Introductory Algebra

Time for 2IA :)

Contents

1 Integers 1
1.1 Induction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Divisibility and Prime Factorization . . . . . . . . . . . . . . . . 5
1.2.1 Division Algorithm . . . . . . . . . . . . . . . . . . . . . . 6
1.2.2 Greatest common divisor. Primes and coprime integers 7
1.2.3 Euclidean Algorithm . . . . . . . . . . . . . . . . . . . . . 11
1.2.4 Prime Factorization . . . . . . . . . . . . . . . . . . . . . . 13
1.3 Integers modulo n . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1.3.1 Modular arithmetic . . . . . . . . . . . . . . . . . . . . . . 20
1.3.2 Solving linear equations and systems in Zn . . . . . . . . 22

2 Permutations 31
2.1 What is a permutation? . . . . . . . . . . . . . . . . . . . . . . . . 31
2.1.1 Product of permutations . . . . . . . . . . . . . . . . . . . 33
2.1.2 Inverse permutations . . . . . . . . . . . . . . . . . . . . . 37
2.1.3 Disjoint permutations . . . . . . . . . . . . . . . . . . . . . 38
2.2 Cycles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
2.3 The Alternating Group . . . . . . . . . . . . . . . . . . . . . . . . 47

3 Groups 53
3.1 What is a group? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
3.1.1 Cayley tables . . . . . . . . . . . . . . . . . . . . . . . . . . 55
3.1.2 Inverses. Exponent Laws. Cancellation Laws . . . . . . . 58
3.1.3 A taste of isomorphic groups . . . . . . . . . . . . . . . . 64
3.2 Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
3.3 Cyclic groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

i
ii CONTENTS

3.3.1 Some important properties of Cyclic Groups . . . . . . . 76

3.3.2 Fundamental Theorem of Finite Cycle Groups . . . . . . 78
3.4 Homomorphims and isomorphisms . . . . . . . . . . . . . . . . . 83

4 Lagrange’s Theorem 91
4.1 Cosets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
4.2 Cosets properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
4.3 Lagrange’s Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . 95

5 Factor groups 97
5.1 Normal subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
5.2 Factor groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
5.3 The First Isomorphism Theorem . . . . . . . . . . . . . . . . . . 104

A Some useful stuffs 109

A.1 Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
A.2 Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
A.3 Binary operations . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
A.4 Equivalence relations . . . . . . . . . . . . . . . . . . . . . . . . . 116
Chapter 1

Integers

In this chapter, we revisit the so called principle of mathematical induc-

tion and how to proofs statement by induction. We will also talk about the
Well Ordering Principle.

1.1 Induction
What do we mean by induction? Let us consider the following sequence
of integers:

1 = 1, (S)
1 + 3 = 4,
1 + 3 + 5 = 9,
1 + 3 + 5 + 7 = 16,
⋮

Does (S) follow any pattern? Look at carefully its left and right sides:

Left side Right side

Sum of the first n odd integers 12 , 22 , 32 , . . . , n2

Keeping in mind that the n-th odd integer is 2n − 1, we might wonder whether

?
1 + 3 + 5 + . . . + (2n − 1) = n2 (pn )

But how can we prove the validity of (pn )?

1
2 J. Sánchez-Ortega

Principle of Mathematical Induction. Let pn be a property or

statement defined for each n ∈ N. Suppose that the following two conditions
hold.

(1) Basis Step: p1 is true.

(2) Inductive Step: if pk is true, then pk+1 is true. (k ≥ 1)

Then the property pn is true for every n ∈ N.

Definition 1.1. The proof of a result that applies the Principle Mathematical
Induction is called a proof by induction. The assumption that pk is true is
called the induction hypothesis.

Example 1.2. Prove by induction that

1 + 3 + 5 + . . . + (2n − 1) = n2 , for all n ≥ 1

Solution: Let pn be the property 1 + 3 + 5 + . . . + (2n − 1) = n2 . It is clear that

the base step, (the validity of p1 ) holds since 1 = 12 . Assume that pk is true
and let us show that pk+1 is also true. The induction hypothesis tells us that
1 + 3 + 5 + . . . + (2k − 1) = k 2 . Using this we obtain that

1 + 3 + 5 + . . . + (2k − 1) + (2k + 1) = k 2 + 2k + 1 = (k + 1)2 ,

proving the validity of pk+1 and the induction principle applies to get that pn
is true for all n ≥ 1.

We have started the Principle of Mathematical Induction at 1 but we can

indeed replace it by any integer m. More concretely:

General Principle of Mathematical Induction. If m ∈ N and pm ,

pm+1 , . . . are statements such that

(1) Base Step: pm is true.

(2) Inductive Step: if pk is true, then pk+1 is true, where k ≥ m.

Then pn is true for each n ≥ m.

To prove the General Principle of Mathematical Induction, apply the

Principle of Mathematical Induction to the family of statements:

tn = pm+n−1 , n ≥ 1.
1. Integers 3

A variant of the principle of mathematical induction is the following:

Strong Induction. Let m ∈ N and for each n ≥ m, let pn be a statement.

If the following conditions are satisfied:

(1) pm is true.
(2) If k ≥ m and all of pm , pm+1 , . . . , pk are true, then pk+1 is also true.

Then pn is true for every n ≥ m.

Proof. Given n ≥ m, we define the following statement:

tn ∶ pm , pm+1 , . . . , pn are true

Note that tm is true by (1). Assume that tk is true for some k ≥ m, and let us
show that tk+1 is so. Note that the validity of tk means that pm , pm+1 , . . . , pk
are true. Then (2) implies that pk+1 is true, so tk+1 is true, as desired. An
application of the General Principle of Mathematical Induction concludes the
proof.

Definition 1.3. We say that p ∈ N is prime number (or simply prime)

if p ≠ 1 and the only natural numbers divisors of p are 1 and p. A natural
number ≥ 2 which is not prime is called composite.
For instance, the first few primes are 2, 3, 5, 7, 11, 13, . . .

Example 1.4. Use strong induction to show that every integer n ≥ 2 is a

product of (one or more) primes.
Solution: For n ≥ 2, consider the statement

pn ∶ n is a product of primes.

It is clear that p2 is true, since 2 is a prime. Take k ≥ 2 and assume that

p2 , p3 , . . . , pk are true, i.e., 2, 3, . . . , k are all products of primes. In order to
apply Strong Induction, we need to show that k + 1 is a product of primes.
We distinguish two cases:

• Case 1: k + 1 is a prime. In this case we are done! :)

4 J. Sánchez-Ortega

• Case 2: k + 1 = ab, for some 2 ≤ a, b ≤ k.

Applying the Strong Induction hypothesis, we get that a and b are

product of primes, so is ab = k + 1.

At this point, you might be wondering what is the difference between

Induction and Strong Induction, or in other words, when one should use Strong
Induction. Sometimes, like in the previous example, in order to prove the
validity of the statement pk+1 it is not enough to assume that the statement
pk is true. We might need to use that some other statement pi is true, for i ¡
k. Okay, you might be now thinking “how do I know that?” If you are trying
to prove that pk+1 is true assuming only that pk holds, and you can not go
very far in the proof (your argument does seem natural/ smooth and you are
stuck), then most likely, you should give Strong Induction a go.
We close this section with a property of the natural numbers that turns out
to be equivalent to the principle of induction. It states that every nonempty
set of N has a smallest integer. More precisely:

Well-Ordering Axiom/ Least Integer Principle.

If X is a nonempty subset of N, then there exists a ∈ X such that a ≤ x
for all x ∈ X.

Theorem 1.5. The following principles are equivalent:

(i) Well-Ordering

(ii) Induction

(iii) Strong Induction

Proof. (i) ⇒ (ii)

Let p1 , p2 , . . . be statements such that p1 is true and pk ⇒ pk+1 for every
k ≥ 1. We have to show that pn is true for every n ≥ 1. To do so we define the
set
X = {n ≥ 1 ∣ pn is false}.

In other words, X consists on the natural numbers n such that pn is false.

Our goal is to show that X = ∅. Assume on the contrary that X ≠ ∅. Then
1. Integers 5

by the Well-Ordering Principle X has a smallest element, say m. Notice that

m > 1 since p1 is true, so m − 1 ≥ 1. Notice that m − 1 ∉ X because m is the
least element of X. Thus pm−1 is true and so is pm (because pm−1 ⇒ pm ). But
this is impossible because pm is false, since m ∈ X. Thus X = ∅ and hence pn
is true for all n ≥ 1.
(ii) ⇒ (iii)
We have already proved this.
(iii) ⇒ (i)
Let X be a nonempty subset of N and let us show that X contains a least
element. For n ≥ 1, define the statement

pn ∶ if n ∈ X then X has a least element.

Notice that p1 is true; in fact, if 1 ∈ X, then 1 is the least element of X. Take

k ≥ 1 and assume that p1 , . . . , pk are true and let us show that pk+1 is also true.
Suppose then that k + 1 ∈ X and let us prove that X has a least element. We
consider two cases:

(1) k + 1 is the least element of X. Then there is nothing to prove.

(2) There exists m ∈ X such that m < k + 1. In this case, then pm is true,
and since m ∈ X, this implies that X has a least element. In any case,
we have proved that if k + 1 ∈ X, then X has a least element, that is,
pk+1 is true.

Applying Strong Induction we can conclude that pn is true for all n ≥ 1.

Keeping in mind that X is nonempty, we get that X has a least element.

1.2 Divisibility and Prime Factorization

In this section, we will cover the following topics:

• Long division of integers. Division Algorithm.

• Gcd, relatively primes, primes, Bézout’s Lemma. Euclidean Algorithm.

• Prime Factorization. Lcm.

6 J. Sánchez-Ortega

1.2.1 Division Algorithm

Let me start with an easy question:

What do we mean by writing 22

7 in the form 3 + 17 ?

Well ... We are just saying that 22 can be written as 22 = 3 ⋅ 7 + 1. In other

words, 22 leaves a remainder of 1 when divided by 7. This is a very
important property of the integers, known as the Division Algorithm; we will
see that is a consequence of the Well-Ordering Axiom.

Division Algorithm. Let n and d ≥ 1 be integers. Then there exist

unique integers q and r such that n = qd + r and 0 ≤ r < d.

Proof. We divide the proof into two parts:

Part 1: Existence of q and r
Consider the set X = {n − td ∣ t ∈ Z, n − td ≥ 0}. We claim that X is
non-empty. In fact:

• If n ≥ 0, then n ∈ X since n = n − 0 ⋅ d ≥ 0.

• If n < 0, then n − nd ∈ X since n − nd = n(1 − d) ≥ 0.

Hence X is non-empty, and the Well-Ordering Axiom applies to get that

X has a least element r. Then r ≥ 0 and r = n − qd for some q ∈ Z. Thus,
n = qd + r. It remains to show that r < d. Suppose on the contrary that r ≥ d.
Then r − d ∈ X since r − d ≥ 0 and

r − d = n − qd − d = n − (q + 1)d.

This contradicts the minimality of r (because r − d < r) and so r < d.

Part 2: Uniqueness of q and r
Suppose that we can also write n = q ′ d + r′ for some integers q ′ and r′ such
that 0 ≤ r′ < d. We can assume (without loss of generality) that r ≥ r′ . Then
subtracting both expressions we obtain that

0 = (q − q ′ )d + r − r′ ,

which implies that (q ′ − q)d = r − r′ . On the other hand, we know that

0 ≤ r − r′ ≤ r < d, and q ′ − q is an integer. So necessarily r = r′ and q = q ′ .
1. Integers 7

Definition 1.6. For n and d ≥ 1, we call the integers q and r in the Division
Algorithm the quotient and remainder, respectively.

Example 1.7. If we divide n = −17 by d = 5, the result is

−17 = (−4) ⋅ 5 + 3,

so the quotient is −4 and the remainder is 3.

If both n and r are positive, the familiar process of long division is an

algorithm for finding the quotient q and the remainder r. If we have a
calculator, we can easily find q and r as follows:

1. Find n/d.

2. Let q be the largest integer that is less than or equal to n/d.

3. Take r = n − qd.

Example 1.8. Find the quotient and remainder if n = 4187 and d = 129.
Solution: We have that n/d = 32.457 approximately. So q = 32 and
r = n − dq = 4187 − 129 ⋅ 32 = 59. Thus, 4187 = 32 ⋅ 129 + 59.

1.2.2 Greatest common divisor. Primes and coprime

integers
Let us revisiting a very important concept: divisibility. If n and d are two
integers with d ≠ 0. We say that n is divisible by d, or that d is a divisor
of n, if there exists an integer q such that n = qd. We will write d∣n . We also
say that n is a multiple of d. If d does not divide n, we write d ∣/ n .

Example 1.9. Observe that 2∣108, or 108 is divisible by 2 since 108 = 2 ⋅ 54.
But 5 ∣/ 108 since there is no integer q for which 108 = 5q.

☀ Note: 1∣n and n∣0, for all integers n.

r = 0 ⇔ d∣n

Theorem 1.10. Let m, n and d be integers.

(1) n∣n for all n.

8 J. Sánchez-Ortega

(2) d∣m, m∣n ⇒ d∣n.

(3) d∣n, n∣d ⇒ d = ±n.

(4) d∣n, d∣m ⇒ d∣(xn + ym), for all integers x and y.

Proof. (1) It is clear that n∣n since n = 1 ⋅ n.

(2) Assume that d∣m, m∣n, and let us show that d∣n. Then there exist two
integers q, q ′ such that m = qd and n = q ′ m. From here we get that

n = q ′ m = q ′ (qd) = (q ′ q)d,

which proves that d∣n, as desired.

(3) Assume that d∣n and n∣d. Then we can find integers q and q ′ satisfying
that n = qd and d = q ′ n. From here we get that

n = qd = qq ′ n ⇒ n(1 − qq ′ ) = 0 ⇒ qq ′ = 1 ⇒ q = q ′ = 1 or q = q ′ = −1.

Thus either d = n or d = −n.

(4) Assume that d∣n and d∣m, and take two integers x and y. Our assump-
tions allow us to find two integers q and q ′ such that n = qd and m = q ′ d.
Thus:
xn + ym = xqd + yq ′ d = (xq + yq ′ )d,

which implies that d∣(xn + ym).

Expressions of the form xn + ym , where x and y are integers, are called

linear combinations of n and m.

Example 1.11. If d ≥ 1 is such that d∣(3k + 5) and d∣(7k + 2) for some k,

show that d = 1 or that d = 29.
Solution: Apply Theorem 1.10 (4) to conclude that d divides the linear
combination 7(3k + 5) − 3(7k + 2)35 = 29. From here, we can obtain that d = 1
or d = 29.

Definition 1.12. Let m and n be integers. We say that an integer d is a

common divisor of m and n if d∣m and d∣n.
1. Integers 9

Example 1.13. Consider the positive divisors of 36 and 84:

Positive divisors of 36 Positive divisors of 84

1, 2, 3, 4, 6, 9, 12, 18, 36 1, 2, 3, 4, 6, 7, 12, 14, 21, 28, 42, 84

Common divisors of 36 and 84

1, 2, 3, 4, 6, 12

☀ Note! The largest common divisor 12 is a multiple of all the other

positive common divisors.

Definition 1.14. Let m and n be integers, not both zero. An integer d is

called the greatest common divisor of m and n, written d = gcd(m, n)
if it satisfies the following:
(1) d ≥ 1.
(2) d∣m and d∣n.
(3) k∣m and k∣n ⇒ k∣d.
We say that m and n are coprime or relatively prime if gcd(m, n) = 1.

For example, gcd(36, 84) = 12 and gcd(−9, 15) = 3. Note that 9 and 16 are
coprime since gcd(9, 16) = 1.
The following results will be useful when proving identities involving the gcd.
Bézout’s Lemma. Let m and n be two integers, not both zero. Then
d = gcd(m, n) exists and d = xm + yn for some integers x and y.

Proof. Let X = {sm + tn ∣ s, t ∈ Z and sm + tn ≥ 1}. Note that X is non-

empty, since m2 + n2 ∈ X. By the Well-Ordering Axiom we can find a least
element in X, say d. Then d ≥ 1 and d = xm + yn for integers x and y; if k∣m
and k∣n, then k∣(xm + yn) = d by Theorem 1.10 (4). This shows that any
common divisor of m and n is a divisor of d. It remains to show that d is
a common divisor of m and n. Here, we will show that d∣n. One can show
that d∣m similarly. Apply the Division Algorithm to find q, r ∈ Z such that
n = qd + r and 0 ≤ r < d. Then

r = n − qd = n − q(xm + yn) = (−qx)m + (1 − qy)n,

which says that r is a linear combination of m and n. If r > 0 we would have

that r ∈ X, which contradicts the minimality of d in X. Thus r = 0.
10 J. Sánchez-Ortega

Direct consequences of Bézout’s Lemma are:

Corollary 1.15. Two integers m and n are relatively prime if and only if
there exist integers x and y such that xm + yn = 1. In particular, any two
consecutive integers k and k + 1 are relatively prime.

Proof. If m and n are relatively prime, then the result follows by Bézout’s
Lemma. Suppose now that there exist integers x and y such that xm + yn = 1,
and let d = gcd(m, n). Then an application of Theorem 1.10 (4) tells us that
d∣(xm + yn). But xm + yn = 1, so d∣1 and since d ≥ 1 (by the definition of the
gcd) we have that d = 1, proving that m and n are relatively prime.

Corollary 1.16. If d = gcd(m, n), then m/d and n/d are relatively prime.

Caution! If d ≠ 1 is such that d = xm + yn for some integers x and y, we

can not conclude that d = gcd(m, n). In other words, the converse of
Bézout’s Lemma does not hold in general. For example, 12 = 1 ⋅ 4 + 1 ⋅ 8,
and gcd(4, 8) = 4 ≠ 12.

Theorem 1.17. Let m and n be relatively prime integers. Then for any
integer k

(1) m∣k, n∣k ⇒ mn∣k.

(2) m∣kn ⇒ m∣k.

Proof. By Bézout’s Lemma, we have 1 = xm + yn, for x and y integers.

(1) If k = qm and k = pn for some integers p and q, then

k = 1 ⋅ k = (xm + yn)k = xmk + ynk = xm(pn) + yn(qm) = (xp + yq)mn.

Hence mn∣k, proving (1).

(2) Let nk = qm, where q is an integer. Then

k = 1 ⋅ k = (xm + yn)k = xmk + ynk = xmk + y(qm) = (xk + yq)m,

which shows that m∣k, as desired.

It is well known that if the product mn of two integers m and n is even,

then either m or n is even. This fact can be rephrased as “if 2∣mn then either
2∣m or 2∣n”. As we will prove now, this statement indeed holds for any prime.
1. Integers 11

Euclid’s Lemma. Let p be a prime.

(1) If p∣mn where m and n are integers, then either p∣m or p∣n.

(2) If p∣m1 m2 . . . mr where each mi is an integer, then p∣mi for some i.

Proof. (1) Let d = gcd(m, p). Then d∣p, which implies that either d = 1 or
d = p (because p is a prime). If d = p, then p∣m; otherwise if d = 1, then m and
p are coprime, and Theorem 1.17 (2) applies to get that p∣n.
(2) follows by induction on r; in fact, the base case r = 2 is (1). Suppose that
(2) is true for r − 1, and let p∣m1 m2 . . . mr−1 mr (for r > 2). Then from (1) (or
the base case of the induction) we obtain that either p∣m1 m2 . . . mr−1 or p∣mr .
If p∣mr , then we are done; otherwise if p∣m1 m2 . . . mr−1 , then applying the
inductive hypothesis we obtain that p∣mi for some i ∈ {1, . . . , r − 1}, concluding
the proof.

☀ Note! Euclid’s Lemma fails for non primes! For example, 6 is a

divisor of 3 ⋅ 4, but 6 does not divide 3 or 4.

1.2.3 Euclidean Algorithm

Euclid provided in his book Elements (written 300 BC) an algorithm (known
nowadays as the Euclidean algorithm) to compute the gcd of two positive
integers m and n. The key is the following result:

Proposition 1.18. If m = qn + r then gcd(m, n) = gcd(n, r).

Proof. Write d = gcd(m, n) and k = gcd(n, r). Then k∣(qn + r), i. e., k∣m.
Thus k is a common divisor of m and n, so k∣d since d = gcd(m, n). A similar
argument (using the linear combination r = −qn + m) shows that d∣k, so d = ±k
by Theorem 1.10 (3). Thus d = k because both d and k are positive.

Example 1.19. For m = 140 and n = 21, we have that 140 = 6⋅21+14, that is,
q = 6 and r = 4. Proposition 1.18 tells us that gcd(140, 21) = gcd(21, 14) = 7.
12 J. Sánchez-Ortega

Euclidean Algorithm. Let m and n be integers, not both zero. We

apply the Division Algorithm repeatedly:

m = q1 n + r1 divisor: n, remainder: r1
n = q2 r1 + r2 divisor: r1 , remainder: r2
r1 = q3 r2 + r3
⋮ ⋮ ⋮

At each stage we divide the divisor at the previous stage by the remainder, so
the remainders form a decreasing sequence of nonnegative integers:

n > r1 > r2 > r3 > . . . ≥ 0.

It is clear that (in at most n steps) we will reach a remainder of 0. Assume

that rt is the last nonzero remainder, then the last two equations are:

rt−2 = qt rt−1 + rt , and rt−1 = qt+1 rt + 0.

Now, Proposition 1.18 gives

gcd(m, n) = gcd(n, r1 ) = gcd(r1 , r2 ) = . . . = gcd(rt−1 , rt ) = rt

Thus gcd(m, n) is the last nonzero remainder.

Moreover, we can express gcd(m, n) = rt as a linear combination of
m and n (finding the coefficients in Bézout’s Lemma) by eliminating the
remainders rt−1 , rt−2 , . . . , successively from these equations.

Example 1.20. Find gcd(268, 112) and express it as a linear combination

of 268 and 112.
Solution: We will use the Euclidean Algorithm. To do so, we first apply
the Division Algorithm repeatedly until we reach a zero remainder. In our
case, we obtain the following:

268 = 2 ⋅ 112 + 44
112 = 2 ⋅ 44 + 24
44 = 1 ⋅ 24 + 20
24 = 1 ⋅ 20 + 4
20 = 5 ⋅ 4 + 0.

Next we look at the last remainder before the zero remainder. Since it is 4,
1. Integers 13

the Euclidean Algorithm allows us to conclude that

gcd(268, 112) = 4.

To write 4 as a linear combination of 112 and 268, we eliminate the remainders

as follows:

268 = 2 ⋅ 112 + 44 ⇒ 44 = 268 − 2 ⋅ 112 (1.1)

112 = 2 ⋅ 44 + 24 ⇒ 24 = 112 − 2 ⋅ 44 (1.2)
44 = 1 ⋅ 24 + 20 ⇒ 20 = 44 − 1 ⋅ 24 (1.3)
24 = 1 ⋅ 20 + 4 ⇒ 4 = 24 − 1 ⋅ 20 (1.4)
20 = 5 ⋅ 4 + 0.

Starting at the bottom, we can write the gcd as a linear combination of two
larger and larger numbers:

(1.4) (1.3) (1.2)

4 = 24 − 20 = 24 − (44 − 24) = 2 ⋅ 24 − 44 = 2(112 − 2 ⋅ 44) − 44 =
(1.1)
= 2 ⋅ 112 − 5 ⋅ 44 = 2 ⋅ 112 − 5(268 − 2 ⋅ 112) = 268 ⋅ (−5) + 112 ⋅ 12

1.2.4 Prime Factorization

Prime Factorization Theorem.

(1) Every integer n ≥ 2 is a product of (one or more) primes.

(2) The factorization is unique up to the order of the factors.
That is, if n = p1 p2 . . . pr = q1 q2 . . . qs , where all the pi and qj are
primes, then r = s and the qj can be relabelled so that pi = qi for all
i = 1, 2, . . . , r.

Proof. (1) We have already proved it. (See Example 1.4.)

(2) Assume on the contrary that (2) fails. It means that we can find an
integer ≥ 2 admitting two different factorizations into primes. Then by the
Well-Ordering Axiom we can choose m ≥ 2 to be the smallest integer admitting
two different factorizations into primes:

m = p 1 p2 . . . p r = q1 q 2 . . . q s ,
14 J. Sánchez-Ortega

Then m is not a prime (otherwise, it would only admit a prime factorization;

the trivial one) and so r ≥ 2, s ≥ 2. We have p1 ∣q1 q2 . . . qs , so p1 ∣qj (for some j)
by Euclid’s Lemma. By relabelling the qj , we may assume that p1 ∣q1 , which
yields that p1 = q1 because both are primes, so

m
= p2 . . . p r = q2 . . . q s ,
p1

is an integer (smaller than m) that admits two distinct factorizations into

primes. It contradicts the choice of m, and therefore proves (2).

For any integer n ≥ 2, the Prime Factorization Theorem asserts that n can
be written uniquely in the form:

n = pn1 1 pn2 2 . . . pnr r ,

where the pi are the distinct prime divisors of n, and ni ≥ 1 for each i. For
example, 60 = 22 ⋅ 3 ⋅ 5. If n has only one prime divisor, we call it a prime
power. For instance, 9 = 32 , 8 = 23 . We say that n is square free if all its
exponents are equal to 1, that is ni = 1 for all i. Hence, any prime is square
free, as are 6 = 2 ⋅ 3 and 70 = 2 ⋅ 5 ⋅ 7.

Example 1.21. 504 = 23 ⋅ 32 ⋅ 7, and this is the only way to factor 504 into
primes.

The Prime Factorization Theorem provides a list of all positive

divisors of an integer n when its prime factorization is known. For example,
if n = 12 = 22 ⋅ 3, these divisors are 1, 2, 3, 4, 6, 12, and they can be written as

1 = 20 ⋅ 30 , 3 = 20 ⋅ 31
2 = 21 ⋅ 30 , 6 = 21 ⋅ 31
4 = 22 ⋅ 30 , 12 = 22 ⋅ 31

Thus they can all be expressed as 2r ⋅ 3s , where 0 ≤ r ≤ 2 and 0 ≤ s ≤ 1.

Theorem 1.22. Let n be an integer with prime factorization

n = pn1 1 pn2 2 . . . pnr r ,

1. Integers 15

where the pi are all distinct primes and ni ≥ 1 for each i. Then the positive
divisors of n are precisely the integers d of the following form:

d = pd11 pd22 . . . pdr r , with 0 ≤ di ≤ ni for all i.

Proof. It follows by Euclid’s Lemma and the Prime Factorization Theorem.

Fill in the details yourself.

Definition 1.23. Let n1 , n2 , . . . , nr be positive integers. The least common

multiple lcm(n1 , n2 , . . . , nr ) of n1 , . . . , nr is the the (positive) common mul-
tiple of n1 , . . . , nr that is a divisor of any other common multiple of n1 , . . . , nr .

We can use the Prime Factorization Theorem to compute the gcd and
the lcm. Let us see an example:

Example 1.24. Find d = gcd(12, 20, 18) and m = lcm(12, 20, 18).
Solution: We first compute the prime factorization of 12, 20 and 18:

12 = 22 ⋅ 31 ⋅ 50
20 = 22 ⋅ 30 ⋅ 51
18 = 21 ⋅ 32 ⋅ 50

To find d we consider the product of common primes (2 in this case) power to

the minimum exponents (i.e. 1). Thus:

d = gcd(12, 20, 18) = 21 = 2

While to compute m we look at the product of all primes power to the

maximum exponents, that is:

m = lcm(12, 20, 18) = 22 ⋅ 32 ⋅ 51 = 180

This method is collected in the following result.

Theorem 1.25. Let {a, b, c, . . .} be a finite set of positive integers, and let
the factorization into primes

a = pa11 pa22 . . . par r

b = pb11 pb22 . . . pbrr
c = pc11 pc22 . . . pcrr
⋮ = ⋮
16 J. Sánchez-Ortega

where an exponent is zero if such a prime does not occur. Then

gcd(a, b, c) = pk11 pk22 . . . pkr r , lcm(a, b, c) = pm1 m2 mr

1 p2 . . . pr ,

where ki = min(ai , bi , ci , . . .), mi = max(ai , bi , ci , . . .) for each i.

Corollary 1.26. Let a, b be positive integers. Then

lcm(a, b) ⋅ gcd(a, b) = ab.

☀ In summary to compute gcd(a, b) we have seen two methods:

Method 1: Using the Factorization into Primes (see Theorem 1.25).

Method 2: Appling the Euclidean Algorithm.
If we find gcd(a, b) by using Method 1, the corollary above can be used to
compute lcm(a, b).
At this point it is worth to mention that in general

lcm(a, b, c) ⋅ gcd(a, b, c) ≠ abc.

We close this section with another application of the Prime Factorization

Theorem.

Euclid’s Theorem. There are infinitely many primes.

Proof. Suppose, on the contrary, that there are only n primes: p1 , p2 , . . . , pn .

Consider the integer m = 1 + p1 p2 . . . pn ≥ 2. The first part of the Prime
Factorization Theorem allows us to conclude that some prime must divide m,
say pi . From pi ∣m and pi ∣p1 p2 . . . pn , we get that pi ∣(m − p1 p2 . . . pn ), that is,
pi ∣1. But this is impossible, and so there are infinitely many primes.

1.3 Integers modulo n

In this section, we will introduce a very important equivalence relation on Z,
called congruence modulo (an integer) n, and study its equivalence classes.
Recall that two integers a and b have the same parity if both are even
or both are odd, that is, 2∣(a − b). Congruence modulo n generalizes this
situation, letting any integer n play the role of 2.
1. Integers 17

Definition 1.27. Let n ≥ 2, a and b be integers. We say that a and b are

congruent modulo n if n∣(a − b). In such a case, we write a ≡ b (mod n)
and refer to n as the modulus.

Remark 1.28. We have taken n ≥ 2 , since the cases n = 0 and n = 1 are

not interesting. The congruence a ≡ b (mod 1) is always true, and

a ≡ b (mod 0) ⇔ 0∣(a − b) ⇔ a = b

Example 1.29. 2 ≡ 5 (mod 3), 21 ≡ 16 (mod 5), −4 ≡ 2 (mod 6).

Example 1.30. Let a and b be two positive integers, then a ≡ b (mod 10)
if and only if they have the same last digit, since 10∣(b − a). In general,
a ≡ b (mod 10n ) if and only if they have same last n digits. For instance,
533 ≡ 1433 (mod 100).

Remark 1.31. Since congruences will play an important role in your algebra
journey, at this point it is worth stopping for a moment and think what we
are indeed doing. So, I want you to imagine a wall clock that has struck three,
like in this figure:

11 12 1
10 2
9 3
8 4
7 6 5

What will the time be in four hours? and in seven hours? Obviously, the
answers will be 3 + 4 = 7 and 3 + 7 = 10, respectively. But be careful here, you
all know that once we reach to 12, we will be back at 1. In other words, on a
clock when the numbers get to 12, they start again at 0. So, in ten hours, the
time will be 1 (which is not 3 + 10 = 13); the same will happen after 22 hours
(it will be 1 instead of 25). Note that 13 ≡ 1 (mod 12) and 25 ≡ 1 (mod 12).
What you have been doing is computing the remainder when divided by 12:

13 = 1 ⋅ 12 + 1, 25 = 2 ⋅ 12 + 1.
18 J. Sánchez-Ortega

We can view congruence modulo n like a clock with n numbers on it instead

of 12. Then two integers will be congruent modulo n if they end up in the
same place on the clock.

Theorem 1.32. Congruence modulo n is an equivalence relation on Z:

(a) a ≡ a (mod n) for every integer a.

(b) a ≡ b (mod n) implies b ≡ a (mod n).

(c) a ≡ b (mod n) and b ≡ c (mod n) implies a ≡ c (mod n).

Proof. (a) is clear since n∣(a − a) = 0.

(b) If a ≡ b (mod n), then n∣(a − b). From here we derive that n∣(b − a),
that is, b ≡ a (mod n).
(c) Suppose that a ≡ b (mod n) and b ≡ c (mod n). This means that
n∣(a − b) and n∣(b − c). Applying Theorem 1.10 (4) we obtain that n∣((a − b) +
(−1)(b − c)), that is, n∣(a − c), showing that a ≡ c (mod n), as required.

Definition 1.33. The equivalence class [a]n or [a] of an integer a with respect
to congruence modulo n is called its residue class modulo n.

[a]n = {x ∈ Z ∣ x ≡ a (mod n)}.

We say that a is a generator of [a]n . Let us try to rephrase the sentence

“being congruent to a modulo n” in a more simple way:

x ∈ [a]n ⇔ x ≡ a (mod n) ⇔ n∣(x − a) ⇔ x − a = qn, for q ∈ Z.

Notice that we have proved that x ∈ [a]n if and only if the remainder when
dividing x by n is a . In other words, [a]n consists on the integers whose
remainder is a when divided by n.
Two residue classes [a]n and [b]n are equal if and only if a ≡ b (mod n) .
In fact, if a ≡ b (mod n) and x ∈ [a]n , then x ≡ a (mod n). Using that
congruence modulo n is an equivalence relation we obtain that x ≡ b (mod n),
which means that x ∈ [b]n . This proves that [a]n ⊆ [b]n ; the other containment
can be shown in a similar way. The converse trivially holds.
The set consisting of all the residue classes modulo n is denoted by Zn ,
and is called the set of integers modulo n.
1. Integers 19

Theorem 1.34. Let n ≥ 2 be an integer.

(1) If a ∈ Z, then [a]n = [r]n for some 0 ≤ r ≤ n − 1.

(2) The residue classes [0]n , [1]n , . . . , [n − 1]n are all distinct.

Proof. (1) For a ∈ Z, apply the Division Algorithm to get a = qn + r, where

0 ≤ r ≤ n − 1. From here we derive n∣(a − r), and so a ≡ r (mod n), which is
equivalent to say that [a]n = [r]n .
(2) Suppose that [r]n = [s]n for some 0 ≤ r, s ≤ n − 1. We can assume
(without loss of generality) that r ≤ s. Now [r]n = [s]n implies that n∣(s − r),
or that s − r is a multiple of n. But 0 ≤ s − r ≤ n − 1 yields r = s.

Corollary 1.35. Zn has n elements: Zn = {[0]n , [1]n , . . . , [n − 1]n }

Example 1.36. Z2 has two elements, which are the residue classes of the
remainders obtained when divided by 2. There only two possible remainders,
namely, 0 and 1. So, Z2 = {[0]2 , [1]2 }, where

[0]2 = {x ∈ Z ∣ x ≡ 0 (mod 2)} = integers with remainder 0 when divided by 2

= the set of even integers,
[1]2 = {x ∈ Z ∣ x ≡ 1 (mod 2)} = integers with remainder 1 when divided by 2
= the set of odd integers

Example 1.37. Find [48] and [−16] in Z7 .

Solution: We know that Z7 = {[0], [1], . . . , [6]}. So, the question here
is the following: What of such elements equals [48] (respectively, [−16])?
Keeping in mind the proof of Theorem 1.34 (1), all we need to do is to find
the remainder when divided 48 (respectively, −16) by 7:

48 = 6 ⋅ 7 + 6 ⇒ 48 ≡ 6 (mod 7),
−16 = (−3)7 + 5 ⇒ −16 ≡ 5 (mod 7),

Hence: [48] = [6] and [−16] = [5] in Z7 .

Pay special attention to Theorem 1.34 (1). Its proof is what we call in
Mathematics constructive, since it provides a method to find elements in Zn ,
as we have seen in Example 1.37; which, by the way, it is important.
20 J. Sánchez-Ortega

1.3.1 Modular arithmetic

Let n ≥ 2 be an integer. We can define an addition (respectively, a multipli-
cation) on the set of integers Zn modulo n by adding (respectively, multiply-
ing) the generators of the corresponding residue classes. More precisely, for
[a], [b] ∈ Zn we define:

[a] + [b] = [a + b] and [a] ⋅ [b] = [ab].

For instance, [3]6 + [5]6 = [3 + 5]6 = [8]6 = [2]6 , since 8 ≡ 2 (mod 6). Before
studying the properties of these two new operations, we need to check that
they do not depend on the generator of the residue classes. For example,
[9]6 = [3]6 , so [9]6 + [5]6 should produce the same result that [3]6 + [5]6 , that
is, [2]6 . Let us check this out:

[9]6 + [5]6 = [9 + 5]6 = [14]6 = [2]6 , since 14 ≡ 2 (mod 6).

We prove this fact, in a more general way, in the next result.

Theorem 1.38. Let n ≥ 2 be an integer, and ai , bi ∈ Z (for i = 1, 2) such that

a1 ≡ a2 (mod n) and b1 ≡ b2 (mod n). Then:

(1) a1 + b1 ≡ a2 + b2 (mod n) ,

(2) a1 b1 ≡ a2 b2 (mod n) ,

1 ≡ a2 (mod n) , for all m ≥ 1.

(3) am m

Proof. (1) From a1 ≡ a2 (mod n) and b1 ≡ b2 (mod n), we get that n∣(a1 −a2 )
and n∣(b1 − b2 ). An application of Theorem 1.10 (4), we obtain that

n∣(a1 − a2 + (b1 − b2 )) ⇒ n∣((a1 + b1 ) − (a2 + b2 )),

which implies a1 + b1 ≡ a2 + b2 (mod n), as required.

(2) Applying Theorem 1.10 (4) we obtain that

n∣((a1 − a2 )b1 + a2 (b1 − b2 )) = a1 b1 − a2 b2 ,

which implies that a1 b1 ≡ a2 b2 (mod n), as desired.

Notice that (3) follows from (2).
1. Integers 21

Notation 1.39. From now on, to simplify our calculations, we will denote
the residue class [a]n simply by ā .

Example 1.40. Below you could find the addition and multiplication tables
of Z6 . We will talk more about these tables (usually called Cayley tables)
when we introduce groups in Chapter 3.

+ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄ × 0̄ 1̄ 2̄ 3̄ 4̄ 5̄
0̄ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄ 0̄ 0̄ 0̄ 0̄ 0̄ 0̄ 0̄
1̄ 1̄ 2̄ 3̄ 4̄ 5̄ 0̄ 1̄ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄
2̄ 2̄ 3̄ 4̄ 5̄ 0̄ 1̄ 2̄ 0̄ 2̄ 4̄ 0̄ 2̄ 4̄
3̄ 3̄ 4̄ 5̄ 0̄ 1̄ 2̄ 3̄ 0̄ 3̄ 0̄ 3̄ 0̄ 3̄
4̄ 4̄ 5̄ 0̄ 1̄ 2̄ 3̄ 4̄ 0̄ 4̄ 2̄ 0̄ 4̄ 2̄
5̄ 5̄ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄ 0̄ 5̄ 4̄ 3̄ 2̄ 1̄

Example 1.41. Compute the remainder when 4119 is divided by 7.

Solution: Here, we are going to learn a way to solve this problem, without
having to use a calculator. Suppose for a moment we have found 0 ≤ r ≤ 6
satisfying that 4119 = 4̄119 = r̄ in Z7 , or [4119 ]7 = [r]7 using our “old” notation.
Then, in particular, 4119 ∈ [r]7 , which means that the remainder of 4119 when
divided by 7 is r. Therefore, our goal is to find such r.
To do so, we first find n ≥ 1 such that 4̄n = 4n = 1̄ in Z7 . We will justify
the existence of such n later on. By now, let us just find it:

4̄2 = 16 = 2̄, since 16 ≡ 2 (mod 7),

4̄3 = 4̄2 ⋅ 4̄ = 2̄ ⋅ 4̄ = 8̄ = 1̄, since 8 ≡ 1 (mod 7).

So, n = 3 satisfies that 4̄3 = 1̄ in Z7 . Here is the trick now: we apply the
Division Algorithm with 119 and 3 to obtain that 119 = 3 ⋅ 39 + 2. Lastly, using
how modular operations work we have that

4̄119 = 4̄3⋅39+2 = (4̄3 )39 ⋅ 4̄2 = 2̄

Hence, the remainder when divided 4119 by 7 is 2.

Some properties of the modular operations (that is, the addition and
multiplication in Zn ) are collected in the following result. Please give its proof
a try, and let me know whether you encounter any problems.
22 J. Sánchez-Ortega

Theorem 1.42. Let n ≥ 2 be a fixed modulus and a, b, c ∈ Z. Then the

following hold in Zn .

(1) ā + b̄ = b̄ + ā and āb̄ = b̄ā.

(2) ā + (b̄ + c̄) = (ā + b̄) + c̄ and ā(b̄c̄) = (āb̄)c̄.

(3) ā + 0̄ = ā and ā1̄ = ā . We call 0̄ the zero of Zn , while 1̄ is said to be

the unity of Zn .

(4) ā + −a = 0̄ . We usually write −ā to denote −a.

(5) ā(b̄ + c̄) = āb̄ + āc̄.

Remark 1.43. In the previous result, we have highlighted some of the prop-
erties of the modular operations, which should be familiar to you, since the
addition and multiplication in Z also have them. One could say that this
was pretty normal. But, not everything will be “that normal” unfortunately.
There are several differences between the arithmetic of Zn and that of Z.
For example:

• 0 and 1 are the only integers satisfying that k 2 = k, while in Z6 the

elements 3̄ and 4̄ have that property:

(3̄)2 = 9̄ = 3̄, since 9 ≡ 3 (mod 6),

(4̄)2 = 16 = 4̄, since 16 ≡ 4 (mod 6),

• the cancellation law holds in Z: if ab = ac and a ≠ 0, then b = c. In

general, we do not have cancellation in Zn . For instance, in Z6 we
have that 4̄ ⋅ 2̄ = 4̄ ⋅ 5̄, where 4̄ ≠ 0̄ and 2̄ ≠ 5̄.

• If ab = 0 in Z, then either a = 0 or b = 0. This need not hold in Zn . For

instance, in Z6 we have that 2̄ ⋅ 3̄ = 0̄, and 2̄ ≠ 0̄, 3̄ ≠ 0̄.

1.3.2 Solving linear equations and systems in Zn

Now we will learn how to solve linear equations and systems in Zn . Let us by
noticing the following:

āx = c̄ in Zn ⇔ ax ≡ c (mod n)
1. Integers 23

āx + b̄y = r̄ ax + by ≡ r (mod n)

¯ = s̄ } in Zn
c̄x + dy
⇔ {
cx + dy ≡ s (mod n)

x̄ = r̄ in Zn x ≡ r (mod n)
} ⇔ { }
x̄ = s̄ in Zm x ≡ s (mod m)

We start by introducing a notion that will be very useful for our purposes.

Definition 1.44. Let n ≥ 2 and a, b be integers. A residue class b̄ ∈ Zn is

called an inverse of ā if āb̄ = b̄ā = 1̄ in Zn .

The following result provides a necessary and sufficient condition for an

element of Zn to have an inverse in Zn . The proof is constructive, which
means that it provides a method to find such an inverse.

Theorem 1.45. Let a and n be integers with n ≥ 2. Then ā has an inverse

in Zn if and only if a and n are relatively prime. Moreover, the inverse of ā
in Zn is the residue class of the coefficient of a in Bézout’s Lemma.

Proof. We have that

b̄ā = 1̄ in Zn ⇔ ba ≡ 1 (mod n) ⇔ 1 − ba = qn ⇔ 1 = ba + qn,

for some integer q, which is equivalent to say that gcd(a, n) = 1.

Example 1.46. Find the inverse of 16 in Z35 .

Solution: Let us start by noticing that 16 and 35 are relatively prime,
since gcd(16, 35) = 1. So, 16 has an inverse in Z35 by Theorem 1.45. Following
the proof of Theorem 1.45, we need to find the coefficient of 16 in Bézout’s
Lemma. We know (Bézout’s Lemma) that there are integers b and c such that
b ⋅ 16 + c ⋅ 35 = 1. Keeping in mind that 35 = 0̄ in Z35 we have that

b ⋅ 16 + c ⋅ 35 = b̄ ⋅ 16 + c̄ ⋅ 35 = b̄ ⋅ 16 = 1̄,

that is, the inverse of 16 in Z35 is the residue class of b in Z35 . In order to find
b, we apply the Euclidean Algorithm:

35 = 2 ⋅ 16 + 3, 16 = 5 ⋅ 3 + 1,
24 J. Sánchez-Ortega

which implies that

1 = 16 − 5 ⋅ 3 = 16 − 5 ⋅ (35 − 2 ⋅ 16) = 11 ⋅ 16 + (−5) ⋅ 35

We can then conclude that 11 is the inverse of 16 in Z35 . In fact:

11 ⋅ 16 = 11 ⋅ 16 = 176 = 1̄

in Z35 , since 176 ≡ 1 (mod 35) because 176 − 1 = 175 and 35∣175.

Example 1.47. Find the elements in Z9 that have inverses.

Solution: We know that

Z9 = {0̄, 1̄, 2̄, 3̄, 4̄, 5̄, 6̄, 7̄, 8̄}

Theorem 1.45 tells us that the elements in Z9 with inverses are the residue
classes r̄ such that r is coprime to 9 = 32 , that is, 3 does not divide r. Thus:

1̄, 2̄, 4̄, 5̄, 7̄, 8̄

are the only elements in Z9 having inverses. As an exercise, check that 1̄ and
8̄ are both self-inverse (1̄ ⋅ 1̄ = 1̄ and 8̄ ⋅ 8̄ = 1̄), 2̄ and 5̄ are inverses of each other
(2̄ ⋅ 5̄ = 1̄) as are 4̄ and 7̄ (4̄ ⋅ 7̄ = 1̄).

In what follows we find necessary and sufficient condition to be imposed

on n to guarantee that every nonzero element in Zn has an inverse.

Theorem 1.48. The following are equivalent for an integer n ≥ 2.

(1) Every element ā ≠ 0̄ in Zn has an inverse.

(2) If āb̄ = 0̄ in Zn , then either ā = 0̄ or b̄ = 0̄.

(3) n is a prime.

Proof. (1) ⇒ (2). Assume that āb̄ = 0̄ in Zn . If ā = 0̄, then we are done. So,
assume that ā ≠ 0 in Zn . Then by (1) ā has an inverse, say c̄. Thus:

āb̄ = 0̄ ⇒ c̄(āb̄) = 0̄ ⇒ (c̄ā)b̄ = 1̄ ⋅ b̄ = b̄ = 0̄,

which implies b̄ = 0̄ and (2) follows.

1. Integers 25

(2) ⇒ (3). Suppose on the contrary that n is not prime. Then n = ab for
some 2 ≤ a, b < n. But then

āb̄ = ab = n̄ = 0̄,

where ā, b̄ ≠ 0. This contradicts (2), and so n is a prime.

(3) ⇒ (1). Take ā ≠ 0̄ in Zn . Then gcd(a, n) = 1 since n is prime and ā ≠ 0̄.
Theorem 1.45 finishes the proof.

Let us come back now to the equation āx = c̄ in Zn . Clearly, if ā has

an inverse in Zn , then the equation āx = c̄ has a solution in Zn . Applying
Theorem 1.45, we can then conclude that if gcd(a, n) = 1 a solution exists.
Moreover, x = bc is a solution, where b̄ is the inverse of ā in Zn . At this point
a natural question arises: does the equation āx = c̄ have a unique solution?
See the next result for the answer!

Theorem 1.49. Let a and n be integers with n ≥ 2. If a and n are relatively

prime, then for every integer c the equation āx = c̄ can be solved for x (in Zn ).
In fact, x = bc, where b̄ā = 1̄ in Zn . Moreover, any two solutions are congruent
modulo n.

Proof. The first part follows from Theorem 1.45. Rewrite āx = c̄ as a
congruence equation ax ≡ c (mod n), and suppose that x1 and x2 are two
solutions:
ax1 ≡ c (mod n), ax2 ≡ c (mod n).
By the symmetry and transitivity properties of congruences we get that
ax1 ≡ ax2 (mod n), which says that n∣a(x1 − x2 ), and so n∣(x1 − x2 ), since
gcd(a, n) = 1. Thus x1 ≡ x2 (mod n), as desired.

Corollary 1.50. If p is prime, then the congruence ax ≡ c (mod p) is

always solvable provided that a is not divisible by p.

Example 1.51. Solve the equation 16x = 9̄ in Z35 .

Solution: From Example 1.46 we know that 11 is the inverse of 16 in
Z35 . Multiplying both sides of the given equation by 11 we obtain

x = 119̄ = 99 = 29, in Z35 ,

since 29 is the remainder obtained when divided 99 by 35: 99 = 2 ⋅ 35 + 29.

26 J. Sánchez-Ortega

Example 1.52. Solve the following system of equations in Z11 :

5̄x + 8̄y = 2̄
3̄x + 2̄y = 1̄

Solution: We proceed like usual, and perform some algebraic manipula-

tions to eliminate with one the variables. We begin by multiplying the second
equation by 4̄:
×4̄
3̄x + 2̄y = 1̄ ⇒ 12x + 8̄y = 4̄ ⇔ x + 8̄y = 4̄.

Next, subtract the resulting equation from the first equation to obtain that

4̄x = −2̄ = 9̄ (1.5)

It remains to compute the inverse of 4̄ in Z11 . Note that such an inverse exists
since 4 and 11 are relatively prime. We follow the process explained in the
proof of Theorem 1.45, and apply the Euclidean Algorithm.

11 = 2 ⋅ 4 + 3, 4 = 1 ⋅ 3 + 1 ⇒ 1 = 4 − 1 ⋅ 3 = 4 − 1 ⋅ (11 − 2 ⋅ 4) = 3 ⋅ 4 + (−1) ⋅ 11

We have obtained that 3 ⋅ 4 + (−1) ⋅ 1 = 1. Thus the inverse of 4̄ in Z11 is 3̄.

Coming back to (1.5) we have that

x = 3̄ ⋅ 9̄ = 27 = 5̄ in Z11 .

To find y, we substitute x = 5̄ in the equation 3̄x + 2̄y = 1̄:

2̄y = 1̄ − 3̄x = 1̄ − 3̄ ⋅ 5̄ = 1̄ − 15 = −14 = 8̄ (1.6)

Multiplying both sides of (1.6) by 6̄ (the inverse of 2̄ in Z11 ) we get that

y = 6̄ ⋅ 8̄ = 48 = 4̄.

The problem of solving our next congruence equations is known as the

Classical Chinese Remainder Theorem. We first need a preliminary result:

Lemma 1.53. Let a, b, c be integers such that a, b are relatively prime, and
a∣c, b∣c. Then ab∣c.
1. Integers 27

Proof. By Bézout’s Lemma we can find s, t ∈ Z such that as + bt = 1. On

the other hand, from a∣c, b∣c we have c = ak1 = bk2 for some k1 , k2 ∈ Z. The
next trick is quite useful, so pay attention. We will use that c = 1 ⋅ c and then
replace 1 by as + bt:

c = 1 ⋅ c = (as + bt)c = asc + btc = (as)(bk2 ) + (bt)(ak1 ) =

= (ab)(sk2 + tk1 ),

which implies that c∣ab, as desired.

Classical Chinese Remainder Theorem. Let m, n, s, t be integers

with m ≥ 2 and n ≥ 2. Assume that m and n are relatively prime. Then
the simultaneous congruences:

x ≡ s (mod m)
x ≡ t (mod n)

have a common solution. Moreover, any two solutions are congruent

modulo mn.

Proof. Notice that every solution of the congruence equation x ≡ s (mod m)

has the form x = s + km, for some integer k. Thus, all we need to do is
to show that the congruence equation s + km ≡ t (mod n), or equivalently,
km ≡ t − s (mod n) has a solution. But this follows from Theorem 1.49 since
gcd(m, n) = 1. We have proved that the congruence equations x ≡ s (mod m)
and x ≡ t (mod n) have a common solution. It remains to show that any two
solutions are congruent modulo mn. Suppose that both x and y are common
solutions. Then:

x ≡ s (mod m) and y ≡ s (mod m) ⇒ x ≡ y (mod m),

x ≡ t (mod n) and y ≡ t (mod n) ⇒ x ≡ y (mod n),

which imply that both m and n divide x − y. Applying Lemma 1.53 with
a = m, b = n and c = x − y, we obtain that mn∣(x − y), and so x ≡ y (mod mn),
finishing the proof.
28 J. Sánchez-Ortega

Example 1.54. Find all the solution to the simultaneous congruences:

x ≡ 7 (mod 8)
x ≡ 11 (mod 15)

Solution: Let us first notice that gcd(8, 15) = 1. So, we can proceed
like in the proof of the Classical Chinese Remainder Theorem. We look at
the solutions of the congruence x ≡ 7 (mod 8). Each of its solutions has the
form x = 7 + 8k, for some integer k. Substituting this into the equation x ≡ 11
(mod 15) we get:

7 + 8k ≡ 11 (mod 15) ⇒ 8k ≡ 4 (mod 15)

We need to find the inverse of 8̄ in Z15 . To do so, we need to find the coefficient
of 8 in Bézout’s Lemma. From 2 ⋅ 8 + (−1) ⋅ 15 = 1, we get that

1̄ = 2 ⋅ 8 + (−1) ⋅ 15 = 2̄ ⋅ 8̄ + −115 = 2̄ ⋅ 8̄, in Z15 ,

which says that the inverse of 8̄ in Z15 is 2̄. From here, we obtain that

k ≡ 16k ≡ 8 (mod 15).

Hence x = 7 + 8 ⋅ 8 = 71 is a solution. The Chinese Remainder Theorem applies

to get that every solution has the form 71 + 120n, for n ∈ Z.

Example 1.55. Find all the solutions to the simultaneous congruences:

x ≡ 2 (mod 5)
3x ≡ 5 (mod 13)

Solution: This example might appear a bit different at first because the
presence of coefficient different from 1 in the second equation, although we
will solve it in the same way. Since gcd(5, 13) = 1, the Chinese Remainder
Theorem tells us that there is a common solution. We look at the solutions of
the congruence equation x ≡ 2 (mod 5), which have the form x = 5k + 2, for
some integer k. Substituting x = 5k + 2 into 3x ≡ 5 (mod 13), we obtain the
following congruence equation:

3(5k + 2) ≡ 5 (mod 13) ⇒ 15k + 6 ≡ 5 (mod 13) ⇒ 2k ≡ −1 (mod 13).

1. Integers 29

We need to find the inverse of 2̄ in Z13 , which exists because gcd(2, 13) = 1.
Since 1 = 7 ⋅ 2 + (−1) ⋅ 13, we have that the inverse of 2̄ in Z13 is 7̄. Multiplying
the congruence equation 2k ≡ −1 ≡ 12 (mod 13) by 7 we obtain
14≡1 (mod 13) −7≡6 (mod 13)
14k ≡ −7 (mod 13) Ô⇒ k ≡ −7 (mod 13) Ô⇒ k ≡ 6 (mod 13).

Thus, a common solution is x = 5 ⋅ 6 + 2 = 32. Moreover, any other solution

has to be congruent to 32 modulo 5 ⋅ 13 = 65. In other words, all the common
solutions are the elements of 32 in Z65 , that is:

. . . , −98, −33, 32, 97, 162, . . .

The following result, sometimes called Fermat’s Little Theorem, is due

to Pierre Fermat. It is very important in Number Theory and in Computer
Science, since it provides a useful (an efficient) way to test whether an integer
p is not a prime (check whether 10p−1 ≡/ 1).

Fermat’s Theorem. Let p be a prime. Then

ap−1 ≡ 1 (mod p), for every a ≡/ 0 (mod p)

Proof. Let a be an integer such that a ≡/ 0 (mod p), or equivalently, ā ≠ 0̄ in

Zp . By Theorem 1.48 the element ā has an inverse b̄ in Zp . Multiplying all
the nonzero elements in Zp by ā we obtain

ā1̄, ā2̄, . . . , āp − 1.

All the elements above are nonzero and distinct:

×b̄
ār̄ = ās̄ Ô⇒ r̄ = s̄

Since {ā1̄, ā2̄, . . . , āp − 1} ⊆ Zp /{0̄} and ∣{ā1̄, ā2̄, . . . , āp − 1}∣ = ∣Zp /{0̄}∣, we
have that
{ā1̄, ā2̄, . . . , āp − 1} = Zp /{0̄} = {1̄, 2̄, . . . , p − 1}

In particular, the product of all the elements should be the same:

(ā1̄)(ā2̄) . . . (āp − 1) = āp−1 ⋅ 1̄⋅ 2̄ . . . p − 1 = 1̄⋅ 2̄ . . . p − 1 ⇒ āp−1 (p − 1)! = (p − 1)!

30 J. Sánchez-Ortega

The element (p − 1)! is a nonzero element of Zp , so it has an inverse in Zp .

Multiplying both sides of the equation above by its inverse we get āp−1 = 1̄, as
desired.

Corollary 1.56. If p is a prime, then

k
ap ≡ a (mod p),

for all integers a and k ≥ 1.

Proof. Let p be a prime and a any integer. If a ≡ 0 (mod p), then the result
trivially holds. Suppose then that a ≡/ 0 (mod p). In such a case, we can apply
Fermat’s Theorem to obtain that ap−1 ≡ 1 (mod p).
We proceed by induction on k. For k = 1, we apply Theorem 1.38 (2) with
the congruences ap−1 ≡ 1 (mod p) and a ≡ a (mod p) to obtain that

ap = a ⋅ ap−1 ≡ a (mod p),

proving the base case k = 1. Suppose now that ap ≡ a (mod p). Applying
k−1

now Theorem 1.38 (3) we obtain that

k−1 k=1
(ap )p ≡ ap ≡ a (mod p),

k−1 ⋅p
Now since (ap ) p = ap = ap , we obtain that ap ≡ a (mod p), as desired.
k−1 k k
Chapter 2

Permutations

This chapter focusses on the study of permutations, which are bijective maps
from a set onto itself. Groups consisting of permutations were in fashion in
mid-19th century, and the mathematicians back then were only studying such
groups.
Permutations of finite sets are used in Geometry, Statistics and in elemen-
tary Algebra, among many other branches in Mathematics. They have many
applications in Science and Technology.

2.1 What is a permutation?

A permutation of a set X is a bijection α ∶ X → X. For an integer n ≥ 1,
we write Xn = {1, 2, . . . , n}; the set of all permutations of Xn is denoted by
Sn , and is called the symmetric group of degree n.
☀ Does it correspond with our idea of permutations?
Let us consider the numbers 1, 2, 3. A permutation of 1, 2, 3 is a rear-
rangement of them in a definite order. We have the six following possibilities:

1 2 3 1 3 2 2 1 3 2 3 1 3 1 2 3 2 1

Consider now X3 = {1, 2, 3} and let us think about the bijective maps X3 → X3 :

1↦1 1↦1 1↦2 1↦2 1↦3 1↦3

2↦2 2↦3 2↦1 2↦3 2↦1 2↦2
3↦3 3↦2 3↦3 3↦1 3↦2 3↦1

Notice that we have got the same results but expressed in a different way!

31
32 J. Sánchez-Ortega

In what follows, we are going to introduce a more convenient way to write

down permutations. This notation is known as the Matrix-Type Notation.
We are no longer interested in writing permutations as bijective maps but as
matrices. Saying this, please do not forget that they are bijections, since we
will be using that all the time.

Matrix-Type Notation. We write σ ∈ Sn as a matrix as follows:

• in the top row we list the elements 1, 2, . . . , n of Xn ;

• in the bottom row we put the numbers after shuffling, that is,
σ(1), σ(2), . . . , σ(n).

1 2 ... n ⎛ 1 2 ... n ⎞
σ=( )=⎜ ↓ ↓ ↓ ⎟
σ(1) σ(2) . . . σ(n) ⎝σ(1) σ(2) . . . σ(n)⎠

In other words, the elements of Xn are listed in the top row, and beneath
each element of Xn is its image.

Example 2.1. The permutation σ ∈ S4 defined by σ(1) = 3, σ(2) = 1,

σ(3) = 4, σ(4) = 2 in matrix notation is:

1 2 3 4
σ=( ).
3 1 4 2

The permutation β ∈ S6 given by β(1) = 6, β(2) = 3, β(3) = 1, β(4) = 5,

β(5) = 2 and β(6) = 4 is expressed in matrix notation as

1 2 3 4 5 6
β=( ).
6 3 1 5 2 4

Theorem 2.2. The symmetric group Sn of degree n has ∣Sn ∣ = n! elements.

Proof. Since permutations in Sn are bijective maps Xn → Xn , we have that

two permutations σ and τ in Sn are equal if and only if σ(k) = τ (k) for every
k ∈ Xn . On the other hand, in order to construct a permutation

1 2 ... n
σ=( )
σ(1) σ(2) . . . σ(n)
2. Permutations 33

we have to choose the numbers σ(1), σ(2), . . . , σ(n) from Xn , so that they
are all distinct. Hence we have n choices for σ(1), then n − 1 choices for
σ(2), then n − 2 choices for σ(3), and so on. Thus, in total σ can be built in
n(n − 1) . . . 2 ⋅ 1 = n! different ways, which shows that ∣Sn ∣ = n!

2.1.1 Product of permutations

Let γ and σ be permutations in Sn . Recall that both are bijections from Xn
to Xn , thus their composition γ ○ σ is bijective, as well. So, γ ○ σ is again a
permutation in Sn . To find γ ○ σ, note that we first apply σ and then γ:

(γ ○ σ)(k) = γ(σ(k)), for all k ∈ Xn .

We write γσ to denote γ ○ σ, and refer to it as the product of the permu-

tations γ and σ.
It is much more practical to compute γσ using the matrix expressions of γ
and σ. For instance, let us compute γσ for

1 2 3 4 5 1 2 3 4 5
σ=( ), γ=( ).
2 4 3 5 1 5 4 1 2 3

We follow these steps:

1. look at 1 in the 1st row of the matrix of σ (element in position 11 of σ);

2. look at the element a below 1 in the matrix of σ; in this case, a = 2;

3. locate the element a in the top row of γ, and go from top to bottom row
to find γ(a); in this example γ(2) = 4;

4. we have obtained that (γσ)(1) = 4;

5. repeat steps 1, 2, 3 with 2 (then with 3, 4 and 5) in the first row of the
matrix of σ (element in position 12).

Continuing in this way we obtain that

1 2 3 4 5
γσ = ( ).
4 2 1 3 5

In the next example, we will learn a more “visual” and intuitive method to
compute the product of two permutations.
34 J. Sánchez-Ortega

1 2 3 1 2 3
Example 2.3. Find α ○ β, for α = ( ) and β = ( ).
1 3 2 3 1 2
Solution: We follow the steps above, we look at 1 in the top row of β,
and the element below 1 is β(1) = 3, then we find 3 in the top row of α, and
the element below 3 in α is α(3) = 2. This gives us (αβ)(1) = 2; do the same
thing with the elements 2 and 3 in the top row of β. At the beginning, it
would be a good idea to proceed as follows:

1. stack one permutation on top the other one, putting the permutation
on the right-most permutation first; in this case, we begin with β;

2. follow the direction of the arrows, like in the figure below.

1 2 3
β=
3 1 2

1 2 3
α=
3 1 2

1 2 3
We have obtained that αβ = ( ).
2 1 3

Example 2.4. Compute στ and τ σ for

1 2 3 4 1 2 3 4
σ=( ), τ =( ).
3 4 1 2 2 4 3 1
Solution: To compute στ we stack τ on top of σ and follow the arrows
as follows:
1 2 3 4
τ=
2 4 3 1

1 2 3 4
σ=
3 4 1 2
2. Permutations 35

We have obtained that

1 2 3 4
στ = ( ).
4 2 1 3
We compute now τ σ, stacking σ on top of τ and following the arrows:

1 2 3 4
σ=
3 4 1 2

1 2 3 4
τ=
2 4 3 1

This produces:
1 2 3 4
τσ = ( ).
3 1 2 4
Notice that στ ≠ τ σ.

We say that two permutations σ and τ in Sn commute if στ = τ σ . As

we have already seen two permutations need not commute. On the other hand,
if σ, τ and µ are permutations in Sn then we always have that (στ )µ = σ(τ µ) ,
since the composition of maps is associative.

Definition 2.5. The identity permutation ε in Sn is defined as

1 2 ... n
ε=( ).
1 2 ... n

In other words, ε is just the identity map: ε(k) = k for every k ∈ Xn . It is

easy to verify that εσ = σ = σε, for all σ ∈ Sn . So ε plays the role in Sn that
the number 1 plays for multiplication of numbers.

Example 2.6. Let us find all the elements of the symmetric group S3 .
By Theorem 2.2 we know that S3 has six elements. Clearly, one of them is the
1 2 3 1 2 3
identity permutation ε = ( ). Another element of S3 is α = ( ),
1 2 3 2 3 1
and so are α2 , α3 , . . .. Let us compute those:
36 J. Sánchez-Ortega

1 2 3 1 2 3
α= α2 =
2 3 1 3 1 2

1 2 3 1 2 3
α= α=
2 3 1 2 3 1

1 2 3
We have obtained only one new element, namely α2 = ( ), since α3 = ε.
3 1 2
1 2 3
Notice that β = ( ) is also in S3 , and so are β 2 , β 3 , . . ..
1 3 2

1 2 3
β=
1 3 2

1 2 3
β=
1 3 2

Since β 2 = ε, we do not need to compute any more powers of β. Let us now

look at the products αβ and α2 β, which are also elements in S3 .

1 2 3 1 2 3
β= β=
1 3 2 1 3 2

1 2 3 1 2 3
α= α2 =
2 3 1 3 1 2

We have that
1 2 3 1 2 3
αβ = ( ), α2 β = ( ).
2 1 3 3 2 1
2. Permutations 37

Let us recap, so far we got

ε, α, α2 , β, αβ, α2 β

Since all the elements above are different, and ∣S3 ∣ = 6, from here we can
conclude that
S3 = {ε, α, α2 , β, αβ, α2 β}.

2.1.2 Inverse permutations

Every σ ∈ Sn is a bijective map σ ∶ Xn → Xn , and so there exists a unique map
σ −1 ∶ Xn → Xn (which is an element of Sn ), called the inverse of σ, such that
σ(σ −1 (k)) = k, σ −1 (σ(k)) = k . These equations tell us that each of σ and
σ −1 reverses the action of the other. So, we can easily obtain the matrix
expression of σ −1 from the matrix of σ by reading up:
⎛ 1 2 ... n ⎞
σ=⎜ ↑ ↑ ↑ ⎟
⎝σ(1) σ(2) . . . σ(n)⎠

1 2 3 4 5 6 7 8
For instance, the inverse permutation of σ = ( ) ∈ S8
4 1 8 3 2 5 6 7
can be found by looking at the second row of σ and reading up to its top row:
⎛1 2 3 4 5 6 7 8⎞
σ = ⎜↑ ↑ ↑ ↑ ↑ ↑ ↑ ↑⎟
⎝4 1 8 3 2 5 6 7⎠
From here we obtain that
1 2 3 4 5 6 7 8
σ −1 = ( ).
2 5 4 1 6 7 8 3
We check below that σ −1 σ = ε. Similarly, one can check that σσ −1 = ε.

1 2 3 4 5 6 7 8
σ=
4 1 8 3 2 5 6 7

1 2 3 4 5 6 7 8
σ −1 =
2 5 4 1 6 7 8 3
38 J. Sánchez-Ortega

2.1.3 Disjoint permutations

We say that an element k ∈ Xn is fixed by a permutation σ ∈ Sn if σ(k) = k .

Otherwise if σ(k) ≠ k , we say that k is moved by σ. Two permutations σ
and τ are disjoint if there is no element of Xn moved by both.

Examples 2.7.

1. The identity permutation ε ∈ Sn is the only permutation that

fixes all the elements of Xn .

1 2 3 ... n − 1 n
2. ( ) moves every element of Xn .
2 3 4 ... n 1

1 2 3 4 5
3. ( ) moves 1, 3, and 5, and fixes 2 and 4.
3 2 5 4 1

1 2 3 4 1 2 3 4
4. σ = ( ) and τ = ( ) are disjoint permutations, since
3 2 1 4 1 4 3 2
σ moves 1 and 3, while τ moves 2 and 4.

An important property of disjoint permutations is the following:

Theorem 2.8. Disjoint permutations commute.

Take σ and τ as in Example 2.7. You can easily check that

1 2 3 4
στ = ( ) = τσ
3 4 1 2

In order to prove Theorem 2.8, we first need a preliminary lemma.

Lemma 2.9. If k is moved by σ, then σ(k) is also moved by σ.

Proof. Let k ′ = σ(k) and assume on the contrary that σ fixes k ′ . Then

σ(k ′ ) = k ′ = σ(k),

which implies that k ′ = k, since σ is one-to-one. This shows that σ(k) = k,

which says that k is fixed by σ, a contradiction.
2. Permutations 39

Proof of Theorem 2.8. Let σ and τ be two disjoint permutations in Sn .

To prove that they commute, we must show that (στ )(k) = (τ σ)(k), for all
k ∈ Xn . Let Mσ and Mτ be the set of elements of Xn that are moved by σ
and τ , respectively. Then Mσ ∩ Mτ = ∅, since we are assuming that σ and τ
are disjoint. For k ∈ Xn , we distinguish three cases:

• Case 1: k ∈ Mσ .

Then σ(k) ∈ Mσ by Lemma 2.9, and so k, σ(k) ∉ Mτ . This means that

k and σ(k) are fixed by τ , that is, τ (k) = k and τ (σ(k)) = σ(k). Thus:

(στ )(k) = σ(τ (k)) = σ(k),

(τ σ)(k) = τ (σ(k)) = σ(k),

and (στ )(k) = (τ σ)(k).

• Case 2: k ∈ Mτ . Proceed like in Case 1.

• Case 3: k ∉ Mσ and k ∉ Mτ .

Then k is fixed by σ and τ , that is, σ(k) = k and τ (k) = k. Thus:

(στ )(k) = σ(τ (k)) = σ(k) = k,

(τ σ)(k) = τ (σ(k)) = τ (k) = k,

and (στ )(k) = (τ σ)(k).

In any case, we have showed that (στ )(k) = (τ σ)(k), as desired.

Remark 2.10. The converse of Theorem 2.8 is not true!

For example, σ and σ −1 always commute but they are not, in general,
disjoint. For instance, the permutation σ ∈ S5 and its inverse are not disjoint,
since they both moved 1, 2, and 4.

1 2 3 4 5 1 2 3 4 5
σ=( ), σ −1 = ( )
4 1 3 2 5 2 4 3 1 5
40 J. Sánchez-Ortega

2.2 Cycles
Algebraists (or mathematicians, in general), we like separating (or breaking)
complex things (algebraic structures, in our case) into their simplest compo-
nent parts. This intellectual “divide and conquer” helps us to understand
complicated processes and solve difficult problems.
In this section, we are going to take this approach to permutations: we
will see that every permutation can be decomposed into more simple
ones called cycles. Let us begin with an example: consider the permutation

1 2 3 4 5 6
σ=( ) ∈ S6
4 6 3 2 5 1

and look at carefully how σ moves the elements of X6 = {1, 2, 3, 4, 5, 6}:

'
G1 4 3e 5e

6h 2
In other words, σ fixes 3 and 5, and moves 1, 2, 4, 6 in a cyclic way. Due to
this reason, we call σ a cycle, and write it in a more compact way called the
cycle notation: σ = (1 4 2 6) . Notice that in the cycle notation

- we have only listed the elements that are moved by sigma;

- each element is moved to its right neighbor, except the last

element, which “cycles around” to the first.

Definition 2.11. Let k1 , k2 , . . . , kr be distinct elements of Xn . A permutation

σ ∈ Sn fixing the remaining elements of Xn (if any) and such that

σ(k1 ) = k2 , σ(k2 ) = k3 , . . . , σ(kr−1 ) = kr , σ(kr ) = k1 ,

called an r-cycle; r is called the length r of σ. We express σ as

σ = (k1 k2 . . . kr ),

which means that

k1 g / k2 / ... / kr−1 / kr
2. Permutations 41

Remark 2.12. The r-cycle (k1 k2 . . . kr ) can be written in r different ways,

depending on which ki we choose to be the “starting point”; that is:

(k1 k2 . . . kr ) = (k2 k3 . . . kr k1 ) = . . . = (kr k1 k2 . . . kr−1 )

Notice that the only cycle of length 1 is the identity permutation, while
a 2-cycle (k1 k2 ) interchanges k1 and k2 , and fixes everything else; 2-cycles
are called transpositions.
For instance, (1 2), (1 3), (2 3) are all the possible transpositions in
S3 . The 3-cycle σ = (1 4 2 6) from our previous example can also be
written as

σ = (6 1 4 2) = (2 6 1 4) = (4 2 6 1)

To reverse the action of the cycle, we simply go around the cycle

in the opposite direction. More precisely:

Theorem 2.13. If σ is an r-cycle, then σ −1 is also an r-cycle. Moreover, if

σ = (k1 k2 . . . kr−1 kr ), then σ −1 = (kr kr−1 . . . k2 k1 ).

Proof. Let σ = (k1 k2 . . . kr ) and γ = (kr kr−1 . . . k2 k1 ) be in Sn . The result

will follow by proving that σγ = ε and γσ = ε. We check here that σγ = ε,
please do the calculations for the remaining case. For k ∈ Xn we need to check
that (σγ)(k) = k. To do so, we distinguish two cases:

1. k ∉ {k1 , . . . , kr }

This means that both σ and γ fixes k, and so

(σγ)(k) = σ(γ(k)) = σ(k) = k.

2. k ∈ {k1 , . . . , kr }

• If k = ki for some i ∈ {2, . . . , r}, then

(σγ)(ki ) = σ(γ(ki )) = σ(ki−1 ) = ki .

• If k = k1 , then

(σγ)(k1 ) = σ(γ(k1 )) = σ(kr ) = k1 .

42 J. Sánchez-Ortega

Examples 2.14. Write the following cycles into a cycle notation and indicate
their length. Use Theorem 2.13 to find their inverses.

1 2 3 4 5
1. σ = ( )
4 3 1 5 2

Taking into account that σ(1) = 4, σ(4) = 5, σ(5) = 2, σ(2) = 3 and

σ(3) = 1, we can conclude that σ is a 5-cycle, which can be written as
σ = (1 4 5 2 3). Theorem 2.13 tells us that σ −1 = (3 2 5 4 1).
In fact:

1 2 3 4 5
σ −1 = ( ) = (1 3 2 5 4) = (3 2 5 4 1).
3 5 2 1 4

1 2 3 4 5 6 7
2. τ = ( )
4 7 1 6 5 2 3

Observe that τ fixes 5, since τ (5) = 5. Moreover from τ (1) = 4, τ (4) = 6,

τ (6) = 2, τ (2) = 7, τ (7) = 3, τ (3) = 1, we deduce that τ is a 6-cycle,
which can be written as τ = (1 4 6 2 7 3). From Theorem 2.13
we obtain that τ −1 = (3 7 2 6 4 1).

1 2 3 4 5
3. µ = ( )
2 3 1 4 5

Since µ fixes 1 and 2, and µ(1) = 2, µ(2) = 3, µ(3) = 1, we have that µ is a

3-cycle and so µ = (1 2 3). Theorem 2.13 yields that µ−1 = (3 2 1).

☀ Be careful! Notice that µ is an element of S5 that fixes 4 and 5.

It is not a identity permutation in S3 . Hence, it is important to
specify the symmetric group we are dealing with in each case.

☀ Question: Is every permutation a cycle? Let us consider the following

permutation in S10 .

1 2 3 4 5 6 7 8 9 10
σ=( )
3 1 7 6 10 4 2 5 9 8

If we represent the action of σ geometrically (like in the figures below) we will

see that σ partitions X10 into three disjoint subsets, so that, in each subset,
2. Permutations 43

the elements are permuted cyclically.

'
G1 3 G4 55 9e

2h 7 6 8h 10
In other words, σ is the composition (or product) of the following pairwise
disjoint cycles:
(1 3 7 2), (4 6), (5 10 8)

Notice that σ fixes 9. On the other hand, from Theorem 2.8 we obtain that
the cycles above commute. Hence, we can say that

σ = (1 3 7 2)(4 6)(5 10 8).

We will prove below, in Theorem 2.17, that every permutation can be

expressed as a product of disjoint cycles. Before we do so, we will show
with a concrete example how this decomposition algorithm works:

How to factor a permutation into a product of cycles:

Consider the permutation

1 2 3 4 5 6 7 8 9
σ=( ) ∈ S9
6 4 7 2 5 1 8 9 3
and follow these steps:

1. Write “(1”.

2. Look at σ(1): Since σ ∶ 1 z→ 6 we write “(1 6”, and we close the

σ
parentheses now since 6 z→ 1. Thus σ begins “(1 6)”.

3. The first number in X9 which has not appeared yet is 2, so write

“(1 6)(2”.
σ σ
4. Now 2 z→ 4 and 4 z→ 2, so write “(1 6)(2 4)”.

5. We have dealt with 1, 2, 4 and 6 in X9 , so 3 is the smallest number

in X9 which has not appeared yet. We proceed as follows, and look at
σ(3), σ(σ(3)), . . .
σ σ σ σ
3 z→ 7 z→ 8 z→ 9 z→ 3

This gives the 4-cycle (3 7 8 9).

44 J. Sánchez-Ortega

6. The only element left from X9 is 5 and σ(5) = 5.

Putting altogether, we have that

σ = (1 6)(2 4)(3 7 8 9)

Example 2.15. Factor

1 2 3 4 5 6 7 8 9 10 11 12 13
σ=( ) ∈ S13
5 12 2 1 9 11 4 3 7 10 13 8 6
as a product of (pairwise) disjoint cycles.
Solution: Let us proceed and apply the algorithm, so we star with 1:
σ σ σ σ σ
1 z→ 5 z→ 9 z→ 7 z→ 4 z→ 1.

Thus, the first cycle is (1 5 9 7 4). Next, we continue with the smallest
number of X13 , which has not been considered yet, namely 2.
σ σ σ σ
2 z→ 12 z→ 8 z→ 3 z→ 2,

and so we get the 4-cycle (2 12 8 3). We now continue by examining 6:

σ σ σ
6 z→ 11 z→ 13 z→ 6,

which provides us the 3-cycle (6 11 13). The remaining member of X13 is

10, which is fixed by σ. Therefore:

σ = (1 5 9 7 4)(2 12 8 3)(6 11 13)

Remark 2.16. It is clear that the cycles α = (1 3 5) and β = (2 7 6)

are disjoint, since the cycle notation tells us that α only moves 1, 3 and 5,
while β only moves 2, 7, and 6. In a more general way:

σ and τ are disjoint cycles ⇔ {k1 , k2 , . . . kr } ∩ {ℓ1 , ℓ2 , . . . ℓs } = ∅,

where σ = (k1 k2 . . . kr ) and τ = (ℓ1 ℓ2 . . . ℓs ). This follows from the fact that
any k ∈ {k1 , k2 , . . . kr } ∩ {ℓ1 , ℓ2 , . . . ℓs } will be moved by both σ and τ .

We are now ready to prove the existence of the cycle factorisation:

Theorem 2.17. Cycle Decomposition Theorem.

Every permutation σ ≠ ε (in Sn ) can be factorised as a product of (one or
more) disjoint cycles of length at least 2. Such factorisation is unique up to
the order of the factors.
2. Permutations 45

Proof. Part 1: Existence

Let σ ∈ Sn with σ ≠ ε. We proceed by induction on n ≥ 2. If n = 2, then
S2 = {ε, (1 2)} and σ = (1 2) is already a cycle (it is a transposition).
Assume that the result is true for permutations in Sn−1 and let σ ∈ Sn . If
σ(n) = n, we can view σ as an element of Sn−1 and by the induction hypothesis,
we are done. We can then assume that σ(n) ≠ n, and let k = σ −1 (n). Then
σ(k) = σ(σ −1 (n)) = n, and so k ≠ n, because we are assuming that σ(n) ≠ n.
So, we can consider the transposition γ = (k n), and the permutation τ = σγ.
From γ 2 = ε we obtain that σ = τ γ. Moreover, τ (n) = σγ(n) = σ(k) = n, and
so τ ∈ Sn−1 . Applying the induction hypothesis we obtain that τ is a product
of disjoint cycles. At this point, we distinguish two cases:

• Case 1: τ (k) = k.

Then τ and γ are disjoint permutations since τ (n) = n, and γ = (k n).

We are done in this case because σ = τ (k n) and τ is a product of disjoint
cycles.

• Case 2: τ (k) ≠ k.

Then k is moved by (exactly one) cycle factor of τ . Thus, we can

write τ = µ(k k1 k2 . . . kr ), where µ is a product of disjoint cycles fixing
k, k1 , . . . , kr , and n since τ (n) = n. Therefore:

σ = τ γ = µ(k k1 k2 . . . kr )(k n) = µ(k n k1 k2 . . . kr )

is a product of disjoint cycles, as desired.

Part 2: Uniqueness
Suppose that σ = γa . . . γ2 γ1 = δb . . . δ2 δ1 are two factorizations of σ into
disjoint cycles. We need to show that a = b and γi = δi for all i = 1 . . . a (after
possible reordering).
We proceed by induction on t ∶= max(a, b). If t = 1 there is nothing to
prove since σ = γ1 = δ1 . Otherwise, assume that the result is true for t − 1
and let σ moves m. Then m occurs in exactly one γi and exactly one δj . By
reordering the factors (if necessary) we can assume that m occurs in γ1 and
46 J. Sánchez-Ortega

in δ1 , so we can write:

γ1 = (m k2 . . . kr ), δ1 = (m ℓ2 . . . ℓs ),

Assume, for example, that r ≤ s. Then:

k2 = σ(m) = ℓ2 ,
k3 = σ(k2 ) = σ(ℓ2 ) = ℓ3 ,
⋮
kr = σ(kr−1 ) = σ(ℓr−1 ) = ℓr .

Now, if r < s then m = k1 = σ(kr ) = σ(ℓr ) = ℓr+1 , which is impossible since δ1

is a cycle. Therefore r = s and γ1 = δ1 . Write µ = γ1 = δ1 . Then

σµ−1 = γa . . . γ2 = δb . . . δ2 ,

is a product of a − 1 (b − 1) disjoint cycles, and so the hypothesis induction

yields that a = b, and (after possible reordering) γi = δi for i = 2, 3, . . . , a, which
finishes the proof.

We close this section with an another interesting question:

“How should we compute the product of two cycles? Shall we
use the cycle notation? Or is it better to write them using the
matrix notation and compute their product as before?”

You can proceed either way, there is no right or wrong. If you feel more
comfortable using the matrix notation, please do so. For example, let us
compute αβ, for α = (2 4 5) and β = (1 2 4) in S5 . In matrix notation,
1 2 3 4 5 1 2 3 4 5
we have α = ( ) and β = ( ), and so
1 4 3 5 2 2 4 3 1 5

1 2 3 4 5
β=
2 4 3 1 5

1 2 3 4 5
α=
1 4 3 5 2
2. Permutations 47

We have obtained that

1 2 3 4 5
αβ = ( ) = (1 4)(2 5)
4 5 3 1 2

If we choose to keep the cycle notation, to compute the product, recall

that the permutation on the right goes first, and next the permutation on the
left. We proceed as follows:

• β carries 1 to 2, and α carries 2 to 4, hence αβ carries 1 to 4;

• β carries 2 to 4, and α carries 4 to 5, hence αβ carries 2 to 5;

• β fixes 3 and so does α, hence αβ fixes 3;

• β carries 4 to 1, and α fixes 1, so αβ carries 4 to 1;

• β fixes 5, and α carries 5 to 2, hence αβ carries 5 to 2.

1 2 3 4 5
We obtaine that αβ = ( ) , as expected.
4 5 3 1 2

2.3 The Alternating Group

In this last section, we focus our attention on transpositions. Recall that a
transposition δ is a 2-cycle, so it has the form δ = (m n) (where m ≠ n) and
satisfies δ 2 = ε, δ −1 = δ .
Transpositions are important since every permutation is a product
of transpositions. This follows from the Cycle Decomposition Theorem
together with the following result, which proof reduces to compute the product
of certain transpositions:

Theorem 2.18. Every cycle of length r ≥ 1 is a product of r − 1 transpositions:

(k1 k2 . . . kr ) = (k1 k2 )(k2 k3 ) . . . (kr−2 kr−1 )(kr−1 kr )

Remark 2.19. In contrast to the factorisation into cycles, factorisations

into transpositions are not unique. For example:

(1 2)(2 4)(4 5) = (1 2 4 5) = (1 5)(1 4)(1 2).

48 J. Sánchez-Ortega

Although the factorisation into transpositions of a permutation σ is far from

being unique, it has a very nice property: the numbers of transpositions
into any two factorisations of σ into transpositions have the same
parity. To be more precise, if σ admits a factorisation having an even
(respectively, odd) number of transpositions, then any other factorisation of σ
into transpositions must have an even (respectively, odd) number of factors.
This is known as the Parity Theorem.

Theorem 2.20. Parity Theorem.

If a permutation σ has two factorisations

σ = γr . . . γ2 γ1 = µs . . . µ2 µ1 ,

where each γi and µj is a transposition, then both r and s are even or both
are odd.

The Parity Theorem allows us to introduce the following notions:

Definitions 2.21. A permutation σ is called even or odd if it can be writ-

ten as a product of an even or odd number of transpositions. The set of all even
permutations in Sn is denoted An , and is called the alternating group of
degree n .

Before proving the Parity Theorem, let us see a few examples to learn how
such a factorisation can be found. We will consider two cases:

• σ is a cycle:

In this case, Theorem 2.18 tells us that the parity of the permutation σ
coincides with the parity of its length −1. For instance, any 4-cycle can
be written as a product of 3 transpositions, so any 4-cycle is odd. In
fact, Theorem 2.18 yields that σ = (1 2 4 5) = (1 2)(2 4)(4 5).

• σ is not a cycle:

We use now the Cycle Decomposition Theorem and Theorem 2.18. To

find the parity it is enough to decompose σ into disjoint cycles, and look
the parities of the corresponding cycles (see the case above to find the
parity of a cycle). To determine a factorisation into transpositions, we
follow these two steps:
2. Permutations 49

Step 1. Factor σ into disjoint cycles;

Step 2. Factor each of the cycles obtained in Step 1 into transpo-
sitions using Theorem 2.18.

For example, consider the permutation

1 2 3 4 5 6 7 8 9
σ=( )
5 4 6 1 7 8 2 9 3
To determine the parity of σ we factorise into a product of disjoint
cycles:
σ = (1 5 7 2 4)(3 6 8 9).

Notice that σ is the product of a 5-cycle (which is even) and a 4-

cycle (which is odd), and so σ is odd (even + odd = odd). To find
a factorisation of σ into transpositions we apply Theorem 2.18 to the
5-cycle and the 4-cycle above:

(1 5 7 2 4) = (1 5)(5 7)(7 2)(2 4),

(3 6 8 9) = (3 6)(6 8)(8 9)

From here, we obtain that:

σ = (1 5)(5 7)(7 2)(2 4)(3 6)(6 8)(8 9).

To prove the Parity Theorem we need a preliminary result:

Lemma 2.22. The identity permutation ε can not be written as the product
of an odd number of transpositions.

Proof. Suppose that the identity permutation ε is a product of transpositions

ε = γ1 . . . γr , and let us show that r is even. Notice that r ≥ 2 (that is, we
can not have only one transposition) because a transposition can not be the
identity permutation. We proceed by (strong) induction on r:
If r = 2, then there is nothing to prove. Suppose then that r > 2 and the
result true for all factorisations of the identity permutation ε onto a product
of transpositions with < r factors. Let ε = γ1 γ2 . . . γr−1 γr , where the γj ’s are
all transpositions.
We first look at γr−1 and γr . If γr = (a b) (where a ≠ b), then we have four
possibilities for γr−1 :
50 J. Sánchez-Ortega

• γr−1 = (b a) = (a b)

In this case, γr−1 γr = ε, so we have that

ε = γ1 . . . γr−2 .

By the inductive hypothesis, we obtain that r − 2 is even, which implies

that r is even.

• γr−1 = (a c), for c ≠ a and c ≠ b

Then γr−1 γr = (a c)(a b) = (a b)(b c), and so

ε = γ1 . . . γr−2 (a b)(b c).

• γr−1 = (b c), for c ≠ a and c ≠ b

Then γr−1 γr = (b c)(a b) = (a c)(b c), and so

ε = γ1 . . . γr−2 (a c)(b c).

• γr−1 = (c d), for c ≠ d, and both c and d different from a, b

In this case, γr−1 and γr commute, since they are disjoint transpositions.
We obtained that
ε = γ1 . . . γr−2 (a b)(c d).

Notice that in any of the last three cases, we have replaced the product
γr−1 γr by the product of other two transpositions αr−1 and αr such that a
appears in αr−1 but not in αr . If we repeat this process, at some point we will
have to be in the first case and the result will follow by the inductive hypothesis.
Otherwise, we would obtain a product of r transpositions β1 β2 . . . βr such that
β1 β2 . . . βr = ε, and a appears only in β1 . But this is impossible because such
product does not fix a, while the identity permutations does.
2. Permutations 51

We are now in a position to prove the Parity Theorem.

Proof of Theorem 2.20. Suppose that a permutation σ admits two
factorizations into transpositions: σ = γn . . . γ2 γ1 = µm . . . µ2 µ1 .
We have to show that both n and m are either even or odd. Keeping in
mind that µ−1
j = µj for all j, we obtain that

ε = µ1 µ2 . . . µm γn . . . γ2 γ1 .

An application of Lemma 2.22 tells us that m + n is even, which implies that

n and m are even (respectively, odd), as desired.
We finish this chapter with a few important properties of An ; we will talk
about them a bit later when we introduce the notions of group and subgroup,
in the next chapter.

Theorem 2.23. Let n ≥ 2. Then:

(1) The identity permutation ε is in An .

(2) If σ and τ are in An , then σ −1 and στ are in An .

(3) ∣An ∣ = 21 n!

Proof. (1) Notice that ε is obviously even since, for example, ε = (1 2)(1 2).
(2) Suppose that σ and τ are even permutations, which means that σ and τ
are products of an even number of transpositions. Let

σ = γ1 γ2 . . . γr , τ = δ1 δ2 . . . δ s ,

where r and s are even, and the γi and δj are transpositions. Then

στ = γ1 γ2 . . . γr δ1 δ2 . . . δs ,

and since r + s is even, we have that στ ∈ An . We prove now that σ −1 ∈ An ,

which follows from the fact that σ −1 = γr . . . γ2 γ1 ; in fact, we have that

(γ1 γ2 . . . γr−1 γr )(γr γr−1 . . . γ2 γ1 ) = γ1 γ2 . . . γr−1 γ 2 r γr−1 . . . γ2 γ1

= γ1 γ2 . . . γr−2 γ 2 r−1 γr−2 . . . γ2 γ1 = . . . = ε,

and (γr γr−1 . . . γ2 γ1 )(γ1 γ2 . . . γr−1 γr ) = ε, which finishes the proof of (2).
52 J. Sánchez-Ortega

(3) Let On denote the set of odd permutations in Sn . Then Sn = An ∪ On and

An ∩ On = ∅ by the Parity Theorem. From n! = ∣Sn ∣ = ∣An ∣ + ∣On ∣, it is enough
to show that ∣An ∣ = ∣On ∣; in other words, the number of even permutations
coincide with the number of odd permutations. To prove that ∣An ∣ = ∣On ∣, we
will provide a bijective map f ∶ An → On .
Let γ = (1 2) and define f (σ) = γσ, for all σ ∈ An . Observe that f is
well-defined, namely, the permutation γσ is odd (γ is odd and σ is even). The
fact that γ 2 = ε implies that f is a bijection. In fact:

• f is one-to-one: f (σ1 ) = f (σ2 ) ⇒ γσ1 = γσ2 ⇒ γ 2 σ1 = γ 2 σ2 ⇒ σ1 = σ2

• f is surjective: Given τ ∈ On , then σ ′ = γτ ∈ An and

f (σ ′ ) = γσ ′ = γ(γτ ) = γ 2 τ = τ.

Thus f is a bijection, and therefore ∣An ∣ = ∣On ∣.

Remark 2.24. A set of permutations is called a group of permutations if

it contains the identity permutation, the product of any two of its members,
and the inverse of any member. According to this definition, Sn is a group of
permutations. Notice that Theorem 2.23 tells us that An is also a group of
permutations.
Chapter 3

Groups

In this chapter, we introduce our main object under study: groups. The
concept of a group dates back to the nineteenth century, with the works of
Evariste Galois on the search for roots for equations.
As in happens quite often in Mathematics, the definition of group that
we use today is the result of an evolutionary process: as mentioned, it all
started with Galois’s work (known nowadays as Galois’s Theory) on groups of
permutations 1830. Although, it was Arthur Cayley in 1854 the author who
worded the concept of a group in a more abstract way, this terminology was
not accepted until the 20th century.

3.1 What is a group?

A group (G, ⋅) is a set G equipped with a binary operation 1 ⋅ satisfying the
following axioms:

(G1) The associative law holds: a ⋅ (b ⋅ c) = (a ⋅ b) ⋅ c for every a, b, c ∈ G.

(G2) There is a unity 1 for G. Then 1 ⋅ a = a ⋅ 1 = a for all a ∈ G.

(G3) Every element of G has an inverse in G. In other words, for every a ∈ G

there is an element b ∈ G such that a ⋅ b = b ⋅ a = 1

The group G is called abelian if, in addition, it satisfies

(G4) The operation ⋅ is commutative: a ⋅ b = b ⋅ a holds for every a, b ∈ G.

1
Read Section A.3 to recall some basic facts about binary operations

53
54 J. Sánchez-Ortega

If G is finite, the number ∣G∣ is called the order of G.

Although we write most groups multiplicatively, many important groups
are written additively. Then the unity element is denoted 0 and is called zero,
and the inverse of x is denoted −x and is called the negative of x.

Examples 3.1.

1. {1}, {1, −1}, {1, −1, i, −i} are all abelian groups of (complex) numbers
under multiplication. Notice that −1 is self-inverse, while i and −i are
inverses of each other.

2. Q/{0}, R/{0}, C/{0} are all abelian groups under multiplication. In

each case the inverse of an element a is a−1 = 1/a.

3. The sets Z, Q, R, C are all abelian groups under addition. In each case
the identity element is 0, and the inverse of a is its opposite −a.

4. Let n ≥ 2 be an integer. Then Zn is an additive abelian group with zero

0̄ and the negative of ā being −ā = −a.

5. Let R denote Zm , Z, Q, R, or C. Then the set U (Mn (R), ⋅) of invertible

n × n matrices over R, that is, the matrices A ∈ Mn (R) such that det(A)
is a unit in R, is a group called the general linear group of degree
n over R, denoted GLn (R). Moreover:

If R = Q, R, or C then GLn (R) = {A ∈ Mn (R) ∣ det(A) ≠ 0}

GLn (Z) = {A ∈ Mn (Z) ∣ det(A) = ±1}

GLn (Zm ) = {A ∈ Mn (Zm ) ∣ det(A) = ā, where gcd(a, m) = 1}

When we refer to the groups Zn , Z, Q, R, or C, we mean the additive group.

6. The set Sn of all permutations of {1, 2, . . . , n} is a group under compo-

sition, called the symmetric group of degree n.

Remark 3.2. In what follows to ease the notation, we write ab to denote the
product a ⋅ b in an arbitrary group G.
3. Groups 55

Definition 3.3. Let G1 , G2 , . . . , Gn be groups. Their Cartesian product

G1 × G2 × . . . × Gn  with the component-wise operation defined by

(g1 , g2 , . . . , gn ) ⋅ (g1′ , g2′ , . . . , gn′ ) = (g1 g1′ , g2 g2′ , . . . , gn gn′ ),

where gi gi′ refers to the product in the group Gi for each i, is a group called
the direct group of the Gi . In fact, one can easily check that the unity of
G1 × G2 × . . . × Gn is (1, 1, . . . , 1) and the inverse of the element (g1 , g2 , . . . , gn )
is (g1−1 , g2−1 , . . . , gn−1 ).
For instance, let us take n = 2, G1 = R and G2 = Z2 = {0̄, 1̄}. The direct
product R × Z2 = {(a, 0̄), (b, 1̄) ∣ a, b ∈ R} is the additive group with

- operation given by

(a1 , c1 ) + (a2 , c2 ) = (a1 + a2 , c1 + c2 ),

where a1 , a2 ∈ R and c1 , c2 ∈ {0, 1}. For example, (2, 1̄) + (−1, 1̄) = (−1, 0̄).

- identity element (0, 0̄);

- the opposite of (a, c̄) is (−a, −c).

3.1.1 Cayley tables

Let (G, ⋅) be a finite group. The operation ⋅ of G can be completely deter-
mined by giving a table, called the group table or Cayley table of G.
Its rows and columns are labelled by the elements of G, and for a and b in G,
the element a ⋅ b is the entry of the table in the row corresponding to a, and
the column corresponding to b.

⋅ ... b ...
⋮
a a⋅b
⋮

Example 3.4. Let us write the Cayley table of S3 , the symmetric group
of degree 3. Recall that

S3 = {ε, (1 2 3), (1 3 2), (1 2), (1 3), (2 3)}.

56 J. Sánchez-Ortega

To ease the notation, let σ = (1 2 3), τ = (1 2). Using what we learnt in the
previous chapter, we compute

σ 2 = (1 3 2), σ3 = ε = τ 2, στ σ = τ,
τ σ = (2 3), τ σ 2 = (1 3).

The previous calculations allow us to write S3 as

S3 = {ε, σ, σ 2 , τ, τ σ, τ σ 2 }.

The elements σ and τ are called generators for S3 because any other
element of S3 can be obtained from them; the equations σ 3 = ε = τ 2 and
στ σ = τ are called relations among the generators.
Using this new way of writing S3 , we can easily compute the Cayley table
of S3 . For instance, from στ σ = τ multiplying both sides on the equation
by σ 2 on the right and using that σ 3 = ε we obtain that στ = τ σ 2 ; similarly,
multiplying now by σ 2 on the left we have that σ 2 τ = τ σ . These are two of
the entries of the Cayley table given below; let us compute a few more:

τ σ=σ 2 τ τ 2 =ε
(τ σ)τ = (σ 2 τ )τ = σ 2 τ 2 = σ 2 ,
σ 2 τ =τ σ
σ 2 (τ σ) = (σ 2 τ )σ = (τ σ)σ = τ σ 2 ,
σ 2 τ =τ σ
(τ σ 2 )(τ σ 2 ) = τ (σ 2 τ )σ 2 = τ (τ σ)σ 2 = τ 2 σ 3 = ε.

The resulting table is:

S3 ε σ σ2 τ τσ τ σ2
ε ε σ σ2 τ τσ τ σ2
σ σ σ2 ε τ σ2 τ τσ
σ2 σ2 ε σ τσ τ σ2 τ
τ τ τσ τ σ2 ε σ σ2
τσ τσ τ σ2 τ σ2 ε σ
τ σ2 τ σ2 τ τσ σ σ2 ε

Example 3.5. Consider the direct product Z2 × Z2 of two copies of the

additive group Z2 . Recall that

Z2 × Z2 = {(0̄, 0̄), (0̄, 1̄), (1̄, 0̄), (1̄, 1̄)}

3. Groups 57

Keeping in mind that 0̄ + 0̄ = 0̄ = 1̄ + 1̄ and 0̄ + 1̄ = 1̄ = 1̄ + 0̄, and that the

operation in Z2 × Z2 was defined component-wise, that is,

¯ = (a + c, b + d),
(ā, b̄) + (c̄, d)

for a, b, c, d ∈ {0, 1}, one can easily compute the Cayley table of Z2 × Z2 .

Z2 × Z2 (0̄, 0̄) (0̄, 1̄) (1̄, 0̄) (1̄, 1̄)

(0̄, 0̄) (0̄, 0̄) (0̄, 1̄) (1̄, 0̄) (1̄, 1̄)

(0̄, 1̄) (0̄, 1̄) (0̄, 0̄) (1̄, 1̄) (1̄, 0̄)

(1̄, 0̄) (1̄, 0̄) (1̄, 1̄) (0̄, 0̄) (0̄, 1̄)

(1̄, 1̄) (1̄, 1̄) (1̄, 0̄) (0̄, 1̄) (0̄, 0̄)

Some features of the Cayley table of a group

The Cayley table of a group (G, ⋅) provide us a lot of information

about G. We can discover many properties of G by simply taking a quick
look to its Cayley table; to more precise,

• G is Abelian if and only if its Cayley table is symmetric with respect

its main diagonal.

• an element e ∈ G is the identity element 1 of G if and only if the eth

row and eth column look the same as the labels.

• the inverse of a is b if and only if the entry in row a and column b

(a ⋅ b) and the entry in row b and column a (b ⋅ a) turn out to be 1.

For instance, the group Z2 ×Z2 is abelian, while S3 is not; (0̄, 0̄) (respectively,
ε) is the identity element for Z2 × Z2 (respectively, S3 ); every nonzero element
in Z2 × Z2 is self-inverse; in S3 besides σ and σ 2 which are inverse of each
other, the rest of elements are self-inverses.
58 J. Sánchez-Ortega

3.1.2 Inverses. Exponent Laws. Cancellation Laws

Let G be a group and g ∈ G. If n ≥ 0 denotes an integer, we can inductively
define the nth power g n of g as follows:

g 0 = 1, g n = g ⋅ g n−1

The definition of nth powers could be extended to include negative

powers by considering the inverse of g. More precisely, we define

g −n = (g −1 )n = (g n )−1

We can now define the order of g in the group G; to do so, the only
thing one has to do is to compute the powers g, g 2 , g 3 , . . . (or multiples
g, g + g, g + g + g, . . . of g in the additive case) until we reach the identity
element of G. Let us say that g 10 = 1 (respectively, 10g = 0), then the order of
g is 10. A natural question arises: what would happen if we never reach the
identity? Well, in that case, we will say that the order of g is infinite. More
formally:

Definition 3.6. Let G be a group and g ∈ G. The order of the element g is

defined as the smallest positive integer n such that g n = 1 . If g k ≠ 1 for all
k ≥ 1, then we say that g has infinite order. We write o(g) (or sometimes
∣g∣ ) to denote the order of g.

If o(g) = n and g ℓ = 1, for some ℓ ≥ 1, one can prove that n∣ℓ. Any idea?

Examples 3.7. Notice that in additive groups, the order of g is the smallest
positive integer n such that ng = 0.

1. Elements of order 2 are self-inverses; for instance, τ ∈ S3 and (1̄, 0̄) ∈

Z2 × Z2 satisfy that τ 2 = ε and 2(1̄, 0̄) = (0̄, 0̄).

2. Consider the additive group Z4 = {0̄, 1̄, 2̄, 3̄}. The order of 2̄ is 2 (and
therefore, 2̄ is self-inverse) since

2̄ + 2̄ = 2 + 2 = 4̄ = 0̄;
3. Groups 59

while the order of 3̄ in Z4 is 4:

3̄ + 3̄ = 3 + 3 = 6̄ = 2̄, 3̄ + 3̄ + 3̄ = 2̄ + 3̄ = 2 + 3 = 5̄ = 1̄,
3̄ + 3̄ + 3̄ + 3̄ = 1̄ + 3̄ = 1 + 3 = 4̄ = 0̄.

The following result collect very important properties of computing inverses

in groups:

Theorem 3.8. Let g, h, g1 , . . . , gn denote elements of a group G.

(1) 1−1 = 1.

(2) (g −1 )−1 = g.

(3) (gh)−1 = h−1 g −1 .

−1
(4) (g1 g2 . . . gn−1 gn )−1 = gn−1 gn−1 . . . g2−1 g1−1 for all n ≥ 1.

Proof. (1) follows from (G3) , while (2) follows from (G4) (applied to g).
(3) We need to check (gh)(h−1 g −1 ) = (h−1 g −1 )(gh) = 1. Applying (G4) to
? ?

g and h we obtain that gg −1 = g −1 g = 1 = hh−1 = h−1 h. From here we have:

(gh)(h−1 g −1 ) = g(hh−1 )g −1 = gg −1 = 1,
(h−1 g −1 )(gh) = h−1 (g −1 g)h = h−1 h = 1.

(4) We proceed by induction on n. For n = 1 the result trivially follows.

Suppose that n > 1 and the result true for n − 1, that is,

(g1 g2 . . . gn−1 )−1 = gn−1

−1
. . . g2−1 g1−1 ,

and we prove it for n:

−1 (3)
(g1 g2 . . . gn−1 gn )−1 = ((g1 g2 . . . gn−1 )gn ) = gn−1 (g1 g2 . . . gn−1 )−1
(I.H)
= gn−1 gn−1
−1
. . . g2−1 g1−1 .

And (4) follows by the Principle of Mathematical Induction.

The following result, known as the Exponent Laws, is very important and
we will use it all the time! Its proof is quite technical since it involves
several proofs that can not be done directly by induction. Recall that the
Principal Mathematical of Induction is a property of the natural numbers, not
the integers.
60 J. Sánchez-Ortega

Theorem 3.9. Exponent Laws. Let G be a group and g, h ∈ G.

(1) If gh = hg, then g n h = hg n for all n ∈ Z.

(2) If gh = hg, then (gh)n = g n hn for all n ∈ Z.

(3) g n g m = g n+m for all n, m ≥ 0.

(4) g n g m = g n+m for all n, m ∈ Z.

(5) (g n )m = g nm for all n, m ∈ Z.

Proof. (1) Suppose that gh = hg. For n = 0, we have that g 0 h = h = hg 0 ,

since g 0 = 1 by definition. We prove (1) for n > 0 using induction. It trivially
holds for n = 1, since g 1 h = gh = hg = hg 1 . Take n > 1 and suppose that
g n−1 h = hg n−1 . Using the definition of powers and the inductive hypothesis we
have that
(I.H)
g n h = (gg n−1 )h = g(g n−1 )h = g(g n−1 h) = g(hg n−1 ) = (gh)g n−1 = (hg)g n−1
= h(gg n−1 ) = hg n .

By the Principle of Mathematical Induction the equality (1) follows for all
g > 0. Take now n < 0. Then −n > 0 and g −n = (g −1 )n by definition of the
powers. Notice that g −1 and h commute:

gh = hg ⇒ h = g −1 hg ⇒ hg −1 = g −1 h.

We could then use (1) with h, g −1 and −n:

h(g −1 )−n = (g −1 )−n h ⇒ hg n = g n h,

which finishes the proof of (1).

(2) Suppose that g and h commute, that is, gh = hg. We prove first that
hg n = g n h for all n ≥ 0. We proceed by induction on n: for n = 0 there is
nothing to prove, since it follows from the definition of powers:

(gh)0 = 1 = 1 ⋅ 1 = g 0 h0 .

Take n > 1 and suppose that (gh)n−1 = g n−1 hn−1 . Using the definition of powers
we have
(I.H) gh=hg
(gh)n = (gh)(gh)n−1 = (gh)(g n−1 hn−1 ) = (hg)(g n−1 hn−1 )
hg n =g n h
= h(gg n−1 )hn−1 = (hg n )hn−1 = (g n h)hn−1 = g n (hhn−1 ) = g n hn .
3. Groups 61

Suppose now that n < 0; then −n > 0. On the other hand, notice since we
are assuming that gh = hg, using Theorem 3.8 (3) we have that g −1 and h−1
commute; in fact:

g −1 h−1 = (gh)−1 = (gh)−1 = h−1 g −1 .

We apply Theorem 3.8 (3), equality (2) to g −1 , h−1 and −n > 0, and Theorem
3.8 (2) to obtain

((gh)−1 )−n = ((hg)−1 )−n = ((g −1 h−1 )−n = (g −1 )−n (h−1 )−n
= ((g −1 )−1 ) ((h−1 )−1 ) = g n hn ,
n n

concluding the proof of (2).

(3) trivially holds if either n = 0 or m = 0. Fix m > 0 and let us prove the
equality by induction on n. In this case, we proceed by induction on n. For
n = 1, we have
g 1 g m = g ⋅ g m = g m+1 .

Suppose now that n > 1 and that g n−1 g m = g n+m−1 , and let us prove that
g n g m = g n+m . Using the definition of powers and the inductive hypothesis we
obtain:
(I.H)
g n g m = (g ⋅ g n−1 )g m = g(g n−1 g m ) = g ⋅ g n+m−1 = g 1+(n+m−1) = g n+m ,

as desired.

To prove (4) we distinguish a few cases:

(C1) n < 0 and m < 0.

In this case, −n > 0 and −m > 0, so we can apply (3) with the element
g −1 to obtain:
(g −1 )−n (g −1 )−m = (g −1 )−n−m ,

which implies g n g m = g n+m , by the definition of powers.

(C2) n > 0 and m < 0. We need to consider three subcases here:

• n = −m.
Then n + m = 0 and so g n+m = g 0 = 1. We need to show that
g n g m = 1.
62 J. Sánchez-Ortega

• n > −m.
Notice that −m > 0 and n + m > 0. We can then write n as
n = (n + m) + (−m) and apply (3) and the previous subcase to
obtain:
(3)
g n g m = g n+m+(−m) g m = (g n+m g −m )g m = g n+m (g −m g m ) = g n+m .

• n > −m.
Then n + m < 0 and −n < 0. In this case, we will apply (C1) and
the first subscase:

g n g m = g n g (−n)+(n+m) = g n (g −n g n+m ) = (g n g −n )g n+m = g n+m .

(C3) n < 0 and m > 0. The proof of this case is similar to the previous one.

(5) Fix n ∈ Z, and let h ∶= g n ∈ G. We then need to show that hm = g nm for

all m ∈ Z. This trivially holds for m = 0. We prove it for m > 0 using induction.
For m = 1 this is trivial since h = h1 = g n . Suppose that hm−1 = g n(m−1) and
let us prove that hm = g nm . Using the definition of powers and the inductive
hypothesis we have
(I.H) (3),(4)
hm = hhm−1 = hg n(m−1) = g n g n(m−1) = g n+n(m−1) = g nm ,

as desired. The Principle of Mathematical Induction tells us that (g n )m = g nm

for all g ∈ G, n ∈ Z and m > 0. It remains to prove (5) for m < 0. But if m < 0,
then −m > 0 and we can apply what we have just proved to g −n to obtain that

(g −n )−m = g (−n)(−m) = g nm

But from the definition of powers we have

−1 m
(g −n )−m = ((g −n )−1 )m = (((g n )−1 ) ) = (g n )m .

Putting it together we have proved that (g n )m = g nm .

Using that every element of a group has an inverse (in the group), we can
obtain the result below. The proof is very easy, since it consists on multiplying
on the left or on the right by the inverse of appropriate elements.
3. Groups 63

Theorem 3.10. Let g, h, and f be elements of a group.

(1) If gh = gf , then h = f . Left cancellation Law

(2) If hg = f g, then h = f . Right cancellation Law

(3) The equation gx = h has a unique solution x = g −1 h in G.

(4) The equation xg = h has a unique solution x = hg −1 in G.

As a consequence of the Cancellation Laws, we can prove a very important

and useful property of the Cayley table:

Corollary 3.11. Every row (and column) of the Cayley table of a finite
group G contains every element of G exactly once.

Proof. For g ∈ G, the row of the Cayley table corresponding to g consists on

the elements of the form gx, where x ∈ G. Now this row contains any other
element h ∈ G because the equation gx = h is always solvable (in G) for each h
(Theorem 3.10 (3)) and it contains h only once because the solution is unique
by Theorem 3.10 (3). A similar argument works for the columns, using now
Theorem 3.10 (4).

Recap about the additive notation:

In general, when referring to groups we have adopted a multiplicative
notation. If a group G is written additively, for example (Z, +), the unity is
denoted 0 and the inverse of g ∈ G is denoted −g. The exponent g n (in
multiplicative notation) becomes ng. The exponents laws look like:

Multiplicative notation Additive notation

g n+m = g n g m (n + m)g = ng + mg
(g n )m = g nm m(ng) = (mn)g

(gh)n = g n hn n(g + h) = ng + nh
if g and h commute
64 J. Sánchez-Ortega

3.1.3 A taste of isomorphic groups

A finite group is completely determined by its Cayley table since
all group axioms (associativity, existence of the unity and inverses) depend
entirely on the operation of the group. Keeping this in mind, let us take a
quick look to the Cayley tables of the (multiplicative) group Z⋆ = {1, −1} (of
units of Z) and the (additive) group Z2 = {0̄, 1̄}:
Z⋆ 1 −1 Z2 0̄ 1̄
1 1 −1 0̄ 0̄ 1̄
−1 −1 1 1̄ 1̄ 0̄
Notice that these two tables are the same in the sense that the
Cayley table of Z⋆ becomes that of Z2 if we replace the symbols 1 and -1
by 0̄ and 1̄, respectively. Put it this way Z⋆ and Z2 are the same groups
except for notation ; in such a case we will say that they are isomorphic ,
or that they are the same up to isomorphism .
We will talk more about this whole topic later on; but for now we will call
two (finite) groups isomorphic if they have the same Cayley table
except for notation. In what follows, we will prove that, up to isomorphism,
there is only one group of order 1, 2, or 3; to do so, we will use the property
of the Cayley tables proved in Corollary 3.11. If G denotes a finite group of
order ∣G∣ ≤ 3, then we will show that

• If ∣G∣ = 1, then G = {1}.

• If ∣G∣ = 2, then G = {1, g}, where g ≠ 1 and g 2 = 1.

• If ∣G∣ = 3, then G = {1, g, g 2 }, where g ≠ 1, g 2 ≠ 1, g ≠ g 2 and g 3 = 1.

In each case, we will prove that the Cayley table is completely determined by
the exponent laws. In order to show this, it is enough to prove that there is
only one way to fill in the Cayley table that produces a group. For ∣G∣ = 1 ,
there is nothing to do, the group reduces to the identity element G = {1}.
Next, for ∣G∣ = 2 we have that G = {1, g}, where g ≠ 1. Let us fill in the
Cayley table of G:
G 1 g
1 1 g
g g ?
3. Groups 65

We have two possibilities for g 2 , namely, g 2 = 1 or g 2 = g. But g 2 = g is

impossible because it implies that g = 1 by the cancellation laws. Thus g 2 = 1
and the Cayley table of G = {1, g} is the following:

G 1 g
1 1 g
g g 1

This shows, in particular, that any two groups of order 2 are isomorphic.
To finish, let us analyse what happens when ∣G∣ = 3 . Write G = {1, g, h},
where g ≠ h and both g and h are different from the identity element. By the
cancellation laws we have that gh ≠ g and gh ≠ h, so we must have that gh = 1;
the same applies to hg = 1. So far, we have that
G 1 g h
1 1 g h
g g ? 1
h h 1 ?
To find out the values of g 2 and h2 we apply Corollary 3.11. Notice that
g 2 ≠ 1 (respectively, g 2 ≠ g) because otherwise, if g 2 = 1 (respectively, g 2 = g)
the element 1 (respectively, g) would appear twice in the column of g. Thus
g 2 = h. Similarly h2 = g. Therefore, the Cayley table of G is:

G 1 g h
1 1 g h
g g h 1
h h 1 g

Moreover, since g 2 = h we have that G = {1, g, g 2 } and

gh = g ⋅ g 2 = g 3 = g 2 ⋅ g = hg,

which gives the table:

G 1 g g2
1 1 g g2
g g g2 1
g2 g2 1 g

Groups whose elements are all powers of one element g are called cyclic .
We write Cn to denote the cyclic group {1, g, . . . , g n−1 } of order n. We have
proved that every group of order 1, 2, or 3 is cyclic . However, this is
66 J. Sánchez-Ortega

not the case for groups of order 4. For instance, the direct product
Z2 × Z2 = {(0̄, 0̄), (0̄, 1̄), (1̄, 0̄), (1̄, 1̄)} of the additive group Z2 is a noncyclic
group, since all its elements have order 2:

(0̄, 1̄) + (0̄, 1̄) = (0̄ + 0̄, 1̄ + 1̄) = (0 + 0, 1 + 1) = (0̄, 2̄) = (0̄, 0̄),
(1̄, 0̄) + (1̄, 0̄) = (1̄ + 1̄, 0̄ + 0̄) = (1 + 1, 0 + 0) = (2̄, 0̄) = (0̄, 0̄),
(1̄, 1̄) + (1̄, 1̄) = (1̄ + 1̄, 1̄ + 1̄) = (1 + 1, 1 + 1) = (2̄, 2̄) = (0̄, 0̄).

Remark 3.12. The (additive) groups Z2 and Z3 of orders 2 and 3, respectively,

are isomorphic to the (multiplicative) cyclic groups C2 = {1, g} and C3 =
{1, g, g 2 } (respectively), whose Cayley tables are given above. To convince
yourself, write down the Cayley tables of Z2 and Z3 and compare them with
the corresponding counterparts.

We will see in the workshop sessions that, up to isomorphism, there are

only two groups of order 4 , the cyclic group C4 and a noncyclic
group K4 with Cayley table:

K4 1 a b c
1 1 a b c
a a 1 c b
b b c 1 a
c c b a 1

The group K4 = {1, a, b, c} is called the Klein group. The multiplication

can be described as a2 = b2 = c2 = 1 (all its elements have order 2) and the
product of any two of a, b, and c is the third. Notice that Z2 × Z2 and K4 are
isomorphic, while Z4 is isomorphic to C4 .

3.2 Subgroups
In this section, we will learn how to determine whether a subset H of a
group G is itself a group. The motivation behind is that there are many
important groups which arise as subsets of other known groups.

Definition 3.13. A subset H of a group G is called a subgroup of G if H

is itself a group using the operation of G.
3. Groups 67

Examples 3.14.

1. Each of the additive groups Z ⊆ Q ⊆ R ⊆ C is a subgroup of the larger

ones.

2. The subset of even permutations An is a subgroup of Sn , called the

alternating group of degree n.

Subgroup Test. A subset H of a group G is a subgroup of G if and only

if the following three conditions are satisfied.

(1) 1G ∈ H, where 1G is the identity element of G.

(2) If h ∈ H and h1 ∈ H, then hh1 ∈ H.
(3) If h ∈ H, then h−1 ∈ H. Here h−1 denotes the inverse of h in G.

In this case, H has the same unity as G, and if h ∈ H, its inverse in H is

the same as its inverse in G.

h h1

hh1 H G

h−1 1G

A few comments before we prove the Subgroup Test. In some texts,

conditions (2) and (3) are replaced by the following condition:

(2’) If h ∈ H and h1 ∈ H, then hh−1

1 ∈ H.

One can check that (1), (2) and (3) are equivalent to (1) and (2’). So, if you
want to check whether a subset H of a group G is a subgroup of G, you can
either check that H satisfies

• Conditions (1), (2) and (3), or

• Conditions (1) and (2’).

68 J. Sánchez-Ortega

I personally find easier at first to prove (1), (2) and (3), but please go ahead
and check (1) and (2’) if this other option works better for you.

Proof. Suppose that H satisfies (1), (2) and (3). Then H is closed under the
operation of G by (2); the unity of G is the unity of H by (1), and the inverse
in G of h ∈ H coincides with the inverse of h in H by (3). As H inherits the
associative law from G, we have that H is a subgroup of G.
Conversely, assume that H is a subgroup of G, and let e denote the unity
of H. Using that e is the identity of H we have that e2 = e, and using that e
is an element of G and 1G is the identity of G we have that e 1G = e. Thus:

e2 = e = e 1G ,

so e = 1G by the cancellation laws in G; this proves (1).

(2) follows because H is closed under the operation of G, since we are assuming
that it is a subgroup of G. Lastly, if h ∈ H, let h′ denote its inverse in H, that
is, hh′ = h′ h = e = 1G , by the calculations above. If h−1 is the inverse in G, we
need to show that h′ = h−1 . This follows from the cancellation laws in G:

hh′ = e = 1G = hh−1 ⇒ h′ = h−1 .

This finishes the proof.

Example 3.15. Let n ≥ 0 be an integer. Then the set of all multiples of n,

namely, nZ = {nk ∣ k ∈ Z} is a subgroup of the additive group (Z, +).
In fact, the identity element of Z is 0, and 0 = n ⋅ 0 ∈ nZ. If a and b are in nZ,
then a = nk and b = nm, for some k, m ∈ Z, and

a + b = nk + nm = n(k + m) ∈ nZ,
−a = −(nk) = n(−k) ∈ nZ.

From the Subgroup Test we get that nZ is a subgroup of Z. These are indeed
all the subgroups of Z! We will prove this when we study cyclic groups in the
next section.
3. Groups 69

Finite Subgroup Test. If H is a finite nonempty subset of a group G,

then H is a subgroup of G if and only if H is closed under the operation
of G:
h, h1 ∈ H ⇒ hh1 ∈ H, ∀ h, h1 ∈ H.

Proof. If H reduces to the identity element of G, that is, H = {1}, then

there is nothing to prove. Suppose now that ∣H∣ > 1. Assume first that H is
closed, and let h ∈ H such that h ≠ 1. Then all the powers h, h2 , h3 , . . . of h
are in H because we are assuming that H is closed. Since H is finite, there
exists ℓ > 2 such that h = hℓ = hℓ−1 ⋅ h. This implies that 1 = hℓ−1 ∈ H, which
shows that H contains the identity element of G. Moreover, 1 = hℓ−1 = h ⋅ hℓ−2
and so h−1 = hℓ−2 ∈ H. By the Subgroup Test we can conclude that H is a
subgroup of G; the converse is obvious.

Example 3.16. Using the Finite Subgroup Test we can easily check that
H = {2̄, 4̄, 6̄} is a subgroup of the additive group Z6 . In fact, it is enough to
show that H is closed, which is clear since

2̄ + 2̄ = 4̄ ∈ H, 2̄ + 4̄ = 6̄ ∈ H, 4̄ + 4̄ = 8̄ = 2̄ ∈ H.

Thus, H is a subgroup of Z6 .

Example 3.17. Consider the cyclic group of order 4: C4 = {1, a, a2 , a3 },

where a4 = 1. We can use the Finite Subgroup Test to check that {1}, {1, a2 }
and C4 are subgroups of C4 .
In fact, {1} and C4 are clearly subgroups of C4 . Concerning to H = {1, a2 },
this follows because 1 ⋅ a2 = a2 ⋅ 1 = a2 ∈ H, and a2 ⋅ a2 = a4 = 1. Moreover, these
three are the only subgroups of C4 . In fact, suppose that K is a subgroup of
C4 distinct from {1} and H, and let us show that K = C4 . Notice that either
a ∈ K or a3 ∈ K.

- If a ∈ K, then a2 and a3 ∈ K because K is closed. Hence K = C4 .

- If a3 ∈ K, then

(a3 )2 = a6 = a4 ⋅ a2 = 1 ⋅ a2 = a2 ∈ K, (a3 )3 = a9 = (a4 )2 ⋅ a = 1 ⋅ a = a ∈ K,

which implies that K = C4 .

70 J. Sánchez-Ortega

Example 3.18. Let us now find all the subgroups of the Klein group:

K4 = {1, a, b, c}, where a2 = b2 = c2 = 1,

and the product of two of a, b, and c is the third.

An application of the Finite Subgroup Test tells us that {1, a}, {1, b} and
{1, c} are subgroups of K4 . On the other hand, if H is a subgroup of K4 with
∣H∣ ≥ 3 then H must contain 1 and two of a, b and c, and so H must contain
the other one (their product); it shows that H = K4 and we can conclude that
the subgroups of K4 are {1}, {1, a}, {1, b}, {1, c} and K4 .
We will be able to provide a different proof when we talk about Lagrange’s
Theorem close to the end of this course.

It is quite useful to picture the subgroups drawing, what is called, the

lattice diagram of the subgroups of a group G. To do so, given K and
H subgroups of G, we draw a line from K up to H whenever K ⊆ H. Below
you could find the lattice diagrams of C4 and K4 .

K4

C4

{1, a} {1, b} {1, c}

{1, a2 }

{1} {1}

The following is perhaps the most important subgroup of any group:

Definition 3.19. The centre Z(G) of a group G is the set of elements of G

that commutes with every element of G; that is:

Z(G) = {z ∈ G ∣ zg = gz for all g ∈ G}.

Notice that G is abelian if and only if Z(G) = G.

3. Groups 71

Proposition 3.20. The centre Z(G) of a group G is a subgroup.

Proof. We will use the Subgroup Test. It is clear that 1 ∈ Z(G). For
z, z ′ ∈ Z(G) we need to check that zz ′ ∈ Z(G) and z −1 ∈ Z(G). To do so, we
need to check that zz ′ and z −1 commute with any element g of G; in fact, for
g ∈ G we have that

z ′ ∈Z(G)
g(zz ′ ) = (gz)z ′ (zg)z ′ = z(gz ′ ) z(z ′ g) = (zz ′ )g,
z∈Z(G)
= =

which shows that zz ′ ∈ Z(G). Now, since z ∈ Z(G) we have that

zg = gz ⇒ z −1 (zg) = z −1 (gz) ⇒ g = (z −1 g)z ⇒ gz −1 = z −1 g,

proving that z −1 ∈ Z(G).

Examples 3.21.

1. Z(Z4 ) = Z4 and Z(K4 ) = K4 because both groups are abelian.

2. Z(S3 ) = {ε}

Recall that S3 = {ε, σ, σ 2 , τ, τ σ, τ σ 2 }, where σ = (1 2 3) and τ = (1 2).

From the Cayley table of S3 computed in Example 3.4 we can see that
σ i (for i = 1, 2) and τ do not commute, since

στ = τ σ 2 ≠ τ σ,
σ 2 τ = τ σ ≠= τ σ 2 .

This implies that σ i , τ ∉ Z(S3 ). Now, τ σ and τ σ 2 do not commute, so

τ σ, τ σ 2 ∉ Z(S3 ). More precisely:

τ σ ≠ τ σ 2 = στ,
τ σ 2 ≠ τ σ = σ 2 τ,
(τ σ)(τ σ 2 ) = σ ≠ σ 2 = (τ σ 2 )(τ σ).

This shows that Z(S3 ) reduces to the identity element of S3 , that is,
Z(S3 ) = {ε}.
72 J. Sánchez-Ortega

3.3 Cyclic groups

Recall that cyclic groups are groups whose elements are all powers (or
multiples) of a fixed element, called the generator of the group. More
precisely, given n ≥ 1, the cyclic group of order n is the group Cn of
order n consisting of powers of a: Cn = {1, a, a2 , . . . , an−1 }, where an = 1 .
We write Cn = ⟨a⟩ and call a a generator of Cn . By ∣Cn ∣ = n, we mean that
the elements 1, a, a2 , . . . , an−1 are all distinct elements of Cn .
The Cayley table of Cn is determined completely by the exponent
laws and the condition an = 1.

Cn 1 a a2 ... an−2 an−1

1 1 a a2 ... an−2 an−1
a a a2 a3 ... an−1 1
a2 a2 a3 a4 ... 1 a
⋮ ⋮ ⋮ ⋮ ... ⋮ ⋮
a n−2 a n−2 a n−1 1 ... a n−4 a n−3

an−1 an−1 1 a ... an−3 an−2

When filling in the Cayley table of Cn , we will deal with elements of the
form ak , where k > n. What do we do? We need to find i ∈ {0, 1, . . . , n − 1}
such that ak = ai ; in other words, we need to reduce the exponent k modulo n.
To do so, we will apply the Division Algorithm, the exponent laws and the
condition an = 1. More precisely, using the Division Algorithm we can write
k = qn + r, where 0 ≤ r ≤ n − 1. Then an application of the exponent laws gives
an =1
ak = aqn+r = (an )q ⋅ ar = 1q ⋅ ar = ar .

This section is devoted to the study of cyclic groups and their subgroups.

Definition 3.22. Let g be an element of a group G, the subset of G consisting

of all the powers of g, namely, ⟨g⟩ = {g k ∣ k ∈ Z} is a subgroup of G (this
follows from the exponent laws, please fill in the details), called the cyclic
subgroup of G generated by g. Moreover, ⟨g⟩ is the smallest subgroup
of G containing the element g.
We will say that G is a cyclic group if there exists g ∈ G such that
G = ⟨g⟩ . Notice that if g has order n, then G is a cyclic group of order n;
if g has order infinity, we say that G is a cyclic group of order infinity.
3. Groups 73

Remark 3.23. If the operation in the group G is written additively, the

cyclic subgroup generated by g consists on the multiples of g:

⟨g⟩ = {kg ∣ k ∈ Z} = Zg.

Remember that in additive notation “powers” are replaced by “multiples”.

Examples 3.24.

1. The cyclic subgroup generated by σ ∈ S3 is ⟨σ⟩ = {ε, σ, σ 2 }.

2. The cyclic subgroup generated by 2 ∈ Z consists on the even numbers.

3. The group (Z, +) is cyclic and 1 and -1 are the only generators.

If k ∈ Z we have k = k ⋅ 1 ∈ ⟨1⟩ and k = (−k) ⋅ (−1) ∈ ⟨−1⟩. Thus

Z = ⟨1⟩ = ⟨−1⟩. Moreover, if n is an integer different from 1 and −1 then
nZ ≠ Z since, for example, n + 1 ∉ nZ.

4. The group (Zn , +) is cyclic with generator 1̄ and order n.

Recall that Zn = {0̄, 1̄, . . . , n − 1}. Given k̄ ∈ Zn we have that k̄ = k 1̄ and

so k̄ ∈ ⟨1̄⟩. It follows that Zn = ⟨1̄⟩, as desired.

If we compare the additive cyclic group Zn with the multiplicative cyclic

group Cn = ⟨a⟩ = {1 = a0 , a, a2 , . . . , an−1 }, we will notice that they are
quite similar! In fact, there is a bijective correspondence:
Cn = {a0 , a1 , a2 , ..., an−1 }

Õ Õ Õ Õ
× × × ×
× × × ×
× × × ×
Ö Ö Ö Ö

Zn = {0̄, 1̄, 2̄, ..., n − 1}

Their Cayley tables are the same except for notation, so these two groups
are isomorphic. See Theorem 3.42 below for a more formal proof.

5. Z is a cyclic group of order infinity.

6. The (multiplicative) group Z∗9 = {1̄, 2̄, 4̄, 5̄, 7̄, 8̄} consisting on the
units of Z9 is a cyclic group. In fact, Z∗9 = ⟨2̄⟩ because

2̄0 = 1̄, 2̄1 = 2̄, 2̄2 = 4̄, 2̄3 = 8̄, 2̄4 = 16 = 7̄, 2̄5 = 14 = 5̄, 2̄6 = 10 = 9̄,
74 J. Sánchez-Ortega

which shows that all the elements of Z∗9 are powers of 2̄.

7. The (multiplicative) group Z∗8 = {1̄, 3̄, 5̄, 7̄} is not cyclic. Recall that
Z∗8 consists on the units of Z8 , that is, elements of Z8 = {0̄, 1̄, 2̄, 3̄, 4̄, 5̄, 6̄, 7̄}
having a multiplicative inverse.

To prove that Z∗8 is not cyclic, we will show that ⟨a⟩ ≠ Z∗8 for every
a ∈ Z∗8 . It is clear that ⟨1̄⟩ = {1̄}. Moreover:

⟨3̄⟩ = {1̄, 3̄}, since 3̄2 = 9̄ = 1̄ in Z8 ;

⟨5̄⟩ = {1̄, 5̄}, since 5̄2 = 25 = 1̄ in Z8 ;
⟨7̄⟩ = {1̄, 7̄}, since 7̄2 = 49 = 1̄ in Z8 .

We have proved that every element of Z∗8 has order 2, since Z∗8 has four
elements, we can conclude that Z∗8 is isomorphic to the Klein group.

In what follows, we study the cyclic subgroup ⟨g⟩ generated by an element

g more closely.

Theorem 3.25. Let g be an element of a group G.

(i) If the cyclic subgroup ⟨g⟩ is finite, then there exists a smallest
positive integer n such that g n = 1. In such a case:

(a) g k = 1 if and only if n∣k.

(b) g k = g m if and only if k ≡ m (mod n).
(c) ⟨g⟩ = {1, g, g 2 , . . . , g n−1 } and the elements 1, g, g 2 , . . . , g n−1 are all
distinct.

(ii) If the cyclic subgroup generated ⟨g⟩ is infinite, then:

(d) g k = 1 if and only if k = 0.

(e) g k = g m if and only if k = m.
(f) ⟨g⟩ = {. . . , g −2 , g −1 , 1, g, g 2 , . . .} and all these powers of g are dis-
tinct.
3. Groups 75

Proof. (i) Suppose that ⟨g⟩ is finite. Then the powers g, g 2 , g 3 , . . . can not
be all distinct, so we can find two distinct positive integers k and m such that
g k = g m . Assume, for example, that k < m. Then g m−k = 1, where m − k > 0,
so by the Well-Ordering Axiom there exists a smallest positive integer n such
that g n = 1.
(a) Assume first that n∣k. Then we can write k = qn for some q ∈ Z. Thus:

g k = g qn = (g n )q = 1q = 1.

Conversely, if g k = 1, applying the Division Algorithm we can write k = qn + r

with 0 ≤ r < n. Then
g r = g k−qn = g k (g n )−q = 1,

which implies r = 0 since r < n and n is the smallest integer with that property.
Thus k = qn and n∣k, concluding the proof of (a).

(b) g k = g m ⇔ g k−m = 1 ⇔ n∣(k − m) ⇔ k ≡ m (mod n)

(c) Clearly, {1, g, . . . , g n−1 } ⊆ ⟨g⟩. Let us prove that ⟨g⟩ ⊆ {1, g, . . . , g n−1 }. To
this end, take g k ∈ ⟨g⟩. Proceed like in the proof of (a) and write k = nq + r
with 0 ≤ r < n. Then:

g k = g nq+r = (g n )q g r = g r ∈ {1, g, . . . , g n−1 }.

To finish assume that two of 1, g, g 2 , . . . , g n−1 are equal, say g k = g m , where

0 ≤ k ≤ m < n. Then g m−k = 1 and since 0 < m − k < n the minimality of n
implies that m − k = 0. Thus the elements 1, g, g 2 , . . . , g n−1 are distinct.

(ii) Assume that ⟨g⟩ is infinite.

(d) It is clear that g 0 = 1. If g k = 1 with k ≠ 0 then also g −k = (g k )−1 = 1. But
it would imply that ⟨g⟩ is finite, which would contradict our hypothesis. Thus
g k = 1 implies k = 0.

(e) g k = g m ⇔ g k−m = 1 ⇔ k − m = 0 by (d).

(f) By definition ⟨g⟩ = {. . . , g −2 , g −1 , 1, g, g 2 , . . .}. We only need to point out

that all the powers of g are distinct by (e).
76 J. Sánchez-Ortega

A direct consequence follows:

Corollary 3.26. The order o(g) of an element g coincides with the cardinal
of the cyclic subgroup ⟨g⟩ generated by g.

Example 3.27. We proved in Example 3.24 (7) that the order of each
element in Z∗8 = {1̄, 3̄, 5̄, 7̄} is 2. Corollary 3.26 yields ∣⟨3⟩∣ = ∣⟨5⟩∣ = ∣⟨7⟩∣ = 2.

3.3.1 Some important properties of Cyclic Groups

Notice that a cyclic group can have more than one generator. For
instance, consider the additive cyclic group Z12 = {0̄, 1̄, 2̄, . . . , 11}, which we
know is generated by 1̄. We can easily prove that 5̄ also generates Z12 , that is
to say that Z12 = ⟨5̄⟩ = {k 5̄ ∣ k ∈ Z}.
To prove that 5̄ is a generator of Z12 , we need to show that any element
x̄ ∈ Z12 can be written as x̄ = 5̄ + 5̄ + . . .(k + 5̄ = k 5̄ for some k ∈ Z. In fact:

0̄ = 0 ⋅ 5̄,
1̄ = 5 ⋅ 5̄, since 25 = 1̄, because 25 ≡ 1 (mod 12),
2̄ = 10 ⋅ 5̄, since 50 = 2̄, because 50 ≡ 2 (mod 12),
3̄ = 3 ⋅ 5̄, since 15 = 3̄, because 15 ≡ 3 (mod 12),
4̄ = 8 ⋅ 5̄, since 40 = 3̄, because 40 ≡ 4 (mod 12),
⋮

In the next result, we provide, among other properties of cyclic groups, a

necessary and sufficient condition for an element of a (finite) cyclic group to
be a generator.

Theorem 3.28. Let G = ⟨g⟩ be a cyclic group with generator g. Then:

(1) G is abelian.

(2) Every subgroup of G is cyclic.

(3) Suppose that o(g) = n. Then G = ⟨g k ⟩ if and only if gcd(k, n) = 1.

Proof. (1) If x, y ∈ G, then x = g k , y = g m , for k, m ∈ Z. Then the exponent

laws give
xy = g k g m = g k+m = g m+k = g m g k = yx,
3. Groups 77

which proves that G is abelian.

(2) Suppose that H is a subgroup of G. If H = {1}, then we are done because

H = ⟨1⟩ is cyclic. Otherwise, let g k ∈ H, k ≠ 0. We can assume (without loss
of generality) that k > 0, since g −k = (g k )−1 ∈ H because H is a subgroup
of G. By the Well-Ordering Principle we can choose m to be the smallest
positive integer such that g m ∈ H. We claim that ⟨g m ⟩ = H. In fact, it is
clear that ⟨g m ⟩ ⊆ H, since g m ∈ H and H is a subgroup of G. For the other
containment, take g s ∈ H and apply the Division Algorithm to write s = qm + r,
with 0 ≤ r < m. Our goal is to show that r = 0; if r ≠ 0, then g r = (g m )−q g s ∈ H,
by the exponent laws. But it contradicts the minimality of m. Therefore r = 0
and g s = (g m )q ∈ ⟨g m ⟩, as desired.

(3) Suppose first that g k is a generator, that is, G = ⟨g k ⟩. Then, in particular,

g ∈ ⟨g k ⟩. Thus g = (g k )m = g km , for some m ∈ Z. Theorem 4.5 implies that
n∣(1 − km), and so 1 − km = qn for q ∈ Z; that is, 1 = km + qn, which implies
that gcd(k, n) = 1. Conversely, if gcd(k, n) = 1, then 1 = xk + yn for some
integers x and y. Hence:

g = g 1 = g xk+yn = (g k )x (g n )y = (g k )x (1)y = (g k )x ∈ ⟨g k ⟩,

which implies that G = ⟨g k ⟩.

Remarks 3.29. We have just proved in Theorem 3.28 (1) that every cyclic
group is abelian. The converse does NOT hold, i.e., there are abelian
groups which are not cyclic. For instance, Z∗8 .
Coming back to Z12 , Theorem 3.28 (3) tells us that all its generators are
the elements k̄ such that gcd(k, 12) = 1, namely: 1̄, 5̄, 7̄, and 11.
You might be wondering what can be said about the generators of an
infinite cyclic group. Well ... I am so sorry to say this, but we are not going
to solve this mystery here. We will do it in the tutorial sessions.
78 J. Sánchez-Ortega

3.3.2 Fundamental Theorem of Finite Cycle Groups

The Fundamental Theorem of Finite Cycle Groups, gives a precise descrip-
tion of all subgroups of a finite cyclic group G. It tells us not only how
many subgroups G has but also how to obtain them. To be more precise: it
says that G has a unique cyclic subgroup of order k for every divisor k of n
and those are the only subgroups of G.

Theorem 3.30. Fundamental Theorem of Finite Cyclic Groups.

Let G = ⟨g⟩ be a cyclic group of order n.

(1) If H is a subgroup of G, then H = ⟨g d ⟩ for some d∣n.

(2) If H is any subgroup of G with order ∣H∣ = k, then k∣n.

(3) If k∣n, then ⟨g n/k ⟩ is the unique subgroup of G of order k.

Another interpretation of the Fundamental Theorem of Finite Cyclic Groups:

the subgroups of G are in one-to-one correspondence with the

positive divisors of n

In particular, the order of any subgroup of G divides the order of G. This

result, known as Lagrange’s Theorem, is true for any finite group, cyclic or
not. To prove the Fundamental Theorem of Finite Cyclic Groups, we first
need to a preliminary result:

Lemma 3.31. Let g be an element of a group G of order n. If d∣n then the

order of the element g d is n/d.

Proof. Let k = nd . Then (g d )k = g dk = g n = 1. It remains to show that k is

the smallest positive integer with that property. Suppose that (g d )r = 1 for
some r ≥ 1. Then g dr = 1, so n∣dr by Theorem 4.5 (a). We then can write that
dr = qn, for some q ≥ 1. But then

dr = qn = q(dk) = d(qk),

and so r = qk, which implies that r ≥ k, as desired.

3. Groups 79

Proof of Theorem 3.30.

(1) The result is clear for ∣H∣ = 1. Otherwise, from Theorem 3.28 (2) we get
that H = ⟨g m ⟩ for some m > 0. Let d = gcd(m, n). Then d∣n and we only need
to show that H = ⟨g d ⟩.
From d∣m, we have that m = qd for some q ∈ Z. Thus g m = (g d )q ∈ ⟨g d ⟩ and
therefore H = ⟨g m ⟩ ⊆ ⟨g d ⟩. On the other hand, by Bézout’s Lemma we have
that d = xm + yn, where x, y ∈ Z, and so

g d = g xm+yn = (g m )x (g n )y = (g m )x (1)y = (g m )x ∈ ⟨g m ⟩ = H ⇒ ⟨g d ⟩ ⊆ H,

finishing the proof of (1).

(2) Let H be a subgroup of G of order k. From (1) we obtain that H = ⟨g d ⟩, for
some d∣n. If k = ∣H∣, then by Lemma 3.31 we have that k = ∣H∣ = o(g d ) = n/d,
which shows that k∣n.
(3) Suppose that K is any subgroup of G of order k. By (1) we have that
K = ⟨g m ⟩ where m∣n. Then from Lemma 3.31 we obtain that
n n n
k = ∣K∣ = o(g m ) = ⇒ m = ⇒ K = ⟨g k ⟩,
m k
which finishes the proof.

Corollary 3.32. Let G = ⟨g⟩ be a cyclic group of order n. Then for any
positive integer m we have that ⟨g m ⟩ = ⟨g d ⟩ , where d = gcd(m, n) . Moreover,
the order of g m is n/d.

Proof. Take m an arbitrary positive integer and let d = gcd(m, n). Pro-
ceeding like in the proof of (1) in the Fundamental Theorem of Finite Cyclic
Groups, we have that ⟨g m ⟩ = ⟨g d ⟩. On the other hand, we know that
n
o(g m ) = ∣⟨g m ⟩∣ = ∣⟨g d ⟩∣ = o(g d ) = ,
d
by Lemma 3.31.

Example 3.33. In the (additive) cyclic group Z30 , find the order of 18.
Notice that Z30 = ⟨1̄⟩ and 18 = 18 ⋅ 1̄. We will use Corollary 3.32. In this
case, n = 30 and m = 18. Since gcd(30, 18) = 6, we have that ⟨18⟩ = ⟨6̄⟩ and
the order of 18 in Z30 is 30
6 = 5. In other words, the subgroup generated by 18
in Z30 has 5 elements: ⟨18⟩ = ⟨6̄⟩ = {0̄, 6̄, 12, 18, 24}, because in Z30 we have
that 0 ⋅ 6̄ = 0̄, 1 ⋅ 6̄ = 6̄, 2 ⋅ 6̄ = 12, 3 ⋅ 6̄ = 18, 4 ⋅ 6̄ = 24, 5 ⋅ 6̄ = 30 = 0̄.
80 J. Sánchez-Ortega

The Fundamental Theorem of Finite Cyclic Groups provides us an easy

way to find all the subgroups of a finite cyclic group. Suppose that G = ⟨g⟩
is a cyclic group of order n. To draw the corresponding lattice diagram of G
notice that
⟨g m ⟩ ⊆ ⟨g k ⟩ ⇔ k∣m
In fact, suppose first that ⟨g m ⟩ ⊆ ⟨g k ⟩ and let us show that k∣m. From
⟨g m ⟩ ⊆ ⟨g k ⟩ we have, in particular, that g m ∈ ⟨g k ⟩, so there exists an integer
t such that g m = (g k )t = g kt . Thus m ≡ kt (mod n) by Theorem 4.5 (i) (b).
But then n∣(m − kt), which yields that m − kt = nu for some integer u. On the
other hand, since we are assuming that k∣n we obtain that n = kv for some
integer v. Putting it altogether we have
n=kv
m = kt + nu = kt + (kv)u = k(t + vu) ⇒ k∣m

Suppose now that k∣m and let us show that ⟨g m ⟩ ⊆ ⟨g k ⟩. To do so, it is enough
to prove that g m ∈ ⟨g k ⟩. From k∣m we derive that m = ku for some integer u,
and using the Exponent Laws we have

g m = g ku = (g k )u ∈ ⟨g k ⟩.

Example 3.34. Find all subgroups of the multiplicative cyclic group

C12 and draw its lattice diagram.
Write C12 = ⟨g⟩, where o(g) = 12. Since the positive divisors of 12 are 1, 2,
3, 4, 6, 12, the Fundamental Theorem of Finite Cyclic Groups allows us to
conclude that C12 has exactly 6 subgroups. To determine the unique subgroup
of each of these orders, we use Lemma 3.31. Clearly, {1} = ⟨1⟩ = ⟨g 12 ⟩.
12
Order 2: 2 = o(g d ) = ⇒ d = 6; the subgroup of order 2 is ⟨g 6 ⟩;
d
12
Order 3: 3 = o(g d ) = ⇒ d = 4; the subgroup of order 3 is ⟨g 4 ⟩;
d
12
Order 4: 4 = o(g d ) = ⇒ d = 3; the subgroup of order 4 is ⟨g 3 ⟩;
d
12
Order 6: 6 = o(g d ) = ⇒ d = 2; the subgroup of order 6 is ⟨g 2 ⟩;
6
To picture the diagram, notice that

⟨g 6 ⟩ ⊆ ⟨g 2 ⟩ and also ⟨g 6 ⟩ ⊆ ⟨g 3 ⟩
⟨g 4 ⟩ ⊆ ⟨g 2 ⟩
3. Groups 81

C12

⟨g 2 ⟩ ⟨g 3 ⟩

⟨g 4 ⟩ ⟨g 6 ⟩

⟨1⟩

Example 3.35. Find all subgroups of the additive cyclic group Z100
and draw the lattice diagram.
Since the positive divisors of 100 are 1, 2, 4, 5, 10, 20, 25, 50 and 100, by
the Fundamental Theorem of Finite Cyclic Groups we can assert that Z100 has
exactly 9 subgroups of orders the mentioned divisors of 100. Clearly, {0̄} = ⟨0̄⟩.
To determine the remaining subgroups, we use Lemma 3.31 in its additive
version:
100
2 = o(d1̄) = ⇒ d = 50; the subgroup of order 2 is ⟨50⟩ = 50Z100 ;
d

100
4 = o(d1̄) = ⇒ d = 25; the subgroup of order 4 is ⟨25⟩ = 25Z100 ;
d

100
5 = o(d1̄) = ⇒ d = 20; the subgroup of order 5 is ⟨20⟩ = 20Z100 ;
d

100
10 = o(d1̄) = ⇒ d = 10; the subgroup of order 10 is ⟨10⟩ = 10Z100 ;
d

100
20 = o(d1̄) = ⇒ d = 5; the subgroup of order 20 is ⟨5̄⟩ = 5Z100 ;
d

100
25 = o(d1̄) = ⇒ d = 4; the subgroup of order 25 is ⟨4̄⟩ = 4Z100 ;
d

100
50 = o(d1̄) = ⇒ d = 2; the subgroup of order 50 is ⟨2̄⟩ = 2Z100 ;
d
82 J. Sánchez-Ortega

To picture the diagram we use that

mZ ⊆ kZ ⇔ k∣m

In our case, we have the following containments:

20Z100 ⊆ 4Z100 ⊆ 2Z100 and 20Z100 ⊆ 10Z100 ⊆ 5Z100

50Z100 ⊆ 10Z100 ⊆ 2Z100 and 50Z100 ⊆ 25Z100 ⊆ 5Z100

Using the considerations above, we obtain the diagram below. Please, don’t
worry if you do not come up with a nice diagram at first. It takes a bit of
practice. The important thing here is that you draw all the lines, since this is
what it tells us the containment relations between the subgroups.

Z100

2Z100 5Z100

4Z100 10Z100 25Z100

20Z100 50Z100

⟨0̄⟩
3. Groups 83

3.4 Homomorphims and isomorphisms

Two objects are “isomorphic” if they have the same shape or structure. In
other words, two objects might appear to be different might they are identical
in form. This idea of being isomorphic (i.e. having the same structure) appears
in all the branches of Mathematics.
In Geometry there are several kinds of isomorphism, for instance, congru-
ence and similarity. Two geometry figures are congruent if there exists a plane
motion (translation, rotation or reflection) which makes one figure coincide
with the other; in order words, the two figures have the same shape and size.
For example:

Regarding to similarity, two geometric figures are similar if one can be obtained
from the other one by scaling (enlarging or shrinking) in a uniform way; with
additional translation, rotation and reflection might be needed. Similar figures
have the same shape but not necessarily the same size.

Here, we will study maps from one group onto another group that preserve
the group operation. Roughly speaking, an isomorphism between two groups is
a way to transform one group into the other one via a bijective map satisfying
a certain property. In such a case, we say that such two groups are isomorphic.
More precisely: let G1 and G2 be two groups. An isomorphism from G1
84 J. Sánchez-Ortega

to G2 is a bijective correspondence φ from G1 to G2 satisfying the following

property: for every pair of elements a and b in G1 ,

if φ(a) = a′ and φ(b) = b′ , then φ(ab) = a′ b′ = φ(a)φ(b) (∗)

In §3.1.1 we called two finite groups isomorphic if they have the same
Cayley table except for notation. Observe that this terminology is consistent
with the one that we have just introduced. If φ ∶ G1 → G2 is an isomorphism
between two finite groups, then using (∗) we can see that φ transform the
Cayley table of G1 into the Cayley table of G2 ; in fact:

G1 b For every x G2 b′
⋮ replace x by φ(x) ⋮
a ... ab a′ ... a b′
′

The idea behind two isomorphic groups is the following: If G1 and G2 are
isomorphic, then we can say that they are indeed the same, except that their
elements have different labels. The group G1 becomes G2 after relabelling its
elements; the map which does the relabelling is precisely an isomorphism from
G1 to G2 . More formal definitions follow.

Definitions 3.36. Let (G1 , ⋅1 ) and (G2 , ⋅2 ) be two groups (not necessarily of
finite order). A mapping φ ∶ (G1 , ⋅1 ) → (G2 , ⋅2 ) is called a group homomor-
phism if
φ(a ⋅1 b) = φ(a) ⋅2 φ(b),

for all a, b ∈ G1 . A monomorphism is an injective homomorphism, while

a surjective homomorphism is called an epimorphism. Homomorphisms
which are bijectives (one-to-one and onto) are said to be isomorphisms.
When an isomorphism exists from G1 to G2 we say that G1 is isomorphic
to G2 , and we write G1 ≅ G2 . Isomorphisms from a group to itself are called
automorphisms.

At this point a question arises: How does one recognize if two groups
are isomorphic? Unfortunately, this is not an easy task! There is no way of
spontaneously recognize whether two given groups G1 and G2 are isomorphic.
3. Groups 85

To answer it, one needs to find explicitly an isomorphism between them. I

would suggest to go through the following steps:

1. Use your intuition to come up with a map φ ∶ G1 → G2 , which looks like

it could be an isomorphism. The more exercises you do, the easier this
first step will become.

2. Check that φ is bijective.

3. Take two arbitrary elements a and b in G1 , compute φ(a), φ(b) and

φ(ab) and check that the equality φ(ab) = φ(a)φ(b) holds.

Let us see an example: the additive group R is isomorphic to the

multiplicative group R+ . To prove this, we go through the previous steps:

1. The exponential function f ∶ R → R+ , f (x) = ex might work.

2. f is one-to-one: if f (a) = f (b), that is, ea = eb , then taking the natural

logarithm ln on both sides, we obtain a = b.

f is surjective: if y is any positive real number, then y = eln y = f (ln y).

3. We all know that ea+b = ea ⋅ eb , for all a, b ∈ R. It says that

f (a + b) = f (a) ⋅ f (b)

Observe that the operation of R is +, whereas the operation of R+ is ⋅.

It justifies why we have used + on the left hand side of the preceding
equation, and ⋅ on the right hand side of the equation.

Examples 3.37.

1. The map φ ∶ (Z, +) → (Z, +) given by φ(a) = 3a is a monomorphism

because φ is one-to-one

φ(a) = φ(b) ⇒ 3a = 3b ⇒ 3(a − b) = 0 ⇒ a − b = 0 ⇒ a = b,

and it satisfies that

φ(a + b) = 3(a + b) = 3a + ab = φ(a) + φ(b),

86 J. Sánchez-Ortega

for all a, b ∈ Z. Observe that φ is not an isomorphism since it is not surjective:

there is no integer a such that φ(a) = 4 because the equation 3x = 4 has no
solutions in Z.
2. The absolute value map ψ ∶ C∗ → R+ given by ψ(z) = ∣z∣ for all z ∈ C∗
is a homomorphism (in fact, epimorphism) since

ψ(zw) = ∣zw∣ = ∣z∣∣w∣ = ψ(z)ψ(w), for all z, w ∈ C∗ .

3. The determinant map GLn (R) → R∗ given by A ↦ det(A) is a homo-

morphism because det(AB) = det(A) det(B), for all matrices A and B, and
det(AB) ≠ 0. Moreover, the determinant map is an epimorphism. Why? Is
it a monomorphism?
In what follows, we collect some basic properties of automorphisms and
isomorphisms.

Theorem 3.38. Let φ ∶ G1 → G2 be a group homomorphism. Then:

(1) φ preservers the identity element: φ(1G1 ) = 1G2

(2) φ preservers inverses: φ(g −1 ) = φ(g)−1 for all g ∈ G1 .

(3) φ preservers powers: φ(g k ) = φ(g)k for all g ∈ G1 and k ∈ Z.

Proof. (1) We have that φ(1G1 ) = φ(1G1 ⋅ 1G1 ) = φ(1G1 ) ⋅ φ(1G1 ), and by the
cancellation law in G2 we obtain that φ(1G1 ) = 1G2 .
(2) For g ∈ G1 we have that

(1)
1G2 = φ(1G1 ) = φ(gg −1 ) = φ(g)φ(g −1 ),

which implies that φ(g −1 ) = φ(g)−1 .

(3) For k = 0, the result follows from (1). We proceed by induction on k > 0.
For k = 1, we have that

φ(g 1 ) = φ(g) = φ(g)1 .

Assume that φ(g k ) = φ(g)k for some k > 1, and consider φ(g k+1 ).

φ(g k+1 ) = φ(g ⋅ g k ) = φ(g) ⋅ φ(g k ) = φ(g) ⋅ φ(g)k = φ(g)k+1 .

3. Groups 87

Thus (3) holds for k > 0 by the Principle Mathematical of Induction. If k < 0,
write k = −m for m > 0. Then by (2) and the previous calculations we have

φ(g k ) = φ(g −m ) = φ((g m )−1 ) = φ(g m )−1 = (φ(g)m )−1 = φ(g)−m = φ(g)k .

Thus φ(g k ) = φ(g)k for all k ∈ Z.

The proof of the following two results is left as an exercise.

Theorem 3.39. Let G, G1 and G2 denote groups.

(1) The identity map is an isomorphism for every group.

(2) If φ ∶ G → G1 is an isomorphism, then the inverse φ−1 ∶ G1 → G is also

an isomorphism.

(3) If φ ∶ G → G1 and ψ ∶ G1 → G2 are isomorphisms, then ψ ○ φ ∶ G → G2 is

also an isomorphism.

Corollary 3.40. The isomorphic relation ≅ is an equivalence relation.

Corollary 3.41. Then the set aut(G) consisting of all automorphisms of

a group G forms a group under composition. It is called the automorphism
group of G.

And what’s about non-isomorphic groups? How can we show that two
groups are not isomorphic? You might not believe that it is actually
easier to show that two groups are not isomorphic than to show that they are.
Keeping in mind that isomorphic groups are essentially the same (just except
for notation, i.e., different name for their elements and/or operations) it is
natural to think that they will share the same properties. More precisely:
If a group G1 has a property and G2 does not have it, or vice versa,
we can conclude that G1 and G2 are not isomorphic.
Here are some examples of properties to look out for are:

1. G1 is commutative, and G2 is not.

2. G1 is cyclic, and G2 is not.

3. G1 is generated by two elements and G2 is not generated by any choice

of two of its elements.
88 J. Sánchez-Ortega

4. Every element of G1 is the square of an element of G1 , whereas G2 does

not have this property.

For example, the additive groups Z2 × Z2 and Z4 are not isomorphic, since Z4
is cyclic and Z2 × Z2 isn’t (recall that all the elements of Z2 × Z2 have order 2).
Let us see another example: the additive group R is not isomorphic to
the multiplicative group R∗ . Notice that R∗ have an element distinct from
1 such that its square is 1, namely, (−1)2 = (−1)(−1) = 1. Observe that 1 is the
identity element of R∗ and we have just seen that isomorphisms preserve the
identity element. So this property interpreted in the additive group R would
tell us that R has a ∈ R, a ≠ 0, such that a + a = 0, which clearly does not
happen. Therefore, we can conclude that these two groups are not isomorphic.

We close the section by proving that there are essentially two cyclic groups:

Theorem 3.42. Isomorphism of Cyclic Groups.

(1) For every positive integer n, every cyclic group of order n is isomorphic
to Zn . Thus, any two cyclic groups of order n are isomorphic.

(2) Every cyclic group of order infinity is isomorphic to Z, and therefore

any two cyclic groups of order infinity are isomorphic.

Proof. (1). Let Cn = ⟨a⟩ be a (multiplicative) cyclic group of order n. Then

⟨a⟩ = {1, a, a2 , . . . , an−1 }.

Comparing this group with the additive cyclic group Zn = {0̄, 1̄, 2̄, . . . , n − 1},

⟨a⟩ = {a0 , a1 , a2 , ..., an−1 }

Õ Õ Õ Õ
× × × ×
× × × ×
× × × ×
Ö Ö Ö Ö

Zn = {0̄, 1̄, 2̄, ..., n − 1}

one realises that the map φ ∶ Zn → ⟨a⟩ given by φ(i) = ai is a bijective map.
But this map also satisfies that

φ(i + j) = ai+j = ai aj = φ(i)φ(j),

3. Groups 89

which shows that φ is an isomorphism from Zn to ⟨a⟩.

(2). Suppose that ⟨a⟩ is a cyclic group of order infinity. Then

⟨a⟩ = {. . . , a−2 , a−1 , 1, a, a2 , . . .}.

Proceeding like in (1) we compare this group with Z:

⟨a⟩ = {. . . , a−2 , a−1 , 1, a1 a2 , . . .}

Õ Õ Õ Õ Õ
× × × × ×
× × × × ×
× × × × ×
Ö Ö Ö Ö Ö

Z= {. . . , −2, −1, 0, 1, 2, . . .}

Then it is clear that the map φ ∶ Z → ⟨a⟩ given by φ(i) = ai is the desired
isomorphism.
Chapter 4

Lagrange’s Theorem

In this short chapter we will prove Lagrange’s Theorem, one of the most
important results in (finite) group theory. To do so, we first need to introduce
the required machinery: cosets.

4.1 Cosets
The notion of a coset was introduced by E. Galois in 1930 but was G. A.
Miller the one who name them cosets.

Definition 4.1. Let H be a subgroup of a group G and a ∈ G. The set

Ha = {ha ∣ h ∈ H} is called the right coset of H in G generated by a, while
aH = {ah ∣ h ∈ H} is called the left coset of H in G generated by a.
Observe that in additive notation the left and right cosets are:

H + a = {h + a ∣ h ∈ H}, a + H = {a + h ∣ h ∈ H}

It is important to notice that cosets in a group G are subsets of G.

Cosets are not elements in G!

Example 4.2. Find all the left and right cosets of H = {ε, (1 3)} in S3 .
Recall that S3 = {ε, (1 2), (1 3), (2 3), (1 2 3), (1 3 2)}. Then we have

εH = H = (1 3)H,
(1 2)H = {(1 2)ε, (1 2)(1 3)} = {(1 2), (1 3 2)}
(2 3)H = {(2 3)ε, (2 3)(1 3)} = {(2 3), (1 2 3)}

91
92 J. Sánchez-Ortega

We have that (1 2)H = (1 3 2)H and (2 3)H = (1 2 3)H. You will understand
why I can make this afirmation without performing any calculations after we
study the coset properties. In the meantime, do the calculations yourself to
practice a bit. These are all the left cosets of H. Its right cosets are computed
in a similar way:

Hε = H = H(1 3),
H(1 2) = {(1 2), (1 2 3)} = H(1 2 3),
H(2 3) = {(2 3), (1 3 2)} = H(1 3 2).

Notice that, for instance, H(1 2) ≠ (1 2)H.

Example 4.3. Find all the cosets of the subgroup 4Z in the additive group
Z. In this case, since Z is an abelian group, it is enough to compute the right
(or the left) cosets.
Given a ∈ Z the right coset generated by a is 4Z + a. But

4Z + a = a + 4Z = ā in Z4 .

We only have four right (or left) cosets, which are the four residue classes
modulo 4:

4Z + 0 = {. . . , −12, −8, −4, 0, 4, 8, 12, . . .}

4Z + 1 = {. . . , −11, −7, −3, 1, 5, 9, 13, . . .}
4Z + 2 = {. . . , −10, −6, −2, 2, 6, 10, 14, . . .}
4Z + 3 = {. . . , −9, −5, −1, 3, 7, 11, 15, . . .}

4.2 Cosets properties

In this section we will prove several properties of the right and left cosets.
Please pay special attention to these since we will be using them several times
in the next few chapters, and you will need them next year if you decide
to continue this algebra journey. It is therefore very important that you
understand them and learn how to apply them.
4. Lagrange’s Theorem 93

Let a ∈ G and H a subgroup of G. Then:

1. H1 = H = 1H , that is, H is a right and left coset of itself.

2. It is obvious that a ∈ Ha and a ∈ aH since a = 1 ⋅ a = a ⋅ 1 for 1 ∈ H.

3. If G is abelian, then Ha = aH for all a ∈ G and all subgroups H of G.

4. 3 might not be true if G is not abelian.

5. If a ∈ Hb, then Ha = Hb.

6. Ha = Hb if and only if ab−1 ∈ H.

7. Ha = H if and only if a ∈ H.

8. There exists a bijective map from H to Ha. In particular, if H is finite,

then any coset Ha has the same number of elements as H and therefore
all the cosets have the same number of elements.

9. The family of all the cosets of Ha, as a ranges over G, is a

partition of G. It means that G = ∪a∈G Ha , and Ha ≠ Hb implies
Ha ∩ Hb = ∅.

H1 = H

Hc Ha

Hb

Notice that, in additive notation, properties 6 and 7 become

H + a = H + b ⇔ a − b ∈ H; H +a=H ⇔a∈H

For instance, 6Z + 7 = 6Z + 1 since 7 − 1 = 6 ∈ 6Z.

94 J. Sánchez-Ortega

Proof. Properties 1 , 2 and 3 trivially hold.

4. For G = S3 and H = {ε, (1 3)}, we have

(1 2)H = {(1 2), (1 3 2)} ≠ {(1 2), (1 2 3)} = H(1 2)

5. To show that the cosets Ha and Hb are equal, we must show that they
are equal sets (remember that cosets are, by definition, subsets of G). Suppose
that a ∈ Hb. Then there exists h ∈ H such that a = hb. If x ∈ Ha, then x = h1 a
for some h1 ∈ H. From a = hb we get that x = h1 a = h1 (hb) = (hh1 )b ∈ Hb.
This proves that Ha ⊆ Hb. The proof of the containment Hb ⊆ Ha is similar,
using now that b = h−1 a.

6. If ab−1 ∈ H, then ab−1 = h for some element h in h. From here we

obtain that a = hb ∈ Hb. An application of 5 gives that Ha = Hb. If Ha = Hb,
then a ∈ Hb so a = hb for some h ∈ H. This gives that ab−1 = h ∈ H, as desired.

7 follows from 6 by taking b = 1.

8. Define ψ ∶ H → Ha by ψ(h) = ha. Clearly, ψ is surjective because every

element of Ha is of the form ha for some h ∈ H and so ha = ψ(h). Lastly, if
ψ(h1 ) = ψ(h2 ), then h1 a = h2 a and applying the cancellation law in G we get
that h1 = h2 , which proves that ψ is injective.

9. We first need to show that any two cosets, say Ha and Hb, are either
disjoint or equal. If they are disjoint, then we are done. Otherwise, suppose
that Ha ∩ Hb ≠ ∅, and let x ∈ Ha ∩ Hb. Then there exists x ∈ G such that
x ∈ Ha and x ∈ Hb, which yield x = h1 a = h2 b for some h1 , h2 ∈ H. Solving the
equation h1 a = h2 b for a, we obtain a = (h−1
1 h2 )b ∈ Hb. Hence, property 5

implies that Ha = Hb. To finish, we need to check that G is the union of all
the cosets. In order to do so, we must show that every element g ∈ G is in one
of the cosets of H. But this clearly holds, since g = 1 ⋅ g ∈ Hg.
The considerations above show that the family of all cosets of H is a
partition of G, as desired.
4. Lagrange’s Theorem 95

4.3 Lagrange’s Theorem

Using cosets properties, proving Lagrange’s Theorem becomes an easy task.

Theorem 4.4. Lagrange’s Theorem. Let H be a subgroup of a finite

group G. Then the order of G is a multiple of the order of H.

Proof. Suppose that Ha1 , Ha2 , . . . , Hak are the distinct cosets of H in G.
Then G = Ha1 ∪ Ha2 ∪ . . . ∪ Hak , which is a disjoint union by Property 9 .
Next, using Property 8 we have that ∣Hai ∣ = ∣H∣ for each i, so

∣G∣ = ∣Ha1 ∣ + . . . + ∣Hak ∣ = ∣H∣ + . . . + ∣H∣ = k∣H∣,

which shows that the order of G is a multiple of the order of H, as desired.

A few applications of Lagrange’s Theorem follow.

Corollary 4.5. The order of any element of a finite group divides the order
of the group.

Proof. Let G be a finite group and g ∈ G. By definition the order of g

coincides with the order of the cyclic subgroup ⟨g⟩ of G generated by g. The
result now follows by applying Lagrange’s Theorem to ⟨g⟩ and G.

Corollary 4.6. Every group of prime order is cyclic.

Proof. Let p be a prime and G a group of order p. Take g ∈ G with g ≠ 1

and consider the subgroup ⟨g⟩ of G, which is non-trivial because g ≠ 1. By
Lagrange’s Theorem we have that ∣⟨g⟩∣∣p, and so ∣⟨g⟩∣ = p, that is, G = ⟨g⟩.

We have seen that every group of order 4 = 22 is either cyclic or isomorphic

to the Klein group. We can now use Lagrange’s Theorem to extend this result
to any prime p.

Corollary 4.7. If ∣G∣ = p2 where p is a prime, then either G is cyclic or

g p = 1 for every element g in G.

Proof. Assume that G is not cyclic and take g ∈ G. Write H = ⟨g⟩ for the
cyclic subgroup of G generated by g. Then by Corollary 4.5 the order of H,
96 J. Sánchez-Ortega

namely, o(g) = ∣H∣ divides the order of G, i.e., p2 . From here we derive that
o(g) = 1, p, or p2 . But o(g) ≠ p2 because G is not cyclic, so o(g) is either 1 or
p. In any case, g p = 1, concluding the proof.

Definition 4.8. Let G be a group and H a subgroup of G. The index of H

in G is the number of cosets of H in G. We denote it by ∣G ∶ H∣ .

Remark 4.9. If G is finite, from the proof of Lagrange’s Theorem, we get

that the number of elements in G is equal to the number of elements in H,
multiplied by the number of cosets of H in G. In other words:

order of G ∣G∣
∣G ∶ H∣ = =
order of H ∣H∣

A subgroup H can have finite index in a group G even if both H

and G are infinite. For example, H = 4Z has index 4 in G = Z and both 4Z
and Z are infinite.
Chapter 5

Factor groups

In this last chapter, we will learn about a special types of subgroups, called
normal subgroups, and how to use them to construct a new kind of groups,
called factor groups, whose elements are cosets.

5.1 Normal subgroups

We have already seen that, in general, left and right cosets do not coincide.
When we have the equality for all of them, we say that such a subgroup is
normal, although this might not look very normal ...

Definition 5.1. We say that H is a normal subgroup of G, or that H is

normal in G, if gH = Hg for all g ∈ G. In such a case, we write H
G.

Examples 5.2.

1. Let G be any group. Then {1}
G and G
G since g{1} = {g} = {1}g,
gG = G = Gg, for all g ∈ G. The centre Z(G) of G is always a normal
subgroup of G.

2. Every subgroup of an abelian group is normal.

3. Let G = S3 = {ε, σ, σ 2 , τ, τ σ, τ σ 2 }, where σ 3 = τ 2 = ε and στ σ = τ . Write

H = {ε, τ } and K = {ε, σ, σ 2 }. Then one can check that K
S3 but H
is not normal in S3 . In fact:

Hσ = {hσ ∣ h ∈ H} = {εσ, τ σ} = {σ, τ σ},

σH = {σh ∣ h ∈ H} = {σε, στ } = {σ, τ σ 2 },

97
98 J. Sánchez-Ortega

since στ = σ 2 τ σ = σ 3 τ σ 2 = τ σ 2 . Thus Hσ ≠ σH, and H is not normal in

S3 . On the other hand, K
S3 because

αK = K = Kα, for all α ∈ K,

τ K = {τ, τ σ, τ σ 2 } = Kτ,
τ σK = {τ σ, τ σ 2 , τ } = Kτ σ,
τ σ 2 K = {τ σ 2 , τ, τ σ} = Kτ σ 2 .

A good exercise would be to perform some of these calculations yourself.

Take a look to the Cayley table of S3 computed in Example 3.4.

The definition of a normal subgroup does not provide us a practical way to

check whether a given subgroup is normal, since it requires the computation
of all left and right cosets of such subgroup. In what follows, we will learn a
more convenient method to test whether a subgroup is normal.

Theorem 5.3. Normality Test. The following conditions are equivalent

for a subgroup H of a group G.

(1) H is normal in G.

(2) gHg −1 ⊆ H for all g ∈ G.

Proof. (1) ⇒ (2). Suppose that H is a normal subgroup of G. This means

that Ha = aH for all a ∈ G. Take g ∈ G and let us prove that gHg −1 ⊆ H.
Take x ∈ gHg −1 , then there exists h ∈ H such that x = ghg −1 . Consider the
(1)
element gh and notice that gh ∈ gH = Hg. Thus gh = h1 g for some h1 ∈ H.
From here we obtain that

x = ghg −1 = (gh)g −1 = (h1 g)g −1 = h1 (gg −1 ) = h1 ∈ H,

which proves (2).

(2) ⇒ (1). Suppose now that gHg −1 ⊆ H for all g ∈ G and let us show that H
is normal in G. To do so, we need to check that gH = Hg for all g ∈ G. Take
g ∈ G and apply (2) with the element g −1 to get that g −1 H(g −1 )−1 = g −1 Hg ⊆ H.
From here, using that 1 = gg −1 = g −1 g we obtain
(2)
H = (gg −1 )H(gg −1 ) = g(g −1 Hg)g −1 ⊆ gHg −1 ⊆ H,

which yields that H = gHg −1 and so Hg = gH, as required.

5. Factor groups 99

Proposition 5.4. Let φ ∶ G → G′ be a group homomorphism. Then the

kernel of φ, defined as,

ker φ = {k ∈ G ∣ φ(k) = 1G′ }

is a normal subgroup of G. Moreover, φ is a monomorphism if and only if

ker φ = {1G }.

Proof. We first need to check that ker φ is a subgroup of G. To do so,

we use the Subgroup Test: take k, k ′ ∈ ker φ, then using that φ is a group
homomorphism we have that
k,k′ ∈ker φ
φ(kk ′ ) = φ(k)φ(k ′ ) = 1G′ 1G′ = 1G′
φ(k −1 ) = φ(k)−1
k∈ker φ
= 1G′

which imply that kk ′ , k −1 ∈ ker φ, and so ker φ is a subgroup of G. It remains

to show that ker φ is normal in G. To do so, we check that condition (2) in
the Normality Test is satisfied. Take g ∈ G and k ∈ ker φ and let us show
that gkg −1 ∈ ker φ, that is, φ(gkg −1 ) = 1G′ . In fact, using that φ is a group
homomorphism and that k ∈ ker φ we have:

φ(gkg −1 ) = φ(g)φ(k)φ(g −1 ) = φ(g)φ(g −1 )φ(g)φ(g)−1 ,

which shows that gkg −1 ∈ ker φ, as required.

Suppose first that φ is a monomorphism, which means that φ is an
injective group homomorphism. Since φ is a group homomorphism, we have
that φ(1G ) = 1G′ . For k ∈ ker φ we have that

φ(k) = 1G′ = φ(1G ),

which implies k = 1G since φ is injective. This shows that ker(φ) = {1G }.

Conversely, assume that ker(φ) = {1G }. Since we are assuming that φ
is a group homomorphism, we only need to check and let us show that φ is
injective. To do so, suppose that g1 and g2 are in G such that φ(g1 ) = φ(g2 ),
and let us show that g1 = g2 . From φ(g1 ) = φ(g2 ) multiplying by the inverse
of φ(g2 ), which is, φ(g2 )−1 = φ(g2−1 ),

1G′ = φ(g1 )φ(g2 )−1 = φ(g1 )φ(g2−1 ) = φ(g1 g2−1 ) ⇒ g1 g2−1 ∈ ker(φ) = {1G },
100 J. Sánchez-Ortega

which implies that g1 g2−1 = 1G and so g1 = g2 . This shows that φ is injective,

finishing the proof.

Example 5.5. Consider the general linear group

GL(2, R) = {A ∈ M2 (R) ∶ det(A) ≠ 0}.

Then the subset SL(2, R) = {A ∈ M2 (R) ∶ det(A) = 1} of G consisting on

the matrices with determinant 1, called the special linear group is a normal
subgroup of GL(2, R).

To ease the notation let H = SL(2, R). Using the properties of the
determinant, it is straightforward to check that H is a subgroup of G (please,
complete the details and let me know whether you have any questions). We
prove here that H satisfies (2) in the Normality Test. Given A ∈ GL(2, R), we
need to show that AHA−1 ⊆ H. If B ∈ H, then

1
det(ABA−1 ) = det(A) det(B) = det(B) = 1 ⇒ ABA−1 ∈ H,
det(A)

as desired.

5.2 Factor groups

Let G be a group and H a subgroup of G. We can introduce an intuitive
operation in the set of all the cosets of H in G, called the coset operation,
consisting on multiplying the generators of the cosets:
the coset of a operated with the coset of b is defined to be the coset of ab.
In symbols,
Ha ⋅ Hb = H(ab)

This definition seems to be quite innocent but it is not that simple! The
difficulty arises from the fact that the result of operate two cosets Ha and
Hb might not be uniquely defined. Recall that Ha may be the same coset
as Hc (it happens if c ∈ Ha), and similarly, Hb may be the same coset as
Hd. Therefore, Ha ⋅ Hb should be the same as Hc ⋅ Hd. Unfortunately, it
may happen that H(ab) is not the same coset as H(cd). We can express this
5. Factor groups 101

situation using symbols as

Ha ⋅ Hb = H(ab)

≠
Hc ⋅ Hd = H(cd)

For example, if G = S3 and H = {ε, (1 2)}, then

H(1 3) = {(1 3), (1 3 2)} = H(1 3 2)

H(2 3) = {(2 3), (1 2 3)} = H(1 2 3)

and yet H(1 3)(2 3) = H(1 3 2) ≠ H = Hε = H(1 3 2)(1 2 3).

Therefore, coset multiplication does not work as an operation in the cosets
of H = {ε, (1 2)} in S3 / Why not? What did it go wrong? Well ...
Although H is a subgroup, H is not a normal subgroup of S3 . So then
the next questions are “what if H were a normal subgroup?” “Would coset
operation work?” Good news! It does! ,, Check out the following theorem!

Theorem 5.6. Let H be a normal subgroup of a group G. If Ha = Hc and

Hb = Hd then H(ab) = H(cd).

Proof. Assume that Ha = Hc and Hb = Hd. Then, in particular, a ∈ Hc

and b ∈ Hd, hence a = h1 c and b = h2 d for some h1 , h2 ∈ H. Thus:

ab = (h1 c)(h2 d) = h1 (ch2 )d.

But ch2 ∈ cH = Hc because H is normal, and so ch2 = h3 c for some h3 ∈ H.

Returning to ab we get that

ab = h1 (ch2 )d = h1 (h3 c)d = (h1 h3 )(cd) ∈ H(cd)

An application of the Cosets Property 5 gives that H(ab) = H(cd).

Let G be a group and H a normal subgroup of G. Let G/H be the set

consisting of all the cosets of H in G. Put it this way, if Ha, Hb, Hc, . . .
are the cosets of H in G, then G/H = {Ha, Hb, Hc, . . .} or, more generally,

G/H = {Ha, Hb, Hc, . . .} = {Hg ∣ g ∈ G}.

We have just proved that the coset operation is indeed an operation on G/H.
In our next result, we prove that G/H is a group under coset operation.
102 J. Sánchez-Ortega

Theorem 5.7. Let G be a group and H a normal subgroup of G. Then

G/H is a group under coset operation: Ha ⋅ Hb = H(ab)

Proof. 1. Coset operation is associative:

Ha ⋅ (Hb ⋅ Hc) = Ha ⋅ H(bc) = H(a(bc)) = H((ab)c) = H(ab) ⋅ Hc =

= (Ha ⋅ Hb) ⋅ Hc

2. The unity for G/H is H:

Ha ⋅ H = Ha ⋅ H1 = H(a1) = H(1a) = H1 ⋅ Ha = H ⋅ Ha

3. The inverse of Ha is Ha−1 :

Ha ⋅ Ha−1 = H(aa−1 ) = H1 = H, Ha−1 ⋅ Ha = H(a−1 a) = H1 = H.

Recall that ∣G ∶ H∣ denotes the number of distinct cosets of H in G, and

it is called the index of H in G. The group G/H is said to be the factor
group, or quotient group of G by H. Note that ∣G/H∣ = ∣G ∶ H∣ .
An important map is the coset map (also called canonical projection)
π ∶ G → G/H that assigns each element of G to its coset in H, that is,
π(a) = Ha . It is straightforward to check that the coset map is a group
epimorphism with kernel ker π = H .

Example 5.8. Let Z be the additive cyclic group of the integers, and let
⟨6⟩ = 6Z be the cyclic subgroup of Z consisting of all the multiples of 6. Notice
that 6Z is a normal subgroup of Z because Z is abelian (so all its subgroups
are normal). Therefore, we can consider the factor group Z/6Z. The elements
of this group are the cosets of 6Z in Z, namely:

6Z + 0 = {. . . , −18, −12, −6, 0, 6, 12, 18, . . .}

6Z + 1 = {. . . , −17, −11, −5, 1, 7, 13, 19, . . .}
6Z + 2 = {. . . , −16, −10, −4, 2, 8, 14, 20, . . .}
6Z + 3 = {. . . , −15, −9, −3, 3, 9, 15, 21, . . .}
6Z + 4 = {. . . , −14, −8, −2, 4, 10, 16, 22, . . .}
5. Factor groups 103

6Z + 5 = {. . . , −13, −7, −1, 5, 11, 17, 23, . . .}

These are all the different cosets of 6Z. Observe that 6Z + 6 = 6Z + 0 (since
6 ∈ 6Z + 0), 6Z + 7 = 6Z + 1 (since 7 ∈ 6Z + 1), 6Z + 8 = 6Z + 2, etc.
Since the operation in Z is +, we use + for the coset operation , as well.
But nothing has changed except for the name: (6Z + a) + (6Z + b) = 6Z + (a + b).
To ease our notation, we write the coset in the following shorter form:

0̄ = 6Z + 0 1̄ = 6Z + 1 2̄ = 6Z + 2 3̄ = 6Z + 3 4̄ = 6Z + 4 5̄ = 6Z + 5

Then Z/6Z = {0̄, 1̄, 2̄, 3̄, 4̄, 5̄} , and its Cayley table is:

+ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄
0̄ 0̄ 1̄ 2̄ 3̄ 4̄ 5̄
1̄ 1̄ 2̄ 3̄ 4̄ 5̄ 0̄
2̄ 2̄ 3̄ 4̄ 5̄ 0̄ 1̄
3̄ 3̄ 4̄ 5̄ 0̄ 1̄ 2̄
4̄ 4̄ 5̄ 0̄ 1̄ 2̄ 3̄
5̄ 5̄ 0̄ 1̄ 2̄ 3̄ 4̄

Notice that the factor group Z/6Z is isomorphic to the additive cyclic
group Z6 . In general, we have that Z/nZ ≅ Zn .

Some group properties are preserved by the factor group construction. We

present two of them in our next result:

Theorem 5.9. Let H be a normal subgroup of a group G.

(1) If G is abelian, then G/H is abelian.

(2) If G = ⟨g⟩ is cyclic, then G/H is also cyclic: G/H = ⟨Hg⟩.

Proof. (1) For a, b ∈ G we need to check that Ha⋅Hb = Hb⋅Ha, which follows
by the definition of the coset operation and the fact that we are assuming
that G is abelian. In fact:

Ha ⋅ Hb = H(ab) = H(ba) = Hb ⋅ Ha.

(2) Suppose that G is a cyclic group and g ∈ G is a generator of G, that is,

the elements of G are all powers of the element g. We claim that Hg is a
104 J. Sánchez-Ortega

generator for the factor group G/H. To show this, we need to prove that all
the elements of G/H are powers of Hg. Take Ha an arbitrary element of
Hg, where a ∈ G. Since g is a generator of G and a ∈ G we can find some
integer k such that a = g k . From here using the coset operation we obtain
that (Hg)k = Hg k = Ha, finishing the proof.

Remark 5.10. In Example 5.8 we proved, by computing the Cayley table

of Z/6Z, that this factor group is isomorphic to the cyclic group Z6 . An
alternative proof is the following:
Since Z is cyclic, Theorem 5.9 (2) tells us that Z/6Z is a cyclic group. Now
keeping in mind that Z/6Z has six elements, an application of Theorem 3.42
(1) reveals that Z/6Z and Z6 are isomorphic.

5.3 The First Isomorphism Theorem

Let G and G′ be two groups. We say that G′ is a homomorphic image
of G if there exists an epimorphism (i.e. a surjective group homomorphism)
from G onto G′ . Using this terminology, the canonical projection (or coset
mapping) tells us that

any factor group G/H is a homomorphic image of G.

This means that when we construct factor groups of G, we are, in fact,

constructing homomorphic images of G. In other words, the factor group
construction gives us a way of producing homomorphic images of a group
G. In this section, we will show that this is indeed a way of manufacturing
all the homomorphic images of G. To be more precise, we will prove that
every homomorphic image of G is isomorphic to a factor group
of G. As a consequence, we will obtain that a group G′ is a homomorphic
image of G if and only if G′ is (or, is isomorphic to) a factor group of G. We
begin by proving a simpler result.

Theorem 5.11. Let φ ∶ G → G′ be a group homomorphism with kernel K.

Then φ(a) = φ(b) if and only if Ka = Kb.
5. Factor groups 105

Proof. If a and b are two elements in G, then

φ(a) = φ(b) ⇔ 1G′ = φ(a)φ(b)−1 = φ(a)φ(b−1 ) = φ(ab−1 ) ⇔ ab−1 ∈ K

Applying Cosets Property 6 we get

φ(a) = φ(b) ⇔ ab−1 ∈ K ⇔ Ka = Kb,

as desired.

Suppose that φ ∶ G → G′ is a group epimorphism with kernel K. Theorem

5.11 tells us that all the elements in the coset Kx have the same image under
φ, and, conversely, two elements a and b in G have the same image under φ if
and only if they are in the same coset of K.

1G′
1G

φ(a) = φ(b)
a

b
φ(x)

G′
G
We have then built a bijective map that matches cosets of K, namely,
elements of the factor group G/K, with elements in G′ . To be more precise,
the coset Kx is matched with the element φ(x) ∈ G′ . It remains to check that
this correspondence is indeed an isomorphism.

Theorem 5.12. First Isomorphism Theorem. Let φ ∶ G → G′ be a group

epimorphism with kernel K = ker φ. Then G/K ≅ G′ .

Proof. To show that G/K is isomorphic to G′ , we need find a group isomor-

phism from G/K to G′ . Let us try with the map φ
̃ ∶ G/K → G′ defined by
106 J. Sánchez-Ortega

̃
φ(Kx) ̃
= φ(x). We first need to make sure that φ(Kx) is uniquely defined. To
do so, we must make sure that if Ka is the same coset as Kb, then φ(a) = φ(b),
̃ is bijective:
but this follows from Theorem 5.11. We now prove that φ
̃ is injective: If φ(Ka)
●φ ̃ ̃
= φ(Kb), then φ(a) = φ(b) and by Theorem 5.11,
we get that Ka = Kb.
̃ is surjective: since we are assuming that φ is surjective we have that every
●φ
element y of G′ is of the form y = φ(x). But, by definition, φ(Kx)
̃ = φ(x) = y,
̃ is surjective.
which shows that φ
̃
Finally, φ(Ka ̃
⋅ Kb) = φ(K(ab)) ̃
= φ(ab) = φ(a)φ(b) = φ(Ka) ̃
φ(Kb), which
̃ is a group homomorphism. We can then conclude that φ
shows φ ̃ is a group
̃
isomorphism, and so, G/K = G′ .
φ

The First Isomorphism Theorem asserts that every homomorphic im-

age of G is isomorphic to a factor group of G. If we are given an
homomorphism φ ∶ G → G′ , not necessarily surjective, we can consider the
restriction φ ∶ G → φ(G) to the image, which is now an epimorphism, and
apply the First Isomorphism Theorem to it. More precisely:

Corollary 5.13. Let φ ∶ G → G′ be a group homomorphism with kernel K.

Then G/K ≅ Imφ.
⎧
⎪ ⎫
⎪
⎪⎛
⎪ 1 a b ⎞ ⎪
⎪
Example 5.14. Let G = ⎨⎜ 0 1 c ⎟ ∶ a, b, c ∈ R⎬. Show that Z(G) ≅ R
⎪
⎪ ⎪
⎪
⎩⎝ 0 0 1 ⎠
⎪ ⎪
⎭
and G/Z(G) ≅ R × R.

We first prove that G is a group under matrix multiplication. In fact:

● G is closed under matrix multiplication:
′ ′ ′ ′ ′
⎛ 1 a b ⎞ ⎛ 1 a b ⎞ ⎛ 1 a + a b + ac + b ⎞
′
⎜ 0 1 c ⎟⎜ 0 1 c ⎟ = ⎜ 0 1 c + c′ ⎟
⎝ 0 0 1 ⎠⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠

⎛ 1 0 0 ⎞
● The identity matrix ⎜ 0 1 0 ⎟ is in G, and
⎝ 0 0 1 ⎠
−1
⎛ 1 a b ⎞ ⎛ 1 −a ac − b ⎞
● G is closed under inverses: ⎜ 0 1 c ⎟ =⎜ 0 1 −c ⎟ .
⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠
5. Factor groups 107

Since matrix multiplication is an associative operation, we can conclude

that G is a group under matrix multiplication. Next, we need to compute the
center Z(G) of G, that is, the elements of G that commutes with any other
⎛ 1 a′ b ′ ⎞
element of G. If ⎜ 0 1 c′ ⎟ ∈ Z(G), then
⎝ 0 0 1 ⎠

′ ′ ′ ′
⎛ 1 a b ⎞⎛ 1 a b ⎞ ⎛ 1 a b ⎞⎛ 1 a b ⎞
⎜ 0 1 c ⎟ ⎜ 0 1 c ⎟ = ⎜ 0 1 c ⎟ ⎜ 0 1 c′ ⎟ ,
′ ∀ a, b, c ∈ R.
⎝ 0 0 1 ⎠⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠⎝ 0 0 1 ⎠

It implies that b′ + ac′ + b = b + a′ c + b′ , for all a, b, c ∈ R. In particular, taking

a = 1 and c = 0 gives c′ = 0. Next, if we take c = 1 we obtain that a′ = 0. Thus:

⎧
⎪ ⎫
⎪
⎪⎛
⎪ 1 0 b ⎞ ⎪
⎪
Z(G) = ⎨⎜ 0 1 0 ⎟ ∶ b ∈ R⎬
⎪
⎪ ⎪
⎪
⎩⎝ 0 0 1 ⎠
⎪ ⎪
⎭

The map φ ∶ R → Z(G) given by

⎛ 1 0 b ⎞
b ↦ ⎜ 0 1 0 ⎟,
⎝ 0 0 1 ⎠

is the desired isomorphism. It is clearly bijective (complete the details and let
me know whether you have any questions) and it is a group homomorphism:

⎛ 1 0 b1 b2 ⎞ ⎛ 1 0 b1 ⎞ ⎛ 1 0 b2 ⎞
φ(b1 b2 ) = ⎜ 0 1 0 ⎟ = ⎜ 0 1 0 ⎟ ⎜ 0 1 0 ⎟ = φ(b1 )φ(b2 ), ∀ b1 , b2 ∈ R.
⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠⎝ 0 0 1 ⎠

φ
We have proved that R ≅ Z(G). It remains to show that G/Z(G) ≅ R × R. To
do this, we apply the First Isomorphism Theorem. We need to find a group
epimorphism G → R × R with kernel Z(G). Taking into account the previous
calculations, we can try with the map ψ ∶ G → R × R defined by

⎛ 1 a b ⎞
ψ ⎜ 0 1 c ⎟ = (a, c).
⎝ 0 0 1 ⎠

I am thinking about this map because I have some practice and I can see that
its kernel will be Z(G). Notice that R × R is an additive group, so its identity
108 J. Sánchez-Ortega

element is (0, 0). Keeping this in mind we have

⎛ 1 a b ⎞ ⎛ 1 a b ⎞
⎜ 0 1 c ⎟ ∈ ker ψ ⇔ ψ ⎜ 0 1 c ⎟ = (0, 0) ⇔ (a, c) = (0, 0) ⇔ a = c = 0
⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠
⎛ 1 0 b ⎞
⇔ ⎜ 0 1 0 ⎟ ∈ Z(G)
⎝ 0 0 1 ⎠

⎛ 1 x 0 ⎞
Clearly, ψ is surjective: for (x, y) ∈ R × R, we have (x, y) = ψ ⎜ 0 1 y ⎟ ∈ G.
⎝ 0 0 1 ⎠
Lastly, ψ is a group homomorphism:
⎡ 1 a b ′ ′ ⎤ ′ ′ ′
⎢⎛
⎢ ⎞ ⎛ 1 a b ⎞⎥⎥ ⎛ 1 a + a b + ac + b ⎞
ψ ⎢⎜ 0 1 c ⎟ ⎜ 0 1 c′ ⎟⎥ = ψ ⎜ 0 1 c + c′ ⎟=
⎢⎝ ⎥
⎢ 0 0 1 ⎠ ⎝ 0 0 1 ⎠⎥ ⎝ 0 0 1 ⎠
⎣ ⎦

′ ′
⎛ 1 a b ⎞ ⎛ 1 a b ⎞
′ ′ ′ ′
= (a + a , c + c ) = (a, c) + (a , c ) = ψ ⎜ 0 1 c ⎟ + ψ ⎜ 0 1 c′ ⎟ .
⎝ 0 0 1 ⎠ ⎝ 0 0 1 ⎠
An application of the First Isomorphism Theorem gives that G/ ker ψ ≅ R × R,
that is, G/Z(G) ≅ R × R.

Example 5.15. Let G be a group of order 5 such that there exists a group
homomorphism φ ∶ Z30 → G. We can use the First Isomorphism Theorem and
Lagrange’s Theorem to determine ker φ.
Thanks to the Fundamental Theorem of Finite Cyclic Groups we know
how all the subgroups of the (additive) cyclic group Z30 look like. So, in
particular, we have a good understanding of ker φ. An application of the First
Isomorphism Theorem tells us that Z30 / ker φ ≅ im φ. From here, we obtain:

∣Z30 / ker φ∣ = ∣im φ∣.

Next we use Lagrange’s Theorem to obtain some information about the order
of im φ, which is a subgroup of G. Since G has order 5 (a prime), we have
that either ∣Z30 / ker φ∣ = ∣im φ∣ = 1 or 5. We consider both cases:

• If ∣Z30 / ker φ∣ = 1, then ker φ = Z30 (and φ is the trivial homomorphism).

• If ∣Z30 / ker φ∣ = 5, then ker φ is a subgroup of Z30 of order 6, namely,

ker φ = 5Z30 .
Appendix A

Some useful stuffs

This appendix provides a summary of some algebra concepts needed for this
course. If you learnt them last year and you do not need to revisit them,
please feel free to skip these pages. I just want to make sure we are all in the
same page, since it will set yourself up for success!
Here, we will talk about sets, maps and binary operations.

A.1 Sets
A set X in Mathematics is nothing more than a collection of objects, called
elements. If a is an element of the set X, we will say that a lies in X, or a
belongs to X, or X contains a, and we write a ∈ X . Otherwise, if a is not
an element of X, we write a ∉ X .
For example, the number 1 belongs to the set of natural numbers N,
while the number −1 does not. So, 1 ∈ N and −1 ∉ N.
An interesting set is the set that contains no elements, which is called the
empty set and denoted by ∅ . For example, consider the set consisting of
the rational numbers whose square equal 2, that is,

{q ∈ Q ∣ q 2 = 2}.
√
Such a set has no elements, since we know that 2 is not a rational number,
that is, it is the empty set: {q ∈ Q ∣ q 2 = 2} = ∅.

Definition A.1. Let X and Y be two sets. If every element of X belongs

to Y , then we say that X is a subset of Y , or X is contained in Y , or Y
contains X; we write X ⊆ Y , or Y ⊇ X .

109
110 J. Sánchez-Ortega

We say that

• X and Y are equal and we write X = Y if X ⊆ Y and Y ⊆ X;

• X is a proper subset of Y if X ⊆ Y and X ≠ Y ; we write X ⊊ Y or

X ⊂Y .

Example A.2. Z is a proper subset of Q.

Definition A.3. We say that a set X is finite if either X = ∅ or there

exists a natural number n such that X has exactly n elements. We call n the
cardinality of X and write ∣X∣ = n . We define ∣∅∣ = 0 . Lastly, a set that is
not finite is called infinite.

Example A.4. ∣{x ∈ Z ∣ x2 = 4}∣ = 2 and {x ∈ Z ∣ x2 = 4} = {−2, 2}.

Definition A.5. The Cartesian product of two (nonempty) sets X and Y ,

denoted X × Y , is the set consisting on all the (ordered) pairs (a, b), where
a ∈ X and b ∈ Y . In general:

X1 × . . . × Xn = {(a1 , . . . , an ) ∣ ai ∈ Xi for all i}.

A very important particular case is the Cartesian product of X with itself:

X × X = {(a, b) ∣ a, b ∈ X} ; this is denoted by X 2 .

Example A.6. R2 = R × R is the Cartesian plane.

Definition A.7. Let X and Y be two sets.

• The intersection of X and Y is the set X ∩ Y of all elements that

belong to both X and Y . If X ∩ Y = ∅ , then we say that X and Y are
disjoint.

• The union of X and Y is the set X ∪ Y of all elements that belong

to either X or Y (not necessarily to both).

• The difference of X and Y is the set X/Y (or X − Y ) of all elements

that belong X but not to Y .

Example A.8. For X = {−1, 2, 3, 7} and Y = {0, −5, 7} we have that

X ∩ Y = {7}, X ∪ Y = {−5, −1, 0, 1, 2, 3, 7}, X/Y = {−1, 2, 3}.

A. Some useful stuffs 111

A.2 Maps
Let X and Y be two sets. Informally, we can say that a map f from X to
Y , denoted f ∶ X → Y is a rule that assigns an element a ∈ X to exactly
one element b ∈ Y . We write that f (a) = b , or a ↦ f (a) = b . We call X
and Y the domain and codomain of f , respectively. For instance, the map
assigning any real number to its square is an example of map from R to R.
That is, f ∶ R → R given by f (x) = x2 for all x ∈ R.
Suppose that U is a subset of X. The map f ∣U ∶ U → Y given by

f ∣U (a) = f (a), for all a ∈ U,

is called the restriction of f to U . Roughly speaking, f ∣U is the “same” map

but with a smaller domain.

Definition A.9. Let X and Y be two sets. We say that a map f ∶ X → Y is

• injective if f (a1 ) = f (a2 ) implies a1 = a2 .

• surjective or onto if for every b ∈ Y there exists a ∈ X such that

f (a) = b.

• bijective if f is both injective and surjective.

Venn’s diagrams provide a cool (and easy) visualisation of these concepts:

a ϕ(a) a
ϕ(a) = ϕ(b)
b ϕ(b) b

ϕ is injective ϕ is not injective

ϕ is surjective ϕ is not surjective

112 J. Sánchez-Ortega

Example A.10. The map f ∶ R → {x ∈ R ∣ x ≥ 0} given by f (x) = x2 is

surjective but not injective, since f (−2) = 4 = f (2); the map g ∶ R → R defined
by g(x) = ex is injective but not surjective (the negative numbers do not
have a pre-image); the map h ∶ R → R defined by h(x) = x3 is injective and
surjective, and so is bijective.
As you move along in your algebra journey, you will realise that we
(algebraist) pay special attention to bijective maps from a set (or other
algebraic structures) X to itself. A very simple example, is the identity map
IdX , defined by IdX (x) = x for all x ∈ X.
Remark A.11. If X is a finite set, then a map f ∶ X → X is injective if and
only if f is surjective (and hence, bijective).
Definition A.12. Let X, Y, Z be sets, and g ∶ X → Y, f ∶ Y → Z maps. We
can construct a new map f ○ g ∶ X → Z (or f g ), called the composition
(or composite) of f and g, as follows:

(f ○ g)(x) = f (g(x)), for all x ∈ X.

This is really important! You might find yourself coming back to this
comment later on, when we talk about permutations in Chapter 2. When
computing (f g)(x) we do the following:
1. we first calculate g(x), let us call it y, that is, y = g(x), and then
2. we calculate f of y: z = f (y) = f (g(x)).
In some texts, g is called the inner map and f is called the outer map of
the composition. In a visual way, this is how composition of maps work:

x g y = g(x) f z = f (y) = f (g(x)

f ○g

Example A.13. Let f, g ∶ R → R given by f (x) = x2 and g(x) = x + 1. Then:

(f ○ g)(x) = f (g(x)) = f (x + 1) = (x + 1)2 ,

(g ○ f )(x) = g(f (x)) = g(x2 ) = x2 + 1;

Notice that f ○ g ≠ g ○ f , since (f ○ g)(2) = (2 + 1)2 = 9 and (g ○ f )(2) = 22 + 1 = 5.

A. Some useful stuffs 113

A.3 Binary operations

In this section, we will generalise the addition and multiplication of numbers.
Notice that the addition process for numbers assigns to any pair (a, b) of num-
bers a new number, their sum, usually denoted a + b. Similarly, multiplication
assigns the product ab to the pair (a, b). Thus, in order to come up with a
more general notion, we will need a set X (which will play the role of the
numbers) and “algorithm” with input a pair of elements (x, y) in our set, and
output the result of operating x and y. We will represent such an algorithm
by a map X × X → X. More formally:

Definitions A.14. A binary operation on a nonempty set X is a map

∗ ∶ X × X → X . We usually write x ∗ y to denote ∗(x, y) .

Examples A.15.

1. Addition and multiplication are binary operations on N and on Z.

2. Subtraction is a binary operation on Z.

3. Division is not a binary operation on Q, because we can not divide by 0.

It is a binary operation on Q× = Q − {0}.

4. Let X denote a nonempty set and Map(X) the set of all maps from X
onto X. The map composition (f, g) ↦ f ○ g is an operation on Map(X).

Definition A.16. Let X be a nonempty set and ∗ a binary operation on X.

We say that

• ∗ is commutative if x ∗ y = y ∗ x for all x, y ∈ X.

• ∗ is associative if x ∗ (y ∗ z) = (x ∗ y) ∗ z for all x, y, z ∈ X.

• An element e ∈ X is called an identity element for ∗ if e ∗ x = x = x ∗ e

for every x ∈ X.

Theorem A.17. If a binary operation ∗ has an identity element, then it is

unique.

Proof. Assume that e and e′ are identities elements for ∗. Then e′ = e ∗ e′ ,

since e is an identity element, and e ∗ e′ = e because e′ is an identity element.
Thus e = e′ .
114 J. Sánchez-Ortega

Examples A.18.

1. Addition and multiplication on N are both commutative and associative.

Moreover, 0 is the identity element for + and 1 for ×.

2. Multiplication on Mn (R) is not commutative. It is associative and the

n × n identity matrix In is the identity element.

3. Composition on Map(X) is associative, but not commutative if ∣X∣ > 1.

In fact, take a and b are two distinct elements of X, and consider the
maps f, g ∶ X → X given by f (x) = a and g(x) = b, for all x ∈ X,
respectively. Then:

(f ○ g)(x) = f (g(x)) = f (b) = a,

(g ○ f )(x) = g(f (x)) = g(a) = b,

and since we are assuming that a ≠ b, we have that f ○ g ≠ g ○ f .

Definition A.19. Let ∗ be a binary operation on a (nonempty) set X and

e ∈ X the identity element for ∗. We say that y ∈ X is an inverse for x ∈ X if
x ∗ y = e = y ∗ x . Elements with inverses are called units. We will denote by
U (X, ∗) , or simply U (X) , the set consisting of all the units of X.

Theorem A.20. Let ∗ be an associative binary operation on a (nonempty)

set X and e ∈ X the identity element for ∗. If x ∈ X has an inverse in X,
then such an inverse is unique.

Proof. Suppose that y and y ′ are inverses of x, then x ∗ y = e = y ∗ x and

x ∗ y ′ = e = y ′ ∗ x. From here we get that

y ′ = y ′ ∗ e = y ′ ∗ (x ∗ y) = (y ′ ∗ x) ∗ y = e ∗ y = y,

and we are done.

Examples A.21.

1. Consider (Z, +), (Q, +), (R, +), (C, +). In all cases, the identity element
is 0 and the usual negative −x of an element x is the (additive) inverse.
Then every element is a unit and hence

U (Z, +) = Z, U (Q, +) = Q, U (R, +) = R, U (C, +) = C.

A. Some useful stuffs 115

2. Notice that U (Z, ⋅) = {1, −1}.

3. Multiplication on Q has the identity 1 ∈ Q. Every nonzero x ∈ Q has

an inverse x−1 with respect to multiplication, but 0 ∈ Q has no inverse.
Thus: U (Q, ⋅) = Q − {0}. The same applies to (R, ⋅) and (C, ⋅).

4. We have that U (Mn (R), +) = Mn (R). But regarding to matrix multipli-

cation, A ∈ Mn (R) has an inverse if and only if det(A) ≠ 0. Thus:

U (Mn (R), ⋅) = {A ∈ Mn (R) ∣ det(A) ≠ 0}.

5. In Map(X), a map f ∶ X → X has an inverse if and only if it is bijective.

Algebra (or Mathematics in general) will be getting more and more abstract
as you continue diving into it. Binary operations are denoted by many different
symbols in mathematics. For example, we use + and ⋅ to denote the addition
and multiplication of numbers, but these symbols are also used for the addition
and multiplication of matrices. Similarly, ∩ and ∪ are well-established notations
in set theory. When discussing binary operations in general, we have been
using ∗ for the binary operation. But algebraists, we do not do this! We
usually adopt one of the following two formats:

• Multiplicative Notation: a ∗ b is written ab (or a ⋅ b) and called the

product of a and b. The multiplicative unity is denoted 1 .

• Additive Notation: a ∗ b is written a + b and is called the sum of

a and b. The additive unity is denoted 0 .

Multiplicative notation is the most popular format among algebraists. Here

we will use multiplicative notation, and denote the unity by 1. Keep in mind
that ab can mean many different things, depending the set under discussion.
Neither a nor b need to be numbers, so ab might be nothing to do with the
idea of multiplication that we have. Please, don’t stress about it. You will get
used to it.
116 J. Sánchez-Ortega

A.4 Equivalence relations

Let us begin by talking about binary relations. A binary relation R on a set
X is a subset of the Cartesian product X × X. We write xRy if (x, y) ∈ R.
For instance, take X = R and R = {(x, y) ∈ R × R ∣ x ≤ y}. Then R is a binary
relation on R; we have that 1R2 and −4R0 since 1 ≤ 2 and −4 ≤ 0. Notice that
this is just the usual ≤ relation, written in a more fancy way.
The equality = relation on R is nothing more than the subset of R × R
consisting on all the pairs, having the two components equal:

{(x, x) ∣ x ∈ R}.

Definition A.22. An equivalence relation R on a set X is a binary relation

on X satisfying the three following properties:

1. Reflexive property: aRa for all a ∈ X.

2. Symmetric property: aRb implies bRa.

3. Transitive property: aRb and bRc imply aRc.

A more practical notation for an equivalence relation is the following: for

a, b ∈ X we write a ∼ b if aRb (that is, (a, b) ∈ R).

Examples A.23.

1. The binary relation ≤ on R is reflexive and transitive but it is not

symmetric, so ≤ is not an equivalence relation on R. The equality
relation = is clearly an equivalence relation on R.

2. Let F = R[x] denote the set of all polynomials with coefficients in R.

On F we define a binary relation f ∼ g if f ′ = g ′ . You can easily check
that ∼ is an equivalence relation on F.

Let X be a nonempty set. Recall that a partition of X is a set of

(nonempty) pairwise disjoint subsets of X such that the union of all of them
is X. For instance, {X1 , X2 , X3 , X4 } is a partition of the set X drawn below.
A. Some useful stuffs 117

X3

X1 X2

X4

A more concrete example: {{1}, {a, b}, {−1, 2, 3}} and {{1, a, b, −1}, {2, 3}} are
partitions of the set X = {a, b, −1, 1, 2, 3}.
Any equivalence relation ∼ on a (nonempty) set X produces a partition
of X; in fact, for x ∈ X, we define the equivalence class of x as the set of
elements of X related to x, that is:

[x] = {y ∈ X ∣ x ∼ y}

Notice that [x] = [x′ ] if and only if x ∼ x′ . Moreover, [x] ≠ ∅, since x ∼ x

because ∼ is reflexive. We claim that {[x] ∣ x ∈ X} is a partition of X. In fact,
if a ∈ [x] ∩ [y], then we need to show that [x] = [y], or equivalently that x ∼ y.
But this is true because ∼ is symmetric and transitive:

a ∈ [x] ⇒ x ∼ a,
a ∈ [y] ⇒ y ∼ a ⇒ a ∼ y,

imply that x ∼ y, as desired. It remains to show that X = ∪a∈X [a], but this is
trivial since x ∈ [x], for each x ∈ X.

Example A.24. Consider the equivalence relation ∼ on F = R[x] defined

on Example A.23 (2). The equivalence class of a polynomial f consists on
all the polynomial that are related to f via ∼, that is, all the polynomials
that have the same derivative of f . Since the constant polynomials have zero
derivative, we have that [f ] = {f + c ∣ c ∈ R}.