its
q-exponent be 5 or 3?
e
It is often convenient to allow factorizations p11 pnen having some ex-
ponents ei D 0, because this allows us to use the same set of primes when
factoring two numbers. For example, 168 D 23 31 71 and 60 D 22 31 51 may be
rewritten as 168 D 23 31 50 71 and 60 D 22 3151 70 .
Lemma 2.12. Let positive integers a and b have prime factorizations

f
a D p1e1 pnen and b D p1 1 pnfn ;
where p1 ; : : : ; pn are distinct primes and ei , fi 0 for all i . Then a j b if and

only if ei fi for all i .
i i
“book2” — 2013/5/24 — 8:18 — page 55 — #75
i i
Proof. If ei fi for all i , then b D ac, where c D p1f1 e1 pnfn en . Now c

is an integer, because fi ei 0 for all i , and so a j b.
g g
Conversely, if b D ac, let the prime factorization of c be c D p1 1 pn n ,
where gi 0 for all i . It follows from the Fundamental Theorem of Arithmetic
that ei C gi D fi for all i , and so fi ei D gi 0 for all i ; that is, ei fi
for all i .
Definition. A common multiple of integers a and b is an integer m with a j m

and b j m. The least common multiple, denoted by
lcm.a; b/;
is the smallest positive common multiple if both a; b ¤ 0, and it is 0 otherwise.
The following proposition describes gcd’s in terms of prime factorizations.

This is, in fact, the method usually taught to students in elementary school for
putting fractions into lowest terms.
e f f
Proposition 2.13. Let a D p11 pnen and b D p1 1 pn n , where p1 ; : : : ; pn
are distinct primes and ei 0, fi 0 for all i . Then
m M1
gcd.a; b/ D p1 1 pnmn and lcm.a; b/ D p1 pnMn ;
where mi D minfei ; fi g, and Mi D maxfei ; fi g.
m
Proof. Define d D p1 1 pnmn . Lemma 2.12 shows that d is a (positive)
common divisor of a and b; moreover, if c is any (positive) common divisor,
then c D p1g1 pngn , where 0 gi minfei ; fi g D mi for all i . Therefore,
c j d.
A similar argument shows that D D p1M1 pnMn is a common multiple
that divides every other such.
Computing the gcd for small numbers a and b using their prime factoriza-
tions is more efficient than using Euclidean Algorithm I. For example, since
168 D 23 3150 71 and 60 D 2231 51 70 , we have gcd.168; 60/ D 22 31 50 70 D
12 and lcm.168; 60/ D 23 31 51 71 D 840. However, finding the prime factor-
ization of a large integer is very inefficient, even with today’s fanciest com-
puters; it is so inefficient that this empirical fact is one of the main ingredients
in public key cryptography, the basic reason you can safely submit your credit
card number when buying something online.
Corollary 2.14. If a and b are positive integers, then

lcm.a; b/ gcd.a; b/ D ab:
Proof. The result follows from Proposition 2.13 and Exercise 1.72 on page 40: Notice how a computa-
tional inquiry has given a
mi C Mi D ei C fi ; theorem.
where mi D minfei ; fi g and Mi D maxfei ; fi g.

Since gcd’s can be computed by Euclidean Algorithm I, this corollary al-
lows us to compute lcm’s:
lcm.a; b/ D ab= gcd.a; b/:
i i
“book2” — 2013/5/24 — 8:18 — page 56 — #76
i i
Example 2.15. Sudoku is a popular puzzle. One starts with a 9 9 grid of

cells, some filled with numbers. The object is to insert numbers in the blank
cells so that every row, every column, and every heavily bordered 3 3 box
contains the digits 1 through 9 exactly once.
6 9
3 4 3 5
1 3
8 5 2 3
4 7 8 3 5 1
5 7 6 8
1 7
5 9 6 7
3 6
Figure 2.4. Sudoku.
KenKenr is a registered KenKen is a variation of Sudoku. As in Sudoku, the object is to fill an n n

trademark of Nextoy, LLC, grid with digits: 1 through 4 for a 4 4 grid, 1 through 5 for a 5 5 grid, etc.,
2012, KenKen Puzzle LLC. so that no digit appears more than once in any row or column. That the cells
All rights reserved.
in Sudoku are filled with 1, 2, . . . , 9 is not important; one could just as well
use the first nine letters a, b, . . . , i instead. In contrast, KenKen uses arithmetic.
KenKen grids are divided into heavily bordered groups of cells, called cages,
and the numbers in the cells in each cage must produce a target number when
combined using a specified mathematical operation—either addition, subtrac-
tion, multiplication or division. Here is a 5 5 KenKen puzzle and its solution.
4– 12´ 3– 4– 12´ 3–
5 3 2 1 4
12+ 1– 12+ 1–
1 2 3 4 5
2¸ 4– 3 2¸ 4– 3
2 1 4 5 3
60´ 5+ 2¸ 60´ 5+ 2¸
4 5 1 3 2
3 4 5 2 1
Figure 2.5. KenKenr puzzle. Figure 2.6. KenKenr solution.
The difficulty in solving a KenKen puzzle arises from there being too many
ways to fill in each cage. Sometimes, the Fundamental Theorem of Arithmetic
can help. Let’s start solving the puzzle in Figure 2.5. We view the grid as a
5 5 matrix, and we’ll abbreviate “target-operation” to T-O. Consider the L-
shaped cage consisting of 4 cells whose target operation is 60. There are two
possibilities: its cells are filled with an arrangement either of 2, 2, 3, 5 or of
1, 3, 4, 5. Assume the first possibility holds. Since we cannot have both 2s in
the same row or the same column, one 2 is in position .4; 3/; the other 2 is
either in position .5; 1/ or .5; 2/. Suppose 2 sits in the .5; 1/ position. There is
a cage in the first column with T-O 4 ; its cells must contain 1 and 5. Hence,
the other cage, with T-O 2, must contain 3 and 5; it cannot. Thus, 2 sits in
i i
“book2” — 2013/5/24 — 8:18 — page 57 — #77
i i
position .5; 2/. There is a cage in the second column with T-O 4 , and its cells
must contain 1 and 5. This says that the top two cells in the second column
contain 3 and 4. But the L-shaped cage with T-O 12 must now have 1 in
position .1; 3/. This forces the column one cage, with T-O 4 , to have 5 in
position .1; 1/, because it can’t be 1. Thus, the last cage in the first row cannot
involve 1 or 5. But the only ways to fill in a 2-cell cage with T-O 3 are with
1 and 4 or with 2 and 5. Conclusion: The 4-cell cage with T-O 60 must be an
arrangement of 1, 3, 4, 5. The full solution is given in Figure 2.6. N
Strong Induction
Certain situations call for a variant of induction, called Strong Induction (or
the Second Form of Induction).
Definition. Given integers k and n k, the predecessors of n are the integers

` with k ` < n, namely, k; k C 1; : : : ; n 1 (k has no predecessor).
Theorem 2.16 (Strong Induction). Let k be an integer. If S.k/, S.k C 1/,

S.k C 2/; : : : is a sequence of statements such that
(i) Base StepW S.k/ is true, and
(ii) Inductive StepW If, for n > k, S.`/ being true for all predecessors ` of n
implies S.n/ true,
then the statements S.n/ are true for all n k.
How to Think About It. Let’s compare the two forms of induction. Both
start by verifying the base step, and both have an inductive step to prove
S.n/. The inductive hypothesis in the first form is that S.n 1/ is true; the
inductive hypothesis in Strong Induction is that all the preceding statements
S.k/; : : : ; S.n 1/ are true. Thus, Strong Induction has a stronger inductive
hypothesis (actually, each of Theorems 2.1 and 2.16 implies the other).
We are going to prove Theorem 2.16 and Theorem 2.1 simultaneously (we
haven’t yet proved the latter theorem). But first we need an easy technical
remark. The Least Integer Axiom says that every nonempty subset C of the
natural numbers N contains a smallest number; that is, there is some c0 2 C
with c0 c for all c 2 C . This axiom holds, not only for N, but for any subset
Nk D fn 2 Z W n kg
as well, where k is a fixed, possibly negative, integer. If k 0, then Nk N,

and there is nothing to prove; if k < 0, then we argue as follows. Let C
Nk be a nonempty subset. If C contains no negative integers, then C N,
and the Least Integer Axiom applies; otherwise, keep asking, in turn, whether
k; k C 1; : : : ; 1 are in C , and define c0 to be the first one that lies in C .
We have alreaady seen the basic idea of the next proof, involving Fido, on
page 46. Here are the two statements again.
Theorem 2.17 (= Theorems 2.1 and 2.16). Let k be an integer. If S.k/,

S.k C 1/, S.k C 2/; : : : is a sequence of statements such that
i i
“book2” — 2013/5/24 — 8:18 — page 58 — #78
i i
Base StepW S.k/ is true, and

Inductive StepW either
(i) if, for n > k, S.n 1/ being true implies S.n/ true,
or
(ii) if, for n > k, S.`/ being true for all predecessors ` of n implies S.n/
true,
then the statements S.n/ are true for all n k.
Proof. Let Nk D fn 2 Z W n kg. We show that there are no integers n 2 Nk

for which S.n/ is false. Otherwise, the subset C Nk , consisting of all n for
which S.n/ is false, is nonempty, and so C has a smallest element, say, c0. The
truth of the base step says that k < c0, so that c0 1 lies in Nk and hence there
is a statement S.c0 1/.
Case 1. As S.c0 / is the first false statement, S.c0 1/ must be true. Assuming
inductive step (i), S.c0 / D S ..c0 1/ C 1/ is true, and this is a contradiction.
Case 2. As S.c0 / is the first false statement, all the statements S.`/, where ` is
a predecessor of c0 , are true. Assuming inductive step (ii), the strong version,
we again reach the contradiction that S.c0 / is true.
In either case, C D ¿ (i.e., C is empty), which says that every S.n/ is

true.
Here’s a second proof that prime factorizations exist.
Proposition 2.18 (= Proposition 1.14). Every integer n 2 is a product of

primes.
Proof. The base step S.2/ is true because 2 is a prime. We prove the inductive
step. If n 2 is a prime, we are done. Otherwise, n D ab, where 2 a < n
and 2 b < n. As a and b are predecessors of n, each of them is a product of
primes:
a D pp 0 and b D qq 0 :
Hence, n D pp 0 qq 0 is a product of (at least two) primes.
The reason why strong induction is more convenient here is that it is more
natural to use S.a/ and S.b/ than to use S.n 1/; indeed, it is not at all clear
how to use S.n 1/.
The next result says that we can always factor out a largest power of 2 from
any integer. Of course, this follows easily from the Fundamental Theorem of
Arithmetic, but we prove the proposition to illustrate further situations in which
strong induction is more appropriate than the first form.
Proposition 2.19. Every integer n 1 has a unique factorization n D 2k m,

where k 0 and m 1 is odd.
Proof. We use strong induction on n 1 to prove the existence of k and m. If

n D 1, take k D 0 and m D 1. For the inductive step n 1, we distinguish
i i
“book2” — 2013/5/24 — 8:18 — page 59 — #79
i i
two cases. If n is odd, take k D 0 and m D n. If n is even, then n D 2b. Why isn’t the first form of
Since b < n, it is a predecessor of n, and so the inductive hypothesis allows us induction convenient here?
to assume b D 2` m, where ` 0 and m is odd. The desired factorization is
n D 2b D 2`C1 m.
To prove uniqueness (induction is not needed here), suppose that 2k m D
n D 2t m0 , where both k and t are nonnegative and both m and m0 are odd.
We may assume that k t. If k > t, then canceling 2t from both sides gives
2k t m D m0 . Since k t > 0, the left side is even while the right side is odd;
this contradiction shows that k D t. We may thus cancel 2k from both sides,
leaving m D m0 .
Exercises
2.12 (i) Prove that an integer a 2 is a perfect square if and only if whenever p is
prime and p j a, then p2 j a.
(ii) Prove that if an integer z 2 is a perfect square and d 4 j z 2 , then d 2 j z.
2.13 Let a and b be relatively prime positive integers. If ab is a perfect square, prove
that both a and b are perfect squares.
2.14 * Let a; b; c; n be positive integers with ab D c n . Prove that if a and b are
relatively prime, then both a and b are nth powers; that is, there are positive
integers k and ` with a D k n and b D `n .
2.15 * For any prime p and any positive integer n, denote the highest power of p
dividing n by Op .n/. That is, Corollary 2.11 guarantees
that Op is well-defined.
Op .n/ D e;
where pe j n but peC1 − n. If m and n are positive integers, prove that
(i) Op .mn/ D Op .m/ C Op .n/
˚
(ii) Op .m C n/ min Op .m/; Op .n/ . When does equality occur?
There is a generalization of Exercise 1.6 on page 6. Using a (tricky) inductive
proof (see FCAA [26], p. 11), we can prove the Inequality of the Means: if n 2
and a1 ; : : : ; an are positive numbers, then
p
n
a1 an n1 .a1 C C an /:
2.16 (i) Using the Inequality of the Means for n D 3, prove, for all triangles having a
given perimeter, that the equilateral triangle has the largest area.
Hint: Use Heron’s Formula for the area A of a triangle with sides of lengths
a; b; c: if the semiperimeter is s D 21 .a C b C c/, then
A2 D s.s a/.s b/.s c/:

(ii) What conditions on a, b, and c ensure that Heron’s formula produces 0? In-
terpret geometrically.
2.17 Let a, b, and c be positive numbers with a > b > c, and let L D 31 .a C b C c/.
(i) Show that either a > b > L > c or a > L > b > c.
(ii) Assume that a > b > L > c. Show that
L3 .L b/2c .L b/.L c/c .L c/2 L D abc:
(iii) Use part (ii) to prove the Inequality of the Means for three variables.
(iv) Show that a box of dimensions a b c can be cut up to fit inside a cube of
side length L with something left over.
i i
“book2” — 2013/5/24 — 8:18 — page 60 — #80
i i
Differential Equations
You may have seen differential equations in other courses. If not, don’t worry;
the next example is self-contained.
Definition. A differential equation is an equation involving a function y D

y.x/ and its derivatives; a solution is a function y that satisfies the equation.
R
Solving a differential equation generalizes indefinite integration: f .x/ dx
is a solution to the differential equation y 0 D f . There may
R be many solutions:
for example, if y D F .x/ is an indefinite integral of f .x/ dx, then so is
F .x/ C c for any constant c.
Assume that a differential equation has a solution y that is a power series.
Because factorials occur in the coefficients of Taylor series, let’s write a solu-
Defining 0Š D 1 allows us tion in the form
to write the coefficient of
x n in Eq. (2.2) as an =nŠ a2 2 an n
y.x/ D a0 C a1 x C x CC x C : (2.2)
for all n 0. 2Š nŠ
We ignore questions of convergence. Of course, some power series diverge,
but we are doing algebra here!
Induction arises here because we can often find y by relating its coefficients
an 1 and an .
Example 2.20. Consider the differential equation y 0 D y; that is, we seek a

function equal to its own derivative (do you know such a function?). Assuming
that y is a power series, then y has an expression as in Eq. (2.2). Using term-
by-term differentiation, we see that
a3 2 an
y 0 D a1 C a2 x C x CC xn 1
C ;
2Š .n 1/Š
so that
an an 1 n
xn 1
D x 1
for all n 1I
.n 1/Š .n 1/Š
that is, a1 D a0 , a2 D a1 , and, in fact, an D an 1 for all n 1. Rewrite the

equations: there is no restriction on a0 and, for small n, we see that an D a0 .
If this were true for all n, then
y.x/ D a0 .1 C x C 12 x 2 C C 1 n
nŠ
x C / D a0 e x :
It is true that an D a0 for all n; one proof is by induction (see Exercise 2.18
on page 62). N
Differential equations often arise with initial conditions: values of y.0/,

y 0 .0/, y 00 .0/; : : : are specified. P
If y is given by a power series .an =nŠ/x n , then y.0/ D a0 . Thus, the ini-
tial condition y.0/ D 1 chooses the solution y D e x in the preceding example.
The next example shows how strong induction can be used in solving dif-
ferential equations.
i i
“book2” — 2013/5/24 — 8:18 — page 61 — #81
i i
Example 2.21. Consider the differential equation
y 00 D y 0 C 2y (2.3)
with initial conditions
y.0/ D 2 and y 0 .0/ D 1:
Again, let’s see if there is a power series solution

a2 2
y.x/ D a0 C a1 x C x C :
2Š
Substituting y into Eq. (2.3) and equating like powers of x gives
an D an 1 C 2an 2:
Tabulating an for a few values shows a pattern. All the outputs an seem to be
1 away from a power of 2, either 1 more or 1 less. The first two entries record
the initial conditions.
n an
0 2
1 1
2 5D1C22
3 7D5C21
4 17 D 7 C 2 5
5 31 D 17 C 2 7
6 65
7 127
8 257
9 511
10 1025
Looking closer, the coefficients seem to satisfy an D 2n C . 1/n . Inductive

reasoning suggests the conjecture, and mathematical induction is a natural way
to prove it. But there is a problem. The inductive step for an involves not only
an 1 , but an 2 as well. Strong Induction to the rescue! Before dealing with the
details, we show that if the formula can be proved to hold for all an , then we
can complete our discussion of the differential equation. A solution is
X 2n C . 1/n
y.x/ D xn
nŠ
X 2n X . 1/n
D xn C xn
nŠ nŠ
X 1 X 1
D .2x/n C . x/n
nŠ nŠ
D e 2x C e x :
You can check that e 2x C e x works by substituting it into Eq. (2.3); we have
solved the differential equation. N
i i
“book2” — 2013/5/24 — 8:18 — page 62 — #82
i i
The proof of the equation relating the coefficients is by Strong Induction.
Proposition 2.22. Suppose, for all n 0, that an satisfies

8̂
<2 nD0
an D 1 nD1
:̂
an 1 C 2an 2 n > 1:
Then an D 2n C . 1/n for all integers n 0.
Proof. Because the definition has two initial values, we need to check two base
steps:
a0 D 2 D 20 C . 1/0 and a1 D 1 D 21 C . 1/1 :
If n > 1 and ak D 2k C . 1/k for all the predecessors of n, 0 k < n, then
an D an 1 C 2an 2
n 1

D 2 C . 1/n 1
C 2 2n 2
C . 1/n 2

D 2n 1
C . 1/n 1
C 2 2n
C 2 . 1/n 2 2

D 2n 1 C . 1/n 1 C 2n 1 C 2 . 1/n 2

D 2n 1 C 2n 1 C . 1/n 1 C 2 . 1/n 2
D 2 2n 1
C . 1/n 2
. 1 C 2/
n n 2
D 2 C . 1/
D 2n C . 1/n :
Exercises
2.18 * Complete the discussion in Example 2.20: show that if
a2 2 an n
y.x/ D a0 C a1 x C x C C x C
2Š nŠ
and y 0 D y, then an D a0 .
2.19 Assume that “term-by-term” differentiation holds for power series: if f .x/ D
c0 C c1 x C c2 x 2 C C cn x n C , then the power series for the derivative
f 0 .x/ is
f 0 .x/ D c1 C 2c2 x C 3c3x 2 C C ncn x n 1

C :
(i) Prove that f .0/ D c0 .

(ii) Prove, for all n 0, that if f .n/ is the nth derivative of f , then
f .n/ .x/ D nŠcn C .n C 1/ŠcnC1 x C x 2 gn .x/;
where gn .x/ is a power series.

Here is an instance in (iii) Prove that cn D f .n/ .x/.0/=nŠ for all n 0. (This is Taylor’s formula.)
which it is convenient to
This exercise shows why, in Example 2.21, that power series were denoted by
write 0Š D 1.
a0 C a1 x C .a2 =2Š/x 2 C .a3 =3Š/x 3 C .
i i
“book2” — 2013/5/24 — 8:18 — page 63 — #83
i i
2.2 Binomial Theorem 63
2.20 Find the solution to the differential equation
2y 00 y0 3y D 0:
subject to the initial conditions y.0/ D y.1/ D 1.
Answer: y D 51 e x C 54 e3x=2 .
2.2 Binomial Theorem

We now look at a result, important enough to deserve its own section, which
involves both mathematical induction and inductive reasoning. What is the pat-
tern of the coefficients in the formulas for the powers .1 C x/n of the binomial
1 C x? Let
.1 C x/n D c0 C c1x C c2 x 2 C C cn x n :
Definition. The coefficients cr are called binomial coefficients: Euler introduced

the
notation n r , and this
! symbol evolved into n r ,
n which is generally used
is the coefficient cr of x r in .1 C x/n : today:
r

The binomial coefficient nr is pronounced “n choose r ” because it also
arises in counting problems, as we shall soon see. Thus,
n
!
X n r
n
.1 C x/ D x :
r D0
r
For example,
.1 C x/0 D 1
.1 C x/1 D 1 C 1x
.1 C x/2 D 1 C 2x C 1x 2
.1 C x/3 D 1 C 3x C 3x 2 C 1x 3
.1 C x/4 D 1 C 4x C 6x 2 C 4x 3 C 1x 4:
Etymology. Binomial means aCb; trinomial means aCbCc. But monomial

usually refers to a summand of a polynomial: either ax e for a polynomial in
e
one variable, or ax11 xnen for a polynomial in several variables.
The following figure, called Pascal’s triangle, displays an arrangement of the

first few coefficients.
i i
“book2” — 2013/5/24 — 8:18 — page 64 — #84
i i
1
1 1
1 2 1
1 3 3 1
1 4 6 4 1
1 5 10 10 5 1
1 6 15 20 15 6 1
1 7 21 35 35 21 7 1
In Pascal’s triangle, an inside number (i.e., not a 1 on the border) of the

nth row can be computed by going up to the .n 1/st row and adding the two
neighboring numbers above it. For example, the inside numbers in row 4 can
be computed from row 3 as follows:
1 3 3 1
1 4 6 4 1
(4 D 1 C 3, 6 D 3 C 3, and 4 D 3 C 1). Let’s prove that this observation always
holds.
Lemma 2.23. For all integers n 1 and all r with 0 r n,

! (
n 1 if n D 0 or n D r
D n 1
n 1

r
r 1 C r if 0 < r < n:
Proof. The nth row of Pascal’s triangle is the coefficient list for .1 C x/n . The
fact that the constant term and the highest degree term have coefficient 1 is
Exercise 2.21 on page 67. For the inside terms, we claim that the coefficient of
You can also prove x r in .1 C x/n is the sum of two neighboring coefficients in .1 C x/n 1 . More
Lemma 2.23 by induc- precisely, we claim that if
tion. See Exercise 2.22 on
page 67. .1 C x/n 1
D c0 C c1 x C c2 x 2 C C cn 1x
n 1
;
and 0 < r < n, then the coefficient of x r in .1 C x/n is cr 1 C cr . We have
.1 C x/n D .1 C x/.1 C x/n 1
D .1 C x/n 1
C x.1 C x/n 1
n 1 n 1
D .c0 C C cn 1x / C x.c0 C C cn 1x /
n 1 2 n
D .c0 C C cn 1x / C .c0 x C c1x C C cn 1x /
2
D 1 C .c0 C c1 /x C .c1 C c2 /x C :

Thus nr D cr 1 C cr D nr 11 C n r 1 .
Pascal’s triangle was known centuries before Pascal’s birth; Figure 2.7 shows
a Chinese scroll from the year 1303 depicting it. Pascal’s contribution (around
1650) is a formula for the binomial coefficients.
Proposition 2.24 (Pascal). For all n 0 and all r with 0 r n,

!
n nŠ
D :
r r Š.n r /Š
i i
“book2” — 2013/5/24 — 8:18 — page 65 — #85
i i
Figure 2.7. Pascal’s triangle, China, 1303 CE.

Pascal probably discovered
this
formula by regarding
n
Proof. The proof is by induction on n 0. If n D 0, then r in a different way. We’ll
look at this in a moment.
!
0 0Š
D D 1:
0 0Š0Š
For the inductive step, note first that the formula holds when r D 0 and Here is another place
r D n: showing that defining
! 0Š D 1 is convenient.
n nŠ
D1D
0 0Š.n 0/Š
and
!
n nŠ
D1D :
n nŠ 0Š
i i
“book2” — 2013/5/24 — 8:18 — page 66 — #86
i i
If 0 < r < n, then

! ! !
n n 1 n 1
D C (Lemma 2.23)
r r 1 r
.n 1/Š .n 1/Š
D C (inductive hypothesis)
.r
1/Š.n r /Š r Š.n r 1/Š
.n 1/Š 1 1
D C
.r 1/Š.n r 1/Š n r r
.n 1/Š n nŠ
D D :
.r 1/Š.n r 1/Š r .n r / r Š.n r /Š
Theorem 2.25 (Binomial Theorem). (i) For all real numbers x and all in-
tegers n 0,
n
X n
X
n nŠ
.1 C x/n D xr D xr :
r D0
r r D0
r Š.n r /Š
(ii) For all real numbers a and b and all integers n 0,

! n
Xn
n n r r X nŠ
n
.a C b/ D a b D an r r
b :
r r Š.n r /Š
r D0 r D0

Proof. (i) This follows from replacing nr by Pascal’s formula in Proposi-
tion 2.24.
(ii) The result is trivially true when a D 0 (we have agreed that 00 D 1). If
a ¤ 0, set x D b=a in part (i), and observe that
b n a C b n .a C b/n
1C D D :
a a an
Hence,
! !
b n X n
n br X n
n n
n n n r r
.a C b/ D a 1C Da D a b :
a r D0
r ar r D0
r
There are many beautiful connections between Pascal’s triangle

and number
theory. For example, while it is not generally true that n j nr (for example,

4 − 6 D 42 ), this result is true when n is prime.
p
Proposition 2.26. If p is a prime, then p j r
for all r with 0 < r < p.
Proof. By Pascal’s Theorem,

!
p pŠ p.p 1/ .p r C 1/
D D ;
r r Š.p r /Š rŠ
and cross multiplying gives

!
p
rŠ D p.p 1/ .p r C 1/I
r
i i
“book2” — 2013/5/24 — 8:18 — page 67 — #87
i i

that is, p j r Š pr . But each factor of r Š is strictly less than p, because r < p,
so that p is not a divisor of any of them.Therefore, Euclid’s Lemma says that
p − r Š and, hence, that p must divide pr .
Example 2.27. The Binomial Theorem can be used to express the sum of the
nth powers of two variables a and b in terms of the “elementary symmetric
functions” a C b and ab. Here are some examples for n D 2; 3; 4; from
.a C b/2 D a2 C 2ab C b 2
we have
a2 C b 2 D .a C b/2 2ab:
From
.a C b/3 D a3 C 3a2 b C 3ab 2 C b 3
we conclude
a3 C b 3 D .a C b/3 3ab.a C b/:
For n D 4,
.a C b/4 D a4 C 4a3 b C 6a2 b 2 C 4ab 3 C b 4

D .a4 C b 4 / C 4ab.a2 C b 2 / 6.ab/2 :
Hence,
a4 C b 4 D .a C b/4 4ab.a2 C b 2 / C 6.ab/2
We can now replace a2 Cb 2 by the already computed expression .aCb/2 2ab,

collect like terms, and have an expression for a4 C b 4 in terms of a C b and
ab.
We could proceed inductively, expressing an C b n in terms of a C b and ab
for n 5. Try a few more examples; you’ll get the sense that there’s a general
method expressing an C b n in terms of a C b, ab, and other terms like ak C b k
with k < n. N
Exercises
2.21 * Show, without using the Binomial Theorem, that, if n 0 is an integer, then
(i) the degree of .1 C x/n is n
(ii) the leading coefficient of .1 C x/n is 1
(iii) the constant term of .1 C x/n is 1.
2.22 Prove Lemma 2.23 by induction on n 0.
2.23 Prove that the binomial coefficients are symmetric: for all r with 0 r n,
! !
n n
D :
r n r
i i
“book2” — 2013/5/24 — 8:18 — page 68 — #88
i i
2.24 Find a formula for the sum of the entries in the nth row of Pascal’s triangle and
prove your assertion.
2.25 If n 1, find a formula for the alternating sum of the binomial coefficients in the
nth row of Pascal’s triangle:
! ! ! !
n n n n n
C C . 1/ :
0 1 2 n
Prove what you say.

Hint: Consider f .x/ D .1 C x/n when x D 1.
2.26 If n 1, find a formula for the sum of the squares of the binomial coefficients in
the nth row of Pascal’s triangle:
!2 !2 !2 !2
n n n n
C C C :
0 1 2 n
Prove what you say.

n
2.27 Prove, for a given n 1, that the sumof all the binomial coefficients r with r
even is equal to the sum of all those nr with r odd.
2.28 The triangular numbers count the number of squares in a staircase of height n.
Figure 2.8 displays the staircases of height n for 1 n 5.
Figure 2.8. Triangular numbers.
(i) Find a formula for the nth triangular number in terms of binomial coefficients,
and prove your assertion. Compare this exercise with the discussion of the
.n C 1/ .n C 1/ square in Example 2.6.
(ii) Show that the sum of two consecutive triangular numbers is a perfect square.
2.29 Take It Further. Using the notation of Example 2.27, use the Binomial Theorem
and induction to show that an C b n can be expressed in terms of a C b and ab.
2.30 Pascal’s triangle enjoys a sort of hockey stick property: if you start at the end of
any row and draw a hockey stick along a diagonal, as in Figure 2.9, the sum of the
entries on the handle of the stick is the entry at the tip of the blade. Express the
hockey stick property as an identity involving binomial coefficients and prove the
identity.
2.31 (Leibniz) A function f W R ! R is called a C1 -function if it has an nth deriva-
tive f .n/ .x/ for every n 1. Prove that if f and g are C 1 -functions, then
n
!
X n
.n/
.fg/ .x/ D f .k/ .x/ g.n k/ .x/:
k
kD0
In spite of the strong resemblance, there is no routine derivation of the Leibniz

formula from the Binomial Theorem (there is a derivation using an idea from
hypergeometric series).
i i
“book2” — 2013/5/24 — 8:18 — page 69 — #89
i i
1
1 1
1 2 1
1 3 3 1
1 4 6 4 1
1 5 10 10 5 1
1 6 15 20 15 6 1
1 7 21 35 35 21 7 1
1 8 28 56 70 56 28 8 1
1 9 36 84 126 126 84 36 9 1
1 10 45 120 210 252 210 120 45 10 1
1 11 55 165 330 462 462 330 165 55 11 1
1 12 66 220 495 792 924 792 495 220 66 12 1
1 13 78 286 715 1287 1716 1716 1287 715 286 78 13 1
1 14 91 364 1001 2002 3003 3432 3003 2002 1001 364 91 14 1
1 15 105 455 1365 3003 5005 6435 6435 5005 3003 1365 455 105 15 1
Figure 2.9. Hockey sticks.
2.32 * If p is a prime and a and b are integers, prove that there is an integer c with
.a C b/p D ap C b p C pc:
Combinatorics
Binomial coefficients have a combinatorial interpretation. Given a set X with
n elements, define an r-subset of X to be a subset having exactly r elements.
How many r -subsets of X are there?
Example 2.28. There are ten 3-element subsets of the 5-element set X D
fA; B; C; D; Eg. Think of forming a 3-person committee from 5 people. A com-
mittee either contains Elvis or doesn’t. The committees are
fA; B; C g fA; B; Dg fB; C; Dg fA; C; Dg
fA; B; Eg fA; C; Eg fA; D; Eg fB; C; Eg fB; D; Eg fC; D; Eg
The first row consists of the 3-subsets that don’t contain Elvis (there are four
such); the second row displays the 3-subsets that do contain Elvis (there are
six of these). N
In general, if X has n elements and 0 r n, denote the number of its

r -element subsets by
Œn; r I
that is, Œn; r is the number of ways one can choose r things from a box of n
things. Note that:
(i) Œn; 0 D 1 (there’s only one 0-subset, the empty set ¿). When n D 0, items (i)
(ii) Œn; n D 1 (there’s only one n-subset of X, X itself). and (ii) give the same
answer. Why does this
If 0 < r < n, you can compute Œn; r using the committee idea in Exam- make sense?
ple 2.28. If X D fa1 ; a2 ; : : : ; an g and you want to build an r -subset, first
choose a “distinguished” element of X, say an , and call him Elvis. Either your
subset contains Elvis or it doesn’t.
i i
“book2” — 2013/5/24 — 8:18 — page 70 — #90
i i
Case 1. If Elvis is in your r -subset, then you must pick r 1 elements from
the remaining n 1; by definition, there are Œn 1; r 1 ways to do this.
Case 2. If Elvis is not in your r -subset, then you must pick all r elements from
the remaining n 1; there are Œn 1; r ways to do this.
It follows that Œn; r D Œn 1; r 1 C Œn 1; r . We have proved the following

result.
Lemma 2.29. For all integers n 1 and all r with 0 r n,

(
1 if n D 0 or n D r
Œn; r D
Œn 1; r C Œn 1; r if 0 < r < n.
The similarity between Lemmas 2.23 and 2.29 inspires

the next theorem.
It is also the reason why the binomial coefficient nr is usually pronounced
“n choose r .”
Theorem 2.30 (Counting Subsets). If n and r are nonnegative integers with

0 r n, then
!
n
D Œn; r :
r
Proof. Use induction on n 0. If n D 0, the inequality 0 r n forces

r D 0, and
!
0
D 1 D Œ0; 0:
0
Suppose the result is true for n 1. If 0 r n, then

! ! !
n n 1 n 1
D C Lemma 2.23
r r 1 r
D Œn 1; r 1 C Œn 1; r inductive hypothesis
D Œn; r Lemma 2.29.
Theorems can often be proved in several ways. The following discussion

gives another proof of Theorem 2.30 using Pascal’s formula (Proposition 2.24)
instead of Lemmas 2.23 and 2.29.
We first compute Œn; r by considering a related question.
Definition. Given an “alphabet” with n (distinct) letters and an integer r with

1 r n, an r-anagram is a sequence of r of these letters with no repetitions.
For example, the 2-anagrams on the alphabet a, b, c are
ab; ba; ac; ca; bc; cb
(note that aa, bb, cc are not on this list). How many r -anagrams are there on an
alphabet with n letters? We count the number of such anagrams in two ways.
i i
“book2” — 2013/5/24 — 8:18 — page 71 — #91
i i
(i) There are n choices for the first letter; since no letter is repeated, there are
only n 1 choices for the second letter, only n 2 choices for the third
letter, and so forth. Thus, the number of r -anagrams is
n.n 1/.n 2/ .n .r 1// D n.n 1/.n 2/ .n r C 1/:
In the special case n D r , the number of n-anagrams on n letters is nŠ.

(ii) Here is a second way to count the anagrams. First choose an r -subset of
the alphabet (consisting of r letters); there are Œn; r ways to do this, for
this is exactly what the symbol Œn; r means. For each chosen r -subset,
there are r Š ways to arrange the r letters in it (this is the special case of
our first count when n D r ). The number of r -anagrams is thus
r Š Œn; r :
We conclude that
r Š Œn; r D n.n 1/.n 2/ .n r C 1/;
from which it follows that

n.n 1/.n 2/ .n r C 1/ nŠ
Œn; r D D :
rŠ .n r /Š r Š
Therefore, Pascal’s formula gives

!
n
Œn; r D :
r
If you piece together the results of this section, you’ll see that we have
shown that the following ways to define binomial coefficients are all equiva-
lent: starting from any one of them, you can derive the others.
n
Algebraic: r
is the coefficient of x r in the expansion of .1 C x/n .
Pascal:
!
n nŠ
D :
r r Š .n r /Š
n
Combinatorial: r
is the number of r -element subsets of an n-element set.
Inductive:
! (
n 1 if n D 0 or n D r
D n 1 n 1

r r 1 C r if 0 < r < n.
Example 2.31. If you replace the symbols by their definition, Theorem 2.30
says something that is far from obvious: the coefficient of x r in .1 C x/n is
the same as the number of r -element subsets of an n-element set. The proof by
induction of Theorem 2.30 establishes this, but many people are left wondering
if there is a more intuitive reason why the expansion of .1 C x/n contains all
the information about subsets of various sizes from an n-element set.
i i
“book2” — 2013/5/24 — 8:18 — page 72 — #92
i i
If you were going to multiply out .1 C x/5 by hand, you could view the
calculation like this:
.1 C x/5 D .1 C x/.1 C x/.1 C x/.1 C x/.1 C x/
The expansion is carried out by taking one term (1 or x) from each binomial
factor 1 C x, multiplying them together, and then collecting like powers of x.
For example, you could take a “1” from each of the first three binomials and
an x from the last two. That would produce 1 1 1 x x D x 2 . But that’s
not the only way to get an x 2 . You could have taken an x from the first and
third binomials and 1 from the rest. Or an x from the first two binomials and 1
from the last three. Do this in every possible way; the coefficient of x 2 in the
expansion will be the number of ways you can pick two binomials from the set
of five to be “x terms.” And there are precisely 10 D Œ5; 2 ways to do this.
Generalizing, view .1 C x/n as a product of n binomials:
.1 C x/n D .1 C x/.1 C x/.1 C x/ : : : .1 C x/:

„ ƒ‚ …
n times:
The coefficient of x r in this product is the number of ways you can choose r of
the binomials to be “x terms” (and the rest to be 1). This number is precisely
Œn; r . Hence
n
X
.1 C x/n D Œn; r x r :
r D0
When combined with the definition of binomial coefficients on page 63, this
gives another proof that nr D Œn; r . N
Exercises
2.33 *
(i) For each value of r, 0 r 4, how many r-element subsets of the set
fA; B; C; Dg are there?
(ii) For each value of r, 0 r 5, how many r-element subsets of the set
fA; B; C; D; Eg are there?
2.34 How many subsets (of any size) are there in an n-element set? Prove your asser-
tion.
2.35 Show that
! r
! !
2n X n n
D :
r k r k
kD0
Hint: Split a 2n-element set into two equal pieces.

2.36 Show that
! r
! !
3n X n 2n
D :
r k r k
kD0
i i
“book2” — 2013/5/24 — 8:18 — page 73 — #93
i i
2.3 Connections 73
2.37 If m, n, and r are nonnegative integers, prove Vandermonde’s Identity:

! r
! !
mCn X m n
D :
r k r k
kD0
Hint: .1 C x/mCn D .1 C x/m .1 C x/n .

2.38 Show that
n
!
X n
k D n2n 1
:
k
kD0
2.39 How many ways can you choose two hats from a closet containing 14 different
hats? (One of our friends does not like the phrasing of this exercise. After all,
you can choose two hats with your left hand, with your right hand, with your
teeth, : : : , but we continue the evil tradition.)
2.40 Let D be a collection of ten different dogs, and let C be a collection of ten dif-
ferent cats. Prove that there are the same number of quartets of dogs as there are
sextets of cats.
2.41 (i) What is the coefficient of x 16 in .1 C x/20 ?
(ii) How many ways are there to choose 4 colors from a palette containing paints
of 20 different colors?
2.42 A weekly lottery asks you to select 5 different numbers between 1 and 45. At the
week’s end, 5 such numbers are drawn at random, and you win the jackpot if all
your numbers match the drawn numbers. What is your chance of winning?
The number of selections of 5 numbers is “45 choose 5”, which is 45 5 D
1; 221; 759. The odds against your winning are more than a million to one.
2.3 Connections
An Approach to Induction
Teaching mathematical induction to high school students is often tough. In
particular, many students fall into the trap we described on page 49: in spite
of all our explanations to the contrary, they think that the inductive hypothesis
assumes what it is they are supposed to be proving. In this section, we look at
a well-tested method that avoids this trap.
Suppose you ask a class to come up with a function that agrees with the
table
Input Output
0 4
1 7
2 10
3 13
4 16
5 19
We’ve found that about half a high school class (beginning algebra, say) comes
up with a closed form definition, something like f .n/ D 3nC4; while the other
i i
“book2” — 2013/5/24 — 8:18 — page 74 — #94
i i
half comes up with an inductive definition—something like “start with 4, and

each output is 3 more than the previous one.” This inductive definition can be
written more formally:
(
Of course, beginning
4 if n D 0
g.n/ D
students don’t usually g.n 1/ C 3 if n > 0.
write the definition of g
using this case notation. That inductive definitions (or recursive definitions, as they are often called)
Technology can help get seem to be, in some sense, natural for students, can be exploited to help stu-
them used to it.
dents understand proof by induction.
Computer algebra systems (CAS) let you model the two definitions. Build-
The part of g’s definition ing such computational models allows students to experiment with both func-
involving n, the equation tions, and it also provides an opportunity to launch some important ideas. For
g.n/ D g.n 1/ C 3, is example, a teacher can use the models to discuss the domain of each function—
called a recurrence.
f accepts any real number, but g will accept only nonnegative integers.
Here’s what’s most germane to this section. If you try some values in a
spreadsheet or calculator, it seems, for a while, that f and g produce the same
output when given the same input. But at some point (exactly where depends
on the system), f outputs an integer but g surrenders. Suppose this happens,
for example, at 255: both functions return 766 at 254, but f .255/ D 769
while g returns an error. Is this because f and g really are not equal at 255?
Or is it because of the limitations of the technology? Many students will say
immediately that the functions are equal when n D 255; it’s just that the com-
puter can’t compute the value of g there. Tell the students, “I believe you that
f .254/ D g.254/. Convince me that they are also equal at 255.”
After some polishing and a little help, their argument usually goes some-
thing like this.
g.255/ D g.254/ C 3 (this is how g is defined)
D f .254/ C 3 (the calculator said so—they both output 766)
D .3 254 C 4/ C 3 (this is how f is defined)
D .3 254 C 3/ C 4 (algebra)
D 3.254 C 1/ C 4 (more algebra)
D 3 255 C 4 (arithmetic)
D f .255/ (this is how f is defined).
There’s nothing special about 255 here. If you had a more powerful calculator,
one that handled inputs to g up to, say, 567 (and then crashed at 568), you
could argue that f and g were equal at 568, too.
g.568/ D g.567/ C 3 (this is how g is defined)
D f .567/ C 3 (the powerful calculator said so)
D .3 567 C 4/ C 3 (this is how f is defined)
D .3 567 C 3/ C 4 (algebra)
D 3.567 C 1/ C 4 (more algebra)
D 3 568 C 4 (arithmetic)
D f .568/ (this is how f is defined).
Computing g.568/ is the same as computing g.255/. Now imagine that you
had a virtual calculator, one that showed that f and g agreed up to some integer
i i
“book2” — 2013/5/24 — 8:18 — page 75 — #95
i i
2.3 Connections 75
n 1, but then crashed when you asked for g.n/. You could show that f and
g are equal at n by the same argument:
g.n/ D g.n 1/ C 3 (this is how g is defined)
D f .n 1/ C 3 (the virtual calculator said so)
D .3 .n 1/ C 4/ C 3 (this is how f is defined)
D 3n C 4 (algebra)
D f .n/ (this is how f is defined).
So, every time f and g are equal at one integer, they are equal at the next
one. Since f and g are equal at 0 (in fact, since they are equal at every integer
between 0 and 254), they are equal at every nonnegative integer.
This argument is the essence of mathematical induction. In the example, it
shows that if two functions f and g are equal at one integer, then they are
equal at the next one. Coupled with the fact that they are equal at 0, it makes
sense that they are equal for all integers greater than or equal to 0; that is,
f .n/ D g.n/ for all nonnegative integers n.
We have seen that induction applies in much more general situations than
this one. But this simple context is quite effective in starting students onto a
path that helps them understand induction.
Fibonacci Sequence
Many interesting investigations in high school center around the following se-
quence, which describes a pattern frequently found in nature and in art.
Definition. The Fibonacci sequence is defined by:

0 nD0
Fn D 1 nD1
Fn 1 C Fn 2 n > 1:
There are two base steps in the definition: n D 0 and n D 1. The Fibonacci
sequence begins: 0; 1; 1; 2; 3; 5; 8; 13; : : :.
Historical Note. The Fibonacci sequence is related to the golden ratio, a

number mentioned in Euclid, Book 6, Proposition 30. It is said that the ancient
Greeks thought that a rectangular figure is most pleasing to the eye (such rect-
angles can be seen in the Parthenon in Athens) if its edges a and b are in the
proportion
a b
D :
b aCb
In this case, a.aCb/ D b 2 , so that b 2 ab a2 Dp0; that is, .b=a/2 .b=a/ 1
D 0. The quadratic formula gives b=a D 12 .1 ˙ 5/. Therefore,
p p
b=a D D 12 .1 C 5/ or b=a D ı D 12 .1 5/:
But ı is negative, and so we must have
p
b=a D D 12 .1 C 5/:
i i
“book2” — 2013/5/24 — 8:18 — page 76 — #96
i i
Figure 2.10. Golden rectangle.
The number D 1:61803 : : :, is called the golden ratio. Since both and ı
are roots of x 2 x 1, we have
2 D C 1 and ı 2 D ı C 1: (2.4)
So, what’s the connection of the golden ratio to the Fibonacci sequence?
We discovered the closed form for the sequence cn in Proposition 2.22 by
tabulating the first few terms of the sequence and looking for regularity—it
seemed “almost” exponential, off by 1 from a power of 2.
Let’s tabulate the first few ratios of consecutive terms Fn =Fn 1 of the Fi-
bonacci sequence.
F1 =F0 D 1=1 D 1
F2 =F1 D 2=1 D 2
F3 =F2 D 3=2 D 1:5
F4 =F3 D 5=3 D 1:666
F5 =F4 D 8=5 D 1:6
F6 =F5 D 13=8 D 1:625:
If you tabulate a few more ratios (try it), a conjecture emerges—it appears that
the ratio of two consecutive terms in the Fibonacci sequence might converge to
the golden ratio 1:61803 (if the ratios were actually constant, Fn would
be a geometric sequence (why?)). This is, in fact, the case, and you’ll see, in
Exercise 2.50 on page 78, how to refine the conjecture into the statement of the
following theorem (the exercise will also help you develop a method that will
let you find closed forms for many 2-term recurrences).
Theorem 2.32. For all n 0, the nth term of the Fibonacci sequence satisfies
Fn D p1 . n ı n /;
5
p p
where D 21 .1 C 5/ and ı D 12 .1 5/:
Proof. We use strong induction because the inductive step involves the formu-
las for both Fn 1 and Fn 2 . The base steps S.0/ and S.1/ are true:
p1 . 0 ı 0/ D 0 D F0
5
p p
p1 . ı/ D p1 21 .1 C 5/ 1
5 5 2 .1 5/ D 1 D F1 :
If n 2, then
i i
“book2” — 2013/5/24 — 8:18 — page 77 — #97
i i
2.3 Connections 77
Fn D Fn 1 C Fn 2
D p1 . n 1 ı n 1 / C p1 . n 2 ı n 2 /
5 5
n 1 n 2

D p1
5
. C / .ı n 1 C ı n 2 /

D p1 n 2 . C 1/ ı n 2 .ı C 1/
5

D p1 n 2 . 2 / ı n 2 .ı 2 / by Eq. (2.4)
5
D p1 . n ı n /:
5
Isn’t it
pcurious that the integers Fn are expressed in terms of the irrational
number 5?
p If n D 2, then F2 D 1 D
1
Corollary 2.33. Fn > n 2
for all integers n 3, where D 2
1C 5. 0 , and so there is equality,
not inequality.
Proof. The proof is by induction on n 3. The base step S.3/ is true, for
F3 D 2 > 1:618. For the inductive step, we must show that FnC1 > n 1 .
By the inductive hypothesis,
FnC1 D Fn C Fn 1 > n 2
C n 3
D n 3
. C 1/ D n 3 2
D n 1
:
Exercises
2.43 Show that the following functions agree on all natural numbers.
(
5 if n D 0
f .n/ D 3n C 5 and g.n/ D
g.n 1/ C 3 if n > 0.
2.44 Show that the following two functions agree on all natural numbers.
(
4 if n D 0
f .n/ D 4n and g.n/ D
4g.n 1/ if n > 0.
2.45 Define the function h inductively:

(
4 if n D 0
h.n/ D
h.n 1/ C 2n if n > 0
Find a polynomial function p that agrees with h on all natural numbers, and prove
that your functions are equal on N.
Answer: n2 C n C 4.
2.46 Define the function m inductively:
(
0 if n D 0
m.n/ D
m.n 1/ C n2 if n > 0
Find a polynomial function s that agrees with m on all natural numbers, and prove
that your functions are equal on N.
2n3 C3n2 Cn n.nC1/.2nC1/
Answer: 6 D 6 .
i i
“book2” — 2013/5/24 — 8:18 — page 78 — #98
i i
2.47 Consider the two functions f and g:
f .x/ D x 4 6x 3 C 14x 2 6x C 2
and
(
2 if x D 0
g.x/ D
s.x 1/ C 6x 3 if x > 0.
Are f and g equal on N?

2.48 Find a formula for 02 C 12 C 22 C C .n 1/2 as a function of n, and prove
your assertion.
2.49 You saw, on page 76, that the ratio of two consecutive terms seems to converge to
the golden ratio. Using only the recurrence
Fn D Fn 1 C Fn 2 for all n 2;
show that
Fn 1
p
lim D 2 .1 C 5/:
n!1 Fn 1
2.50 * You saw, on page 76, that the Fibonacci sequence seems to be “almost” expo-
nential.
(i) Suppose the Fibonacci sequence actually was exponential: Fn D r n . Show
that r would have to be either
p p
1C 5 1 5
D or ı D :
2 2
(ii) Show that the sequences n and ın satisfy the recurrence
fn D fn 1 C fn 2:
(iii) If a and b are any real numbers, show that a n C bın satisfies the recurrence
fn D fn 1 C fn 2:
(iv) Without using Theorem 2.32, find a and b so that
a n C bın D Fn :
2.51 Ms. D’Amato likes to take a different route to work every day. She will quit her
job the day she has to repeat her route. Her home and work are pictured in the grid
of streets in Figure 2.11. If she never backtracks (she only travels north or east),
how many days will she work at her job?
A valid trip Another valid trip Not a valid trip
Figure 2.11. Ms. D’Amato.
i i
“book2” — 2013/5/24 — 8:18 — page 79 — #99
i i
2.3 Connections 79
2.52 Find a closed form for each of the following functions and prove your assertions.
(
4 nD0
(i) f .n/ D
f .n 1/ C 3 n > 0:
Answer: f .n/ D 3n C 4.
(
4 nD0
(ii) f .n/ D
3f .n 1/ n > 0:
Answer: f .n/ D 4 3n .
˚2 nD0
(iii) f .n/ D 4 nD1
4f .n 1/ 3f .n 2/ n > 1:
Answer: f .n/ D 3n C 1.
˚4 nD0
(iv) f .n/ D 4 nD1
4f .n 1/ 3f .n 2/ n > 1:
Answer: f .n/ D 4.
2.53 Find a closed form for the following function and prove your assertion.
„3 nD0
4 nD1
f .n/ D
14 nD2
4f .n 1/ f .n 2/ 6f .n 3/ n > 2:
2.54 Take It Further. Find or generate a copy of the first 30 rows of Pascal’s triangle.
Color the odd numbers red and the even numbers black. Explain any patterns that
you see. (Alternatively, you can use a spreadsheet to generate the triangle of 0s
and 1s that are the remainders when each entry is divided by 2.) For more on this
exercise, see
ecademy.agnesscott.edu/˜ lriddle/ifs/siertri/Pascalmath.htm
i i
“book2” — 2013/5/24 — 8:18 — page 80 — #100
i i
i i
“book2” — 2013/5/24 — 8:18 — page 81 — #101
i i
3 Renaissance
For centuries, the Western World believed that the high point of civilization
took place from the Greek and Roman eras through the beginning of Chris-
tianity. But this worldview began to change dramatically about five hundred
years ago. The printing press was invented around 1450, by Johannes Guten-
berg, Christopher Columbus landed in North America in 1492, Martin Luther
began the Reformation in 1517, and Nicolas Copernicus published De Revolu-
tionibus in 1530.
Mathematics was also developing. A formula giving the roots of certain
cubic polynomials, similar to the quadratic formula, was discovered by Scipi-
one del Ferro around 1515; by 1545, it was extended to all cubics by Fontana
(Tartaglia) and Cardano. The cubic formula contributed to the change in world-
view that was the essence of the Renaissance, for it was one of the first math-
ematical results not known to the ancients. But its impact on contemporary
mathematics was much deeper, for it introduced complex numbers. As we shall
see, the cubic formula is not as useful for numerical computations as we’d like,
because it often gives roots in unrecognizable form. Its importance, however,
lies in the ideas it generated. Trying to understand the formula, searching for
generalizations of it, and studying questions naturally arising from such en-
deavors, were driving forces in the development of abstract algebra.
In many high school algebra courses today, the complex numbers, usually
denoted by C, are introduced to find the roots of ax 2 Cbx Cc when b 2 4ac <
0. That’s not how it happened. Square roots of negative real numbers occur in
the cubic formula, but not as roots; indeed, in the 16th century, complex roots
would have been considered useless. But complex numbers arose in the middle
of calculations, eventually producing real numbers (we will see this explicitly
in the next section). To understand this phenomenon, mathematicians were
forced to investigate the meaning of number; are complex numbers bona fide
numbers? Are negative numbers bona fide numbers?
Section 3.1 discusses the classical formulas giving the roots of cubic and
quartic polynomials. We will look more carefully at the complex numbers
themselves in Section 3.2. Although initially used in purely algebraic contexts,
C has a rich geometric and analytic structure that, when taken together with its
algebraic properties, can tie together many of the ideas in high school mathe-
matics. Indeed, C finds applications all over mathematics. Section 3.4 uses C
to solve some problems that are especially useful for teachers (and interesting
for all mathematicians). Just as the method of Diophantus was used to create
Pythagorean triples, C can be used to invent problems whose solutions “come
out nice.”
81
i i
“book2” — 2013/5/24 — 8:18 — page 82 — #102
i i
82 Chapter 3 Renaissance
3.1 Classical Formulas

As Europe emerged from the Dark Ages, a major open problem in mathemat-
ics was finding solutions to polynomial equations. The quadratic formula had
been known for about four thousand years and, arising from a tradition of pub-
lic mathematical contests in Pisa and Venice, formulas for the roots of cubics
and quartics had been found in the early 1500s. Let’s look at these formulas
in modern algebraic notation; we will assume for now that the complex num-
bers obey the usual laws of arithmetic (neither of these simplifying steps was
available to mathematicians of the 16th century).
Historical Note. Modern arithmetic notation was introduced in the late

1500s, but it was not generally agreed upon in Europe until after the influ-
ential book of Descartes, La Géométrie, was published in 1637 (before then,
words and abbreviations were used as well as various competing notations).
p
The symbols +, , and , as well as the symbol / for division, as in 4=5,
were introduced by Widman in 1486. The equality sign, D, was invented by
Recorde in 1557. Designating variables by letters was invented by Viète in
1591, who used consonants to denote constants and vowels to denote vari-
ables; the modern notation, using the letters a; b; c; : : : to denote constants and
the letters x; y; z at the end of the alphabet to denote variables, was introduced
by Descartes in 1637. The exponential notation 22; 23 ; 24; : : : was essentially
invented by Hume in 1636, who wrote 2ii , 2iii , 2iv ; : : : : The symbol for mul-
tiplication was introduced by Oughtred in 1631; the symbol for division was
introduced by Rahn in 1659. See Cajori [6].
Cubics
The following familiar fact (to be proved in Chapter 6) was known and used
by Renaissance mathematicians, and we will use it in this section.
Proposition 6.15. If r is a root of a polynomial f .x/, then x r is a factor
of f .x/I that is, f .x/ D .x r /g.x/ for some polynomial g.x/.
One of the simplest cubics is f .x/ D x 3 1. Obviously, 1 is root of f , and
so x 3 1 D .x 1/g.x/, where
g.x/ D .x 3 1/=.x 1/ D x 2 C x C 1:
The roots of g (and, hence, also of f ) are

p p
! D 12 . 1 C i 3/ and ! D 21 . 1 i 3/;
by the quadratic formula. Both ! and ! are called cube roots of unity, for
! 3 D 1 D ! 3 . Note that ! D ! 2 D 1=!. p
We know that a positive number a has two square roots. By convention,
p a
denotes the positive square root, so that the two square
p roots are ˙ a. Any
3
real number a has three cube roots. Byp convention,
p pa denotes the real cube
3 3 2 3
root, so that the three cube roots are a; ! a; ! a. Thus, cube roots of
unity generalize ˙.
The general cubic equation aX 3 C bX 2 C cX C d D 0 can be simplified
by dividing both sides by a; this procedure does not affect the roots, and so
i i
“book2” — 2013/5/24 — 8:18 — page 83 — #103
i i
3.1 Classical Formulas 83
we may assume that a D 1. Thus, we seek the roots of the cubic polynomial
F .X/ D X 3 C bX 2 C cX C d , where b; c; d 2 R. The change of variable
1
XDx 3
b
yields a simpler polynomial, f .x/ D F .x 31 b/ D x 3 C qx C r , where q

and r are expressions in b, c, and d . We call f the reduced polynomial arising
from F . Exercise 3.5 on page 89
asks you to check that
3
Lemma 3.1. Let f .x/ D x C qx C r be the reduced polynomial arising from the coefficient of x 2 in
F .X/ D X 3 C bX 2 C cX C d D 0. If u is a root of f , then u 13 b is a root F .x 31 b/ D .x 13 b/3 C
of F . b.x 13 b/2 Cc.x 31 b/Cd
is zero.
Proof. Since f .x/ D F .x 31 b/ for all x, we have 0 D f .u/ D F .u 1
3 b/;
that is, u 13 b is a root of F .X/.
We will use the following consequence of the quadratic formula.
Lemma 3.2. Given a pair of numbers M and N , there are .possibly complex/
numbers g and h with g C h D M and gh D N . In fact, g and h are roots of
x2 M x C N .
Proof. We have
.x g/.x h/ D x 2 .g C h/x C gh:
Thus, the roots g; h of f .x/ D x 2 M x C N (which exist, thanks to the
quadratic formula) satisfy the given equations g C h D M and gh D N .
Let’s try to find a general method for solving cubic equations—a method
that doesn’t depend on the specific values of the coefficients—by first solving
a numerical equation.
Consider the polynomial f .x/ D x 3 18x 35. Since the constant term
35 D 5 7, we check whether ˙1; ˙5; ˙7 are roots. It turns out that 5 is a
root and, dividing by x 5, we can find the other two roots by solving the You can check that the
quadratic f .x/=.x 5/ D x 2 C 5x C 7. But we are looking for a general other two roots are
complex. Renaissance
method applicable to other cubics, so let’s pretend we don’t know that 5 is a
mathematicians would
root. have dismissed these as
It’s natural to look for a polynomial identity having the same form as the meaningless. But stay
equation we are trying to solve. Example 2.27 provides one. From tuned—we’ll soon see that
they, too, can be generated
a3 C b 3 D .a C b/3 3ab.a C b/; by the emerging method.
we have the identity

.a C b/3 3ab.a C b/ a3 C b 3 D 0:
Thinking of a C b as a single “chunk,” say, x D a C b, the correspondence
looks like this:
.a C b/3 3ab .a C b/ .a3 C b 3 / D 0
# # # #
3 3ab .a C b 3 /
3
D 0
" " " "
x3 18 x 35 D 0:
i i
“book2” — 2013/5/24 — 8:18 — page 84 — #104
i i
So, if we can find two numbers a and b such that
3ab D 18 and a3 C b 3 D 35;
then a C b will be a root of the cubic. Hence we want a and b so that ab D 6

and a3 Cb 3 D 35. There’s an obvious solution here, namely, a D 3 and b D 2,
but we’re looking for a general method. Cubing both sides of ab D 6, we get
a3 b 3 D 216 and a3 C b 3 D 35:
By Lemma 3.2, a3 and b 3 are roots of the quadratic equation
x2 35x C 216 D 0:
The roots of this are 27 and 8. So we can take a3 D 27, b 3 D 8; surprise!

a D 3 and b D 2. Hence, 3 C 2 D 5 is a root of our original cubic.
The next theorem is usually attributed to Scipione del Ferro; we’ll use com-
plex numbers and modern notation in its statement and proof, neither of which
was available at the time. In light of Lemma 3.1, we may assume that cubics
are reduced.
Theorem 3.3 (Cubic Formula). The roots of f .x/ D x 3 C qx C r are
g C h; !g C ! 2 h; and ! 2 g C !h;
p
1
where ! D 2
1 C i 3 is a cube root of unity,
p
3 rC R q 4q 3
g D ; hD ; and R D r2 C :
2 3g 27
Proof. Let u be a root of f .x/ D x 3 C qx C r and, as in the discussion above,

we try
u D g C h:
We are led to
g3 C h3 D r
1
gh D 3
q:
1
Cube gh D 3
q, obtaining the pair of equations
g3 C h3 D r
g3 h3 D 1 3
27
q :
Lemma 3.2 gives a quadratic equation whose roots are g3 and h3 :
x2 C r x 1 3
27
q D 0: (3.1)
The quadratic formula gives

q p
3 1 4 3 1
g D2 r C r2 C 27 q D 2 rC R
i i
“book2” — 2013/5/24 — 8:18 — page 85 — #105
i i
and
q
3
p
1 4 3 1
h D 2
r r2 C 27
q D 2
r R :
Now there are three cube roots of g3 , namely, g, !g, and ! 2 g. Because
of the constraint gh D 31 q, each has a “mate,” namely, q=.3g/ D h,
q=.3!g/ D ! 2 h, and q=.3! 2 g/ D !h. Thus, the roots of f are
g C h; !g C its mate; ! 2 g C its mateI
that is, the roots of f are g C h, !g C ! 2 h, and ! 2 g C !h.
3
p If f .x/ D x
Example 3.4 (Good Example). 15x 126, then q D 15, Alternatively, having found
r D 126, R D 15376, and R D 124. Hence, g3 D 125, so we can take one root to be 6, the
g D 5. Thus, h D q=3g D 1. Therefore, the roots of f are other two roots can be
p p found as the roots of the
6; 5! C ! 2 D 3 C 2i 3; 5! 2 C ! D 3 2i 3: quadratic f .x/=.x 6/ D
x 2 C 6x C 21.
For Renaissance mathematicians, this cubic would have only one root—they
would have ignored the complex roots. N
But things don’t always work out as we expect, as the next surprising ex-
ample shows.
Example 3.5 (Bad Example). The cubic formula may give the roots in unrec-
ognizable form. Let
f .x/ D .x 1/.x 2/.x C 3/ D x 3 7x C 6I
the roots of f are, obviously, 1; 2, and 3. But the cubic formula gives
q q
3 1 400 3 1 400
g D 2 6C 27
and h D 2 6 27
:
It is not at all obvious that g C h is a real number, let alone an integer! N
Imagine yourself, standing in Piazza San Marco in Venice in 1520, partici-

pating in a contest. Your opponent challenges you to find a root of
f .x/ D x 3 7x C 6 (he invented the cubic, so he knows that it comes from
.x 1/.x 2/.x C 3/). Still, you are a clever rascal; your mentor taught you
the cubic formula. You do as you were taught, and triumphantly announce that
a root is g C h, where g3 ; h3 are the awful expressions above. Most likely, the
judges would agree that your opponent, who says that 1 is a root, has defeated
you. After all, f .1/ D 1 7 C 6 D 0, so that 1 is, indeed, a root. The judges
even snickered when they asked you to evaluate f .g C h/.
With head hung low, you return home. Can you simplify your answer? Why
is g C h equal to 1? Let’s pretend you have modern notation. Well,
q p
g3 D 21 6C 400
27
D 3 C i 109 3 :
The first question is how to compute cube roots of “numbers” of the form
a C bi , where i 2 D 1. Specifically, we want u C iv with
p
.u C iv/3 D 3 C i 109 3 :
i i
“book2” — 2013/5/24 — 8:18 — page 86 — #106
i i
Hmm! Perhaps it’s smart to separate terms involving i from honest numbers.
.u C iv/3 D u3 C 3u2 iv C 3u.iv/2 C .iv/3

D u3 C 3u2 iv 3uv 2 iv 3
D u3 3uv 2 C i.3u2 v v 3 /:
But see Example 3.36, Let’s see if the separation

p
pays off. We want numbers u; v with u3 3uv 2 D
or try to solve the system 2 3 10 3
3 and 3u v v D 9 . These equations are intractible! Sigh.
u3 3uv 2 D p 3 and
3u2 v v 3 D 109 3 with a Cube roots are tough. Let’s simplify things; perhaps solving a simpler prob-
computer. lem, say, finding square roots, can give a clue to finding cube roots. And this
we can do.
Proposition 3.6. Every complex number a C bi has a square root.

p
Proof. If b D 0, then a C i b D a.
p If a p0, then a is well-known; if a < 0,
then a D c, where c > 0, and a D i c. We can now assume that b ¤ 0,
and our task is to find u C iv with
.u C iv/2 D u2 C 2i uv v 2 D a C i bI
that is, we seek numbers u; v such that
u2 v2 D a (3.2)
and
2uv D b: (3.3)
Since b ¤ 0, Eq. (3.3) gives u ¤ 0; define v D b=2u. Substituting into

Eq. (3.2), we have
u2 .b=2u/2 D aI
rewriting,
4u4 4au2 b 2 D 0:
This is a quadratic in u2 , and the quadratic formula gives

p
u2 D 18 4a ˙ 16a2 C 16b 2
p
D 12 a ˙ a2 C b 2 :
p
Since a2 C b 2 > 0, it has a real square root. Now 12 a C a2 C b 2 is positive
p
(because b 2 > 0 implies a < a2 C b 2 ); hence, we can find its (real) square
root u as well as v D b=2u.
For example, our proof gives a method finding a square root of i . Set a D 0
and b D 1 to obtain
2
i D p1 .1 C i / :
2
We’ll see how to find the
roots of a complex number Alas, this square root success doesn’t lead to a cube root success, although it
in Section 3.3. does give us some confidence that our manipulations may be legitimate.
i i
“book2” — 2013/5/24 — 8:18 — page 87 — #107
i i
You can now appreciate the confusion produced by the cubic formula; a
cloud enveloped our ancestors. First of all, what are these “numbers” a C i b?
Sometimes they can help. Can we trust them to always give us the truth? Is it
true that we can separate terms involving i from those that don’t? When are
two complex numbers equal? Does it make sense to do arithmetic with these
guys? Do they obey the nine properties of arithmetic on page 40 that familiar
numbers do? It took mathematicians about 100 years to become comfortable
with complex numbers, and another 100 years until all was set on a firm foun-
dation.
Quartics
A method for solving fourth degree equations was found by Lodovico Ferrari
in the 1540s, but we present the version given by Descartes in 1637.
Consider the quartic F .X/ D X 4 C bX 3 C cX 2 C dX C e. The change
of variable X D x 41 b yields a simpler polynomial, f .x/ D F .x 41 b/ D
x 4 C qx 2 C r x C s, whose roots give the roots of F : if u is a root of f , then See Exercise 3.6 on
u 41 b is a root of F . Write f as a product of two quadratics: page 89.
f .x/ D x 4 C qx 2 C r x C s D .x 2 C jx C `/.x 2 jx C m/;

and determine j , `, and m (note that the coefficients of the linear terms in the
quadratic factors are j and j because f has no cubic term). Expanding and
equating like coefficients gives the equations
` C m j 2 D q;
j.m `/ D r;
`m D s:
The first two equations give Since j.m `/ D r , we
have ` C m D r=j .
2m D j 2 C q C jr ;
2` D j 2 C q r
j:
Substituting these values for m and ` into the third equation and simplifying
yield a degree 6 polynomial which is a cubic in j 2 (called the resolvent cubic):
.j 2 /3 C 2q.j 2 /2 C .q 2 4s/j 2 r 2:
The cubic formula gives a root j 2 , from which we can determine m and ` and,
hence, the roots of the quartic.
This process is an algorithm that can easily be encoded in a computer al-
gebra system; it is known as the quartic formula. The quartic formula has the
same disadvantage as the cubic formula: even though it gives correct answers,
the values it gives for the roots are usually unrecognizable. But there are some
good examples.
Example 3.7. Let’s find the roots of

f .x/ D x 4 10x 2 C 1:
First, factor f :
x4 10x 2 C 1 D .x 2 C jx C `/.x 2 jx C m/I
i i
“book2” — 2013/5/24 — 8:18 — page 88 — #108
i i
What’s going on? Why is in our earlier notation, q D 10, r D 0, and s D 1. The quartic formula shows
there a choice for ` and us how to find j; `; m. Since r D 0, we have 2` D j 2 10 D 2m; hence,
j 2 ? If the roots of f are
` D m. But `m D 1, so that either ` D 1 and j 2 D 12 or ` D 1 and j 2 D 8.
˛i for 1 Q i 4, then
f .x/ D i .x ˛i /. A
Taking ` D 1 and j 2 D 12 gives
factorization of f into p p
quadratics arises from
f .x/ D .x 2 C 12x C 1/.x 2 12x C 1/;
grouping these four factors and the quadratic formula gives the four roots of f :
into pairs, and there is p p p p p p p p
no reason why different ˛ D 2 C 3; ˇ D 2 C 3; D 2 3; ı D 2 3: N
groupings should give
the same quadratics.
Of course, any such
The quadratic formula can be derived in a way similar to the derivations
factorization gives the of the cubic and quartic formulas (in Chapter 1, we derived the formula by
1
same roots of f . completing the square). The change of variable X D x 2 b replaces the
polynomial F .X/ D X CbX Cc with the simpler polynomial f .x/ D x 2 Cq,
2
p
where q D c 14 b 2 ; the roots u D ˙ q of f .x/ give the roots u 12 b of
F . Since the roots of f are
q p
p
uD˙ qD˙ .c 14 b 2 / D ˙ 12 b 2 4c;
the roots of F are our old friends
p p
˙ 21 b 2 4c 12 b D 1
2 b˙ b2 4c :
It is now tempting, as it was for our ancestors, to try to find the roots of the
general quintic F .X/ D X 5 C bX 4 C cX 3 C dX 2 C eX C f and to express
them in a form similar to those for quadratic, cubic, and quartic polynomials;
that is, using only extraction of roots, addition, subtraction, multiplication, and
division (of course, our ancestors hoped to find roots of polynomials of any
degree). They began with the change of variable X D x 51 b to eliminate
the X 4 term. It was natural to expect that some further ingenious substitution
together with the formulas for roots of polynomials of lower degree, analogous
to the resolvent cubic, would yield the roots of F . For almost 300 years, no
such formula was found. But, in 1824, Abel proved that there is no such quintic
formula.
How to Think About It. Abel’s theorem is often misquoted. It says: there is
no formula involving only extraction of roots and the four basic operations of
arithmetic that expresses the roots of the general quintic polynomial in terms
of its coefficients. Succinctly, the general quintic is not solvable by radicals.
But there are other kinds of formulas giving roots of polynomials. For exam-
ple, here is a formula, due to Viète, giving the roots in terms of trigonometric
functions. If f .x/ D x 3 C qx C r has three real
p roots, then its roots are t cos ,3
t cos. C 120ı/, t cos. C 240ı/, where t D 4q=3 and cos.3/ D 4r=t
(there are variations using cosh and sinh when f has complex roots ([26],
p. 445–447)). You may recall Newton’s method giving the roots as limn!1 xn ,
where xnC1 D xn f .xn /=f 0 .xn /. Now some quintic polynomials are solv-
able by radicals; for example, we’ll see in Section 3.3 that x 5 1 is one such.
Another theorem of Abel gives a class of polynomials, of any degree, which
Abel (1802–1829) also are solvable by radicals. Galois, the young wizard who was killed before his
died young. 21st birthday, characterized all the polynomials which are solvable by radi-
cals, greatly generalizing Abel’s theorem. We will look at this more closely in
Chapter 9.
i i
“book2” — 2013/5/24 — 8:18 — page 89 — #109
i i
Exercises
3.1 For each equation, find all roots in R and in C
(i) x 2 2x D 15 (ii) x 2 2x D 16 (iii) x 2 2x D 16
(iv) 6x 2 C x D 15 (v) 6x 2 C x D 16 (vi) 6x 2 C x D 16
(vii) x2 D1 (viii) x3 D1 (ix) x4 D1
(x) x3 D8
3.2 * We know that i satisfies x 2 C 1 D 0 in C (is there another solution?).
(i) Show, for all n 2 Z, that the value of i n is one of 1; i; 1; i .
(ii) Use the Division Algorithm to decide which of the four values i 247 will have.
p
3.3 Let ! D 12 . 1 C i 3/ be a cube root of unity.
(i) Show, for every integer n, the value of ! n is one of 1; !; ! 2 .
(ii) Use the Division Algorithm to decide, for any fixed n, which of the three
values ! n will have.
3.4 Find two numbers whose
(i) sum is 5 and product is 6. (ii) sum is 0 and product is 2.
(iii) sum is 3 and product is 3. (iv) sum is 1 and product is 1.
(v) sum is b and product is c (in terms of(vi)
b and c).
1
3.5 * If F .X / D X 3 C bX 2 C cX C d , show that the change of variable X D x 3b
produces a polynomial f with no quadratic term,
1
f .x/ D F .x 3 b/ D x 3 C qx C r:
Express q and r in terms of b, c, and d .

3.6 *
(i) Suppose that F .X / D X 4 C bX 3 C cX 2 C dX C e.
1
(a) Show that the change of variable X D x 4b produces a polynomial f
with no cubic term,
1
f .x/ D F .x 4 b/ D x 4 C qx 2 C rx C s:
Express q, r, and s in terms of b, c, d , and e.

1
(b) Show that if u is a root of f , then u 4b is a root of F .
(ii) In general, let
F .X / D X n C an 1X
n 1
C an 2X
n 2
C C a0
be a polynomial of degree n.
1
(a) Show that the change of variable X D x n an 1 produces a polynomial
f with no term of degree n 1,
f .x/ D F .x 1
n an 1 / D x n C qn 2x
n 2
C C q0 :
1
(b) Show that if u is a root of f , then u n an 1 is a root of F:
3.7 Take It Further. Suppose that g and h are complex numbers and
p
! D 12 1Ci 3 :
Show that
g3 C h3 D .g C h/.!g C ! 2 h/.! 2 g C !h/:
i i
“book2” — 2013/5/24 — 8:18 — page 90 — #110
i i
3.8 In Example 3.7, we found the roots of x 4 10x 2 C 1 by factoring it into two
quadratics (which came from taking, in the notation of page 87, ` D 1 and j 2 D
12). Another choice was ` D 1 and j 2 D 8.
(i) Using the alternate choice, get a different factorization of the quartic into
quadratic factors.
(ii) Show that the two factorizations produce the same linear factors.
3.9 The following problem, from an old Chinese text, was solved by Qin Jiushao
(Ch’in Chiu-shao) in 1247. There is a circular castle (see Figure 3.1) whose di-
ameter is unknown; it is provided with four gates, and two lengths out of the
north gate there is a large tree, which is visible from a point six lengths east of the
south gate. What is the length of the diameter? (The answer is a root of a cubic
polynomial.)
T
2 a
N C
r
r
O
E
S 6
Figure 3.1. Castle problem.
3.10 Show that there is no real number whose square is 1.

3.11 (i) Find the roots of x 3 3x C 1 D 0.
(ii) Find the roots of x4 2x 2 C 8x 3 D 0.
3.12 Find a complex number s so that s 3 D9 46i .
3.13 Find the roots of x 3 21x C 20.
(i) by finding a root and reducing the cubic to a quadratic.
(ii) by the cubic formula.
(iii) Verify that the answers are the same.
3.14 Suppose that ˛ and ˇ are roots of the quadratic equation x 2 C bx C c D 0. Find
expressions in terms of b and c for
(i) ˛ C ˇ
(ii) ˛2 C ˇ 2
(iii) ˛3 C ˇ 3
(iv) .˛ ˇ/2
(v) Use parts (i) and (iv) to derive the quadratic formula.
3.15 Suppose that ˛, ˇ, and are roots of the cubic equation x 3 C bx 2 C cx C d D 0.
Show that
(i) ˛ C ˇ C D b
(ii) ˛ˇ C ˛ C ˇ D c
(iii) ˛ˇ D d .
i i
“book2” — 2013/5/24 — 8:18 — page 91 — #111
i i
3.2 Complex Numbers 91
3.16 (i) Show that a rectangle is determined by its perimeter and area.
(ii) Is a rectangular box determined by its volume and surface area? Explain.
3.17 Suppose that ˛, ˇ, and are roots of the cubic equation x 3 C bx 2 C cx C d D 0. Exercise 3.17 can be done
Find, in terms of b, c, and d , without the cubic formula.
(i) ˛2 C ˇ 2 C 2
(ii) ˛3 C ˇ 3 C 3
(iii) ˛2 ˇ 2 C ˛2 ˇ 2 C ˛ˇ 2 2
3.18 Take It Further.
(i) Suppose that ˛, ˇ, and are three numbers whose sum is 0. Show that
2 3
.˛ ˇ/.˛ /.ˇ / C 4.˛ˇ C ˛ C ˇ /3 C 27 ˛ˇ D 0:
(ii) Suppose that ˛, ˇ, and are roots of x 3 C qx C r. Show that

2
.˛ ˇ/.˛ /.ˇ / D 27r 2 C 4q 3 :
3.19 Take It Further. When finding the roots of x 3 C qx C r with the cubic formula,
1 3
you are led to Eq. (3.1): x 2 C rx 27 q , whose roots are g3 and h3 .
(i) Show that the discriminant ı of this quadratic is
ı D r2 C 4 3
27 q
(ii) If ı > 0, show that the cubic has one real root and two complex conjugate
roots. The discriminant of the
cubic x 3 Cqx Cr is defined
(iii) If ı D 0, show that the cubic has two real roots, one of them with multiplic-
to be D 4q 3 27r 2 .
ity 2.
(iv) If ı < 0, show that the cubic has three distinct real roots.
3.2 Complex Numbers

Before the cubic formula, mathematicians had no difficulty in ignoring neg-
ative numbers or square roots of negative numbers. For example, consider
the problem of finding the sides x and y of a rectangle having area A and
perimeter p. The equations xy D A and 2x C 2y D p give the equation
2x 2 px C 2A D 0, and the quadratic formula gives
p
x D 41 p ˙ p 2 16A :
If p 2 16A 0, the problem is solved. If p 2 16A < 0, people didn’t in-

vent fantastic rectangles whose sides involve square roots of negative numbers.
Instead, they merely said that there is no rectangle whose area and perimeter
are so related. But the cubic formula doesn’t allow us to avoid “imaginary”
numbers, for we have just seen, in Example 3.5, that an “honest” real and posi-
tive root can appear in terms of such expressions. Complex numbers arose, not
as an attempt to get roots of equations involving square roots of negative real
numbers, but as a device to solve cubic equations having real coefficients and
real roots.
The cubic formula was revolutionary. For the next 100 years, mathemati-
cians were forced to reconsider the meaning of number, calculating with strange
objects of the form a C i b (where a and b are real numbers) as if they were
i i
“book2” — 2013/5/24 — 8:18 — page 92 — #112
i i
In Chapter 7, using ideas actual numbers enjoying the simplification rule i 2 D 1. It was during this
of abstract algebra, we’ll time that the terms real and imaginary arose. In this section and the next, we’ll
see that the naive way of
develop complex numbers in a more careful and formal way, and we’ll see that
thinking about complex
numbers, as polynomials in
complex numbers are as real as real numbers!
i obeying the rule i 2 D 1,
can be made precise.
The Complex Plane
When considering expressions of the form a C bi , it is natural to separate the
two summands. Geometry rears its head.
Definition. A complex number is an ordered pair z D .a; b/ of real numbers,

Right now, a C bi is just denoted by z D a C bi . We call a the real part of z, denoting it by <.z/ D a,
an “alias” for .a; b/ but, in and b the imaginary part of z, denoting it by =.z/ D b.
your previous experience
with C, the summand bi
Both the real and the imaginary parts of a complex number are real numbers.
denoted the product of b
and i. We’ll soon recover Moreover, equality of ordered pairs says that complex numbers z D a C bi
this notion. and z 0 D a0 C b 0 i are equal if and only if <.z/ D <.z 0 / and =.z/ D =.z 0 /;
that is, a D a0 and b D b 0 . Thus, one equation of complex numbers is the same
as two equations of real numbers.
There is an immediate geometric interpretation of complex numbers: they
can be viewed as points in the plane. Real numbers are complex numbers z
with =.z/ D 0; that is, they correspond to points .a; 0/ on the x-axis (which is
called the real axis in this context). We usually abbreviate .a; 0/ to a; thus, the
You hear the following set of real numbers R is a subset of C. We denote the complex number .0; 1/
message when you call by i , so that the purely imaginary complex numbers z, those with <.z/ D 0,
one of our friends. “The correspond to points on the y-axis (which is called the imaginary axis in this
number you have reached
is imaginary; please rotate
context). When we view points as complex numbers, the plane R2 is called the
your phone 90 degrees.” complex plane, and it is denoted by C.
Thus, an ordered pair .a; b/ of real numbers has two interpretations: alge-
braic, as the complex number z D a C bi , and geometric, as the point P in
the plane R2 having coordinates a and b. We will use both interpretations, al-
gebraic and geometric, depending on which is more convenient for the context
in which we are working.
Historical Note. Surprisingly, it took a very long time for people to embrace
the idea of representing the elements of C as points in the plane. It wasn’t until
Wessel presented a paper in 1797 to the Royal Danish Academy of Sciences,
A bijection is a one-to-
entitled On the Analytic Representation of Direction: An Attempt, did this rep-
one correspondence. See
Appendix A.1, page 416, resentation crystallize. Wessel’s discovery was not adopted immediately but,
for the precise definition. by 1830, most mathematicians routinely used the bijection a C bi $ .a; b/
between complex numbers and points of the plane. The complex plane has
gone by other names in its history: for example, Argand Diagram and Gaus-
sian Plane.
Algebraic Operations
In Section 3.1, you saw that mathematicians were forced to add and multiply
complex numbers. However, without precise definitions of the operations or of
the complex numbers themselves, they could not trust many of their results.
The complex plane allows us to resolve the many doubts our ancestors had
about the algebra of complex numbers.
i i
“book2” — 2013/5/24 — 8:18 — page 93 — #113
i i
In a linear algebra course, R2 is often viewed as a vector space with real

scalars; we continue using these operations in the complex plane.
Definition. Define addition C C ! C by
.a C bi / C .c C d i / D .a C c/ C .b C d /i:
In terms of ordered pairs, .a; b/ C .c; d / D .a C c; b C d /.

Define scalar multiplication R C ! C by
r .a C bi / D ra C r b i;
where r 2 R. In terms of ordered pairs, r .a; b/ D .ra; r b/.
As in linear algebra, it is useful to look at each point in the plane (and,

hence, each complex number) as an arrow with tail at the origin (sometimes
we say vector instead of arrow). For example, we’ll think of z D 3 C 2i either
!
as the point P D .3; 2/ or as the arrow OP [where O D .0; 0/]. The context
will make it clear which interpretation we are using.
Addition is illustrated by the parallelogram law (see Figure 3.2). If P D
.a; b/ and Q D .c; d /, then R D .a C c; b C d /. Of course, this needs a
geometric proof, especially when points don’t lie in the first quadrant or they
are collinear; see Exercise 3.33 on page 98.
R = (a+c,b+d )
P = (a,b)
Q = (c,d )
Figure 3.2. Parallelogram Law.
Scalar multiplication of complex numbers has the same geometric interpre-

tation as scalar multiplication of vectors. View a complex number z D a C i b
! !
as OP , where P D .a; b/. If r 2 R, then we may view r z as the vector r OP ;
!
that is, if r 0, then it’s an arrow in the same direction as OP whose length
has been stretched by a factor of r (if r > 1) or shrunk by a factor of r (if
!
r < 1/; if r < 0, then r OP is the arrow in the reverse direction whose length
has been changed by a factor of jr j.
The eight properties listed in the next proposition are precisely the defining
properties of a vector space with scalars in R.
Proposition 3.8. Let z D a C bi , w D c C d i , and u D e C f i be complex

numbers, and suppose that r; s 2 R.
(i) z C w D w C z
(ii) z C .w C u/ D .z C w/ C u
(iii) z C 0 D z
i i
“book2” — 2013/5/24 — 8:18 — page 94 — #114
i i
In Exercise 3.21 on (iv) There is a complex number z such that z C . z/ D 0

page 98, you’ll show that
negatives are unique.
(v) r .sz/ D .r s/z
(vi) 1z D z
(vii) r .z C w/ D r z C r w
(viii) .r C s/z D r z C sz
Proof. The proofs are routine, just reducing each to a familiar statement about
real numbers, and so we’ll only prove the longest such: associativity of addi-
tion. It is clearer if we use ordered pairs.
z C .w C u/ D .a; b/ C Œ.c; d / C .e; f /

D .a; b/ C .c C e; d C f /
D .a C .c C e/; b C .d C f //
D ..a C c/ C e; .b C d / C f /
D .a C c; b C d / C .e; f /
D Œ.a; b/ C .c; d / C .e; f /
D .z C w/ C u:
In linear algebra, every vector .a; b/ has a decomposition into components

ae1 C be2 with respect to the standard basis e1 D .1; 0/; e2 D .0; 1/:
a C bi D .a; b/
D .a; 0/ C .0; b/
D a.1; 0/ C b.0; 1/:
It follows that the + in the notation a C bi really does mean add and that bi is
the product of b and i ; that is, bi D b.0; 1/ D .0; b/.
The set C of complex numbers has more algebraic structure: any two com-
plex numbers can be multiplied, not just when one of them is real. The defini-
tion arises from pretending that
.a C bi /.c C d i / D ac C ad i C bci C bd i 2
D .ac bd / C i.ad C bc/;
where we have set i 2 D 1. This is precisely what our ancestors did, which
motivates the formal definition. But our definition involves no pretending.
Definition. Define multiplication C C ! C by
.a C i b/.c C id / D .ac bd / C i.ad C bc/:
In terms of ordered pairs, .a; b/.c; d / D .ac bd; ad C bc/.
Notice that
i 2 D .0; 1/.0; 1/ D . 1; 0/ D 1;
for ac D 0 D ad D bc.
We are now obliged to prove that the familiar properties of multiplication
actually do hold for complex multiplication.
i i
“book2” — 2013/5/24 — 8:18 — page 95 — #115
i i
Proposition 3.9. Let z D a C bi , w D c C d i , and u D e C f i be complex

numbers.
(i) zw D wz
(ii) z.wu/ D .zw/u
(iii) 1z D z
(iv) z.w C u/ D zw C zu.
Proof. Again, the proofs are routine, for each reduces to a familiar statement
about real numbers. We’ll only prove associativity. As in the proof of Proposi-
tion 3.8, it is clearer if we use ordered pairs.
z.wu/ D .a; b/ Œ.c; d /.e; f /

D .a; b/.ce df; de C cf //
D .a.ce df / b.de C cf /; b.ce df / C a.de C cf //
D .ace adf bde bcf; bce bdf C ade C acf /:
On the other hand,
.zw/u D Œ.a; b/.c; d / .e; f /

D .ac bd; bc C ad /.e; f /
D .ac bd /e .bc C ad /f; .bc C ad /e C .ac bd /f /
D .ace bde bcf adf; bce C ade C acf bdf /:
Hence, z.wu/ D .zw/u.
The operations of addition and multiplication in C extend the definitions

in R; for example, if r and s are real numbers, then their sum r C s is the same,
whether you think of doing the addition in R or in C. See Exercise 3.22 on
page 98.
In Section 1.4, we displayed nine properties of addition and multiplication
in R, and we have just seen that eight of them also hold in C. We could now
define subtraction, as we did there, and prove results like z.w u/ D zw zu,
z 0 D 0 for all complex numbers z, and the Binomial Theorem. We don’t have
to repeat all of this. As we said then, once this is established, the proofs of other
properties of addition and multiplication, such as 0 z D 0 and . z/. w/ D
zw, go through verbatim.
The ninth property describes reciprocals: If z D a C bi ¤ 0, there is a
number z 1 such that z z 1 D 1 (Exercise 3.21 on page 98 shows that such a
number z 1 , if it exists, is unique.) Here is an explicit formula for z 1 D 1=z
when z D a C bi ¤ 0. If b D 0, then z D a is a nonzero real number, and
we know it has a reciprocal 1=a. If b ¤ 0, we can easily find x C yi so that
.x C yi /.a C bi / D 1. Multiply and equate real and imaginary parts:
xa yb D 1 and ya C xb D 0:
The second equation gives x D ay=b; substitute this into the first equation
and obtain
b a
yD and xD :
a2 C b2 a2 C b2
i i
“book2” — 2013/5/24 — 8:18 — page 96 — #116
i i
In either case (b D 0 or b ¤ 0),
1 a b
z D i :
a2 C b2 a2 C b2
There is a more elegant derivation of this formula. The denominator a2 Cb 2

can be factored in C:
Hence, a2 C b 2 D zz. a2 C b 2 D .a C bi /.a bi /:
This leads to the useful notion of complex conjugate.
Definition. The complex conjugate z of a complex number z D a C bi is

defined to be
zDa bi:
The function C ! C, given by z 7! z, is called complex conjugation.
If z D .a; b/, then z D .a; b/, so, geometrically, z is obtained from z by

reflection in the real axis.
Complex conjugation interacts well with addition and multiplication.
Proposition 3.10. If z D a C bi and w D c C d i are complex numbers, then

(i) z C w D z C w
(ii) zw D z w
(iii) z 2 R if and only if z D z
(iv) z D z
Proof. We’ll prove (i), leaving the rest to Exercise 3.25 on page 98.
z C w D .a C c/ C .b C d /i
D .a C c/ .b C d /i
D .a bi / C .c d i /
D z C w:
Using induction, the first two statements in the proposition can be general-
ized:
z1 C C zn D z 1 C C z n
z1 zn D z 1 z n :
The formula for the multiplicative inverse of a complex number can be writ-
ten in terms of conjugates. Informally, cancel z to see that z=zz D 1=z.
Proposition 3.11. Every nonzero complex number z D a C bi has an inverseW
1 a bi z
z D 2 2
D :
a Cb zz
i i
“book2” — 2013/5/24 — 8:18 — page 97 — #117
i i
Proof. It’s enough to see that you get 1 if you multiply z by .a bi /=.a2 Cb 2 /.
And so it is:

1 1
z z D z z D 1:
zz zz
It wouldn’t be worth introducing the new term complex conjugation if our
only use of it was to give a neat proof of the formula for reciprocals. The notion
has many other uses as well. For example, if f .x/ D ax 2 C bx C c has real
coefficients, then the quadratic formula implies that whenever z is a complex
root of f , then so is z. In fact, this is true for polynomials of any degree, and Is this true if z is real?
the proof depends only on Proposition 3.10.
Theorem 3.12. If f .x/ is a polynomial with real coefficients and a complex

number z is a root of f , then so is z.
Proof. Suppose that
f .x/ D a0 C a1 x C C ai x i C C an x n ;
where each ai 2 R. Saying that z is a root means that
0 D a0 C a1 z C C ai z i C C an z n :
Hence,
0 D 0 D a0 C a1 z C C ai z i C C an z n
D a0 C a1 z C C ai z i C C an z n
D a0 C a1 z C C ai z i C C an z n
D a0 C a1 z C C ai z i C C an z n (because all ai are real)
D f .z/ :
Therefore, z is a root of f .
Exercises
3.20 In Appendix A.4, we considered the subset P of all (strictly) positive real num-
bers; it satisfies: If we define a < b to
mean b a 2 P , then we
if a; b 2 P , then a C b 2 P and ab 2 P ; can prove all the familiar
if r 2 R, then exactly one of the following is true: properties of inequality.
For example, if a < b and
r 2 P; r D 0; or r 2 P: c < 0, then bc < ac. See
page 441.
(i) Using only the two properties of P , prove that if a 2 R, then either a D 0 or
a2 2 P .
(ii) Prove that there is no subset Q C, closed under addition and multiplica-
tion, such that if z 2 C, then exactly one of the following is true:
z 2 Q; z D 0; or z 2 Q:
Conclude that it’s impossible to order the complex numbers in a way that
preserves the basic rules for inequality listed in Proposition A.51.
i i
“book2” — 2013/5/24 — 8:18 — page 98 — #118
i i
3.21 * Suppose that z is a complex number. Generalize Propositions 1.33 and 1.32.
(i) Show that z is unique.
(ii) Show that z D . 1/z.
(iii) If z ¤ 0, show that z 1 is unique.
3.22 *
(i) We may think of real numbers r and s as complex numbers. Show that their
sum r C s and their product rs in C are the same as their sum and product
in R.
(ii) If z is a complex number and r is a real number, you can think of the complex
number rz in two ways: as the product of scalar multiplication, or as the
product of two complex numbers r C 0i and z. Show that the two calculations
give the same result.
3.23 If z 2 C, show that z C z D 2.<z/ and z z D 2.=z/.
3.24 Find a complex number z such that z C z D 14 and zz D 49.
3.25 * Finish the proof of Proposition 3.10. If z and w are complex numbers, prove
(i) zw D z w
(ii) z D z
(iii) z D z if and only if z is a real number
3.26 If z is a complex number and n is a natural number, show that
z n D .z/n :
Is this equation true if z ¤ 0 and n is a negative integer?

3.27 * Let z be a complex number and r a real number. Show how to locate rz in the
complex plane in terms of z.
Hint: r.a; b/ D .ra; rb/.
3.28 Solve the following equation for z.
.3 C 2i /z D 3 C 11i:
3.29 Find real numbers a and b such that

(i) a C bi D .8 C i /=.3 C 2i /
(ii) a C bi D .8 C i /=.3 C i /
(iii) .a C bi /2 D 5 C 12i
(iv) .a C bi /2 D 1 C i.
3.30 What’s wrong with this “proof” that 6 D 6?
p p p p
6 D 36 D . 9/. 4/ D 9 4 D 3i 2i D 6i 2 D 6:
3.31 Establish the identity
.a2 C b 2 /.c 2 C d 2 / D .ac bd /2 C .bc C ad /2
for all complex numbers a; b; c; d .

3.32 Use Theorem 3.12 to prove that every cubic polynomial with real coefficients has
a real root.
3.33 * Let z D a C bi and w D c C d i . Show that in the complex plane z C w is the
fourth vertex of the (possibly degenerate) parallelogram whose other vertices are
0, z, and w.
i i
“book2” — 2013/5/24 — 8:18 — page 99 — #119
i i
Absolute Value and Direction

We’ve already seen that addition can be viewed as the parallelogram law, multi-
plication by a real number can be viewed as scalar multiplication, and conjuga-
tion can be viewed as reflection in the real axis. There is a beautiful geometric
interpretation of complex multiplication; it is best understood if, first, we con-
sider a different way to describe an arrow in the complex plane using absolute
value and direction.
Definition. The absolute value (or length or modulus) of z D a C bi is

p
jzj D a2 C b 2 :
The absolute value of a real number is its distance to the origin, and so we
have just extended the notion of absolute value from R to C. Thus, if z D
a C bi , then jzj is the distance from the point P D .a; b/ to the origin O;
!
equivalently, it is the length of the arrow OP . Because z z D a2 C b 2 , we can
write
p Does this equation hold if
jzj D z z: z is a real number?
Proposition 3.13. Let z D a C bi and w D c C d i .

(i) jzj 0, and jzj D 0 if and only if z D 0.
(ii) .Triangle Inequality/: jz C wj jzj C jwj.
(iii) jzwj D jzj jwj.
p
Proof. (i) Both statements follow from the definition jzj D a2 C b 2 , be-
cause a2 C b 2 D 0 if and only if a D 0 D b.
!
(ii) If P D .a; b/ and Q D .c; d /, then z is the arrow OP and w is the arrow
! !
OQ. As in Figure 3.2, z C w D OR. The inequality we want is the usual
triangle inequality, which follows from the length of a line segment being
the shortest distance between its endpoints.
p
jzwj D .zw/ .zw/ Make sure you can justify
p each step in the proof.
D .zw/ .z w/ Would this proof work if
p
D .z z/ .w w/ either z or w (or both) is
p p real?
D .z z/ .w w/
D jzj jwj:
What do we mean by direction? The most natural way to indicate direction

in the plane is to point: “He went thataway!”—an arrow shows the way. The
arrow may as well have its tail at the origin and, since the length of the arrow
doesn’t affect the direction, we may as well assume it is a unit vector; that is,
it has length 1. If we denote the tip of the arrow by P D .a; b/, then P lies
on the unit circle. There are various geometric ways to describe P . One way Why did our ancestors
! divide a circle into 360
is to consider the angle between the x-axis and OP ; hence, P D .a; b/ D
parts? We can only guess
.cos ; sin /. This angle can be described with degrees; the ancients divided why. Perhaps it was related
the circle into 360 equal degrees. The angle can also be described with radians; to calendars, for a year has
the circumference of the unit circle is 2 , and is the length of the arc from about 360 days.
i i
“book2” — 2013/5/24 — 8:18 — page 100 — #120
i i
.1; 0/ to P . When we view the point P D .cos ; sin / on the unit circle as a
complex number, it is equal to cos C i sin .
Figure 3.3 shows z D a C bi as the tip of an arrow of length jzj D r . The
!
direction of this arrow is the same as the direction of the unit vector OP having
!
the same direction as z. If is the angle between the x-axis and OP , then the
coordinates of P are jOAj D cos and jAP j D sin .
z = (a, b)
P = (cos q, sin q)
r = |z|
q (1, 0)
O A
Figure 3.3. Absolute value and argument.
Definition. If z is a nonzero complex number, then its argument, denoted by
arg.z/;
!
is the counterclockwise angle from the positive real axis to OP .
Finding arg.z/ requires In Figure 3.3, we see that the coordinates of P are cos and sin ; that is,
some way of comput- if P D .a; b/, then a D cos and b D sin . Thus, for any nonzero complex
ing values of inverse
number z D a C bi , not necessarily of absolute value 1, the definitions of
trigonometric functions.
Nowadays, we use com-
cosine and sine (in terms of right triangles) give arg.z/ D , where cos D
puters; in earlier times, a=jzj and sin D b=jzj. Note that
tables of values of cosine
and sine were used. Fairly a b
accurate trigonometric z D jzj Ci D jzj .cos C i sin / : (3.4)
jzj jzj
tables were known over
two thousand years ago.
How to Think About It. Technically, the argument of a complex number

is only determined up to a multiple of 360 (if we measure in degrees) or 2
(if we measure in radians). For example, arg.1 C i / is 45ı or 4 radians, and
this is the same direction as 405ı or 9
4 radians. There is a fussy way to make
statements like “arg.1 C i / D 45ı ” precise (introduce a suitable equivalence
relation), but we prefer, as do most people, to be a bit sloppy here; the cure is
worse than the disease.
Actually, the trig functions do make angles precise, for cos and sin have
the same values when is replaced by either C 360n degrees or C 2 n
radians.
The polar form of z is
z D jzj .cos C i sin / ;
i i
“book2” — 2013/5/24 — 8:18 — page 101 — #121
i i
where D arg.z/. Just as a complex number z is determined by its real and

imaginary parts, so too is it determined by its polar form: its absolute value
and argument.
We may paraphrase
Proposition 3.14 (Polar Form). Every complex number z has a polar formW uniqueness of polar forms:
two vectors are equal if
z D r .cos C i sin /; and only if they have the
same length and the same
where r 0 and 0 < 2 . If z ¤ 0, then this expression is unique. direction.
Proof. Existence is given by Eq. (3.4). Uniqueness is almost obvious. Suppose

that z D r .cos C i sin / for some r > 0 and . Then
jzj D jr .cos C i sin /j D jr j jcos C i sin j D jr j D r;
since r 0 and jcos C i sin j D cos2 C sin2 D 1; thus, r D jzj. But
then
1 1 a b
cos C i sin D z D zD Ci ;
r jzj jzj jzj
so that
a a
cos D and sin D
jzj jzj
and D arg.z/.
Example 3.15. If z D 3 C 4i , the Pythagorean Theorem gives jzj2 D 32 C

42 D 25, so that jzj D 5; your favorite computer gives arg.z/ D D
cos 1 . 35 / 53:13ı. Thus, the polar form of z is

z D cos C i sin 5 cos 53:13ı C i sin 53:13ı : N
The Geometry Behind Multiplication

We’re ready to give a geometric interpretation of complex multiplication. Propo-
sition 3.13(iii) tells part of the story: the absolute value of a product is the prod-
uct of the absolute values. To finish the geometric analysis of multiplication, We know that zw sits on
we need to know how arg.zw/ is related to arg.z/ and arg.w/. We may as well a circle of radius jzjjwj,
centered at the origin. But
assume that z and w are unit vectors (why?), so that z D cos ˛ C i sin ˛ and
where?
w D cos ˇ C i sin ˇ. Multiply them together and collect real and imaginary
parts.
zw D .cos ˛ C i sin ˛/.cos ˇ C i sin ˇ/ (3.5)
D .cos ˛ cos ˇ sin ˛ sin ˇ/ C i.cos ˛ sin ˇ C sin ˛ cos ˇ/: (3.6)
Do <.zw/ and =.zw/ look familiar? They are the addition formulas for sine
and cosine:
cos.˛ C ˇ/ D cos ˛ cos ˇ sin ˛ sin ˇ
and
sin.˛ C ˇ/ D cos ˛ sin ˇ C sin ˛ cos ˇ:
These formulas will give a beautiful characterization of the product of two
complex numbers. We now prove them, beginning with a familiar lemma that
uses Figure 3.4.
i i
“book2” — 2013/5/24 — 8:18 — page 102 — #122
i i
W = (r, s)
U = (c, d )
Figure 3.4. Orthogonality and dot product.
! !
We are proving that per- Lemma 3.16. If W D .r; s/ and U D .c; d /, then the arrows OW and OU
pendicularity is equivalent are perpendicular if and only if r c C sd D 0.
to the dot product being 0.
Proof. We use the Pythagorean Theorem and its converse, Exercise 1.11 on
! !
page 7: OU ? OW if and only if jU W j2 D jOU j2 C jOW j2 . Let h D jU W j;
then
h2 D .r c/2 C .s d /2
D r2 2r c C c 2 C s 2 2sd C d 2
D r 2 C s2 C c2 C d 2 2.r c C sd /:
But jOW j2 D r 2 C s 2 and jOU j2 D c 2 C d 2 . Hence,
jOW j2 C jOU j2 D .r 2 C s 2 / C .c 2 C d 2 /
and
In Figure 3.4, the coor-
dinates of U are labeled h2 D r 2 C s 2 C c 2 C d 2 2.r c C sd /:
.c; d /. This lemma shows
that .c; d / D . s; r /. Therefore, h2 D jOU j2 C jOW j2 if and only if r c C sd D 0.
Now for the addition formulas.
Theorem 3.17 (Addition Theorem). Let ˛ and ˇ be angles.

(i) cos.˛ C ˇ/ D cos ˛ cos ˇ sin ˛ sin ˇ:
(ii) sin.˛ C ˇ/ D cos ˛ sin ˇ C sin ˛ cos ˇ:
We are looking at points Proof. In Figure 3.5, we have a picture of the unit circle. Let Z D .a; b/ D
here as elements of R2 , al- .cos ˛; sin ˛/ and W D .r; s/ D .cos ˇ; sin ˇ/. Rotate 4OQZ counterclock-
though we’ll soon interpret
wise through †ˇ to get 4OQ0 Z 0 , so that 4OQZ and 4OQ0 Z 0 are congru-
this diagram in the complex
plane.
ent. Thus, Z 0 D .cos.˛ C ˇ/; sin.˛ C ˇ// : Our task is to find the coordinates
of Z 0 in terms of r; s; a, and b.
Define U D . s; r /. Since W D .r; s/ is on the unit circle, we have
r 2 C s 2 D 1, and so U D . s; r / is also on the unit circle. Moreover, since
! !
. s/r C r s D 0, Lemma 3.16 says that OU is orthogonal to OW . Therefore,
O Q0 Z 0 M is a rectangle.
!
Decompose OZ 0 as the sum of two vectors:
! ! !
OZ 0 D OQ0 C OM ;
i i
“book2” — 2013/5/24 — 8:18 — page 103 — #123
i i
Z¢ W = (r, s)
Z = (a, b)
Q¢
U = (–s, r)
M a
b
a
O Q = (a, 0)
Figure 3.5. Addition Theorem.
! ! !
where OM is the projection of Q0 Z 0 onto OU . We can get explicit expres-
! !
sions for Q0 and M . First, OQ0 is a scalar multiple of OW and, because
jOQj D a, we know the scalar:
Q0 D a.r; s/ D .ar; as/:

! !
Second, OM is a scalar multiple of OU , where U D . s; r /; as jOM j D
jQZj D b, we know the scalar:
M D b. s; r / D . bs; br /:
Therefore,
! ! !
OZ 0 D OQ0 C OM D .ar; as/ C . bs; br / D .ar bs; as C br /:
Making the appropriate substitutions for a, b, r , and s, we have the desired

result:
cos.˛ C ˇ/ D cos ˛ cos ˇ sin ˛ sin ˇ
and
sin.˛ C ˇ/ D cos ˛ sin ˇ C sin ˛ cos ˇ:
Here is the result we have been seeking.
Theorem 3.18 (The Geometry of Multiplication.). If z and w are complex In words, the length of
numbers, then a product is the product
of the lengths, and the
(i) jzwj D jzj jwj, and argument of a product is
the sum of the arguments.
(ii) arg.zw/ D arg.z/ C arg.w/.
The equality in Theo-
rem 3.18(ii) holds up to a
Proof. The first statement is Proposition 3.13, and the second follows from multiple of 2.
Theorem 3.17 and Eq. (3.5) on page 101.
i i
“book2” — 2013/5/24 — 8:18 — page 104 — #124
i i
If we set arg.z/ D ˛ and arg.w/ D ˇ, then Theorem 3.18 has an especially

pleasing restatement in polar form.
Corollary 3.19. If z D jzj.cos ˛ C sin ˛/ and w D jwj.cos ˇ C sin ˇ/, then
z w D jzwj .cos.˛ C ˇ/ C i sin.˛ C ˇ// :
Proof. Both sides equal jzj .cos ˛ C i sin ˛/ jwj .cos ˇ C i sin ˇ/.
It follows easily, by induction on k 1, that if z is a complex number and

k 2 Z , then
ˇ kˇ
ˇz ˇ D jzjk and arg z k D k arg.z/:
How to Think About It. There’s a way to see, without using trigonometry,
that angles add in the product of two complex numbers. Essentially, we recast
the proof of Theorem 3.17 in terms of complex numbers. Given z D a C bi
and w D r C si , we want to determine arg.zw/ in terms of arg.z/ D ˛ and
arg.w/ D ˇ. We can assume that z and w are unit vectors; this implies that zw
is also a unit vector, by Proposition 3.13. The key insight is that
zw D .a C bi /w D aw C .bi /w D aw C b.iw/:
This approach does not You know the geometric effect of scalar multiplication (Exercise 3.27 on page 98),
seem to be very well you know how to add geometrically (parallelogram law), and you know
known. It appears in [22]
and Kerins, B. “Gauss,
iw D i.r C si / D s C r i I
Pythagoras, and Heron”
(Mathematics Teacher,
96:5, 2003), but we can’t using Lemma 3.16, it follows that iw is obtained from w by counterclock-
find any older sources. wise rotation by 90ı. Figure 3.6 below is almost the same as Figure 3.5; the
difference is that points are now labeled as complex numbers.
zw = aw + b(iw) w = r + si
z = a + bi
aw
u = iw = –s + ri
b(iw) a
b
a
O a
Figure 3.6. Complex multiplication again.
i i
“book2” — 2013/5/24 — 8:18 — page 105 — #125
i i
Let’s put this all together. Triangle OZ 0 Q0 is congruent to triangle OZQ,

so that †Z 0 OW D †ZOQ D ˛; hence, arg.zw/ D ˛ C ˇ. We have shown
that Theorem 3.18(ii) follows without any mention of trigonometry.
We have just used plane geometry to derive the geometric interpretation of
complex multiplication, avoiding the trigonometric addition formulas. Aside
from proving these ideas for students who haven’t yet seen the addition for-
mulas, complex numbers can now be used to derive these formulas. That’s an
additional bonus, especially for a precalculus class; it allows us to use complex
numbers when trying to establish other trigonometric identities thatdepend on
the addition formulas. For example, to get a formula for cos 4 C , calculate
like this:

cos 4 C C i sin 4 C D cos 4 C i sin 4 .cos C i sin /
D p1 .1 C i / .cos C i sin /
2

D p1 .cos sin / C i.cos C sin / :
2
Hence

cos C D p1 .cos sin /
4 2
and, as a bonus,

sin C D p1 .cos C sin /:
4 2
Over the next two centuries, people became comfortable with the fact that
polynomial equations with real coefficients can have complex solutions. It was
eventually proved that every polynomial f .x/ D x n C cn 1x n 1 C C c1x C
c0 with real coefficients has a factorization
f .x/ D .x ˛1 / .x ˛n /;
where ˛1 ; : : : ; ˛n are complex numbers. This amazing result holds for any
nonzero polynomial f with complex coefficients; it is known as the Funda-
mental Theorem of Algebra. We won’t prove this result here because, in spite
of its name, it is a theorem of analysis, not of algebra; you can find a readable
account in [4], pp. 142–152.
Exercises
!
3.34 If z D a C bi , prove that the arrow corresponding to z, namely OP , where
P D .a; b/, is perpendicular to the arrow corresponding to iz.
3.35 If z and w are complex numbers with w ¤ 0, show that
arg.z=w/ D arg.z/ arg.w/:
3.36 (i) Prove that the quadratic formula holds for polynomials with complex coeffi-
cients (use Proposition 3.6).
(ii) Find the roots of x 2 C 2ix 1. Why aren’t these roots conjugate?
3.37 If z and w are complex numbers, find a necessary and sufficient condition that
jz C wj to equal jzj C jwj.
i i
“book2” — 2013/5/24 — 8:18 — page 106 — #126
i i
3.38 * If z D cos ˛ C i sin ˛, show that

z D 1=z D cos. ˛/ C i sin. ˛/:
3.39 Let n 0 is an integer and D cos. 2 2
n / C i sin. n /. If z is a complex number,
give a geometric description of how z is located with respect to z on the complex
plane.
3.40 Preview. Plot the roots in the complex plane for each of the polynomials x 2 1,
x 3 1, x 4 1, x 6 1, and x 12 1.
3.41 Preview. Let D cos.45ı / C i sin.45ı /.
(i) Show that 8 D 1
(ii) Show that the distinct roots of x 8 1 are precisely 1; ; 2 ; : : : ; 7 .
(iii) Plot these roots in the complex plane.
(iv) Show that 147 is a root of x 8 1.
(v) Show that 147 is equal to one of the roots in part (ii). Which one?
3.42 Preview. Let n be a nonnegative integer and D cos. 2 2
n / C i sin. n /.
(i) Let D cos. 2 2 n
n / C i sin. n /. Show that D 1.
n
(ii) If k is any nonnegative integer, show that k D 1.
(iii) Give a geometric description of the subset f k W k 0g of the complex plane.

3.43 Take It Further. If f .x/ is a polynomial with complex coefficients, define f to
be the polynomial you get by replacing each coefficient in f by its conjugate.
Prove the following statements.
(i) f C g D f C g:
(ii) fg D f g:
(iii) f D f if and only if f .x/ has real coefficients.
(iv) f f has real coefficients.
(v) f .z/ D f .z/:
3.44 Take It Further. Suppose f .x/ is a polynomial with coefficients in C. If a
complex number z is a root of f , show that z is a root of f .
3.45 Take It Further. Suppose f .x/ is a polynomial with coefficients in C. Then
by Exercise 3.43 on page 106, if we define g.x/ D f .x/f .x/, then g.x/ has
coefficients in R. Show that if g.z/ D 0, either f .z/ D 0 or f .z/ D 0. Hence
conclude that if every polynomial with real coefficients and degree at least 1 has
a root in C, then every polynomial with complex coefficients and degree at least
1 has a root in C. (The Fundamental Theorem of Algebra says that every polyno-
mial with complex coefficients has all its roots in C. This exercise shows that it’s
enough to prove this for polynomials with real coefficients.)
3.3 Roots and Powers

We saw in the previous section that every point z on the unit circle can be
written as z D cos C i sin for some angle . Theorem 3.18 tells us that
arguments add when complex numbers are multiplied. In particular,
.cos C i sin /2 D .cos C i sin / .cos C i sin /
D cos. C / C i sin. C /
D cos.2/ C i sin.2/:
i i
“book2” — 2013/5/24 — 8:18 — page 107 — #127
i i
3.3 Roots and Powers 107
On the other hand, complex multiplication gives

.cos C i sin /2 D cos2 sin2 C i 2 cos sin :
Equating real parts and imaginary parts gives the double angle formulas:
cos.2/ D cos2 sin2

sin.2/ D 2 cos sin :
We now generalize this to any positive integer power.
Theorem 3.20 (De Moivre). For every angle and all integers n 0,
.cos C i sin /n D cos.n/ C i sin.n/:
Proof. We prove equality by induction on n 0. The theorem is true when

n D 0, for cos 0 D 1 and sin 0 D 0. Here is the inductive step.
.cos C i sin /n D .cos C i sin /n 1 .cos C i sin /

D cos .n 1/ C i sin .n 1/ .cos C i sin /

D cos .n 1/ C C i sin .n 1/ C
D cos.n/ C i sin.n/:
Example 3.21. (i)

p
.cos 3ı C i sin 3ı /40 D cos 120ı C i sin 120ı D 1
2
Ci 2
3
:
(ii) Let z D cos.45ı /C i sin.45ı / D p1 .1 C i /. We compute z 6 in two ways:

2
With the Binomial Theorem:
6
z 6 D p1 .1 C i /
2
6
1
D p .1 C i /6
2

D 1
8
1 C 6i C 15i 2 C 20i 3 C 15i 4 C 6i 5 C i 6
1
D 8
.1 C 6i 15 20i C 15 C 6i 1/
D i:
With De Moivre’s Theorem:

6
z 6 D cos.45ı / C i sin.45ı / D cos.6 45ı / C i sin.6 45ı/
D cos.270ı / C i sin.270ı / D i: N
Polar Decomposition and De Moivre’s Theorem combine to give a nice

formula for computing powers of any complex number.

Corollary 3.22. If z D r cos ˛ C i sin ˛ is a complex number, then

z n D r n cos.n˛/ C i sin.n˛/ :
i i
“book2” — 2013/5/24 — 8:18 — page 108 — #128
i i
We were unable to find a cube root of z D a C i b earlier, but there’s no

problem now.
Corollary 3.23. Let r .cos Ci sin / be the polar form of a complex number z.
If n 1 is an integer, then
hp in
n
r cos =n C i sin =n D r .cos C i sin / D z:
Of course, we must find Example 3.24. In Example 3.15, we saw that the polar form of z D 3 C 4i is
the polar form of z, approximately 5 .cos.53:13ı / C i sin.53:13
p
ı
//. Now .53:13/=3 D 17:71, and
which involves finding 3
so a cube root of z is approximately 5 .cos.17:71ı / C i sin.17:71ı //. Our
D cos 1 .a=jzj/.
calculator says that
p 3
3
5 cos 17:71ı C i sin 17:71ı D 3:000001 C 3:99999i: N
We are now going to describe a beautiful formula discovered by Euler. Re-

call some power series formulas from calculus. For every real number x,
x2 xn
ex D 1 C x C CC C ;
2Š nŠ
x2 x4 . 1/n x 2n
cos x D 1 C C C ;
2Š 4Š .2n/Š
and
x3 x5 . 1/n 1 x 2nC1
sin x D x C C C :
3Š 5Š .2n C 1/Š
P
We can define convergence of power series 1 n
nD0 cn z for z and cn com-
plex numbers, and we can then show that the series
z2 zn
1CzC CC C
2Š nŠ
converges for every complex number z. The complex exponential e z is defined
to be the sum of this series. In particular, the series for e ix converges for all
real numbers x, and
.ix/2 .ix/n
e ix D 1 C ix C CC C :
2Š nŠ
It is said that Euler was Theorem 3.25 (Euler). For all real numbers x,
delighted by the special
case e ix D cos x C i sin x:
ei C 1 D 0; Sketch of proof. We will not discuss necessary arguments involving conver-
for it contains five important
gence. As n varies over 0; 1; 2; 3; 4; 5; : : :, the powers of i repeat every four
constants in one equation. steps: that is, the sequence
1; i; i 2 ; i 3 ; i 4 ; i 5 ; i 6 ; i 7 ; i 8 ; i 9 ; i 10 ; i 11 ; : : :
is actually
1; i; 1; i; 1; i; 1; i; 1; i; 1; i; : : : I
i i
“book2” — 2013/5/24 — 8:18 — page 109 — #129
i i
the even powers of i are all real, whereas the odd powers all involve i . It
follows, for every real number x, that .ix/n D i n x n takes values
1; ix; x2; ix 3 ; x 4 ; ix 5 ; x6; ix 7 ; x 8 ; ix 9 ; x 10 ; ix 11 ; : : :
Thus, in the definition of the complex exponential,
.ix/2 .ix/n
e ix D 1 C ix C CC C ;
2Š nŠ
the even powers of ix do not involve i , whereas the odd powers do. Collecting
terms, one has e ix D even terms C odd terms. But
.ix/2 .ix/4
even terms D 1 C C C
2Š 4Š
x2 x4
D1 C
2Š 4Š
and
.ix/3 .ix/5
odd terms D ix C C C :
3Š 5Š
x3 x5
D i.x C /:
3Š 5Š
Therefore, e ix D cos x C i sin x.
As a consequence of Euler’s Theorem, the polar decomposition can be
rewritten in exponential form: every complex number z has a factorization
z D r e i ;
where r 0 and 0 < 2 . P

1 .ix/n
We have chosen to denote nD0 nŠ by e ix , but we cannot assert,
merely as a consequence of our notation, that the law of exponents, e ix e iy D
e i.xCy/ , is valid. But this is precisely what Corollary 3.19 says once it is trans-
lated into exponential notation.
Theorem 3.26 (Exponential Addition Theorem). For all real numbers x and
y,
e ix e iy D e i.xCy/ :
Proof. According to Corollary 3.19,
e ix e iy D .cos x C i sin x/.cos y C i sin y/

D cos.x C y/ C i sin.x C y/
D e i.xCy/ :
We can also translate De Moivre’s Theorem into exponential notation.
Corollary 3.27 (Exponential De Moivre). For every real number x and all
integers n 1,
.e ix /n D e i nx :
i i
“book2” — 2013/5/24 — 8:18 — page 110 — #130
i i
Proof. According to De Moivre’s Theorem,
.e ix /n D .cos x C i sin x/n D cos.nx/ C i sin.nx/ D e i nx :
It is easier to remember the trigonometric addition formulas in complex

form. For example, let’s find the triple angle formulas. On the one hand, De
Moivre’s Theorem gives
e i 3x D cos.3x/ C i sin.3x/:
On the other hand,
e i 3x D .e ix /3
3
D cos x C i sin x
D cos3 x C 3i cos2 x sin x C 3i 2 cos x sin2 x C i 3 sin3 x

D cos3 x 3 cos x sin2 x C i 3 cos2 x sin x sin3 x :
Equating real and imaginary parts, we have
cos.3x/ D cos3 x 3 cos x sin2 x
and
sin.3x/ D 3 cos2 x sin x sin3 x:
Roots of Unity
De Moivre’s Theorem can be used to find the roots of an important family of
polynomials: those of the form x n 1.
Theorem 3.28. The distinct roots of x n 1 are
1; ; 2 ; ; n 1
;
where D n D cos.2=n/ C i sin.2=n/. These numbers are equally spaced

on the unit circle and are the vertices of a regular polygon, called the unit
n-gon.
Proof. By Corollary 3.23, n D 1, so that is a root of x n 1. Furthermore,

for any nonnegative integer k, we have . k /n D . n /k D 1, so that all k are
also roots of x n 1. But there are repetitions on the list 1; ; 2 ; . By the
Division Algorithm, for any j , we have j D qn C r , where 0 r n 1.
Hence,
j D q nCr D q n r D r ;
because q n D 1.
On the other hand, all the k , for 0 k n 1, are distinct. After all, by
De Moivre’s Theorem,
k D cos.2 k=n/ C i sin.2 k=n/;
and Proposition 3.14, uniqueness of polar forms, applies, for 0 2 k=n < 2
are n distinct angles. Therefore, we have displayed n distinct roots of x n 1.
i i
“book2” — 2013/5/24 — 8:18 — page 111 — #131
i i
These are all the roots of x n 1, for a polynomial of degree n can have at
most n distinct roots. We’ll give a proof of this later (see Theorem 6.16) but,
since we haven’t yet proved this result, we now proceed in a different way.
If z 2 C is a root of x n 1, then 1 D jz n j D jzjn , so that jzj D 1,
by Exercise 1.73 on page 41, and z D cos C i sin for some . By De
Moivre’s Theorem, 1 D z n D cos.n/ C i sin.n/, so that n D 2 k for
some integer k; hence, D 2 k=n. Write k D qn C r , where 0 r < n, and
z D cos.2 k=n/ C i sin.2 k=n/ D cos.2 r=n/ C i sin.2 r=n/:

r
Thus, z is equal to the root
already displayed.
k
Finally, since arg D k arg ./ D 2 k=n, the roots k are equally
spaced around the circle and, hence, they are the vertices of a regular n-gon.
(See Figure 3.7 for the case n D 8.)
Definition. The roots of x n 1 are called the nth roots of unity. An nth root
of unity is a primitive nth root of unity if n is the smallest positive integer
for which n D 1.
For every n 1, we see that D e 2 i=n is a primitive nth root of unity, for
if 1 m < n, then m D cos.2 m=n/ C i sin.2 m=n/ ¤ 1. In particular,
i D cos.2=4/
p C i sin.2=4/ is a primitive fourth root of unity, and ! D
1
2
. 1 C 3/ D cos.2=3/ C i sin.2=3/ is a primitive cube root of unity.
Corollary 3.29. Let k D cos.2 k=n/Ci sin.2 k=n/ be an nth root of unity.
(i) k is a primitive nth root of unity if and only if gcd.k; n/ D 1.
(ii) If k is a primitive nth root of unity, then every nth root of unity is a power
of k .
Proof. (i) Suppose that k is a primitive nth root of unity. If d D gcd.k; n/ >
1, then n=d < n, and
. k /n=d D . n /k=d D 1:
This contradicts n being the smallest positive integer with . k /n D 1.

Suppose that k is not primitive; that is, . k /m D 1 for some m < n.
Since, by hypothesis, gcd.k; n/ D 1, there are integers s and t with 1 D
sk C tn; hence, m D msk C mtn. But now
m D mskCmt n D msk mt n D 1;
which contradicts being a primitive nth root of unity.

(ii) Every nth root of unity is equal to j for some j . If gcd.k; n/ D 1, then
there are integers s and t with 1 D sk C tn. Hence,
j D jskCj t n D jsk j t n D . k /js :
Definition. For every integer n 1, define the Euler -function .n/ by
.n/ D number of k with 1 k n and gcd.k; n/ D 1:
For example, .1/ D 1 and, if p is prime, .p/ D p 1.
i i
“book2” — 2013/5/24 — 8:18 — page 112 — #132
i i
Corollary 3.30. For every positive integer n, there are exactly .n/ primitive
nth roots of unity.
Proof. This follows at once from Corollary 3.29(i).
Example 3.31. The complex number cos. 2 n

/ C i sin. 2
n
/ is a primitive nth
root of unity, by Theorem 3.28. The 8th roots of unity (shown in Figure 3.7)
are
cos. 2
8
/ C i sin. 2
8
/; cos. 6
8
/ C i sin. 6
8
/;
cos. 10
8
/ C i sin. 10
8
/; cos. 14
8
/ C i sin. 14
8
/I
that is, the primitive 8th roots of unity are all those cos. 2k
8
/ C i sin. 2k
8
/ for
which gcd.k; 8/ D 1. N
-1 1
-i
Figure 3.7. 8th roots of unity.
The nth roots of unity enjoy some remarkable properties that we’ll use in
upcoming chapters; here are some of them. (See Exercise 3.51 on page 115
and Proposition 6.63 for some other interesting properties.)
Theorem 3.32. Let be an nth root of unity.

(i) 1 C 2 C 3 C C n 1
D 0.
k
(ii) k D 1= for every nonnegative integer k.
(iii) If k D qn C r , then k D r .
Proof. (i) We have x n 1 D .x 1/q.x/, and we find q by long division:

.x 1/ 1 C x C x 2 C C x n 1 D x n 1:
Now set x D to see that
. 1/.1 C C 2 C C n 1
/ D n 1 D 0:
But 1 ¤ 0, and the result follows.

(ii) This follows from Exercise 3.38 on page 106.
(iii) This follows from q n D 1.
i i
“book2” — 2013/5/24 — 8:18 — page 113 — #133
i i
Theorem 3.28 establishes an intimate connection between the nth roots of

unity and the geometry of the unit n-gon. The next examples illustrate this
connection for small n.
Example 3.33. The vertices of unit n-gons for small values of n can be calcu-
lated with plane geometry.
p p
The vertices of the unit 3-gon are 1; 1 . 1 C i 3/; 1 . 1 i 3/: See Exercise 3.49 on
2 2
The vertices of the unit 4-gon are 1; i; 1; i . page 115 for more exam-
ples.
The vertices of the unit 6-gon are
p p p p
1; 21 .1Ci 3/; 12 . 1Ci 3/; 1; 21 . 1 i 3/; 21 .1 i 3/: N
Example 3.34 (Regular Pentagon). Since a primitive 5th root of unity is D

cos.2=5/ C i sin.2=5/, by Theorem 3.28, the vertices of the unit 5-gon are
D cos.2=5/ C i sin.2=5/
2 D cos.4=5/ C i sin.4=5/
3 D cos.6=5/ C i sin.6=5/
4 D cos.8=5/ C i sin.8=5/
5 D cos.10=5/ C i sin.10=5/ D 1 D 0 :
Figure 3.8. Unit 5-gon.
Can we find explicit expressions for these vertices that don’t involve trigonom-
etry? We’ll obtain such an expression for cos.2=5/, but we’ll leave the rest of
the details for you (Exercise 3.49(i) on page 115); after all, you can evaluate,
say, cos.8=5/.
We have D 4 , by Theorem 3.32(ii). Inspired by Lemma 3.2, we define
g D C 4 and h D 2 C 3:
Now
g D C 4 D 2 cos.2=5/;
a real number that is twice the number we are after. Similarly,
h D 2 C 3 D 2 cos.4=5/;
i i
“book2” — 2013/5/24 — 8:18 — page 114 — #134
i i
another real number. By Theorem 3.32(i),
g C h D C 4 C 2 C 3
D 1:
Thus, we know that g C h D 1. Do we also know gh? Let’s see.

gh D C 4 . 2 C 3 /
D 3 C 4 C 6 C 7
D 3 C 4 C C 2 by Theorem 3.32(iii)
D 1:
Hence, g C h D 1 D gh, and so g and h are the roots of
x2 C x 1:
Now x 2 C x 1 has a positive root and a negative one. Since g > h (why?),
the positive root is g, and so
cos.2=5/ D 21 g
p
D 14 . 1 C 5/: N
An ancient problem, going back to the Greeks, is to determine which regular

n-gons can be constructed with ruler and compass. As we’ll see in Chapter 7,
the problem comes down to finding an expression for cos.2=n/ that doesn’t
mention trigonometry, only the operations of arithmetic and iterated square
roots (as in Example 3.34). We’ve essentially shown that the regular pentagon
is so constructible. This argument, grouping the k into convenient subclusters,
was greatly generalized and refined by Gauss (when he was only 17 years old!)
to show that the vertices of the unit 17-gon can be constructed (Euclid did not
know this!). (This and much more is in Gauss’s masterpiece, Disquisitiones
Arithmeticae.) Gauss requested that his tombstone portray a regular 17-gon,
but the stonemason was unable to carve it, saying it would look more like a
circle than a polygon.
Exercises
3.46 Is De Moivre’s Theorem true for negative integer exponents? Explain.
3.47 Let z D cos C i sin . Show, for all nonnegative integers n, that
z n C .z/n D 2 cos n and zn .z/n D 2 sin n:
3.48 This exercise shows that there’s something special about a 72ı angle: there’s only
one isosceles triangle (up to similarity) whose base angle is twice the vertex an-
gle, namely, the “72-72-36 triangle.” Let the equal sides of such a triangle have
length 1, and let q denote the length of the base.
(i) Bisect one of the base angles of the triangle.
(ii) Show that the small triangle is similar to the whole triangle.
1 q
(iii) Use (ii) to show that q D 1 q; and solve for q.
(iv) Show that q=2 D cos 72ı .
i i
“book2” — 2013/5/24 — 8:18 — page 115 — #135
i i
36°
q
1 1 1
q
1–q
72° 72°
q q
Figure 3.9. 72-72-36 triangle. Figure 3.10. Its construction.
3.49 * Find explicit formulas (i.e., without trigonometry) for the vertices of the unit
(i) pentagon. (ii) decagon. (iii) 20-gon.
3.50 * Let n be a positive integer and let D e2 i =n .

(i) Establish the identity

xn 1 D .x 1/.x / x 2 x n 1
:
(ii) If x and y are integers, show that

xn y n D .x y/.x y/ x 2y x n 1
y :
(iii) If x and y are integers and n is odd , show that

x n C y n D .x C y/.x C y/ x C 2 y x C n 1
y :
3.51 Take It Further. We saw, on page 111, that .p/ D p 1, where p is prime
and is the Euler- function. Note that if n D p1 p2 ,
then .p1 1/.p2 1/ D
(i) Suppose n is the product of two primes, n D p1 p2 . Show that
n pn n n
p C p p :
1 2 1 2
.n/ D .p1 1/.p2 1/:
e e
(ii) Suppose n is the product of two primes powers, n D p11 p22 . Show that

n n n 1 1
.n/ D n C Dn 1 1 :
p1 p2 p1 p2 p1 p2
e e
(iii) Generalize to show that, if n D p11 p22 : : : pnen , then
n
Y
1
.n/ D n 1 :
pk
kD1
3.52 Prove or disprove and salvage if possible. If a and b are positive integers,
.ab/ D .a/.b/:
3.53 Find explicit formulas (i.e., without trigonometry) for the vertices of the unit n-
gon if
(i) n D 3 (ii) n D 4
(iii) n D 6 (iv) n D 8
(v) n D 12 (vi) n D 16
i i
“book2” — 2013/5/24 — 8:18 — page 116 — #136
i i
3.54 For all integers n between 3 and 9, find all the primitive nth roots of unity.
3.55 Find a primitive 12th root of unity . Is unique?
3.56 Suppose D cos. 2 2
7 / C i sin. 7 /.
(i) Plot the roots of x 7 1 in the complex plane.
(ii) Show that ˛ D C 6 , ˇ D 2 C 5 , and D 3 C 4 are real numbers.
(iii) Find a cubic equation satisfied by 2 cos. 2
7 / by finding the values of ˛CˇC ,
˛ˇ C ˛ C ˇ , and ˛ˇ .
Pn 1 k
3.57 If n D cos. 2 2
n / C i sin. n /, evaluate kD0 n :
3.58 Show that cos. 2 4

5 / C cos. 5 / D
1
2:
3.59 Take It Further. If n is a nonnegative integer, how many irreducible factors over
Z does x n 1 have? In other words, we’re looking for a pattern in the outputs of
the function n 7! # of factors of x n 1 over Z: (Use a computer).
n Number of Factors of x n 1
1
2
3
4
5
6
7
8
9
10
11
12
3.4 Connections: Designing Good Problems

This section will use complex numbers to help create mathematics problems
that “come out nice.” When launching a new topic, you want to start with
examples which focus on the new idea; there shouldn’t be any distractions—
for example, numbers should be simple integers or rationals. Indeed, this is
why the Babylonians introduced Pythagorean triples.
Norms
We begin by introducing a function C ! R, called the norm, that is closely
related to absolute value. It will be an important tool for our applications; it will
also be very useful in Chapter 8 when we do some algebraic number theory.
Definition. The norm of a complex number z D a C bi is
N.z/ D zz D a2 C b 2 :
i i
“book2” — 2013/5/24 — 8:18 — page 117 — #137
i i
3.4 Connections: Designing Good Problems 117
Here are some basic properties.
Proposition 3.35. Let z D a C i b and w be complex numbers.

(i) N.z/ is a nonnegative real number, and N.z/ D 0 if and only if z D 0.
(ii) N.z/ D jzj2 .
(iii) N.zw/ D N.z/N.w/.
Proof. (i) This follows at once from N.a C bi / D a2 C b 2.

p
(ii) This follows at once from jzj D ja C bi j D a2 C b 2 .
(iii) N.zw/ D zw zw D zw z w D zz ww D N.z/N.w/:
It follows from Proposition 3.35(iii) that
N.z k / D N.z/k
for all z and all k 0.
Here is an application of the norm.
Example 3.36. Let’s revisit Example 3.5, the “bad example,” in which the
cubic formula gives the roots of x 3 7x C 6 D .x 1/.x 2/.x C 3/ in
unrecognizable form.
Imagine again that you have just left the contest in Piazza San Marco, think-
ing about how g C h could possibly equal 1, where
p p
g3 D 3 C i 10 9
3 and h3 D 3 i 10 9
3:
Had you known about conjugates, you’d have seen that g3 D h3 . It would have
been natural to guess that the cube roots g and h are also complex conjugates
(you’d have guessed right: see Exercise 3.64 on page 127); thus, g D a C i b
and h D a i b. Now if g C h D 1, as your opponent loudly proclaimed, then
.a C i b/ C .a i b/ D 2a D 1; that is,
1 1
gD 2 C ib and hD 2 i b:
You really want to find g and h now—what is b? Using the norm function, you
see that
p 2
N.g/3 D N.g3 / D . 3/2 C 109 3 D 343 27
:
Since norms are always real numbers, you conclude that

q
N.g/ D 3 343
27
D 73
(the other cube roots are complex; they are 73 ! and 37 ! 2 , where ! is a primitive
cube root of unity). But if g D 21 C i b, then N.g/ D 14 C b 2 . Hence, 14 C b 2 D
7 5
3 , and b D ˙ 2 3 . Thus,
p
1 5 1 5
gD 2
Ci p and hD 2
i p :
2 3 2 3
Bingo! For these “values” of g and h, we have g C h D 1. You were right! To find the other two roots,
Elated, you run back to the square to show off g and h, but everyone has gone see Exercise 3.65 on
home. N page 127.
i i
“book2” — 2013/5/24 — 8:18 — page 118 — #138
i i
Pippins and Cheese

We call this subsection Pippins and Cheese, a phrase borrowed from Shake-
speare’s Merry Wives of Windsor, which describes delicious desserts.
Here are five problems. Solve them now; they are not difficult, but the an-
swers may surprise you.
(i) A triangle has vertices . 18; 49/; .15; 7/, and .30; 15/: How long are
its sides?
(ii) In Figure 3.11, the side lengths of 4QS U are as marked. How big is
†Q?
5 7
Q S
8
Figure 3.11. Side lengths.
(iii) An open box is formed by cutting out squares from a 7 15 rectangle and
folding up the sides (see Figure 3.12). What size cut-out x maximizes the
volume of the box?
15
Figure 3.12. Making boxes.
(iv) Find the zeros, extrema, and inflection points of the function
f .x/ D 140 144 x C 3 x 2 C x 3:
(v) Find the area of the triangle with sides of lengths 13, 14, and 15.
A meta-problem is a problem that asks how to design “nice” exercises of

a particular genre, such as “How do you construct integer-sided scalene trian-
gles having a 60ı angle?” As we mentioned earlier, finding Pythagorean triples
was one of the first meta-problems; it was invented by teachers who wanted to
study and apply side-lengths of right triangles. In Section 1.2, we developed
the method of Diophantus for this purpose—rational points on the unit circle
correspond to Pythagorean triples. In this section, we’ll consider two types
of meta-problems: two ways of creating exercises like the five listed above.
See Exercises 1.79—1.82 One meta-problem uses the norm function; the other generalizes Diophantus’s
on page 44. chord method of “sweeping lines” by replacing circles with other conic sec-
tions. (There are many other kinds of meta-problems, ranging in topic from
exponential equations to algebra word problems to trigonometry.)
i i
“book2” — 2013/5/29 — 12:13 — page 119 — #139
i i
Gaussian Integers: Pythagorean Triples Revisited

In Chapter 1, we saw that the Pythagorean equation a2 C b 2 D c 2 corresponds
to a rational point ac ; bc on the unit circle. But, given what you’ve just been
studying, the Pythagorean equation might conjure up another rewrite in your
mind, namely
.a C bi /.a bi / D c 2 ;
or even
N.a C bi / D c 2:
So, we’re looking for complex numbers z D a C bi whose norms are perfect
squares of integers. The Pythagorean equation now looks like
N.z/ D c 2 :
For example, N.3 C 4i / D 52, N.5 C 12i / D 132, and N.8 C 15i / D 172.
This idea doesn’t work for every complex number. What’s needed are com-
plex numbers whose real and imaginary parts are integers (and, besides, whose
norms are perfect squares). We’d like the real and imaginary parts to be posi-
tive integers, but any integers will do, because changing the sign of the real or
imaginary part of a complex number doesn’t change its norm (why?).
Definition. The Gaussian integers is the set ZŒi of all complex numbers
whose real and imaginary parts are integers. In symbols,
ZŒi D fa C bi 2 C W a 2 Z and b 2 Zg :
Proposition 3.37. (i) The set ZŒi of Gaussian integers is closed under ad-
dition and multiplicationW If a C bi; c C d i 2 ZŒi , then
.a C bi / C .c C d i / D .a C c/ C .b C d /i 2 ZŒi
.a C bi /.c C d i / D .ac bd / C .ad C bc/i 2 ZŒi :
(ii) If z D a C bi , then
N.z/ D a2 C b 2 :
Proof. The formula for addition is clear; for multiplication, use the fact that
i 2 D 1. Of course, part (ii) is just the definition of the norm.
We’ll investigate the Gaussian integers in more detail in Chapter 8.
Let’s return to the norm equation N.z/ D c 2 arising from Pythagorean
triples, but with z a Gaussian integer. Our question is now “Which Gaussian
integers have perfect squares as norms?” The answer comes from Proposi-
tion 3.35(iii): if z and w are complex numbers, then N.zw/ D N.z/ N.w/: In
particular (letting z D w),
N z 2 D N.z/2 :

The left-hand side of this equation is the norm of a Gaussian integer: if z D

a C i b, then z 2 D .a2 b 2 / C i 2ab; moreover, N.z 2 / is a sum of two nonzero
i i
“book2” — 2013/5/24 — 8:18 — page 120 — #140
i i
perfect squares if a > 0, b > 0, and a ¤ b. Now the right-hand side is the
square of an integer, namely, N.z/2 , which produces a Pythagorean triple. For
example, if z D 3 C 2i , then N.z/ D 13 and z 2 D 5 C 12i , and we get the
Pythagorean triple .5; 12; 13/, for

52 C 122 D N .3 C 2i /2 D N.3 C 2i /2 D 132 :
We now have a quick way to generate Pythagorean triples (by hand or with
a computer; one of our colleagues uses this method to amaze friends at parties).
Pick a Gaussian integer r C si (with r > 0, s > 0, and r ¤ s), and square it.
The r; s entry in the following table is Œ.r C i s/2 ; N.r C i s/. For exam-
ple, the top entry in the first column, arising from r D 2 and s D 1, is
Œ.2 C i /2 ; N.2 C i / D Œ3 C 4i; 5; the corresponding Pythagorean triple is
.3; 4; 5/.
sD1 sD2 sD3 sD4

r D2 3 C 4i; 5
r D3 8 C 6i; 10 5 C 12i; 13
r D4 15 C 8i; 17 12 C 16i; 20 7 C 24i; 25
r D5 24 C 10i; 26 21 C 20i; 29 16 C 30i; 34 9 C 40i; 41
r D6 35 C 12i; 37 32 C 24i; 40 27 C 36i; 45 20 C 48i; 52
Eisenstein Integers.
Let’s now look at the meta-problem of creating triangles with integer side-
lengths and a 60ı angle.
Let †C D 60ı in Figure 3.13, so that cos.†C / D 21 . By the Law of
Cosines,
c 2 D a2 C b 2 2ab cos †C
2 2
Da Cb ab:
2 2
What’s important here is that the right-hand side
pof the equation, a ab C b ,
1
is the norm of a C b!, where ! D 2 . 1 C i 3/ is a primitive cube root of
unity (Exercise 3.72 on page 128). This leads to the following definition.
B
c
a
A
C b
Figure 3.13. †C D 60ı.

Eisenstein did extensive
research on complex
numbers of the form Definition. The Eisenstein integers is the
pset ZŒ! of all complex numbers of
a C b, where is a the form a C b!, where ! D 12 . 1 C i 3/ is a primitive cube root of unity
primitive nth root of unity. and a; b are integers. In symbols,
Note that ! is a primitive
cube root of unity. ZŒ! D fa C b! 2 C W a 2 Z and b 2 Zg :
i i
“book2” — 2013/5/24 — 8:18 — page 121 — #141
i i
Here are some properties of Eisenstein integers.
Proposition 3.38. (i) The set ZŒ! of Eisenstein integers is closed under ad-
dition and multiplication: If .a C b!/; .c C d!/ 2 ZŒ!, then
.a C b!/ C .c C d!/ D .a C c/ C .b C d /! 2 ZŒ! InZŒi, i 2 D 1. In

ZŒ!; ! 2 D 1 !.
.a C b!/.c C d!/ D .ac bd / C .bc C ad bd /! 2 ZŒ!:
(ii) If z D a C b!, then In ZŒi, i 2 D 1.

In ZŒ!; ! 2 D 1 !.
N.z/ D a2 ab C b 2:
Proof. (i) The formula for addition is clear. For multiplication,
.a C b!/.c C d!/ D ac C .bc C ad /! C bd! 2 :
Since ! 2 C ! C 1 D 0; we have ! 2 D 1 !, and
.a C b!/.c C d!/ D .ac bd / C .bc C ad bd /!:
(ii) As we said above, this is Exercise 3.72 on page 128.
Definition. An Eisenstein triple is a triple of positive integers .a; b; c/ such

that
a2 ab C b 2 D c 2:
The same idea that produces Pythagorean triples from norms of squares of
Gaussian integers applies to produce Eisenstein triples from norms of squares
of Eisenstein integers. If z is an Eisenstein integer, then
N.z 2 / D N.z/2 :
The left-hand side of this equation, being the norm of an Eisenstein integer,
is of the form a2 ab C b 2 . And the right-hand side is the square of the
integer N.z/. Hence a2 ab C b 2 is a perfect square, and we have produced
an Eisenstein triple.
Example 3.39. If z D 3 C 2!, then N.z/ D 32 3 2 C 22 D 7, and we have
z 2 D 9 C 12! C 4! 2
D 9 C 12! C 4. 1 !/
D 5 C 8!:

Hence, 52 5 8 C 82 D N z 2 D N.z/2 D 72 ; and .5; 8; 7/ is an Eisenstein
triple. N
In Figure 3.14, we have †Q D 60ı .

We have found a quick way to generate Eisenstein triples (by hand or with
a computer). Pick an Eisenstein integer r C s! (with r > 0, s > 0, and r ¤ s)
and square it.
The r; s entry in the following table is .r C s!/2 ; N.r C s!/. For exam-
ple, the top entry in the first column, which arises from r D 2 and s D 1,
i i
“book2” — 2013/5/24 — 8:18 — page 122 — #142
i i
5 7
Q S
8
Figure 3.14. All sides have integer length.

is .2 C !/2 ; N.2 C !/ D .3 C 3!; 3/; the corresponding Eisenstein triple
gives .3; 3; 3/, which is an equilateral triangle. One of our friends calls this
table a “candy store of patterns.” Which entries give equilateral triangles?
sD1 sD2 sD3 sD4

r D2 3 C 3!; 3
r D3 8 C 5!; 7 5 C 8!; 7
r D4 15 C 7!; 13 12 C 12!; 12 7 C 15!; 13
r D5 24 C 9!; 21 21 C 16!; 19 16 C 21!; 19 9 C 24!; 21
r D6 35 C 11!; 31 32 C 20!; 28 27 C 27!; 27 20 C 32!; 28
r D7 48 C 13!; 43 45 C 24!; 39 40 C 33!; 37 33 C 40!; 37
r D8 63 C 15!; 57 60 C 28!; 52 55 C 39!; 49 48 C 48!; 48
r D9 80 C 17!; 73 77 C 32!; 67 72 C 45!; 63 65 C 56!; 61
r D 10 99 C 19!; 91 96 C 36!; 84 91 C 51!; 79 84 C 64!; 76
Eisenstein Triples and Diophantus

There’s another, geometric, way to generate Eisenstein triples, using the same
idea as the method of Diophantus in Chapter 1. If .a; b; c/ is an Eisenstein
See Exercise 1.79 on triple, so that
page 44.
a2 ab C b 2 D c 2;
then dividing by c 2 gives
.a=c/2 .a=c/ .b=c/ C .b=c/2 D 1:
Thus, .a=c; b=c/ is a rational point on the ellipse with equation
x2 xy C y 2 D 1:
(See Figure 3.15.) As with the unit circle, the graph contains . 1; 0/, and we
See Exercise 3.66 on can use the chord method idea of Diophantus.
page 128.
Proposition 3.40. Let ` be a line through . 1; 0/ which intersects the ellipse
with equation x 2 xy C y 2 D 1 in a point P . If ` has rational slope, then P
has rational coordinates, P D .a=c; b=c/, and
a2 ab C b 2 D c 2 :
If P D .a=c; b=c/ is in the first quadrant, then .a; b; c/ is an Eisenstein triple.
i i
“book2” — 2013/5/29 — 16:15 — page 123 — #143
i i
y
1.2
0.8
0.4
x
–1.6 –1.2 –0.8 –0.4 0.4 0.8 1.2 1.6
–0.4
–0.8
–1.2
Figure 3.15. The graph of x 2 xy C y 2 D 1.
Proof. The proof is almost identical to the proof of Proposition 1.2. We leave
it to you to fill in the details.
For example, if ` has slope 14 and equation y D 14 .x C 1/, then ` intersects
15 7

the ellipse in 13 ; 13 , and .15; 7; 13/ is an Eisenstein triple. So, the triangle
whose side lengths are 15, 7, and 13 has a 60ı angle. Which angle is it?
Nice Boxes
Our next application is to a “box problem.” In an a b rectangle, cut out little
squares at the corners, and then fold up the sides to form an open-top box (see
Figure 3.16). What size cut-out maximizes the volume of the box? For most
rectangles, the best cut-out has irrational side length. The meta-problem:
How can we find a and b to make the optimal cut-out a rational number?
x
b
Figure 3.16. Box problem.
As we tell our students, let the size of the cut-out be x. Then the volume of
the box is a function of x:
V .x/ D .a 2x/.b 2x/x D 4x 3 2.a C b/x 2 C abx;
and its derivative is
V 0 .x/ D 12x 2 4.a C b/x C ab:
We want V 0 .x/ to have rational zeros, and so its discriminant
16.a C b/2 48ab
i i
“book2” — 2013/5/29 — 16:18 — page 124 — #144
i i
should be a perfect square. But 16 is a perfect square, and so
.a C b/2 3ab D a2 ab C b 2
should be a perfect square. This will be so if a and b are the legs of an Eisen-
stein triple .a; b; c/.
For example, from the Eisenstein triple .7; 15; 13/, we get a 7 15 rectangle
that can be used to create a box whose maximum volume occurs at a rational-
length cut-out. The volume of the resulting box is
V .x/ D .7 2x/.15 2x/x D 4x 3 443x 2 C 105x:
So, V 0 .x/ D 12x 2 88x C 105. The roots of V 0 .x/ are 23 and 35 6
. Both are
3
rational, but only 2 fits the context and maximizes V . (Why doesn’t 35
6 fit the
context? What significance does it have? Also, see Exercise 3.69 on page 128.)
Nice Functions for Calculus Problems

Our next meta-problem is one that has occupied faculty room discussions about
calculus teaching for years.
How do you find cubic polynomials f .x/ with integer coefficients and
rational roots, whose extrema and inflection points have rational coordi-
nates?
No cheating: we want the extrema points and inflection points to be distinct.

We’ll actually create cubics in which all these points have integer coordinates.
Using the notation of Theorem 3.3, we can first assume that the cubic f is
reduced; that is, it has form
f .x/ D x 3 C qx C r:
This immediately guarantees that f 00 .x/ D 6x has an integer root, namely 0

(the inflection point of the graph is on the y-axis). Next, if we replace q by
3p 2 for some integer p, then f 0 .x/ D 3x 2 3p 2, and f 0 .x/ also has integer
roots. So, our cubic now looks like f .x/ D x 3 3p 2 x C r . This will have
rational extrema and inflection points (what are they?), so all we have to do is
ensure that it has three rational roots.
If f has two rational roots, it has three (why?), and so it’s enough to make
two roots, say ˛ and ˇ, rational (we use ˛ instead of ˛ because we’ve
experimented a bit and found that this makes the calculations come out nicer).
But if f . ˛/ D f .ˇ/ D 0, we have
˛ 3 C 3p 2˛ D ˇ 3 3p 2ˇ
or
ˇ 3 C ˛ 3 D 3p 2.˛ C ˇ/:
We can divide both sides by ˛ C ˇ, for ˛ C ˇ ¤ 0 (lest ˛ D ˇ; remember

that we want our roots distinct); we obtain
˛2 ˛ˇ C ˇ 2 D 3p 2:
i i
“book2” — 2013/5/24 — 8:18 — page 125 — #145
i i
Eisenstein integers again. This is the same as

N.˛ C ˇ!/ D 3p 2:
This time we want an Eisenstein integer whose norm is 3 times a square.
We’re in luck: the equation a2 ab C b 2 D 3 has several integer solutions,
including .1; 2/. So, 3 D N.1 !/. Hence we just need to take ˛ C ˇ! to be
1 ! times the square of an Eisenstein integer. Indeed, if
˛ C ˇ! D .1 !/.r C s!/2 ;
then

˛2 ˛ˇ C ˇ 2 D N.˛ C ˇ!/ D N .1 !/.r C s!/2

D N .1 !/ N .r C s!/2
D 3N.r C s!/2 ;
which is 3 times the square of an integer.
Example 3.41. Let’s take s D 1 and r D 3. Then we have

˛ C ˇ! D .1 !/.3 C !/2
D 13 C 2!:
This tells us several things:
(i) Since N.13 C 2!/ D 147, our cubic is
f .x/ D x 3 147x C r:
(ii) But because 147 D 3 7 (so, p D 7), f 0 .x/ D 3x 3 3 49 will have
2
rational roots: ˙7.

(iii) Since two roots of our cubic are ˛ and ˇ, two roots are 13 and 2.
This lets us find r . Since
23 147 2 C r D 0;
we have r D 286. Hence our cubic is
f .x/ D x 3 147x C 286:
You can check that the third root is 11 and that the extrema and inflection
points are rational. N
Creating examples like this is not hard by hand, but a computer algebra
system makes it automatic. The next table was generated by a CAS, and it
shows the results of our algorithm for small values of r and s.
s D1 s D2 sD3
r D2 54 27x C x3 128 48x C x3
r D3 286 147x C x3 286 147x C x 3 1458 243x C x 3
r D4 506 507x C x3 3456 432x C x3 506 507x C x 3
r D5 7722 1323x C x 3 10582 1083x C x 3 10582 1083x C x 3
r D6 35282 2883x C x3 18304 2352x C x 3 39366 2187x C x 3
i i
“book2” — 2013/5/24 — 8:18 — page 126 — #146
i i
All these cubics have coefficient of x 2 equal to 0. If you’d like examples

See Exercise 3.70 on where this is not the case, just replace x by, say, x C 1 and simplify. Again, a
page 128. CAS makes this easy.
Lattice Point Triangles

A lattice point is a point Our last meta-problem arises when illustrating the distance formula.
with integer coordinates.
How can you find three lattice points A, B, and C in the plane so that
the distance between any two of them is an integer?
Clearly, solutions are invariant under translation by a lattice point; that is,
if A, B, and C form a lattice point solution and U is any lattice point, then
A U , B U , and C U form another solution: since d.A U; B U / D
d.A; B/ (where d.P; Q/ is the distance between points P and Q), we have
d.A; B/ D jA Bj. Hence, we can assume that one of the points, say C , is at
the origin.
Now view the plane as the complex plane, so that lattice points are Gaussian
integers. Thus, we want Gaussian integers z and w such that jzj, jwj, and
jz wj are integers. But if z D a C bi , then
p p
jzj D a2 C b 2 D N.z/:
Hence, to make the length an integer, make the norm a perfect square and, to
make the norm a perfect square, make the Gaussian integer a perfect square in
ZŒi . That is, we want Gaussian integers z and w so that z, w, and z w are
perfect squares in ZŒi . Hence, we choose z and w so that
z D ˛2 for some ˛ 2 ZŒi

2
wDˇ for some ˇ 2 ZŒi
2
z wD for some 2 ZŒi :
In other words, we want Gaussian integers ˛, ˇ, and so that
˛2 ˇ2 D 2
or
˛2 D ˇ2 C 2:
The punchline is that one of our favorite identities,

2 2
x 2 C y 2 D x 2 y 2 C .2xy/2 ;
which holds in any commutative ring, holds, in particular, in ZŒi . So, the trick
is to pick Gaussian integers x and y, set
See Exercise 1.25 on ˛ D x2 C y2

page 14. ˇ D x2 y2 ;
and then let

z D ˛2
w D ˇ2:
i i
“book2” — 2013/5/24 — 8:18 — page 127 — #147
i i
Example 3.42. Pick x D 2 C i and y D 3 C 2i . Then
˛ D x 2 C y 2 D 8 C 16i and ˇ D x 2 y2 D 2 8i:
Now put
z D ˛ 2 D 192 C 256i and w D ˇ 2 D 60 C 32i:
Hence, .0; 0/, . 192; 256/, and . 60; 32/ are vertices of an integer-sided tri-
angle. Moreover, adding a lattice point to each vertex produces another such
triangle with no vertex at the origin. Once again, a CAS can be used to generate
many more. N
This is just the beginning; many research problems are generalizations of

meta-problems. Fermat’s Last Theorem started as a search for integer solutions
to equations like the Pythagorean equation but with larger exponents.
There are many other meta-problems that yield to these two methods: norms
from ZŒi or ZŒ!; rational points on the unit circle or on the graph of x 2
xy Cy 2 D 1. Still others can be solved with norms from other number systems
or from rational points on other curves. In Chapter 9, we will see that congruent
numbers lead to rational points on certain cubic curves.
Exercises
3.60 For each integer n between 3 and 9, find a polynomial of smallest degree with
integer coefficients whose roots are the primitive nth roots of unity.
3.61 * Let a and b be real numbers, and let z be a complex number.
(i) Show that a C bz D a C b z:
(ii) Show that N.a C bz/ D a2 C 2<.z/ab C b 2N.z/.
3.62 * If z and w are complex numbers, show that N.z/ < N.w/ if and only if
jzj < jwj.
3.63 Let be an isosceles triangle with side lengths 13, 13, and 10.
(i) Show that the altitude to the base has length 12, and that it divides into two
5, 12, 13 triangles.
(ii) Show that the altitude to one of the sides of length 13 divides into two right
triangles whose side lengths are rational.
(iii) Each of the side lengths can thus be scaled to get a Pythagorean triple. Show
that one triple is similar to .5; 12; 13/ and that other comes from .5 C 12i /2.
(iv) Generalize this result to any isosceles triangle formed by two copies of a
Pythagorean triple, joined along a leg.
3.64 * Let g and h be complex numbers such that g3 D h3.

p
(i) Show that g is equal to either h, !h, or ! 2 h, where ! D 21 . 1 C i 3/.
(ii) If gh is also real, show that g D h.
3.65 * Suppose that g D 12 C p 5
i , h D g, and ! D cos. 2 2
3 / C i sin. 3 / (see
2 3
Example 3.36). Find the value of
(i) g! C h! 2
(ii) g! 2 C h!
i i
“book2” — 2013/5/24 — 8:18 — page 128 — #148
i i
3.66 * Sketch the graph of x 2 ax C y 2 D 1 for

(i) a D 1
(ii) a D 1
(iii) a D 2
(iv) a D 3
1
(v) a D 2
3.67 In Theorem 1.5, we saw that every Pythagorean triple is similar to one of the form
.2xy; x 2 y 2 ; x 2 C y 2 /:
Show how this can be obtained via the “norm from ZŒi ” method.
3.68 Obtain a formula for Eisenstein triples analgous to the one for Gaussian inte-
gers in Theorem 1.5 using norms from ZŒ! and rational points on the graph of
x 2 xy C y 2 D 1.
3.69 * Assume that the square of the Eisenstein integer r C s! is used to generate an
Eisenstein triple, and that the triple is used to create a “nice box,” as on page 123.
Express the volume of the box in terms of r and s.
Replacing x by x C 1 just 3.70 * Replace x by x C 1 in several of the cubics in the table on page 125 to produce
translates the graph by one nice cubics whose coefficient of x 2 is nonzero. Show that your cubics are indeed
unit. Which way? nice.
3.71 Describe where Gaussian integers are situated in the complex plane.
3.72 * Suppose that a and b are real numbers and
p
! D cos. 2 2
3 / C i sin. 3 / D
1
2. 1Ci 3/:
Show that
N.a C b!/ D a2 ab C b 2:
3.73 Describe where Eisenstein integers are situated in the complex plane.
3.74 Find an integer-sided triangle one of whose angles has cosine equal to 3=5.
Hint: Let D cos. 53 / C i sin. 35 / and consider norms from ZŒ. What conic
would help here?
3.75 A Heron triangle is a triangle with integer side lengths and integer area. In Ex-
ercise 1.26 on page 14, you found a Heron triangle by joining two Pythagorean
triangles together along a common leg. Show that the following method also pro-
duces Heron triangles.
Pick a rational point .cos ; sin / on the unit circle, where 0 < < , and let
˛ D cos C i sin . Then pick any number z of the form r C s˛, where r and
s are rational numbers and r > s > 0.
(i) What is the norm of r C s˛?
(ii) Show that
˛2 C 2˛ cos C 1 D 0:
(iii) Show that if z 2 D a C b˛, then the triangle with side lengths a and b and
included angle will have a rational number, say c, as its third side length
and a rational number as an area. (This triangle can be then scaled to produce
a Heron triangle.) Use this method to generate a few Heron triangles.
3.76 Show that a triangle with lattice point vertices and integer side-lengths is a Heron
triangle.
i i
“book2” — 2013/5/24 — 8:18 — page 129 — #149
i i
3.77 Take It Further. Here’s a typical current problem, taken from B. Kerins, Gauss,
Pythagoras, and Heron, Mathematics Teacher, 2003, 350-357:
A boat is making a round trip, 135 miles in each direction. Without a cur-
rent, the boat’s speed would be 32 miles per hour. However, there is a con-
stant current that increases the boat’s speed in one direction and decreases
it in the other. If the round trip takes exactly 9 hours, what is the speed of
the current?
(i) Solve the problem.
(ii) Solve the corresponding meta-problem: find a method for generating current
problems that come out nice.
i i
“book2” — 2013/5/24 — 8:18 — page 130 — #150
i i
i i
“book2” — 2013/5/24 — 8:18 — page 131 — #151
i i
4 Modular Arithmetic
Theorems about integers can be generalized to other interesting contexts. For

example, an early attack on Fermat’s Last Theorem was to factor x n C y n
(n odd) as in Exercise 3.50 on page 115:
x n C y n D .x C y/.x C y/ .x C n 1
y/;
where D e 2 i=n is an nth root of unity. It turns out that the most fruitful
way to understand this factorization is within the system ZŒ of cyclotomic
integers, the collection of all polynomials in with coefficients in Z (a com- We’ll discuss cyclotomic
mon generalization of Gaussian integers ZŒi and Eisenstein integers ZŒ!). integers in Chapter 8.
Numbers in these systems can be added and multiplied, and they satisfy all but
one of the nine fundamental properties that ordinary numbers do (reciprocals
of cyclotomic integers need not be such); we will call such systems commuta-
tive rings. But for some roots of unity , the commutative ring ZŒ does not
enjoy the unique factorization property that Z, ZŒi , and ZŒ! have, and this
caused early “proofs” of Fermat’s Last Theorem to be false. Dealing with the
lack of unique factorization was one important problem that led naturally to
the modern way of studying algebra.
In Section 4.1, we shall see that the distinction between even and odd can
be generalized, using congruences: studying remainders in the Division Algo-
rithm. It turns out, as we’ll see in Section 4.3, that, for any fixed positive integer
m, the set of its remainders, 0; 1; :::; m 1, can be viewed as a commutative
ring, as can cyclotomic integers, and they behave in many, but not all, ways It turns out that many of
as do ordinary integers. Finally, in Section 4.5, we’ll apply these results to an the “number systems”
analysis of decimal expansions of rational numbers. studied in high school are
commutative rings.
4.1 Congruence
It is often useful to know the parity of an integer n; that is, whether n is even
or odd (why else would these words be in the language?). But n being even or
odd is equivalent to whether its remainder after dividing by 2 is 0 or 1. Modular
arithmetic, introduced by Euler around 1750, studies the generalization of par-
ity arising from considering remainders after dividing by any positive integer.
At a low level, it will help us answer questions of the following sort:
London time is 6 hours ahead of Chicago time; if it is now 9:00 AM in
Chicago, what time is it in London?
If April 12 falls on a Thursday this year, on what day of the week is May 26?
131
i i
“book2” — 2013/5/24 — 8:18 — page 132 — #152
i i
132 Chapter 4 Modular Arithmetic
At a more sophisticated level, it will allow us to solve some difficult number

theoretic problems.
Definition. Let m 0 be an integer. If a; b 2 Z, then a is congruent to b

modulo m, denoted by
Note that a 0 mod m if
a b mod m;
and only if m j a.
if m j .a b/.
Etymology. The number m in the expression a b mod m is called the

modulus, the Latin word meaning a standard unit of measurement. The term
modular unit is used today in architecture: a fixed length m is chosen, say,
m D 1 foot, and plans are drawn so that the dimensions of every window,
door, wall, etc., are integral multiples of m.
We claim that integers a and b have the same parity if and only if a
b mod 2. Assume that a and b have the same parity. If both are even, then
a D 2a0 and b D 2b 0. Hence, a b D 2.a0 b 0 /, 2 j .a b/, and a
b mod 2. Similarly, if both are odd, then a D 2a0 C 1 and b D 2b 0 C 1. Hence,
a b D .2a0 C 1/ .2b 0 C 1/ D 2.a0 b 0 /, 2 j .a b/, and a b mod 2
in this case as well. Conversely, suppose that a b mod 2. If a and b have
different parity, then one is even, the other is odd, and so their difference is
odd. Hence, 2 − .a b/, and a 6 b mod 2. Having proved the contrapositive,
we may now assert that a and b have the same parity.
Example 4.1. If a r mod m, then r is obtained from a by throwing out

a multiple of m. For example, let’s compute the time of day using a 12-hour
Modular arithmetic is called clock. When adding 6 hours to 9:00, the answer, 3:00, is obtained by taking
“clock arithmetic” in some 9 C 6 D 15 3 mod 12 (i.e., we throw away 12). In more detail, let 0 denote
introductory texts.
12:00, 1 denote 1:00, : : : ; 11 denote 11:00. Three hours after 9:00 is 12:00;
that is, 9 C 3 D 12 0 mod 12; 4 hours after 9:00 is 1:00; that is, 9 C 4 D
13 1 mod 12, and 6 hours after 9:00 is 3:00; that is, 9C6 D 15 3 mod 12.
The same idea applies to calendars. Let 0 denote Sunday, 1 denote Mon-
day, : : :, 6 denote Saturday.
Sun Mon Tues Wed Thurs Fri Sat

0 1 2 3 4 5 6
If today is Tuesday, what day of the week is 90 days from now? Since 2C90 D
92 1 mod 7, the answer is Monday.
Let’s now answer the question: if April 12 falls on Thursday this year, on
what day of the week is May 26? There are 18 days to April 30, so there are
18 C 26 D 44 days until May 26 (for April has only 30 days). Now Thursday
corresponds to 4, so that May 26 corresponds to 4 C 44 D 48 6 mod 7;
therefore, May 26 falls on Saturday. N
There are at least two ways to state the solutions of Exercises 3.2 and 3.3
on page 89. We expected you to say then that i n D i m if and only if n and m
leave the same remainder when divided by 4 and, if ! is a primitive cube root
of unity, that ! n D ! m if and only if n and m leave the same remainder when
i i
“book2” — 2013/5/24 — 8:18 — page 133 — #153
i i
4.1 Congruence 133
divided by 3. In light of the next proposition, we can also say that i n D i m if

and only if 4 j .n m/; that is, n m mod 4, and ! n D ! m if and only if
3 j .n m/; that is, n m mod 3.
Proposition 4.2. Let m 2 and a; b 2 Z.

(i) If a D qm C r , then a r mod m.
(ii) a b mod m if and only if each of a and b have the same remainder
after dividing by m.
Proof. (i) Since a r D qm, we have m j .a r /; that is, a r mod m.

0
(ii) Assume a b mod m. Let r; r be the remainders after dividing a; b, re-
spectively, by m; that is, a D qmCr and b D q 0 mCr 0 , where 0 r < m
and 0 r 0 < m. We want to show that r 0 D r . If not, suppose that r 0 < r
(the argument is the same if r < r 0 ). Then a b D m.q q 0 / C .r r 0 /
with 0 < r r 0 < m. Now Exercise 1.46 on page 29 gives m j .r r 0 /.
Hence, m r r 0 , by Lemma 1.13, contradicting r r 0 < m.
Conversely, if a D qm C r , b D q 0 m C r 0 , and r D r 0 , then a b D
m.q q 0 / and a b mod m.
Notice that Proposition 4.2 generalizes the fact that integers a and b have
the same parity if and only if a b mod 2.
We are now going to see that congruence modulo m behaves very much
like ordinary equality; more precisely, it is an equivalence relation (see Ap-
pendix A.2): it is reflexive, symmetric, and transitive.
Proposition 4.3. Let m 0. For all integers a; b; c, we have

(i) a a mod mI
(ii) if a b mod m, then b a mod mI
(iii) if a b mod m and b c mod m, then a c mod m.
Proof. All are easy to check. We have a a mod m, because a a D 0 and

m j 0 is always true (even when m D 0). Since b a D .a b/, if m j .a b/,
then m j .b a/. Finally, .a b/ .b c/ D a c, so that if m j .a b/ and
m j .b c/, then m j .a c/.
How to Think About It. Congruence mod 1 makes sense, but it is not very
interesting, for a b mod 1 if and only if 1 j .a b/. But this latter condition
is always true, for 1 is a divisor of every integer. Thus, every two integers are
congruent mod 1. Similarly, congruence mod 0 makes sense, but it, too, is not
very interesting, for 0 j c if and only if c D 0. Thus, a b mod 0 if and only If 0 j c, then there is some
if 0 j .a b/; that is, a b mod 0 if and only if a D b, and so congruence k with c D 0 k D 0; that
is, c D 0.
mod 0 is just ordinary equality. You should not be surprised that we usually
assume that m 2.
Corollary 4.4. If m 2, then every integer a is congruent mod m to exactly See Exercise 4.5 on
one integer on the list page 140 for a generaliza-
tion.
0; 1; : : : ; m 1:
i i
“book2” — 2013/5/24 — 8:18 — page 134 — #154
i i
Proof. By the Division Algorithm, we have a D qm C r , where 0 r < m;

that is, a r mod m.
If a were congruent to two integers on the list, say, r < r 0 , then r
r mod m by transitivity, so that m j .r 0 r /. Since 0 < r 0 r < m, this
0
would contradict Lemma 1.13.

Congruence gets along well with addition and multiplication.
Proposition 4.5. Let m 0.

(i) If a a0 mod m and b b 0 mod m, then
a C b a0 C b 0 mod m:
More generally, if ai ai0 mod m for i D 1; : : : ; k, then
a1 C C ak a10 C C ak0 mod m:
(ii) If a a0 mod m and b b 0 mod m, then
ab a0 b 0 mod m:
More generally, if ai ai0 mod m for i D 1; : : : ; k, then
a1 ak a10 ak0 mod m:
(iii) If a b mod m, then
ak b k mod m for all k 1:
Proof. (i) If m j .a a0 / and m j .b b 0 /, then m j .a C b/ .a0 C b 0 /,

because .a C b/ .a0 C b 0 / D .a a0 / C .b b 0 /. The generalization to
k summands follows by induction on k 2.
(ii) We must show that if m j .a a0 / and m j .b b 0 /, then m j .ab a0 b 0 /.
This follows from the identity
ab a0 b 0 D ab ab 0 C ab 0 a0 b 0 D a.b b 0 / C .a a0 /b 0 :
The generalization to k factors follows by induction on k 2.

(iii) This is the special case of part (ii) in which all ai D a and all ai0 D b.
How to Think About It. The key idea in calculating with congruences
mod m is that every number can be replaced by its remainder after dividing
by m, for this is precisely what Proposition 4.5 permits; it allows you to “re-
duce as you go” in calculations, as the next example shows.
Example 4.6. The last (units) digit of a positive integer is the remainder when
it is divided by 10. What is the last digit of
103243 C 2348 5267‹
We could do this by brute force: cube 10324, multiply 2348 and 5267, add, and
look at the last digit. But, as one of our friends says, why should the calculator
have all the fun? You can do this more cleverly using congruence.
i i
“book2” — 2013/5/24 — 8:18 — page 135 — #155
i i
4.1 Congruence 135
To compute 103243, first look at 10324.
10324 4 mod 10; so that 103243 43 mod 10:
Now 43 D 64 4 mod 10, so that 103243 4 mod 10, and the last digit
of 103243 is 4.
To multiply 2348 and 5267, note that 2348 8 mod 10 and 5267 More simply, think of
7 mod 10. Hence, multiplying 2348 and 5267
by hand. What’s the last
2348 5267 8 7 D 56 6 mod 10: digit? This is what most
middle school students
Thus, would do. We just want
to illustrate the general
103243 C 2348 5267 4 C 6 D 10 mod 10; principle here.
and 0 is the last digit; 103243 C 2348 5267 is divisible by 10.

Now you try one: what is the last digit of 752843 C 10988 310767? N
The next example uses congruence to solve more difficult problems.
Example 4.7. (i) If a 2 Z, then a2 0, 1, or 4 mod 8.

If a is an integer, then a r mod 8, where 0 r 7; moreover,
by Proposition 4.5 (iii), a2 r 2 mod 8, and so it suffices to look at the
squares of the remainders. We see in Figure 4.1 that only 0, 1, or 4 can be
a remainder after dividing a perfect square by 8.
r 0 1 2 3 4 5 6 7
2
r 0 1 4 9 16 25 36 49
2
r mod 8 0 1 4 1 0 1 4 1
Figure 4.1. Squares mod 8.
(ii) n D 1003456789 is not a perfect square.

Since 1000 D 8 125, we have 1000 0 mod 8, and so
1003456789 D 1003456 1000 C 789 789 mod 8:
Dividing 789 by 8 leaves remainder 5; that is, n 5 mod 8. But if n were

a perfect square, then n 0; 1, or 4 mod 8.
(iii) There are no perfect squares of the form 3m C 3n C 1, where m and n are
positive integers.
Again, let’s look at remainders mod 8. Now 32 D 9 1 mod 8, and
so we can evaluate 3m mod 8 as follows: if m D 2k, then 3m D 32k D
9k 1 mod 8; if m D 2k C 1, then 3m D 32kC1 D 32k 3 3 mod 8.
Thus,
(
m 1 mod 8 if m is even
3
3 mod 8 if m is odd:
Replacing numbers by their remainders after dividing by 8, we have the

following possibilities for the remainder of 3m C 3n C 1, depending on
i i
“book2” — 2013/5/24 — 8:18 — page 136 — #156
i i
the parities of m and n:

3 C 1 C 1 5 mod 8
3 C 3 C 1 7 mod 8
1 C 1 C 1 3 mod 8
1 C 3 C 1 5 mod 8:
In no case is the remainder 0, 1, or 4, and so no number of the form

3m C 3n C 1 can be a perfect square, by part (i). N
Many beginning algebra students wish that .aCb/p D ap Cb p in Z; if only

.a C b/2 D a2 C b 2 ! The next proposition (which paraphrases Exercise 7.27
on page 293) would delight them. If theorems were movies, Proposition 4.8
would be X-rated: only adults would be allowed to see it.
Proposition 4.8. If p is a prime and a; b are integers, then

.a C b/p ap C b p mod p:
Proof. The Binomial Theorem gives

p
!
X p p
p r r
.a C b/ D a b :
r D0
r

But pr 0 mod p for all r with 0 < r < p, by Proposition 2.26. The result
now follows from Proposition 4.5(i).
The next theorem (sometimes called the Little Fermat Theorem to distin-
guish it from Fermat’s Last Theorem) turns out to be very useful.
See Corollary 4.67 for Theorem 4.9 (Fermat). Let p be a prime and a 2 Z.
another proof.
(i) ap a mod p.
n
(ii) ap a mod p for all n 1.
(iii) If p − a, then ap 1 1 mod p.
Proof. (i) We first prove the statement when a 0, by induction on a. The

base step a D 0 is obviously true. For the inductive step, the inductive
hypothesis is ap a mod p. Hence, Proposition 4.8 gives
.a C 1/p ap C 1 a C 1 mod p:
To complete the proof, consider a, where a > 0; now
. a/p D . 1/p ap . 1/p a mod p:
If p is an odd prime (indeed, if p is odd), then . 1/p D 1, and . 1/p a D

a, as desired. If p D 2, then . a/2 D a2 a mod 2, and we are fin-
ished in this case as well.
(ii) The proof is by induction on n 1: the base step is part (i), while the
n n 1 p
inductive step follows from the identity ap D ap .
p p 1
(iii) By part (i), p j .a a/; that is, p j a.a 1/. Since p − a, Euclid’s
Lemma gives p j .ap 1 1/; that is, ap 1 1 mod p.
i i
“book2” — 2013/5/24 — 8:18 — page 137 — #157
i i
4.1 Congruence 137
Later in this chapter, we will use the next corollary to construct codes that
are extremely difficult for spies to decode.
Corollary 4.10. If p is a prime and m 1 mod .p 1/, then am a mod p

for all a 2 Z.
Proof. If a 0 mod p, then am 0 mod p, and so am a mod p. Assume

now that a 6 0 mod p; that is, p − a. By hypothesis, m 1 D k.p 1/ for
some integer k, and so m D 1 C .p 1/k. Therefore,

1 k
am D a1C.p 1/k
D aa.p 1/k
D a ap a mod p;
for ap 1
1 mod p, by Theorem 4.9(iii)
We can now explain a well-known divisibility test.
Proposition 4.11. A positive integer a is divisible by 3 if and only if the sum

of its (decimal) digits is divisible by 3.
Proof. The decimal notation for a is dk : : : d1 d0 ; that is,
a D dk 10k C C d1 10 C d0 ;
where 0 di < 10 for all i . Now 10 1 mod 3, and Proposition 4.5(iii)

gives 10i 1i D 1 mod 3 for all i ; thus parts (i) and (ii) of Proposition 4.5
give a dk C C d1 C d0 mod 3. Therefore, a is divisible by 3 if and only
if a 0 mod 3 if and only if dk C C d1 C d0 0 mod 3.
How to Think About It. The proof of Proposition 4.11 shows more than its
statement claims: the sum of the (decimal) digits of any positive integer a is
congruent to a mod 3, whether or not a is divisible by 3. For example,
172 1 C 7 C 2 mod 3I
that is, both 172 and 10 (the sum of its digits) are 1 mod 3.
Since 10 1 mod 9, Proposition 4.11 holds if we replace 3 by 9 (it is often

called casting out 9s): A positive integer a is divisible by 9 if and only if the Is the sum of the decimal
sum of its digits, †.a/, is divisible by 9. digits of an integer a
congruent mod 9 to a
Define two operations on the decimal digits of a positive integer a.
itself?
(i) Delete all 9s (if any) and delete any group of digits whose sum is 9
(ii) Add up all the digits.
It is easy to see that repeated applications of these operations to a positive
integer a yields a single digit; call it r .a/. For example,
5261934 ! 526134 ! 561 (for 2 C 3 C 4 D 9) ! 12 ! 3:
(It is now clear why this procedure is called casting out 9s.) In light of a
†.a/ mod 9, we have †.a/ r .a/ mod 9, so that r .a/, which seems to de-
pend on a choice of operations (i) and (ii), depends only on a, for the variation
of Proposition 4.11 for 9 says that †.a/ is the remainder after dividing a by 9.
i i
“book2” — 2013/5/24 — 8:18 — page 138 — #158
i i
Before today’s calculators, casting out 9s was used by bookkeepers to detect

errors in calculations (alas, it could not detect all errors). For example, suppose
the end of a calculation gave the equation
.22345 C 5261934/1776 D 9347119504:
Casting out 9s from each number gives
.7 C 3/3 D 8;
for r .22345/ D 7, r .5261934/ D 3, r .1776/ D 3, and r .9347119504/ D 8.

But .7 C 3/3 D 30 3 mod 9, not 8 mod 9, and so there was a mistake in the
calculation.
The word “bookkeeper” is unusual in that it has three consecutive double
letters: oo, kk, ee. This reminds us of a silly story about a word having six
consecutive double letters. A zoo discovered that one of its animals, Ricky
the raccoon, was quite remarkable. Ricky was a born showman: he could do
somersaults, hang by his tail, and give wonderful soft-shoe dances whenever
spectators sang. As his fame spread, the zoo provided him with a special cage
containing a private corner where he could unwind after popular performances.
Crowds came from far and wide came to see him. Indeed, Ricky became so
famous that the zoo was forced to hire attendants to take care of his needs. In
particular, someone was sought to maintain Ricky’s corner; the job description:
raccoonnookkeeper.
The usual decimal notation for the integer 5754 is an abbreviation of
5 103 C 7 102 C 5 10 C 4:
But there is nothing special about the number 10.
Example 4.12. Let’s write 12345 in “base 7.” Repeated use of the Division
Algorithm gives
12345 D 1763 7 C 4
1763 D 251 7 C 6
251 D 35 7 C 6
35 D 5 7 C 0
5 D 0 7 C 5:
Back substituting (i.e., working from the bottom up),
07C5D 5
5 7 C 0 D 35
.0 7 C 5/ 7 C 0 D 35
35 7 C 6 D 251
..0 7 C 5/ 7 C 0/ 7 C 6 D 251
251 7 C 6 D 1763
...0 7 C 5/ 7 C 0/ 7 C 6/ 7 C 6 D 1763
1763 7 C 4 D 12345
....0 7 C 5/ 7 C 0/ 7 C 6/ 7 C 6/ 7 C 4 D 12345:
i i
“book2” — 2013/5/24 — 8:18 — page 139 — #159
i i
4.1 Congruence 139
Expanding and collecting terms gives
5 74 C 0 73 C 6 72 C 6 7 C 4 D 12005 C 0 C 294 C 42 C 4 D 12345: N
This idea works for any integer b 2.
Proposition 4.13. If b 2 is an integer, then every positive integer h has an

expression in base bW there are unique integers di with 0 di < b such that
h D dk b k C dk 1b
k 1
C C d0 :
Proof. We first prove the existence of such an expression, by induction on h.

By the Division Algorithm, h D qb C r , where 0 r < b. Since b 2, we
have h D qb C r qb 2q. It follows that q < h: otherwise, q h, giving
the contradiction h 2q 2h. By the inductive hypothesis,
h D qb C r D .dk0 b k C C d00 /b C r D dk0 b kC1 C C d00 b C r:
We prove uniqueness by induction on h. Suppose that
h D dk b k C C d1 b C d0 D e m b m C C e 1 b C e 0 ;
where 0 ej < b for all j . that is, h D .dk b k 1 C C d1 /b C d0 and

h D .em b m 1 C C e1/b C e0. By the uniqueness of quotient and remainder
in the Division Algorithm, we have
dk b k 1
C C d1 D e m b m 1
C C e1 and d0 D e 0 :
The inductive hypothesis gives k D m and di D ei for all i > 0.
Definition. If h D dk b k C dk 1 b k 1 C C d0 , where 0 di < b for all i ,

then the numbers dk ; : : : ; d0 are called the b-adic digits of h. Example 4.12 shows that
the 7-adic digits of 12345
are 50664.
That every positive integer h has a unique expression in base 2 says that
there is exactly one way to write h as a sum of distinct powers of 2 (for the
only binary digits are 0 and 1).
Example 4.14. Let’s calculate the 13-adic digits of 441. The only complica-
tion here is that we need 13 digits d (for 0 d < 13), and so we augment 0
through 9 with three new symbols
t D 10; e D 11; and w D 12:

Now
441 D 33 13 C 12
33 D 2 13 C 7
2 D 0 13 C 2:
So, 441 D 2 132 C 7 13 C 12, and the 13-adic expansion for 441 is
27w:
Note that the expansion for 33 is just 27. N
i i
“book2” — 2013/5/24 — 8:18 — page 140 — #160
i i
The most popular bases are b D 10 (giving everyday decimal digits), b D 2

(giving binary digits, useful because a computer can interpret 1 as “on” and 0
as “off”), and b D 16 (hexadecimal, also for computers). The Babylonians
preferred base 60 (giving sexagesimal digits).
k
Fermat’s Theorem enables us to compute np mod p for every prime p
k
and exponent p k ; it says that np n mod p. We now generalize this result
to compute nh mod p for any exponent h.
Lemma 4.15. Let p be a prime and let n be a positive integer. If h 0, then

nh n†.h/ mod p;
This lemma generalizes where †.h/ is the sum of the p-adic digits of h.
Fermat’s Theorem, for if
h D pk , then †.h/ D 1; Proof. Let h D dk p k C C d1 p C d0 be the expression of h in base p.
see Exercise 4.10 on i i i
page 141. By Fermat’s Theorem, np n mod p for all i ; thus, ndi p D .ndi /p
ndi mod p. Therefore,
k CCd pCd
nh D ndk p 1 0
k k 1
D ndk p ndk 1 p nd1 p nd0

k d
k 1 dk 1 d
D np k np np 1 nd0
ndk ndk 1 nd1 nd0 mod p
ndk CCd1 Cd0 mod p
n†.h/ mod p:
Example 4.16. What is the remainder after dividing 312345 by 7? By Exam-

ple 4.12, the 7-adic digits of 12345 are 50664. Therefore, 312345 321 mod 7
(because 5 C 0 C 6 C 6 C 4 D 21). The 7-adic digits of 21 are 30 (because
21 D 3 7+0), and so 321 33 mod 7 (because 2 + 1 = 3). We conclude that
312345 33 D 27 6 mod 7. N
Exercises
4.1 Show that if integers a and b are congruent mod m to the same thing, say r, then
they are congruent to each other.
4.2 We saw in Exercise 1.41 on page 29 that an integer b and its negative b can have
different remainders, say r and s, after dividing by some nonzero a. Prove that
s r mod a.
4.3 Show that if a b mod n and m j n, then a b mod m.
4.4 A googol is 10100; that is, 1 followed by 100 zeros. Compute the remainder mod 7
of a googol.
4.5 *
(i) If m 2, show that every integer a is
(ii) congruent mod m to exactly one integer on the list
1; 2; : : : ; m:
(iii) Generalize Corollary 4.4 by showing that if m 2, every integer a is congru-
ent mod m to exactly one integer on any list of m consecutive integers.
i i
“book2” — 2013/5/24 — 8:18 — page 141 — #161
i i
4.1 Congruence 141
4.6 (i) Show that every nonnegative integer is congruent mod 6 to the sum of its
7-adic digits.
(ii) Show that every nonnegative integer is congruent mod 3 to the sum of its
7-adic digits.
(iii) Suppose b and n are nonnegative integers. If n j .b 1/, show that every
integer is congruent mod n to the sum of its b-adic digits.
4.7 (i) Show that every nonnegative integer is congruent mod 11 to the alternating
sum of its decimal digits.
(ii) Show that every nonnegative integer is congruent mod b C 1 to the alternating
sum of its b-adic digits.
P
4.8 Let a nonnegative integer n have decimal expansion n D kiD0 di 10i . Define
t .n/ D n 10d0 4d0 .
(i) Show that n is divisible by 41 if and only if t .n/ is.
(ii) Is n t .n/ mod 41 for all nonnegative n?
You will have to invent
4.9 Find the b-adic digits of 1000 for b D 2; 3; 4; 5; and 20. symbols for some 20-adic
digits.
4.10 (i) Find the 11-adic digits of 115 .
(ii) What is the b-adic expansion for b k (k a nonnegative integer)?
4.11 Let a be a positive integer, and let a0 be obtained from a by rearranging its (dec-
imal) digits (e.g., a D 12345 and a0 D 52314). Prove that a a0 is a multiple
of 9.
4.12 Prove that there are no positive integers a; b; c with
a2 C b 2 C c 2 D 999:
4.13 Prove that there is no perfect square whose last two decimal digits are 35.
4.14 Using Fermat’s Theorem 4.9, prove that if ap Cb p D c p , then a Cb c mod p.
Linear congruences
We are now going to solve linear congruences; that is, we’ll find all the inte-
gers x, if any, satisfying
ax b mod m:
Later, we will consider several linear congruences in one unknown with dis-
tinct moduli (see Theorems 4.21, 4.25, and 4.27). And we’ll even consider two
linear congruences in more than one unknown (see Theorem 4.44).
Theorem 4.17. If gcd.a; m/ D 1, then, for every integer b, the congruence
ax b mod m
can be solved for xI in fact, x D sb, where as C mt D 1. Moreover, any two

solutions are congruent mod m.
Proof. Since gcd.a; m/ D 1, there are integers s and t with as C mt D 1;

that is, as 1 mod m. Multiplying both sides by b, Proposition 4.5(ii) gives
asb b mod m, so that x D sb is a solution. If y is another solution, then
ax ay mod m, and so m j a.x y/. Since gcd.m; a/ D 1, Corollary 1.22
gives m j .x y/; that is, x y mod m.
i i
“book2” — 2013/5/24 — 8:18 — page 142 — #162
i i
Corollary 4.18. If p is prime and p − a .i.e., p does not divide a/, then the
congruence ax b mod p is always solvable.
Proof. Since p is a prime, p − a implies gcd.a; p/ D 1.
Example 4.19. When gcd.a; m/ D 1, Theorem 4.17 says that the set of solu-
tions of ax b mod m is
fsb C km W where k 2 Z and sa 1 mod mg:
Now sa C tm D 1 for some integer t, so that s can always be found by

Euclidean Algorithm II. When m is small and you are working by hand, it is
easier to find such an integer s by trying each of ra D 2a; 3a; : : : , .m 1/a in
turn, at each step checking whether ra 1 mod m.
For example, let’s find all the solutions to
2x 9 mod 13:
Considering each of the products 2 2; 3 2; 4 2; : : : mod 13 quickly leads

to 7 2 D 14 1 mod 13; that is, s D 7. By Theorem 4.17, x D 7 9 D 63
11 mod 13. Therefore,
x 11 mod 13;
and the solutions are : : : ; 15; 2; 11; 24; 37; : : : : N
Example 4.20. Find all the solutions to 51x 10 mod 94.

Since 94 is large, seeking an integer s with 51s 1 mod 94, as in Exam-
ple 4.19, is tedious. Euclidean Algorithm II gives 1 D 35 51 C 19 94,
and so s D 35. (The formulas in Exercise 1.67 on page 36 implement Eu-
clidean Algorithm II, and they can be programmed on a calculator to produce
the value of s. In fact, a CAS can solve specific congruences, but it can’t (yet)
solve them in general.) Therefore, the set of solutions consists of all integers x
with x 35 10 mod 94; that is, all numbers of the form 350 C 94k.
If you prefer s to be positive, just replace 35 by 59, for 59 35 mod 94.
The solutions are now written as all integers x with x 59 10 mod 94; that
is, numbers of the form 590 C 94k. N
There are problems solved in ancient Chinese manuscripts, arising from

studying calendars, that involve simultaneous congruences with relatively
prime moduli.
Theorem 4.21 (Chinese Remainder Theorem). If m and m0 are relatively

prime, then the two congruences
x b mod m
x b 0 mod m0
Theorem 4.27 will gener-
alize Theorem 4.21 to any have a common solution. Moreover, any two solutions are congruent mod
number of moduli. mm0 .
i i
“book2” — 2013/5/24 — 8:18 — page 143 — #163
i i
4.1 Congruence 143
Proof. Every solution of the first congruence has the form x D b C km for
some integer k; hence, we must find k such that b C km b 0 mod m0 ; that is,
km b 0 b mod m0 . Since gcd.m; m0 / D 1, however, Theorem 4.17 applies
at once to show that such an integer k does exist.
If y is another common solution, then both m and m0 divide x y; by
Exercise 1.58 on page 35, mm0 j .x y/, and so x y mod mm0 .
Example 4.22. Let’s find all the solutions to the simultaneous congruences
x 5 mod 8
x 11 mod 15:
Every solution to the first congruence has the form
x D 5 C 8k;
for some integer k. Substituting, x D 5 C 8k 11 mod 15, so that
8k 6 mod 15:
But 2 8 D 16 1 mod 15, so that multiplying by 2 gives
16k k 12 mod 15:
We conclude that x D 5C812 D 101 is a solution, and the Chinese Remainder
Theorem (which applies because 8 and 15 are relatively prime) says that every
solution has the form 101 C 120n for n 2 Z (because 120 D 8 15). N
Example 4.23. We solve the simultaneous congruences

x 6 mod 13
x 8 mod 20:
Now gcd.13; 20/ D 1, so that we can solve this system as in the proof of the
Chinese Remainder Theorem. The first congruence gives
x D 13k 6;
for k 2 Z, and substituting into the second congruence gives
13k 6 8 mod 20I
that is,
13k 14 mod 20:
Since 13 17 D 221 1 mod 20, multiplying by 17 gives k 17 14 mod 20, One finds 17 either by try-
that is, ing each number between
1 and 19 or by using the
k 18 mod 20: Euclidean Algorithm.
By the Chinese Remainder Theorem, all the simultaneous solutions x have the
form
x D 13k 6 .13 18/ 6 228 mod 260I
that is, the solutions are
: : : ; 32; 228; 488; : : : : N
i i
“book2” — 2013/5/24 — 8:18 — page 144 — #164
i i
Example 4.24 (A Mayan Calendar). A congruence arises whenever there is

cyclic behavior. For example, suppose we choose some particular Sunday as
time zero and enumerate all the days according to the time elapsed since then.
Every date now corresponds to some integer, which is negative if it occurred
Remember that 0 denotes before time zero. Given two dates t1 and t2 , we ask for the number x D t2 t1
Sunday, : : :, 6 denotes of days from one to the other. If, for example, t1 falls on a Thursday and t2
Saturday. falls on a Tuesday, then t1 4 mod 7 and t2 2 mod 7, and so x D t2 t1 D
2 5 mod 7. Thus, x D 7k C 5 for some k and, incidentally, x falls on a
Friday.
About 2500 years ago, the Maya of Central America and Mexico developed
three calendars (each having a different use). Their religious calendar, called
tzolkin, consisted of 20 “months,” each having 13 days (so that the tzolkin
“year” had 260 days). The months were
1. Imix 6. Cimi 11. Chuen 16. Cib

2. Ik 7. Manik 12. Eb 17. Caban
3. Akbal 8. Lamat 13. Ben 18. Etznab
4. Kan 9. Muluc 14. Ix 19. Cauac
5. Chicchan 10. Oc 15. Men 20. Ahau
Let us describe a tzolkin date by an ordered pair
Œm; d ;
where 1 m 20 and 1 d 13; thus, m denotes the month and d

denotes the day. Instead of enumerating as we do (so that Imix 1 is followed
by Imix 2, then Imix 3, and so forth), the Maya let both month and day cycle
simultaneously; that is, the days proceed as follows:
Imix 1, Ik 2, Akbal 3,. . . , Ben 13, Ix 1, Men 2,. . . ,

Cauac 6, Ahau 7, Imix 8, Ik 9,. . . .
We now ask how many days have elapsed between Oc 11 and Etznab 5.
More generally, let x be the number of days from tzolkin Œm; d to tzolkin
Œm0 ; d 0 . As we remarked at the beginning of this example, the cyclic behavior
of the days gives the congruence
x d0 d mod 13;
while the cyclic behavior of the months gives the congruence
x m0 m mod 20:
To answer the original question, Oc 11 corresponds to the ordered pair Œ10; 11
and Etznab 5 corresponds to Œ18; 5. Since 5 11 D 6 and 18 10 D 8, the
simultaneous congruences are
x 6 mod 13
x 8 mod 20:
In the previous example, we found the solutions:
x 228 mod 260:
i i
“book2” — 2013/5/24 — 8:18 — page 145 — #165
i i
4.1 Congruence 145
It is not clear whether Oc 11 precedes Etznab 5 in a given year (one must

look). If it does, then there are 228 days between them; otherwise, there are
260 228 D 32 days between them (the truth is 228). N
If we do not assume that the moduli m and m0 are relatively prime, then
there may be no solutions to a linear system. For example, if m D m0 > 1,
then uniqueness of the remainder in the Division Algorithm shows that there
is no solution to
x 0 mod m
x 1 mod m:
Theorem 4.25. Let d D gcd.m; m0 /. The system
x b mod m
x b 0 mod m0
has a solution if and only if b b 0 mod d . Exercise 4.19 on page 148

gives a condition guar-
Proof. If h b mod m and h b 0 mod m0 , then m j .h b/ and m0 j .h b 0 /. anteeing uniqueness of
solutions.
Since d is a common divisor of m and m0 , we have d j .h b/ and d j .h b 0 /.
Therefore, d j .b b 0 /, because .h b 0 / .h b/ D b b 0 , and so b
b 0 mod d .
Conversely, assume that b b 0 mod d , so that there is an integer k with
b 0 D b C kd . If m D dc and m0 D dc 0 , then gcd.c; c 0 / D 1, by Propo-
sition 1.23. Hence, there are integers s and t with 1 D sc C tc 0 . Define
h D b 0 sc C btc 0 . Now
h D b 0 sc C btc 0
D .b C kd /sc C btc 0
D b.sc C tc 0 / C kdsc
D b C ksm
b mod m:
A similar argument, replacing b by b 0 kd , shows that h b 0 mod m0 .
Example 4.26. Solve the linear system
x 1 mod 6
x 4 mod 15:
Here, b D 1 and b 0 D 4, while m D 6; m0 D 15, and d D 3; hence, c D 2

and c 0 D 5 (for 6 D 3 2 and 15 D 3 5). Now s D 3, and t D 1 (for
1 D 3 1 C . 1/ 4). Theorem 4.25 applies, for 1 4 mod 3. Define
h D 4 3 2 C 1 . 1/ 5 D 19:
We check that 19 1 mod 6 and 19 4 mod 15. Since lcm.6; 15/ D 30, the
solutions are : : : ; 41; 11; 19; 49; 79; : : :. N
We are now going to generalize the Chinese Remainder Theorem for any
number of linear congruences whose moduli are pairwise relatively prime. We
i i
“book2” — 2013/5/24 — 8:18 — page 146 — #166
i i
shall see in Chapter 6 that this new version, whose solutions are given more
explicitly, can be used to reveal a connection with Lagrange Interpolation, a
method for finding a polynomial that agrees with a finite set of data.
Consider the following problem, adapted from Qin Jiushao, Nine Chapters
on the Mathematical Art, 1247 CE.
Three farmers equally divide the rice that they have grown. One goes to
a market where an 83-pound weight is used, another to a market that
uses a 112-pound weight, and the third to a market using a 135-pound
weight. Each farmer sells as many full measures as possible, and when
the three return home, the first has 32 pounds of rice left, the second 70
pounds, and the third 30 pounds. Find the total amount of rice they took
to market.
We can model the situation in the problem with three congruences:

x 32 mod 83
x 70 mod 112 (4.1)
x 30 mod 135:
Now, you could solve this system using the same method we used in Exam-
ple 4.22: just write out each congruence in terms of its corresponding divisi-
bility tests, and work from there.
There’s another technique for solving Eqs. (4.1) that works in more general
settings. The idea is to “localize” a solution x, where “localize” means consid-
ering only one modulus at a time, ignoring the other two; that is, making the
other two congruent to zero. Suppose we can find integers u; v; w such that
u 32 mod 83 v 0 mod 83 w 0 mod 83
u 0 mod 112 v 70 mod 112 w 0 mod 112
u 0 mod 135 v 0 mod 135 w 30 mod 135:
Now take x to be u C v C w. Thanks to Proposition 4.5, we can find the
remainder when u C v C w is divided by 83 by first finding the remainders
when each of u, v, and w is divided by 83, and then adding the answers:
x D u C v C w 32 C 0 C 0 mod 83:
Similarly, x 70 mod 112 and x 30 mod 135.
So, how do we find such u, v, and w? Let’s look at what we want u to do:
u 32 mod 83
u 0 mod 112
u 0 mod 135:
It’s easy to make u congruent to 0 mod 112 and 0 mod 135: just let it be a
multiple of 112 135 D 15120. So, we want u to look like
u D k 112 135 D 15120k
for some integer k. And we choose k to meet the local condition that u wants
to be 32 modulo 83:
15120k 14k 32 mod 83 (4.2)
i i
“book2” — 2013/5/24 — 8:18 — page 147 — #167
i i
4.1 Congruence 147
Now comes the important step: since 112 and 135 are relatively prime to 83,
so is their product (Exercise 1.56 on page 35). Hence, 14 (which is the same as
112135 modulo 83) is also relatively prime to 83, and so Theorem 4.17 implies
that we can solve Eq. (4.2) for k. There is an integer s with 14s 1 mod 83,
and multiplying both sides of 14k 32 mod 83 by s gives
k D 32s mod 83:
There are several methods for finding s (since 83 is not so small, the Euclidean
Algorithm is probably the most efficient); in fact, s D 6, and so k satisfies
6 32 D 192 26 mod 83:
Hence,
u D 26 112 135 D 393120:
To get a feel for this method, it’s a good idea to go through it twice more,
finding v and w. In fact, that’s Exercise 4.22 on page 149.
The method just developed generalizes to a proof of the extended Chinese
Remainder Theorem. Let’s first introduce some notation.
Notation. Given numbers m1 ; m2 ; : : : ; mr , define
bi mr D m1 mi
Mi D m1 m2 m 1 mi C1 mr I
that is, Mi is the product of all mj other than mi .
Theorem 4.27 (Chinese Remainder Theorem Redux). If m1 ; m2 ; : : : ; mr

are pairwise relatively prime integers, then the simultaneous congruences
x b1 mod m1
x b2 mod m2
:: ::
: :
x br mod mr
have an explicit solution, namely
x D b1 .s1 M1 / C b2 .s2 M2 / C C br .sr Mr / ;

where
bi mr
Mi D m1 m2 m and si Mi 1 mod mi for 1 i r:
Furthermore, any solution to this system is congruent to x mod m1 m2 mr .
Proof. Use our discussion on the previous page as a model for the proof.
That the specified x works is a consequence of Proposition 4.5. That all solu-
tions are congruent modm1 m2 : : : mr is a consequence of Exercise 1.58 on
page 35.
i i
“book2” — 2013/5/24 — 8:18 — page 148 — #168
i i
Exercises
4.15 * Complete the proof of Theorem 4.27.
4.16 (i) Solve
x 5 mod 7
x 2 mod 11:
(ii) In the year 2000, the remainder after dividing my age by 3 was 2, and the
remainder after dividing by 8 was 3. If I was a child when people first walked
on the Moon, how old was I in 2000?
(iii) Solve
x 7 5 mod 7
x 11 2 mod 11:
4.17 (i) Find a solution v to
v 3 mod 17
v 0 mod 11:
Answer: v 88 mod 187.

(ii) Find a solution w to
w 0 mod 17
w 9 mod 11:
Answer: w 119 mod 187.
(iii) Using your v and w from (i) and (ii), show that v C w is a solution to the
system
x 3 mod 17
x 9 mod 11:
4.18 Solve
x 32 .mod 83/
x 70 .mod 112/
x 30 .mod 135/:
4.19 * Theorem 4.25 says that if d D gcd.m; m0 /, then the system
x b mod m
x b 0 mod m0
has a solution if and only if b b 0 mod d . Prove that any two solutions are
congruent mod `, where ` D lcm.m; m0 /.
4.20 How many days are there between Akbal 13 and Muluc 8 in the Mayan tzolkin
calendar?
4.21 On a desert island, five men and a monkey gather coconuts all day, then sleep. The
first man awakens and decides to take his share. He divides the coconuts into five
equal shares, with one coconut left over. He gives the extra one to the monkey,
hides his share, and goes to sleep. Later, the second man awakens and takes his
fifth from the remaining pile; he, too, finds one extra and gives it to the monkey.
Each of the remaining three men does likewise in turn. Find the minimum number
of coconuts originally present.
Hint: Try 4 coconuts.
i i
“book2” — 2013/5/24 — 8:18 — page 149 — #169
i i
4.2 Public Key Codes 149
4.22 * Finish the calculations solving Qin Jiushao’s problem on page 146 by first find-
ing s and t , and then finding the smallest positive solution.
4.23 A band of 17 pirates stole a sack of gold coins. When the coins were divided
equally, there were three left over. So, one pirate was made to walk the plank.
Again the sack was divided equally; this time there were 10 gold coins left over.
So, another unlucky member of the crew took a walk. Now, the gold coins could
be distributed evenly with none left over. How many gold coins were in the sack?
4.24 .Bhaskara I; ca: 650 C . E ./: If eggs in a basket are taken out 2, 3, 4, 5, and 6 at a
time, there are 1, 2, 3, 4, and 5 eggs left over, respectively. If they are taken out 7
at a time, there are no eggs left over. What is the least number of eggs that can be
in the basket?
4.2 Public Key Codes

A thief who knows your name and credit card number can use this information
to steal your money. So why isn’t it risky to buy something online, and pay
for it by sending your credit card data? After all, thieves can read the message
you are sending. Here’s why: the online company’s software encodes your
information before it is transmitted; the company can decode it, but the thieves
cannot. And the reason the thieves cannot decode your message is that codes
are constructed in a clever way using number theory.
It is no problem to convert a message in English into a number. Make a list
of the 52 English letters (lower case and upper case) together with a space and
the 11 punctuation marks
. , ; : ! ? - ’ " ( )
In all, there are 64 symbols. Assign a two-digit number to each symbol. For
example,
a 7! 01; : : : ; z 7! 26; A 7! 27; : : : ; Z 7! 52

space 7! 53; : 7! 54; ; 7! 55; : : : ; . 7! 63; / 7! 64
(we could add more symbols if we wished: say, $, +, , =, !, 0, 1, . . . , 9). A

cipher is a code in which distinct letters in the original message are replaced by
distinct symbols. It is not difficult to decode a cipher; indeed, many newspapers
print daily cryptograms to entertain their readers. In the cipher we have just
described, “I love you!” is encoded
I love you! D 3553121522055325152158
Notice that any message coded in this cipher has an even number of digits, and
so decoding, converting the number into English, is a simple matter. Thus,
.35/.53/.12/.15/.22/.05/.53/.25/.15/.21/.58/ D I love you!
What makes a good code? If a message is a natural number x (and this is no

loss in generality, as we have just seen), we need a way to encode x (in a fairly
routine way so as to avoid introducing any errors into the coded message),
and we need a (fairly routine) method for the recipient to decode the message.
Of utmost importance is security: an unauthorized reader of a coded message
i i
“book2” — 2013/5/24 — 8:18 — page 150 — #170
i i
should not be able to decode it. An ingenious way to find a code with these
properties, now called an RSA code, was found in 1978 by Rivest, Shamir,
and Adleman; they received the 2002 Turing Award for their discovery.
The following terms describe two basic ingredients of RSA codes.
Definition. A public key is an ordered pair .N; e/, where N D pq is a product

Why these conditions of distinct primes p and q, and e is a positive integer with gcd.e; p 1/ D 1
on e? Read on. and gcd.e; q 1/ D 1.
The numbers N and e are public—they are published on the web—but the
primes p and q are kept secret. In practice, the primes p and q are very large.
If x is a message, encoded by assigning natural numbers to its letters as
discussed above, then the encoded message sent is
x e mod N:
Definition. Given a public key .N; e/, a private key is a number d such that
x ed x mod N for all x 2 Z:
A private key essentially decodes the sent message, for

x ed D .x e /d x mod N:
Only the intended recipients know the private key d . To find d , we’ll see
that you need to factor N , and that’s very hard. Indeed, the modulus N being
a product of two very big primes—each having hundreds of digits—is what
makes factoring N so difficult. Since breaking the code requires knowing p
and q, this is the reason RSA codes are secure. Now for the details.
Ease of Encoding and Decoding

Given a public key .N; e/ and a private key d , we encode x as x e , and we
send the congruence class x e mod N . A recipient who knows the number d
can decode this, because
.x e /d D x ed x mod N:
There is a minor problem here, for decoding isn’t yet complete: we know the
congruence class of the original message x but not x itself; that is, we know
x C kN for some k 2 Z but not x. There is a routine way used to get around
this; one encodes long blocks of text, not just letters (see [18], pp. 88–91).
Given any positive integer m, an efficient computation of x m mod N is
based on the fact that computing x 2 mod N is an easy task for a computer.
i
Since computing x 2 is just computing i squares, this, too, is an easy task.
Now write the exponent m in base 2:
m D 2i C 2j C C 2z :
Note that x 4 D .x 2/2 , Computing 2m is the same as multiplying several squares:
x 8 D .x 4/2 D ..x 2/2 /2 , i C2j CC2z i j z
etc. xm D x2 D x2 x2 x2 :
In particular, after writing e in base 2, computers can easily encode a message
x mod N as x e mod N and, after writing ed in base 2, they can easily decode
x ed mod N . Since x ed x mod N , this congruence essentially recaptures x.
i i
“book2” — 2013/5/24 — 8:18 — page 151 — #171
i i
Finding a Private Key

Let .N; e/ be a public key, where N D pq. We want to find a private key; that
is, a number d so that x ed x mod N for all x 2 Z. More generally, let’s
find conditions on any integer m so that x m x mod pq. By Corollary 4.10,
we have x m x mod p if m 1 mod .p 1/; similarly, x m x mod q if
m 1 mod .q 1/. Now if m satisfies both congruence conditions, then
p j .x m x/ and q j .x m x/:
As p and q are distinct primes, they are relatively prime, and so pq j .x m x/,
by Exercise 2.20 on page 33. Hence, x m x mod pq for all x; that is,
x m x mod N for all x 2 Z.
Return now to the special case m D ed ; can we find a private key d so that
ed 1 mod .p 1/ and ed 1 mod .q 1/? By hypothesis, gcd.e; p 1/ D
1 D gcd.e; q 1/; by Exercise 1.56 on page 35, gcd e; .p 1/.q 1/ D 1.
We can now find d with Proposition 4.17, which shows how to construct an
integer d such that
ed 1 mod .p 1/.q 1/:
We have constructed an RSA code.
Example 4.28. Let’s create a public key and a private key using p D 11 and
q D 13. (This is just for the sake of illustration; in practice, both p and q need
to be extremely large primes.)
The modulus is N D pq D 11 13 D 143, and so p 1 D 10 and
q 1 D 12. Let’s choose e D 7 (note that gcd.7; 10 12/ D 1). Hence the
public key is
.N; e/ D .143; 7/:
If x is a message in cipher (i.e., a natural number), then the encoded message is
the congruence class x 7 mod 143. To find the private key, we need a number d
so that 7d 1 mod 120. Using Euclidean Algorithm II or a CAS, we find a
private key
d D 103;
for 7 103 D 721 D 6 120 C 1.
Let’s encode and decode the word “dog”: d D 4; o D 15; g D 7. Thus,
the cipher for dog is 041507. In the real world, the encoding is .41507/7, and
the message sent out is the congruence class .41507/7 mod 143. Decoding
involves computing .41507/721 mod 143. As we said earlier, decoding is not
finished by finding this congruence class; the numbers in this class are of the
form .41507/721 C 143k, and only one of these must be determined. As we
said above, the method used in actual RSA transmissions encodes blocks of
letters to get around this ambiguity. For this example, however, we’ll use a
simpler method—we’ll send each letter separately, so that “dog” is sent as as
three codes
047; 157 ; 077 :

This eliminates the ambiguity of recovering a congruence class rather than
an integer, because the each letter will correspond to a (unique) integer less
than 143.
i i
“book2” — 2013/5/24 — 8:18 — page 152 — #172
i i
The encoding is calculated like this:
d: 47 82 mod 143
o: 157 115 mod 143
g: 77 6 mod 143:
To decode these messages, apply the private key:
82103 4 mod 143

115103 15 mod 143
6103 7 mod 143:
We get 4 $ d, 15 $ o, and 7 $ g: “dog,” which was the original message. N
How to Think About It. A CAS can easily tell you that 82103 4 mod
143, but it’s interesting to see how the theorems developed in this chapter can
allow you to do the computation by hand. Start with the fact that the reduction
of 82103 mod 143 is equivalent to two calculations, since 143 is 11 13:
82103 mod 11
82103 mod 13:
The computations of the remainders when 82103 is divided by a prime are

made easy via Fermat’s Little Theorem and the “reduce as you go” idea:
82103 5103 mod 11 (because 82 5 mod 11/

82103 4103 mod 13 (because 82 4 mod 13).
Now work on the exponents:

10 3
5103 D 51010C3 D 510 5 53 mod 11 (Little Fermat)
D 125 mod 11 4 mod 11
and
10
4103 D 4128C7 D 412 47 47 mod 13 (Little Fermat)
D 43 4.43 / D 64 4.64/ . 1/ 4. 1/ mod 13 4 mod 13:
Constructing Secure RSA Codes

Let’s construct a specific type of public key. Choose distinct primes p
2 mod 3 and q 2 mod 3. Now p 1 1 mod 3, so that gcd.3; p 1/ D 1,
and q 1 1 mod 3, so that gcd.3; q 1/ D 1. Therefore, .N; 3/ is a public
key, where N D pq. The reason that these RSA codes are so secure is that the
factorization of a product N D pq of two very large primes is very difficult.
Thieves may know the transmitted message x 3 mod N , and they may even
know N , but without knowing the factorization of N D pq, they don’t know
p 1 and q 1, hence, they don’t know d (for 3d 1 mod .p 1/.q 1/),
and they can’t decode. Indeed, if both p and q have about 200 digits (and,
for technical reasons, they are not too close together), then the fastest existing
i i
“book2” — 2013/5/24 — 8:18 — page 153 — #173
i i
computers need two or three months to factor N . A theorem of Dirichlet ([5],

p. 339) says that if gcd.a; b/ D 1, then the arithmetic progression a C bn,
where n 0, contains infinitely many primes. In particular, there are infinitely
many primes of the form 2 C 3n; that is, there are infinitely many primes p
with p 2 mod 3. Hence, we may choose a different pair of primes p and q
every month, say, thereby stymying the crooks.
RSA codes have been refined and made even more secure over the years.
Some of these refinements make use of elliptic curves, which we’ll touch on in
Chapter 9. The book In Code [13] is a readable account of how a high school
student contributed to other refinements.
Exercises
4.25 For this exercise, use the primes p D 5 and q D 17 to create public and private
keys.
(i) What will be the modulus N for the public key?
(ii) The exponent e for the public key must have no common factors with p 1
and q 1. List the five smallest numbers relatively prime to .p 1/.q 1/.
(iii) There are many possibilities for e; for now, use e D 3. To encode letters (a The public key reveals
computer would do blocks of letters), use the rule x 7! x 3 mod 85. e D 3 and N D pq, but
p and q are not revealed.
(iv) Encode the phrase “cell phones” using this method.
(Why not?)
(v) The private key d satisfies
ed 1 mod .p 1/.q 1/:
Find d , decode your message using the private key, and verify that it is, in-
deed, what was sent.
4.26 The following message was encoded using the public key .85; 3/:
01 42 59 10 49 27 56I
decode this message. It answers the question, “What do you call a boomerang that
doesn’t come back when you throw it?”
4.27 Decode the following message encoded using the public key .91; 5/:
04 31 38 38 23 71 14 31:
4.28 Let m and r be nonnegative integers, and p be a prime. If m r mod .p 1/,
show that x m x r for all integers x.
4.29 Take It Further. (Electronic Signatures) Consider this scenario: Elvis receives
an email, encoded with his public key, from his abstract algebra instructor Mr. Jag-
ger, which says that algebra is a waste of time and Elvis should spend all his time
watching TV. Elvis suspects that the message didn’t really come from Mr. J., but
how can he be sure?
Suppose both Elvis and Mr. Jagger have private keys, and each knows the
other’s public keys. They can communicate in total privacy, with no one able to
read their messages. Here’s how: if Elvis wants to send a message to Mr. J., he
follows these steps:
Write the message to get x1 .
Encode the message with his private key to get x2 .
Encode x2 with Mr. J.’s public key to get x3 .
Send x3 .
i i
“book2” — 2013/5/24 — 8:18 — page 154 — #174
i i
When Mr. J. receives the message, he can follow a procedure to get the original
message back.
(i) What is the procedure?
(ii) Explain why no one besides Mr. Jagger could read the message from Elvis.
4.30 Take It Further. Elvis is home sick with the flu. He decides to send a message
These public keys are not to Mr. Jagger, using the method from Exercise 4.29. Suppose Elvis’s public key
realistic. In reality, public is .253; 7/ and Mr. J.’s public key is .203; 5/. Elvis sends the message
keys use much larger
FIDO ATE MY HOMEWORK.
primes.
What is the encoded message that Mr. J. receives? Show how Elvis encodes it and
how Mr. J. decodes it.
4.3 Commutative Rings

We begin this section by showing, for an integer m 2, that we can add and
multiply the remainders 0; 1; : : : ; m 1 in such a way that the new operations
behave very much like ordinary addition and multiplication in Z. Once this is
done, we will be able to revisit congruences and understand what “makes them
tick.”
It is shown in Appendix A.2 that if is an equivalence relation on a set X,
then the equivalence class of an element a 2 X is
Œa D fx 2 X W x ag:
Now Proposition 4.3 says that congruence mod m is an equivalence relation

on Z; the equivalence class of an integer a is called its congruence class
mod m.
The congruence class Definition. The congruence class mod m of an integer a is

Œa does depend on m,
but it is standard practice Œa Dfk 2 Z W k a mod mg
not to make m part of
the notation. In fact, we’ll Df: : : ; a 2m; a m; a; a C m; a C 2m; : : :g:
eventually write a instead
of Œa. The integers mod m is the set of all congruences classes:
Zm D fŒ0; Œ1; : : : ; Œm 1g:
Corollary 4.4 says that the list Œ0; Œ1; : : : ; Œm 1 is complete; that is, there
are no other congruence classes mod m.
For example, Z2 , the integers mod 2, is the set fŒ0; Œ1g; we may think of
Œ0 as even (for Œ0 D fa 2 Z W a 0 mod 2g is the set of all even integers)
and Œ1 as odd (for Œ1 is the set of all odds).
Here is the “theological reason” for introducing congruence classes. We
could continue to deal with integers and congruence; this is, after all, what
Gauss did. We saw in Proposition 4.5 that + and are compatible with con-
gruence: if a b mod m and a0 b 0 mod m, then a C b a0 C b 0 mod m
and ab a0 b 0 mod m. But wouldn’t life be simpler if we could replace by
=; that is, if we could replace congruence by equality? We state the following
special case of Lemma A.16 in Appendix A.2 explicitly:
a b mod m if and only if Œa D Œb in Zm :
i i
“book2” — 2013/5/24 — 8:18 — page 155 — #175
i i
4.3 Commutative Rings 155
We often say “odd + odd = even,” which does replace by = at the cost of
replacing integers by their congruence classes. Thus, we should define addition
of these congruence classes so that Œ1 C Œ1 D Œ0.
Addition and multiplication of evens and odds leads to the following tables.
C even odd even odd

even even odd even even even
odd odd even odd even odd
Rewrite these tables using congruence classes mod 2.
C Œ0 Œ1 Œ0 Œ1

Œ0 Œ0 Œ1 Œ0 Œ0 Œ0
Œ1 Œ1 Œ0 Œ1 Œ0 Œ1
We saw above that Œ1 C Œ1 D Œ0 says that “odd C odd D even;” note that
Œ1 Œ1 D Œ1 says “odd odd D odd.” The table above on the left de- A binary operation on a set
fines addition ˛W Z2 Z2 ! Z2 ; the table on the right defines multiplication R is a function R R ! R
(in particular, R is closed
W Z2 Z2 ! Z2 . As usual, we view congruence as generalizing parity, and
under f : if a and b are in
we now extend the definitions to give addition and multiplication of congru- R, then f .a; b/ is in R).
ence classes mod m for all m 2. Can you prove associativity
of the binary operations ˛
Definition. If m 2, addition and multiplication Zm Zm ! Zm are defined and when R D Z2 ?
by
Œr C Œs D Œr C s and Œr Œs D Œr s:
The definitions are simple and natural.However, we are adding and multi-
plying congruence classes, not remainders. After all, remainders are integers
between 0 and m 1, but the sum and product of remainders can exceed m 1,
and hence are not remainders.
Lemma 4.29. Addition and multiplication Zm Zm ! Zm are well-defined

functions.
Proof. To see that addition is well-defined, we must show that if Œr D Œr 0

and Œs D Œs 0 , then Œr C s D Œr 0 C s 0 . But this is precisely what was
proved in Proposition 4.5. A similar argument shows that multiplication is
well-defined.
Binary operations f W R R ! R, being functions, are single-valued. This

is usually called the Law of Substitution in this context: If .r; s/ D .r 0 ; s 0 /,
then f .r; s/ D f .r 0 ; s 0 /. In particular, if f W Zm Zm ! Zm is addition or
multiplication, then Œr D Œr 0 and Œs D Œs 0 imply Œr C Œs D Œr 0 C Œs 0 and
Œr Œs D Œr 0 Œs 0 .
We are now going to show that these binary operations on Zm enjoy eight
of the nine fundamental properties of ordinary arithmetic on page 37. We have
already seen several number systems in which addition and multiplication sat-
isfy these familiar properties, so let’s make these properties into a definition.
i i
“book2” — 2013/5/24 — 8:18 — page 156 — #176
i i
Definition. A commutative ring is a nonempty set R having two binary oper-

ations: addition R R ! R, denoted by .r; s/ 7! r C s, and multiplication
R R ! R, denoted by .r; s/ 7! r s, which satisfy the following axioms for
all a; b; c 2 R:
(i) a C b D b C a;
(ii) there is 0 2 R with a C 0 D a for all a 2 R;
Negatives are often called (iii) for each a 2 R, there is a 2 R, called its negative, such that
additive inverses. a C a D 0;
(iv) .Associativity of Addition/ a C .b C c/ D .a C b/ C cI
(v) .Commutativity of Multiplication/ ab D baI
(vi) there is 1 2 R, called its identity, with 1 a D a for all a 2 RI
(vii) .Associativity of Multiplication/ a.bc/ D .ab/cI
(viii) .Distributivity/ a.b C c/ D ab C ac:
How to Think About It. There are more general (non-commutative) rings
in which (v), commutativity of multiplication, is not assumed, while (vi) is
modified to say that 1 a D a D a 1 and (viii) is modified to say a.b C c/ D
ab C ac and .b C c/a D ba C bc. A good example is the ring of all 2 2
matrices with entries in R, with identity element 10 01 , and binary operations
ordinary matrix addition and multiplication:
" # " # " #
a b a0 b 0 a C a0 b C b 0
C 0 D
c d c d0 c C c0 d C d 0
and
" #" # " #
a b a0 b0 aa0 C bc 0 ab 0 C bd 0
D :
c d c0 d 0
ca0 C dc 0 cb 0 C dd 0
Since all rings in this book are commutative, we will often abuse language and
abbreviate “commutative ring” to “ring.”
The ninth fundamental property of real numbers is: If a ¤ 0, there is a real

number a 1 , called its (multiplicative) inverse, such that a a 1 D 1. We will
soon consider commutative rings, called fields, which enjoy this property as
well.
How to Think About It. The notion of commutative ring wasn’t conceived
in a vacuum. Mathematicians noticed that several useful systems shared the
basic algebraic properties listed in the definition. Definitions usually emerge
in this way, distilling common features of different interesting examples.
Precise definitions are valuable; we couldn’t prove anything without them.
For example, political discourse is often vapid because terms are not defined:
what is a liberal; what is a conservative? A mathematician who asserts that
there are infinitely many primes can be believed. But can you believe a politi-
cian who says his opponent is a fool because he’s a liberal (or she’s a conser-
vative)?
i i
“book2” — 2013/5/24 — 8:18 — page 157 — #177
i i
Example 4.30. (i) Z, Q, and R are commutative rings. The ninth funda-
mental property, reciprocals, does not hold in Z; for example, 2 1 D 21
does not lie in Z.
(ii) Propositions 3.8 and 3.9 show that C is a commutative ring, while Propo-
sition 3.11 shows that every nonzero complex number has an inverse.
(iii) The set of even integers does not form a commutative ring, for it has no
identity.
(iv) The Gaussian integers ZŒi form a commutative ring (see Exercise 4.64
on page 168).
(v) The Eisenstein integers ZŒ!, where ! is a primitive cube root of unity,
form a commutative ring (see Exercise 4.64).
(vi) More generally, the cyclotomic integers ZŒ, where is any primitive
root of unity, form a commutative ring (see Exercise 4.65 on page 168).
(vii) The next theorem shows that Zm is a commutative ring for every integer
m 2.
(viii) We’ll see, in the next chapter, that all polynomials whose coefficients lie
in a commutative ring (e.g., all polynomials with coefficients in Z) is
itself a commutative ring with the usual addition and multiplication. N
Example 4.31. (i) If R is a commutative ring and S is a set, let RS be the

set of all functions S ! R. Define uW S ! R to be the constant function
with value 1, where 1 is the identity element of R: that is, u.s/ D 1 for
all s 2 S . Define the sum and product of f; g 2 RS , for all s 2 S , by
f C gW s 7! f .s/ C g.s/
and
fgW s 7! f .s/g.s/I
these operations are called pointwise addition and pointwise multipli-
cation. We leave the straightforward checking that RS is a commuta-
tive ring as Exercise 4.34. An important special case of this example is If R D R, then Fun.R/ D
Fun.R/ D RR , the ring of all functions from a commutative ring R to RR arises in calculus.
After all, what are the
itself.
functions x C cos x and
(ii) If X D Œa; b is an interval on the line, then x cos x?
C.X/ D ff W X ! R W f is continuousg
is a commutative ring under pointwise operations. If both f; g 2 C.X/
are continuous, then it is shown in calculus that both f C g and fg are
also continuous. The constant function e with e.t/ D 1 for all t 2 X is
continuous; we let the reader prove that the other axioms in the definition
of commutative ring hold. N
Etymology. The word ring was probably coined by Hilbert in 1897 when
he wrote Zahlring. One of the meanings of the word ring, in German as in
English, is “collection,” as in the phrase “a ring of thieves.” It has also been
suggested that Hilbert used this term because, for a commutative ring such as
the Gaussian integers ZŒi , powers of some elements “cycle back” to being a
linear combination of smaller powers (for example, i; i 2; i 3 ; i 4 D 1, i 5 D i ).
i i
“book2” — 2013/5/24 — 8:18 — page 158 — #178
i i
Theorem 4.32. Zm is a commutative ring for every integer m 2.
Proof. The proof of each of the eight statements is routine; in essence, they
are inherited from the analogous statement in Z (the inheritance is made pos-
sible by Proposition 4.5). We prove only statements (i), (vii), and (viii) in the
definition of commutative ring; the other proofs are left to Exercise 4.31 below.
(i) Œa C Œb D Œa C b D Œb C a D Œb C Œa.

Convince yourself that
each step in these proofs (vii) .Associativity of Multiplication/W
is legitimate by supplying a
reason. Œa ŒbŒc D ŒaŒbc D Œa.bc/ D Œ.ab/c D ŒabŒc D ŒaŒb Œc:
(viii) .Distributivity/W
Œa.Œb C Œc/ D ŒaŒb C c D Œa.b C c/
D Œab C ac D Œab C Œac
D ŒaŒb C ŒaŒc:
A commutative ring is an algebraic system we view as a generalization of

ordinary arithmetic. One remarkable feature of the integers mod m is that an
integer a is divisible by m if and only if Œa D Œ0 in Zm (for m j a if and only
if a 0 mod m); that is, we have converted a statement about divisibility into
an equation.
Exercises
4.31 * Prove the remaining parts of Theorem 4.32
4.32 Prove that every commutative ring R has a unique identity 1.
4.33 (i) Prove that subtraction in Z is not an associative operation.
(ii) Give an example of a commutative ring in which subtraction is associative.
4.34 * If R is a commutative ring and S is a set, verify that RS is a commutative ring
under pointwise operations. (See Example 4.31.)
4.35 * Define the weird integers W as the integers with the usual addition, but with
multiplication defined by
(
ab if a or b is odd
ab D
ab if both a and b are even:
Prove that W is a commutative ring.
Hint: It is clear that 1 is the identity and that * is commutative; only associativity
of * and distributivity must be checked.
4.36 For each integer a between 1 and 11, find all solutions to Œax D Œ9 in Z12 .
(There may be no solutions for some a.)
4.37 In Z8 , find all values of x so that .x 1/.x C 1/ D 0.
4.38 Solve the equation x 2 C 3x 3 D 0 in Z5 .
4.39 How many roots does the polynomial x 2 C 1 D 0 have in each of the following
commutative rings?
(i) Z5 (ii) Z7 (iii) Z11
(iv) Z101 (v) Z13
i i
“book2” — 2013/5/24 — 8:18 — page 159 — #179
i i
Properties of Commutative Rings

One advantage of precise definitions is that they are economical: proving a the-
orem for general commutative rings automatically proves it for each particular
commutative ring. For example, we need not prove that . 1/. 1/ D 1 holds
in the Gaussian integers ZŒi because we prove below that it holds in all com-
mutative rings. The nice thing here is that some general proofs can be copied
verbatim from those in Chapter 1. Alas, this is not always so. For example, the
generalization of the Chinese Remainder Theorem does hold in ZŒi , but its
proof requires more than merely copying, mutatis mutandis, its proof in Z.
Proposition 4.33. For every a in a commutative ring R, we have a 0 D 0.
Proof. Identical to the proof of Proposition 1.31.

Can 1 D 0 in a commutative ring R? The answer is “yes,” but not really. If
1 D 0 in R, then a D 1a D 0a D 0 for all a 2 R, by Proposition 4.33; that is,
R consists of only one element, namely, 0. So, 1 ¤ 0 in any commutative ring
having more than one element. Commutative rings with only one element are
called zero rings; they are not very interesting, although they do arise every
once in a while. For example, Theorem 4.32 says that Zm is a commutative
ring for every integer m 2. Actually, Zm is a commutative ring for m 0:
we have Z0 D Z, and Z1 the zero ring. Since zero rings arise rarely, we declare
that 1 ¤ 0 for all commutative rings in this book unless we say otherwise.
Proposition 4.34. For any a in a commutative ring R, we have

. a/. 1/ D a:
In particular,
. 1/. 1/ D 1:
Proof. Identical to the proof of Proposition 1.32.

Can an element a in a commutative ring R have more than one negative?
Proposition 4.35. Let R be a commutative ring. Negatives in R are uniqueI

that is, for each a 2 R, there is exactly one a0 2 R with a C a0 D 0.
Multiplicative inverses, when they exist, are uniqueI that is, for each b 2 R,
there is at most one b 0 2 R with bb 0 D 1.
Proof. Identical to the proof of Proposition 1.33. As usual, the negative of a is

denoted by a, and the inverse of b, when it exists, is denoted by b 1 .
Corollary 4.36. For every a in a commutative ring R, we have a D . 1/a.

Moreover, if an element b has an inverse, then .b 1 / 1 D b.
Proof. Identical to the proof of Corollary 1.34.

The distributive law for subtraction holds, where b c is defined as
b C . 1/c.
Corollary 4.37. If a; b; c lie in a commutative ring R, then a.b c/ D ab ac.
Proof. Identical to the proof of Corollary 1.35.
i i
“book2” — 2013/5/24 — 8:18 — page 160 — #180
i i
Definition. Let R be a commutative ring. If a 2 R, define its powers by

induction on n 0. Set a0 D 1 and, if n 0, then anC1 D aan .
We have defined a0 D 1 for all a 2 R; in particular, 00 D 1.

The notation an is a hybrid: a is an element of R while n is an integer. Here
is the additive version of this notation.
Definition. If R is a commutative ring and k > 0 is an integer, define ka D

a C C a, the sum of a with itself k times. If k D 0, define ka D 0a D 0,
where the 0 on the right is the zero element of R. If k < 0, then k D jkj > 0,
and we define ka D . k/. a/; that is, ka is the sum of a with itself jkj
times.
The hybrid ka can be viewed as the product of two elements in the com-
mutative ring R. If e D 1 (the identity element in R), then ke 2 R and
ka D .ke/a. For example, if k > 0, then
ka D a C a C C a D .e C e C C e/a D .ke/a:
We note that we could have defined ka, for k 0, by induction. Set 0a D 0

and, if k 0, then .k C 1/a D a C ka.
The Binomial Theorem holds in every commutative ring R. Since we have
defined ka whenever k is an integer and a 2 R, the notation jn a makes sense.
Theorem 4.38 (Binomial Theorem). Let R be a commutative ring.

(i) For all x 2 R and all integers n 0,
n
! n
X n X nŠ
n j
.1 C x/ D x D xj :
j j Š.n j /Š
j D0 j D0
(ii) For all a; b 2 R and all integers n 0,

! n
Xn
n n j j X nŠ
n
.a C b/ D a b D an j
bj :
j j Š.n j /Š
j D0 j D0
Proof. Identical to the proof of Theorem 2.25.
Units and Fields

Let’s return to the ninth fundamental property of ordinary arithmetic. A nonzero
element in a commutative ring may not have an inverse. For example, Œ2 ¤ Œ0
in Z4 , but there is no Œa 2 Z4 with Œ2Œa D Œ1: the products Œ2Œa are
Œ2Œ0 D Œ0; Œ2Œ1 D Œ2; Œ2Œ2 D Œ4 D Œ0; Œ2Œ3 D Œ6 D Œ2I
none of these is Œ1.

If m 2, which nonzero elements in Zm have multiplicative inverses?
Proposition 4.39. Let m 2. An element Œa 2 Zm has an inverse if and only

if gcd.a; m/ D 1.
i i
“book2” — 2013/5/24 — 8:18 — page 161 — #181
i i
Proof. Since gcd.a; m/ D 1, Theorem 4.17 says that there is an integer s so

that sa 1 mod m. Translating this congruence to Zm (using the definition of
multiplication in Zm ), we have
ŒsŒa D Œsa D Œ1I
thus, Œs is the inverse of Œa.

Conversely, if ŒsŒa D Œ1 in Zm , then Œsa D Œ1 and sa 1 mod m.
Therefore, m j .sa 1/, so that sa 1 D tm for some integer t, and
gcd.a; m/ D 1, by Proposition 1.23.
If a and m are relatively prime, then the coefficients s and t displaying 1 as

a linear combination are not unique (see Exercise 1.57 on page 35). However,
Proposition 4.35 shows that the congruence class of s mod m is unique: if
also 1 D s 0 a C t 0 m, then Œs 0 D Œs, for both equal Œa 1 in Zm ; that is,
s 0 s mod m, for inverses are unique when they exist.
Dividing by an element a 2 R means multiplying by a 1 . Thus, dividing
by zero requires an element 0 1 2 R with 0 1 0 D 1. But we saw, in
Proposition 4.33, that a 0 D 0 for all a 2 R; in particular, 0 1 0 D 0. It
follows that if 1 ¤ 0 in R; that is, if R has more than one element, then 0 1
does not exist; therefore, we cannot divide by 0.
How to Think About It. There is a strong analogy between the method for
solving linear equations in elementary algebra and the proof of Theorem 4.17.
When solving an equation like 3x D 4 in first-year algebra, you multiply both
sides by the number u with u3 D 1, namely, u D 13 :
3x D 4
1 1
3
.3x/ D 3
4
1
4
3
3 x D 3
4
xD 3
:
Now look at a congruence like 3x 4 mod 7 as an equation in Z7 ,
Œ3x D Œ4;
and go through the same steps as above, using the fact that Œ5 Œ3 D Œ1:
Œ3x D Œ4
Œ5.Œ3x/ D Œ5 Œ4
.Œ5 Œ3/ x D Œ6
x D Œ6:
As we remarked on page 158, the notion of commutative ring allows us to turn

congruences into equations that obey the usual rules of elementary algebra.
Notation: The various Zm are important examples of commutative rings. It

is getting cumbersome, as in the above calculation, to decorate elements of
Zm with brackets. From now on, we will usually drop the brackets, letting
i i
“book2” — 2013/5/24 — 8:18 — page 162 — #182
i i
the context make things clear. For example, the calculation in Z7 above will
usually be written
3x D 4
5.3x/ D 5 4
.5 3/ x D 6
x D 6:
Definition. An element u in a commutative ring R is a unit if it has a multi-

plicative inverse in R; that is, there is v 2 R with uv D 1.
Note that v must be in R in order that u be a unit in R. For example, 2 is

not a unit in Z because 21 is not in Z; of course, 2 is a unit in Q.
Knowledge of the units in a commutative ring R tells us a great deal about
how much elementary algebra carries over to R. For example, knowing whether
or not a is a unit in R tells us whether or not we can solve the equation ax D b
in R by dividing both sides by a.
Example 4.40. (i) The only units in Z are ˙1.

(ii) Proposition 4.39 describes all the units in Zm . It says that Œa is a unit in
Zm if and only if gcd.a; m/ D 1.
(iii) Every nonzero element of Q, R, and C is a unit. N
What are the units in ZŒi ? Our work in Chapter 3 lets us find the answer.
Every nonzero Gaussian integer z has an inverse in C, but that inverse may not
be in ZŒi . Proposition 3.11 shows, in C, that
1 z
z D :
zz
The denominator on the right-hand side is none other than N.z/, the norm of z,
and this suggests the following proposition.
Proposition 4.41. A Gaussian integer z is a unit in ZŒi if and only if N.z/ D 1.
Proof. If N.z/ D 1, the formula z 1 D z=.z z/ D z=N.z/ shows that z 1 D

z, a Gaussian integer, and so z is a unit in ZŒi .
Conversely, if z is a unit in ZŒi , then there is a Gaussian integer w with
zw D 1. Take the norm of both sides; Proposition 3.35(iii) gives
N.z/N.w/ D 1:
This is an equation in Z saying that a product of two integers is 1. The only way
this can happen is for each factor to be ˙1. But norms are always nonnegative,
by Proposition 3.35, and so N.z/ (and also N.w/) is equal to 1.
Proposition 4.41 leads to the question “Which Gaussian integers have norm
1?” If z D aCbi is a Gaussian integer and N.z/ D 1, then a and b are integers
with a2 C b 2 D 1. Using the fact that .a; b/ is a lattice point on the unit circle,
its distance to the origin is 1, and we see that the only .a; b/ satisfying the
equation are
.1; 0/; .0; 1/; . 1; 0/; .0; 1/:
Hence, we have
i i
“book2” — 2013/5/24 — 8:18 — page 163 — #183
i i
Proposition 4.42. There are exactly four units in ZŒi ; namely
1; i ; 1; i:
We know that 0 is never a unit in a nonzero commutative ring R; what if

every nonzero element in R is a unit?
Definition. A field is a nonzero commutative ring F in which every nonzero

a 2 F is a unit; that is, there is b 2 F with ab D 1.
Familiar examples of fields are Q, R, and C; here is a new example.
Theorem 4.43. If m 2, then Zm is a field if and only if m is a prime.
Proof. If m is prime and 0 < a < m, then gcd.a; m/ D 1, and Proposition 4.39
says that a is a unit in Zm . Hence, Zm is a field. We have removed the
Conversely, suppose that m is not prime; that is, m D ab, where 0 < a, brackets from the notation
for elements of Zm .
b < m. In Zm , both a and b are nonzero, and ab D 0. If a has an inverse in
Zm , say, s, then sa D 1,which gives the contradiction:
0 D s0 D s.ab/ D .sa/b D 1b D b:
Who would have thought that a field could have a finite number of elements?
When one of us was a graduate student, a fellow student was tutoring a 10-year
old prodigy. To illustrate the boy’s talent, he described teaching him how to
multiply 2 2 matrices. As soon as he was shown that the 2 2 identity matrix
I satisfies IA D A for all matrices A, the boy immediately began writing;
after a few minutes he smiled, for he had just discovered that A D ac db has
an inverse if and only if ad bc ¤ 0! Later, when this boy was told the
definition of a field, he smiled as the usual examples of Q, R, and C were
trotted out. But when he was shown Z2 , he threw a temper tantrum and ended
the lesson.
In Theorem 4.17, we considered linear congruences in one variable. We
now consider linear systems in two variables.
Theorem 4.44. If p is a prime, then the system
ax C by u mod p
cx C dy v mod p
has a solution .x; y/ if and only if the determinant ad bc 6 0 mod p.
Proof. Since p is a prime, we know that Zp is a field. Now the system of

congruences can be considered as a system of equations in Zp .
ax C by D u
cx C dy D v:
You can now complete the proof just as in linear algebra.
i i
“book2” — 2013/5/24 — 8:18 — page 164 — #184
i i
Example 4.45. Find the solution in Z7 of the system

4x 5y D 2
2x C 3y D 5:
We proceed as in linear algebra. The determinant is 4 3 . 5/ 2 D 22 ¤ 0

in Z7 , and so there is a solution. Now 4 1 D 2 in Z7 (for 42 D 8 1 mod 7),
so the top congruence can be rewritten as x 10y 4. Since 10 D 3,
we have
x D 3y 4:
Substituting into the bottom equation gives 2.3y 4/ C 3y D 5; that is, 9y D
13; rewrite this as 2y D 6. Multiply by 4 D 2 1 to obtain y D 24 D 3.
Finally, x D 3y 4 D 9 4 D 5. Therefore, the solution is .5; 3/. Let’s check
this. If x D 5 and y D 3, then
45 5 3 D 4 2 mod 7
2 5 C 3 3 D 19 5 mod 7: N
How to Think About It. Had you mimicked the method in the example
when proving Theorem 4.44, you would have found Cramer’s Rule, a generic
formula for the solution to the system
ax C by D u
cx C dy D v:
The solution is .x; y/, where

" # " #
u b a u
det det
v d c v
xD " # and yD " #:
a b a b
det det
c d c d
Thus, Cramer’s Rule holds, giving us an easily remembered formula for solv-
ing 2 2 systems of equations in any field. Most linear algebra courses present
a more general Cramer’s Rule for n n systems.
Exercises
4.40 Give an example of a commutative ring R containing an element a with a ¤ 0,
a ¤ 1, and a2 D a.
4.41 * The notation in this exercise is that of Example 4.31.
(i) Find all the units in Fun.R/ D RR .
(ii) Prove that a continuous function uW X ! R is a unit in C.X / if and only if
u.t / ¤ 0 for all t 2 X .
p p
4.42 Let R D ZŒ 3 D fa C b 3 W a; b 2 Zg:
(i) Show, with the usual addition and multiplication of real numbers, that R is a
commutative ring.
p
(ii) Show that u D 2 C 3 is a unit in R.
(iii) Show that R has infinitely many units.
i i
“book2” — 2013/5/24 — 8:18 — page 165 — #185
i i
4.43 If p is a prime, show that a quadratic polynomial with coefficients in Zp has at

most two roots in Zp .
4.44 * Prove or give a counterexample. Let R be a commutative ring.
(i) The product of two units in R is a unit.
(ii) The sum of two units in R is a unit.
4.45 * Describe all the units in the Eisenstein integers ZŒ!.
4.46 * Just as in C, a root of unity in a ring R is an element a 2 R with an D 1 for
some positive integer n.
Find all roots of unity in Zm for all integers m between 5 and 12.
4.47 * Show that Zm contains exactly .m/ units, where is the Euler -function.
4.48 * Show that an element u 2 Zm is a unit if and only if u is a root of unity.
4.49 * If u is a unit in Zm , then Exercise 4.48 says there is some positive integer n
with un D 1; the smallest such n is called the order of u in Zm .
For each integer m between 5 and 12, make a table that shows the units and
their orders. Any conjectures about which integers can be orders of units?
4.50 State and prove Cramer’s Rule for a 3 3 system of linear equations in a field.
4.51 Solve the system of congruences
3x 2y C z 1 mod 7
x Cy 2z 0 mod 7
x C 2y C z 4 mod 7:
4.52 For what values of m will the system
2x C 5y D 7
x C 4y D 9
have a unique solution in Zm ?

4.53 Find a system of two linear equations in two unknowns that has a unique solution
in Zm for all m 2.
4.54 (i) Show that
(" # )
a b
M2 D W a; b 2 Z
b a
is a commutative ring under matrix addition and multiplication.

(ii) What are the units in M2 ?
4.55 *
(i) Show that
(" # )
a b
F4 D W a; b 2 Z2 ;
b aCb
with binary operations matrix addition and multiplication, is a field having

exactly four elements.
(ii) Write out addition and multiplication tables for F4 .
i i
“book2” — 2013/5/24 — 8:18 — page 166 — #186
i i
Subrings and Subfields

Sometimes, as with Z and Q, one ring sits inside another ring.
More precisely, if ˛ is the
addition on R, then its Definition. A subring of a commutative ring R is a commutative ring S con-
restriction ˛j.S S/ has tained in R that has the same 1, the same addition, and the same multiplication
image in S, and it is the
as R; that is, 1 2 S and if a; b 2 S , then a C b 2 S and ab 2 S .
addition on S. Similarly for
multiplication.
Each commutative ring on the list Z Q R C is a subring of the next
Query: Is Zm a subring of one. Example A.20 in Appendix A.3 says that if R is a commutative ring and
Z? k R is a subring that is a field, then R is a vector space over k. Thus, C is a
vector space over R (and also over Q), and R is a vector space over Q.
Proposition 4.46. A subset S of a commutative ring R is a subring of R if and

only if
(i) 1 2 S I
(ii) if a; b 2 S , then a C b 2 S I
(iii) if a; b 2 S , then ab 2 S .
Proof. If S is a subring of R, then the three properties clearly hold.

Conversely, if S satisfies the three properties, then S contains 1, and so it
only remains to show that S is a commutative ring. Items (ii) and (iii) (closure
under addition and multiplication) show that the (restrictions of) addition and
multiplication are binary operations on S . All the other items in the definition
of commutative ring are inherited from R. For example, the distributive law
holds: since a.bCc/ D abCac holds for all a; b; c 2 R, it holds, in particular,
for all a; b; c 2 S R.
Proposition 4.46 is more powerful than it looks. A subset S of a commuta-
tive ring R is a subring if, using the same operations as those in R, it satisfies
all the conditions in the definition of commutative ring. But there’s no need
to check all the properties; you need check only three of them. For example,
Exercise 4.64 on page 168 asks you to prove that the Gaussian integers ZŒi
and the Eisenstein integers ZŒ! are commutative rings. This could be tedious:
there are ten things in the definition of commutative ring to check: addition
and multiplication are binary operations and the eight axioms. However, if we
know that C is a commutative ring and ZŒi and ZŒ! are subrings of C (facts
that can be established via Proposition 4.46), then both ZŒi and ZŒ! are com-
mutative rings in their own right.
Example 4.47. Here is an example of a commutative ring arising from set

A C B is exclusive or; that theory. If A and B are subsets of a set X, then their symmetric difference is
is, all x 2 X lying in either
A or B but not in both. In A C B D .A [ B/ .A \ B/
terms of Venn diagrams,
this pictures the statement: (see Figure 4.2). If U and V are subsets of a set X, then
Take it or leave it!
U V D fx 2 X W x 2 U and x … V g:
Recall that B A is the family
of all functions from a set
A to a set B . Why is this Let X be a set, let 2X denote the set of all the subsets of X, define addition
ring denoted by 2X ? We’ll on 2X to be symmetric difference, and define multiplication on 2X to be inter-
see why in Example 5.16. section. Exercises 4.68 through 4.74 on page 169 essentially show that 2X is a
i i
“book2” — 2013/5/24 — 8:18 — page 167 — #187
i i
A B
Figure 4.2. Symmetric difference.
commutative ring. The empty set ¿ is the zero element, for A C ¿ D A, while
each subset A is its own negative, for A C A D ¿. These exercises also show
that symmetric difference is associative and that the distributive law holds. Fi-
nally, X itself is the identity element, for X \ A D A for every subset A. We
call 2X a Boolean ring.
Suppose now that Y ¨ X is a proper subset of X; is 2Y a subring of 2X ?
If A and B are subsets of Y , then A C B and A \ B are also subsets of Y ;
that is, 2Y is closed under the addition and multiplication on 2X . However, the
identity element in 2Y is Y , not X, and so 2Y is not a subring of 2X . N
The example of 2X may have surprised you. It was natural for us to in-
troduce the notion of commutative ring, for we had already seen many ex-
amples of numbers or of functions in which addition and multiplication make
sense and obey the usual rules. But the elements of 2X are neither numbers nor
functions. And even though we call their binary operations addition and mul-
tiplication, they are operations from set theory. This is a happy circumstance,
which we will exploit in the next chapter. It’s not really important what we
call addition and multiplication; what is important is that the operations satisfy
eight fundamental properties; that is, the axioms in the definition of commuta-
tive ring.
Just as the notion of a subring of a commutative ring is useful, so too is the
notion of a subfield of a field.
Definition. If F is a field, then a subfield of F is a subring k F that is also

a field.
For example, Q is a subfield of R, and both Q and R are subfields of C.

There is a shortcut for showing that a subset is a subfield.
Proposition 4.48. A subring k of a field F is a subfield of F if and only if

a 1 2 k for all nonzero a 2 k.
Proof. This is Exercise 4.57 below.
Exercises
4.56 Give an example of a subring of a field that is not a field.
4.57 * Prove Proposition 4.48.
4.58 (i) Show that f0; 2g Z4 has the same addition and multiplication tables as Z2 .
(ii) Is Z2 a subring of Z4 ?
(iii) Is f0; 2; 4; 6g a subring of Z8 ?
i i
“book2” — 2013/5/24 — 8:18 — page 168 — #188
i i
p p
4.59 Let R D ZŒ 3 D fa C b 3 W a; b 2 Zg.
(i) Show that R is a subring of the Eisenstein integers.
(ii) What are the units in R?
4.60 (i) If S and T are subrings of a ring R, show that S \ T is also a subring of R.
(ii) Show that the intersection of the Gaussian and Eisenstein integers is Z.
4.61 *
(i) If .Si /i 2I isTa family of subrings of a commutative ring R, prove that their
intersection i 2I Si is also a subring of R.
(ii) If X is a subset of a commutative ring R, define G.X /, the subring generated
by X , to be the intersection of all the subrings of R that contain X .
Prove that G.X / is the smallest subring containing X in the following
sense: if S is any subring of R containing X , then G.X / S.
(iii) Let .Si /i 2I be a family of subrings
T of a commutative ring R, each of which
is a field. Prove that the subring i 2I Si is a field. Conclude that the inter-
section of a family of subfields of a field is a subfield.
4.62 Let p be a prime and let Ap be the set of all fractions with denominator a power
of p.
(i) Show, with the usual operations of addition and multiplication, that Ap is a
subring of Q.
(ii) Describe the smallest subring of Q that contains both A2 and A5 .
4.63 Let p be a prime and let Qp be the set of rational numbers whose denominator
(when written in lowest terms) is not divisible by p.
(i) Show, with the usual operations of addition and multiplication, that Qp is a
subring of Q.
(ii) Show that Q2 \ Q5 is a subring of Q.
(iii) Is Qp a field? Explain.
(iv) What is Qp \ Ap , where Ap is defined in Exercise 4.62?
4.64 *
(i) Prove that ZŒi D fa C bi W i 2 D 1 and a; b 2 Zg, the Gaussian integers,
is a commutative ring.
(ii) Prove that ZŒ! D fa C b! W ! 3 D 1 and a; b 2 Zg, the Eisenstein integers,
is a commutative ring.
4.65 * Prove that ZŒ D fa C b i W 0 i < n and a; b 2 Zg is a commutative ring,
where is a primitive nth root of unity.
4.66 * It may seem more natural to define addition in 2X as union rather than symmet-
ric difference. Is 2X a commutative ring if addition A ˚ B is defined as A [ B
and AB is defined as A \ B?
4.67 If X is a finite set with exactly n elements, how many elements are in 2X ?
4.68 * If A and B are subsets of a set X , prove that A B if and only if A D A \ B.
4.69 * Recall that if A is a subset of a set X , then its complement is
Ac D fx 2 X W x … Ag:
Prove, in the commutative ring 2X , that Ac D X C A.

4.70 * Let A be a subset of a set X . If S X , prove that Ac D S if and only if
A [ S D X and A \ S D ¿.
i i
“book2” — 2013/5/24 — 8:18 — page 169 — #189
i i
4.4 Connections: Julius and Gregory 169
4.71 Let A; B; C be subsets of a set X .

(i) Prove that A [ .B \ C / D .A [ B/ \ .A [ C /.
(ii) Prove that A \ .B [ C / D .A \ B/ [ .A \ C /.
4.72 If A and B are subsets of a set X , then A B D fx 2 A W x … Bg. Prove that
A B D A \ B c . In particular, X B D B c , the complement of B.
4.73 * Let A and B be subsets of a set X . Prove the De Morgan laws:
.A [ B/c D Ac \ B c and .A \ B/c D Ac [ B c ;
where Ac denotes the complement of A.

4.74 * If A and B are subsets of a set X , define their symmetric difference by ACB D
.A B/ [ .B A/ (see Figure 4.2).
(i) Prove that A C B D .A [ B/ .A \ B/.
(ii) Prove that .A C B/ [ .A \ B/ D A [ B.
(iii) Prove that A C A D ¿.
(iv) Prove that A C ¿ D A.
(v) Prove that A C .B C C / D .A C B/ C C .
Hint: Show that each of A C .B C C / and .A C B/ C C is described by
Figure 4.3.
(vi) Prove that the Boolean ring 2X is not a field if X has at least two elements.
A B
C
Figure 4.3. Associativity.
4.75 Prove that A \ .B C C / D .A \ B/ C .A \ C /.
4.4 Connections: Julius and Gregory

On what day of the week was July 4, 1776? We’ll use congruence to answer
this question. In fact, we’ll answer in two ways: with an exact formula com-
puting the day, and with a faster refinement, due to Conway.
Let’s begin by seeing why our calendar is complicated. A year is the amount
of time it takes the Earth to make one complete orbit around the Sun; a day is
the amount of time it takes the Earth to make a complete rotation about the axis
through its north and south poles. There is no reason why the number of days
in a year should be an integer, and it isn’t; a year is approximately 365.2422
days long. In 46 BCE, Julius Caesar (and his scientific advisors) changed the
old Roman calendar, creating the Julian calendar containing a leap year every
four years; that is, every fourth year has an extra day, namely, February 29, and
so it contains 366 days (a common year is a year that is not a leap year). This
i i
“book2” — 2013/5/24 — 8:18 — page 170 — #190
i i
would be fine if the year were exactly 365.25 days long, but it has the effect of
making the year 365:25 365:2422 D :0078 days (about 11 minutes and 14
seconds) too long. After 128 years, a full day was added to the calendar; that
is, the Julian calendar overcounted the number of days. In the year 1582, the
vernal equinox (the Spring day on which there are exactly 12 hours of daylight
and 12 hours of night) occurred on March 11 instead of on March 21. Pope
Gregory XIII (and his scientific advisors) then installed the Gregorian calen-
dar by erasing 10 days that year; the day after October 4, 1582 was October
15, 1582. This caused confusion and fear among the people; they thought their
lives had been shortened by ten days.
The Gregorian calendar modified the Julian calendar as follows. Call a
year y ending in 00 a century year. If a year y is not a century year, then
it is a leap year if it is divisible by 4; if y is a century year, it is a leap year only
if it is divisible by 400. For example, 1900 is not a leap year, but 2000 is a leap
year. The Gregorian calendar is the one in common use today, but it was not
uniformly adopted throughout Europe. For example, the British empire didn’t
accept it until 1752, when 11 days were erased, and the Russians didn’t ac-
cept it until 1918, when 13 days were erased (thus, Trotsky called the Russian
revolution, which occurred in 1917, the October Revolution, even though it
occurred in November of the Gregorian calendar).
The true number of days in 400 years is about
400 365:2422 D 146096:88 days:
In this period, the Julian calendar has
400 365 C 100 D 146; 100 days;
while the Gregorian calendar, which eliminates three leap years from this time
period, has 146,097 days. Thus, the Julian calendar gains about 3.12 days every
400 years, while the Gregorian calendar gains only 0.12 days (about 2 hours
and 53 minutes.
Historical Note. There are 1628 years from 46 BCE to 1582 CE. The Julian
calendar overcounts one day every 128 years, and so it overcounted 12 days in
this period (for 12 128 D 1536). Why didn’t Gregory have to erase 12 days?
The Council of Nicaea, meeting in the year 325 CE, defined Easter as the first
Sunday strictly after the Paschal full moon, which is the first full moon on or
after the vernal equinox (now you know why Pope Gregory was interested in
the calendar). The vernal equinox in 325 CE fell on March 21, and the Synod
of Whitby, in 664 CE, officially defined the vernal equinox to be March 21. The
discrepancy observed in 1582 was thus the result of only 1257 D 1582 325
years of the Julian calendar: approximately 10 days.
We now seek a calendar formula. For easier calculation, choose 0000 as our
reference year, even though there was no year zero! Assign a number to each
day of the week, according to the scheme
Sun Mon Tues Wed Thurs Fri Sat

.
0 1 2 3 4 5 6
i i
“book2” — 2013/5/24 — 8:18 — page 171 — #191
i i
In particular, March 1, 0000, has some number a0 , where 0 a0 6. In the

next year 0001, March 1 has number a0 C1 (mod 7), for 365 days have elapsed
from March 1, 0000, to March 1, 0001, and
365 D 52 7 C 1 1 mod 7:
Similarly, March 1, 0002, has number a0 C 2, and March 1, 0003, has number
a0 C 3. However, March 1, 0004, has number a0 C 5, for February 29, 0004,
fell between March 1, 0003, and March 1, 0004, and so 366 2 mod 7 days
had elapsed since the previous March 1. We see, therefore, that every common
year adds 1 to the previous number for March 1, while each leap year adds 2.
Thus, if March 1, 0000, has number a0 , then the number a0 of March 1, year y,
is
a0 a0 C y C L mod 7;
where L is the number of leap years from year 0001 to year y. To compute L,
count all those years divisible by 4, then throw away all the century years, and
then put back those century years that are leap years. Thus,
L D b y=4c b y=100c C by=400c;
where bxc denotes the greatest integer in x. Therefore, we have
a0 a0 C y C L
a0 C y C by=4c b y=100c C by=400c mod 7:
We can actually find a0 by looking at a calendar. Since March 1, 2012, fell

on a Thursday,
4 a0 C 2012 C b2012=4c b2012=100c C b2012=400c

a0 C 2012 C 503 20 C 5 mod 7;
and so
a0 2496 4 3 mod 7
(that is, March 1, 0000 fell on Wednesday). We can now determine the day of
the week a0 on which March 1 will fall in any year y > 0, for
a0 3 C y C b y=4c b y=100c C by=400c mod 7:
Historical Note. There is a reason we have been discussing March 1, for

it was the first day of the year in the old Roman calendar (753 BCE). There
were only ten months: Martius, . . . , Iunius, Quintilis, Sextilis, Septembris,
. . . , Decembris (which explains why September is so named; originally, it was
month 7). In 713 BCE , Numa added January and February, and the Julian cal-
endar changed the names of Quintilis and Sextilis to July and August.
Let us now analyze February 28. For example, suppose that February 28,
1600, has number b. As 1600 is a leap year, February 29, 1600, occurs between
February 28, 1600, and February 28, 1601; hence, 366 days have elapsed be-
tween these two February 28s, so that February 28, 1601, has number b C 2.
February 28, 1602, has number b C 3, February 28, 1603, has number b C 4,
i i
“book2” — 2013/5/24 — 8:18 — page 172 — #192
i i
February 28, 1604, has number b C 5, but February 28, 1605, has number b C 7
(for there was a February 29 in 1604).
Let us compare the pattern of behavior of February 28, 1600, namely, b;
b C 2; b C 3; b C 4; b C 5; b C 7; : : : ; with that of some date in 1599. If May 26,
1599, has number c, then May 26, 1600, has number c C 2, for February 29,
1600, comes between these two May 26s, and so there are 366 2 mod 7 in-
tervening days. The numbers of the next few May 26s, beginning with May 26,
1601, are c C 3, c C 4, c C 5, c C 7. We see that the pattern of the days for
February 28, starting in 1600, is exactly the same as the pattern of the days
for May 26, starting in 1599; indeed, the same is true for any date in January
or February. Thus, the pattern of the days for any date in January or February
of a year y is the same as the pattern for a date occurring in the preceding
year y 1: a year preceding a leap year adds 2 to the number for such a date,
whereas all other years add 1. Therefore, we pretend we have reverted to the
ancient calendar by making New Year’s Day fall on March 1, so that any date
in January or February is treated as if it had occurred in the previous year.
Historical Note. George Washington’s birthday, in the Gregorian calendar,

is February 22, 1732. But the Gregorian calendar was not introduced in the
British colonies until 1752. Thus, his original birthday was February 11. But
New Year’s Day was also changed; before 1752, England and its colonies cele-
brated New Year’s Day on March 25; hence, February, which had been in 1731,
was regarded, after the calendar change, as being in 1732. George Washington
used to joke that not only did his birthday change, but so did his birth year. See
How do we find the day corresponding to a date other than March 1? Since
March 1, 0000, has number 3 (as we have seen above), April 1, 0000, has
number 6, for March has 31 days and 3 C 31 6 mod 7. Since April has 30
days, May 1, 0000, has number 6 C 30 1 mod 7. Figure 4.4 is the table
giving the number of the first day of each month in year 0000.
Remember that we are pretending that March is month 1, April is month 2,
and so on. Let us denote these numbers by 1 C j.m/, where j.m/, for m D
1; 2; : : : ; 12, is defined by
j.m/ W 2, 5, 0, 3, 5, 1, 4, 6, 2, 4, 0, 3.
It follows that month m, day 1, year y, has number
1 C j.m/ C g.y/ mod 7;
where
g.y/ D y C b y=4c b y=100c C by=400c:
Note that a0 D 1 C j.1/, so that the values of j.m/ depend on our knowing a0 .
Here’s a formula for j.m/:
j.m/ D b2:6m 0:2c; where 1 m 12I
the values are displayed in Figure 4.4. This formula is not quite accurate. For
example, this number for December, that is, for m D 10, is b2:6m 0:2c D 25;
but j.10/ D 4. However, 25 4 mod 7, and so the formula for j.m/ really
gives the congruence class mod 7.
i i
“book2” — 2013/5/24 — 8:18 — page 173 — #193
i i
Date Number Date Number Date Number

March 1 2 July 1 5 November 1 2
April 1 5 August 1 1 December 1 4
May 1 0 September 1 4 January 1 0
June 1 3 October 1 6 February 1 3
Figure 4.4. Values of j.m/.
Theorem 4.49 (Calendar Formula). The date with month m, day d , year y The word calendar comes
has number from the Greek “to call,”
which evolved into the
Latin word for the first day
d C j.m/ C g.y/ mod 7;
of a month (when accounts
were due).
where j.m/ is given in Figure 4.4,
g.y/ D y C b y=4c b y=100c C by=400c;
and dates in January and February are treated as having occurred in the pre-
vious year.
Proof. The number mod 7 corresponding to month m, day 1, year y, is
1 C j.m/ C g.y/:
It follows that 2 C j.m/ C g.y/ corresponds to month m, day 2, year y, and,

more generally, d C j.m/ C g.y/ corresponds to month m, day d , year y.
Let’s find the day of the week on which July 4, 1776 fell; here m D 5,
d D 4, and y D 1776. Substituting in the formula, we obtain the number
4 C 5 C 1776 C 444 17 C 4 D 2216 4 mod 7I
therefore, July 4, 1776, fell on a Thursday.
Example 4.50. Does every year y contain a Friday 13? We have
5 13 C j.m/ C g.y/ mod 7:
The question is answered positively if the numbers j.m/, as m varies from 1

through 12, give all the remainders 0 through 6 mod 7. And this is what hap-
pens. The sequence of remainders mod 7 is
2; 5; [0; 3; 5; 1; 4; 6; 2]; 4; 0; 3:
Indeed, we see that there must be a Friday 13 occurring between May and
November. No number occurs three times on the list, but it is possible that
there are three Friday 13s in a year because January and February are viewed as
having occurred in the previous year; for example, there were three Friday 13s
in 1987 (see Exercise 4.79 on page 176). Of course, we may replace Friday by
any other day of the week, and we may replace 13 by any number between 1
and 28. N
i i
“book2” — 2013/5/24 — 8:18 — page 174 — #194
i i
Most of us need paper and pencil (or a calculator) to use the calendar for-
mula in the theorem, but here’s a way to simplify the formula so you can do
the calculation in your head and amaze your friends. A mnemonic for j.m/ is
the sentence
My Uncle Charles has eaten a cold supper; he eats nothing hot.

2 5 (7 0) 3 5 1 4 6 2 4 (7 0) 3
Corollary 4.51. The date with month m, day d , year y D 100C C N , where
0 N 99, has number
d C j.m/ C N C bN=4c C bC=4c 2C mod 7;
provided that dates in January and February are treated as having occurred in
the previous year.
Proof. If we write a year y D 100C C N , where 0 N 99, then
y D 100C C N 2C C N mod 7;
b y=4c D 25C C bN=4c 4C C bN=4c mod 7;
b y=100c D C; and b y=400c D bC=4c:
Therefore,
y C b y=4c b y=100c C by=400c N C 5C C bN=4c C bC=4c mod 7

N C bN=4c C bC=4c 2C mod 7:
This formula is simpler than the first one. For example, the number corre-
sponding to July 4, 1776 is now obtained as
4 C 5 C 76 C 19 C 4 34 D 74 4 mod 7;
agreeing with our calculation above. The reader may now compute the day of
his or her birth.
Example 4.52. The birthday of Rose, the grandmother of Danny and Ella, was
January is counted as January 1, 1909; on what day of the week was she born?
belonging to the previous
year 1908. We use Corollary 4.51. If A is the number of the day, then j.m/ D 0 (for
January corresponds to month 11), and
A 1 C 0 C 8 C b8=4c C b19=4c 38
23 mod 7
5 mod 7:
Rose was born on a Friday. N
J. H. Conway found an even simpler calendar formula. The day of the week
on which the last day of February occurs is called the doomsday of the year.
We can compute doomsdays using Corollary 4.51.
Knowing the doomsday D of a century year 100C finds the doomsday D 0
of any other year y D 100C C N in that century. Since 100C is a century
i i
“book2” — 2013/5/24 — 8:18 — page 175 — #195
i i
year, the number of leap years from 100C to y does not involve the Gregorian
alteration. Thus,
D 0 D C N C bN=4c mod 7:
For example, since doomsday 1900 is Wednesday = 3, we see that doomsday

1994 is Monday = 1, for
3 C 94 C 23 D 120 1 mod 7:
February 29, 1600 2 Tuesday

February 28, 1700 0 Sunday
February 28, 1800 5 Friday
February 28, 1900 3 Wednesday
February 29, 2000 2 Tuesday
Figure 4.5. Recent doomsdays.
Proposition 4.53 (Conway). Let D be doomsday 100C , and let 0 N 99.

If N D 12q C r , where 0 r < 12, then D 0 , doomsday 100C C N , is given
by
D C q C r C br=4c mod 7:
Proof.
D 0 D C N C bN=4c
D C 12q C r C b.12q C r /=4c
D C 15q C r C br=4c
D C q C r C br=4c mod 7:
For example, what is D 0 D doomsday 1994? Now N D 94 D 12 7 C 10,

so that q D 7 and r D 10. Thus, D 0 D 3 C 7 C 10 C 2 1 mod 7; that is,
doomsday 1994 is Monday, as we saw above.
Once we know doomsday of a particular year, we can use various tricks
(e.g., Uncle Charles) to pass from doomsday to any other day in the year. Con-
way observed that some other dates falling on the same day of the week as the
doomsday are
April 4, June 6, August 8, October 10, December 12,

May 9, July 11, September 5, and November 7:
If we return to the everyday listing beginning with January as the first month,
then it is easier to remember these dates using the notation month/day:
4=4; 6=6; 8=8; 10=10; 12=12;

5=9; 7=11; 9=5; 11=7:
i i
“book2” — 2013/5/24 — 8:18 — page 176 — #196
i i
Since doomsday corresponds to the last day of February, we are now within
a few weeks of any date in the year, and we can easily interpolate to find the
desired day. For example, let’s use this method for July 4, 1776. Notice that
July 4 occurs on the same day of the week as July 11, and so we need only find
doomsday 1776. By Proposition 4.53,
D 0 0 C 76 C b76=4c D 95 4 mod 7:
We see again that July 4, 1776 fell on a Thursday.
Example 4.54. Let’s use Conway’s method to compute Rose’s birthday again
(recall Example 4.52: Rose was born on January 1, 1909). Since Conway’s
method applies within a given century, there is no need to pretend that Jan-
uary and February live in the preceding year; we can work within 1909. Now
doomsday 1900 is 3, so that Proposition 4.53 gives doomsday 1909 D 0; that
is, Sunday. By definition, doomsday is the number corresponding to the last
date in February, which is here February 28 (for 1909 is not a leap year). Thus,
we interpolate that 3 is the number for 1=31, 1=24, 1=3; that is, January 3 fell
on Sunday, and so January 1 fell on Friday (which agrees with what we saw in
Example 4.52). N
Exercises
4.76 A suspect said that he had spent the Easter holiday April 21, 1893, with his ailing
mother; Sherlock Holmes challenged his veracity at once. How could the great
detective have been so certain?
Hint: Easter always falls on Sunday. (There is a Jewish variation of this problem,
for Yom Kippur must fall on either Monday, Wednesday, Thursday, or Saturday;
secular variants can involve Thanksgiving Day, which always falls on a Thursday,
or Election Day in the US, which always falls on a Tuesday.)
4.77 How many times in 1900 did the first day of a month fall on a Tuesday?
Hint: The year y D 1900 was not a leap year.
4.78 On what day of the week did February 29, 1896 fall?
Hint: On what day did March 1, 1896, fall? Conclude from your method of solu-
tion that no extra fuss is needed to find leap days.
4.79 *
(i) Show that 1987 had three Friday 13s.
Hint: See Example 4.50.
(ii) Show, for any year y > 0, that g.y/ g.y 1/ D 1 or 2, where g.y/ D
y C b y=4c by=100c C b y=400c.
(iii) Can there be a year with exactly one Friday 13?
Hint: Either use congruences or scan the 14 possible calendars: there are 7
possible common years and 7 possible leap years, for January 1 can fall on
any of the 7 days of the week.
4.80 * JJR’s Uncle Ben was born in Pogrebishte, a village near Kiev, and he claimed
that his birthday was February 29, 1900. JJR told him that this could not be, for
1900 was not a leap year. Why was JJR wrong?
Hint: When did Russia adopt the Gregorian calendar?
i i
“book2” — 2013/5/24 — 8:18 — page 177 — #197
i i
4.5 Connections: Patterns in Decimal Expansions 177
4.5 Connections: Patterns in

Decimal Expansions
One of the most beautiful applications of modular arithmetic is to the classi-
fication of decimal expansions of rational numbers, a circle of ideas that runs
throughout precollege mathematics.
We now ask what we can infer from knowing the decimal expansion of a
real number x. You probably know Proposition 4.58: x is rational if and only
if its decimal expansion either terminates or eventually repeats. Is there any
nice way to tell ahead of time which fractions terminate? Can you be sure
that the ones that don’t terminate really do repeat? And, for fractions whose
decimals repeat, can you predict the period (the number of digits in its block,
the repeating part) as well as the actual sequence of digits in it?
Many conjectures about fractions and decimals come from a careful anal-
ysis of numerical calculations. In this section, we (and you) will perform a
great many calculations, looking at patterns you’ll observe, with the goal of
analyzing them, and seeing how they are explained by “how the calculation
goes.”
Real Numbers
We assume that every real number x has a decimal expansion; for example,
D 3:14159 : : : . This follows from identifying each real number x with
a “point on a number line” having signed distance from a fixed origin on a
coordinatized line. In particular, rational numbers have decimal expansions,
which you can find by long division.
The term expansion will be used in a nonstandard way: we restrict the ter-
minology so that, from now on, the decimal expansion of a real number is the
sequence of digits after the decimal point. With this usage, for example, the
decimal expansion of is :14159 : : : .
We are going to see that decimal expansions of real numbers are unique,
with one possible exception: if there is an infinite string of all 9s. For example,
:328 D :327999 : : : :
This is explained using the geometric series.
Lemma 4.55. If r is a real number with jr j < 1, then

1
X 1
rn D 1 C r C r2 C D :
nD0
1 r
Proof. For every positive integer n, the identity

1 r n D .1 r/ 1 C r C r2 C C rn 1
gives the equation

1 rn 1 rn
1 C r C r2 C C rn 1
D D
1 r 1 r 1 r
n
for every real number r ¤ 1. Since jr j < 1, we have lim r =.1 r / D 0.
n!1
i i
“book2” — 2013/5/24 — 8:18 — page 178 — #198
i i
For example, taking r D 1=10, we have

9 9 9
:999 : : : D C 2 C 3 C
10 10 10
9 1 1 1
D 1C C 2 C 3 C
10 10 10 10
9 1
D
10 1 1=10
9 10
D D 1:
10 9
Hence,
1
:327999 : : : D :327 C :000999 : : : D :327 C :999 : : :
103
1
D :327 C D :327 C :001 D :328:
103
We’ll resolve this ambiguity by choosing, once for all, to avoid infinite strings
of 9s. Indeed, we’ll soon see that the choice :328 comes from long division.
If we disregard “all nines from some point on,” then we can show that every
real number has a unique decimal expansion. For this, we need the following
corollary to Lemma 4.55.
Corollary 4.56. If x D :d1 d2 : : : and dj < 9 for some j > 1, then

d1 C 1
x< :
10
Proof. Each digit di is at most 9, and there is some j > 1 with dj strictly less
than 9. So, writing x as a series, we have
d1 d2 d3 dj
xD C 2 C 3 CC j C
10 10 10 10
d1 d2 d3 9
< C 2 C 3 CC j C
10 10 10 10
d1 9 9 9
C 2 C 3 CC j C
10 10 10 10
d1 9 1 1
D C 2 1C CC j 2 C
10 10 10 10

d1 9 10
D C
10 102 9
d1 1 d1 C 1
D C D :
10 10 10
Proposition 4.57. Every real number x has a unique decimal expansion that
does not end with infinitely many consecutive 9s.
Proof. Suppose that

:d1 : : : dk : : : D x D :e1 : : : ek : : : ;
where d1 D e1 ; : : : ; dk 1 D ek 1, but that dk ¤ ek . We may assume that
dk < ek , so that dk C 1 ek .
i i
“book2” — 2013/5/24 — 8:18 — page 179 — #199
i i
Multiplying by a power of 10, we see that
:dk dkC1 : : : D :ek ekC1 : : : :
Because there’s not an infinite string of 9s in our expansions, we can apply

Corollary 4.56 to find that
dk C 1 ek
:dk dkC1 : : : < :ek ekC1 : : : ;
10 10
contradicting the fact that the extreme left-hand and right-hand expressions are
equal.
Decimal Expansions of Rationals

Let’s now focus on rational numbers. Some decimal expansions of rationals
terminate; for example,
1 1 3 1
D :1; D :25; D :375; D :025:
10 4 8 40
And there are some fractions whose decimal expansions repeat (after a possible
initial string of digits):
1 1 9 You can think of
D :333 : : : ; D :142857142857 : : : ; D :32142857142857 : : : .32142857142857. . . as
3 7 28
the 10-adic expansion
of 9=28, using negative
Definition. Let a real number x have decimal expansion
powers of 10.
r D :d1 d2 d3 : : : I
that is, x D k:d1 d2 d3 D k C r for some k 2 Z.

(i) We say that x terminates if there exists an integer N so that di D 0 for
all i > N .
(ii) We say that x repeats with period m 1 if
(a) it doesn’t terminate
(b) there exist positive integers N and m so that di D di Cm for all i > N
(c) m is the smallest such integer.
If x repeats, then its block is the first occurrence of its repeating part
di di C1 : : : di Cm 1:
We could say that “terminating” and “repeating” decimals are not really
different, for terminating rationals have decimal expansions that repeat with
period 1 and with block having the single digit 0, but it’s convenient and natural
to distinguish such rationals from those having infinitely many nonzero digits,
as you’ll see in Proposition 4.59.
The way to get the decimal expansion for 1=7 is to divide 7 into 1 via long
division, as in Figure 4.6. Each of the remainders 1 through 6 shows up exactly
once in this calculation, in the order 3; 2; 6; 4; 5; 1. Once you get a remainder
of 1, the process will start over again, and the digits in the quotient, namely,
1; 4; 2; 8; 5; 7, will repeat. The block of 1=7 is 142857. However, even though
i i
“book2” — 2013/5/24 — 8:18 — page 180 — #200
i i
0.142857. . . 0.153846. . .

7 1.000000. . . 13 2.000000. . .
7 13
30 70
28 65
20 50
14 39
60 110
56 104
40 60
35 52
50 80
49 78
1 2
Figure 4.6. 1=7 D :142857142857142857: : : : Figure 4.7. 2=13 D :153846 : : : :
142857142857 also repeats, it is not a block because it is too long: 1=7 has
period 6, not 12.
Consider a second example: the calculation of 2=13 in Figure 4.7. It too has
period 6.
Next, we’ll see that every rational number terminates or repeats; that is, the
two types in the definition are the only possibilities.
Proposition 4.58. A real number x is rational if and only if it either terminates

or repeats. Moreover, if x D a=b is rational, then it has period at most b.
Proof. The arguments for 1=7 and 2=13 generalize. Imagine expressing a frac-
tion a=b (with a; b > 0) as a decimal by dividing b into a via long division.
There are at most b possible remainders in this process (integers between 0
and b 1), so after at most b steps a remainder appears that has shown up
before. After that, the process repeats.
Conversely, let’s see that if a real number x terminates or repeats, then x is
rational. A terminating decimal is just a fraction whose denominator is a power
of 10, while a repeating decimal is made up of such a fraction plus the sum of
Middle school students a convergent geometric series. An example is sufficient to see what’s going on.
practice another method
for doing this (for days on :1323232 : : : D :1 C :0323232 : : :
end). See Exercise 4.84 on
32 32 32
page 181. D :1 C 3 C 5 C 7 C : : :
10 10 10
32 1 1
D :1 C 3 1 C 2 C 4 C : : :
10 10 10
!
1 4 1
D C 1
: (by Lemma 4.55)
10 25 1
102
The last expression is clearly a rational number. The general proof is a generic
version of this idea; it is left as Exercise 4.81 below.
i i
“book2” — 2013/5/24 — 8:18 — page 181 — #201
i i
Which rationals terminate? Certainly, any rational a=b whose denomina-

tor b is a power of 10 terminates. But some other rationals can also be put in
this form; for example,
5 5 125 625
D D D :625:
8 8 125 1000
The basic idea is to take a denominator of the form 2u5v , and multiply top and Theorem 4.61 below gives
bottom of the fraction to produce a denominator that’s a power of 10. a necessary and sufficient
condition for a=b to repeat.
Proposition 4.59. Let x D a=b be rational, written in lowest terms. Then x
terminates if and only if the only prime factors of b are 2 and 5.
Proof. If x terminates, say, x D k:d1 d2 : : : dm , then x D k CD=10m for some

k 2 Z, where D is the integer with digits d1 d2 : : : dm ; thus, x is a fraction
whose denominator is divisible only by 2 and 5. Conversely, if x D k C r D
k C a=2u 5v , then
v u
a 2 5 a 2v 5u a
rD u v D v u u v
D uCv
2 5 2 5 2 5 10
a fraction whose denominator is a power of 10. Hence, x terminates.
How to Think About It. Exercise 4.83 shows that if r is a rational number
and 5m r or 2` r terminates, then r also terminates. However, if kr terminates
(for some integer k), then r need not terminate; for example, r D :271333 : : :
does not terminate, but 3r D :814 does terminate.
Exercises
4.81 * Complete the proof of Proposition 4.58 that a decimal that eventually repeats is
the decimal expansion of a rational number.
4.82 * Let r D a=b be rational.
(i) If r terminates, then kr terminates for every integer k.
(ii) If gcd.a; b/ D 1, prove that a=b terminates if and only if 1=b terminates.
Hint: 1=b D .sa C t b/=b D sa=b C t .
4.83 * If ` 0, m 0, and 2` 5m r terminates, prove that r terminates.
4.84 * Here’s a method used by many precollege texts for converting repeating dec-
imals to fractions. Suppose that you want to convert :324324 : : : to a fraction.
Calculate like this: If x D :324324 : : :, then 1000x D 324:324324 : : : , and
1000x x D 999x D 324:
Hence, x D 324=999:
(i) There is a hidden assumption about geometric series in this method. Where is
it?
(ii) Try this method with the following decimal expansions:
(a) :356356 : : : (b) :5353 : : :
(c) :2222 : : : (d) :07593 : : :
(e) :0123563563: : :
i i
“book2” — 2013/5/24 — 8:18 — page 182 — #202
i i
4.85 What’s wrong with the following calculation? Let x D 1 C 2 C 22 C : : : . Then
x D 1 C 2 C 22 C : : :
2x D 2 C 22 C 23 C : : : :
Subtract the top equation from the bottom to obtain x D 1.

4.86 Calculate decimal expansions for the followings fractions using long division. For
each one, what other fractions-to-decimal expansions (if any) do you get for free?
1 1 1
(i) (ii) (iii)
3 6 9
1 4 7
(iv) (v) (vi)
15 15 15
1 1 1
(vii) (viii) (ix)
8 13 20
1 1 1
(x) (xi) (xii)
19 31 37
Periods and Blocks

Corollary 4.62 says that What is the period of a “unit fraction” 1=n? Our result will come from taking a
the period of a=n is equal closer look at how decimal expansions are calculated; the analysis generalizes
to the period of 1=n if to the decimal expansion of any rational number.
gcd.a; n/ D 1.
0.076923. . . 0.153846. . .

13 1.000000. . . 13 2.000000. . .
00 13
1 00 70
91 65
90 50
78 39
120 110
117 104
30 60
26 52
40 80
39 78
1 2
Figure 4.8. Decimal expansions of 1=13 and 2=13.
An analysis of the calculation for 1=13 yields another insight (see Figure
4.8). Pretend that the decimal point isn’t there, so we are dividing 1;000;000 D
106 by 13. Since 1 appears as a remainder, the initial sequence of remainders
will repeat, and the period of 1=13 is 6. Thus, the period of 1=13 is the smallest
power of 10 congruent to 1 mod 13. In other words, the period of 1=13 is the
order of 10 in Z13 (see Exercise 4.49 on page 165).
We will generalize this observation in Theorem 4.61: the period of any frac-
tion 1=n is the order of 10 in Zn as long as there is some positive integer e with
i i
“book2” — 2013/5/24 — 8:18 — page 183 — #203
i i
10e 1 mod n. But, by Exercise 4.48 on page 165, some power of 10 is con-
gruent to 1 mod n if and only if 10 is a unit in Zn . Now this condition is
equivalent to gcd.10; n/ D 1; that is, if and only if n is not of the form 2u 5v .
Thus, Proposition 4.59 shows why the dichotomy of terminating and repeating
rationals is so natural.
To prove the general result for 1=n, we just need to make sure that the first
remainder that shows up twice is, in fact, 1. That’s the content of the next
lemma.
Lemma 4.60. If gcd.10; n/ D 1, then 1 occurs as a remainder in the long di-

vision of 1 by nI moreover, there cannot be two identical remainders occurring
before 1 occurs.
Proof. As we saw above, because gcd.10; n/ D 1, a remainder of 1 will first

appear in the long division after e steps where e is the order of 10 in Zn .
We must prove that there is no repeat of some other remainder before that
remainder of 1 shows up. First of all, there can’t be an earlier 1 (why?). Next,
suppose you see the same remainder, say c, occurring earlier, say, at steps
e1 < e2 < e. Then we’d have
10e1 10e2 c mod n:
Since 10 is a unit in Zn , this would imply that
1 10e2 e1
mod n:
And since e2 e1 < e, this would contradict the fact that e is the order of 10
in Zm .
Putting it all together, we have a refinement of Propositions 4.58 and 4.59:
Theorem 4.61. If n > 0 is an integer, then 1=n either terminates or repeats.

(i) 1=n terminates if and only if n D 2u 5v for nonnegative integers u and v.
(ii) If gcd.n; 10/ D 1, then 1=n repeats with period m, where m is the order
of 10 in Zn .
Proof. Part (i) was proved in Proposition 4.59. The essence of the proof of
part (ii) lies in the discussion on page 182 about the decimal expansion of 1=13:
the expansion for 1=n repeats after e steps, where e is the order of 10 in Zn ;
that is, the first occurrence of remainder 1 occurs at the eth step of the long
division. And Lemma 4.60 shows that there can be no earlier occurrences.
So, if gcd.n; 10/ D 1, then 1=n repeats, and we know that its period is the
order of 10 in Zn . What about fractions of the form a=n? The next corollary
shows that the same thing is true, as long as the fraction is in lowest terms.
Corollary 4.62. If gcd.a; n/ D 1 and a < n, then the period of a=n is the
same as that of 1=n, namely the order of 10 in Zn .
Proof. Suppose the period of a=n is `. Then, arguing as in Lemma 4.60, the
expansion will repeat only after the remainder a occurs in the long division
i i
“book2” — 2013/5/24 — 8:18 — page 184 — #204
i i
1 1
p period for p p period for p
3 1 97 96
7 6 101 4
11 2 103 34
13 6 107 53
17 16 109 108
19 18 113 112
23 22 127 42
29 28 131 130
31 15 137 8
37 3 139 46
41 5 149 148
43 21 151 75
47 46 157 78
53 13 163 81
59 58 167 166
61 60 173 43
67 33 179 178
71 35 181 180
73 8 191 95
79 13 193 192
83 41 197 98
89 44 199 99
Figure 4.9. Periods of 1=p for small primes p.
of a by n (see Exercise 4.88 on page 190). But this implies that ` is the smallest
positive integer such that
a 10` a mod n:
1
Since a is a unit in Zn , multiplying by a gives
`
10 1 mod n:
It follows that ` D m, the order of 10 in Zn .
Theorem 4.61 doesn’t answer every question about the periods of 1=p,
where p is a prime other than 2 or 5. Sometimes the period is p 1, as when
p D 7, but this not always so, for 1=13 has period 6, not 12. In all the entries in
Figure 4.9, we see that periods of 1=p are divisors of p 1. This turns out to
be always true, and you’ll prove it soon. What about non-prime denominators?
Perhaps the length of the period of the expansion of 1=n is a factor of n 1?
But stay tuned—we’ll No such luck: 1=21 D :047619047619 : : : has period 6 which is not a divisor
return to the period of 1=n of 20.
shortly.
Historical Note. In Disquisitiones Arithmeticae [14], Gauss conjectured

that there are infinitely many primes p that have the property that the deci-
mal expansion for 1=p has period p 1. Gauss’s conjecture can be restated as
i i
“book2” — 2013/5/24 — 8:18 — page 185 — #205
i i
follows: there are infinitely many primes p for which the order of 10 in Zp is
p 1. E. Artin generalized Gauss’s conjecture. He claimed that if b is a posi- See Exercises 4.92
tive integer that is not a perfect square, then there are infinitely many primes p and 4.93 on page 190.
for which the b-adic expansion of 1=p has period p 1. These are still con-
jectures (as Gauss’s conjecture above), and very celebrated ones at that. Many
seemingly simple questions in arithmetic are extremely hard to answer.
But some things are known. For example, Gauss proved in Disquisitiones
that for any prime p, there is always at least one number (not necessarily 10)
whose order in Zp is p 1. Such a number is called a primitive root mod p.
We now know that the period of 1=n, where gcd.10; n/ D 1, is the order of
10 in Zn . In Exercise 4.49 on page 165, you did some calculations of orders of
units. We can now say a little more.
Theorem 4.63. If u is a unit in Zn , then
u.n/ D 1
where is the Euler -function.
Proof. By Proposition 4.39, there are .n/ units in Zn . Suppose we list them
all:
u1 ; u2 ; : : : ; u.n/ :
One of these units is u. Now multiply all these units by u; you get
uu1 ; uu2 : : : ; uu.n/ :

All these elements are units (Exercise 4.44 on page 165), and they are distinct
(Exercise 4.89 on page 190). This means that the second list contains all the
units, perhaps in a different order (they are distinct units, and there are .n/
of them). Now multiply all the units together, first using the original order, and
then using the permuted order:
.n/
Y .n/
Y .n/
Y
ui D u ui D u.n/ ui :
i D1 i D1 i D1
Q.n/
But i D1 ui is a unit (Exercise 4.44 again), so you can divide both sides by
it, and the result follows.
Corollary 4.64. The order of a unit in Zn is a factor of .n/.
Proof. Suppose that u is a unit in Zn with order e.

Divide .n/ by e to get a quotient and remainder:
.n/ D qe C r 0 r < e:
Then
q
u.n/ D uqeCr D .ue / ur :
Now use Theorem 4.63 and the fact that e is the minimal positive exponent
such that ue D 1 to conclude that r D 0.
i i
“book2” — 2013/5/24 — 8:18 — page 186 — #206
i i
Specializing to u D 10, we have
Theorem 4.65. If n is relatively prime to 10 .that is, if 1=n repeats/, then the
period of 1=n is a divisor of .n/.
This greatly reduces the number of possibilities. For example, all we could
say about the length of the period of 1=231 before is that it is at most 230. Now
we can say it is a factor of .231/ D 120. Which one is it?
Example 4.66. We saw earlier, on page 184, that 1=21 D :047619047619 : : : ,

so that the period of 1=21 is 6. Now .21/ D 12 and, of course, 6 is a divisor
of 12. N
Proposition 4.63 gives us an added bonus: another proof of Fermat’s Little

Theorem.
Corollary 4.67. If p is a prime, then ap D a in Zp for all integers a.
Proof. As in the proof of Theorem 4.9, we have two cases. If p j a, then
ap a 0 mod p;
and ap D a in Zp .
If gcd.a; p/ D 1, then a is a unit in Zp , and Proposition 4.63 gives
a.p/ D 1
in Zp . But .p/ D p 1, because p is prime. Hence,
ap 1
D 1:
Multiplying both sides by a gives ap D a in Zp .
As another application, we know that the period of 1=n is at most n 1.

When is it as large as possible?
Corollary 4.68. If the period of 1=n is n 1, then n is prime.
Proof. If n is not prime, then .n/ < n 1, and the period of 1=n is not
n 1.
How to Think About It. The converse of Corollary 4.68 is not true, as the
example of 1=13 shows. As we said on page 184, it’s still an open question
about which primes p have the property that the decimal expansion for 1=p
has maximal period. All we can say is that the decimal expansion is a divi-
sor of .p/ D p 1, providing an explanation for the evidence gathered in
Figure 4.9.
We have discovered information about periods of repeating rationals; let’s

now look a bit at their blocks. Before continuing, it’s worth working out some
i i
“book2” — 2013/5/24 — 8:18 — page 187 — #207
i i
other decimal expansions to look for interesting patterns. For example, calcu-
late the decimal expansions of
1 2 1 1 2 1 1
; ; ; ; ; ;
8 3 15 19 19 13 20
to see whether you can come up with some conjectures for connections be-
tween the integers a and b and the blocks in the decimal expansion of a=b.
Figure 4.10 displays the digits in the blocks of k=7 for 1 k 6. Is there a
way to explain where each rearrangement starts?
1
D :142857142857 : : :
7
2
D :285714285714 : : :
7
3
D :428571428571 : : :
7
4
D :571428571428 : : :
7
5
D :714285714285 : : :
7
6
D :857142857142 : : :
7
Figure 4.10. The expansions of k=7 for 1 k < 7.
There are quite a few patterns here. For example, each block consists of six
repeating digits—some “cyclic” permutation of 142857:
142857; 285714; 428571; 571428; 714285; 857142
It’s the sequence of remainders that explains the various decimal expansions
of k=7—what they are and why they are in a particular order. For example, in
calculating 6=7, you look down the remainder list and see where you get a 6.
The process for 6=7 will start there, as in Figure 4.11.
The point of Figure 4.11 is that you can “pick up” the calculation at any step
in the process—in a way, the calculation of 6=7 is embedded in the calculation
of 1=7. So are the calculations for all the other k=7 for 2 k 5.
So, the sequence of remainders in a long division provides the key to which
decimal expansions can be obtained from the same long division. For the ra-
tionals k=7, there were six remainders before things started to repeat, so we
get all the expansions 1=7; 2=7; : : : ; 6=7 from one calculation. But it isn’t al-
ways the case that you get all the expansions for k=n (where 1 k < n) from
the calculation of 1=n. That only happens when the period for the decimal ex-
pansion of 1=n has the maximal length n 1 (implying that n is prime). For
example, for the various k=13, you need two calculations, because the period
of the expansion for 1=13 is 6, not 12.
Earlier, on page 187, we listed the blocks for the various k=7, noting that
there seemed to be no apparent pattern to where each block starts. In fact, a
closer analysis of the long division gives us a way to calculate the digits in each
block. Consider again the calculation of the expansion for 6=7. As before, if
i i
“book2” — 2013/5/24 — 8:18 — page 188 — #208
i i
0. 142857. . . 0 . 857142. . .
7 1. 000000. . . 7 6 . 000000. . .
7 56
30 40
28 35
20 50
14 49
60 10
56 7
40 30
35 28
50 20
49 14
1 6
Figure 4.11. The expansion of 6=7 from that of 1=7.
we “forget” the decimal point, each new remainder gives the remainder when 6
times a power of 10 is divided by 7. Referring to Figure 4.11, we have
6 6 1 mod 7
4 6 10 mod 7
5 6 100 mod 7
1 6 1000 mod 7
3 6 10000 mod 7
2 6 100000 mod 7
6 6 1000000 mod 7:
Now, these are the remainders, not the digits in the block. Still, we have an
interesting preliminary result.
Lemma 4.69. Let 1 a < n, and suppose that gcd.10; n/ D gcd.a; n/ D 1.

If e is the order of 10 in Zn , then the j th remainder in the long division calcu-
lation of a=n, where 0 j e, is the solution cj of the congruence
cj a 10j mod n
with 0 cj < n.
Proof. Imagine dividing n into a with long division, up to j places. Suppose

that the remainder is cj :
.q1 q2 q3 q4 . . . qj

n a. 0 0 0 0. . . 0
Look at the example of

2=13: cj .
2 D .13 :1/ C 10 1 7
2 D .13 :15/ C 10 2 5 This says that
2 D .13 :13/ C 10 3 11
j
and so on. a D .n :q1 q2 q3 q4 : : : qj / C 10 cj :
i i
“book2” — 2013/5/24 — 8:18 — page 189 — #209
i i
Multiply both sides of the equation by 10j to find
a10j D .n q1 q2 q3 q4 : : : qj / C cj :
This says that
cj a 10j mod n:
What about the digits in the blocks? As in Lemma 4.69, let gcd.10; n/ D
gcd.a; n/ D 1 and e be the order of 10 in Zn . Then we know that the eth
remainder is a, where
a 10e a mod n: (4.3)
What is the block? Our old friend the Division Algorithm gives the answer:
Theorem 4.70. Let gcd.10; n/ D gcd.a; n/ D 1. If e is the order of 10 in Zn ,

then the sequence of digits in the block of the decimal expansion for a=n is
a.10e 1/
:
n
Proof. The above discussion shows that the block is the partial quotient up to
a remainder of a in the division. Rewrite Eq. (4.3) as:
a 10e D qn C a
Solving for q, we have the desired result.
Example 4.71. For the various k=7,
1
D :142857 : : : and 1.106 1/=7 D 142857
7
2
D :285714 : : : and 2.106 1/=7 D 285714
7
3
D :428571 : : : and 3.106 1/=7 D 428571
7
4
D :571428 : : : and 4.106 1/=7 D 571428
7
5
D :714285 : : : and 5.106 1/=7 D 714285
7
6
D :857142 : : : and 6.106 1/=7 D 857142:
7
Figure 4.12. The blocks of k=7 for 1 k < 7.
It’s an interesting calculation to go through the same process for the vari-
ous k=13. N
i i
“book2” — 2013/5/24 — 8:18 — page 190 — #210
i i
Exercises
4.87 Find the order of 10 modulo n (if it exists) for each value of n, and verify that the
decimal expansion of 1=n has period equal to the order.
(i) 7 (ii) 9 (iii) 3 (iv) 6 (v) 8
(vi) 11 (vii) 13 (viii) 39 (ix) 22 (x) 41
(xi) 73 (xii) 79 (xiii) 123 (xiv) 71 (xv) 61
4.88 * Finish the proof of Corollary 4.62 by showing that the decimal expansion of
1=n, where 1 a < n and gcd.a; n/ D 1, will repeat only after a remainder of a
occurs in the long division of a by n.
4.89 If
L D fu1 ; u2 ; : : : ; u.n/ g
is the list of units in Zn and u is any unit, show that the elements of
uL D fuu1 ; uu2; : : : ; uu.n/g
are all distinct.

4.90 Theorem 4.70 says that if gcd.10; n/ D gcd.a; n/ D 1 and e is the order of 10 in
Zn , then the block in the decimal expansion of a=n is a.10e 1/=n. Why is this
latter fraction an integer?
4.91 Suppose that gcd.10; n/ D gcd.a; n/ D 1, e is the order of 10 in Zn , and cj is the
Let a0 D a. remainder when a 10j is divided by n. If the block of a=n is :a1 a2 : : : ae , show,
for 1 j e, that
10cj 1 cj
aj D :
n
4.92 Just as there are b-adic expansions of integers, there are also such expansions
for rational numbers. For example, if we are working in base 5, then 1=5 D :1,
1=52 D :01, 1=53 D :001, and so on. Find rational numbers (written as a=b in
the usual way) that are equal to each 5-adic expansion.
(i) :2 (ii) :03 (iii) .1111. . .
(iv) :171717 : : : (v) :001001001: : :
4.93 Find the 5-adic expansion of each rational number
2 4 1
(i) 5 (ii) 25 (iii) 4
1 17 20
(iv) 24 (v) 24 (vi) 24
4.94 Show that a positive rational number has a terminating b-adic expansion for some
positive base b.
4.95 (i) What is the decimal expansion of 1=9801?
(ii) What is the period of this expansion?
Hint:
10000 1
D 2
9801 1
1 100
4.96 (i) What is the decimal expansion of 1=9899?

(ii) What is the period of this expansion?
i i
“book2” — 2013/5/24 — 8:18 — page 191 — #211
i i
5 Abstract Algebra
Why do mathematics? The answer is simple: we want to understand a corner

of our universe. But we are surrounded by so many different things that it
makes sense to organize and classify, thereby imposing some order. Naturally,
we draw on our experience, so we can decide what we think is important and
what is less interesting.
Numbers and calculations have been very useful for thousands of years, and
we have chosen to study them. In particular, we have seen that certain arith-
metic and geometric ideas help us understand how numbers behave. Some-
times the connections are quite surprising: for example, the relation between
Pythagorean triples and the method of Diophantus. We have also developed
several tools to facilitate our work: an efficient notation and mathematical in-
duction; the complex numbers and congruences have also enhanced our view.
There are unexpected consequences. As we investigate, we find that even
when we find a satisfying answer, new, interesting questions arise. Even though
the method of Diophantus explains almost every question we might have about
Pythagorean triples, it also suggests that we replace the unit circle by other
conic sections, thereby giving insight into some calculus.
It is now time to organize the number theory we have studied. The main
idea is to abstract common features of integers, rational numbers, complex
numbers, and congruences, as we did when we introduced the definition of
commutative ring. This will further our understanding of number theory itself
as well as other important topics, such as polynomials.
This chapter continues this adventure. In Section 5.1, we study domains,
an important class of commutative rings. In Section 5.2, we study polynomi-
als, one of the most important examples of commutative rings. We will show,
in particular, that any commutative ring can serve as coefficients in a ring of
polynomials. Section 5.3 introduces homomorphisms, which allows us to com-
pare and contrast commutative rings, as well as to make precise the idea that
two rings have structural similarities.
The rest of the chapter is devoted to the structure of rings of polynomi-
als. Using the results developed in Section 5.3, we’ll see how the two main
rings in high school mathematics—Z and polynomials in one variable with
coefficients in a field—share many structural similarities. For example, every
polynomial has a unique factorization as a product of primes (primes here are
called irreducible polynomials). And we’ll also revisit many of the theorems
from advanced high school algebra, like the factor theorem and the fact that
polynomials of degree n have at most n roots, putting these results in a more
general setting.
191
i i
“book2” — 2013/5/24 — 8:18 — page 192 — #212
i i
192 Chapter 5 Abstract Algebra
5.1 Domains and Fraction Fields

We now introduce a class of commutative rings that satisfy a property enjoyed
by our favorite rings: any product of nonzero integers is nonzero. On the other
hand, there are commutative rings in which a product of nonzero elements is 0.
For example, 2 3 D 0 in Z6 , even though both 2 and 3 are nonzero. We now
promote this property to a definition, for there are interesting examples (e.g.,
polynomials) where it occurs.
Many texts say integral Definition. A domain D is a nonzero commutative ring in which every prod-
domain instead of domain. uct of nonzero elements is nonzero.
A nonzero element a in a commutative ring R is called a zero divisor if

there is a nonzero b 2 R with ab D 0. Using this language, we can describe a
domain as a commutative ring without zero divisors.
The commutative ring of integers Z is a domain, but Zm is not a domain
when m is composite: if m D ab for 0 < a b < m, then a ¤ 0 and b ¤ 0,
but ab D m D 0. Recall the Boolean ring 2X in Example 4.47: its elements
are all the subsets of a set X, and its operations are symmetric difference and
intersection. If X has at least two elements, then there are nonempty disjoint
subsets A and B; that is, A \ B D ¿. Thus, A and B are nonzero elements of
2X whose product AB D 0, and so 2X is not a domain.
How to Think About It. Everyone believes that Z is a domain—the product

of two nonzero integers is nonzero—but a proof from first principles is surpris-
ingly involved. If you grant that Z sits inside R, a fact that is a cornerstone of
elementary school arithmetic using the “number line representation” of R, and
if you grant the fact that R is a field, then there is a simple proof (see Proposi-
tion 5.3). But that’s a fair amount of “granting.” We’ll simply assume that Z is
a domain.
Proposition 5.1. A nonzero commutative ring D is a domain if and only if it

satisfies the cancellation law: If ab D ac and a ¤ 0, then b D c.
Proof. Assume that D is a domain. If ab D ac and a ¤ 0, then 0 D ab ac D

a.b c/. Since a ¤ 0, we must have b c D 0. Hence, b D c and the
cancellation law holds.
Conversely, suppose that ab D 0, where both a and b are nonzero. Rewrite
this as ab D a0. Since a ¤ 0 and the cancellation law holds, we have b D 0,
a contradiction. Hence, D is a domain.
Corollary 5.2. Every field F is a domain.
Proof. The cancellation law holds: if a 2 F is nonzero and ab D ac, then

a 1 ab D a 1 ac and b D c.
Proposition 5.3. Every subring S of a field F is a domain.
Proof. By Corollary 5.2, F is a domain. If a; b 2 S are nonzero, then their

product (in F , and hence in S ) is also nonzero. Hence, S is a domain.
i i
“book2” — 2013/5/24 — 8:18 — page 193 — #213
i i
5.1 Domains and Fraction Fields 193
For example, if we assume that R is a field and Z is a subring of R, then Z is

a domain. The proof of Proposition 5.3 shows more: every subring of a domain
is a domain.
Fraction Fields
The converse of Proposition 5.3—every domain is a subring of a field—is
much more interesting than the proposition. Just as the domain Z is a sub-
ring of the field Q, so, too, is any domain a subring of its fraction field. We’ll
construct such a field containing a given domain using the construction of Q
from Z as inspiration. This is not mere generalization for generalization’s sake;
we shall see, for example, that it will show that certain polynomial rings are
subrings of fields of rational functions.
How to Think About It. Warning! Over the years, school curricula have
tried using the coming discussion to teach fractions to precollege students,
even to fourth graders. This is a very bad idea. Experience should precede
formalism and, in this particular case, introducing rational numbers as ordered
pairs of integers was a pedagogical disaster.
Elementary school teachers often say that 24 D 36 because 2 6 D 4 3.

Sure enough, both products are 12, but isn’t this a non sequitur? Does it make
sense? Why should cross multiplication give equality? Teachers usually con-
tinue: suppose you have two pizzas of the same diameter, the first cut into four
pieces of the same size, the second into six pieces of the same size; eating two
slices of the first pizza is just as filling as eating three slices of the second. This
makes more sense, and it tastes better, too. But wouldn’t it have been best had
the teacher said that if a=b D c=d , then multiplying both sides by bd gives
ad D bc; and, conversely, if ad D bc, multiplying both sides by d 1 b 1
gives a=b D c=d ?
What is 21 ? What is a fraction? A fraction is determined by a pair of integers–
its numerator and denominator—and so we start with ordered pairs. Let X be
the set of all ordered pairs .a; b/ of integers with b ¤ 0 (informally, we are
thinking of a=b when we write .a; b/). Define cross multiplication to be the
relation on X
.a; b/ .c; d / if ad D bc:
This is an equivalence relation. It is reflexive: .a; b/ .a; b/ because ab D
ba. It is symmetric: if .a; b/ .c; d /, then .c; d / .a; b/ because ad D bc
implies cb D da. We claim it is transitive: if .a; b/ .c; d / and .c; d /
.e; f /, then .a; b/ .e; f /. Since .a; b/ .c; d /. we have ad D bc, so that
adf D bcf ; similarly, .c; d / .e; f / gives cf D de, so that bcf D bde.
Thus,
adf D bcf D bde:
Hence, adf D bde and, canceling d (which is not 0), gives af D be; that is,
.a; b/ .e; f /.
How to Think About It. One reason cross multiplication is important is that
it converts many problems about fractions into problems about integers.
i i
“book2” — 2013/5/24 — 8:18 — page 194 — #214
i i
Lemma 5.4. If D is a domain and X is the set of all .a; b/ 2 D D with

b ¤ 0, then cross multiplication is an equivalence relation on X.
Proof. The argument given above for Z is valid for D. The assumption that D
is a domain is present so that we can use the cancellation law to prove trans-
itivity.
Notation. If D is a domain, the equivalence class of .a; b/ 2 X D D is

denoted by
Œa; b:
Specialize Lemma A.16 in Appendix A.2 to the relation on X: Œa; b D

Œc; d if and only if .a; b/ .c; d /; that is, Œa; b D Œc; d if and only if
ad D bc.
Let’s finish the story in the context of arbitrary domains.
Fraction field? Stay tuned. Definition. The fraction field of a domain D is
Frac.D/ D fŒa; b W a; b 2 D and b ¤ 0g:
How to Think About It. In the back of our minds, we think of Œa; b as
the fraction a=b. But, in everyday experience, fractions (especially rational
numbers) are used in calculations—they can be added, multiplied, subtracted,
and divided. The next theorem equips Frac.D/ with binary operations that will
look familiar to you if you keep thinking that Œa; b stands for a=b.
Theorem 5.5. Let D be a domain.

(i) Frac.D/ is a field if we define
Œa; b C Œc; d D Œad C bc; bd and Œa; bŒc; d D Œac; bd :
(ii) The subset D 0 of Frac.D/, defined by
D 0 D fŒa; 1 W a 2 Dg;
is a subring of Frac.D/.
1
(iii) Every h 2 Frac.D/ has the form uv , where u; v 2 D 0 .
Proof. (i) Define addition and multiplication on F D Frac.D/ as in the

statement. The symbols Œad Cbc; bd and Œac; bd in the definitions make
sense, for b ¤ 0 and d ¤ 0 imply bd ¤ 0, because D is a domain. The
proof that F is a field is now a series of routine steps.
We show that addition F F ! F is well-defined (i.e., single-
valued): if Œa; b D Œa0 ; b 0 and Œc; d D Œc 0 ; d 0 , then Œad C bc; bd D
Œa0 d 0 C b 0 c 0 ; b 0 d 0 . Now ab 0 D a0 b and cd 0 D c 0 d . Hence,
.ad C bc/b 0 d 0 D adb 0 d 0 C bcb 0 d 0 D .ab 0 /dd 0 C bb 0 .cd 0 /

D a0 bdd 0 C bb 0 c 0 d D .a0 d 0 C b 0 c 0 /bd I
that is, .ad C bc; bd / .a0 d 0 C b 0 c 0 ; b 0 d 0 /, as desired. A similar com-

putation shows that multiplication F F ! F is well-defined.
i i
“book2” — 2013/5/24 — 8:18 — page 195 — #215
i i
5.1 Domains and Fraction Fields 195
The verification that F is a commutative ring is also routine, and it is

left as Exercise 5.5 below, with the hints that the zero element is Œ0; 1,
the identity is Œ1; 1, and the negative of Œa; b is Œ a; b.
To see that F is a field, observe first that if Œa; b ¤ 0, then a ¤ 0
(for the zero element of F is Œ0; 1 D Œ0; b). We claim that the inverse
of Œa; b is Œb; a, for Œa; bŒb; a D Œab; ab D Œ1; 1. Therefore, every
nonzero element of F has an inverse in F .
(ii) We show that D 0 is a subring of F :
Œ1; 1 2 D 0
Œa; 1 C Œc; 1 D Œa C c; 1 2 D 0
Œa; 1Œc; 1 D Œac; 1 2 D 0 :
(iii) If h D Œa; b, where b ¤ 0, then
h D Œa; 1Œ1; b D Œa; 1Œb; 1 1:
Notation. From now on, we use standard notation: If D is a domain, then the But be careful: for arbitrary
element Œa; b in Frac.D/ will be denoted by fraction fields, the notation
a=b is just an alias for
Œa; b. For Q, the notation
a=b:
is loaded with all kinds of
extra meanings that don’t
Of course, Q D Frac.Z/. Not surprisingly, elementary school teachers are carry over to the general
correct: it is, indeed, true that a=b D c=d if and only if ad D bc. setting (for example, as a
We started this section with two goals: to show that every domain is a sub- number having a decimal
expansion obtained by
ring of a field, and to make precise the notion of “fraction.” We’ve done the
dividing a by b).
second, but we didn’t quite show that a domain D is a subring of Frac.D/;
instead, we showed that D 0 is a subring of Frac.D/, where D 0 consists of all
Œa; 1 for a 2 D. Now D and D 0 do bear a strong resemblance to each other.
If we identify each a in D with Œa; 1 in D 0 (which is reminiscent of identify-
ing an integer m with the fraction m=1), then not only do elements correspond
nicely, but so, too, do the operations: a C b corresponds to Œa C b; 1:
Œa; 1 C Œb; 1 D Œa 1 C 1 b; 1 1 D Œa C b; 1I
similarly, ab corresponds to Œab; 1 D Œa; 1Œb; 1. In Section 5.3, we will dis-
cuss the important idea of isomorphism which will make our identification here
precise. For the moment, you may regard D and D 0 as algebraically the same.
Exercises
5.1 Let R be a domain. If a 2 R and a2 D a, prove that a D 0 or a D 1. Compare
with Exercise 4.40 on page 164.
5.2 Prove that the Gaussian integers ZŒi and the Eisenstein integers ZŒ! are do-
mains.
5.3 * Prove that Zm is a domain if and only if Zm is a field. Conclude, using Theo-
rem 4.43, that Zm is a domain if and only if m is prime.
5.4 Prove that every finite domain D (i.e., jDj < 1) is a field.
Hint: Use the Pigeonhole Principle, Exercise A.11 on page 419.
i i
“book2” — 2013/5/24 — 8:18 — page 196 — #216
i i
5.5 * Complete the proof of Theorem 5.5.

5.6 Let Q.i / D fr C si W r; s 2 Qg be the set of complex numbers whose real and
imaginary parts are rational.
(i) Show that Q.i / is a field.
(ii) True or false? Frac .ZŒi / D fŒr C si; 1 W r C si 2 Q.i /g :
5.7 *
(i) Show that Q.!/ D fr C s! W r; s 2 Qg is a field, where ! D e2 i=3 is a
cube root of unity.
(ii) True or false? Frac .ZŒ!/ D fŒr C s!; 1 W r C s! 2 Q.!/g : Why?
5.2 Polynomials
You are surely familiar with polynomials; since they can be added and mul-
tiplied, it is not surprising that they form commutative rings. However, there
are some basic questions about them whose answers may be less familiar. Is a
polynomial a function? Is x a variable? If not, just what is x? After all, we first
encounter polynomials as real-valued functions having simple formulas; for
example, f .x/ D x 3 2x 2 C 7 is viewed as the function f # W R ! R defined
by f # .a/ D a3 2a2 C7 for every a 2 R. But some polynomials have complex
coefficients. Is it legitimate to consider polynomials whose coefficients lie in
any commutative ring R? When are two polynomials equal? Every high school
algebra student would say that the functions defined by f .x/ D x 7 C 2x 1
and g.x/ D 3x C 6 are not the same, because they are defined by different
polynomials. But these two functions are, in fact, equal when viewed as func-
tions Z7 ! Z7 , a fact that you can check by direct calculation. Here’s another
example. Is it legitimate to treat 2x C 1 as a polynomial whose coefficients lie
in Z4 ? If so, then .2x C 1/2 D 4x 2 C 4x C 1 D 1 (for 4 D 0 in Z4 ); that
is, the square of this linear polynomial is a constant! Sometimes polynomials
are treated as formal expressions in which x is just a symbol, as, for example,
when you factor x 6 1 or expand .x C 1/5 . And sometimes polynomials are
treated as functions that can be graphed or composed. Both of these perspec-
tives are important and useful, but they are clearly different.
We now introduce polynomials rigorously, for this will enable us to answer
these questions. In this section, we’ll first study polynomials from the formal
viewpoint, after which we’ll consider polynomial functions. In the next sec-
tion, we will see that the notion of homomorphism will link the formal and the
function viewpoints, revealing their intimate connection.
How to Think About It. As we said on page 193 in the context of fractions,
rigorous developments should not be points of entry. One goal of this section is
to put polynomials on a firm footing. This will prepare you for any future work
you do with beginning algebra students, but it is in no way meant to take the
place of all of the informal experience that’s necessary before the formalities
can be appreciated and understood.
We investigate polynomials in a very formal way,beginning with the allied

notion of power series. A key observation is that one should pay attention to
where the coefficients of polynomials live.
i i
“book2” — 2013/5/24 — 8:18 — page 197 — #217
i i
5.2 Polynomials 197
Definition. If R is a commutative ring, then a formal power series over R is a

sequence
D .s0 ; s1; s2; : : : ; si ; : : : /I
the entries si 2 R are called the coefficients of .
Be patient. The reason for this terminology will be apparent in a few pages. In linear algebra, you may
In the meantime, pretend that .s0 ; s1; s2 ; : : : ; si ; : : : / is really s0 C s1 x C have seen the example of
s2 x 2 C C si x i C . the vector space V of all
polynomials of degree, say,
A formal power series over R is a sequence, but a sequence is just a 3 or less, with coefficients
function W N ! R (where N is the set of natural numbers) with .i / D si in R. As a vector space,
for all i 0. By Proposition A.2 in Appendix A.1, two sequences and are V can be thought of as
equal if and only if .i / D .i / for all i 2 N. So, formal power series are R4 , where the 4-tuple
equal if and only if they are equal “coefficient by coefficient.” .5; 6; 8; 9/ corresponds to
the polynomial 5 C 6x C
8x 2 C 9x 3 .
Proposition 5.6. Formal power series D .s0 ; s1; s2 ; : : : ; si ; : : : / and D
.t0 ; t1; t2 ; : : : ; ti ; : : : / over a commutative ring R are equal if and only if si D ti
for all i 0.
How to Think About It. Discussions of power series in calculus usually

involve questions asking about those values of x for which s0 C s1 x C s2x 2 C
converges. In most commutative rings, however, limits are not defined,
and so, in general, convergence of formal power series does not even make
sense. Now the definition of formal power series is not very complicated, while
limits are a genuinely new and subtle idea (it took mathematicians around 200
years to agree on a proper definition). Since power series are usually introduced
at the same time as limits, however, most calculus students (and ex-calculus
students!) are not comfortable with them; the simple notion of power series is
entangled with the sophisticated notion of limit.
Today’s calculus classes do not follow the historical development. Calcu-
lus was invented to answer a practical need; in fact, the word calculus arose
because it described a branch of mathematics involving or leading to calcu-
lations. In the 1600s, navigation on the high seas was a matter of life and
death, and practical tools were necessary for the safety of boats crossing the
oceans. One such tool was calculus, which is needed in astronomical calcula-
tions. Newton realized that his definition of integral was complicated; telling
a navigator that the integral of a function is some fancy limit of approxima-
tions and fluxions would be foolish. To make calculus useful, he introduced
power series (Newton discovered the usual power series for sin x and cos x),
he assumed that most integrands occurring in applications have a power series
expansion, and he further assumed that term-by-term integration was valid for
them. Thus, power series were actually introduced as “long polynomials” in
order to simplify using calculus in applications.
Polynomials are special power series.
Definition. A polynomial over a commutative ring R is a formal power series

D .s0 ; s1 ; : : : ; si ; : : : / over R for which there exists some integer n 0 with
si D 0 for all i > n; that is,
D .s0 ; s1 ; : : : ; sn; 0; 0; : : : /:
i i
“book2” — 2013/5/24 — 8:18 — page 198 — #218
i i
The zero polynomial, denoted by D 0, is the sequence D .0; 0; 0; : : : /.
A polynomial has only finitely many nonzero coefficients; that is, it is a

“short power series.”
Some authors define Definition. If D .s0 ; s1 ; : : : ; sn; 0; 0; : : : / is a nonzero polynomial, then

the degree of the zero there is n 0 with sn ¤ 0 and si D 0 for all i > n. We call sn the leading
polynomial 0 to be 1,
coefficient of , we call n the degree of , and we denote the degree by n D
where 1 C n D 1 for
every integer n 2 N (this deg./.
is sometimes convenient). The zero polynomial 0 does not have a degree because it has no nonzero
We choose not to assign coefficients.
a degree to 0 because,
in proofs, it often must
be treated differently than Etymology. The word degree comes from the Latin word meaning “step.”
other polynomials. Each term si x i (in the usual notation s0 C s1 x C s2 x 2 C C si x i C ) has
degree i , and so the degrees suggest a staircase.
The word coefficient means “acting together to some single end.” Here, co-
efficients collectively give one formal power series or one polynomial.
Notation. If R is a commutative ring, then
RŒŒx
denotes the set of all formal power series over R, and
RŒx RŒŒx
denotes the set of all polynomials over R.
We want to make RŒŒx into a commutative ring, and so we define addition

and multiplication of formal power series. Suppose that
D .s0 ; s1; : : : ; si ; : : : / and D .t0 ; t1 ; : : : ; ti ; : : : /:
Define their sum by adding term by term:
C D .s0 C t0 ; s1 C t1 ; : : : ; si C ti ; : : : /:
What about multiplication? The product of two power series is also computed
term by term; multiply formally and collect like powers of x:
.s0 C s1 x C s2 x 2 C C si x i C /.t0 C t1 x C t2 x 2 C C tj x j C /
D s0 .t0 C t1 x C t2 x 2 C / C s1 x.t0 C t1 x C t2 x 2 C / C
D .s0 t0 C s0 t1 x C s0 t2 x 2 C / C .s1 t0 x C s1 t1 x 2 C s1 t2 x 3 C / C
D s0 t0 C .s1 t0 C s0 t1 /x C .s0 t2 C s1 t1 C s2 t0 /x 2 C :
Motivated by this, we define multiplication of formal power series by
D .s0 t0 ; s0 t1 C s1 t0 ; s0 t2 C s1 t1 C s2 t0 ; : : : /I
more precisely,
D .c0 ; c1; : : : ; ck ; : : : /;
P Pk
where ck D i Cj Dk si tj D i D0 si tk i .
i i
“book2” — 2013/5/24 — 8:18 — page 199 — #219
i i
5.2 Polynomials 199
Proposition 5.7. If R is a commutative ring, then RŒŒx, together with the

operations of addition and multiplication defined above, is a commutative ring.
Proof. Addition and multiplication are operations on RŒŒx: the sum and prod-
uct of two formal power series are also formal power series. Define zero to be
the zero polynomial, define the identity to be the polynomial .1; 0; 0; : : : /, and
define the negative of .s0 ; s1; : : : ; si ; : : : / to be . s0 ; s1; : : : ; si ; : : : /. Veri-
fications of the axioms of a commutative ring are routine, and we leave them as
Exercise 5.8 on page 202. The only difficulty that might arise is proving the as-
sociativity of multiplication. Hint: if D .r0 ; r1P ; : : : ; ri ; : : : /, then the `th co-
ordinate of the polynomial ./ turns out to be i Cj CkD` Pri .sj tk /, while the
`th coordinate of the power series ./ turns out to be i Cj CkD` .ri sj /tk ;
these are equal because associativity of multiplication in R gives ri .sj tk / D
.ri sj /tk for all i; j; k.
We’ll see in a moment that the subset RŒx of polynomials is a subring of
the commutative ring of formal power series RŒŒx.
Lemma 5.8. Let R be a commutative ring and , 2 RŒx be nonzero poly-

nomials.
(i) Either D 0 or deg./ deg./ C deg./.
(ii) If R is a domain, then ¤ 0 and
deg./ D deg./ C deg./:
Proof. Let D .s0 ; s1 ; : : : / have degree m, let D .t0 ; t1 ; : : : / have degree

n, and let D .c0 ; c1; : : : /.
(i) It suffices to prove that ck D 0 for all k > m C n. By definition,
ck D s0 tk C C smtk m C smC1 tk m 1 C sk t0 :
All terms to the right of sm tk m are 0, because deg./ D m, and so si D 0

for all i m C 1. Now sm tk m , as well as all the terms to its left, are 0,
because deg./ D n, and so tj D 0 for all j k m > n.
(ii) We claim that cmCn D sm tn , the product of the leading coefficients of
and . Now
X
cmCn D si tj
i Cj DmCn
D s0 tmCn C C sm 1 tnC1 C sm tn C smC1 tn 1 C :
We show that every term si tj in cmCn , other than sm tn , is 0. If i < m,

then m i > 0; hence, j D m i C n > n, and so tj D 0; that is, each
term to the left of smtn is 0. If i > m, then si D 0, and each term to the
right of sm tn is 0. Therefore,
cmCn D sm tn :
If R is a domain, then sm ¤ 0 and tn ¤ 0 imply sm tn ¤ 0; hence,

cmCn D sm tn ¤ 0, ¤ 0, and deg./ D m C n:
i i
“book2” — 2013/5/24 — 8:18 — page 200 — #220
i i
Corollary 5.9. (i) If R is a commutative ring, then RŒx and R are subrings
of RŒŒx.
Exercise 5.22 on page (ii) If R is a domain, then RŒx is a domain.
203 shows that if R is a
domain, then RŒŒx is a
domain.
Proof. (i) Let ; 2 RŒx. Now C is a polynomial, for either C D 0
or deg. C / maxfdeg./; deg./g. By Lemma 5.8(i), the product
of two polynomials is also a polynomial. Finally, 1 D .1; 0; 0; : : :/ is a
polynomial, and so RŒx is a subring of RŒŒx.
It is easy to check that R0 D f.r; 0; 0; : : : / W r 2 Rg is a subring of
See Exercise 5.9 on RŒx, and we may view R0 as R by identifying r 2 R with .r; 0; 0; : : : /.
page 202.
(ii) If and are nonzero polynomials, then Lemma 5.8(ii) shows that ¤
0. Therefore, RŒx is a domain.
We remark that R can’t be a subring of RŒx or of RŒŒx because it’s not

even a subset of these rings. This is why we have introduced the subring R0 .
A similar thing happened when we couldn’t view a domain D as a subring
of its fraction field Frac.D/. We shall return to this point when we discuss
isomorphisms.
From now on, we view RŒx and RŒŒx as rings, not merely as sets.
Definition. If R is a commutative ring, then RŒx is called the ring of polyno-

mials over R, and RŒŒx is called the ring of formal power series over R.
Here is the link between this discussion and the usual notation.
Definition. The indeterminate x is the element
x D .0; 1; 0; 0; : : : / 2 RŒx:
How to Think About It. Thus, x is neither “the unknown” nor a variable;
it is a specific element in the commutative ring RŒx, namely, the polynomial
.a0 ; a1 ; a2 ; : : : / with a1 D 1 and all other ai D 0; it is a polynomial of de-
gree 1.
Note that we need the unit 1 in a commutative ring R in order to define the
indeterminate in RŒx.
Lemma 5.10. Let R be a commutative ring.

(i) If D .s0 ; s1 ; : : : ; sj ; : : : / 2 RŒŒx, then
x D .0; s0 ; s1; : : : ; sj ; : : : /I
that is, multiplying by x shifts each coefficient one step to the right.
(ii) If n 0, then x n is the polynomial having 0 everywhere except for 1 in
the nth coordinate.
(iii) If r 2 R and .s0 ; s1; : : : ; sj ; : : : / 2 RŒŒx, then
.r; 0; 0; : : : /.s0 ; s1 ; : : : ; sj ; : : : / D .r s0 ; r s1; : : : ; r sj ; : : : /:
i i
“book2” — 2013/5/24 — 8:18 — page 201 — #221
i i
5.2 Polynomials 201
Proof. (i) Write x D .a0 ; a1 ; : : : ; ai ; : : : /, where a1 D 1 and all other ai D

0, and let x D .c0 ; c1; : : : ; ck ; : : : /. Now c0 D a0 s0 D 0,P because a0 D
0. If k 1, then the only nonzero term in the sum ck D i Cj Dk ai sj
is a1 sk 1 D sk 1 , because ai D 0 for i ¤ 1; thus, for k 1, the kth
coordinate ck of x is sk 1 , and x D .0; s0 ; s1; : : : ; si ; : : : /.
(ii) Use induction and part (i).
(iii) This follows from the definition of multiplication.
If we identify .r; 0; 0; : : : / with r , as in the proof of Corollary 5.9, then See Exercise 5.11 on
Lemma 5.10(iii) reads page 202.
r .s0 ; s1; : : : ; si ; : : : / D .r s0 ; r s1; : : : ; r si ; : : : /:

We can now recapture the usual polynomial notation.
Proposition 5.11. Let R be a commutative ring. If D .s0 ; s1; : : : ; sn ; 0; 0; : : : / 2

RŒx has degree n, then
D s0 C s1 x C s2 x 2 C C sn x n ;
where each element s 2 R is identified with the polynomial .s; 0; 0; : : : /. More-
over, if D t0 C t1 x C t2 x 2 C C tm x m , then D if and only if n D m So, two polynomials are
and si D ti for all i 0. equal in RŒx if and only
if they are equal “term by
term.”
Proof.
D .s0 ; s1 ; : : : ; sn; 0; 0; : : : /
D .s0 ; 0; 0; : : : / C .0; s1; 0; : : : / C C .0; 0; : : : ; 0; sn; 0; : : : /
D s0 .1; 0; 0; : : : / C s1 .0; 1; 0; : : : / C C sn .0; 0; : : : ; 0; 1; 0; : : :/
D s0 C s1 x C s2 x 2 C C sn x n :
The second statement merely rephrases Proposition 5.6, equality of polyno-
mials, in terms of the usual notation.
We shall use this familiar (and standard) notation from now on. As is cus-
tomary, we shall write
f .x/ D s0 C s1 x C s2x 2 C C sn x n
instead of D .s0 ; s1; : : : ; sn ; 0; 0; : : : /.
Corollary 5.12. If R is a commutative ring, then the polynomial ring RŒx is

infinite.
Proof. By Proposition 5.11, x i ¤ x j if i ¤ j .

If f .x/ D s0 C s1x C s2x 2 C C snx n , where sn ¤ 0, then s0 is called its
constant term and, as we have already said, sn is called its leading coefficient.
If its leading coefficient sn D 1, then f .x/ is called monic. Every polynomial
other than the zero polynomial 0 (having all coefficients 0) has a degree. A
constant polynomial is either the zero polynomial or a polynomial of degree
0. Polynomials of degree 1, namely a C bx with b ¤ 0, are called linear,
polynomials of degree 2 are quadratic, degree 3s are cubic, then quartics,
quintics, and so on.
i i
“book2” — 2013/5/24 — 8:18 — page 202 — #222
i i
Etymology. Quadratic polynomials are so called because the particular qua-

dratic x 2 gives the area of a square (quadratic comes from the Latin word
meaning four, which reminds us of the 4-sided figure); similarly, cubic polyno-
mials are so called because x 3 gives the volume of a cube. Linear polynomials
are so called because the graph of a linear polynomial ax C b in RŒx is a line.
Exercises
5.8 * Fill in the details and complete the proof of Proposition 5.7.
5.9 * Suppose that R is a commutative ring. In the proof of Corollary 5.9(i), we de-
fined R0 as the set of all power series of the form .r; 0; 0; 0; : : : / where r 2 R, and
we said “we may view R0 as R by identifying r 2 R with .r; 0; 0; : : : /.” Show, if
r; s 2 R, that
(i) r C s is identified with .r; 0; 0; 0; : : : / C .s; 0; 0; 0; : : : /
(ii) rs is identified with .r; 0; 0; 0; : : : /.s; 0; 0; 0; : : : /.
5.10 If .t0 ; t1 ; t2 ; : : : / is a power series over R and r 2 R, show that
.r; 0; 0; 0; : : : /.t0 ; t1 ; t2 ; : : : / D .rt0 ; rt1 ; rt2 ; : : : /:
5.11 * Suppose that F is a field. Show that F ŒŒx is a vector space over F where
Vector spaces over arbi- addition is defined as addition of power series and scalar multiplication is defined
trary fields are discussed by
in Appendix A.3.
r.s0 ; s1 ; s2 ; : : : / D .rs0 ; rs1 ; rs2 ; : : : /:
5.12 If R is the zero ring, what are RŒx and RŒŒx? Why?
5.13 Prove that if R is a commutative ring, then RŒx is never a field.
Hint: If x 1 exists, what is its degree?
5.14 (i) Let R be a domain. Prove that if a polynomial in RŒx is a unit, then it is a
nonzero constant (the converse is true if R is a field).
Hint: Compute degrees.
(ii) Show that .2x C 1/2 D 1 in Z4 Œx. Conclude that 2x C 1 is a unit in Z4 Œx,
and that the hypothesis in part (i) that R be a domain is necessary.
5.15 * If R is a commutative ring and
f .x/ D s0 C s1 x C s2 x 2 C C sn x n 2 RŒx
has degree n 1, define its formal derivative f 0 .x/ 2 RŒx by
f 0 .x/ D s1 C 2s2 x C 3s3 x 2 C C nsn x n 1

I
if f is a constant polynomial, define its derivative to be the zero polynomial.

Prove that the usual rules of calculus hold for derivatives in RŒx:
.f C g/0 D f 0 C g0
.rf /0 D r.f 0 / if r 2 R
.fg/ D fg C f 0 g
0 0
Œ1pt .f n /0 D nf n 1
f0 for all n 1:
i i
“book2” — 2013/5/24 — 8:18 — page 203 — #223
i i
5.2 Polynomials 203
R
5.16 Take It Further. Define W QŒx ! QŒx by
Z
f D a0 x C 12 a1 x 2 C C nC1
1
an x nC1 2 QŒx;
where f .x/ D a0 C a1 x C C an x n 2 QŒx. 1QŒx denotes the identity

R R R function on the set QŒx.
(i) Prove that .f C g/ D f C g. Why didn’t we define
R R R
(ii) If D is the derivative, prove that D D 1QŒx , but that D ¤ 1QŒx . W RŒx ! RŒx for any
commutative ring R?
5.17 *Preview. Let R be a commutative ring, let f .x/ 2 RŒx, and let f 0 .x/ be its
derivative.
(i) Prove that if .x a/2 is a divisor of f in RŒx, then x a is a divisor of f 0
in RŒx.
(ii) Prove that if x a is a divisor of both f and f 0 , then .x a/2 is a divisor
of f .
5.18 (i) If f .x/ D ax 2p C bx p C c 2 Zp Œx, prove that f 0 .x/ D 0.
(ii) Prove that a polynomial
P f .x/ 2 Zp Œx has f 0 .x/ D 0 if and only ifPthere is a
polynomial g.x/ D an x with f .x/ D g.x p /; that is, f .x/ D an x np .
n
5.19 If p is a prime, show, in Zp Œx, that
.x C 1/p D x p C 1:
5.20 *
(i) If R is a domain and D 1 C x C x 2 C C x n C 2 RŒŒx, prove that
is a unit in RŒŒx; in fact, .1 x/ D 1.
(ii) Show that .1 x/2 is a unit in QŒŒx, and express 1=.1 x/2 as a power
series.
Hint: See Exercise 5.22 below.
5.21 Show that 1 x x 2 is a unit in QŒŒx, and express 1=.1 x x 2 / as a power
series.
5.22 *
(i) Prove that if R is a domain, then RŒŒx is a domain.
Hint: If D .s0 ; s1 ; : : : / 2 RŒŒx is nonzero, define the order of , denoted
by ord. /, to be the smallest n 0 for which sn ¤ 0. If R is a domain and
; 2 RŒŒx are nonzero, prove that ord. / ord. / C ord. /, and use
this to conclude that ¤ 0.
(ii) Let k be a field. Prove that a formal power series 2 kŒŒx is a unit if and
only if its constant term is nonzero; that is, ord. / D 0.
(iii) Prove that if 2 kŒŒx and ord. / D n, then D x n u, where u is a unit
in kŒŒx.
5.23 *
(i) Prove that Frac.ZŒx/ D Q.x/.
(ii) Let D be a domain with K D Frac.D/. Prove that Frac.DŒx/ D K.x/.
5.24 (i) Expand .C 2 C S 2 1/.S 2 C 2CS C 2 /, where C and S are elements in
some commutative ring.
(ii) Establish the trigonometric identity
cos2 x C 2 cos3 x sin x C 2 cos x sin3 x C sin4 x D

cos4 x C 2 cos x sin x C sin2 x:
i i
“book2” — 2013/5/24 — 8:18 — page 204 — #224
i i
5.25 Preview. Suppose p is a prime and
xp 1
fp .x/ D :
x 1
(i) Show that fp .x/ D x p 1 C xp 2 C C 1.

(ii) Show that fp .x C 1/ D xp in Zp Œx.
Polynomial Functions
Let’s now pass to viewing polynomials as functions. Each polynomial f .x/ D
s0 Cs1x Cs2x 2 C Csn x n 2 RŒx defines its associated polynomial function
f # W R ! R by evaluation:
f # .a/ D s0 C s1 a C s2 a2 C C sn an 2 R;
where a 2 R (in this way, we can view the indeterminate x as a variable).

In Proposition 6.18, we will But polynomials and polynomial functions are different things. For example,
see that there’s a bijection Corollary 5.12 says, for every commutative ring R, that there are infinitely
between polynomials and
many polynomials in RŒx. On the other hand, if R is finite (e.g., R D Zm ),
their associated polynomial
functions if R is an infinite then there are only finitely many functions from R to itself, and so there are
field. only finitely many polynomial functions. Fermat’s Theorem (ap a mod p
for every prime p) gives a concrete example of distinct polynomials defining
the same polynomial function; f .x/ D x p x is a nonzero polynomial, yet its
associated polynomial function f # W Zp ! Zp is the constant function zero.
Recall Example 4.31: if R is a commutative ring, then Fun.R/ D RR ,
the set of all functions from R to itself, is a commutative ring under pointwise
operations. We have seen that every polynomial f .x/ 2 RŒx has an associated
polynomial function f # 2 Fun.R/, and we claim that
Poly.R/ D ff # W f .x/ 2 RŒxg
is a subring of Fun.R/ (we admit that we are being very pedantic, but you
will see in the next section that there’s a good reason for this fussiness). The
identity u of RR is the constant function with value 1, where 1 is the identity
element of R; that is, u D 1# , where 1 is the constant polynomial. We claim
that if f .x/; g.x/ 2 RŒx, then
f # C g# D .f C g/# and f # g# D .fg/# :
(In the equation f # C g# D .f C g/# , the plus sign on the left means addition
of functions, while the plus sign on the right means the usual addition of poly-
nomials in RŒx; a similar remark holds for multiplication.) The proof of these
equations is left as Exercise 5.27 on page 206.
Etymology. In spite of the difference between polynomials and polynomial

functions, RŒx is often called the ring of all polynomials in one variable
over R.
Since kŒx is a domain when k is a field, by Corollary 5.9(ii), it has a frac-

tion field.
i i
“book2” — 2013/5/24 — 8:18 — page 205 — #225
i i
5.2 Polynomials 205
Definition. If k is a field, then the fraction field Frac.kŒx/ of kŒx, denoted We can define R.x/ for
by arbitrary domains R. See
k.x/;
is called the field of rational functions over k.
How to Think About It. By convention, the elements of k.x/ are called
rational “functions” but they are simply elements of the fraction field for kŒx.
Of course, a rational function can be viewed as an actual function via evalu-
ation at elements of k, in the same way that a polynomial in kŒx gives rise
to its associated polynomial function defined on k. But the domain of such a
rational function may not be all of k (why?).
We’ll use the standard notation for elements in fraction fields (introduced
on page 195) for rational functions over a field: Œf; g will be denoted by f =g.
Proposition 5.13. If p is prime, then the field of rational functions Zp .x/ is

an infinite field containing Zp as a subfield.
Proof. By Corollary 5.12, Zp Œx is infinite, because the powers x n , for n 2 N,

are distinct. Thus, its fraction field, Zp .x/, is an infinite field containing Zp Œx
as a subring. But Zp Œx contains Zp as a subring, by Corollary 5.9. Well, Zp .x/ contains a
domain with a “strong
Notation. We’ve been using Zp to stand for the integers mod p, and we know resemblance” to Zp Œx
(see page 195). We’ll make
that it is a field. There are other finite fields that do not have a prime number this precise in Section 5.3.
of elements; you met one, F4, in Exercise 4.55 on page 165. It’s customary to
denote a field with q elements by
Fq :
It turns out that q D p n for some prime p and some n 1. Moreover, there
exists essentially only one field with q elements, a fact we’ll prove in Chap-
ter 7. In particular, there is only one field with exactly p elements and so, from
now on, we’ll use the notations
Zp D Fp
interchangeably (we’ll use Fp when we’re viewing it as a field).
Let’s now consider polynomials over R in two variables x and y. A quadratic

polynomial ax 2 C bxy C cy 2 C dx C ey C f can be rewritten as
ax 2 C .by C d /x C .cy 2 C ey C f /I
that is, it is a polynomial in x with coefficients in RŒy. If we write A D RŒy,
then it is clear that AŒx is a commutative ring.
Definition. If R is a commutative ring, then RŒx; y D AŒx, where A D RŒy,

is the ring of all polynomials over R in two variables.
By induction, we can form the commutative ring RŒx1 ; x2; : : : ; xn of all

polynomials in n variables over R:

RŒx1 ; x2; : : : ; xnC1 D RŒx1 ; x2; : : : ; xn ŒxnC1 :
i i
“book2” — 2013/5/24 — 8:18 — page 206 — #226
i i
Corollary 5.9 can now be generalized, by induction on n, to say that if D

is a domain, then so is DŒx1; x2 ; : : : ; xn ; we call Frac.DŒx1 ; x2 ; : : : ; xn / the
ring of rational functions in n variables. Exercise 5.23 on page 203 can be
generalized to several variables: if K D Frac.D/, then
Frac.DŒx1 ; x2; : : : ; xn / D K.x1 ; x2 ; : : : ; xn /I
its elements have the form f =g, where f; g 2 KŒx1 ; x2; : : : ; xn and g ¤ 0.
Exercises
5.26 Let R be a commutative ring. Show that if two polynomials f .x/; g.x/ 2 RŒx
are equal, then their associated polynomial functions are equal; that is, f # D g# .
5.27 * If R is a commutative ring, prove that Poly.R/ is a subring of Fun.R/ D RR .
5.28 True or false, with reasons:
(i) .x 2 9/=.x 2 2x 3/ D .x C 3/=.x C 1/ in Q.x/.
(ii) What are the domains of the functions x 7! .x 2 9/=.x 2 2x 3/ and
x 7! .x C 3/=.x C 1/? Are the functions equal?
5.3 Homomorphisms
The question whether two given commutative rings R and S are somehow the
same has already arisen, at least twice.
(i) On page 195 we said
For the moment, you may regard D and D 0 as algebraically the
same.
(ii) And on page 201 we said
If we identify .r; 0; 0; : : : / with r , then Lemma 5.10(iii) reads
r .s0; s1 ; : : : ; si ; : : : / D .r s0 ; r s1; : : : ; r si ; : : : /:
What does “the same” mean in statement (i)? What does “identify” mean in
statement (ii)? More important, if R is a commutative ring, we wish to compare
the (formal) polynomial ring RŒx with the ring Poly.R/ of all polynomial
functions on R.
We begin our discussion by considering the ring Z2 ; it has two elements, the
congruence classes 0; 1, and the following addition and multiplication tables.
C 0 1 0 1
0 0 1 0 0 0
1 1 0 1 0 1
The two words even, odd also form a commutative ring, call it P; its addi-
tion and multiplication are pictured in the following tables.
C even odd even odd
even even odd even even even
odd odd even odd even odd
i i
“book2” — 2013/5/24 — 8:18 — page 207 — #227
i i
5.3 Homomorphisms 207
Thus, odd C odd D even and odd odd D odd. It is clear that the commutative
rings Z2 and P are distinct; on the other hand, it is equally clear that there
is no significant difference between them. The elements of Z2 are given in
terms of numbers; those of P in terms of words. We may think of P as a trans-
lation of Z2 into another language. And more than just a correspondence of
elements, the operations of addition and multiplication (that is, the two tables)
get translated, too.
A reasonable way to compare two systems is to set up a function between
them that preserves certain essential structural properties (we hinted at this
idea earlier when we noted that a ring R is essentially a subring of RŒx).
The notions of homomorphism and isomorphism will make this intuitive idea
precise. Here are the definitions; we will discuss what they mean afterward.
Definition. Let R and S be commutative rings. A homomorphism is a func-

tion 'W R ! S such that, for all a; b 2 R,
(i) '.a C b/ D '.a/ C '.b/,
(ii) '.ab/ D '.a/'.b/,
(iii) '.1/ D 1 (the 1 on the left-hand side is the identity of R; the 1 on the
right-hand side is the identity of S ).
If ' is also a bijection, then ' is called an isomorphism. Two commutative
rings R and S are called isomorphic, denoted by R Š S , if there exists an
isomorphism 'W R ! S between them.
In the definition of a homomorphism 'W R ! S , the + on the left-hand side

is addition in R, while the + on the right-hand side is addition in S ; similarly
for products. A more complete notation for a commutative ring would display
its addition, multiplication, and unit: instead of R, we could write .R; C; ; 1/.
Similarly, a more complete notation for S is .S; ˚; ˝; e/. The definition of
homomorphism can now be stated more precisely
(i) '.a C b/ D '.a/ ˚ '.b/,
(ii) '.a b/ D '.a/ ˝ '.b/,
(iii) '.1/ D e.
Etymology. The word homomorphism comes from the Greek homo, mean-
ing “same,” and morph, meaning “shape” or “form.” Thus, a homomorphism
carries a commutative ring to another commutative ring of similar form. The
word isomorphism involves the Greek iso, meaning “equal,” and isomorphic
rings have identical form.
Consider the two simple examples above of addition tables arising from
the rings Z2 and P (the symbol P stands for “parity.”). The rings Z2 and P
0 1 even odd
Z2 W I PW :
1 0 odd even
Figure 5.1. Addition tables.
i i
“book2” — 2013/5/24 — 8:18 — page 208 — #228
i i
are isomorphic, for the function 'W Z2 ! P, defined by '.0/ D even and
'.1/ D odd, is an isomorphism, as the reader can quickly check (of course,
you must also check the multiplication tables).
Let a1 ; a2 ; : : : ; aj ; : : : be a list with no repetitions of all the elements of a
ring R. An addition table for R is a matrix whose ij entry is ai C aj .
C a1 aj
a1 a1 C a1 a1 C aj
ai ai C a1 ai C aj
A multiplication table for R is defined similarly.

The addition and multiplication tables for a ring R depend on the listing of
its elements, so that a ring has many tables. Let a1 ; a2 ; : : : ; aj ; : : : be a list of
all the elements of a ring R with no repetitions. If S is a ring and 'W R ! S is
a bijection, then '.a1 /; '.a2 /; : : : ; '.aj /; : : : is a list of all the elements of S
with no repetitions, and so this latter list determines addition and multiplication
tables for S . That ' is an isomorphism says that if we superimpose the tables
for R (determined by a1 ; a2 ; : : : ; aj ; : : : ) upon the tables for S (determined by
'.a1 /; '.a2 /; : : : ; '.aj /; : : : ), then the tables match. In more detail, if ai C aj
is the ij entry in the given addition table of R, then '.ai / C '.aj / is the ij
entry of the addition table of S . But '.ai / C '.aj / D '.ai C aj /, because ' is
an isomorphism. In this sense, isomorphic rings have the same addition tables
Does a homomorphism and the same multiplication tables (see Figure 5.1). Informally, we say that
“preserve 0”? See a homomorphism preserves addition, multiplication, and 1. Thus, isomorphic
Lemma 5.17. rings are essentially the same, differing only in the notation for their elements
and their operations.
Here are two interesting examples of homomorphisms: the first will be used
often in this book; the second compares the two different ways we view poly-
nomials.
Example 5.14. (i) Reduction mod m:

We didn’t have the language to say it at the time, but Proposition 4.5
sets up a homomorphism rm W Z ! Zm for any nonnegative integer m,
namely, rm W n 7! Œn. It’s not an isomorphism because Z is infinite and
Zm is finite (so there can’t be any bijection between them). Another rea-
son is that rm .m/ D 0 D rm .2m/, so rm can’t be injective. Is it surjective?
(ii) Form to Function:
In Example 4.31, we saw that every f .x/ 2 RŒx, where R is a com-
mutative ring, determines its associated polynomial function f # W R ! R.
The function 'W f 7! f # is a homomorphism RŒx ! Fun.R/ D RR :
as we saw on page 204, addition of polynomials corresponds to pointwise
addition of polynomial functions .f C g/# D f # C g# , and multiplica-
tion of polynomials corresponds to pointwise multiplication of polyno-
mial functions .fg/# D f # g# . Is ' an isomorphism? No, because it’s
not surjective—not every function on R is a polynomial function. Is '
an isomorphism between RŒx and the subring im ' D Poly.R/ of RR
consisting of all polynomial functions? That depends on R. We’ve seen,
i i
“book2” — 2013/5/24 — 8:18 — page 209 — #229
i i
for example, that f .x/ D x 7 C 2x 1 and g.x/ D 3x C 6 give the

same function (f # D g# ) when R D Z7 . But we’ll see, in Theorem 6.20,
that if R is an infinite field (as it almost always is in high school), then
'W RŒx ! Poly.R/ is an isomorphism. N
As with all important definitions in mathematics, the idea of homomor-

phism existed long before the name. Here are some examples that you’ve en-
countered so far.
Example 5.15. (i) Complex conjugation z D a C i b 7! z D a i b is a

homomorphism C ! C, because 1 D 1; z C w D zCw, and zw D z w;
it is a bijection because z D z (so that it is its own inverse) and, therefore,
complex conjugation is an isomorphism.
(ii) Let D be a domain with fraction field F D Frac.D/. In Theorem 5.5, we
proved that D 0 D fŒa; 1 W a 2 Dg is a subring of F . We can now identify
D 0 with D, for the function 'W D ! D 0 , given by '.a/ D Œa; 1 D a=1,
is an isomorphism.
(iii) In the proof of Corollary 5.9, we “identified” an element r in a com-
mutative ring R with the constant polynomial .r; 0; 0; : : : /. We said that
R is a subring of RŒx, but that is not the truth. The function 'W R !
RŒx, defined by '.r / D .r; 0; 0; : : : /, is a homomorphism, and R0 D
f.r; 0; 0; : : : / W r 2 Rg is a subring of RŒx isomorphic to R, and 'W R !
R0 is an isomorphism.
(iv) If S is a subring of a commutative ring R, then the inclusion i W S ! R is
a ring homomorphism (this is one reason why we insist that the identity
of R lie in S ).
(v) Recall Example 4.47: if X is a set, then 2X is the Boolean ring of all the
subsets of X, where addition is symmetric difference, multiplication is
intersection, and the identity is X. If Y is a proper subset of X, then 2Y is
not a subring of 2X , for the identity of 2Y is Y , not X. Thus, the inclusion
i W 2Y ! 2X is not a homomorphism, even though i.a C b/ D i.a/ C i.b/
and i.ab/ D i.a/i.b/. Therefore, the part of the definition of homomor-
phism requiring identity elements be preserved is not redundant. N
Example 5.16. Example 4.31 on page 157 shows, for a commutative ring R
and a set X, that the family RX of all functions from X to R, equipped with
pointwise addition and multiplication, is a commutative ring. We’ve also used
the notation 2X in Example 4.47 on page 166 to stand for the Boolean ring of
all subsets of a set X. The goal of this example is to prove that 2X and .Z2 /X This example is rather
are isomorphic rings. dense. It’s a good idea
to pick a concrete set,
The basic idea is to associate every subset A X with its characteristic
say X D f1; 2; 3g, and
function fA 2 .Z2 /X , defined by work out the characteristic
( function for each of the 8
1 if x 2 A subsets of X.
fA .x/ D
0 if x 62 A:
We claim that ' W 2X ! .Z2 /X , defined by The characteristic function

fA is sometimes called the
'.A/ D fA ; indicator function, for it tells
you whether an element
is an isomorphism. x 2 X is or is not in A.
i i
“book2” — 2013/5/24 — 8:18 — page 210 — #230
i i
First, ' is a bijection:

(i) ' is injective: if A; B X and '.A/ D '.B/, then fA D fB : for any
x 2 X, we have fA .x/ D 1 if and only if fB .x/ D 1. Thus, x 2 A if and
only if x 2 B; that is, A D B.
(ii) ' is surjective: given a function g W X ! .Z2 /X , define AŒg X by
AŒg D fx 2 X W g.x/ D 1g:
It is easy to check that '.AŒg/ D fAŒg D g.

Finally, ' is a homomorphism:
(i) ' maps the identity to the identity: the (multiplicative) identity of 2X is X,
and '.X/ D fX . Now fX .x/ D 1 for all x 2 X, because every element
of X lies in X! Hence, fX is the (multiplicative) identity in .Z2 /X .
(ii) ' preserves addition: we must show that
Recall the different mean-
ings of C in this equation: '.A C B/ D '.A/ C '.B/
A C B is symmetric differ-
ence, and '.A/ C '.B / is for all A; B X. Consider the following table:
pointwise addition.
fA .x/ fB .x/ fA .x/ C fB .x/
1 1 0
1 0 1
0 1 1
0 0 0
It follows that fA C fB D fACB , for each of the functions fA C fB

and fACB has value 1 if x 2 .A [ B/ .A \ B/ and value 0 otherwise.
Therefore,
'.A C B/ D fACB
D fA C fB
D '.A/ C '.B/:
(iii) ' preserves multiplication: we must show that '.AB/ D '.A/'.B/ for
all A; B X. The proof is similar to that in part (ii), using a table for
fA fB to prove that fA fB D fAB ; you will supply the details in Exer-
cise 5.39 on page 212.
We conclude that 2X and .Z2 /X are isomorphic. In Exercise 5.40 on page 212,
we will see that if jXj D n, then .Z2 /X Š .Z2 /n , the ring of all n-tuples
having coordinates in Z2 with pointwise operations. N
How to Think About It. There are two strategies in trying to show that a
homomorphism 'W R ! S is an isomorphism. One way is to show that ' is
a bijection; that is, it is injective and surjective. A second way is to show that
the inverse function ' 1 W S ! R exists (see Exercise 5.30 on page 211 and
Exercise 5.39(ii) on page 212).
Here are some properties of homomorphisms.
i i
“book2” — 2013/5/24 — 8:18 — page 211 — #231
i i
Lemma 5.17. Let R and S be commutative rings, let 'W R ! S be a homo-

morphism, and let a 2 R.
(i) '.0/ D 0.
(ii) '. a/ D '.a/.
(iii) '.na/ D n'.a/ for all n 2 Z.
(iv) '.an / D '.a/n for all n 2 N.
1 1
(v) If a is a unit in R, then '.a/ is a unit in S , and '.a / D '.a/ .
Proof. (i) Since 0 C 0 D 0, we have '.0 C 0/ D '.0/ C '.0/ D '.0/. Now

subtract '.0/ from both sides.
(ii) Since 0 D a C a, we have 0 D '.0/ D '. a/ C '.a/. But Propo-
sition 4.35 says that negatives are unique: there is exactly one s 2 S ,
namely, s D '.a/, with s C '.a/ D 0. Hence, '. a/ D '.a/.
(iii) If n 0, use induction to prove that '.na/ D n'.a/. Now use (ii) :
'. na/ D '.na/ D n'.a/.
(iv) Use induction to show that '.an / D '.a/n for all n 0.
(v) By Proposition 4.35, there is exactly one b 2 R, namely, b D a 1 , with
ab D 1. Similarly in S ; since '.a/'.b/ D '.ab/ D '.1/ D 1, we have
'.a 1 / D '.a/ 1 .
Example 5.18. If 'W A ! B is a bijection between finite sets A and B, then

they have the same number of elements. In particular, two finite isomorphic
commutative rings have the same number of elements. We now show that the
converse is false: there are finite commutative rings with the same number of
elements that are not isomorphic.
Recall Exercise 4.55 on page 165: there is a field, F4 , having exactly four
elements. If a 2 F4 and a ¤ 0, then a2 ¤ 0, for F4 is a domain (even
a field), and so the product of nonzero elements is nonzero. Suppose there
were an isomorphism 'W F4 ! Z4 . Since ' is surjective, there is a 2 F4
with '.a/ D 2. Hence, '.a2 / D '.a/2 D 22 D 0. This contradicts ' being
injective, for a2 ¤ 0 and '.a2 / D 0 D '.0/. N
Exercises
5.29 Let R and S be commutative rings, and let 'W R ! S be an isomorphism.
(i) If R is a field, prove that S is a field.
(ii) If R is a domain, prove that S is a domain.
5.30 *
(i) If ' is an isomorphism, prove that its inverse function ' 1W S ! R is also an
isomorphism.
(ii) Show that ' is an isomorphism if and only if ' has an inverse function ' 1.
5.31 (i) Show that the composite of two homomorphisms (isomorphisms) is again a
homomorphism (an isomorphism).
(ii) Show that R Š S defines an equivalence relation on the class of all commu-
tative rings.
i i
“book2” — 2013/5/24 — 8:18 — page 212 — #232
i i
5.32 Prove that the weird integers W (see Exercise 4.35 on page 158) is not isomorphic
to Z.
p
1 3
5.33 Recall that ZŒ! D fa C b! W a; b 2 Zg, where ! D 2 Ci 2 . Show that
' W ZŒ! ! ZŒ!, defined by
'W a C b! 7! a C b! 2 ;
is a homomorphism. Is ' an isomorphism?

5.34 If R is a commutative ring and a 2 R, is the function 'W R ! R, defined by
'W r 7! ar, a homomorphism? Why?
5.35 Prove that two fields having exactly four elements are isomorphic.
Hint: First prove that 1 C 1 D 0.

5.36 * Let k be a field that contains Zp as a subfield (e.g., k D Zp .x/). For every
n
integer n > 0, show that the function 'n W k ! k, given by 'n .a/ D ap , is an
injective homomorphism. If k is finite, show that 'n is an isomorphism.
5.37 * If R is a field, show that R Š Frac.R/. More precisely, show that the homo-
morphism 'W R ! Frac.R/, given by 'W r 7! Œr; 1, is an isomorphism.
5.38 * Recall, when we constructed the field Frac.D/ of a domain D, that Œa; b de-
noted the equivalence class of .a; b/, and that we then reverted to the usual nota-
tion: Œa; b D a=b.
(i) If R and S are domains and 'W R ! S is an isomorphism, prove that
Œa; b 7! Œ'.a/; '.b/
is an isomorphism Frac.R/ ! Frac.S/.

(ii) Prove that a field k containing an isomorphic copy of Z as a subring must
contain an isomorphic copy of Q.
(iii) Let R be a domain and let 'W R ! k be an injective homomorphism, where
k is a field. Prove that there exists a unique homomorphism ˆW Frac.R/ ! k
extending '; that is, ˆjR D '.
5.39 * In Example 5.16, we proved that if X is a set, then the function 'W 2X ! .Z2 /X ,
given by '.A/ D fA , the characteristic function of A, is an isomorphism.
(i) Complete the proof in Example 5.16 by showing that '.AB/ D '.A/ '.B/
for all A; B 2 2X .
(ii) Give another proof that 2X Š .Z2 /X by showing that ' 1 exists.
/n
5.40 * If n is a positive integer, define .Z2 to be the set of all n-tuples .a1 ; : : : ; an /
with ai 2 Z2 for all i (such n-tuples are called bitstrings).
(i) Prove that .Z2 /n is a commutative ring with pointwise operations
.a1 ; : : : ; an / C .b1; : : : ; bn / D .a1 C b1 ; : : : ; an C bn /
and
.a1 ; : : : ; an /.b1; : : : ; bn / D .a1 b1 ; : : : ; an bn /:
(ii) If X is a finite set with jX j D n, prove that .Z2 /X Š .Z2 /n . Conclude, in

this case, that 2X Š .Z2 /n (see Example 5.16).
i i
“book2” — 2013/5/24 — 8:18 — page 213 — #233
i i
Extensions of Homomorphisms
Suppose that a ring R is a subring of a commutative ring E with inclusion
i W R ! E. Given a homomorphism ' W R ! S , an extension ˆ of ' is a
homomorphism ˆW E ! S with restriction ˆjR D î D '. If ˆW U ! Y is any
function, then its restriction
E ˆjX to a subset X U
is equal to the composite
ˆ
i î, where iW X ! U is the
inclusion.
R ' S:
Some obvious questions about extensions are

(i) Can we extend 'W R ! S to a homomorphism ˆW E ! S ?
(ii) Can we extend 'W R ! S Œx to a homomorphism ˆW E ! S Œx?
Theorems 5.19 and 5.20 below answer the first question when E D RŒx
and E D RŒx1; : : : ; xn ; Corollary 5.22 answers the second question when
E D RŒx. The basic idea is to let ' handle the elements of R, then specify
what happens to x, and then use the definition of homomorphism to make sure
that the extension preserves addition and multiplication.
Even though the coming proof is routine, we give full details because of the
importance of the result.
Theorem 5.19. Let R and S be commutative rings, and let 'W R ! S be a

homomorphism. If s 2 S , then there exists a unique homomorphism
ˆW RŒx ! S
with ˆ.x/ D s and ˆ.r / D '.r / for all r 2 R.

P
Proof. If f .x/ D i ri x i D r0 C r1 x C C rn x n , define ˆ W RŒx ! S by
ˆ.f / D '.r0 / C '.r1 /s C C '.rn /s n :
Proposition 5.6, uniqueness of coefficients, shows that ˆ is a well-defined

function, and the formula shows that ˆ.x/ D s and ˆ.r / D '.r / for all
r 2 R.
We now prove that ˆ is a homomorphism. First, ˆ.1/ D '.1/ D 1, because
' is a homomorphism.
Second, if g.x/ D a0 C a1 x C C am x m , then
!
X
i
ˆ.f C g/ D ˆ .ri C ai /x
i
X
D '.ri C ai /s i
i
X
D '.ri / C '.ai / s i
i
X X
D '.ri /s i C '.ai /s i
i i
D ˆ.f / C ˆ.g/:
i i
“book2” — 2013/5/24 — 8:18 — page 214 — #234
i i
P P
Third, let f .x/g.x/ D ck x k , where ck D
k i Cj Dk ri aj . Then
!
X
k
ˆ.fg/ D ˆ ck x
k
X
D '.ck /s k
k
0 1
X X
D '@ ri aj A s k
k i Cj Dk
0 1
X X
D @ '.ri /'.aj /A s k :
k i Cj Dk
On the other hand,

!0 1 0 1
X X X X
ˆ.f /ˆ.g/ D '.ri /s i @ '.aj /s j A D @ '.ri /'.aj /A s k :
i j k i Cj Dk
Uniqueness of ˆ is easy: if ‚W RŒx ! S is a homomorphism with ‚.x/ D s

and ‚.r / D '.r / for all r 2 R, then

‚ r0 C r1 x C C rd x d D '.r0 / C '.r1 /s C C '.rd /s d

D ˆ r0 C r1 x C C rd x d :
This theorem generalizes to polynomial rings in several variables.
Theorem 5.20. Let R and S be commutative rings and 'W R ! S a homo-

morphism. If s1; : : : ; sn 2 S , then there exists a unique homomorphism
ˆW RŒx1 ; : : : ; xn ! S
with ˆ.xi / D si for all i and ˆ.r / D '.r / for all r 2 R.
Proof. The proof is by induction on n 1. The base step is Theorem 5.19. For
the inductive step, let n > 1 and define A D RŒx1; : : : ; xn 1 . The inductive
hypothesis gives a homomorphism W A ! S with .xi / D si for all i
n 1 and .r / D '.r / for all r 2 R. The base step gives a homomorphism
‰W AŒxn ! S with ‰.xn / D sn and ‰.a/ D .a/ for all a 2 A. The
result follows, because RŒx1; : : : ; xn D AŒxn , ‰.xi / D .xi / D si for all
i n 1, ‰.xn / D .xn / D sn , and ‰.r / D .r / D '.r / for all r 2 R.
How to Think About It. There is an analogy between Theorem 5.20 and
an important theorem of linear algebra, Theorem A.43 in Appendix A.4: Let
V and W be vector spaces over a field k; if v1 ; : : : ; vn is a basis of V and
w1 ; : : : ; wn 2 W , then there exists a unique linear transformation T W V ! W
with T .vi / D wi for all i (linear transformations are homomorphisms of vec-
tor spaces). The theorem is actually the reason why matrices can describe linear
transformations.
i i
“book2” — 2013/5/24 — 8:18 — page 215 — #235
i i
Here is a familiar special case of Theorem 5.19.
Definition. If R is a commutative ring and a 2 R, then evaluation at a is the If f # is the polynomial

function ea W RŒx ! R given by ea .f / D f .a/; that is, function determined by f ,
then ea .f / D f # .a/.
!
X X
i
ea ri x D ri a i :
i i
So, in this language, we have:
Corollary 5.21. If R is a commutative ring and a 2 R, then ea W RŒx ! R,

evaluation at a, is a homomorphism.
Proof. In the notation of Theorem 5.19, set R D S , ' D 1R (the identity

function R !PR), and s D Pa 2 R. The homomorphism ˆW RŒx ! R is ea ,
which sends i ri x i into i ri ai .
As an illustration of Corollary 5.21, if f; g 2 RŒx and h D fg, then
h.a/ D ea .h/ D ea .f /ea .g/ D f .a/g.a/:
In other words, we get the same element of R if we first multiply polynomials

in RŒx and then substitute a for x, or if we first substitute a for x and then
multiply the elements f .a/ and g.a/. For example, if R is a commutative
ring and a 2 R, then f .x/ D q.x/g.x/ C r .x/ in RŒx implies f .a/ D
q.a/g.a/ C r .a/ in R.
Let’s return to question (ii) on page 213. Given a homomorphism
' W R ! S , can we extend it to a homomorphism RŒx ! S Œx? The basic
idea? Let ' handle the coefficients and send x to x.
Corollary 5.22. If R and S are commutative rings and 'W R ! S is a ho-

momorphism, then there is a unique homomorphism ' W RŒx ! S Œx given
by
' W r0 C r1 x C r2 x 2 C 7! '.r0 / C '.r1 /x C '.r2 /x 2 C :
Moreover, ' is an isomorphism if ' is.
Proof. The existence of the homomorphism ' is a special case of Theo-

rem 5.19. More precisely, consider the following diagram in which W R !
RŒx and W S ! S Œx are the usual inclusions viewing elements of R and
of S as constant polynomials. The role of 'W R ! S is now played by the
composite 'W R ! S Œx, namely, r 7! .'.r /; 0; 0: : : : /.
RŒx
ˆ

R ' S S Œx:

1 1
If ' is an isomorphism, then ˆ is the inverse of the extension of ' .
i i
“book2” — 2013/5/24 — 8:18 — page 216 — #236
i i
Example 5.23. If rm W Z ! Zm is reduction mod m, that is, rm .a/ D Œa, then

the homomorphism rm W ZŒx ! Zm Œx reduces each coefficient of a polyno-
mial mod m:

rm W a0 C a1 x C a2 x 2 C 7! Œa0 C Œa1 x C Œa2 x 2 C :

We will usually write a instead of Œa when using rm . N
Example 5.24. Complex conjugation extends to an isomorphism CŒx ! CŒx

in which every polynomial is mapped to the polynomial obtained by taking the
complex conjugate of each coefficient. (We have already used this construction
in Theorem 3.12 and in Exercises 3.43–3.45 on page 106.) N
Exercises
5.41 If R is a commutative ring, prove that RŒx; y Š RŒy; x. In fact, prove that there
is an isomorphism ˆ with ˆ.x/ D y, ˆ.y/ D x, and ˆ.r/ D r for all r 2 R.
Hint: Use Theorem 5.20.
If you look very carefully at the definitions, you’ll see that RŒx; y and RŒy; x
are different rings. Recall that elements a in a ring A correspond to .a; 0; : : :/
in AŒx. In particular, the element x 2 RŒx corresponds
to .x; 0; 0; : : :/ in RŒxŒy;
that is, we have x D .0; 1; 0; : : : /; 0; 0; : : : so that in RŒxŒy the element x has
.0; 1; 0; : : : / in coordinate 1. This is not the same element as x in RŒyŒx, which
has 1 sitting in coordinate 1. However, this exercise allows you to relax and regard
these polynomials rings as the same.
5.42 *
(i) If R is a commutative ring and c 2 R, prove that there is a homomorphism
'W P
RŒx ! RŒx Pwith '.x/ D x C c and '.r/ D r for all r 2 R; that is,
'. i ri x i / D i ri .x C c/i . Is ' an isomorphism?
No calculus is needed for (ii) If deg.f / D n, show that
this exercise.
f 00 .c/ f .n/ .c/
'.f / D f .c/ C f 0 .c/.x C c/ C .x C c/2 C C .x C c/n ;
2Š nŠ
where f 0 .x/ is the formal derivative of f defined in Exercise 5.15 on page 202.
Kernel, Image, and Ideals

There’s a great deal of talk about “modeling” in high school mathematics: we
wonder whether a given statement is true, and the idea is to see whether it
holds in some model. A homomorphism R ! S is a good illustration of this
idea; it transports the structure of R to the structure of S , so that we may test
whether a statement in R is true by asking whether its analog in the “model”
S is true. For example, is 1 a square in Z; is there k 2 Z with 1 D k 2 ?
Now we can list all the squares in Z3 : 02 D 0; 12 D 1; 22 D 4 D 1, and we
see that 1 D 2 is not a square. But if 1 D k 2 in Z, then reduction mod 3,
the homomorphism r3 W Z ! Z3 taking a 7! Œa (see Example 5.14(i)), would
give
r3 . 1/ D r3 .k 2 / D r3.k/2 ;
contradicting 1 not being a square in Z3 .
i i
“book2” — 2013/5/24 — 8:18 — page 217 — #237
i i
We should be cautious when viewing a homomorphism 'W R ! S as mod-

eling a ring R. First, ' may not give a faithful model of R, thereby losing some
information; for example, ' might take different elements of R to the same el-
ement of S . Also, some information might get missed: there may be elements
of S that don’t get “hit” by an element of R. The information that’s lost is
called the kernel of '; the information that’s hit is called its image.
Definition. If 'W R ! S is a homomorphism, then its kernel is
ker ' D fa 2 R with '.a/ D 0g R;
and its image is
im ' D fs 2 S W s D '.a/ for some a 2 Rg S:
Here are the first properties of these subsets. Note that Lemma 5.17 says,
for every homomorphism 'W R ! S , that 0 2 ker ' and 0 2 im '. In general,
im ' is a subset of S but, as for any function, ' is surjective if and only if
im ' D S .
Proposition 5.25. Let R and S be rings and 'W R ! S a homomorphism.

(i) im ' D f'.r / W r 2 Rg is a subring of S .
(ii) If a; b 2 ker ', then a C b 2 ker '.
(iii) If a 2 ker ' and r 2 R, then ra 2 ker '.
Proof. (i) To see that im ' is a subring of S , note first that 1 2 im ', because
'.1/ D 1. If s; t 2 im ', then there are a; b 2 R with s D '.a/ and
t D '.b/. Hence, s C t D '.a/ C '.b/ D '.a C b/ 2 im ', and
st D '.a/'.b/ D '.ab/ 2 im '. Therefore, im ' is a subring of S .
(ii) If a; b 2 ker ', then '.a/ D 0 D '.b/. Hence, '.aCb/ D '.a/C'.b/ D
0 C 0 D 0, and a C b 2 ker '.
(iii) If a 2 ker ', then '.a/ D 0. Hence, '.ra/ D '.r /'.a/ D '.r / 0 D 0,
and so ra 2 ker '.
Here are some examples of kernels and images.
Example 5.26. (i) If 'W R ! S is an isomorphism, then ker ' D f0g and
im ' D S .
(ii) If ' is injective, then ker ' D f0g, for if r ¤ 0, then '.r / ¤ '.0/ D 0.
We will soon see that the converse is true, so that ' is injective if and only
ker ' D f0g.
(iii) If rm W Z ! Zm is reduction mod m, then ker rm consists of all the multi-
ples of m.
(iv) Let k be a commutative ring, let a 2 k, and let ea W kŒx ! k be the
evaluation homomorphism f .x/ 7! f .a/. Now ea is always surjective: if
b 2 k, then b D ea .f /, where f .x/ D x a C b. By definition, ker ea
consists of all those polynomials g for which g.a/ D 0.
In particular, let 'W RŒx ! C be defined by '.x/ D i and '.a/ D a
for all a 2 R. Then ker ' is the set of all polynomials f .x/ 2 RŒx having
i as a root. For example, x 2 C 1 2 ker '. N
i i
“book2” — 2013/5/24 — 8:18 — page 218 — #238
i i
Proposition 5.25 suggests that ker ' is a subring of R but, in fact, it almost
never is because it usually doesn’t contain 1. The definition of homomorphism
says that '.1/ D 1. If 1 2 ker ', then '.1/ D 0, and so 1 D 0 in S ; that is, S
is the zero ring. We conclude that if S has more than one element, then ker '
is not a subring of R. However, kernels are always ideals.
Definition. An ideal in a commutative ring R is a subset I of R such that

(i) 0 2 I
(ii) if a, b 2 I , then a C b 2 I
(iii) if a 2 I and r 2 R, then ra 2 I .
An ideal I ¤ R is called a proper ideal.
The ring R itself and f0g, the subset of R consisting of 0 alone, are always
ideals in a commutative ring R. Proposition 5.25 says that the kernel of a ho-
momorphism 'W R ! S is always an ideal in R; it is a proper ideal if S is not
the zero ring because 1 … ker '.
We have seen ideals in a completely different context. Theorem 1.19, which
says that gcd.a; b/ is a linear combination of a; b, involved showing that the set
of all linear combinations is an ideal in Z. Indeed, Exercise 1.49 on page 30
makes this explicit (of course, we had not introduced the term ideal at that
time).
Etymology. As we said on page 131, a natural attempt to prove Fermat’s Last

Theorem involves factoring x p C y p in the ring ZŒp of cyclotomic integers,
where p is a pth root of unity. In Chapter 8, we shall sketch the ideas that
show that if this ring has unique factorization into primes, that is, if the analog
of the Fundamental Theorem of Arithmetic holds in ZŒp , then there are no
positive integers a; b; c with ap Cb p D c p . For some primes p, such an analog
is true but, alas, there are primes for which it is false. In his investigation of
Fermat’s Last Theorem, Kummer invented ideal numbers in order to restore
unique factorization. His definition was later recast by Dedekind as the ideals
we have just defined, and this is why ideals are so called.
Here is a construction of ideals that generalizes that which arose when we

studied gcd’s. Recall that a linear combination of elements b1 ; b2 ; : : : ; bn in a
commutative ring R is an element of R of the form
r 1 b1 C r 2 b2 C C r n bn ;
where ri 2 R for all i .
It is very easy to check Definition. If b1 ; b2 ; : : : ; bn lie in a commutative ring R, then the set of all
that .b1 ; b2 ; : : : ; bn / is an linear combinations, denoted by
ideal.
.b1 ; b2 ; : : : ; bn /;
is an ideal in R, called the ideal generated by b1 ; b2 ; : : : ; bn . In particular, if
n D 1, then
.b/ D fr b W r 2 Rg
The principal ideal .b/ is
sometimes denoted by Rb. consists of all the multiples of b; it is called the principal ideal generated by b.
i i
“book2” — 2013/5/24 — 8:18 — page 219 — #239
i i
Both R and f0g are ideals; indeed, both are principal ideals, for R D .1/
and, obviously, f0g D .0/ is generated by 0. Henceforth, we will denote the
zero ideal f0g by .0/.
Example 5.27. (i) The even integers comprise an ideal in Z, namely, .2/.
(ii) Proposition 5.25 says that if 'W R ! S is a homomorphism, then ker ' is
an ideal in R. In particular, we can generalize part (i): if rm W Z ! Zm is
reduction mod m, then ker rm D .m/.
(iii) If I and J are ideals in a commutative ring R, then it is routine to check
that I \ J is also an ideal in R. More generally,
T if .Ij /j 2J is a family
of ideals in a commutative ring R, then j 2J Ij is an ideal in R (see
Exercise 5.53 below).
(iv) By Example 5.26(iv), the set I , consisting of all polynomials f .x/ in
RŒx having i as a root, is an ideal in RŒx containing x 2 C 1 (it is the
kernel of the evaluation ei ). We shall see, in Corollary 6.26, that I D
.x 2 C 1/. N
Example 5.28. Let R be a commutative ring. For a subset A of R, define
I D I.A/ D ff .x/ 2 RŒx W f .a/ D 0 for all a 2 Ag:

It is easy to check that I is an ideal in RŒx. Clearly, 0 2 I . If f 2 I and r 2 R,
then .rf /# D rf # , and so .rf /.a/ D r .f .a// D 0 for all a 2 A. Finally, if
f; g 2 I , then .f C g/# D f # C g# , so that .f C g/# W a 7! f .a/ C g.a/ D 0
for all a 2 A,Tand f C g 2 I . Therefore, I is an ideal. (Alternatively, show
that I.A/ D a2A ker ea , where ea is evaluation at a, and use Exercise 5.53
below that says the intersection is an ideal.)
In the special case when R is a field, then I.A/ is a principal ideal. If A is
finite, can you find a monic d.x/ with I.A/ D .d /? What if A is infinite? N
Theorem 5.29. Every ideal I in Z is a principal ideal.
Proof. If I D .0/, then I is the principal ideal with generator 0. If I ¤ .0/,

then there are nonzero integers in I ; since a 2 I implies a 2 I , there are
positive integers in I ; let d 2 I be the smallest such. Clearly, .d / I . For
the reverse inclusion, let b 2 I . The Division Algorithm gives q; r 2 Z with
b D qd C r , where 0 r < d . But r D b qd 2 I . If r ¤ 0, then its
existence contradicts d being the smallest positive integer in I . Hence, r D 0,
d j b, b 2 I , and I .d /. Therefore, I D .d /.
We’ll see in the next chapter that there are commutative rings having ideals
that are not principal ideals.
Example 5.30. (i) If an ideal I in a commutative ring R contains 1, then

I D R, for now I contains r D r1 for every r 2 R. Indeed, if I contains
a unit u, then I D R, for then I contains u 1 u D 1.
(ii) It follows from (i) that if R is a field, then the only ideals I in R are .0/
and R itself: if I ¤ .0/, it contains some nonzero element, and every
nonzero element in a field is a unit.
Conversely, assume that R is a nonzero commutative ring whose only
ideals are R itself and .0/. If a 2 R and a ¤ 0, then .a/ D fra W r 2 Rg
i i
“book2” — 2013/5/24 — 8:18 — page 220 — #240
i i
is a nonzero ideal, and so .a/ D R; but 1 2 R D .a/. Thus, there is r 2 R

with 1 D ra; that is, a has an inverse in R, and so R is a field. N
Proposition 5.31. A homomorphism 'W R ! S is an injection if and only if

ker ' D .0/.
Proof. If ' is an injection, then a ¤ 0 implies '.a/ ¤ '.0/ D 0. Hence,

ker ' D .0/. Conversely, assume that ker ' D .0/. If '.a/ D '.b/, then
'.a b/ D '.a/ '.b/ D 0; that is, a b 2 ker ' D .0/. Therefore, a D b
and ' is an injection.
Corollary 5.32. If k is a field and 'W k ! S is a homomorphism, where S is

a nonzero commutative ring, then ' is an injection.
Proof. The only proper ideal in k is .0/, by Example 5.30; now apply Propo-
sition 5.31.
Exercises
5.43 Construct a homomorphism from ZŒi ! ZŒi that has i in its kernel. What is the
entire kernel?
p p
5.44 Find the kernel
p of the homomorphism
p QŒx ! QŒ 2 defined by f 7! f . 2/,
where QŒ 2 D fa C b 2 W a; b 2 Qg.
5.45 Show that the kernel of the evaluation homomorphism ea in Corollary 5.21 is the
set of polynomials in RŒx that have a as a root.
p p
5.46 Consider the set I of polynomials in RŒx that vanish on the set f3˙ 5; 5˙ 7g.
The notation ¨ means Show that I is a principal ideal in RŒx.
“is a proper subset of”
(in contrast to which 5.47 * Find three ideals .a/ in Z with the property that
indicates a subset which
may or may not be proper). .24/ ¨ .a/:
5.48 * Suppose a and b are integers. Show that a j b if and only if .b/ .a/.
5.49 * If a; b 2 Z, prove that .a/ \ .b/ D .m/, where m D lcm.a; b/.
5.50 * Define the sum of ideals I and J in a commutative ring R by
I C J D fu C v W u 2 I and v 2 J g:
(i) Prove that I C J is an ideal.

(ii) If a; b 2 Z, prove that .a/ C .b/ D .a; b/ D .d /, where d D gcd.a; b/.
5.51 * Define the product of ideals I and J in a commutative ring R by
IJ D fa1 b1 C C an bn W ai 2 I; bi 2 J; n 1g:
(i) Prove that IJ is an ideal in R.

(ii) Prove that if I and J are principal ideals, then IJ is principal. More precisely,
if I D .a/ and J D .b/, then IJ D .ab/.
(iii) If I D .a1 ; : : : ; as / and J D .b1 ; : : : ; b t /, prove that
IJ D .ai bj W 1 i s and 1 j t /:
i i
“book2” — 2013/5/24 — 8:18 — page 221 — #241
i i
5.4 Connections: Boolean Things 221
5.52 * Let I; J , and Q be ideals in a commutative ring R.

(i) Prove that IJ D JI .
(ii) Prove that RI D I .
(iii) Prove that I.JQ/ D .IJ /Q.
T
5.53 * If .Ij /j 2J is a family of ideals in a commutative ring R, prove that j 2J Ij
is an ideal in R.
5.54 *
(i) If R and S are commutative rings, show that their direct product R S is also
a commutative ring, where addition and multiplication in R S are defined
coordinatewise:
.r; s/ C .r 0 ; s 0 / D .r C r 0 ; s C s 0 /
and
.r; s/.r 0 ; s 0 / D .rr 0 ; ss 0 /:
This construction generalizes that of .Z2 /n in Exercise 5.40 on page 212.

(ii) Show that R S is not a domain.
(iii) Show that R .0/ is an ideal in R S.
(iv) Show that R .0/ is a ring isomorphic to R, but it is not a subring of R S.
(v) Prove that Z6 Š Z2 Z3 .
(vi) Show that Z4 6Š Z2 Z2 .
(vii) Prove that Zmn Š Zm Zn if m and n are relatively prime.
Hint: Use the Chinese Remainder Theorem.
5.55 If R1 ; : : : ; Rn are commutative rings, define their direct product R1 Rn
by induction on n 2 (it is the set of all n-tuples .r1 ; : : : ; rn / with ri 2 Ri for
all i ). Prove that the ring .Z/X in Example 5.16, where X is a set with jX j D n,
is the direct product of n copies of Z2 .
5.56 (i) Give an example of a commutative ring R with nonzero ideals I and J such
that I \ J D .0/.
(ii) If I and J are nonzero ideals in a domain R, prove that I \ J ¤ .0/.
5.57 Let F be the set of all 2 2 real matrices of the form
" #
a b
AD :
b a
(i) Prove that F is a field (with operations matrix addition and matrix multipli-
cation).
(ii) Prove that 'W F ! C, defined by '.A/ D a C i b, is an isomorphism.
5.4 Connections: Boolean Things

In some high school programs, Boolean Algebra is called the “algebra of sets;”
it usually focuses on establishing set-theoretic identities like
A \ .B [ C / D .A \ B/ [ .A \ C /
i i
“book2” — 2013/5/24 — 8:18 — page 222 — #242
i i
for subsets A, B, and C of a set X. Such formulas are proved by showing that
an element lies in the left-hand side if and only it lies in the right-hand side.
Exercises 4.68 through 4.74 on page 169 gave you practice in doing this
sort of thing, but they actually showed more. Recall Example 4.47: if 2X is
the family of all the subsets of a set X, then 2X is a commutative ring with
addition defined as symmetric difference,
A C B D .A B/ [ .B A/ D A [ B .A \ B/;
Recall: if U; V are subsets and multiplication defined as intersection,
of X, then U V D
fx 2 X W x 2 U and x … AB D A \ B:
V g.
It follows, for all subsets A of X, that
A2 D A; A C ¿ D A; A C A D ¿; and AX D AI
the identity element 1 is the subset X itself. It follows from ACA D ¿ that ev-
ery A 2 2X is its own additive inverse; that is, A D A. Indeed, Exercise 5.58
on page 226 says that 1 D 1 in 2X . Since we often pass back and forth be-
tween the commutative ring 2X and set theory, we say out loud that a minus
sign will be used in set theory, as in the definition of symmetric difference, but
it shall never be used when we are working in 2X viewed as a ring.
We are going to show that calculations in the ring 2X give more satifisfy-
ing proofs of set-theoretic identities; thus, regarding all subsets as forming a
commutative ring is a definite advantage. Another goal is to use the calcula-
tions to establish the inclusion-exclusion principle, a very useful technique in
counting problems.
Venn diagrams are visual representations in the plane of relationships among
subsets in X. They convert words into pictures. For example, symmetric dif-
ference and intersection are illustrated by the Venn diagram in Figure 5.2.
Some standard words occurring in set theory, actually in logic, are NOT,
AND, OR, and EXCLUSIVE OR. If we picture a statement a as the inside of
a region A in the plane, then the Venn diagram of “NOT a” is the outside of A;
it is the complement
Ac D fx 2 X W x … Ag:
In Figure 5.2, A C B is the Exercise 4.69 on page 168 says that Ac D X C A. If a and b are statements,
shaded region, AB is the then the Venn diagram of the statement “a AND b” is the intersection A \ B,
unshaded region.
while the diagram of “a OR b” is the union A [ B. EXCLUSIVE OR is the
symmetric difference A C B; it pictures the statement “a OR b but not both”
(as in the statement “Take it or leave it!”).
The next result is Exercise 4.73 on page 169; you probably solved this ex-
ercise then using elements, as we now do.
A B
Figure 5.2. A C B and AB.
i i
“book2” — 2013/5/24 — 8:18 — page 223 — #243
i i
Proposition 5.33 (De Morgan). If A and B are subsets of a set X, then
.A [ B/c D Ac \ B c :
Proof. We first show that .A [ B/c Ac \ B c . If x 2 .A [ B/c , then

x … A [ B. But A [ B consists of all elements in A or in B. So, x … A [ B
implies x … A and x … B; that is, x 2 Ac \ B c .
For the reverse inclusion, take x 2 Ac \ B c . Hence, x 2 Ac and x 2 B c ;
that is, x … A and x … B. Thus, x … A [ B, and x 2 .A [ B/c .
This proof is not very difficult, but it’s also not very satisfying. The reason-
ing very much depends on the meanings of the connectives NOT, AND, and
OR, as do the definitions of union and intersection. If feels as if we are just
playing with words.
We are going to give a second proof, more in the spirit of commutative
rings, that uses the binary operations in a special kind of commutative ring that
distills the distinguishing feature of 2X into one property.
Definition. A Boolean ring is a commutative ring R in which a2 D a for all

a 2 R.
Example 5.34. (i) The ring 2X of subsets of a set X, in Example 4.47, is a

Boolean ring.
(ii) If X is a set, possibly infinite, then the family R of all finite subsets of X
together with X itself is a Boolean ring with operations symmetric differ-
ence and intersection. N
Let’s extend familiar facts in 2X to arbitrary Boolean rings R. Some of these

calculations might look strange; just keep 2X and Venn diagrams in the back of
your mind as you work through them. For example, the following definitions,
inspired by the particular Boolean ring 2X , make sense in any Boolean ring.
Complement: a0 D 1 C a (see Exercise 4.69 on page 168)

Union: a _ b D a C b C ab (see Exercise 4.74(ii) on page 169)
Disjoint: ab D 0
Lemma 5.35. Suppose that R is a Boolean ring and a 2 R. Then:

(i) a C a D 0
(ii) aa0 D 0
(iii) a0 C a D 1.
Proof. (i)
a C a D .a C a/.a C a/
D a2 C a2 C a2 C a2
D a C a C a C a:
Now subtract a C a from both sides to obtain a C a D 0.

(ii) aa0 D a.1 C a/ D a C a2 D a C a D 0:
(iii) a0 C a D .1 C a/ C a D 1 C .a C a/ D 1 C 0 D 1.
i i
“book2” — 2013/5/24 — 8:18 — page 224 — #244
i i
Proposition 5.36. Let R be a Boolean ring and a; b 2 R.

(i) a C b D ab 0 C a0 b, and the summands ab 0 and a0 b are disjoint.
(ii) a _ b D ab 0 C a0 b C ab, and the summands ab 0 , a0 b, and ab are pairwise
disjoint.
Proof. (i) For all x 2 R, x C x D 0, xx 0 D 0, and x C x 0 D 1. Hence,
a C b D a.b C b 0 / C b.a C a0 / D ab C ab 0 C ab C a0 b D ab 0 C a0 b:
The summands are disjoint, because .ab 0 /.a0 b/ D 0.

(ii)
Work though these proofs
for yourself, justifying
each step. Notice how a _ b D a C b C ab D ab 0 C a0 b C ab:
the particulars of 2X are
fading into the background. The summands are disjoint, for part (i) shows that ab 0 and a0 b are disjoint,
while .ab 0 /ab D 0 D .a0 b/ab.
Let’s now see how working in an arbitrary Boolean ring reduces the proofs
about facts in specific such rings like 2X to algebraic calculations. Compare
the set-theoretic proof of Proposition 5.33 with the following proof.
Proposition 5.37 (De Morgan = Proposition 5.33). If A and B are subsets of

a set X, then
.A [ B/c D Ac \ B c :
Proof. We first work in a Boolean ring R and then pass to 2X .

The proof that If a; b 2 R, we want to show that .a _ b/0 D a0 b 0 . But
1 C .a C b C ab/ D
.1 C a/.1 C b/ could be an .a _ b/0 D 1 C a _ b D 1 C .a C b C ab/;
exercise in any first-year
high school algebra text.
which is equal to a0 b 0 D .1 C a/.1 C b/.
Now interpret this general result in R in the particular Boolean ring 2X ,
using the translations A _ B D A [ B, AB D A \ B, and 1 C A D Ac .
There’s another De Morgan law in Exercise 4.73 on page 169. Algebra to

the rescue.
Proposition 5.38 (De Morgan). If A and B are subsets of a set X, then
.A \ B/c D Ac [ B c :
Proof. Let R be a Boolean ring and a; b 2 R. We want to show that
.ab/0 D a0 _ b 0 :
The idea again is to first use “pure algebra,” reducing everything to statements
about addition and multiplication in R, and then translate the result into the
language of 2X . Now .ab/0 D 1 C ab, and
a0 _ b 0 D a0 C b 0 C a0 b 0 D .1 C a/ C .1 C b/ C .1 C a/.1 C b/:
i i
“book2” — 2013/5/24 — 8:18 — page 225 — #245
i i
Calculate:
.1 C a/ C .1 C b/ C .1 C a/.1 C b/ D 1 C a C 1 C b C 1 C a C b C ab
D .1 C 1/ C .a C a/
C .b C b/ C .1 C ab/
D 1 C ab
D .ab/0 :
We now solve an earlier exercise using this point of view.
Proposition 5.39 (= Exercise 4.70). Let A; S be subsets of a set X. Then

S D Ac if and only if A \ S D ¿ and A [ S D X.
Proof. It suffices to work in a Boolean ring and then to see what it says in the
particular Boolean ring 2X .
Assume that s D a0 D 1 C a. Then
as D a.1 C a/ D a C a2 D a C a D 0;
and
a _ s D a _ .1 C a/ D a C .1 C a/ C a.1 C a/ D a C 1 C a C a C a2 D 1:
Conversely, if as D 0 and a C s C as D 1, then a C s D 1. But 1 D 1

in every Boolean ring, by Exercise 5.58 on page 226, and so s D 1 C a D a0 .
The usual distributive law in a commutative ring is a.b Cc/ D ab Cac. The
proof that the equation holds in 2X essentially follows from the set-theoretic
identity
A \ .B [ C / D .A \ B/ [ .A \ C /:
We are now going to show that interchanging \ and [ gives another valid
identity.
Proposition 5.40. If A; B and C are subsets of a set X, then
A [ .B \ C / D .A [ B/ \ .A [ C /:
Proof. We must show that a _ bc D .a _ b/.a _ c/; that is,
a C bc C abc D .a C b C ab/.a C c C ac/:
Expand the right-hand side, remembering that x 2 D x and x C x D 0 for all x:
.a C b C ab/.a C c C ac/ D a2 C ac C a2 c C ab C bc C abc

C a2 b C abc C a2 bc
D a C bc C abc:
i i
“book2” — 2013/5/24 — 8:18 — page 226 — #246
i i
Exercises
5.58 * Prove that 1 D 1 in every Boolean ring.
5.59 * Proposition 5.40 proves that if A; B, and C are subsets of a set X , then
A [ .B \ C / D .A [ B/ \ .A [ C /:
Give another proof using set theory.

5.60 * If A, B1 , B2, and B3 are subsets of a set X , show that
A \ .B1 \ B2 \ B3 / D .A \ B1 / [ .A \ B2/ [ .A \ B3/:

Sn
Generalize to A \ i D1 Bi .
5.61 Let R be a ring in which multiplication is not assumed to be commutative (see

the callout on page 156). If a2 D a for every a 2 R, prove that R must be a
commutative ring.
5.62 (i) If A; B are subsets of a set X , prove that B A D B \ Ac .
(ii) In any Boolean ring R, prove that b C a D b.1 C a/ C a.1 C b/.
In Exercises 5.66 and 5.63 Suppose that R is a Boolean ring and a; b 2 R. Show that
5.67, we use minus signs
in a Boolean algebra. a0 b 0 D 1 a b C ab;
Since 1 D C1, all these
signs are really +, but where a0 D 1 C a.
this notation invites you to
compare these formulas 5.64 Suppose that R is a Boolean ring and a; b 2 R. Show that
with the statement of
Inclusion-Exclusion. 1 a0 b 0 D a _ b:
5.65 Suppose that R is a Boolean ring and a; b 2 R. Show that
a _ .b _ c/ D .a _ b/ _ c:
n
5.66 Suppose that R is a Boolean ring and ai i D1 is a collection of n elements in R.
Show that
n
Y n
_
1 ai0 D ai :
i D1 i D1
n
5.67 Suppose that R is a Boolean ring and ai i D1 is a collection of n elements in R.
Show that
n
Y X X
ai0 D 1 ai C ai aj C . 1/n a1 a2 : : : an :
i D1 1i n 1i <j n
Hint: a0 D 1 a.
n
5.68 Suppose that R is a Boolean ring and ai i D1
is a collection of n elements in R.
Show that
n
_ X X
ai D ai ai aj C C . 1/n 1
a1 a2 : : : an :
i D1 1i n 1i <j n
5.69 In a Boolean ring, define a b to mean a D ab. Viewing 2X as a Boolean ring,

prove that A B in 2X if and only if A B.
i i
“book2” — 2013/5/24 — 8:18 — page 227 — #247
i i
5.70 An atom in a Boolean ring R is a nonzero element a 2 R with x a if and only

if x D 0 or x D a. If R is a finite Boolean ring, prove that every x 2 R is a sum
of atoms.
5.71 (i) If R is a finite Boolean ring, prove that R Š 2X , where X is the set of all
atoms in R.
(ii) Take It Further. Let R be the Boolean ring of all finite subsets of an infinite
set X (see Example 5.34(ii)). Prove that R 6Š 2Y for any set Y .
Hint: The simplest solution involves some set theory we have not discussed.
If X is countable, then R is countable; however, if Y is any infinite set, then
2Y is uncountable. Hence, there is no bijection R ! 2Y .
Inclusion-Exclusion
Suppose you have a class of students, all of whom take either French or Span-
ish, but none of whom take both. If 15 students are studying French and 12
students are studying Spanish, you have 15 C 12 D 27 students in your class.
Denote the number of elements in a finite set A by
jAj:
Then one way to state the above fact is that if F is the set of students studying
French and S is the set of students studying Spanish, then
jF [ S j D jF j C jS j:
We make the above counting principle explicit.
Addition Principle. If A and B are disjoint finite subsets of a set X, then
jA [ Bj D jAj C jBj:
The Addition Principle extends, by induction, to any number of finite sets.
Lemma 5.41. If .Ai /niD1 is a family of pairwise disjoint finite sets, then
ˇ[n ˇ X n
ˇ ˇ
ˇ Ai ˇ D jAi j:
i D1 i D1
Proof. The proof is by induction on n 2. The base step is the Addition

Principle. For the inductive step,
n n[1
!
[
Ai D Ai [ An :
i D1 i D1
S
n 1
Now i D1 Ai \ An D ¿: Exercise 5.60 on page 226 gives
n[1
!
Ai \ An D .A1 \ An / [ [ .An 1 \ An /;
i D1
and each Ai \ An D ¿ because the subsets are pairwise disjoint.
i i
“book2” — 2013/5/24 — 8:18 — page 228 — #248
i i
Let’s return to your class of students, 15 of whom are studying French and
12 of whom are studying Spanish. What if 4 of them are studying both French
and Spanish? You’d then have fewer than 27 students in the class because of
double counting. A Venn diagram can help you figure out how to calculate
the actual number. The goal of this subsection is to develop a general method
of calculating the number of elements in the union of a finite collection of
possibly overlapping finite sets.
As a Venn diagram illustrates, the Addition Principle no longer holds if A
and B overlap, for elements in A \ B are counted twice in jAj C jBj. What is
the formula giving a precise count of jA [ Bj? The number of things that get
counted twice must be subtracted once.
Lemma 5.42. If A and B are finite subsets of a set X, then

jA [ Bj D jAj C jBj jA \ Bj:
Proof. First note that A [ B is the disjoint union

A [ B D .A B/ [ .B A/ [ .A \ B/;
so that Lemma 5.41 gives
jA [ Bj D jA \ B c j C jAc \ Bj C jA \ Bj: (5.1)
As usual, we first compute in a Boolean ring R, after which we specialize

to 2X . Recall Proposition 5.36(ii): if a; b 2 R, then
a _ b D ab 0 C a0 b C ab;
where the summands on the right-hand side are pairwise disjoint. Hence, there
are two more equations: factor out a to get
a _ b D a.b 0 C b/ C a0 b D a C a0 b;
or factor out b to get
a _ b D ab 0 C b.a0 C a/ D ab 0 C b:
Since the summands on the right-hand side of each of the equations are pair-
wise disjoint, we can pass back to 2X to obtain
jA [ Bj D jAj C jAc \ Bj
and
jA [ Bj D jBj C jA \ B c j:
Add the equations:
2jA [ Bj D jAj C jBj C jAc \ Bj C jA \ B c j: (5.2)
Now Eq. (5.1) says that the last two terms on the right-hand side of Eq. (5.2)
can be replaced by jA [ Bj jA \ Bj, giving
2jA [ Bj D jAj C jBj C jA [ Bj jA \ Bj:
Subtracting jA [ Bj from both sides gives the desired result.
i i
“book2” — 2013/5/24 — 8:18 — page 229 — #249
i i
Example 5.43. How many positive integers < 1000 are there that are not di-
visible by 5 or by 7? If the number of positive integers that are divisible by 5
or 7 is D, then the answer is 999 D. We compute D using Lemma 5.42.
Let
A D fn 2 Z W 5 j n and 0 < n < 1000g
and
B D fn 2 Z W 7 j n and 0 < n < 1000g:
The Division Algorithm gives jAj D 199, because 999 D 199 5 C 4; similarly,
jBj D 142 and jA \ Bj D 28, where A \ B D fn 2 Z W 35 j n and 0 < n <
1000g. Hence,
jA [ Bj D jAj C jBj jA \ Bj
D 199 C 142 28 D 313:
Therefore, there are exactly 999 313 D 686 positive numbers < 1000 that
are not divisible by 5 or by 7. N
How to Think About It. You could probably convince yourself of the result
in Lemma 5.42 with a Venn diagram accompanied by a few examples. While
diagrams and examples can motivate insight, they are not substitutes for rig-
orous proof. The reason is that a picture can be misleading. For example, if
you aren’t careful about drawing a Venn diagram for the union of four or more
regions, then some possible intersections might be overlooked.
Example 5.44. Let’s look at the case of three finite subsets A, B, and C of a
set X. Before reading on, what do you think the formula should be? The basic
idea is to apply Lemma 5.42 twice.
jA [ B [ C j D j.A [ B/ [ C j
D jA [ Bj C jC j j.A [ B/ \ C j
D jAj C jBj jA \ Bj C jC j j.A \ C / [ .B \ C /j
D jAj C jBj C jC j jA \ Bj

jA \ C j C jB \ C j jA \ B \ C j

D jAj C jBj C jC j jA \ Bj C jA \ C j C jB \ C j
C jA \ B \ C j:
So, the number of elements in the union of three sets is the sum of the number
of elements in each, minus the sum of the number of elements in the pairwise
intersections, plus the number of elements that are common to all three. N
We want to generalize the formula in Example 5.44 to count the number of

elements in a union of finitely many subsets. The difficulty in deriving such
a formula by a brutal assault is that we must be careful that an element in
the union is not counted several times, for it may occur in the intersection of
several of the Ai . To illustrate, consider Figures 5.3 and 5.4, Venn diagrams
depicting the various intersections obtained from three subsets and from four
subsets.
i i
“book2˙color” — 2013/5/29 — 21:56 — page 230 — #250
i i
A B
C
Figure 5.3. Subsets of three regions. Figure 5.4. Subsets of four regions.
To count the number of elements in a union

A1 [ [ Ar ;
we proceed by induction, using the idea of Example 5.44 by shearing off Ar
and treating the union of the rest as one set. The details are technical, so
sharpen a pencil and follow along.
Given finite subsets A1 ; : : : ; Ar of a set X, let us write
Aij D Ai \ Aj ; where 1 i < j r;
Aij k D Ai \ Aj \ Ak ; where 1 i < j < k r;
:: ::
: :
Ai1 i2 iq D Ai1 \ Ai2 \ \ A1q ; where 1 i1 < i2 < iq r;
:: ::
: :
A12r D A1 \ \ Ar :
Theorem 5.45 (Inclusion–Exclusion). Given finite subsets A1 ; : : : ; Ar of a

set X, we have
X X X
jA1 [ [Ar j D jAi j jAij jC jAij k j C. 1/r 1 jA12r j:
i r i <j r i <j <kr
Proof. The proof is by induction on r 2. The base step is Lemma 5.42.

For the inductive step, the same Lemma gives
jA1 [ [ Ar 1 / [ Ar j D jA1 [ [ Ar 1 j C jAr j j.A1 [ [ Ar 1 / \ Ar j:
Now
j.A1 [ [ Ar 1/ \ Ar j D j.A1 \ Ar / [ [ .Ar 1 \ Ar /j
D jA1r [ [ Ar 1 r j;
and the inductive hypothesis gives

X X
jA1 [ [ Ar 1 j D jAi j jAij j C C . 1/r 2
jA12.r 1/ j
i r 1 i <j r 1
as well as
X X
jA1r [ [ Ar 1 rj D jAi r j jAij r j C C . 1/r 2
jA12r j:
i <r i <j <r
Finally, collect terms, realizing that . 1/r 2

D . 1/r 1
.
i i
“book2” — 2013/5/24 — 8:18 — page 231 — #251
i i
In Exercise 5.76 below, you will use Inclusion-Exclusion to give a formula

computing the Euler -function .n/.
Here is an interesting special case of Theorem 5.45 that applies when all
intersections Ai1 \ \Aiq , for each q r , have the same number of elements.
Corollary 5.46 (Uniform Inclusion-Exclusion). If A1 ; : : : ; Ar are finite sub-

sets of a set X such that, for each q r , there is an integer sq with
jAi1 \ \ Aiq j D sq ;
then
! !
r r
jA1 [ [ Ar j D r s1 s2 C s3 C . 1/r 1
sr :
2 3
P
Proof. By hypothesis, jAiP j D s1 for all i , and so i jAi j D r s1 . How many
terms are there in the sum 1i1 <:::<iq r jAi1 iq j? If q D 2, there is one term
jAij j D jAi \ Aj j for each pair of distinct Ai , Aj in fA1 ; : : : ; Ar g; that is,
there’s one term for each choice of 2 of the r subsets. If q D 3, there is one term
jAij k j D jAi \ Aj \ Ak j for each triple of distinct Ai , Aj , Ak in fA1 ; : : : ; Ar g;
that is, there’s one term for each choice
P of 3 of the r subsets. In general, there
are r choose q terms in the sum 1i1<i2 <<iq r jAi1 i2 iq j; thus, there are
r P
q
terms of the form jAi1 i2 iq j.Therefore, the sum 1i1 <:::<iq r jAi1 iq j in

the Inclusion-Exclusion formula is here equal to qr sq .
Example 5.47. Social Security numbers are 9-digit numbers of the form xxx-
xx-xxxx (there are some constraints on the digits, but let’s not worry about
them here). How many Social Security numbers are there that contain all the
odd digits?
As usual, it is easier to compute the size of the complement of a union. Let
X be the set of all 9-digit numbers and, for i D 1; 3; 5; 7; 9, let
Ri D fn 2 X W i is not a digit in ng:
Thus, R1 [ R3 [ R5 [ R7 [ R9 consists of all 9-digit numbers missing at least

one odd digit. There are 109 Social Security numbers. For each i , we have
jRi j D 99 (for i does not occur). If i < j , then jRi \ Rj j D 89 (for i and
j do not occur); if i < j < k, then jRi \ Rj \ Rk j D 79 , and so forth. By
Corollary 5.46,
! ! !
9 5 9 5 9 5 9
jR1 [ R3 [ R5 [ R7 [ R9 j D 5 9 8 C 7 6 C 59 :
2 3 4
Therefore, the answer is 109 jR1 [ R3 [ R5 [ R7 [ R9 j. N You can compute this

number explicitly if you
really care to know it.
Exercises
5.72 There is a class of students, all of whom are taking French or Spanish. If 15
students are studying French, 12 are studying Spanish, and 4 are studying both,
how many students are in the class? Notice that “or” is not “exclusive or.”
Answer: 23.
i i
“book2” — 2013/5/24 — 8:18 — page 232 — #252
i i
5.73 There is a class of students, all of whom are taking either French, German, or
Spanish. Suppose that 15 students are studying French, 12 students are studying
German, and 10 students are studying Spanish; moreover, 4 students are study-
ing French and German, 5 are studying German and Spanish, and 3 are studying
French and Spanish. One brave soul is studying all three at once. How many stu-
dents are in the class?
Answer: 26.
5.74 Is “Inclusion-Exclusion” an appropriate name for Theorem 5.45? Why?
5.75 Elvis is playing a game in which he tosses a fair coin and rolls a fair die. He wins
if either the coin comes up heads or the die rolls a multiple of 3. What is the
probability that Elvis wins the game?
5.76 * Recall that if p is a prime and is the Euler- function, then .p/ D p 1
(see page 111).
e e e
(i) Suppose n D p11 p22 p33 is a product of three prime powers. Show that
n n n n n n n
.n/ D n C C C :
p1 p2 p3 p1 p2 p1 p3 p2 p3 p1 p2 p3
e e
(ii) Generalize to show that if n D p11 p22 : : : pnen , where p1 ; : : : ; pn are distinct
primes, then
0 1
X 1 X 1 X 1 1
.n/ D n @1 C C C . 1/k A:
pi pi pj pi pj pl p1 pk
i i;j i;j;l
(iii) Using the notation of part (ii), show that

n
Y
1
.n/ D n 1 :
pk
kD1
i i
“book2” — 2013/5/24 — 8:18 — page 233 — #253
i i
6 Arithmetic of Polynomials
The two most important rings appearing in precollege mathematics are Z and
kŒx (where k is usually Q, R, or C). The goal of this chapter is to show that
these rings share some basic structural properties: both are domains, each has a
division algorithm, and non-units in each are products, in essentially only one
way, of irreducibles (primes in Z, polynomials in kŒx having no nontrivial
factorizations); there are numerous other parallels as well. Our program is to
take familiar results about Z and investigate their analogs in kŒx. Sometimes a
translation from Z to kŒx is quite simple—not only is the analog of a theorem
in Chapter 1 true, but so is its proof, mutatis mutandis; in other cases, however,
some modifications in proofs are necessary.
6.1 Parallels to Z
Divisibility
Let’s begin with a discussion of divisibility.
Definition. If R is a commutative ring and a; b 2 R, then a is a divisor of b,

denoted by
a j b;
if there is r 2 R with b D ar . We continue using the usual synonyms: a
divides b or b is a multiple of a.
The next result, analogous to Lemma 1.13, will be very useful in what fol-
lows. It allows us to use degree in kŒx as a proxy for absolute value in Z.
Lemma 6.1. Let k be a field and let f .x/; g.x/ 2 kŒx. If f ¤ 0 and f j g,
then
deg.f / deg.g/:
Proof. If g D f q, where q.x/ 2 kŒx, then Lemma 5.8(ii) gives deg.g/ D

deg.f q/ D deg.f /Cdeg.q/. Since deg.q/ 0, we have deg.f / deg.g/.
Recall that a unit in a commutative ring R is an element that has a multiplic- Sometimes, we’ll denote a
polynomial by f .x/; other
itive inverse in R. The only units in Z are ˙1, but the polynomial ring kŒx, times, we’ll simply write
where k is a field, has many units, as the next proposition shows. f . Both conventions are
commonly used in algebra.
Proposition 6.2. If k is a field, then u.x/ 2 kŒx is a unit if and only if u is a
nonzero polynomial of degree 0I that is, u is a nonzero constant.
233
i i
“book2” — 2013/5/24 — 8:18 — page 234 — #254
i i
234 Chapter 6 Arithmetic of Polynomials
Proof. If u is a unit, then there is a polynomial v.x/ 2 kŒx with uv D 1. Thus,

u j 1 and, by Lemma 6.1, we have deg.u/ deg.1/ D 0. Hence, deg.u/ D 0.
Conversely, if deg.u/ D 0, then u 2 k. Since k is a field and u ¤ 0, there
is an inverse u 1 in k; that is, u is a unit in k. A fortiori, u is a unit in kŒx.
Describing the units in kŒx when k is not a field is much more complicated.
For example, a nonzero constant need not be a unit: 5 is not a unit in ZŒx. And
a unit need not be a constant: .2x C 1/2 D 4x 2 C 4x C 1 D 1 in Z4 Œx, so that
2x C 1 is a unit in Z4 Œx (it is its own inverse).
Multiplying an element of a commutative ring by a unit doesn’t change any
of its essential algebraic properties. It’s convenient to give a name to elements
that are so related.
Definition. An associate of an element a in a commutative ring R is an ele-

ment of the form ua for some unit u 2 R.
Example 6.3. (i) Since the only units in Z are ˙1, the associates of an inte-
ger m are ˙m.
(ii) There are only four units in the Gaussian integers ZŒi , by Proposition
4.42: namely ˙1 and ˙i . Hence, every nonzero Gaussian integer z has
four associates: z; z; iz; iz.
(iii) There
are exactly six units in the Eisenstein integers ZŒ!, where ! D
1
p
2
1 C i 3 , by Exercise 4.45 on page 165. Hence, every Eisenstein
integer z has exactly six associates: ˙z; ˙!z; ˙! 2 z:
(iv) If k is a field, Proposition 6.2 says that the associates of f .x/ 2 kŒx are
nonzero multiples uf for u 2 k. N
Proposition 6.4. If k is a field, every nonzero polynomial in kŒx has a monic

associate.
Proof. If the leading coefficient of f is c, then c, being a nonzero element of

k, is a unit, and so f is associate to c 1 f .
In a commutative ring R, every element a 2 R is divisible by units u (for
a D u.u 1 a/) and associates ua [for a D u 1 .ua/]. An element having only
these obvious divisors is called irreducible.
Definition. An element a in a commutative ring R is irreducible in R if it is

neither zero nor a unit and its only divisors are units and associates.
The definition of prime on An integer n is irreducible in Z if and only if n D ˙p for some prime p;
page 22 says that primes that is, n is an associate of a prime. When k is a field, Proposition 6.2 implies
are positive. that every associate uf of a polynomial f .x/ 2 kŒx has the same degree as f ,
and it is easy to see that if f is irreducible, then uf is also irreducible.
How to Think About It. We have defined irreducible in R, not irreducible,

for irreducibility depends on the ambient ring. In particular, irreducibility of a
polynomial in kŒx depends on the coefficient ring k, hence on R D kŒx. For
example, the polynomial x 2 C 1, when viewed as lying in RŒx, is irreducible.
On the other hand, when x 2 C 1 is viewed as lying in the larger ring CŒx,
i i
“book2” — 2013/5/24 — 8:18 — page 235 — #255
i i
6.1 Parallels to Z 235
it is not irreducible, for x 2 C 1 D .x C i /.x i / and neither factor is a unit.

Similarly, a prime p may factor in some larger commutative ring containing Z.
For example, in the Gaussian integers ZŒi , the prime 5 in Z factors: 5 D
.2 C i /.2 i /. Since the only units in ZŒi are ˙1 and ˙i , by Example 6.3(iii),
the factors are neither units nor associates of 5 in ZŒi .
In general, testing a polynomial for irreducibility is hard. Here is a crite-

rion for irreducibility of polynomials over fields that uses degree to narrow the
kinds of polynomials that need to be tested as factors.
Proposition 6.5. Let k be a field and let f .x/ 2 kŒx be a nonconstant polyno-
mial. Then f is irreducible in kŒx if and only if it has no factorization f D gh
in kŒx with both factors having degree < deg.f /.
Proof. If f is irreducible in kŒx and f D gh, then one factor, say g, is a

unit (why?). By Proposition 6.2, we have deg.g/ D 0 < deg.f /, for f is
nonconstant.
Conversely, if f D gh and f is not a product of polynomials of smaller
degree, then one factor, say g, must have degree 0, hence it is a unit. Therefore And the other factor is
f is irreducible in kŒx. h D g 1 f , an associate
of f .
Every linear polynomial a.x/ D r x C s 2 kŒx, where k is a field, is ir-
reducible in kŒx: if a D fg, then 1 D deg.a/ D deg.f / C deg.g/. Hence,
deg.f /; deg.g/ 2 f0; 1g. It follows that one degree is 0 and the other is 1,
and so a is irreducible, by Proposition 6.5. There are fields k whose only ir- See Corollary 6.15.
reducible polynomials are linear; for example, the Fundamental Theorem of
Algebra says that C is such a field.
Proposition 6.5 need not be true if the ring of coefficients is not a field.
Indeed, linear polynomials need not be irreducible. For example, 5x C 5 D
5.x C 1/ is not irreducible in ZŒx, even though one factor has degree 0 and
the other degree 1, for 5 is not a unit in ZŒx.
Proposition 6.6. Let R be a domain and let a; b 2 R.

(i) a j b and b j a if and only if a and b are associates.
(ii) Let k be a field and a; b 2 R D kŒx be monic polynomials. If a j b and
b j a, then a D b.
Proof. (i) If a j b and b j a, there are r; s 2 R with b D ra and a D sb, and

so b D ra D r sb. If b D 0, then a D 0 (because b j a); if b ¤ 0, then
we may cancel it (R is a domain) to obtain 1 D r s. Hence, r and s are
units, and a and b are associates. The converse is obvious (and it does not
need the hypothesis that R be a domain).
(ii) Corollary 5.9 tells us that R is a domain, so, by part (i), there is a unit
u 2 kŒx with a D ub. Now u is a nonzero constant, by Proposition 6.2.
Because a j b and b j a, a and b have the same degree (by Lemma 6.1),
say m. Since they are monic, the leading coefficient of ub is u and the
leading coefficient of a is 1. Hence u D 1 and a D b.
The next example shows that we need the hypothesis in Proposition 6.6 that
R be a domain.
i i
“book2” — 2013/5/24 — 8:18 — page 236 — #256
i i
Example 6.7 (Kaplansky). Let X be the interval Œ0; 3. We claim that there
are elements a; b 2 C.X/ (see Example 4.31(ii)) each of which divides the
other yet which are not associates. Define
a.t/ D 1 t D b.t/ for all t 2 Œ0; 1

a.t/ D 0 D b.t/ for all t 2 Œ1; 2
a.t/ D t 2 for all t 2 Œ2; 3
b.t/ D t C 2 for all t 2 Œ2; 3:
If v 2 C.X/ satisfies v.t/ D 1 for all t 2 Œ0; 1 and v.t/ D 1 for all t 2 Œ2; 3,
then it is easy to see that b D av and a D bv (same v); hence, a and b divide
each other.
Suppose a and b are associates: there is a unit u 2 C.X/ with b D au. As
for v above, u.t/ D 1 for all t 2 Œ0; 1 and u.t/ D 1 for all t 2 Œ2; 3; in
particular, u.1/ D 1 and u.2/ D 1. Since u is continuous, the Intermediate
Value Theorem of calculus says that u.t/ D 0 for some t 2 Œ1; 2. But this
contradicts Exercise 4.41(ii) on page 164, which says that units in C.X/ are
never 0. N
The next result shows that irreducible polynomials over a field behave like
primes in Z; they are “building blocks” in the sense that every nonconstant
polynomial can be expressed in terms of them.
Proposition 6.8. If k is a field, then every nonconstant polynomial in kŒx is

a product of irreducibles.
We continue to use the Proof. If the proposition is false, then the set
term product as we have in
earlier chapters: a product C D fa.x/ 2 kŒx W a is neither a constant nor a product of irreduciblesg
can have only one factor.
Thus, it’s okay to say that
is nonempty. Let h.x/ 2 C have least degree (the Least Integer Axiom guaran-
a single irreducible is a
product of irreducibles. tees h exists). Since h 2 C , it is not a unit, and so 0 < deg.h/; since h is not ir-
reducible, h D fg, where neither f nor g is a unit, and so, by Proposition 6.2,
neither f nor g is constant. Hence, Lemma 6.1 gives 0 < deg.f / < deg.h/
and 0 < deg.g/ < deg.h/. It follows that f … C and g … C , for their degrees
are too small (h has the smallest degree of polynomials in C ). Thus, both f
and g are products of irreducibles and, hence, h D fg is a product of irre-
ducibles, contradicting h 2 C . Therefore, C is empty, and the proposition is
true.
Corollary 6.9. If k is a field, then every nonconstant f .x/ 2 kŒx has a fac-
torization
f .x/ D ap1 .x/ pn .x/;
where a is a nonzero constant and the pi are monic irreducibles.
Proof. Apply the result of Exercise 6.8 on page 243 to a factorization of f as

in the proposition.
We continue showing that polynomials over fields behave very much like
integers. Let’s first do some long division.
i i
“book2” — 2013/5/24 — 8:18 — page 237 — #257
i i
4x 3 14x 2

x 2 C 3x 2 4x 5 2x 4 C x 3
4x 5 C12x 4 8x 3
14x 4 C9x 3
::
:
This process can be completed until we get 0 or a remainder of degree < 2

(which is it?). Generalizing, there is a Division Algorithm for RŒx, where R
is any commutative ring: if a.x/; b.x/ 2 RŒx and a is monic, then there are
q.x/; r .x/ 2 RŒx with b D qa C r , where r D 0 or deg.r / < deg.a/. The
basic idea is to mimic what we’ve just done.
Proposition 6.10. Let R be a commutative ring and f .x/; g.x/ 2 RŒx. If f

is monic, then there exist q.x/; r .x/ 2 RŒx with
g D qf C r;
where r D 0 or deg.r / < deg.f /.
Proof. Let
f D x n C an 1x
n 1
C C a0 and g D bm x m C bm 1x
m 1
C C b0 :
If m D deg.g/ < deg.f / D n, then take q D 0 and r D g. In Z, if b < a, then

If m n, the quotient begins with bm x m n multiplied by f ; now subtract, b D 0a C b; for example,
27 D 0 35 C 27. Similarly
getting a polynomial of degree less than m. The rest of the proof is by induction
for polynomials: x 2 C 1 D
on m D deg.g/ n. If 0.x 3 C x 2 1/ C .x 2 C 1/.
G.x/ D g bm x m n
f;
then either G D 0 or deg.G/ < m D deg.g/. If G D 0, we are done: set

q D bm x m n and r D 0. If G ¤ 0, the inductive hypothesis gives polynomials
q 0 and r with G D q 0 f Cr , where either r D 0 or deg.r / < deg.f /. Therefore,
g bm x m n f D q 0 f C r , and so

g D bm x m n C q 0 f C r:
When R is a field, we can divide by every nonzero polynomial, not merely

by monic ones; moreover, the quotient and remainder are unique.
Theorem 6.11 (Division Algorithm). Let k be a field and f .x/; g.x/ 2 kŒx.
If f ¤ 0, then there exist unique q.x/; r .x/ 2 kŒx with
g D qf C r;
where r D 0 or deg.r / < deg.f /.
Proof. We first prove the existence of q and r . Now f D an x n C C a0 ,

where an ¤ 0. Since k is a field, it contains the inverse an 1 . Hence, an 1 f is
monic, and Proposition 6.10 gives q 0 .x/; r .x/ 2 kŒx with
g D q 0 .an 1 f / C r;
i i
“book2” — 2013/5/24 — 8:18 — page 238 — #258
i i
where either r D 0 or deg.r / < deg.an 1 f / D deg.f /. Therefore,
g D qf C r;
where q D q 0 an 1 .
To prove uniqueness of q and r , assume that g D Qf C R, where R D 0
or deg.R/ < deg.f /. Then qf C r D g D Qf C R, and
.q Q/f D R r:
If R ¤ r , then each side, being nonzero, has a degree. Since k is a field, kŒx
is a domain (Lemma 5.8), and so

deg .q Q/f D deg.q Q/ C deg.f /
deg.f /;
while deg.R r / maxfdeg.R/; deg.r /g < deg.f /, a contradiction. Hence,

R D r and .q Q/f D 0. As f ¤ 0, it can be canceled: thus, q Q D 0
and q D Q.
By Exercise 6.5 on page 243, Theorem 6.11 remains true if we weaken the
hypothesis so that k is only a domain.
There is a two-step strategy to determine whether one integer divides an-
other: first, use the Division Algorithm; then show that the remainder is zero.
This same strategy can now be used for polynomials.
Example 6.12. This example shows that quotients and remainders may not
be unique when the coefficients do not lie in a domain. In Z4 Œx, let b.x/ D
2x 3 C 3 and a.x/ D 2x 2 C 2x C 1. Then
2x 3 C 3 D .x C 1/.2x 2 C 2x C 1/ C .x C 2/
D .x C 3/.2x 2 C 2x C 1/ C x:
The quotient and remainder in the first equation are x C 1 and x C 2, while the
quotient and remainder in the second equation are x C 3 and x. Note that both
x C 2 and x are linear, and hence
deg.x C 2/ D deg.x/
D1
< deg.a/
D 2: N
In forthcoming investigations into roots of unity, we’ll need to know whether

x m 1 divides x n 1. Certainly this is true when m j n because, if n D mq,
xn 1 D x mq 1
D .x m /q 1

D .x m 1/ .x m /q 1
C .x m /q 2
C C .x m /2 C x m C 1 :
The converse is also true, and the proof uses the Division Algorithms in Z and
in kŒx.
i i
“book2” — 2013/5/24 — 8:18 — page 239 — #259
i i
Proposition 6.13. If k is a field, then x m 1 divides x n 1 in kŒx if and only

if m j n.
Proof. We’ve seen above that x m 1 divides x n 1 if m j n.

Conversely, suppose that x m 1 divides x n 1. If n D mq C r where
0 r < m, then
xn 1 D x mqCr 1
mqCr
Dx xr C xr 1
r mq
D x .x 1/ C .x r 1/ :
We’re assuming that x m 1 divides x n 1 and, as in the discussion just

preceding this proposition, x m 1 divides x mq 1. Hence, by the 2 out of
3 property for polynomials (Exercise 6.7 on page 243), x m 1 divides x r 1.
Since r < m, we must have r D 0 (why?).
Roots
We are going to apply the preceding results to roots of polynomials. We’ve
been using the word “root” all along; let’s begin with a formal definition.
Definition. If f .x/ 2 kŒx, where k is a field, then a root of f in k is an

element a 2 k with f .a/ D 0.
How to Think About It. We have just defined “root in k,” not “root.” Often,
a root of a polynomial f .x/ 2 kŒx may live in a larger field K containing k,
For example, f .x/ D x 2 2 has
but we still call it a root of f . p pits coefficients
in Q, but
p we usually say that 2 is a root of f even though 2 is irrational;
that is, 2 … Q.
Etymology. Why is a root so called? Just as the Greeks called the bottom
side of a triangle its base (as in the area formula 12 altitude base), they also
called the bottom side of a square its base. A natural question for the Greeks
was: givenpa square of area A, what is the length
p of its side? Of course, the
answer is A. Were we inventing a word for A, we might have called it the
base of A or the side of A. Similarly, consider the analogous three-dimensional
question:
p given a cube of volume V , what is the length
p of its edge? The answer
3
V might be called the cube base of V , and A might then be called the
square base of A. Why, then, do we call these numbers cube root and square
root? What has any of this to do with plants?
Since tracing the etymology of words is not a simple matter, we only sug-
gest the following explanation. Through 400 CE, most mathematics was written
in Greek, but, by the fifth century, India had become a center of mathematics,
and important mathematical texts were also written in Sanskrit. The Sanskrit
term for square root is pada. Both Sanskrit and Greek are Indo-European lan-
guages, and the Sanskrit word pada is a cognate of the Greek word podos;
both mean base in the sense of the foot of a pillar or, as above, the bottom of a
square. In both languages, however, there is a secondary meaning “the root of a
plant.” In translating from Sanskrit, Arab mathematicians chose the secondary
i i
“book2” — 2013/5/24 — 8:18 — page 240 — #260
i i
meaning, perhaps in error (Arabic is not an Indo-European language), perhaps

for some unknown reason. For example, the influential book by al-Khwarizmi,
This title can be translated Al-jabr w’al muqabala, which appeared in the year 830 CE, used the Arabic
from Arabic, but the word jidhr, meaning root of a plant. (The word “algebra” is a European ver-
words already had a
sion of the first word in the title of this book; the author’s name has also come
technical meaning: both
jabr and muqabala refer into the English language as the word “algorithm.”) This mistranslation has
to operations akin to since been handed down through the centuries; the term jidhr became standard
subtracting the same in Arabic mathematical writings, and European translations from Arabic into
number from both sides of Latin used
an equation.
p the word radix (meaning root, as in radish or radical). The notation
r 2 for 2 occurs in European writings from about the twelfth century (but the
square root symbol did not arise from the letter r ; it evolved from an old dot
notation). However, there was a competing notation in use at the same p time,
for some scholars who translated directly from the Greek denoted 2 by l 2,
where l abbreviates the Latin word latus, meaning “side.” Finally, with the in-
vention of logarithms in the 1500s, r won out over l , for the notation l 2 was
then commonly used to denote log 2. The passage from square root to cube
root to the root of a polynomial equation other than x 2 a and x 3 a is a
natural enough generalization. Thus, as pleasant as it would be, there seems to
be no botanical connection with roots of equations.
Proposition 6.14 (Remainder Theorem). Let f .x/ 2 kŒx, where k is a field.

If u 2 k, then there is q.x/ 2 kŒx with
f .x/ D q.x/.x u/ C f .u/:
Proof. The Division Algorithm gives
f .x/ D q.x/.x u/ C r;
where either r D 0 or deg.r / < deg.x u/ D 1; hence, the remainder r

is a constant. By Corollary 5.21, evaluation at u is a homomorphism; hence,
f .u/ D q.u/.u u/ C r , and so f .u/ D r .
Proposition 6.14 is often paraphrased to say that f .u/ is the remainder after
dividing f .x/ by x u.
Here is a connection between roots and factoring.
Corollary 6.15 (Factor Theorem). Let f .x/ 2 kŒx, where k is a field, and
let a 2 k. Then a is a root of f in k if and only if x a divides f .
Proof. If a is a root of f in k, then f .a/ D 0, and Proposition 6.14 gives

f .x/ D q.x/.x a/. Conversely, if f .x/ D g.x/.x a/, then evaluating at
a gives f .a/ D g.a/.a a/ D 0; that is, a is a root of f in k.
The next result turns out to be very important.
Theorem 6.16. Let k be a field. If f .x/ 2 kŒx has degree n, then f has at
most n roots in k.
Proof. We prove the statement by induction on n 0. If n D 0, then f is a

nonzero constant, and the number of its roots in k is zero. Now let n > 0. If f
i i
“book2” — 2013/5/24 — 8:18 — page 241 — #261
i i
has no roots in k, we are done, for 0 n. Otherwise, we may assume that f

has a root a in k. By Corollary 6.15,
f .x/ D q.x/.x a/I
moreover, q.x/ 2 kŒx has degree n 1. If there is another root of f in k, say

b, where b ¤ a, then evaluating at b gives
0 D f .b/ D q.b/.b a/:
Since b a ¤ 0, we have q.b/ D 0 (for k is a field, hence a domain); that is,

b is a root of q. But deg.q/ D n 1, so that the inductive hypothesis says that
q has at most n 1 roots in k. Therefore, f has at most n roots in k, namely
a and the roots of q.
Example 6.17. Theorem 6.16 is not true for polynomials with coefficients in
an arbitrary commutative ring. For example, the quadratic polynomial
x 2 1 in Z8 Œx has four roots in Z8 , namely 1; 3; 5, and 7. On the other hand,
Exercise 6.14 on page 247 says that Theorem 6.16 remains true if we assume
that the coefficient ring is only a domain. N
Recall that every polynomial f .x/ 2 kŒx determines the polynomial func-
tion f # 2 Poly.k/, where f # W k ! k is defined by a 7! f .a/ for all a 2 k.
On page 204, however, we saw that the nonzero polynomial f .x/ D x p x 2
Fp Œx determines the constant function zero; different polynomials can deter-
mine the same polynomial function. This pathology vanishes when the field k
is infinite.
Proposition 6.18. Let k be an infinite field and f .x/; g.x/ 2 kŒx. If f and
g determine the same polynomial function .that is, f # D g# , so that f .a/ D
g.a/ for all a 2 k/, then f D g.
Proof. If f ¤ g, then the polynomial h D f g, being nonzero, has a degree,

say n. But every element of k is a root of h; since k is infinite, h has more than
n roots, and this contradicts Theorem 6.16.
This proof yields a more general result.
Corollary 6.19. Let k be a .possibly finite/ field, and let f .x/; g.x/ 2 kŒx,
where deg.f / deg.g/ D n. If f .a/ D g.a/ for n C 1 elements a 2 k, then
f D g.
Proof. If f ¤ g, then deg.f g/ is defined; but deg.f g/ n, and so

f g has too many roots.
We can now show that kŒx and Poly.k/ are structurally the same for the
most familiar fields k.
Theorem 6.20. If k is an infinite field, then
kŒx Š Poly.k/:
i i
“book2” — 2013/5/24 — 8:18 — page 242 — #262
i i
Proof. In Example 5.14(ii), we saw that 'W kŒx ! Poly.k/, sending f 7! f # ,

is a surjective homomorphism. Since k is infinite, Proposition 6.18 applies to
show that ' is injective. Therefore, ' is an isomorphism.
We now generalize Proposition 6.18 to polynomials in several variables.
Denote the n-tuple .x1 ; : : : ; xn / by X.
Proposition 6.21. Let k be an infinite field.

(i) If f .X/ 2 kŒX D kŒx1 ; : : : ; xn is nonzero, then there are a1 ; : : : ; an 2
k with f .a1 ; : : : ; an / ¤ 0.
(ii) If f .X/; g.X/ 2 kŒX and
f .a1 ; : : : ; an / D g.a1 ; : : : ; an / for all .a1 ; : : : ; an / 2 k n ;
then f D g.
Proof. (i) The proof is by induction on n 1. If n D 1, then the result is

Proposition 6.18, because f .a/ D 0 for all a 2 k implies f D 0. For the
inductive step, assume that
f .x1 ; : : : ; xn / D B0 C B1xn C B2 xn2 C C Br xnr ;
where all Bi 2 kŒx1; : : : ; xn 1 and Br ¤ 0. By induction, there is ˛ D
.a1 ; : : : ; an 1 / 2 k n 1 with Br .˛/ ¤ 0. Hence, f .˛; xn/ 2 kŒxn , and
f .˛; xn / D B0 .˛/ C B1 .˛/xn C C Br .˛/xnr ¤ 0:
Since f .˛; xn / and By the base step, there is an 2 k with f .˛; an / ¤ 0.
g.˛; xn / lie in kŒxn , we
have f .˛; b/; g.˛; b/ 2 k.
(ii) The proof is by induction on n 1; the base step is Proposition 6.18. For
the inductive step, write
X X
f .X; y/ D pi .X/y i and g.X; y/ D qi .X/y i ;
i i
where X denotes .x1 ; : : : ; xn 1 / (by allowing some p’s and q’s to be

zero,we may assume that both sums involve the same indices i ). Suppose
that f .˛; b/ D g.˛; b/ forP every ˛ 2 k n 1 and everyPb 2 k. For fixed
n 1
˛2k , define F˛ .y/ D i pi .˛/y i and G˛ .y/ D i qi .˛/y i . Since
both F˛ .y/ and G˛ .y/ are in kŒy, the base step gives pi .˛/ D qi .˛/ for
all ˛ 2 k n . By the inductive hypothesis, pi .X/ D qi .X/ for all i , and
hence
X X
f .X; y/ D pi .X/y i D qi .X/y i D g.X; y/:
i i
Exercises
6.1 Prove that the only units in ZŒx are ˙1, and that the only associates of a polyno-
mial f .x/ 2 ZŒx are ˙f .
6.2 * Let R be a domain, and let p.x/; q.x/ 2 RŒx.
(i) If p and q are irreducible, prove that p j q if and only if there is a unit u with
q D up.
(ii) If, in addition, both p and q are monic, prove that p j q implies u D 1 and
p D q.
i i
“book2” — 2013/5/24 — 8:18 — page 243 — #263
i i
6.3 (i) If R is a domain, prove that the only units in RŒx are units in R.
(ii) The domain Z2 has only one unit. Give an example of an infinite domain
having only one unit.
6.4 Let R be a commutative ring and let a.x/; b.x/ 2 RŒx, where a ¤ 0. Prove that
Proposition 6.10 generalizes: if the leading coefficient of a is a unit, then there
exist q.x/; r.x/ 2 RŒx with b D qa C r, where either r D 0 or deg.r/ < deg.a/.
6.5 * Let k be a domain and let a.x/; b.x/ 2 kŒx, where a ¤ 0. Prove that the
uniqueness statement in the Division Algorithm generalizes: if there are q; r; Q; R
in kŒx with qa C r D b D Qa C R, where r D 0 or deg.r/ < deg.a/, and where
R D 0 or deg.R/ < deg.a/, then R D r and Q D q.
6.6 Let k be a domain and let f .x/ 2 kŒx. If a.x/ is an associate of f , prove that
deg.f / D deg.a/. Give an example to show that the statement may be false if k
is not a domain.
6.7 * Show that there is a “2 out of 3” result for polynomials, analogous to the one for
integers: if k is a field and f; g; h 2 kŒx are polynomials such that f D g C h,
then a polynomial that divides two of the three will divide the third.
6.8 * Let R be a domain and f .x/ 2 RŒx be nonzero. If f D g1 gn , where
gi .x/ 2 RŒx for all i , show that there exist a nonzero a 2 R and monic gi0 .x/ 2
RŒx with f D ag10 gn0 .
6.9 (i) Let f .x/; g.x/ 2 QŒx with f monic. Write a pseudocode (or a program
in a CAS) implementing the Division Algorithm with input f; g and output
q.x/; r.x/, the quotient and remainder.
(ii) Find the quotient and remainder by dividing x 3 C 2x 2 8x C 6 by x 1 as
you would in high school.
6.10 * If R is a commutative ring, define a relation on R by a b if they are
associates. Prove that is an equivalence relation on R.
6.11 A student claims
p that x p1 is not irreducible in QŒx because there is a factoriza-
tion x 1 D . x C 1/. x 1/. Explain the error of his ways.
6.12 * Prove that the ideal .x; y/ in kŒx; y, where k is a field, is not a principal ideal.
Greatest Common Divisors

We now introduce gcd’s of polynomials f .x/; g.x/ 2 RŒx. It doesn’t make
sense to say that f g, even when R D R, but it does make sense to say
deg.f / deg.g/. Although some of the coming definitions make sense for
polynomial rings RŒx over a commutative ring R, we will focus our attention
on the rings kŒx for fields k.
Definition. Let k be a field. A common divisor of polynomials a.x/; b.x/ 2

kŒx is a polynomial c.x/ 2 kŒx with c j a and c j b. If a and b are not both 0,
define their greatest common divisor, denoted by Note the convention that
greatest common divisors
gcd.a; b/; are monic. We’ll say more
about this in a moment.
to be a monic common divisor d of a and b of largest degree. If a D 0 D b,
define gcd.0; 0/ D 0.
The next proposition shows that gcd’s exist; it is true, but not obvious, that
every pair a; b 2 kŒx has a unique gcd (Corollary 6.29).
i i
“book2” — 2013/5/24 — 8:18 — page 244 — #264
i i
Proposition 6.22. If k is a field and a.x/; b.x/ 2 kŒx, then a gcd of a; b

exists.
Proof. We saw, in Lemma 6.1, that if c and a are polynomials with c j a,

then deg.c/ deg.a/. It follows that gcd’s exist, for common divisors do exist
(1 is always a common divisor), and there is an upper bound on the degrees of
common divisors, namely, maxfdeg.a/; deg.b/g. Finally, a common divisor d
of largest degree can be replaced by a monic associate.
Defining gcd’s of polynomials to be monic is just a normalization; after all,

when we defined gcd’s of integers, we insisted they should be positive. This
will be needed to prove uniqueness of gcd’s.
Example 6.23. Here is an easy computation of a gcd, generalizing Lemma 1.17.

Let k be a field and p.x/ 2 kŒx be a monic irreducible polynomial. If b.x/ 2
kŒx, then
(
p if p j b
gcd.p; b/ D
1 otherwise.
A common divisor c of p and b is, in particular, a divisor of p. But the only

monic divisors of p are p and 1, and so gcd.p; b/ D p or 1; it is p if p j b,
and it is 1 otherwise. N
We are going to see that gcd’s of polynomials are linear combinations. The
proof of this fact for gcd’s of integers essentially involved ideals in Z, and so
we now examine ideals in kŒx.
In any commutative ring R, associates a and b generate the same principal
ideal (the converse may be false if R is not a domain).
Proposition 6.24. Let R be a domain and a; b 2 R. The principal ideals .a/

and .b/ are equal if and only if a and b are associates.
Proof. If .a/ D .b/, then a 2 .b/; hence, a D r b for some r 2 R, and so

b j a. Similarly, b 2 .a/ implies a j b, and so Proposition 6.6 shows that a and
b are associates.
Conversely, if a D ub, where u is a unit, then a 2 .b/ and .a/ .b/.
Similarly, b D u 1 a implies .b/ .a/, and so .a/ D .b/.
Ideals in general commutative rings can be quite complicated, but we have

seen, in Theorem 5.29, that every ideal in Z is principal. When k is a field, all
the ideals in kŒx are also principal.
Theorem 6.25. If k is a field, then every ideal in kŒx is a principal ideal. In

fact, either I D .0/ or there is a unique monic d.x/ with I D .d / D frd W
r 2 kg.
Proof. If I D .0/, then I is a principal ideal with generator 0; that is, I D .0/.
Otherwise, let a.x/ be a polynomial in I of least degree. Since a 2 kŒx
is nonzero, its leading coefficient c ¤ 0; since k is a field, c 1 exists, and
d D c 1 a is monic. By Proposition 6.24, .a/ D .d /.
i i
“book2” — 2013/5/24 — 8:18 — page 245 — #265
i i
Clearly, .d / I . For the reverse inclusion, let f .x/ 2 I . By the Division

Algorithm, there are q.x/; r .x/ 2 kŒx with f D qd C r , where either r D 0
or deg.r / < deg.d /. But r D f qd 2 I , so that if r ¤ 0, its existence
contradicts d being a polynomial in I of least degree. Hence, r D 0, d j f ,
and f 2 .d /. Therefore, I .d /, and I D .d /.
To prove uniqueness, suppose that d 0 .x/ 2 kŒx is a monic polynomial
with .d 0 / D .d /. By Proposition 6.24, d 0 and d are associates; there is a unit
u 2 kŒx with d 0 D ud . Now u 2 k, by Proposition 6.2. Since both d 0 and d
are monic, we have u D 1 and d 0 D d .
Recall Example 5.27(iv): the set I consisting of all polynomials f .x/ 2
RŒx having i as a root is an ideal in RŒx containing .x 2 C 1/. We can now
say more.
Corollary 6.26. The ideal I RŒx consisting of all polynomials f .x/ 2

RŒx having i as a root is equal to .x 2 C 1/.
Proof. Now .x 2 C 1/ I . For the reverse inclusion, we know that I D .d /,

where d is the unique monic polynomial of least degree in I . But x 2 C 1 is a
monic polynomial in I , and there can be no such polynomial of smaller degree
lest i be a root of a linear polynomial in RŒx.
It is not true that ideals in arbitrary commutative rings are necessarily prin-
cipal, as the next example shows.
Example 6.27. Let R D ZŒx, the commutative ring of all polynomials over
Z. It is easy to see that the set I of all polynomials with even constant term is
an ideal in ZŒx. We show that I is not a principal ideal.
Suppose there is d.x/ 2 ZŒx with I D .d /. The constant 2 2 I , so that
there is f .x/ 2 ZŒx with 2 D df . Since the degree of a product is the sum
of the degrees of the factors, 0 D deg.2/ D deg.d / C deg.f /. Since degrees
are nonnegative, it follows that deg.d / D 0; i.e., d is a nonzero constant.
As constants here are integers, the candidates for d are ˙1 and ˙2. Suppose
d D ˙2; since x 2 I , there is g.x/ 2 ZŒx with x D dg D ˙2g. But every
coefficient on the right side is even, while the coefficient of x on the left side is
1. This contradiction gives d D ˙1. Thus, d is a unit and, by Example 5.30,
I D .d / D ZŒx, another contradiction. Therefore, no such d exists; that is, I But see Exercise 6.22
is not a principal ideal. N on page 248. There
is h.x/ 2 ZŒx with
I D .2; h/
Recall that if R is any commutative ring and a; b 2 R, then a linear combi-
nation of a; b is an element of R of the form sa C tb, where s; t 2 R. Given
a; b, the set I of all linear combinations of a; b is an ideal in R. The next
theorem parallels Theorem 1.19.
Theorem 6.28. If k is a field and f .x/, g.x/ 2 kŒx, then any gcd of f; g
is a linear combination of f and gI that is, if d.x/ is a gcd, then there are
s.x/; t.x/ 2 kŒx with
d D sf C tg:
Proof. The set I of all linear combinations of f and g is an ideal in kŒx; by

Theorem 6.25, there is d.x/ 2 kŒx with I D .d /. If both f and g are 0, then
i i
“book2” — 2013/5/24 — 8:18 — page 246 — #266
i i
d D 0, and we are done; otherwise, we may assume that d is monic. We know

that d D sf C tg for some s and t, because d lies in I . We claim that d is a
gcd. Now d is a common divisor, for f; g 2 I D .d /. If h is a common divisor
of f and g, then f D f1 h and g D g1 h. Hence, d D sf C tg D .sf1 C tg1 /h
and h j d . Therefore, deg.h/ deg.d /, and so d is a monic common divisor
of largest degree.
We can characterize gcd’s in kŒx.
Corollary 6.29. Let k be a field and let f .x/, g.x/ 2 kŒx. A monic common
divisor d.x/ is a gcd of f; g if and only if d is divisible by every common
divisor; that is, if h is any common divisor of f; g, then h j d .
Proof. The end of the proof of Theorem 6.28 shows that if h is a common
divisor, then h j d . Conversely, if h j d , then deg.h/ deg.d /, and so d is a
monic common divisor of largest degree.
Theorem 6.30. Let f .x/, g.x/ 2 kŒx, where k is a field, and let I D .f; g/
be the ideal of all linear combinations of f and g.
(i) If d.x/ 2 kŒx is monic, then d D gcd.f; g/ if and only if I D .d /.
Recall that gcd’s are re- (ii) f and g have a unique gcd.
quired to be monic. That’s
essential to uniqueness.
Proof. (i) Suppose that d D gcd.f; g/. We show that .d / I and I
.d /. Theorem 6.28 shows that d 2 I ; therefore, .d / I (for every
multiple of d is also a linear combination). For the reverse inclusion, let
h D uf C vg 2 I . Now d j f and d j g, because d is a common divisor,
and so d j h. Hence, h D rd 2 .d /; that is, I .d /, and so I D .d /.
Conversely, suppose that I D .d /. Then d D sf C tg, and so every
common divisor h of f; g is a divisor of d . Hence, Corollary 6.29 gives
d D gcd.f; g/.
(ii) If d and d 0 are gcd’s of f and g, then .d / D .d 0 /, by part (i). Since both
d and d 0 are monic, we must have d D d 0 , by Theorem 6.25.
How to Think About It. It’s a good idea to stop and take stock of where we
are in our program of displaying parallels between integers and polynomials.
For polynomials over a field, we have, so far
extended the notion of divisibility
generalized “prime” to “irreducible”
shown that factorizations into irreducibles exist
established a division algorithm
shown that the gcd of two polynomials exists and is unique
shown that the gcd of two polynomials is a linear combination of them.
Thinking back to Chapter 1, what’s next? There were two main paths we took
then: one led to unique factorization—the Fundamental Theorem of Arith-
metic; one led to Euclidean Algorithms. We’ll follow both these paths for poly-
nomials.
i i
“book2” — 2013/5/24 — 8:18 — page 247 — #267
i i
Exercises
6.13 Find the gcd of each pair .f; g/ in QŒx and write it as a linear combination of f
and g.
(i) .x 3 x 2 x 2; x 3 3x 2 C 3x 2/
(ii) .x 6 1; x 5 1/
(iii) .x 3 x 2 x 2; 2x 3 4x 2 C 2x 4/
(iv) .x 6 1; x 6 C x 5 2/

(v) .2x C 1/.x 6 1/; .2x C 1/.x 5 1/
(vi) .3x 6 3; 2x 5 2/
6.14 * Let R be a domain. If f .x/ 2 RŒx has degree n, prove that f has at most n
roots in R.
Hint: Use Frac.R/.
p
6.15 If k is a field in which 1 C 1 ¤ 0, prove that 1 x 2 is not a rational function
over k.
p
Hint: Mimic the classical proof that 2 is irrational.
6.16 In Exercise 6.10 on page 243, we saw that the relation on a commutative ring R,
defined by a b if they are associates, is an equivalence relation. Prove that if R
is a domain, then there is a bijection from the family of all equivalence classes to
the family of all principal ideals in R.
6.17 *
(i) If f .x/ and g.x/ are relatively prime in kŒx (k a field) and each divides a
polynomial h, prove that their product fg also divides h.
(ii) If p1 ; p2 ; : : : ; pn are polynomials so that gcd.pi ; pj / D 1, and each pi di-
vides a polynomial h, prove that p1 p2 pn also divides h.
6.18 *
(i) Find gcd.3x 3 2x 2 C 3x 2; 3x 2 C x 2/ in CŒx.
(ii) Write a pseudocode (or a program in a CAS) implementing Euclidean Algo-
rithm I.
(iii) Write a pseudocode (or a program in a CAS) implementing Euclidean Algo-
rithm II.
Hint: Model your routine after the functions in Exercise 1.67 on page 36.
6.19 * Prove the converse of Euclid’s Lemma. Let k be a field and let f .x/ 2 kŒx be a
nonconstant polynomial; if, whenever f divides a product of two polynomials, it
necessarily divides one of the factors, then f is irreducible. (See Theorem 1.21.)
6.20 (i) Find two polynomials in QŒx whose associated polynomial functions agree
with this input-output table:
Input Output
1 3
4 17
5 26
(ii) Classify the set of all polynomials that agree on the table.
6.21 (i) Show that the set of polynomials in QŒx that vanish on f1; 2; 3g is an ideal in
QŒx.
(ii) What is a generator of this ideal?
i i
“book2” — 2013/5/24 — 8:18 — page 248 — #268
i i
6.22 * In Example 6.27, we saw that the ideal I in ZŒx consisting of all polynomials
with even constant term is not a principal ideal. Find a polynomial h.x/ 2 ZŒx
so that I D .2; h/; that is, I consists of all the linear combinations of 2 and h.
6.23 Let k be a field and f .x/; g.x/ 2 kŒx. Generalize Exercises 5.49 and 5.50 on
page 220: if d.x/ D gcd.f; g/ and m.x/ D lcm.f; g/, prove that
.f / C .g/ D .d / and .f / \ .g/ D .m/:
6.24 Show, in Z8 Œx, that x 2 1 has two distinct factorizations into irreducibles.
Hint: See Example 6.17.
Unique Factorization
The main result in this subsection is a generalization of the Fundamental Theo-
rem of Arithmetic to polynomials: the factorization of every nonconstant poly-
nomial over a field as a product of irreducibles is essentially unique.
We begin by proving Euclid’s Lemma for polynomials. As for integers, it
shows that irreducibility is a strong assumption when dealing with divisibility.
Theorem 6.31 (Euclid’s Lemma). Let k be a field and let f .x/; g.x/ 2 kŒx.
If p.x/ is an irreducible polynomial in kŒx and p j fg, then
pjf or p j g:
More generally, if p j f1 fn , then p j fi for some i .
Proof. Assume that p j fg but that p − f . Since p is irreducible, gcd.p; f / D

1, and so 1 D sp C tf for some polynomials s.x/ and t.x/. Therefore,
g D spg C tfg:
But p j fg, by hypothesis, and so Exercise 6.7 on page 243 gives p j g. The
last statement follows by induction on n 2.
The converse of Euclid’s Lemma is true; see Exercise 6.19 on page 247.
Polynomial versions of arithmetic theorems in Chapter 1 now follow.
Definition. Two polynomials f .x/; g.x/ 2 kŒx, where k is a field, are called
relatively prime if their gcd is 1.
Corollary 6.32. Let f .x/; g.x/; h.x/ 2 kŒx, where k is a field, and let h and
f be relatively prime. If h j fg, then h j g.
Proof. The proof of Theorem 6.31 works here. Since gcd.h; f / D 1, we have
1 D sh C tf , and so g D shg C tfg. But fg D hh1 for some h1 .x/ 2 kŒx,
and so g D h.sg C th1 /.
Definition. If k is a field, then a rational function f .x/=g.x/ 2 k.x/ is in

lowest terms if f and g are relatively prime.
Proposition 6.33. If k is a field, every nonzero f .x/=g.x/ 2 k.x/ can be put

in lowest terms.
i i
“book2” — 2013/5/24 — 8:18 — page 249 — #269
i i
Proof. If f D df 0 and g D dg0 , where d D gcd.f; g/, then f 0 and g0 are

relatively prime, and so f 0 =g0 is in lowest terms.
There is an analog of the Euclidean Algorithm in Z that can be applied to
compute gcd’s of polynomials.
Theorem 6.34 (Euclidean Algorithm I). If k is a field and f .x/; g.x/ 2 kŒx,
then there is an algorithm computing gcd.f; g/.
Proof. The proof is essentially a repetition of the proof of the Euclidean Algo-
rithm in Z; just iterate the Divison Algorithm. Each line comes from the line
above it by moving some terms “southwest.”
g D q1 f C r1
f D q2 r1 C r2
r1 D q3 r2 C r3
::
:
rn 3 D qn 1 rn 2 C rn 1
rn 2 D qn rn 1 C rn
rn 1 D qnC1 rn :
Since the degrees of the remainders are strictly decreasing, the procedure must
stop after at most deg.f / steps. The claim is that d D rn is the gcd, once
it is made monic. We see that d is a common divisor of f and g by back
substitution: repeated applications of “2 out of 3,” working from the bottom
up. To see that d is the gcd, work from the top down to show that if c is any
common divisor of f and g, then c j ri for every i .
The Euclidean Algorithm may not produce a monic last remainder. The gcd
is the monic associate of the last nonzero remainder.
Example 6.35 (Good Example). Let
f .x/ D 3x 3 2x 2 C 3x 2 and g.x/ D 3x 2 C x 2I
we compute gcd.f; g/.
3x 3 2x 2 C 3x 2 D .x 1/.3x 2 C x 2/ C .6x 4/
2

3x C x 2 D 12 x C 21 /.6x 4/ C 0:
Rewriting in simpler notation:
f D .x 1/g C r
1

gD 2
x C 21 r:
The last remainder is 6x 4. As we warned, it’s not monic, and we must make
it so. Thus, we need to take its monic associate (multiplying by 61 ):
2
gcd.f; g/ D x 3: N
i i
“book2” — 2013/5/24 — 8:18 — page 250 — #270
i i
Example 6.36 (Bad Example). The Euclidean Algorithm applied to integers

It’s the same for ordinary is quite efficient, in terms of the number of steps it takes to get to the answer.
long division—hand calcu- It’s the same for polynomials, but the steps get quite cumbersome when carried
lations for small integers out by hand—the complexity comes from the computational overhead in the
are quite simple, but they
get very messy when
hand calculations, not in the efficiency of the algorithm itself. A CAS removes
dividing two large integers. this obstacle.
The following steps calculate gcd.x 4 x 3 5x 2 C8x 4; 3x 3 6x 2 Cx 2/
via the Euclidean Algorithm; all the quotients and remainders were calculated
with a CAS:

x 4 x 3 5x 2 C 8x 4 D 31 x C 31 .3x 3 6x 2 C x 2/
2

C 10 3 x C 3 x
25 10
3
10 2 25
3x 3 6x 2 C x 2 D 9
10
x 20 9
3
x C 3 x 10 3
C 74 x 27
10 2
7
3
x C 253
x 10 3
D 40
21
20
x C 21 4
x 27
4
Multiplying by 7 produces the gcd of x 2. N
Here is an unexpected bonus from the Euclidean Algorithm.
Corollary 6.37. Let k be a subfield of a field K, so that kŒx is a subring

of KŒx. If f .x/; g.x/ 2 kŒx, then their gcd in kŒx is equal to their gcd in
KŒx.
Proof. We may assume that f ¤ 0, for gcd.0; g/ D g (actually, g’s monic

associate). The Division Algorithm in KŒx gives
g D Qf C R;
where Q; R 2 KŒx and either R D 0 or deg.R/ < deg.f /; since f; g 2 kŒx,

the Division Algorithm in kŒx gives
g D qf C r;
where q; r 2 kŒx and either r D 0 or deg.r / < deg.f /. But the equation
g D qf C r also holds in KŒx because kŒx KŒx, so that the uniqueness
of quotient and remainder in the Division Algorithm in KŒx gives Q D q 2
kŒx and R D r 2 kŒx. Therefore, the list of equations occurring in the
Euclidean Algorithm in KŒx is exactly the same as the list occurring in the
Euclidean Algorithm in the smaller ring kŒx. In particular, the gcd, being the
last remainder (made monic), is the same in both polynomial rings.
To illustrate, even though there are more divisors with complex coefficients,
See Exercise 6.18(i) on the gcd of 3x 3 2x 2 C 3x 2 and 3x 2 C x 2, computed in RŒx, is equal
page 247. to their gcd computed in CŒx.
As in Z, the Division Algorithm in kŒx can also be used to compute coef-
ficients occurring in an expression of the gcd as a linear combination.
Theorem 6.38 (Euclidean Algorithm II). If k is a field and f .x/; g.x/ 2

kŒx, then there is an algorithm finding a pair of polynomials s.x/ and t.x/
with gcd.f; g/ D sf C tg.
i i
“book2” — 2013/5/24 — 8:18 — page 251 — #271
i i
Proof. Let d D gcd.f; g/. To find s and t with d D sf C tg, again work from
the last remainder back to f and g:
rn D rn 2 qn rn 1
D rn 2 qn .rn 3 qn 1 rn 2 /
D .1 C qn qn 1 /rn 2 qn rn 3
::
:
D sf C tg
Example 6.39. Let’s compute gcd.f; g/, where f .x/ D x 3 2x 2 C x 2 and

g.x/ D x 4 1.
x4 1 D .x C 2/.x 3 2x 2 C x 2/ C .3x 2 C 3/
x3 2x 2 C x 2 D .x C 2/.3x 2 C 3/ C 15:
Rewriting in simpler notation:
g D .x C 2/f C r
f D .x C 2/r C 15:
We see that the last remainder, 15, is a constant. As we warned, it need not
be monic, and we must make it so. Thus, gcd.f; g/ D 1; that is, f and g are
relatively prime.
We now use Euclidean Algorithm II to find s.x/; t.x/ with d D sf C tg.
Using letters,
d Df q0r
gDf q 0 .g qf /
0
D .1 C q q/f q 0 g:
Now set r D 3x 2 C 3, q D x C 2, and q 0 D 3x C 6. We have

15 D .1 C .3x C 6/.x C 2/ f .x C 2/g
D .3x 2 C 12x C 13/f .x C 2/g:
Since gcd’s are monic,
1 2 1
1D 15 .3x C 12x C 13/f 15 .x C 2/g:
A computer can be programmed to carry out Euclidean Algorithm II (see
Exercise 6.18 on page 247). Once programmed, messy calculations are not a
problem. Indeed, using the polynomials from Example 6.36, we have
gcd.x 4 x3 5x 2 C 8x 4; 3x 3 6x 2 C x 2/ D x 2
Working as above (with the help of a CAS), we get
9 9
4
10 x C 20 .x x 3 5x 2 C 8x 4/
3 2

C 10 x 9
20
17
x C 20 .3x 3 6x 2 C x 2/
7 7
D 4
x 2
:
4
Multiplying both sides of this equation by 7
gives the linear combination. N
i i
“book2” — 2013/5/24 — 8:18 — page 252 — #272
i i
The next result, an analog for polynomials of the Fundamental Theorem

of Arithmetic, shows that the factorization of a polynomial as a product of
irreducible polynomials is essentially unique.
Theorem 6.40 (Unique Factorization). If k is a field, then every noncon-

stant polynomial f .x/ 2 kŒx is a product of a nonzero constant and monic
irreducibles.
Moreover, if f has two such factorizations,
f D ap1 pm and f D bq1 qn ;
.that is, a and b are nonzero constants and the p’s and q’s are monic irredu-
cibles/, then a D b, m D n, and the q’s may be re-indexed so that qi D pi for
all i .
Proof. We proved the existence of a factorization in Corollary 6.9.

To prove uniqueness, suppose that there is an equation
ap1 pm D bq1 qn
in which a and b are nonzero constants and the p’s and q’s are monic ir-
reducibles. We prove, by induction on M D maxfm; ng 1, that a D b,
m D n, and the q’s may be re-indexed so that qi D pi for all i . For the base
step M D 1, we have ap1 D bq1 . Now a is the leading coefficient, because
p1 is monic, while b is the leading coefficient, because q1 is monic. Therefore,
a D b, and canceling gives p1 D q1 . For the inductive step, the given equation
shows that pm j q1 qn . By Euclid’s Lemma for polynomials, there is some
i with pm j qi . But qi , being monic irreducible, has no monic divisors other
than 1 and itself, so that qi D pm . Re-indexing, we may assume that qn D pm .
Canceling this factor, we have ap1 pm 1 D bq1 qn 1 . By the inductive
hypothesis, a D b, m 1 D n 1 (hence m D n) and, after re-indexing,
qi D pi for all i .
Here is another way to state uniqueness, using Proposition 6.24: after re-
indexing, the ideals .p1 /; : : : ; .pm / and .q1 /; : : : ; .qm / are the same.
Collect like factors.
Definition. Let f .x/ 2 kŒx, where k is a field. A prime factorization of f is
f .x/ D ap1 .x/e1 pm .x/em ;
where a is a nonzero constant, the pi ’s are distinct monic irreducible polyno-

mials, and ei 0 for all i .
Theorem 6.40 shows that every nonconstant polynomial f has prime fac-
torizations; moreover, if all the exponents ei > 0, then the factors in it are
unique. Let f .x/; g.x/ 2 kŒx, where k is a field. As with integers, using zero
exponents allows us to assume that the same irreducible factors occur in both
prime factorizations:
a am b bm
f D p1 1 pm and g D p1 1 pm :
i i
“book2” — 2013/5/24 — 8:18 — page 253 — #273
i i
Definition. If f and g are elements in a commutative ring R, then a common

multiple is an element h 2 R with f j h and g j h. If f and g in R are not
both 0, define their least common multiple, denoted by
lcm.f; g/;
to be a monic common multiple c of them with c j h for every common multi-
ple h. If f D 0 D g, define their lcm to be 0.
We now use prime factorizations having zero exponents.
Proposition 6.41. Let f .x/; g.x/ 2 kŒx, where k is a field, have prime fac-
torizations f D p1a1 pnan and g D p1b1 pnbn in kŒx, where ai ; bi 0 for
all i .
(i) f j g if and only if ai bi for all i .
(ii) If mi D minfai ; bi g and Mi D maxfai ; bi g, then
gcd.f; g/ D p1m1 pnmn and lcm.f; g/ D p1M1 pnMn :
Proof. (i) If f j g, then g D f h, where h D p1c1 pncn and ci 0 for

all i . Hence,
b a c1 a Cc
g D p1 1 pnbn D p1 1 pm
am
p1 pncn D p1 1 1 pnanCcn :
By uniqueness, ai C ci D bi ; hence, ai ai C ci D bi . Conversely,
if ai bi , then there is ci 0 with bi D ai C ci . It follows that h D
c
p11 pncn 2 kŒx and g D f h.
m
(ii) Let d D p1 1 pnmn . Now d is a common divisor, for mi ai ; bi . If
e1
D D p1 pnen is any other common divisor, then 0 ei minfai ; bi g D
mi , and so D j d . Therefore, deg.D/ deg.d /, and d is the gcd (for it
is monic). The argument for lcm is similar.
Corollary 6.42. If k is a field and f .x/; g.x/ 2 kŒx are monic polynomials,
then
lcm.f; g/ gcd.f; g/ D fg:
Proof. The result follows from Proposition 6.41, for mi C Mi D ai C bi .

Since the Euclidean Algorithm computes the gcd in kŒx when k is a field,
Corollary 6.42 computes the lcm.
fg
lcm.f; g/ D :
gcd.f; g/
We can use roots to detect whether two polynomials are relatively prime.
Corollary 6.43. If f .x/; g.x/ 2 RŒx have no common root in C, then f; g

are relatively prime in RŒx.
Proof. Assume that d D gcd.f; g/ ¤ 1, where d 2 RŒx. By the Funda-

mental Theorem of Algebra, d has a complex root ˛ . By Corollary 6.37,
d D gcd.f; g/ in CŒx. Since .x ˛/ j d in CŒx, we have .x ˛/ j f
and .x ˛/ j g. By Corollary 6.15, ˛ is a common root of f and g.
i i
“book2” — 2013/5/24 — 8:18 — page 254 — #274
i i
How to Think About It. There is nothing magic about R and C. It can be
proved that every field k has an algebraic closure k; that is, there is a field k
containing k as a subfield, and every f .x/ 2 kŒx is a product of linear factors.
In particular, since kŒx kŒx, every f .x/ 2 kŒx is a product of linear
factors in kŒx; that is, k contains all the roots of f . Thus, Corollary 6.43 can
be generalized by replacing R and C by k and k.
We know that C can be viewed as a vector space over its subfield R, and
dimR .C/ D 2. But things are not so simple for algebraic closures k of other
fields k. It is always true that k is a vector space over k, but its dimension need
not be 2. In fact, dimk .k/ need not even be finite: for example, dimQ .Q/ D 1
and, if k is finite, then dimk .k/ D 1.
Let k be a field, and assume that all the roots of a polynomial f .x/ 2 kŒx
lie in k: there are a; r1 ; : : : ; rn 2 k with
n
Y
f .x/ D a .x ri /:
i D1
If r1 ; : : : ; rs , where s n, are the distinct roots of f , then a prime factorization

of f is
f .x/ D a.x r1 /e1 .x r2 /e2 .x rs /es :
We call ej the multiplicity of the root rj . As linear polynomials are always

irreducible, unique factorization shows that multiplicities of roots are well-
defined.
Exercises
6.25 Let f .x/; g.x/ 2 kŒx, where k is a field. If fg is a square, must f or g be a
square? What if gcd.f; g/ D 1?
6.26 Let f .x/; g.x/ 2 kŒx, where k is a field, be relatively prime. If h.x/ 2 kŒx and
h2 j fg, prove that h2 j f or h2 j g.
6.27 Let k D F2 .x/. Prove that f .t / D t 2 x 2 kŒt is an irreducible polynomial. (We
shall see later that there is a field K containing k and an element u with u2 D x,
so that f .t / D .t u/2 in KŒt .)
n
6.28 In Zp Œx, show that if f is an irreducible factor of x p x, then f 2 does not
n
divide x p x.
6.29 Determine, for each of the following polynomials in QŒx whether or not it is
irreducible in QŒx, in RŒx, or in CŒx.
(i) x 2 7x C 6.
(ii) x 2 C 2x 1.
(iii) x2 C x C 1.
6.30 * Show that f .x/ D x 3 C 5x 2 10x C 15 is irreducible in QŒx.
In Section 6.2, we will give different criteria for determining whether poly-
nomials are irreducible (in particular, we will discuss f on page 267). However,
we ask you to solve this problem now so you will appreciate the theorems to be
proved.
i i
“book2” — 2013/5/24 — 8:18 — page 255 — #275
i i
Principal Ideal Domains

There are other classes of domains that enjoy an analog of the Fundamental
Theorem of Arithmetic; one such is the following.
Definition. A domain R is a principal ideal domain, usually abbreviated by

the acronym PID, if every ideal in R is a principal ideal.
We have already seen examples of PIDs.
Example 6.44. (i) Theorem 5.29 shows that Z is a PID.

(ii) Theorem 6.25 shows that kŒx is a PID when k is a field.
(iii) Every field k is a PID, for its only ideals are k D .1/ and .0/.
(iv) Not every domain is a PID. In Example 6.27, we saw that there are ideals
in ZŒx that are not principal ideals.
(v) Exercise 6.12 on page 243 shows that kŒx; y, polynomials in two vari-
ables over a field k, is not a PID. N
(vi) In Chapter 8, we shall see that the rings of Gaussian integers and of Eisen-
stein integers are PIDs.
PIDs enjoy many of the properties shared by Z and kŒx (k a field). In

particular, they have a fundamental theorem of arithmetic, and the proof of
this fact parallels the program we developed for Z and kŒx.
We begin by defining gcd’s in a general commutative ring R. We can’t use
as we did in Z, nor can we use degrees as we did in kŒx, but we can use the
idea in Corollaries 1.20 and 6.29.
Definition. Let R be a commutative ring. If a; b 2 R, then a gcd of a; b is a

common divisor d 2 R that is divisible by every common divisor: if c j a and
c j b, then c j d .
Just defining a term doesn’t guarantee it always exists—we could define

unicorn if we were asked to do so, and there are rings, even domains, con-
taining elements having no gcd (see Exercise 6.33 on page 259). Even if a
gcd does exist, there is the question of uniqueness. In Z, uniqueness of a gcd
follows from our assuming, as part of the definition, that gcd’s are positive;
in kŒx, uniqueness follows from our assuming, as part of the definition, that
gcd’s are monic. Neither assumption makes sense in a general commutative
ring; however, we do have a measure of uniqueness in domains.
Proposition 6.45. Let R be a domain. If d and d 0 are gcd’s of a; b in R, then

d and d 0 are associates and .d / D .d 0 /.
Proof. By definition, both d and d 0 are common divisors of a; b; moreover,

d j d 0 and d 0 j d . Since R is a domain, Proposition 6.6 applies, and d and d 0
are associates. The second statement follows from Proposition 6.24.
Although there are domains with elements not having a gcd, we now show
gcd’s always exist in PIDs.
i i
“book2” — 2013/5/24 — 8:18 — page 256 — #276
i i
Theorem 6.46. Let R be a PID. If a; b 2 R, then a gcd of a; b exists and it is

a linear combination of a; b.
Proof. As every ideal in R, the ideal .a; b/ D fua C vb W u; v 2 Rg is a

principal ideal: there is d 2 R with .a; b/ D .d /. Of course, d is a linear
combination of a; b, say, d D sa C tb for some s; t 2 R, and it suffices to
prove d is a gcd. Now d is a common divisor: a 2 .a; b/ D .d /, so that
a D rd for some r 2 R; hence, d j a; similarly, d j b. Finally, if c j a and
c j b, then c j d D sa C tb. .
We can now show that Euclid’s Lemma holds in PIDs.
Theorem 6.47 (Euclid’s Lemma). Let R be a PID and p 2 R be irreducible.

If p j ab, where a; b 2 R, then p j a or p j b.
Proof. If p − a, then 1 is a gcd of p; a, for the only divisors of p are units and
This proof should look associates. Thus, Theorem 6.46 says that there exist s; t 2 R with 1 D sp C ta.
quite familiar to you. Hence, b D spbCtab. But ab D pr , for some r 2 R, and so p j b, as desired.

To prove the unique factorization theorem in Z and in kŒx, we first proved
that every element can be factored into irreducibles. After that, we showed that
such factorizations are essentially unique. Let’s carry on with that development
for arbitrary PIDs.
To prove factorization into irreducibles in a PID, we need an abstract prop-

erty of principal ideal domains, one that was previewed in Exercises 5.47 and
5.48 on page 220.
Suppose that R is a PID and that r 2 R is neither zero nor a unit. Must r be
a product of irreducibles? If not, then r is not irreducible (recall that we allow
products to have only one factor); thus, r factors: say, r D ab, where neither
a nor b is a unit. If both a and b are products of irreducibles, then so is r , and
we’re done. So, suppose one of them, say a, is not a product of irreducibles.
Thus, a is not irreducible, and a D cd . where neither c nor d is a unit. If both
c and d are products of irreducibles, then so is a, and this is a contradiction.
We’ve got a tiger by the tail! We can keep repeating this argument ad infinitum.
Let’s rephrase these factorizations of r in terms of ideals; after all, a j r
says that r D r 0 a for some r 0 2 R; that is, .r / .a/. But this inclusion must
be strict: .r / ¨ .a/, lest r and a be associates (they’re not, because b is not a
unit). The tiger tells us that there is an infinite strictly increasing sequence of
ideals.
Lemma 6.48. If R is a PID, then every ascending chain of ideals
I1 I2 In InC1
stopsI that is, there is N with In D IN for all n N .
Proof. Suppose there is an ascending chain of ideals that does not stop. Throw-
ing away any repetitions In D InC1 if necessary, we may assume that there is
i i
“book2” — 2013/5/24 — 8:18 — page 257 — #277
i i
a strictly ascending chain of ideals
I1 ¨ I2 ¨ ¨ In ¨ InC1 ¨ :
S
By Exercise 6.31 on page 258, J D n1 In is an ideal in R. And since R
is a PID, J is principal; there is d 2 J with J D .d /. Now d got into J by
being in Im for some m; that is, .d / Im . Hence,
J D .d / Im ¨ ImC1 J:
This is a contradiction.
Lemma 6.48 gives us factorization into irreducibles.
Proposition 6.49. If R is a PID, then every nonzero, non-unit r 2 R is a

product of irreducibles.
Proof. If a is a divisor of r , then .r / .a/, as we saw above. Call a divisor a

of r a proper divisor if a is neither a unit nor an associate of r . If a is a proper
divisor of r , then .r / ¨ .a/: if the inclusion is not strict, then .a/ D .r /, and
this forces a and r to be associates, by Proposition 6.6.
Call a nonzero non-unit r 2 R sweet if it is a product of irreducibles; call it
sour otherwise. We must show that there are no sour elements. So, suppose r
is a sour element. Now r is not irrreducible, so r D ab, where both a and b are
proper divisors. But the product of sweet elements is sweet, so that at least one
of the factors, say, a, is sour. As we observed in the first paragraph, we have
.r / ¨ .a/. Repeat this for a instead of r . It follows by induction that there
exists a sequence a1 D r , a2 D a, a3 ; : : : ; an ; : : : of sour elements with each
anC1 a proper divisor of an . But this sequence yields a strictly ascending chain
of ideals
.a1 / ¨ .a2 / ¨ .a3 / ¨ ;
contradicting Lemma 6.48.
Proposition 6.49 gives existence. The next theorem gives a fundamental the-
orem of arithmetic for PIDs: every nonzero non-unit has a unique factorization
as a product of irreducibles.
Theorem 6.50. Let R be a PID. Every r 2 R, neither 0 nor a unit, has a fac-
torization as a product of irreducibles which is unique in the following senseW
if
p1 pn D r D q1 qm ;
where the p’s and q’s are irreducible, then m D n and the q’s can be re-
indexed so that qi and pi are associates for all i .
Proof. Proposition 6.48(iii) shows that every r 2 R, neither 0 nor a unit, is a

product of irreducibles.
To prove uniqueness, suppose that r is a nonzero non-unit and
p1 pn D r D q1 qm ;
i i
“book2” — 2013/5/24 — 8:18 — page 258 — #278
i i
where the p’s and q’s are irreducible. By Euclid’s Lemma, pn irreducible im-
plies pn j qi for some i . Since qi is irreducible, we have pn and qi are asso-
ciates: there is a unit u 2 R with qi D upn . Re-index the q’s so that qi is now
qm D upn , cancel pn from both sides, and replace q1 by uq1 . Thus,
p1 pn 1 D r D .uq1 / qm 1:
Note that uq1 is irreducible (for it is an associate of an irreducible). The proof

is completed, as in Theorem 6.40, by induction on maxfn; mg.
So, every PID has a fundamental theorem of arithmetic. It turns out that
there are other domains occurring in nature, not PIDs, which also enjoy such a
theorem.
Definition. A domain R is a unique factorization domain, usually abbreviated

UFD, if
(i) every a 2 R that is neither 0 nor a unit is a product of irreducibles;
(ii) this factorization is unique in the following sense: if
p1 pn D a D q1 qm ;
where the p’s and q’s are irreducible, then n D m and, after re-indexing,
pi and qi are associates for all i .
Further Results. We’ve just seen that every PID is a UFD. The converse is
false: there are UFDs that are not principal ideal domains. A theorem of Gauss
states that if a domain A is a UFD, then AŒx is also a UFD. For example, ZŒx
is a UFD (this is not a PID). If k is a field, then it follows by induction on
n 1 that R D kŒx1 ; : : : ; xn , polynomials in several variables, is a UFD (R
is not a PID if n 2).
As we’ve mentioned earlier, the erroneous assumption that every domain

is a UFDp was behind many incorrect “proofs” of Fermat’s Last Theorem. The
ring ZŒ 5 is not a UFD: we’ll see in Chapter 8 that
p p
3 2 D 6 D .1 C 5/.1 5/
p p
are two different factorizations of 6 into irreducibles in ZŒ 5 (and 1 C 5
is not an associate of 2 or of 3). Another example: ZŒ23 is not a UFD, and 23
is the smallest prime p for which ZŒp is not a UFD (see [23] Chapter 1, p. 7).
Exercises
6.31 *
(i) Let I and J be ideals in a commutative ring R. Prove that their union I [ J
is an ideal if and only if I J or J I .
(ii) Let I1 I2 In be an ascending chain of ideals in a commu-
tative ring R. Prove that
1
[
In
n1
is an ideal in R.
i i
“book2” — 2013/5/24 — 8:18 — page 259 — #279
i i
6.2 Irreducibility 259
6.32 Consider ascending chains of ideals in Z:

(i) Find two different ascending chains of ideals in which I1 D .24/.
(ii) Show that every ascending chain of ideals has only finitely many distinct
terms.
(iii) Find the longest strictly ascending chain of ideals that starts with .72/ (an
ascending chain of ideals is strictly ascending if all inclusions Ij Ij C1 are
strict inclusions Ij ¨ Ij C1 ).
(iv) Find the longest strictly ascending chain of ideals that starts with .101/.
6.33 * Let R be the subset of kŒx (where k is a field) consisting of all polynomials
f .x/ having no linear term; that is,
f .x/ D a0 C a2 x 2 C a3 x 3 C :
(i) Prove that R is a subring of kŒx.

(ii) Prove that x 5 and x 6 do not have a gcd in R.
6.34 Recall that RR , the set of all real valued functions of a real variable, is a commu-
tative ring under pointwise addition and multiplication. Let n 0 be an integer,
and let In be the set of all functions in RR vanishing on integer multiples of n.
(i) Show that In is an ideal in RR .
(ii) Find a function that is in I8 but not in I4.
(iii) Show that
I2 ¨ I4 ¨ I8 ¨ ¨ I2j ¨ : : :
(iv) Show that this ascending chain of ideals does not stop.
(v) Conclude that there are ideals in RR that are not principal.
6.2 Irreducibility
Although there are some techniques to help decide whether an integer is prime,
the general problem is open and is very difficult (indeed, this is precisely why
RSA public key codes are secure). Similarly, it is very difficult to determine
whether a polynomial is irreducible, but there are some useful techniques that
frequently work. Most of our attention will be on QŒx and ZŒx, but some of
the results do generalize to other rings of coefficients.
For polynomials of low degree, we have a simple and useful irreducibility
criterion.
Proposition 6.51. Let k be a field and let f .x/ 2 kŒx be a quadratic or cubic
polynomial. Then f is irreducible in kŒx if and only if f has no root in k.
Proof. An irreducible polynomial f of degree > 1 has no roots in k, by

Corollary 6.15, for if r 2 k is a root, then f .x/ D .x r /g.x/ in kŒx.
Conversely, if f is not irreducible, then f D gh, where neither g nor h
is constant; thus, neither g nor h has degree 0. Since deg.f / D 2 or 3 and
deg.f / D deg.g/ C deg.h/, at least one of the factors has degree 1 and, hence,
f has a root in k.
Proposition 6.51 is no longer true for polynomials of degree 4; for exam-
ple, f .x/ D x 4 C 2x 2 C 1 D .x 2 C 1/.x 2 C 1/ obviously factors in RŒx, so
it’s not irreducible, yet f has no real roots.
i i
“book2” — 2013/5/24 — 8:18 — page 260 — #280
i i
A polynomial f .x/ is reducible if has a linear factor x a, and there’s a

simple test for that; see whether a is a root of f . But to check whether f has
a root a, we need a candidate for a.
Theorem 6.52 (Rational Root Theorem). If f .x/ D a0 Ca1 x C Can x n 2

ZŒx QŒx, then every rational root of f has the form b=c, where b j a0 and
c j an . In particular, if f is monic, then every rational root of f is an integer.
Proof. We may assume that a root b=c is in lowest terms; that is, gcd.b; c/ D
1. Evaluating gives 0 D f .b=c/ D a0 C a1 b=c C C an b n =c n , and multi-
plying through by c n gives
0 D a0 c n C a1 bc n 1
C C an b n :
Reducing this mod b shows that b j a0 c n ; since gcd.b; c/ D 1, Corollary 1.22
gives b j a0 . Similarly, reducing mod c gives c j an b n . Since gcd.b; c/ D 1,
we have c j an .
It follows from the second statement that if an integer a p
is not the nth power
n n
of an integer,
p then x a has no rational roots; that is, a is irrational. In
particular, 2 is irrational. Thus, Theorem 6.52 is a vast generalization of
Proposition 1.26.
Had we known Theorem 6.52 earlier, we could have easily dealt with the
“bad cubic” f .x/ D x 3 7x C 6 in Example 3.5. Since the candidates for its
rational roots are ˙1; ˙2; ˙3; ˙6, we would have quickly found the factor-
ization f .x/ D .x 1/.x 2/.x C 3/.
If f .x/ 2 QŒx happens to be in ZŒx, there is a useful theorem of Gauss
comparing the factorizations of f in ZŒx and in QŒx that concludes that f
is irreducible over Q. Our proof involves Example 5.23: the homomorphism
rp W Z ! Zp , sending j 7! Œj , gives a homomorphism rp W ZŒx ! Zp Œx,
called reduction mod p. If f .x/ D a0 C a1 x C C an x n 2 ZŒx, then
rp W f 7! f ; where f .x/ D Œa0 C Œa1 x C C Œan x n 2 Zp Œx:
Thus, rp merely reduces all coefficients mod p.
Theorem 6.53 (Gauss’s Lemma). Let f .x/ 2 ZŒx. If there are G.x/; H.x/ 2
QŒx with f D GH , then there are g.x/; h.x/ 2 ZŒx with deg.g/ D deg.G/,
deg.h/ D deg.H /, and f D gh.
Proof. Clearing denominators in the equation f D GH , there are positive

integers n0 ; n00 so that g D n0 G and h D n00 H , where both g; h lie in ZŒx.
Setting n D n0 n00 , we have
nf D .n0 G/.n00 H / D gh in ZŒx: (6.1)
Let p be a prime divisor of n, and reduce the coefficients mod p. Eq. (6.1)
Recall that Fp is another becomes
notation for Zp ; we use it
when we want to regard 0 D g.x/h.x/:
Zp as a field.
But Fp Œx is a domain, because Fp is a field, and so at least one of the factors,
say g, is 0; that is, all the coefficients of g are multiples of p. Therefore, we
may write g D pg0 , where all the coefficients of g0 lie in Z. If n D pm, then
.pm/f D nf D gh D .pg0 /h in ZŒx:
i i
“book2” — 2013/5/24 — 8:18 — page 261 — #281
i i
Cancel p, and continue canceling primes until we reach a factorization f D

g h in ZŒx. Note that deg.g / D deg.g/ and deg.h / D deg.h/.
The contrapositive of Gauss’s Lemma is more convenient to use.
Corollary 6.54. If f .x/ 2 ZŒx is irreducible in ZŒx, then f is irreducible

in QŒx.
How to Think About It. We agree that Gauss’s Lemma, though very useful,
is rather technical. Gauss saw that the ideas in the proof could be generalized
to apply to polynomials in several variables over a field.
The basic use of reduction mod p was previewed on page 216 when we
proved that 1 is not a square in Z by showing that it’s not a square in Z3 .
Reduction mod p gives a criterion for irreducibility of f in ZŒx by testing the
irreducibility of f in Fp Œx. The precise statement is:
Proposition 6.55. Let f .x/ D a0 C a1 x C C x n 2 ZŒx be monic. If p

is prime and f 2 Fp Œx is irreducible in Fp Œx, then f is irreducible in ZŒx
and, hence, in QŒx. The hypothesis that f is
monic can be relaxed; we
Proof. Suppose f factors in ZŒx; say f D gh, where 0 < deg.g/ < deg.f / may assume instead that p
does not divide its leading
and 0 < deg.h/ < deg.f /. By Exercise 6.8, we may assume that both g and coefficient.
h are monic. Now f D gh (for rp is a homomorphism), so that deg.f / D
deg.g/ C deg.h/. And f , g, and h are monic, because f; g, and h are, so
deg.f / D deg.f /, deg.g/ D deg.g/, and deg.h/ D deg.h/; this contradicts
the irreducibility of f in Fp Œx. Therefore, f is irreducible in ZŒx. Finally, f
is irreducible in QŒx, by Gauss’s Lemma.
For example, x 2 C 1 is irreducible in QŒx because x 2 C 1 is irreducible

in Z3 Œx.
Theorem 6.55 says that if one can find a prime p with f irreducible in
Fp Œx, then f is irreducible in QŒx. The finiteness of Fp is a genuine advan-
tage, for there are only a finite number of polynomials in Fp Œx of any given
degree. In principle, then, we can test whether a polynomial of degree n in
Fp Œx is irreducible by looking at all possible factorizations of it.
The converse of Theorem 6.55 is false: x 2 2 is irreducible in QŒx (it has
no rational root), but it factors mod 2 (as x 2 ); you can check, however, that
x 2 Œ2 is irreducible in F3 Œx. But Theorem 6.55 may not apply at all: we’ll
see in Example 6.67 that x 4 C 1 is irreducible in QŒx, but it factors in Fp Œx
for every prime p (see [26], p. 304).
In order to use Theorem 6.55, we will need an arsenal of irreducible poly-
nomials over finite fields.
Example 6.56. We determine the irreducible polynomials in F2Œx of small

degree.
As always, the linear polynomials x and x C 1 are irreducible.
There are four quadratics: x 2 , x 2 C x, x 2 C 1, x 2 C x C 1 (more generally,
there are p n monic polynomials of degree n in Fp Œx, for there are p choices
for each of the n coefficients a0 ; : : : ; an 1 ). Since each of the first three has a
root in F2 , there is only one irreducible quadratic, namely, x 2 C x C 1.
i i
“book2” — 2013/5/24 — 8:18 — page 262 — #282
i i
There are eight cubics, of which four are reducible because their constant
term is 0 (so that x is a factor). The remaining polynomials are
x 3 C 1; x 3 C x C 1; x 3 C x 2 C 1; x 3 C x 2 C x C 1:
Since 1 is a root of the first and fourth, the middle two are the only irreducible
cubics. Proposition 6.51 now applies.
There are sixteen quartics, of which eight are reducible because their con-
stant term is 0. Of the eight with nonzero constant term, those having an even
number of nonzero coefficients have 1 as a root. There are now only four sur-
viving polynomials f , and each has no roots in F2 ; that is, they have no linear
factors. The only possible factorization for any of them is f D gh, where both
g and h are irreducible quadratics. But there is only one irreducible quadratic,
namely, x 2 C x C 1. Therefore, x 4 C x 2 C 1 D .x 2 C x C 1/2 factors, and the
other three quartics are irreducible.
Irreducible Polynomials of Low Degree over F2

Degree 2: x 2 C x C 1.
Degree 3: x 3 C x C 1, x 3 C x 2 C 1.
Degree 4: x 4 C x 3 C 1, x 4 C xC1, x 4 C x 3 C x 2 C x C 1. N
Example 6.57. Here is a list of the monic irreducible quadratics and cubics
in F3 Œx. You can verify that the list is correct by first enumerating all such
polynomials; there are six monic quadratics having nonzero constant term, and
Note that 1 D 2 in Z3 . there are eighteen monic cubics having nonzero constant term. It must then be
checked which of these have 1 or 1 as a root, for Proposition 6.51 applies.
Monic Irreducible Quadratics and Cubics over F3

Degree 2: x 2 C 1, x2 C x 1, x2 x 1.
3 3 2 3 2
Degree 3: x x C 1, x Cx x C 1, x x C 1,
3
x x 2 C x C 1, x 3
x 1, x C x 2 1,
3
x 3 C x 2 C x 1, x 3 x 2 x 1. N
Example 6.58. Here are some applications of Theorem 6.55.

(i) The polynomial f .x/ D 3x 3 3x C 1 is irreducible in QŒx, for f D
x 3 C x C 1 is irreducible in F2 Œx.
(ii) We show that f .x/ D x 4 5x 3 C 2x C 3 is irreducible in QŒx. By
Theorem 6.52, the only candidates for rational roots of f are ˙1 and ˙3,
and you can check that none is a root. Since f is a quartic, we cannot yet
conclude that it is irreducible, for it might be a product of (irreducible)
quadratics.
The criterion of Theorem 6.55 works like a charm. Since f D x 4 C
3
x C 1 in F2 Œx is irreducible, by Example 6.56, it follows that f is irre-
ducible in QŒx. (It wasn’t necessary to check that f has no rational roots;
irreducibility of f is enough to conclude irreducibility of f . In spite of
this, it is a good habit to first check for rational roots.)
(iii) Let ˆ5 .x/ D x 4 C x 3 C x 2 C x C 1 2 QŒx. In Example 6.56, we saw
that ˆ5 .x/ D x 4 C x 3 C x 2 C x C 1 is irreducible in F2 Œx, and so ˆ5 is
irreducible in QŒx. N
i i
“book2” — 2013/5/24 — 8:18 — page 263 — #283
i i
Further Results.
We can count the number Nn of irrreducible polynomials of degree n in
Fp Œx. In [17], pp. 83–84, it is shown that
X
pn D d Nd ; (6.2)
djn
where the sum is over the positive divisors d of n.

This equation can be solved for Nn . If m D p1e1 pnen , define the Möbius The definition of seems
function by to come out of nowhere,
but it occurs in many prob-
8̂
lems at the intersection of
< 1 if m D 1I
combinatorics and num-
.m/ D 0 if any ei > 1I ber theory. See A.Cuoco,
:̂ “Searching for Möbius,”
. 1/n if 1 D e1 D e2 D D en :
College Mathematics
Journal, 37:2, (148–153),
It turns out that Eq. (6.2) is equivalent to
2009.
1X
Nn D .d /p n=d :
n
djn
One application of this formula is that, for every n 1, there exists an

irreducible polynomial in Fp Œx of degree n.
Exercises
6.35 Let f .x/ D x 2 C x C 1 2 F2 Œx. Prove that f is irreducible in F2 Œx, but that
f has a root ˛ 2 F4 . Use the construction of F4 in Exercise 4.55 on page 165 to
display ˛ explicitly.
6.36 Show that x 4 C x C 1 is not irreducible in RŒx even though it has no roots in R.
6.37 (i) If k is a field and each of f .x/; g.x/ 2 kŒx has a root ˛ in k, show that ˛ is
a root of gcd.f; g/.
(ii) How does this apply to the polynomials in Examples 6.35 and 6.36?
6.38 If p is a prime, show that, in Zp Œx,
pY1 pY1
xp xD .x i/ and xp 1
1D .x i /:
i D0 i D1
6.39 .Wilson0 s Theorem/: Suppose that p is a prime in Z. Show that
.p 1/Š 1 mod p:
6.40 *
(i) Let f .x/ D .x a1 / .x an / 2 kŒx, where k is a field. Show that f has
no repeated roots (i.e., all the ai are distinct) if and only if gcd.f; f 0 / D 1,
where f 0 is the derivative of f .
Hint: Use Exercise 5.17 on page 203.
(ii) Prove that if p.x/ 2 QŒx is an irreducible polynomial, then p has no re-
peated roots in C.
Hint: Use Corollary 6.37.
i i
“book2” — 2013/5/24 — 8:18 — page 264 — #284
i i
1 3
6.41 If p is prime, prove that there are exactly 3 .p p/ monic irreducible cubic
polynomials in Fp Œx.
6.42 Determine whether the following polynomials are irreducible in QŒx.
(i) f .x/ D x 5 4x C 2.
(ii) f .x/ D x 4 C x 2 C x C 1.
Hint: Show that f has no roots in F3 and that a factorization of f as a product
of quadratics would force impossible restrictions on the coefficients.
(iii) f .x/ D x 4 10x 2 C 1.
Hint: Show that f has no rational roots and that a factorization of f as a
product of quadratics would force impossible restrictions on the coefficients.
6.43 Is x 5 C x C 1 irreducible in F2 Œx?
Hint: Use Example 6.56.
6.44 Let f .x/ D .x p 1/=.x 1/, where p is prime. Using the identity
f .x C 1/ D x p 1
C pq.x/;
where q.x/ 2 ZŒx has constant term 1, prove that

n n .p n
ˆp .x p / D x p 1/
C C xp C 1
is irreducible in QŒx for all n 0.

6.45 Let k be a field, and let f .x/ D a0 C a1 x C C an x n 2 kŒx have degree n and
nonzero constant term a0 . If f is irreducible, prove that an Can 1 x C Ca0 x n
is irreducible.
Roots of Unity
In Chapter 3, we defined an nth root of unity to be primitive if every nth root
of unity is a power of . For example, i is a primitive 4th root of unity. Note
that i ispalso an 8th root of unity, for i 8 D 1, but it’s not a primitive 8th root of
unity; 22 .1 C i / is a primitive 8th root of unity.
Lemma 6.59. Every nth root of unity 2 C is a primitive d th root of unity

for a unique divisor d of n.
Proof. We know that n D 1; let d be the smallest positive integer for which
d D 1. By the Division Algorithm, there are integers q and r with n D qd Cr ,
where 0 r < d . Now
1 D n D qdCr D dq r D r ;
because d D 1. But r < d and r D 1; if r > 0, then we contradict d being

the smallest positive such exponent. Therefore, r D 0 and d j n. This shows
that is a d th root of unity. Its first d powers,
1; ; 2 ; : : : ; d 1
;
are all distinct (Exercise 6.51 on page 269). Since there are exactly d d th roots
of unity, they are all powers of , and so is primitive.
i i
“book2” — 2013/5/24 — 8:18 — page 265 — #285
i i
Definition. If d is a positive integer, then the d th cyclotomic polynomial is

defined by
Y
ˆd .x/ D .x /;
where ranges over all the primitive d th roots of unity.
Proposition 6.60. Let n be a positive integer and regard x n 1 2 ZŒx. Then This proposition sheds
light on your discovery in
(i) Exercise 3.59 on page 116.
Y
xn 1D ˆd .x/;
djn
where d ranges over all the positive divisors d of n (in particular, both
ˆ1 .x/ and ˆn .x/ are factors).
(ii) ˆn .x/ is a monic polynomial in ZŒx.
Proof.Q (i) For each divisor d of n, collect all terms in the equation x n 1D
.x / with a primitive d th root of unity. Thus,
Y
xn 1 D hd .x/;
djn
Q
where hd .x/ D .x / with an nth root of unity that is also a prim-
itive d th root of unity. But every such must be an nth root of unity: by
Lemma 6.59, n D dq for some integer d , and 1 D n D dq . Therefore,
hd .x/ D ˆd .x/.
(ii) The proof is by strong induction on n 1. The base step is true, for
ˆ1 .x/ D x 1. For the inductive step n > 1, write
xn 1 D ˆn .x/F .x/;
Q
where F .x/ D ˆd .x/ with d j n and d < n. The inductive hypoth-
esis says that all the factors ˆd of F are monic polynomials in ZŒx;
hence, F is a monic polynomial in ZŒx. By Proposition 6.10, ˆn .x/ D
.x n 1/=F .x/ is a monic polynomial in ZŒx, as desired.
Example 6.61. The formula in Proposition 6.60(i) can be used to calculate

ˆn .x/ for any n. Indeed, solving for ˆn .x/ in
Y
xn 1 D ˆd .x/
djn
we have
xn 1
ˆn .x/ D Y
ˆd .x/
djn; d<n
Using the fact that ˆ1 .x/ D x 1, we have a recursively defined function:

(
x 1 if n D 1
ˆn .x/ D n
Q
.x 1/= djn; d<n ˆd .x/ if n > 1:
i i
“book2” — 2013/5/24 — 8:18 — page 266 — #286
i i
n ˆn .x/
1 x 1
2 xC1
2
3 x CxC1
4 x2 C 1
5 x4 C x3 C x2 C 1
6 x2 xC1
7 x6 C x5 C x4 C x3 C x2 C 1
8 x4 C 1
9 x6 C x3 C 1
10 x4 x3 C x2 xC1
10
11 x C x C x C x C x C x C x4 C x3 C x2 C 1
9 8 7 6 5
12 x4 x2 C 1
Figure 6.1. Cyclotomic polynomials.
Q
You should verify that x 12 1 D d2f1;2;3;4;6;12g ˆd .x/. The recursive def-
inition can be programmed into a CAS (see Exercise 6.55 on page 270); Fig-
ure 6.1 displays the first dozen cyclotomic polynomials. There’s no simple
pattern to these polynomials, but calculating a good number of them gives
you food for thought and leads to interesting conjectures. For example, can
you conjecture anything about deg.ˆn /? All the coefficients of the cyclotomic
polynomials displayed in Figure 6.1 are 0 and ˙1, but your guess that this is
always true is wrong [see Exercise 6.55(iii) on page 270]. Do any of the ˆn .x/
factor in ZŒx? N
When p 11 is prime, ˆp .x/ is x p 1

C xp 2
C C x 2 C x C 1. We
now prove this is true for every prime p.
Proposition 6.62. If p is prime,
ˆp .x/ D x p 1
C xp 2
C C x 2 C x C 1:
Proof. By Proposition 6.60,
xp 1 D ˆ1 .x/ˆp .x/ D .x 1/ˆp .x/;
and the Division Algorithm gives

xp 1
ˆp .x/ D D xp 1
C xp 2
C C x 2 C x C 1:
x 1
Recall that the Euler -function .n/ is defined by
.n/ D number of k with 1 k n and gcd.k; n/ D 1:
The next proposition shows that .n/ is intimately related to ˆn .x/, and this
leads to a simple proof of a fact from number theory.
i i
“book2” — 2013/5/24 — 8:18 — page 267 — #287
i i
Proposition 6.63. (i) .n/ D deg.ˆn /.

P
(ii) For every integer n 1, we have n D djn .d /. Proposition 6.63(ii) is often
proved in number theory
courses without mentioning
Proof. (i) This follows at once from Corollary 3.30, which says that there
cyclotomic polynomials;
are .n/ primitive nth roots of unity. the resulting proof is much
(ii) Immediate from Proposition 6.60(i) and part (i), for more difficult.
X X
nD deg.ˆd / D .d /:
djn djn
We’ve shown that ˆn .x/ 2 ZŒx, and we’ll finish this section by showing
that ˆp is irreducible in QŒx when p is prime. It turns out that ˆn is actually
irreducible in QŒx for every n, but the proof is more difficult (see [17] p.195).
As any linear polynomial over a field, the cyclotomic polynomial ˆ2 D
x C 1 is irreducible in QŒx; ˆ3 D x 2 C x C 1 is irreducible in QŒx because it
has no rational roots; we saw, in Example 6.58, that ˆ5 is irreducible in QŒx.
We’ll next introduce another irreducibility criterion, useful in its own right,
that will allow us to prove that ˆp is irreducible in QŒx for all primes p. An
example will motivate the criterion.
Example 6.64. Exercise 6.30 on page 254 asked you to show that f .x/ D
x 3 C5x 2 10x C15 is irreducible in ZŒx. You now have machinery that makes
this easy. For example, you could invoke Theorem 6.52 (the Rational Root
Theorem) to show that f has no root in Q (or Z) and then use Proposition 6.51.
But let’s use another technique that shows the power of reducing coeffi-
cients. Suppose that f .x/; g.x/; h.x/ 2 ZŒx and f D gh, where neither g
nor h is constant; reduce the coefficients mod 5. Because reduction mod 5 is
a homomorphism, we have f D g h. But all the coefficients of f (except the
leading one) are divisible by 5, so we have
x 3 D gh in Z5 Œx:
Since x is irreducible (it’s a linear polynomial), we can apply unique factor-

ization in Z5 Œx to conclude that both g and h are of the form ux m where u is
a unit in Z5 . Pulling this back to Z, we see that all the coefficients of g and h,
except their leading coefficients, are divisible by 5. Hence the constant term of
gh (which is the product of the constant terms of g and h) is divisible by 25.
But gh D f and the constant term of f is 15, which is not divisible by 25.
Hence no non-trivial factorization of f exists. N
Theorem 6.65 (Eisenstein Criterion). Let f .x/ D a0 C a1 x C C an x n 2

ZŒx. If there is a prime p dividing ai for all i < n but with p − an and Usually, Kadiddlehopper
p 2 − a0 , then f is irreducible in QŒx. was the first to discover
Kadiddlehopper’s Theo-
rem, but not always. For
Proof. .R: Singer/: Let rp W ZŒx ! Fp Œx be reduction mod p, and let f de- example, the Eisenstein
note rp .f /. If f is not irreducible in QŒx, then Gauss’s Lemma gives polyno- Criterion is in a paper of
mials g.x/; h.x/ 2 ZŒx with f D gh, where g.x/ D b0 C b1x C C bm x m , Eisenstein of 1850, but
h.x/ D c0 Cc1x C Cck x k , and m; k > 0. There is thus an equation f D gh it appeared in a paper of
in Fp Œx. Schönemann in 1845.
Since p − an , we have f ¤ 0; in fact, f D ux n for some unit u 2

Fp , because all its coefficients, aside from its leading coefficient, are 0. By
i i
“book2” — 2013/5/24 — 8:18 — page 268 — #288
i i
Theorem 6.40, unique factorization in kŒx where k is a field, we must have

g D vx m and h D wx k (for units v; w in Fp ), so that each of g and h has
constant term 0. Thus, Œb0 D 0 D Œc0 in Fp ; equivalently, p j b0 and p j c0 .
But a0 D b0 c0 , and so p 2 j a0 , a contradiction. Therefore, f is irreducible in
QŒx.
Let’s see that ˆp .x/ D x p 1 C x p 2 C C x C 1 is irreducible in QŒx

when p is prime. Gauss showed how to transform ˆp .x/ so that the Eisenstein
Criterion applies.
Lemma 6.66. Let g.x/ 2 ZŒx. If there is c 2 Z with g.x C c/ irreducible in

ZŒx, then g is irreducible in QŒx.
Proof. By Exercise 5.42 on page 216, the function 'W ZŒx ! ZŒx, given by
f .x/ 7! f .x C c/;
is an isomorphism (its inverse is f .x/ 7! f .x c/). If g.x/ D s.x/t.x/, then
'.g/ D '.st/ D '.s/'.t/: (6.3)
But '.g/ D g.x C c/, so that Eq. (6.3) is a forbidden factorization of g.x C c/.
Hence, Corollary 6.54 says that g is irreducible in QŒx.
Example 6.67. Consider f .x/ D x 4 C 1 2 QŒx. Now
f .x C 1/ D .x C 1/4 C 1 D x 4 C 4x 3 C 6x 3 C 4x C 2:
The Eisenstein Criterion, using the prime p D 2, shows that f .x C 1/ is irre-

ducible in QŒx, and Lemma 6.66 shows that x 4 C 1 is irreducible in QŒx. N
Theorem 6.68 (Gauss). For every prime p, the pth cyclotomic polynomial
ˆp .x/ is irreducible in QŒx.
Proof. Since ˆp .x/ D .x p 1/=.x 1/, we have

! !
p p 1 p p 2 p p 3
ˆp .x C 1/ D Œ.x C 1/ 1=x D x C x C x C C p:
1 2

Since p is prime, we have p j pi for all i with 0 < i < p (Proposition 2.26);
It’s not true that x n 1 C hence, the Eisenstein Criterion applies, and ˆp .x C 1/ is irreducible in QŒx.
x n 2 C C x C 1 is By Lemma 6.66, ˆp is irreducible in QŒx.
irreducible when n is not
prime. For example, when
n D 4, x 3 C x 2 C x C 1 D
.x C 1/.x 2 C 1/. Further results. Gauss used Theorem 6.68 to prove that a regular 17-gon
can be constructed with ruler and compass (ancient Greek mathematicians did
not know this). He also constructed regular 257-gons and 65537-gons. We will
look at ruler–compass constructions in Chapter 7.
i i
“book2” — 2013/5/24 — 8:18 — page 269 — #289
i i
Exercises
6.46 * Let D e2 i=n be a primitive nth root of unity.
(i) Prove, for all n 1, that
xn 1 D .x 1/.x /.x 2 / .x n 1
/;
and, if n is odd, that
x n C 1 D .x C 1/.x C /.x C 2 / .x C n 1
/:
(ii) For numbers a and b, prove that
an b n D .a b/.a b/.a 2 b/ .a n 1
b/;
and, if n is odd, that
an C b n D .a C b/.a C b/.a C 2 b/ .a C n 1
b/:
Hint: Set x D a=b if b ¤ 0.
6.47 * Let k be a field and a 2 k. Show that, in kŒx,

xn an D .x a/ x n 1
C xn 1
a C xn 2 2
a C : : : an 1
x C an :
6.48 If k is a field, a 2 k, and f .x/ D cn x n C cn 1x
n 1 C C c0 2 kŒx, then
rewrite

f .x/ f .a/ D cn x n C cn 1 x n 1 C C c0 cn a n C cn 1a
n 1
C C c0
and use Exercise 6.47 to give another proof of Corollary 6.15.
6.49 Determine whether the following polynomials are irreducible in QŒx.
(i) f .x/ D 3x 2 7x 5. (ii) f .x/ D 2x 3 x 6.
(iii) f .x/ D 8x 3 6x 1. (iv) f .x/ D x 3 C 6x 2 C 5x C 25.
(v) f .x/ D x 4 C 8x C 12.
Hint: In F5 Œx, f .x/ D .x C 1/g.x/, where g is irreducible.
6.50 Use the Eisenstein Criterion to prove that if a is a squarefree integer, then
x n a is irreducible in QŒx for every n 1. Conclude that there are irreducible
polynomials in QŒx of every degree n 1.
6.51 * In the proof of Lemma 6.59, we claimed that the first d powers of are distinct,
where is an nth root of unity and d is the smallest positive integer with d D 1.
Prove this claim.
6.52 * Let be an nth root of unity. Lemma 6.59 shows that is a primitive d th root
of unity for some divisor d of n. Show that the divisor is unique.
6.53 Consider a finite table of data:
Input Output
a1 b1
a2 b2
a3 b3
:: ::
: :
an bn
Show that two polynomial functions (defined over Q) agree on the table if and
only if their difference is divisible by
n
Y
.x ai /:
i D1
i i
“book2” — 2013/5/24 — 8:18 — page 270 — #290
i i
6.54 (i) Show that the set of polynomials in QŒx that vanish on f˛1 ; : : : ; ˛n g is an
ideal in QŒx.
(ii) What is a generator of this ideal?
6.55 *
(i) Implement the recursively defined function for ˆn .x/ given in Example 6.61
in a CAS.
(ii) Use it to generate ˆn .x/ for, say, 1 n 50.
(iii) Use the CAS to find the smallest value of n for which a coefficient of ˆn .x/
is not 0, 1, or 1.
6.3 Connections: Lagrange Interpolation

A popular activity in high school mathematics is finding a polynomial that
agrees with a table of data. For example, students are often asked to find a
There are several methods polynomial agreeing with a table like this:
for fitting polynomial
functions to data; see
Chapter 1 of [7]. Input Output
3 12
2 22
3 72
4 26
On the surface, the problem of fitting data seems to have little to do with the
ideas in this chapter. However, by placing it in a more abstract setting, we’ll
see that it yields Lagrange Interpolation, a result useful in its own right. Thus,
this problem fits right into the theory of commutative rings; in fact, it’s really
the Chinese Remainder Theorem! But isn’t the Chinese Remainder Theorem
about solving some congruences? Well, yes, and we’ll see that we can make
the notion of congruence apply here. But first, let’s find a polynomial f .x/ by
hand that fits the table.
f . 3/ D 12 , the remainder when f .x/ is divided by .x C 3/ is 12

f .2/ D 22 , the remainder when f .x/ is divided by .x 2/ is 22
f .3/ D 72 , the remainder when f .x/ is divided by .x 3/ is 72
f . 4/ D 26 , the remainder when f .x/ is divided by .x C 4/ is 26.
The statement about remainders looks structurally similar to the solution we

constructed to the problem from Qin Jiushao on page 146. We now make this
similarity precise.
Recall that a b mod m in Z means that m j .a b/. We can define
congruence in kŒx, where k is a field: given m.x/ 2 kŒx, then f .x/; g.x/ are
congruent mod m, denoted by
f g mod m;
if m j .f g/.
i i
“book2” — 2013/5/24 — 8:18 — page 271 — #291
i i
6.3 Connections: Lagrange Interpolation 271
Take It Further. Throwing caution to the winds, here’s a fantastic general-

ization. Rephrase congruence mod m in Z in terms of ideals: since m j .a b/
if and only if a b 2 .m/, we have a b mod m if and only if a b 2 .m/.
Let R be a commutative ring and I be any, not necessarily principal, ideal in R.
If a; b 2 R, define
a b mod I
to mean a b 2 I (we’ll actually use this generalization when we discuss

quotient rings in Chapter 7).
We can now rephrase the Division Algorithm in kŒx using congruence. The
statement: given m.x/; f .x/ 2 kŒx with m.x/ ¤ 0, there exist q.x/; r .x/ 2
kŒx with f D qm C r , where r D 0 or deg.r / < deg.m/, can be rewritten to
say
f r mod m:
And Proposition 6.14, the Remainder Theorem, says that if m.x/ D x a,

then f f .a/ mod .x a/. Thus, the constraints on f can be rewritten
f 12 mod .x C 3/
f 22 mod .x 2/
f 72 mod .x 3/
f 26 mod .x C 4/:
Notice that the four linear polynomials are pairwise relatively prime.
Let’s push the similarity a little further, using the localization idea on page 146.
Suppose we can find polynomials g, h, k, and ` satisfying
g. 3/ D 1 h. 3/ D 0 k. 3/ D 0 `. 3/ D 0
g.2/ D 0 h.2/ D 1 k.2/ D 0 `.2/ D 0
g.3/ D 0 h.3/ D 0 k.3/ D 1 `.3/ D 0
g. 4/ D 0 h. 4/ D 0 k. 4/ D 0 `. 4/ D 1:
Setting f D 12g C 22h C 72k 26`, we have a polynomial that fits the
original table (why?). Now Proposition 6.15, the Factor Theorem, shows that
g is divisible by the linear polynomials x 2, x 3, and x C 4. Since they are
irreducible in QŒx, they are pairwise relatively prime; hence, Exercise 6.17(ii)
on page 247 says that g is divisible by their product: there is A.x/ such that
g.x/ D A.x 2/.x 3/.x C 4/:
In fact, we can choose A to be a constant and have g. 3/ D 1: set
1 D g. 3/ D A. 3 C 2/. 3 3/. 3 C 4/I

1
that is, A D 1=30 and g.x/ D 30
.x 2/.x 3/.x C 4/. Similarly,
h.x/ D B.x C 3/.x 3/.x C 4/ and h.2/ D 1 implies B D 1=30, so
1
h.x/ D 30
.x C 3/.x 3/.x C 4/
i i
“book2” — 2013/5/24 — 8:18 — page 272 — #292
i i
k.x/ D C.x C 3/.x 2/.x C 4/ and k.3/ D 1 implies C D 1=42, so

1
k.x/ D 42
.x C 3/.x 2/.x C 4/
`.x/ D D.x C 3/.x 2/.x 3/ and `. 4/ D 1 implies D D 1=42, so
1
`.x/ D 42
.x C 3/.x 2/.x 3/:
Now putting f D 12gC22hC72k 26`, we have, after simplification (carried
out by a CAS):
f .x/ D 2x 3 C 4x 2 8x C 6:
You can check that f matches the table.
This method is called Lagrange Interpolation, and it applies to any finite
set of input-output pairs. As we just saw, it’s the same method used in the
proof of the Chinese Remainder Theorem, but applied to polynomials rather
than integers. Since our goal is merely to display connections, we leave the
proof to the reader.
Theorem 6.69 (Chinese Remainder Theorem for Polynomials). Let k be

a field. If m1 ; : : : ; mr 2 kŒx are pairwise relatively prime and b1 ; : : : ; br 2
kŒx, then the simultaneous congruences
f b1 mod m1
f b2 mod m2
:: ::
: :
f br mod mr
have an explicit solution, namely,
f D b1 .s1 M1 / C b2 .s2 M2 / C C br .sr Mr / ;
where
bi mr
Mi D m1 m2 m and si Mi 1 mod mi for 1 i r:
Furthermore, any solution to this system is congruent to f mod m1 m2 mr .
Proof. The proof of Theorem 4.27 can be easily adapted to prove this.
Example 6.70. The calculations we have just made can be used to illustrate
the theorem. The table gives
b1 D 12; b2 D 22; b3 D 72; b4 D 26I
applying the Remainder Theorem to the table entries,
m1 D x C 3; m2 D x 2; m3 D x 3; m4 D x C 4:
Then
M1 D .x 2/.x 3/.x C 4/;
M2 D .x C 3/.x 3/.x C 4/;
M3 D .x C 3/.x 2/.x C 4/;
M4 D .x C 3/.x 2/.x 3/;
i i
“book2” — 2013/5/24 — 8:18 — page 273 — #293
i i
and
s1 D 1=30; s2 D 1=30; s3 D 1=42; s4 D 1=42:
Note, for example, that
1
s1 M1 1D 30 .x 2/.x 3/.x C 4/ 1
3 2
x x 14x C 24
D 1
30
x3 x2 14x 6
D
30
4x 2 x2
D .x C 3/ ;
30
so that s1 M1 1 mod m1 . This is not magic; if you look carefully at how s1
is calculated (we called it A on the previous page), you’ll see that it is none
other than
1=M1 . 3/:
And the Remainder Theorem (again) says that the remainder when g.x/ D
M1 .x/=M1 . 3/ is divided by x C 3 is
g. 3/ D M1 . 3/=M1 . 3/ D 1:
Similarly, we have si Mi 1 mod mi for the other values of i .
Finally, the statement about any other solution to the system follows from
Exercise 6.53 on page 269. N
Compare the statement of Theorem 6.69 to the more typical statement of

Lagrange Interpolation.
Theorem 6.71 (Lagrange Interpolation). Let k be a field. An explicit way of

writing the polynomial f .x/ 2 kŒx of minimal degree that takes the values bi
at distinct points ai , for 1 i r , is
M1 .x/ M2 .x/ M3 .x/ Mr .x/
f .x/ D b1 C b2 C b3 C C br ;
M1 .a1 / M2 .a2 / M3 .a3 / Mr .ar /
where Mi .x/ is the polynomial defined by
Mi .x/ D .x a1 /.x a2 / .x ai 3
1 /.xa /.x i ai C1 / .x ar /:
Some things to note:

(i) Theorem 6.69 is more general than Theorem 6.71, for it allows the moduli
mi to be any finite set of relatively prime polynomials (Lagrange Interpo-
lation only considers moduli of the form x a).
(ii) On the other hand, Theorem 6.71 is more explicit: it implies that si (in
the statement of the Chinese Remainder Theorem) is 1=Mi .ai / (in the
statement of Lagrange Interpolation).
(iii) The statement of Lagrange Interpolation goes on to say that the poly-
nomial obtained by this method is the one of lowest degree that fits the
conditions.
You’ll verify these last two items in Exercises 6.60 and 6.63 below.
i i
“book2” — 2013/5/24 — 8:18 — page 274 — #294
i i
Exercises
6.56 Find a polynomial that agrees with the table
Input Output
0 3
1 4
2 7
3 48
4 211
6.57 A radio show offered a prize to the first caller who could predict the next term in
the sequence
1; 2; 4; 8; 16:
(i) What would you get if you used “common sense?”
(ii) What would you get if you used Lagrange Interpolation?
6.58 Another radio show offered a prize to the first caller who could predict the next
term in the sequence
14; 3; 26; 8; 30:
After no one got it for a few days, the host announced that these are the first
five numbers that were retired from the Mudville Sluggers baseball team. Use
Lagrange Interpolation to predict the next number that was retired in Mudville.
6.59 The following table fits the quadratic f .x/ D x 2 3x C 5; that is, f .0/ D 5,
f .1/ D 3, etc. Now forget about f and use Lagrange Interpolation to find a
The result of Exercise 6.53 polynomial that fits the table.
allows you to fool many
standardized tests.
Input Output
0 5
1 3
2 3
3 5
4 9
It seems that this table should fool Lagrange Interpolation, which produces a de-
gree 4 polynomial. Does it?
6.60 * Show that Lagrange Interpolation produces a polynomial of smallest degree that
agrees with a given input-output table.
6.61 (i) Find a polynomial g.x/ that agrees with the table
Input Output
4 24
5 60
6 120
7 210
8 336
(ii) Factor g into irreducibles.
i i
“book2” — 2013/5/24 — 8:18 — page 275 — #295
i i
6.62 It is known that there’s a cubic polynomial function f .x/ 2 QŒx such that, for
positive integers n,
n
X1
f .n/ D k2:
kD0
(i) Find f .
Hint: A cubic is determined by four inputs.
P 1 2
(ii) Prove that f .n/ D nkD0 k for all positive integers n.
6.63 * Using the notation of Theorem 6.71, show that
Mi .x/=Mi .ai / 1 mod .x ai /:
i i
“book2” — 2013/5/24 — 8:18 — page 276 — #296
i i
i i
“book2” — 2013/5/24 — 8:18 — page 277 — #297
i i
7 Quotients, Fields, and Classical

Problems
In Chapter 4, we introduced the idea of congruence modulo an integer m as a

way to “ignore” multiples of m in calculations by concentrating on remainders.
This led to an arithmetic of congruence classes and the construction of the
commutative ring Zm in which multiples of m are set equal to 0. You now
know that the multiples of m form an ideal .m/ in Z, and so Zm can be thought
of as a commutative ring obtained from Z in which all the elements of .m/ are
set equal to 0.
In this chapter, we introduce quotient rings, a generalization of this con-
struction. Given a commutative ring R and an ideal I R, we will produce a
new commutative ring R=I that forces all the elements of I to be 0.
In particular, beginning with the commutative ring kŒx and the ideal .f /,
where k is a field and f .x/ 2 kŒx, we shall see that identifying .f / with 0
produces an element ˛ in the quotient ring kŒx=.f / that is a root of f : if
f .x/ D c0 C c1x C C cn x n , then f .˛/ D c0 C c1 ˛ C C cn ˛ n D 0.
Moreover, the complex number field is a special case: C is the quotient ring
arising from RŒx and the ideal .x 2 C 1/. Another byproduct of the quotient
ring construction is the existence and classification of all finite fields (there are
others beside Fp and F4 ).
In the last section, we will apply fields to settle classical geometric prob-
lems that arose over two millenia ago: using only ruler and compass, can we
duplicate the cube, trisect an angle, square the circle, or construct regular n-
gons?
7.1 Quotient Rings

In Chapter 3, we said that the approach of many Renaissance mathematicians
to the newly invented complex numbers was to consider them as polynomi-
als or rational functions in i , where calculations are carried out as usual with
the extra simplification rule i 2 D 1. In constructing Zm from Z, we ig-
nored multiples of m (that is, we set them all equal to 0), and we saw that this
idea is compatible with addition and multiplication. Let’s see if we can mimic
this idea, starting with RŒx, and apply it to C, as our Renaissance ancestors
wished. Can we replace the symbol x in a polynomial f .x/ by a new sym-
bol i that satisfies i 2 D 1? Well, if we make x 2 D 1, then we are setting
x 2 C 1 D 0. So, as with constructing Zm , let’s set all the multiples of x 2 C 1
in RŒx equal to 0.
This analogy with Zm looks promising: let the commutative ring RŒx cor-
respond to Z, and let the (principal) ideal .x 2 C 1/ in RŒx correspond to
277
i i
“book2” — 2013/5/24 — 8:18 — page 278 — #298
i i
278 Chapter 7 Quotients, Fields, and Classical Problems
the ideal .m/ in Z. Push this analogy further. Elements in Zm are congruence
classes Œa, where a 2 Z. Let’s invent new elements Œf corresponding to poly-
nomials f .x/. In more detail, Œa denotes fa C qm W q 2 Zg, and we forced
qm D 0 (actually, using the Division Algorithm in Z, this allowed us to focus
on remainders after dividing by m). Defining Œf D ff .x/ C q.x/.x 2 C 1/ W
q.x/ 2 RŒxg would allow us to focus on the remainder after dividing f .x/ by
x 2 C 1. Indeed, the Division Algorithm in RŒx writes
f .x/ D q.x/.x 2 C 1/ C r .x/;
where r .x/ D 0 or deg.r / < 2. In other words, we could write Œf D Œr ,
where r .x/ D a C bx for a; b 2 R. Hold it! If the bracket notation makes
x 2 C 1 D 0, then x 2 D 1, and we may as well write i instead of Œx. Looks a
lot like C to us! Now it turns out that this idea is also compatible with addition
and multiplication, as we shall see when we introduce quotient rings precisely.
The construction makes sense for any commutative ring R and any ideal I
in R; moreover, it constructs not only C but many other important systems
as well.
Definition. Let I be an ideal in a commutative ring R. We say that a; b 2 R

are congruent mod I , written
a b mod I;
if a b 2 I .
This does generalize our earlier definition of congruence when R D Z,

m 0, and I D .m/. If a; b 2 Z and a b mod .m/, then a b 2 .m/. But
a b 2 .m/ if and only if m j a b; that is, a b mod m in the old sense.
We now note that congruence mod I is an equivalence relation on R.
Proposition 7.1. Let a; b; c be elements in a commutative ring R. If I is an

ideal in R, then
(i) a a mod I
(ii) if a b mod I , then b a mod I
(iii) if a b mod I and b c mod I , then a c mod I .
Proof. Just modify the proof of Proposition 4.3.

The next result shows that the new notion of congruence is compatible with
addition and multiplication of elements in R.
Proposition 7.2. Let I be an ideal in a commutative ring R.

(i) If a a0 mod I and b b 0 mod I , then
a C b a0 C b 0 mod I:
More generally, if ai ai0 mod I for i D 1; : : : ; k, then
a1 C C ak a10 C C ak0 mod I:
(ii) If a a0 mod I and b b 0 mod I , then
ab a0 b 0 mod I:
More generally, if ai ai0 mod I for i D 1; : : : ; k, then
a1 ak a10 ak0 mod I:
i i
“book2” — 2013/5/24 — 8:18 — page 279 — #299
i i
7.1 Quotient Rings 279
(iii) If a b mod I , then

ak b k mod I for all k 1:
Proof. This is a straightforward modification of the proof of Proposition 4.5.

For example, here is the proof of Proposition 4.5(i). If m j .a a0 / and
m j .b b 0 /, then m j .aCb/ .a0 Cb 0 /, because .aCb/ .a0 Cb 0 / D .a a0 /C
.b b 0 /. Rewrite this here by changing “m j .a a0 /” to “a a0 2 I .”
We now mimic the construction of the commutative rings Zm by first gen-
eralizing the idea of a congruence class.
Definition. Let I be an ideal in a commutative ring R. If a 2 R, then the coset

a C I is the subset
a C I D fa C z W z 2 I g R:
Thus, the coset a C I is the set of all those elements in R that are congru-
ent to a mod I . Cosets generalize the notion of congruence class and so, by
analogy, the coset a C I is often called a mod I .
Proposition 7.3. If R D Z, I D .m/, and a 2 Z, then the coset

a C I D a C .m/ D fa C km W k 2 Zg
is equal to the congruence class Œa D fn 2 Z W n a mod mg.
Proof. If u 2 a C .m/, then u D a C km for some k 2 Z. Hence, u a D km,

m j .u a/, u a mod m, and u 2 Œa; that is, a C .m/ Œa.
For the reverse inclusion, if v 2 Œa, then v a mod m, m j .v a/,
v a D `m for some ` 2 Z, and v D a C `m 2 a C .m/. Therefore,
Œa a C .m/, and so a C .m/ D Œa.
In Proposition 7.1, we saw that congruence mod I is an equivalence rela-
tion on R; in Exercise 7.6 on page 285, you will prove that if a 2 R, then its
equivalence class is the coset a C I . It follows that the family of all cosets is
a partition of R (see Proposition A.17); that is, cosets are nonempty, R is the
union of the cosets, and distinct cosets are disjoint: if a C I ¤ b C I , then
.a C I / \ .b C I / D ¿.
When are two cosets mod I the same? In Proposition 4.2, we answered this
question by proving that a b mod m if and only if each of a and b has the
same remainder after dividing by m.
Proposition 7.4. Let I be an ideal in a commutative ring R. If a; b 2 R, then

a C I D b C I if and only if a b mod I . In particular, a C I D I if and
only if a 2 I .
Proof. Note first that a 2 a C I , for 0 2 I and a D a C 0. If a C I D b C I ,

then a 2 b C I ; hence, a D b C i for some i 2 I , and so a b 2 I and
a b mod I .
Conversely, assume that a b 2 I ; say a b D i . To see whether a C I
b C I , we must show that if a C i 0 2 a C I , where i 0 2 I , then a C i 0 2 b C I .
But a C i 0 D .b C i / C i 0 D b C .i C i 0 / 2 b C I (for ideals are closed under
addition). The reverse inclusion, b C I a C I , is proved similarly. Therefore,
a C I D b C I.
i i
“book2” — 2013/5/24 — 8:18 — page 280 — #300
i i
We have now generalized congruence mod m to congruence mod an ideal

and congruence classes to cosets. The next step is to assemble the cosets and
make a commutative ring with them.
Definition. If I is an ideal in a commutative ring R, we denote the set of all

its cosets by R=I :
R=I D fa C I W a 2 Rg:
Once the set Zm was built, we equipped it with the structure of a commu-
tative ring by defining addition and multiplication of congruence classes. We
carry out that program now for R=I .
Definition. Let I be an ideal in a commutative ring R.

Define addition ˛W R=I R=I ! R=I by
˛W .a C I; b C I / 7! a C b C I
and define multiplication W R=I R=I ! R=I by
W .a C I; b C I / 7! ab C I:
Example 7.5. Suppose that R D ZŒx and I is the principal ideal .x 2 Cx C1/.
If a D 3 C 2x and b D 4 C 3x, then
.a C I /.b C I / D ab C I D .3 C 2x/.4 C 3x/ C I D 12 C 17x C 6x 2 C I:
But, by Exercise 7.4(ii) on page 285, 12 C 17x C 6x 2 6 C 11x mod I (in

fact, .12 C 17x C 6x 2 / .6 C 11x/ D 6.x 2 C x C 1/), so that
.3 C 2x C I /.4 C 3x C I / D 6 C 11x C I: N
Lemma 7.6. Addition and multiplication R=I R=I ! R=I are well-defined
functions.
Proof. Let a C I D a0 C I and b C I D b 0 C I ; that is, a a0 2 I and

b b0 2 I .
To see that addition is well-defined, we must show that a0 C b 0 C I D
a C b C I . This is true:
.a C b/ .a0 C b 0 / D .a a0 / C .b b 0 / 2 I:
To see that multiplication R=I R=I ! R=I is well-defined, we must

show that .a0 C I /.b 0 C I / D a0 b 0 C I D ab C I ; that is, ab a0 b 0 2 I . But
this is true:
ab a0 b 0 D ab a0 b C a0 b a0 b 0 D .a a0 /b C a0 .b b 0 / 2 I:
The proof of Theorem 4.32, which shows that Zm is a commutative ring,

generalizes to show that R=I is a commutative ring. Here are the details.
Theorem 7.7. If I is an ideal in a commutative ring R, then R=I is a com-

mutative ring.
i i
“book2” — 2013/5/24 — 8:18 — page 281 — #301
i i
Proof. Each of the eight axioms in the definition of commutative ring must be
verified; all the proofs are routine, for they are inherited from the correspond-
ing property in R. If a; b; c 2 R, then we have
(i) Commutativity of addition:
.a C I / C .b C I / D a C b C I D b C a C I D .b C I / C .a C I /:
(ii) The zero element is I D 0 C I , for I C .a C I / D 0 C a C I D a C I .
(iii) The negative of a C I is a C I , for .a C I / C . a C I / D 0 C I D I .
(iv) Associativity of addition:
Œ.a C I / C .b C I / C .c C I / D .a C b C I / C .c C I /
D Œ.a C b/ C c C I D Œa C .b C c/ C I
D .a C I / C .b C c C I / D .a C I / C Œ.b C I / C .c C I /:
(v) Commutativity of multiplication:

.a C I /.b C I / D ab C I D ba C I D .b C I /.a C I /:
(vi) The multiplicative identity is 1CI , for .1CI /.aCI / D 1aCI D aCI .
(vii) Associativity of multiplication:
Œ.a C I /.b C I /.c C I / D .ab C I /.c C I /
D Œ.ab/c C I D Œa.bc/ C I
D .a C I /.bc C I / D .a C I /Œ.b C I /.c C I /:
(viii) Distributivity:

.a C I / .b C I / C .c C I / D .a C I /.b C c C I /
D Œa.b C c/ C I D .ab C ac/ C I
D .ab C I / C .ac C I /
D .a C I /.b C I / C .a C I /.c C I /:
Definition. The commutative ring R=I constructed in Theorem 7.7 is called

the quotient ring of R modulo I (it is usually pronounced “R mod I ”).
We said that quotient rings generalize the construction of Zm . Let’s show

that the commutative rings Z=.m/ and Zm are not merely isomorphic, they are
identical.
We have already seen, in Proposition 7.3, that they have the same elements:
for every a 2 Z, the coset a C .m/ and the congruence class Œa are subsets
of Z, and they are equal. But the operations coincide as well. They have the
same addition:

a C .m/ C b C .m/ D a C b C .m/ D Œa C b D Œa C Œb
and they have the same multiplication:

a C .m/ b C .m/ D ab C .m/ D Œab D ŒaŒb:
Thus, quotient rings truly generalize the integers mod m.
If I D R, then R=I consists of only one coset, and so R=I is the zero ring
(in Chapter 4, we said that the zero ring does arise occasionally). Since the
i i
“book2” — 2013/5/24 — 8:18 — page 282 — #302
i i
zero ring is not very interesting, we usually assume, when forming quotient
rings, that ideals are proper ideals. Recall, in constructing Zm , that we usually
assumed that m 2.
The definitions of addition and multiplication in R=I involve an interplay
between reducing modulo the ideal I and the operations of addition and multi-
plication in R=I . In the special case of Zm , we called this interplay “reduce as
you go.” But that’s just an informal way of describing a homomorphism. More
precisely, if we define a function W R ! R=I by W a 7! a C I , then we can
rewrite a C b C I D .a C I / C .b C I / as .a C b/ D .a/ C .b/; similarly,
ab C I D .a C I /.b C I / can be rewritten as .ab/ D .a/.b/.
The word “map” is often Definition. If I is an ideal in a commutative ring R, then the natural map is
used as a synonym for the function W R ! R=I given by
function or homomor-
phism.
a 7! a C I I
that is, .a/ D a C I .
Proposition 7.8. If I is an ideal in a commutative ring R, then the natural

map W R ! R=I is a surjective homomorphism, and ker D I .
Proof. We have just seen that .aCb/ D .a/C.b/ and .ab/ D .a/.b/.
Since .1/ D 1 C I , the multiplicative identity in R=I , we see that is a ho-
momorphism.
Now is surjective: if a C I 2 R=I , then a C I D .a/. Finally, by
definition, ker D fa 2 R j .a/ D 0 C I g. But .a/ D a C I , and
a C I D 0 C I if and only if a 2 I (Proposition 7.4). The result follows.
Here is the converse of Proposition 5.25: Every ideal is the kernel of some
homomorphism.
Corollary 7.9. Given an ideal I in a commutative ring R, there exists a com-

mutative ring A and a homomorphism 'W R ! A with I D ker '.
Proof. If we set A D R=I , then the natural map W R ! R=I is a homomor-

phism with I D ker .
We know that isomorphic commutative rings are essentially the same, being
“translations” of one another; that is, if 'W R ! S is an isomorphism, we may
think of r 2 R as being in English while '.r / 2 S is in French. The next
theorem shows that quotient rings are essentially images of homomorphisms.
It also shows how to modify a homomorphism to make it an isomorphism.
Theorem 7.10 (First Isomorphism Theorem). Let R and A be commutative

There are second and third rings. If 'W R ! A is a homomorphism, then ker ' is an ideal in R, im ' is a
isomorphism theorems, subring of A, and
but they are less useful
(see Exercise 7.15 on
R= ker ' Š im ':
page 286).
Proof. Let I D ker '. We have already seen, in Proposition 5.25, that I is an
ideal in R and im ' is a subring of A.
i i
“book2” — 2013/5/24 — 8:18 — page 283 — #303
i i
Define e
' W R=I ! im ' by
e
' .r C I / D '.r /:
We claim that e
' is an isomorphism. First, e
' is well-defined. If r C I D s C I ,
then r s 2 I D ker ', '.r s/ D 0, and '.r / D '.s/. Hence
e
' .r C I / D '.r / D '.s/ D e
' .s C I /:
Next, e
' is a homomorphism because ' is.

e
' .r C I / C .s C I / D e ' .r C s C I /
D '.r C s/ D '.r / C '.s/
De ' .r C I / C e' .s C I /:

Similarly, e
' .r C I /.s C I / D e ' .s C I / (Exercise 7.7 on page 285).
' .r C I /e
As e
' .1 C I / D '.1/ D 1, we see that e ' a homomorphism.
We show that e' is surjective. If a 2 im ', then there is r 2 R with a D '.r /;
plainly, a D '.r / D e' .r C I /.
Finally, we show that e ' is injective. If e
' .r C I / D 0, then '.r / D 0, and
r 2 ker ' D I . Hence, r C I D I ; that is, ker e ' D fI g and e ' is injective, by
Proposition 5.31. Therefore, e ' is an isomorphism.
We can illustrate this last proof with a picture; such a picture is often called
a commutative diagram if composites of maps having same domain and same
target are equal. Here, i W im ' ! A is the inclusion, and ' D ie ' .
'
R A
i
R=I im '
e
'
Here’s a trivial example. If R is a commutative ring, then .0/ is an ideal.

The identity 1R W R ! R is a surjective homomorphism with ker 1R D .0/, so
that the First Isomorphism Theorem gives the isomorphism e 1R W R=.0/ ! R;
that is, R=.0/ Š R.
Theorem 7.10 has more interesting applications than showing that R=.0/ Š R.
For example, it gives us the tools needed to tighten up the discussion of the al-
ternate construction of C that began this section.
Theorem 7.11. The quotient ring RŒx=.x 2 C 1/ is a field isomorphic to the Hence, the high school
complex numbers C. approach to complex
numbers contains the
germ of a correct idea.
Proof. Consider the evaluation 'W RŒx ! C (as in Corollary 5.21) with
'.x/ D i and '.a/ D a for all a 2 R; that is,
'W f .x/ D a0 C a1 x C a2 x 2 C 7! f .i / D a0 C a1 i C a2 i 2 C :
Now ' is surjective, for a C i b D '.a C bx/, and so the First Isomorphism
Theorem gives an isomorphism e ' W RŒx= ker ' ! C, namely f .x/ C ker ' 7!
f .i /. But Corollary 6.26 gives ker ' D .x 2 C1/; therefore, RŒx=.x 2 C1/ Š C
as commutative rings, by the First Isomorphism Theorem. We know that C is
a field, and any commutative ring isomorphic to a field must, itself, be a field.
Thus, the quotient ring RŒx=.x 2 C 1/ is another construction of C.
i i
“book2” — 2013/5/24 — 8:18 — page 284 — #304
i i
How to Think About It. Because every element of RŒx is congruent to a

linear polynomial a C bx mod .x 2 C 1/, every element of RŒx=.x 2 C 1/ can
be written as a C bx C .x 2 C 1/ for some real numbers a and b.
Example 7.12. (i) Since RŒx=.x 2 C 1/ is a field, every nonzero element in

it has a multiplicative inverse. Let’s find the inverse of an element a C
bx C .x 2 C 1/ by “pulling back” the formula in C,
1 a bi
D 2 ;
a C bi a C b2
to RŒx=.x 2 C 1/, using the inverse of the isomorphism ' in the proof of
Theorem 7.11. Now ' 1 .a C bi / D a C bx C .x 2 C 1/; so that
1 a bx
2
D 2 C .x 2 C 1/:
a C bx C .x C 1/ a C b2
(ii) Euclidean Algorithm II gives another way of finding the inverse, writing
gcd.a C bx; x 2 C 1/ as a linear combination of a C bx and x 2 C 1. The
algorithms in Exercise 6.18(iii) produce the linear combination in RŒx:

a bx 2 a2 C b 2
.a C bx/ C 1.x C 1/ D :
b2 b2
Dividing both sides by .a2 C b 2 /=b 2 , we have
a bx b2
.a C bx/ C .x 2 C 1/ D 1:
a2 C b 2 a2 C b 2
Moving to RŒx=.x 2 C 1/, this implies again that

1 a bx
a C bx C .x 2 C 1/ D C .x 2 C 1/ N
a2 C b 2
We end this section with a generalization of Theorem 7.11. If you chase

back the arguments to their source, you’ll see that all we needed is that RŒx is
a PID and x 2 C 1 is an irreducible element in RŒx.
Proposition 7.13. If R is a PID and p is an irreducible element in R, then

R=.p/ is a field.
Proof. It suffices to show that every nonzero element a C .p/ in the commu-
tative ring R=.p/ has a multiplicative inverse. Since a C .p/ ¤ 0, we have
a … .p/; that is, p − a. Since R is a PID, Theorem 6.46 says that gcd’s exist
and are linear combinations. In particular, gcd.a; p/ D 1, so there are s; t 2 R
with sa C tp D 1. Thus,

1 C .p/ D sa C .p/ D sa C .p/ D s C .p/ a C .p/
1
in R=.p/, and a C .p/ D s C .p/. Therefore, R=.p/ is a field.
i i
“book2” — 2013/5/24 — 8:18 — page 285 — #305
i i
Exercises
7.1 Are any cosets of .5/ in Z ideals?
7.2 Prove Proposition 7.1.
7.4 * In QŒx=.x 2 C x C 1/, write each term in the form a C bx with a; b 2 Q.
(i) .3 C 2x/.4 C 3x/ (ii) 12 C 17x C 6x 2
(iii) x2 (iv) x 3
(v) .1 x/2 (vi) .1 x/.1 x2 /
(vii) .a C bx/.a C bx 2 / (viii) .a C bx/2 .
7.5 In QŒx=.x 4 C x 3 C x 2 C x C 1/, write each term in the form a C bx C cx 2 C dx 3

with a; b; c; d rational numbers.
(i) x 5
(ii) .1 x/.1 x 2 /.1 x 3 /.1 x4 /
(iii) .1 C x/.1 C x 2 /.1 C x 3 /.1 C x 4 /.
7.6 * In Proposition 7.1, we saw that if I is an ideal in a commutative ring R, then
congruence mod I is an equivalence relation on R. Prove that the equivalence
classes are the cosets mod I .
7.7 In the notation of Theorem 7.10, show that

e
' .r C I /.s C I / D e
' .r C I /e
' .s C I /:
7.8 * Let 'W R ! S be an isomorphism of commutative rings. Assume that I R

and J S are ideals and that '.I / D J , where '.I / D f'.a/ W a 2 I g. Prove
that e
' W R=I ! S=J , given by e
' W r C I 7! '.r/ C J , is an isomorphism.
7.9 Let I be an ideal in a commutative ring R.
(i) If S is a subring of R and I S, prove that
S=I D fr C I W r 2 Sg
is a subring of R=I .
(ii) If J is an ideal in R and I J , prove that
J =I D fr C I W r 2 J g
is an ideal in R=I .
7.10 Show that the subring ZŒx=.x 2 C 1/ of RŒx=.x 2 C 1/ is isomorphic to the
Gaussian integers ZŒi .
7.11 Show that there is an isomorphism of fields:
RŒx=.x 2 C 1/ Š RŒx=.x 2 C x C 1/
Hint: Both are isomorphic to C.

7.12 Show that
QŒx=.x 2 C x C 1/ Š QŒ! D fu C v! W u; v 2 Qg;

p
where ! D 12 1Ci 3 .
7.13 Show that the subring ZŒx=.x 2 C x C 1/ of RŒx=.x 2 C x C 1/ is isomorphic to

the Eisenstein integers ZŒ!.
i i
“book2” — 2013/5/24 — 8:18 — page 286 — #306
i i
7.14 For each element of QŒx=.x 2 C x C 1/, find the multiplicative inverse.
(i) 3 C 2x C .x 2 C x C 1/
(ii) 5 x C .x 2 C x C 1/
(iii) 15 C 7x 2x 2 C .x 2 C x C 1/
(iv) a C bx C .x 2 C x C 1/ (in terms of a and b).
7.15 * Prove the Third Isomorphism Theorem: If R is a commutative ring having
ideals I J , then J =I is an ideal in R=I , and there is an isomorphism
.R=I /=.J =I / Š R=J .
Hint: Show that the function 'W R=I ! R=J , given by a C I 7! a C J , is a
homomorphism, and apply the First Isomorphism Theorem.
7.16 For every commutative ring R, prove that RŒx=.x/ Š R.
7.17 An ideal I in a commutative ring R is called a prime ideal if I is a proper ideal
such that ab 2 I implies a 2 I or b 2 I .
(i) If p is a prime number, prove that .p/ is a prime ideal in Z.
Hint: Euclid’s Lemma.
(ii) Prove that if an ideal .m/ in Z is a prime ideal, then m D 0 or jmj is a prime
number.
7.18 Let I be a proper ideal in kŒx, where k is a field.
(i) If p is an irreducible polynomial, prove that .p/ is a prime ideal in kŒx.
(ii) Prove that if an ideal .f / in kŒx is a prime ideal, then f D 0 or f is an
irreducible polynomial.
7.19 Let I be a proper ideal in a commutative ring R.
(i) Prove that .0/ is a prime ideal in R if and only if R is a domain.
(ii) Prove that I is a prime ideal if and only if a … I and b … I imply ab … I .
(iii) Prove that I is a prime ideal if and only if R=I is a domain.
7.20 Prove that .x/ is a prime ideal in ZŒx.
Hint: Is ZŒx=.x/ a domain?
7.21 An ideal I in a commutative ring R is called a maximal ideal if I is a proper ideal
for which there is no proper ideal J with I ¨ J .
(i) If p is a prime number, prove that .p/ is a maximal ideal in Z.
(ii) Prove that if an ideal .m/ in Z is a maximal ideal, then jmj is a prime number.
7.22 Let I be a proper ideal in kŒx, where k is a field.
(i) If p is an irreducible polynomial, prove that .p/ is a maximal ideal in kŒx.
(ii) Prove that if an ideal .f / in kŒx is a maximal ideal, then f is an irreducible
polynomial.
7.23 * Let I be a proper ideal in a commutative ring R.
(i) Prove that .0/ is a maximal ideal in R if and only if R is a field.
(ii) Prove that I is a maximal ideal if and only if R=I is a field. Conclude that if
k is a field and p.x/ 2 kŒx is irreducible, then kŒx=.p/ is a field.
(iii) Prove that every maximal ideal is a prime ideal.
7.24 (i) Prove that J is a maximal ideal in ZŒx, where J consists of all polynomials
with even constant term.
Hint: Prove that ZŒx=J Š F2 .
(ii) Prove that the prime ideal .x/ in ZŒx is not a maximal ideal.
i i
“book2” — 2013/5/24 — 8:18 — page 287 — #307
i i
7.2 Field Theory 287
7.2 Field Theory

General results about quotient rings R=I have a special character when R
enjoys extra hypotheses. In this section, we investigate properties of fields with
an eye to using the ideas behind the isomorphism
RŒx=.x 2 C 1/ Š C:
We are going to apply quotient rings to prove some interesting results: for every
polynomial f .x/ 2 kŒx, where k is a field, there exists a field extension E= k
containing all the roots of f ; we will also be able to prove the existence of
finite fields other than Fp .
Characteristics
Contemplating “any field” seems quite daunting, and so it makes sense for us to
begin classifying fields. First of all, fields come in two types: those that contain
a subfield isomorphic to Q, and those that contain a subfield isomorphic to Fp
for some prime p.
Recall the definition of na on page 160, where n 2 Z and a is an element
of a commutative ring R. For example, 3a means a C a C a and . 3/a means
a a a. More generally, if n is a nonnegative integer, then na means
a C a C C a;
„ ƒ‚ …
n times
0a D 0, and na is the sum of jnj copies of a. Note that na is a hybrid in the

sense that it is the product of an integer and an element of R, not the product of
two ring elements. However, na can be viewed as the product of two elements
in R, for if e is the multiplicative identity in R, then ne 2 R and na D .ne/a.
In particular, 3a D a C a C a D .e C e C e/a D .3e/a. This “action” of Z
on R is really a homomorphism.
Lemma 7.14. If R is a commutative ring with multiplicative identity e; then

the function W Z ! R, given by
.n/ D ne;
is a homomorphism.
Proof. Exercise 7.25 on page 293.
Proposition 7.15. If k is a field and W Z ! k is the map W n 7! ne, where

e is the multiplicative identity in R, then either im Š Z or im Š Fp for
some prime p.
Proof. Since every ideal in Z is principal, ker D .m/ for some integer
m 0. If m D 0, then is an injection, and im Š Z. If m ¤ 0, the First
Isomorphism Theorem gives Zm D Z=.m/ Š im k. Since k is a field,
im is a domain, and so m is prime (Exercise 5.3 on page 195). Writing p
instead of m, we have im Š Zp D Fp .
Corollary 7.16. Every field k contains a subfield isomorphic to either Q or Fp .
i i
“book2” — 2013/5/24 — 8:18 — page 288 — #308
i i
Proof. Proposition 7.15 shows that k contains a subring isomorphic to Z or

to Fp for some prime p. If the subring is Z, then, because the field k contains
multiplicative inverses for all of its non-zero elements, it contains an isomor-
phic copy of Q D Frac.Z/. More precisely, Exercise 5.38(ii) on page 212 says
that a field containg an isomorphic copy of Z as a subring must contain an
isomorphic copy of Q.
By Exercise 7.28(i) on page 293, k can’t contain an isomorphic copy of
both Q and Fp ; by Exercise 7.28(ii) on page 293, k can’t contain copies of Fp
and Fq for distinct primes p and q.
Definition. A field has characteristic 0 if ker D .0/; it has characteristic p

if ker D .p/ for some prime p.
This distinction is the first step in classifying different types of fields.

The fields Q, R, C, and C.x/ have characteristic 0, as do any of their sub-
fields. Every finite field has characteristic p for some prime p (after all, if
ker D .0/, then im Š Z is infinite); Fp .x/, the field of all rational func-
tions over Fp , is an infinite field of characteristic p.
Proposition 7.17. Let k be a field of characteristic p > 0.

(i) pa D 0 for all a 2 k.
Exercise 5.36 on page 212 (ii) If q D p n , then .a C b/q D aq C b q for all a; b 2 k.
proves a congruence
version of (ii) for a; b 2 Z.
(iii) If k is finite, then 'W k ! k, given by
'W a 7! ap ;
is an isomorphism.
Proof. (i) Since k has characteristic p, we have ker./ D .p/; that is, .p/ D
p1 D 0 (we have reverted to our usual notation, so that 1 denotes the mul-
tiplicative identity). But the hybrid product pa can be viewed as a product
of two ring elements: pa D .p1/a D 0a D 0.

(ii) Expand .a C b/p by the Binomial Theorem, and note that p j pj for
all 1 j p 1. By (i), all the inside terms vanish. The argument is
completed by induction on n 1.
(iii) It is obvious that '.1/ D 1 and
'.ab/ D .ab/p D ap b p D '.a/'.b/:
By (ii), '.a C b/ D '.a/ C '.b/. Therefore, ' is a homomorphism. Since

ker ' is a proper ideal in k (for 1 … ker '), we have ker ' D .0/, because k
is a field, and so ' is an injection. Finally, since k is finite, the Pigeonhole
Principle applies, and ' is an isomorphism.
We have seen finite fields Fp with p elements, for every prime p, and in
Exercise 4.55 on page 165, we saw a field F4 with exactly four elements. The
next result shows that the number of elements in a finite field must be a prime
power; there is no field having exactly 15 elements. Theorem 7.38 will show,
for every prime p and every integer n 1, that there exists a field having
exactly p n elements.
i i
“book2” — 2013/5/24 — 8:18 — page 289 — #309
i i
Example A.20(iv) in the Appendices shows that if a commutative ring R

contains a subring k that is a field, then R is a vector space over k: vectors are
elements r 2 R, while scalar multiplication by a 2 k is the given multiplica-
tion ar of elements in R. The vector space axioms are just some of the axioms
in the definition of commutative ring.
Proposition 7.18. If K is a finite field, then jKj D p n for some prime p and
some n 1.
Proof. The prime field of K is isomorphic to Fp for some prime p, by Propo- If K is a vector space
sition 7.15. As we remarked, K is a vector space over Fp ; as K is finite, it is over k, its dimension is
denoted by dimk .K/ or,
obviously finite-dimensional. If dimFp .K/ D n, then jKj D p n , by Corol-
more briefly, by dim.K/.
lary A.34 in the Appendix.
Extension Fields
The Fundamental Theorem of Algebra states that every nonconstant polyno-
mial in CŒx is a product of linear polynomials in CŒx; that is, C contains all
the roots of every polynomial in CŒx. Using ideas similar to those allowing us
to view C as a quotient ring, we’ll prove Kronecker’s Theorem, a local ana-
log of the Fundamental Theorem of Algebra for polynomials over an arbitrary
field k: given f .x/ 2 kŒx, there is some field E containing k as a subfield that
also contains all the roots of f . (We call this a local analog, for even though
the larger field E contains all the roots of the polynomial f , it may not contain
roots of some other polynomials in kŒx.) In fact, we’ll see how to construct
such an E making basic use of quotient rings of the form kŒx=I , where k is a
field. Theorem 4.43 says that
Zm is a field if and only
if m is a prime in Z;
Proposition 7.19. If k is a field and I D .f /, where f .x/ 2 kŒx is noncon-
Proposition 7.19 is the
stant, then the following are equivalentW analog for kŒx.
(i) f is irreducible
(ii) kŒx=I is a field
(iii) kŒx=I is a domain.
Proof. (i) ) (ii) Since kŒx is a PID, this follows at once from Proposi-
tion 7.13.
(ii) ) (iii) Every field is a domain.
(iii) ) (i) Assume that kŒx=I is a domain. If f is not irreducible, then
there are g.x/; h.x/ 2 kŒx with f D gh, where deg.g/ < deg.f / and
deg.h/ < deg.f /. Recall that the zero in kŒx=I is 0 C I D I . Thus, if
gCI D I , then g 2 I D .f / and f j g, contradicting deg.g/ < deg.f /.
Similarly, hC I ¤ I . However, the product .g C I /.hC I / D f C I D I
is zero in the quotient ring, which contradicts kŒx=I being a domain.
Therefore, f is irreducible.
The structure of general quotient rings R=I can be complicated, but for This section will be using
special choices of R and I , the commutative ring R=I can be easily described. various facts about dimen-
For example, when k is a field and p.x/ 2 kŒx is an irreducible polynomial, sion, and you may wish
to look in Appendix A.3 to
the following proposition gives a complete description of the field R=I D refresh your memory.
kŒx=.p/, and it shows how to build a field K in which p.x/ has a root.
i i
“book2” — 2013/5/24 — 8:18 — page 290 — #310
i i
Proposition 7.20. Let k be a field and K D kŒx=.p/, where p.x/ 2 kŒx is a

monic irreducible polynomial of degree d and I D .p/:
(i) K is a field, and
k 0 D fa C I W a 2 kg
is a subfield of K isomorphic to k. If k 0 is identified with k via a 7! a C I ,

then k is a subfield of K.
If we view k as a subfield (ii) z D x C I is a root of p in K.
of K, then it makes sense
(iii) If g.x/ 2 kŒx and z is a root of g in K, then p j g in kŒx.
to speak of a root of p in
K. (iv) p is the unique monic irreducible polynomial in kŒx having z as a root.
(v) K is a vector space over k, the list 1; z; z 2; : : : ; z d 1 is a basis, and
dimk .K/ D d:
Proof. (i) Since p is irreducible, Proposition 7.19 says that the quotient ring
K D kŒx=I is a field, while Corollary 5.32 on page 220 says that the
natural map a 7! a C I restricts to an isomorphism k ! k 0 .
(ii) Let p.x/ D a0 C a1 x C C ad 1 x d 1 C x d , where ai 2 k for all i .
0
In
P light of thej identification of k and k in (i), we may view p.x/ as
.a
j j C I /x . Hence, since z D x C I ,
p.z/ D .a0 C I / C .a1 C I /z C C .1 C I /z d

D .a0 C I / C .a1 C I /.x C I / C C .1 C I /.x C I /d
D .a0 C I / C .a1 x C I / C C .x d C I /
D a0 C a1 x C C x d C I
D p C I D I;
because I D .p/. But I D 0 C I is the zero element of K D kŒx=I ;

thus, p.z/ D 0 and z is a root of p.
(iii) If p − g in kŒx, then gcd.g; p/ D 1 because p is irreducible. Therefore,
there are s; t 2 kŒx with 1 D sp.x/C tg.x/. Since kŒx KŒx, we may
regard this as an equation in KŒx. Setting x D z gives the contradiction
1 D 0.
(iv) Let h.x/ 2 kŒx be a monic irreducible polynomial having z as a root. By
part (iii), we have p j h. Since h is irreducible, we have h D cp for some
constant c; since h and p are monic, we have c D 1 and h D p.
(v) Example A.20 in the Appendices shows that K is a vector space over k.
Every element of K has the form f .x/ C I , where f 2 kŒx. By the
Division Algorithm, there are polynomials q; r 2 kŒx with f D qp C r
and either r D 0 or deg.r / < d D deg.p/. Since f r D qp 2 I , it
follows that f CI D r CI . Let r .x/ D b0 Cb1 x C Cbd 1 x d 1 , where
bi 2 k for all i . As in (ii), we see that r CI D b0 Cb1z C Cbd 1 z d 1 .
Therefore, 1; z; z 2; : : : ; z d 1 spans K.
To see that the list is linearly independent, suppose that
d
X1
ci z i D 0 in K D kŒx=.p/I
i D0
i i
“book2” — 2013/5/24 — 8:18 — page 291 — #311
i i
lifting to kŒx, this says that

d
X1
ci x i 0 mod .p/ in kŒx;
i D0
Pd 1 i
so that p j i D0 ci x in kŒx. But deg.p/ D d , so that all ci D 0.
Definition. If K is a field containing k as a subfield, then K is called an exten- This notation should not be
sion field of k, and we write “K= k is an extension field.” An extension field confused with the notation
for a quotient ring, for a
K= k is a finite extension if K is a finite-dimensional vector space over k. The
field K has no interesting
dimension of K, denoted by ideals; in particular, if
ŒK W k; k ¨ K, then k is not an
ideal in K.
is called the degree of K= k.
Corollary 7.21. If k.z/= k is a field extension, where z is a root of an irre-

ducible polynomial p.x/ 2 kŒx, then
Œk.z/ W k D deg.p/:
Proof. This is just a restatement of Proposition 7.20(v).

Corollary 7.21 shows why ŒK W k is called the degree of K= k.
How to Think About It. At first glance, many people see Proposition 7.20
as a cheat: we cook up a field that contains a root of p.x/ by reducing mod p.
The root is thus a coset, not a “number.” But, just as mathematicians gradually
came to see the elements of C as numbers (through their constant use in calcu-
lations), one can develop a feel for arithmetic in kŒx=.p/ in which the cosets
become concrete objects in their own right, as in the next example.
Example 7.22. Suppose that k D Q and
p.x/ D x 3 C x 2 2x 1:
You can check that p is irreducible (it’s a cubic without a rational root (why?),
so it can’t factor). Now
K D QŒx=.x 3 C x 2 2x 1/
is a field, ŒK W Q D 3, and a basis for K over Q is
1 C .p/; x C .p/; x 2 C .p/:
Hence, every element of K can be represented by a quadratic expression
a C bx C cx 2 C .p/;
where a; b; c 2 Q. The expression is unique, because p is a cubic: if two Eventually, we dropped

quadratics f; g 2 QŒx are congruent mod .p/, then either f g D 0 or the bracket notation for
congruence classes,
deg.f g/ < 2; the latter cannot occur, and so f D g. So, let’s drop the
abbreviating Œa to a.
“C.p/” decoration and just represent an element of K by the unique quadratic
i i
“book2” — 2013/5/24 — 8:18 — page 292 — #312
i i
polynomial in its congruence class mod p. Using this convention, the elements
of K are thus named by quadratic polynomials in QŒx.
What about the arithmetic? Just as in C D RŒx=.x 2 C1/, calculations in K
are carried out by calculating in QŒx, dividing by p, and taking the remainder.
Indeed, because x 3 C x 2 2x 1 D 0 in K, we have an equation in K,
x3 D x 2 C 2x C 1:
Hence, to calculate in K, we calculate in QŒx with the additional simplifica-

tion rule that x 3 is replaced by x 2 C 2x C 1. Beginning to sound familiar?
So, for example, here are some calculations in K:
(i) Addition looks just the same as in QŒx because addition doesn’t increase
degree:

a C bx C cx 2 C d C ex C f x 2
D .a C d / C .b C e/x C .c C f /x 2 :
(ii) Multiplication requires a simplification. For example, in K,
.3 C 2x C 4x 2/. 1 C 5x C 7x 2/ D 3 C 53x C 77x 2;
a fact that you can verify (by hand or CAS) by expanding the left-hand
side and reducing mod .p/.
In general, expand

a C bx C cx 2 d C ex C f x 2
as
cf x 4 C .bf C ce/x 3 C .af C be C cd /x 2 C .ae C bd /x C ad;
CAS environments will do and then simplify, replacing occurrences of x 3 by x 2 C 2x C 1:

all of this work for you—just
ask for the remainder when D cf x x 3 C .bf C ce/x 3 C .af C be C cd /x 2 C .ae C bd /x C ad
a product is divided by p.
D cf x x 2 C 2x C 1 C .bf C ce/ x 2 C 2x C 1
C.af C be C cd /x 2 C .ae C bd /x C ad
D etc.
A little practice with such calculations gives you the feeling that you are indeed
working with “numbers” in a system and, if K had any use, you’d soon become
very much at home in it just as our Renaissance predecessors became at home
in C. N
While we’ve constructed a field extension K= k in which p.x/ 2 kŒx has

a root ˛, we have little idea about what that root is, even when k D R and ˛
is a complex number. For example, if p.x/ D x 2 C 1, we can’t tell whether
˛ D i or ˛ D i . Proposition 7.20 doesn’t give you a way to find roots—
You could use Cardano’s it just gives you a way to construct an extension field containing k and in
formula to find expressions which the operations behave as if p.x/ is 0. Playing with these operations
for the roots of p.x/. Why might actually give you some ideas about the three complex numbers that make
not try it?
p.x/ D x 3 C x 2 2x 1 equal to 0 in C; see Example 7.22 above and
Exercises 7.29 and 7.30 below.
i i
“book2” — 2013/5/24 — 8:18 — page 293 — #313
i i
Exercises
7.25 * Prove Lemma 7.14.
˝ ˛
7.26 * If X is a subset of a field k, then X , the subfield generated by X , is the
intersection of all the subfields containing X (by Exercise 4.61(iii) on page 168,
the intersection of any family of subfields of k is itself a subfield of k).
˝ ˛
(i) Prove that X is the smallest ˝ ˛such subfield in the sense that any subfield F
containing X must contain X .
(ii) Define the prime field of a field k to be the intersection of all the subfields
of k. Prove that the prime field of k is the subfield generated by 1.
(iii) Prove that the prime field of a field is isomorphic to either Q or Fp .
7.27 * If k is a field of characteristic p > 0 and a 2 k, prove that
.x C a/p D x p C ap :
Hint: Use Proposition 7.17 and the Binomial Theorem.
7.28 Let R be a commutative ring, and let p; q be distinct primes.

(i) Prove that R cannot have subrings A and B with A Š Q and B Š Fp .
(ii) Prove that R cannot have subrings A and B with A Š Fp and B Š Fq .
(iii) Why doesn’t the existence of R D Fp Fq contradict part (ii)? (Exercise 5.54
on page 221 defines the direct product of rings.)
7.29 * As in Example 7.22, let p.x/ D x 3 C x 2 2x 1 and let K D QŒx=.p/. Let
˛ D x; ˇ D x 2 2; and D x 3 3x D x 2 x C 1:
Calculate in K, writing each result as a C bx C cx 2 :

(i) ˛ C ˇ C
(ii) ˛ˇ C ˛ C ˇ
(iii) ˛ˇ .
7.30 * As in Example 7.22, let p.x/ D x 3 C x 2 2x 1 and let K D QŒx=.p/.
Show that, in K,
p.x 2 2/ D p.x 3 3x/ D 0:
Hence the three roots of p in K are x C .p/, x 2 2 C .p/, and x 3 3x C .p/.
Algebraic Extensions
The first step in classifying fields is by their characteristics. Here is the second
step: we define algebraic extensions.
Definition. Let K= k be an extension field. An element z 2 K is algebraic

over k if there is a nonzero polynomial f .x/ 2 kŒx having z as a root; other-
wise, z is transcendental over k. A field extension K= k is algebraic if every
z 2 K is algebraic over k.
When a real number is called transcendental, it usually means that it is

transcendental over Q. For example, it was proved by Lindemann that is
a transcendental number (see [15], pp. 47–57 or [3], p. 5); there is no nonzero
f .x/ 2 QŒx with f . / D 0.
i i
“book2” — 2013/5/24 — 8:18 — page 294 — #314
i i
Proposition 7.23. If K= k is a finite extension field, then K= k is an algebraic

extension.
Proof. By definition, K= k finite means that K has finite dimension n as a

vector space over k. Suppose that z is an element of K. By Corollary A.39 in
2 n
Appendix A.3, the list of n C 1 vectors 1; z; Pz ; : i: : ; z is linearly dependent:
there are P
c0 ; c1; : : : ; cn 2 k, not all 0, with ci z D 0. Thus, the polynomial
f .x/ D ci x i is not the zero polynomial, and z is a root of f . Therefore, z
is algebraic over k.
The converse of the last proposition is not true; the field A of all complex
numbers algebraic over Q is an algebraic extension of Q that is not a finite
extension. (The fact that A is a field is not obvious, but it is true (see [17],
Chapter 6).)
Definition. If K= k is an extension field and z 2 K, then k.z/, the subfield of

K obtained by adjoining z to k, is the intersection of all those subfields of K
containing k and z.
More generally, if A is a subset of K, define k.A/ to be the intersection of
all the subfields of K containing k [A; we call k.A/ the subfield of K obtained
by adjoining A to k. In particular, if A D fz1 ; : : : ; zn g is a finite subset, then
we may denote k.A/ by k.z1 ; : : : ; zn /.
In Exercise 7.43 on page 308, you’ll show that k.A/ is the smallest subfield
of K containing k and A; that is, if E is any subfield of K containing k and A,
then k.A/ E.
Proposition 7.20 starts with an irreducible polynomial p.x/ 2 kŒx and
constructs an extension K= k in which p has a root. Suppose we start with the
root; that is, suppose that z is algebraic over k. Can we find a polynomial p
so that k.z/ (the smallest extension of k that contains z) can be realized as
kŒx=.p/? Let’s look at an example.
p p
Example 7.24. Suppose that K D R, k D Q, and z D 2 C 3. First of
all, z is algebraic over Q. To see this, proceed as you would in high school
algebra.
p
z 2 D 5 C 2 6;
.z 2 5/2 D 24;
z4 10z 2 C 1 D 0:
Hence, z is a root of h.x/ D x 4 10x 2 C 1, so it is algebraic over Q.

Consider the evaluation homomorphism W QŒx ! R (provided by Theo-
rem 5.19) given by
W f .x/ 7! f .z/:
The First Isomorphism Theorem suggests that we look at im and ker .
im contains Q (because .a/ D a for all a 2 Q) and z (because .x/ D z).
It follows that any subfield of R that contains Q and z contains im . In other
words,
im D Q.z/:
i i
“book2” — 2013/5/24 — 8:18 — page 295 — #315
i i
If I D ker , then the First Isomorphism Theorem gives
QŒx=I Š im :
im is a subring of R, so it is a domain. And I is an ideal in QŒx, so it is
principal, say I D .p/, where p.x/ 2 QŒx.
Furthermore, since QŒx=I is a domain, p is an irreducible polynomial in
QŒx, which we can take to be monic.
Thus, we have an isomorphism:
‰W QŒx=.p/ Š im ;
namely ‰W f .x/ C .p/ 7! f .z/. Since im D Q.z/, we have
QŒx=.p/ Š Q.z/:
There it is: Q.z/ is realized as a quotient of QŒx by an irreducible polynomial.

And, because we started with a specific z, we can do better: we can find p.
We’ll see later, in Example 7.32, that p.x/ D h.x/. N
Example 7.24 contains most of the ideas of the general result.
Theorem 7.25. (i) If K= k is an extension field and z 2 K is algebraic

over k, then there is a unique monic irreducible polynomial p.x/ 2 kŒx
having z as a root. Moreover, if I D .p/, then kŒx=I Š k.z/; indeed,
there exists an isomorphism
‰ W kŒx=I ! k.z/
with ‰.x C I / D z and ‰.c C I / D c for all c 2 k.

(ii) If z 0 2 K is another root of p.x/, then there is an isomorphism
W k.z/ ! k.z 0 /
with .z/ D z 0 and .c/ D c for all c 2 k.
Proof. (i) As in Example 7.24, consider the evaluation homomorphism

W kŒx ! K, given by Theorem 5.19:
W f 7! f .z/:
Now im is the subring of K consisting of all polynomials in z, that is,

all elements of the form f .z/ with f 2 kŒx, while ker is the ideal
in kŒx consisting of all those g.x/ 2 kŒx having z as a root. Since
every ideal in kŒx is a principal ideal, we have ker D .p/ for some
monic polynomial p.x/ 2 kŒx. But the First Isomorphism Theorem says
that kŒx=.p/ Š im , which is a domain, and so p is irreducible, by
Proposition 7.19. The same proposition says that kŒx=.p/ is a field, and
so there is an isomorphism ‰W kŒx=.p/ Š im ; namely ‰W f .x/ C I 7!
.f / D f .z/. Hence, im ‰ is a subfield of K containing k and z. But
every such subfield of K must contain im , so that im ‰ D im D
k.z/. We have proved everything in the statement except the uniqueness
of p; but this follows from Proposition 7.20(iv).
i i
“book2” — 2013/5/24 — 8:18 — page 296 — #316
i i
(ii) By (i), there are isomorphisms ‰W kŒx=I ! k.z/ and ‰ 0 W kŒx=I !

k.z 0 / with ‰.cCI / D c D ‰ 0 .cCI / for all c 2 k; moreover, ‰W xCI 7!
z and ‰ 0 W x C I 7! z 0 . The composite D ‰ 0 ı ‰ 1 is the desired
isomorphism; it satisfies .c/ D c for all c 2 k, and
W f .z/ 7! f .z 0 /;
for all f .x/ 2 kŒx.
The proof of Theorem 7.25(ii) is described by the following diagram.
‰
kŒx=.p/ k.z/
D‰ 0 ı‰ 1
‰0
k.z 0 /
Definition. If K= k is an extension field and z 2 K is algebraic over k, then

the unique monic irreducible polynomial p.x/ 2 kŒx having z as a root is
called the minimal polynomial of z over k, and it is denoted by
p.x/ D irr.z; k/:
The minimal polynomial irr.z; k/ depends on k. For example, irr.i; R/ D

x 2 C 1, while irr.i; C/ D x i .
Example 7.26. We know that i 2 C is algebraic over R, and irr.i; R/ D

x 2 C 1. Now i is another root of x 2 C 1. The isomorphism W C D R.i / !
R. i / D C with .i / D i and .c/ D c for all c 2 R is, of course, complex
conjugation.
The adjunction of one root of irr.i; R/ also adjoins the other root, for the
minimal polynomial
p here is quadratic. But this doesn’t always happen. For
example, z D 3 5 is algebraic over Q with minimal polynomial x 3 5. The-
orem 7.25 tells us that
‰W QŒx=.x 3 5/ ! Q.z/;
p
given by f .x/ C .x 3 5/ 7! f . 3 5/, is an isomorphism. But the roots of
x 3 5 are not all contained in Q.z/; indeed, the other two roots are not real,
while QŒz R; in fact, in CŒx,
x3 5 D .x z/.x !z/.x ! 2 z/;
p
where ! is our old friend 12 1 C i 3 . Theorem 7.25(i) tells us that the
fields
Q.z/; Q.!z/; Q.! 2 z/
are all isomorphic via isomorphisms that fix Q pointwise. One of these is
W Q.z/ ! Q.!z/;
defined as follows: every element of Q.z/ is of the form f .z/ where f .x/ C
.x 3 5/ is a coset in QŒx=.x 3 5/. Then
.f .z// D f .!z/:
i i
“book2” — 2013/5/24 — 8:18 — page 297 — #317
i i
Again, a diagram illustrates the work just done.
‰
QŒx=.x 3 5/ Q.z/
D‰ı‰ 1
‰0
Q.!z/ N
The following formula is quite useful, especially when proving a theorem

by induction on degree. Before reading the proof, you may want to refresh your
memory by looking at Appendix A.3 on linear algebra.
Theorem 7.27. Let k E K be fields, with E= k and K=E finite extension

fields. Then K= k is a finite extension field, and
ŒK W k D ŒK W EŒE W k:
Proof. If A D a1 ; : : : ; an is a basis of E over k and B D b1 ; : : : ; bm is a basis

of K over E, then it suffices to prove that the list X of all ai bj is a basis of K
over k.
To see that X spans K, takePu 2 K. Since B is a basis of K over E, there
are scalars j 2 E with u D Pj j bj . Since A is a basisPof E over k, there
are scalars j i 2 k with j D i j i ai . Therefore, u D ij j i ai bj , and X
spans K over k. (Check that this makes sense in the special case A D a1 ; a2 ; a3
and B D b1 ; b2.)
To prove that
PX is linearly independent over k, assume P that there are scalars
2 k with ij j i ai bj D 0. If we define j D i j i ai , then j 2 E
j i P
and j j bj D 0. Since B is linearly independent over E, it follows that
X
0 D j D j i ai
i
for all j . Since A is linearly independent over k, it follows that j i D 0 for all
j and i , as desired.
There are several classical geometric problems, such as trisecting an arbi-

trary angle with ruler and compass in which Theorem 7.27 plays a critical role
(see Section 7.3).
Example 7.28. We now show how Theorem 7.27, the multiplicativity of de-
gree in a tower of extension fields, can be used to calculate degrees; we also
show, given an extension field E= k, that an explicit basis of E over k can
sometimes be constructed. We urge you to work though this example care-
fully; it will help make the preceding development much more concrete, and
you will see how all these ideas come together.
Let’s return to Exercise 3.56 on page 116 (if you haven’t attempted this
exercise, you should try it now). It involves D cos.2=7/ C i sin.2=7/, a
primitive 7th root of unity; note that the powers of are the vertices of a regular
7-gon in the complex plane. Using Proposition 6.62 and the language we have
since introduced, we can now say that
irr.; Q/ D ˆ7 .x/ D x 6 C x 5 C x 4 C x 3 C x 2 C 1;
i i
“book2” — 2013/5/24 — 8:18 — page 298 — #318
i i
because ˆ7 .x/ is irreducible (Theorem 6.68), and so ŒQ./ W Q D 6. For any

nonnegative integer k, we have
1
k D k D 7 k ;
by Theorem 3.32(ii). We defined ˛, ˇ, and in Exercise 3.56 on page 116 by
˛ D C 6 D 2 cos.2=7/
ˇ D 2 C 5 D 2 cos.4=7/
D 3 C 4 D 2 cos.6=7/;
and we saw that

˛CˇC D 1
˛ˇ C ˛ C ˇ D 2
˛ˇ D 1:
It follows that ˛, ˇ, and are roots of
x3 C x2 2x 1:
Ah, but this is precisely the irreducible p.x/ in Example 7.22. There, you
constructed a field in which p has a root, but you didn’t know what the roots
are. Now you know: they are ˛, ˇ, and , all real numbers, determined by
expressions involving cosines. Furthermore, the construction in Theorem 7.25
gives a field isomorphic to Q.˛/. But Q.˛/ contains all the roots of p; for
example,
2
˛2 D C 6
D 2 C 2 7 C 12
D 2 C 2 C 5
D ˇ C 2;
and, hence,
ˇ D ˛2 2 2 Q.˛/:
3
In the same way, you can expand ˛ to see that
D ˛ 3 C 3˛;
so that is also an element of Q.˛/.

This “tower of fields” is Since ˛ D C 1 , we see that Q.˛/ is a subfield of Q./. And, since
sometimes illustrated with
ŒQ.˛/ W Q D deg p D 3;
a diagram that displays the
degrees:
Theorem 7.27 gives
Q./
ŒQ./ W Q.˛/ŒQ.˛/ W Q D ŒQ./ W Q:
2
Q.˛/ Hence, ŒQ./ W Q.˛/ 3 D 6, and ŒQ./ W Q.˛/ D 2. Therefore, the exten-
sion Q./=Q decomposes into a cubic extension of Q followed by a quadratic
3 extension of Q.˛/. This implies that
Q
deg irr .; Q.˛// D 2I
i i
“book2” — 2013/5/24 — 8:18 — page 299 — #319
i i
that is, is a root of a quadratic polynomial with coefficients in Q.˛/. Finding

this quadratic is deceptively easy. We have
C 6 D ˛ and 6 D 7 D 1:
Thus, is a root of
x2 ˛ x C 1 2 Q.˛/Œx:
There’s another tower, Q E Q./, with E=Q a quadratic extension
and Q./=E a cubic extension (i.e., writing 6 D 2 3 rather than 6 D 3 2).
We constructed ˛; ˇ; by breaking up the roots of ˆ7 into three sums, each
a pair of complex conjugates. Instead, let’s try to break the roots up into two
sums, say ı and , each having three terms, and each sum containing just one
member of every conjugate pair f j ; j D 7 j g; further, we’d like both ı C
and ı rational. A little experimenting (and a CAS) leads to defining them like
this:
ı D C 2 C 4
D 6 C 5 C 3:
Note that C ı D 1, so that 2 Q.ı/. We can now form the tower
Q Q.ı/ Q./:
You can also check that ı D 2, so that and ı are the roots of the quadratic The roots of this polynomial
polynomial in QŒx: are, by the quadratic
p
formula, 21 ˙ 27 . See
2
x C x C 2: Exercise 7.35 on page 300.
Hence, ŒQ.ı/ W Q D 2 and ŒQ./ W Q.ı/ D 3. We now have two ways to

decompose the extension Q./=Q, which we draw in the following diagram:
Q./
2
3
Q.˛/
Q.ı/ 3
Finally, must be a root of a cubic polynomial with coefficients in Q.ı/.

Again, the calculations are deceptively simple:
C 2 C 4 D ı;
2 C 4 C 2 4 D 3 C 5 C 6 D ;
2 4 D 7 D 1;
so that , 2 , and 4 are roots of
x3 ıx 2 C x 1 2 Q.ı/Œx: N
i i
“book2” — 2013/5/24 — 8:18 — page 300 — #320
i i
Exercises
7.31 As usual, let n D cos.2=n/ C i sin.2=n/.
(i) Find the minimal polynomial of n over Q for all n between 1 and 10.
(ii) What is minimal polynomial of p over Q if p is prime?
(iii) What is minimal polynomial of p2 over Q if p is prime?
7.32 If p is a prime, and p D cos.2=p/ C i sin.2=p/, show that

Q.p / W Q D p 1:
p
7.33 Show that x 2 3 is irreducible in Q 2 Œx.
7.34 Let k K E be fields. Prove that if E is a finite extension of k, then E is a
finite extension of K, and K is a finite extension of k.
7.35 Show that
(i) cos.2=7/ C cos.4=7/ C cos.8=7/ D 21 .
2
(ii) sin.2=7/ C sin.4=7/ C sin.8=7/ D 72 .
7.36 Let k F K be a tower of fields, and let z 2 K. Prove that if k.z/=k is finite,
then ŒF .z/ W F Œk.z/ W k. Conclude that ŒF .z/ W F is finite.
Hint: Use Proposition 7.20 to obtain an irreducible polynomial p.x/ 2 kŒx; the
polynomial p may factor in KŒx.
7.37 Let K=k be an extension field. If A K and u 2 k.A/, prove that there are only
finitely many a1 ; : : : ; an 2 A with u 2 k.a1 ; : : : ; an /.
7.38 Let E=k be a field extension. If v 2 E is algebraic over k, prove that v 1 is
algebraic over k.
Splitting Fields
We now prove a result of Kronecker that says that if f .x/ 2 kŒx is not con-
stant, where k is a field, then there is some extension field K= k containing all
the roots of f .
Theorem 7.29 (Kronecker). If k is a field and f .x/ 2 kŒx is nonconstant,

there exists an extension field K= k with f a product of linear polynomials
in KŒx.
Proof. The proof is by induction on deg.f / 1. If deg.f / D 1, then f is

linear and we can take K D k. If deg.f / > 1, write f D pg in kŒx, where
p.x/ is irreducible. Now Proposition 7.20 provides an extension field F= k
containing a root z of p. Hence, p D .x z/h, and so f D pg D .x z/hg
in F Œx. By induction (since deg.hg/ < deg.f /), there is an extension field
K=F (so that K= k is also an extension field) with hg, and hence f , a product
of linear factors in KŒx.
How to Think About It. For the familiar fields Q, R, and C, Kronecker’s
Theorem offers nothing new. The Fundamental Theorem of Algebra says that
every nonconstant f .x/ 2 CŒx has a root in C; it follows, by induction on
the degree of f , that all the roots of f lie in C; that is, f .x/ D a.x z1 /
.x zn /, where a 2 C and zj 2 C for all j . On the other hand, if k D Fp or
i i
“book2” — 2013/5/24 — 8:18 — page 301 — #321
i i
k D C.x/ D Frac.CŒx/, the Fundamental Theorem does not apply. However,

Kronecker’s Theorem does apply to tell us, for any f .x/ 2 kŒx, that there is
always some larger field K containing allpthe roots of f ; for example, there
is an extension field K=C.x/ containing x, and there is an extension field
E=F3 containing the roots of x 2 x 1 2 F3Œx.
A field F is called algebraically closed if every nonconstant polynomial
f .x/ 2 F Œx has a root in F (for example, C is algebraically closed). In
contrast, extension fields K= k constructed in Kronecker’s Theorem (that give
roots of only one polynomial at a time) are usually not algebraically closed.
Every field k does have an algebraic closure: there is an algebraic extension
F= k that is algebraically closed (Kronecker’s Theorem is one ingredient of the
proof; see [25], p. 328).
The extension field K= k in Kronecker’s Theorem need not be unique. In-

deed, if f is a product of linear factors in K, then it is so in any extension of
K. Therefore, let’s consider the “smallest” field in which f is a product of lin-
ear factors. But the lack of uniqueness is not necessarily a consequence of K
being too large, as we shall see in Example 7.33.
Definition. If K= k is an extension field and f .x/ 2 kŒx is nonconstant, then

f splits over K if f .x/ D a.x z1 / .x zn /, where z1 ; : : : ; zn are in K
and a 2 k.
An extension field E= k is called a splitting field of f over k if f splits over
E, but f does not split over any extension field F= k such that k F ¨ E.
Consider f .x/ D x 2 C 1 2 QŒx. The roots of f are ˙i , and so f splits

over C; that is, f .x/ D .x i /.x C i / is a product of linear polynomials in
CŒx. However, C is not a splitting field of f over Q: there are proper subfields
of C containing Q and all the roots of f . For example, Q.i / is such a subfield;
in fact, it is the splitting field of f over Q.
A splitting field of a polynomial g.x/ 2 kŒx depends on k as well as on g.
A splitting field of x 2 C 1 over Q is Q.i /, while a splitting field of x 2 C 1 over
R is R.i / D C.
Corollary 7.30. If k is a field and f .x/ 2 kŒx, then a splitting field of f

over k exists.
Proof. By Kronecker’s Theorem, there is an extension field K= k such that

f splits in KŒx; say f .x/ D a.x z1 / .x zn /. The subfield E D
k.z1 ; : : : ; zn / of K is a splitting field of f over k, because a proper subfield of
E must omit some zi .
Example 7.31. (i) Let f .x/ D x n 1 2 QŒx, and let E=Q be a splitting
field. If D e 2 i=n is a primitive nth root of unity, then Q./ D E is
a splitting field of f , for every nth root of unity is a power of , and
j 2 Q./ for all j .
(ii) There are n distinct nth roots of unity in C, but there may be fewer roots
of unity over fields of characteristic p. For example, let f .x/ D x 3 1 2
Z3 Œx. Since x 3 1 D .x 1/3 , by Exercise 7.27 on page 293, we see
that there is only one cube root of unity here. N
i i
“book2” — 2013/5/24 — 8:18 — page 302 — #322
i i
How to Think About It. When we defined the field k.A/ obtained from a
field k by adjoining a set A, we assumed that A K for some extension field
K= k. But suppose no larger field K is given at the outset. For example, can
the roots of f .x/ D x 2 x 1 2 F3 Œx be adjoined to F3? Yes. In light
of Kronecker’s Theorem, there is some field extension K=F3 containing the
roots of f , say ˛; ˇ; now we do have the larger field, and so F3 .˛; ˇ/ makes
sense; we can adjoin the roots of f to F3 . Such an extension field K may not
be unique, but we shall see that any two of them are isomorphic.
Example 7.32. Let’s return to Example 7.24, where we saw that

p p
z D 2C 3
p p
is a root of h.x/ D x 4 10x 2 C 1, and that Q. 2 C 3/ can be realized
as a quotient QŒx=.p/ for some irreducible monic polynomial p.x/ 2 QŒx
having z as a root.
As promised,
p pwe can now do better: we can show that p D h and that
E D Q 2 C 3 is a splitting field of h.x/ D x 4 10x 2 C 1, as well as a
splitting field of g.x/ D .x 2 2/.x 2 3/.
Because x 4 10x 2 C 1 is a quadratic in x 2, we can p apply the quadratic
Note that x 2 D w, formula to see that if w is any root of h, then w 2 D 5 ˙ 2 6. But the identity
p p 2 p p p p
where w is a root of a C b D aC 2 ab C b gives w D ˙. 2 C 3/. Similarly, 5 2 6 D
w 2 10w C 1; that is, p p 2
p 2 3 , so that h has distinct roots, namely
w D 12 10 ˙ 96 D
p
5 ˙ 2 6. p p p p p p p p
zD 2 C 3; 2 3; 2 3; 2 C 3:
By Theorem 6.52, the only possible rational roots of h are ˙1, and so we have
just proved that all these roots are irrational.
We claim that h is irreducible in QŒx (so, p D h after all). It suffices to
show that h has no quadratic factor q.x/ 2 QŒx (why?). If, on the contrary,
h D qq 0 for two monic quadratic polynomials in QŒx, then the roots of h are
paired up, two for q and two for q 0 . Suppose q.z/ D 0. Then the other root of
q, call it z 0 , is one of
p p p p p p
2 3; 2 3; 2 C 3:
Now, if q.x/ D x 2 Cbx Cc, then b D zCz 0 and c D zz 0 . But you can check,
for each choice of z 0 , that either z C z 0 or zz 0 is irrational. Since q 2 QŒx, this
is a contradiction, and so h is irreducible. p p
We now know that ŒE W Q D 4. Let F D Q. 2; 3/, so that we have a
F tower of fields Q E F . Theorem 7.27 tells us that
ŒF W Q D ŒF W EŒE W Q:
E 2
On the other hand,
p p
p ŒF W Q D ŒF W Q 2 ŒQ 2 W Q:
4 Q. 2/
p p
Now ŒQ 2 W Q D 2, because 2 is a root of the irreducible quadratic
2 p
x 2 2 in QŒx. We claim that ŒF W Q 2 2. The field F arises by ad-
Q p p p p
joining 3 to Q 2 ; either 3 2 Q 2 , in which case the degree is 1,
i i
“book2” — 2013/5/24 — 8:18 — page 303 — #323
i i

p
or x 2 3 is irreducible in Q 2 Œx, in which case the degree is 2 (by Exer-
cise 7.33 on page 300, it is 2). It follows that ŒF W Q 4, and so the equation
ŒF W Q D ŒF W EŒE W Q gives ŒF W E D 1; that is, F D E, so that F not
only arises from Q by adjoining all the roots of h, but it also arises from Q by
adjoining all the roots of g.x/ D .x 2 2/.x 2 3/. N
A splitting field of f .x/ 2 kŒx is a smallest field extension E= k containing

all the roots of f . We say “a” splitting field instead of “the” splitting field
because splitting fields of f over k are not unique. Corollary 7.30 constructed
a splitting field of f .x/ 2 kŒx as a subfield of a field extension K= k, where
f splits in K. But there may be distinct such field extensions K= k.
Example 7.33. Consider f .x/ D x 2 C x C 1 2 F2 Œx. Now f is irreducible

(for it is a quadratic with no roots in F2 ), and f is a product of linear poly-
nomials in K D F2 Œx=.f /, by Proposition 7.20: if z D x C .f / 2 K,
then f .x/ D .x z/2 in KŒx (remember that 1 D 1 here). On the other
hand, in Exercise 4.55 on page 165, we constructed a field K 0 with elements
the four matrices ab aCbb
(where a; b 2 F2 ) and operations matrix addition

and matrix multiplication. You can check that if u D 11 10 , then u 2 K 0 and
f .x/ D .x u/2 in K 0 Œx. N
Our next goal is to show that splitting fields are unique up to isomorphism.
We paraphrase Theorem 7.25(ii).
Let K= k be an extension field, and let z; z 0 2 K be roots of some ir-

reducible p.x/ 2 kŒx. Then there is an isomorphism W k.z/ ! k.z 0 /
with .z/ D z 0 and .c/ D c for all c 2 k.
We need a generalization. Suppose that f .x/ 2 kŒx is a polynomial, not nec-

essarily irreducible, and let E D k.z1 ; : : : ; z t / and E 0 D k.z10 ; : : : ; z 0t / be
splitting fields of f . Is there an isomorphism W E ! E 0 that carries the roots
z1 ; : : : ; z t to the roots z10 ; : : : ; z 0t and that fixes all the elements c 2 k? The
obvious way to proceed is by induction on deg.f / (making use of the fact that
f has an irreducible factor, which will let us use Theorem 7.25). Think about
proving the inductive step. We’ll have an isomorphism 'W k.z1 / ! k.z10 / that
we’ll want to extend to an isomorphism e ' W k.z1 ; z2/ ! k.z10 ; zj0 / for some j ;
that is, e ' W k.z1 /.z2 / ! k.z1 /.zj /. The base fields k.z1 / and k.z10 / are no
0 0
longer equal; they are only isomorphic. The upshot is that we have to compli-
cate the statement of what we are going to prove in order to take account of
this.
First, recall Corollary 5.22:
If R and S are commutative rings and 'W R ! S is a homomorphism,

then there is a unique homomorphism ' W RŒx ! S Œx given by
' W r0 C r1 x C r2 x 2 C 7! '.r0 / C '.r1 /x C '.r2 /x 2 C :
Moreover, ' is an isomorphism if ' is.
As we said, we are forced to complicate our earlier result.
i i
“book2” — 2013/5/24 — 8:18 — page 304 — #324
i i
Lemma 7.34. Let 'W k ! k 0 be an isomorphism of fields and ' W kŒx ! k 0 Œx
the isomorphism of Corollary 5.22; let p.x/ 2 kŒx be irreducible, and let
p 0 D ' .p/.
(i) p 0 is irreducible in k 0 Œx, and the map ˆW kŒx=.p/ ! k 0 Œx=.p 0 /, defined
by ˆW f C .p/ 7! ' .f / C .p 0 /; is an isomorphism of fields.
(ii) Let K= k be a field extension, let z 2 K be algebraic over k, and let
p.x/ D irr.z; k/. If p 0 D ' .p/ 2 k 0 Œx and z 0 is a root of p 0 in some
extension of k 0 , then ' can be extended to an isomorphism k.z/ ! k 0 .z 0 /
that maps z to z 0 .
Proof. (i) This is straightforward, for ' carries the ideal .p/ in kŒx onto the
ideal .p 0 / in k 0 Œx, and Exercise 7.8 on page 285 applies. Exercise 7.44
on page 308 asks you to give the details.
(ii) By (i), there are isomorphisms
0
W kŒx=.p/ ! k.z/ and W k 0 Œx=.p 0 / ! k 0 .z 0 /:
By Lemma 7.34, there is an isomorphism
ˆ W kŒx=.p/ ! k 0 .x/=.p 0 /;
0 1
and the composite ıˆı is the desired isomorphism.
Here is a picture of the Lemma’s proof.
kŒx=.p/ k.z/
ˆ 0 ıˆı 1
0
k 0 Œx=.p 0/ k 0 .z 0 /
We now give the version we need.
Theorem 7.35. Let 'W k ! k 0 be an isomorphism of fields and ' W kŒx !

k 0 Œx the isomorphism kŒx=.p/ ! k 0 Œx=.p 0 / in Lemma 7.34. Let f .x/ 2
kŒx and f .x/ D ' .f / 2 k 0 Œx. If E is a splitting field of f over k and
E 0 is a splitting field of f over k 0 , then there is an isomorphism ˆW E ! E 0
extending '.
Proof. The proof is by induction on d D ŒE W k. If d D 1, then f is a product

of linear polynomials in kŒx, and it follows easily that f is also a product of
linear polynomials in k 0 Œx. Therefore, E 0 D k 0 , and we may set ˆ D '.
For the inductive step, choose a root z of f in E that is not in k, and let
p.x/ D irr.z; k/ be the minimal polynomial of z over k. Now deg.p/ > 1,
because z … k; moreover, Œk.z/ W k D deg.p/, by Proposition 7.20. Let z 0 be
a root of p in E 0 , so that p D irr.z 0 ; k 0 /.
By Lemma 7.34(ii), there is an isomorphism e ' W k.z/ ! k 0 .z 0 / extending '
0
with e' .z/ D z . We may regard f as a polynomial with coefficients in k.z/,
for k k.z/ implies kŒx k.z/Œx. We claim that E is a splitting field of f
over k.z/; that is,
E D k.z/.z1 ; : : : ; zn /;
i i
“book2” — 2013/5/24 — 8:18 — page 305 — #325
i i
where z1 ; : : : ; zn are the roots of f .x/=.x z/. After all,
E D k.z; z1 ; : : : ; zn / D k.z/.z1 ; : : : ; zn /:
Similarly, E 0 is a splitting field of f over k 0 .z 0 /. But ŒE W k.z/ < ŒE W k, by

Theorem 7.27, so the inductive hypothesis gives an isomorphism ˆW E ! E 0
that extends e
' and, hence, '.
Corollary 7.36. If k is a field and f .x/ 2 kŒx, then any two splitting fields
of f over k are isomorphic via an isomorphism that fixes k pointwise.
Proof. Let E and E 0 be splitting fields of f .x/ over k. If ' is the identity, then
Theorem 7.35 applies at once.
Classification of Finite Fields

We know, thanks to Proposition 7.18, that every finite field has p n elements for
some prime p and integer n 1. We also know that a field k with p n elements
must have characteristic p, so that pa D 0 for all a 2 k, by Proposition 7.17.
In this section, we show that fields with exactly p n elements exist, and that any
two having the same number of elements are isomorphic.
First, we show that every nonzero element a in a finite field with q elements
is a .q 1/st root of unity (of course, a is not a complex root of unity). We
have seen the idea of the next proof in the proof of Theorem 4.63.
Lemma 7.37. Let k be a finite field having q elements. If a 2 k is nonzero,

then aq 1 D 1.
Proof. Let k # D fa1 ; a2 ; : : : ; aq 1 g be the nonzero elements of k. We claim,

for any a 2 k # , that the function a W ai 7! aai takes values in k # : since k is a
field, it is a domain, and so aai ¤ 0. We now claim a W k # ! k # is injective:
if aai D aaj , then the cancellation law gives ai D aj . Finally, since k # is
finite, the Pigeonhole Principle shows that a is a bijection. It follows that
aa1 ; aa2 ; : : : ; aaq 1 is just a rearrangement of a1 ; a2; : : : ; aq 1 . Hence,
a1 a2 aq 1 D .aa1 /.aa2 / .aaq 1/ D aq 1

a1 a2 aq 1:
Now cancel a1 a2 aq 1 to obtain 1 D aq 1

.
We now show, given a prime power q D p n , that there exists a field with
n
p elements. Our guess is that Galois realized that C can be constructed by
adjoining a root of x 2 C 1 to R, so that it was natural for him (but not for
any of his contemporaries!) to adjoin a root of a polynomial to Fp . However,
Kronecker’s Theorem was not proved until a half century after Galois’s death.
Theorem 7.38 (Galois). If p is prime and n is a positive integer, then there

exists a field having exactly p n elements.
Proof. Write q D p n . In light of Lemma 7.37, it is natural to consider roots of

the polynomial
g.x/ D x q x 2 Fp Œx:
i i
“book2” — 2013/5/24 — 8:18 — page 306 — #326
i i
By Kronecker’s Theorem, there is a field extension K=Fp with g a product of

linear factors in KŒx. Define
E D fz 2 K W g.z/ D 0gI
that is, E is the set of all the roots of g. We claim that all the roots of g are
distinct. Since the derivative g0 .x/ D qx q 1 1 D p n x q 1 1 D 1 (by
Proposition 7.17), we have gcd.g; g0 / D 1. By Exercise 6.40 on page 263, all
the roots of g are, indeed, distinct; that is, E has exactly q D p n elements.
The theorem will follow if E is a subfield of K. Of course, 1 2 E. If a,
b 2 E, then aq D a and b q D b. Hence, .ab/q D aq b q D ab, and ab 2 E.
By Proposition 7.17, .a C b/q D aq C b q D a C b, so that a C b 2 E.
Therefore, E is a subring of K. Finally, if a ¤ 0, then Lemma 7.37 says that
aq 1 D 1, and so the inverse of a is aq 2 (which lies in E because E is closed
under multiplication).
Proposition 7.39. If k is a finite field having q D p n elements, then every

a 2 k is a root of x q x.
Proof. This follows directly from Lemma 7.37.
It is remarkable that the next theorem was not proved until the 1890s, 60
E. H. Moore was an years after Galois discovered finite fields.
algebraist who later did
research in geometry and
Corollary 7.40 (Moore). Any two finite fields having exactly p n elements are
foundations of analysis.
isomorphic.
Proof. By Proposition 7.39, every element of E is a root of g.x/ D x q x2

Fp Œx, and so E is a splitting field of g over Fp .
Finite fields are often called Galois fields in honor of their discoverer. In
light of Corollary 7.40, we may speak of the field with q elements, where
q D p n is a power of a prime p, and we denote it by
Fq :
The next example displays different finite fields with the same number of
elements; by Moore’s Theorem, they are isomorphic.
Example 7.41. (i) In Exercise 4.55 on page 165, we constructed the field F4
with four elements:
˚ b
F4 D ab aCb W a; b 2 F2 :
On the other hand, since f .x/ D x 2 C x C 1 2 F2Œx is irreducible, the

quotient K D F2 Œx=.f / is a field. By Proposition 7.20, F consists of all
a C bz, where z D x C .f / is a root of f and a; b 2 F2. Hence K also
is a field with four elements.
(ii) According to the table in Example 6.57, there are three monic irreducible
quadratics in F3 Œx, namely
p.x/ D x 2 C 1; q.x/ D x 2 C x 1; and r .x/ D x 2 x 1I
i i
“book2” — 2013/5/24 — 8:18 — page 307 — #327
i i
each gives rise to a field with 9 D 32 elements, namely quotient rings of

F3 Œx. Let us look at the first two in more detail. Proposition 7.20 says
that E D F3 Œx=.p/ is given by
E D fa C bz W where z 2 C 1 D 0g:
Similarly, if F D F3 Œx=.q/, then
F D fa C bu W where u2 C u 1 D 0g:
Without Moore’s Theorem, it is not instantly obvious that the two fields
are isomorphic. You can check that the map 'W E ! F (found by trial
and error), defined by '.a C bz/ D a C b.1 u/, is an isomorphism.
Now F3 Œx=.x 2 x 1/ is another field with nine elements; Exer-
cise 7.46 asks for an explicit isomorphism with E.
(iii) In Example 6.57, we exhibited eight monic irreducible cubics p.x/ 2
F3 Œx; each gives rise to a field F3 Œx=.p/ having 27 D 33 elements, and
Moore’s Theorem says that they are all isomorphic to one another. N
The following result is known.
Theorem 7.42 (Primitive Element). Let K= k be a finite field extensionI that

is, ŒK W k < 1. If either k has characteristic 0 or K is a finite field, then there
exists ˛ 2 K such that K D k.˛/.
Proof. [26], p. 301.
Actually, more is known when K is finite: it can be shown that every nonzero
element of K is a power of ˛ (not merely a linear combination of powers of ˛).
Corollary 7.43. For every integer n 1, there exists an irreducible polyno-

mial in Fp Œx of degree n.
Proof. Let h.x/ D irr.˛; Fp / be the minimal polynomial of ˛. Since h is ir-

reducible, Corollary 7.21 gives dimk .K/ D deg.h/. But if jKj D p n , then
dimk .K/ D n. Therefore, since there exists a finite field with exactly p n ele-
ments, there exists an irreducible polynomial of degree n.
Exercises
7.39 Let f .x/; g.x/ 2 kŒx be monic polynomials, where k is a field. If g is irreducible
and every root of f (in an appropriate splitting field) is also a root of g, prove that
f D gm for some integer m 1.
Hint: Use induction on deg.h/.
7.40 Determine whether any of the following pairs of fields are isomorphic.
(i) Q.i / and Q. 21 .1 C i //
p
(ii) Q.i / and Q. 3/
p p
(iii) Q. 2/ and Q. 3/
p p
(iv) Q. 2/ and Q. 6/
i i
“book2” — 2013/5/24 — 8:18 — page 308 — #328
i i
7.41 Let f .x/ D s0 C s1 x C C sn 1 x n 1 C x n 2 kŒx, where k is a field, and

suppose that f .x/ D .x z1 /.x z2 / .x zn /, where the zi lie in some splitting
field. Prove that sn 1 D .z1 C z2 C C zn / and s0 D . 1/n z1 z2 zn .
Conclude that the sum and product of all the roots of f lie in k.
7.42 (i) Show that ŒQ.cos.2=7// W Q D 3.
(ii) Find the minimal polynomial for cos 2
7 over Q.
(iii) Find all the roots of this polynomial.
Hint: See Exercise 3.56 on page 116.
7.43 Suppose that K=k is an extension field and if A K. Show that k.A/ is the
smallest subfield of K containing k and A; that is, if E is any subfield of K
containing k and A, then k.A/ E.
7.44 Prove Lemma 7.34.
7.45 Usinghthe setupifrom Example 7.41(i), show that the map ' W F4 ! K, defined
by ' ab aCb b D a C bz, is an isomorphism.
7.46 Using the setup from Example 7.41(ii), show that
F3 =.x 2 C 1/ Š F3 Œx=.x 2 x 1/
without using Corollary 7.40.

7.47 Prove that F3 Œx=.x 3 x 2 C 1/ Š F3 Œx=.x 3 x 2 C x C 1/ without using
Corollary 7.40.
7.48 Write addition and multiplication tables for the field F8 with eight elements using
an irreducible cubic over F2 .
7.49 (i) Is F4 isomorphic to a subfield of F8 ?
(ii) For a prime p, prove that if Fpn is isomorphic to a subfield of Fpm , then n j m
(the converse is also true).
Hint: View Fpm as a vector space over Fpn .
7.3 Connections:
Ruler–Compass Constructions
There are myths in several ancient civilizations in which the gods demand
precise solutions of mathematical problems in return for granting relief from
catastrophes. We quote from van der Waerden [35].
In the dialogue Platonikos of Eratosthenes, a story was told about the

problem of doubling the cube. According to this story, as Theon of
Smyrna recounts it in his book Exposition of mathematical things use-
ful for the reading of Plato, the Delians asked for an oracle in order to
be liberated from a plague. The god (Apollo) answered through the ora-
cle that they had to construct an altar twice as large as the existing one
without changing its shape. The Delians sent a delegation to Plato, who
referred them to the mathematicians Eudoxus and Helikon of Kyzikos.
p
The altar was cubical in shape, and so the problem involves constructing 3 2
(the volume of a cube with edges of length ` is p `3 ). The gods were cruel,
for although there is a geometric construction of 2 (it is the length of the
i i
“book2” — 2013/5/24 — 8:18 — page 309 — #329
i i
7.3 Connections: Ruler–Compass Constructions 309
diagonal of a square with p sides of length 1), we are going to prove that it is
3
impossible to construct 2 by the methods of Euclidean geometry — that is,
by using only ruler and compass. (Actually, the gods were not so p cruel, for
the Greeks did use other methods. Thus, Menaechmus constructed 3 2 as the
intersection of the parabolas y 2 D 2x and x 2 D y; this is elementary for
us, but it was an ingenious feat when there was no analytic geometry and no
algebra. There was also a solution found by Nicomedes.)
There are several other geometric problems handed down from the Greeks.
Can one trisect every angle? Can one construct a regular n-gon? More pre-
cisely, can one inscribe a regular n-gon in the unit circle? Can one “square the
circle;” that is, can one construct a square whose area is equal to the area of
a given circle? Since the diskp with radius 1 has area , can one construct a
square with sides of length ?
If we are not careful, some of these problems appear ridiculously easy. For
example, a 60ı angle can be trisected using a protractor: just find 20ı and draw
the angle. Thus, it is essential to state the problems carefully and to agree on
certain ground rules. The Greek problems specify that only two tools, ruler
and compass, are allowed, and each must be used in only one way. The goal
of this section is to determine exactly what can be constructed using the two
“Euclidean tools.” The answer will involve some surprising applications of
ideas from this chapter.
How to Think About It. In many geometry classes, constructions are now
taught using dynamic geometry software. These environments can be used in
the same way that one uses physical rulers and compasses; the principles are
the same, and what’s possible in them is what’s possible with pencil and paper.
This brings up an important point. Constructions made in dynamic geometry
environments are likely to be more accurate than those carried out with pencil
and paper, but
p the goal here is not approximation—we are not contentp with
3 3
constructing 2 correct
p to 100 decimal places; the goal is to find 2 exactly,
just as we can find 2 exactly as the length of the diagonal of the unit square.
We now seek to determine just what constructions are possible, and so we must
use precise definitions.
In many high school texts,

Notation. Let P and Q be points in the plane; we denote the line segment with L.P; Q/ is written as
endpoints P and Q by PQ, and we denote its length by PQ. If P and Q are !
PQ. Of course, we can’t
points, we’ll let L.P; Q/ denote the line through P and Q, and C.P; Q/ the physically draw the infinite
circle with center P and radius PQ. We’ll also denote the circle with center P line L.P; Q/, but PQ has
endpoints and L.P; Q/
and radius r (for a positive number r ) by C.P; r /.
does not.
The formal discussion begins with defining the tools by saying exactly what
each is allowed to do.
Definition. A ruler is a tool that can be used to draw the line L.P; Q/ deter-
mined by points P and Q.
A compass is a tool that can be used to draw circles; given two points P
and Q, it can draw C.P; Q/ and C.Q; P /.
What we are calling a ruler, others call a straightedge. For them, a ruler
can be used not only to draw lines but to measure distances as well.
i i
“book2” — 2013/5/24 — 8:18 — page 310 — #330
i i
How to Think About It. Just to show you how fussy we are, let us point
out a subtlety about what a compass cannot do. Suppose we are given three
points: P , Q, and R. We are allowed to draw the circle C.P; Q/ with center P
and radius r D PQ. But we are not allowed to draw the circle C.R; r / with
center R and radius r . Reason: a compass is allowed to draw a circle only
if two points are given at the outset; but the circle C.R; r / cannot be drawn
(using the compass as in the definition) because only one point, namely R, is
given at the outset. Our compass is called a collapsible compass as compared
to the more versatile compass that’s allowed to draw C.R; r /. We mention this
now only because the proof of Theorem 7.48(ii) may appear more complicated
than necessary (we’ll say something more there).
Constructions with ruler and compass are carried out in the plane. Since ev-
ery construction has only a finite number of steps, we shall be able to define
constructible points inductively. Once this precise definition is given, we will
be able to show that it is impossible to double the cube or to trisect arbitrary
angles using only a ruler and compass. Angles such as 90ı and 45ı can be
About 425 BCE , Hippias trisected using a ruler and compass (for we can construct a 30ı angle, which
of Elis was able to square can then be bisected), but we shall see that a 60ı angle is impossible to tri-
the circle by drawing a
sect. When we say impossible, we mean what we say; we do not mean that it is
certain curve as well as
lines and circles. We shall merely very difficult. You should ponder how anything can be proved to be im-
see that this construction is possible. This is an important idea, and we recommend letting students spend
impossible using only ruler an evening trying to trisect a 60ı angle by themselves as one step in teaching
and compass. them the difference between hard and impossible.
Given the plane, we establish a coordinate system by first choosing two dis-
tinct points, A and A0 ; call the line they determine the x-axis. Use a compass
to draw the two circles C.A; A0 / and C.A0 ; A/ of radius AA0 with centers A
and A0 , respectively (see Figure 7.1). These two circles intersect in two points
P1 and P2 ; the line L.P1 ; P2 / they determine is called the y-axis; it is the
perpendicular-bisector of AA0 , and it intersects the x-axis in a point O, called
the origin. We define the distance OA to be 1. We have introduced coordi-
nates into the plane; of course, O D .0; 0/, A D .1; 0/, and A0 D . 1; 0/.
Consider the point P1 in Figure 7.1. Now OAP1 is a right triangle with legs
OA and OP1 . The hypotenuse AP1 has length 2 D AA0 (for this is the radius p
of C.A; A0 /). Since OAp D 1, the Pythagorean Theorem gives P1 D .0; 3/.
Similarly, P2 D .0; 3/.
Informally, we construct a new point Q from old points E; F; G, and H by
using the first pair E ¤ F to draw a line or circle, the second pair G ¤ H to
draw a line or circle, and then obtaining Q as one of the points of intersection
P1
A¢ A
O
P2
Figure 7.1. The first constructible points.
i i
“book2” — 2013/5/24 — 8:18 — page 311 — #331
i i
of the two lines, of the line and the circle, or of the two circles. More generally,
a point is called constructible if it is obtained from A and A0 by a finite number
of such steps.
Given a pair of constructible points, we do not assert that every point on the
line or the circle they determine is constructible. For example, we can draw the
x-axis L.A0 ; A/, but, as we’ll see, not every point on it is constructible.
We now begin the formal discussion. Our goal is Theorem 7.52 which gives
an algebraic characterization of constructibility. Recall, given distinct points
P and Q in the plane, that L.P; Q/ is the line they determine and C.P; Q/ is
the circle with center P and radius PQ.
Definition. Let E ¤ F and G ¤ H be points in the plane. A point Q is

constructible from E; F; G, and H if either
(i) Q 2 L.E; F / \ L.G; H /, where L.E; F / ¤ L.G; H /;
(ii) Q 2 L.E; F / \ C.G; H /;
(iii) Q 2 C.E; F / \ C.G; H /, where C.E; F / ¤ C.G; H /.
A point Q is constructible if Q D A, Q D A0 , or there are points P1 ; : : : ; Pn
with Q D Pn such that every point Pj C1 (for 1 j ) is constructible from
points E; F; G; H in fA; A0 ; P1; : : : ; Pj g.
If L.E; F / ¤ L.G; H / and L.E; F / is not parallel to L.G; H /, then

L.E; F / \ L.G; H / is a single point (there are at most two points comprising
any of these intersections).
We illustrate the formal definition of constructibility by showing that every
angle can be bisected with ruler and compass.
Lemma 7.44. (i) The perpendicular-bisector of a given line segment AB

can be drawn.
(ii) If A and B are constructible points, then the midpoint of AB is con-
structible.
(iii) If a point P D .cos ; sin / is constructible, then Q D .cos.=2/; sin.=2//
is constructible.
Proof. (i) The construction is the same as in Figure 7.1. Here, there are two
points of intersection of the circles C.A; B/ and C.B; A/, say P1 and P2 ,
and L.P1 ; P2 / is the perpendicular-bisector of AB.
(ii) The midpoint is the intersection of AB and its perpendicular-bisector.
P = (cos q, sin q)
X
Q
q
O A = (1, 0)
Figure 7.2. Bisecting an angle.
i i
“book2” — 2013/5/24 — 8:18 — page 312 — #332
i i
(iii) The point A D .1; 0/ is constructible. By (i), the perpendicular-bisector

L.O; X/ of the chord PA can be drawn. The point Q lies in the inter-
section of L.O; X/ and the unit circle, and so Q is constructible. (See
Figure 7.2.)
We know that the Parallel Here is the (tricky) constructible version of the Parallel Postulate.
Postulate is not true in
non-Euclidean geometry.
Lemma 7.45. If U; V; P are distinct constructible points with P … L.U; V /,
What hidden hypotheses
of Euclidean geometry then there is a constructible point Q with L.P; Q/ parallel to L.U; V /.
are we using to make this
construction?
Q P
L(U, V )
U B V
Figure 7.3. Parallel postulate.
Proof. The proof refers to Figure 7.3. Choose U so that L.P; U / is not per-
pendicular to L D L.U; V /. Thus, L is not tangent to the circle C.P; U /, and
so C.P; U / meets L in another point, say B (of course, B is constructible).
Let Q 2 C.P; U / \ C.U; P /. Clearly, Q is constructible, and we claim that
L.P; Q/ is parallel to L. Indeed, we claim that the quadrilateral PBUQ is
a rhombus and hence it is a parallelogram. Now PQ is a radius of C.P; U /,
P U is a radius of both C.P; U / and C.B; U /, and BU is a radius of both
C.B; U / and C.U; P /. Hence, PQ D P U D PB, as we want.
In high school geometry, the goal is to construct certain figures with ruler
and compass. We are about to shift the focus, considering instead the notion
of constructible numbers. “Numbers?” Well, analytic geometry equips points
with coordinates, and we have seen how to regard points as complex numbers.
Definition. A complex number z D x C iy is constructible if the point .x; y/

is a constructible point.
Exercise 7.51 on page 326 shows that every element

p
of ZŒi is a con-
1 3
structible number. So is our old friend ! D 2 C i 2 .
How to Think About It. We asked you earlier to contemplate how we could
prove that something is impossible. The basic strategy is an elaborate indirect
proof: assuming a certain point Y is constructible, we will reach a contra-
diction. The first step is essentially analytic geometry: replace points by their
coordinates, as we have just done by defining constructible complex numbers.
The next step involves modern algebra; don’t just consider one constructible
number; consider the set K of all constructible numbers, for the totality of
them may have extra structure that we can exploit. In fact, we will see that K
is a subfield of C. Not only can we translate points to numbers, we can also
i i
“book2” — 2013/5/24 — 8:18 — page 313 — #333
i i
translate the definition of constructibility into algebra. If a point PnC1 is con-

structible from (constructible) points P0 ; P1 ; : : : ; Pn , we shall see that its com-
plex brother PnC1 is algebraic over the subfield F D Q.P0 ; P1 ; : : : ; Pn /.
Given that lines have linear equations and circles have quadratic equations,
it is not surprising that ŒF .PnC1 / W F 2. The ultimate criterion that a point
Y be constructible is essentially that ŒQ.Y / W Q is a power of 2.
It follows, for example, that the classical geometric problem of duplicating p
3
the cube corresponds to the algebraic problem of checking whether ŒQ. 2/ W
Q is a power of 2. Since this degree is 3, the assumption that we can duplicate
the cube leads to the contradiction in arithmetic that 3 D 2k for some integer k.
We continue our discussion of constructibility.
Lemma 7.46. A complex number z D a C i b is constructible if and only if its

real and imaginary parts are constructible.
Q = (0, b) P = ( a, b )
O B = (b, 0) A = (a, 0)
Figure 7.4. Real and imaginary parts.
Proof. If z D a C i b is constructible, then construct lines through P D .a; b/

parallel to each axis (Lemma 7.45). The intersection of the vertical line and
the x-axis is A D .a; 0/, so that A is constructible, and hence a D a C 0i is a
constructible real number. Similarly, the point Q D .0; b/, the intersection of
the horizontal line and the y-axis, is constructible. It follows that B D .b; 0/ is
constructible, for it is an intersection point of the x-axis and C.O; Q/. Hence,
b D b C 0i is a constructible real number.
Conversely, assume that a and b are constructible real numbers; that is,
.a; 0/ and B D .b; 0/ are constructible points. The point Q D .0; b/ is con-
structible, being the intersection of the y-axis and C.O; B/. By Lemma 7.45,
the vertical line through .a; 0/ and the horizontal line through .0; b/ can be
drawn, and .a; b/ is their intersection. Therefore, .a; b/ is a constructible point,
and so z D a C i b is a constructible number.
Definition. Denote the subset of C of all constructible numbers by K.
The next lemma allows us to focus on real constructible numbers.
Lemma 7.47. (i) If K \ R is a subfield of R, then K is a subfield of C.

p
(ii) If K \ R is a subfield of R and if a 2 K whenever a 2 K \ R is
positive, then K is closed under square roots.
Proof. (i) If z D a C i b and w D c C id are constructible, then a; b; c; d 2

K \R, by Lemma 7.46. Hence, a C c; b C d 2 K \R, because K \R is a
i i
“book2” — 2013/5/24 — 8:18 — page 314 — #334
i i
subfield, and so .aCc/Ci.b Cd / 2 K, by Lemma 7.46. Similarly, zw D

.ac bd / C i.ad C bc/ 2 K. If z ¤ 0, then z 1 D .a=zz/ i.b=zz/.
Now a; b 2 K \ R, by Lemma 7.46, so that zz D a2 C b 2 2 K \ R,
because K \ R is a subfield of C. Therefore, z 1 2 K.
(ii) If z D a C i b 2 K, then a; b 2 K \ R, by Lemma 7.46, and so r 2 D
a2 C b 2 2 K \ R, asp in part (i). Since r 2 is nonnegative, the hypothesis
gives r 2 K \ R and r 2 K \ R.
Now z D r .cos C i sin /, so that cos C i sin D r 1z 2 K,
because K is a subfield of C by part (i). By Lemma 7.44, cos 2 C i sin 2
p p
can be constructed, and hence is in K. But z D r cos 2 C i sin 2 2
K, as desired.
Theorem 7.48. The set of all constructible numbers K is a subfield of C that

is closed under square roots and complex conjugation.
Proof. It suffices to prove that the properties of K \ R in Lemma 7.47 hold.

Let a and b be constructible real numbers.
(i) a is constructible.
If P D .a; 0/ is a constructible point, then . a; 0/ is the other inter-
section of the x-axis and C.O; P /.
(ii) a C b is constructible.
I b Q
a b
O P S
Figure 7.5. a C b.
Assume that a and b are positive. Let I D .0; 1/, P D .a; 0/, and
You are tempted to use Q D .b; 1/. Now Q is constructible: it is the intersection of the horizontal
a compass with center I line through I and the vertical line through .b; 0/, both of which can be
and radius b to draw
drawn by Lemma 7.45 (the latter point is constructible, by hypothesis).
C.P; b/. But this is illegal.
Remember: we’re using a The line through Q parallel to IP intersects the x-axis in S D .a C b; 0/,
collapsible compass that as desired.
requires two points given To construct b a, let P D . a; 0/ in Figure 7.5. Thus, a C b and
at the outset; here, only a C b are constructible; by part (i), a b and a b are also con-
one is available, namely P .
structible. Thus, a C b is constructible, no matter whether a and b are
both positive, both negative, or have opposite sign.
(iii) ab is constructible.
By part (i), we may assume that both a and b are positive. In Fig-
ure 7.6, A D .1; 0/, B D .1 C a; 0/, and C D .0; b/. Define D to be the
intersection of the y-axis and the line through B parallel to AC . Since the
triangles OAC and OBD are similar,
OB=OA D OD=OC I
i i
“book2” — 2013/5/24 — 8:18 — page 315 — #335
i i
C
b
1 a
O A B
Figure 7.6. ab.
hence .a C 1/=1 D .b C CD/=b, and CD D ab. Therefore, b C ab

is constructible. Since b is constructible, by part (i), we have ab D
.b C ab/ b constructible, by part (ii).
1
(iv) If a ¤ 0, then a is constructible.
T
1
S
a
1
O A B
Figure 7.7. a 1.
Let A D .1; 0/, S D .0; a/, and T D .0; 1 C a/. Define B as the
intersection of the x-axis and the line through T parallel to AS ; thus,
B D .1 C u; 0/ for some u. Similarity of the triangles OSA and OTB
gives
OT =OS D OB=OA:
Hence, .1 C a/=a D .1 C u/=1, and so u D a 1 . Therefore, 1 C a 1

is
constructible, and so .1 C a 1 / 1 D a 1 is constructible.
p
(v) If a 0, then a is constructible.
a
O A Q P
p
Figure 7.8. a.
Let A D .1; 0/ and P D .1 C a; 0/; construct Q, the midpoint of

OP (if U; V are constructible points, then the midpoint of the segment
U V is its intersection with the perpendicular-bisector, constructed as in
Figure 7.1). Define R as the intersection of the circle C.Q; O/ with the
i i
“book2” — 2013/5/24 — 8:18 — page 316 — #336
i i
vertical line through A. The (right) triangles AOR and ARP are sim-
ilar, so that
OA=AR D AR=AP;
p
and hence AR D a.
(vi) If z D a C i b 2 K; then z D a i b is constructible.
By Lemma 7.47, K is a subfield of C. Now a; b 2 K, by Lemma 7.46,
and i 2 K, as we saw on page 310. It follows that bi 2 K, and so
a i b 2 K.
Corollary 7.49. If a, b, c are constructible, then the roots of the quadratic

ax 2 C bx C c are constructible.
Proof. This follows from Theorem 7.48 and the quadratic formula.
We now consider subfields of C to enable us to prove an inductive step in

the upcoming theorem.
Lemma 7.50. Let F be a subfield of C containing i that is closed under

complex conjugation. Let z D a C i b; w D c C id 2 F , and let P D .a; b/
and Q D .c; d /.
(i) If a C i b 2 F , then a 2 F and b 2 F .
(ii) If the equation of L.P; Q/ is y D mx C q, where m; q 2 R, then
m; q 2 F .
(iii) If the equation of C.P; Q/ is .x a/2 C.y b/2 D r 2 , where a; b; r 2 R,
then r 2 2 F .
Proof. (i) If z D a C i b 2 F , then a D 12 .z C z/ 2 F and i b D 12 .z z/ 2

F ; since we are assuming that i 2 F , we have b D i.i b/ 2 F .
(ii) By (i), the numbers a; b; c; d lie in F . Hence, m D .d b/=.c a/ 2 F
and q D b ma 2 F .
(iii) The circle C.P; Q/ has equation .x a/2 C .y b/2 D r 2, and r 2 2 F
because r 2 D .c a/2 C .d b/2 .
As we said earlier, the next result is intuitively obvious, for the equation of
a line is linear and the equation of a circle is quadratic. However, the coming
proof involves some calculations.
Lemma 7.51. Let F be a subfield of C containing i and which is closed under

complex conjugation. Let P; Q; R; S be points whose coordinates lie in F ,
and let ˛ D u C iv 2 C. If either of the following is true,
˛ 2 L.P; Q/ \ L.R; S /; wher e L.P; Q/ ¤ L.R; S /;

˛ 2 L.P; Q/ \ C.R; S /;
˛ 2 C.P; Q/ \ C.R; S /; wher e C.P; Q/ ¤ C.R; S /;
then ŒF .˛/ W F 2.
i i
“book2” — 2013/5/24 — 8:18 — page 317 — #337
i i
Proof. If L.P; Q/ is not vertical, then Lemma 7.50(ii) says that L.P; Q/ has
equation y D mxCb, where m; b 2 F . If L.P; Q/ is vertical, then its equation
is x D b because P D .a; b/ 2 L.P; Q/, and so b 2 F , by Lemma 7.50(i).
Similarly, L.R; S / has equation y D nx C c or x D c, where m; b; n; c 2 F .
Since these lines are not parallel, one can solve the pair of linear equations for
.u; v/, the coordinates of ˛ 2 L.P; Q/ \ L.R; S /, and they also lie in F . In
this case, therefore, ŒF .˛/ W F D 1. See Exercises 7.52
Let L.P; Q/ have equation y D mx C b or x D b, and let C.R; S / have and 7.53 on page 326.
equation .x c/2 C .y d /2 D r 2 ; by Lemma 7.50, we have m; q; r 2 2 F .
Since ˛ D u C iv 2 L.P; Q/ \ C.R; S /,
r 2 D .u c/2 C .v d /2
D .u c/2 C .mu C q d /2 ;
so that u is a root of a quadratic polynomial with coefficients in F \ R. Hence,

ŒF .u/ W F 2. Since v D mu C q, we have v 2 F .u/, and, since i 2 F , we
have ˛ 2 F .u/. Therefore, ˛ D u C iv 2 F .u/, and so ŒF .˛/ W F 2.
Let C.P; Q/ have equation .x a/2 C .y b/2 D r 2 and let C.R; S / have
equation .x c/2 C .y d /2 D s 2 . By Lemma 7.50, we have r 2 ; s 2 2 F \ R.
Since ˛ 2 C.P; Q/ \ C.R; S /, there are equations
.u a/2 C .v b/2 D r 2 and .u c/2 C .v d /2 D s 2:
After expanding, both equations have the form u2 C v 2 C somethi ng D 0.

Setting the something’s equal gives an equation of the form tu C t 0 v C t 00 D 0,
where t; t 0 ; t 00 2 F . Coupling this with the equation of one of the circles returns
us to the situation of the second paragraph.
Here is the criterion we have been seeking: an algebraic characterization of
a geometric idea; it is an exact translation from geometry into algebra.
Theorem 7.52. A complex number z is constructible if and only if there is a

tower of fields
Q D K0 K1 Kn C;
where z 2 Kn and ŒKj C1 W Kj 2 for all j .
Proof. Let z D a C i b, and let P D .a; b/ be the corresponding point in the

plane. If z is a constructible number, then P is a constructible point, and so
there is a sequence of points A; A0 ; P1; : : : ; Pn D P with each Pj C1 obtain-
able from fA; A0 ; P1 ; : : : ; Pj g; since i is constructible, we may assume that
P1 D .0; 1/. Define
K1 D Q.z1 / and Kj C1 D Kj .zj C1 /;
where zj corresponds to the point Pj and there are points E; F; G; H lying in

fA; A0 ; P1 ; : : : ; Pj g with one of the following:
Pj C1 2 L.E; F / \ L.G; H /;
Pj C1 2 L.E; F / \ C.G; H /;
Pj C1 2 C.E; F / \ C.G; H /:
i i
“book2” — 2013/5/24 — 8:18 — page 318 — #338
i i
We may assume, by induction on j 1, that Kj is closed under complex

conjugation, so that Lemma 7.51 applies to show that ŒKj C1 W Kj 2. Fi-
nally, Kj C1 is also closed under complex conjugation, for if zj C1 is a root of
a quadratic f .x/ 2 Kj Œx, then zj C1 is the other root of f .
Conversely, given a tower of fields as in the statement, then Theorem 7.48
and Lemma 7.50 show that z is constructible.
Corollary 7.53. If a complex number z is constructible, then ŒQ.z/ W Q is a

power of 2.
Proof. This follows from Theorems 7.52 and 7.27: If k E K are fields
with E= k and K=E finite extension fields, then ŒK W k D ŒK W EŒE W k.
The converse of Corollary 7.53 is false; it can be shown that there are non-
constructible numbers z with ŒQ.z/ W Q D 4 (see [27], p. 136).
Corollary 7.54. (i) The real number cos .2=7/ is not constructible.
(ii) The complex 7th root of unity 7 is not constructible.
Proof. (i) We saw in Example 7.28 that ŒQ .cos.2=7// W Q D 3.

(ii) 7 D cos.2=7/ C i sin.2=7/.
We’ll soon have more to say about constructibility of roots of unity.

We can now deal with the Greek problems, two of which were solved by
Wantzel in 1837. The notion of dimension of a vector space was not known
at that time; in place of Theorem 7.52, Wantzel proved that if a number is
constructible, then it is a root of an irreducible polynomial in QŒx of degree
2n for some n.
Nicomedes solved the Theorem 7.55 (Wantzel). It is impossible to duplicate the cube using only
Delian problem of doubling ruler and compass.
the cube using a marked
ruler and compass. p3
Proof. The question is whether z D 2 is constructible. Since x 3 2 is
irreducible, ŒQ.z/ W Q D 3, by Theorem 7.20; but 3 is not a power of 2.
Consider how ingenious this proof is. At the beginning of this section, you
were asked to ponder how we can prove impossibility. As we said when we
outlined this argument, the constructibility of a point was translated into al-
gebra, and the existence of a geometric construction produces an arithmetic
contradiction. This is a spectacular use of the idea of modeling!
A student in one of our classes, imbued with the idea of continual progress
through technology, asked, “Will it ever be possible to duplicate the cube with
ruler and compass?” Impossible here is used in its literal sense.
Theorem 7.56 (Wantzel). It is impossible to trisect a 60ı angle using only

ruler and compass.
Proof. We may assume that one side of the angle is on the x-axis, and so
the question is whether z D cos.20ı / C i sin.20ı / is constructible. If z were
constructible, then Lemma 7.46 would show that cos.20ı / is constructible.
i i
“book2” — 2013/5/24 — 8:18 — page 319 — #339
i i
The triple angle formula on page 110 gives

cos.3˛/ D 4 cos3 ˛ 3 cos ˛:
1
Setting ˛ D 20ı , we have cos 3˛ D 2
,so that z D cos.20ı / is a root of
3 1
4x 3x 2 ; equivalently, cos.20 / is a root of f .x/ D 8x 3 6x 1 2
ı
ZŒx. A cubic is irreducible in QŒx if and only if it has no rational roots. By

Theorem 6.52, the only candidates for rational roots are ˙1, ˙ 12 , ˙ 41 , and
˙ 18 ; since none of these is a root, as one easily checks, it follows that f is
irreducible. (Alternatively, we can prove irreducibility using Theorem 6.55,
for f .x/ D x 3 C x 1 is irreducible in Z7 Œx.) Therefore, 3 D ŒQ.z/ W Q,
by Theorem 7.20(ii), and so z D cos.20ı / is not constructible because 3 is not
a power of 2.
Theorem 7.57 (Lindemann). It is impossible to square the circle with ruler

and compass.
Proof. The problem is whether we can construct a square whose area is ,

the area of thepunit circle; If the side of the square has length z,p
we are asking
whether z D is constructible. Now Q. / is a subfield of Q. /. We have
already mentioned that Lindemann proved that is transcendental (over Q),
so that ŒQ.
p / W Q is infinite. It follows frompCorollary A.41 in Appendix A.3
that ŒQ. p / W Q is also infinite. Thus, ŒQ. / W Q is surely not a power of
2, and so is not constructible.
Other construction tools

If a ruler is allowed not only to draw a line but to measure distance using
marks on it (as most of our rulers are used nowadays), then the added function
makes it a more powerful instrument. Both Nicomedes and Archimedes were
able to trisect arbitrary angles using a marked ruler and a compass; we present
Archimedes’ proof here.
Theorem 7.58 (Archimedes). Every angle can be trisected using a marked

ruler and compass.
Proof. It is easy to construct D 30ı, D 60ı , and D 90ı . The trigonomet-

ric Addition Formula shows that if z D cos ˇ C i sin ˇ and z 0 D cos C i sin
can be found, so can zz 0 D cos.ˇ C / C i sin.ˇ C /. Now if 3ˇ D ˛, then
3.ˇ C 30ı / D ˛ C 90ı , 3.ˇ C 60ı / D ˛ C 180ı, and 3.ˇ C 90ı/ D ˛ C 270ı .
A U V
U
V
U V
E X
O F
Figure 7.9. Sliding ruler.
i i
“book2” — 2013/5/24 — 8:18 — page 320 — #340
i i
Thus, it suffices to trisect an acute angle ˛, for if ˛ D 3ˇ and ˇ can be found,

then so can ˇ C 30ı , ˇ C 60ı , and ˇ C 90ı be found.
Draw the given angle ˛ D †AOE, where the origin O is the center of the
unit circle. Take a ruler on which the distance 1 has been marked; that is, there
are points U and V on the ruler with U V D 1. There is a chord through A
parallel to L.E; F /; place the ruler so that the chord is AU . Since ˛ is acute,
U lies in the first quadrant. Keeping A on the sliding ruler, move the point U
down the circle; the ruler intersects the extended diameter L.E; F / in some
point X with UX > 1. Continue moving U down the circle, keeping A on the
sliding ruler, until the ruler intersects L.E; F / in the point V .
A
d B
e
a g b
E C
O F
Figure 7.10. Trisecting ˛.
We claim that ˇ D †U VO D 13 ˛. Now
˛ D ı C ˇ;
because ˛ is an exterior angle of AOV , and hence it is the sum of the two
opposite internal angles. Since OAU is isosceles .OA and OU are radii),
ı D ", and so
˛ D " C ˇ:
But " D C ˇ D 2ˇ, for it is an exterior angle of the isosceles triangle

U VO; therefore,
˛ D 2ˇ C ˇ D 3ˇ:
In addition to investigating more powerful tools, one can look at what can
be accomplished with fewer tools. It was proved by Mohr in 1672 and, inde-
pendently, by Mascheroni in 1797, that every geometric construction carried
out by ruler and compass can be done without the ruler. There is a short proof
of the theorem given by Hungerbühler in American Mathematical Monthly,
101 (1994), pp. 784–787.
Constructing Regular n-gons

High school geometry students are often asked to construct various regular
polygons. In light of our present discussion, we can phrase such problems more
carefully.
Which regular polygons can be inscribed in the unit circle using only
ruler and compass?
i i
“book2” — 2013/5/24 — 8:18 — page 321 — #341
i i
Because they can construct 90ı and 60ı angles, high school students can con-
struct squares and hexagons (just make right and 60ı central angles), and they
can connect every other vertex of their hexagon to inscribe an equilateral trian-
gle. Also, by using the perpendicular-bisector construction, they can inscribe
a regular polygon with twice as many sides as an already constructed one, so
they can inscribe regular polygons with 3 2n and 4 2n sides for any positive
integer n. Archimedes knew that is the area of the unit circle, and he approx-
imated it by inscribing and circumscribing a regular 96-gon (he began with a
regular hexagon and then doubled the number of sides four times).
This is about as far as most high school programs get, although some treat
polygons with 5 2n sides (using Exercise 3.48 to construct the decagon and We’ll revisit the construc-
then connecting every other vertex). This is also about as far as Greek geome- tion of the pentagon in just
a minute, putting it a more
ters got, although they also were able to show (see Exercise 7.67) that if a
general setting.
regular m-gon and and a regular n-gon are inscribable in a circle (again, with
only ruler and compass), then so is a regular nm-gon; for example, a regular
15-gon can be inscribed. However, it was unknown whether all regular poly-
gons could be so inscribed.
About 2000 years later, around 1796, Gauss—still in his teens—essentially
invented the main results in this section, and he applied them to the problem of
determining whether a regular polygon could be inscribed in a circle with ruler
and compass (he wrote that his main result on this problem led to his decision
to become a mathematician). We’ll develop his methods here.
Theorem 3.28 tells us that the vertices of a regular n-gon inscribed in the
unit circle can be realized in the complex plane as the set of roots to x n 1, Given the development
and that these roots are all powers of so far, you may already
see that the problem
can be translated to the
n D cos.2=n/ C i sin.2=n/:
algebra of constructible
complex numbers, but
So, we can recast our question about inscribability and ask: this was a huge leap
for mathematicians of
For which values of n is n a constructible number? Gauss’s time and certainly
out of reach for Greek
geometers.
Well, we can hit this question with Theorem 7.52:
Corollary 7.59. A regular n-gon can be inscribed in the unit circle with ruler
and compass if and only if there is a tower of fields
Q D K0 K1 Kn C;
where n D e 2 i=n lies in Kn and ŒKj C1 W Kj 2 for all j .
Proof. Indeed, a regular n-gon can be so inscribed if and only if n and, hence,
all its powers, are constructible numbers.
Gauss showed how to construct such a tower when n D 17, and his method
was general in principle, leading to a complete classification of inscribable
regular polygons. Before we state the main result, let’s work through two ex-
amples as Gauss did (all laid out in detail by him in [14], Section VII).
Example 7.60. In Example 3.34 on page 113, we showed how to find explicit
formulas for the vertices of a regular pentagon inscribed in the unit circle.
i i
“book2” — 2013/5/24 — 8:18 — page 322 — #342
i i
Figure 7.11. Unit 5-gon.
Let’s look at this from the perspective of this chapter. Write instead of 5 .
The nonreal roots of x 5 1, namely ; 2 ; 3 ; 4 ; are the roots of the irre-
ducible polynomial
ˆ5 .x/ D x 4 C x 3 C x 2 C x C 1:
It follows that
ŒQ./ W Q D 4;
so Corollary 7.53 tells us that there’s a chance that is constructible. In Ex-
ample 3.34, without using this language, we actually constructed the tower of
quadratic extensions necessary to guarantee that is, in fact, constructible. We
showed that if g D C 4 D 2 cos.2=5/ and h D 2 C 3 D cos.4=5/,
then g and h are roots of the quadratic equation x 2 C x 1, so that
ŒQ. C 4 / W Q D 2:
By Theorem 7.27,
ŒQ./ W Q. C 4 /ŒQ. C 4 / W Q D ŒQ./ W Q D 4;
Q./
so that
2 ŒQ./ W Q. C 4 / D 2;
Q. C 4 / and we have our tower of quadratic extensions:
2 Q Q. C 4 / Q./ N
Q
Gauss’s construction of the 17-gon
Stepping back a bit, we can describe what we did with the pentagon: the non-
real roots are
f; 2 ; 3 ; 4 g
(we are still writing instead of 5 ). There are four roots. The first story of our
tower is Q. C 4 /, generated by the sums of pairs of the roots: C 4 and
2 C 3 . The top story, Q./, is generated by the individual roots themselves.
This is the basic idea behind Gauss’s insight into the 17-gon, but the situa-
tion here is more complicated. Change notation again; now let
D 17 D cos.2=17/ C i sin.2=17/:
i i
“book2” — 2013/5/24 — 8:18 — page 323 — #343
i i
Because the minimal polynomial of over Q is
ˆ.x/ D x 16 C x 15 C C x 2 C x C 1;
˚
we have ŒQ./ W Q D 16. There are sixteen roots of ˆ17 : k W 0 k 15 .
Together with 1, these points on the unit circle are the vertices of our regular
17-gon.
For each factorization 16 D ef , Gauss divided the roots into e sums of We’ll see what method
f D 16=e roots each: e;0 ; e;1; : : : ; e;e 1 , where each e;k is a sum of f Gauss used to partition the
roots into these sums in
roots. For example, he divided the sixteen roots into two sums of eight each,
just a minute.
which we can call 2;0 and 2;1 , as follows:
2;0 D C 9 C 13 C 15 C 16 C 8 C 4 C 2
2;1 D 3 C 10 C 5 C 11 C 14 C 7 C 12 C 6 :
There are also four sums of four each:
4;0 D C 13 C 16 C 4
4;1 D 3 C 5 C 14 C 12
4;2 D 9 C 15 C 8 C 2
4;3 D 10 C 11 C 7 C 6 :
And there are eight sums of two each: Each period of length > 1
is a real number; you can
8;0 D C 16 check that if k occurs in
e;k , so does
8;1 D 3 C 14
8;2 D 9 C 8 17 k
D k
D k;
8;3 D 10 C 7 so that each period is a

13 4 sum of terms of form z C z,
8;4 D C and hence a real number.
8;5 D C 12
5
8;6 D 15 C 2
8;7 D 11 C 6 :
Finally, there are sixteen “sums” of one each, namely

n o
16;k D k j 0 k 15 :
Gauss called each of the e;k a period of length f D 16=e. The plan is
to show that the periods of length eight lie in a quadratic extension K1 of Q,
the periods of length four lie in a quadratic extension K2 of K1 , and so on,
building a tower of quadratic extensions ending with Q./.
The calculations will sometimes be involved so, once again, pull out your If you use a CAS, you can
pencil or computer. perform all of these calcu-
lations in QŒx=.ˆ.x//.
Because ˆ./ D 0, we see that 2;0 C 2;1 D 1.
With a little patience and care (or a CAS), you can check that
2;0 2;1 D 4.2;0 C 2;1 / D 4:
i i
“book2” — 2013/5/24 — 8:18 — page 324 — #344
i i
Hence 2;0 and 2;1 are roots of x 2 C x 4, and so
ŒQ.2;1 / W Q 2:
You can also check that The first step in our tower is Q Q.2;1 /. Note that 2;0 D 4=2;1 , so that
2
2;0 D n;1 (Exercise 7.60 2;1 2 Q.2;0 /. Next, we move up to the periods of length 4. You can check
on page 327). (Exercise 7.61 on page 327) that
4;1 C 4;3 D 2;1

4;1 4;3 D 1:
Hence, 4;1 and 4;3 are roots of x 2 2;1 x 1, and
ŒQ.4;1 / W Q.2;1 / 2:
Q.4;1 /=Q.2;1 / is the second story in our tower.
Q Q.2;1 / Q.4;1 /:
Note that 4;3 D 1=4;1 , so that 4;3 2 Q.4;1 /.

Up one more story—the periods of length eight: you can check (Exer-
cise 7.62 on page 327) that
8;1 C 8;5 D 4;1

8;1 8;5 D 4;2 :
So, 8;1 and 8;5 are roots of x 2 4;1 x C 4;2 . This says that
ŒQ.8;1 / W Q.4;1 ; 4;2 / 2:
Q.17 / But, by Exercise 7.63 on page 327,

2
Q.4;1 ; 4;2 / D Q.4;1 /;
Q.8;1 /
so that
2
ŒQ.8;1 / W Q.4;1 / 2:
Q.4;1 /
Assemble what we have built:
2
Q.2;1 / Q Q.2;1 / Q.4;1 / Q.8;1 / Q./:
2 The degree of each extension is at most 2; since

Q
Q./ D 16;
all the degrees are equal to 2 (Theorem 7.27). Hence, we have constructed a
tower of fields, each quadratic over the one below, starting with Q and ending
with Q./. We have proved that is constructible.
Theorem 7.61. A regular 17-gon can be inscribed in the unit circle with ruler
and compass.
i i
“book2” — 2013/5/24 — 8:18 — page 325 — #345
i i
One detail that remains is to see what method Gauss used to assign different One of the reasons has
powers of to each period; how did Gauss decide which powers of should already been mentioned:
each period should contain
occur in each e;k ? The answer comes from Galois theory (a subject we only
a sum of terms, each
briefly touch on in Chapter 9). He employed an ingenious method using the of form k C k . This
fact that 3 is a primitive element in F17; that is, every nonzero element in F17 ensures that every story in
is a power of 3. our tower except the last
is contained in R, so we
“save the complex step” for
k 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
the end (why is this a good
3k 1 3 9 10 13 5 15 11 16 14 8 7 4 12 2 6 thing?).
Gauss used this special property of 3 to define the periods: if ef D 16, there
are k periods of length f defined by
f
X1 kCje
e;k D 3 :
j D0
So, for example,

4C08 4C18
8;4 D 3 C 3
D 81 C 531441
D 4 C 13 :
Sufficiency of the following theorem, a feat the Greeks would have envied,
was discovered by Gauss around 1796. He claimed necessity as well, but none
of his published papers contains a complete proof of it. The first published
proof of necessity is due to Wantzel, in 1837.
Theorem 7.62 (Gauss-Wantzel). If p is an odd prime, then a regular p-gon

is constructible if and only if p is a Fermat primeI that is, a prime of the form
t
p D 22 C 1 for some t 0. Gauss established suffi-
ciency by generalizing the
Proof. We only prove necessity. The problem is whether z D e 2 i=p is con- construction of the 17-gon,
giving explicit formulas of
structible. Now z is a root of the cyclotomic polynomial ˆp .x/, which is an the e;f for all pairs .e; f /
irreducible polynomial in QŒx of degree p 1, by Corollary 6.68. with ef D p 1 (see [33],
Since z is constructible, p 1 D 2s for some s, so that pp. 200–206).
p D 2s C 1:
We claim that s itself is a power of 2. Otherwise, there is an odd number k > 1

with s D km. Now k odd implies that 1 is a root of x k C 1; in fact, there is
a factorization in ZŒx:
x k C 1 D .x C 1/.x k 1
xk 2
C xk 3
C 1/:
Thus, setting x D 2m gives a forbidden factorization of p in Z:
p D 2s C 1 D .2m /k C 1
D Œ2m C 1Œ.2m /k 1
.2m /k 2
C .2m /k 3
C 1:
The only known Fermat primes are 3, 5, 17, 257, and 65537. It follows from
Theorem 7.62, for example, that it is impossible to construct regular 7-gons,
11-gons, or 13-gons.
i i
“book2” — 2013/5/24 — 8:18 — page 326 — #346
i i
Further results. Fermat conjectured that all numbers of the form Fm D

m
22 C 1 are prime, but Euler factored
F5 D 232 C 1 D 4; 294; 967; 297 D 641 6700417:
We now know that Fm is composite for 5 m 32, but it is unknown whether

F33 is prime. The largest Fm that has been shown to be composite (as of 2011)
is F2543548 , and the latest conjecture is that there are only finitely many Fermat
primes.
The strongest known result is:
Theorem 7.63. A regular n-gon is constructible with ruler and compass if and
only if n D 2k p1 p t , where k 0 and the pi ’s are distinct Fermat primes.
Proof. See [15], page 97.
Exercises
7.50 Explain how to carry out each of the following constructions with ruler and com-
pass. Prove that your method works.
(i) Copy a segment.
(ii) Copy an angle.
(iii) Construct a line parallel to a given one through a given point not on the line.
(iv) Construct a line perpendicular to a given one through a given point either on
or off the line.
7.51 *
(i) Prove that every lattice point .m; n/ in the plane is constructible. Conclude
that every Gaussian integer is constructible.
(ii) Prove that every Eisenstein integer is constructible.
7.52 Suppose that ` and `0 are lines with equations ax C by D c and dx C ey D f ,
and suppose that the coefficients of the equations are all in a field k.
(i) What condition on the coefficients guarantees that ` and `0 intersect in a
unique point?
(ii) If ` and `0 intersect in a unique point P , show that P is point whose coordi-
nates are in k.
7.53 If the quadratic polynomial ax 2 C bx C c has coefficients in a field k, show that
its roots are a quadratic extension of k.
7.54 Given a segment of length a, show how to construct a segment of length a=5.
7.55 Given a segment of length a, show how to construct a segment of length a=n,
where n is any positive integer.
7.56 Show how to construct segments of length
p p
(i) 5 (ii) 3 C 5
p p p p
3C 5
(iii) 3 C 5 (iv) 3
p p
3C 5
(v) p .
3 5
i i
“book2” — 2013/5/24 — 8:18 — page 327 — #347
i i
7.57 Show how to construct the complex numbers

(i) 1 C i
p
2
(ii) 2 .1 C i /
p
2
(iii) 2 .1 C i /
(iv) cos 15ı C i sin 15ı
(v) cos 22:5ı C i sin 22:5ı
(vi) cos 36ı C i sin 36ı.
7.58 Show that the side of a regular decagon inscribed in the unit circle is constructible.
7.59 Show that if the side-length of a regular n-gon inscribed in the unit circle is con-
structible, so is the side-length of a regular 2n-gon inscribed in the unit circle.
7.60 * Using the notation of this section, show that
2;0 2;1 D 4 and 22;0 D n;1 :
4;1 C 4;3 D 2;1 and 4;1 4;3 D 1:
8;1 C 8;5 D 4;1 and 8;1 8;5 D 4;2 :
34;1 64;1 C 3 D 24;2 ;
so that 4;2 2 Q.4;1 /

7.64 Let D 17 and let k be a nonnegative integer. Show that
k C k
D 2 cos.2k=17/:
7.65 Show that 3 is a primitive element for Z5 , and apply this to Example 7.60.
7.66 Find the minimal polynomial over Q of 8;k for all 0 k 7.
7.67 Show that if .m; n/ D 1, and if n and m are constructible, so is mn .
Hint: Use Theorem 7.63.
i i
“book2” — 2013/5/24 — 8:18 — page 328 — #348
i i
i i
“book2” — 2013/5/24 — 8:18 — page 329 — #349
i i
8 Cyclotomic Integers
After proving Corollary 1.8, the special case of Fermat’s Last Theorem for
exponent n D 4, we observed that the full theorem would follow if we could
prove, for every odd prime p, that there are no positive integers a; b; c with
ap C b p D c p . It is natural to factor this expression as in Exercise 3.50(ii) on
page 115: for odd p, we have
.a C b/.a C b/ .a C p 1
b/ D c p ; (8.1)
where D e 2 i=p is a pth root of unity. We didn’t have the language of rings
at the time but, later you showed, in Exercise 4.65 on page 168, that the cyclo-
tomic integers ZŒ is a domain. How could we begin to use this observation?
Recall Exercise 2.14 on page 59: if ab D c n in Z, where n is a positive integer
and a; b are relatively prime, then both a and b are nth powers. If ZŒ behaved
like Z and the factors on the left-hand side of Eq. (8.1) are pairwise relatively
prime, then all the factors a C j b would be pth powers; that is,
a C j b D djp
for some dj 2 ZŒ. For example, consider the case p D 3, so that ZŒ D
ZŒ! is the ring of Eisenstein integers. The factorization is
.a C b/.a C !b/.a C ! 2 b/ D c 3 :
If the factors on the left-hand side are pairwise relatively prime, then each
of them is a cube of an Eisenstein integer. We can even say something if the
factors are not relatively prime: assuming that ZŒ! has unique factorization,
any prime divisor of c must occur three times on the left-hand side (prime now
means a prime in ZŒ!; that is, an element whose only divisors are units and
associates—we will use the term prime here instead of irreducible).
But does the ring of cyclotomic integers behave as Z? To solve Exercise
2.14, we need to use the Fundamental Theorem of Arithmetic: factorization
into primes exists and is essentially unique. It turns out that some rings of cy-
clotomic integers do enjoy unique factorization into primes, but some do not.
Indeed, it is known (see [36], p. 7) that ZŒ23 does not have unique factoriza-
tion.
It’s clear that we need a more thorough investigation of the arithmetic in
rings of cyclotomic integers. In particular, we already know the units in ZŒi
and ZŒ! (Example 6.3); what are the primes?
In Section 8.1, we retrace the by-now-familiar developments in Chapters 1
and 6 to establish division algorithms in ZŒi and ZŒ! (using norm to mea-
sure size). Even though these are the easiest rings of cyclotomic integers, this
329
i i
“book2” — 2013/5/24 — 8:18 — page 330 — #350
i i
330 Chapter 8 Cyclotomic Integers
will give us a clue how to proceed with ZŒ for other roots of unity . There
will be a bonus: we’ll be able to prove Fermat’s Two-Square Theorem that
characterizes all primes in Z which are sums of two squares.
As is our custom (because it is so useful), we’ll generalize from these and
the earlier examples of Z and kŒx, where k is a field, to define a Euclidean
domain—a domain having a generalized division algorithm. We’ll show that
every Euclidean domain is a PID, so that, by Theorem 6.50, Euclidean domains
are UFDs and thus have unique factorization.
In Section 8.2, we’ll see that there are primes in ZŒi and ZŒ! that are not
ordinary integers. On the other hand, some primes in Z remain prime in the
larger rings, while some split into non-unit factors. We’ll then make a complete
analysis of this phenomenon for ZŒi and sketch the analogous theory for ZŒ!.
In Section 8.3, we’ll prove Fermat’s theorem for exponent 3. The fact that
there are no non-trivial integer solutions to x 3 C y 3 D z 3 is attributed to Euler;
we’ll prove the result making basic use of the arithmetic of ZŒ!.
In Section 8.4, we’ll briefly sketch how the proof for exponent 3 gener-
alizes to prime exponent p when the ring of cyclotomic integers ZŒp is a
UFD, where D e 2 i=p . But there are primes p for which ZŒp does not
have unique factorization. What then? We’ll finish this section with a brief
discussion about how Kummer’s construct of ideal numbers (which Dedekind
recognized as equivalent to what we now call ideals, which is why they are
so-called) could be used to restore a kind of unique factorization to ZŒp .
Finally, in Section 8.5 we develop the machinery to prove a lovely theorem
of Fermat that determines the number of ways a positive integer can be written
as the sum of two perfect squares.
8.1 Arithmetic in Gaussian

and Eisenstein Integers
We begin by showing that ZŒi and ZŒ! have generalized division algorithms.
Actually, we’ll show that long division is possible in these rings; that is, there
are quotients and remainders. However, quotients and remainders are not nec-
essarily unique; stay tuned.
Given two Gaussian integers z and w, can we find Gaussian integers q and
r so that w D qz C r , where r is “smaller than” z? The obvious way to
compare size in C is with absolute values, but it’s easier to calculate norms
(squares of absolute value); by Exercise 3.62 on page 127, jr j < jzj if and
only if N.r / < N.z/. Let’s start with an example.
Example 8.1. Take z D 19 C 48i and w D 211 C 102i . Can we find q

and r so that w D qz C r , where N.r / < N.z/? We can certainly divide z into
w in QŒi ; it’s just that w=z may not be a Gaussian integer. In fact,
211 C 102i . 211 C 102i /. 19 48i /

D
19 C 48i . 19 C 48i /. 19 48i /
8905 C 8190i
D
2665
137 126
D C i:
41 41
i i
“book2” — 2013/5/24 — 8:18 — page 331 — #351
i i
8.1 Arithmetic in Gaussian and Eisenstein Integers 331
The idea is to take q to be the Gaussian integer closest to w=z in the complex
plane, and then to find an r that makes up the difference. Since
w 137 126
D C i 3:34 C 3:07i;
z 41 41
we’ll take q D 3 C 3i . What about r ? There’s no choice; since we want w D
qz C r , set r D w qz:
r Dw qz D . 211 C 102i / .3 C 3i /. 19 C 48i / D 10 C 15i:
By construction, w D qz C r . What’s more, that q is the closest Gaussian
integer to w=z implies, as we’ll see in the proof of the next proposition, that
N.r / < N.z/. Indeed, N.z/ is much bigger that N.r / in this example, because
w=z is so close to q.
N.r / D . 10/2 C .15/2 D 325 and N.z/ D . 19/2 C .48/2 D 2665: N
This method for choosing q and r works in general.
Proposition 8.2 (Generalized Division Algorithm). If z and w are Gaussian

integers with z ¤ 0, then there exist Gaussian integers q and r such that
w D qz C r and N.r / < N.z/:
Proof. Suppose that w=z D a C bi , where a and b are rational numbers (but
not necessarily integers). As in Example 8.1, take q to be a Gaussian integer
closest to w=z in the complex plane; more precisely, choose integers m and n
so that
1
ja mj 2
and jb nj 21 ;
and let q D m C ni . Now define r to be the difference:
rDw qz:
Clearly, w D qz C r , so the only thing to check is whether N.r / < N.z/. To
this end, we have
w w
N.r / D N.w qz/ D N z q D N.z/N q :
z z
But w=z q D .a m/ C .b n/i , so that
w
N q D .a m/2 C .b n/2 14 C 14 < 1:
z
It follows that N.r / < N.z/.
How to Think About It. The earlier statements of the division algorithms
for Z (Theorem 1.15) and for kŒx, where k is a field (Theorem 6.11), differ
from that in Proposition 8.2; the latter statement does not assert uniqueness of
quotient and remainder.
In fact, the way q and r are constructed shows that there may be several
choices for q and r —locate w=z inside a unit square in the complex plane
whose vertices are Gaussian integers, and then pick a closest vertex. There
may be several of these, as the next example shows. Luckily, we won’t need
uniqueness of quotients and remainders to get unique factorization into primes.
i i
“book2” — 2013/5/24 — 8:18 — page 332 — #352
i i
Example 8.3. If z D 2 C 4i and w D 9 C 17i , then

w 5 7
D C i D 2:5 C 3:5i:
z 2 2
In contrast to Example 8.1, w=z sits smack in the middle of a unit square whose
vertices are Gaussian integers and, hence, there are four choices for q, namely
2 C 3i; 3 C 3i; 3 C 4i; 2 C 4i I
and there are four corresponding divisions, namely
9 C 17i D .2 C 3i /.2 C 4i / C . 1 C 3i /I
9 C 17i D .3 C 3i /.2 C 4i / C . 3 i /I
9 C 17i D .3 C 4i /.2 C 4i / C .1 3i /I
9 C 17i D .2 C 4i /.2 C 4i / C .3 C i /:
All of these work. In fact, all the remainders have (the same) norm 10 < 20 D
N.z/. Even more: the remainders are all associates. Is this an accident? See
Exercises 8.1 through 8.4 on page 336. N
Alas, there are other There is an analogous result for the Eisenstein integers ZŒ!, and its proof
rings ZŒ of cyclotomic is almost identical to that for the Gaussian integers. Recall that c C d! D
integers which do not have c C d! 2 D c C d. 1 !/, and that
a generalized division
algorithm.
N.c C d!/ D c 2 cd C d 2 :
Proposition 8.4 (Generalized Division Algorithm). If z and w are Eisenstein

integers with z ¤ 0, then there exist Eisenstein integers q and r such that
w D qz C r and N.r / < N.z/:
Proof. Suppose that w=z D a C b!, where a and b are rational numbers (but
not necessarily integers). Take q to be a Eisenstein integer closest to w=z in
the complex plane (with respect to the norm); more precisely, choose integers
m and n so that
1
ja mj 2
and jb nj 21 ;
and let q D m C n!. Now define r to be the difference
r Dw qz:
Clearly, w D qz C r , so the only thing to check is whether N.r / < N.z/. To

this end, we have
w w
N.r / D N.w qz/ D N z q D N.z/N q :
z z
But w=z q D .a m/ C .b n/!, so that
N .w=z q/ D .a m/2 .a m/.b n/ C .b n/2 1

4
C 1
4
C 1
4
< 1:
It follows that N.r / < N.z/.
i i
“book2” — 2013/5/24 — 8:18 — page 333 — #353
i i
Why can’t we modify the proof of Proposition 8.4 to prove the result for
every ring of cyclotomic integers? The short answer is that there are counter-
examples. But the reason the proof fails to generalize is that we can’t verify
N.r / < N.z/ in every ZŒ.
Example 8.5. Let’s divide w D 91 C 84! by z D 34 C 53!. First calculate

w=z in QŒ!:
91 C 84! .91 C 84!/.34 C 53! 2 / 2723 1967!

D 2
D
34 C 53! .34 C 53!/.34 C 53! / 2163
389 281
D ! 1:26 :91!:
309 309
Now set q D 1 !: As with ZŒi, there may
be several choices for q
r Dw zq D 4 C 12!: when dividing Eisenstein
integers (see Exercise 8.5
on page 337).
You can check that
N.z/ D 342 3453C532 D 2163 and N.r / D 42 412C122 D 112: N
How to Think About It. If z, w are either in ZŒi or in ZŒ!, we could

iterate the respective generalized division algorithms, as we did in Z or kŒx,
to obtain Euclidean algorithms giving a greatest common divisor d of z and
w; moreover, d can be expressed as a linear combination of z and w ensuring,
as in earlier instances of this argument, that any common divisor of z and w is
a factor of d . We’ll give an example of such a calculation shortly.
Along the way, there may be choices to be made for quotients and remain-
ders, possibly resulting in different “greatest” common divisors d . We ran into
this situation before: the Euclidean Algorithm in kŒx produces a gcd up to a
unit factor. The same is true in ZŒi and ZŒ!, although it may not be obvious
at this point because of the twists and turns that the Euclidean Algorithm might
take. This is another example in which a more abstract setting can make things
clearer (one reason for the added clarity is that abstraction casts away noise,
allowing you to focus on the heart of a problem).
Euclidean Domains
Looking at our main examples—Z; kŒx; ZŒi ; ZŒ!—we see that one key
to a division algorithm is a measure of size: absolute value for Z, degree for
kŒx, norm for ZŒi and ZŒ!. Now we generalize.
Definition. A Euclidean domain is a domain R equipped with a size function @ is defined on the nonzero
elements of R and takes
@WR f0g ! N nonnegative integer val-
ues.
such that, for all a; b 2 R with a ¤ 0, there exist q and r in R with
b D qa C r;
where either r D 0 or @.r / < @.a/.
i i
“book2” — 2013/5/24 — 8:18 — page 334 — #354
i i
Some size functions have extra properties. For example, when R is a do-
main, then RŒx is a domain, and degree (which is a size function on RŒx)
satisfies deg.fg/ D deg.f / C deg.g/, while norm N (which is a size function
on ZŒi and ZŒ!) satisfies N.˛ˇ/ D N.˛/N.ˇ/. On the other hand, if @ is a
size function of a Euclidean domain R, then so is @0 , where @0 .a/ D @.a/ C 1
for all a 2 R f0g. It follows that a size function may have no algebraic
properties; moreover, there may be no elements in R having size 0.
Euclidean domains have nice properties. The proof of the next proposition
is essentially the same as that of Theorem 1.19.
Proposition 8.6. Every Euclidean domain is a principal ideal domain.
Proof. Suppose that R is a Euclidean domain with size function @. We want to

show that every ideal I in R is principal. If I D f0g, then I is principal, and
so we can assume that I contains nonzero elements. The set
S D [email protected]/ W z 2 I g
is a set of nonnegative integers and, hence, it has a least element; call it m.

Choose d to be any element of I of size m. We claim that I D .d /.
Clearly, .d / I . To get the reverse inclusion, suppose that z 2 I is not 0;
we must show that z 2 .d /. Now there are q and r such that
z D qd C r;
where either r D 0 or @.r / < @.d /. But r 2 I , because r D z dq and both

z and d are in I . But @.d / is the smallest size among elements of I ; hence,
r D 0, and z D qd 2 .d /.
Corollary 8.7 (Euclid’s Lemma). Let R be a Euclidean domain with a; b 2 R.

If p 2 R is irreducible and p j ab, then p j a or p j b.
Proof. This is a direct consquence of Theorem 6.47.
Corollary 8.8. Every Euclidean domain is a unique factorization domainI that

is, every nonzero non-unit has a factorization into irreducibles that is essen-
tially unique.
Proof. This is a direct consequence of Theorem 6.50: every PID is a unique

factorization domain.
Corollary 8.8 probably piques your curiosity about what primes look like in
Euclidean domains. We’ll consider this question for ZŒi and ZŒ! in the next
section.
How to Think About It. Points about the development so far.

Euclidean domains have generalized division algorithms, but they are not
necessarily algorithms in the technical sense. They are procedures for com-
puting quotients and remainders, but the division procedures, even for ZŒi
i i
“book2” — 2013/5/24 — 8:18 — page 335 — #355
i i
and ZŒ!, are not deterministic: there is a choice about how to calculate
quotients and remainders.
In Section 1.3, we studied a direct path in Euclid’s Elements from the Divi-
sion Algorithm in Z to the Fundamental Theorem of Arithmetic. This path
can be followed in a much more general setting. We just saw that every Eu-
clidean domain enjoys Euclid’s Lemma and a fundamental theorem.
One way to show that a domain is a PID is to show that it is Euclidean—
indeed, this is one of the most important uses of this notion. On the other
hand, it’s hard from first principles to show that a domain is not Euclidean
(you have to show that no size function exists). Often, the easiest way to
show that a domain is not Euclidean is to show that it’s not a PID. So, for
example, ZŒx is not a Euclidean domain.
There are PIDs that are not Euclidean, so that the converse of Proposition 8.6
is false. Motzkin found a property of Euclidean domains that can be de-
fined without mentioning its size function. He called an element d in an
arbitrary domain R a universal side divisor if d is not a unit and, for ev-
ery r 2 R, either d j r or there is some unit u 2 R with d j .r C u/.
He then proved that every Euclidean domain contains a universal side divi-
sor, namely
p any non-unit of smallest size. Now it was known that if ˛ D
1
2
.1 C 19/, then the ring ZŒ˛ is a PID. Motzkin then showed that ZŒ˛
has no universal side divisors, and he concluded that ZŒ˛ is a PID that is
not a Euclidean domain (see Wilson, A principal ideal ring that is not a
Euclidean ring. Math. Magazine 46 (1973), 34–38 and Williams, Note
on non-Euclidean principal ideal domains, Math. Magazine 48 (1975),
176–177).
The fact that a Euclidean domain is a PID allows us a to talk about gcd’s,
thanks to Theorem 6.46. Using exactly the same logic as in Chapter 1, we
can iterate division, creating a Euclidean algorithm that finds a gcd for us:
just move factors on one line southwest on the next line (as in the next
example).
Example 8.9. Building on the calculation in Example 8.5, let’s find a gcd for
91 C 84! and 34 C 53! in ZŒ!. We’ll use the algorithm outlined in Proposi-
tion 8.4 to carry out the divisions (a CAS is very useful here). There are four
equations, which we present in “southwestern style:” if a row has the form
f D qh C r , then the next row moves h and r southwest and looks like
h D q 0r C r 0.
91 C 84! D .1 !/.34 C 53!/ C .4 C 12 !/

34 C 53! D .3 !/.4 C 12 !/ C .10 C 9!/
4 C 12 ! D .1 C !/.10 C 9!/ C .3 C 2 !/
10 C 9! D .4 C !/.3 C 2 !/:
Here is a second format, arranging the calculations as we did in Z in Chapter 1,

that shows more detail.
i i
“book2” — 2013/5/24 — 8:18 — page 336 — #356
i i
1 !
34C53! 91C84!
87C72! 3 !
4C12! 34C53!
24C44! 1C !
10C 9! 4C12!
1C10! 4 C !
3C 2! 10C9!
10C9!
0
Recall that in a general So, we end with 3 C 2!. Repeated application of Exercise 8.6 on page 337
PID, the gcd of two shows that there is a chain of equalities of ideals:
elements a and b is a
generator d of the principal .91 C 84!; 34 C 53!/ D .34 C 53!; 4 C 12!/ D .4 C 12!; 10 C 9!/
ideal consisting of all linear
combinations of a and b; in D .10 C 9!; 3 C 2!/ D .3 C 2!/I
symbols, .a; b/ D .d /.
that is,
.91 C 84!; 34 C 53!/ D .3 C 2!/:
Thus, 3 C 2! is a gcd of 91 C 84! and 34 C 53!.

While the calculations are a bit tedious, you can work the four equations
above backwards, as we did in Chapters 1 and 6, to write 3 C 2! as a linear
Appendix A.6 outlines a combination of 91 C 84! and 34 C 53!. Using a CAS, we found that
package for a CAS that
allows you to calculate in 3 C 2! D .5 C 3!/.91 C 84!/ .9 C 2!/.34 C 53!/ N
ZŒ!.
How to Think About It. We’ve seen, in ZŒi or ZŒ!, that there are some-
times choices for quotients and corresponding remainders in the generalized
division algorithms. Hence, there may be more than one way to implement the
Euclidean Algorithm and, so, more than one end result. But, thanks to Proposi-
tion 6.45 and the fact that ZŒi and ZŒ! are PIDs, any two gcd’s are associates.
See Exercise 8.7 below for an example.
Exercises
8.1 Prove or Disprove and Salvage if Possible. Two Gaussian integers are associates
if and only if they have the same norm.
8.2 How many possible numbers of “closest Gaussian integers” to a complex number
are there? For each number, give an example.
8.3 Let z and w be Gaussian integers, and suppose that q and q 0 are Gaussian integers
equidistant from w=z in the complex plane. Show that
w w
N. q/ D N. q 0 /:
z z
8.4 Let z and w be Gaussian integers, and suppose that q and q 0 are Gaussian integers
equidistant from w=z in the complex plane. Are w=z q and w=zz q 0 associates?
If so, prove it; if not, give a counterexample.
i i
“book2” — 2013/5/24 — 8:18 — page 337 — #357
i i
8.2 Primes Upstairs and Primes Downstairs 337
8.5 If z ¤ 0 and w are Eisenstein integers, how many possible numbers of quotients
w=z are there in ZŒ! satisfying the conditions of the division algorithm? For
each number, give an example.
8.6 * Let R be a commutative ring. If a, b, c, and d are elements of R such that
b D da C c, show that there is equality of ideals .b; a/ D .a; c/.
8.7 If z D 6 C 12i and w D 13 C 74i , show that
w 9 10
D C i:
z 2 3
(i) Show that there are two q’s with w D qz C r in the generalized division
algorithm, namely q D 4 C 3i and q D 5 C 3i .
(ii) Apply the Euclidean Algorithm to find a gcd of z and w starting with q D
4 C 3i .
(iii) Apply the Euclidean Algorithm to find a gcd of z and w starting with q D
5 C 3i .
(iv) Are the two gcd’s associates in ZŒi ?
8.2 Primes Upstairs and Primes Downstairs

We saw in the last chapter that an irreducible polynomial in kŒx (for some
field k) may factor in KŒx for some extension field K= k. For example, x 2 C 1
is irreducible in RŒx but it factors in CŒx. A similar phenomenon occurs for
primes in Z. Every ring of cyclotomic integers R has Z as a subring, and a
prime p 2 Z may factor in R.
Our goal in this section is to investigate primes in ZŒi and in ZŒ!, and the
obvious way to begin doing this is by studying primes downstairs, that is, in Z,
and look at their behavior upstairs, that is, in rings of cyclotomic integers.
Corollary 8.8, the Fundamental Theorem for Euclidean domains, tells us
that every element in such a domain has an essentially unique factorization
into primes.
Lemma 8.10. Let R D ZŒp for any prime p. If u 2 R, then u is a unit in R

if and only if N.u/ D 1.
Proof. If u is a unit, there is v 2 R with uv D 1. Hence, 1 D N.uv/ D

N.u/N.v/. As N.u/ and N.v/ are positive integers, we must have N.u/ D
1 D N.v/.
Conversely, suppose that N.u/ D 1. Since N.u/ D uu, we have u a unit
in R (with inverse u).
The actual factorization of Gaussian integers or of Eisenstein integers into
primes can be a tricky task, but here is a useful tool.
Proposition 8.11. Let R D ZŒi or ZŒ!. If z 2 R and N.z/ is prime in Z,

then z is prime in R.
Proof. We prove the contrapositive of the statement of the Proposition. If z 2

R and z D wv for non-units w and v, then Lemma 8.10 gives N.w/ > 1 and
N.v/ > 1. Hence,
N.z/ D N.wv/ D N.w/ N.v/;
and N.z/ is not prime in Z.
i i
“book2” — 2013/5/24 — 8:18 — page 338 — #358
i i
The converse of Proposition 8.11 is false; we’ll soon see that 7 is prime
in ZŒi , but that N.7/ D 49.
Example 8.12. (i) In Example 8.1, we divided w D 211 C 102i by z D

19 C 48i and got quotient 3 C 3i and remainder 10 C 15i . Let’s carry
out the rest of the Euclidean Algorithm to get a gcd of z and w.
We use two formats for the Euclidean Algorithm finding the gcd. Here’s
the southwestern version.
w D .3 C 3i /z C . 10 C 15i /
3 C 3i D .3 i /. 10 C 15i / C . 4 7i /
10 C 15i D . 1 2i /. 4 7i /:
Hence, gcd.z; w/ D 4 C 7i (we take an associate of 4 7i ).

Here is a more detailed version of this calculation.
3C 3i
19C48i 211C102i
201C 87i 3 i
10C 15i 19C48i
15C55i 1 2i
4 7i 10C15i
10C15i
0
Again we see that gcd.z; w/ D 4 C 7i . So 4 C 7i is a factor of both z
and w.
(ii) Is the gcd 4 C 7i prime? If not, can we factor it explicitly? Since
N.4 C 7i / D 65 D 13 5;
we claim that the norm of any prime factor of 4 C 7i is either 13 or 5.

If 4 C 7i D ˛, where ˛ 2 ZŒi is not a unit, then N.˛/ > 1, by
Lemma 8.10. Hence, as N.4 C 7i / D N. /N.˛/, we must have N. / D
13 or N. / D 5. Well, 5 is small enough to do a direct check, and the
only Gaussian integers with norm 5 are 2 ˙ i and their associates. And
we’re in luck; 2 C i is a factor:
4 C 7i
D 3 C 2i:
2Ci
Note that N.3 C 2i / D 13, so that 3 C 2i is prime, by Proposition 8.11.
(iii) To factor w D 211 C 102i , divide by the gcd:
211 C 102i
D 2 C 29i:
4 C 7i
Since N. 2 C 29i / D 845 D 5 132, the same process as in part (ii)
shows that
2 C 29i D .2 C i /.5 C 12i / D .2 C i /.3 C 2i /2 :
i i
“book2” — 2013/5/24 — 8:18 — page 339 — #359
i i
Putting it all together, we have the prime factorization of w: In Section 3.4, we used the
fact that
w D 211 C 102i 5 C 12i D .3 C 2i/2 when
we generated Pythagorean
D .4 C 7i /. 2 C 29i /
triples with Gaussian
D .2 C i /.3 C 2i /.2 C i /.3 C 2i /2 integers.
D .2 C i /2 .3 C 2i /3 :
We leave it to you to find the prime factorization of z and to show that
gcd.z; w/ lcm.z; w/ D zw. N
How to Think About It. How do we factor a positive rational integer m

into primes? First of all, there is an algorithm determining whether m is prime.
Use the Division Algorithm to see whether 2 j m. If 2 − m, use the Division
Algorithm to see whether 3 j m. And so forth. Now if d is a divisor of m,
then d m, and so there are only finitely many candidates for divisors; hence,
this process must stop. Of course, if we have any extra information about m,
we may use it to cut down on the number of candidates. We must say that
this algorithm is useful only for small numbers m; after all, the difficulty in
factoring large numbers is the real reason that public key codes are secure.
A variation of this algorithm can be used to factor nonzero Gaussian in-
tegers. If d; w 2 ZŒi and d j w, then N.d / N.w/; hence, there are only
finitely many Gaussian integers z which are candidates for being divisors of w.
If N.w/ is prime, then Proposition 8.11 says that w is prime; if N.z/ is com-
posite, we can proceed as in the last part of Example 8.12.
Laws of Decomposition
We now describe the primes in ZŒi (there will be a similar story for ZŒ!).
The next lemma lets us concentrate on how primes downstairs in Z behave
when they are viewed as elements upstairs in ZŒi .
Notation. It gets tedious to keep saying “let p be a prime in Z:” From now on,
let’s call primes in Z rational primes to distinguish them from primes in other
rings. Remember that a prime (or irreducible) element in a commutative ring
is one whose only divisors are units and associates. We may also say rational
integer to distinguish an ordinary integer in Z from a Gaussian integer, an
Eisenstein integer or, more generally, a cyclotomic integer.
Lemma 8.13. Every prime in ZŒi divides a rational prime.
Proof. Every Gaussian integer z divides its norm in ZŒi , for N.z/ D zz. In
particular, divides a rational integer, namely its norm. Now N. / factors
into primes in Z:
D N. / D p1 p2 : : : pk ;
and so
j p1 p2 : : : pk : The primes on the right-
hand side are elements of
But is a prime in ZŒi ; hence, by Euclid’s Lemma in ZŒi , it divides one of ZŒi as well as of Z.
the (prime) factors pj on the right.
i i
“book2” — 2013/5/24 — 8:18 — page 340 — #360
i i
Example 8.14. We have seen that D 3 C 2i is a prime in ZŒi ; note that

divides 13, for
N. / D .3 C 2i /.3 2i / D 13:
We sometimes say that 3 C 2i lies above 13. N
As we said earlier, there are primes in Z that remain prime in ZŒi and
others that factor into new primes; the same is true for ZŒ!. It turns out that
there’s a beautiful theory, going back to Gauss, for how primes decompose in
these rings, a theory that brings together many of the ideas you’ve studied so
far. For example, here are some factorizations of rational primes when viewed
as elements in ZŒi :
5 D .2 C i /.2 i /I 13 D .3 C 2i /.3 2i /I 29 D .5 C 2i /.5 2i /:
In each of these cases, the rational prime decomposes as a norm: the product
of a Gaussian integer and its conjugate. This is always the case.
Lemma 8.15. Let p be a rational prime. If p is not prime in ZŒi , then there
exists some prime z in ZŒi with
p D zz D N.z/:
Proof. Suppose p D zw, where z and w are non-unit Gaussian integers. Then
p 2 D N.p/ D N.zw/ D N.z/ N.w/;
And, in fact, z and w must where neither N.z/ nor N.w/ is 1. But this is an equation in Z, and so unique
be associates. factorization in Z gives p D N.z/ D zz. Finally, z is prime in ZŒi , by
Proposition 8.11, because N.z/ is a rational prime.
Lemma 8.15 narrows the situation quite a bit. It says that if a rational prime
factors in ZŒi , it factors into exactly two conjugate Gaussian integers, each
prime in ZŒi . We say that such a rational prime splits in ZŒi . We can state
the result of Lemma 8.15 using only the arithmetic of Z. Since N.a C bi / D
a2 C b 2 , the lemma says that a prime splits if it can be written as the sum of
two perfect squares. And the converse is also true.
Proposition 8.16. A rational prime p splits in ZŒi if and only if p is a sum of

two squares in Z.
Proof. If p splits in ZŒi , then Lemma 8.15 says that there is a Gaussian integer
z D a C bi such that p D N.z/ D a2 C b 2 .
Conversely, if p D a2 C b 2, then p D .a C bi /.a bi /. But a C bi is prime
in ZŒi , by Proposition 8.11, because its norm, N.a C bi / D p, is a rational
prime.
The question of which rational primes split in ZŒi thus comes down to the
question of which primes are sums of two squares. Not every rational prime is
a sum of two squares; for example, it’s easy to see that 11 is not. Here is a nice
(and perhaps surprising) connection to modular arithmetic. A quick example
gives the idea. The prime 29 is the sum of two squares:
29 D 22 C 52 :
i i
“book2” — 2013/5/24 — 8:18 — page 341 — #361
i i
As an equation in F29 , this says that 22 C 52 D 0. Multiply both sides by 62 , Recall that Fp is another
for 6 D 5 1 in F29 : notation for Zp , the field of
integers modulo p.
0 D 22 62 C 52 62
D .2 6/2 C .5 6/2
D .2 6/2 C 1;
so that 2 6 D 12 is a root of x 2 C 1 in F29 . More generally, suppose that p
is a prime and p D a2 C b 2. We can assume that 0 < a; b < p, so that both
a and b are units in Fp . We can write this as an equation: a2 C b 2 D 0 in Fp .
2
Multiplying both sides by b 1 , we get:
2
ab 1 C 1 D 0I
1
that is, ab is a root of x 2 C 1 in Fp . And the converse is true as well:
Proposition 8.17. A rational prime p is a sum of two squares if and only if

x 2 C 1 has a root in Fp . Another way to say this: p
is the sum of two squares if
Proof. We’ve just seen that an expression of p as the sum of two squares leads and only if 1 is a square
in Fp .
to a root of x 2 C 1 in Fp .
Going the other way, suppose there is an integer n whose congruence class
satisfies
n2 C 1 D 0 in Fp :
Then, moving back to Z, we see that n satisfies
p j .n2 C 1/:
Now go upstairs to ZŒi . We have
p j .n C i /.n i /:
But p divides neither n C i nor n i in ZŒi (otherwise, n=p ˙ i=p would
be Gaussian integers). Euclid’s Lemma says that p is not prime in ZŒi and,
hence, by Lemma 8.15, p is the norm of some Gaussian integer z—that is, p
is a sum of two squares.
Corollary 8.18. A rational prime p factors in ZŒi if and only if x 2 C 1 has a So, p factors in ZŒi if and
root in Fp . only if x 2 C 1 factors in
Fp Œx.
Proof. Apply Proposition 8.17 and the Factor Theorem (Corollary 6.15).
Let’s summarize these various equivalent statements about a rational prime p.
p factors in ZŒi .
p D N.z/ for some z in ZŒi .
p D a2 C b 2 in Z.
x 2 C 1 has a root in Fp .
The last criterion may seem the most remote, but it is actually the easiest to
use—you have to check at most .p 1/=2 possible solutions to x 2 C 1 D 0
(because if ˛ is a solution, so is ˛). If you try a few numerical cases, a pat-
tern begins to emerge—the primes satisfying the last criterion all seem to be
congruent to 1 mod 4. That’s quite a beautiful and elegant result, which adds
one more equivalent statement to the summarizing list above.
i i
“book2” — 2013/5/24 — 8:18 — page 342 — #362
i i
Theorem 8.19. If p is an odd prime, then x 2 C 1 has a root in Fp if and only

if p 1 mod 4.
Proof. Assume that p D 4k C 1. Since p is prime, Theorem 4.9 (Fermat’s

Little Theorem) gives ap 1 D 1 for all nonzero a in Fp . Thus, we have the
See Exercise 6.38 on factorization in Fp Œx:
page 263.
xp 1
1 D .x 1/.x 2/.x 3/ : : : .x .p 1// : (8.2)
Hence,
xp 1
1 D x 4k 1

4 k
D x 1
h k k k i
1 2 3
D .x 4 1/ x4 C x4 C x4 CC1
by Exercise 6.47 on page 269
h k 1 k k i
2 3
D .x C 1/ .x 2 1/ x 4
2
C x4 C x4 CC1
D .x 2 C 1/h.x/: (8.3)
Comparing Eqs. (8.2) and (8.3), the two factorizations of x p 1 1, and using
unique factorization in Fp Œx, we see that x 2 C 1 D .x ˛/.x ˇ/ for some
˛; ˇ 2 Fp .
Conversely, if p is odd and p 6 1 mod 4, then p 3 mod 4 (it can’t be
congruent to 0 or 2). But, by Proposition 8.17, if x 2 C 1 has a root in Fp , then
p is the sum of two squares in Z. However, the sum of two squares in Z is
never congruent to 3 mod 4: If a D 0; 1; 2; 3, then a2 0; 1; 0; 1 mod 4, and
so a2 C b 2 0; 1; 2 mod 4.
Propostion 8.16, when combined with Theorem 8.19, gives us a nice fact of
arithmetic, first established by Gauss.
The name of a theorem
may not coincide with the Corollary 8.20 (Fermat’s Two-Square Theorem). An odd rational prime p
name of the first person is a sum of two squares if and only if p 1 mod 4.
who proved it.
Theorem 8.19 tells the whole story for odd primes: primes that are congru-
ent to 1 mod 4 split into two conjugate factors, and primes that are congruent to
3 mod 4 stay prime (we call primes downstairs that stay prime upstairs inert).
There is one prime we haven’t yet considered: p D 2. Now 2 factors in ZŒi ,
because x 2 C 1 factors in Z2 Œx. In fact
2 D .1 C i /.1 i /:
Are there other primes in But note that these two factors are associates:
ZŒi that are associate
to their conjugates? That 1 C i D i.1 i /;
question is Exercise 8.10
on page 343. and so
2 D i.1 i /2 :
Thus, 2 splits in a special way: it is associate to the square of a prime. We say

that 2 ramifies in ZŒi . Hence, our discussion gives a complete classification
of how rational primes decompose in the Gaussian integers.
i i
“book2” — 2013/5/24 — 8:18 — page 343 — #363
i i
Theorem 8.21 (Law of Decomposition in Gaussian Integers). Every ratio-

nal prime p decomposes in ZŒi in one of three ways.
(1) p splits into two conjugate prime factors if p 1 mod 4
(2) p is inert if p 3 mod 4
(3) p D 2 ramifies: 2 D i.1 i /2 .
Corollary 8.22 (Classification of Gaussian Primes). The primes in ZŒi

are of three types:
(1) D a C bi , which lies above a rational prime p with p 1 mod 4I in
this case, N. / D a2 C b 2
(2) D p, where p is a rational prime with p 3 mod 4I in this case,
N.p/ D p 2
(3) D 1 i and its associatesI in this case, N.1 i / D 2.
Proof. Now divides some rational prime p, by Lemma 8.13. If p 1 mod 4,

then is of the first type; if p 3 mod 4, then p is inert and D p; if
p 2 mod 4, then p ramifies and D 1 i .
As we mentioned earlier, 7 is a prime in ZŒi , for 7 3 mod 4, but its
norm 49 is not a rational prime. Thus, the converse of Proposition 8.11 is false.
How to Think About It. The fact that 2 D i.1 i /2 can be stated in terms
of ideals in Z[i]: there is equality of ideals

.2/ D .1 i /2 :
In fact, if we use the definition of the product of ideals from Exercise 5.51 on
page 220, the above equation of ideals can be written as
.2/ D .1 i / .1 i / D .1 i /2 :
Exercises
8.8 (i) In Example 8.12 we found a gcd of z D 19 C 48i and w D 211 C 102i
to be 4 C 7i . Write 4 C 7i as a linear combination of z and w.
(ii) Use part (i) to find the prime factorization of z.
(iii) Show that gcd.z; w/ lcm.z; w/ D zw.
8.9 Show that if two Gaussian integers z and w have relatively prime norms in Z,
then z and w are relatively prime in ZŒi . Is the converse true?
8.10 * Which primes in ZŒi are associate to their conjugates?
8.11 How many non-associate primes in ZŒi lie above 5?
8.12 In ZŒi , show that every associate of a C bi is conjugate to an associate of b C ai .
8.13 Show that every Gaussian integer is associate to one in the first quadrant of the
complex plane. (We define the first quadrant to include the nonnegative x-axis but
not the positive y-axis.)
8.14 Show that if two integers a and b can each be written as the sum of two squares,
so can ab.
i i
“book2” — 2013/5/24 — 8:18 — page 344 — #364
i i
8.15 Factor each of these into primes in ZŒi .

(i) 101 (ii) 31 (iii) 37
(iv) 7 C 4i (v) 8 C i (vi) 65
(vii) 7 C 3i (viii) 40 C 42i (ix) 154 C 414i
8.16 Find the number of elements in each of the quotient rings.
(i) ZŒi =.1 i/ (ii) ZŒi =.2 C i /
(iii) ZŒi =.3 C 2i / (iv) ZŒi =.5 C 12i /
8.17 Take It Further. If z is a Gaussian integer, show that
jZŒi =.z/j D N.z/:
Eisenstein Primes
The whole theory just given for ZŒi carries over to ZŒ!. Of course, the state-
ments have to be modified slightly, but the proofs are almost identical to the
corresponding results in ZŒi . If you think about it, this shouldn’t be a surprise:
a proof using only algebraic properties of norm (for example, it is multiplica-
tive) and properties of PIDs (unique factorization and Euclid’s Lemma) should
carry over mutatis mutandis.
We summarize the results for Eisenstein integers, providing sketches of
proofs where we think it’s necessary, but we leave the details to you. And
these are important exercises, because they will help you digest the ideas in
both rings.
Lemma 8.23. Every prime in ZŒ! divides a rational prime.
Proof. Mimic the proof of Lemma 8.13.
How about a law of decomposition for Eisenstein integers? Some rational

Try some other primes primes factor in ZŒ!; for example:
in ZŒ!. Any conjectures
about which ones split? 7 D .3 C !/.3 C ! 2 /I 31 D .5 !/.5 ! 2 /I 97 D .3 8!/.3 8! 2 /:
In each of these cases, the prime in Z decomposes in ZŒ! into a norm: the
product of an Eisenstein integer and its conjugate. This is always the case.
Lemma 8.24. Let p be a rational prime. If p is not prime in ZŒ!, then p D

zz D N.z/ for some prime z in ZŒ!.
As happened in ZŒi , we can restate the result of Lemma 8.24 completely

in terms of the arithmetic of Z. Since N.a C b!/ D a2 ab C b 2 , the lemma
says that a prime splits if it can be written in this form. The converse is also
true.
Proposition 8.25. A rational prime p splits in ZŒ! if and only if p can be

expressed as a2 ab C b 2 for integers a; b 2 Z.
i i
“book2” — 2013/5/24 — 8:18 — page 345 — #365
i i
Proposition 8.17 says that a rational prime p is a norm of some prime in

ZŒi if and only if x 2 C 1 has its roots in Fp . What might be an analog of this
result for ZŒ!? Well, x 2 C 1 is the minimal polynomial for i ; the minimal
polynomial for ! is x 2 C x C 1. A careful look at the proof of Proposition 8.17
shows that we can use x 2 C x C 1 and modify the proof slightly to obtain
another lovely result.
Proposition 8.26. A rational prime p can be expressed as a2 ab C b 2 for

integers a; b 2 Z if and only if x 2 C x C 1 has a root in Fp . What is the discriminant of
x 2 C x C 1?
Proof. Suppose that p D a2 ab C b 2 for integers a and b. Then p doesn’t
divide either a or b (otherwise p 2 j .a2 ab C b 2 )) and, hence, b is a unit in
2
Fp . Multiply both sides by b 1 to obtain
2 2
p b 1 D ab 1 C ab 1 C 1;

so that a b 1 is a root of x 2 C x C 1 in Fp .
Going the other way, suppose that there is a congruence class Œm 2 Fp with
Œm2 C Œm C 1 D 0 in Fp :
Then, in Z, we have
m2 C m C 1 0 mod pI
that is,
p j .m2 C m C 1/:
Now move up to ZŒ!. We have
Check that
p j .m !/.m ! 2 /; .m !/.m ! 2 / D
or m2 C m C 1.
p j .m !/.m C 1 C !/:
But p doesn’t divide either m ! or m C 1 C ! in ZŒ! (otherwise mp
1
p
!
mC1 1
or p C p ! would be an Eisenstein integer). Thus, by Euclid’s Lemma, p is
not prime in ZŒ! and hence by Lemma 8.24, p is the norm of an Eisenstein
integer a C b!; that is, p D a2 ab C b 2 for integers a and b.
We get the next corollary.
Corollary 8.27. A rational prime p factors in ZŒ! if and only if x 2 C x C 1 So, p factors in ZŒ! if and
has a root in Fp . only if x 2 C x C 1 factors
in Fp Œx.
Proof. Apply Proposition 8.26 and the Factor Theorem (Corollary 6.15).
We summarize the chain of equivalent statements.
p factors in ZŒ!.
p D N.z/ for some z in ZŒ!.
p D a2 ab C b 2 in Z.
x 2 C x C 1 has a root in Fp .
Onward to a law of decomposition in ZŒ!. Numerical experiments (we
hope you’ll try some) suggest that if p is a rational prime and p 1 mod 3,
then x 2 C x C 1 has a root in Fp . The proof of Theorem 8.19 suggests a reason
why.
i i
“book2” — 2013/5/24 — 8:18 — page 346 — #366
i i
Proposition 8.28. If p is a prime and p 1 mod 3, then x 2 C x C 1 has a

root in Fp .
Proof. Suppose that p D 3k C 1. Because p is prime, ap 1 D 1 for all non-

zero a in Fp (Fermat’s Little Theorem—Theorem 4.9). Hence, in Fp Œx, we
See Exercise 6.38 on have the factorization
page 263.
xp 1
1 D .x 1/.x 2/.x 3/ .x .p 1// : (8.4)
But
xp 1
1 D x 3k 1

3 k
D x 1
h k k k i
3 1 2 3
D .x 1/ x3 C x3 C x3 CC1
Exercise 6.47 on page 269
h k 1 k 2 k 3
i
D .x 2 C x C 1/ .x 1/ x 3 C x3 C x3 CC1
D .x 2 C x C 1/h.x/: (8.5)
Comparing Eqs. (8.4) and (8.5), the two factorizations of x p 1

1, and using
unique factorization in Fp Œx, we see that x 2 C x C 1 D .x ˛/.x ˇ/ for
some ˛; ˇ 2 Fp ; that is, x 2 C x C 1 has a root in Fp .
What about primes that are not congruent to 1 mod 3? One case is easily
handled. Suppose that p 2 mod 3. By Proposition 8.26, x 2 C x C 1 has a
root in Fp if and only if p can be written as a2 ab C b 2 for a; b 2 Z. But you
can check that, for any choice of a and b, a2 ab C b 2 is never congruent to 2
mod 3 (just look at the possible congruence classes of a and b mod 3). Thus,
p is inert; that is, p is prime in ZŒ!. There is only one more prime, namely 3,
the prime congruent to 0 mod 3. And x 2 C x C 1 certainly has roots in F3 ,
namely 0 and 1. Therefore, 3 must split; in fact,
3 D .2 C !/.2 C ! 2 / D .2 C !/.1 !/:
Recall that the units in But the important thing is that the two factors on the right are associates. You
ZŒ! are ˙1, ˙!, and can check that
˙! 2 .
! 2 .1 !/ D 2 C !:
Are there other primes in
ZŒ! that are associate
So, our factorization of 3 can be written as
to their conjugates? That
question is Exercise 8.18
on page 349. 3 D ! 2 .1 !/2 ;
In terms of ideals, .3/ D and 3 is a ramified prime. Putting it all together, we have the law of decompo-
.1 !/2 D .1 !/2 . sition in ZŒ! as well as a description of all Eisenstein primes.
Theorem 8.29 (Law of Decomposition in Eisenstein Integers). Every ratio-

nal prime p decomposes in ZŒ! in one of three ways.
(1) p splits into two conjugate prime factors if p 1 mod 3
(2) p is inert if p 2 mod 3
(3) 3 ramifies into ! 2 .1 !/2 .
i i
“book2” — 2013/5/24 — 8:18 — page 347 — #367
i i
Corollary 8.30 (Classification of the Eisenstein primes). The primes in

ZŒ! are of three typesW
(1) D a C b! which lies above a rational prime congruent to 1 mod 3I in
this case, N. / D a2 ab C b 2 .
(2) primes p in Z that are congruent to 2 mod 3I in this case, N.p/ D p 2.
(3) the prime 1 ! and its associatesI in this case, N.1 !/ D 3.
The relation between the factorization of a prime p in ZŒ! and the factor-
ization of x 2 C x C 1 in Fp Œx can be used to factor Eisenstein integers.
Example 8.31. (i) Let p D 31. There are two roots of x 2 C x C 1 in F31 ,
namely 5 and 25, and so x 2 C x C 1 D .x 5/.x 25/ in F31 Œx. Lift
this equation to ZŒx:
x 2 C x C 1 D .x 5/.x 25/ C 31.x 4/:
So, letting x D !, we have
.5 !/.25 !/ D 31.4 !/:
Now N.5 !/ D 31, so 5 ! is a prime factor of 31, and the other is This example connects to
25 !
D 6 C !:
4 !
(ii) Let p D 97. There are two roots of x 2 C x C 1 in F97 , namely 61 and 35.
In fact,
x 2 C x C 1 D .x 61/.x 35/ C 97.x 22/:
Letting x D !,
.61 !/.35 !/ D 97.22 !/;
and so
.61 !/.35 !/
D 97:
22 !
Now, N.22 !/ D 507 D 3132; since N.1 !/ D 3 and N.4C!/ D 13,
so (checking for unit factors), we have
22 ! D .1 !/.4 C !/2 :
Some of these factors divide 61 !; the rest divide 35 !. We have
N.61 !/ D 3 13 97
N.35 !/ D 13 97:
We can cancel the factor of 13 by dividing by 4 C !; it’s easier to work
with 35 !:
35 ! .35 !/.4 C ! 2 /
D D8 3!:
4C! 13
Bingo: N.8 3!/ D 97, so that
97 D .8 3!/.8 3! 2 /: N
i i
“book2” — 2013/5/24 — 8:18 — page 348 — #368
i i
How to Think About It. Because ZŒi and ZŒ! are commutative rings, we
can construct quotient rings. And, since both rings are PIDs, they often look
very similar to rings we have already met.
The result of this example Example 8.32. We investigate the quotient ring R D ZŒ!=./, where
will be useful in the next
section. D1 !
is the prime lying over the rational (and ramified) prime 3. For any Eisenstein
integer z, let’s look at the remainder after dividing z by . Proposition 8.4 gives
Eisenstein integers q and r such that
z D q C r; with r D 0 or N.r / < N./.
Now N./ D 3, so that N.r / must be 0, 1, or 2. There are no Eisenstein
integers of norm 2, because 2 is inert in ZŒ!. Hence N.r / is 0 or 1. If N.r / D
0, then r D 0; if N.r / D 1, then r is a unit in ZŒ!. So, aside from 0, we
need only investigate the six Eisenstein units. It turns out that each of these is
congruent to 1 or 1 modulo :
If r D 1; then z D q C 1 and z 1 mod :

If r D 1; then z D q 1 and z 1 mod :
If r D !; then z D q C ! D .q 1/ C 1 and z 1 mod :
If r D !; then z D q ! D .q C 1/ 1 and z 1 mod :
If r D !2 ; then z D q C ! 2 D .q 1 !/ C 1 and z 1 mod :
If r D ! 2 ; then z D q ! 2 D .q C 1 C !/ 1 and z 1 mod : N
So, every element of ZŒ! is congruent mod to one of 0; 1; or 1. This

suggests that ZŒ!=./ is none other than our friend F3 . And, in fact that’s
true.
Proposition 8.33. If D 1 !, then

ZŒ!=./ Š F3 :
Proof. By Proposition 7.13, the quotient ring ZŒ!=./ is a field, while Exam-
ple 8.32 shows that the field has exactly 3 elements. Therefore, ZŒ!=./ Š
F3 , for Corollary 7.40 says that two finite fields with the same number of ele-
ments are isomorphic.
The results in this section just scratch the surface, for life is more compli-
cated; there are rings of cyclotomic integers that are not PIDs. We shall have
more to say about this when we discuss the work of Kummer.
Further Results. The laws of decomposition for ZŒi (Theorem 8.21) and
ZŒ! (Theorem 8.29) show that the decomposition of a rational prime depends
only on its congruence class modulo a fixed integer: 4 for ZŒi and 3 for ZŒ!.
This theory was greatly generalized in the twentieth century to Class Field
Theory, which determines laws of decomposition of primes in rings of cy-
clotomic integers, thereby bringing together under one roof many of the main
ideas in modern algebra.
i i
“book2” — 2013/5/24 — 8:18 — page 349 — #369
i i
8.3 Fermat’s Last Theorem for Exponent 3 349
Exercises
8.18 * Which primes in ZŒ! are associate to their conjugates?
8.19 For which primes p is x 2 C x C 1 a perfect square in Fp Œx?
8.20 Working in ZŒ!], under what conditions are a C b! and b C a! associates?
8.21 In ZŒ!],
(i) What are all the associates of the prime 1 !?
(ii) Show that 1 ! and 1 ! 2 are associates.
(iii) Write .1 !/.1 ! 2 / as a C b!. Note that x 2 C x C 1 D
.x !/.x ! 2 /. What
(iv) What is the minimal polynomial of 1 !?
happens if you put x D 1?
8.22 If z, w, v are elements of ZŒ! (or ZŒi ), show that
(i) If z j w, then z j w.
(ii) If z j w, then N.z/ j N.w/ in Z.
(iii) If z w mod v then z w mod v.
8.23 Show that a rational prime p splits in ZŒ! if and only if 3 is a square mod p.
8.24 Show there are isomorphisms of commutative rings,
(i) ZŒi Š ZŒx=.x 2 C 1/.
(ii) ZŒ! Š ZŒx=.x 2 C x C 1/.
8.25 * Find all units u in ZŒ! such that u 1 mod 3. Note that 3 is a unit times
.1 !/2 .
8.26 Factor into primes in ZŒ!.
(i) 301 (ii) 307 (iii) 5 C 8!
(iv) 5 C ! (v) 19 C 18! (vi) 39 C 55!
(vii) 61 ! (viii) 62 C 149! (ix) 87 62!
8.27 Find the number of elements in
(i) ZŒ!=.2 C !/ (ii) ZŒ!=.4 !/
(iii) ZŒ!=.6 C !/ (iv) ZŒ!=.31/
8.28 Take It Further. If z is an Eisenstein integer, show that
jZŒ!=.z/j D N.z/:
8.3 Fermat’s Last Theorem for Exponent 3

The goal of this section is to prove Fermat’s Last Theorem for exponent 3:
there are no positive integers x; y; z satisfying x 3 C y 3 D z 3 . The earliest
proof is attributed to Euler [12] in 1770 (his proof has a gap that was eventually
closed). We develop a different proof in this section that is a nice application
of the arithmetic in ZŒ!.
How to Think About It. The development of the proof is quite technical
(we’ve polished it as much as we were able), but the essential idea is straight-
forward and has already been mentioned several times. It’s based on the fac-
torization of x 3 C y 3 in ZŒ! (see Exercise 3.50 on page 115):
x 3 C y 3 D .x C y/.x C y!/.x C y! 2 /:
i i
“book2” — 2013/5/24 — 8:18 — page 350 — #370
i i
If there are positive integers x; y; z with x 3 C y 3 D z 3 , then we’d have a

factorization of z 3 in ZŒ!:
z 3 D .x C y/.x C y!/.x C y! 2 /:
The primes dividing z all show up with exponent at least 3 in z 3 , and the idea is
to show that this can’t happen on the right-hand side. Heuristically, if the three
factors on the right are relatively prime and none is divisible by the square of
a prime, we’re done. But it’s not so easy, mainly because of some mischief
caused by D 1 !, the prime lying above 3. So, pull out your pencil again
and follow along.
Preliminaries
Our development will often make use of a fact about ZŒ! adapted from Corol-
lary 6.37.
Proposition 8.34. If x and y are rational integers that are relatively prime
in Z, then they are relatively prime in ZŒ!.
Proof. If is a prime in ZŒ! dividing both x and y, then N. / j N.x/ and
N. / j N.y/. That is, N. / j x 2 and N. / j y 2 (for both x and y lie in Z).
See Exercise 8.22 on Now N. / 2 Z; hence, if p is a prime factor of N. /, then p is a common
page 349. factor of x and y, a contradiction.
The prime D 1 ! will figure prominently in the story. In Theorem 8.29,

we saw that j 3 and, in fact,
3 D ! 2 2 : (8.6)
That lies above 3 implies that a rational integer divisible by in ZŒ! is di-
visible by 3 in Z. The next lemma explains the ubiquity of in the forthcoming
proofs.
Lemma 8.35. If x is a rational integer, then 3 j x in Z if and only if j x

in ZŒ!.
Proof. If 3 j x in Z, then Eq. (8.6) shows that j 3 in ZŒ!; hence, j x in

ZŒ!.
Conversely, if j x, then Exercise 8.22 on page 349 shows that N./ j
N.x/ in Z. But N./ D 3 and N.x/ D x 2 , so that 3 j x 2 in Z and hence
Euclid’s Lemma gives 3 j x in Z.
In Example 8.32, we saw that every element in ZŒ! is congruent mod

to 0, 1, or 1. We’ll often need to know “how congruent” an Eisenstein integer
˛ is to one of these; that is, whether ˛ is divisible by a power of . We introduce
notation to capture this idea.
Definition. Define a function W ZŒ! f0g ! N as follows: if z 2 ZŒ! is

nonzero and n 0 is the largest integer with n j z, then .z/ D n. We call
the valuation.
i i
“book2” — 2013/5/24 — 8:18 — page 351 — #371
i i
Thus, .z/ is the exponent of the highest power of dividing z: Some treatments define
.0/ to be 1, but we
.z/ D n if and only if z D n z 0 and − z 0 : won’t do that here. Also, a
valuation can be defined
Put another way, .z/ j z and .z/C1 − z. in an analogous way for
For example, ./ D 1, .!/ D 0, and .3/ D 2; in Example 8.31, we saw any prime q in a UFD; just
replace by q.
that .61 !/ D 1. Indeed, .u/ D 0 for every unit u.
The valuation enjoys some properties that come from the properties of
exponentiation. The next proposition reminds us of Exercise 2.15 on page 59.
Proposition 8.36. If z; w are nonzero elements of ZŒ!, then

(i) .zw/ D .z/ C .w/.
(ii) If n is a nonnegative integer, then .z n / D n .z/.
(iii) .z ˙ w/ minf.z/; .w/g and if .z/ ¤ .w/ then
.z ˙ w/ D minf.z/; .w/g:
Proof. This is Exercise 8.30 on page 358.
How to Think About It. Most proofs of the theorem for exponent 3 are
broken into two parts: the first case in which 3 doesn’t divide x, y, or z, and
the second case in which 3 does divide one of them. We’ll follow this program
and treat the two cases in turn. There are many proofs in the literature; our
proof of the first case is not the easiest (see Exercise 8.31 on page 358 for a
fairly simple alternative approach), but we choose it because it generalizes to
a proof of the first case for any odd prime exponent p when ZŒp has unique
factorization (see Chapter 1 of [36] for the details). Our proof of the second
case is based on the development in Chapter 17 of [17].
The First Case

The main result of this section is that there are no positive integers x; y; z with
gcd.x; y/ D 1 and 3 − xyz such that
x3 C y3 D z3 :
Assuming x and y are relatively prime is no loss in generality: a prime factor

of x and y is a prime factor q of z, both sides can be divided by q 3 , preserv-
ing the relationship; hence, infinite descent would apply. The proof will be by
contradiction, and it will depend on the following lemma.
Lemma 8.37. If x, y, and z are integers such that 3 − xyz, gcd.x; y/ D 1,

and x 3 C y 3 D z 3 ; then the Eisenstein integers As we said on page 349,
this relatively prime condi-
x C y; x C !y; x C !2 y tion leads fairly directly to
the desired proof.
are pairwise relatively prime in ZŒ!.
Proof. Suppose that is a prime in ZŒ! that divides two of the three integers,
say
j x C !i y and j x C ! j y;
i i
“book2” — 2013/5/24 — 8:18 — page 352 — #372
i i
where 0 i < j 2. Then divides the difference

.x C ! i y/ .x C ! j y/ D ! i y 1 !j i
But, by Exercise 8.21(ii) on page 349, 1 !j i

is an associate of D 1 !,
so that divides
uy .1 !/ ;
where u is some unit in ZŒ!. Hence, by Euclid’s Lemma, j y or D
1 ! D . Similarly,

j !j x C !i y !i x C !j y D !i x !j i 1 :
And, because ! j i 1 and 1 ! are associates, we have j x or D 1 ! D
. Hence, if ¤ , then j x and j y. This implies that x and y have a
common factor in ZŒ!; thus, by Proposition 8.34, they have a common factor
in Z, contradicting the assumption that x and y are relatively prime. So D .
Because x C y .x C ! i y/ D y.1 ! i / 0 mod ,
x C y x C ! i y mod :
We are assuming that x C ! i y 0 mod ; thus, Lemma 8.35 implies that
x C y 0 mod 3 in Z. But then,
z3 D x3 C y3
x C y mod 3 (Fermat’s Little Theorem)
0 mod 3I
that is, 3 j z, which contradicts the hypothesis 3 − xyz.
The hard work is done.
Proposition 8.38 (First Case for Exponent 3). There are no positive integers
x; y; z with gcd.x; y/ D 1 and 3 − xyz such that
x3 C y3 D z3: (8.7)
Proof. Suppose, on the contrary, that we have positive integers x; y; z as in the

statement. Factoring the left-hand side of Eq. (8.7), we have
.x C y/.x C !y/.x C ! 2 y/ D z 3 :
Lemma 8.37 guarantees that the three factors on the left-hand side are relatively
prime. Hence, by unique factorization in ZŒ!, each is a unit times a cube in
that ring (if ˇ is a prime divisor of any factor, say ˇ j x C !y, then ˇ j z 3 and,
by Euclid’s Lemma, ˇ j z. Hence, ˇ 3 j .x C !y): there exists an Eisenstein
integer s such that
x C !y D ˙! i s 3 ;
where ˙! i is one of the six units in ZŒ! (i is 0, 1, or 2). We want to look at
the equation mod 3. Suppose that s D a C b! with a; b 2 Z. Then
s 3 D a3 C 3a2 b! C 3ab 2 ! C b 3 ! 3
D a3 C 3a2 b! C 3ab 2 ! C b 3
a3 C b 3 mod 3I
i i
“book2” — 2013/5/24 — 8:18 — page 353 — #373
i i
hence, Recall that ˛ ˇ mod 3

means that there is
x C !y ˙! i n mod 3; (8.8) ı 2 ZŒ! with 3ı D ˛ ˇ .
where n is a rational integer.

It follows (see Exercise 8.22 on page 349) that
x C !y ˙! i n mod 3:
1
But ! D ! , so that
1
xC! y ˙! i n mod 3: (8.9)
Eqs. (8.8) and (8.9) can be rewritten as:

i
! .x C !y/ ˙n mod 3

! x C ! 1 y ˙n mod 3I
i
hence,
i

! .x C !y/ ! i x C ! 1
y mod 3:
Multiplying by ! i gives

x C !y ! 2i x C ! 1
y mod 3;
and so
x C !y ! 2i x ! 2i 1
y 0 mod 3: (8.10)
We claim, for each possible value of i , namely 0, 1, or 2, that Eq. (8.10) leads
to a contradiction.
(i) i D 0: Eq. (8.10) becomes
1
x C !y x ! y 0 mod 3I
that is,

1
! y 0 mod 3:
!
Multiplying both sides by ! 2 gives
.1 !/ y 0 mod 3I
that is, there is some ˛ 2 ZŒ! with y D 3˛. But 3 D ! 2 2 , by

Eq. (8.6), so canceling gives y D ! 2 ˛. Thus, j y in ZŒ!, so that
3 j y in Z, by Lemma 8.35. This contradicts the hypothesis 3 − xyz.
(ii) i D 1: Eq. (8.10) becomes
x C !y !2 x !y 0 mod 3:
Thus, the !y’s drop out, and there is ˛ 2 ZŒ! with x.1 ! 2 / D 3˛.
But 1 ! 2 D i , by Exercise 8.21 on page 349, and so xi D ! 2 2 ˛.
Hence, j x in ZŒ!, and Lemma 8.35 gives 3 j x in Z, another contra-
diction.
i i
“book2” — 2013/5/24 — 8:18 — page 354 — #374
i i
(iii) i D 2: Eq. (8.10) becomes

x C !y !4 x ! 3 y 0 mod 3:
The left-hand side simplifies to x !x D x, because ! 3 D 1. As in

parts (i) and (ii), this leads to 3 j xyz, which is a contradiction.
We conclude that there is no solution to x 3 C y 3 D z 3 of the desired type.
Gauss’s Proof of the Second Case

Gauss gave an elegant proof of the second case of Fermat’s Last Theorem for
exponent 3, and we’ll present it here. It turns out to be convenient to prove a
This is another example more general result. The object of this section is to prove the following theo-
where it’s easier to do rem.
things in more generality.
The reason for introducing There are no Eisenstein integers u; x; y; z with xyz ¤ 0, u a unit, and 3 a
u comes from the fact that factor of exactly one of x; y, z, such that
we allow x, y, and z to
be elements of ZŒ!, so x 3 C y 3 D uz 3 :
arithmetic statements are
true up to unit factors. The proof, which will use infinite descent, is a consequence of several lem-
mas and propositions. To start with, we can assume, for u; x; y; z as in the
statement, that x, y, and z are not all divisible in ZŒ! by D 1 ! (otherwise
there’s a contradiction, for 3 is a divisor in Z of x, y, and z, by Lemma 8.35).
We’ll first prove the theorem in case − xy but j z. Since x and y are in-
terchangeable in the hypothesis, the remaining case is − yz but j x. We’ll
see that the theorem is an easy consequence of this.
Example 8.32 shows that every Eisenstein integer ˛ is congruent mod to
0, 1, or 1. In particular, if − ˛, then
˛ ˙1 mod :
Gauss’s proof requires a lemma that shows how an “extra ” sneaks into the
cube of this congruence.
Lemma 8.39. If ˛ is an Eisenstein integer for which − ˛, then

˛ 3 ˙1 mod 4 :
Proof. Let’s first consider the case ˛ 1 mod ; say

˛ D 1 C ˇ
for some ˇ 2 ZŒ!. Substitute this into the usual factorization in ZŒ!:
˛3 1 D .˛ 1/.˛ !/.˛ ! 2 /:
Rewrite the first factor on the right-hand side: ˛ 1 D 1 C ˇ 1 D ˇ.

Next, since 1 ! D , we can rewrite the second factor:
˛ ! D 1 C ˇ ! D C ˇ D .1 C ˇ/:
Now rewrite the third factor, using Exercise 8.21 on page 349, which says that
1 ! 2 D ! 2 :
˛ ! 2 D 1 C ˇ ! 2 D ˇ ! 2 D .ˇ ! 2 /:
i i
“book2” — 2013/5/24 — 8:18 — page 355 — #375
i i
Therefore,
˛3 1 D 3 ˇ.1 C ˇ/.ˇ ! 2 /: (8.11)
Example 8.32 shows that ˇ is 0, 1, or 1 mod . In each of these cases,

we’ll see that there’s an extra factor of in the expression on the right-hand
side of Eq. (8.11). If ˇ 0 mod for some ˇ 0 2 ZŒ!, then ˇ D ˇ 0 , and the
expression begins 4 ˇ 0 . If ˇ 1 C ˇ 0 , then the middle factor 1 C ˇ equals
ˇ 0 , which contributes an extra . If ˇ D 1 C ˇ 0 , then Exercise 8.21 says that
1 ! 2 D ! 2 , and the last factor on the right-hand side becomes
ˇ ! 2 D 1 C ˇ 0 !2
D1 ! 2 C ˇ 0
D ! 2 C ˇ 0
D . ! 2 C ˇ 0 /:
Therefore, if ˛ 1 mod , then ˛ 3 1 is a multiple of 4 ; that is, ˛ 3

1 mod 4 .
The remaining case ˛ 1 mod is now easy. We have ˛ 1 mod ,
so that
. ˛/3 1 mod 4 ;
and so ˛ 3 1 mod 4 .
Gauss used infinite descent on .z/ and showed (as we will shortly) that if
there was a solution to x 3 C y 3 D uz 3 of the desired type, then one could find
another solution .x 0 ; y 0 ; z 0 / of the same type with .z 0 / < .z/. Iterating this
process will eventually contradict the next lemma.
Lemma 8.40. Suppose x 3 C y 3 D uz 3 for nonzero Eisenstein integers x, y,

z. If − xy and j z, then 2 j z.
Proof. Since − xy, Euclid’s Lemma in ZŒ! says that − x and − y, and
so Lemma 8.39 applies to say that both x 3 and y 3 are congruent to ˙1 mod 4 .
Hence, reducing x 3 C y 3 D uz 3 mod 4 yields
.˙1/ C .˙1/ uz 3 mod 4 :
The left-hand side of these congruences is one of 0, 2, or 2. Since j z and Note that j z implies that
− 2 (why?), we see that ˙2 are impossible. Thus, 0 uz 3 mod 4 , so that .z/ 1.
4 j z 3 and .z 3 / D 3.z/ 4. But .z) is an integer; hence, .z/ 2 and
2 j z.
Here’s the main piece of the puzzle: the key step for infinite descent. Before we dig into the
proof, think about why
Proposition 8.41. Suppose that u is a unit in ZŒ! and x 3 C y 3 D uz 3 for this result, combined with
Lemma 8.40, implies
Eisenstein integers x; y; z with − xy and j z. Then there exists a unit u0 that there is no solution
and x 0 , y 0 ; z 0 2 ZŒ! with − x 0 y 0 and .z 0 / D .z/ 1, such that to x 3 C y 3 D uz 3 in
Eisenstein integers with
3 3 3
x0 C y0 D u0 z 0 : − xy and j z.
i i
“book2” — 2013/5/24 — 8:18 — page 356 — #376
i i
Proof. Given x; y; z as in the statement, we factor x 3 C y 3 to get

.x C y/.x C y!/.x C y! 2 / D uz 3 : (8.12)

Lemma 8.40 implies that 2 j z so that uz 3 6. Hence at least one
factor on the left-hand side of the above equation is divisible by 2 . Because
x, y, and z are Eisenstein integers, we can replace y by y! or y! 2 without
changing the equation or the claim of the proposition. Hence we can assume,
Recall the role of the factor without loss of generality, that 2 j x C y; that is, .x C y/ 2.
x C y in the proof of the Now,
first case.
x C y! D .x C y/ .1 !/y D x C y y
and, since − y, we have .y/ D 1. Hence, .x C y!/ D 1, by Proposi-
tion 8.36(iii). Similarly, .x C y! 2 / D 1. So, applying to Eq. (8.12) and
using Proposition 8.36, we have:

3.z/ D .x C y/ C .x C y!/ C x C y! 2
D .x C y/ C 1 C 1;
so that
.x C y/ D 3.z/ 2:
For convenience, let’s call the right-hand side k:
k D 3.z/ 2: (8.13)
The factors on the left-hand side of Eq. (8.12) are each divisible by . We
claim that they can’t have any other common factors. To see this, suppose that
is a prime in ZŒ!, ¤ . If divided x C y and x C y!, then it would
divide their difference, which is y. By Euclid’s Lemma, j y, but then j x,
contradicting the fact that gcd.x; y/ D 1. Hence
gcd.x C y; x C y!/ D :
The same reasoning shows that the gcd of each of the other pairs of factors
is .
Putting all this together, we have the following equation in ZŒ!:
z 3
xCy x C y! x C y! 2
D u ; (8.14)
k .z/
where the three factors on the left-hand side are relatively prime [remember
Eq. (8.13): 3.z/ D k C 2].
Now invoke unique factorization in ZŒ!: the right-hand side of Eq. (8.14)
is a cube, and the left-hand side is a product of three relatively prime factors
(each having no factor ). Hence, each is a cube and, more precisely, there are
units u1 ; u2; u3 and Eisenstein integers z1 ; z2; z3 with
xCy
D u1 z13 and − z1 ,
k
x C y!
D u2 z23 and − z2 ,

x C y! 2
D u3 z33 and − z3 .

i i
“book2” — 2013/5/24 — 8:18 — page 357 — #377
i i
Clearing fractions, it follows that

x C y D u1 k z13 where − z1 ;
x C y! D u2 z23 where − z2 ;
2
x C y! D u3 z33 where − z3 :
Multiply the second of these equations by !, the third by ! 2 , and add them to
the first to obtain
0 D u1 k z13 C u2 ! z23 C u3 ! 2 z33 :
Divide both sides by :
0 D u1 k 1
z13 C u2 ! z23 C u3 ! z33 :
We’re almost there. Letting v1 D u1 , v2 D u2 !, and v3 D u3 ! 2 , we have Note that v1 , v2 , and v3
are all units.
v2 z23 C v3 z33 D v1 k 1 3
z1 :
Recalling that k D .z/ 2, this can be written as
3
v2 z23 C v3 z33 D v1 .z/ 1 z1 ; where − z1 z2 z3 . (8.15)
Divide both sides by v2 , relabel everything, and we have the equation

3 3 3
x0 C v y0 D v0 z0 ;
where − x 0 y 0 , v and v 0 are units, and .z 0 / D .z/ 1. Now 2 divides
the right-hand side of the equation, by Lemma 8.40, so reducing the equation
mod 2 yields
.˙1/ C .˙v/ 0 mod 2 :
Once again, trying all six Eisenstein units and all possible signs, you can check
that v D ˙1. Replacing y 0 by y 0 if necessary, we have
3 3 3
x0 C y0 D v0 z0 ;
where − x 0 y 0 and .z 0 / D .z/ 1, and this is what we wanted to show.
Proposition 8.42. There are no Eisenstein integers u; x; y; z with u a unit,

− xy, and j z, such that
x 3 C y 3 D uz 3 :
Proof. Suppose such elements u; x; y; z exist. Repeated use of Proposition 8.41

shows that there are elements u0 ; x 0 ; y 0 ; z 0 with .z 0 / < 2. But Lemma 8.40 Once again, we use infinite
says that this is impossible. descent.
It remains to settle the case where j yz. If you’ve held on this long,
there’s a relatively simple finish: Given Eisenstein integers u; x; y; z with u a
unit, j x, and − yz and
x 3 C y 3 D uz 3 I
reduce mod 2 to obtain ˙1 u mod 2 . A check shows that u D ˙1. But See Exercise 8.25 on
then page 349.
.˙z/3 C . y/3 D x 3 ;
and we can apply Proposition 8.41.
This establishes Gauss’s Theorem.
i i
“book2” — 2013/5/24 — 8:18 — page 358 — #378
i i
Theorem 8.43 (Gauss). There are no Eisenstein integers u; x; y; z with u

a unit, xyz ¤ 0, and 3 a factor of exactly one of x; y, and z, such that
x 3 C y 3 D uz 3 :
Proof. Since j 3, the hypothesis in Proposition 8.42 that is a factor of

exactly one of x, y, and z implies that 3 is a factor of exactly one of x, y, and
z.
After all this work, we have, as a simple corollary, what we wanted in the
first place.
Theorem 8.44 (Fermat’s Last Theorem for Exponent 3). There are no pos-
itive integers x, y, z such that x 3 C y 3 D z 3 .
Proof. Since j 3, Proposition 8.38 and Theorem 8.43 (with u D 1) cover all
the possible cases for x, y, z.
Proving Fermat’s Last Theorem for a given exponent n was split into two
cases, as we have just seen for n D 3; the second case was also divided into
two parts. The first case for all n < 100 was proved, around 1806, by Germain.
In 1825, Legendre proved one part of the second case for n D 5, while Dirich-
let proved the other part. In 1839, Lamé proved Fermat’s Last Theorem for
exponent n D 7. The level of difficulty increased with the exponent. It was not
until Kummer that many exponents were completely settled simultaneously.
Exercises
8.29 Show that none of the six units u in ZŒ! is congruent mod to 0, 2, or 2. (As
usual, D 1 !.)
8.31 Without using Proposition 8.38, show that there are no integers x, y, z with
3 − xyz such that x 3 C y 3 D z 3 mod 9. This exercise gives an alternative proof
of Proposition 8.38.
8.32 Show that there are no integers x, y, z with 5 − xyz such that x 5 C y 5 D
z 5 mod 25. This exercise implies Fermat’s Last Theorem for exponent 5 in the
case that 5 − xyz.
8.33 Are there any integers x; y; z with 7 − xyz such that x 7 C y 7 D z 7 mod 49?
8.34 (i) Sketch the graph of x 3 C y 3 D 1.
(ii) Show that the only rational points on the graph are .1; 0/ and .0; 1/.
8.35 Take It Further. Let G be the graph of x 3 C y 3 D 9.
(i) Sketch G.
(ii) Find the equation of the line ` tangent to G at .2; 1/.
(iii) Find the intersection of ` and G.
(iv) Show that there are infinitely many triples of integers .x; y; z/ such that
x 3 C y 3 D 9z 3 :
i i
“book2” — 2013/5/24 — 8:18 — page 359 — #379
i i
8.4 Approaches to the General Case 359
8.4 Approaches to the General Case

Almost all attempts to prove there are no positive integers x; y; z satisfying
x p C y p D z p , where p is an odd prime, divided the problem in half. The first
case assumes that gcd.x; y/ D 1 and p − xyz; the second case assumes that
exactly one of x, y, and z is divisible by p.
Our choice of proof for exponent 3 contains some of the main ingredients
of a proof of the first case for any odd prime p, provided that the ring ZŒp ,
where p D cos.2=p/ C i sin.2=p/, is a UFD. Once again, this is based on
the factorization in Exercise 3.50 on page 115:
x p C y p D .x C y/.x C p y/ : : : .x C pp 1
y/ (8.16)
The basic idea is to use the fact, in a UFD, that if a product of relatively prime
elements is a pth power, then each of its factors is also a pth power. The proof
is more complicated for large p because, while ZŒ3 D ZŒ! has only six
units, the ring ZŒp for p > 3 may have infinitely many units. As we saw
in the proof of Proposition 8.38, much of the argument depends on a careful
analysis of how units enter into the calculations.
The commutative rings ZŒp are called rings of cyclotomic integers, and
investigating them has played an important part of the story of Fermat’s Last
Theorem, well into the 20th century. We’ll start this section with a brief sketch
of arithmetic in ZŒp , pointing to some major results, perhaps without proof,
that generalize results we’ve already established for ZŒ!.
After that, we’ll sketch the work of Kummer that deals with the situation
when unique factorization fails. While these efforts didn’t lead him to a proof
of Fermat’s Last Theorem, they did lead to some ideas that have had real stay-
ing power in algebra. One of them is his introduction of ideals as an important
structural component of a commutative ring (Kummer called them divisors),
not merely as subsets that happen to arise, say in studying gcd’s. Another im-
portant idea is that of class number, a measure of how far off ZŒp is from
having unique factorization.
Here is a biography of Kummer we have adapted from that given in the
history archives of the School of Mathematics and Statistics of the University
of St. Andrews in Scotland.
Ernst Eduard Kummer was born in Sorau, Prussia, in 1810. He entered the
University of Halle in 1828 with the intention of studying Protestant theology,
but he received mathematics teaching as part of his degree which was designed
to provide a proper foundation to the study of philosophy. Kummer’s mathe-
matics lecturer H. F. Scherk inspired his interest in mathematics, and Kummer
soon was studying mathematics as his main subject.
In 1831 Kummer was awarded a prize for a mathematical essay he wrote on
a topic set by Scherk. In the same year he was awarded his certificate enabling
him to teach in schools and, on the strength of his prize-winning essay, he
was awarded a doctorate. In 1832, Kummer was appointed to a teaching post Joachimsthal was famed
at the Gymnasium in Liegnitz, now Legnica in Poland. He held this post for for the high quality of his
ten years, where he taught mathematics and physics. Some of his pupils had lectures. His colleagues
in Berlin included many
great ability and, conversely, they were extremely fortunate to find a school
famous mathematicians
teacher of Kummer’s quality and ability to inspire. His two most famous pupils such as Eisenstein, Dirich-
were Kronecker and Joachimsthal and, under Kummer’s guidance, they began let, Jacobi, Steiner, and
mathematical research while at school, as did Kummer himself. He published Borchardt.
i i
“book2” — 2013/5/24 — 8:18 — page 360 — #380
i i
a paper on hypergeometric series in Crelle’s Journal in 1836, which he sent to

Jacobi, and this led to Jacobi, and later Dirichlet, corresponding with Kummer.
In 1839, although still a school teacher, Kummer was elected to the Berlin
Academy on Dirichlet’s recommendation. Jacobi now realized that he had to
find Kummer a university professorship.
In 1842, with strong support from Jacobi and Dirichlet, Kummer was ap-
pointed a full professor at the University of Breslau, now Wroclaw in Poland,
where he began research in number theory. In 1855, Dirichlet left Berlin to
succeed Gauss at Göttingen, and he recommended that Berlin offer the va-
cant chair to Kummer, which they did. The clarity and vividness of Kummer’s
presentations brought him great numbers of students—as many as 250 were
counted at his lectures. Kummer’s popularity as a professor was based not
only on the clarity of his lectures but on his charm and sense of humor as well.
Moreover, he was concerned for the well-being of his students and willingly
aided them when material difficulties arose.
During Kummer’s first period of mathematics, he worked on function the-
ory. He extended Gauss’s work on hypergeometric series, giving developments
that are useful in the theory of differential equations. He was the first to com-
pute the monodromy groups of these series. In 1843 Kummer, realizing that at-
tempts to prove Fermat’s Last Theorem broke down because the unique factor-
ization of integers did not extend to other rings of complex numbers, attempted
to restore the uniqueness of factorization by introducing “ideal” numbers. Not
only has his work been most fundamental in work relating to Fermat’s Last
Theorem, since all later work was based on it for many years, but the con-
cept of an ideal allowed ring theory, and much of abstract algebra, to develop.
The Paris Academy of Sciences awarded Kummer the Grand Prize in 1857 for
this work. Soon after, he was elected to membership of the Paris Academy of
Sciences and then, in 1863, he was elected a Fellow of the Royal Society of
London. Kummer received numerous other honors in his long career; he died
in 1893.
Cyclotomic integers
We shall assume throughout this section that p is an odd prime and D p D
cos.2=p/ C i sin.2=p/. Recall some facts about Q./.
(1) irr.; Q/ D ˆp .x/ D 1 C x C x 2 C C x p 2 C x p 1
(Theorem 6.68
and Exercise 7.31 on page 300).

(2) Q.p / W Q D p 1 (Exercise 7.32 on page 300).
(3) x p 1 D .x 1/.x /.x 2 / : : : .x p 1
/ (Exercise 6.46(i) on
page 269).

(4) Q./ Š QŒx= ˆp .x/ (Theorem 7.25(i)).
We recall Proposition 7.20(v), which we now state as a lemma for your

convenience.
Lemma 8.45. Let p be an odd prime and D p be a pth root of unity. A

basis for Q./ as a vector space over Q is
B D 1; ; 2; : : : ; p 2
:
i i
“book2” — 2013/5/24 — 8:18 — page 361 — #381
i i
Pp 2
The ring ZŒ Q./ is thus the set of all linear combinations i D0 ai i
with ai 2 Z. It shares many of the algebraic properties of the Gaussian and
Eisenstein integers except, alas, it is not always a UFD (more about this in
the next section). But there are analogs for the laws of decomposition that we
developed in ZŒi and in ZŒ!. Recall, for example, that there is equality of
ideals in ZŒi :
.2/ D .1 i /2 ;
and also in ZŒ!,
.3/ D .1 !/2 :
It turns out that the ideal .p/ ramifies in ZŒ in a similar way. Let’s look into
this.
Lemma 8.46. If p is an odd prime and D p is a pth root of unity, then

p 1
Y
pD .1 k /:
kD1
Proof. Since x p 1 D .x 1/.x /.x 2 / : : : .x p 1

/, we have
p
Y1
xp 1
D .x k /:
x 1
kD1
p
But .x 1/=.x 1/ D ˆp .x/ D 1 C x C C x p 1
; so that
p
Y1
p 1
1Cx CCx D .x k /:
kD1
Now put x D 1.
Lemma 8.46 gives a factorization of p in ZŒ into p factors. Our next goal
is to show that the factors are all associates.
Proposition 8.47. If s; t 2 N and p − st, then 1 s and 1 t are associates

in ZŒ.
1
Proof. In the field Fp , let t D r s, so that t r s mod p. Then t r D s
(why?), and so
1 s 1 t r
t
D
1 1 t
r
1 t
D
1 t
2 r 1
D 1 C t C t C C t :
Hence, .1 t /=.1 s / 2 ZŒ, and
.1 t / j .1 s /
in ZŒ. A similar argument shows that .1 s / j .1 t / in ZŒ. It follows
from Proposition 6.6 that 1 s and 1 t are associates in ZŒ.
i i
“book2” — 2013/5/24 — 8:18 — page 362 — #382
i i
As an immediate consequence, we can generalize the fact that there is equal-

ity of ideals: .3/ D .1 !/2 .
The next result says that p ramifies in ZŒ.
Corollary 8.48. In ZŒ, there is a unit u such that
p D u.1 /p 1
;
which gives a factorization of ideals
.p/ D .1 /p 1
:
Proof. Lemma 8.46 shows, as elements of ZŒ, that

p
Y1
pD .1 k / D .1 / 1 2 : : : 1 p 1
: (8.17)
kD1
Proposition 8.47 shows that there is a unit uk (2 k p 1) so that
1 k D uk .1 /:
Factoring out the units from Eq. (8.17) and writing their product as u, we see
that
p D u.1 /p 1
:
Hence, we have equality of ideals in ZŒ:
.p/ D .1 /p 1
:
Corollary 8.49. If s; t 2 N and p − st, then
1 s
1 t
is a unit in ZŒ.
Proof. Since 1 s and 1 t are associates, there is a unit u in ZŒ with

1 s D u.1 t /, so .1 s /=.1 t / D u.
How to Think About It. Since p D 1, every integer power of occurs

among
1; ; 2 ; :::; p 1
:
s
In particular, if 1 s p 1, then D p s
. We can calculate in ZŒ by
calculating in
ZŒx=.x p 1
C xp 2
C C 1/:
This allows us to use a CAS to do calculations and then to translate to ZŒ via
the map f .x/ 7! f ./.
i i
“book2” — 2013/5/24 — 8:18 — page 363 — #383
i i
There are other units in ZŒ that are real numbers; Corollary 8.49 gives a
way to produce them.
Proposition 8.50. The real number

1 2
C D 2 cos
p
is a unit in ZŒ.
Proof. Exercise 6.46 on page 269 shows that, in ZŒŒx,

x p C 1 D .x C 1/.x C /.x C 2 / .x C p 1
/:
1
Put x D to find that
p
1 C 1 D . 1 C 1/. 1
C /. 1
C 2 / . 1
C p 1
/: (8.18)
The second factor on the right-hand side of Eq.(8.18) is the focus of the
p
proposition. The left-hand side is 2 (because 1 D 1). Finally, the last
factor on the right-hand side is
1 1 1 C p 2
C p 1
D C p 1
D D D 2 p 1
:

Hence
2 D 2 p 1
. 1
C 1/. 1
C /. 1
C 2 / . 1
C p 2
/:
1
Dividing both sides by 2, we see that C is a unit; in fact, its inverse is:

1 D 1 C p 1 . 1 C 1/. 1 C 2 / . 1 C p 2 / :
1
(The last equation gives us other units besides C .)
Further results. This is just the beginning.

Corollary 8.48 is a piece of a law of decomposition in ZŒ. In ZŒ!, rational
primes either stay prime, split, or ramify (and 3 is the only ramified prime).
In ZŒp for p > 3, rational primes can decompose in other ways, but it’s
still true that the way a prime decomposes depends only on its congruence It follows that if
class mod p. Indeed, if q is a prime and f is the smallest integer such that q 1 mod p, then q “splits
q f 1 mod p, then q spits into f prime factors in ZŒ. This lovely theory completely” into p 1
factors in ZŒ. What does
is detailed in [5] Chapter 3 and [36] Chapter 2. this say in ZŒ! (when
Corollary 8.49 and Proposition 8.50 show how to build units in ZŒ. This is p D 3)?
a piece of a complete classification of units in cyclotomic integers: Kummer
proved that every unit in ZŒ is a product s for some integer s, where
2 R D ZŒ C 1 (for a proof, see [36], p.3). Since
1
C D 2 cos.2=p/ 2 R;
R is a subring of R, and every unit in ZŒ is
the product of a power of and
p
a real unit of ZŒ. For p D 3, D ! D 21 1 C i 3 and
1
C D 1:
Hence R D Z, and every unit is a power of ! times a unit in Z, namely ˙1;
this recovers the result from Exercise 4.45 on page 165.
i i
“book2” — 2013/5/24 — 8:18 — page 364 — #384
i i
The results in this section set the stage for a proof of Fermat’s Last Theorem,
along the same lines as our proof of the theorem for exponent 3, for arbitrary
prime exponents p, as long as ZŒp has unique factorization. Kummer did
exactly this, for both cases of the theorem (a detailed historical account is
in [23]). As in the case p D 3, the key players are Eq. (8.16), the prime D
1 , and the units s where is a real unit in ZŒ. We leave the story here,
pointing to [5] Chapter 3 for the rest of the technical details.
Exercises
8.36 As usual, let D cos.2=p/ C i sin.2=p/, where p is a rational prime.

(i) Show that Q./ W Q C 1 D 2, and find

1
irr.; Q C :
1

(ii) What is Q C WQ ?
8.37 (i) Experiment with various values of p and calculate
pY1
1 C pi :
i D1
(ii) Find a general formula (for any prime p) for
pY1
1 C pi :
i D1
8.38 For 1 s p 1 (p a prime), show that
ps C p s
is a unit in ZŒp . Is ps C p s a real number?
8.39 In ZŒx= .ˆ5 .x//, calculate

(i) x 4 x 4 C 1 x 4 C x 2 x 4 C x 3

(ii) x C x 4 x 3 C x 2

(iii) x C x 4 .1 C x/.
8.40 In ZŒ5 , calculate

(i) 4 4 C 1 4 C 2 4 C 3

(ii) C 4 3 C 2

(iii) C 4 .1 C /.
8.41 Write 1 C 5 as the product of a power of 5 and an element of Z.5 C 5 1 /.
8.42 Show that
1 53 sin.3=5/
5 1 D :
1 5 sin.=5/
i i
“book2” — 2013/5/24 — 8:18 — page 365 — #385
i i
Kummer, Ideal Numbers, and Dedekind

It is natural to think that the rings ZŒp are UFDs, as evidenced by the num-
ber of mathematicians in the 17th, 18th, and 19th centuries who assumed it.
Indeed, it’s true for all primes less than 23, but ZŒ23 does not enjoy unique
factorization ([23], p.7). How could so many not know this? It may seem that
23 is not that large, but the calculations in rings of cyclotomic integers are
hefty, even with computers. Imagine the stamina required to calculate by hand
with polynomials of degree 22 in 23 . Some of Kummer’s tour-de-force cal-
culations are recounted in [11] Chapter 4. The proof that unique factorization
fails in ZŒ23 is technical (again, see
p [11], Chapter 4, but the essential idea can
be illustrated in the ring R D ZŒ 5 This is a perfectly good commutative
ring (of course, R is not a ring of cyclotomic integers):
p
R D ZŒ 5 Š ZŒx= x 2 C 5 :
p
If we let ˛ D 5, then elements of R can be written as aCb˛ with a; b 2 Z.
If z D a C b˛, then its complex conjugate is, as usual, z D a b˛. Just as
in Gaussian and Eisenstein integers, we can take norms: N.z/ D z z, and we
have
N.a C b˛/ D .a C b˛/.a b˛/ D a2 C 5b 2 :
The usual properties of norm hold in R: it is multiplicative, the norm of a unit

is 1, and conjugates have the same norm (Exercise 8.43 below).
There are two factorizations of 6 in R:
p p
6 D 2 3 D .1 C 5/.1 5/:
We claim that they are essentially different ways to factor 6 into primes. Let’s
see why.
p
Lemma 8.51. (i) The rational integers 2 and 3 are prime in R D ZŒ 5.
(ii) 1 C ˛ and 1 ˛ are prime in R.
Proof. (i) If 2 D zw for non-units z and w, then
4 D N.zw/ D N.z/ N.w/:
By the Fundamental Theorem in Z (and the fact that neither z nor w is a

unit, so that neither has norm 1), N.z/ would be a proper factor of 4, that
is N.z/ D 2. But 2 can’t be written as a2 C 5b 2. The proof for 3 uses
exactly the same idea.
(ii) If 1 C ˛ D zw for non-units z and w, then
6 D N.1 C ˛/ D N.z/ N.w/:
By the Fundamental Theorem in Z (and the fact that neither z nor w is a

unit), N.z/ would be a proper factor of 6, say N.z/ D 2. But 2 can’t be
written as a2 C 5b 2 . The proof for 1 ˛ uses exactly the same idea.
So, we have two factorizations of 6 into primes in R. We’ve seen in other

rings that different-looking factorizations are really the same up to unit factors.
i i
“book2” — 2013/5/24 — 8:18 — page 366 — #386
i i
But that doesn’t happen here because neither 2 nor 3 is associate to 1 C ˛, for
neither has norm 6 D N.1 C ˛/. We have a problem!
Kummer was working on methods for factoring cyclotomic integers (not,
as it turns out, towards a proof of Fermat’s Last Theorem, but towards another,
related question). He devised a way to think about our problem that actually
shows up in elementary school when children think that 14 15 and 10 21
are different factorizations of 210. The students are not going far enough in
their factorizations: if they write
14 D 2 7 and 15 D 3 5;
they see that the “other” factorization is just a rearrangement of the prime
factors of 14 15:
10 D 2 5 and 21 D 3 7:
Now, our problem is different in the sense that we already have prime factor-
izations. But Kummer’s idea was to imagine some “ghost factors” for each of
2, 3, 1 C ˛, and 1 ˛, sort of “super primes” behind the scenes, that could be
rearranged to produce the different factorizations. Kummer called these ideal
numbers or divisors, and he imagined there was a further factorization into
ideal numbers J1 ; J2 ; J3; J4 :
2 D J1 J2
3 D J3 J4
1 C ˛ D J1 J3
1 ˛ D J2 J4 :
Kummer knew that no such Ji existed in R, but he was able to model these
ghost factors, not as elements of R but as “lists” of elements, each list contain-
ing the non-associate divisors of 2, 3, 1 C ˛, and 1 ˛. And he developed a
theory extending R to a new system R0 in which there was unique factorization
Actually, Kummer consid- into ideal numbers. Later, Dedekind refined Kummer’s ideas, recasting ideal
ered rings of cyclotomic numbers into what we nowadays call ideals, a notion, as we’ve seen in this
integers. We’re using R
book, that has utility far beyond investigations into Fermat’s Last Theorem.
here just for the sake of
example. We’ll use the contemporary notion of ideal to continue our story.
The basic idea is that products of elements are replaced by products of ide-
Exercises 5.51 and 5.52 als. In a PID, nothing new is added, because there’s a bijection between ring
on page 220 define the
elements (up to associates) and principal ideals (Exercise 5.51(ii) on page 220).
product of two ideals and
develop the properties of But rings that are not UFDs are not PIDs (Theorem 6.50), so there’s a larger
the multiplication. stash of ideals that can enter into factorizations.
p
Example 8.52. We’ve seen, in R D ZŒ˛, where ˛ D 5, that
6 D 2 3 D .1 C ˛/.1 ˛/:
The ghost factors that will resolve our problem are ideals in R generated by
two elements:
J1 D .2; 1 C ˛/ D f2a C b.1 C ˛/ W a; b 2 Rg
J2 D .2; 1 ˛/ D f2a C b.1 ˛/ W a; b 2 Rg
J3 D .3; 1 C ˛/ D f3a C b.1 C ˛/ W a; b 2 Rg
J4 D .3; 1 ˛/ D f3a C b.1 ˛/ W a; b 2 Rg:
i i
“book2” — 2013/5/24 — 8:18 — page 367 — #387
i i
We claim that
.2/ D J1 J2
.3/ D J3 J4 Note that these equations
are equalities of ideals, not
.1 C ˛/ D J1 J3 numbers.
.1 ˛/ D J2 J4 :
The verifications all use the same method, so we’ll carry it out for the first case
only, leaving the rest for you as Exercise 8.45 below.
Let’s show that .2/ D J1 J2 . Now the product of two ideals I and J is
the set of all linear combinations of products r s where r 2 I and s 2 J
(Exercise 5.51 on page 220). So, J1 J2 D .2; 1 C ˛/.2; 1 ˛/ is the set of all
linear combinations of the form (recall that .1 ˛/.1 C ˛/ D 6):
a.2 2/ C b .2.1 ˛// Cc .2.1 C ˛// C d.1 C ˛/.1 ˛/
D 4a C 2b.1 ˛/ C 2c.1 C ˛/ C 6d;
where a; b; c; d 2 R. Well,
4a C 2b.1 ˛/ C 2c.1 C ˛/ C 6d D 2 Œ2a C b.1 ˛/ C 2c.1 C ˛/ C 3d ;
so J1 J2 .2/. And, if
.a; b; c; d / D . 1; 0; 0; 1/;
we have
4a C 2b.1 ˛/ C 2c.1 C ˛/ C 6d D 2;
so that .2/ J1 J2 . Hence
.2/ D J1 J2
as claimed. The other verifications follow in the same way.
Ah, but there’s one glitch. What if one of the four ideals is .1/, the unit
ideal? If J1 D .1/ for example, we’d have .2/ D .1 ˛/, and we’d still have
the same problem. But we can show that none of the Ji is the unit ideal. Let’s
show that J1 ¤ .1/—the arguments for the others are the same (Exercise 8.46
below).
Suppose, on the contrary, that J1 D .2; 1 C ˛/ D .1/. Then there exist
elements r C s˛ and t C u˛ in R, where r; s; t; u 2 Z, so that
1 D .r C s˛/ 2 C .t C u˛/.1 C ˛/:
Multiply this out, using the fact that ˛ 2 D 5, and write the result as x C y˛
to obtain
1 D .2r C t 5u/ C .2s C t C u/˛:
It follows that
2r C t 5u D 1
2s C t C u D 0:
Replace u by 2s t in the first equation to obtain
2r 4t C 10u D 1:
Since the left-hand side is even, this is impossible. N For rings of cyclotomic
integers ZŒp , it turns
Kummer introduced another brilliant idea. Call two ideals I and J equiva- out that this new kind of
factorization into ideals is
lent if there is a cyclotomic integer z so that unique.
I D .z/J D fzb W b 2 J g:
i i
“book2” — 2013/5/24 — 8:18 — page 368 — #388
i i
He was able to show that this gives an equivalence relation on nonzero ideals in
ZŒp (for symmetry, the set of all ideals must be enlarged by adding in certain
subsets of Frac.ZŒp / D Q.p / called fractional ideals). Most importantly,
Kummer showed that this relation has only finitely many equivalence classes,
and he called the number h.p/ of them the class number of ZŒp . If ZŒp
has class number 1, then all ideals are principal, there is unique factorization,
and our proof of Fermat’s Last Theorem can be refined to produce a proof
for such exponents. In fact, Kummer generalized this, proving that if the class
number h.p/ is not divisible by p, then there are no positive integer solutions to
ap Cb p D c p . This was a monumental achievement. Kummer called primes p
such that p − h.p/ regular primes. For example, even though ZŒ23 doesn’t
have unique factorization, 23 is a regular prime—h.23/ D 3, and so Fermat’s
Last Theorem holds for it. Alas, there are irregular primes. The smallest is
37, and the next two are 59 and 67. Unfortunately, it is known that there are
infinitely many irregular primes, and it’s unknown whether there are infinitely
many regular primes.
Let’s now say a bit more about Kummer’s ideal numbers (nowadays called
divisors), but we view his idea through the eyes of Dedekind. Take a cyclo-
tomic integer a 2 ZŒ, and define its divisor
D.a/ D fz 2 ZŒ W a is a divisor of zg:
Now D.a/ is closed under addition and multiplication by other cyclotomic
integers; that is, if z; z 0 2 D.a/, then z C z 0 2 D.a/; if z 2 D.a/ and r 2 ZŒ,
then r z 2 D.a/. In other words, D.a/ is an ideal (in fact, a principal ideal)
If a; b 2 R, where R in precisely the sense we have been using the term in this book (and we see
is a commutative ring, how natural the idea is when viewed in this context). The definition of divisor
then a j b if and only
makes sense for any commutative ring R, not just for the rings ZŒ.
if D.a/ D.b/; thus,
if R is a domain, then
Now generalize the notion of divisor so that, instead of being a subset of
D.a/ D D.b/ if and only if a commutative ring R of the form D.a/ for some a 2 R, it is a subset of R
a and b are associates. closed under addition and multiplication by elements of R; that is, let’s replace
D.a/, which is a principal ideal, by any ideal. Thus, if a; b 2 R, then
D.a/ C D.b/ D fz C w W z 2 D.a/ and w 2 D.b/g
is a generalized divisor. If we denote D.a/ C D.b/ by D.c/, pretending that
generalized divisors are just ordinary divisors, then we cannot declare that c is
an element of R. Thus, c is a “ghost” element. Of course, if R is a PID, then
c is an element of R, but if R is not a PID, then c may be a creature of our
imagination. p
Consider the ring R D ZŒ˛ in Example 8.52, where ˛ D 5. The fac-
torizations of 6,
6 D 2 3 and 6 D .1 C ˛/.1 ˛/;
involve four elements of R, each of which gives a divisor. As in the example,
define
J1 D D.2/ C D.˛/
J2 D D.2/ C D.1 ˛/
J3 D D.3/ C D.1 C ˛/
J4 D D.3/ C D.1 ˛/:
We can pretend that there are ghosts ci so that Ji D D.ci / for i D 1; 2; 3; 4.
i i
“book2” — 2013/5/24 — 8:18 — page 369 — #389
i i
To complete the story, we report that ghosts are primes: the ideals Ji can
be shown to be prime ideals, using the notion of the norm of ideals. Moreover,
one can prove that factorizations in terms of such ghosts are unique, using
fractional ideals.
How to Think About It. One of the contributions of Fermat’s Last Theorem
to algebra is that it attracted mathematicians of the first order and, as they
studied it, they enhanced the areas of mathematics impinging on it. For algebra
in particular, it brought the idea of commutative rings, factorization, and unique
factorization to the forefront. Kummer’s recognition that unique factorization
was not always present, and his restoration of it with his “ideal numbers,” led
Dedekind to introduce ideals into the study of rings. Dedekind’s notion of ideal
was taken up by Hilbert and then later by Emmy Noether. It is today one of the
most fundamental ideas in modern algebra.
We have a confession to make. Our discussion in Chapter 6 explains par-
allels of the arithmetic of polynomials with coefficients in a field k with the
arithmetic of integers by saying that both kŒx and Z are PIDs. No doubt, our
ancestors were aware of the analogy between these two systems, but viewing
them in terms of ideals is a modern viewpoint, after Dedekind, dating from
the 1920s. We wrote Chapter 6 using contemporary ideas because it unifies the
exposition.
Richard Dedekind was born in 1831 in Braunschweig (in what is now Ger-
many). He entered the University of Göttingen in 1850; it was a rather disap-
pointing place to study mathematics at the time, for it had not yet become the
vigorous research center it turned into soon afterwards. Gauss taught courses
in mathematics, but mostly at an elementary level. Dedekind did his doctoral
work under Gauss’s supervision, receiving his doctorate in 1852; he was to be
the last pupil of Gauss.
In 1854, both Riemann and Dedekind were awarded their habilitation de-
grees within a few weeks of each other. Dedekind was then qualified as a uni-
versity teacher, and he began teaching at Göttingen. Gauss died in 1855, and
Dirichlet was appointed to fill the vacant chair. This was an extremely impor-
tant event for Dedekind, who found working with Dirichlet extremely prof-
itable. He attended courses by Dirichlet, and they soon became close friends;
the relationship was in many ways the making of Dedekind, whose mathemat-
ical interests took a new lease on life with their discussions. Around this time
Dedekind studied the work of Galois, and he was the first to lecture on Galois
theory when he taught a course on the topic at Göttingen.
In the spring of 1858, Dedekind was appointed to the Polytechnikum in
Zurich. It was while he was thinking how to teach differential and integral
calculus that the idea of a Dedekind cut came to him. His idea was that every
real number r divides the rational numbers into two subsets, namely those
greater than r and those less than r . Dedekind’s brilliant idea was to represent
the real numbers by such divisions of the rationals.
The Collegium Carolinum in Brunswick had been upgraded to the Brunswick
Polytechnikum by the 1860s, and Dedekind was appointed there in 1862. He
returned to his home town, remaining there for the rest of his life, retiring in
1894. Dedekind died in 1916.
i i
“book2” — 2013/5/24 — 8:18 — page 370 — #390
i i
Dedekind made a number of highly significant contributions to mathematics

and his work would change the style of mathematics into what is familiar to us
today. One remarkable piece of work was his redefinition of irrational numbers
in terms of Dedekind cuts, as we mentioned above. His work in number the-
ory, particularly in algebraic number fields, is of major importance. He edited
Dirichlet’s lectures, and it was in their third and fourth editions [8], published
in 1879 and 1894, that Dedekind wrote supplements in which he introduced
the notion of an ideal. Dedekind’s work was quickly accepted, partly because
of the clarity with which he presented his ideas.
Dedekind’s brilliance consisted not only of the theorems and concepts that
he studied but, because of his ability to formulate and express his ideas so
clearly, his new style of mathematics has been a major influence on mathe-
maticians ever since.
The full proof of Fermat’s Last Theorem had to wait for much more pow-
erful methods, developed in the latter half of the 20th century. More about this
in the next chapter.
Exercises
p
8.43 Let R D ZŒ 5 and let N W R ! Z be the norm map: N.z/ D z z. Show that
(i) N.zw/ D N.z/ N.w/ for all z; w 2 R.
(ii) u is a unit in R if and only if N.u/ D 1.
(iii) If z 2 R, N.z/ D N.z/.
(iv) If a 2 Z, N.a/ D a2 .
p
8.44 Find all the units in R D ZŒ 5.
Figure 8.1. The front of a T-shirt.
8.45 Referring to Example 8.52, show that
.3/ D J3 J4
.1 C ˛/ D J1 J3
.1 ˛/ D J2 J4 :
i i
“book2” — 2013/5/24 — 8:18 — page 371 — #391
i i
8.5 Connections: Counting Sums of Squares 371
8.46 Referring to Example 8.52, show that none of J2 ; J3 ; J4 is the unit ideal in R.
8.47 Referring to Example 8.52,
(i) The ideal generated by the norms of elements in J1 is an ideal in Z, and hence
is principal. Find a generator for it.
(ii) Do the same for the other ideals Ji (i D 2; 3; 4).
8.48 Take It Further. Figure 8.1 is the front of a T-shirt that illustrates that
p p
2 3 D .1 C 5/.1 C 5/:
Explain.
8.5 Connections: Counting Sums of Squares

This section investigates an extension of a question we asked in Section 8.2.
You saw, in Corollary 8.20, that an odd rational prime can be written as a
sum of two squares if and only if it is congruent to 1 mod 4. What about
composite integers? For example, 15 can’t be written as a2 C b 2 , but 65 can:
65 D 82 C 12. In fact, 65 can be written as the sum of two squares in another
way: 65 D 42 C 72 . This leads to the following question:
In how many ways can a positive integer be written as a sum of two We should say “as a
squares? sum of two squares of
nonnegative integers.”
The surprising answer to this question was first discovered by Fermat. Just as
we used the arithmetic of Eisenstein integers to prove Fermat’s Last Theorem
for exponent 3, we’ll use the arithmetic of Gaussian integers to understand
Fermat’s discovery.
Before continuing, let’s first consider n D 5. Now 5 is a sum of two squares:
5 D 22 C 12 . We recognize the norm of a Gaussian integer, for 5 D 22 C 12 D
N.2 C i /. Is there another way to write 5 as a sum of two squares? Recall that 5
splits in ZŒi as .2 C i /.2 i /, which suggests writing 5 as N.2 i /; that is,
5 D 22 C . 1/2 . If we agree, when we write n D a2 C b 2 , that both a and b
are nonnegative, then we can ignore the second equation 5 D N.2 i /. Ah,
but there’s another way to write it as N.a C bi / with both a; b nonnegative.
While 2 i doesn’t have nonnegative real and imaginary parts, it is associate
to 2 C i , because
i.2 i / D 1 C 2i I
and 2 C i and 1 C 2i are not associates (why?). So there are two bonafide non-
associate Gaussian integers a C bi with nonnegative a and b and norm 5. Let’s
agree, then, that 5 is a sum of two squares in two ways: 22 C 12 and 12 C 22 .
The following definition of a counting function makes sense.
Definition. The function r W N ! N is defined on nonnegative integers by
r .n/ D the number of non-associate Gaussian integers of norm n:

Since we are interested in equations n D a2 C b 2 in which a and b are
nonnegative, it is reasonable to restrict our attention to non-associate Gaussian
integers in the first quadrant. By Exercise 8.13 on page 343, every Gaussian
integer is associate to exactly one Gaussian integer in the first quadrant of
i i
“book2” — 2013/5/24 — 8:18 — page 372 — #392
i i
the complex plane, We’ve been using the term “first quadrant” throughout the
book, often without properly defining it. We now insist that the positive x-axis
is in the first quadrant but that the positive y-axis is not. The reason is, viewing
R2 as C, that we want to find a piece of the complex plane that contains one
Gaussian integer from each class of associates.
Definition. The first quadrant of the complex plane is

Q1 D fz D a C bi 2 C W a > 0; b 0g:
The real number c is associate to i c (on the imaginary axis), and we don’t
include i c in the first quadrant. Also, the origin 0 D 0 C 0i does not lie in Q1 .
In light of these remarks, we modify the definition of r .n/ for the purpose at
hand, counting only Gaussian integers in the first quadrant (as we wrote above,
Exercise 8.13 says that two such integers are necessarily not associate).
r .n/ D jfz 2 ZŒi j N.z/ D n and z 2 Q1 gj.
It’s worth calculating r .n/ to get a feel for what it is counting. High school
students should enjoy working out some of these numbers by hand (there is no
need to mention machinery of ZŒi ). Here are some values for them to check.
n r .n/ n r .n/ n r .n/ n r .n/ n r .n/

1 1 11 0 21 0 31 0 41 2
You can also check that 2 1 12 0 22 0 32 1 42 0
r .15625/ D 7 and, if
you are ambitious, that 3 0 13 2 23 0 33 0 43 0
r .815730721/ D 9.
4 1 14 0 24 0 34 2 44 0
5 2 15 0 25 3 35 0 45 2
6 0 16 1 26 2 36 1 46 0
7 0 17 2 27 0 37 2 47 0
8 1 18 1 28 0 38 0 48 0
9 1 19 0 29 2 39 0 49 1
10 2 20 2 30 0 40 2 50 3
Look for regularity in the table, make some conjectures, and try to prove them.
For example, can you see anything that the values of n for which r .n/ D 0 have
Or, pick a few primes p, in common?
say 3; 5; 7; 11; 13 and It’s likely that Fermat did exactly these kinds of investigations—lots of pur-
see what happens as
poseful numerical calculations—to arrive at an amazing result that we’ll prove
you calculate the values
of r .pk /. What about
in this section.
products of two primes?
Theorem 8.53 (Fermat). The number of ways an integer n can be written as
a sum of two squares is the excess of the number of divisors of n of the form
4k C 1 over the number of divisors of n of the form 4k C 3I that is, if
A.n/ D the number of divisors of n of form 4k C 1
and
B.n/ D the number of divisors of n of form 4k C 3;
then
r .n/ D A.n/ B.n/:
i i
“book2” — 2013/5/24 — 8:18 — page 373 — #393
i i
The proof that we’ll develop uses some new machinery as well as the law
of decomposition for Gaussian integers. First, a few examples that show some
of the delightful consequences of the theorem.
Example 8.54. (i) Consider n D 65 D 13 5. Its divisors are
1; 5; 13; 65:
There are four divisors congruent to 1 mod 4 and none congruent to

3 mod 4, so r .65/ D 4. Sure enough,
65 D 1 C 64
D 64 C 1
D 16 C 49
D 49 C 16:
(ii) Let n D 21. Its divisors are

1; 3; 7; 21:
There are two divisors that are 1 mod 4 and two that are 3 mod 4, so
r .21/ D 0. Thus, 21 is not a sum of two squares.
(iii) Let n D 3m for some integer m. Odd powers of 3 are congruent to
3 mod 4, while even powers are 1 mod 4. The divisors of 3m are
1; 3; 32 ; 33 ; : : : ; 3m :
It follows that See Exercise 8.49 on

( page 377.
0 if m is odd
r .3m / D
1 if m is even: N
Corollary 8.55. For any positive integer n, we have A.n/ B.n/I that is, n
has at least as many divisors of the form 4k C 1 as it has divisors of the form
4k C 3.
Proof. By Theorem 8.53, we have A.n/ B.n/ D r .n/, and r .n/ 0.
A Proof of Fermat’s Theorem on Divisors

Let’s now prove Theorem 8.53. Our proof requires a device that finds applica-
tions all over mathematics—a theory developed by Dirichlet that uses formal Once again, it’s time to pull
algebra to answer combinatorial questions in arithmetic. out the pencil and paper.
Definition. A formal Dirichlet series is an expression of the form
X1
a.n/ a.2/ a.3/
s
D a.1/ C s C s C ;
nD1
n 2 3
where the a.n/ are complex numbers. (It will be useful to write a.n/ instead
of the usual an .)
i i
“book2” — 2013/5/24 — 8:18 — page 374 — #394
i i
The word “formal” is important here—we think of these series as book-

keeping devices keeping track of combinatorial or numerical data (as in Ex-
ample 2.31). So, we don’t worry about questions of convergence; we think of
s simply as an indeterminate rather than as a variable that can be replaced by
. . . [to] omit those parts a real or complex number. This misses many of the wonderful analytic appli-
of the subject, however, cations of such series, but it turns out that their formal algebraic properties are
is like listening to a
all we need for this discussion.
stereo broadcast of,
say Beethoven’s Ninth Dirichlet series are added and multiplied formally. Addition is done term by
Symphony, using only the term:
left audio channel. [39]. 1 1 1
X a.n/ X b.n/ X a.n/ C b.n/
C D :
ns ns ns
nD1 nD1 nD1
Multiplication is also done term by term, but then one gathers up all terms with
Dirichlet series are not the same denominator. So, for example, if we’re looking for c.12/=12s in
formal power series, and
X1 1 1
multiplication is not the a.n/ X b.n/ X c.n/
same as in CŒŒx. s s
D ;
nD1
n nD1
n nD1
ns
then a denominator of 12s could come only from the products

a.1/ b.12/ a.2/ b.6/ a.3/ b.4/ a.4/ b.3/ a.6/ b.2/ a.12/ b.1/
; s s ; s s ; s s ; s s ; s :
1s 12s 2 6 3 4 4 3 6 2 12s 1
In general, the coefficient c.n/ in Eq. (8.5) is given by
X n
c.n/ D a.d / b ; (8.19)
d
djn
P
where djn means that the sum is over the divisors of n.
The simplest Dirichlet series is the Riemann zeta function:
X1
1
.s/ D :
nD1
ns
Actually, the zeta function Eq. (8.19) implies that if

usually means the function
of a complex variable s that X1 X1
a.n/ c.n/
analytically continues this .s/ s
D ;
infinite series. nD1
n nD1
ns
Eq. (8.20) is, as we’ll see, then

extremely useful, and it’s X
the reason for defining c.n/ D a.d /: (8.20)
Dirichlet series. djn
Let’s state this as a theorem.
Theorem 8.56. If
X1 X1
a.n/ c.n/
.s/ s
D ;
nD1
n nD1
ns
P
then c.n/ D djn a.d /:
i i
“book2” — 2013/5/24 — 8:18 — page 375 — #395
i i
Proof. Expand
1
! 1
!
X 1 X a.n/
ns ns
nD1 nD1
and gather terms with the same denominator.

Sometimes, the coefficients a.n/ have interesting properties. For example,
Definition. A function aW N ! C is strongly multiplicative if, for all nonneg-

ative integers m; n,
a.mn/ D a.m/a.n/:
(A function aW N ! C is multiplicative if a.mn/ D a.m/a.n/ whenever

gcd.m; n/ D 1.)
When a is strongly multiplicative, the Dirichlet series with coefficients a.n/

has an alternate form that shows its connection with arithmetic.
Theorem 8.57. If a is a strongly multiplicative function, then the Dirichlet

series
X1
a.n/
f .s/ D
nD1
ns
has a product expansion

!
Y 1
f .s/ D a.p/
;
p 1 ps
where the product is over all prime numbers p.
Proof. Each factor on the right side is a geometric series: To be rigorous, we should
put some restrictions on

1 a.p/ a.p/ 2 a.p/ 3 the values of a.k/ to
D 1C C C C ::: ensure that the series
a.p/ ps ps ps converges.
1
ps

a.p/ a.p 2 / a.p 3 /
D 1C C C C ::::
ps p 2s p 3s
Multiply these together (one for each prime) and you get the sum of every
possible expression of the form
a.p1e1 /a.p2e2 / : : : a.prer / a.p1e1 p2e2 : : : prer /

D s :
p1e1s p2e2 s : : : prer s p1e1 p2e2 : : : prer
Since every n 2 Z can be written in one and only one way as a product of
powers of primes (the fundamental theorem again), this is the same as the sum
X1
a.n/
:
nD1
ns
i i
“book2” — 2013/5/24 — 8:18 — page 376 — #396
i i
Example 8.58. (i) The constant function a.n/ D 1 is strongly multiplica-

tive, so the Riemann zeta function has a product expansion
X1 Y 1
1
.s/ D D :
nD1
ns
p
1 p1s
(ii) Here’s a multiplicative function that’s connected to our work with Gaus-
sian integers:
8̂
<1 if n 1 .mod 4/
.n/ D 1 if n 3 .mod 4/ :
:̂
0 if n is even
is called a quadratic You can check that is strongly multiplicative, and so
character.
1
!
X .n/ Y 1
D : N
ns p 1 .p/ s
nD1 p
Now, by Theorem 8.56, if

X1 X1 X
.n/ a.n/
.s/ s
D then a.n/ D .d /: (8.21)
nD1
n nD1
ns
djn
So, a.n/ is the excess of the number of divisors of n of the form 4k C1 over the
number of divisors of n of the form 4k C 3. Bingo: this is exactly the function
that is the at heart of Theorem 8.53. The idea, then, is to form the Dirichlet
series with coefficients r .n/ and to show that
1
X 1
X
r .n/ .n/
s
D .s/ :
n ns
nD1 nD1
To do this, we’ll convert each of the sums to products. We already have done
this in Example 8.58 for the sums on the right-hand side; for the left-hand side,
we argue as follows.
Each term in the left-hand sum is a sum of unit fractions, and the number
of such fractions is the number of Gaussian integers with given norm. For
example, 3=25s comes from
1 1 1
C C :
N.3 C 4i / N.4 C 3i / N.5 C 0i /
Using this idea and the multiplicativity of N , we get a product formula for the
left-hand side.
X1 X
r .n/ 1
s
D s
nD1
n .N.˛//
˛2Q1
1
Y X 1
D s (use the fundamental theorem in ZŒi /
p2Q1 kD0 .N.p//k
Y 1
D 1
(sum a geometric series) :
p2Q1
1 N.p/s
i i
“book2” — 2013/5/24 — 8:18 — page 377 — #397
i i
Here, the product is over all Gaussian primes in the first quadrant. This is
another example that is best understood by calculating a few coefficients by
hand.
Now use Theorem 8.21 (the law of decomposition for ZŒi ). Every prime in
Q1 lies over one of these:
the prime 2. There’s only one in the first quadrant: 1 C i , and N.1 C i / D 2.
a prime p congruent to 1 mod 4. There are two for each such p—if
p D ;
then both and have an associate in Q1 (and they are different), and each
has norm p.
a prime p congruent to 3 mod 4. There’s only one such prime in Q1 , because
such a p is inert and N.p/ D p 2.
So,
1 Y 1
2 Y 1

X r.n/ Y 1 1
D D 1 1
ns 1 1 p 1 p 1
nD1 z2Q1 1 1 1 mod 4 ps 3 mod 4 p2s
N.z/s 2s
Y 1
2 Y 1
Y 1

1
D 1 1 1
1 p 1 p 1 p 1C
1 1 mod 4 ps 3 mod 4 ps 3 mod 4 ps
2s
Y 1
Y 1
Y 1

1
D 1 1 1
1 p odd 1 p1 mod 4 1 p3 mod 4 1C
1 ps ps ps
2s
Y 1
Y 1

D .s/ .p/ .p/
p1 mod 4 1 p3 mod 4 1
ps ps
Y 1
1
X .n/
D .s/ .p/ D .s/
p odd 1 ns
ps nD1
1
X a.n/
D ;
ns
nD1
where, by Eq. (8.21),

X
a.n/ D .d /:
djn
It follows that r .n/ D a.n/, and we’ve proved Theorem 8.53.
Exercises
8.49 Suppose that m 1 is an integer. Show that if p is a prime and p 3 mod 4,
(
m
0 if m is odd
r p D
1 if m is even:
i i
“book2” — 2013/5/24 — 8:18 — page 378 — #398
i i
8.50 Suppose that m 1 is an integer. Show that if p is a prime and p 1 mod 4,

r pm D m C 1:
8.51 Suppose that m 1 is an integer. Show that

s 2m D 1:
8.52 Show that if a is a strongly multiplicative function, so is b, where b is defined by

X
b.n/ D a.d /:
djn
8.53 A multiplicative function is a function a W N ! C so that a.mn/ D a.m/a.n/

whenever gcd.m; n/ D 1.
(i) Give an example of a multiplicative function that is not strongly multiplica-
tive.
If a is strongly multiplica- (ii) Show that if a is a multiplicative function, so is b, where
tive, is b? X
b.n/ D a.d /:
djn
8.54 Show that, if gcd.m; n/ D 1, then
r.mn/ D r.m/r.n/:
8.55 Show that an integer can be written as a sum of two squares if and only if the
primes in its prime factorization that are congruent to 3 mod 4 show up with even
exponents.
8.56 Take It Further. Show that
1
X .n/
.s/ D .s 1/;
ns
nD1
where is the Euler -function.

8.57 Take It Further. Tabulations of r show some erratic behavior with no apparent
It might be easier to pattern. When that happens with a function f , it’s often useful to look at the
see things if you use 4r asymptotic behavior of its average value:
instead of r , allowing
n
Gaussian integers in all 1 X
four quadrants. lim f .k/:
n!1 n
kD1
Investigate the asymptotic behavior of the average value of r.
i i
“book2” — 2013/5/24 — 8:18 — page 379 — #399
i i
9 Epilog
Attempts to resolve Fermat’s Last Theorem have led to much modern alge-
bra. There were many other areas of mathematical research in the seventeenth,
eighteenth and nineteenth centuries, one of which was determining the roots of
polynomials. Informally, a polynomial is solvable by radicals if its roots can
be given by a formula generalizing the classical quadratic, cubic, and quar-
tic formulas. In 1824, Abel proved that there are quintic polynomials that are
not solvable by radicals and in 1828 he found a class of polynomials, of any
degree, that are solvable by radicals. In 1830, Galois, the young wizard who
was killed before his 21st birthday, characterized all the polynomials which
are solvable by radicals, greatly generalizing Abel’s theorem. Galois’ brilliant
idea was to exploit symmetry through his invention of group theory.
After a brief account of the lives of Abel and Galois, we will use ring theory
to make the notion of solvability by radicals precise. This will enable us to un-
derstand the work of Abel and Galois showing why there is no generalization
of the classical formulas to polynomials of higher degree. We will then intro-
duce some group theory, not only because groups were the basic new idea in
the study of polynomials, but because they are one of the essential ingredients
in Wiles’ proof of Fermat’s Last Theorem in 1995. In fact, symmetry is an im-
portant fundamental idea arising throughout mathematics. In the last section,
we will say a bit about Andrew Wiles and his proof of Fermat’s Last Theorem.
9.1 Abel and Galois

Niels Abel was born in Frindöe, Norway, near Stavanger, in 1802. Norway was
then suffering extreme poverty as a consequence of economic problems arising
from European involvement in the Napoleonic wars. Abel’s family was very
poor, although things improved a little in 1816 when his father, a Protestant
minister, became involved in politics (Norway, which had been part of Den-
mark, claimed independence, and then became a largely autonomous kingdom
in a union with Sweden). The next year, Abel was sent to a school in Christiana
(present day Oslo), but he was an ordinary student there with poor teachers (the
best teachers having gone to the recently opened University of Christiana). But
two years later, a new mathematics teacher, B. Holmboë, joined the school and So, an inspiring teacher
inspired Abel to study mathematics. Holmboë was convinced Abel had great helped set the course of
modern algebra.
talent, and he encouraged him to read the works of contemporary masters. In
1820, Abel’s father died; there was no money for Abel to complete his educa-
tion nor to enter the University. But Holmboë continued his support, helping
him to obtain a scholarship to enter the University in 1821; Abel graduated the
following year.
379
i i
“book2” — 2013/5/24 — 8:18 — page 380 — #400
i i
380 Chapter 9 Epilog
In 1821, while in his final year at the University of Christiana, Abel thought
he had proved that quintic polynomials are solvable by radicals, and he submit-
ted a paper to the Danish mathematician Degen for publication by the Royal
The importance of nu- Society of Copenhagen. Degen asked Abel to give a numerical example of his
merical examples can’t be method and, in trying to do this, Abel discovered a mistake in his paper. De-
overestimated.
gen had also advised Abel to study elliptic integrals, and Abel wrote several
important fundamental papers on the subject. In 1824, Abel returned to quin-
tic polynomials, proving that the general quintic polynomial is not solvable by
radicals.
In 1825, having now done brilliant work in two areas of mathematics, the
Norwegian government gave Abel a scholarship to travel abroad. He went to
Germany and France, hoping to meet eminent mathematicians, but Gauss was
not interested in Abel’s work on the quintic, and the mathematicians in Paris
did not yet appreciate his remarkable theorems on elliptic functions. By 1827,
Abel’s health deteriorated, he was heavily in debt, and he returned home to
Norway. In 1828, he briefly returned to polynomials, proving a theorem de-
scribing a class of polynomials (of any degree) that are solvable by radicals.
By this time, Abel’s fame had spread to all mathematical centers. Legendre
saw the new ideas in papers of Abel and of Jacobi, and he wrote
Through these works you two .Abel and Jacobi/ will be placed in the
class of the foremost analysts of our times.
Strong efforts were made to secure a suitable position for Abel by a group from
the French Academy, who addressed King Bernadotte of Norway-Sweden;
Crelle also worked to secure a professorship for him in Berlin. But it was too
late. Abel died in 1829, at age 26.
An imprecise measure of Abel’s influence on modern mathematics is the
number of areas named after him: abelian groups, abelian varieties, abelian
differentials, abelian integrals, abelian categories, abelian extensions, abelian
number fields, abelian functions. The Niels Henrik Abel Memorial Fund was
established in 2002, and the Norwegian Academy of Science and Letters awards
the Abel Prize for outstanding scientific work.
Évariste Galois was born in Bourg La Reine, near Paris, in 1811. France,
and especially Paris, was then in the throes of great political and social change
as a consequence of the French Revolution in 1789, the Napoleonic era 1799–
1815, the restoration of the French monarchy with King Louis XVIII in 1815,
his overthrow by King Charles X in 1824, and another revolution in 1830.
In April 1829, Galois’ first mathematics paper (on continued fractions) was
published; he was then 17 years old. In May and June, he submitted articles
on the algebraic solution of equations to Cauchy at the Academy of Science.
Cauchy advised him to rewrite his article, and Galois submitted On the condi-
tion that an equation be solvable by radicals in February 1830. The paper was
sent to Fourier, the secretary of the Academy, to be considered for the Grand
Prize in mathematics. But Fourier died in April 1830, Galois’ paper was never
subsequently found, and so it was never considered for the prize. July 1830
saw another revolution. King Charles X fled France, and there was rioting in
the streets of Paris. Later that year, Galois (now age 19) was arrested for mak-
ing threats against the king at a public dinner, but he was acquitted. Galois
was invited by Poisson to submit a third version of his memoir on equations to
the Academy, and he did so in January 1831. On July 14, Galois was arrested
i i
“book2” — 2013/5/24 — 8:18 — page 381 — #401
i i
9.2 Solvability by Radicals 381
again. While in prison he received a rejection of his memoir. Poisson reported

that “His argument is neither sufficiently clear nor sufficiently developed to al-
low us to judge its rigor. . . . There is no good way of deciding whether a given
polynomial . . . is solvable.” He did, however, encourage Galois to publish a
more complete account of his work.
In March 1832, a cholera epidemic swept Paris, and prisoners were trans-
ferred to boarding houses. The prisoner Galois was moved to a pension, where
he apparently fell in love with Stéphanie-Félice du Motel, the daughter of the
resident physician. After he was released on April 29, Galois exchanged letters
with Stéphanie, and it is clear that she tried to distance herself from the affair.
Galois fought a duel on May 30, the reason for the duel not being clear but
certainly linked with Stéphanie. A note in the margin of the manuscript that
Galois wrote the night before the duel reads, “There is something to complete
in this proof. I do not have the time.” It is this note which has led to the legend
that he spent his last night writing out all he knew about group theory (but this
story appears to have been exaggerated). Galois was mortally wounded in the
duel, and he died the next day, only 20 years old. His funeral was the focus of
a Republican rally, and riots lasting several days followed.
According to Galois’ wish, his friend Chevalier and Galois’ brother Alfred
copied Galois’ mathematical papers and sent them to Gauss, Jacobi, and others.
No record exists of any comment these men may have made. Eventually, the
papers reached Liouville who, in September 1843, announced to the Academy
that he had found in Galois’ papers a concise solution “. . . as correct as it is
deep, of this lovely problem: given an irreducible equation of prime degree,
decide whether or not it is solvable by radicals.” Liouville published these
papers of Galois in his Journal in 1846. What Galois outlined in these papers
is called Galois Theory today.
The following quotation is from the Epilog of Tignol’s book [33].
After the publication of Galois’ memoir by Liouville, its importance

dawned upon the mathematical world, and it was eventually realized that
Galois had discovered a mathematical gem much more valuable than
any hypothetical external characterization of solvable equations. After
all, the problem of solving equations by radicals was utterly artificial.
It had focused the efforts of several generations of brilliant mathemati-
cians because it displayed some strange, puzzling phenomena. It con-
tained something mysterious, profoundly appealing. Galois had taken
the pith out of the problem, by showing that the difficulty of an equation
was related to the ambiguity of its roots and pointing out how this ambi-
guity could be measured by means of a group. He had thus set the theory
of equations and, indeed, the whole subject of algebra, on a completely
different track.
We have chosen Fermat’s Last Theorem as an organizing principle of this

book, but an interesting abstract algebra text could be written centered on
group theory and roots of polynomials.
9.2 Solvability by Radicals

Informally, a polynomial is solvable by radicals if there is a formula for its
roots that generalizes the classical quadratic, cubic, and quartic formulas. Let
i i
“book2” — 2013/5/24 — 8:18 — page 382 — #402
i i
us now examine the classical formulas to make this rather vague idea more
precise.
How to Think About It. Even though much of what we shall say applies
to polynomials over any field, the reader may assume all fields coming up are
subfields of the complex numbers C. We point out, however, that some famil-
iar results may not be true for all fields. For example, the quadratic formula
doesn’t hold in kŒx when k has characteristic 2 (for 12 doesn’t make sense in
k); similarly, neither the cubic formula nor the quartic formula holds in kŒx
when k has characteristic either 2 or 3.
Definition. A field extension K= k is a pure extension if K D k.u/, where

un 2 k for some n 1.
In more detail,
p K D k.u/, where u is a root of x n a for some a 2 k;
n
that is, u D a, and so we are adjoining an nth root of a to k. But there are
several nth roots of a in C, namely
p p p
n
a; n a; : : : ; n 1 n a;
where D n D cos.2=n/ C i sin.2=n/ is a primitive nth root of unity. To

avoid having to decide which one to adjoin, let’s adjoin all of them by adjoining
any one of them together with all the nth roots of unity. This is reasonable, for
we are seeking formulas for roots of polynomial equations that involve square
roots, cube roots, etc., and roots of numbers appear explicitly in the classical
formulas.
Let’s consider the classical formulas for polynomials of small degree, for
we’ll see that they give rise to a sequence of pure extensions.
Quadratics
If f .x/ D x 2 C bx C c, then the quadratic formula gives its roots as

p
1 2
2
b ˙ b 4c :
p
Let k D Q.b; c/. Define K1 D k.u/, where u D b 2 4c. Then K1 is a
pure extension, for u2 2 k. Moreover, the quadratic formula implies that K1 is
the splitting field of f .
Cubics
Let f .X/ D X 3 C bX 2 C cX C d , and let k D Q.b; c; d /. The change of

variable X D x 13 b yields a new polynomial f e.x/ D x 3 C qx C r 2 kŒx
e, then u 1 b is a root
having the same splitting field E (for if u is a root of f 3
e is solvable by radicals if and only if f is. The cubic
of f ); it follows that f
formula gives the roots of fe as
g C h; !g C ! 2 h; and ! 2 g C !h;
p
where g3 D 12 r C R , h D q=3g, R D r 2 C 27 4 3
q , and ! is a primitive
cube root of unity. Because of the constraint gh D 31 q, each choice of g D
q p
3 1
2
. r C R/ has a “mate,” namely h D q=.3g/, q=.3!g/ D ! 2 h, and
q=.3! 2 g/ D !h.
i i
“book2” — 2013/5/24 — 8:18 — page 383 — #403
i i
9.2 Solvability by Radicals 383

p p
Define K1 D k. R/, and define K2 D K1 .g/, where g3 D 12 . r C R/.
The cubic formula shows that K2 contains the root g C h of f e, where h D
q=3g. Finally, define K3 D K2 .!/, where ! 3 D 1. The other roots of fe are
!g C ! 2 h and ! 2 g C !h, both of which lie in K3 , and so E K3 .
Thus, a sequence of pure extensions seems to capture the notion we are
seeking. We now give the formal definition of solvability by radicals, after
which we will show that all polynomials of degree 4 are solvable by radicals.
Definition. A radical extension of a field k is a field extension K= k for which

there exists a tower of field extensions
k D K0 K1 K t D K;
where Ki =Ki 1 is a pure extension for all i 1.

A polynomial f .x/ 2 kŒx is solvable by radicals if there is a splitting field
E= k and a radical extension K= k with E K.
Quadratics are solvable by radicals, and the cubic formula shows that every
cubic f .x/ D x 3 C qx C r 2 QŒx is solvable by radicals: a radical extension
containing a splitting field of f is
p
Q.q; r / D K0 K1 D K0 .!/ K2 D K1 . R/ K3 D K2 .g/;
where we are using the notation in the cubic formula.

Why do we say in the definition of solvable by radicals, that E K instead
of E D K? That is, why don’t we say that some splitting field is a radical
extension? The answer is that it isn’t. Consider the following theorem, due to
Hölder.
Theorem 9.1 (Casus Irreducibilis). Let f .x/ 2 QŒx be an irreducible cubic

having three real roots. If E C is the splitting field of f and K is a radical
extension of Q containing E, then K ¨ R.
Proof. [25], p. 217.

If f .x/ 2 QŒx is an irreducible cubic all of whose roots are real (f .x/ D
3x 3 3x C 1 is such a cubic, by Example 6.58), then its splitting field E R.
We have just seen that f is solvable by radicals, so there is a radical extension
K=Q with E K. But the Casus Irreducibilis says that K ¨ R. Therefore,
E ¤ K (because E R); that is, the splitting field of f is not itself a radical
extension.
Here is a more remarkable consequence of the Casus Irreducibilis. In down-
to-earth language, it says that any formula for the roots of an irreducible cubic
in QŒx having all roots real requires the presence of complex numbers! After
all, the formula involves a cube root of unity. In other words, it is impossible
to “simplify” the cubic formula to eliminate i ; we must use complex numbers
to find real roots! How would this have played in Piazza San Marco?
We now show that quartic polynomials are solvable by radicals.
Proposition 9.2. Every polynomial f .X/ D X 4 C bX 3 C cX 2 C dX C e 2

QŒx is solvable by radicals.
i i
“book2” — 2013/5/24 — 8:18 — page 384 — #404
i i
Proof. Let k D Q.b; c; d; e/. The change of variable X D x 41 b yields a

new polynomial f e.x/ D x 4 C qx 2 C r x C s 2 kŒx; moreover, the splitting
e, for if u is a root of f
field E of f is equal to the splitting field of f e, then
e in CŒx:
u 14 b is a root of f . Factor f
e.x/ D x 4 C qx 2 C r x C s D .x 2 C jx C `/.x 2
f jx C m/;
and determine j , `, and m. Now j 2 is a root of the resolvent cubic:
.j 2 /3 C 2q.j 2 /2 C .q 2 4s/j 2 r 2:
The cubic formula gives j 2 , from which we can determine m and `, and hence
the roots of the quartic.
Define a radical extension
k D K0 K1 K2 K3 ;
as in the cubic case, so thatpj 2 2 K3 . Define K4 D Kp

3 .j / (so that
`; m 2 K4 ).
Finally, define K5 D K4 j 2 4` and K6 D K5 j 2 4m , giving roots
of the quadratic factors x 2 C jx C ` and x 2 jx C m of f e. The quartic formula
gives E K6 . Therefore, f is solvable by radicals.
Example 9.3. f .x/ D x 5 1 2 QŒx is solvable by radicals. We know that

f .x/ D .x 1/h.x/, where h is a quartic. But we have just seen that quartics
are solvable by radicals. (Actually, Gauss proved that x n 1 is solvable by
radicals for all n 1, and this led to his construction of the regular 17-gon by
ruler and compass.) N
We have just seen that quadratics, cubics, and quartics in QŒx are solvable
by radicals. Conversely, let f .x/ 2 QŒx be a polynomial of any degree, and
let E=Q be a splitting field. If f is solvable by radicals, we claim that there is
Q can be replaced by any a formula that expresses its roots in terms of its coefficients. Suppose that
field of characteristic 0.
Q D K0 K1 K t
is a radical extension with E K t . Let z be a root of f . Now z 2 K t D

K t 1 .u/, where u is an mth root of some element ˛ 2 K t 1 ; hence, z canpbe
expressed in terms of u and K t 1 ; that is, z can be expressed in terms of m ˛
and K t 1 . But K t 1 D K t 2 .v/, where some power of v lies in K t 2 . Hence,
z can be expressed in terms of u, v, and K t 2 . Ultimately, z is expressed by a
formula analogous to the classical formulas. Therefore, solvability by radicals
has now been translated into the language of fields.
9.3 Symmetry
Recognizing and exploiting symmetry is an important ingredient in geometry,
algebra, number theory, and, indeed, in all of mathematics.
Here is the basic idea: an object is symmetric if, when you transform it in a
certain way, you get the same object back. For example, what do we mean
when we say that an isosceles triangle is symmetric? Figure 9.1 shows
D ABC with its base AB on the x-axis and with the y-axis being the
i i
“book2” — 2013/5/24 — 8:18 — page 385 — #405
i i
9.3 Symmetry 385
A B
Figure 9.1. Isosceles triangle ABC .
perpendicular-bisector of AB. Close your eyes; pretend that the y-axis is a Reflection in the y-axis
mirror, and let be reflected in the y-axis (so that the vertices A and B are is the function .x; y/ 7!
. x; y/.
interchanged); open your eyes. You cannot tell that has been reflected; that
Reflection in the x-axis
is, is symmetric in the y-axis. On the other hand, if were reflected in the is the function .x; y/ 7!
x-axis, then it would be obvious, once your eyes are reopened, that a reflection .x; y/.
had taken place; that is, is not symmetric in the x-axis.
Here is a non-geometric example: the polynomial f .x; y/ D x 3 C y 3 xy
is symmetric because, if you transform it by interchanging x and y, you get
the same polynomial back. Another example arises from g.x/ D x 6 x 2 C 3.
This polynomial is symmetric because g. x/ D g.x/; this symmetry induces
symmetry of the graph of g.x/ in the y-axis, for . x; y/ lies on the graph if
and only if .x; y/ does.
The transformations involved in defining symmetry are usually permuta-
tions.
Definition. A permutation of a set X is a bijection ˛W X ! X.
Here is a precise definition of symmetry in geometry.
Definition. An isometry of the plane is a function 'W R2 ! R2 that is distance

preserving: for all points P D .a; b/ and Q D .c; d / in R2 , Now you see how im-
portant the Pythagorean
k'.P / '.Q/k D kP Qk; Theorem really is; it allows
us to define distance.
p
where kP Qk D .a c/2 C .b d /2 is the distance from P to Q.
A symmetry of a subset of the plane is an isometry with ./ D
(by definition, ./ D f.!/ W ! 2 g).
It is clear that every isometry is an injection, for if P ¤ Q, then kP Qk ¤

0, hence k.P / .Q/k ¤ 0, and .P / ¤ .Q/. It is also true (but harder
to prove) that isometries are surjections ([26], p. 141). Thus, isometries are
bijections; that is, they are permutations of the plane.
Some figures have more symmetries than others. Consider the triangles in
Figure 9.2. The first, equilateral, triangle has six symmetries: rotations by 120ı ,
240ı, 360ı D 0ı about its center, and reflections in each of the three angle
bisectors. The second, isosceles, triangle has only two symmetries, the identity
isometry and the reflection in the angle bisector, while the scalene triangle
has only one symmetry, the identity isometry. A circle has infinitely many
symmetries (for example, all rotations about its center).
i i
“book2” — 2013/5/24 — 8:18 — page 386 — #406
i i
P
P
U Q U Q U Q
Figure 9.2. Triangles.
We now introduce symmetry in an algebraic setting.
Definition. An automorphism of a commutative ring R is an isomorphism

W R ! R. Given a field extension E= k, an automorphism W E ! E fixes k
if .a/ D a for every a 2 k.
The following theorem should remind you of Theorem 3.12 (which is the
special case when E= k D C=R and is complex conjugation). Of course,
automorphisms are certain kinds of permutations.
Theorem 9.4. Let k be a field, let f .x/ 2 kŒx, and let E= k be a splitting
field of f . If W E ! E is an automorphism fixing k, then permutes the set
of all the roots of f .
Proof. Let f .x/ D a0 C a1 x C C an x n , where ai 2 k for all i . If u 2 E

is a root of f , then f .u/ D 0 and
0 D .f .u//
D .a0 C a1 u C C an un /
D .a0 / C .a1 /.u/ C C .an /.un /
D a0 C a1 .u/ C C an .u/n
D f ..u//:
Therefore, .u/ is also a root of f , so that ./ ; that is, im .j/

and the restriction j is a function ! . But j is an injection, because
is, and the Pigeonhole Principle, Exercise A.11 on page 419, says that it is a
permutation.
The following definition, due to E. Artin around 1930, modernizes and sim-
plifies Galois’ original definition given 100 years earlier (it is equivalent to
Galois’ definition).
Definition. If k is a field, f .x/ 2 kŒx, and E= k is a splitting field of f , then

the Galois group of f is
Gal.f / D fautomorphisms W E ! E fixing kg:

Just as some triangles are more symmetric than others, some polynomials
are more symmetric than others. For example, consider f .x/ D x 2 2 and
g.x/ D x 2 9, where we consider
p both polynomials as lying in QŒx. The
splitting field of f is E DpQ. 2/, and
p there is an automorphism
p W Ep! E
that interchanges the roots 2 and 2, namely W a C b 2 7! a b 2. On
i i
“book2” — 2013/5/24 — 8:18 — page 387 — #407
i i
9.3 Symmetry 387
the other hand, the splitting field of g is Q, for both 3 and 3 lie in Q, and so
Gal.g/ consists only of the identity permutation.
The astute reader may have noticed that Gal.f / really depends only on the
fields k and E; two polynomials in kŒx having the same splitting field have
the same Galois group. For this reason, we usually write
Gal.f / D Gal.E= k/:
Example 9.5. We show that not every permutation of the roots of a polyno-
mial f is the restriction of some automorphism 2 Gal.f /. We saw in Ex-
ample 3.7 that the roots of
f .x/ D x 4 10x 2 C 1 2 QŒx
are
p p p p p p p p
˛D 2 C 3; ˇD 2 3; D 2C 3; ıD 2 3:
Let E=Q be a field extension containing these four roots, and let be the
permutation that interchanges ˇ and and fixes the other two roots:
.˛/ D ˛; .ˇ/ D ; . / D ˇ; .ı/ D ı:
p
In E, we have ˛ ˇ D 2 3. Suppose there p is an automorphism of E with
jf˛; ˇ; ; ıg D . Then .˛ ˇ/ D .2 3/, and
p
.˛ ˇ/ D .˛/ .ˇ/ D .˛/ .ˇ/ D ˛ D 2 2:
p p
Hence, .2 3/ D 2 2. Square both sides:
p p
.2 3/2 D .2 2/2 D 8:
p p
The left-hand side is .2 3/2 D .2 3/2 D .12/ D 12, and this is a
contradiction. Therefore, … Gal.f /. N
An important class of symmetric polynomials are the elementary symmet-

ric polynomials in n variables ˛1 ; : : : ; ˛n . For two variables, the elementary
symmetric polynomials are ˛1 C ˛2 and ˛1 ˛3. For three variables, they are
s1 D ˛1 C ˛2 C ˛3 ;
s2 D ˛1 ˛2 C ˛1 ˛3 C ˛2 ˛3 ;
s3 D ˛1 ˛2 ˛3
and, for n variables, si is the sum of all products of the ˛i , taken i at a time.
We’ve met these before in the context of roots of polynomials. The coefficients
of a monic polynomial are the elementary symmetric polynomials of its roots,
with alternating sign, so that, for example,
.x ˛1 /.x ˛2 /.x ˛3 /
3
Dx .˛1 C ˛2 C ˛3/x 2 C .˛1 ˛2 C ˛1 ˛3 C ˛2 ˛3 /x ˛1 ˛2 ˛3 :
It turns out that every symmetric polynomial in n variables can be expressed
as a polynomial in the elementary symmetric polynomials si (see [2], Chap-
ter IIG). For example,
˛12 C ˛22 C ˛32 D .˛1 C ˛2 C ˛3 /2 2.˛1 ˛2 C ˛1 ˛3 C ˛1˛3 /
D s12 2s2:
i i
“book2” — 2013/5/27 — 21:32 — page 388 — #408
i i
Example 9.6. The elementary symmetric polynomials can be used to give al-
ternate derivations of the quadratic and cubic formulas (Exercises 9.1 and 9.3
below). Let’s sketch a derivation of the cubic formula along these lines.
Assume our cubic has been reduced and is, as before, of the form
x 3 C qx C r:
Suppose further that we let its roots be ˛1 , ˛2 and ˛3 . Then we know that
˛1 C ˛2 C ˛3 D 0;
˛1˛2 C ˛1 ˛3 C ˛2 ˛3 D q;
˛1 ˛2 ˛3 D r:
As usual, ! D Form the two expressions s and u:
1
p
1Ci 3 .
2
s D ˛1 C ˛2 ! C ˛3 ! 2
u D ˛1 C ˛2 ! 2 C ˛3 !:
So, we have three expressions in the roots
0 D ˛1 C ˛2 C ˛3
s D ˛1 C ˛2 ! C ˛3 ! 2
u D ˛1 C ˛2 ! 2 C ˛3 !:
Adding the equations, we see that s C u D 3˛1 . Hence, if s and u can be
expressed in terms of q and r , then ˛1 can be so expressed (and, by symmetry,
the other roots can be expressed in terms of q and r ). Experimenting with a
CAS or by hand, we find that
su D ˛12 C ˛22 C ˛32 ˛1 ˛2 ˛1 ˛3 ˛2 ˛3
2
D .˛1 C ˛2 C ˛3 / 3 .˛1 ˛2 C ˛1 ˛3 C ˛2 ˛3/
D 0 3q D 3q:
A CAS is a great help here Expanding s 3 C u3 and factoring the result, we get
(See Appendix A.6).
s 3 Cu3
D .˛1 C ˛2 2˛3 /.˛1 C ˛3 2˛2/.˛2 C ˛3 2˛1/
D .˛1 C ˛2 C ˛3 3˛3/.˛1 C ˛2 C ˛3 3˛2/.˛1 C ˛2 C ˛3 3˛1 /
D . 3˛3 /. 3˛2 /. 3˛1 /
D 27˛1˛2 ˛3 D 27r:
From su D 3q, we get s 3 u3 D 27q 3 . Coupled with s 3 C u3 D 27r , we
see that s 3 and u3 are roots of the quadratic polynomial
x 2 C 27r x 27q 3 :
We can solve this for s 3 and u3 , take cube roots, and recover ˛1 , leading to
Cardano’s formula (Exercise 9.3 below). N
Exercises
Exercise 9.1 shows how
to derive the quadratic 9.1 * Suppose the roots of x 2 C bx C c are ˛ and ˇ. Find, without using the quadratic
formula without completing formula, an expression for and ˛ ˇ in terms of ˛ C ˇ and ˛ˇ . Use it and the
the square. fact that ˛ C ˇ D b to find ˛ in terms of b and c.
i i
“book2” — 2013/5/24 — 8:18 — page 389 — #409
i i
9.4 Groups 389
9.2 Find the roots of the cubic from page 83,
x3 18x 35;
using the method of Example 9.6.

9.3 * Finish the derivation of the cubic formula outlined in Example 9.6.
9.4 Groups
Galois invented groups to exploit symmetry. Our purpose here is only to dis-
play Galois’ ideas in enough detail so that Theorem 9.16 below is plausible;
we wish to dispel some of the mystery that would arise if we merely cited the
ultimate result (you can follow the proofs in [26], Chapter 5).
Commutative rings are sets with two binary operations; a group is a set
having only one binary operation. Permutations, as any functions from a set
X to itself, can be composed and, as we show in Appendix A.1, composition
equips the family of all permutations of X with a a binary operation. This
viewpoint begets a kind of algebra, called group theory.
Definition. A group is a nonempty set G with a binary operation
W G G ! G;
where W .a; b/ 7! a b, satisfying the following properties:

(i) .a b/ c D a .b c/ for all a; b; c 2 G,
(ii) there is e 2 G with e a D a D a e for all a 2 G,
(iii) for all a 2 G, there is a0 2 G with a0 a D e D a a0 .
The element e is called the identity of G, and the element a0 is called the
inverse of a (the inverse of a is usually denoted by a 1 ).
It is not difficult to prove, for groups as for commutative rings, that the
identity element is unique (if e 0 a D a D a e 0 for all a 2 G, then e 0 D e),
and the inverse of every element is unique (if a00 a D e D a a00 , then
a00 D a0 ).
Example 9.7. Theorem A.12 in Appendix A.1 shows that SX , the family of
all the permutations of a nonempty set X, is a group with composition as its
binary operation. In the special case when X D f1; 2; : : : ; ng, denote SX by
Sn ;
and call it the symmetric group on n letters. N
Example 9.8. Just because we call a Galois group a group doesn’t make it so.
Recall that the Galois group Gal.E= k/ of a field extension E= k consists of all
the automorphisms of E that fix k. We now show that Gal.E= k/ with binary
operation composition is a group.
If ; 2 Gal.E= k/, then their composite is an automorphism of E
fixing k; that is, 2 Gal.E= k/, so that composition is a binary operation
on Gal.E= k/. Proposition A.5 says that composition of functions is always
i i
“book2” — 2013/5/24 — 8:18 — page 390 — #410
i i
associative. The identity 1E W E ! E is an automorphism fixing k, and it is

a routine calculation to show that if 2 Gal.E= k/, then its inverse 1 also
lies in Gal.E= k/. In particular, if f .x/ 2 kŒx and E= k is a splitting field
of f , then Gal.f / D Gal.E= k/ is a group. We have assigned a group to every
polynomial. N
Example 9.9. The set G D GL.2; R/ of all nonsingular 2 2 matrices with

real entries is a group with binary operation matrix multiplication . First, we
have W G G ! G because the product of two nonsingular matrices is also
nonsingular. Matrix multiplication is associative, and the identity matrix 10 01
is the identity element. Finally, nonsingular matrices have inverses (this is the
definition of nonsingular!), and so G is a group. N
How to Think About It. We warn the reader that new terms are going to
be introduced at a furious pace. You need not digest everything; if a new idea
seems only a little reasonable, continue reading nevertheless. One way to keep
your head above water is to see that definitions and constructions for groups
(subgroups, homomorphisms, kernels, normal subgroups, quotient groups) are
parallel to what we have already done for commutative rings (subrings, ho-
momorphisms, kernels, ideals, quotient rings). Your reward will be a better
appreciation of the beautiful results of Abel and Galois.
Definition. A subgroup of a group G is a nonempty subset S G such that

s; t 2 S implies s t 2 S and s 2 S implies s 1 2 S .
Subgroups S G are themselves groups, for they satisfy the axioms in

the definition. In particular, since S is not empty, there is some s 2 S ; by
definition, its inverse s 1 also lies in S , and so e D s s 1 lies in S .
Food for Thought. If is a set, we may view any subgroup of S , the

group of all permutations of , as symmetries of it. The notion of symme-
try depends on the permutation group: isometries of the plane are one kind
of symmetry; another kind arises from the group of all homeomorphisms of
the plane; yet another arises from the group of all nonsingular linear transfor-
mations. This observation is the basis of Klein’s Erlanger Programm, which
classifies different types of geometries according to which geometric proper-
ties of figures are left invariant.
Multiplication in a commutative ring R is, by definition, commutative: if

a; b 2 R, then ab D ba. But multiplication in a group need not be commuta-
tive: a b and b a may be different. For example, composition in the sym-
metric group S3 is not commutative: define ; 2 S3 by .1/ D 2, .2/ D 1,
.3/ D 3, and .1/ D 1, .2/ D 3, .3/ D 2. It is easy to see that ı ¤ ı
(for .1/ D .1/ D 2 and .1/ D .2/ D 3).
You also know that the product of two matrices depends on which is written
first: AB ¤ BA is possible. Hence, the group GL.2; R/ is not commutative.
Definition. A group G is abelian if a b D b a for all a; b 2 G.
i i
“book2” — 2013/5/24 — 8:18 — page 391 — #411
i i
9.4 Groups 391
Abel’s 1828 theorem says, in modern language, that a polynomial with an

abelian Galois group is solvable by radicals; this is why abelian groups are so-
called. From now on, we shall simplify notation by writing the product of two
group elements as ab instead of by a b and the identity as 1 instead of by e.
Proposition 9.10. If k is a field, a 2 k, and k contains all the nth roots of

unity, ; 2 ; : : : ; n D 1, then the Galois group of f .x/ D x n a is abelian. There is always a primitive
nth root of unity; that
is, an element with
Sketch of proof. Since k contains all the nth roots of unity,
n D 1 such that every
nth root of unity is a
E D k ! i ˇ W ˇ n D a and 1 i n power of . In particular,
a primitive complex nth
is a splitting field of f . Any automorphism of E must permute the roots, root of unity is e2 i=n D
and so .! i ˇ/ D ! j ˇ for some j depending on i . Similarly, if is another cos.2=n/ C i sin.2=n/.
automorphism, then .! j ˇ/ D ! ` ˇ. It follows that both and send ! i ˇ
to ! j C` ˇ D ! `Cj ˇ; from this fact it is not hard to see that Gal.E= k/ is an
abelian group.
Galois was able to translate a polynomial being solvable by radicals into a
certain property of its Galois group by constructing analogs for groups of the
constructions we have done in earlier chapters for commutative rings. Of course, abstract algebra
did not exist in Galois’ time.
Definition. If G and H are groups, then a homomorphism is a function In particular, rings, fields,
and homomorphisms were
'W G ! H such that, for all a; b 2 G, not in anyone’s vocabulary;
nor were groups.
'.ab/ D '.a/'.b/:
An isomorphism is a homomorphism that is a bijection. If there is an isomor-

phism 'W G ! H , then we say that G and H are isomorphic and we write
G Š H.
We can be more precise. If groups are denoted by .G; / and .H; ı/, where
and ı are binary operations, then a homomorphism 'W G ! H is a function
for which
'.a b/ D '.a/ ı '.b/:
It is easy to see that if ' is a homomorphism, then '.1/ D e, where 1 is the

identity of G and e is the identity of H ; moreover, for each a 2 G, we have
'.a 1 / D '.a/ 1 (the latter being the inverse of the element '.a/ in H ). If
a; b 2 G commute, then ab D ba. Hence, if 'W G ! H is a homomorphism,
then
'.a/'.b/ D '.ab/ D '.ba/ D '.b/'.a/:
It follows that if G is abelian and ' is an isomorphism, then H is abelian.

Every polynomial determines a group of symmetries of its roots.
Theorem 9.11. If a polynomial f .x/ 2 kŒx has n roots, then its Galois group If X and Y are sets
Gal.E= k/ is isomorphic to a subgroup of the symmetric group Sn . of n elements, then
SX Š Sn Š SY . Thus,
groups don’t care if you
Proof. By Theorem 9.4, elements of Gal.E= k/ permute the roots of f . Now are permuting n numbers,
see [26], p. 454. n roots, or n monkeys.
i i
“book2” — 2013/5/24 — 8:18 — page 392 — #412
i i
Definition. The kernel of a homomorphism 'W G ! H of groups is
ker ' D fa 2 G W '.a/ D 1g;
where 1 is the identity element of H . The image of ' is
im ' D fh 2 H W h D '.g/ for some g 2 Gg:
If 'W G ! H is a homomorphism, then ker ' is a subgroup of G and im '

is a subgroup of H .
Just as the kernel of a ring homomorphism has special properties—it is an
ideal—so, too, is the kernel of a group homomorphism special. If a 2 ker '
and b 2 G, then
1 1
'.bab / D '.b/'.a/'.b /
1
D '.b/1'.b/
1
D '.b/'.b/ D 1:
Definition. A subgroup N of a group G is a normal subgroup if, for each

a 2 N , we have bab 1 2 N for every b 2 G.
Thus, kernels of homomorphisms are always normal subgroups. In an abelian

group, every subgroup is normal but, in general, there are subgroups that are
not normal. For example, if is the permutation of X D f1; 2; 3g that inter-
changes 1 and 2 and fixes 3, then S D fe; g is a subgroup of the symmetric
group S3 . But S is not a normal subgroup of S3 , for if is the permutation that
fixes 1 and interchanges 2 and 3, then 1 .1/ D .1/ D .2/ D 3. Hence,
1 ¤ e and 1 ¤ ; that is, 2 S but 1 … S .
Just as we used ideals to construct quotient rings, we can use normal sub-
groups to construct quotient groups. If N is a subgroup of a group G, define
certain subsets, called cosets of N in G, as follows: if a 2 G, then
aN D fas W s 2 N g G:
The family of all cosets of N is denoted by
G=N D fall cosets aN W a 2 Gg:
When N is a normal subgroup, then G=N is a group if we define a binary

operation by
aN bN D abN
(normality of N is needed to prove that this multiplication is well-defined: if

a0 N D aN and b 0 N D bN , then a0 b 0 N D abN ). The group G=N is called
the quotient group.
There is an isomorphism theorem for groups analogous to the isomorphism
theorem for commutative rings.
Theorem 9.12 (First Isomorphism Theorem). If 'W G ! H is a group ho-

momorphism, then im ' is a subgroup of H , N D ker ' is a normal subgroup
of G, and there is an isomorphism ˆW G=N ! im ' given by ˆW aN 7! '.a/.
i i
“book2” — 2013/5/24 — 8:18 — page 393 — #413
i i
9.4 Groups 393
Sketch of proof. Adapt the proof of the First Isomorphism Theorem for com-
mutative rings.
How to Think About It. Without a doubt, this section contains too much
new material; there’s too much to digest. Fortunately, you have seen analogs
of these definitions for commutative rings so, at least, they sound familiar. You
can now sympathize with the members of the Academy in Paris in 1830 as
they struggled, without benefit of ever having seen any abstract algebra at all,
to read such things in the paper Galois submitted to them!
Let us now see why normal subgroups are important for polynomials. If
k B E, then Gal.E=B/ is a subset of Gal.E= k/:
Gal.E=B/ D f 2 Gal.E= k/ W .B/ D Bg:
It is easy to check that Gal.E=B/ is a subgroup of Gal.E= k/.
Theorem 9.13. Let k B E be a tower of fields, where E= k is a splitting

field of some f .x/ 2 kŒx. If B is the splitting field of some g.x/ 2 kŒx, then
Gal.E=B/ is a normal subgroup of Gal.E= k/, and
Gal.E= k/=Gal.E=B/ Š Gal.B= k/:
Sketch of proof. Define 'W Gal.E= k/ ! Gal.E=B/ by 'W 7! jB. The

restriction jB does send B to itself, since B is a splitting field (so automor-
phisms permute the roots of g, by Theorem 9.4), and so jB 2 Gal.B= k/.
By Theorem 9.12, the First Isomorphism Theorem, it suffices to find im ' and
ker '. It is obvious that Gal.E=B/ ker ', and a short calculation gives equal-
ity. We can prove that ' is surjective and hence im ' D Gal.B= k/ (the proof
of surjectivity ([26] p. 455) is not straightforward).
The converse of Theorem 9.13 is true: the Fundamental Theorem of Galois
Theory says, in part, that if N is a normal subgroup of Gal.E= k/, then there
is a subfield
B D f˛ 2 E W .˛/ D ˛ for all 2 N g E
that is a splitting field of some polynomial in kŒx.

The subgroups get smaller as the field extensions get bigger. If K L
E, then Gal.E=L/ Gal.E=K/: if is an automorphism of E that fixes
everything in L, then surely fixes everything in K L.
Lemma 9.14. Let K L E be a tower of fields, where K contains all roots

of unity. If L=K is a pure extension, then Gal.E=L/ is a normal subgroup of It is not true that that if
Gal.E=K/ and the quotient group Gal.E=K/=Gal.E=L/ is abelian. A is a normal subgroup
of B and B is a normal
subgroup of C , then A is a
Sketch of proof. The field extension L=K is a splitting field (because the normal subgroup of C .
subfield K contains all needed roots of unity), and so Theorem 9.12 gives
i i
“book2” — 2013/5/24 — 8:18 — page 394 — #414
i i
Gal.E=L/ a normal subgroup of Gal.E=K/. By Proposition 9.10, the quotient

group is abelian.
We conclude the story by applying Lemma 9.14 to each pure extension
Ki =Ki 1 in a tower of a radical extension.
Lemma 9.15. Let k be a field containing all roots of unity. If f .x/ 2 kŒx is
solvable by radicals, then there is a chain of subgroups
G0 D Gal.K t = k/ G1 G2 G t D f1g;
where each Gi C1 is a normal subgroup of Gi and each quotient group Gi =Gi C1

is abelian.
This lemma suggests the following definition.
Definition. A group G is solvable if there is a chain of subgroups
G D G0 G1 G2 G t D f1g
where each Gi C1 is a normal subgroup of Gi and each quotient group Gi =Gi C1

is abelian.
Clearly, every abelian group is solvable—take G1 D f1g. It is shown in

[26], p. 466, that the symmetric group S4 and all its subgroups are solvable
groups, but that S5 is not solvable.
Using these ideas, Galois proved the following beautiful theorem.
Theorem 9.16 (Galois). Let k be a field and f .x/ 2 kŒx. If f is solvable by

radicals, then its Galois group is a solvable group. If k has characteristic 0,
then the converse is true.
Proof. [25], p. 189 and p. 208.
Galois’ Theorem explains why the classical theorems hold for polynomials
of degree 4.
Corollary 9.17. If k is a field of characteristic 0 and f .x/ 2 kŒx has degree

4, then f is solvable by radicals.
Proof. Since deg.f / 4, Theorem 9.11 says that Gal.f / is (isomorphic to) a
subgroup of S4 and, hence, it is a solvable group. Theorem 9.16 now says that
f is solvable by radicals.
Finally, the next theorem explains why degree 5 was so troublesome.

Ruffini’s name occurs here
because he published Corollary 9.18 (Abel–Ruffini). The general polynomial of degree 5 is not
a proof of this result in solvable by radicals.
1799. Although his ideas
were correct, there were
gaps in his proof, and it Proof. The Galois group of the general quintic f .x/ 2 QŒx is S5 ([26],
was not accepted by his p. 468), which is not a solvable group, and so Galois’ Theorem says that f
contemporaries. is not solvable by radicals.
i i
“book2” — 2013/5/24 — 8:18 — page 395 — #415
i i
9.4 Groups 395
Here is an explicit numerical example. The quintic
f .x/ D x 5 4x C 2 2 QŒx
(see Figure 9.3) is not solvable by radicals because its Galois group is S5 ([26],
p. 469).
6
−2 −1 1 2
−2
−4
−6
Figure 9.3. f .x/ D x 5 4x C 2.
Corollary 9.18 is often misquoted. It says the general quintic is not solvable
by radicals: there is no formula involving only addition, subtraction, multipli-
cation, division, and extraction of roots that expresses the roots of the general
quintic polynomial in terms of its coefficients. But it doesn’t say that roots of
quintics cannot be found. There are other kinds of formulas; for example, New-
ton’s method gives the roots as limn!1 xn , where xnC1 D xn f .xn /=f 0 .xn /.
Thus, it is not accurate to say that there is no formula finding the roots of a
quintic polynomial.
Exercises
9.4 Prove that every subgroup of an abelian group is abelian.
9.5 Let f .x/; g.x/ 2 QŒx be solvable by radicals.
(i) Show that f .x/g.x/ is also solvable by radicals.
(ii) Give an example showing that f .x/ C g.x/ need not be solvable by radicals.
9.6 Assuming that x n 1 is solvable by radicals, prove that x n a is solvable by
radicals, where a 2 Q.
9.7 Prove that S3 is a solvable group and that it is not abelian.
9.8 Recall Exercise 1.56 on page 35: if m 2 is an integer, gcd.k; m/ D 1, and
gcd.k 0 ; m/ D 1, then gcd.kk 0 ; m/ D 1.
Prove that
Um D fŒk 2 Zm W gcd.k; m/ D 1g
is a group under multiplication.

9.9 If k is a field, prove that k D fa 2 k W a ¤ 0g is a group under multiplication.
i i
“book2” — 2013/5/24 — 8:18 — page 396 — #416
i i
9.10 If R is a commutative ring, prove that R is an abelian group under addition. (Note
that 0 is the identity element and that a is the (additive) inverse of a.)
9.11 Let k be a field.
(i) Prove that k is an abelian group under multiplication, where k denotes the
set of nonzero elements of k.
(ii) Prove that GL2 .k/, the set of all 2 2 nonsingular matrices with entries in k,
is a group under matrix multiplication.
GL2 .k/ is called the (iii) Prove that the determinant function,
General Linear group, and
SL2 .k/ is called the Special detW GL2 .k/ ! k ;
Linear group.
is a surjective homomorphism of groups.
(iv) Prove that ker.det/ D SL2 .k/, the set of all 2 2 matrices over k having
determinant 1.
(v) Prove that GL2 .k/=SL2 .k/ Š k .
9.12 (i) Prove that R is an abelian group with addition as binary operation.
(ii) Prove that Q is an abelian group with addition as binary operation; indeed, it
is a subgroup of R.
(iii) Let R> be the group of positive real numbers. Show that R> is a group with
addition as as binary operation.
The “laws of exponents” 9.13 (i) Prove that expW R ! R> , defined by a 7! ea , is a group homomorphism.
from high school algebra (ii) Prove that logW R> ! R, defined by b 7! log b, is a group homomorphism.
preview the results of
Exercise 9.13. (iii) Prove that exp is an isomorphism by showing that its inverse is log.
9.14 (i) Prove that R>, the set of all positive real numbers, is an abelian group with
multiplication as binary operation, and prove that Q> , the set of all positive
rational numbers, is a subgroup of R> .
(ii) Prove that ZŒx is an abelian group under addition.
(iii) Use the Fundamental Theorem of Arithmetic to prove that the additive group
ZŒx is isomorphic to the multiplicative group Q> of all positive rational
numbers.
Hint: Define 'W ZŒx ! Q> by
e e
'W e0 C e1 x C C en x n 7! p00 p11 pnen ;
where p0 D 2, p1 D 3, p2 D 5; : : : is the list of all primes.
9.5 Wiles and Fermat’s Last Theorem

Andrew Wiles proved Fermat’s Last Theorem in 1995: Modular elliptic curves
and Fermat’s last theorem, Ann. Math. (2) 141 (1995), pp. 443-551. He has
said,
I was a ten year old and one day I happened to be looking in my local
public library and I found a book on maths and it told a bit about the
history of this problem and I, a ten year old, could understand it. From
that moment I tried to solve it myselfI it was such a challenge, such a
beautiful problem. This problem was Fermat’s Last Theorem.
and
i i
“book2” — 2013/5/24 — 8:18 — page 397 — #417
i i
9.5 Wiles and Fermat’s Last Theorem 397
There’s no other problem that will mean the same to me. I had this very
rare privilege of being able to pursue in my adult life what had been my
childhood dream. I know it’s a rare privilege, but I know if one can do
this it’s more rewarding than anything one can imagine.
Andrew Wiles was born in Cambridge, England in 1953. He was awarded

a doctorate in 1980 from the University of Cambridge, then spent a year in
Bonn before joining the Institute for Advanced Study in Princeton. In 1982,
he was appointed Professor at Princeton. Around 1985, Wiles learned that the
Shimura–Taniyama–Weil conjecture about elliptic curves, if true, would im-
ply Fermat’s Last Theorem (we will say more about this below). Wiles was
able to prove a special case of this conjecture (the full conjecture was proved
in 2001) which was strong enough to give Fermat’s Last Theorem.
In 1994, Wiles was appointed Eugene Higgins Professor of Mathematics at
Princeton. Wiles received many honors for his outstanding work. For exam-
ple, he was awarded the Schock Prize in Mathematics from the Royal Swedish
Academy of Sciences, the Prix Fermat from Université Paul Sabatier, the Wolf
Prize in Mathematics from the Wolf Foundation in Israel, and the Cole Prize
from the American Mathematical Society. He was elected a member of the
National Academy of Sciences of the United States, receiving its mathematics
prize, and Andrew Wiles became “Sir Andrew Wiles” when he was knighted
by the Queen of England. In 1998, not being eligible for a Fields medal (the
mathematics prize equivalent to a Nobel prize) because he was over forty
years of age, the International Mathematical Union presented him with a silver
plaque at the International Congress of Mathematicians.
Elliptic Integrals and Elliptic Functions

The context of Wiles’ proof of Fermat’s Last Theorem is that of elliptic curves,
an area with an interesting history. Leibniz, one of the founders of calcu- We refer the reader to
lus, posed the problem of determining which integrals could be expressed in the books of Siegel [30],
Silverman–Tate [31], and
“closed form;” that is, as linear combinations of familiar functions such as ra-
Stillwell [32], as well
tional functions, exponentials, logarithms, trigonometric functions, and their as to the article by M.
inverse functions. One of the first integrals that could not be so expressed (al- Rosen, Abel’s Theorem
though the proof of this fact, by Liouville, waited until 1833) is the arclength on the Lemniscate, Amer.
of an ellipse. If f .x; y/ D 0 is the equation of a curve in the plane, then its Math. Monthly 88 (1981),
pp. 387–395, for further
arclength is given in terms of the indefinite integral
Z p details of this discussion.
1 C .dy=dx/2 dx:
Consider the ellipse with equation

x2 y2
2
C 2 D 1;
a b
p
where a > b > 0. We have y D b 1 .x 2 =a2 /, so that
dy bx
D p ;
dx a2 1 .x 2 =a2 /
and the arclength integral is
Z r 4
1 a .a2 b 2 /x 2
dx:
a a2 x 2
i i
“book2” — 2013/5/24 — 8:18 — page 398 — #418
i i
The eccentricity of the ellipse is

p
ED 1 .b=a/2 :
p
Make the substitution x D a sin , so that cos D 1a a2 x 2 and dx D
a cos d, to obtain
Z r 4 Z s 2
1 a .a2 b 2 /x 2 a b2
dx D a 1 sin2 d
a a2 x 2 a2
Z p
Da 1 E 2 sin2 d:
Finally, we rewrite the last integral using the tangent half-angle formula t D
tan.=2/ in Chapter 1 (so that d D 2dt=.1 C t 2 / and sin D 2t=.1 C t 2 /).
We obtain
Z p Z p
2 2 g.t/
a 1 E sin d D 2a dt;
.1 C t 2 /2
where g.t/ D t 4 C .2 4E 2 /t 2 C 1. Thus, if R.x; y/ is the rational function

in two variables,
y
R.x; y/ D ;
.1 C x 2 /2
then the arclength of an ellipse has the form

Z p
2a R t; g.t/ dt;
where g.t/ is a quartic polynomial. A similar integral arises from the arclength
of the hyperbola x 2 =a2 y 2 =b 2 D 1.
Definition. An elliptic integral is an indefinite integral of the form

Z p
R t; g.t/ dt;
where R.x; y/ is a rational function and g.t/ is either a cubic or a quartic

The substitution t D 1=u polynomial having no repeated roots.
transforms the cubic
integrand
These integrals are so called because, as we have just seen, the arclength
dt of an ellipse was one of the first examples of them. Another example of an
p
.t a/.t b/.t c/ elliptic integral, studied by Jacob Bernoulli in 1679, arises from computing the
arclength of a spiral. In 1694, James Bernoulli examined the shape an elas-
into the quartic tic rod takes if its ends are compressed; he found the resulting curve to be
du the lemniscate r 2 D cos 2; see Figure 9.4 (there are eight mathematicians
p : in the Bernoulli family, in the seventeenth and eighteenth centuries, listed in
u.1 ua/.1 ub/.i uc/
the MacTutor History of Mathematics Archive). Recall that the arclength of a
curve r D f ./ in polar coordinates is
Z p
1 C r 2 .d=dr /2 dr:
i i
“book2” — 2013/5/24 — 8:18 — page 399 — #419
i i
Figure 9.4. Lemniscate r 2 D cos 2 .
If r 2 D cos 2, then

r4
1 C r 2.d=dr /2 D 1 C
sin2 2
r4
D1C
1 cos2 2
r4
D1C
1 r4
1
D :
1 r4
Z
dr
Therefore, the arclength of the lemniscate is p .
1 r4
Yet another example,
Z
dt
p ;
.1 t 2 /.1 at 2 /
arises when calculating the period of oscillation of a simple pendulum. Com-
puting the electrical capacity of an ellipsoid with equation x 2=a2 C y 2 =b 2 C
z 2 =c 2 D 1 involves the integral
Z
dt
p ;
.a C t/.b 2 C t/.c 2 C t/
2
an elliptic integral involving a cubic.

Since there are interesting elliptic integrals and they are difficult to evalu-
ate, they were the subject of much investigation. In 1718, Fagnano proved a
Duplication Formula:
Z u Z Q.u/
dt dt
2 p D p ;
0 1 t 4 0 1 t4
p
where
Rx Q.u/
p D 2u 1 u4 =.1Cu4 /. In proving this, Fagnano
p inverted
p I.x/ D
0 1= 1 t dt, getting the inverse function I 1 .x/ D 2x= 1 C x 4 . In
4
1751, Euler generalized the duplication formula of Fagnano, obtaining an

Addition Theorem:
Z u Z v Z P.u;v/
dt dt dt
p C p D p ;
0 1 t 4 0 1 t 4 0 1 t4
p p
where P .u; v/ D u 1 v 4 C v 1 u4 =.1 C u2 v 2 / (so that P .u; u/ D
p
Q.u/). Euler further generalized this by replacing the integrand by 1= p.t/,
where p.t/ is any quartic polynomial.
i i
“book2” — 2013/5/24 — 8:18 — page 400 — #420
i i
Ru Ru
In 1797, Gauss considered the elliptic integrals 0 p dt 3 and 0 p dt .
1 t 1 t4
He saw an analogy (as, most likely, did Fagnano and Euler) with
Z u
dt
sin 1 u D p ;
0 1 t2
and he inverted many elliptic integrals; after all, sin x is the inverse function
of sin 1 x. Nowadays, inverse functions of elliptic integrals are called elliptic
functions. Just as sin x is periodic, that is, sin.x C 2 / D sin x for all x, so,
too, are elliptic functions f ; there is some number p with f .x C p/ D f .x/
Rz
for all x. Gauss then studied complex elliptic integrals I.z/ D 0 pd g./
; their
inverse functions f .z/ D I 1 .z/ are called elliptic functions of a complex
variable. Gauss saw that complex elliptic functions are doubly periodic: there
are (noncollinear) complex numbers p and q with
f .z C mp C nq/ D f .z/
for all complex z and all m; n 2 Z. This fact has important geometric conse-
quences, both for elliptic functions and for complex variables in general. Alas,
Gauss never published these ideas, and they became known only later.
In 1823, Abel investigated elliptic functions, rediscovered many of Gauss’s
theorems, and proved new beautiful results about them. For example, just as
Gauss had found all n for which one can divide the circle into n equal arcs
using ruler and compass (n D 2m p1 pk , where m 0 and the pi are dis-
t
tinct primes of the form 22 C 1), Abel obtained the same result (for exactly
the same n) for the lemniscate. At the same time, Jacobi began his investiga-
tions of elliptic functions, further explaining and generalizing work of Euler
by introducing theta functions and modular curves.
Congruent Numbers Revisited

The search for congruent numbers can be viewed as the search for “general-
ized Pythagorean triples”—right triangles with rational side-lengths and inte-
ger area. Recall from Chapter 1 that a congruent number is a positive integer n
that arises from asking which integers are areas of right triangles having ratio-
nal side-lengths; that is, there are positive rational numbers a, b, and c such
that
a2 C b 2 D c 2 and
1
2
ab D n:
Since ab D 2n > 0, we Let’s loosen the constraints a bit and allow a, b, and c to be negative rational
have a ¤ 0 and b ¤ 0. It numbers as well. We’d like to replace the two equations in four unknowns with
follows that c ¤ 0, too.
a simpler set of constraints. We’ll see that the solution can be realized as the
search for rational points on a polynomial curve.
In Theorem 1.9, we We now turn the pair of defining equations into a single equation in two
reduced the defining pair variables. The equation a2 C b 2 D c 2 can be written as
(for n D 2) to a degree 4
equation in three variables. b2 D c2 a2 D .c a/.c C a/:
We’ll do a little better here.
Let k D c a, so that we have
b 2 D k.c C a/:
i i
“book2” — 2013/5/24 — 8:18 — page 401 — #421
i i
Since c D k C a, this is the same as
b 2 D k.k C 2a/ D k 2 C 2ak;

or
2ak D b 2 k2:
Since a D 2b=n, this is equivalent to

4nk
D b2 k2;
b
or
4nk D b 3 k 2 b:
This is beginning to look like a cubic in b. To homogenize it, multiply both

3
sides by nk to get
3
4n4 bn 2 bn
D n
k2 k k
or
2 3
2n2 bn 2 bn
D n I
k k k
remembering that k D c a, we have a single cubic equation satisfied by a,
b, c, and n:
We’re assuming that
2
2n2 bn 3 bn c a ¤ 0, or else b D0.
D n2 :
c a c a c a
This shows that if a2 C b 2 D c 2 and ab D 2n, then

bn 2n2
;
c a c a
is a rational point on the graph of y 2 D x 3 n2 x (the graph of y 2 D x 3 25x

is shown in Figure 9.5).
Except for sign changes and points on the x-axis, the correspondence goes
both ways.
–5 5
Figure 9.5. y 2 D x 3 25x
i i
“book2” — 2013/5/24 — 8:18 — page 402 — #422
i i
Theorem 9.19. Let n be a positive integer. There’s a bijection between triples

of rational numbers .a; b; c/ satisfying
a2 C b 2 D c 2 and ab D 2n
and rational points on the graph of y 2 D x 3 n2 x with y ¤ 0.
Proof. The calculation preceding the statement of the theorem shows that a
triple produces such a point on the graph. Going the other way, if .x; y/ is a
point on the graph with y ¤ 0, we can solve the system
bn
xD
c a
2n2
yD
c a
c D a2 C b 2
2
for a, b, and c, either by hand or CAS (see Figure 9.6) to find
x2 n2
aD
y
2nx
bD
y
x 2 C n2
cD :
y
It is easily checked that this produces a triple of rational numbers of the desired
type.
The first part of what

the CAS returns (for
.x 2 cy n2 /=y ¤ 0)
combined with the value
given for c, just say that Figure 9.6. Solving for a, b, and c.
n ¤ 0.
Let’s state the conversion formulas explicitly.
Corollary 9.20. The bijection guaranteed by Theorem 9.19 is given explicitly

by
2
bn 2n2 x n2 2nx x 2 C n2
.a; b; c/ 7! ; and .x; y/ 7! ; ;
c a c a y y y
Example 9.21. The correspondence between rational right triangles with in-
teger area and cubic curves allows us to generate infinitely many congruent
triangles with the same area from a given such triangle.
i i
“book2” — 2013/5/24 — 8:18 — page 403 — #423
i i
For example, on page 18, we saw that there are two rational right triangles
with area 5. One comes from a scaled copy of 4.9; 40; 41/ whose area is 5 62 .
To find the second one, it would take a very long time (even with a computer)
to find 4.2420640; 2307361; 3344161/ whose area is 5 7473482. But we can
use an idea related to the “sweeping lines” method of Diophantus. The rational

right triangle with side-lengths 23 ; 20
3
; 41
6
corresponds, via the formulas in
25 75

Corollary 9.20, to the point P D 4 ; 8 on the curve C defined by
y2 D x3 25x:
The idea is to take a line tangent to C through P ; it intersects C in a second

point P 0 , which is also rational because P is (see Exercise 9.16 below). From A CAS (or at least a
this new rational point, we can build a new right triangle. calculator) is a very useful
From y 2 D x 3 25x, we have, using implicit differentiation that tool for these calculations.
dy 3x 2 25
D :
dx 2y
Using this, we find that the slope of the tangent to C at P is 59=12, and hence
the tangent line to C at P has equation

59 25 75
yD x C :
12 4 8
Solving the system (see Figure 9.7)
y2 D x3 25x

59 25 75
yD x C ;
12 4 8
we get P and

1681 62279
P0 D ; :
144 1728
Figure 9.7. P and P 0
Finally, using Corollary 9.20 again, we recover .a; b; c/ from P 0 :
1519 4920 334416

aD ; bD ; cD :
492 1519 747348
These are the side-lengths of the triangle on page 18. N
i i
“book2” — 2013/5/24 — 8:18 — page 404 — #424
i i
Exercises
9.15 Show that there are no rational points .x; y/ with y ¤ 0 on the graph of
(i) y 2 D x 3 x
(ii) y 2 D x 3 4x
9.16 Show that a cubic equation with rational coefficients and two rational roots has,
in fact, three rational roots.
9.17 Find a third rational right triangle with area 5, different from the two we found in
Example 9.21.
Elliptic Curves
The curves defined by the equation in Theorem 9.19,
y 2 D a cubic polynomial in x
show up all across mathematics. We just saw how they can be used to generate
congruent numbers. R p
Before that, we saw that the integral defining arcsine, dt= 1 t 2 , sug-
gested studying elliptic functions, the inverse functions of elliptic integrals.
Just as the unit circle is parametrized by sine and cosine (it consists of the
points .sin ; cos /), Gauss, Abel, and Jacobi considered curves parametrized
by elliptic functions; that is, curves consisting of the points .f .u/; f 0 .u//,
where f is an elliptic function (cosine is the derivative of sine). What sort of
curves are these? Expand the integrand of an elliptic integral as a power series
(since it has a denominator, the series begins with a negative power), and then
integrate term by term. There results a differential equation involving x D f
and y D f 0 , which turns out to be a cubic in two variables (see [9], pp. 17–
19). After some manipulations, one obtains a Weierstrass normal form for the
points .x; y/ on the curve y 2 D ax 3 C bx 2 C cx C d (there is another, simpler,
Weierstrass normal form, y 2 D 4x 3 g2 x g3 , where g2 ; g3 are constants).
This definition is not Definition. An elliptic curve over a field k is a curve C k 2 with equation
quite accurate, for an
elliptic curve is really an y 2 D g.x/;
equivalence class of such
curves.
where g.x/ D ax 3 C bx 2 C cx C d 2 kŒx has no repeated roots.
Curves over C are two- The most interesting elliptic curves are over C (for complex variables) or
dimensional surfaces when over Q (for number theory), while elliptic curves over finite fields Fq give rise
viewed over R.
to public access codes that are more secure than the RSA codes we discussed
in Chapter 4.
Elliptic functions and elliptic curves, whose humble origins are in arclength
problems, occur in analysis, geometry, and complex variables. In the previous
subsection, we saw that congruent numbers lead to rational points on elliptic
curves. More generally, let’s now see the connection with number theory and
with Fermat’s Last Theorem in particular.
Definition. A Diophantine equation is an equation f .x1 ; : : : ; xm / D 0, where

f .x1 ; : : : ; xm / 2 QŒx1 ; : : : ; xm is a polynomial in several variables having ra-
tional coefficients.
i i
“book2” — 2013/5/24 — 8:18 — page 405 — #425
i i
A solution to a Diophantine equation f .x1 ; : : : ; xm/ D 0 is an m-tuple

.q1 ; : : : ; qm/ 2 Qm for which f .q1 ; : : : ; qm / D 0I an integer solution is a
solution in Zm .
For example, x n C y n 1 D 0 is a Diophantine equation. Rational solutions

.u; v/ D .a=c; b=c/ give rise, by clearing denominators, to integer solutions of
the Diophantine equation x n C y n D z n . Of course, this example arises from
Fermat’s Last Theorem.
A curve in the plane is the locus of solutions to an equation f .x; y/ D 0.
Let’s focus on polynomials f .x; y/ 2 QŒx; y; that is, on Diophantine equa-
tions of two variables. A rational point .u; v/ on the curve f .x; y/ D 0 is a
geometric way of viewing a solution to the Diophantine equation f .x; y/ D 0.
The method of Diophantus classifies Pythagorean triples by intersecting the
unit circle x 2 C y 2 D 1 with lines through the rational point . 1; 0/, thereby
parametrizing the circle with rational functions, and then finding the rational
points on the circle that correspond to Pythagorean triples. We saw, in Chap-
ter 1, that it is worthwhile to generalize the method by replacing the unit circle
by conic sections.
Now pass from conic sections, curves in the plane corresponding to quadratic
polynomials f .x; y/ 2 RŒx; y, to cubic polynomials of two variables. For ex-
ample, rational points on x 3 C y 3 D 1 correspond to integer solutions of
a3 C b 3 D c 3 , so that the truth of Fermat’s Last Theorem for n D 3 says that
the curve x 3 C y 3 D 1 has no rational points.
Diophantus also studied cubic curves. There was no analytic geometry in his
day, and geometry was not explicit in his results. However, both Fermat and,
later, Newton believed that geometry explains Diophantus’s method of finding
solutions of cubic Diophantine equations f .x; y/ D 0; indeed, Newton called
it the chord–tangent construction. Just as lines usually intersect a conic section
in two points, lines usually intersect cubic curves in three points. If y D mxCh
is the equation of a line L, then L meets the curve in points .x; mx C h/ for
which f .x; mx Ch/ D 0. But f .x; mx Ch/ is a cubic, and so it has three roots
(if we admit complex numbers). In particular, given rational points P; Q on a
cubic curve C , say P D .a; b/ and Q D .c; d /, then the slope .d b/=.c a/
of the line L they determine is rational. If C has equation f .x; y/ D 0, where
f .x; y/ 2 QŒx; y, then L intersects C in a third point, which is also a rational
point. Thus, the chord joining rational points P and Q on C determines a third
rational point on C (see Figure 9.8); denote the third point by
P Q:
If we think of the tangent line T to C at P as a limit of chords through P ,
then it is natural to consider where T meets C . The slope of T is also rational:
if
A.x/y 3 C B.x/y 2 C C.x/y C D.x/ D 0;
where A; B; C; D 2 QŒx have degrees, respectively, 0; 1; 2; 3, then implicit
differentiation gives
B 0y2 C C 0y C D0
y 0 .x; y/ D I
3Ay 2 C 2By C C
since the coefficients of A; B; C; D are rational and P D .a; b/ is a rational
point, the slope y 0 .a; b/ of T is rational. It follows easily that if T meets C ,
i i
“book2” — 2013/5/24 — 8:18 — page 406 — #426
i i
P*Q
Q
P
P+Q
Figure 9.8. Adding points on a cubic.
then the point of intersection is another rational point; denote such a point by
P P
(thus, the tangent line T intersects C in another rational point, say Q, and the
two points P; Q determine a third rational point).
If we are considering cubic curves C in the plane, then it is possible that a
line meets C in only one point, not three (a cubic in RŒx always has a real root,
This is a good reason to but its other roots may not be real). To make all work smoothly, we enlarge the
consider cubics over the plane to the Riemann sphere C b D R2 [ f1g, where we regard 1 as a point
complex numbers.
“at infinity.” We agree that lines through 1 are precisely the vertical lines; we
declare that 1 lies on every cubic C and that 1 is a rational point on C . Given
two points P; Q on the curve, the line they determine meets the curve in a third
rational point P Q. Define P CQ to be the intersection of C with the vertical
line V through P Q; that is, V is the line determined by the two rational
points 1 and P Q (see Figure 9.8). The wonderful discovery is that this
allows us to “add” points P; Q on elliptic curves (indeed, the set of all rational
points on an elliptic curve is an abelian group under this binary operation). In
particular, if C is the elliptic curve arising from the lemniscate (or any of the
elliptic functions considered by Euler), then the limits of integration in Euler’s
Addition Theorem are given by the chord–tangent construction: for example,
Z P Z Q Z P CQ
dt dt dt
p C p D p :
0 1 t4 0 1 t4 0 1 t4
As we have seen, congruent numbers n arising from rational side-lengths
.a; b; c/ of a right triangle correspond to rational points on the elliptic curve
y 2 D x 3 n2 x. The binary operation shows how to construct new congruent
numbers from given ones. The importance of this operation is illustrated by
Theorem 9.19.
What has this discussion to do with Fermat’s Last Theorem? The abelian
group of rational points on elliptic curves, an example of complex multipli-
cation, is only the beginning of deep connections between Diophantine equa-
tions and elliptic curves. The following account by the number theorist Andrew
Granville summarizes the recent history.
i i
“book2” — 2013/5/24 — 8:18 — page 407 — #427
i i
It all began in 1955, with a question posed by the Japanese mathe- We refer the reader to
matician Yutaka TaniyamaW Could one explain the properties of ellip- [31] for more about elliptic
curves and Diophantine
tic curves, equations of the form y 2 D x 3 C ax C b with a and b
equations. We also rec-
given whole numbers, in terms of a few well-chosen curves? That is, ommend the expository
is there some very special class of equations that in some way encap- article of Cox, Introduction
sulate everything there is to know about our elliptic curves‹ Taniyama to Fermat’s Last Theorem,
was fairly specific about these very special curves .the so-called modu- Amer. Math. Monthly 101
(1994), pp. 3–14, for more
lar curves) and, in 1968, André Weil, one of the leading mathematicians
details.
of the twentieth century, made explicit which modular curve should de-
scribe which elliptic curve. In 1971, the first significant proven evidence
in favor of this abstract understanding of equations was given by Goro
Shimura at Princeton University, who showed that it works for a very
special class of equations. This somewhat esoteric proposed approach to
understanding elliptic curves is now known as the Shimura–Taniyama–
Weil conjecture. There the matter stood until 1986, when Gerhard Frey
made the most surprising and innovative link between this very abstract
conjecture and Fermat’s Last Theorem. What he realized was that if
c n D an C b n , then it seemed unlikely that one could understand the
equation y 2 D x.x an /.x C b n / in the way proposed by Taniyama.
It took deep and difficult reasoning by Jean-Pierre Serre and Ken Ribet
to strengthen Frey’s original concept to the point that a counterexam-
ple to Fermat’s Last Theorem would directly contradict the Shimura–
Taniyama–Weil conjecture.
This is the point where Wiles enters the picture. Wiles drew together a
vast array of techniques to attack this question. Motivated by extraor-
dinary new methods of Victor Kolyvagin and Barry Mazur, Wiles estab-
lished the Shimura–Taniyama–Weil conjecture for an important class of
examples, including those relevant to proving Fermat’s Last Theorem.
His work can be viewed as a blend of arithmetic and geometry, and
has its origins way back in Diophantus’s Arithmetic. However he em-
ploys the latest ideas from a score of different fields, from the theories
of L-functions, group schemes, crystalline cohomology, Galois repre-
sentations, modular forms, deformation theory, Gorenstein rings, Euler
systems and many others. He uses, in an essential way, concepts due to
many mathematicians from around the world who were thinking about
very different questions.
The work of Wiles is a tour de force, and will stand as one of the sci-
entific achievements of the century. His work is not to be seen in iso-
lation, but rather as the culmination of much recent thinking in many
directions. Wiles’ proof, starting from scratch, would surely be over a
thousand pages long.
The story of this important discovery is a tribute to the deeper and more
abstruse levels of abstract understanding that mathematicians have long
claimed is essential. Many of us, while hailing Wiles’ magnificent achieve-
ment, yearn for Fermat to have been correct, and for the truly marvel-
lous, and presumably comparatively straightforward, proof to be recov-
ered.
i i
“book2” — 2013/5/24 — 8:18 — page 408 — #428
i i
i i
“book2” — 2013/5/24 — 8:18 — page 409 — #429
i i
A Appendices
A.1 Functions
Pick up any calculus book; somewhere near the beginning is a definition of
function which reads something like this: a function f is a rule that assigns to
each element a in a set A exactly one element, denoted by f .a/, in a set B. Ac-
tually, this isn’t too bad. The spirit is right: f is dynamic; it is like a machine,
whose input consists of elements of A and whose output consists of certain
elements of B. The sets A and B may be made up of numbers, but they don’t
have to be.
There is a slight notational surprise. We are used to writing a function, not
as f , but as f .x/. For example, integrals are written
Z
f .x/ dx:
Logically, one notation for a function, say f , and another for its value at a
point a in A, say f .a/, does make sense. However, some notation is grand-
fathered in. For example, we will continue to write polynomials as f .x/ D
an x n C an 1 x n 1 C C a0 , trigonometric functions as sin x and cos x, and
the exponential as e x (but some authors denote the exponential function by
exp). Still, the simpler notation f is usually a good idea.
One problem we have with the calculus definition of function involves the
word rule. To see why this causes problems, we ask when two functions are
equal. If f is the function f .x/ D x 2 C 2x C 1 and g is the function g.x/ D
.x C 1/2 , is f D g? We usually think of a rule as a recipe, a set of directions.
With this understanding, f and g are surely different: f .5/ D 25 C 10 C 1 and
g.5/ D 62 . These are different recipes, but note that both cook the same dish:
for example, f .5/ D 36 D g.5/.
A second problem with the calculus definition is just what is allowed to be
a rule. Must a rule be a formula? If so, then f .x/, defined by
(
1 if x is rational
f .x/ D
0 if x is irrational,
is not a function. Or is it? The simplest way to deal with these problems is to
avoid the imprecise word rule.
If A is a set, then we write
a 2 A;
which abbreviates “a belongs to A” or “a is an element of A.”
409
i i
“book2” — 2013/5/24 — 8:18 — page 410 — #430
i i
410 Appendix A Appendices
Definition. If A1 ; A2; : : : ; An are sets, their cartesian product is

˚
A1 A2 An D .a1 ; a2 ; : : : ; an / W ai 2 Ai for all i :
We can define ordered An element .a1 ; a2 / 2 A1 A2 is called an ordered pair, and .a1 ; a2 / D
pair from scratch: see .a10 ; a20 / if and only if a1 D a10 and a2 D a20 . More generally, two n-tuples
Exercise A.2 on page 418.
Cartesian product could
.a1 ; a2 ; : : : ; an / and .a10 ; a20 ; : : : ; an0 / are equal if ai D ai0 for all subscripts i .
then be defined by induc- We now review subsets and equality, for functions f W A ! B are subsets
tion on n. of A B. We say that U is a subset of V or U is contained in V , denoted by
U V;
if, for all u 2 U , we have u 2 V . Formally: .8u/.u 2 U ) u 2 V /.
Two subsets U and V of a set X are equal, that is,
U D V;
if they are comprised of exactly the same elements: thus, U D V if and only
if U V and V U . This obvious remark is important because many proofs
of equality of subsets break into two parts, each part showing that one subset
is contained in the other. For example, let
U D fx 2 R W x 0g and V D fx 2 R W there exists y 2 R with x D y 2 g:
p
Now U V because x D . x/2 2 V , while V U because y 2 0 for
every real number y (if y < 0, then y D a for a > 0 and y 2 D a2 ). Hence,
U DV.
If U is a proper subset of V ; that is, if U V but U ¤ V , then we write
U ¨ V:
An empty set, denoted by ¿, is a set with no elements. Given a set X, it is
always true that ¿ X. To see this, observe that the negation
.9u/.u 2 ¿ ) u … V /
is false, for there is no u 2 ¿. The empty set is unique: if ¿0 is also an empty
set, then ¿ ¿0 and ¿0 ¿, so that ¿ D ¿0 . There is only one empty set.
Informally, a function is what we usually call its graph.
Definition. Let A and B be sets. A function f W A ! B is a subset f A B

such that, for each a 2 A, there is a unique b 2 B with .a; b/ 2 f . The set A
is called its domain, and the set B is called its target.
If f is a function and .a; b/ 2 f , then we write f .a/ D b and we call b
the value of f at a. Define the image (or range) of f , denoted by im f , to be
the subset of B consisting of all the values of f .
When we say that A is the domain of a function f W A ! B, we mean that

f .a/ is defined for every a 2 A. Thus, the reciprocal f .x/ D 1=.x 1/ is not
a function R ! R, but it is a function R0 ! R, where R0 denotes the set of all
real numbers not equal to 1.
The second problem above—is f W R ! R a function, where f .x/ D 1 if
x is rational and f .x/ D 0 if x is irrational—can now be resolved; yes, f is a
function:
f D f.x; 1/ W x is rationalg [ f.x; 0/ W x is irrationalg R R:
i i
“book2” — 2013/5/24 — 8:18 — page 411 — #431
i i
A.1 Functions 411
Let’s look at more examples before resolving the first problem arising from
the imprecise term rule.
Example A.1. (i) The squaring function f W R ! R, given by f .x/ D x 2 ,

is the parabola consisting of all points in the plane R R of the form
.a; a2 /. It satisfies the definition, and so f is a function (if f wasn’t a
bona fide function, we would change the definition!).
(ii) If A and B are sets and b0 2 B, then the constant function at b0 is
the function f W A ! B defined by f .a/ D b0 for all a 2 A (when
A D R D B, then the graph of a constant function is a horizontal line).
(iii) For a set A, the identity function 1A W A ! A is the function consisting of
all .a; a/ (the diagonal of A A), and 1A .a/ D a for all a 2 A.
(iv) The usual functions appearing in calculus are also functions according to
the definition just given. For example, the domain of sin x is R, its target
is usually R, and its image is the closed interval Œ 1; 1. N
How to Think About It. A function f W A ! B is the subset of A B

consisting of all the ordered pairs .a; f .a// (this subset is the function but,
informally, it is usually called its graph). In order to maintain the spirit of a
function being dynamic, we often use the notation
f W a 7! b
instead of f .a/ D b. For example, we may write the squaring function as

f W a 7! a2 instead of f .a/ D a2 . We often say that f sends a to f .a/.
Let’s return to our first complaint about rules; when are two functions equal?
Proposition A.2. Let f W A ! B and gW A ! B be functions. Then f D g if

and only if f .a/ D g.a/ for every a 2 A.
Proof. Assume that f D g. Functions are subsets of A B, and so f D g

means that each of f and g is a subset of the other. If a 2 A, then .a; f .a// 2
f ; since f D g, we have .a; f .a// 2 g. But there is only one ordered pair in
g with first coordinate a, namely, .a; g.a//, because the definition of function
says that g gives a unique value to a. Therefore, .a; f .a// D .a; g.a//, and
equality of ordered pairs gives f .a/ D g.a/, as desired.
Conversely, assume that f .a/ D g.a/ for every a 2 A. To see that f D g,
it suffices to show that f g and g f . Each element of f has the form
.a; f .a//. Since f .a/ D g.a/, we have .a; f .a// D .a; g.a// and hence
.a; f .a// 2 g. Therefore, f g. The reverse inclusion g f is proved
similarly. Therefore, f D g.
Proposition A.2 resolves the first problem arising from the term rule: if
f; gW R ! R are given by f .x/ D x 2 C 2x C 1 and g.x/ D .x C 1/2 , then
f D g because f .a/ D g.a/ for every number a.
Let us clarify another point. Can functions f W A ! B and gW A0 ! B 0 be
equal? Here is the commonly accepted usage.
i i
“book2” — 2013/5/24 — 8:18 — page 412 — #432
i i
Definition. Functions f W A ! B and gW A0 ! B 0 are equal if A D A0 ,

B D B 0 , and f .a/ D g.a/ for all a 2 A.
Thus, a function f W A ! B has three ingredients—its domain A, its tar-

get B, and its graph—and we are saying that functions are equal if and only if
they have the same domains, the same targets, and the same graphs.
It is plain that the domain and the graph are essential parts of a function;
why should we care about the target of a function when its image is more
important? As a practical matter, when first defining a function, one usually
doesn’t know its image. For example, what’s the image of f W R ! R, defined
by
x
! Z
x
1 C jxje dt
f .x/ D log p 5
p
7
‹
2
x C cos x2 0 1 C t6
We must analyze f to find its image, and this is no small task. But if targets
have to be images, then we couldn’t even write down f W R ! R without
See the discussion on having first found the image of f . Thus, targets are convenient to use.
page 437 for a more If A is a subset of a set B, the inclusion i W A ! B is the function given by
sophisticated reason why
i.a/ D a for all a 2 A; that is, i is the subset of A B consisting of all .a; a/
targets are important.
with a 2 A. If S is a proper subset of a set A, then the inclusion i W S ! A is
not the identity function 1S because its target is A, not S ; it is not the identity
function 1A because its domain is S , not A.
Instead of saying that the values of a function f are unique, we sometimes
say that f is single-valued or that it is well-defined.
p For example, if R de-

notes the set ofpnonnegative reals, then W R ! R is a function because
we agree that
p a 0 for every nonnegative number a. On the other hand,
g.a/ D ˙ a is not single-valued, and hence it is not a function. The sim-
plest way to verify whether an alleged function f is single-valued is to phrase
uniqueness of values as an implication:
if a D a0 ; then f .a/ D f .a0 /:
For example, consider the addition function ˛W R R ! R. To say that ˛

is well-defined is to say that if .u; v/ D .u0 ; v 0 / in R R, then ˛.u; v/ D
˛.u0 ; v 0 /; that is, if u D u0 and v D v 0 , then u C v D u0 C v 0 . This is usually
called the Law of Substitution.
Another example is addition of fractions. We define
a c ad C bc
C D :
b d bd
But fractions have many names. If a=b D a0 =b 0 and c=d D c 0 =d 0 , is .ad C
bc/=bd D .a0 d 0 C b 0 c 0 /=b 0 d 0 ? We verified that this formula does not depend
on the choices of names of the fractions on page 193. On the other hand, the
operation
a c aCc
D
b d bd
1
is not well-defined: 2
D 24 , but 1
2
3
4
D 48 , while 2
4
3
4
D 5
16
¤ 84 .
There is a name for functions whose image is equal to the whole target.
i i
“book2” — 2013/5/24 — 8:18 — page 413 — #433
i i
A.1 Functions 413
Definition. A function f W A ! B is surjective (or onto or a surjection) if
im f D B:
Thus, f is surjective if, for each b 2 B, there is some a 2 A (depending

on b) with b D f .a/.
Example A.3. (i) The identity function 1A W A ! A is a surjection.

(ii) The sine function R ! R is not surjective, for its image is Œ 1; 1, a
proper subset of its target R. The function sW R ! Œ 1; 1, defined by
s.x/ D sin x, is surjective.
(iii) The functions x 2 W R ! R and e x W R ! R have target R. Now im x 2
consists of the nonnegative reals and im e x consists of the positive reals,
so that neither x 2 nor e x is surjective.
(iv) Let f W R ! R be defined by
f .a/ D 6a C 4:
To see whether f is a surjection, we ask whether every b 2 R has the

form b D f .a/ for some a; that is, given b, can we find a so that
6a C 4 D b‹
Since a D 61 .b 4/, this equation can always be solved for a, and so f

is a surjection.
˚3
(v) Let f W R 2 ! R be defined by
6a C 4
f .a/ D :
2a 3
To see whether f is a surjection, we seek, given b, a solution a: can we
solve
6a C 4
b D f .a/ D ‹
2a 3
This leads to the equation a.6 2b/ D 3b 4, which can be solved
for a if 6 2b ¤ 0 (note that . 3b 4/=.6 2b/ ¤ 3=2). On the other
hand, it suggests that there is no solution when b D 3 and, indeed, there is
not: if .6a C 4/=.2a 3/ D 3, cross multiplying gives the false equation
6a C 4 D 6a 9. Thus, 3 … im f , and f is not a surjection (in fact,
im f D R f3g). N
The following definition gives another important property a function may

have.
Definition. A function f W A ! B is injective (or one-to-one or an injection)

if, whenever a and a0 are distinct elements of A, then f .a/ ¤ f .a0 /. Equiva-
lently, the contrapositive states that f is injective if, for every pair a, a0 2 A,
we have
f .a/ D f .a0 / implies a D a0 :
i i
“book2” — 2013/5/24 — 8:18 — page 414 — #434
i i
Being injective is the converse of being single-valued: f is single-valued if

a D a0 implies f .a/ D f .a0 /; f is injective if f .a/ D f .a0 / implies a D a0 .
Most functions are neither injective nor surjective. For example, the squar-
ing function f W R ! R, defined by f .x/ D x 2 , is neither.
Example A.4. (i) The identity function 1A W A ! A is injective.

˚3
(ii) Let f W R 2
! R be defined by
6a C 4
f .a/ D :
2a 3
To check whether f is injective, suppose that f .a/ D f .b/:
6a C 4 6b C 4
D :
2a 3 2b 3
Cross multiplying yields
12ab C 8b 18a 12 D 12ab C 8a 18b 12;
which simplifies to 26a D 26b and hence a D b. We conclude that f is
injective. (We saw, in Example A.3, that f is not surjective.)
(iii) Consider f W R ! R, given by f .x/ D x 2 2x 3. If we try to check
whether f is an injection by looking at the consequences of f .a/ D
f .b/, as in part (ii), we arrive at the equation a2 2a D b 2 2b; it
is not instantly clear whether this forces a D b. Instead, we seek the
roots of f , which are 3 and 1. It follows that f is not injective, for
f .3/ D 0 D f . 1/; that is, there are two distinct numbers having the
same value. N
Sometimes there is a way of combining two functions to form another func-

tion, their composite.
Definition. If f W A ! B and gW B ! C are functions (the target of f is the

domain of g), then their composite, denoted by g ı f , is the function A ! C
given by
g ı f W a 7! g.f .a//I
that is, first evaluate f on a, and then evaluate g on f .a/.
We usually abbreviate the notation for composites in the text, writing gf

instead of g ı f , but we shall always write g ı f in this Appendix.
Composition is thus a two-step process: a 7! f .a/ 7! g.f .a//. For exam-
ple, the function hW R ! R, defined by h.x/ D e cos x , is the composite g ı f ,
where f .x/ D cos x and g.x/ D e x . This factorization is plain as soon as one
tries to evaluate, say h. /; one must first evaluate f . / D cos D 1 and
then evaluate
1
h. / D g.f . // D g. 1/ D e :
The chain rule in calculus is a formula that computes the derivative .g ı f /0
in terms of g0 and f 0 :
.g ı f /0 .x/ D .g0 ı f /.x/ f 0 .x/ D g0 .f .x// f 0 .x/:
i i
“book2” — 2013/5/24 — 8:18 — page 415 — #435
i i
A.1 Functions 415
If f W A ! B is a function, and if S is a subset of A, then the restriction

of f to S is the function f jS W S ! B, defined by .f jS /.s/ D f .s/ for all
s 2 S . It is easy to see that if i W S ! A is the inclusion, then f jS D f ı i ; that
is, the functions f jS and f ı i have the same domain, the same target, and the
same graph (see Exercise A.4 on page 419).
If f W N ! N and gW N ! R are functions, then g ı f W N ! R is defined,
but f ı g is not defined (for target.g/ D R ¤ N D domain.f /). Even when
f W A ! B and gW B ! A, so that both composites g ı f and f ı g are defined,
they need not be equal. For example, define f , gW N ! N by f W n 7! n2 and
gW n 7! 3n; then g ı f W 2 7! g.4/ D 12 and f ı gW 2 7! f .6/ D 36. Hence,
g ı f ¤ f ı g.
Given a set A, let
AA D fall functions A ! Ag:
The composite of two functions in AA is always defined, and it is, again, a
function in AA . As we have just seen, composition is not commutative; that is,
f ı g and g ı f need not be equal. Let us now show that composition is always
associative.
Proposition A.5. Composition of functions is associativeW given functions f W

A ! B, gW B ! C , and hW C ! D, then
h ı .g ı f / D .h ı g/ ı f:
Proof. We show that the value of either composite on an element a 2 A is just

d D h.g.f .a///. If a 2 A, then
h ı .g ı f /W a 7! .g ı f /.a/ D g.f .a// 7! h.g.f .a/// D d;
and
.h ı g/ ı f W a 7! f .a/ 7! .h ı g/.f .a// D h.g.f .a/// D d:
Since both are functions A ! D, it follows from Proposition A.2 that the
composites are equal.
In light of this proposition, we need not write parentheses: the notation
h ı g ı f is unambiguous.
Suppose that f W A ! B and gW C ! D are functions. If B C , then
some authors define the composite hW A ! D by h.a/ D g.f .a//. We do
not allow composition if B ¤ C . However, we can define h as the composite
h D g ı i ı f , where i W B ! C is the inclusion.
The next result implies that the identity function 1A behaves for composition
in AA just as the number one does for multiplication of numbers.
Proposition A.6. If f W A ! B, then 1B ı f D f D f ı 1A .
Proof. If a 2 A, then
1B ı f W a 7! f .a/ 7! f .a/
and
f ı 1A W a 7! a 7! f .a/:
i i
“book2” — 2013/5/24 — 8:18 — page 416 — #436
i i
Are there “reciprocals” in AA ; that is, are there any functions f W A ! A

for which there is g 2 AA with f ı g D 1A and g ı f D 1A ? The following
discussion will allow us to answer this question.
Definition. A function f W A ! B is bijective (or a one-one correspondence

or a bijection) if it is both injective and surjective.
Example A.7. (i) Identity functions are always bijections.

(ii) Let X D f1; 2; 3g and define f W X ! X by
f .1/ D 2; f .2/ D 3; f .3/ D 1:
It is easy to see that f is a bijection. N
We can draw a picture of a function f W X ! Y in the special case when

X and Y are finite sets (see Figure A.1). Let X D f1; 2; 3; 4; 5g, let Y D
fa; b; c; d; eg, and define f W X ! Y by
f .1/ D b f .2/ D e f .3/ D a f .4/ D b f .5/ D c:
Now f is not injective, because f .1/ D b D f .4/, and f is not surjective,
1 a
2 b
X 3 c Y
4 d
5 e
Figure A.1. Picture of a function.
because there is no x 2 X with f .x/ D d . Can we reverse the arrows to get

a function gW Y ! X? There are two reasons why we can’t. First, there is no
arrow going to d , and so g.d / is not defined. Second, what is g.b/? Is it 1 or
is it 4? The first problem is that the domain of g is not all of Y , and it arises
because f is not surjective; the second problem is that g is not single-valued,
and it arises because f is not injective (this reflects the fact that being single-
valued is the converse of being injective). Neither problem arises when f is a
bijection.
Definition. A function f W X ! Y is invertible if there exists a function

gW Y ! X, called its inverse, with both composites g ı f and f ı g being
identity functions.
We do not say that every function f is invertible; on the contrary, we have

just given two reasons why a function may not have an inverse. Notice that if
an inverse function g does exist, then it “reverses the arrows” in Figure A.1. If
f .a/ D y, then there is an arrow from a to y. Now g ı f being the identity
says that a D .g ı f /.a/ D g.f .a// D g.y/; therefore gW y 7! a, and so the
picture of g is obtained from the picture of f by reversing arrows. If f twists
something, then its inverse g untwists it.
i i
“book2” — 2013/5/24 — 8:18 — page 417 — #437
i i
A.1 Functions 417
Lemma A.8. If f W X ! Y and gW Y ! X are functions such that gıf D 1X ,

then f is injective and g is surjective.
Proof. Suppose that f .a/ D f .a0 /. Apply g to obtain g.f .a// D g.f .a0 //;
that is, a D a0 (because g.f .a// D a), and so f is injective. If x 2 X, then
x D g.f .x//, so that x 2 im g; hence g is surjective.
Proposition A.9. A function f W X ! Y has an inverse gW Y ! X if and only

if it is a bijection.
Proof. If f has an inverse g, then Lemma A.8 shows that f is injective and
surjective, for both composites g ı f and f ı g are identities.
Assume that f is a bijection. Let y 2 Y . Since f is surjective, there is some
a 2 X with f .a/ D y; since f is injective, a is unique. Defining g.y/ D a
thus gives a (single-valued) function whose domain is Y (g merely “reverses
arrows;” since f .a/ D y, there is an arrow from a to y, and the reversed arrow
goes from y to a). It is plain that g is the inverse of f ; that is, f .g.y// D
f .a/ D y for all y 2 Y and g.f .a// D g.y/ D a for all x 2 X.
Example A.10. If a is a real number, then multiplication by a is the function

a W R ! R, defined by r 7! ar for all r 2 R. If a ¤ 0, then a is a bijection;
its inverse function is division by a, namely, ıa W R ! R, defined by r 7! 1a r ;
of course, ıa D 1=a . If r 2 R, then
a ı ıa W r 7! a1 r 7! a 1a r D r I
hence, a ı ıa D 1R. Similarly, ıa ı a D 1R.

If a D 0, however, then a D 0 is the constant function 0 W r 7! 0 for all
r 2 R, which has no inverse function. N
Etymology. The inverse of a bijection f is denoted by f 1 (Exercise A.6

on page 419 says that a function cannot have two inverses). This is the same
notation used for inverse trigonometric functions in calculus; for example,
sin 1 x D arcsin x satisfies sin.arcsin.x// D x and arcsin.sin.x// D x. Of What are the domain and
course, sin 1 does not denote the reciprocal 1= sin x, which is csc x. image of arcsin?
Example A.11. Here is an example of two functions f; gW N ! N with one

composite the identity, but with the other composite not the identity; thus, f
and g are not inverse functions.
Define f , gW N ! N as follows:
f .n/ D n C 1I
(
0 if n D 0
g.n/ D
n 1 if n 1.
The composite g ı f D 1N , for g.f .n// D g.nC 1/ D n (because nC 1 1).

On the other hand, f ı g ¤ 1N because f .g.0// D f .0/ D 1 ¤ 0. N
Two strategies are now available to determine whether a given function is

a bijection: use the definitions of injective and surjective, or find an inverse
i i
“book2” — 2013/5/24 — 8:18 — page 418 — #438
i i
What are the domains and function. For example, if R> denotes the positive real numbers, letPus show
targets of log and exp? that the exponential function f W R ! R> , defined by f .x/ D e x D x n =nŠ,
is a bijection. A direct proof that f is injective would require showing that if
e a D e b , then a D b; a direct proof showing that f is surjective would involve
showing that every positive real number c has the form e a for some a. It is
simplest to prove these statements using the (natural) logarithm g.y/ D log y.
The usual formulas e log y D y and log e x D x show that both composites f ıg
and g ı f are identities, and so f and g are inverse functions. Therefore, f is
a bijection, for it has an inverse.
The next theorem summarizes some results of this section. If X is a nonempty
set, define the symmetric group on X:
SX D fbijections W X ! Xg:
Theorem A.12. If X is a nonempty set, then composition .f; g/ 7! g ı f is a

function SX SX ! SX satisfying the following propertiesW
(i) .f ı g/ ı h D f ı .g ı h/ for all f; g; h 2 SX I
(ii) there is 1X 2 SX with 1X ı f D f D f ı 1X for all f 2 SX I
(iii) for all f 2 SX , there is f 0 2 SX with f 0 ı f D 1X D f ı f 0 .
Proof. Exercise A.12(iii) on page 420 says that the composite of two bijec-
tions is itself a bijection, and so composition has target SX . Part (i) is Proposi-
tion A.5, part (ii) is Proposition A.6, and part (iii) is Proposition A.9.
Exercises
A.1 True or false, with reasons.
(i) If S T and T X , then S X .
(ii) Any two functions f W X ! Y and gW Y ! Z have a composite f ı gW X ! Z.
(iii) Any two functions f W X ! Y and gW Y ! Z have a composite g ı f W X ! Z.
(iv) For every set X , we have X ¿ D ¿.
(v) If f W X ! Y and j W im f ! Y is the inclusion, then there is a surjection
gW X ! im f with f D j ı g.
(vi) If f W X ! Y is a function for which there is a function gW Y ! X with
f ı g D 1Y , then f is a bijection.
(vii) The formula f .a=b/ D .a C b/.a b/ is a well-defined function Q ! Z.
(viii) If f W N ! N is given by f .n/ D n C 1 and gW N ! N is given by g.n/ D
n2 , then the composite g ı f is n 7! n2 .n C 1/.
(ix) Complex conjugation z D a C i b 7! z D a i b is a bijection C ! C.
Hint: (i) True. (ii) False. (iii) True. (iv) True. (v) True. (vi) False. (vii) False.
(viii) False. (ix) True.
A.2 * Let A and B be sets, and let a 2 A and b 2 B. Define their ordered pair as
follows:
.a; b/ D fa; fa; bgg:
Ifa0 2 A and b0 2 B, prove that .a0 ; b 0 / D .a; b/ if and only if a0 D a and

b 0 D b.
i i
“book2” — 2013/5/24 — 8:18 — page 419 — #439
i i
A.1 Functions 419
Hint: In any formal treatment, one is obliged to define new terms carefully. In
particular, in set theory, one must discuss the membership relation 2. Does x 2 x
make sense? If it does, is it ever true? One of the axioms constraining 2 is that
the statement a 2 x 2 a is always false.
A.3 Let L D f.x; x/ W x 2 Rg; thus, L is the line in the plane that passes through the
origin and makes an angle of 45ı with the x-axis.
(i) If P D .a; b/ is a point in the plane with a ¤ b, prove that L is the
perpendicular-bisector of the segment PP 0 having endpoints P D .a; b/
and P 0 D .b; a/.
Hint: You may use Lemma 3.16 and the fact that . 21 .a C c/; 12 .b C d // is
the midpoint of the line segment having endpoints .a; b/ and .c; d /.
(ii) If f W R ! R is a bijection whose graph consists of certain points .a; b/ (of

course, b D f .a/), prove that the graph of f 1 is
f.b; a/ W .a; b/ 2 f g:
A.4 * Let X and Y be sets, and let f W X ! Y be a function.

(i) If S is a subset of X , prove that the restriction f jS is equal to the composite
f ı i , where i W S ! X is the inclusion map.
Hint: Use the definition of equality of functions on page 412.
(ii) If im f D A Y , prove that there exists a surjection f 0 W X ! A with
f D j ı f 0 , where j W A ! Y is the inclusion.
A.5 If f W X ! Y has an inverse g, show that g is a bijection.
Hint: Does g have an inverse?
A.6 * Show that if f W X ! Y is a bijection, then it has exactly one inverse.
A.7 Show that f W R ! R, defined by f .x/ D 3x C 5, is injective and surjective, and
find its inverse.
A.8 Determine whether f W Q Q ! Q, given by
f .a=b; c=d / D .a C c/=.b C d /

is a function.
Hint: It isn’t.
A.9 Let X D fx1 ; : : : ; xm g and Y D fy1 ; : : : ; yn g be finite sets, where the xi are
distinct and the yj are distinct. Show that there is a bijection f W X ! Y if and
only if jX j D jY j; that is, m D n.
Hint: If f is a bijection, there are m distinct elements f .x1 /; : : : , f .xm / in Y ,
and so m n; using the bijection f 1 in place of f gives the reverse inequality
n m.
A.10 Suppose there are 11 pigeons, each sitting in some pigeonhole. If there are only
10 pigeonholes, prove that there is a hole containing more than one pigeon.
A.11 .Pigeonhole Principle/: If X and Y are finite sets with the same number
of elements, show that the following conditions are equivalent for a function
f WX ! Y:
(i) f is injective (ii) f is bijective (iii) f is surjective.
Hint: If A X and jAj D n D jX j, then A D X ; after all, how many elements

are in X but not in A?
i i
“book2” — 2013/5/24 — 8:18 — page 420 — #440
i i
A.12 * Let f W X ! Y and gW Y ! Z be functions.

(i) If both f and g are injective, prove that g ı f is injective.
(ii) If both f and g are surjective, prove that g ı f is surjective.
(iii) If both f and g are bijective, prove that g ı f is bijective.
(iv) If g ı f is a bijection, prove that f is an injection and g is a surjection.
A.13 (i) If f W . =2; =2/ ! R is defined by a 7! tan a, then f has an inverse
function g; indeed, g D arctan.
Hint: Compute composites.
(ii) Show that each of arcsin x and arccos x is an inverse function (of sin x and
cos x, respectively) as defined in this section. (Domains and targets must be
chosen with care.)
A.2 Equivalence Relations

When fractions are first discussed in grammar school, students are told that
1 2
3 D 6 because 16 D 32; cross-multiplying makes it so! Don’t believe your
eyes that 1 ¤ 2 and 3 ¤ 6. Doesn’t everyone see that 1 6 D 6 D 3 2? Of
course, a good teacher wouldn’t just say this. Further explanation is required,
and here it is. We begin with the general notion of relation.
Definition. Let X and Y be sets. A relation from X to Y is a subset R of

X Y (if X D Y , then we say that R is a relation on X). We usually write
xRy instead of .x; y/ 2 R.
Here is a concrete example. Certainly should be a relation on R; to see

that it is, define the subset
R D f.x; y/ 2 R R W .x; y/ lies on or above the line y D xg:
You should check that .x; y/ 2 R if the second coordinate is bigger than the
first. Thus, xRy here coincides with the usual meaning x y.
Example A.13. (i) Every function f W X ! Y is a relation from X to Y .

(ii) Equality is a relation on any set X; it is the diagonal
f.x; x/ W x 2 Xg X X:
(iii) For every natural number m, congruence mod m is a relation on Z. Can
you describe the subset of Z Z?
(iv) If X D f.a; b/ 2 Z Z W b ¤ 0g, then cross multiplication defines a
relation on X by
.a; b/ .c; d / if ad D bc: N
Definition. A relation x y on a set X is

(i) reflexive if x x for all x 2 X,
(ii) symmetric if x y implies y x for all x; y 2 X,
(iii) transitive if x y and y z imply x z for all x; y; z 2 X.
An equivalence relation on a set X is a relation on X that has all three prop-
erties: reflexivity, symmetry, and transitivity.
i i
“book2” — 2013/5/24 — 8:18 — page 421 — #441
i i
A.2 Equivalence Relations 421
Example A.14. (i) Ordinary equality is an equivalence relation on any set.

(ii) If m 0, then Proposition 4.3 says that x y mod m is an equivalence
relation on Z.
(iii) If I is an ideal in a commutative ring R, then Proposition 7.1 shows that
congruence mod I is an equivalence relation on R.
(iv) We claim that cross multiplication is an equivalence relation on X D
f.a; b/ 2 Z Z W b ¤ 0g. Verification of reflexivity and symmetry is
easy. For transitivity, assume that .a; b/ .c; d / and .c; d / .e; f /.
Now ad D bc gives adf D bcf , and cf D de gives bcf D bde; thus,
adf D bde. We may cancel the nonzero integer d to get af D be; that
is, .a; b/ .e; f /.
(v) In calculus, equivalence relations are implicit in the discussion of vectors.
An arrow from a point P to a point Q can be denoted by the ordered pair
.P; Q/; call P its foot and Q its head. An equivalence relation on arrows
can be defined by saying that .P; Q/ .P 0 ; Q0 / if the arrows have the
same length and the same direction. More precisely, .P; Q/ .P 0 ; Q0 /
if the quadrilateral obtained by joining P to P 0 and Q to Q0 is a paral-
lelogram (this definition is incomplete, for one must also relate collinear
arrows as well as “degenerate” arrows .P; P /). The direction of an arrow
from P to Q is important; if P ¤ Q, then .P; Q/ 6 .Q; P /. N
An equivalence relation on a set X yields a family of subsets of X.
Definition. Let be an equivalence relation on a nonempty set X. If a 2 X,

the equivalence class of a, denoted by Œa, is defined by
Œa D fx 2 X W x ag X:
We now display the equivalence classes arising from the equivalence rela-
tions in Example A.14.
Example A.15. (i) Let be equality on a set X. If a 2 X, then Œa D fag,

the subset having only one element, namely, a. After all, if x D a, then x
and a are equal!
(ii) Consider the relation of congruence mod m on Z, and let a 2 Z. The
congruence class of a, defined by
fx 2 Z W x D a C km where k 2 Zg;
is equal to the equivalence class of a, namely
Œa D fx 2 Z W x a mod mg:
(iii) If I is an ideal in a commutative ring R, then the equivalence class of an
element a 2 R is the coset a C I .
(iv) The equivalence class of .a; b/ under cross multiplication, where a; b 2 Z
and b ¤ 0, is
Œ.a; b/ D f.c; d / W ad D bcg:
If we denote Œ.a; b/ by a=b, then the equivalence class is precisely the
fraction usually denoted by a=b. After all, it is plain that .1; 3/ ¤ .2; 6/,
but Œ.1; 3/ D Œ.2; 6/ because 1 6 D 3 2; that is, 1=3 D 2=6.
i i
“book2” — 2013/5/24 — 8:18 — page 422 — #442
i i
(v) An equivalence class Œ.P; Q/ of arrows, as in Example A.14, is called a

!
vector; we denote it by Œ.P; Q/ D PQ. N
It is instructive to compare rational numbers and vectors, for both are de-
fined as equivalence classes. Every rational a=b has a “favorite” name—its ex-
pression in lowest terms; every vector has a favorite name—an arrow .O; Q/
with its foot at the origin O. Although it is good to have familiar favorites,
working with fractions in lowest terms is not always convenient; for example,
even if both a=b and c=d are in lowest terms, their sum .ad C bc/=bd and
product ac=bd may not be. Similarly, it is not always best to think of vectors
as arrows with foot at the origin. Vector addition is defined by the parallelo-
! ! !
gram law (see Figure A.2): OP C OQ D OR, where O, P , Q, and R are the
! !
vertices of a parallelogram. But OQ D PR, because .O; Q/ .P; R/, and it
! ! ! ! !
is more natural to write OP C OQ D OP C PR D OR.
R = (a+c,b+d )
P = (a,b)
Q = (c,d )
Figure A.2. Parallelogram Law.
The next lemma says that we can replace equivalence by honest equality at
the cost of replacing elements by their equivalence classes.
Lemma A.16. If is an equivalence relation on a set X, then x y if and

only if Œx D Œy.
Proof. Assume that x y. If z 2 Œx, then z x, and so transitivity gives

z y; hence Œx Œy. By symmetry, y x, and this gives the reverse
inclusion Œy Œx. Thus, Œx D Œy.
Conversely, if Œx D Œy, then x 2 Œx, by reflexivity, and so x 2 Œx D Œy.
Therefore, x y.
Here is a set-theoretic idea, partitions, that we’ll see is intimately involved

with equivalence relations.
Definition. Subsets A and B of a set X are disjoint if A \ B D ¿; that is,

no x 2 X lies in both A and B. A family P of subsets of a set X is called
pairwise disjoint if, for all A; B 2 P, either A D B or A \ B D ¿.
A partition of a set X is a family P of nonempty pairwise disjoint subsets,
called blocks, whose union is X.
We are now going to prove that equivalence relations and partitions are
merely different ways of viewing the same thing.
i i
“book2” — 2013/5/24 — 8:18 — page 423 — #443
i i
A.2 Equivalence Relations 423
Proposition A.17. If is an equivalence relation on a nonempty set X, then

the equivalence classes form a partition of X. Conversely, given a partition P
of X, there is an equivalence relation on X whose equivalence classes are the
blocks in P.
Proof. Assume that an equivalence relation on X is given. Each x 2 X lies

in the equivalence class Œx because is reflexive; it follows that the equiva-
lence classes are nonempty subsets whose union is X. To prove pairwise dis-
jointness, assume that a 2 Œx \ Œy, so that a x and a y. By symmetry,
x a, and so transitivity gives x y. Therefore, Œx D Œy, by Lemma A.16,
and so the equivalence classes form a partition of X.
Conversely, let P be a partition of X. If x; y 2 X, define x y if there is
A 2 P with x 2 A and y 2 A. It is plain that is reflexive and symmetric.
To see that is transitive, assume that x y and y z; that is, there are
A; B 2 P with x, y 2 A and y, z 2 B. Since y 2 A \ B, pairwise disjointness
gives A D B and so x, z 2 A; that is, x z. We have shown that is an
equivalence relation.
It remains to show that the equivalence classes are the blocks in P. If x 2 X ,
then x 2 A for some A 2 P. By the definition of , if y 2 A, then y x
and y 2 Œx; hence, A Œx. For the reverse inclusion, let z 2 Œx, so that
z x. There is some B with x 2 B and z 2 B; thus, x 2 A \ B. By pairwise
disjointness, A D B, so that z 2 A, and Œx A. Hence, Œx D A.
Corollary A.18. If is an equivalence relation on a set X and a; b 2 X, then

Œa \ Œb ¤ ¿ implies Œa D Œb.
Example A.19. (i) If is the identity relation on a set X, then the blocks
are the one-point subsets of X.
(ii) Let X D Œ0; 2 , and define the partition of X whose blocks are f0; 2 g
and the singletons fxg, where 0 < x < 2 . This partition identifies the
endpoints of the interval (and nothing else), and so we may regard this as
a construction of a circle. N
Exercises
A.14 Let X D frock; paper; scissorsg. Recall the game whose rules are: paper domi-
nates rock, rock dominates scissors, and scissors dominates paper. Draw a subset
of X X showing that domination is a relation on X .
A.15 Which of the following relations are equivalence relations? State your reasons.
(i) The relation on R.
(ii) The relation R on Z given by m R n if m n is odd.
(iii) The relation R on Z given by m R n if m n is even.
(iv) The relation on a group of people of having a common friend.
A.16 Let f W X ! Y be a function. Define a relation on X by x x 0 if f .x/ D f .x 0 /.
Prove that is an equivalence relation. If x 2 X and f .x/ D y, the equivalence
class Œx is denoted by f 1 .y/; it is called the fiber over y.
A.17 (i) Find the error in the following argument that claims to prove that a symmet-
ric and transitive relation R on a set X must be reflexive; that is, R is an
i i
“book2” — 2013/5/24 — 8:18 — page 424 — #444
i i
equivalence relation on X . If x 2 X and xRy, then symmetry gives yRx

and transitivity gives xRx.
Hint: What is y?
(ii) Give an example of a symmetric and transitive relation on the closed unit
interval X D Œ0; 1 that is not reflexive.
A.3 Vector Spaces

Linear algebra is the study of vector spaces and their homomorphisms (namely,
linear transformations), with applications to systems of linear equations. We
assume that most readers have had a course involving matrices with real en-
tries. Such courses deal mainly with computational aspects of the subject, such
as Gaussian elimination, finding inverses, and determinants, but here we do not
emphasize this important aspect of linear algebra. Instead, we focus on vector
spaces with only a few words about linear transformations.
Introductory linear algebra courses begin with vector spaces whose scalars
are real numbers but, toward the end of the course, scalars are allowed to
be complex numbers. The instructor usually says that the results about vec-
tor spaces over R hold, more generally, for vector spaces over C. This hand-
waving bothers most students. We are now going to generalize the definition
of vector space so that scalars may belong to any field k, and we will prove
that the usual theorems about vector spaces over R do, in fact, hold not only
for vector spaces over C but for vector spaces over k. In particular, they hold
for vector spaces over Q or over Fq .
The first definitions do not change when we allow more general scalars.
Definition. If k is a field, then a vector space over k is a set V equipped with

addition V V ! V , denoted by .u; v/ 7! u C v, that satisfies
(i) .u C v/ C w D u C .v C w/ for all u; v; w 2 V ,
(ii) there is 0 2 V with 0 C v D v for all v 2 V ,
(iii) for each v 2 V , there is v 2 V with v C v D 0,
(iv) u C v D v C u for all u; v 2 V ;
and scalar multiplication k V ! V , denoted by .a; v/ 7! av, that satisfies,
for all a; b; 1 2 k and all u; v 2 V ,
(i) a.u C v/ D au C av,
(ii) .a C b/v D av C bv,
(iii) .ab/v D a.bv/,
(iv) 1v D v.
The elements of V are called vectors and the elements of k are called
scalars. It is not difficult to prove that the vector v in the third axiom of
addition is equal to the scalar product . 1/v.
Etymology. The word vector comes from the Latin word meaning “to carry;”
vectors in Euclidean space carry the data of length and direction. The word
scalar comes from regarding v 7! av as a change of scale. The terms scale
i i
“book2” — 2013/5/24 — 8:18 — page 425 — #445
i i
A.3 Vector Spaces 425
and scalar come from the Latin word meaning “ladder,” for the rungs of a
ladder are evenly spaced.
Example A.20. (i) Euclidean space V D Rn is a vector space over R. Vec-

tors are n-tuples .a1 ; : : : ; an /, where ai 2 R for all i . Picture a vector v
as an arrow from the origin to the point having coordinates .a1 ; : : : ; an /.
Addition is given by
.a1 ; : : : ; an / C .b1 ; : : : ; bn / D .a1 C b1 ; : : : ; an C bn /I
geometrically, the sum of two vectors is described by the parallelogram
law (see Figure A.2 on page 422).
Scalar multiplication is given by
av D a.a1 ; : : : ; an / D .aa1 ; : : : ; aan /:
Scalar multiplication v 7! av “stretches” v by a factor jaj, reversing its
direction when a is negative (we put quotes around stretches because av
is shorter than v when jaj < 1).
(ii) The example in part (i) can be generalized. If k is any field, define V D
k n , the set of all n 1 column vectors v D .a1 ; : : : ; an /, where ai 2 k
for all i . Addition is given by
.a1 ; : : : ; an / C .b1 ; : : : ; bn / D .a1 C b1 ; : : : ; an C bn /;
and scalar multiplication is given by
av D a.a1 ; : : : ; an / D .aa1 ; : : : ; aan /:
(iii) The polynomial ring R D kŒx, where k is a field, is another example of
a vector space over k. Vectors are polynomials f , scalars are elements
a 2 k, and scalar multiplication gives the polynomial af ; that is, if
f D bn x n C C b1 x C b0 ;
then
af D abn x n C C ab1 x C ab0 :
Thus, the polynomial ring kŒx is a vector space over k.
(iv) Let R be a commutative ring and let k be a subring; if k is a field, then
R can be viewed as a vector space over k. Regard the elements of R as
vectors and the elements of k as scalars; define scalar multiplication av,
where a 2 k and v 2 R, to be the given product of two elements in R.
The axioms in the definition of vector space are just particular cases of
axioms holding in the commutative ring R. For example, if a field k is a
subfield of a larger field E, then E is a vector space over k; in particular,
C is a vector space over R, and it is also a vector space over Q.
(v) The set C Œ0; 1 of all continuous real-valued functions on the closed in-
terval Œ0; 1 is a vector space over R with the usual operations: if f; g 2
C Œ0; 1 and c 2 R, then
f C gW a 7! f .a/ C g.a/
cf W a 7! cf .a/: N
Informally, a subspace of a vector space V is a nonempty subset of V that

is closed under addition and scalar multiplication in V .
i i
“book2” — 2013/5/24 — 8:18 — page 426 — #446
i i
Definition. If V is a vector space over a field k, then a subspace of V is a

subset U of V such that
(i) 0 2 U ,
(ii) u; u0 2 U imply u C u0 2 U ,
(iii) u 2 U and a 2 k imply au 2 U .
Every subspace U of a vector space V is itself a vector space. For example,

since u1 C .u2 C u3 / D .u1 C u2 / C u3 holds for all vectors u1 ; u2; u3 2 V ,
it holds, in particular, for all vectors u1 ; u2 ; u3 2 U .
Example A.21. (i) The extreme cases U D V and U D f0g (where f0g de-
notes the subset consisting of the zero vector alone) are always subspaces
of a vector space. A subspace U V with U ¤ V is called a proper sub-
space of V ; we may write U ¨ V to denote U being a proper subspace
of V .
(ii) If v D .a1 ; : : : ; an / is a nonzero vector in Rn , then the line through the
origin,
` D fav W a 2 Rg;
is a subspace of Rn .
Similarly, a plane through the origin consists of all vectors of the form
av1 C bv2 , where v1 ; v2 is a fixed pair of noncollinear vectors, and a; b
vary over R. It is easy to check that planes through the origin are sub-
spaces of Rn .
(iii) If k is a field, then a homogeneous linear system over k of m equations
in n unknowns is a set of equations
a11 x1 C C a1n xn D0
a21 x1 C C a2n xn D0
:: ::
: :
am1 x1 C C amn xn D 0;
where aj i 2 k. A solution Pof this system is an n 1 column vector c D

.c1 ; : : : ; cn / 2 k n , where i aj i ci D 0 for all j ; a solution .c1 ; : : : ; cn/ is
nontrivial if some ci ¤ 0. The set of all solutions forms a subspace of k n ,
called the solution space (or nullspace) of the system. Using matrices, we
can say this more succinctly: if A D Œaij is the m n coefficient matrix,
then the linear system is Ax D 0 and a solution is an n1 column vector c
for which Ac D 0.
In particular, we can solve systems of linear equations over Fp , where
p is a prime. This says that we can treat a not necessarily homogeneous
system of congruences mod p just as one treats an ordinary system of
equations.
For example, the system of congruences
3x 2y C z 1 mod 7
x C y 2z 0 mod 7
x C 2y C z 4 mod 7
i i
“book2” — 2013/5/24 — 8:18 — page 427 — #447
i i
can be regarded as a system of equations over the field F7. The system
can be solved just as in high school, for inverses mod 7 are now known:
Œ2Œ4 D Œ1; Œ3Œ5 D Œ1; Œ6Œ6 D Œ1. The solution is
.x; y; z/ D .Œ5; Œ4; Œ1/: N
Bases and Dimension

The key observation in getting the “right” definition of dimension is to under-
stand why R3 is 3-dimensional. Every vector .x; y; z/ is a linear combination
of the three vectors e1 D .1; 0; 0/, e2 D .0; 1; 0/, and e3 D .0; 0; 1/; that is,
.x; y; z/ D xe1 C ye2 C ze3 :
It is not so important that every vector is a linear combination of these specific

vectors; what is important is that there are three of them, for it turns out that
three is the smallest number of vectors with this property; that is, one cannot
find two vectors u D .a; b; c/ and u0 D .a0 ; b 0 ; c 0 / with every vector a linear
combination of u and u0 .
Definition. A list in a vector space V is an ordered set X D v1 ; : : : ; vn of

vectors in V .
More precisely, we are saying that there is some n 1 and a function
'W f1; 2; : : : ; ng ! V;
with '.i / D vi for all i . Thus, the subset im ' is ordered in the sense that
there is a first vector v1 , a second vector v2 , and so forth. A vector may appear
several times on a list; that is, ' need not be injective.
Definition. Let V be a vector space over a field k. A k-linear combination of We often write linear
a list v1 ; : : : ; vn in V is a vector v of the form combination instead of
k-linear combination if it
v D a1 v1 C C an vn ; is clear where the scalar
coefficients live.
where ai 2 k for all i .
Definition. If X D v1 ; : : : ; vm is a list in a vector space V , then
Span hXi D hv1 ; : : : ; vm i ;
the set of all the k-linear combinations of v1 ; : : : ; vm , is called the subspace

spanned by X. We also say that v1 ; : : : ; vm spans Spanhv1 ; : : : ; vm i.
It is easy to check that Span hv1 ; : : : ; vm i is, indeed, a subspace.
Lemma A.22. Let V be a vector space over a field k.

(i) Every intersection of subspaces of V is itself a subspace.
(ii) If X D v1 ; : : : ; vm is a list in V , then the intersection of all the sub-
spaces of V containing X is Span hv1 ; : : : ; vm i, the subspace spanned
by v1 ; : : : ; vm, and so Span hv1 ; : : : ; vm i is the smallest subspace of V
containing X.
i i
“book2” — 2013/5/24 — 8:18 — page 428 — #448
i i
Proof. Part (i) is routine. For part (ii), let X D fv1 ; : : : ; vm g and let S denote
the family of all the subspaces of V containing X; we claim that
\
S D Span hv1 ; : : : ; vmi :
S 2S
The inclusion is clear, because S D Span hv1 ; : : : ; vm i 2 S. For the reverse

inclusion, note that if S 2 S, then S contains v1 ; : : : ; vm , and so it contains
the set of all k-linear combination of v1 ; : : : ; vm , namely, Span hv1 ; : : : ; vm i.
The next observation is important.
Corollary A.23. The subspace spanned by a list X D v1 ; : : : ; vm does not

depend on the ordering of the vectors, but only on the set of vectors themselves.
Proof. This follows from part (ii) of Lemma A.22.
See Exercise A.24 on page 440 to see other properties of a list that do not
depend on the ordering of its vectors.
T
If X D ¿, then Span hXi D S 2S S , where S is the T family of all the
subspaces of V containing X. Now f0g Span h¿i D S 2S S , for f0g is
contained in every subspace S of V . For the reverse inclusion, one of the sub-
spaces
T S of V occurring in the intersection is f0g itself, and so Span h¿i D
S V S f0g. Therefore, Span h¿i D f0g.
Example A.24. (i) Let V D R2 , let e1 D .1; 0/, and let e2 D .0; 1/. Now
V D Span he1 ; e2i, for if v D .a; b/ 2 V , then
v D .a; 0/ C .0; b/
D a.1; 0/ C b.0; 1/
D ae1 C be2 2 Span he1 ; e2 i :
(ii) If k is a field and V D k n , define ei as the n 1 column vector having 1 in

the i th coordinate and 0s elsewhere. The reader may adapt the argument
in part (i) to show that e1 ; : : : ; en spans k n .
(iii) A vector space V need not be spanned by a finite list. For example, let
V D kŒx, and suppose that X D f1 .x/; : : : ; fm .x/ is a finite list in V .
If d is the largest degree of any of the fi , then every (nonzero) k-linear
combination of f1 ; : : : ; fm has degree at most d . Thus, x dC1 is not a
k-linear combination of vectors in X, and so X does not span kŒx. N
The following definition makes sense even though we have not yet defined
dimension.
Definition. A vector space V is called finite-dimensional if it is spanned by a

finite list; otherwise, V is called infinite-dimensional.
Part (ii) of Example A.24 shows that k n is finite-dimensional, while part (iii)
shows that kŒx is infinite-dimensional. Now C is a vector space over R, and it
i i
“book2” — 2013/5/24 — 8:18 — page 429 — #449
i i
is finite-dimensional (C is spanned by 1; i ); by Example A.20(iii), both R and

C are vector spaces over Q (each can be shown to be infinite-dimensional).
If a subspace U of a vector space V is finite-dimensional, then there is a
list v1 ; v2 ; : : : ; vm that spans U . But there are many such lists: if u is a vector
in U , then the extended list v1 ; v2; : : : ; vm ; u also spans U . Let us, therefore,
seek a shortest list that spans U .
Notation. If v1 ; : : : ; vm is a list, then v1 ; : : : ; vbi : : : ; vm is the shorter list with

vi deleted.
Proposition A.25. If V is a vector space over a field k, then the following

conditions on a list v1 ; : : : ; vm spanning V are equivalentW
(i) v1 ; : : : ; vm is not a shortest spanning list

(ii) some vi is in the subspace spanned by the others
(iii) there are scalars a1 ; : : : ; am , not all zero, with
m
X
a` v` D 0:
`D1
Proof. (i) ) (ii). If v1 ; : : : ; vm is not a shortest spanning list, then one of

the vectors, say vi , can be thrown out, and the shorter list still spans. Hence,
vi 2 Span hv1 ; : : : ; vbi ; : : : ; vm i.
P
(ii) ) (iii). If vi D j ¤i cj vj , define ai D 1 ¤ 0 and aj D cj for all
j ¤ i.
(iii) ) (i). The given equation implies that one term, say ai vi , is nonzero.
Since k is a field, ai 1 exists, and
1
X
vi D ai aj vj : (A.1)
j ¤i
Deleting vi gives a shorter list that still spans V : write any v 2 V as a lin-
ear combination of all the vj (including vi ); now substitute the expression
Eq. (A.1) for vi and collect terms.
We now give a name to lists described in Proposition A.25.
Definition. A list X D v1 ; : : : ; vm in a vector space P V is linearly dependent

if there are scalars a1 ; : : : ; am , not all zero, with m
`D1 a` v` D 0; otherwise,
X is called linearly independent.
The empty set ¿ is defined to be linearly independent (we interpret ¿ as a
list of length 0).
Example A.26. (i) A list X D v1 ; :P

: : ; vm containing the zero vector is lin-
early dependent: if vj D 0, then i ai vi D 0, where aj D 1 and ai D 0
for i ¤ j .
(ii) A list v1 of length 1 is linearly dependent if and only if v1 D 0; hence, a
list v1 of length 1 is linearly independent if and only if v1 ¤ 0.
i i
“book2” — 2013/5/24 — 8:18 — page 430 — #450
i i
(iii) A list v1 ; v2 is linearly dependent if and only if one of the vectors is

a scalar multiple of the other: if a1 v1 C a2 v2 D 0 and a1 ¤ 0, then
v1 D .a2 =a1 /v2 . Conversely, if v2 D cv1 , then cv1 v2 D 0 and the
list v1 ; v2 is linearly dependent (for the coefficient 1 of v2 is nonzero).
(iv) If there is a repetition in the list v1 ; : : : ; vm (that is, if vi D vj for some
i ¤ j ), then v1 ; : : : ; vm is linearly dependent: define ci D 1, cj D 1,
and all other c D 0. Therefore, if v1 ; : : : ; vm is linearly independent, then
all the vectors vi are distinct. N
Linear independence has been defined indirectly, as not being linearly de-
pendent. Because of the importance of linear independence, let us define it
directly.
Definition. APlist v1 ; : : : ; vm is linearly independent if, whenever a k-linear

combination m `D1 a` v` D 0, then every ai D 0.
It follows that every sublist of a linearly independent list is itself linearly

independent (this is one reason for decreeing that ¿ be linearly independent).
Corollary A.27. If X D v1 ; : : : ; vm is a list spanning a vector space V , then

X is a shortest spanning list if and only if X is linearly independent.
Proof. These are just the contrapositives of (i) ) (iii) and (iii) ) (i) in Propo-
sition A.25.
We have arrived at the notion we have been seeking.
Definition. A basis of a vector space V is a linearly independent list that

spans V .
Thus, bases are shortest spanning lists. Of course, all the vectors in a linearly
independent list v1 ; : : : ; vn are distinct, by Example A.26(iv).
Example A.28. In Example A.24(ii), we saw that X D e1; : : : ; en spans k n ,

where ei is the n 1 column vector having 1 in the i th coordinate
P and 0s
elsewhere. We now show that X is linearly independent. If 0 D i ci ei , then
c 1 e1 D .c1 ; 0; 0; : : : ; 0/
C c2 e2 D C .0; c2 ; 0; : : : ; 0/
:: ::
: :
C cn en D C .0; 0; 0; : : : ; cn /
0 D .c1 ; c2; : : : ; cn /:
Hence, ci D 0 for all i , X is linearly independent, and X is a basis; it is called

the standard basis of k n . N
Proposition A.29. A list X D v1 ; : : : ; vn in a vector space V over a field k is

a basis of V if and only if each v 2 V has a unique expression as a k-linear
combination of the vectors in X.
i i
“book2” — 2013/5/24 — 8:18 — page 431 — #451
i i
Proof. Since X is aPbasis, it spans V , and P so each vector

P v 2 V is a k-linear
combination: v D ai vi . If also v D bi vi , then .ai bi /vi D 0, and
linear independence gives ai D bi for all i ; that is, the expression is unique.
Conversely,Pexistence of an expression shows that the list X spans V . More-
over, if 0 D ci vi with not all ci D 0, then the vector 0 does not have a
unique
P expression as a linear combination of the vi : a second expression is
0D ai vi with all ai D 0.
Definition. If X D v1 ; : : : ; vn is a basis of a vector space V and v 2 V , then

Proposition A.29 says that there are unique scalars a1 ; : : : ; an with
n
X
vD ai vi :
i D1
The n-tuple .a1 ; : : : ; an / is called the coordinate list of a vector v 2 V relative

to the basis X.
If v1 ; : : : ; vn is the standard basis of V D k n , then this coordinate list

coincides with the usual coordinate list.
How to Think About It. If v1 ; : : : ; vn is a basis of a vector space V over a

field k, then each vector v 2 V has a unique expression
v D a1 v1 C a2 v2 C C an vn ;
where ai 2 k for all i . Since there is a first vector v1 , a second vector v2 ,

and so forth, the coefficients in this k-linear combination determine a unique
n-tuple .a1 ; a2 ; : : : ; an /. Were a basis merely a subset of V and not a list (i.e.,
an ordered subset), then there would be nŠ coordinate lists for every vector. But
see Exercise A.24(iv) on page 440.
We are going to define the dimension of a vector space V to be the number of

vectors in a basis. Two questions arise at once.
(i) Does every vector space have a basis?
(ii) Do all bases of a vector space have the same number of elements?
The first question is easy to answer; the second needs some thought.
Theorem A.30. Every finite-dimensional vector space V has a basis.
Proof. A finite spanning list X exists, since V is finite-dimensional. If X is

linearly independent, it is a basis; if not, Proposition A.25 says that we can
throw out some element from X, leaving a shorter spanning list, say X 0 . If
X 0 is linearly independent, it is a basis; if not, we can throw out an element
from X 0 leaving a shorter spanning sublist. Eventually, we arrive at a shortest
spanning list, which is linearly independent, by Corollary A.27 and hence it is
a basis.
The definitions of spanning and linear independence can be extended to

infinite lists in a vector space, and we can then prove that infinite-dimensional
i i
“book2” — 2013/5/24 — 8:18 — page 432 — #452
i i
vector spaces also have bases. For example, it turns out that a basis of kŒx is
1; x; x 2; : : : ; x n ; : : : .
We can now prove invariance of dimension, perhaps the most important
result about vector spaces.
Lemma A.31. Let u1 ; : : : ; un ; v1 ; : : : ; vm be elements in a vector space V

with v1 ; : : : ; vm 2 Spanhu1 ; : : : ; un i. If m > n, then v1 ; : : : ; vm is linearly
dependent.
Proof. The proof is by induction on n 1.

Base Step. If n D 1, there are at least two vectors v1 ; v2 , and v1 D a1 u1 and
v2 D a2 u1 . If u1 D 0, then v1 D 0 and the list of v’s is linearly dependent
(by Example A.26(i)). Suppose u1 ¤ 0. We may assume that v1 ¤ 0, or we
are done; hence, a1 ¤ 0. Therefore, v1 ; v2 is linearly dependent, for 1 v2
a2 a1 1 v1 D 0 and hence the larger list v1 ; : : : ; vm is linearly dependent.
Inductive Step. There are equations
vi D ai1 u1 C C ai n un
for i D 1; : : : ; m. We may assume that some ai1 ¤ 0, otherwise v1 ; : : : ; vm 2

hu2 ; : : : ; un i, and the inductive hypothesis applies. Changing notation if nec-
Write out the proof in the essary (that is, by re-ordering the v’s), we may assume that a11 ¤ 0. For each
special case m D 3 and i 2, define
n D 2.
vi0 D vi ai1 a111 v1 2 Spanhu2 ; : : : ; un i:
Each vi0 is a linear combination of the u’s, and the coefficient of u1 is ai1
.ai1 a111 /a11 D 0. Since m 1 > n 1, the inductive hypothesis gives scalars
b2 ; : : : ; bm , not all 0, with
b2 v20 C C bm vm
0
D 0:
Rewrite this equation using the definition of vi0 :

X
bi ai1 a111 v1 C b2 v2 C C bm vm D 0:
i 2
Not all the coefficients are 0, and so v1 ; : : : ; vm is linearly dependent.
The following familiar fact illustrates the intimate relation between linear
algebra and systems of linear equations.
Corollary A.32. If a homogeneous system of linear equations over a field k

has more unknowns than equations, then it has a non-trivial solution.
Proof. Recall that an n-tuple .ˇ1 ; : : : ; ˇn / is a solution of a system
˛11 x1 C C ˛1n xn D 0
:: :: ::
: : :
˛m1 x1 C C ˛mn xn D 0
i i
“book2” — 2013/5/24 — 8:18 — page 433 — #453
i i
if ˛i1 ˇ1 C C ˛i n ˇn D 0 for all i . In other words, if c1 ; : : : ; cn are the

columns of the m n coefficient matrix A D Œ˛ij (note that ci 2 k m ), then
ˇ1 c1 C C ˇn cn D 0:
Now k m can be spanned by m vectors (the standard basis, for example).

Since n > m, by hypothesis, Lemma A.31 shows that the list c1 ; : : : ; cn is
linearly dependent; there are scalars 1 ; : : : ; n , not all zero, with 1 c1 C C
n cn D 0. Therefore, . 1 ; : : : ; n / is a nontrivial solution of the system.
Theorem A.33 (Invariance of Dimension). If X D x1 ; : : : ; xn and Y D

y1 ; : : : , ym are bases of a vector space V , then m D n.
Proof. If m ¤ n, then either n < m or m < n. In the first case, y1 ; : : : ; ym 2

Spanhx1 ; : : : ; xni, because X spans V , and Lemma A.31 gives Y linearly de-
pendent, a contradiction. A similar contradiction arises if m < n, and so we
must have m D n.
It is now permissible to make the following definition, for all bases of a

vector space have the same size.
Definition. If V is a finite-dimensional vector space over a field k, then its

dimension, denoted by dimk .V / or by dim.V /, is the number of elements in
a basis of V .
Corollary A.34. Let k be a finite field with q elements. If V is an n-dimensional

vector space over k, then jV j D q n .
Proof. If v1 ; : : : ; vn is a basis of V , then every v 2 V has a unique expression
v D c1 v1 C C cn vn ;
where ci 2 k for all i . There are q choices for each ci , and so there are q n
vectors in V .
Example A.35. (i) Example A.28 shows that k n has dimension n, which
agrees with our intuition when k D R: the plane R R is 2-dimensional,
and R3 is 3-dimensional!
(ii) If V D f0g, then dim.V / D 0, for there are no elements in its basis ¿.
(This is another good reason for defining ¿ to be linearly independent.)
(iii) Let I be a finite set with n elements. Define
k I D ffunctions f W I ! kg:
Now k I is a vector space if we define addition f C f 0 to be
f C f 0 W i 7! f .i / C f 0 .i /
and scalar multiplication af , for a 2 k and f W I ! k, by
af W i 7! af .i /
i i
“book2” — 2013/5/24 — 8:18 — page 434 — #454
i i
(see Exercise A.18(i) on page 439). It is easy to check that the set of n
functions of the form fi , where i 2 I , defined by
(
1 if j D i
fi .j / D
0 if j ¤ i
form a basis, and so dim.k I / D n D jI j.

This is not a new example: an n-tuple .a1 ; : : : ; an / is really a func-
tion f W f1; : : : ; ng ! k with f .i / D ai for all i . Thus, the functions fi
comprise the standard basis. N
Definition. A longest (or maximal) linearly independent list X D u1 ; : : : ; um

is a linearly independent list for which there is no vector v 2 V such that
u1 ; : : : ; um ; v is linearly independent.
Lemma A.36. If V is a finite-dimensional vector space, then a longest linearly

independent list X D v1 ; : : : ; vn is a basis of V .
Proof. If v1 ; : : : ; vn is not a basis, then it does not span V , for this list is lin-
early independent. Thus, there is w 2 V with w … Span hv1 ; : : : ; vn i. But the
longer list v1 ; : : : ; vn ; w is linearly independent, by Proposition A.25, contra-
dicting X being a longest linearly independent list.
The converse of Lemma A.36 is true; bases are longest linearly independent
lists. This follows from the next proposition, which is quite useful in its own
right.
Proposition A.37. Let V be an n-dimensional vector space. If Z D u1 ; : : : ; um

is a linearly independent list in V , where m < n, then Z can be extended to
a basisI that is, there are vectors vmC1 ; : : : ; vn 2 V such that u1 ; : : : ; um ,
vmC1 ; : : : ; vn is a basis of V .
Proof. If the linearly independent list Z does not span V , there is vmC1 2 V
with vmC1 … Span hu1 ; : : : ; um i, and the longer list u1 ; : : : ; um ; vmC1 is lin-
early independent, by Proposition A.25. If u1 ; : : : ; um ; vmC1 does not span V ,
there is vmC2 2 V with vmC2 … Span hu1 ; : : : ; um; vmC1 i. Since dim.V / D n,
Lemma A.31 says that the length of these lists can never exceed n, and so this
process of adjoining elements vmC1 ; vmC2 ; : : : must stop. But the only reason
a list stops is that it spans V ; hence, it is a basis.
Corollary A.38. Let V be an n-dimensional vector space. Then a list in V is

a basis if and only if it is a longest linearly independent list.
Proof. Lemma A.36 shows that longest linearly independent lists are bases.
Conversely, if X is a basis, it must be a longest linearly independent list: other-
wise, Proposition A.37 says we could lengthen X to obtain a basis of V which
is too long.
We now paraphrase Lemma A.31.
Corollary A.39. If dim.V / D n, then a list of nC 1 or more vectors is linearly

dependent.
i i
“book2” — 2013/5/24 — 8:18 — page 435 — #455
i i
Proof. Otherwise, the list could be extended to a basis having too many ele-
ments.
Corollary A.40. Let V be a vector space with dim.V / D n.

(i) A list of n vectors that spans V must be linearly independent.
(ii) Any linearly independent list of n vectors must span V .
In either case, the list is a basis of V .
Proof. (i) Were the list linearly dependent, then it could be shortened to give
a basis, and this basis is too small.
(ii) If the list does not span, then it could be lengthened to give a basis, and
this basis is too large.
Corollary A.41. Let U be a subspace of a vector space V of dimension n.

(i) U is finite-dimensional.
(ii) dim.U / dim.V /.
(iii) If dim.U / D dim.V /, then U D V .
Proof. (i) Take u1 2 U . If U D Span hu1 i, then U is finite-dimensional. If

U ¤ Span hu1 i, there is u2 … Span hu1 i. By Proposition A.25, u1 ; u2 is
linearly independent. If U D Span hu1 ; u2 i, we are done; if not, there is
u3 … Span hu1 ; u2 i, and the list u1 ; u2 ; u3 is linearly independent. This
process cannot be repeated n C 1 times, for then u1 ; : : : ; unC1 would be
a linearly independent list in U V , contradicting Corollary A.39.
(ii) A basis of U is linearly independent, and so it can be extended to a basis
of V .
(iii) If dim.U / D dim.V /, then a basis of U is already a basis of V (otherwise
it could be extended to a basis of V that would be too large).
Linear Transformations
Linear transformations are homomorphisms of vector spaces; they are really
much more important than vector spaces, but vector spaces are needed in order
to define them, and bases of vector spaces are needed to describe them by
matrices. (You are surely familiar with the next definition, at least for k D R.)
Definition. Let V and W be vector spaces over a field k. A linear transfor-

mation is a function T W V ! W such that, for all vectors v; v 0 2 V and scalars
a 2 k, we have
(i) T .v C v 0 / D T .v/ C T .v 0 /
(ii) T .av/ D aT .v/.
It follows by induction on n 1 that linear transformations preserve linear

combinations:
T .a1 v1 C C an vn / D a1 T .v1 / C C an T .vn /:
You’ve certainly seen many examples of linear transformations in a linear
algebra course. Here are a few more.
i i
“book2” — 2013/5/24 — 8:18 — page 436 — #456
i i
Example A.42. (i) If A is an m n matrix, then x 7! Ax, where x is an

n 1 column vector, is a linear transformation k n ! k m .
(ii) If we regard the complex numbers C as a 2-dimensional vector space
over R, then complex conjugation T W z 7! z is a linear transformation.
(iii) Let V D kŒx, where k is a field. If a 2 k, then evaluation ea W kŒx ! k
is a linear transformation (we can view k as a 1-dimensional vector space
over itself).
R1
(iv) Integration f 7! 0 f .x/ dx is a linear transformation C Œ0; 1 ! R (see
Example A.20(v)). N
We now associate matrices to linear transformations.
Theorem A.43. Let V and W be vector spaces over a field k. If v1 ; : : : ; vn is a

basis of V and w1 ; : : : ; wn is a list of elements in W .possibly with repetitions/,
then there exists a unique linear transformation T W V ! W with T .vj / D wj
for all j .
Proof. By Proposition A.29, every vector v 2 V has a unique expression as a

linear combination of basis vectors:
v D a1 v1 C C an vn :
Therefore, there is a well-defined function T W V ! W with T .vj / D wj for
all j , namely
T .a1 v1 C C an vn / D a1 w1 C C an wn :
It is routine to check that T is a linear transformation. If v 0 D a10 v1 C Can0 vn ,
then
v C v 0 D .a1 C a10 /v1 C C .an C an0 /vn ;
and
T .v C v 0 / D .a1 C a10 /w1 C C .an C an0 /wn

D a1 w1 C C an wn C a10 w1 C C an0 wn
D T .v/ C T .v 0 /:
Similarly,

T .av/ D T a.a1 v1 C C an vn /
D T .aa1 v1 C C aan vn /
D aa1 w1 C C aan wn
D a.a1 w1 C C an wn /
D aT .v/:
To prove uniqueness, suppose that S W V ! W is a linear transformation
with S.vj / D wj for all j . Since S preserves linear combinations,
S.a1 v1 C C an vn / D a1 S.v1 / C C an S.vn /
D a1 w1 C C an wn
D T .a1 v1 C C an vn /;
and so S D T .
i i
“book2” — 2013/5/24 — 8:18 — page 437 — #457
i i
Definition. Let T W V ! W be a linear transformation. Given bases v1 ; : : : ; vn

and w1 ; : : : ; wm of V and W , respectively, each T .vj / is a linear combination
of the w’s:
T .vj / D a1j w1 C C amj wm :
The m n matrix A D Œaij whose j th column is a1j ; : : : ; amj , the coordinate

list of T .vj / with respect to the w’s, is called the matrix associated to T .
Example A.44. As in Example A.42(ii), view C as R2 . A basis is 1; i ; that

is, .1; 0/; .0; 1/. Since 1 D 1 and i D i D .0; 1/, the matrix of complex
conjugation relative to the basis is
" #
1 0
AD : N
0 1
Of course, the matrix A associated to a linear transformation T W V ! W

depends on the choices of bases of V and of W .
The next theorem shows why the notation a1j w1 C C amj wm is chosen
instead of aj1 w1 C C aj m wm.
Theorem A.45. If T W k n ! k m is a linear transformation, then
T .v/ D Av;
where A is the matrix associated to T from the standard bases of k n and k m ,

v is an n 1 column vector, and Av is matrix multiplication.
Proof. If A is an m n matrix and vj is the n 1 column vector whose j th

entry is 1 and whose other entries are 0, then Avj is the j th column of A. Thus,
Avj D T .vj / for all j , and so Av D T .v/ for all v 2 k n , by Exercise A.29 on
page 441.
In Appendix A.1, we defined functions to be equal if they have the same

domain, same target, and same graph. It is natural to require the same domain
and the same graph, but why should we care about the target? The coming
discussion gives a (persuasive) reason why targets are important.
Definition. Let V be a vector space over k, and regard k as a 1-dimensional

vector space over itself. A functional on V is a linear transformation
f W V ! k. The dual space V of a vector space V is the set of all functionals
on V .
It is shown in Example A.42 that evaluation and integration give rise to

functionals.
Proposition A.46. Let T W V ! W be a linear transformation, where V and W

are vector spaces over a field k.
(i) V is a vector space over k.
(ii) If f 2 W , then the composite f ı T is in V :
i i
“book2” — 2013/5/24 — 8:18 — page 438 — #458
i i
(iii) The function T W W ! V , given by T W f 7! f ı T , is a linear

transformation.
Proof. (i) This is Exercise A.30 on page 441.

(ii) Since T W V ! W and f W W ! k are linear transformations, so is their
composite f ı T W V ! k; that is, f ı T is a functional on V .
(iii) That f 7! f ıT is a linear transformation W ! V follows easily from
Use Proposition A.2 to the formulas .f C g/ ı T D f ı T C g ı T and .cf / ı T D c.f ı T /,
prove .f C g/ ı T D where f; g 2 W and c 2 k (note that cf is a functional on W , for W
f ı T C g ı T : just
is a vector space).
evaluate both sides on
v 2V.
Proposition A.47. If v1 ; : : : ; vn is a basis of a vector space V over a field k,
then there are functionals vj W V ! k, for each j , with
(
1 if i D j
vj .vi / D
0 if i ¤ j;
and v1 ; : : : ; vn is a basis of V .it is called the dual basis/.
Proof. By Theorem A.43, it suffices to prescribe the values of vj on a basis

of V .
P P
Linear PIndependence: If j cj vj D 0, then j cj vj .v/ D 0 for all v 2
V . But j cj vj .vj / D cj , so that all the coefficients cj are 0 and, hence,
v1 ; : : : ; vn is linearly independent. P
Spanning: If g 2 V , then g.vj / D dj 2 k for all j . But g D j dj vj , for
both sides send each vj to dj . Thus, g is a linear combination of v1 ; : : : ; vn .
Corollary A.48. If V is an n-dimensional vector space, then
dim.V / D n D dim.V /:
Proof. A basis of V and its dual basis have the same number of elements.
If T W V ! W is a linear transformation, what is a matrix associated to the

linear transformation T W W ! V ?
Lemma A.49. Let v1 ; : : : ; vn be a basis of a vector space V over k. If g 2 V ,

then g D d1 v1 C C dn vn , where dj D g.vj / for all j . Therefore, the
coordinate list of g relative to the dual basis v1 ; : : : ; vn of V is d1 ; : : : ; dn .
Proof. We saw this in the proof of Proposition A.47, when showing that the
dual basis spans V .
The next result shows that dual spaces are intimately related to transposing
matrices. If A D Œaij is an m n matrix, then its transpose A> is the n m
matrix Œaj i whose ij entry is aj i . In words, for each i , the i th row ai1 ; : : : ; ai n
of A is the i th column of A> (and, necessarily, each j th column of A is the
j th row of A> ).
i i
“book2” — 2013/5/24 — 8:18 — page 439 — #459
i i
Proposition A.50. If T W V ! W is a linear transformation and A is the matrix

of T arising from bases v1 ; : : : ; vn of V and w1 ; : : : ; wm of W , then the matrix
of T W W ! V arising from the dual bases is the transpose A> of A.
Proof. Let B be the matrix associated to T W W ! V . The recipe for con-

structing B says that if wi is a basis element, then the i th column of B is the
coordinate list of T .wi /. Let’s unwind this. First, T .wi / D wi ıT . Second,
the coordinate list of wi ı T is obtained by writing it as a linear combination
of v1 ; : : : ; vn : Lemma A.49 does this by computing wi ı T .vj / for all j .
Now

wi ı T .vj / D wi.T .vj // D wi a1j w1 C C amj wm D aij :
Thus, the i th column of B is ai1 ; : : : ; ai m; that is, the i th column of B is the

i th row of A. In other words, B D A> .
If T W V ! W is a linear transformation, then the domain of T is W ,

which depends on the target of T . Suppose that W is a subspace of a vector
space U ; let i W W ! U be the inclusion. Now S D i ı T W V ! U is also
a linear transformation. The transformations T and S have the same domain,
namely V , and the same graph (for T .v/ D S.v/ for all v 2 V ); they differ
only in their targets. Now T W W ! V , while S W U ! V . Since T and
S have different domains, they are certainly different functions, for we have
agreed that the domain of a function is a necessary ingredient of its definition.
We conclude that S and T are distinct; that is, if you like transposes of matri-
ces, then you must admit that targets are essential ingredients of functions.
Exercises
A.18 (i) * If k is a field, c 2 k, and f W k ! k is a function, define a new function
cf W k ! k by a 7! cf .a/. With this definition of scalar multiplication,
prove that the commutative ring k k of all functions on k is a vector space
over k (see Example A.35(iii)).
(ii) Prove that Poly.k/, the set of all polynomial functions k ! k, is a subspace
of k k .
A.19 If the only subspaces of a vector space V are f0g and V itself, prove that
dim.V / 1.
A.20 Prove, in the presence of all the other axioms in the definition of vector space,
that the commutative law for vector addition is redundant; that is, if V satisfies
all the other axioms, then u C v D v C u for all u; v 2 V .
Hint: If u; v 2 V , evaluate Œ. v/ C . u/ in two ways.
A.21 If V is a vector space over F2 and if v1 ¤ v2 are nonzero vectors in V , prove

that v1 ; v2 is linearly independent. Is this true for vector spaces over any other
field?
A.22 Prove that the columns of an m n matrix A over a field k are linearly dependent
in k m if and only if the homogeneous system Ax D 0 has a nontrivial solution.
A.23 Prove that the list of polynomials 1; x; x 2 ; x 3 ; : : : ; x 100 is a linearly independent
list in kŒx, where k is a field.
i i
“book2” — 2013/5/24 — 8:18 — page 440 — #460
i i
A.24 * Let X D v1 ; : : : ; vn be a list in a vector space V , and let Y D y1 ; : : : ; yn be a

permutation of v1 ; : : : ; vn .
(i) Prove that X spans V if and only if Y spans V .
(ii) Prove that X is linearly independent if and only if Y is linearly independent.
(iii) Prove that X is a basis of V if and only if Y is a basis of V .
(iv) Conclude that spanning, being linearly independent, or being a basis are
properties of a subset of vectors, not merely of a list of vectors. See Corol-
lary A.23.
A.25 It is shown in analytic geometry that if `1 and `2 are lines with slopes m1 and
m2 , respectively, then `1 and `2 are perpendicular if and only if m1 m2 D 1. If
ì D f˛vi C ui W ˛ 2 Rg;
for i D 1; 2; prove that m1 m2 D 1 if and only if the dot product v1 v2 D 0.

(Since both lines have slopes, neither is vertical.) See Lemma 3.16.
A.26 (i) In calculus, a line in space passing through a point u is defined as
fu C ˛w W ˛ 2 Rg R3 ;
where w is a fixed nonzero vector. Show that every line through the origin is
a one-dimensional subspace of R3.
(ii) In calculus, a plane in space passing through a point u is defined as the subset
fv 2 R3 W .v u/ n D 0g R3 ;
where n ¤ 0 is a fixed normal vector. Prove that a plane through the origin
is a two-dimensional subspace of R3.
If the origin .0; 0; 0/ lies on a plane H , then u D 0 and
H D fv D .x; y; z/ 2 R3 W v n D 0g;
where n D .˛; ˇ; / is a (nonzero) normal vector; that is, H is the set of all
vectors orthogonal to n.
A.27 If U and W are subspaces of a vector space V , define
U C W D fu C w W u 2 U and w 2 W g:
(i) Prove that U C W is a subspace of V .

(ii) If U and U 0 are subspaces of a finite-dimensional vector space V , prove that
dim.U / C dim.U 0 / D dim.U \ U 0 / C dim.U C U 0 /:
Hint: Extend a basis of U \ U 0 to a basis of U and to a basis of U 0 .

A.28 If U and W are vector spaces over a field k, define their direct sum to be the set
of all ordered pairs,
U ˚ W D f.u; w/ W u 2 U and w 2 W g;
with addition
.u; w/ C .u0 ; w0 / D .u C u0 ; w C w0 /
and scalar multiplication
˛.u; w/ D .˛u; ˛w/:
i i
“book2” — 2013/5/24 — 8:18 — page 441 — #461
i i
A.4 Inequalities 441
(i) Show that U ˚ W is a vector space.

(ii) If U and W are finite-dimensional vector spaces over a field k, prove that
dim.U ˚ W / D dim.U / C dim.W /:
A.29 * Let S; T W V ! W be linear transformations, where V and W are vector spaces
over a field k. Prove that if there is a basis v1 ; : : : ; vn of V for which S.vj / D
T .vj / for all j , then S D T .
A.30 * Prove that the dual space V of a vector space V over a field k is a vector space
over k.
A.4 Inequalities
Many properties of inequality follow from a few basic properties. Denote the Recall that N is the set of
set of all positive real numbers by P (we do not regard 0 as positive). We all nonnegative integers,
assume the set P satisfies so that N D P [ f0g.
(i) a; b 2 P implies a C b 2 P
(ii) a; b 2 P implies ab 2 P
(iii) Trichotomy W If a is a number, then exactly one of the following is true:
a 2 P; a D 0; a 2 P:
The first two properties say that P is closed under addition and multiplica-
tion. We now define inequality.
Definition. Given real numbers a and b, we say that a is less than b, written Other notation: if a < b,
a < b, if b a 2 P ; we say that a is less than or equal to b, written a b, if we may write b > a and,
if b a, we may write
b a 2 N; that is, a b means
b < a (and a b means
Here are some standard properties of inequality.
b a).
Proposition A.51. Let a; b; B be real numbers with b < B.

(i) If a > 0, then ab < aBI if a < 0, then ab > aB.
(ii) If a > 0 and b < 0, then ab < 0.
(iii) If b > 0, then b 1 > 0; if b < 0, then b 1 < 0.
(iv) a C b < a C B and a b > a B.
(v) If c; d are positive, then d < c if and only if d 1 > c 1
.
Proof. We prove the first three parts; the last two proofs are similar and appear
in Exercise A.31 below.
(i) By definition, b 0; that is, a 2 P . To show that ab < aB, we must
show that aB ab D a.B b/ 2 P , and this follows from Property (i)
of P .
If a < 0, then a 2 P . Therefore, . a/.B b/ 2 P , and so
. a/.B b/ D . 1/a.B b/ D a.b B/ 2 P:
i i
“book2” — 2013/5/24 — 8:18 — page 442 — #462
i i
(ii) The first part says that if b 0. If b 1 < 0, then
1
1Dbb 0.
Exercises
A.31 * Prove parts (iv) and (v) of Proposition A.51.
A.32 Prove, or disprove and salvage if possible. Suppose a, b, c, and d are real num-
“Disprove” here means bers.
“give a concrete counterex-
(i) If a < b, then a2 0, then a > 0.
A.33 Does C have a subset P 0 like P ; that is, P 0 is closed under addition and multi-
plication, and it satisfies Trichotomy?
A.5 Generalized Associativity

Recall that a set with a binary operation is a set G equipped with a function
We do not assume that G G ! G; we denote the value of the function by .a; b/ 7! a b. Examples
is commutative; that is, of such sets are the real numbers and the complex numbers, each of which
a b ¤ b a is allowed.
is usually viewed as having two binary operations: addition .a; b/ 7! a C b
and multiplication .a; b/ 7! ab. More generally, every commutative ring has
binary operations addition and multiplication. Another example is given by
G D X X , the family of all functions from a set X to itself: composition of
functions is a binary operation on G.
The adjective binary means two: two elements a; b 2 G are combined to
produce the element a b 2 G. But it is often necessary to combine more than
two elements: for example, we may have to multiply several numbers. The
binary operations in the examples cited above are associative; we can combine
three elements unambiguously. If a; b; c 2 G, then
a .b c/ D .a b/ c:
Since we are told only how to combine two elements, there is a choice when
confronted with three elements: first combine b and c, obtaining b c, and
then combine this new element with a to get a .b c/, or first get a b
and then combine it with c to get .a b/ c. Associativity says that either
choice yields the same element of G. Thus, there is no confusion in writing
a b c without parentheses. In contrast, subtraction is not associative, for it
i i
“book2” — 2013/5/24 — 8:18 — page 443 — #463
i i
A.5 Generalized Associativity 443
is not clear whether a b c means .a b/ c or a .b c/, and these may

be different: 9 .5 3/ D 7 while .9 5/ 3 D 1.
Suppose we want to combine more than three elements; must we assume
more complicated identities? Consider
powers of real numbers, for example.
Is it obvious that a3 a2 D aŒaa2 a? The remarkable fact is: assuming we
don’t need parentheses for three factors, we don’t need parentheses for more
than three factors. To make all concrete, we now call a binary operation mul-
tiplication, and we simplify notation by omitting and writing ab instead of
a b.
Definition. Let G be a set with a binary operation; an expression in G is an

n-tuple .a1 ; a2 ; : : : ; an / 2 G G that is rewritten as a1 a2 an ; we call
the ai factors of the expression.
An expression yields many elements of G by the following procedure.

Choose two adjacent a’s, multiply them, and obtain an expression with n 1
factors: the new product just formed and n 2 original factors. In the shorter
new expression, choose two adjacent factors (either an original pair or an orig-
inal one together with the new product from the first step) and multiply them.
Repeat this procedure until there is a penultimate expression having only two
factors; multiply them and obtain an element of G that we call an ultimate
product. For example, consider the expression abcd . We may first multiply
ab, obtaining .ab/cd , an expression with three factors, namely, ab, c, d . We
may now choose either the pair c, d or the pair ab, c; in either case, multi-
ply them to obtain expressions having two factors: ab; cd , or .ab/c, d . The
two factors in the last expressions can now be multiplied to give two ultimate
products from abcd , namely .ab/.cd / and ..ab/c/d . Other ultimate products
derived from the expression abcd arise from multiplying bc or cd as the first
step. It is not obvious whether the ultimate products from a given expression
are equal.
Definition. Let G be a set with a binary operation. An expression a1 a2 an

in G needs no parentheses if all its ultimate products are equal elements of G.
Theorem A.52 (Generalized Associativity). If G is a set with an associative

binary operation, then every expression a1 a2 an in G needs no parentheses.
Proof. The proof is by induction on n 3. The base step holds because the
operation is associative. For the inductive step, consider two ultimate prod-
ucts U and V obtained from a given expression a1 a2 an after two series of
choices:
U D .a1 ai /.ai C1 an / and V D .a1 aj /.aj C1 an /I
the parentheses indicate the penultimate products displaying the last two fac-
tors that multiply to give U and V , respectively; there are many parentheses
inside each of the shorter expressions. We may assume that i j . Since each
of the four expressions in parentheses has fewer than n factors, the inductive
hypothesis says that each of them needs no parentheses. It follows that U D V
if i D j . If i < j , then the inductive hypothesis allows the first expression to
be rewritten as

U D .a1 ai / Œai C1 aj Œaj C1 an
i i
“book2” — 2013/5/24 — 8:18 — page 444 — #464
i i
and the second to be rewritten as

V D Œa1 ai Œai C1 aj .aj C1 an /;
where each of the expressions a1 ai ; ai C1 aj , and aj C1 an needs no
parentheses. Thus, the three expressions yield unique elements A, B, and C in
G, respectively. The first expression gives U D A.BC / in G, the second gives
V D .AB/C in G, and so U D V in G, by associativity.
Corollary A.53. If G is a set with a binary operation, a 2 G, and m, n 1,

then
amCn D am an and .am /n D amn :
Proof. In the first case, both elements arise from the expression having m C n
factors each equal to a; in the second case, both elements arise from the ex-
pression having mn factors each equal to a.
A.6 A Cyclotomic Integer Calculator

Several times in the previous chapters, we’ve advised you to use a CAS. Some
uses are simply to reduce the computational overhead of algebraic calculations,
such as the expansion in Lagrange interpolation on page 272. For this, you can
use the CAS “right out of the box:” all the functionality you need is built in
with commands like expand or simplify.
Other applications require programming that uses specific syntax for the
CAS in use. A good example is the formula in Example 6.61 on page 265.
The recursive formula for ˆn can be implemented in almost any CAS, but the
details for how to get a product over the divisors of an integer (especially if
Computer Algebra is the product is in the denominator of an expression) can either be trivial, if the
used regularly in many functionality is built-in, or extremely tricky to implement if it is not. There are
high school classrooms,
many CAS environments, so it would be of little use to include actual programs
implemented either on
handheld devices or with
here.
tablet apps. What we can do in this Appendix is point out how to use Proposition 7.20
on page 290 to model Q.˛/, where ˛ is algebraic over Q and its minimal
polynomial p D irr.˛; Q/ is known. The essential piece of that Proposition is
that
Q.˛/ Š QŒx=.p.x//I
so, as long as your CAS can find the remainder when one polynomial is divided
by another, you can use it to perform “modular arithmetic” with polynomials
in Q.˛/.
If p is a prime in Z and D cos.2=p/ C i sin.2=p/, we know that
irr.; Q/ D 1 C x C x 2 C C x p 1
:
This is easily implemented in a CAS with something like
Phi(x,p):= sum(xˆk,k,0,p-1)
Suppose that your CAS command for polynomial remainder is pmod. For ex-
ample,
i i
“book2” — 2013/5/24 — 8:18 — page 445 — #465
i i
A.6 A Cyclotomic Integer Calculator 445
pmod(xˆ3+4xˆ2-3x+1,xˆ2+1)
returns 4x 3, the remainder when x 3 C 4x 2 3x C 1 is divided by x 2 C 1.
The two functions, Phi and pmod, allow us to calculate in Q./. Let’s look
at some examples.
Eisenstein Integers
Arithmetic with complex numbers is built into most CAS environments, so that
you can do calculations with Gaussian integers right away. Arithmetic with
Eisenstein integers isn’t usually built in, but you can build a model of ZŒ! by
thinking of an Eisenstein integer as a congruence class mod x 2 C x C 1:
cl(f) := pmod (f,phi(x,3))
or even
cl(f) := pmod (f, xˆ2+x+1).
Addition and multiplication of classes are defined as in Chapter 7:
add(f,g) = cl(f+g)
mult(f,g) = cl(fg).
So, now we can compute: to find, for example, 3! 5 ! 2 C 1, you want the
class of 3x 5 x 2 C 1 mod x 2 C x C 1
cl (3xˆ5-xˆ2+1)
> -2x-1
And, sure enough,
3! 5 !2 C 1 D 1 2!:
Your model can do generic calculations, giving the rules for addition and mul-
tiplication in ZŒ!:
add(a+b*x,c+d*x)
> a+c+(b+d)*x
mult(a+b*x,c+d*x)
> a*c-b*d + (a*d+b*c-b*d)*x
You can generate Eisenstein triples by squaring Eisenstein integers:
mult(3+2*x,3+2*x)
> 5+8*x
mult(5+x,5+x)
i i
“book2” — 2013/5/24 — 8:18 — page 446 — #466
i i
> 24+9*x
mult(4+3*x,4+3*x)
> 7+15*x
Symmetric Polynomials
In Example 9.6 on page 388, we derived the cubic formula via symmetric
polynomials. There, we defined
s D ˛1 C ˛2 ! C ˛3 ! 2
u D ˛1 C ˛2 ! 2 C ˛3!;
and we saw that s C u D 3˛.

We also claimed that
s 3 C u3 D 27˛1˛2 ˛3 :
Our CAS Eisenstein calculator can help. Replacing ˛; ˇ; by a; b; c, we have
add((a+b*x+c*xˆ2)ˆ3,(a+b*xˆ2+c*x)ˆ3)
> 2*aˆ3-3*aˆ2*b+aˆ2*c-3*a*bˆ2-12*a**b*c-3*a*cˆ2+2*
bˆ3-3*bˆ2*c-3*b*cˆ2+2*cˆ3
factor(2*aˆ3-3*aˆ2*b+aˆ2*c-3*a*bˆ2-12*a**b*c-3*a*
cˆ2+2*bˆ3-3*bˆ2*c-3*b*cˆ2+2*cˆ3)
> (a+b-2*c)*(a-2*b+c)*(2*a-b-c)
This can be written (with an eye to symmetric polynomials) as
.a C b C c 3c/.a C b C c 3b/.3a .a C b C c//:
Since a C b C c D 0, this is exactly what we claimed in Example 9.6.
Algebra with Periods

One last example: in Section 7.3, we outlined Gauss’s construction of the reg-
ular 17-gon with ruler and compass. Central to that is the specification of “pe-
riods” of various lengths, listed on page 323. They are constructed according
to the formula on page 325: if ef D 16, the periods of length f are given by
f
X1 kCje
e;k D 3 ; 0 k < e:
j D0
mod is the CAS built-in A CAS model follows the syntax pretty closely:
“mod” function.
n(e,k):=sum(xˆ(mod(3ˆ(k+e*j),17)),j,0,(16/e)-1).
Now change cl so that it gives the congruence class mod ˆ1 7.x/:
cl(f) := pmod (f, phi(x,17)),
i i
“book2” — 2013/5/24 — 8:18 — page 447 — #467
i i
A.6 A Cyclotomic Integer Calculator 447
and we can calculate with the classes of the periods:
n(2,0)
> xˆ16+xˆ15+xˆ13+xˆ9+xˆ8+xˆ)+xˆ2+x
n(2,1)
> xˆ14+xˆ12+xˆ11+xˆ10+xˆ7+xˆ6+xˆ5+xˆ3
cl( add (n(2,0), n(2, 1)) )

>-1
cl( mult (n(2,0), n(2, 1)) )

> -4
So, as we claimed on page 323, 2;0 and 2;1 are roots of
x2 C x 4:
Exercises
A.34 Find a polynomial in QŒx that has roots 0;k ; 1;k ; 3;k ; 4;k :
i i
“book2” — 2013/5/24 — 8:18 — page 448 — #468
i i
i i
“book2” — 2013/5/24 — 8:18 — page 449 — #469
i i
References
[1] Apostol, Tom M., Introduction to Analytic Number Theory, Under-

graduate Texts in Mathematics, Springer-Verlag, New York-Heidelberg,
1976.
[2] Artin, E., Galois Theory, Edwards Brothers, Ann Arbor, 1948.
[3] Baker, A., Transcendental Number Theory, 2d ed., Cambridge Univer-
sity Press, Cambridge, 1990.
[4] Barbeau, E. J., Polynomials, Springer-Verlag, New York, 1989.
[5] Borevich, Z. I., and Shafarevich, I. R., Number Theory, Academic Press,
New York, 1966.
[6] Cajori, F., A History of Mathematical Notation, Open Court, 1928;
Dover reprint, Mineola NY, 1993.
[7] Cuoco, A., Mathematical Connections, Classroom Resource Materials,
MAA, Washington, 2005.
[8] Dirichlet, P. G. L., Lectures on Number Theory, Supplements by R.
Dedekind. Translated from the 1863 German original and with an intro-
duction by John Stillwell. History of Mathematics, 16. American Math-
ematical Society, Providence; London Mathematical Society, London,
1999.
[9] Du Val, P., Elliptic Functions and Elliptic Curves, London Mathemati-
cal Society Lecture Note Series 9, Cambridge University Press, London,
1973.
[10] EDC, The CME Project, Pearson, Boston, 2013
[11] Edwards, H. M., Fermat’s Last Theorem. A Genetic Introduction to
Number Theory, Graduate Texts in Mathematics vol. 50, Springer-
Verlag, New York, 1977.
[12] Euler, L., Elements of Algebra, Translated from the German by John
Hewlett. Reprint of the 1840 edition. With an introduction by C. Trues-
dell, Springer-Verlag, New York, 1984.
[13] Flannery, S., In Code. A Mathematical Journey, Reprint of the 2000
original, Workman Publishing, New York, 2001.
[14] Gauss, C. F., Disquisitiones Arithmeticae, Arthur A. Clarke (trans), Yale
University Press, New Haven, 1966.
[15] Hadlock, C. R., Field Theory and Its Classical Problems, Carus Mathe-
matical Monographs 19, Mathematical Association of America, Wash-
ington, 1978.
449
i i
“book2” — 2013/5/24 — 8:18 — page 450 — #470
i i
450 References
[16] Heath, T. L., The Thirteen Books of Euclid’s Elements, Cambridge Uni-
versity Press, 1926; Dover reprint, Mineola NY, 1956.
[17] Ireland, K. and Rosen, M., A Classical Introduction to Modern Number
Theory, Springer-Verlag, New York, 1982.
[18] Koblitz, N., A Course in Number Theory and Cryptography, Springer-
[19] ——, Introduction to Elliptic Curves and Modular Forms, Springer Ver-
lag, New York, 1993.
[20] Loomis, E. S., The Pythagorean Proposition, Edwards Brothers., Ann
Arbor, 1940.
[21] Montgomery, S., and Ralston, E. W., Selected Papers in Algebra, Ray-
mond W. Brink Selected Mathematical Papers, Vol. 3, Mathematical As-
sociation of America, Washington, 1977.
[22] Needham, T., Visual Complex Analysis, Clarendon Press, Oxford, 1997.
[23] Ribenboim, P., Thirteen Lectures on Fermat’s Last Theorem, Springer–
[24] Rosen, K. H., Elementary Number Theory and Its Applications, 4th ed.,
Addison-Wesley, Reading, MA, 2000.
[25] Rotman, J. J., Advanced Modern Algebra, 2d ed., Graduate Studies
in Mathematics vol. 114, American Mathematical Society, Providence,
2010.
[26] ——, A First Course in Abstract Algebra, 3d ed., Prentice Hall, Upper
Saddle River NJ, 2006.
[27] ——, Galois Theory, 2d ed., Springer-Verlag, New York, 1998.
[28] ——, Journey into Mathematics, Prentice Hall, Upper Saddle River NJ,
1998; Dover reprint, Mineola NY, 2007.
[29] Samuel, P., Algebraic Theory of Numbers, Houghton-Mifflin, Boston,
1992.
[30] Siegel, C. L., Topics in Complex Function Theory Vol. I, Elliptic Func-
tions and Uniformization Theory, Wiley, New York, 1969.
[31] Silverman, J. H., and Tate, J., Rational Points on Elliptic Curves,
Springer–Verlag, New York, 1992.
[32] Stillwell, J., Mathematics and Its History, 3d ed., Springer, New York,
2010.
[33] Tignol, J.-P., Galois’ Theory of Equations, World Scientific Publishing,
Singapore, 2001.
[34] van der Waerden, B. L., Science Awakening, John Wiley, New York,
1963.
[35] ——, Geometry and Algebra in Ancient Civilizations, Springer–Verlag,
New York, 1983.
[36] Washington, L.C., Introduction to Cyclotomic Fields, Springer, New
York, 1982.
[37] Weil, A., Number Theory: An Approach Through History. From Ham-
murapi to Legendre, Birkhäuser, Boston, 1984.
[38] Weyl, H., Algebraic Theory of Numbers, 6th printing, Princeton Univer-
sity Press, Princeton, 1971; Princeton Landmarks in Mathematics and
Physics Series, 1998.
[39] Wilf, H., Generatingfunctionology, Academic Press, New York, 1994.
i i
“book2” — 2013/5/24 — 8:18 — page 451 — #471
i i
Index
Abel, Niels H., 379, 391, 394, 400 Braunfeld, Peter, 53

abelian group, 390
Addition Theorem, 399 calendar
adjoining to field, 294 formula
Adleman, Leonard M., 150 Conway, John H., 175
al-Khwarizmi, 240 Gregorian, 173
algebraic Julian, 169
element, 293 Mayan, 144
extension field, 293 cancellation law, 192
algebraic closure, 254 Cardano, Girolamo, 81
algebraically closed, 301 cartesian product, 410
anagram, 70 CAS = Computer Algebra System, 142
antanairesis, 31 casting out 9s, 137
Archimedes, 321 castle problem, 90
Aristarchus, 3 Casus Irreducibilis, 383
Arithmetic–Geometric Mean Inequal- century year, 170
ity, 6 characteristic function, 209
Artin, Emil, 386 characteristic of field, 288
associate, 234 Ch’in Chiu-shao = Qin Jiushao, 90,
associated polynomial function, 204 146
associativity, 37 Chinese Remainder Theorem, 142
generalized, 443 chord–tangent construction, 405
atom, 227 closed under operation, 155
automorphism, 386 coconuts, 148
code (see RSA code), 150
b-adic digits, 139 coefficients, 197
Babylonian method, 5 commensurable, 28
base b, 139 common divisor, 24
basis in Z, 24
standard, 430 polynomials, 243
vector space, 430 common multiple
Bernoulli, Jacob, 398 in Z, 55
Bernoulli, James, 398 polynomials, 253
Bhaskara I, 149 common year, 169
bijective, bijection, 416 commutative, 37
binary operation, 155 commutative ring, 156
Binomial Theorem formal power series, 200
in Z, 66 polynomial ring
in commutative ring, 160 one variable, 200
Boolean ring, 167, 223 several variables, 205
451
i i
“book2” — 2013/5/24 — 8:18 — page 452 — #472
i i
452 Index
compass, 309 degree, 198

complement, 168 extension field, 291
completing the square, 2, 23 derivative, 202
complex conjugate, 96 Descartes, René, 82
complex exponential, 108 diagonal, 420
complex number, 92 dimension, 433
absolute value, 99 Diophantine equation, 404
argument, 100 Diophantus, 5, 8, 12, 27, 405
conjugate, 96 direct product, 221
exponential form, 109 direct sum of vector spaces, 440
imaginary part, 92 Dirichlet, J. P. G. Lejeune, 153, 358,
modulus, 99 360
norm, 116 discriminant, 91
polar form, 101 disjoint, 422
real part, 92 distance preserving, 385
composite distributive, 37
functions, 414 divides, 21
number, 22 Division Algorithm
congruence class, 154, 421 integers, 23
congruent mod I , 278 polynomials, 237
congruent mod m, 132, 270 divisor, 21
congruent numbers, 400 commutative ring, 233
constant function, 411 proper, 257
constant polynomial, 201 divisors, 368
constant term, 201 domain, 192
constructible, 311 Euclidean domain, 333
number, 312 of function, 410
point, 311 doomsday, 174
subfield, 313 double angle formula, 107
contrapositive, 26 dual basis, 438
convex, 48 dual space, 437
Conway, John H., 175
coordinate list, 431 Eisenstein integers, 120
coset Eisenstein Criterion, 267
ideal, 279 Eisenstein triple, 121
subgroup, 392 Eisenstein, F. Gotthold M., 120, 267
Cramer’s Rule, 164 Elements, 2, 20
Crelle, August L., 380 elliptic curve, 404
cross multiplication, 193 elliptic function, 400
cubic formula, 84 elliptic integral, 398
cubic polynomial, 382 empty set, 410
cyclotomic integers, 157 equality of functions, 412
cyclotomic polynomial, 265 equality of sets, 410
equivalence class, 421
day, 169 equivalence relation, 420
de Moivre’s Theorem, 107 Erlanger Programm, 390
exponential form, 109 etymology
de Moivre, Abraham, 107 abelian, 391
De Morgan, Augustus, 169 algebra, 240
decimal expansion, 177 algorithm, 240
Dedekind, Richard, 218, 366, 369 arithmetic, xv
i i
“book2” — 2013/5/24 — 8:18 — page 453 — #473
i i
Index 453
binomial, 63 degree, 291

calculus, 197 finite, 291
calendar, 173 pure, 382
casting out 9s, 137 radical, 383
coefficients, 198
corollary, 11 Factor Theorem, 240
cubic, 202 factorial, 51
degree Fagnano, Giulio, 399
field extension, 291 Fermat prime, 325
polynomial, 198 Fermat’s n D 4 Theorem, 15
geometry, xv Fermat’s Last Theorem, 14
golden ratio, 76 Fermat’s Little Theorem, 136
homomorphism, 207 Fermat’s Theorem on Divisors, 372
hypotenuse, 4 Fermat’s Two-Square Theorem, 342
ideal, 218, 366 Fermat, Pierre de, 14
isomorphism, 207 Ferrari, Ludovico, 87
lemma, 11
Fibonacci sequence, 75
linear, 202
Fibonacci, Leonardo, 19, 75
mathematics, xv
field, 163
modulo, 132
algebraically closed, 301
monomial, 63
extension, 291
power, 51
finite, 305
proof, 11
prime, 293
proposition, 10
rational functions, 205
quadratic, 202
splitting, 301
radical, 240
ring, 157 finite extension field, 291
root, 239 finite-dimensional, 428
scalar, 425 first day of month, 173
September, 171 first form of induction, 57
theorem, 11 First Isomorphism Theorem
vector, 424 commutative rings, 282
Euclid, 2, 20, 23 groups, 392
Elements, 20 first quadrant, 372
Euclid’s Lemma fixes, 386
integers, 25 formal power series, 197
PID, 256 fraction field, 194
polynomials, 248 Frey, Gerhard, 407
Euclidean Algorithm I function, 410
integers, 32 bijective, 416
polynomials, 249 constant, 411
Euclidean Algorithm II identity, 411
integers, 32 inclusion, 412
polynomials, 250 injective, 413
Eudoxus, 28, 308 restriction, 415
Euler -function, 111, 232 surjective, 413
Euler, Leonhard, 108, 111, 131, 326, functional, 437
330, 399 Fundamental Theorem
evaluation homomorphism, 215 Algebra, 105
extension field, 291 Arithmetic, 54
algebraic, 293 Galois Theory, 393
i i
“book2” — 2013/5/24 — 8:18 — page 454 — #474
i i
454 Index
Galois field, 306 homomorphism, 217

Galois group, 386 inclusion, 412
Galois, Évariste, 305, 306, 380, 394 Inclusion–Exclusion, 230
Gauss’s Lemma, 260 independent list
Gauss, Carl F., 50, 258, 268, 321, 380, longest, 434
384, 400 indeterminate, 200
Gauss-Wantzel theorem, 325 indirect proof, 27
Gaussian integers, 7, 119, 157 induction
gcd, 24, 243, 255 base step, 47
Generalized Associativity, 443 first form, 47
Germain, Marie-Sophie, 358 inductive hypothesis, 47
golden ratio, 76 inductive step, 47, 57
googol, 140 strong, 57
Granville, Andrew J., 406 inductive reasoning, 45
graph of function, 411 inequalities, 441
greatest common divisor, 24, 243, 255 inert, 342
greatest integer function, 29 infinite descent, 12
Gregorian calendar, 170 infinite-dimensional, 428
group, 389 injective, injection, 413
abelian, 390 integers mod m, 154
quotient, 392 integers Z, 21
solvable, 394 rational, 339
symmetric, 389 integers, cyclotomic, 359
integration, 42
Heath, Thomas L., 2, 20 invariance of dimension, 433
Helikon, 308 inverse element
Heron triangle, 14 additive, 37
Hilbert, David, 157, 369 group, 389
hockey stick, 68 multiplicative, 37, 156
Hölder, Otto L., 383 inverse function, 416
Holmes, Sherlock, 176 irr.z; k/, 296
homomorphism, 207 irreducible in commutative ring, 234
group, 391 isometry, 385
Hume, James, 82 isomorphism, 207
Hungerbühler, Norbert, 320 group, 391
hyperbolic cosine, 6
Jacobi, Carl G. J., 360, 380, 400
ideal, 218 Joachimsthal, Ferdinand, 359
generated by X, 168 Julian calendar, 169
maximal, 286
prime, 286 k-linear combination, 427
principal, 218 Kaplansky, Irving, 236
product, 220 kernel, 217
proper, 218 group, 392
sum, 220 Klein, Felix C., 390
identity element Kolyvagin, Victor, 407
commutative ring, 156 Kronecker, Leopold, 28, 300, 359
group, 389 Kummer, Eduard, 218, 358, 359
identity function, 411
image Lagrange Interpolation, 272
function, 410 Lagrange, Joseph-Louis, 272
i i
“book2” — 2013/5/24 — 8:18 — page 455 — #475
i i
Index 455
Lamé, Gabriel, 32, 358 natural map, 282

lattice point, 13, 35 natural numbers N, 21
Law of Decomposition n choose r , 63
Eisenstein integes, 346 negative, 37, 156
Gaussian integers, 343 Newton, Isaac, 197, 405
Law of Substitution, 37, 155, 412 Nine Chapters on the Mathematical Art,
Laws of Exponents, 52 3, 6
leading coefficient, 198 Noether, Emmy, 369
leap year, 169 norm, 116
least common multiple normal subgroup, 392
in Z, 55
polynomials, 253 one-one correspondence
Least Integer Axiom, 21 see bijective, 416
Legendre, Adrien-Marie, 358 one-to-one
Leibniz, Gottfried W., 68, 397 see injective, 413
Levi ben Gershon, 52 onto (function)
lies above, 340 see surjective, 413
Lindemann, C. L. Ferdinand von, 293 order of power series, 203
linear combination, 218 order of unit, 165
in Z, 24 ordered pair, 410
vector space, 427 Oresme, Nicole, 45
linear transformation, 435 origin, 310
linearly dependent, 429 Oughtred, William, 82
linearly independent, 429, 430
pairwise disjoint, 422
Liouville, Joseph, 381, 397
parallelogram law, 93, 425
list, 427
parity, 131
longest independent list, 434
partition, 422
lowest terms
Pascal’s triangle, 63
in Q, 26
Pascal, Blaise, 52, 64
rational functions, 248
period, 179
permutation, 385
Mascheroni, Lorenzo, 320 PID, 255
matrix associated to linear transforma- Pigeonhole Principle, 419
tion, 437 Plato, 308
Maurolico, Francesco, 52 Plimpton 322, 4
maximal ideal, 286 Pogrebishte, 176
Mayan calendar, 144 pointwise addition, 157
Mazur, Barry, 407 pointwise multiplication, 157
minimal polynomial, 296 polar form, 101
Möbius, August F., 263 polynomial
modulus, 132 n variables, 205
Mohr, Georg, 320 monic, 201
monic polynomial, 201 one variable, 197
Moore, Eliakim H., 306 reduced, 83
Motzkin, Theodore S., 335 splits, 301
multiple, 21 zero, 198
multiplicative function, 378 polynomial function, 204
strongly multiplicative function, polynomial ring
375 one variable, 200
multiplicity, 254 several variables, 205
i i
“book2” — 2013/5/24 — 8:18 — page 456 — #476
i i
456 Index
power series, 197 rational

powers, 51 block, 179
commutative ring, 160 function, 205
predecessor, 57 integer, 339
prime, 22 line, 13
inert, 342 period, 179
ramifies, 342 point, 10
rational, 339 prime, 339
splits, 340 repeats, 179
prime factorization, 54, 252 terminates, 179
prime field, 293 Rational Root Theorem, 260
prime ideal, 286 Recorde, Robert, 82
primes recurrence, 74
irregular, 368 reduced polynomial, 83
regular, 368 reduction mod p, 260
primitive element, 325 reflexive relation, 420
primitive Pythagorean triple, 27 relation, 420
primitive root of unity, 111, 264 relatively prime
principal ideal, 218 integers, 26
principal ideal domain, 255 polynomials, 248
private key, 150 remainder, 23
Proclus, 20 Remainder Theorem, 240
product expansion, 375 repeated roots, 263
proof resolvent cubic, 87, 384
by contradiction, 27 restriction, 415
indirect, 27 Ribet, Kenneth A., 407
proper Riemann zeta function, 374
ideal, 218 Riemann, G. F. Bernhard, 369
subset, 410 ring, commutative, 156
subspace, 426 Rivest, Ronald L., 150
public key, 150 root
pure extension, 382 multiplicity, 254
Pythagoras, 2 polynomial, 81, 239
Pythagorean root of unity, 111
point, 10 commutative ring, 165
Theorem, 2 cube root, 82
converse, 7 primitive, 111, 264
triple, 4 RSA code, 150
primitive, 27 Ruffini, Paolo, 394
similar, 9 ruler, 309
Qin Jiushao, 90, 146 scalar, 424

quadratic formula, 2 multiplication, 424
quartic formula, 87 Schönemann, Theodor, 267
quartic polynomial, 383 Scherk, Heinrich F., 359
quotient, 23, 38 Scipione, 81
quotient group, 392 Serre, Jean-Pierre, 407
quotient ring, 281 Shamir, Adi, 150
Shimura, Goro, 397, 407
radical extension, 383 similar, 9
Rahn, Johann H., 82 Singer, Richard, 267
i i
“book2” — 2013/5/24 — 8:18 — page 457 — #477
i i
Index 457
single-valued, 412 Uncle Charles, 174

size function, 333 unique, 23
smallest subspace, 427 unique factorization
solution of linear system, 426 in Z, 54
solution space, 426 polynomials, 252
solvable by radicals, 383 unique factorization domain, 258
solvable group, 394 unit, 162
spans, 427 unit n-gon, 110
splits unit circle, 8
polynomial, 301 unit vector, 99
prime, 340
splitting field, 301 valuation, 350
squarefree integer, 34 value of function, 410
standard basis, 430 van der Waerden, Bartel L., 21, 28
straightedge (see ruler), 309 Vandermonde’s Identity, 73
strong induction, 57 Vandermonde, Alexandre, 73
subfield, 167 vector space, 424
generated by X, 293 vectors, 424
subgroup, 390 Venn diagram, 222
normal, 392 Venn, John, 222
subring, 166 Viète, Francois, 82, 88
generated by X , 168
Wantzel, Pierre L., 318
subset, 410
Weierstrass, Karl, 404
subspace, 426
Weil, André, 407
proper, 426
well-defined, 412
smallest, 427
Well-Ordering Axiom, 21
spanned by X, 427
Wessel, Caspar, 92
subtraction, 38
Widman, Johannes, 82
surjective, 413
Wiles, Andrew J., 14, 396, 407
surjective, surjection, 413
Williams, Kenneth S., 335
symmetric difference, 166
Wilson’s Theorem, 263
symmetric group, 389, 418
Wilson, Jack C., 335
symmetric relation, 420
Wilson, John, 263
symmetry, 385
year, 169
tangent half-angle formula, 43 century year, 170
Taniyama, Yutaka, 397, 407 common, 169
target, 410 leap year, 169
Tartaglia = Nicolo Fontana, 81
transcendental element, 293 zero polynomial, 198
transitive relation, 420 zero ring, 159
transpose, 438 zero divisor, 192
triangular number, 68
trichotomy, 441
trigonometric identities, 42
triple angle formula, 110
Trotsky, Leon, 170
tzolkin calendar, 144
UFD, 258
Uncle Ben, 176
i i
“book2” — 2013/5/24 — 8:18 — page 458 — #478
i i
i i
“book2” — 2013/5/24 — 8:18 — page 459 — #479
i i
About the Authors
Al Cuoco is Distinguished Scholar and Director of the Center for Mathematics

Education at Education Development Center. He is lead author for The CME
Project, a four-year NSF-funded high school curriculum, published by Pear-
son. He also co-directs Focus on Mathematics, a mathematics-science part-
nership that has established a mathematical community of mathematicians,
teachers, and mathematics educators. The partnership evolved from his 25-year
collaboration with Glenn Stevens (BU) on Boston University’s PROMYS for
Teachers, a professional development program for teachers based on the Ross
program (an immersion experience in mathematics). Al taught high school
mathematics to a wide range of students in the Woburn, Massachusetts public
schools from 1969 until 1993. A student of Ralph Greenberg, Cuoco holds a
Ph.D. from Brandeis, with a thesis and research in Iwasawa theory. In addition
to this book, MAA published his Mathematical Connections: a Companion for
Teachers and Others. But his favorite publication is a 1991 paper in the Amer-
ican Mathematical Monthly, described by his wife as an attempt to explain a
number system that no one understands with a picture that no one can see.
Joseph Rotman was born in Chicago on May 26, 1934. He studied at the
University of Chicago, receiving the degrees BA, MA, and Ph.D. there in 1954,
1956, and 1959, respectively; his thesis director was Irving Kaplansky.
Rotman has been on the faculty of the mathematics department of the Uni-
versity of Illinois at Urbana-Champaign since 1959, with the following ranks:
Research Associate 1959–1961; Assistant Professor 1961–1963; Associate Pro-
fessor 1963–1968; Professor 1968–2004; Professor Emeritus 2004–present.
He has held the following visiting appointments: Queen Mary College, Lon-
don, England 1965, 1985; Aarhus University, Denmark, Summer 1970; He-
brew University, Jerusalem, Israel 1970; University of Padua, Italy, 1972; Tech-
nion, Israel Institute of Technology and Hebrew University, Jerusalem (Lady
Davis Professor), 1977–78; Tel Aviv University, Israel, 1982; Bar Ilan Univer-
sity, Israel, Summer 1982; Annual visiting lecture, South African Mathemati-
cal Society, 1985; Oxford University, England, 1990.
Professor Rotman was an editor of Proceedings of American Mathematical
Society, 1970, 1971; managing editor, 1972, 1973.
Aside from writing research articles, mostly in algebra, he has written the
following textbooks: Group Theory 1965, 1973, 1984, 1995; Homological Al-
gebra 1970, 1979, 2009; Algebraic Topology 1988; Galois Theory 1990, 1998;
Journey into Mathematics 1998, 2007; First Course in Abstract Algebra 1996,
2000, 2006; Advanced Modern Algebra 2002.
459
i i

Learning Modern Algebra

Uploaded by

Copyright:

Available Formats

Learning Modern Algebra

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Learning Modern Algebra

Uploaded by

Copyright:

Available Formats

“book2” — 2013/5/24 — 8:18 — page i — #1

Learning Modern Algebra

Learning Modern Algebra

Published and distributed by

Mathematical Modeling in the Environment, Charles Hadlock

MAA Service Center

Per Micky: Tutto quello che faccio, lo faccio per te.

1 Early Number Theory 1

4 Modular Arithmetic 131

5 Abstract Algebra 191

6 Arithmetic of Polynomials 233

7 Quotients, Fields, and Classical Problems 277

Algebraic Extensions . . . . . . . . . . . . . . . . . . . . 293

8 Cyclotomic Integers 329

About the Authors 459

Before its solution, Fermat’s Last Theorem was a challenge to mathemati-

Some Features of This Book

Etymology. The word mathematics comes from classical Greek; it

It is a pleasure to acknowledge those who have contributed valuable com-

—Al Cuoco and Joe Rotman

.a; b; c/ 4 triangle with sides of lengths a; b; c

Fun.R/ 157 ring of functions R ! R

L.P; Q/ 309 line determined by points P; Q

1 Early Number Theory

1.1 Ancient Mathematics

2 Chapter 1 Early Number Theory

Solve 12x 3 D 3630,

Figure 1.1. Completing the Square.

figure to a square by attaching the corner square having area 12 b 21 b D 41 b 2 ;

1.1 Ancient Mathematics 3

Here is an ancient application of the Pythagorean Theorem. Aristarchus

Figure 1.3. Earth, Moon, and Sun.

Example 1.1. Next, we present a geometric problem from a Chinese collec-

Figure 1.4. Door Problem.

4 Chapter 1 Early Number Theory

Definition. A triple .a; b; c/ of positive integers with a2 C b 2 D c 2 is called

If .a; b; c/ is a Pythagorean triple, then the triangles 4.a; b; c/ and 4.b; a; c/

1.1 Ancient Mathematics 5

It is plain that the Babylonians had a way to generate large Pythagorean

We can also solve for b and c:

6 Chapter 1 Early Number Theory

(ii) Use (i) to establish the Arithmetic–Geometric Mean Inequality: if a and b

When is there equality?

Figure 1.6. Arithmetic–Geometric Mean Inequality.

1.7 * Prove that there is no Pythagorean triple .a; b; c/ with c D 12.

.q 2 p2 ; 2qp; q 2 C p2 / If z is a complex number,

1.18 Preview: Show, for all real numbers m and n, that

8 Chapter 1 Early Number Theory

Geometry and Pythagorean Triples

Figure 1.7. Geometric Idea of Diophantus.

We knew at the outset that y D 0 makes this true. If y ¤ 0, then canceling

10 Chapter 1 Early Number Theory

Remember that we regard Pythagorean triples .a; b; c/ and .b; a; c/ as the

Proposition 1.3. A triple .a; b; c/ of integers is a Pythagorean triple if and

Etymology. Here are sources of some common words of mathematics.

 Theorem: From the Greek word meaning “spectacle” or “contemplate.” Re-

The Method of Diophantus

Proof. (i) The parametrization P D .x; y/ gives a pair of equations:

Clearly, if t is rational, then both x and y are rational. Conversely, if

Therefore, Pythagorean points correspond

.a; b; c/ 4 triangle with sides of lengths a; b; c

Theorem: From the Greek word meaning “spectacle” or “contemplate.” Re-

Definition. An integer a is prime if a 2 and its only divisors are ˙1 and

We allow products having Proposition 1.14. Every integer a 2 is a product of primes.

where q is an integer and 0 r=a < 1. If we clear denominators, we get the

If b 0, then gcd.0; b/ D b (why?).