Commutative Rings, Fields, and Galois Theory

George McNinch

2025-04-18 10:06:39 EDT (george@valhalla)

Commutative Rings, Fields, and Galois Theory ©2025 by George McNinch is licensed under
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International. To view a copy
of this license, visit https://creativecommons.org/licenses/by-nc-sa/4.0/

1
Contents

1 Commutative rings 5
1.1 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2 Polynomial rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2 Properties of rings 7
2.1 Ring Homomorphisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Ideals of a ring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Quotient rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.4 Principal ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.5 Isomorphism Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.6 A Homorphism from the polynomial ring to the scalars . . . . . . . . . . . . . . . 9

3 Polynomials over a field and the division algorithm 10

3.1 Some general notions for commutative rings . . . . . . . . . . . . . . . . . . . . . 10
3.2 An important result on polynomial rings . . . . . . . . . . . . . . . . . . . . . . . 11
3.3 The degree of a polynomial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4 The division algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

4 Ideals of the polynomial ring 14

4.1 Description of ideals of the polynomial ring . . . . . . . . . . . . . . . . . . . . . 14
4.2 Principal ideal domains (PIDs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.3 PIDs and greatest common divisors . . . . . . . . . . . . . . . . . . . . . . . . . . 15

5 Prime elements and unique factorization 17

5.1 Irreducible elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
5.2 Unique factorization in a PID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

6 The Field of fractions of an Integral Domain 20

7 Irreducible polynomials over a field 23

7.1 Fields as quotient rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7.2 The rational roots test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7.3 The Gauss Lemma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7.4 Eisenstein’s irreducibility criterion . . . . . . . . . . . . . . . . . . . . . . . . . . 26
7.5 Irreducibility of certain cyclotomic polynomials . . . . . . . . . . . . . . . . . . . 27

8 Some recollections of Linear Algebra 28

8.1 Vector Spaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
8.2 Linear Transformations, subspaces and quotient vector spaces . . . . . . . . . . . 28
8.3 Bases and dimension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

9 Field extensions 32
9.1 Algebraic extensions of fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
9.2 The minimal polynomial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
9.3 Generation of extensions and primitive extensions . . . . . . . . . . . . . . . . . . 34
9.4 The degree of a field extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
9.5 Examples of finite extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

2
 9.6 Algebraic extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
9.7 Another example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

10 Constructible real numbers 43

10.1 Ruler and compass constructions . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
10.2 Constructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
10.3 Lines and Circles over a field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
10.4 Characterizing constructible numbers . . . . . . . . . . . . . . . . . . . . . . . . . 45
10.5 Angle trisection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

11 Splitting fields 48
11.1 The notion of a splitting field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
11.2 More examples of splitting fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
11.3 Uniqueness of splitting fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

12 Finite fields 54
12.1 The prime subfield of a field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
12.2 Some properties of finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
12.3 Finite fields as splitting fields over the prime field . . . . . . . . . . . . . . . . . . 55
12.4 Existence of a finite field of any prime-power order . . . . . . . . . . . . . . . . . 56
12.5 Some examples of finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
12.6 The multiplicative group of a finite field . . . . . . . . . . . . . . . . . . . . . . . 62

13 Perfect fields and separable polynomials 64

13.1 Common roots and root multiplicity . . . . . . . . . . . . . . . . . . . . . . . . . 64
13.2 Repeated roots and the characteristic . . . . . . . . . . . . . . . . . . . . . . . . 65
13.3 Perfect fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

14 Automorphisms of algebraic objects 68

14.1 Automorphism examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
14.2 Automorphisms of field extensions . . . . . . . . . . . . . . . . . . . . . . . . . . 69

15 The Fundamental Theorem of Galois Theory 72

15.1 Subfields from subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
15.2 Splitting fields and Galois groups . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
15.3 Fixed fields and some linear algebra . . . . . . . . . . . . . . . . . . . . . . . . . 73
15.4 Normal and separable extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
15.5 The Fundamental Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

16 Examples of Galois groups 80

16.1 Galois groups for finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
16.2 Cyclic extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
16.3 An example with a dihedral galois group . . . . . . . . . . . . . . . . . . . . . . . 86

17 The insolvability of the quintic 89

17.1 Some group theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
17.2 Radical extensions and the main result . . . . . . . . . . . . . . . . . . . . . . . . 90
17.3 Cyclotomic extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
17.4 Van Der Monde matrices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

3
 17.5 Main result on solvable extensions . . . . . . . . . . . . . . . . . . . . . . . . . . 92
17.6 Normal radical extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
17.7 Insolvability of higher degree equations . . . . . . . . . . . . . . . . . . . . . . . . 96

18 The symmetric group as Galois group 97

18.1 How to find a suitable polynomial . . . . . . . . . . . . . . . . . . . . . . . . . . 98
18.2 Using calculus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
18.3 An algebraic tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
18.4 Example for rational field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
18.5 Example for rational field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
18.6 Rational function field with real coefficients . . . . . . . . . . . . . . . . . . . . . 102

19 Elementary symmetric functions 103

4
1 Commutative rings
1.1 Definitions
Definition 1.1.1. A ring R is an additive abelian group together with an operation of multipli-
cation R × R → R given by (a, b) 7→ a · b such that the following axioms hold:

• multiplication is associative

• multiplication distributes over addition: for every a, b, c ∈ R we have

a(b + c) = ab + ac

and
(b + c)a = ba + ca.
We often just denote multiplication by juxtaposition: i.e. we may write ab instead of a · b
for a, b ∈ R

We say that the ring R is commutative if the operation of multiplication is commutative; i.e.
if ab = ba for all a, b ∈ R.
And we say that R has identity if multiplication has an identity, i.e. if there is an element
1R ∈ R such that a · 1R = 1R · a = a for every a ∈ R.
Usually we write1 for 
1R . The idea is that 1R is the multiplicative identity of R. For example,
1 0
the identity matrix is the multiplicative identity 1R of the matrix ring R = Mat2 (R).
0 1
In these notes, unless otherwise indicated a ring is assumed to be commutative and to have
identity.
Here are some examples of commutative rings:
Example 1.1.2. (a) Z the ring of integers, Q the ring of rational numbers, R the ring of real
numbers, C the ring of complex numbers.

(b) if X is a set and if R is a commutative ring, the set X R of all R-valued functions on X can
be viewed as a commutative ring where the sum and product of functions f : X → R are
defined “pointwise”.

1.2 Polynomial rings

If R is a commutative ring, the collection of all polynomials in the variable T having coefficients
in R is denoted R[T ].
Notice that the set of monomials S = {T i | i ∈ N} has the following properties:

(M1) every element of R[T ] is an R-linear combination of elements of S. This just amounts to
the statement that every polynomial f (T ) ∈ R[T ] has the form

X
N
f (T ) = ai T i
i=0

for a suitable N ≥ 0 and suitable coefficients ai ∈ R.

5
(M2) the elements of S are linearly independent i.e. if

X
N
ai T i = 0 for ai ∈ R,
i=0

then ai = 0 for every i.

Polynomials in R[T ] can be added in a natural way. (This is just like adding vectors in a
vector space).
And there is a product operation on polynomials, as follows:
X
N X
M
if f (T ) = ai T i and g(T ) = bi T i then
i=0 i=0

NX
+M X
f (T ) · g(T ) = ci T i where ci = a s bt .
i=0 s+t=i

Proposition 1.2.1. R[T ] is a commutative ring with identity.

6
2 Properties of rings
2.1 Ring Homomorphisms
Definition 2.1.1. If R and S are rings, a function ϕ : R → S is called a ring homomorphism
provided that

(a) ϕ is a homomorphism of additive groups,

(b) ϕ preserves multiplication; i.e. for all x, y ∈ R we have ϕ(xy) = ϕ(x)ϕ(y), and

(c) ϕ(1R ) = 1S .

Definition 2.1.2. The kernel of the ring homomorphism ϕ : R → S is given by

ker ϕ = ϕ−1 (0) = {x ∈ R | ϕ(x) = 0};

thus ker ϕ is just the kernel of ϕ viewed as a homomorphism of additive groups.

Here are some properties of the kernel:

(K1) ker ϕ is an additive subgroup of R

(K2) for every r ∈ R and every x ∈ ker ϕ we have rx ∈ ker ϕ.

2.2 Ideals of a ring

For simplicity suppose that the ring R (and S) are commutative rings.
Definition 2.2.1. A subset I of R is an ideal provided that

(a) I is an additive subgroup of R, and

(b) for every r ∈ R and every x ∈ I we have rx ∈ I.

We sometimes describe condition (b) by saying that “I is closed under multiplication by every
element of R”.
The proof of the following is immediate from definitions:

Proposition 2.2.2. If ϕ : R → S is a ring homomorphism , then ker ϕ is an ideal of R.

Remark 2.2.3. In any commutative ring R the trivial subgroup 0 = {0} is an ideal, and the
subgroup R itself is also an ideal.

2.3 Quotient rings

Let R be a commutative ring and let I be an ideal of R.
Since I is a subgroup of the (abelian) additive group R, we may consider the quotient group
R/I. Its elements are (additive) cosets a + I for a ∈ R.
It follows from the definition of cosets that the a + I = b + I if and only if b − a ∈ I.
The additive group can be made into a commutative ring by defining the multiplication as
follows:

7
 For a + I, b + I ∈ R/I (so that a, b ∈ R), the product is given by

(a + I)(b + I) = ab + I.

In order to make this definition, one must confirm that this rule is well-defined. Namely, if
we have equalities a + I = a′ + I and b + I = b′ + I, we need to know that

(a + I)(b + I) = (a′ + I)(b′ + I).

Applying the definition, we see that we must confirm that

ab = I = a′ b′ + I.

For this, we need to argue that a′ b′ − ab ∈ I.

Since a + I = a′ + I, we know that a′ − a = x ∈ I and since b + I = b′ + I we know that
′
b − b = y ∈ I.
Thus a′ = a + x and b′ = b + y. Now we see that

a′ b′ = (a + x)(b + y) = ab + ay + xb + xy

Since I is an ideal, we see that ay, xb, xy ∈ I henc ay + xb + xy ∈ I. Now conclude that
a′ b′ + I = ab + I as required.
It is now straightforward to confirm that the ring axioms hold for the set R/I with these
operations.
Proposition 2.3.1. If I is an ideal of the commutative ring R, then R/I is a commutative ring
with the addition and multiplication just described.

2.4 Principal ideals

Definition 2.4.1. If R is a commutative ring and a ∈ R, the principal ideal generated by a –
written Ra or hai – is defined by

Ra = hai = {ra | r ∈ R}.

Proposition 2.4.2. For a ∈ R, Ra is an ideal of R.

Example 2.4.3. Let n ∈ Z>0 and consider the principal ideal nZ of the ring Z generated by
n ∈ Z.
As an additive group, nZ is the infinite cyclic group generated by n.
The quotient ring Z/nZ is the finite commutative ring with n elements; these elements are
precisely the congruence classes of integers modulo n.

2.5 Isomorphism Theorem

Theorem 2.5.1. Let R, S be commutative rings with identity and let ϕ : R → S be a ring
homomorphism. Assume that ϕ is surjective (i.e. onto). Then ϕ determines an isomorphism
ϕ : R/I → S where I = ker ϕ, where ϕ is determined by the rule

ϕ(a + I) = ϕ(a) for a ∈ R.

8
Proof. First, you must confirm that ϕ is well-defined; i.e. that if a + I = a′ + I then ϕ(a + I) =
ϕ(a′ + I).
Next, you must confirm that ϕ is a ring homomorphism (this is immediate from the definition
of ring operations on R/I).
Finally, you must confirm that ker ϕ = {0}, where here 0 refers to the additive identity of
the quotient ring R/I. This additive identity is of course the trivial coset I = 0 + I ∈ R/I.

2.6 A Homorphism from the polynomial ring to the scalars

Let F is a field and let a ∈ F . consider the mapping

Φ : F [T ] → F

given by Φ(f (T )) = f (a). Namely, applying Φ to a polynomial f (T ) results in the value f (a) of
f (T ) at a.
The definition of multiplication in F [T ] guarantees that Φ is a ring homomorphism.

9
3 Polynomials over a field and the division algorithm
3.1 Some general notions for commutative rings
Definition 3.1.1. If R is a commutative ring with 1 and if u ∈ R we say that u is a unit - or that
u is invertible - provided that there is v ∈ R with uv = 1; then v = u−1 .
We write R× for the units in R.
A commutative ring R is a field provided that every non-zero element is invertible. Thus R
is a field if R× = R \ {0}.
Proposition 3.1.2. If R is a commutative, then R× is an abelian group (with operation the
multiplication in R).
For any commutative ring R and elements a, b ∈ R we say that a divides b – written a | b –
if ∃x ∈ R with ax = b.
Proposition 3.1.3. For a, b ∈ R we have a | b if and only if b ∈ hai.
Recall that we introduced the principal ideal hai = aR for any commutative ring R and any
a ∈ R. In fact, given a1 , · · · , an ∈ R we can consider the ideal
X
n
ha1 , · · · , an i = ai R
i=1

defined as ( )
X
n
ha1 , · · · , an i = ri ai |ri ∈ R .
i=1

It is straightforward to check that ha1 , · · · , an i is indeed an ideal of R.

Definition 3.1.4. A non-zero element a ∈ R is said to be a 0-divisor provided that there is
0 6= b ∈ R with ab = 0.
Example 3.1.5. Let n be a composite positive integer, so that n = ij for integers i, j > 0.
Consider the elements [i] = i + nZ, [j] = j + nZ in the quotient ring Z/nZ.
Then [i] and [j] are both non-zero since 0 < i, j < n so that n - i and n - j. But [i]·[j] = [n] = 0
so that [i] and [j] are 0-divisors of the ring Z/nZ.
Definition 3.1.6. A commutative ring R is said to be an integral domain provided that it has no
zero-divisors.
Example 3.1.7. (a) Any field is an integral domain.

(b) The ring Z of integers is an integral domain.

(c) Any subring of an integral domain is an integral domain.

For example, the ring Z[i] = {a + bi | a, b ∈ Z} of gaussian integers is an integral domain.

(d) Z/nZ is not an integral domain whenever n is composite.

(e) If R and S are commutative rings, the direct product R × S is never an integral domain.
Indeed, the elements (1, 0) and (0, 1) are 0-divisors.
Lemma 3.1.8. (Cancellation) Let R be an integral domain and let a, b, c, ∈ R with c 6= 0. If
ac = bc then a = b.

10
Proof. The equation ac = bc implies that ac − bc = 0 so that (a − b)c = 0 by the distributive
property. Since R has no zero divisors and since c 6= 0 by assumption, conclude that a − b = 0
i.e. that a = b.

Proposition 3.1.9. Let R be an integral domain and let d, d′ ∈ R \ {0}. If hdi = hd′ i then d
and d′ are associate.

Proof. Since d ∈ hdi we may write d = xd′ and since d′ ∈ hdi we may write d′ = yd. Now we
see that d = xd′ = xyd. Since d 6= 0 cancellation (Lemma 3.1.8) implies that xy = 1. Thus
x, y ∈ R× and indeed d, d′ are associate.

3.2 An important result on polynomial rings

Proposition 3.2.1. Let R and S be rings, let ϕ : R → S be a ring homomorphism, and let
α ∈ S be an element. There is a unique ring homomorphism

Ψ : R[T ] → S

such that Ψ(T ) = α and such that Ψ|R = ϕ.

Proof. Let f, g ∈ R[T ], say

X
n X
m
f= ai T i and g = bi T i
i=0 i=0

be elements of R[T ].
Pmax(n,m)
To see that Ψ is an additive homomorphism, note that f + g = i=0 (ai + bi )T i so that

X
max(n,m)
X
n X
m
i i
Ψ(f + g) = (ai + bi )α = ai α + bi αi = Ψ(f ) + Ψ(g)
i=0 i=0 i=0
Pn+m P
Similarly, to see that Ψ is multiplicative, note that f g = i=0 ci T i where ci = s+t=i as bt .
Now, ! m !
X
n+m Xn X
Ψ(f g) = ϕ(ci )αi = ϕ(ai )αi ϕ(bi )αi = Ψ(f ) · Ψ(g)
i=0 i=0 i=0

3.3 The degree of a polynomial

Let F be a field and consider the ring of polynomials F [T ].
Definition 3.3.1. The degree of a polynomial f = f (T ) ∈ F [T ] is defined to be deg(f ) = −∞ if
f = 0, and otherwise deg(f ) = n where

X
n
f= ai T i with each ai ∈ F and an 6= 0.
i=0

We have some easy and familiar properties of the degree function:

Proposition 3.3.2. Let f, g ∈ F [T ].

11
(a) deg(f g) = deg(f ) + deg(g).
(b) deg(f + g) ≤ max{deg(f ), deg(g)} and equality holds if deg(f ) 6= deg(g).
(c) f ∈ F [T ]× if and only if deg(f ) = 0. In particular, F [T ]× = F × .

Corollary 3.3.3. For a field F , the polynomial ring F [T ] is an integral domain.

Proof. Let f, g ∈ F [T ] and suppose that f g = 0. We must argue that either f = 0 or g = 0.

Proposition 3.3.4. Let f, g ∈ F [T ]. If g 6= 0 and deg g < deg f then [g] = g + hf i is a non-zero
element of F [T ]/hf i.

3.4 The division algorithm

Theorem 3.4.1. Let F be a field, and let f, g ∈ F [T ] with 0 6= g. Then there are polynomials
q, r ∈ F [T ] for which
f = qg + r
and deg r < deg g.
Proof. First note that we may suppose f to be non-zero. Indeed, if f = 0, we just take q = r = 0.
Clearly f = qg + r, and deg(r) = −∞ < deg(g) since g is non-zero.
We now proceed by induction on deg(f ) ≥ 0.
For the base case in which deg(f ) = 0, we note that f = c is a constant polynomial; here
c ∈ F ×.
If deg(g) = 0 as well, then g = d ∈ F × and then c = (c/d)d + 0 so we may take q = c/d and
r = 0. Now deg(r) = −∞ < deg(g) as required.
If deg(g) > 0, we simply take q = 0 and r = f : we then have f = 0 · g + f and deg(f ) = 0 <
deg(g) as required.
We have now confirmed the Theorem holds when deg(f ) = 0.
Proceeding with the induction, we now suppose n > 0 and that the Theorem holds whenever
f has degree < n. We must prove the Theorem holds when f has degree n.
Since f has degree n, we may write f = an T n + f0 where an ∈ F × and f0 ∈ F [T ] has
deg(f0 ) < n.
Let us write g = deg(g); we may write g = bm T m + g0 where bm ∈ F × and g0 ∈ F [T ] has
deg(g0 ) < m.
If n < m we take q = 0 and r = f to find that f = qg + r and deg(r) < deg(g).
Finally, if m ≤ n we set
 
an an n−m an n−m
f1 = f − (an /bm )T n−m
g = an T + f0 −
n n
bm T + T g 0 = f0 − T g0 .
bm bm bm
 
an n−m
We have deg(f0 ) < n by assumption, and deg T g0 < n by the Proposition together
bm
with the fact that deg(g0 ) < m.
Thus deg(f1 ) < n. Now we apply the induction hypothesis to write
f 1 = q 1 g + r1 with deg(r1 ) < deg(g).
Finally, we have


f = f1 + (an /bm )T n−m g = q1 g + r1 + (an /bm )T n−m g = q1 + (an /bm )T n−m g + r1
so we have indeed written f = qg + r in the required form.

12
Corollary 3.4.2. Let F be a field and let f ∈ F [T ]. For a ∈ F , there is a polynomial q ∈ F [T ]
for which
f = q(T − a) + f (a).

Corollary 3.4.3. For f ∈ F [T ] an element a ∈ F is a root of the polynomial f if and only if

T − a | f in F [T ]. In particular, if d = deg(f ), f has no more than d distinct roots in F .

Proof. The first statement is clear from Corollary 3.4.2. Now consider the distinct roots

α1 , · · · , α e ∈ F

of f . Then T − α1 divides f so that f = (T − α1 )f1 for some f1 ∈ F [T ]. Since α2 is a root of f

we see that
0 = f (α2 ) = (α2 − α1 )f1 (α2 )
which shows that α2 is a root of f1 since α1 6= α2 . Thus we find that

f = (T − α1 )(T − α2 )f2
Q
for some f2 ∈ F [T ]. Continuing in this way we find that ei=1 (T −αi ) divides f , so that e ≤ deg f
by Proposition 3.3.2.

13
4 Ideals of the polynomial ring
4.1 Description of ideals of the polynomial ring
Corollary 4.1.1. Let F be a field and let I be an ideal of the ring F [T ]. Then I is a principal
ideal; i.e. there is g ∈ I for which
I = hgi = g · F [T ].

Proof. If I = 0 the results is immediate. Thus we may suppose I 6= 0.

Consider the set {deg(g)|0 6= g ∈ I}. This is a non-empty set of natural numbers, hence it
contains a minimal element by the well-ordering principle .
Choose g ∈ I such that deg(g) is this minimal degree; we claim that I = hgi.
Clearly hgi ⊆ I. To complete the proof, it remains to establish the inclusion I ⊆ hgi. Let
f ∈ I and use the Division Algorithm to write f = qg + r for q, r ∈ F [T ] with deg r < deg g.
Observe that f − qg ∈ I so that r ∈ I. Since deg r < deg g conclude that r = 0. This shows
that f = qg ∈ hgi as required, completing the proof.

Let F be a field, F [T ] be the ring of polynomials with coefficients in F , let f, g ∈ F [T ] be

polynomials which are not both 0.
Definition 4.1.2. The greatest common divisor gcd(f, g) of the pair f, g is a monic polynomial
d such that

(a) d | f and d | g,

(b) if e ∈ F [T ] satisfies e | f and e | g, then e | d.

Remark 4.1.3. If d, d′ are two gcds of f, g then d | d′ and d′ | d. In particular, deg(d) = deg(d′ )
and d′ = αd for some α ∈ F × . It is then clear that there is no more than one monic polynomial
satisfying i. and ii.
Note that f, g are not both 0 if and only if the ideal hf, gi is not 0.

Proposition 4.1.4. (a) hf, gi is an ideal. Since F [T ] is a principal ideal domain by Corol-
lary 4.1.1, there is a monic polynomial d ∈ F [T ] with

hdi = hf, gi.

Then d = gcd(f, g)

(b) In particular, d = gcd(f, g) may be written in the form d = uf + vg for u, v ∈ F [T ].

Proof. For a., write I = hf, gi = hdi. Since f, g ∈ I, the definition of hdi shows that d | f and
d | g.
Now suppose that e ∈ F [T ] and that e | f and e | g. Then f, g ∈ hei which shows that
hf, gi ⊆ hei.
But this implies that hdi ⊆ hei so that e | d as required. Thus we see that d is indeed equal
to gcd(f, g).
Since d ∈ hdi = hf, gi, assertion b. follows from the definition of hf, gi.

14
4.2 Principal ideal domains (PIDs)
Definition 4.2.1. An integral domain R is said to be a principal ideal domain (abbreviated
PID) provided that every ideal I of R has the form

I = hai for some a ∈ R;

i.e. provided that every ideal of R is principal.

Example 4.2.2. (a) The ring Z of integers is a PID.

(b) For any field F , the ring F [T ] of polynomials is a PID - this follows from the Corollary to
the divison algorithm, above.
√
(c) The rings Z[i] and Z[ 2] are PIDs – to see this one can argue that these rings are Euclidean
domains and then one proves that any Euclidean domain is a PID.

4.3 PIDs and greatest common divisors

Let R be a PID.
The results about gcd in the polynomial ring proved in Section 4.1 actually hold in the
generality of the PID R. We quickly give the statements:
Definition 4.3.1. Let a, b ∈ R such that ha, bi 6= 0. A gcd of a and b is an element d ∈ R such
that

(i) d | a and d | b (in words: “d is a common divisor of a and b”)

(ii) if e | a and e | b then e | d. (in words: “any common divisor of a and b divides d”)

Lemma 4.3.2. If R is a PID and if d and d′ are gcds of a and b then d and d′ are associates.

Proof. This follows from Proposition 3.1.9

Proof. Using the definition of gcd we see that d | d′ and d′ | d. Thus d′ = dv and d = d′ u for
u, v ∈ R.
This shows that d′ = dv = d′ uv. Using cancellation, find that 1 = uv so that u, v ∈ R× .

Remark 4.3.3. This definition of course covers the cases when R = Z and when R = F [T ]. The
main thing to point out is that when R = Z, there is a unique positive gcd for any pair a, b ∈ Z
and when R = F [T ] there is a unique monic gcd for any pair f, g ∈ F [T ].
For a general PID there need not be a natural choice of gcd, so for x, y ∈ R we can only
speak of gcd(x, y) up to multiplication by a unit of R.

Proposition 4.3.4. Let R be a PID and let x, y ∈ R with hx, yi 6= 0.

(a) Since R is a PID, we may write find d ∈ R with

hdi = hx, yi.

Then d = gcd(x, y).

(b) In particular, d = gcd(x, y) may be written in the form d = ux + vv for u, v ∈ R.

15
 To prove Proposition 4.3.4 proceed as in the proof of Proposition 4.1.4.

Proposition 4.3.5.Let R be a PID and let a, b ∈ R not both 0. Put d = gcd(a, b), so that
a b a b
, ∈ R. Then gcd , = 1.
d d d d
Proof. According to Proposition 4.3.4 (b), we may write d = ax + by for suitable x, y ∈ R. Since
a b
d | a we know that ∈ R; similarly ∈ R. We now see that
d d
 
a b a b
d=d x+d y =d x+ y ;
d d d d

now applying cancellation – i.e. Lemma 3.1.8 – we conclude that

a b
1= x + y.
d d
 
a b a b
This shows that 1 ∈ , , the ideal generated by and . But this implies that
  d d   d d
a b a b
R ⊆ , so that h1i = R = , . According to Proposition 4.3.4 this proves that
 d d d d
a b
gcd , = 1 as required.
d d

16
5 Prime elements and unique factorization
5.1 Irreducible elements
Let R be a principal ideal domain.
Definition 5.1.1. A non-zero element p ∈ R is said to be irreducible provided that p 6∈ R× and
whenever p = xy for x, y ∈ R then either x ∈ R× or y ∈ R× .
Remark 5.1.2. Assume that p, a ∈ R with p irreducible. Then either gcd(p, a) = 1 or gcd(p, a) =
p.

Proposition 5.1.3. p ∈ R is irreducible if and only if (♣): whenever a, b ∈ R and p | ab then

either p | a or p | b.

Proof. (⇒): Assume that p is irreducible, suppose that a, b ∈ R and that p | ab. We must show
that p | a or p | b.
For this, we may as well suppose that p - a; we must then prove that p | b. Since p - a, we
see that gcd(a, p) = 1 by the Remark above. Then ua + vp = 1 for elements u, v ∈ R.
Now we see that
b = 1 · b = (ua + vp) · b = uab + vpb.
Since p | ab we see that p | uab + vpb which proves that p | b, as required.
(⇐): Assume that condition (♣) holds for p. We must show that p is irreducible. For this,
assume p = xy for x, y ∈ R; we must show that either x ∈ R× or y ∈ R× .
Since p = xy, in particular p | xy and we may apply (♣) to conclude without loss of generality
that p | x.
Write x = pa. We now see that p = xy = pay; by cancellation, find that 1 = ay so that
y ∈ R× . We conclude that p is irreducible, as required.

Remark 5.1.4. For any integral domain R, we can speak of irreducible elements defined as in
Definition 5.1.1. And we can speak of prime elements, where an element p ∈ R is prime if it
satisfies condition (♣) of Proposition 5.1.3. In this language, Proposition 5.1.3 shows that in a
PID, an element is prime iff it is irreducible.

Corollary 5.1.5.Qn Let R be a PID, let p, a1 , · · · , an ∈ R with p prime, and suppose that p |
a1 a2 · · · an = i=1 ai . Then p | ai for some 1 ≤ i ≤ n.

Example 5.1.6. Let F a field and let f ∈ F [T ] be a non-constant polynomial; i.e. deg(f ) > 0. If
f is reducible there are polynomials g, h ∈ F [T ] for which f = gh and deg(g), deg(h) > 0.
Example 5.1.7. If f ∈ F [T ] is reducible (i.e. not irreducible) then the quotient ring F [T ]/hf i is
not an integral domain.
Indeed, write f = gh for g, h ∈ F [T ] non-units. Thus deg f > deg g, deg h > 0 by Proposi-
tion 3.3.2. According to Proposition 3.3.4, the classes [g], [h] ∈ F [T ] are non-zero, but [g] · [h] =
[f ] = 0 Thus F [T ]/hf i has zero divisors and is not an integral domain.

5.2 Unique factorization in a PID

The Fundamental Theorem of Arithmetic says that any integer n > 1 may factored uniquely as
a product of primes. This result holds for any PID, as follows:

Theorem 5.2.1. Let R be a PID, let 0 6= a ∈ R, and suppose that a is not a unit.

17
(a) There are irreducible elements p1 , p2 , · · · , pn ∈ R such that a = p1 · p2 · · · pn .

(b) if q1 , · · · , qm ∈ R are irreducibles such that a = q1 · · · qm then n = m and – after possibly

reordering the qi – there are units ui ∈ R× for which qi = ui pi for each i.

Proof. We first prove (a). For this, we first prove the following claim:
(∗): if the conclusion of (a) fails, there is a sequence of elements a1 , a2 , · · · ∈ R \ R× with the
property that for each i ≥ 1 we have: (i) ai+1 | ai and (ii) ai+1 and ai are not associate.
To prove (∗), let x1 = a. Now suppose we have found elements a1 , a2 , · · · , an such that for
each 1 ≤ i ≤ n conditions (i) and (ii) hold, and such that the conclusion of (a) fails for an . In
particular, an is reducible, so we may write an = xy with x, y ∈ R and x, y 6∈ R× . Without
loss of generality, we may suppose that the conclusion of (a) fails for x and we set an+1 = x.
By construction, an+1 | an ; moreover an+1 and an are not associates. Thus we have proved by
induction that (∗) holds.
To prove (a), we will now show that (∗) leads to a contradiction.
Let {ai } be a sequence of elements as in (∗) and let I be given by
[
I= hai i.
i≥1

Since
ha1 i ⊆ ha2 i ⊆ ha3 i ⊆ · · ·
it is straightforward to see that I is an ideal. Since R is a PID, we may write I = hdi for some
d ∈ R. By the definition of I, we may find an index N for which d ∈ haj i for each j ≥ N .
Fix j ≥ N . We may write d = x · aj for x ∈ R.
On the other hand, haj i ⊆ hdi, we we may write aj = y · d for y ∈ R.
We now see that d = x · aj = xyd so that x, y ∈ R× by cancellation (Lemma 3.1.8). Thus d
and aj are associates so that hdi = haj i. In particular, we have proved that

hdi = haN i = haN +1 i = haN +2 i = · · ·

contradicting the assumption (ii) that aj+1 and aj are not associates. This contradiction proves
(a).
We now prove (b). We are given an equality

p1 · · · p n = q 1 · · · q m

with pi , qj irreducible and n, m ≥ 1.

We proceed by induction on the minimum min(n, m), and without loss of generality we
suppose that n ≤ m so that n = min(n, m).
In case n = 1, our assumption is p1 = q1 · · · qm . Applying Corollary 5.1.5 we see that pi | qj
for some 1 ≤ j ≤ m. Since pi and qj are irreducible, we see that qj = u · p1 for some unit u ∈ R×
Thus Y
p1 = u · p1 · qi .
i̸=j
Q
Applying cancellation (Lemma 3.1.8) we see u · i̸=j qi = 1 so that qi ∈ R× for i 6= j. Thus
m = 1 and p1 and q1 are associates, as required. This confirms the base-case of the induction.
Now suppose that n > 1 and that the result is known when the element has an expression as
a product of < n irreducibles.

18
 Thus we have
p1 · · · p n = q 1 · · · q m
and m ≥ n. Now pn | q1 · · · qm and as before we see for some 1 ≤ j ≤ m that qj = upn for a unit
u ∈ R× . Without loss of generality we may suppose that j = m. We find

p1 · · · pn−1 · pn = u · pn · q1 · · · qm−1

Applying cancellation (Lemma 3.1.8) we find that

p1 · · · pn−1 = uq1 · · · qm−1

Replacing q1 by the irreducible uq1 , we can view the right-hand side as a product of m − 1
irreducibles. Since m−1 ≥ n−1 we may apply the induction hypothesis to find that m−1 = n−1
and that after re-ordering we have pi associate to qi for 1 ≤ i ≤ m − 1. Since pn and qm are
associate as well, this proves (b).

19
6 The Field of fractions of an Integral Domain
Recall Example 3.1.7 that any subring of a field is an integral domain. We now want to argue
that the converse to this statement is true, as well. Namely, an integral domain R is a subring
of a field. In fact, we are essentially going to give a construction of such a field from R.
Let’s fix an integral domain R. To confirm the suggested converse to the above Corollary, we
must construct a field F and an inclusion i : R ⊆ F .
Of course, if we have such a mapping i, then for any 0 6= b ∈ R, the element i(b) is non-zero
1
in F and hence i(b)−1 = should be an element of F (even though i(b)−1 is possibly not an
i(b)
1
element of R). For any a ∈ R we should be able to multiply i(a) and in F to form the
i(b)
i(a) a i(a)
fraction . If we choose to identify R with the image i(R), we might simply write =
i(b) b i(b)
for this fraction.
a
So if the field F exists, it must contain all fractions for a, b ∈ R with 0 6= b.
b
In fact, we are going to construct a field F by formally introducing such fractions.
Consider the set W = {(a, b) | a, b ∈ R, b 6= 0} and define a relation ∼ on the set W by the
condition

(a, b) ∼ (s, t) ⇐⇒ at = bs.

This relation is motivated by the observation that for fractions in a field F we have
a s
= ⇐⇒ at = bs.
b t
One needs to check the following:

Proposition 6.0.1. ∼ defines an equivalence relation on W .

Proof. We must confirm properties of ∼:

(reflexive) if (a, b) ∈ W , then ab = ba =⇒ (a, b) ∼ (a, b).

(symmetric) if (a, b), (s, t) ∈ W then

(a, b) ∼ (s, t) =⇒ at = bs =⇒ sb = ta =⇒ (s, t) ∼ (a, b).

(transitive) Let (a, b), (s, t), (u, v) ∈ W and suppose that (a, b) ∼ (s, t) and (s, t) ∼ (u, v). The
assumptions mean that at = bs and sv = tu.
Multiplying the equation at = bs by v on each side, we see that

atv = bsv =⇒ atv = btu =⇒ (av)t = (bu)t;

since t 6= 0 and since the cancellation law holds in an integral domain – see Lemma 3.1.8,
conclude av = bu. Hence (a, b) ∼ (u, v) which confirms the transitive law.

20
 We are now going to show that the fractions - i.e. the equivalence classes in W – form a field.
We define Q = Q(R) to be the set of equivalence classes of W under the equivalence relation ∼.
a
We write = [(a, b)] for the equivalence class of (a, b) ∈ W . Thus Q is the set of (formal)
b
fractions of elements of R, and
a s
= ⇐⇒ (a, b) ∼ (s, t) ⇐⇒ at = bs
b t
It remains to argue that Q has the structure of a field. To do this, we must define binary
operations + and · on the set Q and check that they satisfy the correct axioms.
Define addition of fractions: for a, b, s, t ∈ R with b, t 6= 0,

a s at + bs
(♣) + = .
b t bt
And define multiplication of fractions:
a s as
(♦) · = .
b t bt
Theorem 6.0.2. For an integral domain R, the set Q(R) of fractions of R forms a field with
the indicated addition and multiplication.

Sketch of proof. What must be checked??

a a′ s s′
• must first confirm that (♣) is well-defined! i.e. if a′ , b′ , s′ , t′ ∈ R with = ′ and = ′ ,
b b t t
a s a′ s′
we must check that + = ′ + ′ ; i.e. that
b t b t
at + bs a ′ t′ + b′ s ′
= .
bt b′ t′

This is straightforward if a bit tedious.

0
• One readily checks that 0 = is an identity for the binary operation + on Q.
1
• One readily checks that + is commutative for Q.
−a a
• One readily checks that is an additive inverse for .
b b
• With some more effort, one confirms that + is associative on Q; i.e. for α, β, γ ∈ Q

(α + β) + γ) = α + (β + γ).

Thus (Q, +) is an abelian group. Now consider the operation ♦) of multiplication.

a a′ s s′
• must again confirm that (♦) is well-defined! i.e. if a′ , b′ , s′ , t′ ∈ R with = ′ and = ′ ,
b b t t
a s a′ s ′
we must check that · = ′ · ′ ; i.e. that
b t b t
as a′ s ′
= ′ ′.
bt bt

21
 1
• One readily checks that 1 = is an identity for the binary operation · on Q.
1
• One readily checks that · is commutative for Q.

• With some more effort, one confirms that · is associative on Q; i.e. for α, β, γ ∈ Q

(α · β) · γ = α · (β · γ).

• Next, one must confirm the distributive law: for α, β, γ ∈ Q,

α(β + γ) = αβ + αγ.

Phew!

Remark 6.0.3. Despite the details of the preceding proof, all that is happening is confirming
properties of operations of fractions that you have used since grade-school. . .
Now, we want to emphasize a crucial property of the field of fractions of an integral domain.
Let Q(R) be the field constructed above, and note that there is a natural ring homomorphism
r
i : R → Q(R) given by r 7→ i(r) = for r ∈ R. This homomorphism is one-to-one: indeed, if
1
r 0
= 0 = , then r · 1 = 0 · 1 =⇒ r = 0. Thus, we may identify R with a subring of Q(R).
1 1
Proposition 6.0.4. Let R be an integral domain, let ϕ : R → S be any ring homomorphism,
and suppose that for all 0 6= d ∈ R, ϕ(d) ∈ S × - i.e. ϕ(d) is a unit in S. Then there is a unique
homomorphism ϕe : Q(R) → S with the property that ϕe|R = ϕ.
a a 1
Proof. Let x ∈ Q(R) be any element. Thus x = = · for a, b ∈ R with b 6= 0.
b 1 b
e If ϕe is a ring homomorphism, then
Let’s first argue that uniqueness of ϕ.

e · 1 ) = ϕ(b)ϕ(
e = ϕ(b
1 = ϕ(1) e 1 ) =⇒ ϕ(
e 1 ) = ϕ(b)−1
b b b
Since ϕe is a ring homomorphism, we must have

(♣) e
ϕ(x) e a )ϕ(
= ϕ( e 1 ) = ϕ(a) · ϕ(b)−1
1 b
which confirms the uniqueness.
It now only remains to check that the rule (♣) determines a ring homomorphism, which is
straightforward.

Example 6.0.5. The field of rational functions

Let F be a field, and consider R = F [T ] the ring of polynomials. This is in integral domain,
and its field of fractions Q(R) is usually written F (T ) and is known as the field of rational
functions over F .
Note that  
f
F (T ) = | f, g ∈ F [T ], g 6= 0 ;
g
f
thus elements of F (T ) are fractions whose numerator and denominator are polynomials; we
g
usually call such expressions rational functions.

22
7 Irreducible polynomials over a field
7.1 Fields as quotient rings
Proposition 7.1.1. Let R be a PID and let p ∈ R be an irreducible element. Then the quotient
ring A = R/hpi is a field.

Proof. Let α ∈ A be non-zero. To prove that A is a field, we must show that α has a multiplicative
inverse. Thus α has the form h + hpi and since α 6= 0 we know that p - h. Since p is irreducible,
Remark 5.1.2 shows that gcd(p, h) = 1.
Thus according to Proposition 4.3.4 there are elements x, y ∈ R for which

1 = xp + yh

Let β = y + hpi ∈ A. Then

αβ = yh + hpi = 1 + hp
since yh ≡ 1 (mod p). Thus β is the multiplicative inverse of α in A.

Example 7.1.2. • Z/pZ is a field for a prime number p.

As a special case of Proposition 7.1.1, we have:

Corollary 7.1.3. Let F be a field and let f be an irreducible polynomial in F [T ]. Then A =

F [T ]/hf i is a field.

For small degree polynomials, one can confirm irreducibility just by considering roots, as
follows:

Proposition 7.1.4. Let F be a field and let f ∈ F [T ] be a polynomial with deg(f ) ≤ 3. If f has
no root in F then f is irreducible.

Proof. Suppose that f is reducible, say f = gh with deg(g), deg(h) > 0. Since deg(f ) ≤ 3 and
since deg(g) + deg(h) = deg(f ) by Proposition 3.3.2, we see that at least one of g or h must have
degree 1; without loss of generality we suppose deg(g) = 1.
−b
Thus g = aT + b for a, b ∈ F with a 6= 0. Set α = ∈ F and observe that f (α) =
a
g(α)h(α) = 0; thus f has the root α ∈ F .

Example 7.1.5. Let p be a prime number. Then the polynomial T 2 − p ∈ Q[T ] is irreducible. In
particular,
√
Q( p) = Q[T ]/hT 2 − pi
is a field.

7.2 The rational roots test

Theorem 7.2.1. Let R be a PID with field of fractions F and let f ∈ R[T ], say

f = a0 + a1 T + · · · + an T n

with ai ∈ R and an 6= 0.
x
If α = ∈ F is a root of f for x, y ∈ R and y 6= 0 and gcd(x, y) = 1 then x | a0 and y | an .
y

23
Proof. Since α is a root of f we have the equation
   n Xn  i
x x x
0 = f (α) = a0 + a1 + · · · + an = ai
y y y
i=0

in the field F . Multiplying by the non-zero element y n ∈ R we find the equation

X
n
0 = a0 y n + a1 xy n−1 + · · · + an xn = ai xi y n−i
i=0

in R.
Thus we see that
X
n X
n
a0 y = −(a1 xy
n n−1
+ · · · + an x ) = −
n i n−i
ai x y = −x ai xi−1 y n−i
i=1 i=1

which shows that x | a0 y n . Since gcd(x, y) = 1 also gcd(x, y n ) = 1. Now conclude that x | a0 .
Similarly, we see that

X
n−1 X
n−1
an xn = − ai xi y n−i = −y ai xi y n−i−1
i=0 i=0

which shows that y | an xn . Since gcd(xn , y) = 1 we conclude that y | an as required.

P
Remark 7.2.2. Let f = ni=0 ai T i ∈ R[T ] as in the statement of Theorem 7.2.1. According to
x
theorem, to find a root of f in the field of fractions F of R, we must consider all fractions α =
y
where gcd(x, y) = 1, where x is a divisor of a0 and where y is a divisor of an .
Writing a0 = p1p2 · · · pn and an = q1 q2 · · · qm for irreducibles pi and qj , we see that it is
possible in principle to make a list of all possible α and then check for each candidate whether
or note α is a root of f.
x
Example 7.2.3. Consider the polynomial f = T 3 − 3T 2 + 2T − 6 ∈ Z[T ]. For any root α = ∈ Q
y
with gcd(x, y) = 1 we must have that x | 6 and y | 1. Thus according to Theorem 7.2.1, the
possible rational roots are α = ±1, ±2, ±3, ±6.
Notice that if x ∈ R is negative, then f (x) < 0. Thus the possible rational roots are simple
α = 1, 2, 3, 6. We notice that f (1) = −6, f (2) = −6 and f (3) = 0. Using the division algorithm
we see that
T 3 − 3T 2 + 2T − 6 = (T 2 + 2)(T − 3)
It is now clear that 6 is not a root and that T 2 + 2 is irreducible. We f has exactly one rational
root, namely α = 3.

7.3 The Gauss Lemma

Let R be a PID with field of fractions F . The polynomial ring R[T ] is the subring of F [T ]
consisting of polynomials whose coefficients lie in R. In particular R[T ] is itself an integral
domain.
Remark 7.3.1. Note that in the case where R is already a polynomial ring F [X], we introduce a
new variable T different from X.

24
 P
Definition 7.3.2. The content content(f )of the element f = N i=0 ai T ∈ R[T ] where ai ∈ R is
i

defined to be
content(f ) = gcd(a0 , a1 , · · · , aN ).
We say that the polynomial f ∈ R[T ] is primitive if content(f ) = 1.
Lemma 7.3.3. Let f ∈ R[T ] be a non-zero polynomial and let c = content(f ) ∈ R. Then f may
be written f = cf0 where f0 ∈ R[T ] is primitive.
P
Proof. Write f = ni=0 ai T i with ai ∈ R. Then by definition we have c = gcd(a0 , · · · , an ). Note
ai
that c | ai for each i; we write bi = ∈ R.
Pn c
We set f0 = i=0 bi T ∈ R[T ] and notice that
i

X
n X
n
c · f0 = c · bi T i = ai T i = f
i=0 i=0

as required. Finally,
a an 
0
content(f0 ) = gcd(b0 , · · · , bn ) = gcd ,··· , =1
c c
by Proposition 4.3.5. Thus f0 is indeed primitive.

Lemma 7.3.4. Let p ∈ R be irreducible and consider the assignment

h 7→ h : R[T ] → (R/hpi)[T ]
PN
defined as follows: for h = i=0 ci T
i ∈ R[T ] with ci ∈ R, the polynomial h ∈ (R/hpi)[T ] is given
by
X
N
h= [ci ]T i
i=0

where [ci ] = ci + pR is the class of ci modulo pR.

(a) This assignment is a ring homomorphism.

(b) For h ∈ R[T ], h = 0 if and only if p | content(h).

Proof. (a) follows from Proposition 3.2.1. For (b), just observe that h = 0 if and only if p | ci
for every i.

Proposition 7.3.5. (“The Gauss Lemma”) If f, g ∈ R[T ] are primitive, then the product f g is
primitive.
Proof. Suppose on the contrary that there are primitive polynomials f, g ∈ R[T ] for which f g is
not primitive. Writing d = content(f g) for the content of the product, we know that hdi 6= R so
that d is divisible by some prime p ∈ R.
Consider the ring homomorphism h 7→ h of Lemma 7.3.4.
Now, p | content(f g) =⇒ 0 = f g = f · g. Since R/pR is a field, the ring (R/pR)[T ] is an
integral domain, so we may conclude that either f = 0 or g = 0.
But according to Lemma 7.3.4 (b), f = 0 =⇒ p | content(f ) and g = 0 =⇒ p | content(g).
This contradicts our assumption that 1 = content(f ) = content(g). Thus indeed content(f g) =
1.

25
Theorem 7.3.6. Suppose that f ∈ R[T ] is a primitive polynomial, and that g, h ∈ K[T ] are
polynomials for which f = gh in K[T ]. Then there are polynomials g1 , h1 ∈ R[T ] with deg g =
deg g1 and deg h = deg h1 for which f = g1 h1 in R[T ].
x z
Proof. Using Lemma 7.3.3, we may write g = g1 and h = h1 where g1 , h1 ∈ R[T ] are primitive
y w
and x, y, z, w ∈ R with y, w =
6 0. We now see that

(♥) yw · f = xz · g1 h1 .
Since f is primitive, notice that yw = content(ywf ). Moreover,the Gauss Lemma – i.e.
Proposition 7.3.5 – shows that g1 h1 is primitive; thus, we have content(xzg1 h1 ) = xz.
It follows that
hywi = hxzi
i.e. that (♣) u · yw = xz for a unit u ∈ R× – see Proposition 3.1.9.
But then (♥) and (♣) together show that yw · f = u · yw · g1 h1 and now the cancellation law
Lemma 3.1.8 in the integral domain R[T ] implies f = (ug1 ) · h1 which proves the Theorem.

7.4 Eisenstein’s irreducibility criterion

Theorem 7.4.1. Let p ∈ R be irreducible, and let

X
n
f= ai T i ∈ R[T ], (where ai ∈ R, 0 ≤ i ≤ n)
i=0

be a polynomial with an 6= 0. Suppose that p - an , that p | ai for 0 ≤ i ≤ n − 1 and that p2 - a0 .

Then f is irreducible when viewed as an element of F [T ].

Proof. Let c = content(f ). Then c 6≡ 0 (mod p) since p - an . Observe now that the polynomial
1
fe = f ∈ R[T ] still satisfies the assumptions of the Theorem. Since fe is irreducible in K[T ] if
c
and only if the same is true for f , it suffices to prove the Theorem when f = fe is primitive.
Now, according to Theorem 7.3.6 the irreducibility of f ∈ F [T ] will follow once we show that
if f = gh for g, h ∈ R[T ] then either deg g = 0 or deg h = 0. So suppose f = gh for g, h ∈ R[T ].
Consider the ring homomorphism f 7→ f : R[T ] → (R/pR)[T ] as in Lemma 7.3.4. As-
sumptions on the coefficients ai show f = gh to be a non-zero multiple of T n . Using unique
factorization in the principal ideal domain (R/pR)[T ] – see Theorem 5.2.1 –, it follows that g is
a non-zero multiple of T i and h is a non-zero multiple of T j where i + j = n and 0 ≤ i, j ≤ n.
Moreover i = deg g and j = deg h.
Now the Theorem follows since if i, j > 0 then p divides the constant term of both g and h,
and then p2 | a0 contradicting our assumption.

Example 7.4.2. (a) Let p be a prime integer, let n ≥ 1 and let f = T n − p. Then Theorem 7.4.1
shows that f ∈ Q[T ] is irreducible.

(b) Let K be a field and consider the ring K[X] of polynomials over K. The field of fractions
of K[X] is the field F = K(X) of rational functions.
Let n ≥ 1 and consider the polynomial f = T n − X ∈ F [T ] = K(X)[T ]. Then f is
irreducible in K(X)[T ] by Theorem 7.4.1.

26
7.5 Irreducibility of certain cyclotomic polynomials
For a prime number p consider the polynomial
Tp − 1
F (T ) = Fp (T ) = = T p−1 + T p−2 + · · · + T + 1 ∈ Q[T ].
T −1
Applying the change of variables U = T − 1 we see that

p  
X p
Ui
(U + −11)p i
F (U + 1) = = i=1
(U + 1) − 1 U
     
p p p
p
U + U p−1 + ··· + 2
U + U
p−1 2 1
=
  U  
p p
=U p−1
+ U p−2
+ ··· + U +p
p−1 2
P
In particular, g(U ) = F (U + 1) = p−1
i=0 ci U ∈ Q[U ] has degree p − 1 and the coefficients are
i

given by the formulae  

p
ci = , 0 ≤ i ≤ p − 1.
i+1
Proposition 7.5.1. For a prime number p > 0, the polynomial
Tp − 1
F (T ) = = T p−1 + T p−2 + · · · + T + 1 ∈ Q[T ]
T −1
of degree p − 1 is irreducible.
Proof. Clearly F (T ) ∈ Q[T ] is irreducible
  if and only if g(U ) ∈ Q[U ] is irreducible. Now, g(U ) ∈
n
Z[U ] since binomial coefficients are always integers. We are going to apply Eisenstein’s
m
criteria to show the irreducibility of g(U ). For this, we first note that cp−1 = 1 is not divisible
by p and that c0 = p is divisible by p but not by p2 .  
p
The irreduciblity will now follow from Theorem 7.4.1 once we argue that (♣) : p | for
i
each 1 ≤ i ≤ p − 1.
To prove (♣) just note that  
p p!
= .
i i!(p − i)!
Since 0 < i < p, neither i! nor (p − i)! is divisible by p. On the other hand
p! = p · (p − 1) · (p − 2) · · · 2 · 1
is divisible by p.    
p p
Since one knows that ∈ Z, unique factorization – see Section 5.2 – implies that p |
i i
as required.

Example 7.5.2. For example, f (T ) = T 4 + T 3 + T 2 + T + 1 ∈ Q[T ] is an irreducible since

T5 − 1
f (T ) = and since p = 5 is prime.
T −1

27
8 Some recollections of Linear Algebra
Let F be a field. Much of what you learned in a course on linear algebra remains valid for vector
spaces over F and not just for vector spaces over Ror C.

8.1 Vector Spaces

Definition 8.1.1. A vector space over F is an additive abelian group V together with a mapping

F ×V →V

denoted by
(α, v) 7→ αv
called scalar multiplication that is required to satisfy several axioms:

(VS1) the multiplicative identity 1 = 1F ∈ F satisfies 1 · v = v for all v ∈ V.

(VS2) scalar multiplication is associative: for all α, β ∈ F and all v ∈ V , we have α(βv) = (αβ)v.

(VS3) scalar multiplication distributes over addition in V : for all α, β ∈ F and for all v, w ∈ V ,
we have
α · (v + w) = α · v + α · w
and
(α + β) · v = αv + βv.

You should compare these requirements with axioms you may have seen in a course in linear
algebra. The present list is probably shorter – that is because one needs axioms governing the
behavior of addition, which we have handled by requiring V to be an additive abelian group.

8.2 Linear Transformations, subspaces and quotient vector spaces

Definition 8.2.1. Let V be a vector space over F . A subset W ⊆ V is called a subspace (or
more precisely, an F -subspace) provided that

(a) W is an additive subgroup of V , and

(b) W is closed under scalar multiplication by F – i.e.

αw ∈ W for all α ∈ F and all w ∈ W .

Definition 8.2.2. If V and W are vector spaces over F , a function T : V → W is a linear

transformation (or more precisely, an F -linear transformation) if

(a) T is a homomorphism of additive groups V → W , and

(b) T commutes with scalar multiplication – i.e. T (αv) = αT (v) for all α ∈ F and all v ∈ V .

Definition 8.2.3. If V, W are vector spaces, a linear transformation T : V → W is an isomorphism

if there is a linear transformation S : W → V such that T ◦ S = 1W and S ◦ T = 1V .
If T is an isomorphism, one says that V and W are isomorphic vector spaces.

28
Proposition 8.2.4. Let V, W be F -vector spaces and let T : V → W be a linear transformation.
Then T is an isomorphism if and only if T is bijective.
Proof. Suppose that T is bijective. Then we know that T is an isomorphism of additive groups,
and hence there is an inverse isomorphism S : W → V. It only remains to show that S is a linear
transformation (rather than simply a group homomorphism).
So let α ∈ F and w ∈ W. Since T is onto, we may write w = T (v) for some v ∈ V . Now,
S(αw) = S(αT (v)) = S(T (αv) = 1W (αv) = αv = αS(T (v)) = αS(w).
On the other hand, if T is an isomorphism, then the inverseisomorphism S is an inverse
function to T so in particular T is one-to-one and onto.

Proposition 8.2.5. If T : V → W is a linear transformation, then

(a) ker(T ) is a subspace of V , and
(b) the image T (V ) = {T (v) | v ∈ V } is a subspace of W .

Proof. Exercise!

Proposition 8.2.6. Let W be a subspace of the F -vector space V . The quotient group V /W
has the structure of an F -vector space, and the natural quotient mapping π : V → V /W given by
π(v) = v + W is an F -linear transformation.
Proof. We must define a scalar multiplication for the additive group V /W . Given α ∈ F and an
element v + W ∈ V /W , define
α · (v + W ) = (αv) + W.
We must confirm that this rule is independent of the choice of coset representative v for v + W .
Thus, we must suppose that
v + W = v′ + W
and we must show that α · (v + W ) = α · (v ′ + W ) i.e. that αv + W = αv ′ + W .
The assumption that v + W = v ′ + W means that v − v ′ ∈ W . Since W is a F -subspace, we
find that α(v − v ′ ) ∈ W and using the distributive law we conclude that αv − αv ′ ∈ W . This
shows that αv + W = αv ′ + W as required. This proves that we’ve given a well-defined operation
of scalar multiplication.
It now remains to check that the associative and distributive laws hold for this operation.
Since these properties hold for the scalar multiplication in V , the verification is straightforward;
details are left to the reader.

Proposition 8.2.7. If T : V → W is a linear transformation, there is an isomorphism Te :

V / ker(T ) → T (V ) given by Te(v + ker T ) = T (v) for v ∈ V .
Proof. The first isomorphism theorem for groups tells us that the rule Te is an isomorphism of
groups. In view of @prop:inv-iso, it remains to argue that Te is a linear transformation.
Thus, let α ∈ F and x ∈ V / ker T . We may write x = v + ker T for some v ∈ V . Now, by
definition we have
αx = α(v + ker T ) = αv + ker T.
Thus, since T is a linear tranformation we find the following:
Te(αx) = Te(αv + ker T ) = T (αv) = αT (v) = αTe(v + ker T ).
This confirms that Te commutes with scalar multiplication and is thus a linear transformation.

29
8.3 Bases and dimension
You are probably familiar with the notions of spanning set and of linear independence. One issue
to be aware of is how to handle possibly-infinite sets in this setting.
To quote from Michael Artin’s algebra text (Artin 2011):

In algebra it is customary to speak only of linear combinations of finitely many

vectors. Therefore, the span of an infinite set S must be interpreted as the set of
those vectors V which are linear combinations of finitely many elements of S. . .

Definition 8.3.1. If S ⊆ V is a set of elements, the span of S is defined to be

( r )
X
span(S) = ai xi | r ∈ Z≥0 , ai ∈ F, xi ∈ V (1 ≤ i ≤ r)
i=1

It is clear that span(S) is a subspace of V .

Definition 8.3.2. A subset S ⊆ V of the vector space V is said to be linearly independent if when-
ever n ∈ Z≥0 , whenever x1 , · · · , xn ∈ V are distinct elements of V , and whenever α1 , · · · , αn ∈ F
then
Xn
αi xi = 0 =⇒ αj = 0 for each 1 ≤ j ≤ n.
i=1

Remark 8.3.3. We say that the vector space is finitely generated if there is a finite set S ⊆ V for
which V = span(S). In fact, V is then finite dimensional (see Definition 8.3.6 below).
Definition 8.3.4. Let V be a vector space over the field F . A basis for V is a subset S ⊆ V

(a) S spans V ; i.e. V = span(V ), and

(b) S is linearly independent.

Proposition 8.3.5. Let V be an F -vector space.

(a) There is a basis B for V .

(b) If W ⊆ V is a subspace of V , and if C is a basis for W , there is a basis B for V with

C ⊆ B.

(c) If V = span(S) then there is a basis of V contained in S.

(d) If S ⊆ V is a linearly independent subset, there is a basis of V containing S.

(e) Any two bases of V have the same cardinality.

Proof. When V is finitely generated,results (a)-(e) can be found in (Hoffman and Kunze 1971),
§2.2 and 2.3, and in (Friedberg, Insel, and Spence 2002) §1.6.
For the general case of (a)-(d) see (Friedberg, Insel, and Spence 2002) §1.7.
A proof of (e) in case B1 and B2 are infinite bases for V requires the Schroeder-Bernstein
Theorem; we won’t need this result in the course.

30
Definition 8.3.6. If V is a vector space with basis B, the dimension of V

• written dim V or dimF V - is equal to the cardinality of the set B.

It follows from Proposition 8.3.5 (e) that the dimension of V doesn’t depend on the choice
of basis.

Proposition 8.3.7. Let V, W be F -vector spaces, let B be a basis for V , and let xb ∈ W for
each b ∈ B. Then there is a unique linear transformation T : V → W such that T (b) = xb for
each b ∈ B.

Example 8.3.8. Let F [T ] be the polynomial ring over the field F . THen F [T ] is in particular a
vector space over F with countably infinite basis given by {T i | i ≥P
0}.
Th linear independence of this basis precisely means that if f = N i=0 ai T ∈ F [T ] for ai ∈ F ,
i

then f = 0 if and only if all ai = 0.

Proposition 8.3.9. Let T : V → W be a linear transformation of F -vector spaces with dim V <
∞. Then
dimF V = dimF T (V ) + dimF ker(V ).

31
9 Field extensions
Definition 9.0.1. Let F and E be fields and suppose that F ⊆ E is a subring. We say that F is
a subfield of E and that E is a field extension of F .
Throughout this discussion, let F ⊆ E be an extension of fields.

9.1 Algebraic extensions of fields

Definition 9.1.1. An element α ∈ E is said to be algebraic over F provided that there is some
polynomial 0 6= f ∈ F [T ] for which α is a root – i.e. for which f (α) = 0.
If α is not algebraic over F , we say that α is transcendental over F .
Example 9.1.2. • it is a fact that π, e ∈ R are transcendental over Q.

• Of course, π, e are algebraic over R.

• Any element α = a + bi ∈ C (for a, b ∈ R) is algebraic over R. Indeed, α is a root of the

polynomial

f (T ) = (T − α)(T − α)
= T 2 − 2 Re(α)T + |α|2
= T 2 − 2aT + (a2 + b2 ) ∈ R[T ]

where Re(α) = a denotes the real part of the complex number α.

9.2 The minimal polynomial

Proposition 9.2.1. Let α ∈ E and suppose that α is algebraic over F . Then there is a unique
monic irreducible polynomial p ∈ F [T ] for which α is a root.
Moreover,
(a) p is the monic polynomial of smallest degree for which
α is a root.

(b) if f ∈ F [T ] is any polynomial with f (α) = 0, then p | f .

Proof. Let I = {f ∈ F [T ] | f (α) = 0}. It is straightforward to check that it is an additive

subgroup, and it is closed and under multiplication with any polynomial in F [T ]); thus I is an
ideal of F [T ].
Since α is algebraic, I 6= {0}. Thus I coincides with the principal ideal I = hpi for some
monic 0 6= p ∈ F [T ], and p is the unique monic element of smallest degree in I.
It only remains to argue that p is irreducible. Suppose that f, g ∈ F [T ] and that p | f g. We
need to argue that p | f or p | g. Well, since f g = pq for q ∈ F [T ], we see that

0 = (pq)(α) = (f g)(α) = f (α) · g(α).

Since f (α), g(α) are elements of the field E, the only way their product can be 0 is for at least
one factor to be zero - i.e. either f (α) = 0 or g(α) = 0. But then either f ∈ I or g ∈ I and thus
p | f or p | g.

32
Corollary 9.2.2. Let α ∈ E. If p ∈ F [T ] is irreducible and monic, and if p(α) = 0, then p is
the minimal polynomial of α over F .

Definition 9.2.3. Let α ∈ E be algebraic over F .

• The irreducible polyomial p of the proposition is known as the minimal polynomial of α

over F .

• The degree of α over F is defined to be the degree of the minimal polynomial p.

Example 9.2.4. An element α ∈ F has degree 1 over F , since it is the root of the irreducible
degree 1 polynomial T − α ∈ F [T ].
Example 9.2.5. Consider the complex number z = a + bi ∈ C with a, b ∈ R. Then z has degree
≤ 2 over R, and that degree is 2 if and only if b 6= 0.
Indeed, if b = 0, then z = a ∈ R is a root of T − a ∈ R[T ] so z has degree 1 over R.
Otherwise, z is a root of

p = (T − z)(T − z) = T 2 − 2aT + (a2 + b2 ) ∈ R[T ].

Since p has roots z, z, it has no real roots; since it has degree 2, p is irreducible over R. Now
the Corollary shows that p is the minimal polynomial of z.
Example 9.2.6. Let F be a field and let F (X) be the field of fractions Q(F [X]) of the polynomial
ring F [X].
F (X) is often called the field of rational functions over F ; its elements have the form

f f (X)
= for f, g ∈ F [X]
g g(X)

Then the element X ∈ F (X) is transcendental over F .

Indeed, given any non-zero polynomial f (T ) ∈ F [T ], we wonder: is f (X) = 0? and of course,
the answer is “no” because f (X) is just the polynomial f (T ) after the substitution T 7→ X.
In particular, the degree of X over F is undefined (or we could define it to be ∞).
√
Example 9.2.7. Consider the field F = Q( 2) defined by adjoining to Q a root of T 2 − 2. We
identify F with a subfield of R.
Consider the polynomial p(T ) = T 4 − 2 and write α = 21/4 for the positive real root of p(T ).
Since p ∈ Q[T ] is irreducible, α has degree 4 over Q.
On the other hand, α has degree 2 over F . Indeed, note that in F [T ],
√ √
p(T ) = T 4 − 2 = (T 2 − 2)(T 2 + 2).
√
Since α is a root of T 2 − 2√∈ F [T ], the degree of α over F is ≤ 2. To see that equality
holds, we must argue that T 2 − 2 is irreducible over F . √
√ T − 2 has no root in F .
To establish this irreducibility, we will argue that 2

A typical element of F has the form x = a + b 2 for a, b ∈ Q.

Suppose that
√ √ √
(♦) 2 = x2 = (a + b 2)2 = a2 + 2b2 + 2ab 2.
But then comparing coefficients we see that a2 + 2b2 = 0 and 2ab = 1.

33
 Now
a2 + 2b2 = 0 =⇒ a = b = 0 =⇒ 2ab 6= 1.
Thus the assumption (♦) is impossible and so
√ √
T 2 − 2 ∈ F [T ] = Q( 2)[T ]

is indeed irreducible.
We repeat for emphasis:

• the minimal polynomial of α over Q is T 4 − 2 and has degree 4,

√ √
• the minimal polynomial of α over Q( 2) is T 2 − 2 and has degree 2.

9.3 Generation of extensions and primitive extensions

Definition 9.3.1. Let S ⊆ E be a subset. The smallest subfield of E containing F and S is
denoted by F (S). If S = {u1 , u2 , · · · , un } is a finite set, we often write F (S) = F (u1 , · · · , un )
for this field.
If E = F (u1 , . . . , un ) we say that the elements ui generate the extension E of F .
If n = 1, the extension F (u) = F (u1 ) of F is said to be a primitive extension (or sometimes:
a simple extension).
Remark 9.3.2. Remark: Note that F (S) is equal to the intersection
\
F (S) = K
K∈E

of the collection

E = {K ⊆ E | K a subfield of E containing F and S}.

Since the intersection of subfields is again a subfield (check!), the notation F (S) is meaningful.

Remark 9.3.3. Note that by definition

F (u1 , u2 , . . . , un ) = F (u1 , u2 , . . . , un−1 )(un ).

So to “describe” the extension F ⊆ F (u1 , . . . , un ) we can focus on describing primitive exten-

sions. Given a description of primitive extensions, we can first describe the extension F ⊂ F (u1 )
of F , next we can describe the extension F (u1 ) ⊂ F (u1 )(u2 ) of F (u1 ), and so on.
Proposition 9.3.4. Let α ∈ E.

a. If α is algebraic over F with minimal polynomial p ∈ F [T ] over F , then

F (α) ' F [T ]/hpi,

where α identifies with T + hpi.

In particular, F (α) has as an F -basis the elements

1, α, · · · , αn−1

where n = deg p = deg α.

34
b. If α is transcendental over F , then F (α) ' F (T ) where F (T ) is the field of fractions of the
polynomial ring F [T ].

Proof. Construct the homomorphism

ϕ : F [T ] → E such that ϕ|F is the identity, and ϕ(T ) = α.

We are going to argue in both case (a) and (b) that ϕ induces the desired isomorphism.
First consider case (a). Suppose that α is algebraic with minimal polynomial p. The previous
Proposition now shows that ker ϕ = hpi.
Since p is irreducible, the quotient F [T ]/hpi is a field. According to the first isomorphism
theorem, ϕ induces an isomorphism between F [T ]/hpi and its image K. Thus K ⊆ E is a subfield
containing F and α, so by definition F (α) ⊆ K.
On the other hand, α identifies with the class T + hpi, and so we’ve seen that the elements
1, α, · · · , αn−1 form an F -basis for K viewed as a vector space over F . Now, any subfield K1 of
E containing F and α must contain all F -linear combinations of the elements αi ; thus K ⊆ K1
and this proves that \
K ⊂ F (α) = K1 .
K1 ∈E

We now conclude that K = F (α) as required.

Now consider case (b). The condition that α is transcendental is equivalent to the requirement
that ker ϕ = {0}.
Thus for any non-zero polynomial f ∈ F [T ], ϕ(f ) = f (α) is a non-zero element of F (α). In
particular, f (α)−1 ∈ E.
Now the defining property of the field of fractions gives a unique ring homomorphism ϕe :
F (T ) → E for which ϕe|F [T ] = ϕ.
Since F (T ) is a field, ϕe is one-to-one, and its image is a subfield of E containing α. On
the other hand, any subfield of E containing α must contain the image of ϕe and statement (b)
follows at once.

Example 9.3.5. For any transcendental number γ ∈ R, the subfield Q(γ) of R is isomorphic to
the field Q(T ) of rational functions.
In particular, Proposition 9.3.4 shows that there is an isomorphism Q(e) ' Q(π).
Remark 9.3.6. Here is a question we’ll answer in an upcoming lecture. As before, let F ⊆ E be
a field extension.
If α, β ∈ E are algebraic over F , is α + β algebraic over F ? How about α · β?
√
Example 9.3.7. Let E = Q[T ]/hT 3 − 2i and √ let γ = T + hT 3 − 2i. Of course, E ' Q( 3 2) and
under this isomorphism, γ is mapped to 3 2. Put another way, γ is a root of T 3 − 2 in F .
We recall that since T 3 −2 has degree 3, E has dimension 3 as a Q-vector space, and {1, γ, γ 2 }
is a Q-basis for E.
For an element α = a + bγ + cγ 2 consider the Q-linear mapping

λα : E → E

given by the left mutiplication with α; i.e. by the rule λα (β) = α · β for β ∈ E.
We are going to compute the matrix of λα in the above basis for E. For this, note that
 the
s
choice of basis determines a linear isomorphism ϕ : E → Q given by ϕ(s + tγ + uγ ) = t  .
3 2 
u

35
 So we are looking for a 3 × 3 matrix M = Mα with the property that

ϕ(λα (β)) = M · ϕ(β).

 
a

• λα (1) = α so that ϕ(λα (1)) = b  . This is the first column of M .
c
 
2c
• λα (γ) = αγ = aγ + bγ 2 + cγ 3 = aγ + bγ 2 + 2c = 2c + aγ + bγ 2 so that ϕ(λα (γ) =  a .
b
This is the second column of M .
 
2b
• λα (γ 2 ) = αγ 2 = aγ 2 +bγ 3 +cγ 4 = aγ 2 +2b+2cγ = 2b+2cγ +aγ 2 so that ϕ(λα (γ 2 ) = 2c.
a
This is the third column of M .

Thus  
a c 2b
M = Mα = Ma+bγ+cγ 2 =  b a 2c
c b a
We claim for α1 , α2 ∈ E that Mα1 +α2 = Mα1 + Mα2 and Mα1 ·α2 = Mα1 · Mα2 . Since Mα is
the matrix determined by the linear transformation λα , our claim will follow if we just observe
that λα1 + λα2 = λα1 +α2 and λα1 ◦ λα2 = λα1 ·α2 (where ◦ denotes the composition of linear
transformations). But for β ∈ E notice that λα1 ◦ λα2 (β) = λα1 (α2 β) = α1 α2 β = λα1 α2 (β); the
other verification is similarly straightforward.
This proves that α 7→ Mα determines a ring homomorphism

E → Mat3×3 (Q)
 
1 0 2
Consider the element 1 + γ ∈ E and notice that M1+γ = 1  1 0 .
0 1 1
 
1 2 −2
1
Now, we can compute the inverse matrix M1+γ −1 = −1 1 2  which we recognize
3
1 −1 1
as the matrix M(1−γ+γ 2 )/3 .
Thus we see that
1 1

= 1 − γ + γ2
1+γ 3
\

9.4 The degree of a field extension

Definition 9.4.1. We write [E : F ] = dimF E and say that [E : F ] is the degree of the extension
F ⊆ E.
If E is not a finite dimensional vector space over F , then [E : F ] = dimF E = ∞.

Proposition 9.4.2. Let α ∈ E. Then α is algebraic over F if and only if [F (α) : F ] < ∞.

36
Remark 9.4.3. If α is transcendental, the cardinality of an F -basis for F (α) fails to be countable
if F is uncountable. Indeed, you can show that the elements
 
1
∈ F (T ) | a ∈ F
T −a
are linearly independent.
Proposition 9.4.4. Let E be an extension of the field F and let α ∈ E. The following are
equivalent:

a. α is algebraic over F .

b. the primitive extension F (α) is a finite extension of F .

c. α ∈ E1 for some subfield E1 ⊆ E with F ⊆ E1 which is a finite extension of F .

Proof. a. =⇒ b: If α is algebraic, let d = deg α be the degree of α over F . We have seen

that 1, α, . . . , αd−1 form an F -basis for F (α), so [F (α) : F ] = d and thus F (α) is indeed a finite
extension of F .
b. =⇒ c: This is immediate; just take E1 = F (α).
c. =⇒ a.: Assume dimF E1 = d. Since α ∈ E1 and E1 is a field, also αi ∈ E1 for all i ∈ Z≥0 .
Since E1 has dimension d over F , it follows from linear algebra that the d + 1 elements

1, α, · · · , αd−1 , αd

are linearly dependent. over F . Let c0 , c1 , . . . , cd ∈ F not all zero be such that

X
d
ci α i = 0
i=0

and consider the polynomial

X
d
f (T ) = ci T i ∈ F [T ].
i=0
Since not all of the coefficients ci are 0, f (T ) 6= 0. Since f (α) = 0, we have proved that α is
algebraic over F as required.

Proposition 9.4.5. Let F ⊆ E ⊆ K be fields where K is a finite extension of E and E is a

finite extension of F . Then K is a finite extension of F and moreover:

[K : F ] = [K : E] · [E : F ].

Proof. Let
a1 , . . . , a N ∈ E be an F -basis for E
and let
b1 , . . . , b M ∈ K be an E-basis for K
Multiplying in the field K, we consider the elements as bt , and we assert:

B = {as bt | 1 ≤ s ≤ N, 1 ≤ t ≤ M } is an F -basis for K

37
 • B spans K over F : indeed, let x ∈ K. We must express x as a linear combination of the
vectors B.
Since the {bt } span K over E, we may write

x = u 1 b1 + · · · u M bM for ut ∈ E.

Since the {as } span E over F , for each 1 ≤ t ≤ M we may write

ut = v1,t a1 + · · · vN,t aN for vs,t ∈ F

Now !
X
M X
M X
N X
x= u t bt = vs,t as bt = vs,t · as bt
t=1 t=1 s=1 1≤s≤N,1≤t≤M

• B is linearly independent over F .

Suppose that !
X X
M X
N
0= vs,t · as bt = vs,t as bt
1≤s≤N,1≤t≤M t=1 s=1

for coefficients vs,t ∈ F .

Now use the fact that {bt } are linearly independent over E to conclude for each 1 ≤ t ≤ M
that
X
N
0= vs,t as
s=1

For any 1 ≤ t ≤ M , use the fact that {as } are linearly independent over F to conclude for
each 1 ≤ s ≤ N that vs,t = 0.

Corollary 9.4.6. Let E be a finite extension of F . If α ∈ E then the degree of α over F is a

divisor of [E : F ]:

degF (α) | [E : F ].

Proof. Apply Proposition 9.4.5 to the tower of field extensions

F ⊆ F (α) ⊆ E

to deduce that
[E : F ] = [E : F (α)] · [F (α) : F ]
and the result follows since [F (α) : F ] = degF α.

38
9.5 Examples of finite extensions
√ √
Example 9.5.1. [Q( 2, 3) : Q] = 4.
The polynomials T 2 −, T 2 − 3 ∈ Q are known to be irreducible over Q (can you give a quick
argument?) √ √
We claim that T 2 − 3 remains irreducible over Q( 2) –i.e. that T 2 − 3 ∈ Q( 2)[T ] is
irreducible.
If we verify the claim, it follows that
√ √ √
[Q( 2, 3) : Q( 2)] = 2

and thus
√ √ √ √ √ √
[Q( 2, 3) : Q] = [Q( 2, 3) : Q( 2)] · [Q( 2) : Q] = 2 · 2 = 4
as required.
Let’s now prove the claim. Since T 2√− 3 has degree 2, the irreducibility will follow provided
we argue that T 2 − 3 has no root
√ in2 Q( 2).
So: suppose that 3 = (a + b 2) for a, b ∈ Q. Thus
√ √
3+0· 2 = 3 = a2 + 2b2 + 2ab 2
and comparing coefficients we find that

3 = a2 + 2b2 and 0 = 2ab.

Now 2ab = 0 =⇒ a = 0 or b = 0 and the equation 3 = a2 + 2b2 is then impossible (since
√ 3 nor 3/2 is a square in Q). This completes the proof that T − 3 is irreducible over
neither 2

Q( 2).
√ √
Example 9.5.2. [Q( 2 + 3) : Q] = 4.
To prove the claim, we argue that
√ √ √ √
Q( 2 + 3) = Q( 2, 3);

the assertion then√follows

√ from the previous example.
Write K = Q( 2 + 3). To confirm this equality, first note that trivially we have
√ √
K ⊂ Q( 2, 3)

so it is enough to argue √ √
2, 3 ∈ K.
(Why?) √ √ √ √
In fact, it is easy to see that 2 ∈ K √⇐⇒ 3 ∈ K (since 2 + 3 ∈ K by construction!).
So it only remains to argue e.g. that 3 ∈ K.
Let’s observe that
√ √ √ √
1 1 3− 2 3− 2
√ √ =√ √ ·√ √ = ∈K
2+ 3 2+ 3 3− 2 1
and since K is a field,
1 √ √ √ √ √ √ √
√ √ + 2 + 3 = ( 3 − 2) + ( 2 + 3) = 2 3 ∈ K
2+ 3

39
 √
so indeed 3 ∈ K. √
The preceding calculation confirms (for example) that 2 may be written in the form

√
2 = a + bα + cα2 + dα3
√ √ √ √ √ √
= a + b( 2 + 3) + c( 2 + 3)2 + d( 2 + 3)3

for some coefficients a, b, c, d ∈ Q, though we’d need to do some work to find a, b, c, d.

9.6 Algebraic extensions

Let F ⊆ E be any extension of fields. We are going to argue that

Ealg = {u ∈ E | u is algebraic over F }

is a subfield of E.
For example, this requires us to know that if x, y ∈ Ealg then x−y ∈ Ealg . It is not completely
clear how to find an algebraic equation satisfies by x − y, so we use a more indirect argument.
Our main tool is the following:

Lemma 9.6.1. Let α, β ∈ E be algebraic. Then [F (α, β)] : F ] is a finite extension. In particular,
1
α ± β and α · β are algebraic over F ; if 0 6= α, then also α−1 = is algebraic over F .
α
Proof. Indeed, β is algebraic over F hence algebraic over F (α) so

[F (α, β) : F (α)] < ∞

since F (α, β) = F (α)(β).

Since α is algebraic over F , [F (α) : F ] < ∞ and thus

[F (α, β) : F ] = [F (α, β)] : F (α)] · [F (α) : F ]

is finite. The result now follows from Proposition 9.4.4.

Corollary 9.6.2. Let E be an extension field of F . The set of all elements of E which are
algebraic over F forms a subfield Ealg of E.

Proof. We first observe that Ealg is an additive subgroup of E. For this, note that 0 ∈ Ealg so it
just remains to show that if x, y ∈ Ealg then x − y ∈ Ealg . But this statement follows from the
Lemma 9.6.1.
It now remains to argue that Ealg is closed under multiplication and contains the inverse of
its non-zero elements. These statements again follow from Lemma 9.6.1.

Definition 9.6.3. An extension field E of F is algebraic over F if each element of E is algebraic

over F .

Proposition 9.6.4. Every finite extension of fields is algebraic.

Proof. Let F ⊆ E be a finite extension and let α ∈ E be an arbitrary element of E. Since

[F (α) : F ] is a divisor of [E : F ], [F (α) : F ] is finite and hence α is algebraic by Proposition 9.4.4.
This shows that E is algebraic over F as required.

40
Lemma 9.6.5. Let F ⊆ E be an algebraic extension, and let α1 , . . . , αn ∈ E. Then

[F (α1 , . . . , αn ) : F ] < ∞.

Proof. Proceed by induction on n ≥ 1.

First consider the case n = 1. Since E is algebraic over F , α = α1 is algebraic over F and
[F (α) : F ] is finite by previous results.
Now suppose n > 1 and write Ei = F (α1 , . . . , αi ) for 1 ≤ i ≤ n. The induction hypothesis is
then: [Ei : F ] < ∞ for i < n. Note that En = En−1 (αn ), and – since αn is algebraic over F –
αn is algebraic over En−1 . Thus

[En : En−1 ] = [En−1 (αn ) : En−1 ] < ∞

by Proposition 9.4.4 and it follows by induction that

[En : F ] = [En : En−1 ] · [En−1 : F ] < ∞

as required.

Proposition 9.6.6. Let E be an algebraic extension of F and let K be an algebraic extension

of E. Then K is an algebraic extension of F .

Proof. Let α ∈ K. We must argue that α is algebraic over F . Since α is algebraic over E, it is
the root of some polynomial

f (T ) = a0 + a1 T + a2 T 2 + · · · + aN T N ai ∈ E.

Now, form the extension E1 = F (a0 , a1 , . . . , aN ). Since E is algebraic over F , all ai are
algebraic over F . It follows from Lemma 9.6.5 that [E1 : F ] < ∞. Since α is algebraic over E1
we know that [E1 (α) : E1 ] < ∞ by Proposition 9.4.4. It now follows that

[E1 (α) : F ] = [E1 (α) : E1 ][E1 : F ] < ∞

so that α is algebraic over F by Proposition 9.6.4.

9.7 Another example

Consider the field K = Q(T ) where T is transcendental over Q. It follows from Theorem 7.4.1
that

X n − T − a ∈ K[X] = Q(T )[X]

is irreducible for n = 2, 3 for any a ∈ Q.
These irreducibility statements mean that
√ √
[K( T − a) : K] = 2 and [K( 3 T − a) : K] = 3
(or writing everything out in full detail, that
√ √
[Q(T, T − a) : Q(T )] = 2 and [Q(T, 3 T − a) : Q(T )] = 3.)

41
 √ √ √ √
Lemma 9.7.1. K( T − a, 3 T − a) = Q(T, T − a, 3 T − a) has degree 6 over K = Q(T ).
√ √
Proof. Let L = K( T − a, 3 T − a). The claim will follow if we show that
√
(♣) [L : K( T − a)] = 3
since then
√ √
[L : K] = [L : K( T − a)] · [K( T − a) : K] = 3 · 2 = 6.
√
Now, (♣) follows if we argue that f (X) = X 3 − T − a ∈√K( T − a)[X] is irreducible; since
√ to argue that f has no root in K( T − a).
f has degree 3, it suffices
But were α ∈ K( T − a) a root of f , we know that α has degree 3 over K. But this is
impossible since √ √
α ∈ K( T − a) =⇒ degK α | [K( T − a) : K] = 2.
√
This completes the proof that f is irreducible over K( T − a) and thus the Lemma is verified.

42
10 Constructible real numbers
As an example of the utility of field theory, we are going to describe a field-theory-based answer
to a “geometric-constructions/geometric” question about numbers. Loosely put, we are going to
answer the question: “can one trisect an angle using ruler and compass?”

10.1 Ruler and compass constructions

As a starting point, we are given two points at unit distance in the Euclidean plane.
Given any two distinct known points P and Q, one can construct:

• the line through P and Q (this uses a straightedge)

• the circle with center P which passes through Q (this uses a compass)

One views the points of intersection of lines and circles that have been constructed as con-
structible (i.e. known) points.
Here are some useful constructions that we are going to use without further argumentation:

Lemma 10.1.1. (♣) Given a point P on a line L, and a second point Q not on L, we can
construct a line L′ parallel to L passing through Q.

P
L

L' Q

Lemma 10.1.2. (♥) Given a line L and a point P not lying on L, one can construct a line L′
containing P and perpendicular to L.

L' L

Lemma 10.1.3. (♠) Given two points P = 6 Q on a line L, a second line L′ , and a point R on
′ ′
L , we can construct a point S on L such that

|P Q| = |RS|.

43
 L

Q
S
P
R

L'

10.2 Constructions
Definition 10.2.1. A real number r is constructible if one can construct a line segment of length
|r| using straightedge and compass.

Proposition 10.2.2. The set of constructible real numbers forms a subfield C ⊆ R.

Sketch of proof. First, use Lemma 10.1.3 to show that C forms an additive subgroup of R.
To argue that C is closed under multiplication, proceed as follows:

• Given positive constructible numbers y, z, w construct a diagram with points P, Q, R, Y as

follows with |P Q| = z, |P R| = w and |P Y | = y.

Q
Y

• Now use (♣) to construct the line through Y parallel to the line through Q and R.

• Writing X for the (constructible) point of intersection of the indicated lines, write x = |P X|
and notice that x/y = z/w.

• Now let a, b > 0 be constructible and let y = a, z = b and w = 1; the above argument
shows that x = yz = ab is constructible.

Similar arguments give the constructibility of a/b where a, b > 0 are constructible.

Let’s observe that according to the Proposition, every rational number is constructible.
We may and will suppose that the points (1, 0) and (0, 1) in the plane are constructible.
In particular, the coordinates r, s of any constructible point P = (r, s) are constructible real
numbers.

44
10.3 Lines and Circles over a field
Of course, any line may be described as the set of solutions to an equation

aX + bY + c = 0

for a, b, c ∈ R, and any circle may be described as the solutions to an equation

X 2 + Y 2 + aX + bY + c = 0

for a, b, c ∈ R.
If F is a subfield of R, a line over F means a line with equation aX + bY + c = 0 where
a, b, c ∈ F .
Similarly, a circle over F means a circle with equation

X 2 + Y 2 + aX + bY + c = 0 where a, b, c ∈ F .

Lemma 10.3.1. • If the points P 6= Q both have coordinates in F , the line through P and
Q is a line over F .

• If C is circle for which both the radius and the coordinates of its center are all in F , then
C is a circle over F .

Constructing points via ruler and compass amounts to finding the intersections of lines and
circles. We record the following fact about such intersections:

Proposition 10.3.2. Let F ⊆ R be a subfield. The coordinates of the points of intersection of

√
lines over F and circles over F belong to the field F ( u) for some u ∈ F .

(a,b)

√
If in this diagram the line and the circle are “over F ”, the conclusion is that a, b ∈ F ( u)
for a suitable u ∈ F .

10.4 Characterizing constructible numbers

Using Proposition 10.3.2, we can give an important characterization of constructible real num-
bers:

Theorem 10.4.1. u ∈ R is constructible ⇐⇒ there are u1 , . . . , un ∈ R such that:

a. u21 ∈ Q,

45
b. u2i ∈ Q(u1 , . . . , ui−1 ) for 2 ≤ i ≤ n, and

c. u ∈ Q(u1 , . . . , un ).

Proof. ⇒: This follows from the Proposition.

√
⇐: Use the following: if F is any subfield of the field of constructible numbers, then u is
constructible for each positive u ∈ F . For this, construct a circle of diameter 1 + u, and a line
perpindicular to the diameter, intersecting the diameter 1 unit from the west pole:

1 u

√
Then x = u.

Corollary 10.4.2. If u is a constructible real number, then u is algebraic over Q and deg(u) is
a power of 2.

10.5 Angle trisection

Lemma 10.5.1. a. For any angle θ, we have the following identities:

4 cos3 (θ) − 3 cos(θ) − cos(3θ) = 0.

π 
b. Let α = cos . α is a root of the irreducible polynomial
9
f (T ) = 8T 3 − 6T − 1 ∈ Q[T ].

In particular, the degree of α over Q is 3.

c. α is not a constructible number.

Proof. Recall the trigonometric identities:

sin(α + β) = sin(α) cos(β) + cos(α) sin(β) (10.1)

and
cos(α + β) = cos(α) cos(β) − sin(α) sin(β). (10.2)

46
 Taking α = β we get
sin(2α) = 2 sin(α) cos(α)
and
cos(2α) = cos2 (α) − sin2 (α).
For a real number θ, we find that “double angle formula”

cos(2θ) = cos2 (θ) − sin2 (θ)

= cos2 (θ) − (1 − cos2 (θ))
= 2 cos2 (θ) − 1

This shows that

2 cos2 (θ) − cos(2θ) − 1 = 0 (10.3)
To prove (a), let α = 2θ and β = θ in (10.2); we get

cos(3θ) = cos(2θ + θ)
= cos(2θ) cos(θ) − sin(2θ) sin(θ)
= (2 cos2 (θ) − 1) cos(θ) − (2 sin(θ) cos(θ)) sin(θ)
= 2 cos3 (θ) − cos(θ) − 2 cos(θ) sin2 (θ)
= 2 cos3 (θ) − cos(θ) − 2 cos(θ)(1 − cos2 (θ))
= 4 cos3 (θ) − 3 cos(θ).

This shows that 4 cos3 (θ) − 3 cos(θ) − cos(3θ) = 0 as required.

π 1
We now prove (b). If θ = , then of course cos(3θ) = , so (a) shows θ to be a root of the
9 2
1
equation 4T − 3T − ∈ Q[T ]. Multiplying this polynomial by 2 gives 8T 3 − 6T − 1 and we can
3
2
use the rational roots test Theorem 7.2.1 to confirm the that this polynomial has no root in Q
and is thus irreducible in Q[T ].
Now (c) follows from Corollary 10.4.2, since 3 - 2m for any m ≥ 1.

Theorem 10.5.2. It is impossible to find a general construction for trisecting an angle.

π  π  √
1 3 1 √
Proof. Since cos = and sin = , one can construct points Q = (1, 3), P =
3 2 3 2 2
π
(0, 0), R = (1, 0) and then ∠QP R is .
3
We claim that one can’t construct further points S, T such that the ∠QP S, ∠SP T and
∠T P R are all equal. π  π  π 
Indeed, if it were so, the coordinates of T would be (cos , sin ), and then cos
9 9 9
would be a constructible number, contrary to Lemma 10.5.1 .

47
11 Splitting fields
11.1 The notion of a splitting field
Let F be a field and consider a polynomial
f = a0 + a1 T + · · · + an T n ∈ F [T ]
of degree n ≥ 1.
Definition 11.1.1. If E is an extension field of F , we say that f splits over E provided that there
are elements r1 , . . . , rn ∈ E such that
Y
n
f = (T − r1 )(T − r2 ) · · · (T − rn ) = (T − ri ) ∈ E[T ].
i=1

Definition 11.1.2. If f splits over the field extension E of F , and if r1 , . . . , rn ∈ E are the roots
of f , we say thtat E is a splitting field for f over F if moreover E = F (r1 , . . . , rn ).
Thus a splitting field E is somehow a minimal field extension over which f splits.
Example 11.1.3. E = Q(i) is a splitting field over Q for the polynomial f = T 2 − 2T + 2 since
f = (T − 1 − i)(T − 1 + i) ∈ Q(i)[T ]
and since Q(i) = Q(1 + i, 1 − i).
Theorem 11.1.4. Let f ∈ F [T ] has degree n ≥ 1. Then there exists a splitting field E for f
over F with [E : F ] ≤ n!.
Proof. Proceed by induction on n ≥ 1. The result holds when n = 1, since then f splits over
E = F.
Now suppose that the result is known for all fields F and all polynomials of degree ≤ n − 1.
Now, choose an irreducible factor p of f in F [T ], say of degree d ≤ n. Choose a root of p in
some field extension of F , and consider the field K = F (α). We know that [K : F ] = [F (α) :
F ] = d = deg p.
Since α is a root of p, it is also a root of f ; thus by the remainder theorem – see Corollary 3.4.2
–, we may write
f = (T − α) · g for g ∈ K[T ] with deg g = n − 1.
Now use the induction hypothesis to construct a splitting field E for g over K with [E : K] ≤
(n − 1)!.
Thus E = K(r2 , . . . , rn ) and

Y
n
g= (T − ri ) ∈ E[T ].
i=2
We now have

Y
n
f = (T − α) · g = (T − α) · (T − ri ) ∈ E[T ];
i=2
thus, f splits over E. Moreover, E = K(r2 , . . . , rn ) = F (α, r2 , . . . , rn ) which confirms that E is
a splitting field of f over F .
Finally, note that
[E : F ] = [E : K][K : F ] ≤ (n − 1)! · d ≤ n!
since d ≤ n.

48
11.2 More examples of splitting fields
11.2.1 Fourth root of 2
√
a splitting field for f = T 4 − 2 over Q, and [E : Q] = 8.
The field E = Q(i, 4 2) is √
First, if we write α = 4 2 for the real fourth root of 2, the roots of f are precisely ±α, ±iα.
Indeed,
√ √
(T − α)(T + α)(T − iα)(T + iα) = (T 2 − 2)(T 2 + 2) = f.
√
Now, E = Q(i, 4 2) = Q(±α, ±iα).
Finally, to see that [E : Q] = 8, first note that [Q(α) : Q] = 4 since T 4 − 2 is irreducible over
Q.
Now α ∈ R =⇒ Q(α) ⊂ R, so Q(α) does not contain a root of T 2 + 1. Thus T 2 + 1 is
irreducible over Q(α)
This shows that
[E : Q] = [E : Q(α)] · [Q(α) : Q] = 2 · 4 = 8.

11.2.2 Transcendental extension

√
E = C(X, 4 X + 1) is a splitting field over C(X) for T 4 − (X + 1), and [E : C(T )] = 4.

11.2.3 Finite field example

Let F = F7 be the field with 7 elements.
Let’s describe the splitting field for f = T 3 − 3 ∈ F [T ] over F .
First, note that the cubes mod 7 are as follows:

return [ (n,n**3 % 7) for n in range(7) ]

[(0, 0), (1, 1), (2, 1), (3, 6), (4, 1), (5, 6), (6, 6)]

In particular, f = T 3 − 3 has no root in F = F7 . So if α denotes a root of f in some extension

field, then F (α) is a degree 3 extension of F .
Now let’s notice that the multiplicative order of (the class of) 2 in F7 × is 3: indeed 23 = 8 ≡ 1
(mod 7) but 2, 22 6≡ 1 (mod 7). So we can observe that also 2α and 4α are also roots of T 3 − 3.
Thus
f = (T − α)(T − 2α)(T − 4α) ∈ F (α)[T ] = F7 (α)[T ].
This shows that F (α) = F7 (α) is a splitting field over F of f = T 3 − 3.
Observe that |F (α)| = 73 = 343; elements of F (α) all have the form

a + bα + cα2 a, b, c ∈ F7 .

11.3 Uniqueness of splitting fields

We are going to argue that a splitting field for a polynomial f over F is essentially unique.
Let us first make an observation: if θ : F → F1 is an isomorphism of fields, then θ may be
extended to an isomorphism
θ : F [T ] → F1 [T ]

49
with the property that θ(T ) = T . Note that polynomials satisfy

p ∈ F [T ] is irreducible ⇐⇒ θ(p) ∈ F1 [T ] is irreducible.

Lemma 11.3.1. Let θ : F → F1 be an isomorphism of fields, let E = F (u) where u is algebraic

over F with minimal polynomial p ∈ F [T ], and let p1 = θ(p). If v is a root of p1 in an extension
field of F1 , there is a unique way of extending θ to an isomorphism ϕ : F (u) → F1 (v) subject to
the conditions (i) ϕ(u) = v, and (ii) ϕ|F = θ, i.e. the restriction of ϕ to F is given by θ.
This diagram might be useful for visualizing the situation:
ϕ
F (u) −
→ F1 (v)
↑ ◦ ↑
θ
F →
− F1

Proof. We first observe that ϕ is uniquely determined by the indicated conditions. Indeed, F (u)
is spanned as F -vector space by elements of the form ui , and since ϕ is a ring homomorphism it
must satisfy ϕ(ui ) = v i .
We now prove the existence of ϕ. We first note that –according to Proposition 9.3.4 – there
∼ ∼
are isomorphisms γ : F [T ]/hpi −
→ F (u) and ψ : F1 [T ]/hp1 i −
→ F1 (v) with

γ(T + hpi) = u and ψ(T + hp1 i) = v

such that γ|F = id and ψ|F1 = id.

θ π
Now, consider the ring homomorphism F [T ] −
→ F1 [T ] −→
1
F1 [T ]/hp1 i where π1 is the quotient
mapping. This mapping π1 ◦ θ is onto and has kernel hpi; according to the First Isomorphism
Theorem – see Theorem 2.5.1 – it induces an isomorphism
∼
Φ : F [T ]/hpi −
→ F1 [T ]/hp1 i

such that Φ|F = θ and such that Φ(T + hpi) = T + hp1 i.

∼
Now ψ ◦ Φ ◦ γ −1 : F (u) −
→ F1 (v) has the required properties.

Remark 11.3.2. Using the notations of the preceding proof, the isomorphism F (u) → F1 (v)is
given by
γ −1 Φ ψ
F (u) −−→ F [T ]/hpi −
→ F1 [T ]/hp1 i −
→ F1 (v).

Example 11.3.3. Consider the field F = Q(i). Write σ : Q(i) → Q(i) for complex conjugation;
thus σ(a + bi) = a + bi = a − bi for a, b ∈ Q. The mapping σ is an automorphism of the field
F = Q(i).
We claim that the polynomials f1 = T 2 − (1 + i) and f2 = T 2 − (1 − i) in F [T ] are irreducible.
Note that f2 = σ(f1 ) so it is sufficient to argue that f1 is irreducible.
According to Proposition 7.1.4 it is enough to argue that the degree 2 polynomial f1 has no
roots in F = Q(i).
If α ∈ Q(i) is a root of f1 then α2 = 1 + i so that

α2 · σ(α2 ) = (1 + i) · σ(1 + i) = (1 + i)(1 − i) = 2

√
But then (ασ(α))2 = 2, and it is easy to see that α · σ(α) = αα ∈ Q. Since 2 6∈ Q this
contradiction proves that there is no root α ∈ F of f1 . Thus indeed f1 and f2 are irreducible.

50
 √ √ √ √
In particular F ( 1 + i) = Q(i, 1 + i) and F ( 1 − i) = Q(i, 1 − i) are degree 2 extensions of
the field F = Q(i). √ √
Now√Lemma 11.3.1
√ shows that there is an isomorphism ϕ : Q(i, 1 + i) → Q(i, 1 − i) such
that ϕ( 1 + i) = 1 − i and such that ϕ|Q(i) = σ; in particular, ϕ(i) = −i.
Proposition 11.3.4. Let E be a splitting field over F for f ∈ F [T ], let θ : F → F1 be a field
isomorphism, and let g = θ(f ) ∈ F1 [T ]. Let E1 be a splitting field for g over F1 . Then there is
an isomorphism ϕ : E → E1 such that ϕ|F = θ.
Proof. We use induction on n = deg f . If n = 1, then E = F , E1 = F1 and we can simply take
ϕ = θ.
Now suppose that n > 1 and that the result holds for all field F and all polynomials of degree
< n.
Let p ∈ F [T ] be an irreducible factor of f , so that q = θ(p) is an irreducible factor of g.
Since f splits over E, also p splits over E. Choose a root u ∈ E of p. Thus F ⊆ F (u) ⊆ E.
Choose also a root v ∈ E1 of q, so that F1 ⊆ F1 (v) ⊆ E.
According to the preceding Lemma, there is an isomorphism θb : F (u) → F1 (v) such that
b b
θ|F = θ and such that θ(u) = v.
Write
f = (T − u)s ∈ F (u)[T ] for s ∈ F (u)[T ]
and
g = (T − v)s1 ∈ F1 (v)[T ] for s1 ∈ F1 (v)[T ]
Now, E is a splitting field for s over F (u) and E1 is a splitting field for s1 over F1 (v). And
b
since θ(f ) = g and θ(u) b = s1 .
= v it is easy to see that θ(s)
Thus the induction hypothesis gives an isomorphism ϕ : E → E1 such that ϕ|F (u) = θ. b This
isomorphism ϕ has the required properties.

We find the following theorem as an immediate consequence:

Theorem 11.3.5. Let f ∈ F [T ] be a polynomial with deg f > 0. If E and E1 are splitting fields
for f over F , there is an isomorphism ϕ : E → E1 such that ϕ(a) = a for each a ∈ F – i.e. such
that ϕ|F is the identity mapping.
Proof. In the Proposition, just take θ to be the identity map!

Remark 11.3.6. Observe that the proof of Proposition 11.3.4 requires us to prove the statement
involving θ, even though in Theorem 11.3.5 we are interested in only in the case θ = id.

11.3.1 Example: automorphisms of a splitting field

The ideas behind the results Proposition 11.3.4 and Theorem 11.3.5 will be really important as
we start talking about Galois theory. So, it seems useful to first do a non-trivial example.
Let’s give an example of automorphisms of a splitting field.
Let’s fix a prime number p, consider the polynmomial f = T 3 − p ∈ Q[T ], and let E be a
splitting field for this polynomial over Q.
The Theorem 11.3.5 tells us that any splitting field of f over Q is isomorphic to E. Let’s try
to understand what this statement could mean about automorphisms of E.
 3
′ β
First, let’s make some observations. Notice that if β and β are roots of f , then =1
β′
β β
i.e. ′ is a root of T 3 − 1. Moreover, ′ = 1 if and only if β = β ′ .
β β

51
 Let’s exclude the “trivial” cube root of unity; observe that

T3 − 1
= T 2 + T + 1 ∈ Q[T ]
T −1
has roots ω, ω 2 ∈ C where
     
2πi 2πi 2πi
ω = exp = cos + i sin ∈ C;
3 3 3

Notice that ω 6= 1 and ω 3 = 1 so viewed as an element of the group C× , ω has order 3.

Neither ω nor ω 2 is rational, so T 2 + T + 1 is irreducible over Q.
We can now construct a splitting field E of f over Q abstractly. Take E = Q(α, ω) where α
is a root of T 3 − p and ω is a root of T 2 + T + 1.
First notice that
E = Q(α, ω) = Q(α, ωα, ω 2 α)
so that E is a splitting field. Now notice that degQ α = 3 and degQ ω = 2 so T 2 + T + 1 remains
irreducible over Q(α). Thus we may conclude that

[E : Q] = [Q(α, ω) : Q(α)] · [Q(α) : Q] = 6.

Now observe that this argument actually shows that if we fix any root β of f in E, and any
root ζ of T 2 + T + 1 in E then

f = (T − β)(T − ζβ)(T − ζ 2 β).

E.g. if we choose ζ = ω 2 and β = ωα, then

f = (T − β)(T − ζβ)(T − ζ 2 β) = (T − ωα)(T − ω 2 (ωα))(T − ω 4 (ωα))

since
{ωα, ω 2 (ωα), ω 4 (ωα)} = {ωα, ω 3 α, ω 5 α} = {ωα, α, ω 2 α}.
The thing to take home from all this is that there are some choices to be made in describing
the roots of f . In this case, you could pin things down more precisely e.g. by taking for α the
“real” cube root of P and for ω the complex root of T 2 + T + 1 which is in “quadrant 2”. But
a more systematic way of keeping track of choices is through study of automorphisms of the
splitting field E.
Notice that α and β = ωα are roots of the irreducible polynomial T 3 − p ∈ Q[T ]. Thus, there
is an isomorphism of fields
θ : Q(α) → Q(β)
such that θ is the identity on Q and θ(α) = β = ωα.
Notice that θ(T 2 + T + 1) = T 2 + T + 1 is irreducible over Q(α) and over Q(β).
Now, Lemma 11.3.1 tells us that there is an isomorphism

Θ : Q(α, ω) → Q(β, ζ)

such that Θ|Q(α) = θ – i.e. for which Θ(α) = β – and for which Θ(ω) = ζ.
This Θ is an isomorphism between splitting fields of f . Since we took β = ωα and ζ = ω 2 ,
we have
E = Q(α, ω) = Q(β, ζ)

52
so in fact Θ : E → E is an automorphism of E.
Note that Θ is not the identity mapping on the roots of f :

(Θ(α), Θ(ωα), Θ(ω 2 α)) = (ωα, ζωα, ζ 2 ωα) = (ωα, α, ω 2 α).

Also note that upon restriction to Q(ω), Θ|Q(ω) is complex conjugation, since

Θ(ω) = ω 2 = ω.

53
12 Finite fields
12.1 The prime subfield of a field
First let’s recall for any field F that there is always a ring homomorphism Z → F for which
n 7→ n.1F .
Proposition 12.1.1. Let F be a field.

a. If the homomorphism Z → F is one-to-one, then F contains a copy of the field Q of rational

numbers.

b. If the homomorphism Z → F is not one-to-one, then F contains a copy of the field Z/pZ for
some prime number p.

Remark 12.1.2. In case a., we say that F has characteristic 0. Note in that case that the additive
order of any non-zero element of F is ∞.
In case b., we say that F has characteristic p. In that case, the additive order of any non-zero
element of F is p.
Definition 12.1.3. The prime subfield of F is the smallest subfield containing the image of the
homomorphism Z → F ; thus when F has characteristic 0, the prime subfield identifies with Q,
and when F has characteristic p > 0, the prime subfield identifies with Z/pZ.

Proof of the Proposition. If the homomorphism ϕ : Z → F is injective, it maps non-zero elements

of Z to invertible elements of F . Thus by the defining property of the field of fractions Q = Q(Z),
the homomorphism ϕ extends to a homomorphism ϕe : Q → F ; see Proposition 6.0.4. Thus F
indeed contains a copy of Q.
Suppose on the other hand that the homomorphism ϕ is not one-to-one; thus ker ϕ = nZ for
some n 6= 0. The First Isomorphism Theorem Theorem 2.5.1 now implies that the image of ϕ is
a subring of F isomorphic to the finite ring Z/nZ. Since F is a field, this subring must be an
integral domain – see Example 3.1.7 (c); thus by Example 3.1.7 (d) we see that n = p must be
a prime number.

12.2 Some properties of finite fields

We’ve met some finite fields already, namely Z/pZ for a prime number p.
We’ve can construct finite extensions of Z/pZ to get fields F for which |F | is not prime. Let’s
first make an observation about |F |, as follows:
Proposition 12.2.1. Let F be a finite field. Then F has characteristic p > 0 for some prime
number p. The number of elements of F is pm for some whole number m ≥ 1.
Proof. Since Q is not finite, the previous proposition shows that F must have characteristic
p > 0 for a prime number p.
Write F0 ⊆ F where F0 is the prime subfield; thus F0 ' Z/pZ.
Now, F may be viewed as an F0 -vector space. A basic theorem in linear algebra says that
F must have a basis B as an F0 -vector space; see Proposition 8.3.5. Since F is finite, this basis
must be finite; say |B| = m.
Write B = {b1 , b2 , . . . , bm }. Then an element x of F may be written uniquely in the form

x = t1 b1 + t2 b 2 + · · · + tm b m

54
for ti ∈ F0 ; see e.g. Section 8.3. Since F0 ' Z/pZ, there are p choices for each ti ; this shows that
the number of elements of F is
|F | = p · p · · · · · p = pm
as required.

12.3 Finite fields as splitting fields over the prime field

Proposition 12.3.1. Let F be a finite field with pm elements for some prime number p. Then
F is the splitting field over the prime subfield F0 ' Z/pZ of the polynomial
m
T p − T ∈ F0 [T ].

Proof. Since F has pm elements, the multiplicative group F × has pm − 1 elements. This means
that every element x ∈ F × satisfies the condition
m −1
xp = 1.

It is then immediate that every element x ∈ F satifies

m
xp = x.

Put another way, every element of F is a root of the polynomial

m
f = T p − T ∈ F0 [T ].

Since f can have no more than pm roots in an extension field, it follows that F contains all roots
of f . Since F is generated by these roots, F is a splitting field for f over F0 .

Remark 12.3.2. The proof shows that the identity

m
Y
f = Tp − T = (T − α)
α∈F

holds in F [T ].

Corollary 12.3.3. Two finite fields F and E are isomorphic if and only if |F | = |E|.

Proof. If F and E are isomorphic, there is a one-to-one onto function ϕ : F → E and thus
|F | = |E|.
On the other hand, if |F | = |E|, we know that |F | = pm and |E| = q n for some primes p, q
and some m, n ≥ 1. By unique factorization of integers – see Theorem 5.2.1 –, p = q and m = n.
m
Now the Proposition shows that E, F are splitting fields of T p − T over Z/pZ.
Now the existence of an isomorphism F ' E is a consequence of the uniqueness of splitting
fields.

55
12.4 Existence of a finite field of any prime-power order
Let p be a prime number. One might see the following Lemma in a class in elementary number
theory:
Lemma 12.4.1. For x, y ∈ Z, we have:
a. xp ≡ x (mod p)
b. (x + y)p ≡ xp + y p ≡ x + y (mod p).

We are going to prove a slightly more general version of this result that is valid for elements
of any field of characteristic p > 0, as follows:
Lemma 12.4.2. Let F be a field of char. p > 0, let x, y ∈ F , and let n ∈ Z>0 . Then:
n n n
a. (x + y)p = xp + y p .
n
b. {x ∈ F | xp = x} is a subfield of F .
 
p p!
Proof. For 0 < i < p, the binomial coefficients = satisfy the congruence
i i! · (p − i)!
 
p
≡ 0 (mod p).
i
Indeed, p dvides the numerator p! but p does not divide the denominator i! · (p − i)! and the
result follows
 since
 the quotient is integral.
p p
Since = = 1, it follows that
0 p
Xp  
p i p−i
(x + y)p = xy = xp + y p (12.1)
i
i=0

for elements x, y ∈ F . To prove a., proceed by induction on n ≥ 1. The case n = 1 is just (12.1).
Assuming the result is valid for n − 1, we see that
n
 
n−1 p
 n−1 
n−1 p n n
(x + y)p = (x + y)p = xp + yp = xp + y p ;
n−1
we used the induction hypothesis for the second equality, and we used (12.1) applied to xp
n−1
and y p \) for the final equality. This proves a.
For b., write
n
F1 = {x ∈ F | xp = x}.
To see that F1 is an additive subgroup of F , first note that 0 ∈ F1 . Now, the result from a.
shows that if x, y ∈ F1 then x − y ∈ F1 .
Next we argue that F1 is closed under multiplication. This follows since if x, y ∈ F1 then
n n n
(xy)p = xp y p = xy.
Finally, if x ∈ F1 is non-zero, then
1 = 1p = (x · x−1 )p = xp x−p = xx−p
n n n n n

which shows that (x−1 )p = x−p = x−1 hence x−1 ∈ F1 .

n n

56
Lemma 12.4.3. Let F be a field of characteristic p > 0 and let F : F → F be the mapping
F(x) = xp . Then F is a ring homomorphism.
Proof. Part a. of Lemma 12.4.2 shows that F is a homomorphism of additive group. If x, y ∈ F
then F(xy) = (xy)p = xp y p = F(x)F(y) which completes the proof.

Lemma 12.4.4. Let m, n be positive integers for which n = qm.

a. T m − 1 | T n − 1 in the polynomial ring Z[T ].
b. For any commutative ring R (with identity) and any y ∈ R we have y m − 1 | y n − 1.

Proof. For a., first note that for a polynomial variable u, we have the identity
uq − 1
= uq−1 + uq−2 + · · · + u + 1 (12.2)
u−1
in the field of fractions of Z[u]. Substituting u = T m in (12.2) gives
Tn − 1 (T m )q − 1
f (T ) = =
Tm − 1 Tm − 1
= (T m )q−1 + (T m )q−2 + · · · + T m + 1
= T m(q−1) + T m(q−2) + · · · + T m + 1 ∈ Z[T ]
Now b. follows from a. Indeed, if T n − 1 = g(T ) · (T m − 1) for g(T ) ∈ Z[T ], then for y ∈ R
we see that y n − 1 = g(y) · (y m − 1) since evaluation at y determines a ring homomorphism
Z[T ] → R.

Proposition 12.4.5. Let F be a field with pn elements. Each subfield of F has pm elements
for some divisor m of n. Conversely, for each divisor m | n, there exists a unique subfield of F
having pm elements.
Proof. Let F0 be the prime subfield of F . Any subfield E of F must contain F0 and must have
pm elements, where m = [E : F0 ]. Since
n = [F : F0 ] = [F : E][E : F0 ] = [F : E] · m
we conclude that m must be a divisor of n.
Conversely, let m be a divisor of n. Then pm − 1 is a divisor of pn − 1 by Lemma 12.4.4.
Applying Lemma 12.4.4 a second time, we see that the polynomial g(T ) = T (p −1) − 1 is a
m

divisor of h(T ) = T (p −1) − 1 in the polynomial ring F0 [T ].

n

Since F is the splitting field of T · h(T ) over F0 , it must contain all pm distinct roots of
T · g(T ).
m
Now, part b. of Lemma 12.4.2 implies that the roots of T · g(T ) = T p − T form a subfield
E of F . Any other subfield having order pm must be a splitting field of T · g(T ) and so it must
coincide with E. This completes the proof.

Lemma 12.4.6. Let F be a field of char. p > 0. If n ∈ Z>0 and n 6≡ 0 (mod p) then T n − 1
has no repeated roots in any extension field of F . Put another way, if E denotes a splitting field
of T n − 1 over F , then
Yn
T −1=
n
(T − αi )
i=1
for n distinct elements αi ∈ E.

57
Proof. Let c be a root of T n − 1 in a splitting field E. The remainder theorem – Corollary 3.4.2
– shows that T n − 1 = (T − c)g(T ) for some polynomial

X
n−1
g(T ) = ai T i
i=0

with a0 , a1 , · · · , an−1 ∈ F (c). Now, we have

! ! !
X
n−1 X
n−1 X
n−1
T n − 1 = (T − c)g(T ) = (T − c) ai T i = ai T i+1 − cai T i
i=0 i=0 i=0
! !
X
n X
n−1
= ai−1 T i − cai T i
i=1 i=0
!
X
n−1 X
n−1
= an−1 T n + ai−1 T i − cai T i − ca0
i=1 i=1

Comparing coefficients, we find that an−1 = 1 and that ai−1 = cai for 1 ≤ i ≤ n − 1. Thus we
find that ai = cn−1−i for 1 ≤ i ≤ n − 1 and that a0 = cn−1 since then ca0 = cn = 1. Thus

g(T ) = T n−1 + cT n−2 + c2 T n−3 + · · · + cn−2 T + cn−1

.
To prove the Lemma, we must show that g = g(T ) is not divisible by T − c. By the remainder
theorem, it is sufficient to prove that g(c) 6= 0. But we have:

g(c) = cn−1 + ccn−2 + c2 cn−3 + · · · + cn−2 c + cn−1 = n · cn−1

and the result follows since n1F 6= 0 and c 6= 0.

Theorem 12.4.7. For every prime p and every positive integer n, there is a field Fq with q = pn
elements, and any field of order q is isomorphic to Fq .
Proof. The uniqueness has already been proved; it remains to argue the existence of Fq for
q = pn .
n
Let F be the splitting field of the polynomial T p − T over Z/pZ. The previous Lemma
n
shows that T p − T has pn distinct roots. By an earlier Lemma, these roots form a subfield of
F , so we conclude that F consists exactly in these roots. Thus |F | = pn as required.

Remark 12.4.8. For a prime power q, some texts write GF(q) for the field we have denoted Fq .
The symbol GF stands for “Galois Field”.

12.5 Some examples of finite fields

We have seen in Theorem 12.4.7 that for each prime power q = pn , there is a field of that order.
The computer algebra system sagemath knows how to to do some computations with finite fields.
We are next going to demonstrate this facility with some calculations.

12.5.1 Extensions of F19

For example, we can ask to to represent the field of 192 = 361 elements.

58
H.<a>=FiniteField(19^2)
a.minpoly()

x^2 + 18*x + 2

The output here tells us that

H = F19 [T ]/hT 2 + 18T + 2i.

We can construct larger finite fields and ask about subfields:

G.<z>=FiniteField(19^6)
z.minpoly()

x^6 + 17*x^3 + 17*x^2 + 6*x + 2

G.subfields()

[(Finite Field of size 19,

Ring morphism:
From: Finite Field of size 19
To: Finite Field in z of size 19^6
Defn: 1 |--> 1),
(Finite Field in z2 of size 19^2,
Ring morphism:
From: Finite Field in z2 of size 19^2
To: Finite Field in z of size 19^6
Defn: z2 |--> 18*z^5 + 9*z^4 + 5*z^3 + 2*z^2 + 12*z + 7),
(Finite Field in z3 of size 19^3,
Ring morphism:
From: Finite Field in z3 of size 19^3
To: Finite Field in z of size 19^6
Defn: z3 |--> 13*z^5 + 10*z^4 + 2*z^3 + 15*z^2 + 7*z + 18),
(Finite Field in z of size 19^6,
Identity endomorphism of Finite Field in z of size 19^6)]

Th output here tells us that the field G of order 196 = 47045881 – roughly forty seven million
elements – has exactly 4 subfields: G = F19 (z), a subfield F19 (z3) of order 193 , a subfield F19 (z2)
of order 192 and a subfield of order 19.
Here sage has found an element z for which

G = F19 (z) ' F19 [T ]/hT 6 + 17 · T 3 + 17 · T 2 + 6 · T + 2i,

The subfield

F19 (z3) = F19 (13 · z 5 + 10 · z 4 + 2 · z 3 + 15 · z 2 + 7 · z + 18)

has order 193 = 6859.

59
 The subfield

F19 (z2) = F19 (18 · z 5 + 9 · z 4 + 5 · z 3 + 2 · z 2 + 12 · z + 7)

has order 192 = 361.

Let’s pause and ask sagemath to compute the non-squares in F19 :

F.<a>=FiniteField(19)
squares = [ x^2 for x in F]
nonSquares = [x for x in F if not(x in squares)]
len(nonSquares)

This output tells us that there are 9 elements a ∈ F19 for which T 2 − a is irreducible.
Those elements are:

nonSquares

[2, 3, 8, 10, 12, 13, 14, 15, 18]

According to Corollary 12.3.3, up to isomorphism there is a unique field of order 192 . It

follows that √
F19 ( 2)
must contain a square√root of each of these nonSquares. We can ask sagemath to describe these
roots in terms of a = 2 as follows:
We first describe solutions to T 2 − 2:

F= FiniteField(19)
R.<T>=PolynomialRing(F)
E.<a> = F.extension(T^2 - 2)
[x for x in E if x^2==2]

[a, 18*a]

And here are solutions to T 2 − 13:

[x for x in E if x^2==13]

[4*a, 15*a]

Similarly we can find solutions to T 2 − 8:

[x for x in E if x^2==8]

[2*a, 17*a]

60
 This makes clear for example that
√ √ √
F19 ( 13) = F19 (4 2) = F19 ( 2).

In fact, we can get a full list of irreducible polynomials:

irred = [T^2 + a*T + b for a in F for b in F if (T^2+a*T+b).is_irreducible()]

len(irred)

171

The output tells us that there are 171 monic irreducible quadratic polynomials in F19 [T ].
Let’s look at a few:

irred[0:11]

[T^2 + 1,
T^2 + 4,
T^2 + 5,
T^2 + 6,
T^2 + 7,
T^2 + 9,
T^2 + 11,
T^2 + 16,
T^2 + 17,
T^2 + T + 2,
T^2 + T + 3]

We can use the sage command polroots to find roots of a polynomial:

def polroots(p):
return [x for x in E if p(x)==0]
[irred[10],
polroots(irred[10])]

[T^2 + T + 3, [a + 9, 18*a + 9]]

√
The output shows that the two roots of T 2 + T + 3 in F19 ( 2) are
√ √ √
9 + 2 and 9 + 18 2 = 9 − 2.

(Of course, we have obtained those

√ roots using the quadratic formula!)
2
This makes clear that F19 (√ 2) is a splitting field for T + T + 3.
In fact, we know that F19 ( 2) is a splitting field for all 171 polynomials p in the list irred.

61
12.5.2 Fields of order 4 and 8
There are 4 monic polynomials of degree 2 over the field F2 of two elements. Of these, only one
is irreducible, namely
T 2 + T + 1.
Thus
F4 ' F2 (α)
where deg α = 2 and α2 = α + 1. Notice that

T 2 + T + 1 = (T + α)(T + α + 1).

There are 8 monic polynomials of degree 3 over F2 . Of these, only two are irreducible:

H = FiniteField(2)
R.<T>=PolynomialRing(H)
[T^3 + a*T^2 + b*T + c
for a in H
for b in H
for c in H
if (T^3+a*T^2+b*T + c).is_irreducible()]

[T^3 + T + 1, T^3 + T^2 + 1]

Thus F8 = F2 (β) where deg β = 3 and β 3 = β + 1. And indeed we may confirm that F2 (β)
is a splitting field for both the irreducible polynomials of degree 3:

HH.<b>=FiniteField(8)
RR.<T>=PolynomialRing(HH)
[RR(T^3+T+1).factor(),
RR(T^3+T^2+1).factor()]

[(T + b) * (T + b^2) * (T + b^2 + b),

(T + b + 1) * (T + b^2 + 1) * (T + b^2 + b + 1)]

12.6 The multiplicative group of a finite field

Let F = Fq be a finite field, where q = pn . Then of course the multiplicative group F × = F \ {0}
is a finite abelian group having q − 1 elements.
In this section we are going to argue that the group F × is cyclic, so that

F × ' Z/(q − 1)Z.

We begin with a Lemma from group theory:

Lemma 12.6.1. Let G be a finite abelian group (written multiplicatively). If a ∈ G is an element

of maximal order in G, then the order of every element of G is a divisor of the order o(a) of a.

62
Proof. Let x ∈ G be any element different from 1. If o(x) - o(a) then in the prime factorizations
of o(x) and o(a) we can find a prime p that occurs to a higher power in o(x) than in o(a).
Write o(a) = pα n and o(x) = pβ m where α < β and p - n, p - m.
α α
Now o(ap ) = n and o(xm ) = pβ , so the orders of ap and xm are relatively prime. It follows
α
that the order of the product ap · xm is equal to the product of the orders of the elements, i.e.
to npβ . But this exceeds o(a) contrary to the hypothesis.

Theorem 12.6.2. Let F be any field. Any finite subgroup of the multiplicative group F × is
cyclic.

Proof. Let H be a finite subgroup of F × and let a ∈ H be an element with maximal order.
Write N = o(a). Now Lemma 12.6.1 shows that o(x) | N for all x ∈ H. Thus, every element of
H is a root of the polynomial T N − 1. Now, this polynomial has no more than N roots – see
Corollary 3.4.3. It follows that |H| ≤ N . Since the cyclic group hai has order N , conclude that
H = hai.

Corollary 12.6.3. Fq × is a cyclic group of order q − 1 for any prime power q = pn .

Corollary 12.6.4. For any prime power q = pn , there is α ∈ Fq for which Fq = Fp (α). In
words: each finite field is a primitive extension of its prime subfield.

Proof. Let β be a generator for the cyclic group Fq × . Then

hβi ⊆ Fp (β) ⊆ Fq =⇒ q − 1 ≤ |Fp (β)| ≤ q.

Since |Fp (β)| must be a power of p – see Proposition 12.2.1 – it follows that Fp (β) = Fq .

63
13 Perfect fields and separable polynomials
Let F be a field.

13.1 Common roots and root multiplicity

If f ∈ F [T ] is a non-zero polynomials, recall that according to Theorem 5.2.1 we may write

Y
r
f =u pei i
i=1

where u ∈ F × , where the pi ∈ F [T ] are pairwise non-associate irreducible polynomials, and

where ei ≥ 0. observe that a splitting field for f over F is the same as a splitting field for

Y
r
g= pi .
i=1

Lemma 13.1.1. Suppose that f, g ∈ F [T ].

a. If gcd(f, g) = 1 then f and g have no common root in any extension of F .

b. If f, g are irreducible and not associate, they have no common root in any extension of F .

Proof. Assertion b. is of course an immediate consequence of assertion a.

As to a., note that gcd(f, g) = 1 =⇒ that 1 = uf + vg for polynomials u, v ∈ F [T ]
Proposition 4.3.4.
Let E be an extension field of F and suppose that α ∈ E is a root of both f and g. Then
0 = u(α)f (α) + v(α)g(α) = 1 which is impossible. Thus there can be no such common root
α.

Let f ∈ F [T ] be monic and let E be a splitting field for f over F . Write

f = (T − α1 )e1 · · · (T − αr )er .

for distinct elements αi ∈ E and exponents ei ∈ Z≥1 . Since the linear polynomials T − αi
are irreducible and pairwise relatively prime in E[T ], it follows from Theorem 5.2.1 that this
representation is unique (up to re-ordering, of course).
Definition 13.1.2. We say that the root αi of f has multiplicity ei . If ei = 1, we say that αi is a
simple root of f . If ei > 1, we say that αi is a repeated root of f .

Proposition 13.1.3. The polynomial f ∈ F [T ] has no repeated roots if and only if gcd(f, f ′ ) = 1
where f ′ is the formal derivative of f .

Proof. We are actually going to prove the (equivalent) assertion: f has a repeated root if and
only if gcd(f, f ′ ) 6= 1.
⇒: We show that if f has a repeated root, then gcd(f, f ′ ) 6= 1. Suppose that f has a repeated
root α in some extension field E.
In E[T ] we may write

f = (T − α)2 · g for some g ∈ E[T ].

64
One must check that the product rule holds for formal differentiation; using that rule, one then
notes that
f ′ = (T − α)2 g ′ + 2(T − α)g.
It is evident that α is a root of both f and f ′ and thus Lemma 13.1.1 implies that gcd(f, f ′ ) 6= 1.
⇐: We suppose that gcd(f, f ′ ) 6= 1 and we must prove that f has a repeated root.
Our assumption implies that there is a polynomial g ∈ F [T ] of positive degree which divides
both f and f ′ . Let α be a root of g in some extension field of F . Thus α is a root of both f and
f ′ . We now claim that α is a repeated root of f .
Since α is a root of f , we may write

f = (T − α) · h for some h ∈ F [T ].

In order to show that α is a repeated root of f , we must argue that α is a root of h.

Well, we find using the product rule that

f ′ = h + ·(T − α) · h′ .

Since α is a root of f ′ we find that

0 = f ′ (α) = h(α) + (α − α)h′ (α) = h(α).

We have now argued that h(α) = 0; as already observed, this proves that α is a repeated root of
f.

13.2 Repeated roots and the characteristic

Lemma 13.2.1. Suppose that the field F has characteristic 0, and let g ∈ F [T ] be a polynomial
with deg g ≥ 1. Then the formal derivative g ′ ∈ F [T ] is non-zero.

Proof. Let d = deg g ≥ 1 and write

X
d
g= ai T i ∈ F [T ]
i=0

with ad 6= 0. Then
X
d
′
g = i · ai T i−1
i=0

so that the coefficient of T d−1 g′

in is equal to d · ad . Since F has characteristic 0, d1F 6= 0. Since
ad 6= 0 by assumption, we conclude that the coefficient of T d−1 in g ′ is non-zero, hence g ′ itself
is indeed non-zero.

Proposition 13.2.2. Let f ∈ F [T ] be an irreducible polynomial.

a. If F has characteristic 0, then f has no repeated roots.

b. If F has characteristic p > 0 then f has no repeated roots unless f has the form

f (T ) = g(T p )

for some polynomial g ∈ F [T ].

65
Proof. Suppose that f has a repeated root. It follows from Proposition 13.1.3 that gcd(f, f ′ ) 6= 1.
But deg(f ′ ) < deg(f ). Thus if f ′ 6= 0, the irreducibility of f guarantees that f and f ′ have no
common factor. Hence, the assumption that f has a repeated root implies that (♣) f ′ = 0.
Now a. follows since if F has characteristic 0, Lemma 13.2.1 shows that the polynomial f ′ is
non-zero, contradicting (♣).
Now suppose that the characteristic of F is p > 0 and write

X
N
f= ai T i for ai ∈ F .
i=0

Suppose that f ′ = 0. Then

X
n
f′ = ai · i · T i−1 .
i=1

So f′
= 0 =⇒ ai · i for all i. This equation show that ai = 0 whenever i 6≡ 0 (mod p).
Thus the polynomial f has the form

X
M
f= ajp T jp = g(T p )
j=0

where
X
M
g= ajp T j .
j=0

13.3 Perfect fields

Definition 13.3.1. A polynomial f ∈ F [T ] is said to be separable if each irreducible factor of f
has no repeated roots in a splitting field.
Of course, since two splitting fields of f are isomorphic Theorem 11.3.5, the condition that
an irreducible factor of f has no repeated roots in a splitting field is independent of the choice
of a splitting field.
Definition 13.3.2. A field F is said to be perfect if each irreducible polynomial is separable.
Remark 13.3.3. a. Proposition 13.2.2 implies that any field of characteristic 0 is perfect.

b. Let F = Fp (X) be the field of rational functions over Fp in the variable X. Then F is not
perfect.
Indeed, the polynomial T p −X ∈ F [T ] is irreducible by Eisenstein’s criterion Theorem 7.4.1.
But this polynomial has only one root α (with multiplicity p) in a splitting field since
T p − X = (T − α)p by (12.1).
On the other hand, some fields of characteristic p are perfect. Here is a useful characterization:

Proposition 13.3.4. Let F be a field of characteristic p > 0. Then F is perfect if and only if

F = F p = {xp | x ∈ F }.

66
Proof. ⇐: Suppose that F = F p and let f ∈ F [T ] be an irreducible polynomial. We must argue
that f is separable.
If f has a repeated root, we argued above that f = g(T p ) for some polynomial

X
r
g= ai T i .
i=0

For each i, choose bi ∈ F with bpi = ai . Then

!p
X
r X
r X
r
p
f = g(T ) = ai T pi
= bpi T pi = bi T i
.
i=0 i=0 i=0

But this equation contradicts the assumption that f is irreducible in F [T ].

⇒: Suppose that F is perfect and let x ∈ F . Consider the polynomial

f = Tp − x

and let g denote a monic irreducible factor of f in F [T ]. Find a root α of g in some extension
field of F .
Then α is also a root of f , so that αp = x. In F (α)[T ] we have the identity

f = T p − x = T p − αp = (T − α)p .

By unique factorization in E[T ] – see Theorem 5.2.1 –, we find that g = (T − α)m for some
1 ≤ m ≤ p. But g is irreducible, so the assumption that F is perfect means g has no repeated
roots in the extension field E. Thus m = 1 so that g = (T − α). This implies that α ∈ F so
indeed x has a p-th root in F .

We can now prove the following important fact:

Proposition 13.3.5. A finite field is perfect.

Proof. Let F be a finite field, and recall that the Frobenius mapping F(x) = xp is a ring
homomorphism F → F – see Lemma 12.4.3. Moreover, ker F = {0} since xp = 0 =⇒ x = 0;
this shows that F is injective.
Since F is finite and F is injective, one knows that F is also surjective. This proves that
F = F p ; thus the field F is perfect by Proposition 13.3.4.

Remark 13.3.6. Observe that the proof shows that F is always injective for a field of characteristic
p. Moreover, the image F(F ) coincides with F p , which is therefore a subfield of F .
We see that the following are equivalent:

i) F is perfect,

ii) the Frobenius mapping F is onto,

iii) the Frobenius mapping F is bijective, i.e. an automorphism of F .

67
14 Automorphisms of algebraic objects
Consider an algebraic object X – e.g. a group, or a ring, or a field, or a field extension, or a
vector space over a field.
Within the family of algebraic objects of the same type, there is a notion if isomorphism.
For the above list, probably the only case that raises eyebrows is the question: “what is an
isomorphism of a field extension?”
Though a related question is: what is the right notion for isomorphism of “vector spaces over
fields”? We’ll have more to say on this in the examples, below.
Once one has agreed on a notion of isomorphism, then for a fixed object X one can consider
the collection of all isomorphisms
X→X
This collection is a group
Aut(X),
the group of automorphisms of X.

14.1 Automorphism examples

• Vector spaces
For a field F and an n-dimensional vector space V over F , the automorphism group

Aut(V ) = GL(V ) ' GLn (F )

identifies with the group of invertible n × n matrices with coefficients in F .

• Automorphisms of some finite abelian groups
Let m ≥ 1 and consider the group

A = Zm × Zm ,

a group with |A| = m2 .

Let’s represent elements x of A as column vectors:
 
a
x= for a, b ∈ Zm .
b

Any matrix  
α β
M= for α, β, δ, γ ∈ Zm
γ δ

determines a group homomorphism

ϕM : A → A given by the rule
      
α β a α β
ϕM (x) = =a +b
γ δ b γ δ
and ϕM is an automorphism if and only if the determinant of M is a unit in Zm – i.e.
det M ∈ (Zm )× .
Thus
Aut(A) ' GL2 (Zm ).

68
 So, for example the matrix  
1 2
M=
3 4
has determinant −2 ≡ m − 2 (mod m), and so it defines an automorphism of A whenever

gcd(m, m − 2) = 1

i.e. whenever m is odd.

14.2 Automorphisms of field extensions

Our real interest in this course is in automorphisms of a field extension F ⊆ E. Here, an
automorphism of the field extension is an automorphism ϕ : E → E such that ϕ(a) = a for all
a ∈ F.
In this setting, F is sometimes called the base field or ground field. We write

AutF (E) or Aut(E/F )

for the automorphism group of this field extension, and we also write Gal(E/F ) for this group
and call it the Galois group of the extension.

Proposition 14.2.1. Let f ∈ F [T ] Q be a monic polynomial and let E be field extension of F

such that f splits over E. Write f = di=1 (T − αi ) with αi ∈ E. The action of the Galois group
Gal(E/F ) on E determines an action of Gal(E/F ) on the set S = {α1 , · · · , αd } ⊂ E.
P
Proof. Write f = di=0 ai T i for ai ∈ F . Note that σ(ai ) = ai for each i, since ai ∈ F . Now if
α ∈ S we must argue that σ(α) ∈ S. For this, we must argue that f (σ(α)) = 0.
We know that f (α) = 0 since α ∈ S. Since σ is a ring homomorphism and σ(ai ) = ai for
each i, we find that
!
Xd Xd Xd
i
0 = σ(0) = σ(f (0)) = σ ai α = σ(ai )σ(α)i = ai σ(α)i = f (σ(α)).
i=0 i=0 i=0

This shows that f (σ(α)) = 0 so indeed σ(α) ∈ S as required.

• Example: quadratic extensions when the characteristic is not 2

Suppose that [E : F ] = 2 and that the charateristic of F is not 2.
Then E = F (β) for some element β ∈ E, β 6∈ F , β 2 ∈ F .
Indeed, we may choose a basis of E as an F vector space of the form 1, γ. Then linear
independence implies that γ 6∈ F . Let

f (T ) = T 2 + aT + b ∈ F [T ]

be the monic minimal polynomial of γ over F .

For any s ∈ F , we claim that the minimal polynomial of the element γ − s ∈ E has the
form

f (T + s) = (T + s)2 + a(T + s) + b
= T 2 + (a + 2s)T + s2 + as + b

69
 −a
Taking s = , we find that g(T ) = f (T + s) has the form
2
g(T ) = T 2 − c

for some c ∈ F , so that β = γ − s satisfies β 2 = c. Now it just remains to observe that

F (γ) = F (γ + s) = F (β).

Now, notice that every element of E has the form

a + bβ for a, b ∈ F.

Now, the roots of T 2 − c in E are ±β. Since T 2 − c is irreducible over F , it follows that
there is an isomorphism
ϕ : E = F (β) → E = F (β)
for which ϕ(β) = −β and ϕ(s) = s for all s ∈ F .
Thus
ϕ(a + bβ) = a − bβ for a, b ∈ F .

Proposition 14.2.2. Suppose that the characteristic of F not equal 2. For E = F (γ) =
F (β) a quadratic extension as above, AutF (E) = hϕi and in particular | AutF (E)| = 2.

• Example: quadratic extensions in characteristic 2.

Suppose that the characteristic of F is 2, and consider a polynomial of the form T 2 − c ∈
F [T ]. If β is a root of this polynomial then

T 2 − c = T 2 − β 2 = (T − β)2

since the characteristic is 2.

Just for emphasis, let’s double check this:

(T − β)2 = T 2 − 2βT + (−β)2 = T 2 + c = T 2 − c.

Thus the polynomial T 2 − c has a single root β which is repeated twice. It is irreducible
over F if and only if β 6∈ F .
However, in general at least, there are irreducible quadratic polynomials with distinct roots
in characteristic 2.
Consider a polynomial of the form

f = T2 + T + a for a ∈ F

and suppose that β is a root of f ; thus

β 2 + β + a = 0.

70
 We claim that also β + 1 is a root of f . Indeed,

f (β + 1) = (β + 1)2 + (β + 1) + a
= β2 + 1 + β + 1 + a
= β2 + β + a + 2
= β2 + β + a
= f (β) = 0.

It follows that
f = T 2 + T + a = (T + β)(T + β + 1)
i.e. β and β + 1 are the distinct roots of f . Recall that F4 = F2 (β) where β 2 + β = 1.
Note that the for any F of char. 2, the polynomial f = T 2 + T + a is irreducible if and
only if β 6∈ F – this follows from Proposition 7.1.4.
Suppose f is irreducible and let E = F (β). Recall that an element of E has the form

a + bβ for a, b ∈ F .

Since β and β + 1 are the roots of f , there is a automorphism

ϕ : E = F (β) → E = F (β + 1) = F (β)

for which ϕ(β) = β + 1 and ϕ(s) = s for s ∈ F .

Thus
ϕ(a + bβ) = a + b + bβ.

Remark 14.2.3. When F = F2 and β 2 + β = 1, notice that

(a + bβ)2 = ϕ(a + bβ) = a + b + bβ.

71
15 The Fundamental Theorem of Galois Theory
Let F be a field and let E be the splitting field over F of some separable polynomial g ∈ F [T ].
Loosely speaking, the fundamental theorem of Galois Theory relates two things:

• intermediate fields L, where F ⊆ L ⊆ E, and

• subgroups H, where H ⊆ Gal(E/F ).

15.1 Subfields from subgroups

Proposition 15.1.1. Let K be any field and let H be any subgroup of the group Aut(K) of
automorphisms of K. Then

K H = {x ∈ K | h · x = x ∀h ∈ H}

is a subfield of K.
Proof. If x, y ∈ K H with x 6= 0, we must argue that x − y ∈ K H , that x · y ∈ K H and that
1
∈ K H . But for each h ∈ H we have:
x
h(x − y) = h(x) − h(y) = x − y =⇒ x − y ∈ K H

h(x · y) = h(x) · h(y) = x · y =⇒ x · y ∈ K H

and  
1 1 1 1
h = = =⇒ ∈ KH .
x h(x) x x

15.2 Splitting fields and Galois groups

The following result follows the proof of Lemma 11.3.1
Proposition 15.2.1. Let g ∈ F [T ] be a separable polynomial and let E be a splitting for g over
F . Suppose that ϕ : F → F1 is a field isomorphism and write g1 = ϕ(g) ∈ F1 [T ] and write E1
for a splitting field for g1 over F1 . Then there are exactly [E : F ] isomorphisms θ : E → E1 such
that θF = ϕ.
Proof. We are going to essentially repeat the proof of Lemma 11.3.1 with a little more book-
keeping.
Proceed by induction on deg g. If g has degree 0 or 1 then F = E and F1 = E1 and there is
nothing to prove.
So suppose that d = deg g > 1 and that the result is known for all fields F and all polynomials
of degree less than d. Let p be an irreducible factor of g of degree e ≤ d and write p1 = ϕ(p)
which is thus an irreducible factor of g1 . Of course, p splits over E and we choose a root α ∈ E
of p.
Since g has no repeated roots, the same is true for g1 and p1 . Thus there are e roots of p1 in
E1 , and for any root β ∈ E1 of p1 Lemma 11.3.1 gives an isomorphism ϕ′ : F (α) → F1 (β) such
that ϕ′F = ϕ and such that ϕ′ (α) = β. Thus, there are exactly d = [F (α) : F ] isomorphisms
F (α) → F1 (β) whose restriction to F is ϕ.

72
 Now, we may write g = (T − α)s for s ∈ F (α)[T ], and g1 = (T − β)s1 for s1 ∈ F1 (β)[T ].
Since g1 = ϕ(g) we have s1 = ϕ′ (s). It is clear that E is a splitting field for s over F and that
E1 is a splitting field for s1 over F1 .
Since deg s = d − 1, for any isomorphism θ′ as in the preceding paragraph, the induction
hypothesis guarantees that there are precisely [E : F (α)] isomorphisms θ : E → E ′ for which
θF (α) = ϕ′ .
It therefore follows that there are [E : F (α)] · [F (α) : F ] = [E : F ] isomorphisms θ : E → E1
with θF = ϕ, as required.

As an immediate consequence of Proposition 15.2.1 we obtain the following:

Corollary 15.2.2. Let g ∈ F [T ] be a separable polynomial, and let E denote a splitting field of
g over F . Then | Gal(E/F )| = [E : F ].

Proposition 15.2.3. Suppose that E is the splitting field over F of a separable polynomial
g ∈ F [T ]. Let Γ = Gal(E/F ). Then F = E Γ .

Proof. Let L = E Γ , so that L is an intermediate field:

F ⊆ L = E Γ ⊆ E.

Viewing g as a polynomial in L[T ], it is clear that E is a splitting field of g over L.

Now Corollary 15.2.2 guarantees that

[E : L] = | Gal(E/L)| and [E : F ] = | Gal(E/F )|.

Since F ⊆ L, we have Gal(E/L) ⊆ Γ = Gal(E/F ). The assumption L = E Γ shows that any

automorphism of E which is the identity on F is the identity on L; this shows that

Γ = Gal(E/F ) = Gal(E/L).

It now follows that [E : L] = [E : F ] and hence that L = F .

15.3 Fixed fields and some linear algebra

The correspondence between subgroups H ⊂ Gal(E/F ) and intermediate fields F ⊆ L ⊂ E will
be given by the assignment
H 7→ E H
(we’ll formulate the statement more precisely later on).
We are ultimately going to argue that this assignment determines a one-to-one correspondence
between the subgroups and the intermediate fields. For this, we require some numerical estimates
relating the degrees [E : E H ] and the orders |H|. These estimates are obtained using a result of
E. Artin:

Proposition 15.3.1. Let G be a finite group of automorphisms of a field K and let L = K G .

Then [K : L] ≤ |G|.

Proof. If |G| = n, let us write

G = {θ1 , θ2 , . . . , θn }
where θ1 = 1G .

73
 We must argue that [K : L] ≤ n. Suppose the contrary, and choose n + 1 elements
u1 , u2 , . . . , un+1 ∈ K which are linearly independent over L.
Now form the following n × (n + 1) matrix with entries in K:
 
θ1 (u1 ) θ1 (u2 ) · · · θ1 (un+1 )
 θ2 (u1 ) θ2 (u2 ) · · · θ2 (un+1 ) 
 
M = . .. .. ..  ∈ Matn×(n+1) (K).
 .. . . . 
θn (u1 ) θn (u2 ) · · · θn (un+1 )

Since M has n rows, we know that the rank of M satifies

rk(M ) ≤ n.

On the other hand, linear algebra tells us that

dimK Null(M ) + rk(M ) = n + 1 = # of columns of M .

Thus
dimK Null(M ) = n + 1 − rk(M ) ≥ n + 1 − n = 1
and we conclude that there is a non-zero solution x = a ∈ K n+1 to the matrix equation

(♣) M · x = 0.

Among all possible non-zero solutions

T
0 6= a = a1 a2 · · · an+1

to (♣), choose one with the smallest number of non-zero coefficients ai ∈ K.

After
 renumbering
 the indices on the ui and the xj , we may suppose that a1 6= 0. Since the
1
vector · a, remains a solution to (♣), we may and will suppose that a1 = 1.
a1
Recall that θ1 = 1G = idK . The first coefficient in the vector equation

0=M ·a

gives
X
n+1 X
n+1
0= ai θ1 (ui ) = a i ui .
i=1 i=1
Since the ui are linearly independent over L by assumption, some aj must be in K and not in
L = K G.
Renumbering again, we may and will suppose that a2 ∈ K, a2 6∈ L = K G .
Of course, a2 6∈ K G =⇒ ga2 6= a2 for some g ∈ G, and in turn we recall that g = θi for
some i > 1 hence we have
θi (a2 ) 6= a2 .
Consider the matrix θi (M ) ∈ Matn×(n+1) (K) given by
 
θi · θ1 (u1 ) θi · θ1 (u2 ) ··· θi · θ1 (un+1 )
 θi · θ2 (u1 ) θi · θ2 (u2 ) ··· θi · θ2 (un+1 ) 
 
θi (M ) =  .. .. .. .. .
 . . . . 
θi · θn (u1 ) θi · θn (u2 ) · · · θi · θn (un+1 )

74
Since G is group, the rows of θi (M ) are the same as those of M , but in a different order. In
particular,
Null(M ) = Null(θi (M )).
On the other hand, it is clear that

0 = θi (0) = θi (M · a) = θi (M ) · θi (a).

Thus, both

T
a = 1 a2 · · · an+1
and
T
θi (a) = 1 θi (a2 ) · · · θi (an+1 ) .
are solutions to (♣). Since a2 6= θi (a2 ), v = a − θi (a) is a non-zero solution to (♣), as well.
Now notice for any j that vj = θi (aj ) − aj 6= 0 =⇒ aj 6= 0. Since the first coefficient of
v is 0 and the the first coefficient of a is non-zero, it is clear that v has strictly fewer non-zero
entries than does a. This contradicts the choice of a, and completes the proof.

15.4 Normal and separable extensions

Let E be an algebraic extension of the field F .
Definition 15.4.1. E is a normal extension of F if every irreducible polynomial in F [T ] that
contains a root in E actually splits over E.
Recall Definition 13.3.1 that a polynomial is separable if it has no repeated roots in a splitting
field.
Definition 15.4.2. E is a separable extension of F if the minimal polynomial mα ∈ F [T ] over F
of each element α of E is a separable polynomial – i.e. mα has no repeated roots in a splitting
field.
Of course, E is a separable extension of F just in case each irreducible polynomial in F [T ]
with a root in E is separable.
Proposition 15.4.3. Let E be an extension field of F , and let Γ = Gal(E/F ).
a. If F = E Γ , then E is a normal, separable extension of F .

b. Suppose that E is the splitting field over F of some separable polynomial g ∈ F [T ]. Then E
is a normal and separable extension of F .

Proof. According to Proposition 15.2.3, if E is the splitting field over F of a separable polynomial,
then F = E Γ . Thus assertion b. is an immediate consequence of assertion a.
To prove a., let h ∈ F [T ] be an irreducible polynomial, and suppose that α ∈ E is a root of
h. We must argue that h is separable and actually splits over E
Consider the orbit O of the root α under the action of Γ:

O = {gα | g ∈ G/H}
where H = StabΓ (α).
If g1 , . . . , gm is a system of coset representatives for H in Γ, there are m = [Γ : H] distinct
elements of O:
O = {g1 α, g2 α, · · · , gm α}.

75
 Form the polynomial
Y Y
h1 = (T − β) = (T − gα) ∈ E[T ].
β∈O g∈Γ/H

Note that by construction h1 has m distinct roots in E. We first claim that in fact h1 ∈ F [T ].
Of course, for any polynomial ℓ ∈ E[T ], we know that

ℓ ∈ F [T ] = E Γ [T ] ⇐⇒ xℓ = ℓ for all x ∈ Γ.

Thus, we must argue for each x ∈ Γ that xh1 = h1 .

Well, for x ∈ Γ, we have
 
Y Y
xh1 = x.  (T − gα) = (T − xgα) = (♦).
g∈Γ/H g∈Γ/H

Now using the substitution h = xg, note that

Y
(♦) = (T − hα) = h1 .
h∈Γ/H

This proves that h1 ∈ F [T ].

Since h is the minimal polynomial of α over F , since h1 ∈ F [T ], and since h1 has α as a root
by construction, we conclude that h | h1 . Since h1 splits over E, unique factorization in E[T ]
shows that h splits over E. Since h1 is separable by construction (it has no repeated roots), also
h is separable. This completes the proof that E is a normal, separable extension of F .

Proposition 15.4.4. Let E be a finite, normal, separable extension of F . Then E is the splitting
field over F of a separable polynomial g ∈ F [T ].

Proof. Let α1 , . . . , αn ∈ E be elements such that E = F (α1 , . . . , αn ). For 1 ≤ i ≤ n, write

fi ∈ F [T ] for the minimal polynomial over F of the element αi .
Since fi has the root αi in E and since E is normal over F , the polynomial fi splits over E.
Since E is generated over F by the roots of the fi , it follows that E is a splitting field of the
separable polynomial
Yn
f= fi ∈ F [T ].
i=1

Remark 15.4.5. It is actually true that any finite separable extension F ⊂ E is primitive; namely,
there is an element α ∈ E such that E = F (α) – this result is known as the Primitive Element
Theorem. We don’t require this fact, and so I haven’t given a proof. The proof of the previous
Proposition would be slightly more streamlined using the Primitive Element Theorem.

15.5 The Fundamental Theorem

Before stating the main theorem of Galois theory, observe that results so far enable us to recognize
Galois groups in some useful situations:

76
Proposition 15.5.1. Suppose that F ⊆ E is an extension field, that G ⊂ Aut(E) is a finite
group of automorphisms, and that F = E G . Then

G = Gal(E/F ).

Proof. According to Proposition 15.4.3, E is a separable and normal extension of F , and

[E : F ] = | Gal(E/F )|.

Since F = E G , note that G ⊆ Gal(E/F ). Artin’s result – Proposition 15.3.1 – implies that
[E : F ] ≤ |G|, and we see that

[E : F ] ≤ |G| ≤ | Gal(E/F ) = [E : F ].

Thus equality holds everywhere, and we conclude that G = Gal(E/F ) as required.

Theorem 15.5.2. Let E be a splitting field over F of a separable polynomial g ∈ F [T ], and let
Γ = Gal(E/F ).

a. There is a one-to-one correspondence between subgroups of Γ and intermediate fields of the

extension F ⊆ E given by H 7→ E H .

i. If H is a subgroup of Γ, then
H = Gal(E/E H ).
ii. If F ⊆ K ⊆ E is an intermediate field, the corresponding subgroup is Gal(E/K) ⊆ Γ,
and
K = E Gal(E/K) .

b. For any subgroup H ⊆ Γ,

[E : E H ] = |H| and [E H : F ] = [Γ : H].

c. Under the correspondence of a., the subgroup H is normal in Γ if and only if the subfield
K = E H is a normal extension of F . If this is the case, then

Gal(E H /F ) = Γ/H ' Gal(E/F )/ Gal(E/K).

Proof. For (a), write G for the set of subgroups of Γ and write I for the set of intermediate
fields K (so F ⊆ K ⊆ E).
We consider the mapping
G → I given by H → 7 EH
and the mapping
I →G given by K 7→ Gal(E/K).
Let us pause to observe that if H1 , H2 ⊆ G are subgroups with H1 ⊆ H2 , then E H2 ⊆ E H1 –
so the assignment H 7→ E H is inclusion reversing.
Similarly, if K1 ⊆ K2 are intermediate fields, then Gal(E/K2 ) ⊆ Gal(E/K1 ), so the assign-
ment K 7→ Gal(E/K) is inclusion reversing.
We observe that the statements of i. and ii. precisely confirm that these mappings are inverse
to one another. So to prove a., we need to confirm that

77
i. Gal(E/E H ) = H, and

that

ii. K = E Gal(E/K) .

Now, i. is an immediate consequence of Proposition 15.5.1.

On the other hand, suppose that K is an intermediate field: F ⊆ K ⊆ E. Since E is the
splitting field of a separable polynomial over F , then E is the splitting field over K of this same
polynomial. Thus Proposition 15.2.3 the implies that E Gal(E/K) = K as required.
This completes the proof of a. As to b., let H be a subgroup of Γ. Since E is a splitting
field over E H of a separable polynomial, and since we’ve already seen that H = Gal(E/E H ), we
know by Proposition 15.3.1 that
[E : E H ] = |H|.
Now, the same reasoning shows that F = E Γ and

[E : F ] = [E : E Γ ] = |Γ|.

The remaining statement of b. now follows from a calculation:

[E : F ] |Γ|
[E H : F ] = = = [Γ : H].
H
[E : E ] |H|
This completes the proof b.
Finally, consider c. Let F ⊆ K ⊆ E be an intermediate extension, and let H = Gal(E/K) ⊆
Γ. We must argue that K is a normal extension of F if and only if H is a normal subgroup of
Γ, and in case H is normal, we will argue that Γ/H is isomorphic to Gal(K/F ).
⇒: Suppose that K is a normal extension of F . To show that H is a normal subgroup of Γ,
let ϕ be an arbitrary element of Γ, and let θ ∈ H = Gal(E/K).
We must argue that ϕ−1 ◦ θ ◦ ϕ ∈ H. For this, we must argue that ϕ−1 ◦ θ ◦ ϕ is the identity
on K.
Let u ∈ K and let p ∈ F [T ] be the minimal polynomial of u over F . Since ϕ ∈ Γ = Gal(E/F ),
the element ϕ(u) is again a root of p. Since K is a normal extension, it follows that ϕ(u) ∈ K.
Now, θ|K is the identity on K, so that

θ(ϕ(u)) = ϕ(u) =⇒ ϕ−1 ◦ θ ◦ ϕ(u) = u.

This proves that indeed H is normal in K.

⇐: Suppose that H is a normal subgroup of Γ. We must argue that K is a normal extension
of F .
We are first going to argue that Γ/H ' Gal(K/F ). To carry out this argument, we first
contend that for any automorphism ϕ in Γ, the restriction of ϕ to K takes values in K. Let
u ∈ K.
To argue that ϕ(u) ∈ K = E H , let θ ∈ H. Since H is normal in Γ, θ1 = ϕ−1 ◦ θ ◦ ϕ ∈ H.
Thus
θ ◦ ϕ = ϕ ◦ θ1 .
Now notice that
θ(ϕ(u)) = ϕ(θ1 (u)) = ϕ(u)
since θ1 is the identity on K. This shows that indeed ϕ(u) ∈ E H = K.

78
 It now follows that the restriction of ϕ to K takes values in K. Since ker ϕ = {0}, ϕ is a
one-to-one mapping. Since ϕ is an F -linear mapping and K is a finite dimensional vector space
over F , conclude that ϕ|K is onto and thus determines an automorphism of K.
We have thus defined a group homomorphism

(♦) ϕ 7→ ϕ|K : Gal(E/F ) → Gal(K/F ).

The kernel of the group homomorphism (♦) consists in the automorphisms ϕ whose restriction
to K is the identity – i.e. the kernel is Gal(E/K) = H.
On the other hand, we claim that the homomorphism (♦) is onto. Indeed, since E is a
splitting field over K of a (separable) polynomial, Section 11.3 shows that for any automorphism
θ : K → K, we may find an automorphism θb : E → E with θb|K = θ.
It now follows that Γ/H ' Gal(K/F ).
To complete the proof that K is normal, note first that [Γ : H] = [K : F ] by b. This proves
that | Gal(K/F )| = [K : F ]. Since Gal(K/F ) is a finite group, the [Proposition on normal
extensions as fixed fields](#normal-as-fixed-field) implies that K is a normal separable extension
of K Gal(K/F ) .
But then
[K : K Gal(K/F ) ] = | Gal(K/F )| = [K : F ]
which implies that F = K Gal(K/F ) and we conclude that K is a normal separable extension of
F . This completes the proof of c, and of the Theorem.

79
16 Examples of Galois groups
16.1 Galois groups for finite fields
Let K = Fp be the field of p elements, let n ≥ 1 be an integer and let L = Fq be the finite field
having q = pn elements.
We have seen that L is a splitting field over K of the polynomial T q − T Proposition 12.3.1.
And we have seen that K is perfect. Thus, Corollary 15.2.2 implies that

| Gal(L/K)| = n.

Finally, we have seen that the mapping

x 7→ xp

is a ring homomorphism F : L → L; see Lemma 12.4.3.

Since xp = 0 =⇒ x = 0, we know that ker F = {0} so that F is a one-to-one mapping
L → L. Since L is finite, F is also onto. We call F the Frobenius automorphism of L.
Fermat’s Little Theorem tells us that mp ≡ m (mod p) for m ∈ Z; this immediately shows
that F(t) = t for t ∈ K and thus
F ∈ Gal(L/K).
Proposition 16.1.1.
Gal(L/K) = Gal(Fq /Fp ) = hFi;
i.e. the Galois group of Fpn over Fp is cyclic and is generated by the Frobenius
Proof. We have already seen that Fq is the splitting field over Fp of the polynomial T q − T ,
and we have seen that this polynomial has q distinct roots. Thus we may apply the previous
Theorem to conclude that the order of the Galois group Gal(L/K) is n. Thus, it suffices to argue
that the order o(F) of the Frobenius automorphism in the Galois group is equal to n.
Well, notice for x ∈ L and m ≥ 1 that
m−1
 m−1 p m
F m (x) = F(F m−1 (x)) = F(xp ) = xp = xp .

We have seen that each element of L is a root of T q − T , and it follows that F n (x) = xq = x
so indeed F n = id.
m
Now if F m = id for m ≤ n then every x ∈ L is a root of T p − T . Since |L| = q = pn it
follows that pn ≤ pm and hence n ≤ m. We conclude that n = m so that indeed the order of the
element F is n. This completes the proof.

Remark 16.1.2. In fact, for any p-power q = pr and any m ≥ 1

Gal(Fqm /Fq ) = hF r i

Example 16.1.3.
Fpp ' Fp (α)
where α is a root of the polynomial f = T p − 1 − 1 ∈ Fp [T ]. More precisely we saw that

Y
p−1
f= (T − α − i).
i=0

80
 In particular, a typical element x of Fpp may be written uniquely in the form

x = t0 + t1 α + t2 α2 + · · · + tp−1 αp−1

for scalars ti ∈ Fp = Zp .
Now, since α is a root of f , we see that αp = α + 1. Thus

F(α) = α + 1

and in particular,

F(x) = F(t0 + t1 α + t2 α2 + · · · + tp−1 αp−1 )

= F(t0 ) + F(t1 α) + F(t2 α2 ) + · · · + F(tp−1 αp−1 )
= t0 + t1 F(α) + t2 F(α)2 + · · · + tp−1 F(α)p−1
= t0 + t1 (α + 1) + t2 (α + 1)2 + · · · + tp−1 (α + 1)p−1

For example, when p = 3

F(x) = t0 + t1 (α + 1) + t2 (α + 1)2
= (t0 + t1 + t2 ) + (t1 + 2t2 )α + t2 α2

16.2 Cyclic extensions

16.2.1 Some generalities about cyclic extensions
Suppose that Γ = hσi is a cylic group of order n = |Γ|.
Recall that for each divisor d of n, there is a unique subgroup H of hσi of order d, namely
H = hσ n/d i, and that these account for all subgroups of Γ.
Theorem 15.5.2 then implies that for each divisor d of n, there is a unique intermediate field
K with [E : K] = d, and that these account for all intermediate fields of the extension. Moreover,
the extension K with [E : K] = d is given by

K = E ⟨σ
n/d ⟩

Since there are exactly ϕ(n) subgroups of Γ = hσi, there are exactly ϕ(n) intermediate fields
(where ϕ is Euler’s function).

E
d

K = E ⟨σ
n/d ⟩

n/d

Note that Gal(E/E ⟨σ

n/d ⟩
) = hσi and Gal(E ⟨σ
n/d ⟩
/F ) = hσi/hσ n/d i

81
16.2.2 Finite fields and cyclic extensions
Let p be a prime number and let F = Fp . If q = pn and E = Fq , we showed in Proposition 16.1.1
that
Gal(E/F ) = Gal(Fq /Fp ) = hFi
is cyclic of order n, where F is the Frobenius automorphism.
Thus the discussion in Section 16.2.1 shows that the intermediate extensions of Fp ⊂ Fq are
labelled by divisors d of n. Of course, we already knew this – we proved in Theorem 12.4.7 that
for each divisor e of n, there is a unique subfield of order Fpe .

16.2.3 Roots of unity of prime order

For a prime number p, the cyclotomic polynomial
Tp − 1
fp =
T −1
is irreducible over Q; see Section 7.5.
Let ζ = ζp be a root of fp in some extension of Q. For each integer i, notice that ζ i is a
root of T p − 1 since (ζ i )p = (ζ p )i = 1i = 1. It follows that E = Q(ζ) is a splitting field for fp .
Moreover, [E : Q] = p − 1.
You are going to show for homework that Gal(Q(ζ)/Q) is cyclic of order p − 1.
Let’s study the case when p = 5.
Since ζ and ζ 2 are roots of f5 , there is an automorphism σ : E → E for which σ(ζ) = ζ 2 .

Proposition 16.2.1. a. The Galois group of E over Q satisfies Gal(E/Q) = Gal(Q(ζ5 )/Q) =
hσi, a cyclic group of order 4.

b. If H = hσ 2 i ⊂ Gal(E/Q, then E H = E ⟨σ
2⟩
= Q(ζ 2 + ζ 3 )

Proof. Note that 1, ζ, ζ 2 , ζ 3 is a Q-basis for E. A typical element x ∈ E has the form

x = s0 + s1 ζ + s2 ζ 2 + s3 ζ 3

for si ∈ Q.
Note that

σ(x) = σ(s0 + s1 ζ + s2 ζ 2 + s3 ζ 3 )
= s0 + s1 σ(ζ) + s2 σ(ζ)2 + s3 σ(ζ)3
= s0 + s1 ζ 2 + s2 ζ 4 + s3 ζ 6

and using ζ 6 = ζ and ζ 4 = −1 − ζ − ζ 2 − ζ 3 we see that

σ(x) = (s0 − s2 ) + (s3 − s2 )ζ + (s1 − s2 )ζ 2 − s2 ζ 3 .

Note that σ ∈ Γ and |Γ| = 4. Clearly σ 6= 1. We claim that σ 2 6= 1; this will show that σ has
order 4.
Indeed, note that σ 2 (ζ) = σ(ζ 2 ) = ζ 4 = −1 − ζ − ζ 2 − ζ 3 6= ζ which shows that σ 2 6= 1.
We conclude that Γ = hσi is cyclic of order 4.

82
 The Fundamental Theorem of Galois Theory now implies that Q ⊂ E has a unique interme-
diate field K for which K 6= Q and K 6= E. Moreover, [K : Q] = 2 and

K = E ⟨σ ⟩ .
2

Remark 16.2.2. In fact, we can identify the intermediate field Q(ζ 2 + ζ 3 ) more precisely, as
follows.
Using sage, we construct the field extension E = Q(ζ) and we find the minimal polynomial
over Q of ζ 2 + ζ 3 :

R.<T>=PolynomialRing(QQ);
f = T^4 + T^3 + T^2 + T+ 1

E.<z>=QQ.extension(f)
g=(z^2 + z^3).minpoly()
g

x^2 + x - 1
√
−1 ± 5
Now, using the quadratic formula, the roots of + T − 1 are
T2 . Since we know
√ 2
[Q(ζ 2 + ζ 3 ) : Q] = 2 it follows that Q(ζ 2 + ζ 3 ) = Q( 5).
T 13 − 1
Now let’s study the case p = 13. Thus E = Q(ζ) where ζ is a root of g = ∈ Q[T ].
T −1
Recall that we know g to be irreducible (since 13 is prime) and hence [E : Q] = 12.
Now, the roots of g are precisely the elements ζ i for 1 ≤ i ≤ 12, which are all contained
in E. Thus E is a splitting field for the separable polynomial g. Let Γ = Gal(E/Q); then
|Γ| = [E : Q] = 12.
Since E = Q(ζ) = Q(ζ i ) for 1 ≤ i ≤ 12 and since the roots of g are precisely the ζ i , there is
an automorphism
σ:E→E
with the property that
σ(ζ) = ζ 2 .
Let us note that

σ(ζ) = ζ 2
σ 2 (ζ) = σ(ζ 2 ) = σ(ζ)2 = (ζ 2 )2 = ζ 4
σ 3 (ζ) = σ(ζ 4 ) = σ(ζ)4 = (ζ 2 )4 = ζ 8
..
.
i−1 i
σ i (ζ) = σ(ζ)i = (ζ 2 )i = ζ 2 (♣)

Now, you can check that the element 2 is an element of order 12 in the multiplicative group
Z×
13

83
[ (i,2^i % 13) for i in range(1,13) ]

[(1, 2),
(2, 4),
(3, 8),
(4, 3),
(5, 6),
(6, 12),
(7, 11),
(8, 9),
(9, 5),
(10, 10),
(11, 7),
(12, 1)]

Thus Z13 × = h2i. Together with (♣) it now follows that σ has order 12 in Γ, and since Γ has
order 12, we see that
Γ = hσi.
Now, let’s describe the intermediate extension K of Q ⊂ E which has degree 3 over Q.
So we need to find the subgroup H ⊂ Γ with K = E H . If we want [K : Q] = 3 then we need
[E : K] = 4, and so using the fundamental theorem of galois theory, we knw that H must be the
subgroup of Γ = hσi of order 4. Thus H = hσ 3 i.
Now, K = E ⟨σ ⟩ is an extension of degree 3 of Q, so if we find a ∈ K, a 6∈ Q, then
3

automatically [K : Q(a)] = 1 so that K = Q(a).

Now, notice that if we take any element x of E, we can look at the orbit sum
X
s= h.x
h∈H

Then s is always contained in E H , since for any g ∈ H,

X X X
gs = g( h.x) = gh.x = h′ .x = s
h∈H h∈H h′ ∈H

where the reindexing for the last term corresponds to h′ = gh or h = g −1 h′ .

We now compute the orbit sum for the element ζ ∈ E using (♣):

X X
3
α= h.ζ = (σ 3 )i (ζ)
h∈H i=0
= ζ + σ (ζ) + σ 6 (ζ) + σ 9 (ζ)
3

3 6 9
= ζ + ζ2 + ζ2 + ζ2
= ζ + ζ 8 + ζ 12 + ζ 5

Thus we find that α = ζ + ζ 8 + ζ 12 + ζ 5 ∈ E ⟨σ

3⟩
= K. Since α 6∈ Q we conclude that

K = E ⟨σ
3⟩
= Q(α) = Q(ζ + ζ 8 + ζ 12 + ζ 5 ).

84
16.2.4 Cylic extension of the field of rational functions over a finite field
Let F = F11 (X) be the field of rational functions over the field with 11 elements.
Recall that F11 × is a cyclic group of order 10 Corollary 12.6.3; let’s write

F11 × = hγi
for a suitable generator γ.
Consider the polynomial
g = T 10 − (X + 1) ∈ F [T ];
g is irreducible over F by an application of Eisenstein’s criteria Theorem 7.4.1.
Let E = F (α) where α is a root of g. Since g is the minimal polynomial of α, we know that
[E : F ] = 10.
We now observe that E is a splitting field for g. Since E is generated over F by a root of g,
it suffices to check that g splits over E.
Note that γ i α is a root of g for 0 ≤ i ≤ 9. Since o(γ) = 10, these elements are distinct, and
thus
{γ i α} = {α, γα, . . . , γ 9 α}
are 10 distinct roots of g in E. In particular,

Y
9
g= (T − γ i α) ∈ E[T ] = F (α)[T ] = F11 (X, α)[T ].
i=0

Since E is a splitting field over F of the separable polynomial g, it follows that the galois
group
Γ = Gal(E/F )
has order |Γ| = [E : F ] = 10.
We now construct an element of Γ – i.e. an automorphism of E. Since α and γα are two
roots of the irreducible polynomial g, we know that there is an automorphism σ : E → E for
which σ|F = id and σ(α) = γα.
Since γ ∈ F11 , we know that σ(γ) = γ. We now observe:

σ(α) = γα
σ 2 (α) = σ(γα) = γσ(α) = γ 2 α
σ 3 (α) = σ(γ 2 α) = γ 2 σ(α) = γ 3 α
..
.
σ j (α) = γ j α

We now see that σ j (α) = α) ⇐⇒ j ≡ 0 (mod 10). Since σ j = id ⇐⇒ σ j (α) = α, it follows

that σ has order 10 in the group Γ. This proves that

Γ = hσi

is a cyclic group.
Recall that a cyclic group of order n has exactly one subgroup of order d for each divisor d
of n. Thus, the proper non-trivial subgroups of Γ are hσ 2 i which has order 5, and hσ 5 i which
has order 2.

85
 Let K = E ⟨σ ⟩ has [E : K] = 5 and thus [K : F ] = 2.
2

Similarly, L = E ⟨σ ⟩ has [E : L] = 2 and thus [L : F ] = 5.

5

To describe K as an extension of F , we just need to find an element a in K not in F (indeed:

since [K : F ] is prime, the field F 6= F (a) must coincide with K).
Now, we have an F -basis for E of the form

{1, α, α2 , . . . , α9 }.

So a typical element of E has the form

x = s0 + s1 α + · · · + s9 α 9

for elements si ∈ F .
Now, we notice that
σ(αi ) = γ i αi
and more generally that
σ j (αi ) = (γ j )i αi = γ ij αi .
Thus we can check that

σ 2 (α5 ) = γ 10 α5 = α5 =⇒ α5 ∈ E ⟨σ
2⟩
= K =⇒ K = F (α5 ).

And similarly

σ 5 (α2 ) = γ 10 α2 = α2 =⇒ α2 ∈ E ⟨σ
5⟩
= L =⇒ L = F (α2 ).

So the intermediate fields (other than E, F ) of the extension

√
F = F11 (X) ⊂ E = F11 (X, α) = F11 (X, 10 X + 1)

are: √
K = F (α5 ) = F11 (X, α5 ) = F11 (X, X + 1)
and √
L = F (α2 ) = F11 (X, α2 ) = F11 (X, 5
X + 1)

16.3 An example with a dihedral galois group

√
Consider g = T 3 − 2 ∈ Q[T ], and let α, ω in some extension of Q where α = 3 2 is a root of g,
and ω is a root of T 2 + T + 1.
An application of Eisenstein’s criteria shows that g is irreducible over Q. We know that
h = T 2 + T + 1 is irreducible over Q as well (e.g. because neither root of the degree 2 polynomial
h is a real number, and hence h has no root in Q).
Since deg g and deg h are relatively prime, an earlier homework exercise shows that h remains
irreducible over Q(α) and g remains irreducible over Q(ω).
In particular, [E : Q] = 6. Since E is a normal extension of Q, we conclude that the galois
group Γ = Gal(E/Q) has |Γ| = 6.
Since E generated by a root of the irreducible polynomial g = T 3 + 2 over the field Q(ω),
there is an automorphism
σ:E→E
for which σ|Q(ω) = id and σ(α) = ωα.

86
 Let’s observe that
σ 2 (α) = σ(ωα) = ωσ(α) = ω 2 α
and that
σ 3 (α) = σ(ω 2 α) = ω 2 σ(α) = ω 3 α = α.
This shows that σ 3 = id so that σ has order 3 in the group Γ.
Now, E is generated by a root of the irreducible polynomial h = T 2 + T + 1 over the field
Q(α). Thus, there is an automorphism

τ :E→E

for which τ|Q(α) = id and for which τ (ω) = ω 2 = ω.

Note that τ 2 (ω) = τ (ω 2 ) = ω 4 = ω so that τ 2 = id; thus τ has order 2 in the group Γ.
We now claim that (♣) τ στ = σ 2 . Well, since E is generated by α and ω, it suffices to
check that the automorphisms τ στ and σ 2 agree on these two elements:

(τ στ )(α) = (τ σ)(α) = τ (ωα) = ω 2 α

σ 2 (α) = σ(ωα) = ωσ(α) = ω 2 α
(τ στ )(ω) = (τ σ(ω 2 ) = τ (ω 2 ) = ω
σ 2 (ω) = σ(ω) = ω

Using the relation (♣), one sees that the subgroup hσ, τ i has 6 elements, namely

{id, σ, σ 2 , τ, τ σ, τ σ 2 }.

Thus
Γ = hσ, τ i.
The group Γ has exactly one subgroup of order 3, namely hσi. The corresponding intermediate
field K = E ⟨σ⟩ has [E : K] = 3 and [K : Q] = 2. Since σ(ω) = ω, we know that ω ∈ K and thus
K = Q(ω).
Note that hσi is a normal subgroup Γ; this corresponds to the fact that K is a normal
extension of Q, which one can also see because K is a splitting field for h = T 2 + T + 1.
The group Γ has three subgroups of order 2, namely H1 = hτ i, H2 = hστ i and H3 = hσ 2 τ i.
The corresponding intermediate fields Li = E Hi all satisfy [E : Li ] = 2 and thus [Li : Q] = 3.
Again, since 3 is prime, in order to find a generator for Li as an extension of Q it suffices to find
an element of Li which is not in Q.

• i = 1: H1 = hτ i.
√
τ (α) = α =⇒ α ∈ L1 =⇒ L1 = Q(α) = Q( 2)
3

• i = 2: H2 = hστ i.

στ (ω 2 α) = σ(ωα) = ωσα = ω 2 α
=⇒ ω 2 α ∈ L2
√
=⇒ L2 = Q(ω 2 α) = Q(ω 2 2)
3

87
 • i = 3: H3 = hσ 2 τ i.

σ 2 τ (ωα) = σ 2 (ω 2 α) = ω 2 σ 2 (α) = ω 4 α = ωα
=⇒ ωα ∈ L3
√
3
=⇒ L3 = Q(ωα) = Q(ω 2)

Thus E, F, K, L1 , L2 , L3 is the complete list of intermediate fields.

The subgroups Hi are not normal (in fact, σH1 σ −1 = H3 and σ 2 H1 σ −2 = H2 ). This non-
normality corresponds to the fact that the Li are not normal extensions of Q. In fact, the
polynomial g has a root in each of the fields Li , but g does not split over Li (for any i).

88
17 The insolvability of the quintic
We want to make sense formally of what it would mean to solve a polynomial equation. Thus
if g ∈ F [T ], we’d like to know how to describe the roots of g – in some extension of F - using
some formula in the coefficients of g.
We know this to be possible for quadratic polynomials (at least when the characteristic of F
is not 2): the roots of aT 2 + bT + c are given by
√
−b ± b2 − 4ac
.
2a
Example 17.0.1. There is a formula for the roots of a cubic polynomial (at least when the
characteristic of F is not 2 or 3); one of the roots of

g = aT 3 + bT 2 + cT + d

has the form  

−1 ∆0
x= b+C +
3a C
where s p
3 ∆1 ± ∆21 − 4∆30
C=
2
and

∆0 = b2 − 3ac
∆1 = 2b3 − 9abc + 27a2 d.

To find all three roots of the cubic, one must make all possible choices of the cube root C. So in
our formulas, we allow ourselves to “extract n-th roots” of algebraic expressions in F .

17.1 Some group theory

Let us recall the following definition for a group G.
Definition 17.1.1. The group G is solvable provided there is a finite chain of subgroups

1 = Nk ⊆ Nk−1 ⊆ Nk−2 ⊆ · · · ⊆ N0 = G

such that:

• Ni is a normal subgroup of Ni+1 for i = 1, 2, · · · , k,

• and Ni−1 /Ni is abelian for i = 1, 2, · · · , k

Proposition 17.1.2. G is solvable if and only if there is a normal subgroup N ⊆ G such that
N and G/N are solvable.

Proof. Left as an exercise!

89
17.2 Radical extensions and the main result
Definition 17.2.1. A field extension F ⊆ E is a radical extension of F if there are elements
u1 , . . . , ud ∈ E and positive integers n1 , . . . , nd such that:

• E = F (u1 , . . . , ud ), and

• u1 n1 ∈ F and ui ni ∈ F (u1 , . . . , ui−1 ) for i = 2, · · · , d.

Definition 17.2.2. A polynomial g ∈ F [T ] is solvable in radicals if there is a radical extension E

of F which contains a splitting field for g.
Example 17.2.3. The formulas given in Example 17.0.1 show (at least in characteristic 6= 2, 3)
that any degree 3 polynomial g is solvable in radicals:
Indeed, the polynomial g splits over F (u1 , u2 , u3 ) where

∆1 + u 1
u1 2 = ∆21 − 4∆30 , u2 3 = , u3 = ω;
2
T3 − 1
here ω is a root of = T 2 + T + 1.
T −1
Remark 17.2.4. If E = F (u) and ud = a ∈ F for some d, then of course E has an F -basis
consisting of the powers 1, u, u2 , · · · , ud−1 of the radical u. Similarly, if E is a radical extension
of F , then E has a basis consisting of products of powers of radicals.
If the polynomial g ∈ F [T ] splits over E, then each root α of g may be written as an F -linear
combination of products of powers of radicals, which may be viewed as some sort of “formula”
for the root α.
In this section, we are going to prove the following result.

Theorem 17.2.5. Suppose that F has characteristic zero – i.e. that Q ⊆ F . Let g ∈ F [T ] be a
polynomial. Then g is solvable in radicals if and only if Gal(g) is a solvable group.

Remark 17.2.6. In fact, the Theorem remains valid without the assumption that F has char-
acteristic, provided that g is separable. However, the proof is slightly more complicated, so we
focus here on characteristic zero.

17.3 Cyclotomic extensions

Recall that we suppose F to have characteristic zero.

Proposition 17.3.1. For any n ≥ 1, let E denote a splitting field over F of T n − 1. Then
Γ = Gal(E/F ) is an Abelian group.
d
Proof. Since the characteristic of F is 0, (T n − 1) = nT n−1 is non-zero and has the unique
dT
root 0. Since 0 is not a root of T n − 1, it follows from Proposition 13.1.3 that T n − 1 has n
distinct roots in the splitting field E.
Now, the set A of roots of T n − 1 form a subgroup of the multiplicative group E × , and
Theorem 12.6.2 shows that this subgroup must be cyclic; let us write A = hai so that the order
o(a) is n.
Any element σ ∈ Γ defines an automorphism of the group A. In particular, σ(a) is another
generator of the group A; thus σ(a) = as where s = s(σ) is an integer with gcd(s, n) = 1.

90
 Now the assignment σ 7→ s(σ) defines a group homomorphism

Γ → (Z/nZ)× .

Indeed, if σ, τ ∈ Γ where σ(a) = as and τ (a) = at then

(σ ◦ τ )(a) = σ(at ) = σ(a)t = (as )t = ast .

Finally, this group homomorphism is one-to-one. Indeed, we must show that the kernel is
trivial. But if σ is in the kernel, then σ(a) = a. Since E is a splitting field of T n − 1, we know
that E = F (A) = F (a) and since σ|F = id, it follows at once that σ = id = 1Γ so indeed the
kernel is trivial.
We now conclude that Γ is isomorphic to a subgroup of (Z/nZ)× ; since (Z/nZ)× is Abelian,
the Proposition has been proved.

17.4 Van Der Monde matrices

Let a1 , . . . , am be m elements in some field, write Pm for the space of polynomials of degree < m
and consider the linear transformation

Φ : Pm → F m
 T
given by f 7→ f (a1 ) f (a2 ) · · · f (am ) .
One observes that the matrix of Φ with respect to the standard monomial basis of Pm and
the standard basis of F m is the van der Monde matrix
 
1 a1 a21 · · · am−1
1
1 a2 a2 · · · am−1 
 2 2 
V = . .. .. .. .. 
 .. . . . . 
1 am a2m · · · am−1
m

Proposition 17.4.1. With A as above, we have

Y
det A = ± (ai − aj )
i<j

Proof. One way of seeing this formula for det V is to use the following basis for Pm :

b1 = 1
b2 = (T − a1 )
b2 = (T − a1 )(T − a2 )
.. ..
.=.
bm = (T − a1 )(T − a2 ) · · · (T − am−1 )

Note that since deg bi = i − 1 the bi are linearly independent and hence form a basis for Pm .
Now, the matrix for Φ with respect to the basis {bi } of Pm and the standard basis for F m
has the form

91
  
1 0 0 ··· 0
1 a2 − a1 0 ··· 0 
 
 a3 − a1 (a3 − a1 )(a3 − a2 ) · · · 
W = 1 0 
 .. .. .. .. .. 
. . . . . 
Qm−1
1 am − a1 ··· ··· i=1 (am − ai )
For a matrix of this form, the determinant is the product of the diagonal entries – i.e.
Y
det W = (aj − ai )
i<j

To show that det W = det V it remains to note that W = V U where U is an upper triangular
m × m matrix with ones along the diagonal.

If the ai are all distinct, one knows that ker Φ = {0} since a non-zero polynomial of degree
≤ m − 1 can not have all of a1 , . . . , am as roots. This implies at once that V has Null(V ) = {0}
and thus V is an invertible matrix (by the Invertible Matrix Theorem of linear algebra).

17.5 Main result on solvable extensions

Proposition 17.5.1. Let K denote a splitting field over F of T n − 1. Let a ∈ K, consider the
polynomial g = T n − a ∈ K[T ], and let E be a splitting field for g over K. Then Γ = Gal(E/K)
is a cyclic group whose order is a divisor of n.
Proof. Fix a generator ζ ∈ K for the group A ⊆ K of solutions to T n − 1 (one says that ζ is a
primitive n-th root of unity).
If u ∈ E is a root of g = T n − a, then E = K(u) is a splitting field for g over K since for any
integer i, we know that ζ i u is a root of g. We find in this way n distinct roots, and in particular
Y
n
g= (T − ζ i u).
i=0

Now, any element σ ∈ Γ is completely determined by the value σ(u), which must be a root
of g and hence of the form
σ(u) = ζ i u
for some integer i which is well-defined (mod n) – thus we view i = i(σ) as an element of Z/nZ.
In this way, we obtain an assignment
(σ 7→ i(σ)) : Γ → Z/nZ.
We now claim that this assignment is a group homomorphism. Well, suppose σ, τ ∈ Γ and that
σ 7→ i = i(σ) and τ 7→ j = i(τ ) for i = i(σ), j = i(τ ) ∈ Z/nZ, then

(σ ◦ τ )(u) = σ(ζ j u) = ζ j σ(u) = ζ j ζ i σ(u) = ζ i+j u.

This shows that i(στ ) = i + j = i(σ) + i(τ ), so indeed we have found a group homomorphism
from the (multiplicatively written) group Γ to the (additively written) group Z/nZ.
Finally, we argue that this group homomomorphism is one-to-one. For this, we argue that
the kernel is trivial. Well, if σ is in the kernel then i(σ) = 0 =⇒ σ(u) = ζ 0 u = u. Since
E = K(u) and since σ is the identity on K, conclude that σ = id so indeed the kernel is trivial.
Since the indicated group homomorphism is one-to-one, we may now conclude that Γ is
isomorphic to a subgroup of Z/nZ. In particular, Γ is cyclic and its order |Γ| must divide n.

92
Theorem 17.5.2. Let p be a prime number and let K denote a splitting field over F of T p − 1.
Let E be an extension of K. Assume that [E : K] = |Γ| = p where Γ = Gal(E/K). Then
E = K(u) for some element u ∈ E with up ∈ K.

Proof. Choose any element w ∈ E with w 6∈ K. Since [E : K] = p is prime, conclude that

E = K(w).
Let A = {ζ1 , ζ2 , . . . , ζp } be the roots of T p − 1 in K.
Finally, since Γ has prime order, it is a cyclic group; let us write θ for a generator; thus
Γ = hθi.
Now write

w1 = w
w2 = θ(w1 ) = θ(w)
w3 = θ(w2 ) = θ2 (w)
..
.
wi = θ(wi−1 ) = θi−1 (w)

Since ζ p = 1, we have θ(wp ) = w1 .

For each i consider the element

ui = w1 + ζi w2 + ζi2 w3 + · · · + ζip−1 wp .

Observe that

θ(ui ) = θ(w1 ) + ζi θ(w2 ) + ζi2 θ(w3 ) + · · · + ζip−1 θ(wp )

= w2 + ζi w3 + ζi2 w4 + · · · + ζip−1 w1
= ζi−1 (ζi w2 + ζi2 w + 3 + ζi3 w4 + · · · + w1 )
= ζi−1 ui .

We conclude in particular that θ(upi ) = θ(ui )p = (ζi−1 ui )p = upi . This proves for each i that
∈ E ⟨θ⟩ = E Γ = K since the extension K ⊆ E is normal.
upi
We are going to complete the proof by arguing for at least one index i0 that ui0 6∈ K; thus
E = K(ui0 ) and upi0 ∈ K as required.
To accomplish this, we first write the relation between the ui and the wi in matrix form. Let
 T  T
u = u1 u2 · · · up and w = w1 w2 · · · wp

and  
1 ζ1 · · · ζ1p−1
 1 ζ2 · · · ζ2p−1 
 
A = . . . ..  ∈ Matp×p (K).
 .. .. .. . 
1 ζp · · · ζpp−1
Then
Aw = u.

93
 The matrix A is a van der Monde matrix Section 17.4. For such a matrix, we have
Y
det A = ± (ζi − ζj )
i<j

by Proposition 17.4.1. Since the ζi are distinct, det A 6= 0 and in particular A is invertible.
Now, the invertibility of A implies in particular that we may write w = w1 as a K linear
combination of u1 , . . . , up . Now, if for each i we have ui ∈ K then for every j we have wj ∈ K,
contrary to our choice of w. This proves for some i0 that ui0 6∈ K as required.

17.6 Normal radical extensions

Lemma 17.6.1. Let E be a radical extension of F . Then there is an extension L of E such that
L is a normal and radical extension of F .

Proof. Write E = F (u1 , . . . , um ) as in the definition of radical extension; thus there are whole
numbers n1 , n2 , . . . , nm such that un1 1 ∈ F and uni i ∈ F (u1 , . . . , ui−1 ) for i ≥ 2.
Denote by pi the minimal polynomial of ui over F for 1 ≤ i ≤ m, let g = p1 . . . pm ∈ F [T ]
and let L be a splitting field over E of the polynomial g; since E is generated over F by roots of
g, it follows that L is a splitting field over F of g as well, hence L is a normal extension of F .
It remains to argue that L is a radical extension of F . Let Γ = Gal(L/F ) be the galois group.
Since the galois group acts transitively on the roots of each irreducible factor pi of g, it follows
that each root of g has the form θ(ui ) for some θ ∈ Γ and some 1 ≤ i ≤ m.
For each i observe that
θ(ui )ni ∈ F (θ(u1 ), . . . , θ(ui−1 )).
Now write
Γ = {θ1 , . . . , θℓ },
consider the elements

vi,j = θj (ui ) ∈ L
and consider any total ordering on the pairs (i, j) satisfying

(i, j) ≤ (i′ , j ′ ) ⇐⇒ i ≤ i′ .

Then L = F (vi,j ) is a radical extension for the whole numbers mi,j = ni with respect to the
chosen total ordering.

Lemma 17.6.2. Let E be a normal radical extension of F . Then the galois group Γ = Gal(E/F )
is a solvable group.

Proof. Consider ζ a primitive M -th root of unity for some M ≥ 1. Then E(ζ) is evidently a
radical extension of F (ζ) and of F .
Moreover, the fundamental theorem of Galois Theory shows that Gal(E/F ) is a quotient
of Gal(E(ζ)/F ). Since a quotient of a solvable group is solvable, it suffices to show that Γ =
Gal(E(ζ)/F ) is a solvable group.
Now recall that E = F (u1 , . . . , um ) where un1 1 ∈ F and uni i ∈ F (u1 , . . . , ui−1 ) for i ≥ 2. Take
M to be least common multiple of the ni .
Write Li = F (ζ, u1 , . . . , ui ). Then E(ζ) = Lm . Now set N = Gal(E(ζ)/F (ζ)) ⊆ Γ and
Ni = Gal(E(ζ)/Li ) ⊆ Γ for 1 ≤ i ≤ m − 1.

94
 By our choice of M , Li is a splitting field over Li−1 of the polynomial T ni − ai for some
ai ∈ Li . Thus Ni is a normal subgruop of Ni−1 , and the fundamental theorem of Galois Theory
– Theorem 15.5.2 – implies that

Ni−1 /Ni ' Gal(Li /Li−1 ).

Moreover, Proposition 17.5.1 implies that Ni−1 /Ni is an cyclic – hence Abelian – group.
Finally, N is normal in Γ since F (ζ) is a normal extension of F , and Γ/N ' Gal(F (ζ)/F ) is
abelian by Proposition 17.3.1.
Thus the descending chain of subgroups

Γ ⊇ N ⊇ N1 ⊇ N2 ⊇ · · · ⊇ Nm = {1}

shows that Γ is solvable, as required.

We now prove give the proof of Theorem 17.2.5:

Proof. Recall we must prove the following:

Let g ∈ F [T ] be a polynomial. Then g is solvable in radicals if and only if Γ = Gal(g) is a
solvable group.
(⇒): First suppose that g is solvable in radicals. According to Lemma 17.6.1, we may find a
radical extension E of F which is normal over F over which g splits.
Now, E contains a splitting field E1 of g over F and the galois group Γ = Gal(g) = Gal(E1 /F )
is a quotient of Gal(E/F ) by the fundamental theorem of Galois Theory (Theorem 15.5.2).
Now the solvability of Γ follows from Lemma 17.6.2.
(⇐): Suppose that Γ is solvable, and let E be a splitting field for g over F .
Write |Γ| = n, let ζ be a primitive n-th root of unity, and let L = E(ζ).
We claim that ϕ(E) = E for any ϕ ∈ Gal(E(ζ)/F (ζ)). For this claim, let p be the minimal
polynomial over F of an element a ∈ E. Then ϕ(a) is a root of p hence ϕ(a) ∈ E since E is
normal over F .
We see that the mapping ϕ 7→ ϕ|E obtained by restriction of ϕ to E defines a group homo-
morphism
Gal(E(ζ)/F (ζ)) → Γ
which is one-to-one. This shows that Γ1 = Gal(E(ζ)/F (ζ)) is isomorphic to a subgroup of Γ and
is thus solvable – see Proposition 17.1.2.
Thus we may find a finite chain of subgroups

Γ1 ⊇ N1 ⊇ · · · ⊇ Nr = {1}

where each subgroup is normal in the next and the quotients are cyclic of prime order pi .
In turn, according to the fundamental theorem Theorem 15.5.2, these subgroups determine
subfields
F (ζ) ⊆ F1 ⊆ · · · ⊆ Fr = E
with Ni = Gal(E/Fi ) and Gal(Fi+1 /Fi ) ' Ni /Ni+1 .
Now since Gal(Fi+1 /Fi ) ' Ni /Ni+1 has prime order pi and since Fi contains the primitive
n-th root of unity ζ, we can apply the Theorem 17.5.2 to conclude that g is solvable in radicals
over F (ζ) and hence over F .

95
17.7 Insolvability of higher degree equations
We’ve seen that cubic equations are solvable in radicals – see Example 17.2.3. In fact, quartic
equations – i.e. polynomial equations of degree 4 – are also solvable in radicals. But we are
going to show using the fundamental theorem of Galois theory that for any degree d ≥ 5, there
are polynomials of degree d over Q which are not solvable in radicals.
For simplicity, we are going to work over a field F of characteristic 0; thus we can ignore
questions of separability.
Now let g ∈ F [T ] be a polynomial, and let E be a splitting field for g over F . Recall that we
write Gal(g) = Gal(E/F ).
If g is solvable in radicals, We will argue that Gal(g) is a solvable group.
Thus if h ∈ F [T ] is a polynomial for which Gal(h) is not a solvable group, then we may
conclude that h is not solvable in radicals.
Our main example of a non-solvable group will be the symmetric group Sn ; for n ≥ 5, we
have see that Sn is never solvable (since the derived group An = (Sn )′ is equal to the alternating
group and is a simple group).

96
18 The symmetric group as Galois group
Let E be a splitting field over F for the separable polynomial h ∈ F [T ].
Recall that if h ∈ F [T ] has degree d, then Γ = Gal(h) may be identified with a subgroup of
Sd . Indeed, write a1 , . . . , ad for the roots of h in a splitting field E = F (a1 , . . . , ad ). Any element
σ ∈ Γ must map the set ∆ = {a1 , . . . , ad } ⊂ E to itself. Since E is generated by ∆, the natural
group homomorphism
Γ → Sym(∆)
given by σ 7→ σ|∆ is one-to-one.
In these notes, we argue that for suitable fields F and polynomials h ∈ F [T ], this homomor-
phism is onto as well.
We are going to give full details when d = 5
The following group-theoretic result provides a condition which guarantees that a subgroup
of the symmetric group S5 is equal to S5 .

Lemma 18.0.1. Let H ⊂ S5 be a subgroup such that (i) H contains a 5-cycle, and (ii) H
contains a transposition. Then H = S5 .

Proof. After renaming elements of S5 , we may and will suppose that (1, 2) ∈ H. Now, replacing
the element of H of order 5 by some power, we may and will suppose that (1, 2, a, b, c) ∈ H;
renumbering again we may and will suppose that (1, 2, 3, 4, 5) ∈ H.
Now we must argue that
S5 = h(1, 2), (1, 2, 3, 4, 5)i.
To do so, write H0 = h(1, 2), (1, 2, 3, 4, 5)i ⊂ H. We will argue that H0 contains all transpositions.
Well, γ = (1, 2)(1, 2, 3, 4, 5) = (2, 3, 4, 5) ∈ H0 . Thus

γ(1, 2)γ −1 = (1, 3) ∈ H0

γ 2 (1, 2)γ −2 = (1, 4) ∈ H0
γ 3 (1, 2)γ −2 = (1, 5) ∈ H0

Combining these observations with the formula

(1, n)(1, m)(1, n) = (m, n),

we see that (m, n) ∈ H0 for all 1 ≤ m < n ≤ 5 as required.

Lemma 18.0.2. Let h ∈ F [T ] be an irreducible, separable polynomial of degree 5, and let E be

a splitting field of h over F . Then Γ = Gal(h) = Gal(E/F ) contains a 5-cycle.

Proof. Indeed, let α be a root of h in E. Since h is irreducible [F (α) : F ] = 5. Thetower law

shows that
5 = [F (α) : F ] divides [E : F ].
On the other hand, we know that |Γ| = [E : F ]. Since the prime number 5 divides |Γ| we know
that Γ contains an element of order 5. But we have identified Γ with a subgroup of S5 , and the
only elements of S5 which have order 5 are the 5-cycles.

97
18.1 How to find a suitable polynomial
18.2 Using calculus
In this section, we consider the case F = Q, so that h ∈ Q[T ] is irreducible of degree 5. We are
going to use [Lemma on S5 generators](#s5-generators) and [Lemma on 5-cycles in Galois](#five-
cycle-in-galois). Thus we must produce an irreducible polynomial h for which the galois group
contains a transposition.

Proposition 18.2.1. Let h ∈ Q[T ] be an irreducible polynomial of degree 5. If h has exactly

three roots a1 , a2 , a3 in the field R of real numbers, then Gal(h) = S5 .

Proof. Write Γ = Gal(h) and identify Γ as a subgroup of S5 using the action of Γ on the roots
of h. According to [Lemma on S5 generators](#s5-generators), to show that Γ = S5 , it suffices
to argue that Γ contains a 5-cycle and a transposition.
According to [Lemma on 5-cycles in Galois](#five-cycle-in-galois), Γ contains a 5-cycle when-
ever h is irreduicible (since F = Q has charateristic 0, any irreducible polynomial is separable).
So it remains to argue that Γ contains a transposition. Let F = E ∩ R = Q(a1 , a2 , a3 ). Then

h = (T − a1 )(T − a2 )(T − a3 )h1 for h1 ∈ F [T ]

where deg h1 = 2. The field E is a splitting field over F of the quadratic polynomial h1 which
is irreducible over F , and h1 has two roots z1 , z2 in E.
It follows that there is an automorphism τ : E → E for which τ|F = id and for which
τ (z1 ) = z2 .
Viewing τ as an element of Γ, observe that τ (ai ) = ai for i = 1, 2, 3 and thus τ determines a
transposition in S5 .

Theorem 18.2.2. There are polynomials h ∈ Q[T ] with deg = 5 and Gal(h) = S5 .

Proof. Using the previous result, we see that the Theorem will follow if we exhibit a polynomial
which is irreducible of degree 5 having exactly 3 roots in the field R of real numbers.
Suppose that h is monic. View h as a function R → R; since the leading term has odd degree,
we have
lim h(x) = ∞ and lim h(x) = −∞.
x→∞ x→−∞

Claim: (♣) if the derivative h′ has exactly two real roots a0 < a1 , and if h(a0 ) > 0 and
h(a1 ) < 0 then h has exactly three real roots.
Indeed, h is increasing on (−∞, a0 ), decreasing on (a0 , a1 ) and increasing on (a1 , ∞) and
under the specified conditions, h must change sign exactly once on each of these intervals.
Now let p > 0 be a prime number and consider the monic polynomial

h = T 5 − pT 3 − pT − p

Observe that h is irreducible over Q by Eisenstein’s criteria.

Now, h′ = 5T 4 − 3pT 2 − p. Using the quadratic formula and the subsitution U = T 2 , we see
that any root a of h′ must satisfy
p
2 3p ± 9p2 + 20p
a =
10
p
Since 9p2 + 20p > 3p, it follow that for any real root a of h′ we have

98
 p
3p + 9p2 + 20p
a2 = .
10
Thus h′ has exactly two real roots a and −a.
Now we confirm (♣) for all primes p < 50 by a computer computation.

h(t,p) = t^5 - p*t^3 - p*t - p

s(p) = (3.*p + sqrt(9.*p^2 + 20.*p))/10
r(p) = sqrt(s(p))
[(p,h(-r(p),p),h(r(p),p)) for p in primes(50)]

[(2, 1.36948536859665, -5.36948536859665),

(3, 4.08660815330037, -10.0866081533004),
(5, 14.2740412556404, -24.2740412556404),
(7, 31.7144026134529, -45.7144026134529),
(11, 92.2075014863997, -114.207501486400),
(13, 136.959876953231, -162.959876953231),
(17, 259.243800671028, -293.243800671028),
(19, 338.139705228473, -376.139705228473),
(23, 534.582615744191, -580.582615744191),
(29, 934.480355273911, -992.480355273911),
(31, 1097.98388970545, -1159.98388970545),
(37, 1686.05091826109, -1760.05091826109),
(41, 2164.03196447407, -2246.03196447407),
(43, 2430.13218369729, -2516.13218369729),
(47, 3018.66196208224, -3112.66196208224)]

18.3 An algebraic tool

We pause to introduce a result that is useful for our present goals.
For this, let R be a principal ideal domain with field of fractions F , let P = πR ⊂ R be a
prime ideal, and write k = R/P = R/πR. Our goal here is to relate galois groups over F with
galois groups over k in a suitable sense.
More precisely, let g ∈ R[T ] be a polynomial of degree d ≥ 1. Since R ⊂ F , we may view g
as a polynomial with coefficients in F [T ]; let E be a splitting field for g over F .
On the other hand, note that there is a ring homomorphism R[T ] → (R/πR)[T ] = k[T ] for
which T 7→ T . Write g ∈ k[T ] for the image of g under this homomorphism, and let ℓ denote a
splitting field over k of the polynomial g ∈ k[T ].

Proposition 18.3.1. Suppose that g has d distinct roots in ℓ.

1. There is a subgroup D ⊂ Gal(E/F ) and a group homomorphism

π : D → Gal(ℓ/k)

such that π maps onto Gal(ℓ/k).

99
2. Write
g = p1 p2 · · · p t
for irreducible polynomials pi in k[T ] of degree ei for 1 ≤ i ≤ t. Suppose that the galois
group Gal(pi ) ⊂ Sei contains an ei -cycle for each i. Then Γ ⊂ Sn contains a element σ
which can be written as a product of disjoint cycles of lengths e1 , e2 , . . . , et .

Remark 18.3.2. For a polynomial f ∈ F [T ], there is a quantity disc(f ) ∈ F which may be

described by a formula involving the coefficients of f with the property that f has repeated
roots if and only if disc(f ) = 0.
Remark 18.3.3. The condition in part 2. – namely, that each galois group Gal(pi ) ⊂ Sei contains
an ei -cycle – is automatic when k is a finite field (since then Gal(pi ) is a cyclic group of order
ei ).
The condition on Gal(pi ) is also immediate when ei = 1 or when ei is a prime number.

18.4 Example for rational field

In this section, we give an alternate way of constructing polynomials g ∈ Q[T ] of degree 5 for
which either Gal(g) = A5 or S5 .
We replace the use of “calculus” with the use of Proposition 18.3.1.
Let p, q be prime numbers, and notice that

g = T 5 + pT + (q + 1)p ∈ Q[T ]

is irreducible by Eisenstein’s criterion (Theorem 7.4.1) applied to the prime p.

APpartition λ of a whole number n is a non-deceasing list 0 < λ1 ≤ λ2 ≤ · · · of whole numbers
with i λi = n.
We say that g has shape equal to the partition λ of 5 modulo a prime q if the irreducible
factors of g have degrees λ1 , λ2 , · · ·.
Use sage math we can compute the shape of g modulo various primes q:

def pred(p,q):
R.<T>=PolynomialRing(FiniteField(q))
g = T^5 + p*T + p*(q+1)

shape = [x[0].degree() for x in factor(g)]

return discriminant(g) != 0 and shape == [1,1,1,2]

bound = 100
myprimes = list(primes(bound))
[[(p,q) for q in myprimes if pred(p,q)] for p in myprimes]

[[(2, 19)],
[(3, 47), (3, 97)],
[(5, 37), (5, 67)],
[(7, 47), (7, 73)],
[(11, 23), (11, 53)],
[(13, 73), (13, 83)],

100
 [],
[(19, 41), (19, 43), (19, 47), (19, 53)],
[(23, 17)],
[(29, 59)],
[],
[(37, 89)],
[(41, 23), (41, 31), (41, 37), (41, 73)],
[(43, 29), (43, 59), (43, 73), (43, 97)],
[],
[(53, 41)],
[(59, 19), (59, 71)],
[],
[(67, 89)],
[(71, 47), (71, 53)],
[(73, 83)],
[(79, 37)],
[(83, 67), (83, 89)],
[],
[(97, 19), (97, 47), (97, 53)]]

Proposition 18.4.1. Let

g = T 5 + pT + p(q + 1) ∈ Q[T ]
where p, q are prime numbers. For each pair (p, q) in the above list, the polynomial g has galois
group Γ = Gal(g) equal to S5

Sketch of proof. Again using Lemma 18.0.2, the irreducibility of g allows us to conclude that Γ
contains a 5-cycle.
Since p, q is in the preceding list, we know that g ∈ Fq [T ] has shape λ = (1, 1, 1, 2).
Now Proposition 18.3.1 implies that Γ contains a transposition.

18.5 Example for rational field

Here we give a version of the number-theoretic argument found in Section 18.3 which is valid
for the field F = k(X) over certain fields of constants k, instead of Q. We give in particular a
construction when k = R; i.e. when F = R(X).
Let us fix an element a ∈ k and consider the irreducible polynomials p = X − a ∈ k[X]. Form
the polynomial
g = T 5 + (X − a)T 3 + (X − a) ∈ F [T ] = k(X)[T ].
Observe that g ∈ k[X][T ]; i.e. viewing g as a polynomial in the variable T , the coefficients
of g are themselves polynomials in the variable X. Moreover, g is irreducible by Eisenstein’s
criteria.
Consider the second irreducible polynomial q = X − b. The quotient ring k[X]/hX − bi may
be identified with k and the mapping

(h 7→ h) : k[X] → k = k[X]/hXi

is just given by evaluation at X = b.

101
 Notice that if q = X − b then

g = T 5 + (b − a)T 3 + (b − a) ∈ k[T ].

Proposition 18.5.1. Let a ∈ k and let

g = T 5 − (X − a)T 3 + (X − a) ∈ F [T ] = k(X)[T ],

and let E be a splitting field of g over F = k(X). If g ∈ k[T ] has shape (1, 1, 1, 2), then the galois
group Γ = Gal(g) = Gal(E/F ) satisfies
Γ = S5 .

Proof. The proof is essentially the same as the argument given in [the previous section](#example-
over-Q).

18.6 Rational function field with real coefficients

Consider k = R, and let

g = T 5 + (X − a)T 3 + (X − a) ∈ R(X)[T ],

as before.
We claim that Gal(g) = S5 for all real numbers a.
Well, it will be enough to argue that g has shape (1,1,1,2) for q = X − b for some b ∈ R.
We first use sage math to compute the discriminant and the shape of the real polynomial
T 5 − aT 3 − a ∈ R[T ] (this amounts to g when q = X). We get:

def pred(a):
R.<T>=PolynomialRing(RealField())
g = T^5 - a*T^3 - a
shape = [x[0].degree() for x in factor(g)]
if discriminant(g) != 0 and shape == [1,1,1,2]:
return a

[a for a in range(1,10) if pred(a)]

[4, 5, 6, 7, 8, 9]

This shows that g = T 5 − aT 3 − a has shape (1,1,1,2) e.g. when a = 4.

Now, for general a take q = X − (4 − a) and find that g = T 5 − 4T 3 − 4 which we have just
seen has shape (1,1,1,2).

102
19 Elementary symmetric functions
Let k be any field, let n ≥ 1 and consider the field of rational functions in n variables

E = k(T1 , T2 , . . . , Tn ).

From a permutation σ ∈ Sn , we obtain a field automorphism

Πσ : E → E

given by the rule Πσ (Ti ) = Tσ(i) .

e.g. if σ = (1, 2, 3) and n ≥ 4, we have
 
T1 + T4 T2 + T4
Π(1,2,3) 2 = 2 .
T2 T3 + 1 T3 T1 + 1
It is immediate to check that the group homomorphism

Π : Sn → Aut(E)

given by σ 7→ Πσ is one-to-one.
Let F = E Sn be the fixed field for this action. Then we have proved before that E is a normal
extension of F , and that in fact E is the splitting field for some separable polynomial in F [T ].
Moreover, we have proved that Gal(E/F ) = Sn .
This gives a straightforward construction of extensions which are not solvable in radicals,
though it is perhaps unsatisfying because the field F was not specified in advance.
The field F and the field extension F ⊂ E are quite important, though I’m only going to
sketch some brief comments.
Note that the polynomial
s 1 = T1 + T2 + · · · + Tn
is actually contained in F = E sn = k(T1 , . . . , Tn )sn ; indeed, for any σ ∈ sn , we see that

Πσ (s1 ) = Tσ(1) + Tσ(2) + · · · + Tσ(n) = s1 .

Similarly, the polynomial

X
s 2 = T1 T2 + T1 T3 + · · · T1 Tn + T2 T1 + T2 T3 + · · · = Ti Tj
1≤i<j≤n

is in F = E sn since X
Πσ (s2 ) = Tσ(i) Tσ(j) = s2 .
1≤i<j≤n

In fact, for 1 ≤ ℓ ≤ n define the ℓ-th elementary symmetric polynomials as follows:

X
sℓ = Ti 1 Ti 2 · · · Ti ℓ .
1≤i1 <i2 <···<iℓ ≤n

Note e.g. that s1 and s2 are the polynomials described before, and

s n = T1 T2 · · · Tn .

103
 Then sℓ ∈ F = E Sn for each 1 ≤ ℓ ≤ n, and in fact it is a classical Theorem that

F = k(s1 , s2 , · · · , sn ) = k(T1 , . . . , Tn )sn

i.e. F is generated over k by the elementary symmetric functions. Each si is transcendental over
k, and in fact for each ℓ the element sℓ is transcendental over k(s1 , . . . , sℓ−1 ).
A slightly stronger statement is true:

k[s1 , s2 , · · · , sn ] = k[T1 , . . . , Tn ]sn

i.e. every polynomial in T1 , . . . , Tn which is invariant under the action of sn can be written as a
polynomial in the elementary symmetric polynomials sℓ .
For example, if n = 3, then by inspection we see that

T12 + T22 + T32 ∈ k[T1 , T2 , T3 ]s3 .

Moreover, one checks that

T12 + T22 + T32 = (T1 + T2 + T3 )2 − 2(T1 T2 + T1 T3 + T2 T3 ) = s21 − 2s2

As a final remark, if we grant the Primitive Element Theorem (though we didn’t prove it)
we conclude that E = F (α) for some rational function α ∈ E = k(T1 , . . . , Tn ) having degree n!
over F ; i.e. that
k(T1 , . . . , Tn ) = k(s1 , . . . , sn , α).

104
Bibliography
Artin, Michael. 2011. Algebra. 2nd ed. Pearson Education.
Friedberg, Stephen H., Arnold J. Insel, and Lawrence E. Spence. 2002. Linear Algebra. 4th
edition. Upper Saddle River, NJ: Pearson.
Hoffman, Kenneth, and Ray Alden Kunze. 1971. Linear Algebra. 2nd ed. Prentice-Hall.

105