Teoria Divizibilitatii

Ioan TOFAN Aurelian Claudiu VOLF
Ring Arithmetic, Field Extensions

and Applications
Table of Contents
Foreword..............................................................................................7
I. Arithmetic in integral domains ....................................................10
I.1 Divisibility...................................................................................10
I.2 Euclidian domains .......................................................................22
I.3 Euclidian rings of quadratic integers...........................................26
I.4 Principal ideal domains ...............................................................31
I.5 Unique factorization domains .....................................................36
I.6 Polynomial ring arithmetic..........................................................43
Exercises ...........................................................................................50
II. Modules.........................................................................................58
II.1 Modules, submodules, homomorphisms....................................58
Exercises ...........................................................................................72
II.2 Factor modules and the isomorphism theorems.........................74
Exercises ...........................................................................................80
II.3 Direct sums and products. Exact sequences ..............................81
Exercises .........................................................................................102
II.4 Free modules ............................................................................104
Exercises .........................................................................................116
III. Finitely generated modules over principal ideal domains ....118
III.1 The submodules of a free module...........................................118
Exercises .........................................................................................128
III.2 Finitely generated modules over a principal ideal domain.....130
Exercises .........................................................................................138
III.3 Indecomposable finitely generated modules ..........................140
Exercises .........................................................................................149
6
III.4 The endomorphisms of a finite dimensional vector space ..... 150

Exercises ........................................................................................ 167
IV. Field extensions ........................................................................ 169
IV.1. Algebraic extensions ............................................................. 169
Exercises ........................................................................................ 190
IV.2 Roots of polynomials. Algebraically closed fields ................ 193
Exercises ........................................................................................ 207
IV.3 Finite fields ............................................................................ 209
Exercises ........................................................................................ 221
IV.4 Transcendental extensions ..................................................... 223
Exercises ........................................................................................ 230
V. Galois Theory ............................................................................. 232
V.1 Automorphisms ....................................................................... 233
V.2 Normal extensions................................................................... 238
Exercises ........................................................................................ 242
V.3 Separability.............................................................................. 244
Exercises ........................................................................................ 259
V.4 The Fundamental Theorem of Galois Theory ......................... 262
Exercises ........................................................................................ 271
VI. Applications of Galois Theory ................................................ 273
VI.1 Ruler and compass constructions........................................... 273
VI.2 Trace and norm ...................................................................... 289
Exercises ........................................................................................ 296
VI.3 Cyclic extensions and Kummer extensions ........................... 297
Exercises ........................................................................................ 312
VI.4 Solvability by radicals............................................................ 313
VI.5 Discriminants, resultants........................................................ 320
Exercises ........................................................................................ 326
Appendices ...................................................................................... 331
1. Prime ideals and maximal ideals................................................ 331
2. Algebras. Polynomial and monoid algebras............................... 333
3. Symmetric polynomials ............................................................. 348
4. Rings and modules of fractions.................................................. 354
5. Categories, functors.................................................................... 362
6. Solvable groups.......................................................................... 373
Index ................................................................................................ 379
Bibliography.................................................................................... 387
Foreword
The book is aimed at undergraduate students in Mathematics, Com-

puter Science or technical universities having a background of stan-
dard courses of Abstract Algebra and Linear Algebra as well as at
general Mathematics readers with an interest in Algebra.
The topics covered by the book are mandatory algebraic back-
ground of any mathematics graduate: arithmetic in integral domains,
module theory basics, the structure of the finitely generated modules
over a principal ideal domain with applications in abelian groups and
Jordan forms of matrices, field extensions and Galois theory with
applications.
Throughout the book the reader is motivated by concrete applica-
tions and exercises.
The book is reasonably self contained, in the sense that the reader
is assumed to be familiar with general notions on algebraic structures
(monoids, groups, rings, fields), factor rings and isomorphism theo-
rems, vector spaces and bases, matrices, polynomials, permutation
groups basics, elementary arithmetic of cardinals. Some topics less
likely to appear in standard general Algebra courses are presendted in
the Appendix.
The language of Category Theory is used beginning with the chap-
ter on Modules, the reader being invited to refer to the appendix (or to
a book on Categories) when categorical notions appear in the text. We
7
8
think that the Categories are particularly useful for a better understan-
ding and for unifying many algebraic concepts and proofs.
The chapters on Modules (II, III) can be read independently of the
rest of the book. The section VI.1, Ruler and compass constructions, is
not a prerequisite for the other sections in chapter VI.
Some notations used in the text:

- | A | denotes the cardinal of the set A (the number of elements of
A, if A is finite).
- x := y means “x is equal by definition to y” (where y is already
defined) or “we denote y with x"
- ! marks the end or the absence of a proof.
- N is the set of natural numbers, {0, 1, 2, …}
*
- N is the set of positive natural numbers, {1, 2, …}
- Z is the set of integers
9
I. Arithmetic in integral domains
The set Z of integers, endowed with the operations of addition and

multiplication, is the prototype for the familiar concept of ring. The
classical divisibility theory in Z (the arithmetic of Z) can be extended
with outstanding results to a large class of rings, the integral domains.
Such a generalization is interesting by itself and it also illuminates and
yields nontrivial results on the divisibility in Z.
After a general study of the divisibility in integral domains, three
classical and important classes of domains are studied (Euclidian do-
mains, principal ideal domains and unique factorization domains).
The definitions of these classes of rings originate in fundamental
arithmetic properties of Z. The material in this chapter is at the very
basis of all Algebra, and vital in Algebraic Number Theory, Field
Extensions and Galois Theory.
I.1 Divisibility
The classical definition for the relation of divisibility in the ring of

integers Z generalizes easily to an arbitrary ring R:
10
I.1 Divisibility 11
1.1 Definition. Let R be a ring and let a, b ∈ R. We say that a di-

vides b in R (and write a | b) if there exists c ∈ R such that b = ac.
The fact that a | b can be also expressed by writing b ! a (read “b is
divisible by a”). Other ways of reading a | b are: “a is a divisor of b”
or “b is a multiple of a”.
One says “a divides b in R” because the ring R plays an essential
role here. For instance, 2 | 3 in Q, but of course not in Z! We shall
omit any reference to R in the notation a | b if the ring R is clear from
the context. Write a - b if a does not divide b.
If the ring R lacks some natural properties, the theory of divisibility
in R can be very poor or very peculiar when compared to the classical
theory in Z. For instance, in a ring without identity element, an ele-
ment may not divide itself; other difficulties arise if R is not commuta-
tive or if R has zero divisors.
This motivates the following definition:
1.2 Definition. A ring R is called an integral domain (a domain, for

short) if it has identity (denoted by 1), it is commutative and has no
zero divisors: for any x, y ∈ R, xy = 0 implies x = 0 or y = 0. This can
also be said: for any nonzero x, y ∈ R, we have xy ≠ 0.
In what follows, all rings we consider are domains, 0 denotes the
zero element of the domain and 1 its identity element. All subrings
considered are unitary (they contain the identity element of the ring).
1.3 Examples. a) Any field F (for instance Q, R, C, ...) is a do-

main. Indeed, if x, y ∈ F are nonzero, then xy = 0 implies (by
−1
multiplying with x , which exists in F since F is a field and x ≠ 0),
that y = 0, contradiction. The theory of divisibility in fields is trivial,
though (cf. 1.7).
b) Every subring of a domain is itself a domain. In particular, every
subring of a field is a domain. So, if d ∈ Z is squarefree (i.e.: d ≠ 0,
12 I. Arithmetic in integral domains
d ≠ 1 and d is not divisible by the square of any integer greater than 1),
the subring of C generated by 1 and d , denoted by " [ d ] , is a do-
main. One easily checks that " [ d ] consists of the complex numbers
of the form a + b d , with a, b ∈ Z. The ring " [ −1 ] is called the
ring of Gauss integers.1
c) If R is a domain and n ∈ N*, then the polynomial ring in n
indeterminates with coefficients in R, R[X1,..., Xn], is a domain.
In a domain, one can simplify the nonzero factors:
1.4 Proposition. Let R be a domain and let a, b, c ∈ R, with c ≠ 0.

If ac = bc, then a = b.
Proof. We have ac = bc ⇔ ac − bc = 0 ⇔ (a − b)c = 0. Since R is a
domain, a − b = 0 or c = 0. But c ≠ 0, so a − b = 0. !
We will develop a theory of divisibility in R, with Z as a model
(and a particular case). The proof of the following properties is an easy
exercise:
1.5 Proposition. Let R be a domain. Then:

a) For any a ∈ R, a | a.
b) For any a, b, c ∈ R such that a | b and b | c, we have a | c.
c) For any a ∈ R, we have a | 0 and 1 | a.
d) For any x, y ∈ R and a, b, c ∈ R such that a | b and a | c, we
have a | (bx + cy). !
Properties a) and b) say that the divisibility relation on R is reflex-
ive and transitive.
1.6 Definition. The elements a, b in R are called associated in

divisibility (or, simply, associated) if a | b and b | a. Notation: a ∼ b.
1
Carl Friedrich Gauss (1777 − 1855), famous German mathematician.
I.1 Divisibility 13
For d, a ∈ R, d is called a proper divisor of a if d | a and d is neither

invertible in R, nor associated with a.
The relation "∼" defined above is an equivalence relation on R
(exercise!) and it is very important when studying the arithmetic of R:
two elements associated in divisibility have exactly the same divisors
and the same multiples. One can say they are indistinguishable as far
as divisibility is concerned.
An invertible element u ∈ R is called a unit of R, because u ∼ 1 (so
u behaves just like 1 from the divisibility standpoint). Let U(R) denote
the set of all invertible elements of R:
U(R) = {x ∈ R | (∃) y ∈ R such that xy = 1}.
U(R) is a group with respect to the ring multiplication (as a
straightforward checking shows) and is called the group of units of R.
1.7 Proposition. Let R be a domain. Then :

a) For any u ∈ R, we have: u ∈ U(R) ⇔ u ∼ 1 ⇔ u | a, (∀) a ∈
R ⇔ uR = R.
b) For any a, b ∈ R, we have: a ∼ b ⇔ there exists u ∈ R such that
a = bu. !
For a given domain R, knowing the group U(R) is a first step, very
important, in the study of divisibility in R.
1.8 Examples. a) U(Z) = {−1, 1}.

b) If K is a field, U(K[X]) = { f ∈ K[X] | deg f = 0} = K* (we iden-
tify nonzero elements in K with the polynomials of degree 0).
c) If d ∈ Z is squarefree, then:
2 2
U{Z[ d ]} = { a + b d | a, b ∈ Z, a − db = ±1}
Proof. Let R = Z[ d ]. It is useful to define the “norm” N : R → Z,
by N(α) = ασ(α), where σ(α) is the conjugate of α, defined as :
σ (a + b d ) = a − b d , for any a, b ∈ Z.
So N (a + b d ) = a 2 − db2 , ∀ a, b ∈ Z. An easy computation

shows:
N(α)N(β) = N(α)N(β), ∀α, β ∈ R.
This implies: if α, β ∈ R with α | β in R, then N(α) | N(β) in Z.
Let u = a + b d ∈ U(R). Then N(u) = a 2 − db 2 divides 1 in Z, so
N(u) = ±1. Conversely, if N(u) = ±1, then (a + b d )(a − b d ) = ±1 ,
so ± (a − b d ) is the inverse of u. Thus:
2 2
U{Z[ d ]} = { a + b d | a, b ∈ Z, a − db = ±1} =
= {α ∈ Z[ d ] | N(α) = ±1}.
We define the central concepts of greatest common divisor and
least common multiple. Since an order relation like the one on N is not
available, we use the divisibility relation itself to order the common
divisors.
1.9 Definition. Assume R is a domain, n ∈ N* and a1, ..., an ∈ R.

We call the element d ∈ R a greatest common divisor (abbreviated
GCD) of the elements a1, ..., an if:
i) d | a1, ..., d | an. (d is a common divisor of a1, ..., an)
ii) For any e ∈ R such that e | a1, ..., e | an, it follows that e | d (d is
the “greatest” among the common divisors of a1, ..., an).
If 1 is a GCD of a1 and a2, we call a1 and a2 coprime or mutually
prime (or relatively prime).
We call m ∈ R a least common multiple (LCM for short) of a1, ...,
an if:
i') a1 | m, ..., an | m.
ii') For any e ∈ R such that a1 | e, ..., an | e, it follows that m | e.
We denote by (a1, ..., an) or GCD(a1, ..., an) a GCD of a1, ..., an, if it
exists.
Similarly, [a1, ..., an] or LCM(a1, ..., an) denotes a LCM of a1, ...,
an, if it exists.
I.1 Divisibility 15
1.10 Remarks. a) Given a1, ..., an ∈ R, if there exists a GCD for a1,
..., an, say d ∈ R, then d is uniquely determined up to association in
divisibility: if e is also a GCD of a1, ..., an, then e ∼ d. Moreover, if
e ∼ d, then e is a GCD of a1, ..., an.
The same remark applies to the LCM.
b) When the domain R in which we work is not clear from the con-
text, we use occasionally a subscript, like in the notation (a1, ..., an)R.
For a given domain R and given x, y ∈ R, a GCD(x, y) may not ex-
ist (see the Exercises for some examples). A domain R with the prop-
erty that any two elements x, y ∈ R possess a GCD is called a GCD
domain. For instance, Z is a GCD domain.
Writing d = (a1, ..., an) means that d is associated with a GCD of
a1, ..., an. This can lead to some oddities: in Z, we can write 1 = (1, 2)
= −1, but this does not imply that 1 = −1 (of course, it implies that 1 ∼
−1).
c) Note that a1, a2 are coprime if and only if all their common divi-
sors are units in R.
d) For any domain R and any a ∈ R, there exists GCD(a, 0) = a. If u
is a unit, then there exists GCD(a, u) = u. What can you say about the
LCM in these cases?
If d ≠ 0 and d|a, a/d denotes the unique element x ∈ R with a = dx.
1.11 Proposition. Let R be a domain and let a1, ..., an, r ∈ R \{0}.
a) If there exists d = (a1, ..., an), then a1/d,..., an/d have a GCD,
equal to 1.
b) If there exists (a1, ..., an) =: d and exists (ra1, ..., ran) =: e, then
e = rd. Thus:
(ra1, ..., ran) = r(a1, ..., an).
c) If there exists [a1, ..., an] = m and exists [ra1, ..., ran] =: µ, then
µ = rm. Thus:
[ra1, ..., ran] = r[a1, ..., an].
Proof. a) Let xi ∈ R such that ai = dxi, i = 1, n . If e ∈ R is a com-

mon divisor of x1, ..., xn, then de is a common divisor of a1, ..., an, so
de | d. This implies e | 1.
b) Since rd | rai, i = 1, n , we get rd | e. Let u ∈ R with e = rdu. It is
enough to prove that u | 1. Let xi, yi ∈ R such that ai = dxi and rai = eyi,
i = 1, n . For any i = 1, n , rai = rdxi = rduyi. It follows that u is a com-
mon divisor of the elements xi, whose GCD is 1, by a). So, u | 1.
c) Because rm is a common multiple of rai, i = 1, n , we have
µ | rm, so rm = µt, for some t ∈ R. We can write m = aibi, µ = raixi,
for some xi, bi ∈ R, i = 1, n . We have rm = raibi = µt = raixit, i = 1, n .
Simplifying, bi = xit. Also, a1x1 = ... = anxn is a common multiple of a1,
..., an. Thus, m | aixi , i = 1, n . Since µ = raixi, we also get mr | µ. !
1.12 Corollary. Let R be a GCD-domain and let K be the field of

quotients of R. Then every element in K can be written as a quotient
a
, with a, b ∈ R, b ≠ 0 and (a, b) = 1.
b
c
Proof. If ∈ K, with c, d ∈ R, d ≠ 0, then let e = GCD(c, d). Then
d
c = ea, d = eb, for some a, b ∈ R, with (a, b) = 1 (use the statement a)
c a
above). Moreover, = . !
d b
The next result is ubiquitous in divisibility arguments.
1.13 Corollary. Let R be a GCD domain and a, b, c ∈ R such that

a | bc and (a, b) = 1. Then a | c.
Proof. (a, b) = 1 and the preceding result, part b), imply that
(ac, bc) = c. Since a | ac and a | bc, the definition of the GCD ensures
that a | (ac, bc) = c. !
Although the definitions of the GCD and the LCM are “dual” to
each other, the situation is not entirely symmetric (the existence of the
I.1 Divisibility 17
LCM implies the existence of the GCD, but not conversely, in gen-
eral).
1.14 Proposition. Let R be a domain and x, y ∈ R. Then:

a) If a LCM of x, y exists, [x, y] = m ∈ R, than a GCD of x, y exists,
(x, y), and
xy ∼ [x, y](x, y).
b) If any two elements in R have a GCD, then any two elements in
R have a LCM.
c) If any two elements in R have a GCD, then, for any n ∈ N, n > 1,
any n elements a1, ..., an in R have a GCD and a LCM.
Proof. a) When x = 0, [0, y] exists and it is 0. Similarly, (0, y) = y.
Suppose now that x and y are nonzero. The definition of the LCM im-
plies m | xy. Let d, a, b ∈ R with xy = md and m = xa, m = yb. We need
only prove that d = (x, y). We have xy = xad, so y = ad ⇒ d | y. Like-
wise, d | x. Take e ∈ R with e | x, e | y and pick r, s ∈ R such that x =
er and y = es. Then ers is a common multiple of x and y, so m | ers.
Let t ∈ R such that mt = ers. We have dm = xy = e 2 rs = tem . Simplify-
ing by m, d = te, so e | d.
b) Let a, b ∈ R \ {0} and let d = (a, b). There exist x, y ∈ R with a =
dx, b = dy. The element m = dxy is obviously a common multiple of a
and b. Let µ be another common multiple of a and b. There exist z, t ∈
R such that µ = az = dxz and µ = bt = dyt. So m divides µy = dxyz and
µx = dxyt, which means m divides also (µx, µy) = µ(x, y) = µ. This
shows that m is a LCM of a and b.
c) Induction on n. (Exercise!). !
1.15 Example. In R = Z [ − 5 ] , x = 1 + − 5 and y = 2 have a

GCD, but no LCM. Indeed, let d = a + b − 5 (a, b ∈ Z) be a common
divisor of x and y. Using the properties of the norm N (see 1.8.c.), we
get N(d ) | N(x) = 6 and N(d ) | N(y) = 4 in Z. So, N(d ) | 2 in Z. Since
N(d ) = a 2 + 5b2 , a case-by-case inspection leads to the conclusion that

a = ±1 and b = 0. Thus, d is invertible. We proved that any common
divisor of x and y is a unit, so x and y have GCD equal to 1.
Suppose a LCM µ ∈ R of x and y exists. Then 6 | N(µ) and 4 | N(µ)
in Z, so 12 | N(µ) in Z. On the other hand, 6 = 2·3= (1 − − 5 )(1 + − 5 )
and 2(1 + − 5 ) are common multiples of x and y, so they are common
multiples of µ. Thus, N(µ) divides N(6) = 36 and
N (2 )N (1 + − 5 ) = 24 in Z, so N(µ) | 12. Combining with 12 | N(µ),
we get N(µ) = 12, which is impossible (the equation a 2 + 5b 2 = 12 has
no solutions in Z).
If R is a domain, let R° designate the set of nonzero and non-invert-

ible elements in R:
R° := R \ {0}\ U(R)
In Z, prime numbers play a central role in divisibility questions.
Usually, the (elementary) definition for the notion of prime number is
“the natural number p > 1 is prime if its only divisors in N are 1 and
p”. The generalization to the case of a domain of this definition leads
to the notion of irreducible element (also compare with the notion of
prime element below).
1.16 Definition. Let R be a domain.

The element p ∈ R° is called irreducible (in R) if it has no proper
divisors. In other words, any divisor of p is either a unit or is associ-
ated to p: ∀d ∈ R, d | p ⇒ d ∼ 1 or d ∼ p.
The element p ∈ R° is called prime (in R) if, for any a, b ∈ R, p | ab
⇒ p | a or p | b.
We emphasize that a prime element or an irreducible element is by
definition nonzero and non-invertible.
I.1 Divisibility 19
A quick argument shows that, for any m ∈ N*, if p is prime and p

divides a product of m factors in R, then p divides one of the factors.
1.17 Proposition. Every prime element is also irreducible.

Proof. Let p ∈ R be prime. If d ∈ R is a divisor of p, there exists x
∈ R (nonzero) such that p = dx. So p | dx, which implies p | d (and we
are finished) or p | x. But p | x means that p ∼ x (since x | p), so p = ux,
with u a unit. So, ux = dx = p and thus u = d is a unit. !
The notions of prime element and irreducible element (which coin-
cide for Z, as we will see) are not the same in general.
1.18 Example. In " [ −5 ] , 2 is irreducible and it is not prime. In-

deed, 2 divides (1 − −5 )(1 + −5 ) = 6 , but 2 divides neither factor.
On the other hand, if d is a divisor of 2, then N(d ) can only be 1, 2 or
4. An examination of the possible cases shows that d is ±1 or ±2.
Thus, the notion of prime element depends heavily on the ring in
which it is considered: 2 is prime in Z, but not in " [ −5 ] . The same
remark applies to the notion of irreducible element.
The GCD domains do not have the peculiarity described in the
example above:
1.19 Proposition. Let R be GCD domain. Then any irreducible ele-

ment in R is prime in R.
Proof. Let p ∈ R, irreducible and x, y ∈ R such that p | xy. If p - x,
then the GCD of p and x (which exists!) is 1. Indeed, if d | x and d | p,
we cannot have d ∼ p (we would get p | x), so d ∼ 1. Thus, p | xy and
(p, x) = 1. Corollary 1.13 guarantees that p | y. !
The notion of divisibility can be translated in the language of ide-
als. This approach allows extending classical results on the divisibility
in Z to much more general classes of rings (for instance, the primary

decomposition theory).
Recall that a subset I of the commutative ring R is called an ideal of
R if:
a) (I, + ) is a subgroup in the additive group (R, + ): ∀x,
y ∈ I ⇒ x + y ∈ I.
b) ∀x ∈ I, ∀r ∈ R ⇒ rx ∈ I.
Write I ≤ R if I is an ideal in the ring R. The ideal I is proper if
I ≠ R.
For a ∈ R, the ideal generated by a is the set {ra | r ∈ R}, denoted
by Ra or aR and is called the principal ideal generated by a. The sum
of two ideals I and J of R is the ideal:
I + J := {i + j | i ∈ I, j ∈ J}.
1.20 Proposition. Let R be a domain, n ∈ N* and a, b, x1, ..., xn ∈

R. Then:
a) a | b if and only if Ra ⊇ Rb.
b) a ∼ b if and only if Ra = Rb.
c) a ∈ U(R) if and only if Ra = R.
d) a is prime in R if and only if Ra is a prime ideal.
e) a is irreducible in R if and only if Ra is a maximal ideal among
the principal proper ideals of R (more precisely: ∀ x ∈ R such that
Ra ⊆ Rx, we have Ra = Rx or Rx = R).
f ) a is a common divisor of x1, ..., xn if and only if Rx1 +...+ Rxn is
included in Ra.
g) If Rx1 +... + Rxn = Ra, then a = (x1, ..., xn).2
h) a is a common multiple of x1, ..., xn if and only if Rx1 ∩… ∩ Rxn
includes Ra.
2
The converse is false in general. For a counterexample, see the section
Principal Ideal domains.
I.1 Divisibility 21
i) a = [x1, ..., xn] if and only if Rx1 ∩ …∩ Rxn = Ra.

Proof. a) a | b ⇔ ∃ c ∈ R with b = ca ⇔ b ∈ Ra ⇔ Rb ⊆ Ra.
b) Obvious, by a).
c) If a is invertible, then ∃ c ∈ R with ca = 1. So 1 ∈ Ra ⇒ Ra = R.
Conversely, if Ra = R, then 1 ∈ Ra, so there exists c ∈ R such that 1 =
ca.
d) Let x, y ∈ R. We have xy ∈ Ra ⇔ a | xy. If a is prime, then a | x
or a | y, i. e. x ∈ Ra or y ∈ Ra, which shows that Ra is prime. If Ra is
a prime ideal and a | xy, then xy ∈ Ra, so x ∈ Ra or y ∈ Ra ⇔ a | x or
a | y.
e) Suppose a is irreducible. If Rx is a proper principal ideal of R
with Ra ⊆ Rx, then x | a. Since a has no proper divisors, x is associ-
ated with a or it is a unit. But x cannot be a unit because Rx ≠ R. So,
x ∼ a, i.e. Rx = Ra. Suppose now Rx is maximal among principal
proper ideals, and d ∈ R is a divisor of a. Then Ra ⊆ Rd, so Rd = Ra
or Rd = R. This means d ∼ a or d ∼ 1.
f ) If a is a common divisor of x1, ..., xn, then a | r1 x1 + ... + rn xn , for
any r1, ..., rn ∈ R, so any element in the ideal Rx1 +...+ Rxn is divisible
by a. The other implication is left to the reader.
g) From f ), a is a common divisor of x1, …, xn. Let d ∈ R be an-
other common divisor. Because a ∈ Rx1 +… + Rxn, ∃ c1, …, cn ∈ R
with a = c1x1 + …+ cnxn. Since d | x1, …, d | xn, we obtain d | a.
h), i) are left to the reader. !
An essential role in the arithmetic of Z is played by the theorem of
division with remainder:
For any a, b ∈ Z, b ≠ 0, there exist q, r ∈ Z, such that a = bq + r
and | r | < | b | or r = 0.
From this theorem, one deduces other two fundamental properties
of Z:
Every ideal of Z is principal (of the form nZ, for some n ∈ Z).
Any nonzero non-invertible integer can be written as a finite prod-

uct of prime integers and this writing is unique up to the order of fac-
tors and an association of the factors in divisibility. This result is
called „the fundamental theorem of integer arithmetic” or „the unique
integer factorization theorem”.
Abstracting these properties of Z, one obtains the notions of
Euclidian domain (a domain in which a property analogous to the
theorem of division with remainder holds), principal ideal domain (a
domain whose every ideal is principal) and, respectively, unique
factorization domain (a domain in which every nonzero non-invertible
element can be written as a product of primes).
The following sections are devoted to the study of these classes of
rings.
I.2 Euclidian domains
2.1 Definition. A domain R is called an Euclidian domain if there

exists a mapping ϕ : R \ {0} → N satisfying:
For any a, b ∈ R, b ≠ 0, there exist q, r ∈ R such that:
(DRT)
a = bq + r and (r = 0 or ϕ(r) < ϕ(b)).
We say in this case that R is an Euclidian domain with respect to ϕ.
The property (DRT) is called the “Division with remainder theorem
in R”; q is called traditionally the quotient and r is called the remain-
der of the division of a by b.
Of course, the definition above originates in the division with
remainder theorems in Z (where ϕ is the absolute value
| | : Z \ {0} → N), respectively in K[X], with K a field (where ϕ is the
I.2 Euclidian domains 23
degree function deg : K[X] \ {0} → N). These rings are also the most
important examples of Euclidian domains.
2.2 Remark. Sometimes, in the definition of an Euclidian domain,

the following condition on ϕ is also required:
For any a, b ∈ R \ {0}, a | b implies ϕ(a) ≤ ϕ(b).
This extra condition is not essential and in fact defines the same
class of rings as the definition above (see 4.9).
2.3 Remark. If b ∈ R, b ≠ 0, and ϕ(b) = 0, then b ∈ U(R). Indeed,

the remainder r of the division of 1 to b satisfies 1 = bq + r, for some
q ∈ R, and (r = 0 or ϕ(r) < ϕ(b) = 0). Clearly, the natural number ϕ(r)
cannot be < 0, so r = 0.
The converse is false in general (give a counterexample!).
The Euclidian domains are GCD rings. This follows from the fact
that the Euclidian algorithm can be performed in these rings and
guarantees the existence of GCD's:
2.4 Theorem (Euclidian Algorithm). Let R be an Euclidian domain

and let a, b ∈ R, with b ≠ 0. Then a GCD of a and b exists and it can
be found by the following algorithm:
Algorithm Euclid (R, a, b, d)
Input: a, b ∈ R.
Output: d = GCD(a, b) ∈ R.
begin
if b = 0 then d := a; Stop.
else
(Step 1) Find q, r ∈ R with a = bq + r and (r = 0 or ϕ(r) < ϕ(b)).
if r = 0 then d := b; Stop.
else a := b, b := r; go to Step 1
end
Moreover, there exist (and can be algorithmically determined) u, v

∈ R such that
d = au + bv.
3
Proof. The algorithm above implies the following sequence of
divisions with remainder performed in R:
(1) a = bq1 + r1 with r1 = 0 or ϕ(r1) < ϕ(b);
(2) b = r1q2 + r2 with r2 = 0 or ϕ(r2) < ϕ(r1);
(3) r1 = r2q3 + r3 with r3 = 0 or ϕ(r3) < ϕ(r2);
...
(n − 2) rn − 4 = rn − 3qn − 2 + rn − 2 with rn − 2 = 0 or ϕ(rn − 2) < ϕ(rn − 2);
(n − 1) rn − 3 = rn − 2 qn − 1 + rn − 1 with rn − 1 = 0 or ϕ(rn − 1) < ϕ(rn − 2);
(n) rn − 2 = rn − 1 qn + rn with rn = 0.
The existence of the elements qi, ri ∈ R with the properties above is
guaranteed by the condition (1) in the definition of the Euclidian do-
main. The strictly decreasing sequence of natural numbers
*
ϕ(b) > ϕ(r1) > ϕ(r2) > ... must terminate, so there exists n ∈ N with
rn = 0 (which means that the algorithm terminates in a finite number of
steps). We must prove that rn − 1 (the last nonzero remainder) is a GCD
of a and b.
The relation (n) shows rn − 1 | rn − 2. The relation (n − 1) implies
rn − 1 | rn − 3. Using relations (n − 2), ..., (3), (2), (1), we obtain (by
induction) that rn − 1 | b and rn − 1 | a. Now let e ∈ R be a common divi-
sor of a and b; then e also divides r1 = a − bq1. Using (2), e divides
3
We hope that the algorithm is clear to the reader. We do not want to present a
rigorous “pseudo-programming language” or use strict syntax rules from a particular
language. Also, this algorithm is intended to serve a theoretical purpose; for
instance, “finding” the elements q, r at step 1 does not imply a description of a
concrete procedure (such procedures can be given for particular rings as Z, Q[X],
…) and merely uses the fact that these elements exist. Moreover, implementing this
algorithm must take into account computer representations of the elements of R,
decision algorithms of the equality of two elements in R, addition and multiplication
algorithms in R etc. These important issues are not discussed here.
I.2 Euclidian domains 25
r2 = b − r1q2. By induction, e | ri for any i < n, so e | rn − 1. Thus,

rn − 1 = (a, b).
In order to obtain d = rn − 1 written as au + bv, we note that
r1 = a − bq1 is a linear combination of a and b; replacing r1 in (2) with
a − bq1, r2 can be written as au' + bv' and so on. By induction, rn − 1 is
of the form au + bv. The following version of Euclid's algorithm (the
extended Euclidian algorithm) outputs d, u, v with d = (a, b) and
d = au + bv. Note that the variables u and v are such that the last
remainder in the computation is always au + bv) :
Input: a, b ∈ R.
Output : d = GCD(a, b) ∈ R and u, v ∈ R such that d = au + bv.
begin
if b = 0 then d := a; u := 1; v := 0; stop.
else u1 := 1; v1 := 0; u := 0; v := 1.
Step 1. Find q, r ∈ R with a = bq + r and r = 0 or ϕ(r) < ϕ(b).
if r = 0 then d := b; Stop.
else a := b; b := r; u1 := u1 − qu; v1 := v1 − qv;
t := u; u := u1; u1 := t;
t := v; v := v1; v1 := t;
go to Step 1
end !
2.5 Examples. a) Z is an Euclidian domain with respect to the

absolute value. Here is a proof. Let b ∈ Z, b > 0. We shall prove (by
induction) that for every a ∈ N, there exist q, r ∈ N satisfying
a = bq + r and r = 0 or r < b. If a < b, q = 0, r = a satisfy these condi-
tions. If a ≥ b, suppose that the claim is true for any n < a and we
prove it for a. Since a − b < a, by induction exist q, r ∈ N such that
a − b = bq + r and r = 0 or r < b. This implies a = b(q + 1) + r and the
claim is proven. If a < 0, − a ∈ N, so there exist q, r ∈ N such that
− a = bq + r and r = 0 or r < b; so a = b(−q) + (−r), with r = 0 or |−r | <
b. We leave the case b < 0 to the reader.
Given a, b ∈ Z, the quotient q and remainder r of the division of a

by b are not unique: for instance, 3 = 2·1 + 1 = 2·2 + (−1). If we re-
quire that the remainder should be positive, then q and r are unique.
b) The ring K[X] of polynomials in one indeterminate X with
coefficients in the field K is Euclidian with respect to
deg : K[X] \ {0} → N. The proof originates in the procedure of long
n
polynomial division taught in school. Let f = a0 +… + an X and
m
g = b0 + … + bm X ∈ K[X], with g ≠ 0 (i.e. bm ≠ 0). We prove by
induction on n = deg f. If n < m, set q = 0, r = f. If n ≥ m, h
= f − bm an g has degree less than n (the degree n terms cancel out)
−1
and, by induction, there exist q, r ∈ K[X], h = gq + r, with deg r < m.

( )
Thus, f = g q + bm −1an X n − m + r . Note that q and r are unique (prove!).
For further reference, we recall:
2.6 Definition. Let n ∈ N be fixed. Two integers a, b ∈ Z are

congruent modulo n if n | a − b. We denote this fact by a ≡ b (mod n).
We have a ≡ b (mod n) ⇔ a − b ∈ nZ ⇔ a and b yield the same re-
mainder when divided by n. Recall that the relation defined here is an
equivalence relation on Z and the set of equivalence classes is struc-
tured as a ring (which is in fact the factor ring Z/nZ), called the ring of
integers modulo n, often denoted by Zn.
I.3 Euclidian rings of quadratic integers
Besides Z and the polynomial ring in one indeterminate with

coefficients in a field, important examples of Euclidian domains are
among the rings of the form
Z[ d ] = {a + b d | a, b ∈ Z}.
I.3 Euclidian rings of quadratic integers 27
A somewhat surprising fact is that the ring

Z[ (1 + d ) 2 ] = {a + b (1 + d ) 2 | a, b ∈ Z} has sometimes better
arithmetic properties than Z[ d ]. This fact is closely connected to
the theory of the rings of quadratic integers, an important topic in
(algebraic) number theory. In the following, some elementary facts on
these rings are presented. The unproven statements below are pro-
posed as exercises (some of them in the next chapters). For a system-
atic treatment of the theory of algebraic integers, see for instance
LANG [1964].
3.1. Definition. A subfield of C that has dimension 2 viewed as a

vector space over Q is called a quadratic number field.
Using elementary tools of field extensions theory, one can readily
show that any quadratic number field is of the form
Q[ d ] = {a + b d | a, b ∈ Q}, where d ∈ Z is squarefree.
3.2. Definition. A complex number that is the root of a monic4

polynomial in Z[X] is called integral over Z (or algebraic integer).
For instance, 2 is integral over Z, but 1/2 is not. Sometimes, for
avoiding confusions, the numbers in Z are called rational integers.5
An element of a quadratic number field that is integral over Z is
called a quadratic integer. One can prove that: a quadratic integer is a
root of a monic polynomial in Z[X] of degree 2.
Fix d ∈ Z, squarefree. If α = a + b d ∈ Q[ d ], the element
α = a − b d is called the conjugate of α. Define the norm
N : Q[ d ] → Q and the trace Tr : Q[ d ] → Q,
N(α) := α α = a2 − db2
4
A polynomial is called monic if the coefficient of its monomial of maximum
degree is 1.
5
Because every algebraic integer over Z which is rational (in Q) must be in Z.
Prove!
Tr(α) := α + α = 2a
for any α = a + b d ∈ Q[ d ] (a, b ∈ Q).
The norm N is multiplicative and the trace Tr is additive: for any
α, β ∈ Q[ d ],
N(αβ) = N(α)N(β),
Tr(α + β) = Tr(α) + Tr(β).
One can prove that, for any x ∈ Q[ d ] : x is integral over Z (x is a
quadratic integer) ⇔ Tr(x) ∈ Z and N(x) ∈ Z.
The quadratic integers in Q[ d ] form a ring, called the ring of
integers of Q[ d ] . This ring is traditionally called a ring of quadratic
integers (imaginary if d < 0, respectively real if d > 0). We have the
following (for the proof, see the Exercises):
3.3 Proposition. The ring of integers of Q[ d ] is Z[θ ], where

Z[θ ] = {a + bθ | a, b ∈ Z} and
⎧ d if d ≡ 2 or 3 (mod 4)
θ=⎨ !
⎩ (1 + d ) 2 if d ≡ 1 (mod 4).
In what follows, for a fixed d ∈ Z, squarefree, θ denotes the num-
ber above.
We remark also that
Q[ d ] = Q[θ ] = {a + bθ | a, b ∈ Q}.
If d ≡ 1(mod 4), then Z[θ ] = {a + b (1 + d ) 2 | a, b ∈ Z} can also
be described as the set of complex numbers of the form (u + v d )/2,
with u, v ∈ Z having the same parity.
According to the above, Z[i], Z[ 2 ], Z [(1 + i 3 ) 2], Z [(1 + 5 ) 2]
are examples of rings of quadratic integers.
The norm N : Q[ d ] → Q has the property that N(α) ∈ Z,
∀α ∈ Z[θ ], as we saw above. We obtain a mapping:
|N| : Z[θ ] → N, |N|(α) = |N(α)|, ∀α ∈ Z[θ ].
A natural problem arises:
I.3 Euclidian rings of quadratic integers 29
For which d ∈ Z, squarefree, Z[θ ] is Euclidian with respect to |N|?

We remark first that, since the norm N : Q[ d ] → Q is multiplica-
tive (N(xy) = N(x)N(y), ∀x, y ∈ Q[ d ] ), |N| : Z[θ ] → N is also
multiplicative.
If d < 0, the representation of the complex numbers in Z[θ ] in the
plane yields a grid (rectangular if d ≡ 2 or 3 (mod 4) and oblique if
d ≡ 1(mod 4)); moreover, for any x, y ∈ Q[ d ] , |N|(x − y) is the
Euclidian distance between the points x and y.
d ≡ 2 or 3 (mod 4) d ≡ 1 (mod 4)
If d > 0, Z[θ ] is a (dense) subset of R and no geometric interpreta-

tion is available.
3.4 Lemma. Let d ∈ Z, squarefree. Then R := Z[θ ] is Euclidian

with respect to |N| if and only if for any x ∈ Q[ d ] , there exists γ ∈ R
such that |N|(x − γ) < 1.
Proof. “⇒” Q[ d ] is the field of quotients of R, i.e.: ∀x ∈
Q d ] , ∃α, β ∈ R, β ≠ 0 such that x = α/β. Since R is Euclidian with
[
respect to |N|, ∃γ, δ ∈ R such that α = βγ + δ, with |N|(δ ) < |N|(β) or δ
= 0. So,
x = α/β = γ + δ/β,
with |N|(x − γ) = |N|(δ /β) = |N|(δ )/(β) < 1.
“⇐” Let α, β ∈ R. For x = α/β ∈ Q[ d ] , ∃γ ∈ R with |N|(x − γ) <

1. Let δ = x − γ ∈ Q[ d ] . Thus, α = βγ + βδ , with βδ = α − βγ ∈ R
and |N|(βδ ) = |N|(β)·|N|(δ ) < 1. !
If d < 0, because Q[ d ] is dense 6 in C, the lemma can be re-
phrased as follows:
The ring Z[θ ] is Euclidian with respect to |N| if and only if any
point in the complex plane is situated at a distance smaller than 1 to
some point in the grid Z[θ ].
3.5 Proposition.7 Let d ∈ Z, d < 0, squarefree.

a) If d is congruent with 2 or 3 (mod 4), Z[ d ] is Euclidian with
respect to |N| if and only if d = −1 or d = −2.
b) If d ≡ 1 (mod 4), Z[(1 + d ) 2] is Euclidian with respect to |N| if
and only if d ∈ {−3, −7, −11}.
Proof. a) Z[ d ] is Euclidian with respect to |N| if and only if all
points inside a rectangle of the grid are situated at a distance less than
1 from some vertex of the rectangle. The greatest distance to the verti-
ces is attained at the intersection of the diagonals, at the distance of
1 − d 2 to any vertex. We have 1 − d 2 < 1 if and only if d > −3,
i.e. d = −1 or d = −2.
b) In this case, the grid forms isosceles triangles with base 1 and
height − d 2 . The points inside the triangle have distance less than
1 to some vertex if and only if the circles of radius 1 centered in base
vertices intersect in a point P situated at a distance less than 1 to the
third vertex. An easy geometric reasoning shows that the distance
from P to the third vertex is ( − d − 3 ) 2 . We must have then
( − d − 3 ) 2 < 1 ⇔ d > −7 − 4 3 ⇔ d ∈ {−3, −7, −11}. !
6
For any z ∈ C and any ε ∈ R, ε > 0, there exists x ∈ Q[ d ] such that |z − x| < ε.
7
This result was obtained in 1923 by L. E. Dickson.
I.4 Principal ideal domains 31
We obtain that the following rings are Euclidian with respect to |N|:
Z[i], " [i 2 ] , " ⎡⎣(1 + i 3 ) 2 ⎤⎦ , " ⎡⎣(1 + i 7 ) 2 ⎤⎦ , " ⎡⎣(1 + i 11 ) 2 ⎤⎦ .
One can prove that these are all the imaginary Euclidian rings of
quadratic integers (not necessarily with respect to |N|). The real case
d > 0 has no geometric interpretation and is considerably more diffi-
cult.
I.4 Principal ideal domains
4.1 Definition. A domain R is called a principal ideal domain

(PID) if any ideal of R is principal. In other words, for every ideal I of
R, there exists a ∈ R such that I = Ra.
Any field is a PID 8 . The most important examples of PIDs are
given by the following result.
4.2 Theorem. Any Euclidian domain is a principal ideal domain.

Proof. Let R be Euclidian with respect to ϕ and let I be a nonzero
ideal of R. The set of natural numbers {ϕ(x) | x ∈ I, x ≠ 0} contains a
minimum element: ∃a ∈ I, a ≠ 0, such that ϕ(a) = min{ϕ(x) | x ∈ I,
x ≠ 0} (a may not be unique). We claim that a is a generator of the
ideal I. Obviously, Ra ⊆ I. In order to prove the opposite inclusion,
suppose by contradiction that there exists b ∈ I \ Ra. Applying the
division with remainder in R, we obtain elements q, r ∈ R such that b
= aq + r, r ≠ 0 (since b ∉ Ra) and ϕ(r) < ϕ(a). But a, b ∈ I, so r ∈ I
and ϕ(r) < ϕ(a) contradict the choice of a. !
8
Sometimes the fields are not considered principal ideal domains by definition.
For instance, if K is a field, K[X] is a PID; if I ≠ 0 is an ideal in

K[X], a generator of I is a polynomial g ∈ I of minimum degree
among the degrees of nonzero polynomials in I.
The principal ideal domains are GCD-domains; for any a, b ∈ R,
there exists their GCD, namely any generator of the ideal aR + bR:
4.3 Proposition. Let R be a PID and let a, b ∈ R. Then:

a) A GCD d of a and b exists and, for some u, v ∈ R, d = au + bv .
Moreover, the element d ∈ R is a GCD of a and b if and only if
dR = aR + bR.
b) The element m ∈ R is a LCM of a and b if and only if mR
= aR ∩ bR.
Proof. a) Since R is a PID, ∃d ∈ R such that the ideal aR + bR =
{ax + by | x, y ∈ R} is generated by d. Since d ∈ aR + bR, there exist
u, v ∈ R such that d = au + bv. We have a, b ∈ dR, so d | a, d | b. If e
∈ R is such that e | a, e | b, then e | ax + by, ∀x, y ∈ R. In particular,
e | d. Thus, any generator d of aR + bR is a GCD of a and b.
Conversely, if d is a GCD of a and b, d divides a and b, so dR ⊇
aR and dR ⊇ bR. Thus, dR ⊇ aR + bR. If e is a generator of aR + bR,
this means d | e. But e is also a common divisor of a and b, so d is
associated to e. Thus, dR = eR = aR + bR.
b) The proof is similar to the one above and is proposed as an exer-
cise. !
Recall that, for a, b ∈ R, the notation (a, b) is used to designate the
ideal generated by a and b, aR + bR. The proposition above shows that
this notation is consistent to the fact that it designates also the GCD of
a and b (which is a generator of the ideal aR + bR).
4.4 Example. Let R be a domain that is not a field and take r ∈ R

nonzero and non invertible. Then the ideal (r, X) in R[X] is not princi-
pal, so R[X] is not a PID. In particular, the rings Z[X], K[X, Y], with K
a field, are not PID's.
Indeed, suppose that for some f ∈ R[X], we have ( f ) = (r, X). Then
f | r. We obtain deg f = 0, so f ∈ R. Since f | X, there exists g ∈ R[X]
with X = fg, so f is invertible in R. Thus, the GCD of r and X is 1, so
f = 1. But the ideal generated by r and X does not contain 1: if h, q ∈
R[X] are such that 1 = hr + qX, setting X = 0 in this equality of
polynomials, it follows that 1 = h(0)·r, which means r is invertible, a
contradiction.
Using Proposition 1.19 and the fact that any PID is a GCD-domain,
we obtain:
4.5 Proposition. In a PID, an element is irreducible if and only if it

is a prime element. !
Thus, the domains containing irreducibles that are not primes are
not principal ideal domains. such a ring is Z[ − 5 ], as Example 1.18
shows.
4.6 Corollary. In a PID R, the prime nonzero ideals are maximal

ideals. Any maximal ideal is of the form pR, where p is irreducible in
R. Moreover, p ∈ R is irreducible if and only if pR is a maximal ideal.
Proof. It is sufficient to remark that any nonzero prime ideal is
principal, generated by a prime p (Prop. 1.20.d)). The element p is
irreducible, so (Prop. 1.20.e)) the ideal pR is maximal. The other state-
ments are obvious. !
The case R = Z of the following proposition is known as the “the
fundamental theorem of integer arithmetic”. Recall that
R° = {x ∈ R | x is nonzero, non-invertible}.
4.7 Theorem. Let R be a PID. Then every nonzero non-invertible

element r in R is a finite product of prime elements.9
Proof. Since R is a PID, the primes in R coincide with the irreduci-
bles in R. Suppose by contradiction that there exists r0 ∈ R° such that
r0 cannot be written as a finite product of irreducibles. In particular, r0
is reducible, so r0 = r1s1, with r1, s1 ∈ R°, not associated with r0. If r1
and s1 are finite products of irreducibles, then r0 is too, false. So, at
least one of them (say r1) is not a product of irreducibles. We obtain
thus r1∈ R° with r1 | r, r1 ¿ r and r1 is not a product of irreducibles.
This reasoning applies to r1, so we get r2 ∈ R°, r2 | r1, r2 ¿ r1, and r2 is
not a product of irreducibles. By induction, there exists a sequence
(rn)n ≥0 of elements in R, with the property that for any n ∈ N, rn + 1 is a
proper divisor of rn. In other words, we obtain a strictly increasing se-
quence of ideals r0R ⊂ r1R ⊂ … ⊂ rnR ⊂ rn+1R ⊂ …. This is impossi-
ble in a PID, as the following lemma shows.
4.8 Lemma. Let R be a PID and let (In)n ≥ 0 be a sequence of ideals

in R such that In ⊆ In + 1, for any n ∈ N. Then there exists m ∈ N such
that Im = Im + i , for any i ∈ N. (In other words, every ascending se-
quence of ideals is stationary).
Proof. Let I be the union of all ideals In, n ∈ N. Since the sequence
(In)n ≥ 0 is ascending, I is an ideal in R: if x, y ∈ I, then, for some i, j ∈
N, x ∈ Ii, y ∈ Ij. So x, y ∈ It, where t = max(i, j), hence x + y ∈ It ⊆ I.
If r ∈ R, rx ∈ Ii ⊆ I. But R is a PID, so there exists a ∈ R such that I =
aR. Since a ∈ I, there exists m ∈ N such that a ∈ Im, so aR ⊆ Im ⊆
I = aR. So aR = I = Im + i, ∀i ∈ N. !
A ring R satisfying the ascending chain condition (ACC): every as-
cending sequence of ideals of R, I0 ⊆ I1 ⊆ …, is stationary (there ex-
9
The products may contain a single factor (i.e., the element itself is a prime).
ists m ∈ N such that Im = Im + i, ∀i ∈ N) is called a Noetherian ring.10

We have shown that every PID is Noetherian. Note that the proof
above can be slightly modified to obtain the theorem: A ring in which
every ideal is finitely generated is Noetherian. The converse is also
true. Noetherian rings are an important topic in Commutative Algebra.
We have remarked that sometimes in the definition of the Euclidian
domain R with respect to ϕ : R \ {0} → N, an extra condition is re-
*
quired: for any a, b ∈ R , a | b implies ϕ(a) ≤ ϕ(b). We show that this
condition is not essential.
4.9 Proposition. Let R be a Euclidian domain with respect to

ϕ : R*→ N. Then there exists ψ : R*→ N such that R is Euclidian with
respect to ψ and, for any a, b ∈ R*, a | b implies ψ(a) ≤ ψ(b).
Proof. Let ψ : R* → N, defined by ψ(x) = min{ϕ(y) | y ∼ x},
∀x ∈ R. Clearly, x ∼ y implies ψ(x) = ψ(y). We claim that R is Euclid-
ian with respect to ψ. Let a, b ∈ R, b ≠ 0 and let b0 be associated with
b such that ψ(b) = ϕ(b0). There exist q, r ∈ R such that a = b0q + r and
r = 0 or ϕ(r) < ϕ(b0). Since b0 = bu, for some unit u, we have a =
b(uq) + r and r = 0 or ψ(r) ≤ ϕ(r) < ϕ(b0) = ψ(b). Now let a, b ∈ R*
with a | b. As seen in the proof of 4.2, a generator of the ideal aR is an
element c (which must be associated with a) such that
ψ(c) = min{ψ(x) | x ∈ aR, x ≠ 0}. So ψ(a) =ψ(c) ≤ ψ(b), since b ∈ aR. !
Are there any principal ideal domains that are not Euclidian? The
answer is affirmative, but the examples are not easy to find. Such an
1 + i 19 ⎤
example is Z ⎡ , as shown by Dedekind in 1894.
⎢⎣ 2 ⎥⎦
10
Emmy Noether (1882–1935), German.
I.5 Unique factorization domains
5.1 Definition. A domain R with the property that every nonzero

and non-invertible element is a finite product11 of prime elements is
called a unique factorization domain (UFD).
Theorem 4.7 shows that any principal ideal domain (thus also any
Euclidian domain) is a UFD. Every field is a UFD, because it has no
nonzero and non-invertible elements.
5.2 Proposition. Every irreducible element in a UFD is also a

prime.
Proof. Let R be a UFD and let p be irreducible in R. Since p ∈ R°,
p is a product of primes. But this product can have only one factor,
otherwise p would not be irreducible. So, p is itself a prime. !
The next Proposition justifies and explains the epithet “unique” in
the name of a UFD.
5.3 Proposition. Let R be a domain and r ∈ R°. If r has a prime de-

composition, then this decomposition is unique up to an ordering of
the factors and an association in divisibility. This means that: if r =
p1…pn = q1…qm are two prime decompositions of r, then m = n and
there exists a permutation σ of the set {1, …, n} such that pi ∼ qσ(i), ∀i
∈ {1, …, n}.
Proof. Let r = p1 … pn be a prime decomposition of r. Call the
natural number n the length of the decomposition. Define l(r) as the
*
smallest n ∈ N such that there exists a prime decomposition of r of
length n.
11
Such a product is also called a prime decomposition of the element. Products
may have a single factor.
I.5 Unique factorization domains 37
We prove the claim by induction on l(r).

If l(r) = 1, then let r = p1 = q1 … qm, with p1, q1, …, qm prime. Since
r is a prime and r divides the product q1 … qm, r divides one of the
factors, say q1 (relabel if necessary). But q1 is irreducible, so we have
r ∼ q1. Thus r = q1u, with u invertible. We must prove that m = 1. If
m ≥ 2, simplifying by q1 in q1u = q1 … qm, we obtain q2 … qm = u, so
q2, …, qm are invertible, contradiction.
Suppose the claim is true for any x ∈ R° with l(x) < n. Let r ∈ R,
r = p1 … pn = q1 … qm, with p1, …, pn, q1, …, qm primes. Because pn is
prime, ∃i ∈ {1, …, n} such that pn | qi. But qi is irreducible, so pn ∼ qi,
that is, vpn = qi, with v a unit. Simplifying by pn, we obtain the relation
p1 … pn−1 = vq1 … qi−1qi+1 … qm. The induction hypothesis applied to
p1 … pn−1 shows that n − 1 = m − 1 and p1, …, pn − 1 are associated with
q1, …, qi − 1, qi + 1, …, qm, possibly in other order. !
A UFD is also a GCD-domain. This is an important property of the
UFD's. Several other characterizations are collected in the next theo-
rem.
5.4 Theorem. Let R be a domain. The following statements are

equivalent:
a) R is a UFD.
b) Every element in R° is a finite product of irreducibles and every
irreducible is a prime.
c) Every element in R° has a decomposition in irreducible factors,
unique up to a reordering of the factors and an association in
divisibility.
d)Every element in R° has a decomposition in irreducible factors
and every two elements have a GCD.
Proof. a)⇒b) It follows from Prop. 5.2.
b)⇒c) It follows from Prop. 5.3.
c)⇒d) Let a, b ∈ R° (if a, b ∈ {0} ∪ U(R), it is trivial to exhibit a

GCD of a and b). A GCD of a and b can be determined by “taking the
common prime factors, at the smallest power”. To be precise, let P be
a system of representatives of the equivalence classes of the irreduci-
ble elements in R (with respect to the association in divisibility). This
means that every irreducible in R is associated to exactly one element
in P. Property c) assures that there exist and are unique distinct p1,
…, pn ∈ P, s1, …, sn, t1, …, tn ∈ N, u, v ∈ U(R) such that
a = p1s1 … pnsn u and b = p1t1 … pntn v .
The uniqueness claim follows the uniqueness assertion in c). Let ri
= min(si, ti) and define d = p1r1 … pnrn . We have d | a, d | b. If e | a,
e | b, then every irreducible c ∈ P that divides e divides also a and b.
This implies c ∈ {p1, …, pn}. Indeed, otherwise a (or b) would possess
two decompositions in irreducible factors, one containing c and the
other one not, contradicting the uniqueness property. So
e = p1w1 … pnwn q , with w1, …, wn ∈ N, q ∈ U(R). From e | a it follows
that wi ≤ si, and e | b implies wi ≤ ti, i = 1, n . So wi ≤ ri and e | d.
d)⇒a) Prop. 1.19 makes sure that any irreducible is a prime, since
R is a GCD domain. The implication is now obvious. !
Note that in a UFD any two elements a and b have a LCM. Given
two prime decompositions of a and b, their LCM can be determined
by taking “all prime factors in the decompositions, at the greatest
exponent”; with the notations in the proof above, define
qi = max(si, ti); the element m = p1q1 … pnqn is then a LCM of a and b.
5.5 Example. Z [ − 5 ] is not a UFD, since 2 is irreducible and not

a prime (cf. Ex. 1.18). The reader can also check that 6 has two
decompositions as a product of irreducibles in Z [ − 5 ] :
6 = 2·3 = (1 + − 5 )(1 − − 5 ) ,
and 2 is not associated with 1 + − 5 or with 1 − − 5 .
5.6 Proposition. Let R be a UFD, n ∈ N* and a, b1, …, bn ∈ R. If

(a, bi) = 1, for any 1 ≤ i ≤ n, then (a, b1…bn) = 1.
Proof. It is enough to show that there is no prime p that simultane-
ously divides a and b1…bn. If p is such an element, then there exists j,
1 ≤ j ≤ n such that p | bj. Since p | a, we have p | (a, bj) = 1. Therefore,
p is invertible, contradiction. !
The UFDs have many characterizations. The following, due to
Kaplansky, is inspired from Commutative Algebra techniques.
5.7 Theorem. Let R be a domain. Then R is a UFD if and only if

any prime nonzero ideal of R contains a prime element.
Proof. Suppose R is a UFD and P ≠ 0 is a prime ideal. Take a ∈ P,
a ≠ 0. Since P ≠ R, a is not a unit, so a decomposes in prime factors: a
= p1 … pn. Because P is a prime ideal, there exists i such that pi ∈ P.
Suppose now that any nonzero prime ideal in R contains a prime
element. Consider
S = {a ∈ R | a ∈ U(R) or a is a product of prime elements}.
If S = R – {0}, then R is a UFD. Suppose, by contradiction, that
there exists a ∈ R, nonzero, with a ∉ S. We note that S is a multiplica-
tive system (1 ∈ S and ∀a, b ∈ S, ab ∈ S). Then there exists a prime
ideal P in R containing a, with P ∩ S = ∅. This fact, together with the
hypothesis, implies the existence of a prime element p ∈ P. But p ∈ S,
contradicting P ∩ S = ∅. So we must have S = R – {0}.
We have to prove the existence of P. We will prove that any ideal I,
maximal with the properties I ∩ S = ∅ and aR ⊆ I, is prime. Let us
prove first that such an ideal exists. The idea is to use Zorn's Lemma.
Consider the set of ideals (ordered by inclusion):
J = {I ideal in R | I ∩ S = ∅ and aR ⊆ I }.
First, J is not empty, since aR ∈ J. Indeed, if ar ∈ S for some r ∈
R, then ar is a unit or is a product of primes. If ar is a unit, then a is
also a unit, contradiction. If ar is a product of primes, we show that
a ∈ S, by induction on the number of factors. If ar = p, with p a prime

implies p ∼ r (so a is a unit) or p ∼ a (so a ∈ S). If ar = p1 … pn with p1,
…, pn primes, then p1| a or p1| r. If p1 | a, then a = bp1; simplifying, br
= p2 … pn. The induction hypothesis shows that b ∈ S, so a ∈ S. If
p1| r, let r = cp1, for some c, so ac = p2 … pn. Again by induction,
a ∈ S.
J is inductively ordered: every chain in J, indexed by some set L,
(Il)l∈L, is bounded above in J by ∪l∈L Il. The checking is straightfor-
ward and is left to the reader.
Zorn's Lemma guarantees now that some maximal element P ∈ J
exists.
The ideal P is prime: let x, y ∈ R, with x ∉ P and y ∉ P. If, by ab-
surd, xy ∈ P, consider the ideals P + Rx and P + Ry, which strictly in-
clude P. Since P is maximal, there exist some elements s ∈ S ∩(P +
Rx) and t ∈ S ∩(P + Ry); then st ∈ S ∩ P, contradiction. !
The following important result shows the property of R being a
factorization domain is inherited by the polynomial ring R[X]. This
has far from trivial consequences: for instance, it is not obvious that
every polynomial in n indeterminates with coefficients in Z decom-
poses uniquely in irreducible factors.
5.8 Theorem. If R is a UFD, then the polynomial ring in one

indeterminate R[X] is a UFD.
The proof of this theorem needs some preparations, which are also
interesting on their own. First, we determine the units of R[X].
5.9 Proposition. Let R be a domain. Then

U(R[X]) = U(R) and R[X]° = R° ∪ {f ∈ R[X] | deg f ≥ 1}.
In particular, if K is a field, U(K[X]) = K* and
K[X]° = {f ∈ K[X] | deg f ≥ 1}.
Proof. U(R) ⊆ U(R[X]) is evident. If f is a unit R[X], there is some g

such that fg = 1. Since R is a domain, deg f + deg g = 0, so
deg f = 0 = deg g, which means that f, g ∈ R. From fg = 1 we deduce
that f ∈ U(R).
If K is a field, then U(K) = K* and the other claims follow. !
n
5.10 Definition. Let R be a UFD and let f = a0 + a1X + … + anX ∈
R[X]. The GCD of the coefficients a0, a1, …, an is called the content of
f, denoted c{ f }. A polynomial with content (associated with) 1 is
called a primitive polynomial. Note that f is primitive if and only if
there exists no prime p in R such that p divides all the coefficients of f.
Any f ∈ R[X] can be written
f = c{ f }·g, for some primitive g ∈ R[X].
Also, if f = a·g, with a ∈ R and g primitive, then c{ f } = a.
5.11 Proposition. a) Let R be a domain. If p is prime in R, then p is

prime in R[X], too.
b) Let R be a UFD and let f, g be primitive in R[X]. Then the prod-
uct fg is also primitive.12
c) Let R be a UFD and let f, g ∈ R[X]. Then c{ f g} = c{ f }·c(g).
Proof. a) Note first that: p divides a polynomial in R[X] if and only
if p divides all the coefficients of the polynomial. Let f = a0 + a1X + …
n m
+ anX , g = b0 + b1X + … + bmX ∈ R[X] such that p - f and p - g. Let
us prove that p - fg. From p - f we deduce that there exists i, 0 ≤ i ≤ n,
such that p - ai . Take i minimal with p - ai. Similarly, let j be minimal
i+j
such that p - bj. Then the coefficient of X in fg is
∑ ak bl
k + l =i + j
In this sum, aibj is not divisible by p and the other terms are divisi-
ble by p (as products of two factors, at least one of which is divisible
12
This is called “Gauss' Lemma”.
i+j
by p). So, the coefficient of X is not divisible by p and neither is the
polynomial fg .
b) If fg is not primitive, there exists p ∈ R, prime, such that p | fg.
The previous paragraph implies p | f or p | g, contradiction.
c) Let f = c{ f }·f1, g = c(g)·g1, where f1 and g1 are primitive. Then
fg = c{ f }c(g)·f1·g1,
with f1g1 primitive by b). It is clear now that c{ fg} = c{ f }c(g). !
5.12 Proposition. Let R be a UFD and let K be its field of quo-

tients. Then a polynomial f in R[X] of degree ≥ 1 is irreducible in R[X]
if and only if f is primitive and irreducible in K[X].
Proof. Let f be irreducible in R[X]. Then f is clearly primitive. Let
us prove that f is irreducible in K[X]. If f = gh, with g, h ∈ K[X], by
multiplying with the LCM of the denominators of the coefficients of g
and h, we get something like af = g1h1, for some polynomials g1,
h1 ∈ R[X] and some a ∈ R. Computing the contents, we have a =
c(g1)c(h1), since c{ f } = 1. We have g1 = c(g1)·g2, h1 = c(h1)·h2, with
primitive g2, h2 ∈ R[X]. So af = c(g1)·c(h1)·g2·h2; simplifying by a( =
c(g1)c(h1)), we obtain f = g2h2. Since f is irreducible in R[X], deg g2 = 0
or deg h2 = 0. But deg g = deg g1 = deg g2 and similarly for h, so deg g
= 0 or deg h = 0.
Conversely, if f is irreducible in K[X], it has no proper divisors (of
degree ≥ 1) in K[X]; so it does not have divisors of degree ≥ 1 in R[X].
Since f is primitive, f has no non-invertible factors of degree 0. !
This result is also important from a practical point of view: in order
to prove that some polynomial with coefficients in R is irreducible in
K[X], it is sufficient to prove it is irreducible in R[X], which is often
easier to accomplish.
We can give now the Proof of the Theorem 5.8. We will use the
characterization in 5.4.b). Le R be a UFD, K its field of quotients and f
∈ R[X], irreducible. Let us prove that f is a prime. If f | gh, with g, h ∈
I.6 Polynomial ring arithmetic 43
R[X], because f is irreducible in K[X] (and thus also prime in K[X]), we

have f | g or f | h in K[X]. Say f | g in K[X]; so there exist a ∈ R, q ∈
R[X], such that ag = fq. This implies a·c(g) = c(q). We can write
q = c(q)·q1, g = c(g)·g1, with q1, g1 primitive in R[X]. Thus ac(g)·g1 =
f·c(q)·q1; simplifying by c(q), we have g1 = fq1, so f | g in R[X].
Next, we must show that any nonzero non-invertible polynomial
f ∈ R[X] is a product of irreducibles. We prove this by induction on
the degree of f. If deg f = 0 and f is not a unit in R[X], then f ∈ R° and
it has a decomposition in irreducible factors in R, factors that are also
irreducible in R[X]. If deg f > 0, write f = c{ f }f1, with f1 primitive. It is
sufficient to prove the existence of a decomposition for f1. If f1 is
irreducible, we are finished; if not, f1 has a proper divisor in R[X],
which must be a polynomial of degree strictly less than deg f ( f1 has
no proper divisors in R, being primitive). Thus, f1 = gh, with g, h ∈
R[X], having degrees smaller than f. Applying the induction for g and
h, we infer that f1 is a product of irreducibles in R[X]. !
Thus, the following rings are unique factorization domains:
Z[X], Z[X1, …, Xn], K[X1, …, Xn], where K is a field.
An analogous result holds for Noetherian rings: if R is a commuta-
tive Noetherian ring, then R[X] is Noetherian. (David Hilbert's Basis-
satz).
I.6 Polynomial ring arithmetic
In this section, R designates a domain and K its field of quotients.

Recall that R° denotes the set of nonzero and non-invertible elements
in R.
The problem of deciding the irreducibility of a polynomial in R[X]

is important and often nontrivial. A rich collection of irreducibility
criteria is thus very useful in such problems.
6.1 Remark. Given f ∈ R[X], the following simple facts are worth
remembering:
- if deg f = 0, then f ∈ R. In this case, f is irreducible in R[X] if and
only if it is irreducible in R. If R = K (R is a field), then f is invertible
and thus reducible.
- if deg f = n > 0, then f is irreducible in R[X] if and only if f has no
non invertible divisors of degree 0 and there are no decompositions
f = gh, with g, h ∈ R[X] and 1 ≤ deg g, deg h < n.
The fact that f has no non-invertible divisors of degree 0 amounts to
saying that the GCD of the coefficients of f exists and is 1. In practice,
when R is a UFD, this condition reads “f is primitive”. Recall that, in
this case, f is irreducible in R[X] ⇔ f is primitive and f is irreducible in
K[X].
If R is a domain and not a field, R[X] is not principal (and certainly
not Euclidian), so the theorem of division with remainder does not
hold in R[X]. However, if f, g ∈ R[X], and g has as leading coefficient
a unit, the argument of the proof of the division with remainder theo-
rem for K[X] (K a field) still holds (see Example2.5.b)). The proof of
the following result is left to the reader:
6.2 Proposition. (Integer division theorem) Let f, g ∈ R[X]. If the

leading coefficient of g is a unit in R, then there exist q, r ∈ R[X] such
that f = gq + r, with r = 0 or deg r < deg f . !
An important consequence is the “Theorem of Bézout”:
6.3 Theorem. Let f ∈ R[X] and a ∈ R. The following statements

are equivalent:
a) a is a root of f.
b) the polynomial X − a divides f in R[X].
Proof. There exist q, r ∈ R[X] such that f = (X − a)q + r, where
deg r = 0 or r = 0. Note that X − a divides f if and only if r = 0. But
f (a) = (a − a)q(a) + r(a) = r, so f (a) = 0 is equivalent to r = 0. !
This theorem is the basis of the notion of multiple root:
6.4 Definition. If f ∈ R[X] and a ∈ R, a is called a multiple root of

m m+1
multiplicity m for f if (X − a) | f and (X − a) - f ; the natural num-
ber m is called the multiplicity of the root a. A root of multiplicity 1 is
called a simple root.
6.5 Corollary. Let f ∈ R[X], deg f > 1. If f has a root a ∈ R, then f

is reducible in R[X] (it is divisible with X − a). !
2 2
The converse of this statement is false: (X + 1) has no roots in Q,
yet it is obviously reducible in Q[X]. Nevertheless, we have:
6.6 Proposition. Let K be a field. Then a polynomial f of degree 2

or 3 in K[X] is irreducible if and only if f has no roots in K. In particu-
lar, if R is a UFD, a primitive polynomial of degree 2 or 3 in R[X] is
irreducible in R[X] if and only if it has no roots in K.
Proof. Since f is irreducible in K[X] and deg f > 1, f has no roots in
K. Conversely, if f is reducible and has degree 2 or 3, then, by looking
at the degrees of the factors in a decomposition of f, one concludes
that f has a divisor of degree 1, which has a root in K. The remaining
claims follow from “f is irreducible in R[X] if and only if f is primitive
and irreducible in K[X]”. !
If the ring R is not a UFD, then the criterion above may not work:
2
6.7 Examples. a) f = (2X + 1) is reducible in Z[X], but has no roots
in Z. Of course, f has roots in Q, the field of quotients of Z.
b) Let R = {a + 2bi | a, b ∈ Z}. A quick check shows that R is a

2
subring in Z[i], so it is a domain. The polynomial X + 1 is irreducible
in R[X] (prove!), but has the roots i, −i in Q[i], the field of quotients of
R. This means that a polynomial of degree 2 or 3 in R[X] that has roots
in Q(R) is not necessarily reducible in R[X].
The following criterion is widely used to find all rational roots of a
polynomial in Z[X] (also see Exercise 26).
6.8 Proposition. Let R be a UFD and f = a0 + a1X + … +

n
anX ∈ R[X]. If p/q ∈ K is a root of f, with p, q ∈ R, ( p, q) = 1, then
p | a0 and q | an.
Proof. We remark first that every element of K can be written as
p/q, with p and q coprime. Writing that f(p/q) = 0 and multiplying
n
with q , we have:
n n−1 n
−a0q = a1 pq + … + an p ,
n n
so p | a0q . Since ( p, q) = 1, we also have ( p, q ) = 1 (R is a UFD), so
p | a0. A similar proof can be given for q | an. !
3
6.9 Example. Let f = X − X + 2 ∈ Z[X]. If p/q ∈ Q is a root of f,
(p, q) = 1, then p | 2 and q | 1. So, the rational roots of f belong to the
set {1, −1, 2, −2}. By direct testing, we get that none of these numbers
is a root. So, f has no rational roots. Since f has degree 3, f is irreduci-
ble in Q[X] (also in Z[X], being primitive).
Here are some general tricks that may prove useful in irreducibility
problems.
n
6.10 Proposition. Let f = a0 + a1X + … + anX ∈ R[X], f ≠ 0.
a) Let c, d ∈ R, where c is a unit in R. Then f is irreducible if and
only if f (cX + d) is irreducible.
b) Suppose f(0) = a0 ≠ 0. Then f is irreducible if and only if
n
r{ f } = an + an − 1X + … + a0X
(the reciprocal of f ) is irreducible.

c) Suppose f has no divisors of degree 0 other than units. If S is a
commutative ring and ϕ : R → S is a unitary ring homomorphism such
n
that ϕ(an) ≠ 0 and ϕ(a0) + ϕ(a1)X + … + ϕ(an)X is an irreducible
polynomial in S[X], then f is irreducible in R[X].
d) (Eisenstein criterion) Let R be a UFD. If there exists a prime ele-
2
ment p ∈ R such that p | ai, ∀ i < n, p - an , p -a0, then f is irreducible
in K[X] (thus f is irreducible in R[X] if it is primitive).
Proof. a) Let ϕ : R[X] → R[X] be the unique homomorphism of
R-algebras (that is, ψ is a ring homomorphism and ψ |R = ϕ) satisfying
ϕ(X) = cX + d. In other words, ϕ{ f } is obtained by replacing the
indeterminate X in f with cX + d. The element c is a unit if and only if
ϕ is an isomorphism of R-algebras (the homomorphism of R-algebras
−1 −1
ψ : R[X] → R[X] that takes X to c X − c d is the inverse of ϕ).
Therefore, f = gh ⇔ ϕ{ f } = ϕ(g)ϕ(h), ∀g, h ∈ R[X]. Since ϕ preserves
the degrees and ϕ | R = idR, one obtains that: f is irreducible if and only
if ϕ{ f } is irreducible.
b) If g, h ∈ R[X], with nonzero g(0) and h(0), then r(gh) = r(g)r(h).
1
Indeed, note that r ( f ) = X n f ⎛⎜ ⎞⎟ , where n = deg f (for a rigorous
⎝X⎠
argument, consider the equality in K(X), the field of quotients of
K[X]). So, if deg g = m, deg h = p, we have
1 1 1
r ( gh ) = X m + p ( gh )⎛⎜ ⎞⎟ = X m g ⎛⎜ ⎞⎟ X p h ⎛⎜ ⎞⎟ = r ( g )r (h ) .
⎝X⎠ ⎝X⎠ ⎝X⎠
Because r preserves the degrees and, for any d ∈ R, we have d | f
⇔ r(d) | r{ f }, we get the conclusion.
c) Let ψ : R[X] → S[X] be the unique homomorphism of R-algebras
such that ψ(X) = X. We must prove that ψ{ f } is irreducible implies f is
irreducible. Suppose f = gh, with g, h ∈ R[X]. Thenψ{ f } = ψ(g)ψ(h) ;
the condition ϕ(an) ≠ 0 ensures that degψ(g) + degψ(h) = degψ{ f } = n.
Since degψ(q) ≤ deg q, ∀q ∈ R[X], we obtain that degψ(g) = deg g and
degψ(h) = deg h. Butψ{ f } is irreducible, so ψ(g) (to make a choice) is

a unit, of degree 0. So, 0 = degψ(g) = deg g. Since f has no 0 degree
non-invertible divisors, g ∈ U(R).
d) Write f = c{ f }·f1, with f1 primitive. We have that f and f1 are
associated in K[X]. By replacing f with f1, we can assume f is primi-
tive. It is sufficient now to prove that f is irreducible in R[X]. If f were
reducible, then:
n m p
f = a0 + a1X +…+ anX = (b0 + b1X +…+ bmX ) (c0 + c1X +…+ cpX ),
where m > 0, p > 0, b0, b1, …, bm, c0, c1, …, cp ∈ R, bm ≠ 0, cp ≠ 0. We
2
have b0c0 = a0, so p | b0c0 and p - b0c0 ; thus p divides exactly one of
b0 and c0. Suppose p | b0 and p - c0. Because p - an, p does not divide
all the bi's; thus there exists some i, 1 ≤ i ≤ m, such that p - bi and p | bj,
∀j < i. Then p - bic0 and
i −1
ai = bic0 + ∑ b j ci − j
j =1
is not divisible by p, contradicting the hypothesis. !
6.11 Remark. If f ∈ R[X] is a monic reducible polynomial, there

exists a decomposition of f of the form f = gh, where g, h ∈ R[X] are
monic, of degrees > 1. The proof is proposed as an exercise. This sim-
ple remark is useful in reducibility issues.
A few instances of using the above criteria on, concrete cases will
give an idea on the strategies of approaching the problem of irreduci-
bility of a polynomial. The exist algorithms that decide if a given
polynomial in Z[X] is irreducible. Such an algorithm (due to
Kronecker) that also outputs a factor of the polynomial if it is not irre-
ducible is described in Exercise 31. This algorithm, applied repeat-
edly, yields a factorization algorithm (producing a decomposition in
irreducible factors) for any polynomial in Z[X] or Q[X]. The modern
symbolic computation software (Maple, Mathematica, Macaulay,
Axiom, etc.) have powerful routines that decide polynomial irreduci-
bility, including polynomials in several indeterminates, polynomials

with coefficients in algebraic extensions of Q or in a finite field. One
can prove that, if there exists a factorization algorithm for K[X], with
K a field, then there exists one or L[X], where L is a finitely generated
extension of K. For details and developments, see SPINDLER [1994],
WINKLER[1996].
9 2
6.12 Examples. a) The polynomial 6X + 13X + 26 is irreducible
in Q[X] (and in Z[X], it is primitive), by the Eisenstein criterion with
p = 13.
n
b) For any prime p and any n ∈ N*, X − p is irreducible in Q[X]
and in Z[X] (use Eisenstein again).
c) Let p be a prime number and let
p−1 p−2
f=X +X + … + X + 1 ∈ Z[X].
The Eisenstein criterion cannot be applied directly to f. Consider
the polynomial
( X + 1) − 1 p p i −1
p
g = f ( X + 1) =
X +1−1
=∑ i X
i =1
()
Remark that the Eisenstein criterion can be applied to g, since p di-
vides all the binomial coefficients ( ) , with 1 ≤ i < p. Thus, g is
p
i
irreducible and, by a) above, f is irreducible.

9 9 7 2
d) The polynomial f = Y + X Y − 3X Y + 2X is irreducible in
Z[X, Y]. Indeed, consider f as a polynomial in Y with coefficients in
Z[X], a UFD. Apply Eisenstein with p = X (X is irreducible in Z[X]).
Note that Z can be replaced with any UFD of characteristic ≠ 2.
5 2
e) Consider f = X + X + 1 ∈ Z2[X]. The polynomial f has no roots
in Z2 (easy check: Z2 has 2 elements, 0 and 1), so the proper divisors
of f can be of degrees 2 or 3. A decomposition of f may look only like:
5 2 3 2 2
X + X + 1 = (X + aX + bX + 1)(X + cX + 1),
with a, b, c ∈ Z2. Identifying the coefficients, we obtain a system of

equations in a, b, c, which is readily seen to have no solutions in Z2.
Hence, f is irreducible in Z2[X].
f) A typical use of 6.10.c) for a polynomial f with integer coeffi-
cients is to “reduce the coefficients modulo n”. More precisely, for
some n ∈ N conveniently chosen, consider the unique ring
homomorphism ϕ : Z → Zn and investigate the “polynomial f reduced
modulo n”, (denoted with ψ{ f } in the Proof). Take, for instance,
5 3 2
f = 7X + 4X − X + 6 X + 9 ∈ Z[X]. The polynomial f reduced
5 2
modulo 2 is X + X + 1 ∈ Z2[X], which is irreducible. The conditions
in 6.10.c) are satisfied, so f is irreducible in Z[X] (also in Q[X]).
7 2
g) 10X + 5X + 2 is irreducible in Z[X]: its reciprocal is
7 5
2X + 5X + 10, irreducible by Eisenstein with p = 5.
Exercises
Throughout the exercises, R is a domain and K is its field of quo-

tients (unless specified otherwise).
1. Let R be a commutative unitary ring that has zero divisors and let
a ∈ R be a zero divisor. If b ∈ R \ {0} is not a zero divisor, prove that
ax + b = 0 has no solutions in any ring S that includes R as a subring.
2. Let R be a finite domain. Prove that R is a field.
3. Let R be an infinite unitary ring. Prove that the set R° of the non-
zero non-invertible elements in R is infinite. (Hint: If R° is finite, then
U(R) is infinite. Let S(R°) be the set of all bijections from R° to R°.
The mapping ϕ : U(R) → S(R°), x & ϕx, ϕx(a) = xa, ∀a ∈ R°, is injec-
tive, contradiction.)
Exercises 51
4. Let R be a GCD domain. Then any element in K can be written as

a/b, (b ≠ 0), with a, b ∈ R, coprime. What can you say about the
uniqueness of such a representation?
5. Show that a commutative ring R is a domain if and only if R[X] is a
domain.
6. Let p ∈ R°. Prove that the ideal generated by p in R[X], pR[X], is
prime if and only if p is a prime element in R. (Hint: R[X]/(pR[X]) ≅
(R/pR)[X]). Deduce a new proof for 5.11.a).
7. Let d ∈ Z, d < 0 be squarefree. Determine U(Z[ d ]).
8. The elements 6 and 2 + − 5 have no GCD (and thus no LCM) in
Z[ − 5 ].
9. Show that Z[ 2 ] is Euclidian. (Hint. Use 3.4.)
10. Let θ = (1 + 5 ) 2 . Show that the norm N : Z[θ ] → Z is
N(a + bθ) = a + ab − b , ∀a, b ∈ Z. Prove that Z[(1 + 5 ) 2] is
2 2
Euclidian. (Hint. Use 3.4 and Q[ 5 ] = Q[θ ]).

11. Let θ = (1 + i 3 ) 2 . Write a formula for the norm N : Z[θ ] → Z
and determine U(Z[θ ]).
12. Let d ∈ Z be squarefree.
a) Any element in Q[ d ] can be uniquely written as a + b d ,
with a, b ∈ Q.
b) Suppose known that any quadratic integer is a root of a monic
polynomial of degree 2 with integer coefficients. Show that:
x = a + b d ∈ Q[ d ] (a, b ∈ Q) is a quadratic integer ⇔ Tr(x) = 2a
2 2
∈ Z and N(x) = a − db ∈ Z.
c) Show that x = a + b d (with a, b ∈ Q) is a quadratic integer ⇔
2 2
2a ∈ Z, 2b ∈ Z and 4a − 4b d ≡ 0 (mod 4).
d) Show that R := {α ∈ Q[ d ] | α is a quadratic integer} is a
subring of Q[ d ] and R = Z[θ ], where θ is given by Prop. 3.3.
e) For d < 0, determine explicitly U(R).
13. Let d ∈ Z be squarefree and α, β ∈ Z[ d ] such that αβ ∈ Z.

Show that there is some γ ∈ Z[ d ] and a, b ∈ Z such that α = aγ and
⎯ ⎯
β = b γ ( γ is the conjugate of γ).
14. The purpose of the exercise is to determine all primes in Z[i]. As a
bonus, we find the primes in Z that can be written as a sum of two
squares.
a) Prove: for any d ∈ Z and any a + bi ∈ Z[i], d | a + bi in Z[i] ⇔
d | a and d | b in Z.
b) Suppose that p ∈ Z is a prime in Z and in Z[i]. Show that the
2
equation x + 1 = 0 has no solutions in Zp ( = Z/pZ, the field of inte-
gers mod p).
2 2
c) Let p be prime in Z. Then: (∃) a, b ∈ Z such that p = a + b (p
2
can be written as a sum of two squares) ⇔ the equation x + 1 = 0 has
solutions in Zp.
d) If p is a prime in Z and p ≡ 3(mod 4), then p cannot be written as
a sum of two squares.
p −1⎞
e) If p is a prime in Z and p ≡ 1(mod 4), then ⎛⎜ ⎟! ≡ −1(mod p )
⎝ 2 ⎠
(Hint. Use Wilson's Theorem: (p − 1)! ≡ −1(mod p)).
f) Prove that a prime p ∈ Z is also prime in Z[i] if and only if
p ≡ 3(mod 4).
g) Prove that all the prime elements in Z[i] (up to association in
divisibility) are: 1 + i, 1 − i and the primes p in Z with p ≡ 3(mod 4).
h) Prove that a prime p ∈ Z can be written as a sum of two squares
⇔ p ≡ 1(mod 4).
15. Let R be a unitary subring of the commutative ring S. An element
of S is called integral over R if it is a root of a nonzero monic polyno-
mial in R[X]. Prove that, if R is a GCD-domain, K is its field of quo-
tients and x ∈ K is integral over R, then x ∈ R. (A domain R with this
property is called integrally closed).
Exercises 53
16. Let R be a PID and let S be multiplicatively closed system in R.

−1
Then the ring of quotients S R is a PID.
17. Let R be an Euclidian domain with respect to the function ϕ and
−1
let S be a multiplicatively closed system in R. Then S R is an Euclid-
ian domain. (Hint. Take S saturated. Use exercise 4.)
18. Let R be a UFD and let S be a multiplicatively closed system in R.
−1
Then S R is a UFD.
19. Does the property of a domain R of being Euclidian (respectively a
PID, a UFD) is inherited by the unitary subrings of R?
20. Let R be Euclidian with respect to ϕ. Show that there exists u ∈ R
nonzero and not a unit with the property: ∀x ∈ R, ∃q ∈ R such that
x − qu is a unit or 0. Find such a u for R = Z, K[X]. (Ind. min {ϕ(v) |
v ∈ R°} = ϕ(u) for some u ∈ R°.)
21. Let d ≤ −13, d squarefree and denote by R the ring of integers of
Q[ d ] (so, R = Z[θ ], with θ as in Prop. 3.3). Show that U(R) = { −1,
1}. Show that R is not Euclidian. Is this result a particular case of
Proposition 3.5? (Ind. If R is Euclidian, let u ∈ R given by the preced-
ing exercise. Then, ∀x ∈ R, we have u | x or u | x ± 1. Take x = 2 and
deduce that u ∈ Z and u = ±2 or ±3. Then find y ∈ R such that u does
not divide any of y or y ± 1).
22. Let d ∈ Z be squarefree, d ≡ 1 (mod 4). Then Z[ d ] is not a
GCD-domain. (Hint. 2 is irreducible and not a prime.)
23. Show that Z contains an infinity of prime elements not associated
in divisibility to each other.
24. Let R be a UFD that is not a field, such that the group of units
U(R) is finite. Then R contains an infinity of prime elements not
associated in divisibility to each other. (Hint. If p1, …, pn are all the
primes – up to association in divisibility –, then there exists m ≥ 1
m
such that 1 + (p1…pn) ∈ R°.)
25. Let R be a UFD and let p ∈ R be a prime. Using the canonical

homomorphism π : R → R/pR and its extension to a homomorphism
ψ : R[X] → (R/pR)[X], give a new proof for the Eisenstein criterion.
n
(Hint. If f = a0 + a1 X + … + an X satisfies the hypothesis of the crite-
n
rion and f = gh, thenψ { f } = π(an)X = ψ(g)ψ(h). If deg g, deg h ≥ 1,
then g(0) and h(0) are divisible by p.)
n
26. Let R be a UFD and f = a0 + a1 X + … + an X ∈ R[X].
a) If p/q ∈ K is a root of f, where p, q ∈ R and ( p, q) = 1, then
p | a0, q | an and (p − qr) | f (r), ∀r ∈ R. Write down explicitly the
conclusions for an = 1.
b) Let g = ann −1a0 + ann −2a1 X + … + an −1 X n −1 + X n . Then ann −1 f ( X ) =
g(anX). What connection is between the roots of g and the roots of f?
3 2
c) Find the rational roots of 2X + 5X + 9X − 15 and
3 2
4X − 7X − 7X + 15.
27. Let K be a field. Prove that any nonzero polynomial f ∈ K[X] has
at most deg f roots in K (every root is counted with its multiplicity).
28. Let R be a commutative ring. Prove that the following statements
are equivalent:
a) Any nonzero polynomial f ∈ R[X] has at most deg f roots in R.
b) Any polynomial of degree 1 has at most one root in R.
c) R is a domain.
(Hint. Consider the field of quotients of R and use the previous
problem).
29. Let R be a commutative ring. If f ∈ R[X], define the polynomial
~ ~
function f : R → R, defined by: ∀x ∈ R, f (x) = f (x) (the value of f in
x). Prove that, if R is an infinite domain, then the mapping
R ~
ϕ : R[X] → R , ϕ{ f } = f , ∀f ∈ R[X], is injective. Is the conclusion
still valid if one does not assume that R is infinite?
30. (The Lagrange interpolation polynomial) Let K be a field, n ≥ 1 an
integer, fix n + 1 distinct elements x0, …, xn ∈ K and (not necessarily
Exercises 55
distinct) y0, …, yn ∈ K. Prove that there exists a unique polynomial

L ∈ K[X] satisfying: deg L ≤ n and L(xi) = yi, 0 ≤ i ≤ n.
31. Let p ∈ Z[X], primitive, deg p = n and let m = the largest integer ≤
n/2.
a) Show that p is reducible in Z[X] ⇔ p has a divisor of degree be-
tween 1 and m.
m+1
b) Choose m + 1 distinct integers, (x0, …, xm) ∈ Z . Show that
the following algorithm terminates in a finite number of steps and out-
puts a nontrivial factor of p of degree ≤ m or proves that p is irreduci-
ble:
1. If ∃i with p(xi) = 0, then X − xi is a factor of p and STOP. If not,
go to 2.
m+1
2. Let D = {d = (d0, …, dm) ∈ Z | di| p(xi), ∀i}. D is a finite
set.
For any d ∈ D, let Ld ∈ Q[X] be the Lagrange interpolation
polynomial with Ld(xi) = di, ∀i, and deg Ld ≤ m. If there exists
d ∈ D with Ld ∈ Z[X] and Ld | p, then Ld is a factor of p and
STOP. If not, then p is irreducible.
c) Deduce an algorithm of deciding the irreducibility of polynomi-
als in Q[X].
d) Suppose m = 2. Propose a choice for (x0, …, xm).
e) Suppose there is available a factorization algorithm for R (an
algorithm that produces a decomposition of any element in R° in
prime factors). What properties should R have in order to adapt the
algorithm above to R[X]?
f) Suppose R is a UFD and there exists a factorization algorithm for
R[X]. Then there exists a factorization algorithm for K[X].
4 2
32. Decide the irreducibility of X + X + 2X − 1 ∈ Z[X].
n
33. Show that a0 + a1 X + … + an X ∈ Z2[X] (an ≠ 0) has no roots in
Z2 if and only if a0(a0 + a1 + … + an) ≠ 0.
34. Using the equality (in Z2[X]):

5 3 2 2
X + X + 1 = ( X + X + 1)( X + X + 1),
5
prove that X − X − 1 ∈ Q[X] is irreducible.
35. a) Let f ∈ R[X], deg f = m. If f has at least m + 1 roots in R, then
f = 0.
b) Let g ∈ R[X1,…, Xn], with R infinite. If g(a1, …, an) = 0,
n
∀(a1, …, an) ∈ R , then g = 0. Deduce that two polynomials in
R[X1,…, Xn] are equal if and only if the associated polynomial func-
tions are equal.
c) Give an example of a finite field K and distinct polynomials in
K[X] that have the same associated polynomial function.
d) (Generalization of b) Let R be infinite and let g ∈ R[X1,…, Xn],
with deg(g, Xi) = mi. Suppose that (∃) S ⊆ R with |S| > m1; (∀) a1 ∈ S,
(∃) S(a1) ⊆ R with |S(a1)| > m2; (∀) a1 ∈ S, (∀) a2 ∈ S(a1), (∃)
S(a1, a2) ⊆ R with |S(a1, a2)| > m3 and so on. If g(a1, …, an) = 0,
∀a1 ∈ S, ∀a2 ∈ S(a1), ∀a3 ∈ S(a1, a2), …, ∀an ∈ S(a1, …, an), then
g = 0.
36. Let R be a domain. A polynomial in n indeterminates
p ∈ R[X1,…, Xn] =: R[ X ] is called homogeneous of degree q if all the
monomials in p have total degree q (see the Appendix). Show that:
a) Any p ∈ R[ X ] can be written uniquely as:
p = p0 + p1 + … + pm, with pi ∈ R[ X ], homogeneous of degree i.
b) The product of two homogeneous polynomials of degrees a,
respectively b, is homogeneous of degree a + b.
q
c) p is homogeneous of degree q ⇔ p(TX1,…, TXn) = T p(X1,…, Xn)
(equality in R[X1,…, Xn, T] = R[X1,…, Xn][ T ]).
d) Let p ∈ R[ X ] be homogeneous. Then any divisor of p in R[ X ]
is homogeneous. (Hint. For p = gh, write g = ga + … + gm, where gi is
homogeneous of degree i, 0 ≤ a ≤ m and ga ≠ 0 ≠ gm. It suffices to
prove that a = m.)
Exercises 57
e) If R is infinite and p ∈ R[ X ], then p is homogeneous of degree q

q
⇔ p(tx1,…, txn) = t p(x1,…, xn), ∀t, x1,…, xn ∈ R.
f) Is it true that any symmetric polynomial in R[ X ] has all its divi-
sors symmetric polynomials in R[ X ]?
37. Let K be a field of characteristic not equal to 2 (1 + 1 ≠ 0 in K) and
p a homogeneous polynomial of degree 2 in K[X, Y], i.e.
2 2
p = aX + bXY + cY , with a, b, c ∈ K. Prove that p is reducible in
2 2
K[X, Y] ⇔ b − 4ac is a square in K ⇔ b − 4ac = 0 or there exist
α, β ∈ K, (α, β) ≠ (0, 0), with p(α, β) = 0.
n n−1 n
38. Assume K is a field and p = a0Y + a1 Y X + … + an X is a
homogeneous polynomial of degree n in K[X, Y]. Let
n
p(X, 1) = a0 + a1 X + … + an X ∈ K[X]. Prove that, for any
g ∈ K[X, Y], g | p in K[X, Y] if and only if g is homogeneous and
g(X, 1) | p(X, 1) in K[X].
39. Let K be a field and let p ∈ K[X, Y] be homogeneous. Prove that p
is irreducible in K[X, Y] ⇔ p(X, 1) is irreducible in K[X].
40. Write a decomposition in irreducible factors for
3 3
X1 + X2 ∈ K[X1, X2]. (Hint. The cases char K = 3 and char K ≠ 3
should be treated separately).
3 3
41. Let K be a field, char K ≠ 3 and f = X1 + … + Xn ∈ K[X1,…, Xn].
Show that f is irreducible if and only if n ≥ 3. Generalization. (Hint.
For n = 3, apply Eisenstein to f ∈ K[X1, X2][X3]. Use then an induction
on n.)
2
42. Consider n indeterminates Xij, 1 ≤ i, j ≤ n, and consider the n×n
matrix A = (Xij)1 ≤ i, j ≤ n ∈ Mn(Z[Xij;1 ≤ i, j ≤ n]). Then the polynomial:
det A = ∑{X1σ(1)… Xnσ(n) | σ ∈ Sn}
is irreducible in Z[Xij;1 ≤ i, j ≤ n].
43. Prove that a commutative ring R is Noetherian if and only if every
ideal in R is finitely generated.
II. Modules
Module theory can be seen as a generalization of the classic linear

algebra (which studies vector spaces over an arbitrary field1). The the-
ory is fundamental in many areas of mathematics: commutative alge-
bra, algebraic number theory, group representation theory, algebra
structure theorems, homological algebra etc. Also, module theory
illustrates and uses concepts of category theory (we use some elemen-
tary notions from category theory in this chapter, notions that can be
found in the Appendix). Module theory language and results are
indispensable throughout most of modern algebra.
II.1 Modules, submodules, homomorphisms
The notion of a module over a ring can be obtained by replacing

the word “field” with the word “ring” in the definition of the vector
space.
1
Although the volume Algèbre linéaire (1961) of the famous Bourbaki series
“Eléments de Mathématique” begins with the definition of the… module.
58
II.1 Modules, submodules, homomorphisms 59
1.1 Definition. Let R be a ring with identity (not necessarily

commutative) and (M, +) an Abelian group. We say that M is a left
R-module (or left module over R) if there exists an “external operation
on M with operators in R”2, i.e. a function
µ : R × M → M (notation: µ (r, x) =: rx, ∀r ∈ R, ∀x ∈ M),
satisfying, for any r, s ∈ R and x, y ∈ M:
i) r(x + y) = rx + ry;
ii) (r + s)x = rx + sx;
iii) (rs)x = r(sx);
iv) 1x = x,
1.2 Remark. The addition in R is denoted by + , as the addition in

M. Also, the zero element in R is denoted by 0, like the zero element
in M. For instance, in axiom ii), the + in the LHS denotes the addition
in R, whereas the + in the RHS denotes the addition in R. This nota-
tional abuse (which is widely used) should not confuse the reader.
If the axiom iii) is replaced by:
iii') (rs)x = s(rx), ∀r, s ∈ R, ∀x ∈ M,
we say that M is a right R-module. The usual notation for the “scalar
multiplication” in the case of right R-modules is “with the scalars on
the right”, i.e. the scalar multiplication is a function µ : M × R → M,
with the notation µ (x, r) = xr, ∀r ∈ R, ∀x ∈ M. The axioms for the
right R-module become in this case:
i') (x + y)r = xr + yr;
ii') x(r + s) = xr + xs;
iii') x(rs) = (xr)s;
iv') x1 = x,
2
Also called “multiplication of elements in M with scalars in R”.
60 II. Modules
for any r, s ∈ R and x, y ∈ M.

There is a handy notation for the fact that M is a left R-module,
namely R M.
“M is a right R-module” is denoted by MR.
If R is commutative, then the notions of left R-module and right
R-module are the same (look at axiom iii').
If R is an arbitrary ring and M is a right R-module, then M becomes
op op op
a left R -module, where (R , +, *) is the opposite of the ring R (R
and R have the same underlying Abelian group R, but the multiplica-
op
tion * in R is defined by r*s = sr, ∀r, s ∈ R).
The construction above shows that a result that holds for any ring R
and any right R-module is valid also for any left R-module, and con-
versely. In the same way, all definitions for left modules have a natu-
ral correspondent for right modules.
1.3 Examples. a) If K is a field, a K-module is exactly a K-vector

space.
b) If R is a ring with identity, R has a (canonical) structure of left
R-module, denoted R R. Indeed, (R, +) is an Abelian group; the “exter-
nal operation” R × R → R is the ring multiplication: (r, s) & rs, ∀r,
s ∈ R. Similarly, R is canonically a right R-module, denoted RR.
c) Any Abelian group (A, +) is canonically a Z-module. For n ∈ Z
and a ∈ A, na is defined as the “multiple” of a in the additive group A
(if n ∈ N, na = a + … + a (n terms); if n < 0, na = (−a) + … + (−a) (n
terms)). This is the only external operation that endows A with a
Z-module structure (exercise!). The theory of Abelian groups is thus a
particular case of module theory.
d) Let R be a ring and let n ∈ N*. The n-fold Cartesian product
n
R = {(x1, …, xn) | xi ∈ R, 1 ≤ i ≤ n} becomes an R-module if the addi-
tion and the scalar multiplication are defined component-wise:
(x1, …, xn) + (y1, …, yn) = (x1 + y1, …, xn + yn), ∀(x1, …, xn),
n
(y1, …, yn) ∈ R .
n
r(x1, …, xn) = (rx1, …, rxn), ∀r ∈ R, ∀(x1, …, xn) ∈ R .
e) If R is a ring and m, n ∈ N*, the set Mm,n(R) of m×n matrices with
entries in R is an Abelian group endowed with usual matrix multipli-
cation and becomes an R-module by defining the “multiplication of
matrices with scalars”: for r ∈ R, A = (aij) ∈ Mm, n(R), r(aij) := (raij)
(multiply every entry of the matrix with r).
f) Let R := M2(Z) (the ring of 2×2 matrices with entries in Z) and
M := M2, 1(Z) (the Abelian group of 2×1 matrices with entries in Z). M
has a natural structure of left R-module: ∀A ∈ M2(Z) = R,
∀U ∈ M2, 1(Z) = M, AU ∈ M is the usual matrix product. Checking the
module axioms is straightforward and it boils down to the known
properties of matrix operations. Can you generalize this example? Can
M be endowed with a “natural” structure of a right R-module ?
g) Let ϕ : R → S be a unitary ring homomorphism. If M is a left
S-module, then M has a structure of left R-module by “restriction of
scalars”: ∀r ∈ R, ∀x ∈ M, rx := ϕ(r)x. In particular, S becomes a left
R-module (and also a right R-module). This example generalizes a
situation often encountered in field extensions: any field S is a vector
space over any subfield R.
1.4 Remark. For a ring R and an Abelian group M, defining a left

R-module structure on M amounts to defining a unitary ring
homomorphism λ : R → End(M), where (End(M), + ,◦) is the
endomorphism ring of the Abelian group M, defined as follows: “+” is
homomorphism addition: ∀u, v ∈ End(M), (u + v)(x) := u(x) + v(x),
∀x ∈ M, and “◦” is the usual map composition: ∀u, v ∈ End(M),
(u◦v)(x) = u(v(x)), ∀x ∈ M. 3
3
Sometimes this ring is called the ring of left endomorphisms of M, emphasizing
that the functions are written at the left of the argument, like u(x); this forces the
definition of the composition of functions in the “usual” manner defined above. But
62 II. Modules
Indeed, if M is a left R-module, define λ : R → End(M) by

λ(r)(x) = rx, ∀r ∈ R, ∀x ∈ M. Conversely, given λ : R → End(M), de-
fine scalar multiplication R × M → M by (r, x) & rx := λ(r)(x), ∀r ∈ R,
∀x ∈ M. The reader should check the details. What corresponds to a
structure of right R-module of M?
Throughout this section, R denotes a ring with identity. All modules
are left R-modules (unless specified otherwise).
1.5 Proposition. Let M be an R-module. The, for any x ∈ M and

r ∈ R, we have:
a) 0x = r0 = 0.
b) r(−x) = (−r)x = −(rx).
Proof. a) 0x = (0 + 0)x = 0x + 0x. Since M is a group, by simplifica-
tion we deduce that 0x = 0. The same method shows r0 = 0.
b) 0 = r0 = r(x + (−x)) = rx + r(−x). So −(rx), the opposite of rx in
(M, +), is r(−x). !
We define the natural notion of submodule:
1.6 Definition. a) Let M be a left R-module. A non-empty subset L

of M is called left R-submodule of M if
i) L is a subgroup in (M, +): ∀x, y ∈ L ⇒ x − y ∈ L;
ii) ∀r ∈ R, ∀x ∈ L ⇒ rx ∈ L.
Usually one says L is a submodule of M if no confusions can occur.
Notation: L ≤ R M (or, simpler, L ≤ M ). The fact that L is a right
R-submodule of M is written L ≤ MR.
if one writes (x)u for the value of u at x, then the composition of u and v is defined as
(x)(uv) = ((x)u)v. With this multiplication, End(M) is called the ring of right
endomorphisms of M and it is the opposite of the ring of left endomorphisms of M.
The definition above is the natural generalization of the notion of

vector subspace.
1.7 Proposition. Let M be an R-module and ∅ ≠ L ⊆ M. The

following statements are equivalent:
a) L ≤ RM: (∀r ∈ R, ∀x, y ∈ L ⇒ x − y ∈ L and rx ∈ L).
b) For any r, s ∈ R and x, y ∈ L, it follows that rx + sy ∈ L.
c) For any n ∈ N*, r1,…, rn ∈ R, x1,…, xn ∈ L, it follows that
r1x1 +… + rnxn ∈ L. !
Proof. a)⇒ b) If r, s ∈ R and x, y ∈ L, then a) implies that rx and
(−s)y ∈ L, so L contains also rx − (−s)y = rx − (−sy) = rx + sy.
b)⇒a) If r ∈ R and x, y ∈ L, then rx + 0y = rx ∈ L and
1x + (− 1)y = x − y ∈ L.
b)⇒c) Induction on n (exercise). !
An element of the form r1x1 +… + rnxn, with r1, …, rn ∈ R and x1,
…, xn ∈ M, is called a linear combination of x1, …, xn (r1, …, rn are
called the coefficients of the linear combination). Thus, L ≤ R M iff any
linear combination of elements in L is still in L.
Since any submodule L of a module M is a subgroup of the additive
group (M, +), we have 0 ∈ L. Also, if L ≤ RM, L has a structure of left
R-module: the external operation is the restriction at R × L of the
external operation of M.
1.8 Examples. a) For any R-module M, {0} is an R-submodule in

M, denoted simply by 0. Also, M is an R-submodule of M. A submod-
ule of M, not equal to M, is called a proper submodule of M.
b) The left submodules of the canonical module R R are exactly the
left ideals of the ring R; the notation I ≤ R R means “I is a left ideal of
R”.
c) If M is an Abelian group (= Z-module), a Z-submodule of M is
the same thing with a subgroup of M.
64 II. Modules
1.9 Proposition. Let (Mi)i∈I be a family of submodules of RM. Then

the intersection of this family, ∩ i∈I Mi , is a submodule of M. !
This simple result allows us to define the notion of submodule
generated by a subset:
1.10 Definition. Let M be an R-module and let X be a subset of M.

a) The intersection of all submodules of M that include X is a
submodule of M, called the submodule generated by X and denoted by
R < X > (or simply < X >). If L ≤ R M and < X > = L, one says also that
X is a system of generators for L (or that X generates L).
b) Define the set of linear combinations of elements in X with
coefficients in R as the set RX, where
RX := {r1x1 + … + rnxn| n ∈ N, r1, …, rn ∈ R, x1, …, xn ∈ X}.
If X = ∅, define R∅ = {0}.
1.11 Proposition. Let M be an R-module and X ⊆ M. Then:

a) < X > is the smallest (inclusion-wise) submodule of M that in-
cludes X.
b) < X > = RX, that is, the submodule generated by X is the same as
the set of linear combinations of elements in X with coefficients in R.
Proof. a) Evidently, < X > is a submodule and includes X. If L is a
submodule in M that includes X, then < X > ⊆ L because L is a mem-
ber of the family of submodules the intersection of which is L.
b) We show that X ⊆ RX and that RX is the smallest submodule that
includes X. The case X = ∅ is trivial. If X ≠ ∅ and x ∈ X, then x is a
linear combination, x = 1x ∈ RX. So X ⊆ RX. The difference of two
linear combinations in RX and the product of any r ∈ R with a linear
combination is still in RX. So, RX is a submodule. If L is a submodule
that includes X, 1.7.c) implies RX ⊆ L. !
1.12 Definition. For any a ∈ RM, the submodule generated by {a}

is Ra = {ra | r ∈ R} and it is also called the cyclic submodule
generated by a. The R-module M is called finitely generated if there

exists a finite system of generators for M, i.e. a finite subset F of M
such that < F > = M.
While the intersection of a family of submodules is a submodule,
the union of a family of submodules is not a submodule in general.
1.13 Definition. Let M be an R-module and let E, F be submodules

in M. The submodule generated by E ∪ F is called the sum of the
submodules E and F, and is denoted E + F. Thus, E + F is just another
notation for < E ∪ F >.
For an arbitrary family (Ei)i∈I of submodules of M, the submodule
generated by ∪i∈I Ei is called the sum of the family of submodules
(Ei)i∈I, denoted ∑i∈I Ei or ∑I Ei.
The sum of the submodules E1, …, En is denoted E1 + … + En
n
or ∑ Ei .
i =1
The sum of the family of submodules (Ei)i∈I is the smallest submod-
ule of M including all submodules Ei.
1.14 Proposition. a) If E, F are submodules of RM, then the sum of

E and F is
E + F = {e + f | e ∈ E, f ∈ F},
b) If E1, …, En are submodules of M, then
E1 + … + En = {e1 + … + en | e1 ∈ E1, …, en ∈ En}.
Proof. a) Let S := {e + f | e ∈ E, f ∈ F}. A straightforward verifica-
tion shows that S is a submodule. If L is a submodule containing E and
F, then e + f ∈ L, ∀e ∈ E, ∀f ∈ F. Thus, S ⊆ L and S is the smallest
submodule including E ∪ F. !
In order to formulate a similar result for the case of the sum of an
arbitrary (possibly infinite) family of submodules, we introduce the
following notion: for a set I (seen as a set of indexes), an R-module M
66 II. Modules
and a family of elements4 (ei)i∈I, with ei ∈ M, ∀i ∈ I, define the sup-

port of the family (denoted Supp((ei)i∈I)):
Supp((ei)i∈I) := {i ∈ I | ei ≠ 0}
For any family (ei)i∈I having finite support J ⊆ I, its sum is defined
as
∑i∈I ei := ∑i∈J ej.
1.15 Proposition. If (Ei)i∈I is a family of submodules of M, then
∑ i∈I
Ei = {∑ e
i∈I
i ei ∈ Ei , ∀i ∈ I , ( ei )i∈I having finite support =
}
= {ei1 + … + ein n ∈ ', i1 ,… , in ∈ I , ei1 ∈ Ei1 ,… , ein ∈ Ein } .
Proof. Let S = {∑ ei∈I

i }
ei ∈ Ei , ∀i ∈ I , ( ei )i∈I having finite support .
As above, we show that S is a submodule: if r ∈ R, and e = ∑ ei ∈ S,

i∈I
with ei ∈ Ei, ∀i ∈ I, and Supp(ei)i∈I finite, then re = ∑ rei ∈ S, since Ei
i∈I
is a submodule. Likewise, if e, f ∈ S, then e − f ∈ S. On the other

hand, clearly Ei ⊆ S, ∀i ∈ I. If L is another submodule of M that in-
cludes all submodules Ei, then S ⊆ L. So S = < ∪i∈I Ei>. !
1.16 Remark. The set LR(M) of all submodules of the R-module M

is ordered by inclusion; furthermore, (LR(M), ⊆) is a complete lattice: 5
for any subset F of LR(M) (i.e., any family of submodules of M), sup F
is the sum of the family F, and inf F = ∩F.
4
Note that a “family (ei)i ∈ I of elements of M” is in fact a function f : I → M
(denoting f (i) = ei, ∀i ∈ I ).
5
An ordered set A is called a complete lattice if, for any B ⊆ A, there exists
sup B (the smallest upper bound of B) and inf B (the largest lower bound of B) in A.
1.17 Remark. The sum of the submodules I, J of the left canonical

module R R is the same with the sum of the left ideals I and J. If R is a
field, the submodules of an R-module M are the vector subspaces of M
“sum of submodules” means “sum of vector subspaces”.
The lattice LR(M) always has a greatest element (M itself) and a
smallest element (the submodule 0). For this reason, the notions of
maximal submodule and minimal submodule are defined as follows.
1.18 Definition. The submodule L of the R-module M is called a

maximal submodule if L is maximal among the proper (distinct from
M) submodules, i.e.:
∀E ≤ R M with E ≠ M, L ⊆ E implies L = E.
The submodule L ≤ M is called a minimal submodule if L is mini-
mal among the nonzero submodules:
∀E ≤ R M with E ≠ 0, E ⊆ L implies E = L.
The following theorem is very important.
1.19 Theorem. Let M be a nonzero finitely generated R-module.

Then any proper submodule of M is included in some maximal
submodule. In particular, M has a maximal submodule.
Proof. Let L ≤ R M, L ≠ M and let {x1, …, xn} be a finite generator
set of M. Let P be the set of proper submodules of M that include L. P
is ordered by inclusion; its maximal elements (if they exist!) are ex-
actly the maximal submodules of M that include L. We use Zorn's
lemma to prove that maximal elements exist in P. First, note that
P ≠ ∅ since L ∈ P. Take a chain (Ei)i∈I, with Ei ∈ P, ∀i ∈ I. This
chain of submodules is bounded above in P by ∪i∈I Ei =: E. Indeed, E
is a submodule6: if x, y ∈ E, then, for some i, j ∈ I, x ∈ Ei and y ∈ Ej;
6
Here is a (singular) situation when the union of a family of submodules is a
submodule.
68 II. Modules
(Ei)i∈I being a chain, we have Ei ⊆ Ej or Ej ⊆ Ei. So x − y ∈ Ej (because

Ej ≤ R M) or x − y ∈ Ei. Anyway, x − y ∈ E. Similarly, ∀r ∈ R,
∀x ∈ E, we have rx ∈ E. So, E ≤ M and E includes L.
We must also prove that E ≠ M. Suppose E = M. Then {x1,
…, xn} ⊆ E = ∪i∈I Ei, so, ∀t ∈ {1, …, n}, there exists it ∈ I such that
xt ∈ Eit . But (Ei)i∈I is a chain, so ∃j ∈ {i1, …, in} such that Eit ⊆ Ej,
∀t ∈ {1, …, n}. Thus {x1, …, xn} ⊆ Ej. We deduce M = < x1,
…, xn > ⊆ Ej, contradicting Ej ≠ M (since Ej ∈ P).
Zorn's Lemma provides us with a maximal element of P.
Taking L = 0, the existence of a maximal submodule in M is
proven. !
1.20 Corollary (Krull's Lemma 7 ) Let R be a ring with identity.

Then every left proper ideal of R is included in some maximal left
ideal. In particular, R has a maximal left ideal.
Proof. The canonical left R-module R R is finitely generated (by
{1}). !
1.21 Definition. Let M and N be left R-modules. A function

ϕ : M → N is called a left R-module homomorphism (or simply module
homomorphism) or R-homomorphism if it preserves the module opera-
tions:
ϕ(x + y) = ϕ(x) + ϕ(y), ∀x, y ∈ M;
ϕ(rx) = rϕ(x), ∀x ∈ M, ∀r ∈ R.
Other names: R-linear application, linear transformation 8 ,
R-morphism. An R-module homomorphism ϕ : M → M is called an
endomorphism of M.
7
Wolfgang Adolf Ludwig Helmuth Krull (1899-1971), German mathematician.
8
A geometric terminology, used mainly for vector space homomorphisms.
The first condition in the definition of the module homomorphism

ϕ : M → N means that ϕ is an Abelian group homomorphism. Thus,
ϕ(0) = 0
(0 denotes the zero element of M, as well as the zero element of N ).
Also:
ϕ(− x) = − ϕ(x), ∀x ∈ M.
1.22 Remark. Let L ⊆ M. If L has an R-module structure such that

the canonical inclusion ι : L → M is a module homomorphism, then
L ≤ M. Conversely, if L ≤ M, then ι : L → M is a module homomorph-
ism.
1.23 Examples. a) For any R-modules M and N, 0 : M → N,

0(x) = 0, ∀x ∈ M, is an R-module homomorphism, called the zero
homomorphism. The identity application idM : M → M, idM(x) = x,
∀x ∈ M, is also a homomorphism, the identity homomorphism of M.
b) If M is an R-module and x ∈ M, the “multiplication by x”,
rx : R R → M defined by rx(a) = ax, ∀a ∈ R, is a module homomorph-
ism. Indeed,
rx(a + b) = (a + b)x = ax + bx = rx(a) + rx(b);
rx(ba) = (ba)x = b(ax) = brx(a), ∀a, b ∈ R.
c) If R is commutative ring and r ∈ R, then the “multiplication by
r”, λr : M → M, λr(x) = rx, ∀x ∈ M, is a homomorphism: it is obvi-
ously additive and
λr(ax) = r(ax) = (ra)x = (ar)x = a(rx) = aλr(x), ∀x ∈ M, ∀a ∈ R.
Note that the commutativity of R is effectively used.
1.24 Definition. For any R-modules M, N, we denote

HomR(M, N) := {ϕ | ϕ : M → N, ϕ is an R-module homomorphism};
EndR(M) := HomR(M, M).
We denote sometimes:
Hom(R M, N), respectively End(R M) - for left modules;
70 II. Modules
Hom(MR, N), respectively End(MR) - for right modules.
1.25 Remark. HomR(M, N) is always nonempty; it contains at least

the zero homomorphism 0 : M → N, 0(x) = 0, ∀x ∈ M. Moreover,
HomR(M, N) is an Abelian group with respect to homomorphism addi-
tion, defined below:
1.26 Proposition. a) Let E, F be R-modules and let ϕ : E → F,

η : E → F be R-module homomorphisms. Then the sum ϕ +η : E → F,
defined by:
(ϕ +η)(x) := ϕ(x) + η(x), ∀x ∈ E,
is an R-module homomorphism. HomR(E, F) is an Abelian group with
respect to homomorphism addition; the zero element is the 0
homomorphism, the opposite of ϕ is (−ϕ), (−ϕ)(x) = −ϕ(x), ∀x ∈ E.
b) Let E, F, G be R-modules and let ϕ : E → F, ψ : F → G be
R-module homomorphisms. Then their composition ψ ◦ϕ : E → G is
also an R-module homomorphism. As a consequence, (EndR(E), + , ◦)
is a ring, the unity element being the identity homomorphism idE.
c) Let E be a submodule of the R-module F and let ψ : F → G be
an R-module homomorphism. Then the restriction of ψ to
E,ψ|E : E → G, is an R-module homomorphism. !
A homomorphism is perfectly determined by its values on a
generating set:
1.27 Proposition. Let E, F be R-modules, S a system of generators

of E and ϕ, ψ : E → F module homomorphism. Then ϕ = ψ iff
ϕ|S = ψ|S.
Proof. Suppose ϕ|S = ψ|S. If x ∈ E, there exist x1, …, xn ∈ S and r1,
…, rn ∈ R such that x = r1x1 + … + rnxn. So,
ϕ(x) = ϕ(r1x1 + … + rnxn) = r1ϕ(x1) + … + rnϕ(xn) =
r1ψ(x1) + … + rnψ(xn) = ψ(x). !
1.28 Definition. An R-module homomorphism ϕ : E → F is called

an R-module isomorphism if there exists a homomorphism ψ : F → E
such that ϕ ◦ψ = idF and ψ ◦ϕ = idE. The R-modules E and F are called
isomorphic if there exists an R-module isomorphism ϕ : E → F. We
write in this case E ≅ R F (or E ≅ F if it is clear that it is an R-module
isomorphism ). An isomorphism ϕ : E → E is called an automorphism
of E.
1.29 Proposition. An R-module homomorphism is an isomorphism

iff it is bijective.
Proof. Let ϕ : E → F be a homomorphism. If ϕ is an isomorphism,
then it is an invertible map, so it is a bijection. Suppose ϕ is a bijective
homomorphism. Then the inverse of the map ϕ exists, ψ : F → E. We
must prove that ψ is a homomorphism. Recall that, ∀y ∈ F, ψ(y) = x,
where x is the unique element in E with ϕ(x) = y. Let y1, y2 ∈ F and x1,
x2 ∈ E such that ψ(y1) = x1 and ψ(y2) = x2. We have
ψ(y1 + y2) = x1 + x2, since ϕ(x1 + x2) = ϕ(x1) + ϕ(x2) = y1 + y2. So,
ψ(y1 + y2) = x1 + x2 = ψ(y1) + ψ(y2). Similarly, ∀r ∈ R, ∀y ∈ F,
ψ(ry) = rψ(y). !
1.30 Definition. Let ϕ : M → N be an R-module homomorphism.

Consider the subset of M defined by:
−1
Kerϕ := {x ∈ M |ϕ(x) = 0} = ϕ (0)
Kerϕ is called the kernel of ϕ. Let Imϕ denote the image of ϕ:
Imϕ := {y ∈ N| ∃x ∈ M such that y = ϕ(x)} = {ϕ(x)| x ∈ M}.
1.31 Proposition. If ϕ : M → N is an R-module homomorphism

−1
and M' ≤ M, N' ≤ N, then ϕ (N') is a submodule of M, and ϕ(M) is a
submodule of N. In particular, Kerϕ is a submodule of M, and Imϕ is
a submodule of N.
−1
Proof. Let x, y ∈ ϕ (N'). Then ϕ(x − y) = ϕ(x) − ϕ(y) ∈ N', so
−1 −1
x − y ∈ ϕ (N'). If r ∈ R, then ϕ(rx) = rϕ(x) ∈ N', so rx ∈ ϕ (N')
72 II. Modules
Let z, t ∈ ϕ(M') and r ∈ R. Then there exist x, y ∈ M' such that

z = ϕ(x), t = ϕ(y). We have z − t = ϕ(x) − ϕ(y) = ϕ(x − y) ∈ ϕ(M'), and
rz = rϕ(x) = ϕ(rx) ∈ ϕ(M'). !
1.32 Proposition. Let ϕ : M → N be an R-module homomorphism.

Then:
a) ϕ is injective iff Kerϕ = 0.
b) ϕ is surjective iff Imϕ = N. !
Exercises
1. Prove that the commutativity of the addition of a module is a conse-

quence of the other axioms of the definition of the module.
2. Let K be a field. Which of the following subsets of the K-module
K[X] is a K-submodule?
a) The set of all polynomials of degree 7.
b) The set of all polynomials of degree at most 7.
c) The set of all monic polynomials.
d) The set of all polynomials of degree 1 that have the root 1.
e) The set of all polynomials of even degree.
Which of the sets above is a K[X]-submodule?
3. Let E and F be submodules of the R-module M. Show that E ∪ F is
a submodule of M iff E ⊆ F or F ⊆ E.
4. Let M be an R-module. Study the properties of the operations + and
∩ on LR(M ) (such as commutativity, associativity, distributivity, exis-
tence of neutral elements…).
5. Let M be an R-module and let A, B, C ≤ M. If B ≤ A, then
A∩(B + C) = B + A∩C (one says that LR(M ) is a modular lattice).
2
6. Determine all submodules of the R-module R .
7. Give an example of a module M and A, B, C ≤ M such that
A∩(B + C) ≠ A∩B + A∩C (i.e., LR(M ) is not distributive). (Hint. Try a
vector space.)
8. Let (G, +) be an Abelian group and n ∈ N* such that na = 0,
∀a ∈ G. Then G has a canonical structure of Zn-module. Is the con-
verse true? Generalization.
2
9. Identify the Euclidian plane with R , seen as an R-vector space.
Which of the following transformations of the plane is a linear
2 2
transformation (an R-module homomorphism) from R to R ?
a) The rotation of angle α around (0, 0).
b) The rotation of angle α around (0, 1).
c) The translation by the vector v = (x, y).
d) The symmetry with respect to a line.
e) The projection on a line.
S
10. Let R be a ring, let S be a set and R := {ϕ : S → R}. Define a left
S
R-module structure on R . More generally, let M be a left R-module
S
and let S be a set. Define a left R-module structure on M
= {ϕ : S → M}.
11. Let R be a ring. Show that, for any R M, R M',
HomR(M, M') ⊆ HomZ(M, M'). Give examples of R, M, M' such that
the inclusion is strict.
12. Let u : M → M' be an R-module homomorphism, A, B ≤ R M and
A', B' ≤ R M'. Study the validity of the statements:
a) u(A + B) = u(A) + u(B).
b) u(A ∩ B) = u(A) ∩ u(B).
−1 −1 −1
c) u (A' + B') = u (A') + u (B').
−1 −1 −1
d) u (A' ∩ B') = u (A') ∩ u (B').
13. Let R be a commutative ring. Show that EndR(R) ≅ R. More gener-
ally, for any R M, HomR(R, M) ≅ M.
74 II. Modules
14. Let R be a commutative ring. Show that R[X] is not a finitely

generated R-module.
n
15. Let K be a field, n ∈ N* and v1, …, vn ∈ K , where
vi = (vi1, …, vin). Find necessary and sufficient conditions for
n
{v1, …, vn} to be a system of generators for the K-module K .
2
16. Write 4 distinct homomorphisms from the R-module R to R.
Which is the general form of such a homomorphism? Generalization.
17. Let A be an R-module. Prove that A = 0 ⇔ HomR(A, B) = 0, ∀RB
⇔ HomR(B, A) = 0, ∀RB.
18. Does the Z-module Q have minimal submodules?
19. Let V be a finite dimensional K-vector space and let u ∈ EndK(V).
Then: u is injective ⇔ u is surjective ⇔ u is an isomorphism.
20. Give examples of an R-module M and of an endomorphism
ϕ : M → M such that:
a) ϕ is injective, but not surjective.
b) ϕ is surjective, but not injective.
II.2 Factor modules and the isomorphism theorems
The method used to construct the factor ring (given a ring and an
ideal in the ring) can be applied to modules, with minor modifications.
Let M be a left R-module and let L be a submodule in M. Consider-
ing only the Abelian group structure on M, L is a subgroup in M, so
we can construct the factor group M/L, which is also an Abelian
group. The Abelian group M/L can be endowed with a natural
R-module structure, inherited from the R-module structure on M.
II.2 Factor modules and the isomorphism theorems 75
We briefly recall the construction of the factor group M/L. Define

on M the equivalence relation (also called “modulo L congruence”) by:
∀x, y ∈ M : x ∼ y (mod L) ⇔ x − y ∈ L.
An easy check shows that this is indeed an equivalence relation and
that the equivalence class of x ∈ M, i.e. the set {y ∈ M | x ∼ y (mod
L)} is x + L, where
x + L := {x + l |l ∈ L} (called “the class of x modulo L”)
Define now the set M/L as the set of all equivalence classes:
M/L = {x + L | x ∈ M}
Make M/L into an Abelian group by putting:
(x + L) + (y + L) := (x + y) + L, ∀x, y ∈ M.
One proves that: the operation above is well defined (it does not de-
pend on the representatives of the classes modulo L) and (M/L, +) is an
Abelian group; the neutral element is 0 + L (equal to l + L, ∀l ∈ L);
− (x + L) = (− x) + L, ∀x ∈ M.
Getting back to the module case, define an external operation
R × (M/L) → M/L: ∀r ∈ R, ∀x + L ∈ M/L, set
r(x + L) := rx + L.
This definition is correct: if r ∈ R and x, y ∈ M, with x + L = y + L,
then x − y ∈ L, so r(x − y) ∈ L (since L ≤ R M), i.e. rx − ry ∈ L. Thus,
rx + L = ry + L.
A routine exercise shows that M/L becomes a left R-module. For
instance, ∀r, s ∈ R, ∀x ∈ M:
(r + s)(x + L) = (r + s)x + L = (rx + sx) + L = (rx + L) + (sx + L) = r(x + L
) + s(x + L).
2.1 Definition. The R-module M/L defined above is called the fac-
tor module of M with respect to L. The map π : M → M/L,
π(x) = x + L, ∀x ∈ M, is a surjective module homomorphism, called
the canonical homomorphism or the canonical surjection.
76 II. Modules
2.2 Examples. If L ≤ R M and π : M → M/L is the canonical homo-

morphism, then
Kerπ = {x ∈ M | x + L = 0 + L} = L and Imπ = M/L.
So, any submodule is the kernel of some homomorphism.
2.3 Proposition. Let M be an R-module and let L be a submodule.

Then there is a natural one-to-one increasing map between the lattice
of the submodules of M that include L and the lattice of submodules of
M/L, given by
ϕ : {A ≤ R M | L ⊆ A} → LR(M/L), ϕ(A) := {a + L | a ∈ A},
∀A ≤ R M, L ⊆ A.
Proof. We remark that ϕ(A) = π(A), the image, through the canoni-
cal homomorphism π : M → M/L, of the submodule A. So,
−1
ϕ(A) ≤ R M/L. If B ≤ R M/L, then π (B) = {x ∈ M | x + L ∈ B} is a sub-
−1
module of M that includes L, and ϕ(π (B)) = B. So, ϕ is surjective.
The rest of the proof is left to the reader. !
2.4 Example. Let n ∈ N. Let us find the submodules of the

Z-module Z/nZ (also known as Zn). The above says that L(Z/nZ) is in
one-to-one correspondence to the submodules of Z that include nZ,
which are {mZ | m ∈ N, m|n}. To mZ ⊇ nZ corresponds
mZ/nZ ≤ Z/nZ. So, L(Z/nZ) = {mZ/nZ | m ∈ N, m|n}. Also,
mZ/nZ = < m + nZ > is the unique submodule having n/m elements
in Z/nZ:{0 + nZ, m + nZ, …, (n/m − 1)m + nZ}.
The following notions are general concepts in category theory, ap-
plied to the category R-Mod of the left R-modules:
2.5 Definition. Let ϕ : M → N be an R-module homomorphism.

a) ϕ is called a monomorphism if, for any R A and any homomor-
phisms u, v : A → M, ϕ ◦u = ϕ ◦v implies u = v.
b) ϕ is called an epimorphism if, for any R A and any homomor-
phisms u, v : N → A, u◦ϕ = v◦ϕ implies u = v.
2.6 Proposition. Let ϕ : M → N be a homomorphism. Then:

a) ϕ is a monomorphism if and only if ϕ is injective.
b) ϕ is an epimorphism if and only if ϕ is surjective.
Proof. a) Suppose ϕ injective. Let R A and u, v ∈ HomR(A, M) such
that ϕ◦u = ϕ◦v. So, ∀a ∈ A, ϕ(u(a)) = ϕ(v(a)). Since ϕ is injective, we
deduce u(a) = v(a). Suppose now ϕ is a monomorphism and let
A = Kerϕ. Consider ι : Kerϕ → M the inclusion homomorphism and
0 : Kerϕ → M the zero homomorphism. For any a ∈ Kerϕ,
ϕ ◦ι(a) = ϕ(a) = 0 = ϕ ◦0(a); so, ι = 0 ⇔ Kerϕ = 0.
b) Let ϕ be an epimorphism. Consider the factor module N/Imϕ
and π : N → N/Imϕ (canonical surjection) and 0 : N → N/Imϕ. We
have π ◦ϕ (x) = ϕ(x) + Imϕ = 0 + Imϕ = 0◦ϕ (x), ∀x ∈ M. So,
π ◦ϕ = 0◦ϕ, i.e. π = 0. This means N/Imϕ = 0⇔N = Imϕ. The converse
is left to the reader. !
2.7 Theorem. (The fundamental isomorphism theorem) Let

M
ϕ : M → N be an R-module homomorphism. Then ≅ Imϕ.
Kerϕ
More precisely, there exists a unique isomorphism
ψ : M/Kerϕ → Imϕ such that the following diagram is commutative:
ϕ
M ⎯⎯→ N
π
↓ ↑ι
ψ
M Kerϕ ⎯⎯→ Im ϕ
i.e. ϕ = ι ◦ψ ◦π, where ι is the inclusion and π is the canonical surjec-
tion. ψ is given by ψ(x + Kerϕ) = ϕ(x), ∀x ∈ M.
Proof. ψ : M/Kerϕ → Imϕ is well defined: if x, y ∈ M are such that
x + Kerϕ = y + Kerϕ, then x − y ∈ Kerϕ ⇔ ϕ(x − y) = 0 ⇔ ϕ(x) = ϕ(y).
Thus, ψ(x + Kerϕ) does not depend on x, but only on the equivalence
class x + Kerϕ. Checking that ψ is a homomorphism is simple.
ψ is surjective: Imψ = {ψ(x + Kerϕ)| x ∈ M} = {ϕ(x)| x ∈ M} =
Imϕ. For the injectivity, we show that Kerψ = {0 + Kerϕ}: if x ∈ M
78 II. Modules
with ψ(x + Kerϕ) = 0, then ϕ(x) = 0, so x ∈ Kerϕ, ⇔

x + Kerϕ = 0 + Kerϕ.
Also, ι ◦ψ ◦π (x) = ψ(x + Kerϕ) = ϕ(x), ∀x ∈ M.
If η : M/Kerϕ → Imϕ is a homomorphism such that ϕ = ι ◦η ◦π,
then, ∀x ∈ M, η(x + Kerϕ) = ιηπ(x) = ϕ(x), so η = ψ. !
2.8 Remark. A typical use for the isomorphism theorem is as fol-

lows: suppose B ≤ R A and we want to prove that A/B ≅ C. One looks
for a surjective homomorphism ϕ : A → C, with Kerϕ = B. The
isomorphism theorem provides then the required isomorphism. The
following corollaries illustrate this technique (which is used also for
groups, rings, algebras, …).
2.9 Corollary. Let R M and E, F ≤ M such that E ⊆ F. Then F/E is

a submodule of M/E and:
M E M
≅ (R-module isomorphism).
F E F
Proof. Since F/E = {x + E | x ∈ F}, F/E ⊆ M/E = {x + E | x ∈ M}.
Let ϕ : M/E → M/F, ϕ(x + E) = x + F, ∀x ∈ M. The map ϕ is well de-
fined: if x, y ∈ M, with x + E = y + E, then x − y ∈ E. So, x − y ∈ F
and x + F = y + F. It easy to see that ϕ is a surjective module
homomorphism. Kerϕ = {x + E | x ∈ M, x + F = 0 + F} = F/E. Apply
now the fundamental isomorphism theorem. !
2.10 Corollary. Let R M and E, F ≤ R M. Then

E+F F
≅ .
E E∩F
Proof. Let ϕ : F → (E + F)/E, ϕ(x) = x + E, ∀x ∈ F. The mapping
ϕ is a module homomorphism, being the restriction of the canonical
homomorphism E + F → (E + F)/E to the submodule F of E + F.
Moreover, ϕ is surjective: ∀(e + f ) + E ∈ (E + F)/E, with e ∈ E, f ∈ F,
(e + f ) + E = f + E = ϕ( f ).
Kerϕ = {x ∈ F | x + E = 0 + E} = {x ∈ F | x ∈ E} = E ∩ F. Apply
the fundamental isomorphism theorem, we get F/(E ∩ F) ≅ (E + F)/E.!
The following result is often used in module theory arguments:
2.11 Proposition. Let ϕ : E → F and ψ : E → G be R-module

homomorphisms, with ϕ surjective. If Kerϕ ⊆ Kerψ, then:
a) “ψ factorizes through ϕ”: there exists a unique homomorphism
η : F → G such that ψ = η ◦ϕ .
b) η is injective if and only if Kerϕ = Kerψ.
ϕ
E ⎯⎯→ F
η
ψ
G
Proof. a) Let y ∈ F. Since ϕ is surjective, there exists x ∈ E with
ϕ(x) = y. Define η(y) := ψ(x). The definition is independent on the
choice of x ∈ E with ϕ(x) = y. Indeed, if x, x' ∈ E such that
ϕ(x) = ϕ(x') = y, then x − x' ∈ Kerϕ ⊆ Kerψ, so ψ(x) = ψ(x'). Also, η is
a homomorphism (standard check) and, ∀x ∈ E, η(ϕ(x)) = ψ(x). If
η´ ∈ HomR(F, G) has the property that η'◦ϕ = ψ, then
η(ϕ(x)) = η'(ϕ(x)), ∀x ∈ E. Since ϕ is surjective, η = η'.
b) Suppose η is injective. Let x ∈ E with ψ(x) = 0. Then
η(ϕ(x)) = 0, so ϕ(x) = 0, i.e. x ∈ Kerϕ. Therefore Kerϕ = Kerψ. Sup-
pose now that Kerϕ = Kerψ and take y ∈ F with η(y) = 0. Then ∃x ∈ E
with ϕ(x) = y; so, η(ϕ(x)) = ψ(x) = 0, which means x ∈ Kerψ. Since
Kerϕ = Kerψ, x ∈ Kerϕ, so ϕ(x) = y = 0. !
80 II. Modules
Exercises
1. Prove that every R-module homomorphism u : M → N can be writ-

ten as u = v◦w, where v is an injective homomorphism and w is a
surjective homomorphism.
2. Let M be a finitely generated R-module. Show that there exists
n
n ∈ N and a surjective homomorphism ϕ : R → M. Deduce that, if M
is cyclic (generated by one element), then M is isomorphic to a
R-module of the form R/I, where I ≤ R R.
3. Prove that every factor module of a finitely generated module is
finitely generated.
4. Let m, n ∈ N*. Prove that:
a) HomZ(Zn, Z) = 0 and HomZ(Z, Zn) ≅ Zn.
b) HomZ(Zm, Zn) ≅ Zd, where d = GCD(m, n).
5. Let m, n ∈ N. Under what conditions the Abelian group (Zm, +) has
a Zn-module structure? Does there exist a Zn-module structure on
(Z, +)?
6. Determine all the submodules in: Z6, Z8, Z24. Generalize the result.
7. Prove the following version of the fundamental isomorphism theo-
rem: Let ϕ : M → N be an R-module homomorphism and let L ≤ R M
such that Ker ϕ ⊆ L. Then there exists a canonical isomorphism
M ϕ (M )
≅ .
L ϕ (L )
8. An R-module is called simple if it has no submodules other than
zero or itself. Show that M is simple if and only if it is isomorphic to a
module of the type R/I, where I is a maximal left ideal in R. Write all
(up to isomorphism) simple Z-modules and all simple K[X]-modules,
where K is a field.
II.3 Direct sums and products. Exact sequences 81
9. Is it true that any intersection of finitely generated submodules is a

finitely generated submodule? (Hint. Let K be a field, S = K[Xn;
n ∈ N] and T = S/I, where I is the ideal of S generated by
{(X1 − X2)Xi | i ≥ 3}. Let ξ1, ξ2 be the images of X1, X2 in T. Then
Tξ1∩Tξ2 is not a finitely generated T-module.)
II.3 Direct sums and products. Exact sequences
The methods of constructing new structures (from a given collec-

tion of structures) are extremely important. In the case of modules
(and also groups, rings…) some of the most used constructions are the
direct product and the direct sum.
We begin with the case of two R-modules M1 and M2. The Carte-
sian product M1 × M2 = {(x1, x2) | x1 ∈ M1, x2 ∈ M2} is made into an
Abelian group by defining:
(x1, x2) + (y1, y2) := (x1 + y1, x2 + y2), ∀ (x1, x2), (y1, y2) ∈ M1 × M2.
M1 × M2 is in fact the direct product of the groups (M1, +) and
(M2, +). The Abelian group M1 × M2 becomes a left R-module by
defining:
r(x1, x2) := (rx1, rx2), ∀r ∈ R, ∀(x1, x2) ∈ M1 × M2.
It is trivial to check the R-module axioms.
Define the homomorphisms π1 : M1 × M2 → M1 and
π2 : M1 × M2 → M2, by:
π1(x1, x2) := x1 and π2(x1, x2) := x2, ∀(x1, x2) ∈ M1 × M2.
The R-module M1 × M2, together with the homomorphisms π1 and
π2, is called the direct product of M1 and M2. The homomorphisms π1
and π2 are called the canonical projections of the direct product
82 II. Modules
M1 × M2. The direct product satisfies the following universality prop-

erty:
3.1 Theorem. (the universality property of the direct product) Let

M1 and M2 be R-modules. Then, for any R-module E and any
homomorphisms v1 : E → M1, v2 : E → M2, there exists a unique
homomorphism v : E → M1 × M2 such that v1 = π1◦v and v2 = π2◦v (the
diagram below is commutative, for i ∈ {1,2}): 9
π
M 1 × M 2 ⎯⎯→
i
Mi
v
vi
E
Proof. We prove first the uniqueness. Let v : E → M1 × M2 be a
homomorphism with the required property. Let e ∈ E and suppose
v(e) = (x1, x2) ∈ M1 × M2. We have x1 = π1(v(e)) = (π1◦v)(e) = v1(e) and,
likewise, x2 = v2(e). So, if there exists v as required, then
v(e) = (v1(e), v2(e)), ∀e ∈ E. On the other hand, the map v defined in
this way is clearly a module homomorphism. !
The construction above can be generalized for an arbitrary family

(possibly infinite) of modules. Let I be a set (seen as a set of indices)
and let (Mi)i∈I be a family of R-modules indexed by I. Recall that the
Cartesian product of this family is
∏i∈I Mi = { f : I → ∪i∈I Mi | f (i) ∈ Mi, ∀i ∈ I}.
An element f ∈ ∏i∈I Mi is usually written as (xi)i∈I or (xi)I (where
we denoted f (i) = xi ∈ Mi, ∀i ∈ I). Define an operation of addition on
∏i∈I Mi by:
∀f, g ∈ ∏i∈I Mi, ( f + g)(i) := f(i) + g(i), ∀i ∈ I;
9
So, v1 factorizes through π1 and v2 factorizes through π2.
With the alternate notation: ∀(xi)I, (yi)I ∈ ∏i∈I Mi,

(xi)I + (yi)I := (xi + yi)I.
∏i∈I Mi is an Abelian group with respect to this operation.
Define the external operation: ∀r ∈ R, ∀f ∈ ∏i∈I Mi,
(rf )(i) := rf (i), ∀i ∈ I;
With the alternate notation: ∀r ∈ R, ∀(xi)I ∈ ∏i∈I Mi, r(xi)I := (rxi)I.
Proving that ∏i∈I Mi becomes an R-module with the operations
above is routine: for instance, ∀r ∈ R, ∀f, g ∈ ∏i∈I Mi, ∀i ∈ I, we
have
(r( f + g))(i) = r·( f + g)(i) = r( f (i) + g(i)) = rf (i) + rg(i) = (rf + rg)(i),
which shows that r( f + g) = rf + rg.
For any j ∈ I, define the homomorphisms πj : ∏i∈I Mi→ Mj by:
πj( f ) := f ( j), ∀f ∈ ∏i∈I Mi;
using the notation (xi)I : πj((xi)I) := xj, ∀(xi)I ∈ ∏i∈I Mi.
The R-module ∏i∈I Mi, together with the family of homomor-
phisms (πi)i∈I, is called the direct product of the family of modules
(Mi)i∈I. The homomorphisms πi, i ∈ I, are called the canonical projec-
tions. The direct product satisfies a universality property:
3.2 Theorem. (the universality property of the direct product) Let

(Mi)i∈I be family of R-modules. Then, for any R-module E and any
family of homomorphisms indexed by I, vi : E → Mi, i ∈ I, there exists
a unique homomorphism v : E → ∏i∈I Mi, such that vi = πi◦v, ∀i ∈ I.
π
∏i∈I M i ⎯⎯→
i
Mi
v
vi
E
84 II. Modules
Proof. It is basically the same as for two modules. Suppose there

exists a homomorphism v : E → ∏i∈I Mi with the desired property.
Let e ∈ E and denote v(e) by f ∈ ∏i∈I Mi. For any i ∈ I,
f (i) = πi( f ) = πi(v(e)) = (πi◦v)(e) = vi(e). So, if such a homomorphism v
exists, then v(e)(i) = vi(e), ∀e ∈ E. On the other hand, v defined this
way is a module homomorphism. !
The direct product of the family (Mi)i∈I is denoted also ×i∈I Mi. For
n
a finite family M1, …, Mn, the notation is M1 ×…× Mn or ∏ M i . If the
i =1
modules of the family (Mi)i∈I are all equal to some module M, the di-
I n
rect product of the family is denoted by M (or M if I is finite, having
n elements).
A remarkable fact is that the universality property of the direct

product characterizes the direct product up to a unique isomorphism:
3.3 Theorem. Let (Mi)i∈I be a family of R-modules. Suppose that an

R-module P, and the family of homomorphisms indexed by I,
pi : P → Mi, i ∈ I, satisfies the property:
“For any R-module E and any family of homomorphisms indexed
by I, vi : E → Mi, i ∈ I, there exists a unique homomorphism v : E → P
such that vi = pi◦v, ∀i ∈ I.” 10 (U)
If the R-module Q, together with the family of homomorphisms
qi : Q → Mi, i ∈ I, satisfies also property (U) above, then there exists a
unique isomorphism ϕ : P → Q such that pi = qi ◦ϕ, ∀i ∈ I.
Proof. In (U), set E = Q and vi = qi, ∀i ∈ I. We obtain a (unique)
homomorphism ψ : Q → P such that qi = pi◦ψ. Since Q satisfies also
10
This is exactly the universality property of the direct product.
(U), apply (U) for P with the homomorphisms (pi)i ∈ I, there exists a
unique homomorphism ϕ : P → Q, such that pi = qi◦ϕ. We show that ϕ
and ψ are inverse one to each other. Indeed, ϕ ◦ψ : Q → Q satisfies
qi◦(ϕ ◦ψ) = (qi◦ϕ)◦ψ = pi◦ψ = qi, ∀i ∈ I; but the homomorphism idQ
: Q → Q has the same property: qi◦idQ = qi, ∀i ∈ I. By uniqueness,
guaranteed by (U), we get ϕ ◦ψ = idQ. Similarly, ψ ◦ϕ = idP. !
3.4 Remark. The universality property of the direct product is

articulated only in terms of objects (modules, in this case) and
homomorphisms, without involving any elements of the underlying
sets of the modules. For this reason, the universality property above is
taken as a definition of the direct product in a category C (replace
“module” with “object in C” and “module homomorphism” with
“morphism in C”). The direct product of a family of modules in C (if it
exists) is uniquely determined up to an isomorphism: the proof of the
proposition above is valid in any category. Theorem 3.2 says that in
R-Mod the direct product of an arbitrary family of objects
(Mi)i∈I exists, namely (∏i∈I Mi, (πi)i∈I).
Dualizing (“reversing the arrows”) in the universality property of
the direct product, one obtains the universality property of the direct
sum (taken as a definition of this notion):
3.5 Definition. Let (Mi)i∈I be a family of R-modules. An R-module

S, together with a family of homomorphisms (σi)i∈I, σi : Mi → S, is
called a direct sum of the family (Mi)i∈I if, for any module E and any
family of homomorphisms (vi)i∈I, vi : Mi → E, there exists a unique
homomorphism v : S → E such that v◦σi = vi, ∀i ∈ I (the diagram be-
low is commutative, ∀i ∈ I):
σ
M i ⎯⎯→
i
S
vi v
E
86 II. Modules
The homomorphisms (σi)i∈I are called the canonical injections of

the direct sum (S, (σi)i∈I).
3.6 Remark. The canonical injections are indeed injective. For a

fixed j ∈ I, in the definition above set E = Mj and vi : Mi → Mj defined
as follows: vi = 0 if i ≠ j and vj = idMj. The homomorphism v : S → Mj,
given by the definition, satisfies v ◦σj = id, so σj is injective.
The direct sum is also called coproduct (a categorical name,
emphasizing the duality with the product).
We now construct an object satisfying the definition of the direct
sum.
If f ∈ ∏i∈I Mi, recall that the support of f is the set
Supp f := {i ∈ I | f (i) ≠ 0}. Consider the following subset of ∏i∈I Mi:
(i∈I Mi := {f ∈ ∏i∈I Mi | Supp f is finite}.
We claim that (i∈I Mi is a submodule of ∏i∈I Mi. Indeed, if f,
g ∈ (i∈I Mi, then Supp( f + g) ⊆ Supp f ∪ Supp g, so f + g has finite
support. If r ∈ R, then Supp(rf ) ⊆ Supp f. Identify f ∈ (i∈I Mi with
the “family of elements” (xi)i∈I, where xi = f (i) ∈ Mi, ∀i ∈ I; the family
(xi)i∈I has finite support.
Define, ∀j ∈ I, σj : Mj → (i∈I Mi by: ∀x ∈ Mj,
⎧0, if i ≠ j
(σj(x))(i) := ⎨ . In other words, if σj(x) = (xi)i∈I, then xj = x,
⎩ x, if i = j
and xi = 0, ∀i ∈ I, i ≠ j. It is easy to check that σj is a homomorphism,
∀j ∈ I. Note that ∀(xi)I ∈ (i∈I Mi, we have
(xi)I = ∑i∈I σi(xi)
(the sum is finite, i runs only on Supp((xi)I), which is finite).
3.7 Theorem. Let (Mi)i∈I be a family of R-modules. Then the mod-

ule (i∈I Mi, together with the homomorphisms (σi)i∈I, is a direct sum
of the family (Mi)i∈I.
Proof. Let E be an R-module and let vi : Mi → E, ∀i ∈ I. If
v : (i∈I Mi → E is a homomorphism with v◦σi = vi, ∀i ∈ I, then,
∀(xi)I ∈ (i∈I Mi, we have:
v((xi)I) = v{∑i∈I σi(xi)} = ∑i∈I (v◦σi)(xi) = ∑i∈I vi(xi).
This shows that the homomorphism v is uniquely determined by the
condition v◦σi = vi, ∀i ∈ I. If we define v in this way, v is indeed a
homomorphism: ∀(xi)I, (yi)I ∈ (i∈I Mi, ∀r ∈ R,
v((xi)I + (yi)I) = v((xi + yi)I) = ∑i∈I vi(xi + yi) = ∑i∈I vi(xi) +vi( yi)
= v((xi)I) + v((yi)I),
v(r(xi)I) = v((rxi)I) = ∑i∈I vi(rxi) = ∑i∈I rvi(xi) = r∑i∈I vi(xi) = rv((xi)I).!
The module (i∈I Mi is often denoted ⊕i∈I Mi. For a finite family
n
M1, …, Mn, the notation is M1 ⊕…⊕ Mn or ⊕ M i . If the modules in
i =1
the family (Mi)i∈I are all equal to the same module M, ⊕i∈I Mi is de-
(I)
noted by M . In order to avoid the confusion with the notion of inter-
nal direct sum of submodules (see 3.11), (i∈I Mi is sometimes called
external direct sum.
As in the case of the direct product, the universality property
characterizes the direct sum of a family of modules up to an isomor-
phism. The reader is invited to formulate this precisely and prove it, as
in the case of the direct product.
3.8 Remark. If the set of indices I is finite, the module direct sum
⊕i∈I Mi = (i∈I Mi coincides with the module direct product ∏i∈I Mi in
3.2. Nevertheless, the direct sum is a couple (⊕i∈I Mi, (σi)i∈I) and is not
the same with the direct product {∏i∈I Mi, (πi)i∈I}.
88 II. Modules
3.9 Example. Let R be a commutative ring and let R[X] be the

polynomial ring in the indeterminate X. As an R-module, R[X] is
( )
isomorphic with the direct sum R N of a countable family of copies of
R R.
We defined the notion of sum of a family (Li)i∈I of submodules of

R M. The direct sum of the family (Li)i∈I, where Li are seen are modules
by themselves can be also constructed. When are these sums “the
same”?
3.10 Proposition. Let M be an R-module and let (Li)i∈I be a family

of submodules of M. Let L denote their sum, L := ∑i∈I Li, and let
ηi : Li → L be the inclusion homomorphisms. The following statements
are equivalent:
a) L is the external direct sum of the modules (Li)i∈I, and the (ηi)i∈I
are the canonical injections.
b) For any x ∈ L, there exists a unique family (xi)i∈I, with xi ∈ Li,
∀i ∈ I, having finite support, such that x = ∑i∈I xi.
⎛ ⎞
c) For any j ∈ I, Lj ∩ ⎜ ∑ Li ⎟ = 0.
⎜ i∈I \{ j} ⎟
⎝ ⎠
d) For any family (xi)i∈I, with xi ∈ Li, ∀i ∈ I, having finite support,
such that ∑i∈I xi = 0, we have xi = 0, ∀i ∈ I.
Proof. a)⇒b) Let (i∈I Li be the direct sum constructed as in 3.7,
with (σi)i∈I the canonical injections; let ϕ : (i∈I Li → L be the unique
isomorphism with ϕ ◦σi = ηi, ∀i ∈ I. For any x ∈ L, there exists (xi)i∈I
∈ (i∈I Li such that ϕ((xi)i∈I) = x. So,
x = ϕ((xi)i∈I) = ϕ{∑i∈I σi(xi)} = ∑i∈I (ϕ ◦σi)(xi) = ∑i∈I ηi(xi) = ∑i∈I xi,
which means that x is the sum of the family (xi)i∈I, xi ∈ Li, ∀i ∈ I, hav-
ing finite support. If (yi)i∈I is another family having finite support, with
yi ∈ Li, ∀i ∈ I, such that ∑i∈I xi = ∑i∈I yi, then ϕ((xi)i∈I) = ϕ((yi)i∈I).
Since ϕ is an isomorphism, (xi)i∈I = (yi)i∈I.
⎛ ⎞
b)⇒c) Let xj ∈ Lj ∩ ⎜⎜ ∑ Li ⎟⎟ . Then there exists a family of finite
⎝ i∈I \{ j} ⎠
support, (xi)i∈I \ {j}, xi ∈ Li, ∀i ∈ I \ {j}, such that xj = ∑i∈I \ {j} xi. We
obtain that 0 is the sum of the finite support family (yi)i∈I, where
yi = xi, ∀i ≠ j and yj = −xj. Since 0 has a unique writing as a sum of a
finite support family (evidently, 0 is the sum of the family (0)i∈I), we
obtain xi = 0, ∀i ∈ I. So, xj = 0.
c)⇒d) Let (xi)i∈I, xi ∈ Li, ∀i ∈ I, be such that ∑i∈I xi = 0. Let j ∈ I.
⎛ ⎞
Then xj ∈ Lj; since xj = ∑i∈I \ {j}(−xi), we get xj ∈ ⎜⎜ ∑ Li ⎟⎟ . So, xj = 0.
⎝ i∈I \{ j} ⎠
d)⇒a) We show that (L, (ηi)i∈I) satisfies the definition 3.5. Let RE
and let a family of homomorphisms (vi)i∈I, vi : Mi → E. If x ∈ L, there
exists a family of finite support (xi)i∈I (xi ∈ Li, ∀i ∈ I), such that
x = ∑i∈I xi. From d), we obtain that this family is unique: if
∑i∈I xi = ∑i∈I yi, with yi ∈ Li, ∀i ∈ I, then ∑i∈I (xi − yi) = 0, so xi = yi,
∀i ∈ I.
Define the homomorphism ϕ : L → E by: ∀x ∈ L, put
ϕ(x) := ∑i∈I vi(xi), where (xi)i∈I is the unique family of finite support
with xi ∈ Li, ∀i ∈ I, and x = ∑i∈I xi. The map ϕ thus defined is an
R-module homomorphism: if x, y ∈ L, and (xi)i∈I, (yi)i∈I are the unique
families of finite support with xi, yi ∈ Li, ∀i ∈ I and such that
x = ∑i∈I xi, y = ∑i∈I yi, then x + y = ∑i∈I xi + ∑i∈I yi = ∑i∈I(xi + yi),
where (xi + yi)i∈I has finite support and xi + yi ∈ Li, ∀i ∈ I. So,
ϕ(x + y) = ∑i∈I vi(xi + yi) = ∑i∈I vi(xi) + ∑i∈I vi(yi) = ϕ(x) + ϕ(y).
Similarly one sees that ϕ(rx) = rϕ(x), ∀r ∈ R, ∀x ∈ L. If j ∈ I and
xj ∈ Lj, then (ϕ ◦ηj)(xj) = ϕ(xj) = vj(xj), which shows that ϕ ◦ηj = vj,
∀j ∈ I. We must show that ϕ is unique with this property. Let
90 II. Modules
ψ : L → E be a homomorphism with ψ ◦ηi = vi, ∀i ∈ I, and let x ∈ L.

Then x = ∑i∈I xi, xi ∈ Li, ∀i ∈ I and:
ψ(x) = ψ(∑i∈I xi) = ∑i∈Iψ( xi) = ∑i∈Iψ(ηi( xi)) = ∑i∈I vi(xi) = ϕ(x). !
3.11 Definition. Let (Li)i∈I be a family of submodules of an

R-module M. We say that “the sum of the family (Li)i∈I is a direct
(internal) sum” if and only if one of the equivalent statements of the
proposition above is satisfied. In this situation, one also says that
(Li)i∈I is an independent family of submodules. A submodule A of M is
called a direct summand of M if there exists 0 ≠ B ≤ R M such that
M = A ⊕ B (a submodule B having this property is called a comple-
ment of A).
3.12 Corollary. Let M be an R-module and let A, B ≤ R M. The

a) M = A ⊕ B.
b) M = A + B and A ∩ B = 0.
c) ∀x ∈ M, there exists a unique pair (a, b) ∈ A × B such that
x = a + b. !
3.13 Examples. a) If V is a K-vector space, then any vector sub-

space U of V is a direct summand in V.
b) If R is a domain, then R R has no nonzero submodule that is a di-
rect summand. Indeed, for any nonzero submodules A and B of R R, we
have A ∩ B ≠ 0: for 0 ≠ a ∈ A and 0 ≠ b ∈ B, 0 ≠ ab ∈ A ∩ B.
3.14 Remark. a) The notions of (internal) direct sum of submod-

ules and external direct sum are very close: if S is a direct sum of the
modules (Mi)i∈I, with canonical injections (σi)i∈I, then S is the internal
direct sum of its submodules (Imσi)i∈I, and Mi ≅ Imσi, ∀i ∈ I. It is
usual to identify Mi with Imσi and call S the direct sum of the modules
Mi, i ∈ I.
b) If M = ⊕i∈I Mi is the direct sum of the modules (Mi)i∈I, with

canonical injections (σi)i∈I, then, ∀j ∈ I, the mapping pj : M → Mj,
x & xj, (where x = ∑i∈I σi(xi) , with xi ∈ Mi, ∀i ∈ I) is a module homo-
morphism, called the canonical projection on Mj. Considering M as a
submodule of the direct product ∏i∈I Mi, pj is exactly the restriction to
M of the canonical projection πj of the direct product. Furthermore,
σ p
pj◦σj is the identity of Mj : M j ⎯⎯→
j
∏ M i ⎯⎯→
j
Mj.
The direct summands of an R-module M are closely related with

the idempotents of the ring EndR(M). (An element e of a ring S is
2
called an idempotent if e = e).
3.15 Proposition. Let M be an R-module. If M = A ⊕ B, then

p := iA◦pA (where pA : M → A is the canonical projection and
iA : A → M is the canonical injection) is an idempotent of EndR(M)
and Im p = A, Ker p = B.
Conversely, let p ∈ EndR(M) be an idempotent. Then
M = Im p ⊕ Ker p.
Proof. For any x ∈ M, there exist unique a ∈ A, b ∈ B, such that
x = a + b. Then p(x) = a. We have: p(p(x)) = p(a) = a = p(x). So,
2
p◦p = p = p. We have p(x) = 0 iff x = 0 + b, with b ∈ B, i.e. Ker p = B.
Evidently, Im p = A.
2
Suppose now that p ∈ EndR(M) and p = p. For any x ∈ M, write
x = p(x) + (x − p(x)).
2
We have p(x) ∈ Im p and p(x − p(x)) = p(x) − p (x) = 0, so
x − p(x) ∈ Ker p. Thus, M = Im p + Ker p. If x ∈ Im p ∩ Ker p, then
2
p(x) = 0 and x = p(y), with y ∈ M. Therefore, x = p(y) = p (y) = p(x) = 0
and Im p ∩ Ker p = 0, which means that M = Im p ⊕ Ker p. !
3.16 Proposition. Let M and N be R-modules and let u : M → N

and v : N → M be homomorphisms such that v◦u = idM. Then
92 II. Modules
N = Im u ⊕ Ker v. In particular, M is isomorphic to a direct summand

of N.
2
Proof. Let p = u◦v : N → N. Since p = u◦v◦u◦v = u◦id◦v = u◦v = p,
N = Im p ⊕ Ker p by 3.15. Because v is surjective,
Im p = Im u◦v = Im u. Also, Ker u◦v = {x ∈ N | u(v(x)) = 0}
= {x ∈ N | v(x) = 0} = Ker v, since u is injective. !
3.17 Definition. Let vi : Mi → Ni (i ∈ I) be a family of R-module

homomorphisms. We define the direct product and the direct sum of
the family of homomorphisms (vi)i∈I.
Let (∏ Mi, (πi)i∈I) (respectively (∏Ni, (ρi)i∈I)) be the direct product
of the family (Mi)i∈I (respectively (Ni)i∈I). For any j ∈ I,
vj◦πj : ∏ Mi → Nj is a homomorphism. The universality property of
the direct product (3.2), produces a unique homomorphism
π
∏ M i ⎯⎯j → M j
v vj
ρ
∏ N i ⎯⎯→
⎯j N j
v : ∏ Mi → ∏ Ni such that ρj◦v = vj◦πj, ∀j ∈ I:
The homomorphism v is called the direct product of the family of
homomorphisms (vi)i∈I and is usually denoted by ∏i∈I vi or ×i∈I vi. If
∏i=1 vi
n
I = {1, …, n}, the notations are or v1 ×…× vn.
For any x = (xi)i∈I ∈ ∏ Mi, {∏i∈I vi}(x) = (vi(xi))i∈I ∈ ∏ Ni.
Similarly one defines the direct sum of the family of homomor-
phisms (vi)i∈I. Let (⊕ Mi, (σi)i∈I) (respectively (⊕Ni, (τi)i∈I)) be the di-
rect sum of the family (Mi)i∈I (respectively (Ni)i∈I). For any j ∈ I,
τj◦vj : Mj → ⊕Ni is a homomorphism. The universality property of the
direct sum (3.5) yields a unique homomorphism w : ⊕ Mi → ⊕ Ni such

that w◦σj = τj◦vj, ∀j ∈ I.
σ
⎯j ⊕ M i
M j ⎯⎯→
vj w
jτ
N j ⎯⎯→ ⊕ Ni
The homomorphism w is called the direct sum of the family (vi)i∈I
and is denoted by (i∈I vi or ⊕i∈I vi. If I = {1, …, n}, w is denoted by
⊕in=1 vi or v1⊕…⊕vn.
If x = ∑i∈I xi ∈ ⊕ Mi, where xi ∈ Mi and the family (xi)i∈I has finite
support11, then (⊕i∈I vi)(x) = ∑i∈I vi(xi) ∈ ⊕ Ni.
3.18 Proposition. Let vi : Mi → Ni (i ∈ I) be a family of module

homomorphisms. Then:
a) If vi is injective (surjective), then ∏i∈I vi and ⊕i∈I vi are injective
(surjective).
b) If ui : Ni → Pi (i ∈ I) are homomorphisms, then
{∏i∈I ui}◦{∏i∈I vi} = ∏i∈I ui◦vi and {⊕i∈I ui}◦{⊕i∈I vi} = ⊕i∈I ui◦vi. !
Let R-Mod be the category of the left R-modules and Ab the cate-
gory of Abelian groups.
3.19 Definition. (The Hom functors) For any A ∈ R-Mod, define
A
the (covariant) functor h : R-Mod → Ab:
A
∀ B∈ R-Mod, h (B) := HomR(A, B),
(note that HomR(A, B) is an Abelian group with respect to
homomorphism addition);
11
We identify xi with its image through the canonical injection σi(xi).
94 II. Modules
A
∀u : B → B' morphism in R-Mod, h (u) : HomR(A, B) → HomR(A, B')
is defined as
A
h (u)(g) := u◦g, ∀g ∈ HomR(A, B).
A A
It is immediate that h (u) is a morphism in Ab, that h (1B) = 1hA(B)
A A A
and that h (v◦u) = h (v)◦h (u), for any R-module B and any R-module
A
homomorphisms u : B → B' and ∀v : B' → B". So, h is a functor, also
denoted by HomR(A, -).
In a similar manner one defines the contravariant functor
hA : R-Mod → Ab. For any B ∈ R-Mod, hA(B) := HomR(B, A); for any
u : B → B' in R-Mod, hA(u) : HomR(B', A) → HomR(B, A) is given by
hA(u)(g) := g◦u, ∀g ∈ HomR(B', A). The functor hA is denoted also by
HomR(-, A).
We study the behavior of HomR(A, -) and HomR(-, A) with respect
to direct products and direct sums.
3.20 Proposition. Let A be an R-module and let (Mi)i∈I be a family

of R-modules. Then there exist canonical isomorphisms in Ab:
HomR(A, ∏i∈I Mi) ≅ ∏i∈I HomR(A, Mi),
HomR(⊕i∈I Mi, A) ≅ ∏i∈I HomR(Mi, A).
Proof. We prove the second isomorphism (the first is proposed as
an exercise).
Let S = ⊕i∈I Mi and let σi : Mi → S be the canonical injections.
We give two proofs, a “direct proof” and a “category proof”. The
“direct proof” uses the form of the elements in the concrete construc-
tions of the direct sum and the direct product and defines a natural
homomorphism from HomR(S, A) to ∏i∈I HomR(Mi, A); we then show
this is an isomorphism. The “category proof” shows that HomR(S, A) is
a direct product in Ab of the family (HomR(Mi, A))i∈I (more precisely,
it satisfies the universality property of the direct product) and applies
then 3.3.
Direct proof. Define α : HomR(S, A) → ∏i∈I HomR(Mi, A) as fol-
lows: for any homomorphism g : ⊕i∈I Mi → A,

α(g) =: (g◦σi)i∈I ∈ ∏i∈I HomR(Mi, A).
It is routine to check that α is a homomorphism. If
α(g) = (g◦σi)i∈I = (0)i∈I, then g(∑i∈I σi(xi)) = ∑i∈I g(σi(xi)) = 0, for any
family having finite support (xi)i∈I, with xi ∈ Mi, so g = 0. This proves
that α is injective. If (gi)i∈I ∈ ∏i∈I HomR(Mi, A), the universality prop-
erty of the direct sum S = ⊕i∈I Mi (definition 3.5) supplies a unique
homomorphism g : S → A such that g◦σi = gi, ∀i ∈ I. So, α is surjec-
tive.
Category proof: For any i ∈ I, hA(σi) : hA(S) → hA(Mi) is a mor-
phism in Ab. We show that hA(S) is a direct product of the Abelian
groups {hA(Mi)}i∈I, with canonical projections hA(σi). This means that
we have to prove that, for any X ∈ Ab and any morphisms
τi : X → hA(Mi) in Ab, i ∈ I, there exists a unique morphism
τ : X → hA(S) in Ab such that τi = hA(σi)◦τ. So, ∀x ∈ X, τi(x) : Mi → A
is a morphism in R-Mod. By the universality property of the direct
sum, ∃! τ(x) : S → A homomorphism such that τi(x) = τ(x)◦σi. We ob-
tain τ : X → HomR(S, A) = hA(S), x & τ(x), which is a morphism in Ab.
Indeed, ∀x, y ∈ X, τ(x) + τ(y) : S → A is an R-homomorphism satisfy-
ing
(τ(x) + τ(y))◦σi = τ(x)◦σi + τ(y)◦σi = τi(x) + τi(y) = τi(x + y).
Since τ(x + y) is the only homomorphism with this property,
τ(x + y) = τ(x) + τ(y). If ϕ : X → hA(S) is a homomorphism with
τi = hA(σi)◦ϕ, then, ∀x ∈ X, ϕ(x) : S → A is a homomorphism with
τi(x) = hA(σi(ϕ(x)) = ϕ(x)◦σi. But τ(x) is unique with this property, so
τ(x) = ϕ(x), ∀x ∈ X, i.e. τ = ϕ. !
Many facts in Algebra have a convenient form in the language of
exact sequences (used intensively Homological Algebra, for instance).
96 II. Modules
3.21 Definition. Consider a (finite or infinite) sequence of

R-modules and module homomorphisms:12
(S): … ⎯ ⎯→ E ⎯ u
⎯→ F⎯ v
⎯→ G⎯ ⎯→ …,
The sequence (S) is called semiexact at F if v◦u = 0. This may be
rephrased as Im u ⊆ Ker v. The sequence (S) is called exact at F if
Im u = Ker v. The sequence (S) is called semiexact (respectively exact)
if it is semiexact (respectively exact) at any term. A semiexact se-
quence of modules is called a complex of modules.
3.22 Remarks. a) Often, the homomorphisms that are uniquely

determined (or clear from the context) are not marked on the arrows.
0
For instance, write 0 → L instead of 0 ⎯⎯→ L , since the only homo-
morphism defined on the module 0 is the zero homomorphism.
b) A sequence of the form 0 → E ⎯ u
⎯→ F is exact if and only if u
is a monomorphism. Indeed, Ker u = 0 ⇔ Ker u = Im 0.
c) A sequence of the form E ⎯ u
⎯→ F → 0 is exact if and only if u
is an epimorphism.
d) The sequence 0 → E ⎯ u
⎯→ F → 0 is exact ⇔ u is an isomor-
phism.
3.23 Examples. a) If ϕ : E → F is a homomorphism, then the

following sequence is exact:
ι ϕ π
0 → Kerϕ ⎯⎯→ E ⎯⎯→ F ⎯⎯→ F Im ϕ → 0
The inclusion homomorphism is denoted by ι and the canonical
surjection by π. The module F/Imϕ is called the cokernel of ϕ and is
denoted by Cokerϕ. Thus, we have an exact sequence:
ι ϕ π
0 → Kerϕ ⎯ ⎯→ E ⎯⎯→ F ⎯⎯→ Cokerϕ → 0 .
b) If A ≤ R B, then the sequence
12
Called in the sequel sequence of modules.
ι π
0 → A⎯
⎯→ B⎯
⎯→ B A→0
is exact.
3.24 Definition. An exact sequence of the form

u v
0 → A⎯ ⎯→ B⎯ ⎯→ C→0
is called a short exact sequence. For such a sequence, A is isomorphic
to the submodule Im u = Ker v of B, and B/Im u = B/Ker v is isomor-
phic to C. This is the reason B is also called an extension of A by C (cf.
Example b) above).
3.25 Example. If A and C are two R-modules, then the sequence

ιA πC
0 → A ⎯⎯→ A ⊕ C ⎯⎯→ C→0
is short exact; ιA : A → A ⊕ C is the canonical injection and
πC : A ⊕ C → C is the canonical projection (recall that
A ⊕ C = A × C). So A ⊕ C is an extension of A by C. The problem of
finding all extensions of A by C is highly nontrivial. It is natural in
this sense to consider the following definition:
3.26 Definition. Let A and C be two modules and consider two

extensions of A by C:
u v
0 → A⎯ ⎯→ B⎯ ⎯→ C →0,
u′ v′
0 → A ⎯⎯→ B′ ⎯⎯→ C → 0 .
We say that the extensions are equivalent if there exists a
homomorphism g : B → B' such that g◦u = u' and v'◦g = v. In other
words, the diagram below is commutative:
u v
0 → A ⎯ ⎯→ B ⎯ ⎯→ C → 0
g
↓ ↓ ↓
u′ v′
0 → A ⎯⎯→ B′ ⎯⎯→ C → 0
(the vertical unmarked homomorphisms are identity homomorphisms).
A homomorphism g that makes the diagram commutative is called a
homomorphism of extensions.
98 II. Modules
3.27 Proposition. In the definition 3.26, g is an isomorphism. In

particular, the relation defined at 3.26 is an equivalence relation on
the class of all extensions of A by C.
Proof.13 Let us show that Ker g = 0. Let b ∈ B with g(b) = 0. Then
v'g(b) = 0 = v(b), so b ∈ Ker v = Im u. Thus there exists a ∈ A with
u(a) = b; we obtain 0 = g(b) = gu(a) = u'(a); since u' is injective, a = 0,
so b = u(a) = 0.
Let b' ∈ B'; then v'(b') ∈ C and the surjectivity of v implies that, for
some b ∈ B, v(b) = v'(b'). Since v'g(b) = v(b), v'(g(b)) = v'(b'), which
means g(b) − b' ∈ Ker v' = Im u'. There exists a ∈ A with
u'(a) = g(b) − b'; since u' = gu, g(b) − b' = u'(a) = gu(a). Thus
b' = g(b − u(a)) ∈ Im g. !
3.28 Definition. Consider two complexes:

E: … → Ei −1 ⎯u⎯→
⎯i −1 ui
Ei ⎯⎯→ Ei +1 → …
F: … → Fi −1 ⎯v⎯
i −1 vi
→ Fi ⎯⎯→ Fi +1 → … ,
A homomorphism of complexes from E to F is a sequence of mod-
ule homomorphisms g := (gi)i∈Z, gi : Ei → Fi, such that gi + 1◦ui = vi◦gi,
∀i ∈ Z. In other words, the following diagram commutes:
… → Ei −1 ⎯u⎯→ ⎯
i −1
Ei ⎯⎯→ui
Ei +1 → …
↓ gi −1 ↓ gi ↓ gi +1
vi −1 vi
… → Fi −1 ⎯⎯→ Fi ⎯⎯→ Fi +1 → …
The homomorphism g is called an isomorphism if gi is an isomor-
−1
phism, ∀i ∈ Z. In this case, (gi )i∈Z is also a homomorphism of com-
plexes. The complexes E and F are called isomorphic if there exists an
isomorphism from E to F.
13
The technique used is called “diagram chasing” and it is used extensively in
arguments involving diagrams of module homomorphisms.
3.29 Examples. a) The exact sequence 0 → A ⎯ u

⎯→ B⎯ v
⎯→ C→0
is isomorphic (in the sense given by the previous definition) to the se-
ι π
quence 0 → Im u ⎯ ⎯→ B ⎯⎯→ B Im u → 0 , where ι is the inclusion
and π the canonical surjection. The homomorphisms that compose this
isomorphism are u0 : A → Im u, u0(a) = u(a), ∀a ∈ A; idB : B → B; in
order to define w : C → B/Im u, observe that the surjective
homomorphism v induces a canonical isomorphism v0 : B/Ker v → C,
v0(b + Ker v) = v(b), ∀b ∈ B (cf. the fundamental isomorphism theo-
−1
rem). Set w = v0 . Checking the commutativity of the diagram is left
to the reader.
b) Any extension of Z2 by Z2 is isomorphic either to Z2⊕Z2 or to
Z4.
The extension “direct sum” of A by C,
ιA πC
0 → A ⎯⎯→ A ⊕ C ⎯⎯→ C → 0,
has the remarkable property that by reversing the arrows we obtain an-
πA ιC
other exact sequence: 0 ← A ←⎯⎯ A ⊕ C ←⎯⎯ C ← 0 . The exten-
sions of A by C that are isomorphic to the extension direct sum A ⊕ C
are characterized in the next proposition:
3.30. Proposition. Let (S): 0 → A ⎯ ⎯→u

B⎯ v
⎯→ C → 0 be a short
exact sequence of modules (i.e., B is an extension of A by C). The
a) B is isomorphic (as an extension of A by C) with
ιA πC
0 → A ⎯⎯→ A ⊕ C ⎯⎯→ C → 0 , the “direct sum” extension, where
ιA, ιC are the canonical injections of the direct sum A ⊕ C and πA, πC
are the canonical projections.
b) Im u = Ker v is a direct summand in B.
c) There exists a homomorphism u' : B → A such that u'◦u = idA.
d) There exists a homomorphism v' : C → B such that v◦v' = idC.
Proof. c)⇒b) and d)⇒b) follow from 3.16.
100 II. Modules
a)⇒c), d) Let ϕ : B → A ⊕ C be an isomorphism such that the dia-

gram
u v
0 → A ⎯ ⎯→ B ⎯⎯→ C → 0
ϕ
↓ ↓ ↓
ιA πC
0 → A ⎯⎯→ A ⊕ C ⎯⎯→ C → 0
commutes. Define u' : B → A, u' = πAϕ. We have
u'u = πAϕ u = πAιA = idA (see Remark 3.14). This proves c). Defining
−1 −1
v' : C → B, v' = ϕ ιC, we have vv' = vϕ ιC = πCιC = idC, so d) holds.
b)⇒a) Let B = Im u ⊕ D; thus, ∀b ∈ B, ∃! a ∈ A and d ∈ D such
that b = u(a) + d. Define then α(b) = a ∈ A. We obtain a module
homomorphism α : B → A. Indeed, if b = u(a) + d, b' = u(a') + d' ∈ B,
with a, a' ∈ A, d, d' ∈ D, then
b + b' = u(a) + d + u(a') + d' = u(a + a') + d + d';
so, α(b + b') = a + a' = α(b) + α(b').
In the same way is shown that α preserves multiplication with sca-
lars. Note that α◦u : A → A is idA.
Consider ϕ : B → A⊕C, ϕ = ιAα + ιCv. We have
ϕu = (ιAα + ιCv)◦u = ιAαu + ιCvu = ιA
πCϕ = πC (ιAα + ιCv) = πCιAα + πCιCv = v.
So, ϕ is a homomorphism (and isomorphism) of extensions. !
3.31 Definition. A short exact sequence

0 → A⎯ u
⎯→ B ⎯ ⎯→ C → 0 is called split (or we say, “the sequence
v
splits”) if it satisfies the equivalent conditions of the previous proposi-

tion.
u
A monomorphism 0 → A ⎯ ⎯→ B is called split if the short exact
sequence 0 → A ⎯ ⎯→ B → B Im u → 0 splits (⇔ Im u is a direct
u
summand in B).
v
An epimorphism B ⎯ ⎯→ C → 0 is called split if the short exact se-
quence 0 → Ker v → B ⎯ ⎯→ C → 0 splits (⇔ Ker v is a direct sum-
v
mand in B).
The behavior with respect to short exact sequences is primordial in

the study of functors defined on categories of modules. The next
proposition says “the functor Hom is left exact”:
3.32 Proposition. Let R M be a module and let

u v
0 → A⎯ ⎯→ B⎯ ⎯→ C→0
be a short exact sequence. Then the following sequence
(u ) (v )
0 → h M ( A) ⎯h⎯⎯ → h M (B ) ⎯h⎯⎯ → h M (C )
M M
is exact in Ab. In particular, if u : A → B is an R-module monomor-

M
phism, then h (u) is an Abelian group monomorphism.
M
Proof. We have to prove that h (u) is monomorphism and
M M M
Im h (u) = Ker h (v). Let ϕ ∈ h (A) (i.e. ϕ : M → A is a homomorph-
M
ism) such that h (u)(ϕ) = u◦ϕ = 0. Since u is monomorphism, ϕ = 0.
M
So, Ker h (u) = 0.
M M M M M M
Since h (v)◦h (u) = h (v◦u) = h (0) = 0, Im h (u) ⊆ Ker h (v). The
M
reverse inclusion also holds: if ψ ∈ h (B) (i.e. ψ : M → B) is in
M
Ker h (v), then v◦ψ = 0, so Imψ ⊆ Ker v = Im u. But u is injective, so
u0 : A → Im u (u0(a) = u(a), ∀a ∈ A) is an isomorphism; let
u' : Im u → A be the inverse of u0. Then u'◦ψ : M → B is well defined
M
and it is a homomorphism. Also, h (u)(u'◦ψ) = u◦u'◦ψ = ψ.
If u is monomorphism, consider the exact sequence:
u
0→ A⎯ ⎯→ B⎯⎯→ B Im u → 0
M M
and write that h is left exact to obtain that h (u) is monomorphism.!
The contravariant functor hM is also left exact. We invite the reader

to prove:
3.33 Proposition. Let R M be an R-module and let

u v
0 → A⎯ ⎯→ B⎯⎯→ C→0
be a short exact sequence. Then the sequence
M (v ) M (u )
0 → hM (C ) ⎯h⎯ ⎯→ hM (B ) ⎯h⎯ ⎯→ hM ( A)
102 II. Modules
is exact in Ab. In particular, if v : B → C is an R-module epimor-

phism, then hM(v) is a monomorphism. !
Exercises
In the exercises, R denotes a fixed ring with identity.

1. Prove that the R-module S is a direct sum of the family of
R-modules (Mi)i∈I, with canonical injections (σi)i∈I, if and only if for
any x ∈ S, there exists a unique family of elements (xi)i∈I, with xi ∈ Mi,
∀i ∈ I, having finite support, such that x = ∑i∈I σi(xi).
2. Let A and B be R-modules. Prove that there exists a (canonical)
isomorphism A⊕B ≅ B⊕A. Generalization.
3. Prove that the R-module P is a direct product of family of
R-modules (Mi)i∈I, with canonical projections (πi)i∈I, if and only if for
any family (xi)i∈I, with xi ∈ Mi, ∀i ∈ I, there exists a unique x ∈ P
such that πi(x) = xi, ∀i ∈ I.
4. Let R be a ring and let I be a left ideal of R. For any module R A, de-
fine the submodule of A:
IA := <{ia | i ∈ I, a ∈ A}>.
a) Prove that IA = {i1a1 + … + inan | n ∈ N, i1, …, in ∈ I, a1, …,
an ∈ A}.
b) If A = ⊕s∈S As (internal direct sum), then IA = ⊕s∈S IAs.
c) If A = ∏s∈S As, then IA ⊆ ∏s∈S IAs (we identify As with its image
in ∏s∈S As; the same applies to IAs). If I is finitely generated, then the
inclusion is in fact an equality. Prove that he inclusion may be strict.
5. Taking the universality property of the direct product as its defini-
tion, prove that the canonical projections are surjective.
6. Find homomorphisms u, v, w such that the following sequence is

exact:
u v w
0 → Z3 ⎯ ⎯→ Z9 ⎯⎯→ Z9 ⎯⎯→ Z3 → 0.
7. Let R be a PID. Prove that the R-module M is cyclic (generated by
one element) ⇔ there exists an exact sequence of the form
0 → R → R → M → 0.
8. Let R be a ring and let M be an R-module. Then any R-epimorphism
ϕ : M → R splits. Is it true that for any ring R and for any R-module
M, any R-monomorphism ψ : R → M splits?
9. Suppose that the following diagram of R-modules commutes and
has exact rows:
u v
A ⎯⎯→ B ⎯⎯→ C
↓α ↓β ↓γ
u′ v′
A′ ⎯⎯→ B′ ⎯⎯→ C ′
Prove, using diagram chasing, that:
a) If α, γ and u' are monomorphisms, then β is monomorphism.
b) If α, γ and v are epimorphisms, then β is an epimorphism.
c) If β is a monomorphism and α, v are epimorphisms, then γ is an
epimorphism.
d) If β is an epimorphism and u', γ are monomorphisms, then α is a
monomorphism.
10. Give an example of an R-module M with a direct summand S in M
that has an infinity of complements.
11. Show that any composition of split monomorphisms
(epimorphisms) is a split monomorphism (epimorphism). Give an
example of monomorphisms u, v such that uv splits, but v does not
split.
104 II. Modules
II.4 Free modules
Many nice properties of the vector spaces are consequences of the

fact that any vector space has a basis. The existence of a basis is not
guaranteed for a module, and this increases considerably the difficulty
in the study of modules in comparison to the vector spaces. It is natu-
ral to define and to study the class of modules that “have a basis”.
In this section, R is a ring with identity and all modules are left
R-modules.
*
4.1. Definition. Let M be an R-module, n ∈ N and let x1, …, xn be
a family of elements of M. We say that the family x1, …, xn is linearly
independent (over R)14 if, for any r1, …, rn ∈ R, r1x1 + … + rnxn = 0
implies r1 = … = rn = 0. In other words, any linear combination of x1,
…, xn is 0 if and only if all its coefficients are 0.
A family of elements in M that is not linearly independent is called
linearly dependent. A relation of the form r1x1 + … + rnxn = 0, with r1,
…, rn ∈ R, not all zero, is called a relation of linear dependence of the
family x1, …, xn.
4.2. Remarks. a) If there exists i ≠ j with xi = xj, then the family x1,
…, xn is linearly dependent: the linear combination xi − xj is 0. Thus,
in studying linear independence we may suppose that x1, …, xn are
distinct. On the other hand, the notion of linear independence does not
depend on the indexing of x1, …, xn. This is the reason we can speak
about a linearly dependent (finite) subset of M.
b) The set {x} (containing a single element x ∈ M ) is linear
independent if and only if ∀r ∈ R, rx = 0 implies r = 0. This suggest
the following definition: the annihilator of x in R is
14
The reference to the ring R is often omitted.
II.4 Free modules 105
AnnR(x) := {r ∈ R | rx = 0} (sometimes denoted by lR(x)). Since

AnnR(x) is exactly the kernel of the R-module homomorphism
ρx : R → M, ρx(r) = rx, ∀r ∈ R, AnnR(x) is a left ideal in R and (by the
isomorphism theorem) the submodule Rx = Imρx is isomorphic as a
left R-module to R/AnnR(x). Summarizing: {x} is linearly independent
⇔ AnnR(x) = 0 ⇔ ρx is an isomorphism from R to Rx.
4.3. Definition. Let X be a subset of R M. We say that X is linearly

independent over R (or free over R) if any finite subset of X is linearly
independent over R in the sense of the remark above. If X is not line-
arly independent, we say that X is linearly dependent over R. Thus, X
is linearly dependent if and only if there exists a finite linearly
dependent subset of X.
4.4. Remarks. a) The empty subset of M is linearly independent.

b) Let {xi}i∈I be a family of elements of the R-module M.
The family {xi}i∈I is linearly independent if and only if, for any fam-
ily {ri}i∈I of elements of R, with finite support, ∑i∈I rixi = 0 implies
ri = 0, ∀i ∈ I.
It follows that the sum of the family of submodules {Rxi}i∈I is di-
rect (see 3.11). In fact, {xi}i∈I is linearly independent if and only if the
sum of the family of submodules {Rxi}i∈I is direct and
AnnR(xi) = 0,∀i ∈ I (prove this!).
c) Every subset of an linearly independent set is linearly independ-
ent.
4.5. Examples. a) The set {1}, containing only the unity of the ring
R (seen as a left R-module) is linearly independent. More generally,
∀r ∈ R, {r} is linearly dependent ⇔ r is a right zero divisor in R
(∃s ∈ R, s ≠ 0, such that sr = 0).
106 II. Modules
b) The Z-module Z3 has no Z-linearly independent subsets: for any

x ∈ Z3, 3x = 0̂ . Can you generalize this? Of course, the set { 1̂ } is
linearly independent over Z3, as seen at example a).
n
c) If R is a domain, in the R-module R[X] the set {X | n ∈ N} is
linearly independent. This amounts to saying that a polynomial a0 +
n
a1X + … + an X (a0, a1, …, an ∈ R) is 0 if and only if a0 = … = an = 0.
More generally, if {fn | n ∈ N} is a family of polynomials such that
deg fn ≠ deg fm if m ≠ n, then the family {fn | n ∈ N} is linearly
independent.
4.6. Definition. A subset B of an R-module M is called a basis of M

if it is simultaneously linearly independent and a system of generators
for M. The module M is called a free module if it has a basis.
4.7 Proposition. Let M be an R-module and let B be a subset of M.

Then: B is a basis of M if and only if any x ∈ M is written uniquely as
a linear combination of elements of B.
Proof. Let B = {ei}i∈I be a basis of R M and let x ∈ M. Since B
generates M, there exists a family {ri}i∈I of elements in R with finite
support, such that x = ∑i∈I riei. If {si}i∈I is another family of elements
in R, with x = ∑i∈I siei, then ∑i∈I (si − ri)ei = 0. The linear independ-
ence of B implies si = ri, ∀i ∈ I.
Conversely, if any element in M is written uniquely as a linear
combination of elements of B, then B is a system of generators of M.
Writing the fact that 0 has a unique writing as a linear combination of
elements of B, we obtain that B is linearly independent. !
With the notations above, for x ∈ M, the elements {ri}i∈I in R with
x = ∑i∈I riei are called the coordinates of x in the basis B = {ei}i∈I.
4.8. Examples. a) {∅} is a basis (the only one!) of the module {0}.
b) {1} is a basis of R R. More generally, {r} is a basis of R R if and
only if r is right invertible in R.
(I)
c) If I is a set, the R-module R (the direct sum of | I | copies of R,
(I)
with canonical injections σi : R → R ) is free, a basis being {ei}i∈I,
(I) (I)
where ei = σi(1). This basis is called the canonical basis of R ; R is
also called the free R-module on the set I (or the free R-module of ba-
n
sis I ). If I = {1, …, n}, the canonical basis of the free R-module R
are e1 = (1, 0,…, 0), e2 = (0, 1,…, 0), …, en = (0, 0,…, 1).
A module homomorphism is determined by its values on a generat-
ing set. But, for an arbitrary generating set, there may be no
homomorphism that takes prescribed values on the elements of the
generating set. In the privileged case of free modules, for any choice
of the values on the elements of a basis, a unique homomorphism
takes the respective values on the elements of the basis:
4.9 Proposition. (The universality property of the free module of

basis B) Let L be a free R-module of basis B and let i : B → L be the
inclusion map. The pair (L, i) has the following universality property:
For any pair (M, u), where M is an R-module and u : B → M is a
map, there exists a unique homomorphism v : L → M with v◦i = u.
If B = (ei)i∈I, this can be formulated:
For any module M and any family (yi)i∈I of elements of M, there ex-
ists a unique homomorphism v : L → M such that v(ei) = yi, ∀i ∈ I.
Moreover, we have:
a) v is injective ⇔ u(B) is linearly independent.
b) v is surjective ⇔ u(B) is a system of generators for M.
c) v is an isomorphism ⇔ u(B) is a basis.
Proof. Uniqueness claim: suppose v, w ∈ HomR(L, M) satisfy
v(ei) = yi = w(ei), ∀i ∈ I. Let x ∈ L; since (ei)i∈I is a basis, there exists a
unique family (ri)i∈I of elements in R such that x = ∑i∈I riei. We have
v{∑i∈I riei} = ∑i∈I riv(ei) = ∑i∈I riyi. The same thing is obtained for w.
For the existence claim, we have to prove that
108 II. Modules
v(x) := ∑i∈I riyi, for any x = ∑i∈I riei with (ri)i∈I family of elements in
R, having a finite support,
defines a module homomorphism. Since, for any x ∈ L there exists a
unique family (ri)i∈I of elements in R such that x = ∑i∈I riei, v is well
defined. Let x = ∑i∈I riei and y = ∑i∈I siei be elements in L, with (ri)i∈I,
(si)i∈I families of elements in R. For any a, b ∈ R, we have:
v(ax + by) =
v{∑i∈I ariei + ∑i∈I bsiei} = v{∑i∈I (ari + bsi)ei} = ∑i∈I (ari + bsi)yi =
= ∑i∈I ariyi + ∑i∈I bsiyi = av(x) + bv(y).
(I)
We prove a): Ker v = {∑i∈I riei | (ri)i∈I ∈ R , ∑i∈I riyi = 0}. It is
clear that Ker v = 0 ⇔ (yi)i∈I is linearly independent.
The rest of the proof is left to the reader. !
(I)
The R-modules of the type R are “all” free R-modules:
4.10 Proposition. Let L be a free R-module and let (xi)i∈I be a basis

(I)
of L. Then R L ≅ R R .
(I)
Proof. Let (ei)i∈I be the canonical basis in R . By the result above,
(I)
there exists a unique homomorphism u : L → R with u(xi) := ei,
(I)
∀i ∈ I. Since Im u includes {ei}i∈I, which generates R , it follows
that u is surjective. If x = ∑i∈I rixi ∈ Ker u (with (ri)i∈I family of ele-
ments in R), then 0 = u(x) = ∑i∈I riei. Since {ei}i∈I is a basis, ri = 0,
∀i ∈ I, so x = 0. !
A direct sum of free modules is also free:
4.11 Proposition. Let (Mi)i∈I be a family of free R-modules. Then

the (external) direct sum ⊕i∈I Mi is a free R-module.
Proof. Let M := ⊕i∈I Mi. For any j ∈ I, let σj : Mj → M be the
canonical injection and let Bj be a basis of Mj. We show that
B := ∪i∈I σi(Bi) is a basis of M. By 3.10, M is the (internal) direct sum
of the family of submodules (Im σi)i∈I. Since σi(Bi) generates Im σi,

∀i ∈ I, ∪i∈I σi(Bi) generates M. The linear independence of B is easy
to show (only the notations are complicated): let Bi = (eit)t∈Ti the basis
in Mi and let yit = σi(eit). If {rit | i ∈ I, t ∈ Ti} is a finite support family
of elements of R, with ∑i∈I∑t∈Ti rityit = 0, then
∑t∈Tk rktykt = −∑i∈I \{k}∑t∈Ti rityit, ∀k ∈ I. But Mk ∩{∑i∈I \{k} Mi} = 0, so
∑t∈Tk rktykt = 0. But (ykt)t∈Tk is a basis in Mk, so rkt = 0, ∀k ∈ I, ∀t ∈ Tk.!
4.12 Proposition. Every module is (isomorphic to) a factor module

of a free module. More precisely, if M is an R-module and S is a sys-
tem of generators of M, then there exists an epimorphism ϕ :
( S) (S)
R → M. Hence M ≅ R /Kerϕ.
(S) (S)
Proof. Let (es)s∈S be the canonical basis in R . Define ϕ : R → M
by ϕ(es) = s, ∀s ∈ S (see 4.9). Since the submodule Imϕ includes S,
and S generates M, we obtain Imϕ = M. !
This simple fact is very important: if one knows the structure of the
submodules and of the factor modules of free modules, the structure of
an arbitrary module is known. This method will be used to study the
structure of finitely generated modules over a PID. Here is another
application of this principle:
4.13 Example. If M is an R-module, then there exists an exact se-

quence:
… → Ln+1 → Ln → … → L1 → L0 → M → 0,
where Ln is free, ∀n ∈ N. Such a sequence is called a free resolution
of M. For the proof, let L0 be free and let u0 : L0 → M be an epimor-
phism (as given by the Proposition above). Then we have an exact se-
i u0
quence: 0 → Ker u0 ⎯ ⎯→ L0 ⎯⎯→ M → 0 . Apply again the proposi-
tion for Ker u0 and obtain a free module L1 and an epimorphism
u1 : L1 → Ker u0. We have now the exact sequence
110 II. Modules
)u1
0 → Ker u1 → L1 ⎯i⎯ u0
→ L0 ⎯⎯→ M →0
since Ker u0 = Im i◦u1. One continues by induction on n such that ex-
ists an exact sequence of the form:
0 → Kn → Ln → … → L1 → L0 → M → 0,
with Li free, 1 ≤ i ≤ n.
In a vector space, any two bases have the same cardinal. In the case
of a free module over an arbitrary ring, this fact is not guaranteed.
Nevertheless, the free modules over a commutative ring have this
property; in fact, the proof of this result reduces the problem to the
case of vector spaces.
4.14 Proposition. Let R be a commutative ring and let M be a free

R-module. Then any two bases of M have the same cardinal.
Proof. Let us try to connect the R-module M to a vector space over
a field. Recall that, if I is a maximal ideal in R, then R/I is a field.
A maximal ideal I of R exists (see 1.20). Then R/I is a field (see
Appendix, Prime and maximal ideals). The module M has no natural
structure of R/I-vector space: the natural “multiplication” given by
(r + I)x = rx, for r ∈ R, x ∈ M, is not well defined unless ix = 0, ∀i ∈ I.
This is the reason we need to “kill off” the elements x of M for which
ix ≠ 0 for some i ∈ I, as follows:
Let IM := {a1x1 + … + anxn | n ∈ N, ai ∈ I, xi ∈ M, ∀i = 1, …, n}. A
straightforward check shows that IM is an R-submodule of M and that
the factor module M/IM is also an R/I-module (i.e. an R/I-vector
space!) with respect to the external operation:
(r + I)(x + IM) := rx + IM, ∀r ∈ R, ∀x ∈ M.
Let π : M → M/IM be the canonical surjection, π(x) = x + IM,
∀x ∈ M. We prove that: if (eα)α ∈ A is a basis of R M, then (π(eα))α ∈ A is
a basis in the R/I-vector space M/IM.
Indeed, (π(eα))α ∈ A generates the R-module M/IM, since π is surjec-

tive and (eα)α ∈ A generates M. It easily seen that it is also generates
M/IM as an R/I-module.
Let us show that (π(eα))α ∈ A is R/I-linear independent. Let
(rα + I)α ∈ A be a family of elements of R/I (where rα ∈ R, ∀α ∈ A), of
finite support, such that
∑α∈A (rα + I)π(eα ) = 0 + IM.
This means: ∑α∈A rα eα ∈ IM. Note that, for any x ∈ IM, x = a1x1 +
… + amxm ∈ IM, for some ai ∈ I, xi ∈ M, ∀i = 1, …, m. Writing every
xi as a linear combination of (eα)α ∈ A, it follows that x is of the form
∑α∈A bα eα , where bα ∈ I, ∀α ∈ A (since ai ∈ I and I is an ideal).
Thus,
∑α∈A rα eα = ∑α∈A bα eα
But (eα)α ∈ A is a basis, so rα = bα ∈ I, ∀α ∈ A. Thus, rα + I = bα + I
= 0 + I, ∀α ∈ A.
Now, taking two bases (eα)α ∈ A and (vβ)β ∈ B of R M, we obtain that
(π(eα))α ∈ A and (π(vβ))β ∈ B are bases in the R/I-vector space M/IM.
Since two bases of a vector space have the same cardinal, we obtain
|A| = |B|. !
4.15 Definition. Let R be a commutative ring and let L be a free

R-module. The cardinal of a basis of R L is called the rank of L, de-
noted rankR L (or, simply, rank L). The previous result ensures that the
definition is independent of a choice of the basis in R L. If R is a field,
the rank of a vector space is the same as its dimension.
We study now the homomorphisms between free modules of finite
rank. The idea is to mimic the vector space situation: for two fixed
bases in the modules, we associate a matrix to a homomorphism. In
this manner, the operations with (and the properties of) module
homomorphisms translate in matrix language (and conversely). We
112 II. Modules
suppose that the ring R is commutative, although some results hold for
any ring with identity.
4.16 Definition. Let E and F be free R-modules and let ϕ : E → F

be a homomorphism. Fix e = (e1, …, em) an ordered basis in E and f
= (f1, …, fn) an ordered basis15 in F. For any i ∈ {1, …, m}, there exist
and are unique aij ∈ R, ( j ∈ {1, …, n}) such that
ϕ(ei) = ai1 f1 + … + ain fn.
The matrix (aij)1≤i≤m, 1≤j≤n ∈ Mm, n(R) is denoted by Me, f(ϕ) and it is
called the matrix of the homomorphism ϕ (in the pair of bases (e, f)).
In other words, the i-th row of Me, f(ϕ) is made up of the coordinates
ai1, …, ain of ϕ(ei) in the basis f. If E = F, one usually takes e = f and
Me, f(ϕ) is denoted simply Me(ϕ). The importance of ordering the bases
is quite clear now: a permutation of the basis (e1, …, em) leads to an-
other matrix of ϕ, whose rows are a permutation of the rows of the ini-
tial matrix.
4.17 Remark. This is the “algebraic” convention of writing the ma-

trix Me, f(ϕ). Of course, one can agree to the “geometric convention”:
write the coordinates of ϕ(ei) in the basis f on the i-th column (which
t
means considering the transpose matrix Me,f(ϕ)). Choosing this rule
t
leads to changing property b) in the next sentence into: Me, f(ψ ◦ϕ ) =
t t
Mf, g(ψ )· Me, f(ϕ ).
4.18 Proposition. a) The mapping:

Me, f : HomR(E, F) → Mm, n(R),
ϕ & Me, f(ϕ)
is an R-module isomorphism.
15
We consider the bases as being totally ordered (the place of the element in the
basis matters).
b) If G is a free R-module, g = (g1,…, gp) is a basis in G, and

ψ:F→G is an R-module homomorphism, then
Me, g(ψ ◦ϕ) = Me, f(ϕ)·Mf, g(ψ).
c) The mapping Me : EndR(E) → Mm(R) is an R-algebra anti-
op
isomorphism (i.e. Me : EndR(E) → Mm(R) is an R-algebra isomor-
phism).
Proof. a) Let η : E → F be another homomorphism and let
(bij)1≤i≤m, 1≤j≤n = Me, f(η). Then
(ϕ +η)(ei) = ϕ(ei) +η(ei) = ∑j aij fj + ∑j bij fj = ∑j (aij + bij) fj
So, Me, f(ϕ +η) = (aij + bij)1≤j≤n, 1≤i≤m = Me, f(ϕ) + Me, f(η), so Me, f is
an Abelian group homomorphism. If Me, f(ϕ) = 0 (the matrix
0 ∈ Mm, n(R)), then ϕ(ei) = 0, 1≤ i ≤ m. Since (ei)1≤i≤m is a basis in E,
ϕ = 0; this shows that Me, f is injective. For the surjectivity, let
A = (aij) ∈ Mm, n(R). The universality property of the free module
yields a unique homomorphism ϕ ∈ HomR(E, F) such that ϕ(ei) =
ai1 f1 + … + ain fn, i.e. Me, f(ϕ) = A. If r ∈ R and ϕ ∈ HomR(E, F), a sim-
ple computation shows that Me, f(rϕ) = rMe, f(ϕ).
b) Let Mf, g(ψ) = (bjk)1≤j≤n, 1≤k≤p. We have
(ψ ◦ϕ)(ei) = ψ{ ∑j aij fj } = ∑j aijψ( fj ) = ∑j aij∑k bjk gk = ∑k { ∑j aijbjk} gk.
So, Me, g(ψ ◦ϕ) = Me, f(ϕ)·Mf, g(ψ).
c) The statement follows from a) and b): a) implies that Me is an
R-module homomorphism and b) implies that
op
Me : EndR(E) → Mm(R) is a ring homomorphism. !
In the setting above, if e = (e1,…, en) and f = (f1,…, fn) are ordered
bases of the free module E, then every element of the basis f is written
uniquely as a linear combination of ei's:
n
f i = ∑ sij e j , sij ∈ R
j =1
We obtain the basis change matrix Te, f = (sij) ∈ Mn(R). If g is an-

other basis in E, then a straightforward computation yields:
Te, g = Tf, g·Te, f
114 II. Modules
In particular, In = Te, e = Te, f ·Tf, e, i.e. the basis change matrix is

invertible in Mn(R). When is a matrix in Mn(R) invertible?
If A ∈ Mn(R), the adjoint matrix of A is A* (the entry (i, j) of A* is
i+j
(−1) det(Aji), where Aji is the matrix in Mn−1(R) obtained by suppress-
ing the row j and the column i of the matrix A). Then
A·A* = A*·A = det(A)·In. This shows that, if det(A) ∈ U(R), then A is
−1 −1
invertible in Mn(R) and A = (det A) A*. Conversely, if A is invert-
−1 −1
ible, A·A = In implies (taking determinants) that det(A·A ) =
−1
det(A)det(A ) = 1, so det(A) ∈ U(R). Thus, we have:
4.19 Proposition. Let R be a commutative ring and let n ∈ N*.

a) A matrix S ∈ Mn(R) is invertible in Mn(R) if and only if det(S) is
invertible in R.
b) Let E be a free R-module of rank n and let e = {e1,…, en}, f, g be
bases in E. Then:
Te, g = Tf, g·Te, f
In particular, any basis change matrix Te, f is invertible. Con-
n
versely, if S = (sij) is invertible in Mn(R) and f i = ∑ sij e j , 1 ≤ i ≤ n,
j =1
then {f1,…, fn} is a basis in E. !

The facts not already proven in the proposition above have proofs
that can be taken word for word from the case of the vector spaces.
The multiplicative group of the n×n invertible matrices with entries
in R, U(Mn(R)) = {S ∈ Mn(R) | ∃T ∈ Mn(R) such that
ST = TS = I} = {S ∈ Mn(R) | det S ∈ U(R)} is also denoted GL(n, R) or
GLn(R) and is called the linear general group of degree n over R.
The following formalism is useful in many situations involving
vectors and matrices. Let R be a commutative ring and let E be an
R-module. If m, n, p are positive integers, let Mn, p(E) denote the set of
n×p matrices with entries in E. It is evident that Mn, p(E) is an Abelian
group with respect to usual matrix addition. For any

A = (aij) ∈ Mm, n(R) and any X = (xjk) ∈ Mn, p(E), define the product
AX ∈ Mm, p(E) by
n
AX = (yik) ∈ Mm, p(E), yik = ∑ aij x jk , ∀i ∈ {1, …, m}, ∀k ∈ {1, …, p},
j =1
Of course, aijxjk is the product given by the R-module structure of

E.
We obtain an “external operation”
· : Mm, n(R)×Mn, p(E) → Mm, p(E),
with the following properties (the proof of which is straightforward):
(A + B)X = AX + BX, A(X + Y) = AX + AY, ∀ A, B ∈ Mm, n(R), ∀ X,
Y ∈ Mn, p(E).
*
Moreover, if q ∈ N , then for any A ∈ Mq, m(R), B ∈ Mm, n(R),
X ∈ Mn, p(E) we have:
(AB)X = A(BX).
If I is the identity matrix in Mn(R), then IX = X, ∀X ∈ Mn, p(E).
Thus, Mn, p(E) is a left module over the ring Mn(R).
As an application, let us see how the matrix of a homomorphism of
free modules changes when we change bases in the modules.
4.20 Proposition. Let E and F be free R-modules, rank E = n,

rank F = m and let e = (e1,…, en), e' = (e'1,…, e'n) be bases in E,
f = { f1,…, fm}, f' = ( f1′,… f m′ ) bases in F. Let S = (sij) ∈ Mn(R) be the
basis change matrix from e to e' and let T = (tij) ∈ Mm(R) be the basis
change matrix from f to f'. If ϕ : E → F is a homomorphism, then:
−1
Me, f(ϕ) = S·Me', f'(ϕ)·T .
Proof. Let Me, f(ϕ) = A = (aij) ∈ Mn, m(R), i.e.:
ϕ(ei) = ∑j aij fj, ∀i ∈ {1, …, n}.
t
We view e = (e1, …, en) as a column matrix, e ∈ Mn, 1(E) and, simi-
larly, f ∈ Mm, 1(F). The relations above can be written as
ϕ(e) = A·f,
116 II. Modules
t
where ϕ(e) = (ϕ(e1), …, ϕ(en)). In the same way, if B = Me', f'(ϕ), then
−1
ϕ(e') = B·f'. Also we have e' = S·e and f' = T·f, or f = T ·f'. Since ϕ is
an R-module homomorphism, we have ϕ(S·e) = S·ϕ(e) (prove this!).
Thus:
−1 −1
ϕ(e') = ϕ(S·e) = S·ϕ(e) = S·(A·f) = (SA)·f = (SA)·(T ·f') = (SAT )·f',
−1
which says that the matrix of ϕ in the bases e' and f' is SAT . !
Exercises
1. Let R be a ring and let L be a free R-module. Then any

R-epimorphism ϕ : M → L splits. In particular, if K is a field, any
short exact sequence of K-linear spaces 0 → U → V → W → 0, is
split.
2. a) Let R be a domain and g1, …, gn ∈ R[X], with deg gi ≠ deg gj if
i ≠ j. Then g1, …, gn are linearly independent in the R-module R[X].
b) Let K be a field of characteristic 0 (i.e. n·1 ≠ 0, ∀n ∈ N*, where
2
1 is the identity of K) and let a ∈ K. Then {1, X − a, (X − a) , …,
n
(X − a) , …} is a basis in the K-vector space K[X]. If p ∈ K[X], com-
pute the coordinates of p in this basis. (Hint. Recall the Taylor series
expansion, applied to polynomials.)
3. Prove that in the Z-module Q any subset having at least two ele-
ments is linearly dependent and that Z À ZQ. Deduce that ZQ is not
free.
4. Let G be a finite Abelian group. Can G be a free Z-module?
5. Characterize the ideals I of the commutative ring R that are free
R-modules.
6. If M is a free R-module of basis B, express |M| as a function of |R|

and |B|.
7. Let M be an R-module with the following property:
There exists a subset B of M such that, for any R N and any function
ϕ : B → N, there exists a unique R-homomorphism ψ : M → N with
ψ|B = ϕ.
Then M is free and B is a basis of M. (the converse of Prop. 4.9).
8. Let R be a commutative ring and let I, J be ideals in R. Consider the
statements:
(i) I ≅ J (as R-modules).
(ii) R/I ≅ R/J (as R-modules).
(iii) R/I ≅ R/J (as rings).
Which are the valid implications between the above statements?
9. Let W be a finite dimensional K-vector space and let U, V ≤ KW.
a) Show that dim(W/U) = dim W − dim U.
b) Using the isomorphism theorems, prove that
dim(U + V) = dim U + dim V − dim(U ∩ V).
10. Is it true that any submodule (resp. factor module) of a free module
is still a free module?
III. Finitely generated modules over principal
ideal domains
In the case of finitely generated modules over PID's very precise

structure theorems are available. Applying these theorems for Z, a
complete description of finitely generated Abelian groups is obtained.
Another important application is to the problem of invariant subspaces
of an endomorphism of a finitely dimensional vector space: we obtain
the existence of a basis in which the given endomorphism has a “sim-
ple” matrix (the Jordan canonical form).
III.1 The submodules of a free module
Any module is a factor module of a free module. In order to build a

factor module we need a submodule. It is therefore natural to study
first the submodules of a free module. Recall that, if R is commuta-
tive, any free R-module E has the property that any two bases have the
same cardinal (called the rank of E).
In this section, unless otherwise specified, R denotes a principal
ideal domain.
118
III.1 The submodules of a free module 119
1.1 Theorem. Let E be a free R-module of rank n and let F be a

submodule of E. Then F is free and rank F ≤ n.
Proof. Evidently, we may suppose F ≠ 0.
We use an argument by induction on n. If n = 1 let {e} be a basis of
E. Then E = Re ≅ R. In this case, the statement of the theorem be-
comes: any submodule ( = ideal) of R is free, of rank ≤ 1. Since R is a
PID, this is true : any nonzero ideal of R is of the form Ra, with a ∈ R;
so {a} is a basis of Ra.
Suppose that, for any free R-module H of rank n − 1, any submod-
ule of H is free, of rank ≤ n − 1. Take R E, free of rank n, {e1,…, en} a
basis in E and F ≤ R E. Let L := Re2 + … + Ren and G := F ∩ L. Then L
is free, of basis {e2,…, en}, so its rank is n − 1, and G = F ∩ L ≤ L. By
induction, G is free of rank m ≤ n − 1. If G = F, we are done. If not,
note that F + L ≤ R E, so
F = F ≅ F+L ≤ E
G L∩F L L
Accordingly, 0 ≠ F/G is isomorphic to a submodule of E/L. But
E/L is free, of basis {e1 + L} (easy check) and thus F/G is free of rank
1 (by the case n = 1, already proven). Let {f1,…, fm} be a basis in G
and {f0 + G} a basis in F/G. We claim that B = {f0, f1,…, fm} is a basis
in F.
Indeed, if a0, a1,…, am ∈ R, with a0 f0 + a1 f1 + … + am fm = 0, then
a0 f0 + G = 0 + G (since a1 f1 + … + am fm ∈ G); but {f0 + G} is a basis
in F/G, so a0 = 0. We get a1 f1 + … + am fm = 0, which implies
f1 = … = fm = 0 ({f1,…, fm} being a basis in G). Therefore, B is linearly
independent.
Let us show that it is a generating system. Let x ∈ F. Then
x + G ∈ F/G, so there is some a0 ∈ R such that x + G = a0 f0 + G. This
means that x − a0 f0 ∈ G, so x − a0 f0 = a1 f1 + … + am fm, for some
ai ∈ R. Thus, x = a0 f0 + a1 f1 + … + am fm. !
120 III. Finitely generated modules over principal ideal domains
Let R E and F ≤ R E, as above. If {e1,…, en} is a basis of E and

{f1,…, fm} is a basis of F, any fi is written uniquely as a linear
combination of {e1,…, en}:
fi = ∑j aijej, with aij ∈ R.
We obtain a matrix A = (aij) ∈ Mm, n(R). Can we choose the bases in
E and F such that A has a simple (e.g., diagonal) form?1. The next
theorem says the answer is Yes.
1.2 Theorem. Let R be a principal ideal domain, E a free

R-module of rank n and F a submodule of E. Then there exists a basis
e = (e1,…, en) in E and a basis f = ( f1,…, fm) in F, such that m ≤ n,
fi = diei, ∀i ∈ {1,…, m}, where d1,…, dm ∈ R and d1|d2|…|dm.
(Beginning of) Proof. For any basis e' = (e'1,…, e'n) in E and any
basis f' = ( f1′,… f m′ ) in F, there exists a unique matrix
A = (aij) ∈ Mm, n(R) such that f 'i = ∑j aije'j, ∀i ∈ {1, …, m}. If we see e'
as a column matrix, e' ∈ Mn, 1(E), (see the discussion preceding 4.20)
and f' as a matrix in Mm, 1(R), then these relation are written shortly:
f' = Ae'.
Suppose the problem is solved: we have two bases e = (e1,…, en)
and f = { f1,…, fm} as in the statement of the theorem. Then the unique
matrix D = (dij) ∈ Mm, n(R) with f = De has the properties : dij = 0 if
i ≠ j and d11|d22|…|dmm. Let V ∈ GLn(R) the basis change matrix from
basis e to basis e' and U ∈ GLm(R) the basis change matrix from basis
f to basis f'. Thus, e' = Ve and f' = Uf. Replacing in f' = Ae', we have
Uf = A(Ve) = (AV)e; so
−1
f = U (AV)e.
−1
Comparing with f = De, we obtain D = U AV.
We see that the existence of the bases e and f with the desired prop-
erty is equivalent to the following: given A ∈ Mm, n(R), there exist
1
What about the case of vector spaces?
−1
invertible matrices U and V such that U AV = D = (dij) ∈ Mm, n(R) is a
diagonal matrix (i ≠ j implies dij = 0), with the additional condition
d11|d22|…|dmm.
We reduced the statement to a problem concerning matrices with
elements in R. The following definitions are helpful:
1.3 Definitions. Let m, n ∈ N*.

a) A matrix D = (dij) ∈ Mm, n(R) is called a diagonal matrix if its en-
tries not situated on the main diagonal are zero: i ≠ j implies dij = 0. If
r = min(m,n) and d1,… , dr ∈ R,
⎡d1 … 0 0⎤
diag(d1,… , dr) := ⎢ ! * ! ! ⎥
⎢ ⎥
⎢⎣ 0 … d r 0⎥⎦
denotes the diagonal matrix (dij) ∈ Mm, n(R) with dii = di, ∀i ∈ {1, …,
r}.
b) We call a diagonal matrix D = diag(d1,… , dr) ∈ Mm, n(R) (where
r = min(m,n)) canonically diagonal (or in Smith normal form) if
d1|d2|…|dr.
c) The matrices A, B ∈ Mm, n(R) are called arithmetically equivalent
(denoted A ∼ B) if there exist invertible matrices U ∈ Mm(R) and
V ∈ Mn(R) such that B = UAV. This is an equivalence relation on
Mm, n(R) (exercise!).
We finish the proof of theorem 1.2 by proving the next theorem,
which is interesting on its own: the proof is in fact an algorithm used
to compute the Smith normal form of a matrix.
1.4 Theorem. Let R be a PID and let m, n ∈ N*. Then any matrix
A ∈ Mm, n(R) is arithmetically equivalent to a matrix in Smith normal
form. Moreover, the Smith normal form of A is unique in the following
sense: if D = diag(d1,…, dr) and D' = diag(d'1,…, d'r) are in Smith nor-
mal form and are arithmetically equivalent, then d1 ∼ d'1,…, dr ∼ d'r

(" ∼ " means here “associated in divisibility”).
If D is in Smith normal form and is arithmetically equivalent to A,
D is called the Smith normal form of A; it is uniquely determined up to
an association in divisibility of the entries on the diagonal.
Before proving the theorem, let us review the transformations that
can be performed on the matrix A, such that the resulting matrix is
arithmetically equivalent to A. We shall see that these are the
transformations that arise when computing determinants: swapping
rows (or columns), addition to a row (column) of another row
(column) multiplied by some element.
1.5 Definitions. Let m ∈ N* and let I be the identity matrix of the

ring Mm(R). An elementary matrix is a square matrix in Mm(R) which
is of one of the following types:
- Type I : Tij(a), where a ∈ R, i, j ∈ {1, …, m}, i ≠ j. Tij(a) is ob-
tained from I by adding to the row i the row j multiplied by a.
i j
1 ! ! 0
* ! !
i + + 1 + a
Tij(a) = ! * !
j + + 0 + 1
*
0 1
- Type II : Pij, where i, j ∈ {1, …, m}, i ≠ j. Pij is the matrix ob-
tained from I by swapping row i with row j.
- Type III : Di(u), where i ∈ {1, …, m} and u ∈ U(R). Di(u) is the
matrix obtained from I by multiplying row i by u.
i j i
1 ! ! 0 1 0 ! 0
* ! ! 0 1 ! 0
i ++ 0 + 1 * !
Di(u) =
Pij = ! * ! i +++ u
j ++ 1 + 0 *
* 0 0 + 0 1
0 1
If A ∈ Mm, n(R), and Tij(a), Pij, Di(u) are elementary matrices

in Mm(R) as above, a direct calculation shows that:
- Tij(a)A is obtained from A by adding to the row i the row j
multiplied by a.
- Pij A is obtained from A by swapping the row i with the row j.
- Di(u)A is obtained from A by multiplying the row i by u.
The transformations described above are called elementary
transformations of the rows of A (of type I, II, respectively III). If we
take elementary matrices in Mn(R) and multiply A on the right with
these matrices, we obtain the elementary transformations of the col-
umns of A:
- Type I: ATij(a) is obtained from A by adding to the column i
the column j multiplied by a.
- Type II: APij is obtained from A by swapping the column i
with the column j.
- Type III: ADi(u) is obtained from A by multiplying the column
i by u.
All elementary matrices are invertible. This follows from the
following relations, easy to prove:
Tij(a)Tij(b) = Tij(a + b), ∀a, b ∈ R; so Tij(a)Tij(−a) = Tij(0) = I.
PijPij = I;
−1
Dij(u)Dij(v) = Dij(uv), ∀u, v ∈ U(R); so Dij(u)Dij(u ) = Dij(1) = I.
In other words, the inverse of an elementary matrix exists and is
also an elementary matrix (of the same type).
Looking at the definition of the relation of arithmetic equivalence
between matrices, we obtain:
1.6 Proposition. For any A ∈ Mm, n(R), any matrix obtained from A
by elementary transformations of rows and/or columns is arithmeti-
cally equivalent to A. !
We also need:
1.7 Definition. a) Let R be an UFD and a ∈ R, a ≠ 0. Define the

number l(a), called the length of a, as follows: if a is a unit, set
l(a) = 0; if a is nonzero and not a unit, l(a) is the number of prime fac-
tors (not necessarily distinct) of a decomposition of a in prime factors.
For example, in Z, l(1) = 0; l(8) = 3; l(24) = 4. By convention,
l(0) = −∞.
b) If A = (aij) ∈ Mm, n(R), define the length of A:
l(A) := min{l(aij) | i ∈ {1, …, m}, j ∈ {1, …, n}}.
We can finally prove theorem 1.4:
The proof is by induction on m. More precisely, we prove that P(m)
holds for any m, where:
P(m): For any matrix A ∈ Mm, n(R), there exists d1 ∈ R and a matrix
A' ∈ Mm−1, n−1(R) such that d1 divides all the entries of A' and
A is arithmetically equivalent to the matrix (written in block
⎡ d1 01, n −1 ⎤
form): ⎢ ⎥ , where the subscripts indicate the
⎣0m −1,1 Am′ −1, n −1 ⎦
dimensions of the matrix.
We prove P(m) by induction on l(A).
If A = 0 (l(A) = −∞), A is in Smith normal form.

Case 1. A has an entry that is a unit (⇔ l(A) = 0).
Let aij be a unit. Swap the rows i and 1, then swap the columns j
and 1. The matrix obtained is arithmetically equivalent to A, with aij in
the position (1,1). To simplify notations, we may suppose thus from
the beginning that a11 is invertible. We now obtain a matrix that has 0
on the column 1 (except for a11): for each i, 2 ≤ i ≤ m, add to the row i
−1
the row 1 multiplied by (−a11 ai1) (which amounts to multiply A on
−1
the left with Ti1(−a11 ai1)). Similarly, we make 0's on the first row and
obtain a matrix of the form:
⎡a 0⎤
B = ⎢ 11 ⎥
⎣ 0 A'⎦
with B ∼ A. The condition that a11 divides all entries of A' is fulfilled
(a11 is invertible!).
Case 2. l(A) ≥ 1.
Let aij be the entry of A for which l(aij) = l(A). As in case 1, we may
suppose (swapping some rows and/or some columns) that l(a11) = l(A).
Subcase 2.1. a11 divides all the entries of A.
This case is essentially Case 1. Indeed, since a11|ai1, ∃ bi ∈ R with
ai1 = a11bi. For 2 ≤ i ≤ m, add to the row i the row 1 multiplied by
(−bi); the matrix obtained has 0 on the first column, except a11.
Clearly, a11 divides the entries of the new matrix (these entries are lin-
ear combinations of the entries of A). In the same way we can annihi-
late the entries of the first row. Thus, A is arithmetically equivalent to
a matrix of the form B, as in case 1.
Subcase 2.2. a11 does not divide all the entries of A.
In this case we prove that A is arithmetically equivalent to a matrix
C ∈ Mm, n(R) with l(C) < l(A), which finishes the proof of P(m) by
induction on l(A).
We may suppose that a11 does not divide an entry of the first row or
of the first column. Indeed, otherwise a11 divides all entries of the first
row and of the first column. Working as in subcase 2.1, we obtain a

matrix with a11 the only nonzero entry of the first row and of the first
column. If a11 divides all the entries of the matrix, we are done! If a11
does not divide all the entries of the matrix, there exists an entry aij
(with i, j > 1) such that a11 - aij. By adding to the column 1 the column
j, we obtain an entry on the column 1, not divisible by a11.
To fix the ideas, suppose that a11 does not divide an element on the
first column (the proof in the other case is similar, the difference being
that one multiplies on the right with adequate invertible matrices – see
below). Suppose a11-a21 (if not, swap rows to achieve this). Let
d = GCD(a11, a21). We cannot have d ∼ a11, because this implies
a11|a21, false. Since d |a11, l(d) < l(a11) = l(A). We exhibit a matrix C,
arithmetically equivalent to A, whose (1, 1) - entry is d (thus
l(C) ≤ l(d) < l(A)). Let a11 = da, a21 = db, for some a, b ∈ R. Since
(a, b) = 1 and R is a PID, there exist u, v ∈ R such that au + bv = 1. So,
dau + dbv = a11u + a21v = d. Consider the matrix (written in block
form):
u v 0
U = -b a 0
0 0 I
where I is the (m − 2)×(m − 2) identity matrix (if m = 2, then I does not
appear anymore, i.e. U is a 2×2 matrix). The matrix U is invertible
(det U = ua + vb = 1), so C := UA ∼ A. But C has as the (1, 1)-entry
ua11 + va21 = d, so l(C) ≤ l(d) < l(a11) = l(A).
This finishes the proof of the existence part.
We prove now the uniqueness part in theorem 1.4. For any
A ∈ Mm,n(R) and 1 ≤ k ≤ min(m, n), let ∆k(A) be the GCD of the minors
of order k of the matrix A (Recall that a minor of order k of A is the
determinant of a matrix obtained as follows: choose k rows and k col-
umns of A and retain only the entries located at the intersection of the
⎛ m ⎞⎛ n ⎞
chosen rows and columns. There are ⎜ ⎟⎜ ⎟ minors of order k in an
⎝ k ⎠⎝ k ⎠
m×n matrix).
Note that, if U ∈ Mm(R), then ∆k(A)|∆k(UA). Indeed, the rows of UA
are linear combinations (with coefficients in R) of the rows of A. Thus,
the rows of a minor of order k of UA (corresponding to the choice of
columns i1, …, ik of UA) are linear combinations of the rows of A
(truncated to contain only the entries on the columns i1, …, ik). Apply-
ing the fact that the determinant of a matrix is a multilinear function of
the rows of the matrix2, it follows that a minor of order k of UA is a
linear combination of minors of order k of A. The claim now follows.
Similarly, if V ∈ Mn(R), then ∆k(A)|∆k(AV). So, if A ∼ B, then
∆k(A)|∆k(B) and, by symmetry, ∆k(B)|∆k(A), i.e. ∆k(A) ∼ ∆k(B). If
D = diag(d1, …, dr) is in Smith normal form, an easy check show that
∆k(D) ∼ d1…dk. So, if A ∼ D, d1, …, dr are determined (up to associa-
tion in divisibility) by ∆1(A), …, ∆r(A) and
d1 ∼ ∆1(D)∼ ∆1(A), dk ∼ ∆k(A)/∆k−1(A) , for k ≥ 2.
These relations indicate another method to compute effectively d1,
…, dr (although the amount of computation is prohibitive if m, n are
not small). !
1.8 Remark. The existence part of the proof above is in fact an

algorithm to find the Smith normal form of a given matrix. In practice,
R is an Euclidian ring. In this case, the function length defined at 1.7
(whose computation is costly, involving the prime factorizations of the
2
By denoting (l1, …, lk) the matrix having the rows l1, …, lk, the following
relation holds: det(al1 + bl'1, …, lk) = adet(l1, …, lk) + bdet(l'1, …, lk), ∀a, b ∈ R
(similarly for any row li).
elements of the matrix) can be advantageously replaced by the func-

tion ϕ in the definition of the Euclidian ring.
To be precise, if R is Euclidian with respect to ϕ, and
A = (aij) ∈ Mm,n( R), define
ϕ(A) = min{ϕ(aij) | i ∈ {1, …, m}, j ∈ {1, …, n}}.
The proof above is rewritten word for word (replace everywhere l
with ϕ); at the subcase 2.2, replace the matrix U with T21(− q), where
a21 = a11q + r, with ϕ(r) < ϕ(a11) = min{ϕ(aij)} (i.e., subtract from the
row 2 of A the row 1 multiplied by q, the quotient in the division with
remainder of a21 to a11). This places r on the entry (2, 1) of the matrix
UA, which has thus ϕ(UA) < ϕ(A). We invite the reader to check the
details and apply the algorithm in the proof in concrete cases (see also
the exercises).
Exercises
In the exercises, R denotes a principal ideal domain, unless other-

wise specified.
1. Find the Smith normal form of the matrix:
⎡2 6 9 ⎤
⎢5 10 12⎥ ∈ M3(Z).
⎢ ⎥
⎣⎢0 6 12⎦⎥
3
If L is the submodule of Z generated by v1 = (2, 6, 9), v2 = (5, 10, 12),
v3 = (0, 6, 12), determine a basis of L, rank L and the factor module
3
Z /L.
⎡ a 0⎤
2. Let a, b ∈ R. Show that the Smith normal form of ⎢ ⎥ is
⎣ 0 b⎦
⎡d 0 ⎤
⎢ 0 m ⎥ , where d = GCD(a, b), m = LCM(a, b). (Hint. Use the invari-
⎣ ⎦
ants ∆k.)
3. Find the Smith normal form of a diagonal matrix diag (a1, …, an)
∈ Mn(R).
4. Find the Smith normal form of a row matrix (a1, …, an) ∈ M1, n(R).
5. Determine all subgroups of (Z×Z, +).
*
6. Let n ∈ N , x1, …, xn ∈ R and d = GCD(x1, …, xn). Show that there
exists V ∈ GL(n, R) such that (x1, …, xn)V = (d, 0, …, 0). (Ind. Con-
sider the Smith normal form of the row matrix (x1, …, xn)).
*
7. Let n ∈ N and let a1, …, an ∈ R. Show that: there exists
V ∈ GL(n, R) such that the first row of V is (a1, …, an) if and only
if GCD(a1, …, an) = 1.
8. Let K be a field and let A ∈ Mm, n(K). Then the Smith normal form
of A is diag(1,…,1, 0,…, 0), where 1 appears r times (r is the rank of
the matrix A).
* n m
9. Let m, n ∈ N and let ϕ : R → R be an R-homomorphism whose
matrix is A ∈ Mm, n(R) (in the canonical bases). Let U ∈ GL(m, R) and
V ∈ GL(n, R) such that UAV is in Smith normal form, namely
diag(d1,…, dr, 0,…, 0), with r ≤ min(m, n) and d1,…, dr nonzero. Show
that a basis in Kerϕ is (vr+1, …, vn), where vi is the column i of the ma-
n
trix V (vi is seen as an element in R ).
10. Suppose L is a free R-module of rank n, (e1, …, en) is a basis in L
and {f1, …, fm} ⊆ L. Show that a basis in F = < f1, …, fm > can be ob-
tained as follows:
Let A = (aij) ∈ Mm, n(R) such that fi = ∑j aijej (1 ≤ i ≤ n) and let

U ∈ GLm(R), V ∈ GLn(R), with UAV in Smith normal form. Let
gi := ∑j uij fj ∈ F. Then a basis in F is {gi | 1 ≤ i ≤ m, gi ≠ 0}.
*
11. Let m, n ∈ N , A ∈ Mm, n(R) and b ∈ Mm, 1(R). Consider the equa-
tion
n
Ax = b, x ∈ R
(a linear system of m equations and n unknowns). Consider the “ex-
tended matrix” A = (A, b) ∈ Mm, n + 1(R) (the first n columns of A are
the columns of A, the last column is b). Show that: Ax = b has solu-
n
tions x in R if and only if the Smith normal form of A is (D, 0),
where D is the Smith normal form of A and 0 is the zero column in
Mm, 1(R). Note that if R is a field, this is the Kronecker-Capelli theo-
rem. (see also exercise 8.)
III.2 Finitely generated modules over a principal ideal

domain
We are now ready to describe the structure of finitely generated

modules over a principal ideal domain. Since any module is a factor of
a free module, and a detailed description of any submodule of a
finitely generated free module is available (Theorem 1.2 ), the task is
now easy. We need only some preparations:
2.1 Definition. If R is a PID, M is an R-module and x ∈ M, then

AnnR(x) (= {r ∈ R | rx = 0}) is a principal ideal of R. A generator of
the ideal AnnR(x) is called an order of x, denoted by o(x). Therefore,
the order of an element in M is defined up to an association in
divisibility. Thus, we have
III.2 Finitely generated modules over a principal ideal domain 131
AnnR(x) = Ro(x); Rx ≅ R/Ro(x).

This notion generalizes the usual concept of order of an element in
an Abelian group.
If ϕ : E → F is an R-module isomorphism and x ∈ E, then
o(x) = o(ϕ(x)) since AnnR(x) = AnnR(ϕ(x)).
2.2 Lemma. Let R be a ring and let M be a left R-module such that
M is the direct sum of a family of submodules (Mi)i∈I, M = ⊕I Mi. If
Ni ≤ R Mi, ∀i ∈ I, then the sum of the submodules (Ni)i∈I is direct and
we have a canonical isomorphism :
⊕ Mi M
i∈I
≅⊕ i .
⊕ N i i∈I N i
i∈I
Proof. Let πj : ⊕I Mi → Mj be the canonical surjections. Define
M
ϕ : M → ⊕ i by ϕ(x) = (πi(x) + Ni)i∈I, ∀x ∈ M. One easily checks
i∈I N
i
that ϕ is a surjective homomorphism (in fact, ϕ is the direct sum of the
family of homomorphisms ηi◦πi : M → Mi/Ni, where ηi : Mi → Mi/Ni
is the canonical surjection). We have Kerϕ = {x ∈ M | πi(x) ∈ Ni,
∀i ∈ I}. Since x = ∑i∈I πi(x), it follows that Kerϕ = ∑i∈I Ni = ⊕I Mi.
Apply now the isomorphism theorem. !
We state now the following important theorem, which determines
the structure of finitely generated modules over a principal ideal do-
main. Recall that R° is the set of nonzero noninvertible elements of R.
2.3 Theorem. (Invariant factors theorem) Let R be a principal ideal

domain and let M be a finitely generated R-module. Then M is a direct
sum of a finite number of cyclic submodules.
More precisely, there exist n, m ∈ N, with m ≤ n, and x1, …, xn ∈ M
such that :
M = Rx1⊕ …⊕ Rxm ⊕ Rxm+1…⊕ Rxn, (D)
Moreover, o(xi) =: di ∈ R satisfy the conditions:

di ∈ R°, ∀i ∈ {1, …, m} and d1|d2|…|dm ; dm+1 = … = dn = 0.
The numbers n, m ∈ N and the orders o(xi) ∈ R, i = 1 n with the
’
above properties are uniquely determined, in the following sense: if n',
m' ∈ N, with m' ≤ n', and y1, …, yn' ∈ M such that :
M = Ry1⊕ …⊕ Rym' ⊕ Rym' +1…⊕ Ryn', (D')
and o(yi) =: ei satisfy : ei ∈ R°, ∀i ∈ {1, …, m'} and e1|e2|…|em' ;
em'+1 = … = en' = 0, then
m = m', n = n' and di ∼ ei, ∀i ∈ {1, …, n}.
The “orders” o(xi) are called the invariant factors of the module M.
Proof. The existence part: if S ⊆ M is finite and generates M, then
(S)
there is an isomorphism ψ : R /F → M, where F is the kernel of ϕ,
(S)
given by ϕ(es) = s, ∀s ∈ S ((es)s∈S is the canonical basis of R ). Let
(S)
n = |S|, E = R . Theorem 1.2 provides us with a basis e = (e1,…, en) in
E and a basis f = (f1,…, fm) in F (with m ≤ n) such that fi = diei, with
di ∈ R, di ≠ 0 and d1|d2|…|dm. There exists k ∈ N (0 ≤ k ≤ m) such that
d1,…, dk ∈ U(R) and dk+1,…, dm ∉ U(R). Then Rfi = Rdiei = Rei,
1 ≤ i ≤ k, and we can write (applying lemma 2.2):
R e1 Re Re Re
M≅E/F ≅ ⊕ … ⊕ k ⊕ k +1 ⊕ … ⊕ m ⊕ R em+1 ⊕ … ⊕ R en
R e1 R ek Rf k +1 Rf m
Re Re
= k +1 ⊕ … ⊕ m ⊕ Rem +1 ⊕ … ⊕ Ren
Rf k +1 Rf m
Rek +1 ⊕ … ⊕ Rem ⊕ Rem +1 ⊕ … ⊕ Ren
≅
Rf k +1 ⊕ … ⊕ Rf m
Thus, the structure of M is determined by dk+1,…, dm, ek+1,…, en,
fk+1,…, fm. Changing notations if necessary, we may suppose from the
beginning that d1,…, dm are non invertible. Let ψ(ei + F) = xi ∈ M,
1 ≤ i ≤ n.
We have M = Rx1⊕…⊕Rxn because {ei + F |1 ≤ i ≤ n} generates
E/F, so {xi |1 ≤ i ≤ n} generates M. Besides,
E/F = R(e1 + F)⊕…⊕R(en + F),

since ∑1 ≤ i ≤ n ri(ei + F) = 0 + F ⇔ ∃si ∈ R such that ∑1 ≤ i ≤ n riei =
∑1 ≤ i ≤ m sidiei ⇔ ri = sidi, for any 1 ≤ i ≤ m and ri = 0, for m + 1 ≤ i ≤ n
⇔ ri(ei + F) = 0 + F, 1 ≤ i ≤ n.
Also, o(xi) = o(ei + F) = di, if 1 ≤ i ≤ m and o(xi) = 0 if m + 1 ≤ i ≤ n.
Indeed, for any r ∈ R, rxi = 0 ⇔ rei ∈ F ⇔ ∃si ∈ R such that
∑1 ≤ i ≤ n riei = ∑1 ≤ i ≤ m sidiei, so r = 0 if m + 1 ≤ i ≤ n and r = sidi if
1 ≤ i ≤ m.
This finishes the proof of existence of a decomposition (D) of M.
For the uniqueness part, we need some “invariants”.
2.4 Definitions. Let R be a domain and let M be an R-module.

a) Define t(M) := {x ∈ M | ∃r ∈ R \{0} with rx = 0}. t(M) is called
the torsion submodule of M). The elements of t(M) are called torsion
elements. If M = t(M), M is called a torsion module; if t(M) = 0, M is
called a torsion-free module.
b) Let p ∈ R be a prime element. Define tp(M) := {x ∈ M | ∃n ∈ N
n
cu p x = 0} (called the p-torsion submodule of M or the p-submodule
of M).
k k k+1 k
If d ∈ R and k ∈ N, p ||d means p |d and p -d (if R is a UFD, p ||d
⇔ k is the exponent of p in the prime factor decomposition of d).
c) If a ∈ R, let za(M) := {x ∈ M | ax = 0} (called the annihilator of a
in M, also denoted sometimes by AnnM(a) or rM(a)).
d) AnnR(M) := {r ∈ R | rx = 0, ∀x ∈ M} is called the annihilator of
the module M.
We need to collect the basic proprieties of these invariants.
2.5 Proposition. Let R be a domain and let M be an R-module.

a) t(M) is a submodule of M and t(M/t(M)) = 0; if M ≅R N, then
t(M) ≅ t(N).
b) If M = ⊕i∈I Mi, then t(⊕i∈I Mi) = ⊕i∈I t(Mi).
c) Let R be a PID. If M is finitely generated, then t(M) is a direct

summand in M and there exists L ≤ R M, free, such that M = t(M)⊕L.
In particular, a finitely generated torsion-free module is free.
Proof. a) Let x, y ∈ t(M) and let r, s ∈ R. Then there exist a, b ∈ R,
nonzero, such that ax = by = 0. We have ab ≠ 0 and ab(rx + sy) = 0, so
rx + sy ∈ t(M).
Let x + t(M) ∈ t(M/t(M)): there exists 0 ≠ a ∈ R with ax ∈ t(M).
Then there exists 0 ≠ b ∈ R with bax = 0, so x ∈ t(M) (since ba ≠ 0).
Thus, x + t(M) = 0 + t(M).
b) Let (xi)i∈I have finite support, with xi ∈ Mi, ∀i ∈ I, such that
∑i∈I xi := x ∈ t(M). Then there exists 0 ≠ a ∈ R such that ax = ∑i∈I axi
= 0. From M = ⊕i∈I Mi it follows that axi = 0, i.e. xi ∈ t(Mi), ∀i ∈ I. So,
t(M) ⊆ ⊕i∈I t(Mi).
If xi ∈ t(Mi) such that J := supp((xi)i∈I) is finite, there is some family
(rj)j∈J, with 0 ≠ rj ∈ R and rjxj = 0, ∀j ∈ J. Let r := ∏j∈J rj (well de-
fined, since J is finite). Obviously, r ≠ 0 and r∑i∈I xi = 0. This shows
that ⊕i∈I t(Mi) ⊆ t(M).
c) Take a decomposition (D) of M. We show that
t(M) = Rx1⊕…⊕Rxm. Evidently, x1,… xm ∈ t(M), since dixi = 0 and
di ≠ 0, so Rx1⊕…⊕Rxm ⊆ t(M). If x ∈ t(M), there is some 0 ≠ a ∈ R
and r1,…, rn ∈ R such that x = r1x1 + … + rmxm +… + rnxn and
ax = ar1x1 + … + armxm +… + arnxn = 0. Because the sum of the
submodules Rxi is direct, arixi = 0, i = 1 n . If i > m, then
’
ari ∈ AnnR(xi) = 0, so ri = 0. We deduce that x ∈ Rx1⊕…⊕Rxm.
It is now clear that, denoting by L the free module ⊕i > m Rxi,
M = t(M)⊕L. !
2.6 Proposition. Let R be a PID, let M be an R-module and p ∈ R

a prime element.
a) tp(M) is a submodule in M and tp(M/tp(M)) = 0; if M ≅R N, then
tp(M) ≅ tp(N).
b) If M = ⊕i∈I Mi, then tp(⊕i∈I Mi) = ⊕i∈I tp(Mi).
k k
c) Let d ∈ R and k ∈ N such that p ||d. Then tp(R/Rd) ≅ R/Rp . In
k
particular, if x ∈ M and o(x) = d, then tp(Rx) ≅ R/Rp ; if p-d, then
tp(Rx) = 0.
Proof. a) and b) have similar proofs with 2.5 and are proposed as
an exercise.
k
c) Let b ∈ R such that d = p b. We claim that tp(R/Rd) = Rb/Rd. In-
s
deed, let r + Rd ∈ tp(R/Rd). There exist s ∈ N such that p r ∈ Rd, i.e.
s k s
p r = dc = p bc, with c ∈ R. So b| p r and (b, p) = 1, which imply b|r.
So, r ∈ Rb and tp(R/Rd) ⊆ Rb/Rd. The other inclusion is obvious.
k
We have R/Rp ≅ Rb/Rd by the isomorphism theorem applied to
ϕ : R → Rb/Rd, ϕ(r) = rb + Rd, ∀r ∈ R. !
2.7 Proposition. Let M be an R-module and let r ∈ R.

a) zr(M) is a submodule in M; if M ≅R N, then zr(M) ≅R zr(N).
b) If M = ⊕i∈I Mi , then zr(M) = ⊕i∈I zr(Mi).
c) If R is a PID, p ∈ R is a prime element and d ∈ R, then
zp(R/Rd) = 0 if p-d and zp(R/Rd) ≅ R/Rp if p|d. In particular, if x ∈ M,
then zp(Rx) = 0 if p-o(x) and zp(Rx) ≅ R/Rp if p|o(x).
Proof. a) Exercise.
b) Let x = ∑i∈I xi, with xi ∈ Mi, ∀i ∈ I. We have rx = 0 ⇔
∑i∈I rxi = 0 ⇔ rxi = 0, ∀i ∈ I (since rxi ∈ Mi, and the sum is direct) ⇔
xi ∈ zr(Mi), ∀i ∈ I.
c) Let p - d and r ∈ R. We have p(r + Rd) = 0 + Rd ⇔ pr ∈ Rd ⇔
d | pr. Since (d, p) = 1, this implies d | r, so r + Rd = 0.
Let p|d and a ∈ R with d = pa. For any r ∈ R, pr ∈ Rd = Rpa ⇔
r ∈ Ra. So, zp(R/Rd) = Ra/Rd. Consider the surjective homomorphism
ϕ : R → Ra/Rd, ϕ(r) = ra + Rd, ∀r ∈ R. We have Kerϕ = Rp, so
Ra/Rd ≅ R/Rp. !
We can proceed now to prove the uniqueness part in 2.3. The idea
is to apply the invariants t, zp, tp to the decompositions (D) and (D').
Since t(M) = Rx1⊕…⊕Rxm = Ry1⊕…⊕Rym' (see 2.5.c)), we get:
M/t(M) ≅ Rxm+1⊕…⊕Rxn ≅ Rym'+1⊕…⊕Ryn'.

But {xm+1, …, xn} and {ym'+1, …, yn'} are bases in the free module
M/t(M), so they have the same number of elements: n − m = n' − m'.
It remains to prove that m = m' and di ∼ ei, 1 ≤ i ≤ m. To this end,
we suppose in the sequel that
M = t(M) = Rx1⊕…⊕Rxm = Ry1⊕…⊕Rym'.
Since Rxi ≅ R/Rdi, Ryi ≅ R/Rei, we have to prove that, if
M ≅ R/Rd1⊕…⊕R/Rdm, with d1|d2|…|dm, di ∈ R°, 1 ≤ i ≤ m, (*)
M ≅ R/Re1⊕…⊕R/Rem', with e1|e2|…|em', ei ∈ R°, 1 ≤ i ≤ m', (**)
then m = m' and di ∼ ei, 1 ≤ i ≤ m.
Note first that dm ∼ em'. Indeed, AnnR(M) = {r ∈ R| rx = 0, ∀x ∈ M}
is an ideal in R; by (*), AnnR(M) = Rdm (prove!). By (**),
AnnR(M) = Rem', so dm ∼ em'.
Let p be a prime divisor of d1. Then p|di, 1 ≤ i ≤ m. Consider zp(M).
By 2.7 and (*), we can write the R-module isomorphisms:
zp(M) ≅ zp(Rx1⊕…⊕Rxm) ≅ zp(Rx1)⊕…⊕zp(Rxm) ≅ R/Rp⊕…⊕R/Rp
(m terms).
(we used that p|di, 1 ≤ i ≤ m). Use now (**); let k be the number of
those indices i, with 1 ≤ i ≤ m', such that p divides ei. We have :
zp(M) ≅ zp(Ry1)⊕…⊕zp(Rym') ≅ R/Rp⊕…⊕R/Rp (k terms).
m k
So, (R/Rp) ≅ (R/Rp) (R-module isomorphism). It is clear that this
is also an R/Rp-module isomorphism. But R/Rp is a field (p is prime
and R is a PID), so m = k, since two isomorphic R/Rp-vector spaces
have the same dimension. Of course, k ≤ m', so m ≤ m'. By symmetry,
m' ≤ m, so m = m'.
Let us show that di ∼ ei, 1 ≤ i ≤ m. Let p be an arbitrary prime factor
of dm and let αi (respectively βi) be the exponent of p in the
decomposition of di (respectively ei), 1 ≤ i ≤ m. Since d1|d2|…|dm, we
have α1 ≤ α2 ≤ … ≤ αm (and also β1 ≤ β2 ≤ … ≤ βm). It is sufficient to
show that αi = βi, 1 ≤ i ≤ m. Suppose that is not so: then there exists j,
1 ≤ j ≤ m, minimal with the property that αj ≠ βj (thus αi = βi if i < j).

Say, for instance, that αj < βj. Apply tp. By (*) and 2.6, we have:
tp(M) ≅ tp(Rx1)⊕…⊕tp(Rxm) ≅ R Rpα1 ⊕ … ⊕ R Rpαm
By (**), tp(M) ≅ tp(Ry1)⊕…⊕tp(Rym) ≅ R Rp β1 ⊕ … ⊕ R Rp βm .
“Multiply” tp(M) by p j (i.e., consider the submodule p j t p (M ) ). We
α α
obtain from (*):

p jtp (M ) ≅ p
α αj
(R )
Rpα1 ⊕ … ⊕ p
αj
( R Rp )
αm
α j +1 −α j α m −α j
≅ R Rp ⊕ … ⊕ R Rp
We have used the proprieties (whose proof is immediate): if
α β
M = ⊕i∈I Mi and r ∈ R, then rM = ⊕i∈I rMi ; p {R/Rp } ≅ 0 if β ≤ α;
α β β −α
p {R/Rp } ≅ R/Rp if β > α.
From (**), with a similar argument, we have :
( )
p j t p ( M ) ≅ p j R Rp β1 ⊕ … ⊕ p j R Rp βm
α α α
( )
β j −α j β m −α j
≅ R Rp ⊕ … ⊕ R Rp
Therefore,
α −α α −α β −α β −α
R Rp j +1 j ⊕ … ⊕ R Rp m j ≅ R Rp j j ⊕ … ⊕ R Rp m j
These are decompositions of the type (*), as one easily sees. Let k
be the number of indices i for which αi > αj (evidently, 0 ≤ k ≤ m − j).
In the left hand side we have k nonzero terms and in the right hand
side there are m − j + 1 nonzero terms. The first part of the proof
shows that k = m − j + 1, contradicting k ≤ m − j. Thus, we must have
αi = βi, 1 ≤ i ≤ m. !
2.8 Remark. An R-module M can have several decompositions of

type (D). But the sequence of ideals
AnnR(x1) ⊇ AnnR(x2) ⊇ … ⊇ AnnR(xn)
is uniquely determined. The generators (uniquely determined up to an
association in divisibility) d1, d2, …, dn ∈ R of these ideals are called
the invariant factors of the R-module M. Sometimes this name is
given to the sequence of ideals above. If in the principal ideal domain

R there is a natural way to choose a generator of an ideal, the invariant
factors are the “natural” generators of the annihilator ideals above. For
example, in Z the positive generator is chosen, in K[X] (K a field) the
monic polynomial that generates the ideal is chosen.
2.9 Example. Let Z2 = { 0̂, 1̂ }, Z6 = { 0 , 1 , …, 5 } and the

Z-module Z2×Z6. We have the following decompositions:
Z2×Z6 = Zx1⊕Zx2 = Zy1⊕Zy2,
where x1 = ( 1̂, 0 ), x2 = ( 0̂, 1 ), y1 = ( 1̂, 3 ), y2 = ( 0̂, 5 ) (check this!). Of
course, these are distinct decompositions, but
AnnR(x1) = AnnR(y1) = 2Z and AnnR(x2) = AnnR(y2) = 6Z. The se-
quence of invariant factors of the Z-module Z2×Z6 is: 6, 2.
Exercises
1. Give an example of a finitely generated Z-module such that its tor-

sion submodule has at least two complements. (cf. Prop. 2.5.)
2. Let R be a domain and let u : M → N be an R-module homomorph-
ism. Then u(t(M)) ⊆ t(N). State and prove a similar propriety for tp(M)
(R is a PID and p is a prime element in R) and zr(M) (where r ∈ R).
3. Assume R is a domain, M is an R-module and L ≤ R M. Then M/L is
torsion-free if and only if t(M) ⊆ L.
4. This exercise gives an example of a Z-module M such that t(M) is
not a direct summand in M. (Thus, by 2.5.c), M cannot be finitely
generated). Let P = {pn |n ≥ 1} be the set of prime natural numbers and
let M := ∏p∈P Zp. Show that:
a) t(M) = ⊕p∈P Zp ( = {(ap)p∈P | ∀p ∈ P, ap ∈ Zp and supp((ap)P) fi-

nite}).
b) ∀n ∈ Z, n ≠ 0, n·(M/t(M)) = M/t(M).
c) ∀x ∈ M, ∃p ∈ P such that x ∉ pM.
d) If M = t(M)⊕S, with S ≤ R M, then S ≅ M/t(M).
e) t(M) is not a direct summand in M.
5. Let p be a prime natural number and let G = Zp×Zp. Prove that the
subgroups of G coincide with the Zp-vector subspaces of G. How
many vector subspaces of dimension 1 are there in G? In how many
ways can ZG be written as a direct sum of two proper submodules?
(Hint: the sum of any two nonzero distinct subspaces is direct, equal to
G).
6. State a structure theorem for finitely generated Abelian groups.
7. Give an example of an Abelian group G that is neither cyclic, nor a
direct sum of cyclic groups. (Hint: G cannot be finitely generated. An
example is Q).
8. Determine all Abelian groups with 100 elements.
9. Let G be a finite Abelian group whose order is squarefree (not
divisible with the square of any prime). Then G is cyclic.
10. If G is a finite Abelian group and n is the exponent of G ( = GCD
of the orders of the elements of G), then G contains an element of or-
der n. (Hint: use the theorem of invariant factors). Give an example of
a group G such that n is a proper divisor of the order of G.
11. Let G be a finite Abelian group. Show that, for any divisor d of
|G|, there exists a subgroup of G having d elements.
12. For n ∈ N*, let gn denote the number of isomorphism types of
Abelian groups having n elements. For what n ∈ N* we have gn = 1?
Determine {n ∈ N | n ≤ 100, gn ≥ 4}.
13. Using the structure theorem of finite Abelian groups, show that
*
any finite subgroup G of the multiplicative group K (where K is a
field) is cyclic. (Hint. If G has more than one invariant factor and d is
the greatest invariant factor, then any element of G is a root of a
d
X − 1 and d < |G|).
14. Determine the finitely generated Abelian groups with the property
that their lattice of subgroups is a chain ( = totally ordered with respect
to inclusion).
III.3 Indecomposable finitely generated modules
Theorem 2.3 says that any finitely generated R-module (if R is a

PID) is a direct sum of cyclic submodules. Can such a decomposition
be refined? In other words, can we decompose further these submod-
ules as direct sums of proper submodules?
3.1 Definition. Let R be a ring (not necessarily commutative). An

R-module M is called indecomposable if M ≠ 0 and M has no proper
direct summands (if L, N ≤ R M are such that M = L⊕N, then L = 0 or
N = 0). An R-module that is not indecomposable is called decomposa-
ble.
3.2 Examples. a) The Z-module Z6 is decomposable:

Z6 = 2Z6⊕3Z6.
b) If R M is isomorphic to a direct product of modules of the type
A×B, with A, B nonzero, then M is decomposable.
b) If K is a field, a K-vector space V is decomposable if and only if
dim V > 1. (Besides, any proper subspace of a vector space is a direct
summand).
c) The Z-module Z2 is indecomposable (it has no proper submod-
ules altogether).
III.3 Indecomposable finitely generated modules 141
3.3 Proposition. If the lattice of submodules of the R-module M is a

chain (it is totally ordered) with respect to inclusion, then M is
indecomposable.
Proof. Suppose M = A⊕B, with A, B ≤ R M. But the lattice of
submodules of M is a chain, so A ⊆ B or B ⊆ A. Thus, A ∩ B = 0 im-
plies A = 0 or B = 0. !
3.4 Corollary. Let R be a PID, p ∈ R a prime element and k ∈ N.

k
Then the cyclic module R/Rp is indecomposable.
Proof. Suppose k ≥ 1. It is enough to check that the lattice of ideals
k k
of R that include Rp is a chain (see II.2.3). But the ideal I includes Rp
k
if and only if I = Ra (I is principal), where a ∈ R, a|p . The divisors of
k t t
p are p , 0 ≤ t ≤ k, so a ∼ p for some t ≤ k. This says that the ideals
k k k−1 2
that include Rp are chained: Rp ⊆ Rp ⊆ …⊆ Rp ⊆ Rp ⊆ R.
If k = 0, we have to show that R R is indecomposable. This is true
for an arbitrary domain: the intersection of any two nonzero submod-
ules ( = ideals) I, J of R is nonzero: if a ∈ I, b ∈ J are nonzero, then
0 ≠ ab ∈ I ∩ J. !
k
If R is a PID, the cyclic modules (isomorphic to) R/Rp , with p
prime in R and k ≥ 0, are all finitely generated indecomposable
R-modules. This follows from the following result, valid in any
commutative ring.
3.5 Theorem. (Chinese remainder theorem) Let R be a commuta-

tive ring, n ≥ 2 and I1,…, In ideals of R.
a) If Ii + Ij = R for i ≠ j,3 then the product 4 I1·…·In is equal to the
intersection I1 ∩…∩ In and there is a natural isomorphism of rings
(and of R-modules) η:
3
The ideals Ii şi Ij are called in this case comaximal. For example, the ideals Za
and Zb of Z are comaximal if and only if a and b are coprime.
R R R R
= ≅ ×… × ,
I1 ⋅ … ⋅ I n I1 ∩ … ∩ I n I1 In
η(r + I1 ∩…∩ In) = (r + I1, …, r + In), ∀r ∈ R.
R R
b) Conversely, if the homomorphism ϕ : R → ×… × ,
I1 In
ϕ(r) = (r + I1, …, r + In), ∀r ∈ R is surjective (inducing an isomor-
R R R
phism ≅ ×… × as above), then Ii and Ij are comaxi-
I1 ∩ … ∩ I n I1 In
mal ideals, for any i ≠ j.
Proof. a) We prove by induction on n that I1·…·In = I1 ∩…∩ In and
that η is an isomorphism. For n = 2, I1 + I2 = R implies the existence
of x ∈ I1, y ∈ I2 such that x + y = 1. Let z ∈ I1 ∩ I2. Then
z = z·1 = zx + zy, with zx, zy ∈ I1·I2, so I1 ∩ I2 ⊆ I1I2. Thus, I1 ∩ I2 = I1I2.
R R
Let ϕ : R → × , ϕ(r) = (r + I1, r + I2), ∀r ∈ R. ϕ is a ring (and
I1 I 2
an R-module) homomorphism (it is the direct product of the canonical
surjections R → R/Ij). We have:
Kerϕ = {r ∈ R| (r + I1, r + I2) = (0 + I1, 0 + I2)} = I1 ∩ I2
The isomorphism theorem implies that R/I1 ∩ I2 ≅ Imϕ and the
isomorphism is precisely η. Let us prove that ϕ is surjective (which
R R
will finish the proof). Let (r1 + I1, r2 + I2) ∈ × . We must exhibit
I1 I 2
r ∈ R with r − r1 ∈ I1, r − r2 ∈ I2. Such an element is r = r1 y + r2 x. In-
deed,
r − r1 = r1y + r2x − r1x − r1y = (r2 − r1)x ∈ I1.
4
Recall that the product IJ of two ideals I and J is the ideal generated by all the
products ij, i ∈ I, j ∈ J. The product of ideals is associative and always IJ ⊆ I ∩ J.
Similarly, r − r2 ∈ I2.
Suppose now that for any k < n and any ideals I1,…, Ik, pairwise co-
maximal , we have I1·…·Ik = I1 ∩…∩ Ik and η is an isomorphism. Take
n pairwise comaximal ideals I1,…, In. Since Ij + In = R, 1 ≤ j ≤ n − 1,
there exist aj ∈ Ij, bj ∈ In, such that aj + bj = 1. Multiply these n − 1
equalities:
n −1
∏ (a j + b j ) = a1·…·an−1 + b = 1, where b ∈ In, a1·…·an−1 ∈ I1·…·In−1.
j =1
So, I1·…·In−1 + In = R. Applying the case n = 2 to the comaximal

ideals I1·…·In−1 and In,
I1·…·In−1·In = (I1·…·In−1) ∩ In = (I1 ∩…∩ In−1) ∩ In
We also used the induction hypothesis I1·…·In−1 = I1∩…∩ In−1. Also,
case n = 2 says that
R R R
≅ × ,
(I1 ⋅… ⋅ I n−1 ) ⋅ I n I1 ⋅… ⋅ I n−1 I n
r + I1·…·In & (r + I1…In−1, r + In), ∀r ∈ R.
On the other hand, by induction, we have the isomorphism:
R R R
≅ ×… × ,
I1 ⋅ … ⋅ I n −1 I1 I n −1
r + I1·…·In−1 & (r + I1, …r + In−1), ∀r ∈ R.
Combining these isomorphisms, we obtain the result.
b) We prove that I1 and I2 are comaximal. Let (1 + I1, 0 + I2, …,
R R
0 + In) ∈ × … × . There exists y ∈ R such that (y + I1, y + I2, …,
I1 In
y + In) = (1 + I1, 0 + I2, …, 0 + In), i.e. y ∈ I2 and y − 1 =: x ∈ I1. So,
1 = −x + y ∈ I1 + I2, which means I1 + I2 = R. !
3.6 Corollary. a) Let R be a PID and let a1, …, an ∈ R. If

(ai, aj) = 1, ∀i ≠ j, then:
R R R
≅ ×… ×
Ra1 … an Ra1 Ran
r + Ra1…an & (r + Ra1, …, r + Ran), ∀r ∈ R.
b) If M is a cyclic R-module M = Rx (x ∈ M), with
o(x) = d = a1·…·an ∈ R° and (ai, aj) = 1, ∀i ≠ j, then there exist xi ∈ M,
1 ≤ i ≤ m, such that o(xi) = ai and
M = Rx = Rx1⊕…⊕Rxm
c) Any cyclic R-module can be written as a direct sum of
indecomposable submodules.
Proof. a) If a, b ∈ R, then (a, b) = 1 if and only if Ra and Rb are co-
maximal. Indeed, the ideal generated by GCD(a, b) is Ra + Rb. So, (a,
b) = 1 ⇔ Ra + Rb = R. Apply now the Chinese remainder theorem for
Ra1, …, Ran.
b) We have M ≅ R/Rd. By a), we have R/Ra1 ×…× R/Ran ≅ R/Rd.
So, there is an isomorphism ϕ : R/Ra1 ×…× R/Ran → M. Let
yi := (0 + Ra1,…, 1 + Rai, …, 0 + Ran) and xi := ϕ(yi). Obviously,
R/Ra1 ×…× R/Ran = Ry1⊕…⊕Ryn, so, (applying ϕ) M = Rx1⊕…⊕Rxn.
Also, o(xi) = o(yi) = ai, 1 ≤ i ≤ n.
c) This follows from a): let M = Rx, with x ∈ M and let d = o(x). If
d = 0, then M ≅ R is indecomposable. If d ≠ 0, let d = p1k1 … ptkt the
prime factor decomposition of d (where p1, …, pt are distinct primes in
k
R). Clearly, piki and p j j are coprime if i ≠ j; applying b), there exist
xi ∈ M such that M = Rx1⊕…⊕Rxt, with o(xi) = piki . So Rxi is
indecomposable, being isomorphic to R Rpiki . !
3.7 Corollary. Let R be a PID and let M be a finitely generated

R-module. Then:
- M is indecomposable if and only if: either M is cyclic, isomorphic
to R (in this case M is torsion-free) or M is cyclic, isomorphic to some
k
R/Rp , where p ∈ R is prime and k ∈ N* (in this case M is a torsion
module).
Proof. The proof of the “if” part is easy: we saw that the modules
k
R/Rp are indecomposable.
Let M be indecomposable finitely generated. There exists a
decomposition (D), as in theorem 2.3. Keeping the notations in 2.3,
we see that M is indecomposable only if m = n = 1 or m = 0 and n = 1.
If m = 0, n = 1,then M is free of rank 1, and thus isomorphic to R.
If m = n = 1, then M = Rx, with o(x) = d. So, M ≅ R/Rd. Let
d = p1k1 … ptkt be the prime decomposition of d (p1, …, pt are distinct
k
primes in R). We claim that t = 1. If t > 1, piki and p j j are coprime if
i ≠ j, so R/Rd ≅ R Rp1k1 × … × R Rptkt , which is clearly decomposable. !
3.8 Proposition. If M is a finitely generated torsion module over a

PID R, then M is the direct sum of its p-torsion submodules.
More precisely, if P is a system of representatives of the equiva-
lence classes (with respect to association in divisibility) of the prime
elements in R, then {p ∈ P | tp(M) ≠ 0} is finite and M is the finite di-
rect sum:
M = ⊕p∈P tp(M)
Proof. We know that M is a direct sum of cyclic submodules:
M = Rx1⊕…⊕Rxm, o(xi) = di ∈ R°. From 2.6 we deduce that, if p ∈ P
and p-di, for all 1 ≤ i ≤ m, then tp(M) = 0. So,
{p ∈ P | tp(M) ≠ 0} ⊆ {p ∈ P | ∃i, p|di}, which is finite.
If p ∈ P, then tp(M) ∩ { ∑{tq(M) |q ∈ P, q ≠ p}} = 0. Indeed, if x be-
k
longs to the intersection, then p x = 0 for some k ∈ N; also,
x = ∑q≠p yq, with yq ∈ tq(M), ∀q ∈ P, q ≠ p (only a finite number of yq
k
are nonzero). So, ∀q ≠ p for which yq ≠ 0, ∃kq ∈ N such that q q yq = 0.
kq
Let a = ∏ y q (finite number of factors!). Evidently, ax =
q ≠0
a∑q≠p yq = 0. Also (p , a) = 1, since p is not associated to any prime q

k
occurring in the decomposition of a. So, there exist u, v ∈ R such that

k k k
up + va = 1. Then x = (up + va)x = up x + vax = 0.
Let x ∈ M. We prove that x ∈ ∑ p∈P tp(M). Let d = o(x) ∈ R and
d = p1k1 … ptkt be its prime decomposition. By 3.6.b),
Rx = Rx1⊕…⊕Rxt, with o(xi) = piki , i.e. xi ∈ t pi (M ) . !
The invariant factor theorem and the list of finitely generated

indecomposable modules allow us to formulate the following structure
theorem:
3.9 Theorem. Let R be a PID and let M be a finitely generated

R-module. Then M is a finite direct sum of indecomposable submod-
ules. The following property of uniqueness holds: if
M = A1⊕…⊕Am = B1⊕…⊕Bn
are decompositions of M as direct sums of indecomposable submod-
ules, then m = n and there exists a permutation σ ∈ Sn such that
Ai ≅ Bσ(i), 1 ≤ i ≤ m.
Proof. The existence part is proven as follows: from theorem 2.3,
M is a finite direct sum of cyclic submodules, and 3.6 says that every
cyclic submodule is a finite direct sum of indecomposable submod-
ules.
As in the proof of uniqueness in theorem 2.3, note that the free
module M/t(M) has rank equal to the cardinal of the set {i | 1 ≤ i ≤ m,
Ai torsion free} (and equal to the cardinal of the set {j | 1 ≤ j ≤ n, Bj
torsion free}). We may suppose then that
M = t(M) = Rx1⊕…⊕Rxm = Ry1⊕…⊕Ryn,
with xi, yj ∈ M and Rxi, Ryj indecomposable (by 3.7, o(xi), o(yj) are
prime powers in R). Let p be a prime in R. We have tp(Rxi) = 0 if p-
o(xi) and tp(Rxi) = Rxi if o(xi) is a power of p (see 2.6). Thus
tp(M) = ⊕{Rxi | 1 ≤ i ≤ m, p|o(xi)} = ⊕{Ryj | 1 ≤ j ≤ n, p|o(yj)}.
Relabeling if necessary, let {i | 1 ≤ i ≤ m, p|o(xi)} =: {1, …, r} and

l
{j | 1 ≤ j ≤ n, p|o(yj)} =: {1, …, s}, such that o(xi) = p ki and o(yj) = p j ,
with k1 ≤ … ≤ kr and l1 ≤ … ≤ ls. Then
tp(M) = Rx1⊕…⊕Rxr = Ry1⊕…⊕Rys, o(x1)|… |o(xr), o(y1)|… |o(ys).
The uniqueness part of theorem 2.3 says that r = s and o(xi) = o(yi)
(so, Rxi ≅ Ryi), 1 ≤ i ≤ r. Since M = ⊕p∈P tp(M) (see 3.8), the proof is
finished. !
3.10 Remark. If M is a torsion module and Rx1⊕…⊕Rxm is o

decomposition of M as a direct sum of indecomposables, then the fam-
ily of ideals (AnnR(xi))1≤ i ≤ m is independent of the chosen decomposi-
tion. The family of elements (o(xi))1≤ i ≤ m is thus uniquely determined
(up to an association in divisibility and a permutation) by the module
M and is called the family 5 of the elementary divisors of M. The
elementary divisors are powers of prime elements in R, by 3.7.
3.11 Examples. a) The elementary divisors of the Z-module

3
Z6⊕Z24 ≅ Z2⊕Z3⊕Z8⊕Z3 are (2, 2 , 3, 3). Its invariant factors are (6,
24).
b) If G is an Abelian group with n elements, and d1|…|dm is the se-
quence of its invariant factors, then G ≅ Z d1 ⊕ … ⊕ Z d m , so
n = d1·…·dm . Thus, any Abelian group of order n is perfectly deter-
mined (up to an isomorphism) by an m-uple (d1, …, dm) of natural
numbers (m ≥ 1), such that: d1 ≥ 2, d1·…·dm = n and d1|…|dm. For
example, for n = 60, the possible choices for (d1, …, dm) are (60), (2,
30). Thus there are two types of isomorphism6 of a Abelian groups
5
We avoid the term “set”, because in a set all elements are distinct, while the
elementary divisors can occur more than once.
6
The class of all groups isomorphic to a given group G is called the type of
isomorphism of G. (This definition can be generalized to any type of algebraic
2
with 60 elements: Z60 ≅ Z4⊕Z3⊕Z5 (the elementary divisors are (2 , 3,
5)) and Z2⊕Z30 ≅ Z2⊕Z2⊕Z3⊕Z5 (the elementary divisors are (2, 2, 3,
5)).
c) If the invariant factors (d1, …, dm) are given, the elementary divi-
sors can be obtained by decomposing in a product of powers of primes
every di and writing down all the powers that occur, as many times
that they arise.
Conversely, if the family of the elementary divisors is given, the
invariant factors are obtained as follows: write a product containing
(only once) all primes in the family of the elementary divisors, at the
greatest power. The product obtained is dm (the “largest” invariant fac-
tor – divisibility-wise). Erase from the family of the elementary divi-
sors the powers written in the product and repeat the procedure with
what is left. Continue until the elementary divisors are exhausted.
For example, if the family of the elementary divisors of a Z-module
2 3
is (2, 2, 2 , 3, 3 , 5), following the procedure above we obtain succes-
2 3
sively: 2 ·3 ·5, 2·3, 2, which are the invariant factors of the Z-module.
Which is this Z-module?
structures: Abelian groups, rings, modules, fields, ordered sets…). For a given type
of algebraic structure, the description of all types of isomorphism of the structure is
a most important (and hard to attain, in general) objective, called classification. For
instance, the theorem of invariant factors yields a classification of finitely generated
Abelian groups. The classification of the finite simple groups (having no normal
proper subgroups) is one of the great successes of group theory, accomplished in the
1980's.
Exercises
1. Give an example of a ring R and an indecomposable R-module that

has a decomposable factor module.
2. Prove that R M is indecomposable ⇔ the ring EndR(M) contains no
idempotents other than 0 and 1M.
3. Give an example of a ring R an indecomposable R-module that has
decomposable submodules. Can R be a PID? (Hint. Let K be a field,
R = K[X, Y], I = (XY) = XYK[X, Y] and M = R/I. The idempotents of
EndR(M) are 0 and 1M. XK[X, Y] + YK[X, Y]}/I ≤ M and is decomposa-
ble).
4. Let R be a PID, M an R-module and x1, …, xn ∈ M, with (o(xi),
o(xj)) = 1, ∀i ≠ j. Then o(x1 + … + xn) = o(x1)·…·o(xn). (This general-
izes the known fact: if a, b ∈ G, (G, +) an Abelian group, and (ord x,
ord y) = 1, then ord(x + y) = ord(x)·ord(y)).
5. Let R be a PID, M an R-module with AnnR(M) = Rr, r ≠ 0. Then
o(x)| r, ∀x ∈ M.
6. Let R be a PID and M an R-module (not necessarily finitely gener-
ated) with AnnR(M) ≠ (0). We want to prove that M is a direct sum of
cyclic submodules. Prove that:
a) For any N ≤ R M, AnnR(M/N) ≠ (0).
b) There exists y ∈ M such that AnnR(y) = AnnR(M). (Hint. Let
AnnR(M) = Rr, r = p1a1 … pnan , with pi prime in R and ai ∈ N*. Let
b
bi = max {b ∈ N | ∃x ∈ M with pi |o(x)} (bi ≤ ai). For any i, ∃xi ∈ M
with o(xi) = pibi . Set y =∑ xi. o{∑ xi} = ∏o(xi) by ex. 4. Also,
r = ∏ pibi , so bi = ai)
c) Let C = {C ≤ M | C is a direct sum of cyclic submodules and
satisfies condition (*)}, where the condition (*) is:
∀s ∈ R, ∀x ∈ M, if sx ∈ C, then ∃ x0 ∈ C with sx = sx0. (*)
C is nonempty, inductively ordered, so it has a maximal element F.
d) ∀C ∈ C, if C ≠ M, then there exists D ∈ C such that C ( D. (Ind.

Apply b) to M/C and obtain y∈M such that
AnnR(M/C) = AnnR(y) =: µ. So µy ∈ C and let y0 ∈ C with µy = µy0,
given by (*). Then set D := C + R(y − y0).)
e) F = M.
III.4 The endomorphisms of a finite dimensional vector

space
Throughout this section, K is a field, K[X] is the polynomial ring in

the indeterminate X with coefficients in K, V is a finite dimensional
K-vector space and u : V → V is a K-endomorphism (also called linear
transformation or operator).
The idea of the theory we develop here is the following: The endo-
morphism u defines a natural structure of K[X]-module on V. Because
K[X] is a PID, we can apply the invariant factors theorem to obtain
information on this K[X]-module (therefore on the endomorphism u).
Furthermore, keeping in mind the connection between endomorphisms
and matrices, the results obtained translate into matrix language.
4.1 Definition. Let u ∈ EndK(V). We endow the Abelian group

(V, +) with a structure of K[X]-module (depending on u):
n
∀f = a0 + a1X + … + anX ∈ K[X], ∀v ∈ V, define:
n
f·v := a0v + a1u(v) + … + anu (v) ∈ V,
n
where u = u◦…◦u (n times).
In other words, f·v is the image of the vector v by the endomorph-
n
ism f(u) := a0id + a1u + … + an u , where id is the identity automor-
phism of V.
III.4 The endomorphisms of a finite dimensional vector space 151
Checking the module axioms is simple. It is worth mentioning that

the axioms ( f·g)·v = ( f )·(g·v) and ( f + g)·v = f·v + g·v ∀f, g ∈ K[X],
∀v ∈ V, are a consequence of the fact that:
( f·g)(u) = f(u)◦g(u) and ( f + g)(u) = f(u) + g(u), ∀f, g ∈ K[X]
This means that the “evaluation map in u” from K[X] to EndK(V),
f & f(u), ∀f ∈ K[X], is a ring homomorphism (more exactly, a
K-algebra homomorphism).
The external operation defined above extends to K[X] × V the
external operation (defined on K × V) of the K-vector space V.
Note that the K[X]-module structure defined on V depends strongly
on the endomorphism u.
Let Vu denote the K[X]-module V defined by the endomorphism u,
as above.
4.2 Remark. Let u ∈ EndK(V). The universality property of the

polynomial ring K[X] ensures the existence of a unique K-algebra
homomorphism η : K[X] → EndK(V) such that η(X) = u. If
n
f = a0 + a1X + … + anX ∈ K[X],
n n
η( f ) = f (u) = η(a0 + a1X + … + anX ) = a0idV + a1u + … + anu .
The homomorphism η defines a K[X]-module structure on V (see
remark II.1.4) that is the same as the one defined above.
Can distinct endomorphisms of V define “the same” K[X]-module
structure on V?
4.3 Proposition. Let u, w ∈ EndK(V). Then the K[X]-modules Vu

and Vw are isomorphic if and only if there exists a K-automorphism
−1
ϕ of V such that ϕ◦u◦ϕ = w.
Proof. Let ϕ : Vu → Vw be a K[X]-isomorphism. Let ·u denote the
external operation of the K[X]-module Vu. For any v ∈ Vu, X ·u v = u(v)
and, ∀v ∈ Vw, X ·w v = w(v). We have ϕ(X ·u v) = X ·w ϕ(v), so
ϕ(u(v)) = w(ϕ(v)), i.e. ϕ◦u = w◦ϕ. It is clear that ϕ is also a
K-automorphism.
If ϕ : V → V is a K-isomorphism with ϕ◦u = w◦ϕ, then ϕ is a

K[X]-isomorphism from Vu to Vw. Indeed, ϕ◦u = w◦ϕ is written
n n
ϕ(X ·u v) = X ·w ϕ(v). From this we deduce that ϕ(X ·u v) = X ·w ϕ(v),
∀n ∈ N; since ϕ is K-linear,
n n
ϕ((a0 + a1X + … + anX )·u v) = a0·wϕ(v) + a1X·wϕ(v) + … + anX ·wϕ(v),
for any a0 + a1X + … + anX ∈ K[X]. !
4.4 Definition. a) The endomorphisms u, w ∈ EndK(V) are called

−1
similar if there exists ϕ ∈ AutK(V) such that ϕ ◦u◦ϕ = w. Notation:
u ≈ w.
b) Let n ∈ N and A, B ∈ Mn(K). We call the matrices A and B simi-
lar (denoted by A ≈ B) if there exists an invertible matrix U ∈ Mn(K)
−1
such that B = UAU .
4.5 Remark. Let KV be finite dimensional and let v = (v1, …, vn) be

a basis of V. The endomorphisms u, w ∈ EndK(V) are similar if and
only if the matrices Mv(u) and Mv(w) are similar. To see that, recall
that the rings EndK(V) and Mn(K) are (anti-)isomorphic by the mapping
u & Mv(u).
A typical example of similar matrices is given by the matrices of an
endomorphism in various bases of V.
The similarity relation on EndK(V) and the similarity relation on
Mn(K) are equivalence relations.
4.6 Definition. Let u ∈ EndK(V) and W ≤ KV. The K-subspace W of

V is called invariant relative to u (or u-invariant) if u(W) ⊆ W. We say
that V is indecomposable relative to u (or u-indecomposable) if V can-
not be written as a direct sum of proper u-invariant subspaces.
4.7 Proposition. Let W be a nonempty set of V. Then: W is an u-

invariant subspace ⇔ ∀w ∈ W, X·w ∈ W ⇔ W is a K[X]-submodule
of Vu.
Proof. u(W) ⊆ W if and only if ∀w ∈ W, u(w) ∈ W ⇔ X·w ∈ W. By

n
induction, X ·w ∈ W, ∀n ∈ N; since W is a linear subspace in V, this
n
implies (a0 + a1X + … + anX )·w ∈ W, ∀ai ∈ K. The converse is an
easy exercise. !
The following statements (whose proofs are left to the reader) are
further examples of translations from vector space language to
K[X]-module language.
“V is the direct sum of the u-invariant subspaces V1, …, Vm” ⇔
“K[X]Vu is the direct sum of the K[X]-submodules V1, …, Vm”.
i
“There exists v ∈ V such that V is generated by {u (v) | i ∈ N}” ⇔
“Vu is a cyclic K[X]-module (generated by v).” (In this case, u is called
a cyclic endomorphism).
“V is u-indecomposable” ⇔ “Vu is an indecomposable
K[X]-module”.
4.8 Proposition. a) The K[X]-module Vu is a finitely generated tor-

sion module.
b) V is u-indecomposable if and only if there exists v ∈ Vu such that
k
Vu = K[X]v, with o(v) = p , where p is an irreducible polynomial in
K[X] and k ∈ N*.
Proof. a) Any system of generators KV is also a system of genera-
tors for the K[X]-module Vu. If dimKV = n ∈ N*, then, ∀v ∈ V, the vec-
n
tors v, u(v), …, u (v) cannot be linearly independent. Consequently,
there exist a0, a1, …, an ∈ K, not all zero, such that a0v + a1u(v) + … +
n n
anu (v) = 0 ⇔ (a0 + a1X + … + anX )·v = 0.
b) V is u-indecomposable if and only if Vu is an indecomposable
K[X]-module. But Vu is a torsion, finitely generated K[X]-module,.
Apply now Prop. III.3.7. !
We apply to the K[X]-module Vu the structure theorems from III.2
and III.3:
4.9 Proposition. If dimK V = n ∈ N*, then there exists m ∈ N* and

v1, …, vm ∈ Vu, such that Vu is a direct sum of u-invariant subspaces
Vu = K[X]v1⊕…⊕K[X]vm, cu o(v1)|…|o(vm).
The natural number m and the monic polynomials o(v1),…,
o(vm) ∈ K[X] with the properties above are uniquely determined
(o(v1),…, o(vm) are the invariant factors of the K[X]-module Vu).
Vu is also a direct sum of indecomposable submodules:
Vu = K[X]w1⊕…⊕K[X]wt,
where wi ∈ Vu and o(wi) are powers of irreducible polynomials in
K[X], 1 ≤ i ≤ t. The natural number t and the monic polynomials
o(w1),…, o(wt) ∈ K[X] are uniquely determined (o(w1),…, o(wt) are the
elementary divisors of the K[X]-module Vu). !
4.10 Definition. If dimKV = n and u ∈ EndK(V), the monic polyno-

mial that generates AnnK[X](Vu) is called the minimal polynomial of the
endomorphism u (and is denoted by µu). The monic polynomials that
are the invariant factors (respectively the elementary divisors) of the
K[X]-module Vu are called the invariant factors (respectively the
elementary divisors) of the endomorphism u. The same terminology is
used for matrices: choosing a basis v in V, the invariant factors of a
matrix A ∈ Mn(K) are the invariant factors of the unique endomorph-
ism u with Mv(u) = A (similarly for the minimal polynomial, the
elementary divisors).
4.11 Proposition. Two endomorphisms (matrices) are similar ⇔

they have the same invariant factors ⇔ they have the same elementary
divisors.
Proof. Let u, w ∈ EndK(V). We have: Mv(u) ≈ Mv(w) ⇔ u ≈ w ⇔
Vu ≅ K[X]Vw (by 4.3) ⇔ Vu and Vw have the same invariant factors ⇔ Vu
and Vw have the same elementary divisors. !
4.12 Remark. With the notations in 4.9, µu is o(vm), the highest de-
gree invariant factor of u. If f ∈ K[X] is monic, the following proper-
ties are equivalent:
a) f = µu.
b) f (u) = 0 and ∀g ∈ K[X], g(u) = 0 implies f |g.
c) f (u) = 0 and ∀g ∈ K[X], g ≠ 0, g(u) = 0, implies deg f ≤ deg g.
The proof is easy, using the definitions. Note that, unlike the mini-
mal polynomial of an algebraic element in a field extension, the mini-
mal polynomial of an endomorphism is not necessarily irreducible.
The next result translates in matrix language the fact that V is a di-
rect sum of u-invariant subspaces.
4.13 Proposition. a) Let V = V1⊕…⊕Vm, where V1, …, Vm are
u-invariant subspaces. If vi is a basis in Vi, 1 ≤ i ≤ m, then
v1∪…∪vm =: v is a basis7 in V. If Ai is the matrix of the restriction of u
to Vi, in the basis vi, 1 ≤ i ≤ m, then the matrix of u in the basis v is
(written on blocks):
⎡ A1 0⎤
⎢ ⎥
Mv(u) = ⎢ * ⎥,
⎢ ⎥
⎣0 Am ⎦
b) Conversely, if the matrix of u in a basis v is of the form above,
then the rows of the block Ai correspond to a set of vectors in v that
generate an u-invariant subspace Vi (1 ≤ i ≤ m) and V = V1⊕…⊕Vm.
Proof. a) It is clear that v is a basis in V (see also II.4.11). To keep
notations manageable, suppose m = 2 and v1 = (e1, …, ep), v2 = ( f1,
…, fq), p + q = n = dimV. Then v = (e1, …, ep, f1, …, fq). Since V1, V2
are u-invariant, u(ei) is a linear combination of e1, …, ep, and u( fj) is a
linear combination of f1, …, fq. Writing the matrix of u in the basis v,
7
We totally order the vectors in the basis v, by sequencing the elements of the
bases v1, …, vm, in this order.
⎡ A1 0 ⎤
Mv(u) = ⎢ ⎥.
⎢⎣ 0 A2 ⎥⎦
b) The task of detailing the proof is left to the reader. !
We want to find a basis v of V such that Mv(u) has as “simple” a
form as possible. Since Vu is a direct sum of indecomposable submod-
ules (theorem 4.9) the previous result allows us to study the restriction
of u to each of the u-invariant subspaces in the direct sum. It is thus
natural to study first the case in which Vu is indecomposable:
k
Vu = K[X]v, for some v ∈ V, o(v) = p , p irreducible in K[X], k ∈ N*.
r r −1
4.14 Definition. If p ∈ K[X], p = X − ar −1 X −… − a1 X − a0,
define the r×r matrices with entries in K:
⎡ 0 1 0 … 0 ⎤ ⎡0 0 0 … 0⎤
⎢ 0 0 1 … 0 ⎥ ⎢0 0 0 … 0⎥
⎢ ⎥ ⎢ ⎥
Cp = ⎢ ! * ⎥ , N = ⎢… ⎥
⎢ 0 0 0 … 1 ⎥ ⎢0 0 0 … 0⎥
⎢ ⎥ ⎢ ⎥
⎢⎣ a0 a1 a2 … ar −1 ⎥⎦ ⎢⎣ 1 0 0 … 0 ⎥⎦
The matrix Cp is called the matrix companion of the polynomial p.
Define the rk×rk matrix (written in block form):
Cp N 0 … 0 0
0 Cp N … 0 0
k * *
J{ p } = ∈ Mrk(K)
* *
0 0 0 … Cp N
0 0 0 … 0 Cp
k k
J{ p } is called the Jordan cell 8 associated to the polynomial p .
8
Camille Jordan (1838-1922), French mathematician.
A matrix (written in block form) having on the diagonal Jordan

cells (and 0 elsewhere), i.e. a matrix of the form
( )
⎡ J p1k1 0 ⎤
⎢
⎢ ( )
J p2k2
⎥
⎥,
⎢ * ⎥
⎢ ⎥
⎣ 0 ( )
J ptkt ⎦
where p1, …, pt are monic irreducible polynomials in K[X], is called a
Jordan canonical matrix9 over K.
4.15 Proposition. a) Suppose Vu is a indecomposable K[X]-module

k
and v ∈ Vu is such that Vu = K[X]v, with o(v) = µu = p , where
r r−1
p = X − ar−1X −… − a1X − a0 ∈ K[X] is irreducible of degree r and
k ∈ N*. Then dimKV = rk and there exists a basis v of KV such that the
k k
matrix of u in v is the Jordan cell J{ p } associated to p .
b) In the general case, let p1k1 ,… , ptkt be the elementary divisors of
u, with p1, …, pt irreducible and monic in K[X]. Then there exists a ba-
sis of V in which the matrix of u is the Jordan canonical matrix:
( )
⎡ J p1k1 0 ⎤
⎢
J= ⎢
J p2 ( )
k2 ⎥
⎥.
⎢ * ⎥
⎢ ⎥
⎣ 0 ( )
J ptkt ⎦
Proof. a) We exhibit a basis e = (e0, …, ekr−1) such that
k
Me(u) = J{ p } :
9
In other texts this matrix is called a rational canonical matrix, the name Jordan
canonical matrix being given only if pi are polynomials of degree 1.
r−1
e0 = v; e1 = X·v = u(e0); … ; er−1 = X ·v = u(er−2);
r−1
er = p·v; er+1 = Xp·v = u(er); … ; e2r−1 = X p·v = u(e2r−2);
…
k −1 r−1 k −1
e(k −1)r = p ·v; e(k −1)r+1 = Xp·v = u(e(k −1)r); …; ekr−1 = X p ·v = u(ekr−2).
The next lemma proves that e = (e0, …, ekr−1) is a basis:
Lemma. If u ∈ EndK(V) is an endomorphism such that Vu = K[X]v
for some v ∈ V, and f = o(v), deg f = n, then, for any g0,
…, gn−1 ∈ K[X], with deg gi = i, 1 ≤ i ≤ n, the vectors
g0·v, …, gn−1·v
form a basis of V.
Proof of the lemma. Vu ≅ K[X]/(f ) (K[X]-module isomorphism, so
also a K-vector space isomorphism), hence dimKV = dimK K[X]/(f )
= deg f = n. The vectors g0·v, …, gn−1·v are linearly independent: if
a0g0·v + … + an−1gn−1·v = 0, with ai ∈ K, then h·v = 0, where h = a0g0 +
… + an−1gn−1. Since o(v) = f, and deg h < n, we have f |h, hence h = 0.
But the polynomials g0, …, gn−1 are linearly independent in the
K-vector space K[X], being of distinct degrees, so a0 = … = an−1 = 0.
The n elements g0·v, …, gn−1·v are thus linearly independent in V,
whose dimension is n, which means they are a basis.
k
We get back to proving that Me(u) = J{ p }. If 1 ≤ i < k, we have:
r−1 i−1 r i−1 r−1 i−1
u(eir−1) = X(X p ·v) = X p ·v = (p + a0 + a1X + … + ar−1X )p ·v
i i−1 i−1 r−1 i−1
= p ·v + a0p ·v + a1Xp ·v + … + ar−1X p ·v
= eir + a0e(i −1)r + a1e(i −1)r+1 + … + ar−1e(i −1)r+r−1
If i = k, u(ekr−1) = a0e(k −1)r + a1e(k −1)r+1 + … + ar−1e(k−1)r+r−1, since
k
p ·v = 0.
These equalities, together with the relations (0), …, (k − 1), prove
the claim.
b) Decompose Vu as a direct sum of u-indecomposable u-invariant
subspaces (see 4.9). By a), each such subspace has a basis in which the
k k
restriction of u has the matrix of the form J{ p }, with p elementary
divisor of u. Apply now Prop. 4.13. !
4.16 Corollary. Any matrix A ∈ Mn(K) is similar to a Jordan

canonical matrix. If the elementary divisors of A are p1k1 ,… , ptkt , then
A ≈ J, where J is the matrix at 4.15.b). !
How do we find the elementary divisors of an endomorphism u (of
a matrix A)? This amounts to finding its invariant factors. The next
theorem says: take the matrix XI − A and find its Smith normal form.
The non constant polynomials on the diagonal are then the invariant
factors of A.
4.17 Theorem. Let v = (v1,…, vn) be a basis in V such that

Mv(u) =: A = (aij) ∈ Mn(K). Then the invariant factors of u (of the ma-
trix A) are the polynomials of degree > 0 on the diagonal of the diago-
nally canonic matrix D ∈ Mn(K[X]), arithmetically equivalent to the
matrix
⎡ X − a11 − a12 … − a1n ⎤
⎢ −a X − a22 … − a2 n ⎥
XI − A = ⎢ 21
⎥ ∈ Mn(K[X]).
⎢ … ⎥
⎢ −a − an 2 … X − ann ⎥⎦
⎣ n1
Proof. Recall the proof of the invariant factors theorem (2.3): since
(v1, …, vn) generates K[X]Vu, take a K[X]-module E, free of basis e = (e1,
…, en) and the K[X]-homomorphism ϕ : E → Vu, ϕ(ei) = vi, 1 ≤ i ≤ n.
The homomorphism ϕ is surjective, Kerϕ =: F is a free submodule in
E and E/F ≅ Vu. Since Vu is torsion, rank F = n and there exist two
bases ε = (ε1, …, εn) in E and φ = (φ1, …, φn) in F, such that φi = diεi,
di ∈ K[X], d1|d2|…|dn. The invariant factors of Vu are the noninvert-
ible polynomials among d1, d2,…, dn. (see the proof of 2.3)
How do we find d1, d2,…, dn? For any basis f in F, there exists a
matrix B ∈ Mn(K[X]) such that f = Be. Then the diagonally canonical
matrix D ∈ Mn(K[X]), arithmetically equivalent to B, is exactly
D = diag (d1, d2,…, dn). Thus, we need such a matrix B. Let
fi =: Xei − (ai1e1 + ai2e2 + … + ainen) ∈ E, 1 ≤ i ≤ n.
If f = (f1, f2,…, fn), then these relations can be written f = (XI − A)e.
Lemma. f =: ( f1, f2,…, fn) is a basis in F = Ker ϕ.
Proof of the lemma. For any 1 ≤ i ≤ n,
u(vi) = ai1v1 + ai2v2 + … + ainvn
Thus,
ϕ(fi) = Xvi − (ai1v1 + ai2v2 + … + ainvn)
= u(vi) − (ai1v1 + ai2v2 + … + ainvn) = 0.
This shows that fi ∈ Kerϕ = F. Let us prove that f is a system of
generators for F. Note that:
Xei = fi + ai1e1 + ai2e2 + … + ainen, 1 ≤ i ≤ n. (*)
2
So, X ei = Xfi + ai1 Xe1 + ai2 Xe2 + … + ain Xen. Using (*), we obtain:
X ei = ∑j qj fj + ∑i rjej, for some qj ∈ K[X], rj ∈ K, 1 ≤ j ≤ n. By induc-
2
m
tion, one easily sees that, ∀m ∈ N*, X ei is expressed as:
X ei = ∑j qj fj + ∑i rjej, for some qj ∈ K[X], rj ∈ K, 1 ≤ j ≤ n. (**)
m
From (**) we deduce that, ∀g ∈ K[X], gei can be written in the

same form. So, if y = ∑i giei ∈ F, with gi ∈ K[X], 1 ≤ i ≤ n, then
y = ∑i giei = ∑i qi fi + r,
for some qj ∈ K[X], and r ∈ E is of the form ∑i ciei, with ci ∈ K. But
r = y − ∑i qi fi ∈ F, so ϕ(r) = ϕ(∑i ciei) = ∑i civi = 0. Since v is basis in
V, ci = 0, 1 ≤ i ≤ n, hence r = 0. Finally, we obtain y = ∑i qi fi.
Let us prove the linear independence. Suppose ∑i gi fi = 0, with
gi ∈ K[X], 1 ≤ i ≤ n. Using (*), it follows that
∑i gi Xei = ∑i gi { ∑j aij ej} = ∑j{ ∑i aijgi }ej. Since (e1, …, en) is a basis,
gi X = ∑j aji gj, 1 ≤ i ≤ n.
Let g1 be the polynomial of maximal degree among the gi (relabel if
necessary). So, deg gi ≤ deg g1, 1 ≤ i ≤ n.
If g1 ≠ 0, g1 X = ∑j aj1 gj implies
deg{∑j aj1 gj} ≤ max j(deg(aj1 gj)) ≤ max j(deg gj) < 1 + deg g1 = deg g1X,
contradiction. This shows that ( f1, f2,…, fn) is linearly independent.
We continue the proof of the theorem. The relations

fi = Xei − (ai1e1 + ai2e2 + … + ainen) show that f = (XI − A)e. If
XI − A ∼ D = diag(d1, d2,…, dn), with d1|d2|…|dn, then the invariant
factors of Vu (of the endomorphism u) are dk, dk + 1, …, dn, where
k = min{i | di noninvertible}. !
4.18 Definition. Let A ∈ Mn(K). The polynomial fA := det(XI − A)

∈ K[X] is called the characteristic polynomial of the matrix A. If u is
an endomorphism of the K-vector space V and A is the matrix of u (in
some basis), then the characteristic polynomial fu of u is by definition
fA. This definition is correct: Two similar matrices A and B have the
−1
same characteristic polynomial: if B = SAS , for some S ∈ GLn(K),
−1 −1
then: fB = det(XI − SAS ) = det(S·(XI − A)S ) =
−1
= det(S)·det(XI − A)·det(S ) = fA,
We used the fact that the matrix XI commutes with any matrix in
Mn(K[X]).
4.19 Remark. Let A = (aij) ∈ Mn(K) and let

n n−1 n−2 n
fA = det(XI − A) = X − c1 X + c2 X + … + ( − 1) cn,
with c1, …, cn ∈ K.
Writing the definition of det(XI − A) and arranging the terms by the
like powers of X, the coefficients c1, …, cn are:
c1 = a11 + a22 + … + ann =: Tr(A) (called the trace of A),
cn = det(A).
More generally, ck (1 ≤ k ≤ n) is the sum of the minors of order k of
A on the main diagonal (i.e., the minors obtained by selecting k rows
{i1, …, ik} and the columns with the same indices {i1, …, ik} of the
⎛n⎞
matrix A). There are ⎜ ⎟ such minors, one for each choice of a subset
⎝k ⎠
of k indices from {1, 2, …, n}.
The same terminology applies for an endomorphism u ∈ EndK(V),

dimV = n, whose matrix is A (in some basis of V). Its characteristic
polynomial is fu = fA, and the coefficients c1, …, cn are uniquely de-
fined by u, as above. c1 =: Tr(u) = Tr(A) is called the trace of u and
cn =: det(u) = det(A) is called the determinant of u.
4.20 Proposition. Let A, B ∈ Mn(K). Then A and B are similar

matrices if and only if XI − A and XI − B are arithmetically equivalent
matrices in Mn(K[X]).
−1
Proof. If A ≈ B, then there exists S ∈ GL(n, K) such that B = S AS.
−1
Then XI − B = S (XI − A)S, so XI − A ∼ XI − B, since obviously
S ∈ GL(n, K[X]).
Suppose now that XI − A ∼ XI − B and let D ∈ Mn(K[X]) be the
canonical matrix with D ∼ (XI − A) ∼ (XI − B). So, A and B have the
same invariant factors: the polynomials of degree > 0 on the diagonal
of D, according to 4.17. Thus, A and B have the same elementary divi-
sors. By 4.15, A and B are similar with the same Jordan canonical ma-
trix. !
Let n ∈ N*. The following results are about matrices in Mn(K), but
they can be translated in statements on endomorphisms of a K-vector
space of dimension n.
4.21 Proposition. The characteristic polynomial of a matrix A is

the product of the invariant factors of A (and it is equal to the product
of the elementary divisors of A).
Proof. The matrix XI − A is arithmetically equivalent to the matrix
in Smith normal form D = diag(1, …, 1, d1, …, dm) ∈ Mn(K[X]), where
d1, …, dm are the invariant factors of A. There exist S,
T ∈ U(Mn(K[X])) (i.e. detS, detT ∈ K*) such that XI − A = SDT. We
have
d1·…·dm = detD = det(S(XI − A)T) = detS·fA·detT
This means that the monic polynomials d1·…·dm and fA differ by the
factor detS·detT ∈ K*, which shows that they are equal. On the other
hand, it is clear that the product of the elementary divisors equals the
product of the invariant factors. !
4.22 Corollary. a) (The Cayley-Hamilton theorem) 10 Any matrix

A ∈ Mn(K) is a root of its characteristic polynomial: fA(A) = 0.
b) (The Frobenius theorem)11 The characteristic polynomial and the
minimal polynomial of a matrix A ∈ Mn(K) have the same irreducible
factors in K[X].
Proof. Let d1, …, dm ∈ K[X] be the invariant factors of A.
a) The minimal polynomial of A is dm (the invariant factor of high-
est degree). So, dm(A) = 0 and dm| fA, thus fA(A) = 0.
b) This is a consequence of d1·…·dm = fA and d1|…|dm. !
Given a matrix A, is the Jordan canonical matrix that is similar to A
uniquely determined? Of course, by reordering the elementary divi-
sors, diverse Jordan canonical matrices are obtained. The next
proposition shows that these are all the Jordan canonical matrices
similar to A.
4.23 Proposition. a) Let p ∈ K[X] be monic and irreducible and let

k
k ∈ N*. The Jordan cell J{ p } has only one elementary divisor, namely
k
p .
b) Let A be a Jordan canonical matrix whose diagonal is made up
( )
by the Jordan cells J piki , where pi ∈ K[X] are monic and irreduci-
ble, 1 ≤ i ≤ t. Then the elementary divisors of A are piki , 1 ≤ i ≤ t.
10
Arthur Cayley (1821-1895), Sir William Rowan Hamilton (1805-1865), British
mathematicians.
11
Ferdinand Georg Frobenius (1849-1917), German mathematician.
c) Let A, B ∈ Mn(K) be Jordan canonical matrices such that A ≈ B.

Then A and B have the same Jordan cells, perhaps in different order.
k
Proof. a) Let V := K[X]/{ p }. V is a K[X]-module (being a factor
module of K[X]) and a K-vector space of dimension k·deg p =: n. Let
u ∈ EndK(V), u(y) = X·y, ∀y ∈ V (the dot denotes the external
K[X]-module operation of V). The endomorphism u defines on V a
structure of a K[X]-module, Vu, as in definition 4.1. It is easy to see
that these two structures of K[X]-module coincide and that V = K[X]v,
k
where v := 1 + { p } ∈ V. So, V = Vu is an indecomposable
k
K[X]-module, and its only elementary divisor is o(v) = p . There exists
k k
a basis (as in 4.15) in which u has the matrix J{ p }. So J{ p } has the
k
same elementary divisors as Vu, namely only p .
b) There exists KV and u ∈ EndK(V), whose matrix is A (in some ba-
sis). Then V is written as a direct sum of u-invariant subspaces:
Vu = V1⊕…⊕Vt, Vi being the u-invariant subspace corresponding to
( )
the Jordan cell J piki . Let ui be the restriction of u to Vi, 1 ≤ i ≤ t. The
( )
matrix of ui is exactly J piki and the first part of the proof shows that
piki is the only elementary divisor of ui. The elementary divisors of u
are obtained writing down all the elementary divisors of the restric-
tions ui, 1 ≤ i ≤ t, namely piki , 1 ≤ i ≤ t.
c) If A ≈ B, then A and B have the same elementary divisors (4.11).
By b), A and B have the same Jordan cells. !
4.24 Definition. If A ∈ Mn(K) and J is a Jordan canonical matrix

such that J ≈ A, then J is called the Jordan canonical form of A. The
Jordan canonical form of A is uniquely determined up to an order of
the Jordan cells on the diagonal.
The classical notions of eigenvector and eigenvalue of an
endomorphism are closely connected to its invariant subspaces of
dimension one.
4.25 Definition. If u ∈ EndK(V), an element λ ∈ K is called an

eigenvalue of u if there exists a vector v ∈ V, v ≠ 0, such that
u(v) = λv.
Each such vector v is called an eigenvector of u for the eigenvalue
λ.
4.26 Proposition. Let v ∈ V, u ∈ EndK(V) and λ ∈ K. The following

statements are equivalent:
a) v is an eigenvector of u for the eigenvalue λ.
b) Considering v ∈ K[X]Vu, o(v) = X − λ ∈ K[X].
c) dimK (K[X]v) = 1 (the submodule of Vu generated by v has
K-dimension 1).
Proof. a)⇒b) We have u(v) = λv. In K[X]-module language for Vu,
this means X·v = λv, thus (X − λ)·v = 0. So, o(v)| X − λ, which is
irreducible, hence o(v) = X − λ. (o(v) = 1 is impossible, since it implies
v = 0).
b)⇒a) o(v) = X − λ implies u(v) = λv.
b)⇔c) This follows from dimK K[X]v = deg o(v). !
4.27 Proposition. λ ∈ K is an eigenvalue of u if and only if λ is a

root of fu, the characteristic polynomial of u.
Proof. Suppose v ∈ V is an eigenvector of u for the eigenvalue λ.
Then o(v) = X − λ; since the minimal polynomial of u, µu, is in
AnnK[X](v) = (X − λ), we have X − λ|µu. Also µu | fu, so X − λ| fu, which
means that λ is a root of fu. Conversely, if fu(λ) = 0, then X − λ| fu. Be-
cause fu and µu have the same irreducible factors, X − λ|µu, so
µu = (X − λ)g for some g ∈ K[X]. By 4.9, there exists v ∈ V such that
o(v) = µu. Then o(g·v) = X − λ, i.e. g·v ∈ V is an eigenvector for the
eigenvalueλ. !
The reader is invited to give an alternate proof, using facts from the
theory of systems linear equations.
Note that if fu has no roots in K, then u has no eigenvalues and no

eigenvectors.
We describe now the Jordan cells in the important cases K = C and
K = R.
If K is an algebraically closed field (in particular, K = C), then the
irreducible monic polynomials in K[X] are of the form X − a, a ∈ K .
k
Thus the Jordan cell J{(X − a) } is:
a 1 0 … 0 0
0 a 1 … 0 0
k * *
J{(X − a) } = ∈ Mk(K)
* * .
0 0 0 … a 1
0 0 0 … 0 a
If K = R, the monic irreducible polynomials in R[X] are X − a,
k 2
a ∈ R (and the Jordan cell J{(X − a) } is the one above), or X − bX − c,
2
with b, c ∈ R and b + 4c < 0, in which case the Jordan cell
2 k
J{(X − bX − c) } is:
⎡0 1 0 0 ⎤
⎢c b 1 0 0 ⎥
⎢ ⎥
⎢ 0 1 0 0 ⎥
⎢ c b 1 0 ⎥
⎢ ⎥
2 k ⎢ * * * * ⎥
J{(X − bX − c) } = ⎢ ⎥ ∈ M2k(R).
⎢ * * * * ⎥
⎢ 0 1 0 0⎥
⎢ ⎥
⎢ c b 1 0⎥
⎢ 0 0 1⎥
⎢ ⎥
⎣ c b⎦
Exercises
In the exercises, K is a field, V is a finite dimensional K-vector

space and u is an endomorphism of KV.
1. Prove that the eigenvectors corresponding to distinct eigenvalues of
u are linearly independent.
2. Give an example of three matrices in M3(Q) whose only eigenvalue
is 2 and any two matrices are not similar. Can you exhibit four such
matrices? Generalization.
3. Determine the endomorphisms u ∈ EndK(V) whose minimal
polynomials are of degree 1.
4. Give an example of two matrices having the same minimal polyno-
mial and the same characteristic polynomial, but are not similar.
5. Let A ∈ Mn(K) such that the characteristic polynomial of A splits in
factors of degree 1 in K[X] (one says that A has all its eigenvalues in
K). Then A is similar to an upper triangular matrix T = (tij) ∈ Mn(K)
(tij = 0 if i > j). In this case, A is called trigonable. Is the converse true?
6. Let A ∈ Mn(K) and let p ∈ K[X]. If A has all its eigenvalues
λ1, …, λn in K, then p(A) has the eigenvalues p(λ1), …, p(λn). (Ind. Let
A ≈ T, with T upper triangular. The diagonal of T is λ1, …, λn. Com-
pute p(T).)
7. Compute the characteristic polynomial and the minimal polynomial
of the following matrices:
⎡ 1 0 1 − 2⎤ ⎡1 0 1 0⎤
⎢ ⎥ ⎡ − 7 3 3⎤ ⎢
0 1 0 0 0 1 0 1⎥
⎢ ⎥, ⎢ − 21 9 7⎥, ⎢ ⎥
⎢ 1 −1 0 0⎥ ⎢ ⎥ ⎢0 1 1 0⎥
⎢ ⎢
⎣ − 6 2 4 ⎥⎦ ⎢
⎣ 0 0 0 2 ⎥⎦ ⎣0 0 0 1⎥⎦
t
8. Let A ∈ Mn(K). Then A is similar to A. Moreover, there exists
t −1
U ∈ GL(n, K), symmetric, such that A = U AU.
9. Let R be a commutative ring with identity and let n ∈ N*. General-

ize the relevant notions and prove the Cayley-Hamilton theorem: if E
is a free R-module of rank n and u ∈ EndR(E), then u is a root of the
characteristic polynomial: fu(u) = 0. (Hint: let A the matrix of u in a ba-
sis (e1, …, en) and XI − A = B = (bij) ∈ Mn(R[X]); fu = det B. In the
R[X]-module Eu the relations ∑j bijej = 0 hold, ∀i. Let Bik ∈ R[X] be
the algebraic complement of bik in the matrix B. For any fixed k,
multiply relation i with Bik and sum after i to obtain
fu(X)·ek = 0 = fu(u)(ek).)
10. Let R be a commutative ring with identity and let A ∈ U(Mn(R)) be
an invertible matrix. Then A is a R-linear combination of I, A, …,
n−1
A . (Hint. Use the Cayley-Hamilton theorem.)
11. Let u ∈ EndK(V). Then V has no u-invariant proper subspaces ⇔
the K[X]-module Vu is simple ⇔ the characteristic polynomial of u is
irreducible in K[X].
12. Let u ∈ EndK(V) be an endomorphism having the eigenvalue 0.
Then V = U ⊕ W, with U, W u-invariant subspaces and dim U = 1.
13. Let u ∈ EndK(V) be a nilpotent endomorphism (∃r ≥ 1 such that
r k
u = 0). Then Tr u = 0, ∀k ≥ 1. Conversely, if char K = 0 and
k
Tr u = 0, ∀k ≥ 1, then u is nilpotent. (Ind. Let f be the characteristic
polynomial of u; in the relation f(u) = 0 apply Tr and deduce that 0 is
an eigenvalue of u. So, u has an invariant subspace of dimension
dim V − 1.)
14. Let V = U ⊕ W (direct sum of subspaces). Then any v ∈ V can be
uniquely written as v = u + w, with u ∈ U, w ∈ W. Define π,
ρ : V → V by: ∀u ∈ U, ∀w ∈ W, π(u + w) = u (π is called the projec-
tion on U along W) and ρ(u + w) = u − w, (ρ is called the symmetry
with respect to U along W). Show that π and ρ are K-endomorphisms
of V and find their minimal polynomials.
IV. Field extensions
This chapter contains the basic concepts and results from the theory
of field extensions. Standard facts about rings and vector spaces are a
prerequisite: polynomial rings, factor rings, ring isomorphism theo-
rems, bases and dimension in vector spaces, prime and maximal ide-
als. Knowledge of polynomial ring arithmetic is recommended (as
provided in the chapter “Arithmetic in integral domains”). Some
elementary properties of cardinals and Zorn's Lemma are used in the
proof of existence of the algebraic closure of a field. Most of these
facts can be found in the Appendices; a more detailed treatment is
found in most Abstract (Modern) Algebra introductory texts.
IV.1. Algebraic extensions
Recall that a field is a commutative ring (K, + , ·) with identity 1

(with 1 ≠ 0), with the property that every nonzero element is invertible
with respect to multiplication. Any field has at least two elements: 0
and 1. A field K has no zero divisors (in other words, K is a domain):
for any x, y ∈ K, x ≠ 0 and y ≠ 0 implies xy ≠ 0.
169
170 IV. Field extensions
All rings and all ring homomorphisms considered are supposed to

be unitary. Thus, if K, L are rings (with identity), the map σ : K → L is
a homomorphism if and only if, ∀x, y ∈ K:
σ(x + y) = σ(x) + σ(y)
σ(xy) = σ(x)σ(y)
σ(1) = 1.
The objects we study are field extensions: if L is a field and K is a
subfield in L, we also say that “L is an extension of K”.
Recall that the nonempty set K of the field L is a subfield in L if it
is closed under addition and multiplication and becomes a field with
the induced operations. A widely used characterization is:
K is a subfield of L if and only if for any x, y ∈ K with y ≠ 0, we
−1
have x − y and xy ∈ K.
The subfield K of L is called proper if K ≠ L.
This notion of field extension is too restrictive. For instance, it is
natural to consider that C is an extension of R. But C is usually con-
structed as the set of all couples (a, b) with a, b ∈ R, endowed with an
addition and a multiplication that make it a field. In this setting, R is
not a subset of C, but R can be identified with the set of the couples
(a, 0), a ∈ R. In fact, the rigorous interpretation is the following: one
defines the field homomorphism ϕ : R → C, ϕ(a) = (a, 0) and then
identifies R with its image ϕ(R), which is a subfield of C.
More generally, if σ : K → L is a field homomorphism, then σ is
−1
injective. Indeed, ∀x ∈ K, x ≠ 0 implies ∃x ∈ K, so
−1 −1
σ(x)σ(x ) = σ(xx ) = σ(1) = 1, so σ(x) is nonzero and thus Kerσ is
{0}. The homomorphism σ : K → L being injective, we may identify
the field K with its image σ(K), which is a subfield in L. It is thus
natural to consider the following definition:
1.1 Definition. a) Let K, L be fields. If σ : K → L is a field homo-

morphism, we call the triple (K, L, σ) a field extension of K. We ex-
IV.1. Algebraic extensions 171
press this by writing “K ⊆ L is a field extension”, “L/K is a field

extension” or “L is an extension of K”. For any element a ∈ K, we
identify σ(a) ∈ L with a ∈ K. For example, if a ∈ K and x ∈ L, we
write a·x instead of σ(a)·x. This identification allows to consider K as
a subfield of L. The extension K ⊆ L is called proper if the inclusion is
strict (i.e. σ(K) ⊂ L). In this context, we call an intermediate field (or
subextension) of the extension K ⊆ L any subfield E of L that includes
K. The intermediate field E is called proper if E ≠ K and E ≠ L.
Note that L is an extension of K if and only if L is a field also struc-
tured as a K-algebra (the structural homomorphism is precisely σ).
b) If K ⊆ L and K ⊆ E are extensions of K, a mapping ϕ : L → E is
called a K-homomorphism if ϕ is a ring homomorphism and ϕ|K = idK
(the identity function of K).
If one considers the general definition above, i.e. there exist field
homomorphisms σ : K → L, τ : K → E, we call ϕ : L → E a
K-homomorphism if ϕ is a field homomorphism with ϕ ◦σ = τ (in
other words, ϕ is a K-algebra homomorphism). Let HomK(L, E) denote
the set of all K-homomorphism from L to E.
1.2 Examples. a) The real numbers field R is an extension of Q,

the field of rational numbers.
b) The field C of complex numbers is an extension of R.
{
c) The set , [ 2 ] = a + b 2 ∈ - }
a, b ∈ , is a field, and it is an
extension of Q.
d) If K is a field, then K(X), the field of rational fractions with
coefficients in K (K(X) is the quotient field of the polynomial ring
K[X]) is an extension of K.
e) If n is a natural number, the ring Zn of the integers modulo n is a
field if and only if n is a prime. For any prime p, let Fp denote the field
of integers modulo p. We shall construct an extension of F2 at 1.24.
f) A method to construct subfields, very important in Galois the-

ory39, is the following: let K be a field and let H be a set of field
endomorphisms of K (homomorphisms defined on K with values in
H
K). The set K := {x ∈ K|σ(x) = x, ∀σ ∈ H} is a subfield of K (called
H
the fixed subfield of H). Indeed, if x, y ∈ K and σ ∈ End(K) then
H −1 H
σ(x − y) = σ(x) − σ(y) = x − y, so x − y ∈ K . Likewise, xy ∈ K if
y ≠ 0.
A basic tool is the concept of degree of an extension.
1.3 Definition. If K ⊆ L is an extension, then L is canonically a

K-vector space: the multiplication of a “scalar” in K with a “vector” in
L is their multiplication in L. The dimension of L as a K-vector space
is called the degree 40 of the extension K ⊆ L and is denoted by [L : K]
or (L : K). An extension is called finite if its degree is finite. In exam-
ple b) above, {1, i} is a basis of C over R, so [C : R] = 2. What are the
degrees of the other extensions?
1.4 Definition. The fields that have no proper subfields are called
prime fields.
We determine now all prime fields.
Recall the notion of characteristic of a ring R with identity. Let 1
be the identity element of R and let n ∈ N; n ·1 denotes the multiple
1 + … + 1 (n terms); the characteristic of R, denoted char R, is defined
as follows:
- if, for any n ∈ N*, n ·1 ≠ 0, then char R = 0;
39
Evariste Galois (1811-1832), French mathematician.
40
One can define the degree of an extension of skew fields (division rings): if L
is a skew field and K is a subfield (skew) of L, then L is naturally a K-vector space
and one defines the degree [L : K] as dimKL.
- if there exists n ∈ N* such that n ·1 = 0, then char R is the smallest

n ∈ N* such that n ·1 = 0.
1.5 Remark. The characteristic of R can be defined also as follows:

there exists a unique ring homomorphism ϕ : Z → R (prove!). Then
char R is the natural generator of the ideal Kerϕ. The proof of the
equivalence of these definitions is left to the reader.
For example, char Z = char Q = 0; char F2 = 2; if R is a unitary
subring of S, then char R = char S.
1.6 Proposition. Let R be a domain. Then the characteristic of R is

0 or a prime. In particular, the characteristic of a field is 0 or a prime.
Proof. Suppose n = char R ≠ 0. If, by contradiction, n = ab, with a,
b ∈ N*, a < n, b < n, then 0 = n ·1 = (a·1)·(b·1). But R has no zero divi-
sors, so a·1 = 0 or b·1 = 0, contradicting the minimality of n. !
A related notion is the characteristic exponent of a field: the
characteristic exponent of the field K is 1 if char K = 0 and is p if
char K = p > 0.
1.7 Proposition. Let K be a prime field. If char K = 0, then there

exists a unique isomorphism K ≅ Q. If char K = p > 0, then there exists
a unique isomorphism K ≅ Fp.
Proof. Define the ring homomorphism ϕ : Z → K, ϕ(n) = n·1, ∀n ∈
Z, where 1 is the identity of K.
Suppose char K = 0. Since for any n ∈ Z, n·1 ≠ 0, n·1 is invertible
in K. Define the homomorphism ψ : Q → K that extends ϕ,
−1
ψ(a/b) = ϕ(a)ϕ(b) , ∀a, b ∈ Z, b ≠ 0. Since ψ(Q) is a subfield in K,
we have ψ(Q) = K, so ψ is an isomorphism.
If char K = p, Kerϕ = pZ; applying the isomorphism theorem,
Z/pZ = Fp ≅ Imϕ, which is a subfield in K. Since K has no proper sub-
fields, Imϕ = K.
The reader is invited to prove the uniqueness part. !
1.8 Lemma. The intersection of any family of subfields of a field is

a subfield.
Proof. Use the characterization: K is a subfield of L if and only if
−1
for any x, y ∈ K with y ≠ 0, we have x − y and xy ∈ K. If (Li)i∈I is a
family of subfields of the field L and x, y ∈ ∩Li, then x, y ∈ Li, ∀i ∈ I,
so x − y ∈ Li, ∀i ∈ I, i.e. x − y ∈ ∩Li. The same argument works for
−1
xy if y ≠ 0. !
1.9 Theorem. Any field K contains a unique prime subfield. In par-

ticular:
- if char K = 0, then K is an extension of Q;
- if char K = p > 0, then K is an extension of Fp.
Proof. The intersection of all subfields of K is a subfield P, which
cannot have proper subfields (any subfield F of P would be a subfield
in K, so F includes P, absurd!). If Q is a prime subfield of K, then
P ∩ Q is a subfield both in P and in Q, so it is equal to both of them;
this shows that P is the unique prime subfield in K. The rest of the
statement follows from the list of prime subfields. !
1.10 Application. Finite fields. If F is a field with a finite number

of elements, then char F cannot be 0 (otherwise F is an extension of
Q, which is infinite!), so char F = p > 0 (for some prime p) and F is an
extension of the field Fp. If n is the degree [F : Fp], n is finite and F is
n
isomorphic (as an Fp-vector space) to (Fp) . Thus, the cardinal of a fi-
n
nite field is p , for some prime p and some n ∈ N*. This means there
do not exist fields with 10 elements, for instance.
The following definition describes a basic construction in field
extensions.
1.11 Definition. Let K ⊆ L be a field extension and let S be a sub-

set of L. The intersection of all subfields of L that include K ∪ S is a
subfield of L, called the field generated by K and S, and denoted by
K(S). One also says that K(S) is obtained by adjoining to K the ele-
ments in S.
We denote by K[S] the subring of L generated by K ∪ S (the
intersection of all subring of L that include K ∪ S).41
It is easy to see that K(S) (respectively K[S]) is the smallest subfield
(respectively subring) of L that includes K ∪ S. Obviously, the ring
K[S] is a domain (it is a subring of the field L) and K[S] ⊆ K(S). The
field of fractions of the domain K[S] is canonically isomorphic to K(S)
(see the universality property of the field of fractions).
If S = {x1,…, xn}, then K(S) is denoted by K(x1,…, xn) and K[S] by
K[x1,…, xn]. An extension K ⊆ L with the property there exists a finite
subset S of L such that L = K(S) is called a finitely generated exten-
sion. Do not confuse with the concept of finite extension (which means
that its degree is finite)!
If there exists α ∈ L such that L = K(α), the extension K ⊆ L is
called a simple extension, and α is called a primitive element. A primi-
tive element need not be unique: for instance, K(α) = K(α + 1).
1.12 Definition. Let K ⊆ L be a field extension and let E, F be

extensions of K, included in L. The composite of the fields E and F
(denoted by EF) is the subfield of L generated by E and F:
EF = K(E∪F) = E(F) = F(E). In general, for a family (Ei)i∈I of exten-
sions of K, included in L, the composite of the fields (Ei)i∈I is the sub-
field of L generated by ∪i∈I Ei, K(∪i∈I Ei).
41
This notation is used also for ring extensions: if R is a subring of the ring A,
and S is a subset of A, R[S] is the subring generated by R ∪ S in A (R[S] coincides
with the R-subalgebra of A generated by S).
1.13 Remark. The set IF(L/K) of all intermediate fields of a given

extension L/K is ordered by inclusion and IF(L/K) is a (complete) lat-
tice 42: for any E, F ∈ IF(L/K), sup{E, F} = EF, inf{E, F} = E ∩ F.
1.14 Theorem. Let L/K be an extension and let S, S1, S2 be subsets

of L. Then:
a) K[S] is the set of all polynomial expression in the elements of S,
with coefficients in K, namely:
K[S] =
⎪⎧ ⎪⎫
⎨ ∑ ai … i x1 … xn n ∈ '* , x1 ,… , xn ∈ S , ai … i ∈ K , ∀ ( i1 , … , in ) ∈ ' n ⎬
' i i 1 n
⎩⎪( i ,…,i )∈' ⎭⎪

1 n 1 n
n
1 n
where ∑ means the sums are finite, i.e. the

'
set
{(i1,…, in ) ∈N n ai1…in ≠ 0} is finite.
−1
b) K(S) = {αβ |α, β ∈ K[S], β ≠ 0}.
c) K[S1∪ S2] = K[S1][S2] = K[S2][S1] and K(S1∪ S2) = K(S1)(S2) =
K(S2)(S1).
d) K(S) = ∪{ K(T) | T ⊆ S, T finite}.
Proof. a) Let T be the set of all polynomial expression in the ele-
ments of S, with coefficients in K. One checks directly that T is a
subring of L, that includes K and S. (Alternatively, T is the image in L
via the evaluation homomorphism of polynomial ring in S indetermi-
nates). On the other hand, any subring of L that includes K and S must
also include T. Thus, T is the smallest subring of L that includes K and
S.
42
An ordered set (S, ≤) is called a lattice (resp. a complete lattice) if any subset
with two elements (resp. any subset) of S has a least upper bound and a greatest
lower bound in L.
b) Since K[S] ⊆ K(S) and K(S) is a field, any element of the form
αβ −1, with α, β ∈ K[S], β ≠ 0, is in K(S). But the set of all these ele-
ments is a subfield in L (standard check).
c), d) Exercise. !
In the particular case S = {x1, …, xn}, with x1, …, xn ∈ L, :
K[x1, …, xn] = { f ( x1 ,… xn ) f ∈ K [ X 1 ,… , X n ]}
⎧ f ( x1 ,… xn ) ⎫
K(x1, …, xn) = ⎨ f , g ∈ K [ X 1 ,… , X n ], g ( x1 ,… xn ) ≠ 0⎬ .
⎩ g ( x1 ,… xn ) ⎭
If S = {a} ∈ L:
K[a] = {f (a) | f ∈ K[X]} and K(a) = {f (a)/g(a) | f, g ∈ K[X], g(a) ≠ 0}.
Thus, K[a] = Im eva, where eva : K[X] → L is the unique K-algebra
homomorphism with the property that eva(X) = a; eva is called the
“homomorphism of evaluation in a”. If f ∈ K[X], f = b0 + b1 X + … +
n n
bn X , then eva( f ) = b0 + b1a + … + bna ∈ L. The usual notation for
eva( f ) is f (a), called the “value of f in a”. If f (a) = 0, we say „a is a
root of f”.
The following notion is central in all the theory we describe.
1.15 Definition. Let K ⊆ L be a field extension and let x ∈ L. We

say that is algebraic over K if there exists a nonzero polynomial f ∈
K[X] such that f (x) = 0.
In other words, x is algebraic over K if and only if the evaluation
homomorphism evx : K[X] → L is not injective.
If the element x is not algebraic over K (i.e. evx is injective), x is
called transcendental over K. Thus, x is transcendental over K if and
only if evx induces a K-isomorphism between the polynomial ring K[X]
and the subring K[x] generated by K and x in L.
1.16 Examples. a) In the extension Q ⊆ R, the element 2 is alge-

2
braic over Q, as a root of X − 2 ∈ Q[X].
b) Any element of K is algebraic over K.

c) Let K(X) be the field of rational fractions in the indeterminate X
with coefficients in the field K. The element X in the extension
K ⊆ K(X) is transcendental over K. Indeed, the evaluation
homomorphism evX : K[X] → K(X) is the canonical inclusion, and is
injective.
However, X is obviously algebraic over K(X). This underscores the
importance of identifying the field over which the element is alge-
braic.
d) A complex number that is algebraic (respectively transcenden-
tal) over Q is called by tradition algebraic number (respectively
transcendental number), without any reference to Q.
e) The real numbers e (the sum of the series ∑n≥0 (n!)−1 ) and π (the
length of a circle of diameter 1) are transcendent (over Q). These facts
were proven by Hermite in 1873 and Lindemann in 1882.
With the notations above, x is algebraic over K if and only if
Ker evx ≠ {0}. The generator of the ideal Ker evx (K[X] is a PID!) is a
nonzero polynomial, which is fundamental in describing the extension
K ⊆ K(x).
1.17 Theorem. Let K ⊆ L be a field extension and let x ∈ L, alge-

braic over K. Let f be a monic polynomial with coefficients in K. The
a) f (x) = 0 and deg f is minimal among the nonzero polynomials
that vanish in x:
deg f= min{deg g | g ∈ K[X], g(x) = 0, g ≠ 0}.
b) f (x) = 0 and f is irreducible.
c) f is a generator of the ideal Ker evx = {g ∈ K[X] | g(x) = 0}.
d) f (x) = 0 and, for any g ∈ K[X], g(x) = 0 implies f |g.
Proof. a)⇒b) If f were reducible, then f = gh, for some g, h ∈ K[X],
with 1≤ deg h, deg g < deg f. Since g(x)h(x) = f (x) = 0, x is a root of g
or of h, whose degrees are less than deg f, contradicting the hypothe-

sis.
b)⇒c) Clearly, ( f ) ⊆ Ker evx. In the PID K[X], the ideal generated
by f is maximal, because f is irreducible. So, Ker evx = { f } or
Ker evx = K[X]. But obviously 1 ∉ Ker evx (⇔ Ker evx ≠ K[X]), so
{ f } = Ker evx.
c)⇔d) is evident.
d)⇒a) Let g ∈ K[X] with g(x) = 0, g ≠ 0. By the hypothesis, f |g, so
deg f ≤ deg g.
1.18 Definition. Let L/K be a field extension and let x ∈ L be alge-

braic over K. We call minimal polynomial of x over K the monic
polynomial in K[X] that satisfies one of the equivalent properties in
the previous proposition. The minimal polynomial of x over K is de-
noted by Irr(x, K) or min(x, K).
4 4
1.19 Examples. a) Irr( 4 2 , Q) = X – 2 since X – 2 ∈ Q[X] is
monic, 4 2 is a root and it is irreducible in Q[X] (by Eisenstein's crite-
rion).
b) Irr( 4 2 , R) = X − 4 2 . More generally, for any field K and any
a ∈ K, Irr(a, K) = X − a.
2 2
c) Irr( 4 2 , Q( 2 )) = X − 2 . The fact X − 2 that has minimum
degree among the polynomials with coefficients in Q( 2 ) that vanish
in 4 2 is equivalent to 4 2 ∉ Q( 2 ). (prove this, using the form of the
elements in Q( 2 )).
1.20 Theorem (characterization of algebraic elements in an exten-

sion). Let K ⊆ L be a field extension and let x ∈ L. The following
a) x is algebraic over K.
b) K[x] is a field.
c) K[x] = K(x).
d) The extension K ⊆ K(x) is finite.

Besides, if x is algebraic over K, then the degree of the extension
K ⊆ K(x) is the degree of the minimal polynomial Irr(x, K)):
[K(x) : K] = deg Irr(x, K)
n−1
If n = deg f, a K-basis of the extension K(x) is {1, x, …, x }.
Proof. a)⇒b) Let f = Irr(x,K) ∈ K[X] and let evx : K[X] → L be the
evaluation homomorphism in x. The ideal Ker evx of K[X] is generated
by f. The isomorphism theorem implies K[X]/{ f } ≅ Im vx = K[x]. Since
f is irreducible in K[X], the ideal { f } is maximal and K[X]/{ f } is a
field. Then K[x], isomorphic to K[X]/{ f }, is also a field.
It is evident the b)⇔c).
−1
c)⇒a) If x = 0, then all is evident. Suppose x ≠ 0 and let x = a0 +
n
a1x + … + anx ∈ K[x] be the inverse of x. Multiplying by x, we get
2 n+1
a0x + a1x + … + anx − 1 = 0, so x is a root of a nonzero polyno-
mial with coefficients in K.
i
d)⇒a) The infinite family {x | i ∈ N} of elements of the finite di-
mensional K-vector space K(x) is linearly dependent. So, there exists a
n
linear dependence relation, a0·1 + a1x + … + anx = 0, for some n ∈ N
and a0, a1, …, an ∈ K, not all zero. This shows that x is algebraic over
K.
a)⇒d) At a)⇒b) we saw that we have a K-isomorphism of fields
K[X]/{ f } ≅ K(x). Evidently, this is also a isomorphism of K-vector
spaces. Let n = deg f. In the K-vector space K[X]/{ f }, the classes of 1,
n−1
X, ..., X form a basis. If
n −1
a0{1 + { f }} + a1{ X + { f }} + … + an − 1{ X + { f }} = 0 + { f },
n −1
where a0, a1, …, an − 1 ∈ K, then g = a0 + a1X + … + an − 1X ∈ { f },
so f |g. Since deg f = n, we have g = 0, i.e. a0, a1, …, an − 1 are 0. On
the other hand, the division with remainder theorem shows that any
class modulo f of a polynomial h ∈ K[X] has a un representative of
degree less than n. This means that h + { f } is a linear combination
n −1
with coefficients in K of the classes of 1, X, ..., X .
So, dimK K(x) = dimK K[X]/{ f } = n.

The isomorphism K[X]/{ f } ≅ K(x) takes the basis 1 + { f }, X + { f },
n −1 n−1
…, X + { f } in the basis 1, x, …, x . !
1.21 Remark. Keep the conventions above. The proof of a)⇒b)
above uses essentially the fact that if f is irreducible in K[X], then
K[X]/{ f } is a field. This result can be proven in a more “elementary”
way, as follows. We must show that any nonzero element in K[X]/{ f }
has a multiplicative inverse. Take g ∈ K[X], g + { f } ≠ 0 + { f }. This
implies f - g, so GCD( f, g) = 1. By the extended Euclid algorithm,
there exist (and can be effectively computed) u, v ∈ K[X] such that
uf + vg = 1. Taking classes modulo ( f ), this relation shows that
v + { f } is the inverse of g + { f } in K[X]/{ f }.
This also suggests a way to compute the inverse of an arbitrary ele-
n−1
ment in K[x] expressed in the basis {1, x, …, x }: for any element
n −1
y = a0 + a1 X + … + an − 1 X =: g(x), where g ∈ K[X], g ≠ 0,
−1
deg g < n, then y is v(x), where v, u ∈ K[X] are such that uf + vg = 1.
Let us find, in the extension Q ⊆ Q (3 2 ) , the inverse of
3
y = 1 + 3 2 + 3 4 . Let x = 3 2 . We have Irr(x, K) = f = X − 2 and
2
y = g( 3 2 ), where g = 1 + X + X . Using the extended Euclid algo-
3 2
rithm for X −2 and 1+X+X , we find that
3 2
1 = ( − 1)(X − 2) + (X − 1)(1 + X + X ). Evaluating in 2 , we obtain
3
1 = ( 3 2 − 1)(1 + 3 2 + 3 4 ).
1.22 Definition. Let K be a field and let x be algebraic over K. The

degree of the extension K ⊆ K[x] (equal to deg Irr(x, K)) is called the
degree of x over K.
The factor ring K[X]/{ f } appears also in the following proof.
1.23 Proposition. Let K be a field and let f ∈ K[X], deg f ≥ 1. Then

there exists an extension of K in which f has a root 43.
Proof. In the UFD K[X], the polynomial f is a product of irreduci-
ble polynomials. Any root of a factor of f is also a root of f. Replacing,
if needed, f with one of its irreducible factors, it is sufficient to prove
the claim for the case when f is irreducible.
Consider the factor ring K[X]/{ f } =: L, which is a field, since f is
irreducible. Moreover, L is an extension of K, because the canonical
mapping ϕ : K → K[X]/{ f }, ϕ(a) = a + { f }, ∀a ∈ K, is a field homo-
morphism. In L, α = X + { f } is a root of f. Indeed, suppose that
n
f = a0 + a1X + … + anX
n
Then f (α) = a0{1 + { f }} + a1{X + { f }} + … + an {X + { f }} = {a0 + a1X
n
+ … + anX } + { f } = f + { f } = 0 + { f }. !
1.24 Examples. The importance of this result is not just theoretical.

Concrete fields can be constructed following the procedure in the
proof. Here are two examples.
2
a) Let f = X + 1 ∈ R[X]. The polynomial f is irreducible in R[X]: it
2
has degree 2 and has no roots in R. So, R[X]/(X + 1) is a field, exten-
sion of R. Let g be the class of the polynomial g ∈ R[X] modulo
2 2
(X + 1). The class of X modulo (X + 1), denoted by i, is a root of f.
Any element of this field is written uniquely as the class of a polyno-
2
mial of degree at most 1 modulo (X + 1), i.e. is of the form
a + bX = a + b ⋅ X = a + b ⋅ i , where a, b ∈ R. Identifying the real
43
This result, whose proof is simple for a modern mathematician, was known
intuitively for a long time and often tacitly accepted in 17th to 19th centuries’
mathematical arguments (of course, only polynomials with numerical coefficients
were considered). Around 1629, Albert Girard, states –without proof– that an
equation of degree n has n roots, that can be complex numbers or “other similar
numbers”. In 1792, Pierre Simon de Laplace gives an elegant proof of the
“Fundamental Theorem of Algebra” – any nonconstant polynomial with complex
coefficients has a complex root – admiting though that the roots exist “somewhere”.
number a with its class a , we can uniquely write a generic element of

2
R[X]/(X + 1) in the form a + bi, with a, b ∈ R.
2
In this field we have i = −1. Thus, the multiplication of two ele-
ments is given by:
(a + bi)·(c + di) = (ac − bd) + (ad + bc)i, ∀a, b, c, d ∈ R
This field is isomorphic to the complex number field C. In fact, this
construction can be taken as a definition of C.
n
b) Construction of a field with p elements. Let p be a prime num-
ber and let n ∈ N*. If f ∈ Fp[X] is an irreducible polynomial of degree
n
n, then Fp[X]/{ f } is a field with p elements.
2
For instance, the polynomial f = X + X + 1 is irreducible in F2[X]
(it has degree 2 and has no roots in F2). So, K := F2[X]/{ f } is a field
with 4 elements. If α denotes the class of X modulo f, any element in
K is written uniquely as a + bα, with a, b ∈ F2 (we identify any a ∈ F2
with its image a + { f } in F2[X]/{ f }). Since α is a root of f, we have
2
α = α + 1. Thus, the addition and multiplication rules in K are given
by the following rules:
(a + bα) + (c + dα) = (a + c) + (b + d)α,
2
(a + bα)·(c + dα) = ac + (ad + bc)α + bdα =
ac + (ad + bc)α + bd(α + 1) = (ac + bd) + (ad + bc + bd)α,
for any a, b ∈ F2.
n
Conversely, if L is a field with p elements and α ∈ L is a genera-
tor of (L*, ·) (see 3.4), then Irr(α, Fp) is an irreducible polynomial of
degree n in Fp[X].
1.25 Corollary. Let K be a field and let f ∈ K[X], deg f = n ≥ 1.

Then there exists an extension L of K such that f is written as a prod-
uct of polynomials of degree 1 in L[X] (one also says “f splits over L”
or “f has n roots in L”).
Proof. Induction by the degree of f. If deg f = 1, take L = K. Sup-
pose that, for any field F and any g ∈ F[X] with deg g < n, there exists
an extension of F in which g splits. Let f ∈ K[X], deg f = n. There ex-
ists an extension E of K in which f has a root a. So X − a divides f in

E[X], hence f = (X − a)g, for some g ∈ E[X]. Apply now the induction
hypothesis for the field E and g ∈ L[X] to obtain an extension field L
of E in which g splits. Obviously, f splits also in L. !
For a given f ∈ K[X], the “minimal” extension of K over which f
splits is called the splitting field of f over K. We will study this con-
cept in IV.2.14.
We saw that “x is algebraic over K” is equivalent to “K(x) is a finite
dimensional K-vector space”. This translates the property of an ele-
ment of being algebraic into a Linear Algebra property, concerning the
dimension of a vector space. The following theorem and its conse-
quences illustrate the strength of this translation.
1.26 Theorem (The transitivity of finite extensions) a) Let K ⊆ L

and L ⊆ M be a tower of finite field extensions. Then K ⊆ M is a finite
extension and the degree is “multiplicative”:
[M : K] = [M : L] [L : K]
Moreover, if {x1, …, xm} is a K-basis of L and {y1, …, yn} is a
L-basis of M, then {x1 y1, …, x1yn, …, xm y1,…, xmyn } is a K-basis of
M.
b) If K ⊆ M is a finite extension of fields and L is an intermediate
field, then K ⊆ L and L ⊆ M are finite extensions.
Proof. a) It is sufficient to prove the claim on bases. Let us show
that {xiyj | 1≤ i ≤ m, 1 ≤ j ≤ n} generates the K-vector space L. If
z ∈ M, because {y1, …, yn} is an L-basis, there exists b1, …, bn ∈ L
such that z = b1y1 + … + bnyn. Each bj (1 ≤ j ≤ n) is of the form
bj = aj1x1 + … + ajmxm, for some aji ∈ K (1≤ i ≤ m). Using this in the
expression for z, we obtain that z is a linear combination of
{xiyj | 1≤ i ≤ m, 1 ≤ j ≤ n} with coefficients in K. Let us prove that
{xiyj | 1≤ i ≤ m, 1 ≤ j ≤ n} is K-linearly independent.
⎛ ⎞
If ∑ aij xi y j = 0 , with aij ∈ K, then ∑
⎜⎜ ∑ aij xi ⎟⎟ y j = 0 ,
1≤i ≤ m , 1≤ j ≤ n 1≤i ≤m ⎝ 1≤ j ≤n ⎠
where ∑ aij xi ∈ L. The L-linear independence of {y1, …, yn} implies
1≤ j ≤ n
that ∑ aij xi = 0, for any i. Hence aij = 0 for any i and j, because {x1,
1≤ j ≤ n
…, xm} are K-linearly independent. !
1.27 Remarks. a) The theorem is also true for division rings, since
the proof does not use the commutativity of multiplication.
b) More generally, if the extensions are not necessarily finite, sup-
pose that (xi)i∈I is a K-basis of L and (yj)j∈J is an L-basis of M. Then
(xiyj)(i,j)∈I×J is a K-basis of M.
1.28 Examples. a) Consider Q (3 2 ) /Q. Irr ( 3 2 ,Q) = X − 2, using

3
3
Eisenstein's criterion (or observing that X − 2 has no rational roots).
Thus, the degree of the extension is 3 and a Q-basis of Q (3 2 ) is
{1, 3 2 , 3 4 } . This means that any element of Q (3 2 ) is written
uniquely as a + b3 2 + c3 4 , with a, b, c ∈ Q. The same argument
shows that for any n ∈ N , the extension Q ⊆ Q (n 2 ) has degree n and
*
{
a Q-basis is 1, n 2 ,…, n 2n −1 . }
b) The extension Q ⊆ Q( 2 , 3 ) has degree 4 and a Q-basis is
{1, 2 , 3, 6 }. for the proof, consider the tower of extensions
Q ⊆ Q ( 2 ) ⊆ Q( 2 )( 3 ) = Q( 2 , 3 ) . The first extension has de-
2
gree 2 (since Irr ( 2 , Q) = X − 2) and a basis is {1, 2 }. The exten-
sion Q ( 2 ) ⊆ Q( 2 )( 3 ) has also degree 2, because Irr ( 3,Q( 2 ))
= X − 3. Indeed, X 2 − 3 is irreducible over Q ( 2 ) , because
2
3 ∉ Q ( 2 ) : if, by absurd, 3 = a + b 2 , with a, b ∈ Q, then

2 2
3 = a + 2b + 2ab 2 . If ab ≠ 0, then 2 ∈ Q, contradiction. If
2 2
ab = 0, then 3 = a or 3 = 2b , with a, b ∈ Q (again a contradiction).
Thus, a basis of the extension Q ( 2 ) ⊆ Q( 2 )( 3 ) is {1, 3 }.

Applying the method in the theorem of transitivity of finite exten-
sions, a basis of the extension Q ⊆ Q( 2 , 3 ) is {1, 2 , 3, 6 }.
Note that this extension has the proper intermediate fields Q ( 2 ) ,
Q( 3 ) , Q ( 6 ) . These are all the proper intermediate fields. At this
stage, this is difficult to prove, but it is an immediate consequence of
Galois theory.
The element 2 + 3 =: α is a primitive element: Q( 2 , 3 ) =
Q( 2 + 3 ) . The inclusion Q( 2 + 3 ) ⊆ Q( 2 , 3 ) is evident. Let
2
us show that 2 , 3 ∈ Q(α). We have α = 5 + 2 6 , so 6 ∈ Q(α).
Thus 6α = 3 2 + 2 3 =: β ∈ Q(α). The system
⎧3 2 + 2 3 = β
⎨ ,
⎩ 2 + 3 =α
where α, β ∈ Q(α), shows that 2 , 3 ∈ Q(α).
Let us find Irr(α, Q). The polynomial Irr(α, Q) has degree equal to
[Q(α) : Q] = [Q(α) : Q ( 2 ) ]·[ Q ( 2 ) : Q] = 2·2 = 4
We have α = 5 + 2 6 ⇒ (2 6 ) = (α 2 − 5) ⇒ (α 2 − 5) − 24 = 0 .
2 2 2 2
Thus, α is the root of (X 2 − 5) − 24 , which is monic, in Q[X] and has

2
degree 4, so it must be equal to Irr(α, Q).

c) Here is a nontrivial example of a finite extension. Let K be a
field, K(T) the field of rational fractions with coefficients in K,
u ∈ K(T), u ∉ K and f, g ∈ K[T] with u = f /g and ( f, g) = 1. Then the
extension K(u) ⊆ K(T) is finite and [K(T) : K(u)] = max (deg f, deg g).
Let h = g(X)u − f (X) ∈ K(u)[X] (where g(X) is the polynomial in X
obtained by replacing T with X in the polynomial g). We have
h(T) = 0, which shows that T is algebraic over K(u), so K(u) ⊆ K(T) is
finite.
Since K(T) = K(u)(T), [K(T) : K(u)] = deg Irr(T, K(u)). We claim that
Irr(T, K(u)) is associated to h = g(X)u − f (X) ∈ K(u)[X].
We have deg h = max (deg f, deg g). This is clear if deg f ≠ deg g; if
deg f = deg g, then the leading coefficient of h is ub − a, where a,
respectively b, are the leading coefficients of f, respectively g. We
−1
have ub − a ≠ 0, because otherwise u = ab ∈ K, contradicting the as-
sumption u ∉ K.
We have to prove that h = g(X)u − f (X) ∈ K(u)[X] is irreducible.
First, note that u is transcendental over K. Indeed, K ⊆ K(T) is infinite
(T is transcendental over K) so K ⊆ K(u) must also be infinite
(otherwise, considering the tower of extensions K ⊆ K(u) ⊆ K(T), the
theorem of transitivity of finite extensions would imply that K ⊆ K(T)
is finite). Thus, there is a K-isomorphism K[Y] ≅ K[u] (where Y is an
indeterminate). The irreducibility of g(X)u − f (X) ∈ K(u)[X] is thus
equivalent to the irreducibility of r = g(X)Y − f(X) ∈ K(Y)[X]. Since
K[Y] is a UFD and K(Y) is its field of quotients, this is equivalent to r
being irreducible in K[Y][X] ≅ K[Y, X]. Suppose r = pq, with p, q ∈
K[Y, X]. Let degY r be the degree of r, seen as a polynomial in Y with
coefficients in K[X]. We have 1 = degY r = degY p + degY q, so we may
suppose degY p = 1 and degY q = 0. So, q ∈ K[X] and p = cY + d, for
some c, d ∈ K[X] and r = g(X)Y − f(X) = (cY + d )q. Identifying the
coefficients of the powers of Y, we obtain that q|g and q| f in K[X],
implying that q ∈ K*, since ( f, g) = 1. Thus, h is irreducible in
K[Y][X].
The polynomial h is irreducible and vanishes in T, so it is associ-
ated to Irr(T, K(u)). Proposition 1.20 says that [K(T) : K(u)]
= deg Irr(T, K(u)) = deg h = max (deg f, deg g).
It is interesting to remark that any intermediate field K ⊆ L ⊆ K(T)
with K ≠ L is of the form L = K(u), for some u ∈ K(T), u ∉ K. This fact
is known as “Lüroth’s Theorem” and is of significance in Algebraic
Geometry (see MORANDI [1996], WALKER [1950]).
1.29 Definition. A field extension K ⊆ L is called algebraic exten-

sion if each element in L is algebraic over K. The extension K ⊆ L is
called transcendental if it is not algebraic (it contains at least one

transcendental element over K).
1.30 Proposition. Any finite extension is algebraic and finitely

generated.
Proof. Let K ⊆ L be finite and let x ∈ L. Then K ⊆ K(x) is finite (as
an intermediate field of K ⊆ L) and Prop. 1.20 shows that x is alge-
braic over K. If {x1, …, xm} is a K-basis of L, then certainly L = K(x1,
…, xm), so L is a finitely generated extension of K. !
1.31 Proposition. Suppose K ⊆ L is a field extension, n ∈ N* and

x1, …, xn ∈ L are algebraic over K. Then K ⊆ K(x1, …, xn) is a finite
extension. In particular, any algebraic finitely generated extension is
a finite extension.
*
Proof. We prove the claim by induction on n ∈ N . For n = 1, the
conclusion follows from Prop. 1.20. If n > 1, the induction hypothesis
says that K ⊆ K(x1,…, xn − 1) is finite. Since xn is algebraic over K, xn is
also algebraic over K(x1, …, xn − 1); the extension K(x1, …, xn − 1) ⊆
K(x1, …, xn − 1)(xn) is thus finite. The conclusion follows by applying
the transitivity of finite extensions to the tower K ⊆ K(x1, …, xn − 1) ⊆
K(x1, …, xn − 1, xn). !
An easy argument by induction on n ∈ N* shows that, if K ⊆ L is
an extension and x1, …, xn ∈ L are algebraic over K, then K[x1,
…, xn] = K(x1, …, xn) (see exercise 1.17). The converse of this result is
nontrivial and it is known as "Zariski’s Lemma” (see for instance
SPINDLER [1994], Prop. 12.35, p. 232).
1.32 Theorem. (transitivity of algebraic extensions) If K ⊆ L and

L ⊆ M are algebraic extensions, then K ⊆ M is an algebraic exten-
sion.
Proof. Let x ∈ M. In order to prove that x is algebraic over K, we

show that x is contained in a finite extension of K and apply then Prop.
1. 20.
Since x is algebraic over L, there exists 0 ≠ f ∈ L[X] such that
f (x) = 0. Let a0, …, an ∈ L be the coefficients of f. Then x is algebraic
over K(a0, …, an) and K ⊆ K(a0, …, an) is finite, by Prop. 1.31. We
have now the tower of finite extensions K ⊆ K(a0, …, an)
⊆ K(a0, …, an)(x). By transitivity, K ⊆ K(a0, …, an)(x) is also finite. !
({ })
1.33 Example. The extension Q ⊆ L = Q n 2 n ∈ N* is algebraic
and infinite. Q ⊆ L is algebraic because L is the union of its intermedi-
ate fields of the form Q ({n 2 n ≤ m}) , m ∈ N*, and each of these is
algebraic (they are even finite). But Q ⊆ L is not finite: if, by
contradiction, [L : Q] = n ∈ N*, then each intermediate field would
have the degree a divisor of n. But Q ⊆ Q (n +1 2 ) has degree n + 1.
1.34 Definition. If K ⊆ L is a field extension, the set of all elements

in L that are algebraic over K is denoted by K'L and is called the alge-
braic closure of K in L. Clearly, K ⊆ K'L.
1.35 Proposition. Let K ⊆ L be a field extension. Then K'L is a sub-

field of L and an extension of K. In particular, the sum, the difference,
the product and the quotient (if it exists) of two algebraic elements
over K are also algebraic elements over K.
Proof. If a, b ∈ L, with b ≠ 0, are algebraic over K, then
K ⊆ K(a, b) is finite, so it is an algebraic extension. Thus a + b, a − b,
−1
ab, ab are algebraic over K, as elements of K(a, b). This shows that
K'L is a subfield of L. !
1.36 Example. Q'C is a subfield in C, an infinite algebraic exten-

sion of Q. Why?
Exercises
1. Let K ⊆ L be an extension. Show that L is a K-vector space with re-

spect to: the addition of L and the “scalar multiplication” given by:
∀α ∈ K, ∀x ∈ L, α·x = αx (the multiplication in L). Prove that
[L : K] = 1 if and only if K = L.
2. If S is a subset of the field L and K is a subfield in L, then the field
of fractions of the domain K[S] is canonically isomorphic to K(S).
3. Let K ⊆ L be an extension. Consider the linear system with coeffi-
cients aij, bi ∈ K:
⎧⎪aa11xx1 ++ … + a1nxn = b1
… + a2nxn = b2
(S): ⎨
21 1
.
…
⎩⎪am1x1 + … + amnxn = bm
Prove that: the system (S) has a solution in E ⇔ (S) has a solution
in K. Can you prove other similar properties of (S)?
4. Let K ⊆ L be an extension and let p ∈ L[X] \ K[X], deg p = n. Prove
that | p(K) ∩ K | ≤ n. (Hint. Suppose p(αi) = βi, 1 ≤ i ≤ n + 1, with αi,
βi ∈ K. Interpret this as a system of n + 1 equations, the unknowns be-
ing the coefficients of the polynomial.)
5. Let K ⊆ L be an extension and let α ∈ L, algebraic over K. If
deg Irr(α, K) = n, then deg Irr(β, K) divides n, for any β ∈ K(α).
6. Let K ⊆ L be an extension and let x ∈ L. Prove that x is
transcendental over K if and only if K[x] is K-isomorphic to the
K-algebra K[X] of polynomials in the indeterminate X.
7. Let K be a field and let (Ki)i ∈ I be a chain of subfields of K (∀i,
j ∈ I, Ki ⊆ Kj or Kj ⊆ Ki). Prove that ∪i ∈ I Ki is a subfield in K.
−1
8. Find a basis of the extension Q ⊆ Q[ 3 ]. Express (1 + 3 ) in
this basis. Find Irr(1 + 3 , Q). The same problem for Q ⊆ Q(α) and
3
the element 1 − α, where α is a root of X + X + 1.
9. Let K ⊆ K(α) be an algebraic extension. Suppose Irr(α, K) = f is

known, where deg f = n. For 0 ≠ β ∈ K(α) given as a K-linear
n−1 −1
combination of 1, α, …, α , describe a method to find β and
Irr(β, K).
10. Let K ⊆ L be an extension of degree 2 (”quadratic extension”).
Show that L = K(α), where α ∈ L is a root of a polynomial of the form
2 2 2
X − b (if char K ≠ 2), respectively X − b or X − X − b (if
char K = 2), for some b ∈ K. Prove that any quadratic extensions of Q
is of the form Q( d ), with d ∈ Z squarefree (d ≠ 0, d ≠ 1 and d is not
the multiple of any square of a prime).
11. Let m, n ∈ Z be distinct and squarefree. Then Q( m , n ) has de-
gree 4 over Q. (Hint. Show that m ∉ Q( n ).)
12. Let K ⊆ L be an extension such that L = K(x, y), with x, y ∈ L. If
m n
there exists m, n ∈ N* such that x ∈ K, y ∈ K and (m, n) = 1, then
K(x, y) = K(xy).
13. Let K and L be fields and let ϕ : K → L be a field isomorphism.
Let ψ : K[X] → L[X] be the ring isomorphism that extends ϕ and with
ψ(X) = X. Prove that p ∈ K[X] has a root in K ⇔ ψ(p) has a root in L.
14. Let K and L be extensions of Q and let ϕ : K → L be a field homo-
morphism. Show that ϕ|Q = id. Prove a similar property for extensions
of Fp (where p is a prime).
15. Let d, e ∈ Z, squarefree. Prove that Q( d ) ≅ Q( e ) ⇔ d = e.
16. Let ϕ : R → R be a field homomorphism.
a) Prove that ∀x ∈ R, x > 0 implies ϕ(x) > 0. Deduce ϕ is an
2
increasing map. (Hint. x = a , for some a ∈ R.)
b) Prove that ϕ = id. (Hint. Use that ϕ|Q = id and that between any
two real numbers there is a rational number.)
17. Let K ⊆ L be an extension, n ∈ N* and let x1, …, xn ∈ L, algebraic
over K. Then K[x1, …, xn] = K(x1, …, xn). More generally, if S is a sub-
set of L consisting of algebraic elements over K, then K[S] = K(S).
18. Let E and F be intermediate fields of the extension K ⊆ L. Prove

−1
that E(F) ( = the composite EF) is equal to the set {xy | x, y linear
combinations of elements in F with coefficients in E, y ≠ 0}. Under
what assumptions is the composite EF equal to the set of all linear
combinations of elements in F with coefficients in E?
19. Let L/K be an extension. Show that IF(L/K) = {E | E is a subfield
in L, K ⊆ E} is a complete lattice with respect to inclusion (any family
of subfields (Ei)i∈I has sup and inf in IF(L/K)). What is the form of an
arbitrary element in sup{Ei | i∈I}?
20. Let K ⊆ L be an algebraic extension. Show that any subring of L
that includes K (any K-subalgebra of L) is a field. Is the converse true?
21. Let R ⊆ S be an extension of domains (R is a subring of the do-
main S and 1 ∈ R). An x ∈ S is called integral over R if x is the root of
a monic polynomial in R[X]. Let x ∈ C be integral over Z. Prove that
Irr(x, Q) ∈ Z[X]. Deduce that the integral elements in Q ( d ) , where
d ∈ Z is squarefree, are roots of a monic polynomial of degree 2 with
integer coefficients.
22. Let K ⊆ L be a field extension and let x, y ∈ L be algebraic over K.
Let p = Irr(x, K), q = Irr(y, K), deg p = m, deg q = n.
a) Prove that deg Irr(x + y, K) ≤ mn and deg Irr(xy, K) ≤ mn.
b) deg Irr(x, K(y)) = m ⇔ deg Irr(y, K(x)) = n ⇔ [K(x, y) : K] = mn.
c) Formulate a sufficient condition for [K(x, y) : K] = mn.
23. Find Irr(x, Q) and a basis of the extension Q ⊆ Q(x), ∀
x ∈ { 3 − i, 1 + 3 3 , (1 − i )5 2 }.
24. For any n ∈ N*, give an example of extension of degree n of Q.
25. Let K ⊆ L ⊆ E be a tower of extensions and let x ∈ E be algebraic
over K. Then [L(x) : L] ≤ [K(x) : K].
26. Let L and E be intermediate fields of the extension K ⊆ F.
IV.2 Roots of polynomials. Algebraically closed fields 193
EL
L E
L∩E
K
a) If K ⊆ L is algebraic, then E ⊆ EL is algebraic.
b) If S is a subset of L and K < S > = L (S generates the K-vector
space L), then E < S > = EL. (Hint. Reduce to the case when S is finite.)
c) If [L : K] is finite, then [EL : E] ≤ [L : K].
d) If the degrees [L : K] and [E : K] are finite and coprime, then
[EL : E] = [L : K] and [EL : K] = [E : K]·[L : K].
e) If [EL : K] = [E : K]·[L : K], then K = L ∩ E.
f) If [E : K] = 2 and K = L ∩ E, then [EL : K] = [E : K]·[L : K].
g) Give an example such that [E : K] = [L : K] = 3, K = L ∩ E, but
[EL : K] < 9.
27. Let K ⊆ L be an extension of degree n and let g ∈ K[X], deg g = p,
with p prime, (p, n) = 1. If g is irreducible in K[X], then g is irreducible
in L[X].
5
28. Show that X − 2 is irreducible in Q(ω)[X], where
ω = cos(2π/5) + i·sin(2π/5).
IV.2 Roots of polynomials. Algebraically closed fields
Let R be a domain. Bézout's theorem says that the polynomial

f ∈ R[X] has the root a ∈ R if and only if X − a divides f in R[X]. It is
thus natural to consider the following definition:
2.1 Definition. Suppose R is a domain, f ∈ R[X] is a nonzero

polynomial, a ∈ R and n ∈ N. We say that a is a multiple root of f with
n n+1
multiplicity n if (X − a) | f and (X − a) - f. The natural number n is
called the multiplicity of the root a. If n = 1, a is called a simple root
of f. If n > 1, a is called a multiple root of f (double if n = 2, triple if
n = 3 etc).
When counting the roots of a polynomial, each root counts with its
multiplicity (unless otherwise specified).
2.2 Proposition. Let R be a UFD and let f ∈ R[X] be nonzero. If a1,

…, an ∈ R are distinct roots of f, of multiplicities m1, …, mn respec-
tively, then ( X 1 − a1 )m1 …( X n − an )mn divides f in R[X].
Proof. Use induction on n. If n = 1, this is the definition. Suppose
the claim is true for n − 1 and let f be as in the statement. By the
induction hypothesis, f = ( X 1 − a1 )m1 …( X n −1 − an −1 )mn−1 g , for some
g ∈ R[X]. Since the polynomials X − ai, 1 ≤ i ≤ n, are irreducible and
pairwise not associated in divisibility, ( X − a1 ) 1 , …, ( X − an )mn are
m
pairwise relatively prime. By Prop. I.5.6, ( X − an )mn is coprime with

( X − a1 )m1 …( X − an −1 )mn−1 .
Since ( X − an )mn divides ( X − a1 )m1 … ( X − an −1 )mn−1 g , we obtain
that ( X − an )mn divides g. !
2.3 Corollary. Let R be a domain and let f ∈ R[X], deg f = n. Then

f has at most n roots in R.
Proof. Of course, each root is counted with its multiplicity. Let K
be the field of fractions of R. We see f as a polynomial in K[X] and ap-
ply the preceding proposition. !
We now seek a criterion to decide if a polynomial has multiple
roots. It is useful to introduce the notion of formal derivative of a
polynomial with coefficients in an arbitrary ring.
2.4 Definition. Let R be a commutative unitary ring and let

n
f = a0 + a1X + … + anX ∈ R[X].
The (formal) derivative of f is the polynomial
n −1
df := a1 + 2a2 X + … + nan X .
(1)
Other notations: df = f ' or df = f .
Direct calculations show that the formal derivative has the usual
properties of the derivative of a function as known from calculus:
{ f + g}' = f ' + g', {af }' = af ', { fg}' = f 'g + fg', ∀a ∈ R, ∀f,g ∈ R[X].
Note that d : R[X] → R[X] is the unique R-module homomorphism
n n−1
with the property that d1 = 0 and dX = nX , ∀n ∈ N* (apply the
universality property of a free module). Evidently, deg df ≤ deg f − 1.
Composing the homomorphism d with itself n times (n ∈ N*) is de-
n n n n−1 0
noted by d ; d : R[X] → R[X]. Thus, d = d◦d , ∀n ∈ N*, d = id.
n (n)
d f is often denoted by f , ∀f ∈ R[X].
2.5 Proposition. Let R be a domain, let f ∈ R[X] of degree n > 0

and let α ∈ R.
a) There exist and are unique b0, …, bn ∈ R such that
f = ∑ bi ( X − α )i .
(i)
b)0≤Ifi ≤nα is a root of multiplicity m (m ∈ N*) of f, then f (α) = 0, for
any i ∈ {0, …, m − 1}.
c) If f (α) = f '(α) = 0, then α is a multiple root of f (of multiplicity at
least 2).
Proof. a) Use induction on deg f. If f = a0 + a1X, then f = (a0+ a1α)
+ a1(X − α). If deg f = n > 1, by the integer division with remainder
theorem applied to f and X − α (I.6.2), we obtain f = (X − α)g + b0,
with b0 ∈ R and g ∈ R[X], deg g = n − 1. Writing g in the form given
by the induction hypothesis and replacing in the previous equality, we
obtain the result.
The uniqueness part amounts to the R-linear independence of
i
{(X − α) | i ∈ N} in R[X], easy to prove.
b) By a), (X − α) divides f if and only if b0, b1,…, bm−1 are all 0.

m
(i)
On the other hand, f (α) = i!bi, ∀i ∈ {0, …, n} (proof by induction on
(i)
n). This implies that f (α) = 0, ∀i ∈ {0, …, m − 1}.
c) Let f be written as in a). We obtain f (α) = b0 = 0 and
2
f '(α) = b1 = 0. So, (X − α) | f. !
Suppose K is a field, Ω is an extension of K, α ∈ Ω and f ∈ K[X].
Applying the result above, we obtain that α is a multiple root of f if
and only if is simultaneously a root of f and of its derivative: (X − α)| f
and (X − α)| f ' in Ω[X]. This implies that the GCD of f and f ' in Ω[X]
has degree ≥ 1. But the GCD of two polynomials can be obtained us-
ing Euclid's algorithm and does not depend on the field considered: if
f, g ∈ K[X], then ( f, g)K[X] = ( f, g)Ω[X]. Thus:
2.6 Proposition. Let K be a field and let f ∈ K[X]. Then f has multi-
ple roots (in some extension of K) if and only if f and f ' are not rela-
tively prime.
Proof. Let Ω be an extension of K in which f splits (IV.1.25). If f
has multiple roots, we saw that f and f ' are not relatively prime. Con-
versely, if g = GCD(f, f ') has degree ≥ 1, then g has a root α in Ω (the
roots of g are among the roots of f ) and α is a multiple root of f since
f(α) = f '(α) = 0. !
Without knowing the roots of a polynomial, the criterion above al-
lows to decide if it has multiple roots.
2.7 Proposition. (Viète's relations) 44 Suppose R is a domain,

n
f = a0 + a1X +…+ anX is a polynomial in R[X], an ≠ 0, having the
roots x1, …, xn ∈ R. Then:
f = an(X − x1)…(X − xn)
For any k, 1 ≤ k ≤ n, we have:
44
In honor of François Viète, 1540-1603, French mathematician.
an ∑{i ,…,i }⊆{1,2,…,n} xi1 … xik = (− 1)k an −k .

1 k
In particular,
an(x1 + … + xn) = – an − 1
an(x1 x2 + x1 x3 + … + xn −1 xn) = an − 2
…
n
an x1… xn = (–1) a0.
Consequently, any root in R of f divides a0.
Proof. The polynomial g = an(X − x1)…(X − xn) divides f, by prop.
2.2. The polynomials g and f have the same degree and g | f, so they
are associated in divisibility in K[X] (K is the field of fractions of R).
Since g and f have the same leading coefficient, g = f. The other
equalities result by identifying the coefficients of g and f. !
2.8 Corollary. Let R be a subring of the domain S and let f ∈ R[X]

be monic. If deg f = n and f has the roots x1, …, xn ∈ S, then
g(x1,…, xn) ∈ R, for any symmetric polynomial g ∈ R[X1,…, Xn].
Proof. By the fundamental theorem of the symmetric polynomials,
there exists h ∈ R[X1,…, Xn] such that g = h(s1,…, sn), where s1,…, sn
are the fundamental symmetric polynomials in the indeterminates
X1,…, Xn. The relations between roots and coefficients show that
si(x1,…, xn) ∈ R, for any 1 ≤ i ≤ n. Thus:
g(x1,…, xn) = h(s1(x1,…, xn),…, sn(x1,…, xn)),
which is an element of R. !
The fields that have no proper algebraic extensions are highly
interesting. They are characterized by the next theorem.
2.9 Theorem. Let K be a field. The following statements are

equivalent:
a) There exist no proper algebraic extensions of K.
b) There exist no proper finite extensions of K.
c) For any extension L of K, the algebraic closure of K in L coin-

cides with K. (“K is algebraically closed in L”).
d) Any polynomial of degree at least 1 with coefficients in K has a
root in K.
e) Any polynomial f of degree n ≥ 1 with coefficients in K splits
over K ( f has n roots in K).
f) The irreducible polynomials in K[X] are the polynomials of de-
gree 1.
Proof. a)⇒b) Clear, since any finite extension is algebraic.
b)⇒c) Let x ∈ K'L. Then K ⊆ K(x) is finite, so K = K(x) and x ∈ K.
c)⇒d) Let f ∈ K[X], deg f ≥ 1. Prop. 1.23 ensures the existence of
an extension L of K in which f has a root x. Since x is in K'L, x ∈ K.
d)⇒e) Suppose by contradiction that there exists f ∈ K[X], deg f
≥ 1, such that f does not split in K[X]. Choose f of minimum degree
with this property. By hypothesis, f has a root a ∈ K, so f = (X − a)g,
with g ∈ K[X]. But deg g < deg f, so g splits over K. Since f = (X − a)g,
f also splits over K, contradiction.
e)⇒f ) Evident.
f )⇒a) Let L be an algebraic extension of K and let a ∈ L. Then
Irr(a, K) is an irreducible polynomial in K[X], hence it has degree 1,
so a ∈ K. !
2.10 Definition. A field satisfying the equivalent properties above

is called an algebraically closed field. An extension L of the field K is
called an algebraic closure of K if L is algebraically closed and K ⊆ L
is an algebraic extension.
2.11 Examples. a) A finite field is never algebraically closed. In-

deed, if F is a field with n elements (n ≥ 2), the polynomial
f = 1 + ∏ a∈F ( X − a ) ∈ F[X] has degree n and f (a) = 1, ∀a ∈ F, so f
has no roots in F.
b) The complex field C is algebraically closed. This fact is known

as “The Fundamental Theorem of Algebra” 45 and will be proven later.
C is not an algebraic closure of Q, because C is uncountable and any
algebraic extension of Q is countable (see next lemma). But Q'C, the
algebraic closure of Q in C, is an algebraic closure of Q. More gener-
ally, if K ⊆ L is an extension and L is algebraically closed, then K'L is
an algebraic closure of K (prove this!).
c) If K and L are isomorphic fields and K is algebraically closed,
then L is algebraically closed.
An important problem is the existence (and uniqueness) of an alge-
braic closure of a given field K. First, let us prove a technical lemma,
also interesting in its own right.
2.12 Lemma. Let K ⊆ L be an algebraic extension. Then

|L| ≤ max(|K|, |N|).
Proof. Let P be the set of all irreducible monic polynomials in
K[X] and let a ∈ L. Any f ∈ P has a finite number n{ f } of roots in L.
We establish an indexing of these, {a1, …, an{ f }}. Define
ϕ : L → P × N as follows: if a ∈ L, let ϕ(a) = ( f, r), where f = Irr(a, K)
and a = ar.
The function ϕ is injective, so |L| ≤ |P| × |N| = max(|P|, |N|). We
have to show |P| ≤ max(|K|, |N|). Note that P is the union of the dis-
joint sets (Pn)n ≥1 , where Pn is the set of polynomials in P of degree n,
so: |P| = |∪n≥1 Pn| = ∑n≥1 |Pn|. Of course, |Pn | ≤ |K| , since ψ : Pn → K ,
n n
n −1 n
ψ(a0 + a1X + … + an − 1X + X ) = (a0, …, an − 1), is injective. On the
other hand, |K| = |K| if K is infinite, so |P| = ∑n≥1 |Pn| ≤ ∑n≥1 |K| =
n
45
This name (kept for historic reasons) expresses the concept that Algebra
studies mainly complex numbers. This is no longer true since the 19th century,
although complex numbers continue to play an important role in mathematics.
|K × N| = |K|. If K is finite, then |K| is finite and |P| ≤ ∑n≥1 |K| = |N|
n n
(as a countable union of finite sets). !

An immediate consequence is that any algebraic extension of Q is
countable; thus, the extension Q ⊆ R is not algebraic, because R is
not countable. This means that there exist real transcendental num-
bers (even uncountably many!).
2.13 Theorem. Let K be a field. Then an algebraic closure of K ex-

ists.
Proof. Th. 2.9.a) suggests looking for the algebraic closure as a
maximal element46 in the “set” of all algebraic extensions of K. The
problem is that the algebraic extensions of K do not form a set! Fortu-
nately, we can include K in a “sufficiently large” set M (that contains
“all” algebraic extensions of K) and confine our search to algebraic
extensions of K included in M.
Let M be a set such that47 | M | > max(|K|, |N|) and K ⊆ M.48 Let A
be the set of algebraic extensions of K included in M. The set A is or-
dered: for any F, L ∈ A, F ≤ L if and only if F is a subfield of L. The
set A is nonempty (K ∈ A) and is inductively ordered. Indeed, if B is a
chain in A, the union of the elements in B is in A (prove!) and is an up-
per bound for B. Zorn's Lemma assures the existence of a maximal
element F of A.
We prove that F is an algebraic closure of K. Let E be an algebraic
extension of F. By the transitivity property of algebraic extensions, E
is an algebraic extension of K. The previous lemma says that
46
You guessed, Zorn's Lemma will be used. All proofs of the existence of the
algebraic closure use some form of the Axiom of Choice.
47
This choice for | M | is suggested by the previous lemma. We want to be sure
that M includes a "copy" of any algebraic extension of K.
48
In fact, we need just an injective function α : K → M, but we assume K ⊆ M to
simplify notations.
| E | < | M |. We can then define ϕ : E → M, injective, such that

ϕ|F = idF. By transport of structure, ϕ(E) becomes a field (for instance,
the addition in ϕ(E) is defined by ϕ(x) + ϕ(y) := ϕ(x + y), ∀x, y ∈ E).
Then ϕ : E → ϕ(E) is an F-isomorphism of fields and thus ϕ (E) is an
algebraic extension of K. So, ϕ(E) ∈ A and F ⊆ ϕ(E). Because F is
maximal in A, F = ϕ(E), so F = E. This shows that F is algebraically
closed. !
For a field K and a polynomial (or a family of polynomials), it is
interesting to study the “smallest” field over which the polynomial
(respectively, any polynomial in the family) splits.
2.14 Definition. Let K be a field, let Ω be an algebraic closure of K

and let F be a family of polynomials in K[X]. The splitting field of the
family F over K is the field S obtained by adjoining to K all the roots
in Ω of the polynomials in F,
S := K({x ∈ Ω | ∃f ∈ F such that f(x) = 0}).
If F = { f }, S is called the splitting field of f over K. If f ∈ K[X] has
the roots x1, …, xn ∈ Ω, then the splitting field of f over K is K(x1,
…, xn) = K[x1, …, xn].
Of course, every polynomial in the family F splits in the splitting
field of F over K.
2.15 Remarks. a) At first glance, the splitting field of a family F

over K depends on the choice of an algebraic closure Ω of K. We shall
prove though that any two splitting fields of F over K are
K-isomorphic. This is the reason we say the (and not a) splitting field
of F over K.
b) The algebraic closure of K is the splitting field over K of the
family of all nonconstant polynomials in K[X].
2
2.16 Examples. a) The splitting field of X − 2 over Q is Q( 2 ).
2
b) The splitting field of X − 2 over R is R.
3
c) The splitting field of X − 2 over Q is Q( 3 2 ,ω ), where ω ∈ C is
2 3
a root of X + X + 1. Indeed, the roots of X − 2 are 3 2 ,ω 3 2 ,ω 2 3 2
and Q (3 2 , ω ) = Q (3 2 , ω 3 2 , ω 2 3 2 ) .
d) If f ∈ K[X] is a polynomial of degree n, and L is its splitting field
over K, then [L : K] ≤ n!.
Indeed, if x1, …, xn ∈ L are the roots of f, then
[K(x1) : K] = deg(Irr(x1, K)) ≤ deg f = n. Note that L is a splitting field
over K(x1) of g := f/(X − x1) ∈ K(x1)[X]. Since deg g = n − 1, apply an
induction to obtain that [L : K(x1)] ≤ (n − 1)! and so [L : K] ≤ n!.
Proving the uniqueness (up to a K-isomorphism) of the splitting
field of a family of polynomials over K requires some results on the
extension of field homomorphisms. These results have also other
important applications.
We shall use frequently the following elementary fact: if σ : K → L
is a field homomorphism, then σ has a unique extension to a ring
n
homomorphism τ : K[X] → L[X], namely τ(a0 + a1X + … + anX )
n
= σ(a0) + σ(a1)X + … + σ(an)X . This is the unique ring homomorph-
ism τ : K[X] → L[X] satisfying τ|K = σ and τ(X) = X. The existence and
uniqueness of τ are a consequence of the universality property of the
polynomial ring K[X]. By a harmless abuse of notation, the extension
to K[X] of the homomorphism σ is denoted also by σ.
The following property is very simple, but has deep implications;
in particular, it is instrumental in the determination of the Galois
group of an extension.
2.17 Proposition. If E and L are extensions of K, α ∈ E is a root of

f ∈ K[X], and ϕ : E → L is a K-homomorphism, then ϕ(α) is also a
root of f.
n
Proof. Let f = a0 + a1 X + … + an X ∈ K[X]. Then f(α) = a0 + a1α +
n
… + anα = 0. Apply the K-homomorphism ϕ to this equality:
n n
0 = ϕ(a0 + a1α + … + anα ) = a0 + a1ϕ(α) + … + anϕ(α) = f(ϕ(α)).!
The proposition below uses the isomorphism K[X]/{ f } ≅ K(α),

where α is algebraic over K and f = Irr(α, K). In other words, for an
irreducible polynomial f ∈ K[X], regardless of the choice of an exten-
sion E in which f has a root and regardless of the choice of a root (of
f ) α ∈ E, K(α) is the same (up to a K-isomorphism).
2.18 Proposition. Suppose σ : K → K' is a field isomorphism,

f ∈ K[X] is irreducible and α is a root of f in some extension E of K. If
α' is a root of f ' := σ { f } ∈ K[X] in some extension E' of K', then K(α)
is isomorphic to K'(α') by an isomorphism σ' that extends σ and
σ'(α) = α'.
Proof. We saw that there exists a K-isomorphism
η : K[X]/{ f }→ K(α) such that η{X + { f }} = α. Similarly, there exists a
K'-isomorphism γ : K'[X]/{ f '} → K'(α'), such that γ {X + { f '}} = α'. We
also have an isomorphism ϕ : K[X]/{ f }→ K'[X]/{ f '}, ϕ{h + { f }} =
σ (h) + { f '}, for any h + { f } ∈ K [ X ] ( f ) . Then γ ◦ϕ ◦η is the isomor-
-1
phism σ' we need:

−1
K (α ) ⎯η⎯→ K [ X ] ( f ) ⎯ϕ
⎯→ K ′[ X ] ( f ′) ⎯γ
⎯→ K (α ′) !
The seemingly pointless degree of generality in the previous
proposition (taking two isomorphic fields K and K' instead of just K) is
in fact useful in the next Theorem.
2.19 Theorem. Let K be a field, let L be an algebraic extension of

K, let Ω be an algebraic closure of K and let σ : L → Ω be a
K-homomorphism. If E is an algebraic extension of L, then there exists
a K-homomorphism τ : E → Ω that extends σ.
Proof. Let E be the set of “extensions” of the homomorphism σ,
E = {(F, ϕ) | F is a subfield of E, L ⊆ F, ϕ : F → Ω , ϕ is a
homomorphism, ϕ|L = σ}.
E is ordered by " ≤ ", defined by: (F, ϕ) ≤ (F', ϕ') if and only if
F ⊆ F' and ϕ'|F = ϕ. A straightforward proof shows that " ≤ " is indeed
an order relation. Moreover, if {(Fi, ϕi)}i∈I is a chain in E, it is
bounded above by { ∪i∈I Fi, ϕ}, where ϕ : ∪i∈I Fi → Ω is defined by
ϕ(x) = ϕi(x) if x ∈ Fi (this definition is independent of the choice of
i ∈ I such that x ∈ Fi). Thus, E is inductively ordered and has, by
Zorn's Lemma, a maximal element (F, ϕ).
Let us prove that F = E, which finishes the proof. If F ≠ E, pick
x ∈ E \ F. The element x is algebraic over F; let f = Irr(x, F). Apply
Prop. 2.18 to the following situation: ϕ : F → ϕ(F) field isomorphism,
f ∈ F[X], x is a root of f (in E), x' is a root of ϕ{ f } (in Ω). We obtain an
isomorphism ϕ' : F(x) → ϕ(F)(x') that extends ϕ. Since ϕ(F)(x') ⊆ Ω,
ϕ' is an extension of ϕ to F(x), contradicting the maximality of (F, ϕ).!
2.20 Corollary. Let K be a field. Then:

a) Any two algebraic closures of K are K-isomorphic.
b) If f ∈ K[X], then any two splitting fields of f over K are
K-isomorphic.
c) If F is a family of polynomials in K[X], then any two splitting
fields of the family F over K are K-isomorphic.
d) Let Ω be an algebraic closure of K. Then any algebraic exten-
sion of K is K-isomorphic to a subfield of Ω that includes K.
Proof. a) Let Ω and Ω' be algebraic closures of K. The canonical
inclusion ι : K → Ω has an extension to a K-homomorphism
σ : Ω → Ω' (by the previous theorem). The image of σ is a subfield
σ(Ω) of Ω', isomorphic to Ω (by σ), so it is algebraically closed. Since
Ω' is algebraic over σ(Ω), σ(Ω) = Ω'. Thus, σ is an isomorphism.
c) Let Ω and Ω' be algebraic closures of K. Let R (respectively R')
the set of all roots in Ω (respectively Ω') of the polynomials in F. We
have to prove that K(R) and K(R') are K-isomorphic. Let σ : Ω → Ω'
be a K-isomorphism, as in a). If f ∈ F, and α ∈ Ω is a root of f, then
σ(α) is a root of f in Ω'. This shows that σ (R) ⊆ R'. Considering
−1 −1
σ : Ω' → Ω, we obtain analogously that σ (R') ⊆ R, so σ estab-
lishes a bijection between R and R'. If we remember the form of the
elements in K(R), we obtain that σ (K(R)) = K(σ (R)) = K(R'), so the
restriction of σ to K(R) is a K-isomorphism between K(R) and K(R').
b) is a particular case of c).
d) Let K ⊆ L be algebraic. Then the canonical inclusion ι : K → Ω
extends to a K-homomorphism ϕ : L → Ω by 2.19. Thus, L is
K-isomorphic to ϕ(L), a subfield of K. !
Part d) above says that a given algebraic closure Ω of K includes
“all” the algebraic extensions of K.
2.21 Theorem. (the Fundamental Theorem of Algebra)49 The field

C is algebraically closed.
Proof. Let us prove first that any polynomial f of degree ≥ 1 with
real coefficients has a complex root.
If deg f is odd, then f has a real root. This follows from the well
known fact from analysis: the polynomial function ϕ : R → R associ-
ated to f has both positive and negative values (since the limits of ϕ at
+ ∞ and − ∞ are infinite and have opposite signs); the continuity of ϕ
implies the existence of c ∈ R with ϕ(c) = f (c) = 0.
Let deg f = n ∈ N and let s{ f } be the exponent of 2 in the prime
s{ f } s{ f } + 1
factor decomposition of n (2 | n and 2 - n). We prove the claim
by induction on s{ f }. If s{ f } = 0, then deg f is odd and f has a real root.
49
Also known as the d’Alembert-Gauss theorem. Jean le Rond d’Alembert
proposes an incomplete proof in 1746. C.F. Gauss gives four correct proofs of this
theorem, the first one in 1797. Other proofs are due to Jean Argand (1814), Augustin
Louis Cauchy (1820). The “theorem of Liouville” (which is due in fact to Cauchy,
1844) –“any holomorphic bounded function on C is constant”– proves the theorem
in one line. The present proof belongs to Pierre Samuel and has the advantage (?) of
being more “algebraic”. Note that all proofs use some analysis, because fundamental
(topological) properties of R do not possess purely algebraic descriptions. The
essential role is played in fact by the order properties of R.
Let s ∈ N, s > 0. Suppose that any polynomial g ∈ R[X], with

s
s(g) < s, has a complex root. Let f ∈ R[X], deg f = n = 2 m, s{ f } = s.
Let t1, …, tn be the roots of f in a splitting field of f over C, K = C(t1,
…, tn). Let P be the family of subsets of {1, 2, …, n} having two ele-
ments, fix a ∈ R and let {i, j} ∈ P. Consider the following element in
K:
uij(a) := titj + a(ti + tj) = uji(a).
Let ga := ∏{i , j}∈P ( X − uij (a )) , a polynomial in K[X].
The polynomial ga has degree n(n − 1)/2 and (a priori) coefficients
in K. We claim ga has coefficients in R. Indeed, the coefficients of ga
are polynomial expressions of t1, …, tn with real coefficients. To show
that these polynomial expressions are real, let us study how they
change under a permutation of the roots t1, …, tn. If σ is a permutation
of the set {1, 2, …, n}, the polynomial obtained from ga by the action
of σ on the roots (i.e. ti & tσ(i), ∀i) is
∏{i, j}∈P (X − uσ (i )σ ( j ) (a ))
Since {{σ(i),σ( j)} | {i, j} ∈ P} = P, the polynomial above coin-
cides with ga. This means that ga has coefficients symmetric
polynomials in t1, …, tn with real coefficients. Prop. 2.8 implies that
ga ∈ R[X].
n (n − 1)
We have = 2 s −1 m (2 s m − 1) , so s(ga) = s − 1 and the induc-
2
tion hypothesis applies to ga ∈ R[X]. Thus, ga has a complex root. On
the other hand, the roots of ga are uij(a), so there exists {i, j} ∈ P, such
that uij(a) ∈ C.
The above proves that, for any a ∈ R, there exists {i, j} ∈ P, with
uij(a) ∈ C. Because R is infinite and P is finite, there exist a, b ∈ R,
with a ≠ b, such that uij(a) ∈ C and uij(b) ∈ C. It follows immediately
that s := ti + tj and p := titj are complex numbers and so ti, tj ∈ C, as
2
roots of X − sX + p ∈ C[X].
In the general case of a polynomial g ∈ C[X], let g be the conju-

gate of g (the polynomial obtained by the complex conjugation of the
coefficients of g). An elementary computation shows that
g ⋅ g ∈ R[X] and the first part applies. Therefore, there exists α ∈ C
with g (α)⋅g(α) = 0. If g(α) = 0, we are done. If g (α) = 0, then g has
the root α . !
Exercises
Throughout the exercises, K is a field and Ω is an algebraic closure

of K.
1. Let R be a commutative ring. The following statements are equiva-
lent:
a) R is a domain.
b) Any polynomial p ∈ R[X] of degree n ≥ 1 has at most n roots in
R (the roots being counted with their multiplicity).
c) Any polynomial of degree1 in R[X] has at most one root in R.
2. (The skew field of quaternions) Let
⎧⎛ u v ⎞ ⎫
H = ⎨⎜ ⎟ ∈ M 2 (C ) u, v ∈ C ⎬ .
⎩⎝ − v u ⎠ ⎭
a) Show that H is a skew field (division ring) with respect to addi-
50
tion and multiplication of matrices.
50
The skew field of quaternions was discovered (invented?) by W.R. Hamilton.
⎛1 0⎞ ⎛i 0 ⎞ ⎛ 0 1⎞ ⎛0 i ⎞
b) Let 1 := ⎜ ⎟ , i := ⎜ ⎟ , j := ⎜ ⎟ , k := ⎜ ⎟ . Show
⎝0 1⎠ ⎝0 − i⎠ ⎝ −1 0⎠ ⎝ i 0⎠
that any element of H is written uniquely as a1 + bi + cj + dk, where a,
b, c, d ∈ R.
c) Let Q be the multiplicative subgroup of H* generated by i and j.
Prove that Q is not commutative and has 8 elements. Write down the
multiplication table of Q. (Q is called the quaternion group). Deduce
that H is a skew field.
2
d) Prove that X + 1 ∈ H[X] has an infinity of solutions in H. Does
this contradict 2.3?
e) Prove that H is an extension of C.
f) Give an example of a countable skew field.
3. Give an example of an extension K ⊆ L, where L is algebraically
closed and L is not algebraic over K.
4. Let K ⊆ L ⊆ E be a tower of extensions and let f ∈ K[X]. If E is a
splitting field of f over K, then E is a splitting field of f over L.
5. Let K ⊆ L ⊆ E be field extensions and let f ∈ K[X]. Suppose
L = K(x1, …, xn), where x1, …, xn are roots of f (not necessarily all of
them). Show that E is a splitting field of f over K if and only if E a
splitting field of f over L.
6. Let f ∈ K[X] be a polynomial of degree n and let x1, …, xn be the
roots of f in some extension L of K. Show that K(x1, …, xn −1) is a split-
ting field of f over K.
7. If the extension K ⊆ L ⊆ Ω is such that any nonconstant polynomial
in K[X] splits over L, then L = Ω.
8. Show that (Q'R)(i) = Q'C.
9. Let char K = 0 and let g ∈ K[X], irreducible, deg g ≥ 2. If α, β ∈ Ω
are roots of g, then α − β ∉ K. (Hint. Suppose α − β ∈ K and let
β = α + b, b ∈ K. Then K(α) = K(α + b). Because g is irreducible,
there exists a K-isomorphism ϕ : K(α) → K(β) = K(α) that takes α to
IV.3 Finite fields 209
2 n
β = α + b. Then α, ϕ(α), ϕ(ϕ(α)) = ϕ (α),…, ϕ (α),… are roots of ϕ,
n
for any n. Since ϕ (α) = α + nb and char K = 0, these are all distinct.)
10. Let f, g ∈ K[X], nonconstant and let β be a root of f in Ω. Then:
f(g(X)) is irreducible in K[X] ⇔ f is irreducible in K[X] and g(X) − β is
irreducible in K(β)[X]. (Hint. Let f = a∏(X − βi), where β = β1, …,
βn ∈ Ω. If α is a root of g(X) − β, then f(g(α)) = 0 and: f(g(X)) is
irreducible in K[X] ⇔ [K(α) : K] = deg f(g(X)) = deg f ·deg g. In the
tower of extensions K ⊆ K(β) ⊆ K(α), [K(β) : K] = deg Irr(β, K) and
[K(α) : K(β)] = deg Irr(α, K(β)).)
IV.3 Finite fields
We now apply the results obtained so far (notably the existence of

the algebraic closure of a field) to determine all finite fields. We al-
ready know (1.10) that, if F is a finite field, then:
- char F is a prime p > 0;
- F is a finite extension of Fp ( = Zp, the field of integers modulo p);
n
- |F| = p , where n = [F : Fp].
These facts raise the following questions: Given a prime p and
n
n ∈ N*, does there exist a finite field with p elements? If it exists, is
it unique (up to isomorphism)? How can one construct it?
3.1 Definition. Let K be a commutative ring, char K = p > 0, p a

prime. Let:
p
ϕ : K → K, ϕ(x) = x , ∀x ∈ K.
Of course, ϕ(xy) = ϕ(x)ϕ(y), ∀x, y ∈ K. Also:
∑ ( pi ) x
p p p
ϕ(x + y) = (x + y) = p −i
yi = x + y ,
0 ≤i ≤ p
The last equality holds because p divides the binomial coefficients

( )=
p
i
p ( p −1)…( p −i +1)
i! , for any 0 < i < p.
Thus, ϕ is a ring homomorphism, called the Frobenius endomorph-
p p
ism51 of K. The image of ϕ is K : = {x | x ∈ K}, a subring in K. If
char K = 0, the Frobenius endomorphism is taken to be the identity
function, ϕ = id : K → K. We use this endomorphism especially if K is
a field (but also for rings, for example in K[X], where K is a field of
characteristic p). The Frobenius endomorphism is the identity in the
p
case of the field Fp (by the little Fermat theorem, x = x, for any
x ∈ Fp; see also the proof below).
3.2 Theorem. Let p be a prime and let Ω be an algebraic closure

of the field Fp.
n
a) Let n ∈ N* and let q := p . There exists a unique subfield F of Ω
q
having q elements, namely the splitting field of X − X over Fp. In par-
n
ticular, there exists a finite field with p elements and any two fields
n
with p elements are isomorphic.
n
b) If F is a field with p elements and K is a subfield of F, then
m
|K| = p , where m divides n. Conversely, for any divisor m of n there
m
exists a unique subfield of F with p =: r elements, namely
r
K = {x ∈ F| x = x}.
Proof. a) Suppose F ⊆ Ω is a field with q elements. The group
(F , ·) has q − 1 elements. Applying the Lagrange theorem for the or-
*
q −1 q
der of an element in a finite group, we obtain x = 1, so x = x,
∀x ∈ F*. The prime subfield of F is Fp. Consequently, any element of
q
F is a root of the polynomial X − X, considered with coefficients in
51
Ferdinand Georg Frobenius (1849-1917), German mathematician.
Fp. This polynomial can have at most q distinct roots in Ω; since

q
|F| = q, the elements of F are exactly the roots of X − X in Ω. This
q
means that F is the splitting field of X − X over Fp and F is the
unique subfield with q elements of Ω.
Let us prove that there exists a field with q elements F ⊆ Ω. The
q
argument above says F must be the splitting field of X − X over Fp.
q
So, let g = X − X. Let F be the set of all roots of g in Ω,
q
F = {x ∈ Ω | x = x}. We claim F is a subfield of Ω. Indeed,
q n
ψ : Ω → Ω, ψ(x) = x , ∀x ∈ Ω, is a field homomorphism (ψ = ϕ
where ϕ is the Frobenius); then F is the subfield of all elements fixed
by this homomorphism. On the other hand, the number of roots of g in
Ω is exactly q: g has at most q roots and has no multiple roots, since
q−1
its derivative is qX − 1 = −1 (see 2.6). We deduce that F, the split-
ting field of g over Fp, has q elements.
b) Let K be a subfield of F (we suppose that F ⊆ Ω). Let s := |K|
n t
and let t := [F : K]. We have p = |F| = s ; since p is a prime, this is
m mt n
possible only if s is of the form p and p = p , which implies m|n.
Conversely, if m divides n, then n = mt for some t. Let Ω be an alge-
r
braic closure of F and let ψ : Ω → Ω, ψ(x) = x , ∀x ∈ Ω, where
m r
r = p . Let L := {x ∈ Ω | x = x} = {x ∈ Ω |ψ(x) = x}. L is a subfield
with r elements of Ω. We show that L ⊆ F. We have
r 2 t t
(ψ ◦ψ) (x) = ψ(x ) = x r and, by induction, ψ (x) = x r , ∀x ∈ Ω. So,
t t t n
x ∈ L ⇒ ψ(x) = x ⇒ ψ (x) = x ⇒ x r = x . But r = p , and F =
n
{x ∈ Ω | x p = x}; thus, x ∈ L ⇒ x ∈ F. Any subfield E of F with r
elements is equal to L because all elements of E satisfy the equation
r
x = x. !
n
The finite field with p elements (unique up to an isomorphism) is
denoted by GF(p ) or F pn . The notation GF(p ), an acronym for
n n
“Galois Field”, honors Evariste Galois, who determined the structure

of the finite fields in 1830.
3.3 Proposition. For any n ∈ N*, there exists at least an irreduci-

ble polynomial of degree n in Fp[X]; for any such polynomial f,
n
Fp[X]/{ f } is a field with p elements.
q
Proof. Let F be the splitting field of g = X − X over Fp, where
n
q = p . The next lemma says that (F*, ⋅) is a cyclic group. Let α be a
generator of F* and let f = Irr(α, Fp). We have that F = Fp(α) and
deg f = [Fp(α) : Fp] = [F : Fp] = n. So, f is irreducible of degree n in
Fp[X]. Also, Fp[X]/{ f } ≅ Fp(α), a field with q elements. !
3.4 Lemma. If R is a domain and G is a finite subgroup of U(R)

(the multiplicative group of units of R), then G is cyclic. In particular,
any finite subgroup of K* (where K is a field) is cyclic.
Proof. Let G be a finite group with n elements, G ≤ (U(R), ·). Let
m be the exponent of G, (the GCD of the orders of the elements of G).
Lagrange's theorem implies that m | n. On the other hand, any element
m
in G is a root of X − 1, which has at most m roots in R. Thus, n ≤ m
and m = n. Since G is Abelian, there exists an element x having order
m in G (for an elementary proof of this, see exercise 3.2), so G is cy-
clic, generated by x.
Another proof. Use the invariant factors theorem, applied to the fi-
nite Abelian group G. Suppose G is not cyclic. Then G ≅ C1×…×Cm,
where m ≥ 2 and C1, …, Cm are cyclic, |C1| = d1, …, |Cm| = dm and
d1 | d2 |…| dm. Then X d m − 1 has n roots in R, where n = d1·…·dm > dm,
contradiction. !
We prove now that any finite division ring is commutative (it is a
field). The proof of this result needs some facts on roots of unity and
cyclotomic fields, which have also numerous other applications in
algebra, number theory etc.
3.5 Definition. Let K be a field and let n be a positive integer. The

n
element ζ ∈ K is called an nth root of unity in K if ζ = 1. Let Un(K)
(or simply Un if K cannot be confused) be the set of the nth roots of

n
unity in K, Un(K) := {x ∈ K | x = 1}.
n
Since X − 1 has at most n roots, Un is a subgroup with at most n
elements of the multiplicative group (K*, ·). The element ζ ∈ Un is
called a primitive nth root of unity in K if the order of ζ in Un is n. (⇔
n m
ζ = 1, but ζ ≠ 1, ∀m < n ⇔ ζ generates Un). We denote by Pn(K) (or
simply Pn) the set of all primitive nth roots of unity in K:
Pn(K) := {x ∈ Un(K) | ord x = n}.
If ζ is a root of unity in some extension of K, the extension
K ⊆ K(ζ ) is called a cyclotomic extension.
3.6 Remark. Un(K) is cyclic (as a finite subgroup of K*). Thus,

there exists a primitive nth root of unity in K if and only if Un(K) has n
elements.
3.7 Examples. a) Un(Q) = { −1, 1} if n is even and Un(Q) = {1} if n

is odd.
2kπi n
b) Un(C) = {e / | k ∈ {1, …, n}},
2kπi n
where e / = cos(2kπ/n) + isin(2kπ/n). There are ϕ(n) complex primi-
2kπi n
tive nth roots of unity, namely e / , cu (k, n) = 1, 1 ≤ k < n. Here ϕ(n)
is the number of all integers k, (k, n) = 1, 1 ≤ k < n. The function
ϕ : N* → N* is called the Euler phi function. We have ϕ(n) = |U(Zn)|,
the number of invertible elements in the ring Zn.
c) U4(F5) = F5* = {1, 2, 3, 4}; P4(F5) = {2, 3}; U4(F7) = {1, 6};
P4(F7) = ∅.
3.8 Proposition. Let Ω be an algebraic closure of the field K and

let n ∈ N*.
a) Un(Ω) has n elements if and only if char K does not divide n.
t
b) If char K = p > 0 and n = p m, with (p, m) = 1, then
Un(K) = Um(K).
n
Proof. a) Un(Ω) has n elements if and only if f = X − 1 has no
n −1 n
multiple roots ⇔ { f ', f } = 1 ⇔ {nX , X − 1} = 1⇔ n·1 ≠ 0 ⇔
char K does not divide n.
t
b) In general, m | n implies Um ⊆ Un. Let p =: q. If x ∈ Un, then
x = (x m ) = 1. But y & y , ∀y ∈ K, is a field endomorphism
n q q
(necessarily injective) of K (it is a power of the Frobenius endomorph-

q m
ism), so y = 1 implies y = 1. Thus, x ∈ Un implies x = 1, so x ∈ Um.!
According to the above, it is sufficient to study Un(K) when char K
does not divide n. In this case, there exists a primitive nth root of unity
in some extension of K.
3.9 Definition. Let n ∈ N* and let K be a field containing a primi-

tive nth root of unity. The polynomial (in K[X])
Φn := ∏ζ ∈P ( K ) ( X − ζ )
n
is called the nth cyclotomic polynomial over K. The roots of Φn are

distinct and they are exactly the primitive nth roots of unity in K, so
deg Φn = ϕ(n).
If char K = 0 (one usually takes K = C to ensure a primitive nth root
of unity exists), then
Φn := ∏ (X − e 2 kπi n )
k <n ,( k ,n )=1
is called the nth cyclotomic polynomial (dropping any reference to the

field).
3.10 Remark. In the complex plane, the complex nth roots of unity
are the vertices of a regular polygon with n sides inscribed in the unit
circle. This justifies the name cyclotomic, of Greek origin and mean-
ing approximately “circle dividing”.
3.11 Lemma. a) Suppose K ⊆ L is an extension, f, g ∈ K[X] and h

∈ L[X] such that f = gh. Then h ∈ K[X]. In other words, if g divides f
in L[X], then g divides f in K[X].
b) If f ∈ Q[X] is monic and divides (in C[X]) a monic polynomial

u ∈ Z[X], then f ∈ Z[X] and u = fg, where g ∈ Z[X] and g is monic.
Proof. a) The division with remainder theorem in K[X] guarantees
the existence of q, r ∈ K[X] such that f = gq + r, with deg r < deg g.
The division with remainder in L[X] of f to g is f = gh + 0. The unique-
ness of the quotient and of the remainder in L[X] implies that r = 0 and
h = q ∈ K[X].
b) By a), u = fg, with g ∈ Q[X]. Let a (respectively b) be the LCM
of denominators of the coefficients of f (respectively g). Then af, bg
∈ Z[X] and af·bg = abu. Taking the contents of the polynomials,
c(af )·c(bg) = ab, since c(u) = 1. So af = c(af )·f1, bg = c(bg )·g1, with f1,
g1 ∈ Z[X], primitive. Thus c(af )·f1·c(bg )·g1 = abu. Simplify by
ab = c(af )·c(bg) to obtain f1·g1 = u; since u is monic, and f1, g1 ∈ Z[X],
f1, g1 have leading coefficients 1 or − 1. Since f (which is monic) is
associated in divisibility with f1, we obtain f = ± f1 ∈ Z[X]. Likewise,
g ∈ Z[X]. !
3.12 Proposition. Let n ∈ N* and let K be a field containing a

primitive nth root of unity. Then:
a) For any d dividing n, there exists a primitive dth root of unity in
K.
b) X n − 1 = ∏d n Φ d holds.
c) The coefficients of Φn are in the prime subfield P of K.
d) If char K = 0 (for example K = C), then Φn ∈ Z[X].
m
Proof. a) If ζ is a primitive nth root of unity and m = n/d, then ζ
is a primitive dth root of unity.
b) The polynomials in the equality are monic and have the same
roots, namely the nth roots of unity in K.
c) We prove by induction by m (1 ≤ m ≤ n) the statement: "for any
d with 1 ≤ d ≤ m, d | n implies Φd ∈ P[X]".
If m = 1, then Φ1 = X − 1 ∈ P[X]. Let 1 < m ≤ n. We suppose the

claim true for any q < m and we prove for m. If m - n, there is nothing
m
to prove. If m | n, then X − 1 = Φm·g, where
g = ∏ Φ d ∈ P[X],
d m , d <m
since by the induction hypothesis Φd ∈ P[X], ∀d < m, d | m. Apply

now the lemma 3.11.a) to obtain that Φm is also in P[X].
d) Repeat word for word the proof of c) (replace P with Z), to ob-
m
tain that X − 1 = Φm·g, where g ∈ Z[X], monic. Thus, Φm ∈ Q[X].
Use lemma 3.11.b) to deduce Φm ∈ Z[X]. !
One can use the formula X n − 1 = ∏d n Φ d to recursively compute
Φn (for this, all Φd are needed, for d | n, d < n). The Möbius inversion
formula (see e.g. SPINDLER [1994]) gives an explicit expression for Φn,
d
∀n ∈ N*, in terms of products of polynomials X − 1 or their inverses.
3.13 Example. Consider the 7th cyclotomic polynomial Φ7 over an

7
algebraic closure of F2. From Φ1Φ7 = X − 1 we deduce
6 5
Φ7 = X + X +…+ 1. By trial and error (or using a computer) we ob-
tain
3 2 3
Φ7 = (X + X + 1)(X + X + 1),
where the right hand side is the irreducible factorization of Φ7 in F2[X]
(the polynomials have degree 3 and no roots in F2).
So, Φ7 is reducible in F2[X]. If α is a primitive 7th root of unity,
3 2 3
then Irr(α, F2) = X + X + 1 or X + X + 1.
F2(α) is the field with 8 elements F8. Any nonzero element of F8 is
a primitive 7th root of unity. Why?
In characteristic 0 the behavior above is not present: the cyclotomic
polynomials over C are irreducible (in Z[X] and in Q[X]):
3.14 Theorem. Let n ∈ N*. Then Φn is irreducible in Z[X] and it is

the minimal polynomial over Q of any complex primitive nth root of
unity.
Proof. Let ζ be a primitive complex nth root of unity and let
f = Irr(ζ, Q). We show that f = Φn; more precisely, we show that f and
Φn have the same roots.
n
Since f divides X − 1 in C[X] and f is monic, 3.11.b) implies that
f ∈ Z[X].
Any root of f is a primitive nth root of unity. Indeed, if β is a root
of f, then K(ζ) and K(β) are K-isomorphic via an isomorphism that
m
takes ζ to β. In particular, we have, ∀m ∈ N*, ζ = 1 if and only if
m
β = 1, so ord ζ = ord β.
This shows that any root of f is a root of Φn, so f | Φn. We need now
to prove that any primitive nth root of unity is a root of f. We will
show that:
p
If α ∈ Pn and f (α) = 0, then f (α ) = 0, for any prime p not dividing n.(*)
Since f (ζ ) = 0, an inductive argument based on (*) shows that
m
f (ζ ) = 0, for any m relatively prime to n. Since any primitive nth root
m
of unity is of the form ζ for some m coprime with n, we obtain that
all the primitive nth roots of unity are roots of f.
In order to prove (*), let α ∈ Pn and let p be prime, p - n. By lemma
p
3.11.b), Φn = fg, with g ∈ Z[X], monic. Since α ∈ Pn,
p p p p
f (α )g(α ) = Φn(α ) = 0. Suppose by contradiction that f (α ) ≠ 0, so
p p
α is a root of g. Thus, α is a root for g1 := g(X ) ∈ Z[X]. Because f =
Irr(α, Q), f | g1 in Z[X] (by 3.11), so g1 = fh, with h ∈ Z[X], monic.
In what follows, for any q ∈ Z[X], let π(q) denote the polynomial q
reduced modulo p (π(q) is the polynomial in Zp[X] whose coefficients
are the images in Zp of the coefficients of q; in other words,
π : Z[X] → Zp[X] is the unique extension to Z[X] of the canonical
n
homomorphism Z → Zp). Let g = a0 + a1X + … + X . Then:
p p n p p p p
π(g ) = π(g) = (π(a0) + π(a1)X + … + X ) = π(a0) + π(a1) X + … +
pn p pn
X = π(a0) + π(a1)X + … + X = π(g1).
p p
Since g1 = fh, π(g1) = π(g) = π{ f }π(h). Thus π{ f } | π(g) in Zp[X],
so all irreducible divisors of π{ f } divide also π(g). Because deg π{ f }
= deg f, there exists an irreducible common factor h of π{ f } and π(g),
2
deg h ≥ 1. But then π(Φn) = π{ f }π(g) is divisible with h , so it has
n
multiple roots. This is absurd, since Φn | X − 1, so π(Φn) divides
n n −1
π(X − 1), who has no multiple roots: its derivative is nX ≠ 0 in
n
Zp[X] (p - n implies n invertible in Zp) and π(X − 1) is coprime to
n −1
nX . !
We will encounter cyclotomic extensions again in the study of Ga-
lois Theory. We need now some elementary facts on the conjugacy
classes of a finite group, which will be used here to prove that any fi-
nite division ring is commutative.
3.15 Proposition. Let G be a group and let a ∈ G.

a) The set C(G) := {x ∈ G | xy = yx, ∀y ∈ G} (called the center of
G) is a normal Abelian subgroup of G.
b) The set C(a) := {x ∈ G | xa = ax} (called the centralizer of a in
G) is a subgroup of G.
c) The “conjugacy relation” in G, defined by: ∀x, y ∈ G, x ~ y if
−1
and only if exists z ∈ G such that y = z xz, is an equivalence relation
on G. If x ~ y, we say that x is conjugate with y (or y is a conjugate of
x).
d) Let Ca := {x ∈ G | x ~ a } (the conjugacy class of the element a).
Then |Ca| = [G : C(a)] (the index of the subgroup C(a) in G).
e) (conjugacy classes formula) We have:
|G| = |C(G)| + ∑a∈S [G : C (a )] ,
where the sum runs on a system S of representatives of the conjugacy
classes of the elements not contained in the center of G.
Proof. a), b), c) have standard proofs and are left to the reader.
−1
d) It is clear that Ca = {z az | z ∈ G}. Let
G/C(a) := {C(a)x | x ∈ G}
be the set of right cosets of the subgroup C(a) in G. Define
−1
ϕ : G/C(a) → Ca by ϕ(C(a)x) = x ax, ∀x ∈ G. ϕ is correctly defined
−1
(x ax is independent on the representative x of the class C(a)x). In-
−1 −1 −1
deed, for any x, y ∈ G: C(a)x = C(a)y ⇔ xy ∈ C(a) ⇔ axy = xy a
−1 −1
⇔ x ax = y ay. The injectivity of ϕ also follows, since
−1 −1
x ax = y ay implies C(a)x = C(a)y. Because ϕ is obviously surjec-
tive, |Ca| = |G/C(a)| = [G : C(a)].
e) G is the disjoint union of the conjugacy classes. Clearly, a
∈ C(G) ⇔ C(a) = {a} ⇔ |Ca| = 1. Let S be a system of representatives
as in the statement. Then S ∪ C(G) is a system of representatives for
the conjugacy classes, so
G = ∪{Ca | a ∈ S ∪C(G)} = {∪{Ca | a ∈ S }}∪ C(G).
The unions are disjoint, so, taking cardinals and using
|Ca| = [G : C(a)], we obtain the formula. !
We can prove now the following celebrated result:
3.16 Theorem. (Wedderburn 52 , 1909) Any finite division ring is

commutative.
Proof. Let K be a finite division ring. Let p = char K > 0. Let C be
the center of the ring K, C := {x ∈ K | xy = yx, ∀y ∈ K}. One easily
verifies that C is a commutative subring of K, and C is a field (of
characteristic p). We have thus the tower of extensions of division
rings Zp ⊆ C ⊆ K. Let m = [C : Zp] and let n = [K : C]. Then
m n
|C| = p := q and |K| = q . It is sufficient to prove that n = 1.
Suppose that n > 1. The center of the group (K*, ·) is C*. For any
a ∈ K, consider {x ∈ K | xa = ax} =: Z(a), which is easily seen to be a
subfield of K that includes C. The centralizer of a in the group K* is
52
Joseph Henry Maclagen Wedderburn (1882-1948), Scottish mathematician.
d(a)
Z(a)* := Z(a)\{0}. Let d(a) = [Z(a) : C], so |Z(a)| = q . By 1.27, the
multiplicativity of degrees holds also for extensions of division rings,
*
so Zp ⊆ C ⊆ Z(a) ⊆ K implies da | n. In the group (K , ·) apply the
conjugacy classes formula:
∑a∈S [K * : Z (a ) ],
* * *
|K | = |C | +
S being a system of representatives of the conjugacy classes of ele-
ments not contained in C*. Note that a ∈ S implies da ≠ n (otherwise
Z(a) = K, so a ∈ C*, contradicting the choice of S). In the formula
* n * * qn − 1
above, |K | = q − 1, |C | = q − 1, [K : Z(a)*] = , so:
qd (a ) − 1
qn − 1
q −1=q−1+∑
n
d (a )
. (1)
a∈S q −1
n d(a)
The cyclotomic polynomial (over C) Φn divides (X − 1)/(X − 1)
in Z[X], ∀a ∈ S. Indeed, 3.12.b) implies X − 1 = Φn· ∏ Φ d ; since
n
d n , d ≠n
d(a)
da | n, da ≠ n and X ∏d d (a ) Φ d , the claim follows. So, Φn(q)
−1=
n n d(a)
divides q − 1 and also divides (q − 1)/(q − 1), ∀a ∈ S; from (1)
we obtain that Φn(q) | (q − 1).
On the other hand, |Φn(q)| = ∏ζ ∈P n
q − ζ . We have |q − ζ | > q − 1,
∀n ≥ 2, ∀ζ ∈ Pn (to see this, represent the complex nth roots of unity
in a plane). So |Φn(q)| > q − 1, contradiction with Φn(q) | q − 1. !
Exercises
1. Let K ⊆ L be an extension of degree n of finite fields. Show that the

lattice of all intermediate fields of the extension is isomorphic to the
lattice of the divisors of n (ordered by divisibility).
2. Let G be a finite group and let exp(G) := LCM{ord a | a ∈ G} (the
exponent of G). Prove that:
a) If a, b ∈ G, ab = ba and (ord a, ord b) = 1, then
ord ab = (ord a)(ord b).
b) For any a, b ∈ G, ab = ba implies that there exists c ∈ G with
ordc = [ord a, ord b].
c) If G is Abelian, there exists an element g of G such that
ord(g) = exp(G).
3. Let K be a finite field of characteristic p and let α ∈ K*. If
α generates the group K*, then K = Fp(α). Is the converse true?
4. Let K be a finite field. Show that any function ϕ : K → K is polyno-
mial (there exists a polynomial g ∈ K[X] such that ϕ(x) = g(x),
n
∀x ∈ K). More generally, show that any function ϕ : K → K is
polynomial (there is a polynomial g ∈ K[X1,…, Xn] such that
n
ϕ(x1,…, xn) = g(x1,…, xn), ∀(x1,…, xn) ∈ K ). What happens if K is
infinite?
5. Let K be a finite field with q elements.
a) Show that, ∀n ∈ N*, the product of all irreducible monic
n
polynomials in K[X] with degree dividing n is X q − X . (Hint. Show
they have the same roots.)
b) Let N(n, q) be the number of irreducible monic polynomials in
K[X] having degree n. Then:
∑d|n d·N(d, q) = q n
c) Compute N(p, q) for p a prime.
6. Let K be a finite field with q elements. Determine the number of

equivalence classes in Mn(K) with respect to similarity, for any n ≤ 3.
(Hint. Use that two matrices are similar ⇔ they have the same
elementary divisors. Make a connection to the N(r, q) for r ≤ n.)
7. Let K ⊆ L be an extension of finite fields, [L : K] = n. Then any irre-
ducible polynomial of degree n in K[X] splits in L[X].
8. Give an example of a finite field K and of an irreducible polynomial
g ∈ K[X], deg g ≥ 2, such that, if α, β are roots of g in Ω, then
p
α − β ∈ K (cf. exercise 2.9). (Hint. If K = Fp, g = X − X − a, with
a ∈ Fp, then g(X + c) = g(X), ∀c ∈ Fp.)
9. Find the number of irreducible polynomials of degree 2 in F5[X]. If
2
α is o root of X + 2 ∈ F5[X], then any polynomial of degree 2 in
F5[X] has a root in F5[α].
k −1
10. Let p be a prime and let k ∈ N. Then Φpk = Φp( X p ).
11. Let Ω be an algebraic closure of the field Fp. Then Ω has uncount-
able many subfields. (Hint. For any subset S of the set of all prime
numbers P, consider the subfield CS of Ω, CS is the composite of the
fields {Fpn | n is a product of primes from S}.)
The following exercises are about the solutions in finite fields of
polynomial equations in several unknowns. In the particular case Zp,
these yield results on “congruences mod p”. For some developments,
see BOREVICH, SHAFAREVICH [1985].
12. Let F be a finite field with q elements and let r ∈ N*. Show that:
r
a) Ur(F) = {x ∈ F* | x = 1} is a cyclic subgroup of F*, with d ele-
ments, where d = (q − 1, r).
b) Let Sr = Sr, q = ∑{x | x ∈ Ur(F)}. Then Sr, q = 1 if |Ur(F)| = 1;
Sr, q = 0 if |Ur(F)| > 1. (Hint. If α is a generator of Ur(F), then αSr = Sr).
c) Let m ∈ N* and Tm = Tm, q = ∑{x | x ∈ F}. Then Tm, q = −1 if
m
(q − 1) | m ; Tm, q = 0 if (q − 1) - m.
d) Let f ∈ F[X1,…, Xn], of (total) degree < n(q − 1). Then:
IV.4 Transcendental extensions 223
∑{ f (x1, …, xn) | (x1, …, xn) ∈ F n} = 0.

(Hint. It is sufficient to suppose f is a monomial. Then the sum
above is a product of n sums of type Tm, and at least one m is < q − 1.)
13. (Warning) Let F be a field with q elements, char F = p and
n
g ∈ F[X1,…, Xn], deg g < n. Then the number N of solutions in F of
the equation g(x1, …, xn) = 0 is a multiple of p. (Hint. Let
q−1
f := 1 − g . Then deg f < n(q − 1) and g(x1, …, xn) ≠ 0 ⇔
f (x1, …, xn) = 0; also g(x1, …, xn) = 0 ⇔ f (x1, …, xn) = 1. Calculate
∑{f (x1, …, xn) | (x1, …, xn) ∈ F n} and use the previous exercise.)
14. (Chevalley) Suppose F is a field with q elements, char F = p and
g ∈ Zp[X1,…, Xn] is a homogeneous polynomial, deg g < n. Then the
n
number of solutions in F of the equation g(x1,…, xn) = 0 is a nonzero
multiple of p. In particular, the equation has solutions other than
(0,…, 0).
IV.4 Transcendental extensions
Recall that the extension K ⊆ L is called transcendental if it is not

algebraic: L contains a transcendental element over K. For example, R
is a transcendental extension of Q. The field K(X) of rational fractions
with coefficients in K is a transcendental extension of K. More gener-
ally, if (Xi)i∈I is a family of indeterminates and K(X; I) is the field of
rational fractions in the indeterminates (Xi)i∈I with coefficients in K,
then K ⊆ K(X; I) is a transcendental extension.
4.1 Definition. a) Let K ⊆ L be a field extension and let {x1, …, xn}

be a finite subset of L. We call {x1, …, xn} an algebraically independ-
ent set over K (or say that x1, …, xn are algebraically independent over
K) if, for any polynomial f ∈ K[X1, …, Xn], f(x1, …, xn) = 0 implies

f = 0. An arbitrary subset S of L is called algebraically independent
over K if any finite subset of S is algebraically independent over K.
The set S is called algebraically dependent over K if S is not algebrai-
cally independent over K. This means that there exist x1, …, xn ∈ S,
distinct and f ∈ K[X1, …, Xn], with f ≠ 0 and f(x1, …, xn) = 0; we call
the equality f(x1, …, xn) = 0 an algebraic dependence relation over K
for S.
b) The extension K ⊆ L is called a purely transcendental extension
if L is generated over K by a set of algebraically independent elements
over K: there exists a subset S of L, algebraically independent over K,
such that L = K(S).
4.2 Remark. Let (Xs)s∈S be a family of indeterminates indexed by

S, a subset of L. The subset S is algebraically independent over K if
and only if the unique homomorphism of K-algebras v : K[X; S] → L
such that v(Xs) = s, ∀s ∈ S, is injective. The image of this homomorph-
ism is K[S], the subring generated by K and S in L (the K-subalgebra
of L generated by S). Thus, S is algebraically independent over K if
and only if v : K[X; S] → K[S] v(Xs) = s, ∀s ∈ S, is an isomorphism.
This isomorphism between the domains K[X; S] and K[S] induces an
isomorphism between the fields of fractions K(X; S) and K(S).
In other words, an algebraically independent set over K behaves the
same as a set of indeterminates in the field of fractions of a polyno-
mial ring with coefficients in K. another way to say this is: the purely
transcendental extensions of K are (up to K-isomorphism) the exten-
sions K ⊆ K(X; I), where (Xi)i∈I is a family of indeterminates.
4.3 Examples. a) The singleton {x} is algebraically independent

over K if and only if x is transcendental over K. Thus, {e} is algebrai-
3
cally independent over Q. Likewise, {π} and {e } are algebraically
5
independent sets over Q. The set {e, e } is not algebraically independ-
5 5
ent over Q because f (e, e ) = 0, where f = Y − X ∈ Q[X, Y]. It is not
known if {e, π} is algebraically independent over Q.
b) The empty set is algebraically independent over any field.
c) Let K be a field and let n ∈ N*. The symmetric elementary
polynomials s1, …, sn are algebraically independent over K in
K(X1,…, Xn). This statement is equivalent to the uniqueness part in the
fundamental theorem of symmetric polynomials: “Any symmetric
polynomial in K[X1,…, Xn] is written uniquely as a polynomial with
coefficients in K of s1, …, sn.”
5
d) In K ⊆ K(X, Y), the elements X and Y are algebraically
independent over K. Prove this. Can you generalize? So,
5 5
K[X, Y] ≅ K[X , Y] (K-isomorphism), although K[X , Y] ( K[X,Y].
4.4 Proposition. Let K ⊆ L be an extension and let S, T be disjoint

subsets of L, with S algebraically independent over K. Then S ∪ T is
algebraically independent over K if and only if T is algebraically
independent over K(S).
Proof. Suppose S ∪ T is algebraically independent over K. If T is
algebraically dependent over K(S), then there exist t1, …, tn ∈ T and a
polynomial f in n indeterminates with coefficients in K[S] such that
f (t1, …, tn) = 0. Write down this equality, taking into account the form
of the elements in K[S], to obtain an algebraic dependence relation
over K for S ∪ T.
Conversely, let T be algebraically independent over K(S) and sup-
pose S ∪ T is algebraically dependent over K. Then there exist s1,
…, sm ∈ S, t1, …, tn ∈ T, distinct, and a nonzero polynomial f in m + n
indeterminates with coefficients in K such that
f (s1, …, sm, t1, …, tn) = 0.
Group the terms by the monomials in t1, …, tn to obtain a relation
of the form g(t1,…, tn) = 0, with g nonzero polynomial in n indetermi-
nates with coefficients in K(S). !
4.5 Definition. Let K ⊆ L be an extension and let S be a subset of

L.
a) S is called a set of algebraic generators of L over K (or say that S
algebraically generates L over K) if K(S) ⊆ L is an algebraic exten-
sion. This is equivalent to the fact that any element α ∈ L satisfies an
equation of the form:
∑ f k ( x1,… , xm )α k = 0 ,
0≤ k ≤ n
for some x1, …, xm ∈ S and fk ∈ K[X1, …, Xm], ∀k ∈ {0, …, n}, with
fn(x1, …, xm) ≠ 0.
b) S is called a transcendence basis for the extension K ⊆ L (or a
transcendence basis of L over K) if S is algebraically independent over
K and S algebraically generates L over K.
4.6 Examples. a) The extension K ⊆ L is algebraic if and only if

the empty set ∅ is a transcendence basis of L over K.
b) If (Xi)i∈I is a set of indeterminates, then (Xi)i∈I is a transcendence
basis of the field of rational fractions K(X; I) over K.
c) {e} is a transcendence basis of Q ⊆ Q(e, 2 ).
4.7 Proposition. Let K ⊆ L be an extension and let S be a subset of

L. The following statements are equivalent:
a) S is a transcendence basis of L over K.
b) S is a maximal algebraically independent set over K.
c) S is a minimal set of algebraic generators of L over K.
Proof. a)⇒b) Let α ∈ L \ S. Since S algebraically generates L over
K, there exist x1, …, xm ∈ S and fk ∈ K[X1, …, Xm] such that α satisfies
an equation of the form:
∑ f k ( x1,… , xm )α k = 0 ,
0≤ k ≤ n
so S ∪{α} is not algebraically independent over K.
b)⇒a) We must prove that K(S) ⊆ L is algebraic. Suppose α ∈ L is

not algebraic over K(S). Then the previous result shows that S ∪{α} is
algebraically independent over K, contradicting the maximality of S.
a)⇒c) We must prove that, for any α ∈ S, S \{α} is not a set of
algebraic generators of L over K, i.e. L is a transcendental extension of
K(S \{α}). Indeed, α is transcendental over K(S \{α}) (otherwise S
would be algebraically dependent over K).
c)⇒a) It is sufficient to see that S is algebraically independent over
K. If it is not so, then there exist s1, …, sn ∈ S and f ∈ K[X1,…, Xn],
with f ≠ 0 and f (s1, …, sn) = 0. Relabeling if necessary, we may sup-
pose that there exists a monomial in f that contains a power of s1. This
means that s1 is algebraic over K(s2, …, sn), so S \{s1} algebraically
generates L over K, contradicting the minimality of S. !
There is a similarity between the concepts of linear independence
(respectively generating set, basis) in vector spaces and algebraic
independence (respectively set of algebraic generators, transcendence
basis) in field extensions. The same method used at vector spaces
(Zorn's Lemma) is used to prove the existence of a transcendence basis
of an extension.
4.8 Theorem. Let K ⊆ L be a field extension and let S, T be subsets

of L such that S ⊆ T, S is algebraically independent over K and T is a
set of algebraic generators of L over K. Then:
a) There exists a transcendence basis B of L over K such that
S ⊆ B ⊆ T.
b) The extension K ⊆ L has a transcendence basis.
Proof. a) We look for a transcendence basis as a maximal algebrai-
cally independent set B over K, with S ⊆ B ⊆ T. To this end, define
B := {C | S ⊆ C ⊆ T, C is algebraically independent over K}.
B is nonempty, since S ∈ B. Order B by inclusion. The set B is
inductively ordered (straightforward proof) and has thus a maximal
element B. We claim that B is a transcendence basis. B is algebraically

independent over K since B ∈ B. There is left to show that L is alge-
braic over K(B). Since L is algebraic over K(S), it is sufficient to prove
that any α in S is algebraic over K(B). If α ∈ S is transcendental over
K(B), then B ∪{α} is algebraically independent over K (by 4.4),
contradicting the maximality of B.
b) Apply a) with S = ∅ and T = L. !
Thus, any field extension K ⊆ L can be “decomposed” in a tower of
extensions K ⊆ K(S) ⊆ L, with S a transcendence basis of L over K;
K ⊆ K(S) is purely transcendental and K(S) ⊆ L is algebraic.
As the bases in a vector space, any two transcendence bases of an
extension have the same cardinal. For the proof, we use the following
lemma, which says that, for two transcendence bases, any element in
the first base can be replaced with some element in the second base, to
obtain a transcendence basis.
4.9 Lemma. Let K ⊆ L be a field extension and let S, T be

transcendence bases of K ⊆ L. Then, for any s ∈ S, there exists t ∈ T
such that (S \{s}) ∪{t} is a transcendence basis.
Proof. For any s ∈ S and t ∈ T, let Sst := (S \{s}) ∪{t}. Let s ∈ S.
Suppose any t ∈ T is algebraic over K(S \{s}). Then L is algebraic over
K(S \{s}), because L is algebraic over K(T) and the transitivity of alge-
braic extension applies. But this contradicts the fact that S is a minimal
set of algebraic generators of L over K (see 4.7). Thus, there exists
t ∈ T, transcendental over K(S \{s}). By 4.4, Sst is algebraically
independent over K. Let us show that Sst is also a set of algebraic
generators of L over K. We remark that s is algebraic over K(Sst). In-
deed, if not, s is transcendental over K(Sst), so Sst ∪{s} = S ∪{t} is
algebraically independent over K, (use 4.4). But this contradicts the
fact that S is a maximal algebraically independent set over K. So, any
element in S is algebraic over K(Sst). Since L is algebraic over K(S), the

transitivity property implies L is algebraic over K(Sst). !
4.10 Theorem. Any two transcendence bases of a field extension

K ⊆ L have the same cardinal.
Proof. Suppose first that K ⊆ L has a finite transcendence basis
S = {s1, …, sn}. Let T be another transcendence basis of L over K. For
s1 ∈ S, the previous lemma yields t1 ∈ T such that S1 := {t1, s2, …, sn}
is a transcendence basis. Let 1 ≤ i < n and suppose we have found t1,
…, ti ∈ T such that Si := {t1, t2, …, ti, si+1, …, sn} is a transcendence
basis. Apply again the previous lemma for Si, T and si+1 to obtain
ti+1 ∈ T such that Si+1 := {t1, t2, …, ti+1, si+2, …, sn} is a transcendence
basis. Thus, there exist t1,…, tn ∈ T such that Sn := {t1, …, tn} is a tran-
scendence basis. Since Sn ⊆ T and T is also a transcendence basis, we
deduce Sn = T, so |T| = |Sn| = n = |S|.
In the case when any transcendence basis of L over K is infinite, let
S and T be two such bases. For any t ∈ T, since t is algebraic over
K(S), there exists a finite subset St of S such that t is algebraic over
K(St). Let S' = ∪t∈T St. Since T is algebraic over K(S') and L is alge-
braic over K(T), L is algebraic over K(S'). So S' = S, since S is a mini-
mal set of algebraic generators of L over K. We have:
|S| = |S'| = |∪t∈T St| ≤ |T × N| = |T|.
We used the fact that T is infinite, so |T × N| = |T|. Thus, |S| ≤ |T|.
By symmetry, |T| ≤ |S|, so |S| = |T|. !
This theorem shows that the following definition is correct.
4.11 Definition. Let K ⊆ L be a field extension. The cardinal of a

transcendence basis of L over K is called the transcendence degree of
the extension L/K and is denoted trdeg (L/K).
4.12 Example. Let K be a field and let L := K(X1, …, Xn). Example

4.3 says that the symmetric fundamental polynomials s1, …, sn are
algebraically independent over K, so there exists a transcendence basis
of K ⊆ L that includes {s1, …, sn}. On the other hand, {X1, …, Xn} is
clearly a transcendence basis of K ⊆ L, so trdeg (L/K) = n. This means
that {s1, …, sn} is a transcendence basis of K(X1, …, Xn) over K.
The transcendence degree is “additive” (compare with the property
1.26 of the degree of an extension).
4.13 Proposition. Let K ⊆ L ⊆ M be a tower of field extensions.

Then:
trdeg (M/K) = trdeg (M/L) + trdeg (L/K).
Proof. Let S, T be transcendence bases for K ⊆ L, respectively
L ⊆ M. It is clear that S ∩ T = ∅, so it is enough to prove that S ∪ T is
a transcendence basis for K ⊆ M.
Since T is algebraically independent over L and K(S) ⊆ L, T is
algebraically independent over K(S). By 4.4, S ∪ T is algebraically
independent over K.
In order to prove that S ∪ T algebraically generates M over K, re-
mark that M is algebraic over L(T). But L is algebraic over K(S), so
L(T) is algebraic over K(S)(T). The transitivity of algebraic extensions
implies that M is algebraic over K(S)(T) = K(S ∪ T). !
Exercises
1. Any transcendental extension has an infinity of intermediate fields.

2. Prove that an extension K ⊆ L is finitely generated if and only if its
transcendence degree is finite and, if B is a transcendence basis, the
degree [L : K(B)] is finite. (Hint: If L = K(S), with S finite, there exists

a transcendence basis B included in S. Then L is algebraic and finitely
generated -by S- over K(B).)
3. Let K ⊆ L be a field extension and let α, β ∈ L. Then there exists a
K-isomorphism K(α) ≅ K(β) that takes α in β if and only if α and β are
either both transcendental, either both algebraic and have the same
minimal polynomial over K.
4. Prove that the following statement is false: “If E and F are subfields
of the field L such that E ⊆ L and F ⊆ L are algebraic, then E ∩ F ⊆ L
2 2
is algebraic”. (Hint. K(X + X) ∩ K(X ) = K.)
5. Let K ⊆ L be a purely transcendental extension. Then L is not an
algebraically closed field. (Hint. Prove that for any field K, K(X) is not
algebraically closed.)
6. Let K ⊆ L be an extension and let α ∈ L be algebraic over K. If
t ∈ L is transcendental over K, then Irr(α, K) = Irr(α, K(t)).
7. Let Ω be an algebraically closed field and let K be a subfield in Ω
such that trdeg (Ω/K) is infinite. Show that there exists a
K-endomorphism of Ω that is not an automorphism.
8. Let Ω be an algebraically closed field and let K be a subfield in Ω
such that trdeg (Ω/K) is finite. Show that any K-endomorphism of Ω is
an automorphism.
9. Let Ω be an algebraic closure of C(X). Show that there exists a field
isomorphism C ≅ Ω.
10. Let K ⊆ C be a field extension such that C is algebraically closed.
Let Ω = K'C. Prove that, for any x1, …, xn ∈ C, K(x1, …, xn) ∩ Ω =: L
is a finite extension of K. (Hint. Let B = {x1, …, xr} be a transcendence
basis of K ⊆ K(x1, …, xn), with r ≤ n. Then B is a transcendence basis
of L ⊆ L(x1, …, xn) = K(x1, …, xn).)
V. Galois Theory
The idea behind modern Galois Theory is the following: for a given
field extension, one associates to it a group (the Galois group of the
extension). Various properties of the extension can then be deduced by
investigating its Galois group. The idea of studying a certain structure
(in our case, a field extension) by associating to it another structure (in
our case, a group) has been very fertile in 20th century mathematics. It
can be found in many areas: Algebraic Topology, Class Field Theory
(recently generalized in the form of the “Langlands Correspondence”),
Algebraic Geometry, Representation Theory, and the list is far from
complete. The recent proof of Fermat's Last Theorem 1 uses Galois
Theory as a basic tool.
1
Pierre de Fermat (1601-1665), French mathematician. “Fermat’s Last
n n n
Theorem” claims that if n ≥ 3 is an integer, then the equation x + y = z has no
positive integer solutions. All attempts at proving this assertion failed until 1995,
although a lot of partial results were proven. In 1995, the English mathematician
Andrew Wiles proved the “Shimura-Taniyama conjecture”, a statement which
implies FLT (a fact proven by Gerhard Frey and Ken Ribet in 1986). It appeared
soon that some parts of the proof were wrong, but A. Wiles and R. Taylor finally
gave a proof which is now accepted as correct. A major part of modern number
theory and Algebra owes its existence to the efforts of proving FLT.
232
V.1 Automorphisms 233
V.1 Automorphisms
Recall that, given a field extension K ⊆ L, a K-automorphism of L

is a bijective field homomorphism σ : L → L with σ |K = id; in this
−1
case, σ is also a K-automorphism of L.
1.1 Definition. Let K ⊆ L be a field extension. The Galois group of

the extension K ⊆ L is the set of K-automorphisms of L (where the
group operation is the composition of maps), denoted by Gal(L/K) or
G(L/K).
If f is a polynomial in K[X] and F is the splitting field of f over K,

G(F/K) is called the Galois group of the polynomial f over K, denoted
Gf /K, or Gf, if K is understood.
The transfer of properties from intermediate fields of the extension
K ⊆ L to subgroups of the Galois group and vice versa is accom-
plished by means of two natural maps, called the Galois Connections,
which we now define.
We denote by IF(L/K) the set of intermediate fields of the extension
K ⊆ L and by Subg(G(L/K)) the set of subgroups of the group G(L/K).
To any intermediate field E ∈ IF(L/K) we associate the subgroup
G(L/E), i.e. the set of those σ ∈ G(L/K) for which σ|E = <id. Checking
that G(L/E) is a subgroup in G(L/K) is trivial. The other way around,
to any subgroup H of G(L/K) associate the fixed field of H, defined as
H
{x ∈ L | σ(x) = x, ∀σ ∈ H} and denoted by L . The proof of the fact
H
that L is an intermediate field of K ⊆ L is immediate2. Thus, we de-
fine:
S
2
More generally, for any subset S of G(L/K), defining L = {x ∈ L | σ(x) = x,
S
∀σ ∈ S}, one can easily verify that L is a subfield of L containing K and that
S <S>
L = L , where < S > is the subgroup generated by S.
234 V. Galois Theory
Φ : IF(L/K) → Subg(G(L/K)), Φ(E) = G(L/E), ∀E ∈ IF(L/K);

H
Ψ : Subg(G(L/K)) → IF(L/K), Ψ(H) := L , ∀H ∈ Subg(G(L/K)).
A natural question arises: Under what conditions the maps
Φ and Ψ are bijective and inverse to each other?
The answer is given, for algebraic extensions, by the Fundamental
Theorem of Galois Theory. First, let us review some simple but far-
reaching properties of K-homomorphisms.
1.2 Proposition. Let K ⊆ L, K ⊆ E be field extensions and

ϕ : L → E a K-homomorphism.
a) If L = E and K ⊆ L is finite, then ϕ is an automorphism.
b) For any f ∈ K[X] and any root α of f in L, ϕ(α) is a root of f in
E.
c) If S is system of generators of the extension K ⊆ L (that is,
L = K(S)), and σ : L → E is a K-homomorphism such that σ|S = ϕ|S,
then σ = ϕ.
Proof. a) Viewing L as a K-vector space, ϕ is a K-vector space
endomorphism of L. Since ϕ is injective (being a field homomorph-
ism), we have dim Imϕ = dim L. So Imϕ = L.
n n
b) Let f = a0 + a1X + … + anX . Then a0 + a1α + … + anα = 0.
Applying ϕ, it follows that
n
a0 + a1ϕ(α) + … + anϕ(α) = ϕ(0) = 0,
since ϕ is a K-homomorphism and the ai's are in K. Thus, ϕ(α) is a
root of f.
−1
c) Any element of L is of the type xy , where y ≠ 0, and x,
y ∈ K[S], so they are of the form ∑ '
ai1… in x1i1 … xnin , where
( i1 , …, in ) ∈' n
ai1… in ∈ K and ∑' indicates the fact that the sum has a finite number of
terms. For such an element, we have:
ϕ (∑ ' ai1…in x1i1 … xnin ) = ∑ ' ai1…inϕ ( x1 )i1 …ϕ ( xn )in =

∑ ' ai …i σ ( x1 ) …σ ( xn ) n = σ (∑ ' ai1…in x1i1 … xnin ) ,
i1 i
1 n
which shows that ϕ = σ. !
1.3 Corollary. Let K ⊆ L be a field extension, let σ ∈ G(L/K) and

let f ∈ K[X]. Then:
a) σ permutes the roots of f in L.
b) If L = K(S) (S generates L over K), then σ is determined by its ac-
tion on S.
c) If x1,…, xn are the distinct roots of f in an algebraic closure of K
and L = K(x1, …, xn) is the splitting field of f over K, then G(L/K) = Gf
is isomorphic to a subgroup of the symmetric group Sn.3
Proof. c) View Sn as the group of permutations of the set
R := {x1, …, xn}. The map ϕ : G(L/K) → Sn, σ & σ|R, ∀σ ∈ G(L/K), is
a homomorphism (injective, by b)). !
These simple facts are fundamental in determining the Galois
group of an extension. It is useful to introduce the following concept:
1.4 Definition. Let K ⊆ L be a field extension and let α, β elements

of L, algebraic over K. We say that α and β are conjugate over K if
they have the same minimal polynomial over K: Irr(α, K) = Irr(β, K).
In other words, α and β are roots of the same irreducible polynomial f
with coefficients in K. One also says “β is a conjugate of α”.
This definition agrees with the terminology “conjugate numbers”,
used to designate the complex numbers α = a + ib and β = a − ib
(where a, b ∈ R). Indeed, α and β have the same minimal polynomial
3
This is in fact the original view that Evariste Galois had on the notion of group
associated to a polynomial. We shall exploit this point of view later in order to
obtain data on the Galois group of a polynomial.
over R (find it!). The same remark can be made for the “conjugates”
γ = a + b d and δ = a − b d , where a, b ∈ Q; γ and δ are conjugate
over Q, in the sense of the above definition.
An algebraic element α over K can have at most n conjugates,
where n is the degree of α over K (n = deg Irr(α, K)). The corollary
3.15.a) says that σ(α) is a conjugate of α, ∀σ ∈ G(L/K).
1.5 Corollary. Let K ⊆ K(α) be a simple field extension. Then its

Galois group G has at most n elements, where n = [K(α) : K] is the de-
gree of α.
Proof. A K-automorphism σ ∈ G is determined by its value in α.
Since σ(α) is a conjugate of α, there are at most n possibilities to
choose σ(α) from. !
Thus, the elements of the Galois group can be found by inspecting
their action on a generating set. Moreover, one must remember that
they transport any element in one of its conjugates. The following
examples illustrate this technique.
1.6 Examples. a) Consider the extension R ⊆ C and let

G = Gal(C/R). Because C = R[i], where i = − 1 , it is sufficient to
look for the action of the automorphisms in G on i. Because the mini-
2
mal polynomial of i is X + 1, σ(i) ∈ {i, −i}, ∀σ ∈ G. If σ (i) = i, then
σ = id; if σ (i) = −i, then σ is the “complex conjugation”:
σ (a + bi) = a + bσ (i) = a − bi, ∀a, b ∈ R. So, G(C/R) consists of two
elements: the identity map and the conjugation map.
b) Let us find G = G (Q(3 2 ) Q ) . For any σ ∈ G, σ (3 2 ) is a root of
X − 2; but 3 2 is the only root of X − 2 in Q{ 3 2 }, so σ (3 2 ) = 3 2 .
3 3
Since { 3 2 } generates the extension, σ = id. So, G = {id}, but

Q ( Q{ 3 2 }.
c) Let K = F2(X) (the rational function field with coefficients in F2)
and let F := F2 ( X 2 ) , the subfield generated by F2 and X . Who is
2
G(K/F)? Obviously, K = F(X), where X is algebraic over F as a root of

2 2
h = Y − X ∈ F[Y]. This is even the minimal polynomial of X over F:
otherwise, the minimal polynomial would be of degree 1, which
2
means that X ∈ F. But X ∉ F: indeed, if X = f /g, with f, g ∈ F2 [X ],
then Xg = f. In this equality of polynomials in X, the left hand side has
odd degree and the right hand side has even degree, contradiction.
2
Note that h can be written (in K[Y]) h = (Y − X) , so X is a double root
of h.
Take now σ ∈ G(K/F); then σ (X) can only be X (the unique root of
h in K). The fact that X generates K over F implies σ = id. So
G(K/F) = {id}, but F ( K.
In the cases b) and c) above a bijective correspondence between the
subgroups of the Galois group and the intermediate fields cannot ex-
ist: the Galois group is trivial (thus it has only one subgroup), but the
extensions are not trivial (they have at least two intermediate fields).
Let us look closer at the reasons behind this phenomenon. Note that
the given extensions are simple (each is generated by a single element
α), so any automorphism σ in the Galois group is perfectly known by
its action on α ; moreover, σ (α) must be a conjugate of α. But in both
cases α has no conjugates in the extension: in b), the conjugates exist,
but they are in a larger extension (for instance, in the splitting field of
3
X − 2 over Q); in c), α has no conjugates distinct from itself because
its minimal polynomial has only one root (which is a double root).
Thus, it appears natural to consider the following two properties
that an algebraic extension K ⊆ L may have:
“Normality”: For any α ∈ L, Irr(α, K) has all its roots in L.
“Separability”: For any α ∈ L, Irr(α, K) has no multiple roots.
It turns out that for finite extensions, these are necessary and suffi-
cient conditions for the bijectivity of the Galois connections. The
following two sections are devoted to the study of the conditions

above.
V.2 Normal extensions
2.1 Definition. A field extension K ⊆ L is called a normal exten-

sion if it is algebraic and for any α ∈ L, Irr(α, K) has all its roots in L.
In this case, one says “L is normal over K”.
Remark that the algebraic extension K ⊆ L is normal iff any
irreducible polynomial in K[X], which has a root in L, has all its roots
in L. An easy example of normal extension is the extension K ⊆ Ω,
where Ω is an algebraic closure of K.
In concrete situations, checking the above definition is rarely
practical (for any α, one must find Irr(α, K) and its roots). Before giv-
ing other examples, let us give some necessary and sufficient condi-
tions for an algebraic extension to be normal.
2.2 Proposition. Let K ⊆ L be an algebraic extension and let Ω be

an algebraic closure of L. The following statements are equivalent:
a) K ⊆ L is normal.
b) For any K-homomorphism ϕ : Ω → Ω, we have ϕ(L) ⊆ L.
c) For any K-homomorphism ϕ : Ω → Ω, we have ϕ(L) = L.
d) There exists a family of polynomials F ⊆ K[X] such that L is the
splitting field of F over K.
Proof. a)⇒b) Let ϕ : Ω → Ω be a K-homomorphism and take
α ∈ L. If f is Irr(α, K), then ϕ(α) is a root of f, so α ∈ L.
V.2 Normal extensions 239
b)⇒a) Fix an α ∈ L and denote by f its minimal polynomial over

K. All roots of f lie in Ω; let β ∈ Ω be another root of f. There exists a
K-isomorphism σ : K(α) → K(β) which takes α to β. Extend σ (see
theorem IV.2.19) to a K-homomorphism τ : Ω → Ω. Because τ(L) ⊆ L
and τ(α) = σ(α) = β, we obtain β ∈ L. So, all roots of f are in L.
a)⇒c) By b), we already know that ϕ(L) ⊆ L. It remains to show
that ϕ is surjective. Take α ∈ L, let f = Irr(α, K) and let S be the set of
all roots of f in Ω. We saw that S ⊆ L and that ϕ(S) ⊆ S. But ϕ is injec-
tive (it is a field homomorphism) and S is finite, so ϕ|S : S → S is a
bijection. Thus there is a β ∈ S with ϕ(β) = α.
a)⇒d) Let F = {Irr(x, K) | x ∈ L}. Because K ⊆ L is normal, the
roots of any polynomial in F are in L, so the splitting field of F over K
is included in L. The fact that L is included in the splitting field of F
over K is obvious.
d)⇒b) Let S be the set of the roots in Ω of the polynomials in F,
S = {α ∈ Ω | ∃f ∈ F such that f(α) = 0}. By hypothesis, L = K(S). If
ϕ : Ω → Ω is a K-homomorphism, then ϕ(S) ⊆ S (by 1.2.b)), so
ϕ(L) ⊆ L. !
2.3 Examples. a) The extension Q(3 2 ) Q is not normal, because

3
Irr( 3 2 , Q) = X − 2 has also complex non real roots.
b) If we want a normal extension of Q that contains 3 2 , we must
3
adjoin the other roots of X − 2. We obtain the extension
Q(3 2 ,ω ) Q , where ω ∈ C is a root of the polynomial X + X + 1. In-
2
2 , 3 2ω , 3 2ω 2 and so Q(3 2 ,ω ) =
3
deed, the roots of X − 2 are 3
Q(3 2 , 3 2ω , 3 2ω 2 ) is the splitting field of X − 2 over Q.

3
c) Any extension K ⊆ L of degree 2 is normal. Indeed, pick

α ∈ L \ K and let f = Irr(α, K). Since f has degree 2 (because K(α) = L)
and f is divisible by X − α in L[X], f decomposes in linear factors in
L[X].
In order to prove that a given finite extension K ⊆ L is normal, the

most frequent approach is to prove that L is a splitting field for some
polynomial in K[X].
2.4 Remark. If K ⊆ L is normal, Ω is an algebraic closure of L and

ϕ : Ω → Ω is a K-homomorphism, then ϕ|L is a K-automorphism of L
(an element of G(L/K)). Since Ω is a normal extension of K, every
K-homomorphism ϕ : Ω → Ω is an automorphism. So, in the
characterizations above, “K-homomorphism” can be replaced by
“K-automorphism”.
2.5 Corollary. Let K ⊆ L be a finite extension. Then the extension

K ⊆ L is normal iff there exists f ∈ K[X] such that L is the splitting
field of f over K.
Proof. Suppose K ⊆ L is normal; let S = {x1, …, xn} ⊆ L be such
that L = K(S). If we take f = Irr(x1, K)⋅ …⋅ Irr(xn, K), then L is the split-
ting field of f over K. The converse is already proven. !
2.6 Definition. If K ⊆ L is algebraic, Ω is an algebraic closure of L

and σ is a K-automorphism of Ω, then σ(L) is called a conjugate
extension of L over K in Ω.
The situation in Examples a), b) above can be generalized: if K ⊆ L
is not normal, by adjoining to L the roots of the minimal polynomials
of a set of generators of L over K, one gets a normal extension.
2.7 Proposition. Let K be a field, Ω an algebraic closure of K and

L an extension of K, L ⊆ Ω. Then there exists a unique normal exten-
sion N of K such that L ⊆ N ⊆ Ω, which is the smallest with this prop-
erty. More precisely, for any normal extension K ⊆ F with L ⊆ F ⊆ Ω,
we have N ⊆ F. Also, N is the composite of the conjugates of L over K
in Ω:
N = K(∪{σ(L) | σ ∈ AutK(Ω)})
Moreover, if K ⊆ L is finite, then K ⊆ N is finite.

Proof. Let S ⊆ L such that L = K(S). We consider I = {Irr(x, K) |
x ∈ S}; take N to be the splitting field of the family I over K. It is clear
that N includes L and N is normal over K. If L is finite over K, we can
take S finite, so I is also finite. So, N is a finite extension of K.
If F is a normal extension of K with L ⊆ F ⊆ Ω, then S ⊆ F, so the
splitting field of Irr(x, K) over K is included in F, for any x ∈ S. Thus,
the splitting field of I over K (that is, N) is included in F.
The uniqueness of N results from the minimal condition proved
above: if M is another extension with the same properties, M ⊆ N and
N ⊆ M, so M = N.
Let M be the composite of the conjugates of L over K in Ω. If τ is a
K-automorphism of Ω, then
{σ(L) | σ ∈ AutK(Ω)} = {τσ(L) | σ ∈ AutK(Ω)}
So, τ(M) = K({τσ(L) | σ ∈ AutK(Ω)}) = K({σ(L) | σ ∈ AutK(Ω)}) = M.
This shows that M is a normal extension of K. Obviously, L ⊆ M.
On the other hand, any normal extension E of K, that includes L, has
the property that σ(E) = E, ∀σ ∈ AutK(Ω), so σ(L) ⊆ σ(E) = E, which
means that M ⊆ E. So, M satisfies the same conditions as N. From the
uniqueness of N it follows that M = N. !
The extension N constructed above is “the smallest” (in the sense of
inclusion) normal extension of K that includes L and is called the nor-
mal closure (in Ω) of the extension L/K (or, of L over K). Since N is
the splitting field over K of a family of polynomials, it follows that the
normal closure does not depend (up to a K-isomorphism) on the alge-
braic closure Ω that we choose.
Normal extensions are not transitive: , ⊆ , ( 2 ) and
Q( 2 ) ⊆ Q(4 2 ) are normal, being of degree 2, but Q ⊆ Q(4 2 ) is not
normal (why?). We have however the following:
2.8 Proposition. Let K ⊆ L be a normal extension and E an

intermediate field. Then E ⊆ L is normal.
Proof. Let F be a family of polynomials over K such that L is the
splitting field of F over K. Then L is the splitting field of F (viewed as
included in E[X]) over E. !
2.9 Proposition. Let K ⊆ L be an extension and E, F algebraic

extensions of K, included in L. Then:
a) If K ⊆ E is normal, then F ⊆ FE is normal.
b) If K ⊆ E and K ⊆ F are normal, then K ⊆ EF and K ⊆ E ∩ F are
normal.
Proof. a) E is a splitting field over K for some family I ⊆ K[X], so
E = K(S), where S is the set of all roots in Ω of the polynomials in I.
Then FE = F(K(S)) = F(S), so FE is a splitting field over F for I
(viewed as a subset of F[X]).
b) Let Ω be an algebraic closure of L and ϕ : Ω → Ω be
K-automorphism. Then ϕ(E) ⊆ E, ϕ(F) ⊆ F (as normal extensions), so
ϕ(EF) ⊆ EF and ϕ(E ∩ F) ⊆ E ∩ F. So, K ⊆ EF and K ⊆ E ∩ F are
normal. !
One can see that the results on normal extensions can be proven us-
ing either one of the characterizations given at 2.2 (using the automor-
phisms of the algebraic closure or using splitting fields). We propose
to the reader to give alternate proofs for the results on normal exten-
sions.
Exercises
In the exercises, K is a field and Ω is an algebraic closure of K.

1. Let x, y ∈ Ω. Prove that: x and y are conjugate over K ⇔ there ex-

ists a K-homomorphism ϕ : Ω → Ω such that ϕ(x) = y ⇔ for any nor-
mal extension K ⊆ L such that L ⊆ Ω and x, y ∈ L, there exists a
K-homomorphism ϕ : L → L such that ϕ(x) = y.
2. Let K ⊆ L be a normal extension, K ⊆ E ⊆ L an intermediate field
and F an algebraically closed field. Then any K-homomorphism
ϕ : E → F can be extended to a K-homomorphism ψ : L → F.
3. Let x ∈ Ω and p, q ∈ K[X].
a) If q(x) ≠ 0 then q(x') ≠ 0, for any conjugate x' of x over K.
b) Suppose q(x) ≠ 0. Let g ∈ K[X] such that g(p(x)/q(x)) = 0. Then,
for any conjugate x' of x over K, g(p(x')/q(x')) = 0.
4
4. Let L be the splitting field over Q of the polynomial X − 9. Find
the degree and a basis of the extension Q ⊆ L.
5. Find the normal closures for:
Q ⊆ Q( 3 ), Q ⊆ Q( 3 5 ), Q ⊆ Q( 3, 3 5 ), Q ⊆ Q( 4 2 ).
6. For any α ∈ Ω, denote by Cα the splitting field over K of the
polynomial Irr(α, K). Prove that ∀α, β ∈ Ω, K(α) ⊆ K(β) ⇒ Cα ⊆ Cβ
and that K(α) = K(β) ⇒ Cα = Cβ. Give an example to show that
Cα = Cβ does not necessarily imply K(α) = K(β).
7. Let L be an extension of K, included in Ω. Show that
F := {x ∈ Ω | L contains all roots of Irr(x, K)} is a subfield of L, and F
is a normal extension of K. If K ⊆ E ⊆ L is such that K ⊆ E is normal,
then E ⊆ F.
8. Let K ⊆ L be a normal extension and f ∈ K[X] a irreducible monic
polynomial. If g, h ∈ L[X] are irreducible divisors of f (in L[X]), then
there exists ϕ ∈ AutK(L) such that h = ϕ ( g ) (where ϕ : L[X] → L[X]
is the unique K-algebra homomorphism that extends ϕ and takes X
to X).
9. Give an example showing that the assumption that K ⊆ L is normal
cannot be omitted in the previous statement.
10. Show that any extension of finite fields is normal.

11. Give examples of normal extensions of Q of degrees: 4, 6, and 8.
12. For any n ∈ N*, give an example of a normal extension of degree
n.
13. Let L, E be two distinct extensions of degree 3 of K, included in Ω.
Then [LE : K] ∈ {6, 9}. We have [LE : K] = 6 ⇔ L and E are conju-
gate over K.
V.3 Separability
In this section, we fix a field K. It is convenient to suppose (without

any loss of generality) that all algebraic extensions of the field K that
we consider are included in Ω, a fixed algebraic closure of K.
3.1 Definition. Let K ⊆ L be a field extension.

a) An element α of L is called separable 4 over K if it is algebraic
over L and Irr(α, K) has no multiple roots (in Ω).
b) An irreducible polynomial f ∈ K[X] is called a separable polyno-
mial if f has no multiple roots (in Ω).
c) An arbitrary polynomial in K[X] is called separable if all its
irreducible factors are separable. Note that f ∈ K[X] is separable if and
only if every root of f (in Ω) is separable over K.
d) An element of L is called inseparable over K if it is algebraic
and not separable over K.
4
This terminology, introduced by B. L. van der Waerden, expresses the idea that
the roots of f are "separated" (distinct).
V.3 Separability 245
e) An irreducible polynomial f ∈ K[X] is called an inseparable

polynomial if it has repeated roots
f) The extension K ⊆ L is called a separable extension if it is alge-
braic and every element of L is separable over K (one also says “L is
separable over K”).
g) If K ⊆ L is algebraic and not separable (there exists at least one
element of L, inseparable over K), K ⊆ L is called an inseparable
extension (or we say that “L is inseparable over K”).
Note that the irreducible polynomial f ∈ K[X] is separable iff the
number of distinct roots of f in Ω equals its degree.
2
3.2 Example. a) The polynomial X + 1 ∈ Q[X] is separable over
Q; its roots i and − i are thus separable over Q.
The following simple result will be often used. We remark that the
converse is also true (to be proven in 3.14).
3.3 Proposition. Let K ⊆ L ⊆ M be algebraic extensions. If K ⊆ M

is separable, then K ⊆ L and L ⊆ M are separable.
Proof. Clearly, K ⊆ L is separable. Let us show that any α in M is
separable over L. We know that Irr(α, K) has no multiple roots. On the
other hand, Irr(α, L) divides Irr(α, K) in L[X], so Irr(α, L) cannot have
multiple roots. !
The next result characterizes the irreducible separable polynomi-
als. The characterization of the polynomials having repeated roots us-
ing the formal derivative (IV.2.6) is essential in the proof.
n
3.4 Proposition. Let f = a0 + a1 X + … + an X , with an ≠ 0, be an
irreducible polynomial with coefficients in K.
a) f has repeated roots (is inseparable) iff f ' = 0 ( f' is the formal
derivative of f ).
b) If char K = 0, then f is separable (f has no repeated roots).
p
c) If char K = p > 0, then f is inseparable iff f ∈ K[X ]. Further-
more, there exists e ∈ N* and an irreducible separable polynomial
( )
g ∈ K[X], such that f = g X p .
e
Proof. a) Suppose f is inseparable. Let d = GCD{ f, f '}. If f ' ≠ 0, d is

a divisor of f ' and deg d ≤ deg f ' < deg f. Since f is irreducible, we
must have d = 1, so f has no repeated roots. Conversely, if f ' = 0, then
d = f, so deg d ≥ 1 and f has multiple roots.
n−1
b) If char K ≠ 0, f ' = a1 + … + nan X ≠ 0 because nan ≠ 0.
c) Let char K = p > 0 and f ' = 0. The coefficients of f ' are
iai = (i·1)·ai, i ∈ {1, …, n}. Since iai = 0, we have i·1 = 0 or ai = 0. If
p - i, then i·1 ≠ 0, so ai = 0. Thus ai = 0, ∀i ∈ {1, …, n} with p - i. In
p
other words, f ∈ K[X ].
e
Let e be the greatest integer such that f ∈ K[ X p ]. Let g ∈ K[X]
( ) e
with f = g X p ; then g is irreducible (otherwise f would be reducible!)
p p e +1
and g ∉ K[X ] (if g ∈ K[X ], then f ∈ K[ X p ], contradicting the
maximality of e). So, g is separable. !
The fields that pose no problems of separability are called perfect:
3.5 Definition. A field K is called a perfect field if any algebraic

extension of K is separable.
Rephrasing, a field K is perfect iff any irreducible polynomial in
K[X] is separable. Proposition 3.4.b) says that any field of characteris-
tic 0 is perfect. So, the study of separability is meaningful only in
characteristic p > 0.
3.6 Proposition. Every algebraic extension of a perfect field is a

perfect field.
Proof. Suppose K ⊆ L is algebraic and K is perfect. If α is an alge-
braic element over L, then α is algebraic over K (by transitivity) and
Irr(α, L) divides Irr(α, K) in L[X]. Irr(α, K) has only simple roots, so

Irr(α, L) has the same property. Therefore, α is separable over L. !
3.7 Proposition. The field K is perfect iff the Frobenius

endomorphism is an automorphism (if char K = p > 0, this means
p p p
K = K, where K = {x | x ∈ K}).
Proof. If char K = 0, the Frobenius is the identity map and all is
evident. Let char K = p > 0. Suppose that the Frobenius endomorph-
p
ism (ϕ : K → K, ϕ(x) = x , ∀x ∈ K) is an automorphism. If, on the
contrary, an irreducible inseparable polynomial f ∈ K[X] would exist,
p
then f ∈ K[X ]. Let
n
f= ∑ ai X pi , ai ∈ K.
i =0
Since ϕ is surjective, there exist bi ∈ K such that ai = bip , ∀i ∈ {0,
…, n}, so
n p
⎛ n ⎞
f= ∑ = ⎜ ∑ bi X i ⎟ , bi ∈ K.
bip X pi
i =0 ⎝ i =0 ⎠
p
(we used the fact that g & g is an endomorphism of the ring K[X], of
characteristic p). But this shows that f is reducible!
Conversely, let K be a perfect field. It will be enough to show that,
if ϕ is not surjective, then there exists an inseparable algebraic ele-
p
ment over K. Let a ∈ K \ K . Consider the polynomial f =
p
X − a ∈ K[X] and a root α of f in Ω. We have α ∉ K (because other-
p
wise a ∈ K ), so deg Irr(α, K) > 1. If β is another root of f, then
p p
β = α = a. The injectivity of the Frobenius endomorphism of Ω im-
plies that β = α. So, f has only one root, with multiplicity p. The mini-
mal polynomial of α over K divides f and has the root α, with
multiplicity equal to its degree, so α is inseparable over K. !
3.8 Corollary. The finite fields, the fields of characteristic 0 and

the algebraically closed fields are perfect. !
3.9 Example. The corollary above shows that, in order to find a

field that is not perfect, we must look among infinite fields of
characteristic p > 0. A “natural” example of such a field is Fp(X) =: K.
p
The choice is correct. Indeed, consider h = Y − X ∈ K[Y]. We have
that: h is irreducible (by Eisenstein's criterion applied for the prime
p
element X ∈ Fp[X]); h is not separable, because h ∈ K[Y ]. Denoting
by α a root of h, the extension K ⊆ K(α) is inseparable.
A K-homomorphism of extensions of K carries a root of a polyno-
mial f ∈ K[X] in another root of f. This leads to the idea of using
K-homomorphisms as a tool in the study of separability.
3.10 Definition. Let K ⊆ L be an algebraic extension. The cardinal

of the set HomK(L, Ω) (the K-homomorphisms defined on L with val-
ues in Ω) is denoted by [L : K]s and is called the separable degree of
the extension K ⊆ L. In other words, [L : K]s is the cardinal of the set
{σ : L → Ω | σ homomorphism, σ|K = ι},
where ι : K → Ω is the canonic inclusion. For simple extensions, an-
other way to characterize the separable degree is given at c) below.
3.11 Proposition. a) Let K ⊆ L be an algebraic extension, Ω' an-

other algebraic closure of L and ϕ : K → Ω' a field homomorphism5.
Then HomK(L, Ω) is in a bijective correspondence with the set of
homomorphisms from L to Ω' that extend ϕ,
P(L/K, ϕ, Ω') := {η : L → Ω' | η|K = ϕ, η homomorphism}.
Consequently, |P(L/K, ϕ, Ω')| = |HomK(L, Ω)| = [L : K]s does not
depend on ϕ and Ω'.
b) The separable degree is multiplicative: if K ⊆ L ⊆ M are alge-
braic extensions, then
[M : K]s = [M : L]s [L : K]s.
5
Recall that Ω is a fixed algebraic closure of K that contains L.
c) If L = K(α) is a simple algebraic extension of K, then [K(α) : K]s

is equal to the number of conjugates of α in Ω.
d) If α is algebraic over K, then [K(α) : K]s ≤ [K(α) : K].
Proof. a) We must find a bijection between P(L/K, ϕ, Ω') and
P(L/K, ι, Ω), where ι : K → Ω is the canonic inclusion. There exists an
isomorphism ψ : Ω → Ω' which extends ϕ (by IV.2.19). To every
−1
σ ∈ P(L/K, ϕ, Ω') we associate ψ ◦σ, which belongs to P(L/K, ι, Ω):
−1 −1
if x ∈ K, then ψ (σ(x)) = ψ (ϕ(x)) = x = ι(x). The other way round, to
every η ∈ P(L/K, ι, Ω) we associate ψ ◦η ∈ P(L/K, ϕ, Ω'). It is easy to
see that these maps are inverse one to each other.
b) For the sake of simplifying the notation, denote P(L/K, ϕ, Ω) by
P(L/K, ϕ). Thus, [M : K]s = |P(M/K, ι)|. For any η ∈ P(M/K, ι),
η|L ∈ P(L/K, ι); this shows that P(M/K, ι) is the union of the sets
P(M/L, σ) when σ runs over P(L/K, ι). These sets are mutually disjoint
and |P(M/L, σ)| = [M : L]s, ∀σ ∈ P(L/K, ι), as shown before. There-
fore, we can write:
[M : K]s = |P(M/K, ι)| = |P(L/K, ι)|⋅[M : L]s = [L : K]s⋅[M : L]s.
c) Let f = Irr(α, K) and let R be the set of all conjugates of α (the
roots of f in Ω). If ϕ : K(α) → Ω is a K-homomorphism, then ϕ(α) is a
root of f; on the other hand, any K-homomorphism defined on K(α) is
uniquely determined by its action on α. In other words, the map
v : HomK(K(α), Ω) → R, v(ϕ) = ϕ(α) is injective. This map is also
surjective: for any β ∈ R, there exists a K-isomorphism between K(α)
and K(β).
d) Irr(α, K) has at most deg Irr(α, K) roots; but
deg Irr(α, K) = [K(α) : K]. The previous part yields the desired
inequality. !
3.12 Proposition. If L = K(α) is a simple algebraic extension of K,

then the following conditions are equivalent:
a) [K(α) : K]s = [K(α) : K].
b) α is separable over K.
c) K(α) is a separable extension of K.

Proof. a) ⇔ b) is clear, if we look at d) above, and c) ⇒ b) is obvi-
ous.
a)⇒c) Let β ∈ K(α). We must show that β is separable over K,
which amounts to [K(β) : K]s = [K(β) : K]. The multiplicativity of the
separable degree shows that
[K(α) : K]s = [K(α) : K(β)]s[K(β) : K]s. (*)
α is separable over K, so it is also over K(β), which means that
[K(α) : K(β)] = [K(α) : K(β)]s and [K(α) : K]s = [K(α) : K]. Rewriting
(*), we get
[K(α) : K] = [K(α) : K(β)][K(β) : K]s.
But [K(α) : K] = [K(α) : K(β)][K(β) : K]; comparing the last two
relations, it follows that [K(β) : K]s = [K(β) : K]. !
The characterization of separable simple extensions using the
separable degree, given above, holds in the general case of finite
extensions:
3.13 Proposition. Let K ⊆ L be a finite extension. Then:

a) [L : K]s ≤ [L : K].
b) K ⊆ L is separable iff [L : K]s = [L : K].
Proof. a) If K ⊆ L is simple, the inequality it is already proven.
Suppose that the inequality holds for any finite extension that has a set
of generators with at most n − 1 elements and let us prove it for the
extension K ⊆ K(x1, …, xn). We have:
[K(x1) : K]s ≤ [K(x1) : K] and
[K(x1)(x2, …, xn) : K(x1)]s ≤ [K(x1)(x2, …, xn) : K(x1)].
So:
[K(x1)(x2, …, xn) : K(x1)]s[K(x1) : K]s ≤ [K(x1)(x2, …, xn) : K(x1)][K(x1) : K].
Since the (separable) degree is multiplicative, we get the conclu-
sion.
b) Suppose K ⊆ L is separable. We prove by induction on n the

next Proposition: “For any n ∈ N*, and any separable extension K ⊆ L
of degree n, [L : K]s = [L : K]”. The case n = 1 is trivial. If n > 1, let
α ∈ L \ K. If L = K(α), α is separable and the previous proposition ap-
plies. If Κ(α) ≠ L, then the extensions K ⊆ K(α) and K(α) ⊆ L are
separable, with degrees strictly smaller than [L : K] = n. By induction,
we get [L : K(α)] = [L : K(α)]s and [K(α) : K] = [K(α) : K]s. Multiply-
ing these equalities gets us to the conclusion.
Suppose now [L : K]s = [L : K] and yet there exists α ∈ L, insepara-
ble over K. Then [K(α) : K]s < [K(α) : K]. Since
[L : K(α)]s ≤ [L : K(α)], multiplying these relations yields
[L : K]s < [L : K], contradiction. !
3.14 Theorem (transitivity of separable extensions) Let K ⊆ L ⊆ M

be algebraic extensions. If K ⊆ L and L ⊆ M are separable, then
K ⊆ M is separable.
Proof. We shall use the characterization of separability with the
separable degree in the finite case. Take α ∈ M and let us show that α
is separable over K. Let a0, …, an ∈ L be the coefficients of Irr(α, L)
and let L' = K(a0, …, an). Evidently, Irr(α, L) = Irr(α, L'), so α is
separable over L'. Thus [L'(α) : L']s = [L'(α) : L']. The finite extension
K ⊆ L' is separable, because K ⊆ L is separable; so [L' : K]s = [L' : K].
The multiplication of the last two equalities yields
[L'(α) : K]s = [L'(α) : K], which means that K ⊆ L'(α) is separable. So,
α is separable over K. !
Notice the resemblance with the proof of the transitivity of alge-
braic extensions.
3.15 Corollary. Let K ⊆ L be any extension and let A be a set of

elements in L, separable over K. Then K ⊆ K(A) is a separable exten-
sion.
Proof. Every element in K(A) is a polynomial expression with

coefficients in K in a finite set of elements of A. Thus, we can suppose
that A is finite. Suppose A = {x1, x2}. Since x1 is separable over K,
K ⊆ K(x1) is separable (by 3.12). As x2 is separable over K, it is separa-
ble over K(x1), so K(x1) ⊆ K(x1)(x2) is separable. By transitivity,
K ⊆ K(x1, x2) is separable. The case A = {x1, x2, …, xn}, n > 2, reduces
to the already proven case, by induction. !
A remarkable fact, very important in Galois Theory, is that any fi-
nite separable extension is simple. The following lemma is the essen-
tial step in proving this.
3.16 Lemma. Let K be an infinite field, L an extension of K and

α, β ∈ L, algebraic over K, where β is separable over K. Then K ⊆
K(α, β) is a simple extension (it has a primitive element).
Proof. Let K(α, β) = E, f = Irr(α, K), m = deg f, g = Irr(β, K),
n = deg g, α = α1, …, αm the roots of f in Ω, β = β1, …, βn the roots of
g in Ω. Since β is separable, β1, …, βn are distinct. We claim that there
exists c ∈ K* such that:
∀i ∈ {1, …, m}, ∀j ∈ {1, …, n}, α + cβ = αi + cβj ⇔ i = 1 and j = 1.(i)
−1
Indeed, the condition on c amounts to c ∉ {(αi − α)(β − βj) |
1 ≤ i ≤ m, 2 ≤ j ≤ n}; since K is infinite, and the set above is finite,
there exists c ∈ K satisfying (i). With c chosen this way, let γ = α + cβ.
We show that γ is a primitive element, i.e. K(α, β) = K(γ). Because
K(γ) ⊆ K(α, β) is evident, it is enough to show that β ∈ K(γ) (this will
imply also α = γ − cβ ∈ K(γ)).
Let h(X) = f (γ − cX), a polynomial with coefficients in K(γ). The
idea is to show that the GCD of h and g is X − β ; the fact that
d = X − β ∈ K(γ)[X] implies then β ∈ K(γ).
We have h(β) = f (γ − cβ) = f (α) = 0, which means that X − β di-
vides h (and g, too) in Ω[X]. The polynomials h and g have no other
common roots in Ω but β: if h(βj) = f (γ − cβj) = 0, then γ − cβj is a root

of f, which means it is among α1, …, αm. But then condition (i) en-
sures that j = 1, so βj = β1 = β. Thus, in Ω[X], GCD(h, g) = X − β.
But h, g ∈ K(γ)[X], so GCD(h, g) = X − β ∈ K(γ)[X], that is,
β ∈ K(γ). !
3.17 Theorem. (Primitive element theorem) Any separable finite

extension K ⊆ L is simple (it has a primitive element).
Proof. If K is a finite field, then L is also finite. The multiplicative
group L* is cyclic, and any generator of L* can be taken as a primitive
element.
Suppose now that K is infinite. If there exist x1, x2 ∈ L such that
L = K(x1, x2), the preceding lemma applies. The general case follows
by an easy induction argument on n ∈ N* with the property that exist
x1, …, xn ∈ L such that K(x1,…, xn) = L. !
3.18 Remark. For the extensions of the type K ⊆ K(α, β), with K
infinite, lemma 3.16 gives also a practical procedure to find a primi-
tive element (or, at least, a class of good candidates for it, if the condi-
tion (i) is hard to verify).
The remaining results (until the end of the section) are a somewhat
deeper study of (in)separability. The reader interested primarily in the
Fundamental Theorem of Galois theory may skip directly to the next
section.
Recall that every algebraic extension of a field of characteristic 0 is
separable; thus, all that follows is relevant only in characteristic p > 0.
3.19 Definition. If K ⊆ L is a field extension, the separable closure

s
of K in L is the set K L := {x ∈ L | x separable over K}. By 3.15, the
separable closure of K in L is a subfield of L and a separable exten-
s
sion of K. Clearly, K L is “the largest” separable extension of K in-
s
cluded in L, (K L includes any separable extension K ⊆ E with E ⊆ L).
The separable closure of K in Ω (an algebraic closure of K) is called
s s
the separable closure of K, denoted K . Notice that K is the splitting
s
field over K of the family of all separable polynomials in K[X] (thus K
is unique up to a K-isomorphism).
The following concept is, in a certain sense, the opposite of
separability:
3.20 Definition. An algebraic element α of the extension K ⊆ L is

called purely inseparable over K if Irr(α, K) has only one root in Ω (α
itself, which has order of multiplicity deg Irr(α, K)). In other words,
n
Irr(α, K) is of the form (X − α) . Evidently, any purely inseparable ele-
ment is inseparable. An extension K ⊆ L is called purely inseparable
if any element in L is purely inseparable over K.
Directly from the definitions, it follows that: an element is
simultaneously purely inseparable and separable over K iff it belongs
to K.
The following result gives a clearer picture of purely inseparable
elements over a field K with char K = p: roughly put, they are “roots
e
of order p of some element in K”.
3.21 Proposition. Let char K = p > 0 and let α ∈ Ω. The following

a) α is purely inseparable over K.
b) The only conjugate of α in Ω is α.
e
c) There exists e ∈ N such that α p ∈ K.
d) The minimal polynomial of α over K is of the form
e e e
( X − α )p = X p − α p .
e) The separable degree of the extension K ⊆ K(α) is 1.
e
If α is purely inseparable over K, then Irr(α, K) = ( X − α ) p , where
e
e is minimal with α p ∈ K.
Proof. a)⇔b) b) just rephrase the definition of pure inseparability.

a)⇒c) and a)⇒d). Let f := Irr(α, K). Since α is inseparable over K,
p n
f ∈ K[X ]. Let n ∈ N* be such that f = (X − α) . Then there exist e,
e
m ∈ N with n = p m and GCD(p, m) = 1. We have
(
f = ( X − α )p
e
) = (X
m
pe
−α p
e
)
m
,
so the coefficient of X p ( ) e m −1 e
is (m ⋅ 1)α p . Since m·1 ≠ 0 in K
e
(because p - m), we get α p ∈ K. The polynomial f is irreducible in
e d
K[X], so m = 1; thus f = ( X − α ) p . If α p ∈ K, for some d ∈ N, then
g := X p − α p = ( X − α )p ∈ K[X] and g(α) = 0.
d d d
So, g is divisible by f = Irr(α, K). Then deg g ≥ deg f, that is, d ≥ e.

c)⇒d), d)⇒ a) Evident.
b)⇔e) It follows from 3.11.c): [K(α) : K]s is the number of conju-
gates of α in Ω. !
3.22 Example. There exist algebraic elements that are inseparable,

6
but not purely inseparable. Take K = F2(X) and g = Y − X ∈ K[Y],
irreducible (by Eisenstein: X is prime in the UFD F2[X]). A root α of g
is inseparable over K, because g' = 0. But α is not purely inseparable
6 6
over K, since g = Y − α and 6 is not a power of 2 = char K.
3.23 Definition. Let K ⊆ L be a field extension. The set

i
KL := {x ∈ L | x is purely inseparable over K} is called the purely
inseparable closure of K in L.
3.24 Proposition. Let K ⊆ L be an algebraic extension,

char K = p > 0.
a) K ⊆ L is purely inseparable iff [L : K]s = 1. In this case, K ⊆ L is
normal and Gal(L/K) = {id}.
b) Let K ⊆ L ⊆ M be a tower of extensions. Then: K ⊆ M is purely

inseparable iff K ⊆ L and L ⊆ M are purely inseparable.
c) If K ⊆ L is purely inseparable and finite, then [L : K] is a power
of p.
i
d) The purely inseparable closure KL of K in L is a subfield of L. If
i
E is a purely inseparable extension of K, E ⊆ L, then E ⊆ KL. More-
i s
over, KL ∩ K L = K.
Proof. a) Let K ⊆ L be purely inseparable. For any α ∈ L, Irr(α, K)
has all its roots (namely α itself) in L, so K ⊆ L is normal. If
σ : L → Ω is a K-homomorphism, then σ(α) is a root of Irr(α, K),
so σ(α) = α, ∀α ∈ L. Thus, the canonic inclusion is the only element
in HomK(L, Ω), so [L : K]s = 1 and G(L/K) = {id}. Conversely, if
[L : K]s = 1 and α ∈ L, then [K(α) : K]s ≤ [L : K]s = 1, so α is purely
inseparable over K.
b) Let K ⊆ M be purely inseparable. Then, clearly, K ⊆ L is purely
e
inseparable. Any α ∈ M has the property that α p belongs to K (and
to L) for some e, that is, α is purely inseparable over L. Conversely, let
K ⊆ L and L ⊆ M be purely inseparable and let α ∈ M. Then there ex-
e
ists e ∈ N with β = α p ∈ L. Since β is purely inseparable over K,
d e+d
β p ∈ K for some d. So α p ∈ K.
c) If L = K(α) is a simple extension, then [L : K] = deg Irr(α, K),
which is a power of p. In the general case, L = K(α1,…, αn) for some
finite set of purely inseparable elements α1, …, αn in L. Let Ki = K(α1,
…, αi), ∀i ≤ n; we have a tower of simple extensions (which are
purely inseparable, by b)) K = K0 ⊆ K1 ⊆ … ⊆ Kn = L. For every i, the
degree of Ki ⊆ Ki + 1 is a power of p, so [L : K] is still a power of p, be-
ing the product of these degrees.
d) Let α, β be purely inseparable over K, with β ≠ 0. We must show
−1
that α − β, αβ, β are purely inseparable. Let e, d ∈ N with
e d
α p ∈ K, β p ∈ K. Then:
(α − β ) pe+d
=α ( ) ( )
pe
− β
−1
pd
∈ K.
i
pd
pe
A similar argument works for αβ and β . Since KL contains all

i
purely inseparable elements over K in L, KL includes any purely
inseparable extension K ⊆ E with E ⊆ L. Finally, if α is separable and
s i
purely inseparable over K, then α ∈ K, so K L ∩ KL = K. !
3.25 Proposition. Let K ⊆ L be an algebraic extension. Then:

s
a) K L ⊆ L is purely inseparable.
s
b) [L : K]s = [K L : K].
i s i
c) KL ⊆ L is separable iff L = K L KL.
L s i
purely inseparable separable ⇔ L = K LKL
s i
KL KL
separable purely inseparable

K
Proof. a) Let α ∈ L and let g ∈ K[X] be the irreducible separable
e e
polynomial such that Irr(α, K)(X) = g{ X p } (see 3.4.c)). Let a = α p . It
follows that g(a) = 0, so g = Irr(a, K); thus, a is separable over K. So
e s s
α p = a ∈ K L, that is, α is purely inseparable over K L.
s s s
b) By 3.11.b), [L : K]s = [L : K L]s·[K L : K]s. Since K L ⊆ L is purely
s s s
inseparable, [L : K L]s = 1, so [L : K]s = [K L : K]s = [K L : K] (because
s
K ⊆ K L is separable).
s i i
c) Let C be the composite K L KL. Suppose L is separable over KL.
s
Then L is separable over C; L is also purely inseparable over K L, so it
is purely inseparable over C. This shows that L = C.
i s i s
Suppose now that L = KL K L = KL(K L). This means that L is gener-
i
ated over KL by separable elements over K (which are also separable
i i
over KL). It follows that L is separable over KL. !
The proposition above shows that, for every algebraic extension

s
K ⊆ L, the separable closure K L is important in the sense that we can
decompose K ⊆ L in a tower of extensions: the separable extension
s s
K ⊆ K L followed by the purely inseparable extension K L ⊆ L. The
i
situation is not symmetric for the purely inseparable closure KL, since
i i
K ⊆ K L is purely inseparable, but K L ⊆ L is not always separable (see
exercise 13).
3.26 Definition. For an algebraic extension K ⊆ L, define the

s
inseparable degree of L over K to be [L : K]i := [L : K L].
3.27 Remark. If K ⊆ L is finite and char K = p > 0, then [L : K]i is

s
a power of p, as K L ⊆ L is purely inseparable. But [L : K]i is not
necessarily equal to the greatest power of p that divides [L : K] and
i
neither equal to [KL : K].
The results proven until now show that the following properties
hold:
a) K ⊆ L is finite ⇒ [L : K] = [L : K]s·[L : K]i.
s
b) K ⊆ L is separable ⇔ L = K L ⇔ [L : K]i = 1.
i
c) K ⊆ L is purely inseparable ⇔ L = KL ⇔ [L : K]s = 1.
i
Exercise 1.14 shows that if K ⊆ L is normal, then KL ⊆ L is separa-
s i
ble (so L = K LKL).
3.28 Proposition. Let K have characteristic p > 0 and let a ∈ K. If

p m
a ∉ K , then the polynomial f = X p − a is irreducible in K[X],
m
∀m ≥ 1. Conversely, if X p − a is irreducible in K[X] for some
p
m ≥ 1, then a ∉ K .
m
Proof. Let q := p and take α, β to be roots of f in Ω. Then
q q
α = a = β , so α = β (by the injectivity of the field homomorphism
q q
x & x ). Consequently, α is the only root of f in Ω : f = (X − α) . Let
g ∈ K[X] be a monic irreducible factor of f. If h ∈ K[X] is irreducible
monic and h| f, then h = g. Indeed, g and h have α as a common root
and hence are not mutually prime; being irreducible and monic, they
t
are equal. So f = g , where t ∈ N*; t is a power of p, because
m t
t·grad g = p . Let b := g(0) ∈ K. We have b = f(0) = −a. If t > 1,
p p p
−a ∈ K . Since K is a subfield, a ∈ K , contradiction. It follows that
t = 1, so f = g, which is irreducible.
Conversely, if a = b
p
for some b ∈ K, then f = X p ( m −1
−b )
p
,
contradicting that f is irreducible. !
This proposition gives a method to exhibit purely inseparable ele-
ments. In addition, any purely inseparable element can be constructed
by this method (cf. 3.21).
Exercises
In the exercises, K denotes a field and Ω an algebraic closure of K.

3
1. Let g = X + 3X + 1 ∈ K[X] and α a root of g in Ω. Under what
conditions is K ⊆ K(α) separable?
2. Let L/K be a finite extension. We want to prove that L/K is simple
iff it has a finite number of intermediate fields. Denote by S the set of
all intermediate fields of L/K.
a) Suppose L = K(a), with a ∈ L. Let f = Irr(a, K). Show that, for
any E ∈ S, Irr(a, E) is a monic divisor (in Ω[X]) of f and that E = K(C),
where C is the set of coefficients of Irr(a, E). Deduce that E &
Irr(a, E) is injective and that S is finite.
b) Suppose S is finite and L = K(a, b). If K is infinite, show that L is
simple considering the set of intermediate fields K(a + bc), c ∈ K. If
L = K(a1, …, an), use an induction on n to prove that L/K is simple.
c) Is the statement still true if L/K is infinite?
3. Let K ⊆ L be a simple extension of degree n. Then K ⊆ L has at

n−1
most 2 intermediate fields.
4. Let char K = p > 0 and f ∈ K[X]. Suppose f has a repeated root (in
Ω). Prove that, if p -deg f, then f is reducible in K[X].
5. Let α be a separable element over K and g = Irr(α, K). Prove that, if
α is a multiple root (having multiplicity n) of some f ∈ K[X], then
n
g | f. (Hint: Using formal derivatives, show that any conjugate of α is
a root of f, of multiplicity ≥ n.)
6. Suppose K is perfect and f ∈ K[X] has a repeated root α (in Ω), of
multiplicity > (deg f )/2. Show that α ∈ K.
s
7. Let K ⊆ L be a normal extension. Then K ⊆ K L is normal.
8. Let n ∈ N and let K ⊆ L be an algebraic separable extension such
that ∀x ∈ L, [K(x) : K] ≤ n. Then [L : K] ≤ n.
9. Let K ⊆ L be a normal extension. Then every irreducible polyno-
mial in K[X] decomposes in L[X] in a product of irreducible
polynomials that have the same degree.
10. Let K ⊆ L be algebraic and let x, x' ∈ L be conjugate over K. Let
y ∈ K(x) and g ∈ K[X] such that y = g(x). Then y = g(x') ⇔ x' is conju-
gate to x over K(y).
11. Suppose K ⊆ L is an algebraic extension and S is an intermediate
s
field with K ⊆ S separable and S ⊆ L purely inseparable. Then S = K L.
12. Suppose char K = p > 0 and K ⊆ L is an algebraic extension.
i p
Prove that KL = K is equivalent to: ∀x ∈ L, if x ∈ K, then x ∈ K.
13. Suppose F is a field of characteristic 2 and put K = F(X, Y ). Let u
2
be a root of the polynomial T + T + X ∈ K[T], S = K(u) and
2
v = uY (v is a root of T − uY ∈ S[T]). Let L = S(v). Prove that:
a) K ⊆ S is separable of degree 2 and S ⊆ L is purely inseparable of
s
degree 2. Deduce that K L = S.
2
b) If t ∈ L and t ∈ K, then t ∈ K. (Hint. Find a base in L/K and use
the form of the elements in L).
i
c) KL = K.
14. Let K ⊆ L ⊆ E be a tower of algebraic extensions, with L ⊆ E nor-
mal and K ⊆ L purely inseparable. Then K ⊆ E is normal.
15. Suppose K ⊆ L is a finite extension of characteristic p > 0, such
p
that L ⊆ K.
a) Prove that K ⊆ L is purely inseparable.
b) Suppose {x1, …, xn} ⊆ L is such that
K ( K(x1) ( K(x1, x2) ( … ( K(x1,…, xn) = L.
n
Show that [L : K] = p (a set {x1, …, xn} with these properties is
called a p-basis of K ⊆ L).
c) Any two p-bases of K ⊆ L have the same cardinal (called the
p-dimension of the extension K ⊆ L).
d) The extension K ⊆ L has a p-basis.
{ }
e) {x1, …, xn} is a p-basis ⇔ x1i1 … xnin i1 ,… , in ∈ {0,… , p − 1} is a
linearly independent set over K ⇔ ∀i ∈ {1, …, n}, xi ∉
K({x1, …, xn} \ {xi}).
16. Let char K = p > 0 and consider L = K(X, Y), the field of rational
p p
functions in two indeterminates X and Y over K. Let F = K(X , Y ).
Show that:
a) F ⊆ L is purely inseparable.
2
b) [L : F] = p .
p
c) For any α ∈ L, α ∈ F.
d) F ⊆ L is not simple.
e) Deduce that F ⊆ L has an infinity of intermediate fields. Prove
that ∀β, γ ∈ F, F(X + βY) = F(X + γY) iff β = γ.
f) {X, Y} is a p-basis of F ⊆ L.
Can an extension of degree p have an infinity of intermediate
fields?
17. Take p = 2 and K = F2 in the previous problem.
a) Show that {1, X, Y, XY} is a basis of the extension F ⊆ L and

write the general form of an element of L.
b) Let F ( E ( L be an intermediate field. Show that there exists a
unique polynomial PE ∈ F2[X, Y ], of the form
PE = Xu + Yv + XYw,
2 2
with u, v, w ∈ F2[X , Y ], (u, v, w) = 1, such that E = F(PE). Show that
E & PE establishes a bijection between the set {E | F ( E ( L is an
intermediate field} and the set of the polynomials PE of the form
above.
18. Give an example of a normal extension K ⊆ L such that L is a
splitting field for a polynomial f ∈ K[X], but such that there is no g
∈ K[X], irreducible, with L the splitting field of g over K.
V.4 The Fundamental Theorem of Galois Theory
We gathered sufficient data on normal extensions and on separable

extensions to deal with the problem of bijectivity of the Galois
connections we stated at the beginning of the chapter. First, we
generalize Corollary 1.5, concerning the order of the Galois group of a
finite extension. An essential step in the proof is the Dedekind
lemma6. Notice the linear algebra methods.
4.1 Proposition. a) (Dedekind's Lemma) Suppose (G, ·) is a semi-

group, K is a field, n ∈ N* and σi : G → (K*, ·), ∀i ∈ {1, …, n} are
distinct semigroup homomorphisms. If α1,…, αn ∈ K, such that
6
Julius Wihelm Richard Dedekind (1831-1916), German mathematician, one of
the creators of algebraic number theory.
V.4 The Fundamental Theorem of Galois Theory 263
α1σ1(x) + … + αnσn(x) = 0
for any x ∈ G, then α1 = … = αn = 0.
b) If K ⊆ L is a finite extension, then |G(L/K)| ≤ [L : K].
Proof. a) The statement can be rephrased as follows: in the
G
K-vector space K of functions defined on G with values in K, σ1, …,
σn are linearly independent.
Suppose the statement is false. Relabelling if necessary, there exists
m ≤ n and α1, …, αm ∈ K, all nonzero, such that
α1σ1(x) + … + αmσm(x) = 0, ∀x ∈ K. (1)
We may even suppose that m is the smallest having this property,
in the sense that any linear dependence relation between σ1, …, σn has
at least m terms. Since σ1 ≠ σ2, there exists y ∈ G such that
σ1(y) ≠ σ2(y). Replacing x with xy in (1), we have:
α1σ1(xy) + … + αmσm(xy) = α1σ1(x)σ1(y) + … + αmσm(x)σm(y) = 0 (2)
α1σ1(x)σ1(y) + … + αmσm(x)σ1(y) = 0, (3)
(3) is obtained by multiplying (1) with σ1(y). Subtracting (2) from (3)
we get
α2(σ2(y) − σ1(y))σ2(x) + … + αm(σm(y) − σ1(y))σm(x) = 0, ∀x ∈ K.
In this equality, α2(σ2(y) − σ1(y)) is nonzero, so we obtained a linear
dependence relation with less than m terms, contradiction with the
minimality of m.
b) First, we notice that G(L/K) is finite. Indeed, let [L : K] = n and
take {x1, …, xn} a K-basis of L. Then any σ ∈ G(L/K) is determined
by its values in x1, …, xn. But σ(x) is a conjugate of x, ∀x ∈ L, and the
number of conjugates of x is finite. So let G(L/K) = {σ1, …, σm} and
suppose, by contradiction, that m > n. Consider the matrix:
⎡ σ 1 ( x1 ) σ 1 ( x2 ) + σ 1 ( xn ) ⎤
⎢σ ( x ) σ ( x ) + σ ( x ) ⎥
A =⎢ 2 1 2 2 2 n
⎥ ∈ Mm, n(L).
⎢ ! ! * ! ⎥
⎢σ ( x ) σ ( x ) + σ ( x )⎥
⎣ m 1 m 2 m n ⎦
The rank of A is at most n, so its rows are linearly dependent. Let

α1, …, αm ∈ L, not all zero, such that
α1σ1(xi) + … + αmσm(xi) = 0, ∀i ∈ {1, …, n}. (4)
Since any x ∈ L is a K-linear combination of x1, …, xn, and σi are
K-homomorphisms, (4) holds for any x ∈ L.
Viewing σi as homomorphisms from L* to L*, Dedekind's lemma
applies. We get that α1 = … = αm = 0, contradiction. !
4.2 Corollary. Let K ⊆ L be a finite, normal and separable exten-

sion. Then
|G(L/K)| = [L : K].
Proof. It is enough to show that |G(L/K)| ≥ [L : K] =: n. The exten-
sion is finite and separable, so it has a primitive element α. So
deg Irr(α, K) = n. The extension is normal, so Irr(α, K) has n roots in
L. For any root β of Irr(α, K), [K(β) : K] = n, thus K(β) = L. But K(α)
and K(β) are K-isomorphic by an isomorphism σβ that transports
α to β. Summarizing, for every conjugate β of α, we exhibited a
K-isomorphism σβ : L → L, which is evidently an element of G(L/K).!
The next proposition is an important step in proving the fundamen-
tal theorem and shows that the converse of the preceding result also
holds.
4.3 Proposition. (E. Artin7) Suppose L is a field, H is a finite sub-

H
group of the group Aut(L) of the automorphisms of L and L is the
H
fixed field of H. Then the extension L ⊆ L is finite, normal, separable,
H H
[L : L ] = |H| and G(L/L ) = H.
7
Emil Artin (1898-1962), Austrian mathematician (he lived most in Germany
and the USA).
Proof. Let x ∈ L. The set Cx = {σ(x) | σ ∈ H} is finite and

|Cx| ≤ |H|. If σ ∈ H, then σ(Cx) = Cx. Consider the polynomial
fx := ∏ y∈C ( X − y ) .
x
For any automorphism σ ∈ H, the isomorphism σ': L[X] → L[X]

H
that extends σ leaves fx invariant, so the coefficients of fx are in L .
H
But fx(x) = 0, hence every element in L is algebraic over L . Moreover,
H H
Irr(x, L ) = fx. Indeed, if g ∈ L [X] is such that g(x) = 0, then
g(σ(x)) = 0, ∀σ ∈ H, so any root of fx is a root of g. Thus, fx | g. Note
H
that fx has all roots in L, and these are distinct. Summarizing, L ⊆ L is
algebraic, normal and separable. Let us show that it is finite. The
previous arguments show that, for any x ∈ L, the simple extension
H H H
L ⊆ L (x) is finite and its degree is at most |H|. If L ⊆ E is a finite
extension (where E ⊆ L), it is simple by the primitive element theo-
H H
rem, so [E : L ] ≤ |H|. Suppose that L ⊆ L is infinite. Then, ∀x ∈ L,
H H
L (x) ≠ L; take then some y ∈ L \ L (x). This implies that there exists a
H
sequence (xn)n≥1 of elements of L such that L (x1,…, xn) (
H
L (x1,…, xn+1), ∀n ∈ N*. This in turn means that the sequence
H H
[L (x1,…, xn) : L ] is strictly increasing. Pick n ∈ N* such that
H H
[L (x1, …, xn) : L ] > |H|. We have reached a contradiction, since the
H H
finite extension L ⊆ L (x1, …, xn) is of degree at most |H|, as we saw.
H
In conclusion, L ⊆ L is finite and its degree is at most |H|. As
H H H
H ⊆ G(L/L ) (and |G(L/L )| = [L : L ] from the preceding Corollary),
H H H
|G(L/L )| = [L : L ] = |H| and H = G(L/L ). !
4.4 Corollary. Let K ⊆ L be a finite extension with

|G(L/K)| ≥ [L : K]. Then K ⊆ L is normal and separable and
|G(L/K)| = [L : K].
Proof. Let G = G(L/K). We have |G| = [L : K] from 4.1.b). Let
G
K0 = L . The proposition above ensures that K0 ⊆ L is normal, separa-
ble and [L : K0] = |G| = [L : K]. Because K ⊆ K0 ⊆ L, we have K = K0.!
Recall that the Galois connections are defined as follows: for an

extension K ⊆ L, whose Galois group is G, denote by IF(L/K) the set
of its intermediate fields and by Subg(G) the set of subgroups of G.
Then we define:
Φ : IF(L/K) → Subg(G), Φ(E) = G(L/E), ∀E ∈ IF(L/K);
H
Ψ : Subg(G) → IF(L/K), Ψ(H) = {x ∈ L|σ(x) = x, ∀σ ∈ H}:= L ,
∀H ∈ Subg(G).
The result that follows holds for any extension and collects some
general properties of Galois connections. Its proof is a mere applica-
tion of the definitions:
4.5 Proposition. Let K ⊆ L be an extension. Then:

G(L E)
a) For any E ∈ IF(L/K), L / ⊇ E.
H
b) For any H ∈ Subg(G(L/K)), G(L/L ) ⊇ H.
c) Φ is inclusion reversing: ∀E1, E2 ∈ IF(L/K), E1 ⊆ E2 ⇒
G(L/E1) ⊇ G(L/E2).
d) Ψ is inclusion reversing: ∀H1, H2 ∈ Subg(G(L/K)), H1 ⊆ H2 ⇒
L ⊇ LH 2 .
H1
G(L E)
Proof. a) L / = {x ∈ L|σ(x) = x, ∀σ ∈ G(L/E)} ⊇ E.
b), c), d) are proposed as exercises. !
4.6 Theorem. (The fundamental theorem of Galois Theory) Let

K ⊆ L be a finite, normal and separable extension of fields. Then the
Galois connections are inclusion-reversing maps that are bijective
and inverse to each other. Via these maps, the intermediate fields E
with K ⊆ E normal correspond to normal subgroups of G(L/K). More
precisely:
G(L E)
a) For any intermediate field K ⊆ E ⊆ L, L / = E and
[L : E] = |G(L/E)|.
H
b) For any subgroup H ≤ G(L/K), G(L/L ) = H.
c) For any intermediate field K ⊆ E ⊆ L with K ⊆ E normal,

G(L/E) is a normal subgroup in G(L/K). Besides, G(E/K) is canoni-
cally isomorphic to the factor group G(L/K)/G(L/E).
H
d) If H is a normal subgroup in G(L/K), then L is a normal exten-
H
sion of K, and G(L /K) is canonically isomorphic to the factor group
G(L/K)/H.
Proof. a) Let E be an intermediate field of K ⊆ L. Then E ⊆ L is fi-
nite, normal and separable, so [L : E] = |G(L/E)| by Cor. 4.2. On the
G(L E) G(L E)
other hand, Prop. 4.3 ensures that [L : L / ] =|G(L/E)|. As L / ⊇ E
G(L E)
(by 4.5), we have E = L / .
b) Proved at 4.3.
c) Consider the “restriction” homomorphism
res : G(L/K) → G(E/K), res(σ) = σ|E,
for any σ ∈ G(L/K). We have σ|E ∈ G(E/K) because K ⊆ E is normal.
The homomorphism res is surjective, since every τ ∈ G(E/K) extends
to a K-homomorphism τ' : L → Ω (where Ω is an algebraic closure of
L), by IV.2.19. But τ'(L) = L, since K ⊆ L is normal, so τ' ∈ G(L/K)
and res(τ') = τ. The kernel of res is a normal subgroup in G(L/K),
Ker res = {σ ∈ G(L/K) | σ|E = id} = G(L/E).
Applying the isomorphism theorem, we get G(L/K)/G(L/E) ≅
G(E/K).
d) Let Ω be an algebraic closure of L and η a K-automorphism of
H H
Ω. We must prove that η(L ) ⊆ L . This amounts to show that,
H
∀x ∈ L , we have τη(x) = η(x), ∀τ ∈ H. First, observe that η(L) = L
(because K ⊆ L is normal), so we can consider η as belonging to
−1
G(L/K). We have τη(x) = η(η τη)(x) = ησ(x) = η(x), where we de-
−1 H
noted η τη by σ ∈ H and used the fact that σ(x) = x, ∀x ∈ L . The
H
isomorphism follows by c), keeping in mind that H = G(L/L ). !
A normal and separable extension is called a Galois extension. The
fundamental theorem of Galois Theory says that, for a finite Galois
extension, the Galois connections are bijective. A natural question
arises: “Which are all field extensions for which the Galois connec-
tions are bijective?” The answer to this problem was given in 1951 by
the Romanian mathematician Dan Barbilian 8 (in the paper Soluţia
exhaustivă a problemei lui Steinitz (The exhaustive solution of the
Steinitz problem), Acad. R.P.R., Stud. Cerc. Mat. 2 (1951), 195-259).
His result states that: Any field extension for which the Galois connec-
tions are bijective and inverse to each other is a finite Galois exten-
sion. Notice that, if we suppose that the extension is finite, the result is
a consequence of 4.3.
If K ⊆ L is finite Galois, IF(L/K) and Subg(G(L/K)) are anti-isomor-
phic as ordered sets, since the Galois connections are inclusion-
reversing bijections. Moreover, they are anti-isomorphic as lattices:
sup(E, F) = EF in IF(L/K) corresponds to inf(Φ(E), Φ(F)) = Φ(E)∩Φ(F)
∈ Subg(L/K), that is: G(L/EF) = G(L/E)∩G(L/F). A similar statement
holds for inf(E, F) = E∩F (see problem 7).
We remark that, if K ⊆ L is Galois of degree n and x ∈ L, the
conjugates of x over K (the roots of Irr(x, K)) are exactly
{σx | σ ∈ G(L/K)} =: {x1, …, xm} (where necessarily m | n. Why? We
have m = n iff L = K(x)). So, Irr(x, K) = (X − x1)…(X − xm).
4.7 Example. The extension Q ⊆ Q( 2 , 3 ) =: L is Galois:

separability is automatic (the characteristic is 0), and normality fol-
2 2
lows from the fact that L is a splitting field of (X − 2)(X − 3) over Q.
The degree is 4 (see example IV.1.28.b), so the Galois group G has 4
elements, by the fundamental theorem. In order to find this group, we
look on the action of the automorphisms in G on the generators 2
and 3 . If σ ∈ G, then σ ( 2 ) ∈ { 2 ,− 2 } (these are the roots of
8
Also known as a poet, under the pen name Ion Barbu (1895-1964).
Irr( 2 , Q) = X − 2); likewise, σ ( 3 ) ∈ { 3,− 3}. Since G has 4 ele-

2
ments, and the number of all possible choices is also 4, the automor-
phisms in G are determined by their action on generators, according to
the following table:
id σ τ η
2 2 − 2 2 − 2
3 3 3 − 3 − 3
For instance, τ( 2 ) = 2 and τ( 3 ) = − 3 . Based on the table
above one can compile the multiplication table of G.
We remark that G ≅ Z2×Z2 (the 4 Klein group), any element of G
being of order 2. The subgroups of G are {id}, <σ > = {id, σ},
<τ > = {id, τ}, <η > = {id, η} and G. So, the extension has 3 proper
intermediate fields, corresponding to the proper subgroups
<σ >, <τ >, <η >. On the other hand, one sees immediately that
Q( 2 ) , Q( 3 ) , Q( 6 ) are proper distinct intermediate fields, so
<σ>
these are all intermediate fields. We have σ( 3 ) = 3 , so L
⊇ Q( 3 ) ; the equality holds since “the degrees match”:
[Q( 3 ) : Q] = [L< σ > : Q]. But [L< σ > : Q] = [L : Q]/[L : L< σ >] = 4/2 = 2
= [Q( 3 ) : Q] . The connections between the remaining subgroups and
the remaining intermediate fields are established similarly.
Here is a sample of the applications of Galois Theory. The follow-
ing result is often used in arguments on field extensions:
4.8 Proposition. Let K ⊆ L be finite Galois and let K ⊆ M be an

extension (suppose L and M are subfields of a larger field F). Then
M ⊆ ML is finite Galois and G(ML/M) is isomorphic to a subgroup of
G(L/K) (namely, with G(L/M ∩ L)).
ML
L M
L∩M
K
Proof. L is the splitting field over K of a separable polynomial
f ∈ K[X], so ML is the splitting field over M of f (considered in M[X]).
So, M ⊆ ML is normal, finite and separable. Let σ be an automor-
phism in G := G(ML/M). Then σ|L ∈ G(L/K). Consider the group
homomorphism res : G → G(L/K), res(σ) = σ|L, ∀σ ∈ L. It is injective:
∀σ ∈ G with σ|L = id, we have σ = id (since σ and id agree on M and
on L, they agree on ML). Thus G ≅ I, where I is the image of the res
homomorphism; I is a subgroup of G(L/K). Let us show that
I = G(L/M ∩ L). By the fundamental theorem, this is tantamount to the
fact that the fixed fields of I and G(L/M∩L) are equal. We have
I
L = {x ∈ L|σ(x) = x, ∀σ ∈ G(ML/M)}. But {x ∈ ML| σ(x) = x,
I
∀σ ∈ G(ML/M)} = M, so L = M ∩ L. !
The classical Galois theory that we presented here using a “lin-
earized” approach, due to Dedekind and Artin, has generalizations and
counterparts in multiple directions:
Infinite Galois Theory treats the case of an extension that is alge-
braic, normal and separable, but not necessarily finite. The idea is to
make the Galois group of the extension a topological group (by means
of the Krull 9 topology) ; the fundamental theorem reads in this case:
9
Wolfgang Adolf Ludwig Helmuth Krull (1899-1971), German mathematician.
The Galois connections establish bijections from the set of all

intermediate fields of the extension to the set of all closed subgroups
of the Galois group.
A Galois theory for commutative rings was developed by CHASE,
HARRISON, ROSENBERG, in a paper published in 1965.
Differential Galois theory looks into the problem of “explicit”
solutions of differential equations. For an introduction and references,
see for instance GOZARD [1997].
Co-Galois theories. An example of such a theory is the Kummer
theory that we present in the next chapter. The name reflects the fact
that these theories establish inclusion preserving bijections between
the lattice of intermediate fields and the lattice of subgroups of a cer-
tain group associated to the extension (as opposed to Galois theory,
where they are order reversing). Recently, the Romanian mathemati-
cians T. Albu and F. Nicolae devised a theory of this type that
generalizes, among others, Kummer theory (T. ALBU, Cogalois The-
ory, Marcel Dekker, New York, 2003).
Exercises
3
1. Let L be the splitting field over Q of X − 2. Find G(L/Q) and all
the subfields of L. (Hint: Look for the action of the automorphisms on
2
the generators 3 2 and ω, where ω + ω + 1 = 0).
4
2. The same problem, for the polynomial X − 2 ∈ Q[X].
3. Let G = G(L/Q), where L = Q( 8 2 ). Find G and the fixed field of G.
4. Let K be a field and let K(X) be the rational function field over K.
a) Let ψ : K(X) → K(X) be the unique K-homomorphism with

ψ(X) = X + 1. Determine the subgroup H generated by ψ ; find the
fixed field of H.
b) Prove that ϕ ∈ AutK(K(X)) = Gal(K(X)/K) iff there exist a, b, c,
aX + b
d ∈ K, with ad − bc ≠ 0 such that ϕ(X) = . In particular,
cX + d
H ≠ Gal(K(X)/K), but these subgroups have the same fixed field. (Hint.
Use IV.1.28c))
⎛a b ⎞
c) Show that Φ : GL(2, K) → AutK(K(X)), Φ ⎜ ⎟ = ϕ, with
⎝c d ⎠
ϕ(X) = aX + b , is a surjective group homomorphism, whose kernel is
cX + d
the subgroup S of scalar matrices (matrices of the type aI, with a ∈ K
and I is the identity matrix). The group GL(2, K)/S is called the
projective linear group of degree 2 over K, denoted PGL(2, K). So
AutK(K(X)) ≅ PGL(2, K).
5. Suppose L/K is a normal finite extension and S is the separable clo-
sure of K in L. Show that:
a) K ⊆ S is normal and res : G(L/K) → G(S/K), res(σ) = σ |S is an
isomorphism.
b) The fixed field of G(L/K) is I, the purely inseparable closure of
K in L (so I ⊆ L is Galois).
c) L = SI.
6. Let K ⊆ L, K ⊆ E be Galois extensions such that L ∩ E = K. Then:
G(LE/K) ≅ G(L/K) × G(E/K).
7. Let L/K be a Galois extension and let E, F be intermediate fields.
Show that:
a) G(L/EF) = G(L/E) ∩ G(L/F).
b) G(L/E∩F) = < G(L/E) ∪ G(L/F) >, the subgroup generated by
G(L/E) and G(L/F).
VI.1 Ruler and compass constructions 273
c) If A, B ≤ G(L/K), which are the fixed fields of A ∩ B, respec-

tively of < A ∪ B > ?
8. This exercise shows how to obtain a normal extension of degree 3
of Q using Galois theory10. The idea is to take an Abelian extension of
degree 6 of Q; taking a subgroup H of order 2 of the Galois group, the
fixed field of H is normal and has degree 3 over Q. Consider the
cyclotomic extension Q ⊆ Q(ω), where ω is a primitive root of unity
of order 9. Prove that the Galois group of the extension is isomorphic
to U(Z9) and the fixed field of the complex conjugation automorphism
is Q(cos(2π/9)), a normal extension of degree 3 of Q. Determine all
subfields of Q(ω).
VI. Applications of Galois Theory
VI.1 Ruler and compass constructions
Geometric ruler and compass constructions have a substantial

historical interest. Such problems were one of the focal points of the
antique Greek geometry. A number of celebrated problems stayed un-
10
A more general way to construct such extensions uses discriminants.
274 VI. Applications of Galois Theory
solved for millennia, despite the efforts of some of the best

mathematicians. The solution (often in the negative) was given only in
th
the 19 century, at the dawn of the theory of field extensions. It is
remarkable that the proof of impossibility of famous constructions re-
quires only elementary concepts of field extensions theory, giving yet
another demonstration of the power of the algebraic methods. The
main difficulties seem to have been the transfer of the problem from
Geometry to Algebra and a precise formulation of the concept of
“constructible by ruler and compass”.
In this section, “construction” means exclusively “ruler and com-

pass construction”.
We want to obtain general constructibility criteria, which will an-
swer the following famous problems:
- “Angle trisection”: Construct an angle whose measure is 1/3
of the measure of a given angle.
- “Cube duplication”: Construct a cube whose volume is the
double of the volume of a given cube.
- “Square the circle”: Construct a square whose area is equal to
the area of a given circle.
- Construct a regular heptagon. More generally, for what natural
numbers n is it possible to construct a regular polygon with n
sides?
The rules of construction are simple and well-known:
- A set of initial points is given (usually two points);
- For any two points (given, or already constructed as intersections
of lines or circles), with the ruler one can draw the straight line pass-
ing through these points.
- The compass can draw the circle centered in a constructed (or
given) point and passing through another constructed (or given) point.
These are the only constructions allowed. Note that drawing a line
(a circle) does not mean that all points belonging to it are constructed.
A point is constructed only if it is identified as an intersection between
lines (or circles, or lines and circles).
Analyzing the various problems of construction, one realizes that
all are equivalent to a problem of the following type:
“For a given set S of points in the plane, construct a set T of points
(satisfying some property)”.
Indeed, the construction of a line reduces to the construction of two
distinct points on that line; an angle is determined by three points (the
vertex of the angle and a point on each side) etc. The reader is invited
to formulate in this form the problems in the list above.
1.1 Definitions and notations. In what follows, P denotes an

Euclidian plane. If A and B are distinct points in P, AB denotes the line
determined by the points A and B, [AB] is the (closed) segment deter-
mined by A and B, and |AB| is the length of the segment [AB]. Let S be
a set of points in P (called initially constructible points). Let DS be the
set of the lines determined by two distinct points in S and let CS be the
set of circles centered in a point in S and passing through a point in
S.11
The point M ∈ P is called constructible12 in one step from S if it
satisfies one of the following conditions:
- P belongs to the intersection of two distinct lines in DS.
11
Sometimes CS is defined as the set of circles centered in a point in S with
radius equal to the distance between two arbitrary points in S. The definition we
have adopted for CS corresponds to a “collapsible compass”: one cannot “transport”
with the compass the distance between two points. The two definitions are in fact
equivalent, in the sense that they lead to the same set of constructible points C(S).
Prove this!
12
We omit saying “by the ruler and compass” in what follows.
- P belongs to the intersection of two distinct circles in CS.

- P belongs to the intersection of a circle in CS with a line in DS.
Let C1(S) denote the set of points that are constructible in one step
from S. Let C0(S) := S and define by recurrence Cn(S) := C1(Cn − 1(S)),
*
∀n ∈ N .
A point in P is called constructible from S if the point is in
C(S) := ∪n∈N Cn(S).
A line (a circle, an angle,…) is said to be constructible from S if the
line (the circle, the angle,…) is determined by points in C(S).
If the set S is understood, we say constructible instead of construct-
ible from S.
1.2 Remark. a) |S| = 1 ⇔ C1(S) = S. If one takes only one initially

constructible point, nothing else can be constructed from it.
b) S ⊆ C1(S). Indeed, if |S| ≥ 2, let A, B ∈ S. The point A is the
intersection of the line AB with the circle of center B passing through
A. So, Cn(S) ⊆ Cn + 1(S), ∀n ∈ N.
1.3 Lemma. Let S ⊆ P with |S| ≥ 2 and let A, B, C ∈ C(S) be dis-

tinct.
a) The symmetric of B with respect to A is constructible from S.
b) The midpoint D of the segment [AB] and the perpendicular on
[AB] in D are constructible.
c) The perpendicular from C on AB is constructible.
d) If C ∉ AB, then the parallel through C to AB is constructible.
Proof. Exercise in elementary geometry. !
Assumptions and notations. We suppose from now on that S is a
subset of P with at least two points. Fix two distinct points O and I in
S. There exists a unique system of Cartesian coordinates in the plane P
such that O is the origin, of coordinates (0,0), and I has coordinates
(1,0). The segment OI has thus length 1. Let κ : P → R × R the map-
ping that associates to a point in P its coordinates in the system above.
We often identify a point M ∈ P with the couple (x, y) of its coordi-

nates, and say “the point (x, y)”. Thus, S can be seen as a subset of
R × R. If T is a set of points in P, define TR as the set of real numbers
that occur as coordinates for the points in T. Therefore,
TR := {x ∈ R | ∃ y ∈ R such that (x, y) ∈ T or (y, x) ∈ T}.
In the hypotheses above, SR contains at least 0 and 1.
As a consequence of the constructions in 1.3, the coordinate axes
Ox and Oy are constructible from O and I.
1.4 Definition. The real number x is called constructible from S if

the point of coordinates (x, 0) is constructible from S. If the set S is
clear from the context, we say simply “x is constructible”.
In our hypotheses, 0 and 1 are always constructible.
1.5 Proposition. Let x ∈ R. The following assertions are equiva-

lent:
a) x is constructible from S.
b) The point (0, x) is constructible.
c) There exists y ∈ R such that (x, y) is constructible.
d) There exists y ∈ R such that (y, x) is constructible.
Proof. a)⇒b) Let M be the (constructible) point (x, 0). By 1.3, con-
struct the symmetric M' of M with respect to O, then the
midperpendicular of the segment [MM'] (i.e. the Oy axis). The point
(0, x) belongs to the intersection of the circle centered in O of radius
[OM] with Oy.
The other implications are equally easy and are left to the reader. !
The concept of constructible complex number is also natural (and
useful, as we will see shortly):
1.6 Definition. The complex number z = x + iy (where x, y ∈ R) is

called constructible from S if the real numbers x and y are construct-
ible from S.
The set C is in one-to-one correspondence with the plane P
(composing the bijection κ above with (x, y) & x + iy from R × R to
C). Let SC be the set of complex numbers that correspond to the points
in S (i.e., the affixes of the points in S):
SC = {x + iy ∈ C | (x, y) ∈ S}.
We have {0, 1} ⊆ SC . It is natural to show that the following result
holds:
1.7 Proposition. Let a, b ∈ R. The following statements are

equivalent:
a) The complex number a + ib is constructible.
b) The point (a, b) is constructible.
c) The real numbers a and b are constructible.
Proof. a)⇒b) If a + ib is constructible, then the points A = (a, 0)
and B = (0, b) are constructible (use prop. 1.5). Thus, (a, b) is the
intersection of the perpendicular in A on Ox with the perpendicular in
B on Oy.
b)⇒c) Let (a, b) be a constructible point. Then the perpendiculars
from (a, b) on the axes Ox and Oy are constructible, so (a, 0) and (0, b)
are constructible. !
1.8 Remark. Let K be the set of constructible reals13. The previous

proposition says that the point (x, y) is constructible if and only if
(x, y) ∈ K × K. In other words, C(S) = K × K. The set of constructible
complex numbers is K[i] = {x + iy | x, y ∈ K}.
13
Of course, we mean the real numbers constructible from S. Omitting S from
the notation K simplifies the notation.
1.9 Proposition. a) K is a subfield of R, closed under square roots:

for any x ∈ K with x > 0, x ∈ K. Moreover, K is the smallest sub-
field of R that includes SR, the coordinates of the points in S, and is
closed under square roots.
b) K[i] is a subfield of C, closed under square roots and under
complex conjugation: for any z ∈ K, z and z ∈ K. Moreover, K[i]
is the smallest subfield of C that includes the set SC of the affixes of
points in S and is closed under square roots and conjugation.
Proof. a) 0 and 1 belong to K, since O(0, 0) and I(0, 1) are in S. Let
−1
a, b ∈ K, a, b ≠ 0. It is enough to prove that − a, a + b, ab are con-
structible. We use the constructions from 1.3.
The point (a, 0) is constructible, so (− a, 0), its symmetric with re-
spect to O, is constructible, whence − a ∈ K.
The constructible points (0, a) and (− a, 0) determine a line d. The
perpendicular on Ox in (b, 0) is constructible and intersects d in (b,
a + b). So, a + b ∈ K.
−1
For the constructibility of ab , consider the line determined by
(b,0) and (0, 1). The parallel to this line through (a, 0) intersects Oy in
−1
(0, ab ).
Suppose now that a > 0. Since K is a field, ((a + 1)/2, 0) is
constructible. The circle centered in ((a + 1)/2, 0) passing through
(0, 0) intersects the perpendicular on Ox in (a, 0) in two points, of
coordinates (a, a ) and (a, − a ). So, a ∈ K.
It is clear that K contains the coordinates of any point in S. The
next lemma implies that, if L is a subfield of R, L contains SR and L is
closed under square roots, then K ⊆ L.
b) Since K is a subfield in R, K[i] is a subfield in C. If a + bi, with
a, b ∈ K, is an element in K[i], then its conjugate a − bi ∈ K[i]. For
proving that K[i] is closed under square roots, we use the trigonomet-
ric form of complex numbers. Let z = r(cosα + isinα), with r > 0,
r·cosα, r·sinα ∈ K. Then z = ± r (cos(α 2 ) + i sin(α 2 )) . We have
2 2 2 2 2 2
r cos α + r sin α = r , so r ∈ K, r and r ∈ K (which is closed un-
der square roots). We get also cosα, sinα ∈ K. We have
cos(α 2 ) = ± (1 + cosα ) 2 ∈ K. Likewise, sin(α/2) ∈ K, so
z ∈ K[i]. The next lemma shows that any subfield of C containing
the affixes of points in S and is closed under conjugation and square
roots must include K[i]. !
1.10 Lemma. a) Let L be a subfield of R and let (x, y) ∈ R × R. If

(x, y) is constructible in one step from L × L, then x, y ∈ L or there ex-
ists u ∈ L, u > 0, such that x, y ∈ L( u ) .
b) If L is a subfield of R, closed under square roots, then
C(L × L) = L × L: the set of points constructible from L × L coincides
with L × L. In particular, if SR ⊆ L, then K ⊆ L.
c) Let E be a subfield of C such that E is closed under conjugation
and square roots and E ⊇ SC. Then K[i] ⊆ E.
Proof. a) It is enough to prove that any point M(x, y), constructible
in one step from L × L, is in L × L or in L( u ) × L( u ) for some
u ∈ L, u > 0. Use the notations in Definition 1.1.
Case I. M(x, y) is the intersection of two lines in DL × L. Let Ai(xi,
yi) ∈ L × L, ∀i ∈ {1, 2, 3, 4}, such that A1A2 and A3A4 are not parallel
and M is their intersection. The equation of the line A1A2 is
(x − x1)(y2 − y1) = (y − y1)(x2 − x1). Since L is a field, this equation can
be written as ax + by = c, with a, b, c ∈ L. In the same way, the equa-
tion of A3A4 is dx + ey = f, for some d, e, f ∈ L. Then M(x, y) is the
solution of the system
⎧ax + by = c
⎨
⎩dx + ey = f
The determinant of the system is nonzero, (otherwise the lines
would be parallel); Cramer's formulas show that the solution (x, y) of
the system is in L × L.
Case II. M belongs to the intersection of a line in DL × L with a cir-

2 2 2
cle in CL × L. The equation of a circle in CL × L is (x − a) + (y − b) = r ,
for some a, b, r ∈ L. We saw that the equation of a line in DL × L is
dx + ey = f, for some d, e, f ∈ L. Then M(x, y) is the solution of the sys-
tem:
⎧( x − a )2 + ( y − b )2 = r 2
⎨
⎩dx + ey = f
Suppose d ≠ 0 (if d = 0, then e ≠ 0 and swap d with e). So,
−1 −1 2
x = − d ey − d f. The first equation becomes py + qy + s = 0, for
some p, q, s ∈ L. This equations must have real solutions (the circle
( )
and the line intersect), y = 2 p −1 ⋅ − q ± q 2 − 2 sp . So, x, y ∈ L( u ) ,
2
where u = q − 2sp ∈ L.
Case III. M belongs to the intersection of two circles in CL × L. We
must show that the solutions (if any) of a system of the form
⎧⎪( x − a )2 + ( y − b )2 = r 2
⎨ ,
⎪⎩( x − c )2 + ( y − d )2 = t 2
where a, b, r, c, d, t ∈ L, are in L( u ) × L( u ) for some u ∈ L, u > 0.
Subtracting the equations, the quadratic terms cancel out and we ob-
tain linear equation in x and y; together with one of the initial equa-
tions, we obtain a system of the type studied at case II.
b) The subfield L being closed under square roots, the result fol-
lows from a).
If SR ⊆ L (i.e. S ⊆ L × L), then C(S) ⊆ C(L × L). By a),
C(L × L) = L × L. Thus, K ⊆ L.
c) Let L = E ∩ R. If x ∈ L, x > 0, then x ∈ E (E is closed under
square roots) and x ∈ R, so x ∈ L. Thus, L is a subfield of R,
closed under square roots. On the other hand, if x, y ∈ R and
x + iy ∈ E, then x − iy ∈ E (E is closed under conjugation), so x, y ∈ E.
Since x, y ∈ R, x, y ∈ L. Conversely, if x, y ∈ L, then x + iy ∈ E, be-
cause i = − 1 ∈ E. So, E = L[i] = {x + iy | x, y ∈ L}.
The hypothesis SC ⊆ E is thus equivalent to SR ⊆ L; by a), we have

K ⊆ L, so K[i] ⊆ L[i] = E. !
We have proven that the geometric statement “the point M(x, y) is
constructible from the set of points S” has a purely algebraic form: “x
and y belong to the smallest subfield of R that includes Q(SR) and is
closed under square roots”. This algebraic translation allows us to say
about some real number x: “x is constructible from U” (where U is a
set of real numbers), meaning that “x belongs to the smallest subfield
of R that includes Q(U) and is closed under square roots”.
Note also that any rational number is constructible (from any
U ⊆ R, |U| ≥ 2).
1.11Theorem.14 A real number x is constructible from S if and only

if there exists a tower K0 ⊆ K1 ⊆ … ⊆ Kn of subfields of R, such that
x ∈ Kn, K0 = Q(SR) and [Ki : Ki −1] ≤ 2 for any i, 1 ≤ i ≤ n.
Proof. “⇒” It is enough to prove by induction on m that, for any fi-
nite set of points T, if T ⊆ Cm(S), then there exists a tower of exten-
sions K0 ⊆ K1 ⊆ … ⊆ Kn such that TR ⊆ Kn and [Ki : Ki − 1] ≤ 2,
∀i ∈ {1, …, n}. If m = 0, T ⊆ S, so TR ⊆ SR ⊆ Q(SR) = K0. Let m > 0
and let T = {A1, …, Ar} be a finite subset of Cm(S). This means that
there exists a finite set U ⊆ Cm−1(S) such that any point in T is
constructible in one step from U. From the induction hypothesis, there
is a tower K0 ⊆ K1 ⊆ … ⊆ Kn such that UR ⊆ Kn and [Ki : Ki − 1] ≤ 2,
∀i ∈ {1, …, n}. For any point As ∈ T (s ∈ {1, …, r}), lemma 1.10.a)
says that As has its coordinates in Kn (then set us = 0) or in a quadratic
extension of Kn of the form K n ( us ) , for some us ∈ Kn, us > 0. So,
TR ⊆ K n ( u1 ,… , ur ) and we have a tower of extensions
14
The result belongs to M.L. Wantzel, who proved it and published it in 1837
(when he was “elève-ingénieur des Ponts-et-Chaussées”). It seems though that Gauss
knew as early as 1796 this criterion of constructibility.
K0 ⊆ … ⊆ Kn ⊆ K n ( u1 ) ⊆ … ⊆ K n ( u1 ,… , ur ) ,
satisfying the condition that each extension has degree at most 2.
“⇐” We prove by induction on n that, for any tower
Q(SR) = K0 ⊆ … ⊆ Kn ⊆ R, with [Ki : Ki−1] ≤ 2, 1 ≤ i ≤ n , we have
Kn ⊆ K (recall K is the field of the real numbers constructible from S).
If n = 0, then K0 = Q(SR). Using 1.9.a), we deduce that K includes the
subfield of R generated by SR, which is exactly Q(SR). If n > 0,
[Kn : Kn−1] ≤ 2 implies either that Kn = Kn−1 (and the induction
hypothesis shows that we are done) or that Kn is an extension of de-
gree 2 of Kn−1. In this case there exists u ∈ Kn−1, u > 0, such that
Kn = Kn−1( u ). By induction, we know that Kn−1 ⊆ K; since K is
closed under square roots, we deduce Kn ⊆ K. !
1.12 Corollary. (Necessary condition for constructibility) Let x be

a real number constructible over S and let K0 = Q(SR). Then x is alge-
braic over K0 and its degree over K0 is a power of 2 (there exists
e
e ∈ N such that [K0(x) : K0] = 2 ).
Proof. The extension Kn in the previous theorem is such that x ∈ Kn
and [Kn : K0] is a power of 2. Thus, x is algebraic over K0 and
K0 ⊆ K0(x) ⊆ Kn; so, [K0(x) : K0] divides [Kn : K0], which means that
[K0(x) : K0] is a power of 2. !
We can easily prove now that some classic ruler and compass
constructions problems are impossible:
1.13 Proposition. a) The trisection of an angle of measure θ is

equivalent to the construction of the point (cos(θ/3), sin(θ/3)) from {O,
I, (cosθ, sinθ)}. A 60° angle cannot be trisected by ruler and compass

(a 20° angle is not constructible).15
b) Cube duplication is impossible (it is impossible to construct a
cube whose volume is the double of the volume of a given cube).
c) Squaring the circle is impossible (it is impossible to construct a
square whose area is equal to the area of a given circle).
Proof. a) Constructing an angle of measure α is equivalent to con-
structing the point (cos α, sin α). Indeed, if the angle has its vertex in
O one of the sides is Ox, the intersection of the other side with the unit
circle is (cos α, sin α) or (cos α, − sin α). Conversely, if
P(cos α, sin α) is given, then the angle between OP and Ox has meas-
ure α.
On the other hand, if cos α is constructible, then
sin α = ± 1 − cos2 α is constructible. Thus, trisecting the angle of
measure θ is tantamount to the constructibility of cos(θ/3) from
3
{cosθ}. The formula cos(3x) = 4cos x − 3cosx implies that
u := cos(θ/3) satisfies the equation:
3
4u − 3u = cosθ.
3
We are led to the study of the polynomial 4X − 3X − cosθ , with
coefficients in Q(cosθ). For θ = 60°, we obtain that u := cos20° is a
3
root of g := 8X − 6X − 1 ∈ Q[X]. We have Irr(u, Q) = g (since g has
no rational roots), so [Q(u) : Q] = 3. This shows that u is not construct-
ible, since [Q(u) : Q] is not a power of 2.
b) Choose the unit length to be the length of the side of the cube.
Thus, the initially constructible points are O and I. The cube having
double the volume has the side 3 2 . The real number 3 2 is not con-
structible, since [Q( 3 2 ) : Q] = 3 is not a power of 2.
15
This result does not say that no angle can be trisected (for instance, a 90° angle
can be trisected), but that some angles (the 60° angle) cannot be trisected. Thus,
there exists no ruler and compass construction of the trisection of an arbitrary angle.
c) Choosing the unit length to be the radius of the circle, the ini-
tially constructible points are O and I. The area of the circle of radius
1 is π, so the side of the square with area π is π . But π is
transcendental over Q and π is also transcendental, so it is not con-
structible. !
For the formulation of a necessary and sufficient criterion of
constructibility, the following complex version of Theorem 1.11 is
useful:
1.14 Theorem. a) The complex number z is constructible from S

(i.e. z ∈ K(i)) if and only if there exists a chain of subfields of C,
L0 ⊆ L1 ⊆ … ⊆ Ln, such that z ∈ Ln, L0 = Q(SR)(i) and [Lt : Lt −1] ≤ 2,
for any t ∈ {1, …, n}.
b) If z is a complex number constructible over S, then z is algebraic
over L0 = Q(SR)(i) and its degree over L0 is a power of 2 (there exists
e
e ∈ N such that [L0(x) : L0] = 2 ).
Proof. a) “⇒” Let z = x + yi, with x, y ∈ K. By 1.11, there exists a
chain K0 ⊆ K1 ⊆ … ⊆ Kn of subfields of R, with K0 = Q(SR), x, y ∈ Kn
and [Kt : Kt − 1] ≤ 2, for any t ∈ {1, …, n}. Let Lt := Kt(i). The chain of
subfields L0 ⊆ L1 ⊆ … ⊆ Ln satisfies the required conditions.
“⇐” The same technique as in Theorem 1.11 is used. By induction
on n, we show that for any chain Q(SR)(i) = L0 ⊆ L1 ⊆ … ⊆ Ln of sub-
fields of C, with [Lt : Lt−1] ≤ 2, ∀t ∈ {1, …, n}, we have Ln ⊆ K(i). If
n = 0, apply 1.9. For n > 0, [Ln : Ln−1] ≤ 2 implies Ln = Ln−1 or Ln is a
quadratic extension of Ln−1. Since K(i) is closed under square roots,
and Ln−1 ⊆ K(i) by hypothesis, Ln ⊆ K(i).
b) Exercise. !
1.15 Theorem. (Characterization of constructible real num-

bers) Suppose U ⊆ R, x ∈ R is algebraic over Q(U) and N is the nor-
mal closure of Q(U) ⊆ Q(U)(x). Then x is constructible from U if and
only if [N : Q(U)] is a power of 2.
Proof. Let g := Irr(x, Q(U)) ∈ Q(U)[X]. Then N is the splitting field

of g over Q(U) := K0. We must show that x ∈ K (the numbers
constructible from U) if and only if [N : K0] is a power of 2.
“⇒” Theorem 1.11 shows there exists a tower K0 ⊆ K1 ⊆ … ⊆ Kn
of subfields of R, such that [Kt : Kt − 1] ≤ 2, ∀t ∈ {1, …, n} and
x ∈ Kn. Let E be the normal closure of K0 ⊆ Kn. Since x ∈ E and E is
normal over K0, g splits over E, so N ⊆ E. On the other hand,
E = K0{∪{σ(Kn)|σ ∈ H}}, where H is the set of the K0-homomorphisms
from Kn to C (see 2.7). For any σ ∈ H, the chain of extensions
K0 = σ(K0) ⊆ σ(K1) ⊆ … ⊆ σ(Kn) has the property that
[σ(Kt) : σ(Kt−1)] ≤ 2, ∀t ∈ {1, …, n}. The proof of theorem 1.14 im-
plies that σ(Kn) ⊆ K(i). So, E ⊆ K(i) and thus N ⊆ K(i). Let α be a
primitive element of the separable finite extension K0 ⊆ N. Because
α ∈ K(i), theorem 1.14.b) guarantees that [K0(α) : K] = [N : K0] is a
power of 2.
e
“⇐” The Galois extension K0 ⊆ N has the degree 2 for some e, so
e
its Galois group G has 2 elements. From (Appendix 6, Proposition 11)
there exists a chain of subgroups of G, G = G0 ⊇ G1 ⊇ … ⊇ Ge = {id},
e−t
with [Gt − 1 : Gt] = 2, ∀t ∈ {1, …, e} (so |Gt| = 2 ). Denoting by Kt
the fixed field of Gt, ∀t ∈ {1, …, e}, we have K0 ⊆ K1 ⊆ … ⊆ Ke = N
(we applied the Galois correspondence). We have [Kt : Kt−1] =
[Gt−1 : Gt] = 2, ∀t ∈ {1, …, n}. Theorem 1.14. implies that N ⊆ K(i).
Therefore x ∈ R ∩ K(i) = K. !
1.16 Remark. Keeping the same notations, we also have: x is con-

structible from U if and only if there exists a normal extension L of
Q(U), with [L : Q(U)] a power of 2 and x ∈ L. Indeed, if x belongs to
such an extension L, then the normal closure of Q(U) ⊆ Q(U)(x) is in-
cluded in L and has its degree over Q(U) a power of 2.
We now solve the classical problem of the constructibility of regu-
lar polygons.
1.17 Theorem. (Gauss, 1801) Let n ≥ 3. The regular n-gon is con-

structible by ruler and compass if and only if the prime factor
e
decomposition of n is n = 2 ·p1·…·pt, where e, t ∈ N and p1, …, pt are
m
distinct primes of the form 22 + 1 , for some m ∈ N.16
Proof. Here, “constructible” means “constructible from two points
(O and I )”. To construct a regular n-gon is equivalent to construct the
angle17 2π/n. Let a, b ∈ N*, with (a, b) = 1. We claim that the angle
2π/ab is constructible if and only if the angles 2π/a and 2π/b are con-
structible. The direct implication is simple: for a given angle (for in-
stance 2π/ab), any multiple of it can be constructed (so the angles
2π/a, 2π/b are constructible). Conversely, let u, v ∈ Z such that
ua + vb = 1. Multiplying by 2π/ab, we get u·2π/b + v·2π/a = 2π/ab
and we apply the fact that if the angles α and β are constructible, then,
for any u, v ∈ Z, the angle uα + vβ is constructible.
Thus, if n = p1α1 … pkαk , with p1, …, pk distinct primes, the construc-
tion of the angle 2π/n is equivalent to the construction of every angle
2π piαi , for any i ∈ {1, …, k}. This allows us to suppose from now
on that n is a power of a prime.
e
If n = 2 , e > 1, then the angle 2π/n is constructible (induction on e:
e e−1
the angle 2π/2 is obtained by bisecting the angle 2π/2 ).
At 1.13. we saw that the angle α is constructible if and only if cosα
is constructible.
16
Such a prime number is called a Fermat prime. For m = 0, 1, 2, 3, 4, one
obtains 3, 5, 17, 257, 65537, which are indeed prime. No other Fermat primes have
been found yet. Using computers, it has been proven that the above are all the
40000
Fermat primes less than 10 .
17
We say “the angle u” instead of “the angle of measure u”.
α
Suppose from now on that n = p , p a prime, p ≠ 2, α ∈ N*. We
α
prove that cos(2π/p ) is constructible ⇔ α = 1 and p is a Fermat
prime.
Suppose cos(2π/n) is constructible. Then, using 1.12,
[Q(cos(2π/n )) : Q] is a power of 2. Let ζ := cos(2π/n) + isin(2π/n).
The next lemma says that [Q(ζ ) : Q] = 2·[Q(cos(2π/n)) : Q]. On the
other hand, the degree of the cyclotomic extension Q ⊆ Q(ζ ) is ϕ(n) =
α α α−1 α α−1
ϕ(p ) = p − p , so p − p is a power of 2. Let e ∈ N with
α−1 e e e
p (p − 1) = 2 . If α ≥ 2, then p | 2 , absurd. So α = 1 and p − 1 = 2 ,
e b
whence p = 2 + 1. Suppose e is not a power of 2. Then e = a ·2 , for
b b
some a, b ∈ N, a ≥ 3, a odd. So, p = 22 a + 1. Let d := 22 , so
p = d a + 1. Since a is odd , d a + 1 is divisible by d + 1, so p is not a
prime, contradiction. Hence e must be a power of 2, which means that
p is a Fermat prime.
Conversely, let p be a Fermat prime. Let us prove that cos(2π/p) is
constructible. The extension Q ⊆ Q(ζ ) is normal, of degree
ϕ(p) = p − 1, which is a power of 2. Since ζ = cos(2π/p) + isin(2π/p)
−1
and ζ = cos(2π/p) − isin(2π/p) are in Q(ζ ), cos(2π/p) belongs to
Q(ζ ). The remark following Theorem 1.15. applies and we obtain the
constructibility of cos(2π/p). !
1.18 Lemma. Let n ∈ N, n ≥ 2 and let ζ be a primitive complex nth

root of unity. Then
[Q(ζ) : Q(cos(2π/n ))] = 2.
Proof. We may suppose that ζ = cos(2π/n) + i·sin(2π/n). Clearly,
ζ ∉ Q(cos(2π/n)), so [Q(ζ ) : Q(cos(2π/n))] ≥ 2. But i·sin(2π/n) is a
2 2
root of (cos(2π/n) − X = 1, so [Q(ζ ) : Q(cos(2π/n))] ≤ 2. !
1.19 Example. A regular heptagon is impossible to construct by

ruler and compass, as is a regular 9-gon. In fact, for n ≤ 20, a regular
n-gon is constructible ⇔ n ∈ {3, 4, 5, 6, 8, 10, 12, 15, 16, 17}.
VI.2 Trace and norm 289
VI.2 Trace and norm
If K ⊆ L is a finite extension and x ∈ L, the conjugates of x over K

are the roots of the minimal polynomial of x over K. The sum (and the
product) of these conjugates, each occurring with its multiplicity, are
elements in K, as the Viète relations show. For instance, if
x = a + b d , with d a square free integer and a, b ∈ Q, then a − b d
is the only conjugate of x over Q. The sum of all conjugates of
2 2
a + b d is thus 2a, and the product of all its conjugates is a − db .
This is what we called “the norm of a + b d ” and appeared in the
study or arithmetic properties of the ring Z[ d ]. These are particular
cases of concepts that we study now.
Although we use the notions of trace and norm mainly in the case
of a finite extension of fields, the definitions and the proofs are the
same as in the more general case of an extension of commutative rings
R ⊆ S such that S is a free R-module of finite rank. The reader less
familiar with these concepts may assume in what follows that R ⊆ S is
a finite extension of fields (so, S is an R-vector space of finite dimen-
sion). In this case, “free module” translates into “vector space”, “mod-
ule homomorphism” means “linear mapping” etc.
Let R ⊆ S be an extension of commutative rings with identity 18 ,
such that S, with its canonical R-module structure, is free and has rank
n. We recall some facts on free modules from II.4. We denote
EndR(S) := {ϕ : S → S | ϕ is an R-module homomorphism}. (EndR(S),
+, °) is a ring with identity; "+" denotes homomorphism addition and
"°" the usual map composition. Let e = (e1,…,en) be a basis of the free
R-module S. If ϕ ∈ EndR(S), the matrix of ϕ in the basis e is the n×n
matrix Me(ϕ) = (aij)1 ≤ i, j ≤ n, where aij ∈ R are defined by the relations
18
In other words, S is a commutative ring with identity and R is a subring of S
containing the identity.
n
ϕ(ei) = ∑ aij e j , ∀i ∈ {1, …, n}.
j =1
We obtain a function Me : EndR(S) → Mn(R), ϕ & Me(ϕ), which is

a ring anti-isomorphism. If f = (f1,…, fn) is an n-uple of elements in S,
then there exists a unique matrix U = (uij)1 ≤ i, j ≤ n ∈ Mn(R) such that:
n
fi = ∑ uij e j .
j =1
f = (f1, …, fn) is a basis in R S ⇔ U is invertible in

Mn(R) ⇔ det U ∈ U(R) (the group of units of R); in this case,
−1
Mf(ϕ) = U·Me(ϕ)·U .
The characteristic polynomial of a vector space endomorphism in-

spires the following definition (cf. III.4.18.):
2.1 Definition. Let I ∈ Mn(R) the identity matrix and let

A = (aij) ∈ Mn(R). The matrix:
⎡ X − a11 − a12 … − a1n ⎤
⎢ −a X − a22 … − a2 n ⎥
XI − A := ⎢ 21
⎥ ∈ Mn(R[X])
⎢ … ⎥
⎢ −a − an 2 … X − ann ⎥⎦
⎣ n1
is called the characteristic matrix of A. Let ϕ ∈ EndR(S) and let e be an
arbitrary basis in R S. Define
P(ϕ) := det(XI − Me(ϕ)) ∈ R[X],
called the characteristic polynomial of ϕ.
The characteristic polynomial of ϕ is correctly defined (it is
independent on the choice of a basis): if f is another basis, there exists
−1
U ∈ U(Mn(R)) such that Mf(ϕ) = U·Me(ϕ)·U , so XI − Mf(ϕ) =
−1
U·(XI − Me(ϕ))·U . Thus,
−1
det(XI − Mf(ϕ)) = detU·det(XI − Me(ϕ))·det(U ) = det(XI − Me(ϕ)).
n n−1
Let P(ϕ) := X + an − 1X + … + a1 X + a0; the coefficients ai ∈ R
depend only on ϕ (not on the choice of the basis), so the following
definitions are correct:
Tr(ϕ) := − an − 1 (called the trace of ϕ)
n
det(ϕ) := (−1) a0 (called the determinant of ϕ).
If A = (aij) ∈ Mn(R) is the matrix of ϕ in some basis, then
Tr(ϕ) = Tr(A) = a11 + a22 + … + ann; det(ϕ) = det(A).
For any x ∈ S, the function
θx : S → S, θx(y) = xy, ∀y ∈ S,
is an R-module homomorphism. We apply the definitions above to
θx ∈ EndR(S). The following notations and terms are used:
P(θx) =: P(x, S/R) ∈ R[X] is called the characteristic polyno-
mial of x;
Tr(θx) =: TrS/R(x) ∈ R is called the trace of x;
det(θx) =: NS/R(x) ∈ R is called the norm of x.
It is clear that these notions depend not only on x, but on the exten-
sion S of R. The notations we use take this into account, but not the
terminology, so some caution is recommended. We defined therefore
the mappings trace TrS/R : S → R, and norm NS/R : S → R.
2.2 Remark. θ : (S, +, ·) → (EndR(S), +, ◦), x & θx, is an R-module

homomorphism and also a ring homomorphism (in other words, θ is
an R-algebra homomorphism). Prove this!
Using this remark, the next properties are easy to prove:
2.3 Proposition. In the conditions above, we have, ∀x, y ∈ S,

∀a ∈ R:
TrS/R(x + y) = TrS/R(x) + TrS/R(y); NS/R(xy) = NS/R(x)·NS/R(y);
n
TrS/R(ax) = aTrS/R(x); NS/R(ax) = a NS/R(x); TrS/R(a) = na;
n
NS/R(a) = a . !
So, TrS/R : S → R is an R-module homomorphism.

The case we are interested in is when R and S are fields. Fix a finite
extension of fields K ⊆ L. We suppose that all algebraic extensions of
K are subfields of Ω, a fixed algebraic closure of K.
2.4 Theorem. Let K ⊆ L be a finite extension of fields, let x ∈ L

and let P(x, L/K) be its characteristic polynomial. Let
H := HomK(L, Ω) be the set of K-homomorphisms from L to Ω. Then:
[L : K(x)]
P(x, L/K) = Irr(x, K) (1)
Irr(x, K) = P(x, K(x)/K) and P(x, L/K) = {∏σ ∈H (X − σx)} ,
d
(2)
where d = [L : K]i is the inseparability degree of L over K. In particu-
lar:
TrL/K(x) = [L : K(x)]·TrK(x)/K(x) = d·{∑σ ∈H σx} (3)
[L : K(x)]
= {∏σ ∈H σx} .
d
NL/K(x) = (NK(x)/K(x)) (4)
Proof. Note that, for any g ∈ K[X], g(θx) = θg(x) (use 2.2 for the
proof). Let P := P(x, L/K) ∈ K[X]. The Cayley-Hamilton theorem for
θx ∈ EndK(L) says that P(θx) = 0. So, θP(x) = 0, which means
P(x) = θP(x)(1) = 0.
Let f := Irr(x, K). We have f | P, since P(x) = 0. Also,
f (θx) = θf(x) = θ0 = 0; if g ∈ K[X] is such that g(θx) = 0, then θg(x) = 0, so
g(x) = 0, which means f |g. This shows that f is the minimal polyno-
mial of the endomorphism θx. The Frobenius theorem implies that P
and f have the same irreducible factors. Since f is irreducible, f is the
t
only irreducible factor of P. Thus, P = f , for some t ∈ N*. Taking the
degrees, we obtain n := deg P = [L : K] = t·deg f = t·[K(x) : K], so
t = [L : K(x)]. This proves (1).
Let Q := P(x, K(x)/K). As for P(x, L/K), we have Q(x) = 0, so f |Q;
since deg Q = [K(x) : K] = deg f, we obtain f = Q. Identifying the
n−1 [L : K(x)]
coefficients of X in (1), written as P(x, L/K) = P(x, K(x)/K) ,
we get TrL/K(x) = [L : K(x)]·TrK(x)/K(x), which is the first equality in (3).

Setting X = 0 in (1), we obtain the first equality in (4.)
Formula (1) says that Irr(x, K) = P(x, K(x)/K) and reduces the
computation of P(x, L/K) to the case L = K(x). Assume for the moment
that L = K(x). Let n := |H| = [L : K]s (the separable degree of L over K).
The polynomial f has n distinct roots in Ω, namely {σx |σ ∈ H}. If m
is the multiplicity of the root x of f and σ ∈ H, then the root σx ∈ Ω
q
has also multiplicity m. Indeed, for any q ∈ N, (X − x) | f in Ω[X] ⇔
q
∃g ∈ Ω[X] with f = (X − x) g. Apply σ' (σ : L → Ω extends to a
K-isomorphism σ0 : Ω → Ω, and σ0 extends to a unique K-algebra
isomorphism σ' : Ω[X] → Ω[X] with σ'(X) = X) and obtain
q q
f = (X − σx) σ'(g). This implies that: for any q ∈ N, (X − x) | f ⇔
q
(X − σx) | f, which proves the claim. In conclusion,
f ={∏σ ∈ H (X − σx)} .
m
Comparing the degrees, we obtain [L : K] = mn = m[L : K]s. So,

m = [L : K]i = [K(x) : K]i, the inseparability degree of L over K.
In the general case, each σ ∈ HomK(K(x), Ω) has r := [L : K(x)]s
extensions to L (see V.3.11.). So,
∏σ ∈Hom(L, Ω) (X − σx) = ∏τ ∈ Hom(K(x), Ω) (X − τx)r.
By (1), we have:
[L : K(x)] m [L : K(x)]
P(x, L/K) = f = {∏τ ∈Hom(K(x), Ω) (X −τx) }
m[L : K(x)]/r
= {∏σ ∈Hom(L, Ω) (X −σx)} ,
where
m[L : K(x)]/r = [K(x) : K]i·[L : K(x)]/[L : K(x)]s = [K(x) : K]i·[L : K(x)]i
= [L : K]i.
This proves (2). The second part of (3) and (4) follows from (2). !
2.5 Corollary. Let K ⊆ L be a Galois extension and let G be its

Galois group. Then, for any x ∈ L,
TrL/K(x) = ∑σ ∈G σx
NL/K(x) = ∏σ ∈G σx.
In particular, for any σ ∈ G, NL/K(σx) = NL/K(x) and

TrL/K(σx) = TrL/K(x). !
In the case of separable extensions, d = 1 in (2), (3), (4). In fact the
inseparable extensions are exactly the extensions for which Tr = 0:
2.6 Proposition. Let K ⊆ L be a finite extension. Then

TrL/K : L → K is the 0 mapping if and only if K ⊆ L is inseparable.
Proof. If K ⊆ L is inseparable, then char K = p > 0 and the inse-
parability degree d = [L : K]i is a power of p (3.27). Formula (3) im-
plies TrL/K = 0.
Conversely, suppose K ⊆ L is separable. Then HomK(L, Ω) has
n = [L : K] elements σ1, …, σn and TrL/K(x) = σ1x +…+ σnx. If
TrL/K = 0, then σ1 +…+ σn = 0, so σ1, …, σn are linearly dependent,
contradicting Dedekind's lemma. !
2
2.7 Example. Let K be a field and let d ∈ K. If g = X − d is
irreducible in K[X] (⇔ d is not a square in K) and e = d is a root of g
in Ω, the extension K ⊆ K(e) =: L has degree 2 and it is normal. So,
HomK(L, Ω) = HomK(L, L) = G(L/K). If char K = 2, then g is insepara-
ble and G(L/K) = {id}; if char K ≠ 2, g is separable and G(L/K) = {id,
σ}, where σ(e) = −e. A basis is {1, e}. From (3) and (4) we have, for
any a, b ∈ K:
- if char K = 2:
2 2 2
NL/K(a + be) = (a + be) = a + b d, TrL/K(a + be) = 2(a + be) = 0;
- if char K ≠ 2:
2 2
NL/K(a + be) = (a + be)(a − be) = a − b d, TrL/K(a + be) = 2a.
An important property of the trace and the norm is the transitivity
property: If R ⊆ S ⊆ T are extensions of commutative rings such that S
is a free R-module and T is a free S-module (of finite ranks), then T is

a free R-module of finite rank19 and, for any x ∈ T:
NT/R(x) = NS/R(NT/S(x)), TrT/R(x) = TrS/R(TrT/S(x)).
We shall prove this for field extensions; a proof for the general case
uses linear algebra methods.
2.8 Theorem. (The transitivity of the trace and norm) Let

K ⊆ L ⊆ E be finite extensions of fields. Then:
TrE/K = TrL/K◦TrE/L and NE/K = NL/K◦NE/L.
Proof. We use 2.4.(3), 2.4.(4).
There exists a bijection
Ψ : HomK(L, Ω)×HomL(E, Ω) → HomK(E, Ω),
defined as follows: for any σ ∈ HomK(L, Ω), fix a K-automorphism
σ : Ω → Ω with σ |L = σ. For any (σ, τ) ∈ HomK(L, Ω)×HomL(E, Ω),
define Ψ(σ, τ) := σ ◦τ (which is a K-homomorphism from E to Ω
since σ and τ are K-homomorphisms). We show that Ψ is surjective.
If η : E → Ω is a K-homomorphism, let σ := η|L ∈ HomK(L, Ω). Let
τ := σ −1 ◦η : E → Ω; τ is an L-homomorphism : ∀x ∈ L,
τ(x) = σ −1 (η ( x )) = σ −1 (σ ( x )) = x. Moreover, η = Ψ(σ, τ), since,
∀y ∈ E, σ τ ( y ) = σ σ −1η ( y ) = η(y). Since HomK(L, Ω)×HomL(E, Ω)
and HomK(E, Ω) are finite and have the same cardinal (see V.3.11), Ψ
is also injective.
Let H := HomK(L, Ω), G := HomL(E, Ω), J := HomK(E, Ω). We
prove for the trace Tr, the proof for the norm being similar. We have,
∀x ∈ E:
TrL/K(TrE/L(x)) = [L : K]i·{∑σ ∈H σ {[E : L]i·∑τ ∈Gτx}}
= [E : L]i[L : K]i·{∑(σ,τ)∈H×G σ τx }
= [E : K]i·∑η∈Jηx = TrE/K(x). !
19
This fact is proven exactly as the theorem of transitivity of finite extensions.
Exercises
n
1. Let K ⊆ L be an extension of finite fields, | K | = q, | L | = q .
a) Write explicit formulas for NL/K(x) and TrL/K(x), ∀x ∈ L.
b) Prove that Tr : L → K is surjective. Can the hypothesis “L is a fi-
nite field” be weakened?
c) Prove that the norm NL/K is a homomorphism of multiplicative
groups N : L* → K*.
d) If α is a generator of the cyclic group L*, then N(α) is a genera-
tor of K*. Deduce that the norm N : L → K is surjective.
e) Calculate the cardinal of the set {x ∈ L | NL/K(x) = 1}.
2. Let n > 1 and let ω be a primitive complex nth root of unity. Show
that NL/Q(ω) = 1, where L = Q(ω).
3. Write down formulas for the trace and the norm of an arbitrary ele-
ment of a quadratic extension Q ⊆ Q ( d ) , with d ∈ Z squarefree.
The same problem for Q ⊆ Q (3 2 ) .
4. Let K ⊆ L be a finite extension and let x ∈ L such that L = K(x) and
n n−1
Irr(x, K) = X + an − 1 X + … + a0.
n
Then NL/K(x) = (−1) a0 and TrL/K(x) = − an − 1.
5. Let p > 2 be a prime and let ω be a primitive complex pth root of
unity. Show that NL/Q(1 − ω) = p, where L = Q(ω). Compute
NL/Q(a − ω), where a ∈ Q. (Hint. Find Irr(1 − ω, Q)).
6. Let L/K be finite Galois. If K ⊆ F ⊆ L is an intermediate field, then
F = K({TrL/F(x) | x ∈ L}). Is it true in general that F = K ({NL/F(x)
| x ∈ L})?
7. Let K be a field and let K(X) be the field of fractions of K[X]. Let
ϕ : K(X) → K(X) be the unique K-homomorphism with
ϕ(X) = 1/(1 − X). Prove that ϕ ∈ AutK(K(X)). Determine the fixed field
3
of ϕ. (Ind. ϕ = id. Use the trace to find an element in the fixed field.)
VI.3 Cyclic extensions and Kummer extensions 297
8. The same problem, for ϕ(X) = 1/X, respectively ψ(X) = 1 − X.

Determine the subfield of K(X) fixed by ϕ and ψ.
VI.3 Cyclic extensions and Kummer extensions
We fix a field K, an algebraic closure Ω of K and we suppose that

all the algebraic extensions of K are subfields of Ω. We study first the
n
splitting field of the polynomial X − 1 over K.
Let L be an extension of K. Recall some notations and facts from
n
IV.3: Un(L) := {x ∈ L | x = 1} is a finite subgroup (necessarily cyclic)
of (L*, ·); if |Un(L)| = n, then any generator of Un(L) is called a primi-
tive nth root of unity. A primitive nth root of unity exists in Ω ⇔
|Un(L)| = n ⇔ char K - n.
Pn(L) := {ω ∈ Un(L) | ordω = n} is the set of primitive nth roots of
unity in L. If L contains a primitive nth root of unity ω, then
i
Pn(L) = {ω | 1 ≤ i < n, (i, n) = 1}, so |Pn(L)| = ϕ(n). The splitting field
n
of X − 1 over K is also called the n-th cyclotomic field over K.
3.1 Proposition. Suppose n ∈ N*, K is a field with char K - n and L

n
is a splitting field of X − 1 over K. Let ω be a primitive nth root of
unity in L. Then L = K(ω), K ⊆ L is a Galois extension and its Galois
group G is isomorphic to a subgroup of (U(Z/nZ), ·), the group of
invertible elements of Z/nZ. In particular, G is Abelian and [L : K] is
a divisor of ϕ(n).
n n−1
Proof. K ⊆ L is a separable extension, since (X − 1)' = nX ≠ 0 is
n
relatively prime to X − 1. The extension K ⊆ L is also normal, being
i
a splitting field. If ω generates Un(L), then Un(L) = {ω | 0 ≤ i < n} and
clearly L = K(ω). For any σ ∈ G, σω ∈ Un(L) (σ permutes the roots of
n k k k
X − 1). For any k ∈ N, ω = 1 ⇔ σ(ω ) = 1 ⇔ (σω ) = 1. Thus, the
order of σω in Un(L) is equal to ordω = n, whence σω ∈ Pn(L). But

i
Pn(L) = {ω | 0 ≤ i < n, (i, n) = 1}. So, ∀σ ∈ G, ∃! i < n, (i, n) = 1, such
i
that σω = ω . Define then ψ(σ ) = i + nZ. We obtain a function
ψ : G → U(Z/nZ). An easy check shows that ψ is a homomorphism;
ψ is injective, since ψ(σ ) = 1 + nZ implies σω = ω ⇒ σ = id. Since
U(Z/nZ) = {i + nZ | 0 ≤ i < n, (i, n) = 1} is Abelian and has ϕ(n) ele-
ments, the other claims are evident. !
3.2 Remark. a) If K already contains some nth roots of unity, and

ω is a primitive nth root of unity, then we can have [K(ω) : K] < ϕ(n).
2 2 4 2
For instance, if n = 8 and K = Q(i) (i = −1), then (ω ) = 1, so ω = ±i.
2
Thus Irr(ω, K) = X − i. So, [K(ω) : K] = 2 < ϕ(8) = 4.
b) If K = Q, then G(Q(ω)/Q) ≅ U(Z/nZ). Indeed, Irr(ω, K) = Φn (the
nth cyclotomic polynomial) whose degree is ϕ(n). So,
|G(Q(ω)/Q)| = [Q(ω) : Q] = ϕ(n) and ψ in the proof must be an
isomorphism.
The extensions of the form K ⊆ K(a), where a has the property that
n
a = b ∈ K for some n ∈ N, are very important in the problem of
solvability by radicals of polynomial equations. A suggestive writing
1n
for this situation is a = n b or a = b / and an extension as above is
written K ⊆ K( n b ). These extensions have a simple description if K
contains a primitive nth root of unity.
3.3 Proposition. Let K be a field containing a primitive nth root of

n
unity ω. Let b ∈ K* and let L = K(a), where a is a root of X − b (in
Ω). Then:
a) K ⊆ L is a Galois extension and G(L/K) is cyclic of order m,
with m | n .
n n
b) [L : K] = m is the order of bK* in the group (K*/K* , ·).
n n
(K* := {x | x ∈ K*} is a subgroup in (K*, ·))
m
c) Irr(a, K) = X − c, for some c ∈ K.
n i
Proof. a) The roots of X − b are {aω | 0 ≤ i < n}, thus K ⊆ L is
normal. It is also separable (because char K does not divide n), so it is
i
Galois. If σ ∈ G := G(L/K), then σ(a) ∈ {aω | 0 ≤ i < n}. For any
i
σ ∈ G, there exists a unique i < n such that σ(a) = aω ; define
ϕ : G → Z/nZ, ϕ(σ ) = i + nZ. The function ϕ is a injective
homomorphism, since ϕ(σ ) = 0 + nZ implies σa = a ⇒ σ = id. Thus,
G is isomorphic to Imϕ, a subgroup of Z/nZ, so it is cyclic. |G| di-
vides n, by the theorem of Lagrange.
b) Let η be a generator of G. Then m = |G| = ordη. There exists
s
s < n such that η(a) = aω . We have
NL/K(a) = ∏σ ∈G σa = ∏0 ≤ i < m aω = a ω ∈ K,
si m t
m m n m m n n
with t ∈ N, so a ∈ K. Therefore, b = (a ) = (a ) ∈ K* . Let q de-
n n
note the order of bK* in grupul (K*/K* , ·). We have q | m. Let us
q n q n
show that m | q. Since b ∈ K* , b = c , for some c ∈ K. So,
q n q n q i q q
(a ) = b = c , whence a = cω , with i < n. Thus, a ∈ K, so a is
q q q sq q sq q
fixed by η: η(a ) = η(a) = a ω = a . We obtain ω = 1 ⇒ η = id.
This shows that ordη = m divides q. From m | q and q | m we deduce
that m = q.
m m
c) deg Irr(a, K) = [L : K] = m, and a is a root of X − a ∈ K[X]. !
3.4 Definition. A Galois extension (normal and separable) whose

Galois group is cyclic (respectively Abelian) is called a cyclic exten-
sion (respectively Abelian extension).
The previous proposition says: if K contains a primitive nth root of
unity and b ∈ K*, then K ⊆ K( n b ) is cyclic.
We want to prove that, conversely, any finite cyclic extension of K
is of the form K ⊆ K( n b ) (if K contains a primitive nth root of unity).
This step is crucial in the proof of the characterization of solvability
by radicals of an equation. We use the following result (very important
by itself):
3.5 Lemma. (Hilbert Satz 90)20 Let K ⊆ L be a cyclic extension of

degree n, let σ be a generator of G(L/K) and let x ∈ L*. Then:
NL/K(x) = 1 ⇔ there exists y ∈ L* such that x = σ(y)/y.
Proof. One implication is easy: if x = σ(y)/y, using NL/K(y) =
NL/K(σy) we obtain that NL/K(x) = NL/K(σy)/NL/K(y) = 1.
n−1 −1
Suppose now that NL/K(x) = xσ(x)…σ (x) = 1. Let η := σ and let
x0, …, xn−1 ∈ L, defined as follows: x0 := x, x1 := xη(x0) = xη(x), …,
n−1
xn−1 := xη(xn−2) = xη(x)…η (x).
n−1
Let u := x0·id + x1·η + … + xn−1η ( “the Lagrange-Hilbert resol-
vent” ).
Consider u : L → L as an endomorphism of the K-vector space L.
n−1
The homomorphisms id, η, …, η from L* to L* are distinct. Dede-
kind's lemma says they are linearly independent in the L-vector space
L*
L ; since x0 ≠ 0, we have u ≠ 0, so there exists z ∈ L such that
n−1
u(z) =: t ≠ 0. Thus, t = u(z) = x0z + x1η(z) + … + xn−1η (z), so
2 n
η(t) = η(x0)η(z ) + η(x1)η (z) + … + η(xn−1)η (z)
2
= x1η(z ) + x2η (z) + … + z (we used that xn−1 = NL/K(x) = 1 and
n
η = id)
We remark that η(t) = t/x0, so x = x0 = t/η(t). Setting y := σ (t) fin-
ishes the proof. !
3.6 Proposition. Let K be a field containing a primitive nth root of

unity ω and let K ⊆ L be a cyclic extension of degree n. Then there ex-
n
ists a ∈ L*, with a ∈ K, such that L = K(a).
Proof. Let G := G(L/K) and let σ be a generator of G. Since ω ∈ K,
n
NL/K(ω) = ω = 1. By Hilbert's Satz 90, there exists a ∈ L with
i i i
σ(a) = ω a, so σ (a) = ω a, 0 ≤ i ≤ n − 1. Thus, {ω a | 0 ≤ i ≤ n − 1} are
n distinct conjugates of a over K, so Irr(a, K) has degree ≥ n. Because
20
This result is included as "Satz 90" in the Hilbert's monumental Bericht über
die Theorie der algebraischen Zahlkörper (Zahlbericht for short, published in 1897).
n n n n n n
σ(a ) = ω a = a , a is fixed by the subgroup <σ > = G, so a ∈ K.
n n
The polynomial X − a ∈ K[X] has the root a and its degree is n, so it
is equal to Irr(a, K). Thus, [K(a) : K] = n and K(a) = L. !
The propositions 3.3 and 3.6 determine all cyclic extensions of de-
gree n of a field K of characteristic exponent p, such that p - n and a K
contains a primitive nth root of unity. The cyclic extensions of degree
p of a field of characteristic p > 0 are described in what follows. This
part is not used in the theory of solvability by radicals and may be
skipped in a first reading.
3.7 Lemma. (Hilbert Satz 90, additive version) Let K ⊆ L be a cy-

clic extension of degree n, let σ be a generator of G(L/K) and let
x ∈ L*. Then:
TrL/K(x) = 0 ⇔ there exists y ∈ L* such that x = σ(y) − y.
Proof. The argument is essentially the same as in the multiplicative
version (3.5). If x = σ(y) − y, then TrL/K(x) = TrL/K(σy) − TrL/K(y) = 0,
since TrL/K(y) = TrL/K(σy).
n−1
Suppose TrL/K(x) = x +σ(x) + … + σ (x) = 0. Let x0, …, xn−1 ∈ L,
defined as follows:
x0 := x, x1 := x + σ(x0) = x + σ(x), …,
n−1
xn−1 := x + σ(xn−2) = x + σ(x) +…+ σ (x) ( = TrL/K(x) = 0)
2 n−1
Let u = x0σ + x1σ +…+ xn−2σ ∈ EndK(L). We have:
2 3 n
σ◦u = σ(x0)·σ + σ(x1)·σ + … + σ(xn−2)·σ
2 3 n
= (x1 − x)·σ + (x2 − x)·σ + … + (xn−1 − x)·σ
2 3 n 2 n−1 n
= x1·σ + x2·σ + … + xn−1·σ + x·σ − x·(σ +σ + … +σ +σ )
= u − x·TrL/K.
n−1
We have TrL/K = id + σ +…+ σ ≠ 0 since, by Dedekind's
n−1
Lemma, id, σ, …, σ are L-linearly independent. Let z ∈ L* such
that TrL/K(z) ≠ 0. If t := z/TrL/K(z), then TrL/K(t) = 1 and thus
σ(u(t)) = u(t) − x. Thus, x = σ(y) − y, where y = −u(t). !
3.8 Theorem. (Artin-Schreier21) Let K be a field of characteristic

p > 0 and let K ⊆ L be a cyclic extension of degree p. Then there exists
p
a ∈ L, with a − a =: b ∈ K, such that L = K(a).
p
Conversely, let b ∈ K such that f = X − X − b does not split over
K. Then f is irreducible in K[X] and, for any root a ∈ Ω of f, the exten-
sion K ⊆ K(a) is cyclic of degree p.
Proof. Note that it is enough to suppose that K ⊆ L is Galois; its
Galois group must then be cyclic, having prime order.
Let σ be a generator of G := G(L/K). We have
TrL/K(1) = [L : K]·1 = p·1 = 0. Applying the additive Hilbert Satz 90,
there exists a ∈ L such that 1 = σa − a, so σa = a + 1. Then
2 n
σ a = a + 2 and, by induction, σ a = a + n·1, for any n ∈ N. Thus, a
has p distinct conjugates in L, namely a, σa = a + 1, …,
p−1
σ a = a + (p − 1), so Irr(a, K) has degree > p. Since K(a) ⊆ L and
[L : K] = p, we have K(a) = L. Because
p p p p
σ(a − a) = (σa) − σa = (a + 1) − a − 1 = a − a,
p p <σ>
a − a is fixed by σ, whence a − a ∈ L = K.
p
Conversely, let b ∈ K, f = X − X − b and let a ∈ Ω \ K be a root of
p p
f. Then a + 1 is also a root : (a + 1) − (a + 1) − b = a − a − b = 0.
Then there exists a K-isomorphism σ : K(a) → K(a + 1), with
σ(a) = a + 1. Therefore σ ∈ G(K(a)/K) and ord σ = p, since
n
σ a = a + n·1, for any n ∈ N. Because |G(K(a)/K)| = p ≥ [K(a) : K],
K ⊆ K(a) is Galois and p = [K(a) : K] (use V.4.4). Since
deg Irr(a, K) = p = deg f, we deduce that f = Irr(a, K), so f is irreduci-
ble. G(K(a)/K) has order p, so it is cyclic. !
3.9 Remark. The proof also shows that, for any b ∈ K, where
p
char p > 0, X − X − b is either irreducible in K[X] or splits over K.
21
Otto Schreier (1901-1929), German mathematician.
The theorems that characterize cyclic extensions, combined with

the fact that any Abelian finite group is a product of cyclic groups,
lead to structure theorems of finite Abelian extensions of the field K.
The theory we developed so far allows us to obtain such theorems in
two situations (described by the hypotheses in prop. 3.6, respectively
3.8):
- for Abelian extensions of exponent n, if K contains a primitive nth
root of unity;
- for Abelian extensions of exponent p, if char K = p.
This type of theorems are known as Kummer Theory.22
If K does not contain a primitive nth root of unity, the theory is
considerably more complicated. In some cases (when K is a “local
field” or when K is a finite extension of Q), a theory that describes all
Abelian extensions of K using only the internal structure of K is the
Class Field Theory, one of the major accomplishments of 20th century
Algebra. (see e.g. NEUKIRCH [1986]). We describe now Kummer the-
ory.
3.10 Definition. If G is a group such that {ordx | x ∈ G} is a finite

set, then the LCM of {ordx | x ∈ G} is called the exponent of G, de-
noted exp G. If G is finite, then its exponent is defined and exp G di-
vides |G|, by Lagrange's theorem. If K ⊆ L is a finite Galois extension,
the exponent of the extension is the exponent of its Galois group.
Let n ∈ N* and let K be a field containing a primitive nth root of
unity. An n-Kummer extension is a finite Galois extension K ⊆ L, such
that G(L/K) is an Abelian group whose exponent divides n. An exten-
sion is called a Kummer extension if it is n-Kummer for some n ∈ N*.
22
Ernst Eduard Kummer (1810-1893),German mathematician.
If K contains a primitive nth root of unity and b ∈ K*, 3.6 says that
K( n b )/K is a cyclic extension and its degree divides n, so it is an
n-Kummer extension.
3.11 Lemma. Let L/K be an Abelian finite extension of exponent n.

Then L is the composite of a finite set of cyclic intermediate fields
K ⊆ Li, 1 ≤ i ≤ m, and each degree [Li :K] divides n.
Proof. Let G := G(L/K). The finite Abelian group G is a direct
product of cyclic subgroups: G = C1×…×Cm; since
exp G = n = |C1|·…·|Cm|, it follows that |Ci| divides n, 1 ≤ i ≤ m. Take
the subgroup Hi := ∏ j≠i Cj and let Li be the fixed subfield of Hi. The
extension Li/K is Galois and G(Li/K) ≅ G/Hi ≅ Ci, so Li/K is cyclic and
[Li :K] divides n. Let E be the composite L1…Lm. We have G(L/E) =
H1∩…∩Hm = {id}, so L = E. !
For any extension K ⊆ L and any subset S of K, let
n
n
S := {x ∈ L| x ∈ S}.
3.12 Proposition. Let n ∈ N* and let K be a field containing a

primitive nth root of unity ω. Then a finite extension K ⊆ L is
n
n-Kummer if and only if there exist a1, …, am ∈ K* \ K* such that
L = K( n a1 ,…, n am ). For such an extension, L = K( n S ), where S :=
n
L* ∩ K*is a subgroup in (K*, ·).
Proof. a) Let L = K(b1, …, bm), with bi ∈ L and bin = ai , 1 ≤ i ≤ m.
n n −1
Since ω ∈ K, X − ai has n distinct roots in L: bi, biω, …, biω . So,
L is a splitting field over K of the separable polynomial
∏1≤ i ≤ m(X n − ai), which implies that K ⊆ L is Galois. If σ ∈ G(L/K), σ
is determined by its values on the generators {b1, …, bm}. But
j
σ(bi) = biω , with j ∈ N depending on σ and i. Let τ ∈ G(L/K), with
k
τ(bi) = biω . Then:
k k j k j+k
(σ ◦τ)(bi) = σ(biω ) = σ(bi)σ(ω ) = biω ω = biω = (τ ◦σ)(bi), ∀i,
n jn
so σ ◦τ = τ ◦σ. Thus, G(L/K) is Abelian. Also, σ (bi) = biω = bi, so
n
σ = id and the exponent of G(L/K) divides n.
Suppose now that K ⊆ L is n-Kummer. By 3.11, L = L1…Lm, where
each Li is a cyclic extension of K, included in L; G(Li/K) has order di,
with di|n. For the extension K ⊆ Li we can apply prop. 3.6, since ω n di
is a primitive di-th root of unity in K. So, Li = K(bi), with bi ∈ L* and
bidi ∈ K*. Then L = K(b1, …, bm) and clearly bin =: ai ∈ K*. We have
n n
di > 1 (otherwise K = Li), so ai ∉ K* (if ai = c , for some c ∈ K, then,
j
for some j, bi = cω ∈ K and Li = K(bi) = K, absurd).
The last statement is justified as follows: S is a subgroup in (K*, ·)
and K( n S ) ⊆ L. But L = K(b1,…, bm), with bi ∈ L* and bin = ai ∈ K*,
1 ≤ i ≤ m, so ai ∈ S. So, L ⊆ K( n S ). !
This result generalizes 3.3 and 3.6. In order to investigate the struc-
ture of the Galois group of an n-Kummer extension, we need some
background.
3.13 Definition. Let (H, ·) be an Abelian group with the operation

denoted multiplicatively, let 1 be its identity element and let n ∈ N*.
n
Let tn(H) := {x ∈ H | x = 1}.
An easy check shows that tn(H) is a subgroup in H (it is the kernel
n
of the homomorphism x & x ) and exp tn(H) divides n. We use this
notion for an extension K ⊆ L, for the factor group L*/K* (L* is a
group with respect to multiplication; K* is a subgroup). Then:
n
tn(L*/K*) = {xK* | x ∈ L*, x ∈ K*}.
3.14 Proposition. Let K ⊆ L be an n-Kummer extension. Then the

canonical group homomorphism
n n n n
ϕ : tn(L*/K*) → K*/K* ,ϕ(xK*) = x K* , ∀x ∈ L* with x ∈ K*,
is injective. The homomorphism ϕ induces an isomorphism
n n n
tn(L*/K*) ≅ Imϕ = (L* ∩ K*)/K* , which is a subgroup in K*/K* .
n
Proof. ϕ is well defined: if xK*∈ tn(L*/K*), then x ∈ K*; if x,
−1
y ∈ L* such that xK* = yK* ∈ tn(L*/K*), then xy ∈ K*, so
−1 n n n n n n
(xy ) ∈ K* , i.e. x K* = y K* . It is immediate that ϕ preserves
multiplication.
n n n
Let us show Kerϕ = {1K*}. Let x K* = 1K* for x ∈ L* with
n n n n n
x ∈ K. Hence x ∈ K* , so there exists a ∈ K* such that x = a .
Then x = aζ, where ζ is an nth root of unity (ζ ∈ K by hypothesis).
So, x ∈ K* and x K* = 1K*.
n n n n n n n
Imϕ = {x K* | x ∈ L*, x ∈ K*} = {x K* | x ∈ L* ∩ K*}
n n
= (L* ∩ K*)/K* .
The inverse of ϕ is
n n n
ψ : (L* ∩ K*)/K* → tn(L*/K*), ψ(yK* ) = n y K*.
n
The definition of ψ is correct: ∀y ∈ L* ∩ K*, ∃x := n y ∈ L* such
n
that x = y. The class xK* is independent on the choice of the root x of
n
X − y, since any other root is of the form xα, with α ∈ Un(K), so
xαK* = xK*. !
The main theorem says that the n-Kummer extensions of K are in
n
one-to-one correspondence with the finite subgroups of K*/K* . If
K ⊆ L is n-Kummer, then
n n
G(L/K) ≅ tn(L/K) ≅ (L* ∩ K*)/K* .
We need some group theoretical facts, stated in the following
lemma.
3.15 Lemma. Let (G, ·), (H, ·) be finite Abelian groups and let (C, ·)
be a cyclic group. Denote by 1 the neutral elements.
a) Hom(G, C*) ≅ G. (C* is the multiplicative group of nonzero com-
plex numbers). If exp G divides |C|, then
Hom(G, C*) ≅ Hom(G, C) ≅ G.23
23
Hom(G, C*) is called the dual of the group G.
b) Let p : G × H → C be a bilinear function: for any a, b ∈ G, ∀x,

y ∈ H, we have:
p(ab, x) = p(a, x)p(b, x), (*)
p(a, xy) = p(a, x)p(a, y). (**)
Then, for any x ∈ G, px : G → C, px(a) = p(a, x), ∀a ∈ G, is a group
homomorphism. The function η : H → Hom(G, C), η(x) = px, ∀x ∈ H
is a group homomorphism.
c) Suppose that the bilinear function p is nondegenerate:
{x ∈ H | p(a, x) = 1, ∀a ∈ G} = {1} and
{a ∈ G | p(a, x) = 1, ∀x ∈ H} = {1}.
Then exp G divides |C| and η : H → Hom(G, C) is an isomorphism,
so:
H ≅ Hom(G, C) ≅ G.
Proof. Note first that, for any Abelian group (A,·), Hom(G, A) =
{ϕ : G → A |ϕ is a homomorphism} is an Abelian group with respect
to the law (αβ)(x) = α(x)β(x), ∀α, β ∈ Hom(G, A), ∀x ∈ G.
n n
a) Let G' := Hom(G, C*). Let exp G = n. Then α(x) = α(x ) = 1,
∀α ∈ G', ∀x ∈ G. So, Imα ⊆ Un, the group of complex nth roots of
unity, cyclic of order n. Thus, G' = Hom(G, Un). If n divides |C|, then
C includes a unique subgroup with n elements Cn (Cn is cyclic) and, as
above, Hom(G, C) = Hom(G, Cn).
Since Cn ≅ Un, we have Hom(G, Cn) ≅ Hom(G, Un) = G'.
Let us prove that G' ≅ G. Suppose first that G is cyclic of order n
and let g ∈ G be a generator. Let α ∈ G' and let ω generate Un. Then
s
α is determined by α(g), and α(g) = ω , for some s ∈ N. Define
s
ϕ : Z → G', ϕ(s) = αs, ∀s ∈ Z, where αs(g) = ω . A quick check shows
that ϕ is a surjective group homomorphism and Kerϕ = nZ. So,
Z/nZ ≅ G', which means that G' is cyclic of order n, isomorphic to G.
If G is an arbitrary Abelian finite group, the invariant factors theo-
rem says that G = G1×…×Gm, with Gi cyclic groups. But
Hom(G1×…×Gm, C) ≅ Hom(G1, C)×…×Hom(Gm, C)
(see II.3.20) and each Hom(Gi, C) ≅ Gi, as shown. Thus

Hom(G, C) ≅ G1×…×Gm = G.
b) Condition (*) means that px is a homomorphism. Let x, y ∈ H
and let a ∈ G. We have
η(xy)(a) = pxy(a) = p(a, xy) = p(a, x)p(a, y) = η(x)(a)·η(y)(a),
so η(xy) = η(x)η(y).
c) Ker η = {x ∈ H | η(x) = 1} = {x ∈ H | p(a, x) = 1, ∀a ∈ G} = {1}
(p is nondegenerate). So η is injective. Let m = |C|. For any x ∈ G,
m m m
p(x , y) = p(x, y) = 1, ∀y ∈ H. Because p is nondegenerate, x = 1,
∀x ∈ G. But exp G | m. So, G ≅ Hom(G, C) by a).
Therefore, H ≅ Imη ≤ Hom(G, C) ≅ G, so H is isomorphic to a sub-
group of G, in particular |H| ≤ |G|. The situation is symmetric in G and
H, so G is isomorphic to a subgroup of H and |G| ≤ |H|. But G and H
are finite, so |G| = |H| and G ≅ H. !
3.16 Theorem. (multiplicative Kummer Theory) Let K be a field

containing a primitive nth root of unity ω.
a) If K ⊆ L is an n-Kummer extension, then there is a canonical
isomorphism:
tn(L*/K*) ≅ Hom(G(L/K), Un)
aK* & χa, where χa(σ) = σ(a)/a,
for any aK* ∈ tn(L*/K*), ∀σ ∈ G(L/K). Also, there is a canonical
isomorphism
n n
(L* ∩ K*)/K* ≅ Hom(G(L/K), Un),
bK* & χb, where χb(σ) = σ (n b ) n b ,
n
n n n
∀ bK* ∈ (L* ∩ K*)/K* , ∀σ ∈ G(L/K).
Therefore, G(L/K) is isomorphic to the finite subgroup
*n n n
(L ∩ K*)/K* of K*/K* .
b) There exists an order preserving bijection between the set of all
n-Kummer extensions of K included in Ω and the finite subgroups of
n
K*/K* :
n n
the extension K ⊆ L corresponds to the subgroup (L* ∩ K*)/K* ;
n n
the subgroup S/K* , with K* ≤ S ≤ K*, corresponds to the extension
K ⊆ K( n S ).
The degree of the extension is equal to the order of its correspond-
ing subgroup.
Proof. a) Let Un = Un(K) be the group of the nth roots of unity in K
(we know that Un = Un(Ω) is a cyclic group of order n). Define:
p : G(L/K)×tn(L*/K*) → Un, p(σ, xK*) := σ(x)/x,
for any σ ∈ G(L/K) and any x ∈ L* with xK*∈ tn(L*/K*).
The definition is correct: ∀x ∈ L* with xK*∈ tn(L*/K*), we have
n n n
x = a ∈ K, so σ(x) is a root of X − a, so (σ(x)/x) = 1; thus,
σ(x)/x ∈ Un. It is easily seen that p(σ, xK*) is independent on the
choice of the representative of the class xK*.
p is bilinear. Indeed, ∀σ, τ ∈ G(L/K) and ∀xK*, yK*∈ tn(L*/K*), we
have:
στ ( x ) στ ( x ) τ ( x ) ⎛ σ ( x ) ⎞ τ ( x ) σ ( x ) τ ( x )
p(στ, xK*) = = ⋅ =τ⎜ ⎟⋅ = ⋅ =
x τ (x) x ⎝ x ⎠ x x x
p(σ, xK*)p(τ, xK*)
We used first that στ = τσ (G(L/K) is Abelian), then that
σ(x)/x ∈ K, so it is fixed by τ. Also, p(σ,xK*·yK*) = p(σ,xyK*) =
σ(xy)/xy = (σ(x)/x)·(σ(y)/y) = p(σ, xK*)p(σ, yK*).
p is nondegenerate: if σ ∈ G(L/K) and p(σ, xK*) = 1,
n
∀xK* ∈ tn(L*/K*), then σ(x) = x, ∀x ∈ L with x ∈ K. But
n
L = K({x ∈ L*| x ∈ K}) (see 3.12), so σ = id. If xK* ∈ tn(L*/K*) with
p(σ, xK*) = 1, ∀σ ∈ G(L/K), then x is fixed by any σ ∈ G(L/K), so
x ∈ K. Thus, xK* = 1K*.
We have tn(L*/K*) ≅ Hom(G(L/K), Un), via the isomorphism in
n n
Lemma 3.15.c). Using ψ : (L* ∩ K*)/K* → tn(L*/K*), the isomor-
n
phism in 3.14, ψ(yK* ) = n y K*, we obtain the other isomorphism. Fi-
nally, 3.15.a) implies
n n
tn(L*/K*) ≅ (L* ∩ K*)/K* ≅ G(L/K).
n n
b) Any finite subgroup of K*/K* can be written uniquely as S/K* ,
n n
with K* ≤ S ≤ K* and [S : K* ] finite.
n n
If K ⊆ L is n-Kummer, (L* ∩ K*)/K* ≅ G(L/K), a finite group.
Thus, the subgroup corresponding to the extension K ⊆ L is finite.
n n
Conversely, if K* ≤ S ≤ K*, S/K* is finite, and a1, …, am ∈ K* are the
n
representatives of the classes in S/K* , then
K ⊆ K{ n S } = K{ n a1 ,…, n am }
is an n-Kummer extension (see 3.12). Clearly, these correspondences
are inclusion preserving. They are also inverse to each other, as we
now prove.
n
Let K ⊆ L be n-Kummer. Its associated subgroup is S = L* ∩ K*.
n
To S/K* corresponds K( n S ), equal to L (by 3.12).
n n
Conversely, let K* ≤ S ≤ K*, where ∆ := S/K* is a finite group.
Its associated n-Kummer extension is K ⊆ K( n S ) =: L. Let
n n n
(L* ∩ K*)/K* =: ∆'. We have to prove that ∆ = ∆' (⇔ S = L* ∩ K*).
n
Evidently, S ⊆ L* ∩ K*, so ∆ ⊆ ∆'. For the other inclusion, define
n
p : G(L/K) × ∆ → Un, p(σ, xK* ) := σ( n x )/ n x , ∀σ ∈ G(L/K),
n
∀xK* ∈ ∆.
As in a), one shows that p is correctly defined and bilinear. It is
n n
nondegenerate: if σ ∈ G(L/K) and p(σ, xK* ) = 1, ∀xK* ∈ ∆, then
n n
σ( n x ) = n x , ∀x ∈ S. But L = K( n S ), so σ = id. If xK* ∈ S/K*
with p(σ, xK*) = 1, ∀σ ∈ G(L/K), then n x is fixed by any
*n n n
σ ∈ G(L/K), so x ∈ K and x ∈ K . Consequently, xK* = 1K* .
n
From 3.15.c), ∆ ≅ Hom(G(L/K), Un) via the isomorphism

bK & χb, χb(σ) = σ (n b ) n b , ∀bK* ∈ S/K* , ∀σ ∈ G(L/K). But
*n n n
∆' ≅ Hom(G(L/K), Un), by a). Since ∆ ⊆ ∆' and the groups are finite,
they are equal. !
Using the same methods, an analogous result can be obtained for
Abelian extensions of exponent p of a field K having characteristic
p > 0. For any extension K ⊆ L, we use the following notations:
L+ is the additive group (L, +);

p
P : Ω+ → Ω+ is the group homomorphism given by P(x) = x − x,
∀x ∈ Ω;
+
tP(L+/K +) := {x + K + ∈ L+/K + | P(x) ∈ K }.
The additive homomorphism P plays the role of the multiplicative
n +
homomorphism x & x in the multiplicative theory. For any a ∈ K ,
−1 p
P (a) denotes any root in Ω of X − X − a (3.8 ensures that, if b is a
p
root, the roots of X − X − a are b, b + 1, …, b + (p − 1)).
The following results are the “additive” versions of 3.12, 3.14,
3.16. The proofs are proposed as an exercise.
3.17 Proposition. Let K be a field of characteristic p > 0 and let

K ⊆ L be a finite extension. Then K ⊆ L is Abelian of exponent p if
−1
and only if there exist a1, …, am ∈ K + \ P(K +) such that L = K(P (a1),
−1 −1
…, P (am)). For such an extension, L = K(P (S)), where S :=
P(L+) ∩ K +, a subgroup in K +. !
3.18 Proposition. Let K be a field of characteristic p > 0 and let

K ⊆ L be a finite Abelian extension of exponent p. Then the canonical
group homomorphism
ψ : tP(L+/K +) → K +/P(K +), ψ(x + K +) = P(x) + P(K +), ∀x ∈ L+ cu
P(x) ∈ K +,
is injective. The homomorphism ψ induces an isomorphism
tP(L+/K +) ≅ Imψ = (P(L +) ∩ K +))/P(K +),
a subgroup in K +/P(K +). !
3.19 Theorem. (Additive Kummer Theory) Let K be a field of

characteristic p > 0 and let Fp be its prime subfield. Fp+ is a cyclic
group of order p.
a) If K ⊆ L is Abelian of exponent p, then there exists a canonical
isomorphism
+
tP(L+/K +) ≅ Hom(G(L/K), Fp ),
a + K + & χa, where χa(σ) = σ(a) − a,

∀ a + K + ∈ tP(L+/K +), ∀σ ∈ G(L/K). We also have a canonical
isomorphism
+
(P(L+) ∩ K +)/P(K +) ≅ Hom(G(L/K), Fp ),
−1 −1
b + P(K +) & χb, where χb(σ) = σ(P (b)) − P (b),
∀ b + P(K +) ∈ (P(L+) ∩ K +)/P(K +), ∀σ ∈ G(L/K).
Therefore G(L/K) is isomorphic to the finite subgroup
(P(L+) ∩ K +)/P(K +) of K +/P(K +).
b) The set of Abelian extensions of exponent p of K included in Ω is
in a bijective inclusion preserving correspondence with the finite sub-
groups of K +/P(K +):
the extension K ⊆ L corresponds to the subgroup (P(L+) ∩ K +)/P(K +);
the subgroup S/K +, with P(K +) ≤ S ≤ K +, corresponds to the extension
−1
K ⊆ K(P (S)).
The degree of the extension is equal to the order of the correspond-
ing subgroup. !
Exercises
1. Let ω be a primitive 12th root of unity. Determine the Galois group

of Q ⊆ Q(ω, 12 2 ) and all its intermediate fields.
2. For any n ∈ N*, let ζn be a primitive nth root of unity. Prove that, if
m, n ∈ N, (m, n) = 1, then Q(ζm) ∩ Q(ζn) = Q.
3. Let p1, …, pn be distinct primes. Then Q ⊆ Q{ p1 ,…, pn } has de-
n
gree 2 . Find its Galois group.
4. Determine the degree of Q ⊆ Q{{ d | 1 ≤ d ≤ 20}. Generalization.
VI.4 Solvability by radicals 313
5. Let K = C(X, Y) (the fraction field of the polynomial ring C[X, Y ]).
n
Let L = K{ 4 XY , 4 Y 3 }, where, ∀t ∈ K, n t denotes a root of T − t (in
some extension of K). Prove that K ⊆ L is a 4-Kummer extension and
determine its degree and all its intermediate fields.
6. Construct a 6-Kummer extension of degree 18 of C(X, Y).
VI.4 Solvability by radicals
The classical problem of “solving by radicals an algebraic equa-

tion” requires expressing the roots of a given polynomial as a function
of the coefficients of the polynomial, using only the four arithmetic
operations and radicals (of any order). A typical example is the for-
mula for the roots of the equation of second degree (known to the
Babylonians, about 1900-1600 B.C.). In the 16th century, the formulas
for the roots of any polynomial equation of degree 3 or 4 were discov-
ered. These successes led many mathematicians of that time to think
that such formulas exist for algebraic equations of any degree. For in-
stance, Euler24, around 1749, believed that “the expressions for the
roots contain no other operations than radicals, except for the four vul-
gar operations, and one cannot sustain that transcendental operations
might be involved”. These ideas were proven to be false at the begin-
ning of the 19th century by Paolo Ruffini, who proved the impossibil-
ity of solving the “general” equation of degree 5 by radicals.
Independently from Ruffini (whose intricate proof failed to convince
many fellow mathematicians), the Norwegian mathematician Niels
24
Leonhard Euler (1707-1783), famous Swiss mathematician.
Henrik Abel gave in 1824 (at the age of 22) a clear and rigorous proof
of this impossibility. In 1829, two months before his death, Abel pub-
lished a memoir in which he describes a class of polynomials solvable
by radicals (namely the polynomials whose Galois group is commuta-
tive). The commutative groups are called today Abelian, in his honor.
In 1830, Evariste Galois, unaware of Abel's results, creates the notion
of group (of permutations) and formulates a general criterion of
solvability by radicals of a polynomial equation, using what we call
today the Galois group of the polynomial. The ideas and results of
Galois had a decisive contribution to the development of Algebra.
4.1 Definition. A field extension K ⊆ L is called a radical exten-

sion if there exists a finite tower of intermediate fields
K = K0 ⊆ K1⊆ …⊆ Km = L, such that, for any i, 0 ≤ i < m, there exists
ai ∈ Ki+1 and ni ∈ N*, cu Ki+1 = Ki(ai) and aini ∈ Ki. If n1 = … = nm = n,
K ⊆ L is called an n-radical extension.
Let f ∈ K[X] and let E be the splitting field of f over K. The Galois
group G(E/K) is called the Galois group of the polynomial f over K.
We say that the polynomial f is solvable by radicals over K (or that the
equation f = 0 is solvable by radicals over K) if there exists a radical
extension L that includes the splitting field of f over K.
These definitions articulate rigorously the notion of “formula using
radicals and the four operations”. For instance, if a, b ∈ Q,
Q ⊆Q ( a ) ⊆ Q( a )( 3
)
b − 3 a = L,
is a 6-radical extension. Any element of L is expressed in a basis of L

2 2
over Q (for instance 1, α, β, β , αβ, αβ , where α = a ,
β = 3 b − 3 a ) as an “expression using radicals and the four opera-
tions”.
2
4.2 Examples. a) The equation aX + bX + c = 0, where a, b,
c ∈ C, a ≠ 0, is solvable by radicals over Q(a,b,c). Indeed, the formula
−b ± b 2 − 4ac
for the roots, x1,2 = shows that the roots xi are in the
2a
2-radical extension Q(a,b,c) ⊆ Q ( a , b, c ) ( )
b 2 − 4ac . Note that, if a,
b, c ∉ Q, then the equation may not be solvable over Q.
b) Any polynomial f ∈ R[X] is solvable by radicals over R. Indeed
the extension R ⊆ C is radical (why?) and C is algebraically closed, so
it includes the splitting field of f over R.
Historically, solvability by radicals means “solvability by radicals
over Q of polynomials in Q[X]”.
We want to prove the following result (Galois' criterion of solvabil-
ity by radicals): If char K = 0, a polynomial is solvable by radicals
over K if and only if its Galois group over K is solvable.
4.3 Remarks. a) If K ⊆ L is a radical extension, as in the definition

above, then K ⊆ L is n-radical, where n = LCM(n1, …, nm).
b) The (n-)radical extensions are transitive: If K ⊆ L and L ⊆ M are
(n-)radical, then K ⊆ M is (n-)radical. The converse is false: if K ⊆ M
is n-radical and K ⊆ L ⊆ M, then L ⊆ M is n-radical, but K ⊆ L is not
necessarily radical (see example 5.6).
m
c) If K ⊆ L is such that L = K(x1, …, xn), where, for each i, xi ∈ K
*
for some m ∈ N , then K ⊆ L is m-radical.
4.4 Proposition. The normal closure of an n-radical extension is

an n-radical extension.
Proof. Let K ⊆ L be n-radical and let N be its normal closure.
There exists a tower K = K0 ⊆ K1⊆ …⊆ Km = L and ai ∈ Ki+1,
0 ≤ i < m, with ain ∈ Ki and Ki+1 = Ki(ai).
We prove by induction on m that K ⊆ N is radical. If m = 1, then

n
L = K(a), with a = b ∈ K, and N = K(x1, …, xr), where x1, …, xr are
n
the roots of g := Irr(a, K). Since g | X − b, we have xin = b, 1 ≤ i ≤ r,
so K ⊆ N is n-radical.
If m > 1, let M be the normal closure of K ⊆ Km −1. By induction,
K ⊆ M is n-radical. It is enough to prove that M ⊆ N is n-radical (and
then apply the transitivity of n-radical extensions). Note that M is the
splitting field over K of the family of polynomials {Irr(ai, K)|
1 ≤ i ≤ m − 1}, and N is the splitting field over K of the family of
polynomials {Irr(ai, K)| 1 ≤ i ≤ m}. So, N = M(c1, …, ct), where c1,
…, ct are the roots of h := Irr(am, K). Let b ∈ Km −1 such that amn = b.
For a fixed i, 1 ≤ i ≤ t , K(am) and K(ci) are K-isomorphic via an
isomorphism that takes am in ci. Extend this homomorphism to a
K-automorphism σi : Ω → Ω such that σi(am) = ci (see IV.2.18 and
IV.2.19). Thus, cin = σ i ( amn ) = σi(b). Since K ⊆ M is normal, σi(b) ∈ M.
So, cin ∈ M, ∀i, 1 ≤ i ≤ t, and therefore M ⊆ M(c1, …, ct) = N is
n-radical. !
Thus, if an extension K ⊆ L is contained in a radical extension
K ⊆ E, we may assume (taking the normal closure) that K ⊆ E is radi-
cal and normal.
The following proof of Galois' characterization of solvability by
radicals uses basic facts on solvable groups (any subgroup and any
factor group of a solvable group are solvable; any finite solvable
group has a normal series with the factors cyclic groups), which can
be found in the Appendices.
4.5 Theorem. (Galois) Let K be a field of characteristic 0 and let

f ∈ K[X]. The polynomial f is solvable by radicals over K if and only if
the Galois group of f over K is solvable.
Proof. The theorem follows by setting L = the splitting field of f
over K in the statement below:
If char K = 0 and K ⊆ L is a normal extension, there exists a radi-

cal extension K ⊆ M with L ⊆ M if and only if G(L/K) is a solvable
group.
Let us prove this claim. Let K ⊆ L ⊆ M with L/K normal and M/K
n-radical (for some n ∈ N). Let us show that G(L/K) is solvable. By
4.4 we may suppose that M/K is normal; since char K = 0, it is
separable (thus Galois) and n-radical. By Galois Theory,
G(M/L) . G(M/K) and G(L/K) ≅ G(M/K)/G(M/L). If we show that
G(M/K) is solvable, G(L/K) will be solvable, as a factor of a solvable
group.
Let us show that G(M/K) has a solvable series (a normal series with
the factors Abelian groups). We use the characterization of the exten-
sions of the form K ⊆ K( n a ) (prop. 3.3), extensions that come up in
the definition of a radical extension. In order to apply this proposition,
we need that ω ∈ K (ω is a primitive nth root of unity in Ω; ω exists,
since char K = 0). Consider the extension K ⊆ M(ω). Since K ⊆ M and
M ⊆ M(ω) are n-radical, K ⊆ M(ω) is n-radical. In the tower of exten-
sions
K ⊆ K(ω) ⊆ M(ω),
K ⊆ K(ω) is an Abelian extension (by 3.1) and K(ω) ⊆ M(ω) is
n-radical. Thus, there exists a sequence
K(ω) = K0 ⊆ K1⊆ …⊆ Km = M(ω)
and ai ∈ Ki+1, 0 ≤ i < m, with ain ∈ Ki and Ki+1 = Ki(ai). Because ω ∈ Ki,
∀i, 3.3 implies that Ki ⊆ Ki+1 is cyclic. Let Hi = G(M(ω)/Ki). Thus, the
group G := G(M(ω)/K) has the following series
1 = Hm ⊆ Hm−1 ⊆ … ⊆ H1 ⊆ H0 ⊆ G.
We claim that this is a solvable series. Ki −1 ⊆ Ki is normal, ∀i,
1 ≤ i ≤ m, so Hi . Hi −1 and Hi −1/Hi ≅ G(Ki/Ki −1) is cyclic; also,
K ⊆ K(ω) = K0 is normal, so H0 . G and G/H0 ≅ G(K(ω)/K) is Abe-
lian. Therefore G is solvable.
Conversely, suppose G(L/K) is a solvable group. There exists a se-

ries of subgroups
1 = Hm ⊆ Hm−1 ⊆ … ⊆ H1 ⊆ H0 ⊆ G,
with Hi . Hi −1 and Hi −1/Hi cyclic, ∀i, 1 ≤ i ≤ m. Let Ki be the fixed
field of Hi. The extension K ⊆ L is Galois, so Ki −1 ⊆ Ki is Galois, ∀i,
1 ≤ i ≤ m, and Hi −1/Hi ≅ G(Ki/Ki −1) is cyclic. Let ω be a primitive nth
root of unity in Ω. The extension Ki −1(ω) ⊆ Ki(ω) is Galois and
G(Ki(ω)/Ki −1(ω)) is isomorphic to a subgroup of G(Ki/Ki −1) (we used
V.4.8), so it is cyclic. By 3.3, there exists ai ∈ Ki+1(ω), with ain ∈ Ki(ω)
and Ki+1(ω) = Ki(ω)(ai), ∀i, 0 ≤ i < m. So, K(ω) ⊆ L(ω) is radical; since
K ⊆ K(ω) is radical, K ⊆ L(ω) is radical (and clearly L ⊆ K(ω)). !
4.6 Example (The general equation of degree n). Let K be a field,

let n ∈ N* and let F be the field K(X1,…, Xn) of rational fractions in n
indeterminates. Consider S := K(s1,…, sn), the subfield of symmetric
rational fractions in F (where s1,…, sn are the fundamental symmetric
polynomials in X1,…, Xn). The following polynomial in the indetermi-
nate X
n n−1 n−2 n
P := (X − X1)…(X − Xn) = X − s1 X + s2 X − … + (−1) sn
has coefficients in S and its roots are X1,…, Xn ∈ F. The polynomial P
is called the generic polynomial of degree n; the equation P(x) = 0 is
called the general equation of degree n. The name comes from the
fact that s1, …, sn are algebraically independent over K (see IV.4.3), so
they behave like indeterminates.
Since F = S(X1,…, Xn), F is the splitting field of P over S. The roots
of P are distinct, so the extension S ⊆ F is separable and normal. The
Galois group G := G(F/S) is isomorphic to Sn, the symmetric group on
n elements. To prove this, we remark that any σ ∈ Sn induces a
K-algebra homomorphism σ * : K[X1,…, Xn] → K[X1,…, Xn] such that
σ *(Xi) = Xσ(i). It is immediate that (στ)* = σ *τ * and id* = id,
−1
∀σ, τ ∈ Sn. Thus, σ * is an isomorphism and its inverse is (σ )*. Pass-
ing to the fraction field K(X1,…, Xn) = F, we obtain an isomorphism
(denoted also by σ *) σ * : F → F. Since σ *(si) = si, 1 ≤ i ≤ n, σ * fixes

the subfield S = K(s1,…, sn). In other words, σ * ∈ G(F/S). Thus,
σ & σ * defines a homomorphism (clearly injective) from Sn to G. On
the other hand, G has at most n! elements, as the Galois group of the
splitting field of f a polynomial of degree n (see Example IV.2.16). Sn
has n! elements, so Sn ≅ G. Also note that P is irreducible over S (the
root X1 of P has n = deg P conjugates X1, …, Xn).
In conclusion, given a field K, we constructed a (transcendental…)
extension S of K such that there exists a Galois extension S ⊆ F whose
Galois group is Sn. More generally, given a field K and a finite group
G, does there exist a Galois extension K ⊆ L whose Galois group is G?
This problem is extremely difficult in the general case. For example, a
theorem of I.R. Shafarevitch (proven around 1954 in several papers
totaling more than 100 pages) has as a consequence that, for any solv-
able finite group G, there exists a Galois extension of Q, whose Galois
group is G. The results of this type are known as Constructive Galois
Theory.
Back to our example, recalling that Sn is solvable for any n ≤ 4 im-
plies the solvability of the extension S ⊆ F (if char K = 0). In other
words, there exists formulas that express by radicals the roots of P if
n ≤ 4. If a1, …, an ∈ K, there exists a unique K-algebra homomorph-
ism ϕ : K[s1,…, sn] → K such that ϕ(si) = ai, 1 ≤ i ≤ n (K[s1,…, sn] is
isomorphic to the K-algebra of polynomials in n indeterminates and
use the universality property of this K-algebra). So, replacing the
“indeterminates” s1,…, sn with a1,…, an, we obtain formulas that solve
by radicals any polynomial equation of degree n ≤ 4 with coefficients
in K.
For n ≥ 5, Sn is not solvable, so the general equation of degree n is
not solvable by radicals over K (this is the Abel-Ruffini Theorem).
But there exist particular equations of degree ≥ 5, solvable by radicals
5
(like X = 0 …).
VI.5 Discriminants, resultants
The notion of discriminant of a polynomial of degree 2 is

2
well-known. If g = aX + bX + c ∈ R[X], g has a double root if and
2
only if the discriminant D = b − 4ac is zero. If x1, x2 are the roots of
2 2
g, then D = a (x1 − x2) (easy exercise). This suggests the following
general definition:
5.1 Definition. a) Let K be a field, let g ∈ K[X] be a polynomial of

degree n and let x1, …, xn be the roots of g (in some algebraic closure
Ω of K). The discriminant of g is
2n − 2
D(g) := a ∏i < j (xj − xi)2,
where a is the leading coefficient of g.
Note that D(g) is a symmetric polynomial in the roots x1, …, xn of g.
This implies that D(g) ∈ K and that D(g) is independent on the label-
ing of the roots of g. Moreover, g has a double root if and only if
D(g) = 0.
It is useful to define also ∆ := ∏i< j (xj − xi) ∈ Ω. In general, ∆ ∉ K
and relabeling the roots x1, …, xn may change ∆ in −∆. Thus, ∆ is de-
fined up to a sign.
b) If K ⊆ L is a field extension and x ∈ L is algebraic over K, then
the discriminant of the element x over K is DK(x) := D(Irr(x, K)).
We use the discriminant to obtain data on the Galois group G of the
polynomial g, assuming g has only simple roots (it is separable). To
this end, we see the elements of the Galois group as permutations of
the roots.
5.2 Definition. Let L be the splitting field of g over K and let

x1, …, xn be its (distinct) roots in L. For any σ ∈ G = G(L/K), let
ϕ(σ) ∈ Sn be the permutation given by ϕ(σ)(i) = j ⇔ σ(xi) = xj, ∀i,
j ∈ {1, …, n}. The mapping ϕ : G → Sn is an injective group homo-
VI.5 Discriminants, resultants 321
morphism (see IV.3.15.c)) and identifies G with a subgroup of Sn. If

we reorder the roots (say x'1, …, x'n, where x'i = xτ(i) for some τ ∈ Sn)
then ϕ is replaced by ϕ' : G → Sn. We have ϕ'(σ)(i) = j ⇔ σ(x'i) = x'j
−1
⇔ ϕ(σ)(τ(i)) = τ( j); thus ϕ'(σ) = τ ◦ϕ(σ)◦τ.
This shows that a reordering of the roots leads to replacing ϕ(σ)
−1
with a conjugate permutation τ ϕ(σ)τ. Thus, if a permutation (a sub-
group of permutations) has a property that is invariant under any
conjugation25, then this property can be transferred to the correspond-
ing element in G(L/K) (respectively to a subgroup in G(L/K)). Thus,
we define:
Let σ ∈ G(L/K). Define the signature of σ, ε(σ) := ε(ϕ(σ)), where
ε(ϕ(σ)) denotes the signature of the permutation ϕ(σ) ∈ Sn. We say
that σ is even if ε(σ) = 1 ⇔ ϕ(σ) is an even permutation in Sn. We say
that σ is odd if ε(σ) = − 1.
If 1 ≤ k ≤ n, we say that σ is a cycle of length k if ϕ(σ) is a cycle of
length k.
These definitions are independent on the labeling of the roots of g.
−1
Indeed, ε(τ ◦ϕ(σ)◦τ) = ε(ϕ(σ)) (see above); also, the conjugate of a cy-
cle of length k is also a cycle of length k.
5.3 Proposition. Keep the previous notations and suppose

char K ≠ 2. Let g ∈ K[X] be a polynomial without multiple roots and
let σ ∈ G(L/K). Then:
a) σ(∆ ) = ε(σ)∆. In other words: σ ∈ G(L/K) is even ⇔ σ(∆ ) = ∆.
Also, σ ∈ G(L/K) is odd ⇔ σ(∆ ) = −∆.
2
b) All σ ∈ G(L/K) are even ⇔ ∆ ∈ K ⇔ D(g) ∈ K .
25
If τ ∈ Sn, the conjugation by τ is the automorphism κτ : Sn → Sn defined by
−1
κτ(η) = τ ητ, ∀η ∈ Sn.
c) Gal(L/K(∆)) = {σ ∈ G(L/K) | σ is even}. In other words, the Ga-

lois correspondences take the intermediate field K(∆) to the subgroup
−1
G(L/K) ∩ ϕ (An) of even elements in G(L/K).
Proof. a) In our hypotheses, ∆ ≠ 0, ∆ ≠ −∆ and K ⊆ L is a Galois
extension. If τ ∈ Sn, let τ * : K[X1,…, Xn] → K[X1,…, Xn] denote the
unique K-algebra homomorphism such that τ *(Xi) = Xτi. Let
d := ∏i< j (Xj − Xi) ∈ K[X1,…, Xn]. We show now that τ *(d) = ε(τ )d.
For any 1 ≤ i < j ≤ n, define:
⎪⎧ 1 if τi < τj
ε(i, j) := ⎨
⎩⎪ −1 if τi > τj
Note that
{(Xj − Xi) | 1 ≤ i < j ≤ n} = {(Xτi − Xτj)·ε(i, j) | 1 ≤ i < j ≤ n},
so
τ *(d) = ∏i< j (Xτj − Xτi) = ∏i< j ε(i, j)(Xj − Xi) = ε(τ )d.
We have ∆ = d(x1, …, xn). Let σ ∈ G(L/K). Then:
σ(∆) = {ϕ(σ)*(d)}(x1, …, xn) = ε(ϕ(σ))d(x1, …, xn) = ε(σ)∆.
b) If G(L/K) ⊆ An (i.e. any σ ∈ G(L/K) is even), then σ(∆) = ∆, for
any σ ∈ G(L/K). Since K ⊆ L is Galois, this implies ∆ ∈ K, so
2 2
D(g) = ∆ ∈ K .
2 2 2
If D(g) ∈ K , then D(g) = a , for some a ∈ K. But D(g) = ∆ , so
2 2
∆ = a ⇒ ∆ = a or ∆ = −a. Anyway, ∆ ∈ K, thus, ∀σ ∈ G(L/K),
σ(∆) = ∆, which means that σ is even.
c) G(L/K(∆)) = {σ ∈ G(L/K) | σ(∆) = ∆} = {σ ∈ G(L/K) | σ is
−1
even} = G(L/K) ∩ ϕ (An). !
We need a method to compute the discriminant of a polynomial
without knowing its roots.
n −1 n
5.4 Proposition. Let g = a0 + a1 X +…+ an −1 X + X ∈ K[X] and
let x1, …, xn be the roots of g in Ω. For any m ∈ N, let
tm := x1m + … + xnm ∈ K. Then
t0 t1 … tn − 1
t1 t2 … tn
D(g) = det
! ! * !
tn − 1 tn … t2n−2
The sums tm can be computed by recurrence using the following
relations (Newton's identities):
t0 = n; t1 = − an − 1;
−tm = an − 1 tm − 1 + an − 2 tm − 2 + … + an − m + 1 t1 + an − m m, if 2 ≤ m ≤ n;
−tm = an − 1 tm − 1 + an − 2 tm − 2 + … + a0 tm − n, if m > n.
Proof. ∆ = ∏i< j (xj − xi) = det A, where A is the Vandermonde ma-
trix:
1 x1 … x1n-1
1 x2 … x2n-1
A=
! ! * !
1 xn … xnn-1
t
The matrix A·A is the matrix in the statement, and
t 2 2
det( A·A) = det(A) = ∆ = D(g).
Viète's relations coupled with Newton's identities (see Appendix)
yield the formulas for the tm. !
The discriminant can also be computed using the resultant, defined
below.
5.5 Example. Let us compute the discriminant of a polynomial of

3
degree 3, X + pX + q. We have n = 3, a0 = q, a1 = p, a2 = 0. We have
2
t0 = 3; t1 = 0. Newton's identities yield: t2 = −2p; t3 = − 3q; t4 = 2p .
Thus
3 0 − 2p
3 3 2
D(X + pX + q) = 0 − 2 p − 3q = −4p − 27q .
− 2 p − 3q 2 p 2
5.6 Example. We want to give an example of polynomial g ∈ Q[X]

solvable by radicals over Q, but such L, the splitting field of g over Q,
is not a radical extension of Q. We claim that any irreducible polyno-
mial g ∈ Q[X], of degree 3, such that the splitting field of g over Q
has degree 3, has this property. Indeed, a normal extension Q ⊆ L of
degree 3 cannot be radical. Assuming Q ⊆ L is radical, the definition
3
implies L = Q(b), where b ∈ L is a root of h = X − a, for some a ∈ Q.
Since the extension is normal, all roots of h are in L, so bω and
2
bω ∈ L, where ω is a primitive third root of unity. Thus, ω ∈ L, so
Q ⊆ Q(ω) ⊆ L. It follows that 2 = [Q(ω) : Q] divides 3 = [L : Q], ab-
surd. On the other hand, g is solvable by radicals over Q because its
Galois group G(L/Q) is a subgroup of S3, which is solvable.
An example of such polynomial is the minimal polynomial of
cos(2π/9) (see exercise V.4.8). More generally, if
3
g = X + pX + q ∈ Q[X] is irreducible and has the discriminant
3 2
D(g) = −4p − 27q a square of a rational number, then (by Proposi-
tion 5.3) the Galois group of g is A3 (the alternating group on 3 ele-
ments, which is cyclic of degree 3) and g is solvable by radicals. For
3 2
instance, g = X − 3X + 1 has D(g) = 81 ∈ Q and is irreducible (g has
no roots in Q and has degree 3).
The resultant of two polynomials g and h ∈ K[X] appears in the
problem of finding conditions under which g and h have a common
nonconstant factor (equivalently, they have a common root in the alge-
braic closure Ω of K).
5.7 Definition. Let K be a field and let g, h ∈ K[X] be nonzero. As-

sume that the roots of g are x1,…, xm ∈ Ω and the roots of h are y1,…,
yn ∈ Ω. Then, in Ω[X],
g = a(X − x1)…(X − xm), h = b(X − y1)…(X − yn),
where a, b ∈ K* and m, n ∈ N. The resultant of g and h is the product
n
Res(g, h) := a b ·
m
∏ (xi − yj).
1≤ i≤ m,1≤ j≤ n
By convention, Res(0, g) = Res(g, 0) = 0, ∀g ∈ K[X].

The next proposition shows that Res(g, h) ∈ K and provides an
algorithm that computes the resultant using divisions with remainder.
5.8 Proposition. Let g, h ∈ K[X] be nonzero. Then:

a) Res(g, h) = 0 ⇔ g and h have a common root in Ω ⇔ GCD(g, h)
is a nonconstant polynomial in K[X].
b) Let g = a(X − x1)…(X − xm), h = b(X − y1)…(X − yn), with a,
b ∈ K* and m, n ∈ N. The following formulas hold:
deg(h)
Res(g, h) = a ∏ h( xi ) (R1)
1≤i ≤ m
mn
Res(h, g) = (−1) Res(g, h) (R2)
n − deg(r)
Res(g, h) = a Res(g, r) (R3)
(r is the remainder of the division of h by g: h = gq + r, where q,
r ∈ K[X], deg r < deg g or r = 0)
m
Res(g, b) = b , ∀b ∈ K a constant polynomial. (R4)
c) Res(g, h) ∈ K.
Proof. a) Clear, keeping in mind that the GCD of g and h in Ω[X]
is the same as their GCD in K[X].
b) We have h(xi) = b(xi − y1)…(xi − yn), for any i, 1 ≤ i ≤ m; R1 fol-
lows by multiplying these relations.
R2 is clear from the definition.
Let h = gq + r, where r = 0 or deg r < m = deg h. From R1,
Res(g, h) = a ∏i h(xi) = a ∏i (g(xi)q(xi) + r(xi)) = a ∏i r(xi),
n n n
deg(r)
since g(xi) = 0, 1 ≤ i ≤ m. Bur Res(g, r) = a ∏i r(xi) and R3 follows.
Finally, R1 implies R4.
c) By induction on min(deg g, deg h), using R3 and R4. !
A polynomial g has multiple roots if and only if g and its formal
derivative g' have common roots. Thus D(g) = 0 ⇔ Res(g, g') = 0. In
fact, D(g) and Res(g, g') differ only by ± the dominant coefficient of g.
5.9 Proposition. Let g ∈ K[X] have degree m ∈ N and let a ∈ K*

−1 m(m−1)/2
be its dominant coefficient. Then D(g) = a (−1) Res(g, g').
Proof. Let g = a(X − x1)…(X − xm), where xi ∈ Ω. Then
g' = a∑i∏j≠i (X − xj). By R1,
m−1 m−1
Res(g, g') = a ∏i g'(xi) = a ∏i {a∏j≠i (xi − xj)}.
For each couple (i, j), 1 ≤ i < j ≤ m, the product above contains
(xi − xj) and (xj − xi). There are m(m − 1)/2 such couples, so
m(m−1)/2
Res(g, g') = a
2m−1
(−1) ∏i<j (xi − xj) 2 = a(−1)m(m−1)/2D(g). !
The resultant of two polynomials can be also computed by means
of a determinant formed with their coefficients (see the exercises). If x
is a root of f, and y is a root of g, with the help of resultants one can
find a polynomial that has the root x + y (see Exercise 9).
Exercises
1. Let K ⊆ L be an extension of prime degree p. If the extension is

p
radical, then there exists b ∈ L such that L = K(b) and b ∈ K. Deduce
that a normal extension of degree p of Q cannot be radical.
2. Let K be a field of characteristic 0 and let f ∈ K[X] be a polynomial
solvable by radicals over K, deg f = n. Prove that, if K contains a
primitive n!-th root of unity, then the splitting field of f over K is a
radical extension of K.
n n−1
3. Let K be a field and let p = X + an − 1 X + … + a1 X + a0 ∈ K[X],
such that the characteristic exponent of K does not divide n. Prove that
solving the equation p(X) = 0 is equivalent to solving an equation in Y
n n−2
of the form Y + bn − 2 X + … + b1 Y + b0, by setting Y = X + a/n.
4. (Solving the cubic equation)26 Let K be a field whose characteristic

is not 2 or 3 and let the equation
3
f(x) = x + px + q = 0,
where p, q ∈ K. Prove the following assertions:
a) Setting x = u + v, one obtains the equation
3 3
u + v + q + (3uv + p)(u + v) = 0.
3 3
b) Requiring u + v + q = 0 and 3uv + p = 0, an equation of degree
3 − q ± q 2 + 4 p 3 27
2 in u is obtained, whose solutions are u 3 = . Let
2
3 2
D = − 4p − 27q be the discriminant of the equation f = 0. Then
3
u = − q/2 ± γ , where γ = − D/108.
c) Let A = − q/2 + γ , B = − q/2 − γ and let ω be a primitive 3rd
root of unity. The condition uv = − p/3 implies that the roots of f are:
3
A + 3 B, ω3 A + ω23 B, ω23 A + ω3 B .
5. (Solving the quartic equation)27 Let K be a field whose characteris-
tic is not 2 or 3 and let the equation
4 2
f(x) = x + px + qx + r = 0,
where p, q, r ∈ K. Verify the details in the following steps, leading to
a solution of this equation:
a) Solve the equation if q = 0.
b) Let q ≠ 0. Then f(x) = 0 is rewritten:
2 2
⎛ x 2 + p ⎞ = − qx − r + p
⎜ 2 ⎟⎠ 4
⎝
c) Let u ∈ K. Then any solution x of the equation satisfies
26
The formula was obtained around 1515, by Scipione del Ferro (? - 1526), but
was not published. Niccolò Fontana “Tartaglia” (1500-1557) rediscovered the
formula in 1535 and communicated it to Girolamo Cardano (1501-1576), who
published it in his book “Ars Magna, sive de regulis algebraicis”.
27
The formula was found by Lodovico Ferrari (1522-1565), a student of
Cardano.
2 2
⎛ x 2 + p + u ⎞ = − qx − r + p + u 2 + 2ux 2 + pu
⎜ 2 ⎟ 4
⎝ ⎠
The right hand side is a perfect square of some polynomial in x if
and only if
2
p2 q ⎞
− qx − r + + u 2 + 2ux 2 + pu = ⎛⎜ x 2u − ⎟
4 ⎝ 2 2u ⎠
d) The last equality is equivalent to
( )
8u 3 + 8 pu 2 + 2 p 2 − 8r u − q 2 = 0 .
(called the cubic resolvent of Ferrari).
e) Let u be a solution of the cubic resolvent. Then the 4 solutions of
f = 0 are:
u −u p εq
x =ε ± − − , where ε ∈ {− 1, 1}.
2 2 2 2 2u
3
6. Let g = X + pX + q ∈ Q[X] be irreducible, and let α ∈ R be a root
3 2
of g. Prove that, if ∆ = − 4p − 27q is the discriminant of g, then
Q(α, ∆ ) is the splitting field of g over Q. Deduce that Q ⊆ Q(α) is
normal if and only if ∆ is the square of a rational number.
3
7. Let g = X + X + 3 ∈ Q[X]. Show that g is irreducible. Let α be the
real root of g and let K be the splitting field of g over Q. Show that
K ∩ Q(α, d ) = Q(α), for any d ∈ Z a positive squarefree integer.
8. (The resultant as a determinant) Let R be a domain, let a, b ∈ R and
let m, n ∈ N*. Consider the polynomials in X, with coefficients in
R[X1,…, Xm, Y1,…, Yn]:
f := a ∏1 ≤ i ≤ m (X − Xi) = ∑0 ≤ j ≤ m ajX
j
g := b ∏1 ≤ i ≤ n (X − Yi) = ∑0 ≤ j ≤ n bjX .
j
Let D the square matrix in Mm + n(R[X1,…, Xm, Y1,…, Yn]),

⎡ am bn ⎤
⎢a a bn −1 bn ⎥
⎢ m −1 m ⎥
⎢ ! am −1 ! ! bn −1 ⎥
⎢ ! ! ! am b0 ! ! ⎥
D= ⎢ ⎥
⎢ a0 ! ! am −1 b0 ! bn ⎥
⎢ ⎥
⎢ a0 ! ! ! bn −1 ⎥
⎢ ! ! ! ⎥
⎢ ⎥
⎣ a0 b0 ⎦
There are n columns of a's and m columns of b's (the empty places
contain 0's). The point is to prove that Res{ f, g} = det D.
a) Let M be the Vandermonde matrix of dimension m + n,
⎡ Y1m+ n −1 … … Y1 1⎤
⎢ ⎥
⎢ … … ⎥
⎢ Ynm+ n −1 … … Yn 1⎥
M = ⎢ m +n −1 ⎥
⎢ X1 … … X 1 1⎥
⎢ … … ⎥
⎢ m +n −1 ⎥
⎣⎢ X m … … X m 1⎦⎥
Computing det(MD) in two ways, show that det D = Res{ f, g}
b) Prove that Res{ f, g} ∈ R[a0, …, am, b0, …, bn].
9. Let K be a field and let x, y be algebraic elements over K; let
f = Irr(x, K) and let g = Irr(y, K). Let Z be an indeterminate and let
gZ := g(Z + X) ∈ K[Z][X]. View f and gZ as polynomials in X (with
coefficients in K[Z]), and let h := Res{ f, gZ} ∈ K[Z]. Prove that x + y is
a root of h. More precisely, the roots of h are xi + yj, 1 ≤ i ≤ n,
1 ≤ j ≤ m, where {x1, …, xn} are the roots of f and {y1, …, ym} are the
roots of g.
2
10. Let C be the curve in R given by the parametric representation
⎧ x = x (t ) = t 2 + t 2
⎨ , t ∈ R. This means that C = {(x, y) ∈ R | ∃t ∈ R
⎩ y = y (t ) = t − t + 1
2
such that x = x(t), y = y(t)}. Using resultants, find an implicit

representation of the curve (i.e., a polynomial g ∈ R[X, Y] such that:
∀t ∈ R, g(x(t)), y(t)) = 0; and, conversely, g(x, y) = 0 implies that
2
∃t ∈ R such that x = x(t), y = y(t)). (Hint. ∀(x, y) ∈ R , (x, y) ∈ C ⇔
2 2
the polynomials t + t − x and t − t + 1 − y have a common root.)
Appendices
The following appendices contain a part of the background re-

quired for reading the book. They include themes less likely to be in-
cluded in a first course on Algebra and themes that are necessary, but
auxiliary to the main ideas in the book.
The reader should feel free to consult the appendices as needed,
when reading the main text.
1. Prime ideals and maximal ideals
All rings considered are assumed commutative rings with identity.

If I is an ideal of the ring R (i.e. ∀x, y ∈ I and ∀r ∈ R, we have
x + y ∈ I and rx ∈ R), we denote this by I ≤ R. An ideal I is called a
proper ideal if I ≠ R. If I and J are ideals in R with I ⊆ J, we write this
also I ≤ J. The set of all ideals of a ring is a lattice with respect to
inclusion: for any two ideals I and J of R, inf(I, J) = I ∩ J,
sup(I, J) = I + J, where I + J denotes the sum of the ideals I and J,
I + J := {i + j | i ∈ I, j ∈ J} (the ideal generated by I ∪ J).
Throughout this section, R denotes a commutative ring with iden-
tity.
331
332 Appendices
1.1 Definition. An ideal P of the ring R is called a prime ideal if

P ≠ R and, for any x, y ∈ P, xy ∈ P implies x ∈ P or y ∈ P.
An ideal M of R is called a maximal ideal if M ≠ R and there exist
no proper ideals of R that strictly include M. In other words, for any
J ≤ R, M ≤ J implies M = J or J = R.
1.2 Examples. a) If p ∈ Z is a prime number, then the ideal gener-

ated by p in Z, denoted pZ, is a prime ideal in Z. Conversely, if pZ is
a prime ideal, then p is a prime number.
b) An ideal I is maximal in the ring R iff I is a maximal element of
the set (ordered by inclusion) of all proper ideals of R. In the ring Z,
any ideal is of the form nZ, for some n ∈ Z. This implies that nZ is
maximal if and only if n is a prime number. Indeed, let nZ be a maxi-
mal ideal. Then, ∀m ∈ Z, nZ ⊆ mZ implies nZ = mZ or mZ = Z; in
other words, m|n implies m ∼ n or m = 1. Since nZ ≠ Z, this means
that n is irreducible, hence it is a prime. The converse is left to the
reader.
c) The ring R is a domain (has no zero divisors) if and only if (0) is
a prime ideal.
d) If K is a field, (0) is its only proper ideal; (0) is also a maximal
ideal and a prime ideal.
Here is a useful characterization of maximal (respectively prime)
ideals, by means of the factor ring.
1.3 Theorem. Let I be a proper ideal of R.

a) I is a prime ideal if and only if the factor ring R/I is a domain.
b) I is a maximal ideal if and only if the factor ring R/I is a field.
Proof. a) Let I be a prime ideal. Let α = a + I, β = b + I (where a,
b ∈ R) be elements in R/I. If αβ = 0 ∈ R/I, then (a + I)(b + I) = 0 + I,
so ab ∈ I. Since I is prime, a ∈ I or b ∈ I, hence a + I = α = 0 + I or
b + I = β = 0 + I. Therefore, R/I has no zero divisors. Conversely, as-
sume that R/I is a domain and let a, b ∈ R with ab ∈ I. This implies
2. Algebras. Polynomial and monoid algebras 333
that (a + I)(b + I) = 0 + I, so a + I = 0 + I or b + I = 0 + I. Thus, a ∈ I or

b ∈ I.
b) Suppose I is a maximal ideal in R. We want to show that any
nonzero element of R/I is invertible. Let α = a + I ≠ 0 + I, hence a ∉ I.
Then the ideal generated by I and a, I + Ra, includes strictly I; since I
is maximal, I + Ra = R. In particular, 1 ∈ R is written i + ra, for some
i ∈ I and r ∈ R. Thus, 1 + I = (ra + i) + I = ra + I = (r + I)(a + I), so
a + I is invertible.
If R/I is a field and J is an ideal strictly including I, there exists
x ∈ J, x ∉ I. Hence, x + I ≠ 0 + I, so x + I is invertible in R/I. For some
r ∈ R, 1 + I = (r + I)(x + I), whence there exists i ∈ I such that
1 = rx + i. It follows that 1 ∈ J ⇔ J = R. !
1.4 Corollary. Any maximal ideal is a prime ideal. !

The converse is false: the ideal (X) of the ring Z[X] is prime and not
maximal, because the factor ring Z [ X ] ( X ) ≅ Z is a domain, but not a
field.
If R is a principal ideal domain and not a field, the prime nonzero
ideals are exactly the maximal ideals and they are the ideals generated
by irreducible elements.
Krull's Lemma (II.1.20) says that any proper ideal is included in
some maximal ideal.
2. Algebras. Polynomial and monoid algebras
We fix (R, +, ·), a commutative ring with identity.

334 Appendices
2.1 Definition. An R-algebra is a ring (A, +, ·) (not necessarily

associative or having an identity), which is simultaneously an
R-module, such that, ∀r ∈ R, ∀a, b ∈ A:
r(ab) = (ra)b = a(rb).
The R-algebra A is called associative (respectively with identity,
commutative) if the ring A has the corresponding property.
Recall that the center of the ring A, Cen(A), is the set of all ele-
ments in A that commute with any element:
Cen(A) := {a ∈ A | ab = ba, ∀b ∈ A}
Cen(A) is a subring of A (easy exercise).
We are interested in R-algebras that are associative and have an
identity. For this type of algebras there is the following characteriza-
tion (often taken as the definition):
2.2 Proposition. a) Let A be an associative R-algebra with identity

element e. Then the function α : R → A defined by
α(r) := re, ∀r ∈ R
is an identity preserving ring homomorphism and α(r)a = aα(r),
∀r ∈ R, ∀a ∈ A (in other words, α(R) ⊆ Cen(A)).
b) Conversely, if A is an associative ring with identity, and
α : R → A is an identity preserving ring homomorphism such that
α(R) ⊆ Cen(A), then A is an R-algebra if we define the R-module
multiplication by
ra := α(r)a, ∀r ∈ R, ∀a ∈ A.
Proof. a) If r, s ∈ R, then, by definition:
α(r + s) = (r + s)e = re + se = α(r) + α(s)
α(r)α(s) = (re)(se) = r(e(se)) = r(se) = (rs)e = α(rs).
Also, α(1) = 1e = e (since A is an R-module). Thus, α is an identity
preserving ring homomorphism. If r ∈ R, a ∈ A,
α(r)a = (re)a = r(ea) = ra = r(ae) = a(re) = aα(r).
b) Exercise. !
2.3 Remark. The homomorphism α : R → A in the proposition

above us called the structural homomorphism of the associative
R-algebra with identity A. Naturally, a ring A can have several differ-
ent R-algebra structures (corresponding to different structural
homomorphisms).
2.4 Examples. a) The ring Mn(R) of all square matrices of type n×n
with entries in R is an associative R-algebra with identity
(noncommutative if n ≥ 2). The structural homomorphism takes r ∈ R
to the matrix having r on the diagonal and 0 elsewhere.
b) The polynomial ring R[X] is a commutative R-algebra. If K ⊆ L
is a field extension, L is a K-algebra. Which are the structural
homomorphisms (equivalently, which is the module structure) for
these examples?
2.5 Definition. Let A and B be two R-algebras. A ring homomorph-

ism ϕ : A → B that is simultaneously an R-module homomorphism is
called an R-algebra homomorphism.
If A and B are associative and have identities, and α, respectively β,
are the structural homomorphisms, then a ring homomorphism
ϕ : A → B is an R-algebra homomorphism if and only if ϕ ◦α = β.
In what follows, we consider only associative algebras with iden-
tity.
A subset C of the R-algebra A is called an R-subalgebra of A if C is
a subring in A and also a submodule in R A: ∀r ∈ R, ∀a ∈ C ⇒
ra ∈ C. It is immediate that the intersection of a family of subalgebras
of A is still a subalgebra of A (for the proof, see the corresponding
property for rings or for modules). This allows to define, given a sub-
set S of A, the subalgebra generated by S as the intersection of all
subalgebras of A that include S. For commutative R-algebras, the
subalgebra generated by S is denoted by R[S] and it is the set of all
336 Appendices
polynomial expressions in the elements of S, with coefficients in R (cf.

prop. IV.1.14).
If ϕ : A → B is an R-algebra homomorphism, then ϕ(A) is a
subalgebra of B. An ideal I of the ring A is also called an ideal of the
R-algebra A. If I is an ideal of the R-algebra A, then the factor ring A/I
is canonically an R-algebra, its structural homomorphism being π ◦α,
where π : A → A/I is the canonical surjection. This algebra is called
the factor algebra of A relative to the ideal I.
We fix a commutative ring with identity R and a monoid (G, ·). We
shall now describe the construction of the monoid algebra80 R[G].
Recall that (G, ·) is a monoid (or a semigroup with identity) if the
operation “·” is associative and has an identity element e.
In particular, we obtain the construction of polynomial algebras (in
a finite or infinite number of indeterminates). The idea is the follow-
(G)
ing: we define on R (the free R-module on the set G) a multiplica-
tion law that is associative and distributive, and that coincides with
the multiplication in G for the elements of G. More precisely, any ele-
(G)
ment in R is written uniquely as a finite sum
∑ ag g ,
g∈ G
where ag ∈ R, for any g ∈ G and supp(ag)G is finite.

The product between g and h ∈ G (seen as elements in the basis of
(G) (G)
R ) is gh (element in the basis of R ); this product extends by
(G)
linearity to any two elements of R :
⎛ ⎞ ⎛ ⎞
⎜ ∑ a g g ⎟ ⋅ ⎜ ∑ bh h ⎟ = ∑ a g bh gh
⎝ g∈ G ⎠ ⎝ h∈ G ⎠ ( g ,h )∈ G×G
The rigorous construction is described in the sequel.
80
Called group algebra if G is a group.
The support of a function ϕ : G → R is the set supp(ϕ) := {g ∈ G |

ϕ(g) ≠ 0}. Define
R[G] := {ϕ : G → R | supp(ϕ) is finite}.
A function in R[G] is called a function of finite support. We define
on R[G] the following operations: ∀ϕ, ψ ∈ R[G], ∀g ∈ G,
(ϕ +ψ)(g) := ϕ(g) +ψ (g)
(ϕ ·ψ)(g) := ∑ϕ (u )ψ (v ) .
( u ,v )∈G×G
uv = g
The first equality clearly defines a function ϕ +ψ : G → R. It is not

as obvious that ϕ ·ψ is correctly defined: we must show that the sum
defining ϕ ·ψ has a finite number of nonzero terms. Indeed, the set of
all (u,v) ∈ G×G such that ϕ(u)ψ(v) ≠ 0 is included in supp(ϕ)×supp(ψ),
which is finite.
We must also show that ϕ +ψ and ϕ ·ψ have finite support. We
have:
supp(ϕ +ψ) ⊆ supp(ϕ) ∪ supp(ψ), a finite set.
For ϕ ·ψ: if g ∈ G \ {uv |u ∈ supp(ϕ) and v ∈ supp(ψ)}, then
(ϕ ·ψ)(g) = 0, since all terms in the sum in the definition are zero. So,
supp(ϕψ) is included in {uv | u ∈ supp(ϕ) and v ∈ supp(ψ)}, which is
finite.
Therefore, "+" and " · " are correctly defined and are composition
laws on R[G]. We define an external operation "·" : R × R[G] → R[G],
(r ·ϕ)(g) := rϕ(g), ∀r ∈ R, ∀ϕ ∈ R[G], ∀g ∈ G.
Endowed with these operations, R[G] is an R-module, namely the
free R-module of basis G (if we disregard the multiplication in R[G]).
2.1 Remark. The construction we described generalizes (and is in-

spired from) the usual construction of the polynomial ring in one
indeterminate over R, R[X]. The reader is encouraged to verify that if -
338 Appendices
(G, ·) is (N, +), the additive monoid of the natural numbers, then R[G]
is exactly the ring R[X].
2.2 Proposition. (R[G], + , ·) is an associative ring with identity.

Proof. We check the associativity of multiplication. Let ϕ, ψ, η ∈
R[G] and let g ∈ G.
((ϕψ )η )(g ) = ∑ (ϕψ )(u )η (v ) =
(u ,v )∈G 2
uv = g
⎛ ⎞
⎜ ⎟
∑ 2 ⎜ ∑ϕ2 (s )ψ (t ) ⎟η (v ) = ∑ϕ3(s )ψ (t )η (v ) .
( u ,v )∈G ⎜ ( s ,t )∈G ⎟ ( s ,t ,v )∈G
uv = g ⎝ st =u ⎠ stv = g
Computing (ϕ(ψη))(g), we obtain the same thing, so (ϕψ)η =

ϕ(ψη).
The existence of neutral elements for addition and multiplication is
proven below. The other ring axioms are left to the reader. !
It is necessary to show that this construction satisfies the demands
stated at the beginning of this section and. To this end, we define the
following elements in R[G]:
⎧0, if h ≠ g
∀g ∈ G, define ηg : G → R by η g ( h ) = ⎨ , ∀h ∈ G;
⎩1, if h = g
⎧0, if h ≠ e
∀r ∈ R, define ψr : G → R by ψ r ( h ) = ⎨ , ∀h ∈ G.
⎩ r, if h = e
It is clear that ηg, ψr ∈ R[G], ∀ g ∈ G, ∀r ∈ R. We also have:
2.3 Proposition. a) The function i : R → R[G], given by i(r) = ψr,

∀r ∈ R, is an injective ring homomorphism. Furthermore, Im i is in-
cluded in the center of R[G] (so, R[G] is an R-algebra of structural
homomorphism i). That entitles us to write r instead of ψr (identifying
r ∈ R with its image ψr ∈ R[G]).
b) The function j : G → (R[G], ·), j(g) = ηg, ∀g ∈ G, is an injective

monoid homomorphism. We write g instead of ηg (identifying g ∈ G
with its image ηg ∈ R[G]).
⎧0, if h ≠ g
c) For any g, h ∈ G and any r ∈ R, (ψr·ηg)(h) = ⎨ .
⎩ r, if h = g
d) Any element ϕ ∈ R[G] is written as a finite sum:
ϕ = ∑ψ ϕ ( g )η g = ∑ a g g ,
g ∈ supp (ϕ ) g∈ supp (ϕ )
In the second sum, ϕ(g) is denoted ag, ηg is identified with g and

ψϕ(g) is identified with ag = ϕ(g), for any g ∈ G (thus (ag)g ∈ G has finite
support).
The writing of ϕ is unique: if ∑ ag g = ∑ bg g , where (ag)g ∈ G and
g∈ G g∈ G
(bg)g ∈ G have finite support, then ag = bg, ∀g ∈ G.

e) The zero of the ring R[G] (the neutral element for addition) is
ψ0 (written as a sum of the type ∑ a g g as the sum with one term 0e).
g∈G
The identity of the ring R[G] (the neutral element for multiplication) is
ηe = 1e.
Proof. a) It is evident that ψr + s = ψr + ψs, ∀r, s ∈ R. Computing
ψr·ψs, we obtain ψr·ψs(g) = ∑ψ r (u )ψ s (v ) . If g ≠ e, then, for any cou-
uv =g
ple (u, v) ∈ G×G such that uv = g, we have u ≠ e or v ≠ e, so

ψ r (u )ψ s (v ) = 0. Therefore, if g ≠ e, then (ψr·ψs)(g) = 0. Also,
(ψr·ψs)(e) = ψr(e)·ψs(e) = rs. In conclusion, ψr·ψs = ψrs. The injectivity
is clear.
b) The injectivity is easy. We prove that ηgηh =ηgh, ∀g, h ∈ G. For
any x ∈ G, x ≠ gh, (ηgηh)(x) = ∑η g (u )ηh (v ) = 0, since uv = x ≠ gh im-
uv =x
plies u ≠ g or v ≠ h. Also, (ηgηh)(gh) = 1.
340 Appendices
c) Exercise.
d) For any h ∈ G, we have
⎛ ⎞ ⎧0, if h ∉ supp (ϕ )
(
⎜ ∑ ag g ⎟ ( h ) = ∑ ψ ϕ ( g )η g ) ( h ) = ⎨ϕ ( h ) , if h ∈ supp (ϕ ) = ϕ ( h )
⎝ g∈ suppϕ ⎠ g∈ supp(ϕ ) ⎩
.
⎧0, if h ≠ g
We used in the last equality that (ψ ϕ ( g )η g ) ( h ) = ⎨ , as
⎩ϕ ( g ) , if h = g
seen at c).
⎛ ⎞
The uniqueness ensues from ⎜⎜ ∑ a g g ⎟⎟(h ) = ah , ∀h ∈ G.
⎝ g∈ G ⎠
e) We show that ηe is the identity of the ring R[G]. For any g ∈ G,
ηgηe = ηge = ηg = ηeηg, by c). The general case is proven using d) and
the distributivity. !
2.4 Remarks. a) By construction, R[G] is isomorphic to the free

R-module of basis G. The elements of R[G] can be seen as “formal”
finite sums of the form ∑g∈G agg, where (ag)g∈G is a family of elements
of R having finite support. We can identify a ∈ R with the sum with
one term a·e; also, we can identify g ∈ G with 1·g. The addition obeys
the rule ∑g∈G agg + ∑g∈G bgg = ∑g∈G (ag + bg)g; the multiplication is
(left and right) distributive relative to addition and obeys the rule
(1·g)·(1·h) = 1·(gh). Therefore:
⎛ ⎞ ⎛ ⎞ ⎛ ⎞
⎜⎜ ∑ a g g ⎟⎟ ⋅ ⎜⎜ ∑ bg g ⎟⎟ = ∑ ⎜⎜ ∑ (au bv ) ⎟⎟ g .
⎝ g∈ G ⎠ ⎝ g∈ G ⎠ g∈ G ⎝ uv = g ⎠
Thus, R[G] meets the conditions stated in the introduction. Any ele-
ment of R[G] is written uniquely ∑g∈G agg, the sums being always fi-
nite. In particular, ∑g∈G agg = 0 ⇔ ag = 0, ∀g ∈ G.
b) If G is a commutative monoid, then R[G] is also a commutative

ring. If G is not commutative, then R[G] is not commutative, as part b)
of the proposition shows.
The classical polynomial algebras.

I. For (G, ·) = (N, +), one obtains the usual construction of the
polynomial algebra in one indeterminate with coefficients in R. In-
deed, an arbitrary element in R[N] is a function ϕ : N → R with finite
support (a sequence of elements of R with finite support). Setting
ϕ(i) =: ai, ∀i ∈ N, the general form of an element f in R[N] is
f = ∑ aiηi . Since ηiηj = ηi + j, for any i, j ∈ N, ηi = (η1) , ∀i ∈ N.
i
i∈ N
Denoting η1 by X, one obtains the usual form:

f = ∑i∈N ai X = a0 + a1 X + … + an X
i n
where n = max {i ∈ N | ai ≠ 0} is the degree of f.

n
II. Consider the commutative monoid (N , +) (for a fixed n ∈ N*),
where the addition is defined component-wise:
(i1, …, in) + (j1, …, jn) := (i1 + j1, …, in + jn), ∀(i1, …, in),
n
(j1, …, jn) ∈ N .
n
The R-algebra R[N ] is called the polynomial algebra in n
n
indeterminates81 with coefficients in R. An element of R[N ] is called
a polynomial (in n indeterminates).
We make the connection with the usual form of a polynomial. For
each i ∈ {1, …, n}, let
n
ei := (0,…,1,…,0) ∈ N (1 on the i-th place, 0 elsewhere).
81
Often encountered terminologies are “unknown” or “variable” instead of
“indeterminate”.
342 Appendices
n
Any element in N is written uniquely - up to a order of the terms -
n
as a sum of ei's (in other words, {e1, …, en} generate the monoid N ).
n
The element ηei ∈ R[N ] is denoted by Xi and is called an indetermi-
nate. A product of indeterminates (of the form X 1i1 … X nin ) is called a
n
term. Any polynomial g ∈ R[N ] is then written uniquely as a finite
sum:
g= ∑ ai1…in X 1i1 … X nin ,
( i1 ,…,in )∈' n
where ( ai1…in ) i ,…, i is a family of elements in R, having finite sup-

(1 n ) ∈ 'n
port. Thus, g is a linear combination of terms, with coefficients in R.

The polynomial g is thus a sum of products between a nonzero ele-
ment of R and a term, of the form ai1…in X 1i1 … X nin . If g is like above
and ai1…in ≠ 0, then ai1…in X 1i1 … X nin is called a monomial of g.
n
R[N ] is denoted usually by R[X1,…, Xn].
III. The previous construction can be generalized to the polynomial

algebra in S indeterminates, where S is an arbitrary nonempty set. To
n ( S)
this end, we replace the monoid (N , +) with (N , +),
( S)
where N := { f : S → N | the support of f is finite}. Continuing the
n ( S)
analogy with N , we see the elements of N as “multi-indices” and
( S)
use notations like i, j,… . The addition in the monoid N is defined
( S)
naturally as follows: for any i, j ∈ N , (i + j)(s) = i(s) + j(s), ∀s ∈ S.
The axioms of a commutative monoid are readily checked. The
( S)
R-algebra R[N ] is called the polynomial algebra in S indeterminates
( S)
with coefficients in R. For any s ∈ S, define es ∈ N ,
⎧0, if s = t ( S)
es (t ) = ⎨ , ∀t ∈ S and let Xs be the element ηe s ∈ R[N ].
⎩1, if s ≠ t
( S)
Any element i ∈ N is written uniquely as i = ∑ ms e s , where (ms)s∈S
s∈S
82
is a family of natural numbers indexed by S, having finite support.
( S)
Therefore, ηi = ∏ X sms . An arbitrary polynomial f ∈ R[N ] has a
s∈supp ( i )
( S)
unique writing as f = ∑ aiηi , where F is a finite subset of N ; if
i∈F
∪i∈F supp(i) =: {s1, …, sn} (a finite subset of S), then

f= ∑ am1…mn X sm11 … X smn n ,
( m1 ,…,mn )∈N n
where the sum is finite (the family of elements of R

(am …m )(m ,…,m )∈N
1 n 1 n
n has finite support).
In other words, any polynomial in S indeterminates is a polynomial
( S)
in a finite set of indeterminates in S. The R-algebra R[N ] is usually
denoted as R[(Xs)s∈S] or R[Xs]s∈S or R[X; S].
2.5 Theorem. (The universality property of the monoid algebra)

Let (G, ·) be a monoid and let i : R → R[G], j : G → R[G] be the
canonical mappings defined at 2.3. The triple (R[G], i, j) has the
following universality property: for any R-algebra T having the struc-
tural homomorphism α : R → T and any homomorphism of monoids β
: G → (T, ·), there exists a unique homomorphism of R-algebras
ϕ : R[G] → T such that ϕ ◦i = α and ϕ ◦j = β:
j
G ⎯⎯→ R[G ]
β ϕ
(S)
82
For any m ∈ N and i ∈ R[N ], mi is defined as (mi)(s) := m·i(s), ∀s ∈ S.
344 Appendices
Proof. Suppose ϕ is as stated. Thus, ϕ(r) = α(r), ∀r ∈ R and

ϕ(g) = β(g), ∀g ∈ G. If ∑g∈G agg ∈ R[G], then
⎛ ⎞
ϕ ⎜⎜ ∑ a g g ⎟⎟ = ∑ϕ (a g )ϕ ( g ) = ∑α (ag )β ( g ) ,
⎝ g∈ G ⎠ g∈ G g∈G
which shows that ϕ is uniquely determined by α and β. A direct check

shows that ϕ given by the above is a ring homomorphism and satisfies
the stated requirements. !
The universality property of the monoid algebra determines this
algebra up to an unique isomorphism: if (A, γ, δ) (where A is an
R-algebra, γ : R → A is its structural homomorphism and
δ : G → (A, ·) is a homomorphism of monoids) satisfies the same
universality property as (R[G], i, j), then there exists a unique
R-algebra isomorphism ϕ : R[G] → A such that ϕi = γ and ϕj = δ (cf.
5.7).
For the classical polynomial algebras, using the remarkable fact
that the monoid (N, +) is generated by one element (respectively
n
(N , +) is generated by n elements), this theorem reads:
2.6 Theorem. Let A be an R-algebra.

a) (The universality property of the polynomial algebra R[X]) For
any a ∈ A there exists a unique R-algebra homomorphism
eva : R[X] → A such that eva(X) = a.
b) (The universality property of the polynomial algebra R[X1,…,
n
Xn]) Let n ∈ N*. For any n-uple a = (a1,…,an) ∈ A there exists a
unique R-algebra homomorphism eva : R[X1,…, Xn] → A such that
eva(Xi) = ai, ∀i ∈ {1,…, n}.
c) (The universality property of the polynomial algebra R[X; S]) Let
S be a nonempty set. For any mapping γ : S → A there exists a unique
R-algebra homomorphism evγ : R[X; S] → A such that evγ(Xs) = γ(s),
∀s ∈ S.
Proof. Of course, a) follows from b), which is a particular case of

c). Nevertheless, we sketch a proof for every case.
n n
a) For any f = ∑ bi X i ∈ R[X], let eva( f ) = ∑ bi a i (usually called
i =0 i =0
the value of f at a and denoted f (a)). The fact that eva is a homomorph-
ism amounts to that, ∀f, g ∈ R[X],
(f + g)(a) = f(a) + g(a),
(f·g)(a) = f(a)·g(a),
A standard check proves these familiar properties and the rest of
the claims.
b) For any f = ∑ bi1…in X 1i1 … X nin ∈ R[X1,…, Xn], and any
(i1 ,…,in )∈N n
n
a = (a1, …, an) ∈ A , let
eva( f ) = f (a1,… , an ) = ∑ bi1…in a1i1 … anin ,
(i1 ,…,in )∈Nn
the value of f at a = (a1, …, an).
c) The mapping γ induces a homomorphism of monoids
( S) i(s ) ( S)
β : N → (A, ·), β(i) = ∏ γ ( s ) , ∀i ∈ N
s∈supp ( i )
Applying the universality property of the monoid algebra

( S)
R[N ] = R[X; S], there exists a unique R-algebra homomorphism
( S)
evγ : R[X;S] → A such that vγ ◦j = β, where j : N → R[X; S] is the
canonical mapping; in our case, j(es) = Xs, ∀s ∈ S. Thus
vγ (Xs) = β(es) = γ(s), ∀s ∈ S.
( S)
Let us prove the uniqueness of evα. If v : R[N ] → A is an
R-algebra homomorphism with v(Xs) = γ(s), then v◦j = β, where β is the
homomorphism defined above. The uniqueness part of the universality
property implies v = evα. !
346 Appendices
The homomorphism eva (respectively eva) above is called the

evaluation homomorphism.
The previous theorem formalizes and gives a precise meaning to
the procedure of assigning the values a1, …, an to the indeterminates
X1, …, Xn.
A useful property of the R-algebras R[X1,…, Xn], sometimes used
to define them by recurrence on n, is the following:
2.7 Theorem. Let n ≥ 1. Then there exists a canonical isomorphism

of R-algebras:
R[X1,…, Xn] ≅ R[X1,…, Xn−1][Xn].
Proof. Use 2.6.b): there exists a unique R-algebra homomorphism
ϕ : R[X1,…, Xn] → R[X1,…, Xn−1][Xn], with ϕ(Xi) = Xi, 1 ≤ i ≤ n.
Let A := R[X1,…, Xn−1].
Conversely, 2.6.b) applied to R[X1,…, Xn−1], yields a unique
R-algebra homomorphism α : R[X1,…, Xn−1] → R[X1,…, Xn], with
α(Xi) = Xi, 1 ≤ i ≤ n − 1. Thus, R[X1,…, Xn] is an A-algebra with α its
structural homomorphism. The universality property of the A-algebra
A[Xn] shows that there exists a unique A-algebra homomorphism
β : A[Xn] → R[X1,…, Xn], such that β(Xn) = Xn. Of course, β is also an
R-algebra homomorphism.
We have βϕ = id. Indeed, βϕ : R[X1,…, Xn] → R[X1,…, Xn] is an
R-algebra homomorphism such that βϕ(Xi) = Xi, 1 ≤ i ≤ n, and
id : R[X1,…, Xn] → R[X1,…, Xn] has the same properties. The unique-
ness part in 2.6.b) implies that βϕ = id. Similarly, ϕβ = id, so ϕ is an
isomorphism. !
In what follows we discuss the important notion of degree of a
polynomial.
n
If aX is a monomial in R[X] (with a ≠ 0), n is called the degree of
n
aX .
For an arbitrary polynomial g ∈ R[X],
n
g = a0 + a1X + … + anX , where an ≠ 0,
the natural number n is called the degree of g, denoted deg g. Thus,
the degree of g is the greatest degree of the monomials of g. We de-
fine by convention deg 0 = −∞. Sometimes deg 0 is not defined.
The elements a0, …, an ∈ R are called the coefficients of the
polynomial g; among these, an is called the leading coefficient of g, a0
is called the constant term.
If the leading coefficient an is 1, then the polynomial g is called
monic.
If R is a domain, then the degree is additive: ∀g, h ∈ R[X1,…, Xn],
deg (gh) = deg g + deg h.
Also:
deg (g + h) ≤ max(deg g, deg h).
If aX 1i1 … X nin is a monomial in R[X1,…, Xn] (where a ≠ 0), and
1 ≤ k ≤ n, then its degree in Xk is deg ( aX 1i1 … X nin , X k ) := ik (the expo-
nent of Xk in the monomial), also denoted deg X k ( aX 1i1 … X nin ) .
For any g ∈ R[X1,…, Xn], deg (g, Xk) is the greatest degree in Xk of
the monomials of g. If R is a domain, then the degree in Xk satisfies
the same relations as above: ∀g, h ∈ R[X1,…, Xn],
deg (gh, Xk) = deg (g, Xk) + deg (h, Xk).
deg (g + h, Xk) ≤ max(deg (g, Xk), deg (h, Xk)).
The total degree of the monomial aX 1i1 … X nin is i1 + … + in; the to-
tal degree of an arbitrary polynomial g ∈ R[X1,…, Xn] is the largest to-
tal degree of its monomials. Usually, the “degree” of a polynomial in
several indeterminates is its total degree, unless otherwise specified. A
polynomial whose monomials have all the same degree is called a
homogeneous polynomial. The total degree satisfies relations similar
to the above, if R is a domain.
348 Appendices
3. Symmetric polynomials
Let R be a fixed commutative ring with identity. Let n ∈ N* and let

σ ∈ Sn, the symmetric group of all permutations of n objects. Then
there exists a unique homomorphism of R-algebras
ϕσ : R[X1,…, Xn] → R[X1,…, Xn] such that ϕσ(Xi) = Xσ(i), ∀i = 1,…, n
(see 2.6, the universality property of the polynomial R-algebra
R[X1,…, Xn]). If g ∈ R[X1,…, Xn], then
ϕσ(g) = g(Xσ(1),…, Xσ(n)).
If R is a domain and K is its field of fractions, consider K(X1,…, Xn)
(the field of fractions of the domain R[X1,…, Xn], called the field of ra-
tional fractions in the indeterminates X1,…, Xn with coefficients in K).
Then ϕσ extends to a unique field homomorphism (denoted also ϕσ)
ϕσ : K(X1,…, Xn) → K(X1,…, Xn). For any g, h ∈ R[X1,…, Xn], h ≠ 0,
ϕσ(g/h) = ϕσ(g)/ϕσ(h).
3.1 Definition. Let g ∈ R[X1,…, Xn]. We call g a symmetric

polynomial in R[X1,…, Xn] if, for any σ ∈ Sn, we have ϕσ(g) = g.
If R is a domain and K is its field of fractions, a rational fraction
g/h ∈ K(X1,…, Xn) is called symmetric if, for any σ ∈ Sn,
ϕσ(g/h) = g/h.
3.2 Example. In R[X1, X2, X3], the following polynomials are

symmetric:
X1 + X2 + X3, X1 X2 X3,
X 1 X 2 + X 1 X 3 + X 22 X 1 + X 22 X 3 + X 32 X 1 + X 32 X 2 .
2 2
The polynomial X1 + X2 is not symmetric in R[X1, X2, X3] (but it is

symmetric in R[X1, X2]).
3.3 Remarks. a) Let S = {g ∈ R[X1,…, Xn] | ϕσ(g) = g, ∀σ ∈ Sn} be

the set of symmetric polynomials. Then S is an R-subalgebra of
R[X1,…, Xn]. For instance, if g, h ∈ S, then
3. Symmetric polynomials 349
ϕσ(g + h) = ϕσ(g) + ϕσ(h) = g + h, ∀σ ∈ Sn.

The other conditions are checked similarly. It is easy to see that the
symmetric rational fractions form a subfield in K(X1,…, Xn).
b) If aX 1i1 … X nin is a monomial of the symmetric polynomial g,
then aX σi1 (1) … X σin( n ) is also a monomial of g, for any σ ∈ Sn.
3.4 Definition. Let n ∈ N* and let 0 ≤ k ≤ n. The polynomial

sk := ∑{∏i∈I Xi | I ⊆ {1, …, n}, |I| = k}.
is called the fundamental (or elementary) symmetric polynomial of de-
gree k in R[X1,…, Xn] .
In other words, sk is the sum of all products of k distinct indetermi-
()
nates chosen among {X1,…, Xn}; thus sk has n monomials. By
k
convention, s0 = 1 and sk = 0 if k > n. The polynomial sk is homogene-
ous of degree k (indeed, all its monomials have degree k). Since sk
obviously depends on the number of indeterminates, the notation
sk(X1,…, Xn) is sometimes used to avoid confusions. For example, the
fundamental symmetric polynomials in 4 indeterminates are:
s0 = 1
s1 = X1 + X2 + X3 + X4
s2 = X1 X2 + X1 X3 + X1 X4 + X2 X3 + X2 X4 + X3 X4
s3 = X1 X2 X3 + X1 X2 X4 + X1 X3 X4 + X2 X3 X4
s4 = X1 X2 X3 X4
The fundamental symmetric polynomials appear in the relations be-
tween the coefficients of a polynomial and its roots (Viète's relations).
3.5 Theorem. a) Let n ∈ N* and let sk = sk(X1,…,Xn). In

R[X1,…, Xn][X] the following relation holds:
n n−1 n−2 n
(X − X1)…(X − Xn) = X − s1 X + s2 X − … + (−1) sn.
350 Appendices
b) If R is a subring of the domain S and

n
g = a0 + a1X + … + anX ∈ R[X] has the roots x1, …, xn ∈ S, then
k
ansk(x1, …, xn) = (–1) an − k.
Proof. a) Induction on n (exercise).
b) There exists a unique R-algebra homomorphism
ϕ : R[X1,…, Xn][X] → S[X] such that ϕ(Xi) = xi and ϕ(X) = X. We have,
by a):
ϕ(an(X − X1)…(X − Xn)) = an(X − x1)…(X − xn) =
n n−1 n−2 n
an(X − s1 X + s2 X − … + (−1) sn).
But an(X − x1)…(X − xn) = g (in the field of fractions K of S, these
polynomials have the same roots and the same leading coefficient).
The relations follow by identifying the coefficients. !
3.6 Theorem. (The fundamental theorem of symmetric polynomi-

als) Let g be a symmetric polynomial in R[X1,…, Xn]. Then g is a
polynomial of the fundamental symmetric polynomials: there exists a
unique polynomial h ∈ R[X1,…, Xn] such that g = h(s1, …, sn).
In other words, denoting by S the R-subalgebra of symmetric
polynomials in R[X1,…, Xn], the unique R-algebra homomorphism
ψ : R[X1,…, Xn] → S with ψ(Xi) = si (for 1 ≤ i ≤ n) is an isomorphism.
Proof. Let T := {X 1i1 … X nin (i1,…, in ) ∈ N n } be the set of all terms in
R[X1,…, Xn]. Define a total order relation on T (the lexicographic or-
der) by: X 1i1 … X nin ≤ X 1k1 … X nkn ⇔ ∃r, 1 ≤ r ≤ n, such that it = kt, ∀t < r
and ir ≤ kr. For instance, we have X1 > X2 >… > Xn and
1 < X 37 < X 2 X 32 < X 1 < X 1 X 22 . This order relation is total and it is com-
patible with term multiplication: ∀λ, µ, ν ∈ T, µ ≤ ν implies λµ ≤ λν
(one can prove that it is the unique total order on T, compatible with
multiplication, such that X1 > X2 >… > Xn). Moreover, T is well or-
dered by the lexicographic order (any nonempty subset of T has a
smallest element), as the following lemma shows. Therefore, one can
make induction proofs on this ordered set (as is this proof).
The lexicographic order induces a preorder relation83, denoted also

" ≤ ", on the set {aλ | λ ∈ T, a ∈ R, a ≠ 0} of all monomials in
R[X1,…, Xn], by aλ ≤ bµ ⇔ λ ≤ µ. The proof of this is straightfor-
ward. If p ∈ R[X1,…, Xn], there exists a unique greatest monomial of p
(with respect to the lexicographic preorder), called the leading mono-
mial of p and denoted by lm(p). The following property holds:
If p, q ∈ R[X1,…, Xn], such that lm(p) = aλ, lm(q) = bµ, where
λ, µ ∈ T, a, b ∈ R and ab ≠ 0, then lm(pq) = lm(p)lm(q) = abλµ.
Indeed, any monomial of pq is a sum of monomials of the form
forma rα·sβ, where rα is a monomial of p and sβ is a monomial of q.
But α ≤ λ and β ≤ µ, so αβ ≤ λβ ≤ λµ. Thus, abλµ = lm(pq).
We proceed to the proof of the theorem. Let g be a symmetric
polynomial and let lm(g) = aX 1i1 … X nin . Then i1 ≥ i2 ≥ …≥ in (if not,
then there exists a k such that ik < ik+1, and aX 1i1 … X kik +1 X kik+1 … X nin is
also a monomial in g, strictly greater than lm(g), contradiction). We
want to find a polynomial p of the form as1j1 … snjn , such that
lm(p) = lm(g). Using the above property,
lm ( as1j1 … snjn ) = aX 1j1 ( X 1 X 2 ) 2 … ( X 1 … X n ) n
j j
This monomial equals lm(g) if and only if j1 + … + jn = i1,

j2 + … + jn = i2, …, jn = in. Thus jn = in, jk = ik − ik + 1, for 1 ≤ k < n. The
polynomial
g1 := g − as1j1 … snjn
is symmetric and lm(g1) < lm(g). If lm(g1) = 0, then g1 = 0 and we are
finished. If lm(g1) ≠ 0, replace g by g1 and apply the procedure above.
The algorithm terminates in a finite number of steps because any
strictly decreasing sequence of terms must be finite, as the next lemma
shows. This concludes the existence part of the proof.
Let us prove the uniqueness (or, equivalently, Kerψ = 0). Suppose
there exists a nonzero polynomial p ∈ R[X1,…, Xn] such that
83
A relation that is reflexive and transitive, but not necessarily antisymmetric.
352 Appendices
ψ(p) = p(s1, …, sn) = 0. We claim that there exists a unique nonzero

monomial λ of p such that lm(ψ(p)) = lm(λ(s1, …, sn)). Indeed, if
α = X 1i1 … X nin and β = X 1j1 … X njn are distinct terms, then:
lm(α(s1, …, sn)) = X 1i1 +…+in … X nin ≠ X 1j1 +…+ jn … X njn = lm(β(s1, …, sn)).
Thus, there exists a unique nonzero monomial λ of p such that
lm(λ(s1, …, sn)) = max {lm(α(s1, …, sn)) | α is a monomial of p}.
Since p(s1, …, sn) = ∑{α(s1, …, sn) | α is a monomial of p}, we
have lm(p(s1, …, sn)) = lm(λ(s1, …, sn)) ≠ 0, contradicting that
p(s1, …, sn) = 0. !
3.7 Lemma. a) Let (A, ≤) and (B, ≤) be well ordered sets. Then A×B
is well ordered by the (lexicographic) order defined as (a, b) ≤ (a', b')
if and only if a < a' or (a = a' and b ≤ b').
b) In a well ordered set (A, ≤) there exist no infinite strictly
decreasing sequences.
c) For n ∈ N, the set Tn of the terms in R[X1,…, Xn] is well ordered
by the lexicographic order (thus any strictly decreasing sequence of
terms must be finite).
Proof. a) Recall that the ordered set (A, ≤) is called well ordered if
for any nonempty subset S of A, ∃α ∈ S such that α ≤ a, ∀a ∈ S (α is
unique with this property and is called the smallest element of S. Thus,
A is well ordered if any nonempty subset has a smallest element). Let
∅ ≠ S ⊆ A×B. Since S1 := {a ∈ A | ∃b ∈ B cu (a, b) ∈ S} ≠ ∅, and A is
well ordered, there exists its smallest element α ∈ S1 (so, ∀(a, b) ∈ S,
α ≤ a). Let S2 := {b ∈ B| (α, b) ∈ S}. There exists the smallest element
β of S2. Then (α, β) is the smallest element of S: ∀(a, b) ∈ S, we have
α < a (thus (α, β) < (a, b)) or α = a, in which case b ∈ S2, so β ≤ b.
b) Let (an)n ≥ 1 be a decreasing sequence of elements in A. Then the
set {an | n ≥ 1} has a smallest element ak. For any n ≥ k, we must have
then ak ≤ an; since an ≤ ak (the sequence is decreasing), an = ak and the
sequence is not strictly decreasing.
n
c) Induction on n. If n = 1, T1 = {X | n ∈ N} is isomorphic as an
ordered set to (N, ≤), which is well ordered. If n > 1, then Tn, ordered
lexicographically, is isomorphic to Tn−1 × T1 with the order defined as
in a). By induction, Tn−1 is well ordered and, by a), Tn−1 × T1 is well
ordered.
The theorem 3.6 extends easily to symmetric rational fractions.
3.8 Corollary. (The fundamental theorem of the symmetric rational

fractions) Let R be a domain and let K be its field of fractions. If p,
q ∈ R[X1,…, Xn], q ≠ 0, are such that p/q is a symmetric rational frac-
tions, then there exist the polynomials f, g ∈ R[X1,…, Xn] such that
p f ( s1 ,… , sn )
= . In other words, the subfield of the rational symmet-
q g ( s1 ,…, sn )
ric fractions of the field K(X1,…, Xn) is K(s1,…, sn).
Proof. If q is a symmetric polynomial, then p is symmetric, being
the product q·(p/q) in the subfield of the symmetric rational fractions.
From 3.6, it follows that p, q ∈ R[s1,…, sn]. If q is not symmetric, let
s = ∏σ ∈Snϕσ(q). Then s is symmetric and
p p ∏σ ≠id ϕσ (q )
= ,
q s
and we are in the conditions of the first case. !
The symmetric polynomial tm := X 1m +…+ X nm ∈ R[X1,…, Xn]
(m ∈ N) is expressible using the fundamental symmetric polynomials
s1, …, sn. The following identities allow a recursive computation of tm
as a polynomial of s1, …, sn.
3.9 Proposition. (Newton's identities) Let m ∈ N. In R[X1,…, Xn]

the following relation holds:
m−2 m−1
tm = s1 tm − 1 − s2 tm − 2 + … + (−1) sm − 1 t1 + (−1) msm.
354 Appendices
Proof. If m > n, the convention sk = 0 for k > n truncates the for-

mula above (there are only n terms).
Let r ≤ n and let (a1, …, ar) be an r-uple of natural numbers with
a1 ≥ a2 ≥ … ≥ ar. Let s(a1, …, ar) be the unique symmetric polynomial
in R[X1,…, Xn] having the leading monomial X 1a1 X 2a2 … X rar .
For instance, s(m, 0, …, 0) = X 1m +…+ X nm = tm,
s(1, 1, 0, …, 0) = X1 X2 + X1 X3 + … = s2.
To simplify notations, let 1i := (1, …, 1) (1 appears i times) and
(a, 1i) := (a, 1, …, 1) (1 appears i times); also, we omit writing a se-
quence of 0's: s(m, 0, …, 0) = s(m), s(1, 1, 0, …, 0) = s(1, 1) = s2,
s(1i, 0, …, 0) = s(1i) = si. The following relations can be verified eas-
ily:
s1 tm − 1 = tm + s(m − 1, 1)
s2 tm − 2 = s(m − 1, 1) + s(m − 2, 1, 1)
s3 tm − 3 = s(m − 2, 1, 1) + s(m − 3, 1, 1, 1)
…
More generally, for any i ≤ min{m − 1, n},
si tm − i = s(m − i + 1,1i) + s(m − i,1i).
If m ≤ n and i = m − 1, then
sm − 1t1 = s(2,1m − 2) + msm.
If m > n = i, then
sn tm − n = s(m − n + 1,1n − 1).
Newton's identities follow by using the relations above in the sum
∑1≤ i< m (−1)i−1si tm−i. !
4. Rings and modules of fractions
The method of construction of the field Q from the domain Z

generalizes naturally to any commutative ring R (although in general
4. Rings and modules of fractions 355
the result will not be a field). In Q, all nonzero elements in Z become

invertible. In many cases, there is no need that all nonzero elements in
a ring R become invertible in some “extension” of R. It is thus natural
to define a concept corresponding to the notion of “set of denomina-
tors”. In what follows, all rings are commutative with identity and R
denotes such a ring.
4.1 Definition. A subset S of R is called a multiplicatively closed

set (or a multiplicative set) if:
a) 1 ∈ S.
b) 0 ∉ S.
b) ∀s, t ∈ S ⇒ st ∈ S.
These conditions are natural for a “set of denominators”: 1 must be
a denominator, 0 cannot be one, and the product of two denominators
is also a denominator.
n
For example, Z \ {0}, Z \ 2Z, {2 | n ∈ N} are multiplicatively
closed sets in Z.
For a given ring R and a multiplicatively closed set S ⊆ R, we con-
struct a ring T and a ring homomorphism ϕ : R → T, such that the im-
ages by ϕ of all elements in S are invertible in T (T is thus an
R-algebra and ϕ is its structural homomorphism).
4.2 Definition. On the set R × S = {(a, s) | a ∈ R, s ∈ S} we define

the relation:
∀(a, s), (b, t) ∈ R × S, define: (a, s) ∼ (b, t) ⇔ ∃u ∈ S such that
u(ta − sb) = 0.
4.3 Remark. In the classic case of the construction of Q we have:
R = Z, S = Z* and the following relation is used: ∀(a, s), (b, t) ∈ R × S,
(a, s) ∼ (b,t) ⇔ ta − sb = 0. In this case the relation obtained coincides
with the one in definition 4.2 (prove this!). The reason for adopting the
356 Appendices
definition 4.2 is to handle the more general case when the multiplica-
tively closed set S possibly contains zero divisors.
4.4 Proposition. The relation " ∼ " is an equivalence relation on

R × S.
Proof. We prove only the transitivity. Let (a, s), (b, t), (c, u) ∈ R × S
such that (a, s) ∼ (b,t) and (b, t) ∼ (c,u). Then ∃v, w ∈ S such that
v(ta − sb) = 0 and w(ub − tc) = 0. Multiply the first equality by uw and
the second by sv and add. We obtain
uwvta − uwvsb + svwub − svwtc = 0 ⇔ vwt(ua − sc) = 0.
Since S is multiplicatively closed, vwt ∈ S, so (a, s) ∼ (c,u). !
4.5 Definition. Let (a, s) ∈ R × S. The equivalence class of (a, s)

a
with respect to "∼" is denoted by or a/s and is called a fraction or a
s
quotient (of denominator s and numerator a). Thus:
a
= a/s = {(b, t) ∈ R × S | (b, t) ∼ (a, s)}.
s
The factor set R × S/∼ (the set of all equivalence classes) is denoted
−1
by S R:
−1
S R := { a/s | a ∈ R, s ∈ S}.
a ta
It easy to see that = , ∀s,t ∈ S, ∀a ∈ R.
s ts
−1
We define on S R two operations, having in mind the usual rules
of addition and multiplication of fractions. For any (a, s), (b, t) ∈
R × S, define:
a b ta + sb
+ :=
s t st
a b ab
⋅ :=
s t st
−1
4.6 Proposition. The operations defined above on S R are cor-
−1
rectly defined and S R becomes a commutative ring with identity.
−1
The elements 0 and 1 in S R are:
0 0
0 = = , ∀s ∈ S;
1 s
1 s
1 = = , ∀s ∈ S.
1 s
−1
The mapping ϕ : R → S R, ϕ(a) = a/1, ∀a ∈ R, is a ring
−1
homomorphism, called the canonical homomorphism (thus S R is an
R-algebra).
Proof. We check that the addition is correctly defined. Let (a, s),
(b, t), (a', s'), (b', t') ∈ R × S, such that (a, s) ∼ (a', s') and (b, t) ∼ (b', t').
We must show that (ta + sb, st) ∼ (t'a' + s'b', s't'). Let u, v ∈ S such that
u(s'a − sa') = 0 and v(t'b − tb') = 0. Multiply the first of these equalities
by tt'v and the second by ss'u and add them. We obtain
vu((ta + sb)s't' − (t'a' + s'b')st) = 0.
The rest of the proof (the multiplication is correctly defined; check-
−1
ing the axioms for the ring S R) is left to the reader. !
Note that any s ∈ S is taken by ϕ into an invertible element in
−1 −1
S R: ϕ(s) = s/1 has the inverse 1/s ∈ S R.
Moreover, the homomorphism ϕ is injective ⇔ S contains no zero
divisors. Indeed, a/1 = 0/1 ⇔ ∃u ∈ S such that ua = 0.
−1
If 0 ∈ S, then S R is the zero ring (with only one element,
0/1 = a/s, ∀a ∈ R, ∀s ∈ S); for this reason the condition 0 ∉ S is im-
posed in the definition of a multiplicatively closed set.
−1
The ring S R is called the ring of fractions (or the ring of quo-
tients) of R with respect to the multiplicatively closed set S.
−1
In the important case when R is a domain and S = R \ {0}, S R is a
field, called the field of fractions (or field of quotients) of R, and de-
noted Q(K).
358 Appendices
4.7 Example. a) The field of quotients of Z is Q.

b) For any field K, the field of quotients of the polynomial ring
K[X] is denoted by K(X) and is called the field of rational fractions
f
with coefficients in K. Its elements are “fractions” of the form ,
g
where f, g ∈ K[X], with g ≠ 0. Similarly, the field of quotients of the
polynomial ring K[X1, …, Xn] is denoted by K(X1, …, Xn) and is called
the field of rational fractions in n indeterminates with coefficients in
K.
c) The field of quotients of Z[X] is (isomorphic to) Q(X) (prove
this!).
For any domain R, Q(R) is the “smallest” field that “includes” R.
−1
More generally, S R is the “smallest” ring that includes R (if S con-
tains no zero divisors) such that all elements in S are invertible in
−1
S R. This fact is stated rigorously as follows:
4.8 Theorem. (The universality property of the ring of fractions)

−1
Let S be a multiplicatively closed subset of R. Then S R is a
−1
commutative ring with identity and ϕ : R → S R is a ring
−1
homomorphism such that ϕ(s) is invertible in S R, ∀s ∈ S. Moreover,
−1
the pair (ϕ, S R) is universal relative to this property, namely:
For any pair (γ, T) where T is a commutative ring with identity and
γ : R → T is a ring homomorphism, such that γ(s) is invertible in T,
−1
∀s ∈ S, there exists a unique ring homomorphism g : S R → T such
that γ = gϕ.
−1
Proof. Define g(a/s) = γ(a)(γ(s)) , ∀a ∈ R, ∀s ∈ S. The reader can
easily verify that g is correctly defined, that it is a ring homomorphism
and it is the only one with γ = gϕ. !
−1
The “complete” structure of S R is that of R-algebra, the canoni-
cal homomorphism ϕ being the structural homomorphism. In this set-
ting, the above property reads:
For any commutative R-algebra (γ, Τ), where γ : R → T is the
structural homomorphism, such that γ(s) is invertible in T for any
−1
s ∈ S, there exists a unique R-algebra homomorphism g : S R → T.
As expected, the universality property of the ring of fractions deter-
mines the ring of fractions up to a (unique) isomorphism:
4.9 Theorem. Let S be a multiplicatively closed subset of R. As-

sume B is a commutative ring with identity and β : R → B is a homo-
morphism satisfying the property:
For any commutative ring with identity T and any ring
homomorphism γ : R → T such that γ(s) is invertible in T, ∀s ∈ S,
there exists a unique ring homomorphism g : B → T such that γ = gβ.
−1
Then there exists a unique ring isomorphism h : S R → B such
that hϕ = β. !
The above construction can be applied to an R-module M, with mi-
nor modifications. Given a multiplicatively closed subset S ⊆ R and an
R-module M, we define on M × S the equivalence relation: ∀(a, s),
(b, t) ∈ M × S, (a, s) ∼ (b, t) ⇔ ∃u ∈ S such that u(ta − sb) = 0 (cf. 4.2).
−1
The following result is proven exactly like in the case of S R:
4.10 Proposition. Let M be an R-module and let S be a multiplica-

tively closed subset of R. Then the relation " ∼ " defined above is an
x
equivalence relation on M × S. Denoting by the equivalence class
s
of (x, s) ∈ M × S and S M := ⎧⎨ x ∈ M , s ∈ S ⎫⎬ , S M becomes an
−1 x −1
⎩ s ⎭
Abelian group with the addition: ∀x, y ∈ M, ∀s, t ∈ S,
360 Appendices
x y tx + sy
+ := .
s t st
−1 −1
Moreover, S M is an S R-module with the multiplication defined
by: ∀a ∈ R,∀x ∈ M, ∀s, t ∈ S,
a x ax
⋅ := . !
s t st
−1 −1
The S R-module S M is called the module of fractions (or quo-
tients) of M relative to the multiplicatively closed subset S. The homo-
−1
morphism ϕM : M → S M, ϕM(x) = x/1, ∀x ∈ M, is called the canoni-
cal homomorphism.
The connection between the ideals of R and the ideals of the ring of
fractions is very close. An immediate property is:
4.11 Proposition. Let I be an ideal in the ring R. Then

−1 −1
S I := {a/s | a ∈ I, s ∈ S} is an ideal in S R. Moreover, any ideal in
−1 −1
S R is of the form S I, for some ideal I in R.
−1 −1 −1
Proof. It is immediate that S I ≤ S R if I ≤ R. If now J ≤ S R, let
−1
I := ϕ (J) (an ideal in R). We have a/1 ∈ J ⇔ ∃s ∈ S such that
−1
a/s ∈ J. Thus ϕ (J) = {a ∈ R | ∃s ∈ S such that a/s ∈ J}. Then
−1
S I = {a/s | a ∈ I, s ∈ S} = J. !
A similar connection exists between the submodules of M and the
−1
submodules of S M (can you state and prove it?).
4.12 Definition. A multiplicatively closed subset S ⊆ R is called

saturated if all the divisors of the elements in S are also in S: ∀s ∈ S,
∀d, r ∈ R, dr = s implies d ∈ S and r ∈ S. If S is an arbitrary
multiplicatively closed set, let
S' := {d ∈ R | ∃r ∈ R, ∃s ∈ S such that dr = s}.
S' is called the saturate of the multiplicative set S. Evidently, S is
saturated ⇔ S = S'.
The following property says that the any ring of fractions can be
constructed using a saturated multiplicative set.
4.13 Proposition. Let S be multiplicative set in the ring R. Then:

a) S' is a saturated multiplicative set of R.
−1 −1
b) There exists a canonical isomorphism S R ≅ S' R.
Proof. a) Check the definition.
b) We denote the equivalence relation on S' × R (defined as in 4.2)
with ≈ ; the equivalence class of (a, s) in R × S' is denoted by
−1
a//s ∈ S' R (in order to distinguish from the fraction a/s which may
−1 −1 −1
be in S R). Define the canonical mapping ϕ : S R → S' R,
−1
ϕ(a/s) = a//s, ∀a/s ∈ S R. The definition is independent on the
choice of the representatives a and s: if (a, s) ∼ (b, t), then (a, s) ≈ (b, t).
Clearly, ϕ is a ring homomorphism. We have
−1
Ker ϕ = {a/s ∈ S R | a//s = 0//1}. But a//s = 0//1 ⇔ ∃u ∈ S' such
that ua = 0. Thus, ∃r ∈ R such that ur ∈ S and ura = 0, i.e. a/s = 0/1.
−1
Therefore, Ker ϕ = {0/1}. Also, ϕ is surjective: if a//d ∈ S' R, with
a ∈ R, d ∈ S', then there exists r ∈ R such that dr ∈ S. It is clear then
that r ∈ S', so a//d = ar//dr = ϕ(ar/dr). !
An important example of a multiplicative set and its corresponding
ring of fractions is the following:
4.14 Proposition. Let P be a prime ideal in the ring R. Then

−1
S := R \ P is a multiplicative subset in R and the ring of fractions S R
has a unique maximal ideal (it is a local ring).
Proof. The definition of a prime ideal can be stated as follows: for
any a, b ∉ P, then ab ∉ P, which means that S is multiplicatively
−1 −1
closed. If I ≤ R, with I ∩ S ≠ ∅, then S I = S R. Indeed, if s ∈ I ∩ S,
−1 −1
then s/1 ∈ S I and it is invertible, so S I = R. Thus, the proper ideals
−1 −1
of S R are of the form J = S I, where I ∩ S = ∅ (⇔ I ⊆ P), so
−1 −1
J ⊆ S P. But S P is a proper ideal: if 1/1 = p/s, with p ∈ P, s ∈ S,
362 Appendices
then ∃u ∈ S such that u(s − p) = 0 ⇒ us ∈ P ⇒ u ∈ P or s ∈ P, contra-

−1 −1
dicting S = R \ P. Thus, S P is the unique maximal ideal in S R. !
If u : M → N is an R-module homomorphism, then we define the
mapping
−1 −1 −1 −1
S u : S M → S N, (S u)(x/s) := u(x)/s, ∀x ∈ M, ∀s ∈ S.
−1 −1
S u is easily seen to be an S R-module homomorphism and it is
−1
the unique S R-module homomorphism with the property that
−1 −1 −1
(S u)◦ϕM = ϕN◦u, where ϕM : M → S M and ϕN : N → S N are the
canonical homomorphisms.
Thus, for a fixed multiplicatively closed subset S, we defined a
functor:
−1 −1
S − : R-Mod → S R-Mod.
−1
Moreover, S − is an additive functor: for any R-module homomor-
phisms u1, u2 : M → N,
−1 −1 −1
S (u1 + u2) = S u1 + S u2.
−1 −1
4.15 Proposition. The functor S − : R-Mod → S R- Mod is ex-
act: if the sequence
u v
A⎯⎯→ B⎯⎯→ C
is exact in R-Mod, then the sequence
−1 −1
S −1 A ⎯S⎯
⎯u → B ⎯S⎯⎯v → S −1C
−1
is exact in S R- Mod. !
The unproven statements above are proposed as exercises.
5. Categories, functors
The category language is nowadays all-pervading throughout

mathematics. Introduced in 1942 by MacLane and Eilenberg, the con-
5. Categories, functors 363
cept of category marks a new step of abstraction in mathematics. For

instance, from the abstract notion of integer one passes to the notion
of set of integers Z (as a new object of study, endowed with a certain
structure). Generalizing key properties of Z yields the concept of ring.
This leads to the study of structures given by axioms (such as the
structures of group, ring, field, topological space etc). For a certain
type of structure, usually a natural notion of homomorphism arises (for
example, the familiar notion of group homomorphism, or ring homo-
morphism).
The philosophy in the category theory is to study the class of all
structures of a certain type (for instance the class of all rings) using the
homomorphisms between these structures, and ignoring the elements
of these structures. One advantage of this approach is given by
generality: a result that holds in any category is valid in the category
of groups, and also in the category of topological spaces etc. Besides
many results and clarifications brought in almost all areas of
mathematics, the category theory simplifies, unifies (to a certain ex-
tent) and standardizes the language of mathematics.
We present here some basic concepts on categories that are useful
for a better understanding of several topics. A detailed presentation of
category theory is to be found for instance in HERRLICH, STRECKER
[1979].
Before proceeding to the definition of a category, we briefly de-
scribe the concept of class.
The notion of class is introduced in the axiomatic set theory (in or-
der to avoid the paradoxes generated by considering “very large sets”).
In this theory, the notion of set and the relation "∈" (“belongs to”) are
primary notions (are undefined); also, all objects are sets. Any ele-
ment of a set is thus also a set.
364 Appendices
Formally, (in the Zermelo-Fraenkel theory84) a class is an expres-

sion of the formal language of the set theory85 that contains exactly
one free variable (in other words, a predicate with one variable). Of
course, if P(x) is a predicate, the class P defined by P(x) is intuitively
the “collection” of all objects (i.e. sets) x for which P(x) is true. Instead
of writing "P(x) is true" one writes "x ∈ P", by analogy with the set
language. Any set A is a class (corresponding to the predicate
"x ∈ A"), but there exist classes that are not sets (for instance, the class
of all sets, defined by the predicate "x = x").
If P and Q are classes, defined by the predicates P(x) and Q(x), their
union P ∪ Q is the class P(x) ∨ Q(x); their intersection P ∩ Q is the
class P(x) ∧ Q(x). We say that P ⊆ Q if the proposition
∀x(P(x) → Q(x)) is true. Similarly, one can define the analogue for
classes of the usual set operations. For details, see
5.1 Definition. A category C consists of the following data:

- a class Ob C. The elements of Ob C are called the objects of the
category C.
- for every couple (A, B), where A, B ∈ Ob C, a (possibly empty) set
HomC(A, B) is given. The elements of HomC(A, B) are called mor-
phisms (or arrows) from A to B. The fact that u ∈ HomC(A, B) is also
written u : A → B or A ⎯ u
⎯→ B ; A is the domain (or source) and B is
84
In the Gödel-Bernays-von Neumann theory, the notion of class is a primary
notion. The sets are exactly the classes that are elements of some class.
85
We do not define here this formal language. Roughly speaking, it consists of
expressions (strings of symbols) formed from the atomic expressions (of the type
x = y or x ∈ y) by using the logical operators ∨, ¬, ∧ and the quantifiers ∀ and ∃.
For instance "(∀x(x ∈ y))∧ (∃z(y = z)∨¬(z = a))" is an expression, in which x and z
are bound variables and y is a free variable. If a is assumed to be a constant, then
this expression is a predicate (it has one free variable, namely y). An expression with
no free variables is a proposition.
the codomain (or sink) of u. The class ∪{HomC(A, B)| A, B ∈ Ob C} is

denoted Hom C and is called the class of the morphisms of the cate-
gory C.86
- for any triple (A, B, C) of objects of C there exists a function de-
fined on HomC(B, C)×HomC(A, B) with values in HomC(A, C). The im-
age of the couple (v,u) is denoted by v◦u (or simply vu) and is called
the composition of the morphisms v and u.
In any category C the following axioms must be satisfied:
1) Any morphism has a unique domain and a unique codomain: for
any A, B, C, D ∈ Ob C, (A, B) ≠ (C, D) implies
HomC(A, B)∩HomC(C, D) = ∅.
2) The composition of morphisms is associative: ∀A, B, C,
D ∈ Ob C and ∀u : A → B, v : B → C, w : C → D, we have
w(uv) = (wu)v (denoted usually by wuv).
3) ∀A ∈ Ob C, there exists a morphism 1A : A → A (called the iden-
tity morphism of A) such that, ∀B ∈ Ob C and ∀u : A → B, v : B → A,
we have u◦1A = u and 1A◦v = v.
5.2 Remark. a) The identity morphism of an object A is unique: if

j: A → A is an identity morphism of A, then j = j◦1A = 1A.
b) In the definition of a category, the morphisms are essential. One
can identify an object A ∈ Ob C with its identity morphism 1A. The
notion of category can be defined using only the concept of morphism.
5.3 Examples. a) The category Set of all sets. Its objects are sets. If
A and B are sets, HomSet(A, B) is the set of all functions ϕ : A → B.
The composition of morphisms in Set is the usual function composi-
tion. The identity morphism of A is the identity function of A.
86
Formally, it is the class defined by the predicate H(u) = "∃A∃B(A ∈ Ob C ∧
B ∈ Ob C ∧ u ∈ Hom(A, B))".
366 Appendices
b) The category Gr of groups. Ob Gr is the class of groups and

HomGr(G, H) is the set of group homomorphisms from G to H, ∀G,
H ∈ Ob Gr. As in Set, the composition is the usual function composi-
tion.
c) Let R be a ring with identity. The category R-Mod has as objects
left R-modules, and the morphisms are R-module homomorphisms,
with the usual composition. In the same way one defines the category
Mod-R of right R-modules.
d) One can define similarly the following categories:
- Ring: the rings with the ring homomorphisms.
- Ringu: the rings with identity, the morphisms are ring homo-
morphism preserving the identity.
- Ab: the Abelian groups, with the group homomorphisms
- Poset: the (partially) ordered sets, the morphisms being the order
preserving mappings.
d) Let (A, ≤) be a set equipped with a preorder relation (a transitive
and reflexive relation). Define a category A, with Ob A := A. For any
a, b ∈ Ob A, set
⎧ {(a, b)}, if a ≤ b
HomA(a, b) = ⎨
⎩ ∅, else
The reader is invited to define the composition of morphisms and
check the axioms 1) − 3).
e) Let (G, ·) be a monoid (the operation is associative and has a neu-
tral element). Define a category G as follows: Ob G is a set with one
element (for instance Ob G = {G}), and HomG(G, G) = G (the mor-
phisms are the elements of G); the composition of the morphisms a,
b ∈ G is a·b (where · is the operation on G). The identity morphism is
the identity element.
The reader can easily produce other examples of categories, based
on hers/his mathematical background (the category of semigroups, the
category of finite sets, the category of fields, the category of topologi-
cal spaces, the continuous mapping being the morphisms etc.). In each
situation it is necessary to state exactly the class of the objects of the
category, the set of morphisms between two arbitrary objects, the
composition of morphisms and check axioms 1)-3).
Often the writing A ∈ C replaces A ∈ Ob C, if no confusion arises.
5.4 Definition. A category C is called a subcategory of a category

D if Ob C ⊆ Ob D and, ∀A, B ∈ Ob C, HomC(A, B) ⊆ HomD(A, B);
moreover, the composition of two morphisms in C is their composi-
tion in D. We call C a full subcategory of D if ∀A, B ∈ Ob C,
HomC(A, B) = HomD(A, B).
For instance, Ab is a full subcategory of Gr; Gr is a subcategory of
Set, but not a full subcategory.
5.5 Definition. We define now some remarkable objects and mor-

phisms in a category C that generalize familiar concepts.
a) An object I ∈ C is called an initial object if ∀A ∈ C,
|HomC(I, A)| = 1 (there exists a unique morphism I → A). An object F
is called a final object if ∀A ∈ C, |HomC(A, I)| = 1. An object that is
simultaneously initial and final is called a zero object.
b) A morphism u : A → B is called:
- a monomorphism if ∀C ∈ C, ∀v, w ∈ HomC(B, A), uv = uw im-
plies v = w.
- an epimorphism if ∀C ∈ C, ∀v, w ∈ HomC(B, C), vu = wv im-
plies v = w.
- a bimorphism if it is both a monomorphism and an epimor-
phism.
- an isomorphism if there exists v : B → A such that uv = 1B and
~ B is
vu = 1A (v is called then the inverse of u). The notation A →
used to denote an isomorphism.
368 Appendices
Two objects A, B ∈ C are called isomorphic (written A ≅ B) if there

exists an isomorphism A → B. The relation of isomorphism on the
class Ob C is an equivalence relation.
5.6 Examples. a) In Gr there exist initial objects, namely the

groups having one element (necessarily the neutral element of that
group). These are also final objects (thus they are zero objects) in Gr.
The same remark holds for Ab and R-Mod.
b) In Set the empty set ∅ is the only initial object87; any set with
one element is a final object. Set has no zero objects.
c) The monomorphisms in Set (as in Gr, Ab, R-Mod) are the mor-
phisms that are injective functions. Which are the epimorphisms? In
these categories the isomorphisms coincide with the bimorphisms.
d) In the category Ann of rings with identity, the inclusion Z → Q
is a monomorphism and an epimorphism, and is not a surjective func-
tion or an isomorphism.
5.7 Proposition. Let C be a category and let a A, B be initial ob-

jects in C. Then there exists a unique isomorphism A → ~ B.
Proof. Since A is an initial object, there exists a unique morphism
ϕ : A → B. But B is an initial object, thus there exists a unique mor-
phism ψ : B → A. The morphism ψϕ : A → A is equal to 1A (because
there exists a unique morphism A → A). Likewise, ϕψ = 1B. So, ϕ and
ψ are isomorphisms, inverse to each other. !
It is important to point out that various “universality properties”
that some objects satisfy are simply a restatement of the fact that those
objects are initial (or final) objects in certain categories. In this situa-
tion, the propositions of the type “the universality property of …
determines … up to a unique isomorphism” merely translate for a spe-
87
For any set A, there exists a unique function ∅ → A, namely the function ∅.
cific category the assertion “between any two initial (final) objects in
a category there exists a unique isomorphism”.
5.8 Examples. a) The direct sum. Let (Mi)i∈I be a family of objects

in R-Mod. Let S be the category whose objects are couples of the form
(S, (σi)i∈I), where S ∈ R-Mod and σi : Mi → S are morphisms in
R-Mod, ∀i ∈ I. If (S, (σi)i∈I), (T, (τi)i∈I) ∈ S, define the morphisms in S
between these objects as the R-module homomorphisms ϕ : S → T
such that ϕσi = τi, ∀i ∈ I. Check the axioms for a category and the fol-
lowing assertion:
(S, (σi)i∈I) is a direct sum of the family (Mi)i∈I, of canonical injec-
tions (σi)i∈I, is tantamount to saying that (S, (σi)i∈I) is an initial object
in S.
b) The direct product. Let (Mi)i∈I be a family of objects in R-Mod.
Then: (P, (πi)i∈I) is a direct product of the family (Mi)i∈I ⇔ (P, (πi)i∈I)
is a final object in a certain category (describe it!).
An important principle, often invoked, is the principle of duality.
5.9 Definition. If C is a category, the dual category C° is defined as

follows: Ob C° := Ob C; if A ∈ Ob C, let A° be the object A seen in C°.
For any A, B ∈ Ob C, let HomC°(B°, A°) := HomC(A, B). A morphism
u : A → B in C is denoted u° : B° → A° in C°. The Composition in C°
of the morphisms u° : B° → A° and v° : C° → B° is defined by
u°v° := (vu)°, where vu is the composition of u : A → B and v : B → C
in C. Evidently, there exists 1A° = (1A)°.
Intuitively, the dual of the category C is obtained by “reversing the
arrows” in C (and reversing the order of composing the arrows).
Let P be a statement formulated in terms of objects and morphisms.
For each category C, one obtains a proposition, denoted P(C). Let P°
370 Appendices
be the dual statement (obtained from P by reversing the arrows and

the order in composing the arrows)88. The principle of duality is the
following: If P is valid in any category, then P° is valid in any cate-
gory.
Similarly, any notion (definition) in a category has a dual notion,
obtained by reversing the arrows and the order in composing the ar-
rows. A notion that coincides with its dual is called autodual.
5.10 Example. a) The dual of the notion of initial object is the no-
tion of final object.
b) The dual of the notion of monomorphism is the notion of
epimorphism.
c) The notion of isomorphism is autodual.
d) We saw that: for any category C, any two initial objects in C
(if any) are isomorphic. By dualization, one obtains (no new proof
needed): for any category C, any two final objects in C (if any) are
isomorphic.
The intuitive concept of “morphism of categories” is the notion of
functor.
5.11 Definition. Let C and D be categories. A covariant functor F

from C to D, denoted F : C → D, is a couple F = (F', F"), where
F' : Ob C → ObD, F": Hom C → Hom D, such that:
(F1) ∀A, B ∈ Ob C, F"(HomC(A, B)) ⊆ HomD(F'(A), F'(B)); in other
words, if u : A → B, then F"(u) : F'(A) → F'(B).
(F2) F preserves the composition of morphisms: ∀A, B, C ∈ Ob C
and ∀u : A → B, v : B → C, then F"(v◦u) = F"(v)◦F"(u).
(F3) F preserves the identity morphisms: ∀A ∈ C, F"(1A) = 1F"(A).
88
in other words, P°(C) is the same thing as P(C°) interpreted in C.
A contravariant functor F : C → D satisfies F3 and the duals of F1

and F2:
(F1*) F"(HomC(A, B)) ⊆ HomD(F'(B), F'(A)), ∀A, B ∈ Ob C.
(F2*) ∀A, B, C ∈ Ob C and ∀u : A → B, v : B → C, then
F"(v◦u) = F"(u)◦F"(v).
A contravariant functor “reverses the arrows”. A contravariant
functor from C to D is the same as a covariant functor from C to D°
(or from C° to D). This is the reason why the results on covariant
functors transfer to contravariant functors. In what follows, “functor”
means “covariant functor”.
The distinction between the components F' and F" of the functor F
is usually dropped, denoting F(A) instead of F'(A) and F(u) instead of
F"(u). Besides, F is perfectly determined by F", its action on mor-
phisms, cf. 5.2).
A functor F : C → D is called:
- faithful if ∀A, B ∈ C, FA,B : HomC(A, B) → HomD(FA, FB) is an
injective function.
- full if ∀A, B ∈ C, FA,B : HomC(A, B) → HomD(FA, FB) is a
surjective function.
- fully faithful if it is full and faithful.
We are interested in categories in which the morphisms are func-
tions between sets:
5.12 Definition. The category C is called concrete if there exists a

covariant faithful functor F : C → Set.
The category Gr is concrete: define the functor U : Gr → Set, by
associating to any group its underlying set89 and sending any group
89
A group G is, formally, a couple (G, ·), where G is the underlying set of the
group and · : G×G → G is the group operation. Thus, a function from a group (G, ·)
372 Appendices
homomorphism u to u, seen as a function between the underlying sets.

Then U is a faithful functor (which is not full). U is called a “forgetful
functor”: it “forgets” the group structure. Similarly, Ab, Ring, R-mod
are concrete categories (why?).
In concrete categories there is a notion of free object on a set X
(compare the following definition with the universality property of the
free R-module on a set X ).
5.13 Definition. Let C be a concrete category and let F : C → Set

be a covariant faithful functor. The object L in C is called free (relative
to F) over the set X ⊆ F(L) if, for any A ∈ C and any function
γ : X → F(A), there exists a unique morphism in C, g : L → A, such
that F(g)|X = γ.
If C is one of the categories Gr, Ab, R-mod, Ring, and F is the
forgetful functor, the definition reads: L ∈ C is free over the set X ⊆ L
if, for any object A ∈ C and any function γ : X → A, there exists a
unique morphism in C, g : L → A, such that g|X = γ.
The following notion allows comparing two functors and is the
analogue of the concept of homomorphism of algebraic structures.
5.14 Definition. Let F, G : C → D be covariant functors. A natural

transformation (or a functor morphism) α : F → G is given if for any
object A ∈ C, there exists a morphism in D, αA : F(A) → G(A), such
that, for any u : A → B morphism in C, αB◦F(u) = G(u)◦αA, i.e. the
following diagram (of morphisms in D) is commutative:
to a group (H, *) is not the same thing as a function between their underlying sets G
and H. For this reason, Gr is not a subcategory of Set.
6. Solvable groups 373
F (u )
F ( A) ⎯⎯ ⎯ ⎯⎯→ F (B )
αA αB
G (u )
G ( A) ⎯⎯ ⎯ ⎯⎯→ G (B )
If , for any A ∈ C, αA : F(A) → G(A) is an isomorphism in D, then
α : F → G is called a natural isomorphism, in which case the functors
F and G are called naturally isomorphic.
Many “canonical isomorphisms” in module theory (for instance)
express the fact that there exists a natural isomorphism between some
functors.
6. Solvable groups
The notion of solvable group is closely connected with the solvabil-

ity by radicals of a polynomial.
In what follows, (G, ·) is a group and its neutral element is denoted
by 1. The trivial subgroup {1} is also denoted 1. The notation H ≤ G
signifies “H is a subgroup of G”, and H . G means “H is a normal
subgroup of G”.
6.1 Definition. The group G is called a solvable group if there ex-

ists a finite chain of subgroups of G:
1 = G0 ≤ G1 ≤ … ≤ Gn = G, (S)
such that:
i) Gi−1 . Gi, ∀i, 1 ≤ i ≤ n;
ii) The factor groups Gi/Gi−1 are Abelian, ∀i, 1 ≤ i ≤ n.
374 Appendices
A chain of subgroups (S) that satisfies (i) is called a normal series

of G.90 A chain (S) satisfying i) and ii) is called a solvable series of G.
The number n is called the length of the series (S). The groups Gi/Gi−1
are called the factors of the normal series (S).
6.2 Examples. a) Any Abelian group is solvable.

b) Let n ∈ N* and let Sn be the group of all permutations on n ob-
jects (also called the symmetric group on n objects). Let An be the
alternating group on n objects, namely the subgroup of Sn formed by
the even permutations. An is a subgroup of index 2 in Sn (it is the ker-
nel of the sign homomorphism ε : Sn → {− 1, 1}), thus it is normal in
Sn.
The group S3 is solvable (and not Abelian!), a solvable series being
1 ≤ A3 ≤ S3. Indeed, A3 has 3 elements, so it is Abelian; A3 is normal in
S3, and the factor S3/A3 is Abelian, since it has 2 elements.
c) S4 is solvable. A solvable series is 1 ≤ V ≤ A4 ≤ S4, where V = {1,
(12)(34), (13)(24), (14)(23)}91. Check the details!
d) Any nonabelian simple group (i.e. having no proper normal sub-
groups) is not solvable.
Before studying solvable groups, let us recall some elementary re-
sults in group theory.
6.3 Theorem. (The fundamental isomorphism theorem) Let

ϕ : G → G' be a group homomorphism. Then there exists a canonical
isomorphism
G/Kerϕ ≅ Imϕ
xKerϕ & ϕ(x) !
90
Some authors use in this case the term “subnormal” and call a “normal series”
a chain (S) of normal subgroups of G.
91
V is also called the Klein group (the “Viergruppe”).
6.4 Theorem. (Second isomorphism theorem) Let G be a group, let

H and N be subgroups of G, such that N is a normal subgroup in the
group (H, N) generated by H ∪ N in G. Then (H, N) = HN =
{hn | h ∈ H, n ∈ N} = NH, N ∩ H . H and there is a canonical
isomorphism
HN/N ≅ H/(N ∩ H). !
If H, N are subgroups of G satisfying the conditions in the previous

theorem, HN or NH denotes the subgroup generated by H ∪ N.
6.5 Theorem. (Third isomorphism theorem) Let G be a group, let A

and B be normal subgroups of G such that A ≤ B. Then B/A . G/A
and there is a canonical isomorphism
G A G
≅ . !
B A B
6.6 Proposition. (The modularity property) Let G be a group and

let A, B, N be subgroups of G, such that N is normal and B ≤ A. Then
A ∩(BN) = B ∩(AN). !
6.7 Proposition. Let G be a group.

a) If G is solvable, then each subgroup of G is solvable.
b) If G is solvable, then each factor group of G is solvable.
c) If H . G and H and G/H are solvable, then G is solvable. In
other words, if
1 → H → G → F → 1,
92
is an exact sequence of groups and group homomorphisms, then G is
solvable if and only if H and F are solvable.
92
The notion of exact sequence of groups and group homomorphisms is defined
exactly as in the case of modules.
376 Appendices
Proof. a) Let 1 = G0 ≤ G1 ≤ … ≤ Gn = G be a solvable series of G,

let H≤G and let Hi := Gi ∩ H. We claim that
1 = H0 ≤ H1 ≤ … ≤ Hn = H is solvable series of H.
Fix i, 1 ≤ i ≤ n. The canonical homomorphism ϕ : Hi → Gi/Gi−1
(ϕ(x) = xGi−1, ∀x ∈ Hi) has kernel Hi−1. Thus Hi−1 . Hi and
Hi/Hi−1 ≅ Imϕ ≤ Gi/Gi−1, which is Abelian.
b) Let F be a factor group of G. There exists a surjective homomor-
phism ϕ : G → F. If 1 = G0 ≤ G1 ≤ … ≤ Gn = G is a solvable series of
G, let Fi := ϕ(Gi). We claim that 1 = F0 ≤ F1 ≤ … ≤ Fn = F is a solvable
series of F. Since Gi−1 . Gi and ϕ is surjective, Fi−1 . Fi. Let
H = Kerϕ. Then Ker (ϕ ) = H ∩ Gi, so
Gi
Fi ≅ Gi/Ker (ϕ G ) = Gi/(H ∩ Gi) ≅ (GiH)/H.

i
We used the fundamental and the second isomorphism theorems.

Therefore:
Fi GH H GH G (G H ) Gi Gi
≅ i ≅ i = i i −1 ≅ =
Fi −1 Gi −1H H Gi −1H Gi −1H (Gi −1H ) ∩ Gi Gi −1 ( H ∩ Gi )
We used successively: the third, the second isomorphism theorems
and the modularity property for H . G and Gi−1 ≤ Gi. But:
Gi Gi Gi −1
≅ ,
Gi −1 ( H ∩ Gi ) Gi −1 ( H ∩ Gi ) Gi −1
The last group is Abelian (it is a factor group of Gi/Gi−1).
c) Any subgroup of G/H is of the form G'/H, where G' ≤ G, with
H ≤ G. Therefore, a solvable series for G/H is of the form
1 = G0/H ≤ G1/H ≤ … ≤ Gn/H = G/H, where
H = G0 ≤ G1 ≤ … ≤ Gn = G.
If 1 = H0 ≤ H1 ≤ … ≤ Hm = H is a solvable series for H, then
1 = H0 ≤ H1 ≤ … ≤ Hm = G0 ≤ G1 ≤ … ≤ Gn = G is a solvable series for
G. !
6.8 Proposition. Let G be a group. If G has a normal series whose

factors are solvable groups, then G is solvable.
Proof. If the series has length 2, there exists H . G such that H and
G/H are solvable and the previous result applies. Continue by induc-
tion on the length of the series. !
The finite solvable groups have the following property, which is
essential in the theory of solvability by radicals.
6.9 Proposition. A finite group is solvable if and only if it has a

normal sequence whose factors are cyclic groups of prime orders.
Proof. Of course, a group with the property above is solvable.
Conversely, let G be finite solvable. If |G| ≤ 3, all is clear. We sup-
pose the statement is true for any solvable group whose order is less
than |G| and we prove for G.
If G is Abelian, then use the following lemma.
Assume now that G is not Abelian. The definition of solvability im-
plies the existence of a proper normal subgroup H of G such that H is
solvable and G/H is Abelian. Since H and G/H have orders less than
|G|, the induction hypothesis says that H and G/H have each a normal
series with cyclic factors of prime orders. As in the proof of prop.
6.7.c), gluing these series yields a solvable series of G, with cyclic
factors of prime orders. !
6.10 Lemma. A finite Abelian group has a normal sequence whose

factors are cyclic groups of prime orders.
Proof. This is an easy consequence of the structure theorem of the
Abelian finite groups. We give a proof that does not use this result.
Assume first that (G, ·) is cyclic of order n, generated by x ∈ G. If n
is prime, we are finished; if not, for any d dividing n, there exists a
n/d
subgroup of order d (generated by x ). Thus, taking a prime divisor p
of n, there exists a subgroup H of order p. The factor group G/H and
H have orders less than |G|. Apply now an induction, as above.
378 Appendices
If G is not cyclic, let x ∈ G, x ≠ 1. Thus, the cyclic subgroup C

generated by x is not equal to G. Apply an induction for C and G/C, of
orders less than |G|. !
6.11 Proposition. Let G be a finite group, whose order is a power

of a prime p (such a group is called a p-group). Then G is solvable. In
particular, there exists a normal series of G whose factors are cyclic
groups of order p.
n
Proof. Let |G| = p . If n = 1, then G is cyclic, and solvable. If
n > 1, then the center of G, C(G) ≠ 1. Indeed, in the conjugacy classes
formula (IV.3.15.e)),
|G| = |C(G)| + ∑a∈S [G : C (a )] ,
(where S is a system of representatives of the conjugacy classes of G
with at least 2 elements), |G| and [G : C(a)] are powers of p, so |C(G)|
is a multiple of p (and is nonzero, since 1∈ C(G)).
Consequently, 1 ≠ C(G) . G and the factor group G/C(G) is still a
p-group, whose order is less than |G|. Using an induction argument,
we obtain that G/C(G) is solvable. Since C(G) is Abelian, thus solv-
able, we obtain that G is solvable. !
The next proposition says that among the symmetric groups Sn, the
solvable groups are exactly those in Example 6.2. The proof is not in-
cluded, being often encountered in introductory Algebra texts (see for
instance HUNGERFORD [1974])
6.12 Proposition. a) If n ≤ 4, then Sn is solvable.

b) If n ≥ 5, then Sn is not solvable. More precisely, the alternating
subgroup An is simple (has no proper normal subgroups) and
noncommutative, so it is not solvable. !
Index
basis of a module.........................106
A
bilinear function ..........................307
adjoining elements to a field....... 175 nondegenerate.........................307
algebra ........................................ 334 bimorphism .................................367
algebra homomorphism .............. 335
C
algebraic (element) ..................... 177
algebraic closure (absolute) ........ 198 canonical homomorphism .............75
algebraic closure (relative) ......... 189 canonical injections.......................86
algebraic generators .................... 226 canonical projections.....................81
algebraic integer ........................... 27 canonical surjection.......................75
algebraic number ........................ 178 category.......................................364
algebrically independent (set)..... 223 concrete ..................................371
alternating group......................... 374 dual.........................................369
annihilator........................... 104, 133 Cayley-Hamilton theorem ...........163
arithmetically equivalent matrices121 center of a ring ............................334
arrow........................................... 364 characteristic exponent................173
Artin-Schreier theorem ............... 302 characteristic matrix ....................290
ascending chain condition............. 34 characteristic of a ring.................172
associated in divisibility ............... 12 characteristic polynomial ............290
autodual ...................................... 370 of a matrix ..............................161
of an endomorphism...............161
B
Chevalley theorem ......................223
basis change matrix..................... 113 Chinese remainder theorem.........141
379
380
class ............................................ 363 determinant of an endomorphism162

codomain .................................... 364 diagonal matrix ...........................121
coefficient of a polynomial......... 347 direct product
cokernel ........................................ 96 of homomorphisms ..................92
comaximal ideals........................ 141 of modules................................81
complement .................................. 90 of modules................................83
complex of modules ..................... 96 direct sum
composite of fields ..................... 175 of modules................................85
composition of morphisms ......... 365 of submodules ..........................90
congruent modulo n...................... 26 direct summand.............................90
conjugate elements ..................... 235 discriminant
conjugate extension .................... 240 of a polynomial ......................320
constant term .............................. 347 of an element..........................320
constructibile complex number .. 278 divisibility .....................................10
constructibile point ..................... 276 division with remainder theorem ..22
constructibile real number .......... 277 divisor ...........................................11
content of a polynomial ................ 41 domain .................................. 11, 364
coordinates of an element in a basis dual of a group ............................306
............................................... 106 duality .........................................369
coprime......................................... 14
E
coproduct...................................... 86
cyclotomic extension.................. 213 eigenvalue ...................................165
cyclotomic polynomial ............... 214 eigenvector..................................165
Eisenstein criterion .......................47
D
element
Dedekind's Lemma ..................... 262 integral .....................................52
degree elementary divisors .....................147
of an algebraic element.......... 181 elementary divisors (of a matrix) 154
of an extension....................... 172 elementary divisors (of an
degree of a polynomial ....... 346, 347 endomorphism) ......................154
denominator................................ 356 elementary transformations.........123
determinant................................. 291 endomorphism ..............................68
381
cyclic...................................... 153 field generated by a set................174

endomorphism ring....................... 61 fixed field ....................................233
epimorphism ......................... 76, 367 fixed subfield...............................172
Euclidian Algorithm ..................... 23 formal derivative .........................195
Euclidian domain.......................... 22 Fp 171
Euler phi function ....................... 213 fraction ........................................356
evaluation homomorphism ......... 346 free resolution .............................109
exponent (of a group).................. 303 free subset of a module ...............105
exponent of a group .................... 221 Frobenius endomorphism............210
extension..................................... 170 Frobenius theorem.......................163
Abelian................................... 299 functor
algebraic................................. 187 contravariant...........................371
cyclic...................................... 299 covariant .................................370
finite....................................... 172 fidel ........................................371
finitely generated ................... 175 forgetful..................................372
Galois..................................... 267 fully faithful............................371
Kummer ................................. 303 plin..........................................371
n-radical ................................. 314 functor morphism ........................372
purely transcendental ............. 224 fundamental isomorphism theorem77
radical .................................... 314 Fundamental Theorem of Algebra205
simple..................................... 175 fundamental theorem of Galois
transcendental ........................ 188 Theory ....................................266
extension of a module................... 97 fundamental theorem of symmetric
external direct sum of modules..... 87 polynomials ............................350
F G
factor algebra .............................. 336 Galois connections ......................233

factorization algorithm.................. 48 Galois Field .................................211
field............................................. 169 Galois group
algebraically closed................ 198 of a field extension .................233
of rational fractions ................ 348 of a polynomial.......................233
field extension............................. 170 Galois group of a polynomial......314
382
Gauss integers .............................. 12 inseparable degree.......................258

GCD ............................................. 14 integer division theorem ...............44
GCD-domain ................................ 15 integers modulo n..........................26
general equation of degree n....... 318 integral domain .............................11
generic polynomial of degree n .. 318 intermediate field ........................171
GL(n, R) ...................................... 114 proper .....................................171
Gr 366 internal direct sum ........................90
greatest common divisor............... 14 invariant factors ..........................137
group invariant factors (of a matrix) .....154
solvable.................................. 373 invariant factors (of an
group of units ............................... 13 endomorphism) ......................154
Invariant factors theorem ............131
H
invariant subspace.......................152
Hilbert Satz 90............................ 300 inverse (of a morphism) ..............367
additive version...................... 301 Irr(x, K) .......................................179
homomorphism irreducible .....................................18
of module extensions ............... 97 isomorphism................................367
I J
ideal ...................................... 20, 331 Jordan canonical form of a matrix164
maximal ................................. 332 Jordan canonical matrix ..............157
prime...................................... 332 Jordan cell...................................156
proper..................................... 331
K
idempotent.................................... 91
identity morphism....................... 365 kernel ............................................71
image ............................................ 71 K-homomorphism .......................171
independent family of submodules90 Kummer Theory..........................303
indeterminate .............................. 342 additive...................................311
initially constructibile point........ 275 multiplicative .........................308
inseparable
L
element .................................. 244
extension................................ 245 Lagrange interpolation polynomial54
383
lattice .......................................... 176 right ..........................................59

LCM ............................................. 14 simple .......................................80
leading coefficient ...................... 347 module automorphism...................71
leading monomial ....................... 351 module homomorphism ................68
least common multiple.................. 14 module isomorphism.....................71
lexicographic order ..................... 350 monic polynomial........................347
linear combination ........................ 63 monoid ........................................336
linearly dependent............... 104, 105 monomial ....................................342
linearly independent............ 104, 105 monomorphism .....................76, 367
Lüroth’s theorem ........................ 187 morphism ....................................364
multiple .........................................11
M
multiple root..................................45
matrix multiplicative set .........................355
canonically diagonal .............. 121 saturated .................................360
elementary.............................. 122 multiplicatively closed set...........355
in Smith normal form............. 121 multiplicity of a root..............45, 194
matrix companion of a polynomial mutually prime ..............................14
............................................... 156
N
matrix of a homomorphism ........ 112
minimal polynomial.................... 179 natural isomorphism....................373
minimal polynomial (of a matrix)154 natural transformation .................372
minimal polynomial (of an Newton's identities ......................353
endomorphism) ...................... 154 Noetherian ring .............................35
Mod-R ......................................... 366 norm ......................................27, 291
module .......................................... 59 normal closure.............................241
decomposable......................... 140 normal extension .........................238
factor ........................................ 75 normal series ...............................374
finitely generated ..................... 65 numerator ....................................356
free ......................................... 106
O
indecomposable ..................... 140
left ............................................ 59 object
of fractions ............................. 360 final ........................................367

384
free......................................... 372 Q
initial...................................... 367
quadratic integer ...........................27
zero ........................................ 367
quaternion group .........................208
object (in a category).................. 364
quaternions, skew field of ...........207
opposite of a ring.......................... 60
quotient ................................. 22, 356
order ........................................... 130
R
P
rank of a free module ..................111
p-basis......................................... 261
rational integers.............................27
p-dimension................................ 261
remainder ......................................22
perfect field ................................ 246
resultant.......................................324
p-group ....................................... 378
ring
PID ............................................... 31
integrally closed .......................52
polynomial
of quadratic integers.................28
elementary symmetric............ 349
R-Mod .........................................366
fundamental symmetric ......... 349
root
homogeneous ......................... 347
multiple ..................................194
monic ....................................... 27
simple.....................................194
symmetric .............................. 348
root of a polynomial....................177
polynomial algebras ................... 341
root of unity ................................212
polynomial function ..................... 54
primitive .................................213
prime ............................................ 18
prime field .................................. 172 S
primitive element........................ 175 separable
primitive polynomial .................... 41 element...................................244
principal ideal............................... 20 extension ................................245
principal ideal domain .................. 31 polynomial .............................244
projective linear group................ 272 separable closure.........................253
proper divisor ............................... 13 separable degree..........................248
p-submodule ............................... 133 sequence........................................97
purely inseparable....................... 254 sequence of modules .....................96
purely inseparable closure .......... 255 exact .........................................96
385
semiexact ................................. 96 subring generated by a set ...........175

Set ............................................... 365 sum of ideals .........................20, 331
similar endomorphisms............... 152 support...................................86, 337
similar matrices........................... 152 symmetric group .........................374
simple root .................................... 45 system of generators......................64
sink ............................................. 364
T
smallest element ......................... 352
solvable by radicals..................... 314 term .............................................342
solvable series............................. 374 torsion module.............................133
source.......................................... 364 torsion submodule .......................133

split epimorphism ....................... 100 torsion-free module .....................133
split monomorphism ................... 100 total degree..................................347
split short exact sequence ........... 100 trace.......................................27, 291

splits............................................ 183 trace of a matrix ..........................161
splitting field............................... 201 trace of an endomorphism ...........162
squarefree ..................................... 11 transcendence basis .....................226

structural homomorphism (of an transcendence degree ..................229
algebra) .................................. 335 transcendental (element) .............177
subalgebra................................... 335 transcendental number ................178

generated by a set................... 335 trigonable matrix .........................167
subcategory................................. 367 U
full.......................................... 367
UFD...............................................36
subextension ............................... 171
u-indecomposable space..............152
subfield ....................................... 170
u-invariant subspace....................152
proper..................................... 170
unique factorization domain..........36
submodule..................................... 62
unit ................................................13
cyclic........................................ 65
universality property
generated by a set..................... 64
of the direct product ...........82, 83
maximal ................................... 67
of the direct sum .......................85
minimal .................................... 67
of the free module...................107
proper....................................... 63
of the monoid algebra.............343
386
of the polynomial algebra ...... 344 W

of the ring of fractions ........... 358
Warning Theorem .......................223
U(R) .............................................. 13
Wedderburn's Theorem...............219
well ordered ................................352
Bibliography
1. ALBU, T., ION, I.D. [1984] Capitole de teoria algebrică a numerelor, Ed.
Academiei R.S.R., Bucureşti.
2. ALBU, T., MANOLACHE, N. [1987] 19 Lecţii de teoria grupurilor, Ed.
Universităţii Bucureşti, Bucureşti.
3. ALBU, T., RAIANU, Ş. [1984] Lecţii de algebră comutativă, Ed. Universităţii
Bucureşti, Bucureşti.
4. ANDERSON, F.W., FULLER, K.R. [1974] Rings and categories of modules,
Springer-Verlag, New York.
5. AYAD, M. [1997] Théorie de Galois. 122 exercices corrigés, Ellipses, Paris.
6. BOREVICI, Z.I, ŞAFAREVICI, I.R. [1985], Teoria numerelor, Ed. Ştiinţifică şi
Enciclopedică, Bucureşti.
7. BOURBAKI, N. [1958] Eléments de mathématique, Fasc. VII, Livre II: Algè-
bre, Chapitre 3, Algèbre multilinéaire, Hermann, Paris.
8. BOURBAKI, N. [1967] Eléments de mathématique, Fasc. VI, Livre II: Algèbre,
Chapitre 2, Algèbre linéaire, Hermann, Paris.
9. BOURBAKI, N. [1981] Algèbre, Chapitres 4 à 7, Masson, Paris.
10. BOURBAKI, N. [1985] Eléments de mathématique: Algèbre commutative,
Chapitres 1 à 4, Masson, Paris.
11. ESCOFIER, J.P. [1997] Théorie de Galois, Masson, Paris.
12. FRIED, M., JARDEN, M. [1986] Field Arithmetic, Springer Verlag, Berlin.
13. GALBURĂ, GH. [1961] Corpuri de funcţii algebrice şi varietăţi algebrice, Ed.
Academiei R.P.R., Bucureşti.
14. GALBURĂ, GH. [1972] Algebră, Ed. Didactică şi pedagogică, Bucureşti.
15. GOZARD, I. [1997] Théorie de Galois, Ellipses, Paris.
16. HALL, M. [1959] The Theory of Groups, Macmillan, New York.
17. HERRLICH, H., STRECKER G.E. [1979], Category Theory, second edition,
Heldermann Verlag, Berlin.
18. HUNGERFORD, T.W. [1974], Algebra, Springer-Verlag, New York.
19. ION, I.D., NĂSTĂSESCU, C., NIŢĂ, C. [1984] Complemente de algebră, Ed.
Ştiinţifică and enciclopedică, Bucureşti.
20. ION, I.D., RADU, N. [1981a] Algebra, Ed. Didactică and pedagogică, Bucur-
eşti.
387
388 Bibliography
21. ION, I.D., RADU, N., NITA, C., POPESCU, D. [1981b] Probleme de algebră, Ed.
Didactică and pedagogică, Bucureşti.
22. JACOBSON, N. [1964], Lectures in Abstract Algebra III. Theory of Fields and
Galois Theory, Springer-Verlag, New York.
23. JACOBSON, N. [1974], Basic Algebra I, W.H. Freeman and Co., San Fran-
cisco.
24. KAPLANSKY, I. [1973], Fields and Rings, The University of Chicago Press,
Chicago.
25. LAFON, J.P. [1977] Algèbre commutative. Langages géometrique et algébri-
que, Hermann, Paris.
26. LANG, S. [1964], Algebraic numbers, Addison-Wesley, Reading Massachus-
setts.
27. MACCARTHY, P.J. [1966], Algebraic Extensions of Fields, Blaisdell Publish-
ing, Waltham, Massachusets.
28. MORANDI, P. [1996] Field and Galois Theory, Springer-Verlag, New York.
29. NĂSTĂSESCU, C. [1974] Introducere în teoria mulţimilor, Ed. Didactică şi
pedagogică, Bucureşti.
30. NĂSTĂSESCU, C. [1976] Inele. Module. Categorii, Ed. Academiei R.S.R., Bu-
cureşti.
31. NĂSTĂSESCU, C., NIŢĂ, C. [1979] Teoria calitativă a ecuaţiilor algebrice, Ed.
Tehnică, Bucureşti.
32. NĂSTĂSESCU, C., NIŢĂ, C., VRACIU, C. [1986] Bazele Algebrei, vol. I, Ed.
Academiei R.S.R., Bucureşti.
33. NEUKIRCH, J. [1986] Class Field Theory, Springer-Verlag, Berlin.
34. NITA, C., SPIRCU, T. [1974] Probleme de structuri algebrice, Ed. Tehnică,
Bucureşti.
35. PARENT, D.P. [1978] Exercices en théorie des nombres, Gauthier-Villars, Pa-
ris.
36. POPESCU, N. [1971] Categorii abeliene, Ed. Academiei R.S.R., Bucureşti.
37. PURDEA, I. [1982] Tratat de algebră modernă, vol II, Ed. Academiei R.S.R.,
Bucureşti.
38. RADU, GH. [1988] Algebra categoriilor şi functorilor, Ed. Junimea, Iaşi.
39. RADU, GH., TOFAN, I., GONTINEAC, V. M. [2000] Introducere în algebra
omologică, Ed Universităţii „Al. I. Cuza”, Iaşi.
40. RADU, N. [1968] Inele locale, vol. I, Ed. Academiei R.S.R., Bucureşti.
41. REGHIŞ, M. [1981] Elemente de teoria mulţimilor and logică matematică, Ed.
Facla, Timişoara.
42. SAMUEL, P. [1963] Anneaux factoriels, Sociedade de Matemática de São
Paulo.
43. SAMUEL, P. [1968] Théorie algébrique des nombres, Hermann, Paris.
44. SCORPAN, A. [1996] Introducere în teoria axiomatică a mulţimilor, Ed.
Universităţii Bucureşti, Bucureşti.
45. SPINDLER, K. [1994] Abstract Algebra with Applications, vol. II, M. Dekker,
New York.
6. Solvable389
groups
46. ŞTEFĂNESCU, M., [1993] Introducere în teoria grupurilor, Ed. Universităţii

„Al. I. Cuza”, Iaşi.
47. TIGNOL, J.-P. [1987] Galois' Theory of Algebraic Equations, Longman Scien-
tifical and Technical.
48. TOFAN, I. [2000] Capitole speciale de structuri algebrice, Ed Universităţii
„Al. I. Cuza”, Iaşi.
49. VAN DER WAERDEN, B.L. [1967], Algebra II (Fünfte auflage der Modernen
Algebra) Springer-Verlag, Berlin.
50. VAN DER WAERDEN, B.L. [1971], Algebra I (Achte auflage der Modernen
Algebra) Springer-Verlag, Berlin.
51. VAN DERWAERDEN, B.L. [1985], A History of Algebra, Springer-Verlag, Ber-
lin.
52. WALKER, R.J. [1950] Algebraic Curves, Dover Publications, New York.
53. WINKLER, F. [1996] Polynomial Algorithms in Computer Algebra, Springer
Wien New York.
54. ZARISKI, O., SAMUEL, P. [1958] Commutative Algebra, vol. I, Princeton.
55. ZARISKI, O., SAMUEL, P. [1960] Commutative Algebra, vol. II, Princeton.

Teoria Divizibilitatii

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Teoria Divizibilitatii

Caricato da

Copyright:

Formati disponibili

Ioan TOFAN Aurelian Claudiu VOLF

Ring Arithmetic, Field Extensions

III.4 The endomorphisms of a finite dimensional vector space ..... 150

The book is aimed at undergraduate students in Mathematics, Com-

Some notations used in the text:

The set Z of integers, endowed with the operations of addition and

The classical definition for the relation of divisibility in the ring of

1.1 Definition. Let R be a ring and let a, b ∈ R. We say that a di-

1.2 Definition. A ring R is called an integral domain (a domain, for

1.3 Examples. a) Any field F (for instance Q, R, C, ...) is a do-

1.4 Proposition. Let R be a domain and let a, b, c ∈ R, with c ≠ 0.

1.5 Proposition. Let R be a domain. Then:

1.6 Definition. The elements a, b in R are called associated in

For d, a ∈ R, d is called a proper divisor of a if d | a and d is neither

1.7 Proposition. Let R be a domain. Then :

1.8 Examples. a) U(Z) = {−1, 1}.

So N (a + b d ) = a 2 − db2 , ∀ a, b ∈ Z. An easy computation

1.9 Definition. Assume R is a domain, n ∈ N* and a1, ..., an ∈ R.

Proof. a) Let xi ∈ R such that ai = dxi, i = 1, n . If e ∈ R is a com-

1.12 Corollary. Let R be a GCD-domain and let K be the field of

1.13 Corollary. Let R be a GCD domain and a, b, c ∈ R such that

1.14 Proposition. Let R be a domain and x, y ∈ R. Then:

1.15 Example. In R = Z [ − 5 ] , x = 1 + − 5 and y = 2 have a

N(d ) = a 2 + 5b2 , a case-by-case inspection leads to the conclusion that

If R is a domain, let R° designate the set of nonzero and non-invert-

1.16 Definition. Let R be a domain.

A quick argument shows that, for any m ∈ N*, if p is prime and p

1.17 Proposition. Every prime element is also irreducible.

1.18 Example. In " [ −5 ] , 2 is irreducible and it is not prime. In-

1.19 Proposition. Let R be GCD domain. Then any irreducible ele-

in Z to much more general classes of rings (for instance, the primary

1.20 Proposition. Let R be a domain, n ∈ N* and a, b, x1, ..., xn ∈

i) a = [x1, ..., xn] if and only if Rx1 ∩ …∩ Rxn = Ra.

Any nonzero non-invertible integer can be written as a finite prod-

I.2 Euclidian domains

2.1 Definition. A domain R is called an Euclidian domain if there

2.2 Remark. Sometimes, in the definition of an Euclidian domain,

2.3 Remark. If b ∈ R, b ≠ 0, and ϕ(b) = 0, then b ∈ U(R). Indeed,

2.4 Theorem (Euclidian Algorithm). Let R be an Euclidian domain

Moreover, there exist (and can be algorithmically determined) u, v

r2 = b − r1q2. By induction, e | ri for any i < n, so e | rn − 1. Thus,

2.5 Examples. a) Z is an Euclidian domain with respect to the

Given a, b ∈ Z, the quotient q and remainder r of the division of a

and, by induction, there exist q, r ∈ K[X], h = gq + r, with deg r < m.

2.6 Definition. Let n ∈ N be fixed. Two integers a, b ∈ Z are

I.3 Euclidian rings of quadratic integers

Besides Z and the polynomial ring in one indeterminate with

A somewhat surprising fact is that the ring

3.1. Definition. A subfield of C that has dimension 2 viewed as a

3.2. Definition. A complex number that is the root of a monic4

3.3 Proposition. The ring of integers of Q[ d ] is Z[θ ], where

For which d ∈ Z, squarefree, Z[θ ] is Euclidian with respect to |N|?

If d > 0, Z[θ ] is a (dense) subset of R and no geometric interpreta-

3.4 Lemma. Let d ∈ Z, squarefree. Then R := Z[θ ] is Euclidian

“⇐” Let α, β ∈ R. For x = α/β ∈ Q[ d ] , ∃γ ∈ R with |N|(x − γ) <

3.5 Proposition.7 Let d ∈ Z, d < 0, squarefree.

I.4 Principal ideal domains

4.1 Definition. A domain R is called a principal ideal domain

4.2 Theorem. Any Euclidian domain is a principal ideal domain.

For instance, if K is a field, K[X] is a PID; if I ≠ 0 is an ideal in

4.3 Proposition. Let R be a PID and let a, b ∈ R. Then:

4.4 Example. Let R be a domain that is not a field and take r ∈ R

4.5 Proposition. In a PID, an element is irreducible if and only if it