abstract algebra-Thomas W. Judson.pdf

i
[chapter]
[chapter]
[chapter]

ii

Abstract Algebra
Theory and Applications
Thomas W. Judson
Harvard University
July 6, 2008

Preface
This text is intended for a one- or two-semester undergraduate course in
abstract algebra. Traditionally, these courses have covered the theoreti-
cal aspects of groups, rings, and elds. However, with the development of
computing in the last several decades, applications that involve abstract al-
gebra and discrete mathematics have become increasingly important, and
many science, engineering, and computer science students are now electing
to minor in mathematics. Though theory still occupies a central role in the
subject of abstract algebra and no student should go through such a course
without a good notion of what a proof is, the importance of applications
such as coding theory and cryptography has grown signicantly.
Until recently most abstract algebra texts included few if any applica-
tions. However, one of the major problems in teaching an abstract algebra
course is that for many students it is their rst encounter with an environ-
ment that requires them to do rigorous proofs. Such students often nd it
hard to see the use of learning to prove theorems and propositions; applied
examples help the instructor provide motivation.
This text contains more material than can possibly be covered in a single
semester. Certainly there is adequate material for a two-semester course,
and perhaps more; however, for a one-semester course it would be quite easy
to omit selected chapters and still have a useful text. The order of presen-
tation of topics is standard: groups, then rings, and nally elds. Emphasis
can be placed either on theory or on applications. A typical one-semester
course might cover groups and rings while briey touching on eld theory,
using Chapters 0 through 5, 8, 9, 11 (the rst part), 14, 15, 16 (the rst
part), 18, and 19. Parts of these chapters could be deleted and applications
substituted according to the interests of the students and the instructor. A
two-semester course emphasizing theory might cover Chapters 0 through 5,
8, 9, 11 through 16, 18, 19, 20 (the rst part), and 21. On the other hand,
vii

viii PREFACE
if applications are to be emphasized, the course might cover Chapters 0
through 12, and 14 through 20. In an applied course, some of the more the-
oretical results could be assumed or omitted. A chapter dependency chart
appears below. (A broken line indicates a partial dependency.)
Chapters 0{5Chapter 7Chapter 8Chapter 6Chapter 9Chapter 11Chapter 14Chapter 10Chapter 12Chapter 15Chapter 13Chapter 16Chapter 18Chapter 17Chapter 19Chapter 20Chapter 21
Though there are no specic prerequisites for a course in abstract alge-
bra, students who have had other higher-level courses in mathematics will
generally be more prepared than those who have not, because they will pos-
sess a bit more mathematical sophistication. Occasionally, we shall assume
some basic linear algebra; that is, we shall take for granted an elemen-
tary knowledge of matrices and determinants. This should present no great
problem, since most students taking a course in abstract algebra have been
introduced to matrices and determinants elsewhere in their career, if they
have not already taken a sophomore- or junior-level course in linear algebra.
Exercise sections are the heart of any mathematics text. An exercise set

PREFACE ix
appears at the end of each chapter. The nature of the exercises ranges over
several categories; computational, conceptual, and theoretical problems are
included. A section presenting hints and solutions to many of the exercises
appears at the end of the text. Often in the solutions a proof is only sketched,
and it is up to the student to provide the details. The exercises range in
diculty from very easy to very challenging. Many of the more substantial
problems require careful thought, so the student should not be discouraged
if the solution is not forthcoming after a few minutes of work. A complete
solutions manual is available for the instructor's use.
There are additional exercises or computer projects at the ends of many
of the chapters. The computer projects usually require a knowledge of pro-
gramming. All of these exercises and projects are more substantial in nature
and allow the exploration of new results and theory.
Acknowledgements
I would like to acknowledge the following reviewers for their helpful com-
ments and suggestions.
David Anderson, University of Tennessee, Knoxville
Robert Beezer, University of Puget Sound
Myron Hood, California Polytechnic State University
Herbert Kasube, Bradley University
John Kurtzke, University of Portland
Inessa Levi, University of Louisville
Georey Mason, University of California, Santa Cruz
Bruce Mericle, Mankato State University
Kimmo Rosenthal, Union College
Mark Teply, University of Wisconsin
I would also like to thank Steve Quigley, Marnie Pommett, Cathie Grin,
Kelle Karshick, and the rest of the sta at PWS for their guidance through-
out this project. It has been a pleasure to work with them.
Thomas W. Judson

Contents
Preface vii
0 Preliminaries 1
0.1 A Short Note on Proofs . . . . . . . . . . . . . . . . . . . . . 1
0.2 Sets and Equivalence Relations . . . . . . . . . . . . . . . . . 4
1 The Integers 22
1.1 Mathematical Induction . . . . . . . . . . . . . . . . . . . . . 22
1.2 The Division Algorithm . . . . . . . . . . . . . . . . . . . . . 26
2 Groups 35
2.1 The Integers modnand Symmetries . . . . . . . . . . . . . . 35
2.2 Denitions and Examples . . . . . . . . . . . . . . . . . . . . 40
2.3 Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3 Cyclic Groups 56
3.1 Cyclic Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . 56
3.2 The GroupC

. . . . . . . . . . . . . . . . . . . . . . . . . . 60
3.3 The Method of Repeated Squares . . . . . . . . . . . . . . . . 64
4 Permutation Groups 72
4.1 Denitions and Notation . . . . . . . . . . . . . . . . . . . . . 73
4.2 The Dihedral Groups . . . . . . . . . . . . . . . . . . . . . . . 81
5 Cosets and Lagrange's Theorem 89
5.1 Cosets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
5.2 Lagrange's Theorem . . . . . . . . . . . . . . . . . . . . . . . 92
5.3 Fermat's and Euler's Theorems . . . . . . . . . . . . . . . . . 94
x

CONTENTS xi
6 Introduction to Cryptography 97
6.1 Private Key Cryptography . . . . . . . . . . . . . . . . . . . . 98
6.2 Public Key Cryptography . . . . . . . . . . . . . . . . . . . . 101
7 Algebraic Coding Theory 108
7.1 Error-Detecting and Correcting Codes . . . . . . . . . . . . . 108
7.2 Linear Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
7.3 Parity-Check and Generator Matrices . . . . . . . . . . . . . 121
7.4 Ecient Decoding . . . . . . . . . . . . . . . . . . . . . . . . 128
8 Isomorphisms 138
8.1 Denition and Examples . . . . . . . . . . . . . . . . . . . . . 138
8.2 Direct Products . . . . . . . . . . . . . . . . . . . . . . . . . . 143
9 Homomorphisms and Factor Groups 152
9.1 Factor Groups and Normal Subgroups . . . . . . . . . . . . . 152
9.2 Group Homomorphisms . . . . . . . . . . . . . . . . . . . . . 155
9.3 The Isomorphism Theorems . . . . . . . . . . . . . . . . . . . 162
10 Matrix Groups and Symmetry 170
10.1 Matrix Groups . . . . . . . . . . . . . . . . . . . . . . . . . . 170
10.2 Symmetry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
11 The Structure of Groups 190
11.1 Finite Abelian Groups . . . . . . . . . . . . . . . . . . . . . . 190
11.2 Solvable Groups . . . . . . . . . . . . . . . . . . . . . . . . . 195
12 Group Actions 203
12.1 Groups Acting on Sets . . . . . . . . . . . . . . . . . . . . . . 203
12.2 The Class Equation . . . . . . . . . . . . . . . . . . . . . . . 207
12.3 Burnside's Counting Theorem . . . . . . . . . . . . . . . . . . 209
13 The Sylow Theorems 220
13.1 The Sylow Theorems . . . . . . . . . . . . . . . . . . . . . . . 220
13.2 Examples and Applications . . . . . . . . . . . . . . . . . . . 224
14 Rings 232
14.1 Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
14.2 Integral Domains and Fields . . . . . . . . . . . . . . . . . . . 237
14.3 Ring Homomorphisms and Ideals . . . . . . . . . . . . . . . . 239
14.4 Maximal and Prime Ideals . . . . . . . . . . . . . . . . . . . . 243

xii CONTENTS
14.5 An Application to Software Design . . . . . . . . . . . . . . . 246
15 Polynomials 256
15.1 Polynomial Rings . . . . . . . . . . . . . . . . . . . . . . . . . 257
15.2 The Division Algorithm . . . . . . . . . . . . . . . . . . . . . 261
15.3 Irreducible Polynomials . . . . . . . . . . . . . . . . . . . . . 265
16 Integral Domains 277
16.1 Fields of Fractions . . . . . . . . . . . . . . . . . . . . . . . . 277
16.2 Factorization in Integral Domains . . . . . . . . . . . . . . . . 281
17 Lattices and Boolean Algebras 294
17.1 Lattices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
17.2 Boolean Algebras . . . . . . . . . . . . . . . . . . . . . . . . . 299
17.3 The Algebra of Electrical Circuits . . . . . . . . . . . . . . . . 305
18 Vector Spaces 312
18.1 Denitions and Examples . . . . . . . . . . . . . . . . . . . . 312
18.2 Subspaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
18.3 Linear Independence . . . . . . . . . . . . . . . . . . . . . . . 315
19 Fields 322
19.1 Extension Fields . . . . . . . . . . . . . . . . . . . . . . . . . 322
19.2 Splitting Fields . . . . . . . . . . . . . . . . . . . . . . . . . . 333
19.3 Geometric Constructions . . . . . . . . . . . . . . . . . . . . . 336
20 Finite Fields 346
20.1 Structure of a Finite Field . . . . . . . . . . . . . . . . . . . . 346
20.2 Polynomial Codes . . . . . . . . . . . . . . . . . . . . . . . . 351
21 Galois Theory 364
21.1 Field Automorphisms . . . . . . . . . . . . . . . . . . . . . . 364
21.2 The Fundamental Theorem . . . . . . . . . . . . . . . . . . . 370
21.3 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Notation 387
Hints and Solutions 391

0
Preliminaries
A certain amount of mathematical maturity is necessary to nd and study
applications of abstract algebra. A basic knowledge of set theory, mathe-
matical induction, equivalence relations, and matrices is a must. Even more
important is the ability to read and understand mathematical proofs. In
this chapter we will outline the background needed for a course in abstract
algebra.
0.1 A Short Note on Proofs
Abstract mathematics is dierent from other sciences. In laboratory sciences
such as chemistry and physics, scientists perform experiments to discover
new principles and verify theories. Although mathematics is often motivated
by physical experimentation or by computer simulations, it is made rigorous
through the use of logical arguments. In studying abstract mathematics, we
take what is called an axiomatic approach; that is, we take a collection of
objectsSand assume some rules about their structure. These rules are called
axioms. Using the axioms forS, we wish to derive other information about
Sby using logical arguments. We require that our axioms be consistent;
that is, they should not contradict one another. We also demand that there
not be too many axioms. If a system of axioms is too restrictive, there will
be few examples of the mathematical structure.
Astatementin logic or mathematics is an assertion that is either true
or false. Consider the following examples:
3 + 5613 + 8=2.
All cats are black.
2 + 3 = 5.
1

2 CHAPTER 0 PRELIMINARIES
2x= 6 exactly whenx= 4.
Ifax
2
+bx+c= 0 anda6= 0, then
x=
b
p
b
2
4ac2a
:
x
3
4x
2
+ 5x6.
All but the rst and last examples are statements, and must be either true
or false.
Amathematical proofis nothing more than a convincing argument
about the accuracy of a statement. Such an argument should contain enough
detail to convince the audience; for instance, we can see that the statement
\2x= 6 exactly whenx= 4" is false by evaluating 24 and noting that
66= 8, an argument that would satisfy anyone. Of course, audiences may
vary widely: proofs can be addressed to another student, to a professor,
or to the reader of a text. If more detail than needed is presented in the
proof, then the explanation will be either long-winded or poorly written. If
too much detail is omitted, then the proof may not be convincing. Again
it is important to keep the audience in mind. High school students require
much more detail than do graduate students. A good rule of thumb for an
argument in an introductory abstract algebra course is that it should be
written to convince one's peers, whether those peers be other students or
other readers of the text.
Let us examine dierent types of statements. A statement could be as
simple as \10=5 = 2"; however, mathematicians are usually interested in
more complex statements such as \Ifp, thenq," wherepandqare both
statements. If certain statements are known or assumed to be true, we
wish to know what we can say about other statements. Herepis called
thehypothesisandqis known as theconclusion. Consider the following
statement: Ifax
2
+bx+c= 0 anda6= 0, then
x=
b
p
b
2
4ac2a
:
The hypothesis isax
2
+bx+c= 0 anda6= 0; the conclusion is
x=
b
p
b
2
4ac2a
:
Notice that the statement says nothing about whether or not the hypothesis
is true. However, if this entire statement is true and we can show that

0.1 A SHORT NOTE ON PROOFS 3
ax
2
+bx+c= 0 witha6= 0 is true, then the conclusionmustbe true. A
proof of this statement might simply be a series of equations:
ax
2
+bx+c= 0
x
2
+
b
a
x=
c
a
x
2
+
b
a
x+

b
2a

2
=

b
2a

2

c
a

x+
b
2a

2
=
b
2
4ac
4a
2
x+
b
2a
=

p
b
2
4ac2a
x=
b
p
b
2
4ac2a
:
If we can prove a statement true, then that statement is called apropo-
sition. A proposition of major importance is called atheorem. Sometimes
instead of proving a theorem or proposition all at once, we break the proof
down into modules; that is, we prove several supporting propositions, which
are calledlemmas, and use the results of these propositions to prove the
main result. If we can prove a proposition or a theorem, we will often,
with very little eort, be able to derive other related propositions called
corollaries.
Some Cautions and Suggestions
There are several dierent strategies for proving propositions. In addition
to using dierent methods of proof, students often make some common mis-
takes when they are rst learning how to prove theorems. To aid students
who are studying abstract mathematics for the rst time, we list here some
of the diculties that they may encounter and some of the strategies of
proof available to them. It is a good idea to keep referring back to this list
as a reminder. (Other techniques of proof will become apparent throughout
this chapter and the remainder of the text.)
A theorem cannot be proved by example; however, the standard way to
show that a statement is not a theorem is to provide a counterexample.
Quantiers are important. Words and phrases such asonly,for all,
for every, andfor somepossess dierent meanings.

4 CHAPTER 0 PRELIMINARIES
Never assume any hypothesis that is not explicitly stated in the theo-
rem.You cannot take things for granted.
Suppose you wish to show that an objectexistsand isunique. First
show that there actually is such an object. To show that it is unique,
assume that there are two such objects, sayrands, and then show
thatr=s.
Sometimes it is easier to prove the contrapositive of a statement. Prov-
ing the statement \Ifp, thenq" is exactly the same as proving the
statement \If notq, then notp."
Although it is usually better to nd a direct proof of a theorem, this
task can sometimes be dicult. It may be easier to assume that the
theorem that you are trying to prove is false, and to hope that in the
course of your argument you are forced to make some statement that
cannot possibly be true.
Remember that one of the main objectives of higher mathematics is
proving theorems. Theorems are tools that make new and productive ap-
plications of mathematics possible. We use examples to give insight into
existing theorems and to foster intuitions as to what new theorems might
be true. Applications, examples, and proofs are tightly interconnected|
much more so than they may seem at rst appearance.
0.2 Sets and Equivalence Relations
Set Theory
Asetis a well-dened collection of objects; that is, it is dened in such
a manner that we can determine for any given objectxwhether or notx
belongs to the set. The objects that belong to a set are called itselements
ormembers. We will denote sets by capital letters, such asAorX; ifais
an element of the setA, we writea2A.
A set is usually specied either by listing all of its elements inside a
pair of braces or by stating the property that determines whether or not an
objectxbelongs to the set. We might write
X=fx1; x2; : : : ; xng
for a set containing elementsx1; x2; : : : ; xnor
X=fx:xsatisesPg

0.2 SETS AND EQUIVALENCE RELATIONS 5
if eachxinXsatises a certain propertyP. For example, ifEis the set of
even positive integers, we can describeEby writing either
E=f2;4;6; : : :g
or
E=fx:xis an even integer andx >0g:
We write 22Ewhen we want to say that 2 is in the setE, and3=2Eto
say that3 is not in the setE.
Some of the more important sets that we will consider are the following:
N=fn:nis a natural numberg=f1;2;3; : : :g;
Z=fn:nis an integerg=f: : : ;1;0;1;2; : : :g;
Q=fr:ris a rational numberg=fp=q:p; q2Zwhereq6= 0g;
R=fx:xis a real numberg;
C=fz:zis a complex numberg:
We nd various relations between sets and can perform operations on
sets. A setAis asubsetofB, writtenABorBA, if every element
ofAis also an element ofB. For example,
f4;5;8g f2;3;4;5;6;7;8;9g
and
NZQRC:
Trivially, every set is a subset of itself. A setBis aproper subsetof a
setAifBAbutB6=A. IfAis not a subset ofB, we writeA6B; for
example,f4;7;9g 6 f2;4;5;8;9g. Two sets areequal, writtenA=B, if we
can show thatABandBA.
It is convenient to have a set with no elements in it. This set is called
theempty setand is denoted by;. Note that the empty set is a subset of
every set.
To construct new sets out of old sets, we can perform certain operations:
theunionA[Bof two setsAandBis dened as
A[B=fx:x2Aorx2Bg;
theintersectionofAandBis dened by
A\B=fx:x2Aandx2Bg:

6 CHAPTER 0 PRELIMINARIES
IfA=f1;3;5gandB=f1;2;3;9g, then
A[B=f1;2;3;5;9g
and
A\B=f1;3g:
We can consider the union and the intersection of more than two sets. In
this case we write
n
[
i=1
Ai=A1[: : :[An
and
n
\
i=1
Ai=A1\: : :\An
for the union and intersection, respectively, of the collection of setsA1; : : : An.
When two sets have no elements in common, they are said to bedisjoint;
for example, ifEis the set of even integers andOis the set of odd integers,
thenEandOare disjoint. Two setsAandBare disjoint exactly when
A\B=;.
Sometimes we will work within one xed setU, called theuniversal
set. For any setAU, we dene thecomplementofA, denoted byA
0
,
to be the set
A
0
=fx:x2Uandx =2Ag:
We dene thedierenceof two setsAandBto be
AnB=A\B
0
=fx:x2Aandx =2Bg:
Example 1.LetRbe the universal set and suppose that
A=fx2R: 0< x3g
and
B=fx2R: 2x <4g:
Then
A\B=fx2R: 2x3g
A[B=fx2R: 0< x <4g
AnB=fx2R: 0< x <2g
A
0
=fx2R:x0 orx >3g:

0.2 SETS AND EQUIVALENCE RELATIONS 7
Proposition 0.1LetA,B, andCbe sets. Then
1.A[A=A,A\A=A, andAnA=;;
2.A[ ;=AandA\ ;=;;
3.A[(B[C) = (A[B)[CandA\(B\C) = (A\B)\C;
4.A[B=B[AandA\B=B\A;
5.A[(B\C) = (A[B)\(A[C);
6.A\(B[C) = (A\B)[(A\C).
Proof.We will prove (1) and (3) and leave the remaining results to be
proven in the exercises.
(1) Observe that
A[A=fx:x2Aorx2Ag
=fx:x2Ag
=A
and
A\A=fx:x2Aandx2Ag
=fx:x2Ag
=A:
Also,AnA=A\A
0
=;.
(3) For setsA,B, andC,
A[(B[C) =A[ fx:x2Borx2Cg
=fx:x2Aorx2B, orx2Cg
=fx:x2Aorx2Bg [C
= (A[B)[C:
A similar argument proves thatA\(B\C) = (A\B)\C.
Theorem 0.2 (De Morgan's Laws) LetAandBbe sets. Then
1. (A[B)
0
=A
0
\B
0
;
2. (A\B)
0
=A
0
[B
0
.

8 CHAPTER 0 PRELIMINARIES
Proof.(1) We must show that (A[B)
0
A
0
\B
0
and (A[B)
0
A
0
\B
0
.
Letx2(A[B)
0
. Thenx =2A[B. Soxis neither inAnor inB, by the
denition of the union of sets. By the denition of the complement,x2A
0
andx2B
0
. Therefore,x2A
0
\B
0
and we have (A[B)
0
A
0
\B
0
.
To show the reverse inclusion, suppose thatx2A
0
\B
0
. Thenx2A
0
andx2B
0
, and sox =2Aandx =2B. Thusx =2A[Band sox2(A[B)
0
.
Hence, (A[B)
0
A
0
\B
0
and so (A[B)
0
=A
0
\B
0
.
The proof of (2) is left as an exercise.
Example 2.Other relations between sets often hold true. For example,
(AnB)\(BnA) =;:
To see that this is true, observe that
(AnB)\(BnA) = (A\B
0
)\(B\A
0
)
=A\A
0
\B\B
0
=;:

Cartesian Products and Mappings
Given setsAandB, we can dene a new setAB, called theCartesian
productofAandB, as a set of ordered pairs. That is,
AB=f(a; b) :a2Aandb2Bg:
Example 3.IfA=fx; yg,B=f1;2;3g, andC=;, thenABis the set
f(x;1);(x;2);(x;3);(y;1);(y;2);(y;3)g
and
AC=;:

We dene theCartesian product ofnsetsto be
A1 An=f(a1; : : : ; an) :ai2Aifori= 1; : : : ; ng:
IfA=A1=A2= =An, we often writeA
n
forA A(whereA
would be writtenntimes). For example, the setR
3
consists of all of 3-tuples
of real numbers.

0.2 SETS AND EQUIVALENCE RELATIONS 9
Subsets ofABare calledrelations. We will dene amappingor
functionfABfrom a setAto a setBto be the special type of
relation in which for each elementa2Athere is a unique elementb2B
such that (a; b)2f; another way of saying this is that for every element in
A,fassigns a unique element inB. We usually writef:A!BorA
f
!B.
Instead of writing down ordered pairs (a; b)2AB, we writef(a) =bor
f:a7!b. The setAis called thedomainoffand
f(A) =ff(a) :a2Ag B
is called therangeorimageoff. We can think of the elements in the
function's domain as input values and the elements in the function's range
as output values.A B
BA
1
2
3
1
2
3
a
b
c
a
b
c
f
g
Figure 1.Mappings
Example 4.SupposeA=f1;2;3gandB=fa; b; cg. In Figure 1 we dene
relationsfandgfromAtoB. The relationfis a mapping, butgis not
because 12Ais not assigned to a unique element inB; that is,g(1) =a
andg(1) =b.
Given a functionf:A!B, it is often possible to write a list describing
what the function does to each specic element in the domain. However,

10 CHAPTER 0 PRELIMINARIES
not all functions can be described in this manner. For example, the function
f:R!Rthat sends each real number to its cube is a mapping that must
be described by writingf(x) =x
3
orf:x7!x
3
.
Consider the relationf:Q!Zgiven byf(p=q) =p. We know that
1=2 = 2=4, but isf(1=2) = 1 or 2? This relation cannot be a mapping
because it is not well-dened. A relation iswell-denedif each element in
the domain is assigned to auniqueelement in the range.
Iff:A!Bis a map and the image offisB, i.e.,f(A) =B, then
fis said to beontoorsurjective. A map isone-to-oneorinjective
ifa16=a2impliesf(a1)6=f(a2). Equivalently, a function is one-to-one if
f(a1) =f(a2) impliesa1=a2. A map that is both one-to-one and onto is
calledbijective.
Example 5.Letf:Z!Qbe dened byf(n) =n=1. Thenfis one-to-one
but not onto. Deneg:Q!Zbyg(p=q) =pwherep=qis a rational number
expressed in its lowest terms with a positive denominator. The functiong
is onto but not one-to-one.
Given two functions, we can construct a new function by using the range
of the rst function as the domain of the second function. Letf:A!B
andg:B!Cbe mappings. Dene a new map, thecompositionoffand
gfromAtoC, by (gf)(x) =g(f(x)).A B
CA
1
2
3
1
2
3
a
b
c
X
Y
Z
g
C
X
Y
Z
f
g o
f
(a)
(b)
Figure 2.Composition of maps

0.2 SETS AND EQUIVALENCE RELATIONS 11
Example 6.Consider the functionsf:A!Bandg:B!Cthat are
dened in Figure 0.2(a). The composition of these functions,gf:A!C,
is dened in Figure 0.2(b).
Example 7.Letf(x) =x
2
andg(x) = 2x+ 5. Then
(fg)(x) =f(g(x)) = (2x+ 5)
2
= 4x
2
+ 20x+ 25
and
(gf)(x) =g(f(x)) = 2x
2
+ 5:
In general, order makes a dierence; that is, in most casesfg6=gf.
Example 8.Sometimes it is the case thatfg=gf. Letf(x) =x
3
and
g(x) =
3
p
x. Then
(fg)(x) =f(g(x)) =f(
3
p
x) = (
3
p
x)
3
=x
and
(gf)(x) =g(f(x)) =g(x
3
) =
3
p
x
3
=x:

Example 9.Given a 22 matrix
A=

a b
c d

;
we can dene a mapTA:R
2
!R
2
by
TA(x; y) = (ax+by; cx+dy)
for (x; y) inR
2
. This is actually matrix multiplication; that is,

a b
c d

x
y

=

ax+by
cx+dy

:
Maps fromR
n
toR
m
given by matrices are calledlinear mapsorlinear
transformations.
Example 10.Suppose thatS=f1;2;3g. Dene a map:S!Sby
(1) = 2
(2) = 1
(3) = 3:

12 CHAPTER 0 PRELIMINARIES
This is a bijective map. An alternative way to writeis

1 2 3
(1)(2)(3)

=

1 2 3
2 1 3

:
For any setS, a one-to-one and onto mapping:S!Sis called aper-
mutationofS.
Theorem 0.3Letf:A!B,g:B!C, andh:C!D. Then
1.The composition of mappings is associative; that is,(hg)f=
h(gf);
2.Iffandgare both one-to-one, then the mappinggfis one-to-one;
3.Iffandgare both onto, then the mappinggfis onto;
4.Iffandgare bijective, then so isgf.
Proof.We will prove (1) and (3). Part (2) is left as an exercise. Part (4)
follows directly from (2) and (3).
(1) We must show that
h(gf) = (hg)f:
Fora2Awe have
(h(gf))(a) =h((gf)(a))
=h(g(f(a)))
= (hg)(f(a))
= ((hg)f)(a):
(3) Assume thatfandgare both onto functions. Givenc2C, we must
show that there exists ana2Asuch that (gf)(a) =g(f(a)) =c. However,
sincegis onto, there is ab2Bsuch thatg(b) =c. Similarly, there is an
a2Asuch thatf(a) =b. Accordingly,
(gf)(a) =g(f(a)) =g(b) =c:

IfSis any set, we will useidSoridto denote theidentity mapping
fromSto itself. Dene this map byid(s) =sfor alls2S. A mapg:B!A
is aninverse mappingoff:A!Bifgf=idAandfg=idB; in other

0.2 SETS AND EQUIVALENCE RELATIONS 13
words, the inverse function of a function simply \undoes" the function. A
map is said to beinvertibleif it has an inverse. We usually writef
1
for
the inverse off.
Example 11.The functionf(x) =x
3
has inversef
1
(x) =
3
p
xby Exam-
ple 8.
Example 12.The natural logarithm and the exponential functions,f(x) =
lnxandf
1
(x) =e
x
, are inverses of each other provided that we are careful
about choosing domains. Observe that
f(f
1
(x)) =f(e
x
) = lne
x
=x
and
f
1
(f(x)) =f
1
(lnx) =e
lnx
=x
whenever composition makes sense.
Example 13.Suppose that
A=

3 1
5 2

:
ThenAdenes a map fromR
2
toR
2
by
TA(x; y) = (3x+y;5x+ 2y):
We can nd an inverse map ofTAby simply inverting the matrixA; that is,
T
1
A
=T
A
1. In this example,
A
1
=

21
5 3

;
hence, the inverse map is given by
T
1
A
(x; y) = (2xy;5x+ 3y):
It is easy to check that
T
1
A
TA(x; y) =TAT
1
A
(x; y) = (x; y):
Not every map has an inverse. If we consider the map
TB(x; y) = (3x;0)

14 CHAPTER 0 PRELIMINARIES
given by the matrix
B=

3 0
0 0

;
then an inverse map would have to be of the form
T
1
B
(x; y) = (ax+by; cx+dy)
and
(x; y) =TT
1
B
(x; y) = (3ax+ 3by;0)
for allxandy. Clearly this is impossible becauseymight not be 0.
Example 14.Given the permutation
=

1 2 3
2 3 1

onS=f1;2;3g, it is easy to see that the permutation dened by

1
=

1 2 3
3 1 2

is the inverse of. In fact, any bijective mapping possesses an inverse, as
we will see in the next theorem.
Theorem 0.4A mapping is invertible if and only if it is both one-to-one
and onto.
Proof.Suppose rst thatf:A!Bis invertible with inverseg:B!A.
Thengf=idAis the identity map; that is,g(f(a)) =a. Ifa1; a22A
withf(a1) =f(a2), thena1=g(f(a1)) =g(f(a2)) =a2. Consequently,fis
one-to-one. Now suppose thatb2B. To show thatfis onto, it is necessary
to nd ana2Asuch thatf(a) =b, butf(g(b)) =bwithg(b)2A. Let
a=g(b).
Now assume the converse; that is, letfbe bijective. Letb2B. Sincef
is onto, there exists ana2Asuch thatf(a) =b. Becausefis one-to-one,
amust be unique. Denegby lettingg(b) =a. We have now constructed
the inverse off.

0.2 SETS AND EQUIVALENCE RELATIONS 15
Equivalence Relations and Partitions
A fundamental notion in mathematics is that of equality. We can general-
ize equality with the introduction of equivalence relations and equivalence
classes. Anequivalence relationon a setXis a relationRXXsuch
that
(x; x)2Rfor allx2X(reexive property);
(x; y)2Rimplies (y; x)2R(symmetric property);
(x; y) and (y; z)2Rimply (x; z)2R(transitive property).
Given an equivalence relationRon a setX, we usually writexyinstead
of (x; y)2R. If the equivalence relation already has an associated notation
such as =,, or

=, we will use that notation.
Example 15.Letp,q,r, andsbe integers, whereqandsare nonzero.
Denep=qr=sifps=qr. Clearlyis reexive and symmetric. To show
that it is also transitive, suppose thatp=qr=sandr=st=u, withq,s,
anduall nonzero. Thenps=qrandru=st. Therefore,
psu=qru=qst:
Sinces6= 0,pu=qt. Consequently,p=qt=u.
Example 16.Suppose thatfandgare dierentiable functions onR. We
can dene an equivalence relation on such functions by lettingf(x)g(x)
iff
0
(x) =g
0
(x). It is clear thatis both reexive and symmetric. To
demonstrate transitivity, suppose thatf(x)g(x) andg(x)h(x). From
calculus we know thatf(x)g(x) =c1andg(x)h(x) =c2, wherec1and
c2are both constants. Hence,
f(x)h(x) = (f(x)g(x)) + (g(x)h(x)) =c1c2
andf
0
(x)h
0
(x) = 0. Therefore,f(x)h(x).
Example 17.For (x1; y1) and (x2; y2) inR
2
, dene (x1; y1)(x2; y2) if
x
2
1
+y
2
1
=x
2
2
+y
2
2
. Thenis an equivalence relation onR
2
.
Example 18.LetAandBbe 22 matrices with entries in the real
numbers. We can dene an equivalence relation on the set of 22 matrices,
by sayingABif there exists an invertible matrixPsuch thatP AP
1
=
B. For example, if
A=

1 2
1 1

16 CHAPTER 0 PRELIMINARIES
and
B=

18 33
11 20

;
thenABsinceP AP
1
=Bfor
P=

2 5
1 3

:
LetIbe the 22 identity matrix; that is,
I=

1 0
0 1

:
ThenIAI
1
=IAI=A; therefore, the relation is reexive. To show
symmetry, suppose thatAB. Then there exists an invertible matrixP
such thatP AP
1
=B. So
A=P
1
BP=P
1
B(P
1
)
1
:
Finally, suppose thatABandBC. Then there exist invertible
matricesPandQsuch thatP AP
1
=BandQBQ
1
=C. Since
C=QBQ
1
=QP AP
1
Q
1
= (QP)A(QP)
1
;
the relation is transitive. Two matrices that are equivalent in this manner
are said to besimilar.
ApartitionPof a setXis a collection of nonempty setsX1; X2; : : :
such thatXi\Xj=;fori6=jand
S
k
Xk=X. Letbe an equivalence
relation on a setXand letx2X. Then [x] =fy2X:yxgis called the
equivalence classofx. We will see that an equivalence relation gives rise
to a partition via equivalence classes. Also, whenever a partition of a set
exists, there is some natural underlying equivalence relation, as the following
theorem demonstrates.
Theorem 0.5Given an equivalence relationon a setX, the equivalence
classes ofXform a partition ofX. Conversely, ifP=fXigis a partition of
a setX, then there is an equivalence relation onXwith equivalence classes
Xi.
Proof.Suppose there exists an equivalence relationon the setX. For
anyx2X, the reexive property shows thatx2[x] and so [x] is nonempty.
ClearlyX=
S
x2X
[x]. Now letx; y2X. We need to show that either

0.2 SETS AND EQUIVALENCE RELATIONS 17
[x] = [y] or [x]\[y] =;. Suppose that the intersection of [x] and [y] is not
empty and thatz2[x]\[y]. Thenzxandzy. By symmetry and
transitivityxy; hence, [x][y]. Similarly, [y][x] and so [x] = [y].
Therefore, any two equivalence classes are either disjoint or exactly the same.
Conversely, suppose thatP=fXigis a partition of a setX. Let two
elements be equivalent if they are in the same partition. Clearly, the relation
is reexive. Ifxis in the same partition asy, thenyis in the same partition
asx, soxyimpliesyx. Finally, ifxis in the same partition asyand
yis in the same partition asz, thenxmust be in the same partition asz,
and transitivity holds.
Corollary 0.6Two equivalence classes of an equivalence relation are either
disjoint or equal.
Let us examine some of the partitions given by the equivalence classes
in the last set of examples.
Example 19.In the equivalence relation in Example 15, two pairs of
integers, (p; q) and (r; s), are in the same equivalence class when they reduce
to the same fraction in its lowest terms.
Example 20.In the equivalence relation in Example 16, two functionsf(x)
andg(x) are in the same partition when they dier by a constant.
Example 21.We dened an equivalence class onR
2
by (x1; y1)(x2; y2)
ifx
2
1
+y
2
1
=x
2
2
+y
2
2
. Two pairs of real numbers are in the same partition
when they lie on the same circle about the origin.
Example 22.Letrandsbe two integers and suppose thatn2N. We
say thatriscongruent tosmodulon, orriscongruent tosmodn, if
rsis evenly divisible byn; that is,rs=nkfor somek2Z. In this case
we writers(modn). For example, 4117 (mod 8) since 4117 = 24
is divisible by 8. We claim that congruence modulonforms an equivalence
relation ofZ. Certainly any integerris equivalent to itself sincerr= 0
is divisible byn. We will now show that the relation is symmetric. Ifrs
(modn), thenrs=(sr) is divisible byn. Sosris divisible bynand
sr(modn). Now suppose thatrs(modn) andst(modn). Then
there exist integerskandlsuch thatrs=knandst=ln. To show
transitivity, it is necessary to prove thatrtis divisible byn. However,
rt=rs+st=kn+ln= (k+l)n;
and sortis divisible byn.

18 CHAPTER 0 PRELIMINARIES
If we consider the equivalence relation established by the integers modulo
3, then
[0] =f: : : ;3;0;3;6; : : :g;
[1] =f: : : ;2;1;4;7; : : :g;
[2] =f: : : ;1;2;5;8; : : :g:
Notice that [0][[1][[2] =Zand also that the sets are disjoint. The sets
[0], [1], and [2] form a partition of the integers.
The integers modulonare a very important example in the study of
abstract algebra and will become quite useful in our investigation of vari-
ous algebraic structures such as groups and rings. In our discussion of the
integers modulonwe have actually assumed a result known as the division
algorithm, which will be stated and proved in Chapter 1.
Exercises
1. Suppose that
A=fx:x2Nandxis eveng;
B=fx:x2Nandxis primeg;
C=fx:x2Nandxis a multiple of 5g:
Describe each of the following sets.
(a)A\B
(b)B\C
(c)A[B
(d)A\(B[C)
2. IfA=fa; b; cg,B=f1;2;3g,C=fxg, andD=;, list all of the elements in
each of the following sets.
(a)AB
(b)BA
(c)ABC
(d)AD
3. Find an example of two nonempty setsAandBfor whichAB=BA
is true.
4. ProveA[ ;=AandA\ ;=;.
5. ProveA[B=B[AandA\B=B\A.
6. ProveA[(B\C) = (A[B)\(A[C).

EXERCISES 19
7. ProveA\(B[C) = (A\B)[(A\C).
8. ProveABif and only ifA\B=A.
9. Prove (A\B)
0
=A
0
[B
0
.
10. ProveA[B= (A\B)[(AnB)[(BnA).
11. Prove (A[B)C= (AC)[(BC).
12. Prove (A\B)nB=;.
13. Prove (A[B)nB=AnB.
14. ProveAn(B[C) = (AnB)\(AnC).
15. ProveA\(BnC) = (A\B)n(A\C).
16. Prove (AnB)[(BnC) = (A[B)n(A\B).
17. Which of the following relationsf:Q!Qdene a mapping? In each case,
supply a reason whyfis or is not a mapping.
(a)f(p=q) =
p+ 1
p2
(b)f(p=q) =
3p
3q
(c)f(p=q) =
p+q
q
2
(d)f(p=q) =
3p
2
7q
2

p
q
18. Determine which of the following functions are one-to-one and which are
onto. If the function is not onto, determine its range.
(a)f:R!Rdened byf(x) =e
x
(b)f:Z!Zdened byf(n) =n
2
+ 3
(c)f:R!Rdened byf(x) = sinx
(d)f:Z!Zdened byf(x) =x
2
19. Letf:A!Bandg:B!Cbe invertible mappings; that is, mappings
such thatf
1
andg
1
exist. Show that (gf)
1
=f
1
g
1
.
20. (a) Dene a functionf:N!Nthat is one-to-one but not onto.
(b) Dene a functionf:N!Nthat is onto but not one-to-one.
21. Prove the relation dened onR
2
by (x1; y1)(x2; y2) ifx
2
1+y
2
1=x
2
2+y
2
2is
an equivalence relation.
22. Letf:A!Bandg:B!Cbe maps.
(a) Iffandgare both one-to-one functions, show thatgfis one-to-one.
(b) Ifgfis onto, show thatgis onto.
(c) Ifgfis one-to-one, show thatfis one-to-one.
(d) Ifgfis one-to-one andfis onto, show thatgis one-to-one.

20 CHAPTER 0 PRELIMINARIES
(e) Ifgfis onto andgis one-to-one, show thatfis onto.
23. Dene a function on the real numbers by
f(x) =
x+ 1
x1
:
What are the domain and range off? What is the inverse off? Compute
ff
1
andf
1
f.
24. Letf:X!Ybe a map withA1; A2XandB1; B2Y.
(a) Provef(A1[A2) =f(A1)[f(A2).
(b) Provef(A1\A2)f(A1)\f(A2). Give an example in which equality
fails.
(c) Provef
1
(B1[B2) =f
1
(B1)[f
1
(B2), where
f
1
(B) =fx2X:f(x)2Bg:
(d) Provef
1
(B1\B2) =f
1
(B1)\f
1
(B2).
(e) Provef
1
(YnB1) =Xnf
1
(B1).
25. Determine whether or not the following relations are equivalence relations on
the given set. If the relation is an equivalence relation, describe the partition
given by it. If the relation is not an equivalence relation, state why it fails to
be one.
(a)xyinRifxy
(b)mninZifmn >0
(c)xyinRifjxyj 4
(d)mninZifmn(mod 6)
26. Dene a relationonR
2
by stating that (a; b)(c; d) if and only ifa
2
+b
2

c
2
+d
2
. Show thatis reexive and transitive but not symmetric.
27. Show that anmnmatrix gives rise to a well-dened map fromR
n
toR
m
.
28. Find the error in the following argument by providing a counterexample.
\The reexive property is redundant in the axioms for an equivalence relation.
Ifxy, thenyxby the symmetric property. Using the transitive
property, we can deduce thatxx."
29.Projective Real Line.Dene a relation onR
2
n(0;0) by letting (x1; y1)
(x2; y2) if there exists a nonzero real numbersuch that (x1; y1) = (x2; y2).
Prove thatdenes an equivalence relation onR
2
n(0;0). What are the corre-
sponding equivalence classes? This equivalence relation denes the projective
line, denoted byP(R), which is very important in geometry.

EXERCISES 21
References and Suggested Readings
The following list contains references suitable for further reading. With the excep-
tion of [7] and [8], all of these books are more or less at the same level as this text.
Interesting applications of algebra can be found in [1], [4], [9], and [10].
[1]Childs, L.A Concrete Introduction to Higher Algebra. Springer-Verlag, New
York, 1979.
[2]Ehrlich, G.Fundamental Concepts of Algebra. PWS-KENT, Boston, 1991.
[3]Fraleigh, J. B.A First Course in Abstract Algebra. 4th ed. Addison-Wesley,
Reading, MA, 1989.
[4]Gallian, J. A.Contemporary Abstract Algebra. 2nd ed. D. C. Heath, Lexing-
ton, MA, 1990.
[5]Halmos, P.Naive Set Theory. Springer-Verlag, New York, 1991. A good
reference for set theory.
[6]Herstein, I. N.Abstract Algebra. Macmillan, New York, 1986.
[7]Hungerford, T. W.Algebra. Springer-Verlag, New York, 1974. One of the
standard graduate algebra texts.
[8]Lang, S.Algebra. 3rd ed. Addison-Wesley, Reading, MA, 1992. Another
standard graduate text.
[9]Lidl, R. and Pilz, G.Applied Abstract Algebra. Springer-Verlag, New York,
1984.
[10]Mackiw, G.Applications of Abstract Algebra. Wiley, New York, 1985.
[11]Nickelson, W. K.Introduction to Abstract Algebra. PWS-KENT, Boston,
1993.
[12]Solow, D.How to Read and Do Proofs. 2nd ed. Wiley, New York, 1990.
[13]van der Waerden, B. L.A History of Algebra. Springer-Verlag, New York,
1985. An account of the historical development of algebra.

1
The Integers
The integers are the building blocks of mathematics. In this chapter we
will investigate the fundamental properties of the integers, including math-
ematical induction, the division algorithm, and the Fundamental Theorem
of Arithmetic.
1.1 Mathematical Induction
Suppose we wish to show that
1 + 2 + +n=
n(n+ 1)
2
for any natural numbern. This formula is easily veried for small numbers
such asn= 1, 2, 3, or 4, but it is impossible to verify for all natural numbers
on a case-by-case basis. To prove the formula true in general, a more generic
method is required.
Suppose we have veried the equation for the rstncases. We will
attempt to show that we can generate the formula for the (n+ 1)th case
from this knowledge. The formula is true forn= 1 since
1 =
1(1 + 1)
2
:
If we have veried the rstncases, then
1 + 2 + +n+ (n+ 1) =
n(n+ 1)
2
+n+ 1
=
n
2
+ 3n+ 2
2
=
(n+ 1)[(n+ 1) + 1]
2
:
22

1.1 MATHEMATICAL INDUCTION 23
This is exactly the formula for the (n+ 1)th case.
This method of proof is known asmathematical induction. Instead
of attempting to verify a statement about some subsetSof the positive
integersNon a case-by-case basis, an impossible task ifSis an innite set,
we give a specic proof for the smallest integer being considered, followed
by a generic argument showing that if the statement holds for a given case,
then it must also hold for the next case in the sequence. We summarize
mathematical induction in the following axiom.
First Principle of Mathematical Induction.LetS(n) be a statement
about integers forn2Nand supposeS(n0) is true for some integern0. If
for all integerskwithkn0S(k) implies thatS(k+ 1) is true, thenS(n)
is true for all integersngreater thann0.
Example 1.For all integersn3, 2
n
> n+ 4. Since
8 = 2
3
>3 + 4 = 7;
the statement is true forn0= 3. Assume that 2
k
> k+ 4 fork3. Then
2
k+1
= 22
k
>2(k+ 4). But
2(k+ 4) = 2k+ 8> k+ 5 = (k+ 1) + 4
sincekis positive. Hence, by induction, the statement holds for all integers
n3.
Example 2.Every integer 10
n+1
+ 310
n
+ 5 is divisible by 9 forn2N.
Forn= 1,
10
1+1
+ 310 + 5 = 135 = 915
is divisible by 9. Suppose that 10
k+1
+ 310
k
+ 5 is divisible by 9 fork1.
Then
10
(k+1)+1
+ 310
k+1
+ 5 = 10
k+2
+ 310
k+1
+ 5045
= 10(10
k+1
+ 310
k
+ 5)45
is divisible by 9.
Example 3.We will prove the binomial theorem using mathematical in-
duction; that is,
(a+b)
n
=
n
X
k=0

n
k

a
k
b
nk
;

24 CHAPTER 1 THE INTEGERS
whereaandbare real numbers,n2N, and

n
k

=
n!
k!(nk)!
is the binomial coecient. We rst show that

n+ 1
k

=

n
k

+

n
k1

:
This result follows from

n
k

+

n
k1

=
n!
k!(nk)!
+
n!
(k1)!(nk+ 1)!
=
(n+ 1)!
k!(n+ 1k)!
=

n+ 1
k

:
Ifn= 1, the binomial theorem is easy to verify. Now assume that the result
is true forngreater than or equal to 1. Then
(a+b)
n+1
= (a+b)(a+b)
n
= (a+b)

n
X
k=0

n
k

a
k
b
nk
!
=
n
X
k=0

n
k

a
k+1
b
nk
+
n
X
k=0

n
k

a
k
b
n+1k
=a
n+1
+
n
X
k=1

n
k1

a
k
b
n+1k
+
n
X
k=1

n
k

a
k
b
n+1k
+b
n+1
=a
n+1
+
n
X
k=1

n
k1

+

n
k

a
k
b
n+1k
+b
n+1
=
n+1
X
k=0

n+ 1
k

a
k
b
n+1k
:

1.1 MATHEMATICAL INDUCTION 25
We have an equivalent statement of the Principle of Mathematical In-
duction that is often very useful:
Second Principle of Mathematical Induction.LetS(n) be a statement
about integers forn2Nand supposeS(n0) is true for some integern0. If
S(n0); S(n0+1); : : : ; S(k) imply thatS(k+1) forkn0, then the statement
S(n) is true for all integersngreater thann0.
A nonempty subsetSofZiswell-orderedifScontains a least element.
Notice that the setZis not well-ordered since it does not contain a smallest
element. However, the natural numbers are well-ordered.
Principle of Well-Ordering.Every nonempty subset of the natural num-
bers is well-ordered.
The Principle of Well-Ordering is equivalent to the Principle of Mathe-
matical Induction.
Lemma 1.1The Principle of Mathematical Induction implies that1is the
least positive natural number.
Proof.LetS=fn2N:n1g. Then 12S. Now assume thatn2S;
that is,n1. Sincen+11,n+12S; hence, by induction, every natural
number is greater than or equal to 1.
Theorem 1.2The Principle of Mathematical Induction implies that the
natural numbers are well-ordered.
Proof.We must show that ifSis a nonempty subset of the natural num-
bers, thenScontains a smallest element. IfScontains 1, then the theorem
is true by Lemma 1.1. Assume that ifScontains an integerksuch that
1kn, thenScontains a smallest element. We will show that if a setS
contains an integer less than or equal ton+1, thenShas a smallest element.
IfSdoes not contain an integer less thann+ 1, thenn+ 1 is the smallest
integer inS. Otherwise, sinceSis nonempty,Smust contain an integer less
than or equal ton. In this case, by induction,Scontains a smallest integer.

Induction can also be very useful in formulating denitions. For instance,
there are two ways to denen!, the factorial of a positive integern.
Theexplicitdenition:n! = 123 (n1)n.
Theinductiveorrecursivedenition: 1! = 1 andn! =n(n1)! for
n >1.

26 CHAPTER 1 THE INTEGERS
Every good mathematician or computer scientist knows that looking at prob-
lems recursively, as opposed to explicitly, often results in better understand-
ing of complex issues.
1.2 The Division Algorithm
An application of the Principle of Well-Ordering that we will use often is
the division algorithm.
Theorem 1.3 (Division Algorithm)Letaandbbe integers, withb >0.
Then there exist unique integersqandrsuch that
a=bq+r
where0r < b.
Proof.This is a perfect example of the existence-and-uniqueness type of
proof. We must rst prove that the numbersqandractually exist. Then
we must show that ifq
0
andr
0
are two other such numbers, thenq=q
0
and
r=r
0
.
Existence of q and r. Let
S=fabk:k2Zandabk0g:
If 02S, thenbdividesa, and we can letq=a=bandr= 0. If 0=2S, we can
use the Well-Ordering Principle. We must rst show thatSis nonempty.
Ifa >0, thenab02S. Ifa <0, thenab(2a) =a(12b)2S. In
either caseS6=;. By the Well-Ordering Principle,Smust have a smallest
member, sayr=abq. Therefore,a=bq+r,r0. We now show that
r < b. Suppose thatr > b. Then
ab(q+ 1) =abqb=rb >0:
In this case we would haveab(q+ 1) in the setS. But thenab(q+ 1)<
abq, which would contradict the fact thatr=abqis the smallest member
ofS. Sorb. Since 0=2S,r6=band sor < b.
Uniqueness of q and r. Suppose there exist integersr,r
0
,q, andq
0
such
that
a=bq+r;0r < b
and
a=bq
0
+r
0
;0r
0
< b:

1.2 THE DIVISION ALGORITHM 27
Thenbq+r=bq
0
+r
0
. Assume thatr
0
r. From the last equation we have
b(qq
0
) =r
0
r; therefore,bmust divider
0
rand 0r
0
rr
0
< b.
This is possible only ifr
0
r= 0. Hence,r=r
0
andq=q
0
.
Letaandbbe integers. Ifb=akfor some integerk, we writeajb. An
integerdis called acommon divisorofaandbifdjaanddjb. The
greatest common divisorof integersaandbis a positive integerdsuch
thatdis a common divisor ofaandband ifd
0
is any other common divisor
ofaandb, thend
0
jd. We writed= gcd(a; b); for example, gcd(24;36) = 12
and gcd(120;102) = 6. We say that two integersaandbarerelatively
primeif gcd(a; b) = 1.
Theorem 1.4Letaandbbe nonzero integers. Then there exist integersr
andssuch that
gcd(a; b) =ar+bs:
Furthermore, the greatest common divisor ofaandbis unique.
Proof.Let
S=fam+bn:m; n2Zandam+bn >0g:
Clearly, the setSis nonempty; hence, by the Well-Ordering PrincipleS
must have a smallest member, sayd=ar+bs. We claim thatd= gcd(a; b).
Writea=dq+rwhere 0r < d. Ifr >0, then
r=adq
=a(ar+bs)q
=aarqbsq
=a(1rq) +b(sq);
which is inS. But this would contradict the fact thatdis the smallest
member ofS. Hence,r= 0 andddividesa. A similar argument shows that
ddividesb. Therefore,dis a common divisor ofaandb.
Suppose thatd
0
is another common divisor ofaandb, and we want to
show thatd
0
jd. If we leta=d
0
handb=d
0
k, then
d=ar+bs=d
0
hr+d
0
ks=d
0
(hr+ks):
Sod
0
must divided. Hence,dmust be the unique greatest common divisor
ofaandb.
Corollary 1.5Letaandbbe two integers that are relatively prime. Then
there exist integersrandssuch thatar+bs= 1.

28 CHAPTER 1 THE INTEGERS
The Euclidean Algorithm
Among other things, Theorem 1.4 allows us to compute the greatest common
divisor of two integers.
Example 4.Let us compute the greatest common divisor of 945 and 2415.
First observe that
2415 = 9452 + 525
945 = 5251 + 420
525 = 4201 + 105
420 = 1054 + 0:
Reversing our steps, 105 divides 420, 105 divides 525, 105 divides 945, and
105 divides 2415. Hence, 105 divides both 945 and 2415. Ifdwere another
common divisor of 945 and 2415, thendwould also have to divide 105.
Therefore, gcd(945;2415) = 105.
If we work backward through the above sequence of equations, we can
also obtain numbersrandssuch that 945r+ 2415s= 105. Observe that
105 = 525 + (1)420
= 525 + (1)[945 + (1)525]
= 2525 + (1)945
= 2[2415 + (2)945] + (1)945
= 22415 + (5)945:
Sor=5 ands= 2. Notice thatrandsare not unique, sincer= 41 and
s=16 would also work.
To compute gcd(a; b) =d, we are using repeated divisions to obtain a
decreasing sequence of positive integersr1> r2> > rn=d; that is,
b=aq1+r1
a=r1q2+r2
r1=r2q3+r3
.
.
.
rn2=rn1qn+rn
rn1=rnqn+1:

1.2 THE DIVISION ALGORITHM 29
To ndrandssuch thatar+bs=d, we begin with this last equation and
substitute results obtained from the previous equations:
d=rn
=rn2rn1qn
=rn2qn(rn3qn1rn2)
=qnrn3+ (1 +qnqn1)rn2
.
.
.
=ra+sb:
The algorithm that we have just used to nd the greatest common divisor
dof two integersaandband to writedas the linear combination ofaand
bis known as theEuclidean algorithm.
Prime Numbers
Letpbe an integer such thatp >1. We say thatpis aprime number, or
simplypisprime, if the only positive numbers that dividepare 1 andp
itself. An integern >1 that is not prime is said to becomposite.
Lemma 1.6 (Euclid)Letaandbbe integers andpbe a prime number. If
pjab, then eitherpjaorpjb.
Proof.Suppose thatpdoes not dividea. We must show thatpjb. Since
gcd(a; p) = 1, there exist integersrandssuch thatar+ps= 1. So
b=b(ar+ps) = (ab)r+p(bs):
Sincepdivides bothaband itself,pmust divideb= (ab)r+p(bs).
Theorem 1.7 (Euclid)There exist an innite number of primes.
Proof.We will prove this theorem by contradiction. Suppose that there
are only a nite number of primes, sayp1; p2; : : : ; pn. Letp=p1p2 pn+1.
We will show thatpmust be a dierent prime number, which contradicts
the assumption that we have onlynprimes. Ifpis not prime, then it must
be divisible by somepifor 1in. In this casepimust dividep1p2 pn
and also divide 1. This is a contradiction, sincep >1.

30 CHAPTER 1 THE INTEGERS
Theorem 1.8 (Fundamental Theorem of Arithmetic) Letnbe an
integer such thatn >1. Then
n=p1p2 pk;
wherep1; : : : ; pkare primes (not necessarily distinct). Furthermore, this
factorization is unique; that is, if
n=q1q2 ql;
thenk=land theqi's are just thepi's rearranged.
Proof.Uniqueness. To show uniqueness we will use induction onn. The
theorem is certainly true forn= 2 since in this casenis prime. Now assume
that the result holds for all integersmsuch that 1m < n, and
n=p1p2 pk=q1q2 ql;
wherep1p2 pkandq1q2 ql. By Lemma 1.6,
p1jqifor somei= 1; : : : ; landq1jpjfor somej= 1; : : : ; k. Since all
of thepi's andqi's are prime,p1=qiandq1=pj. Hence,p1=q1since
p1pj=q1qi=p1. By the induction hypothesis,
n
0
=p2 pk=q2 ql
has a unique factorization. Hence,k=landqi=pifori= 1; : : : ; k.
Existence. To show existence, suppose that there is some integer that
cannot be written as the product of primes. LetSbe the set of all such
numbers. By the Principle of Well-Ordering,Shas a smallest number, say
a. If the only positive factors ofaareaand 1, thenais prime, which is a
contradiction. Hence,a=a1a2where 1< a1< aand 1< a2< a. Neither
a12Snora22S, sinceais the smallest element inS. So
a1=p1 pr
a2=q1 qs:
Therefore,
a=a1a2=p1 prq1 qs:
Soa =2S, which is a contradiction.
Historical Note

EXERCISES 31
Prime numbers were rst studied by the ancient Greeks. Two important results
from antiquity are Euclid's proof that an innite number of primes exist and the
Sieve of Eratosthenes, a method of computing all of the prime numbers less than a
xed positive integern. One problem in number theory is to nd a functionfsuch
thatf(n) is prime for each integern. Pierre Fermat (1601?{1665) conjectured that
2
2
n
+ 1 was prime for alln, but later it was shown by Leonhard Euler (1707{1783)
that
2
2
5
+ 1 = 4,294,967,297
is a composite number. One of the many unproven conjectures about prime numbers
is Goldbach's Conjecture. In a letter to Euler in 1742, Christian Goldbach stated
the conjecture that every even integer with the exception of 2 seemed to be the sum
of two primes: 4 = 2+2, 6 = 3+3, 8 = 3+5,: : :. Although the conjecture has been
veried for the numbers up through 100 million, it has yet to be proven in general.
Since prime numbers play an important role in public key cryptography, there is
currently a great deal of interest in determining whether or not a large number is
prime.
Exercises
1. Prove that
1
2
+ 2
2
+ +n
2
=
n(n+ 1)(2n+ 1)
6
forn2N.
2. Prove that
1
3
+ 2
3
+ +n
3
=
n
2
(n+ 1)
2
4
forn2N.
3. Prove thatn!>2
n
forn4.
4. Prove that
x+ 4x+ 7x+ + (3n2)x=
n(3n1)x
2
forn2N.
5. Prove that 10
n+1
+ 10
n
+ 1 is divisible by 3 forn2N.
6. Prove that 410
2n
+ 910
2n1
+ 5 is divisible by 99 forn2N.
7. Show that
n
p
a1a2 an
1
n
n
X
k=1
ak:
8. Prove the Leibniz rule forf
(n)
(x), wheref
(n)
is thenth derivative off; that
is, show that
(fg)
(n)
(x) =
n
X
k=0

n
k

f
(k)
(x)g
(nk)
(x):

32 CHAPTER 1 THE INTEGERS
9. Use induction to prove that 1 + 2 + 2
2
+ + 2
n
= 2
n+1
1 forn2N.
10. Prove that
1
2
+
1
6
+ +
1
n(n+ 1)
=
n
n+ 1
forn2N.
11. Ifxis a nonnegative real number, then show that (1 +x)
n
1nxfor
n= 0;1;2; : : :.
12.Power Sets.LetXbe a set. Dene thepower setofX, denotedP(X),
to be the set of all subsets ofX. For example,
P(fa; bg) =f;;fag;fbg;fa; bgg:
For every positive integern, show that a set with exactlynelements has a
power set with exactly 2
n
elements.
13. Prove that the two principles of mathematical induction stated in Section 1.1
are equivalent.
14. Show that the Principle of Well-Ordering for the natural numbers implies
that 1 is the smallest natural number. Use this result to show that the
Principle of Well-Ordering implies the Principle of Mathematical Induction;
that is, show that ifSNsuch that 12Sandn+ 12Swhenevern2S,
thenS=N.
15. For each of the following pairs of numbersaandb, calculate gcd(a; b) and
nd integersrandssuch that gcd(a; b) =ra+sb.
(a) 14 and 39
(b) 234 and 165
(c) 1739 and 9923
(d) 471 and 562
(e) 23,771 and 19,945
(f)4357 and 3754
16. Letaandbbe nonzero integers. If there exist integersrandssuch that
ar+bs= 1, show thataandbare relatively prime.
17.Fibonacci Numbers.The Fibonacci numbers are
1;1;2;3;5;8;13;21; : : : :
We can dene them inductively byf1= 1,f2= 1, andfn+2=fn+1+fnfor
n2N.
(a) Prove thatfn<2
n
.
(b) Prove thatfn+1fn1=f
2
n+ (1)
n
,n2.
(c) Prove thatfn= [(1 +
p
5 )
n
(1
p
5 )
n
]=2
n
p
5.
(d) Show that limn!1fn=fn+1= (
p
51)=2.

EXERCISES 33
(e) Prove thatfnandfn+1are relatively prime.
18. Letaandbbe integers such that gcd(a; b) = 1. Letrandsbe integers such
thatar+bs= 1. Prove that
gcd(a; s) = gcd(r; b) = gcd(r; s) = 1:
19. Letx; y2Nbe relatively prime. Ifxyis a perfect square, prove thatxand
ymust both be perfect squares.
20. Using the division algorithm, show that every perfect square is of the form
4kor 4k+ 1 for some nonnegative integerk.
21. Suppose thata; b; r; sare coprime and that
a
2
+b
2
=r
2
a
2
b
2
=s
2
:
Prove thata,r, andsare odd andbis even.
22. Letn2N. Use the division algorithm to prove that every integer is congruent
modnto precisely one of the integers 0;1; : : : ; n1. Conclude that ifris
an integer, then there is exactly onesinZsuch that 0s < nand [r] = [s].
Hence, the integers are indeed partitioned by congruence modn.
23. Dene theleast common multipleof two nonzero integersaandb,
denoted by lcm(a; b), to be the nonnegative integermsuch that bothaand
bdividem, and ifaandbdivide any other integern, thenmalso dividesn.
Prove that any two integersaandbhave a unique least common multiple.
24. Ifd= gcd(a; b) andm= lcm(a; b), prove thatdm=jabj.
25. Show that lcm(a; b) =abif and only if gcd(a; b) = 1.
26. Prove that gcd(a; c) = gcd(b; c) = 1 if and only if gcd(ab; c) = 1 for integers
a,b, andc.
27. Leta; b; c2Z. Prove that if gcd(a; b) = 1 andajbc, thenajc.
28. Letp2. Prove that if 2
p
1 is prime, thenpmust also be prime.
29. Prove that there are an innite number of primes of the form 6n+ 1.
30. Prove that there are an innite number of primes of the form 4n1.
31. Using the fact that 2 is prime, show that there do not exist integerspand
qsuch thatp
2
= 2q
2
. Demonstrate that therefore
p
2 cannot be a rational
number.

34 CHAPTER 1 THE INTEGERS
Programming Exercises
1.The Sieve of Eratosthenes.One method of computing all of the prime
numbers less than a certain xed positive integerNis to list all of the numbers
nsuch that 1< n < N. Begin by eliminating all of the multiples of 2. Next
eliminate all of the multiples of 3. Now eliminate all of the multiples of 5.
Notice that 4 has already been crossed out. Continue in this manner, noticing
that we do not have to go all the way toN; it suces to stop at
p
N. Using
this method, compute all of the prime numbers less thanN= 250. We
can also use this method to nd all of the integers that are relatively prime
to an integerN. Simply eliminate the prime factors ofNand all of their
multiples. Using this method, nd all of the numbers that are relatively
prime toN= 120. Using the Sieve of Eratosthenes, write a program that
will compute all of the primes less than an integerN.
2. LetN
0
=N[ f0g. Ackermann's function is the functionA:N
0
N
0
!N
0
dened by the equations
A(0; y) =y+ 1;
A(x+ 1;0) =A(x;1);
A(x+ 1; y+ 1) =A(x; A(x+ 1; y)):
Use this denition to computeA(3;1). Write a program to evaluate Ack-
ermann's function. Modify the program to count the number of statements
executed in the program when Ackermann's function is evaluated. How many
statements are executed in the evaluation ofA(4;1)? What aboutA(5;1)?
3. Write a computer program that will implement the Euclidean algorithm.
The program should accept two positive integersaandbas input and should
output gcd(a; b) as well as integersrandssuch that
gcd(a; b) =ra+sb:
References and Suggested Readings
References [2], [3], and [4] are good sources for elementary number theory.
[1]Brookshear, J. G.Theory of Computation: Formal Languages, Automata,
and Complexity. Benjamin/Cummings, Redwood City, CA, 1989. Shows the
relationships of the theoretical aspects of computer science to set theory and
the integers.
[2]Hardy, G. H. and Wright, E. M.An Introduction to the Theory of Numbers.
5th ed. Oxford University Press, New York, 1979.
[3]Niven, I. and Zuckerman, H. S.An Introduction to the Theory of Numbers.
5th ed. Wiley, New York, 1991.
[4]Vanden Eynden, C.Elementary Number Theory. Random House, New York,
1987.

2
GroupsWe begin our study of algebraic structures by investigating sets associated
with single operations that satisfy certain reasonable axioms; that is, we
want to dene an operation on a set in a way that will generalize such
familiar structures as the integersZtogether with the single operation of
addition, or invertible 22 matrices together with the single operation of
matrix multiplication. The integers and the 22 matrices, together with
their respective single operations, are examples of algebraic structures known
as groups.
The theory of groups occupies a central position in mathematics. Modern
group theory arose from an attempt to nd the roots of a polynomial in
terms of its coecients. Groups now play a central role in such areas as
coding theory, counting, and the study of symmetries; many areas of biology,
chemistry, and physics have beneted from group theory.
2.1 The Integers modnand Symmetries
Let us now investigate some mathematical structures that can be viewed as
sets with single operations.
The Integers modn
The integers modnhave become indispensable in the theory and appli-
cations of algebra. In mathematics they are used in cryptography, coding
theory, and the detection of errors in identication codes.
We have already seen that two integersaandbare equivalent modn
ifndividesab. The integers modnalso partitionZintondierent
equivalence classes; we will denote the set of these equivalence classes by
35

36 CHAPTER 2 GROUPS
Zn. Consider the integers modulo 12 and the corresponding partition of the
integers:
[0] =f: : : ;12;0;12;24; : : :g;
[1] =f: : : ;11;1;13;25; : : :g;
.
.
.
[11] =f: : : ;1;11;23;35; : : :g:
When no confusion can arise, we will use 0;1; : : : ;11 to indicate the equiva-
lence classes [0];[1]; : : : ;[11] respectively. We can do arithmetic onZn. For
two integersaandb, dene addition modulonto be (a+b) (modn); that is,
the remainder whena+bis divided byn. Similarly, multiplication modulo
nis dened as (ab) (modn), the remainder whenabis divided byn.
Example 1.The following examples illustrate integer arithmetic modulon:
7 + 41 (mod 5) 7 31 (mod 5)
3 + 50 (mod 8) 3 57 (mod 8)
3 + 47 (mod 12) 3 40 (mod 12):
In particular, notice that it is possible that the product of two nonzero
numbers moduloncan be equivalent to 0 modulon.
Table 2.1.Multiplication table forZ8

0 1 2 3 4 5 6 7
0
0 0 0 0 0 0 0 0
1
0 1 2 3 4 5 6 7
2
0 2 4 6 0 2 4 6
3
0 3 6 1 4 7 2 5
4
0 4 0 4 0 4 0 4
5
0 5 2 7 4 1 6 3
6
0 6 4 2 0 6 4 2
7
0 7 6 5 4 3 2 1
Example 2.Most, but not all, of the usual laws of arithmetic hold for
addition and multiplication inZn. For instance, it is not necessarily true
that there is a multiplicative inverse. Consider the multiplication table for
Z8in Table 2.1. Notice that 2, 4, and 6 do not have multiplicative inverses;
that is, forn= 2, 4, or 6, there is no integerksuch thatkn1 (mod 8).

2.1 THE INTEGERS MOD NAND SYMMETRIES 37
Proposition 2.1LetZnbe the set of equivalence classes of the integers
modnanda; b; c2Zn.
1.Addition and multiplication are commutative:
a+bb+a(modn)
abba(modn):
2.Addition and multiplication are associative:
(a+b) +ca+ (b+c) (modn)
(ab)ca(bc) (modn):
3.There are both an additive and a multiplicative identity:
a+ 0a(modn)
a1a(modn):
4.Multiplication distributes over addition:
a(b+c)ab+ac(modn):
5.For every integerathere is an additive inversea:
a+ (a)0 (modn):
6.Letabe a nonzero integer. Thengcd(a; n) = 1if and only if there ex-
ists a multiplicative inversebfora(modn); that is, a nonzero integer
bsuch that
ab1 (modn):
Proof.We will prove (1) and (6) and leave the remaining properties to be
proven in the exercises.
(1) Addition and multiplication are commutative modulonsince the
remainder ofa+bdivided bynis the same as the remainder ofb+adivided
byn.
(6) Suppose that gcd(a; n) = 1. Then there exist integersrandssuch
thatar+ns= 1. Sincens= 1ar,ra1 (modn). Lettingbbe the
equivalence class ofr,ab1 (modn).
Conversely, suppose that there exists absuch thatab1 (modn).
Thenndividesab1, so there is an integerksuch thatabnk= 1. Let
d= gcd(a; n). Sinceddividesabnk,dmust also divide 1; hence,d= 1.

38 CHAPTER 2 GROUPS
Symmetries
Asymmetryof a geometric gure is a rearrangement of the gure preserv-
ing the arrangement of its sides and vertices as well as its distances and
angles. A map from the plane to itself preserving the symmetry of an object
is called arigid motion. For example, if we look at the rectangle in Fig-
ure 2.1, it is easy to see that a rotation of 180

or 360

returns a rectangle in
the plane with the same orientation as the original rectangle and the same
relationship among the vertices. A reection of the rectangle across either
the vertical axis or the horizontal axis can also be seen to be a symmetry.
However, a 90

rotation in either direction cannot be a symmetry unless the
rectangle is a square.
-
reection
horizontal
axis
-
reection
vertical
axis
-
180

rotation
-
identity
A
A
A
A
D
D
D
D
B
B
B
B
C
C
C
C
D
B
C
A
A
C
B
D
C
A
D
B
B
D
A
C
Figure 2.1.Rigid motions of a rectangle
Let us nd the symmetries of the equilateral triangle4ABC. To nd a
symmetry of4ABC, we must rst examine the permutations of the vertices
A,B, andCand then ask if a permutation extends to a symmetry of the
triangle. Recall that apermutationof a setSis a one-to-one and onto
map:S!S. The three vertices have 3! = 6 permutations, so the triangle
has at most six symmetries. To see that there are six permutations, observe
there are three dierent possibilities for the rst vertex, and two for the
second, and the remaining vertex is determined by the placement of the

2.1 THE INTEGERS MOD NAND SYMMETRIES 39
rst two. So we have 321 = 3! = 6 dierent arrangements. To denote the
permutation of the vertices of an equilateral triangle that sendsAtoB,B
toC, andCtoA, we write the array

A B C
B C A

:
Notice that this particular permutation corresponds to the rigid motion
of rotating the triangle by 120

in a clockwise direction. In fact, every
permutation gives rise to a symmetry of the triangle. All of these symmetries
are shown in Figure 2.2.

T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T

T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
T
------
A
A
A
A
A
A
B
B
B
B
B
B
C
C
C
C
C
C
B
C
A
B
C
A
A
B
C
C
A
B
C
A
B
A
B
C
reection
reection
reection
rotation
rotation
identity
3=

A B C
B A C

2=

A B C
C B A

1=

A B C
A C B

2=

A B C
C A B

1=

A B C
B C A

id=

A B C
A B C

Figure 2.2.Symmetries of a triangle
A natural question to ask is what happens if one motion of the trian-
gle4ABCis followed by another. Which symmetry is11; that is, what
happens when we do the permutation1and then the permutation1?Re-
member that we are composing functions here. Although we usually multiply

40 CHAPTER 2 GROUPS
Table 2.2.Symmetries of an equilateral triangle

id 12123
id
id 12123
1
12id 312
2
2id 1231
1
123id 12
2
2312id 1
3
31212id
left to right, we compose functions right to left.We have
(11)(A) =1(1(A)) =1(B) =C
(11)(B) =1(1(B)) =1(C) =B
(11)(C) =1(1(C)) =1(A) =A:
This is the same symmetry as2. Suppose we do these motions in the
opposite order,1then1. It is easy to determine that this is the same
as the symmetry3; hence,116=11. A multiplication table for the
symmetries of an equilateral triangle4ABCis given in Table 2.1.
Notice that in the multiplication table for the symmetries of an equilat-
eral triangle, for every motion of the trianglethere is another motion
0
such that
0
=id; that is, for every motion there is another motion that
takes the triangle back to its original orientation.
2.2 Denitions and Examples
The integers modnand the symmetries of a triangle or a rectangle are both
examples of groups. Abinary operationorlaw of compositionon a set
Gis a functionGG!Gthat assigns to each pair (a; b)2Ga unique
elementab, orabinG, called the composition ofaandb. Agroup(G;)
is a setGtogether with a law of composition (a; b)7!abthat satises the
following axioms.
The law of composition isassociative. That is,
(ab)c=a(bc)
fora; b; c2G.

2.2 DEFINITIONS AND EXAMPLES 41
There exists an elemente2G, called theidentity element, such
that for any elementa2G
ea=ae=a:
For each elementa2G, there exists aninverse elementin G,
denoted bya
1
, such that
aa
1
=a
1
a=e:
A groupGwith the property thatab=bafor alla; b2Gis called
abelianorcommutative. Groups not satisfying this property are said to
benonabelianornoncommutative.
Example 3.The integersZ=f: : : ;1;0;1;2; : : :gform a group under the
operation of addition. The binary operation on two integersm; n2Zis just
their sum. Since the integers under addition already have a well-established
notation, we will use the operator + instead of; that is, we shall writem+n
instead ofmn. The identity is 0, and the inverse ofn2Zis written asn
instead ofn
1
. Notice that the integers under addition have the additional
property thatm+n=n+mand are therefore an abelian group.
Most of the time we will writeabinstead ofab; however, if the group
already has a natural operation such as addition in the integers, we will use
that operation. That is, if we are adding two integers, we still writem+n,
nfor the inverse, and 0 for the identity as usual. We also writemn
instead ofm+ (n).
Table 2.3.Cayley table for (Z5;+)
+
0 1 2 3 4
0
0 1 2 3 4
1
1 2 3 4 0
2
2 3 4 0 1
3
3 4 0 1 2
4
4 0 1 2 3
It is often convenient to describe a group in terms of an addition or
multiplication table. Such a table is called aCayley table.
Example 4.The integers modnform a group under addition modulon.
ConsiderZ5, consisting of the equivalence classes of the integers 0, 1, 2, 3,

42 CHAPTER 2 GROUPS
and 4. We dene the group operation onZ5by modular addition. We write
the binary operation on the group additively; that is, we writem+n. The
element 0 is the identity of the group and each element inZ5has an inverse.
For instance, 2 + 3 = 3 + 2 = 0. Table 2.2 is a Cayley table forZ5. By
Proposition 2.1,Zn=f0;1; : : : ; n1gis a group under the binary operation
of addition modn.
Example 5.Not every set with a binary operation is a group. For example,
if we let modular multiplication be the binary operation onZn, thenZnfails
to be a group. The element 1 acts as a group identity since 1k=k1 =k
for anyk2Zn; however, a multiplicative inverse for 0 does not exist since
0k=k0 = 0 for everykinZn. Even if we consider the setZnn f0g,
we still may not have a group. For instance, let 22Z6. Then 2 has no
multiplicative inverse since
02 = 0 1 2 = 2
22 = 4 3 2 = 0
42 = 2 5 2 = 4:
By Proposition 2.1, every nonzerokdoes have an inverse inZnifkis
relatively prime ton. Denote the set of all such nonzero elements inZnby
U(n). ThenU(n) is a group called thegroup of unitsofZn. Table 2.42.2
is a Cayley table for the groupU(8).
Table 2.4.Multiplication table forU(8)

1 3 5 7
1
1 3 5 7
3
3 1 7 5
5
5 7 1 3
7
7 5 3 1
Example 6.The symmetries of an equilateral triangle described in Sec-
tion 2.1 form a nonabelian group. As we observed, it is not necessarily true
that=for two symmetriesand. Using Table 2.22.1, which is a
Cayley table for this group, we can easily check that the symmetries of an
equilateral triangle are indeed a group. We will denote this group by either
S3orD3, for reasons that will be explained later.
Example 7.We useM2(R) to denote the set of all 22 matrices. Let
GL2(R) be the subset ofM2(R) consisting of invertible matrices; that is, a

2.2 DEFINITIONS AND EXAMPLES 43
matrix
A=

a b
c d

is inGL2(R) if there exists a matrixA
1
such thatAA
1
=A
1
A=I,
whereIis the 22 identity matrix. ForAto have an inverse is equivalent
to requiring that the determinant ofAbe nonzero; that is, detA=adbc6=
0. The set of invertible matrices forms a group called thegeneral linear
group. The identity of the group is the identity matrix
I=

1 0
0 1

:
The inverse ofA2GL2(R) is
A
1
=
1
adbc

db
c a

:
The product of two invertible matrices is again invertible. Matrix multipli-
cation is associative, satisfying the other group axiom. For matrices it is
not true in general thatAB6=BA; hence,GL2(R) is another example of a
nonabelian group.
Example 8.Let
1 =

1 0
0 1

I=

0 1
1 0

J=

0i
i0

K=

i0
0i

;
wherei
2
=1. Then the relationsI
2
=J
2
=K
2
=1,IJ=K,JK=I,
KI=J,JI=K,KJ=I, andIK=Jhold. The setQ8=
f1;I;J;Kgis a group called thequaternion group. Notice thatQ8
is noncommutative.
Example 9.LetC

be the set of nonzero complex numbers. Under the
operation of multiplicationC

forms a group. The identity is 1. Ifz=a+bi
is a nonzero complex number, then
z
1
=
abi
a
2
+b
2

44 CHAPTER 2 GROUPS
is the inverse ofz. It is easy to see that the remaining group axioms hold.

A group isnite, or hasnite order, if it contains a nite number of
elements; otherwise, the group is said to beinniteor to haveinnite
order. Theorderof a nite group is the number of elements that it con-
tains. IfGis a group containingnelements, we writejGj=n. The group
Z5is a nite group of order 5; the integersZform an innite group under
addition, and we sometimes writejZj=1.
Basic Properties of Groups
Proposition 2.2The identity element in a groupGis unique; that is, there
exists only one elemente2Gsuch thateg=ge=gfor allg2G.
Proof.Suppose thateande
0
are both identities inG. Theneg=ge=g
ande
0
g=ge
0
=gfor allg2G. We need to show thate=e
0
. If we think
ofeas the identity, thenee
0
=e
0
; but ife
0
is the identity, thenee
0
=e.
Combining these two equations, we havee=ee
0
=e
0
.
Inverses in a group are also unique. Ifg
0
andg
00
are both inverses of an
elementgin a groupG, thengg
0
=g
0
g=eandgg
00
=g
00
g=e. We want
to show thatg
0
=g
00
, butg
0
=g
0
e=g
0
(gg
00
) = (g
0
g)g
00
=eg
00
=g
00
. We
summarize this fact in the following proposition.
Proposition 2.3Ifgis any element in a groupG, then the inverse ofg,
g
1
, is unique.
Proposition 2.4LetGbe a group. Ifa; b2G, then(ab)
1
=b
1
a
1
.
Proof.Leta; b2G. Thenabb
1
a
1
=aea
1
=aa
1
=e. Similarly,
b
1
a
1
ab=e. But by the previous proposition, inverses are unique; hence,
(ab)
1
=b
1
a
1
.
Proposition 2.5LetGbe a group. For anya2G,(a
1
)
1
=a.
Proof.Observe thata
1
(a
1
)
1
=e. Consequently, multiplying both
sides of this equation bya, we have
(a
1
)
1
=e(a
1
)
1
=aa
1
(a
1
)
1
=ae=a:

2.2 DEFINITIONS AND EXAMPLES 45
It makes sense to write equations with group elements and group opera-
tions. Ifaandbare two elements in a groupG, does there exist an element
x2Gsuch thatax=b? If such anxdoes exist, is it unique? The following
proposition answers both of these questions positively.
Proposition 2.6LetGbe a group andaandbbe any two elements inG.
Then the equationsax=bandxa=bhave unique solutions inG.
Proof.Suppose thatax=b. We must show that such anxexists. Multi-
plying both sides ofax=bbya
1
, we havex=ex=a
1
ax=a
1
b.
To show uniqueness, suppose thatx1andx2are both solutions ofax=b;
thenax1=b=ax2. Sox1=a
1
ax1=a
1
ax2=x2. The proof for the
existence and uniqueness of the solution ofxa=bis similar.
Proposition 2.7IfGis a group anda; b; c2G, thenba=caimpliesb=c
andab=acimpliesb=c.
This proposition tells us that theright and left cancellation laws
are true in groups. We leave the proof as an exercise.
We can use exponential notation for groups just as we do in ordinary
algebra. IfGis a group andg2G, then we deneg
0
=e. Forn2N, we
dene
g
n
=gg g
|
{z}
ntimes
and
g
n
=g
1
g
1
g
1
|
{z}
ntimes
:
Theorem 2.8In a group, the usual laws of exponents hold; that is, for all
g; h2G,
1.g
m
g
n
=g
m+n
for allm; n2Z;
2. (g
m
)
n
=g
mn
for allm; n2Z;
3. (gh)
n
= (h
1
g
1
)
n
for alln2Z. Furthermore, ifGis abelian, then
(gh)
n
=g
n
h
n
.
We will leave the proof of this theorem as an exercise. Notice that
(gh)
n
6=g
n
h
n
in general, since the group may not be abelian. If the group
isZorZn, we write the group operation additively and the exponential
operation multiplicatively; that is, we writenginstead ofg
n
. The laws of
exponents now become

46 CHAPTER 2 GROUPS
1.mg+ng= (m+n)gfor allm; n2Z;
2.m(ng) = (mn)gfor allm; n2Z;
3.m(g+h) =mg+mhfor alln2Z.
It is important to realize that the last statement can be made only because
ZandZnare commutative groups.
Historical Note
Although the rst clear axiomatic denition of a group was not given until the
late 1800s, group-theoretic methods had been employed before this time in the
development of many areas of mathematics, including geometry and the theory of
algebraic equations.
Joseph-Louis Lagrange used group-theoretic methods in a 1770{1771 memoir to
study methods of solving polynomial equations. Later,

Evariste Galois (1811{1832)
succeeded in developing the mathematics necessary to determine exactly which
polynomial equations could be solved in terms of the polynomials' coecients.
Galois' primary tool was group theory.
The study of geometry was revolutionized in 1872 when Felix Klein proposed
that geometric spaces should be studied by examining those properties that are
invariant under a transformation of the space. Sophus Lie, a contemporary of
Klein, used group theory to study solutions of partial dierential equations. One of
the rst modern treatments of group theory appeared in William Burnside'sThe
Theory of Groups of Finite Order[1], rst published in 1897.
2.3 Subgroups
Denitions and Examples
Sometimes we wish to investigate smaller groups sitting inside a larger group.
The set of even integers 2Z=f: : : ;2;0;2;4; : : :gis a group under the
operation of addition. This smaller group sits naturally inside of the group
of integers under addition. We dene asubgroupHof a groupGto be a
subsetHofGsuch that when the group operation ofGis restricted toH,
His a group in its own right. Observe that every groupGwith at least two
elements will always have at least two subgroups, the subgroup consisting of
the identity element alone and the entire group itself. The subgroupH=feg
of a groupGis called thetrivial subgroup. A subgroup that is a proper
subset ofGis called aproper subgroup. In many of the examples that we

2.3 SUBGROUPS 47
have investigated up to this point, there exist other subgroups besides the
trivial and improper subgroups.
Example 10.Consider the set of nonzero real numbers,R

, with the group
operation of multiplication. The identity of this group is 1 and the inverse
of any elementa2R

is just 1=a. We will show that
Q

=fp=q:pandqare nonzero integersg
is a subgroup ofR

. The identity ofR

is 1; however, 1 = 1=1 is the
quotient of two nonzero integers. Hence, the identity ofR

is inQ

. Given
two elements inQ

, sayp=qandr=s, their productpr=qsis also inQ

. The
inverse of any elementp=q2Q

is again inQ

since (p=q)
1
=q=p. Since
multiplication inR

is associative, multiplication inQ

is associative.
Example 11.Recall thatC

is the multiplicative group of nonzero complex
numbers. LetH=f1;1; i;ig. ThenHis a subgroup ofC

. It is quite
easy to verify thatHis a group under multiplication and thatHC

.
Example 12.LetSL2(R) be the subset ofGL2(R) consisting of matrices
of determinant one; that is, a matrix
A=

a b
c d

is inSL2(R) exactly whenadbc= 1. To show thatSL2(R) is a subgroup
of the general linear group, we must show that it is a group under matrix
multiplication. The 22 identity matrix is inSL2(R), as is the inverse of
the matrixA:
A
1
=

db
c a

:
It remains to show that multiplication is closed; that is, that the product
of two matrices of determinant one also has determinant one. We will leave
this task as an exercise. The groupSL2(R) is called thespecial linear
group.
Example 13.It is important to realize that a subsetHof a groupGcan
be a group without being a subgroup ofG. ForHto be a subgroup ofG
it must inheritG's binary operation. The set of all 22 matrices,M2(R),
forms a group under the operation of addition. The 22 general linear
group is a subset ofM2(R) and is a group under matrix multiplication, but
it is not a subgroup ofM2(R). If we add two invertible matrices, we do not

48 CHAPTER 2 GROUPS
necessarily obtain another invertible matrix. Observe that

1 0
0 1

+

1 0
01

=

0 0
0 0

;
but the zero matrix is not inGL2(R).
Example 14.One way of telling whether or not two groups are the same
is by examining their subgroups. Other than the trivial subgroup and the
group itself, the groupZ4has a single subgroup consisting of the elements
0 and 2. From the groupZ2, we can form another group of four elements
as follows. As a set this group isZ2Z2. We perform the group operation
coordinatewise; that is, (a; b)+(c; d) = (a+c; b+d). Table 2.5 is an addition
table forZ2Z2. Since there are three nontrivial proper subgroups ofZ2Z2,
H1=f(0;0);(0;1)g,H2=f(0;0);(1;0)g, andH3=f(0;0);(1;1)g,Z4and
Z2Z2must be dierent groups.
Table 2.5.Addition table forZ2Z2
+
(0;0) (0;1) (1;0) (1;1)
(0;0)
(0;0) (0;1) (1;0) (1;1)
(0;1)
(0;1) (0;0) (1;1) (1;0)
(1;0)
(1;0) (1;1) (0;0) (0;1)
(1;1)
(1;1) (1;0) (0;1) (0;0)
Some Subgroup Theorems
Let us examine some criteria for determining exactly when a subset of a
group is a subgroup.
Proposition 2.9A subsetHofGis a subgroup if and only if it satises
the following conditions.
1.The identityeofGis inH.
2.Ifh1; h22H, thenh1h22H.
3.Ifh2H, thenh
1
2H.
Proof.First suppose thatHis a subgroup ofG. We must show that the
three conditions hold. SinceHis a group, it must have an identityeH.
We must show thateH=e, whereeis the identity ofG. We know that

EXERCISES 49
eHeH=eHand thateeH=eHe=eH; hence,eeH=eHeH. By right-hand
cancellation,e=eH. The second condition holds since a subgroupHis a
group. To prove the third condition, leth2H. SinceHis a group, there
is an elementh
0
2Hsuch thathh
0
=h
0
h=e. By the uniqueness of the
inverse inG,h
0
=h
1
.
Conversely, if the three conditions hold, we must show thatHis a group
under the same operation asG; however, these conditions plus the associa-
tivity of the binary operation are exactly the axioms stated in the denition
of a group.
Proposition 2.10LetHbe a subset of a groupG. ThenHis a subgroup
ofGif and only ifH6=;, and wheneverg; h2Hthengh
1
is inH.
Proof.LetHbe a nonempty subset ofG. ThenHcontains some element
g. Sogg
1
=eis inH. Ifg2H, theneg
1
=g
1
is also inH. Finally,
letg; h2H. We must show that their product is also inH. However,
g(h
1
)
1
=gh2H. Hence,His indeed a subgroup ofG. Conversely, if
gandhare inH, we want to show thatgh
1
2H. Sincehis inH, its
inverseh
1
must also be inH. Because of the closure of the group operation,
gh
1
2H.
Exercises
1. Find allx2Zsatisfying each of the following equations.
(a) 3x2 (mod 7)
(b) 5x+ 113 (mod 23)
(c) 5x+ 113 (mod 26)
(d) 9x3 (mod 5)
(e) 5x1 (mod 6)
(f) 3x1 (mod 6)
2. Which of the following multiplication tables dened on the setG=fa; b; c; dg
form a group? Support your answer in each case.
(a)

a b c d
a
a c d a
b
b b c d
c
c d a b
d
d a b c
(c)

a b c d
a
a b c d
b
b c d a
c
c d a b
d
d a b c
(b)

a b c d
a
a b c d
b
b a d c
c
c d a b
d
d c b a
(d)

a b c d
a
a b c d
b
b a c d
c
c b a d
d
d d b c

50 CHAPTER 2 GROUPS
3. Write out Cayley tables for groups formed by the symmetries of a rectangle
and for (Z4;+). How many elements are in each group? Are the groups the
same? Why or why not?
4. Describe the symmetries of a rhombus and prove that the set of symmetries
forms a group. Give Cayley tables for both the symmetries of a rectangle
and the symmetries of a rhombus. Are the symmetries of a rectangle and
those of a rhombus the same?
5. Describe the symmetries of a square and prove that the set of symmetries
is a group. Give a Cayley table for the symmetries. How many ways can
the vertices of a square be permuted? Is each permutation necessarily a
symmetry of the square? The symmetry group of the square is denoted by
D4.
6. Give a multiplication table for the groupU(12).
7. LetS=Rn f1gand dene a binary operation onSbyab=a+b+ab.
Prove that (S;) is an abelian group.
8. Give an example of two elementsAandBinGL2(R) withAB6=BA.
9. Prove that the product of two matrices inSL2(R) has determinant one.
10. Prove that the set of matrices of the form
0
@
1x y
0 1z
0 0 1
1
A
is a group under matrix multiplication. This group, known as theHeisen-
berg group, is important in quantum physics. Matrix multiplication in the
Heisenberg group is dened by
0
@
1x y
0 1z
0 0 1
1
A
0
@
1x
0
y
0
0 1z
0
0 0 1
1
A=
0
@
1x+x
0
y+y
0
+xz
0
0 1 z+z
0
0 0 1
1
A:
11. Prove that det(AB) = det(A) det(B) inGL2(R). Use this result to show
that the binary operation in the groupGL2(R) is closed; that is, ifAandB
are inGL2(R), thenAB2GL2(R).
12. LetZ
n
2=f(a1; a2; : : : ; an) :ai2Z2g. Dene a binary operation onZ
n
2by
(a1; a2; : : : ; an) + (b1; b2; : : : ; bn) = (a1+b1; a2+b2; : : : ; an+bn):
Prove thatZ
n
2is a group under this operation. This group is important in
algebraic coding theory.
13. Show thatR

=Rn f0gis a group under the operation of multiplication.

EXERCISES 51
14. Given the groupsR

andZ, letG=R

Z. Dene a binary operation
onGby (a; m)(b; n) = (ab; m+n). Show thatGis a group under this
operation.
15. Prove or disprove that every group containing six elements is abelian.
16. Give a specic example of some groupGand elementsg; h2Gwhere (gh)
n
6=
g
n
h
n
.
17. Give an example of three dierent groups with eight elements. Why are the
groups dierent?
18. Show that there aren! permutations of a set containingnitems.
19. Show that
0 +aa+ 0a(modn)
for alla2Zn.
20. Prove that there is a multiplicative identity for the integers modulon:
a1a(modn):
21. For eacha2Znnd ab2Znsuch that
a+bb+a0 (modn):
22. Show that addition and multiplication modnare associative operations.
23. Show that multiplication distributes over addition modulon:
a(b+c)ab+ac(modn):
24. Letaandbbe elements in a groupG. Prove thatab
n
a
1
= (aba
1
)
n
.
25. LetU(n) be the group of units inZn. Ifn >2, prove that there is an element
k2U(n) such thatk
2
= 1 andk6= 1.
26. Prove that the inverse ofg1g2 gnisg
1
ng
1
n1
g
1
1
.
27. Prove Theorem 2.6: ifGis a group anda; b2G, then the equationsax=b
andxa=bhave unique solutions inG.
28. Prove the right and left cancellation laws for a groupG; that is, show that
in the groupG,ba=caimpliesb=candab=acimpliesb=cfor elements
a; b; c2G.
29. Show that ifa
2
=efor alla2G, thenGmust be an abelian group.
30. Show that ifGis a nite group of even order, then there is ana2Gsuch
thatais not the identity anda
2
=e.
31. LetGbe a group and suppose that (ab)
2
=a
2
b
2
for allaandbinG. Prove
thatGis an abelian group.

52 CHAPTER 2 GROUPS
32. Find all the subgroups ofZ3Z3. Use this information to show thatZ3Z3
is not the same group asZ9.
33. Find all the subgroups of the symmetry group of an equilateral triangle.
34. Compute the subgroups of the symmetry group of a square.
35. LetH=f2
k
:k2Zg. Show thatHis a subgroup ofQ

.
36. Letn= 0;1;2; : : :andnZ=fnk:k2Zg. Prove thatnZis a subgroup of
Z. Show that these subgroups are the only subgroups ofZ.
37. LetT=fz2C

:jzj= 1g. Prove thatTis a subgroup ofC

.
38. LetGconsist of the 22 matrices of the form

cossin
sincos

where2R. Prove thatGis a subgroup ofSL2(R).
39. Prove that
G=fa+b
p
2 :a; b2Qandaandbare not both zerog
is a subgroup ofR

under the group operation of multiplication.
40. LetGbe the group of 22 matrices under addition and
H=

a b
c d

:a+d= 0

:
Prove thatHis a subgroup ofG.
41. Prove or disprove:SL2(Z), the set of 22 matrices with integer entries and
determinant one, is a subgroup ofSL2(R).
42. List the subgroups of the quaternion group,Q8.
43. Prove that the intersection of two subgroups of a groupGis also a subgroup
ofG.
44. Prove or disprove: IfHandKare subgroups of a groupG, thenH[Kis a
subgroup ofG.
45. Prove or disprove: IfHandKare subgroups of a groupG, thenHK=fhk:
h2Handk2Kgis a subgroup ofG. What ifGis abelian?
46. LetGbe a group andg2G. Show that
Z(G) =fx2G:gx=xgfor allg2Gg
is a subgroup ofG. This subgroup is called thecenterofG.

EXERCISES 53
47. Letaandbbe elements of a groupG. Ifa
4
b=baanda
3
=e, prove that
ab=ba.
48. Give an example of an innite group in which every nontrivial subgroup is
innite.
49. Give an example of an innite group in which every proper subgroup is nite.
50. Ifxy=x
1
y
1
for allxandyinG, prove thatGmust be abelian.
51. If (xy)
2
=xyfor allxandyinG, prove thatGmust be abelian.
52. Prove or disprove: Every nontrivial subgroup of an nonabelian group is non-
abelian.
53. LetHbe a subgroup ofGand
N(H) =fg2G:gh=hgfor allh2Hg:
ProveN(H) is a subgroup ofG. This subgroup is called thenormalizer
ofHinG.
Additional Exercises: Detecting Errors
Credit card companies, banks, book publishers, and supermarkets all take advan-
tage of the properties of integer arithmetic modulonand group theory to obtain
error detection schemes for the identication codes that they use.
1.UPC Symbols. Universal Product Code (UPC) symbols are now found
on most products in grocery and retail stores. The UPC symbol is a 12-
digit code identifying the manufacturer of a product and the product itself
(Figure??). The rst 11 digits contain information about the product; the
twelfth digit is used for error detection. Ifd1d2 d12is a valid UPC number,
then
3d1+ 1d2+ 3d3+ + 3d11+ 1d120 (mod 10):
(a) Show that the UPC number 0-50000-30042-6, which appears in Fig-
ure 2.3, is a valid UPC number.
(b) Show that the number 0-50000-30043-6 is not a valid UPC number.
(c) Write a formula to calculate the check digit,d12, in the UPC number.
(d) The UPC error detection scheme can detect most transposition errors;
that is, it can determine if two digits have been interchanged. Show
that the transposition error 0-05000-30042-6 is detected. Find a trans-
position error that is not detected.
(e) Write a program that will determine whether or not a UPC number is
valid.

54 CHAPTER 2 GROUPS50000300420 6
Figure 2.3.A UPC code
2. It is often useful to use an inner product notation for this type of error
detection scheme; hence, we will use the notion
(d1; d2; : : : ; dk)(w1; w2; : : : ; wk)0 (modn)
to mean
d1w1+d2w2+ +dkwk0 (modn):
Suppose that (d1; d2; : : : ; dk)(w1; w2; : : : ; wk)0 (modn) is an error detec-
tion scheme for thek-digit identication numberd1d2 dk, where 0di<
n. Prove that all single-digit errors are detected if and only if gcd(wi; n) = 1
for 1ik.
3. Let (d1; d2; : : : ; dk)(w1; w2; : : : ; wk)0 (modn) be an error detection
scheme for thek-digit identication numberd1d2 dk, where 0di< n.
Prove that all transposition errors of two digitsdianddjare detected if and
only if gcd(wiwj; n) = 1 foriandjbetween 1 andk.
4.ISBN Codes.Every book has an International Standard Book Number
(ISBN) code. This is a 10-digit code indicating the book's publisher and
title. The tenth digit is a check digit satisfying
(d1; d2; : : : ; d10)(10;9; : : : ;1)0 (mod 11):
One problem is thatd10might have to be a 10 to make the inner product zero;
in this case, 11 digits would be needed to make this scheme work. Therefore,
the character X is used for the eleventh digit. So ISBN 3-540-96035-X is a
valid ISBN code.
(a) Is ISBN 0-534-91500-0 a valid ISBN code? What about ISBN 0-534-
91700-0 and ISBN 0-534-19500-0?
(b) Does this method detect all single-digit errors? What about all trans-
position errors?

EXERCISES 55
(c) How many dierent ISBN codes are there?
(d) Write a computer program that will calculate the check digit for the
rst nine digits of an ISBN code.
(e) A publisher has houses in Germany and the United States. Its German
prex is 3-540. If its United States prex will be 0-abc, ndabcsuch
that the rest of the ISBN code will be the same for a book printed in
Germany and in the United States. Under the ISBN coding method
the rst digit identies the language; German is 3 and English is 0.
The next group of numbers identies the publisher, and the last group
identies the specic book.
References and Suggested Readings
References [2] and [3] show how group theory can be used in error detection schemes.
Other sources cover more advanced topics in group theory.
[1]Burnside, W.Theory of Groups of Finite Order. 2nd ed. Cambridge Univer-
sity Press, Cambridge, 1911; Dover, New York, 1953. A classic.
[2]Gallian, J. A. and Winters, S. \Modular Arithmetic in the Marketplace,"
The American Mathematical Monthly95(1988): 548{51.
[3]Gallian, J. A.Contemporary Abstract Algebra. 2nd ed. D. C. Heath, Lexing-
ton, MA, 1990.
[4]Hall, M.Theory of Groups. 2nd ed. Chelsea, New York, 1975.
[5]Kurosh, A. E.The Theory of Groups, vols. I and II. Chelsea, New York,
1979.
[6]MacDonald, I. D.The Theory of Groups. Krieger, London, 1988.
[7]Rose, J. S.A Course on Group Theory. Cambridge University Press, Cam-
bridge, 1978.
[8]Rotman, J. J.An Introduction to the Theory of Groups. 3rd ed. Allyn and
Bacon, Boston, 1984.

3
Cyclic Groups
The groupsZandZn, which are among the most familiar and easily under-
stood groups, are both examples of what are called cyclic groups. In this
chapter we will study the properties of cyclic groups and cyclic subgroups,
which play a fundamental part in the classication of all abelian groups.
3.1 Cyclic Subgroups
Often a subgroup will depend entirely on a single element of the group;
that is, knowing that particular element will allow us to compute any other
element in the subgroup.
Example 1.Suppose that we consider 32Zand look at all multiples (both
positive and negative) of 3. As a set, this is
3Z=f: : : ;3;0;3;6; : : :g:
It is easy to see that 3Zis a subgroup of the integers. This subgroup
is completely determined by the element 3 since we can obtain all of the
other elements of the group by taking multiples of 3. Every element in the
subgroup is \generated" by 3.
Example 2.IfH=f2
n
:n2Zg, thenHis a subgroup of the multiplicative
group of nonzero rational numbers,Q

. Ifa= 2
m
andb= 2
n
are inH, then
ab
1
= 2
m
2
n
= 2
mn
is also inH. By Proposition 2.10,His a subgroup
ofQ

determined by the element 2.
Theorem 3.1LetGbe a group andabe any element inG. Then the set
hai=fa
k
:k2Zg
is a subgroup ofG. Furthermore,haiis the smallest subgroup ofGthat
containsa.
56

3.1 CYCLIC SUBGROUPS 57
Proof.The identity is inhaisincea
0
=e. Ifgandhare any two elements
inhai, then by the denition ofhaiwe can writeg=a
m
andh=a
n
for some
integersmandn. Sogh=a
m
a
n
=a
m+n
is again inhai. Finally, ifg=a
n
inhai, then the inverseg
1
=a
n
is also inhai. Clearly, any subgroupH
ofGcontainingamust contain all the powers ofaby closure; hence,H
containshai. Therefore,haiis the smallest subgroup ofGcontaininga.
Remark.If we are using the \+" notation, as in the case of the integers
under addition, we writehai=fna:n2Zg.
Fora2G, we callhaithecyclic subgroupgenerated bya. IfGcontains
some elementasuch thatG=hai, thenGis acyclic group. In this casea
is ageneratorofG. Ifais an element of a groupG, we dene theorder
ofato be the smallest positive integernsuch thata
n
=e, and we write
jaj=n. If there is no such integern, we say that the order ofais innite
and writejaj=1to denote the order ofa.
Example 3.Notice that a cyclic group can have more than a single gen-
erator. Both 1 and 5 generateZ6; hence,Z6is a cyclic group. Not every
element in a cyclic group is necessarily a generator of the group. The order
of 22Z6is 3. The cyclic subgroup generated by 2 ish2i=f0;2;4g.
The groupsZandZnare cyclic groups. The elements 1 and1 are
generators forZ. We can certainly generateZnwith 1 although there may
be other generators ofZn, as in the case ofZ6.
Example 4.The group of units,U(9), inZ9is a cyclic group. As a set,
U(9) isf1;2;4;5;7;8g. The element 2 is a generator forU(9) since
2
1
= 2 2
2
= 4
2
3
= 8 2
4
= 7
2
5
= 5 2
6
= 1:

Example 5.Not every group is a cyclic group. Consider the symmetry
group of an equilateral triangleS3. The multiplication table for this group
is Table 2.2. The subgroups ofS3are shown in Figure 3.1. Notice that every
subgroup is cyclic; however, no single element generates the entire group.

Theorem 3.2Every cyclic group is abelian.

58 CHAPTER 3 CYCLIC GROUPS
S3
fidg
fid; 1; 2g fid; 1g f id; 2g fid; 3g
!
!
!
!
!
!
!!
a
a
a
a
a
a
aa

S
S
S
S
S
S

a
a
a
a
a
a
aa
!
!
!
!
!
!
!!
Figure 3.1.Subgroups ofS3
Proof.LetGbe a cyclic group anda2Gbe a generator forG. Ifgand
hare inG, then they can be written as powers ofa, sayg=a
r
andh=a
s
.
Since
gh=a
r
a
s
=a
r+s
=a
s+r
=a
s
a
r
=hg;
Gis abelian.
Subgroups of Cyclic Groups
We can ask some interesting questions about cyclic subgroups of a group
and subgroups of a cyclic group. IfGis a group, which subgroups ofGare
cyclic? IfGis a cyclic group, what type of subgroups doesGpossess?
Theorem 3.3Every subgroup of a cyclic group is cyclic.
Proof.The main tools used in this proof are the division algorithm and
the Principle of Well-Ordering. LetGbe a cyclic group generated byaand
suppose thatHis a subgroup ofG. IfH=feg, then triviallyHis cyclic.
Suppose thatHcontains some other elementgdistinct from the identity.
Thengcan be written asa
n
for some integern. We can assume thatn >0.
Letmbe the smallest natural number such thata
m
2H. Such anmexists
by the Principle of Well-Ordering.
We claim thath=a
m
is a generator forH. We must show that every
h
0
2Hcan be written as a power ofh. Sinceh
0
2HandHis a subgroup
ofG,h
0
=a
k
for some positive integerk. Using the division algorithm, we
can nd numbersqandrsuch thatk=mq+rwhere 0r < m; hence,
a
k
=a
mq+r
= (a
m
)
q
a
r
=h
q
a
r
:

3.1 CYCLIC SUBGROUPS 59
Soa
r
=a
k
h
q
. Sincea
k
andh
q
are inH,a
r
must also be inH. However,
mwas the smallest positive number such thata
m
was inH; consequently,
r= 0 and sok=mq. Therefore,
h
0
=a
k
=a
mq
=h
q
andHis generated byh.
Corollary 3.4The subgroups ofZare exactlynZforn= 0;1;2; : : :.
Proposition 3.5LetGbe a cyclic group of ordernand suppose thatais
a generator forG. Thena
k
=eif and only ifndividesk.
Proof.First suppose thata
k
=e. By the division algorithm,k=nq+r
where 0r < n; hence,
e=a
k
=a
nq+r
=a
nq
a
r
=ea
r
=a
r
:
Since the smallest positive integermsuch thata
m
=eisn,r= 0.
Conversely, ifndividesk, thenk=nsfor some integers. Consequently,
a
k
=a
ns
= (a
n
)
s
=e
s
=e:

Theorem 3.6LetGbe a cyclic group of ordernand suppose thata2G
is a generator of the group. Ifb=a
k
, then the order ofbisn=d, where
d= gcd(k; n).
Proof.We wish to nd the smallest integermsuch thate=b
m
=a
km
.
By Proposition 3.5, this is the smallest integermsuch thatndivideskmor,
equivalently,n=ddividesm(k=d). Sincedis the greatest common divisor of
nandk,n=dandk=dare relatively prime. Hence, forn=dto dividem(k=d)
it must dividem. The smallest suchmisn=d.
Corollary 3.7The generators ofZnare the integersrsuch that1r < n
andgcd(r; n) = 1.
Example 6.Let us examine the groupZ16. The numbers 1, 3, 5, 7, 9, 11,
13, and 15 are the elements ofZ16that are relatively prime to 16. Each of
these elements generatesZ16. For example,
19 = 9 2 9 = 2 3 9 = 11
49 = 4 5 9 = 13 6 9 = 6
79 = 15 8 9 = 8 9 9 = 1
109 = 10 11 9 = 3 12 9 = 12
139 = 5 14 9 = 14 15 9 = 7:

60 CHAPTER 3 CYCLIC GROUPS
3.2 The GroupC

Thecomplex numbersare dened as
C=fa+bi:a; b2Rg;
wherei
2
=1. Ifz=a+bi, thenais thereal partofzandbis the
imaginary partofz.
To add two complex numbersz=a+biandw=c+di, we just add the
corresponding real and imaginary parts:
z+w= (a+bi) + (c+di) = (a+c) + (b+d)i:
Remembering thati
2
=1, we multiply complex numbers just like polyno-
mials. The product ofzandwis
(a+bi)(c+di) =ac+bdi
2
+adi+bci= (acbd) + (ad+bc)i:
Every nonzero complex numberz=a+bihas a multiplicative inverse;
that is, there exists az
1
2C

such thatzz
1
=z
1
z= 1. Ifz=a+bi,
then
z
1
=
abi
a
2
+b
2
:
Thecomplex conjugateof a complex numberz=a+biis dened to be
z=abi. Theabsolute valueormodulusofz=a+biisjzj=
p
a
2
+b
2
.
Example 7.Letz= 2 + 3iandw= 12i. Then
z+w= (2 + 3i) + (12i) = 3 +i
and
zw= (2 + 3i)(12i) = 8i:
Also,
z
1
=
2
13

3
13
i
jzj=
p
13
z= 23i:

There are several ways of graphically representing complex numbers. We
can represent a complex numberz=a+bias an ordered pair on thexy

3.2 THE GROUP C

61z

3

= Ð3 + 2i
z

1

= 2 + 3i
z

2

= 1 Ð 2i
y
x0
Figure 3.2.Rectangular coordinates of a complex numbery
x0
r
a + bi
q Figure 3.3.Polar coordinates of a complex number
plane whereais thex(or real) coordinate andbis they(or imaginary)
coordinate. This is called therectangularorCartesianrepresentation.
The rectangular representations ofz1= 2+3i,z2= 12i, andz3=3+2i
are depicted in Figure 3.2.
Nonzero complex numbers can also be represented usingpolar coordi-
nates. To specify any nonzero point on the plane, it suces to give an angle
from the positivexaxis in the counterclockwise direction and a distance
rfrom the origin, as in Figure 3.3. We can see that
z=a+bi=r(cos+isin):
Hence,
r=jzj=
p
a
2
+b
2

62 CHAPTER 3 CYCLIC GROUPS
and
a=rcos
b=rsin:
We sometimes abbreviater(cos+isin) asrcis. To assure that the
representation ofzis well-dened, we also require that 0

<360

. If
the measurement is in radians, then 0 <2.
Example 8.Suppose thatz= 2 cis 60

. Then
a= 2 cos 60

= 1
and
b= 2 sin 60

=
p
3:
Hence, the rectangular representation isz= 1 +
p
3i.
Conversely, if we are given a rectangular representation of a complex
number, it is often useful to know the number's polar representation. If
z= 3
p
23
p
2i, then
r=
p
a
2
+b
2
=
p
36 = 6
and
= arctan

b
a

= arctan(1) = 315

;
so 3
p
23
p
2i= 6 cis 315

.
The polar representation of a complex number makes it easy to nd prod-
ucts and powers of complex numbers. The proof of the following proposition
is straightforward and is left as an exercise.
Proposition 3.8Letz=rcisandw=scisbe two nonzero complex
numbers. Then
zw=rscis(+):
Example 9.Ifz= 3 cis(=3) andw= 2 cis(=6), thenzw= 6 cis(=2) =
6i.
Theorem 3.9 (DeMoivre) Letz=rcisbe a nonzero complex number.
Then
[rcis]
n
=r
n
cis(n)
forn= 1;2; : : :.

3.2 THE GROUP C

63
Proof.We will use induction onn. Forn= 1 the theorem is trivial.
Assume that the theorem is true for allksuch that 1kn. Then
z
n+1
=z
n
z
=r
n
(cosn+isinn)r(cos+isin)
=r
n+1
[(cosncossinnsin) +i(sinncos+ cosnsin)]
=r
n+1
[cos(n+) +isin(n+)]
=r
n+1
[cos(n+ 1)+isin(n+ 1)]:

Example 10.Suppose thatz= 1 +iand we wish to computez
10
. Rather
than computing (1 +i)
10
directly, it is much easier to switch to polar coor-
dinates and calculatez
10
using DeMoivre's Theorem:
z
10
= (1 +i)
10
=
p
2 cis

4

10
= (
p
2 )
10
cis

5
2

= 32 cis

2

= 32i:

The Circle Group and the Roots of Unity
The multiplicative group of the complex numbers,C

, possesses some in-
teresting subgroups. WhereasQ

andR

have no interesting subgroups of
nite order,C

has many. We rst consider thecircle group,
T=fz2C:jzj= 1g:
The following proposition is a direct result of Proposition 3.8.
Proposition 3.10The circle group is a subgroup ofC

.
Although the circle group has innite order, it has many interesting nite
subgroups. Suppose thatH=f1;1; i;ig. ThenHis a subgroup of the
circle group. Also, 1,1,i, andiare exactly those complex numbers that
satisfy the equationz
4
= 1. The complex numbers satisfying the equation
z
n
= 1 are called thenth roots of unity.

64 CHAPTER 3 CYCLIC GROUPS
Theorem 3.11Ifz
n
= 1, then thenth roots of unity are
z= cis

2k
n

;
wherek= 0;1; : : : ; n1. Furthermore, thenth roots of unity form a cyclic
subgroup ofTof ordern.
Proof.By DeMoivre's Theorem,
z
n
= cis

n
2k
n

= cis(2k) = 1:
Thez's are distinct since the numbers 2k=nare all distinct and are greater
than or equal to 0 but less than 2. The fact that these are all of the roots
of the equationz
n
= 1 follows from the Fundamental Theorem of Algebra
(Theorem 19.16), which states that a polynomial of degreencan have at
mostnroots. We will leave the proof that thenth roots of unity form a
cyclic subgroup ofTas an exercise.
A generator for the group of thenth roots of unity is called aprimitive
nth root of unity.
Example 11.The 8th roots of unity can be represented as eight equally
spaced points on the unit circle (Figure 3.4). The primitive 8th roots of
unity are
!=
p
22
+
p
22
i
!
3
=
p
22
+
p
22
i
!
5
=
p
22

p
22
i
!
7
=
p
22

p
22
i:

3.3 The Method of Repeated Squares
1
1
The results in this section are needed only in Chapter 6.

3.3 THE METHOD OF REPEATED SQUARES 65y
x0 1Ð1
Ði
i
w
w
7
w
5
w
3
Figure 3.4.8th roots of unity
Computing large powers can be very time-consuming. Just as anyone can
compute 2
2
or 2
8
, everyone knows how to compute
2
2
1000000
:
However, such numbers are so large that we do not want to attempt the
calculations; moreover,past a certain point the computations would not be
feasible even if we had every computer in the world at our disposal. Even
writing down the decimal representation of a very large number may not be
reasonable. It could be thousands or even millions of digits long. However,
if we could compute something like 2
37398332
(mod 46389), we could very
easily write the result down since it would be a number between 0 and
46,388. If we want to compute powers modulonquickly and eciently, we
will have to be clever.
The rst thing to notice is that any numberacan be written as the sum
of distinct powers of 2; that is, we can write
a= 2
k1
+ 2
k2
+ + 2
kn
;
wherek1< k2< < kn. This is just the binary representation ofa.
For example, the binary representation of 57 is 111001, since we can write
57 = 2
0
+ 2
3
+ 2
4
+ 2
5
.
The laws of exponents still work inZn; that is, ifba
x
(modn) and
ca
y
(modn), thenbca
x+y
(modn). We can computea
2
k
(modn) in

66 CHAPTER 3 CYCLIC GROUPS
kmultiplications by computing
a
2
0
(modn)
a
2
1
(modn)
.
.
.
a
2
k
(modn):
Each step involves squaring the answer obtained in the previous step, divid-
ing byn, and taking the remainder.
Example 12.We will compute 271
321
(mod 481). Notice that
321 = 2
0
+ 2
6
+ 2
8
;
hence, computing 271
321
(mod 481) is the same as computing
271
2
0
+2
6
+2
8
271
2
0
271
2
6
271
2
8
(mod 481):
So it will suce to compute 271
2
i
(mod 481) wherei= 0;6;8. It is very
easy to see that
271
2
1
73;441 (mod 481)
329 (mod 481):
We can square this result to obtain a value for 271
2
2
(mod 481):
271
2
2
(271
2
1
)
2
(mod 481)
(329)
2
(mod 481)
1;082;411 (mod 481)
16 (mod 481):
We are using the fact that (a
2
n
)
2
a
22
n
a
2
n+1
(modn). Continuing, we
can calculate
271
2
6
419 (mod 481)
and
271
2
8
16 (mod 481):
Therefore,
271
321
271
2
0
+2
6
+2
8
(mod 481)
271
2
0
271
2
6
271
2
8
(mod 481)
27141916 (mod 481)
1;816;784 (mod 481)
47 (mod 481):

EXERCISES 67

The method of repeated squares will prove to be a very useful tool when
we explore RSA cryptography in Chapter 6. To encode and decode messages
in a reasonable manner under this scheme, it is necessary to be able to
quickly compute large powers of integers modn.
Exercises
1.Prove or disprove each of the following statements.
(a)U(8) is cyclic.
(b)All of the generators ofZ60are prime.
(c)Qis cyclic.
(d)If every subgroup of a groupGis cyclic, thenGis a cyclic group.
(e)A group with a nite number of subgroups is nite.
2.Find the order of each of the following elements.
(a)52Z12
(c)
p
32R

(e)72 inZ240
(b)
p
32R
(d)i2C

(f)312 inZ471
3.List all of the elements in each of the following subgroups.
(a)The subgroup ofZgenerated by 7
(b)The subgroup ofZ24generated by 15
(c)All subgroups ofZ12
(d)All subgroups ofZ60
(e)All subgroups ofZ13
(f)All subgroups ofZ48
(g)The subgroup generated by 3 inU(20)
(h)The subgroup generated by 6 inU(18)
(i)The subgroup ofR

generated by 7
(j)The subgroup ofC

generated byiwherei
2
=1
(k)The subgroup ofC

generated by 2i
(l)The subgroup ofC

generated by (1 +i)=
p
2
(m)The subgroup ofC

generated by (1 +
p
3i)=2

68 CHAPTER 3 CYCLIC GROUPS
4.Find the subgroups ofGL2(R) generated by each of the following matrices.
(a)

0 1
1 0

(c)

11
1 0

(e)

11
1 0

(b)

0 1=3
3 0

(d)

11
0 1

(f)
p
3=2 1=2
1=2
p
3=2

5.Find the order of every element inZ18.
6.Find the order of every element in the symmetry group of the square,D4.
7.What are all of the cyclic subgroups of the quaternion group,Q8?
8.List all of the cyclic subgroups ofU(30).
9.List every generator of each subgroup of order 8 inZ32.
10.Find all elements of nite order in each of the following groups.
(a)Z
(b)Q

(c)R

11.Ifa
24
=ein a groupG, what are the possible orders ofa?
12.Find a cyclic group with exactly one generator. Can you nd cyclic groups
with exactly two generators? Four generators? How aboutngenerators?
13.Forn20, which groupsU(n) are cyclic? Make a conjecture as to what is
true in general. Can you prove your conjecture?
14.Let
A=

0 1
1 0

and
B=

01
11

be elements inGL2(R). Show thatAandBhave nite orders butABdoes
not.
15.Evaluate each of the following.
(a)(32i) + (5i6)
(c)(54i)(7 + 2i)
(e)i
45
(b)(45i)
(4i4)
(d)(9i)
(9i)
(f)(1 +i) +
(1 +i)

EXERCISES 69
16.Convert the following complex numbers to the forma+bi.
(a)2 cis(=6)
(c)3 cis()
(b)5 cis(9=4)
(d)cis(7=4)=2
17.Change the following complex numbers to polar representation.
(a)1i
(c)2 + 2i
(e)3i
(b)5
(d)
p
3 +i
(f)2i+ 2
p
3
18.Calculate each of the following expressions.
(a)(1 +i)
1
(c)(
p
3 +i)
5
(e)((1i)=2)
4
(g)(2 + 2i)
5
(b)(1i)
6
(d)(i)
10
(f)(
p
2
p
2i)
12
19.Prove each of the following statements.
(a)jzj=j
zj
(c)z
1
=
z=jzj
2
(e)jzwj jjzj jwjj
(b)z
z=jzj
2
(d)jz+wj jzj+jwj
(f)jzwj=jzjjwj
20.List and graph the 6th roots of unity. What are the generators of this group?
What are the primitive 6th roots of unity?
21.List and graph the 5th roots of unity. What are the generators of this group?
What are the primitive 5th roots of unity?
22.Calculate each of the following.
(a)292
3171
(mod 582)
(c)2071
9521
(mod 4724)
(b)2557
341
(mod 5681)
(d)971
321
(mod 765)
23.Leta; b2G. Prove the following statements.
(a)The order ofais the same as the order ofa
1
.
(b)For allg2G,jaj=jg
1
agj.
(c)The order ofabis the same as the order ofba.
24.Letpandqbe distinct primes. How many generators doesZpqhave?
25.Letpbe prime andrbe a positive integer. How many generators doesZp
r
have?
26.Prove thatZphas no nontrivial subgroups ifpis prime.

70 CHAPTER 3 CYCLIC GROUPS
27.Ifgandhhave orders 15 and 16 respectively in a groupG, what is the order
ofhgi \ hhi?
28.Letabe an element in a groupG. What is a generator for the subgroup
ha
m
i \ ha
n
i?
29.Prove thatZnhas an even number of generators forn >2.
30.Suppose thatGis a group and leta,b2G. Prove that ifjaj=mandjbj=n
with gcd(m; n) = 1, thenhai \ hbi=feg.
31.LetGbe an abelian group. Show that the elements of nite order inGform
a subgroup. This subgroup is called thetorsion subgroupofG.
32.LetGbe a nite cyclic group of orderngenerated byx. Show that ify=x
k
where gcd(k; n) = 1, thenymust be a generator ofG.
33.IfGis an abelian group that contains a pair of cyclic subgroups of order 2,
show thatGmust contain a subgroup of order 4. Does this subgroup have
to be cyclic?
34.LetGbe an abelian group of orderpqwhere gcd(p; q) = 1. IfGcontains
elementsaandbof orderpandqrespectively, then show thatGis cyclic.
35.Prove that the subgroups ofZare exactlynZforn= 0;1;2; : : :.
36.Prove that the generators ofZnare the integersrsuch that 1r < nand
gcd(r; n) = 1.
37.Prove that ifGhas no proper nontrivial subgroups, thenGis a cyclic group.
38.Prove that the order of an element in a cyclic groupGmust divide the order
of the group.
39.For what integersnis1 annth root of unity?
40.Ifz=r(cos+isin) andw=s(cos+isin) are two nonzero complex
numbers, show that
zw=rs[cos(+) +isin(+)]:
41.Prove that the circle group is a subgroup ofC

.
42.Prove that thenth roots of unity form a cyclic subgroup ofTof ordern.
43.Prove that
m
= 1 and
n
= 1 if and only if
d
= 1 ford= gcd(m; n).
44.Letz2C

. Ifjzj 6= 1, prove that the order ofzis innite.
45.Letz= cos+isinbe inTwhere2Q. Prove that the order ofzis
innite.

EXERCISES 71
Programming Exercises
1.Write a computer program that will write any decimal number as the sum
of distinct powers of 2. What is the largest integer that your program will
handle?
2.Write a computer program to calculatea
x
(modn) by the method of re-
peated squares. What are the largest values ofnandxthat your program
will accept?
References and Suggested Readings
[1]Koblitz, N.A Course in Number Theory and Cryptography. Springer-Verlag,
New York, 1987.
[2]Pomerance, C. \Cryptology and Computational Number Theory|An Intro-
duction," inCryptology and Computational Number Theory, Pomerance, C.,
ed. Proceedings of Symposia in Applied Mathematics, vol. 42, American
Mathematical Society, Providence, RI, 1990. This book gives an excellent
account of how the method of repeated squares is used in cryptography.

4
Permutation Groups
Permutation groups are central to the study of geometric symmetries and to
Galois theory, the study of nding solutions of polynomial equations. They
also provide abundant examples of nonabelian groups.
Let us recall for a moment the symmetries of the equilateral triangle
4ABCfrom Chapter 2. The symmetries actually consist of permutations
of the three vertices, where apermutationof the setS=fA; B; Cgis a
one-to-one and onto map:S!S. The three vertices have the following
six permutations.

A B C
A B C

A B C
C A B

A B C
B C A

A B C
A C B

A B C
C B A

A B C
B A C

We have used the array

A B C
B C A

to denote the permutation that sendsAtoB,BtoC, andCtoA. That is,
A7!B
B7!C
C7!A:
The symmetries of a triangle form a group. In this chapter we will study
groups of this type.
72

4.1 DEFINITIONS AND NOTATION 73
4.1 Denitions and Notation
In general, the permutations of a setXform a groupSX. IfXis a nite
set, we can assumeX=f1;2; : : : ; ng. In this case we writeSninstead of
SX. The following theorem says thatSnis a group. We call this group the
symmetric group onnletters.
Theorem 4.1The symmetric group onnletters,Sn, is a group withn!
elements, where the binary operation is the composition of maps.
Proof.The identity ofSnis just the identity map that sends 1 to 1, 2 to
2,: : :,nton. Iff:Sn!Snis a permutation, thenf
1
exists, sincefis
one-to-one and onto; hence, every permutation has an inverse. Composition
of maps is associative, which makes the group operation associative. We
leave the proof thatjSnj=n! as an exercise.
A subgroup ofSnis called apermutation group.
Example 1.Consider the subgroupGofS5consisting of the identity
permutationidand the permutations
=

1 2 3 4 5
1 2 3 5 4

=

1 2 3 4 5
3 2 1 4 5

=

1 2 3 4 5
3 2 1 5 4

:
The following table tells us how to multiply elements in the permutation
groupG.

id
id
id

id

id

id

Remark.Though it is natural to multiply elements in a group from left to
right, functions are composed from right to left. Letandbe permutations
on a setX. To composeandas functions, we calculate ()(x) =
((x)). That is, we dorst, then. There are several ways to approach

74 CHAPTER 4 PERMUTATION GROUPS
this inconsistency.We will adopt the convention of multiplying permutations
right to left. To compute, dorst and then.That is, by(x) we
mean((x)). (Another way of solving this problem would be to write
functions on the right; that is, instead of writing(x), we could write (x).
We could also multiply permutations left to right to agree with the usual
way of multiplying elements in a group. Certainly all of these methods have
been used.
Example 2.Permutation multiplication is not usually commutative. Let
=

1 2 3 4
4 1 2 3

=

1 2 3 4
2 1 4 3

:
Then
=

1 2 3 4
1 4 3 2

;
but
=

1 2 3 4
3 2 1 4

:

Cycle Notation
The notation that we have used to represent permutations up to this point is
cumbersome, to say the least. To work eectively with permutation groups,
we need a more streamlined method of writing down and manipulating per-
mutations.
A permutation2SXis acycle of lengthkif there exist elements
a1; a2; : : : ; ak2Xsuch that
(a1) =a2
(a2) =a3
.
.
.
(ak) =a1
and(x) =xfor all other elementsx2X. We will write (a1; a2; : : : ; ak) to
denote the cycle. Cycles are the building blocks of all permutations.

4.1 DEFINITIONS AND NOTATION 75
Example 3.The permutation
=

1 2 3 4 5 6 7
6 3 5 1 4 2 7

= (162354)
is a cycle of length 6, whereas
=

1 2 3 4 5 6
1 4 2 3 5 6

= (243)
is a cycle of length 3.
Not every permutation is a cycle. Consider the permutation

1 2 3 4 5 6
2 4 1 3 6 5

= (1243)(56):
This permutation actually contains a cycle of length 2 and a cycle of length 4.

Example 4.It is very easy to compute products of cycles. Suppose that
= (1352)
= (256):
We can think ofas
17!3
37!5
57!2
27!1
andas
27!5
57!6
67!2
Hence,= (1356). If= (1634), then= (1652)(34).
Two cycles inSX,= (a1; a2; : : : ; ak) and= (b1; b2; : : : ; bl), aredis-
jointifai6=bjfor alliandj.

76 CHAPTER 4 PERMUTATION GROUPS
Example 5.The cycles (135) and (27) are disjoint; however, the cycles
(135) and (347) are not. Calculating their products, we nd that
(135)(27) = (135)(27)
(135)(347) = (13475):
The product of two cycles that are not disjoint may reduce to something
less complicated; the product of disjoint cycles cannot be simplied.
Proposition 4.2Letandbe two disjoint cycles inSX. Then=.
Proof.Let= (a1; a2; : : : ; ak) and= (b1; b2; : : : ; bl). We must show
that(x) =(x) for allx2X. Ifxis neitherfa1; a2; : : : ; akgnor
fb1; b2; : : : ; blg, then bothandxx. That is,(x) =xand(x) =x.
Hence,
(x) =((x)) =(x) =x=(x) =((x)) =(x):
Do not forget that we are multiplying permutations right to left, which is
the opposite of the order in which we usually multiply group elements.Now
suppose thatx2 fa1; a2; : : : ; akg. Then(ai) =a
(imodk)+1; that is,
a17!a2
a27!a3
.
.
.
ak17!ak
ak7!a1:
However,(ai) =aisinceandare disjoint. Therefore,
(ai) =((ai)) =(ai) =a
(imodk)+1=(a
(imodk)+1) =((ai)) =(ai):
Similarly, ifx2 fb1; b2; : : : ; blg, thenandalso commute.
Theorem 4.3Every permutation inSncan be written as the product of
disjoint cycles.
Proof.We can assume thatX=f1;2; : : : ; ng. Let2Sn, and deneX1
to bef(1);
2
(1); : : :g. The setX1is nite sinceXis nite. Now letibe
the rst integer inXthat is not inX1and deneX2byf(i);
2
(i); : : :g.
Again,X2is a nite set. Continuing in this manner, we can dene nite

4.1 DEFINITIONS AND NOTATION 77
disjoint setsX3; X4; : : :. SinceXis a nite set, we are guaranteed that this
process will end and there will be only a nite number of these sets, sayr.
Ifiis the cycle dened by
i(x) =

(x)x2Xi
x x =2Xi;
then=12 r. Since the setsX1; X2; : : : ; Xrare disjoint, the cycles
1; 2; : : : ; rmust also be disjoint.
Example 6.Let
=

1 2 3 4 5 6
6 4 3 1 5 2

=

1 2 3 4 5 6
3 2 1 5 6 4

:
Using cycle notation, we can write
= (1624)
= (13)(456)
= (136)(245)
= (143)(256):

Remark.From this point forward we will nd it convenient to use cycle
notation to represent permutations. When using cycle notation, we often
denote the identity permutation by (1).
Transpositions
The simplest permutation is a cycle of length 2. Such cycles are called
transpositions. Since
(a1; a2; : : : ; an) = (a1an)(a1an1) (a1a3)(a1a2);
any cycle can be written as the product of transpositions, leading to the
following proposition.
Proposition 4.4Any permutation of a nite set containing at least two
elements can be written as the product of transpositions.

78 CHAPTER 4 PERMUTATION GROUPS
Example 7.Consider the permutation
(16)(253) = (16)(23)(25) = (16)(45)(23)(45)(25):
As we can see, there is no unique way to represent permutation as the prod-
uct of transpositions. For instance, we can write the identity permutation as
(12)(12), as (13)(24)(13)(24), and in many other ways. However, as it turns
out, no permutation can be written as the product of both an even number
of transpositions and an odd number of transpositions. For instance, we
could represent the permutation (16) by
(23)(16)(23)
or by
(35)(16)(13)(16)(13)(35)(56);
but (16) will always be the product of an odd number of transpositions.
Lemma 4.5If the identity is written as the product ofrtranspositions,
id=12 r;
thenris an even number.
Proof.We will employ induction onr. A transposition cannot be the
identity; hence,r >1. Ifr= 2, then we are done. Suppose thatr >2. In
this case the product of the last two transpositions,r1r, must be one of
the following cases:
(ab)(ab) =id
(bc)(ab) = (ab)(ac)
(cd)(ab) = (ab)(cd)
(bc)(ac) = (ab)(bc):
The rst equation simply says that a transposition is its own inverse. If
this case occurs, deleter1rfrom the product to obtain
id=12 r3r2:
By inductionr2 is even; hence,rmust be even.
In each of the other three cases, we can replacer1rwith the right-hand
side of the corresponding equation to obtain a new product ofrtranspo-
sitions for the identity. In this new product the last occurrence ofawill

4.1 DEFINITIONS AND NOTATION 79
be in the next-to-the-last transposition. We can continue this process with
r2r1to obtain either a product ofr2 transpositions or a new product
ofrtranspositions where the last occurrence ofais inr2. If the identity is
the product ofr2 transpositions, then again we are done, by our induction
hypothesis; otherwise, we will repeat the procedure withr3r2.
At some point either we will have two adjacent, identical transpositions
canceling each other out orawill be shued so that it will appear only in
the rst transposition. However, the latter case cannot occur, because the
identity would not xain this instance. Therefore, the identity permutation
must be the product ofr2 transpositions and, again by our induction
hypothesis, we are done.
Theorem 4.6If a permutationcan be expressed as the product of an even
number of transpositions, then any other product of transpositions equaling
must also contain an even number of transpositions. Similarly, ifcan
be expressed as the product of an odd number of transpositions, then any
other product of transpositions equalingmust also contain an odd number
of transpositions.
Proof.Suppose that
=12 m=12 n;
wheremis even. We must show thatnis also an even number. The inverse
of
1
ism 1. Since
id=m 1=1 nm 1;
nmust be even by Lemma 4.5. The proof for the case in whichcan be
expressed as an odd number of transpositions is left as an exercise.
In light of Theorem 4.6, we dene a permutation to beevenif it can be
expressed as an even number of transpositions andoddif it can be expressed
as an odd number of transpositions.
The Alternating Groups
One of the most important subgroups ofSnis the set of all even permuta-
tions,An. The groupAnis called thealternating group onnletters.
Theorem 4.7The setAnis a subgroup ofSn.

80 CHAPTER 4 PERMUTATION GROUPS
Proof.Since the product of two even permutations must also be an even
permutation,Anis closed. The identity is an even permutation and therefore
is inAn. Ifis an even permutation, then
=12 r;
whereiis a transposition andris even. Since the inverse of any transpo-
sition is itself,

1
=rr1 1
is also inAn.
Proposition 4.8The number of even permutations inSn,n2, is equal
to the number of odd permutations; hence, the order ofAnisn!=2.
Proof.LetAnbe the set of even permutations inSnandBnbe the set
of odd permutations. If we can show that there is a bijection between these
sets, they must contain the same number of elements. Fix a transposition
inSn. Sincen2, such aexists. Dene
:An!Bn
by
() =:
Suppose that() =(). Then=and so
=
1
=
1
=:
Therefore,is one-to-one. We will leave the proof thatis surjective to
the reader.
Example 8.The groupA4is the subgroup ofS4consisting of even permu-
tations. There are twelve elements inA4:
(1) (12)(34) (13)(24) (14)(23)
(123) (132) (124) (142)
(134) (143) (234) (243) :
One of the end-of-chapter exercises will be to write down all the subgroups
ofA4. You will nd that there is no subgroup of order 6. Does this surprise
you?
Historical Note

4.2 THE DIHEDRAL GROUPS 81
Lagrange rst thought of permutations as functions from a set to itself, but it was
Cauchy who developed the basic theorems and notation for permutations. He was
the rst to use cycle notation. Augustin-Louis Cauchy (1789{1857) was born in
Paris at the height of the French Revolution. His family soon left Paris for the
village of Arcueil to escape the Reign of Terror. One of the family's neighbors there
was Pierre-Simon Laplace (1749{1827), who encouraged him to seek a career in
mathematics. Cauchy began his career as a mathematician by solving a problem
in geometry given to him by Lagrange. Over 800 papers were written by Cauchy
on such diverse topics as dierential equations, nite groups, applied mathematics,
and complex analysis. He was one of the mathematicians responsible for making
calculus rigorous. Perhaps more theorems and concepts in mathematics have the
name Cauchy attached to them than that of any other mathematician.n-1
n
1
2
3
4
Figure 4.1.A regularn-gon
4.2 The Dihedral Groups
Another special type of permutation group is the dihedral group. Recall the
symmetry group of an equilateral triangle in Chapter 2. Such groups consist
of the rigid motions of a regularn-sided polygon orn-gon. Forn= 3;4; : : :,
we dene thenth dihedral groupto be the group of rigid motions of a
regularn-gon. We will denote this group byDn. We can number the vertices
of a regularn-gon by 1;2; : : : ; n(Figure 4.1). Notice that there are exactly
nchoices to replace the rst vertex. If we replace the rst vertex byk, then
the second vertex must be replaced either by vertexk+1 or by vertexk1;
hence, there are 2npossible rigid motions of then-gon. We summarize these

82 CHAPTER 4 PERMUTATION GROUPS
results in the following theorem.
Theorem 4.9The dihedral group,Dn, is a subgroup ofSnof order2n.1
2
3
4
5
6
7
8
1
8
7
6
5
4
3
2
1
2
3
4
5
6
7
8
8
1
2
3
4
5
6
7
rotation
reflection
Figure 4.2.Rotations and reections of a regularn-gon3
1
6
5
4
2
5
1
2
3
4
6
1
2
34
5
1
5
43
2 Figure 4.3.Types of reections of a regularn-gon
Theorem 4.10The groupDn,n3, consists of all products of the two
elementsrands, satisfying the relations
r
n
=id
s
2
=id
srs=r
1
:
Proof.The possible motions of a regularn-gon are either reections or
rotations (Figure 4.2). There are exactlynpossible rotations:
id;
360

n
;2
360

n
; : : : ;(n1)
360

n
:

4.2 THE DIHEDRAL GROUPS 83
We will denote the rotation 360

=nbyr. The rotationrgenerates all of the
other rotations. That is,
r
k
=k
360

n
:
Label thenreectionss1; s2; : : : ; sn, whereskis the reection that leaves
vertexkxed. There are two cases of reection, depending on whethern
is even or odd. If there are an even number of vertices, then 2 vertices are
left xed by a reection. If there are an odd number of vertices, then only
a single vertex is left xed by a reection (Figure 4.3). Hence, ifn= 2m
for some integerm, thensi=si+mfor 1i < m. The order ofskis two.
Lets=s1. Thens
2
=idandr
n
=id. Since any rigid motiontof the
n-gon replaces the rst vertex by the vertexk, the second vertex must be
replaced by eitherk+ 1 or byk1. If it is replaced byk+ 1, thent=r
k
.
If it is replaced byk1, thent=r
k
s. Hence,randsgenerateDn; that
is,Dnconsists of all nite products ofrands. We will leave the proof that
srs=r
1
as an exercise. 1 2
34
Figure 4.4.The groupD4
Example 9.The group of rigid motions of a square,D4, consists of eight
elements. With the vertices numbered 1, 2, 3, 4 (Figure 4.4), the rotations
are
r= (1234)
r
2
= (13)(24)
r
3
= (1432)
r
4
=id

84 CHAPTER 4 PERMUTATION GROUPS
and the reections are
s1= (24)
s2= (13):
The order ofD4is 8. The remaining two elements are
rs1= (12)(34)
r
3
s1= (14)(23):
1 2
3
4
4
2 1
3
Figure 4.5.The motion group of a cube
The Motion Group of a Cube
We can investigate the groups of rigid motions of geometric objects other
than a regularn-sided polygon to obtain interesting examples of permutation
groups. Let us consider the group of rigid motions of a cube. One of the
rst questions that we can ask about this group is \what is its order?"
A cube has 6 sides. If a particular side is facing upward, then there are
four possible rotations of the cube that will preserve the upward-facing side.
Hence, the order of the group is 64 = 24. We have just proved the following
proposition.
Proposition 4.11The group of rigid motions of a cube contains24ele-
ments.
Theorem 4.12The group of rigid motions of a cube isS4.

EXERCISES 851 2
3
4
4
2 1
3
2 1
3
4
4
1 2
3
Figure 4.6.Transpositions in the motion group of a cube
Proof.From Proposition 4.11, we already know that the motion group of
the cube has 24 elements, the same number of elements as there are inS4.
There are exactly four diagonals in the cube. If we label these diagonals 1,
2, 3, and 4, we must show that the motion group of the cube will give us
any permutation of the diagonals (Figure 4.5). If we can obtain all of these
permutations, thenS4and the group of rigid motions of the cube must be
the same. To obtain a transposition we can rotate the cube 180

about the
axis joining the midpoints of opposite edges (Figure 4.6). There are six such
axes, giving all transpositions inS4. Since every element inS4is the product
of a nite number of transpositions, the motion group of a cube must beS4.

Exercises
1.Write the following permutations in cycle notation.
(a)

1 2 3 4 5
2 4 1 5 3

(c)

1 2 3 4 5
3 5 1 4 2

(b)

1 2 3 4 5
4 2 5 1 3

(d)

1 2 3 4 5
1 4 3 2 5

2.Compute each of the following.

86 CHAPTER 4 PERMUTATION GROUPS
(a)(1345)(234)
(c)(143)(23)(24)
(e)(1254)(13)(25)
(g)(1254)
1
(123)(45)(1254)
(i)(123)(45)(1254)
2
(k)j(1254)j
(m)(12)
1
(o)[(12)(34)(12)(47)]
1
(b)(12)(1253)
(d)(1423)(34)(56)(1324)
(f)(1254)(13)(25)
2
(h)(1254)
2
(123)(45)
(j)(1254)
100
(l)j(1254)
2
j
(n)(12537)
1
(p)[(1235)(467)]
1
3.Express the following permutations as products of transpositions and identify
them as even or odd.
(a)(14356)
(c)(1426)(142)
(e)(17254)(1423)(154632)
(b)(156)(234)
(d)(142637)
4.Find (a1; a2; : : : ; an)
1
.
5.List all of the subgroups ofS4. Find each of the following sets.
(a)f2S4:(1) = 3g
(b)f2S4:(2) = 2g
(c)f2S4:(1) = 3 and(2) = 2g
Are any of these sets subgroups ofS4?
6.Find all of the subgroups inA4. What is the order of each subgroup?
7.Find all possible orders of elements inS7andA7.
8.Show thatA10contains an element of order 15.
9.DoesA8contain an element of order 26?
10.Find an element of largest order inSnforn= 3; : : : ;10.
11.What are the possible cycle structures of elements ofA5? What aboutA6?
12.Let2Snhave ordern. Show that for all integersiandj,
i
=
j
if and
only ifij(modn).
13.Let=1 m2Snbe the product of disjoint cycles. Prove that the order
ofis the least common multiple of the lengths of the cycles1; : : : ; m.
14.Using cycle notation, list the elements inD5. What arerands? Write every
element as a product ofrands.

EXERCISES 87
15.If the diagonals of a cube are labeled as Figure 4.5, to which motion of
the cube does the permutation (12)(34) correspond? What about the other
permutations of the diagonals?
16.Find the group of rigid motions of a tetrahedron. Show that this is the same
group asA4.
17.Prove thatSnis nonabelian forn3.
18.Show thatAnis nonabelian forn4.
19.Prove thatDnis nonabelian forn3.
20.Let2Sn. Prove thatcan be written as the product of at mostn1
transpositions.
21.Let2Sn. Ifis not a cycle, prove thatcan be written as the product
of at mostn2 transpositions.
22.Ifcan be expressed as an odd number of transpositions, show that any
other product of transpositions equalingmust also be odd.
23.Ifis a cycle of odd length, prove that
2
is also a cycle.
24.Show that a 3-cycle is an even permutation.
25.Prove that inAnwithn3, any permutation is a product of cycles of
length 3.
26.Prove that any element inSncan be written as a nite product of the fol-
lowing permutations.
(a)(12);(13); : : : ;(1n)
(b)(12);(23); : : : ;(n1; n)
(c)(12);(12: : : n)
27.LetGbe a group and dene a mapg:G!Gbyg(a) =ga. Prove that
gis a permutation ofG.
28.Prove that there existn! permutations of a set containingnelements.
29.Recall that thecenterof a groupGis
Z(G) =fg2G:gx=xgfor allx2Gg:
Find the center ofD8. What about the center ofD10? What is the center of
Dn?
30.Let= (a1; a2; : : : ; ak) be a cycle of lengthk.
(a)Prove that ifis any permutation, then

1
= ((a1); (a2); : : : ; (ak))
is a cycle of lengthk.

88 CHAPTER 4 PERMUTATION GROUPS
(b)Letbe a cycle of lengthk. Prove that there is a permutationsuch
that
1
=.
31.ForandinSn, deneif there exists an2Snsuch that
1
=
. Show thatis an equivalence relation onSn.
32.Let2SX. If
n
(x) =y, we will say thatxy.
(a)Show thatis an equivalence relation onX.
(b)If2Anand2Sn, show that
1
2An.
(c)Dene theorbitofx2Xunder2SXto be the set
Ox;=fy:xyg:
Compute the orbits of; ; where
= (1254)
= (123)(45)
= (13)(25):
(d)IfOx;\ Oy;6=;, prove thatOx;=Oy;. The orbits under a permu-
tationare the equivalence classes corresponding to the equivalence
relation.
(e)A subgroupHofSXistransitiveif for everyx; y2X, there exists
a2Hsuch that(x) =y. Prove thathiis transitive if and only if
Ox;=Xfor somex2X.
33.Let2Snforn3. If=for all2Sn, prove thatmust be the
identity permutation; hence, the center ofSnis the trivial subgroup.
34.Ifis even, prove that
1
is also even. Does a corresponding result hold if
is odd?
35.Show that
1

1
is even for; 2Sn.
36.Letrandsbe the elements inDndescribed in Theorem 4.10.
(a)Show thatsrs=r
1
.
(b)Show thatr
k
s=sr
k
inDn.
(c)Prove that the order ofr
k
2Dnisn=gcd(k; n).

5
Cosets and Lagrange's
Theorem
Lagrange's Theorem, one of the most important results in nite group the-
ory, states that the order of a subgroup must divide the order of the group.
This theorem provides a powerful tool for analyzing nite groups; it gives
us an idea of exactly what type of subgroups we might expect a nite group
to possess. Central to understanding Lagranges's Theorem is the notion of
a coset.
5.1 Cosets
LetGbe a group andHa subgroup ofG. Dene aleft cosetofHwith
representativeg2Gto be the set
gH=fgh:h2Hg:
Right cosetscan be dened similarly by
Hg=fhg:h2Hg:
If left and right cosets coincide or if it is clear from the context to which type
of coset that we are referring, we will use the wordcosetwithout specifying
left or right.
Example 1.LetHbe the subgroup ofZ6consisting of the elements 0 and
3. The cosets are
0 +H= 3 +H=f0;3g
1 +H= 4 +H=f1;4g
2 +H= 5 +H=f2;5g:
89

90 CHAPTER 5 COSETS AND LAGRANGE'S THEOREM
We will always write the cosets of subgroups ofZandZnwith the additive
notation we have used for cosets here. In a commutative group, left and
right cosets are always identical.
Example 2.LetHbe the subgroup ofS3dened by the permutations
f(1);(123);(132)g. The left cosets ofHare
(1)H= (123)H= (132)H=f(1);(123);(132)g
(12)H= (13)H= (23)H=f(12);(13);(23)g:
The right cosets ofHare exactly the same as the left cosets:
H(1) =H(123) =H(132) =f(1);(123);(132)g
H(12) =H(13) =H(23) =f(12);(13);(23)g:
It is not always the case that a left coset is the same as a right coset.
LetKbe the subgroup ofS3dened by the permutationsf(1);(12)g. Then
the left cosets ofKare
(1)K= (12)K=f(1);(12)g
(13)K= (123)K=f(13);(123)g
(23)K= (132)K=f(23);(132)g;
however, the right cosets ofKare
K(1) =K(12) =f(1);(12)g
K(13) =K(132) =f(13);(132)g
K(23) =K(123) =f(23);(123)g:

The following lemma is quite useful when dealing with cosets. (We leave
its proof as an exercise.)
Lemma 5.1LetHbe a subgroup of a groupGand suppose thatg1; g22G.
The following conditions are equivalent.
1.g1H=g2H;
2.Hg
1
1
=Hg
1
2
;
3.g1Hg2H;

5.1 COSETS 91
4.g22g1H;
5.g
1
1
g22H.
In all of our examples the cosets of a subgroupHpartition the larger
groupG. The following theorem proclaims that this will always be the case.
Theorem 5.2LetHbe a subgroup of a groupG. Then the left cosets of
HinGpartitionG. That is, the groupGis the disjoint union of the left
cosets ofHinG.
Proof.Letg1Handg2Hbe two cosets ofHinG. We must show that
eitherg1H\g2H=;org1H=g2H. Suppose thatg1H\g2H6=;and
a2g1H\g2H. Then by the denition of a left coset,a=g1h1=g2h2
for some elementsh1andh2inH. Hence,g1=g2h2h
1
1
org12g2H. By
Lemma 5.1,g1H=g2H.
Remark.There is nothing special in this theorem about left cosets. Right
cosets also partitionG; the proof of this fact is exactly the same as the proof
for left cosets except that all group multiplications are done on the opposite
side ofH.
LetGbe a group andHbe a subgroup ofG. Dene theindexofH
inGto be the number of left cosets ofHinG. We will denote the index
by [G:H].
Example 3.LetG=Z6andH=f0;3g. Then [G:H] = 3.
Example 4.Suppose thatG=S3,H=f(1);(123);(132)g, andK=
f(1);(12)g. Then [G:H] = 2 and [G:K] = 3.
Theorem 5.3LetHbe a subgroup of a groupG. The number of left cosets
ofHinGis the same as the number of right cosets ofHinG.
Proof.LetLHandRHdenote the set of left and right cosets ofHin
G, respectively. If we can dene a bijective map:LH! RH, then the
theorem will be proved. IfgH2 LH, let(gH) =Hg
1
. By Lemma 5.1,
the mapis well-dened; that is, ifg1H=g2H, thenHg
1
1
=Hg
1
2
. To
show thatis one-to-one, suppose that
Hg
1
1
=(g1H) =(g2H) =Hg
1
2
:
Again by Lemma 5.1,g1H=g2H. The mapis onto since(g
1
H) =Hg.

92 CHAPTER 5 COSETS AND LAGRANGE'S THEOREM
5.2 Lagrange's Theorem
Proposition 5.4LetHbe a subgroup ofGwithg2Gand dene a map
:H!gHby(h) =gh. The mapis bijective; hence, the number of
elements inHis the same as the number of elements ingH.
Proof.We rst show that the mapis one-to-one. Suppose that(h1) =
(h2) for elementsh1; h22H. We must show thath1=h2, but(h1) =gh1
and(h2) =gh2. Sogh1=gh2, and by left cancellationh1=h2. To show
thatis onto is easy. By denition every element ofgHis of the formgh
for someh2Hand(h) =gh.
Theorem 5.5 (Lagrange)LetGbe a nite group and letHbe a subgroup
ofG. ThenjGj=jHj= [G:H]is the number of distinct left cosets ofHin
G. In particular, the number of elements inHmust divide the number of
elements inG.
Proof.The groupGis partitioned into [G:H] distinct left cosets. Each
left coset hasjHjelements; therefore,jGj= [G:H]jHj.
Corollary 5.6Suppose thatGis a nite group andg2G. Then the order
ofgmust divide the number of elements inG.
Corollary 5.7LetjGj=pwithpa prime number. ThenGis cyclic and
anyg2Gsuch thatg6=eis a generator.
Proof.Letgbe inGsuch thatg6=e. Then by Corollary 5.6, the order of
gmust divide the order of the group. Sincejhgij>1, it must bep. Hence,
ggeneratesG.
Corollary 5.7 suggests that groups of prime orderpmust somehow look
likeZp.
Corollary 5.8LetHandKbe subgroups of a nite groupGsuch that
GHK. Then
[G:K] = [G:H][H:K]:
Proof.Observe that
[G:K] =
jGj
jKj
=
jGj
jHj

jHj
jKj
= [G:H][H:K]:

5.2 LAGRANGE'S THEOREM 93
The converse of Lagrange's Theorem is false. The groupA4has order
12; however, it can be shown that it does not possess a subgroup of order
6. According to Lagrange's Theorem, subgroups of a group of order 12 can
have orders of either 1, 2, 3, 4, or 6. However, we are not guaranteed that
subgroups of every possible order exist. To prove thatA4has no subgroup
of order 6, we will assume that it does have a subgroupHsuch thatjHj= 6
and show that a contradiction must occur. The groupA4contains eight
3-cycles; hence,Hmust contain a 3-cycle. We will show that ifHcontains
one 3-cycle, then it must contain every 3-cycle, contradicting the assumption
thatHhas only 6 elements.
Theorem 5.9Two cyclesandinSnhave the same length if and only
if there exists a2Snsuch that=
1
.
Proof.Suppose that
= (a1; a2; : : : ; ak)
= (b1; b2; : : : ; bk):
Deneto be the permutation
(a1) =b1
(a2) =b2
.
.
.
(ak) =bk:
Then=
1
.
Conversely, suppose that= (a1; a2; : : : ; ak) is ak-cycle and2Sn. If
(ai) =band(a
(imodk)+1) =b
0
, then(b) =b
0
. Hence,
= ((a1); (a2); : : : ; (ak)):
Sinceis one-to-one and onto,is a cycle of the same length as.
Corollary 5.10The groupA4has no subgroup of order 6.
Proof.Since [A4:H] = 2, there are only two cosets ofHinA4. Inasmuch
as one of the cosets isHitself, right and left cosets must coincide; therefore,
gH=HgorgHg
1
=Hfor everyg2A4. By Theorem 5.9, ifHcontains
one 3-cycle, then it must contain every 3-cycle, contradicting the order ofH.

94 CHAPTER 5 COSETS AND LAGRANGE'S THEOREM
5.3 Fermat's and Euler's Theorems
TheEuler-functionis the map:N!Ndened by(n) = 1 forn= 1,
and, forn >1,(n) is the number of positive integersmwith 1m < n
and gcd(m; n) = 1.
From Proposition 2.1, we know that the order ofU(n), the group of units
inZn, is(n). For example,jU(12)j=(12) = 4 since the numbers that
are relatively prime to 12 are 1, 5, 7, and 11. For any primep,(p) =p1.
We state these results in the following theorem.
Theorem 5.11LetU(n)be the group of units inZn. ThenjU(n)j=(n).
The following theorem is an important result in number theory, due to
Leonhard Euler.
Theorem 5.12 (Euler's Theorem) Letaandnbe integers such thatn >
0andgcd(a; n) = 1. Thena
(n)
1 (modn).
Proof.By Theorem 5.11 the order ofU(n) is(n). Consequently,a
(n)
= 1
for alla2U(n); ora
(n)
1 is divisible byn. Therefore,a
(n)
1 (modn).

If we consider the special case of Euler's Theorem in whichn=pis
prime and recall that(p) =p1, we obtain the following result, due to
Pierre de Fermat.
Theorem 5.13 (Fermat's Little Theorem) Letpbe any prime number
and suppose thatp6 ja. Then
a
p1
1 (modp):
Furthermore, for any integerb,b
p
b(modp).
Historical Note
Joseph-Louis Lagrange (1736{1813), born in Turin, Italy, was of French and Italian
descent. His talent for mathematics became apparent at an early age. Leonhard
Euler recognized Lagrange's abilities when Lagrange, who was only 19, communi-
cated to Euler some work that he had done in the calculus of variations. That year
he was also named a professor at the Royal Artillery School in Turin. At the age
of 23 he joined the Berlin Academy. Frederick the Great had written to Lagrange

EXERCISES 95
proclaiming that the \greatest king in Europe" should have the \greatest mathe-
matician in Europe" at his court. For 20 years Lagrange held the position vacated
by his mentor, Euler. His works include contributions to number theory, group
theory, physics and mechanics, the calculus of variations, the theory of equations,
and dierential equations. Along with Laplace and Lavoisier, Lagrange was one of
the people responsible for designing the metric system. During his life Lagrange
profoundly inuenced the development of mathematics, leaving much to the next
generation of mathematicians in the form of examples and new problems to be
solved.
Exercises
1. Suppose thatGis a nite group with an elementgof order 5 and an element
hof order 7. Why mustjGj 35?
2. Suppose thatGis a nite group with 60 elements. What are the orders of
possible subgroups ofG?
3. Prove or disprove: Every subgroup of the integers has nite index.
4. Prove or disprove: Every subgroup of the integers has nite order.
5. List the left and right cosets of the subgroups in each of the following.
(a)h8iinZ24
(b)h3iinU(8)
(c) 3ZinZ
(d)A4inS4
(e)AninSn
(f)D4inS4
(g)TinC

(h)H=f(1);(123);(132)ginS4
6. Describe the left cosets ofSL2(R) inGL2(R). What is the index ofSL2(R)
inGL2(R)?
7. Verify Euler's Theorem forn= 15 anda= 4.
8. Use Fermat's Little Theorem to show that ifp= 4n+ 3 is prime, there is no
solution to the equationx
2
1 (modp).
9. Show that the integers have innite index in the additive group of rational
numbers.
10. Show that the additive group of real numbers has innite index in the additive
group of the complex numbers.
11. LetHbe a subgroup of a groupGand suppose thatg1; g22G. Prove that
the following conditions are equivalent.
(a)g1H=g2H

96 CHAPTER 5 COSETS AND LAGRANGE'S THEOREM
(b)Hg
1
1
=Hg
1
2
(c)g1Hg2H
(d)g22g1H
(e)g
1
1
g22H
12. Ifghg
1
2Hfor allg2Gandh2H, show that right cosets are identical
to left cosets.
13. What fails in the proof of Theorem 5.3 if:LH! RHis dened by
(gH) =Hg?
14. Suppose thatg
n
=e. Show that the order ofgdividesn.
15. Modify the proof of Theorem 5.9 to show that any two permutations; 2
Snhave the same cycle structure if and only if there exists a permutation
such that=
1
. If=
1
for some2Sn, thenandare
conjugate.
16. IfjGj= 2n, prove that the number of elements of order 2 is odd. Use this
result to show thatGmust contain a subgroup of order 2.
17. Suppose that [G:H] = 2. Ifaandbare not inH, show thatab2H.
18. If [G:H] = 2, prove thatgH=Hg.
19. LetHandKbe subgroups of a groupG. Prove thatgH\gKis a coset of
H\KinG.
20. LetHandKbe subgroups of a groupG. Dene a relationonGbyab
if there exists anh2Hand ak2Ksuch thathak=b. Show that this
relation is an equivalence relation. The corresponding equivalence classes are
calleddouble cosets. Compute the double cosets ofH=f(1);(123);(132)g
inA4.
21. IfGis a group of orderp
n
wherepis prime, show thatGmust have a proper
subgroup of orderp. Ifn3, is it true thatGwill have a proper subgroup
of orderp
2
?
22. LetGbe a cyclic group of ordern. Show that there are exactly(n) gener-
ators forG.
23. Letn=p
e1
1
p
e2
2
p
ek
k
be the factorization ofninto distinct primes. Prove
that
(n) =n

1
1
p1

1
1
p2

1
1
pk

:
24. Show that
n=
X
djn
(d)
for all positive integersn.

6
Introduction to
Cryptography
Cryptography is the study of sending and receiving secret messages. The aim
of cryptography is to send messages across a channel so only the intended
recipient of the message can read it. In addition, when a message is received,
the recipient usually requires some assurance that the message is authentic;
that is, that it has not been sent by someone who is trying to deceive the
recipient. Modern cryptography is heavily dependent on abstract algebra
and number theory.
The message to be sent is called theplaintextmessage. The disguised
message is called theciphertext. The plaintext and the ciphertext are both
written in analphabet, consisting oflettersorcharacters. Characters can
include not only the familiar alphabetic characters A,: : :, Z and a,: : :, z but
also digits, punctuation marks, and blanks. Acryptosystem, orcipher,
has two parts:encryption, the process of transforming a plaintext message
to a ciphertext message, anddecryption, the reverse transformation of
changing a ciphertext message into a plaintext message.
There are many dierent families of cryptosystems, each distinguished
by a particular encryption algorithm. Cryptosystems in a specied cryp-
tographic family are distinguished from one another by a parameter to the
encryption function called akey. A classical cryptosystem has a single key,
which must be kept secret, known only to the sender and the receiver of
the message. If personAwishes to send secret messages to two dierent
peopleBandC, and does not wish to haveBunderstandC's messages or
vice versa,Amust use two separate keys, so one cryptosystem is used for
exchanging messages withB, and another is used for exchanging messages
withC.
97

98 CHAPTER 6 INTRODUCTION TO CRYPTOGRAPHY
Systems that use two separate keys, one for encoding and another for
decoding, are calledpublic key cryptosystems. Since knowledge of the
encoding key does not allow anyone to guess at the decoding key, the en-
coding key can be made public. A public key cryptosystem allowsAandB
to send messages toCusing the same encoding key. Anyone is capable of
encoding a message to be sent toC, but onlyCknows how to decode such
a message.
6.1 Private Key Cryptography
Insingleorprivate key cryptosystemsthe same key is used for both
encrypting and decrypting messages. To encrypt a plaintext message, we
apply to the message some function which is kept secret, sayf. This function
will yield an encrypted message. Given the encrypted form of the message,
we can recover the original message by applying the inverse transformation
f
1
. The transformationfmust be relatively easy to compute, as must
f
1
; however,fmust be extremely dicult to guess at if only examples of
coded messages are available.
Example 1.One of the rst and most famous private key cryptosystems
was the shift code used by Julius Caesar. We rst digitize the alphabet by
letting A = 00;B = 01; : : : ;Z = 25. The encoding function will be
f(p) =p+ 3 mod 26;
that is,A7!D; B7!E; : : : ; Z7!C. The decoding function is then
f
1
(p) =p3 mod 26 =p+ 23 mod 26:
Suppose we receive the encoded message DOJHEUD. To decode this mes-
sage, we rst digitize it:
3;14;9;7;4;20;3:
Next we apply the inverse transformation to get
0;11;6;4;1;17;0;
or ALGEBRA. Notice here that there is nothing special about either of the
numbers 3 or 26. We could have used a larger alphabet or a dierent shift.

Cryptanalysisis concerned with deciphering a received or intercepted
message. Methods from probability and statistics are great aids in deci-
phering an intercepted message; for example, the frequency analysis of the

6.1 PRIVATE KEY CRYPTOGRAPHY 99
characters appearing in the intercepted message often makes its decryption
possible.
Example 2.Suppose we receive a message that we know was encrypted by
using a shift transformation on single letters of the 26-letter alphabet. To
nd out exactly what the shift transformation was, we must computebin
the equationf(p) =p+bmod 26. We can do this using frequency analysis.
The letter E = 04 is the most commonly occurring letter in the English
language. Suppose that S = 18 is the most commonly occurring letter in
the ciphertext. Then we have good reason to suspect that 18 = 4+bmod 26,
orb= 14. Therefore, the most likely encrypting function is
f(p) =p+ 14 mod 26:
The corresponding decrypting function is
f
1
(p) =p+ 12 mod 26:
It is now easy to determine whether or not our guess is correct.
Simple shift codes are examples ofmonoalphabetic cryptosystems.
In these ciphers a character in the enciphered message represents exactly
one character in the original message. Such cryptosystems are not very
sophisticated and are quite easy to break. In fact, in a simple shift as
described in Example 1, there are only 26 possible keys. It would be quite
easy to try them all rather than to use frequency analysis.
Let us investigate a slightly more sophisticated cryptosystem. Suppose
that the encoding function is given by
f(p) =ap+bmod 26:
We rst need to nd out when a decoding functionf
1
exists. Such a
decoding function exists when we can solve the equation
c=ap+bmod 26
forp. By Proposition 2.1, this is possible exactly whenahas an inverse or,
equivalently, when gcd(a;26) = 1. In this case
f
1
(p) =a
1
pa
1
bmod 26:
Such a cryptosystem is called anane cryptosystem.
Example 3.Let us consider the ane cryptosystemf(p) =ap+bmod 26.
For this cryptosystem to work we must choose ana2Z26that is invertible.

100 CHAPTER 6 INTRODUCTION TO CRYPTOGRAPHY
This is only possible if gcd(a;26) = 1. Recognizing this fact, we will let
a= 5 since gcd(5;26) = 1. It is easy to see thata
1
= 21. Therefore,
we can take our encryption function to bef(p) = 5p+ 3 mod 26. Thus,
ALGEBRA is encoded as 3;6;7;23;8;10;3, or DGHXIKD. The decryption
function will be
f
1
(p) = 21p213 mod 26 = 21p+ 15 mod 26:

A cryptosystem would be more secure if a ciphertext letter could rep-
resent more than one plaintext letter. To give an example of this type of
cryptosystem, called apolyalphabetic cryptosystem, we will generalize
ane codes by using matrices. The idea works roughly the same as before;
however, instead of encrypting one letter at a time we will encrypt pairs of
letters. We can store a pair of lettersp1andp2in a vector
p=

p1
p2

:
LetAbe a 22 invertible matrix with entries inZ26. We can dene an
encoding function by
f(p) =Ap+b;
wherebis a xed column vector and matrix operations are performed in
Z26. The decoding function must be
f
1
(p) =A
1
pA
1
b:
Example 4.Suppose that we wish to encode the word HELP. The corre-
sponding digit string is 7;4;11;15. If
A=

3 5
1 2

;
then
A
1
=

2 21
25 3

:
Ifb= (2;2)
t
, then our message is encrypted as RRCR. The encrypted letter
R represents more than one plaintext letter.
Frequency analysis can still be performed on a polyalphabetic cryptosys-
tem, because we have a good understanding of how pairs of letters appear
in the English language. The pairthappears quite often; the pairqznever
appears. To avoid decryption by a third party, we must use a larger matrix
than the one we used in Example 4.

6.2 PUBLIC KEY CRYPTOGRAPHY 101
6.2 Public Key Cryptography
If traditional cryptosystems are used, anyone who knows enough to encode
a message will also know enough to decode an intercepted message. In 1976,
W. Die and M. Hellman proposed public key cryptography, which is based
on the observation that the encryption and decryption procedures need not
have the same key. This removes the requirement that the encoding key be
kept secret. The encoding functionfmust be relatively easy to compute,
butf
1
must be extremely dicult to compute without some additional
information, so that someone who knows only the encrypting key cannot
nd the decrypting key without prohibitive computation. It is interesting
to note that to date, no system has been proposed that has been proven to
be \one-way;" that is, for any existing public key cryptosystem, it has never
been shown to be computationally prohibitive to decode messages with only
knowledge of the encoding key.
The RSA Cryptosystem
The RSA cryptosystem introduced by R. Rivest, A. Shamir, and L. Adleman
in 1978, is based on the diculty of factoring large numbers. Though it is not
a dicult task to nd two large random primes and multiply them together,
factoring a 150-digit number that is the product of two large primes would
take 100 million computers operating at 10 million instructions per second
about 50 million years under the fastest algorithms currently known.
The RSA cryptosystem works as follows. Suppose that we choose two
random 150-digit prime numberspandq. Next, we compute the prod-
uctn=pqand also compute(n) =m= (p1)(q1), whereis
the Euler-function. Now we start choosing random integersEuntil we
nd one that is relatively prime tom; that is, we chooseEsuch that
gcd(E; m) = 1. Using the Euclidean algorithm, we can nd a numberD
such thatDE1 (modm). The numbersnandEare now made public.
Suppose now that person B (Bob) wishes to send person A (Alice) a
message over a public line. SinceEandnare known to everyone, anyone can
encode messages. Bob rst digitizes the message according to some scheme,
say A = 00;B = 02; : : : ;Z = 25. If necessary, he will break the message into
pieces such that each piece is a positive integer less thann. Supposexis
one of the pieces. Bob forms the numbery=x
E
modnand sendsyto
Alice. For Alice to recoverx, she need only computex=y
D
modn. Only
Alice knowsD.

102 CHAPTER 6 INTRODUCTION TO CRYPTOGRAPHY
Example 5.Before exploring the theory behind the RSA cryptosystem
or attempting to use large integers, we will use some small integers just to
see that the system does indeed work. Suppose that we wish to send some
message, which when digitized is 23. Letp= 23 andq= 29. Then
n=pq= 667
and
(n) =m= (p1)(q1) = 616:
We can letE= 487, since gcd(616;487) = 1. The encoded message is
computed to be
23
487
mod 667 = 368:
This computation can be reasonably done by using the method of repeated
squares as described in Chapter 3. Using the Euclidean algorithm, we de-
termine that 191E= 1 + 151m; therefore, the decrypting key is (n; D) =
(667;191). We can recover the original message by calculating
368
191
mod 667 = 23:

Now let us examine why the RSA cryptosystem works. We know that
DE1 (modm); hence, there exists aksuch that
DE=km+ 1 =k(n) + 1:
By Theorem 5.12,
y
D
= (x
E
)
D
=x
DE
=x
km+1
= (x
(n)
)
k
x=xmodn:
We can now ask how one would go about breaking the RSA cryptosys-
tem. To ndDgivennandE, we simply need to factornand solve forD
by using the Euclidean algorithm. If we had known that 667 = 2329 in
Example 5, we could have recoveredD.
Message Verication
There is a problem of message verication in public key cryptosystems.
Since the encoding key is public knowledge, anyone has the ability to send
an encoded message. If Alice receives a message from Bob, she would like
to be able to verify that it was Bob who actually sent the message. Sup-
pose that Bob's encrypting key is (n
0
; E
0
) and his decrypting key is (n
0
; D
0
).

6.2 PUBLIC KEY CRYPTOGRAPHY 103
Also, suppose that Alice's encrypting key is (n; E) and her decrypting key
is (n; D). Since encryption keys are public information, they can exchange
coded messages at their convenience. Bob wishes to assure Alice that the
message he is sending is authentic. Before Bob sends the messagexto Alice,
he decryptsxwith his own key:
x
0
=x
D
0
modn
0
:
Anyone can changex
0
back toxjust by encryption, but only Bob has the
ability to formx
0
. Now Bob encryptsx
0
with Alice's encryption key to form
y
0
=x
0E
modn;
a message that only Alice can decode. Alice decodes the message and then
encodes the result with Bob's key to read the original message, a message
that could have only been sent by Bob.
Historical Note
Encrypting secret messages goes as far back as ancient Greece and Rome. As we
know, Julius Caesar used a simple shift code to send and receive messages. However,
the formal study of encoding and decoding messages probably began with the Arabs
in the 1400s. In the fteenth and sixteenth centuries mathematicians such as Alberti
and Viete discovered that monoalphabetic cryptosystems oered no real security.
In the 1800s, F. W. Kasiski established methods for breaking ciphers in which
a ciphertext letter can represent more than one plaintext letter, if the same key
was used several times. This discovery led to the use of cryptosystems with keys
that were used only a single time. Cryptography was placed on rm mathematical
foundations by such people as W. Friedman and L. Hill in the early part of the
twentieth century.
During World War II mathematicians were very active in cryptography. Eorts
to penetrate the cryptosystems of the Axis nations were organized in England and in
the United States by such notable mathematicians as Alan Turing and A. A. Albert.
The period after World War I saw the development of special-purpose machines for
encrypting and decrypting messages. The Allies gained a tremendous advantage in
World War II by breaking the ciphers produced by the German Enigma machine
and the Japanese Purple ciphers.
By the 1970s, interest in commercial cryptography had begun to take hold.
There was a growing need to protect banking transactions, computer data, and
electronic mail. In the early 1970s, IBM developed and implemented LUZIFER,
the forerunner of the National Bureau of Standards' Data Encryption Standard
(DES).
The concept of a public key cryptosystem, due to Die and Hellman, is very
recent (1976). It was further developed by Rivest, Shamir, and Adleman with the

104 CHAPTER 6 INTRODUCTION TO CRYPTOGRAPHY
RSA cryptosystem (1978). It is not known how secure any of these systems are.
The trapdoor knapsack cryptosystem, developed by Merkle and Hellman, has been
broken. It is still an open question whether or not the RSA system can be broken.
At the time of the writing of this book, the largest number factored is 135 digits
long, and at the present moment a code is considered secure if the key is about
400 digits long and is the product of two 200-digit primes. There has been a great
deal of controversy about research in cryptography in recent times: the National
Security Agency would like to keep information about cryptography secret, whereas
the academic community has fought for the right to publish basic research.
Modern cryptography has come a long way since 1929, when Henry Stimson,
Secretary of State under Herbert Hoover, dismissed the Black Chamber (the State
Department's cryptography division) in 1929 on the ethical grounds that \gentle-
men do not read each other's mail."
Exercises
1.Encode IXLOVEXMATH using the cryptosystem in Example 1.
2.Decode ZLOOA WKLVA EHARQ WKHA ILQDO, which was encoded using
the cryptosystem in Example 1.
3.Assuming that monoalphabetic code was used to encode the following secret
message, what was the original message?
NBQFRSMXZF YAWJUFHWFF ESKGQCFWDQ AFNBQFTILO FCWP
4.What is the total number of possible monoalphabetic cryptosystems? How
secure are such cryptosystems?
5.Prove that a 22 matrixAwith entries inZ26is invertible if and only if
gcd(det(A);26) = 1.
6.Given the matrix
A=

3 4
2 3

;
use the encryption functionf(p) =Ap+bto encode the message CRYP-
TOLOGY, whereb= (2;5)
t
. What is the decoding function?
7.Encrypt each of the following RSA messagesxso thatxis divided into blocks
of integers of length 2; that is, ifx= 142528, encode 14, 25, and 28 separately.
(a)n= 3551; E= 629; x= 31
(c)n= 120979; E= 13251;
x= 142371
(b)n= 2257; E= 47; x= 23
(d)n= 45629; E= 781;
x= 231561
8.Compute the decoding keyDfor each of the encoding keys in Exercise 7.

EXERCISES 105
9.Decrypt each of the following RSA messagesy.
(a)n= 3551; D= 1997; y= 2791
(c)n= 120979; D= 27331;
y= 112135
(b)n= 5893; D= 81; y= 34
(d)n= 79403; D= 671;
y= 129381
10.For each of the following encryption keys (n; E) in the RSA cryptosystem,
computeD.
(a)(n; E) = (451;231)
(c)(n; E) = (37986733;12371)
(b)(n; E) = (3053;1921)
(d)(n; E) =
(16394854313;34578451)
11.Encrypted messages are often divided into blocks ofnletters. A message such
as THE WORLD WONDERS WHY might be encrypted as JIW OCFRJ
LPOEVYQ IOC but sent as JIW OCF RJL POE VYQ IOC. What are the
advantages of using blocks ofnletters?
12.Find integersn,E, andXsuch that
X
E
X(modn):
Is this a potential problem in the RSA cryptosystem?
13.Every person in the class should construct an RSA cryptosystem using primes
that are 10 to 15 digits long. Hand in (n; E) and an encoded message. Keep
Dsecret. See if you can break one another's codes.
Additional Exercises: Primality and Factoring
In the RSA cryptosystem it is important to be able to nd large prime numbers
easily. Also, this cryptosystem is not secure if we can factor a composite number
that is the product of two large primes. The solutions to both of these problems
are quite easy. To nd out if a numbernis prime or to factorn, we can use trial
division. We simply dividenbyd= 2;3; : : : ;
p
n. Either a factorization will be
obtained, ornis prime if noddividesn. The problem is that such a computation
is prohibitively time-consuming ifnis very large.
1.A better algorithm for factoring odd positive integers isFermat's factor-
ization algorithm.
(a)Letn=abbe an odd composite number. Prove thatncan be written
as the dierence of two perfect squares:
n=x
2
y
2
= (xy)(x+y):
Consequently, a positive odd integer can be factored exactly when we
can nd integersxandysuch thatn=x
2
y
2
.

106 CHAPTER 6 INTRODUCTION TO CRYPTOGRAPHY
(b)Write a program to implement the following factorization algorithm
based on the observation in part (a).
x d
p
ne
y 1
1: whilex
2
y
2
> ndo
y y+ 1
ifx
2
y
2
< nthen
x x+ 1
y 1
goto 1
else ifx
2
y
2
= 0then
a xy
b x+y
writen=ab
The expressiond
p
nemeans the smallest integer greater than or equal
to the square root ofn. Write another program to do factorization using
trial division and compare the speed of the two algorithms. Which
algorithm is faster and why?
2. Primality Testing.Recall Fermat's Little Theorem from Chapter 5. Letp
be prime with gcd(a; p) = 1. Thena
p1
1 (modp). We can use Fermat's
Little Theorem as a screening test for primes. For example, 15 cannot be
prime since
2
151
2
14
4 (mod 15):
However, 17 is a potential prime since
2
171
2
16
1 (mod 17):
We say that an odd composite numbernis apseudoprimeif
2
n1
1 (modn):
Which of the following numbers are primes and which are pseudoprimes?
(a)342
(c)601
(e)771
(b)811
(d)561
(f)631
3.Letnbe an odd composite number andbbe a positive integer such that
gcd(b; n) = 1. Ifb
n1
1 (modn), thennis apseudoprime baseb.
Show that 341 is a pseudoprime base 2 but not a pseudoprime base 3.

EXERCISES 107
4.Write a program to determine all primes less than 2000 using trial division.
Write a second program that will determine all numbers less than 2000 that
are either primes or pseudoprimes. Compare the speed of the two programs.
How many pseudoprimes are there below 2000?
There exist composite numbers that are pseudoprimes for all bases to which
they are relatively prime. These numbers are calledCarmichael num-
bers. The rst Carmichael number is 561 = 31117. In 1992, Al-
ford, Granville, and Pomerance proved that there are an innite number of
Carmichael numbers [4]. However, Carmichael numbers are very rare. There
are only 2163 Carmichael numbers less than 2510
9
. For more sophisticated
primality tests, see [1], [6], or [7].
References and Suggested Readings
[1]Bressoud, D. M.Factorization and Primality Testing. Springer-Verlag, New
York, 1989.
[2]Die, W. and Hellman, M. E. \New Directions in Cryptography,"IEEE
Trans. Inform. Theory22(1976), 644{54.
[3]Gardner, M. \A New Kind of Cipher that Would Take a Million Years to
BREAK,"Scientic American237(1977), 120{24.
[4]Granville, A. \Primality Testing and Carmichael Numbers,"Notices of the
American Mathematical Society39(1992), 696{700.
[5]Hellman, M. E. \The Mathematics of Public Key Cryptography,"Scientic
American241(1979), 130{39.
[6]Koblitz, N.A Course in Number Theory and Cryptography. Springer-Verlag,
New York, 1987.
[7]Pomerance, C., ed.Cryptology and Computational Number Theory. Proceed-
ings of Symposia in Applied Mathematics, vol. 42. American Mathematical
Society, Providence, RI, 1990.
[8]Rivest, R. L., Shamir, A., and Adleman, L., \A Method for Obtaining Sig-
natures and Public-key Cryptosystems,"Comm. ACM21(1978), 120{26.

7
Algebraic Coding TheoryCoding theory is an application of algebra that has become increasingly
important over the last several decades. When we transmit data, we are
concerned about sending a message over a channel that could be aected
by oise." We wish to be able to encode and decode the information in a
manner that will allow the detection, and possibly the correction, of errors
caused by noise. This situation arises in many areas of communications,
including radio, telephone, television, computer communications, and even
compact disc player technology. Probability, combinatorics, group theory,
linear algebra, and polynomial rings over nite elds all play important roles
in coding theory.
7.1 Error-Detecting and Correcting Codes
Let us examine a simple model of a communications system for transmitting
and receiving coded messages (Figure 7.1). Uncoded messages may be com-
posed of letters or characters, but typically they consist of binarym-tuples.
These messages are encoded into codewords, consisting of binaryn-tuples,
by a device called anencoder. The message is transmitted and then de-
coded. We will consider the occurrence of errors during transmission. An
erroroccurs if there is a change in one or more bits in the codeword. A
decoding schemeis a method that either converts an arbitrarily received
n-tuple into a meaningful decoded message or gives an error message for
thatn-tuple. If the received message is a codeword (one of the specialn-
tuples allowed to be transmitted), then the decoded message must be the
unique message that was encoded into the codeword. For received noncode-
words, the decoding scheme will give an error indication, or, if we are more
clever, will actually try to correct the error and reconstruct the original mes-
108

7.1 ERROR-DETECTING AND CORRECTING CODES 109
m-digit received message or error
n-digit received word
Noise
n-digit codeword
m-digit message
DecoderReceiverTransmitterEncoder
?????
Figure 7.1.Encoding and decoding messages
sage. Our goal is to transmit error-free messages as cheaply and quickly as
possible.
Example 1.One possible coding scheme would be to send a message several
times and to compare the received copies with one another. Suppose that
the message to be encoded is a binaryn-tuple (x1; x2; : : : ; xn). The message
is encoded into a binary 3n-tuple by simply repeating the message three
times:
(x1; x2; : : : ; xn)7!(x1; x2; : : : ; xn; x1; x2; : : : ; xn; x1; x2; : : : ; xn):
To decode the message, we choose as theith digit the one that appears in the
ith place in at least two of the three transmissions. For example, if the origi-
nal message is (0110), then the transmitted message will be (0110 0110 0110).
If there is a transmission error in the fth digit, then the received codeword
will be (0110 1110 0110), which will be correctly decoded as (0110).
1
This
1
We will adopt the convention that bits are numbered left to right in binaryn-tuples.

110 CHAPTER 7 ALGEBRAIC CODING THEORY
triple-repetition method will automatically detect and correct all single er-
rors, but it is slow and inecient: to send a message consisting ofnbits,
2nextra bits are required, and we can only detect and correct single errors.
We will see that it is possible to nd an encoding scheme that will encode a
message ofnbits intombits withmmuch smaller than 3n.
Example 2.Even parity, a commonly used coding scheme, is much more
ecient than the simple repetition scheme. The ASCII (American Standard
Code for Information Interchange) coding system uses binary 8-tuples, yield-
ing 2
8
= 256 possible 8-tuples. However, only seven bits are needed since
there are only 2
7
= 128 ASCII characters. What can or should be done with
the extra bit? Using the full eight bits, we can detect single transmission
errors. For example, the ASCII codes for A, B, and C are
A = 6510= 010000012;
B = 6610= 010000102;
C = 6710= 010000112:
Notice that the leftmost bit is always set to 0; that is, the 128 ASCII char-
acters have codes
000000002= 010;
.
.
.
011111112= 12710:
The bit can be used for error checking on the other seven bits. It is set to
either 0 or 1 so that the total number of 1 bits in the representation of a
character is even. Using even parity, the codes for A, B, and C now become
A = 010000012;
B = 010000102;
C = 110000112:
Suppose an A is sent and a transmission error in the sixth bit is caused by
noise over the communication channel so that (01000101) is received. We
know an error has occurred since the received word has an odd number of
1's, and we can now request that the codeword be transmitted again. When
used for error checking, the leftmost bit is called aparity check bit.
By far the most common error-detecting codes used in computers are
based on the addition of a parity bit. Typically, a computer stores informa-
tion inm-tuples calledwords. Common word lengths are 8, 16, and 32 bits.

7.1 ERROR-DETECTING AND CORRECTING CODES 111
One bit in the word is set aside as the parity check bit, and is not used to
store information. This bit is set to either 0 or 1, depending on the number
of 1's in the word.
Adding a parity check bit allows the detection of all single errors because
changing a single bit either increases or decreases the number of 1's by one,
and in either case the parity has been changed from even to odd, so the new
word is not a codeword. (We could also construct an error detection scheme
based onodd parity; that is, we could set the parity check bit so that a
codeword always has an odd number of 1's.)
The even parity system is easy to implement, but has two drawbacks.
First, multiple errors are not detectable. Suppose an A is sent and the rst
and seventh bits are changed from 0 to 1. The received word is a codeword,
but will be decoded into a C instead of an A. Second, we do not have the
ability to correct errors. If the 8-tuple (10011000) is received, we know that
an error has occurred, but we have no idea which bit has been changed. We
will now investigate a coding scheme that will not only allow us to detect
transmission errors but will actually correct the errors.
Table 7.1.A repetition code
Received Word000 001 010 011 100 101 110 111Transmitted 0000 1 1 2 1 2 2 3Codeword 1113 2 2 1 2 1 1 0
Example 3.Suppose that our original message is either a 0 or a 1, and
that 0 encodes to (000) and 1 encodes to (111). If only a single error occurs
during transmission, we can detect and correct the error. For example, if a
101 is received, then the second bit must have been changed from a 1 to a
0. The originally transmitted codeword must have been (111). This method
will detect and correct all single errors.
In Table 7.1, we present all possible words that might be received for the
transmitted codewords (000) and (111). Table 7.1 also shows the number of
bits by which each received 3-tuple diers from each original codeword.

112 CHAPTER 7 ALGEBRAIC CODING THEORY
Maximum-Likelihood Decoding
2
The coding scheme presented in Example 3 is not a complete solution to the
problem because it does not account for the possibility of multiple errors.
For example, either a (000) or a (111) could be sent and a (001) received.
We have no means of deciding from the received word whether there was a
single error in the third bit or two errors, one in the rst bit and one in the
second. No matter what coding scheme is used, an incorrect message could
be received: we could transmit a (000), have errors in all three bits, and
receive the codeword (111). It is important to make explicit assumptions
about the likelihood and distribution of transmission errors so that, in a
particular application, it will be known whether a given error detection
scheme is appropriate. We will assume that transmission errors are rare,
and, that when they do occur, they occur independently in each bit; that
is, ifpis the probability of an error in one bit andqis the probability of
an error in a dierent bit, then the probability of errors occurring in both
of these bits at the same time ispq. We will also assume that a received
n-tuple is decoded into a codeword that is closest to it; that is, we assume
that the receiver usesmaximum-likelihood decoding.
--

*H
H
H
H
H
H
HHj
0
1
0
1
p
p
q
q
Figure 7.2.Binary symmetric channel
Abinary symmetric channelis a model that consists of a transmitter
capable of sending a binary signal, either a 0 or a 1, together with a receiver.
Letpbe the probability that the signal is correctly received. Thenq=
1pis the probability of an incorrect reception. If a 1 is sent, then the
probability that a 1 is received ispand the probability that a 0 is received is
q(Figure 7.2). The probability that no errors occur during the transmission
of a binary codeword of lengthnisp
n
. For example, ifp= 0:999 and a
message consisting of 10,000 bits is sent, then the probability of a perfect
transmission is
(0:999)
10;000
0:00005:
2
This section requires a knowledge of probability, but can be skipped without loss of
continuity.

7.1 ERROR-DETECTING AND CORRECTING CODES 113
Theorem 7.1If a binaryn-tuple(x1; : : : ; xn)is transmitted across a binary
symmetric channel with probabilitypthat no error will occur in each coor-
dinate, then the probability that there are errors in exactlykcoordinates is

n
k

q
k
p
nk
:
Proof.Fixkdierent coordinates. We rst compute the probability that
an error has occurred in this xed set of coordinates. The probability of an
error occurring in a particular one of thesekcoordinates isq; the probability
that an error will not occur in any of the remainingnkcoordinates isp.
The probability of each of thesenindependent events isq
k
p
nk
. The number
of possible error patterns with exactlykerrors occurring is equal to

n
k

=
n!
k!(nk)!
;
the number of combinations ofnthings takenkat a time. Each of these
error patterns has probabilityq
k
p
nk
of occurring; hence, the probability of
all of these error patterns is

n
k

q
k
p
nk
:

Example 4.Suppose thatp= 0:995 and a 500-bit message is sent. The
probability that the message was sent error-free is
p
n
= (0:995)
500
0:082:
The probability of exactly one error occurring is

n
1

qp
n1
= 500(0:005)(0:995)
499
0:204:
The probability of exactly two errors is

n
2

q
2
p
n2
=
500499
2
(0:005)
2
(0:995)
498
0:257:
The probability of more than two errors is approximately
10:0820:2040:257 = 0:457:

114 CHAPTER 7 ALGEBRAIC CODING THEORY
Block Codes
If we are to develop ecient error-detecting and error-correcting codes, we
will need more sophisticated mathematical tools. Group theory will allow
faster methods of encoding and decoding messages. A code is an (n; m)-
block codeif the information that is to be coded can be divided into blocks
ofmbinary digits, each of which can be encoded intonbinary digits. More
specically, an (n; m)-block code consists of anencoding function
E:Z
m
2!Z
n
2
and adecoding function
D:Z
n
2!Z
m
2:
Acodewordis any element in the image ofE. We also require thatEbe
one-to-one so that two information blocks will not be encoded into the same
codeword. If our code is to be error-correcting, thenDmust be onto.
Example 5.The even-parity coding system developed to detect single
errors in ASCII characters is an (8;7)-block code. The encoding function is
E(x7; x6; : : : ; x1) = (x8; x7; : : : ; x1);
wherex8=x7+x6+ +x1with addition inZ2.
Letx= (x1; : : : ; xn) andy= (y1; : : : ; yn) be binaryn-tuples. The
Hamming distanceordistance,d(x;y), betweenxandyis the number
of bits in whichxandydier. The distance between two codewords is the
minimum number of transmission errors required to change one codeword
into the other. Theminimum distancefor a code,dmin, is the minimum
of all distancesd(x;y), wherexandyare distinct codewords. Theweight,
w(x), of a binary codewordxis the number of 1's inx. Clearly,w(x) =
d(x;0), where0= (00 0).
Example 6.Letx= (10101),y= (11010), andz= (00011) be all of the
codewords in some codeC. Then we have the following Hamming distances:
d(x;y) = 4;
d(x;z) = 3;
d(y;z) = 3:

7.1 ERROR-DETECTING AND CORRECTING CODES 115
The minimum distance for this code is 3. We also have the following weights:
w(x) = 3;
w(y) = 3;
w(z) = 2:

The following proposition lists some basic properties about the weight
of a codeword and the distance between two codewords. The proof is left as
an exercise.
Proposition 7.2Letx,y, andzbe binaryn-tuples. Then
1.w(x) =d(x;0);
2.d(x;y)0;
3.d(x;y) = 0exactly whenx=y;
4.d(x;y) =d(y;x);
5.d(x;y)d(x;z) +d(z;y).
The weights in a particular code are usually much easier to compute
than the Hamming distances between all codewords in the code. If a code
is set up carefully, we can use this fact to our advantage.
Suppose thatx= (1101) andy= (1100) are codewords in some code. If
we transmit (1101) and an error occurs in the rightmost bit, then (1100) will
be received. Since (1100) is a codeword, the decoder will decode (1100) as
the transmitted message. This code is clearly not very appropriate for error
detection. The problem is thatd(x;y) = 1. Ifx= (1100) andy= (1010)
are codewords, thend(x;y) = 2. Ifxis transmitted and a single error
occurs, thenycan never be received. Table 7.2 gives the distances between
all 4-bit codewords in which the rst three bits carry information and the
fourth is an even parity check bit. We can see that the minimum distance
here is 2; hence, the code is suitable as a single error-correcting code.
To determine exactly what the error-detecting and error-correcting ca-
pabilities for a code are, we need to analyze the minimum distance for the
code. Letxandybe codewords. Ifd(x;y) = 1 and an error occurs where
xandydier, thenxis changed toy. The received codeword isyand no
error message is given. Now supposed(x;y) = 2. Then a single error cannot

116 CHAPTER 7 ALGEBRAIC CODING THEORY
Table 7.2.Distances between 4-bit codewords
0000 0011 0101 0110 1001 1010 1100 111100000 2 2 2 2 2 2 400112 0 2 2 2 2 4 201012 2 0 2 2 4 2 201102 2 2 0 4 2 2 210012 2 2 4 0 2 2 210102 2 4 2 2 0 2 211002 4 2 2 2 2 0 211114 2 2 2 2 2 2 0
changextoy. Therefore, ifdmin= 2, we have the ability to detect single
errors. However, suppose thatd(x;y) = 2,yis sent, and a noncodewordz
is received such that
d(x;z) =d(y;z) = 1:
Then the decoder cannot decide betweenxandy. Even though we are
aware that an error has occurred, we do not know what the error is.
Supposedmin3. Then the maximum-likelihood decoding scheme cor-
rects all single errors. Starting with a codewordx, an error in the transmis-
sion of a single bit givesywithd(x;y) = 1, butd(z;y)2 for any other
codewordz6=x. If we do not require the correction of errors, then we can
detect multiple errors when a code has a minimum distance that is greater
than 3.
Theorem 7.3LetCbe a code withdmin= 2n+ 1. ThenCcan correct
anynor fewer errors. Furthermore, any2nor fewer errors can be detected
inC.
Proof.Suppose that a codewordxis sent and the wordyis received with
at mostnerrors. Thend(x;y)n. Ifzis any codeword other thanx, then
2n+ 1d(x;z)d(x;y) +d(y;z)n+d(y;z):
Hence,d(y;z)n+ 1 andywill be correctly decoded asx. Now suppose
thatxis transmitted andyis received and that at least one error has
occurred, but not more than 2nerrors. Then 1d(x;y)2n. Since the
minimum distance between codewords is 2n+ 1,ycannot be a codeword.
Consequently, the code can detect between 1 and 2nerrors.

7.2 LINEAR CODES 117
Example 7.In Table 7.3, the codewordsc1= (00000),c2= (00111),
c3= (11100), andc4= (11011) determine a single error-correcting code.

Table 7.3.Hamming distances for an error-correcting code
00000 00111 11100 11011000000 3 3 4001113 0 4 3111003 4 0 3110114 3 3 0
Historical Note
Modern coding theory began in 1948 with C. Shannon's paper, \A Mathematical
Theory of Information" [7]. This paper oered an example of an algebraic code, and
Shannon's Theorem proclaimed exactly how good codes could be expected to be.
Richard Hamming began working with linear codes at Bell Labs in the late 1940s
and early 1950s after becoming frustrated because the programs that he was running
could not recover from simple errors generated by noise. Coding theory has grown
tremendously in the past several years.The Theory of Error-Correcting Codes,
by MacWilliams and Sloane [5], published in 1977, already contained over 1500
references. Linear codes (Reed-Muller (32;6)-block codes) were used on NASA's
Mariner space probes. More recent space probes such as Voyager have used what
are called convolution codes. Currently, very active research is being done with
Goppa codes, which are heavily dependent on algebraic geometry.
7.2 Linear Codes
To gain more knowledge of a particular code and develop more ecient tech-
niques of encoding, decoding, and error detection, we need to add additional
structure to our codes. One way to accomplish this is to require that the
code also be a group. Agroup codeis a code that is also a subgroup of
Z
n
2
.
To check that a code is a group code, we need only verify one thing. If
we add any two elements in the code, the result must be ann-tuple that is
again in the code. It is not necessary to check that the inverse of then-tuple
is in the code, since every codeword is its own inverse, nor is it necessary to

118 CHAPTER 7 ALGEBRAIC CODING THEORY
check that0is a codeword. For instance,
(11000101) + (11000101) = (00000000):
Example 8.Suppose that we have a code that consists of the following
7-tuples:
(0000000) (0001111) (0010101) (0011010)
(0100110) (0101001) (0110011) (0111100)
(1000011) (1001100) (1010110) (1011001)
(1100101) (1101010) (1110000) (1111111):
It is a straightforward though tedious task to verify that this code is also
a subgroup ofZ
7
2
and, therefore, a group code. This code is a single error-
detecting and single error-correcting code, but it is a long and tedious process
to compute all of the distances between pairs of codewords to determine that
dmin= 3. It is much easier to see that the minimum weight of all the nonzero
codewords is 3. As we will soon see, this is no coincidence. However, the
relationship between weights and distances in a particular code is heavily
dependent on the fact that the code is a group.
Lemma 7.4Letxandybe binaryn-tuples. Thenw(x+y) =d(x;y).
Proof.Suppose thatxandyare binaryn-tuples. Then the distance
betweenxandyis exactly the number of places in whichxandydier.
Butxandydier in a particular coordinate exactly when the sum in the
coordinate is 1, since
1 + 1 = 0
0 + 0 = 0
1 + 0 = 1
0 + 1 = 1:
Consequently, the weight of the sum must be the distance between the two
codewords.
Theorem 7.5Letdminbe the minimum distance for a group codeC. Then
dminis the minimum of all the nonzero weights of the nonzero codewords in
C. That is,
dmin= minfw(x) :x6=0g:

7.2 LINEAR CODES 119
Proof.Observe that
dmin= minfd(x;y) :x6=yg
= minfd(x;y) :x+y6=0g
= minfw(x+y) :x+y6=0g
= minfw(z) :z6=0g:

Linear Codes
From Example 8, it is now easy to check that the minimum nonzero weight
is 3; hence, the code does indeed detect and correct all single errors. We
have now reduced the problem of nding \good" codes to that of generating
group codes. One easy way to generate group codes is to employ a bit of
matrix theory.
Dene theinner productof two binaryn-tuples to be
xy=x1y1+ +xnyn;
wherex= (x1; x2; : : : ; xn)
t
andy= (y1; y2; : : : ; yn)
t
are column vectors.
3
For example, ifx= (011001)
t
andy= (110101)
t
, thenxy= 0. We can
also look at an inner product as the product of a row matrix with a column
matrix; that is,
xy=x
t
y
=

x1x2 xn

0
B
B
B
@
y1
y2
.
.
.
yn
1
C
C
C
A
=x1y1+x2y2+ +xnyn:
Example 9.Suppose that the words to be encoded consist of all binary
3-tuples and that our encoding scheme is even-parity. To encode an arbitrary
3-tuple, we add a fourth bit to obtain an even number of 1's. Notice that
an arbitraryn-tuplex= (x1; x2; : : : ; xn)
t
has an even number of 1's exactly
3
Since we will be working with matrices, we will write binaryn-tuples as column vectors
for the remainder of this chapter.

120 CHAPTER 7 ALGEBRAIC CODING THEORY
whenx1+x2+ +xn= 0; hence, a 4-tuplex= (x1; x2; x3; x4)
t
has an
even number of 1's ifx1+x2+x3+x4= 0, or
x1=x
t
1=

x1x2x3x4

0
B
B
@
1
1
1
1
1
C
C
A
= 0:
This example leads us to hope that there is a connection between matrices
and coding theory.
LetMmn(Z2) denote the set of allmnmatrices with entries inZ2. We
do matrix operations as usual except that all our addition and multiplication
operations occur inZ2. Dene thenull spaceof a matrixH2Mmn(Z2)
to be the set of all binaryn-tuplesxsuch thatHx=0. We denote the null
space of a matrixHby Null(H).
Example 10.Suppose that
H=
0
@
0 1 0 1 0
1 1 1 1 0
0 0 1 1 1
1
A:
For a 5-tuplex= (x1; x2; x3; x4; x5)
t
to be in the null space ofH,Hx=0.
Equivalently, the following system of equations must be satised:
x2+x4= 0
x1+x2+x3+x4= 0
x3+x4+x5= 0:
The set of binary 5-tuples satisfying these equations is
(00000) (11110) (10101) (01011):
This code is easily determined to be a group code.
Theorem 7.6LetHbe inMmn(Z2). Then the null space ofHis a
group code.
Proof.Since each element ofZ
n
2
is its own inverse, the only thing that
really needs to be checked here is closure. Letx;y2Null(H) for some
matrixHinMmn(Z2). ThenHx=0andHy=0. So
H(x+y) =H(x+y) =Hx+Hy=0+0=0:

7.3 PARITY-CHECK AND GENERATOR MATRICES 121
Hence,x+yis in the null space ofHand therefore must be a codeword.

A code is alinear codeif it is determined by the null space of some
matrixH2Mmn(Z2).
Example 11.LetCbe the code given by the matrix
H=
0
@
0 0 0 1 1 1
0 1 1 0 1 1
1 0 1 0 0 1
1
A:
Suppose that the 7-tuplex= (010011)
t
is received. It is a simple matter of
matrix multiplication to determine whether or notxis a codeword. Since
Hx=
0
@
0
1
1
1
A;
the received word is not a codeword. We must either attempt to correct the
word or request that it be transmitted again.
7.3 Parity-Check and Generator Matrices
We need to nd a systematic way of generating linear codes as well as
fast methods of decoding. By examining the properties of a matrixHand
by carefully choosingH, it is possible to develop very ecient methods of
encoding and decoding messages. To this end, we will introduce standard
generator and canonical parity-check matrices.
Suppose thatHis anmnmatrix with entries inZ2andn > m.
If the lastmcolumns of the matrix form themmidentity matrix,Im,
then the matrix is acanonical parity-check matrix. More specically,
H= (AjIm), whereAis them(nm) matrix
0
B
B
B
@
a11a12 a1;nm
a21a22 a2;nm
.
.
.
.
.
.
.
.
.
.
.
.
am1am2 am;nm
1
C
C
C
A

122 CHAPTER 7 ALGEBRAIC CODING THEORY
andImis themmidentity matrix
0
B
B
B
@
1 0 0
0 1 0
.
.
.
.
.
.
.
.
.
.
.
.
0 0 1
1
C
C
C
A
:
With each canonical parity-check matrix we can associate ann(nm)
standard generator matrix
G=

Inm
A

:
Our goal will be to show thatGx=yif and only ifHy=0. Given a
message blockxto be encoded,Gwill allow us to quickly encode it into a
linear codewordy.
Example 12.Suppose that we have the following eight words to be en-
coded:
(000);(001);(010); : : : ;(111):
For
A=
0
@
0 1 1
1 1 0
1 0 1
1
A;
the associated standard generator and canonical parity-check matrices are
G=
0
B
B
B
B
B
B
@
1 0 0
0 1 0
0 0 1
0 1 1
1 1 0
1 0 1
1
C
C
C
C
C
C
A
and
H=
0
@
0 1 1 1 0 0
1 1 0 0 1 0
1 0 1 0 0 1
1
A;
respectively.
Observe that the rows inHrepresent the parity checks on certain bit
positions in a 6-tuple. The 1's in the identity matrix serve as parity checks

7.3 PARITY-CHECK AND GENERATOR MATRICES 123
for the 1's in the same row. Ifx= (x1; x2; x3; x4; x5; x6), then
0=Hx=
0
@
x2+x3+x4
x1+x2+x5
x1+x3+x6
1
A;
which yields a system of equations:
x2+x3+x4= 0
x1+x2+x5= 0
x1+x3+x6= 0:
Herex4serves as a check bit forx2andx3;x5is a check bit forx1andx2;
andx6is a check bit forx1andx3. The identity matrix keepsx4,x5, andx6
from having to check on each other. Hence,x1,x2, andx3can be arbitrary
butx4,x5, andx6must be chosen to ensure parity. The null space ofHis
easily computed to be
(000000) (001101) (010110) (011011)
(100011) (101110) (110101) (111000):
An even easier way to compute the null space is with the generator matrix
G(Table 7.4).
Table 7.4.A matrix-generated code
Message WordCodewordxGx000000000001001101010010110011011011100100011101101110110110101111111000
Theorem 7.7LetH2Mmn(Z2)be a canonical parity-check matrix. Then
Null(H)consists of allx2Z
n
2
whose rstnmbits are arbitrary but whose
lastmbits are determined byHx=0. Each of the lastmbits serves as an
even parity check bit for some of the rstnmbits. Hence,Hgives rise
to an(n; nm)-block code.

124 CHAPTER 7 ALGEBRAIC CODING THEORY
We leave the proof of this theorem as an exercise. In light of the theorem,
the rstnmbits inxare calledinformation bitsand the lastmbits are
calledcheck bits. In Example 12, the rst three bits are the information
bits and the last three are the check bits.
Theorem 7.8Suppose thatGis annkstandard generator matrix. Then
C=fy:Gx=yforx2Z
k
2
gis an(n; k)-block code. More specically,Cis
a group code.
Proof.LetGx1=y1andGx2=y2be two codewords. Theny1+y2is
inCsince
G(x1+x2) =Gx1+Gx2=y1+y2:
We must also show that two message blocks cannot be encoded into the
same codeword. That is, we must show that ifGx=Gy, thenx=y.
Suppose thatGx=Gy. Then
GxGy=G(xy) =0:
However, the rstkcoordinates inG(xy) are exactlyx1y1; : : : ; xkyk,
since they are determined by the identity matrix,Ik, part ofG. Hence,
G(xy) =0exactly whenx=y.
Before we can prove the relationship between canonical parity-check ma-
trices and standard generating matrices, we need to prove a lemma.
Lemma 7.9LetH= (AjIm)be anmncanonical parity-check matrix
andG=

Inm
A

be the correspondingn(nm)standard generator matrix.
ThenHG=0.
Proof.LetC=HG. Theijth entry inCis
cij=
n
X
k=1
hikgkj
=
nm
X
k=1
hikgkj+
n
X
k=nm+1
hikgkj
=
nm
X
k=1
aikkj+
n
X
k=nm+1

i(mn);kakj
=aij+aij
= 0;

7.3 PARITY-CHECK AND GENERATOR MATRICES 125
where
ij=

1i=j
0i6=j
is the Kronecker delta.
Theorem 7.10LetH= (AjIm)be anmncanonical parity-check matrix
and letG=

Inm
A

be then(nm)standard generator matrix associated
withH. LetCbe the code generated byG. Thenyis inCif and only if
Hy=0. In particular,Cis a linear code with canonical parity-check matrix
H.
Proof.First suppose thaty2C. ThenGx=yfor somex2Z
m
2
. By
Lemma 7.9,Hy=HGx=0.
Conversely, suppose thaty= (y1; : : : ; yn)
t
is in the null space ofH. We
need to nd anxinZ
nm
2
such thatGx
t
=y. SinceHy=0, the following
set of equations must be satised:
a11y1+a12y2+ +a1;nmynm+ynm+1= 0
a21y1+a22y2+ +a2;nmynm+ynm+1= 0
.
.
.
am1y1+am2y2+ +am;nmynm+ynm+1= 0:
Equivalently,ynm+1; : : : ; ynare determined byy1; : : : ; ynm:
ynm+1=a11y1+a12y2+ +a1;nmynm
ynm+1=a21y1+a22y2+ +a2;nmynm
.
.
.
ynm+1=am1y1+am2y2+ +am;nmynm:
Consequently, we can letxi=yifori= 1; : : : ; nm.
It would be helpful if we could compute the minimum distance of a linear
code directly from its matrixHin order to determine the error-detecting
and error-correcting capabilities of the code. Suppose that
e1= (100 00)
t
e2= (010 00)
t
.
.
.
en= (000 01)
t

126 CHAPTER 7 ALGEBRAIC CODING THEORY
are then-tuples inZ
n
2
of weight 1. For anmnbinary matrixH,Heiis
exactly theith column of the matrixH.
Example 13.Observe that
0
@
1 1 1 0 0
1 0 0 1 0
1 1 0 0 1
1
A
0
B
B
B
B
@
0
1
0
0
0
1
C
C
C
C
A
=
0
@
1
0
1
1
A:

We state this result in the following proposition and leave the proof as
an exercise.
Proposition 7.11Leteibe the binaryn-tuple with a1in theith coordinate
and0's elsewhere and suppose thatH2Mmn(Z2). ThenHeiis theith
column of the matrixH.
Theorem 7.12LetHbe anmnbinary matrix. Then the null space of
His a single error-detecting code if and only if no column ofHconsists
entirely of zeros.
Proof.Suppose that Null(H) is a single error-detecting code. Then the
minimum distance of the code must be at least 2. Since the null space is a
group code, it is sucient to require that the code contain no codewords of
less than weight 2 other than the zero codeword. That is,eimust not be a
codeword fori= 1; : : : ; n. SinceHeiis theith column ofH, the only way
in whicheicould be in the null space ofHwould be if theith column were
all zeros, which is impossible; hence, the code must have the capability to
detect at least single errors.
Conversely, suppose that no column ofHis the zero column. By Propo-
sition 7.11,Hei6=0.
Example 14.If we consider the matrices
H1=
0
@
1 1 1 0 0
1 0 0 1 0
1 1 0 0 1
1
A
and
H2=
0
@
1 1 1 0 0
1 0 0 0 0
1 1 0 0 1
1
A;

7.3 PARITY-CHECK AND GENERATOR MATRICES 127
then the null space ofH1is a single error-detecting code and the null space
ofH2is not.
We can even do better than Theorem 7.12. This theorem gives us con-
ditions on a matrixHthat tell us when the minimum weight of the code
formed by the null space ofHis 2. We can also determine when the mini-
mum distance of a linear code is 3 by examining the corresponding matrix.
Example 15.If we let
H=
0
@
1 1 1 0
1 0 0 1
1 1 0 0
1
A
and want to determine whether or notHis the canonical parity-check matrix
for an error-correcting code, it is necessary to make certain that Null(H)
does not contain any 4-tuples of weight 2. That is, (1100), (1010), (1001),
(0110), (0101), and (0011) must not be in Null(H). The next theorem
states that we can indeed determine that the code generated byHis error-
correcting by examining the columns ofH. Notice in this example that not
only doesHhave no zero columns, but also that no two columns are the
same.
Theorem 7.13LetHbe a binary matrix. The null space ofHis a single
error-correcting code if and only ifHdoes not contain any zero columns and
no two columns ofHare identical.
Proof.Then-tupleei+ejhas 1's in theith andjth entries and 0's
elsewhere, andw(ei+ej) = 2 fori6=j. Since
0=H(ei+ej) =Hei+Hej
can only occur if theith andjth columns are identical, the null space ofH
is a single error-correcting code.
Suppose now that we have a canonical parity-check matrixHwith three
rows. Then we might ask how many more columns we can add to the
matrix and still have a null space that is a single error-detecting and single
error-correcting code. Since each column has three entries, there are 2
3
= 8
possible distinct columns. We cannot add the columns
0
@
0
0
0
1
A;
0
@
1
0
0
1
A;
0
@
0
1
0
1
A;
0
@
0
0
1
1
A:

128 CHAPTER 7 ALGEBRAIC CODING THEORY
So we can add as many as four columns and still maintain a minimum
distance of 3.
In general, ifHis anmncanonical parity-check matrix, then there
arenminformation positions in each codeword. Each column hasm
bits, so there are 2
m
possible distinct columns. It is necessary that the
columns0;e1; : : : ;enbe excluded, leaving 2
m
(1 +n) remaining columns
for information if we are still to maintain the ability not only to detect but
also to correct single errors.
7.4 Ecient Decoding
We are now at the stage where we are able to generate linear codes that
detect and correct errors fairly easily, but it is still a time-consuming process
to decode a receivedn-tuple and determine which is the closest codeword,
because the receivedn-tuple must be compared to each possible codeword
to determine the proper decoding. This can be a serious impediment if the
code is very large.
Example 16.Given the binary matrix
H=
0
@
1 1 1 0 0
0 1 0 1 0
1 0 0 0 1
1
A
and the 5-tuplesx= (11011)
t
andy= (01011)
t
, we can compute
Hx=
0
@
0
0
0
1
A
and
Hy=
0
@
1
0
1
1
A:
Hence,xis a codeword andyis not, sincexis in the null space andyis
not. Notice thatHxis identical to the rst column ofH. In fact, this is
where the error occurred. If we ip the rst bit inyfrom 0 to 1, then we
obtainx.
IfHis anmnmatrix andx2Z
n
2
, then we say that thesyndromeof
xisHx. The following proposition allows the quick detection and correction
of errors.

7.4 EFFICIENT DECODING 129
Proposition 7.14Let themnbinary matrixHdetermine a linear code
and letxbe the receivedn-tuple. Writexasx=c+e, wherecis the
transmitted codeword andeis the transmission error. Then the syndrome
Hxof the received codewordxis also the syndrome of the errore.
Proof.Hx=H(c+e) =Hc+He=0+He=He.
This proposition tells us that the syndrome of a received word depends
solely on the error and not on the transmitted codeword. The proof of the
following theorem follows immediately from Proposition 7.14 and from the
fact thatHeis theith column of the matrixH.
Theorem 7.15LetH2Mmn(Z2)and suppose that the linear code cor-
responding toHis single error-correcting. Letrbe a receivedn-tuple that
was transmitted with at most one error. If the syndrome ofris0, then no
error has occurred; otherwise, if the syndrome ofris equal to some column
ofH, say theith column, then the error has occurred in theith bit.
Example 17.Consider the matrix
H=
0
@
1 0 1 1 0 0
0 1 1 0 1 0
1 1 1 0 0 1
1
A
and suppose that the 6-tuplesx= (111110)
t
,y= (111111)
t
, andz=
(010111)
t
have been received. Then
Hx=
0
@
1
1
1
1
A; Hy=
0
@
1
1
0
1
A; Hz=
0
@
1
0
0
1
A:
Hence,xhas an error in the third bit andzhas an error in the fourth bit. The
transmitted codewords forxandzmust have been (110110) and (010011),
respectively. The syndrome ofydoes not occur in any of the columns of the
matrixH, so multiple errors must have occurred to producey.
Coset Decoding
We can use group theory to obtain another way of decoding messages. A
linear codeCis a subgroup ofZ
n
2
.Cosetorstandard decodinguses the
cosets ofCinZ
n
2
to implement maximum-likelihood decoding. Suppose that
Cis an (n; m)-linear code. A coset ofCinZ
n
2
is written in the formx+C,

130 CHAPTER 7 ALGEBRAIC CODING THEORY
Table 7.5.Cosets ofC
CosetsC(00000) (01101) (10011) (11110)(10000) +C(10000) (11101) (00011) (01110)(01000) +C(01000) (00101) (11011) (10110)(00100) +C(00100) (01001) (10111) (11010)(00010) +C(00010) (01111) (10001) (11100)(00001) +C(00001) (01100) (10010) (11111)(10100) +C(00111) (01010) (10100) (11001)(00110) +C(00110) (01011) (10101) (11000)
wherex2Z
n
2
. By Lagrange's Theorem, there are 2
nm
distinct cosets ofC
inZ
n
2
.
Example 18.LetCbe the (5;3)-linear code given by the parity-check
matrix
H=
0
@
0 1 1 0 0
1 0 0 1 0
1 1 0 0 1
1
A:
The code consists of the codewords
(00000) (01101) (10011) (11110):
There are 2
52
= 2
3
cosets ofCinZ
5
2
, each with order 2
2
= 4. These cosets
are listed in Table 7.5.
Our task is to nd out how knowing the cosets might help us to decode
a message. Suppose thatxwas the original codeword sent and thatris
then-tuple received. Ifeis the transmission error, thenr=e+xor,
equivalently,x=e+r. However, this is exactly the statement thatris an
element in the cosete+C. In maximum-likelihood decoding we expect the
erroreto be as small as possible; that is,ewill have the least weight. An
n-tuple of least weight in a coset is called acoset leader. Once we have
determined a coset leader for each coset, the decoding process becomes a
task of calculatingr+eto obtainx.
Example 19.In Table 7.5, notice that we have chosen a representative
of the least possible weight for each coset. These representatives are coset
leaders. Now suppose thatr= (01111) is the received word. To decoder,
we nd that it is in the coset (00010) +C; hence, the originally transmitted
codeword must have been (01101) = (01111) + (00010).

EXERCISES 131
A potential problem with this method of decoding is that we might have
to examine every coset for the received codeword. The following proposi-
tion gives a method of implementing coset decoding. It states that we can
associate a syndrome with each coset; hence, we can make a table that des-
ignates a coset leader corresponding to each syndrome. Such a list is called
adecoding table.
Proposition 7.16LetCbe an(n; k)-linear code given by the matrixHand
suppose thatxandyare inZ
n
2
. Thenxandyare in the same coset ofC
if and only ifHx=Hy. That is, twon-tuples are in the same coset if and
only if their syndromes are the same.
Proof.Twon-tuplesxandyare in the same coset ofCexactly when
xy2C; however, this is equivalent toH(xy) = 0 orHx=Hy.
Example 20.Table 7.6 is a decoding table for the codeCgiven in Exam-
ple 18. Ifx= (01111) is received, then its syndrome can be computed to
be
Hx=
0
@
0
1
1
1
A:
Examining the decoding table, we determine that the coset leader is (00010).
It is now easy to decode the received codeword.
Given an (n; k)-block code, the question arises of whether or not coset
decoding is a manageable scheme. A decoding table requires a list of cosets
and syndromes, one for each of the 2
nk
cosets ofC. Suppose that we have
a (32;24)-block code. We have a huge number of codewords, 2
24
, yet there
are only 2
3224
= 2
8
= 256 cosets.
Table 7.6.Syndromes for each coset
SyndromeCoset Leader(000)(00000)(001)(00001)(010)(00010)(011)(10000)(100)(00100)(101)(01000)(110)(00110)(111)(10100)

132 CHAPTER 7 ALGEBRAIC CODING THEORY
Exercises
1.Why is the following encoding scheme not acceptable?
Information: 0 1 2 3 4 5 6 7 8Codeword: 000 001 010 011 101 110 111 000 001
2.Without doing any addition, explain why the following set of 4-tuples inZ
4
2
cannot be a group code.
(0110) (1001) (1010) (1100)
3.Compute the Hamming distances between the following pairs ofn-tuples.
(a)(011010);(011100)
(c)(00110);(01111)
(b)(11110101);(01010100)
(d)(1001);(0111)
4.Compute the weights of the followingn-tuples.
(a)(011010)
(c)(01111)
(b)(11110101)
(d)(1011)
5.Suppose that a linear codeChas a minimum weight of 7. What are the
error-detection and error-correction capabilities ofC?
6.In each of the following codes, what is the minimum distance for the code?
What is the best situation we might hope for in connection with error detec-
tion and error correction?
(a)(011010) (011100) (110111) (110000)
(b)(011100) (011011) (111011) (100011)
(000000) (010101) (110100) (110011)
(c)(000000) (011100) (110101) (110001)
(d)(0110110) (0111100) (1110000) (1111111)
(1001001) (1000011) (0001111) (0000000)
7.Compute the null space of each of the following matrices. What type of (n; k)-
block codes are the null spaces? Can you nd a matrix (not necessarily a
standard generator matrix) that generates each code? Are your generator
matrices unique?
(a)
0
@
0 1 0 0 0
1 0 1 0 1
1 0 0 1 0
1
A
(b)
0
B
B
@
1 0 1 0 0 0
1 1 0 1 0 0
0 1 0 0 1 0
1 1 0 0 0 1
1
C
C
A

EXERCISES 133
(c)

1 0 0 1 1
0 1 0 1 1

(d)
0
B
B
@
0 0 0 1 1 1 1
0 1 1 0 0 1 1
1 0 1 0 1 0 1
0 1 1 0 0 1 1
1
C
C
A
8.Construct a (5;2)-block code. Discuss the error-detection and error-correction
capabilities of your code.
9.LetCbe the code obtained from the null space of the matrix
H=
0
@
0 1 0 0 1
1 0 1 0 1
0 0 1 1 1
1
A:
Decode the message
01111 10101 01110 00011
if possible.
10.Suppose that a 1000-bit binary message is transmitted. Assume that the
probability of a single error ispand that the errors occurring in dierent
bits are independent of one another. Ifp= 0:01, what is the probability of
more than one error occurring? What is the probability of exactly two errors
occurring? Repeat this problem forp= 0:0001.
11.Which matrices are canonical parity-check matrices? For those matrices that
are canonical parity-check matrices, what are the corresponding standard
generator matrices? What are the error-detection and error-correction capa-
bilities of the code generated by each of these matrices?
(a)
0
B
B
@
1 1 0 0 0
0 0 1 0 0
0 0 0 1 0
1 0 0 0 1
1
C
C
A
(c)

1 1 1 0
1 0 0 1

(b)
0
B
B
@
0 1 1 0 0 0
1 1 0 1 0 0
0 1 0 0 1 0
1 1 0 0 0 1
1
C
C
A
(d)
0
B
B
@
0 0 0 1 0 0 0
0 1 1 0 1 0 0
1 0 1 0 0 1 0
0 1 1 0 0 0 1
1
C
C
A
12.List all possible syndromes for the codes generated by each of the matrices
in the previous exercise.

134 CHAPTER 7 ALGEBRAIC CODING THEORY
13.Let
H=
0
@
0 1 1 1 1
0 0 0 1 1
1 0 1 0 1
1
A:
Compute the syndrome caused by each of the following transmission errors.
(a)An error in the rst bit
(b)An error in the third bit
(c)An error in the last bit
(d)Errors in the third and fourth bits
14.LetCbe the group code inZ
3
2dened by the codewords (000) and (111).
Compute the cosets ofHinZ
3
2. Why was there no need to specify right or
left cosets? Give the single transmission error, if any, to which each coset
corresponds.
15.For each of the following matrices, nd the cosets of the corresponding code
C. Give a decoding table for each code if possible.
(a)
0
@
0 1 0 0 0
1 0 1 0 1
1 0 0 1 0
1
A
(b)
0
B
B
@
0 0 1 0 0
1 1 0 1 0
0 1 0 1 0
1 1 0 0 1
1
C
C
A
(c)

1 0 0 1 1
0 1 0 1 1

(d)
0
B
B
@
1 0 0 1 1 1 1
1 1 1 0 0 1 1
1 0 1 0 1 0 1
1 1 1 0 0 1 0
1
C
C
A
16.Letx,y, andzbe binaryn-tuples. Prove each of the following statements.
(a)w(x) =d(x;0)
(b)d(x;y) =d(x+z;y+z)
(c)d(x;y) =w(xy)
17.Ametricon a setXis a mapd:XX!Rsatisfying the following
conditions.
(a)d(x;y)0 for allx;y2X;
(b)d(x;y) = 0 exactly whenx=y;
(c)d(x;y) =d(y;x);
(d)d(x;y)d(x;z) +d(z;y).

EXERCISES 135
In other words, a metric is simply a generalization of the notion of distance.
Prove that Hamming distance is a metric onZ
n
2. Decoding a message actually
reduces to deciding which is the closest codeword in terms of distance.
18.LetCbe a linear code. Show that either theith coordinates in the codewords
ofCare all zeros or exactly half of them are zeros.
19.LetCbe a linear code. Show that either every codeword has even weight or
exactly half of the codewords have even weight.
20.Show that the codewords of even weight in a linear codeCare also a linear
code.
21.If we are to use an error-correcting linear code to transmit the 128 ASCII
characters, what size matrix must be used? What size matrix must be used
to transmit the extended ASCII character set of 256 characters? What if we
require only error detection in both cases?
22.Find the canonical parity-check matrix that gives the even parity check bit
code with three information positions. What is the matrix for seven infor-
mation positions? What are the corresponding standard generator matrices?
23.How many check positions are needed for a single error-correcting code with
20 information positions? With 32 information positions?
24.Leteibe the binaryn-tuple with a 1 in theith coordinate and 0's elsewhere
and suppose thatH2Mmn(Z2). Show thatHeiis theith column of the
matrixH.
25.LetCbe an (n; k)-linear code. Dene thedualororthogonal codeofC
to be
C
?
=fx2Z
n
2:xy= 0 for ally2Cg:
(a)Find the dual code of the linear codeCwhereCis given by the matrix
0
@
1 1 1 0 0
0 0 1 0 1
1 0 0 1 0
1
A:
(b)Show thatC
?
is an (n; nk)-linear code.
(c)Find the standard generator and parity-check matrices ofCandC
?
.
What happens in general? Prove your conjecture.
26.LetHbe anmnmatrix overZ2, where theith column is the numberi
written in binary withmbits. The null space of such a matrix is called a
Hamming code.
(a)Show that the matrix
H=
0
@
0 0 0 1 1 1
0 1 1 0 0 1
1 0 1 0 1 0
1
A

136 CHAPTER 7 ALGEBRAIC CODING THEORY
generates a Hamming code. What are the error-correcting properties
of a Hamming code?
(b)The column corresponding to the syndrome also marks the bit that
was in error; that is, theith column of the matrix isiwritten as a
binary number, and the syndrome immediately tells us which bit is in
error. If the received word is (101011), compute the syndrome. In which
bit did the error occur in this case, and what codeword was originally
transmitted?
(c)Give a binary matrixHfor the Hamming code with six information
positions and four check positions. What are the check positions and
what are the information positions? Encode the messages (101101) and
(001001). Decode the received words (0010000101) and (0000101100).
What are the possible syndromes for this code?
(d)What is the number of check bits and the number of information bits
in an (m; n)-block Hamming code? Give both an upper and a lower
bound on the number of information bits in terms of the number of
check bits. Hamming codes having the maximum possible number of
information bits withkcheck bits are calledperfect. Every possible
syndrome except0occurs as a column. If the number of information
bits is less than the maximum, then the code is calledshortened. In
this case, give an example showing that some syndromes can represent
multiple errors.
Programming Exercises
Write a program to implement a (16;12)-linear code. Your program should be
able to encode and decode messages using coset decoding. Once your program is
written, write a program to simulate a binary symmetric channel with transmission
noise. Compare the results of your simulation with the theoretically predicted error
probability.
References and Suggested Readings
[1]Blake, I. F. \Codes and Designs,"Mathematics Magazine52(1979), 81{95.
[2]Hill, R.A First Course in Coding Theory. Oxford University Press, Oxford,
1986.
[3]Levinson, N. \Coding Theory: A Counterexample to G. H. Hardy's Concep-
tion of Applied Mathematics,"American Mathematical Monthly77(1970),
249{58.
[4]Lidl, R. and Pilz, G.Applied Abstract Algebra. Springer-Verlag, New York,
1984.

EXERCISES 137
[5]MacWilliams, F. J. and Sloane, N. J. A.The Theory of Error-Correcting
Codes. North Holland, Amsterdam, 1977.
[6]Roman, S.Coding and Information Theory. Springer-Verlag, New York,
1992.
[7]Shannon, C. E. \A Mathematical Theory of Communication,"Bell System
Technical Journal27(1948), 379{423, 623{56.
[8]Thompson, T. M.From Error-Correcting Codes through Sphere Packing to
Simple Groups. Carus Monograph Series, No. 21. Mathematical Association
of America, Washington, DC, 1983.
[9]van Lint, J. H.Introduction to Coding Theory. Springer-Verlag, New York,
1982.

8
Isomorphisms
Many groups may appear to be dierent at rst glance, but can be shown
to be the same by a simple renaming of the group elements. For example,
Z4and the subgroup of the circle groupTgenerated byican be shown
to be the same by demonstrating a one-to-one correspondence between the
elements of the two groups and between the group operations. In such a
case we say that the groups are isomorphic.
8.1 Denition and Examples
Two groups (G;) and (H;) areisomorphicif there exists a one-to-one
and onto map:G!Hsuch that the group operation is preserved; that is,
(ab) =(a)(b)
for allaandbinG. IfGis isomorphic toH, we writeG

=H. The map
is called anisomorphism.
Example 1.To show thatZ4

=hii, dene a map:Z4! hiiby(n) =i
n
.
We must show thatis bijective and preserves the group operation. The
mapis one-to-one and onto because
(0) = 1
(1) =i
(2) =1
(3) =i:
Since
(m+n) =i
m+n
=i
m
i
n
=(m)(n);
138

8.1 DEFINITION AND EXAMPLES 139
the group operation is preserved.
Example 2.We can dene an isomorphismfrom the additive group of
real numbers (R;+) to the multiplicative group of positive real numbers
(R
+
;) with the exponential map; that is,
(x+y) =e
x+y
=e
x
e
y
=(x)(y):
Of course, we must still show thatis one-to-one and onto, but this can be
determined using calculus.
Example 3.The integers are isomorphic to the subgroup ofQ

consisting
of elements of the form 2
n
. Dene a map:Z!Q

by(n) = 2
n
. Then
(m+n) = 2
m+n
= 2
m
2
n
=(m)(n):
By denition the mapis onto the subsetf2
n
:n2ZgofQ

. To show that
the map is injective, assume thatm6=n. If we can show that(m)6=(n),
then we are done. Suppose thatm > nand assume that(m) =(n). Then
2
m
= 2
n
or 2
mn
= 1, which is impossible sincemn >0.
Example 4.The groupsZ8andZ12cannot be isomorphic since they have
dierent orders; however, it is true thatU(8)

=U(12). We know that
U(8) =f1;3;5;7g
U(12) =f1;5;7;11g:
An isomorphism:U(8)!U(12) is then given by
17!1
37!5
57!7
77!11:
The mapis not the only possible isomorphism between these two groups.
We could dene another isomorphism by (1) = 1, (3) = 11, (5) = 5,
(7) = 7. In fact, both of these groups are isomorphic toZ2Z2(see
Example 14 in Chapter 2).
Example 5.Even thoughS3andZ6possess the same number of elements,
we would suspect that they are not isomorphic, becauseZ6is abelian and
S3is nonabelian. To demonstrate that this is indeed the case, suppose that
:Z6!S3is an isomorphism. Leta; b2S3be two elements such that

140 CHAPTER 8 ISOMORPHISMS
ab6=ba. Sinceis an isomorphism, there exist elementsmandninZ6
such that
(m) =a
(n) =b:
However,
ab=(m)(n) =(m+n) =(n+m) =(n)(m) =ba;
which contradicts the fact thataandbdo not commute.
Theorem 8.1Let:G!Hbe an isomorphism of two groups. Then the
following statements are true.
1.
1
:H!Gis an isomorphism.
2.jGj=jHj.
3.IfGis abelian, thenHis abelian.
4.IfGis cyclic, thenHis cyclic.
5.IfGhas a subgroup of ordern, thenHhas a subgroup of ordern.
Proof.Assertions (1) and (2) follow from the fact thatis a bijection.
We will prove (3) here and leave the remainder of the theorem to be proved
in the exercises.
(3) Suppose thath1andh2are elements ofH. Sinceis onto, there
exist elementsg1; g22Gsuch that(g1) =h1and(g2) =h2. Therefore,
h1h2=(g1)(g2) =(g1g2) =(g2g1) =(g2)(g1) =h2h1:

We are now in a position to characterize all cyclic groups.
Theorem 8.2All cyclic groups of innite order are isomorphic toZ.
Proof.LetGbe a cyclic group with innite order and suppose thatais a
generator ofG. Dene a map:Z!Gby:n7!a
n
. Then
(m+n) =a
m+n
=a
m
a
n
=(m)(n):

8.1 DEFINITION AND EXAMPLES 141
To show thatis injective, suppose thatmandnare two elements inZ,
wherem6=n. We can assume thatm > n. We must show thata
m
6=a
n
.
Let us suppose the contrary; that is,a
m
=a
n
. In this casea
mn
=e, where
mn >0, which contradicts the fact thatahas innite order. Our map
is onto since any element inGcan be written asa
n
for some integernand
(n) =a
n
.
Theorem 8.3IfGis a cyclic group of ordern, thenGis isomorphic toZn.
Proof.LetGbe a cyclic group of orderngenerated byaand dene a
map:Zn!Gby:k7!a
k
, where 0k < n. The proof thatis an
isomorphism is one of the end-of-chapter exercises.
Corollary 8.4IfGis a group of orderp, wherepis a prime number, then
Gis isomorphic toZp.
Proof.The proof is a direct result of Corollary 5.7.
The main goal in group theory is to classify all groups; however, it makes
sense to consider two groups to be the same if they are isomorphic. We state
this result in the following theorem, whose proof is left as an exercise.
Theorem 8.5The isomorphism of groups determines an equivalence rela-
tion on the class of all groups.
Hence, we can modify our goal of classifying all groups to classifying all
groupsup to isomorphism; that is, we will consider two groups to be the
same if they are isomorphic.
Cayley's Theorem
Cayley proved that ifGis a group, it is isomorphic to a group of permu-
tations on some set; hence, every group is a permutation group. Cayley's
Theorem is what we call a representation theorem. The aim of represen-
tation theory is to nd an isomorphism of some groupGthat we wish to
study into a group that we know a great deal about, such as a group of
permutations or matrices.
Example 6.Consider the groupZ3. The Cayley table forZ3is as follows.
+
0 1 2
0
0 1 2
1
1 2 0
2
2 0 1

142 CHAPTER 8 ISOMORPHISMS
The addition table ofZ3suggests that it is the same as the permutation
groupG=f(0);(012);(021)g. The isomorphism here is
07!

0 1 2
0 1 2

= (0)
17!

0 1 2
1 2 0

= (012)
27!

0 1 2
2 0 1

= (021):

Theorem 8.6 (Cayley)Every group is isomorphic to a group of permu-
tations.
Proof.LetGbe a group. We must nd a group of permutations
Gthat
is isomorphic toG. For anyg2G, dene a functiong:G!Gby
g(a) =ga. We claim thatgis a permutation ofG. To show thatgis
one-to-one, suppose thatg(a) =g(b). Then
ga=g(a) =g(b) =gb:
Hence,a=b. To show thatgis onto, we must prove that for eacha2G,
there is absuch thatg(b) =a. Letb=g
1
a.
Now we are ready to dene our group
G. LetG=fg:g2Gg:
We must show that
Gis a group under composition of functions and nd
an isomorphism betweenGand
G. We have closure under composition of
functions since
(gh)(a) =g(ha) =gha=gh(a):
Also,
e(a) =ea=a
and
(
g
1g)(a) =
g
1(ga) =g
1
ga=a=e(a):
We can dene an isomorphism fromGto
Gby:g7!g. The group
operation is preserved since
(gh) =gh=gh=(g)(h):

8.2 DIRECT PRODUCTS 143
It is also one-to-one, because if(g)(a) =(h)(a), then
ga=ga=ha=ha:
Hence,g=h. Thatis onto follows from the fact that(g) =gfor any
g2
G.
The isomorphismg7!gis known as theleft regular representation
ofG.
Historical Note
Arthur Cayley was born in England in 1821, though he spent much of the rst
part of his life in Russia, where his father was a merchant. Cayley was educated
at Cambridge, where he took the rst Smith's Prize in mathematics. A lawyer
for much of his adult life, he wrote several papers in his early twenties before
entering the legal profession at the age of 25. While practicing law he continued his
mathematical research, writing more than 300 papers during this period of his life.
These included some of his best work. In 1863 he left law to become a professor
at Cambridge. Cayley wrote more than 900 papers in elds such as group theory,
geometry, and linear algebra. His legal knowledge was very valuable to Cambridge;
he participated in the writing of many of the university's statutes. Cayley was also
one of the people responsible for the admission of women to Cambridge.
8.2 Direct Products
Given two groupsGandH, it is possible to construct a new group from
the Cartesian product ofGandH,GH. Conversely, given a large group,
it is sometimes possible to decompose the group; that is, a group is some-
times isomorphic to the direct product of two smaller groups. Rather than
studying a large groupG, it is often easier to study the component groups
ofG.
External Direct Products
If (G;) and (H;) are groups, then we can make the Cartesian product of
GandHinto a new group. As a set, our group is just the ordered pairs
(g; h)2GHwhereg2Gandh2H. We can dene a binary operation
onGHby
(g1; h1)(g2; h2) = (g1g2; h1h2);

144 CHAPTER 8 ISOMORPHISMS
that is, we just multiply elements in the rst coordinate as we do inGand
elements in the second coordinate as we do inH. We have specied the
particular operationsandin each group here for the sake of clarity; we
usually just write (g1; h1)(g2; h2) = (g1g2; h1h2).
Proposition 8.7LetGandHbe groups. The setGHis a group under
the operation(g1; h1)(g2; h2) = (g1g2; h1h2)whereg1; g22Gandh1; h22H.
Proof.Clearly the binary operation dened above is closed. IfeGandeH
are the identities of the groupsGandHrespectively, then (eG; eH) is the
identity ofGH. The inverse of (g; h)2GHis (g
1
; h
1
). The fact
that the operation is associative follows directly from the associativity ofG
andH.
Example 7. LetRbe the group of real numbers under addition. The
Cartesian product ofRwith itself,RR=R
2
, is also a group, in which the
group operation is just addition in each coordinate; that is, (a; b) + (c; d) =
(a+c; b+d). The identity is (0;0) and the inverse of (a; b) is (a;b).
Example 8.Consider
Z2Z2=f(0;0);(0;1);(1;0);(1;1)g:
AlthoughZ2Z2andZ4both contain four elements, it is easy to see that
they are not isomorphic since for every element (a; b) inZ2Z2, (a; b) +
(a; b) = (0;0), butZ4is cyclic.
The groupGHis called theexternal direct productofGandH.
Notice that there is nothing special about the fact that we have used only
two groups to build a new group. The direct product
n
Y
i=1
Gi=G1G2 Gn
of the groupsG1; G2; : : : ; Gnis dened in exactly the same manner. If
G=G1=G2= =Gn, we often writeG
n
instead ofG1G2 Gn.
Example 9.The groupZ
n
2
, considered as a set, is just the set of all binary
n-tuples. The group operation is the \exclusive or" of two binaryn-tuples.
For example,
(01011101) + (01001011) = (00010110):
This group is important in coding theory, in cryptography, and in many
areas of computer science.

8.2 DIRECT PRODUCTS 145
Theorem 8.8Let(g; h)2GH. Ifgandhhave nite ordersrands
respectively, then the order of(g; h)inGHis the least common multiple
ofrands.
Proof.Suppose thatmis the least common multiple ofrandsand let
n=j(g; h)j. Then
(g; h)
m
= (g
m
; h
m
) = (eG; eH)
(g
n
; h
n
) = (g; h)
n
= (eG; eH):
Hence,nmust dividem, andnm. However, by the second equation,
bothrandsmust dividen; therefore,nis a common multiple ofrands.
Sincemis theleast common multipleofrands,mn. Consequently,m
must be equal ton.
Corollary 8.9Let(g1; : : : ; gn)2
Q
Gi. Ifgihas nite orderriinGi, then
the order of(g1; : : : ; gn)in
Q
Giis the least common multiple ofr1; : : : ; rn.
Example 10.Let (8;56)2Z12Z60. Since gcd(8;12) = 4, the order of 8
is 12=4 = 3 inZ12. Similarly, the order of 56 inZ60is 15. The least common
multiple of 3 and 15 is 15; hence, (8;56) has order 15 inZ12Z60.
Example 11.The groupZ2Z3consists of the pairs
(0;0);(0;1);(0;2);(1;0);(1;1);(1;2):
In this case, unlike that ofZ2Z2andZ4, it is true thatZ2Z3

=Z6.
We need only show thatZ2Z3is cyclic. It is easy to see that (1;1) is a
generator forZ2Z3.
The next theorem tells us exactly when the direct product of two cyclic
groups is cyclic.
Theorem 8.10The groupZmZnis isomorphic toZmnif and only if
gcd(m; n) = 1.
Proof.Assume rst that ifZmZn

=Zmn, then gcd(m; n) = 1. To
show this, we will prove the contrapositive; that is, we will show that if
gcd(m; n) =d >1, thenZmZncannot be cyclic. Notice thatmn=dis
divisible by bothmandn; hence, for any element (a; b)2ZmZn,
(a; b) + (a; b) + + (a; b)
|
{z}
mn=dtimes
= (0;0):

146 CHAPTER 8 ISOMORPHISMS
Therefore, no (a; b) can generate all ofZmZn.
The converse follows directly from Theorem 8.8 since lcm(m; n) =mnif
and only if gcd(m; n) = 1.
Corollary 8.11Letn1; : : : ; nkbe positive integers. Then
k
Y
i=1
Zni

=Zn1nk
if and only ifgcd(ni; nj) = 1fori6=j.
Corollary 8.12If
m=p
e1
1
p
ek
k
;
where thepis are distinct primes, then
Zm

=Z
p
e
1
1
Z
p
e
k
k
:
Proof.Since the greatest common divisor ofp
ei
i
andp
ej
j
is 1 fori6=j, the
proof follows from Corollary 8.11.
In Chapter 11, we will prove that all nite abelian groups are isomorphic
to direct products of the form
Z
p
e
1
1
Z
p
e
k
k
wherep1; : : : ; pkare (not necessarily distinct) primes.
Internal Direct Products
The external direct product of two groups builds a large group out of two
smaller groups. We would like to be able to reverse this process and con-
veniently break down a group into its direct product components; that is,
we would like to be able to say when a group is isomorphic to the direct
product of two of its subgroups.
LetGbe a group with subgroupsHandKsatisfying the following
conditions.
G=HK=fhk:h2H; k2Kg;
H\K=feg;
hk=khfor allk2Kandh2H.

8.2 DIRECT PRODUCTS 147
ThenGis theinternal direct productofHandK.
Example 12.The groupU(8) is the internal direct product of
H=f1;3g
K=f1;5g:

Example 13.The dihedral groupD6is an internal direct product of its
two subgroups
H=fid; r
3
g
K=fid; r
2
; r
4
; s; r
2
s; r
4
sg:
It can easily be shown thatK

=S3; consequently,D6

=Z2S3.
Example 14.Not every group can be written as the internal direct product
of two of its proper subgroups. If the groupS3were an internal direct
product of its proper subgroupsHandK, then one of the subgroups, sayH,
would have to have order 3. In this caseHis the subgroupf(1);(123);(132)g.
The subgroupKmust have order 2, but no matter which subgroup we
choose forK, the condition thathk=khwill never be satised forh2H
andk2K.
Theorem 8.13LetGbe the internal direct product of subgroupsHandK.
ThenGis isomorphic toHK.
Proof.SinceGis an internal direct product, we can write any element
g2Gasg=hkfor someh2Hand somek2K. Dene a map:G!
HKby(g) = (h; k).
The rst problem that we must face is to show thatis a well-dened
map; that is, we must show thathandkare uniquely determined byg.
Suppose thatg=hk=h
0
k
0
. Thenh
1
h
0
=k(k
0
)
1
is in bothHandK, so
it must be the identity. Therefore,h=h
0
andk=k
0
, which proves that
is, indeed, well-dened.
To show thatpreserves the group operation, letg1=h1k1andg2=
h2k2and observe that
(g1g2) =(h1k1h2k2)
=(h1h2k1k2)
= (h1h2; k1k2)
= (h1; k1)(h2; k2)
=(g1)(g2):

148 CHAPTER 8 ISOMORPHISMS
We will leave the proof thatis one-to-one and onto as an exercise.
Example 15.The groupZ6is an internal direct product isomorphic to
f0;2;4g f0;3g.
We can extend the denition of an internal direct product ofGto a
collection of subgroupsH1; H2; : : : ; HnofG, by requiring that
G=H1H2 Hn=fh1h2 hn:hi2Hig;
Hi\ h[j6=iHji=feg;
hihj=hjhifor allhi2Hiandhj2Hj.
We will leave the proof of the following theorem as an exercise.
Theorem 8.14LetGbe the internal direct product of subgroupsHi, where
i= 1;2; : : : ; n. ThenGis isomorphic to
Q
i
Hi.
Exercises
1. Prove thatZ

=nZforn6= 0.
2. Prove thatC

is isomorphic to the subgroup ofGL2(R) consisting of matrices
of the form
a b
b a

:
3. Prove or disprove:U(8)

=Z4.
4. Prove thatU(8) is isomorphic to the group of matrices

1 0
0 1

;

1 0
01

;

1 0
0 1

;

1 0
01

:
5. Show thatU(5) is isomorphic toU(10), butU(12) is not.
6. Show that thenth roots of unity are isomorphic toZn.
7. Show that any cyclic group of ordernis isomorphic toZn.
8. Prove thatQis not isomorphic toZ.
9. LetG=Rn f1gand dene a binary operation onGby
ab=a+b+ab:
Prove thatGis a group under this operation. Show that (G;) is isomorphic
to the multiplicative group of nonzero real numbers.

EXERCISES 149
10. Show that the matrices
0
@
1 0 0
0 1 0
0 0 1
1
A
0
@
1 0 0
0 0 1
0 1 0
1
A
0
@
0 1 0
1 0 0
0 0 1
1
A
0
@
0 0 1
1 0 0
0 1 0
1
A
0
@
0 0 1
0 1 0
1 0 0
1
A
0
@
0 1 0
0 0 1
1 0 0
1
A
form a group. Find an isomorphism ofGwith a more familiar group of
order 6.
11. Find ve non-isomorphic groups of order 8.
12. ProveS4is not isomorphic toD12.
13. Let!= cis (2i=n) be a primitiventh root of unity. Prove that the matrices
A=

!0
0!
1

and
B=

0 1
1 0

form a multiplicative group isomorphic toDn.
14. Show that the set of all matrices of the form
B=

1n
0 1

;
wheren2Zn, is a group isomorphic toDn.
15. List all of the elements ofZ4Z2.
16. Find the order of each of the following elements.
(a) (3;4) inZ4Z6
(b) (6;15;4) inZ30Z45Z24
(c) (5;10;15) inZ25Z25Z25
(d) (8;8;8) inZ10Z24Z80
17. Prove thatD4cannot be the internal direct product of two of its proper
subgroups.
18. Prove that the subgroup ofQ

consisting of elements of the form 2
m
3
n
for
m; n2Zis an internal direct product isomorphic toZZ.
19. Prove thatS3Z2is isomorphic toD6. Can you make a conjecture about
D2n? Prove your conjecture. [Hint:Draw the picture.]

150 CHAPTER 8 ISOMORPHISMS
20. Prove or disprove: Every abelian group of order divisible by 3 contains a
subgroup of order 3.
21. Prove or disprove: Every nonabelian group of order divisible by 6 contains a
subgroup of order 6.
22. LetGbe a group of order 20. IfGhas subgroupsHandKof orders 4 and
5 respectively such thathk=khfor allh2Handk2K, prove thatGis
the internal direct product ofHandK.
23. Prove or disprove the following assertion. LetG,H, andKbe groups. If
GK

=HK, thenG

=H.
24. Prove or disprove: There is a noncyclic abelian group of order 51.
25. Prove or disprove: There is a noncyclic abelian group of order 52.
26. Let:G1!G2be a group isomorphism. Show that(x) =eif and only if
x=e.
27. LetG

=H. Show that ifGis cyclic, then so isH.
28. Prove that any groupGof orderp,pprime, must be isomorphic toZp.
29. Show thatSnis isomorphic to a subgroup ofAn+2.
30. Prove thatDnis isomorphic to a subgroup ofSn.
31. Let:G1!G2and :G2!G3be isomorphisms. Show that
1
and
are both isomorphisms. Using these results, show that the isomorphism
of groups determines an equivalence relation on the class of all groups.
32. ProveU(5)

=Z4. Can you generalize this result to show thatU(p)

=Zp1?
33. Write out the permutations associated with each element ofS3in the proof
of Cayley's Theorem.
34. Anautomorphismof a groupGis an isomorphism with itself. Prove that
complex conjugation is an automorphism of the additive group of complex
numbers; that is, show that the map(a+bi) =abiis an isomorphism
fromCtoC.
35. Prove thata+ib7!aibis an automorphism ofC

.
36. Prove thatA7!B
1
ABis an automorphism ofSL2(R) for allBinGL2(R).
37. We will denote the set of all automorphisms ofGbyAut(G). Prove that
Aut(G) is a subgroup ofSG, the group of permutations ofG.
38. FindAut(Z6).
39. FindAut(Z).
40. Find two nonisomorphic groupsGandHsuch thatAut(G)

=Aut(H).

EXERCISES 151
41. LetGbe a group andg2G. Dene a mapig:G!Gbyig(x) =gxg
1
.
Prove thatigdenes an automorphism ofG. Such an automorphism is called
aninner automorphism. The set of all inner automorphisms is denoted
byInn(G).
42. Prove thatInn(G) is a subgroup ofAut(G).
43. What are the inner automorphisms of the quaternion groupQ8? IsInn(G) =
Aut(G) in this case?
44. LetGbe a group andg2G. Dene mapsg:G!Gandg:G!Gby
g(x) =gxandg(x) =xg
1
. Show thatig=ggis an automorphism
ofG. The mapg:G!Gis called theright regular representation
ofG.
45. LetGbe the internal direct product of subgroupsHandK. Show that the
map:G!HKdened by(g) = (h; k) forg=hk, whereh2Hand
k2K, is one-to-one and onto.
46. LetGandHbe isomorphic groups. IfGhas a subgroup of ordern, prove
thatHmust also have a subgroup of ordern.
47. IfG

=
GandH

=H, show thatGH

=GH.
48. Prove thatGHis isomorphic toHG.
49. Letn1; : : : ; nkbe positive integers. Show that
k
Y
i=1
Zni

=Zn1nk
if and only if gcd(ni; nj) = 1 fori6=j.
50. Prove thatABis abelian if and only ifAandBare abelian.
51. IfGis the internal direct product ofH1; H2; : : : ; Hn, prove thatGis isomor-
phic to
Q
i
Hi.
52. LetH1andH2be subgroups ofG1andG2, respectively. Prove thatH1H2
is a subgroup ofG1G2.
53. Letm; n2Z. Prove thathm; ni

=hdiif and only ifd= gcd(m; n).
54. Letm; n2Z. Prove thathmi \ hni

=hliif and only ifd= lcm(m; n).

9
Homomorphisms and Factor
Groups
IfHis a subgroup of a groupG, then right cosets are not always the same as
left cosets; that is, it is not always the case thatgH=Hgfor allg2G. The
subgroups for which this property holds play a critical role in group theory:
they allow for the construction of a new class of groups, called factor or
quotient groups. Factor groups may be studied by using homomorphisms,
a generalization of isomorphisms.
9.1 Factor Groups and Normal Subgroups
Normal Subgroups
A subgroupHof a groupGisnormalin G ifgH=Hgfor allg2G. That
is, a normal subgroup of a groupGis one in which the right and left cosets
are precisely the same.
Example 1.LetGbe an abelian group. Every subgroupHofGis a
normal subgroup. Sincegh=hgfor allg2Gandh2H, it will always be
the case thatgH=Hg.
Example 2.LetHbe the subgroup ofS3consisting of elements (1) and
(12). Since
(123)H=f(123);(13)g
and
H(123) =f(123);(23)g;
Hcannot be a normal subgroup ofS3. However, the subgroupN, consisting
of the permutations (1), (123), and (132), is normal since the cosets ofN
152

9.1 FACTOR GROUPS AND NORMAL SUBGROUPS 153
are
N=f(1);(123);(132)g
(12)N=N(12) =f(12);(13);(23)g:

The following theorem is fundamental to our understanding of normal
subgroups.
Theorem 9.1LetGbe a group andNbe a subgroup ofG. Then the
following statements are equivalent.
1.The subgroupNis normal inG.
2.For allg2G,gNg
1
N.
3.For allg2G,gNg
1
=N.
Proof.(1))(2). SinceNis normal inG,gN=Ngfor allg2G. Hence,
for a giveng2Gandn2N, there exists ann
0
inNsuch thatgn=n
0
g.
Therefore,gng
1
=n
0
2NorgNg
1
N.
(2))(3). Letg2G. SincegNg
1
N, we need only showN
gNg
1
. Forn2N,g
1
ng=g
1
n(g
1
)
1
2N. Hence,g
1
ng=n
0
for
somen
0
2N. Therefore,n=gn
0
g
1
is ingNg
1
.
(3))(1). Suppose thatgNg
1
=Nfor allg2G. Then for anyn2N
there exists ann
0
2Nsuch thatgng
1
=n
0
. Consequently,gn=n
0
gor
gNNg. Similarly,NggN.
Factor Groups
IfNis a normal subgroup of a groupG, then the cosets ofNinGform
a groupG=Nunder the operation (aN)(bN) =abN. This group is called
thefactororquotient groupofGandN. Our rst task is to prove that
G=Nis indeed a group.
Theorem 9.2LetNbe a normal subgroup of a groupG. The cosets ofN
inGform a groupG=Nof order[G:N].
Proof.The group operation onG=Nis (aN)(bN) =abN. This operation
must be shown to be well-dened; that is, group multiplication must be
independent of the choice of coset representative. LetaN=bNandcN=
dN. We must show that
(aN)(cN) =acN=bdN= (bN)(dN):

154 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
Thena=bn1andc=dn2for somen1andn2inN. Hence,
acN=bn1dn2N
=bn1dN
=bn1Nd
=bNd
=bdN:
The remainder of the theorem is easy:eN=Nis the identity andg
1
Nis
the inverse ofgN. The order ofG=Nis, of course, the number of cosets of
NinG.
It is very important to remember that the elements in a factor group are
sets of elementsin the original group.
Example 3.Consider the normal subgroup ofS3,N=f(1);(123);(132)g.
The cosets ofNinS3areNand (12)N. The factor groupS3=Nhas the
following multiplication table.
N (12)N
N
N (12)N
(12)N
(12)N N
This group is isomorphic toZ2. At rst, multiplying cosets seems both com-
plicated and strange; however, notice thatS3=Nis a smaller group. The
factor group displays a certain amount of information aboutS3. Actually,
N=A3, the group of even permutations, and (12)N=f(12);(13);(23)gis
the set of odd permutations. The information captured inG=Nis parity;
that is, multiplying two even or two odd permutations results in an even per-
mutation, whereas multiplying an odd permutation by an even permutation
yields an odd permutation.
Example 4.Consider the normal subgroup 3ZofZ. The cosets of 3ZinZ
are
0 + 3Z=f: : : ;3;0;3;6; : : :g
1 + 3Z=f: : : ;2;1;4;7; : : :g
2 + 3Z=f: : : ;1;2;5;8; : : :g:
The groupZ=3Zis given by the multiplication table below.
+
0 + 3Z1 + 3Z2 + 3Z
0 + 3Z
0 + 3Z1 + 3Z2 + 3Z
1 + 3Z
1 + 3Z2 + 3Z0 + 3Z
2 + 3Z
2 + 3Z0 + 3Z1 + 3Z

9.2 GROUP HOMOMORPHISMS 155
In general, the subgroupnZofZis normal. The cosets ofZ=nZare
nZ
1 +nZ
2 +nZ
.
.
.
(n1) +nZ:
The sum of the cosetsk+Zandl+Zisk+l+Z. Notice that we have
written our cosets additively, because the group operation is integer addition.

Example 5.Consider the dihedral groupDn, generated by the two elements
rands, satisfying the relations
r
n
=id
s
2
=id
srs=r
1
:
The elementractually generates the cyclic subgroup of rotations,Rn, of
Dn. Sincesrs
1
=srs=r
1
2Rn, the group of rotations is a normal
subgroup ofDn; therefore,Dn=Rnis a group. Since there are exactly two
elements in this group, it must be isomorphic toZ2.
9.2 Group Homomorphisms
One of the basic ideas of algebra is the concept of a homomorphism, a nat-
ural generalization of an isomorphism. If we relax the requirement that an
isomorphism of groups be bijective, we have a homomorphism. Ahomo-
morphismbetween groups (G;) and (H;) is a map:G!Hsuch
that
(g1g2) =(g1)(g2)
forg1; g22G. The range ofinHis called thehomomorphic imageof.
Two groups are related in the strongest possible way if they are isomor-
phic; however, a weaker relationship may exist between two groups. For
example, the symmetric groupSnand the groupZ2are related by the fact
thatSncan be divided into even and odd permutations that exhibit a group
structure like thatZ2, as shown in the following multiplication table.
even odd
even
even odd
odd
odd even

156 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
We use homomorphisms to study relationships such as the one we have just
described.
Example 6.LetGbe a group andg2G. Dene a map:Z!Gby
(n) =g
n
. Thenis a group homomorphism, since
(m+n) =g
m+n
=g
m
g
n
=(m)(n):
This homomorphism mapsZonto the cyclic subgroup ofGgenerated byg.

Example 7.LetG=GL2(R). If
A=

a b
c d

is inG, then the determinant is nonzero; that is, det(A) =adbc6= 0.
Also, for any two elementsAandBinG, det(AB) = det(A) det(B). Using
the determinant, we can dene a homomorphism:GL2(R)!R

by
A7!det(A).
Example 8.Recall that the circle groupTconsists of all complex numbers
zsuch thatjzj= 1. We can dene a homomorphismfrom the additive
group of real numbersRtoTby:7!cos+isin. Indeed,
(+) = cos(+) +isin(+)
= (coscossinsin) +i(sincos+ cossin)
= (cos+isin) + (cos+isin)
=()():
Geometrically, we are simply wrapping the real line around the circle in a
group-theoretic fashion.
The following proposition lists some basic properties of group homomor-
phisms.
Proposition 9.3Let:G1!G2be a homomorphism of groups. Then
1.Ifeis the identity ofG1, then(e)is the identity ofG2;
2.For any elementg2G1,(g
1
) = [(g)]
1
;
3.IfH1is a subgroup ofG1, then(H1)is a subgroup ofG2;

9.2 GROUP HOMOMORPHISMS 157
4.IfH2is a subgroup ofG2, then
1
(H2) =fg2G:(g)2H2gis a
subgroup ofG1. Furthermore, ifH2is normal inG2, then
1
(H2)is
normal inG1.
Proof.(1) Suppose thateande
0
are the identities ofG1andG2, respec-
tively; then
e
0
(e) =(e) =(ee) =(e)(e):
By cancellation,(e) =e
0
.
(2) This statement follows from the fact that
(g
1
)(g) =(g
1
g) =(e) =e:
(3) The set(H1) is nonempty since the identity ofH2is in(H1).
Suppose thatH1is a subgroup ofG1and letxandybe in(H1). There
exist elementsa; b2H1such that(a) =xand(b) =y. Since
xy
1
=(a)[(b)]
1
=(ab
1
)2(H1);
(H1) is a subgroup ofG2by Proposition 2.10.
(4) LetH2be a subgroup ofG2and deneH1to be
1
(H2); that is,
H1is the set of allg2G1such that(g)2H2. The identity is inH1since
(e) =e. Ifaandbare inH1, then(ab
1
) =(a)[(b)]
1
is inH2sinceH2
is a subgroup ofG2. Therefore,ab
1
2H1andH1is a subgroup ofG1. If
H2is normal inG2, we must show thatg
1
hg2H1forh2H1andg2G1.
But
(g
1
hg) = [(g)]
1
(h)(g)2H2;
sinceH2is a normal subgroup ofG2. Therefore,g
1
hg2H1.
Let:G!Hbe a group homomorphism and suppose thateis the
identity ofH. By Proposition 9.3,
1
(feg) is a subgroup ofG. This
subgroup is called thekernelofand will be denoted by ker. In fact, this
subgroup is a normal subgroup ofGsince the trivial subgroup is normal in
H. We state this result in the following theorem, which says that with every
homomorphism of groups we can naturally associate a normal subgroup.
Theorem 9.4Let:G!Hbe a group homomorphism. Then the kernel
ofis a normal subgroup ofG.
Example 9.Let us examine the homomorphism:GL2(R)!R

dened
byA7!det(A). Since 1 is the identity ofR

, the kernel of this homomor-
phism is all 22 matrices having determinant one. That is, ker=SL2(R).

158 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
Example 10.The kernel of the group homomorphism:R!C

dened
by() = cos+isinisf2n:n2Zg. Notice that ker

=Z.
Example 11.Suppose that we wish to determine all possible homomor-
phismsfromZ7toZ12. Since the kernel ofmust be a subgroup of
Z7, there are only two possible kernels,f0gand all ofZ7. The image of
a subgroup ofZ7must be a subgroup ofZ12. Hence, there is no injective
homomorphism; otherwise,Z12would have a subgroup of order 7, which is
impossible. Consequently, the only possible homomorphism fromZ7toZ12
is the one mapping all elements to zero.
Example 12.LetGbe a group. Suppose thatg2Gandis the ho-
momorphism fromZtoGgiven by(n) =g
n
. If the order ofgis innite,
then the kernel of this homomorphism isf0gsincemapsZonto the cyclic
subgroup ofGgenerated byg. However, if the order ofgis nite, sayn,
then the kernel ofisnZ.
Simplicity ofAn
Of special interest are groups with no nontrivial normal subgroups. Such
groups are calledsimple groups. Of course, we already have a whole
class of examples of simple groups,Zp, wherepis prime. These groups are
trivially simple since they have no proper subgroups other than the subgroup
consisting solely of the identity. Other examples of simple groups are not
so easily found. We can, however, show that the alternating group,An, is
simple forn5. The proof of this result requires several lemmas.
Lemma 9.5The alternating groupAnis generated by3-cycles forn3.
Proof.To show that the 3-cycles generateAn, we need only show that
any pair of transpositions can be written as the product of 3-cycles. Since
(ab) = (ba), every pair of transpositions must be one of the following:
(ab)(ab) =id
(ab)(cd) = (acb)(acd)
(ab)(ac) = (acb):

Lemma 9.6LetNbe a normal subgroup ofAn, wheren3. IfNcontains
a3-cycle, thenN=An.

9.2 GROUP HOMOMORPHISMS 159
Proof.We will rst show thatAnis generated by 3-cycles of the specic
form (ijk), whereiandjare xed inf1;2; : : : ; ngand we letkvary. Every
3-cycle is the product of 3-cycles of this form, since
(iaj) = (ija)
2
(iab) = (ijb)(ija)
2
(jab) = (ijb)
2
(ija)
(abc) = (ija)
2
(ijc)(ijb)
2
(ija):
Now suppose thatNis a nontrivial normal subgroup ofAnforn3 such
thatNcontains a 3-cycle of the form (ija). Using the normality ofN, we
see that
[(ij)(ak)](ija)
2
[(ij)(ak)]
1
= (ijk)
is inN. Hence,Nmust contain all of the 3-cycles (ijk) for 1kn. By
Lemma 9.5, these 3-cycles generateAn; hence,N=An.
Lemma 9.7Forn5, every normal subgroupNofAncontains a3-cycle.
Proof.Letbe an arbitrary element in a normal subgroupN. There are
several possible cycle structures for.
is a 3-cycle.
is the product of disjoint cycles,=(a1a2 ar)2N, wherer >3.
is the product of disjoint cycles,=(a1a2a3)(a4a5a6).
=(a1a2a3), whereis the product of disjoint 2-cycles.
=(a1a2)(a3a4), whereis the product of an even number of dis-
joint 2-cycles.
Ifis a 3-cycle, then we are done. IfNcontains a product of disjoint
cycles,, and at least one of these cycles has length greater than 3, say
=(a1a2 ar), then
(a1a2a3)(a1a2a3)
1
is inNsinceNis normal; hence,

1
(a1a2a3)(a1a2a3)
1

160 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
is also inN. Since

1
(a1a2a3)(a1a2a3)
1
=
1
(a1a2a3)(a1a3a2)
= (a1a2 ar)
1

1
(a1a2a3)(a1a2 ar)(a1a3a2)
= (a1arar1 a2)(a1a2a3)(a1a2 ar)(a1a3a2)
= (a1a3ar);
Nmust contain a 3-cycle; hence,N=An.
Now suppose thatNcontains a disjoint product of the form
=(a1a2a3)(a4a5a6):
Then

1
(a1a2a4)(a1a2a4)
1
2N
since
(a1a2a4)(a1a2a4)
1
2N:
So

1
(a1a2a4)(a1a2a4)
1
= [(a1a2a3)(a4a5a6)]
1
(a1a2a4)(a1a2a3)(a4a5a6)(a1a2a4)
1
= (a4a6a5)(a1a3a2)
1
(a1a2a4)(a1a2a3)(a4a5a6)(a1a4a2)
= (a4a6a5)(a1a3a2)(a1a2a4)(a1a2a3)(a4a5a6)(a1a4a2)
= (a1a4a2a6a3):
SoNcontains a disjoint cycle of length greater than 3, and we can apply
the previous case.
SupposeNcontains a disjoint product of the form=(a1a2a3), where
is the product of disjoint 2-cycles. Since2N,
2
2N, and

2
=(a1a2a3)(a1a2a3)
= (a1a3a2):
SoNcontains a 3-cycle.
The only remaining possible case is a disjoint product of the form
=(a1a2)(a3a4);
whereis the product of an even number of disjoint 2-cycles. But

1
(a1a2a3)(a1a2a3)
1

9.2 GROUP HOMOMORPHISMS 161
is inNsince (a1a2a3)(a1a2a3)
1
is inN; and so

1
(a1a2a3)(a1a2a3)
1
=
1
(a1a2)(a3a4)(a1a2a3)(a1a2)(a3a4)(a1a2a3)
1
= (a1a3)(a2a4):
Sincen5, we can ndb2 f1;2; : : : ; ngsuch thatb6=a1; a2; a3; a4. Let
= (a1a3b). Then

1
(a1a3)(a2a4)(a1a3)(a2a4)2N
and

1
(a1a3)(a2a4)(a1a3)(a2a4)
= (a1ba3)(a1a3)(a2a4)(a1a3b)(a1a3)(a2a4)
= (a1a3b):
Therefore,Ncontains a 3-cycle. This completes the proof of the lemma.
Theorem 9.8The alternating group,An, is simple forn5.
Proof.LetNbe a normal subgroup ofAn. By Lemma 9.7,Ncontains a 3-
cycle. By Lemma 9.6,N=An; therefore,Ancontains no proper nontrivial
normal subgroups forn5.
Historical Note
One of the foremost problems of group theory has been to classify all simple nite
groups. This problem is over a century old and has been solved only in the last
few years. In a sense, nite simple groups are the building blocks of all nite
groups. The rst nonabelian simple groups to be discovered were the alternating
groups. Galois was the rst to prove thatA5was simple. Later mathematicians,
such as C. Jordan and L. E. Dickson, found several innite families of matrix
groups that were simple. Other families of simple groups were discovered in the
1950s. At the turn of the century, William Burnside conjectured that all nonabelian
simple groups must have even order. In 1963, W. Feit and J. Thompson proved
Burnside's conjecture and published their results in the paper \Solvability of Groups
of Odd Order," which appeared in thePacic Journal of Mathematics. Their
proof, running over 250 pages, gave impetus to a program in the 1960s and 1970s
to classify all nite simple groups. Daniel Gorenstein was the organizer of this
remarkable eort. One of the last simple groups was the \Monster," discovered
by R. Greiss. The Monster, a 196,833196,833 matrix group, is one of the 26
sporadic, or special, simple groups. These sporadic simple groups are groups that
t into no innite family of simple groups.

162 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
9.3 The Isomorphism Theorems
Though at rst it is not evident that factor groups correspond exactly to
homomorphic images, we can use factor groups to study homomorphisms.
We already know that with every group homomorphism:G!Hwe can
associate a normal subgroup ofG, ker; the converse is also true. Every
normal subgroup of a groupGgives rise to homomorphism of groups.
LetHbe a normal subgroup ofG. Dene thenaturalorcanonical
homomorphism
:G!G=H
by
(g) =gH:
This is indeed a homomorphism, since
(g1g2) =g1g2H=g1Hg2H=(g1)(g2):
The kernel of this homomorphism isH. The following theorems describe the
relationships among group homomorphisms, normal subgroups, and factor
groups.
Theorem 9.9 (First Isomorphism Theorem) If :G!His a group
homomorphism withK= ker , thenKis normal inG. Let:G!G=K
be the canonical homomorphism. Then there exists a unique isomorphism
:G=K! (G)such that =.
Proof.We already know thatKis normal inG. Dene:G=K! (G)
by(gK) = (g). We must rst show that this is a well-dened map.
Suppose thatg1K=g2K. For somek2K,g1k=g2; consequently,
(g1K) = (g1) = (g1) (k) = (g1k) = (g2) =(g2K):
Since(g1K) =(g2K),does not depend on the choice of coset represen-
tative. Clearlyis onto (G). To show thatis one-to-one, suppose that
(g1K) =(g2K). Then (g1) = (g2). This implies that (g
1
1
g2) =e,
org
1
1
g2is in the kernel of ; hence,g
1
1
g2K=K; that is,g1K=g2K.
Finally, we must show thatis a homomorphism, but
(g1Kg2K) =(g1g2K)
= (g1g2)
= (g1) (g2)
=(g1K)(g2K):

9.3 THE ISOMORPHISM THEOREMS 163

Mathematicians often use diagrams calledcommutative diagramsto
describe such theorems. The following diagram \commutes" since =.
G H
G=K

-
J
J
J
J^

Example 13.LetGbe a cyclic group with generatorg. Dene a map
:Z!Gbyn7!g
n
. This map is a surjective homomorphism since
(m+n) =g
m+n
=g
m
g
n
=(m)(n):
Clearlyis onto. Ifjgj=m, theng
m
=e. Hence, ker=mZand
Z=ker=Z=mZ

=G. On the other hand, if the order ofgis innite, then
ker= 0 andis an isomorphism ofGandZ. Hence, two cyclic groups
are isomorphic exactly when they have the same order. Up to isomorphism,
the only cyclic groups areZandZn.
Theorem 9.10 (Second Isomorphism Theorem) LetHbe a subgroup
of a groupG(not necessarily normal inG) andNa normal subgroup ofG.
ThenHNis a subgroup ofG,H\Nis a normal subgroup ofH, and
H=H\N

=HN=N:
Proof.We will rst show thatHN=fhn:h2H; n2Ngis a subgroup
ofG. Suppose thath1n1; h2n22HN. SinceNis normal, (h2)
1
n1h22N.
So
(h1n1)(h2n2) =h1h2((h2)
1
n1h2)n2
is inHN. The inverse ofhn2HNis inHNsince
(hn)
1
=n
1
h
1
=h
1
(hn
1
h
1
):
Next, we prove thatH\Nis normal inH. Leth2Handn2H\N.
Thenh
1
nh2Hsince each element is inH. Also,h
1
nh2NsinceNis
normal inG; therefore,h
1
nh2H\N.

164 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
Now dene a mapfromHtoHN=Nbyh7!hN. The mapis onto,
since any cosethnN=hNis the image ofhinH. We also know thatis
a homomorphism because
(hh
0
) =hh
0
N=hNh
0
N=(h)(h
0
):
By the First Isomorphism Theorem, the image ofis isomorphic toH=ker;
that is,
HN=N=(H)

=H=ker:
Since
ker=fh2H:h2Ng=H\N;
HN=N=(H)

=H=H\N.
Theorem 9.11 (Correspondence Theorem) LetNbe a normal sub-
group of a groupG. ThenH7!H=Nis a one-to-one correspondence be-
tween the set of subgroupsHcontainingNand the set of subgroups ofG=N.
Furthermore, the normal subgroups ofHcorrespond to normal subgroups
ofG=N.
Proof.LetHbe a subgroup ofGcontainingN. SinceNis normal
inH,H=Nmakes sense. LetaNandbNbe elements ofH=N. Then
(aN)(b
1
N) =ab
1
N2H=N; hence,H=Nis a subgroup ofG=N.
LetSbe a subgroup ofG=N. This subgroup is a set of cosets ofN. If
H=fg2G:gN2Sg, then forh1; h22H, we have that (h1N)(h2N) =
hh
0
N2Sandh
1
1
N2S. Therefore,Hmust be a subgroup ofG. Clearly,
HcontainsN. Therefore,S=H=N. Consequently, the mapH7!H=His
onto.
Suppose thatH1andH2are subgroups ofGcontainingNsuch that
H1=N=H2=N. Ifh12H1, thenh1N2H1=N. Hence,h1N=h2NH2
for someh2inH2. However, sinceNis contained inH2, we know that
h12H2orH1H2. Similarly,H2H1. SinceH1=H2, the map
H7!H=His one-to-one.
Suppose thatHis normal inGandNis a subgroup ofH. Then it
is easy to verify that the mapG=N!G=Hdened bygN7!gHis a
homomorphism. The kernel of this homomorphism isH=N, which proves
thatH=Nis normal inG=N.
Conversely, suppose thatH=Nis normal inG=N. The homomorphism
given by
G!G=N!
G=N
H=N

EXERCISES 165
has kernelH. Hence,Hmust be normal inG.
Notice that in the course of the proof of Theorem 9.11, we have also
proved the following theorem.
Theorem 9.12 (Third Isomorphism Theorem) LetGbe a group and
NandHbe normal subgroups ofGwithNH. Then
G=H

=
G=N
H=N
:
Example 14.By the Third Isomorphism Theorem,
Z=mZ

=(Z=mnZ)=(mZ=mnZ):
SincejZ=mnZj=mnandjZ=mZj=m, we havejmZ=mnZj=n.
Exercises
1.For each of the following groupsG, determine whetherHis a normal sub-
group ofG. IfHis a normal subgroup, write out a Cayley table for the
factor groupG=H.
(a)G=S4andH=A4
(b)G=A5andH=f(1);(123);(132)g
(c)G=S4andH=D4
(d)G=Q8andH=f1;1; i;ig
(e)G=ZandH= 5Z
2.Find all the subgroups ofD4. Which subgroups are normal? What are all
the factor groups ofD4up to isomorphism?
3.Find all the subgroups of the quaternion group,Q8. Which subgroups are
normal? What are all the factor groups ofQ4up to isomorphism?
4.Prove that det(AB) = det(A) det(B) forA; B2GL2(R). This shows that
the determinant is a homomorphism fromGL2(R) toR

.
5.Which of the following maps are homomorphisms? If the map is a homomor-
phism, what is the kernel?
(a):R

!GL2(R) dened by
(a) =

1 0
0a

166 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
(b):R!GL2(R) dened by
(a) =

1 0
a1

(c):GL2(R)!Rdened by

a b
c d

=a+d
(d):GL2(R)!R

dened by

a b
c d

=adbc
(e):M2(R)!Rdened by

a b
c d

=b;
whereM2(R) is the additive group of 22 matrices with entries inR.
6.LetTbe the group of nonsingular upper triangular 22 matrices with entries
inR; that is, matrices of the form

a b
0c

;
wherea,b,c2Randac6= 0. LetUconsist of matrices of the form

1x
0 1

;
wherex2R.
(a)Show thatUis a subgroup ofT.
(b)Prove thatUis abelian.
(c)Prove thatUis normal inT.
(d)Show thatT=Uis abelian.
(e)IsTnormal inGL2(R)?
7.LetAbe anmnmatrix. Show that matrix multiplication,x7!Ax, denes
a homomorphism:R
n
!R
m
.
8.Let:Z!Zbe given by(n) = 7n. Prove thatis a group homomor-
phism. Find the kernel and the image of.
9.Describe all of the homomorphisms fromZ24toZ18.

EXERCISES 167
10.Describe all of the homomorphisms fromZtoZ12.
11.In the groupZ24, letH=h4iandN=h6i.
(a)List the elements inHN(we usually writeH+Nfor these additive
groups) andH\N.
(b)List the cosets inHN=N, showing the elements in each coset.
(c)List the cosets inH=(H\N), showing the elements in each coset.
(d)Give the correspondence betweenHN=NandH=(H\N) described in
the proof of the Second Isomorphism Theorem.
12.IfGis an abelian group andn2N, show that:G!Gdened byg7!g
n
is a group homomorphism.
13.Show that the intersection of two normal subgroups is a normal subgroup.
14.If:G!His a group homomorphism andGis abelian, prove that(G) is
also abelian.
15.If:G!His a group homomorphism andGis cyclic, prove that(G) is
also cyclic.
16.Show that a homomorphism dened on a cyclic group is completely deter-
mined by its action on the generator of the group.
17.IfGis abelian, prove thatG=Hmust also be abelian.
18.Prove or disprove: IfHis a normal subgroup ofGsuch thatHandG=H
are abelian, thenGis abelian.
19.IfGis cyclic, prove thatG=Hmust also be cyclic.
20.Prove or disprove: IfHandG=Hare cyclic, thenGis cyclic.
21.LetHbe a subgroup of index 2 of a groupG. Prove thatHmust be a normal
subgroup ofG. Conclude thatSnis not simple.
22.LetGbe a group of orderp
2
, wherepis a prime number. IfHis a subgroup
ofGof orderp, show thatHis normal inG. Prove thatGmust be abelian.
23.If a groupGhas exactly one subgroupHof orderk, prove thatHis normal
inG.
24.Prove or disprove:Q=Z

=Q.
25.Dene thecentralizerof an elementgin a groupGto be the set
C(g) =fx2G:xg=gxg:
Show thatC(g) is a subgroup ofG. Ifggenerates a normal subgroup ofG,
prove thatC(g) is normal inG.

168 CHAPTER 9 HOMOMORPHISMS AND FACTOR GROUPS
26.Recall that thecenterof a groupGis the set
Z(G) =fx2G:xg=gxfor allg2Gg:
(a)Calculate the center ofS3.
(b)Calculate the center ofGL2(R).
(c)Show that the center of any groupGis a normal subgroup ofG.
(d)IfG=Z(G) is cyclic, show thatGis abelian.
27.LetGbe a nite group andNa normal subgroup ofG. IfHis a subgroup
ofG=N, prove that
1
(H) is a subgroup inGof orderjHj jNj, where
:G!G=Nis the canonical homomorphism.
28.LetGbe a group and letG
0
=haba
1
b
1
i; that is,G
0
is the subgroup of all
nite products of elements inGof the formaba
1
b
1
. The subgroupG
0
is
called thecommutator subgroupofG.
(a)Show thatG
0
is a normal subgroup ofG.
(b)LetNbe a normal subgroup ofG. Prove thatG=Nis abelian if and
only ifNcontains the commutator subgroup ofG.
29.LetG1andG2be groups, and letH1andH2be normal subgroups ofG1
andG2respectively. Let:G1!G2be a homomorphism. Show that
induces a natural homomorphism
: (G1=H1)!(G2=H2) if(H1)H2.
30.IfHandKare normal subgroups ofGandH\K=feg, prove thatGis
isomorphic to a subgroup ofG=HG=K.
31.Let:G1!G2be a surjective group homomorphism. LetH1be a normal
subgroup ofG1and suppose that(H1) =H2. Prove or disprove that
G1=H1

=G2=H2.
32.Let:G!Hbe a group homomorphism. Show thatis one-to-one if and
only if
1
(e) =feg.
Additional Exercises: Automorphisms
1.LetAut(G) be the set of all automorphisms ofG; that is, isomorphisms from
Gto itself. Prove this set forms a group and is a subgroup of the group of
permutations ofG; that is,Aut(G)SG.
2.Aninner automorphismofG,
ig:G!G;
is dened by the map
ig(x) =gxg
1
;
forg2G. Show thatig2Aut(G).

EXERCISES 169
3.The set of all inner automorphisms is denoted byInn(G). Show thatInn(G)
is a subgroup ofAut(G).
4.Find an automorphism of a groupGthat is not an inner automorphism.
5.LetGbe a group andigbe an inner automorphism ofG, and dene a map
G!Aut(G)
by
g7!ig:
Prove that this map is a homomorphism with imageInn(G) and kernelZ(G).
Use this result to conclude that
G=Z(G)

=Inn(G):
6.ComputeAut(S3) andInn(S3). Do the same thing forD4.
7.Find all of the homomorphisms:Z!Z. What isAut(Z)?
8.Find all of the automorphisms ofZ8. Prove thatAut(Z8)

=U(8).
9.Fork2Zn, dene a mapk:Zn!Znbya7!ka. Prove thatkis a
homomorphism.
10.Prove thatkis an isomorphism if and only ifkis a generator ofZn.
11.Show that every automorphism ofZnis of the formk, wherekis a generator
ofZn.
12.Prove that :U(n)!Aut(Zn) is an isomorphism, where :k7!k.

10
Matrix Groups and
Symmetry
When Felix Klein (1849{1925) accepted a chair at the University of Er-
langen, he outlined in his inaugural address a program to classify dierent
geometries. Central to Klein's program was the theory of groups: he con-
sidered geometry to be the study of properties that are left invariant under
transformation groups. Groups, especially matrix groups, have now become
important in the study of symmetry and have found applications in such
disciplines as chemistry and physics. In the rst part of this chapter, we
will examine some of the classical matrix groups, such as the general linear
group, the special linear group, and the orthogonal group. We will then
use these matrix groups to investigate some of the ideas behind geometric
symmetry.
10.1 Matrix Groups
Some Facts from Linear Algebra
Before we study matrix groups, we must recall some basic facts from linear
algebra. One of the most fundamental ideas of linear algebra is that of a
linear transformation. Alinear transformationorlinear mapT:R
n
!
R
m
is a map that preserves vector addition and scalar multiplication; that
is, for vectorsxandyinR
n
and a scalar2R,
T(x+y) =T(x) +T(y)
T(y) =T(y):
Anmnmatrix with entries inRrepresents a linear transformation from
R
n
toR
m
. If we write vectorsx= (x1; : : : ; xn)
t
andy= (y1; : : : ; yn)
t
inR
n
170

10.1 MATRIX GROUPS 171
as column matrices, then anmnmatrix
A=
0
B
B
B
@
a11a12 a1n
a21a22 a2n
.
.
.
.
.
.
.
.
.
.
.
.
am1am2 amn
1
C
C
C
A
maps the vectors toR
m
linearly by matrix multiplication. Observe that if
is a real number,
A(x+y) =Ax+Ay
Ax=A(x);
where
x=
0
B
B
B
@
x1
x2
.
.
.
xn
1
C
C
C
A
:
We will often abbreviate the matrixAby writing (aij).
Conversely, ifT:R
n
!R
m
is a linear map, we can associate a matrix
AwithTby considering whatTdoes to the vectors
e1= (1;0; : : : ;0)
t
e2= (0;1; : : : ;0)
t
.
.
.
en= (0;0; : : : ;1)
t
:
We can write any vectorx= (x1; : : : ; xn)
t
as
x1e1+x2e2+ +xnen:
Consequently, if
T(e1) = (a11; a21; : : : ; am1)
t
;
T(e2) = (a12; a22; : : : ; am2)
t
;
.
.
.
T(en) = (a1n; a2n; : : : ; amn)
t
;

172 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
then
T(x) =T(x1e1+x2e2+ +xnen)
=x1T(e1) +x2T(e2) + +xnT(en)
=

n
X
k=1
a1kxk; : : : ;
n
X
k=1
amkxk
!
t
=Ax:
Example 1.If we letT:R
2
!R
2
be the map given by
T(x1; x2) = (2x1+ 5x2;4x1+ 3x2);
the axioms thatTmust satisfy to be a linear transformation are easily
veried. The column vectorsTe1= (2;4)
t
andTe2= (5;3)
t
tell us that
Tis given by the matrix
A=

2 5
4 3

:

Since we are interested in groups of matrices, we need to know which
matrices have multiplicative inverses. Recall that annnmatrixAis
invertibleexactly when there exists another matrixA
1
such thatAA
1
=
A
1
A=I, where
I=
0
B
B
B
@
1 0 0
0 1 0
.
.
.
.
.
.
.
.
.
.
.
.
0 0 1
1
C
C
C
A
is thennidentity matrix. From linear algebra we know thatAis invertible
if and only if the determinant ofAis nonzero. Sometimes an invertible
matrix is said to benonsingular.
Example 2.IfAis the matrix

2 1
5 3

;
then the inverse ofAis
A
1
=

31
5 2

:

10.1 MATRIX GROUPS 173
We are guaranteed thatA
1
exists, since det(A) = 2351 = 1 is nonzero.

Some other facts about determinants will also prove useful in the course
of this chapter. LetAandBbennmatrices. From linear algebra we
have the following properties of determinants.
The determinant is a homomorphism into the multiplicative group of
real numbers; that is, det(AB) = (detA)(detB).
IfAis an invertible matrix, then det(A
1
) = 1=detA.
If we dene the transpose of a matrixA= (aij) to beA
t
= (aji), then
det(A
t
) = detA.
LetTbe the linear transformation associated with annnmatrixA.
ThenTmultiplies volumes by a factor ofjdetAj. In the case ofR
2
,
this means thatTmultiplies areas byjdetAj.
Linear maps, matrices, and determinants are covered in any elementary
linear algebra text; however, if you have not had a course in linear algebra,
it is a straightforward process to verify these properties directly for 22
matrices, the case with which we are most concerned.
The General and Special Linear Groups
The set of allnninvertible matrices forms a group called thegeneral
linear group. We will denote this group byGLn(R). The general linear
group has several important subgroups. The multiplicative properties of
the determinant imply that the set of matrices with determinant one is a
subgroup of the general linear group. Stated another way, suppose that
det(A) = 1 and det(B) = 1. Then det(AB) = det(A) det(B) = 1 and
det(A
1
) = 1=detA= 1. This subgroup is called thespecial linear group
and is denoted bySLn(R).
Example 3.Given a 22 matrix
A=

a b
c d

;
the determinant ofAisadbc. The groupGL2(R) consists of those matri-
ces in whichadbc6= 0. The inverse ofAis
A
1
=
1
adbc

db
c a

:

174 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
IfAis inSL2(R), then
A
1
=

db
c a

:
Geometrically,SL2(R) is the group that preserves the areas of parallelo-
grams. Let
A=

1 1
0 1

be inSL2(R). In Figure 10.1, the unit square corresponding to the vectors
x= (1;0)
t
andy= (0;1)
t
is taken byAto the parallelogram with sides
(1;0)
t
and (1;1)
t
; that is,Ax= (1;0)
t
andAy= (1;1)
t
. Notice that these
two parallelograms have the same area. (0, 1)
(1, 0)
(1, 1)
(1, 0)
Figure 10.1.SL2(R) acting on the unit square
The Orthogonal GroupO(n)
Another subgroup ofGLn(R) is the orthogonal group. A matrixAisor-
thogonalifA
1
=A
t
. Theorthogonal groupconsists of the set of all
orthogonal matrices. We writeO(n) for thennorthogonal group. We
leave as an exercise the proof thatO(n) is a subgroup ofGLn(R).
Example 4.The following matrices are orthogonal:

3=54=5
4=5 3=5

;

1=2
p
3=2
p
3=2 1=2

;
0
@
1=
p
2 0 1 =
p
2
1=
p
62=
p
6 1=
p
6
1=
p
3 1=
p
3 1=
p
3
1
A:

There is a more geometric way of viewing the groupO(n). The orthog-
onal matrices are exactly those matrices that preserve the length of vectors.

10.1 MATRIX GROUPS 175
We can dene the length of a vector using theEuclidean inner product,
ordot product, of two vectors. The Euclidean inner product of two vectors
x= (x1; : : : ; xn)
t
andy= (y1; : : : ; yn)
t
is
hx;yi=x
t
y= (x1; x2; : : : ; xn)
0
B
B
B
@
y1
y2
.
.
.
yn
1
C
C
C
A
=x1y1+ +xnyn:
We dene the length of a vectorx= (x1; : : : ; xn)
t
to be
kxk=
p
hx;xi=
q
x
2
1
+ +x
2
n:
Associated with the notion of the length of a vector is the idea of the distance
between two vectors. We dene thedistancebetween two vectorsxandy
to bekxyk. We leave as an exercise the proof of the following proposition
about the properties of Euclidean inner products.
Proposition 10.1Letx,y, andwbe vectors inR
n
and2R. Then
1.hx;yi=hy;xi.
2.hx;y+wi=hx;yi+hx;wi.
3.hx;yi=hx; yi=hx;yi.
4.hx;xi 0with equality exactly whenx= 0.
5.Ifhx;yi= 0for allxinR
n
, theny= 0.
Example 5.The vectorx= (3;4)
t
has length
p
3
2
+ 4
2
= 5. We can also
see that the orthogonal matrix
A=

3=54=5
4=5 3=5

preserves the length of this vector. The vectorAx= (7=5;24=5)
t
also has
length 5.
Since det(AA
t
) = det(I) = 1 and det(A) = det(A
t
), the determinant of
any orthogonal matrix is either 1 or1. Consider the column vectors
aj=
0
B
B
B
@
a1j
a2j
.
.
.
anj
1
C
C
C
A

176 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
of the orthogonal matrixA= (aij). SinceAA
t
=I,har;asi=rs, where
rs=

1r=s
0r6=s
is the Kronecker delta. Accordingly, column vectors of an orthogonal ma-
trix all have length 1; and the Euclidean inner product of distinct column
vectors is zero. Any set of vectors satisfying these properties is called an
orthonormal set. Conversely, given annnmatrixAwhose columns
form an orthonormal set,A
1
=A
t
.
We say that a matrixAisdistance-preserving,length-preserving,
orinner product-preservingwhenkTxTyk=kxyk,kTxk=kxk, or
hTx; Tyi=hx;yi, respectively. The following theorem, which characterizes
the orthogonal group, says that these notions are the same.
Theorem 10.2LetAbe annnmatrix. The following statements are
equivalent.
1.The columns of the matrixAform an orthonormal set.
2.A
1
=A
t
.
3.For vectorsxandy,hAx; Ayi=hx;yi.
4.For vectorsxandy,kAxAyk=kxyk.
5.For any vectorx,kAxk=kxk.
Proof.We have already shown (1) and (2) to be equivalent.
(2))(3).
hAx; Ayi= (Ax)
t
Ay
=x
t
A
t
Ay
=x
t
y
=hx;yi:
(3))(2). Since
hx;xi=hAx; Axi
=x
t
A
t
Ay
=hx; A
t
Axi;

10.1 MATRIX GROUPS 177
we know thathx;(A
t
AI)xi= 0 for allx. Therefore,A
t
AI= 0 or
A
1
=A
t
.
(3))(4). IfAis inner product-preserving, thenAis distance-preserving,
since
kAxAyk
2
=kA(xy)k
2
=hA(xy); A(xy)i
=hxy;xyi
=kxyk
2
:
(4))(5). IfAis distance-preserving, thenAis length-preserving.
Lettingy= 0, we have
kAxk=kAxAyk=kxyk=kxk:
(5))(3). We use the following identity to show that length-preserving
implies inner product-preserving:
hx;yi=
1
2

kx+yk
2
kxk
2
kyk
2

:
Observe that
hAx; Ayi=
1
2

kAx+Ayk
2
kAxk
2
kAyk
2

=
1
2

kA(x+y)k
2
kAxk
2
kAyk
2

=
1
2

kx+yk
2
kxk
2
kyk
2

=hx;yi:

Example 6.Let us examine the orthogonal group onR
2
a bit more closely.
An elementT2O(2) is determined by its action one1= (1;0)
t
ande2=
(0;1)
t
. IfT(e1) = (a; b)
t
, thena
2
+b
2
= 1 andT(e2) = (b; a)
t
. Hence,T
can be represented by
A=

ab
b a

=

cossin
sincos

;
where 0 <2. A matrixTinO(2) either reects or rotates a vector in
R
2
(Figure 10.2). A reection is given by the matrix

1 0
01

;

178 CHAPTER 10 MATRIX GROUPS AND SYMMETRYq
(cos q, sin q)
(sin q, Ð cos q)
(a, b)
(a, Ðb)
Figure 10.2.O(2) acting onR
2
whereas a rotation by an anglein a counterclockwise direction must come
from a matrix of the form

cossin
sincos

:
If detA=1, thenAgives a reection.
Two of the other matrix or matrix-related groups that we will consider
are the special orthogonal group and the group of Euclidean motions. The
special orthogonal group,SO(n), is just the intersection ofO(n) and
SLn(R); that is, those elements inO(n) with determinant one. TheEu-
clidean group,E(n), can be written as ordered pairs (A;x), whereAis in
O(n) andxis inR
n
. We dene multiplication by
(A;x)(B;y) = (AB; Ay+x):
The identity of the group is (I;0); the inverse of (A;x) is (A
1
;A
1
x). In
Exercise 6, you are asked to check thatE(n) is indeed a group under this
operation.x
x + y
Figure 10.3.Translations inR
2

10.2 SYMMETRY 179
10.2 Symmetry
Anisometryorrigid motioninR
n
is a distance-preserving functionf
fromR
n
toR
n
. This means thatfmust satisfy
kf(x)f(y)k=kxyk
for allx;y2R
n
. It is not dicult to show thatfmust be a one-to-one
map. By Theorem 10.2, any element inO(n) is an isometry onR
n
; however,
O(n) does not include all possible isometries onR
n
. Translation by a vector
x,Ty(x) =x+yis also an isometry (Figure 10.3); however,Tcannot be in
O(n) since it is not a linear map.
We are mostly interested in isometries inR
2
. In fact, the only isome-
tries inR
2
are rotations and reections about the origin, translations, and
combinations of the two. For example, aglide reectionis a translation
followed by a reection (Figure 10.4). InR
n
all isometries are given in the
same manner. The proof is very easy to generalize.x
T (x)
Figure 10.4.Glide reections
Lemma 10.3An isometryfthat xes the origin inR
2
is a linear trans-
formation. In particular,fis given by an element inO(2).
Proof.Letfbe an isometry inR
2
xing the origin. We will rst show
thatfpreserves inner products. Sincef(0) = 0,kf(x)k=kxk; therefore,
kxk
2
2hf(x); f(y)i+kyk
2
=kf(x)k
2
2hf(x); f(y)i+kf(y)k
2
=hf(x)f(y); f(x)f(y)i
=kf(x)f(y)k
2
=kxyk
2
=hxy;xyi
=kxk
2
2hx;yi+kyk
2
:

180 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
Consequently,
hf(x); f(y)i=hx;yi:
Now lete1ande2be (1;0)
t
and (0;1)
t
, respectively. If
x= (x1; x2) =x1e1+x2e2;
then
f(x) =hf(x); f(e1)if(e1) +hf(x); f(e2)if(e2) =x1f(e1) +x2f(e2):
The linearity offeasily follows.
For any arbitrary isometry,f,Txfwill x the origin for some vector
xinR
2
; hence,Txf(y) =Ayfor some matrixA2O(2). Consequently,
f(y) =Ay+x. Given the isometries
f(y) =Ay+x1
g(y) =By+x2;
their composition is
f(g(y)) =f(By+x2) =ABy+Ax2+x1:
This last computation allows us to identify the group of isometries onR
2
withE(2).
Theorem 10.4The group of isometries onR
2
is the Euclidean group,
E(2).
Asymmetry groupinR
n
is a subgroup of the group of isometries on
R
n
that xes a set of pointsXR
2
. It is important to realize that the
symmetry group ofXdependsbothonR
n
and onX. For example, the
symmetry group of the origin inR
1
isZ2, but the symmetry group of the
origin inR
2
isO(2).
Theorem 10.5The only nite symmetry groups inR
2
areZnandDn.
Proof.Any nite symmetry groupGinR
2
must be a nite subgroup of
O(2); otherwise,Gwould have an element inE(2) of the form (A;x), where
x6= 0. Such an element must have innite order.
By Example 6, elements inO(2) are either rotations of the form
R=

cossin
sincos

10.2 SYMMETRY 181
or reections of the form
T=

cossin
sincos

:
Notice that det(R) = 1, det(T) =1, andT
2

=I. We can divide the
proof up into two cases. In the rst case, all of the elements inGhave
determinant one. In the second case, there exists at least one element inG
with determinant1.
Case 1.The determinant of every element inGis one. In this case every
element inGmust be a rotation. SinceGis nite, there is a smallest angle,
say0, such that the corresponding elementR0
is the smallest rotation in
the positive direction. We claim thatR0
generatesG. If not, then for some
positive integernthere is an angle1betweenn0and (n+ 1)0. If so, then
(n+ 1)01corresponds to a rotation smaller than0, which contradicts
the minimality of0.
Case 2.The groupGcontains a reectionT. The kernel of the ho-
momorphism:G! f1;1ggiven byA7!det(A) consists of elements
whose determinant is 1. Therefore,jG=kerj= 2. We know that the kernel
is cyclic by the rst case and is a subgroup ofGof, say, ordern. Hence,
jGj= 2n. The elements ofGare
R; : : : ; R
n1

; T R; : : : ; T R
n1

:
These elements satisfy the relation
T RT=R
1

:
Consequently,Gmust be isomorphic toDnin this case.
Figure 10.5.A wallpaper pattern inR
2

182 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
The Wallpaper Groups
Suppose that we wish to study wallpaper patterns in the plane or crystals in
three dimensions. Wallpaper patterns are simply repeating patterns in the
plane (Figure 10.5). The analogs of wallpaper patterns inR
3
are crystals,
which we can think of as repeating patterns of molecules in three dimensions
(Figure 10.6). The mathematical equivalent of a wallpaper or crystal pattern
is called a lattice.
Figure 10.6.A crystal structure inR
3
Let us examine wallpaper patterns in the plane a little more closely.
Suppose thatxandyare linearly independent vectors inR
2
; that is, one
vector cannot be a scalar multiple of the other. Alatticeofxandyis the
set of all linear combinationsmx+ny, wheremandnare integers. The
vectorsxandyare said to be abasisfor the lattice.(1, 1)
(2, 0)
(Ð1, 1)
(Ð1, Ð1)
Figure 10.7.A lattice inR
2
Notice that a lattice can have several bases. For example, the vectors
(1;1)
t
and (2;0)
t
have the same lattice as the vectors (1;1)
t
and (1;1)
t
(Figure 10.7). However, any lattice is completely determined by a basis.

10.2 SYMMETRY 183
Given two bases for the same lattice, sayfx1;x2gandfy1;y2g, we can
write
y1=1x1+2x2
y2=1x1+2x2;
where1,2,1, and2are integers. The matrix corresponding to this
transformation is
U=

12
12

:
If we wish to givex1andx2in terms ofy1andy2, we need only calculate
U
1
; that is,
U
1

y1
y2

=

x1
x2

:
SinceUhas integer entries,U
1
must also have integer entries; hence the
determinants of bothUandU
1
must be integers. BecauseUU
1
=I,
det(UU
1
) = det(U) det(U
1
) = 1;
consequently, det(U) =1. A matrix with determinant1 and integer
entries is calledunimodular. For example, the matrix

3 1
5 2

is unimodular. It should be clear that there is a minimum length for vectors
in a lattice.
We can classify lattices by studying their symmetry groups. The sym-
metry group of a lattice is the subgroup ofE(2) that maps the lattice to
itself. We consider two lattices inR
2
to be equivalent if they have the same
symmetry group. Similarly, classication of crystals inR
3
is accomplished
by associating a symmetry group, called aspace group, with each type of
crystal. Two lattices are considered dierent if their space groups are not
the same. The natural question that now arises is how many space groups
exist.
A space group is composed of two parts: atranslation subgroupand
apoint group. The translation subgroup is an innite abelian subgroup
of the space group made up of the translational symmetries of the crystal;
the point group is a nite group consisting of rotations and reections of
the crystal about a point. More specically, a space group is a subgroup of
GE(2) whose translations are a set of the formf(I; t) :t2Lg, whereLis

184 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
a lattice. Space groups are, of course, innite. Using geometric arguments,
we can prove the following theorem (see [5] or [6]).
Theorem 10.6Every translation group inR
2
is isomorphic toZZ.HexagonalParallelogram
RhombicRectangularSquare
Figure 10.8.Types of lattices inR
2
The point group ofGisG0=fA: (A; b)2Gfor somebg. In particular,
G0must be a subgroup ofO(2). Suppose thatxis a vector in a lattice
Lwith space groupG, translation groupH, and point groupG0. For any
element (A;y) inG,
(A;y)(I;x)(A;y)
1
= (A; Ax+y)(A
1
;A
1
y)
= (AA
1
;AA
1
y+Ax+y)
= (I; Ax);
hence, (I; Ax) is in the translation group ofG. More specically,Axmust
be in the latticeL. It is important to note thatG0is not usually a subgroup
of the space groupG; however, ifTis the translation subgroup ofG, then
G=T

=G0. The proof of the following theorem can be found in [2], [5],
or [6].
Theorem 10.7The point group in the wallpaper groups is isomorphic to
ZnorDn, wheren= 1;2;3;4;6.
To answer the question of how the point groups and the translation
groups can be combined, we must look at the dierent types of lattices.
Lattices can be classied by the structure of a single lattice cell. The possible
cell shapes are parallelogram, rectangular, square, rhombic, and hexagonal

10.2 SYMMETRY 185
Table 10.1.The 17 wallpaper groups
Notation andReectionsSpace GroupsPoint GroupLattice Typeor Glide Reections?p1Z1parallelogramnonep2Z2parallelogramnonep3Z3hexagonalnonep4Z4squarenonep6Z6hexagonalnonepmD1rectangularreectionspgD1rectangularglide reectionscmD1rhombicbothpmmD2rectangularreectionspmgD2rectangularglide reectionspggD2rectangularbothc2mmD2rhombicbothp3m1, p31mD3hexagonalbothp4m, p4gD4squarebothp6mD6hexagonalboth
(Figure 10.8). The wallpaper groups can now be classied according to the
types of reections that occur in each group: these are ordinarily reections,
glide reections, both, or none.
Theorem 10.8There are exactly 17 wallpaper groups.p4gp4m
Figure 10.9.The wallpaper groups p4m and p4g
The 17 wallpaper groups are listed in Table 10.1. The groups p3m1 and
p31m can be distinguished by whether or not all of their threefold centers
lie on the reection axes: those of p3m1 must, whereas those of p31m may
not. Similarly, the fourfold centers of p4m must lie on the reection axes
whereas those of p4g need not (Figure 10.9). The complete proof of this

186 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
theorem can be found in several of the references at the end of this chapter,
including [5], [6], [10], and [11].
Historical Note
Symmetry groups have intrigued mathematicians for a long time. Leonardo da
Vinci was probably the rst person to know all of the point groups. At the Inter-
national Congress of Mathematicians in 1900, David Hilbert gave a now-famous
address outlining 23 problems to guide mathematics in the twentieth century.
Hilbert's eighteenth problem asked whether or not crystallographic groups inn
dimensions were always nite. In 1910, L. Bieberbach proved that crystallographic
groups are nite in every dimension. Finding out how many of these groups there
are in each dimension is another matter. InR
3
there are 230 dierent space groups;
inR
4
there are 4783. No one has been able to compute the number of space groups
forR
5
and beyond. It is interesting to note that the crystallographic groups were
found mathematically forR
3
before the 230 dierent types of crystals were actually
discovered in nature.
Exercises
1.Prove the identity
hx;yi=
1
2

kx+yk
2
kxk
2
kyk
2

:
2.Show thatO(n) is a group.
3.Prove that the following matrices are orthogonal. Are any of these matrices
inSO(n)?
(a)

1=
p
21=
p
2
1=
p
2 1=
p
2

(c)
0
@
4=
p
5 0 3 =
p
5
3=
p
5 0 4=
p
5
0 1 0
1
A
(b)

1=
p
5 2=
p
5
2=
p
5 1=
p
5

(d)
0
@
1=3 2=32=3
2=3 2=3 1=3
2=3 1=3 2=3
1
A
4.Determine the symmetry group of each of the gures in Figure 10.10.
5.Letx,y, andwbe vectors inR
n
and2R. Prove each of the following
properties of inner products.
(a)hx;yi=hy;xi.

EXERCISES 187(a)
(b)
(c)
Figure 10.10.
(b)hx;y+wi=hx;yi+hx;wi.
(c)hx;yi=hx; yi=hx;yi.
(d)hx;xi 0 with equality exactly whenx= 0.
(e)Ifhx;yi= 0 for allxinR
n
, theny= 0.
6.Verify that
E(n) =f(A;x) :A2O(n) andx2R
n
g
is a group.
7.Prove thatf(2;1);(1;1)gandf(12;5);(7;3)gare bases for the same lattice.
8.LetGbe a subgroup ofE(2) and suppose thatTis the translation subgroup
ofG. Prove that the point group ofGis isomorphic toG=T.
9.LetA2SL2(R) and suppose that the vectorsxandyform two sides of a
parallelogram inR
2
. Prove that the area of this parallelogram is the same
as the area of the parallelogram with sidesAxandAy.
10.Prove thatSO(n) is a normal subgroup ofO(n).
11.Show that any isometryfinR
n
is a one-to-one map.
12.Show that an element inE(2) of the form (A;x), wherex6= 0, has innite
order.
13.Prove or disprove: There exists an innite abelian subgroup ofO(n).
14.Letx= (x1; x2) be a point on the unit circle inR
2
; that is,x
2
1+x
2
2= 1. If
A2O(2), show thatAxis also a point on the unit circle.
15.LetGbe a group with a subgroupH(not necessarily normal) and a normal
subgroupN. ThenGis asemidirect productofNbyHif
H\N=fidg;
HN=G.
Show that each of the following is true.
(a)S3is the semidirect product ofA3byH=f(1);(12)g.

188 CHAPTER 10 MATRIX GROUPS AND SYMMETRY
(b)The quaternion group,Q8, cannot be written as a semidirect product.
(c)E(2) is the semidirect product ofO(2) byH, whereHconsists of all
translations inR
2
.
16.Determine which of the 17 wallpaper groups preserves the symmetry of the
pattern in Figure 10.5.
Figure 10.11.
17.Determine which of the 17 wallpaper groups preserves the symmetry of the
pattern in Figure 10.11.
18.Find the rotation group of a dodecahedron.
19.For each of the 17 wallpaper groups, draw a wallpaper pattern having that
group as a symmetry group.
References and Suggested Readings
[1]Coxeter, H. M. and Moser, W. O. J.Generators and Relations for Discrete
Groups, 3rd ed. Springer-Verlag, New York, 1972.
[2]Grove, L. C. and Benson, C. T.Finite Reection Groups. 2nd ed. Springer-
Verlag, New York, 1985.
[3]Hiller, H. \Crystallography and Cohomology of Groups,"American Mathe-
matical Monthly93(1986), 765{79.
[4]Lockwood, E. H. and Macmillan, R. H.Geometric Symmetry. Cambridge
University Press, Cambridge, 1978.
[5]Mackiw, G.Applications of Abstract Algebra. Wiley, New York, 1985.
[6]Martin, G.Transformation Groups: An Introduction to Symmetry. Springer-
Verlag, New York, 1982.
[7]Milnor, J. \Hilbert's Problem 18: On Crystallographic Groups, Fundamental
Domains, and Sphere Packing,"Proceedings of Symposia in Pure Mathemat-
ics18, American Mathematical Society, 1976.
[8]Phillips, F. C.An Introduction to Crystallography. 4th ed. Wiley, New York,
1971.

EXERCISES 189
[9]Rose, B. I. and Staord, R. D. \An Elementary Course in Mathematical
Symmetry,"American Mathematical Monthly88(1980), 54{64.
[10]Schattschneider, D. \The Plane Symmetry Groups: Their Recognition and
Their Notation,"American Mathematical Monthly85(1978), 439{50.
[11]Schwarzenberger, R. L. \The 17 Plane Symmetry Groups,"Mathematical
Gazette58(1974), 123{31.
[12]Weyl, H.Symmetry. Princeton University Press, Princeton, NJ, 1952.

11
The Structure of GroupsThe ultimate goal of group theory is to classify all groups up to isomorphism;
that is, given a particular group, we should be able to match it up with a
known group via an isomorphism. For example, we have already proved that
any nite cyclic group of ordernis isomorphic toZn; hence, we \know" all
nite cyclic groups. It is probably not reasonable to expect that we will ever
know all groups; however, we can often classify certain types of groups or
distinguish between groups in special cases.
In this chapter we will characterize all nite abelian groups. We shall also
investigate groups with sequences of subgroups. If a group has a sequence
of subgroups, say
G=HnHn1 H1H0=feg;
where each subgroupHiis normal inHi+1and each of the factor groups
Hi+1=Hiis abelian, thenGis a solvable group. In addition to allowing us
to distinguish between certain classes of groups, solvable groups turn out to
be central to the study of solutions to polynomial equations.
11.1 Finite Abelian Groups
In our investigation of cyclic groups we found that every group of prime order
was isomorphic toZp, wherepwas a prime number. We also determined
thatZmn

=ZmZnwhen gcd(m; n) = 1. In fact, much more is true.
Every nite abelian group is isomorphic to a direct product of cyclic groups
of prime power order; that is, every nite abelian group is isomorphic to a
group of the type
Z
p

1
1
Z
p
n
n
:
190

11.1 FINITE ABELIAN GROUPS 191
First, let us examine a slight generalization of nite abelian groups.
Suppose thatGis a group and letfgigbe a set of elements inG, wherei
is in some index setI(not necessarily nite). The smallest subgroup ofG
containing all of thegi's is the subgroup ofGgeneratedby thegi's. If this
subgroup ofGis in fact all ofG, thenGis generated by the setfgi:i2Ig.
In this case thegi's are said to be thegeneratorsofG. If there is a nite
setfgi:i2Igthat generatesG, thenGisnitely generated.
Example 1.Obviously, all nite groups are nitely generated. For example,
the groupS3is generated by the permutations (12) and (123). The group
ZZnis an innite group but is nitely generated byf(1;0);(0;1)g.
Example 2.Not all groups are nitely generated. Consider the rational
numbersQunder the operation of addition. Suppose thatQis nitely
generated with generatorsp1=q1; : : : ; pn=qn, where eachpi=qiis a fraction
expressed in its lowest terms. Letpbe some prime that does not divide
any of the denominatorsq1; : : : ; qn. We claim that 1=pcannot be in the
subgroup ofQthat is generated byp1=q1; : : : ; pn=qn, sincepdoes not divide
the denominator of any element in this subgroup. This fact is easy to see
since the sum of any two generators is
pi=qi+pj=qj= (piqj+pjqi)=(qiqj):

Theorem 11.1LetHbe the subgroup of a groupGthat is generated by
fgi2G:i2Ig. Thenh2Hexactly when it is a product of the form
h=g
1
i1
g
n
in
;
where thegik
's are not necessarily distinct.
The reason that powers of a xedgimay occur several times in the
product is that we may have a nonabelian group. However, if the group is
abelian, then thegi's need occur only once. For example, a product such as
a
3
b
5
a
7
could always be simplied (in this case, toa
4
b
5
).
Proof.LetKbe the set of all products of the formg
1
i1
g
n
in
, where the
gik
's are not necessarily distinct. CertainlyKis a subset ofH. We need
only show thatKis a subgroup ofG. If this is the case, thenK=H, since
His the smallest subgroup containing all thegi's.

192 CHAPTER 11 THE STRUCTURE OF GROUPS
Clearly, the setKis closed under the group operation. Sinceg
0
i
= 1,
the identity is inK. It remains to show that the inverse of an element
g=g
k1
1
g
kn
in
inKmust also be inK. However,
g
1
= (g
k1
1
g
kn
in
)
1
= (g
kn
1
g
k1
in
):

Now let us restrict our attention to nite abelian groups. We can express
any nite abelian group as a nite direct product of cyclic groups. More
specically, lettingpbe prime, we dene a groupGto be ap-groupif every
element inGhas as its order a power ofp. For example, bothZ2Z2and
Z4are 2-groups, whereasZ27is a 3-group. We shall prove that every nite
abelian group is isomorphic to a direct product of cyclicp-groups. Before we
state the main theorem concerning nite abelian groups, we shall consider
a special case.
Theorem 11.2Every nite abelian groupGis the direct product ofp-
groups.
Proof.IfjGj= 1, then the theorem is trivial. Suppose that the order of
Gis greater than 1, say
jGj=p
1
1
p
n
n;
wherep1; : : : ; pnare all prime, and deneGito be the set of elements inGof
orderp
k
i
for some integerk. SinceGis an abelian group, we are guaranteed
thatGiis a subgroup ofGfori= 1; : : : ; n. We must show that
G=G1 Gn:
That is, we must be able to write everyg2Gas a unique productgp1
gpn
wheregpi
is of the order of some power ofpi. Since the order ofgdivides
the order ofG, we know that
jgj=p
1
1
p
2
2
p
n
n
for integers1; : : : ; n. Lettingai=jgj=p
i
i
, theai's are relatively prime;
hence, there exist integersb1; : : : ; bnsuch thata1b1+ +anbn= 1. Con-
sequently,
g=g
a1b1++anbn
=g
a1b1
g
anbn
:
Since
g
(aibi)p

i
i=g
bijgj
=e;

11.1 FINITE ABELIAN GROUPS 193
it follows thatg
aibi
must be inGi. Letgi=g
aibi
. Theng=g1 gnand
Gi\Gj=fegfori6=j.
To show uniqueness, suppose that
g=g1 gn=h1 hn
withhi2Gi. Then
e= (g1 gn)(h1 hn)
1
=g1h
1
1
gnh
1
n:
The order ofgih
1
i
is a power ofpi; hence, the order ofg1h
1
1
gnh
1
nis the
least common multiple of the orders of thegih
1
i
. This must be 1, since the
order of the identity is 1. Therefore,jgih
1
i
j= 1 orgi=hifori= 1; : : : ; n.

We shall now state the Fundamental Theorem of Finite Abelian Groups.
Theorem 11.3 (Fundamental Theorem of Finite Abelian Groups)
Every nite abelian groupGis isomorphic to a direct product of cyclic groups
of the form
Z
p

1
1
Z
p

2
2
Z
p
n
n
where thepi's are primes (not necessarily distinct).
Example 3.Suppose that we wish to classify all abelian groups of order
540 = 2
2
3
3
5. The Fundamental Theorem of Finite Abelian Groups tells
us that we have the following six possibilities.
Z2Z2Z3Z3Z3Z5;
Z2Z2Z3Z9Z5;
Z2Z2Z27Z5;
Z4Z3Z3Z3Z5;
Z4Z3Z9Z5;
Z4Z27Z5.

The proof of the Fundamental Theorem relies on the following lemma.
Lemma 11.4LetGbe a nite abelianp-group and suppose thatg2Ghas
maximal order. ThenGcan be written ashgiHfor some subgroupHofG.

194 CHAPTER 11 THE STRUCTURE OF GROUPS
Proof.Suppose that the order ofGisp
n
. We shall induct onn. Ifn= 1,
thenGis cyclic of orderpand must be generated byg. Suppose now that
the statement of the lemma holds for all integerskwith 1k < nand let
gbe of maximal order inG, sayjgj=p
m
. Thena
p
m
=efor alla2G.
Now choosehinGsuch thath =2 hgi, wherehhas the smallest possible
order. Certainly such anhexists; otherwise,G=hgiand we are done. Let
H=hhi.
We claim thathgi \H=feg. It suces to show thatjHj=p. Since
jh
p
j=jhj=p, the order ofh
p
is smaller than the order ofhand must be in
hgiby the minimality ofh; that is,h
p
=g
r
for some numberr. Hence,
(g
r
)
p
m1
= (h
p
)
p
m1
=h
p
m
=e;
and the order ofg
r
must be less than or equal top
m1
. Therefore,g
r
cannot
generatehgi. Notice thatpmust occur as a factor ofr, sayr=ps, and
h
p
=g
r
=g
ps
. Deneato beg
s
h. Thenacannot be inhgi; otherwise,h
would also have to be inhgi. Also,
a
p
=g
sp
h
p
=g
r
h
p
=h
p
h
p
=e:
We have now formed an elementawith orderpsuch thata =2 hgi. Sinceh
was chosen to have the smallest order of all of the elements that are not in
hgi,jHj=p.
Now we will show that the order ofgHin the factor groupG=Hmust
be the same as the order ofginG. IfjgHj<jgj=p
m
, then
H= (gH)
p
m1
=g
p
m1
H;
hence,g
p
m1
must be inhgi \H=feg, which contradicts the fact that the
order ofgisp
m
. Therefore,gHmust have maximal order inG=H. By the
Correspondence Theorem and our induction hypothesis,
G=H

=hgHi K=H
for some subgroupKofGcontainingH. We claim thathgi \K=feg. If
b2 hgi \K, thenbH2 hgHi \K=H=fHgandb2 hgi \H=feg. It
follows thatG=hgiKimplies thatG

=hgi H.
The proof of the Fundamental Theorem of Finite Abelian Groups follows
very quickly from Lemma 11.4. Suppose thatGis a nite abelian group and
letgbe an element of maximal order inG. Ifhgi=G, then we are done;

11.2 SOLVABLE GROUPS 195
otherwise,G

=Z
jgjHfor some subgroupHcontained inGby the lemma.
SincejHj<jGj, we can apply mathematical induction.
We now state the more general theorem for all nitely generated abelian
groups. The proof of this theorem can be found in any of the references at
the end of this chapter.
Theorem 11.5 (Fundamental Theorem of Finitely Generated Abelian
Groups)Every nitely generated abelian groupGis isomorphic to a direct
product of cyclic groups of the form
Z
p

1
1
Z
p

2
2
Z
p
n
n
Z Z;
where thepi's are primes (not necessarily distinct).
11.2 Solvable Groups
Asubnormal seriesof a groupGis a nite sequence of subgroups
G=HnHn1 H1H0=feg;
whereHiis a normal subgroup ofHi+1. If each subgroupHiis normal in
G, then the series is called anormal series. Thelengthof a subnormal
or normal series is the number of proper inclusions.
Example 4.Any series of subgroups of an abelian group is a normal series.
Consider the following series of groups:
Z9Z45Z180Z f0g;
Z24 h2i h6i h12i f0g:

Example 5.A subnormal series need not be a normal series. Consider the
following subnormal series of the groupD4:
D4 f(1);(12)(34);(13)(24);(14)(23)g f(1);(12)(34)g f(1)g:
The subgroupf(1);(12)(34)gis not normal inD4; consequently, this series
is not a normal series.
A subnormal (normal) seriesfKjgis arenement of a subnormal
(normal) seriesfHigiffHig fKjg. That is, eachHiis one of theKj.

196 CHAPTER 11 THE STRUCTURE OF GROUPS
Example 6.The series
Z3Z9Z45Z90Z180Z f0g
is a renement of the series
Z9Z45Z180Z f0g:

The correct way to study a subnormal or normal series of subgroups,
fHigofG, is actually to study the factor groupsHi+1=Hi. We say that two
subnormal (normal) seriesfHigandfKjgof a groupGareisomorphicif
there is a one-to-one correspondence between the collections of factor groups
fHi+1=HigandfKj+1=Kjg.
Example 7.The two normal series
Z60 h3i h15i f0g
Z60 h4i h20i f0g
of the groupZ60are isomorphic since
Z60=h3i

=h20i=f0g

=Z3
h3i=h15i

=h4i=h20i

=Z5
h15i=f0g

=Z60=h4i

=Z4:

A subnormal seriesfHigof a groupGis acomposition seriesif all the
factor groups are simple; that is, if none of the factor groups of the series
contains a normal subgroup. A normal seriesfHigofGis aprincipal
seriesif all the factor groups are simple.
Example 8.The groupZ60has a composition series
Z60 h3i h15i h30i f0g
with factor groups
Z60=h3i

=Z3
h3i=h15i

=Z5
h15i=h30i

=Z2
h30i=f0g

=Z2:

11.2 SOLVABLE GROUPS 197
SinceZ60is an abelian group, this series is automatically a principal series.
Notice that a composition series need not be unique. The series
Z60 h2i h4i h20i f0g
is also a composition series.
Example 9.Forn5, the series
SnAn f(1)g
is a composition series forSnsinceSn=An

=Z2andAnis simple.
Example 10.Not every group has a composition series or a principal series.
Suppose that
f0g=H0H1 Hn1Hn=Z
is a subnormal series for the integers under addition. ThenH1must be of
the formnZfor somen2N. In this caseH1=H0

=nZis an innite cyclic
group with many nontrivial proper normal subgroups.
Although composition series need not be unique as in the case ofZ60, it
turns out that any two composition series are related. The factor groups of
the two composition series forZ60areZ2,Z2,Z3, andZ5; that is, the two
composition series are isomorphic. The Jordan-Holder Theorem says that
this is always the case.
Theorem 11.6 (Jordan-Holder)Any two composition series ofGare
isomorphic.
Proof.We shall employ mathematical induction on the length of the com-
position series. If the length of a composition series is 1, thenGmust be a
simple group. In this case any two composition series are isomorphic.
Suppose now that the theorem is true for all groups having a composition
series of lengthk, where 1k < n. Let
G=HnHn1 H1H0=feg
G=KmKm1 K1K0=feg
be two composition series forG. We can form two new subnormal series for
GsinceHi\Km1is normal inHi+1\Km1andKj\Hn1is normal in
Kj+1\Hn1:
G=HnHn1Hn1\Km1 H0\Km1=feg
G=KmKm1Km1\Hn1 K0\Hn1=feg:

198 CHAPTER 11 THE STRUCTURE OF GROUPS
SinceHi\Km1is normal inHi+1\Km1, the Second Isomorphism Theorem
implies that
(Hi+1\Km1)=(Hi\Km1) = (Hi+1\Km1)=(Hi\(Hi+1\Km1))

=Hi(Hi+1\Km1)=Hi;
whereHiis normal inHi(Hi+1\Km1). SincefHigis a composition se-
ries,Hi+1=Himust be simple; consequently,Hi(Hi+1\Km1)=Hiis either
Hi+1=HiorHi=Hi. That is,Hi(Hi+1\Km1) must be eitherHiorHi+1.
Removing any nonproper inclusions from the series
Hn1Hn1\Km1 H0\Km1=feg;
we have a composition series forHn1. Our induction hypothesis says that
this series must be equivalent to the composition series
Hn1 H1H0=feg:
Hence, the composition series
G=HnHn1 H1H0=feg
and
G=HnHn1Hn1\Km1 H0\Km1=feg
are equivalent. IfHn1=Km1, then the composition seriesfHigandfKjg
are equivalent and we are done; otherwise,Hn1Km1is a normal subgroup
ofGproperly containingHn1. In this caseHn1Km1=Gand we can
apply the Second Isomorphism Theorem once again; that is,
Km1=(Km1\Hn1)

=(Hn1Km1)=Hn1=G=Hn1:
Therefore,
G=HnHn1Hn1\Km1 H0\Km1=feg
and
G=KmKm1Km1\Hn1 K0\Hn1=feg
are equivalent and the proof of the theorem is complete.

EXERCISES 199
A groupGissolvableif it has a composition seriesfHigsuch that all
of the factor groupsHi+1=Hiare abelian. Solvable groups will play a fun-
damental role when we study Galois theory and the solution of polynomial
equations.
Example 11.The groupS4is solvable since
S4A4 f(1);(12)(34);(13)(24);(14)(23)g f(1)g
has abelian factor groups; however, forn5 the series
SnAn f(1)g
is a composition series forSnwith a nonabelian factor group. Therefore,Sn
is not a solvable group forn5.
Exercises
1.Find all of the abelian groups of order less than or equal to 40 up to isomor-
phism.
2.Find all of the abelian groups of order 200 up to isomorphism.
3.Find all of the abelian groups of order 720 up to isomorphism.
4.Find all of the composition series for each of the following groups.
(a)Z12
(c)The quaternions,Q8
(e)S3Z4
(g)Sn,n5
(b)Z48
(d)D4
(f)S4
(h)Q
5.Show that the innite direct productG=Z2Z2 is not nitely
generated.
6.LetGbe an abelian group of orderm. Ifndividesm, prove thatGhas a
subgroup of ordern.
7.A groupGis atorsion groupif every element ofGhas nite order. Prove
that a nitely generated torsion group must be nite.
8.LetG,H, andKbe nitely generated abelian groups. Show that ifGH

=
GK, thenH

=K. Give a counterexample to show that this cannot be
true in general.
9.LetGandHbe solvable groups. Show thatGHis also solvable.

200 CHAPTER 11 THE STRUCTURE OF GROUPS
10.IfGhas a composition (principal) series and ifNis a proper normal subgroup
ofG, show there exists a composition (principal) series containingN.
11.Prove or disprove: LetNbe a normal subgroup ofG. IfNandG=Nhave
composition series, thenGmust also have a composition series.
12.LetNbe a normal subgroup ofG. IfNandG=Nare solvable groups, show
thatGis also a solvable group.
13.Prove thatGis a solvable group if and only ifGhas a series of subgroups
G=PnPn1 P1P0=feg
wherePiis normal inPi+1and the order ofPi+1=Piis prime.
14.LetGbe a solvable group. Prove that any subgroup ofGis also solvable.
15.LetGbe a solvable group andNa normal subgroup ofG. Prove thatG=N
is solvable.
16.Prove thatDnis solvable for all integersn.
17.Suppose thatGhas a composition series. IfNis a normal subgroup ofG,
show thatNandG=Nalso have composition series.
18.LetGbe a cyclicp-group with subgroupsHandK. Prove that eitherHis
contained inKorKis contained inH.
19.Suppose thatGis a solvable group with ordern2. Show thatGcontains
a normal nontrivial abelian subgroup.
20.Recall that thecommutator subgroup G
0
of a groupGis dened as
the subgroup ofGgenerated by elements of the forma
1
b
1
abfora; b2G.
We can dene a series of subgroups ofGbyG
(0)
=G,G
(1)
=G
0
, and
G
(i+1)
= (G
(i)
)
0
.
(a)Prove thatG
(i+1)
is normal in (G
(i)
)
0
. The series of subgroups
G
(0)
=GG
(1)
G
(2)

is called thederived seriesofG.
(b)Show thatGis solvable if and only ifG
(n)
=fegfor some integern.
21.Suppose thatGis a solvable group with ordern2. Show thatGcontains
a normal nontrivial abelian factor group.
22. Zassenhaus Lemma. LetHandKbe subgroups of a groupG. Suppose
also thatH

andK

are normal subgroups ofHandKrespectively. Then
(a)H

(H\K

) is a normal subgroup ofH

(H\K).
(b)K

(H

\K) is a normal subgroup ofK

(H\K).

EXERCISES 201
(c)H

(H\K)=H

(H\K

)

=K

(H\K)=K

(H

\K)

=(H\K)=(H

\K)(H\K

):
[Hint:Use the diagram in Figure 11.1. The Zassenhaus Lemma is often
referred to as the Buttery Lemma because of this diagram.]
(H

\K)(H\K

)
H\K
H K
H

(H\K) K

(H\K)
H

K

H\K

H

\K
H

(H\K

) K

(H

\K)

Q
Q
Q
Q
Q
Q
Q
Q
Q
Q
Q
Q

Q
Q
Q
Q
Q
Q
Q
Q
A
A
A
A
A
A
A
A

@
@
@
@
H
H
H
H
H
H
H
H

B
B
B
B
B
B
B
B
B
B
B
B

Figure 11.1.The Zassenhaus Lemma
23. Schreier's Theorem.Use the Zassenhaus Lemma to prove that two sub-
normal (normal) series of a groupGhave isomorphic renements.
24.Use Schreier's Theorem to prove the Jordan-Holder Theorem.
Programming Exercises
Write a program that will compute all possible abelian groups of ordern. What is
the largestnfor which your program will work?
References and Suggested Readings
Each of the following references contains a proof of the Fundamental Theorem of
Finitely Generated Abelian Groups.
[1]Hungerford, T. W.Algebra. Springer-Verlag, New York, 1974.

202 CHAPTER 11 THE STRUCTURE OF GROUPS
[2]Lang, S.Algebra. 3rd ed. Addison-Wesley, Reading, MA, 1992.
[3]Rotman, J. J.An Introduction to the Theory of Groups. 3rd ed. Allyn and
Bacon, Boston, 1984.

12
Group Actions
Group actions generalize group multiplication. IfGis a group andXis an
arbitrary set, a group action of an elementg2Gandx2Xis a product,
gx, living inX. Many problems in algebra may best be attacked via group
actions. For example, the proofs of the Sylow theorems and of Burnside's
Counting Theorem are most easily understood when they are formulated in
terms of group actions.
12.1 Groups Acting on Sets
LetXbe a set andGbe a group. A(left) actionofGonXis a map
GX!Xgiven by (g; x)7!gx, where
1.ex=xfor allx2X;
2. (g1g2)x=g1(g2x) for allx2Xand allg1; g22G.
Under these considerationsXis called aG-set. Notice that we are not
requiringXto be related toGin any way. It is true that every groupG
acts on every setXby the trivial action (g; x)7!x; however, group actions
are more interesting if the setXis somehow related to the groupG.
Example 1.LetG=GL2(R) andX=R
2
. ThenGacts onXby left
multiplication. Ifv2R
2
andIis the identity matrix, thenIv=v. If
AandBare 22 invertible matrices, then (AB)v=A(Bv) since matrix
multiplication is associative.
Example 2.LetG=D4, the symmetry group of a square. IfX=
f1;2;3;4gis the set of vertices of the square, then we can considerD4to
consist of the following permutations:
f(1);(13);(24);(1432);(1234);(12)(34);(14)(23);(13)(24)g:
203

204 CHAPTER 12 GROUP ACTIONS
The elements ofD4act onXas functions. The permutation (13)(24) acts
on vertex 1 by sending it to vertex 3, on vertex 2 by sending it to vertex 4,
and so on. It is easy to see that the axioms of a group action are satised.

In general, ifXis any set andGis a subgroup ofSX, the group of all
permutations acting onX, thenXis aG-set under the group action
(; x)7!(x)
for2Gandx2X.
Example 3.If we letX=G, then every groupGacts on itself by the
left regular representation; that is, (g; x)7!g(x) =gx, wheregis left
multiplication:
ex=ex=ex=x
(gh)x=ghx=ghx=g(hx) =g(hx):
IfHis a subgroup ofG, thenGis anH-set under left multiplication by
elements ofH.
Example 4.LetGbe a group and suppose thatX=G. IfHis a subgroup
ofG, thenGis anH-set underconjugation; that is, we can dene an action
ofHonG,
HG!G;
via
(h; g)7!hgh
1
forh2Handg2G. Clearly, the rst axiom for a group action holds.
Observing that
(h1h2; g) =h1h2g(h1h2)
1
=h1(h2gh
1
2
)h
1
1
= (h1;(h2; g));
we see that the second condition is also satised.
Example 5.LetHbe a subgroup ofGandLHthe set of left cosets ofH.
The setLHis aG-set under the action
(g; xH)7!gxH:
Again, it is easy to see that the rst axiom is true. Since (gg
0
)xH=g(g
0
xH),
the second axiom is also true.

12.1 GROUPS ACTING ON SETS 205
IfGacts on a setXandx; y2X, thenxis said to beG-equivalentto
yif there exists ag2Gsuch thatgx=y. We writexGyorxyif two
elements areG-equivalent.
Proposition 12.1LetXbe aG-set. ThenG-equivalence is an equivalence
relation onX.
Proof.The relationis reexive sinceex=x. Suppose thatxyfor
x; y2X. Then there exists agsuch thatgx=y. In this caseg
1
y=x;
hence,yx. To show that the relation is transitive, suppose thatxy
andyz. Then there must exist group elementsgandhsuch thatgx=y
andhy=z. Soz=hy= (hg)x, andxis equivalent toz.
IfXis aG-set, then each partition ofXassociated withG-equivalence
is called anorbitofXunderG. We will denote the orbit that contains an
elementxofXbyOx.
Example 6.LetGbe the permutation group dened by
G=f(1);(123);(132);(45);(123)(45);(132)(45)g
andX=f1;2;3;4;5g. ThenXis aG-set. The orbits areO1=O2=O3=
f1;2;3gandO4=O5=f4;5g.
Now suppose thatGis a group acting on a setXand letgbe an element
ofG. Thexed point setofginX, denoted byXg, is the set of allx2X
such thatgx=x. We can also study the group elementsgthat x a given
x2X. This set is more than a subset ofG, it is a subgroup. This subgroup
is called thestabilizer subgrouporisotropy subgroupofx. We will
denote the stabilizer subgroup ofxbyGx.
Remark.It is important to remember thatXgXandGxG.
Example 7.LetX=f1;2;3;4;5;6gand suppose thatGis the permutation
group given by the permutations
f(1);(12)(3456);(35)(46);(12)(3654)g:
Then the xed point sets ofXunder the action ofGare
X
(1)=X;
X
(35)(46)=f1;2g;
X
(12)(3456)=X
(12)(3654)=;;

206 CHAPTER 12 GROUP ACTIONS
and the stabilizer subgroups are
G1=G2=f(1);(35)(46)g;
G3=G4=G5=G6=f(1)g:
It is easily seen thatGxis a subgroup ofGfor eachx2X.
Proposition 12.2LetGbe a group acting on a setXandx2X. The
stabilizer group,Gx, ofxis a subgroup ofG.
Proof.Clearly,e2Gxsince the identity xes every element in the setX.
Letg; h2Gx. Thengx=xandhx=x. So (gh)x=g(hx) =gx=x;
hence, the product of two elements inGxis also inGx. Finally, ifg2Gx,
thenx=ex= (g
1
g)x= (g
1
)gx=g
1
x. Sog
1
is inGx.
We will denote the number of elements in the xed point set of an element
g2GbyjXgjand denote the number of elements in the orbit ofxofx2X
byjOxj. The next theorem demonstrates the relationship between orbits of
an elementx2Xand the left cosets ofGxinG.
Theorem 12.3LetGbe a nite group andXa niteG-set. Ifx2X,
thenjOxj= [G:Gx].
Proof.We know thatjGj=jGxjis the number of left cosets ofGxinGby
Lagrange's Theorem. We will dene a bijective mapbetween the orbitOx
ofXand the set of left cosetsLGxofGxinG. Lety2 Ox. Then there
exists aginGsuch thatgx=y. Deneby(y) =gGx. First we must
show that this map is well-dened and does not depend on our selection of
g. Suppose thathis another element inGsuch thathx=y. Thengx=hx
orx=g
1
hx; hence,g
1
his in the stabilizer subgroup ofx. Therefore,
h2gGxorgGx=hGx. Thus,ygets mapped to the same coset regardless
of the choice of the representative from that coset.
To show thatis one-to-one, assume that(x1) =(x2). Then there
existg1; g22Gsuch thatx1=g1xandx2=g2x. Since there exists a
g2Gxsuch thatg2=g1g,
x2=g2x=g1gx=g1x=x1;
consequently, the mapis one-to-one. Finally, we must show that the map
is onto. LetgGxbe a left coset. Ifgx=y, then(y) =gGx.

12.2 THE CLASS EQUATION 207
12.2 The Class Equation
LetXbe a niteG-set andXGbe the set of xed points inX; that is,
XG=fx2X:gx=xfor allg2Gg:
Since the orbits of the action partitionX,
jXj=jXGj+
n
X
i=k
jOxi
j;
wherexk; : : : ; xnare representatives from the distinct nontrivial orbits ofX.
Now consider the special case in whichGacts on itself by conjugation,
(g; x)7!gxg
1
. ThecenterofG,
Z(G) =fx:xg=gxfor allg2Gg;
is the set of points that are xed by conjugation. The nontrivial orbits of
the action are called theconjugacy classesofG. Ifx1; : : : ; xkare repre-
sentatives from each of the nontrivial conjugacy classes ofGandjOx1
j=
n1; : : : ;jOxk
j=nk, then
jGj=jZ(G)j+n1+ +nk:
The stabilizer subgroups of each of thexi's,C(xi) =fg2G:gxi=xigg,
are called thecentralizer subgroupsof thexi's. From Theorem 12.3, we
obtain theclass equation:
jGj=jZ(G)j+ [G:C(x1)] + + [G:C(xk)]:
One of the consequences of the class equation is that the order of each
conjugacy class must divide the order ofjGj.
Example 8.It is easy to check that the conjugacy classes inS3are the
following:
f(1)g;f(123);(132)g;f(12);(13);(23)g:
The class equation is 6 = 1 + 2 + 3.
Example 9.The conjugacy classes forD4are
f(1)g;f(13);(24)g;f(1432);(1234)g;f(12)(34);(14)(23);(13)(24)g:
The class equation is 8 = 1 + 2 + 2 + 3.

208 CHAPTER 12 GROUP ACTIONS
Example 10.ForSnit takes a bit of work to nd the conjugacy classes. We
begin with cycles. Suppose that= (a1; : : : ; ak) is a cycle and let2Sn.
By Theorem 5.9,

1
= ((a1); : : : ; (ak)):
Consequently, any two cycles of the same length are conjugate. Now let
=12 rbe a cycle decomposition, where the length of each cyclei
isri. Thenis conjugate to every other2Snwhose cycle decomposition
has the same lengths.
The number of conjugate classes inSnis the number of ways in which
ncan be partitioned into sums of positive integers. For example, we can
partition the integer 3 into the following three sums:
3 = 1 + 1 + 1
3 = 1 + 2
3 = 3;
therefore, there are three conjugacy classes. The problem of nding the
number of such partitions for any positive integernis what computer scien-
tists callNP-complete. This eectively means that the problem cannot be
solved for a largenbecause the computations would be too time-consuming
for even the largest computer.
Theorem 12.4LetGbe a group of orderp
n
wherepis prime. ThenG
has a nontrivial center.
Proof.We apply the class equation
jGj=jZ(G)j+n1+ +nk:
Since eachni>1 andnijG,pmust divide eachni. Also,pj jGj; hence,p
must dividejZ(G)j. Since the identity is always in the center ofG,jZ(G)j
1. Therefore,jZ(G)j pand there exists someg2Z(G) such thatg6= 1.

Corollary 12.5LetGbe a group of orderp
2
wherepis prime. ThenGis
abelian.
Proof.By Theorem 12.4,jZ(G)j=porp
2
. IfjZ(G)j=p
2
, then we
are done. Suppose thatjZ(G)j=p. ThenZ(G) andG=Z(G) both have
orderpand must both be cyclic groups. Choosing a generatoraZ(G) for

12.3 BURNSIDE'S COUNTING THEOREM 209
G=Z(G), we can write any elementgZ(G) in the quotient group asa
m
Z(G)
for some integerm; hence,g=a
m
xfor somexin the center ofG. Similarly,
ifhZ(G)2G=Z(G), there exists ayinZ(G) such thath=a
n
yfor some
integern. Sincexandyare in the center ofG, they commute with all other
elements ofG; therefore,
gh=a
m
xa
n
y=a
m+n
xy=a
n
ya
m
x=hg;
andGmust be abelian.
12.3 Burnside's Counting Theorem
Suppose that we are to color the vertices of a square with two dierent colors,
say black and white. We might suspect that there would be 2
4
= 16 dierent
colorings. However, some of these colorings are equivalent. If we color the
rst vertex black and the remaining vertices white, it is the same as coloring
the second vertex black and the remaining ones white since we could obtain
the second coloring simply by rotating the square 90

(Figure 12.1).
B
B B
B
W WW W
W WW W
W W
W W
Figure 12.1.Equivalent colorings of square
Burnside's Counting Theorem oers a method of computing the number
of distinguishable ways in which something can be done. In addition to its
geometric applications, the theorem has interesting applications to areas in
switching theory and chemistry. The proof of Burnside's Counting Theorem
depends on the following lemma.

210 CHAPTER 12 GROUP ACTIONS
Lemma 12.6LetXbe aG-set and suppose thatxy. ThenGxis iso-
morphic toGy. In particular,jGxj=jGyj.
Proof.LetGact onXby (g; x)7!gx. Sincexy, there exists ag2G
such thatgx=y. Leta2Gx. Since
gag
1
y=gag
1
y=gax=gx=y;
we can dene a map:Gx!Gyby(a) =gag
1
. The mapis a
homomorphism since
(ab) =gabg
1
=gag
1
gbg
1
=(a)(a):
Suppose that(a) =(b). Thengag
1
=gbg
1
ora=b; hence, the map is
injective. To show thatis onto, letbbe inGy; theng
1
bgis inGxsince
g
1
bgx=g
1
bgx=g
1
by=g
1
y=x;
and(g
1
bg) =b.
Theorem 12.7 (Burnside)LetGbe a nite group acting on a setXand
letkdenote the number of orbits ofX. Then
k=
1
jGj
X
g2G
jXgj:
Proof.We look at all the xed pointsxof all the elements ing2G; that
is, we look at allg's and allx's such thatgx=x. If viewed in terms of xed
point sets, the number of allg's xingx's is
X
g2G
jXgj:
However, if viewed in terms of the stabilizer subgroups, this number is
X
x2X
jGxj;
hence,
P
g2G
jXgj=
P
x2X
jGxj. By Lemma 12.6,
X
y2Ox
jGyj=jOxj jGxj:

12.3 BURNSIDE'S COUNTING THEOREM 211
By Theorem 12.3 and Lagrange's Theorem, this expression is equal tojGj.
Summing over all of thekdistinct orbits, we conclude that
X
g2G
jXgj=
X
x2X
jGxj=k jGj:

Example 11.LetX=f1;2;3;4;5gand suppose thatGis the permutation
groupG=f(1);(13);(13)(25);(25)g. The orbits ofXaref1;3g,f2;5g, and
f4g. The xed point sets are
X
(1)=X
X
(13)=f2;4;5g
X
(13)(25)=f4g
X
(25)=f1;3;4g:
Burnside's Theorem says that
k=
1
jGj
X
g2G
jXgj=
1
4
(5 + 3 + 1 + 3) = 3:

A Geometric Example
Before we apply Burnside's Theorem to switching-theory problems, let us
examine the number of ways in which the vertices of a square can be colored
black or white. Notice that we can sometimes obtain equivalent colorings
by simply applying a rigid motion to the square. For instance, as we have
pointed out, if we color one of the vertices black and the remaining three
white, it does not matter which vertex was colored black since a rotation
will give an equivalent coloring.
The symmetry group of a square,D4, is given by the following permu-
tations:
(1) (13) (24) (1432)
(1234) (12)(34) (14)(23) (13)(24)
The groupGacts on the set of verticesf1;2;3;4gin the usual manner. We
can describe the dierent colorings by mappings fromXintoY=fB; Wg
whereBandWrepresent the colors black and white, respectively. Each map
f:X!Ydescribes a way to color the corners of the square. Every2D4

212 CHAPTER 12 GROUP ACTIONS
induces a permutationeof the possible colorings given bye(f) =ffor
f:X!Y. For example, suppose thatfis dened by
f(1) =B
f(2) =W
f(3) =W
f(4) =W
and= (12)(34). Thene(f) =fsends vertex 2 toBand the remaining
vertices toW. The set of all sucheis a permutation group
e
Gon the set
of possible colorings. Let
e
Xdenote the set of all possible colorings; that is,
e
Xis the set of all possible maps fromXtoY. Now we must compute the
number of
e
G-equivalence classes.
1.
e
X
(1)=
e
Xsince the identity xes every possible coloring.j
e
Xj=
2
4
= 16.
2.
e
X
(1234)consists of allf2
e
Xsuch thatfis unchanged by the permuta-
tion (1234). In this casef(1) =f(2) =f(3) =f(4), so that all values
offmust be the same; that is, eitherf(x) =Borf(x) =Wfor every
vertexxof the square. Soj
e
X
(1234)j= 2.
3.j
e
X
(1432)j= 2.
4. For
e
X
(13)(24),f(1) =f(3) andf(2) =f(4). Thus,j
e
X
(13)(24)j= 2
2
= 4.
5.j
e
X
(12)(34)j= 4.
6.j
e
X
(14)(23)j= 4.
7. For
e
X
(13),f(1) =f(3) and the other corners can be of any color;
hence,j
e
X
(13)j= 2
3
= 8.
8.j
e
X
(24)j= 8.
By Burnside's Theorem, we can conclude that there are exactly
1
8
(2
4
+ 2
1
+ 2
2
+ 2
1
+ 2
2
+ 2
2
+ 2
3
+ 2
3
) = 6
ways to color the vertices of the square.

12.3 BURNSIDE'S COUNTING THEOREM 213
Proposition 12.8LetGbe a permutation group ofXand
e
Xthe set of
functions fromXtoY. Then there exists a permutation group
e
Gacting
on
e
X, wheree2
e
Gis dened bye(f) =ffor2Gandf2
e
X.
Furthermore, ifnis the number of cycles in the cycle decomposition of,
thenj
e
Xj=jYj
n
.
Proof.Let2Gandf2
e
X. Clearly,fis also in
e
X. Suppose that
gis another function fromXtoYsuch thate(f) =e(g). Then for each
x2X,
f((x)) =e(f)(x) =e(g)(x) =g((x)):
Sinceis a permutation ofX, every elementx
0
inXis the image of somex
inXunder; hence,fandgagree on all elements ofX. Therefore,f=g
andeis injective. The map7!eis onto, since the two sets are the same
size.
Suppose thatis a permutation ofXwith cycle decomposition=
12 n. Anyfin
e
Xmust have the same value on each cycle of.
Since there arencycles andjYjpossible values for each cycle,j
e
Xj=jYj
n
.

Example 12.LetX=f1;2; : : : ;7gand suppose thatY=fA; B; Cg. Ifg
is the permutation ofXgiven by (13)(245) = (13)(245)(6)(7), thenn= 4.
Anyf2 Fgmust have the same value on each cycle ing. There arejYj= 3
such choices for any value, sojFgj= 3
4
= 81.
Example 13.Suppose that we wish to color the vertices of a square using
four dierent colors. By Proposition 12.8, we can immediately decide that
there are
1
8
(4
4
+ 4
1
+ 4
2
+ 4
1
+ 4
2
+ 4
2
+ 4
3
+ 4
3
) = 55
possible ways.
f
---
xn
x2
x1
.
.
.
-f(x1; x2; : : : ; xn)
Figure 12.2.A switching function ofnvariables

214 CHAPTER 12 GROUP ACTIONS
Switching Functions
In switching theory we are concerned with the design of electronic circuits
with binary inputs and outputs. The simplest of these circuits is a switching
function that hasninputs and a single output (Figure 12.2). Large electronic
circuits can often be constructed by combining smaller modules of this kind.
The inherent problem here is that even for a simple circuit a large number
of dierent switching functions can be constructed. With only four inputs
and a single output, we can construct 65;536 dierent switching functions.
However, we can often replace one switching function with another merely
by permuting the input leads to the circuit (Figure 12.3).
ff
--
b
a-f(a; b)

A
AAUb
a-f(b; a) =g(a; b)
Figure 12.3.A switching function of two variables
We dene aswitchingorBoolean functionofnvariables to be a
function fromZ
n
2
toZ2. Since any switching function can have two possible
values for each binaryn-tuple and there are 2
n
binaryn-tuples, 2
2
n
switching
functions are possible fornvariables. In general, allowing permutations of
the inputs greatly reduces the number of dierent kinds of modules that are
needed to build a large circuit.
The possible switching functions with two input variablesaandbare
listed in Table 12.1. Two switching functionsfandgare equivalent ifgcan
be obtained fromfby a permutation of the input variables. For example,
g(a; b; c) =f(b; c; a). In this casegfvia the permutation (acb). In the
case of switching functions of two variables, the permutation (ab) reduces
16 possible switching functions to 12 equivalent functions since
f2f4
f3f5
f10f12
f11f13:
For three input variables there are 2
2
3
= 256 possible switching func-
tions; in the case of four variables there are 2
2
4
= 65,536. The number of
equivalence classes is too large to reasonably calculate directly. It is neces-
sary to employ Burnside's Theorem.

12.3 BURNSIDE'S COUNTING THEOREM 215
Table 12.1.Switching functions in two variables
Inputs Outputsf0f1f2f3f4f5f6f70 00 0 0 0 0 0 0 00 10 0 0 0 1 1 1 11 00 0 1 1 0 0 1 11 10 1 0 1 0 1 0 1Inputs Outputsf8f9f10f11f12f13f14f150 01 1 1 1 1 1 1 10 10 0 0 0 1 1 1 11 00 0 1 1 0 0 1 11 10 1 0 1 0 1 0 1
Consider a switching function with three possible inputs,a,b, andc.
As we have mentioned, two switching functionsfandgare equivalent if a
permutation of the input variables offgivesg. It is important to notice
that a permutation of the switching functions is not simply a permutation of
the input valuesfa; b; cg. A switching function is a set of output values for
the inputsa,b, andc, so when we consider equivalent switching functions,
we are permuting 2
3
possible outputs, not just three input values. For
example, each binary triple (a; b; c) has a specic output associated with it.
The permutation (acb) changes outputs as follows:
(0;0;0)7!(0;0;0)
(0;0;1)7!(0;1;0)
(0;1;0)7!(1;0;0)
.
.
.
(1;1;0)7!(1;0;1)
(1;1;1)7!(1;1;1):
LetXbe the set of output values for a switching function innvariables.
ThenjXj= 2
n
. We can enumerate these values as follows:
(0; : : : ;0;1)7!0
(0; : : : ;1;0)7!1
(0; : : : ;1;1)7!2
.
.
.
(1; : : : ;1;1)7!2
n
1:

216 CHAPTER 12 GROUP ACTIONS
Table 12.2.Permutations of switching functions in four variables
GroupNumberPermutationSwitching Function Permutationof Cycles(a)(0)16(ac)(2;8)(3;9)(6;12)(7;13)12(bd)(1;4)(3;6)(9;12)(11;14)12(adcb)(1;2;4;8)(3;6:12;9)(5;10)(7;14;13;11)6(abcd)(1;8;4;2)(3;9;12;6)(5;10)(7;11;13;14)6(ab)(cd)(1;2)(4;8)(5;10)(6;9)(7;11)(13;14)10(ad)(bc)(1;8)(2;4)(3;12)(5;10)(7;14)(11;13)10(ac)(bd)(1;4)(2;8)(3;12)(6;9)(7;13)(11;14)10
Now let us consider a circuit with four input variables and a single out-
put. Suppose that we can permute the leads of any circuit according to the
following permutation group:
(a) (ac) (bd) (adcb)
(abcd) (ab)(cd) (ad)(bc) (ac)(bd):
The permutations of the four possible input variables induce the permuta-
tions of the output values in Table 12.2.
Hence, there are
1
8
(2
16
+ 22
12
+ 22
6
+ 32
10
) = 9616
possible switching functions of four variables under this group of permuta-
tions. This number will be even smaller if we consider the full symmetric
group on four letters.
Historical Note
William Burnside was born in London in 1852. He attended Cambridge University
from 1871 to 1875 and won the Smith's Prize in his last year. After his graduation
he lectured at Cambridge. He was made a member of the Royal Society in 1893.
Burnside wrote approximately 150 papers on topics in applied mathematics, dier-
ential geometry, and probability, but his most famous contributions were in group
theory. Several of Burnside's conjectures have stimulated research to this day. One
such conjecture was that every group of odd order is solvable; that is, for a group
Gof odd order, there exists a sequence of subgroups
G=HnHn1 H1H0=feg

EXERCISES 217
such thatHiis normal inHi+1andHi+1=Hiis abelian. This conjecture was nally
proven by W. Feit and J. Thompson in 1963. Burnside'sThe Theory of Groups
of Finite Order, published in 1897, was one of the rst books to treat groups in a
modern context as opposed to permutation groups. The second edition, published
in 1911, is still a classic.
Exercises
1.Compute theG-equivalence classes for Examples 1{5 in the rst section.
2.Compute allXgand allGxfor each of the following permutation groups.
(a)X=f1;2;3g,
G=S3=f(1);(12);(13);(23);(123);(132)g
(b)X=f1;2;3;4;5;6g,
G=f(1);(12);(345);(354);(12)(345);(12)(354)g
3.Compute theG-equivalence classes ofXfor each of theG-sets in Exercise 2.
For eachx2Xverify thatjGj=jOxj jGxj.
4.LetGbe the additive group of real numbers. Let the action of2Gon
the real planeR
2
be given by rotating the plane counterclockwise about the
origin throughradians. LetPbe a point on the plane other than the origin.
(a)Show thatR
2
is aG-set.
(b)Describe geometrically the orbit containingP.
(c)Find the groupGP.
5.LetG=A4and suppose thatGacts on itself by conjugation; that is,
(g; h)7!ghg
1
.
(a)Determine the conjugacy classes (orbits) of each element ofG.
(b)Determine all of the isotropy subgroups for each element ofG.
6.Find the conjugacy classes and the class equation for each of the following
groups.
(a)S4
(c)Z9
(b)D5
(d)Q8
7.Write the class equation forS5and forA5.
8.If a square remains xed in the plane, how many dierent ways can the
corners of the square be colored if three colors are used?
9.How many ways can the vertices of an equilateral triangle be colored using
three dierent colors?

218 CHAPTER 12 GROUP ACTIONS
10.Find the number of ways a six-sided die can be constructed if each side is
marked dierently with 1; : : : ;6 dots.
11.Up to a rotation, how many ways can the faces of a cube be colored with
three dierent colors?
12.Consider 12 straight wires of equal lengths with their ends soldered together
to form the edges of a cube. Either silver or copper wire can be used for each
edge. How many dierent ways can the cube be constructed?
13.Suppose that we color each of the eight corners of a cube. Using three
dierent colors, how many ways can the corners be colored up to a rotation
of the cube?
14.Each of the faces of a regular tetrahedron can be painted either red or white.
Up to a rotation, how many dierent ways can the tetrahedron be painted?
15.Suppose that the vertices of a regular hexagon are to be colored either red or
white. How many ways can this be done up to a symmetry of the hexagon?
16.A molecule of benzene is made up of six carbon atoms and six hydrogen
atoms, linked together in a hexagonal shape as in Figure 12.4.
(a)How many dierent compounds can be formed by replacing one or more
of the hydrogen atoms with a chlorine atom?
(b)Find the number of dierent chemical compounds that can be formed
by replacing three of the six hydrogen atoms in a benzene ring with a
CH3radical.
@
@@
@
@@

H
H
H
H
H
H

@@
@@
Figure 12.4.A benzene ring
17.How many equivalence classes of switching functions are there if the input
variablesx1,x2, andx3can be permuted by any permutation inS3? What if
the input variablesx1,x2,x3, andx4can be permuted by any permutation
inS4?

EXERCISES 219
18.How many equivalence classes of switching functions are there if the input
variablesx1,x2,x3, andx4can be permuted by any permutation in the
subgroup ofS4generated by the permutation (x1x2x3x4)?
19.A striped necktie has 12 bands of color. Each band can be colored by one of
four possible colors. How many possible dierent-colored neckties are there?
20.A group actsfaithfullyon aG-setXif the identity is the only element of
Gthat leaves every element ofXxed. Show thatGacts faithfully onX
if and only if no two distinct elements ofGhave the same action on each
element ofX.
21.Letpbe prime. Show that the number of dierent abelian groups of orderp
n
(up to isomorphism) is the same as the number of conjugacy classes inSn.
22.Leta2G. Show that for anyg2G,gC(a)g
1
=C(gag
1
).
23.LetjGj=p
n
and suppose thatjZ(G)j=p
n1
forpprime. Prove thatGis
abelian.
24.LetGbe a group with orderp
n
wherepis prime andXa niteG-set. If
XG=fx2X:gx=xfor allg2Ggis the set of elements inXxed by the
group action, then prove thatjXj jXGj(modp).
Programming Exercise
Write a program to compute the number of conjugacy classes inSn. What is the
largestnfor which your program will work?
References and Suggested Reading
[1]De Bruijin, N. G. \Polya's Theory of Counting," inApplied Combinatorial
Mathematics, Beckenbach, E. F., ed. Wiley, New York, 1964.
[2]Eidswick, J. A. \Cubelike Puzzles|What Are They and How Do You Solve
Them?"American Mathematical Monthly93(1986), 157{76.
[3]Harary, F., Palmer, E. M., and Robinson, R. W. \Polya's Contributions to
Chemical Enumeration," inChemical Applications of Graph Theory, Bala-
ban, A. T., ed. Academic Press, London, 1976.
[4]Gading, L. and Tambour, T.Algebra for Computer Science. Springer-Verlag,
New York, 1988.
[5]Laufer, H. B.Discrete Mathematics and Applied Modern Algebra. PWS-Kent,
Boston, 1984.
[6]Polya, G. and Read, R. C.Combinatorial Enumeration of Groups, Graphs,
and Chemical Compounds. Springer-Verlag, New York, 1985.
[7]Shapiro, L. W. \Finite Groups Acting on Sets with Applications,"Mathe-
matics Magazine, May{June 1973, 136{47.

13
The Sylow Theorems
We already know that the converse of Lagrange's Theorem is false. IfGis
a group of ordermandndividesm, thenGdoes not necessarily possess
a subgroup of ordern. For example,A4has order 12 but does not possess
a subgroup of order 6. However, the Sylow Theorems do provide a partial
converse for Lagrange's Theorem: in certain cases they guarantee us sub-
groups of specic orders. These theorems yield a powerful set of tools for
the classication of all nite nonabelian groups.
13.1 The Sylow Theorems
We will use the idea of group actions to prove the Sylow Theorems. Recall
for a moment what it means forGto act on itself by conjugation and
how conjugacy classes are distributed in the group according to the class
equation, discussed in Chapter 12. A groupGacts on itself by conjugation
via the map (g; x)7!gxg
1
. Letx1; : : : ; xkbe representatives from each of
the distinct conjugacy classes ofGthat consist of more than one element.
Then the class equation can be written as
jGj=jZ(G)j+ [G:C(x1)] + + [G:C(xk)];
whereZ(G) =fg2G:gx=xgfor allx2Ggis the center ofGand
C(xi) =fg2G:gxi=xiggis the centralizer subgroup ofxi.
We now begin our investigation of the Sylow Theorems by examining
subgroups of orderp, wherepis prime. A groupGis ap-groupif every
element inGhas as its order a power ofp, wherepis a prime number. A
subgroup of a groupGis ap-subgroupif it is ap-group.
Theorem 13.1 (Cauchy)LetGbe a nite group andpa prime such that
pdivides the order ofG. ThenGcontains a subgroup of orderp.
220

13.1 THE SYLOW THEOREMS 221
Proof.We will use induction on the order ofG. IfjGj=p, then clearlyG
must have an element of orderp. Now assume that every group of orderk,
wherepk < nandpdividesk, has an element of orderp. Assume that
jGj=nandpjnand consider the class equation ofG:
jGj=jZ(G)j+ [G:C(x1)] + + [G:C(xk)]:
We have two cases.
Case 1. The order of one of the centralizer subgroups,C(xi), is divisible
bypfor somei,i= 1; : : : ; k. In this case, by our induction hypothesis, we
are done. SinceC(xi) is a proper subgroup ofGandpdividesjC(xi)j,C(xi)
must contain an element of orderp. Hence,Gmust contain an element of
orderp.
Case 2. The order of no centralizer subgroup is divisible byp. Thenp
divides [G:C(xi)], the order of each conjugacy class in the class equation;
hence,pmust divide the center ofG,Z(G). SinceZ(G) is abelian, it must
have a subgroup of orderpby the Fundamental Theorem of Finite Abelian
Groups. Therefore, the center ofGcontains an element of orderp.
Corollary 13.2LetGbe a nite group. ThenGis ap-group if and only
ifjGj=p
n
.
Example 1.Let us consider the groupA5. We know thatjA5j= 60 =
2
2
35. By Cauchy's Theorem, we are guaranteed thatA5has subgroups
of orders 2, 3 and 5. The Sylow Theorems give us even more information
about the possible subgroups ofA5.
We are now ready to state and prove the rst of the Sylow Theorems.
The proof is very similar to the proof of Cauchy's Theorem.
Theorem 13.3 (First Sylow Theorem) LetGbe a nite group andpa
prime such thatp
r
dividesjGj. ThenGcontains a subgroup of orderp
r
.
Proof.We induct on the order ofGonce again. IfjGj=p, then we are
done. Now suppose that the order ofGisnwithn > pand that the theorem
is true for all groups of order less thann. We shall apply the class equation
once again:
jGj=jZ(G)j+ [G:C(x1)] + + [G:C(xk)]:
First suppose thatpdoes not divide [G:C(xi)] for somei. Then
p
r
j jC(xi)j, sincep
r
dividesjGj=jC(xi)j [G:C(xi)]. Now we can ap-
ply the induction hypothesis toC(xi).

222 CHAPTER 13 THE SYLOW THEOREMS
Hence, we may assume thatpdivides [G:C(xi)] for alli. Sincepdivides
jGj, the class equation says thatpmust dividejZ(G)j; hence, by Cauchy's
Theorem,Z(G) has an element of orderp, sayg. LetNbe the group
generated byg. Clearly,Nis a normal subgroup ofZ(G) sinceZ(G) is
abelian; therefore,Nis normal inGsince every element inZ(G) commutes
with every element inG. Now consider the factor groupG=Nof orderjGj=p.
By the induction hypothesis,G=Ncontains a subgroupHof orderp
r1
. The
inverse image ofHunder the canonical homomorphism:G!G=Nis a
subgroup of orderp
r
inG.
ASylowp-subgroupPof a groupGis a maximalp-subgroup ofG.
To prove the other two Sylow Theorems, we need to consider conjugate
subgroups as opposed to conjugate elements in a group. For a groupG, let
Sbe the collection of all subgroups ofG. For any subgroupH,Sis aH-set,
whereHacts onSby conjugation. That is, we have an action
H S ! S
dened by
hK7!hKh
1
forKinS.
The set
N(H) =fg2G:gHg
1
=Hg
is a subgroup ofG. Notice thatHis a normal subgroup ofN(H). In fact,
N(H) is the largest subgroup ofGin whichHis normal. We callN(H) the
normalizerofHinG.
Lemma 13.4LetPbe a Sylowp-subgroup of a nite groupGand letx
have as its order a power ofp. Ifx
1
P x=P. Thenx2P.
Proof.Certainlyx2N(P), and the cyclic subgroup,hxPi N(P)=P,
has as its order a power ofp. By the Correspondence Theorem there exists
a subgroupHofN(P) such thatH=P=hxPi. SincejHj=jPj jhxPij,
the order ofHmust be a power ofp. However,Pis a Sylowp-subgroup
contained inH. Since the order ofPis the largest power ofpdividingjGj,
H=P. Therefore,H=Pis the trivial subgroup andxP=P, orx2P.
Lemma 13.5LetHandKbe subgroups ofG. The number of distinct
H-conjugates ofKis[H:N(K)\H].

13.1 THE SYLOW THEOREMS 223
Proof.We dene a bijection between the conjugacy classes ofKand
the right cosets ofN(K)\Hbyh
1
Kh7!(N(K)\H)h. To show that
this map is a bijection, leth1; h22Hand suppose that (N(K)\H)h1=
(N(K)\H)h2. Thenh2h
1
1
2N(K). Therefore,K=h2h
1
1
Kh1h
1
2
or
h
1
1
Kh1=h
1
2
Kh2, and the map is an injection. It is easy to see that this
map is surjective; hence, we have a one-to-one and onto map between the
H-conjugates ofKand the right cosets ofN(K)\HinH.
Theorem 13.6 (Second Sylow Theorem) LetGbe a nite group andp
a prime dividingjGj. Then all Sylowp-subgroups ofGare conjugate. That
is, ifP1andP2are two Sylowp-subgroups, there exists ag2Gsuch that
gP1g
1
=P2.
Proof.LetPbe a Sylowp-subgroup ofGand suppose thatjGj=p
r
m
andjPj=p
r
. Let
P=fP=P1; P2; : : : ; Pkg
consist of the distinct conjugates ofPinG. By Lemma 13.5,k= [G:N(P)].
Notice that
jGj=p
r
m=jN(P)j [G:N(P)] =jN(P)j k:
Sincep
r
dividesjN(P)j,pcannot dividek. Given any other Sylowp-
subgroupQ, we must show thatQ2 P. Consider theQ-conjugacy classes of
eachPi. Clearly, these conjugacy classes partitionP. The size of the parti-
tion containingPiis [Q:N(Pi)\Q]. Lagrange's Theorem tells us that this
number is a divisor ofjQj=p
r
. Hence, the number of conjugates in every
equivalence class of the partition is a power ofp. However, sincepdoes not
dividek, one of these equivalence classes must contain only a single Sylow
p-subgroup, sayPj. Therefore, for somePj,x
1
Pjx=Pjfor allx2Q. By
Lemma 13.4,Pj=Q.
Theorem 13.7 (Third Sylow Theorem) LetGbe a nite group and let
pbe a prime dividing the order ofG. Then the number of Sylowp-subgroups
is congruent to1 (modp)and dividesjGj.
Proof.LetPbe a Sylowp-subgroup acting on the set of Sylowp-subgroups,
P=fP=P1; P2; : : : ; Pkg;
by conjugation. From the proof of the Second Sylow Theorem, the only
P-conjugate ofPis itself and the order of the otherP-conjugacy classes is a

224 CHAPTER 13 THE SYLOW THEOREMS
power ofp. EachP-conjugacy class contributes a positive power ofptoward
jPjexcept the equivalence classfPg. SincejPjis the sum of positive powers
ofpand 1,jPj 1 (modp).
Now suppose thatGacts onPby conjugation. Since all Sylowp-
subgroups are conjugate, there can be only one orbit under this action.
ForP2 P,
jPj=jorbit of Pj= [G:N(P)]:
But [G:N(P)] is a divisor ofjGj; consequently, the number of Sylow
p-subgroups of a nite group must divide the order of the group.
Historical Note
Peter Ludvig Mejdell Sylow was born in 1832 in Christiania, Norway (now Oslo).
After attending Christiania University, Sylow taught high school. In 1862 he ob-
tained a temporary appointment at Christiania University. Even though his ap-
pointment was relatively brief, he inuenced students such as Sophus Lie (1842{
1899). Sylow had a chance at a permanent chair in 1869, but failed to obtain the
appointment. In 1872, he published a 10-page paper presenting the theorems that
now bear his name. Later Lie and Sylow collaborated on a new edition of Abel's
works. In 1898, a chair at Christiania University was nally created for Sylow
through the eorts of his student and colleague Lie. Sylow died in 1918.
13.2 Examples and Applications
Example 2.Using the Sylow Theorems, we can determine thatA5has
subgroups of orders 2, 3, 4, and 5. The Sylowp-subgroups ofA5have orders
3, 4, and 5. The Third Sylow Theorem tells us exactly how many Sylow
p-subgroupsA5has. Since the number of Sylow 5-subgroups must divide
60 and also be congruent to 1 (mod 5), there are either one or six Sylow
5-subgroups inA5. All Sylow 5-subgroups are conjugate. If there were only
a single Sylow 5-subgroup, it would be conjugate to itself; that is, it would
be a normal subgroup ofA5. SinceA5has no normal subgroups, this is
impossible; hence, we have determined that there are exactly six distinct
Sylow 5-subgroups ofA5.
The Sylow Theorems allow us to prove many useful results about nite
groups. By using them, we can often conclude a great deal about groups of
a particular order if certain hypotheses are satised.
Theorem 13.8Ifpandqare distinct primes withp < q, then every group
Gof orderpqhas a single subgroup of orderqand this subgroup is normal

13.2 EXAMPLES AND APPLICATIONS 225
inG. Hence,Gcannot be simple. Furthermore, ifq61 (modp), thenG
is cyclic.
Proof.We know thatGcontains a subgroupHof orderq. The number of
conjugates ofHdividespqand is equal to 1 +kqfork= 0;1; : : :. However,
1+qis already too large to divide the order of the group; hence,Hcan only
be conjugate to itself. That is,Hmust be normal inG.
The groupGalso has a Sylowp-subgroup, sayK. The number of con-
jugates ofKmust divideqand be equal to 1 +kpfork= 0;1; : : :. Sinceq
is prime, either 1 +kp=qor 1 +kp= 1. If 1 +kp= 1, thenKis normal
inG. In this case, we can easily show thatGsatises the criteria, given in
Chapter 8, for the internal direct product ofHandK. SinceHis isomor-
phic toZqandKis isomorphic toZp,G

=ZpZq

=Zpqby Theorem 8.10.

Example 3.Every group of order 15 is cyclic. This is true because 15 = 53
and 561 (mod 3).
Example 4.Let us classify all of the groups of order 99 = 3
2
11 up to
isomorphism. First we will show that every groupGof order 99 is abelian.
By the Third Sylow Theorem, there are 1 + 3kSylow 3-subgroups, each of
order 9, for somek= 0;1;2; : : :. Also, 1 + 3kmust divide 11; hence, there
can only be a single normal Sylow 3-subgroupHinG. Similarly, there are
1 + 11kSylow 11-subgroups and 1 + 11kmust divide 9. Consequently, there
is only one Sylow 11-subgroupKinG. By Corollary 12.5, any group of
orderp
2
is abelian forpprime; hence,His isomorphic either toZ3Z3
or toZ9. SinceKhas order 11, it must be isomorphic toZ11. Therefore,
the only possible groups of order 99 areZ3Z3Z11orZ9Z11up to
isomorphism.
To determine all of the groups of order 5747 = 1645, we need the
following theorem.
Theorem 13.9LetG
0
=haba
1
b
1
:a; b2Gibe the subgroup consisting
of all nite products of elements of the formaba
1
b
1
in a groupG. Then
G
0
is a normal subgroup ofGandG=G
0
is abelian.
The subgroupG
0
ofGis called thecommutator subgroupofG. We
leave the proof of this theorem as an exercise.
Example 5.We will now show that every group of order 5747 = 1645
is abelian, and cyclic by Corollary 8.11. By the Third Sylow Theorem,G
has only one subgroupH1of order 47. SoG=H1has order 35 and must

226 CHAPTER 13 THE SYLOW THEOREMS
be abelian by Theorem 13.8. Hence, the commutator subgroup ofGis
contained inHwhich tells us thatjG
0
jis either 1 or 47. IfjG
0
j= 1, we
are done. Suppose thatjG
0
j= 47. The Third Sylow Theorem tells us that
Ghas only one subgroup of order 5 and one subgroup of order 7. So there
exist normal subgroupsH2andH3inG, wherejH2j= 5 andjH3j= 7. In
either case the quotient group is abelian; hence,G
0
must be a subgroup of
Hi,i= 1;2. Therefore, the order ofG
0
is 1, 5, or 7. However, we already
have determined thatjG
0
j= 1 or 47. So the commutator subgroup ofGis
trivial, and consequentlyGis abelian.
Finite Simple Groups
Given a nite group, one can ask whether or not that group has any normal
subgroups. Recall that a simple group is one with no proper nontrivial
normal subgroups. As in the case ofA5, proving a group to be simple can
be a very dicult task; however, the Sylow Theorems are useful tools for
proving that a group is not simple. Usually some sort of counting argument
is involved.
Example 6.Let us show that no groupGof order 20 can be simple. By
the Third Sylow Theorem,Gcontains one or more Sylow 5-subgroups. The
number of such subgroups is congruent to 1 (mod 5) and must also divide
20. The only possible such number is 1. Since there is only a single Sylow
5-subgroup and all Sylow 5-subgroups are conjugate, this subgroup must be
normal.
Example 7.LetGbe a nite group of orderp
n
,n >1 andpprime. By
Theorem 12.4,Ghas a nontrivial center. Since the center of any groupG
is a normal subgroup,Gcannot be a simple group. Therefore, groups of
orders 4, 8, 9, 16, 25, 27, 32, 49, 64, and 81 are not simple. In fact, the
groups of order 4, 9, 25, and 49 are abelian by Theorem 12.5.
Example 8.No group of order 56 = 2
3
7 is simple. We have seen that
if we can show that there is only one Sylowp-subgroup for some primep
dividing 56, then this must be a normal subgroup and we are done. By the
Third Sylow Theorem, there are either one or eight Sylow 7-subgroups. If
there is only a single Sylow 7-subgroup, then it must be normal.
On the other hand, suppose that there are eight Sylow 7-subgroups.
Then each of these subgroups must be cyclic; hence, the intersection of any
two of these subgroups contains only the identity of the group. This leaves
86 = 48 distinct elements in the group, each of order 7. Now let us count
Sylow 2-subgroups. There are either one or seven Sylow 2-subgroups. Any

13.2 EXAMPLES AND APPLICATIONS 227
element of a Sylow 2-subgroup other than the identity must have as its order
a power of 2; and therefore cannot be one of the 48 elements of order 7 in
the Sylow 7-subgroups. Since a Sylow 2-subgroup has order 8, there is only
enough room for a single Sylow 2-subgroup in a group of order 56. If there
is only one Sylow 2-subgroup, it must be normal.
For other groupsGit is more dicult to prove thatGis not simple.
SupposeGhas order 48. In this case the technique that we employed in the
last example will not work. We need the following lemma to prove that no
group of order 48 is simple.
Lemma 13.10LetHandKbe nite subgroups of a groupG. Then
jHKj=
jHj jKj
jH\Kj
:
Proof.Recall that
HK=fhk:h2H; k2Kg:
Certainly,jHKj jHj jKjsince some element inHKcould be written
as the product of dierent elements inHandK. It is quite possible that
h1k1=h2k2forh1; h22Handk1; k22K. If this is the case, let
a= (h1)
1
h2=k1(k2)
1
:
Notice thata2H\K, since (h1)
1
h2is inHandk2(k1)
1
is inK; conse-
quently,
h2=h1a
1
k2=ak1:
Conversely, leth=h1b
1
andk=bk1forb2H\K. Thenhk=h1k1,
whereh2Handk2K. Hence, any elementhk2HKcan be written in
the formhikiforhi2Handki2K, as many times as there are elements
inH\K; that is,jH\Kjtimes. Therefore,jHKj= (jHj jKj)=jH\Kj.

Example 9.To demonstrate that a groupGof order 48 is not simple, we
will show thatGcontains either a normal subgroup of order 8 or a normal
subgroup of order 16. By the Third Sylow Theorem,Ghas either one or
three Sylow 2-subgroups of order 16. If there is only one subgroup, then it
must be a normal subgroup.

228 CHAPTER 13 THE SYLOW THEOREMS
Suppose that the other case is true, and two of the three Sylow 2-
subgroups areHandK. We claim thatjH\Kj= 8. IfjH\Kj 4,
then by Lemma 13.10,
jHKj=
1616
4
= 64;
which is impossible. SoH\Kis normal in bothHandKsince it has index
2. The normalizer ofH\Kcontains bothHandK, andjH\Kjmust
both be a multiple of 16 greater than 1 and divide 48. The only possibility
is thatjN(H\K)j= 48. Hence,N(H\K) =G.
The following famous conjecture of Burnside was proved in a long and
dicult paper by Feit and Thompson [2].
Theorem 13.11 (Odd Order Theorem) Every nite simple group of
nonprime order must be of even order.
The proof of this theorem laid the groundwork for a program in the
1960s and 1970s that classied all nite simple groups. The success of this
program is one of the outstanding achievements of modern mathematics.
Exercises
1. What are the orders of all Sylowp-subgroups whereGhas order 18, 24, 54,
72, and 80?
2. Find all the Sylow 3-subgroups ofS4and show that they are all conjugate.
3. Show that every group of order 45 has a normal subgroup of order 9.
4. LetHbe a Sylowp-subgroup ofG. Prove thatHis the only Sylowp-subgroup
ofGcontained inN(H).
5. Prove that no group of order 96 is simple.
6. Prove that no group of order 160 is simple.
7. IfHis a normal subgroup of a nite groupGandjHj=p
k
for some prime
p, show thatHis contained in every Sylowp-subgroup ofG.
8. LetGbe a group of orderp
2
q
2
, wherepandqare distinct primes such that
q6 jp
2
1 andp6 jq
2
1. Prove thatGmust be abelian. List three pairs of
primes satisfying these conditions.
9. Show directly that a group of order 33 has only one Sylow 3-subgroup.
10. LetHbe a subgroup of a groupG. Prove or disprove that the normalizer of
His normal inG.

EXERCISES 229
11. LetGbe a nite group divisible by a primep. Prove that if there is only one
Sylowp-subgroup inG, it must be a normal subgroup ofG.
12. LetGbe a group of orderp
r
,pprime. Prove thatGcontains a normal
subgroup of orderp
r1
.
13. Suppose thatGis a nite group of orderp
n
k, wherek < p. Show thatG
must contain a normal subgroup.
14. LetHbe a subgroup of a nite groupG. Prove thatgN(H)g
1
=N(gHg
1
)
for anyg2G.
15. Prove that a group of order 108 must have a normal subgroup.
16. Classify all the groups of order 175 up to isomorphism.
17. Show that every group of order 255 is cyclic.
18. LetGhave orderp
e1
1
p
en
nand suppose thatGhasnSylowp-subgroups
P1; : : : ; PnwherejPij=p
ei
i
. Prove thatGis isomorphic toP1 Pn.
19. LetPbe a normal Sylowp-subgroup ofG. Prove that every inner automor-
phism ofGxesP.
20. What is the smallest possible order of a groupGsuch thatGis nonabelian
andjGjis odd? Can you nd such a group?
21.The Frattini Lemma.IfHis a normal subgroup of a nite groupGand
Pis a Sylowp-subgroup ofH, for eachg2Gshow that there is anhinH
such thatgP g
1
=hP h
1
. Also, show that ifNis the normalizer ofP, then
G=HN.
22. Show that if the order ofGisp
n
q, wherepandqare primes andp > q, then
Gcontains a normal subgroup.
23. Prove that the number of distinct conjugates of a subgroupHof a nite
groupGis [G:N(H)].
24. Prove that a Sylow 2-subgroup ofS5is isomorphic toD4.
25.Another Proof of the Sylow Theorems.
(a) Supposepis prime andpdoes not dividem. Show that
p6 j

p
k
m
p
k

:
(b) LetSdenote the set of allp
k
element subsets ofG. Show thatpdoes
not dividejSj.
(c) Dene an action ofGonSby left multiplication,aT=fat:t2Tgfor
a2GandT2 S. Prove that this is a group action.
(d) Provep6 j jOTjfor someT2 S.

230 CHAPTER 13 THE SYLOW THEOREMS
(e) LetfT1; : : : ; Tugbe an orbit such thatp6 juandH=fg2G:gT1=
T1g. Prove thatHis a subgroup ofGand show thatjGj=ujHj.
(f) Show thatp
k
dividesjHjandp
k
jHj.
(g) Show thatjHj=jOTj p
k
; conclude that thereforep
k
=jHj.
26. LetGbe a group. Prove thatG
0
=haba
1
b
1
:a; b2Giis a normal subgroup
ofGandG=G
0
is abelian. Find an example to show thatfaba
1
b
1
:a; b2
Ggis not necessarily a group.
A Project
Table 13.1.Numbers of distinct groupsG,jGj 60
Order NumberOrder NumberOrder NumberOrder Number1 ?16 1431 146 22 ?17 132 5147 13 ?18 ?33 148 524 ?19 ?34 ?49 ?5 ?20 535 150 56 ?21 ?36 1451 ?7 ?22 237 152 ?8 ?23 138 ?53 ?9 ?24 ?39 254 1510 ?25 240 1455 211 ?26 241 156 ?12 527 542 ?57 213 ?28 ?43 158 ?14 ?29 144 459 115 130 445 *60 13
The main objective of nite group theory is to classify all possible nite groups up
to isomorphism. This problem is very dicult even if we try to classify the groups
of order less than or equal to 60. However, we can break the problem down into
several intermediate problems.
1. Find all simple groupsG(jGj 60).Do not use the Odd Order Theorem
unless you are prepared to prove it.
2. Find the number of distinct groupsG, where the order ofGisnforn=
1; : : : ;60.
3. Find the actual groups (up to isomorphism) for eachn.
This is a challenging project that requires a working knowledge of the group theory
you have learned up to this point. Even if you do not complete it, it will teach you
a great deal about nite groups. You can use Table 13.1 as a guide.

EXERCISES 231
References and Suggested Readings
[1]Edwards, H. \A Short History of the Fields Medal,"Mathematical Intelli-
gencer1(1978), 127{29.
[2]Feit, W. and Thompson, J. G. \Solvability of Groups of Odd Order,"Pacic
Journal of Mathematics13(1963), 775{1029.
[3]Gallian, J. A. \The Search for Finite Simple Groups,"Mathematics Magazine
49(1976), 163{79.
[4]Gorenstein, D. \Classifying the Finite Simple Groups,"Bulletin of the Amer-
ican Mathematical Society14(1986), 1{98.
[5]Gorenstein, D.Finite Simple Groups: An Introduction to Their Classica-
tion. Plenum Press, New York, 1982.
[6]Gorenstein, D.The Classication of Finite Simple Groups, Vol. I: Groups of
Noncharacteristic 2 Type. Plenum Press, New York, 1983.

14
Rings
Up to this point we have studied sets with a single binary operation satis-
fying certain axioms, but often we are more interested in working with sets
that have two binary operations. For example, one of the most natural alge-
braic structures to study is the integers with the operations of addition and
multiplication. These operations are related to one another by the distribu-
tive property. If we consider a set with two such related binary operations
satisfying certain axioms, we have an algebraic structure called a ring. In a
ring we add and multiply such elements as real numbers, complex numbers,
matrices, and functions.
14.1 Rings
A nonempty setRis aringif it has two closed binary operations, addition
and multiplication, satisfying the following conditions.
1.a+b=b+afora; b2R.
2. (a+b) +c=a+ (b+c) fora; b; c2R.
3. There is an element 0 inRsuch thata+ 0 =afor alla2R.
4. For every elementa2R, there exists an elementainRsuch that
a+ (a) = 0.
5. (ab)c=a(bc) fora; b; c2R.
6. Fora; b; c2R,
a(b+c) =ab+ac
(a+b)c=ac+bc:
232

14.1 RINGS 233
This last condition, the distributive axiom, relates the binary operations of
addition and multiplication. Notice that the rst four axioms simply require
that a ring be an abelian group under addition, so we could also have dened
a ring to be an abelian group (R;+) together with a second binary operation
satisfying the fth and sixth conditions given above.
If there is an element 12Rsuch that 16= 0 and 1a=a1 =afor
each elementa2R, we say thatRis a ring withunityoridentity. A
ringRfor whichab=bafor alla; binRis called acommutative ring.
A commutative ringRwith identity is called anintegral domainif, for
everya; b2Rsuch thatab= 0, eithera= 0 orb= 0. Adivision ring
is a ringR, with an identity, in which every nonzero element inRis a
unit; that is, for eacha2Rwitha6= 0, there exists a unique elementa
1
such thata
1
a=aa
1
= 1. A commutative division ring is called aeld.
The relationship among rings, integral domains, division rings, and elds is
shown in Figure 14.1.
Rings
Commutative
Rings
Rings with
Identity
Integral
Domains
Division
Rings
Fields
"
"
"
"
"
"
b
b
b
b
"
"
Figure 14.1.Types of rings
Example 1.As we have mentioned previously, the integers form a ring. In
fact,Zis an integral domain. Certainly ifab= 0 for two integersaandb,
eithera= 0 orb= 0. However,Zis not a eld. There is no integer that is
the multiplicative inverse of 2, since 1=2 is not an integer. The only integers
with multiplicative inverses are 1 and1.
Example 2.Under the ordinary operations of addition and multiplication,
all of the familiar number systems are rings: the rationals,Q; the real
numbers,R; and the complex numbers,C. Each of these rings is a eld.

234 CHAPTER 14 RINGS
Example 3.We can dene the product of two elementsaandbinZnbyab
(modn). For instance, inZ12, 5711 (mod 12). This product makes the
abelian groupZninto a ring. CertainlyZnis a commutative ring; however,
it may fail to be an integral domain. If we consider 340 (mod 12) in
Z12, it is easy to see that a product of two nonzero elements in the ring can
be equal to zero.
A nonzero elementain a ringRis called azero divisorif there is a
nonzero elementbinRsuch thatab= 0. In the previous example, 3 and 4
are zero divisors inZ12.
Example 4.In calculus the continuous real-valued functions on an interval
[a; b] form a commutative ring. We add or multiply two functions by adding
or multiplying the values of the functions. Iff(x) =x
2
andg(x) = cosx,
then (f+g)(x) =f(x)+g(x) =x
2
+cosxand (fg)(x) =f(x)g(x) =x
2
cosx.

Example 5.The 22 matrices with entries inRform a ring under
the usual operations of matrix addition and multiplication. This ring is
noncommutative, since it is usually the case thatAB6=BA. Also, notice
that we can haveAB= 0 when neitherAnorBis zero.
Example 6.For an example of a noncommutative division ring, let
1 =

1 0
0 1

i=

0 1
1 0

j=

0i
i0

k=

i0
0i

;
wherei
2
=1. These elements satisfy the following relations:
i
2
=j
2
=k
2
=1
ij=k
jk=i
ki=j
ji=k
kj=i
ik=j:
LetHconsist of elements of the forma+bi+cj+dk, wherea; b; c; dare
real numbers. Equivalently,Hcan be considered to be the set of all 22

14.1 RINGS 235
matrices of the form

;
where=a+diand=b+ciare complex numbers. We can dene
addition and multiplication onHeither by the usual matrix operations or
in terms of the generators 1,i,j, andk:
(a1+b1i+c1j+d1k) + (a2+b2i+c2j+d2k) =
(a1+a2) + (b1+b2)i+ (c1+c2)j+ (d1+d2)k
and
(a1+b1i+c1j+d1k)(a2+b2i+c2j+d2k) =+i+j+k;
where
=a1a2b1b2c1c2d1d2
=a1b2+a1b1+c1d2d1c2
=a1c2b1d2+c1a2d1b2
=a1d2+b1c2c1b2d1a2:
Though multiplication looks complicated, it is actually a straightforward
computation if we remember that we just add and multiply elements inH
like polynomials and keep in mind the relationships between the generators
i,j, andk. The ringHis called the ring ofquaternions.
To show that the quaternions are a division ring, we must be able to nd
an inverse for each nonzero element. Notice that
(a+bi+cj+dk)(abicjdk) =a
2
+b
2
+c
2
+d
2
:
This element can be zero only ifa,b,c, anddare all zero. So ifa+bi+cj+
dk6= 0,
(a+bi+cj+dk)

abicjdk
a
2
+b
2
+c
2
+d
2

= 1:

Proposition 14.1LetRbe a ring witha; b2R. Then
1.a0 = 0a= 0;
2.a(b) = (a)b=ab;

236 CHAPTER 14 RINGS
3. (a)(b) =ab.
Proof.To prove (1), observe that
a0 =a(0 + 0) =a0 +a0;
hence,a0 = 0. Similarly, 0a= 0. For (2), we haveab+a(b) =a(bb) =
a0 = 0; consequently,ab=a(b). Similarly,ab= (a)b. Part (3)
follows directly from (2) since (a)(b) =(a(b)) =(ab) =ab.
Just as we have subgroups of groups, we have an analogous class of
substructures for rings. AsubringSof a ringRis a subsetSofRsuch
thatSis also a ring under the inherited operations fromR.
Example 7.The ringnZis a subring ofZ. Notice that even though the
original ring may have an identity, we do not require that its subring have
an identity. We have the following chain of subrings:
ZQRC:

The following proposition gives us some easy criteria for determining
whether or not a subset of a ring is indeed a subring. (We will leave the
proof of this proposition as an exercise.)
Proposition 14.2LetRbe a ring andSa subset ofR. ThenSis a subring
ofRif and only if the following conditions are satised.
1.S6=;.
2.rs2Sfor allr; s2S.
3.rs2Sfor allr; s2S.
Example 8.LetR=M2(R) be the ring of 22 matrices with entries in
R. IfTis the set of upper triangular matrices inR, i.e.,
T=

a b
0c

:a; b; c2R

;
thenTis a subring ofR. If
A=

a b
0c

andB=

a
0
b
0
0c
0

14.2 INTEGRAL DOMAINS AND FIELDS 237
are inT, then clearlyABis also inT. Also,
AB=

aa
0
ab
0
+bc
0
0 cc
0

is inT.
14.2 Integral Domains and Fields
Let us briey recall some denitions. IfRis a ring andris a nonzero element
inR, thenris said to be azero divisorif there is some nonzero element
s2Rsuch thatrs= 0. A commutative ring with identity is said to be
anintegral domainif it has no zero divisors. If an elementain a ringR
with identity has a multiplicative inverse, we say thatais aunit. If every
nonzero element in a ringRis a unit, thenRis called adivision ring. A
commutative division ring is called aeld.
Example 9.Ifi
2
=1, then the setZ[i] =fm+ni:m; n2Zgforms a
ring known as theGaussian integers. It is easily seen that the Gaussian
integers are a subring of the complex numbers since they are closed under
addition and multiplication. Let=a+bibe a unit inZ[i]. Then
=abi
is also a unit since if= 1, then

= 1. If=c+di, then
1 =

= (a
2
+b
2
)(c
2
+d
2
):
Therefore,a
2
+b
2
must either be 1 or1; or, equivalently,a+bi=1
ora+bi=i. Therefore, units of this ring are1 andi; hence, the
Gaussian integers are not a eld. We will leave it as an exercise to prove
that the Gaussian integers are an integral domain.
Example 10.The set of matrices
F=

1 0
0 1

;

1 1
1 0

;

0 1
1 1

;

0 0
0 0

with entries inZ2forms a eld.
Example 11.The setQ(
p
2 ) =fa+b
p
2 :a; b2Qgis a eld. The inverse
of an elementa+b
p
2 inQ(
p
2 ) is
a
a
2
2b
2
+
b
a
2
2b
2
p
2:

We have the following alternative characterization of integral domains.

238 CHAPTER 14 RINGS
Proposition 14.3 (Cancellation Law)LetDbe a commutative ring with
identity. ThenDis an integral domain if and only if for all nonzero elements
a2Dwithab=ac, we haveb=c.
Proof.LetDbe an integral domain. ThenDhas no zero divisors. Let
ab=acwitha6= 0. Thena(bc) = 0. Hence,bc= 0 andb=c.
Conversely, let us suppose that cancellation is possible inD. That is,
suppose thatab=acimpliesb=c. Letab= 0. Ifa6= 0, thenab=a0 or
b= 0. Therefore,acannot be a zero divisor.
The following surprising theorem is due to Wedderburn.
Theorem 14.4Every nite integral domain is a eld.
Proof.LetDbe a nite integral domain andD

be the set of nonzero
elements ofD. We must show that every element inD

has an inverse. For
eacha2D

we can dene a mapa:D

!D

bya(d) =ad. This map
makes sense, because ifa6= 0 andd6= 0, thenad6= 0. The mapais
one-to-one, since ford1; d22D

,
ad1=a(d1) =a(d2) =ad2
impliesd1=d2by left cancellation. SinceD

is a nite set, the mapa
must also be onto; hence, for somed2D

,a(d) =ad= 1. Therefore,a
has a left inverse. SinceDis commutative,dmust also be a right inverse
fora. Consequently,Dis a eld.
For any nonnegative integernand any elementrin a ringRwe write
r+ +r(ntimes) asnr. We dene thecharacteristicof a ringRto be
the least positive integernsuch thatnr= 0 for allr2R. If no such integer
exists, then the characteristic ofRis dened to be 0.
Example 12.For every primep,Zpis a eld of characteristicp. By
Proposition 2.1, every nonzero element inZphas an inverse; hence,Zpis a
eld. Ifais any nonzero element in the eld, thenpa= 0, since the order
of any nonzero element in the abelian groupZpisp.
Theorem 14.5The characteristic of an integral domain is either prime
or zero.
Proof.LetDbe an integral domain and suppose that the characteristic
ofDisnwithn6= 0. Ifnis not prime, thenn=ab, where 1< a < nand

14.3 RING HOMOMORPHISMS AND IDEALS 239
1< b < n. Since 0 =n1 = (ab)1 = (a1)(b1) and there are no zero divisors
inD, eithera1 = 0 orb1 = 0. Hence, the characteristic ofDmust be less
thann, which is a contradiction. Therefore,nmust be prime.
14.3 Ring Homomorphisms and Ideals
In the study of groups, a homomorphism is a map that preserves the op-
eration of the group. Similarly, a homomorphism between rings preserves
the operations of addition and multiplication in the ring. More specically,
ifRandSare rings, then aring homomorphism is a map:R!S
satisfying
(a+b) =(a) +(b)
(ab) =(a)(b)
for alla; b2R. If:R!Sis a one-to-one and onto homomorphism, then
is called anisomorphismof rings.
The set of elements that a ring homomorphism maps to 0 plays a funda-
mental role in the theory of rings. For any ring homomorphism:R!S,
we dene thekernelof a ring homomorphism to be the set
ker=fr2R:(r) = 0g:
Example 13.For any integernwe can dene a ring homomorphism
:Z!Znbya7!a(modn). This is indeed a ring homomorphism,
since
(a+b) = (a+b) (modn)
=a(modn) +b(modn)
=(a) +(b)
and
(ab) =ab(modn)
=a(modn)b(modn)
=(a)(b):
The kernel of the homomorphismisnZ.
Example 14.LetC[a; b] be the ring of continuous real-valued functions
on an interval [a; b] as in Example 4. For a xed2[a; b], we can dene

240 CHAPTER 14 RINGS
a ring homomorphism:C[a; b]!Rby(f) =f(). This is a ring
homomorphism since
(f+g) = (f+g)() =f() +g() =(f) +(g)
(fg) = (fg)() =f()g() =(f)(g):
Ring homomorphisms of the typeare calledevaluation homomor-
phisms.
In the next proposition we will examine some fundamental properties of
ring homomorphisms. The proof of the proposition is left as an exercise.
Proposition 14.6Let:R!Sbe a ring homomorphism.
1.IfRis a commutative ring, then(R)is a commutative ring.
2.(0) = 0.
3.Let1Rand1Sbe the identities forRandS, respectively. Ifis onto,
then(1R) = 1S.
4.IfRis a eld and(R)6= 0, then(R)is a eld.
In group theory we found that normal subgroups play a special role.
These subgroups have nice characteristics that make them more interesting
to study than arbitrary subgroups. In ring theory the objects corresponding
to normal subgroups are a special class of subrings called ideals. Anideal
in a ringRis a subringIofRsuch that ifais inIandris inR, then both
arandraare inI; that is,rIIandIrIfor allr2R.
Example 15.Every ringRhas at least two ideals,f0gandR. These ideals
are called thetrivial ideals.
LetRbe a ring with identity and suppose thatIis an ideal inRsuch
that 1 is inR. Since for anyr2R,r1 =r2Iby the denition of an ideal,
I=R.
Example 16.Ifais any element in a commutative ringRwith identity,
then the set
hai=far:r2Rg
is an ideal inR. Certainly,haiis nonempty since both 0 =a0 anda=a1 are
inhai. The sum of two elements inhaiis again inhaisincear+ar
0
=a(r+r
0
).
The inverse ofarisar=a(r)2 hai. Finally, if we multiply an element

14.3 RING HOMOMORPHISMS AND IDEALS 241
ar2 haiby an arbitrary elements2R, we haves(ar) =a(sr). Therefore,
haisatises the denition of an ideal.
IfRis a commutative ring with identity, then an ideal of the formhai=
far:r2Rgis called aprincipal ideal.
Theorem 14.7Every ideal in the ring of integersZis a principal ideal.
Proof.The zero idealf0gis a principal ideal sinceh0i=f0g. IfIis any
nonzero ideal inZ, thenImust contain some positive integerm. There
exists at least one such positive integerninIby the Principle of Well-
Ordering. Now letabe any element inI. Using the division algorithm, we
know that there exist integersqandrsuch that
a=nq+r
where 0r < n. This equation tells us thatr=anq2I, butrmust be
0 sincenis the least positive element inI. Therefore,a=nqandI=hni.

Example 17.The setnZis ideal in the ring of integers. Ifnais innZand
bis inZ, thennabis innZas required. In fact, by Theorem 14.7, these are
the only ideals ofZ.
Proposition 14.8The kernel of any ring homomorphism:R!Sis an
ideal inR.
Proof.We know from group theory that keris an additive subgroup of
R. Suppose thatr2Randa2ker. Then we must show thatarandra
are in ker. However,
(ar) =(a)(r) = 0(r) = 0
and
(ra) =(r)(a) =(r)0 = 0:

Remark.In our denition of an ideal we have required thatrIIand
IrIfor allr2R. Such ideals are sometimes referred to astwo-sided
ideals. We can also considerone-sided ideals; that is, we may require
only that eitherrIIorIrIforr2Rhold but not both. Such
ideals are calledleft idealsandright ideals, respectively. Of course,
in a commutative ring any ideal must be two-sided. In this text we will
concentrate on two-sided ideals.

242 CHAPTER 14 RINGS
Theorem 14.9LetIbe an ideal ofR. The factor groupR=Iis a ring with
multiplication dened by
(r+I)(s+I) =rs+I:
Proof.We already know thatR=Iis an abelian group under addition. Let
r+Iands+Ibe inR=I. We must show that the product (r+I)(s+I) =
rs+Iis independent of the choice of coset; that is, ifr
0
2r+Iands
0
2s+I,
thenr
0
s
0
must be inrs+I. Sincer
0
2r+I, there exists an elementain
Isuch thatr
0
=r+a. Similarly, there exists ab2Isuch thats
0
=s+b.
Notice that
r
0
s
0
= (r+a)(s+b) =rs+as+rb+ab
andas+rb+ab2IsinceIis an ideal; consequently,r
0
s
0
2rs+I. We will
leave as an exercise the verication of the associative law for multiplication
and the distributive laws.
The ringR=Iin Theorem 14.9 is called thefactororquotient ring.
Just as with group homomorphisms and normal subgroups, there is a rela-
tionship between ring homomorphisms and ideals.
Theorem 14.10LetIbe an ideal ofR. The map :R!R=Idened by
(r) =r+Iis a ring homomorphism ofRontoR=Iwith kernelI.
Proof.Certainly :R!R=Iis a surjective abelian group homomor-
phism. It remains to show that works correctly under ring multiplication.
Letrandsbe inR. Then
(r) (s) = (r+I)(s+I) =rs+I= (rs);
which completes the proof of the theorem.
The map :R!R=Iis often called thenaturalorcanonical homo-
morphism. In ring theory we have isomorphism theorems relating ideals
and ring homomorphisms similar to the isomorphism theorems for groups
that relate normal subgroups and homomorphisms in Chapter 9. We will
prove only the First Isomorphism Theorem for rings in this chapter and
leave the proofs of the other two theorems as exercises. All of the proofs are
similar to the proofs of the isomorphism theorems for groups.
Theorem 14.11 (First Isomorphism Theorem) Let:R!Sbe a
ring homomorphism. Thenkeris an ideal ofR. If :R!R=ker
is the canonical homomorphism, then there exists a unique isomorphism
:R=ker!(R)such that= .

14.4 MAXIMAL AND PRIME IDEALS 243
Proof.LetK= ker. By the First Isomorphism Theorem for groups,
there exists a well-dened group homomorphism:R=K! (R) dened
by(r+K) = (r) for the additive abelian groupsRandR=K. To show that
this is a ring homomorphism, we need only show that((r+K)(s+K)) =
(r+K)(s+K); but
((r+K)(s+K)) =(rs+K)
= (rs)
= (r) (s)
=(r+K)(s+K):

Theorem 14.12 (Second Isomorphism Theorem) LetIbe a subring
of a ringRandJan ideal ofR. ThenI\Jis an ideal ofIand
I=I\J

=(I+J)=J:
Theorem 14.13 (Third Isomorphism Theorem) LetRbe a ring and
IandJbe ideals ofRwhereJI. Then
R=I

=
R=J
I=J
:
Theorem 14.14 (Correspondence Theorem) LetIbe a ideal of a ring
R. ThenS!S=Iis a one-to-one correspondence between the set of subrings
ScontainingIand the set of subrings ofR=I. Furthermore, the ideals ofR
containingIcorrespond to ideals ofR=I.
14.4 Maximal and Prime Ideals
In this particular section we are especially interested in certain ideals of
commutative rings. These ideals give us special types of factor rings. More
specically, we would like to characterize those idealsIof a commutative
ringRsuch thatR=Iis an integral domain or a eld.
A proper idealMof a ringRis amaximal idealofRif the ideal
Mis not a proper subset of any ideal ofRexceptRitself. That is,M
is a maximal ideal if for any idealIproperly containingM,I=R. The
following theorem completely characterizes maximal ideals for commutative
rings with identity in terms of their corresponding factor rings.

244 CHAPTER 14 RINGS
Theorem 14.15LetRbe a commutative ring with identity andMan ideal
inR. ThenMis a maximal ideal ofRif and only ifR=Mis a eld.
Proof.LetMbe a maximal ideal inR. IfRis a commutative ring, then
R=Mmust also be a commutative ring. Clearly, 1 +Macts as an identity
forR=M. We must also show that every nonzero element inR=Mhas an
inverse. Ifa+Mis a nonzero element inR=M, thena =2M. DeneIto be
the setfra+m:r2Randm2Mg. We will show thatIis an ideal inR.
The setIis nonempty since 0a+ 0 = 0 is inI. Ifr1a+m1andr2a+m2
are two elements inI, then
(r1a+m1)(r2a+m2) = (r1r2)a+ (m1m2)
is inI. Also, for anyr2Rit is true thatrII; hence,Iis closed
under multiplication and satises the necessary conditions to be an ideal.
Therefore, by Proposition 14.2 and the denition of an ideal,Iis an ideal
properly containingM. SinceMis a maximal ideal,I=R; consequently,
by the denition ofIthere must be anminMand abinRsuch that
1 =ab+m. Therefore,
1 +M=ab+M=ba+M= (a+M)(b+M):
Conversely, suppose thatMis an ideal andR=Mis a eld. SinceR=M
is a eld, it must contain at least two elements: 0 +M=Mand 1 +M.
Hence,Mis a proper ideal ofR. LetIbe any ideal properly containingM.
We need to show thatI=R. ChooseainIbut not inM. Sincea+Mis a
nonzero element in a eld, there exists an elementb+MinR=Msuch that
(a+M)(b+M) =ab+M= 1 +M. Consequently, there exists an element
m2Msuch thatab+m= 1 and 1 is inI. Therefore,r1 =r2Ifor all
r2R. Consequently,I=R.
Example 18.LetpZbe an ideal inZ, wherepis prime. ThenpZis a
maximal ideal sinceZ=pZ

=Zpis a eld.
An idealPin a commutative ringRis called aprime idealif whenever
ab2P, then eithera2Porb2P.
Example 19.It is easy to check that the setP=f0;2;4;6;8;10gis an
ideal inZ12. This ideal is prime. In fact, it is a maximal ideal.
Proposition 14.16LetRbe a commutative ring with identity. ThenPis
a prime ideal inRif and only ifR=Pis an integral domain.

14.4 MAXIMAL AND PRIME IDEALS 245
Proof.First let us assume thatPis an ideal inRandR=Pis an integral
domain. Suppose thatab2P. Ifa+Pandb+Pare two elements ofR=P
such that (a+P)(b+P) = 0 +P=P, then eithera+P=Porb+P=P.
This means that eitherais inPorbis inP, which shows thatPmust be
prime.
Conversely, suppose thatPis prime and
(a+P)(b+P) =ab+P= 0 +P=P:
Thenab2P. Ifa =2P, thenbmust be inPby the denition of a prime
ideal; hence,b+P= 0 +PandR=Pis an integral domain.
Example 20.Every ideal inZis of the formnZ. The factor ringZ=nZ

=Zn
is an integral domain only whennis prime. It is actually a eld. Hence, the
nonzero prime ideals inZare the idealspZ, wherepis prime. This example
really justies the use of the word \prime" in our denition of prime ideals.

Since every eld is an integral domain, we have the following corollary.
Corollary 14.17Every maximal ideal in a commutative ring with identity
is also a prime ideal.
Historical Note
Amalie Emmy Noether, one of the outstanding mathematicians of this century, was
born in Erlangen, Germany in 1882. She was the daughter of Max Noether (1844{
1921), a distinguished mathematician at the University of Erlangen. Together with
Paul Gordon (1837{1912), Emmy Noether's father strongly inuenced her early
education. She entered the University of Erlangen at the age of 18. Although
women had been admitted to universities in England, France, and Italy for decades,
there was great resistance to their presence at universities in Germany. Noether
was one of only two women among the university's 986 students. After completing
her doctorate under Gordon in 1907, she continued to do research at Erlangen,
occasionally lecturing when her father was ill.
Noether went to Gottingen to study in 1916. David Hilbert and Felix Klein
tried unsuccessfully to secure her an appointment at Gottingen. Some of the faculty
objected to women lecturers, saying, \What will our soldiers think when they return
to the university and are expected to learn at the feet of a woman?" Hilbert,
annoyed at the question, responded, \Meine Herren, I do not see that the sex of
a candidate is an argument against her admission as a Privatdozent. After all,

246 CHAPTER 14 RINGS
the Senate is not a bathhouse." At the end of World War I, attitudes changed
and conditions greatly improved for women. After Noether passed her habilitation
examination in 1919, she was given a title and was paid a small sum for her lectures.
In 1922, Noether became a Privatdozent at Gottingen. Over the next 11 years
she used axiomatic methods to develop an abstract theory of rings and ideals.
Though she was not good at lecturing, Noether was an inspiring teacher. One of her
many students was B. L. van der Waerden, author of the rst text treating abstract
algebra from a modern point of view. Some of the other mathematicians Noether
inuenced or closely worked with were Alexandro, Artin, Brauer, Courant, Hasse,
Hopf, Pontryagin, von Neumann, and Weyl. One of the high points of her career
was an invitation to address the International Congress of Mathematicians in Zurich
in 1932. In spite of all the recognition she received from her colleagues, Noether's
abilities were never recognized as they should have been during her lifetime. She
was never promoted to full professor by the Prussian academic bureaucracy.
In 1933, Noether, a Jew, was banned from participation in all academic activi-
ties in Germany. She emigrated to the United States, took a position at Bryn Mawr
College, and became a member of the Institute for Advanced Study at Princeton.
Noether died suddenly on April 14, 1935. After her death she was eulogized by
such notable scientists as Albert Einstein.
14.5 An Application to Software Design
The Chinese Remainder Theorem is a result from elementary number theory
about the solution of systems of simultaneous congruences. The Chinese
mathematician Sun-ts wrote about the theorem in the rst century A.D.
This theorem has some interesting consequences in the design of software
for parallel processors.
Lemma 14.18Letmandnbe positive integers such thatgcd(m; n) = 1.
Then fora; b2Zthe system
xa(modm)
xb(modn)
has a solution. Ifx1andx2are two solutions of the system, thenx1x2
(modmn).
Proof.The equationxa(modm) has a solution sincea+kmsatises
the equation for allk2Z. We must show that there exists an integerk1
such that
a+k1mb(modn):

14.5 AN APPLICATION TO SOFTWARE DESIGN 247
This is equivalent to showing that
k1m(ba) (modn)
has a solution fork1. Sincemandnare relatively prime, there exist integers
sandtsuch thatms+nt= 1. Consequently,
(ba)ms= (ba)(ba)nt;
or
[(ba)s]m(ba) (modn):
Now letk1= (ba)s.
To show that any two solutions are congruent modulomn, letc1andc2
be two solutions of the system. That is,
cia(modm)
cib(modn)
fori= 1;2. Then
c2c1(modm)
c2c1(modn):
Therefore, bothmandndividec1c2. Consequently,c2c1(modmn).

Example 21.Let us solve the system
x3 (mod 4)
x4 (mod 5):
Using the Euclidean algorithm, we can nd integerssandtsuch that 4s+
5t= 1. Two such integers ares=1 andt= 1. Consequently,
x=a+k1m= 3 + 4k1= 3 + 4[(54)4] = 19:

Theorem 14.19 (Chinese Remainder Theorem) Letn1; n2; : : : ; nkbe
positive integers such thatgcd(ni; nj) = 1fori6=j. Then for any integers
a1; : : : ; ak, the system
xa1(modn1)
xa2(modn2)
.
.
.
xak(modnk)

248 CHAPTER 14 RINGS
has a solution. Furthermore, any two solutions of the system are congruent
modulon1n2 nk.
Proof.We will use mathematical induction on the number of equations
in the system. If there arek= 2 equations, then the theorem is true by
Lemma 14.18. Now suppose that the result is true for a system ofkequations
or less and that we wish to nd a solution of
xa1(modn1)
xa2(modn2)
.
.
.
xak+1(modnk+1):
Considering the rstkequations, there exists a solution that is unique mod-
ulon1 nk, saya. Sincen1 nkandnk+1are relatively prime, the system
xa(modn1 nk)
xak+1(modnk+1)
has a solution that is unique modulon1: : : nk+1by the lemma.
Example 22.Let us solve the system
x3 (mod 4)
x4 (mod 5)
x1 (mod 9)
x5 (mod 7):
From Example 21 we know that 19 is a solution of the rst two congruences
and any other solution of the system is congruent to 19 (mod 20). Hence,
we can reduce the system to a system of three congruences:
x19 (mod 20)
x1 (mod 9)
x5 (mod 7):
Solving the next two equations, we can reduce the system to
x19 (mod 180)
x5 (mod 7):

14.5 AN APPLICATION TO SOFTWARE DESIGN 249
Solving this last system, we nd that 19 is a solution for the system that is
unique up to modulo 1260.
One interesting application of the Chinese Remainder Theorem in the
design of computer software is that the theorem allows us to break up a
calculation involving large integers into several less formidable calculations.
Most computers will handle integer calculations only up to a certain size.
For example, the largest integer available on many workstations is 2
31
1 =
2,147,483,647. Special software is required for calculations involving larger
integers which cannot be added directly by the machine. However, by using
the Chinese Remainder Theorem we can break down large integer additions
and multiplications into calculations that the computer can handle directly.
This is especially useful on parallel processing computers which have the
ability to run several programs concurrently.
Most computers have a single central processing unit (CPU), which can
only add two numbers at a time. To add a list of ten numbers, the CPU must
do nine additions in sequence. However, a parallel processing computer has
more than one CPU. A computer with 10 CPUs, for example, can perform 10
dierent additions at the same time. If we can take a large integer and break
it down into parts, sending each part to a dierent CPU, then by performing
several additions or multiplications simultaneously on those parts, we can
work with an integer that the computer would not be able to handle as a
whole.
Example 23.Suppose that we wish to multiply 2134 by 1531. We will use
the integers 95, 97, 98, and 99 because they are relatively prime. We can
break down each integer into four parts:
213444 (mod 95)
21340 (mod 97)
213476 (mod 98)
213455 (mod 99)
and
153111 (mod 95)
153176 (mod 97)
153161 (mod 98)
153146 (mod 99):

250 CHAPTER 14 RINGS
Multiplying the corresponding equations, we obtain
2134153144119 (mod 95)
213415310760 (mod 97)
21341531766130 (mod 98)
21341531554655 (mod 99):
Each of these four computations can be sent to a dierent processor if
our computer has several CPUs. By the above calculation, we know that
21341531 is a solution of the system
x9 (mod 95)
x0 (mod 97)
x30 (mod 98)
x55 (mod 99):
The Chinese Remainder Theorem tells us that solutions are unique up to
modulo 95979899 = 89,403,930. Solving this system of congruences for
xtells us that 21341531 = 3,267,154.
The conversion of the computation into the four subcomputations will
take some computing time. In addition, solving the system of congruences
can also take considerable time. However, if we have many computations to
be performed on a particular set of numbers, it makes sense to transform the
problem as we have done above and to perform the necessary calculations
simultaneously.
Exercises
1.Which of the following sets are rings with respect to the usual operations of
addition and multiplication? If the set is a ring, is it also a eld?
(a)7Z
(b)Z18
(c)Q(
p
2 ) =fa+b
p
2 :a; b2Qg
(d)Q(
p
2;
p
3 ) =fa+b
p
2 +c
p
3 +d
p
6 :a; b; c; d2Qg
(e)Z[
p
3 ] =fa+b
p
3 :a; b2Zg
(f)R=fa+b
3
p
3 :a; b2Qg
(g)Z[i] =fa+bi:a; b2Zandi
2
=1g
(h)Q(
3
p
3 ) =fa+b
3
p
3 +c
3
p
9 :a; b; c2Qg

EXERCISES 251
2.LetRbe the ring of 22 matrices of the form

a b
0 0

;
wherea; b2R. Show that althoughRis a ring that has no identity, we can
nd a subringSofRwith an identity.
3.List or characterize all of the units in each of the following rings.
(a)Z10
(b)Z12
(c)Z7
(d)M2(Z), the 22 matrices with entries inZ
(e)M2(Z2), the 22 matrices with entries inZ2
4.Find all of the ideals in each of the following rings. Which of these ideals are
maximal and which are prime?
(a)Z18
(b)Z25
(c)M2(R), the 22 matrices with entries inR
(d)M2(Z), the 22 matrices with entries inZ
(e)Q
5.For each of the following ringsRwith idealI, give an addition table and a
multiplication table forR=I.
(a)R=ZandI= 6Z
(b)R=Z12andI=f0;3;6;9g
6.Find all homomorphisms:Z=6Z!Z=15Z.
7.Prove thatRis not isomorphic toC.
8.Prove or disprove: The ringQ(
p
2 ) =fa+b
p
2 :a; b2Qgis isomorphic to
the ringQ(
p
3 ) =fa+b
p
3 :a; b2Qg.
9.What is the characteristic of the eld formed by the set of matrices
F=

1 0
0 1

;

1 1
1 0

;

0 1
1 1

;

0 0
0 0

with entries inZ2?
10.Dene a map:C!M2(R) by
(a+bi) =

a b
b a

:
Show thatis an isomorphism ofCwith its image inM2(R).

252 CHAPTER 14 RINGS
11.Prove that the Gaussian integers,Z[i], are an integral domain.
12.Prove thatZ[
p
3i] =fa+b
p
3i:a; b2Zgis an integral domain.
13.Solve each of the following systems of congruences.
(a) x2 (mod 5)
x6 (mod 11)
(b) x3 (mod 7)
x0 (mod 8)
x5 (mod 15)
(c) x2 (mod 4)
x4 (mod 7)
x7 (mod 9)
x5 (mod 11)
(d) x3 (mod 5)
x0 (mod 8)
x1 (mod 11)
x5 (mod 13)
14.Use the method of parallel computation outlined in the text to calculate
2234 + 4121 by dividing the calculation into four separate additions modulo
95, 97, 98, and 99.
15.Explain why the method of parallel computation outlined in the text fails
for 21341531 if we attempt to break the calculation down into two smaller
calculations modulo 98 and 99.
16.IfRis a eld, show that the only two ideals ofRaref0gandRitself.
17.Letabe any element in a ringRwith identity. Show that (1)a=a.
18.Prove that (a)(b) =abfor any elementsaandbin a ringR.
19.Let:R!Sbe a ring homomorphism. Prove each of the following state-
ments.
(a)IfRis a commutative ring, then(R) is a commutative ring.
(b)(0) = 0.
(c)Let 1Rand 1Sbe the identities forRandS, respectively. Ifis onto,
then(1R) = 1S.
(d)IfRis a eld and(R)6= 0, then(R) is a eld.
20.Prove that the associative law for multiplication and the distributive laws
hold inR=I.
21.Prove the Second Isomorphism Theorem for rings: LetIbe a subring of a
ringRandJan ideal inR. ThenI\Jis an ideal inIand
I=I\J

=I+J=J:

EXERCISES 253
22.Prove the Third Isomorphism Theorem for rings: LetRbe a ring andIand
Jbe ideals ofR, whereJI. Then
R=I

=
R=J
I=J
:
23.Prove the Correspondence Theorem: LetIbe a ideal of a ringR. ThenS!
S=Iis a one-to-one correspondence between the set of subringsScontaining
Iand the set of subrings ofR=I. Furthermore, the ideals ofRcorrespond to
ideals ofR=I.
24.LetRbe a ring andSa subset ofR. Show thatSis a subring ofRif and
only if each of the following conditions is satised.
(a)S6=;.
(b)rs2Sfor allr; s2S.
(c)rs2Sfor allr; s2S.
25.LetRbe a ring with a collection of subringsfRg. Prove that
T
Ris a
subring ofR. Give an example to show that the union of two subrings cannot
be a subring.
26.LetfIg2Abe a collection of ideals in a ringR. Prove that
T
2A
Iis also
an ideal inR. Give an example to show that ifI1andI2are ideals inR,
thenI1[I2may not be an ideal.
27.LetRbe an integral domain. Show that if the only ideals inRaref0gand
Ritself,Rmust be a eld.
28.LetRbe a commutative ring. An elementainRisnilpotentifa
n
= 0 for
some positive integern. Show that the set of all nilpotent elements forms an
ideal inR.
29.A ringRis aBoolean ringif for everya2R,a
2
=a. Show that every
Boolean ring is a commutative ring.
30.LetRbe a ring, wherea
3
=afor alla2R. Prove thatRmust be a
commutative ring.
31.LetRbe a ring with identity 1RandSa subring ofRwith identity 1S.
Prove or disprove that 1R= 1S.
32.If we do not require the identity of a ring to be distinct from 0, we will not
have a very interesting mathematical structure. LetRbe a ring such that
1 = 0. Prove thatR=f0g.
33.LetSbe a subset of a ringR. Prove that there is a subringR
0
ofRthat
containsS.

254 CHAPTER 14 RINGS
34.LetRbe a ring. Dene thecenterofRto be
Z(R) =fa2R:ar=rafor allr2Rg:
Prove thatZ(R) is a commutative subring ofR.
35.Letpbe prime. Prove that
Z
(p)=fa=b:a; b2Zand gcd(b; p) = 1g
is a ring. The ringZ
(p)is called thering of integers localized atp.
36.Prove or disprove: Every nite integral domain is isomorphic toZp.
37.LetRbe a ring.
(a)Letube a unit inR. Dene a mapiu:R!Rbyr7!uru
1
. Prove
thatiuis an automorphism ofR. Such an automorphism ofRis called
an inner automorphism ofR. Denote the set of all inner automorphisms
ofRbyInn(R).
(b)Denote the set of all automorphisms ofRbyAut(R). Prove thatInn(R)
is a normal subgroup ofAut(R).
(c)LetU(R) be the group of units inR. Prove that the map
:U(R)!Inn(R)
dened byu7!iuis a homomorphism. Determine the kernel of.
(d)ComputeAut(Z),Inn(Z), andU(Z).
38.LetRandSbe arbitrary rings. Show that their Cartesian product is a ring
if we dene addition and multiplication inRSby
(a)(r; s) + (r
0
; s
0
) = (r+r
0
; s+s
0
)
(b)(r; s)(r
0
; s
0
) = (rr
0
; ss
0
)
39.An elementain a ring is called anidempotentifx
2
=x. Prove that
the only idempotents in an integral domain are 0 and 1. Find a ring with a
idempotentxnot equal to 0 or 1.
40.Let gcd(a; n) =dand gcd(b; d) = 1. Prove thataxb(modn) does not
have a solution.
41. The Chinese Remainder Theorem for Rings. LetRbe a ring andI
andJbe ideals inRsuch thatI+J=R.
(a)Show that for anyrandsinR, the system of equations
xr(modI)
xs(modJ)
has a solution.

EXERCISES 255
(b)In addition, prove that any two solutions of the system are congruent
moduloI\J.
(c)LetIandJbe ideals in a ringRsuch thatI+J=R. Show that there
exists a ring isomorphism
R=(I\J)

=R=IR=J:
Programming Exercise
Write a computer program to simulate fast addition and multiplication using
the Chinese Remainder Theorem and the method outlined in the text.
References and Suggested Readings
[1]Anderson, F. W. and Fuller, K. R.Rings and Categories of Modules. 2nd ed.
Springer-Verlag, New York, 1992.
[2]Atiyah, M. F. and MacDonald, I. G.Introduction to Commutative Algebra.
Addison-Wesley, Reading, MA, 1969.
[3]Herstein, I. N.Noncommutative Rings, Carus Monograph Series, No. 15.
Mathematical Association of America, Washington, DC, 1968.
[4]Kaplansky, I.Commutative Rings. Revised edition. University of Chicago
Press, Chicago, 1974.
[5]Knuth, D. E.The Art of Computer Programming: Semi-Numerical Algo-
rithms, vol. 2. 2nd ed. Addison-Wesley, Reading, MA, 1981.
[6]Lidl, R. and Pilz, G.Applied Abstract Algebra. Springer-Verlag, New York,
1984. A good source for applications.
[7]Mackiw, G.Applications of Abstract Algebra. Wiley, New York, 1985.
[8]McCoy, N. H.Rings and Ideals. Carus Monograph Series, No. 8. Mathemat-
ical Association of America, Washington, DC, 1968.
[9]McCoy, N. H.The Theory of Rings. Chelsea, New York, 1972.
[10]Zariski, O. and Samuel, P.Commutative Algebra, vols. I and II. Springer-
Verlag, New York, 1986, 1991.

15
Polynomials
Most people are fairly familiar with polynomials by the time they begin to
study abstract algebra. When we examine polynomial expressions such as
p(x) =x
3
3x+ 2
q(x) = 3x
2
6x+ 5;
we have a pretty good idea of whatp(x) +q(x) andp(x)q(x) mean. We just
add and multiply polynomials as functions; that is,
(p+q)(x) =p(x) +q(x)
= (x
3
3x+ 2) + (3x
2
6x+ 5)
=x
3
+ 3x
2
9x+ 7
and
(pq)(x) =p(x)q(x)
= (x
3
3x+ 2)(3x
2
6x+ 5)
= 3x
5
6x
4
4x
3
+ 24x
2
27x+ 10:
It is probably no surprise that polynomials form a ring. In this chapter we
shall emphasize the algebraic structure of polynomials by studying polyno-
mial rings. We can prove many results for polynomial rings that are similar
to the theorems we proved for the integers. Analogs of prime numbers, of
the division algorithm, and of the Euclidean algorithm exist for polynomials.
256

15.1 POLYNOMIAL RINGS 257
15.1 Polynomial Rings
Throughout this chapter we shall assume thatRis a commutative ring with
identity. Any expression of the form
f(x) =
n
X
i=0
aix
i
=a0+a1x+a2x
2
+ +anx
n
;
whereai2Randan6= 0, is called apolynomial overRwithindeter-
minatex. The elementsa0; a1; : : : ; anare called thecoecientsoff.
The coecientanis called theleading coecient. A polynomial is called
monicif the leading coecient is 1. Ifnis the largest nonnegative number
for whichan6= 0, we say that thedegreeoffisnand write degf(x) =n.
If no suchnexists|that is, iff= 0 is the zero polynomial|then the degree
offis dened to be1. We will denote the set of all polynomials with
coecients in a ringRbyR[x]. Two polynomials are equal exactly when
their corresponding coecients are equal; that is, if we let
p(x) =a0+a1x+ +anx
n
q(x) =b0+b1x+ +bmx
m
;
thenp(x) =q(x) if and only ifai=bifor alli0.
To show that the set of all polynomials forms a ring, we must rst de-
ne addition and multiplication. We dene the sum of two polynomials as
follows. Let
p(x) =a0+a1x+ +anx
n
q(x) =b0+b1x+ +bmx
m
:
Then the sum ofp(x) andq(x) is
p(x) +q(x) =c0+c1x+ +ckx
k
;
whereci=ai+bifor eachi. We dene the product ofp(x) andq(x) to be
p(x)q(x) =c0+c1x+ +cm+nx
m+n
;
where
ci=
i
X
k=0
akbik=a0bi+a1bi1+ +ai1b1+aib0
for eachi. Notice that in each case some of the coecients may be zero.

258 CHAPTER 15 POLYNOMIALS
Example 1.Suppose that
p(x) = 3 + 0x+ 0x
2
+ 2x
3
+ 0x
4
and
q(x) = 2 + 0xx
2
+ 0x
3
+ 4x
4
are polynomials inZ[x]. If the coecient of some term in a polynomial
is zero, then we usually just omit that term. In this case we would write
p(x) = 3 + 2x
3
andq(x) = 2x
2
+ 4x
4
. The sum of these two polynomials
is
p(x) +q(x) = 5x
2
+ 2x
3
+ 4x
4
:
The product,
p(x)q(x) = (3 + 2x
3
)(2x
2
+ 4x
4
) = 63x
2
+ 4x
3
+ 12x
4
2x
5
+ 8x
7
;
can be calculated either by determining theci's in the denition or by simply
multiplying polynomials in the same way as we have always done.
Example 2.Let
p(x) = 3 + 3x
3
and
q(x) = 4 + 4x
2
+ 4x
4
be polynomials inZ12[x]. The sum ofp(x) andq(x) is 7 + 4x
2
+ 3x
3
+ 4x
4
.
The product of the two polynomials is the zero polynomial. This example
tells us thatR[x] cannot be an integral domain ifRis not an integral domain.

Theorem 15.1LetRbe a commutative ring with identity. ThenR[x]is a
commutative ring with identity.
Proof.Our rst task is to show thatR[x] is an abelian group under
polynomial addition. The zero polynomial,f(x) = 0, is the additive identity.
Given a polynomialp(x) =
P
n
i=0
aix
i
, the inverse ofp(x) is easily veried to
bep(x) =
P
n
i=0
(ai)x
i
=
P
n
i=0
aix
i
. Commutativity and associativity
follow immediately from the denition of polynomial addition and from the
fact that addition inRis both commutative and associative.

15.1 POLYNOMIAL RINGS 259
To show that polynomial multiplication is associative, let
p(x) =
m
X
i=0
aix
i
;
q(x) =
n
X
i=0
bix
i
;
r(x) =
p
X
i=0
cix
i
:
Then
[p(x)q(x)]r(x) =
"
m
X
i=0
aix
i
!
n
X
i=0
bix
i
!#
p
X
i=0
cix
i
!
=
2
4
m+n
X
i=0
0
@
i
X
j=0
ajbij
1
Ax
i
3
5

p
X
i=0
cix
i
!
=
m+n+p
X
i=0
2
4
i
X
j=0

j
X
k=0
akbjk
!
cj
3
5x
i
=
m+n+p
X
i=0
0
@
X
j+k+l=i
ajbkcr
1
Ax
i
=
m+n+p
X
i=0
2
4
i
X
j=0
aj

ij
X
k=0
bkcijk
!
3
5x
i
=

m
X
i=0
aix
i
!
2
4
n+p
X
i=0
0
@
i
X
j=0
bjcij
1
Ax
i
3
5
=

m
X
i=0
aix
i
! "
n
X
i=0
bix
i
!
p
X
i=0
cix
i
!#
=p(x)[q(x)r(x)]
The commutativity and distribution properties of polynomial multiplication
are proved in a similar manner. We shall leave the proofs of these properties
as an exercise.
Proposition 15.2Letp(x)andq(x)be polynomials inR[x], whereRis an
integral domain. Thendegp(x) + degq(x) = deg(p(x)q(x)). Furthermore,
R[x]is an integral domain.

260 CHAPTER 15 POLYNOMIALS
Proof.Suppose that we have two nonzero polynomials
p(x) =amx
m
+ +a1x+a0
and
q(x) =bnx
n
+ +b1x+b0
witham6= 0 andbn6= 0. The degrees ofpandqaremandn, respectively.
The leading term ofp(x)q(x) isambnx
m+n
, which cannot be zero sinceRis
an integral domain; hence, the degree ofp(x)q(x) ism+n, andp(x)q(x)6= 0.
Sincep(x)6= 0 andq(x)6= 0 imply thatp(x)q(x)6= 0, we know thatR[x]
must also be an integral domain.
We also want to consider polynomials in two or more variables, such
asx
2
3xy+ 2y
3
. LetRbe a ring and suppose that we are given two
indeterminatesxandy. Certainly we can form the ring (R[x])[y]. It is
straightforward but perhaps tedious to show that (R[x])[y]

=R([y])[x]. We
shall identify these two rings by this isomorphism and simply writeR[x; y].
The ringR[x; y] is called thering of polynomials in two indeterminates
xandywith coecients inR. We can dene thering of polynomials
innindeterminates with coecients inRsimilarly. We shall denote
this ring byR[x1; x2; : : : ; xn].
Theorem 15.3LetRbe a commutative ring with identity and2R. Then
we have a ring homomorphism:R[x]!Rdened by
(p(x)) =p() =an
n
+ +a1+a0;
wherep(x) =anx
n
+ +a1x+a0.
Proof.Letp(x) =
P
n
i=0
aix
i
andq(x) =
P
m
i=0
bix
i
. It is easy to show
that(p(x) +q(x)) =(p(x)) +(q(x)). To show that multiplication is
preserved under the map, observe that
(p(x))(q(x)) =p()q()
=

n
X
i=0
ai
i
!
m
X
i=0
bi
i
!
=
m+n
X
i=0

i
X
k=0
akbik
!

i
=(p(x)q(x)):

The map:R[x]!Ris called theevaluation homomorphism
at.

15.2 THE DIVISION ALGORITHM 261
15.2 The Division Algorithm
Recall that the division algorithm for integers (Theorem 1.3) says that if
aandbare integers withb >0, then there exist unique integersqandr
such thata=bq+r, where 0r < b. The algorithm by whichqandr
are found is just long division. A similar theorem exists for polynomials.
The division algorithm for polynomials has several important consequences.
Since its proof is very similar to the corresponding proof for integers, it is
worthwhile to review Theorem 1.3 at this point.
Theorem 15.4 (Division Algorithm)Letf(x)andg(x)be two nonzero
polynomials inF[x], whereFis a eld andg(x)is a nonconstant polynomial.
Then there exist unique polynomialsq(x); r(x)2F[x]such that
f(x) =g(x)q(x) +r(x);
where eitherdegr(x)<degg(x)orr(x)is the zero polynomial.
Proof.We will rst consider the existence ofq(x) andr(x). LetS=
ff(x)g(x)h(x) :h(x)2F[x]gand assume that
g(x) =a0+a1x+ +anx
n
is a polynomial of degreen. This set is nonempty sincef(x)2S. Iff(x) is
the zero polynomial, then
0 =f(x) = 0g(x) + 0;
hence, bothqandrmust also be the zero polynomial.
Now suppose that the zero polynomial is not inS. In this case the
degree of every polynomial inSis nonnegative. Choose a polynomialr(x)
of smallest degree inS; hence, there must exist aq(x)2F[x] such that
r(x) =f(x)g(x)q(x);
or
f(x) =g(x)q(x) +r(x):
We need to show that the degree ofr(x) is less than the degree ofg(x).
Assume that degg(x)degr(x). Sayr(x) =b0+b1x+ +bmx
m
and

262 CHAPTER 15 POLYNOMIALS
mn. Then
f(x)g(x)[q(x)(bm=an)x
mn
] =f(x)g(x)q(x)
+ (bm=an)x
mn
g(x)
=r(x) + (bm=an)x
mn
g(x)
=r(x) +bmx
m
+ terms of lower degree
is inS. This is a polynomial of lower degree thanr(x), which contradicts
the fact thatr(x) is a polynomial of smallest degree inS; hence, degr(x)<
degg(x).
To show thatq(x) andr(x) are unique, suppose that there exist two
other polynomialsq
0
(x) andr
0
(x) such thatf(x) =g(x)q
0
(x) +r
0
(x) and
degr
0
(x)<degg(x) orr
0
(x) = 0, so that
f(x) =g(x)q(x) +r(x) =g(x)q
0
(x) +r
0
(x);
and
g(x)[q(x)q
0
(x)] =r
0
(x)r(x):
Ifgis not the zero polynomial, then
deg(g(x)[q(x)q
0
(x)]) = deg(r
0
(x)r(x))degg(x):
However, the degrees of bothr(x) andr
0
(x) are strictly less than the degree
ofg(x); therefore,r(x) =r
0
(x) andq(x) =q
0
(x).
Example 3.The division algorithm merely formalizes long division of poly-
nomials, a task we have been familiar with since high school. For example,
suppose that we dividex
3
x
2
+ 2x3 byx2.
x
2
+ x+ 4
x2
x
3
x
2
+ 2x3
x
3
2x
2
x
2
+ 2x3
x
2
2x
4x3
4x8
5
Hence,x
3
x
2
+ 2x3 = (x2)(x
2
+x+ 4) + 5.
Letp(x) be a polynomial inF[x] and2F. We say thatis azero
orrootofp(x) ifp(x) is in the kernel of the evaluation homomorphism.
All we are really saying here is thatis a zero ofp(x) ifp() = 0.

15.2 THE DIVISION ALGORITHM 263
Corollary 15.5LetFbe a eld. An element2Fis a zero ofp(x)2F[x]
if and only ifxis a factor ofp(x)inF[x].
Proof.Suppose that2Fandp() = 0. By the division algorithm, there
exist polynomialsq(x) andr(x) such that
p(x) = (x)q(x) +r(x)
and the degree ofr(x) must be less than the degree ofx. Since the
degree ofr(x) is less than 1,r(x) =afora2F; therefore,
p(x) = (x)q(x) +a:
But
0 =p() = 0q(x) +a=a;
consequently,p(x) = (x)q(x), andxis a factor ofp(x).
Conversely, suppose thatxis a factor ofp(x); sayp(x) = (x)q(x).
Thenp() = 0q(x) = 0.
Corollary 15.6LetFbe a eld. A nonzero polynomialp(x)of degreenin
F[x]can have at mostndistinct zeros inF.
Proof.We will use induction on the degree ofp(x). If degp(x) = 0, then
p(x) is a constant polynomial and has no zeros. Let degp(x) = 1. Then
p(x) =ax+bfor someaandbinF. If1and2are zeros ofp(x), then
a1+b=a2+bor1=2.
Now assume that degp(x)>1. Ifp(x) does not have a zero inF, then we
are done. On the other hand, ifis a zero ofp(x), thenp(x) = (x)q(x)
for someq(x)2F[x] by Corollary 15.5. The degree ofq(x) isn1 by
Proposition 15.2. Letbe some other zero ofp(x) that is distinct from.
Thenp() = ()q() = 0. Since6=andFis a eld,q() = 0. By
our induction hypothesis,p(x) can have at mostn1 zeros inFthat are
distinct from. Therefore,p(x) has at mostndistinct zeros inF.
LetFbe a eld. A monic polynomiald(x) is agreatest common
divisorof polynomialsp(x); q(x)2F[x] ifd(x) evenly divides bothp(x)
andq(x); and, if for any other polynomiald
0
(x) dividing bothp(x) andq(x),
d
0
(x)jd(x). We writed(x) = gcd(p(x); q(x)). Two polynomialsp(x) and
q(x) arerelatively primeif gcd(p(x); q(x)) = 1.

264 CHAPTER 15 POLYNOMIALS
Proposition 15.7LetFbe a eld and suppose thatd(x)is the greatest
common divisor of two polynomialsp(x)andq(x)inF[x]. Then there exist
polynomialsr(x)ands(x)such that
d(x) =r(x)p(x) +s(x)q(x):
Furthermore, the greatest common divisor of two polynomials is unique.
Proof.Letd(x) be the monic polynomial of smallest degree in the set
S=ff(x)p(x) +g(x)q(x) :f(x); g(x)2F[x]g:
We can writed(x) =r(x)p(x) +s(x)q(x) for two polynomialsr(x) ands(x)
inF[x]. We need to show thatd(x) divides bothp(x) andq(x). We shall
rst show thatd(x) dividesp(x). By the division algorithm, there exist
polynomialsa(x) andb(x) such thatp(x) =a(x)d(x) +b(x), whereb(x) is
either the zero polynomial or degb(x)<degd(x). Therefore,
b(x) =p(x)a(x)d(x)
=p(x)a(x)(r(x)p(x) +s(x)q(x))
=p(x)a(x)r(x)p(x)a(x)s(x)q(x)
=p(x)(1a(x)r(x)) +q(x)(a(x)s(x))
is a linear combination ofp(x) andq(x) and therefore must be inS. However,
b(x) must be the zero polynomial sinced(x) was chosen to be of smallest
degree; consequently,d(x) dividesp(x). A symmetric argument shows that
d(x) must also divideq(x); hence,d(x) is a common divisor ofp(x) andq(x).
To show thatd(x) is a greatest common divisor ofp(x) andq(x), suppose
thatd
0
(x) is another common divisor ofp(x) andq(x). We will show that
d
0
(x)jd(x). Sinced
0
(x) is a common divisor ofp(x) andq(x), there exist
polynomialsu(x) andv(x) such thatp(x) =u(x)d
0
(x) andq(x) =v(x)d
0
(x).
Therefore,
d(x) =r(x)p(x) +s(x)q(x)
=r(x)u(x)d
0
(x) +s(x)v(x)d
0
(x)
=d
0
(x)[r(x)u(x) +s(x)v(x)]:
Sinced
0
(x)jd(x),d(x) is a greatest common divisor ofp(x) andq(x).
Finally, we must show that the greatest common divisor ofp(x) and
q(x)) is unique. Suppose thatd
0
(x) is another greatest common divisor of

15.3 IRREDUCIBLE POLYNOMIALS 265
p(x) andq(x). We have just shown that there exist polynomialsu(x) and
v(x) inF[x] such thatd(x) =d
0
(x)[r(x)u(x) +s(x)v(x)]. Since
degd(x) = degd
0
(x) + deg[r(x)u(x) +s(x)v(x)]
andd(x) andd
0
(x) are both greatest common divisors, degd(x) = degd
0
(x).
Sinced(x) andd
0
(x) are both monic polynomials of the same degree, it must
be the case thatd(x) =d
0
(x).
Notice the similarity between the proof of Proposition 15.7 and the proof
of Theorem 1.4.
15.3 Irreducible Polynomials
A nonconstant polynomialf(x)2F[x] isirreducibleover a eldFif
f(x) cannot be expressed as a product of two polynomialsg(x) andh(x)
inF[x], where the degrees ofg(x) andh(x) are both smaller than the de-
gree off(x). Irreducible polynomials function as the \prime numbers" of
polynomial rings.
Example 4.The polynomialx
2
22Q[x] is irreducible since it cannot be
factored any further over the rational numbers. Similarly,x
2
+1 is irreducible
over the real numbers.
Example 5.The polynomialp(x) =x
3
+x
2
+ 2 is irreducible overZ3[x].
Suppose that this polynomial was reducible overZ3[x]. By the division
algorithm there would have to be a factor of the formxa, whereais some
element inZ3[x]. Hence, it would have to be true thatp(a) = 0. However,
p(0) = 2
p(1) = 1
p(2) = 2:
Therefore,p(x) has no zeros inZ3and must be irreducible.
Lemma 15.8Letp(x)2Q[x]. Then
p(x) =
r
s
(a0+a1x+ +anx
n
);
wherer; s; a0; : : : ; anare integers, theai's are relatively prime, andrands
are relatively prime.

266 CHAPTER 15 POLYNOMIALS
Proof.Suppose that
p(x) =
b0
c0
+
b1
c1
x+ +
bn
cn
x
n
;
where thebi's and theci's are integers. We can rewritep(x) as
p(x) =
1
c0 cn
(d0+d1x+ +dnx
n
);
whered0; : : : ; dnare integers. Letdbe the greatest common divisor of
d0; : : : ; dn. Then
p(x) =
d
c0 cn
(a0+a1x+ +anx
n
);
wheredi=daiand theai's are relatively prime. Reducingd=(c0 cn) to
its lowest terms, we can write
p(x) =
r
s
(a0+a1x+ +anx
n
);
where gcd(r; s) = 1.
Theorem 15.9 (Gauss's Lemma) Letp(x)2Z[x]be a monic polynomial
such thatp(x)factors into a product of two polynomials(x)and(x)in
Q[x], where the degrees of both(x)and(x)are less than the degree of
p(x). Thenp(x) =a(x)b(x), wherea(x)andb(x)are monic polynomials in
Z[x]withdeg(x) = dega(x)anddeg(x) = degb(x).
Proof.By Lemma 15.8, we can assume that
(x) =
c1
d1
(a0+a1x+ +amx
m
) =
c1
d1
1(x)
(x) =
c2
d2
(b0+b1x+ +bnx
n
) =
c2
d2
1(x);
where theai's are relatively prime and thebi's are relatively prime. Conse-
quently,
p(x) =(x)(x) =
c1c2
d1d2
1(x)1(x) =
c
d
1(x)1(x);
wherec=dis the product ofc1=d1andc2=d2expressed in lowest terms.
Hence,dp(x) =c1(x)1(x).

15.3 IRREDUCIBLE POLYNOMIALS 267
Ifd= 1, thencambn= 1 sincep(x) is a monic polynomial. Hence, either
c= 1 orc=1. Ifc= 1, then eitheram=bn= 1 oram=bn=1. In the
rst casep(x) =1(x)1(x), where1(x) and1(x) are monic polynomials
with deg(x) = deg1(x) and deg(x) = deg1(x). In the second case
a(x) =1(x) andb(x) =1(x) are the correct monic polynomials since
p(x) = (1(x))(1(x)) =a(x)b(x). The case in whichc=1 can be
handled similarly.
Now suppose thatd6= 1. Since gcd(c; d) = 1, there exists a primep
such thatpjdandp6 jc. Also, since the coecients of1(x) are relatively
prime, there exists a coecientaisuch thatp6 jai. Similarly, there exists
a coecientbjof1(x) such thatp6 jbj. Let
0
1
(x) and
0
1
(x) be the poly-
nomials inZp[x] obtained by reducing the coecients of1(x) and1(x)
modulop. Sincepjd,
0
1
(x)
0
1
(x) = 0 inZp[x]. However, this is impossible
since neither
0
1
(x) nor
0
1
(x) is the zero polynomial andZp[x] is an integral
domain. Therefore,d= 1 and the theorem is proven.
Corollary 15.10Letp(x) =x
n
+an1x
n1
+ +a0be a polynomial with
coecients inZanda06= 0. Ifp(x)has a zero inQ, thenp(x)also has a
zeroinZ. Furthermore,dividesa0.
Proof.Letp(x) have a zeroa2Q. Thenp(x) must have a linear factor
xa. By Gauss's Lemma,p(x) has a factorization with a linear factor in
Z[x]. Hence, for some2Z
p(x) = (x)(x
n1
+ a0=):
Thusa0=2Zand soja0.
Example 6.Letp(x) =x
4
2x
3
+x+ 1. We shall show thatp(x) is
irreducible overQ[x]. Assume thatp(x) is reducible. Then eitherp(x) has
a linear factor, sayp(x) = (x)q(x), whereq(x) is a polynomial of degree
three, orp(x) has two quadratic factors.
Ifp(x) has a linear factor inQ[x], then it has a zero inZ. By Corol-
lary 15.10, any zero must divide 1 and therefore must be1; however,
p(1) = 1 andp(1) = 3. Consequently, we have eliminated the possibility
thatp(x) has any linear factors.
Therefore, ifp(x) is reducible it must factor into two quadratic polyno-
mials, say
p(x) = (x
2
+ax+b)(x
2
+cx+d)
=x
4
+ (a+c)x
3
+ (ac+b+d)x
2
+ (ad+bc)x+bd;

268 CHAPTER 15 POLYNOMIALS
where each factor is inZ[x] by Gauss's Lemma. Hence,
a+c=2
ac+b+d= 0
ad+bc= 1
bd= 1:
Sincebd= 1, eitherb=d= 1 orb=d=1. In either caseb=dand so
ad+bc=b(a+c) = 1:
Sincea+c=2, we know that2b= 1. This is impossible sincebis an
integer. Therefore,p(x) must be irreducible overQ.
Theorem 15.11 (Eisenstein's Criterion)Letpbe a prime and suppose
that
f(x) =anx
n
+ +a02Z[x]:
Ifpjaifori= 0;1; : : : ; an1, butp6 janandp
2
6 ja0, thenf(x)is irreducible
overQ.
Proof.By Gauss's Lemma, we need only show thatf(x) does not factor
into polynomials of lower degree inZ[x]. Let
f(x) = (brx
r
+ +b0)(csx
s
+ +c0)
be a factorization inZ[x], withbrandcsnot equal to zero andr; s < n.
Sincep
2
does not dividea0=b0c0, eitherb0orc0is not divisible byp.
Suppose thatp6 jb0andpjc0. Sincep6 janandan=brcs, neitherbrnorcs
is divisible byp. Letmbe the smallest value ofksuch thatp6 jck. Then
am=b0cm+b1cm1+ +bmc0
is not divisible byp, since each term on the right-hand side of the equation
is divisible bypexcept forb0cm. Therefore,m=nsinceaiis divisible byp
form < n. Hence,f(x) cannot be factored into polynomials of lower degree
and therefore must be irreducible.
Example 7.The polynomial
p(x) = 16x
5
9x
4
+ 3x
2
+ 6x21
is easily seen to be irreducible overQby Eisenstein's Criterion if we let
p= 3.

15.3 IRREDUCIBLE POLYNOMIALS 269
Eisenstein's Criterion is more useful in constructing irreducible polyno-
mials of a certain degree overQthan in determining the irreducibility of
an arbitrary polynomial inQ[x]: given an arbitrary polynomial, it is not
very likely that we can apply Eisenstein's Criterion. The real value of The-
orem 15.11 is that we now have an easy method of generating irreducible
polynomials of any degree.
Ideals inF[x]
LetFbe a eld. Recall that a principal ideal inF[x] is an idealhp(x)i
generated by some polynomialp(x); that is,
hp(x)i=fp(x)q(x) :q(x)2F[x]g:
Example 8.The polynomialx
2
inF[x] generates the idealhx
2
iconsisting
of all polynomials with no constant term or term of degree 1.
Theorem 15.12IfFis a eld, then every ideal inF[x]is a principal ideal.
Proof.LetIbe an ideal ofF[x]. IfIis the zero ideal, the theorem is
easily true. Suppose thatIis a nontrivial ideal inF[x], and letp(x)2Ibe
a nonzero element of minimal degree. If degp(x) = 0, thenp(x) is a nonzero
constant and 1 must be inI. Since 1 generates all ofF[x],h1i=I=F[x]
andIis again a principal ideal.
Now assume that degp(x)1 and letf(x) be any element inI. By
the division algorithm there existq(x) andr(x) inF[x] such thatf(x) =
p(x)q(x) +r(x) and degr(x)<degp(x). Sincef(x); p(x)2IandIis an
ideal,r(x) =f(x)p(x)q(x) is also inI. However, since we chosep(x) to
be of minimal degree,r(x) must be the zero polynomial. Since we can write
any elementf(x) inIasp(x)q(x) for someq(x)2F[x], it must be the case
thatI=hp(x)i.
Example 9.It is not the case that every ideal in the ringF[x; y] is a
principal ideal. Consider the ideal ofF[x; y] generated by the polynomials
xandy. This is the ideal ofF[x; y] consisting of all polynomials with no
constant term. Since bothxandyare in the ideal, no single polynomial
can generate the entire ideal.
Theorem 15.13LetFbe a eld and suppose thatp(x)2F[x]. Then the
ideal generated byp(x)is maximal if and only ifp(x)is irreducible.

270 CHAPTER 15 POLYNOMIALS
Proof.Suppose thatp(x) generates a maximal ideal ofF[x]. Thenhp(x)iis
also a prime ideal ofF[x]. Since a maximal ideal must be properly contained
insideF[x],p(x) cannot be a constant polynomial. Let us assume thatp(x)
factors into two polynomials of lesser degree, sayp(x) =f(x)g(x). Since
hp(x)iis a prime ideal one of these factors, sayf(x), is inhp(x)iand therefore
be a multiple ofp(x). But this would imply thathp(x)i hf(x)i, which is
impossible sincehp(x)iis maximal.
Conversely, suppose thatp(x) is irreducible overF[x]. LetIbe an ideal
inF[x] containinghp(x)i. By Theorem 15.12,Iis a principal ideal; hence,
I=hf(x)ifor somef(x)2F[x]. Sincep(x)2I, it must be the case
thatp(x) =f(x)g(x) for someg(x)2F[x]. However,p(x) is irreducible;
hence, eitherf(x) org(x) is a constant polynomial. Iff(x) is constant,
thenI=F[x] and we are done. Ifg(x) is constant, thenf(x) is a constant
multiple ofIandI=hp(x)i. Thus, there are no proper ideals ofF[x] that
properly containhp(x)i.
Historical Note
Throughout history, the solution of polynomial equations has been a challenging
problem. The Babylonians knew how to solve the equationax
2
+bx+c= 0.
Omar Khayyam (1048{1131) devised methods of solving cubic equations through
the use of geometric constructions and conic sections. The algebraic solution of
the general cubic equationax
3
+bx
2
+cx+d= 0 was not discovered until the
sixteenth century. An Italian mathematician, Luca Paciola (ca. 1445{1509), wrote
inSumma de Arithmeticathat the solution of the cubic was impossible. This was
taken as a challenge by the rest of the mathematical community.
Scipione del Ferro (1465{1526), of the University of Bologna, solved the \de-
pressed cubic,"
ax
3
+cx+d= 0:
He kept his solution an absolute secret. This may seem surprising today, when
mathematicians are usually very eager to publish their results, but in the days
of the Italian Renaissance secrecy was customary. Academic appointments were
not easy to secure and depended on the ability to prevail in public contests. Such
challenges could be issued at any time. Consequently, any major new discovery was
a valuable weapon in such a contest. If an opponent presented a list of problems
to be solved, del Ferro could in turn present a list of depressed cubics. He kept the
secret of his discovery throughout his life, passing it on only on his deathbed to his
student Antonio Fior (ca. 1506{?).
Although Fior was not the equal of his teacher, he immediately issued a chal-
lenge to Niccolo Fontana (1499{1557). Fontana was known as Tartaglia (the Stam-
merer). As a youth he had suered a blow from the sword of a French soldier during
an attack on his village. He survived the savage wound, but his speech was perma-

EXERCISES 271
nently impaired. Tartaglia sent Fior a list of 30 various mathematical problems;
Fior countered by sending Tartaglia a list of 30 depressed cubics. Tartaglia would
either solve all 30 of the problems or absolutely fail. After much eort Tartaglia
nally succeeded in solving the depressed cubic and defeated Fior, who faded into
obscurity.
At this point another mathematician, Gerolamo Cardano (1501{1576), entered
the story. Cardano wrote to Tartaglia, begging him for the solution to the depressed
cubic. Tartaglia refused several of his requests, then nally revealed the solution to
Cardano after the latter swore an oath not to publish the secret or to pass it on to
anyone else. Using the knowledge that he had obtained from Tartaglia, Cardano
eventually solved the general cubic
ax
3
+bx
2
+cx+d= 0:
Cardano shared the secret with his student, Ludovico Ferrari (1522{1565), who
solved the general quartic equation,
ax
4
+bx
3
+cx
2
+dx+e= 0:
In 1543, Cardano and Ferrari examined del Ferro's papers and discovered that he
had also solved the depressed cubic. Cardano felt that this relieved him of his
obligation to Tartaglia, so he proceeded to publish the solutions inArs Magna
(1545), in which he gave credit to del Ferro for solving the special case of the cubic.
This resulted in a bitter dispute between Cardano and Tartaglia, who published
the story of the oath a year later.
Exercises
1. List all of the polynomials of degree 3 or less inZ2[x].
2. Compute each of the following.
(a) (5x
2
+ 3x4) + (4x
2
x+ 9) inZ12
(b) (5x
2
+ 3x4)(4x
2
x+ 9) inZ12
(c) (7x
3
+ 3x
2
x) + (6x
2
8x+ 4) inZ9
(d) (3x
2
+ 2x4) + (4x
2
+ 2) inZ5
(e) (3x
2
+ 2x4)(4x
2
+ 2) inZ5
(f) (5x
2
+ 3x2)
2
inZ12
3. Use the division algorithm to ndq(x) andr(x) such thata(x) =q(x)b(x) +
r(x) with degr(x)<degb(x) for each of the following pairs of polynomials.
(a)p(x) = 5x
3
+ 6x
2
3x+ 4 andq(x) =x2 inZ7[x]
(b)p(x) = 6x
4
2x
3
+x
2
3x+ 1 andq(x) =x
2
+x2 inZ7[x]

272 CHAPTER 15 POLYNOMIALS
(c)p(x) = 4x
5
x
3
+x
2
+ 4 andq(x) =x
3
2 inZ5[x]
(d)p(x) =x
5
+x
3
x
2
xandq(x) =x
3
+xinZ2[x]
4. Find the greatest common divisor of each of the following pairsp(x) andq(x)
of polynomials. Ifd(x) = gcd(p(x); q(x)), nd two polynomialsa(x) andb(x)
such thata(x)p(x) +b(x)q(x) =d(x).
(a)p(x) = 7x
3
+6x
2
8x+4 andq(x) =x
3
+x2, wherep(x); q(x)2Q[x]
(b)p(x) =x
3
+x
2
x+ 1 andq(x) =x
3
+x1, wherep(x); q(x)2Z2[x]
(c)p(x) =x
3
+x
2
4x+4 andq(x) =x
3
+3x2, wherep(x); q(x)2Z5[x]
(d)p(x) =x
3
2x+ 4 andq(x) = 4x
3
+x+ 3, wherep(x); q(x)2Q[x]
5. Find all of the zeros for each of the following polynomials.
(a) 5x
3
+ 4x
2
x+ 9 inZ12
(b) 3x
3
4x
2
x+ 4 inZ5
(c) 5x
4
+ 2x
2
3 inZ7
(d)x
3
+x+ 1 inZ2
6. Find all of the units inZ[x].
7. Find a unitp(x) inZ4[x] such that degp(x)>1.
8. Which of the following polynomials are irreducible overQ[x]?
(a)x
4
2x
3
+ 2x
2
+x+ 4
(b)x
4
5x
3
+ 3x2
(c) 3x
5
4x
3
6x
2
+ 6
(d) 5x
5
6x
4
3x
2
+ 9x15
9. Find all of the irreducible polynomials of degrees 2 and 3 inZ2[x].
10. Give two dierent factorizations ofx
2
+x+ 8 inZ10[x].
11. Prove or disprove: There exists a polynomialp(x) inZ6[x] of degreenwith
more thanndistinct zeros.
12. IfFis a eld, show thatF[x1; : : : ; xn] is an integral domain.
13. Show that the division algorithm does not hold forZ[x]. Why does it fail?
14. Prove or disprove:x
p
+ais irreducible for anya2Zp, wherepis prime.
15. Letf(x) be irreducible. Iff(x)jp(x)q(x), prove that eitherf(x)jp(x) or
f(x)jq(x).
16. Suppose thatRandSare isomorphic rings. Prove thatR[x]

=S[x].
17. LetFbe a eld anda2F. Ifp(x)2F[x], show thatp(a) is the remainder
obtained whenp(x) is divided byxa.
18. LetQ

be the multiplicative group of positive rational numbers. Prove that
Q

is isomorphic to (Z[x];+).

EXERCISES 273
19.Cyclotomic Polynomials.The polynomial
n(x) =
x
n
1
x1
=x
n1
+x
n2
+ +x+ 1
is called thecyclotomic polynomial. Show that p(x) is irreducible over
Qfor any primep.
20. IfFis a eld, show that there are innitely many irreducible polynomials in
F[x].
21. LetRbe a commutative ring with identity. Prove that multiplication is
commutative inR[x].
22. LetRbe a commutative ring with identity. Prove that multiplication is
distributive inR[x].
23. Show thatx
p
xhaspdistinct zeros inZp[x], for any primep. Conclude
that therefore
x
p
x=x(x1)(x2) (x(p1)):
24. LetFbe a ring andf(x) =a0+a1x+ +anx
n
be inF[x]. Dene
f
0
(x) =a1+ 2a2x+ +nanx
n1
to be thederivativeoff(x).
(a) Prove that
(f+g)
0
(x) =f
0
(x) +g
0
(x):
Conclude that we can dene a homomorphism of abelian groupsD:
F[x]!F[x] by (D(f(x)) =f
0
(x).
(b) Calculate the kernel ofDif charF= 0.
(c) Calculate the kernel ofDif charF=p.
(d) Prove that
(fg)
0
(x) =f
0
(x)g(x) +f(x)g
0
(x):
(e) Suppose that we can factor a polynomialf(x)2F[x] into linear factors,
say
f(x) =a(xa1)(xa2) (xan):
Prove thatf(x) has no repeated factors if and only iff(x) andf
0
(x)
are relatively prime.
25. LetFbe a eld. Show thatF[x] is never a eld.
26. LetRbe an integral domain. Prove thatR[x1; : : : ; xn] is an integral domain.
27. LetRbe a commutative ring with identity. Show thatR[x] has a subringR
0
isomorphic toR.
28. Letp(x) andq(x) be polynomials inR[x], whereRis a commutative ring
with identity. Prove that deg(p(x) +q(x))max(degp(x);degq(x)).

274 CHAPTER 15 POLYNOMIALS
Additional Exercises: Solving the Cubic and Quartic
Equations
1. Solve the general quadratic equation
ax
2
+bx+c= 0
to obtain
x=
b
p
b
2
4ac2a
:
Thediscriminantof the quadratic equation =b
2
4acdetermines the
nature of the solutions of the equation. If >0, the equation has two
distinct real solutions. If = 0, the equation has a single repeated real root.
If <0, there are two distinct imaginary solutions.
2. Show that any cubic equation of the form
x
3
+bx
2
+cx+d= 0
can be reduced to the formy
3
+py+q= 0 by making the substitution
x=yb=3.
3. Prove that the cube roots of 1 are given by
!=
1 +i
p
32
!
2
=
1i
p
32
!
3
= 1:
4. Make the substitution
y=z
p
3z
foryin the equationy
3
+py+q= 0 and obtain two solutionsAandBforz
3
.
5. Show that the product of the solutions obtained in (4) isp
3
=27, deducing
that
3
p
AB=p=3.
6. Prove that the possible solutions forzin (4) are given by
3
p
A; !
3
p
A; !
2
3
p
A;
3
p
B; !
3
p
B; !
2
3
p
B
and use this result to show that the three possible solutions foryare
!
i
3
s

q
2
+
r
p
3
27
+
q
2
4
+!
i
3
s

q
2

r
p
3
27
+
q
2
4
;
wherei= 0;1;2.

EXERCISES 275
7. Thediscriminantof the cubic equation is
=
p
3
27
+
q
2
4
:
Show thaty
3
+py+q= 0
(a) has three real roots, at least two of which are equal, if = 0.
(b) has one real root and two conjugate imaginary roots if >0.
(c) has three distinct real roots if <0.
8. Solve the following cubic equations.
(a)x
3
4x
2
+ 11x+ 30 = 0
(b)x
3
3x+ 5 = 0
(c)x
3
3x+ 2 = 0
(d)x
3
+x+ 3 = 0
9. Show that the general quartic equation
x
4
+ax
3
+bx
2
+cx+d= 0
can be reduced to
y
4
+py
2
+qy+r= 0
by using the substitutionx=ya=4.
10. Show that

y
2
+
1
2
z

2
= (zp)y
2
qy+

1
4
z
2
r

:
11. Show that the right-hand side of (10) can be put in the form (my+k)
2
if
and only if
q
2
4(zp)

1
4
z
2
r

= 0:
12. From (11) obtain theresolvent cubic equation
z
3
pz
2
4rz+ (4prq
2
) = 0:
Solving the resolvent cubic equation, put the equation found in (10) in the
form

y
2
+
1
2
z

2
= (my+k)
2
to obtain the solution of the quartic equation.
13. Use this method to solve the following quartic equations.

276 CHAPTER 15 POLYNOMIALS
(a)x
4
x
2
3x+ 2 = 0
(b)x
4
+x
3
7x
2
x+ 6 = 0
(c)x
4
2x
2
+ 4x3 = 0
(d)x
4
4x
3
+ 3x
2
5x+ 2 = 0

16
Integral Domains
One of the most important rings we study is the ring of integers. It was our
rst example of an algebraic structure: the rst polynomial ring that we
examined wasZ[x]. We also know that the integers sit naturally inside the
eld of rational numbers,Q. The ring of integers is the model for all integral
domains. In this chapter we will examine integral domains in general, an-
swering questions about the ideal structure of integral domains, polynomial
rings over integral domains, and whether or not an integral domain can be
embedded in a eld.
16.1 Fields of Fractions
Every eld is also an integral domain; however, there are many integral
domains that are not elds. For example, the integersZare an integral
domain but not a eld. A question that naturally arises is how we might
associate an integral domain with a eld. There is a natural way to construct
the rationalsQfrom the integers: the rationals can be represented as formal
quotients of two integers. The rational numbers are certainly a eld. In fact,
it can be shown that the rationals are the smallest eld that contains the
integers. Given an integral domainD, our question now becomes how to
construct a smallest eldFcontainingD. We will do this in the same way
as we constructed the rationals from the integers.
An elementp=q2Qis the quotient of two integerspandq; however,
dierent pairs of integers can represent the same rational number. For in-
stance, 1=2 = 2=4 = 3=6. We know that
a
b
=
c
d
if and only ifad=bc. A more formal way of considering this problem
is to examine fractions in terms of equivalence relations. We can think of
277

278 CHAPTER 16 INTEGRAL DOMAINS
elements inQas ordered pairs inZZ. A quotientp=qcan be written
as (p; q). For instance, (3;7) would represent the fraction 3=7. However,
there are problems if we consider all possible pairs inZZ. There is no
fraction 5=0 corresponding to the pair (5;0). Also, the pairs (3;6) and (2;4)
both represent the fraction 1=2. The rst problem is easily solved if we
require the second coordinate to be nonzero. The second problem is solved
by considering two pairs (a; b) and (c; d) to be equivalent ifad=bc.
If we use the approach of ordered pairs instead of fractions, then we can
study integral domains in general. LetDbe any integral domain and let
S=f(a; b) :a; b2Dandb6= 0g:
Dene a relation onSby (a; b)(c; d) ifad=bc.
Lemma 16.1The relationbetween elements ofSis an equivalence rela-
tion.
Proof.SinceDis commutative,ab=ba; hence,is reexive onD.
Now suppose that (a; b)(c; d). Thenad=bcorcb=da. Therefore,
(c; d)(a; b) and the relation is symmetric. Finally, to show that the
relation is transitive, let (a; b)(c; d) and (c; d)(e; f). In this case
ad=bcandcf=de. Multiplying both sides ofad=bcbyfyields
afd=adf=bcf=bde=bed:
SinceDis an integral domain, we can deduce thataf=beor (a; b)(e; f).

We will denote the set of equivalence classes onSbyFD. We now need
to dene the operations of addition and multiplication onFD. Recall how
fractions are added and multiplied inQ:
a
b
+
c
d
=
ad+bc
bd
;
a
b

c
d
=
ac
bd
:
It seems reasonable to dene the operations of addition and multiplication
onFDin a similar manner. If we denote the equivalence class of (a; b)2Sby
[a; b], then we are led to dene the operations of addition and multiplication
onFDby
[a; b] + [c; d] = [ad+bc; bd]

16.1 FIELDS OF FRACTIONS 279
and
[a; b][c; d] = [ac; bd];
respectively. The next lemma demonstrates that these operations are inde-
pendent of the choice of representatives from each equivalence class.
Lemma 16.2The operations of addition and multiplication onFDare well-
dened.
Proof.We will prove that the operation of addition is well-dened. The
proof that multiplication is well-dened is left as an exercise. Let [a1; b1] =
[a2; b2] and [c1; d1] = [c2; d2]. We must show that
[a1d1+b1c1; b1d1] = [a2d2+b2c2; b2d2]
or, equivalently, that
(a1d1+b1c1)(b2d2) = (b1d1)(a2d2+b2c2):
Since [a1; b1] = [a2; b2] and [c1; d1] = [c2; d2], we know thata1b2=b1a2and
c1d2=d1c2. Therefore,
(a1d1+b1c1)(b2d2) =a1d1b2d2+b1c1b2d2
=a1b2d1d2+b1b2c1d2
=b1a2d1d2+b1b2d1c2
= (b1d1)(a2d2+b2c2):

Lemma 16.3The set of equivalence classes ofS,FD, under the equiva-
lence relation, together with the operations of addition and multiplication
dened by
[a; b] + [c; d] = [ad+bc; bd]
[a; b][c; d] = [ac; bd];
is a eld.
Proof.The additive and multiplicative identities are [0;1] and [1;1], re-
spectively. To show that [0;1] is the additive identity, observe that
[a; b] + [0;1] = [a1 +b0; b1] = [a; b]:

280 CHAPTER 16 INTEGRAL DOMAINS
It is easy to show that [1;1] is the multiplicative identity. Let [a; b]2FD
such thata6= 0. Then [b; a] is also inFDand [a; b][b; a] = [1;1]; hence,
[b; a] is the multiplicative inverse for [a; b]. Similarly, [a; b] is the additive
inverse of [a; b]. We leave as exercises the verication of the associative and
commutative properties of multiplication inFD. We also leave it to the
reader to show thatFDis an abelian group under addition.
It remains to show that the distributive property holds inFD; however,
[a; b][e; f] + [c; d][e; f] = [ae; bf] + [ce; df]
= [aedf+bfce; bdf
2
]
= [aed+bce; bdf]
= [ade+bce; bdf]
= ([a; b] + [c; d])[e; f]
and the lemma is proved.
The eldFDin Lemma 16.3 is called theeld of fractionsoreld of
quotientsof the integral domainD.
Theorem 16.4LetDbe an integral domain. ThenDcan be embedded in
a eld of fractionsFD, where any element inFDcan be expressed as the
quotient of two elements inD. Furthermore, the eld of fractionsFDis
unique in the sense that ifEis any eld containingD, then there exists
a map :FD!Egiving an isomorphism with a subeld ofEsuch that
(a) =afor all elementsa2D.
Proof.We will rst demonstrate thatDcan be embedded in the eldFD.
Dene a map:D!FDby(a) = [a;1]. Then foraandbinD,
(a+b) = [a+b;1] = [a;1] + [b;1] =(a) +(b)
and
(ab) = [ab;1] = [a;1][b;1] =(a)(b);
hence,is a homomorphism. To show thatis one-to-one, suppose that
(a) =(b). Then [a;1] = [b;1], ora=a1 = 1b=b. Finally, any element
ofFDcan expressed as the quotient of two elements inD, since
(a)[(b)]
1
= [a;1][b;1]
1
= [a;1][1; b] = [a; b]:
Now letEbe a eld containingDand dene a map :FD!Eby
([a; b]) =ab
1
. To show that is well-dened, let [a1; b1] = [a2; b2]. Then
a1b2=b1a2. Therefore,a1b
1
1
=a2b
1
2
and ([a1; b1]) = ([a2; b2]).

16.2 FACTORIZATION IN INTEGRAL DOMAINS 281
If [a; b] and [c; d] are inFD, then
([a; b] + [c; d]) = ([ad+bc; bd])
= (ad+bc)(bd)
1
=ab
1
+cd
1
= ([a; b]) + ([c; d])
and
([a; b][c; d]) = ([ac; bd])
= (ac)(bd)
1
=ab
1
cd
1
= ([a; b]) ([c; d]):
Therefore, is a homomorphism.
To complete the proof of the theorem, we need to show that is one-to-
one. Suppose that ([a; b]) =ab
1
= 0. Thena= 0b= 0 and [a; b] = [0; b].
Therefore, the kernel of is the zero element [0; b] inFD, and is injective.

Example 1.SinceQis a eld,Q[x] is an integral domain. The eld
of fractions ofQ[x] is the set of all rational expressionsp(x)=q(x), where
p(x) andq(x) are polynomials over the rationals andq(x) is not the zero
polynomial. We will denote this eld byQ(x).
We will leave the proofs of the following corollaries of Theorem 16.4 as
exercises.
Corollary 16.5LetFbe a eld of characteristic zero. ThenFcontains a
subeld isomorphic toQ.
Corollary 16.6LetFbe a eld of characteristicp. ThenFcontains a
subeld isomorphic toZp.
16.2 Factorization in Integral Domains
The building blocks of the integers are the prime numbers. IfFis a eld,
then irreducible polynomials inF[x] play a role that is very similar to that
of the prime numbers in the ring of integers. Given an arbitrary integral
domain, we are led to the following series of denitions.

282 CHAPTER 16 INTEGRAL DOMAINS
LetRbe a commutative ring with identity, and letaandbbe elements
inR. We say thatadividesb, and writeajb, if there exists an element
c2Rsuch thatb=ac. AunitinRis an element that has a multiplicative
inverse. Two elementsaandbinRare said to beassociatesif there exists
a unituinRsuch thata=ub.
LetDbe an integral domain. A nonzero elementp2Dthat is not a
unit is said to beirreducibleprovided that wheneverp=ab, eitheraorb
is a unit. Furthermore,pisprimeif wheneverpjabeitherpjaorpjb.
Example 2.It is important to notice that prime and irreducible elements
do not always coincide. LetRbe the subring ofQ[x; y] generated byx
2
,
y
2
, andxy. Each of these elements is irreducible inR; however,xyis not
prime, sincexydividesx
2
y
2
but does not divide eitherx
2
ory
2
.
The Fundamental Theorem of Arithmetic states that every positive in-
tegern >1 can be factored into a product of prime numbersp1 pk, where
thepi's are not necessarily distinct. We also know that such factorizations
are unique up to the order of thepi's. We can easily extend this result
to the integers. The question arises of whether or not such factorizations
are possible in other rings. Generalizing this denition, we say an integral
domainDis aunique factorization domain, orUFD, ifDsatises the
following criteria.
1. Leta2Dsuch thata6= 0 andais not a unit. Thenacan be written
as the product of irreducible elements inD.
2. Leta=p1 pr=q1 qs, where thepi's and theqi's are irre-
ducible. Thenr=sand there is a2Sksuch thatpi=q
(j)
forj= 1; : : : ; r=s.
Example 3.The integers are a unique factorization domain by the Funda-
mental Theorem of Arithmetic.
Example 4.Not every integral domain is a unique factorization domain.
The subringZ[
p
3i] =fa+b
p
3igof the complex numbers is an inte-
gral domain (Exercise 12, Chapter 14). Letz=a+b
p
3iand dene
:Z[
p
3i]!N[ f0gby(z) =jzj
2
=a
2
+ 3b
2
. It is clear that(z)0
with equality whenz= 0. Also, from our knowledge of complex numbers
we know that(zw) =(z)(w). It is easy to show that if(z) = 1, thenz
is a unit, and that the only units ofZ[
p
3i] are 1 and1.
We claim that 4 has two distinct factorizations into irreducible elements:
4 = 22 = (1
p
3i)(1 +
p
3i):

16.2 FACTORIZATION IN INTEGRAL DOMAINS 283
We must show that each of these factors is an irreducible element inZ[
p
3i].
If 2 is not irreducible, then 2 =zwfor elementsz; winZ[
p
3i] where
(z) =(w) = 2. However, there does not exist an element inzinZ[
p
3i]
such that(z) = 2 because the equationa
2
+3b
2
= 2 has no integer solutions.
Therefore, 2 must be irreducible. A similar argument shows that both 1
p
3iand 1 +
p
3iare irreducible. Since 2 is not a unit multiple of either
1
p
3ior 1+
p
3i, 4 has at least two distinct factorizations into irreducible
elements.
Principal Ideal Domains
LetRbe a commutative ring with identity. Recall that a principal ideal
generated bya2Ris an ideal of the formhai=fra:r2Rg. An integral
domain in which every ideal is principal is called aprincipal ideal domain,
orPID.
Lemma 16.7LetDbe an integral domain and leta; b2D. Then
1.ajb, hbi hai.
2.aandbare associates, hbi=hai.
3.ais a unit inD, hai=D.
Proof.(1) Suppose thatajb. Thenb=axfor somex2D. Hence, for
everyrinD,br= (ax)r=a(xr) andhbi hai. Conversely, suppose that
hbi hai. Thenb2 hai. Consequently,b=axfor somex2D. Thus,ajb.
(2) Sinceaandbare associates, there exists a unitusuch thata=ub.
Therefore,bjaandhai hbi. Similarly,hbi hai. It follows thathai=hbi.
Conversely, suppose thathai=hbi. By part (1),ajbandbja. Then
a=bxandb=ayfor somex; y2D. Therefore,a=bx=ayx. SinceD
is an integral domain,xy= 1; that is,xandyare units andaandbare
associates.
(3) An elementa2Dis a unit if and only ifais an associate of 1.
However,ais an associate of 1 if and only ifhai=h1i=D.
Theorem 16.8LetDbe a PID andhpibe a nonzero ideal inD. Thenhpi
is a maximal ideal if and only ifpis irreducible.
Proof.Suppose thathpiis a maximal ideal. If some elementainD
dividesp, thenhpi hai. Sincehpiis maximal, eitherD=haiorhpi=hai.

284 CHAPTER 16 INTEGRAL DOMAINS
Consequently, eitheraandpare associates orais a unit. Therefore,pis
irreducible.
Conversely, letpbe irreducible. Ifhaiis an ideal inDsuch thathpi
hai D, thenajp. Sincepis irreducible, eitheramust be a unit ora
andpare associates. Therefore, eitherD=haiorhpi=hai. Thus,hpiis a
maximal ideal.
Corollary 16.9LetDbe a PID. Ifpis irreducible, thenpis prime.
Proof.Letpbe irreducible and suppose thatpjab. Thenhabi hpi. By
Corollary 14.17, sincehpiis a maximal ideal,hpimust also be a prime ideal.
Thus, eithera2 hpiorb2 hpi. Hence, eitherpjaorpjb.
Lemma 16.10LetDbe a PID. LetI1; I2; : : :be a set of ideals such that
I1I2 . Then there exists an integerNsuch thatIn=INfor all
nN.
Proof.We claim thatI=
S
1
i=1
is an ideal ofD. CertainlyIis not empty,
sinceI1Iand 02I. Ifa; b2I, thena2Iiandb2Ijfor someiandj
inN. Without loss of generality we can assume thatij. Hence,aandb
are both inIjand soabis also inIj. Now letr2Danda2I. Again,
we note thata2Iifor some positive integeri. SinceIiis an ideal,ra2Ii
and hence must be inI. Therefore, we have shown thatIis an ideal inD.
SinceDis a principal ideal domain, there exists an element
a2Dthat
generatesI. Since
ais inINfor someN2N, we know thatIN=I=hai.
Consequently,In=INfornN.
Any commutative ring satisfying the condition in Lemma 16.10 is said
to satisfy theascending chain condition, orACC. Such rings are called
Noetherian rings, after Emmy Noether.
Theorem 16.11Every PID is a UFD.
Proof.Existence of a factorization.LetDbe a PID andabe a nonzero
element inDthat is not a unit. Ifais irreducible, then we are done. If not,
then there exists a factorizationa=a1b1, where neithera1norb1is a unit.
Hence,hai ha1i. By Lemma 16.7, we know thathai 6=ha1i; otherwise,a
anda1would be associates andb1would be a unit, which would contradict
our assumption. Now suppose thata1=a2b2, where neithera2norb2is a
unit. By the same argument as before,ha1i ha2i. We can continue with
this construction to obtain an ascending chain of ideals
hai ha1i ha2i :

16.2 FACTORIZATION IN INTEGRAL DOMAINS 285
By Lemma 16.10, there exists a positive integerNsuch thathani=haNi
for allnN. Consequently,aNmust be irreducible. We have now shown
thatais the product of two elements, one of which must be irreducible.
Now suppose thata=c1p1, wherep1is irreducible. Ifc1is not a unit,
we can repeat the preceding argument to conclude thathai hc1i. Either
c1is irreducible orc1=c2p2, wherep2is irreducible andc2is not a unit.
Continuing in this manner, we obtain another chain of ideals
hai hc1i hc2i :
This chain must satisfy the ascending chain condition; therefore,
a=p1p2 pr
for irreducible elementsp1; : : : ; pr.
Uniqueness of the factorization.To show uniqueness, let
a=p1p2 pr=q1q2 qs;
where eachpiand eachqiis irreducible. Without loss of generality, we can
assume thatr < s. Sincep1dividesq1q2 qs, by Corollary 16.9 it must
divide someqi. By rearranging theqi's, we can assume thatp1jq1; hence,
q1=u1p1for some unitu1inD. Therefore,
a=p1p2 pr=u1p1q2 qs
or
p2 pr=u1q2 qs:
Continuing in this manner, we can arrange theqi's such thatp2=q2; p3=
q3; : : : ; pr=qr, to obtain
u1u2 urqr+1 qs= 1:
In this caseqr+1 qsis a unit, which contradicts the fact thatqr+1; : : : ; qs
are irreducibles. Therefore,r=sand the factorization ofais unique.
Corollary 16.12LetFbe a eld. ThenF[x]is a UFD.
Example 5.Every PID is a UFD, but it is not the case that every UFD
is a PID. In Corollary 16.22, we will prove thatZ[x] is a UFD. However,
Z[x] is not a PID. LetI=f5f(x) +xg(x) :f(x); g(x)2Z[x]g. We can
easily show thatIis an ideal ofZ[x]. Suppose thatI=hp(x)i. Since 52I,
5 =f(x)p(x). In this casep(x) =pmust be a constant. Sincex2I,
x=pg(x); consequently,p=1. However, it follows from this fact that
hp(x)i=Z[x]. But this would mean that 3 is inI. Therefore, we can write
3 = 5f(x) +xg(x) for somef(x) andg(x) inZ[x]. Examining the constant
term of this polynomial, we see that 3 = 5f(x), which is impossible.

286 CHAPTER 16 INTEGRAL DOMAINS
Euclidean Domains
We have repeatedly used the division algorithm when proving results about
eitherZorF[x], whereFis a eld. We should now ask when a division
algorithm is available for an integral domain.
LetDbe an integral domain such that for eacha2Dthere is a non-
negative integer(a) satisfying the following conditions.
1. Ifaandbare nonzero elements inD, then(a)(ab).
2. Leta; b2Dand suppose thatb6= 0. Then there exist elements
q; r2Dsuch thata=bq+rand eitherr= 0 or(r)< (b).
ThenDis called aEuclidean domainandis called aEuclidean val-
uation.
Example 6.Absolute value onZis a Euclidean valuation.
Example 7.LetFbe a eld. Then the degree of a polynomial inF[x] is
a Euclidean valuation.
Example 8.Recall that the Gaussian integers in Example 9 of Chapter 14
are dened by
Z[i] =fa+bi:a; b2Zg:
We usually measure the size of a complex numbera+biby its absolute
value,ja+bij=
p
a
2
+b
2
; however,
p
a
2
+b
2
may not be an integer. For
our valuation we will let(a+bi) =a
2
+b
2
to ensure that we have an integer.
We claim that(a+bi) =a
2
+b
2
is a Euclidean valuation onZ[i]. Let
z; w2Z[i]. Then(zw) =jzwj
2
=jzj
2
jwj
2
=(z)(w). Since(z)1 for
every nonzeroz2Z[i],(z) =(z)(w).
Next, we must show that for anyz=a+biandw=c+diinZ[i]
withw6= 0, there exist elementsqandrinZ[i] such thatz=qw+r
with eitherr= 0 or(r)< (w). We can viewzandwas elements in
Q(i) =fp+qi:p; q2Qg, the eld of fractions ofZ[i]. Observe that
zw
1
= (a+bi)
cdi
c
2
+d
2
=
ac+bd
c
2
+d
2
+
bcad
c
2
+d
2
i
=

m1+
n1
c
2
+d
2

+

m2+
n2
c
2
+d
2

i
= (m1+m2i) +

n1
c
2
+d
2
+
n2
c
2
+d
2
i

= (m1+m2i) + (s+ti)

16.2 FACTORIZATION IN INTEGRAL DOMAINS 287
inQ(i). In the last steps we are writing the real and imaginary parts as an
integer plus a proper fraction. That is, we take the closest integermisuch
that the fractional part satisesjni=(a
2
+b
2
)j 1=2. For example, we write
9
8
= 1 +
1
8
15
8
= 2
1
8
:
Thus,sandtare the ractional parts" ofzw
1
= (m1+m2i) + (s+ti).
We also know thats
2
+t
2
1=4 + 1=4 = 1=2. Multiplying byw, we have
z=zw
1
w=w(m1+m2i) +w(s+ti) =qw+r;
whereq=m1+m2iandr=w(s+ti). Sincezandqware inZ[i],rmust be
inZ[i]. Finally, we need to show that eitherr= 0 or(r)< (w). However,
(r) =(w)(s+ti)
1
2
(w)< (w):

Theorem 16.13Every Euclidean domain is a principal ideal domain.
Proof.LetDbe a Euclidean domain and letbe a Euclidean valuation
onD. SupposeIis a nontrivial ideal inDand choose a nonzero element
b2Isuch that(b) is minimal for alla2I. SinceDis a Euclidean domain,
there exist elementsqandrinDsuch thata=bq+rand eitherr= 0 or
(r)< (b). Butr=abqis inIsinceIis an ideal; therefore,r= 0 by
the minimality ofb. It follows thata=bqandI=hbi.
Corollary 16.14Every Euclidean domain is a unique factorization do-
main.
Factorization inD[x]
One of the most important polynomial rings isZ[x]. One of the rst ques-
tions that come to mind aboutZ[x] is whether or not it is a UFD. We will
prove a more general statement here. Our rst task is to obtain a more
general version of Gauss's Lemma (Theorem 15.9).
LetDbe a unique factorization domain and suppose that
p(x) =anx
n
+ +a1x+a0

288 CHAPTER 16 INTEGRAL DOMAINS
inD[x]. Then thecontentofp(x) is the greatest common divisor of
a0; : : : ; a1. We say thatp(x) isprimitiveif gcd(a0; : : : ; an) = 1.
Example 9.InZ[x] the polynomialp(x) = 5x
4
3x
3
+x4 is a primitive
polynomial since the greatest common divisor of the coecients is 1; how-
ever, the polynomialq(x) = 4x
2
6x+ 8 is not primitive since the content
ofq(x) is 2.
Theorem 16.15 (Gauss's Lemma) LetDbe a UFD and letf(x)and
g(x)be primitive polynomials inD[x]. Thenf(x)g(x)is primitive.
Proof.Letf(x) =
P
m
i=0
aix
i
andg(x) =
P
n
i=0
bix
i
. Suppose thatpis
a prime dividing the coecients off(x)g(x). Letrbe the smallest integer
such thatp6 jarandsbe the smallest integer such thatp6 jbs. The coecient
ofx
r+s
inf(x)g(x) is
cr+s=a0br+s+a1br+s1+ +ar+s1b1+ar+sb0:
Sincepdividesa0; : : : ; ar1andb0; : : : ; bs1,pdivides every term ofcr+s
except for the termarbs. However, sincepjcr+s, eitherpdividesarorp
dividesbs. But this is impossible.
Lemma 16.16LetDbe a UFD, and letp(x)andq(x)be inD[x]. Then the
content ofp(x)q(x)is equal to the product of the contents ofp(x)andq(x).
Proof.Letp(x) =cp1(x) andq(x) =dq1(x), wherecanddare the
contents ofp(x) andq(x), respectively. Thenp1(x) andq1(x) are primitive.
We can now writep(x)q(x) =cdp1(x)q1(x). Sincep1(x)q1(x) is primitive,
the content ofp(x)q(x) must becd.
Lemma 16.17LetDbe a UFD andFits eld of fractions. Suppose
thatp(x)2D[x]andp(x) =f(x)g(x), wheref(x)andg(x)are inF[x].
Thenp(x) =f1(x)g1(x), wheref1(x)andg1(x)are inD[x]. Furthermore,
degf(x) = degf1(x)anddegg(x) = degg1(x).
Proof.Letaandbbe nonzero elements ofDsuch thataf(x); bg(x) are
inD[x]. We can nda1; b22Dsuch thataf(x) =a1f1(x) andbg(x) =
b1g1(x), wheref1(x) andg1(x) are primitive polynomials inD[x]. Therefore,
abp(x) = (a1f1(x))(b1g1(x)). Sincef1(x) andg1(x) are primitive polynomi-
als, it must be the case thatabja1b1by Gauss's Lemma. Thus there exists
ac2Dsuch thatp(x) =cf1(x)g1(x). Clearly, degf(x) = degf1(x) and
degg(x) = degg1(x).
The following corollaries are direct consequences of Lemma 16.17.

16.2 FACTORIZATION IN INTEGRAL DOMAINS 289
Corollary 16.18LetDbe a UFD andFits eld of fractions. A primitive
polynomialp(x)inD[x]is irreducible inF[x]if and only if it is irreducible
inD[x].
Corollary 16.19LetDbe a UFD andFits eld of fractions. Ifp(x)is
a monic polynomial inD[x]withp(x) =f(x)g(x)inF[x], thenp(x) =
f1(x)g1(x), wheref1(x)andg1(x)are inD[x]. Furthermore,degf(x) =
degf1(x)anddegg(x) = degg1(x).
Theorem 16.20IfDis a UFD, thenD[x]is a UFD.
Proof.Letp(x) be a nonzero polynomial inD[x]. Ifp(x) is a constant
polynomial, then it must have a unique factorization sinceDis a UFD. Now
suppose thatp(x) is a polynomial of positive degree inD[x]. LetFbe the
eld of fractions ofD, and letp(x) =f1(x)f2(x) fn(x) by a factorization
ofp(x), where eachfi(x) is irreducible. Chooseai2Dsuch thataifi(x)
is inD[x]. There existb1; : : : ; bn2Dsuch thataifi(x) =bigi(x), where
gi(x) is a primitive polynomial inD[x]. By Corollary 16.18, eachgi(x) is
irreducible inD[x]. Consequently, we can write
a1 anp(x) =b1 bng1(x) gn(x):
Letb=b1 bn. Sinceg1(x) gn(x) is primitive,a1 andividesb. There-
fore,p(x) =ag1(x) gn(x), wherea2D. SinceDis a UFD, we can factor
aasuc1 ck, whereuis a unit and each of theci's is irreducible inD.
We will now show the uniqueness of this factorization. Let
p(x) =a1 amf1(x) fn(x) =b1 brg1(x) gs(x)
be two factorizations ofp(x), where all of the factors are irreducible in
D[x]. By Corollary 16.18, each of thefi's andgi's is irreducible inF[x].
Theai's and thebi's are units inF. SinceF[x] is a PID, it is a UFD;
therefore,n=s. Now rearrange thegi(x)'s so thatfi(x) andgi(x) are
associates fori= 1; : : : ; n. Then there existc1; : : : ; cnandd1; : : : ; dnin
Dsuch that (ci=di)fi(x) =gi(x) orcifi(x) =digi(x). The polynomials
fi(x) andgi(x) are primitive; hence,cianddiare associates inD. Thus,
a1 am=ub1 brinD, whereuis a unit inD. SinceDis a unique
factorization domain,m=s. Finally, we can reorder thebi's so thataiand
biare associates for eachi. This completes the uniqueness part of the proof.

The theorem that we have just proven has several obvious but important
corollaries.

290 CHAPTER 16 INTEGRAL DOMAINS
Corollary 16.21LetFbe a eld. ThenF[x]is a UFD.
Corollary 16.22Z[x]is a UFD.
Corollary 16.23LetDbe a UFD. ThenD[x1; : : : ; xn]is a UFD.
Remark.It is important to notice that every Euclidean domain is a PID
and every PID is a UFD. However, as demonstrated by our examples, the
converse of each of these statements fails. There are principal ideal domains
that are not Euclidean domains, and there are unique factorization domains
that are not principal ideal domains (Z[x]).
Historical Note
Karl Friedrich Gauss, born in Brunswick, Germany on April 30, 1777, is
considered to be one of the greatest mathematicians who ever lived. Gauss
was truly a child prodigy. At the age of three he was able to detect errors
in the books of his father's business. Gauss entered college at the age of 15.
Before the age of 20, Gauss was able to construct a regular 17-sided polygon
with a ruler and compass. This was the rst new construction of a regular
n-sided polygon since the time of the ancient Greeks. Gauss succeeded in
showing that ifN= 2
2
n
+ 1 was prime, then it was possible to construct a
regularN-sided polygon.
Gauss obtained his Ph.D. in 1799 under the direction of Pfa at the
University of Helmstedt. In his dissertation he gave the rst complete proof
of the Fundamental Theorem of Algebra, which states that every polynomial
with real coecients can be factored into linear factors over the complex
numbers. The acceptance of complex numbers was brought about by Gauss,
who was the rst person to use the notation ofifor
p
1.
Gauss then turned his attention toward number theory; in 1801, he
published his famous book on number theory,Disquisitiones Arithmeticae.
Throughout his life Gauss was intrigued with this branch of mathematics.
He once wrote, \Mathematics is the queen of the sciences, and the theory
of numbers is the queen of mathematics."
In 1807, Gauss was appointed director of the Observatory at the Univer-
sity of Gottingen, a position he held until his death. This position required
him to study applications of mathematics to the sciences. He succeeded in
making contributions to elds such as astronomy, mechanics, optics, geodesy,
and magnetism. Along with Wilhelm Weber, he coinvented the rst prac-
tical electric telegraph some years before a better version was invented by
Samuel F. B. Morse.

EXERCISES 291
Gauss was clearly the most prominent mathematician in the world in the
early nineteenth century. His status naturally made his discoveries subject
to intense scrutiny. Gauss's cold and distant personality many times led him
to ignore the work of his contemporaries, making him many enemies. He
did not enjoy teaching very much, and young mathematicians who sought
him out for encouragement were often rebued. Nevertheless, he had many
outstanding students, including Eisenstein, Riemann, Kummer, Dirichlet,
and Dedekind. Gauss also oered a great deal of encouragement to Sophie
Germain (1776{1831), who overcame the many obstacles facing women in
her day to become a very prominent mathematician. Gauss died at the age
of 78 in Gottingen on February 23, 1855.
Exercises
1. Letz=a+b
p
3ibe inZ[
p
3i]. Ifa+ 3b
2
= 1, show thatzmust be a unit.
Show that the only units ofZ[
p
3i] are 1 and1.
2. The Gaussian integers,Z[i], are a UFD. Factor each of the following elements
inZ[i] into a product of irreducibles.
(a) 5
(b) 1 + 3i
(c) 6 + 8i
(d) 2
3. LetDbe an integral domain.
(a) Prove thatFDis an abelian group under the operation of addition.
(b) Show that the operation of multiplication is well-dened in the eld of
fractions,FD.
(c) Verify the associative and commutative properties for multiplication in
FD.
4. Prove or disprove: Any subring of a eldFcontaining 1 is an integral domain.
5. LetFbe a eld of characteristic zero. Prove thatFcontains a subeld
isomorphic toQ.
6. LetFbe a eld.
(a) Prove that the eld of fractions ofF[x], denoted byF(x), is isomorphic
to the set all rational expressionsp(x)=q(x), whereq(x) is not the zero
polynomial.
(b) Letp(x1; : : : ; xn) andq(x1; : : : ; xn) be polynomials inF[x1; : : : ; xn].
Show that the set of all rational expressionsp(x1; : : : ; xn)=q(x1; : : : ; xn)
is isomorphic to the eld of fractions ofF[x1; : : : ; xn]. We denote the
eld of fractions ofF[x1; : : : ; xn] byF(x1; : : : ; xn).

292 CHAPTER 16 INTEGRAL DOMAINS
7. Letpbe prime and denote the eld of fractions ofZp[x] byZp(x). Prove
thatZp(x) is an innite eld of characteristicp.
8. Prove that the eld of fractions of the Gaussian integers,Z[i], is
Q(i) =fp+qi:p; q2Qg:
9. A eldFis called aprime eldif it has no proper subelds. IfEis a
subeld ofFandEis a prime eld, thenEis aprime subeldofF.
(a) Prove that every eld contains a unique prime subeld.
(b) IfFis a eld of characteristic 0, prove that the prime subeld ofFis
isomorphic to the eld of rational numbers,Q.
(c) IfFis a eld of characteristicp, prove that the prime subeld ofFis
isomorphic toZp.
10. LetZ[
p
2 ] =fa+b
p
2 :a; b2Zg.
(a) Prove thatZ[
p
2 ] is an integral domain.
(b) Find all of the units inZ[
p
2 ].
(c) Determine the eld of fractions ofZ[
p
2 ].
(d) Prove thatZ[
p
2i] is a Euclidean domain under the Euclidean valuation
(a+b
p
2i) =a
2
+ 2b
2
.
11. LetDbe a UFD. An elementd2Dis agreatest common divisor ofa
andbinDifdjaanddjbanddis divisible by any other element dividing
bothaandb.
(a) IfDis a PID andaandbare both nonzero elements ofD, prove there
exists a unique greatest common divisor ofaandb. We write gcd(a; b)
for the greatest common divisor ofaandb.
(b) LetDbe a PID andaandbbe nonzero elements ofD. Prove that
there exist elementssandtinDsuch that gcd(a; b) =as+bt.
12. LetDbe an integral domain. Dene a relation onDbyabifaandbare
associates inD. Prove thatis an equivalence relation onD.
13. LetDbe a Euclidean domain with Euclidean valuation. Ifuis a unit in
D, show that(u) =(1).
14. LetDbe a Euclidean domain with Euclidean valuation. Ifaandbare
associates inD, prove that(a) =(b).
15. Show thatZ[
p
5i] is not a unique factorization domain.
16. Prove or disprove: Every subdomain of a UFD is also a UFD.

EXERCISES 293
17. An ideal of a commutative ringRis said to benitely generatedif there
exist elementsa1; : : : ; aninRsuch that every elementr2Rcan be written
asa1r1+ +anrnfor somer1; : : : ; rninR. Prove thatRsatises the
ascending chain condition if and only if every ideal ofRis nitely generated.
18. LetDbe an integral domain with a descending chain of idealsI1I2 .
Show that there exists anNsuch thatIk=INfor allkN. A ring satisfying
this condition is said to satisfy thedescending chain condition, or
DCC. Rings satisfying the DCC are calledArtinian rings, after Emil
Artin.
19. LetRbe a commutative ring with identity. We dene amultiplicative
subsetofRto be a subsetSsuch that 12Sandab2Sifa; b2S.
(a) Dene a relationonRSby (a; s)(a
0
; s
0
) if there exists ans2S
such thats(s
0
asa
0
) = 0. Show thatis an equivalence relation on
RS.
(b) Leta=sdenote the equivalence class of (a; s)2RSand letS
1
Rbe
the set of all equivalence classes with respect to. Dene the operations
of addition and multiplication onS
1
Rby
a
s
+
b
t
=
at+bs
st
a
s
b
t
=
ab
st
;
respectively. Prove that these operations are well-dened onS
1
Rand
thatS
1
Ris a ring with identity under these operations. The ring
S
1
Ris called thering of quotientsofRwith respect toS.
(c) Show that the map :R!S
1
Rdened by (a) =a=1 is a ring
homomorphism.
(d) IfRhas no zero divisors and 0=2S, show that is one-to-one.
(e) Prove thatPis a prime ideal ofRif and only ifS=RnPis a
multiplicative subset ofR.
(f) IfPis a prime ideal ofRandS=RnP, show that the ring of quotients
S
1
Rhas a unique maximal ideal. Any ring that has a unique maximal
ideal is called alocal ring.
References and Suggested Readings
[1]Atiyah, M. F. and MacDonald, I. G.Introduction to Commutative Algebra.
Addison-Wesley, Reading, MA, 1969.
[2]Zariski, O. and Samuel, P.Commutative Algebra, vols. I and II. Springer-
Verlag, New York, 1986, 1991.

17
Lattices and Boolean
Algebras
The axioms of a ring give structure to the operations of addition and multi-
plication on a set. However, we can construct algebraic structures, known as
lattices and Boolean algebras, that generalize other types of operations. For
example, the important operations on sets are inclusion, union, and intersec-
tion. Lattices are generalizations of order relations on algebraic spaces, such
as set inclusion in set theory and inequality in the familiar number systems
N,Z,Q, andR. Boolean algebras generalize the operations of intersection
and union. Lattices and Boolean algebras have found applications in logic,
circuit theory, and probability.
17.1 Lattices
Partially Ordered Sets
We begin by the study of lattices and Boolean algebras by generalizing the
idea of inequality. Recall that arelationon a setXis a subset ofXX.
A relationPonXis called apartial orderofXif it satises the following
axioms.
1. The relation isreexive: (a; a)2Pfor alla2X.
2. The relation isantisymmetric: if (a; b)2Pand (b; a)2P, then
a=b.
3. The relation istransitive: if (a; b)2Pand (b; c)2P, then (a; c)2P.
294

17.1 LATTICES 295
We will usually writeabto mean (a; b)2Punless some symbol is
naturally associated with a particular partial order, such asabwith
integersaandb, orXYwith setsXandY. A setXtogether with a
partial orderis called apartially ordered set, orposet.
Example 1.The set of integers (or rationals or reals) is a poset where
abhas the usual meaning for two integersaandbinZ.
Example 2.LetXbe any set. We will dene thepower setofXto be
the set of all subsets ofX. We denote the power set ofXbyP(X). For
example, letX=fa; b; cg. ThenP(X) is the set of all subsets of the set
fa; b; cg:
; fag fbg fcg
fa; bg fa; cg fb; cg fa; b; cg:
On any power set of a setX, set inclusion,, is a partial order. We can
represent the order onfa; b; cgschematically by a diagram such as the one
in Figure 17.1.
fa; b; cg
fa; bg fa; cg f b; cg
fag f bg f cg
;
!
!
!!
a
a
aa
!
!
!!
a
a
aa
!
!
!!
a
a
aa
!
!
!!
a
a
aa
Figure 17.1.Partial order onP(fa; b; cg)
Example 3.LetGbe a group. The set of subgroups ofGis a poset, where
the partial order is set inclusion.
Example 4.There can be more than one partial order on a particular set.
We can form a partial order onNbyabifajb. The relation is certainly
reexive sinceajafor alla2N. Ifmjnandnjm, thenm=n; hence, the
relation is also antisymmetric. The relation is transitive, because ifmjn
andnjp, thenmjp.
Example 5.LetX=f1;2;3;4;6;8;12;24gbe the set of divisors of 24 with
the partial order dened in Example 4. Figure 17.2 shows the partial order
onX.

296 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
24
8 12
4 6
2 3
1
"
"
""
"
"
""
"
"
b
b
b
b
"
"
Figure 17.2.A partial order on the divisors of 24
LetYbe a subset of a posetX. An elementuinXis anupper bound
ofYifaufor every elementa2Y. Ifuis an upper bound ofYsuch that
uvfor every other upper boundvofY, thenuis called aleast upper
boundorsupremumofY. An elementlinXis said to be alower bound
ofYiflafor alla2Y. Iflis a lower bound ofYsuch thatklfor
every other lower boundkofY, thenlis called agreatest lower bound
orinmumofY.
Example 6.LetY=f2;3;4;6gbe contained in the setXof Example 5.
ThenYhas upper bounds 12 and 24, with 12 as a least upper bound. The
only lower bound is 1; hence, it must be a greatest lower bound.
As it turns out, least upper bounds and greatest lower bounds are unique
if they exist.
Theorem 17.1LetYbe a nonempty subset of a posetX. IfYhas a least
upper bound, thenYhas a unique least upper bound. IfYhas a greatest
lower bound, thenYhas a unique greatest lower bound.
Proof.Letu1andu2be least upper bounds forY. By the denition of
the least upper bound,u1ufor all upper boundsuofY. In particular,
u1u2. Similarly,u2u1. Therefore,u1=u2by antisymmetry. A similar
argument show that the greatest lower bound is unique.
On many posets it is possible to dene binary operations by using the
greatest lower bound and the least upper bound of two elements. Alattice
is a posetLsuch that every pair of elements inLhas a least upper bound
and a greatest lower bound. The least upper bound ofa; b2Lis called the

17.1 LATTICES 297
joinofaandband is denoted bya_b. The greatest lower bound ofa; b2L
is called themeetofaandband is denoted bya^b.
Example 7.LetXbe a set. Then the power set ofX,P(X), is a lattice.
For two setsAandBinP(X), the least upper bound ofAandBisA[B.
CertainlyA[Bis an upper bound ofAandB, sinceAA[Band
BA[B. IfCis some other set containing bothAandB, thenCmust
containA[B; hence,A[Bis the least upper bound ofAandB. Similarly,
the greatest lower bound ofAandBisA\B.
Example 8.LetGbe a group and suppose thatXis the set of subgroups
ofG. ThenXis a poset ordered by set-theoretic inclusion,. The set of
subgroups ofGis also a lattice. IfHandKare subgroups ofG, the greatest
lower bound ofHandKisH\K. The setH[Kmay not be a subgroup
ofG. We leave it as an exercise to show that the least upper bound ofH
andKis the subgroup generated byH[K.
In set theory we have certain duality conditions. For example, by De
Morgan's laws, any statement about sets that is true about (A[B)
0
must
also be true aboutA
0
\B
0
. We also have a duality principle for lattices.
Principle of Duality.Any statement that is true for all lattices remains
true whenis replaced byand_and^are interchanged throughout the
statement.
The following theorem tells us that a lattice is an algebraic structure
with two binary operations that satisfy certain axioms.
Theorem 17.2IfLis a lattice, then the binary operations_and^satisfy
the following properties fora; b; c2L.
1.Commutative laws:a_b=b_aanda^b=b^a.
2.Associative laws:a_(b_c) = (a_b)_canda^(b^c) = (a^b)^c.
3.Idempotent laws:a_a=aanda^a=a.
4.Absorption laws:a_(a^b) =aanda^(a_b) =a.
Proof.By the Principle of Duality, we need only prove the rst statement
in each part.
(1) By denitiona_bis the least upper bound offa; bg, andb_ais the
least upper bound offb; ag; however,fa; bg=fb; ag.

298 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
(2) We will show thata_(b_c) and (a_b)_care both least upper
bounds offa; b; cg. Letd=a_b. Thencd_c= (a_b)_c. We also
know that
aa_b=dd_c= (a_b)_c:
A similar argument demonstrates thatb(a_b)_c. Therefore, (a_b)_c
is an upper bound offa; b; cg. We now need to show that (a_b)_cis the
least upper bound offa; b; cg. Letube some other upper bound offa; b; cg.
Thenauandbu; hence,d=a_bu. Sincecu, it follows that
(a_b)_c=d_cu. Therefore, (a_b)_cmust be the least upper bound
offa; b; cg. The argument that showsa_(b_c) is the least upper bound of
fa; b; cgis the same. Consequently,a_(b_c) = (a_b)_c.
(3) The join ofaandais the least upper bound offag; hence,a_a=a.
(4) Letd=a^b. Thenaa_d. On the other hand,d=a^ba,
and soa_da. Therefore,a_(a^b) =a.
Given any arbitrary setLwith operations_and^, satisfying the con-
ditions of the previous theorem, it is natural to ask whether or not this set
comes from some lattice. The following theorem says that this is always the
case.
Theorem 17.3LetLbe a nonempty set with two binary operations_and
^satisfying the commutative, associative, idempotent, and absorption laws.
We can dene a partial order onLbyabifa_b=b. Furthermore,Lis
a lattice with respect toif for alla; b2L, we dene the least upper bound
and greatest lower bound ofaandbbya_banda^b, respectively.
Proof.We rst show thatLis a poset under. Sincea_a=a,aaand
is reexive. To show thatis antisymmetric, letabandba. Then
a_b=bandb_a=a. By the commutative law,b=a_b=b_a=a.
Finally, we must show thatis transitive. Letabandbc. Then
a_b=bandb_c=c. Thus,
a_c=a_(b_c) = (a_b)_c=b_c=c;
orac.
To show thatLis a lattice, we must prove thata_banda^bare,
respectively, the least upper and greatest lower bounds ofaandb. Since
a= (a_b)^a=a^(a_b), it follows thataa_b. Similarly,ba_b.
Therefore,a_bis an upper bound foraandb. Letube any other upper
bound of bothaandb. Thenauandbu. Buta_busince
(a_b)_u=a_(b_u) =a_u=u:

17.2 BOOLEAN ALGEBRAS 299
The proof thata^bis the greatest lower bound ofaandbis left as an
exercise.
17.2 Boolean Algebras
Let us investigate the example of the power set,P(X), of a setXmore
closely. The power set is a lattice that is ordered by inclusion. By the
denition of the power set, the largest element inP(X) isXitself and the
smallest element is;, the empty set. For any setAinP(X), we know that
A\X=AandA[;=A. This suggests the following denition for lattices.
An elementIin a posetXis alargest elementifaIfor alla2X. An
elementOis asmallest elementofXifOafor alla2X.
LetAbe inP(X). Recall that the complement ofAis
A
0
=XnA=fx:x2Xandx =2Ag:
We know thatA[A
0
=XandA\A
0
=;. We can generalize this example
for lattices. A latticeLwith a largest elementIand a smallest elementO
iscomplementedif for eacha2X, there exists ana
0
such thata_a
0
=I
anda^a
0
=O.
In a latticeL, the binary operations_and^satisfy commutative and
associative laws; however, they need not satisfy the distributive law
a^(b_c) = (a^b)_(a^c);
however, inP(X) the distributive law is satised since
A\(B[C) = (A\B)[(A\C)
forA; B; C2 P(X). We will say that a latticeLisdistributiveif the
following distributive law holds:
a^(b_c) = (a^b)_(a^c)
for alla; b; c2L.
Theorem 17.4A latticeLis distributive if and only if
a_(b^c) = (a_b)^(a_c)
for alla; b; c2L.

300 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
Proof.Let us assume thatLis a distributive lattice.
a_(b^c) = [a_(a^c)]_(b^c)
=a_[(a^c)_(b^c)]
=a_[(c^a)_(c^b)]
=a_[c^(a_b)]
=a_[(a_b)^c]
= [(a_b)^a]_[(a_b)^c]
= (a_b)^(a_c):
The converse follows directly from the Duality Principle.
ABoolean algebrais a latticeBwith a greatest elementIand a
smallest elementOsuch thatBis both distributive and complemented.
The power set ofX,P(X), is our prototype for a Boolean algebra. As
it turns out, it is also one of the most important Boolean algebras. The
following theorem allows us to characterize Boolean algebras in terms of the
binary relations_and^without mention of the fact that a Boolean algebra
is a poset.
Theorem 17.5A setBis a Boolean algebra if and only if there exist binary
operations_and^onBsatisfying the following axioms.
1.a_b=b_aanda^b=b^afora; b2B.
2.a_(b_c) = (a_b)_canda^(b^c) = (a^b)^cfora; b; c2B.
3.a^(b_c) = (a^b)_(a^c)anda_(b^c) = (a_b)^(a_c)for
a; b; c2B.
4.There exist elementsIandOsuch thata_O=aanda^I=afor
alla2B.
5.For everya2Bthere exists ana
0
2Bsuch thata_a
0
=Iand
a^a
0
=O.
Proof.LetBbe a set satisfying (1){(5) in the theorem. One of the
idempotent laws is satised since
a=a_O
=a_(a^a
0
)
= (a_a)^(a_a
0
)
= (a_a)^I
=a_a:

17.2 BOOLEAN ALGEBRAS 301
Observe that
I_b= (I_b)^I= (I^I)_(b^I) =I_I=I:
Consequently, the rst of the two absorption laws holds, since
a_(a^b) = (a^I)_(a^b)
=a^(I_b)
=a^I
=a:
The other idempotent and absorption laws are proven similarly. SinceB
also satises (1){(3), the conditions of Theorem 17.3 are met; therefore,B
must be a lattice. Condition (4) tells us thatBis a distributive lattice.
Fora2B,O_a=a; hence,OaandOis the smallest element inB.
To show thatIis the largest element inB, we will rst show thata_b=b
is equivalent toa^b=a. Sincea_I=afor alla2B, using the absorption
laws we can determine that
a_I= (a^I)_I=I_(I^a) =I
oraIfor allainB. Finally, since we know thatBis complemented by
(5),Bmust be a Boolean algebra.
Conversely, suppose thatBis a Boolean algebra. LetIandObe the
greatest and least elements inB, respectively. If we denea_banda^bas
least upper and greatest lower bounds offa; bg, thenBis a Boolean algebra
by Theorem 17.3, Theorem 17.4, and our hypothesis.
Many other identities hold in Boolean algebras. Some of these identities
are listed in the following theorem.
Theorem 17.6LetBbe a Boolean algebra. Then
1.a_I=Ianda^O=Ofor alla2B.
2.Ifa_b=a_canda^b=a^cfora; b; c2B, thenb=c.
3.Ifa_b=Ianda^b=O, thenb=a
0
.
4. (a
0
)
0
=afor alla2B.
5.I
0
=OandO
0
=I.
6. (a_b)
0
=a
0
^b
0
and(a^b)
0
=a
0
_b
0
(De Morgan's Laws).

302 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
Proof.We will prove only (2). The rest of the identities are left as exercises.
Fora_b=a_canda^b=a^c, we have
b=b_(b^a)
=b_(a^b)
=b_(a^c)
= (b_a)^(b_c)
= (a_b)^(b_c)
= (a_c)^(b_c)
= (c_a)^(c_b)
=c_(a^b)
=c_(a^c)
=c_(c^a)
=c:

Finite Boolean Algebras
A Boolean algebra is anite Boolean algebraif it contains a nite number
of elements as a set. Finite Boolean algebras are particularly nice since we
can classify them up to isomorphism.
LetBandCbe Boolean algebras. A bijective map:B!Cis an
isomorphismof Boolean algebras if
(a_b) =(a)_(b)
(a^b) =(a)^(b)
for allaandbinB.
We will show that any nite Boolean algebra is isomorphic to the Boolean
algebra obtained by taking the power set of some nite setX. We will need
a few lemmas and denitions before we prove this result. LetBbe a nite
Boolean algebra. An elementa2Bis anatomofBifa6=Oanda^b=a
for allb2B. Equivalently,ais an atom ofBif there is no nonzerob2B
distinct fromasuch thatOba.
Lemma 17.7LetBbe a nite Boolean algebra. Ifbis a nonzero element
ofB, then there is an atomainBsuch thatab.

17.2 BOOLEAN ALGEBRAS 303
Proof.Ifbis an atom, leta=b. Otherwise, choose an elementb1, not
equal toOorb, such thatb1b. We are guaranteed that this is possible
sincebis not an atom. Ifb1is an atom, then we are done. If not, chooseb2,
not equal toOorb1, such thatb2b1. Again, ifb2is an atom, leta=b2.
Continuing this process, we can obtain a chain
O b3b2b1b:
SinceBis a nite Boolean algebra, this chain must be nite. That is, for
somek,bkis an atom. Leta=bk.
Lemma 17.8Letaandbbe atoms in a nite Boolean algebraBsuch that
a6=b. Thena^b=O.
Proof.Sincea^bis the greatest lower bound ofaandb, we know that
a^ba. Hence, eithera^b=aora^b=O. However, ifa^b=a, then
eitherabora=O. In either case we have a contradiction becauseaand
bare both atoms; therefore,a^b=O.
Lemma 17.9LetBbe a Boolean algebra anda; b2B. The following
statements are equivalent.
1.ab.
2.a^b
0
=O.
3.a
0
_b=I.
Proof.(1))(2). Ifab, thena_b=b. Therefore,
a^b
0
=a^(a_b)
0
=a^(a
0
^b
0
)
= (a^a
0
)^b
0
=O^b
0
=O:
(2))(3). Ifa^b
0
=O, thena
0
_b= (a^b
0
)
0
=O
0
=I.
(3))(1). Ifa
0
_b=I, then
a=a^(a
0
_b)
= (a^a
0
)_(a^b)
=O_(a^b)
=a^b:
Thus,ab.

304 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
Lemma 17.10LetBbe a Boolean algebra andbandcbe elements inB
such thatb6c. Then there exists an atoma2Bsuch thatabanda6c.
Proof.By Lemma 17.9,b^c
0
6=O. Hence, there exists an atomasuch
thatab^c
0
. Consequently,abanda6c.
Lemma 17.11Letb2Banda1; : : : ; anbe the atoms ofBsuch thataib.
Thenb=a1_ _an. Furthermore, ifa; a1; : : : ; anare atoms ofBsuch that
ab,aib, andb=a_a1_ _an, thena=aifor somei= 1; : : : ; n.
Proof.Letb1=a1_ _an. Sinceaibfor eachi, we know thatb1b.
If we can show thatbb1, then the lemma is true by antisymmetry. Assume
b6b1. Then there exists an atomasuch thatabanda6b1. Sinceais
an atom andab, we can deduce thata=aifor someai. However, this is
impossible sinceab1. Therefore,bb1.
Now suppose thatb=a1_ _an. Ifais an atom less thanb,
a=a^b=a^(a1_ _an) = (a^a1)_ _(a^an):
But each term isOorawitha^aioccurring for only oneai. Hence, by
Lemma 17.8,a=aifor somei.
Theorem 17.12LetBbe a nite Boolean algebra. Then there exists a set
Xsuch thatBis isomorphic toP(X).
Proof.We will show thatBis isomorphic toP(X), whereXis the set
of atoms ofB. Leta2B. By Lemma 17.11, we can writeauniquely as
a=a1_ _anfora1; : : : ; an2X. Consequently, we can dene a map
:B! P(X) by
(a) =(a1_ _an) =fa1; : : : ; ang:
Clearly,is onto.
Now leta=a1_ _anandb=b1_ _bmbe elements inB, where each
aiand eachbiis an atom. If(a) =(b), thenfa1; : : : ; ang=fb1; : : : ; bmg
anda=b. Consequently,is injective.
The join ofaandbis preserved bysince
(a_b) =(a1_ _an_b1_ _bm)
=fa1; : : : ; an; b1; : : : ; bmg
=fa1; : : : ; ang [ fb1; : : : ; bmg
=(a1_ _an)[(b1^ _bm)
=(a)[(b):

17.3 THE ALGEBRA OF ELECTRICAL CIRCUITS 305
Similarly,(a^b) =(a)\(b).
We leave the proof of the following corollary as an exercise.
Corollary 17.13The order of any nite Boolean algebra must be2
n
for
some positive integern.
17.3 The Algebra of Electrical Circuits
The usefulness of Boolean algebras has become increasingly apparent over
the past several decades with the development of the modern computer.
The circuit design of computer chips can be expressed in terms of Boolean
algebras. In this section we will develop the Boolean algebra of electrical
circuits and switches; however, these results can easily be generalized to the
design of integrated computer circuitry.
Aswitchis a device, located at some point in an electrical circuit, that
controls the ow of current through the circuit. Each switch has two possible
states: it can beopen, and not allow the passage of current through the
circuit, or a it can beclosed, and allow the passage of current. These states
are mutually exclusive. We require that every switch be in one state or the
other: a switch cannot be open and closed at the same time. Also, if one
switch is always in the same state as another, we will denote both by the
same letter; that is, two switches that are both labeled with the same letter
awill always be open at the same time and closed at the same time.
Given two switches, we can construct two fundamental types of circuits.
Two switchesaandbare inseriesif they make up a circuit of the type
that is illustrated in Figure 17.3. Current can pass between the terminalsA
andBin a series circuit only if both of the switchesaandbare closed. We
will denote this combination of switches bya^b. Two switchesaandbare
inparallelif they form a circuit of the type that appears in Figure 17.4.
In the case of a parallel circuit, current can pass betweenAandBif either
one of the switches is closed. We denote a parallel combination of circuitsa
andbbya_b.
A Ba b
Figure 17.3.a^b

306 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
A B
a
b
Figure 17.4.a_b
We can build more complicated electrical circuits out of series and par-
allel circuits by replacing any switch in the circuit with one of these two
fundamental types of circuits. Circuits constructed in this manner are called
series-parallel circuits.
We will consider two circuits equivalent if they act the same. That is,
if we set the switches in equivalent circuits exactly the same we will obtain
the same result. For example, in a series circuita^bis exactly the same as
b^a. Notice that this is exactly the commutative law for Boolean algebras.
In fact, the set of all series-parallel circuits forms a Boolean algebra under the
operations of_and^. We can use diagrams to verify the dierent axioms
of a Boolean algebra. The distributive law,a^(b_c) = (a^b)_(a^c),
is illustrated in Figure 17.5. Ifais a switch, thena
0
is the switch that is
always open whenais closed and always closed whenais open. A circuit
that is always closed isIin our algebra; a circuit that is always open isO.
The laws fora^a
0
=Oanda_a
0
=Iare shown in Figure 17.6.
a
b
c
a
a
b
c
Figure 17.5.a^(b_c) = (a^b)_(a^c)
Example 9.Every Boolean expression represents a switching circuit. For
example, given the expression (a_b)^(a_b
0
)^(a_b), we can construct
the circuit in Figure 17.7.
Theorem 17.14The set of all circuits is a Boolean algebra.
We leave as an exercise the proof of this theorem for the Boolean alge-
bra axioms not yet veried. We can now apply the techniques of Boolean

17.3 THE ALGEBRA OF ELECTRICAL CIRCUITS 307
a a
0
a
a
0
Figure 17.6.a^a
0
=Oanda_a
0
=I
a
b
a
b
0
a
b
Figure 17.7.(a_b)^(a_b
0
)^(a_b)
algebras to switching theory.
Example 10.Given a complex circuit, we can now apply the techniques
of Boolean algebra to reduce it to a simpler one. Consider the circuit in
Figure 17.7. Since
(a_b)^(a_b
0
)^(a_b) = (a_b)^(a_b)^(a_b
0
)
= (a_b)^(a_b
0
)
=a_(b_b
0
)
=a;
we can replace the more complicated circuit with a circuit containing the
single switchaand achieve the same function.
Historical Note
George Boole (1815{1864) was the rst person to study lattices. In 1847, he pub-
lishedThe Investigation of the Laws of Thought, a book in which he used lattices to
formalize logic and the calculus of propositions. Boole believed that mathematics
was the study of form rather than of content; that is, he was not so much concerned
with what he was calculating as with how he was calculating it. Boole's work was
carried on by his friend Augustus De Morgan (1806{1871). De Morgan observed
that the principle of duality often held in set theory, as is illustrated by De Morgan's
laws for set theory. He believed, as did Boole, that mathematics was the study of
symbols and abstract operations.

308 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
Set theory and logic were further advanced by such mathematicians as Alfred
North Whitehead (1861{1947), Bertrand Russell (1872{1970), and David Hilbert
(1862{1943). InPrincipia Mathematica, Whitehead and Russell attempted to show
the connection between mathematics and logic by the deduction of the natural
number system from the rules of formal logic. If the natural numbers could be
determined from logic itself, then so could much of the rest of existing mathematics.
Hilbert attempted to build up mathematics by using symbolic logic in a way that
would prove the consistency of mathematics. His approach was dealt a mortal blow
by Kurt Godel (1906{1978), who proved that there will always be \undecidable"
problems in any suciently rich axiomatic system; that is, that in any mathematical
system of any consequence, there will always be statements that can never be proven
either true or false.
As often occurs, this basic research in pure mathematics later became indis-
pensable in a wide variety of applications. Boolean algebras and logic have become
essential in the design of the large-scale integrated circuitry found on today's com-
puter chips. Sociologists have used lattices and Boolean algebras to model social
hierarchies; biologists have used them to describe biosystems.
Exercises
1.Draw the lattice diagram for the power set ofX=fa; b; c; dgwith the set
inclusion relation,.
2.Draw the diagram for the set of positive integers that are divisors of 30. Is
this poset a Boolean algebra?
3.Draw a diagram of the lattice of subgroups ofZ12.
4.LetBbe the set of positive integers that are divisors of 36. Dene an order
onBbyabifajb. Prove thatBis a Boolean algebra. Find a setXsuch
thatBis isomorphic toP(X).
5.Prove or disprove:Zis a poset under the relationabifajb.
6.Draw the switching circuit for each of the following Boolean expressions.
(a)(a_b_a
0
)^a
(c)a_(a^b)
(b)(a_b)
0
^(a_b)
(d)(c_a_b)^c
0
^(a_b)
0
7.Draw a circuit that will be closed exactly when only one of three switchesa,
b, andcare closed.
8.Prove or disprove that the two circuits shown are equivalent.

EXERCISES 309
a b c
a
0
b
a c
0
a
a
b
c
0
9.LetXbe a nite set containingnelements. Prove thatP(X) = 2
n
. Conclude
that the order of any nite Boolean algebra must be 2
n
for somen2N.
10.For each of the following circuits, write a Boolean expression. If the circuit
can be replaced by one with fewer switches, give the Boolean expression and
draw a diagram for the new circuit.
a
0
a b
0
b
a
b
a
0
a
a
0
b
b
a b c
a
0
b
0
c
a b
0
c
0
11.Prove or disprove: The set of all nonzero integers is a lattice, whereabis
dened byajb.
12.Prove thata^bis the greatest lower bound ofaandbin Theorem 17.3.
13.LetLbe a nonempty set with two binary operations_and^satisfying the
commutative, associative, idempotent, and absorption laws. We can dene a
partial order onL, as in Theorem 17.3, byabifa_b=b. Prove that the
greatest lower bound ofaandbisa^b.
14.LetGbe a group andXbe the set of subgroups ofGordered by set-theoretic
inclusion. IfHandKare subgroups ofG, show that the least upper bound
ofHandKis the subgroup generated byH[K.

310 CHAPTER 17 LATTICES AND BOOLEAN ALGEBRAS
15.LetRbe a ring and suppose thatXis the set of ideals ofR. Show thatXis
a poset ordered by set-theoretic inclusion,. Dene the meet of two ideals
IandJinXbyI\Jand the join ofIandJbyI+J. Prove that the set
of ideals ofRis a lattice under these operations.
16.LetBbe a Boolean algebra. Prove each of the following identities.
(a)a_I=Ianda^O=Ofor alla2B.
(b)Ifa_b=Ianda^b=O, thenb=a
0
.
(c)(a
0
)
0
=afor alla2B.
(d)I
0
=OandO
0
=I.
(e)(a_b)
0
=a
0
^b
0
and (a^b)
0
=a
0
_b
0
(De Morgan's laws).
17.By drawing the appropriate diagrams, complete the proof of Theorem 17.14
to show that the switching functions form a Boolean algebra.
18.LetBbe a Boolean algebra. Dene binary operations + andonBby
a+b= (a^b
0
)_(a
0
^b)
ab=a^b:
Prove thatBis a commutative ring under these operations satisfyinga
2
=a
for alla2B.
19.LetXbe a poset such that for everyaandbinX, eitheraborba.
ThenXis said to be atotally ordered set.
(a)Isajba total order onN?
(b)Prove thatN,Z,Q, andRare totally ordered sets under the usual
ordering.
20.LetXandYbe posets. A map:X!Yisorder-preservingifab
implies that(a)(b). LetLandMbe lattices. A map :L!M
is alattice homomorphismif (a_b) = (a)_ (b) and (a^b) =
(a)^ (b). Show that every lattice homomorphism is order-preserving, but
that it is not the case that every order-preserving homomorphism is a lattice
homomorphism.
21.LetBbe a Boolean algebra. Prove thata=bif and only if (a^b
0
)_(a
0
^b) =O
fora; b2B.
22.LetBbe a Boolean algebra. Prove thata= 0 if and only if (a^b
0
)_(a
0
^b) =b
for allb2B.
23.LetLandMbe lattices. Dene an order relation onLMby (a; b)(c; d)
ifacandbd. Show thatLMis a lattice under this partial order.

EXERCISES 311
Table 17.1.Boolean polynomials
x yx
0
x_y x^y0 01 0 00 11 1 01 00 1 01 10 1 1
Programming Exercises
ABooleanorswitching function onnvariablesis a mapf:fO; Ig
n
!
f0; Ig. A Boolean polynomial is a special type of Boolean function: it is any
type of Boolean expression formed from a nite combination of variablesx1; : : : ; xn
together withOandI, using the operations_,^, and
0
. The values of the functions
are dened in Table 17.1. Write a program to evaluate Boolean polynomials.
References and Suggested Readings
[1]Donnellan, T.Lattice Theory. Pergamon Press, Oxford, 1968.
[2]Halmos, P. R. \The Basic Concepts of Algebraic Logic,"American Mathe-
matical Monthly53(1956), 363{87.
[3]Hohn, F. \Some Mathematical Aspects of Switching,"American Mathemat-
ical Monthly62(1955), 75{90.
[4]Hohn, F.Applied Boolean Algebra. 2nd ed. Macmillan, New York, 1966.
[5]Lidl, R. and Pilz, G.Applied Abstract Algebra. Springer-Verlag, New York,
1984.
[6]Whitesitt, J.Boolean Algebra and Its Applications. Addison-Wesley, Read-
ing, MA, 1961.

18
Vector Spaces
In a physical system a quantity can often be described with a single number.
For example, we need to know only a single number to describe temperature,
mass, or volume. However, for some quantities, such as location, we need
several numbers. To give the location of a point in space, we needx,y,
andzcoordinates. Temperature distribution over a solid object requires
four numbers: three to identify each point within the object and a fourth
to describe the temperature at that point. Oftenn-tuples of numbers, or
vectors, also have certain algebraic properties, such as addition or scalar
multiplication.
In this chapter we will examine mathematical structures called vector
spaces. As with groups and rings, it is desirable to give a simple list of
axioms that must be satised to make a set of vectors a structure worth
studying.
18.1 Denitions and Examples
Avector spaceVover a eldFis an abelian group with ascalar product
vorvdened for all2Fand allv2Vsatisfying the following axioms.
(v) = ()v;
(+)v=v+v;
(u+v) =u+v;
1v=v;
where; 2Fandu; v2V.
The elements ofVare calledvectors; the elements ofFare called
scalars. It is important to notice that in most cases two vectors cannot be
312

18.1 DEFINITIONS AND EXAMPLES 313
multiplied. In general, it is only possible to multiply a vector with a scalar.
To dierentiate between the scalar zero and the vector zero, we will write
them as 0 and0, respectively.
Let us examine several examples of vector spaces. Some of them will be
quite familiar; others will seem less so.
Example 1.Then-tuples of real numbers, denoted byR
n
, form a vector
space overR. Given vectorsu= (u1; : : : ; un) andv= (v1; : : : ; vn) inR
n
and
inR, we can dene vector addition by
u+v= (u1; : : : ; un) + (v1; : : : ; vn) = (u1+v1; : : : ; un+vn)
and scalar multiplication by
u=(u1; : : : ; un) = (u1; : : : ; un):

Example 2.IfFis a eld, thenF[x] is a vector space overF. The vectors
inF[x] are simply polynomials. Vector addition is just polynomial addition.
If2Fandp(x)2F[x], then scalar multiplication is dened byp(x).
Example 3.The set of all continuous real-valued functions on a closed
interval [a; b] is a vector space overR. Iff(x) andg(x) are continuous on
[a; b], then (f+g)(x) is dened to bef(x) +g(x). Scalar multiplication is
dened by (f)(x) =f(x) for2R. For example, iff(x) = sinxand
g(x) =x
2
, then (2f+ 5g)(x) = 2 sinx+ 5x
2
.
Example 4.LetV=Q(
p
2 ) =fa+b
p
2 :a; b2Qg. ThenVis a vector
space overQ. Ifu=a+b
p
2 andv=c+d
p
2, thenu+v= (a+c)+(b+d)
p
2
is again inV. Also, for2Q,vis inV. We will leave it as an exercise to
verify that all of the vector space axioms hold forV.
Proposition 18.1LetVbe a vector space overF. Then each of the fol-
lowing statements is true.
1. 0v=0for allv2V.
2.0=0for all2F.
3.Ifv=0, then either= 0orv=0.
4. (1)v=vfor allv2V.

314 CHAPTER 18 VECTOR SPACES
5.(v) = ()v=(v)for all2Fand allv2V.
Proof.To prove (1), observe that
0v= (0 + 0)v= 0v+ 0v;
consequently,0+ 0v= 0v+ 0v. SinceVis an abelian group,0= 0v.
The proof of (2) is almost identical to the proof of (1). For (3), we are
done if= 0. Suppose that6= 0. Multiplying both sides ofv=0by
1=, we havev=0.
To show (4), observe that
v+ (1)v= 1v+ (1)v= (11)v= 0v=0;
and sov= (1)v. We will leave the proof of (5) as an exercise.
18.2 Subspaces
Just as groups have subgroups and rings have subrings, vector spaces also
have substructures. LetVbe a vector space over a eldF, andWa subset
ofV. ThenWis asubspaceofVif it is closed under vector addition and
scalar multiplication; that is, ifu; v2Wand2F, it will always be the
case thatu+vandvare also inW.
Example 5.LetWbe the subspace ofR
3
dened byW=f(x1;2x1+
x2; x1x2) :x1; x22Rg. We claim thatWis a subspace ofR
3
. Since
(x1;2x1+x2; x1x2) = (x1; (2x1+x2); (x1x2))
= (x1;2(x1) +x2; x1x2);
Wis closed under scalar multiplication. To show thatWis closed under
vector addition, letu= (x1;2x1+x2; x1x2) andv= (y1;2y1+y2; y1y2)
be vectors inW. Then
u+v= (x1+y1;2(x1+y1) + (x2+y2);(x1+y1)(x2+y2)):

Example 6.LetWbe the subset of polynomials ofF[x] with no odd-
power terms. Ifp(x) andq(x) have no odd-power terms, then neither will
p(x) +q(x). Also,p(x)2Wfor2Fandp(x)2W.

18.3 LINEAR INDEPENDENCE 315
LetVbe any vector eld over a eldFand suppose thatv1; v2; : : : ; vn
are vectors inVand1; 2; : : : ; nare scalars inF. Any vectorwinVof
the form
w=
n
X
i=1
ivi=1v1+2v2+ +nvn
is called alinear combinationof the vectorsv1; v2; : : : ; vn. Thespanning
setof vectorsv1; v2; : : : ; vnis the set of vectors obtained from all possible lin-
ear combinations ofv1; v2; : : : ; vn. IfWis the spanning set ofv1; v2; : : : ; vn,
then we often say thatWisspannedbyv1; v2; : : : ; vn.
Proposition 18.2LetS=fv1; v2; : : : ; vngbe vectors in a vector spaceV.
Then the span ofSis a subspace ofV.
Proof.Letuandvbe inS. We can write both of these vectors as linear
combinations of thevi's:
u=1v1+2v2+ +nvn
v=1v1+2v2+ +nvn:
Then
u+v= (1+1)v1+ (2+2)v2+ + (n+n)vn
is a linear combination of thevi's. For2F,
u= (1)v1+ (2)v2+ + (n)vn
is in the span ofS.
18.3 Linear Independence
LetS=fv1; v2; : : : ; vngbe a set of vectors in a vector spaceV. If there
exist scalars1; 2: : : n2Fsuch that not all of thei's are zero and
1v1+2v2+ +nvn=0;
thenSis said to belinearly dependent. If the setSis not linearly depen-
dent, then it is said to belinearly independent. More specically,Sis a
linearly independent set if
1v1+2v2+ +nvn=0
implies that
1=2= =n= 0
for any set of scalarsf1; 2: : : ng.

316 CHAPTER 18 VECTOR SPACES
Proposition 18.3Letfv1; v2; : : : ; vngbe a set of linearly independent vec-
tors in a vector space. Suppose that
v=1v1+2v2+ +nvn=1v1+2v2+ +nvn:
Then1=1; 2=2; : : : ; n=n.
Proof.If
v=1v1+2v2+ +nvn=1v1+2v2+ +nvn;
then
(11)v1+ (22)v2+ + (nn)vn=0:
Sincev1; : : : ; vnare linearly independent,ii= 0 fori= 1; : : : ; n.
The denition of linear dependence makes more sense if we consider the
following proposition.
Proposition 18.4A setfv1; v2; : : : ; vngof vectors in a vector spaceVis
linearly dependent if and only if one of thevi's is a linear combination of
the rest.
Proof.Suppose thatfv1; v2; : : : ; vngis a set of linearly dependent vectors.
Then there exist scalars1; : : : ; nsuch that
1v1+2v2+ +nvn=0;
with at least one of thei's not equal to zero. Suppose thatk6= 0. Then
vk=
1
k
v1
k1
k
vk1
k+1
k
vk+1
n
k
vn:
Conversely, suppose that
vk=1v1+ +k1vk1+k+1vk+1+ +nvn:
Then
1v1+ +k1vk1vk+k+1vk+1+ +nvn=0:

The following proposition is a consequence of the fact that any system of
homogeneous linear equations with more unknowns than equations will have
a nontrivial solution. We leave the details of the proof for the end-of-chapter
exercises.

18.3 LINEAR INDEPENDENCE 317
Proposition 18.5Suppose that a vector spaceVis spanned bynvectors.
Ifm > n, then any set ofmvectors inVmust be linearly dependent.
A setfe1; e2; : : : ; engof vectors in a vector spaceVis called abasisfor
Viffe1; e2; : : : ; engis a linearly independent set that spansV.
Example 7.The vectorse1= (1;0;0),e2= (0;1;0), ande3= (0;0;1)
form a basis forR
3
. The set certainly spansR
3
, since any arbitrary vector
(x1; x2; x3) inR
3
can be written asx1e1+x2e2+x3e3. Also, none of the
vectorse1; e2; e3can be written as a linear combination of the other two;
hence, they are linearly independent. The vectorse1; e2; e3are not the only
basis ofR
3
: the setf(3;2;1);(3;2;0);(1;1;1)gis also a basis forR
3
.
Example 8.LetQ(
p
2 ) =fa+b
p
2 :a; b2Qg. The setsf1;
p
2gand
f1 +
p
2;1
p
2gare both bases ofQ(
p
2 ).
From the last two examples it should be clear that a given vector space
has several bases. In fact, there are an innite number of bases for both
of these examples.In general, there is no unique basis for a vector space.
However, every basis ofR
3
consists of exactly three vectors, and every basis
ofQ(
p
2 ) consists of exactly two vectors. This is a consequence of the next
proposition.
Proposition 18.6Letfe1; e2; : : : ; emgandff1; f2; : : : ; fngbe two bases for
a vector spaceV. Thenm=n.
Proof.Sincefe1; e2; : : : ; emgis a basis, it is a linearly independent set. By
Proposition 18.5,nm. Similarly,ff1; f2; : : : ; fngis a linearly independent
set, and the last proposition implies thatmn. Consequently,m=n.

Iffe1; e2; : : : ; engis a basis for a vector spaceV, then we say that the
dimensionofVisnand we write dimV=n. We will leave the proof of
the following theorem as an exercise.
Theorem 18.7LetVbe a vector space of dimensionn.
1.IfS=fv1; : : : ; vngis a set of linearly independent vectors forV, then
Sis a basis forV.
2.IfS=fv1; : : : ; vngspansV, thenSis a basis forV.

318 CHAPTER 18 VECTOR SPACES
3.IfS=fv1; : : : ; vkgis a set of linearly independent vectors forVwith
k < n, then there exist vectorsvk+1; : : : ; vnsuch that
fv1; : : : ; vk; vk+1; : : : ; vng
is a basis forV.
Exercises
1.IfFis a eld, show thatF[x] is a vector space overF, where the vectors
inF[x] are polynomials. Vector addition is polynomial addition, and scalar
multiplication is dened byp(x) for2F.
2.Prove thatQ(
p
2 ) is a vector space.
3.LetQ(
p
2;
p
3 ) be the eld generated by elements of the forma+b
p
2+c
p
3,
wherea; b; care inQ. Prove thatQ(
p
2;
p
3 ) is a vector space of dimension
4 overQ. Find a basis forQ(
p
2;
p
3 ).
4.Prove that the complex numbers are a vector space of dimension 2 overR.
5.Prove that the setPnof all polynomials of degree less thannform a subspace
of the vector spaceF[x]. Find a basis forPnand compute the dimension
ofPn.
6.LetFbe a eld and denote the set ofn-tuples ofFbyF
n
. Given vectors
u= (u1; : : : ; un) andv= (v1; : : : ; vn) inF
n
andinF, dene vector addition
by
u+v= (u1; : : : ; un) + (v1; : : : ; vn) = (u1+v1; : : : ; un+vn)
and scalar multiplication by
u=(u1; : : : ; un) = (u1; : : : ; un):
Prove thatF
n
is a vector space of dimensionnunder these operations.
7.Which of the following sets are subspaces ofR
3
? If the set is indeed a
subspace, nd a basis for the subspace and compute its dimension.
(a)f(x1; x2; x3) : 3x12x2+x3= 0g
(b)f(x1; x2; x3) : 3x1+ 4x3= 0;2x1x2+x3= 0g
(c)f(x1; x2; x3) :x12x2+ 2x3= 2g
(d)f(x1; x2; x3) : 3x12x
2
2= 0g

EXERCISES 319
8.Show that the set of all possible solutions (x; y; z)2R
3
of the equations
Ax+By+Cz= 0
Dx+Ey+Cz= 0
forms a subspace ofR
3
.
9.LetWbe the subset of continuous functions on [0;1] such thatf(0) = 0.
Prove thatWis a subspace ofC[0;1].
10.LetVbe a vector space overF. Prove that(v) = ()v=(v) for all
2Fand allv2V.
11.LetVbe a vector space of dimensionn. Prove each of the following state-
ments.
(a)IfS=fv1; : : : ; vngis a set of linearly independent vectors forV, then
Sis a basis forV.
(b)IfS=fv1; : : : ; vngspansV, thenSis a basis forV.
(c)IfS=fv1; : : : ; vkgis a set of linearly independent vectors forVwith
k < n, then there exist vectorsvk+1; : : : ; vnsuch that
fv1; : : : ; vk; vk+1; : : : ; vng
is a basis forV.
12.Prove that any set of vectors containing0is linearly dependent.
13.LetVbe a vector space. Show thatf0gis a subspace ofVof dimension zero.
14.If a vector spaceVis spanned bynvectors, show that any set ofmvectors
inVmust be linearly dependent form > n.
15. Linear Transformations.LetVandWbe vector spaces over a eldF, of
dimensionsmandn, respectively. IfT:V!Wis a map satisfying
T(u+v) =T(u) +T(v)
T(v) =T(v)
for all2Fand allu; v2V, thenTis called alinear transformation
fromVintoW.
(a)Prove that thekernelofT, ker(T) =fv2V:T(v) =0g, is a
subspace ofV. The kernel ofTis sometimes called thenull spaceof
T.
(b)Prove that therangeorrange spaceofT,R(V) =fw2W:
T(v) =wfor somev2Vg, is a subspace ofW.
(c)Show thatT:V!Wis injective if and only if ker(T) =f0g.

320 CHAPTER 18 VECTOR SPACES
(d)Letfv1; : : : ; vkgbe a basis for the null space ofT. We can extend this
basis to be a basisfv1; : : : ; vk; vk+1; : : : ; vmgofV. Why? Prove that
fT(vk+1); : : : ; T(vm)gis a basis for the range ofT. Conclude that the
range ofThas dimensionmk.
(e)Let dimV= dimW. Show that a linear transformationT:V!Wis
injective if and only if it is surjective.
16.LetVandWbe nite dimensional vector spaces of dimensionnover a eld
F. Suppose thatT:V!Wis a vector space isomorphism. Iffv1; : : : ; vng
is a basis ofV, show thatfT(v1); : : : ; T(vn)gis a basis ofW. Conclude that
any vector space over a eldFof dimensionnis isomorphic toF
n
.
17. Direct Sums.LetUandVbe subspaces of a vector spaceW. The sum of
UandV, denotedU+V, is dened to be the set of all vectors of the form
u+v, whereu2Uandv2V.
(a)Prove thatU+VandU\Vare subspaces ofW.
(b)IfU+V=WandU\V=0, thenWis said to be thedirect sum
ofUandVand we writeW=UV. Show that every elementw2W
can be written uniquely asw=u+v, whereu2Uandv2V.
(c)LetUbe a subspace of dimensionkof a vector spaceWof dimension
n. Prove that there exists a subspaceVof dimensionnksuch that
W=UV. Is the subspaceVunique?
(d)IfUandVare arbitrary subspaces of a vector spaceW, show that
dim(U+V) = dimU+ dimVdim(U\V):
18. Dual Spaces.LetVandWbe nite dimensional vector spaces over a
eldF.
(a)Show that the set of all linear transformations fromVintoW, denoted
by Hom(V; W), is a vector space overF, where we dene vector addition
as follows:
(S+T)(v) =S(v) +T(v)
(S)(v) =S(v);
whereS; T2Hom(V; W),2F, andv2V.
(b)LetVbe anF-vector space. Dene thedual spaceofVto be
V

= Hom(V; F). Elements in the dual space ofVare calledlin-
ear functionals. Letv1; : : : ; vnbe an ordered basis forV. Ifv=
1v1+ +nvnis any vector inV, dene a linear functionali:V!F
byi(v) =i. Show that thei's form a basis forV

. This basis is
called thedual basisofv1; : : : ; vn(or simply the dual basis if the
context makes the meaning clear).

EXERCISES 321
(c)Consider the basisf(3;1);(2;2)gforR
2
. What is the dual basis for
(R
2
)

?
(d)LetVbe a vector space of dimensionnover a eldFand letV

be the
dual spaceV

. Show that each elementv2Vgives rise to an element
vinV

and that the mapv7!vis an isomorphism ofVwithV

.
References and Suggested Readings
[1]Curtis, C. W.Linear Algebra: An Introductory Approach. Springer-Verlag,
New York, 1984.
[2]Homan, K. and Kunze, R.Linear Algebra. 2nd ed. Prentice-Hall, Engle-
wood Clis, NJ, 1971.
[3]Johnson, L. W., Riess, R. D., and Arnold, J. T.Introduction to Linear Alge-
bra. 3rd ed. Addison-Wesley, Reading, MA, 1993.
[4]Leon, S. J.Linear Algebra with Applications. 3rd ed. Macmillan, New York,
1990.
[5]Nicholson, W. K.Elementary Linear Algebra with Applications. 2nd ed.
PWS-KENT, Boston, 1990.

19
FieldsIt is natural to ask whether or not some eldFis contained in a larger eld.
We think of the rational numbers, which reside inside the real numbers,
while in turn, the real numbers live inside the complex numbers. We can
also study the elds betweenQandRand inquire as to the nature of these
elds.
More specically if we are given a eldFand a polynomialp(x)2F[x],
we can ask whether or not we can nd a eldEcontainingFsuch that
p(x) factors into linear factors overE[x]. For example, if we consider the
polynomial
p(x) =x
4
5x
2
+ 6
inQ[x], thenp(x) factors as (x
2
2)(x
2
3). However, both of these factors
are irreducible inQ[x]. If we wish to nd a zero ofp(x), we must go to a
larger eld. Certainly the eld of real numbers will work, since
p(x) = (x
p
2)(x+
p
2)(x
p
3)(x+
p
3):
It is possible to nd a smaller eld in whichp(x) has a zero, namely
Q(
p
2) =fa+b
p
2 :a; b2Qg:
We wish to be able to compute and study such elds for arbitrary polyno-
mials over a eldF.
19.1 Extension Fields
A eldEis anextension eldof a eldFifFis a subeld ofE. The
eldFis called thebase eld. We writeFE.
322

19.1 EXTENSION FIELDS 323
Example 1.For example, let
F=Q(
p
2 ) =fa+b
p
2 :a; b2Qg
and letE=Q(
p
2 +
p
3 ) be the smallest eld containing bothQand
p
2 +
p
3. BothEandFare extension elds of the rational numbers. We
claim thatEis an extension eld ofF. To see this, we need only show that
p
2 is inE. Since
p
2 +
p
3 is inE, 1=(
p
2 +
p
3 ) =
p
3
p
2 must also be
inE. Taking linear combinations of
p
2 +
p
3 and
p
3
p
2, we nd that
p
2 and
p
3 must both be inE.
Example 2.Letp(x) =x
2
+x+ 12Z2[x]. Since neither 0 nor 1 is
a root of this polynomial, we know thatp(x) is irreducible overZ2. We
will construct a eld extension ofZ2containing an elementsuch that
p() = 0. By Theorem 15.13, the idealhp(x)igenerated byp(x) is maximal;
hence,Z2[x]=hp(x)iis a eld. Letf(x) +hp(x)ibe an arbitrary element of
Z2[x]=hp(x)i. By the division algorithm,
f(x) = (x
2
+x+ 1)q(x) +r(x);
where the degree ofr(x) is less than the degree ofx
2
+x+ 1. Therefore,
f(x) +hx
2
+x+ 1i=r(x) +hx
2
+x+ 1i:
The only possibilities forr(x) are then 0, 1,x, and 1 +x. Consequently,
E=Z2[x]=hx
2
+x+ 1iis a eld with four elements and must be a eld
extension ofZ2, containing a zeroofp(x). The eldZ2() consists of
elements
0 + 0= 0
1 + 0= 1
0 + 1=
1 + 1= 1 +:
Notice that
2
++ 1 = 0; hence, if we compute (1 +)
2
,
(1 +)(1 +) = 1 +++ ()
2
=:
Other calculations are accomplished in a similar manner. We summarize
these computations in the following tables, which tell us how to add and
multiply elements inE.
+
0 1 1 +
0
0 1 1 +
1
1 0 1 +

1 +0 1
1 +
1 + 1 0

324 CHAPTER 19 FIELDS

0 1 1 +
0
0 0 0 0
1
0 1 1 +

01 +1
1 +
0 1 +1

The following theorem, due to Kronecker, is so important and so basic
to our understanding of elds that it is often known as the Fundamental
Theorem of Field Theory.
Theorem 19.1LetFbe a eld and letp(x)be a nonconstant polynomial
inF[x]. Then there exists an extension eldEofFand an element2E
such thatp() = 0.
Proof.To prove this theorem, we will employ the method that we used
to construct Example 2. Clearly, we can assume thatp(x) is an irreducible
polynomial. We wish to nd an extension eldEofFcontaining an element
such thatp() = 0. The idealhp(x)igenerated byp(x) is a maximal ideal
inF[x] by Theorem 15.13; hence,F[x]=hp(x)iis a eld. We claim that
E=F[x]=hp(x)iis the desired eld.
We rst show thatEis a eld extension ofF. We can dene a homo-
morphism of commutative rings by the map :F!F[x]=hp(x)i, where
(a) =a+hp(x)ifora2F. It is easy to check that is indeed a ring
homomorphism. Observe that
(a) + (b) = (a+hp(x)i) + (b+hp(x)i) = (a+b) +hp(x)i= (a+b)
and
(a) (b) = (a+hp(x)i)(b+hp(x)i) =ab+hp(x)i= (ab):
To prove that is one-to-one, assume that
a+hp(x)i= (a) = (b) =b+hp(x)i:
Thenabis a multiple ofp(x), since it lives in the idealhp(x)i. Since
p(x) is a nonconstant polynomial, the only possibility is thatab= 0.
Consequently,a=band is injective. Since is one-to-one, we can
identifyFwith the subeldfa+hp(x)i:a2FgofEand viewEas an
extension eld ofF.

19.1 EXTENSION FIELDS 325
It remains for us to prove thatp(x) has a zero2F. Set=x+hp(x)i.
Thenis inE. Ifp(x) =a0+a1x+ +anx
n
, then
p() =a0+a1(x+hp(x)i) + +an(x+hp(x)i)
n
=a0+ (a1x+hp(x)i) + + (anx
n
+hp(x)i)
=a0+a1x+ +anx
n
+hp(x)i
= 0 +hp(x)i:
Therefore, we have found an element2E=F[x]=hp(x)isuch thatis a
zero ofp(x).
Example 3.Letp(x) =x
5
+x
4
+ 12Z2[x]. Thenp(x) has irreducible
factorsx
2
+x+1 andx
3
+x+1. For a eld extensionEofZ2such thatp(x)
has a root inE, we can letEbe eitherZ2[x]=hx
2
+x+1iorZ2[x]=hx
3
+x+1i.
We will leave it as an exercise to show thatZ2[x]=hx
3
+x+ 1iis a eld with
2
3
= 8 elements.
Algebraic Elements
An elementin an extension eldEoverFisalgebraicoverFiff() = 0
for some nonzero polynomialf(x)2F[x]. An element inEthat is not
algebraic overFistranscendentaloverF. An extension eldEof a eld
Fis analgebraic extensionofFif every element inEis algebraic over
F. IfEis a eld extension ofFand1; : : : ; nare contained inE, we
denote the smallest eld containingFand1; : : : ; nbyF(1; : : : ; n). If
E=F() for some2E, thenEis asimple extensionofF.
Example 4.Both
p
2 andiare algebraic overQsince they are zeros
of the polynomialsx
2
2 andx
2
+ 1, respectively. Clearlyandeare
algebraic over the real numbers; however, it is a nontrivial fact that they
are transcendental overQ. Numbers inRthat are algebraic overQare in fact
quite rare. Almost all real numbers are transcendental overQ.
1
(In many
cases we do not know whether or not a particular number is transcendental;
for example, it is not known whether+eis transcendental or algebraic.)

A complex number that is algebraic overQis analgebraic number. A
transcendental numberis an element ofCthat is transcendental overQ.
1
If we choose a number inR, then there is a probability of 1 that the number will be
transcendental overQ.

326 CHAPTER 19 FIELDS
Example 5.We will show that
p
2 +
p
3 is algebraic overQ. If=
p 2 +
p
3, then
2
= 2 +
p
3. Hence,
2
2 =
p
3 and (
2
2)
2
= 3.
Since
4
4
2
+ 1 = 0, it must be true thatis a zero of the polynomial
x
4
4x
2
+ 12Q[x].
It is very easy to give an example of an extension eldEover a eldF,
whereEcontains an element transcendental overF. The following theorem
characterizes transcendental extensions.
Theorem 19.2LetEbe an extension eld ofFand2E. Thenis
transcendental overFif and only ifF()is isomorphic toF(x), the eld
of fractions ofF[x].
Proof.Let:F[x]!Ebe the evaluation homomorphism for. Then
is transcendental overFif and only if(p(x)) =p()6= 0 for all noncon-
stant polynomialsp(x)2F[x]. This is true if and only if ker=f0g; that
is, it is true exactly whenis one-to-one. Hence,Emust contain a copy
ofF[x]. The smallest eld containingF[x] is the eld of fractionsF(x). By
Theorem 16.4,Emust contain a copy of this eld.
We have a more interesting situation in the case of algebraic extensions.
Theorem 19.3LetEbe an extension eld of a eldFand2Ewith
algebraic overF. Then there is a unique irreducible monic polynomial
p(x)2F[x]of smallest degree such thatp() = 0. Iff(x)is another monic
polynomial inF[x]such thatf() = 0, thenp(x)dividesf(x).
Proof.Let:F[x]!Ebe the evaluation homomorphism. The kernel of
is a principal ideal generated by somep(x)2F[x] with degp(x)1. We
know that such a polynomial exists, sinceF[x] is a principal ideal domain
andis algebraic. The idealhp(x)iconsists exactly of those elements of
F[x] havingas a zero. Iff() = 0 andf(x) is not the zero polynomial,
thenf(x)2 hp(x)iandp(x) dividesf(x). Sop(x) is a polynomial of minimal
degree havingas a zero. Any other polynomial of the same degree having
as a zero must have the formp(x) for some2F.
Suppose now thatp(x) =r(x)s(x) is a factorization ofpinto polyno-
mials of lower degree. Sincep() = 0,r()s() = 0; consequently, either
r() = 0 ors() = 0, which contradicts the fact thatpis of minimal degree.
Therefore,p(x) must be irreducible.
LetEbe an extension eld ofFand2Ebe algebraic overF. The
unique monic polynomialp(x) of the last theorem is called theminimal
polynomialforoverF. The degree ofp(x) is thedegree ofoverF.

19.1 EXTENSION FIELDS 327
Example 6.Letf(x) =x
2
2 andg(x) =x
4
4x
2
+1. These polynomials
are the minimal polynomials of
p
2 and
p
2 +
p
3, respectively.
Proposition 19.4LetEbe a eld extension ofFand2Ebe algebraic
overF. ThenF()

=F[x]=hp(x)i, wherep(x)is the minimal polynomial of
overF.
Proof.Let:F[x]!Ebe the evaluation homomorphism. The kernel
of this map is the minimal polynomialp(x) of. By the First Isomorphism
Theorem for rings, the image ofinEis isomorphic toF() since it
contains bothFand.
Theorem 19.5LetE=F()be a simple extension ofF, where2E
is algebraic overF. Suppose that the degree ofoverFisn. Then every
element2Ecan be expressed uniquely in the form
=b0+b1+ +bn1
n1
forbi2F.
Proof.Since(F[x]) =F(), every element inE=F() must be of the
form(f(x)) =f(), wheref() is a polynomial inwith coecients in
F. Let
p(x) =x
n
+an1x
n1
+ +a0
be the minimal polynomial of. Thenp() = 0; hence,

n
=an1
n1
a0:
Similarly,

n+1
=
n
=an1
n
an2
n1
a0
=an1(an1
n1
a0)an2
n1
a0:
Continuing in this manner, we can express every monomial
m
,mn, as a
linear combination of powers ofthat are less thann. Hence, any2F()
can be written as
=b0+b1+ +bn1
n1
:
To show uniqueness, suppose that
=b0+b1+ +bn1
n1
=c0+c1+ +cn1
n1

328 CHAPTER 19 FIELDS
forbiandciinF. Then
g(x) = (b0c0) + (b1c1)x+ + (bn1cn1)x
n1
is inF[x] andg() = 0. Since the degree ofg(x) is less than the degree
ofp(x), the irreducible polynomial of,g(x) must be the zero polynomial.
Consequently,
b0c0=b1c1= =bn1cn1= 0;
orbi=cifori= 0;1; : : : ; n1. Therefore, we have shown uniqueness.
Example 7.Sincex
2
+ 1 is irreducible overR,hx
2
+ 1iis a maximal ideal
inR[x]. SoE=R[x]=hx
2
+1iis a eld extension ofRthat contains a root of
x
2
+ 1. Let=x+hx
2
+ 1i. We can identifyEwith the complex numbers.
By Theorem 19.4,Eis isomorphic toR() =fa+b:a; b2Rg. We know
that
2
=1 inE, since

2
+ 1 = (x+hx
2
+ 1i)
2
+ (1 +hx
2
+ 1i)
= (x
2
+ 1) +hx
2
+ 1i
= 0:
Hence, we have an isomorphism ofR() withCdened by the map that
takesa+btoa+bi.
LetEbe a eld extension of a eldF. If we regardEas a vector space
overF, then we can bring the machinery of linear algebra to bear on the
problems that we will encounter in our study of elds. The elements in the
eldEare vectors; the elements in the eldFare scalars. We can think
of addition inEas adding vectors. When we multiply an element inE
by an element ofF, we are multiplying a vector by a scalar. This view of
eld extensions is especially fruitful if a eld extensionEofFis a nite
dimensional vector space overF, and Theorem 19.5 states thatE=F()
is nite dimensional vector space overFwith basisf1; ;
2
; : : : ;
n1
g.
If an extension eldEof a eldFis a nite dimensional vector space
overFof dimensionn, then we say thatEis anite extension of degree
noverF. We write
[E:F] =n:
to indicate the dimension ofEoverF.
Theorem 19.6Every nite extension eldEof a eldFis an algebraic
extension.

19.1 EXTENSION FIELDS 329
Proof.Let2E. Since [E:F] =n, the elements
1; ; : : : ;
n
cannot be linearly independent. Hence, there existai2F, not all zero, such
that
an
n
+an1
n1
+ +a1+a0= 0:
Therefore,
p(x) =anx
n
+ +a02F[x]
is a nonzero polynomial withp() = 0.
Remark.Theorem 19.6 says that every nite extension of a eldFis an
algebraic extension. The converse is false, however. We will leave it as an
exercise to show that the set of all elements inRthat are algebraic overQ
forms an innite eld extension ofQ.
The next theorem is a counting theorem, similar to Lagrange's Theorem
in group theory. Theorem 19.6 will prove to be an extremely useful tool in
our investigation of nite eld extensions.
Theorem 19.7IfEis a nite extension ofFandKis a nite extension
ofE, thenKis a nite extension ofFand
[K:F] = [K:E][E:F]:
Proof.Letf1; : : : ; ngbe a basis forEas a vector space overFand
f1; : : : ; mgbe a basis forKas a vector space overE. We claim that
fijgis a basis forKoverF. We will rst show that these vectors span
K. Letu2K. Thenu=
P
m
j=1
bjjandbj=
P
n
i=1
aiji, wherebj2E
andaij2F. Then
u=
m
X
j=1

n
X
i=1
aiji
!
j=
X
i;j
aij(ij):
So themnvectorsijmust spanKoverF.
We must show thatfijgare linearly independent. Recall that a set
of vectorsv1; v2; : : : ; vnin a vector spaceVare linearly independent if
c1v1+c2v2+ +cnvn= 0
implies that
c1=c2= =cn= 0:

330 CHAPTER 19 FIELDS
Let
u=
X
i;j
cij(ij) = 0
forcij2F. We need to prove that all of thecij's are zero. We can rewrite
uas
m
X
j=1

n
X
i=1
ciji
!
j= 0;
where
P
i
ciji2E. Since thej's are linearly independent overE, it must
be the case that
n
X
i=1
ciji= 0
for allj. However, thejare also linearly independent overF. Therefore,
cij= 0 for alliandj, which completes the proof.
The following corollary is easily proved using mathematical induction.
Corollary 19.8IfFiis a eld fori= 1; : : : ; kandFi+1is a nite extension
ofFi, thenFkis a nite extension ofF1and
[Fk:F1] = [Fk:Fk1] [F2:F1]:
Corollary 19.9LetEbe an extension eld ofF. If2Eis algebraic over
Fwith minimal polynomialp(x)and2F()with minimal polynomial
q(x), thendegq(x)dividesdegp(x).
Proof.We know that degp(x) = [F() :F] and degq(x) = [F() :F].
SinceFF()F(),
[F() :F] = [F() :F()][F() :F]:

Example 8.Let us determine an extension eld ofQcontaining
p
3+
p
5. It
is easy to determine that the minimal polynomial of
p
3+
p
5 isx
4
16x+4.
It follows that
[Q(
p
3 +
p
5 ) :Q] = 4:
We know thatf1;
p
3gis a basis forQ(
p
3 ) overQ. Hence,
p
3 +
p
5 can-
not be inQ(
p
3 ). It follows that
p
5 cannot be inQ(
p
3 ) either. There-
fore,f1;
p
5gis a basis forQ(
p
3;
p
5 ) = (Q(
p
3 ))(
p
5 ) overQ(
p
3 ) and
f1;
p
3;
p
5;
p
3
p
5 =
p
15gis a basis forQ(
p
3;
p
5 ) =Q(
p
3 +
p
5 ) overQ.

19.1 EXTENSION FIELDS 331
This example shows that it is possible that some extensionF(1; : : : ; n) is
actually a simple extension ofFeven thoughn >1.
Example 9.Let us compute a basis forQ(
3
p
5;
p
5i), where
p
5 is the
positive square root of 5 and
3
p
5 is the real cube root of 5. We know that
p
5i =2Q(
3
p
5 ), so
[Q(
3
p
5;
p
5i) :Q(
3
p
5 )] = 2:
It is easy to determine thatf1;
p
5igis a basis forQ(
3
p
5;
p
5i) overQ(
3
p
5 ).
We also know thatf1;
3
p
5;(
3
p
5 )
2
gis a basis forQ(
3
p
5 ) overQ. Hence, a
basis forQ(
p
5;
3
p
5 ) overQis
f1;
p
5i;
3
p
5;(
3
p
5 )
2
;(
6
p
5 )
5
i;(
6
p
5 )
7
i= 5
6
p
5ior
6
p
5ig:
Notice that
6
p
5iis a zero ofx
6
+ 5. We can show that this polynomial is
irreducible overQusing Eisenstein's Criterion, where we letp= 5. Conse-
quently,
QQ(
6
p
5 )Q(
3
p
5;
p
5i):
But it must be the case thatQ(
6
p
5i) =Q(
3
p
5;
p
5i), since the degree of
both of these extensions is 6.
Theorem 19.10LetEbe a eld extension ofF. Then the following state-
ments are equivalent.
1.Eis a nite extension ofF.
2.There exists a nite number of algebraic elements1; : : : ; n2Esuch
thatE=F(1; : : : ; n).
3.There exists a sequence of elds
E=F(1; : : : ; n)F(1; : : : ; n1) F(1)F;
where each eldF(1; : : : ; i)is algebraic overF(1; : : : ; i1).
Proof.(1))(2). LetEbe a nite algebraic extension ofF. ThenEis a
nite dimensional vector space overFand there exists a basis consisting of
elements1; : : : ; ninEsuch thatE=F(1; : : : ; n). Eachiis algebraic
overFby Theorem 19.6.
(2))(3). Suppose thatE=F(1; : : : ; n), where everyiis algebraic
overF. Then
E=F(1; : : : ; n)F(1; : : : ; n1) F(1)F;

332 CHAPTER 19 FIELDS
where each eldF(1; : : : ; i) is algebraic overF(1; : : : ; i1).
(3))(1). Let
E=F(1; : : : ; n)F(1; : : : ; n1) F(1)F;
where each eldF(1; : : : ; i) is algebraic overF(1; : : : ; i1). Since
F(1; : : : ; i) =F(1; : : : ; i1)(i)
is simple extension andiis algebraic overF(1; : : : ; i1), it follows that
[F(1; : : : ; i) :F(1; : : : ; i1)]
is nite for eachi. Therefore, [E:F] is nite.
Algebraic Closure
Given a eldF, the question arises as to whether or not we can nd a eld
Esuch that every polynomialp(x) has a root inE. This leads us to the
following theorem.
Theorem 19.11LetEbe an extension eld ofF. The set of elements in
Ethat are algebraic overFform a eld.
Proof.Let; 2Ebe algebraic overF. ThenF(; ) is a nite extension
ofF. Since every element ofF(; ) is algebraic overF,,=, and
=(6= 0) are all algebraic overF. Consequently, the set of elements in
Ethat are algebraic overFforms a eld.
Corollary 19.12The set of all algebraic numbers forms a eld; that is, the
set of all complex numbers that are algebraic overQmakes up a eld.
LetEbe a eld extension of a eldF. We dene thealgebraic closure
of a eldFinEto be the eld consisting of all elements inEthat are
algebraic overF. A eldFisalgebraically closedif every nonconstant
polynomial inF[x] has a root inF.
Theorem 19.13A eldFis algebraically closed if and only if every non-
constant polynomial inF[x]factors into linear factors overF[x].

19.2 SPLITTING FIELDS 333
Proof.LetFbe an algebraically closed eld. Ifp(x)2F[x] is a noncon-
stant polynomial, thenp(x) has a zero inF, say. Therefore,xmust be
a factor ofp(x) and sop(x) = (x)q1(x), where degq1(x) = degp(x)1.
Continue this process withq1(x) to nd a factorization
p(x) = (x)(x)q2(x);
where degq2(x) = degp(x)2. The process must eventually stop since the
degree ofp(x) is nite.
Conversely, suppose that every nonconstant polynomialp(x) inF[x] fac-
tors into linear factors. Letaxbbe such a factor. Thenp(b=a) = 0.
Consequently,Fis algebraically closed.
Corollary 19.14An algebraically closed eldFhas no proper algebraic
extensionE.
Proof.LetEbe an algebraic extension ofF; thenFE. For2E, the
minimal polynomial ofisx. Therefore,2FandF=E.
Theorem 19.15Every eldFhas a unique algebraic closure.
It is a nontrivial fact that every eld has a unique algebraic closure. The
proof is not extremely dicult, but requires some rather sophisticated set
theory. We refer the reader to [3], [4], or [7] for a proof of this result.
We now state the Fundamental Theorem of Algebra, rst proven by
Gauss at the age of 22 in his doctoral thesis. This theorem states that
every polynomial with coecients in the complex numbers has a root in the
complex numbers. The proof of this theorem will be given in Chapter 21.
Theorem 19.16 (Fundamental Theorem of Algebra) The eld of com-
plex numbers is algebraically closed.
19.2 Splitting Fields
LetFbe a eld andp(x) be a nonconstant polynomial inF[x]. We already
know that we can nd a eld extension ofFthat contains a root ofp(x).
However, we would like to know whether an extensionEofFcontaining all
of the roots ofp(x) exists. In other words, can we nd a eld extension of
Fsuch thatp(x) factors into a product of linear polynomials? What is the
\smallest" extension containing all the roots ofp(x)?

334 CHAPTER 19 FIELDS
LetFbe a eld andp(x) =a0+a1x+ +anx
n
be a nonconstant
polynomial inF[x]. An extension eldEofFis asplitting eldofp(x)
if there exist elements1; : : : ; ninEsuch thatE=F(1; : : : ; n) and
p(x) = (x1)(x2) (xn):
A polynomialp(x)2F[x]splitsinEif it is the product of linear factors
inE[x].
Example 10.Letp(x) =x
4
+2x
2
8 be inQ[x]. Thenp(x) has irreducible
factorsx
2
2 andx
2
+ 4. Therefore, the eldQ(
p
2; i) is a splitting eld
forp(x).
Example 11.Letp(x) =x
3
3 be inQ[x]. Thenp(x) has a root in the
eldQ(
3
p
3 ). However, this eld is not a splitting eld forp(x) since the
complex cube roots of 3,

3
p
3(
6
p
3 )
5
i2
;
are not inQ(
3
p
3 ).
Theorem 19.17Letp(x)2F[x]be a nonconstant polynomial. Then there
exists a splitting eldEforp(x).
Proof.We will use mathematical induction on the degree ofp(x). If
degp(x) = 1, thenp(x) is a linear polynomial andE=F. Assume that
the theorem is true for all polynomials of degreekwith 1k < nand let
degp(x) =n. We can assume thatp(x) is irreducible; otherwise, by our
induction hypothesis, we are done. By Theorem 19.1, there exists a eld
Ksuch thatp(x) has a zero1inK. Hence,p(x) = (x1)q(x), where
q(x)2K[x]. Since degq(x) =n1, there exists a splitting eldEKof
q(x) that contains the zeros2; : : : ; nofp(x) by our induction hypothesis.
Consequently,
E=K(2; : : : ; n) =F(1; : : : ; n)
is a splitting eld ofp(x).
The question of uniqueness now arises for splitting elds. This question
is answered in the armative. Given two splitting eldsKandLof a
polynomialp(x)2F[x], there exists a eld isomorphism:K!Lthat
preservesF. In order to prove this result, we must rst prove a lemma.

19.2 SPLITTING FIELDS 335
Lemma 19.18Let:E!Fbe an isomorphism of elds. LetKbe an
extension eld ofEand2Kbe algebraic overEwith minimal polynomial
p(x). Suppose thatLis an extension eld ofFsuch thatis root of the
polynomial inF[x]obtained fromp(x)under the image of. Thenextends
to a unique isomorphism :E()!F()such that () =and agrees
withonE.
Proof.Ifp(x) has degreen, then by Theorem 19.5 we can write any
element inE() as a linear combination of 1; ; : : : ;
n1
. Therefore, the
isomorphism that we are seeking must be
(a0+a1+ +an1
n1
) =(a0) +(a1)+ +(an1)
n1
;
where
a0+a1+ +an1
n1
is an element inE(). The fact that is an isomorphism could be checked by
direct computation; however, it is easier to observe that is a composition
of maps that we already know to be isomorphisms.
We can extendto be an isomorphism fromE[x] toF[x], which we will
also denote by, by letting
(a0+a1x+ +anx
n
) =(a0) +(a1)x+ +(an)x
n
:
This extension agrees with the original isomorphism:E!F, since
constant polynomials get mapped to constant polynomials. By assumption,
(p(x)) =q(x); hence,mapshp(x)iontohq(x)i. Consequently, we have
an isomorphism
:E[x]=hp(x)i !F[x]=hq(x)i. By Theorem 19.4, we have
isomorphisms:E[x]=hp(x)i !F() and:F[x]=hq(x)i !F(), dened
by evaluation atand, respectively. Therefore, =
1
is the required
isomorphism.
E()

! F()
?
?
y
?
?
y
E[x]=hp(x)i

!F[x]=hq(x)i
?
?
y
?
?
y
E

! F
We leave the proof of uniqueness as a exercise.

336 CHAPTER 19 FIELDS
Theorem 19.19Let:E!Fbe an isomorphism of elds and letp(x)
be a nonconstant polynomial inE[x]andq(x)the corresponding polynomial
inF[x]under the isomorphism. IfKis a splitting eld ofp(x)andLis a
splitting eld ofq(x), thenextends to an isomorphism :K!L.
Proof.We will use mathematical induction on the degree ofp(x). We can
assume thatp(x) is irreducible overE. Therefore,q(x) is also irreducible
overF. If degp(x) = 1, then by the denition of a splitting eld,K=E
andL=Fand there is nothing to prove.
Assume that the theorem holds for all polynomials of degree less than
n. SinceKis a splitting eld ofE, all of the roots ofp(x) are inK. Choose
one of these roots, say, such thatEE()K. Similarly, we can nd a
rootofq(x) inLsuch thatFF()L. By Lemma 19.18, there exists
an isomorphism
:E()!F() such that() =andagrees with
onE.
K

! L
?
?
y
?
?
y
E()

!F()
?
?
y
?
?
y
E

! F
Now writep(x) = (x)f(x) andq(x) = (x)g(x), where the degrees
off(x) andg(x) are less than the degrees ofp(x) andq(x), respectively.
The eld extensionKis a splitting eld forf(x) overE(), andLis a
splitting eld forg(x) overF(). By our induction hypothesis there exists
an isomorphism :K!Lsuch that agrees with
onE(). Hence,
there exists an isomorphism :K!Lsuch that agrees withonE.
Corollary 19.20Letp(x)be a polynomial inF[x]. Then there exists a
splitting eldKofp(x)that is unique up to isomorphism.
19.3 Geometric Constructions
In ancient Greece, three classic problems were posed. These problems are ge-
ometric in nature and involve straightedge-and-compass constructions from
what is now high school geometry; that is, we are allowed to use only a
straightedge and compass to solve them. The problems can be stated as
follows.

19.3 GEOMETRIC CONSTRUCTIONS 337
1. Given an arbitrary angle, can one trisect the angle into three equal
subangles using only a straightedge and compass?
2. Given an arbitrary circle, can one construct a square with the same
area using only a straightedge and compass?
3. Given a cube, can one construct the edge of another cube having
twice the volume of the original? Again, we are only allowed to use a
straightedge and compass to do the construction.
After puzzling mathematicians for over two thousand years, each of these
constructions was nally shown to be impossible. We will use the theory of
elds to provide a proof that the solutions do not exist. It is quite remarkable
that the long-sought solution to each of these three geometric problems came
from abstract algebra.
First, let us determine more specically what we mean by a straightedge
and compass, and also examine the nature of these problems in a bit more
depth. To begin with,a straightedge is not a ruler. We cannot measure
arbitrary lengths with a straightedge. It is merely a tool for drawing a line
through two points. The statement that the trisection of an arbitrary angle is
impossible means that there is at least one angle that is impossible to trisect
with a straightedge-and-compass construction. Certainly it is possible to
trisect an angle in special cases. We can construct a 30

angle; hence, it is
possible to trisect a 90

angle. However, we will show that it is impossible
to construct a 20

angle. Therefore, we cannot trisect a 60

angle.
Constructible Numbers
A real numberisconstructibleif we can construct a line segment of
lengthjjin a nite number of steps from a segment of unit length by using
a straightedge and compass.
Theorem 19.21The set of all constructible real numbers forms a subeld
Fof the eld of real numbers.
Proof.Letandbe constructible numbers. We must show that+,
,, and=(6= 0) are also constructible numbers. We can assume
that bothandare positive with > . It is quite obvious how to
construct+and. To nd a line segment with length, we assume
that >1 and construct the triangle in Figure 19.1 such that triangles
4ABCand4ADEare similar. Since=1 =x=, the line segmentxhas

338 CHAPTER 19 FIELDS
length. A similar construction can be made if <1. We will leave it as
an exercise to show that the same triangle can be used to construct=for
6= 0. A
B
C
D
E
1
a
b
x
Figure 19.1.Construction of products
Lemma 19.22Ifis a constructible number, then
p
is a constructible
number.
Proof.In Figure 19.2 the triangles4ABD,4BCD, and4ABCare
similar; hence, 1=x=x=, orx
2
=. x
1 a
A
B
CD
Figure 19.2.Construction of roots
By Theorem 19.21, we can locate in the plane any pointP= (p; q) that
has rational coordinatespandq. We need to know what other points can
be constructed with a compass and straightedge from points with rational
coordinates.
Lemma 19.23LetFbe a subeld ofR.

19.3 GEOMETRIC CONSTRUCTIONS 339
1.If a line contains two points inF, then it has the equationax+by+c=
0, wherea,b, andcare inF.
2.If a circle has a center at a point with coordinates inFand a radius
that is also inF, then it has the equationx
2
+y
2
+dx+ey+f= 0,
whered,e, andfare inF.
Proof.Let (x1; y1) and (x2; y2) be points on a line whose coordinates are
inF. Ifx1=x2, then the equation of the line through the two points is
xx1= 0, which has the formax+by+c= 0. Ifx16=x2, then the equation
of the line through the two points is given by
yy1=

y2y1
x2x1

(xx1);
which can also be put into the proper form.
To prove the second part of the lemma, suppose that (x1; y1) is the center
of a circle of radiusr. Then the circle has the equation
(xx1)
2
+ (yy1)
2
r
2
= 0:
This equation can easily be put into the appropriate form.
Starting with a eld of constructible numbersF, we have three possible
ways of constructing additional points inRwith a compass and straightedge.
1. To nd possible new points inR, we can take the intersection of two
lines, each of which passes through two known points with coordinates
inF.
2. The intersection of a line that passes through two points that have
coordinates inFand a circle whose center has coordinates inFwith
radius of a length inFwill give new points inR.
3. We can obtain new points inRby intersecting two circles whose centers
have coordinates inFand whose radii are of lengths inF.
The rst case gives no new points inR, since the solution of two equations
of the formax+by+c= 0 having coecients inFwill always be inF. The
third case can be reduced to the second case. Let
x
2
+y
2
+d1x+e1x+f1= 0
x
2
+y
2
+d2x+e2x+f2= 0

340 CHAPTER 19 FIELDS
be the equations of two circles, wheredi,ei, andfiare inFfori= 1;2.
These circles have the same intersection as the circle
x
2
+y
2
+d1x+e1x+f1= 0
and the line
(d1d2)x+b(e2e1)y+ (f2f1) = 0:
The last equation is that of the chord passing through the intersection points
of the two circles. Hence, the intersection of two circles can be reduced to
the case of an intersection of a line with a circle.
Considering the case of the intersection of a line and a circle, we must
determine the nature of the solutions of the equations
ax+by+c= 0
x
2
+y
2
+dx+ey+f= 0:
If we eliminateyfrom these equations, we obtain an equation of the form
Ax
2
+Bx+C= 0, whereA,B, andCare inF. Thexcoordinate of the
intersection points is given by
x=
B
p
B
2
4AC2A
and is inF(
p
), where=B
2
4AC >0. We have proven the following
lemma.
Lemma 19.24LetFbe a eld of constructible numbers. Then the points
determined by the intersections of lines and circles inFlie in the eld
F(
p
)for someinF.
Theorem 19.25A real numberis a constructible number if and only if
there exists a sequence of elds
Q=F0F1 Fk
such thatFi=Fi1(
p
i)with2Fk. In particular, there exists an integer
k >0such that[Q() :Q] = 2
k
.
Proof.The existence of theFi's and thei's is a direct consequence of
Lemma 19.24 and of the fact that
[Fk:Q] = [Fk:Fk1][Fk1:Fk2] [F1:Q] = 2
k
:

19.3 GEOMETRIC CONSTRUCTIONS 341
Corollary 19.26The eld of all constructible numbers is an algebraic ex-
tension ofQ.
As we can see by the eld of constructible numbers, not every algebraic
extension of a eld is a nite extension.
Doubling the Cube and Squaring the Circle
We are now ready to investigate the classical problems of doubling the cube
and squaring the circle. We can use the eld of constructible numbers to
show exactly when a particular geometric construction can be accomplished.
Doubling the cube is impossible. Given the edge of the cube, it is im-
possible to construct with a straightedge and compass the edge of the cube
that has twice the volume of the original cube. Let the original cube have an
edge of length 1 and, therefore, a volume of 1. If we could construct a cube
having a volume of 2, then this new cube would have an edge of length
3
p
2.
However,
3
p
2 is a zero of the irreducible polynomialx
3
2 overQ; hence,
[Q(
3
p
2 ) :Q] = 3
This is impossible, since 3 is not a power of 2.
Squaring the circle is impossible. Suppose that we have a circle of radius
1. The area of the circle is; therefore, we must be able to construct a
square with side
p
. This is impossible sinceand consequently
p
are
both transcendental. Therefore, using a straightedge and compass, it is not
possible to construct a square with the same area as the circle.
Trisecting an Angle
Trisecting an arbitrary angle is impossible. We will show that it is impossible
to construct a 20

angle. Consequently, a 60

angle cannot be trisected. We
rst need to calculate the triple-angle formula for the cosine:
cos 3= cos(2+)
= cos 2cossin 2sin
= (2 cos
2
1) cos2 sin
2
cos
= (2 cos
2
1) cos2(1cos
2
) cos
= 4 cos
3
3 cos:
The anglecan be constructed if and only if= cosis constructible. Let
= 20

. Then cos 3= cos 60

= 1=2. By the triple-angle formula for the

342 CHAPTER 19 FIELDS
cosine,
4
3
3=
1
2
:
Therefore,is a zero of 8x
3
6x1. This polynomial has no factors inZ[x],
and hence is irreducible overQ[x]. Thus, [Q() :Q] = 3. Consequently,
cannot be a constructible number.
Historical Note
Algebraic number theory uses the tools of algebra to solve problems in number
theory. Modern algebraic number theory began with Pierre de Fermat (1601{1665).
Certainly we can nd many positive integers that satisfy the equationx
2
+y
2
=z
2
;
Fermat conjectured that the equationx
n
+y
n
=z
n
has no positive integer solutions
forn3. He stated in the margin of his copy of the Latin translation of Diophantus'
Arithmeticathat he had found a marvelous proof of this theorem, but that the
margin of the book was too narrow to contain it. To date, no one has been able to
construct a proof, although the statement has been veried for allnless than or
equal to 4 million. This conjecture is known as Fermat's Last Theorem.
Attempts to prove Fermat's Last Theorem have led to important contribu-
tions to algebraic number theory by such notable mathematicians as Leonhard
Euler (1707{1783). Signicant advances in the understanding of Fermat's Last
Theorem were made by Ernst Kummer (1810{1893). Kummer's student, Leopold
Kronecker (1823{1891), became one of the leading algebraists of the nineteenth
century. Kronecker's theory of ideals and his study of algebraic number theory
added much to the understanding of elds.
David Hilbert (1862{1943) and Hermann Minkowski (1864{1909) were among
the mathematicians who led the way in this subject at the beginning of the twentieth
century. Hilbert and Minkowski were both mathematicians at Gottingen University
in Germany. Gottingen was truly one the most important centers of mathematical
research during the last two centuries. The large number of exceptional mathemati-
cians who studied there included Gauss, Dirichlet, Riemann, Dedekind, Noether,
and Weyl.
Andre Weil answered questions in number theory using algebraic geometry, a
eld of mathematics that studies geometry by studying commutative rings. From
about 1955 to 1970, A. Grothendieck dominated the eld of algebraic geometry.
Pierre Deligne, a student of Grothendieck, solved several of Weil's number-theoretic
conjectures. One of the most recent contributions to algebra and number theory is
Gerd Falting's proof of the Mordell-Weil conjecture. This conjecture of Mordell and
Weil essentially says that certain polynomialsp(x; y) inZ[x; y] have only a nite
number of integral solutions.
Exercises

EXERCISES 343
1.Show that each of the following numbers is algebraic overQby nding the
minimal polynomial of the number overQ.
(a)
q
1=3 +
p
7
(b)
p
3 +
3
p
5
(c)
p
3 +
p
2i
(d)cos+isinfor= 2=nwithn2N
(e)
p
3
p
2i
2.Find a basis for each of the following eld extensions. What is the degree of
each extension?
(a)Q(
p
3;
p
6 ) overQ
(b)Q(
3
p
2;
3
p
3 ) overQ
(c)Q(
p
2; i) overQ
(d)Q(
p
3;
p
5;
p
7 ) overQ
(e)Q(
p
2;
3
p
2 ) overQ
(f)Q(
p
8 ) overQ(
p
2 )
(g)Q(i;
p
2 +i;
p
3 +i) overQ
(h)Q(
p
2 +
p
5 ) overQ(
p
5 )
(i)Q(
p
2;
p
6 +
p
10 ) overQ(
p
3 +
p
5 )
3.Find the splitting eld for each of the following polynomials.
(a)x
4
10x
2
+ 21 overQ
(c)x
3
+ 2x+ 2 overZ3
(b)x
4
+ 1 overQ
(d)x
3
3 overQ
4.Determine all of the subelds ofQ(
4
p
3; i).
5.Show thatZ2[x]=hx
3
+x+ 1iis a eld with eight elements. Construct a
multiplication table for the multiplicative group of the eld.
6.Show that the regular 9-gon is not constructible with a straightedge and
compass, but that the regular 20-gon is constructible.
7.Prove that the cosine of one degree (cos 1

) is algebraic overQbut not con-
structible.
8.Can a cube be constructed with three times the volume of a given cube?
9.Prove thatQ(
p
3;
4
p
3;
8
p
3; : : :) is an algebraic extension ofQbut not a nite
extension.
10.Prove or disprove:is algebraic overQ(
3
).

344 CHAPTER 19 FIELDS
11.Letp(x) be a nonconstant polynomial of degreeninF[x]. Prove that there
exists a splitting eldEforp(x) such that [E:F]n!.
12.Prove or disprove:Q(
p
2 )

=Q(
p
3 ).
13.Prove that the eldsQ(
4
p
3 ) andQ(
4
p
3i) are isomorphic but not equal.
14.LetKbe an algebraic extension ofE, andEan algebraic extension ofF.
Prove thatKis algebraic overF. [Caution: Do not assume that the exten-
sions are nite.]
15.Prove or disprove:Z[x]=hx
3
2iis a eld.
16.LetFbe a eld of characteristicp. Prove thatp(x) =x
p
aeither is
irreducible overFor splits inF.
17.LetEbe the algebraic closure of a eldF. Prove that every polynomialp(x)
inF[x] splits inE.
18.If every irreducible polynomialp(x) inF[x] is linear, show thatFis an
algebraically closed eld.
19.Prove that ifandare constructible numbers such that6= 0, then so is
=.
20.Show that the set of all elements inRthat are algebraic overQform a eld
extension ofQthat is not nite.
21.LetEbe an algebraic extension of a eldF, and letbe an automorphism
ofEleavingFxed. Let2E. Show thatinduces a permutation of the
set of all zeros of the minimal polynomial ofthat are inE.
22.Show thatQ(
p
3;
p
7 ) =Q(
p
3 +
p
7 ). Extend your proof to show that
Q(
p
a;
p
b) =Q(
p
a+
p
b).
23.LetEbe a nite extension of a eldF. If [E:F] = 2, show thatEis a
splitting eld ofF.
24.Prove or disprove: Given a polynomialp(x) inZ6[x], it is possible to construct
a ringRsuch thatp(x) has a root inR.
25.LetEbe a eld extension ofFand2E. Determine [F() :F(
3
)].
26.Let; be transcendental overQ. Prove that eitheror+is also
transcendental.
27.LetEbe an extension eld ofFand2Ebe transcendental overF. Prove
that every element inF() that is not inFis also transcendental overF.

EXERCISES 345
References and Suggested Readings
[1]Dean, R. A.Elements of Abstract Algebra. Wiley, New York, 1966.
[2]Dudley, U.A Budget of Trisections. Springer-Verlag, New York, 1987. An
interesting and entertaining account of how not to trisect an angle.
[3]Fraleigh, J. B.A First Course in Abstract Algebra. 4th ed. Addison-Wesley,
Reading, MA, 1989.
[4]Kaplansky, I.Fields and Rings, 2nd ed. University of Chicago Press, Chicago,
1972.
[5]Klein, F.Famous Problems of Elementary Geometry. Chelsea, New York,
1955.
[6]H. Pollard and H. G. Diamond.Theory of Algebraic Numbers, Carus Mono-
graph Series, No. 9. 2nd ed. Mathematical Association of America, Wash-
ington, DC, 1975.
[7]Walker, E. A.Introduction to Abstract Algebra. Random House, New York,
1987. This work contains a proof showing that every eld has an algebraic
closure.

20
Finite Fields
Finite elds appear in many applications of algebra, including coding theory
and cryptography. We already know one nite eld,Zp, wherepis prime. In
this chapter we will show that a unique nite eld of orderp
n
exists for every
primep, wherenis a positive integer. Finite elds are also called Galois
elds in honor of

Evariste Galois, who was one of the rst mathematicians
to investigate them.
20.1 Structure of a Finite Field
Recall that a eldFhascharacteristicpifpis the smallest positive integer
such that for every nonzero elementinF, we havep= 0. If no such
integer exists, thenFhas characteristic 0. From Theorem 14.5 we know
thatpmust be prime. Suppose thatFis a nite eld withnelements.
Thenn= 0 for allinF. Consequently, the characteristic ofFmust
bep, wherepis a prime dividingn. This discussion is summarized in the
following proposition.
Proposition 20.1IfFis a nite eld, then the characteristic ofFisp,
wherepis prime.
Throughout this chapter we will assume thatpis a prime number unless
otherwise stated.
Proposition 20.2IfFis a nite eld of characteristicp, then the order
ofFisp
n
for somen2N.
Proof.Let:Z!Fbe the ring homomorphism dened by(n) =n1.
Since the characteristic ofFisp, the kernel ofmust bepZand the image of
346

20.1 STRUCTURE OF A FINITE FIELD 347
must be a subeld ofFisomorphic toZp. We will denote this subeld by
K. SinceFis a nite eld, it must be a nite extension ofKand, therefore,
an algebraic extension ofK. Suppose that [F:K] =nis the dimension of
F, whereFis aKvector space. There must exist elements1; : : : ; n2F
such that any elementinFcan be written uniquely in the form
=a11+ +ann;
where theai's are inK. Since there arepelements inK, there arep
n
possible linear combinations of thei's. Therefore, the order ofFmust be
p
n
.
Lemma 20.3 (Freshman's Dream) Letpbe prime andDbe an integral
domain of characteristicp. Then
a
p
n
+b
p
n
= (a+b)
p
n
for all positive integersn.
Proof.We will prove this lemma using mathematical induction onn. We
can use the binomial formula (see Chapter 1, Example 3) to verify the case
forn= 1; that is,
(a+b)
p
=
p
X
k=0

p
k

a
k
b
pk
:
If 0< k < p, then

p
k

=
p!
k!(pk)!
must be divisible byp, sincepcannot dividek!(pk)!. Note thatDis an
integral domain of characteristicp, so all but the rst and last terms in the
sum must be zero. Therefore, (a+b)
p
=a
p
+b
p
.
Now suppose that the result holds for allk, where 1kn. By the
induction hypothesis,
(a+b)
p
n+1
= ((a+b)
p
)
p
n
= (a
p
+b
p
)
p
n
= (a
p
)
p
n
+ (b
p
)
p
n
=a
p
n+1
+b
p
n+1
:
Therefore, the lemma is true forn+ 1 and the proof is complete.
LetFbe a eld. A polynomialf(x)2F[x] of degreenisseparableif
it hasndistinct roots in the splitting eld off(x); that is,f(x) is separable
when it factors into distinct linear factors over the splitting eld ofF. An

348 CHAPTER 20 FINITE FIELDS
extensionEofFis aseparable extensionofFif every element inEis
the root of a separable polynomial inF[x].
Example 1.The polynomialx
2
2 is separable overQsince it factors
as (x
p
2 )(x+
p
2 ). In fact,Q(
p
2 ) is a separable extension ofQ. Let
=a+b
p
2 be any element inQ. Ifb= 0, thenis a root ofxa. If
b6= 0, thenis the root of the separable polynomial
x
2
2ax+a
2
2b
2
= (x(a+b
p
2 ))(x(ab
p
2 )):

Fortunately, we have an easy test to determine the separability of any
polynomial. Let
f(x) =a0+a1x+ +anx
n
be any polynomial inF[x]. Dene thederivativeoff(x) to be
f
0
(x) =a1+ 2a2x+ +nanx
n1
:
Lemma 20.4LetFbe a eld andf(x)2F[x]. Thenf(x)is separable if
and only iff(x)andf
0
(x)are relatively prime.
Proof.Letf(x) be separable. Thenf(x) factors over some extension eld
ofFasf(x) = (x1)(x2) (xn), wherei6=jfori6=j. Taking
the derivative off(x), we see that
f
0
(x) = (x2) (xn)
+ (x1)(x3) (xn)
+ + (x1) (xn1):
Hence,f(x) andf
0
(x) can have no common factors.
To prove the converse, we will show that the contrapositive of the state-
ment is true. Suppose thatf(x) = (x)
k
g(x), wherek >1. Dierentiat-
ing, we have
f
0
(x) =k(x)
k1
g(x) + (x)
k
g
0
(x):
Therefore,f(x) andf
0
(x) have a common factor.
Theorem 20.5For every primepand every positive integern, there exists
a nite eldFwithp
n
elements. Furthermore, any eld of orderp
n
is
isomorphic to the splitting eld ofx
p
n
xoverZp.

20.1 STRUCTURE OF A FINITE FIELD 349
Proof.Letf(x) =x
p
n
xand letFbe the splitting eld off(x). Then by
Lemma 20.4,f(x) hasp
n
distinct zeros inF, sincef
0
(x) =p
n
x
p
n
1
1 =1
is relatively prime tof(x). We claim that the roots off(x) form a subeld
ofF. Certainly 0 and 1 are zeros off(x). Ifandare zeros off(x),
then+andare also zeros off(x), since
p
n
+
p
n
= (+)
p
n
and
p
n

p
n
= ()
p
n
. We also need to show that the additive inverse and
the multiplicative inverse of each root off(x) are roots off(x). For any
zerooff(x),= (p1)is also a zero off(x). If6= 0, then
(
1
)
p
n
= (
p
n
)
1
=
1
. Since the zeros off(x) form a subeld ofFand
f(x) splits in this subeld, the subeld must be all ofF.
LetEbe any other eld of orderp
n
. To show thatEis isomorphic
toF, we must show that every element inEis a root off(x). Certainly
0 is a root off(x). Letbe a nonzero element ofE. The order of the
multiplicative group of nonzero elements ofEisp
n
1; hence,
p
n
1
= 1
or
p
n
= 0. SinceEcontainsp
n
elements,Emust be a splitting eld
off(x); however, by Corollary 19.20, the splitting eld of any polynomial is
unique up to isomorphism.
The unique nite eld withp
n
elements is called theGalois eldof
orderp
n
. We will denote this eld by GF(p
n
).
Theorem 20.6Every subeld of the Galois eldGF(p
n
)hasp
m
elements,
wheremdividesn. Conversely, ifmjnform >0, then there exists a
unique subeld ofGF(p
n
)isomorphic toGF(p
m
).
Proof.LetFbe a subeld ofE= GF(p
n
). ThenFmust be a eld
extension ofKthat containsp
m
elements, whereKis isomorphic toZp.
Thenmjn, since [E:K] = [E:F][F:K].
To prove the converse, suppose thatmjnfor somem >0. Thenp
m
1
dividesp
n
1. Consequently,x
p
m
1
1 dividesx
p
n
1
1. Therefore,x
p
m
x
must dividex
p
n
x, and every zero ofx
p
m
xis also a zero ofx
p
n
x.
Thus, GF(p
n
) contains, as a subeld, a splitting eld ofx
p
m
x, which must
be isomorphic to GF(p
m
).
Example 2.The lattice of subelds of GF(p
24
) is given inFigure 20.1.

With each eldFwe have a multiplicative group of nonzero elements of
Fwhich we will denote byF

. The multiplicative group of any nite eld
is cyclic. This result follows from the more general result that we will prove
in the next theorem.

350 CHAPTER 20 FINITE FIELDS
GF(p
24
)
GF(p
8
) GF( p
12
)
GF(p
4
) GF( p
6
)
GF(p
2
) GF( p
3
)
GF(p)
"
"
"
"
"
"
"
"
"
"
b
b
b
b
"
"
Figure 20.1.Subelds of GF(p
24
)
Theorem 20.7IfGis a nite subgroup ofF

, the multiplicative group of
nonzero elements of a eldF, thenGis cyclic.
Proof.LetGbe a nite subgroup ofF

withn=p
e1
1
p
ek
k
elements,
wherepi's are (not necessarily distinct) primes. By the Fundamental Theo-
rem of Finite Abelian Groups,
G

=Z
p
e
1
1
Z
p
e
k
k
:
Letmbe the least common multiple ofp
e1
1
; : : : ; p
ek
k
. ThenGcontains an
element of orderm. Since everyinGsatisesx
r
1 for somerdividing
m,must also be a root ofx
m
1. Sincex
m
1 has at mostmroots in
F,nm. On the other hand, we know thatm jGj; therefore,m=n.
Thus,Gcontains an element of ordernand must be cyclic.
Corollary 20.8The multiplicative group of all nonzero elements of a nite
eld is cyclic.
Corollary 20.9Every nite extensionEof a nite eldFis a simple
extension ofF.
Proof.Letbe a generator for the cyclic groupE

of nonzero elements
ofE. ThenE=F().

20.2 POLYNOMIAL CODES 351
Example 3.The nite eld GF(2
4
) is isomorphic to the eldZ2=h1+x+x
4
i.
Therefore, the elements of GF(2
4
) can be taken to be
fa0+a1+a2
2
+a3
3
:ai2Z2and 1 ++
4
= 0g:
Remembering that 1 ++
4
= 0, we add and multiply elements of GF(2
4
)
exactly as we add and multiply polynomials. The multiplicative group of
GF(2
4
) is isomorphic toZ15with generator:

1
=
6
=
2
+
3

11
=+
2
+
3

2
=
2

7
= 1 ++
3

12
= 1 ++
2
+
3

3
=
3

8
= 1 +
2

13
= 1 +
2
+
3

4
= 1 +
9
=+
3

14
= 1 +
3

5
=+
2

10
= 1 ++
2

15
= 1:

20.2 Polynomial Codes
With knowledge of polynomial rings and nite elds, it is now possible
to derive more sophisticated codes than those of Chapter 7. First let us
recall that an (n; k)-block code consists of a one-to-one encoding function
E:Z
k
2
!Z
n
2
and a decoding functionD:Z
n
2
!Z
k
2
. The code is error-
correcting ifDis onto. A code is a linear code if it is the null space of a
matrixH2Mkn(Z2).
We are interested in a class of codes known as cyclic codes. Let:
Z
k
2
!Z
n
2
be a binary (n; k)-block code. Thenis acyclic codeif for every
codeword (a1; a2; : : : ; an), the cyclically shiftedn-tuple (an; a1; a2; : : : ; an1)
is also a codeword. Cyclic codes are particularly easy to implement on a
computer using shift registers [2, 3].
Example 4.Consider the (6;3)-linear codes generated by the two matrices
G1=
0
B
B
B
B
B
B
@
1 0 0
0 1 0
0 0 1
1 0 0
0 1 0
0 0 1
1
C
C
C
C
C
C
A
andG2=
0
B
B
B
B
B
B
@
1 0 0
1 1 0
1 1 1
1 1 1
0 1 1
0 0 1
1
C
C
C
C
C
C
A
:

352 CHAPTER 20 FINITE FIELDS
Messages in the rst code are encoded as follows:
(000)7!(000000) (100) 7!(100100)
(001)7!(001001) (101) 7!(101101)
(010)7!(010010) (110) 7!(110110)
(011)7!(011011) (111) 7!(111111):
It is easy to see that the codewords form a cyclic code. In the second code,
3-tuples are encoded in the following manner:
(000)7!(000000) (100) 7!(111100)
(001)7!(001111) (101) 7!(110011)
(010)7!(011110) (110) 7!(100010)
(011)7!(010001) (111) 7!(101101):
This code cannot be cyclic, since (101101) is a codeword but (011011) is not
a codeword.
Polynomial Codes
We would like to nd an easy method of obtaining cyclic linear codes. To
accomplish this, we can use our knowledge of nite elds and polynomial
rings overZ2. Any binaryn-tuple can be interpreted as a polynomial in
Z2[x]. Stated another way, then-tuple (a0; a1; : : : ; an1) corresponds to the
polynomial
f(x) =a0+a1x+ +an1x
n1
;
where the degree off(x) is at mostn1. For example, the polynomial
corresponding to the 5-tuple (10011) is
1 + 0x+ 0x
2
+ 1x
3
+ 1x
4
= 1 +x
3
+x
4
:
Conversely, with any polynomialf(x)2Z2[x] with degf(x)< nwe can
associate a binaryn-tuple. The polynomialx+x
2
+x
4
corresponds to the
5-tuple (01101).
Let us x a nonconstant polynomialg(x) inZ2[x] of degreenk. We can
dene an (n; k)-codeCin the following manner. If (a0; : : : ; ak1) is ak-tuple
to be encoded, thenf(x) =a0+a1x+ +ak1x
k1
is the corresponding
polynomial inZ2[x]. To encodef(x), we multiply byg(x). The codewords
inCare all those polynomials inZ2[x] of degree less thannthat are divisible
byg(x). Codes obtained in this manner are calledpolynomial codes.
Example 5.If we letg(x) = 1+x
3
, we can dene a (6;3)-codeCas follows.
To encode a 3-tuple (a0; a1; a2), we multiply the corresponding polynomial

20.2 POLYNOMIAL CODES 353
f(x) =a0+a1x+a2x
2
by 1 +x
3
. We are dening a map:Z
3
2
!Z
6
2
by:f(x)7!g(x)f(x). It is easy to check that this map is a group
homomorphism. In fact, if we regardZ
n
2
as a vector space overZ2,is a
linear transformation of vector spaces (see Exercise 13, Chapter 18). Let
us compute the kernel of. Observe that(a0; a1; a2) = (000000) exactly
when
0 + 0x+ 0x
2
+ 0x
3
+ 0x
4
+ 0x
5
= (1 +x
3
)(a0+a1x+a2x
2
)
=a0+a1x+a2x
2
+a0x
3
+a1x
4
+a2x
5
:
Since the polynomials over a eld form an integral domain,a0+a1x+a2x
2
must be the zero polynomial. Therefore, ker=f(000)gandis one-to-one.
To calculate a generator matrix forC, we merely need to examine the
way the polynomials 1,x, andx
2
are encoded:
(1 +x
3
)1 = 1 +x
3
(1 +x
3
)x=x+x
4
(1 +x
3
)x
3
=x
2
+x
5
:
We obtain the code corresponding to the generator matrixG1in Example 4.
The parity-check matrix for this code is
H=
0
@
1 0 0 1 0 0
0 1 0 0 1 0
0 0 1 0 0 1
1
A:
Since the smallest weight of any nonzero codeword is 2, this code has the
ability to detect all single errors.
Rings of polynomials have a great deal of structure; therefore, our imme-
diate goal is to establish a link between polynomial codes and ring theory.
Recall thatx
n
1 = (x1)(x
n1
+ +x+ 1). The factor ring
Rn=Z2[x]=hx
n
1i
can be considered to be the ring of polynomials of the form
f(t) =a0+a1t+ +an1t
n1
that satisfy the conditiont
n
= 1. It is an easy exercise to show thatZ
n
2
and
Rnare isomorphic as vector spaces. We will often identify elements inZ
n
2
with elements inZ[x]=hx
n
1i. In this manner we can interpret a linear
code as a subset ofZ[x]=hx
n
1i.

354 CHAPTER 20 FINITE FIELDS
The additional ring structure on polynomial codes is very powerful in
describing cyclic codes. A cyclic shift of ann-tuple can be described by
polynomial multiplication. Iff(t) =a0+a1t+ +an1t
n1
is a code
polynomial inRn, then
tf(t) =an1+a0t+ +an2t
n1
is the cyclically shifted word obtained from multiplyingf(t) byt. The
following theorem gives a beautiful classication of cyclic codes in terms of
the ideals ofRn.
Theorem 20.10A linear codeCinZ
n
2
is cyclic if and only if it is an ideal
inRn=Z[x]=hx
n
1i.
Proof.LetCbe a linear cyclic code and suppose thatf(t) is inC.
Thentf(t) must also be inC. Consequently,t
k
f(t) is inCfor allk2
N. SinceCis a linear code, any linear combination of the codewords
f(t); tf(t); t
2
f(t); : : : ; t
n1
f(t) is also a codeword; therefore, for every poly-
nomialp(t),p(t)f(t) is inC. Hence,Cis an ideal.
Conversely, letCbe an ideal inZ2[x]=hx
n
+ 1i. Suppose thatf(t) =
a0+a1t+ +an1t
n1
is a codeword inC. Thentf(t) is a codeword in
C; that is, (a1; : : : ; an1; a0) is inC.
Theorem 20.10 tells us that knowing the ideals ofRnis equivalent to
knowing the linear cyclic codes inZ
n
2
. Fortunately, the ideals inRnare easy
to describe. The natural ring homomorphism:Z2[x]!Rndened by
[f(x)] =f(t) is a surjective homomorphism. The kernel ofis the ideal
generated byx
n
1. By Theorem 14.14, every idealCinRnis of the form
(I), whereIis an ideal inZ2[x] that containshx
n
1i. By Theorem 15.12,
we know that every idealIinZ2[x] is a principal ideal, sinceZ2is a eld.
Therefore,I=hg(x)ifor some unique monic polynomial inZ2[x]. Since
hx
n
1iis contained inI, it must be the case thatg(x) dividesx
n
1.
Consequently, every idealCinRnis of the form
C=hg(t)i=ff(t)g(t) :f(t)2Rnandg(x)j(x
n
1) inZ2[x]g:
The unique monic polynomial of the smallest degree that generatesCis
called theminimal generator polynomialofC.
Example 6.If we factorx
7
1 into irreducible components, we have
x
7
1 = (1 +x)(1 +x+x
3
)(1 +x
2
+x
3
):

20.2 POLYNOMIAL CODES 355
We see thatg(t) = (1 +t+t
3
) generates an idealCinR7. This code is a
(7;4)-block code. As in Example 5, it is easy to calculate a generator matrix
by examining whatg(t) does to the polynomials 1,t,t
2
, andt
3
. A generator
matrix forCis
G=
0
B
B
B
B
B
B
B
B
@
1 0 0 0
1 1 0 0
0 1 1 0
1 0 1 1
0 1 0 1
0 0 1 0
0 0 0 1
1
C
C
C
C
C
C
C
C
A
:

In general, we can determine a generator matrix for an (n; k)-codeCby
the manner in which the elementst
k
are encoded. Letx
n
1 =g(x)h(x) in
Z2[x]. Ifg(x) =g0+g1x+ +gnkx
nk
andh(x) =h0+h1x+ +hkx
k
,
then thenkmatrix
G=
0
B
B
B
B
B
B
B
B
B
B
@
g0 0 0
g1 g0 0
.
.
.
.
.
.
.
.
.
.
.
.
gnkgnk1 g0
0 gnk g1
.
.
.
.
.
.
.
.
.
.
.
.
0 0 gnk
1
C
C
C
C
C
C
C
C
C
C
A
is a generator matrix for the codeCwith generator polynomialg(t). The
parity-check matrix forCis the (nk)nmatrix
H=
0
B
B
@
0 0 0 hk h0
0 0hk h00

hk h00 0 0
1
C
C
A
:
We will leave the details of the proof of the following proposition as an
exercise.
Proposition 20.11LetC=hg(t)ibe a cyclic code inRnand suppose that
x
n
1 =g(x)h(x). ThenGandHare generator and parity-check matrices
forC, respectively. Furthermore,HG= 0.

356 CHAPTER 20 FINITE FIELDS
Example 7.In Example 6,
x
7
1 =g(x)h(x) = (1 +x+x
3
)(1 +x+x
2
+x
4
):
Therefore, a parity-check matrix for this code is
H=
0
@
0 0 1 0 1 1 1
0 1 0 1 1 1 0
1 0 1 1 1 0 0
1
A:

To determine the error-detecting and error-correcting capabilities of a
cyclic code, we need to know something about determinants. If1; : : : ; n
are elements in a eldF, then thennmatrix
0
B
B
B
B
B
@
1 1 1
1 2 n

2
1

2
2

2
n
.
.
.
.
.
.
.
.
.
.
.
.

n1
1

n1
2

n1
n
1
C
C
C
C
C
A
is called theVandermonde matrix. The determinant of this matrix is
called theVandermonde determinant. We will need the following lemma
in our investigation of cyclic codes.
Lemma 20.12Let1; : : : ; nbe elements in a eldFwithn2. Then
det
0
B
B
B
B
B
@
1 1 1
1 2 n

2
1

2
2

2
n
.
.
.
.
.
.
.
.
.
.
.
.

n1
1

n1
2

n1
n
1
C
C
C
C
C
A
=
Y
1j<in
(ij):
In particular, if thei's are distinct, then the determinant is nonzero.
Proof.We will induct onn. Ifn= 2, then the determinant is21. Let
us assume the result forn1 and consider the polynomialp(x) dened by
p(x) = det
0
B
B
B
B
B
@
1 1 1 1
1 2 n1x

2
1

2
2

2
n1
x
2
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

n1
1

n1
2

n1
n1
x
n1
1
C
C
C
C
C
A
:

20.2 POLYNOMIAL CODES 357
Expanding this determinant by cofactors on the last column, we see that
p(x) is a polynomial of at most degreen1. Moreover, the roots ofp(x) are
1; : : : ; n1, since the substitution of any one of these elements in the last
column will produce a column identical to the last column in the matrix.
Remember that the determinant of a matrix is zero if it has two identical
columns. Therefore,
p(x) = (x1)(x2) (xn1);
where
= (1)
n+n
det
0
B
B
B
B
B
@
1 1 1
1 2 n1

2
1

2
2

2
n1
.
.
.
.
.
.
.
.
.
.
.
.

n2
1

n2
2

n2
n1
1
C
C
C
C
C
A
:
By our induction hypothesis,
= (1)
n+n
Y
1j<in1
(ij):
If we letx=n, the result now follows immediately.
The following theorem gives us an estimate on the error detection and
correction capabilities for a particular generator polynomial.
Theorem 20.13LetC=hg(t)ibe a cyclic code inRnand suppose that!
is a primitiventh root of unity overZ2. Ifsconsecutive powers of!are
roots ofg(x), then the minimum distance ofCis at leasts+ 1.
Proof.Suppose that
g(!
r
) =g(!
r+1
) = =g(!
r+s1
) = 0:
Letf(x) be some polynomial inCwithsor fewer nonzero coecients. We
can assume that
f(x) =ai0
x
i0
+ai1
x
i1
+ +ais1
x
is1
be some polynomial inC. It will suce to show that all of theai's must be
0. Since
g(!
r
) =g(!
r+1
) = =g(!
r+s1
) = 0

358 CHAPTER 20 FINITE FIELDS
andg(x) dividesf(x),
f(!
r
) =f(!
r+1
) = =f(!
r+s1
) = 0:
Equivalently, we have the following system of equations:
ai0
(!
r
)
i0
+ai1
(!
r
)
i1
+ +ais1
(!
r
)
is1
= 0
ai0
(!
r+1
)
i0
+ai1
(!
r+1
)
i2
+ +ais1
(!
r+1
)
is1
= 0
.
.
.
ai0
(!
r+s1
)
i0
+ai1
(!
r+s1
)
i1
+ +ais1
(!
r+s1
)
is1
= 0:
Therefore, (ai0
; ai1
; : : : ; ais1
) is a solution to the homogeneous system of
linear equations
(!
i0
)
r
x0+ (!
i1
)
r
x1+ + (!
is1
)
r
xn1= 0
(!
i0
)
r+1
x0+ (!
i1
)
r+1
x1+ + (!
is1
)
r+1
xn1= 0
.
.
.
(!
i0
)
r+s1
x0+ (!
i1
)
r+s1
x1+ + (!
is1
)
r+s1
xn1= 0:
However, this system has a unique solution, since the determinant of the
matrix 0
B
B
B
@
(!
i0
)
r
(!
i1
)
r
(!
is1
)
r
(!
i0
)
r+1
(!
i1
)
r+1
(!
is1
)
r+1
.
.
.
.
.
.
.
.
.
.
.
.
(!
i0
)
r+s1
(!
i1
)
r+s1
(!
is1
)
r+s1
1
C
C
C
A
can be shown to be nonzero using Lemma 20.12 and the basic properties of
determinants (Exercise). Therefore, this solution must beai0
=ai1
= =
ais1
= 0.
BCH Codes
Some of the most important codes, discovered independently by A. Hoc-
quenghem in 1959 and by R. C. Bose and D. V. Ray-Chaudhuri in 1960, are
BCH codes. The European and transatlantic communication systems both
use BCH codes. Information words to be encoded are of length 231, and
a polynomial of degree 24 is used to generate the code. Since 231 + 24 =
255 = 2
8
1, we are dealing with a (255;231)-block code. This BCH code
will detect six errors and has a failure rate of 1 in 16 million. One advantage
of BCH codes is that ecient error correction algorithms exist for them.

20.2 POLYNOMIAL CODES 359
The idea behind BCH codes is to choose a generator polynomial of small-
est degree that has the largest error detection and error correction capabil-
ities. Letd= 2r+ 1 for somer0. Suppose that!is a primitiventh root
of unity overZ2, and letmi(x) be the minimal polynomial overZ2of!
i
. If
g(x) = lcm[m1(x); m2(x); : : : ; m2r(x)];
then the cyclic codehg(t)iinRnis called theBCH code of lengthnand
distanced. By Theorem 20.13, the minimum distance ofCis at leastd.
Theorem 20.14LetC=hg(t)ibe a cyclic code inRn. The following
statements are equivalent.
1.The codeCis a BCH code whose minimum distance is at leastd.
2.A code polynomialf(t)is inCif and only iff(!
i
) = 0for1i < d.
3.The matrix
H=
0
B
B
B
B
B
@
1! !
2
!
n1
1!
2
!
4
!
(n1)(2)
1!
3
!
6
!
(n1)(3)
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1!
2r
!
4r
!
(n1)(2r)
1
C
C
C
C
C
A
is a parity-check matrix forC.
Proof.(1))(2). Iff(t) is inC, theng(x)jf(x) inZ2[x]. Hence, for
i= 1; : : : ;2r,f(!
i
) = 0 sinceg(!
i
) = 0. Conversely, suppose thatf(!
i
) = 0
for 1id. Thenf(x) is divisible by eachmi(x), sincemi(x) is the
minimal polynomial of!
i
. Therefore,g(x)jf(x) by the denition ofg(x).
Consequently,f(x) is a codeword.
(2))(3). Letf(t) =a0+a1t+ +an1vt
n1
be inRn. The corre-
spondingn-tuple inZ
n
2
isx= (a0a1 an1)
t
. By (2),
Hx=
0
B
B
B
@
a0+a1!+ +an1!
n1
a0+a1!
2
+ +an1(!
2
)
n1
.
.
.
a0+a1!
2r
+ +an1(!
2r
)
n1
1
C
C
C
A
=
0
B
B
B
@
f(!)
f(!
2
)
.
.
.
f(!
2r
)
1
C
C
C
A
= 0
exactly whenf(t) is inC. Thus,His a parity-check matrix forC.

360 CHAPTER 20 FINITE FIELDS
(3))(1). By (3), a code polynomialf(t) =a0+a1t+ +an1t
n1
is
inCexactly whenf(!
i
) = 0 fori= 1; : : : ;2r. The smallest such polynomial
isg(t) = lcm[m1(t); : : : ; m2r(t)]. Therefore,C=hg(t)i.
Example 8.It is easy to verify thatx
15
12Z2[x] has a factorization
x
15
1 = (x+ 1)(x
2
+x+ 1)(x
4
+x+ 1)(x
4
+x
3
+ 1)(x
4
+x
3
+x
2
+x+ 1);
where each of the factors is an irreducible polynomial. Let!be a root of
1 +x+x
4
. The Galois eld GF(2
4
) is
fa0+a1!+a2!
2
+a3!
3
:ai2Z2and 1 +!+!
4
= 0g:
By Example 3,!is a primitive 15th root of unity. The minimal polynomial
of!ism1(x) = 1 +x+x
4
. It is easy to see that!
2
and!
4
are also roots
ofm1(x). The minimal polynomial of!
3
ism2(x) = 1 +x+x
2
+x
3
+x
4
.
Therefore,
g(x) =m1(x)m2(x) = 1 +x
4
+x
6
+x
7
+x
8
has roots!,!
2
,!
3
,!
4
. Since bothm1(x) andm2(x) dividex
15
1, the BCH
code is a (15;7)-code. Ifx
15
1 =g(x)h(x), thenh(x) = 1 +x
4
+x
6
+x
7
;
therefore, a parity-check matrix for this code is
0
B
B
B
B
B
B
B
B
B
B
@
0 0 0 0 0 0 0 1 1 0 1 0 0 0 1
0 0 0 0 0 0 1 1 0 1 0 0 0 1 0
0 0 0 0 0 1 1 0 1 0 0 0 1 0 0
0 0 0 0 1 1 0 1 0 0 0 1 0 0 0
0 0 0 1 1 0 1 0 0 0 1 0 0 0 0
0 0 1 1 0 1 0 0 0 1 0 0 0 0 0
0 1 1 0 1 0 0 0 1 0 0 0 0 0 0
1 1 0 1 0 0 0 1 0 0 0 0 0 0 0
1
C
C
C
C
C
C
C
C
C
C
A
:

Exercises
1.Calculate each of the following.
(a)[GF(3
6
) : GF(3
3
)]
(c)[GF(625) : GF(25)]
(b)[GF(128) : GF(16)]
(d)[GF(p
12
) : GF(p
2
)]
2.Calculate [GF(p
m
) : GF(p
n
)], wherenjm.
3.What is the lattice of subelds for GF(p
30
)?

EXERCISES 361
4.Letbe a zero ofx
3
+x
2
+ 1 overZ2. Construct a nite eld of order 8.
Show thatx
3
+x
2
+ 1 splits inZ2().
5.Construct a nite eld of order 27.
6.Prove or disprove:Q

is cyclic.
7.Factor each of the following polynomials inZ2[x].
(a)x
5
1
(c)x
9
1
(b)x
6
+x
5
+x
4
+x
3
+x
2
+x+ 1
(d)x
4
+x
3
+x
2
+x+ 1
8.Prove or disprove:Z2[x]=hx
3
+x+ 1i

=Z2[x]=hx
3
+x
2
+ 1i.
9.Determine the number of cyclic codes of lengthnforn= 6, 7, 8, 10.
10.Prove that the idealht+ 1iinRnis the code inZ
n
2consisting of all words of
even parity.
11.Construct all BCH codes of
(a)length 7.
(b)length 15.
12.Prove or disprove: There exists a nite eld that is algebraically closed.
13.Letpbe prime. Prove that the eld of rational functionsZp(x) is an innite
eld of characteristicp.
14.LetDbe an integral domain of characteristicp. Prove that (ab)
p
n
=
a
p
n
b
p
n
for alla; b2D.
15.Show that every element in a nite eld can be written as the sum of two
squares.
16.LetEandFbe subelds of a nite eldK. IfEis isomorphic toF, show
thatE=F.
17.LetFEKbe elds. IfKis separable overF, show thatKis also
separable overE.
18.LetEbe an extension of a nite eldF, whereFhasqelements. Let2E
be algebraic overFof degreen. Prove thatF() hasq
n
elements.
19.Show that every nite extension of a nite eldFis simple; that is, ifEis
a nite extension of a nite eldF, prove that there exists an2Esuch
thatE=F().
20.Show that for everynthere exists an irreducible polynomial of degreen
inZp[x].
21.Prove that theFrobenius map: GF(p
n
)!GF(p
n
) given by:7!
p
is an automorphism of ordern.

362 CHAPTER 20 FINITE FIELDS
22.Show that every element in GF(p
n
) can be written in the forma
p
for some
uniquea2GF(p
n
).
23.LetEandFbe subelds of GF(p
n
). IfjEj=p
r
andjFj=p
s
, what is the
order ofE\F?
24. Wilson's Theorem.Letpbe prime. Prove that (p1)! 1 (modp).
25.Ifg(t) is the minimal generator polynomial for a cyclic codeCinRn, prove
that the constant term ofg(x) is 1.
26.Often it is conceivable that a burst of errors might occur during transmission,
as in the case of a power surge. Such a momentary burst of interference
might alter several consecutive bits in a codeword. Cyclic codes permit the
detection of such error bursts. LetCbe an (n; k)-cyclic code. Prove that
any error burst up tonkdigits can be detected.
27.Prove that the ringsRnandZ
n
2are isomorphic as vector spaces.
28.LetCbe a code inRnthat is generated byg(t). Ifhf(t)iis another code in
Rn, show thathg(t)i hf(t)iif and only iff(x) dividesg(x) inZ2[x].
29.LetC=hg(t)ibe a cyclic code inRnand suppose thatx
n
1 =g(x)h(x),
whereg(x) =g0+g1x+ +gnkx
nk
andh(x) =h0+h1x+ +hkx
k
.
DeneGto be thenkmatrix
G=
0
B
B
B
B
B
B
B
B
B
B
@
g0 0 0
g1 g0 0
.
.
.
.
.
.
.
.
.
.
.
.
gnkgnk1 g0
0 gnk g1
.
.
.
.
.
.
.
.
.
.
.
.
0 0 gnk
1
C
C
C
C
C
C
C
C
C
C
A
andHto be the (nk)nmatrix
H=
0
B
B
@
0 0 0 hk h0
0 0hk h00

hk h00 0 0
1
C
C
A
:
(a)Prove thatGis a generator matrix forC.
(b)Prove thatHis a parity-check matrix forC.
(c)Show thatHG= 0.

EXERCISES 363
Additional Exercises: Error Correction for BCH Codes
BCH codes have very attractive error correction algorithms. LetCbe a BCH code
inRn, and suppose that a code polynomialc(t) =c0+c1t+ +cn1t
n1
is
transmitted. Letw(t) =w0+w1t+ wn1t
n1
be the polynomial inRnthat is
received. If errors have occurred in bitsa1; : : : ; ak, thenw(t) =c(t) +e(t), where
e(t) =t
a1
+t
a2
+ +t
ak
is theerror polynomial. The decoder must determine
the integersaiand then recoverc(t) fromw(t) by ipping theaith bit. Fromw(t)
we can computew(!
i
) =sifori= 1; : : : ;2r, where!is a primitiventh root of
unity overZ2. We say thesyndromeofw(t) iss1; : : : ; s2r.
1.Show thatw(t) is a code polynomial if and only ifsi= 0 for alli.
2.Show that
si=w(!
i
) =e(!
i
) =!
ia1
+!
ia2
+ +!
iak
fori= 1; : : : ;2r. Theerror-locator polynomialis dened to be
s(x) = (x+!
a1
)(x+!
a2
) (x+!
ak
):
3.Recall the (15;7)-block BCH code in Example 7. By Theorem 7.3, this code
is capable of correcting two errors. Suppose that these errors occur in bits
a1anda2. The error-locator polynomial iss(x) = (x+!
a1
)(x+!
a2
). Show
that
s(x) =x
2
+s1x+

s
2
1+
s3
s1

:
4.Letw(t) = 1 +t
2
+t
4
+t
5
+t
7
+t
12
+t
13
. Determine what the originally
transmitted code polynomial was.
References and Suggested Readings
[1]Childs, L.A Concrete Introduction to Higher Algebra. Springer-Verlag, New
York, 1979.
[2]Gading, L. and Tambour, T.Algebra for Computer Science. Springer-Verlag,
New York, 1988.
[3]Lidl, R. and Pilz, G.Applied Abstract Algebra. Springer-Verlag, New York,
1984. An excellent presentation of nite elds and their applications.
[4]Mackiw, G.Applications of Abstract Algebra. Wiley, New York, 1985.
[5]Roman, S.Coding and Information Theory. Springer-Verlag, New York,
1992.
[6]van Lint, J. H.Introduction to Coding Theory. Springer-Verlag, New York,
1982.

21
Galois Theory
A classic problem of algebra has been to nd the solutions of a polynomial
equation. The solution to the quadratic equation was known in antiquity.
Italian mathematicians found general solutions to the general cubic and
quartic equations in the sixteenth century; however, attempts to solve the
general fth-degree, or quintic, polynomial were repulsed for the next three
hundred years. Certainly, equations such asx
5
1 = 0 orx
6
x
3
6 = 0
could be solved, but no solution like the quadratic formula was found for
the general quintic,
ax
5
+bx
4
+cx
3
+dx
2
+ex+f= 0:
Finally, at the beginning of the nineteenth century, Runi and Abel both
found quintics that could not be solved with any formula. It was Galois,
however, who provided the full explanation by showing which polynomials
could and could not be solved by formulas. He discovered the connection
between groups and eld extensions. Galois theory demonstrates the strong
interdependence of group and eld theory, and has had far-reaching impli-
cations beyond its original purpose.
In this chapter we will prove the Fundamental Theorem of Galois Theory.
This result will be used to establish the insolvability of the quintic and to
prove the Fundamental Theorem of Algebra.
21.1 Field Automorphisms
Our rst task is to establish a link between group theory and eld theory
by examining automorphisms of elds.
Proposition 21.1The set of all automorphisms of a eldFis a group
under composition of functions.
364

21.1 FIELD AUTOMORPHISMS 365
Proof.Ifandare automorphisms ofE, then so areand
1
. The
identity is certainly an automorphism; hence, the set of all automorphisms
of a eldFis indeed a group.
Proposition 21.2LetEbe a eld extension ofF. Then the set of all
automorphisms ofEthat xFelementwise is a group; that is, the set of all
automorphisms:E!Esuch that() =for all2Fis a group.
Proof.We need only show that the set of automorphisms ofEthat xF
elementwise is a subgroup of the group of all automorphisms ofE. Let
andbe two automorphisms ofEsuch that() =and() =for all
2F. Then() =() =and
1
() =. Since the identity xes
every element ofE, the set of automorphisms ofEthat leave elements ofF
xed is a subgroup of the entire group of automorphisms ofE.
LetEbe a eld extension ofF. We will denote the full group of auto-
morphisms ofEbyAut(E). We dene theGalois groupofEoverFto
be the group of automorphisms ofEthat xFelementwise; that is,
G(E=F) =f2Aut(E) :() =for all2Fg:
Iff(x) is a polynomial inF[x] andEis the splitting eld off(x) overF,
then we dene the Galois group off(x) to beG(E=F).
Example 1.Complex conjugation, dened by:a+bi7!abi, is an
automorphism of the complex numbers. Since
(a) =(a+ 0i) =a0i=a;
the automorphism dened by complex conjugation must be inG(C=R).
Example 2.Consider the eldsQQ(
p
5 )Q(
p
3;
p
5 ). Then for
a; b2Q(
p
5 ),
(a+b
p
3 ) =ab
p
3
is an automorphism ofQ(
p
3;
p
5 ) leavingQ(
p
5 ) xed. Similarly,
(a+b
p
5 ) =ab
p
5
is an automorphism ofQ(
p
3;
p
5 ) leavingQ(
p
3 ) xed. The automorphism
=moves both
p
3 and
p
5. It will soon be clear thatfid; ; ; gis

366 CHAPTER 21 GALOIS THEORY
the Galois group ofQ(
p
3;
p
5 ) overQ. The following table shows that this
group is isomorphic toZ2Z2.
id
id
id

id

id

id
We may also regard the eldQ(
p3;
p
5 ) as a vector space overQthat
has basisf1;
p
3;
p
5;
p
15g. It is no coincidence thatjG(Q(
p
3;
p
5 )=Q)j=
[Q(
p
3;
p
5 ) :Q)] = 4.
Proposition 21.3LetEbe a eld extension ofFandf(x)be a polynomial
inF[x]. Then any automorphism inG(E=F)denes a permutation of the
roots off(x)that lie inE.
Proof.Let
f(x) =a0+a1x+a2x
2
+ +anx
n
and suppose that2Eis a zero off(x). Then for2G(E=F),
0 =(0)
=(f())
=(a0+a1+a2
2
+ +an
n
)
=a0+a1() +a2[()]
2
+ +an[()]
n
;
therefore,() is also a zero off(x).
LetEbe an algebraic extension of a eldF. Two elements; 2Eare
conjugateoverFif they have the same minimal polynomial. For example,
in the eldQ(
p
2 ) the elements
p
2 and
p
2 are conjugate overQsince
they are both roots of the irreducible polynomialx
2
2.
A converse of the last proposition exists. The proof follows directly from
Lemma 19.18.
Proposition 21.4Ifandare conjugate overF, there exists an isomor-
phism:F()!F()such thatis the identity when restricted toF.
Theorem 21.5Letf(x)be a polynomial inF[x]and suppose thatEis the
splitting eld forf(x)overF. Iff(x)has no repeated roots, then
jG(E=F)j= [E:F]:

21.1 FIELD AUTOMORPHISMS 367
Proof.The proof is similar to the proof of Theorem 19.19. We will use
mathematical induction on the degree off(x). If the degree off(x) is 0 or
1, thenE=Fand there is nothing to show. Assume that the result holds
for all polynomials of degreekwith 0k < n. Letp(x) be an irreducible
factor off(x) of degreer. Since all of the roots ofp(x) are inE, we can
choose one of these roots, say, so thatFF()E. Ifis any other
root ofp(x), thenFF()E. By Lemma 19.18, there exists a unique
isomorphism
:F()!F() for each suchthat xesFelementwise.
SinceEis a splitting eld ofF(), there are exactlyrsuch isomorphisms.
We can factorp(x) inF() asp(x) = (x)p1(x). The degrees ofp1(x)
andq1(x) are both less thanr. Since we know thatEis the splitting eld
ofp1(x) overF(), we can apply the induction hypothesis to conclude that
jG(E=F())j= [E:F()]:
Consequently, there are
[E:F] = [E:F()][F() :F]
possible automorphisms ofEthat xF, orjG(E=F)j= [E:F].
Corollary 21.6LetFbe a nite eld with a nite extensionEsuch that
[E:F] =k. T henG(E=F)is cyclic.
Proof.Letpbe the characteristic ofEandFand assume that the orders
ofEandFarep
m
andp
n
, respectively. Thennk=m. We can also assume
thatEis the splitting eld ofx
p
m
xover a subeld of orderp. Therefore,
Emust also be the splitting eld ofx
p
m
xoverF. Applying Theorem 21.5,
we nd thatjG(E=F)j=k.
To prove thatG(E=F) is cyclic, we must nd a generator forG(E=F).
Let:E!Ebe dened by() =
p
n
. We claim thatis the element
inG(E=F) that we are seeking. We rst need to show thatis inAut(E).
Ifandare inE,
(+) = (+)
p
n
=
p
n
+
p
n
=() +()
by Lemma 20.3. Also, it is easy to show that() =()(). Since
is a nonzero homomorphism of elds, it must be injective. It must also be
onto, sinceEis a nite eld. We know thatmust be inG(E=F), since
Fis the splitting eld ofx
p
n
xover the base eld of orderp. This means
thatleaves every element inFxed. Finally, we must show that the order
ofisk. By Theorem 21.5, we know that
k
() =
p
k
=is the identity

368 CHAPTER 21 GALOIS THEORY
ofG(E=F). However,
r
cannot be the identity for 1r < k; otherwise,
x
p
rk
xwould havep
m
roots, which is impossible.
Example 3.We can now conrm that the Galois group ofQ(
p
3;
p
5 )
overQin Example 2 is indeed isomorphic toZ2Z2. Certainly the group
H=fid; ; ; gis a subgroup ofG(Q(
p
3;
p
5 )=Q); however,Hmust be all
ofG(Q(
p
3;
p
5 )=Q), since
jHj= [Q(
p
3;
p
5 ) :Q] =jG(Q(
p
3;
p
5 )=Q)j= 4:

Example 4.Let us compute the Galois group of
f(x) =x
4
+x
3
+x
2
+x+ 1
overQ. We know thatf(x) is irreducible by Exercise 19 in Chapter 15.
Furthermore, since (x1)f(x) =x
5
1, we can use DeMoivre's Theorem
to determine that the roots off(x) are!
i
, wherei= 1; : : : ;4 and
!= cos(2=5) +isin(2=5):
Hence, the splitting eld off(x) must beQ(!). We can dene automor-
phismsiofQ(!) byi(!) =!
i
fori= 1; : : : ;4. It is easy to check that
these are indeed distinct automorphisms inG(Q(!)=Q). Since
[Q(!) :Q] =jG(Q(!)=Q)j= 4;
thei's must be all ofG(Q(!)=Q). Therefore,G(Q(!)=Q)

=Z4since!is
a generator for the Galois group.
Separable Extensions
Many of the results that we have just proven depend on the fact that a
polynomialf(x) inF[x] has no repeated roots in its splitting eld. It is
evident that we need to know exactly when a polynomial factors into distinct
linear factors in its splitting eld. LetEbe the splitting eld of a polynomial
f(x) inF[x]. Suppose thatf(x) factors overEas
f(x) = (x1)
n1
(x2)
n2
(xr)
nr
=
r
Y
i=1
(xi)
ni
:
We dene themultiplicityof a rootioff(x) to beni. A root with
multiplicity 1 is called asimple root. Recall that a polynomialf(x)2F[x]

21.1 FIELD AUTOMORPHISMS 369
of degreenisseparableif it hasndistinct roots in its splitting eldE.
Equivalently,f(x) is separable if it factors into distinct linear factors over
E[x]. An extensionEofFis aseparable extensionofFif every element
inEis the root of a separable polynomial inF[x]. Also recall thatf(x) is
separable if and only if gcd(f(x); f
0
(x)) = 1 (Lemma 20.4).
Proposition 21.7Letf(x)be an irreducible polynomial overF[x]. If the
characteristic ofFis0, thenf(x)is separable. If the characteristic ofFis
pandf(x)6=g(x
p
)for someg(x)inF[x], thenf(x)is also separable.
Proof.First assume that charF= 0. Since degf
0
(x)<degf(x) and
f(x) is irreducible, the only way gcd(f(x); f
0
(x))6= 1 is iff
0
(x) is the zero
polynomial; however, this is impossible in a eld of characteristic zero. If
charF=p, thenf
0
(x) can be the zero polynomial if every coecient off(x)
is a multiple ofp. This can happen only if we have a polynomial of the form
f(x) =a0+a1x
p
+a2x
2p
+ +anx
np
.
Certainly extensions of a eldFof the formF() are some of the easiest
to study and understand. Given a eld extensionEofF, the obvious
question to ask is when it is possible to nd an element2Esuch that
E=F(). In this case,is called aprimitive element. We already know
that primitive elements exist for certain extensions. For example,
Q(
p
3;
p
5 ) =Q(
p
3 +
p
5 )
and
Q(
3
p
5;
p
5i) =Q(
6
p
5i):
Corollary 20.9 tells us that there exists a primitive element for any nite
extension of a nite eld. The next theorem tells us that we can often nd
a primitive element.
Theorem 21.8 (Primitive Element Theorem) LetEbe a nite sepa-
rable extension of a eldF. Then there exists an2Esuch thatE=F().
Proof.We already know that there is no problem ifFis a nite eld.
Suppose thatEis a nite extension of an innite eld. We will prove the
result forF(; ). The general case easily follows when we use mathemat-
ical induction. Letf(x) andg(x) be the minimal polynomials ofand,
respectively. LetKbe the eld in which bothf(x) andg(x) split. Suppose
thatf(x) has zeros=1; : : : ; ninKandg(x) has zeros=1; : : : ; m

370 CHAPTER 21 GALOIS THEORY
inK. All of these zeros have multiplicity 1, sinceEis separable overF.
SinceFis innite, we can nd anainFsuch that
a6=
i
j
for alliandjwithj6= 1. Therefore,a(j)6=i. Let=+a.
Then
=+a6=i+aj;
hence,aj6=ifor alli; jwithj6= 1. Deneh(x)2F()[x] by
h(x) =f(ax). Thenh() =f() = 0. However,h(j)6= 0 forj6= 1.
Hence,h(x) andg(x) have a single common factor inF()[x]; that is, the
irreducible polynomial ofoverF() must be linear, sinceis the only
zero common to bothg(x) andh(x). So2F() and=ais in
F(). Hence,F(; ) =F().
21.2 The Fundamental Theorem
The goal of this section is to prove the Fundamental Theorem of Galois
Theory. This theorem explains the connection between the subgroups of
G(E=F) and the intermediate elds betweenEandF.
Proposition 21.9Letfi:i2Igbe a collection of automorphisms of a
eldF. Then
F
fig=fa2F:i(a) =afor allig
is a subeld ofF.
Proof.Leti(a) =aandi(b) =b. Then
i(ab) =i(a)i(b) =ab
and
i(ab) =i(a)i(b) =ab:
Ifa6= 0, theni(a
1
) = [i(a)]
1
=a
1
. Finally,i(0) = 0 andi(1) = 1
sinceiis an automorphism.
Corollary 21.10LetFbe a eld and letGbe a subgroup ofAut(F). Then
FG=f2F:() =for all2Gg
is a subeld ofF.

21.2 THE FUNDAMENTAL THEOREM 371
The subeldF
figofFis called thexed eldoffig. The eld xed
for a subgroupGofAut(F) will be denoted byFG.
Example 5.Let:Q(
p
3;
p
5 )!Q(
p
3;
p
5 ) be the automorphism that
maps
p
3 to
p
3. ThenQ(
p
5 ) is the subeld ofQ(
p
3;
p
5 ) left xed by
.
Proposition 21.11LetEbe a splitting eld overFof a separable polyno-
mial. ThenE
G(E=F)=F.
Proof.LetG=G(E=F). Clearly,FEGE. Also,Emust be a
splitting eld ofEGandG(E=F) =G(E=EG). By Theorem 21.5,
jGj= [E:EG] = [E:F]:
Therefore, [EG:F] = 1. Consequently,EG=F.
A large number of mathematicians rst learned Galois theory from Emil
Artin's monograph on the subject [1]. The very clever proof of the following
lemma is due to Artin.
Lemma 21.12LetGbe a nite group of automorphisms ofEand letF=
EG. Then[E:F] jGj.
Proof.LetjGj=n. We must show that any set ofn+ 1 elements
1; : : : ; n+1inEis linearly dependent overF; that is, we need to nd
elementsai2F, not all zero, such that
a11+a22+ +an+1n+1= 0:
Suppose that1=id; 2; : : : ; nare the automorphisms inG. The homo-
geneous system of linear equations
1(1)x1+1(2)x2+ +1(n+1)xn+1= 0
2(1)x1+2(2)x2+ +2(n+1)xn+1= 0
.
.
.
n(1)x1+n(2)x2+ +n(n+1)xn+1= 0
has more equations than unknowns. From linear algebra we know that this
system has a nontrivial solution, sayxi=aifori= 1;2; : : : ; n+ 1. Since1
is the identity, the rst equation translates to
a11+a22+ +an+1n+1= 0:

372 CHAPTER 21 GALOIS THEORY
The problem is that some of theai's may be inEbut not inF. We must
show that this is impossible.
Suppose that at least one of theai's is inEbut not inF. By rearranging
thei's we may assume thata1is nonzero. Since any nonzero multiple of a
solution is also a solution, we can also assume thata1= 1. Of all possible
solutions tting this description, we choose the one with the smallest number
of nonzero terms. Again, by rearranging2; : : : ; n+1if necessary, we can
assume thata2is inEbut not inF. SinceFis the subeld ofEthat is xed
elementwise byG, there exists aiinGsuch thati(a2)6=a2. Applying
ito each equation in the system, we end up with the same homogeneous
system, sinceGis a group. Therefore,x1=i(a1) = 1,x2=i(a2),: : :,
xn+1=i(an+1) is also a solution of the original system. We know that
a linear combination of two solutions of a homogeneous system is also a
solution; consequently,
x1= 11 = 0
x2=a2i(a2)
.
.
.
xn+1=an+1i(an+1)
must be another solution of the system. This is a nontrivial solution because
i(a2)6=a2, and has fewer nonzero entries than our original solution. This
is a contradiction, since the number of nonzero solutions to our original
solution was assumed to be minimal. We can therefore conclude thata1=
=an+1= 0.
LetEbe an algebraic extension ofF. If every irreducible polynomial in
F[x] with a root inEhas all of its roots inE, thenEis called anormal
extensionofF; that is, every irreducible polynomial inF[x] containing a
root inEis the product of linear factors inE[x].
Theorem 21.13LetEbe a eld extension ofF. Then the following state-
ments are equivalent.
1.Eis a nite, normal, separable extension ofF.
2.Eis a splitting eld overFof a separable polynomial.
3.F=EGfor some nite group of automorphisms ofE.
Proof.(1))(2). LetEbe a nite, normal, separable extension ofF. By
the Primitive Element Theorem, we can nd aninEsuch thatE=F().

21.2 THE FUNDAMENTAL THEOREM 373
Letf(x) be the minimal polynomial ofoverF. The eldEmust contain
all of the roots off(x) since it is a normal extensionF; hence,Eis a splitting
eld forf(x).
(2))(3). LetEbe the splitting eld overFof a separable polynomial.
By Proposition 21.11,E
G(E=F)=F. SincejG(E=F)j= [E:F], this is a
nite group.
(3))(1). LetF=EGfor some nite group of automorphismsGofE.
Since [E:F] jGj,Eis a nite extension ofF. To show thatEis a nite,
normal extension ofF, letf(x)2F[x] be an irreducible monic polynomial
that has a rootinE. We must show thatf(x) is the product of distinct
linear factors inE[x]. By Proposition 21.3, automorphisms inGpermute
the roots off(x) lying inE. Hence, if we letGact on, we can obtain
distinct roots1=; 2; : : : ; ninE. Letg(x) =
Q
n
i=1
(xi). Theng(x)
is separable overFandg() = 0. Any automorphisminGpermutes the
factors ofg(x) since it permutes these roots; hence, whenacts ong(x), it
must x the coecients ofg(x). Therefore, the coecients ofg(x) must be
inF. Since degg(x)degf(x) andf(x) is the minimal polynomial of,
f(x) =g(x).
Corollary 21.14LetKbe a eld extension ofFsuch thatF=KGfor
some nite group of automorphismsGofK. ThenG=G(K=F).
Proof.SinceF=KG,Gis a subgroup ofG(K=F). Hence,
[K:F] jGj jG(K=F)j= [K:F]:
It follows thatG=G(K=F), since they must have the same order.
Before we determine the exact correspondence between eld extensions
and automorphisms of elds, let us return to a familiar example.
Example 6.In Example 2 we examined the automorphisms ofQ(
p
3;
p
5 )
xingQ. Figure 21.1 compares the lattice of eld extensions ofQwith the
lattice of subgroups ofG(Q(
p
3;
p
5 )=Q). The Fundamental Theorem of
Galois Theory tells us what the relationship is between the two lattices.
We are now ready to state and prove the Fundamental Theorem of Galois
Theory.
Theorem 21.15 (Fundamental Theorem of Galois Theory) LetFbe
a nite eld or a eld of characteristic zero. IfEis a nite normal extension
ofFwith Galois groupG(E=F), then the following statements are true.

374 CHAPTER 21 GALOIS THEORY
fid; ; ; g
fid; g fid; g fid; g
fidg

@
@
@ @
@
@

Q(
p
3;
p
5 )
Q(
p
3 )Q(
p
5 )Q(
p
15 )
Q

@
@
@ @
@
@

Figure 21.1.G(Q(
p
3;
p
5 )=Q)
1.The mapK7!G(E=K)is a bijection of subeldsKofEcontaining
Fwith the subgroups ofG(E=F).
2.IfFKE, then
[E:K] =jG(E=K)jand[K:F] = [G(E=F) :G(E=K)]:
3.FKLEif and only iffidg G(E=L)G(E=K)G(E=F).
4.Kis a normal extension ofFif and only ifG(E=K)is a normal
subgroup ofG(E=F). In this case
G(K=F)

=G(E=F)=G(E=K):
Proof.(1) Suppose thatG(E=K) =G(E=L) =G. BothKandLare
xed elds ofG; hence,K=Land the map dened byK7!G(E=K) is
one-to-one. To show that the map is onto, letGbe a subgroup ofG(E=F)
andKbe the eld xed byG. ThenFKE; consequently,Eis a
normal extension ofK. Thus,G(E=K) =Gand the mapK7!G(E=K) is
a bijection.
(2) By Proposition 21.5,jG(E=K)j= [E:K]; therefore,
jG(E=F)j= [G(E=F) :G(E=K)] jG(E=K)j= [E:F] = [E:K][K:F]:
Thus, [K:F] = [G(E=F) :G(E=K)].
(3) Statement (3) is illustrated in Figure 21.2. We leave the proof of this
property as an exercise.
(4) This part takes a little more work. LetKbe a normal extension of
F. Ifis inG(E=F) andis inG(E=K), we need to show that
1

21.2 THE FUNDAMENTAL THEOREM 375
E
L
K
F
G(E=F)
G(E=K)
G(E=L)
fidg
----
Figure 21.2.Subgroups ofG(E=F) and subelds ofE
is inG(E=K); that is, we need to show that
1
() =for all2K.
Suppose thatf(x) is the minimal polynomial ofoverF. Then() is
also a root off(x) lying inK, sinceKis a normal extension ofF. Hence,
(()) =() or
1
() =.
Conversely, letG(E=K) be a normal subgroup ofG(E=F). We need to
show thatF=K
G(K=F). Let2G(E=K). For all2G(E=F) there exists
a
2G(E=K) such that=. Consequently, for all2K
(()) =(
()) =();
hence,() must be in the xed eld ofG(E=K). Let
be the restriction
oftoK. Then
is an automorphism ofKxingF, since()2Kfor
all2K; hence,
2G(K=F). Next, we will show that the xed eld of
G(K=F) isF. Letbe an element inKthat is xed by all automorphisms
inG(K=F). In particular,
() =for all2G(E=F). Therefore,
belongs to the xed eldFofG(E=F).
Finally, we must show that whenKis a normal extension ofF,
G(K=F)

=G(E=F)=G(E=K):
For2G(E=F), letKbe the automorphism ofKobtained by restrict-
ingtoK. SinceKis a normal extension, the argument in the preced-
ing paragraph shows thatK2G(K=F). Consequently, we have a map
:G(E=F)!G(K=F) dened by7!K. This map is a group homomor-
phism since
() = ()K=KK=()():

376 CHAPTER 21 GALOIS THEORY
The kernel ofisG(E=K). By (2),
jG(E=F)j=jG(E=K)j= [K:F] =jG(K=F)j:
Hence, the image ofisG(K=F) andis onto. Applying the First Isomor-
phism Theorem, we have
G(K=F)

=G(E=F)=G(E=K):

Example 7.In this example we will illustrate the Fundamental Theorem of
Galois Theory by determining the lattice of subgroups of the Galois group of
f(x) =x
4
2. We will compare this lattice to the lattice of eld extensions
ofQthat are contained in the splitting eld ofx
4
2. The splitting eld of
f(x) isQ(
4
p
2; i). To see this, notice thatf(x) factors as (x
2
+
p
2 )(x
2

p
2 );
hence, the roots off(x) are
4
p
2 and
4
p
2i. We rst adjoin the root
4
p
2
toQand then adjoin the rootiofx
2
+ 1 toQ(
4
p
2 ). The splitting eld of
f(x) is thenQ(
4
p
2 )(i) =Q(
4
p
2; i).
Since [Q(
4
p
2 ) :Q] = 4 andiis not inQ(
4
p
2 ), it must be the case that
[Q(
4
p
2; i) :Q(
4
p
2 )] = 2. Hence, [Q(
4
p
2; i) :Q] = 8. The set
f1;
4
p
2;(
4
p
2 )
2
;(
4
p
2 )
3
; i; i
4
p
2; i(
4
p
2 )
2
; i(
4
p
2 )
3
g
is a basis ofQ(
4
p
2; i) overQ. The lattice of eld extensions ofQcontained
inQ(
4
p
2; i) is illustrated in Figure 21.3(a).
The Galois groupGoff(x) must be of order 8. Letbe the automor-
phism dened by(
4
p
2 ) =
4
p
2 and(i) =i, andbe the automorphism
dened by complex conjugation; that is,(i) =i. ThenGhas an ele-
ment of order 4 and an element of order 2. It is easy to verify by direct
computation that the elements ofGarefid; ;
2
;
3
; ; ;
2
;
3
gand
that the relations
2
=id,
4
=id, and=
1
are satised; hence,G
must be isomorphic toD4. The lattice of subgroups ofGis illustrated in
Figure 21.3(b).
Historical Note
Solutions for the cubic and quartic equations were discovered in the 1500s. At-
tempts to nd solutions for the quintic equations puzzled some of history's best
mathematicians. In 1798, P. Runi submitted a paper that claimed no such so-
lution could be found; however, the paper was not well received. In 1826, Niels
Henrik Abel (1802{1829) nally oered the rst correct proof that quintics are not
always solvable by radicals.

21.2 THE FUNDAMENTAL THEOREM 377
Q
Q(i)Q(
p
2 ) Q(
p
2i)
Q(
p
2; i)Q(
4
p
2 )Q(
4
p
2i) Q((1 +i)
4
p
2 )Q((1i)
4
p
2 )
Q(
4
p
2 )
H
H
HH

H
H
HH

H
H
HH

H
H
HH

P
P
P
P
P
P
(a)
fidg
fid;
2
g f id; gfid;
2
g
fid; ;
2
;
3
g
fid; g
fid;
2
; ;
2
g f id;
2
; ;
3
g
fid;
3
g
D4
H
H
HH

H
H
HH

H
H
HH

H
H
HH
P
P
P
P
P
P

(b)
Figure 21.3.Galois group ofx
4
2
Abel inspired the work of

Evariste Galois. Born in 1811, Galois began to display
extraordinary mathematical talent at the age of 14. He applied for entrance to the

Ecole Polytechnique several times; however, he had great diculty meeting the for-
mal entrance requirements, and the examiners failed to recognize his mathematical
genius. He was nally accepted at the

Ecole Normale in 1829.
Galois worked to develop a theory of solvability for polynomials. In 1829, at
the age of 17, Galois presented two papers on the solution of algebraic equations
to the Academie des Sciences de Paris. These papers were sent to Cauchy, who
subsequently lost them. A third paper was submitted to Fourier, who died before
he could read the paper. Another paper was presented, but was not published
until 1846.
Galois's democratic sympathies led him into the Revolution of 1830. He was
expelled from school and sent to prison for his part in the turmoil. After his release
in 1832, he was drawn into a duel over a love aair. Certain that he would be
killed, he spent the evening before his death outlining his work and his basic ideas

378 CHAPTER 21 GALOIS THEORY
for research in a long letter to his friend Chevalier. He was indeed dead the next
day, at the age of 21.
21.3 Applications
Solvability by Radicals
Throughout this section we shall assume that all elds have characteristic
zero to ensure that irreducible polynomials do not have multiple roots. The
immediate goal of this section is to determine when the roots of a polynomial
f(x) can be computed in a nite number of operations on the coecients
off(x). The allowable operations are addition, subtraction, multiplication,
division, and the extraction ofnth roots. Certainly the solution to the
quadratic equation,ax
2
+bx+c= 0, illustrates this process:
x=
b
p
b
2
4ac2a
:
The only one of these operations that might demand a larger eld is the
taking ofnth roots. We are led to the following denition.
An extension eldEof a eldFis anextension by radicalsif there
are elements1; : : : ; r2Kand positive integersn1; : : : ; nrsuch that
E=F(1; : : : ; r);
where
n1
1
2Fand

ni
i
2F(1; : : : ; i1)
fori= 2; : : : ; r. A polynomialf(x) issolvable by radicalsoverFif the
splitting eldKoff(x) overFis contained in an extension ofFby radicals.
Our goal is to arrive at criteria that will tell us whether or not a polynomial
f(x) is solvable by radicals by examining the Galois groupf(x).
The easiest polynomial to solve by radicals is one of the formx
n
a. As
we discussed in Chapter 3, the roots ofx
n
1 are called thenth roots of
unity. These roots are a nite subgroup of the splitting eld ofx
n
1. By
Theorem 20.7, thenth roots of unity form a cyclic group. Any generator of
this group is called aprimitive nth root of unity.
Example 8.The polynomialx
n
1 is solvable by radicals overQ. The
roots of this polynomial are 1; !; !
2
; : : : ; !
n1
, where
!= cos

2
n

+isin

2
n

:

21.3 APPLICATIONS 379
The splitting eld ofx
n
1 overQisQ(!).
Recall that a subnormal series of a groupGis a nite sequence of sub-
groups
G=HnHn1 H1H0=feg;
whereHiis normal inHi+1. A subnormal series is a composition series
if all the factor groups are simple; that is, if none of the factor groups
of the series contains a normal subgroup. A groupGis solvable if it has
a composition seriesfHigsuch that all of the factor groupsHi+1=Hiare
abelian. For example, if we examine the seriesfidg A3S3, we see that
A3is solvable. On the other hand,S5is not solvable, by Theorem 9.8.
Lemma 21.16LetFbe a eld of characteristic zero andEbe the splitting
eld ofx
n
aoverFwitha2F. ThenG(E=F)is a solvable group.
Proof.First suppose thatFcontains all of itsnth roots of unity. The roots
ofx
n
aare
n
p
a; !
n
p
a; : : : ; !
n1n
p
a, where!is a primitiventh root of unity.
Ifis one of these roots, then distinct roots ofx
n
1 are; !; : : : ; !
n1
,
andE=F(). SinceG(E=F) permutes the rootsx
n
1, the elements in
G(E=F) must be determined by their action on these roots. Letandbe
inG(E=F) and suppose that() =!
i
and() =!
j
. IfFcontains the
roots of unity, then
() =(!
j
) =!
j
() =!
ij
=!
i
() =(!
i
) =():
Therefore,=andG(E=F) is abelian, andG(E=F) is solvable.
Suppose thatFdoes not contain a primitiventh root of unity. Let!be
a generator of the cyclic group of thenth roots of unity. Letbe a zero of
x
n
a. Sinceand!are both in the splitting eld ofx
n
a,!= (!)=
is also inE. LetK=F(!). ThenFKE. SinceKis the splitting
eld ofx
n
1,Kis a normal extension ofF. Any automorphismin
G(F(!)=F) is determined by(!). It must be the case that(!) =!
i
for
some integerisince all of the zeros ofx
n
1 are powers of!. If(!) =!
j
is inG(F(!)=F), then
(!) =(!
j
) = [(!)]
j
=!
ij
= [(!)]
i
=(!
i
) =(!):
Therefore,G(F(!)=F) is abelian. By the Fundamental Theorem of Galois
Theory the series
fidg G(E=F(!))G(E=F)

380 CHAPTER 21 GALOIS THEORY
is a normal series. SinceG(E=F(!)) and
G(E=F)=G(E=F(!))

=G(F(!)=F)
are both abelian,G(E=F) is solvable.
Lemma 21.17LetFbe a eld of characteristic zero and letEbe a radical
extension ofF. Then there exists a normal radical extensionKofFthat
containsE.
Proof.SinceEis a radical extension ofF, there exist elements1; : : : ; r2
Kand positive integersn1; : : : ; nrsuch that
E=F(1; : : : ; r);
where
n1
1
2Fand

ni
i
2F(1; : : : ; i1)
fori= 2; : : : ; r. Letf(x) =f1(x) fr(x), wherefiis the minimal poly-
nomial ofioverF, and letKbe the splitting eld ofKoverF. Every
root off(x) inKis of the form(i), where2G(K=F). Therefore, for
any2G(K=F), we have [(1)]
n1
2Fand [(i)]
ni
2F(1; : : : ; i1) for
i= 2; : : : ; r. Hence, ifG(K=F) =f1=id; 2; : : : ; kg, thenK=F(1(j))
is a radical extension ofF.
We will now prove the main theorem about solvability by radicals.
Theorem 21.18Letf(x)be inF[x], wherecharF= 0. Iff(x)is solvable
by radicals, then the Galois group off(x)overFis solvable.
Proof.LetKbe a splitting eld off(x) overF. Sincef(x) is solvable,
there exists an extensionEof radicalsF=F0F1 Fn=E. SinceFi
is normal overFi1, we know by Lemma 21.17 thatEis a normal extension
of eachFi. By the Fundamental Theorem of Galois Theory,G(E=Fi) is a
normal subgroup ofG(E=Fi1). Therefore, we have a subnormal series of
subgroups ofG(E=F):
fidg G(E=Fn1) G(E=F1)G(E=F):
Again by the Fundamental Theorem of Galois Theory, we know that
G(E=Fi1)=G(E=Fi)

=G(Fi=Fi1):
By Lemma 21.16,G(Fi=Fi1) is solvable; hence,G(E=F) is also solvable.

The converse of Theorem 21.18 is also true. For a proof, see any of the
references at the end of this chapter.

21.3 APPLICATIONS 381-3 -2 -1 1 2 3
-150
-100
-50
50
100
150
Figure 21.4.The graph off(x) =x
5
6x
3
27x3
Insolvability of the Quintic
We are now in a position to nd a fth-degree polynomial that is not solvable
by radicals. We merely need to nd a polynomial whose Galois group isS5.
We begin by proving a lemma.
Lemma 21.19Any subgroup ofSnthat contains a transposition and a cycle
of lengthnmust be all ofSn.
Proof.LetGbe a subgroup ofSnthat contains a transpositionand
a cycleof lengthn. We may assume that= (12) and= (12: : : n).
Since (12)(1: : : n) = (2: : : n) and (2: : : n)
k
(1;2)(2: : : n)
k
= (1k), we can
obtain all the transpositions of the form (1; n+ 1k). However, these
transpositions generate all transpositions inSn, since (1j)(1i)(1j) = (ij).
The transpositions generateSn.
Example 9.We will show thatf(x) =x
5
6x
3
27x32Q[x] is
not solvable. We claim that the Galois group off(x) overQisS5. By
Eisenstein's Criterion,f(x) is irreducible and, therefore, must be separable.
The derivative off(x) isf
0
(x) = 5x
4
18x
2
27; hence, settingf
0
(x) = 0
and solving, we nd that the only real roots off
0
(x) are
x=
s
6
p
6 + 95
:
Therefore,f(x) can have at most one maximum and one minimum. It is
easy to show thatf(x) changes sign between3 and2, between2 and 0,

382 CHAPTER 21 GALOIS THEORY
and once again between 0 and 4 (Figure 21.4). Therefore,f(x) has exactly
three distinct real roots. The remaining two roots off(x) must be complex
conjugates. LetKbe the splitting eld off(x). Sincef(x) has ve distinct
roots inKand every automorphism ofKxingQis determined by the
way it permutes the roots off(x), we know thatG(K=Q) is a subgroup of
S5. Sincefis irreducible, there is an element in2G(K=Q) such that
(a) =bfor two rootsaandboff(x). The automorphism ofCthat takes
a+bi7!abileaves the real roots xed and interchanges the complex
roots; consequently,G(K=Q)S5. By Lemma 21.19,S5is generated by
a transposition and an element of order 5; therefore,G(K=F) must be all
ofS5. By Theorem 9.8,S5is not solvable. Consequently,f(x) cannot be
solved by radicals.
The Fundamental Theorem of Algebra
It seems tting that the last theorem that we will state and prove is the
Fundamental Theorem of Algebra. This theorem was rst proven by Gauss
in his doctoral thesis. Prior to Gauss's proof, mathematicians suspected
that there might exist polynomials over the real and complex numbers hav-
ing no solutions. The Fundamental Theorem of Algebra states that every
polynomial over the complex numbers factors into distinct linear factors.
Theorem 21.20 (Fundamental Theorem of Algebra) The eld of com-
plex numbers is algebraically closed; that is, every polynomial inC[x]has a
root inC.
For our proof we shall assume two facts from calculus. We need the
results that every polynomial of odd degree overRhas a real root and that
every positive real number has a square root.
Proof.Suppose thatEis a proper nite eld extension of the complex
numbers. Since any nite extension of a eld of characteristic zero is a
simple extension, there exists an2Esuch thatE=C() withthe root
of an irreducible polynomialf(x) inC[x]. The splitting eldLoff(x) is a
nite normal separable extension ofCthat containsE. We must show that
it is impossible forLto be a proper extension ofC.
Suppose thatLis a proper extension ofC. SinceLis the splitting eld
off(x)(x
2
+ 1) overR,Lis a nite normal separable extension ofR. Let
Kbe the xed eld of a Sylow 2-subgroupGofG(L=R). ThenLKR
andjG(L=K)j= [L:K]. Since [L:R] = [L:K][K:R], we know that

EXERCISES 383
[K:R] must be odd. Consequently,K=R() withhaving a minimal
polynomialf(x) of odd degree. Therefore,K=R.
We now know thatG(L=R) must be a 2-group. It follows thatG(L=C)
is a 2-group. We have assumed thatL6=C; therefore,jG(L=C)j 2. By the
rst Sylow Theorem and the Fundamental Theorem of Galois Theory, there
exists a subgroupGofG(L=C) of index 2 and a eldExed elementwise
byG. Then [E:C] = 2 and there exists an element2Ewith minimal
polynomialx
2
+bx+cinC[x]. This polynomial has roots (b
p
b
2
4c)=2
that are inC, sinceb
2
4cis inC. This is impossible; hence,L=C.
Although our proof was strictly algebraic, we were forced to rely on
results from calculus. It is necessary to assume the completeness axiom
from analysis to show that every polynomial of odd degree has a real root
and that every positive real number has a square root. It seems that there
is no possible way to avoid this diculty and formulate a purely algebraic
argument. It is somewhat amazing that there are several elegant proofs of
the Fundamental Theorem of Algebra that use complex analysis. It is also
interesting to note that we can obtain a proof of such an important theorem
from two very dierent elds of mathematics.
Exercises
1.Compute each of the following Galois groups. Which of these eld extensions
are normal eld extensions? If the extension is not normal, nd a normal
extension ofQin which the extension eld is contained.
(a)G(Q(
p
30 )=Q)
(c)G(Q(
p
2;
p
3;
p
5 )=Q)
(e)G(Q(
p
6; i)=Q)
(b)G(Q(
4
p
5 )=Q)
(d)G(Q(
p
2;
3
p
2; i)=Q)
2.Determine the separability of each of the following polynomials.
(a)x
3
+ 2x
2
x2 overQ
(c)x
4
+x
2
+ 1 overZ3
(b)x
4
+ 2x
2
+ 1 overQ
(d)x
3
+x
2
+ 1 overZ2
3.Give the order and describe a generator of the Galois group of GF(729)
over GF(9).
4.Determine the Galois groups of each of the following polynomials inQ[x];
hence, determine the solvability by radicals of each of the polynomials.

384 CHAPTER 21 GALOIS THEORY
(a)x
5
12x
2
+ 2
(c)x
3
5
(e)x
5
+ 1
(g)x
8
1
(i)x
4
3x
2
10
(b)x
5
4x
4
+ 2x+ 2
(d)x
4
x
2
6
(f)(x
2
2)(x
2
+ 2)
(h)x
8
+ 1
5.Find a primitive element in the splitting eld of each of the following poly-
nomials inQ[x].
(a)x
4
1
(c)x
4
2x
2
15
(b)x
4
8x
2
+ 15
(d)x
3
2
6.Prove that the Galois group of an irreducible quadratic polynomial is iso-
morphic toZ2.
7.Prove that the Galois group of an irreducible cubic polynomial is isomorphic
toS3orZ3.
8.LetFKEbe elds. If E is a normal extension ofF, show thatEmust
also be a normal extension ofK.
9.LetGbe the Galois group of a polynomial of degreen. Prove thatjGj
dividesn!.
10.LetFE. Iff(x) is solvable overF, show thatf(x) is also solvable over
E.
11.Construct a polynomialf(x) inQ[x] of degree 7 that is not solvable by
radicals.
12.Letpbe prime. Prove that there exists a polynomialf(x)2Q[x] of degree
pwith Galois group isomorphic toSp. Conclude that for each primepwith
p5 there exists a polynomial of degreepthat is not solvable by radicals.
13.Letpbe a prime andZp(t) be the eld of rational functions overZp. Prove
thatf(x) =x
p
tis an irreducible polynomial inZp(t)[x]. Show thatf(x)
is not separable.
14.LetEbe an extension eld ofF. Suppose thatKandLare two intermediate
elds. If there exists an element2G(E=F) such that(K) =L, thenK
andLare said to beconjugate elds. Prove thatKandLare conjugate
if and only ifG(E=K) andG(E=L) are conjugate subgroups ofG(E=F).
15.Let2Aut(R). Ifais a positive real number, show that(a)>0.
16.LetKbe the splitting eld ofx
3
+x
2
+ 12Z2[x]. Prove or disprove thatK
is an extension by radicals.
17.LetFbe a eld such that charF6= 2. Prove that the splitting eld of
f(x) =ax
2
+bx+cisF(
p
), where=b
2
4ac.

EXERCISES 385
18.Prove or disprove: Two dierent subgroups of a Galois group will have dif-
ferent xed elds.
19.LetKbe the splitting eld of a polynomial overF. IfEis a eld extension
ofFcontained inKand [E:F] = 2, thenEis the splitting eld of some
polynomial inF[x].
20.We know that the cyclotomic polynomial
p(x) =
x
p
1
x1
=x
p1
+x
p2
+ +x+ 1
is irreducible overQfor every primep. Let!be a zero of p(x), and consider
the eldQ(!).
(a)Show that!; !
2
; : : : ; !
p1
are distinct zeros of p(x), and conclude that
they are all the zeros of p(x).
(b)Show thatG(Q(!)=Q) is abelian of orderp1.
(c)Show that the xed eld ofG(Q(!)=Q) isQ.
21.LetFbe a nite eld or a eld of characteristic zero. LetEbe a nite normal
extension ofFwith Galois groupG(E=F). Prove thatFKLEif
and only iffidg G(E=L)G(E=K)G(E=F).
22.LetFbe a eld of characteristic zero and letf(x)2F[x] be a separable
polynomial of degreen. IfEis the splitting eld off(x), let1; : : : ; nbe the
roots off(x) inE. Let =
Q
i6=j
(ij). We dene thediscriminant
off(x) to be
2
.
(a)Iff(x) =ax
2
+bx+c, show that
2
=b
2
4ac.
(b)Iff(x) =x
3
+px+q, show that
2
=4p
3
27q
2
.
(c)Prove that
2
is inF.
(d)If2G(E=F) is a transposition of two roots off(x), show that
() =.
(e)If2G(E=F) is an even permutation of the roots off(x), show that
() = .
(f)Prove thatG(E=F) is isomorphic to a subgroup ofAnif and only if
2F.
(g)Determine the Galois groups ofx
3
+ 2x4 andx
3
+x3.
References and Suggested Readings
[1]Artin, E.Galois Theory. 2nd ed. University of Notre Dame, Notre Dame,
IN, 1944.
[2]Edwards, H. M.Galois Theory. Springer-Verlag, New York, 1984.

386 CHAPTER 21 GALOIS THEORY
[3]Fraleigh, J. B.A First Course in Abstract Algebra, 4th ed. Addison-Wesley,
Reading, MA, 1989.
[4]Gaal, L.Classical Galois Theory with Examples. 2nd ed. Chelsea, New York,
1973.
[5]Garling, D. J. H.A Course in Galois Theory. Cambridge University Press,
Cambridge, 1986.
[6]Kaplansky, I.Fields and Rings. 2nd ed. University of Chicago Press, Chicago,
1972.
[7]Rothman, T. \The Short Life of

Evariste Galois,"Scientic American, April
1982, 136{49.

Notation
The following table denes the notation used in this book. Page numbers
refer to the rst appearance of each symbol.
Symbol Description Page
a2A a is in the setA 4
N the natural numbers 5
Z the integers 22
Q the rational numbers 5
R the real numbers 5
C the complex numbers 5
AB A is a subset ofB 5
; the empty set 5
A[B union of setsAandB 5
A\B intersection of setsAandB 5
A
0
complement of the setA 6
AnB dierence between setsAandB 6
AB Cartesian product of setsAandB 8
A
n
A A(ntimes) 8
id identity mapping 12
f
1
inverse of the functionf 13
ab(modn) ais congruent tobmodulon 17
n! nfactorial 24

n
k

binomial coecientn!=(k!(nk)!) 24
mjn m dividesn 27
gcd(m; n) greatest common divisor of mandn 27
Symbol Description Page
387

388 NOTATION
P(X) power set of X 32
Zn the integers modulon 36
lcm(m; n) least common multiple of mandn 33
U(n) group of units in Zn 42
Mn(R) the nnmatrices with entries inR 42
detA determinant ofA 43
GLn(R) general linear group 43
Q8 the group of quaternions 43
C

the multiplicative group of complex numbers 43
jGj order of a groupG 44
R

the multiplicative group of real numbers 47
Q

the multiplicative group of rational numbers 47
SLn(R) special linear group 47
Z(G) center of a group G 52
hai cyclic subgroup generated bya 56
jaj order of an elementa 57
cis cos+isin 62
T the circle group 63
Sn symmetric group onnletters 73
(a1; a2; : : : ; ak) cycle of length k 74
An alternating group onnletters 79
Dn dihedral group 81
[G:H] index of a subgroup Hin a groupG 91
LH set of left cosets ofHin a groupG 91
RH set of right cosets ofHin a groupG 91
d(x;y) Hamming distance between xandy 114
dmin minimum distance of a code 114
w(x) weight of x 114
Mmn(Z2) set of mbynmatrices with entries inZ2 120
Null(H) null space of a matrix H 120
ij Kronecker delta 125
G

=H G is isomorphic toH 138
Aut(G) automorphism group of G 150
ig ig(x) =gxg
1
151
Inn(G) inner automorphism group of G 151
g right regular representation 151

NOTATION 389
Symbol Description Page
G=N factor group ofGmodN 153
ker kernel of 157
G
0
commutator subgroup ofG 168
(aij) matrix 171
O(n) orthogonal group 174
kxk length of a vectorx 175
SO(n) special orthogonal group 178
E(n) Euclidean group 178
Ox orbit ofx 205
Xg xed point set ofg 205
Gx isotropy subgroup ofx 205
XG set of xed points in aG-setX 207
N(H) normalizer of a subgroup H 222
H the ring of quaternions 234
charR characteristic of a ringR 238
Z[i] the Gaussian integers 237
Z
(p) ring of integers localized atp 254
R[x] ring of polynomials over R 257
degp(x) degree of p(x) 257
R[x1; x2; : : : ; xn] ring of polynomials innvariables 260
evaluation homomorphism at 260
Q(x) eld of rational functions over Q 281
(a) Euclidean valuation of a 286
F(x) eld of rational functions in x 291
F(x1; : : : ; xn) eld of rational functions inx1; : : : ; xn 291
ab a is less thanb 295
a^b meet ofaandb 297
a_b join ofaandb 297
I largest element in a lattice 299
O smallest element in a lattice 299
a
0
complement ofain a lattice 299
dimV dimension of a vector spaceV 317
UV direct sum of vector spacesUandV 320
Hom(V; W) set of all linear transformations from UtoV320
V

dual of a vector spaceV 320
F(1; : : : ; n) smallest eld containing Fand1; : : : ; n 325

390 NOTATION
Symbol Description Page
[E:F] dimension of a eld extension of EoverF 328
GF(p
n
) Galois eld of order p
n
349
F

multiplicative group of a eldF 349
G(E=F) Galois group of EoverF 365
F
fig eld xed by automorphismsi 370
FG eld xed by automorphism groupG 370

2
discriminant of a polynomial 385

Hints and Solutions
Chapter 0. Preliminaries
1. (a)f2g.(b)f5g.
2. (a)f(a;1);(a;2);(a;3);(b;1);(b;2);(b;3);(c;1);(c;2);(c;3)g.
(d);.
6.Ifx2A[(B\C), then eitherx2Aorx2B\C)x2A[BandA[C)
x2(A[B)\(A[C))A[(B\C)(A[B)\(A[C).
Conversely,x2(A[B)\(A[C))x2A[BandA[C)x2
Aorxis in bothBandC)x2A[(B\C))(A[B)\(A[C)
A[(B\C). Hence,A[(B\C) = (A[B)\(A[C).
10.(A\B)[(AnB)[(BnA) = (A\B)[(A\B
0
)[(B\A
0
) = [A\(B[
B
0
)][(B\A
0
) =A[(B\A
0
) = (A[B)\(A[A
0
) =A[B.
14.An(B[C) =A\(B[C)
0
= (A\A)\(B
0
\C
0
) = (A\B
0
)\(A\C
0
) =
(AnB)\(AnC).
17. (a)Not a map.f(2=3) is undened.
(c)Not a map.f(1=2) = 3=4 andf(2=4) = 3=8.
18. (a)One-to-one but not onto.f(R) =fx2R:x >0g.
(c)Neither one-to-one nor onto.
20. (a)f(n) =n+ 1.
22. (a)Letx; y2A. Theng(f(x)) = (gf)(x) = (gf)(y) =g(f(y)))f(x) =
f(y))x=y, sogfis one-to-one.
(b)Letc2C, thenc= (gf)(x) =g(f(x)) for somex2A. Sincef(x)2B,
gis onto.
23.f
1
(x) = (x+ 1)=(x1).
24. (a)Lety2f(A1[A2))there exists anx2A1[A2such thatf(x) =y)
y2f(A1) orf(A2))y2f(A1)[f(A2))f(A1[A2)f(A1)[f(A2).
391

392 HINTS AND SOLUTIONS
Conversely, lety2f(A1)[f(A2))y2f(A1) orf(A2))there exists
anx2A1or there exists anx2A2such thatf(x) =y)there exists an
x2A1[A2such thatf(x) =y)f(A1)[f(A2)f(A1[A2). Hence,
f(A1[A2) =f(A1)[f(A2).
25. (a)Not an equivalence relation. Fails to be symmetric.
(c)Not an equivalence relation. Fails to be transitive.
28.LetX=N[ f
p
2gand denexyifx+y2N.
Chapter 1. The Integers
1.S(1) : [1(1 + 1)(2(1) + 1)]=6 = 1 = 1
2
is true. AssumeS(k) : 1
2
+ 2
2
+
+k
2
= [k(k+ 1)(2k+ 1)]=6 is true. Then 1
2
+ 2
2
+ +k
2
+ (k+ 1)
2
=
[k(k+ 1)(2k+ 1)]=6 + (k+ 1)
2
= [(k+ 1)((k+ 1) + 1)(2(k+ 1) + 1)]=6, so
S(k+ 1) is true. ThusS(n) is true for all positive integersn.
3.S(4) : 4! = 24>16 = 2
4
is true. AssumeS(k) :k!>2
k
is true. Then
(k+ 1)! =k!(k+ 1)>2
k
2 = 2
k+1
, soS(k+ 1) is true. ThusS(n) is true
for all positive integersn.
8.Look at the proof in Example 3.
11.S(0) : (1 +x)
0
1 = 00 = 0xis true. AssumeS(k) : (1 +x)
k
1kxis
true. Then (1 +x)
k+1
1 = (1 +x)(1 +x)
k
1 = (1 +x)
k
+x(1 +x)
k
1
kx+x(1 +x)
k
kx+x= (k+ 1)x, soS(k+ 1) is true. ThusS(n) is true
for all positive integersn.
15. (a)(14)14 + (5)39 = 1.
(c)(3709)1739 + (650)9923 = 1.
(e)(881)23771 + (1050)19945 = 1.
17. (b)Use mathematical induction.(c)Show thatf1= 1,f2= 1, andfn+2=
fn+1+fn.(d)Use part (c).(e)Use part (b) and Problem 16.
19.Use the Fundamental Theorem of Arithmetic.
23.LetS=fs2N:ajs,bjsg.S6=;, sincejabj 2S. By the Principle of
Well-Ordering,Scontains a least elementm. To show uniqueness, suppose
thatajnandbjnfor somen2N. By the division algorithm, there exist
unique integersqandrsuch thatn=mq+r, where 0r < m.ajm,bjm,
ajn,bjn)ajr,bjr)r= 0 by the minimality ofm. Therefore,mjn.
27.Since gcd(a; b) = 1, there exist integersrandssuch thatar+bs= 1)
acr+bcs=c. Sinceajaandajbc,ajc.
29.Letp=p1p2 pk+ 1, wherep1= 2; p2= 3; : : : ; pkare the rstkprimes.
Show thatpis prime.

HINTS AND SOLUTIONS 393
Chapter 2. Groups
1. (a)f: : : ;4;3;10; : : :g.(c)f: : : ;8;18;44; : : :g.(e)f: : : ;1;5;11; : : :g.
2. (a)Not a group.(c)A group.
6.
1 5 7 11
1
1 5 7 11
5
5 1 11 7
7
7 11 1 5
11
11 7 5 1
8.Pick two matrices. Almost any pair will work.
15.There is a group of order 6 that is nonabelian.
16.Look at the symmetry group of an equilateral triangle or a square.
17.There are actually ve dierent groups of order 8.
18.Let
=

1 2 n
a1a2 an

be inSn. All of theai's must be distinct. There arenways to choosea1,
n1 ways to choosea2,: : :, 2 ways to choosean1, and only one way to
choosean. Therefore, we can forminn(n1) 21 =n! ways.
24.(aba
1
)
n
= (aba
1
)(aba
1
) (aba
1
) =ab(aa
1
)b(aa
1
)b (aa
1
)ba
1
=
ab
n
a
1
.
29.abab= (ab)
2
=e=a
2
b
2
=aabb)ba=ab.
33.H1=fidg,H2=fid; 1; 2g,H3=fid; 1g,H4=fid; 2g,H5=fid; 3g,
S3.
39.id= 1 = 1 + 0
p
2, (a+b
p
2 )(c+d
p
2 ) = (ac+ 2bd) + (ad+bc)
p
2, and
(a+b
p
2 )
1
=a=(a
2
2b
2
)b
p
2=(a
2
2b
2
).
44.Not a subgroup. Look atS3.
47.a
4
b=ba)b=a
6
b=a
2
ba)ab=a
3
ba=ba.
Chapter 3. Cyclic Groups
1. (a)False.(c)False.(e)True.
2. (a)12.(c)Innite.(e)10.
3. (a)7Z=f: : : ;7;0;7;14; : : :g.(b)f0;3;6;9;12;15;18;21g.
(c)f0g;f0;6g;f0;4;8g;f0;3;6;9g;f0;2;4;6;8;10g.
(g)f1;3;7;9g.(j)f1;1; i;ig.

394 HINTS AND SOLUTIONS
4. (a)

1 0
0 1

;

1 0
01

;

01
1 0

;

0 1
1 0

:
(c)

1 0
0 1

;

11
1 0

;

1 1
1 0

;

0 1
1 1

;

01
11

;

1 0
01

:
10. (a)0;1;1.(b)1;1.
11.1, 2, 3, 4, 6, 8, 12, 24.
15. (a)3i3.(c)4318i.(e)i.
16. (a)
p
3 +i.(c)3.
17. (a)
p
2 cis(7=4).(c)2
p
2 cis(=4).(e)3 cis(3=2).
18. (a)(1i)=2.(c)16(i
p
3 ).(e)1=4.
22. (a)292.(c)1523.
27.jhgi \ hhij= 1.
31.The identity element in any group has nite order. Letg; h2Ghave orders
mandn, respectively. Since (g
1
)
m
=eand (gh)
mn
=e, the elements of
nite order inGform a subgroup ofG.
37.Ifgis an element distinct from the identity inG,gmust generateG; other-
wise,hgiis a nontrivial proper subgroup ofG.
Chapter 4. Permutation Groups
1. (a)(12453).(c)(13)(25).
2. (a)(135)(24).(c)(14)(23).(e)(1324).(g)(134)(25).(n)(17352).
3. (a)(16)(15)(13)(14).(c)(16)(14)(12).
4.(a1; an; an1; : : : ; a2).
5. (a)f(13);(13)(24);(132);(134);(1324);(1342)g. Not a subgroup.
8.(12345)(678).
11.Permutations of the form (1), (a1; a2)(a3; a4), (a1; a2; a3), (a1; a2; a3; a4; a5)
are possible forA5.
17.(123)(12) = (13)6= (23) = (12)(123).
25.Use the fact that (ab)(bc) = (abc) and (ab)(cd) = (abc)(bcd).
30. (a)Show that
1
(i) = ((a1); (a2); : : : ; (ak))(i) for 1in.

HINTS AND SOLUTIONS 395
Chapter 5. Cosets and Lagrange's Theorem
1.The order ofgand the orderhmust both divide the order ofG. The smallest
number that 5 and 7 both divide is lcm(5;7) = 35.
2.1;2;3;4;5;6;10;12;15;20;30;60.
3.False.
4.False.
5. (a)
H=f0;8;16g 4 +H=f4;12;20g
1 +H=f1;9;17g 5 +H=f5;13;21g
2 +H=f2;10;18g6 +H=f6;14;22g
3 +H=f3;11;19g7 +H=f7;15;23g:
(c) 3Z=f: : : ;3;0;3;6; : : :g
1 + 3Z=f: : : ;2;1;4;7; : : :g
2 + 3Z=f: : : ;1;2;5;8; : : :g:
7.4
(15)
4
8
1 (mod 15).
12.Letg12gH. Then there exists anh2Hsuch thatg1=gh=ghg
1
g)
g12Hg)gHHg. Similarly,HggH. Therefore,gH=Hg.
17.Ifa =2H, thena
1
=2H)a
1
2aH=a
1
H=bH)there existh1; h22H
such thata
1
h1=bh2)ab=h1h
1
2
2H.
Chapter 6. Introduction to Cryptography
1.LAORYHAPDWK.
3.Hint: Q = E, F = X, A = R.
4.26!1.
7. (a)2791.(c)112135 25032 442.
9. (a)31.(c)14.
10. (a)n= 1141.(c)n= 87794327.
Chapter 7. Algebraic Coding Theory
2.(0000)=2C.
3. (a)2.(c)2.
4. (a)3.(c)4.
6. (a)dmin= 2.(c)dmin= 1.

396 HINTS AND SOLUTIONS
7. (a)(00000);(00101);(10011);(10110)
G=
0
B
B
B
B
@
0 1
0 0
1 0
0 1
1 1
1
C
C
C
C
A
:
(b)(00000);(010111);(101101);(111010)
G=
0
B
B
B
B
B
B
@
1 0
0 1
1 0
1 1
0 1
1 1
1
C
C
C
C
C
C
A
:
9.Multiple errors occur in one of the received words.
11. (a)A canonical parity-check matrix with standard generator matrix
G=
0
B
B
B
B
@
1
1
0
0
1
1
C
C
C
C
A
:
(c)A canonical parity-check matrix with standard generator matrix
G=
0
B
B
@
1 0
0 1
1 1
1 0
1
C
C
A
:
12. (a)All possible syndromes occur.
15. (a)The cosets ofCare
CosetsC(00000) (00101) (10011) (10110)(10000) +C(10000) (10101) (00011) (00110)(01000) +C(01000) (01101) (11011) (11110)(00100) +C(00100) (00001) (10111) (10010)(00010) +C(00010) (00111) (10001) (10100)(11000) +C(11000) (11101) (01011) (01110)(01100) +C(01100) (01001) (11111) (11010)(01010) +C(01010) (01111) (11001) (11100)

HINTS AND SOLUTIONS 397
A decoding table does not exist forCsince it is only single error-detecting.
19.Letx2Chave odd weight and dene a map from the set of odd codewords
to the set of even codewords byy7!x+y. Show that this map is a bijection.
23.For 20 information positions, at least six check bits are needed to ensure an
error-correcting code.
Chapter 8. Isomorphisms
1.The groupnZis an innite cyclic group generated byn. Every innite cyclic
group is isomorphic toZ.
2.Dene:C

!GL2(R) by
(a+bi) =

a b
b a

:
3.False.
6.Dene a map fromZninto thenth roots of unity byk7!cis(2k=n).
8.Assume thatQis cyclic and try to nd a generator.
11.D4,Q8,Z8,Z2Z4,Z2Z2Z2.
16. (a)12.(c)5.
20.True.
25.Z2Z2Z13is not cyclic.
27.Letabe a generator forG. If:G!His an isomorphism, show that(a)
is a generator forH.
38.Any automorphism ofZ6must send 1 to another generator ofZ6.
45.To show thatis one-to-one, letg1=h1k1andg2=h2k2. Then(g1) =
(g2))(h1k1) =(h2k2))(h1; k1) = (h2; k2))h1=h2; k1=k2)
g1=g2.
Chapter 9. Homomorphisms and Factor Groups
1. (a)
A4(12)A4
A4
A4(12)A4
(12)A4
(12)A4A4
(c)D4is not normal inS4.
5. (a)A homomorphism.(c)Not a homomorphism.
8.(m+n) = 7(m+n) = 7m+ 7n=(m) +(n). The kernel ofisf0gand
the image ofis 7Z.

398 HINTS AND SOLUTIONS
9.For any homomorphism:Z24!Z18, the kernel ofmust be a subgroup
ofZ24and the image ofmust be a subgroup ofZ18.
14.Leta; b2G. Then(a)(b) =(ab) =(ba) =(b)(a).
18.False.
19.Ifa2Gis a generator forG, thenaHis a generator forG=H.
25.Sinceeg=gefor allg2G, the identity is inC(g). Ifx; y2C(g), thenxyg=
xgy=gxy)xy2C(g). Ifxg=gx, thenx
1
g=gx
1
)x
1
2C(g))
C(g) is a subgroup ofG. Ifhgiis normal inG, theng1xg
1
1
g=gg1xg
1
1
for
allg12G.
28. (a)Letg2Gandh2G
0
. Ifh=aba
1
b
1
, thenghg
1
=gaba
1
b
1
g
1
=
(gag
1
)(gbg
1
)(ga
1
g
1
)(gb
1
g
1
) = (gag
1
)(gbg
1
)(gag
1
)
1
(gbg
1
)
1
.
We also need to show that ifh=h1 hnwithhi=aibia
1
i
b
1
i
, thenghg
1
is a product of elements of the same type. However,ghg
1
=gh1 hng
1
=
(gh1g
1
)(gh2g
1
) (ghng
1
).
Chapter 10. Matrix Groups and Symmetry
1.
1
2

kx+yk
2
+kxk
2
kyk
2

=
1
2

hx+y; x+yi kxk
2
kyk
2

=
1
2

kxk
2
+ 2hx; yi+kyk
2
kxk
2
kyk
2

=hx;yi:
3. (a)An element ofSO(2).(c)Not inO(3).
5. (a)hx;yi=x1y1+ +xnyn=y1x1+ +ynxn=hy;xi.
7.Use the unimodular matrix
5 2
2 1

:
10.Show that the kernel of the map det :O(n)!R

isSO(n).
13.True.
17.p6m.
Chapter 11. The Structure of Groups
1.Since 40 = 2
3
5, the possible abelian groups of order 40 areZ40

=Z8Z5,
Z5Z4Z2, andZ5Z2Z2Z2.
4. (a)f0g h6i h3i Z12.
(e)f((1);0)g f(1);(123);(132)g f0g S3 f0g S3 h2i S3Z4.

HINTS AND SOLUTIONS 399
7.Use the Fundamental Theorem of Finitely Generated Abelian Groups.
12.IfNandG=Nare solvable, then they have solvable series
N=NnNn1 N1N0=feg
G=N=Gn=NGn1=N G1=NG0=N=fNg:
The series
G=GnGn1 G0=N=NnNn1 N1N0=feg
is a subnormal series. The factors of this series are abelian sinceGi+1=Gi

=
(Gi+1=N)=(Gi=N).
16.Use the fact thatDnhas a cyclic subgroup of index 2.
21.G=G
0
is abelian.
Chapter 12. Group Actions
1.Example 1. 0,R
2
n f0g.
Example 2.X=f1;2;3;4g.
2. (a)X
(1)=f1;2;3g,X
(12)=f3g,X
(13)=f2g,X
(23)=f1g,X
(123)=
X
(132)=;.G1=f(1);(23)g,G2=f(1);(13)g,G3=f(1);(12)g.
3. (a)O1=O2=O3=f1;2;3g.
6. (a)O
(1)=f(1)g,O
(12)=f(12);(13);(14);(23);(24);(34)g,
O
(12)(34)=f(12)(34);(13)(24);(14)(23)g,
O
(123)=f(123);(132);(124);(142);(134);(143);(234);(243)g,
O
(1234)=f(1234);(1243);(1324);(1342);(1423);(1432)g.
The class equation is 1 + 3 + 6 + 6 + 8 = 24.
8.(3
4
+ 3
1
+ 3
2
+ 3
1
+ 3
2
+ 3
2
+ 3
3
+ 3
3
)=8 = 21.
11.(13
4
+ 63
3
+ 113
2
+ 63
1
)=24 = 15.
15.(12
6
+ 32
4
+ 42
3
+ 22
2
+ 22
1
)=12 = 13.
17.(12
8
+ 32
6
+ 22
4
)=6 = 80.
22.x2gC(a)g
1
,g
1
xg2C(a),ag
1
xg=g
1
xga,gag
1
x=xgag
1
,
x2C(gag
1
).
Chapter 13. The Sylow Theorems
1.IfjGj= 18 = 23
2
, then the order of a Sylow 2-subgroup is 2, and the order
of a Sylow 3-subgroup is 9.
IfjGj= 54 = 23
3
, then the order of a Sylow 2-subgroup is 2, and the order
of a Sylow 3-subgroup is 27.

400 HINTS AND SOLUTIONS
2.The four Sylow 3-subgroups ofS4are
P1=f(1);(123);(132)g,
P2=f(1);(124);(142)g,
P3=f(1);(134);(143)g,
P4=f(1);(234);(243)g.
5.SincejGj= 96 = 2
5
3,Ghas either one or three Sylow 2-subgroups by the
Third Sylow Theorem. If there is only one subgroup, we are done. If there
are three Sylow 2-subgroups, letHandKbe two of them.jH\Kj 16;
otherwise,HKwould have (3232)=8 = 128 elements, which is impossible.
H\Kis normal in bothHandKsince it has index 2 in both groups. Hence,
N(H\K) contains bothHandK. Therefore,jN(H\K)jmust be a multiple
of 32 greater than 1 and still divide 96, soN(H\K) =G.
8.Ghas a Sylowq-subgroup of orderq
2
. Since the number of such subgroups
is congruent to 1 moduloqand dividesp
2
q
2
, there must be either 1,p, orp
2
Sylowq-subgroups. Sinceq6 jp
2
1 = (p1)(p+ 1), there can be only one
Sylowq-subgroup, sayQ. Similarly, we can show that there is a single Sylow
p-subgroupP. Every element inQother than the identity has orderqorq
2
,
soP\Q=feg. Now show thathk=khforh2Pandk2Q. Deduce that
G=PQis abelian.
10.False.
17.IfGis abelian, thenGis cyclic, sincejGj= 3517. Now look at Example 5.
23.Dene a mapping between the right cosets ofN(H) inGand the conjugates
ofHinGbyN(H)g7!g
1
Hg. Prove that this map is a bijection.
26.LetaG
0
; bG
0
2G=G
0
. Then (aG
0
)(bG
0
) =abG
0
=ab(b
1
a
1
ba)G
0
=
(abb
1
a
1
)baG
0
=baG
0
.
Chapter 14. Rings
1. (a)7Zis a ring but not a eld.(c)Q(
p
2 ) is a eld.(f)Ris not a ring.
3. (a)f1;3;7;9g.(c)f1;2;3;4;5;6g.
(e)

1 0
0 1

;

1 1
0 1

;

1 0
1 1

;

0 1
1 0

;

1 1
1 0

;

0 1
1 1

:
4. (a)f0g,f0;9g,f0;6;12g,f0;3;6;9;12;15g,f0;2;4;6;8;10;12;14;16g.
(c)There are no nontrivial ideals.
7.Assume there is an isomorphism:C!Rwith(i) =a.
8.False. Assume there is an isomorphism:Q(
p
2 )!Q(
p
3 ) such that
(
p
2 ) =a.

HINTS AND SOLUTIONS 401
13. (a)x17 (mod 55).(c)x214 (mod 2772).
16.IfI6=f0g, show that 12I.
19. (a)(a)(b) =(ab) =(ba) =(b)(a).
27.Leta2Rwitha6= 0. The principal ideal generated byaisR)there exists
ab2Rsuch thatab= 1.
29.Compute (a+b)
2
and (ab)
2
.
35.Leta=b; c=d2Z
(p). Thena=b+c=d= (ad+bc)=bdand (a=b)(c=d) =
(ac)=(bd) are both inZ
(p), since gcd(bd; p) = 1.
39.Suppose thatx
2
=xandx6= 0. SinceRis an integral domain,x= 1. To
nd a nontrivial idempotent, look inM2(R).
Chapter 15. Polynomials
2. (a)9x
2
+ 2x+ 5.(b)8x
4
+ 7x
3
+ 2x
2
+ 7x.
3. (a)5x
3
+ 6x
2
3x+ 4 = (5x
2
2x+ 1)(x2) + 6.
(c)4x
5
x
3
+x
2
+ 4 = (4x
2
+ 4)(x
3
+ 3) + 4x
2
+ 2.
5. (a)No zeros inZ12.(c)3, 4.
7.(2x+ 1)
2
= 1.
8. (a)Reducible.(c)Irreducible.
10.x
2
+x+ 8 = (x+ 2)(x+ 9) = (x+ 7)(x+ 4).
13.Zis not a eld.
14.False.x
2
+ 1 = (x+ 1)(x+ 1).
16.Let:R!Sbe an isomorphism. Dene
:R[x]!S[x] by(a0+a1x+
+anx
n
) =(a0) +(a1)x+ +(an)x
n
.
19.Deneg(x) byg(x) = p(x+ 1) and show thatg(x) is irreducible overQ.
25.Find a nontrivial proper ideal inF[x].
Chapter 16. Integral Domains
1.z
1
= 1=(a+b
p
3i) = (ab
p
3i)=(a
2
+ 3b
2
) is inZ[
p
3i] if and only if
a
2
+ 3b
2
= 1. The only integer solutions to the equation area=1; b= 0.
2. (a)5 = 1 + 2i)(12i).(c)6 + 8i= (1 + 7i)(1i).
4.True.
8.Letz=a+biandw=c+di6= 0 be inZ[i]. Prove thatz=w2Q(i).
14.Leta=ubwithua unit. Then(b)(ub)(a). Similarly,(a)(b).
15.Show that 21 can be factored in two dierent ways.

402 HINTS AND SOLUTIONS
Chapter 17. Lattices and Boolean Algebras
2.
30
10 15
2 35
1

@
@
@
@

5.False.
6. (a)(a_b_a
0
)^a.
b a
a
a
0

HINTS AND SOLUTIONS 403
(c)a_(a^b).
a b
a
8.Not equivalent.
10.a
0
^[(a^b
0
)_b] =a^(a_b).
15.LetI; Jbe ideals inR. We need to show thatI+J=fr+s:r2Iands2Jg
is the smallest ideal inRcontaining bothIandJ. Ifr1; r22Iands1; s22J,
then (r1+s1) + (r2+s2) = (r1+r2) + (s1+s2) is inI+J. Fora2R,
a(r1+s1) =ar1+as12I+J; hence,I+Jis an ideal inR.
19. (a)No.
21.()).a=b)(a^b
0
)_(a
0
^b) = (a^a
0
)_(a
0
^a) =O_O=O.
((). (a^b
0
)_(a
0
^b) =O)a_b= (a_a)_b=a_(a_b) =a_[I^(a_b)] =
a_[(a_a
0
)^(a_b)] = [a_(a^b
0
)]_[a_(a
0
^b)] =a_[(a^b
0
)_(a
0
^b)] =a_0 =a.
A symmetric argument shows thata_b=b.
Chapter 18. Vector Spaces
3.Q(
p
2;
p
3 ) has basisf1;
p
2;
p
3;
p
6goverQ.
5.Pnhas basisf1; x; x
2
; : : : ; x
n1
g.
7. (a)Subspace of dimension 2 with basisf(1;0;3);(0;1;2)g.
(d)Not a subspace.
10.0 =0 =(v+v) =(v) +v) v=(v).
12.Letv0= 0; v1; : : : ; vn2Vand06= 0; 1; : : : ; n2F. Then0v0+ +
nvn= 0.
15. (a)Letu; v2ker(T) and2F. Then
T(u+v) =T(u) +T(v) = 0
T(v) =T(v) =0 = 0:
Hence,u+v; v2ker(T))ker(T) is a subspace ofV.
(c)T(u) =T(v),T(uv) =T(u)T(v) = 0,uv= 0,u=v.
17. (a)Letu; u
0
2Uandv; v
0
2V. Then
(u+v) + (u
0
+v
0
) = (u+u
0
) + (v+v
0
)2U+V
(u+v) =u+v2U+V:

404 HINTS AND SOLUTIONS
Chapter 19. Fields
1. (a)x
4

2
3
x
2

62
9
.(c)x
4
2x
2
+ 25.
2. (a)f1;
p
2;
p
3;
p
6g.(c)f1; i;
p
2;
p
2ig.(e)f1;2
1=6
;2
1=3
;2
1=2
;2
2=3
;2
5=6
g.
3. (a)Q(
p
3;
p
7 ).
5.Use the fact that the elements ofZ2[x]=hx
3
+x+ 1iare 0, 1,, 1 +,
2
,
1 +
2
,+
2
, 1 ++
2
and the fact that
3
++ 1 = 0.
8.False.
14.Suppose thatEis algebraic overFandKis algebraic overE. Let2K.
It suces to show thatis algebraic over some nite extension ofF. Since
is algebraic overE, it must be the zero of some polynomialp(x) =0+
1x+ +nx
n
inE[x]. Henceis algebraic overF(0; : : : ; n).
22.Q(
p
3;
p
7 )Q(
p
3 +
p
7 ) sincef1;
p
3;
p
7;
p
21gis a basis forQ(
p
3;
p
7 )
overQ. Since [Q(
p
3;
p
7 ) :Q] = 4, [Q(
p
3 +
p
7 ) :Q] = 2 or 4. Since the
degree of the minimal polynomial of
p
3+
p
7 is 4,Q(
p
3;
p
7 ) =Q(
p
3+
p
7 ).
27.Let2F() not inF. Then=p()=q(), wherepandqare polynomials
inwithq()6= 0 and coecients inF. Ifis algebraic overF, then
there exists a polynomialf(x)2F[x] such thatf() = 0. Letf(x) =
a0+a1x+ +anx
n
. Then
0 =f() =f

p()
q()

=a0+a1

p()
q()

+ +an

p()
q()

n
:
Now multiply both sides byq()
n
to show that there is a polynomial inF[x]
that hasas a zero.
Chapter 20. Finite Fields
1. (a)2.(c)2.
4.There are eight elements inZ2(). Exhibit two more zeros ofx
3
+x
2
+ 1
other thanin these eight elements.
5.Find an irreducible polynomialp(x) inZ3[x] of degree 3 and show that
Z3[x]=hp(x)ihas 27 elements.
7. (a)x
5
1 = (x+ 1)(x
4
+x
3
+x
2
+x+ 1).
(c)x
9
1 = (x+ 1)(x
2
+x+ 1)(x
6
+x
3
+ 1).
8.True.
11. (a)Use the fact thatx
7
1 = (x+ 1)(x
3
+x+ 1)(x
3
+x
2
+ 1).
12.False.
17.Ifp(x)2F[x], thenp(x)2E[x].

HINTS AND SOLUTIONS 405
18.Sinceis algebraic overFof degreen, we can write any element2F()
uniquely as=a0+a1+ +an1
n1
withai2F. There areq
n
possible
n-tuples (a0; a1; : : : ; an1).
24.Factorx
p1
1 overZp.
Chapter 21. Galois Theory
1. (a)Z2.(c)Z2Z2Z2.
2. (a)Separable.(c)Not separable.
3.[GF(729) : GF(9)] = [GF(729) : GF(3)]=[GF(9) : GF(3)] = 6=2 = 3)
G(GF(729)=GF(9))

=Z3. A generator forG(GF(729)=GF(9)) is, where

3
6() =
3
6
=
729
for2GF(729).
4. (a)S5.(c)S3.
5. (a)Q(i).
7.LetEbe the splitting eld of a cubic polynomial inF[x]. Show that [E:F]
is less than or equal to 6 and is divisible by 3. SinceG(E=F) is a subgroup of
S3whose order is divisible by 3, conclude that this group must be isomorphic
toZ3orS3.
9.Gis a subgroup ofSn.
16.True.
20. (a)Clearly!; !
2
; : : : ; !
p1
are distinct since!6= 1 or 0. To show that!
i
is
a zero of p, calculate p(!
i
).
(b)The conjugates of!are!; !
2
; : : : ; !
p1
. Dene a mapi:Q(!)!Q(!
i
)
by
i(a0+a1!+ +ap2!
p2
) =a0+a1!
i
+ +cp2(!
i
)
p2
;
whereai2Q. Prove thatiis an isomorphism of elds. Show that2
generatesG(Q(!)=Q).
(c)Show thatf!; !
2
; : : : ; !
p1
gis a basis forQ(!) overQ, and consider
which linear combinations of!; !
2
; : : : ; !
p1
are left xed by all elements of
G(Q(!)=Q).

Index
G-equivalent, 206
G-set, 204
nth root of unity, 65, 378
Abel, Niels Henrik, 376
Abelian group, 42
Ackermann's function, 35
Adleman, L., 102
Algebraic closure, 332
Algebraic extension, 325
Algebraic number, 326
Algorithm
division, 262
Euclidean, 30
Artin, Emil, 293
Ascending chain condition, 284
Associate elements, 282
Atom, 303
Automorphism
inner, 152, 170
of a group, 151
Basis of a lattice, 183
Bieberbach, L., 187
Binary operation, 41
Binary symmetric channel, 113
Boole, George, 308
Boolean algebra
atom in a, 303
denition of, 300
nite, 302
isomorphism, 302
Boolean function, 215, 311
Boolean ring, 254
Burnside's Counting Theorem, 211
Burnside, William, 47, 163, 217
Cancellation law
for groups, 46
for integral domains, 239
Cardano, Gerolamo, 272
Carmichael numbers, 108
Cauchy's Theorem, 221
Cauchy, Augustin-Louis, 82
Cayley table, 42
Cayley's Theorem, 143
Cayley, Arthur, 144
Center
of a group, 54
of a ring, 255
Centralizer
of a subgroup, 208
of an element, 169
Characteristic of a ring, 239
Chinese Remainder Theorem
for integers, 248
for rings, 255
Cipher, 98
Ciphertext, 98
Circuit
parallel, 306
series, 305
series-parallel, 306
Class equation, 208
Code
BCH, 359
406

INDEX 407
cyclic, 351
dual, 136
group, 118
Hamming
denition of, 136
perfect, 137
shortened, 137
linear, 122
minimum distance of, 115
polynomial, 352
Commutative diagrams, 164
Commutative rings, 234
Composite integer, 30
Composition series, 197
Congruence modulon, 17
Conjugacy classes, 208
Conjugate elements, 366
Conjugate elds, 384
Conjugate permutations, 97
Conjugate, complex, 61
Conjugation, 205
Constructible number, 337
Correspondence Theorem
for groups, 165
for rings, 244
Coset
double, 97
leader, 131
left, 90
representative, 90
right, 90
Coset decoding, 130
Cryptanalysis, 100
Cryptosystem
ane, 101
denition of, 98
monoalphabetic, 100
polyalphabetic, 101
private key, 99
public key, 99
RSA, 102
single key, 99
Cycle
denition of, 75
disjoint, 76
De Morgan's laws
for Boolean algebras, 302
for sets, 7
De Morgan, Augustus, 308
Decoding table, 132
Deligne, Pierre, 342
DeMoivre's Theorem, 64
Derivative, 274, 348
Derived series, 201
Descending chain condition, 293
Determinant, Vandermonde, 356
Dickson, L. E., 162
Die, W., 102
Direct product of groups
external, 145
internal, 148
Direct sum of vector spaces, 320
Discriminant
of a separable polynomial, 385
of the cubic equation, 276
of the quadratic equation, 275
Division algorithm
for integers, 27
for polynomials, 262
Division ring, 234
Domain
Euclidean, 286
principal ideal, 283
unique factorization, 282
Doubling the cube, 341
Eisenstein's Criterion, 269
Element
associate, 282
centralizer of, 169
idempotent, 255
identity, 42
inverse, 42
irreducible, 282
nilpotent, 254
order of, 58
prime, 282
primitive, 369
transcendental, 325
Equivalence class, 16

408 INDEX
Equivalence relation, 14
Euclidean algorithm, 30
Euclidean domain, 286
Euclidean group, 179
Euclidean inner product, 176
Euclidean valuation, 286
Euler-function, 95
Euler, Leonhard, 95, 342
Extension
algebraic, 325
eld, 322
nite, 329
normal, 372
radical, 378
separable, 347, 369
simple, 325
External direct product, 145
Faltings, Gerd, 342
Feit, W., 163, 218
Fermat's factorization algorithm, 106
Fermat's Little Theorem, 95
Fermat, Pierre de, 95, 342
Ferrari, Ludovico, 272
Ferro, Scipione del, 271
Field, 234
algebraically closed, 332
base, 322
conjugate, 384
extension, 322
xed, 371
Galois, 349
of fractions, 280
of quotients, 280
prime, 292
splitting, 334
Finitely generated group, 192
Fior, Antonio, 271
First Isomorphism Theorem
for groups, 163
for rings, 243
Fixed point set, 206
Freshman's Dream, 347
Frobenius map, 361
Function
bijective, 10
Boolean, 215, 311
composition of, 10
denition of, 9
domain of, 9
identity, 12
injective, 10
invertible, 12
one-to-one, 10
onto, 10
order-preserving, 310
range of, 9
surjective, 10
switching, 215, 311
Fundamental Theorem
of Algebra, 333, 382
of Arithmetic, 31
of Finite Abelian Groups, 194
of Galois Theory, 373
Godel, Kurt, 308
Galois eld, 349
Galois group, 365
Galois,

Evariste, 47, 377
Gauss's Lemma, 288
Gauss, Karl Friedrich, 290
Gaussian integers, 238
Generator of a cyclic subgroup, 58
Generators for a group, 192
Glide reection, 180
Gorenstein, Daniel, 163
Greatest common divisor
of elements in a UFD, 292
of two integers, 28
of two polynomials, 264
Greatest lower bound, 296
Greiss, R., 163
Grothendieck, A., 342
Group
p-group, 193, 221
abelian, 42
action, 204
alternating, 80
automorphism of, 151
center of, 88, 169, 208

INDEX 409
circle, 65
commutative, 42
cyclic, 58
denition of, 41
dihedral, 82
Euclidean, 179
factor, 154
nite, 45
nitely generated, 192
Galois, 365
general linear, 44, 174
generators of, 192
Heisenberg, 51
homomorphism of, 156
innite, 45
isomorphic, 139
isomorphism of, 139
nonabelian, 42
noncommutative, 42
of units, 43
order of, 45
orthogonal, 175
permutation, 74
point, 184
quaternion, 44
quotient, 154
simple, 159, 162
solvable, 200
space, 184
special linear, 48, 174
special orthogonal, 179
symmetric, 74
symmetry, 181
torsion, 200
Hamming distance, 115
Hamming, R., 118
Hellman, M., 102
Hilbert, David, 187, 246, 308, 342
Homomorphic image, 156
Homomorphism
canonical, 163, 243
evaluation, 241, 262
kernel of a group, 158
kernel of a ring, 240
lattice, 310
natural, 163, 243
of groups, 156
ring, 240
Ideal
denition of, 241
maximal, 244
one-sided, 242
prime, 245
principal, 242
trivial, 241
two-sided, 242
Idempotent, 255
Indeterminate, 258
Index of a subgroup, 92
Induction
rst principle of, 24
second principle of, 26
Inmum, 296
Inner product, 120
Integral domain, 234
Internal direct product, 148
International standard book number, 55
Irreducible element, 282
Irreducible polynomial, 266
Isometry, 180
Isomorphism
of Boolean algebras, 302
of groups, 139
ring, 240
Join, 297
Jordan, C., 162
Jordan-Holder Theorem, 198
Kernel
of a group homomorphism, 158
of a linear transformation, 319
of a ring homomorphism, 240
Key
denition of, 98
private, 99
public, 99
single, 99

410 INDEX
Klein, Felix, 47, 171, 246
Kronecker delta, 126, 177
Kronecker, Leopold, 342
Kummer, Ernst, 342
Lagrange's Theorem, 93
Lagrange, Joseph-Louis, 47, 82, 95
Laplace, Pierre-Simon, 82
Lattice
completed, 299
denition of, 296
distributive, 299
homomorphism, 310
Lattice of points, 183
Lattices, Principle of Duality for, 297
Least upper bound, 296
Left regular representation, 144
Lie, Sophus, 47, 225
Linear combination, 315
Linear dependence, 315
Linear functionals, 320
Linear independence, 315
Linear map, 171
Linear transformation
denition of, 11, 171, 319
kernel of, 319
null space of, 319
range of, 319
Lower bound, 296
Mapping,seeFunction
Matrix
distance-preserving, 177
generator, 123
inner product-preserving, 177
invertible, 173
length-preserving, 177
nonsingular, 173
null space of, 121
orthogonal, 175
parity-check, 122
similar, 16
unimodular, 184
Matrix, Vandermonde, 356
Maximal ideal, 244
Maximum-likelihood decoding, 113
Meet, 297
Metric, 135
Minimal generator polynomial, 354
Minimal polynomial, 327
Minkowski, Hermann, 342
Monic polynomial, 258
Mordell-Weil conjecture, 342
Multiplicative subset, 293
Multiplicity of a root, 368
Nilpotent element, 254
Noether, A. Emmy, 246
Noether, Max, 246
Normal extension, 372
Normal series of a group, 196
Normal subgroup, 153
Normalizer, 54, 223
Null space
of a linear transformation, 319
of a matrix, 121
Odd Order Theorem, 229
Orbit, 89, 206
Orthogonal group, 175
Orthogonal matrix, 175
Orthonormal set, 177
Partial order, 294
Partially ordered set, 295
Partitions, 16
Permutation
conjugate, 97
denition of, 11, 73
even, 80
odd, 80
Permutation group, 74
Plaintext, 98
Polynomial
code, 352
content of, 288
cyclotomic, 274
denition of, 258
degree of, 258
error, 362

INDEX 411
error-locator, 363
greatest common divisor of, 264
innindeterminates, 261
irreducible, 266
leading coecient of, 258
minimal, 327
minimal generator, 354
monic, 258
primitive, 288
root of, 264
separable, 347, 369
zero of, 264
Poset
denition of, 295
largest element in, 299
smallest element in, 299
Power set, 33, 295
Prime element, 282
Prime eld, 292
Prime ideal, 245
Prime integer, 30
Prime subeld, 292
Primitiventh root of unity, 65, 378
Primitive element, 369
Primitive Element Theorem, 369
Primitive polynomial, 288
Principal ideal, 242
Principal ideal domain (PID), 283
Principal series, 197
Pseudoprime, 107
Quaternions, 44, 236
Repeated squares, 66
Resolvent cubic equation, 276
Right regular representation, 152
Rigid motion, 39, 180
Ring
Artinian, 293
Boolean, 254
center of, 255
characteristic of, 239
commutative, 234
denition of, 233
division, 234
factor, 243
nitely generated, 293
homomorphism, 240
isomorphism, 240
local, 293
Noetherian, 284
of integers localized atp, 255
of quotients, 293
quotient, 243
with identity, 234
with unity, 234
Rivest, R., 102
RSA cryptosystem, 102
Runi, P., 376
Russell, Bertrand, 308
Scalar product, 312
Schreier's Theorem, 202
Second Isomorphism Theorem
for groups, 164
for rings, 244
Semidirect product, 188
Shamir, A., 102
Shannon, C., 118
Sieve of Eratosthenes, 35
Simple extension, 325
Simple group, 159
Simple root, 368
Solvability by radicals, 378
Spanning set, 315
Splitting eld, 334
Squaring the circle, 341
Standard decoding, 130
Subeld
prime, 292
Subgroup
p-subgroup, 221
centralizer, 208
commutator, 169, 201, 226
cyclic, 58
denition of, 47
index of, 92
isotropy, 206
normal, 153
normalizer of, 223

412 INDEX
proper, 47
stabilizer, 206
Sylowp-subgroup, 223
torsion, 71
transitive, 89
translation, 184
trivial, 47
Subnormal series of a group, 196
Subring, 237
Supremum, 296
Switch
closed, 305
denition of, 305
open, 305
Switching function, 215, 311
Sylowp-subgroup, 223
Sylow, Ludvig, 225
Syndrome of a code, 129, 362
Tartaglia, 271
Third Isomorphism Theorem
for groups, 166
for rings, 244
Thompson, J., 163, 218
Totally ordered set, 310
Transcendental element, 325
Transcendental number, 326
Transposition, 78
Trisection of an angle, 341
Unique factorization domain (UFD), 282
Unit, 234, 282
Universal Product Code, 54
Upper bound, 296
Vandermonde determinant, 356
Vandermonde matrix, 356
Vector space
basis of, 317
denition of, 312
dimension of, 317
direct sum of, 320
dual of, 320
subspace of, 314
Weight of a codeword, 115
Weil, Andre, 342
Well-dened map, 10
Well-ordered set, 26
Whitehead, Alfred North, 308
Wilson's Theorem, 362
Zassenhaus Lemma, 201
Zero
multiplicity of, 368
of a polynomial, 264
Zero divisor, 235

Notation
Symbol Description
a2A a is in the setA
N the natural numbers
Z the integers
Q the rational numbers
R the real numbers
C the complex numbers
AB A is a subset ofB
; the empty set
A[B union of setsAandB
A\B intersection of setsAandB
A
0
complement of the setA
AnB dierence between setsAandB
AB Cartesian product of setsAandB
A
n
A A(ntimes)
id identity mapping
f
1
inverse of the functionf
ab(modn) ais congruent tobmodulon
n! nfactorial

n
k

binomial coecientn!=(k!(nk)!)
mjn m dividesn
gcd(m; n) greatest common divisor of mandn
P(X) power set of X
Zn the integers modulon

Symbol Description
lcm(m; n) least common multiple of mandn
U(n) group of units in Zn
Mn(R) the nnmatrices with entries inR
detA determinant ofA
GLn(R) general linear group
Q8 the group of quaternions
C

the multiplicative group of complex numbers
jGj order of a groupG
R

the multiplicative group of real numbers
Q

the multiplicative group of rational numbers
SLn(R) special linear group
Z(G) center of a group G
hai cyclic subgroup generated bya
jaj order of an elementa
cis cos+isin
T the circle group
Sn symmetric group onnletters
(a1; a2; : : : ; ak) cycle of length k
An alternating group onnletters
Dn dihedral group
[G:H] index of a subgroup Hin a groupG
LH set of left cosets ofHin a groupG
RH set of right cosets ofHin a groupG
d(x;y) Hamming distance between xandy
dmin minimum distance of a code
w(x) weight of x
Mmn(Z2) set of mbynmatrices with entries inZ2
Null(H) null space of a matrix H
ij Kronecker delta
G

=H G is isomorphic toH
Aut(G) automorphism group of G
ig ig(x) =gxg
1
Inn(G) inner automorphism group of G
g right regular representation

Symbol Description
G=N factor group ofGmodN
ker kernel of
G
0
commutator subgroup ofG
(aij) matrix
O(n) orthogonal group
kxk length of a vectorx
SO(n) special orthogonal group
E(n) Euclidean group
Ox orbit ofx
Xg xed point set ofg
Gx isotropy subgroup ofx
XG set of xed points in aG-setX
N(H) normalizer of a subgroup H
H the ring of quaternions
charR characteristic of a ringR
Z[i] the Gaussian integers
Z
(p) ring of integers localized atp
R[x] ring of polynomials over R
degp(x) degree of p(x)
R[x1; x2; : : : ; xn] ring of polynomials in nvariables
evaluation homomorphism at
Q(x) eld of rational functions over Q
(a) Euclidean valuation of a
F(x) eld of rational functions in x
F(x1; : : : ; xn) eld of rational functions in x1; : : : ; xn
ab a is less thanb
a^b meet ofaandb
a_b join ofaandb
I largest element in a lattice
O smallest element in a lattice
a
0
complement ofain a lattice
dimV dimension of a vector spaceV
UV direct sum of vector spacesUandV
Hom(V; W) set of all linear transformations from UtoV

Symbol Description
V

dual of a vector spaceV
F(1; : : : ; n) smallest eld containing Fand1; : : : ; n
[E:F] dimension of a eld extension of EoverF
GF(p
n
) Galois eld of order p
n
F

multiplicative group of a eldF
G(E=F) Galois group of EoverF
F
fig eld xed by automorphismsi
FG eld xed by automorphism groupG

2
discriminant of a polynomial

abstract algebra-Thomas W. Judson.pdf

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

abstract algebra-Thomas W. Judson.pdf

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Slide 55

Slide 56

Slide 57

Slide 58

Slide 59

Slide 60

Slide 61

Slide 62

Slide 63

Slide 64

Slide 65

Slide 66

Slide 67

Slide 68

Slide 69

Slide 70

Slide 71

Slide 72

Slide 73

Slide 74

Slide 75

Slide 76

Slide 77