OceanofPDF.

com
Table of Contents
1. Preliminaries
2. The Integers
3. Groups
4. Cyclic Groups
5. Permutation Groups
6. Cosets and Lagrange's Theorem
7. Introduction to Cryptography
8. Algebraic Coding Theory
9. Isomorphisms
10. Normal Subgroups and Factor Groups
11. Homomorphisms
12. Matrix Groups and Symmetry
13. The Structure of Groups
14. Group Actions
15. The Sylow Theorems
16. Rings
17. Polynomials
18. Integral Domains
19. Lattices and Boolean Algebras
20. Vector Spaces
21. Fields
22. Finite Fields
23. Galois Theory
Appendices
 A. GNU Free Documentation License
B. Hints and Answers to Selected Exercises
C. Notation
Index

OceanofPDF.com
Abstract Algebra:
Theory and Applications

Thomas W. Judson
Department of Mathematics and Statistics
Stephen F. Austin State University
[email protected]

Sage Exercises for Abstract Algebra

Robert A. Beezer
Department of Mathematics and Computer Science
University of Puget Sound
[email protected]

Traducción al español
Antonio Behn
Departamento de Matemáticas, Facultad de Ciencias
Universidad de Chile
[email protected]

July 28, 2022

OceanofPDF.com
Colophon
Edition Annual Edition 2022

Website abstract.pugetsound.edu

©1997–2022 Thomas W. Judson, Robert A. Beezer

Permission is granted to copy, distribute and/or modify this document under

the terms of the GNU Free Documentation License, Version 1.2 or any later
version published by the Free Software Foundation; with no Invariant
Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the
license is included in the appendix entitled “GNU Free Documentation
License.”

OceanofPDF.com
Acknowledgements
I would like to acknowledge the following reviewers for their helpful
comments and suggestions.

David Anderson, University of Tennessee, Knoxville

Robert Beezer, University of Puget Sound
Myron Hood, California Polytechnic State University
Herbert Kasube, Bradley University
John Kurtzke, University of Portland
Inessa Levi, University of Louisville
Geoffrey Mason, University of California, Santa Cruz
Bruce Mericle, Mankato State University
Kimmo Rosenthal, Union College
Mark Teply, University of Wisconsin

I would also like to thank Steve Quigley, Marnie Pommett, Cathie Griffin,
Kelle Karshick, and the rest of the staff at PWS Publishing for their
guidance throughout this project. It has been a pleasure to work with them.

Robert Beezer encouraged me to make Abstract Algebra: Theory and

Applications available as an open source textbook, a decision that I have
never regretted. With his assistance, the book has been rewritten in PreTeXt
( pretextbook.org 1), making it possible to quickly output print, web,
PDF versions and more from the same source. The open source version of
this book has received support from the National Science Foundation
(Awards #DUE-1020957, #DUE–1625223, and #DUE–1821329).

OceanofPDF.com
Preface
This text is intended for a one or two-semester undergraduate course in
abstract algebra. Traditionally, these courses have covered the theoretical
aspects of groups, rings, and fields. However, with the development of
computing in the last several decades, applications that involve abstract
algebra and discrete mathematics have become increasingly important, and
many science, engineering, and computer science students are now electing
to minor in mathematics. Though theory still occupies a central role in the
subject of abstract algebra and no student should go through such a course
without a good notion of what a proof is, the importance of applications
such as coding theory and cryptography has grown significantly.

Until recently most abstract algebra texts included few if any applications.
However, one of the major problems in teaching an abstract algebra course
is that for many students it is their first encounter with an environment that
requires them to do rigorous proofs. Such students often find it hard to see
the use of learning to prove theorems and propositions; applied examples
help the instructor provide motivation.

This text contains more material than can possibly be covered in a single
semester. Certainly there is adequate material for a two-semester course,
and perhaps more; however, for a one-semester course it would be quite
easy to omit selected chapters and still have a useful text. The order of
presentation of topics is standard: groups, then rings, and finally fields.
Emphasis can be placed either on theory or on applications. A typical one-
semester course might cover groups and rings while briefly touching on
field theory, using Chapters 1 through 6, 9, 10, 11, 13 (the first part), 16, 17,
18 (the first part), 20, and 21. Parts of these chapters could be deleted and
applications substituted according to the interests of the students and the
instructor. A two-semester course emphasizing theory might cover
Chapters 1 through 6, 9, 10, 11, 13 through 18, 20, 21, 22 (the first part),
and 23. On the other hand, if applications are to be emphasized, the course
might cover Chapters 1 through 14, and 16 through 22. In an applied
course, some of the more theoretical results could be assumed or omitted. A
chapter dependency chart appears below. (A broken line indicates a partial
dependency.)

Though there are no specific prerequisites for a course in abstract algebra,

students who have had other higher-level courses in mathematics will
generally be more prepared than those who have not, because they will
possess a bit more mathematical sophistication. Occasionally, we shall
assume some basic linear algebra; that is, we shall take for granted an
elementary knowledge of matrices and determinants. This should present no
great problem, since most students taking a course in abstract algebra have
been introduced to matrices and determinants elsewhere in their career, if
they have not already taken a sophomore or junior-level course in linear
algebra.

Exercise sections are the heart of any mathematics text. An exercise set
appears at the end of each chapter. The nature of the exercises ranges over
several categories; computational, conceptual, and theoretical problems are
included. A section presenting hints and solutions to many of the exercises
appears at the end of the text. Often in the solutions a proof is only
sketched, and it is up to the student to provide the details. The exercises
range in difficulty from very easy to very challenging. Many of the more
substantial problems require careful thought, so the student should not be
discouraged if the solution is not forthcoming after a few minutes of work.

Ideally, students should read the relavent material before attending class.
Reading questions have been added to each chapter before the exercises. To
prepare for class, students should read the chapter before class and then
answer the section's reading questions to prepare for the class.

There are additional exercises or computer projects at the ends of many of

the chapters. The computer projects usually require a knowledge of
programming. All of these exercises and projects are more substantial in
nature and allow the exploration of new results and theory.

Sage (sagemath.org2) is a free, open source, software system for advanced

mathematics, which is ideal for assisting with a study of abstract algebra.
Sage can be used either on your own computer, a local server, or on CoCalc
( cocalc.com 3). Robert Beezer has written a comprehensive
introduction to Sage and a selection of relevant exercises that appear at the
end of each chapter, including live Sage cells in the web version of the
book. All of the Sage code has been subject to automated tests of accuracy,
using the most recent version available at this time: SageMath Version 9.6
(released 2022-05-15).
Thomas W. Judson
Nacogdoches, Texas 2022

OceanofPDF.com
Chapter 1 Preliminaries
A certain amount of mathematical maturity is necessary to find and study
applications of abstract algebra. A basic knowledge of set theory,
mathematical induction, equivalence relations, and matrices is a must. Even
more important is the ability to read and understand mathematical proofs. In
this chapter we will outline the background needed for a course in abstract
algebra.

OceanofPDF.com
1.1 A Short Note on Proofs
Abstract mathematics is different from other sciences. In laboratory
sciences such as chemistry and physics, scientists perform experiments to
discover new principles and verify theories. Although mathematics is often
motivated by physical experimentation or by computer simulations, it is
made rigorous through the use of logical arguments. In studying abstract
mathematics, we take what is called an axiomatic approach; that is, we take
a collection of objects and assume some rules about their structure. These
rules are called axioms. Using the axioms for , we wish to derive other
information about by using logical arguments. We require that our
axioms be consistent; that is, they should not contradict one another. We
also demand that there not be too many axioms. If a system of axioms is too
restrictive, there will be few examples of the mathematical structure.

A statement in logic or mathematics is an assertion that is either true or

false. Consider the following examples:

.
All cats are black.
.
exactly when .
If and , then

All but the first and last examples are statements, and must be either true or
false.
A mathematical proof is nothing more than a convincing argument about
the accuracy of a statement. Such an argument should contain enough detail
to convince the audience; for instance, we can see that the statement “
exactly when ” is false by evaluating and noting that
, an argument that would satisfy anyone. Of course, audiences may
vary widely: proofs can be addressed to another student, to a professor, or to
the reader of a text. If more detail than needed is presented in the proof,
then the explanation will be either long-winded or poorly written. If too
much detail is omitted, then the proof may not be convincing. Again it is
important to keep the audience in mind. High school students require much
more detail than do graduate students. A good rule of thumb for an
argument in an introductory abstract algebra course is that it should be
written to convince one's peers, whether those peers be other students or
other readers of the text.

Let us examine different types of statements. A statement could be as

simple as “ ;” however, mathematicians are usually interested in
more complex statements such as “If , then ,” where and are both
statements. If certain statements are known or assumed to be true, we wish
to know what we can say about other statements. Here is called the
hypothesis and is known as the conclusion. Consider the following
statement: If and , then

The hypothesis is and ; the conclusion is

Notice that the statement says nothing about whether or not the hypothesis
is true. However, if this entire statement is true and we can show that
with is true, then the conclusion must be true. A
proof of this statement might simply be a series of equations:

If we can prove a statement true, then that statement is called a proposition.

A proposition of major importance is called a theorem. Sometimes instead
of proving a theorem or proposition all at once, we break the proof down
into modules; that is, we prove several supporting propositions, which are
called lemmas, and use the results of these propositions to prove the main
result. If we can prove a proposition or a theorem, we will often, with very
little effort, be able to derive other related propositions called corollaries.

Some Cautions and Suggestions

There are several different strategies for proving propositions. In addition to
using different methods of proof, students often make some common
mistakes when they are first learning how to prove theorems. To aid
students who are studying abstract mathematics for the first time, we list
here some of the difficulties that they may encounter and some of the
strategies of proof available to them. It is a good idea to keep referring back
to this list as a reminder. (Other techniques of proof will become apparent
throughout this chapter and the remainder of the text.)

A theorem cannot be proved by example; however, the standard way to

show that a statement is not a theorem is to provide a counterexample.
Quantifiers are important. Words and phrases such as only, for all, for
every, and for some possess different meanings.
Never assume any hypothesis that is not explicitly stated in the
theorem. You cannot take things for granted.
Suppose you wish to show that an object exists and is unique. First
show that there actually is such an object. To show that it is unique,
assume that there are two such objects, say and , and then show that
.
Sometimes it is easier to prove the contrapositive of a statement.
Proving the statement “If , then ” is exactly the same as proving the
statement “If not , then not .”
Although it is usually better to find a direct proof of a theorem, this
task can sometimes be difficult. It may be easier to assume that the
theorem that you are trying to prove is false, and to hope that in the
course of your argument you are forced to make some statement that
cannot possibly be true.

Remember that one of the main objectives of higher mathematics is proving

theorems. Theorems are tools that make new and productive applications of
mathematics possible. We use examples to give insight into existing
theorems and to foster intuitions as to what new theorems might be true.
Applications, examples, and proofs are tightly interconnected—much more
so than they may seem at first appearance.

OceanofPDF.com
1.2 Sets and Equivalence Relations
Set Theory
A set is a well-defined collection of objects; that is, it is defined in such a
manner that we can determine for any given object whether or not
belongs to the set. The objects that belong to a set are called its elements or
members. We will denote sets by capital letters, such as or ; if is an
element of the set , we write .

A set is usually specified either by listing all of its elements inside a pair of
braces or by stating the property that determines whether or not an object
belongs to the set. We might write

for a set containing elements or

if each in satisfies a certain property . For example, if is the set of

even positive integers, we can describe by writing either

We write when we want to say that 2 is in the set , and to

say that is not in the set .

Some of the more important sets that we will consider are the following:
We can find various relations between sets as well as perform operations on
sets. A set is a subset of , written or , if every element
of is also an element of . For example,

and

Trivially, every set is a subset of itself. A set is a proper subset of a set

if but . If is not a subset of , we write ; for
example, . Two sets are equal, written ,
if we can show that and .

It is convenient to have a set with no elements in it. This set is called the
empty set and is denoted by . Note that the empty set is a subset of every
set.

To construct new sets out of old sets, we can perform certain operations: the
union of two sets and is defined as

the intersection of and is defined by

If and , then

We can consider the union and the intersection of more than two sets. In this
case we write

and

for the union and intersection, respectively, of the sets .

When two sets have no elements in common, they are said to be disjoint; for
example, if is the set of even integers and is the set of odd integers,
then and are disjoint. Two sets and are disjoint exactly when
.

Sometimes we will work within one fixed set , called the universal set.
For any set , we define the complement of , denoted by , to be
the set

We define the difference of two sets and to be

 Example 1.1. Let be the universal set and suppose that

Then

Proposition 1.2. Let , , and be sets. Then

1. , , and ;
2. and ;
3. and
;
4. and ;

5. ;
6. .

Proof. We will prove (1) and (3) and leave the remaining results to be
proven in the exercises.

(1) Observe that

and

Also, .

(3) For sets , , and ,

A similar argument proves that .

Theorem 1.3. De Morgan's Laws. Let and be sets. Then

1. ;
2. .

Proof. (1) If , then the theorem follows immediately since both

and are the empty set. Otherwise, we must show that
and . Let .
Then . So is neither in nor in , by the definition of the
union of sets. By the definition of the complement, and .
Therefore, and we have .

To show the reverse inclusion, suppose that . Then

and , and so and . Thus and so
 . Hence, and so
.

The proof of (2) is left as an exercise.

Example 1.4. Other relations between sets often hold true. For example,

To see that this is true, observe that

Cartesian Products and Mappings

Given sets and , we can define a new set , called the Cartesian
product of and , as a set of ordered pairs. That is,

Example 1.5. If , , and , then

is the set

and
We define the Cartesian product of sets to be

If , we often write for

(where would be written times). For example, the set consists of all
of 3-tuples of real numbers.

Subsets of are called relations. We will define a mapping or

function from a set to a set to be the special type of
relation where each element has a unique element such that
. Another way of saying this is that for every element in ,
assigns a unique element in . We usually write or .
Instead of writing down ordered pairs , we write
or . The set is called the domain of and

is called the range or image of . We can think of the elements in the

function's domain as input values and the elements in the function's range as
output values.

Example 1.6. Suppose and . In Figure 1.7

we define relations and from to . The relation is a mapping, but
is not because is not assigned to a unique element in ; that is,
and .
 Figure 1.7. Mappings and relations

Given a function , it is often possible to write a list describing

what the function does to each specific element in the domain. However, not
all functions can be described in this manner. For example, the function
that sends each real number to its cube is a mapping that must
be described by writing or .

Consider the relation given by . We know that

, but is or ? This relation cannot be a mapping
because it is not well-defined. A relation is well-defined if each element in
the domain is assigned to a unique element in the range.
If is a map and the image of is , i.e., , then is
said to be onto or surjective. In other words, if there exists an for
each such that , then is onto. A map is one-to-one or
injective if implies . Equivalently, a function is
one-to-one if implies . A map that is both one-to-
one and onto is called bijective.

Example 1.8. Let be defined by . Then is

one-to-one but not onto. Define by where is
a rational number expressed in its lowest terms with a positive
denominator. The function is onto but not one-to-one.

Given two functions, we can construct a new function by using the range of
the first function as the domain of the second function. Let and
be mappings. Define a new map, the composition of and
from to , by .
Figure 1.9. Composition of maps

Example 1.10. Consider the functions and that

are defined in Figure 1.9 (top). The composition of these functions,
, is defined in Figure 1.9 (bottom).

Example 1.11. Let and . Then

and
In general, order makes a difference; that is, in most cases .

Example 1.12. Sometimes it is the case that . Let

and . Then

and

Example 1.13. Given a matrix

we can define a map by

for in . This is actually matrix multiplication; that is,

Maps from to given by matrices are called linear maps or linear

transformations.

Example 1.14. Suppose that . Define a map

by
 This is a bijective map. An alternative way to write is

For any set , a one-to-one and onto mapping is called a

permutation of .

Theorem 1.15. Let , , and . Then

1. The composition of mappings is associative; that is,

;
2. If and are both one-to-one, then the mapping is one-to-one;
3. If and are both onto, then the mapping is onto;
4. If and are bijective, then so is .

Proof. We will prove (1) and (3). Part (2) is left as an exercise. Part (4)
follows directly from (2) and (3).

(1) We must show that

For we have
(3) Assume that and are both onto functions. Given , we must
show that there exists an such that .
However, since is onto, there is an element such that .
Similarly, there is an such that . Accordingly,

If is any set, we will use or to denote the identity mapping from

to itself. Define this map by for all . A map is
an inverse mapping of if and ; in
other words, the inverse function of a function simply “undoes” the function.
A map is said to be invertible if it has an inverse. We usually write for
the inverse of .

Example 1.16. The function has inverse by

Example 1.12.

Example 1.17. The natural logarithm and the exponential functions,

and , are inverses of each other provided that
we are careful about choosing domains. Observe that

and

whenever composition makes sense.

Example 1.18. Suppose that

Then defines a map from to by

We can find an inverse map of by simply inverting the matrix ; that

is, . In this example,

hence, the inverse map is given by

It is easy to check that

Not every map has an inverse. If we consider the map

given by the matrix

then an inverse map would have to be of the form

 and

for all and . Clearly this is impossible because might not be .

Example 1.19. Given the permutation

on , it is easy to see that the permutation defined by

is the inverse of . In fact, any bijective mapping possesses an inverse, as

we will see in the next theorem.

Theorem 1.20. A mapping is invertible if and only if it is both one-to-one

and onto.

Proof. Suppose first that is invertible with inverse

. Then is the identity map; that is, .
If with , then
. Consequently, is one-to-one. Now
suppose that . To show that is onto, it is necessary to find an
such that , but with . Let .

Conversely, let be bijective and let . Since is onto, there exists an

such that . Because is one-to-one, must be unique.
Define by letting . We have now constructed the inverse of .

Equivalence Relations and Partitions

A fundamental notion in mathematics is that of equality. We can generalize
equality with equivalence relations and equivalence classes. An equivalence
relation on a set is a relation such that

for all (reflexive property);

implies (symmetric property);

and imply (transitive property).

Given an equivalence relation on a set , we usually write instead

of . If the equivalence relation already has an associated notation
such as , , or , we will use that notation.

Example 1.21. Let , , , and be integers, where and are nonzero.

Define if . Clearly is reflexive and symmetric. To
show that it is also transitive, suppose that and ,
with , , and all nonzero. Then and . Therefore,

Since , . Consequently, .

Example 1.22. Suppose that and are differentiable functions on .

We can define an equivalence relation on such functions by letting
if . It is clear that is both reflexive and
symmetric. To demonstrate transitivity, suppose that and
 . From calculus we know that and
, where and are both constants. Hence,

and . Therefore, .

Example 1.23. For and in , define

if . Then is an equivalence
relation on .

Example 1.24. Let and be matrices with entries in the real

numbers. We can define an equivalence relation on the set of
matrices, by saying if there exists an invertible matrix such that
. For example, if

then since for

Let be the identity matrix; that is,

Then ; therefore, the relation is reflexive. To show

symmetry, suppose that . Then there exists an invertible matrix
 such that . So

Finally, suppose that and . Then there exist invertible

matrices and such that and . Since

the relation is transitive. Two matrices that are equivalent in this manner
are said to be similar.

A partition of a set is a collection of nonempty sets such

that for and . Let be an equivalence
relation on a set and let . Then is called
the equivalence class of . We will see that an equivalence relation gives
rise to a partition via equivalence classes. Also, whenever a partition of a set
exists, there is some natural underlying equivalence relation, as the
following theorem demonstrates.

Theorem 1.25. Given an equivalence relation on a set , the

equivalence classes of form a partition of . Conversely, if
is a partition of a set , then there is an equivalence relation on with
equivalence classes .

Proof. Suppose there exists an equivalence relation on the set . For

any , the reflexive property shows that and so is
nonempty. Clearly . Now let . We need to show
that either or . Suppose that the intersection of
and is not empty and that . Then and . By
symmetry and transitivity ; hence, . Similarly,
and so . Therefore, any two equivalence classes are either disjoint
or exactly the same.

Conversely, suppose that is a partition of a set . Let two

elements be equivalent if they are in the same partition. Clearly, the relation
is reflexive. If is in the same partition as , then is in the same partition
as , so implies . Finally, if is in the same partition as and
is in the same partition as , then must be in the same partition as , and
transitivity holds.

Corollary 1.26. Two equivalence classes of an equivalence relation are

either disjoint or equal.

Let us examine some of the partitions given by the equivalence classes in the
last set of examples.

Example 1.27. In the equivalence relation in Example 1.21, two pairs of

integers, and , are in the same equivalence class when they
reduce to the same fraction in its lowest terms.

Example 1.28. In the equivalence relation in Example 1.22, two

functions and are in the same partition when they differ by a
constant.

Example 1.29. We defined an equivalence class on by

if . Two pairs of real numbers
are in the same partition when they lie on the same circle about the origin.
Example 1.30. Let and be two integers and suppose that . We
say that is congruent to modulo , or is congruent to mod , if
is evenly divisible by ; that is, for some . In
this case we write . For example,
since is divisible by . We claim that congruence modulo
forms an equivalence relation of . Certainly any integer is equivalent to
itself since is divisible by . We will now show that the relation
is symmetric. If , then is divisible by
. So is divisible by and . Now suppose that
and . Then there exist integers and
such that and . To show transitivity, it is
necessary to prove that is divisible by . However,

and so is divisible by .

If we consider the equivalence relation established by the integers modulo

, then

Notice that and also that the sets are disjoint. The sets
, , and form a partition of the integers.

The integers modulo are a very important example in the study of

abstract algebra and will become quite useful in our investigation of
various algebraic structures such as groups and rings. In our discussion of
the integers modulo we have actually assumed a result known as the
division algorithm, which will be stated and proved in Chapter 2.
OceanofPDF.com
1.3 Reading Questions
1. What do relations and mappings have in common?

2. What makes relations and mappings different?

3. State carefully the three defining properties of an equivalence relation. In

other words, do not just name the properties, give their definitions.

4. What is the big deal about equivalence relations? (Hint: Partitions.)

5. Describe a general technique for proving that two sets are equal.
OceanofPDF.com
1.4 Exercises
1. Suppose that

Describe each of the following sets.

a.
b.
c.
d.

2. If , , , and , list all of the

elements in each of the following sets.

a.
b.
c.
d.

3. Find an example of two nonempty sets and for which

is true.

4. Prove and .
5. Prove and .

6. Prove .

7. Prove .

8. Prove if and only if .

9. Prove .

10. Prove .

11. Prove .

12. Prove .

13. Prove .

14. Prove .

15. Prove .

16. Prove .

17. Which of the following relations define a mapping? In

each case, supply a reason why is or is not a mapping.
 a.

b.

c.

d.

18. Determine which of the following functions are one-to-one and which
are onto. If the function is not onto, determine its range.

a. defined by

b. defined by

c. defined by

d. defined by

19. Let and be invertible mappings; that is,

mappings such that and exist. Show that
.

20.

a. Define a function that is one-to-one but not onto.

b. Define a function that is onto but not one-to-one.

21. Prove the relation defined on by if
is an equivalence relation.

22. Let and be maps.

a. If and are both one-to-one functions, show that is one-to-

one.

b. If is onto, show that is onto.

c. If is one-to-one, show that is one-to-one.

d. If is one-to-one and is onto, show that is one-to-one.

e. If is onto and is one-to-one, show that is onto.

23. Define a function on the real numbers by

What are the domain and range of ? What is the inverse of ? Compute
and .

24. Let be a map with and .

a. Prove .

b. Prove . Give an example in which

equality fails.
 c. Prove , where

d. Prove .

e. Prove .

25. Determine whether or not the following relations are equivalence

relations on the given set. If the relation is an equivalence relation, describe
the partition given by it. If the relation is not an equivalence relation, state
why it fails to be one.

a. in if
b. in if
c. in if
d. in if

26. Define a relation on by stating that if and only if

. Show that is reflexive and transitive but not
symmetric.

27. Show that an matrix gives rise to a well-defined map from

to .

28. Find the error in the following argument by providing a

counterexample. “The reflexive property is redundant in the axioms for an
equivalence relation. If , then by the symmetric property.
Using the transitive property, we can deduce that .”

29. Projective Real Line. Define a relation on by letting

if there exists a nonzero real number such that
. Prove that defines an equivalence relation on
. What are the corresponding equivalence classes? This
equivalence relation defines the projective line, denoted by , which is
very important in geometry.

OceanofPDF.com
1.5 References and Suggested
Readings
[1] Artin, M. Algebra (Classic Version). 2nd ed. Pearson, Upper Saddle
River, NJ, 2018.

[2] Childs, L. A Concrete Introduction to Higher Algebra. 2nd ed.

Springer-Verlag, New York, 1995.

[3] Dummit, D. and Foote, R. Abstract Algebra. 3rd ed. Wiley, New
York, 2003.

[4] Ehrlich, G. Fundamental Concepts of Algebra. PWS-KENT,

Boston, 1991.

[5] Fraleigh, J. B. A First Course in Abstract Algebra. 7th ed. Pearson,

Upper Saddle River, NJ, 2003.

[6] Gallian, J. A. Contemporary Abstract Algebra. 7th ed. Brooks/Cole,

Belmont, CA, 2009.

[7] Halmos, P. Naive Set Theory. Springer, New York, 1991. One of the
best references for set theory.

[8] Herstein, I. N. Abstract Algebra. 3rd ed. Wiley, New York, 1996.

[9] Hungerford, T. W. Algebra. Springer, New York, 1974. One of the

standard graduate algebra texts.

[10] Lang, S. Algebra. 3rd ed. Springer, New York, 2002. Another
standard graduate text.
[11] Lidl, R. and Pilz, G. Applied Abstract Algebra. 2nd ed. Springer,
New York, 1998.

[12] Mackiw, G. Applications of Abstract Algebra. Wiley, New York,

1985.

[13] Nickelson, W. K. Introduction to Abstract Algebra. 3rd ed. Wiley,

New York, 2006.

[14] Solow, D. How to Read and Do Proofs. 5th ed. Wiley, New York,
2009.

[15] van der Waerden, B. L. A History of Algebra. Springer-Verlag, New

York, 1985. An account of the historical development of algebra.

OceanofPDF.com
1.6 Sage
Sage is a powerful system for studying and exploring many different areas
of mathematics. In this textbook, you will study a variety of algebraic
structures, such as groups, rings and fields. Sage does an excellent job of
implementing many features of these objects as we will see in the chapters
ahead. But here and now, in this initial chapter, we will concentrate on a
few general ways of getting the most out of working with Sage.

You may use Sage several different ways. It may be used as a command-
line program when installed on your own computer. Or it might be a web
application such as the SageMathCloud. Our writing will assume that you
are reading this as a worksheet within the Sage Notebook (a web browser
interface), or this is a section of the entire book presented as web pages, and
you are employing the Sage Cell Server via those pages. After the first few
chapters the explanations should work equally well for whatever vehicle
you use to execute Sage commands.

Executing Sage Commands

Most of your interaction will be by typing commands into a compute cell. If
you are reading this in the Sage Notebook or as a webpage version of the
book, then you will see a compute cell just below this paragraph. Click once
inside the compute cell and if you are in the Sage Notebook, you will get a
more distinctive border around it, a blinking cursor inside, plus a cute little
“evaluate” link below.

At the cursor, type 2+2 and then click on the evaluate link. Did a 4
appear below the cell? If so, you have successfully sent a command off for
Sage to evaluate and you have received back the (correct) answer.
Here is another compute cell. Try evaluating the command
factorial(300) here.

Hmmmmm. That is quite a big integer! If you see slashes at the end of each
line, this means the result is continued onto the next line, since there are
615 total digits in the result.

To make new compute cells in the Sage Notebook (only), hover your mouse
just above another compute cell, or just below some output from a compute
cell. When you see a skinny blue bar across the width of your worksheet,
click and you will open up a new compute cell, ready for input. Note that
your worksheet will remember any calculations you make, in the order you
make them, no matter where you put the cells, so it is best to stay organized
and add new cells at the bottom.

Try placing your cursor just below the monstrous value of that you
have. Click on the blue bar and try another factorial computation in the new
compute cell.

Each compute cell will show output due to only the very last command in
the cell. Try to predict the following output before evaluating the cell.

a = 10
b = 6
b = b - 10
a = a + 20
a

30

The following compute cell will not print anything since the one command
does not create output. But it will have an effect, as you can see when you
execute the subsequent cell. Notice how this uses the value of b from
above. Execute this compute cell once. Exactly once. Even if it appears to
do nothing. If you execute the cell twice, your credit card may be charged
twice.

b = b + 50

Now execute this cell, which will produce some output.

b + 20

66

So b came into existence as 6 . We subtracted immediately

afterward. Then a subsequent cell added 50 . This assumes you executed
this cell exactly once! In the last cell we create b+20 (but do not save it)
and it is this value ( ) that is output, while b is still .

You can combine several commands on one line with a semi-colon. This is
a great way to get multiple outputs from a compute cell. The syntax for
building a matrix should be somewhat obvious when you see the output, but
if not, it is not particularly important to understand now.

A = matrix([[3, 1], [5,2]]); A

[3 1]
[5 2]

print(A); print(); print(A.inverse())

[3 1]
[5 2]
<BLANKLINE>
[ 2 -1]
[-5 3]
Immediate Help
Some commands in Sage are “functions,” an example is factorial()
above. Other commands are “methods” of an object and are like
characteristics of objects, an example is .inverse() as a method of a
matrix. Once you know how to create an object (such as a matrix), then it is
easy to see all the available methods. Write the name of the object, place a
period (“dot”) and hit the TAB key. If you have A defined from above,
then the compute cell below is ready to go, click into it and then hit TAB
(not “evaluate”!). You should get a long list of possible methods.

A.

To get some help on how to use a method with an object, write its name
after a dot (with no parentheses) and then use a question-mark and hit TAB.
(Hit the escape key “ESC” to remove the list, or click on the text for a
method.)

A.inverse?

With one more question-mark and a TAB you can see the actual computer
instructions that were programmed into Sage to make the method work,
once you scoll down past the documentation delimited by the triple quotes
( """ ):

A.inverse??

It is worthwhile to see what Sage does when there is an error. You will
probably see a lot of these at first, and initially they will be a bit
intimidating. But with time, you will learn how to use them effectively and
you will also become more proficient with Sage and see them less often.
Execute the compute cell below, it asks for the inverse of a matrix that has
no inverse. Then reread the commentary.

B = matrix([[2, 20], [5, 50]])

B.inverse()

Traceback (most recent call last):

...
ZeroDivisionError: matrix must be nonsingular

Click just to the left of the error message to expand it fully (another click
hides it totally, and a third click brings back the abbreviated form). Read the
bottom of an error message first, it is your best explanation. Here a
ZeroDivisionError is not 100% accurate, but is close. The matrix is
not invertible, not dissimilar to how we cannot divide scalars by zero. The
remainder of the message begins at the top showing were the error first
happened in your code and then the various places where intermediate
functions were called, until the actual piece of Sage where the problem
occurred. Sometimes this information will give you some clues, sometimes
it is totally undecipherable. So do not let it scare you if it seems mysterious,
but do remember to always read the last line first, then go back and read the
first few lines for something that looks like your code.

Annotating Your Work

It is easy to comment on your work when you use the Sage Notebook. (The
following only applies if you are reading this within a Sage Notebook. If
you are not, then perhaps you can go open up a worksheet in the Sage
Notebook and experiment there.) You can open up a small word-processor
by hovering your mouse until you get a skinny blue bar again, but now
when you click, also hold the SHIFT key at the same time. Experiment with
fonts, colors, bullet lists, etc and then click the “Save changes” button to
exit. Double-click on your text if you need to go back and edit it later.

Open the word-processor again to create a new bit of text (maybe next to
the empty compute cell just below). Type all of the following exactly,

Pythagorean Theorem: $c^2=a^2+b^2$

and save your changes. The symbols between the dollar signs are written
according to the mathematical typesetting language known as TEX — cruise
the internet to learn more about this very popular tool. (Well, it is extremely
popular among mathematicians and physical scientists.)

Lists
Much of our interaction with sets will be through Sage lists. These are not
really sets — they allow duplicates, and order matters. But they are so close
to sets, and so easy and powerful to use that we will use them regularly. We
will use a fun made-up list for practice, the quote marks mean the items are
just text, with no special mathematical meaning. Execute these compute
cells as we work through them.

zoo = ['snake', 'parrot', 'elephant', 'baboon', 'beetle']

zoo

['snake', 'parrot', 'elephant', 'baboon', 'beetle']

So the square brackets define the boundaries of our list, commas separate
items, and we can give the list a name. To work with just one element of the
list, we use the name and a pair of brackets with an index. Notice that lists
have indices that begin counting at zero. This will seem odd at first and will
seem very natural later.

zoo[2]

'elephant'

We can add a new creature to the zoo, it is joined up at the far right end.

zoo.append('ostrich'); zoo

['snake', 'parrot', 'elephant', 'baboon', 'beetle', 'ostrich']

We can remove a creature.

zoo.remove('parrot')
zoo

['snake', 'elephant', 'baboon', 'beetle', 'ostrich']

We can extract a sublist. Here we start with element 1 (the elephant) and go
all the way up to, but not including, element 3 (the beetle). Again a bit odd,
but it will feel natural later. For now, notice that we are extracting two
elements of the lists, exactly elements.

mammals = zoo[1:3]
mammals

['elephant', 'baboon']

Often we will want to see if two lists are equal. To do that we will need to
sort a list first. A function creates a new, sorted list, leaving the original
alone. So we need to save the new one with a new name.
 newzoo = sorted(zoo)
newzoo

['baboon', 'beetle', 'elephant', 'ostrich', 'snake']

zoo.sort()
zoo

['baboon', 'beetle', 'elephant', 'ostrich', 'snake']

Notice that if you run this last compute cell your zoo has changed and some
commands above will not necessarily execute the same way. If you want to
experiment, go all the way back to the first creation of the zoo and start
executing cells again from there with a fresh zoo.

A construction called a list comprehension is especially powerful,

especially since it almost exactly mirrors notation we use to describe sets.
Suppose we want to form the plural of the names of the creatures in our
zoo. We build a new list, based on all of the elements of our old list.

plurality_zoo = [animal+'s' for animal in zoo]

plurality_zoo

['baboons', 'beetles', 'elephants', 'ostrichs', 'snakes']

Almost like it says: we add an “s” to each animal name, for each animal in
the zoo, and place them in a new list. Perfect. (Except for getting the plural
of “ostrich” wrong.)

Lists of Integers
One final type of list, with numbers this time. The srange() function
will create lists of integers. (The “s” in the name stands for “Sage” and so
will produce integers that Sage understands best. Many early difficulties
with Sage and group theory can be alleviated by using only this command
to create lists of integers.) In its simplest form an invocation like
srange(12) will create a list of 12 integers, starting at zero and
working up to, but not including, 12. Does this sound familiar?

dozen = srange(12); dozen

[0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11]

Here are two other forms, that you should be able to understand by studying
the examples.

teens = srange(13, 20); teens

[13, 14, 15, 16, 17, 18, 19]

decades = srange(1900, 2000, 10); decades

[1900, 1910, 1920, 1930, 1940, 1950, 1960, 1970, 1980, 1990]

Saving and Sharing Your Work

There is a “Save” button in the upper-right corner of the Sage Notebook.
This will save a current copy of your worksheet that you can retrieve your
work from within your notebook again later, though you have to re-execute
all the cells when you re-open the worksheet.

There is also a “File” drop-down list, on the left, just above your very top
compute cell (not be confused with your browser's File menu item!). You
will see a choice here labeled “Save worksheet to a file...” When you do
this, you are creating a copy of your worksheet in the sws format (short
for “Sage WorkSheet”). You can email this file, or post it on a website, for
other Sage users and they can use the “Upload” link on the homepage of
their notebook to incorporate a copy of your worksheet into their notebook.

There are other ways to share worksheets that you can experiment with, but
this gives you one way to share any worksheet with anybody almost
anywhere.

We have covered a lot here in this section, so come back later to pick up
tidbits you might have missed. There are also many more features in the
Sage Notebook that we have not covered.

OceanofPDF.com
1.7 Sage Exercises
1. This exercise is just about making sure you know how to use Sage. You
may be using the Sage Notebook server the online CoCalc service through
your web browser. In either event, create a new worksheet. Do some non-
trivial computation, maybe a pretty plot or some gruesome numerical
computation to an insane precision. Create an interesting list and
experiment with it some. Maybe include some nicely formatted text or TEX
using the included mini-word-processor of the Sage Notebook (hover until
a blue bar appears between cells and then shift-click) or create commentary
in cells within CoCalc using the magics %html or %md on a line of
their own followed by text in HTML or Markdown syntax (respectively).

Use whatever mechanism your instructor has in place for submitting your
work. Or save your worksheet and then trade with a classmate.

OceanofPDF.com
Chapter 2 The Integers
The integers are the building blocks of mathematics. In this chapter we will
investigate the fundamental properties of the integers, including
mathematical induction, the division algorithm, and the Fundamental
Theorem of Arithmetic.

OceanofPDF.com
2.1 Mathematical Induction
Suppose we wish to show that

for any natural number . This formula is easily verified for small numbers such as
, , , or , but it is impossible to verify for all natural numbers on a case-
by-case basis. To prove the formula true in general, a more generic method is
required.

Suppose we have verified the equation for the first cases. We will attempt to
show that we can generate the formula for the th case from this knowledge.
The formula is true for since

If we have verified the first cases, then

This is exactly the formula for the th case.

This method of proof is known as mathematical induction. Instead of attempting to

verify a statement about some subset of the positive integers on a case-by-case
basis, an impossible task if is an infinite set, we give a specific proof for the
smallest integer being considered, followed by a generic argument showing that if
the statement holds for a given case, then it must also hold for the next case in the
sequence. We summarize mathematical induction in the following axiom.

Principle 2.1. First Principle of Mathematical Induction. Let be a

statement about integers for and suppose is true for some integer
. If for all integers with , implies that is true, then
is true for all integers greater than or equal to .

Example 2.2. For all integers , . Since

the statement is true for . Assume that for . Then

. But

since is positive. Hence, by induction, the statement holds for all integers
.

Example 2.3. Every integer is divisible by for .

For ,

is divisible by . Suppose that is divisible by for .

Then

is divisible by .
Example 2.4. We will prove the binomial theorem using mathematical
induction; that is,

where and are real numbers, , and

is the binomial coefficient. We first show that

This result follows from

If , the binomial theorem is easy to verify. Now assume that the result is
true for greater than or equal to . Then
We have an equivalent statement of the Principle of Mathematical Induction that is
often very useful.

Principle 2.5. Second Principle of Mathematical Induction. Let

be a statement about integers for and suppose is true for some
integer . If imply that for ,
then the statement is true for all integers .

A nonempty subset of is well-ordered if contains a least element. Notice that

the set is not well-ordered since it does not contain a smallest element. However,
the natural numbers are well-ordered.

Principle 2.6. Principle of Well-Ordering. Every nonempty subset of the

natural numbers is well-ordered.

The Principle of Well-Ordering is equivalent to the Principle of Mathematical

Induction.
 Lemma 2.7. The Principle of Mathematical Induction implies that is the least
positive natural number.

Proof. Let . Then . Assume that . Since

, it must be the case that . Therefore, .
Consequently, if , then must also be in , and by the Principle of
Mathematical Induction, and we have .

Theorem 2.8. The Principle of Mathematical Induction implies the Principle of

Well-Ordering. That is, every nonempty subset of contains a least element.

Proof. We must show that if is a nonempty subset of the natural numbers, then
contains a least element. If contains 1, then the theorem is true by Lemma 2.7.
Assume that if contains an integer such that , then contains a
least element. We will show that if a set contains an integer less than or equal to
, then has a least element. If does not contain an integer less than ,
then is the smallest integer in . Otherwise, since is nonempty, must
contain an integer less than or equal to . In this case, by induction, contains a
least element.

Induction can also be very useful in formulating definitions. For instance, there are
two ways to define , the factorial of a positive integer .

The explicit definition: .

The inductive or recursive definition: and for

.

Every good mathematician or computer scientist knows that looking at problems

recursively, as opposed to explicitly, often results in better understanding of
complex issues.

OceanofPDF.com
2.2 The Division Algorithm
An application of the Principle of Well-Ordering that we will use often is
the division algorithm.

Theorem 2.9. Division Algorithm. Let and be integers, with

. Then there exist unique integers and such that

where .

Proof. This is a perfect example of the existence-and-uniqueness type of

proof. We must first prove that the numbers and actually exist. Then we
must show that if and are two other such numbers, then and
.

Existence of and . Let

If , then divides , and we can let and . If ,

we can use the Well-Ordering Principle. We must first show that is
nonempty. If , then . If , then
. In either case . By the Well-
Ordering Principle, must have a smallest member, say .
Therefore, , . We now show that . Suppose that
. Then
In this case we would have in the set . But then
, which would contradict the fact that
is the smallest member of . So . Since , and so .

Uniqueness of and . Suppose there exist integers , , , and such

that

Then . Assume that . From the last equation we

have ; therefore, must divide and
. This is possible only if . Hence,
and .

Let and be integers. If for some integer , we write . An

integer is called a common divisor of and if and . The
greatest common divisor of integers and is a positive integer such
that is a common divisor of and and if is any other common divisor
of and , then . We write ; for example,
and . We say that two integers
and are relatively prime if .

Theorem 2.10. Let and be nonzero integers. Then there exist

integers and such that

Furthermore, the greatest common divisor of and is unique.

Proof. Let
Clearly, the set is nonempty; hence, by the Well-Ordering Principle
must have a smallest member, say . We claim that
. Write where . If , then

which is in . But this would contradict the fact that is the smallest
member of . Hence, and divides . A similar argument shows
that divides . Therefore, is a common divisor of and .

Suppose that is another common divisor of and , and we want to show

that . If we let and , then

So must divide . Hence, must be the unique greatest common divisor

of and .

Corollary 2.11. Let and be two integers that are relatively prime.
Then there exist integers and such that .

The Euclidean Algorithm

Among other things, Theorem 2.10 allows us to compute the greatest
common divisor of two integers.

Example 2.12. Let us compute the greatest common divisor of and

. First observe that
 Reversing our steps, divides , divides , divides ,
and divides . Hence, divides both and . If were
another common divisor of and , then would also have to
divide . Therefore, .

If we work backward through the above sequence of equations, we can

also obtain numbers and such that . Observe
that

So and . Notice that and are not unique, since

and would also work.

To compute , we are using repeated divisions to obtain a

decreasing sequence of positive integers ; that
is,
To find and such that , we begin with this last equation
and substitute results obtained from the previous equations:

The algorithm that we have just used to find the greatest common divisor
of two integers and and to write as the linear combination of and
is known as the Euclidean algorithm.

Prime Numbers
Let be an integer such that . We say that is a prime number, or
simply is prime, if the only positive numbers that divide are and
itself. An integer that is not prime is said to be composite.

Lemma 2.13. Euclid. Let and be integers and be a prime number.

If , then either or .
Proof. Suppose that does not divide . We must show that . Since
, there exist integers and such that . So

Since divides both and itself, must divide .

Theorem 2.14. Euclid. There exist an infinite number of primes.

Proof. We will prove this theorem by contradiction. Suppose that there are
only a finite number of primes, say . Let
. Then must be divisible by some for
. In this case, must divide , which is a
contradiction. Hence, either is prime or there exists an additional prime
number that divides .

Theorem 2.15. Fundamental Theorem of Arithmetic. Let be

an integer such that . Then

where are primes (not necessarily distinct). Furthermore, this

factorization is unique; that is, if

then and the 's are just the 's rearranged.

Proof. Uniqueness. To show uniqueness we will use induction on . The

theorem is certainly true for since in this case is prime. Now
assume that the result holds for all integers such that , and
where and . By Lemma 2.13,
for some and for some . Since
all of the 's and 's are prime, and . Hence,
since . By the induction hypothesis,

has a unique factorization. Hence, and for .

Existence. To show existence, suppose that there is some integer that cannot
be written as the product of primes. Let be the set of all such numbers.
By the Principle of Well-Ordering, has a smallest number, say . If the
only positive factors of are and , then is prime, which is a
contradiction. Hence, where and .
Neither nor , since is the smallest element in . So

Therefore,

So , which is a contradiction.

Historical Note
Prime numbers were first studied by the ancient Greeks. Two important
results from antiquity are Euclid's proof that an infinite number of primes
exist and the Sieve of Eratosthenes, a method of computing all of the prime
numbers less than a fixed positive integer . One problem in number theory
is to find a function such that is prime for each integer . Pierre
Fermat (1601?–1665) conjectured that was prime for all , but
later it was shown by Leonhard Euler (1707–1783) that

is a composite number. One of the many unproven conjectures about prime

numbers is Goldbach's Conjecture. In a letter to Euler in 1742, Christian
Goldbach stated the conjecture that every even integer with the exception of
seemed to be the sum of two primes: , ,
, . Although the conjecture has been verified for the numbers
up through , it has yet to be proven in general. Since prime
numbers play an important role in public key cryptography, there is
currently a great deal of interest in determining whether or not a large
number is prime.

OceanofPDF.com
2.3 Reading Questions
1. Use Sage to express as a product of prime numbers.

2. Find the greatest common divisor of and .

3. Find integers and so that .

4. Explain the use of the term “induction hypothesis.”

5. What is Goldbach's Conjecture? And why is it called a “conjecture”?

OceanofPDF.com
2.4 Exercises
1. Prove that

for .

2. Prove that

for .

3. Prove that for .

4. Prove that

for .

5. Prove that is divisible by for .

6. Prove that is divisible by for .

7. Show that
8. Prove the Leibniz rule for , where is the th derivative of
; that is, show that

9. Use induction to prove that for

.

10. Prove that

for .

11. If is a nonnegative real number, then show that

for .

12. Power Sets. Let be a set. Define the power set of , denoted
, to be the set of all subsets of . For example,

For every positive integer , show that a set with exactly elements has a
power set with exactly elements.
13. Prove that the two principles of mathematical induction stated in
Section 2.1 are equivalent.

14. Show that the Principle of Well-Ordering for the natural numbers
implies that 1 is the smallest natural number. Use this result to show that the
Principle of Well-Ordering implies the Principle of Mathematical Induction;
that is, show that if such that and whenever
, then .

15. For each of the following pairs of numbers and , calculate

and find integers and such that .

a. and
b. and
c. and
d. and
e. and
f. and

16. Let and be nonzero integers. If there exist integers and such that
, show that and are relatively prime.

17. Fibonacci Numbers. The Fibonacci numbers are

We can define them inductively by , , and

for .
 a. Prove that .

b. Prove that , .

c. Prove that .

d. Show that . The constant

is known as the golden ratio.

e. Prove that and are relatively prime.

18. Let and be integers such that . Let and be

integers such that . Prove that

19. Let be relatively prime. If is a perfect square, prove that

and must both be perfect squares.

20. Using the division algorithm, show that every perfect square is of the
form or for some nonnegative integer .

21. Suppose that are pairwise relatively prime and that

Prove that , , and are odd and is even.

22. Let . Use the division algorithm to prove that every integer is
congruent mod to precisely one of the integers .
Conclude that if is an integer, then there is exactly one in such that
and . Hence, the integers are indeed partitioned by
congruence mod .

23. Define the least common multiple of two nonzero integers and ,
denoted by , to be the nonnegative integer such that both
and divide , and if and divide any other integer , then also
divides . Prove there exists a unique least common multiple for any two
integers and .

24. If and , prove that .

25. Show that if and only if .

26. Prove that if and only if

for integers , , and .

27. Let . Prove that if and , then .

28. Let . Prove that if is prime, then must also be prime.

29. Prove that there are an infinite number of primes of the form .

30. Prove that there are an infinite number of primes of the form .
31. Using the fact that is prime, show that there do not exist integers
and such that . Demonstrate that therefore cannot be a
rational number.

OceanofPDF.com
2.5 Programming Exercises
1. The Sieve of Eratosthenes. One method of computing all of the
prime numbers less than a certain fixed positive integer is to list all of
the numbers such that . Begin by eliminating all of the
multiples of . Next eliminate all of the multiples of . Now eliminate all of
the multiples of . Notice that has already been crossed out. Continue in
this manner, noticing that we do not have to go all the way to ; it suffices
to stop at . Using this method, compute all of the prime numbers less
than . We can also use this method to find all of the integers that
are relatively prime to an integer . Simply eliminate the prime factors of
and all of their multiples. Using this method, find all of the numbers that
are relatively prime to . Using the Sieve of Eratosthenes, write a
program that will compute all of the primes less than an integer .

2. Let . Ackermann's function is the function

defined by the equations

Use this definition to compute . Write a program to evaluate

Ackermann's function. Modify the program to count the number of
statements executed in the program when Ackermann's function is
evaluated. How many statements are executed in the evaluation of
? What about ?

3. Write a computer program that will implement the Euclidean algorithm.

The program should accept two positive integers and as input and
should output as well as integers and such that

OceanofPDF.com
2.6 References and Suggested
Readings
[1] Brookshear, J. G. Theory of Computation: Formal Languages,
Automata, and Complexity. Benjamin/Cummings, Redwood City,
CA, 1989. Shows the relationships of the theoretical aspects of
computer science to set theory and the integers.

[2] Hardy, G. H. and Wright, E. M. An Introduction to the Theory of

Numbers. 6th ed. Oxford University Press, New York, 2008.

[3] Niven, I. and Zuckerman, H. S. An Introduction to the Theory of

Numbers. 5th ed. Wiley, New York, 1991.

[4] Vanden Eynden, C. Elementary Number Theory. 2nd ed. Waveland

Press, Long Grove IL, 2001.

OceanofPDF.com
2.7 Sage
Many properties of the algebraic objects we will study can be determined
from properties of associated integers. And Sage has many powerful
functions for analyzing integers.

Division Algorithm
The code a % b will return the remainder upon division of by . In
other words, the result is the unique integer such that (1) , and
(2) for some integer (the quotient), as guaranteed by the
Division Algorithm (Theorem 2.9). Then will equal . For
example,

r = 14 % 3
r

q = (14 - r)/3
q

It is also possible to get both the quotient and remainder at the same time
with the .quo_rem() method (quotient and remainder).

a = 14
b = 3
a.quo_rem(b)

(4, 2)
A remainder of zero indicates divisibility. So (a % b) == 0 will
return True if divides , and will otherwise return False .

(20 % 5) == 0

True

(17 % 4) == 0

False

The .divides() method is another option.

c = 5
c.divides(20)

True

d = 4
d.divides(17)

False

Greatest Common Divisor

The greatest common divisor of and is obtained with the command
gcd(a, b) , where in our first uses, and are integers. Later, and
can be other objects with a notion of divisibility and “greatness,” such as
polynomials. For example,

gcd(2776, 2452)

4
We can use the gcd command to determine if a pair of integers are
relatively prime.

a = 31049
b = 2105
gcd(a, b) == 1

True

a = 3563
b = 2947
gcd(a, b) == 1

False

The command xgcd(a,b) (“eXtended GCD”) returns a triple where the

first element is the greatest common divisor of and (as with the
gcd(a,b) command above), but the next two elements are values of
and such that .

xgcd(633,331)

(1, -137, 262)

Portions of the triple can be extracted using [ ] (“indexing”) to access

the entries of the triple, starting with the first as number 0 . For example,
the following should always return the result True , even if you change
the values of a and b . Try changing the values of a and b below,
to see that the result is always True .

a = 633
b = 331
extended = xgcd(a, b)
g = extended[0]
r = extended[1]
s = extended[2]
g == r*a + s*b

True

Studying this block of code will go a long way towards helping you get the
most out of Sage's output. Note that = is how a value is assigned to a
variable, while as in the last line, == is how we compare two items for
equality.

Primes and Factoring

The method .is_prime() will determine if an integer is prime or not.

a = 117371
a.is_prime()

True

b = 14547073
b.is_prime()

False

b == 1597 * 9109

True

The command random_prime(a, proof=True) will generate a

random prime number between and . Experiment by executing the
following two compute cells several times. (Replacing proof=True by
proof=False will speed up the search, but there will be a very, very,
very small probability the result will not be prime.)
 a = random_prime(10^21, proof=True)
a

424729101793542195193

a.is_prime()

True

The command prime_range(a, b) returns an ordered list of all the

primes from to , inclusive. For example,

prime_range(500, 550)

[503, 509, 521, 523, 541, 547]

The commands next_prime(a) and previous_prime(a) are

other ways to get a single prime number of a desired size. Give them a try
below if you have an empty compute cell there (as you will if you are
reading in the Sage Notebook, or are reading the online version). (The hash
symbol, # , is used to indicate a “comment” line, which will not be
evaluated by Sage. So erase this line, or start on the one below it.)

# Practice area (not linked for Sage Cell use)

In addition to checking if integers are prime or not, or generating prime

numbers, Sage can also decompose any integer into its prime factors, as
described by the Fundamental Theorem of Arithmetic (Theorem 2.15).

a = 2600
a.factor()

2^3 * 5^2 * 13
So and this is the unique way to write as a
product of prime numbers (other than rearranging the order of the primes
themselves in the product).

While Sage will print a factorization nicely, it is carried internally as a list

of pairs of integers, with each pair being a base (a prime number) and an
exponent (a positive integer). Study the following carefully, as it is another
good exercise in working with Sage output in the form of lists.

a = 2600
factored = a.factor()
first_term = factored[0]
first_term

(2, 3)

second_term = factored[1]
second_term

(5, 2)

third_term = factored[2]
third_term

(13, 1)

first_prime = first_term[0]
first_prime

first_exponent = first_term[1]
first_exponent

3
The next compute cell reveals the internal version of the factorization by
asking for the actual list. And we show how you could determine exactly
how many terms the factorization has by using the length command,
len() .

list(factored)

[(2, 3), (5, 2), (13, 1)]

len(factored)

Can you extract the next two primes, and their exponents, from a ?

# Practice area (not linked for Sage Cell use)

OceanofPDF.com
2.8 Sage Exercises
These exercises are about investigating basic properties of the integers,
something we will frequently do when investigating groups. Sage
worksheets have extensive capabilities for making new cells with carefully
formatted text, include support for LATEX syntax to express mathematics. So
when a question asks for explanation or commentary, make a new cell and
communicate clearly with your audience.

1. Use the next_prime() command to construct two different 8-digit

prime numbers and save them in variables named a and b .

2. Use the .is_prime() method to verify that your primes a and

b are really prime.

3. Verify that is the greatest common divisor of your two primes from the
previous exercises.

4. Find two integers that make a “linear combination” of your two primes
equal to . Include a verification of your result.

5. Determine a factorization into powers of primes for .

6. Write a compute cell that defines the same value of c again, and then
defines a candidate divisor of c named d . The third line of the cell
should return True if and only if d is a divisor of c . Illustrate the
use of your cell by testing your code with and in a new copy of the
cell, testing your code with .

OceanofPDF.com
Chapter 3 Groups
We begin our study of algebraic structures by investigating sets associated
with single operations that satisfy certain reasonable axioms; that is, we
want to define an operation on a set in a way that will generalize such
familiar structures as the integers together with the single operation of
addition, or invertible matrices together with the single operation of
matrix multiplication. The integers and the matrices, together with
their respective single operations, are examples of algebraic structures
known as groups.

The theory of groups occupies a central position in mathematics. Modern

group theory arose from an attempt to find the roots of a polynomial in
terms of its coefficients. Groups now play a central role in such areas as
coding theory, counting, and the study of symmetries; many areas of
biology, chemistry, and physics have benefited from group theory.

OceanofPDF.com
3.1 Integer Equivalence Classes and
Symmetries
Let us now investigate some mathematical structures that can be viewed as
sets with single operations.

The Integers mod

The integers mod have become indispensable in the theory and
applications of algebra. In mathematics they are used in cryptography,
coding theory, and the detection of errors in identification codes.

We have already seen that two integers and are equivalent mod if
divides . The integers mod also partition into different
equivalence classes; we will denote the set of these equivalence classes by
. Consider the integers modulo and the corresponding partition of the
integers:

When no confusion can arise, we will use to indicate the

equivalence classes respectively. We can do arithmetic on
. For two integers and , define addition modulo to be
; that is, the remainder when is divided by .
Similarly, multiplication modulo is defined as , the
remainder when is divided by .
Example 3.1. The following examples illustrate integer arithmetic
modulo :

In particular, notice that it is possible that the product of two nonzero

numbers modulo can be equivalent to modulo .

Example 3.2. Most, but not all, of the usual laws of arithmetic hold for
addition and multiplication in . For instance, it is not necessarily true
that there is a multiplicative inverse. Consider the multiplication table for
in Figure 3.3. Notice that , , and do not have multiplicative
inverses; that is, for , , or , there is no integer such that
.

Figure 3.3. Multiplication table for

 Proposition 3.4. Let be the set of equivalence classes of the integers
mod and .

1. Addition and multiplication are commutative:

2. Addition and multiplication are associative:

3. There are both additive and multiplicative identities:

4. Multiplication distributes over addition:

5. For every integer there is an additive inverse :

6. Let be a nonzero integer. Then if and only if there

exists a multiplicative inverse for ; that is, a nonzero
integer such that

Proof. We will prove (1) and (6) and leave the remaining properties to be
proven in the exercises.
(1) Addition and multiplication are commutative modulo since the
remainder of divided by is the same as the remainder of
divided by .

(6) Suppose that . Then there exist integers and such

that . Since , it must be the case that
. Letting be the equivalence class of ,
.

Conversely, suppose that there exists an integer such that

. Then divides , so there is an integer such
that . Let . Since divides , must
also divide ; hence, .

Symmetries

Figure 3.5. Rigid motions of a rectangle

A symmetry of a geometric figure is a rearrangement of the figure

preserving the arrangement of its sides and vertices as well as its distances
and angles. A map from the plane to itself preserving the symmetry of an
object is called a rigid motion. For example, if we look at the rectangle in
Figure 3.5, it is easy to see that a rotation of or returns a
rectangle in the plane with the same orientation as the original rectangle and
the same relationship among the vertices. A reflection of the rectangle
across either the vertical axis or the horizontal axis can also be seen to be a
symmetry. However, a rotation in either direction cannot be a
symmetry unless the rectangle is a square.
Figure 3.6. Symmetries of a triangle
Let us find the symmetries of the equilateral triangle . To find a
symmetry of , we must first examine the permutations of the
vertices , , and and then ask if a permutation extends to a symmetry
of the triangle. Recall that a permutation of a set is a one-to-one and onto
map . The three vertices have permutations, so the
triangle has at most six symmetries. To see that there are six permutations,
observe there are three different possibilities for the first vertex, and two for
the second, and the remaining vertex is determined by the placement of the
first two. So we have different arrangements. To denote
the permutation of the vertices of an equilateral triangle that sends to ,
to , and to , we write the array

Notice that this particular permutation corresponds to the rigid motion of

rotating the triangle by in a clockwise direction. In fact, every
permutation gives rise to a symmetry of the triangle. All of these
symmetries are shown in Figure 3.6.

A natural question to ask is what happens if one motion of the triangle

is followed by another. Which symmetry is ; that is, what
happens when we do the permutation and then the permutation ?
Remember that we are composing functions here. Although we usually
multiply left to right, we compose functions right to left. We have

This is the same symmetry as . Suppose we do these motions in the

opposite order, then . It is easy to determine that this is the same as
the symmetry ; hence, . A multiplication table for the
symmetries of an equilateral triangle is given in Figure 3.7.

Notice that in the multiplication table for the symmetries of an equilateral

triangle, for every motion of the triangle there is another motion such
that ; that is, for every motion there is another motion that takes
the triangle back to its original orientation.

Figure 3.7. Symmetries of an equilateral triangle

OceanofPDF.com
3.2 Definitions and Examples
The integers mod and the symmetries of a triangle or a rectangle are
examples of groups. A binary operation or law of composition on a set
is a function that assigns to each pair a
unique element , or in , called the composition of and . A
group is a set together with a law of composition
that satisfies the following axioms.

The law of composition is associative. That is,

for .
There exists an element , called the identity element, such that
for any element

For each element , there exists an inverse element in G,

denoted by , such that

A group with the property that for all is called

abelian or commutative. Groups not satisfying this property are said to be
nonabelian or noncommutative.

Example 3.8. The integers form a group

under the operation of addition. The binary operation on two integers
is just their sum. Since the integers under addition already have
a well-established notation, we will use the operator instead of ; that
 is, we shall write instead of . The identity is , and the
inverse of is written as instead of . Notice that the set of
integers under addition have the additional property that
and therefore form an abelian group.

Most of the time we will write instead of ; however, if the group

already has a natural operation such as addition in the integers, we will use
that operation. That is, if we are adding two integers, we still write ,
for the inverse, and 0 for the identity as usual. We also write
instead of .

It is often convenient to describe a group in terms of an addition or

multiplication table. Such a table is called a Cayley table.

Example 3.9. The integers mod form a group under addition modulo
. Consider , consisting of the equivalence classes of the integers , , ,
, and . We define the group operation on by modular addition. We
write the binary operation on the group additively; that is, we write
. The element 0 is the identity of the group and each element in has an
inverse. For instance, . Figure 3.10 is a Cayley table
for . By Proposition 3.4, is a group under
the binary operation of addition mod .
Figure 3.10. Cayley table for

Example 3.11. Not every set with a binary operation is a group. For
example, if we let modular multiplication be the binary operation on ,
then fails to be a group. The element 1 acts as a group identity since
for any ; however, a multiplicative inverse for
does not exist since for every in . Even if we
consider the set , we still may not have a group. For instance, let
. Then 2 has no multiplicative inverse since

By Proposition 3.4, every nonzero does have an inverse in if is

relatively prime to . Denote the set of all such nonzero elements in
by . Then is a group called the group of units of .
Figure 3.12 is a Cayley table for the group .
Figure 3.12. Multiplication table for

Example 3.13. The symmetries of an equilateral triangle described in

Section 3.1 form a nonabelian group. As we observed, it is not necessarily
true that for two symmetries and . Using Figure 3.7, which
is a Cayley table for this group, we can easily check that the symmetries of
an equilateral triangle are indeed a group. We will denote this group by
either or , for reasons that will be explained later.

Example 3.14. We use to denote the set of all matrices.

Let be the subset of consisting of invertible matrices;
that is, a matrix

is in if there exists a matrix such that

, where is the identity matrix. For to
have an inverse is equivalent to requiring that the determinant of be
nonzero; that is, . The set of invertible matrices
forms a group called the general linear group. The identity of the group is
the identity matrix
The inverse of is

The product of two invertible matrices is again invertible. Matrix

multiplication is associative, satisfying the other group axiom. For
matrices it is not true in general that ; hence, is
another example of a nonabelian group.

Example 3.15. Let

where . Then the relations , ,

, , , , and hold. The
set is a group called the quaternion group.
Notice that is noncommutative.

Example 3.16. Let be the set of nonzero complex numbers. Under

the operation of multiplication forms a group. The identity is . If
is a nonzero complex number, then
 is the inverse of . It is easy to see that the remaining group axioms hold.

A group is finite, or has finite order, if it contains a finite number of

elements; otherwise, the group is said to be infinite or to have infinite
order. The order of a finite group is the number of elements that it contains.
If is a group containing elements, we write . The group is
a finite group of order ; the integers form an infinite group under
addition, and we sometimes write .

Basic Properties of Groups

Proposition 3.17. The identity element in a group is unique; that is,
there exists only one element such that for all
.

Proof. Suppose that and are both identities in . Then

and for all . We need to show that . If we
think of as the identity, then ; but if is the identity, then
. Combining these two equations, we have .

Inverses in a group are also unique. If and are both inverses of an

element in a group , then and . We
want to show that , but
. We summarize this fact in
the following proposition.
 Proposition 3.18. If is any element in a group , then the inverse of
, denoted by , is unique.

Proposition 3.19. Let be a group. If , then

.

Proof. Let . Then . Similarly,

. But by the previous proposition, inverses are unique;
hence, .

Proposition 3.20. Let be a group. For any , .

Proof. Observe that . Consequently, multiplying both

sides of this equation by , we have

It makes sense to write equations with group elements and group

operations. If and are two elements in a group , does there exist an
element such that ? If such an does exist, is it unique?
The following proposition answers both of these questions positively.

Proposition 3.21. Let be a group and and be any two elements in

. Then the equations and have unique solutions in .
Proof. Suppose that . We must show that such an exists. We can
multiply both sides of by to find .

To show uniqueness, suppose that and are both solutions of ;

then . So . The proof for
the existence and uniqueness of the solution of is similar.
 Proposition 3.22. If is a group and , then
implies and implies .

This proposition tells us that the right and left cancellation laws are true in
groups. We leave the proof as an exercise.

We can use exponential notation for groups just as we do in ordinary

algebra. If is a group and , then we define . For ,
we define

and

Theorem 3.23. In a group, the usual laws of exponents hold; that is, for
all ,

1. for all ;
2. for all ;

3. for all . Furthermore, if is abelian,

then .

We will leave the proof of this theorem as an exercise. Notice that

in general, since the group may not be abelian. If the group
is or , we write the group operation additively and the exponential
operation multiplicatively; that is, we write instead of . The laws of
exponents now become

1. for all ;
2. for all ;

3. for all .

It is important to realize that the last statement can be made only because
and are commutative groups.

Historical Note
Although the first clear axiomatic definition of a group was not given until
the late 1800s, group-theoretic methods had been employed before this time
in the development of many areas of mathematics, including geometry and
the theory of algebraic equations.

Joseph-Louis Lagrange used group-theoretic methods in a 1770–1771

memoir to study methods of solving polynomial equations. Later, Évariste
Galois (1811–1832) succeeded in developing the mathematics necessary to
determine exactly which polynomial equations could be solved in terms of
the coefficients of the polynomial. Galois' primary tool was group theory.

The study of geometry was revolutionized in 1872 when Felix Klein

proposed that geometric spaces should be studied by examining those
properties that are invariant under a transformation of the space. Sophus
Lie, a contemporary of Klein, used group theory to study solutions of
partial differential equations. One of the first modern treatments of group
theory appeared in William Burnside's The Theory of Groups of Finite
Order [1], first published in 1897.
OceanofPDF.com
3.3 Subgroups
Definitions and Examples
Sometimes we wish to investigate smaller groups sitting inside a larger
group. The set of even integers is a group
under the operation of addition. This smaller group sits naturally inside of
the group of integers under addition. We define a subgroup of a group
to be a subset of such that when the group operation of is restricted
to , is a group in its own right. Observe that every group with at
least two elements will always have at least two subgroups, the subgroup
consisting of the identity element alone and the entire group itself. The
subgroup of a group is called the trivial subgroup. A
subgroup that is a proper subset of is called a proper subgroup. In many
of the examples that we have investigated up to this point, there exist other
subgroups besides the trivial and improper subgroups.

Example 3.24. Consider the set of nonzero real numbers, , with the
group operation of multiplication. The identity of this group is and the
inverse of any element is just . We will show that

is a subgroup of . The identity of is ; however, is the

quotient of two nonzero integers. Hence, the identity of is in .
Given two elements in , say and , their product is also
in . The inverse of any element is again in since
. Since multiplication in is associative, multiplication
in is associative.
Example 3.25. Recall that is the multiplicative group of nonzero
complex numbers. Let . Then is a subgroup of
. It is quite easy to verify that is a group under multiplication and that
.

Example 3.26. Let be the subset of consisting of

matrices of determinant one; that is, a matrix

is in exactly when . To show that is a

subgroup of the general linear group, we must show that it is a group
under matrix multiplication. The identity matrix is in , as
is the inverse of the matrix :

It remains to show that multiplication is closed; that is, that the product of
two matrices of determinant one also has determinant one. We will leave
this task as an exercise. The group is called the special linear
group.

Example 3.27. It is important to realize that a subset of a group

can be a group without being a subgroup of . For to be a subgroup of
, it must inherit the binary operation of . The set of all matrices,
, forms a group under the operation of addition. The general
linear group is a subset of and is a group under matrix
multiplication, but it is not a subgroup of . If we add two invertible
matrices, we do not necessarily obtain another invertible matrix. Observe
that

but the zero matrix is not in .

Example 3.28. One way of telling whether or not two groups are the
same is by examining their subgroups. Other than the trivial subgroup and
the group itself, the group has a single subgroup consisting of the
elements and . From the group , we can form another group of four
elements as follows. As a set this group is . We perform the
group operation coordinatewise; that is,
. Figure 3.29 is an addition table for . Since there are three
nontrivial proper subgroups of , ,
, and , and
must be different groups.

Figure 3.29. Addition table for

Some Subgroup Theorems

Let us examine some criteria for determining exactly when a subset of a
group is a subgroup.

Proposition 3.30. A subset of is a subgroup if and only if it

satisfies the following conditions.

1. The identity of is in .
2. If , then .
3. If , then .

Proof. First suppose that is a subgroup of . We must show that the

three conditions hold. Since is a group, it must have an identity . We
must show that , where is the identity of . We know that
and that ; hence, . By
right-hand cancellation, . The second condition holds since a
subgroup is a group. To prove the third condition, let . Since
is a group, there is an element such that . By the
uniqueness of the inverse in , .

Conversely, if the three conditions hold, we must show that is a group

under the same operation as ; however, these conditions plus the
associativity of the binary operation are exactly the axioms stated in the
definition of a group.

Proposition 3.31. Let be a subset of a group . Then is a

subgroup of if and only if , and whenever then
is in .

Proof. First assume that is a subgroup of . We wish to show that

whenever and are in . Since is in , its inverse
must also be in . Because of the closure of the group operation,
.

Conversely, suppose that such that and

whenever . If , then is in . If , then
is also in . Now let . We must show that their
product is also in . However, . Hence, is a
subgroup of .

OceanofPDF.com
3.4 Reading Questions
1. In the group compute, (a) , and (b) .

2. In the group compute, (a) , and (b) .

3. State the definition of a group.

4. Explain a single method that will decide if a subset of a group is itself a

subgroup.

5. Explain the origin of the term “abelian” for a commutative group.

6. Give an example of a group you have seen in your previous

mathematical experience, but that is not an example in this chapter.

OceanofPDF.com
3.5 Exercises
1. Find all satisfying each of the following equations.

a.

b.

c.

d.

e.

f.

2. Which of the following multiplication tables defined on the set

form a group? Support your answer in each case.

a.

b.
 c.

d.

3. Write out Cayley tables for groups formed by the symmetries of a rectangle
and for . How many elements are in each group? Are the groups the
same? Why or why not?

4. Describe the symmetries of a rhombus and prove that the set of symmetries
forms a group. Give Cayley tables for both the symmetries of a rectangle and
the symmetries of a rhombus. Are the symmetries of a rectangle and those of a
rhombus the same?

5. Describe the symmetries of a square and prove that the set of symmetries is
a group. Give a Cayley table for the symmetries. How many ways can the
vertices of a square be permuted? Is each permutation necessarily a symmetry
of the square? The symmetry group of the square is denoted by .

6. Give a multiplication table for the group .

7. Let and define a binary operation on by
. Prove that is an abelian group.

8. Give an example of two elements and in with .

9. Prove that the product of two matrices in has determinant one.

10. Prove that the set of matrices of the form

is a group under matrix multiplication. This group, known as the Heisenberg

group, is important in quantum physics. Matrix multiplication in the
Heisenberg group is defined by

11. Prove that in . Use this result to

show that the binary operation in the group is closed; that is, if
and are in , then .

12. Let . Define a binary operation on

by
Prove that is a group under this operation. This group is important in
algebraic coding theory.

13. Show that is a group under the operation of

multiplication.

14. Given the groups and , let . Define a binary operation

on by . Show that is a group under
this operation.

15. Prove or disprove that every group containing six elements is abelian.

16. Give a specific example of some group and elements where

.

17. Give an example of three different groups with eight elements. Why are
the groups different?

18. Show that there are permutations of a set containing items.

19. Show that

for all .

20. Prove that there is a multiplicative identity for the integers modulo :
21. For each find an element such that

22. Show that addition and multiplication mod are well defined operations.
That is, show that the operations do not depend on the choice of the
representative from the equivalence classes mod .

23. Show that addition and multiplication mod are associative operations.

24. Show that multiplication distributes over addition modulo :

25. Let and be elements in a group . Prove that

for .

26. Let be the group of units in . If , prove that there is an

element such that and .

27. Prove that the inverse of is .

28. Prove the remainder of Proposition 3.21: if is a group and ,

then the equation has a unique solution in .

29. Prove Theorem 3.23.

30. Prove the right and left cancellation laws for a group ; that is, show that
in the group , implies and implies for
elements .

31. Show that if for all elements in a group , then must be

abelian.

32. Show that if is a finite group of even order, then there is an

such that is not the identity and .

33. Let be a group and suppose that for all and in .

Prove that is an abelian group.

34. Find all the subgroups of . Use this information to show that
is not the same group as . (See Example 3.28 for a short
description of the product of groups.)

35. Find all the subgroups of the symmetry group of an equilateral triangle.

36. Compute the subgroups of the symmetry group of a square.

37. Let . Show that is a subgroup of .

38. Let and . Prove that is a

subgroup of . Show that these subgroups are the only subgroups of .

39. Let . Prove that is a subgroup of .

40. Let consist of the matrices of the form

where . Prove that is a subgroup of .

41. Prove that

is a subgroup of under the group operation of multiplication.

42. Let be the group of matrices under addition and

Prove that is a subgroup of .

43. Prove or disprove: , the set of matrices with integer entries

and determinant one, is a subgroup of .

44. List the subgroups of the quaternion group, .

45. Prove that the intersection of two subgroups of a group is also a

subgroup of .

46. Prove or disprove: If and are subgroups of a group , then

is a subgroup of .
47. Prove or disprove: If and are subgroups of a group , then
is a subgroup of . What if is
abelian?

48. Let be a group and . Show that

is a subgroup of . This subgroup is called the center of .

49. Let and be elements of a group . If and , prove

that .

50. Give an example of an infinite group in which every nontrivial subgroup

is infinite.

51. If for all and in , prove that must be abelian.

52. Prove or disprove: Every proper subgroup of a nonabelian group is

nonabelian.

53. Let be a subgroup of and

Prove is a subgroup of . This subgroup is called the centralizer of

in .

54. Let be a subgroup of . If , show that

is also a subgroup of .
OceanofPDF.com
3.6 Additional Exercises: Detecting
Errors
1. UPC Symbols. Universal Product Code (UPC) symbols are found on
most products in grocery and retail stores. The UPC symbol is a 12-digit
code identifying the manufacturer of a product and the product itself
(Figure 3.32). The first 11 digits contain information about the product; the
twelfth digit is used for error detection. If is a valid UPC
number, then

a. Show that the UPC number 0-50000-30042-6, which appears in

Figure 3.32, is a valid UPC number.

b. Show that the number 0-50000-30043-6 is not a valid UPC number.

c. Write a formula to calculate the check digit, , in the UPC number.

d. The UPC error detection scheme can detect most transposition errors;
that is, it can determine if two digits have been interchanged. Show
that the transposition error 0-05000-30042-6 is not detected. Find a
transposition error that is detected. Can you find a general rule for the
types of transposition errors that can be detected?

e. Write a program that will determine whether or not a UPC number is

valid.
 0 50000 30042 6
Figure 3.32. A UPC code

2. It is often useful to use an inner product notation for this type of error
detection scheme; hence, we will use the notion

to mean

Suppose that is an
error detection scheme for the -digit identification number ,
where . Prove that all single-digit errors are detected if and
only if for .

3. Let be an error
detection scheme for the -digit identification number , where
. Prove that all transposition errors of two digits and are
detected if and only if for and between and .

4. ISBN Codes. Every book has an International Standard Book Number

(ISBN) code. This is a 10-digit code indicating the book's publisher and
title. The tenth digit is a check digit satisfying
One problem is that might have to be a 10 to make the inner product
zero; in this case, 11 digits would be needed to make this scheme work.
Therefore, the character X is used for the eleventh digit. So ISBN 3-540-
96035-X is a valid ISBN code.

a. Is ISBN 0-534-91500-0 a valid ISBN code? What about ISBN 0-534-

91700-0 and ISBN 0-534-19500-0?

b. Does this method detect all single-digit errors? What about all
transposition errors?

c. How many different ISBN codes are there?

d. Write a computer program that will calculate the check digit for the
first nine digits of an ISBN code.

e. A publisher has houses in Germany and the United States. Its German
prefix is 3-540. If its United States prefix will be 0- abc , find
abc such that the rest of the ISBN code will be the same for a
book printed in Germany and in the United States. Under the ISBN
coding method the first digit identifies the language; German is 3 and
English is 0. The next group of numbers identifies the publisher, and
the last group identifies the specific book.

OceanofPDF.com
3.7 References and Suggested
Readings
[1] Burnside, W. Theory of Groups of Finite Order. 2nd ed. Cambridge
University Press, Cambridge, 1911; Dover, New York, 1953. A
classic. Also available at books.google.com.

[2] Gallian, J. A. and Winters, S. “Modular Arithmetic in the

Marketplace,” The American Mathematical Monthly 95 (1988):
548–51.

[3] Gallian, J. A. Contemporary Abstract Algebra. 7th ed. Brooks/Cole,

Belmont, CA, 2009.

[4] Hall, M. Theory of Groups. 2nd ed. American Mathematical

Society, Providence, 1959.

[5] Kurosh, A. E. The Theory of Groups, vols. I and II. American

Mathematical Society, Providence, 1979.

[6] Rotman, J. J. An Introduction to the Theory of Groups. 4th ed.

Springer, New York, 1995.

OceanofPDF.com
3.8 Sage
Many of the groups discussed in this chapter are available for study in Sage.
It is important to understand that sets that form algebraic objects (groups in
this chapter) are called “parents” in Sage, and elements of these objects are
called, well, “elements.” So every element belongs to a parent (in other
words, is contained in some set). We can ask about properties of parents
(finite? order? abelian?), and we can ask about properties of individual
elements (identity? inverse?). In the following we will show you how to
create some of these common groups and begin to explore their properties
with Sage.

Integers mod n
Z8 = Integers(8)
Z8

Ring of integers modulo 8

Z8.list()

[0, 1, 2, 3, 4, 5, 6, 7]

a = Z8.an_element(); a

a.parent()

Ring of integers modulo 8

We would like to work with elements of Z8 . If you were to type a 6
into a compute cell right now, what would you mean? The integer , the
rational number , the real number , or the complex number
? Or perhaps you really do want the integer mod
? Sage really has no idea what you mean or want. To make this clear, you
can “coerce” 6 into Z8 with the syntax Z8(6) . Without this, Sage
will treat a input number like 6 as an integer, the simplest possible
interpretation in some sense. Study the following carefully, where we first
work with “normal” integers and then with integers mod 8.

a = 6
a

a.parent()

Integer Ring

b = 7
c = a + b; c

13

d = Z8(6)
d

d.parent()

Ring of integers modulo 8

 e = Z8(7)
f = d+e; f

g = Z8(85); g

f == g

True

Z8 is a bit unusual as a first example, since it has two operations defined,

both addition and multiplication, with addition forming a group, and
multiplication not forming a group. Still, we can work with the additive
portion, here forming the Cayley table for the addition.

Z8.addition_table(names='elements')

+ 0 1 2 3 4 5 6 7
+----------------
0| 0 1 2 3 4 5 6 7
1| 1 2 3 4 5 6 7 0
2| 2 3 4 5 6 7 0 1
3| 3 4 5 6 7 0 1 2
4| 4 5 6 7 0 1 2 3
5| 5 6 7 0 1 2 3 4
6| 6 7 0 1 2 3 4 5
7| 7 0 1 2 3 4 5 6

When is a prime number, the multipicative structure (excluding zero),

will also form a group.

The integers mod are very important, so Sage implements both addition
and multiplication together. Groups of symmetries are a better example of
how Sage implements groups, since there is just one operation present.

# Practice area (not linked for Sage Cell use)

Groups of symmetries
The symmetries of some geometric shapes are already defined in Sage,
albeit with different names. They are implemented as “permutation groups”
which we will begin to study carefully in Chapter 5.

Sage uses integers to label vertices, starting the count at 1 , instead of

letters. Elements by default are printed using “cycle notation” which we
will see described carefully in Chapter 5. Here is an example, with both the
mathematics and Sage. For the Sage part, we create the group of
symmetries and then create the symmetry with coercion, followed by
outputting the element in cycle notation. Then we create just the bottom row
of the notation we are using for permutations.

triangle = SymmetricGroup(3)
rho2 = triangle([3,1,2])
rho2

(1,3,2)

[rho2(x) for x in triangle.domain()]

[3, 1, 2]
The final list comprehension deserves comment. The .domain()
method gives a list of the symbols used for the permutation group
triangle and then rho2 is employed with syntax like it is a
function (it is a function) to create the images that would occupy the bottom
row.

With a double list comprehension we can list all six elements of the group
in the “bottom row” format. A good exercise would be to pair up each
element with its name as given in Figure 3.6.

[[a(x) for x in triangle.domain()] for a in triangle]

[[1, 2, 3], [3, 1, 2], [2, 3, 1], [1, 3, 2], [3, 2, 1], [2, 1,
3]]

Different books, different authors, different software all have different ideas
about the order in which to write multiplication of functions. This textbook
builds on the idea of composition of functions, so that is the
composition and it is natural to apply first. Sage
takes the opposite view and since we write , Sage will understand that
we want to do first. Neither approach is wrong, and neither is necessarily
superior, they are just different and there are good arguments for either one.
When you consult other books that work with permutation groups, you
want to first determine which approach it takes. (Be aware that this
discussion of Sage function composition is limited to permutations only
—“regular” functions in Sage compose in the order you might be familiar
with from a calculus course.)

The translation here between the text and Sage will be worthwhile practice.
Here we will reprise the discussion at the end of Section 3.1, but reverse the
order on each product to compute Sage-style and exactly mirror what the
text does.
 mu1 = triangle([1,3,2])
mu2 = triangle([3,2,1])
mu3 = triangle([2,1,3])
rho1 = triangle([2,3,1])
product = rho1*mu1
product == mu2

True

[product(x) for x in triangle.domain()]

[3, 2, 1]

rho1*mu1 == mu1*rho1

False

mu1*rho1 == mu3

True

Now that we understand that Sage does multiplication in reverse, we can

compute the Cayley table for this group. Default behavior is to just name
elements of a group as letters, a,
b, c , in the same order that the .list() command
would produce the elements of the group. But you can also print the
elements in the table as themselves (that uses cycle notation here), or you
can give the elements names. We will use u as shorthand for and r
as shorthand for .

triangle.cayley_table()

* a b c d e f
+------------
a| a b c d e f
b| b a d c f e
c| c e a f b d
d| d f b e a c
e| e c f a d b
f| f d e b c a

triangle.cayley_table(names='elements')

* () (2,3) (1,2) (1,2,3) (1,3,2) (1,3)

+------------------------------------------------
()| () (2,3) (1,2) (1,2,3) (1,3,2) (1,3)
(2,3)| (2,3) () (1,2,3) (1,2) (1,3) (1,3,2)
(1,2)| (1,2) (1,3,2) () (1,3) (2,3) (1,2,3)
(1,2,3)| (1,2,3) (1,3) (2,3) (1,3,2) () (1,2)
(1,3,2)| (1,3,2) (1,2) (1,3) () (1,2,3) (2,3)
(1,3)| (1,3) (1,2,3) (1,3,2) (2,3) (1,2) ()

triangle.cayley_table(names=['id','u3','r1','r2','u1','u2'])

* id u3 r1 r2 u1 u2
+------------------
id| id u3 r1 r2 u1 u2
u3| u3 id r2 r1 u2 u1
r1| r1 u1 id u2 u3 r2
r2| r2 u2 u3 u1 id r1
u1| u1 r1 u2 id r2 u3
u2| u2 r2 u1 u3 r1 id

You should verify that the table above is correct, just like Table 3.2 is
correct. Remember that the convention is to multiply a row label times a
column label, in that order. However, to do a check across the two tables,
you will need to recall the difference in ordering between your textbook and
Sage.

# Practice area (not linked for Sage Cell use)

Quaternions
Sage implements the quaternions, but the elements are not matrices, but
rather are permutations. Despite appearances the structure is identical. It
should not matter which version you have in mind (matrices or
permutations) if you build the Cayley table and use the default behavior of
using letters to name the elements. As permutations, or as letters, can you
identify , , and ?

Q = QuaternionGroup()
[[a(x) for x in Q.domain()] for a in Q]

[[1, 2, 3, 4, 5, 6, 7, 8], [3, 4, 1, 2, 7, 8, 5, 6],

[4, 1, 2, 3, 8, 5, 6, 7], [2, 3, 4, 1, 6, 7, 8, 5],
[7, 6, 5, 8, 1, 4, 3, 2], [5, 8, 7, 6, 3, 2, 1, 4],
[8, 7, 6, 5, 2, 1, 4, 3], [6, 5, 8, 7, 4, 3, 2, 1]]

Q.cayley_table()

* a b c d e f g h
+----------------
a| a b c d e f g h
b| b c d a h e f g
c| c d a b g h e f
d| d a b c f g h e
e| e f g h c d a b
f| f g h e b c d a
g| g h e f a b c d
h| h e f g d a b c

It should be fairly obvious that a is the identity element of the group ( ),

either from its behavior in the table, or from its “bottom row” representation
as the first element of the list above. And if you prefer, you can ask Sage for
a list of its outputs when viewed as a function.

id = Q.identity()
[id(x) for x in Q.domain()]

[1, 2, 3, 4, 5, 6, 7, 8]
Now should have the property that . We see that the
identity element a is on the diagonal of the Cayley table only when we
compute c*c . We can verify this easily, by extracting the third element
of the column headings of the Cayley table. Now that we have identified
, once we locate , we can easily compute , and so on.

minus_one = Q.cayley_table().column_keys()[2]
[minus_one(x) for x in Q.domain()]

[3, 4, 1, 2, 7, 8, 5, 6]

minus_one*minus_one == Q.identity()

True

See if you can pair up the letters with all eight elements of the quaternions.
Be a bit careful with your names, the symbol I is used by Sage for the
imaginary number (which we will use below), but Sage will
silently let you redefine it to be anything you like. Same goes for using
lower-case i in Sage. So call your elements of the quaternions something
like QI, QJ, QK to avoid confusion.

As we begin to work with groups it is instructive to work with the actual

elements. But many properties of groups are totally independent of the
order we use for multiplication, or the names or representations we use for
the elements. Here are facts about the quaternions we can compute without
any knowledge of just how the elements are written or multiplied.

Q.is_finite()

True

Q.order()
 8

Q.is_abelian()

False

# Practice area (not linked for Sage Cell use)

Subgroups
The best techniques for creating subgroups will come in future chapters, but
we can create some groups that are naturally subgroups of other groups.

Elements of the quaternions were represented by certain permutations of the

integers 1 through 8. We can also build the group of all permutations of
these eight integers. It gets pretty big, so do not list it unless you want a lot
of output! (I dare you.)

S8 = SymmetricGroup(8)
a = S8.random_element()
[a(x) for x in S8.domain()] # random

[5, 2, 6, 4, 1, 8, 3, 7]

S8.order()

40320

The quaternions, Q , is a subgroup of the full group of all permutations, the

symmetric group or S8 , and Sage regards this as a property of Q .

Q.is_subgroup(S8)
True

In Sage the complex numbers are known by the name CC . We can create a
list of the elements in the subgroup described in Example 3.16. Then we
can verify that this set is a subgroup by examining the Cayley table, using
multiplication as the operation.

H = [CC(1), CC(-1), CC(I), CC(-I)]

CC.multiplication_table(elements=H,
names=['1', '-1', 'i', '-i'])

* 1 -1 i -i
+------------
1| 1 -1 i -i
-1| -1 1 -i i
i| i -i -1 1
-i| -i i 1 -1

# Practice area (not linked for Sage Cell use)

OceanofPDF.com
3.9 Sage Exercises
These exercises are about becoming comfortable working with groups in
Sage. Sage worksheets have extensive capabilities for making new cells
with carefully formatted text, include support for LATEX syntax to express
mathematics. So when a question asks for explanation or commentary,
make a new cell and communicate clearly with your audience.

1. Create the groups CyclicPermutationGroup(8) and

DihedralGroup(4) and name these groups C and D ,
respectively. We will understand these constructions better shortly, but for
now just understand that both objects you create are actually groups.

2. Check that C and D have the same size by using the .order()
method. Determine which group is abelian, and which is not, by using the
.is_abelian() method.

3. Use the .cayley_table() method to create the Cayley table for

each group.

4. Write a nicely formatted discussion identifying differences between the

two groups that are discernible in properties of their Cayley tables. In other
words, what is different about these two groups that you can “see” in the
Cayley tables? (In the Sage notebook, a Shift-click on a blue bar will bring
up a mini-word-processor, and you can use use dollar signs to embed
mathematics formatted using TEX syntax.)

5. For C locate the one subgroup of order . The group D has three
subgroups of order . Select one of the three subgroups of D that has a
different structure than the subgroup you obtained from C .

The .subgroups() method will give you a list of all of the subgroups
to help you get started. A Cayley table will help you tell the difference
between the two subgroups. What properties of these tables did you use to
determine the difference in the structure of the subgroups?

6. The .subgroup(elt_list) method of a group will create the

smallest subgroup containing the specified elements of the group, when
given the elements as a list elt_list . Use this command to discover
the shortest list of elements necessary to recreate the subgroups you found
in the previous exercise. The equality comparison, == , can be used to test
if two subgroups are equal.

OceanofPDF.com
Chapter 4 Cyclic Groups
The groups and , which are among the most familiar and easily
understood groups, are both examples of what are called cyclic groups. In
this chapter we will study the properties of cyclic groups and cyclic
subgroups, which play a fundamental part in the classification of all abelian
groups.

OceanofPDF.com
4.1 Cyclic Subgroups
Often a subgroup will depend entirely on a single element of the group; that
is, knowing that particular element will allow us to compute any other
element in the subgroup.

Example 4.1. Suppose that we consider and look at all multiples

(both positive and negative) of . As a set, this is

It is easy to see that is a subgroup of the integers. This subgroup is

completely determined by the element since we can obtain all of the
other elements of the group by taking multiples of . Every element in the
subgroup is “generated” by .

Example 4.2. If , then is a subgroup of the

multiplicative group of nonzero rational numbers, . If and
are in , then is also in . By
Proposition 3.31, is a subgroup of determined by the element .

Theorem 4.3. Let be a group and be any element in . Then the set

is a subgroup of . Furthermore, is the smallest subgroup of that

contains .

Proof. The identity is in since . If and are any two

elements in , then by the definition of we can write and
for some integers and . So is again in
 . Finally, if in , then the inverse is also in .
Clearly, any subgroup of containing must contain all the powers of
by closure; hence, contains . Therefore, is the smallest subgroup
of containing .

Remark 4.4. If we are using the “+” notation, as in the case of the
integers under addition, we write .

For , we call the cyclic subgroup generated by . If contains

some element such that , then is a cyclic group. In this case
is a generator of . If is an element of a group , we define the order of
to be the smallest positive integer such that , and we write
. If there is no such integer , we say that the order of is infinite
and write to denote the order of .

Example 4.5. Notice that a cyclic group can have more than a single
generator. Both and generate ; hence, is a cyclic group. Not
every element in a cyclic group is necessarily a generator of the group.
The order of is . The cyclic subgroup generated by is
.

The groups and are cyclic groups. The elements and are
generators for . We can certainly generate with 1 although there may
be other generators of , as in the case of .

Example 4.6. The group of units, , in is a cyclic group. As a

set, is . The element 2 is a generator for
since
 Example 4.7. Not every group is a cyclic group. Consider the symmetry
group of an equilateral triangle . The multiplication table for this group
is Figure 3.7. The subgroups of are shown in Figure 4.8. Notice that
every subgroup is cyclic; however, no single element generates the entire
group.

Figure 4.8. Subgroups of

Theorem 4.9. Every cyclic group is abelian.

Proof. Let be a cyclic group and be a generator for . If and
are in , then they can be written as powers of , say and .
Since

is abelian.

Subgroups of Cyclic Groups

We can ask some interesting questions about cyclic subgroups of a group
and subgroups of a cyclic group. If is a group, which subgroups of are
cyclic? If is a cyclic group, what type of subgroups does possess?

Theorem 4.10. Every subgroup of a cyclic group is cyclic.

Proof. The main tools used in this proof are the division algorithm and the
Principle of Well-Ordering. Let be a cyclic group generated by and
suppose that is a subgroup of . If , then trivially is cyclic.
Suppose that contains some other element distinct from the identity.
Then can be written as for some integer . Since is a subgroup,
must also be in . Since either or is positive, we can
assume that contains positive powers of and . Let be the
smallest natural number such that . Such an exists by the
Principle of Well-Ordering.

We claim that is a generator for . We must show that every

can be written as a power of . Since and is a
subgroup of , for some integer . Using the division algorithm,
we can find numbers and such that where ;
hence,

So . Since and are in , must also be in .

However, was the smallest positive number such that was in ;
consequently, and so . Therefore,

and is generated by .

Corollary 4.11. The subgroups of are exactly for

.
 Proposition 4.12. Let be a cyclic group of order and suppose that
is a generator for . Then if and only if divides .

Proof. First suppose that . By the division algorithm,

where ; hence,

Since the smallest positive integer such that is , .

Conversely, if divides , then for some integer . Consequently,

Theorem 4.13. Let be a cyclic group of order and suppose that

is a generator of the group. If , then the order of is ,
where .

Proof. We wish to find the smallest integer such that .

By Proposition 4.12, this is the smallest integer such that divides
or, equivalently, divides . Since is the greatest common
divisor of and , and are relatively prime. Hence, for to
divide it must divide . The smallest such is .

Corollary 4.14. The generators of are the integers such that

and .

Example 4.15. Let us examine the group . The numbers , , , ,

, , , and are the elements of that are relatively prime to .
Each of these elements generates . For example,
OceanofPDF.com
4.2 Multiplicative Group of Complex
Numbers
The complex numbers are defined as

where . If , then is the real part of and is the

imaginary part of .

To add two complex numbers and , we just add the

corresponding real and imaginary parts:

Remembering that , we multiply complex numbers just like polynomials.

The product of and is

Every nonzero complex number has a multiplicative inverse; that is,

there exists a such that . If , then

The complex conjugate of a complex number is defined to be

. The absolute value or modulus of is .

Example 4.16. Let and . Then

and
 Also,

Figure 4.17. Rectangular coordinates of a complex number

There are several ways of graphically representing complex numbers. We can

represent a complex number as an ordered pair on the plane where
is the (or real) coordinate and is the (or imaginary) coordinate. This is
called the rectangular or Cartesian representation. The rectangular
representations of , , and are depicted
in Figure 4.17.
Figure 4.18. Polar coordinates of a complex number

Nonzero complex numbers can also be represented using polar coordinates. To

specify any nonzero point on the plane, it suffices to give an angle from the
positive axis in the counterclockwise direction and a distance from the origin,
as in Figure 4.18. We can see that

Hence,

and

We sometimes abbreviate as . To assure that the

representation of is well-defined, we also require that . If the
measurement is in radians, then .

Example 4.19. Suppose that . Then

 and

Hence, the rectangular representation is .

Conversely, if we are given a rectangular representation of a complex number, it

is often useful to know the number's polar representation. If ,
then

and

so .

The polar representation of a complex number makes it easy to find products and
powers of complex numbers. The proof of the following proposition is
straightforward and is left as an exercise.

Proposition 4.20. Let and be two nonzero complex

numbers. Then

Example 4.21. If and , then

.
 Theorem 4.22. DeMoivre. Let be a nonzero complex number.
Then

for .
Proof. We will use induction on . For the theorem is trivial. Assume that
the theorem is true for all such that . Then

Example 4.23. Suppose that and we wish to compute . Rather

than computing directly, it is much easier to switch to polar
coordinates and calculate using DeMoivre's Theorem:

The Circle Group and the Roots of Unity

The multiplicative group of the complex numbers, , possesses some interesting
subgroups. Whereas and have no interesting subgroups of finite order,
has many. We first consider the circle group,

The following proposition is a direct result of Proposition 4.20.

Proposition 4.24. The circle group is a subgroup of .

Although the circle group has infinite order, it has many interesting finite
subgroups. Suppose that . Then is a subgroup of the
circle group. Also, , , , and are exactly those complex numbers that
satisfy the equation . The complex numbers satisfying the equation
are called the th roots of unity.

Theorem 4.25. If , then the th roots of unity are

where . Furthermore, the th roots of unity form a cyclic

subgroup of of order
Proof. By DeMoivre's Theorem,

The 's are distinct since the numbers are all distinct and are greater than
or equal to 0 but less than . The fact that these are all of the roots of the
equation follows from from Corollary 17.9, which states that a
polynomial of degree can have at most roots. We will leave the proof that the
th roots of unity form a cyclic subgroup of as an exercise.
A generator for the group of the th roots of unity is called a primitive th root of
unity.

Example 4.26. The 8th roots of unity can be represented as eight equally
spaced points on the unit circle (Figure 4.27). The primitive 8th roots of unity are
Figure 4.27. 8th roots of unity

OceanofPDF.com
4.3 The Method of Repeated Squares
Computing large powers can be very time-consuming. Just as anyone can
compute or , everyone knows how to compute

However, such numbers are so large that we do not want to attempt the
calculations; moreover, past a certain point the computations would not be
feasible even if we had every computer in the world at our disposal. Even
writing down the decimal representation of a very large number may not be
reasonable. It could be thousands or even millions of digits long. However,
if we could compute something like

we could very easily write the result down since it would be a number
between and . If we want to compute powers modulo quickly
and efficiently, we will have to be clever.4

The first thing to notice is that any number can be written as the sum of
distinct powers of ; that is, we can write

where . This is just the binary representation of .

For example, the binary representation of 57 is 111001, since we can write
.

The laws of exponents still work in ; that is, if and

, then . We can compute
in multiplications by computing
Each step involves squaring the answer obtained in the previous step,
dividing by , and taking the remainder.

Example 4.28. We will compute . Notice that

hence, computing is the same as computing

So it will suffice to compute where . It is

very easy to see that

We can square this result to obtain a value for :

 We are using the fact that .
Continuing, we can calculate

and

Therefore,

The method of repeated squares will prove to be a very useful tool when we
explore RSA cryptography in Chapter 7. To encode and decode messages in
a reasonable manner under this scheme, it is necessary to be able to quickly
compute large powers of integers mod .

OceanofPDF.com
4.4 Reading Questions
1. What is the order of the element in ?

2. What is the order of the element in ?

3. Find three generators of .

4. Find three generators of the roots of unity.

5. Show how to compute efficiently by hand. Check your

answer with Sage.

OceanofPDF.com
4.5 Exercises
1. Prove or disprove each of the following statements.

a. All of the generators of are prime.

b. is cyclic.

c. is cyclic.

d. If every proper subgroup of a group is cyclic, then is a cyclic

group.

e. A group with a finite number of subgroups is finite.

2. Find the order of each of the following elements.

a.
b.

c.

d.
e.
f.

3. List all of the elements in each of the following subgroups.

a. The subgroup of generated by

b. The subgroup of generated by

c. All subgroups of
 d. All subgroups of

e. All subgroups of

f. All subgroups of

g. The subgroup generated by 3 in

h. The subgroup generated by 5 in

i. The subgroup of generated by

j. The subgroup of generated by where

k. The subgroup of generated by

l. The subgroup of generated by

m. The subgroup of generated by

4. Find the subgroups of generated by each of the following

matrices.

a. b.

c.

d. e.
 f.

5. Find the order of every element in .

6. Find the order of every element in the symmetry group of the square,
.

7. What are all of the cyclic subgroups of the quaternion group, ?

8. List all of the cyclic subgroups of .

9. List every generator of each subgroup of order 8 in .

10. Find all elements of finite order in each of the following groups. Here
the “ ” indicates the set with zero removed.

a. b.

c.

11. If in a group , what are the possible orders of ?

12. Find a cyclic group with exactly one generator. Can you find cyclic
groups with exactly two generators? Four generators? How about
generators?
13. For , which groups are cyclic? Make a conjecture as to
what is true in general. Can you prove your conjecture?

14. Let

be elements in . Show that and have finite orders but

does not.

15. Evaluate each of the following.

a.

b.

c.

d.

e.
f.

16. Convert the following complex numbers to the form .

a.

b.

c.

d.
17. Change the following complex numbers to polar representation.

a. b.

c.

d. e.

f.

18. Calculate each of the following expressions.

a.

b.

c.

d.

e.

f.

g.

19. Prove each of the following statements.

a.

b.

c.

d.
 e.

f.

20. List and graph the 6th roots of unity. What are the generators of this
group? What are the primitive 6th roots of unity?

21. List and graph the 5th roots of unity. What are the generators of this
group? What are the primitive 5th roots of unity?

22. Calculate each of the following.

a.

b.

c.

d.

23. Let . Prove the following statements.

a. The order of is the same as the order of .

b. For all , .

c. The order of is the same as the order of .

24. Let and be distinct primes. How many generators does have?
25. Let be prime and be a positive integer. How many generators does
have?

26. Prove that has no nontrivial subgroups if is prime.

27. If and have orders and respectively in a group , what is the

order of ?

28. Let be an element in a group . What is a generator for the subgroup

?

29. Prove that has an even number of generators for .

30. Suppose that is a group and let , . Prove that if and

with , then .

31. Let be an abelian group. Show that the elements of finite order in
form a subgroup. This subgroup is called the torsion subgroup of .

32. Let be a finite cyclic group of order generated by . Show that if

where , then must be a generator of .

33. If is an abelian group that contains a pair of cyclic subgroups of

order , show that must contain a subgroup of order . Does this
subgroup have to be cyclic?

34. Let be an abelian group of order where . If

contains elements and of order and respectively, then show that
is cyclic.

35. Prove that the subgroups of are exactly for .

36. Prove that the generators of are the integers such that
and .

37. Prove that if has no proper nontrivial subgroups, then is a cyclic

group.

38. Prove that the order of an element in a cyclic group must divide the
order of the group.

39. Prove that if is a cyclic group of order and , then must

have a subgroup of order .

40. For what integers is an th root of unity?

41. If and are two

nonzero complex numbers, show that

42. Prove that the circle group is a subgroup of .

43. Prove that the th roots of unity form a cyclic subgroup of of order
.
44. Let . Prove that and if and only if for
.

45. Let . If , prove that the order of is infinite.

46. Let be in where . Prove that the order of

is infinite.

OceanofPDF.com
4.6 Programming Exercises
1. Write a computer program that will write any decimal number as the sum
of distinct powers of . What is the largest integer that your program will
handle?

2. Write a computer program to calculate by the method of

repeated squares. What are the largest values of and that your program
will accept?

OceanofPDF.com
4.7 References and Suggested
Readings
[1] Koblitz, N. A Course in Number Theory and Cryptography. 2nd ed.
Springer, New York, 1994.

[2] Pomerance, C. “Cryptology and Computational Number Theory—

An Introduction,” in Cryptology and Computational Number
Theory, Pomerance, C., ed. Proceedings of Symposia in Applied
Mathematics, vol. 42, American Mathematical Society, Providence,
RI, 1990. This book gives an excellent account of how the method
of repeated squares is used in cryptography.

OceanofPDF.com
4.8 Sage
Cyclic groups are very important, so it is no surprise that they appear in
many different forms in Sage. Each is slightly different, and no one
implementation is ideal for an introduction, but together they can illustrate
most of the important ideas. Here is a guide to the various ways to
construct, and study, a cyclic group in Sage.

Infinite Cyclic Groups

In Sage, the integers are constructed with ZZ . To build the infinite
cyclic group such as from Example 4.1, simply use 3*ZZ . As an
infinite set, there is not a whole lot you can do with this. You can test if
integers are in this set, or not. You can also recall the generator with the
.gen() command.

G = 3*ZZ
-12 in G

True

37 in G

False

G.gen()

Additive Cyclic Groups

The additive cyclic group can be built as a special case of a more
general Sage construction. First we build and capture its generator.
Throughout, pay close attention to the use of parentheses and square
brackets for when you experiment on your own.

G = AdditiveAbelianGroup([14])
G.order()

14

G.list()

[(0), (1), (2), (3), (4), (5), (6), (7),

(8), (9), (10), (11), (12), (13)]

a = G.gen(0)
a

(1)

You can compute in this group, by using the generator, or by using new
elements formed by coercing integers into the group, or by taking the result
of operations on other elements. And we can compute the order of elements
in this group. Notice that we can perform repeated additions with the
shortcut of taking integer multiples of an element.

a + a

(2)

a + a + a + a

(4)
4*a

(4)

37*a

(9)

We can create, and then compute with, new elements of the group by
coercing an integer (in a list of length ) into the group. You may get a
DeprecationWarning the first time you use this syntax if you are
using an old version of Sage. The mysterious warning can be safely
ignored.

G([2])

(2)

b = G([2]); b

(2)

b + b

(4)

2*b == 4*a

True

7*b

(0)
 b.order()

c = a - 6*b; c

(3)

c + c + c + c

(12)

c.order()

14

It is possible to create cyclic subgroups, from an element designated to be

the new generator. Unfortunately, to do this requires the
.submodule() method (which should be renamed in Sage).

H = G.submodule([b]); H

Additive abelian group isomorphic to Z/7

H.list()

[(0), (2), (4), (6), (8), (10), (12)]

H.order()

e = H.gen(0); e
(2)

3*e

(6)

e.order()

The cyclic subgroup H just created has more than one generator. We can
test this by building a new subgroup and comparing the two subgroups.

f = 12*a; f

(12)

f.order()

K = G.submodule([f]); K

Additive abelian group isomorphic to Z/7

K.order()

K.list()

[(0), (2), (4), (6), (8), (10), (12)]

 K.gen(0)

(2)

H == K

True

Certainly the list of elements, and the common generator of (2) lead us
to belive that H and K are the same, but the comparison in the last line
leaves no doubt.

Results in this section, especially Theorem 4.13 and Corollary 4.14, can be
investigated by creating generators of subgroups from a generator of one
additive cyclic group, creating the subgroups, and computing the orders of
both elements and orders of groups.

Abstract Multiplicative Cyclic Groups

We can create an abstract cyclic group in the style of Theorem 4.3,
Theorem 4.9, and Theorem 4.10. In the syntax below a is a name for the
generator, and 14 is the order of the element. Notice that the notation is
now multiplicative, so we multiply elements, and repeated products can be
written as powers.

G.<a> = AbelianGroup([14])
G.order()

14

G.list()
(1, a, a^2, a^3, a^4, a^5, a^6, a^7, a^8, a^9, a^10, a^11,
a^12, a^13)

a.order()

14

Computations in the group are similar to before, only with different

notation. Now products, with repeated products written as exponentiation.

b = a^2
b.order()

b*b*b

a^6

c = a^7
c.order()

c^2

b*c

a^9

b^37*c^42
 a^4

Subgroups can be formed with a .subgroup() command. But do not

try to list the contents of a subgroup, it'll look strangely unfamiliar. Also,
comparison of subgroups is not implemented.

H = G.subgroup([a^2])
H.order()

K = G.subgroup([a^12])
K.order()

L = G.subgroup([a^4])
H == L

False

One advantage of this implementation is the possibility to create all possible

subgroups. Here we create the list of subgroups, extract one in particular
(the third), and check its order.

allsg = G.subgroups(); allsg

[Multiplicative Abelian subgroup isomorphic to C2 x C7

generated by {a},
Multiplicative Abelian subgroup isomorphic to C7 generated by
{a^2},
Multiplicative Abelian subgroup isomorphic to C2 generated by
{a^7},
Trivial Abelian subgroup]
sub = allsg[2]
sub.order()

Cyclic Permutation Groups

We will learn more about permutation groups in the next chapter. But we
will mention here that it is easy to create cyclic groups as permutation
groups, and a variety of methods are available for working with them, even
if the actual elements get a bit cumbersome to work with. As before, notice
that the notation and syntax is multiplicative.

G=CyclicPermutationGroup(14)
a = G.gen(0); a

(1,2,3,4,5,6,7,8,9,10,11,12,13,14)

b = a^2
b = a^2; b

(1,3,5,7,9,11,13)(2,4,6,8,10,12,14)

b.order()

a*a*b*b*b

(1,9,3,11,5,13,7)(2,10,4,12,6,14,8)

c = a^37*b^26; c
 (1,6,11,2,7,12,3,8,13,4,9,14,5,10)

c.order()

14

We can create subgroups, check their orders, and list their elements.

H = G.subgroup([a^2])
H.order()

H.gen(0)

(1,3,5,7,9,11,13)(2,4,6,8,10,12,14)

H.list()

[(),
(1,3,5,7,9,11,13)(2,4,6,8,10,12,14),
(1,5,9,13,3,7,11)(2,6,10,14,4,8,12),
(1,7,13,5,11,3,9)(2,8,14,6,12,4,10),
(1,9,3,11,5,13,7)(2,10,4,12,6,14,8),
(1,11,7,3,13,9,5)(2,12,8,4,14,10,6),
(1,13,11,9,7,5,3)(2,14,12,10,8,6,4)]

It could help to visualize this group, and the subgroup, as rotations of a

regular -gon with the vertices labeled with the integers through .
This is not the full group of symmetries, since it does not include
reflections, just the rotations.

Cayley Tables
As groups, each of the examples above (groups and subgroups) have
Cayley tables implemented. Since the groups are cyclic, and their
subgroups are therefore cyclic, the Cayley tables should have a similar
“cyclic” pattern. Note that the letters used in the default table are generic,
and are not related to the letters used above for specific elements — they
just match up with the group elements in the order given by .list() .

G.<a> = AbelianGroup([14])
G.cayley_table()

* a b c d e f g h i j k l m n
+----------------------------
a| a b c d e f g h i j k l m n
b| b c d e f g h i j k l m n a
c| c d e f g h i j k l m n a b
d| d e f g h i j k l m n a b c
e| e f g h i j k l m n a b c d
f| f g h i j k l m n a b c d e
g| g h i j k l m n a b c d e f
h| h i j k l m n a b c d e f g
i| i j k l m n a b c d e f g h
j| j k l m n a b c d e f g h i
k| k l m n a b c d e f g h i j
l| l m n a b c d e f g h i j k
m| m n a b c d e f g h i j k l
n| n a b c d e f g h i j k l m

If the real names of the elements are not too complicated, the table could be
more informative using these names.

K.<b> = AbelianGroup([10])
K.cayley_table(names='elements')

* 1 b b^2 b^3 b^4 b^5 b^6 b^7 b^8 b^9

+----------------------------------------
1| 1 b b^2 b^3 b^4 b^5 b^6 b^7 b^8 b^9
b| b b^2 b^3 b^4 b^5 b^6 b^7 b^8 b^9 1
b^2| b^2 b^3 b^4 b^5 b^6 b^7 b^8 b^9 1 b
b^3| b^3 b^4 b^5 b^6 b^7 b^8 b^9 1 b b^2
b^4| b^4 b^5 b^6 b^7 b^8 b^9 1 b b^2 b^3
 b^5| b^5 b^6 b^7 b^8 b^9 1 b b^2 b^3 b^4
b^6| b^6 b^7 b^8 b^9 1 b b^2 b^3 b^4 b^5
b^7| b^7 b^8 b^9 1 b b^2 b^3 b^4 b^5 b^6
b^8| b^8 b^9 1 b b^2 b^3 b^4 b^5 b^6 b^7
b^9| b^9 1 b b^2 b^3 b^4 b^5 b^6 b^7 b^8

Complex Roots of Unity

The finite cyclic subgroups of , generated by a primitive th root of unity
are implemented as a more general construction in Sage, known as a
cyclotomic field. If you concentrate on just the multiplication of powers of
a generator (and ignore the infinitely many other elements) then this is a
finite cyclic group. Since this is not implemented directly in Sage as a
group, per se, it is a bit harder to construct things like subgroups, but it is an
excellent exercise to try. It is a nice example since the complex numbers are
a concrete and familiar construction. Here are a few sample calculations to
provide you with some exploratory tools. See the notes following the
computations.

G = CyclotomicField(14)
w = G.gen(0); w

zeta14

wc = CDF(w)
wc.abs()

1.0

wc.arg()/N(2*pi/14)

1.0
b = w^2
b.multiplicative_order()

bc = CDF(b); bc

0.62348980185... + 0.781831482468...*I

bc.abs()

1.0

bc.arg()/N(2*pi/14)

2.0

sg = [b^i for i in range(7)]; sg

[1, zeta14^2, zeta14^4,

zeta14^5 - zeta14^4 + zeta14^3 - zeta14^2 + zeta14 - 1,
-zeta14, -zeta14^3, -zeta14^5]

c = sg[3]; d = sg[5]
c*d

zeta14^2

c = sg[3]; d = sg[6]
c*d in sg

True

c*d == sg[2]
True

sg[5]*sg[6] == sg[4]

True

G.multiplication_table(elements=sg)

* a b c d e f g
+--------------
a| a b c d e f g
b| b c d e f g a
c| c d e f g a b
d| d e f g a b c
e| e f g a b c d
f| f g a b c d e
g| g a b c d e f

Notes:

1. zeta14 is the name of the generator used for the cyclotomic field,
it is a primitive root of unity (a th root of unity in this case). We
have captured it as w .
2. The syntax CDF(w) will convert the complex number w into the
more familiar form with real and imaginary parts.
3. The method .abs() will return the modulus of a complex number,
as described in the text. For elements of this should always
equal .
4. The method .arg() will return the argument of a complex
number, as described in the text. Every element of the cyclic group
in this example should have an argument that is an integer multiple of
. The N() syntax converts the symbolic value of pi to a
numerical approximation.
5. sg is a list of elements that form a cyclic subgroup of order 7,
composed of the first 7 powers of b = w^2 . So, for example, the
last comparison multiplies the fifth power of b with the sixth power
of b , which would be the eleventh power of b . But since b has
order 7, this reduces to the fourth power.
6. If you know a subset of an infinite group forms a subgroup, then you
can produce its Cayley table by specifying the list of elements you
want to use. Here we ask for a multiplication table, since that is the
relevant operation.

OceanofPDF.com
4.9 Sage Exercises
This group of exercises is about the group of units mod , , which is
sometimes cyclic, sometimes not. There are some commands in Sage that
will answer some of these questions very quickly, but instead of using those
now, just use the basic techniques described. The idea here is to just work
with elements, and lists of elements, to discern the subgroup structure of
these groups.

Sage worksheets have extensive capabilities for making new cells with
carefully formatted text, include support for LATEX syntax to express
mathematics. So when a question asks for explanation or commentary,
make a new cell and communicate clearly with your audience. Continue
this practice in subsequent exercise sets.

1. Execute the statement R = Integers(40) to create the set

[0,1,2,...,39] This is a group under addition mod , which we
will ignore. Instead we are interested in the subset of elements which have
an inverse under multiplication mod . Determine how big this subgroup
is by executing the command R.unit_group_order() , and then
obtain a list of these elements with
R.list_of_elements_of_multiplicative_group() .

2. You can create elements of this group by coercing regular integers into
U , such as with the statement a = U(7) . (Don't confuse this with our
mathematical notation .) This will tell Sage that you want to view
as an element of , subject to the corresponding operations. Determine the
elements of the cyclic subgroup of generated by with a list
comprehension as follows:
 R = Integers(40)
a = R(7)
[a^i for i in srange(16)]

What is the order of in ?

3. The group is cyclic. Using only the Sage commands described

previously, use Sage to find a generator for this group. Now using only
theorems about the structure of cyclic groups, describe each of the
subgroups of by specifying its order and by giving an explicit
generator. Do not repeat any of the subgroups — in other words, present
each subgroup exactly once. You can use Sage to check your work on the
subgroups, but your answer about the subgroups should rely only on
theorems and be a nicely written paragraph with a table, etc.

4. The group is not cyclic. Again, using only the Sage commands
described previously, use computations to provide irrefutable evidence of
this. How many of the different subgroups of can you list?

5. Again, using only the Sage commands described previously, explore the
structure of for various values of and see if you can formulate an
interesting conjecture about some basic property of this group. (Yes, this is
a very open-ended question, but this is ultimately the real power of
exploring mathematics with Sage.)

OceanofPDF.com
Chapter 5 Permutation Groups
Permutation groups are central to the study of geometric symmetries and to
Galois theory, the study of finding solutions of polynomial equations. They
also provide abundant examples of nonabelian groups.

Let us recall for a moment the symmetries of the equilateral triangle

from Chapter 3. The symmetries actually consist of permutations
of the three vertices, where a permutation of the set is a
one-to-one and onto map . The three vertices have the following
six permutations.

We have used the array

to denote the permutation that sends to , to , and to . That is,

The symmetries of a triangle form a group. In this chapter we will study

groups of this type.

OceanofPDF.com
5.1 Definitions and Notation
In general, the permutations of a set form a group . If is a finite
set, we can assume . In this case we write instead
of . The following theorem says that is a group. We call this group
the symmetric group on letters.

Theorem 5.1. The symmetric group on letters, , is a group with

elements, where the binary operation is the composition of maps.
Proof. The identity of is just the identity map that sends to , to ,
, to . If is a permutation, then exists, since is
one-to-one and onto; hence, every permutation has an inverse. Composition
of maps is associative, which makes the group operation associative. We
leave the proof that as an exercise.

A subgroup of is called a permutation group.

Example 5.2. Consider the subgroup of consisting of the identity

permutation and the permutations

The following table tells us how to multiply elements in the permutation

group .
Remark 5.3. Though it is natural to multiply elements in a group from
left to right, functions are composed from right to left. Let and be
permutations on a set . To compose and as functions, we calculate
. That is, we do first, then . There are several
ways to approach this inconsistency. We will adopt the convention of
multiplying permutations right to left. To compute , do first and then
. That is, by we mean . (Another way of solving this
problem would be to write functions on the right; that is, instead of writing
, we could write . We could also multiply permutations left to
right to agree with the usual way of multiplying elements in a group.
Certainly all of these methods have been used.

Example 5.4. Permutation multiplication is not usually commutative.

Let

Then
 but

Cycle Notation
The notation that we have used to represent permutations up to this point is
cumbersome, to say the least. To work effectively with permutation groups,
we need a more streamlined method of writing down and manipulating
permutations.

A permutation is a cycle of length if there exist elements

such that

and for all other elements . We will write

to denote the cycle . Cycles are the building blocks of
all permutations.

Example 5.5. The permutation

is a cycle of length , whereas

is a cycle of length .

Not every permutation is a cycle. Consider the permutation

This permutation actually contains a cycle of length 2 and a cycle of

length .

Example 5.6. It is very easy to compute products of cycles. Suppose that

If we think of as

and as

then for remembering that we apply first and then , it must be the
case that
 or . If , then .

Two cycles in , and , are

disjoint if for all and .

Example 5.7. The cycles and are disjoint; however, the

cycles and are not. Calculating their products, we find that

The product of two cycles that are not disjoint may reduce to something
less complicated; the product of disjoint cycles cannot be simplified.

Proposition 5.8. Let and be two disjoint cycles in . Then

.

Proof. Let and . We must

show that for all . If is neither in
nor , then both and fix . That is,
and . Hence,

Do not forget that we are multiplying permutations right to left, which is the
opposite of the order in which we usually multiply group elements. Now
suppose that . Then ; that is,
However, since and are disjoint. Therefore,

Similarly, if , then and also commute.

Theorem 5.9. Every permutation in can be written as the product of

disjoint cycles.

Proof. We can assume that . If and we define

to be , then the set is finite since is finite.
Now let be the first integer in that is not in and define by
. Again, is a finite set. Continuing in this manner,
we can define finite disjoint sets . Since is a finite set, we
are guaranteed that this process will end and there will be only a finite
number of these sets, say . If is the cycle defined by
then . Since the sets are disjoint, the
cycles must also be disjoint.

Example 5.10. Let

Using cycle notation, we can write

Remark 5.11. From this point forward we will find it convenient to use
cycle notation to represent permutations. When using cycle notation, we
often denote the identity permutation by .

Transpositions
The simplest permutation is a cycle of length . Such cycles are called
transpositions. Since
any cycle can be written as the product of transpositions, leading to the
following proposition.

Proposition 5.12. Any permutation of a finite set containing at least two

elements can be written as the product of transpositions.

Example 5.13. Consider the permutation

As we can see, there is no unique way to represent permutation as the

product of transpositions. For instance, we can write the identity
permutation as , as , and in many other
ways. However, as it turns out, no permutation can be written as the
product of both an even number of transpositions and an odd number of
transpositions. For instance, we could represent the permutation by

or by

but will always be the product of an odd number of transpositions.

Lemma 5.14. If the identity is written as the product of transpositions,

then is an even number.

Proof. We will employ induction on . A transposition cannot be the
identity; hence, . If , then we are done. Suppose that . In
this case the product of the last two transpositions, , must be one of
the following cases:

where , , , and are distinct.

The first equation simply says that a transposition is its own inverse. If this
case occurs, delete from the product to obtain

By induction is even; hence, must be even.

In each of the other three cases, we can replace with the right-hand
side of the corresponding equation to obtain a new product of
transpositions for the identity. In this new product the last occurrence of
will be in the next-to-the-last transposition. We can continue this process
with to obtain either a product of transpositions or a new
product of transpositions where the last occurrence of is in . If the
identity is the product of transpositions, then again we are done, by
our induction hypothesis; otherwise, we will repeat the procedure with
.

At some point either we will have two adjacent, identical transpositions

canceling each other out or will be shuffled so that it will appear only in
the first transposition. However, the latter case cannot occur, because the
identity would not fix in this instance. Therefore, the identity permutation
must be the product of transpositions and, again by our induction
hypothesis, we are done.

Theorem 5.15. If a permutation can be expressed as the product of an

even number of transpositions, then any other product of transpositions
equaling must also contain an even number of transpositions. Similarly,
if can be expressed as the product of an odd number of transpositions,
then any other product of transpositions equaling must also contain an
odd number of transpositions.

Proof. Suppose that

where is even. We must show that is also an even number. The inverse
of is . Since

must be even by Lemma 5.14. The proof for the case in which can be
expressed as an odd number of transpositions is left as an exercise.

In light of Theorem 5.15, we define a permutation to be even if it can be

expressed as an even number of transpositions and odd if it can be
expressed as an odd number of transpositions.

The Alternating Groups

One of the most important subgroups of is the set of all even
permutations, . The group is called the alternating group on
letters.
 Theorem 5.16. The set is a subgroup of .
Proof. Since the product of two even permutations must also be an even
permutation, is closed. The identity is an even permutation and
therefore is in . If is an even permutation, then

where is a transposition and is even. Since the inverse of any

transposition is itself,

is also in .

Proposition 5.17. The number of even permutations in , , is

equal to the number of odd permutations; hence, the order of is .

Proof. Let be the set of even permutations in and be the set of

odd permutations. If we can show that there is a bijection between these
sets, they must contain the same number of elements. Fix a transposition
in . Since , such a exists. Define

by

Suppose that . Then and so

Therefore, is one-to-one. We will leave the proof that is surjective to
the reader.

Example 5.18. The group is the subgroup of consisting of even

permutations. There are twelve elements in :

One of the end-of-chapter exercises will be to write down all the

subgroups of . You will find that there is no subgroup of order 6. Does
this surprise you?

Historical Note
Lagrange first thought of permutations as functions from a set to itself, but
it was Cauchy who developed the basic theorems and notation for
permutations. He was the first to use cycle notation. Augustin-Louis
Cauchy (1789–1857) was born in Paris at the height of the French
Revolution. His family soon left Paris for the village of Arcueil to escape
the Reign of Terror. One of the family's neighbors there was Pierre-Simon
Laplace (1749–1827), who encouraged him to seek a career in mathematics.
Cauchy began his career as a mathematician by solving a problem in
geometry given to him by Lagrange. Cauchy wrote over 800 papers on such
diverse topics as differential equations, finite groups, applied mathematics,
and complex analysis. He was one of the mathematicians responsible for
making calculus rigorous. Perhaps more theorems and concepts in
mathematics have the name Cauchy attached to them than that of any other
mathematician.
OceanofPDF.com
5.2 Dihedral Groups
Another special type of permutation group is the dihedral group. Recall the
symmetry group of an equilateral triangle in Chapter 3. Such groups consist
of the rigid motions of a regular -sided polygon or -gon. For
, we define the nth dihedral group to be the group of rigid
motions of a regular -gon. We will denote this group by . We can
number the vertices of a regular -gon by (Figure 5.19). Notice
that there are exactly choices to replace the first vertex. If we replace the
first vertex by , then the second vertex must be replaced either by vertex
or by vertex ; hence, there are possible rigid motions of the
-gon. We summarize these results in the following theorem.

Figure 5.19. A regular -gon

Theorem 5.20. The dihedral group, , is a subgroup of of order

.

Theorem 5.21. The group , , consists of all products of the

two elements and , where has order and has order , and these
 two elements satisfy the relation .

Proof. The possible motions of a regular -gon are either reflections or

rotations (Figure 5.22). There are exactly possible rotations:

We will denote the rotation by . The rotation generates all of

the other rotations. That is,

Figure 5.22. Rotations and reflections of a regular -gon

Label the reflections , where is the reflection that

leaves vertex fixed. There are two cases of reflections, depending on
whether is even or odd. If there are an even number of vertices, then two
vertices are left fixed by a reflection, and
. If there are an odd number
of vertices, then only a single vertex is left fixed by a reflection and
are distinct (Figure 5.23). In either case, the order of each
is two. Let . Then and . Since any rigid motion of
the -gon replaces the first vertex by the vertex , the second vertex must
be replaced by either or by . If the second vertex is replaced by
, then . If the second vertex is replaced by , then
.5 Hence, and generate . That is, consists of all finite
products of and ,

We will leave the proof that as an exercise.

Figure 5.23. Types of reflections of a regular -gon

Example 5.24. The group of rigid motions of a square, , consists of

eight elements. With the vertices numbered , , , (Figure 5.25), the
rotations are
and the reflections are

The order of is . The remaining two elements are

Figure 5.25. The group

The Motion Group of a Cube

We can investigate the groups of rigid motions of geometric objects other
than a regular -sided polygon to obtain interesting examples of
permutation groups. Let us consider the group of rigid motions of a cube.
By rigid motion, we mean a rotation with the axis of rotation about
opposing faces, edges, or vertices. One of the first questions that we can ask
about this group is “what is its order?” A cube has sides. If a particular
side is facing upward, then there are four possible rotations of the cube that
will preserve the upward-facing side. Hence, the order of the group is
. We have just proved the following proposition.

Proposition 5.26. The group of rigid motions of a cube contains

elements.

Theorem 5.27. The group of rigid motions of a cube is .

Proof. From Proposition 5.26, we already know that the motion group of
the cube has elements, the same number of elements as there are in .
There are exactly four diagonals in the cube. If we label these diagonals ,
, , and , we must show that the motion group of the cube will give us any
permutation of the diagonals (Figure 5.28). If we can obtain all of these
permutations, then and the group of rigid motions of the cube must be
the same. To obtain a transposition we can rotate the cube about the
axis joining the midpoints of opposite edges (Figure 5.29). There are six
such axes, giving all transpositions in . Since every element in is the
product of a finite number of transpositions, the motion group of a cube
must be .
Figure 5.28. The motion group of a cube

Figure 5.29. Transpositions in the motion group of a cube

OceanofPDF.com
5.3 Reading Questions
1. Express as a cycle, or a product of disjoint cycles.
(Interpret the composition of functions in the order used by Sage, which is
the reverse of the order used in the book.)

2. What is a transposition?

3. What does it mean for a permutation to be even or odd?

4. Describe another group that is fundamentally the same as .

5. Write the elements of the symmetry group of a pentagon using

permutations in cycle notation. Do this exercise by hand, and without the
assistance of Sage.

OceanofPDF.com
5.4 Exercises
1. Write the following permutations in cycle notation.

a.

b.

c.

d.

2. Compute each of the following.

a.

b.
c.

d.

e.

f.
 g.

h.

i.

j.

k.

l.

m.

n.

o.

p.

3. Express the following permutations as products of transpositions and

identify them as even or odd.

a.

b.

c.

d.

e.

4. Find .

5. List all of the subgroups of . Find each of the following sets:

 a.

b.

c. and .

Are any of these sets subgroups of ?

6. Find all of the subgroups in . What is the order of each subgroup?

7. Find all possible orders of elements in and .

8. Show that contains an element of order .

9. Does contain an element of order ?

10. Find an element of largest order in for .

11. What are the possible cycle structures of elements of ? What about
?

12. Let have order . Show that for all integers and ,
if and only if .

13. Let be the product of disjoint cycles. Prove that

the order of is the least common multiple of the lengths of the cycles
.
14. Using cycle notation, list the elements in . What are and ? Write
every element as a product of and .

15. If the diagonals of a cube are labeled as Figure 5.28, to which motion of
the cube does the permutation correspond? What about the other
permutations of the diagonals?

16. Find the group of rigid motions of a tetrahedron. Show that this is the
same group as .

17. Prove that is nonabelian for .

18. Show that is nonabelian for .

19. Prove that is nonabelian for .

20. Let be a cycle. Prove that can be written as the product of at

most transpositions.

21. Let . If is not a cycle, prove that can be written as the

product of at most transpositions.

22. If can be expressed as an odd number of transpositions, show that any

other product of transpositions equaling must also be odd.

23. If is a cycle of odd length, prove that is also a cycle.

24. Show that a -cycle is an even permutation.

25. Prove that in with , any permutation is a product of cycles of
length .

26. Prove that any element in can be written as a finite product of the
following permutations.

a.

b.

c.

27. Let be a group and define a map by .

Prove that is a permutation of .

28. Prove that there exist permutations of a set containing elements.

29. Recall that the center of a group is

Find the center of . What about the center of ? What is the center of
?

30. Let be a cycle of length .

a. Prove that if is any permutation, then

is a cycle of length .
 b. Let be a cycle of length . Prove that there is a permutation such
that .

31. For and in , define if there exists an such that

. Show that is an equivalence relation on .

32. Let . If for some , we will say that .

a. Show that is an equivalence relation on .

b. Define the orbit of under to be the set

Compute the orbits of each element in under each of

the following elements in :

c. If , prove that . The orbits under a

permutation are the equivalence classes corresponding to the
equivalence relation .

d. A subgroup of is transitive if for every , there exists

a such that . Prove that is transitive if and only
if for some .
33. Let for . If for all , prove that
must be the identity permutation; hence, the center of is the trivial
subgroup.

34. If is even, prove that is also even. Does a corresponding result

hold if is odd?

35. If and , show that .

36. Show that is even for .

37. Let and be the elements in described in Theorem 5.21

a. Show that .

b. Show that in .

c. Prove that the order of is .

OceanofPDF.com
5.5 Sage
A good portion of Sage's support for group theory is based on routines from
GAP (Groups, Algorithms, and Programming) at www.gap-system.org6,
which is included in every copy of Sage. This is a mature open source
package, dating back to 1986. (Forward reference here to GAP console,
etc.)

As we have seen, groups can be described in many different ways, such as

sets of matrices, sets of complex numbers, or sets of symbols subject to
defining relations. A very concrete way to represent groups is via
permutations (one-to-one and onto functions of the integers through ),
using function composition as the operation in the group, as described in
this chapter. Sage has many routines designed to work with groups of this
type and they are also a good way for those learning group theory to gain
experience with the basic ideas of group theory. For both these reasons, we
will concentrate on these types of groups.

Permutation Groups and Elements

The easiest way to work with permutation group elements in Sage is to
write them in cycle notation. Since these are products of disjoint cycles
(which commute), we do not need to concern ourselves with the actual
order of the cycles. If we write (1,3)(2,4) we probably understand it
to be a permutation (the topic of this chapter!) and we know that it could be
an element of , or perhaps a symmetric group on more symbols than just
4. Sage cannot get started that easily and needs a bit of context, so we
coerce a string of characters written with cycle notation into a symmetric
group to make group elements. Here are some examples and some sample
computations. Remember that Sage and your text differ on how to interpret
the order of composing two permutations in a product.
 G = SymmetricGroup(5)
sigma = G("(1,3)(2,5,4)")
sigma*sigma

(2,4,5)

rho = G("(2,4)(1,5)")
rho^3

(1,5)(2,4)

If the next three examples seem confusing, or “backwards”, then now

would be an excellent time to review the Sage discussion about the order of
permutation composition in the subsection Groups of symmetries.

sigma*rho

(1,3,5,2)

rho*sigma

(1,4,5,3)

rho^-1*sigma*rho

(1,2,4)(3,5)

There are alternate ways to create permutation group elements, which can
be useful in some situations, but they are not quite as useful in everday use.

sigma1 = G("(1,3)(2,5,4)")
sigma1

(1,3)(2,5,4)
 sigma2 = G([(1,3),(2,5,4)])
sigma2

(1,3)(2,5,4)

sigma3 = G([3,5,1,2,4])
sigma3

(1,3)(2,5,4)

sigma1 == sigma2

True

sigma2 == sigma3

True

sigma2.cycle_tuples()

[(1, 3), (2, 5, 4)]

[sigma3(x) for x in G.domain()]

[3, 5, 1, 2, 4]

The second version of is a list of “tuples”, which requires a lot of commas

and these must be enclosed in a list. (A tuple of length one must be written
like (4,) to distinguish it from using parentheses for grouping, as in
5*(4) .) The third version uses the “bottom-row” of the more
cumbersome two-row notation introduced at the beginning of the chapter —
it is an ordered list of the output values of the permutation when considered
as a function.
So we then see that despite three different input procedures, all the versions
of print the same way, and moreso they are actually equal to each other.
(This is a subtle difference — what an object is in Sage versus how an
object displays itself.)

We can be even more careful about the nature of our elements. Notice that
once we get Sage started, it can promote the product into the larger
permutation group. We can “promote” elements into larger permutation
groups, but it is an error to try to shoe-horn an element into a too-small
symmetric group.

H = SymmetricGroup(4)
sigma = H("(1,2,3,4)")
G = SymmetricGroup(6)
tau = G("(1,2,3,4,5,6)")
rho = tau * sigma
rho

(1,3)(2,4,5,6)

sigma.parent()

Symmetric group of order 4! as a permutation group

tau.parent()

Symmetric group of order 6! as a permutation group

rho.parent()

Symmetric group of order 6! as a permutation group

tau.parent() == rho.parent()

True
 sigmaG = G(sigma)
sigmaG.parent()

Symmetric group of order 6! as a permutation group

It is an error to try to coerce a permutation with too many symbols into a

permutation group employing too few symbols.

tauH = H(tau)

Traceback (most recent call last):

...
ValueError: invalid data to initialize a permutation

Better than working with just elements of the symmetric group, we can
create a variety of permutation groups in Sage. Here is a sampling for
starters:
Table 5.30. Some Sage permutation groups
Sage Command Description
SymmetricGroup(n) Permutations on symbols, elements
DihedralGroup(n) Symmetries of an -gon, elements.
CyclicPermutationGroup(n) Rotations of an -gon (no flips), elements
AlternatingGroup(n) Alternating group on symbols, elements
KleinFourGroup() A non-cyclic group of order 4

# Practice area (not linked for Sage Cell use)

You can also locate Sage permutation groups with the groups catalog.
In the next cell place your cursor right after the final dot and hit the tab-key.
You will get a list of methods you can use to create permutation groups. As
always, place a question-mark after a method and hit the tab-key to get
online documentation of a method.
 groups.permutation.

Properties of Permutation Elements

Sometimes it is easier to grab an element out of a list of elements of a
permutation group, and then it is already attached to a parent and there is no
need for any coercion. In the following, rotate and flip are
automatically elements of G because of the way we procured them.

D = DihedralGroup(5)
elements = D.list(); elements

[(), (1,5,4,3,2), (1,4,2,5,3), (1,3,5,2,4), (1,2,3,4,5), (2,5)

(3,4),
(1,5)(2,4), (1,4)(2,3), (1,3)(4,5), (1,2)(3,5)]

rotate = elements[4]
flip = elements[7]
flip*rotate == rotate* flip

False

So we see from this final statement that the group of symmetries of a

pentagon is not abelian. But there is an easier way.

D = DihedralGroup(5)
D.is_abelian()

False

There are many more methods you can use for both permutation groups and
their individual elements. Use the blank compute cell below to create a
permutation group (any one you like) and an element of a permutation
group (any one you like). Then use tab-completion to see all the methods
available for an element, or for a group (name, period, tab-key). Some
names you may recognize, some we will learn about in the coming
chapters, some are highly-specialized research tools you can use when you
write your Ph.D. thesis in group theory. For any of these methods,
remember that you can type the name, followed by a question mark, to see
documentation and examples. Experiment and explore — it is really hard to
break anything.

# Practice area (not linked for Sage Cell use)

Here are some selected examples of various methods available.

A4 = AlternatingGroup(4)
A4.order()

12

A4.is_finite()

True

A4.is_abelian()

False

A4.is_cyclic()

False

sigma = A4("(1,2,4)")
sigma^-1

(1,4,2)
sigma.order()

A very useful method when studying the alternating group is the

permutation group element method .sign() . It will return 1 if a
permutation is even and -1 if a permutation is odd.

G = SymmetricGroup(3)
sigma = G("(1,2)")
tau = G("(1,3)")
rho = sigma*tau
sigma.sign()

-1

rho.sign()

We can create subgroups by giving the main group a list of “generators.”

These elements serve to “generate” a subgroup — imagine multiplying
these elements (and their inverses) together over and over, creating new
elements that must also be in the subgroup and also become involved in
new products, until you see no new elements. Now that definition ends with
a horribly imprecise statement, but it should suffice for now. A better
definition is that the subgroup generated by the elements is the smallest
subgroup of the main group that contains all the generators — which is fine
if you know what all the subgroups might be.

With a single generator, the repeated products just become powers of the
lone generator. The subgroup generated then is cyclic. With two (or more)
generators, especially in a non-abelian group, the situation can be much,
much more complicated. So let us begin with just a single generator. But do
not forget to put it in a list anyway.

A4 = AlternatingGroup(4)
sigma = A4("(1,2,4)")
sg = A4.subgroup([sigma])
sg

Subgroup generated by [(1,2,4)]

of (Alternating group of order 4!/2 as a permutation group)

sg.order()

sg.list()

[(), (1,2,4), (1,4,2)]

sg.is_abelian()

True

sg.is_cyclic()

True

sg.is_subgroup(A4)

True

We can now redo the example from the very beginning of this chapter. We
translate to elements to cycle notation, construct the subgroup from two
generators (the subgroup is not cyclic), and since the subgroup is abelian,
we do not have to view Sage's Cayley table as a diagonal reflection of the
table in the example.

G = SymmetricGroup(5)
sigma = G("(4,5)")
tau = G("(1,3)")
H = G.subgroup([sigma, tau])
H.list()

[(), (4,5), (1,3), (1,3)(4,5)]

text_names = ['id', 'sigma', 'tau', 'mu']

H.cayley_table(names=text_names)

* id sigma tau mu
+------------------------
id| id sigma tau mu
sigma| sigma id mu tau
tau| tau mu id sigma
mu| mu tau sigma id

# Practice area (not linked for Sage Cell use)

Motion Group of a Cube

We could mimic the example in the text and create elements of as
permutations of the diagonals. A more obvious, but less insightful,
construction is to view the 8 corners of the cube as the items being
permuted. Then some obvious symmetries of the cube come from running
an axis through the center of a side, through to the center of the opposite
side, with quarter-turns or half-turns about these axes forming symmetries.
With three such axes and four rotations per axis, we get 12 symmetries,
except we have counted the identity permutation two extra times.
Label the four corners of the square top with through , placing in the
left-front corner, and following around clockwise when viewed from above.
Use through for the bottom square's corner, so that is directly below
, below , etc. We will use quarter-turns, clockwise, around each axis,
when viewed from above, the front, and the right.

G = SymmetricGroup(8)
above = G("(1,2,3,4)(5,6,7,8)")
front = G("(1,4,8,5)(2,3,7,6)")
right = G("(1,2,6,5)(3,7,8,4)")
cube = G.subgroup([above, front, right])
cube.order()

24

cube.list()

[(), (1,3)(2,4)(5,7)(6,8), (1,6)(2,5)(3,8)(4,7), (1,8)(2,7)

(3,6)(4,5),
(1,4,3,2)(5,8,7,6), (1,2,3,4)(5,6,7,8), (1,5)(2,8)(3,7)(4,6),
(1,7)(2,6)(3,5)(4,8), (2,5,4)(3,6,8), (1,3,8)(2,7,5), (1,6,3)
(4,5,7),
(1,8,6)(2,4,7), (1,4)(2,8)(3,5)(6,7), (1,2,6,5)(3,7,8,4),
(1,5,6,2)(3,4,8,7),
(1,7)(2,3)(4,6)(5,8), (2,4,5)(3,8,6), (1,3,6)(4,7,5), (1,6,8)
(2,7,4),
(1,8,3)(2,5,7), (1,4,8,5)(2,3,7,6), (1,2)(3,5)(4,6)(7,8),
(1,5,8,4)(2,6,7,3),
(1,7)(2,8)(3,4)(5,6)]

Since we know from the discussion in the text that the symmetry group has
elements, we see that our three quarter-turns are sufficient to create
every symmetry. This prompts several questions which you can find in
Exercise 5.6.4.

# Practice area (not linked for Sage Cell use)

OceanofPDF.com
5.6 Sage Exercises
These exercises are designed to help you become familiar with permutation
groups in Sage.

1. Create the full symmetric group with the command

G = SymmetricGroup(10) .

2. Create elements of G with the following (varying) syntax. Pay attention

to commas, quotes, brackets, parentheses. The first two use a string
(characters) as input, mimicking the way we write permuations (but with
commas). The second two use a list of tuples.

a = G("(5,7,2,9,3,1,8)")
b = G("(1,3)(4,5)")
c = G([(1,2),(3,4)])
d = G([(1,3),(2,5,8),(4,6,7,9,10)])

a. Compute , , .
b. Compute the orders of each of these four individual elements ( a
through d ) using a single permutation group element method.
c. Use the permutation group element method .sign() to determine
if are even or odd permutations.
 d. Create two cyclic subgroups of with the commands:

H = G.subgroup([a])
K = G.subgroup([d])

List, and study, the elements of each subgroup. Without using Sage,
list the order of each subgroup of . Then use Sage to construct a
subgroup of with order 10.
e. More complicated subgroups can be formed by using two or more
generators. Construct a subgroup of with the command
L = G.subgroup([b,c]) . Compute the order of and list
all of the elements of .

3. Construct the group of symmetries of the tetrahedron (also the alternating

group on 4 symbols, ) with the command
A=AlternatingGroup(4) . Using tools such as orders of elements,
and generators of subgroups, see if you can find all of the subgroups of
(each one exactly once). Do this without using the .subgroups()
method to justify the correctness of your answer (though it might be a
convenient way to check your work).

Provide a nice summary as your answer—not just piles of output. So use

Sage as a tool, as needed, but basically your answer will be a concise
paragraph and/or table. This is the one part of this assignment without clear,
precise directions, so spend some time on this portion to get it right. Hint:
no subgroup of requires more than two generators.

4. The subsection The Motion Group of a Cube describes the

symmetries of a cube as a subgroup of the symmetric group generated
by three quarter-turns. Answer the following questions about this symmetry
group.

a. From the list of elements of the group, can you locate the ten
rotations about axes? (Hint: the identity is easy, the other nine never
send any symbol to itself.)
b. Can you identify the six symmetries that are a transposition of
diagonals? (Hint:
[g for g in cube if g.order() == 2] is a good
preliminary filter.)
c. Verify that any two of the quarter-turns ( above , front ,
right ) are sufficient to generate the whole group. How do you
know each pair generates the entire group?
d. Can you express one of the diagonal transpositions as a product of
quarter-turns? This can be a notoriously difficult problem, especially
for software. It is known as the “word problem.”
e. Number the six faces of the cube with the numbers through (any
way you like). Now consider the same three symmetries we used
before (quarter-turns about face-to-face axes), but now view them as
permutations of the six faces. In this way, we construct each
symmetry as an element of . Verify that the subgroup generated by
these symmetries is the whole symmetry group of the cube. Again,
rather than using three generators, try using just two.

5. Save your work, and then see if you can crash your Sage session by
building the subgroup of generated by the elements b and d of
orders and from above. Do not submit the list of elements of N as
part of your submitted worksheet.

N = G.subgroup([b,d])
N.list()
What is the order of ?

OceanofPDF.com
Chapter 6 Cosets and Lagrange's
Theorem
Lagrange's Theorem, one of the most important results in finite group
theory, states that the order of a subgroup must divide the order of the
group. This theorem provides a powerful tool for analyzing finite groups; it
gives us an idea of exactly what type of subgroups we might expect a finite
group to possess. Central to understanding Lagranges's Theorem is the
notion of a coset.

OceanofPDF.com
6.1 Cosets
Let be a group and a subgroup of . Define a left coset of with
representative to be the set

Right cosets can be defined similarly by

If left and right cosets coincide or if it is clear from the context to which
type of coset that we are referring, we will use the word coset without
specifying left or right.

Example 6.1. Let be the subgroup of consisting of the elements

and . The cosets are

We will always write the cosets of subgroups of and with the

additive notation we have used for cosets here. In a commutative group,
left and right cosets are always identical.

Example 6.2. Let be the subgroup of defined by the permutations

. The left cosets of are
 The right cosets of are exactly the same as the left cosets:

It is not always the case that a left coset is the same as a right coset. Let
be the subgroup of defined by the permutations . Then the
left cosets of are

however, the right cosets of are

The following lemma is quite useful when dealing with cosets. (We leave
its proof as an exercise.)

Lemma 6.3. Let be a subgroup of a group and suppose that

. The following conditions are equivalent.

1. ;

2. ;
3. ;
4. ;
 5. .

In all of our examples the cosets of a subgroup partition the larger group
. The following theorem proclaims that this will always be the case.

Theorem 6.4. Let be a subgroup of a group . Then the left cosets of

in partition . That is, the group is the disjoint union of the left
cosets of in .

Proof. Let and be two cosets of in . We must show that

either or . Suppose that
and . Then by the definition of a left coset,
for some elements and in . Hence,
or . By Lemma 6.3, .

Remark 6.5. There is nothing special in this theorem about left cosets.
Right cosets also partition ; the proof of this fact is exactly the same as
the proof for left cosets except that all group multiplications are done on
the opposite side of .

Let be a group and be a subgroup of . Define the index of in

to be the number of left cosets of in . We will denote the index by
.

Example 6.6. Let and . Then .

Example 6.7. Suppose that , , and

. Then and .
 Theorem 6.8. Let be a subgroup of a group . The number of left
cosets of in is the same as the number of right cosets of in .

Proof. Let and denote the set of left and right cosets of in ,
respectively. If we can define a bijective map , then the
theorem will be proved. If , let . By
Lemma 6.3, the map is well-defined; that is, if , then
. To show that is one-to-one, suppose that

Again by Lemma 6.3, . The map is onto since

.

OceanofPDF.com
6.2 Lagrange's Theorem
Proposition 6.9. Let be a subgroup of with and define a map
by . The map is bijective; hence, the number of
elements in is the same as the number of elements in .

Proof. We first show that the map is one-to-one. Suppose that

for elements . We must show that , but and
. So , and by left cancellation . To show that
is onto is easy. By definition every element of is of the form for some
and .

Theorem 6.10. Lagrange. Let be a finite group and let be a subgroup of

. Then is the number of distinct left cosets of in . In
particular, the number of elements in must divide the number of elements in .

Proof. The group is partitioned into distinct left cosets. Each left coset
has elements; therefore, .

Corollary 6.11. Suppose that is a finite group and . Then the order of
must divide the number of elements in .

Corollary 6.12. Let with a prime number. Then is cyclic and any
such that is a generator.

Proof. Let be in such that . Then by Corollary 6.11, the order of must
divide the order of the group. Since , it must be . Hence, generates .

Corollary 6.12 suggests that groups of prime order must somehow look like .

Corollary 6.13. Let and be subgroups of a finite group such that

. Then
Proof. Observe that

Remark 6.14. The converse of Lagrange's Theorem is false. The

group has order ; however, it can be shown that it does not possess a
subgroup of order . According to Lagrange's Theorem, subgroups of a group of
order can have orders of either , , , , or . However, we are not
guaranteed that subgroups of every possible order exist. To prove that has no
subgroup of order , we will assume that it does have such a subgroup and
show that a contradiction must occur. Since contains eight -cycles, we know
that must contain a -cycle. We will show that if contains one -cycle, then
it must contain more than elements.

Proposition 6.15. The group has no subgroup of order .

Proof. Since , there are only two cosets of in . Inasmuch as

one of the cosets is itself, right and left cosets must coincide; therefore,
or for every . Since there are eight -cycles in
, at least one -cycle must be in . Without loss of generality, assume that
is in . Then must also be in . Since
for all and all and

we can conclude that must have at least seven elements

Therefore, has no subgroup of order .

In fact, we can say more about when two cycles have the same length.

Theorem 6.16. Two cycles and in have the same length if and only if
there exists a such that .

Proof. Suppose that

Define to be the permutation

Then .

Conversely, suppose that is a -cycle and . If

and , then . Hence,

Since is one-to-one and onto, is a cycle of the same length as .

OceanofPDF.com
6.3 Fermat's and Euler's Theorems
The Euler -function is the map defined by for
, and, for , is the number of positive integers with
and .

From Proposition 3.4, we know that the order of , the group of units
in , is . For example, since the numbers
that are relatively prime to 12 are 1, 5, 7, and 11. For any prime ,
. We state these results in the following theorem.

Theorem 6.17. Let be the group of units in . Then

.

The following theorem is an important result in number theory, due to

Leonhard Euler.

Theorem 6.18. Euler's Theorem. Let and be integers such that

and . Then .

Proof. By Theorem 6.17 the order of is . Consequently,

for all ; or is divisible by . Therefore,
.

If we consider the special case of Euler's Theorem in which is prime

and recall that , we obtain the following result, due to Pierre
de Fermat.
 Theorem 6.19. Fermat's Little Theorem. Let be any prime
number and suppose that ( does not divide ). Then

Furthermore, for any integer , .

Historical Note
Joseph-Louis Lagrange (1736–1813), born in Turin, Italy, was of French
and Italian descent. His talent for mathematics became apparent at an early
age. Leonhard Euler recognized Lagrange's abilities when Lagrange, who
was only 19, communicated to Euler some work that he had done in the
calculus of variations. That year he was also named a professor at the Royal
Artillery School in Turin. At the age of 23 he joined the Berlin Academy.
Frederick the Great had written to Lagrange proclaiming that the “greatest
king in Europe” should have the “greatest mathematician in Europe” at his
court. For 20 years Lagrange held the position vacated by his mentor, Euler.
His works include contributions to number theory, group theory, physics
and mechanics, the calculus of variations, the theory of equations, and
differential equations. Along with Laplace and Lavoisier, Lagrange was one
of the people responsible for designing the metric system. During his life
Lagrange profoundly influenced the development of mathematics, leaving
much to the next generation of mathematicians in the form of examples and
new problems to be solved.

OceanofPDF.com
6.4 Reading Questions
1. State Lagrange's Theorem in your own words.

2. Determine the left cosets of in .

3. The set is a subgroup of .

What is its index in ?

4. Suppose is a group of order 29. Describe .

5. The number is prime. Explain how to compute

without a calculator.

OceanofPDF.com
6.5 Exercises
1. Suppose that is a finite group with an element of order and an
element of order . Why must ?

2. Suppose that is a finite group with elements. What are the orders
of possible subgroups of ?

3. Prove or disprove: Every subgroup of the integers has finite index.

4. Prove or disprove: Every subgroup of the integers has finite order.

5. List the left and right cosets of the subgroups in each of the following.

a. in
b. in
c. in
d. in
e. in
f. in
g. in
h. in

6. Describe the left cosets of in . What is the index of

in ?
7. Verify Euler's Theorem for and .

8. Use Fermat's Little Theorem to show that if is prime, there

is no solution to the equation .

9. Show that the integers have infinite index in the additive group of
rational numbers.

10. Show that the additive group of real numbers has infinite index in the
additive group of the complex numbers.

11. Let be a subgroup of a group and suppose that . Prove

that the following conditions are equivalent.

a.

b.

c.

d.

e.

12. If for all and , show that right cosets are

identical to left cosets. That is, show that for all .

13. What fails in the proof of Theorem 6.8 if is defined by

?
14. Suppose that . Show that the order of divides .

15. The cycle structure of a permutation is defined as the unordered list

of the sizes of the cycles in the cycle decomposition . For example, the
permutation has cycle structure
which can also be written as .

Show that any two permutations have the same cycle structure
if and only if there exists a permutation such that . If
for some , then and are conjugate.

16. If , prove that the number of elements of order is odd. Use

this result to show that must contain a subgroup of order 2.

17. Suppose that . If and are not in , show that

.

18. If , prove that .

19. Let and be subgroups of a group . Prove that is a

coset of in .

20. Let and be subgroups of a group . Define a relation on by

if there exists an and a such that . Show
that this relation is an equivalence relation. The corresponding equivalence
classes are called double cosets. Compute the double cosets of
in .
21. Let be a cyclic group of order . Show that there are exactly
generators for .

22. Let , where are distinct primes.

Prove that

23. Show that

for all positive integers .

OceanofPDF.com
6.6 Sage
Sage can create all of the cosets of a subgroup, and all of the subgroups of a
group. While these methods can be somewhat slow, they are in many, many
ways much better than experimenting with pencil and paper, and can greatly
assist us in understanding the structure of finite groups.

Cosets
Sage will create all the right (or left) cosets of a subgroup. Written
mathematically, cosets are sets, and the order of the elements within the set
is irrelevant. With Sage, lists are more natural, and here it is to our
advantage.

Sage creates the cosets of a subgroup as a list of lists. Each inner list is a
single coset. The first coset is always the coset that is the subgroup itself,
and the first element of this coset is the identity. Each of the other cosets
can be construed to have their first element as their representative, and if
you use this element as the representative, the elements of the coset are in
the same order they would be created by multiplying this representative by
the elements of the first coset (the subgroup).

The keyword side can be 'right' or 'left' , and if not given,

then the default is right cosets. The options refer to which side of the
product has the representative. Notice that now Sage's results will be
“backwards” compared with the text. Here is Example 6.2 reprised, but in a
slightly different order.

G = SymmetricGroup(3)
a = G("(1,2)")
H = G.subgroup([a])
rc = G.cosets(H, side='right'); rc
 [[(), (1,2)], [(2,3), (1,3,2)], [(1,2,3), (1,3)]]

lc = G.cosets(H, side='left'); lc

[[(), (1,2)], [(2,3), (1,2,3)], [(1,3,2), (1,3)]]

So if we work our way through the brackets carefully we can see the
difference between the right cosets and the left cosets. Compare these cosets
with the ones in the text and see that left and right are reversed. Shouldn't
be a problem — just keep it in mind.

G = SymmetricGroup(3)
b = G("(1,2,3)")
H = G.subgroup([b])
rc = G.cosets(H, side='right'); rc

[[(), (1,2,3), (1,3,2)], [(2,3), (1,3), (1,2)]]

lc = G.cosets(H, side='left'); lc

[[(), (1,2,3), (1,3,2)], [(2,3), (1,2), (1,3)]]

If we study the bracketing, we can see that the left and right cosets are
equal. Let's see what Sage thinks:

rc == lc

False

Mathematically, we need sets, but Sage is working with ordered lists, and
the order matters. However, if we know our lists do not have duplicates (the
.cosets() method will never produce duplicates) then we can sort the
lists and a test for equality will perform as expected. The elements of a
permutation group have an ordering defined for them — it is not so
important what this is, just that some ordering is defined. The
sorted() function will take any list and return a sorted version. So for
each list of cosets, we will sort the individual cosets and then sort the list of
sorted cosets. This is a typical maneuver, though a bit complicated with the
nested lists.

rc_sorted = sorted([sorted(coset) for coset in rc])

rc_sorted

[[(), (1,2,3), (1,3,2)], [(2,3), (1,2), (1,3)]]

lc_sorted = sorted([sorted(coset) for coset in lc])

lc_sorted

[[(), (1,2,3), (1,3,2)], [(2,3), (1,2), (1,3)]]

rc_sorted == lc_sorted

True

The list of all cosets can be quite long (it will include every element of the
group) and can take a few seconds to complete, even for small groups.
There are more sophisticated, and faster, ways to study cosets (such as just
using their representatives), but to understand these techniques you also
need to understand more theory.

# Practice area (not linked for Sage Cell use)

Subgroups
Sage can compute all of the subgroups of a group. This can produce even
more output than the coset method and can sometimes take much longer,
depending on the structure of the group. The list is in order of the size of the
subgroups, with smallest first. As a demonstration we will first compute and
list all of the subgroups of a small group, and then extract just one of these
subgroups from the list for some futher study.

G = SymmetricGroup(3)
sg = G.subgroups(); sg

[Subgroup generated by [()] of (Symmetric group of order 3! as

a permutation group),
Subgroup generated by [(2,3)] of (Symmetric group of order 3!
as a permutation group),
Subgroup generated by [(1,2)] of (Symmetric group of order 3!
as a permutation group),
Subgroup generated by [(1,3)] of (Symmetric group of order 3!
as a permutation group),
Subgroup generated by [(1,2,3)] of (Symmetric group of order
3! as a permutation group),
Subgroup generated by [(2,3), (1,2,3)] of (Symmetric group of
order 3! as a permutation group)]

H = sg[4]; H

Subgroup generated by [(1,2,3)] of (Symmetric group of order

3! as a permutation group)

H.order()

H.list()

[(), (1,2,3), (1,3,2)]

H.is_cyclic()
 True

The output of the .subgroups() method can be voluminous, so

sometimes we are interested in properties of specific subgroups (as in the
previous example) or broader questions of the group's “subgroup structure.”
Here we expand on Proposition 6.15. Notice that just because Sage does not
compute a subgroup of order 6 in , this is no substitute whatsoever for a
proof such as given for the corollary. But the computational result
emboldens us to search for the theoretical result with confidence.

G = AlternatingGroup(4)
sg = G.subgroups()
[H.order() for H in sg]

[1, 2, 2, 2, 3, 3, 3, 3, 4, 12]

So we see no subgroup of order 6 in the list of subgroups of . Notice

how Lagrange's Theorem (Theorem 6.10) is in evidence — all the subgroup
orders divide , the order of . Be patient, the next subgroup
computation may take a while.

G = SymmetricGroup(4)
sg = G.subgroups()
[H.order() for H in sg]

[1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4,
4,
6, 6, 6, 6, 8, 8, 8, 12, 24]

Again, note Lagrange's Theorem in action. But more interestingly, has a

subgroup of order 6. Four of them, to be precise. These four subgroups of
order 6 are similar to each other, can you describe them simply (before
digging into the sg list for more information)? If you were curious how
many subgroups has, you could simply count the number of subgroups
in the sg list. The len() function does this for any list and is often an
easy way to count things.

len(sg)

30

# Practice area (not linked for Sage Cell use)

Subgroups of Cyclic Groups

Now that we are more familiar with permutation groups, and know about
the .subgroups() method, we can revisit an idea from Chapter 4. The
subgroups of a cyclic group are always cyclic, but how many are there and
what are their orders?

G = CyclicPermutationGroup(20)
[H.order() for H in G.subgroups()]

[1, 2, 4, 5, 10, 20]

G = CyclicPermutationGroup(19)
[H.order() for H in G.subgroups()]

[1, 19]

We could do this all day, but you have Sage at your disposal, so vary the
order of G by changing n and study the output across many runs.
Maybe try a cyclic group of order 24 and compare with the symmetric
group (above) which also has order 24. Do you feel a conjecture coming
on?
 n = 8
G = CyclicPermutationGroup(n)
[H.order() for H in G.subgroups()]

[1, 2, 4, 8]

# Practice area (not linked for Sage Cell use)

Euler Phi Function

To add to our number-theoretic functions from Chapter 2, we note that Sage
makes the Euler -function available as the function euler_phi() .

euler_phi(345)

176

Here's an interesting experiment that you can try running several times.

m = random_prime(10000)
n = random_prime(10000)
m, n, euler_phi(m*n) == euler_phi(m)*euler_phi(n)

(5881, 1277, True)

Feel another conjecture coming on? Can you generalize this result?

# Practice area (not linked for Sage Cell use)

OceanofPDF.com
6.7 Sage Exercises
The following exercises are less about cosets and subgroups, and more
about using Sage as an experimental tool. They are designed to help you
become both more efficient, and more expressive, as you write commands
in Sage. We will have many opportunities to work with cosets and
subgroups in the coming chapters. These exercises do not contain much
guidance, and get more challenging as they go. They are designed to
explore, or confirm, results presented in this chapter or earlier chapters.

Important: You should answer each of the last three problems with a single
(complicated) line of Sage that concludes by outputting True . A “single
line” means you will have several Sage commands packaged up together in
complicated ways. It does not mean several Sage commands seperated by
semi-colons and typed in on a single line. Be sure include some
intermediate steps used in building up your solution, but using smaller
ranges of values so as to not overwhelm the reader with lots of output. This
will help you, and the grader of your work, have some confidence that the
final version is correct.

When you check integers below for divisibility, remember that range()
produces plain integers, which are quite simple in their functionality. The
srange() command produces Sage integers, which have many more
capabilities. (See the last exercise for an example.) And remember that a list
comprehension is a very compact way to examine many possibilities at
once.

1. Use .subgroups() to find an example of a group and an integer

, so that (a) divides the order of , and (b) has no subgroup of
order . (Do not use the group for , since this is in the text.) Provide
a single line of Sage code that has all the logic to produce the desired as
its output. (You can give your group a simple name on a prior line and then
just reference the group by name.) Here is a very simple example that might
help you structure your answer.

a = 5
b = 10
c = 6
d = 13
a.divides(b)
True
not (b in [c,d])
True
a.divides(b) and not (b in [c,d])
True

2. Verify the truth of Fermat's Little Theorem (either variant) using the
composite number as the choice of the base (either or ),
and for assuming the value of every prime number between and
.

Build up a solution slowly — make a list of powers (start with just a few
primes), then make a list of powers reduced by modular arithmetic, then a
list of comparisons with the predicted value, then a check on all these
logical values resulting from the comparisons. This is a useful strategy for
many similar problems. Eventually you will write a single line that
performs the verification by eventually printing out True . Here are some
more hints about useful functions.

a = 20
b = 6
a.mod(b)
2
prime_range(50, 100)
 [53, 59, 61, 67, 71, 73, 79, 83, 89, 97]
all([True, True, True, True])
True
all([True, True, False, True])
False

3. Verify that the group of units mod has order when is prime,
again for all primes between and . As before, your output should
be simply True , just once, indicating that the statement about the order
is true for all the primes examined. As before, build up your solution
slowly, and with a smaller range of primes in the beginning. Express your
answer as a single line of Sage code.

4. Verify Euler's Theorem for all values of and for

. This will require nested for statements with a conditional.
Again, here is a small example that might be helpful for constructing your
one line of Sage code. Note the use of srange() in this example.

[a/b for a in srange(9) for b in srange(1,a) if gcd(a,b)==1]

[2, 3, 3/2, 4, 4/3, 5, 5/2, 5/3, 5/4, 6, 6/5,
7, 7/2, 7/3, 7/4, 7/5, 7/6, 8, 8/3, 8/5, 8/7]

5. The symmetric group on symbols, , has elements.

Consider the following questions without employing Sage, based on what
we know about orders of elements of permutation groups (Exercise 5.4.13).

What is the maximum possible order?

How many elements are there of order ?
How many elements are there of order ?
 How many elements are there of order ?
What is the smallest positive integer for which there is no element with
that order?

These questions will be easier if you are familiar with using binomial
coefficients for counting in similarly complex situations. But either way,
give some serious thought to each question (and maybe a few of your own)
before firing up Sage.

Now, compute how many elements there are of each order using the
.order() method, and then embed this into a list comprehension which
creates a single list of these counts. You can check your work (or check
Sage) by wrapping this list in sum() and hopefully getting .

Comment on the process of studying these questions first without any

computational aid, and then again with Sage. For which values of do you
think Sage would be too slow and your mind quicker?

OceanofPDF.com
Chapter 7 Introduction to
Cryptography
Cryptography is the study of sending and receiving secret messages. The
aim of cryptography is to send messages across a channel so that only the
intended recipient of the message can read it. In addition, when a message
is received, the recipient usually requires some assurance that the message
is authentic; that is, that it has not been sent by someone who is trying to
deceive the recipient. Modern cryptography is heavily dependent on
abstract algebra and number theory.

The message to be sent is called the plaintext message. The disguised

message is called the ciphertext. The plaintext and the ciphertext are both
written in an alphabet, consisting of letters or characters. Characters can
include not only the familiar alphabetic characters A, , Z and a, ,z
but also digits, punctuation marks, and blanks. A cryptosystem, or cipher,
has two parts: encryption, the process of transforming a plaintext message
to a ciphertext message, and decryption, the reverse transformation of
changing a ciphertext message into a plaintext message.

There are many different families of cryptosystems, each distinguished by a

particular encryption algorithm. Cryptosystems in a specified cryptographic
family are distinguished from one another by a parameter to the encryption
function called a key. A classical cryptosystem has a single key, which must
be kept secret, known only to the sender and the receiver of the message. If
person wishes to send secret messages to two different people and ,
and does not wish to have understand 's messages or vice versa,
must use two separate keys, so one cryptosystem is used for exchanging
messages with , and another is used for exchanging messages with .
Systems that use two separate keys, one for encoding and another for
decoding, are called public key cryptosystems. Since knowledge of the
encoding key does not allow anyone to guess at the decoding key, the
encoding key can be made public. A public key cryptosystem allows and
to send messages to using the same encoding key. Anyone is capable
of encoding a message to be sent to , but only knows how to decode
such a message.

OceanofPDF.com
7.1 Private Key Cryptography
In single or private key cryptosystems the same key is used for both
encrypting and decrypting messages. To encrypt a plaintext message, we
apply to the message some function which is kept secret, say . This
function will yield an encrypted message. Given the encrypted form of the
message, we can recover the original message by applying the inverse
transformation . The transformation must be relatively easy to
compute, as must ; however, must be extremely difficult to guess
from available examples of coded messages.

Example 7.1. One of the first and most famous private key
cryptosystems was the shift code used by Julius Caesar. We first digitize
the alphabet by letting . The encoding
function will be

that is, . The decoding function is then

Suppose we receive the encoded message DOJHEUD. To decode this

message, we first digitize it:

Next we apply the inverse transformation to get

 or ALGEBRA. Notice here that there is nothing special about either of the
numbers or . We could have used a larger alphabet or a different shift.

Cryptanalysis is concerned with deciphering a received or intercepted

message. Methods from probability and statistics are great aids in
deciphering an intercepted message; for example, the frequency analysis of
the characters appearing in the intercepted message often makes its
decryption possible.

Example 7.2. Suppose we receive a message that we know was

encrypted by using a shift transformation on single letters of the -letter
alphabet. To find out exactly what the shift transformation was, we must
compute in the equation . We can do this using
frequency analysis. The letter is the most commonly occurring
letter in the English language. Suppose that is the most commonly
occurring letter in the ciphertext. Then we have good reason to suspect
that , or . Therefore, the most likely
encrypting function is

The corresponding decrypting function is

It is now easy to determine whether or not our guess is correct.

Simple shift codes are examples of monoalphabetic cryptosystems. In these

ciphers a character in the enciphered message represents exactly one
character in the original message. Such cryptosystems are not very
sophisticated and are quite easy to break. In fact, in a simple shift as
described in Example 7.1, there are only possible keys. It would be quite
easy to try them all rather than to use frequency analysis.

Let us investigate a slightly more sophisticated cryptosystem. Suppose that

the encoding function is given by

We first need to find out when a decoding function exists. Such a

decoding function exists when we can solve the equation

for . By Proposition 3.4, this is possible exactly when has an inverse or,
equivalently, when . In this case

Such a cryptosystem is called an affine cryptosystem.

Example 7.3. Let us consider the affine cryptosystem

. For this cryptosystem to work we must choose
an that is invertible. This is only possible if .
Recognizing this fact, we will let since . It is easy
to see that . Therefore, we can take our encryption function to
be . Thus, ALGEBRA is encoded as
, or DGHXIKD. The decryption function will be
A cryptosystem would be more secure if a ciphertext letter could represent
more than one plaintext letter. To give an example of this type of
cryptosystem, called a polyalphabetic cryptosystem, we will generalize
affine codes by using matrices. The idea works roughly the same as before;
however, instead of encrypting one letter at a time we will encrypt pairs of
letters. We can store a pair of letters and in a vector

Let be a invertible matrix with entries in . We can define an

encoding function by

where is a fixed column vector and matrix operations are performed in

. The decoding function must be

Example 7.4. Suppose that we wish to encode the word HELP. The
corresponding digit string is . If

then
 If , then our message is encrypted as RRGR. The encrypted
letter R represents more than one plaintext letter.

Frequency analysis can still be performed on a polyalphabetic

cryptosystem, because we have a good understanding of how pairs of letters
appear in the English language. The pair th appears quite often; the pair qz
never appears. To avoid decryption by a third party, we must use a larger
matrix than the one we used in Example 7.4.

OceanofPDF.com
7.2 Public Key Cryptography
If traditional cryptosystems are used, anyone who knows enough to encode a
message will also know enough to decode an intercepted message. In 1976, W.
Diffie and M. Hellman proposed public key cryptography, which is based on the
observation that the encryption and decryption procedures need not have the
same key. This removes the requirement that the encoding key be kept secret. The
encoding function must be relatively easy to compute, but must be
extremely difficult to compute without some additional information, so that
someone who knows only the encrypting key cannot find the decrypting key
without prohibitive computation. It is interesting to note that to date, no system
has been proposed that has been proven to be “one-way;” that is, for any existing
public key cryptosystem, it has never been shown to be computationally
prohibitive to decode messages with only knowledge of the encoding key.

The RSA Cryptosystem

The RSA cryptosystem introduced by R. Rivest, A. Shamir, and L. Adleman in
1978, is based on the difficulty of factoring large numbers. Though it is not a
difficult task to find two large random primes and multiply them together,
factoring a 150-digit number that is the product of two large primes would take
100 million computers operating at 10 million instructions per second about 50
million years under the fastest algorithms available in the early 1990s. Although
the algorithms have improved, factoring a number that is a product of two large
primes is still computationally prohibitive.

The RSA cryptosystem works as follows. Suppose that we choose two random
150-digit prime numbers and . Next, we compute the product and
also compute , where is the Euler -function.
Now we start choosing random integers until we find one that is relatively
prime to ; that is, we choose such that . Using the
Euclidean algorithm, we can find a number such that .
The numbers and are now made public.
Suppose now that person B (Bob) wishes to send person A (Alice) a message
over a public line. Since and are known to everyone, anyone can encode
messages. Bob first digitizes the message according to some scheme, say
. If necessary, he will break the message into
pieces such that each piece is a positive integer less than . Suppose is one of
the pieces. Bob forms the number and sends to Alice. For
Alice to recover , she need only compute . Only Alice knows
.

Example 7.5. Before exploring the theory behind the RSA cryptosystem or
attempting to use large integers, we will use some small integers just to see that
the system does indeed work. Suppose that we wish to send some message,
which when digitized is . Let and . Then

and

We can let , since . The encoded message is

computed to be

This computation can be reasonably done by using the method of repeated

squares as described in Chapter 4. Using the Euclidean algorithm, we determine
that ; therefore, the decrypting key is
. We can recover the original message by calculating
Now let us examine why the RSA cryptosystem works. We know that
; hence, there exists a such that

There are two cases to consider. In the first case assume that .
Then by Theorem 6.18,

So we see that Alice recovers the original message when she computes
.

For the other case, assume that . Since and , we

know is a multiple of or a multiple of , but not both. We will describe the
first possibility only, since the second is entirely similar. There is then an integer
, with and . Note that we have and that
. Then, using Theorem 6.18, but
now mod ,

So there is an integer such that . Thus, Alice also recovers the

message in this case,

We can now ask how one would go about breaking the RSA cryptosystem. To
find given and , we simply need to factor and solve for by using the
Euclidean algorithm. If we had known that in Example 7.5, we
could have recovered .
Message Verification
There is a problem of message verification in public key cryptosystems. Since the
encoding key is public knowledge, anyone has the ability to send an encoded
message. If Alice receives a message from Bob, she would like to be able to
verify that it was Bob who actually sent the message. Suppose that Bob's
encrypting key is and his decrypting key is . Also, suppose that
Alice's encrypting key is and her decrypting key is . Since
encryption keys are public information, they can exchange coded messages at
their convenience. Bob wishes to assure Alice that the message he is sending is
authentic. Before Bob sends the message to Alice, he decrypts with his own
key:

Anyone can change back to just by encryption, but only Bob has the ability
to form . Now Bob encrypts with Alice's encryption key to form

a message that only Alice can decode. Alice decodes the message and then
encodes the result with Bob's key to read the original message, a message that
could have only been sent by Bob.

Historical Note
Encrypting secret messages goes as far back as ancient Greece and Rome. As we
know, Julius Caesar used a simple shift code to send and receive messages.
However, the formal study of encoding and decoding messages probably began
with the Arabs in the 1400s. In the fifteenth and sixteenth centuries
mathematicians such as Alberti and Viete discovered that monoalphabetic
cryptosystems offered no real security. In the 1800s, F. W. Kasiski established
methods for breaking ciphers in which a ciphertext letter can represent more than
one plaintext letter, if the same key was used several times. This discovery led to
the use of cryptosystems with keys that were used only a single time.
Cryptography was placed on firm mathematical foundations by such people as W.
Friedman and L. Hill in the early part of the twentieth century.

The period after World War I saw the development of special-purpose machines
for encrypting and decrypting messages, and mathematicians were very active in
cryptography during World War II. Efforts to penetrate the cryptosystems of the
Axis nations were organized in England and in the United States by such notable
mathematicians as Alan Turing and A. A. Albert. The Allies gained a tremendous
advantage in World War II by breaking the ciphers produced by the German
Enigma machine and the Japanese Purple ciphers.

By the 1970s, interest in commercial cryptography had begun to take hold. There
was a growing need to protect banking transactions, computer data, and
electronic mail. In the early 1970s, IBM developed and implemented LUZIFER,
the forerunner of the National Bureau of Standards' Data Encryption Standard
(DES).

The concept of a public key cryptosystem, due to Diffie and Hellman, is very
recent (1976). It was further developed by Rivest, Shamir, and Adleman with the
RSA cryptosystem (1978). It is not known how secure any of these systems are.
The trapdoor knapsack cryptosystem, developed by Merkle and Hellman, has
been broken. It is still an open question whether or not the RSA system can be
broken. In 1991, RSA Laboratories published a list of semiprimes (numbers with
exactly two prime factors) with a cash prize for whoever was able to provide a
factorization (http://www.emc.com/emc-plus/rsa-labs/historical/the-rsa-
challenge-numbers.htm7). Although the challenge ended in 2007, many of these
numbers have not yet been factored.

There been a great deal of controversy about research in cryptography and

cryptography itself. In 1929, when Henry Stimson, Secretary of State under
Herbert Hoover, dismissed the Black Chamber (the State Department's
cryptography division) on the ethical grounds that “gentlemen do not read each
other's mail.” During the last two decades of the twentieth century, the National
Security Agency wanted to keep information about cryptography secret, whereas
the academic community fought for the right to publish basic research. Currently,
research in mathematical cryptography and computational number theory is very
active, and mathematicians are free to publish their results in these areas.

OceanofPDF.com
7.3 Reading Questions
1. Use the euler_phi() function in Sage to compute
.

2. Use the power_mod() function in Sage to compute

.

3. Explain the mathematical basis for saying: encrypting a message using

an RSA public key is very simple computationally, while decrypting a
communication without the private key is very hard computationally.

4. Explain how in RSA message encoding differs from message

verification.

5. Explain how one could be justified in saying that Diffie and Hellman's
proposal in 1976 was “revolutionary.”

OceanofPDF.com
7.4 Exercises
1. Encode IXLOVEXMATH using the cryptosystem in Example 7.1.

2. Decode ZLOOA WKLVA EHARQ WKHA ILQDO , which was encoded

using the cryptosystem in Example 7.1.

3. Assuming that monoalphabetic code was used to encode the following

secret message, what was the original message?

APHUO EGEHP PEXOV FKEUH CKVUE CHKVE APHUO

EGEHU EXOVL EXDKT VGEFT EHFKE UHCKF TZEXO
VEZDT TVKUE XOVKV ENOHK ZFTEH TEHKQ LEROF
PVEHP PEXOV ERYKP GERYT GVKEG XDRTE RGAGA

What is the significance of this message in the history of cryptography?

4. What is the total number of possible monoalphabetic cryptosystems?

How secure are such cryptosystems?

5. Prove that a matrix with entries in is invertible if and only

if .

6. Given the matrix

use the encryption function to encode the message
CRYPTOLOGY , where . What is the decoding function?

7. Encrypt each of the following RSA messages so that is divided into

blocks of integers of length ; that is, if , encode , , and
separately.

a.

b.

c.

d.

8. Compute the decoding key for each of the encoding keys in

Exercise 7.4.7.

9. Decrypt each of the following RSA messages .

a.

b.

c.

d.

10. For each of the following encryption keys in the RSA

cryptosystem, compute .

a.
 b.

c.

d.

11. Encrypted messages are often divided into blocks of

letters. A
message such as THE WORLD WONDERS WHY might be encrypted as
JIW OCFRJ LPOEVYQ IOC but sent as
JIW OCF RJL POE VYQ IOC . What are the advantages of using
blocks of letters?

12. Find integers , , and such that

Is this a potential problem in the RSA cryptosystem?

13. Every person in the class should construct an RSA cryptosystem using
primes that are to digits long. Hand in and an encoded
message. Keep secret. See if you can break one another's codes.

OceanofPDF.com
7.5 Additional Exercises: Primality
and Factoring
In the RSA cryptosystem it is important to be able to find large prime
numbers easily. Also, this cryptosystem is not secure if we can factor a
composite number that is the product of two large primes. The solutions to
both of these problems are quite easy. To find out if a number is prime or
to factor , we can use trial division. We simply divide by
. Either a factorization will be obtained, or is prime if
no divides . The problem is that such a computation is prohibitively
time-consuming if is very large.

1. A better algorithm for factoring odd positive integers is Fermat's

factorization algorithm.

a. Let be an odd composite number. Prove that can be written

as the difference of two perfect squares:

Consequently, a positive odd integer can be factored exactly when we

can find integers and such that .
b. Write a program to implement the following factorization algorithm
based on the observation in part (a). The expression
ceiling(sqrt(n)) means the smallest integer greater than or
equal to the square root of . Write another program to do
factorization using trial division and compare the speed of the two
algorithms. Which algorithm is faster and why?

x := ceiling(sqrt(n))
y := 1
 1 : while x^2 - y^2 > n do
y := y + 1

if x^2 - y^2 < n then

x := x + 1
y := 1
goto 1
else if x^2 - y^2 = 0 then
a := x - y
b := x + y
write n = a * b

2. Primality Testing. Recall Fermat's Little Theorem from Chapter 6.

Let be prime with . Then . We can
use Fermat's Little Theorem as a screening test for primes. For example,
cannot be prime since

However, is a potential prime since

We say that an odd composite number is a pseudoprime if

Which of the following numbers are primes and which are pseudoprimes?

a. b.

c. 601
 d. e.

f.

3. Let be an odd composite number and be a positive integer such that

. If , then is a pseudoprime base .
Show that is a pseudoprime base but not a pseudoprime base .

4. Write a program to determine all primes less than using trial

division. Write a second program that will determine all numbers less than
that are either primes or pseudoprimes. Compare the speed of the two
programs. How many pseudoprimes are there below ?

There exist composite numbers that are pseudoprimes for all bases to which
they are relatively prime. These numbers are called Carmichael numbers.
The first Carmichael number is . In 1992, Alford,
Granville, and Pomerance proved that there are an infinite number of
Carmichael numbers [4]. However, Carmichael numbers are very rare.
There are only 2163 Carmichael numbers less than . For more
sophisticated primality tests, see [1], [6], or [7].

OceanofPDF.com
7.6 References and Suggested
Readings
[1] Bressoud, D. M. Factorization and Primality Testing. Springer-
Verlag, New York, 1989.

[2] Diffie, W. and Hellman, M. E. “New Directions in Cryptography,”

IEEE Trans. Inform. Theory 22 (1976), 644–54.

[3] Gardner, M. “Mathematical games: A new kind of cipher that would

take millions of years to break,” Scientific American 237 (1977),
120–24.

[4] Granville, A. “Primality Testing and Carmichael Numbers,” Notices

of the American Mathematical Society 39 (1992), 696–700.

[5] Hellman, M. E. “The Mathematics of Public Key Cryptography,”

Scientific American 241 (1979), 130–39.

[6] Koblitz, N. A Course in Number Theory and Cryptography. 2nd ed.

Springer, New York, 1994.

[7] Pomerance, C., ed. “Cryptology and Computational Number

Theory”, Proceedings of Symposia in Applied Mathematics 42
(1990) American Mathematical Society, Providence, RI.

[8] Rivest, R. L., Shamir, A., and Adleman, L., “A Method for
Obtaining Signatures and Public-key Cryptosystems,” Comm. ACM
21 (1978), 120–26.

OceanofPDF.com
7.7 Sage
Since Sage began as software to support research in number theory, we can
quickly and easily demonstrate the internal workings of the RSA algorithm.
Recognize that, in practice, many other details such as encoding between
letters and integers, or protecting one's private key, are equally important
for the security of communications. So RSA itself is just the theoretical
foundation.

Constructing Keys
We will suppose that Alice wants to send a secret message to Bob, along
with message verification (also known as a message with a digital
signature). So we begin with the construction of key pairs (private and
public) for both Alice and Bob. We first need two large primes for both
individuals, and their product. In practice, values of would have hundreds
of digits, rather than just as we have done here.

p_a = next_prime(10^10)
q_a = next_prime(p_a)
p_b = next_prime((3/2)*10^10)
q_b = next_prime(p_b)
n_a = p_a * q_a
n_b = p_b * q_b
n_a, n_b

(100000000520000000627, 225000000300000000091)

Computationally, the value of the Euler -function for a product of primes

can be obtained from , but we could use Sage's built-in
function just as well.

m_a = euler_phi(n_a)
m_b = euler_phi(n_b)
m_a, m_b
(100000000500000000576, 225000000270000000072)

Now we can create the encryption and decryption exponents. We choose the
encryption exponent as a (small) number relatively prime to the value of .
With Sage we can factor quickly to help us choose this value. In practice
we would not want to do this computation for large values of , so we
might more easily choose “random” values and check for the first value
which is relatively prime to . The decryption exponent is the
multiplicative inverse, mod , of the encryption exponent. If you construct
an improper encryption exponent (not relatively prime to ), the
computation of the multiplicative inverse will fail (and Sage will tell you
so). We do this twice —- for both Alice and Bob.

factor(m_a)

2^6 * 3 * 11 * 17 * 131 * 521 * 73259 * 557041

E_a = 5*23
D_a = inverse_mod(E_a, m_a)
D_a

20869565321739130555

factor(m_b)

2^3 * 3^4 * 107 * 1298027 * 2500000001

E_b = 7*29
D_b = inverse_mod(E_b, m_b)
D_b

24384236482463054195
At this stage, each individual would publish their values of and , while
keeping very private and secure. In practice should be protected on
the user's hard disk by a password only the owner knows. For even greater
security a person might only have two copies of their private key, one on a
USB memory stick they always carry with them, and a backup in their sage
deposit box. Every time the person uses they would need to provide the
password. The value of can be discarded. For the record, here are all the
keys:

print("Alice's public key, n:", n_a, "E:", E_a)

Alice's public key, n: 100000000520000000627 E: 115

print("Alice's private key, D:", D_a)

Alice's private key, D: 20869565321739130555

print("Bob's public key, n:", n_b, "E:", E_b)

Bob's public key, n: 225000000300000000091 E: 203

print("Bob's private key, D:", D_b)

Bob's private key, D: 24384236482463054195

# Practice area (not linked for Sage Cell use)

Signing and Encoding a Message

Alice is going to construct a message as an English word with four letters.
From these four letters we will construct a single number to represent the
message in a form we can use in the RSA algorithm. The function
 ord() will convert a single letter to its ASCII code value, a number
between 0 and 127. If we use these numbers as “digits” mod 128, we can be
sure that Alice's four-letter word will encode to an integer less than
. The particular maximum value is not important,
so long as it is smaller than our value of since all of our subsequent
arithmetic is mod . We choose a popular four-letter word, convert to
ASCII “digits” with a list comprehension, and then construct the integer
from the digits with the right base. Notice how we can treat the word as a
list and that the first digit in the list is in the “ones” place (we say the list is
in “little-endian” order).

word = 'Sage'
digits = [ord(letter) for letter in word]
digits

[83, 97, 103, 101]

message = ZZ(digits, 128)

message

213512403

First, Alice will sign her message to provide message verification. She uses
her private key for this, since this is an act that only she should be able to
perform.

signed = power_mod(message, D_a, n_a)

signed

47838774644892618423

Then Alice encrypts her message so that only Bob can read it. To do this,
she uses Bob's public key. Notice how she does not have to even know Bob
— for example, she could have obtained Bob's public key off his web site
or maybe Bob announced his public key in an advertisement in the New
York Times.

encrypted = power_mod(signed, E_b, n_b)

encrypted

111866209291209840488

Alice's communication is now ready to travel on any communications

network, no matter how insecure the network may be, and no matter how
many snoops may be monitoring the network.

# Practice area (not linked for Sage Cell use)

Decoding and Verifying a Message

Now assume that the value of encrypted has reached Bob. Realize that
Bob may not know Alice, and realize that Bob does not even necessarily
believe what he has received has genuinely originated from Alice. An
adversary could be trying to confuse Bob by sending messages that claim to
be from Alice. First, Bob must unwrap the encyption Alice has provided.
This is an act only Bob, as the intended recipient, should be able to do. And
he does it by using his private key, which only he knows, and which he has
kept secure.

decrypted = power_mod(encrypted, D_b, n_b)

decrypted

47838774644892618423

Right now, this means very little to Bob. Anybody could have sent him an
encoded message. However, this was a message Alice signed. Lets unwrap
the message signing. Notice that this uses Alice's public key. Bob does not
need to know Alice — for example, he could obtain Alice's key off her web
site or maybe Alice announced her public key in an advertisement in the
New York Times.

received = power_mod(decrypted, E_a, n_a)

received

213512403

Bob needs to transform this integer representation back to a word with

letters. The chr() function converts ASCII code values to letters, and
we use a list comprehension to do this repeatedly.

digits = received.digits(base=128)
letters = [chr(ascii) for ascii in digits]
letters

['S', 'a', 'g', 'e']

If we would like a slightly more recognizable result, we can combine the

letters into a string.

''.join(letters)

'Sage'

Bob is pleased to obtain such an informative message from Alice. What

would have happened if an imposter had sent a message ostensibly from
Alice, or what if an adversary had intercepted Alice's original message and
replaced it with a tampered message? (The latter is known as a “man in the
middle” attack.)
In either case, the rogue party would not be able to duplicate Alice's first
action — signing her message. If an adversary somehow signs the message,
or tampers with it, the step where Bob unwraps the signing will lead to total
garbage. (Try it!) Because Bob received a legitimate word, properly
capitalized, he has confidence that the message he unsigned is the same as
the message Alice signed. In practice, if Alice sent several hundred words
as her message, the odds that it will unsign as cohrent text are
astronomically small.

What have we demonstrated?

1. Alice can send messages that only Bob can read.

2. Bob can receive secret messages from anybody.
3. Alice can sign messages, so that then Bob (or anybody else)knows
they are genuinely from Alice.

Of course, without making new keys, you can reverse the roles of Alice and
Bob. And if Carol makes a key pair, she can communicate with both Alice
and Bob in the same fashion.

If you want to use RSA public-key encryption seriously, investigate the

open source software GNU Privacy Guard, aka GPG , which is freely
available at www.gnupg.org/8. Notice that it only makes sense to use
encryption programs that allow you to look at the source code.

# Practice area (not linked for Sage Cell use)

OceanofPDF.com
7.8 Sage Exercises
1. Construct a keypair for Alice using the first two primes greater than
. For your choice of , use a single prime number and use the smallest
possible choice.

Output the values of , , and for Alice. Then use Sage commands to
verify that Alice's encryption and decryption keys are multiplicative
inverses.

2. Construct a keypair for Bob using the first two primes greater than
. For your choice of , use a single prime number and use the
smallest possible choice. Output the values of , , and for Alice.

Encode the word Math using ASCII values in the same manner as
described in this section (keep the capitalization as shown). Create a signed
message of this word for communication from Alice to Bob. Output the
three integers: the message, the signed message and the signed, encrypted
message.

3. Demonstrate how Bob converts the message received from Alice back
into the word Math . Output the value of the intermediate computations
and the final human-readable message.

4. Create a new signed message from Alice to Bob. Simulate the message
being tampered with by adding to the integer Bob receives, before he
decrypts it. What result does Bob get for the letters of the message when he
decrypts and unsigns the tampered message?
5. Classroom Exercise. Organize a class into several small groups. Have
each group construct key pairs with some minimum size (digits in ). Each
group should keep their private key to themselves, but make their public
key available to everybody in the room. It could be written on the board
(error-prone) or maybe pasted in a public site like pastebin.com 9.
Then each group can send a signed message to another group, where the
groups could be arranged logically in a circular fashion for this purpose. Of
course, messages should be posted publicly as well. Expect a success rate
somewhere between 50% and 100%.

If you do not do this in class, grab a study buddy and send each other
messages in the same manner. Expect a success rate of 0%, 50% or 100%.

OceanofPDF.com
Chapter 8 Algebraic Coding Theory
Coding theory is an application of algebra that has become increasingly
important over the last several decades. When we transmit data, we are
concerned about sending a message over a channel that could be affected by
“noise.” We wish to be able to encode and decode the information in a
manner that will allow the detection, and possibly the correction, of errors
caused by noise. This situation arises in many areas of communications,
including radio, telephone, television, computer communications, and
digital media technology. Probability, combinatorics, group theory, linear
algebra, and polynomial rings over finite fields all play important roles in
coding theory.

OceanofPDF.com
8.1 Error-Detecting and Correcting
Codes
Let us examine a simple model of a communications system for transmitting
and receiving coded messages (Figure 8.1).

Figure 8.1. Encoding and decoding messages

Uncoded messages may be composed of letters or characters, but typically

they consist of binary -tuples. These messages are encoded into
codewords, consisting of binary -tuples, by a device called an encoder. The
message is transmitted and then decoded. We will consider the occurrence of
errors during transmission. An error occurs if there is a change in one or
more bits in the codeword. A decoding scheme is a method that either
converts an arbitrarily received -tuple into a meaningful decoded message
or gives an error message for that -tuple. If the received message is a
codeword (one of the special -tuples allowed to be transmitted), then the
decoded message must be the unique message that was encoded into the
codeword. For received non-codewords, the decoding scheme will give an
error indication, or, if we are more clever, will actually try to correct the error
and reconstruct the original message. Our goal is to transmit error-free
messages as cheaply and quickly as possible.

Example 8.2. One possible coding scheme would be to send a message

several times and to compare the received copies with one another. Suppose
that the message to be encoded is a binary -tuple . The
message is encoded into a binary -tuple by simply repeating the message
three times:

To decode the message, we choose as the th digit the one that appears in
the th place in at least two of the three transmissions. For example, if the
original message is , then the transmitted message will be
. If there is a transmission error in the fifth digit, then
the received codeword will be , which will be correctly
decoded as .10 This triple-repetition method will automatically
detect and correct all single errors, but it is slow and inefficient: to send a
message consisting of bits, extra bits are required, and we can only
detect and correct single errors. We will see that it is possible to find an
encoding scheme that will encode a message of bits into bits with
much smaller than .
Example 8.3. Even parity, a commonly used coding scheme, is much
more efficient than the simple repetition scheme. The ASCII (American
Standard Code for Information Interchange) coding system uses binary -
tuples, yielding possible -tuples. However, only seven bits are
needed since there are only ASCII characters. What can or
should be done with the extra bit? Using the full eight bits, we can detect
single transmission errors. For example, the ASCII codes for A, B, and C
are

Notice that the leftmost bit is always set to 0; that is, the ASCII
characters have codes

The bit can be used for error checking on the other seven bits. It is set to
either or so that the total number of bits in the representation of a
character is even. Using even parity, the codes for A, B, and C now become

Suppose an A is sent and a transmission error in the sixth bit is caused by

noise over the communication channel so that is received.
We know an error has occurred since the received word has an odd number
 of s, and we can now request that the codeword be transmitted again.
When used for error checking, the leftmost bit is called a parity check bit.

By far the most common error-detecting codes used in computers are based
on the addition of a parity bit. Typically, a computer stores information in
-tuples called words. Common word lengths are , , and bits. One bit
in the word is set aside as the parity check bit, and is not used to store
information. This bit is set to either or , depending on the number of s
in the word.

Adding a parity check bit allows the detection of all single errors because
changing a single bit either increases or decreases the number of s by one,
and in either case the parity has been changed from even to odd, so the new
word is not a codeword. (We could also construct an error detection scheme
based on odd parity; that is, we could set the parity check bit so that a
codeword always has an odd number of s.)

The even parity system is easy to implement, but has two drawbacks. First,
multiple errors are not detectable. Suppose an A is sent and the first and
seventh bits are changed from to . The received word is a codeword, but
will be decoded into a C instead of an A. Second, we do not have the ability
to correct errors. If the 8-tuple is received, we know that an
error has occurred, but we have no idea which bit has been changed. We will
now investigate a coding scheme that will not only allow us to detect
transmission errors but will actually correct the errors.

Example 8.4. Suppose that our original message is either a or a , and

that encodes to and encodes to . If only a single error
occurs during transmission, we can detect and correct the error. For
example, if a is received, then the second bit must have been
 changed from a to a . The originally transmitted codeword must have
been . This method will detect and correct all single errors.
Table 8.5. A repetition code
Transmitted Received Word
Codeword

In Table 8.5, we present all possible words that might be received for the
transmitted codewords and . Table 8.5 also shows the number
of bits by which each received -tuple differs from each original codeword.

Maximum-Likelihood Decoding
The coding scheme presented in Example 8.4 is not a complete solution to
the problem because it does not account for the possibility of multiple errors.
For example, either a (000) or a (111) could be sent and a (001) received. We
have no means of deciding from the received word whether there was a
single error in the third bit or two errors, one in the first bit and one in the
second. No matter what coding scheme is used, an incorrect message could
be received. We could transmit a (000), have errors in all three bits, and
receive the codeword (111). It is important to make explicit assumptions
about the likelihood and distribution of transmission errors so that, in a
particular application, it will be known whether a given error detection
scheme is appropriate. We will assume that transmission errors are rare, and,
that when they do occur, they occur independently in each bit; that is, if is
the probability of an error in one bit and is the probability of an error in a
different bit, then the probability of errors occurring in both of these bits at
the same time is . We will also assume that a received -tuple is decoded
into a codeword that is closest to it; that is, we assume that the receiver uses
maximum-likelihood decoding. 11
Figure 8.6. Binary symmetric channel

A binary symmetric channel is a model that consists of a transmitter capable

of sending a binary signal, either a or a , together with a receiver. Let be
the probability that the signal is correctly received. Then is the
probability of an incorrect reception. If a is sent, then the probability that a
is received is and the probability that a is received is (Figure 8.6).
The probability that no errors occur during the transmission of a binary
codeword of length is . For example, if and a message
consisting of 10,000 bits is sent, then the probability of a perfect transmission
is

Theorem 8.7. If a binary -tuple is transmitted across a

binary symmetric channel with probability that no error will occur in
each coordinate, then the probability that there are errors in exactly
coordinates is

Proof. Fix different coordinates. We first compute the probability that an

error has occurred in this fixed set of coordinates. The probability of an error
occurring in a particular one of these coordinates is ; the probability that
an error will not occur in any of the remaining coordinates is . The
probability of each of these independent events is . The number of
possible error patterns with exactly errors occurring is equal to

the number of combinations of things taken at a time. Each of these error

patterns has probability of occurring; hence, the probability of all of
these error patterns is

Example 8.8. Suppose that and a -bit message is sent.

The probability that the message was sent error-free is

The probability of exactly one error occurring is

The probability of exactly two errors is

The probability of more than two errors is approximately

Block Codes
If we are to develop efficient error-detecting and error-correcting codes, we
will need more sophisticated mathematical tools. Group theory will allow
faster methods of encoding and decoding messages. A code is an -
block code if the information that is to be coded can be divided into blocks of
binary digits, each of which can be encoded into binary digits. More
specifically, an -block code consists of an encoding function

and a decoding function

A codeword is any element in the image of . We also require that be

one-to-one so that two information blocks will not be encoded into the same
codeword. If our code is to be error-correcting, then must be onto.

Example 8.9. The even-parity coding system developed to detect single

errors in ASCII characters is an -block code. The encoding function is

where with addition in .

Let and be binary -tuples. The

Hamming distance or distance, , between and is the number of
bits in which and differ. The distance between two codewords is the
minimum number of transmission errors required to change one codeword
into the other. The minimum distance for a code, , is the minimum of
all distances , where and are distinct codewords. The weight,
, of a binary codeword is the number of s in . Clearly,
, where .

Example 8.10. Let , , and be

all of the codewords in some code . Then we have the following
Hamming distances:

The minimum distance for this code is 3. We also have the following
weights:

The following proposition lists some basic properties about the weight of a
codeword and the distance between two codewords. The proof is left as an
exercise.

Proposition 8.11. Let , , and be binary -tuples. Then

1. ;

2. ;
3. exactly when ;

4. ;

5. .
The weights in a particular code are usually much easier to compute than the
Hamming distances between all codewords in the code. If a code is set up
carefully, we can use this fact to our advantage.

Suppose that and are codewords in some code. If

we transmit and an error occurs in the rightmost bit, then (1100) will
be received. Since is a codeword, the decoder will decode as
the transmitted message. This code is clearly not very appropriate for error
detection. The problem is that . If and
are codewords, then . If is transmitted and a
single error occurs, then can never be received. Table 8.12 gives the
distances between all 4-bit codewords in which the first three bits carry
information and the fourth is an even parity check bit. We can see that the
minimum distance here is ; hence, the code is suitable as a single error-
detecting code.
Table 8.12. Distances between 4-bit codewords

To determine exactly what the error-detecting and error-correcting

capabilities for a code are, we need to analyze the minimum distance for the
code. Let and be codewords. If and an error occurs where
and differ, then is changed to . The received codeword is and no
error message is given. Now suppose . Then a single error
cannot change to . Therefore, if , we have the ability to detect
single errors. However, suppose that , is sent, and a
noncodeword is received such that

Then the decoder cannot decide between and . Even though we are aware
that an error has occurred, we do not know what the error is.

Suppose . Then the maximum-likelihood decoding scheme corrects

all single errors. Starting with a codeword , an error in the transmission of a
single bit gives with , but for any other
codeword . If we do not require the correction of errors, then we can
detect multiple errors when a code has a minimum distance that is greater
than or equal to .

Theorem 8.13. Let be a code with . Then can

correct any or fewer errors. Furthermore, any or fewer errors can be
detected in .

Proof. Suppose that a codeword is sent and the word is received with at
most errors. Then . If is any codeword other than , then

Hence, and will be correctly decoded as . Now

suppose that is transmitted and is received and that at least one error has
occurred, but not more than errors. Then . Since the
minimum distance between codewords is , cannot be a codeword.
Consequently, the code can detect between and errors.

Example 8.14. In Table 8.15, the codewords ,

, , and determine a single
 error-correcting code.
Table 8.15. Hamming distances for an error-correcting code

Historical Note
Modern coding theory began in 1948 with C. Shannon's paper, “A
Mathematical Theory of Information” [7]. This paper offered an example of
an algebraic code, and Shannon's Theorem proclaimed exactly how good
codes could be expected to be. Richard Hamming began working with linear
codes at Bell Labs in the late 1940s and early 1950s after becoming
frustrated because the programs that he was running could not recover from
simple errors generated by noise. Coding theory has grown tremendously in
the past several decades. The Theory of Error-Correcting Codes, by
MacWilliams and Sloane [5], published in 1977, already contained over 1500
references. Linear codes (Reed-Muller -block codes) were used on
NASA's Mariner space probes. More recent space probes such as Voyager
have used what are called convolution codes. Currently, very active research
is being done with Goppa codes, which are heavily dependent on algebraic
geometry.

OceanofPDF.com
8.2 Linear Codes
To gain more knowledge of a particular code and develop more efficient
techniques of encoding, decoding, and error detection, we need to add
additional structure to our codes. One way to accomplish this is to require
that the code also be a group. A group code is a code that is also a subgroup
of .

To check that a code is a group code, we need only verify one thing. If we
add any two elements in the code, the result must be an -tuple that is again
in the code. It is not necessary to check that the inverse of the -tuple is in
the code, since every codeword is its own inverse, nor is it necessary to
check that is a codeword. For instance,

Example 8.16. Suppose that we have a code that consists of the

following 7-tuples:

It is a straightforward though tedious task to verify that this code is also a

subgroup of and, therefore, a group code. This code is a single error-
detecting and single error-correcting code, but it is a long and tedious
process to compute all of the distances between pairs of codewords to
determine that . It is much easier to see that the minimum
weight of all the nonzero codewords is . As we will soon see, this is no
 coincidence. However, the relationship between weights and distances in a
particular code is heavily dependent on the fact that the code is a group.

Lemma 8.17. Let and be binary -tuples. Then

.
Proof. Suppose that and are binary -tuples. Then the distance
between and is exactly the number of places in which and differ.
But and differ in a particular coordinate exactly when the sum in the
coordinate is , since

Consequently, the weight of the sum must be the distance between the two
codewords.

Theorem 8.18. Let be the minimum distance for a group code .

Then is the minimum weight of all the nonzero codewords in . That
is,

Proof. Observe that

Linear Codes
From Example 8.16, it is now easy to check that the minimum nonzero
weight is ; hence, the code does indeed detect and correct all single errors.
We have now reduced the problem of finding “good” codes to that of
generating group codes. One easy way to generate group codes is to employ
a bit of matrix theory.

Define the inner product of two binary -tuples to be

where and are column

vectors.12 For example, if and , then
. We can also look at an inner product as the product of a row
matrix with a column matrix; that is,

Example 8.19. Suppose that the words to be encoded consist of all

binary -tuples and that our encoding scheme is even-parity. To encode an
arbitrary -tuple, we add a fourth bit to obtain an even number of s.
Notice that an arbitrary -tuple has an even
number of s exactly when ; hence, a -tuple
has an even number of s if
, or
 This example leads us to hope that there is a connection between matrices
and coding theory.

Let denote the set of all matrices with entries in .

We do matrix operations as usual except that all our addition and
multiplication operations occur in . Define the null space of a matrix
to be the set of all binary -tuples such that .
We denote the null space of a matrix by .

Example 8.20. Suppose that

For a -tuple to be in the null space of ,

. Equivalently, the following system of equations must be
satisfied:

The set of binary -tuples satisfying these equations is

 This code is easily determined to be a group code.

Theorem 8.21. Let be in . Then the null space of is a

group code.

Proof. Since each element of is its own inverse, the only thing that
really needs to be checked here is closure. Let for some
matrix in . Then and . So

Hence, is in the null space of and therefore must be a codeword.

A code is a linear code if it is determined by the null space of some matrix

.

Example 8.22. Let be the code given by the matrix

Suppose that the -tuple is received. It is a simple matter

of matrix multiplication to determine whether or not is a codeword.
Since
the received word is not a codeword. We must either attempt to correct the
word or request that it be transmitted again.

OceanofPDF.com
8.3 Parity-Check and Generator
Matrices
We need to find a systematic way of generating linear codes as well as fast
methods of decoding. By examining the properties of a matrix and by
carefully choosing , it is possible to develop very efficient methods of
encoding and decoding messages. To this end, we will introduce standard
generator and canonical parity-check matrices.

Suppose that is an matrix with entries in and . If the

last columns of the matrix form the identity matrix, , then
the matrix is a canonical parity-check matrix. More specifically,
, where is the matrix

and is the identity matrix

With each canonical parity-check matrix we can associate an

standard generator matrix
Our goal will be to show that an satisfying exists if and only if
. Given a message block to be encoded, the matrix will allow
us to quickly encode it into a linear codeword .

Example 8.23. Suppose that we have the following eight words to be

encoded:

For

the associated standard generator and canonical parity-check matrices are

and
respectively.

Observe that the rows in represent the parity checks on certain bit
positions in a -tuple. The s in the identity matrix serve as parity checks
for the s in the same row. If , then

which yields a system of equations:

Here serves as a check bit for and ; is a check bit for and
; and is a check bit for and . The identity matrix keeps , ,
and from having to check on each other. Hence, , , and can be
arbitrary but , , and must be chosen to ensure parity. The null
space of is easily computed to be

An even easier way to compute the null space is with the generator matrix
(Table 8.24).
 Table 8.24. A matrix-generated code
Message Word Codeword

Theorem 8.25. If is a canonical parity-check matrix,

then consists of all whose first bits are
arbitrary but whose last bits are determined by . Each of the
last bits serves as an even parity check bit for some of the first
bits. Hence, gives rise to an -block code.

We leave the proof of this theorem as an exercise. In light of the theorem,

the first bits in are called information bits and the last bits are
called check bits. In Example 8.23, the first three bits are the information
bits and the last three are the check bits.

Theorem 8.26. Suppose that is an standard generator matrix.

Then is an -block code. More
specifically, is a group code.

Proof. Let and be two codewords. Then

is in since
We must also show that two message blocks cannot be encoded into the
same codeword. That is, we must show that if , then .
Suppose that . Then

However, the first coordinates in are exactly

, since they are determined by the identity matrix,
, part of . Hence, exactly when .

Before we can prove the relationship between canonical parity-check

matrices and standard generating matrices, we need to prove a lemma.

Lemma 8.27. Let be an canonical parity-check

matrix and be the corresponding standard

generator matrix. Then .
Proof. Let . The th entry in is

where
is the Kronecker delta.

Theorem 8.28. Let be an canonical parity-

check matrix and let be the standard

generator matrix associated with . Let be the code generated by .
Then is in if and only if . In particular, is a linear code
with canonical parity-check matrix .

Proof. First suppose that . Then for some . By

Lemma 8.27, .

Conversely, suppose that is in the null space of . We

need to find an in such that . Since , the
following set of equations must be satisfied:

Equivalently, are determined by :

Consequently, we can let for .

It would be helpful if we could compute the minimum distance of a linear

code directly from its matrix in order to determine the error-detecting
and error-correcting capabilities of the code. Suppose that

are the -tuples in of weight . For an binary matrix , is

exactly the th column of the matrix .

Example 8.29. Observe that

We state this result in the following proposition and leave the proof as an
exercise.

Proposition 8.30. Let be the binary -tuple with a in the th

coordinate and 's elsewhere and suppose that . Then
is the th column of the matrix .
 Theorem 8.31. Let be an binary matrix. Then the null space
of is a single error-detecting code if and only if no column of
consists entirely of zeros.

Proof. Suppose that is a single error-detecting code. Then the

minimum distance of the code must be at least . Since the null space is a
group code, it is sufficient to require that the code contain no codewords of
less than weight other than the zero codeword. That is, must not be a
codeword for . Since is the th column of , the only
way in which could be in the null space of would be if the th column
were all zeros, which is impossible; hence, the code must have the
capability to detect at least single errors.

Conversely, suppose that no column of is the zero column. By

Proposition 8.30, .

Example 8.32. If we consider the matrices

and

then the null space of is a single error-detecting code and the null
space of is not.
We can even do better than Theorem 8.31. This theorem gives us conditions
on a matrix that tell us when the minimum weight of the code formed by
the null space of is . We can also determine when the minimum
distance of a linear code is by examining the corresponding matrix.

Example 8.33. If we let

and want to determine whether or not is the canonical parity-check

matrix for an error-correcting code, it is necessary to make certain that
does not contain any -tuples of weight . That is, ,
, , , , and must not be in .
The next theorem states that we can indeed determine that the code
generated by is error-correcting by examining the columns of .
Notice in this example that not only does have no zero columns, but
also that no two columns are the same.

Theorem 8.34. Let be a binary matrix. The null space of is a

single error-correcting code if and only if does not contain any zero
columns and no two columns of are identical.

Proof. The -tuple has s in the th and th entries and 0s

elsewhere, and for . Since

can only occur if the th and th columns are identical, the null space of
is a single error-correcting code.
Suppose now that we have a canonical parity-check matrix with three
rows. Then we might ask how many more columns we can add to the
matrix and still have a null space that is a single error-detecting and single
error-correcting code. Since each column has three entries, there are
possible distinct columns. We cannot add the columns

So we can add as many as four columns and still maintain a minimum

distance of .

In general, if is an canonical parity-check matrix, then there are

information positions in each codeword. Each column has bits,
so there are possible distinct columns. It is necessary that the columns
be excluded, leaving remaining columns
for information if we are still to maintain the ability not only to detect but
also to correct single errors.

OceanofPDF.com
8.4 Efficient Decoding
We are now at the stage where we are able to generate linear codes that
detect and correct errors fairly easily, but it is still a time-consuming
process to decode a received -tuple and determine which is the closest
codeword, because the received -tuple must be compared to each possible
codeword to determine the proper decoding. This can be a serious
impediment if the code is very large.

Example 8.35. Given the binary matrix

and the -tuples and , we can compute

Hence, is a codeword and is not, since is in the null space and is

not. Notice that is identical to the first column of . In fact, this is
where the error occurred. If we flip the first bit in from to , then we
obtain .

If is an matrix and , then we say that the syndrome of

is . The following proposition allows the quick detection and correction
of errors.
 Proposition 8.36. Let the binary matrix determine a linear
code and let be the received -tuple. Write as , where is
the transmitted codeword and is the transmission error. Then the
syndrome of the received codeword is also the syndrome of the
error .

Proof. The proof follows from the fact that

This proposition tells us that the syndrome of a received word depends

solely on the error and not on the transmitted codeword. The proof of the
following theorem follows immediately from Proposition 8.36 and from the
fact that is the th column of the matrix .

Theorem 8.37. Let and suppose that the linear code

corresponding to is single error-correcting. Let be a received -tuple
that was transmitted with at most one error. If the syndrome of is , then
no error has occurred; otherwise, if the syndrome of is equal to some
column of , say the th column, then the error has occurred in the th
bit.

Example 8.38. Consider the matrix

and suppose that the -tuples , , and

have been received. Then
 Hence, has an error in the third bit and has an error in the fourth bit.
The transmitted codewords for and must have been and
, respectively. The syndrome of does not occur in any of the
columns of the matrix , so multiple errors must have occurred to
produce .

Coset Decoding
We can use group theory to obtain another way of decoding messages. A
linear code is a subgroup of . Coset or standard decoding uses the
cosets of in to implement maximum-likelihood decoding. Suppose
that is an -linear code. A coset of in is written in the form
, where . By Lagrange's Theorem (Theorem 6.10), there are
distinct cosets of in .

Example 8.39. Let be the -linear code given by the parity-

check matrix

The code consists of the codewords

 There are cosets of in , each with order . These
cosets are listed in Table 8.40.

Table 8.40. Cosets of

Coset Coset
Representative

Our task is to find out how knowing the cosets might help us to decode a
message. Suppose that was the original codeword sent and that is the -
tuple received. If is the transmission error, then or,
equivalently, . However, this is exactly the statement that is an
element in the coset . In maximum-likelihood decoding we expect
the error to be as small as possible; that is, will have the least weight.
An -tuple of least weight in a coset is called a coset leader. Once we have
determined a coset leader for each coset, the decoding process becomes a
task of calculating to obtain .

Example 8.41. In Table 8.40, notice that we have chosen a

representative of the least possible weight for each coset. These
representatives are coset leaders. Now suppose that is the
received word. To decode , we find that it is in the coset ;
hence, the originally transmitted codeword must have been
.
A potential problem with this method of decoding is that we might have to
examine every coset for the received codeword. The following proposition
gives a method of implementing coset decoding. It states that we can
associate a syndrome with each coset; hence, we can make a table that
designates a coset leader corresponding to each syndrome. Such a list is
called a decoding table.
Table 8.42. Syndromes for each coset
Syndrome Coset Leader

Proposition 8.43. Let be an -linear code given by the matrix

and suppose that and are in . Then and are in the same coset
of if and only if . That is, two -tuples are in the same coset
if and only if their syndromes are the same.

Proof. Two -tuples and are in the same coset of exactly when
; however, this is equivalent to or
.

Example 8.44. Table 8.42 is a decoding table for the code given in
Example 8.39. If is received, then its syndrome can be
computed to be
 Examining the decoding table, we determine that the coset leader is
. It is now easy to decode the received codeword.

Given an -block code, the question arises of whether or not coset

decoding is a manageable scheme. A decoding table requires a list of cosets
and syndromes, one for each of the cosets of . Suppose that we have
a -block code. We have a huge number of codewords, , yet
there are only cosets.

OceanofPDF.com
8.5 Reading Questions
1. Suppose a binary code has minimum distance . How many errors
can be detected? How many errors can be corrected?

2. Explain why it is impossible for the 8-bit string with decimal value
to be an ASCII code for a character. Assume the leftmost bit of the string is
being used as a parity-check bit.

3. Suppose we receive the 8-bit string with decimal value when we

are expecting ASCII characters with a parity-check bit in the first bit
(leftmost). We know an error has occurred in transmission. Give one of the
probable guesses for the character which was actually sent (other than ‘8’),
under the assumption that any individual bit is rarely sent in error. Explain
the logic of your answer. (You may need to consult a table of ASCII values
online.)

4. Suppose a linear code is created as the null space of the parity-check

matrix

Then is not a codeword. Describe a computation, and give the

result of that computation, which verifies that is not a codeword of the
code .

5. For and as in the previous question, suppose that is received as a

message. Give a maximum likelihood decoding of the received message.
OceanofPDF.com
8.6 Exercises
1. Why is the following encoding scheme not acceptable?
Information
Codeword

2. Without doing any addition, explain why the following set of -tuples in cannot be a group code.

3. Compute the Hamming distances between the following pairs of -tuples.

a.

b.

c.

d.

4. Compute the weights of the following -tuples.

a.

b.

c.

d.

5. Suppose that a linear code has a minimum weight of . What are the error-detection and error-
correction capabilities of ?

6. In each of the following codes, what is the minimum distance for the code? What is the best situation
we might hope for in connection with error detection and error correction?

a.

b.

c.

d.
7. Compute the null space of each of the following matrices. What type of -block codes are the null
spaces? Can you find a matrix (not necessarily a standard generator matrix) that generates each code? Are
your generator matrices unique?

a.

b.

c.

d.

8. Construct a -block code. Discuss both the error-detection and error-correction capabilities of your
code.

9. Let be the code obtained from the null space of the matrix

Decode the message

if possible.

10. Suppose that a -bit binary message is transmitted. Assume that the probability of a single error is
and that the errors occurring in different bits are independent of one another. If , what is the
probability of more than one error occurring? What is the probability of exactly two errors occurring?
Repeat this problem for .

11. Which matrices are canonical parity-check matrices? For those matrices that are canonical parity-
check matrices, what are the corresponding standard generator matrices? What are the error-detection and
error-correction capabilities of the code generated by each of these matrices?

a.

b.

c.

d.

12. List all possible syndromes for the codes generated by each of the matrices in Exercise 8.6.11.

13. Let

Compute the syndrome caused by each of the following transmission errors.

a. An error in the first bit.

b. An error in the third bit.

 c. An error in the last bit.

d. Errors in the third and fourth bits.

14. Let be the group code in defined by the codewords and . Compute the cosets of
in . Why was there no need to specify right or left cosets? Give the single transmission error, if any, to
which each coset corresponds.

15. For each of the following matrices, find the cosets of the corresponding code . Give a decoding table
for each code if possible.

a.

b.

c.

d.

16. Let , , and be binary -tuples. Prove each of the following statements.

a.

b.

c.

17. A metric on a set is a map satisfying the following conditions.

 a. for all ;

b. exactly when ;

c. ;

d. .

In other words, a metric is simply a generalization of the notion of distance. Prove that Hamming distance
is a metric on . Decoding a message actually reduces to deciding which is the closest codeword in
terms of distance.

18. Let be a linear code. Show that either the th coordinates in the codewords of are all zeros or
exactly half of them are zeros.

19. Let be a linear code. Show that either every codeword has even weight or exactly half of the
codewords have even weight.

20. Show that the codewords of even weight in a linear code are also a linear code.

21. If we are to use an error-correcting linear code to transmit the 128 ASCII characters, what size matrix
must be used? What size matrix must be used to transmit the extended ASCII character set of 256
characters? What if we require only error detection in both cases?

22. Find the canonical parity-check matrix that gives the even parity check bit code with three information
positions. What is the matrix for seven information positions? What are the corresponding standard
generator matrices?

23. How many check positions are needed for a single error-correcting code with 20 information
positions? With 32 information positions?

24. Let be the binary -tuple with a in the th coordinate and 's elsewhere and suppose that
. Show that is the th column of the matrix .

25. Let be an -linear code. Define the dual or orthogonal code of to be

 a. Find the dual code of the linear code where is given by the matrix

b. Show that is an -linear code.

c. Find the standard generator and parity-check matrices of and . What happens in general?
Prove your conjecture.

26. Let be an matrix over , where the th column is the number written in binary with
bits. The null space of such a matrix is called a Hamming code.

a. Show that the matrix

generates a Hamming code. What are the error-correcting properties of a Hamming code?

b. The column corresponding to the syndrome also marks the bit that was in error; that is, the th
column of the matrix is written as a binary number, and the syndrome immediately tells us which
bit is in error. If the received word is , compute the syndrome. In which bit did the error
occur in this case, and what codeword was originally transmitted?

c. Give a binary matrix for the Hamming code with six information positions and four check
positions. What are the check positions and what are the information positions? Encode the
messages and . Decode the received words and
. What are the possible syndromes for this code?

d. What is the number of check bits and the number of information bits in an -block Hamming
code? Give both an upper and a lower bound on the number of information bits in terms of the
number of check bits. Hamming codes having the maximum possible number of information bits
with check bits are called perfect. Every possible syndrome except occurs as a column. If the
number of information bits is less than the maximum, then the code is called shortened. In this case,
give an example showing that some syndromes can represent multiple errors.

OceanofPDF.com
8.7 Programming Exercises
1. Write a program to implement a -linear code. Your program
should be able to encode and decode messages using coset decoding. Once
your program is written, write a program to simulate a binary symmetric
channel with transmission noise. Compare the results of your simulation
with the theoretically predicted error probability.

OceanofPDF.com
8.8 References and Suggested
Readings
[1] Blake, I. F. “Codes and Designs,” Mathematics Magazine 52 (1979),
81–95.

[2] Hill, R. A First Course in Coding Theory. Oxford University Press,

Oxford, 1990.

[3] Levinson, N. “Coding Theory: A Counterexample to G. H. Hardy's

Conception of Applied Mathematics,” American Mathematical
Monthly 77 (1970), 249–58.

[4] Lidl, R. and Pilz, G. Applied Abstract Algebra. 2nd ed. Springer,
New York, 1998.

[5] MacWilliams, F. J. and Sloane, N. J. A. The Theory of Error-

Correcting Codes. North-Holland Mathematical Library, 16,
Elsevier, Amsterdam, 1983.

[6] Roman, S. Coding and Information Theory. Springer-Verlag, New

York, 1992.

[7] Shannon, C. E. “A Mathematical Theory of Communication,” Bell

System Technical Journal 27 (1948), 379–423, 623–56.

[8] Thompson, T. M. From Error-Correcting Codes through Sphere

Packing to Simple Groups. Carus Monograph Series, No. 21.
Mathematical Association of America, Washington, DC, 1983.
[9] van Lint, J. H. Introduction to Coding Theory. Springer, New York,
1999.

OceanofPDF.com
8.9 Sage
Sage has a full suite of linear codes and a variety of methods that may be
used to investigate them.

Constructing Linear Codes

The codes object can be used to get a concise listing of the available
implemented codes. Type codes. and press the Tab key and most
interfaces to Sage will give you a list. You can then use a question mark at
the end of a method name to learn about the various parameters.

codes.

We will use the classic binary Hamming code as an illustration.

“Binary” means we have vectors with just 0's and 1's, the is the length and
means the vectors have coordinates, and the is the dimension, meaning
this code has vectors comprising the code. The documentation
assumes we know a few things from later in the course. We use GF(2)
to specify that our code is binary — this will make more sense at the end of
the course. A second parameter is r and we can see from the formulas in
the documenation that setting r=3 will give length .

H = codes.HammingCode(GF(2), 3); H

[7, 4] Hamming Code over GF(2)

Properties of Linear Codes

We can examine the Hamming code we just built. First the dimension.
H.dimension()

The code is small enough that we can list all the codewords.

H.list()

[(0, 0, 0, 0, 0, 0, 0), (1, 0, 0, 0, 0, 1, 1), (0, 1, 0, 0, 1,

0, 1),
(1, 1, 0, 0, 1, 1, 0), (0, 0, 1, 0, 1, 1, 0), (1, 0, 1, 0, 1,
0, 1),
(0, 1, 1, 0, 0, 1, 1), (1, 1, 1, 0, 0, 0, 0), (0, 0, 0, 1, 1,
1, 1),
(1, 0, 0, 1, 1, 0, 0), (0, 1, 0, 1, 0, 1, 0), (1, 1, 0, 1, 0,
0, 1),
(0, 0, 1, 1, 0, 0, 1), (1, 0, 1, 1, 0, 1, 0), (0, 1, 1, 1, 1,
0, 0),
(1, 1, 1, 1, 1, 1, 1)]

The minimum distance is perhaps one of the most important properties.

Hamming codes always have minimum distance , so they are always
single error-correcting.

H.minimum_distance()

We know that the parity-check matrix and the generator matrix are useful
for the construction, description and analysis of linear codes. The Sage
method names are just a bit cryptic. Sage has extensive routines for
analyzing matrices with elements from different fields, so we perform much
of the subsequent analysis of these matrices within Sage.

C = H.parity_check_matrix(); C
 [1 0 1 0 1 0 1]
[0 1 1 0 0 1 1]
[0 0 0 1 1 1 1]

The generator matrix here in the text has columns that are codewords, and
linear combinations of the columns (the column space of the matrix) are
codewords. In Sage the generator matrix has rows that are codewords and
the row space of the matrix is the code. So here is another place where we
need to mentally translate between a choice made in the text and a choice
made by the Sage developers.

G = H.generator_matrix(); G

[1 0 0 0 0 1 1]
[0 1 0 0 1 0 1]
[0 0 1 0 1 1 0]
[0 0 0 1 1 1 1]

Here is a partial test that these two matrices are correct, exercising
Lemma 8.27. Notice that we need to use the transpose of the generator
matrix, for reasons described above.

C*G.transpose() == zero_matrix(3, 4)

True

Note that the parity-check may not be canonical and the generator matrix
may not be standard. Sage can produce a generator matrix that has a set of
columns that forms an identity matrix, though no guarantee is made that
these columns are the first columns. (Columns, not rows.) Such a matrix is
said to be systematic, and the Sage method is
.systematic_generator_matrix() .

H.systematic_generator_matrix()
[1 0 0 0 0 1 1]
[0 1 0 0 1 0 1]
[0 0 1 0 1 1 0]
[0 0 0 1 1 1 1]

Decoding with a Linear Code

We can decode received messages originating from a linear code. Suppose
we receive the length binary vector r .

r = vector(GF(2), [1, 1, 1, 1, 0, 0, 1]); r

(1, 1, 1, 1, 0, 0, 1)

We can recognize that one or more errors has occured, since r is not in
the code, as the next computation does not yield the zero vector.

C*r

(1, 1, 0)

A linear code has a .decode method. You may choose from several
different algorithms, while the Hamming codes have their own custom
algorithm. The default algorithm is syndrome decoding.

H.decode_to_code(r)

(1, 1, 0, 1, 0, 0, 1)

So if we are willing to assume that only one error occured (which we might,
if the probability of an indivual entry of the vector being in error is very
low), then we see that an error occured in the third position.
Remember that it could happen that there was more than just one error. For
example, suppose the message was the same as before and errors occurred
in the third, fifth and sixth locations.

message = vector(GF(2), [1, 1, 0, 1, 0, 0, 1])

errors = vector(GF(2), [0, 0, 1, 0, 1, 1, 0])
received = message + errors
received

(1, 1, 1, 1, 1, 1, 1)

It then appears that we have received a codeword, so we assume no errors at

all, and decode incorrectly.

H.decode_to_code(received) == message

False

H.decode_to_code(received) == received

True

OceanofPDF.com
8.10 Sage Exercises
1. Create the (binary) Golay code with the codes.GolayCode()
constructor. Read the documentation to be sure you build the binary version
(not ternary), and do not build the extended version (which is the default).

a. Use Sage methods to compute the length, dimension and minimum

distance of the code.
b. How many errors can this code detect? How many can it correct?
c. Find a nonzero codeword and introduce three errors by adding a
vector with three 1's (your choice) to create a received message.
Show that the message is decoded properly.
d. Recycle your choices from the previous part, but now add one more
error. Does the new received message get decoded properly?

2. One technique for improving the characteristics of a code is to add an

overall parity-check bit, much like the lone parity-check bit of the ASCII
code described in Example 8.3. Such codes are referred to as the extended
version of the original.

a. Construct the (binary) Golay code and obtain the parity-check matrix.
Use Sage commands to enlarge this matrix to create a new parity
check matrix that has an additional overall parity-check bit. You may
find the matrix methods .augment() and .stack() useful,
as well as the constructors zero_vector() and
ones_matrix() (remembering that we specify the binary entries
as being from the field GF(2) .)

Create the extended code by supplying your enlarged parity-check

matrix to the codes.from_parity_check_matrix()
 constructor and compute the length, dimension and minimum
distance of the extended code.
b. How are the properties of this new code better? At what cost?
c. Now create the extended (binary) Golay code with the Sage
constructor codes.GolayCode() and the correct keyword to
obtain the extended version. With luck, the sorted lists of your
codewords and Sage's codewords will be equal. If not, the linear code
method .is_permutation_equivalent() should return
True to indicate that your code and Sage's are just rearrangements
of each other.

3. Note: This problem is on holiday (as of Sage 6.7), while some buggy
Sage code for the minimum distance of a Hamming code gets sorted out.
The r = 2 case produces an error message and for r > 5 the
computation of the minimum distance has become intolerably slow. So it is
a bit harder to make a reasonable conjecture from just cases.

The dual of an block code is formed as all the set of all binary
vectors which are orthogonal to every vector of the original code.
Exercise 8.6.25 describes this construction and asks about some of its
properties.

You can construct the dual of a code in Sage with the .dual_code()
method. Construct the binary Hamming codes, and their duals, with the
parameter r ranging from 2 to 5 , inclusive. Build a table with six
columns (perhaps employing the html.table() function) that lists ,
the length of the codes, the dimensions of the original and the dual, and the
minimum distances of the orginal and the dual.
Conjecture formulas for the dimension and minimum distance of the dual of
the Hamming code as expressions in the parameter .

4. A code with minimum distance is called perfect if every possible

vector is within Hamming distance of some codeword. If we
expand our notion of geometry to account for the Hamming distance as the
metric, then we can speak of a sphere of radius around a vector (or
codeword. For a code of length , such a sphere will contain

vectors within in it. For a perfect code, the spheres of radius centered at
the codewords of the code will exactly partition the entire set of all possible
vectors. (This is the connection that means that coding theory meshes with
sphere packing problems.)

A consequence of a code of dimension being perfect is that

Conversely, if a code has minimum distance and the condition above is

true, then the code is perfect.

Write a Python function, named is_perfect() which accepts a linear

code as input and returns True or False . Demonstrate your function
by checking that the (binary) Golay code is perfect, and then use a loop to
verify that the (binary) Hamming codes are perfect for all lengths below .

OceanofPDF.com
Chapter 9 Isomorphisms
Many groups may appear to be different at first glance, but can be shown to
be the same by a simple renaming of the group elements. For example,
and the subgroup of the circle group generated by can be shown to be
the same by demonstrating a one-to-one correspondence between the
elements of the two groups and between the group operations. In such a
case we say that the groups are isomorphic.

OceanofPDF.com
9.1 Definition and Examples
Two groups and are isomorphic if there exists a one-to-one
and onto map such that the group operation is preserved; that
is,

for all and in . If is isomorphic to , we write . The map

is called an isomorphism.

Example 9.1. To show that , define a map by

. We must show that is bijective and preserves the group
operation. The map is one-to-one and onto because

Since

the group operation is preserved.

Example 9.2. We can define an isomorphism from the additive group

of real numbers to the multiplicative group of positive real
numbers with the exponential map; that is,
Of course, we must still show that is one-to-one and onto, but this can
be determined using calculus.

Example 9.3. The integers are isomorphic to the subgroup of

consisting of elements of the form . Define a map by
. Then

By definition the map is onto the subset of . To show

that the map is injective, assume that . If we can show that
, then we are done. Suppose that and assume that
. Then or , which is impossible since
.

Example 9.4. The groups and cannot be isomorphic since they

have different orders; however, it is true that . We know
that

An isomorphism is then given by

The map is not the only possible isomorphism between these two
groups. We could define another isomorphism by ,
, , . In fact, both of these groups are
isomorphic to (see Example 3.28 in Chapter 3).

Example 9.5. Even though and possess the same number of

elements, we would suspect that they are not isomorphic, because is
abelian and is nonabelian. To demonstrate that this is indeed the case,
suppose that is an isomorphism. Let be two
elements such that . Since is an isomorphism, there exist
elements and in such that

However,

which contradicts the fact that and do not commute.

Theorem 9.6. Let be an isomorphism of two groups. Then

the following statements are true.

1. is an isomorphism.
2. .
3. If is abelian, then is abelian.
4. If is cyclic, then is cyclic.
5. If has a subgroup of order , then has a subgroup of order .
Proof. Assertions (1) and (2) follow from the fact that is a bijection. We
will prove (3) here and leave the remainder of the theorem to be proved in
the exercises.

(3) Suppose that and are elements of . Since is onto, there exist
elements such that and . Therefore,

We are now in a position to characterize all cyclic groups.

Theorem 9.7. All cyclic groups of infinite order are isomorphic to .

Proof. Let be a cyclic group with infinite order and suppose that is a
generator of . Define a map by . Then

To show that is injective, suppose that and are two elements in ,

where . We can assume that . We must show that .
Let us suppose the contrary; that is, . In this case ,
where , which contradicts the fact that has infinite order. Our
map is onto since any element in can be written as for some integer
and .

Theorem 9.8. If is a cyclic group of order , then is isomorphic to

.

Proof. Let be a cyclic group of order generated by and define a map

by , where . The proof that is an
isomorphism is one of the end-of-chapter exercises.
 Corollary 9.9. If is a group of order , where is a prime number,
then is isomorphic to .

Proof. The proof is a direct result of Corollary 6.12.

The main goal in group theory is to classify all groups; however, it makes
sense to consider two groups to be the same if they are isomorphic. We state
this result in the following theorem, whose proof is left as an exercise.

Theorem 9.10. The isomorphism of groups determines an equivalence

relation on the class of all groups.

Hence, we can modify our goal of classifying all groups to classifying all
groups up to isomorphism; that is, we will consider two groups to be the
same if they are isomorphic.

Cayley's Theorem
Cayley proved that if is a group, it is isomorphic to a group of
permutations on some set; hence, every group is a permutation group.
Cayley's Theorem is what we call a representation theorem. The aim of
representation theory is to find an isomorphism of some group that we
wish to study into a group that we know a great deal about, such as a group
of permutations or matrices.

Example 9.11. Consider the group . The Cayley table for is as

follows.
 The addition table of suggests that it is the same as the permutation
group . The isomorphism here is

Theorem 9.12. Cayley. Every group is isomorphic to a group of

permutations.

Proof. Let be a group. We must find a group of permutations that is

isomorphic to . For any , define a function by
. We claim that is a permutation of . To show that is
one-to-one, suppose that . Then

Hence, . To show that is onto, we must prove that for each

, there is a such that . Let .

Now we are ready to define our group . Let

We must show that is a group under composition of functions and find an
isomorphism between and . We have closure under composition of
functions since

Also,

and

We can define an isomorphism from to by . The group

operation is preserved since

It is also one-to-one, because if , then

Hence, . That is onto follows from the fact that for any
.

The isomorphism is known as the left regular representation of

.
Historical Note
Arthur Cayley was born in England in 1821, though he spent much of the
first part of his life in Russia, where his father was a merchant. Cayley was
educated at Cambridge, where he took the first Smith's Prize in
mathematics. A lawyer for much of his adult life, he wrote several papers in
his early twenties before entering the legal profession at the age of 25.
While practicing law he continued his mathematical research, writing more
than 300 papers during this period of his life. These included some of his
best work. In 1863 he left law to become a professor at Cambridge. Cayley
wrote more than 900 papers in fields such as group theory, geometry, and
linear algebra. His legal knowledge was very valuable to Cambridge; he
participated in the writing of many of the university's statutes. Cayley was
also one of the people responsible for the admission of women to
Cambridge.

OceanofPDF.com
9.2 Direct Products
Given two groups and , it is possible to construct a new group from
the Cartesian product of and , . Conversely, given a large
group, it is sometimes possible to decompose the group; that is, a group is
sometimes isomorphic to the direct product of two smaller groups. Rather
than studying a large group , it is often easier to study the component
groups of .

External Direct Products

If and are groups, then we can make the Cartesian product of
and into a new group. As a set, our group is just the ordered pairs
where and . We can define a binary
operation on by

that is, we just multiply elements in the first coordinate as we do in and

elements in the second coordinate as we do in . We have specified the
particular operations and in each group here for the sake of clarity; we
usually just write .

Proposition 9.13. Let and be groups. The set is a group

under the operation where
and .

Proof. Clearly the binary operation defined above is closed. If and

are the identities of the groups and respectively, then is the
identity of . The inverse of is . The
fact that the operation is associative follows directly from the associativity
of and .

Example 9.14. Let be the group of real numbers under addition. The
Cartesian product of with itself, , is also a group, in
which the group operation is just addition in each coordinate; that is,
. The identity is and the inverse
of is .

Example 9.15. Consider

Although and both contain four elements, they are not

isomorphic. Every element in other than the identity has
order , since ; however, is cyclic.

The group is called the external direct product of and .

Notice that there is nothing special about the fact that we have used only
two groups to build a new group. The direct product

of the groups is defined in exactly the same manner. If

, we often write instead of
.

Example 9.16. The group , considered as a set, is just the set of all
binary -tuples. The group operation is the “exclusive or” of two binary
 -tuples. For example,

This group is important in coding theory, in cryptography, and in many

areas of computer science.

Theorem 9.17. Let . If and have finite orders

and respectively, then the order of in is the least common
multiple of and .

Proof. Suppose that is the least common multiple of and and let
. Then

Hence, must divide , and . However, by the second equation,

both and must divide ; therefore, is a common multiple of and .
Since is the least common multiple of and , . Consequently,
must be equal to .

Corollary 9.18. Let . If has finite order in

, then the order of in is the least common multiple
of .

Example 9.19. Let . Since , the

order of is in . Similarly, the order of in is .
The least common multiple of and is ; hence, has order
in .
 Example 9.20. The group consists of the pairs

In this case, unlike that of and , it is true that

. We need only show that is cyclic. It is easy to see that is
a generator for .

The next theorem tells us exactly when the direct product of two cyclic
groups is cyclic.

Theorem 9.21. The group is isomorphic to if and only if

.

Proof. We will first show that if , then

. We will prove the contrapositive; that is, we will show
that if , then cannot be cyclic. Notice that
is divisible by both and ; hence, for any element
,

Therefore, no can generate all of .

The converse follows directly from Theorem 9.17 since

if and only if .

Corollary 9.22. Let be positive integers. Then

 if and only if for .

Corollary 9.23. If

where the s are distinct primes, then

Proof. Since the greatest common divisor of and is 1 for , the

proof follows from Corollary 9.22.

In Chapter 13, we will prove that all finite abelian groups are isomorphic to
direct products of the form

where are (not necessarily distinct) primes.

Internal Direct Products

The external direct product of two groups builds a large group out of two
smaller groups. We would like to be able to reverse this process and
conveniently break down a group into its direct product components; that is,
we would like to be able to say when a group is isomorphic to the direct
product of two of its subgroups.

Let be a group with subgroups and satisfying the following

conditions.

;
;
for all and .

Then is the internal direct product of and .

Example 9.24. The group is the internal direct product of

Example 9.25. The dihedral group is an internal direct product of its

two subgroups

It can easily be shown that ; consequently, .

Example 9.26. Not every group can be written as the internal direct
product of two of its proper subgroups. If the group were an internal
direct product of its proper subgroups and , then one of the
subgroups, say , would have to have order . In this case is the
subgroup . The subgroup must have order , but
 no matter which subgroup we choose for , the condition that
will never be satisfied for and .

Theorem 9.27. Let be the internal direct product of subgroups and

. Then is isomorphic to .

Proof. Since is an internal direct product, we can write any element

as for some and some . Define a map
by .

The first problem that we must face is to show that is a well-defined map;
that is, we must show that and are uniquely determined by . Suppose
that . Then is in both and , so it
must be the identity. Therefore, and , which proves that
is, indeed, well-defined.

To show that preserves the group operation, let and

and observe that

We will leave the proof that is one-to-one and onto as an exercise.

Example 9.28. The group is an internal direct product isomorphic to

.
We can extend the definition of an internal direct product of to a
collection of subgroups of , by requiring that

;
;

for all and .

We will leave the proof of the following theorem as an exercise.

Theorem 9.29. Let be the internal direct product of subgroups ,

where . Then is isomorphic to .

OceanofPDF.com
9.3 Reading Questions
1. Determine the order of in .

2. List three properties of a group that are preserved by an isomorphism.

3. Find a group isomorphic to that is an external direct product of two

non-trivial groups.

4. Explain why we can now say “the infinite cyclic group”?

5. Compare and contrast external direct products and internal direct

products.

OceanofPDF.com
9.4 Exercises
1. Prove that for .

2. Prove that is isomorphic to the subgroup of consisting of

matrices of the form

3. Prove or disprove: .

4. Prove that is isomorphic to the group of matrices

5. Show that is isomorphic to , but is not.

6. Show that the th roots of unity are isomorphic to .

7. Show that any cyclic group of order is isomorphic to .

8. Prove that is not isomorphic to .

9. Let and define a binary operation on by

Prove that is a group under this operation. Show that is
isomorphic to the multiplicative group of nonzero real numbers.

10. Show that the matrices

form a group. Find an isomorphism of with a more familiar group of

order .

11. Find five non-isomorphic groups of order .

12. Prove is not isomorphic to .

13. Let be a primitive th root of unity. Prove that the

matrices

generate a multiplicative group isomorphic to .

14. Show that the set of all matrices of the form

is a group isomorphic to , where all entries in the matrix are in .

15. List all of the elements of .

16. Find the order of each of the following elements.

a. in

b. in

c. in

d. in

17. Prove that cannot be the internal direct product of two of its proper
subgroups.

18. Prove that the subgroup of consisting of elements of the form

for is an internal direct product isomorphic to .

19. Prove that is isomorphic to . Can you make a conjecture

about ? Prove your conjecture.

20. Prove or disprove: Every abelian group of order divisible by contains

a subgroup of order .
21. Prove or disprove: Every nonabelian group of order divisible by 6
contains a subgroup of order .

22. Let be a group of order . If has subgroups and of orders

and respectively such that for all and , prove
that is the internal direct product of and .

23. Prove or disprove the following assertion. Let , , and be groups.

If , then .

24. Prove or disprove: There is a noncyclic abelian group of order .

25. Prove or disprove: There is a noncyclic abelian group of order .

26. Let be a group isomorphism. Show that if

and only if , where and are the identities of and ,
respectively.

27. Let . Show that if is cyclic, then so is .

28. Prove that any group of order , prime, must be isomorphic to .

29. Show that is isomorphic to a subgroup of .

30. Prove that is isomorphic to a subgroup of .

31. Let and be isomorphisms. Show that

and are both isomorphisms. Using these results, show that the
isomorphism of groups determines an equivalence relation on the class of
all groups.

32. Prove . Can you generalize this result for , where is

prime?

33. Write out the permutations associated with each element of in the
proof of Cayley's Theorem.

34. An automorphism of a group is an isomorphism with itself. Prove

that complex conjugation is an automorphism of the additive group of
complex numbers; that is, show that the map is an
isomorphism from to .

35. Prove that is an automorphism of .

36. Prove that is an automorphism of for all in

.

37. We will denote the set of all automorphisms of by . Prove

that is a subgroup of , the group of permutations of .

38. Find .

39. Find .

40. Find two nonisomorphic groups and such that

.
41. Let be a group and . Define a map by
. Prove that defines an automorphism of . Such an
automorphism is called an inner automorphism. The set of all inner
automorphisms is denoted by .

42. Prove that is a subgroup of .

43. What are the inner automorphisms of the quaternion group ? Is

in this case?

44. Let be a group and . Define maps and

by and . Show that
is an automorphism of . The isomorphism is
called the right regular representation of .

45. Let be the internal direct product of subgroups and . Show that
the map defined by for , where
and , is one-to-one and onto.

46. Let and be isomorphic groups. If has a subgroup of order ,

prove that must also have a subgroup of order .

47. If and , show that .

48. Prove that is isomorphic to .

49. Let be positive integers. Show that

if and only if for .

50. Prove that is abelian if and only if and are abelian.

51. If is the internal direct product of , prove that is

isomorphic to .

52. Let and be subgroups of and , respectively. Prove that

is a subgroup of .

53. Let . Prove that if and only if

.

54. Let . Prove that if and only if

.

55. Groups of order . In this series of exercises we will classify all

groups of order , where is an odd prime.

a. Assume is a group of order , where is an odd prime. If

, show that must have order , , , or .

b. Suppose that has an element of order . Prove that is

isomorphic to . Hence, is cyclic.
c. Suppose that does not contain an element of order . Show that
must contain an element of order . Hint: Assume that does not
contain an element of order .

d. Suppose that does not contain an element of order . Show that

must contain an element of order .

e. Let be a subgroup of with order and have order .

Show that .

f. Suppose that does not contain an element of order and

is a subgroup of order generated by . If is an element of order ,
then for some .

g. Suppose that does not contain an element of order . Prove that

is not abelian.

h. Suppose that does not contain an element of order and

is a subgroup of order generated by and is an element of order
. Show that we can list the elements of as
.

i. Suppose that does not contain an element of order and

is a subgroup of order generated by and is an element of order
. Prove that the product can be expressed as a uniquely
as for some non negative integers . Thus, conclude that
there is only one possibility for a non-abelian group of order , it
must therefore be the one we have seen already, the dihedral group.

OceanofPDF.com
9.5 Sage
Sage has limited support for actually creating isomorphisms, though it is
possible. However, there is excellent support for determining if two
permutation groups are isomorphic. This will allow us to begin a little
project to locate all of the groups of order less than in Sage's
permutation groups.

Isomorphism Testing
If G and H are two permutation groups, then the command
G.is_isomorphic(H) will return True or False as the two
groups are, or are not, isomorphic. Since “isomorpic to” is an equivalence
relation by Theorem 9.10, it does not matter which group plays the role of
G and which plays the role of H .

So we have a few more examples to work with, let us introduce the Sage
command that creates an external direct product. If G and H are two
permutation groups, then the command
direct_product_permgroups([G,H]) will return the external
direct product as a new permutation group. Notice that this is a function
(not a method) and the input is a list. Rather than just combining two groups
in the list, any number of groups can be supplied. We illustrate isomorphism
testing and direct products in the context of Theorem 9.21, which is an
equivalence, so tells us exactly when we have isomorphic groups. We use
cyclic permutation groups as stand-ins for by Theorem 9.8.

First, two isomorphic groups.

m = 12
n = 7
gcd(m, n)
 1

G = CyclicPermutationGroup(m)
H = CyclicPermutationGroup(n)
dp = direct_product_permgroups([G, H])
K = CyclicPermutationGroup(m*n)
K.is_isomorphic(dp)

True

Now, two non-isomorphic groups.

m = 15
n = 21
gcd(m, n)

G = CyclicPermutationGroup(m)
H = CyclicPermutationGroup(n)
dp = direct_product_permgroups([G, H])
K = CyclicPermutationGroup(m*n)
K.is_isomorphic(dp)

False

Notice how the simple computation of a greatest common divisor predicts

the incredibly complicated computation of determining if two groups are
isomorphic. This is a nice illustration of the power of mathematics,
replacing a difficult problem (group isomorphism) by a simple one
(factoring and divisibility of integers). Let us build one more direct product
of cyclic groups, but with three groups, each with orders that are pairwise
relatively prime.

If you try the following with larger parameters you may get an error
( database_gap ).
 m = 6
n = 5
r = 7
G = CyclicPermutationGroup(m)
H = CyclicPermutationGroup(n)
L = CyclicPermutationGroup(r)
dp = direct_product_permgroups([G, H, L])
K = CyclicPermutationGroup(m*n*r)
K.is_isomorphic(dp)

True

Classifying Finite Groups

Once we understand isomorphic groups as being the “same”, or
“fundamentally no different,” or “structurally identical,” then it is natural to
ask how many “really different” finite groups there are. Corollary 9.9 gives
a partial answer: for each prime there is just one finite group, with as a
concrete manifestation.

Let us embark on a quest to find all the groups of order less than in Sage
as permutation groups. For prime orders and we know
there is really just one group each, and we can realize them all:

[CyclicPermutationGroup(p) for p in [1, 2, 3, 5, 7, 11, 13]]

[Cyclic group of order 1 as a permutation group,

Cyclic group of order 2 as a permutation group,
Cyclic group of order 3 as a permutation group,
Cyclic group of order 5 as a permutation group,
Cyclic group of order 7 as a permutation group,
Cyclic group of order 11 as a permutation group,
Cyclic group of order 13 as a permutation group]

So now our smallest unknown case is order . Sage knows at least three
such groups, and we can use Sage to check if any pair is isomorphic. Notice
that since “isomorphic to” is an equivalence relation, and hence a transitive
relation, the two tests below are sufficient.

G = CyclicPermutationGroup(4)
H = KleinFourGroup()
T1 = CyclicPermutationGroup(2)
T2 = CyclicPermutationGroup(2)
K = direct_product_permgroups([T1, T2])
G.is_isomorphic(H)

False

H.is_isomorphic(K)

True

So we have at least two different groups: and , with the latter

also known as the Klein 4-group. Sage will not be able to tell us if we have
a complete list — this will always require theoretical results like
Theorem 9.10. We will shortly have a more general result that handles the
case of order , but right now, a careful analysis (by hand) of the
possibilities for the Cayley table of a group of order should lead you to
the two possibilities above as the only possibilities. Try to deduce what the
Cayley table of an order group should look like, since you know about
identity elements, inverses and cancellation.

We have seen at least two groups of order (next on our list of non-prime
orders). One is abelian and one is not, so we do not need Sage to tell us they
are structurally different. But let us do it anyway.

G = CyclicPermutationGroup(6)
H = SymmetricGroup(3)
G.is_isomorphic(H)

False
Is that all? There is , but that is just since and are
relatively prime. The dihedral group, , all symmetries of a triangle, is
just , the symmetric group on symbols.

G = DihedralGroup(3)
H = SymmetricGroup(3)
G.is_isomorphic(H)

True

Exercise 9.4.55 from this section classifies all groups of order , where
is a prime. Such a group is either cyclic or a dihedral group. So the two
groups above, and , are the complete list of groups of order .

By this general result, in addition to order , we also know the complete

lists of groups of orders and . To Be Continued.

Internal Direct Products

An internal direct product is a statement about subgroups of a single group,
together with a theorem that links them to an external direct product. We
will work an example here that will illustrate the nature of an internal direct
product.

Given an integer , the set of positive integers less than , and relatively
prime to forms a group under multiplication mod . We will work in the
set Integers(n) where we can add and multiply, but we want to stay
strictly with multiplication only.

First we build the subgroup itself. Notice how we must convert x into an
integer (an element of ZZ ) so that the greatest common divisor
computation performs correctly.
 Z36 = Integers(36)
U = [x for x in Z36 if gcd(ZZ(x), 36) == 1]
U

[1, 5, 7, 11, 13, 17, 19, 23, 25, 29, 31, 35]

So we have a group of order . We are going to try to find a subgroup of

order and a subgroup of order to form the internal direct product, and
we will restrict our search initially to cyclic subgroups of order . Sage has
a method that will give the order of each of these elements, relative to
multiplication, so let us examine those next.

[x.multiplicative_order() for x in U]

[1, 6, 6, 6, 3, 2, 2, 6, 3, 6, 6, 2]

We have many choices for generators of a cyclic subgroup of order and

for a cyclic subgroup of order . Of course, some of the choices for a
generator of the subgroup of order will generate the same subgroup. Can
you tell, just by counting, how many subgroups of order there are? We are
going to pick the first element of order , and the last element of order ,
for no particular reason. After your work through this once, we encourage
you to try other choices to understand why some choices lead to an internal
direct product and some do not. Notice that we choose the elements from
the list U so that they are sure to be elements of Z36 and behave
properly when multiplied.

a = U[1]
A = [a^i for i in srange(6)]
A

[1, 5, 25, 17, 13, 29]

 b = U[11]
B = [b^i for i in srange(2)]
B

[1, 35]

So A and B are two cyclic subgroups. Notice that their intersection is

the identity element, one of our requirements for an internal direct product.
So this is a good start.

[x for x in A if x in B]

[1]

Z36 is an abelian group, thus the condition on all products commuting

will hold, but we illustrate the Sage commands that will check this in a non-
abelian situation.

all([x*y == y*x for x in A for y in B])

True

Finally, we need to check that by forming products with elements from A

and B we create the entire group. Sorting the resulting list will make a
check easier for us visually, and is required if we want Sage to do the check.

T = sorted([x*y for x in A for y in B])

T

[1, 5, 7, 11, 13, 17, 19, 23, 25, 29, 31, 35]

T == U

True
That's it. We now condense all this information into the statement that “ U
is the internal direct product of A and B .” By Theorem 9.27, we see
that U is isomorphic to a product of a cyclic group of order and a cyclic
group of order . So in a very real sense, U is no more or less
complicated than , which is in turn isomorphic to .
So we totally understand the “structure” of U . For example, we can see
that U is not cyclic, since when written as a product of cyclic groups, the
two orders are not relatively prime. The final expression of U suggests
you could find three cyclic subgroups of U , with orders , and , so
that U is an internal direct product of the three subgroups.

OceanofPDF.com
9.6 Sage Exercises
1. This exercise is about putting Cayley's Theorem into practice. First, read
and study the theorem. Realize that this result by itself is primarily of
theoretical interest, but with some more theory we could get into some
subtler aspects of this (a subject known as “representation theory”).

You should create these representations mostly with pencil-and-paper work,

using Sage as a fancy calculator and assistant. You do not need to include
all these computations in your worksheet. Build the requested group
representations and then include enough verifications in Sage to prove that
that your representation correctly represents the group.

Begin by building a permutation representation of the quaternions, .

There are eight elements in ( ), so you will be
constructing a subgroup of . For each form the function ,
defined as . Notice that this definition is the “reverse” of that
given in the text. This is because Sage composes permutations left-to-right,
while your text composes right-to-left. To create the permutations , the
two-line version of writing permutations could be very useful as an
intermediate step. You will probably want to “code” each element of
with an integer in .

One such representation is included in Sage as QuaternionGroup()

— your answer should look very similar, but perhaps not identical. Do not
submit your answer for a representation of the quaternions, but I strongly
suggest working this particular group representation until you are sure you
have it right — the problems below might be very difficult otherwise. You
can use Sage's .is_isomorphic() method to check if your
representations are correct. However, do not use this as a substitute for the
part of each question that asks you to investigate properties of your
representation towards this end.

a. Build the permutation representation of described in

Cayley's Theorem. (Remember that this group is additive, while the
theorem uses multiplicative notation.) Include the representation of
each of the elements in your submitted work. Then construct the
permutation group as a subgroup of a full symmetric group that is
generated by exactly two of the eight elements you have already
constructed. Hint: which two elements of might you use to
generate all of ? Use commands in Sage to investigate
various properties of your permutation group, other than just
.list() , to provide evidence that your subgroup is correct —
include these in your submitted worksheet.
b. Build a permutation representation of , the group of units mod
24. Again, list a representation of each element in your submitted
work. Then construct the group as a subgroup of a full symmetric
group created with three generators. To determine these three
generators, you will likely need to understand as an internal
direct product. Use commands in Sage to investigate various
properties of your group, other than just .list() , to provide
evidence that your subgroup is correct — include these in your
submitted worksheet.

2. Consider the symmetries of a 10-gon, in your text,

DihedralGroup(10) in Sage. Presume that the vertices of the 10-
gon have been labeled through in order. Identify the permutation that
is a degree rotation and use it to generate a subgroup of order .
Then identify the permutation that is a degree rotation, and any one of
the ten permutations that are a reflection of the -gon about a line. Use
these latter two permutations to generate a subgroup of order . Use
Sage to verify that the full dihedral group is the internal direct product of
the subgroups and by checking the conditions in the definition of an
internal direct product.

We have a theorem which says that if a group is an internal direct product,

then it is isomorphic to some external direct product. Understand that this
does not mean that you can use the converse in this problem. In other
words, establishing an isomorphism of with an external direct product
does not prove that is an internal direct product.

OceanofPDF.com
Chapter 10 Normal Subgroups and
Factor Groups
If is a subgroup of a group , then right cosets are not always the same
as left cosets; that is, it is not always the case that for all
. The subgroups for which this property holds play a critical role in
group theory—they allow for the construction of a new class of groups,
called factor or quotient groups. Factor groups may be studied directly or by
using homomorphisms, a generalization of isomorphisms. We will study
homomorphisms in Chapter 11.

OceanofPDF.com
10.1 Factor Groups and Normal
Subgroups
Normal Subgroups
A subgroup of a group is normal in G if for all .
That is, a normal subgroup of a group is one in which the right and left
cosets are precisely the same.

Example 10.1. Let be an abelian group. Every subgroup of is a

normal subgroup. Since for all and , it will
always be the case that .

Example 10.2. Let be the subgroup of consisting of elements

and . Since

cannot be a normal subgroup of . However, the subgroup ,

consisting of the permutations , , and , is normal since
the cosets of are

The following theorem is fundamental to our understanding of normal

subgroups.
 Theorem 10.3. Let be a group and be a subgroup of . Then the
following statements are equivalent.

1. The subgroup is normal in .

2. For all , .

3. For all , .

Proof. (1) (2). Since is normal in , for all .

Hence, for a given and , there exists an in such that
. Therefore, or .

(2) (3). Let . Since , we need only show

. For , . Hence,
for some . Therefore, is in .

(3) (1). Suppose that for all . Then for any

there exists an such that . Consequently,
or . Similarly, .

Factor Groups
If is a normal subgroup of a group , then the cosets of in form a
group under the operation . This group is called
the factor or quotient group of and . Our first task is to prove that
is indeed a group.

Theorem 10.4. Let be a normal subgroup of a group . The cosets of

in form a group of order .
Proof. The group operation on is . This
operation must be shown to be well-defined; that is, group multiplication
must be independent of the choice of coset representative. Let
and . We must show that

Then and for some and in . Hence,

The remainder of the theorem is easy: is the identity and

is the inverse of . The order of is, of course, the number of cosets
of in .

It is very important to remember that the elements in a factor group are sets
of elements in the original group.

Example 10.5. Consider the normal subgroup of ,

. The cosets of in are and .
The factor group has the following multiplication table.
This group is isomorphic to . At first, multiplying cosets seems both
complicated and strange; however, notice that is a smaller group.
The factor group displays a certain amount of information about .
Actually, , the group of even permutations, and
is the set of odd permutations. The
information captured in is parity; that is, multiplying two even or
two odd permutations results in an even permutation, whereas multiplying
an odd permutation by an even permutation yields an odd permutation.

Example 10.6. Consider the normal subgroup of . The cosets of

in are

The group is given by the Cayley table below.

In general, the subgroup of is normal. The cosets of are

The sum of the cosets and is . Notice that
we have written our cosets additively, because the group operation is
integer addition.

Example 10.7. Consider the dihedral group , generated by the two

elements and , satisfying the relations

The element actually generates the cyclic subgroup of rotations, , of

. Since , the group of rotations is a normal
subgroup of ; therefore, is a group. Since there are exactly
two elements in this group, it must be isomorphic to .

OceanofPDF.com
10.2 The Simplicity of the Alternating Group
Of special interest are groups with no nontrivial normal subgroups. Such groups are called simple groups. Of
course, we already have a whole class of examples of simple groups, , where is prime. These groups are
trivially simple since they have no proper subgroups other than the subgroup consisting solely of the identity.
Other examples of simple groups are not so easily found. We can, however, show that the alternating group, , is
simple for . The proof of this result requires several lemmas.

Lemma 10.8. The alternating group is generated by -cycles for .

Proof. To show that the -cycles generate , we need only show that any pair of transpositions can be written as
the product of -cycles. Since , every pair of transpositions must be one of the following:

Lemma 10.9. Let be a normal subgroup of , where . If contains a -cycle, then .

Proof. We will first show that is generated by -cycles of the specific form , where and are fixed
in and we let vary. Every -cycle is the product of -cycles of this form, since

Now suppose that is a nontrivial normal subgroup of for such that contains a -cycle of the form
. Using the normality of , we see that

is in . Hence, must contain all of the -cycles for . By Lemma 10.8, these -cycles
generate ; hence, .

Lemma 10.10. For , every nontrivial normal subgroup of contains a -cycle.

Proof. Let be an arbitrary element in a normal subgroup . There are several possible cycle structures for .

is a -cycle.
is the product of disjoint cycles, , where .

is the product of disjoint cycles, .

, where is the product of disjoint 2-cycles.

, where is the product of an even number of disjoint 2-cycles.
If is a -cycle, then we are done. If contains a product of disjoint cycles, , and at least one of these cycles
has length greater than 3, say , then

is in since is normal; hence,

is also in . Since

must contain a -cycle; hence, .

Now suppose that contains a disjoint product of the form

Then

since

So

So contains a disjoint cycle of length greater than 3, and we can apply the previous case.

Suppose contains a disjoint product of the form , where is the product of disjoint 2-cycles.
Since , , and

So contains a -cycle.

The only remaining possible case is a disjoint product of the form

where is the product of an even number of disjoint -cycles. But

is in since is in ; and so

Since , we can find such that . Let . Then

and

Therefore, contains a -cycle. This completes the proof of the lemma.

Theorem 10.11. The alternating group, , is simple for .

Proof. Let be a normal subgroup of . By Lemma 10.10, contains a -cycle. By Lemma 10.9, ;
therefore, contains no proper nontrivial normal subgroups for .

Historical Note
One of the foremost problems of group theory has been to classify all simple finite groups. This problem is over a
century old and has been solved only in the last few decades of the twentieth century. In a sense, finite simple
groups are the building blocks of all finite groups. The first nonabelian simple groups to be discovered were the
alternating groups. Galois was the first to prove that was simple. Later, mathematicians such as C. Jordan and
L. E. Dickson found several infinite families of matrix groups that were simple. Other families of simple groups
were discovered in the 1950s. At the turn of the century, William Burnside conjectured that all nonabelian simple
groups must have even order. In 1963, W. Feit and J. Thompson proved Burnside's conjecture and published their
results in the paper “Solvability of Groups of Odd Order,” which appeared in the Pacific Journal of Mathematics.
Their proof, running over 250 pages, gave impetus to a program in the 1960s and 1970s to classify all finite simple
groups. Daniel Gorenstein was the organizer of this remarkable effort. One of the last simple groups was the
“Monster,” discovered by R. Greiss. The Monster, a matrix group, is one of the 26 sporadic,
or special, simple groups. These sporadic simple groups are groups that fit into no infinite family of simple groups.
Some of the sporadic groups play an important role in physics.

OceanofPDF.com
10.3 Reading Questions
1. Let be the group of symmetries of an equilateral triangle, expressed as
permutations of the vertices numbered . Let be the subgroup
. Build the left and right cosets of in .

2. Based on your answer to the previous question, is normal in ?

Explain why or why not.

3. The subgroup is normal in . In the factor group perform the

computation .

4. List two statements about a group and a subgroup that are

equivalent to “ is normal in .”

5. In your own words, what is a factor group?

OceanofPDF.com
10.4 Exercises
1. For each of the following groups , determine whether is a normal
subgroup of . If is a normal subgroup, write out a Cayley table for the
factor group .

a. and

b. and

c. and

d. and

e. and

2. Find all the subgroups of . Which subgroups are normal? What are all
the factor groups of up to isomorphism?

3. Find all the subgroups of the quaternion group, . Which subgroups are
normal? What are all the factor groups of up to isomorphism?

4. Let be the group of nonsingular upper triangular matrices with

entries in ; that is, matrices of the form

where , , and . Let consist of matrices of the form

where .

a. Show that is a subgroup of .

b. Prove that is abelian.

c. Prove that is normal in .

d. Show that is abelian.

e. Is normal in ?

5. Show that the intersection of two normal subgroups is a normal

subgroup.

6. If is abelian, prove that must also be abelian.

7. Prove or disprove: If is a normal subgroup of such that and

are abelian, then is abelian.

8. If is cyclic, prove that must also be cyclic.

9. Prove or disprove: If and are cyclic, then is cyclic.

10. Let be a subgroup of index of a group . Prove that must be a

normal subgroup of . Conclude that is not simple for .
11. If a group has exactly one subgroup of order , prove that is
normal in .

12. Define the centralizer of an element in a group to be the set

Show that is a subgroup of . If generates a normal subgroup of

, prove that is normal in .

13. Recall that the center of a group is the set

a. Calculate the center of .

b. Calculate the center of .

c. Show that the center of any group is a normal subgroup of .

d. If is cyclic, show that is abelian.

14. Let be a group and let ; that is, is the

subgroup of all finite products of elements in of the form .
The subgroup is called the commutator subgroup of .

a. Show that is a normal subgroup of .

b. Let be a normal subgroup of . Prove that is abelian if and

only if contains the commutator subgroup of .

OceanofPDF.com
10.5 Sage
Sage has several convenient functions that will allow us to investigate
quickly if a subgroup is normal, and if so, the nature of the resulting
quotient group. But for an initial understanding, we can also work with the
raw cosets. Let us get our hands dirty first, then learn about the easy way.

Multiplying Cosets
The definiton of a factor group requires a normal subgroup, and then we
define a way to “multiply” two cosets of the subgroup to produce another
coset. It is important to realize that we can interpret the definition of a
normal subgroup to be exactly the condition we need for our new
multiplication to be workable. We will do two examples — first with a
normal subgroup, then with a subgroup that is not normal.

Consider the dihedral group that is the symmetry group of an -gon. If

we take the element that creates a quarter-turn, we can use it generate a
cyclic subgroup of order 4. This will be a normal subgroup (trust us for the
moment on this). First, build the (right) cosets (notice there is no output):

G = DihedralGroup(8)
quarter_turn = G('(1,3,5,7)(2,4,6,8)')
S = G.subgroup([quarter_turn])
C = G.cosets(S)

So C is a list of lists, with every element of the group G occuring

exactly once somewhere. You could ask Sage to print out C for you if you
like, but we will try to avoid that here. We want to multiply two cosets
(lists) together. How do we do this? Take any element out of the first list,
and any element out of the second list and multiply them together (which
we know how to do since they are elements of G ). Now we have an
element of G . What do we do with this element, since we really want a
coset as the result of the product of two cosets? Simple — we see which
coset the product is in. Let us give it a try. We will multiply coset with
coset (there are cosets by Lagrange's Theorem). Study the following
code carefully to see if you can understand what it is doing, and then read
the explanation that follows.

p = C[1][0]*C[3][0]
[i for i in srange(len(C)) if p in C[i]]

[2]

What have we accomplished? In the first line we create p as the product

of two group elements, one from coset and one from coset ( C[1] ,
C[3] ). Since we can choose any element from each coset, we choose the
first element of each ( C[ ][0] ). Then we count our way through all the
cosets, selecting only cosets that contain p . Since p will only be in one
coset, we expect a list with just one element. Here, our one-element list
contains only 2 . So we say the product of coset and coset is coset .

The point here is that this result (coset times coset is coset ) should
always be the same, no matter which elements we pick from the two cosets
to form p . So let us do it again, but this time we will not simply choose
the first element from each of coset and coset , instead we will choose
the third element of coset and the second element of coset (remember,
we are counting from zero!).

p = C[1][2]*C[3][1]
[i for i in srange(len(C)) if p in C[i]]

[2]

Good. We have the same result. If you are still trusting us on S being a
normal subgroup of G , then this is the result that the theory predicts.
Make a copy of the above compute cell and try other choices for the
representatives of each coset. Then try the product of other cosets, with
varying representatives.

# Practice area (not linked for Sage Cell use)

Now is a good time to introduce a way to extend Sage and add new
functions. We will design a coset-multiplication function. Read the
following carefully and then see the subsequent explanation.

def coset_product(i, j, C):

p = C[i][0]*C[j][0]
c = [k for k in srange(len(C)) if p in C[k]]
return c[0]

The first line creates a new Sage function named coset_product .

This is accomplished with the word def , and note the colon ending the
line. The inputs to the function are the numbers of the cosets we want to
multiply and the complete list of the cosets. The middle two lines should
look familiar from above. We know c is a one-element list, so c[0]
will extract this one coset number, and return is what determines that
this is the output of the function. Notice that the indentation above must be
exactly as shown. We could have written all this computation on a single
line without making a new function, but that begins to get unwieldly. You
need to execute the code block above to actually define the function, and
there will be no output if successful. Now we can use our new function to
repeat our work above:

coset_product(1, 3, C)

2
Now you know the basics of how to add onto Sage and do much more than
it was designed for. And with some practice, you could suggest and
contribute new functions to Sage, since it is an open source project. Nice.

Now let us examine a situation where the subgroup is not normal. So we

will see that our definition of coset multiplication is insufficient in this case.
And realize that our new coset_product function is also useless since
it assumes the cosets come from a normal subgroup.

Consider the alternating group which we can interpet as the symmetry

group of a tetrahedron. For a subgroup, take an element that fixes one
vertex and rotates the opposite face — this will generate a cyclic subgroup
of order 3, and by Lagrange's Theorem we will get four cosets. We compute
them here. (Again, no output is requested.)

G = AlternatingGroup(4)
face_turn = G("(1,2,3)")
S = G.subgroup([face_turn])
C = G.cosets(S)

Again, let's consider the product of coset and coset :

p = C[1][0]*C[3][0]
[i for i in srange(len(C)) if p in C[i]]

[0]

Again, but now for coset , choose the second element of the coset to
produce the product p :

p = C[1][0]*C[3][1]
[i for i in srange(len(C)) if p in C[i]]

[2]
So, is the product of coset and coset equal to coset or coset ? We
cannot say! So there is no way to construct a quotient group for this
subgroup. You can experiment some more with this subgroup, but in some
sense, we are done with this example — there is nothing left to say.

Sage Methods for Normal Subgroups

You can easily ask Sage if a subgroup is normal or not. This is viewed as a
property of the subgroup, but you must tell Sage what the “supergroup” is,
since the answer can change depending on this value. (For example
H.is_normal(H) will always be True .) Here are our two examples
from above.

G = DihedralGroup(8)
quarter_turn = G('(1,3,5,7)(2,4,6,8)')
S = G.subgroup([quarter_turn])
S.is_normal(G)

True

G = AlternatingGroup(4)
face_turn = G("(1,2,3)")
S = G.subgroup([face_turn])
S.is_normal(G)

False

The text proves in Section 10.2 that is simple, i.e. has no normal
subgroups. We could build every subgroup of and ask if it is normal in
using the .is_normal() method. But Sage has this covered for us
already.

G = AlternatingGroup(5)
G.is_simple()
 True

We can also build a quotient group when we have a normal subgroup.

G = DihedralGroup(8)
quarter_turn = G('(1,3,5,7)(2,4,6,8)')
S = G.subgroup([quarter_turn])
Q = G.quotient(S)
Q

Permutation Group with generators [(1,2)(3,4), (1,3)(2,4)]

This is useful, but also a bit unsettling. We have the quotient group, but any
notion of cosets has been lost, since Q is returned as a new permutation
group on a different set of symbols. We cannot presume that the numbers
used for the new permutation group Q bear any resemblance to the cosets
we get from the .cosets() method. But we can see that the quotient
group is described as a group generated by two elements of order two. We
could ask for the order of the group, or by Lagrange's Theorem we know
the quotient has order . We can say now that there are only two groups of
order four, the cyclic group of order and a non-cyclic group of order ,
known to us as the Klein -group or . This quotient group looks
like the non-cyclic one since the cyclic group of order 4 has just one
element of order 2. Let us see what Sage says.

Q.is_isomorphic(KleinFourGroup())

True

Yes, that's it.

Finally, Sage can build us a list of all of the normal subgroups of a group.
The list of groups themselves, as we have seen before, is sometimes an
overwhelming amount of information. We will demonstrate by just listing
the orders of the normal subgroups produced.

G = DihedralGroup(8)
N = G.normal_subgroups()
[H.order() for H in N]

[16, 8, 8, 8, 4, 2, 1]

So, in particular, we see that our “quarter-turn” subgroup is the only normal
subgroup of order in this group.

OceanofPDF.com
10.6 Sage Exercises
1. Build every subgroup of the alternating group on 5 symbols, , and
check that each is not a normal subgroup (except for the two trivial cases).
This command might take a couple seconds to run. Compare this with the
time needed to run the .is_simple() method and realize that there is
a significant amount of theory and cleverness brought to bear in speeding
up commands like this. (It is possible that your Sage installation lacks
GAP's “Table of Marks” library and you will be unable to compute the list
of subgroups.)

2. Consider the quotient group of the group of symmetries of an -gon,

formed with the cyclic subgroup of order generated by a quarter-turn. Use
the coset_product function to determine the Cayley table for this
quotient group. Use the number of each coset, as produced by the
.cosets() method as names for the elements of the quotient group.
You will need to build the table “by hand” as there is no easy way to have
Sage's Cayley table command do this one for you. You can build a table in
the Sage Notebook pop-up editor (shift-click on a blue line) or you might
read the documentation of the html.table() method.

3. Consider the cyclic subgroup of order in the symmetries of an -gon.

Verify that the subgroup is normal by first building the raw left and right
cosets (without using the .cosets() method) and then checking their
equality in Sage, all with a single command that employs sorting with the
sorted() command.

4. Again, use the same cyclic subgroup of order in the group of

symmetries of an -gon. Check that the subgroup is normal by using part
(2) of Theorem 10.3. Construct a one-line command that does the complete
check and returns True . Maybe sort the elements of the subgroup S
first, then slowly build up the necessary lists, commands, and conditions in
steps. Notice that this check does not require ever building the cosets.

5. Repeat the demonstration from the previous subsection that for the
symmetries of a tetrahedron, a cyclic subgroup of order results in an
undefined coset multiplication. Above, the default setting for the
.cosets() method builds right cosets — but in this problem, work
instead with left cosets. You need to choose two cosets to multiply, and then
demonstrate two choices for representatives that lead to different results for
the product of the cosets.

6. Construct some dihedral groups of order (i.e. symmetries of an -

gon, in the text, DihedralGroup(n) in Sage). Maybe all of them
for . For each dihedral group, construct a list of the orders of
each of the normal subgroups (so use .normal_subgroups() ). You
may need to wait ten or twenty seconds for this to finish - be patient.
Observe enough examples to hypothesize a pattern to your observations,
check your hypothesis against each of your examples and then state your
hypothesis clearly.

Can you predict how many normal subgroups there are in the dihedral
group without using Sage to build all the normal subgroups? Can
you describe all of the normal subgroups of a dihedral group in a way that
would let us predict all of the normal subgroups of without using
Sage?

OceanofPDF.com
Chapter 11 Homomorphisms
One of the basic ideas of algebra is the concept of a homomorphism, a
natural generalization of an isomorphism. If we relax the requirement that
an isomorphism of groups be bijective, we have a homomorphism.

OceanofPDF.com
11.1 Group Homomorphisms
A homomorphism between groups and is a map
such that

for . The range of in is called the homomorphic image of .

Two groups are related in the strongest possible way if they are isomorphic;
however, a weaker relationship may exist between two groups. For example,
the symmetric group and the group are related by the fact that can
be divided into even and odd permutations that exhibit a group structure like
that , as shown in the following multiplication table.

We use homomorphisms to study relationships such as the one we have just

described.

Example 11.1. Let be a group and . Define a map by

. Then is a group homomorphism, since

This homomorphism maps onto the cyclic subgroup of generated by .

Example 11.2. Let . If

 is in , then the determinant is nonzero; that is, .
Also, for any two elements and in , .
Using the determinant, we can define a homomorphism
by .

Example 11.3. Recall that the circle group consists of all complex
numbers such that . We can define a homomorphism from the
additive group of real numbers to by . Indeed,

Geometrically, we are simply wrapping the real line around the circle in a
group-theoretic fashion.

The following proposition lists some basic properties of group

homomorphisms.

Proposition 11.4. Let be a homomorphism of groups. Then

1. If is the identity of , then is the identity of ;

2. For any element , ;

3. If is a subgroup of , then is a subgroup of ;

4. If is a subgroup of , then
is a subgroup of . Furthermore, if is normal in , then
 is normal in .

Proof. (1) Suppose that and are the identities of and ,

respectively; then

By cancellation, .

(2) This statement follows from the fact that

(3) The set is nonempty since the identity of is in .

Suppose that is a subgroup of and let and be in . There
exist elements such that and . Since

is a subgroup of by Proposition 3.31.

(4) Let be a subgroup of and define to be ; that is, is

the set of all such that . The identity is in since
. If and are in , then is in
since is a subgroup of . Therefore, and is a subgroup
of . If is normal in , we must show that for
and . But

since is a normal subgroup of . Therefore, .

Let be a group homomorphism and suppose that is the identity
of . By Proposition 11.4, is a subgroup of . This subgroup is
called the kernel of and will be denoted by . In fact, this subgroup is a
normal subgroup of since the trivial subgroup is normal in . We state this
result in the following theorem, which says that with every homomorphism of
groups we can naturally associate a normal subgroup.

Theorem 11.5. Let be a group homomorphism. Then the

kernel of is a normal subgroup of .

Example 11.6. Let us examine the homomorphism

defined by . Since is the identity of , the kernel of this
homomorphism is all matrices having determinant one. That is,
.

Example 11.7. The kernel of the group homomorphism

defined by is . Notice that
.

Example 11.8. Suppose that we wish to determine all possible

homomorphisms from to . Since the kernel of must be a
subgroup of , there are only two possible kernels, and all of . The
image of a subgroup of must be a subgroup of . Hence, there is no
injective homomorphism; otherwise, would have a subgroup of order ,
which is impossible. Consequently, the only possible homomorphism from
to is the one mapping all elements to zero.

Example 11.9. Let be a group. Suppose that and is the

homomorphism from to given by . If the order of is
infinite, then the kernel of this homomorphism is since maps onto
the cyclic subgroup of generated by . However, if the order of is finite,
say , then the kernel of is .

OceanofPDF.com
11.2 The Isomorphism Theorems
Although it is not evident at first, factor groups correspond exactly to
homomorphic images, and we can use factor groups to study
homomorphisms. We already know that with every group homomorphism
we can associate a normal subgroup of , . The
converse is also true; that is, every normal subgroup of a group gives rise
to homomorphism of groups.

Let be a normal subgroup of . Define the natural or canonical

homomorphism

by

This is indeed a homomorphism, since

The kernel of this homomorphism is . The following theorems describe

the relationships between group homomorphisms, normal subgroups, and
factor groups.

Theorem 11.10. First Isomorphism Theorem. If is a

group homomorphism with , then is normal in . Let
be the canonical homomorphism. Then there exists a
unique isomorphism such that .
Proof. We already know that is normal in . Define
by . We first show that is a well-
defined map. If , then for some , ;
consequently,

Thus, does not depend on the choice of coset representatives and the map
is uniquely defined since . We must also show
that is a homomorphism. Indeed,

Clearly, is onto . To show that is one-to-one, suppose that

. Then . This implies that
, or is in the kernel of ; hence, ; that
is, .

Mathematicians often use diagrams called commutative diagrams to

describe such theorems. The following diagram “commutes” since
.
 Example 11.11. Let be a cyclic group with generator . Define a map
by . This map is a surjective homomorphism since

Clearly is onto. If , then . Hence, and

. On the other hand, if the order of is infinite,
then and is an isomorphism of and . Hence, two cyclic
groups are isomorphic exactly when they have the same order. Up to
isomorphism, the only cyclic groups are and .

Theorem 11.12. Second Isomorphism Theorem. Let be a

subgroup of a group (not necessarily normal in ) and a normal
subgroup of . Then is a subgroup of , is a normal
subgroup of , and

Proof. We will first show that is a

subgroup of . Suppose that . Since is normal,
. So

is in . The inverse of is in since

Next, we prove that is normal in . Let and .

Then since each element is in . Also, since
is normal in ; therefore, .
Now define a map from to by . The map is onto,
since any coset is the image of in . We also know that
is a homomorphism because

By the First Isomorphism Theorem, the image of is isomorphic to

; that is,

Since

Theorem 11.13. Correspondence Theorem. Let be a normal

subgroup of a group . Then is a one-to-one
correspondence between the set of subgroups of containing and
the set of subgroups of . Furthermore, the normal subgroups of
containing correspond to normal subgroups of .

Proof. Let be a subgroup of containing . Since is normal in ,

is a factor group. Let and be elements of . Then
; hence, is a subgroup of .

Let be a subgroup of . This subgroup is a set of cosets of . If

, then for , we have that
and . Therefore, must be a
subgroup of . Clearly, contains . Therefore, .
Consequently, the map is onto.

Suppose that and are subgroups of containing such that

. If , then . Hence,
for some in . However, since is contained
in , we know that or . Similarly, . Since
, the map is one-to-one.

Suppose that is normal in and is a subgroup of . Then it is easy

to verify that the map defined by is a
homomorphism. The kernel of this homomorphism is , which proves
that is normal in .

Conversely, suppose that is normal in . The homomorphism

given by

has kernel . Hence, must be normal in .

Notice that in the course of the proof of Theorem 11.13, we have also
proved the following theorem.

Theorem 11.14. Third Isomorphism Theorem. Let be a group

and and be normal subgroups of with . Then
Example 11.15. By the Third Isomorphism Theorem,

Since and , we have .

OceanofPDF.com
11.3 Reading Questions
1. Consider the function defined by .
Prove that is a group homomorphism.

2. For defined in the previous question, explain why is not a group

isomorphism.

3. Compare and contrast isomorphisms and homomorphisms.

4. Paraphrase the First Isomorphism Theorem using only words. No

symbols allowed at all.

5. “For every normal subgroup there is a homomorphism, and for every

homomorphism there is a normal subgroup.” Explain the (precise) basis for
this (vague) statement.

OceanofPDF.com
11.4 Exercises
1. Prove that for . This
shows that the determinant is a homomorphism from to .

2. Which of the following maps are homomorphisms? If the map is a

homomorphism, what is the kernel?

a. defined by

b. defined by

c. defined by

d. defined by
 e. defined by

where is the additive group of matrices with entries in

.

3. Let be an matrix. Show that matrix multiplication, ,

defines a homomorphism .

4. Let be given by . Prove that is a group

homomorphism. Find the kernel and the image of .

5. Describe all of the homomorphisms from to .

6. Describe all of the homomorphisms from to .

7. In the group , let and .

a. List the elements in (we usually write for these

additive groups) and .

b. List the cosets in , showing the elements in each coset.

c. List the cosets in , showing the elements in each coset.

d. Give the correspondence between and

described in the proof of the Second Isomorphism Theorem.
8. If is an abelian group and , show that defined by
is a group homomorphism.

9. If is a group homomorphism and is abelian, prove that

is also abelian.

10. If is a group homomorphism and is cyclic, prove that

is also cyclic.

11. Show that a homomorphism defined on a cyclic group is completely

determined by its action on the generator of the group.

12. If a group has exactly one subgroup of order , prove that is

normal in .

13. Prove or disprove: .

14. Let be a finite group and a normal subgroup of . If is a

subgroup of , prove that is a subgroup in of order
, where is the canonical homomorphism.

15. Let and be groups, and let and be normal subgroups of

and respectively. Let be a homomorphism. Show
that induces a homomorphism if
.

16. If and are normal subgroups of and , prove

that is isomorphic to a subgroup of .
17. Let be a surjective group homomorphism. Let be a
normal subgroup of and suppose that . Prove or disprove
that .

18. Let be a group homomorphism. Show that is one-to-one

if and only if .

19. Given a homomorphism define a relation on by

if for . Show this relation is an equivalence
relation and describe the equivalence classes.

OceanofPDF.com
11.5 Additional Exercises:
Automorphisms
1. Let be the set of all automorphisms of ; that is, isomorphisms
from to itself. Prove this set forms a group and is a subgroup of the group
of permutations of ; that is, .

2. An inner automorphism of ,

is defined by the map

for . Show that .

3. The set of all inner automorphisms is denoted by . Show that

is a subgroup of .

4. Find an automorphism of a group that is not an inner automorphism.

5. Let be a group and be an inner automorphism of , and define a

map

by
Prove that this map is a homomorphism with image and kernel
. Use this result to conclude that

6. Compute and . Do the same thing for .

7. Find all of the homomorphisms . What is ?

8. Find all of the automorphisms of . Prove that .

9. For , define a map by . Prove that is

a homomorphism.

10. Prove that is an isomorphism if and only if is a generator of .

11. Show that every automorphism of is of the form , where is a

generator of .

12. Prove that is an isomorphism, where

.

OceanofPDF.com
11.6 Sage
Sage is able to create homomorphisms (and by extension, isomorphisms
and automorphisms) between finite permutation groups. There is a limited
supply of commands then available to manipulate these functions, but we
can still illustrate many of the ideas in this chapter.

Homomorphisms
The principal device for creating a homomorphism is to specify the specific
images of the set of generators for the domain. Consider cyclic groups of
order and :

and define a homomorphism by just defining the image of the generator of

, and define the rest of the mapping by extending the mapping via the
operation-preserving property of a homomorphism.

The constructor PermutationGroupMorphism requires the two

groups, then a list of images for each generator (in order!), and then will
create the homomorphism. Note that we can then use the result as a
function. In the example below, we first verify that C12 has a single
generator (no surprise there), which we then send to a particular element of
order in the codomain. Sage then constructs the unique homomorphism
that is consistent with this requirement.

C12 = CyclicPermutationGroup(12)
C20 = CyclicPermutationGroup(20)
domain_gens = C12.gens()
[g.order() for g in domain_gens]

[12]

x = C20.gen(0)
y = x^5
y.order()

phi = PermutationGroupMorphism(C12, C20, [y])

phi

Permutation group morphism:

From: Cyclic group of order 12 as a permutation group
To: Cyclic group of order 20 as a permutation group
Defn: [(1,2,3,4,5,6,7,8,9,10,11,12)] ->
[(1,6,11,16)(2,7,12,17)(3,8,13,18)(4,9,14,19)
(5,10,15,20)]

a = C12("(1,6,11,4,9,2,7,12,5,10,3,8)")
phi(a)

(1,6,11,16)(2,7,12,17)(3,8,13,18)(4,9,14,19)(5,10,15,20)

b = C12("(1,3,5,7,9,11)(2,4,6,8,10,12)")
phi(b)

(1,11)(2,12)(3,13)(4,14)(5,15)(6,16)(7,17)(8,18)(9,19)(10,20)

c = C12("(1,9,5)(2,10,6)(3,11,7)(4,12,8)")
phi(c)

()

Note that the element c must therefore be in the kernel of phi .

We can then compute the subgroup of the domain that is the kernel, in this
case a cyclic group of order inside the cyclic group of order . We can
compute the image of any subgroup, but here we will build the whole
homomorphic image by supplying the whole domain to the .image()
method. Here the image is a cyclic subgroup of order inside the cyclic
group of order . Then we can verify the First Isomorphism Theorem.

K = phi.kernel(); K

Subgroup generated by [(1,5,9)(2,6,10)(3,7,11)(4,8,12)]

of (Cyclic group of order 12 as a permutation group)

Im = phi.image(C12); Im

Subgroup generated by [(1,6,11,16)(2,7,12,17)(3,8,13,18)

(4,9,14,19)(5,10,15,20)]
of (Cyclic group of order 20 as a permutation group)

Im.is_isomorphic(C12.quotient(K))

True

Here is a slightly more complicated example. The dihedral group is the

symmetry group of a -gon. Inside this group is a subgroup that is
isomorphic to the symmetry group of a -gon (pentagon). Is this a surprise,
or is this obvious? Here is a way to make precise the statement “
contains a copy of .”

We build the domain and find its generators, so we know how many images
to supply in the definition of the homomorphism. Then we construct the
codomain, from which we will construct images. Our choice here is to send
a reflection to a reflection, and a rotation to a rotation. But the rotations will
both have order , and both are a rotation by degrees.
G = DihedralGroup(5)
H = DihedralGroup(20)
G.gens()

[(1,2,3,4,5), (1,5)(2,4)]

H.gens()

[(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20),
(1,20)(2,19)(3,18)(4,17)(5,16)(6,15)(7,14)(8,13)(9,12)
(10,11)]

x = H.gen(0)^4
y = H.gen(1)
rho = PermutationGroupMorphism(G, H, [x, y])
rho.kernel()

Subgroup generated by [()] of (Dihedral group of order 10 as a

permutation group)

Since the kernel is trivial, rho is a one-to-one function (see

Exercise 11.4.18). But more importantly, by the First Isomorphishm
Theorem, G is isomorphic to the image of the homomorphism. We
compute the image and check the claim.

Im = rho.image(G); Im

Subgroup generated by [(1,5,9,13,17)(2,6,10,14,18)

(3,7,11,15,19)(4,8,12,16,20), (1,20)(2,19)(3,18)(4,17)(5,16)
(6,15)(7,14)(8,13)(9,12)(10,11)]
of (Dihedral group of order 40 as a permutation group)

Im.is_subgroup(H)

True

Im.is_isomorphic(G)
 True

Just providing a list of images for the generators of the domain is no

guarantee that the function will extend to a homomorphism. For starters, the
order of each image must divide the order of the corresponding preimage.
(Can you prove this?) And similarly, if the domain is abelian, then the
image must also be abelian, so in this case the list of images should not
generate a non-abelian subgroup. Here is an example. There are no
homomorphisms from a cyclic group of order to a cyclic group of order
(other than the trivial function that takes every element to the identity). To
see this, consider the possible orders of the kernel, and of the two
possibilities, see that one is impossible and the other arises with the trivial
homomorphism. Unfortunately, Sage acts as if nothing is wrong in creating
a homomorphism between these groups, but what Sage builds is useless and
raises errors when you try to use it.

G = CyclicPermutationGroup(7)
H = CyclicPermutationGroup(4)
tau = PermutationGroupMorphism_im_gens(G, H, H.gens())
tau

Permutation group morphism:

From: Cyclic group of order 7 as a permutation group
To: Cyclic group of order 4 as a permutation group
Defn: [(1,2,3,4,5,6,7)] -> [(1,2,3,4)]

tau.kernel()

Traceback (most recent call last):

...
RuntimeError: Gap produced error output
...
Rather than creating homomorphisms ourselves, in certain situations Sage
knows of the existence of natural homomorphisms and will create them for
you. One such case is a direct product construction. Given a group G , the
method .direct_product(H) will create the direct product
. (This is not the same command as the function
direct_product_permgroups() from before.) Not only does this
command create the direct product, but it also builds four homomorphisms,
one with domain , one with domain and two with domain . So
the output consists of five objects, the first being the actual group, and the
remainder are homomorphisms. We will demonstrate the call here, and
leave a more thorough investigation for the exercises.

G = CyclicPermutationGroup(3)
H = DihedralGroup(4)
results = G.direct_product(H)
results[0]

Permutation Group with generators [(4,5,6,7), (4,7)(5,6),

(1,2,3)]

results[1]

Permutation group morphism:

From: Cyclic group of order 3 as a permutation group
To: Permutation Group with generators
[(4,5,6,7), (4,7)(5,6), (1,2,3)]
Defn: Embedding( Group( [ (1,2,3), (4,5,6,7), (4,7)(5,6) ]
), 1 )

results[2]

Permutation group morphism:

From: Dihedral group of order 8 as a permutation group
To: Permutation Group with generators
[(4,5,6,7), (4,7)(5,6), (1,2,3)]
Defn: Embedding( Group( [ (1,2,3), (4,5,6,7), (4,7)(5,6) ]
), 2 )
results[3]

Permutation group morphism:

From: Permutation Group with generators
[(4,5,6,7), (4,7)(5,6), (1,2,3)]
To: Cyclic group of order 3 as a permutation group
Defn: Projection( Group( [ (1,2,3), (4,5,6,7), (4,7)(5,6) ]
), 1 )

results[4]

Permutation group morphism:

From: Permutation Group with generators
[(4,5,6,7), (4,7)(5,6), (1,2,3)]
To: Dihedral group of order 8 as a permutation group
Defn: Projection( Group( [ (1,2,3), (4,5,6,7), (4,7)(5,6) ]
), 2 )

OceanofPDF.com
11.7 Sage Exercises
1. An automorphism is an isomorphism between a group and itself. The
identity function ( ) is always an isomorphism, which we consider
trivial. Use Sage to construct a nontrivial automorphism of the cyclic group
of order . Check that the mapping is both onto and one-to-one by
computing the image and kernel and performing the proper tests on these
subgroups. Now construct all of the possible automorphisms of the cyclic
group of order without any duplicates.

2. The four homomorphisms created by the direct product construction are

each an example of a more general construction of homomorphisms
involving groups , and . By using the same groups as in the
example in the previous subsection, see if you can discover and describe
these constructions with exact definitions of the four homomorphisms in
general.

Your tools for investigating a Sage group homomorphism are limited, you
might take each generator of the domain and see what its image is. Here is
an example of the type of computation you might do repeatedly. We'll
investigate the second homomorphism. The domain is the dihedral group,
and we will compute the image of the first generator.

G = CyclicPermutationGroup(3)
H = DihedralGroup(4)
results = G.direct_product(H)
phi = results[2]
H.gens()
[(1,2,3,4), (1,4)(2,3)]
a = H.gen(0); a
(1,2,3,4)
phi(a)
 (4,5,6,7)

3. Consider two permutation groups. The first is the subgroup of

generated by and . The second is a subgroup of
generated by and
. Build these two groups and use the
proper Sage command to see that they are isomorphic. Then construct a
homomorphism between these two groups that is an isomorphism and
include enough details to verify that the mapping is really an isomorphism.

4. The second paragraph of this chapter informally describes a

homomorphism from to , where the even permutations all map to
one of the elements and the odd permutations all map to the other element.
Replace by and replace by the permutation version of the cyclic
subgroup of order , and construct a nontrivial homomorphism between
these two groups. Evaluate your homomorphism with enough even and odd
permutations to be convinced that it is correct. Then construct the kernel
and verify that it is the group you expect.

Hints: First, decide which elements of the group of order will be

associated with even permutations and which will be associated with odd
permutations. Then examine the generators of to help decide just how to
build the homomorphism.

5. The dihedral group has several normal subgroups, as seen below.

Each of these is the kernel of a homomorphism with as the domain.
For each normal subgroup of construct a homomorphism from to
that has the normal subgroup as the kernel. Include in your work
verifications that you are creating the desired kernels. There is a pattern to
many of these, but the three of order will be a challenge.
G = DihedralGroup(20)
[H.order() for H in G.normal_subgroups()]
[40, 20, 20, 20, 10, 4, 2, 5, 1]

OceanofPDF.com
Chapter 12 Matrix Groups and
Symmetry
When Felix Klein (1849–1925) accepted a chair at the University of
Erlangen, he outlined in his inaugural address a program to classify
different geometries. Central to Klein's program was the theory of groups:
he considered geometry to be the study of properties that are left invariant
under transformation groups. Groups, especially matrix groups, have now
become important in the study of symmetry and have found applications in
such disciplines as chemistry and physics. In the first part of this chapter,
we will examine some of the classical matrix groups, such as the general
linear group, the special linear group, and the orthogonal group. We will
then use these matrix groups to investigate some of the ideas behind
geometric symmetry.

OceanofPDF.com
12.1 Matrix Groups
Some Facts from Linear Algebra
Before we study matrix groups, we must recall some basic facts from linear algebra.
One of the most fundamental ideas of linear algebra is that of a linear
transformation. A linear transformation or linear map is a map
that preserves vector addition and scalar multiplication; that is, for vectors and
in and a scalar ,

An matrix with entries in represents a linear transformation from to

. If we write vectors and in as
column matrices, then an matrix

maps the vectors to linearly by matrix multiplication. Observe that if is a real

number,

where
We will often abbreviate the matrix by writing .

Conversely, if is a linear map, we can associate a matrix with

by considering what does to the vectors

We can write any vector as

Consequently, if

then

Example 12.1. If we let be the map given by

 the axioms that must satisfy to be a linear transformation are easily verified. The
column vectors and tell us that is given by the
matrix

Since we are interested in groups of matrices, we need to know which matrices have
multiplicative inverses. Recall that an matrix is invertible exactly when
there exists another matrix such that , where

is the identity matrix. From linear algebra we know that is invertible if

and only if the determinant of is nonzero. Sometimes an invertible matrix is said
to be nonsingular.

Example 12.2. If is the matrix

then the inverse of is

We are guaranteed that exists, since is

nonzero.
Some other facts about determinants will also prove useful in the course of this
chapter. Let and be matrices. From linear algebra we have the
following properties of determinants.

The determinant is a homomorphism into the multiplicative group of real

numbers; that is, .

If is an invertible matrix, then .

If we define the transpose of a matrix to be , then

.
Let be the linear transformation associated with an matrix . Then
multiplies volumes by a factor of . In the case of , this means that
multiplies areas by .

Linear maps, matrices, and determinants are covered in any elementary linear
algebra text; however, if you have not had a course in linear algebra, it is a
straightforward process to verify these properties directly for matrices, the
case with which we are most concerned.

The General and Special Linear Groups

The set of all invertible matrices forms a group called the general linear
group. We will denote this group by . The general linear group has several
important subgroups. The multiplicative properties of the determinant imply that the
set of matrices with determinant one is a subgroup of the general linear group.
Stated another way, suppose that and . Then
and . This
subgroup is called the special linear group and is denoted by .

Example 12.3. Given a matrix

 the determinant of is . The group consists of those matrices in
which . The inverse of is

If is in , then

Geometrically, is the group that preserves the areas of parallelograms.

Let

be in . In Figure 12.4, the unit square corresponding to the vectors

and is taken by to the parallelogram with sides
and ; that is, and . Notice that these two
parallelograms have the same area.

Figure 12.4. acting on the unit square

The Orthogonal Group
Another subgroup of is the orthogonal group. A matrix is orthogonal if
. The orthogonal group consists of the set of all orthogonal matrices.
We write for the orthogonal group. We leave as an exercise the proof
that is a subgroup of .

Example 12.5. The following matrices are orthogonal:

There is a more geometric way of viewing the group . The orthogonal

matrices are exactly those matrices that preserve the length of vectors. We can
define the length of a vector using the Euclidean inner product, or dot product, of
two vectors. The Euclidean inner product of two vectors and
is

We define the length of a vector to be

Associated with the notion of the length of a vector is the idea of the distance
between two vectors. We define the distance between two vectors and to be
 . We leave as an exercise the proof of the following proposition about the
properties of Euclidean inner products.

Proposition 12.6. Let , , and be vectors in and . Then

1. .

2. .
3. .

4. with equality exactly when .

5. If for all in , then .

Example 12.7. The vector has length . We can also

see that the orthogonal matrix

preserves the length of this vector. The vector also has

length 5.

Since and , the determinant of any

orthogonal matrix is either or . Consider the column vectors

of the orthogonal matrix . Since , , where

is the Kronecker delta. Accordingly, column vectors of an orthogonal matrix all
have length 1; and the Euclidean inner product of distinct column vectors is zero.
Any set of vectors satisfying these properties is called an orthonormal set.
Conversely, given an matrix whose columns form an orthonormal set, it
follows that .

We say that a matrix is distance-preserving, length-preserving, or inner product-

preserving when , , or
, respectively. The following theorem, which characterizes the
orthogonal group, says that these notions are the same.

Theorem 12.8. Let be an matrix. The following statements are

equivalent.

1. The columns of the matrix form an orthonormal set.

2. .

3. For vectors and , .

4. For vectors and , .

5. For any vector , .

Proof. We have already shown (1) and (2) to be equivalent.

. Since
we know that for all . Therefore, or
.

. If is inner product-preserving, then is distance-preserving, since

. If is distance-preserving, then is length-preserving. Letting

, we have

. We use the following identity to show that length-preserving implies

inner product-preserving:

Observe that
Figure 12.9. acting on

Example 12.10. Let us examine the orthogonal group on a bit more closely.
An element is determined by its action on and
. If , then , since the length of a vector
must be preserved when it is multiplied by . Since multiplication of an element
of preserves length and orthogonality, . If we choose
, then

where . The matrix rotates a vector in counterclockwise about

the origin by an angle of (Figure 12.9).

If we choose , then we obtain the matrix

Here, and
 A reflection about the horizontal axis is given by the matrix

and (see Figure 12.9). Thus, a reflection about a line is simply a

reflection about the horizontal axis followed by a rotation.

Two of the other matrix or matrix-related groups that we will consider are the
special orthogonal group and the group of Euclidean motions. The special
orthogonal group, , is just the intersection of and ; that is,
those elements in with determinant one. The Euclidean group, , can be
written as ordered pairs , where is in and is in . We define
multiplication by

The identity of the group is ; the inverse of is . In

Exercise 12.4.6, you are asked to check that is indeed a group under this
operation.

Figure 12.11. Translations in

OceanofPDF.com
12.2 Symmetry
An isometry or rigid motion in is a distance-preserving function from
to . This means that must satisfy

for all . It is not difficult to show that must be a one-to-one map. By

Theorem 12.8, any element in is an isometry on ; however, does
not include all possible isometries on . Translation by a vector ,
is also an isometry (Figure 12.11); however, cannot be in
since it is not a linear map.

We are mostly interested in isometries in . In fact, the only isometries in

are rotations and reflections about the origin, translations, and combinations of
the two. For example, a glide reflection is a translation followed by a reflection
(Figure 12.12). In all isometries are given in the same manner. The proof is
very easy to generalize.

Figure 12.12. Glide reflections

Lemma 12.13. An isometry that fixes the origin in is a linear

transformation. In particular, is given by an element in .

Proof. Let be an isometry in fixing the origin. We will first show that
preserves inner products. Since , ; therefore,
Consequently,

Now let and be and , respectively. If

then

The linearity of easily follows.

For any arbitrary isometry, , will fix the origin for some vector in ;
hence, for some matrix . Consequently,
. Given the isometries

their composition is

This last computation allows us to identify the group of isometries on with

.
 Theorem 12.14. The group of isometries on is the Euclidean group, .

A symmetry group in is a subgroup of the group of isometries on that

fixes a set of points . It is important to realize that the symmetry group
of depends both on and on . For example, the symmetry group of the
origin in is , but the symmetry group of the origin in is .

Theorem 12.15. The only finite symmetry groups in are and .

Proof. We simply need to find all of the finite subgroups of . Any finite
symmetry group in must fix the origin and must be a finite subgroup of
, since translations and glide reflections have infinite order. By
Example 12.10, elements in are either rotations of the form

or reflections of the form

Notice that , , and . We can divide the

proof up into two cases. In the first case, all of the elements in have
determinant one. In the second case, there exists at least one element in with
determinant .

Case 1. The determinant of every element in is one. In this case every

element in must be a rotation. Since is finite, there is a smallest angle, say
, such that the corresponding element is the smallest rotation in the positive
direction. We claim that generates . If not, then for some positive integer
there is an angle between and . If so, then
corresponds to a rotation smaller than , which contradicts the minimality of .
Case 2. The group contains a reflection . The kernel of the homomorphism
given by consists of elements whose
determinant is 1. Therefore, . We know that the kernel is cyclic
by the first case and is a subgroup of of, say, order . Hence, . The
elements of are

These elements satisfy the relation

Consequently, must be isomorphic to in this case.

The Wallpaper Groups

Suppose that we wish to study wallpaper patterns in the plane or crystals in three
dimensions. Wallpaper patterns are simply repeating patterns in the plane
(Figure 12.16). The analogs of wallpaper patterns in are crystals, which we
can think of as repeating patterns of molecules in three dimensions
(Figure 12.17). The mathematical equivalent of a wallpaper or crystal pattern is
called a lattice.

Figure 12.16. A wallpaper pattern in

Figure 12.17. A crystal structure in

Let us examine wallpaper patterns in the plane a little more closely. Suppose that
and are linearly independent vectors in ; that is, one vector cannot be a
scalar multiple of the other. A lattice of and is the set of all linear
combinations , where and are integers. The vectors and are
said to be a basis for the lattice.

Notice that a lattice can have several bases. For example, the vectors and
have the same lattice as the vectors and
(Figure 12.18). However, any lattice is completely determined by a basis. Given
two bases for the same lattice, say and , we can write

where , , , and are integers. The matrix corresponding to this

transformation is
If we wish to give and in terms of and , we need only calculate
; that is,

Since has integer entries, must also have integer entries; hence the
determinants of both and must be integers. Because ,

consequently, . A matrix with determinant and integer entries

is called unimodular. For example, the matrix

is unimodular. It should be clear that there is a minimum length for vectors in a

lattice.

Figure 12.18. A lattice in

We can classify lattices by studying their symmetry groups. The symmetry group
of a lattice is the subgroup of that maps the lattice to itself. We consider
two lattices in to be equivalent if they have the same symmetry group.
Similarly, classification of crystals in is accomplished by associating a
symmetry group, called a space group, with each type of crystal. Two lattices are
considered different if their space groups are not the same. The natural question
that now arises is how many space groups exist.

A space group is composed of two parts: a translation subgroup and a point. The
translation subgroup is an infinite abelian subgroup of the space group made up of
the translational symmetries of the crystal; the point group is a finite group
consisting of rotations and reflections of the crystal about a point. More
specifically, a space group is a subgroup of whose translations are a
set of the form , where is a lattice. Space groups are, of
course, infinite. Using geometric arguments, we can prove the following theorem
(see [5] or [6]).

Theorem 12.19. Every translation group in is isomorphic to .

The point group of is . In particular,

must be a subgroup of . Suppose that is a vector in a lattice with space
group , translation group , and point group . For any element in
,

hence, is in the translation group of . More specifically, must be in

the lattice . It is important to note that is not usually a subgroup of the space
group ; however, if is the translation subgroup of , then . The
proof of the following theorem can be found in [2], [5], or [6].

Theorem 12.20. The point group in the wallpaper groups is isomorphic to

or , where .
To answer the question of how the point groups and the translation groups can be
combined, we must look at the different types of lattices. Lattices can be
classified by the structure of a single lattice cell. The possible cell shapes are
parallelogram, rectangular, square, rhombic, and hexagonal (Figure 12.21). The
wallpaper groups can now be classified according to the types of reflections that
occur in each group: these are ordinarily reflections, glide reflections, both, or
none.

Figure 12.21. Types of lattices in

 Table 12.22. The 17 wallpaper groups
Notation and Reflections or
Space Groups Point Group Lattice Type Glide Reflections?
p1 parallelogram none
p2 parallelogram none
p3 hexagonal none
p4 square none
p6 hexagonal none
pm rectangular reflections
pg rectangular glide reflections
cm rhombic both
pmm rectangular reflections
pmg rectangular glide reflections
pgg rectangular both
c2mm rhombic both
p3m1, p31m hexagonal both
p4m, p4g square both
p6m hexagonal both

Theorem 12.23. There are exactly 17 wallpaper groups.

Figure 12.24. The wallpaper groups p4m and p4g

The 17 wallpaper groups are listed in Table 12.22. The groups p3m1 and p31m
can be distinguished by whether or not all of their threefold centers lie on the
reflection axes: those of p3m1 must, whereas those of p31m may not. Similarly,
the fourfold centers of p4m must lie on the reflection axes whereas those of p4g
need not (Figure 12.24). The complete proof of this theorem can be found in
several of the references at the end of this chapter, including [5], [6], [10], and
[11].

Historical Note
Symmetry groups have intrigued mathematicians for a long time. Leonardo da
Vinci was probably the first person to know all of the point groups. At the
International Congress of Mathematicians in 1900, David Hilbert gave a now-
famous address outlining 23 problems to guide mathematics in the twentieth
century. Hilbert's eighteenth problem asked whether or not crystallographic
groups in dimensions were always finite. In 1910, L. Bieberbach proved that
crystallographic groups are finite in every dimension. Finding out how many of
these groups there are in each dimension is another matter. In there are 230
different space groups; in there are 4783. No one has been able to compute
the number of space groups for and beyond. It is interesting to note that the
crystallographic groups were found mathematically for before the 230
different types of crystals were actually discovered in nature.

OceanofPDF.com
12.3 Reading Questions
1. What is a nonsingular matrix? Give an example of a nonsingular
matrix. How do you know your example is nonsingular?

2. What is an isometry in ? Can you give an example of an isometry in

?

3. What is an orthonormal set of vectors?

4. What is the difference between the orthogonal group and the special
orthogonal group?

5. What is a lattice?

OceanofPDF.com
12.4 Exercises
1. Prove the identity

2. Show that is a group.

3. Prove that the following matrices are orthogonal. Are any of these
matrices in ?

a.

b.

c.

d.
4. Determine the symmetry group of each of the figures below.

5. Let , , and be vectors in and . Prove each of the

following properties of inner products.

a. .

b. .

c. .

d. with equality exactly when .

e. If for all in , then .

6. Verify that

is a group.

7. Prove that and are bases for the same

lattice.
8. Let be a subgroup of and suppose that is the translation
subgroup of . Prove that the point group of is isomorphic to .

9. Let and suppose that the vectors and form two sides
of a parallelogram in . Prove that the area of this parallelogram is the
same as the area of the parallelogram with sides and .

10. Prove that is a normal subgroup of .

11. Show that any isometry in is a one-to-one map.

12. Prove or disprove: an element in of the form , where

, has infinite order.

13. Prove or disprove: There exists an infinite abelian subgroup of .

14. Let be a point on the unit circle in ; that is,

. If , show that is also a point on the unit
circle.

15. Let be a group with a subgroup (not necessarily normal) and a

normal subgroup . Then is a semidirect product of by if

;
.

Show that each of the following is true.

a. is the semidirect product of by .

 b. The quaternion group, , cannot be written as a semidirect product.

c. is the semidirect product of by , where consists of

all translations in .

16. Determine which of the 17 wallpaper groups preserves the symmetry of

the pattern in Figure 12.16.

17. Determine which of the 17 wallpaper groups preserves the symmetry of

the pattern in Figure 12.25.

Figure 12.25.

18. Find the rotation group of a dodecahedron.

19. For each of the 17 wallpaper groups, draw a wallpaper pattern having
that group as a symmetry group.

OceanofPDF.com
12.5 References and Suggested
Readings
[1] Coxeter, H. M. and Moser, W. O. J. Generators and Relations for
Discrete Groups, 3rd ed. Springer-Verlag, New York, 1972.

[2] Grove, L. C. and Benson, C. T. Finite Reflection Groups. 2nd ed.

Springer-Verlag, New York, 1985.

[3] Hiller, H. “Crystallography and Cohomology of Groups,” American

Mathematical Monthly 93 (1986), 765–79.

[4] Lockwood, E. H. and Macmillan, R. H. Geometric Symmetry.

Cambridge University Press, Cambridge, 1978.

[5] Mackiw, G. Applications of Abstract Algebra. Wiley, New York,

1985.

[6] Martin, G. Transformation Groups: An Introduction to Symmetry.

Springer-Verlag, New York, 1982.

[7] Milnor, J. “Hilbert's Problem 18: On Crystallographic Groups,

Fundamental Domains, and Sphere Packing,” t Proceedings of
Symposia in Pure Mathematics 18, American Mathematical Society,
1976.

[8] Phillips, F. C. An Introduction to Crystallography. 4th ed. Wiley,

New York, 1971.
[9] Rose, B. I. and Stafford, R. D. “An Elementary Course in
Mathematical Symmetry,” American Mathematical Monthly 88
(1980), 54–64.

[10] Schattschneider, D. “The Plane Symmetry Groups: Their

Recognition and Their Notation,” American Mathematical Monthly
85 (1978), 439–50.

[11] Schwarzenberger, R. L. “The 17 Plane Symmetry Groups,”

Mathematical Gazette 58 (1974), 123–31.

[12] Weyl, H. Symmetry. Princeton University Press, Princeton, NJ,

1952.

OceanofPDF.com
12.6 Sage
There is no Sage material for this chapter.

OceanofPDF.com
12.7 Sage Exercises
There are no Sage exercises for this chapter.

OceanofPDF.com
Chapter 13 The Structure of Groups
The ultimate goal of group theory is to classify all groups up to
isomorphism; that is, given a particular group, we should be able to match it
up with a known group via an isomorphism. For example, we have already
proved that any finite cyclic group of order is isomorphic to ; hence,
we “know” all finite cyclic groups. It is probably not reasonable to expect
that we will ever know all groups; however, we can often classify certain
types of groups or distinguish between groups in special cases.

In this chapter we will characterize all finite abelian groups. We shall also
investigate groups with sequences of subgroups. If a group has a sequence
of subgroups, say

where each subgroup is normal in and each of the factor groups

is abelian, then is a solvable group. In addition to allowing us
to distinguish between certain classes of groups, solvable groups turn out to
be central to the study of solutions to polynomial equations.

OceanofPDF.com
13.1 Finite Abelian Groups
In our investigation of cyclic groups we found that every group of prime
order was isomorphic to , where was a prime number. We also
determined that when . In fact, much
more is true. Every finite abelian group is isomorphic to a direct product of
cyclic groups of prime power order; that is, every finite abelian group is
isomorphic to a group of the type

where each is prime (not necessarily distinct).

First, let us examine a slight generalization of finite abelian groups.

Suppose that is a group and let be a set of elements in , where is
in some index set (not necessarily finite). The smallest subgroup of
containing all of the 's is the subgroup of generated by the 's. If this
subgroup of is in fact all of , then is generated by the set
. In this case the 's are said to be the generators of . If
there is a finite set that generates , then is finitely
generated.

Example 13.1. Obviously, all finite groups are finitely generated. For
example, the group is generated by the permutations and .
The group is an infinite group but is finitely generated by
.

Example 13.2. Not all groups are finitely generated. Consider the
rational numbers under the operation of addition. Suppose that is
finitely generated with generators , where each
 is a fraction expressed in its lowest terms. Let be some prime that does
not divide any of the denominators . We claim that cannot
be in the subgroup of that is generated by , since
does not divide the denominator of any element in this subgroup. This fact
is easy to see since the sum of any two generators is

Proposition 13.3. Let be the subgroup of a group that is generated

by . Then exactly when it is a product of the
form

where the s are not necessarily distinct.

Proof. Let be the set of all products of the form , where the
s are not necessarily distinct. Certainly is a subset of . We need
only show that is a subgroup of . If this is the case, then ,
since is the smallest subgroup containing all the s.

Clearly, the set is closed under the group operation. Since , the
identity is in . It remains to show that the inverse of an element
in must also be in . However,

The reason that powers of a fixed may occur several times in the product
is that we may have a nonabelian group. However, if the group is abelian,
then the s need occur only once. For example, a product such as
in an abelian group could always be simplified (in this case, to ).

Now let us restrict our attention to finite abelian groups. We can express
any finite abelian group as a finite direct product of cyclic groups. More
specifically, letting be prime, we define a group to be a -group if
every element in has as its order a power of . For example, both
and are -groups, whereas is a -group. We shall prove
the Fundamental Theorem of Finite Abelian Groups which tells us that
every finite abelian group is isomorphic to a direct product of cyclic -
groups.

Theorem 13.4. Fundamental Theorem of Finite Abelian

Groups. Every finite abelian group is isomorphic to a direct product
of cyclic groups of the form

here the 's are primes (not necessarily distinct).

Example 13.5. Suppose that we wish to classify all abelian groups of

order . The Fundamental Theorem of Finite Abelian
Groups tells us that we have the following six possibilities.

;
;
;
;
;
 .

The proof of the Fundamental Theorem of Finite Abelian Groups depends

on several lemmas.

Lemma 13.6. Let be a finite abelian group of order . If is a prime

that divides , then contains an element of order .
Proof. We will prove this lemma by induction. If , then there is
nothing to show. Now suppose that the lemma is true for all groups of order
, where . Furthermore, let be a prime that divides .

If has no proper nontrivial subgroups, then , where is any

element other than the identity. By Exercise 4.5.39, the order of must be
prime. Since divides , we know that , and contains
elements of order .

Now suppose that contains a nontrivial proper subgroup . Then

. If , then contains an element of order by
induction and the lemma is true. Suppose that does not divide the order of
. Since is abelian, it must be the case that is a normal subgroup of
, and . Consequently, must divide . Since
, we know that contains an element of order
by the induction hypothesis. Thus,

and but . If , then and are relatively prime, and

there exist integers and such that . Furthermore, the order
of must divide , and .
We claim that has order . We must show that . Suppose
. Then

Since , it must be the case that , which is a

contradiction. Therefore, is an element of order in .

Lemma 13.6 is a special case of Cauchy's Theorem (Theorem 15.1), which

states that if is a finite group and a prime such that divides the order
of , then contains a subgroup of order . We will prove Cauchy's
Theorem in Chapter 15.

Lemma 13.7. A finite abelian group is a -group if and only if its order
is a power of .

Proof. If then by Lagrange’s theorem, then the order of any

must divide , and therefore must be a power of . Conversely, if
is not a power of , then it has some other prime divisor , so by
Lemma 13.6, has an element of order and thus is not a -group.

Lemma 13.8. Let be a finite abelian group of order ,

where where are distinct primes and are
positive integers. Then is the internal direct product of subgroups
, where is the subgroup of consisting of all
elements of order for some integer .
Proof. Since is an abelian group, we are guaranteed that is a
subgroup of for . Since the identity has order , we
know that . If has order , then must also have order
. Finally, if has order , then

where is the maximum of and .

We must show that

and for . Suppose that is in the subgroup

generated by . Then for .
Since has order , we know that for , and

. Since the order of is a power of and

, it must be the case that and the
intersection of with any of the subgroups is the
identity. A similar argument shows that for .

Next, we must show that it possible to write every as a product

, where . Since the order of divides the order of , we
know that

for some integers . Letting , the 's are relatively

prime; hence, there exist integers such that
. Consequently,
Since

it follows that must be in . Let . Then

. Therefore, is an
internal direct product of subgroups.

If remains for us to determine the possible structure of each -group in

Lemma 13.8.

Lemma 13.9. Let be a finite abelian -group and suppose that

has maximal order. Then is isomorphic to for some subgroup
of .
Proof. By Lemma 13.7, we may assume that the order of is . We shall
induct on . If , then is cyclic of order and must be generated by
. Suppose now that the statement of the lemma holds for all integers
with and let be of maximal order in , say . Then
for all . Now choose in such that , where
has the smallest possible order. Certainly such an exists; otherwise,
and we are done. Let .

We claim that . It suffices to show that . Since

, the order of is smaller than the order of and must be in
by the minimality of ; that is, for some number . Hence,
and the order of must be less than or equal to . Therefore,
cannot generate . Notice that must occur as a factor of , say ,
and . Define to be . Then cannot be in ;
otherwise, would also have to be in . Also,

We have now formed an element with order such that . Since

was chosen to have the smallest order of all of the elements that are not in
, .

Now we will show that the order of in the factor group must be
the same as the order of in . If , then

hence, must be in , which contradicts the fact that

the order of is . Therefore, must have maximal order in . By
the Correspondence Theorem and our induction hypothesis,

for some subgroup of containing . We claim that .

If , then and
. It follows that implies that
.

The proof of the Fundamental Theorem of Finite Abelian Groups follows

very quickly from Lemma 13.9. Suppose that is a finite abelian group
and let be an element of maximal order in . If , then we are
done; otherwise, for some subgroup contained in by
the lemma. Since , we can apply mathematical induction.

We now state the more general theorem for all finitely generated abelian
groups. The proof of this theorem can be found in any of the references at
the end of this chapter.

Theorem 13.10. The Fundamental Theorem of Finitely

Generated Abelian Groups. Every finitely generated abelian group
is isomorphic to a direct product of cyclic groups of the form

where the 's are primes (not necessarily distinct).

OceanofPDF.com
13.2 Solvable Groups
A subnormal series of a group is a finite sequence of subgroups

where is a normal subgroup of . If each subgroup is normal in , then

the series is called a normal series. The length of a subnormal or normal series is
the number of proper inclusions.

Example 13.11. Any series of subgroups of an abelian group is a normal series.

Consider the following series of groups:

Example 13.12. A subnormal series need not be a normal series. Consider the
following subnormal series of the group :

The subgroup is not normal in ; consequently, this series is

not a normal series.

A subnormal (normal) series is a refinement of a subnormal (normal) series

if . That is, each is one of the .

Example 13.13. The series

is a refinement of the series

The best way to study a subnormal or normal series of subgroups, of , is
actually to study the factor groups . We say that two subnormal (normal)
series and of a group are isomorphic if there is a one-to-one
correspondence between the collections of factor groups and
.

Example 13.14. The two normal series

of the group are isomorphic since

A subnormal series of a group is a composition series if all the factor

groups are simple; that is, if none of the factor groups of the series contains a
normal subgroup. A normal series of is a principal series if all the factor
groups are simple.

Example 13.15. The group has a composition series

with factor groups

 Since is an abelian group, this series is automatically a principal series. Notice
that a composition series need not be unique. The series

is also a composition series.

Example 13.16. For , the series

is a composition series for since and is simple.

Example 13.17. Not every group has a composition series or a principal series.
Suppose that

is a subnormal series for the integers under addition. Then must be of the form
for some . In this case is an infinite cyclic group with
many nontrivial proper normal subgroups.

Although composition series need not be unique as in the case of , it turns out
that any two composition series are related. The factor groups of the two
composition series for are , , , and ; that is, the two composition
series are isomorphic. The Jordan-Hölder Theorem says that this is always the case.

Theorem 13.18. Jordan-Hölder. Any two composition series of are

isomorphic.

Proof. We shall employ mathematical induction on the length of the composition

series. If the length of a composition series is 1, then must be a simple group. In
this case any two composition series are isomorphic.
Suppose now that the theorem is true for all groups having a composition series of
length , where . Let

be two composition series for . We can form two new subnormal series for
since is normal in and is normal in
:

Since is normal in , the Second Isomorphism Theorem

(Theorem 11.12) implies that

where is normal in . Since is a composition series,

must be simple; consequently, is either
or . That is, must be either or .
Removing any nonproper inclusions from the series

we have a composition series for . Our induction hypothesis says that this
series must be equivalent to the composition series

Hence, the composition series

and
are equivalent. If , then the composition series and
are equivalent and we are done; otherwise, is a normal subgroup of
properly containing . In this case and we can apply the
Second Isomorphism Theorem once again; that is,

Therefore,

and

are equivalent and the proof of the theorem is complete.

A group is solvable if it has a subnormal series such that all of the factor
groups are abelian. Solvable groups will play a fundamental role when
we study Galois theory and the solution of polynomial equations.

Example 13.19. The group is solvable since

has abelian factor groups; however, for the series

is a composition series for with a nonabelian factor group. Therefore, is not

a solvable group for .

OceanofPDF.com
13.3 Reading Questions
1. How many abelian groups are there of order ?

2. How many abelian groups are there of order ?

3. Find a subgroup of order 6 in .

4. It can be shown that an abelian group of order contains a subgroup of

order . What are the possibilities for this subgroup?

5. What is a principal series of the group ? Your answer should not use
new terms defined in this chapter.

OceanofPDF.com
13.4 Exercises
1. Find all of the abelian groups of order less than or equal to up to isomorphism.

2. Find all of the abelian groups of order up to isomorphism.

3. Find all of the abelian groups of order up to isomorphism.

4. Find all of the composition series for each of the following groups.

a.
b.
c. The quaternions,
d.
e.
f.
g. ,
h.

5. Show that the infinite direct product is not finitely generated.

6. Let be an abelian group of order . If divides , prove that has a subgroup of order .

7. A group is a torsion group if every element of has finite order. Prove that a finitely generated abelian
torsion group must be finite.

8. Let , , and be finitely generated abelian groups. Show that if , then .

Give a counterexample to show that this cannot be true in general.

9. Let and be solvable groups. Show that is also solvable.

10. If has a composition (principal) series and if is a proper normal subgroup of , show there exists a
composition (principal) series containing .

11. Prove or disprove: Let be a normal subgroup of . If and have composition series, then
must also have a composition series.

12. Let be a normal subgroup of . If and are solvable groups, show that is also a solvable
group.
13. Prove that is a solvable group if and only if has a series of subgroups

where is normal in and the order of is prime.

14. Let be a solvable group. Prove that any subgroup of is also solvable.

15. Let be a solvable group and a normal subgroup of . Prove that is solvable.

16. Prove that is solvable for all integers .

17. Suppose that has a composition series. If is a normal subgroup of , show that and also
have composition series.

18. Let be a cyclic -group with subgroups and . Prove that either is contained in or is
contained in .

19. Suppose that is a solvable group with order . Show that contains a normal nontrivial abelian
subgroup.

20. Recall that the commutator subgroup of a group is defined as the subgroup of generated by
elements of the form for . We can define a series of subgroups of by ,
, and .

a. Prove that is normal in . The series of subgroups

is called the derived series of .

b. Show that is solvable if and only if for some integer .

21. Suppose that is a solvable group with order . Show that contains a normal nontrivial abelian
factor group.

22. Zassenhaus Lemma. Let and be subgroups of a group . Suppose also that and are
normal subgroups of and respectively. Then

a. is a normal subgroup of .

b. is a normal subgroup of .
 c.
.

23. Schreier's Theorem. Use the Zassenhaus Lemma to prove that two subnormal (normal) series of a
group have isomorphic refinements.

24. Use Schreier's Theorem to prove the Jordan-Hölder Theorem.

OceanofPDF.com
13.5 Programming Exercises
1. Write a program that will compute all possible abelian groups of order .
What is the largest for which your program will work?

OceanofPDF.com
13.6 References and Suggested
Readings
[1] Hungerford, T. W. Algebra. Springer, New York, 1974.

[2] Lang, S. Algebra. 3rd ed. Springer, New York, 2002.

[3] Rotman, J. J. An Introduction to the Theory of Groups. 4th ed.

Springer, New York, 1995.

OceanofPDF.com
13.7 Sage
Cyclic groups, and direct products of cyclic groups, are implemented in Sage
as permutation groups. However, these groups quickly become very unwieldly
representations and it should be easier to work with finite abelian groups in
Sage. So we will postpone any specifics for this chapter until that happens.
However, now that we understand the notion of isomorphic groups and the
structure of finite abelian groups, we can return to our quest to classify all of
the groups with order less than .

Classification of Finite Groups

It does not take any sophisticated tools to understand groups of order ,
where is an odd prime. There are two possibilities — a cyclic group of order
and the dihedral group of order that is the set of symmetries of a regular
-gon. The proof requires some close, tight reasoning, but the required
theorems are generally just concern orders of elements, Lagrange's Theorem
and cosets. See Exercise 9.4.55. This takes care of orders .

For , the upcoming Corollary 14.16 will tell us that any group of order
(where is a prime) is abelian. So we know from this section that the only
two possibilities are and . Similarly, the upcoming
Theorem 15.10 will tell us that every group of order is abelian. Now
this leaves just one possibility for this order: .

We have just two orders left to analyze: and . The possibilities

are groups we already know, with one exception. However, the analysis that
these are the only possibilities is more complicated, and will not be pursued
now, nor in the next few chapters. Notice that is more complicated
still, with different possibilities (which explains why we stopped here).

For there are abelian groups, and the two non-abelian groups are the
dihedral group (symmetries of a square) and the quaternions.
For there are abelian groups, and non-abelian groups. We know
two of the non-abelian groups as a dihedral group, and the alternating group
on symbols (which is also the symmetries of a tetrahedron). The third non-
abelian group is an example of a “dicyclic” group, which is an infinite family
of groups, each with order divisible by . The order dicyclic group can also
be constructed as a “semi-direct product” of two cyclic groups — this is a
construction worth knowing as you pursue further study of group theory. The
order dicyclic group is also the quaternions and more generally, the dicyclic
groups of order , are known as “generalized quaternion groups.”

The following examples will show you how to construct some of these groups,
while also exercising a few of the commands and allowing us to be more
certain the following table is accurate.

S = SymmetricGroup(3)
D = DihedralGroup(3)
S.is_isomorphic(D)

True

C3 = CyclicPermutationGroup(3)
C5 = CyclicPermutationGroup(5)
DP = direct_product_permgroups([C3, C5])
C = CyclicPermutationGroup(15)
DP.is_isomorphic(C)

True

Q = QuaternionGroup()
DI = DiCyclicGroup(2)
Q.is_isomorphic(DI)

True
Groups of Small Order as Permutation Groups
We list here constructions, as permutation groups in Sage, for all of the groups
of order less than .
Table 13.20. The Groups of Order or Less in Sage
Order Construction Notes, Alternatives
1 CyclicPermutationGroup(1) Trivial
2 CyclicPermutationGroup(2) SymmetricGroup(2)
3 CyclicPermutationGroup(3) Prime order
4 CyclicPermutationGroup(4) Cyclic
4 KleinFourGroup() Abelian, non-cyclic
5 CyclicPermutationGroup(5) Prime order
6 CyclicPermutationGroup(6) Cyclic
6 SymmetricGroup(3) Non-abelian
DihedralGroup(3)
7 CyclicPermutationGroup(7) Prime order
8 CyclicPermutationGroup(8) Cyclic
8 C2=CyclicPermutationGroup(2)
C4=CyclicPermutationGroup(4)
G=direct_product_permgroups([C2,C4]) Abelian, non-cyclic
8 C2=CyclicPermutationGroup(2)
G=direct_product_permgroups([C2,C2,C2]) Abelian, non-cyclic
8 DihedralGroup(4) Non-abelian
8 QuaternionGroup() Quaternions
DiCyclicGroup(2)
9 CyclicPermutationGroup(9) Cyclic
9 C3=CyclicPermutationGroup(3)
G=direct_product_permgroups([C3,C3]) Abelian, non-cyclic
10 CyclicPermutationGroup(10) Cyclic
10 DihedralGroup(5) Non-abelian
11 CyclicPermutationGroup(11) Prime order
12 CyclicPermutationGroup(12) Cyclic
12 C2=CyclicPermutationGroup(2)
C6=CyclicPermutationGroup(6)
G=direct_product_permgroups([C2,C6]) Abelian, non-cyclic
12 DihedralGroup(6) Non-abelian
12 AlternatingGroup(4) Non-abelian
Symmetries of tetrahedron
12 DiCyclicGroup(3) Non-abelian
Semi-direct product
13 CyclicPermutationGroup(13) Prime order
14 CyclicPermutationGroup(14) Cyclic
14 DihedralGroup(7) Non-abelian
15 CyclicPermutationGroup(15) Cyclic
OceanofPDF.com
13.8 Sage Exercises
There are no Sage exercises for this chapter.

OceanofPDF.com
Chapter 14 Group Actions
Group actions generalize group multiplication. If is a group and is an
arbitrary set, a group action of an element and is a product,
, living in . Many problems in algebra are best be attacked via group
actions. For example, the proofs of the Sylow theorems and of Burnside's
Counting Theorem are most easily understood when they are formulated in
terms of group actions.

OceanofPDF.com
14.1 Groups Acting on Sets
Let be a set and be a group. A (left) action of on is a map
given by , where

1. for all ;
2. for all and all .

Under these considerations is called a -set. Notice that we are not

requiring to be related to in any way. It is true that every group acts
on every set by the trivial action ; however, group actions are
more interesting if the set is somehow related to the group .

Example 14.1. Let and . Then acts on by

left multiplication. If and is the identity matrix, then . If
and are invertible matrices, then since matrix
multiplication is associative.

Example 14.2. Let be the symmetry group of a square. If

is the set of vertices of the square, then we can consider
to consist of the following permutations:

The elements of act on as functions. The permutation acts

on vertex by sending it to vertex , on vertex by sending it to vertex ,
and so on. It is easy to see that the axioms of a group action are satisfied.

In general, if is any set and is a subgroup of , the group of all

permutations acting on , then is a -set under the group action
for and .

Example 14.3. If we let , then every group acts on itself by the

left regular representation; that is, , where is left
multiplication:

If is a subgroup of , then is an -set under left multiplication by

elements of .

Example 14.4. Let be a group and suppose that . If is a

subgroup of , then is an -set under conjugation; that is, we can define
an action of on ,

via

for and . Clearly, the first axiom for a group action holds.
Observing that

we see that the second condition is also satisfied.

 Example 14.5. Let be a subgroup of and the set of left cosets of
. The set is a -set under the action

Again, it is easy to see that the first axiom is true. Since

, the second axiom is also true.

If acts on a set and , then is said to be -equivalent to if

there exists a such that . We write or if two
elements are -equivalent.

Proposition 14.6. Let be a -set. Then -equivalence is an

equivalence relation on .
Proof. The relation is reflexive since . Suppose that for
. Then there exists a such that . In this case ;
hence, . To show that the relation is transitive, suppose that and
. Then there must exist group elements and such that and
. So , and is equivalent to .

If is a -set, then each partition of associated with -equivalence is

called an orbit of under . We will denote the orbit that contains an
element of by .

Example 14.7. Let be the permutation group defined by

and . Then is a -set. The orbits are

and .
Now suppose that is a group acting on a set and let be an element of
. The fixed point set of in , denoted by , is the set of all such
that . We can also study the group elements that fix a given .
This set is more than a subset of , it is a subgroup. This subgroup is called
the stabilizer subgroup or isotropy subgroup of . We will denote the
stabilizer subgroup of by .

Remark 14.8. It is important to remember that and .

Example 14.9. Let and suppose that is the

permutation group given by the permutations

Then the fixed point sets of under the action of are

and the stabilizer subgroups are

It is easily seen that is a subgroup of for each .

Proposition 14.10. Let be a group acting on a set and . The

stabilizer group of , , is a subgroup of .

Proof. Clearly, since the identity fixes every element in the set .
Let . Then and . So ;
hence, the product of two elements in is also in . Finally, if ,
then . So is in .

We will denote the number of elements in the fixed point set of an element
by and denote the number of elements in the orbit of by
. The next theorem demonstrates the relationship between orbits of an
element and the left cosets of in .

Theorem 14.11. Let be a finite group and a finite -set. If ,

then .

Proof. We know that is the number of left cosets of in by

Lagrange's Theorem (Theorem 6.10). We will define a bijective map
between the orbit of and the set of left cosets of in . Let
. Then there exists a in such that . Define by
. To show that is one-to-one, assume that .
Then

where and . Since , there exists a

such that ,

consequently, the map is one-to-one. Finally, we must show that the map
is onto. Let be a left coset. If , then .

OceanofPDF.com
14.2 The Class Equation
Let be a finite -set and be the set of fixed points in ; that is,

Since the orbits of the action partition ,

where are representatives from the distinct nontrivial orbits of

.

Now consider the special case in which acts on itself by conjugation,

. The center of ,

is the set of points that are fixed by conjugation. The nontrivial orbits of the
action are called the conjugacy classes of . If are
representatives from each of the nontrivial conjugacy classes of and
, then

The stabilizer subgroups of each of the 's,

, are called the centralizer subgroups of
the 's. From Theorem 14.11, we obtain the class equation:
One of the consequences of the class equation is that the order of each
conjugacy class must divide the order of .

Example 14.12. It is easy to check that the conjugacy classes in are

the following:

The class equation is .

Example 14.13. The center of is , and the

conjugacy classes are

Thus, the class equation for is .

Example 14.14. For it takes a bit of work to find the conjugacy

classes. We begin with cycles. Suppose that is a cycle
and let . By Theorem 6.16,

Consequently, any two cycles of the same length are conjugate. Now let
be a cycle decomposition, where the length of each
cycle is . Then is conjugate to every other whose cycle
decomposition has the same lengths.

The number of conjugate classes in is the number of ways in which

can be partitioned into sums of positive integers. In the case of for
example, we can partition the integer into the following three sums:
 therefore, there are three conjugacy classes. There are variations to
problem of finding the number of such partitions for any positive integer
that are what computer scientists call NP-complete. This effectively means
that the problem cannot be solved for a large because the computations
would be too time-consuming for even the largest computer.

Theorem 14.15. Let be a group of order where is prime. Then

has a nontrivial center.

Proof. We apply the class equation

Since each and , it follows that must divide each .

Also, ; hence, must divide . Since the identity is always in
the center of , . Therefore, , and there exists
some such that .

Corollary 14.16. Let be a group of order where is prime. Then

is abelian.

Proof. By Theorem 14.15, or . Suppose that .

Then and both have order and must both be cyclic
groups. Choosing a generator for , we can write any
element in the quotient group as for some integer ;
hence, for some in the center of . Similarly, if
, there exists a in such that for
some integer . Since and are in the center of , they commute with
all other elements of ; therefore,

and must be abelian. Hence, .

OceanofPDF.com
14.3 Burnside's Counting Theorem
Suppose that we wish to color the vertices of a square with two different
colors, say black and white. We might suspect that there would be
different colorings. However, some of these colorings are equivalent. If we
color the first vertex black and the remaining vertices white, it is the same
as coloring the second vertex black and the remaining ones white since we
could obtain the second coloring simply by rotating the square
(Figure 14.17).

Figure 14.17. Equivalent colorings of square

Burnside's Counting Theorem offers a method of computing the number of

distinguishable ways in which something can be done. In addition to its
geometric applications, the theorem has interesting applications to areas in
switching theory and chemistry. The proof of Burnside's Counting Theorem
depends on the following lemma.
 Lemma 14.18. Let be a -set and suppose that . Then is
isomorphic to . In particular, .

Proof. Let act on by . Since , there exists a

such that . Let . Since

we can define a map by . The map is a

homomorphism since

Suppose that . Then or ; hence, the

map is injective. To show that is onto, let be in ; then is in
since

and .

Theorem 14.19. Burnside. Let be a finite group acting on a set

and let denote the number of orbits of . Then

Proof. We look at all the fixed points of all the elements in ; that
is, we look at all 's and all 's such that . If viewed in terms of
fixed point sets, the number of all 's fixing 's is
However, if viewed in terms of the stabilizer subgroups, this number is

hence, . By Lemma 14.18,

By Theorem 14.11 and Lagrange's Theorem, this expression is equal to .

Summing over all of the distinct orbits, we conclude that

Example 14.20. Let and suppose that is the

permutation group . The orbits of
are , , and . The fixed point sets are

Burnside's Theorem says that

A Geometric Example
Before we apply Burnside's Theorem to switching-theory problems, let us
examine the number of ways in which the vertices of a square can be
colored black or white. Notice that we can sometimes obtain equivalent
colorings by simply applying a rigid motion to the square. For instance, as
we have pointed out, if we color one of the vertices black and the remaining
three white, it does not matter which vertex was colored black since a
rotation will give an equivalent coloring.

The symmetry group of a square, , is given by the following

permutations:

The group acts on the set of vertices in the usual manner.

We can describe the different colorings by mappings from into
where and represent the colors black and white,
respectively. Each map describes a way to color the corners of
the square. Every induces a permutation of the possible
colorings given by for . For example, suppose
that is defined by
and . Then sends vertex to and the
remaining vertices to . The set of all such is a permutation group on
the set of possible colorings. Let denote the set of all possible colorings;
that is, is the set of all possible maps from to . Now we must
compute the number of -equivalence classes.

1. since the identity fixes every possible coloring.

.

2. consists of all such that is unchanged by the

permutation . In this case , so
that all values of must be the same; that is, either or
for every vertex of the square. So .

3. .

4. For , and . Thus,

.

5. .

6. .

7. For , and the other corners can be of any color;

hence, .
 8. .

By Burnside's Theorem, we can conclude that there are exactly

ways to color the vertices of the square.

Proposition 14.21. Let be a permutation group of and the set of

functions from to . Then induces a group that permutes the
elements of , where is defined by for and
. Furthermore, if is the number of cycles in the cycle
decomposition of , then .

Proof. Let and . Since permutes the elements of ,

must also be in . Suppose that is another function from to such
that . Then for each ,

Since is a permutation of , every element in is the image of some

in under ; hence, and agree on all elements of . Therefore,
and is injective. The map is onto, since the two sets are
the same size.

Suppose that is a permutation of with cycle decomposition

. Any in must have the same value on each cycle of
. Since there are cycles and possible values for each cycle,
.
 Example 14.22. Let and suppose that
. If is the permutation of given by
, then . Any must
have the same value on each cycle in . There are such choices
for any value, so .

Example 14.23. Suppose that we wish to color the vertices of a square

using four different colors. By Proposition 14.21, we can immediately
decide that there are

possible ways.

Switching Functions
In switching theory we are concerned with the design of electronic circuits
with binary inputs and outputs. The simplest of these circuits is a switching
function that has inputs and a single output (Figure 14.24). Large
electronic circuits can often be constructed by combining smaller modules
of this kind. The inherent problem here is that even for a simple circuit a
large number of different switching functions can be constructed. With only
four inputs and a single output, we can construct 65,536 different switching
functions. However, we can often replace one switching function with
another merely by permuting the input leads to the circuit (Figure 14.25).
Figure 14.24. A switching function of variables

We define a switching or Boolean function of variables to be a function

from to . Since any switching function can have two possible values
for each binary -tuple and there are binary -tuples, switching
functions are possible for variables. In general, allowing permutations of
the inputs greatly reduces the number of different kinds of modules that are
needed to build a large circuit.

Figure 14.25. Switching functions in two variables

The possible switching functions with two input variables and are listed
in Table 14.26. Two switching functions and are equivalent if can be
obtained from by a permutation of the input variables. For example,
. In this case via the permutation .
In the case of switching functions of two variables, the permutation
reduces 16 possible switching functions to 12 equivalent functions since
 Table 14.26. Switching functions in two variables
Inputs Outputs

Inputs Outputs

For three input variables there are possible switching functions;

in the case of four variables there are . The number of
equivalence classes is too large to reasonably calculate directly. It is
necessary to employ Burnside's Theorem.

Consider a switching function with three possible inputs, , , and . As we

have mentioned, two switching functions and are equivalent if a
permutation of the input variables of gives . It is important to notice that
a permutation of the switching functions is not simply a permutation of the
input values . A switching function is a set of output values for the
inputs , , and , so when we consider equivalent switching functions, we
are permuting possible outputs, not just three input values. For example,
each binary triple has a specific output associated with it. The
permutation changes outputs as follows:
Let be the set of output values for a switching function in variables.
Then . We can enumerate these values as follows:

Now let us consider a circuit with four input variables and a single output.
Suppose that we can permute the leads of any circuit according to the
following permutation group:

The permutations of the four possible input variables induce the

permutations of the output values in Table 14.27.

Hence, there are

possible switching functions of four variables under this group of
permutations. This number will be even smaller if we consider the full
symmetric group on four letters.
Table 14.27. Permutations of switching functions in four variables
Group Number
Permutation Switching Function Permutation of Cycles
16
12
12
6
6
10
10
10

Historical Note
William Burnside was born in London in 1852. He attended Cambridge
University from 1871 to 1875 and won the Smith's Prize in his last year.
After his graduation he lectured at Cambridge. He was made a member of
the Royal Society in 1893. Burnside wrote approximately 150 papers on
topics in applied mathematics, differential geometry, and probability, but his
most famous contributions were in group theory. Several of Burnside's
conjectures have stimulated research to this day. One such conjecture was
that every group of odd order is solvable; that is, for a group of odd
order, there exists a sequence of subgroups

such that is normal in and is abelian. This conjecture

was finally proven by W. Feit and J. Thompson in 1963. Burnside's The
Theory of Groups of Finite Order, published in 1897, was one of the first
books to treat groups in a modern context as opposed to permutation
groups. The second edition, published in 1911, is still a classic.

OceanofPDF.com
14.4 Reading Questions
1. Give an informal description of a group action.

2. Describe the class equation.

3. What are the groups of order ?

4. How many switching functions are there with 5 inputs? (Give both a
simple expression and the total number as a single integer.)

5. The “Historical Note” mentions the proof of Burnside's Conjecture. How

long was the proof?

OceanofPDF.com
14.5 Exercises
1. Examples 14.1–14.5 in the first section each describe an action of a
group on a set , which will give rise to the equivalence relation defined
by -equivalence. For each example, compute the equivalence classes of
the equivalence relation, the -equivalence classes.

2. Compute all and all for each of the following permutation

groups.

a. ,

b. ,

3. Compute the -equivalence classes of for each of the -sets in

Exercise 14.5.2. For each verify that .

4. Let be the additive group of real numbers. Let the action of on

the real plane be given by rotating the plane counterclockwise about the
origin through radians. Let be a point on the plane other than the
origin.

a. Show that is a -set.

b. Describe geometrically the orbit containing .

c. Find the group .

5. Let and suppose that acts on itself by conjugation; that is,
.

a. Determine the conjugacy classes (orbits) of each element of .

b. Determine all of the isotropy subgroups for each element of .

6. Find the conjugacy classes and the class equation for each of the
following groups.

a. b. c. d.

7. Write the class equation for and for .

8. If a square remains fixed in the plane, how many different ways can the
corners of the square be colored if three colors are used?

9. How many ways can the vertices of an equilateral triangle be colored

using three different colors?

10. Find the number of ways a six-sided die can be constructed if each side
is marked differently with dots.

11. Up to a rotation, how many ways can the faces of a cube be colored
with three different colors?

12. Consider straight wires of equal lengths with their ends soldered
together to form the edges of a cube. Either silver or copper wire can be
used for each edge. How many different ways can the cube be constructed?
13. Suppose that we color each of the eight corners of a cube. Using three
different colors, how many ways can the corners be colored up to a rotation
of the cube?

14. Each of the faces of a regular tetrahedron can be painted either red or
white. Up to a rotation, how many different ways can the tetrahedron be
painted?

15. Suppose that the vertices of a regular hexagon are to be colored either
red or white. How many ways can this be done up to a symmetry of the
hexagon?

16. A molecule of benzene is made up of six carbon atoms and six

hydrogen atoms, linked together in a hexagonal shape as in Figure 14.28.

a. How many different compounds can be formed by replacing one or

more of the hydrogen atoms with a chlorine atom?

b. Find the number of different chemical compounds that can be formed

by replacing three of the six hydrogen atoms in a benzene ring with a
radical.
Figure 14.28. A benzene ring

17. How many equivalence classes of switching functions are there if the
input variables , , and can be permuted by any permutation in ?
What if the input variables , , , and can be permuted by any
permutation in ?

18. How many equivalence classes of switching functions are there if the
input variables , , , and can be permuted by any permutation in
the subgroup of generated by the permutation ?

19. A striped necktie has bands of color. Each band can be colored by
one of four possible colors. How many possible different-colored neckties
are there?

20. A group acts faithfully on a -set if the identity is the only element
of that leaves every element of fixed. Show that acts faithfully on
if and only if no two distinct elements of have the same action on
each element of .
21. Let be prime. Show that the number of different abelian groups of
order (up to isomorphism) is the same as the number of conjugacy
classes in .

22. Let . Show that for any , .

23. Let be a nonabelian group for prime. Prove that

.

24. Let be a group with order where is prime and a finite -set.
If is the set of elements in
fixed by the group action, then prove that .

25. If is a group of order , where is prime and , show that

must have a proper subgroup of order . If , is it true that will
have a proper subgroup of order ?

OceanofPDF.com
14.6 Programming Exercise
1. Write a program to compute the number of conjugacy classes in .
What is the largest for which your program will work?

OceanofPDF.com
14.7 References and Suggested
Reading
[1] Bruijin, de, N. G. “Pólya's Theory of Counting,” in Applied
Combinatorial Mathematics, Beckenbach, E. F., ed. Wiley, New
York, 1964.

[2] Eidswick, J. A. “Cubelike Puzzles—What Are They and How Do

You Solve Them?” American Mathematical Monthly 93 (1986),
157–76.

[3] Harary, F., Palmer, E. M., and Robinson, R. W. “Pólya's

Contributions to Chemical Enumeration,” in Chemical Applications
of Graph Theory, Balaban, A. T., ed. Academic Press, London,
1976.

[4] Gårding, L. and Tambour, T. Algebra for Computer Science.

Springer-Verlag, New York, 1988.

[5] Laufer, H. B. Discrete Mathematics and Applied Modern Algebra.

PWS-Kent, Boston, 1984.

[6] Pólya, G. and Read, R. C. Combinatorial Enumeration of Groups,

Graphs, and Chemical Compounds. Springer-Verlag, New York,
1985.

[7] Shapiro, L. W. “Finite Groups Acting on Sets with Applications,”

Mathematics Magazine, May–June 1973, 136–47.

OceanofPDF.com
14.8 Sage
Groups can be realized in many ways, such as as sets of permutations, as
sets of matrices, or as sets of abstract symbols related by certain rules
(“presentations”) and in myriad other ways. We have concentrated on
permutation groups because of their concrete feel, with elements written as
functions, and because of their thorough implementation in Sage. Group
actions are of great interest when the set they act on is the group itself, and
group actions will figure prominently in the proofs of the main results of the
next chapter. However, any time we have a group action on a set, we can
view that group as a permutation group on the elements of the set. So
permutation groups are an area of group theory of independent interest,
with its own definitions and theorems.

We will describe Sage's commands applicable when a group action arises

naturally via conjugation, and then move into the more general situation in
a more general application.

Conjugation as a Group Action

We might think we need to be careful how Sage defines conjugation (
versus ) and the difference between Sage and the text on the
order of products. However, if you look at the definition of the center and
centralizer subgroups you can see that any difference in ordering is
irrelevant. Here are the group action commands for the particular action that
is conjugation of the elements of the group.

Sage has a permutation group method .center() which returns the

subgroup of fixed points. The permutation group method,
.centralizer(g) , returns a subgroup that is the stabilizer of the
group element g . Finally, the orbits are given by conjugacy classes, but
Sage will not flood you with the full conjugacy classes and instead gives
back a list of one element per conjugacy class, the representatives, via the
permutation group method
.conjugacy_classes_representatives() . You can manually
reconstruct a conjugacy class from a representative, as we do in the
example below.

Here is an example of the above commands in action. Notice that an abelian

group would be a bad choice for this example.

D = DihedralGroup(8)
C = D.center(); C

Subgroup generated by [(1,5)(2,6)(3,7)(4,8)]

of (Dihedral group of order 16 as a permutation group)

C.list()

[(), (1,5)(2,6)(3,7)(4,8)]

a = D("(1,2)(3,8)(4,7)(5,6)")
C1 = D.centralizer(a); C1.list()

[(), (1,2)(3,8)(4,7)(5,6), (1,5)(2,6)(3,7)(4,8), (1,6)(2,5)

(3,4)(7,8)]

b = D("(1,2,3,4,5,6,7,8)")
C2 = D.centralizer(b); C2.order()

CCR = D.conjugacy_classes_representatives(); CCR

[(), (2,8)(3,7)(4,6), (1,2)(3,8)(4,7)(5,6), (1,2,3,4,5,6,7,8),

(1,3,5,7)(2,4,6,8), (1,4,7,2,5,8,3,6), (1,5)(2,6)(3,7)(4,8)]
 r = CCR[2]; r

(1,2)(3,8)(4,7)(5,6)

conj = []
x = [conj.append(g^-1*r*g) for g in D if not g^-1*r*g in conj]
conj

[(1,2)(3,8)(4,7)(5,6),
(1,6)(2,5)(3,4)(7,8),
(1,8)(2,7)(3,6)(4,5),
(1,4)(2,3)(5,8)(6,7)]

Notice that in the one conjugacy class constructed all the elements have the
same cycle structure, which is no accident. Notice too that rep and a
are the same element, and the product of the order of the centralizer ( ) and
the size of the conjugacy class ( ) equals the order of the group ( ), which
is a variant of the conclusion of Theorem 14.11.

Verify that the following is a demonstration of the class equation in the

special case when the action is conjugation, but would be valid for any
group, rather than just D .

sizes = [D.order()/D.centralizer(g).order()
for g in D.conjugacy_classes_representatives()]
sizes

[1, 4, 4, 2, 2, 2, 1]

D.order() == sum(sizes)

True
Graph Automorphisms
As mentioned, group actions can be even more interesting when the set they
act on is different from the group itself. One class of examples is the group
of symmetries of a geometric solid, where the objects in the set are the
vertices of the object, or perhaps some other aspect such as edges, faces or
diagonals. In this case, the group is all those permutations that move the
solid but leave it filling the same space before the motion (“rigid motions”).

In this section we will examine something very similar. A graph is a

mathematical object, consisting of vertices and edges, but the only structure
is whether or not any given pair of vertices are joined by an edge or not.
The group consists of permutations of vertices that preserve the structure,
that is, permutations of vertices that take edges to edges and non-edges to
non-edges. It is very similar to a symmetry group, but there is no notion of
any geometric relationships being preserved.

Here is an example. You will need to run the first compute cell to define the
graph and get a nice graphic representation.

Q = graphs.CubeGraph(3)
Q.plot(layout='spring')

A = Q.automorphism_group()
A.order()

48

Your plot should look like the vertices and edges of a cube, but may not
quite look regular, which is fine, since the geometry is not relevant. Vertices
are labeled with strings of three binary digits, or , and any two vertices
are connected by an edge if their strings differ in exactly one location. We
might expect the group of symmetries to have order , rather than order
, given its resemblance to a cube (in appearance and in name). However,
when not restricted to rigid motions, we have new permutations that
preserve edges. One in particular is to interchange two “opposite faces.”
Locate two -cycles opposite of each other, listed in the same order:
and . Notice that each cycle looks
very similar, but all the vertices of the first end in a zero and the second
cycle has vertices ending in a one.

We can create explicitly the permutation that interchanges these two

opposite faces, using a text version of the permutation in cycle notation.

a = A("('000','001')('010','011')('110','111')('100','101')")
a in A

True

We can use this group to illustrate the relevant Sage commands for group
actions.

A.orbits()

[['000', '001', '010', '100', '011', '101', '110', '111']]

len(A.orbits()[0])

So this action has only one (big) orbit. This implies that every vertex is
“like” any other. When a permutation group behaves this way, we say the
group is transitive.

A.is_transitive()
 True

If every vertex is “the same” we can compute the stabilizer of any vertex,
since they will all be isomorphic. Because vertex is the simplest in
some sense, we compute its stabilizer.

S = A.stabilizer('000')
S.list()

[(),
('001','010','100')('011','110','101'),
('001','100','010')('011','101','110'),
('010','100')('011','101'),
('001','010')('101','110'),
('001','100')('011','110')]

That S has elements is no surprise, since the group has order and the
size of the lone orbit is . But we can go one step further. The three vertices
of the graph attached directly to are , , . Any
automorphism of the graph that fixes must then permute the three
adjacent vertices. There are possible ways to do this, and you can
check that each appears in one of the six elements of the stabilizer. So we
can understand a transitive group by considering the smaller stabilizer, and
in this case we can see that each element of the stabilizer is determined by
how it permutes the neighbors of the stabilized vertex.

Transitive groups are both unusual and important. To contrast, here is a

graph automorphism group that is far from transitive (without being trivial).
A path is a graph that has all of its vertices in a line. Run the first compute
cell to see a path on vertices.

P = graphs.PathGraph(11)
P.plot()
 A = P.automorphism_group()
A.list()

[(), (0,10)(1,9)(2,8)(3,7)(4,6)]

The automorphism group is the trivial identity automorphism (always) and

an order permutation that “flips” the path end-to-end. The group is far
from transitive and there are many orbits.

A.is_transitive()

False

A.orbits()

[[0, 10], [1, 9], [2, 8], [3, 7], [4, 6], [5]]

Most of the stabilizers are trivial, with one exception. As subgroups of a

group of order , there really are not too many options.

A.stabilizer(2).list()

[()]

A.stabilizer(5).list()

[(), (0,10)(1,9)(2,8)(3,7)(4,6)]

How would this final example have been different if we had used a path on
vertices?

NOTE: There was once a small bug with stabilizers being created as
subgroups of symmetric groups on fewer symbols than the correct number.
This is fixed in Sage 4.8 and newer. Note the correct output below, and you
can check your installation by running these commands. If you do not see
the singleton [4] in your output, you should definitely update your copy
of Sage.

G = SymmetricGroup(4)
S = G.stabilizer(4)
S.orbits()

[[1, 2, 3], [4]]

OceanofPDF.com
14.9 Sage Exercises
1. Construct the Higman-Sims graph with the command
graphs.HigmanSimsGraph() . Then construct the automorphism
group and determine the order of the one interesting normal subgroup of
this group. You can try plotting the graph, but the graphic is unlikely to be
very informative.

2. This exercise asks you to verify the class equation outside of the usual
situation where the group action is conjugation. Consider the example of
the automorphism group of the path on vertices. First construct the list
of orbits. From each orbit, grab the first element of the orbit as a
representative. Compute the size of the orbit as the index of the stabilizer of
the representative in the group via Theorem 14.11. (Yes, you could just
compute the size of the full orbit, but the idea of the exercise is to use more
group-theoretic results.) Then sum these orbit-sizes, which should equal the
size of the whole vertex set since the orbits form a partition.

3. Construct a simple graph (no loops or multiple edges), with at least two
vertices and at least one edge, whose automorphism group is trivial. You
might start experimenting by drawing pictures on paper before constructing
the graph. A command like the following will let you construct a graph
from edges. The graph below looks like a triangle or -cycle.

G = Graph([(1,2), (2,3), (3,1)])

G.plot()

4. For the following two pairs of groups, compute the list of conjugacy
class representatives for each group in the pair. For each part, compare and
contrast the results for the two groups in the pair, with thoughtful and
insightful comments.
 a. The full symmetric group on 5 symbols, , and the alternating
group on 5 symbols, .
b. The dihedral groups that are symmetries of a -gon and an -gon,
and .

5. Use the command graphs.CubeGraph(4) to build the four-

dimensional cube graph, . Using a plain .plot() command
(without a spring layout) should create a nice plot. Construct the
automorphism group of the graph, which will provide a group action on the
vertex set.

a. Construct the orbits of this action, and comment.

b. Construct a stabilizer of a single vertex (which is a subgroup of the
full automorphism group) and then consider the action of this group
on the vertex set. Construct the orbits of this new action, and
comment carefully and fully on your observations, especially in terms
of the vertices of the graph.

6. Build the graph given by the commands below. The result should be a
symmetric-looking graph with an automorphism group of order .

G = graphs.CycleGraph(8)
G.add_edges([(0,2),(1,3),(4,6),(5,7)])
G.plot()

Repeat the two parts of the previous exercise, but realize that in the second
part there are now two different stabilizers to create, so build both and
compare the differences in the stabilizers and their orbits. Creating a second
plot with G.plot(layout='planar') might provide extra insight.

OceanofPDF.com
Chapter 15 The Sylow Theorems
We already know that the converse of Lagrange's Theorem is false. If is a
group of order and divides , then does not necessarily possess a
subgroup of order . For example, has order but does not possess a
subgroup of order . However, the Sylow Theorems do provide a partial
converse for Lagrange's Theorem—in certain cases they guarantee us
subgroups of specific orders. These theorems yield a powerful set of tools
for the classification of all finite nonabelian groups.

OceanofPDF.com
15.1 The Sylow Theorems
We will use what we have learned about group actions to prove the Sylow
Theorems. Recall for a moment what it means for to act on itself by
conjugation and how conjugacy classes are distributed in the group
according to the class equation, discussed in Chapter 14. A group acts on
itself by conjugation via the map . Let be
representatives from each of the distinct conjugacy classes of that consist
of more than one element. Then the class equation can be written as

where is the center of

and is the centralizer subgroup of .

We begin our investigation of the Sylow Theorems by examining subgroups

of order , where is prime. A group is a -group if every element in
has as its order a power of , where is a prime number. A subgroup of a
group is a -subgroup if it is a -group.

Theorem 15.1. Cauchy. Let be a finite group and a prime such

that divides the order of . Then contains a subgroup of order .

Proof. We will use induction on the order of . If , then clearly

itself is the required subgroup. We now assume that every group of order ,
where and divides , has an element of order . Assume that
and and consider the class equation of :

We have two cases.

Case 1. Suppose the order of one of the centralizer subgroups, , is
divisible by for some , . In this case, by our induction
hypothesis, we are done. Since is a proper subgroup of and
divides , must contain an element of order . Hence,
must contain an element of order .

Case 2. Suppose the order of no centralizer subgroup is divisible by .

Then divides , the order of each conjugacy class in the class
equation; hence, must divide the center of , . Since is
abelian, it must have a subgroup of order by the Fundamental Theorem of
Finite Abelian Groups. Therefore, the center of contains an element of
order .

Corollary 15.2. Let be a finite group. Then is a -group if and only

if .

Example 15.3. Let us consider the group . We know that

. By Cauchy's Theorem, we are guaranteed that
has subgroups of orders , and . The Sylow Theorems will give us
even more information about the possible subgroups of .

We are now ready to state and prove the first of the Sylow Theorems. The
proof is very similar to the proof of Cauchy's Theorem.

Theorem 15.4. First Sylow Theorem. Let be a finite group and

a prime such that divides . Then contains a subgroup of order
.
Proof. We induct on the order of once again. If , then we are
done. Now suppose that the order of is with and that the
theorem is true for all groups of order less than , where divides . We
shall apply the class equation once again:

First suppose that does not divide for some . Then

, since divides . Now we can
apply the induction hypothesis to .

Hence, we may assume that divides for all . Since

divides , the class equation says that must divide ; hence, by
Cauchy's Theorem, has an element of order , say . Let be the
group generated by . Clearly, is a normal subgroup of since
is abelian; therefore, is normal in since every element in
commutes with every element in . Now consider the factor group
of order . By the induction hypothesis, contains a subgroup
of order . The inverse image of under the canonical homomorphism
is a subgroup of order in .

A Sylow -subgroup of a group is a maximal -subgroup of . To

prove the other two Sylow Theorems, we need to consider conjugate
subgroups as opposed to conjugate elements in a group. For a group , let
be the collection of all subgroups of . For any subgroup , is a -
set, where acts on by conjugation. That is, we have an action

defined by
for in .

The set

is a subgroup of called the the normalizer of in . Notice that is a

normal subgroup of . In fact, is the largest subgroup of in
which is normal.

Lemma 15.5. Let be a Sylow -subgroup of a finite group and let

have as its order a power of . If , then .

Proof. Certainly , and the cyclic subgroup,

, has as its order a power of . By the Correspondence
Theorem there exists a subgroup of containing such that
. Since , the order of must be a
power of . However, is a Sylow -subgroup contained in . Since the
order of is the largest power of dividing , . Therefore,
is the trivial subgroup and , or .

Lemma 15.6. Let and be subgroups of . The number of distinct

-conjugates of is .

Proof. We define a bijection between the conjugacy classes of and the

right cosets of by . To show that
this map is a bijection, let and suppose that
. Then .
Therefore, or , and the map
is an injection. It is easy to see that this map is surjective; hence, we have a
one-to-one and onto map between the -conjugates of and the right
cosets of in .

Theorem 15.7. Second Sylow Theorem. Let be a finite group and

a prime dividing . Then all Sylow -subgroups of are conjugate.
That is, if and are two Sylow -subgroups, there exists a
such that .

Proof. Let be a Sylow -subgroup of and suppose that

with . Let

consist of the distinct conjugates of in . By Lemma 15.6,

. Notice that

Since divides , cannot divide .

Given any other Sylow -subgroup , we must show that .

Consider the -conjugacy classes of each . Clearly, these conjugacy
classes partition . The size of the partition containing is
by Lemma 15.6, and Lagrange's Theorem tells us that
. Thus, must be
a divisor of . Hence, the number of conjugates in every
equivalence class of the partition is a power of . However, since does not
divide , one of these equivalence classes must contain only a single Sylow
-subgroup, say . In this case, for all . By
Lemma 15.5, .
 Theorem 15.8. Third Sylow Theorem. Let be a finite group and
let be a prime dividing the order of . Then the number of Sylow -
subgroups is congruent to and divides .

Proof. Let be a Sylow -subgroup acting on the set of Sylow -

subgroups,

by conjugation. From the proof of the Second Sylow Theorem, the only -
conjugate of is itself and the order of the other -conjugacy classes is a
power of . Each -conjugacy class contributes a positive power of
toward except the equivalence class . Since is the sum of
positive powers of and , .

Now suppose that acts on by conjugation. Since all Sylow -

subgroups are conjugate, there can be only one orbit under this action. For
,

by Lemma 15.6. But is a divisor of ; consequently, the

number of Sylow -subgroups of a finite group must divide the order of the
group.

Historical Note
Peter Ludvig Mejdell Sylow was born in 1832 in Christiania, Norway (now
Oslo). After attending Christiania University, Sylow taught high school. In
1862 he obtained a temporary appointment at Christiania University. Even
though his appointment was relatively brief, he influenced students such as
Sophus Lie (1842–1899). Sylow had a chance at a permanent chair in 1869,
but failed to obtain the appointment. In 1872, he published a 10-page paper
presenting the theorems that now bear his name. Later Lie and Sylow
collaborated on a new edition of Abel's works. In 1898, a chair at
Christiania University was finally created for Sylow through the efforts of
his student and colleague Lie. Sylow died in 1918.

OceanofPDF.com
15.2 Examples and Applications
Example 15.9. Using the Sylow Theorems, we can determine that
has subgroups of orders , , , and . The Sylow -subgroups of
have orders , , and . The Third Sylow Theorem tells us exactly how
many Sylow -subgroups has. Since the number of Sylow -
subgroups must divide and also be congruent to , there are
either one or six Sylow -subgroups in . All Sylow -subgroups are
conjugate. If there were only a single Sylow -subgroup, it would be
conjugate to itself; that is, it would be a normal subgroup of . Since
has no normal subgroups, this is impossible; hence, we have determined
that there are exactly six distinct Sylow -subgroups of .

The Sylow Theorems allow us to prove many useful results about finite
groups. By using them, we can often conclude a great deal about groups of
a particular order if certain hypotheses are satisfied.

Theorem 15.10. If and are distinct primes with , then every

group of order has a single subgroup of order and this subgroup is
normal in . Hence, cannot be simple. Furthermore, if
, then is cyclic.
Proof. We know that contains a subgroup of order . The number of
conjugates of divides and is equal to for .
However, is already too large to divide the order of the group; hence,
can only be conjugate to itself. That is, must be normal in .

The group also has a Sylow -subgroup, say . The number of

conjugates of must divide and be equal to for .
Since is prime, either or . If , then
is normal in . In this case, we can easily show that satisfies the
criteria, given in Chapter 9, for the internal direct product of and .
Since is isomorphic to and is isomorphic to ,
by Theorem 9.21.

Example 15.11. Every group of order is cyclic. This is true because

and .

Example 15.12. Let us classify all of the groups of order

up to isomorphism. First we will show that every group of order is
abelian. By the Third Sylow Theorem, there are Sylow -
subgroups, each of order , for some . Also, must
divide ; hence, there can only be a single normal Sylow -subgroup
in . Similarly, there are Sylow -subgroups and
must divide . Consequently, there is only one Sylow -subgroup in
. By Corollary 14.16, any group of order is abelian for prime; hence,
is isomorphic either to or to . Since has order , it
must be isomorphic to . Therefore, the only possible groups of order
are or up to isomorphism.

To determine all of the groups of order , we need the

following theorem.

Theorem 15.13. Let be the subgroup

consisting of all finite products of elements of the form in a
group . Then is a normal subgroup of and is abelian.

The subgroup of is called the commutator subgroup of . We leave

the proof of this theorem as an exercise (Exercise 10.4.14 in Chapter 10).
 Example 15.14. We will now show that every group of order
is abelian, and cyclic by Theorem 9.21. By the Third
Sylow Theorem, has only one subgroup of order . So has
order 35 and must be abelian by Theorem 15.10. Hence, the commutator
subgroup of is contained in which tells us that is either or .
If , we are done. Suppose that . The Third Sylow
Theorem tells us that has only one subgroup of order and one
subgroup of order . So there exist normal subgroups and in ,
where and . In either case the quotient group is
abelian; hence, must be a subgroup of , . Therefore, the
order of is , , or . However, we already have determined that
or . So the commutator subgroup of is trivial, and
consequently is abelian.

Finite Simple Groups

Given a finite group, one can ask whether or not that group has any normal
subgroups. Recall that a simple group is one with no proper nontrivial
normal subgroups. As in the case of , proving a group to be simple can
be a very difficult task; however, the Sylow Theorems are useful tools for
proving that a group is not simple. Usually, some sort of counting argument
is involved.

Example 15.15. Let us show that no group of order can be simple.

By the Third Sylow Theorem, contains one or more Sylow -
subgroups. The number of such subgroups is congruent to
and must also divide . The only possible such number is . Since there
is only a single Sylow -subgroup and all Sylow -subgroups are
conjugate, this subgroup must be normal.
 Example 15.16. Let be a finite group of order , and
prime. By Theorem 14.15, has a nontrivial center. Since the center of
any group is a normal subgroup, cannot be a simple group.
Therefore, groups of orders , , , , , , , , , and are
not simple. In fact, the groups of order , , , and are abelian by
Corollary 14.16.

Example 15.17. No group of order is simple. We have seen

that if we can show that there is only one Sylow -subgroup for some
prime dividing 56, then this must be a normal subgroup and we are
done. By the Third Sylow Theorem, there are either one or eight Sylow -
subgroups. If there is only a single Sylow -subgroup, then it must be
normal.

On the other hand, suppose that there are eight Sylow -subgroups. Then
each of these subgroups must be cyclic; hence, the intersection of any two
of these subgroups contains only the identity of the group. This leaves
distinct elements in the group, each of order . Now let us
count Sylow -subgroups. There are either one or seven Sylow -
subgroups. Any element of a Sylow -subgroup other than the identity
must have as its order a power of ; and therefore cannot be one of the
elements of order in the Sylow -subgroups. Since a Sylow -subgroup
has order , there is only enough room for a single Sylow -subgroup in a
group of order . If there is only one Sylow -subgroup, it must be
normal.

For other groups , it is more difficult to prove that is not simple.

Suppose has order . In this case the technique that we employed in the
last example will not work. We need the following lemma to prove that no
group of order is simple.
 Lemma 15.18. Let and be finite subgroups of a group . Then

Proof. Recall that

Certainly, since some element in could be written

as the product of different elements in and . It is quite possible that
for and . If this is the case, let

Notice that , since is in and is in ;

consequently,

Conversely, let and for . Then

, where and . Hence, any element
can be written in the form for and , as many times as
there are elements in ; that is, times. Therefore,
.

Example 15.19. To demonstrate that a group of order is not

simple, we will show that contains either a normal subgroup of order
or a normal subgroup of order . By the Third Sylow Theorem, has
 either one or three Sylow -subgroups of order . If there is only one
subgroup, then it must be a normal subgroup.

Suppose that the other case is true, and two of the three Sylow -
subgroups are and . We claim that . If ,
then by Lemma 15.18,

which is impossible. Notice that has index two in both of and

, so is normal in both, and thus and are each in the normalizer of
. Because is a subgroup of and because
has strictly more than elements, must be a
multiple of greater than , as well as dividing . The only possibility
is that . Hence, .

The following famous conjecture of Burnside was proved in a long and

difficult paper by Feit and Thompson [2].

Theorem 15.20. Odd Order Theorem. Every finite simple group of

nonprime order must be of even order.

The proof of this theorem laid the groundwork for a program in the 1960s
and 1970s that classified all finite simple groups. The success of this
program is one of the outstanding achievements of modern mathematics.

OceanofPDF.com
15.3 Reading Questions
1. State Sylow's First Theorem.

2. How many groups are there of order ? Why?

3. Give two descriptions, fundamentally different in character, of the

normalizer of a subgroup.

4. Suppose that is an abelian group. What is the commutator subgroup of

, and how do you know?

5. What's all the fuss about Sylow's Theorems?

OceanofPDF.com
15.4 Exercises
1. What are the orders of all Sylow -subgroups where has order , ,
, , and ?

2. Find all the Sylow -subgroups of and show that they are all
conjugate.

3. Show that every group of order has a normal subgroup of order .

4. Let be a Sylow -subgroup of . Prove that is the only Sylow -

subgroup of contained in .

5. Prove that no group of order is simple.

6. Prove that no group of order is simple.

7. If is a normal subgroup of a finite group and for some

prime , show that is contained in every Sylow -subgroup of .

8. Let be a group of order , where and are distinct primes such

that and . Prove that must be abelian. Find a pair
of primes for which this is true.

9. Show that a group of order has only one Sylow -subgroup.

10. Let be a subgroup of a group . Prove or disprove that the

normalizer of is normal in .
11. Let be a finite group whose order is divisible by a prime . Prove
that if there is only one Sylow -subgroup in , it must be a normal
subgroup of .

12. Let be a group of order , prime. Prove that contains a normal

subgroup of order .

13. Suppose that is a finite group of order , where . Show that

must contain a normal subgroup.

14. Let be a subgroup of a finite group . Prove that

for any .

15. Prove that a group of order must have a normal subgroup.

16. Classify all the groups of order up to isomorphism.

17. Show that every group of order is cyclic.

18. Let have order and suppose that has Sylow -

subgroups where . Prove that is isomorphic to
.

19. Let be a normal Sylow -subgroup of . Prove that every inner

automorphism of fixes .

20. What is the smallest possible order of a group such that is

nonabelian and is odd? Can you find such a group?
21. The Frattini Lemma. If is a normal subgroup of a finite group
and is a Sylow -subgroup of , for each show that there is an
in such that . Also, show that if is the normalizer
of , then .

22. Show that if the order of is , where and are primes and
, then contains a normal subgroup.

23. Prove that the number of distinct conjugates of a subgroup of a finite

group is .

24. Prove that a Sylow -subgroup of is isomorphic to .

25. Another Proof of the Sylow Theorems.

a. Suppose is prime and does not divide . Show that

b. Let denote the set of all element subsets of . Show that does
not divide .

c. Define an action of on by left multiplication,

for and . Prove that this is a
group action.

d. Prove for some .

 e. Let be an orbit such that and
. Prove that is a subgroup of and
show that .

f. Show that divides and .

g. Show that ; conclude that therefore .

26. Let be a group. Prove that is a

normal subgroup of and is abelian. Find an example to show that
is not necessarily a group.

OceanofPDF.com
15.5 A Project
The main objective of finite group theory is to classify all possible finite
groups up to isomorphism. This problem is very difficult even if we try to
classify the groups of order less than or equal to . However, we can break
the problem down into several intermediate problems. This is a challenging
project that requires a working knowledge of the group theory you have
learned up to this point. Even if you do not complete it, it will teach you a
great deal about finite groups. You can use Table 15.21 as a guide.
Table 15.21. Numbers of distinct groups ,
Order Number Order Number Order Number Order Number
?
?
? ?
? ? ? ?
?
? ? ?
? ?
? ? ?
? ?
?
? ?
?
? ? ?
?
?

1. Find all simple groups ( ). Do not use the Odd Order

Theorem unless you are prepared to prove it.

2. Find the number of distinct groups , where the order of is for

.
3. Find the actual groups (up to isomorphism) for each .
OceanofPDF.com
15.6 References and Suggested
Readings
[1] Edwards, H. “A Short History of the Fields Medal,” Mathematical
Intelligencer 1 (1978), 127–29.

[2] Feit, W. and Thompson, J. G. “Solvability of Groups of Odd Order,”

Pacific Journal of Mathematics 13 (1963), 775–1029.

[3] Gallian, J. A. “The Search for Finite Simple Groups,” Mathematics

Magazine 49 (1976), 163–79.

[4] Gorenstein, D. “Classifying the Finite Simple Groups,” Bulletin of

the American Mathematical Society 14 (1986), 1–98.

[5] Gorenstein, D. Finite Groups. AMS Chelsea Publishing, Providence

RI, 1968.

[6] Gorenstein, D., Lyons, R., and Solomon, R. The Classification of

Finite Simple Groups. American Mathematical Society, Providence
RI, 1994.

OceanofPDF.com
15.7 Sage
Sylow Subgroups
The Sage permutation group method .sylow_subgroup(p) will
return a single Sylow -subgroup. If the prime is not a proper divisor of the
group order it returns a subgroup of order , in other words, a trivial
subgroup. So be careful about how you construct your primes. Sometimes,
you may only want one such Sylow subgroup, since any two Sylow -
subgroups are conjugate, and hence isomorphic (Theorem 15.7). This also
means we can create other Sylow -subgroups by conjugating the one we
have. The permutation group method .conjugate(g) will conjugate
the group by g .

With repeated conjugations of a single Sylow -subgroup, we will always

create duplicate subgroups. So we need to use a slightly complicated
construction to form a list of just the unique subgroups as the list of
conjugates. This routine that computes all Sylow -subgroups can be
helpful throughout this section. It could be made much more efficient by
conjugating by just one element per coset of the normalizer, but it will be
sufficient for our purposes here. Be sure to execute the next cell if you are
online, so the function is defined for use later.

def all_sylow(G, p):

'''Form the set of all distinct Sylow p-subgroups of G'''
scriptP = []
P = G.sylow_subgroup(p)
for x in G:
H = P.conjugate(x)
if not(H in scriptP):
scriptP.append(H)
return scriptP

Lets investigate the Sylow subgroups of the dihedral group . As a

group of order , we know by the First Sylow Theorem that
there is a Sylow -subgroup of order and a Sylow -subgroup of order .
First for , we obtain one Sylow -subgroup, form all the conjugates,
and form a list of non-duplicate subgroups. (These commands take a while
to execute, so be patient.)

G = DihedralGroup(18)
S2 = G.sylow_subgroup(2); S2

Subgroup generated by
[(2,18)(3,17)(4,16)(5,15)(6,14)(7,13)(8,12)(9,11),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)]
of (Dihedral group of order 36 as a permutation group)

uniqS2 = all_sylow(G, 2)
uniqS2

[Permutation Group with generators

[(2,18)(3,17)(4,16)(5,15)(6,14)(7,13)(8,12)(9,11),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)],
Permutation Group with generators
[(1,7)(2,6)(3,5)(8,18)(9,17)(10,16)(11,15)(12,14),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)],
Permutation Group with generators
[(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18),
(1,13)(2,12)(3,11)(4,10)(5,9)(6,8)(14,18)(15,17)],
Permutation Group with generators
[(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18),
(1,15)(2,14)(3,13)(4,12)(5,11)(6,10)(7,9)(16,18)],
Permutation Group with generators
[(1,3)(4,18)(5,17)(6,16)(7,15)(8,14)(9,13)(10,12),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)],
Permutation Group with generators
[(1,9)(2,8)(3,7)(4,6)(10,18)(11,17)(12,16)(13,15),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)],
Permutation Group with generators
[(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18),
(1,11)(2,10)(3,9)(4,8)(5,7)(12,18)(13,17)(14,16)],
Permutation Group with generators
[(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18),
(1,17)(2,16)(3,15)(4,14)(5,13)(6,12)(7,11)(8,10)],
Permutation Group with generators
[(1,5)(2,4)(6,18)(7,17)(8,16)(9,15)(10,14)(11,13),
(1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)]]
 len(uniqS2)

The Third Sylow Theorem tells us that for we would expect or

Sylow -subgroups, so our computational result of subgroups is
consistent with what the theory predicts. Can you visualize each of these
subgroups as symmetries of an -gon? Notice that we also have many
subgroups of order inside of these subgroups of order .

Now for the case of .

G = DihedralGroup(18)
S3 = G.sylow_subgroup(3); S3

Subgroup generated by
[(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18),
(1,15,11,7,3,17,13,9,5)(2,16,12,8,4,18,14,10,6)]
of (Dihedral group of order 36 as a permutation group)

uniqS3 = all_sylow(G, 3)
uniqS3

[Permutation Group with generators

[(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18),
(1,15,11,7,3,17,13,9,5)(2,16,12,8,4,18,14,10,6)]]

len(uniqS3)

What does the Third Sylow Theorem predict? Just or Sylow -

subgroups. Having found just one subgroup computationally, we know that
all of the conjugates of the lone Sylow -subgroup are equal. In other
words, the Sylow -subgroup is normal in . Let us check anyway.

S3.is_normal(G)

True

At least one of the subgroups of order contained in this Sylow -subgroup

should be obvious by looking at the orders of the generators, and then you
may even notice that the generators given could be reduced, and one is a
power of the other.

S3.is_cyclic()

True

Remember that there are many other subgroups, of other orders. For
example, can you construct a subgroup of order in ?

Normalizers
A new command that is relevant to this section is the construction of a
normalizer. The Sage command G.normalizer(H) will return the
subgroup of G containing elements that normalize the subgroup H . We
illustrate its use with the Sylow subgroups from above.

G = DihedralGroup(18)
S2 = G.sylow_subgroup(2)
S3 = G.sylow_subgroup(3)
N2 = G.normalizer(S2); N2

Subgroup generated by
[(2,18)(3,17)(4,16)(5,15)(6,14)(7,13)(8,12)(9,11),
 (1,10)(2,11)(3,12)(4,13)(5,14)(6,15)(7,16)(8,17)(9,18)]
of (Dihedral group of order 36 as a permutation group)

N2 == S2

True

N3 = G.normalizer(S3); N3

Subgroup generated by
[(2,18)(3,17)(4,16)(5,15)(6,14)(7,13)(8,12)(9,11),
(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18),
(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18),
(1,15,11,7,3,17,13,9,5)(2,16,12,8,4,18,14,10,6)]
of (Dihedral group of order 36 as a permutation group)

N3 == G

True

The normalizer of a subgroup always contains the whole subgroup, so the

normalizer of S2 is as small as possible. We already knew S3 is
normal in G , so it is no surprise that its normalizer is as big as possible —
every element of G normalizes S3 . Let us compute a normalizer in
that is more “interesting.”

G = DihedralGroup(18)
a = G("(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18)")
b = G("(1,5)(2,4)(6,18)(7,17)(8,16)(9,15)(10,14)(11,13)")
H = G.subgroup([a, b])
H.order()

N = G.normalizer(H)
N
 Subgroup generated by
[(1,2)(3,18)(4,17)(5,16)(6,15)(7,14)(8,13)(9,12)(10,11),
(1,5)(2,4)(6,18)(7,17)(8,16)(9,15)(10,14)(11,13),
(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18)]
of (Dihedral group of order 36 as a permutation group)

N.order()

12

So for this subgroup of order , the normalizer is strictly bigger than the
subgroup, but still strictly smaller than the whole group (and hence not
normal in the dihedral group). Trivially, a subgroup is normal in its
normalizer:

H.is_normal(G)

False

H.is_normal(N)

True

Finite Simple Groups

We saw earlier Sage's permutation group method .is_simple() .
Example 15.16 tells us that a group of order is never simple. The
dicyclic group DiCyclicGroup(16) is a non-abelian group of , so
we can test this method on this group. It turns out this group has many
normal subgroups — the list will always contain the trivial subgroup and
the group itself, so any number exceeding indicates a non-trivial normal
subgroup.
DC=DiCyclicGroup(16)
DC.order()

64

DC.is_simple()

False

ns = DC.normal_subgroups()
len(ns)

Here is a rather interesting group, one of the sporadic simple groups,

known as the Higman-Sims group, . The generators used below come
from the representation on 100 points in GAP format, available off of
web.mat.bham.ac.uk/atlas/v2.0/spor/HS/13. Two generators of just order
and order (as you can esily see), generating exactly elements,
but no normal subgroups. Amazing.

G = SymmetricGroup(100)
a = G([(1,60), (2,72), (3,81), (4,43), (5,11), (6,87),
(7,34), (9,63), (12,46), (13,28), (14,71), (15,42),
(16,97), (18,57), (19,52), (21,32), (23,47), (24,54),
(25,83), (26,78), (29,89), (30,39), (33,61), (35,56),
(37,67), (44,76), (45,88), (48,59), (49,86), (50,74),
(51,66), (53,99), (55,75), (62,73), (65,79), (68,82),
(77,92), (84,90), (85,98), (94,100)])
b = G([(1,86,13,10,47), (2,53,30,8,38),
(3,40,48,25,17), (4,29,92,88,43), (5,98,66,54, 65),
(6,27,51,73,24), (7,83,16,20,28), (9,23,89,95,61),
(11,42,46,91,32), (12,14, 81,55,68), (15,90,31,56,37),
(18,69,45,84,76), (19,59,79,35,93),
(21,22,64,39,100),
(26,58,96,85,77), (33,52,94,75,44), (34,62,87,78,50),
(36,82,60,74,72), (41,80,70,49,67),
(57,63,71,99,97)])
a.order(), b.order()
 (2, 5)

HS = G.subgroup([a, b])
HS.order()

44352000

HS.is_simple()

True

We saw this group earlier in the exercises for Chapter 14 on group actions,
where it was the single non-trivial normal subgroup of the automorphism
group of the Higman-Sims graph, hence its name.

GAP Console and Interface

This concludes our exclusive study of group theory, though we will be
using groups some in the subsequent sections. As we have remarked, much
of Sage's computation with groups is performed by the open source
program, “Groups, Algorithms, and Programming,” which is better know as
simply GAP. If after this course you outgrow Sage's support for groups,
then learning GAP would be your next step as a group theorist. Every copy
of Sage includes a copy of GAP and is easy to see which version of GAP is
included:

gap.version()

'4.11.1'
You can interact with GAP in Sage in several ways. The most direct is by
creating a permutation group via Sage's gap() command.

G = gap('Group( (1,2,3,4,5,6), (1,3,5) )')

G

Group( [ (1,2,3,4,5,6), (1,3,5) ] )

Now we can use most any GAP command with G , via the convention that
most GAP commands expect a group as the first argument, and we instead
provide the group by using the object-oriented G. syntax. If you consult
the GAP documentation you will see that Center is a GAP command
that expects a group as its lone argument, and Centralizer is a GAP
command that expects two arguments — a group and then a group element.

G.Center()

Group( [ (1,3,5)(2,4,6) ] )

G.Centralizer('(1, 3, 5)')

Group( [ (1,3,5), (2,4,6), (1,3,5)(2,4,6) ] )

If you use the Sage Notebook interface you can set the first line of a
compute cell to %gap and the entire cell will be interpreted as if you were
interacting directly with GAP. This means you would now use GAP's
syntax, which you can see above is slightly different than Sage's universal
syntax. You can also use the drop-down box at the top of a worksheet, and
select gap as the system (rather than sage ) and your whole
worksheet will be interpreted as GAP commands. Here is one simple
example, which you should be able to evaluate in your current worksheet.
This particular example will not run properly in a Sage Cell in a web page
version of this section.

%gap
G := Group( (1,2,3,4,5,6), (1,3,5) );
Centralizer(G, (1,3,5));

Notice that

We do not need to wrap the individual permutations in as many

quotation marks as we do in Sage.
Assignment is := not = . If you forget the colon, you will get an
error message such as Variable: 'G' must have a value
A line must end with a semi-colon. If you forget, several lines will be
merged together.

You can get help about GAP commands with a command such as the
following, though you will soon see that GAP assumes you know a lot more
algebra than Sage assumes you know.

print(gap.help('SymmetricGroup', pager=False))

In the command-line version of Sage, you can also use the GAP “console.”
Again, you need to use GAP syntax, and you do not have many of the
conveniences of the Sage notebook. It is also good to know in advance that
quit; is how you can leave the GAP console and get back to Sage. If
you run Sage at the command-line, use the command gap_console()
to start GAP running.

It is a comfort to know that with Sage you get a complete copy of GAP,
installed and all ready to run. However, this is not a tutorial on GAP, so
consult the documentation available at the main GAP website: www.gap-
system.org14 to learn how to get the most out of GAP.

OceanofPDF.com
15.8 Sage Exercises
1. This exercise verifies Theorem 15.13. The commutator subgroup is
computed with the permutation group method .commutator() . For
the dihedral group of order , ( DihedralGroup(20) in Sage),
compute the commutator subgroup and form the quotient with the dihedral
group. Then verify that this quotient is abelian. Can you identify the
quotient group exactly (in other words, up to isomorphism)?

2. For each possible prime, find all of the distinct Sylow -subgroups of the
alternating group . Confirm that your results are consistent with the
Third Sylow Theorem for each prime. We know that is a simple group.
Explain how this would explain or predict some aspects of your answers.

Count the number of distinct elements contained in the union of all the
Sylow subgroups you just found. What is interesting about this count?

3. For the dihedral group (symmetries of a -gon) and each possible

prime, determine the possibilities for the number of distinct Sylow -
subgroups as predicted by the Third Sylow Theorem (Theorem 15.8). Now
compute the actual number of distinct Sylow -subgroups for each prime
and comment on the result.

It can be proved that any group with order is not a simple group, using
techniques such as those used in the later examples in this chapter. Discuss
this result in the context of your computations with Sage.

4. This exercise verifies Lemma 15.6. Let be the dihedral group of order
, . Let be the one Sylow -subgroup. Let be the subgroup of
order generated by the two permutations a and b given below. First,
form a list of the distinct conjugates of by the elements of , and
determine the number of subgroups in this list. Compare this with the index
given in the statement of the lemma, employing a single (long) statement
making use of the .order() , .normalizer() and
.intersection() methods with G , and , only.

G = DihedralGroup(18)
a = G("(1,7,13)(2,8,14)(3,9,15)(4,10,16)(5,11,17)(6,12,18)")
b = G("(1,5)(2,4)(6,18)(7,17)(8,16)(9,15)(10,14)(11,13)")

5. Example 15.19 shows that every group of order has a normal

subgroup. The dicyclic groups are an infinite family of non-abelian groups
with order , which includes the quaternions (the case of ). So the
permutation group DiCyclicGroup(12) has order 48. Use Sage to
follow the logic of the proof in Example 15.19 and construct a normal
subgroup in this group. (In other words, do not just ask for a list of the
normal subgroups from Sage, but instead trace through the implications in
the example to arrive at a normal subgroup, and then check your answer.)

6. The proofs of the Second and Third Sylow Theorems (Theorem 15.7,
Theorem 15.8) employ a group action on sets of Sylow -subgroups, For
the Second Theorem, the list is proposed as incomplete and is proved to be
all of the Sylow -subgroups. In this exercise we will see how these actions
behave, and how they are different when we use different groups acting on
the same set.

Construct the six Sylow -subgroups of the alternating group . This will
be the set of objects for both of our actions. Conjugating one of these Sylow
-subgroups by an element of will produce another Sylow -subgroup,
and so can be used to create a group action. For such an action, from each
group element form a Sage permutation of the subgroups by numbering the
six subgroups and using these integers as markers for the subgroups. You
will find the Python list method .index() very helpful. Now use all of
these permutations to generate a permutation group (a subgroup of ).
Finally, use permutation group methods for orbits and stabilisers, etc. to
explore the actions.

For the first action, use all of as the group. Show that the resulting
action is transitive. In other words, there is exactly one single orbit.

For the second action, use just one of the Sylow -subgroups as the group.
Write the class equation for this action in a format that suggests the
“congruent to mod ” part of the conclusion of the Third Theorem.

OceanofPDF.com
Chapter 16 Rings
Up to this point we have studied sets with a single binary operation
satisfying certain axioms, but we are often more interested in working with
sets that have two binary operations. For example, one of the most natural
algebraic structures to study is the integers with the operations of addition
and multiplication. These operations are related to one another by the
distributive property. If we consider a set with two such related binary
operations satisfying certain axioms, we have an algebraic structure called a
ring. In a ring we add and multiply elements such as real numbers, complex
numbers, matrices, and functions.

OceanofPDF.com
16.1 Rings
A nonempty set is a ring if it has two closed binary operations, addition
and multiplication, satisfying the following conditions.

1. for .

2. for .
3. There is an element in such that for all .
4. For every element , there exists an element in such that
.

5. for .
6. For ,

This last condition, the distributive axiom, relates the binary operations of
addition and multiplication. Notice that the first four axioms simply require
that a ring be an abelian group under addition, so we could also have defined
a ring to be an abelian group together with a second binary operation
satisfying the fifth and sixth conditions given above.

If there is an element such that and for each

element , we say that is a ring with unity or identity. A ring for
which for all in is called a commutative ring. A
commutative ring with identity is called an integral domain if, for every
such that , either or . A division ring is a ring
, with an identity, in which every nonzero element in is a unit; that is, for
each with , there exists a unique element such that
. A commutative division ring is called a field. The
relationship among rings, integral domains, division rings, and fields is
shown in Figure 16.1.

Figure 16.1. Types of rings

Example 16.2. As we have mentioned previously, the integers form a ring.

In fact, is an integral domain. Certainly if for two integers and
, either or . However, is not a field. There is no integer that
is the multiplicative inverse of , since is not an integer. The only
integers with multiplicative inverses are and .

Example 16.3. Under the ordinary operations of addition and

multiplication, all of the familiar number systems are rings: the rationals, ;
the real numbers, ; and the complex numbers, . Each of these rings is a
field.

Example 16.4. We can define the product of two elements and in

by . For instance, in , . This
product makes the abelian group into a ring. Certainly is a
 commutative ring; however, it may fail to be an integral domain. If we
consider in , it is easy to see that a product of
two nonzero elements in the ring can be equal to zero.

A nonzero element in a commutative ring is called a zero divisor if there

is a nonzero element in such that . In the previous example, and
are zero divisors in .

Example 16.5. In calculus the continuous real-valued functions on an

interval form a commutative ring. We add or multiply two functions
by adding or multiplying the values of the functions. If and
, then and
.

Example 16.6. The matrices with entries in form a ring under the
usual operations of matrix addition and multiplication. This ring is
noncommutative, since it is usually the case that . Also, notice
that we can have when neither nor is zero.

Example 16.7. For an example of a noncommutative division ring, let

where . These elements satisfy the following relations:

Let consist of elements of the form , where
are real numbers. Equivalently, can be considered to be the set of all
matrices of the form

where and are complex numbers. We can define

addition and multiplication on either by the usual matrix operations or in
terms of the generators , , , and :

and

where
 Though multiplication looks complicated, it is actually a straightforward
computation if we remember that we just add and multiply elements in
like polynomials and keep in mind the relationships between the generators
, , and . The ring is called the ring of quaternions.

To show that the quaternions are a division ring, we must be able to find an
inverse for each nonzero element. Notice that

This element can be zero only if , , , and are all zero. So if

,

Proposition 16.8. Let be a ring with . Then

1. ;

2. ;
3. .

Proof. To prove (1), observe that

hence, . Similarly, . For (2), we have

; consequently, .
Similarly, . Part (3) follows directly from (2) since
.
Just as we have subgroups of groups, we have an analogous class of
substructures for rings. A subring of a ring is a subset of such that
is also a ring under the inherited operations from .

Example 16.9. The ring is a subring of . Notice that even though the
original ring may have an identity, we do not require that its subring have an
identity. We have the following chain of subrings:

The following proposition gives us some easy criteria for determining

whether or not a subset of a ring is indeed a subring. (We will leave the proof
of this proposition as an exercise.)

Proposition 16.10. Let be a ring and a subset of . Then is a

subring of if and only if the following conditions are satisfied.

1. .
2. for all .
3. for all .

Example 16.11. Let be the ring of matrices with

entries in . If is the set of upper triangular matrices in ; i.e.,

then is a subring of . If
are in , then clearly is also in . Also,

is in .

OceanofPDF.com
16.2 Integral Domains and Fields
Let us briefly recall some definitions. If is a commutative ring and is a
nonzero element in , then is said to be a zero divisor if there is some
nonzero element such that . A commutative ring with
identity is said to be an integral domain if it has no zero divisors. If an
element in a ring with identity has a multiplicative inverse, we say that
is a unit. If every nonzero element in a ring is a unit, then is called a
division ring. A commutative division ring is called a field.

Example 16.12. If , then the set

forms a ring known as the Gaussian
integers. It is easily seen that the Gaussian integers are a subring of the
complex numbers since they are closed under addition and multiplication.
Let be a unit in . Then is also a unit since if
, then . If , then

Therefore, must either be or ; or, equivalently,

or . Therefore, units of this ring are and
; hence, the Gaussian integers are not a field. We will leave it as an
exercise to prove that the Gaussian integers are an integral domain.

Example 16.13. The set of matrices

with entries in forms a field.

 Example 16.14. The set is a field.
The inverse of an element in is

We have the following alternative characterization of integral domains.

Proposition 16.15. Cancellation Law. Let be a commutative ring

with identity. Then is an integral domain if and only if for all nonzero
elements with , we have .

Proof. Let be an integral domain. Then has no zero divisors. Let

with . Then . Hence, and .

Conversely, let us suppose that cancellation is possible in . That is,

suppose that implies . Let . If , then
or . Therefore, cannot be a zero divisor.

The following surprising theorem is due to Wedderburn.

Theorem 16.16. Every finite integral domain is a field.

Proof. Let be a finite integral domain and be the set of nonzero
elements of . We must show that every element in has an inverse. For
each we can define a map by . This
map makes sense, because if and , then . The map
is one-to-one, since for ,
implies by left cancellation. Since is a finite set, the map
must also be onto; hence, for some , . Therefore,
has a left inverse. Since is commutative, must also be a right inverse
for . Consequently, is a field.

For any nonnegative integer and any element in a ring we write

( times) as . We define the characteristic of a ring to be
the least positive integer such that for all . If no such
integer exists, then the characteristic of is defined to be . We will denote
the characteristic of by .

Example 16.17. For every prime , is a field of characteristic . By

Proposition 3.4, every nonzero element in has an inverse; hence, is
a field. If is any nonzero element in the field, then , since the
order of any nonzero element in the abelian group is .

Lemma 16.18. Let be a ring with identity. If has order , then the
characteristic of is .

Proof. If has order , then is the least positive integer such that
. Thus, for all ,

On the other hand, if no positive exists such that , then the

characteristic of is zero.

Theorem 16.19. The characteristic of an integral domain is either prime

or zero.
Proof. Let be an integral domain and suppose that the characteristic of
is with . If is not prime, then , where and
. By Lemma 16.18, we need only consider the case .
Since and there are no zero divisors in ,
either or . Hence, the characteristic of must be less than
, which is a contradiction. Therefore, must be prime.

OceanofPDF.com
16.3 Ring Homomorphisms and Ideals
In the study of groups, a homomorphism is a map that preserves the
operation of the group. Similarly, a homomorphism between rings preserves
the operations of addition and multiplication in the ring. More specifically,
if and are rings, then a ring homomorphism is a map
satisfying

for all . If is a one-to-one and onto homomorphism,

then is called an isomorphism of rings.

The set of elements that a ring homomorphism maps to plays a

fundamental role in the theory of rings. For any ring homomorphism
, we define the kernel of a ring homomorphism to be the set

Example 16.20. For any integer we can define a ring homomorphism

by . This is indeed a ring
homomorphism, since

and
 The kernel of the homomorphism is .

Example 16.21. Let be the ring of continuous real-valued

functions on an interval as in Example 16.5. For a fixed ,
we can define a ring homomorphism by
. This is a ring homomorphism since

Ring homomorphisms of the type are called evaluation

homomorphisms.

In the next proposition we will examine some fundamental properties of

ring homomorphisms. The proof of the proposition is left as an exercise.

Proposition 16.22. Let be a ring homomorphism.

1. If is a commutative ring, then is a commutative ring.

2. .
3. Let and be the identities for and , respectively. If is
onto, then .
4. If is a field and , then is a field.
In group theory we found that normal subgroups play a special role. These
subgroups have nice characteristics that make them more interesting to
study than arbitrary subgroups. In ring theory the objects corresponding to
normal subgroups are a special class of subrings called ideals. An ideal in a
ring is a subring of such that if is in and is in , then both
and are in ; that is, and for all .

Example 16.23. Every ring has at least two ideals, and . These
ideals are called the trivial ideals.

Let be a ring with identity and suppose that is an ideal in such that
is in . Since for any , by the definition of an ideal,
.

Example 16.24. If is any element in a commutative ring with

identity, then the set

is an ideal in . Certainly, is nonempty since both and

are in . The sum of two elements in is again in since
. The inverse of is .
Finally, if we multiply an element by an arbitrary element
, we have . Therefore, satisfies the definition of
an ideal.

If is a commutative ring with identity, then an ideal of the form

is called a principal ideal.
 Theorem 16.25. Every ideal in the ring of integers is a principal
ideal.

Proof. The zero ideal is a principal ideal since . If is any

nonzero ideal in , then must contain some positive integer . There
exists a least positive integer in by the Principle of Well-Ordering. Now
let be any element in . Using the division algorithm, we know that there
exist integers and such that

where . This equation tells us that , but must

be since is the least positive element in . Therefore, and
.

Example 16.26. The set is ideal in the ring of integers. If is in

and is in , then is in as required. In fact, by
Theorem 16.25, these are the only ideals of .

Proposition 16.27. The kernel of any ring homomorphism

is an ideal in .

Proof. We know from group theory that is an additive subgroup of

. Suppose that and . Then we must show that and
are in . However,

and
 Remark 16.28. In our definition of an ideal we have required that
and for all . Such ideals are sometimes referred to
as two-sided ideals. We can also consider one-sided ideals; that is, we may
require only that either or for hold but not both.
Such ideals are called left ideals and right ideals, respectively. Of course,
in a commutative ring any ideal must be two-sided. In this text we will
concentrate on two-sided ideals.

Theorem 16.29. Let be an ideal of . The factor group is a ring

with multiplication defined by

Proof. We already know that is an abelian group under addition. Let

and be in . We must show that the product
is independent of the choice of coset; that is, if
and , then must be in . Since
, there exists an element in such that . Similarly, there exists
a such that . Notice that

and since is an ideal; consequently, .

We will leave as an exercise the verification of the associative law for
multiplication and the distributive laws.

The ring in Theorem 16.29 is called the factor or quotient ring. Just
as with group homomorphisms and normal subgroups, there is a
relationship between ring homomorphisms and ideals.
 Theorem 16.30. Let be an ideal of . The map
defined by is a ring homomorphism of onto with
kernel .

Proof. Certainly is a surjective abelian group

homomorphism. It remains to show that works correctly under ring
multiplication. Let and be in . Then

which completes the proof of the theorem.

The map is often called the natural or canonical

homomorphism. In ring theory we have isomorphism theorems relating
ideals and ring homomorphisms similar to the isomorphism theorems for
groups that relate normal subgroups and homomorphisms in Chapter 11. We
will prove only the First Isomorphism Theorem for rings in this chapter and
leave the proofs of the other two theorems as exercises. All of the proofs are
similar to the proofs of the isomorphism theorems for groups.

Theorem 16.31. First Isomorphism Theorem. Let be

a ring homomorphism. Then is an ideal of . If
is the canonical homomorphism, then there exists a
unique isomorphism such that .

Proof. Let . By the First Isomorphism Theorem for groups,

there exists a well-defined group homomorphism
defined by for the additive abelian groups and
. To show that this is a ring homomorphism, we need only show that
; but
Theorem 16.32. Second Isomorphism Theorem. Let be a
subring of a ring and an ideal of . Then is an ideal of and

Theorem 16.33. Third Isomorphism Theorem. Let be a ring

and and be ideals of where . Then

Theorem 16.34. Correspondence Theorem. Let be an ideal of a

ring . Then is a one-to-one correspondence between the set
of subrings containing and the set of subrings of . Furthermore,
the ideals of containing correspond to ideals of .

OceanofPDF.com
16.4 Maximal and Prime Ideals
In this particular section we are especially interested in certain ideals of
commutative rings. These ideals give us special types of factor rings. More
specifically, we would like to characterize those ideals of a commutative
ring such that is an integral domain or a field.

A proper ideal of a ring is a maximal ideal of if the ideal is not

a proper subset of any ideal of except itself. That is, is a maximal
ideal if for any ideal properly containing , . The following
theorem completely characterizes maximal ideals for commutative rings
with identity in terms of their corresponding factor rings.

Theorem 16.35. Let be a commutative ring with identity and an

ideal in . Then is a maximal ideal of if and only if is a field.

Proof. Let be a maximal ideal in . If is a commutative ring, then

must also be a commutative ring. Clearly, acts as an identity
for . We must also show that every nonzero element in has an
inverse. If is a nonzero element in , then . Define
to be the set . We will show that is an
ideal in . The set is nonempty since is in . If
and are two elements in , then

is in . Also, for any it is true that ; hence, is closed under

multiplication and satisfies the necessary conditions to be an ideal.
Therefore, by Proposition 16.10 and the definition of an ideal, is an ideal
properly containing . Since is a maximal ideal, ; consequently,
by the definition of there must be an in and an element in such
that . Therefore,

Conversely, suppose that is an ideal and is a field. Since is

a field, it must contain at least two elements: and .
Hence, is a proper ideal of . Let be any ideal properly containing
. We need to show that . Choose in but not in . Since
is a nonzero element in a field, there exists an element in
such that .
Consequently, there exists an element such that and
is in . Therefore, for all . Consequently, .

Example 16.36. Let be an ideal in , where is prime. Then is

a maximal ideal since is a field.

A proper ideal in a commutative ring is called a prime ideal if

whenever , then either or .15

Example 16.37. It is easy to check that the set

is an ideal in . This ideal is prime. In fact, it is a maximal ideal.

Proposition 16.38. Let be a commutative ring with identity , where

. Then is a prime ideal in if and only if is an integral
domain.

Proof. First let us assume that is an ideal in and is an integral

domain. Suppose that . If and are two elements of
such that , then either
or . This means that either is in or is in , which shows
that must be prime.

Conversely, suppose that is prime and

Then . If , then must be in by the definition of a prime

ideal; hence, and is an integral domain.

Example 16.39. Every ideal in is of the form . The factor ring

is an integral domain only when is prime. It is actually a
field. Hence, the nonzero prime ideals in are the ideals , where is
prime. This example really justifies the use of the word “prime” in our
definition of prime ideals.

Since every field is an integral domain, we have the following corollary.

Corollary 16.40. Every maximal ideal in a commutative ring with

identity is also a prime ideal.

Historical Note
Amalie Emmy Noether, one of the outstanding mathematicians of the
twentieth century, was born in Erlangen, Germany in 1882. She was the
daughter of Max Noether (1844–1921), a distinguished mathematician at
the University of Erlangen. Together with Paul Gordon (1837–1912),
Emmy Noether's father strongly influenced her early education. She entered
the University of Erlangen at the age of 18. Although women had been
admitted to universities in England, France, and Italy for decades, there was
great resistance to their presence at universities in Germany. Noether was
one of only two women among the university's 986 students. After
completing her doctorate under Gordon in 1907, she continued to do
research at Erlangen, occasionally lecturing when her father was ill.

Noether went to Göttingen to study in 1916. David Hilbert and Felix Klein
tried unsuccessfully to secure her an appointment at Göttingen. Some of the
faculty objected to women lecturers, saying, “What will our soldiers think
when they return to the university and are expected to learn at the feet of a
woman?” Hilbert, annoyed at the question, responded, “Meine Herren, I do
not see that the sex of a candidate is an argument against her admission as a
Privatdozent. After all, the Senate is not a bathhouse.” At the end of World
War I, attitudes changed and conditions greatly improved for women. After
Noether passed her habilitation examination in 1919, she was given a title
and was paid a small sum for her lectures.

In 1922, Noether became a Privatdozent at Göttingen. Over the next 11

years she used axiomatic methods to develop an abstract theory of rings and
ideals. Though she was not good at lecturing, Noether was an inspiring
teacher. One of her many students was B. L. van der Waerden, author of the
first text treating abstract algebra from a modern point of view. Some of the
other mathematicians Noether influenced or closely worked with were
Alexandroff, Artin, Brauer, Courant, Hasse, Hopf, Pontryagin, von
Neumann, and Weyl. One of the high points of her career was an invitation
to address the International Congress of Mathematicians in Zurich in 1932.
In spite of all the recognition she received from her colleagues, Noether's
abilities were never recognized as they should have been during her
lifetime. She was never promoted to full professor by the Prussian academic
bureaucracy.

In 1933, Noether, who was Jewish, was banned from participation in all
academic activities in Germany. She emigrated to the United States, took a
position at Bryn Mawr College, and became a member of the Institute for
Advanced Study at Princeton. Noether died suddenly on April 14, 1935.
After her death she was eulogized by such notable scientists as Albert
Einstein.

OceanofPDF.com
16.5 An Application to Software
Design
The Chinese Remainder Theorem is a result from elementary number
theory about the solution of systems of simultaneous congruences. The
Chinese mathematician Sun-tsï wrote about the theorem in the first century
A.D. This theorem has some interesting consequences in the design of
software for parallel processors.

Lemma 16.41. Let and be positive integers such that

. Then for the system

has a solution. If and are two solutions of the system, then

.

Proof. The equation has a solution since

satisfies the equation for all . We must show that there exists an
integer such that

This is equivalent to showing that

has a solution for . Since and are relatively prime, there exist
integers and such that . Consequently,
or

Now let .

To show that any two solutions are congruent modulo , let and be
two solutions of the system. That is,

for . Then

Therefore, both and divide . Consequently,

.

Example 16.42. Let us solve the system

Using the Euclidean algorithm, we can find integers and such that
. Two such integers are and . Consequently,
 Theorem 16.43. Chinese Remainder Theorem. Let
be positive integers such that for
. Then for any integers , the system

has a solution. Furthermore, any two solutions of the system are congruent
modulo .

Proof. We will use mathematical induction on the number of equations in

the system. If there are equations, then the theorem is true by
Lemma 16.41. Now suppose that the result is true for a system of
equations or less and that we wish to find a solution of

Considering the first equations, there exists a solution that is unique

modulo , say . Since and are relatively prime,
the system

has a solution that is unique modulo by the lemma.

 Example 16.44. Let us solve the system

From Example 16.42 we know that is a solution of the first two

congruences and any other solution of the system is congruent to
. Hence, we can reduce the system to a system of three
congruences:

Solving the next two equations, we can reduce the system to

Solving this last system, we find that is a solution for the system that is
unique up to modulo .

One interesting application of the Chinese Remainder Theorem in the

design of computer software is that the theorem allows us to break up a
calculation involving large integers into several less formidable
calculations. A computer will handle integer calculations only up to a
certain size due to the size of its processor chip, which is usually a 32 or 64-
bit processor chip. For example, the largest integer available on a computer
with a 64-bit processor chip is
Larger processors such as 128 or 256-bit have been proposed or are under
development. There is even talk of a 512-bit processor chip. The largest
integer that such a chip could store with be , which would be a
154 digit number. However, we would need to deal with much larger
numbers to break sophisticated encryption schemes.

Special software is required for calculations involving larger integers which

cannot be added directly by the machine. By using the Chinese Remainder
Theorem we can break down large integer additions and multiplications into
calculations that the computer can handle directly. This is especially useful
on parallel processing computers which have the ability to run several
programs concurrently.

Most computers have a single central processing unit (CPU) containing one
processor chip and can only add two numbers at a time. To add a list of ten
numbers, the CPU must do nine additions in sequence. However, a parallel
processing computer has more than one CPU. A computer with 10 CPUs,
for example, can perform 10 different additions at the same time. If we can
take a large integer and break it down into parts, sending each part to a
different CPU, then by performing several additions or multiplications
simultaneously on those parts, we can work with an integer that the
computer would not be able to handle as a whole.

Example 16.45. Suppose that we wish to multiply by . We

will use the integers , , , and because they are relatively prime.
We can break down each integer into four parts:
and

Multiplying the corresponding equations, we obtain

Each of these four computations can be sent to a different processor if our

computer has several CPUs. By the above calculation, we know that
is a solution of the system

The Chinese Remainder Theorem tells us that solutions are unique up to

modulo . Solving this system of
congruences for tells us that .
The conversion of the computation into the four subcomputations will take
some computing time. In addition, solving the system of congruences can
also take considerable time. However, if we have many computations to be
performed on a particular set of numbers, it makes sense to transform the
problem as we have done above and to perform the necessary calculations
simultaneously.

OceanofPDF.com
16.6 Reading Questions
1. What is the fundamental difference between groups and rings?

2. Give two characterizations of an integral domain.

3. Provide two examples of fields, one infinite, one finite.

4. Who was Emmy Noether?

5. Speculate on a computer program that might use the Chinese Remainder

Theorem to speed up computations with large integers.

OceanofPDF.com
16.7 Exercises
1. Which of the following sets are rings with respect to the usual operations
of addition and multiplication? If the set is a ring, is it also a field?

a.

b.

c.

d.

e.

f.

g.

h.

2. Let be the ring of matrices of the form

where . Show that although is a ring that has no identity, we can

find a subring of with an identity.

3. List or characterize all of the units in each of the following rings.

 a.

b.

c.

d. , the matrices with entries in

e. , the matrices with entries in

4. Find all of the ideals in each of the following rings. Which of these ideals
are maximal and which are prime?

a.

b.

c. , the matrices with entries in

d. , the matrices with entries in

e.

5. For each of the following rings with ideal , give an addition table and
a multiplication table for .

a. and

b. and

6. Find all homomorphisms .

7. Prove that is not isomorphic to .

8. Prove or disprove: The ring is

isomorphic to the ring .

9. What is the characteristic of the field formed by the set of matrices

with entries in ?

10. Define a map by

Show that is an isomorphism of with its image in .

11. Prove that the Gaussian integers, , are an integral domain.

12. Prove that is an integral domain.

13. Solve each of the following systems of congruences.

a.
 b.

c.

d.

14. Use the method of parallel computation outlined in the text to calculate
by dividing the calculation into four separate additions
modulo , , , and .

15. Explain why the method of parallel computation outlined in the text
fails for if we attempt to break the calculation down into two
smaller calculations modulo and .

16. If is a field, show that the only two ideals of are and itself.

17. Let be any element in a ring with identity. Show that

.
18. Let be a ring homomorphism. Prove each of the following
statements.

a. If is a commutative ring, then is a commutative ring.

b. .

c. Let and be the identities for and , respectively. If is

onto, then .

d. If is a field and , then is a field.

19. Prove that the associative law for multiplication and the distributive
laws hold in .

20. Prove the Second Isomorphism Theorem for rings: Let be a subring
of a ring and an ideal in . Then is an ideal in and

21. Prove the Third Isomorphism Theorem for rings: Let be a ring and
and be ideals of , where . Then

22. Prove the Correspondence Theorem: Let be an ideal of a ring .

Then is a one-to-one correspondence between the set of subrings
containing and the set of subrings of . Furthermore, the ideals of
correspond to ideals of .
23. Let be a ring and a subset of . Show that is a subring of if
and only if each of the following conditions is satisfied.

a. .

b. for all .

c. for all .

24. Let be a ring with a collection of subrings . Prove that

is a subring of . Give an example to show that the union of two subrings
is not necessarily a subring.

25. Let be a collection of ideals in a ring . Prove that

is also an ideal in . Give an example to show that if and are ideals
in , then may not be an ideal.

26. Let be an integral domain. Show that if the only ideals in are
and itself, must be a field.

27. Let be a commutative ring. An element in is nilpotent if

for some positive integer . Show that the set of all nilpotent elements
forms an ideal in .

28. A ring is a Boolean ring if for every , . Show that

every Boolean ring is a commutative ring.

29. Let be a ring, where for all . Prove that must be a

commutative ring.
30. Let be a ring with identity and a subring of with identity .
Prove or disprove that .

31. If we do not require the identity of a ring to be distinct from 0, we will

not have a very interesting mathematical structure. Let be a ring such that
. Prove that .

32. Let be a ring. Define the center of to be

Prove that is a commutative subring of .

33. Let be prime. Prove that

is a ring. The ring is called the ring of integers localized at .

34. Prove or disprove: Every finite integral domain is isomorphic to .

35. Let be a ring with identity.

a. Let be a unit in . Define a map by .

Prove that is an automorphism of . Such an automorphism of
is called an inner automorphism of . Denote the set of all inner
automorphisms of by .

b. Denote the set of all automorphisms of by . Prove that

is a normal subgroup of .
 c. Let be the group of units in . Prove that the map

defined by is a homomorphism. Determine the kernel of .

d. Compute , , and .

36. Let and be arbitrary rings. Show that their Cartesian product is a
ring if we define addition and multiplication in by

a.

b.

37. An element in a ring is called an idempotent if . Prove that

the only idempotents in an integral domain are and . Find a ring with a
idempotent not equal to 0 or 1.

38. Let and . Prove that

does not have a solution.

39. The Chinese Remainder Theorem for Rings. Let be a ring

and and be ideals in such that .

a. Show that for any and in , the system of equations

has a solution.
b. In addition, prove that any two solutions of the system are congruent
modulo .

c. Let and be ideals in a ring such that . Show that

there exists a ring isomorphism

OceanofPDF.com
16.8 Programming Exercise
1. Write a computer program implementing fast addition and multiplication
using the Chinese Remainder Theorem and the method outlined in the text.

OceanofPDF.com
16.9 References and Suggested
Readings
[1] Anderson, F. W. and Fuller, K. R. Rings and Categories of Modules.
2nd ed. Springer, New York, 1992.

[2] Atiyah, M. F. and MacDonald, I. G. Introduction to Commutative

Algebra. Westview Press, Boulder, CO, 1994.

[3] Herstein, I. N. Noncommutative Rings. Mathematical Association of

America, Washington, DC, 1994.

[4] Kaplansky, I. Commutative Rings. Revised edition. University of

Chicago Press, Chicago, 1974.

[5] Knuth, D. E. The Art of Computer Programming: Semi-Numerical

Algorithms, vol. 2. 3rd ed. Addison-Wesley Professional, Boston,
1997.

[6] Lidl, R. and Pilz, G. Applied Abstract Algebra. 2nd ed. Springer,
New York, 1998. A good source for applications.

[7] Mackiw, G. Applications of Abstract Algebra. Wiley, New York,

1985.

[8] McCoy, N. H. Rings and Ideals. Carus Monograph Series, No. 8.

Mathematical Association of America, Washington, DC, 1968.

[9] McCoy, N. H. The Theory of Rings. Chelsea, New York, 1972.

[10] Zariski, O. and Samuel, P. Commutative Algebra, vols. I and II.
Springer, New York, 1975, 1960.

OceanofPDF.com
16.10 Sage
Rings are very important in your study of abstract algebra, and similarly,
they are very important in the design and use of Sage. There is a lot of
material in this chapter, and there are many corresponding commands in
Sage.

Creating Rings
Here is a list of various rings, domains and fields you can construct simply.

1. Integers() , ZZ : the integral domain of positive and negative

integers, .
2. Integers(n) : the integers mod , . A field when is prime,
but just a ring for composite .
3. QQ : the field of rational numbers, .
4. RR , CC : the field of real numbers and the field of complex
numbers, , . It is impossible to create every real number inside a
computer, so technically these sets do not behave as fields, but only
give a good imitiation of the real thing. We say they are inexact rings
to make this point.
5. QuadraticField(n) : the field formed by combining the
rationals with a solution to the polynomial equation . The
notation in the text is . A functional equivalent can be made
with the syntax QQ[sqrt(n)] . Note that n can be negative.
6. CyclotomicField(n) : the field formed by combining the
rationals with the solutions to the polynomial equation .
7. QQbar : the field formed by combining the rationals with the
solutions to every polynomial equation with integer coefficients. This
 is known as a the field of algebraic numbers, denoted as .
8. FiniteField(p) : for a prime , the field of integers .

If you print a description of some of the above rings, you will sometimes
see a new symbol introduced. Consider the following example:

F = QuadraticField(7)
F

Number Field in a with defining polynomial x^2 - 7

with a = 2.645751311...?

root = F.gen(0)
root^2

root

(2*root)^3

56*a

Here Number Field describes an object generally formed by

combining the rationals with another number (here ). “a” is a new
symbol which behaves as a root of the polynomial . We do not say
which root, or , and as we understand the theory better we will
see that this does not really matter.

We can obtain this root as a generator of the number field, and then
manipulate it. First squaring root yields 7. Notice that root prints as
 a . Notice, too, that computations with root behave as if it was either
root of , and results print using a .

This can get a bit confusing, inputing computations with root and
getting output in terms of a . Fortunately, there is a better way. Consider
the following example:

F.<b> = QuadraticField(7)
F

Number Field in b with defining polynomial x^2 - 7

with b = 2.645751311...?

b^2

(2*b)^3

56*b

With the syntax F.<b> we can create the field F along with specifying
a generator b using a name of our choosing. Then computations can use
b in both input and output as a root of .

Here are three new rings that are best created using this new syntax.

1. F.<a> = FiniteField(p^n) : We will later have a theorem

that tells us that finite fields only exist with orders equal to to a power
of a prime. When the power is larger than 1, then we need a generator,
here given as a .
2. P.<x>=R[] : the ring of all polynomials in the variable x , with
coefficients from the ring R . Notice that R can be any ring, so this
 is a very general construction that uses one ring to form another. See
an example below.
3. Q.<r,s,t> = QuaternionAlgebra(n, m) : the rationals
combined with indeterminates r , s and t such that ,
and . This is a generalization of the
quaternions described in this chapter, though over the rationals rather
than the reals, so it is an exact ring. Notice that this is one of the few
noncommutative rings in Sage. The “usual” quaternions would be
constructed with
Q.<I,J,K> = QuaternionAlgebra(-1, -1) . (Notice
that using I here is not a good choice, because it will then clobber
the symbol I used for complex numbers.)

Syntax specifying names for generators can be used for many of the above
rings as well, such as demonstrated above for quadratic fields and below for
cyclotomic fields.

C.<t> = CyclotomicField(8)
C.random_element()

-2/11*t^2 + t - 1

Properties of Rings
The examples below demonstrate how to query certain properties of rings.
If you are playing along, be sure to execute the first compute cell to define
the various rings involved in the examples.

Z7 = Integers(7)
Z9 = Integers(9)
Q = QuadraticField(-11)
F.<a> = FiniteField(3^2)
 P.<x> = Z7[]
S.<f,g,h> = QuaternionAlgebra(-7, 3)

Exact versus inexact.

QQ.is_exact()

True

RR.is_exact()

False

Finite versus infinite.

Z7.is_finite()

True

Z7.is_finite()

True

Integral domain?

Z7.is_integral_domain()

True

Z9.is_integral_domain()

False
Field?

Z9.is_field()

False

F.is_field()

True

Q.is_field()

True

Commutative?

Q.is_commutative()

True

S.is_commutative()

False

Characteristic.

Z7.characteristic()

Z9.characteristic()

9
 Q.characteristic()

F.characteristic()

P.characteristic()

S.characteristic()

Additive and multiplicative identities print like you would expect, but
notice that while they may print identically, they could be different because
of the ring they live in.

b = Z9.zero(); b

b.parent()

Ring of integers modulo 9

c = Q.zero(); c

c.parent()
 Number Field in a with defining polynomial x^2 + 11
with a = 3.316624790...?*I

b == c

False

d = Z9.one(); d

d.parent()

Ring of integers modulo 9

e = Q.one(); e

e.parent()

Number Field in a with defining polynomial x^2 + 11

with a = 3.316624790...?*I

d == e

False

There is some support for subrings. For example, Q and S are

extensions of the rationals, while F is totally distinct from the rationals.

QQ.is_subring(Q)

True
QQ.is_subring(S)

True

QQ.is_subring(F)

False

Not every element of a ring may have a multiplicative inverse, in other

words, not every element has to be a unit (unless the ring is a field). It
would now be good practice to check if an element is a unit before you try
computing its inverse.

three = Z9(3)
three.is_unit()

False

three*three

four = Z9(4)
four.is_unit()

True

g = four^-1; g

four*g

1
Quotient Structure
Ideals are the normal subgroups of rings and allow us to build “quotients”
— basically new rings defined on equivalence classes of elements of the
original ring. Sage support for ideals is variable. When they can be created,
there is not always a lot you can do with them. But they work well in
certain very important cases.

The integers, , have ideals that are just multiples of a single integer. We
can create them with the .ideal() method or just by wrting a scalar
multiple of ZZ . And then the quotient is isomorphic to a well-understood
ring. (Notice that I is a bad name for an ideal if we want to work with
complex numbers later.)

I1 = ZZ.ideal(4)
I2 = 4*ZZ
I3 = (-4)*ZZ
I1 == I2

True

I2 == I3

True

Q = ZZ.quotient(I1); Q

Ring of integers modulo 4

Q == Integers(4)

True
We might normally be more careful about the last statement. The quotient is
a set of equivalence classes, each infinite, and certainly not a single integer.
But the quotient is isomorphic to , so Sage just makes this identification.

Z7 = Integers(7)
P.<y> = Z7[]
M = P.ideal(y^2+4)
Q = P.quotient(M)
Q

Univariate Quotient Polynomial Ring in ybar over

Ring of integers modulo 7 with modulus y^2 + 4

Q.random_element()

2*ybar + 6

Q.order()

49

Q.is_field()

True

Notice that the construction of the quotient ring has created a new
generator, converting y ( ) to ybar ( ). We can override this as before
with the syntax demonstrated below.

Q.<t> = P.quotient(M); Q

Univariate Quotient Polynomial Ring in t over

Ring of integers modulo 7 with modulus y^2 + 4

Q.random_element()
 4*t + 6

So from a quotient of an infinite ring and an ideal (which is also a ring), we

create a field, which is finite. Understanding this construction will be an
important theme in the next few chapters. To see how remarkable it is,
consider what happens with just one little change.

Z7 = Integers(7)
P.<y> = Z7[]
M = P.ideal(y^2+3)
Q.<t> = P.quotient(M)
Q

Univariate Quotient Polynomial Ring in t over

Ring of integers modulo 7 with modulus y^2 + 3

Q.random_element()

3*t + 1

Q.order()

49

Q.is_field()

False

There are a few methods available which will give us properties of ideals.
In particular, we can check for prime and maximal ideals in rings of
polynomials. Examine the results above and below in the context of
Theorem 16.35.

Z7 = Integers(7)
P.<y> = Z7[]
 M = P.ideal(y^2+4)
N = P.ideal(y^2+3)
M.is_maximal()

True

N.is_maximal()

False

The fact that M is a prime ideal is verification of Corollary 16.40.

M.is_prime()

True

N.is_prime()

False

Ring Homomorphisms
When Sage is presented with 3 + 4/3 , how does it know that 3 is
meant to be an integer? And then to add it to a rational, how does it know
that we really want to view the computation as 3/1 + 4/3? This is really easy
for you and me, but devilishly hard for a program, and you can imagine it
getting ever more complicated with the many possible rings in Sage,
subrings, matrices, etc. Part of the answer is that Sage uses ring
homomorphisms to “translate” objects (numbers) between rings.

We will give an example below, but not pursue the topic much further. For
the curious, reading the Sage documentation and experimenting would be a
good exercise.

H = Hom(ZZ, QQ)
phi = H([1])
phi

Ring morphism:
From: Integer Ring
To: Rational Field
Defn: 1 |--> 1

phi.parent()

Set of Homomorphisms from Integer Ring to Rational Field

a = 3; a

a.parent()

Integer Ring

b = phi(3); b

b.parent()

Rational Field

So phi is a homomorphism (“morphism”) that converts integers (the

domain is ZZ ) into rationals (the codomain is QQ ), whose parent is a
set of homomorphisms that Sage calls a “homset.” Even though a and
b both print as 3 , which is indistinguishable to our eyes, the parents of
 a and b are different. Yet the numerical value of the two objects has
not changed.

OceanofPDF.com
16.11 Sage Exercises
1. Define the two rings and with the commands
R = Integers(11) and S = Integers(12) . For each ring,
use the relevant command to determine: if the ring is finite, if it is
commutative, if it is an integral domain and if it is a field. Then use single
Sage commands to find the order of the ring, list the elements, and output
the multiplicative identity (i.e. , if it exists).

2. Define R to be the ring of integers, , by executing R = ZZ or

R = Integers() . A command like R.ideal(4) will create the
principal ideal . The same command can accept more than one
generator, so for example, R.ideal(3, 5) will create the ideal
. Create several ideals of with two generators
and ask Sage to print each as you create it. Explain what you observe and
then create code that will test your observation for thousands of different
examples.

3. Create a finite field

of order 81 with
F.<t>=FiniteField(3^4) .

a. List the elements of .

b. Obtain the generators of with F.gens() .
c. Obtain the first generator of and save it as u with
u = F.0 (alternatively, u = F.gen(0) ).
d. Compute the first 80 powers of u and comment.
 e. The generator you have worked with above is a root of a polynomial
over . Obtain this polynomial with F.modulus() and use this
observation to explain the entry in your list of powers that is the
fourth power of the generator.

4. Build and analyze a quotient ring as follows:

a. Use P.<z>=Integers(7)[] to construct a ring of

polynomials in with coefficients from .
b. Use K = P.ideal(z^2+z+3) to build a principal ideal
generated by the polynomial .
c. Use H = P.quotient(K) to build , the quotient ring of by
.
d. Use Sage to verify that is a field.
e. As in the previous exercise, obtain a generator and examine the
proper collection of powers of that generator.

OceanofPDF.com
Chapter 17 Polynomials
Most people are fairly familiar with polynomials by the time they begin to
study abstract algebra. When we examine polynomial expressions such as

we have a pretty good idea of what and mean. We

just add and multiply polynomials as functions; that is,

and

It is probably no surprise that polynomials form a ring. In this chapter we

shall emphasize the algebraic structure of polynomials by studying
polynomial rings. We can prove many results for polynomial rings that are
similar to the theorems we proved for the integers. Analogs of prime
numbers, the division algorithm, and the Euclidean algorithm exist for
polynomials.

OceanofPDF.com
17.1 Polynomial Rings
Throughout this chapter we shall assume that is a commutative ring with identity. Any
expression of the form

where and , is called a polynomial over with indeterminate . The

elements are called the coefficients of . The coefficient is called the
leading coefficient. A polynomial is called monic if the leading coefficient is 1. If is
the largest nonnegative number for which , we say that the degree of is and
write . If no such exists—that is, if is the zero polynomial—
then the degree of is defined to be . We will denote the set of all polynomials with
coefficients in a ring by . Two polynomials are equal exactly when their
corresponding coefficients are equal; that is, if we let

then if and only if for all .

To show that the set of all polynomials forms a ring, we must first define addition and
multiplication. We define the sum of two polynomials as follows. Let

Then the sum of and is

where for each . We define the product of and to be

where
for each . Notice that in each case some of the coefficients may be zero.

Example 17.1. Suppose that

and

are polynomials in . If the coefficient of some term in a polynomial is zero, then

we usually just omit that term. In this case we would write and
. The sum of these two polynomials is

The product,

can be calculated either by determining the s in the definition or by simply

multiplying polynomials in the same way as we have always done.

Example 17.2. Let

be polynomials in . The sum of and is . The

product of the two polynomials is the zero polynomial. This example tells us that we
can not expect to be an integral domain if is not an integral domain.
 Theorem 17.3. Let be a commutative ring with identity. Then is a
commutative ring with identity.

Proof. Our first task is to show that is an abelian group under polynomial addition.
The zero polynomial, , is the additive identity. Given a polynomial
, the inverse of is easily verified to be
. Commutativity and associativity follow
immediately from the definition of polynomial addition and from the fact that addition in
is both commutative and associative.

To show that polynomial multiplication is associative, let

Then
The commutativity and distribution properties of polynomial multiplication are proved in
a similar manner. We shall leave the proofs of these properties as an exercise.

Proposition 17.4. Let and be polynomials in , where is an integral

domain. Then . Furthermore, is an
integral domain.
Proof. Suppose that we have two nonzero polynomials

and
with and . The degrees of and are and , respectively.
The leading term of is , which cannot be zero since is an
integral domain; hence, the degree of is , and . Since
and imply that , we know that must also be an
integral domain.

We also want to consider polynomials in two or more variables, such as

. Let be a ring and suppose that we are given two indeterminates
and . Certainly we can form the ring . It is straightforward but perhaps
tedious to show that . We shall identify these two rings by this
isomorphism and simply write . The ring is called the ring of
polynomials in two indeterminates and with coefficients in . We can define the
ring of polynomials in indeterminates with coefficients in similarly. We shall
denote this ring by .

Theorem 17.5. Let be a commutative ring with identity and . Then we have
a ring homomorphism defined by

where .

Proof. Let and . It is easy to show that

. To show that multiplication is preserved
under the map , observe that

The map is called the evaluation homomorphism at .

OceanofPDF.com
17.2 The Division Algorithm
Recall that the division algorithm for integers (Theorem 2.9) says that if
and are integers with , then there exist unique integers and such
that , where . The algorithm by which and are
found is just long division. A similar theorem exists for polynomials. The
division algorithm for polynomials has several important consequences.
Since its proof is very similar to the corresponding proof for integers, it is
worthwhile to review Theorem 2.9 at this point.

Theorem 17.6. Division Algorithm. Let and be

polynomials in , where is a field and is a nonzero
polynomial. Then there exist unique polynomials such
that

where either or is the zero polynomial.

Proof. We will first consider the existence of and . If is

the zero polynomial, then

hence, both and must also be the zero polynomial. Now suppose that
is not the zero polynomial and that and
. If , then we can let and .
Hence, we may assume that and proceed by induction on . If
the polynomial

has degree less than or is the zero polynomial. By induction, there exist
polynomials and such that

where or the degree of is less than the degree of . Now

let

Then

with the zero polynomial or .

To show that and are unique, suppose that there exist two other
polynomials and such that with
or , so that

and

If is not the zero polynomial, then

However, the degrees of both and are strictly less than the
degree of ; therefore, and .

Example 17.7. The division algorithm merely formalizes long division

of polynomials, a task we have been familiar with since high school. For
example, suppose that we divide by .

Hence, .

Let be a polynomial in and . We say that is a zero or

root of if is in the kernel of the evaluation homomorphism .
All we are really saying here is that is a zero of if .

Corollary 17.8. Let be a field. An element is a zero of

if and only if is a factor of in .

Proof. Suppose that and . By the division algorithm,

there exist polynomials and such that
and the degree of must be less than the degree of . Since the
degree of is less than 1, for ; therefore,

But

consequently, , and is a factor of .

Conversely, suppose that is a factor of ; say

. Then .

Corollary 17.9. Let be a field. A nonzero polynomial of degree

in can have at most distinct zeros in .

Proof. We will use induction on the degree of . If ,

then is a constant polynomial and has no zeros. Let .
Then for some and in . If and are zeros of
, then or .

Now assume that . If does not have a zero in , then

we are done. On the other hand, if is a zero of , then
for some by Corollary 17.8. The
degree of is by Proposition 17.4. Let be some other zero of
that is distinct from . Then . Since
and is a field, . By our induction hypothesis, can
have at most zeros in that are distinct from . Therefore,
has at most distinct zeros in .
Let be a field. A monic polynomial is a greatest common divisor
of polynomials if evenly divides both and
; and, if for any other polynomial dividing both and ,
. We write . Two polynomials
and are relatively prime if .

Proposition 17.10. Let be a field and suppose that is a greatest

common divisor of two polynomials and in . Then there
exist polynomials and such that

Furthermore, the greatest common divisor of two polynomials is unique.

Proof. Let be the monic polynomial of smallest degree in the set

We can write for two polynomials

and in . We need to show that divides both and .
We shall first show that divides . By the division algorithm, there
exist polynomials and such that ,
where is either the zero polynomial or .
Therefore,
is a linear combination of and and therefore must be in .
However, must be the zero polynomial since was chosen to be
of smallest degree; consequently, divides . A symmetric
argument shows that must also divide ; hence, is a
common divisor of and .

To show that is a greatest common divisor of and , suppose

that is another common divisor of and . We will show that
. Since is a common divisor of and , there
exist polynomials and such that and
. Therefore,

Since , is a greatest common divisor of and .

Finally, we must show that the greatest common divisor of and

is unique. Suppose that is another greatest common divisor of
and . We have just shown that there exist polynomials and
in such that . Since

and and are both greatest common divisors,

. Since and are both monic
polynomials of the same degree, it must be the case that .
Notice the similarity between the proof of Proposition 17.10 and the proof
of Theorem 2.10.

OceanofPDF.com
17.3 Irreducible Polynomials
A nonconstant polynomial is irreducible over a field if
cannot be expressed as a product of two polynomials and
in , where the degrees of and are both smaller than the
degree of . Irreducible polynomials function as the “prime numbers”
of polynomial rings.

Example 17.11. The polynomial is irreducible since it

cannot be factored any further over the rational numbers. Similarly,
is irreducible over the real numbers.

Example 17.12. The polynomial is irreducible

over . Suppose that this polynomial was reducible over . By
the division algorithm there would have to be a factor of the form ,
where is some element in . Hence, it would have to be true that
. However,

Therefore, has no zeros in and must be irreducible.

Lemma 17.13. Let . Then

 where are integers, the 's are relatively prime, and
and are relatively prime.

Proof. Suppose that

where the 's and the 's are integers. We can rewrite as

where are integers. Let be the greatest common divisor of

. Then

where and the 's are relatively prime. Reducing

to its lowest terms, we can write

where .

Theorem 17.14. Gauss's Lemma. Let be a monic

polynomial such that factors into a product of two polynomials
and in , where the degrees of both and are less
than the degree of . Then , where and
 are monic polynomials in with and
.

Proof. By Lemma 17.13, we can assume that

where the 's are relatively prime and the 's are relatively prime.
Consequently,

where is the product of and expressed in lowest terms.

Hence, .

If , then since is a monic polynomial. Hence,

either or . If , then either or
. In the first case , where and
are monic polynomials with and
. In the second case and
are the correct monic polynomials since
. The case in which
can be handled similarly.

Now suppose that . Since , there exists a prime such

that and . Also, since the coefficients of are relatively
prime, there exists a coefficient such that . Similarly, there exists a
coefficient of such that . Let and be the
polynomials in obtained by reducing the coefficients of and
modulo . Since , in . However, this
is impossible since neither nor is the zero polynomial and
is an integral domain. Therefore, and the theorem is proven.

Corollary 17.15. Let be a

polynomial with coefficients in and . If has a zero in ,
then also has a zero in . Furthermore, divides .

Proof. Let have a zero . Then must have a linear factor

. By Gauss's Lemma, has a factorization with a linear factor in
. Hence, for some

Thus and so .

Example 17.16. Let . We shall show that

is irreducible over . Assume that is reducible. Then either
has a linear factor, say , where is a
polynomial of degree three, or has two quadratic factors.

If has a linear factor in , then it has a zero in . By

Corollary 17.15, any zero must divide 1 and therefore must be ;
however, and . Consequently, we have eliminated
the possibility that has any linear factors.

Therefore, if is reducible it must factor into two quadratic

polynomials, say
 where each factor is in by Gauss's Lemma. Hence,

Since , either or . In either case

and so

Since , we know that . This is impossible since is

an integer. Therefore, must be irreducible over .

Theorem 17.17. Eisenstein's Criterion. Let be a prime and

suppose that

If for , but and , then is

irreducible over .

Proof. By Gauss's Lemma (see Theorem 17.17 and Lemma 18.26), we

need only show that does not factor into polynomials of lower degree
in . Let
be a factorization in , with and not equal to zero and .
Since does not divide , either or is not divisible by .
Suppose that and . Since and , neither
nor is divisible by . Let be the smallest value of such that .
Then

is not divisible by , since each term on the right-hand side of the equation
is divisible by except for . Therefore, since is divisible
by for . Hence, cannot be factored into polynomials of
lower degree and therefore must be irreducible.

Example 17.18. The polynomial

is easily seen to be irreducible over by Eisenstein's Criterion if we let

.

Eisenstein's Criterion is more useful in constructing irreducible polynomials

of a certain degree over than in determining the irreducibility of an
arbitrary polynomial in : given an arbitrary polynomial, it is not very
likely that we can apply Eisenstein's Criterion. The real value of
Theorem 17.17 is that we now have an easy method of generating
irreducible polynomials of any degree.

Ideals in
Let be a field. Recall that a principal ideal in is an ideal
generated by some polynomial ; that is,
 Example 17.19. The polynomial in generates the ideal
consisting of all polynomials with no constant term or term of degree .

Theorem 17.20. If is a field, then every ideal in is a principal

ideal.

Proof. Let be an ideal of . If is the zero ideal, the theorem is

easily true. Suppose that is a nontrivial ideal in , and let
be a nonzero element of minimal degree. If , then is a
nonzero constant and 1 must be in . Since 1 generates all of ,
and is again a principal ideal.

Now assume that and let be any element in . By the

division algorithm there exist and in such that
and . Since
and is an ideal, is also in .
However, since we chose to be of minimal degree, must be the
zero polynomial. Since we can write any element in as
for some , it must be the case that .

Example 17.21. It is not the case that every ideal in the ring is a
principal ideal. Consider the ideal of generated by the
polynomials and . This is the ideal of consisting of all
polynomials with no constant term. Since both and are in the ideal, no
single polynomial can generate the entire ideal.
 Theorem 17.22. Let be a field and suppose that . Then
the ideal generated by is maximal if and only if is irreducible.

Proof. Suppose that generates a maximal ideal of . Then

is also a prime ideal of . Since a maximal ideal must be properly
contained inside , cannot be a constant polynomial. Let us
assume that factors into two polynomials of lesser degree, say
. Since is a prime ideal one of these factors, say
, is in and therefore be a multiple of . But this would
imply that , which is impossible since is
maximal.

Conversely, suppose that is irreducible over . Let be an ideal in

containing . By Theorem 17.20, is a principal ideal; hence,
for some . Since , it must be the case
that for some . However, is
irreducible; hence, either or is a constant polynomial. If is
constant, then and we are done. If is constant, then is
a constant multiple of and . Thus, there are no proper ideals
of that properly contain .

Historical Note
Throughout history, the solution of polynomial equations has been a
challenging problem. The Babylonians knew how to solve the equation
. Omar Khayyam (1048–1131) devised methods of
solving cubic equations through the use of geometric constructions and
conic sections. The algebraic solution of the general cubic equation
was not discovered until the sixteenth century.
An Italian mathematician, Luca Pacioli (ca. 1445–1509), wrote in Summa
de Arithmetica that the solution of the cubic was impossible. This was taken
as a challenge by the rest of the mathematical community.

Scipione del Ferro (1465–1526), of the University of Bologna, solved the

“depressed cubic,”

He kept his solution an absolute secret. This may seem surprising today,
when mathematicians are usually very eager to publish their results, but in
the days of the Italian Renaissance secrecy was customary. Academic
appointments were not easy to secure and depended on the ability to prevail
in public contests. Such challenges could be issued at any time.
Consequently, any major new discovery was a valuable weapon in such a
contest. If an opponent presented a list of problems to be solved, del Ferro
could in turn present a list of depressed cubics. He kept the secret of his
discovery throughout his life, passing it on only on his deathbed to his
student Antonio Fior (ca. 1506–?).

Although Fior was not the equal of his teacher, he immediately issued a
challenge to Niccolo Fontana (1499–1557). Fontana was known as Tartaglia
(the Stammerer). As a youth he had suffered a blow from the sword of a
French soldier during an attack on his village. He survived the savage
wound, but his speech was permanently impaired. Tartaglia sent Fior a list
of 30 various mathematical problems; Fior countered by sending Tartaglia a
list of 30 depressed cubics. Tartaglia would either solve all 30 of the
problems or absolutely fail. After much effort Tartaglia finally succeeded in
solving the depressed cubic and defeated Fior, who faded into obscurity.

At this point another mathematician, Gerolamo Cardano (1501–1576),

entered the story. Cardano wrote to Tartaglia, begging him for the solution
to the depressed cubic. Tartaglia refused several of his requests, then finally
revealed the solution to Cardano after the latter swore an oath not to publish
the secret or to pass it on to anyone else. Using the knowledge that he had
obtained from Tartaglia, Cardano eventually solved the general cubic

Cardano shared the secret with his student, Ludovico Ferrari (1522–1565),
who solved the general quartic equation,

In 1543, Cardano and Ferrari examined del Ferro's papers and discovered
that he had also solved the depressed cubic. Cardano felt that this relieved
him of his obligation to Tartaglia, so he proceeded to publish the solutions
in Ars Magna (1545), in which he gave credit to del Ferro for solving the
special case of the cubic. This resulted in a bitter dispute between Cardano
and Tartaglia, who published the story of the oath a year later.

OceanofPDF.com
17.4 Reading Questions
1. Suppose is a polynomial of degree with coefficients from any
field. How many roots can have? How does this generalize your high
school algebra experience?

2. What is the definition of an irreducible polynomial?

3. Find the remainder upon division of

by .

4. A single theorem in this chapter connects many of the ideas of this

chapter to many of the ideas of the previous chapter. State a paraphrased
version of this theorem.

5. Early in this chapter, we say, “We can prove many results for polynomial
rings that are similar to the theorems we proved for the integers.” Write a
short essay (or a very long paragraph) justifying this assertion.

OceanofPDF.com
17.5 Exercises
1. List all of the polynomials of degree or less in .

2. Compute each of the following.

a. in

b. in

c. in

d. in

e. in

f. in

3. Use the division algorithm to find and such that

with for each of the
following pairs of polynomials.

a. and in

b. and in

c. and in

d. and in
4. Find the greatest common divisor of each of the following pairs
and of polynomials. If , find two
polynomials and such that .

a. and
, where

b. and , where

c. and , where

d. and , where

5. Find all of the zeros for each of the following polynomials.

a. in
b. in
c. in
d. in

6. Find all of the units in .

7. Find a unit in such that .

8. Which of the following polynomials are irreducible over ?

 a.
b.
c.
d.

9. Find all of the irreducible polynomials of degrees and in .

10. Give two different factorizations of in .

11. Prove or disprove: There exists a polynomial in of degree

with more than distinct zeros.

12. If is a field, show that is an integral domain.

13. Show that the division algorithm does not hold for . Why does it
fail?

14. Prove or disprove: is irreducible for any , where is

prime.

15. Let be irreducible in , where is a field. If

, prove that either or .

16. Suppose that and are isomorphic rings. Prove that .

17. Let be a field and . If , show that is the
remainder obtained when is divided by .

18. The Rational Root Theorem. Let

where . Prove that if , where , then

and .

19. Let be the multiplicative group of positive rational numbers. Prove

that is isomorphic to .

20. Cyclotomic Polynomials. The polynomial

is called the cyclotomic polynomial. Show that is irreducible over

for any prime .

21. If is a field, show that there are infinitely many irreducible

polynomials in .

22. Let be a commutative ring with identity. Prove that multiplication is

commutative in .

23. Let be a commutative ring with identity. Prove that multiplication is

distributive in .
24. Show that has distinct zeros in , for any prime .
Conclude that

25. Let be a field and be in .

Define to be the derivative of
.

a. Prove that

Conclude that we can define a homomorphism of abelian groups

by .

b. Calculate the kernel of if .

c. Calculate the kernel of if .

d. Prove that

e. Suppose that we can factor a polynomial into linear

factors, say

Prove that has no repeated factors if and only if and

are relatively prime.
26. Let be a field. Show that is never a field.

27. Let be an integral domain. Prove that is an integral

domain.

28. Let be a commutative ring with identity. Show that has a

subring isomorphic to .

29. Let and be polynomials in , where is a commutative

ring with identity. Prove that
.

OceanofPDF.com
17.6 Additional Exercises: Solving the
Cubic and Quartic Equations
1. Complete the square to solve the general quadratic equation

to obtain

The discriminant of the quadratic equation determines the

nature of the solutions of the equation. If , the equation has two
distinct real solutions. If , the equation has a single repeated real
root. If , there are two distinct imaginary solutions.

2. Show that any cubic equation of the form

can be reduced to the form by making the substitution

.

3. Prove that the cube roots of 1 are given by

4. Make the substitution

for in the equation and obtain two solutions and

for .

5. Show that the product of the solutions obtained in (4) is ,

deducing that .

6. Prove that the possible solutions for in (4) are given by

and use this result to show that the three possible solutions for are

where .

7. The discriminant of the cubic equation is

Show that

a. has three real roots, at least two of which are equal, if .

b. has one real root and two conjugate imaginary roots if .

c. has three distinct real roots if .

8. Solve the following cubic equations.

a.

b.

c.

d.

9. Show that the general quartic equation

can be reduced to

by using the substitution .

10. Show that

11. Show that the right-hand side of Exercise 17.6.10 can be put in the form
if and only if

12. From Exercise 17.6.11 obtain the resolvent cubic equation

Solving the resolvent cubic equation, put the equation found in

Exercise 17.6.10 in the form

to obtain the solution of the quartic equation.

13. Use this method to solve the following quartic equations.

a.

b.

c.

d.
OceanofPDF.com
17.7 Sage
Sage is particularly adept at building, analyzing and manipulating
polynomial rings. We have seen some of this in the previous chapter. Let's
begin by creating three polynomial rings and checking some of their basic
properties. There are several ways to construct polynomial rings, but the
syntax used here is the most straightforward.

Polynomial Rings and their Elements

R.<x> = Integers(8)[]; R

Univariate Polynomial Ring in x over Ring of integers modulo 8

S.<y> = ZZ[]; S

Univariate Polynomial Ring in y over Integer Ring

T.<z> = QQ[]; T

Univariate Polynomial Ring in z over Rational Field

Basic properties of rings are availble for these examples.

R.is_finite()

False

R.is_integral_domain()

False
 S.is_integral_domain()

True

T.is_field()

False

R.characteristic()

T.characteristic()

With the construction syntax used above, the variables can be used to create
elements of the polynomial ring without explicit coercion (though we need
to be careful about constant polynomials).

y in S

True

x in S

False

q = (3/2) + (5/4)*z^2
q in T

True

3 in S
True

r = 3
r.parent()

Integer Ring

s = 3*y^0
s.parent()

Univariate Polynomial Ring in y over Integer Ring

Polynomials can be evaluated like they are functions, so we can mimic the
evaluation homomorphism.

p = 3 + 5*x + 2*x^2
p.parent()

Univariate Polynomial Ring in x over Ring of integers modulo 8

p(1)

[p(t) for t in Integers(8)]

[3, 2, 5, 4, 7, 6, 1, 0]

Notice that p is a degree two polynomial, yet through a brute-force

examination we see that the polynomial only has one root, contrary to our
usual expectations. It can be even more unusual.

q = 4*x^2+4*x
[q(t) for t in Integers(8)]
 [0, 0, 0, 0, 0, 0, 0, 0]

Sage can create and manipulate rings of polynomials in more than one
variable, though we will not have much occasion to use this functionality in
this course.

M.<s, t> = QQ[]; M

Multivariate Polynomial Ring in s, t over Rational Field

Irreducible Polynomials
Whether or not a polynomial factors, taking into consideration the ring used
for its coefficients, is an important topic in this chapter and many of the
following chapters. Sage can factor, and determine irreducibility, over the
integers, the rationals, and finite fields.

First, over the rationals.

R.<x> = QQ[]
p = 1/4*x^4 - x^3 + x^2 - x - 1/2
p.is_irreducible()

True

p.factor()

(1/4) * (x^4 - 4*x^3 + 4*x^2 - 4*x - 2)

q = 2*x^5 + 5/2*x^4 + 3/4*x^3 - 25/24*x^2 - x - 1/2

q.is_irreducible()
 False

q.factor()

(2) * (x^2 + 3/2*x + 3/4) * (x^3 - 1/4*x^2 - 1/3)

Factoring over the integers is really no different than factoring over the
rationals. This is the content of Theorem 17.14 — finding a factorization
over the integers can be converted to finding a factorization over the
rationals. So it is with Sage, there is little difference between working over
the rationals and the integers. It is a little different working over a finite
field. Commentary follows.

F.<a> = FiniteField(5^2)
S.<y> = F[]
p = 2*y^5 + 2*y^4 + 4*y^3 + 2*y^2 + 3*y + 1
p.is_irreducible()

True

p.factor()

(2) * (y^5 + y^4 + 2*y^3 + y^2 + 4*y + 3)

q = 3*y^4+2*y^3-y+4; q.factor()

(3) * (y^2 + (a + 4)*y + 2*a + 3) * (y^2 + 4*a*y + 3*a)

r = y^4+2*y^3+3*y^2+4; r.factor()

(y + 4) * (y^3 + 3*y^2 + y + 1)

s = 3*y^4+2*y^3-y+3; s.factor()
 (3) * (y + 1) * (y + 3) * (y + 2*a + 4) * (y + 3*a + 1)

To check these factorizations, we need to compute in the finite field, F ,

and so we need to know how the symbol a behaves. This symbol is
considered as a root of a degree two polynomial over the integers mod 5,
which we can get with the .modulus() method.

F.modulus()

x^2 + 4*x + 2

So , or . So when checking the

factorizations, anytime you see an you can replace it by . Notice
that by Corollary 17.8 we could find the one linear factor of r , and the
four linear factors of s , through a brute-force search for roots. This is
feasible because the field is finite.

[t for t in F if r(t)==0]

[1]

[t for t in F if s(t)==0]

[2, 3*a + 1, 4, 2*a + 4]

However, q factors into a pair of degree 2 polynomials, so no amount of

testing for roots will discover a factor.

With Eisenstein's Criterion, we can create irreducible polynomials, such as

in Example 17.18.

W.<w> = QQ[]
p = 16*w^5 - 9*w^4 +3*w^2 + 6*w -21
 p.is_irreducible()

True

Over the field , the field of integers mod a prime , Conway polynomials
are canonical choices of a polynomial of degree that is irreducible over
. See the exercises for more about these polynomials.

Polynomials over Fields

If is a field, then every ideal of is principal (Theorem 17.20).
Nothing stops you from giving Sage two (or more) generators to construct
an ideal, but Sage will determine the element to use in a description of the
ideal as a principal ideal.

W.<w> = QQ[]
r = -w^5 + 5*w^4 - 4*w^3 + 14*w^2 - 67*w + 17
s = 3*w^5 - 14*w^4 + 12*w^3 - 6*w^2 + w
S = W.ideal(r, s)
S

Principal ideal (w^2 - 4*w + 1) of

Univariate Polynomial Ring in w over Rational Field

(w^2)*r + (3*w-6)*s in S

True

Theorem 17.22 is the key fact that allows us to easily construct finite fields.
Here is a construction of a finite field of order . All we need is
a polynomial of degree that is irreducible over .

F = Integers(7)
R.<x> = F[]
p = x^5+ x + 4
p.is_irreducible()

True

id = R.ideal(p)
Q = R.quotient(id); Q

Univariate Quotient Polynomial Ring in xbar over

Ring of integers modulo 7 with modulus x^5 + x + 4

Q.is_field()

True

Q.order() == 7^5

True

The symbol xbar is a generator of the field, but right now it is not
accessible. xbar is the coset . A better construction
would include specifying this generator.

Q.gen(0)

xbar

Q.<t> = R.quotient(id); Q

Univariate Quotient Polynomial Ring in t over

Ring of integers modulo 7 with modulus x^5 + x + 4

t^5 + t + 4

0
t^5 == -(t+4)

True

t^5

6*t + 3

(3*t^3 + t + 5)*(t^2 + 4*t + 2)

5*t^4 + 2*t^2 + 5*t + 5

a = 3*t^4 - 6*t^3 + 3*t^2 + 5*t + 2

ainv = a^-1; ainv

6*t^4 + 5*t^2 + 4

a*ainv

OceanofPDF.com
17.8 Sage Exercises
1. Consider the polynomial . Compute the most thorough
factorization of this polynomial over each of the following fields: (a) the
finite field , (b) a finite field with 125 elements, (c) the rationals, (d) the
real numbers and (e) the complex numbers. To do this, build the appropriate
polynomial ring, and construct the polynomial as a member of this ring, and
use the .factor() method.

2. “Conway polynomials” are irreducible polynomials over that Sage

(and other software) uses to build maximal ideals in polynomial rings, and
thus quotient rings that are fields. Roughly speaking, they are “canonical”
choices for each degree and each prime. The command
conway_polynomial(p, n) will return a database entry that is an
irreducible polynomial of degree over .

Execute the command conway_polynomial(5, 4) to obtain an

allegedly irreducible polynomial of degree 4 over :
. Construct the right polynomial ring (i.e., in the
indeterminate ) and verify that p is really an element of your
polynomial ring.

First determine that p has no linear factors. The only possibility left is that
p factors as two quadratic polynomials over . Use a list comprehension
with three for statements to create every possible quadratic polynomial
over . Now use this list to create every possible product of two quadratic
polynomials and check to see if p is in this list.

More on Conway polynomials is available at Frank Lübeck's site16.

3. Construct a finite field of order as a quotient of a polynomial ring by
a principal ideal generated with a Conway polynomial.

4. Define the polynomials and

as polynomials with coefficients from the integers. Compute
gcd(p, q) and verify that the result divides both p and q (just
form a fraction in Sage and see that it simplifies cleanly, or use the
.quo_rem() method).

Proposition 17.10 says there are polynomials and such that the
greatest common divisor equals , if the coefficients
come from a field. Since here we have two polynomials over the integers,
investigate the results returned by Sage for the extended gcd,
xgcd(p, q) . In particular, show that the first result of the returned
triple is a multiple of the gcd. Then verify the “linear combination” property
of the result.

5. For a polynomial ring over a field, every ideal is principal. Begin with
the ring of polynomials over the rationals. Experiment with constructing
ideals using two generators and then see that Sage converts the ideal to a
principal ideal with a single generator. (You can get this generator with the
ideal method .gen() .) Can you explain how this single generator is
computed?

OceanofPDF.com
Chapter 18 Integral Domains
One of the most important rings we study is the ring of integers. It was our
first example of an algebraic structure: the first polynomial ring that we
examined was . We also know that the integers sit naturally inside the
field of rational numbers, . The ring of integers is the model for all
integral domains. In this chapter we will examine integral domains in
general, answering questions about the ideal structure of integral domains,
polynomial rings over integral domains, and whether or not an integral
domain can be embedded in a field.

OceanofPDF.com
18.1 Fields of Fractions
Every field is also an integral domain; however, there are many integral
domains that are not fields. For example, the integers form an integral
domain but not a field. A question that naturally arises is how we might
associate an integral domain with a field. There is a natural way to construct
the rationals from the integers: the rationals can be represented as formal
quotients of two integers. The rational numbers are certainly a field. In fact,
it can be shown that the rationals are the smallest field that contains the
integers. Given an integral domain , our question now becomes how to
construct a smallest field containing . We will do this in the same way
as we constructed the rationals from the integers.

An element is the quotient of two integers and ; however,

different pairs of integers can represent the same rational number. For
instance, . We know that

if and only if . A more formal way of considering this problem is

to examine fractions in terms of equivalence relations. We can think of
elements in as ordered pairs in . A quotient can be written as
. For instance, would represent the fraction . However,
there are problems if we consider all possible pairs in . There is no
fraction corresponding to the pair . Also, the pairs and
both represent the fraction . The first problem is easily solved if
we require the second coordinate to be nonzero. The second problem is
solved by considering two pairs and to be equivalent if
.
If we use the approach of ordered pairs instead of fractions, then we can
study integral domains in general. Let be any integral domain and let

Define a relation on by if .

Lemma 18.1. The relation between elements of is an equivalence

relation.

Proof. Since is commutative, ; hence, is reflexive on .

Now suppose that . Then or . Therefore,
and the relation is symmetric. Finally, to show that the
relation is transitive, let and . In this case
and . Multiplying both sides of by yields

Since is an integral domain, we can deduce that or

.

We will denote the set of equivalence classes on by . We now need to

define the operations of addition and multiplication on . Recall how
fractions are added and multiplied in :

It seems reasonable to define the operations of addition and multiplication

on in a similar manner. If we denote the equivalence class of
by , then we are led to define the operations of addition and
multiplication on by

and

respectively. The next lemma demonstrates that these operations are

independent of the choice of representatives from each equivalence class.

Lemma 18.2. The operations of addition and multiplication on are

well-defined.

Proof. We will prove that the operation of addition is well-defined. The

proof that multiplication is well-defined is left as an exercise. Let
and . We must show that

or, equivalently, that

Since and , we know that

and . Therefore,
 Lemma 18.3. The set of equivalence classes of , , under the
equivalence relation , together with the operations of addition and
multiplication defined by

is a field.

Proof. The additive and multiplicative identities are and ,

respectively. To show that is the additive identity, observe that

It is easy to show that is the multiplicative identity. Let

such that . Then is also in and ;
hence, is the multiplicative inverse for . Similarly, is the
additive inverse of . We leave as exercises the verification of the
associative and commutative properties of multiplication in . We also
leave it to the reader to show that is an abelian group under addition.

It remains to show that the distributive property holds in ; however,

and the lemma is proved.

The field in Lemma 18.3 is called the field of fractions or field of
quotients of the integral domain .

Theorem 18.4. Let be an integral domain. Then can be embedded

in a field of fractions , where any element in can be expressed as
the quotient of two elements in . Furthermore, the field of fractions
is unique in the sense that if is any field containing , then there exists
a map giving an isomorphism with a subfield of such
that for all elements , where we identify with its image
in .

Proof. We will first demonstrate that can be embedded in the field .

Define a map by . Then for and in ,

and

hence, is a homomorphism. To show that is one-to-one, suppose that

. Then , or . Finally, any
element of can be expressed as the quotient of two elements in , since

Now let be a field containing and define a map by

. To show that is well-defined, let .
Then . Therefore, and
.

If and are in , then

and

Therefore, is a homomorphism.

To complete the proof of the theorem, we need to show that is one-to-

one. Suppose that . Then and
. Therefore, the kernel of is the zero element in ,
and is injective.

Example 18.5. Since is a field, is an integral domain. The field

of fractions of is the set of all rational expressions ,
where and are polynomials over the rationals and is not
the zero polynomial. We will denote this field by .

We will leave the proofs of the following corollaries of Theorem 18.4 as

exercises.

Corollary 18.6. Let be a field of characteristic zero. Then contains

a subfield isomorphic to .
Corollary 18.7. Let be a field of characteristic . Then contains a
subfield isomorphic to .

OceanofPDF.com
18.2 Factorization in Integral Domains
The building blocks of the integers are the prime numbers. If is a field,
then irreducible polynomials in play a role that is very similar to that
of the prime numbers in the ring of integers. Given an arbitrary integral
domain, we are led to the following series of definitions.

Let be a commutative ring with identity, and let and be elements in

. We say that divides , and write , if there exists an element
such that . A unit in is an element that has a multiplicative
inverse. Two elements and in are said to be associates if there exists
a unit in such that .

Let be an integral domain. A nonzero element that is not a unit is

said to be irreducible provided that whenever , either or is a
unit. Furthermore, is prime if whenever either or .

Example 18.8. It is important to notice that prime and irreducible

elements do not always coincide. Let be the subring (with identity) of
generated by , , and . Each of these elements is
irreducible in ; however, is not prime, since divides but
does not divide either or .

The Fundamental Theorem of Arithmetic states that every positive integer

can be factored into a product of prime numbers , where
the 's are not necessarily distinct. We also know that such factorizations
are unique up to the order of the 's. We can easily extend this result to the
integers. The question arises of whether or not such factorizations are
possible in other rings. Generalizing this definition, we say an integral
domain is a unique factorization domain, or UFD, if satisfies the
following criteria.

1. Let such that and is not a unit. Then can be written

as the product of irreducible elements in .
2. Let , where the 's and the 's are
irreducible. Then and there is a such that and
are associates for .

Example 18.9. The integers are a unique factorization domain by the

Fundamental Theorem of Arithmetic.

Example 18.10. Not every integral domain is a unique factorization

domain. The subring of the complex numbers
is an integral domain (Exercise 16.7.12, Chapter 16). Let
and define by . It is
clear that with equality when . Also, from our knowledge
of complex numbers we know that . It is easy to
show that if , then is a unit, and that the only units of
are and .

We claim that has two distinct factorizations into irreducible elements:

We must show that each of these factors is an irreducible element in

. If is not irreducible, then for elements in
where . However, there does not exist an
element in in such that because the equation
 has no integer solutions. Therefore, must be irreducible.
A similar argument shows that both and are
irreducible. Since is not a unit multiple of either or ,
has at least two distinct factorizations into irreducible elements.

Principal Ideal Domains

Let be a commutative ring with identity. Recall that a principal ideal
generated by is an ideal of the form . An
integral domain in which every ideal is principal is called a principal ideal
domain, or PID.

Lemma 18.11. Let be an integral domain and let . Then

1. if and only if .

2. and are associates if and only if .

3. is a unit in if and only if .

Proof. (1) Suppose that . Then for some . Hence, for

every in , and . Conversely, suppose
that . Then . Consequently, for some .
Thus, .

(2) Since and are associates, there exists a unit such that .
Therefore, and . Similarly, . It follows that
. Conversely, suppose that . By part (1), and
. Then and for some . Therefore,
. Since is an integral domain, ; that is, and
are units and and are associates.
(3) An element is a unit if and only if is an associate of .
However, is an associate of if and only if .

Theorem 18.12. Let be a PID and be a nonzero ideal in . Then

is a maximal ideal if and only if is irreducible.

Proof. Suppose that is a maximal ideal. If some element in

divides , then . Since is maximal, either or
. Consequently, either and are associates or is a unit.
Therefore, is irreducible.

Conversely, let be irreducible. If is an ideal in such that

, then . Since is irreducible, either must be a unit
or and are associates. Therefore, either or . Thus,
is a maximal ideal.

Corollary 18.13. Let be a PID. If is irreducible, then is prime.

Proof. Let be irreducible and suppose that . Then . By

Corollary 16.40, since is a maximal ideal, must also be a prime
ideal. Thus, either or . Hence, either or .

Lemma 18.14. Let be a PID. Let be a set of ideals such

that . Then there exists an integer such that
for all .

Proof. We claim that is an ideal of . Certainly is not

empty, since and . If , then and for
some and in . Without loss of generality we can assume that .
Hence, and are both in and so is also in . Now let
and . Again, we note that for some positive integer . Since
is an ideal, and hence must be in . Therefore, we have shown that
is an ideal in .

Since is a principal ideal domain, there exists an element that

generates . Since is in for some , we know that
. Consequently, for .

Any commutative ring satisfying the condition in Lemma 18.14 is said to

satisfy the ascending chain condition, or ACC. Such rings are called
Noetherian rings, after Emmy Noether.

Theorem 18.15. Every PID is a UFD.

Proof. Existence of a factorization. Let be a PID and be a nonzero
element in that is not a unit. If is irreducible, then we are done. If not,
then there exists a factorization , where neither nor is a
unit. Hence, . By Lemma 18.11, we know that ;
otherwise, and would be associates and would be a unit, which
would contradict our assumption. Now suppose that , where
neither nor is a unit. By the same argument as before, .
We can continue with this construction to obtain an ascending chain of
ideals

By Lemma 18.14, there exists a positive integer such that

for all . Consequently, must be irreducible. We have now shown
that is the product of two elements, one of which must be irreducible.

Now suppose that , where is irreducible. If is not a unit, we

can repeat the preceding argument to conclude that . Either
is irreducible or , where is irreducible and is not a unit.
Continuing in this manner, we obtain another chain of ideals

This chain must satisfy the ascending chain condition; therefore,

for irreducible elements .

Uniqueness of the factorization. To show uniqueness, let

where each and each is irreducible. Without loss of generality, we can

assume that . Since divides , by Corollary 18.13 it
must divide some . By rearranging the 's, we can assume that ;
hence, for some unit in . Therefore,

or

Continuing in this manner, we can arrange the 's such that

, to obtain

In this case is a unit, which contradicts the fact that

are irreducibles. Therefore, and the factorization of
is unique.
 Corollary 18.16. Let be a field. Then is a UFD.

Example 18.17. Every PID is a UFD, but it is not the case that every
UFD is a PID. In Corollary 18.31, we will prove that is a UFD.
However, is not a PID. Let
. We can easily show that
is an ideal of . Suppose that . Since ,
. In this case must be a constant. Since ,
; consequently, . However, it follows from this fact
that . But this would mean that is in . Therefore, we
can write for some and in .
Examining the constant term of this polynomial, we see that ,
which is impossible.

Euclidean Domains
We have repeatedly used the division algorithm when proving results about
either or , where is a field. We should now ask when a division
algorithm is available for an integral domain.

Let be an integral domain such that there is a function

satisfying the following conditions.

1. If and are nonzero elements in , then .

2. Let and suppose that . Then there exist elements
such that and either or .

Then is called a Euclidean domain and is called a Euclidean

valuation.
Example 18.18. Absolute value on is a Euclidean valuation.

Example 18.19. Let be a field. Then the degree of a polynomial in

is a Euclidean valuation.

Example 18.20. Recall that the Gaussian integers in Example 16.12 of

Chapter 16 are defined by

We usually measure the size of a complex number by its absolute

value,. ; however, may not be an
integer. For our valuation we will let to ensure that
we have an integer.

We claim that is a Euclidean valuation on . Let

. Then . Since
for every nonzero , .

Next, we must show that for any and in

with , there exist elements and in such that
with either or . We can view and as elements in
, the field of fractions of . Observe that
in . In the last steps we are writing the real and imaginary parts as an
integer plus a proper fraction. That is, we take the closest integer such
that the fractional part satisfies . For example, we
write

Thus, and are the “fractional parts” of

. We also know that
. Multiplying by , we have

where and . Since and are in ,

must be in . Finally, we need to show that either or
. However,
 Theorem 18.21. Every Euclidean domain is a principal ideal domain.
Proof. Let be a Euclidean domain and let be a Euclidean valuation on
. Suppose is a nontrivial ideal in and choose a nonzero element
such that is minimal for all . Since is a Euclidean
domain, there exist elements and in such that and either
or . But is in since is an ideal;
therefore, by the minimality of . It follows that and
.

Corollary 18.22. Every Euclidean domain is a unique factorization

domain.

Factorization in
One of the most important polynomial rings is . One of the first
questions that come to mind about is whether or not it is a UFD. We
will prove a more general statement here. Our first task is to obtain a more
general version of Gauss's Lemma (Theorem 17.14).

Let be a unique factorization domain and suppose that

in . Then the content of is the greatest common divisor of

. We say that is primitive if .
 Example 18.23. In the polynomial
is a primitive polynomial since the greatest common divisor of the
coefficients is ; however, the polynomial is not
primitive since the content of is .

Theorem 18.24. Gauss's Lemma. Let be a UFD and let and

be primitive polynomials in . Then is primitive.

Proof. Let and . Suppose that

is a prime dividing the coefficients of . Let be the smallest
integer such that and be the smallest integer such that . The
coefficient of in is

Since divides and , divides every term of

except for the term . However, since , either divides
or divides . But this is impossible.

Lemma 18.25. Let be a UFD, and let and be in .

Then the content of is equal to the product of the contents of
and .

Proof. Let and , where and are the

contents of and , respectively. Then and are
primitive. We can now write . Since
is primitive, the content of must be .

Lemma 18.26. Let be a UFD and its field of fractions. Suppose

that and , where and are in
 . Then , where and are in .
Furthermore, and .

Proof. Let and be nonzero elements of such that are

in . We can find such that and
, where and are primitive polynomials in
. Therefore, . Since and
are primitive polynomials, it must be the case that by
Gauss's Lemma. Thus there exists a such that
. Clearly, and .

The following corollaries are direct consequences of Lemma 18.26.

Corollary 18.27. Let be a UFD and its field of fractions. A

primitive polynomial in is irreducible in if and only if it
is irreducible in .

Corollary 18.28. Let be a UFD and its field of fractions. If is

a monic polynomial in with in , then
, where and are in . Furthermore,
and .

Theorem 18.29. If is a UFD, then is a UFD.

Proof. Let be a nonzero polynomial in . If is a constant

polynomial, then it must have a unique factorization since is a UFD.
Now suppose that is a polynomial of positive degree in . Let
be the field of fractions of , and let by a
factorization of , where each is irreducible. Choose
such that is in . There exist such that
, where is a primitive polynomial in . By
Corollary 18.27, each is irreducible in . Consequently, we can
write

Let . Since is primitive, divides

. Therefore, , where . Since is a
UFD, we can factor as , where is a unit and each of the 's
is irreducible in .

We will now show the uniqueness of this factorization. Let

be two factorizations of , where all of the factors are irreducible in

. By Corollary 18.27, each of the 's and 's is irreducible in .
The 's and the 's are units in . Since is a PID, it is a UFD;
therefore, . Now rearrange the 's so that and are
associates for . Then there exist and
in such that or . The
polynomials and are primitive; hence, and are associates
in . Thus, in , where is a unit in . Since
is a unique factorization domain, . Finally, we can reorder the 's so
that and are associates for each . This completes the uniqueness part
of the proof.

The theorem that we have just proven has several obvious but important
corollaries.
 Corollary 18.30. Let be a field. Then is a UFD.

Corollary 18.31. The ring of polynomials over the integers, , is a

UFD.

Corollary 18.32. Let be a UFD. Then is a UFD.

Remark 18.33. It is important to notice that every Euclidean domain is a

PID and every PID is a UFD. However, as demonstrated by our examples,
the converse of each of these statements fails. There are principal ideal
domains that are not Euclidean domains, and there are unique factorization
domains that are not principal ideal domains ( ).

Historical Note
Karl Friedrich Gauss, born in Brunswick, Germany on April 30, 1777, is
considered to be one of the greatest mathematicians who ever lived. Gauss
was truly a child prodigy. At the age of three he was able to detect errors in
the books of his father's business. Gauss entered college at the age of 15.
Before the age of 20, Gauss was able to construct a regular -sided
polygon with a ruler and compass. This was the first new construction of a
regular -sided polygon since the time of the ancient Greeks. Gauss
succeeded in showing that if was prime, then it was possible
to construct a regular -sided polygon.

Gauss obtained his Ph.D. in 1799 under the direction of Pfaff at the
University of Helmstedt. In his dissertation he gave the first complete proof
of the Fundamental Theorem of Algebra, which states that every
polynomial with real coefficients can be factored into linear factors over the
complex numbers. The acceptance of complex numbers was brought about
by Gauss, who was the first person to use the notation of for .

Gauss then turned his attention toward number theory; in 1801, he

published his famous book on number theory, Disquisitiones Arithmeticae.
Throughout his life Gauss was intrigued with this branch of mathematics.
He once wrote, “Mathematics is the queen of the sciences, and the theory of
numbers is the queen of mathematics.”

In 1807, Gauss was appointed director of the Observatory at the University

of Göttingen, a position he held until his death. This position required him
to study applications of mathematics to the sciences. He succeeded in
making contributions to fields such as astronomy, mechanics, optics,
geodesy, and magnetism. Along with Wilhelm Weber, he coinvented the
first practical electric telegraph some years before a better version was
invented by Samuel F. B. Morse.

Gauss was clearly the most prominent mathematician in the world in the
early nineteenth century. His status naturally made his discoveries subject to
intense scrutiny. Gauss's cold and distant personality many times led him to
ignore the work of his contemporaries, making him many enemies. He did
not enjoy teaching very much, and young mathematicians who sought him
out for encouragement were often rebuffed. Nevertheless, he had many
outstanding students, including Eisenstein, Riemann, Kummer, Dirichlet,
and Dedekind. Gauss also offered a great deal of encouragement to Sophie
Germain (1776–1831), who overcame the many obstacles facing women in
her day to become a very prominent mathematician. Gauss died at the age
of 78 in Göttingen on February 23, 1855.

OceanofPDF.com
18.3 Reading Questions
1. Integral domains are an abstraction of which two fundamental rings that
we have already studied?

2. What are the various types of integral domains defined in this section?

3. The field of fractions of a ring abstracts what idea from basic

mathematics?

4. In the previous chapter we had a theorem about irreducible polynomials

generating maximal ideals. Which theorem in this chapter generalizes this
previous result?

5. Describe an example which is a UFD, but not a PID.

OceanofPDF.com
18.4 Exercises
1. Let be in . If , show that must
be a unit. Show that the only units of are and .

2. The Gaussian integers, , are a UFD. Factor each of the following

elements in into a product of irreducibles.

a.
b.
c.
d.

3. Let be an integral domain.

a. Prove that is an abelian group under the operation of addition.

b. Show that the operation of multiplication is well-defined in the field

of fractions, .

c. Verify the associative and commutative properties for multiplication

in .

4. Prove or disprove: Any subring of a field containing is an integral

domain.

5. Prove or disprove: If is an integral domain, then every prime element

in is also irreducible in .
6. Let be a field of characteristic zero. Prove that contains a subfield
isomorphic to .

7. Let be a field.

a. Prove that the field of fractions of , denoted by , is

isomorphic to the set all rational expressions , where
is not the zero polynomial.

b. Let and be polynomials in

. Show that the set of all rational expressions
is isomorphic to the field of
fractions of . We denote the field of fractions of
by .

8. Let be prime and denote the field of fractions of by .

Prove that is an infinite field of characteristic .

9. Prove that the field of fractions of the Gaussian integers, , is

10. A field is called a prime field if it has no proper subfields. If is a

subfield of and is a prime field, then is a prime subfield of .

a. Prove that every field contains a unique prime subfield.

b. If is a field of characteristic 0, prove that the prime subfield of is

isomorphic to the field of rational numbers, .
 c. If is a field of characteristic , prove that the prime subfield of
is isomorphic to .

11. Let .

a. Prove that is an integral domain.

b. Find all of the units in .

c. Determine the field of fractions of .

d. Prove that is a Euclidean domain under the Euclidean

valuation .

12. Let be a UFD. An element is a greatest common divisor of

and in if and and is divisible by any other element
dividing both and .

a. If is a PID and and are both nonzero elements of , prove

there exists a unique greatest common divisor of and up to
associates. That is, if and are both greatest common divisors of
and , then and are associates. We write for the
greatest common divisor of and .

b. Let be a PID and and be nonzero elements of . Prove that

there exist elements and in such that .

13. Let be an integral domain. Define a relation on by if and

are associates in . Prove that is an equivalence relation on .
14. Let be a Euclidean domain with Euclidean valuation . If is a unit
in , show that .

15. Let be a Euclidean domain with Euclidean valuation . If and

are associates in , prove that .

16. Show that is not a unique factorization domain.

17. Prove or disprove: Every subdomain of a UFD is also a UFD.

18. An ideal of a commutative ring is said to be finitely generated if

there exist elements in such that every element in the ideal
can be written as for some in . Prove
that satisfies the ascending chain condition if and only if every ideal of
is finitely generated.

19. Let be an integral domain with a descending chain of ideals

. Suppose that there exists an such that
for all . A ring satisfying this condition is said to satisfy the
descending chain condition, or DCC. Rings satisfying the DCC are called
Artinian rings, after Emil Artin. Show that if satisfies the descending
chain condition, it must satisfy the ascending chain condition.

20. Let be a commutative ring with identity. We define a multiplicative

subset of to be a subset such that and if .

a. Define a relation on by if there exists an

such that . Show that is an
equivalence relation on .
b. Let denote the equivalence class of and let
be the set of all equivalence classes with respect to . Define
the operations of addition and multiplication on by

respectively. Prove that these operations are well-defined on

and that is a ring with identity under these operations. The
ring is called the ring of quotients of with respect to .

c. Show that the map defined by is a

ring homomorphism.

d. If has no zero divisors and , show that is one-to-one.

e. Prove that is a prime ideal of if and only if is a

multiplicative subset of .

f. If is a prime ideal of and , show that the ring of

quotients has a unique maximal ideal. Any ring that has a
unique maximal ideal is called a local ring.

OceanofPDF.com
18.5 References and Suggested
Readings
[1] Atiyah, M. F. and MacDonald, I. G. Introduction to Commutative
Algebra. Westview Press, Boulder, CO, 1994.

[2] Zariski, O. and Samuel, P. Commutative Algebra, vols. I and II.

Springer, New York, 1975, 1960.

OceanofPDF.com
18.6 Sage
We have already seen some integral domains and unique factorizations in
the previous two chapters. In addition to what we have already seen, Sage
has support for some of the topics from this section, but the coverage is
limited. Some functions will work for some rings and not others, while
some functions are not yet part of Sage. So we will give some examples,
but this is far from comprehensive.

Field of Fractions
Sage is frequently able to construct a field of fractions, or identify a certain
field as the field of fractions. For example, the ring of integers and the field
of rational numbers are both implemented in Sage, and the integers “know”
that the rationals is it's field of fractions.

Q = ZZ.fraction_field(); Q

Rational Field

Q == QQ

True

In other cases Sage will construct a fraction field, in the spirit of

Lemma 18.3. So it is then possible to do basic calculations in the
constructed field.

R.<x> = ZZ[]
P = R.fraction_field();P

Fraction Field of Univariate Polynomial Ring in x over Integer

Ring
 f = P((x^2+3)/(7*x+4))
g = P((4*x^2)/(3*x^2-5*x+4))
h = P((-2*x^3+4*x^2+3)/(x^2+1))
((f+g)/h).numerator()

3*x^6 + 23*x^5 + 32*x^4 + 8*x^3 + 41*x^2 - 15*x + 12

((f+g)/h).denominator()

-42*x^6 + 130*x^5 - 108*x^4 + 63*x^3 - 5*x^2 + 24*x + 48

Prime Subfields
Corollary 18.7 says every field of characteristic has a subfield isomorphic
to . For a finite field, the exact nature of this subfield is not a surprise,
but Sage will allow us to extract it easily.

F.<c> = FiniteField(3^5)
F.characteristic()

G = F.prime_subfield(); G

Finite Field of size 3

G.list()

[0, 1, 2]

More generally, the fields mentioned in the conclusions of Corollary 18.6

and Corollary 18.7 are known as the “prime subfield” of the ring containing
them. Here is an example of the characteristic zero case.
 K.<y>=QuadraticField(-7); K

Number Field in y with defining polynomial x^2 + 7

with y = 2.645751311...?*I

K.prime_subfield()

Rational Field

In a rough sense, every characteristic zero field contains a copy of the

rational numbers (the fraction field of the integers), which can explain
Sage's extensive support for rings and fields that extend the integers and the
rationals.

Integral Domains
Sage can determine if some rings are integral domains and we can test
products in them. However, notions of units, irreducibles or prime elements
are not generally supported (outside of what we have seen for polynomials
in the previous chapter). Worse, the construction below creates a ring within
a larger field and so some functions (such as .is_unit() ) pass through
and give misleading results. This is because the construction below creates
a ring known as an “order in a number field.”

K.<x> = ZZ[sqrt(-3)]; K

Order in Number Field in a with defining polynomial x^2 + 3

with a = 0.?e-18 + 1.732050807...?*I

K.is_integral_domain()

True
K.basis()

[1, a]

(1+x)*(1-x) == 2*2

True

The following is a bit misleading, since , as an element of does

not have a multiplicative inverse, though seemingly we can compute one.

four = K(4)
four.is_unit()

False

four^-1

1/4

Principal Ideals
When a ring is a principal ideal domain, such as the integers, or
polynomials over a field, Sage works well. Beyond that, support begins to
weaken.

T.<x>=ZZ[]
T.is_integral_domain()
True

J = T.ideal(5, x); J

Ideal (5, x) of Univariate Polynomial Ring in x over Integer

Ring

Q = T.quotient(J); Q

Quotient of Univariate Polynomial Ring in x over

Integer Ring by the ideal (5, x)

J.is_principal()

Traceback (most recent call last):

...
NotImplementedError

Q.is_field()

Traceback (most recent call last):

...
NotImplementedError

OceanofPDF.com
18.7 Sage Exercises
There are no Sage exercises for this section.

OceanofPDF.com
Chapter 19 Lattices and Boolean
Algebras
The axioms of a ring give structure to the operations of addition and
multiplication on a set. However, we can construct algebraic structures,
known as lattices and Boolean algebras, that generalize other types of
operations. For example, the important operations on sets are inclusion,
union, and intersection. Lattices are generalizations of order relations on
algebraic spaces, such as set inclusion in set theory and inequality in the
familiar number systems , , , and . Boolean algebras generalize the
operations of intersection and union. Lattices and Boolean algebras have
found applications in logic, circuit theory, and probability.

OceanofPDF.com
19.1 Lattices
Partially Ordered Sets
We begin the study of lattices and Boolean algebras by generalizing the idea
of inequality. Recall that a relation on a set is a subset of .A
relation on is called a partial order of if it satisfies the following
axioms.

1. The relation is reflexive: for all .

2. The relation is antisymmetric: if and , then
.
3. The relation is transitive: if and , then
.

We will usually write to mean unless some symbol is

naturally associated with a particular partial order, such as with
integers and , or with sets and . A set together with a
partial order is called a partially ordered set, or poset.

Example 19.1. The set of integers (or rationals or reals) is a poset where
has the usual meaning for two integers and in .

Example 19.2. Let be any set. We will define the power set of to
be the set of all subsets of . We denote the power set of by .
For example, let . Then is the set of all subsets of
the set :
 On any power set of a set , set inclusion, , is a partial order. We can
represent the order on schematically by a diagram such as the
one in Figure 19.3.

Figure 19.3. Partial order on

Example 19.4. Let be a group. The set of subgroups of is a poset,

where the partial order is set inclusion.

Example 19.5. There can be more than one partial order on a particular
set. We can form a partial order on by if . The relation is
certainly reflexive since for all . If and , then
; hence, the relation is also antisymmetric. The relation is
transitive, because if and , then .

Example 19.6. Let be the set of divisors

of with the partial order defined in Example 19.5. Figure 19.7 shows
the partial order on .
Figure 19.7. A partial order on the divisors of

Let be a subset of a poset . An element in is an upper bound of

if for every element . If is an upper bound of such that
for every other upper bound of , then is called a least upper
bound or supremum of . An element in is said to be a lower bound
of if for all . If is a lower bound of such that for
every other lower bound of , then is called a greatest lower bound or
infimum of .

Example 19.8. Let be contained in the set of

Example 19.6. Then has upper bounds and , with as a least
upper bound. The only lower bound is ; hence, it must be a greatest lower
bound.

As it turns out, least upper bounds and greatest lower bounds are unique if
they exist.
 Theorem 19.9. Let be a nonempty subset of a poset . If has a
least upper bound, then has a unique least upper bound. If has a
greatest lower bound, then has a unique greatest lower bound.

Proof. Let and be least upper bounds for . By the definition of the
least upper bound, for all upper bounds of . In particular,
. Similarly, . Therefore, by antisymmetry. A
similar argument show that the greatest lower bound is unique.

On many posets it is possible to define binary operations by using the

greatest lower bound and the least upper bound of two elements. A lattice is
a poset such that every pair of elements in has a least upper bound and
a greatest lower bound. The least upper bound of is called the join
of and and is denoted by . The greatest lower bound of
is called the meet of and and is denoted by .

Example 19.10. Let be a set. Then the power set of , , is a

lattice. For two sets and in , the least upper bound of and
is . Certainly is an upper bound of and , since
and . If is some other set containing both
and , then must contain ; hence, is the least upper
bound of and . Similarly, the greatest lower bound of and is
.

Example 19.11. Let be a group and suppose that is the set of

subgroups of . Then is a poset ordered by set-theoretic inclusion, .
The set of subgroups of is also a lattice. If and are subgroups of
, the greatest lower bound of and is . The set may
not be a subgroup of . We leave it as an exercise to show that the least
upper bound of and is the subgroup generated by .
In set theory we have certain duality conditions. For example, by De
Morgan's laws, any statement about sets that is true about must
also be true about . We also have a duality principle for lattices.

Axiom 19.12. Principle of Duality. Any statement that is true for all
lattices remains true when is replaced by and and are
interchanged throughout the statement.

The following theorem tells us that a lattice is an algebraic structure with

two binary operations that satisfy certain axioms.

Theorem 19.13. If is a lattice, then the binary operations and

satisfy the following properties for .

1. Commutative laws: and .

2. Associative laws: and

.
3. Idempotent laws: and .

4. Absorption laws: and .

Proof. By the Principle of Duality, we need only prove the first statement
in each part.

(1) By definition is the least upper bound of , and is the

least upper bound of ; however, .

(2) We will show that and are both least upper

bounds of . Let . Then . We
also know that
A similar argument demonstrates that . Therefore,
is an upper bound of . We now need to show that
is the least upper bound of . Let be some other
upper bound of . Then and ; hence, .
Since , it follows that . Therefore,
must be the least upper bound of . The argument that
shows is the least upper bound of is the same.
Consequently, .

(3) The join of and is the least upper bound of ; hence, .

(4) Let . Then . On the other hand, ,

and so . Therefore, .

Given any arbitrary set with operations and , satisfying the

conditions of the previous theorem, it is natural to ask whether or not this
set comes from some lattice. The following theorem says that this is always
the case.

Theorem 19.14. Let be a nonempty set with two binary operations

and satisfying the commutative, associative, idempotent, and absorption
laws. We can define a partial order on by if .
Furthermore, is a lattice with respect to if for all , we define
the least upper bound and greatest lower bound of and by and
, respectively.

Proof. We first show that is a poset under . Since ,

and is reflexive. To show that is antisymmetric, let and .
Then and . By the commutative law,
 . Finally, we must show that is transitive. Let
and . Then and . Thus,

or .

To show that is a lattice, we must prove that and are,

respectively, the least upper and greatest lower bounds of and . Since
, it follows that . Similarly,
. Therefore, is an upper bound for and . Let be any
other upper bound of both and . Then and . But
since

The proof that is the greatest lower bound of and is left as an

exercise.

OceanofPDF.com
19.2 Boolean Algebras
Let us investigate the example of the power set, , of a set more
closely. The power set is a lattice that is ordered by inclusion. By the
definition of the power set, the largest element in is itself and the
smallest element is , the empty set. For any set in , we know that
and . This suggests the following definition for
lattices. An element in a poset is a largest element if for all
. An element is a smallest element of if for all .

Let be in . Recall that the complement of is

We know that and . We can generalize this

example for lattices. A lattice with a largest element and a smallest
element is complemented if for each , there exists an such that
and .

In a lattice , the binary operations and satisfy commutative and

associative laws; however, they need not satisfy the distributive law

however, in the distributive law is satisfied since

for . We will say that a lattice is distributive if the

following distributive law holds:
for all .

Theorem 19.15. A lattice is distributive if and only if

for all .

Proof. Let us assume that is a distributive lattice.

The converse follows directly from the Duality Principle.

A Boolean algebra is a lattice with a greatest element and a smallest

element such that is both distributive and complemented. The power
set of , , is our prototype for a Boolean algebra. As it turns out, it is
also one of the most important Boolean algebras. The following theorem
allows us to characterize Boolean algebras in terms of the binary relations
and without mention of the fact that a Boolean algebra is a poset.

Theorem 19.16. A set is a Boolean algebra if and only if there exist

binary operations and on satisfying the following axioms.

1. and for .
 2. and for
.
3. and
for .
4. There exist elements and such that and
for all .
5. For every there exists an such that and
.
Proof. Let be a set satisfying (1)–(5) in the theorem. One of the
idempotent laws is satisfied since

Observe that

Consequently, the first of the two absorption laws holds, since

The other idempotent and absorption laws are proven similarly. Since
also satisfies (1)–(3), the conditions of Theorem 19.14 are met; therefore,
must be a lattice. Condition (4) tells us that is a distributive lattice.

For , ; hence, and is the smallest element in

. To show that is the largest element in , we will first show that
is equivalent to . Since for all ,
using the absorption laws we can determine that

or for all in . Finally, since we know that is complemented by

(5), must be a Boolean algebra.

Conversely, suppose that is a Boolean algebra. Let and be the

greatest and least elements in , respectively. If we define and
as least upper and greatest lower bounds of , then is a Boolean
algebra by Theorem 19.14, Theorem 19.15, and our hypothesis.

Many other identities hold in Boolean algebras. Some of these identities are
listed in the following theorem.

Theorem 19.17. Let be a Boolean algebra. Then

1. and for all .

2. If and for , then .
3. If and , then .

4. for all .
5. and .

6. and (De Morgan's Laws).

Proof. We will prove only (2). The rest of the identities are left as
exercises. For and , we have
Finite Boolean Algebras
A Boolean algebra is a finite Boolean algebra if it contains a finite number
of elements as a set. Finite Boolean algebras are particularly nice since we
can classify them up to isomorphism.

Let and be Boolean algebras. A bijective map is an

isomorphism of Boolean algebras if

for all and in .

We will show that any finite Boolean algebra is isomorphic to the Boolean
algebra obtained by taking the power set of some finite set . We will need
a few lemmas and definitions before we prove this result. Let be a finite
Boolean algebra. An element is an atom of if and
 for all with . Equivalently, is an atom of if
there is no with distinct from such that .

Lemma 19.18. Let be a finite Boolean algebra. If is a element of

with , then there is an atom in such that .

Proof. If is an atom, let . Otherwise, choose an element , not

equal to or , such that . We are guaranteed that this is possible
since is not an atom. If is an atom, then we are done. If not, choose ,
not equal to or , such that . Again, if is an atom, let
. Continuing this process, we can obtain a chain

Since is a finite Boolean algebra, this chain must be finite. That is, for
some , is an atom. Let .

Lemma 19.19. Let and be atoms in a finite Boolean algebra such

that . Then .

Proof. Since is the greatest lower bound of and , we know that

. Hence, either or . However, if
, then either or . In either case we have a
contradiction because and are both atoms; therefore, .

Lemma 19.20. Let be a Boolean algebra and . The

following statements are equivalent.

1. .
2. .
3. .
Proof. (1) (2). If , then . Therefore,

(2) (3). If , then .

(3) (1). If , then

Thus, .

Lemma 19.21. Let be a Boolean algebra and and be elements in

such that . Then there exists an atom such that and
.

Proof. By Lemma 19.20, . Hence, there exists an atom such

that . Consequently, and .

Lemma 19.22. Let and be the atoms of such that

. Then . Furthermore, if are
atoms of such that , , and , then
for some .
Proof. Let . Since for each , we know that
. If we can show that , then the lemma is true by
antisymmetry. Assume . Then there exists an atom such that
and . Since is an atom and , we can deduce that for
some . However, this is impossible since . Therefore, .

Now suppose that . If is an atom less than ,

But each term is or with occurring for only one . Hence, by

Lemma 19.19, for some .

Theorem 19.23. Let be a finite Boolean algebra. Then there exists a

set such that is isomorphic to .

Proof. We will show that is isomorphic to , where is the set of

atoms of . Let . By Lemma 19.22, we can write uniquely as
for . Consequently, we can define a
map by

Clearly, is onto.

Now let and be elements in ,

where each and each is an atom. If , then
and . Consequently, is injective.

The join of and is preserved by since

Similarly, .

We leave the proof of the following corollary as an exercise.

Corollary 19.24. The order of any finite Boolean algebra must be for
some positive integer .

OceanofPDF.com
19.3 The Algebra of Electrical Circuits
The usefulness of Boolean algebras has become increasingly apparent over
the past several decades with the development of the modern computer. The
circuit design of computer chips can be expressed in terms of Boolean
algebras. In this section we will develop the Boolean algebra of electrical
circuits and switches; however, these results can easily be generalized to the
design of integrated computer circuitry.

A switch is a device, located at some point in an electrical circuit, that

controls the flow of current through the circuit. Each switch has two
possible states: it can be open, and not allow the passage of current through
the circuit, or a it can be closed, and allow the passage of current. These
states are mutually exclusive. We require that every switch be in one state
or the other—a switch cannot be open and closed at the same time. Also, if
one switch is always in the same state as another, we will denote both by
the same letter; that is, two switches that are both labeled with the same
letter will always be open at the same time and closed at the same time.

Given two switches, we can construct two fundamental types of circuits.

Two switches and are in series if they make up a circuit of the type that
is illustrated in Figure 19.25. Current can pass between the terminals and
in a series circuit only if both of the switches and are closed. We will
denote this combination of switches by . Two switches and are in
parallel if they form a circuit of the type that appears in Figure 19.26. In the
case of a parallel circuit, current can pass between and if either one of
the switches is closed. We denote a parallel combination of circuits and
by .

Figure 19.25.
Figure 19.26.

We can build more complicated electrical circuits out of series and parallel
circuits by replacing any switch in the circuit with one of these two
fundamental types of circuits. Circuits constructed in this manner are called
series-parallel circuits.

We will consider two circuits equivalent if they act the same. That is, if we
set the switches in equivalent circuits exactly the same we will obtain the
same result. For example, in a series circuit is exactly the same as
. Notice that this is exactly the commutative law for Boolean algebras.
In fact, the set of all series-parallel circuits forms a Boolean algebra under
the operations of and . We can use diagrams to verify the different
axioms of a Boolean algebra. The distributive law,
, is illustrated in Figure 19.27. If is a
switch, then is the switch that is always open when is closed and
always closed when is open. A circuit that is always closed is in our
algebra; a circuit that is always open is . The laws for and
are shown in Figure 19.28 and Figure 19.29, respectively.

Figure 19.27.
 Figure 19.28.

Figure 19.29.

Example 19.30. Every Boolean expression represents a switching

circuit. For example, given the expression ,
we can construct the circuit in Figure 19.33.

Theorem 19.31. The set of all circuits is a Boolean algebra.

We leave as an exercise the proof of this theorem for the Boolean algebra
axioms not yet verified. We can now apply the techniques of Boolean
algebras to switching theory.

Example 19.32. Given a complex circuit, we can now apply the

techniques of Boolean algebra to reduce it to a simpler one. Consider the
circuit in Figure 19.33. Since

we can replace the more complicated circuit with a circuit containing the
single switch and achieve the same function.
Figure 19.33.

Historical Note
George Boole (1815–1864) was the first person to study lattices. In 1847,
he published The Investigation of the Laws of Thought, a book in which he
used lattices to formalize logic and the calculus of propositions. Boole
believed that mathematics was the study of form rather than of content; that
is, he was not so much concerned with what he was calculating as with how
he was calculating it. Boole's work was carried on by his friend Augustus
De Morgan (1806–1871). De Morgan observed that the principle of duality
often held in set theory, as is illustrated by De Morgan's laws for set theory.
He believed, as did Boole, that mathematics was the study of symbols and
abstract operations.

Set theory and logic were further advanced by such mathematicians as

Alfred North Whitehead (1861–1947), Bertrand Russell (1872–1970), and
David Hilbert (1862–1943). In Principia Mathematica, Whitehead and
Russell attempted to show the connection between mathematics and logic
by the deduction of the natural number system from the rules of formal
logic. If the natural numbers could be determined from logic itself, then so
could much of the rest of existing mathematics. Hilbert attempted to build
up mathematics by using symbolic logic in a way that would prove the
consistency of mathematics. His approach was dealt a mortal blow by Kurt
Gödel (1906–1978), who proved that there will always be “undecidable”
problems in any sufficiently rich axiomatic system; that is, that in any
mathematical system of any consequence, there will always be statements
that can never be proven either true or false.

As often occurs, this basic research in pure mathematics later became

indispensable in a wide variety of applications. Boolean algebras and logic
have become essential in the design of the large-scale integrated circuitry
found on today's computer chips. Sociologists have used lattices and
Boolean algebras to model social hierarchies; biologists have used them to
describe biosystems.

OceanofPDF.com
19.4 Reading Questions
1. Describe succinctly what a poset is. Do not just list the defining
properties, but give a description that another student of algebra who has
never seen a poset might understand. For example, part of your answer
might include what type of common algebraic topics a poset generalizes,
and your answer should be short on symbols.

2. How does a lattice differ from a poset? Answer this in the spirit of the
previous question.

3. How does a Boolean algebra differ from a lattice? Again, answer this in
the spirit of the previous two questions.

4. Give two (perhaps related) reasons why any discussion of finite Boolean
algebras might center on the example of the power set of a finite set.

5. Describe a major innovation of the middle twentieth century made

possible by Boolean algebra.

OceanofPDF.com
19.5 Exercises
1. Draw the lattice diagram for the power set of with the
set inclusion relation, .

2. Draw the diagram for the set of positive integers that are divisors of .
Is this poset a Boolean algebra?

3. Draw a diagram of the lattice of subgroups of .

4. Let be the set of positive integers that are divisors of . Define an

order on by if . Prove that is a Boolean algebra. Find a set
such that is isomorphic to .

5. Prove or disprove: is a poset under the relation if .

6. Draw the switching circuit for each of the following Boolean

expressions.

a.

b.

c.
d.

7. Draw a circuit that will be closed exactly when only one of three
switches , , and are closed.
8. Prove or disprove that the two circuits shown are equivalent.

9. Let be a finite set containing elements. Prove that .

Conclude that the order of any finite Boolean algebra must be for some
.

10. For each of the following circuits, write a Boolean expression. If the
circuit can be replaced by one with fewer switches, give the Boolean
expression and draw a diagram for the new circuit.

11. Prove or disprove: The set of all nonzero integers is a lattice, where
is defined by .
12. Let be a nonempty set with two binary operations and satisfying
the commutative, associative, idempotent, and absorption laws. We can
define a partial order on , as in Theorem 19.14, by if .
Prove that the greatest lower bound of and is .

13. Let be a group and be the set of subgroups of ordered by set-

theoretic inclusion. If and are subgroups of , show that the least
upper bound of and is the subgroup generated by .

14. Let be a ring and suppose that is the set of ideals of . Show that
is a poset ordered by set-theoretic inclusion, . Define the meet of two
ideals and in by and the join of and by . Prove that
the set of ideals of is a lattice under these operations.

15. Let be a Boolean algebra. Prove each of the following identities.

a. and for all .

b. If and , then .

c. for all .

d. and .

e. and (De Morgan's laws).

16. By drawing the appropriate diagrams, complete the proof of

Theorem 19.31 to show that the switching functions form a Boolean
algebra.

17. Let be a Boolean algebra. Define binary operations and on by

Prove that is a commutative ring under these operations satisfying
for all .

18. Let be a poset such that for every and in , either or

. Then is said to be a totally ordered set.

a. Is a total order on ?

b. Prove that , , , and are totally ordered sets under the usual
ordering .

19. Let and be posets. A map is order-preserving if

implies that . Let and be lattices. A map
is a lattice homomorphism if and
. Show that every lattice homomorphism is
order-preserving, but that it is not the case that every order-preserving
homomorphism is a lattice homomorphism.

20. Let be a Boolean algebra. Prove that if and only if

for .

21. Let be a Boolean algebra. Prove that if and only if

for all .

22. Let and be lattices. Define an order relation on by

if and . Show that is a lattice under
this partial order.
OceanofPDF.com
19.6 Programming Exercises
1. A Boolean or switching function on variables is a map
. A Boolean polynomial is a special type of
Boolean function: it is any type of Boolean expression formed from a finite
combination of variables together with and , using the
operations , , and . The values of the functions are defined in
Table 19.34. Write a program to evaluate Boolean polynomials.
Table 19.34. Boolean polynomials

OceanofPDF.com
19.7 References and Suggested
Readings
[1] Donnellan, T. Lattice Theory . Pergamon Press, Oxford, 1968.

[2] Halmos, P. R. “The Basic Concepts of Algebraic Logic,” American

Mathematical Monthly 53 (1956), 363–87.

[3] Hohn, F. “Some Mathematical Aspects of Switching,” American

Mathematical Monthly 62 (1955), 75–90.

[4] Hohn, F. Applied Boolean Algebra. 2nd ed. Macmillan, New York,
1966.

[5] Lidl, R. and Pilz, G. Applied Abstract Algebra. 2nd ed. Springer,
New York, 1998.

[6] Whitesitt, J. Boolean Algebra and Its Applications. Dover, Mineola,

NY, 2010.

OceanofPDF.com
19.8 Sage
Sage has support for both partially ordered sets (“posets”) and lattices, and
does an excellent job of providing visual depictions of both.

Creating Partially Ordered Sets

Example 19.6 in the text is a good example to replicate as a demonstration
of Sage commands. We first define the elements of the set .

X = (24).divisors()
X

[1, 2, 3, 4, 6, 8, 12, 24]

One approach to creating the relation is to specify every instance where one
element is comparable to the another. So we build a list of pairs, where each
pair contains comparable elements, with the lesser one first. This is the set
of relations.

R = [(a,b) for a in X for b in X if a.divides(b)]; R

[(1, 1), (1, 2), (1, 3), (1, 4), (1, 6), (1, 8), (1, 12), (1,
24),
(2, 2), (2, 4), (2, 6), (2, 8), (2, 12), (2, 24), (3, 3), (3,
6),
(3, 12), (3, 24), (4, 4), (4, 8), (4, 12), (4, 24), (6, 6),
(6, 12), (6, 24), (8, 8), (8, 24), (12, 12), (12, 24), (24,
24)]

We construct the poset by giving the the Poset constructor a list

containing the elements and the relations. We can then easily get a “plot” of
the poset. Notice the plot just shows the “cover relations” — a minimal set
of comparisons which the assumption of transitivity would expand into the
set of all the relations.

D = Poset([X, R])
D.plot()

Another approach to creating a Poset is to let the poset constructor run

over all the pairs of elements, and all we do is give the constructor a way to
test if two elements are comparable. Our comparison function should expect
two elements and then return True or False . A “lambda” function is
one way to quickly build such a function. This may be a new idea for you,
but mastering lambda functions can be a great convenience. Notice that
“lambda” is a word reserved for just this purpose (so, for example,
lambda is a bad choice for the name of an eigenvalue of a matrix).
There are other ways to make functions in Sage, but a lambda function is
quickest when the function is simple.

divisible = lambda x, y: x.divides(y)

L = Poset([X, divisible])
L == D

True

L.plot()

Sage also has a collection of stock posets. Some are one-shot constructions,
while others are members of parameterized families. Use tab-completion on
Posets. to see the full list. Here are some examples.

A one-shot construction. Perhaps what you would expect, though there

might be other, equally plausible, alternatives.
 Q = Posets.PentagonPoset()
Q.plot()

A parameterized family. This is the classic example where the elements are
subsets of a set with elements and the relation is “subset of.”

S = Posets.BooleanLattice(4)
S.plot()

And random posets. These can be useful for testing and experimenting, but
are unlikely to exhibit special cases that may be important. You might run
the following command many times and vary the second argument, which is
a rough upper bound on the probability any two elements are comparable.
Remember that the plot only shows the cover relations. The more elements
that are comparable, the more “vertically stretched” the plot will be.

T = Posets.RandomPoset(20,0.05)
T.plot()

Properties of a Poset
Once you have a poset, what can you do with it? Let's return to our first
example, D . We can of course determine if one element is less than
another, which is the fundamental structure of a poset.

D.is_lequal(4, 8)

True

D.is_lequal(4, 4)
 True

D.is_less_than(4, 8)

True

D.is_less_than(4, 4)

False

D.is_lequal(6, 8)

False

D.is_lequal(8, 6)

False

Notice that 6 and 8 are not comparable in this poset (it is a partial
order). The methods .is_gequal() and .is_greater_than()
work similarly, but returns True if the first element is greater (or equal).

D.is_gequal(8, 4)

True

D.is_greater_than(4, 8)

False

We can find the largest and smallest elements of a poset. This is a random
poset built with a 10%probability, but copied here to be repeatable.
 X = range(20)
C = [[18, 7], [9, 11], [9, 10], [11, 8], [6, 10],
[10, 2], [0, 2], [2, 1], [1, 8], [8, 12],
[8, 3], [3, 15], [15, 7], [7, 16], [7, 4],
[16, 17], [16, 13], [4, 19], [4, 14], [14, 5]]
P = Poset([X, C])
P.plot()

P.minimal_elements()

[18, 9, 6, 0]

P.maximal_elements()

[5, 19, 13, 17, 12]

Elements of a poset can be partioned into level sets. In plots of posets,

elements at the same level are plotted vertically at the same height. Each
level set is obtained by removing all of the previous level sets and then
taking the minimal elements of the result.

P.level_sets()

[[18, 9, 6, 0], [11, 10], [2], [1], [8], [3, 12],

[15], [7], [16, 4], [13, 17, 14, 19], [5]]

If we make two elements in R comparable when they had not previously

been, this is an extension of R . Consider all possible extensions of one
poset — we can make a poset from all of these, where set inclusion is the
relation. A linear extension is a maximal element in this poset of posets.
Informally, we are adding as many new relations as possible, consistent
with the original poset and so that the result is a total order. In other words,
there is an ordering of the elements that is consistent with the order in the
poset. We can build such a thing, but the output is just a list of the elements
in the linear order. A computer scientist would be inclined to call this a
“topological sort.”

linear = P.linear_extension(); linear

[18, 9, 11, 6, 10, 0, 2, 1, 8, 3, 15,

7, 4, 14, 5, 19, 16, 13, 17, 12]

We can construct subposets by giving a set of elements to induce the new

poset. Here we take roughly the “bottom half” of the random poset P by
inducing the subposet on a union of some of the level sets.

level = P.level_sets()
bottomhalf = sum([level[i] for i in range(5)], [])
B = P.subposet(bottomhalf)
B.plot()

The dual of a poset retains the same set of elements, but reverses any
comparisons.

Pdual = P.dual()
Pdual.plot()

Taking the dual of the divisibility poset from Example 19.6 would be like
changing the relation to “is a multiple of.”

Ddual = D.dual()
Ddual.plot()

Lattices
Every lattice is a poset, so all the commands above will perform equally
well for a lattice. But how do you create a lattice? Simple — first create a
poset and then feed it into the LatticePoset() constructor. But
realize that just because you give this constructor a poset, it does not mean a
lattice will always come back out. Only if the poset is already a lattice will
it get upgraded from a poset to a lattice for Sage's purposes, and you will
get a ValueError if the upgrade is not possible. Finally, notice that
some of the posets Sage constructs are already recognized as lattices, such
as the prototypical BooleanLattice .

P = Posets.AntichainPoset(8)
P.is_lattice()

False

LatticePoset(P)

Traceback (most recent call last):

...
ValueError: not a meet-semilattice: no bottom element

An integer composition of is a list of positive integers that sum to . A

composition covers a composition if can be formed from by
adding consecutive parts. For example, .
With this relation, the set of all integer compositions of a fixed integer is
a poset that is also a lattice.

CP = Posets.IntegerCompositions(5)
C = LatticePoset(CP)
C.plot()

A meet or a join is a fundamental operation in a lattice.

par = C.an_element().parent()
a = par([1, 1, 1, 2])
b = par([2, 1, 1, 1])
a, b
([1, 1, 1, 2], [2, 1, 1, 1])

C.meet(a, b)

[2, 1, 2]

c = par([1, 4])
d = par([2, 3])
c, d

([1, 4], [2, 3])

C.join(c, d)

[1, 1, 3]

Once a poset is upgraded to lattice status, then additional commands

become available, or the character of their results changes.

An example of the former is the .is_distributive() method.

C.is_distributive()

True

An example of the latter is the .top() method. What your text calls a
largest element and a smallest element of a lattice, Sage calls a top and a
bottom. For a poset, .top() and .bottom() may return an element
or may not (returning None ), but for a lattice it is guaranteed to return
exactly one element.

C.top()

[1, 1, 1, 1, 1]
 C.bottom()

[5]

Notice that the returned values are all elements of the lattice, in this case
ordered lists of integers summing to .

Complements now make sense in a lattice. The result of the

.complements() method is a dictionary that uses elements of the
lattice as the keys. We say the dictionary is “indexed” by the elements of
the lattice. The result is a list of the complements of the element. We call
this the “value” of the key-value pair. (You may know dictionaries as
“associative arrays”, but they are really just fancy functions.)

comp = C.complements()
comp[par([1, 1, 1, 2])]

[[4, 1]]

The lattice of integer compositions is a complemented lattice, as we can see

by the result that each element has a single (unique) complement, evidenced
by the lists of length in the values of the dictionary. Or we can just ask
Sage via .is_complemented() . Dictionaries have no inherent order,
so you may get different output each time you inspect the dictionary.

comp

{[1, 1, 1, 1, 1]: [[5]],

[1, 1, 1, 2]: [[4, 1]],
[1, 1, 2, 1]: [[3, 2]],
[1, 1, 3]: [[3, 1, 1]],
[1, 2, 1, 1]: [[2, 3]],
[1, 2, 2]: [[2, 2, 1]],
[1, 3, 1]: [[2, 1, 2]],
 [1, 4]: [[2, 1, 1, 1]],
[2, 1, 1, 1]: [[1, 4]],
[2, 1, 2]: [[1, 3, 1]],
[2, 2, 1]: [[1, 2, 2]],
[2, 3]: [[1, 2, 1, 1]],
[3, 1, 1]: [[1, 1, 3]],
[3, 2]: [[1, 1, 2, 1]],
[4, 1]: [[1, 1, 1, 2]],
[5]: [[1, 1, 1, 1, 1]]}

[len(e[1]) for e in comp.items()]

[1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]

C.is_complemented()

True

There are many more commands which apply to posets and lattices, so
build a few and use tab-completion liberally to explore. There is more to
discover than we can cover in just a single chapter, but you now have the
basic tools to profitably study posets and lattices in Sage.

OceanofPDF.com
19.9 Sage Exercises
1. Use R = Posets.RandomPoset(30,0.05) to construct a
random poset. Use R.plot() to get an idea of what you have built.

a. Illustrate the use of the poset methods: .is_lequal() ,

.is_less_than() , .is_gequal() , and
.is_greater_than() to determine if two specific elements
(of your choice) are related or incomparable.
b. Use .minimal_elements() and
.maximal_elements() to find the smallest and largest
elements of your poset.
c. Use LatticePoset(R) to see if the poset R is a lattice by
attempting to convert it into a lattice.
d. Find a linear extension of your poset. Confirm that any pair of
elements that are comparable in the poset will be similarly
comparable in the linear extension.

2. Construct the poset on the positive divisors of with

divisiblity as the relation, and then convert to a lattice.

a. Determine the one and zero element using .top() and

.bottom() .
b. Determine all the pairs of elements of the lattice that are
complements of each other without using the .complement()
method, but rather just use the .meet() and .join()
methods. Extra credit if you can output each pair just once.
 c. Determine if the lattice is distributive using just the .meet() and
.join() methods, and not the .is_distributive()
method.

3. Construct several specific diamond lattices with

Posets.DiamondPoset(n) by varying the value of n . Once you
feel you have enough empirical evidence, give answers, with justifications,
to the following questions for general values of , based on observations
obtained from your experiments with Sage.

a. Which elements have complements and which do not, and why?

b. Read the documentation of the .antichains() method to learn
what an antichain is. How many antichains are there?
c. Is the lattice distributive?

4. Use Posets.BooleanLattice(4) to construct an instance of the

prototypical Boolean algebra on elements (i.e., all subsets of a -set).

Then use Posets.IntegerCompositions(5) to construct the

poset whose elements are the compositions of the integer . We have
seen above that the integer composition lattice is distributive and
complemented, making it a Boolean algebra. And by Theorem 19.23 we
can conclude that these two Boolean algebras are isomorphic.

Use the .plot() method to see the similarity visually. Then use the
method .hasse_diagram() on each poset to obtain a directed graph
(which you can also plot, though the embedding into the plane may not be
as informative). Employ the graph method .is_isomorphic() to see
that the two Hasse diagrams really are the “same.”
5. (Advanced) For the previous question, construct an explicit isomorphism
between the two Boolean algebras. This would be a bijective function
(constructed with the def command) that converts compositions into
sets (or if, you choose, sets into compositions) and which respects the meet
and join operations. You can test and illustrate your function by its
interaction with specific elements evaluated in the meet and join operations,
as described in the definition of an isomorphism of Boolean algebras.

OceanofPDF.com
Chapter 20 Vector Spaces
In a physical system a quantity can often be described with a single number.
For example, we need to know only a single number to describe
temperature, mass, or volume. However, for some quantities, such as
location, we need several numbers. To give the location of a point in space,
we need , , and coordinates. Temperature distribution over a solid
object requires four numbers: three to identify each point within the object
and a fourth to describe the temperature at that point. Often -tuples of
numbers, or vectors, also have certain algebraic properties, such as addition
or scalar multiplication.

In this chapter we will examine mathematical structures called vector

spaces. As with groups and rings, it is desirable to give a simple list of
axioms that must be satisfied to make a set of vectors a structure worth
studying.

OceanofPDF.com
20.1 Definitions and Examples
A vector space over a field is an abelian group with a scalar product
or defined for all and all satisfying the following
axioms.

;
;

where and .

The elements of are called vectors; the elements of are called scalars.
It is important to notice that in most cases two vectors cannot be multiplied.
In general, it is only possible to multiply a vector with a scalar. To
differentiate between the scalar zero and the vector zero, we will write them
as 0 and , respectively.

Let us examine several examples of vector spaces. Some of them will be

quite familiar; others will seem less so.

Example 20.1. The -tuples of real numbers, denoted by , form a

vector space over . Given vectors and
in and in , we can define vector addition by

and scalar multiplication by

Example 20.2. If is a field, then is a vector space over . The
vectors in are simply polynomials, and vector addition is just
polynomial addition. If and , then scalar
multiplication is defined by .

Example 20.3. The set of all continuous real-valued functions on a

closed interval is a vector space over . If and are
continuous on , then is defined to be .
Scalar multiplication is defined by for . For
example, if and , then
.

Example 20.4. Let . Then

is a vector space over . If and , then
is again in . Also, for , is
in . We will leave it as an exercise to verify that all of the vector space
axioms hold for .

Proposition 20.5. Let be a vector space over . Then each of the

following statements is true.

1. for all .
2. for all .
3. If , then either or .

4. for all .
 5. for all and all .

Proof. To prove (1), observe that

consequently, . Since is an abelian group, .

The proof of (2) is almost identical to the proof of (1). For (3), we are done
if . Suppose that . Multiplying both sides of by ,
we have .

To show (4), observe that

and so . We will leave the proof of (5) as an exercise.

OceanofPDF.com
20.2 Subspaces
Just as groups have subgroups and rings have subrings, vector spaces also
have substructures. Let be a vector space over a field , and a subset
of . Then is a subspace of if it is closed under vector addition and
scalar multiplication; that is, if and , it will always be the
case that and are also in .

Example 20.6. Let be the subspace of defined by

. We claim that is a
subspace of . Since

is closed under scalar multiplication. To show that is closed under

vector addition, let and
be vectors in . Then

Example 20.7. Let be the subset of polynomials of with no odd-

power terms. If and have no odd-power terms, then neither will
. Also, for and .

Let be any vector space over a field and suppose that

are vectors in and are scalars in . Any vector in of
the form
is called a linear combination of the vectors . The spanning
set of vectors is the set of vectors obtained from all possible
linear combinations of . If is the spanning set of
, then we say that is spanned by .

Proposition 20.8. Let be vectors in a vector

space . Then the span of is a subspace of .

Proof. Let and be in . We can write both of these vectors as linear

combinations of the 's:

Then

is a linear combination of the 's. For ,

is in the span of .

OceanofPDF.com
20.3 Linear Independence
Let be a set of vectors in a vector space . If there
exist scalars such that not all of the 's are zero and

then is said to be linearly dependent. If the set is not linearly

dependent, then it is said to be linearly independent. More specifically, is
a linearly independent set if

implies that

for any set of scalars .

Proposition 20.9. Let be a set of linearly independent

vectors in a vector space. Suppose that

Then .

Proof. If

then
Since are linearly independent, for
.

The definition of linear dependence makes more sense if we consider the

following proposition.

Proposition 20.10. A set of vectors in a vector space

is linearly dependent if and only if one of the 's is a linear
combination of the rest.

Proof. Suppose that is a set of linearly dependent

vectors. Then there exist scalars such that

with at least one of the 's not equal to zero. Suppose that . Then

Conversely, suppose that

Then

The following proposition is a consequence of the fact that any system of

homogeneous linear equations with more unknowns than equations will
have a nontrivial solution. We leave the details of the proof for the end-of-
chapter exercises.
 Proposition 20.11. Suppose that a vector space is spanned by
vectors. If , then any set of vectors in must be linearly
dependent.

A set of vectors in a vector space is called a basis for

if is a linearly independent set that spans .

Example 20.12. The vectors , , and

form a basis for . The set certainly spans , since any
arbitrary vector in can be written as
. Also, none of the vectors can be written
as a linear combination of the other two; hence, they are linearly
independent. The vectors are not the only basis of : the set
is also a basis for .

Example 20.13. Let . The sets

and are both bases of .

From the last two examples it should be clear that a given vector space has
several bases. In fact, there are an infinite number of bases for both of these
examples. In general, there is no unique basis for a vector space. However,
every basis of consists of exactly three vectors, and every basis of
consists of exactly two vectors. This is a consequence of the next
proposition.

Proposition 20.14. Let and be

two bases for a vector space . Then .
Proof. Since is a basis, it is a linearly independent set.
By Proposition 20.11, . Similarly, is a linearly
independent set, and the last proposition implies that .
Consequently, .

If is a basis for a vector space , then we say that the

dimension of is and we write . We will leave the proof of
the following theorem as an exercise.

Theorem 20.15. Let be a vector space of dimension .

1. If is a set of linearly independent vectors for ,

then is a basis for .

2. If spans , then is a basis for .

3. If is a set of linearly independent vectors for

with , then there exist vectors such that

is a basis for .

OceanofPDF.com
20.4 Reading Questions
1. Why do the axioms of a vector space appear to only have four
conditions, rather than the ten you may have seen the first time you saw an
axiomatic definition?

2. The set is a vector space.

Carefully define the operations on this set that will make this possible.
Describe the subspace spanned by , where
.

3. Write a long paragraph, or a short essay, on the importance of linear

independence in linear algebra.

4. Write a long paragraph, or a short essay, on the importance of spanning

sets in linear algebra.

5. “Linear algebra is all about linear combinations.” Explain why you might
say this.

OceanofPDF.com
20.5 Exercises
1. If is a field, show that is a vector space over , where the
vectors in are polynomials. Vector addition is polynomial addition,
and scalar multiplication is defined by for .

2. Prove that is a vector space.

3. Let be the field generated by elements of the form

, where are in . Prove that
is a vector space of dimension over . Find a basis for
.

4. Prove that the complex numbers are a vector space of dimension over
.

5. Prove that the set of all polynomials of degree less than form a
subspace of the vector space . Find a basis for and compute the
dimension of .

6. Let be a field and denote the set of -tuples of by . Given

vectors and in and in ,
define vector addition by

and scalar multiplication by

Prove that is a vector space of dimension under these operations.

7. Which of the following sets are subspaces of ? If the set is indeed a

subspace, find a basis for the subspace and compute its dimension.

a.

b.

c.

d.

8. Show that the set of all possible solutions of the

equations

form a subspace of .

9. Let be the subset of continuous functions on such that

. Prove that is a subspace of .

10. Let be a vector space over . Prove that

for all and all .
11. Let be a vector space of dimension . Prove each of the following
statements.

a. If is a set of linearly independent vectors for ,

then is a basis for .

b. If spans , then is a basis for .

c. If is a set of linearly independent vectors for

with , then there exist vectors such that

is a basis for .

12. Prove that any set of vectors containing is linearly dependent.

13. Let be a vector space. Show that is a subspace of of

dimension zero.

14. If a vector space is spanned by vectors, show that any set of

vectors in must be linearly dependent for .

15. Linear Transformations. Let and be vector spaces over a

field , of dimensions and , respectively. If is a map
satisfying
for all and all , then is called a linear transformation
from into .

a. Prove that the kernel of , , is a

subspace of . The kernel of is sometimes called the null space of
.

b. Prove that the range or range space of ,

, is a subspace
of .

c. Show that is injective if and only if .

d. Let be a basis for the null space of . We can extend

this basis to be a basis of . Why?
Prove that is a basis for the range of .
Conclude that the range of has dimension .

e. Let . Show that a linear transformation

is injective if and only if it is surjective.

16. Let and be finite dimensional vector spaces of dimension over

a field . Suppose that is a vector space isomorphism. If
is a basis of , show that is a basis
of . Conclude that any vector space over a field of dimension is
isomorphic to .

17. Direct Sums. Let and be subspaces of a vector space . The

sum of and , denoted , is defined to be the set of all vectors of
the form , where and .

a. Prove that and are subspaces of .

 b. If and , then is said to be the direct
sum. In this case, we write . Show that every element
can be written uniquely as , where and
.

c. Let be a subspace of dimension of a vector space of

dimension . Prove that there exists a subspace of dimension
such that . Is the subspace unique?

d. If and are arbitrary subspaces of a vector space , show that

18. Dual Spaces. Let and be finite dimensional vector spaces over
a field .

a. Show that the set of all linear transformations from into ,

denoted by , is a vector space over , where we define
vector addition as follows:

where , , and .

b. Let be an -vector space. Define the dual space of to be

. Elements in the dual space of are called
linear functionals. Let be an ordered basis for . If
is any vector in , define a linear
functional by . Show that the 's form a
basis for . This basis is called the dual basis of (or
simply the dual basis if the context makes the meaning clear).
c. Consider the basis for . What is the dual basis
for ?

d. Let be a vector space of dimension over a field and let

be the dual space of . Show that each element gives rise to
an element in and that the map is an isomorphism
of with .

OceanofPDF.com
20.6 References and Suggested
Readings
[1] Beezer, R. A First Course in Linear Algebra . Available online at
linear.ups.edu . 2004–2014.

[2] Bretscher, O. Linear Algebra with Applications. 4th ed. Pearson,

Upper Saddle River, NJ, 2009.

[3] Curtis, C. W. Linear Algebra: An Introductory Approach. 4th ed.

Springer, New York, 1984.

[4] Hoffman, K. and Kunze, R. Linear Algebra. 2nd ed. Prentice-Hall,

Englewood Cliffs, NJ, 1971.

[5] Johnson, L. W., Riess, R. D., and Arnold, J. T. Introduction to

Linear Algebra. 6th ed. Pearson, Upper Saddle River, NJ, 2011.

[6] Leon, S. J. Linear Algebra with Applications. 8th ed. Pearson,

Upper Saddle River, NJ, 2010.

OceanofPDF.com
20.7 Sage
Many computations, in seemingly very different areas of mathematics, can
be translated into questions about linear combinations, or other areas of
linear algebra. So Sage has extensive and thorough support for topics such
as vector spaces.

Vector Spaces
The simplest way to create a vector space is to begin with a field and use an
exponent to indicate the number of entries in the vectors of the space.

V = QQ^4; V

Vector space of dimension 4 over Rational Field

F.<a> = FiniteField(3^4)
W = F^5; W

Vector space of dimension 5 over Finite Field in a of size 3^4

Elements can be built with the vector constructor.

v = vector(QQ, [1, 1/2, 1/3, 1/4]); v

(1, 1/2, 1/3, 1/4)

v in V

True

w = vector(F, [1, a^2, a^4, a^6, a^8]); w

 (1, a^2, a^3 + 1, a^3 + a^2 + a + 1, a^2 + a + 2)

w in W

True

Notice that vectors are printed with parentheses, which helps distinguish
them from lists (though they alos look like tuples). Vectors print
horizontally, but in Sage there is no such thing as a “row vector” or a
“column vector,” though once matrices get involved we need to address this
distinction. Finally, notice how the elements of the finite field have been
converted to an alternate representation.

Once we have vector spaces full of vectors, we can perform computations

with them. Ultimately, all the action in a vector space comes back to vector
addition and scalar multiplication, which together create linear
combinations.

u = vector(QQ, [ 1, 2, 3, 4, 5, 6])
v = vector(QQ, [-1, 2, -4, 8, -16, 32])
3*u - 2*v

(5, 2, 17, -4, 47, -46)

w = vector(F, [1, a^2, a^4, a^6, a^8])

x = vector(F, [1, a, 2*a, a, 1])
y = vector(F, [1, a^3, a^6, a^9, a^12])
a^25*w + a^43*x + a^66*y

(a^3 + a^2 + a + 2, a^2 + 2*a, 2*a^3 + a^2 + 2, 2*a^3 + a^2 +

a,
a^3 + 2*a^2 + a + 2)
Subspaces
Sage can create subspaces in a variety of ways, such as in the creation of
row or column spaces of matrices. However, the most direct way is to begin
with a set of vectors to use as a spanning set.

u = vector(QQ, [1, -1, 3])

v = vector(QQ, [2, 1, -1])
w = vector(QQ, [3, 0, 2])
S = (QQ^3).subspace([u, v, w]); S

Vector space of degree 3 and dimension 2 over Rational Field

Basis matrix:
[ 1 0 2/3]
[ 0 1 -7/3]

3*u - 6*v + (1/2)*w in S

True

vector(QQ, [4, -1, -2]) in S

False

Notice that the information printed about S includes a “basis matrix.” The
rows of this matrix are a basis for the vector space. We can get the basis, as
a list of vectors (not rows of a matrix), with the .basis() method.

S.basis()

[
(1, 0, 2/3),
(0, 1, -7/3)
]
Notice that Sage has converted the spanning set of three vectors into a basis
with two vectors. This is partially due to the fact that the original set of
three vectors is linearly dependent, but a more substantial change has
occurred.

This is a good place to discuss some of the mathematics behind what makes
Sage work. A vector space over an infinite field, like the rationals or the
reals, is an infinite set. No matter how expansive computer memory may
seem, it is still finite. How does Sage fit an infinite set into our finite
machines? The main idea is that a finite-dimensional vector space has a
finite set of generators, which we know as a basis. So Sage really only
needs the elements of a basis (two vectors in the previous example) to be
able to work with the infinitely many possibilities for elements of the
subspace.

Furthermore, for every basis associated with a vector space, Sage performs
linear combinations to convert the given basis into another “standard” basis.
This new basis has the property that as the rows of a matrix, the matrix is in
reduced row-echelon form. You can see this in the basis matrix above. The
reduced row-echelon form of a matrix is unique, so this standard basis
allows Sage to recognize when two vector spaces are equal. Here is an
example.

u = vector(QQ, [1, -1, 3])

v = vector(QQ, [2, 1, -1])
w = vector(QQ, [3, 0, 2])
u + v == w

True

S1 = (QQ^3).subspace([u, v, w])
S2 = (QQ^3).subspace([u-v, v-w, w-u])
S1 == S2
 True

As you might expect, it is easy to determine the dimension of a vector

space.

u = vector(QQ, [1, -1, 3, 4])

v = vector(QQ, [2, 1, -1, -2])
S = (QQ^4).subspace([u, v, 2*u + 3*v, -u + 2*v])
S.dimension()

Linear Independence
There are a variety of ways in Sage to determine if a set of vectors is
linearly independent or not, and to find relations of linear dependence if
they exist. The technique we will show here is a simple test to see if a set of
vectors is linearly independent or not. Simply use the vectors as a spanning
set for a subspace, and check the dimension of the subspace. The dimension
equals the number of vectors in the spanning set if and only if the spanning
set is linearly independent.

F.<a> = FiniteField(3^4)
u = vector(F, [a^i for i in range(0, 7, 1)])
v = vector(F, [a^i for i in range(0, 14, 2)])
w = vector(F, [a^i for i in range(0, 21, 3)])
S = (F^7).subspace([u, v, w])
S.dimension()

S = (F^7).subspace([u, v, a^3*u + a^11*v])

S.dimension()

2
So the first set of vectors, [u, v, w] , is linearly independent, while the
second set, [u, v, a^3*u + a^11*v] , is not.

Abstract Vector Spaces

Sage does not implement many abstract vector spaces directly, such as ,
the vector space of polynomials of degree or less. This is due in part to
the fact that a finite-dimensional vector space over a field is isomorphic
to the vector space . So Sage captures all the functionality of finite-
dimensional vector spaces, and it is left to the user to perform the
conversions according to the isomorphism (which is often trivial with the
choice of an obvious basis).

However, there are instances where rings behave naturally as vector spaces
and we can exploit this extra structure. We will see much more of this in the
chapters on fields and Galois theory. As an example, finite fields have a
single generator, and the first few powers of the generator form a basis.
Consider creating a vector space from the elements of a finite field of order
. As elements of a field we know they can be added, so we
will define this to be the addition in our vector space. For any element of
the integers mod 7, we can multiply an element of the field by the integer,
so we define this to be our scalar multiplication. Later, we will be certain
that these two definitions lead to a vector space, but take that for granted
now. So here are some operations in our new vector space.

F.<a> = FiniteField(7^6)
u = 2*a^5 + 6*a^4 + 2*a^3 + 3*a^2 + 2*a + 3
v = 4*a^5 + 4*a^4 + 4*a^3 + 6*a^2 + 5*a + 6
u + v

6*a^5 + 3*a^4 + 6*a^3 + 2*a^2 + 2

 4*u

a^5 + 3*a^4 + a^3 + 5*a^2 + a + 5

2*u + 5*v

3*a^5 + 4*a^4 + 3*a^3 + a^2 + a + 1

You might recognize that this looks very familiar to how we add
polynomials, and multiply polynomials by scalars. You would be correct.
However, notice that in this vector space construction, we are totally
ignoring the possibility of multiplying two field elements together. As a
vector space with scalars from , a basis is the first six powers of the
generator, . (Notice how counting from zero is
natural here.) You may have noticed how Sage consistently rewrites
elements of fields as linear combinations — now you have a good
explanation.

Here is what Sage knows about a finite field as a vector space. First, it
knows that the finite field is a vector space, and what the field of scalars is.
We suppress additional output with isomorphisms between the finite field
structure and the vector space structure.

V = F.vector_space(map=False); V

Vector space of dimension 6 over Finite Field of size 7

R = V.base_ring(); R

Finite Field of size 7

R == FiniteField(7)
 True

V.dimension()

So the finite field (as a vector space) is isomorphic to the vector space
. Notice this is not a ring or field isomorphism, as it does not fully
address multiplication of elements, even though that is possible in the field.

Second, elements of the field can be converted to elements of the vector

space easily.

x = V(u); x

(3, 2, 3, 2, 6, 2)

y = V(v); y

(6, 5, 6, 4, 4, 4)

Notice that Sage writes field elements with high powers of the generator
first, while the basis in use is ordered with low powers first. The
computations below illustrate the isomorphism preserving the structure
between the finite field itself and its interpretation as a vector space, .

V(u + v) == V(u) + V(v)

True

two = R(2)
V(two*u) == two*V(u)
 True

Linear Algebra
Sage has extensive support for linear algebra, well beyond what we have
described here, or what we will need for the remaining chapters. Create
vector spaces and vectors (with different fields of scalars), and then use tab-
completion on these objects to explore the large sets of available
commands.

OceanofPDF.com
20.8 Sage Exercises
1. Given two subspaces and of a vector space , their sum
can be defined as the set , in other
words, the set of all possible sums of an element from and an element
from .

Notice this is not the direct sum of your text, nor the direct_sum()
method in Sage. However, you can build this subspace in Sage as follows.
Grab the bases of and individually, as lists of vectors. Join the two
lists together by just using a plus sign between them. Now build the sum
subspace by creating a subspace of spanned by this set, by using the
.subspace() method.

In the vector space ( QQ^10 ) construct two subspaces that you expect to
(a) have dimension or or so, and (b) have an intersection that is a vector
space of dimension or so. Compare their individual dimensions with the
dimensions of the intersection of and ( ,
.intersection() in Sage) and the sum .

Repeat the experiment with the two original vector spaces having
dimension or so, and with the intersection as small as possible. Form a
general conjecture relating these four dimensions based on the results of
your two (or more)experiments.

2. We can construct a field in Sage that extends the rationals by adding in a

fourth root of two, , with the command
F.<c> = QQ[2^(1/4)] . This is a vector space of dimension over
the rationals, with a basis that is the first four powers of (starting
with the zero power).
The command F.vector_space() will return three items in a triple
(so be careful how you handle this output to extract what you need). The
first part of the output is a vector space over the rationals that is isomorphic
to F . The next is a vector space isomorphism (invertible linear
transformation) from the provided vector space to the field, while the third
is an isomorphism in the opposite direction. These two isomorphisms can
then be used like functions. Notice that this is different behavior than for
.vector_space() applied to finite fields. Create non-trivial
examples that show that these vector space isomorphisms behave as an
isomorphism should. (You will have at least four such examples in a
complete solution.)

3. Build a finite field of order in the usual way. Then construct the
(multiplicative) group of all invertible (nonsingular) matrices over
this field with the command G = GL(m, F) (“the general linear
group”). What is the order of this group? In other words, find a general
expression for the order of this group.

Your answer should be a function of , and . Provide a complete

explanation of the logic behind your solution (i.e. something resembling a
proof). Also provide tests in Sage that your answer is correct.

Hints: G.order() will help you test and verify your hypotheses. Small
examples in Sage (listing all the elements of the group) might aid your
intuition—which is why this is a Sage exercise. Small means and
matrices and finite fields with elements, at most. Results
do not really depend on each of and , but rather just on .

Realize this group is interesting because it contains representations of all

the invertible (i.e. 1-1 and onto) linear transformations from the (finite)
vector space to itself.
4. What happens if we try to do linear algebra over a ring that is not also a
field? The object that resembles a vector space, but with this one
distinction, is known as a module. You can build one easily with a
construction like ZZ^3 . Evaluate the following to create a module and a
submodule.

M = ZZ^3
u = M([1, 0, 0])
v = M([2, 2, 0])
w = M([0, 0, 4])
N = M.submodule([u, v, w])

Examine the bases and dimensions (aka “rank”) of the module and
submodule, and check the equality of the module and submodule. How is
this different than the situation for vector spaces? Can you create a third
module, P , that is a proper subset of M and properly contains N ?

5. A finite field, , of order is a vector space of dimension 3 over .

Suppose is a generator of . Let be any matrix with entries
from (carefule here, the elements are from th field of scalars, not from
the vector space). If we convert an element to a vector (relative to
the basis ), then we can multiply it by (with on the left) to
create another vector, which we can translate to a linear combination of the
basis elements, and hence another element of . This function is a vector
space homomorphism, better known as a linear transformation
(implemented with a matrix representation relative to the basis .
Notice that each part below becomes less general and more specific.

a. Create a non-invertible matrix and give examples to show that the

mapping described by is a vector space homomorphism of into
.
b. Create an invertible matrix . The mapping will now be an
invertible homomorphism. Determine the inverse function and give
examples to verify its properties.
c. Since is a generator of the field, the mapping can be
extended to a vector space homomorphism (i.e. a linear
transformation). Find a matrix which effects this linear
transformation, and from this, determine that the homomorphism is
invertible.
d. None of the previous three parts applies to properties of
multiplication in the field. However, the mapping from the third part
also preserves multiplication in the field, though a proof of this may
not be obvious right now. So we are saying this mapping is a field
automorphism, preserving both addition and multiplication. Give a
nontrivial example of the multiplication-preserving properties of this
mapping. (This is the Frobenius map which will be discussed further
in Chapter 21.)

OceanofPDF.com
Chapter 21 Fields
It is natural to ask whether or not some field is contained in a larger field.
We think of the rational numbers, which reside inside the real numbers,
while in turn, the real numbers live inside the complex numbers. We can
also study the fields between and and inquire as to the nature of these
fields.

More specifically if we are given a field and a polynomial ,

we can ask whether or not we can find a field containing such that
factors into linear factors over . For example, if we consider the
polynomial

in , then factors as . However, both of these

factors are irreducible in . If we wish to find a zero of , we must
go to a larger field. Certainly the field of real numbers will work, since

It is possible to find a smaller field in which has a zero, namely

We wish to be able to compute and study such fields for arbitrary

polynomials over a field .

OceanofPDF.com
21.1 Extension Fields
A field is an extension field of a field if is a subfield of . The field is
called the base field. We write .

Example 21.1. For example, let

and let be the smallest field containing both and

. Both and are extension fields of the rational numbers. We claim
that is an extension field of . To see this, we need only show that is in .
Since is in , must also be in . Taking
linear combinations of and , we find that and must
both be in .

Example 21.2. Let . Since neither 0 nor 1 is a root

of this polynomial, we know that is irreducible over . We will construct a
field extension of containing an element such that . By
Theorem 17.22, the ideal generated by is maximal; hence,
is a field. Let be an arbitrary element of
. By the division algorithm,

where the degree of is less than the degree of . Therefore,

The only possibilities for are then , , , and . Consequently,

is a field with four elements and must be a field
extension of , containing a zero of . The field consists of elements
 Notice that ; hence, if we compute ,

Other calculations are accomplished in a similar manner. We summarize these

computations in the following tables, which tell us how to add and multiply elements
in .

Figure 21.3. Addition Table for

Figure 21.4. Multiplication Table for

The following theorem, due to Kronecker, is so important and so basic to our

understanding of fields that it is often known as the Fundamental Theorem of Field
Theory.
 Theorem 21.5. Let be a field and let be a nonconstant polynomial in
. Then there exists an extension field of and an element such that
.

Proof. To prove this theorem, we will employ the method that we used to construct
Example 21.2. Clearly, we can assume that is an irreducible polynomial. We
wish to find an extension field of containing an element such that .
The ideal generated by is a maximal ideal in by Theorem 17.22;
hence, is a field. We claim that is the desired field.

We first show that is a field extension of . We can define a homomorphism of

commutative rings by the map , where
for . It is easy to check that is indeed a ring homomorphism. Observe that

and

To prove that is one-to-one, assume that

Then is a multiple of , since it lives in the ideal . Since is a

nonconstant polynomial, the only possibility is that . Consequently,
and is injective. Since is one-to-one, we can identify with the subfield
of and view as an extension field of .

It remains for us to prove that has a zero . Set . Then

is in . If , then
Therefore, we have found an element such that is a zero
of .

Example 21.6. Let . Then has irreducible

factors and . For a field extension of such that
has a root in , we can let be either or
. We will leave it as an exercise to show that
is a field with elements.

Algebraic Elements
An element in an extension field over is algebraic over if for
some nonzero polynomial . An element in that is not algebraic over
is transcendental over . An extension field of a field is an algebraic extension
of if every element in is algebraic over . If is a field extension of and
are contained in , we denote the smallest field containing and
by . If for some , then is a simple
extension of .

Example 21.7. Both and are algebraic over since they are zeros of the
polynomials and , respectively. Clearly and are algebraic over
the real numbers; however, it is a nontrivial fact that they are transcendental over .
Numbers in that are algebraic over are in fact quite rare. Almost all real
numbers are transcendental over .17(In many cases we do not know whether or not
a particular number is transcendental; for example, it is still not known whether
is transcendental or algebraic.)

A complex number that is algebraic over is an algebraic number. A

transcendental number is an element of that is transcendental over .

Example 21.8. We will show that is algebraic over . If

, then . Hence, and .
 Since , it must be true that is a zero of the polynomial
.

It is very easy to give an example of an extension field over a field , where

contains an element transcendental over . The following theorem characterizes
transcendental extensions.

Theorem 21.9. Let be an extension field of and . Then is

transcendental over if and only if is isomorphic to , the field of
fractions of .

Proof. Let be the evaluation homomorphism for . Then is

transcendental over if and only if for all nonconstant
polynomials . This is true if and only if ; that is, it is true
exactly when is one-to-one. Hence, must contain a copy of . The smallest
field containing is the field of fractions . By Theorem 18.4, must
contain a copy of this field.

We have a more interesting situation in the case of algebraic extensions.

Theorem 21.10. Let be an extension field of a field and with

algebraic over . Then there is a unique irreducible monic polynomial
of smallest degree such that . If is another polynomial in such
that , then divides .

Proof. Let be the evaluation homomorphism. The kernel of is a

principal ideal generated by some with . We know that
such a polynomial exists, since is a principal ideal domain and is algebraic.
The ideal consists exactly of those elements of having as a zero. If
and is not the zero polynomial, then and
divides . So is a polynomial of minimal degree having as a zero. Any
other polynomial of the same degree having as a zero must have the form
for some .
Suppose now that is a factorization of into polynomials of
lower degree. Since , ; consequently, either or
, which contradicts the fact that is of minimal degree. Therefore,
must be irreducible.

Let be an extension field of and be algebraic over . The unique monic

polynomial of the last theorem is called the minimal polynomial for over .
The degree of is the degree of over .

Example 21.11. Let and . These

polynomials are the minimal polynomials of and , respectively.

Proposition 21.12. Let be a field extension of and be algebraic over

. Then , where is the minimal polynomial of over
.

Proof. Let be the evaluation homomorphism. The kernel of this

map is , where is the minimal polynomial of . By the First
Isomorphism Theorem for rings, the image of in is isomorphic to since it
contains both and .

Theorem 21.13. Let be a simple extension of , where is

algebraic over . Suppose that the degree of over is . Then every element
can be expressed uniquely in the form

for .

Proof. Since , every element in must be of the form

, where is a polynomial in with coefficients in . Let
be the minimal polynomial of . Then ; hence,

Similarly,

Continuing in this manner, we can express every monomial , , as a linear

combination of powers of that are less than . Hence, any can be
written as

To show uniqueness, suppose that

for and in . Then

is in and . Since the degree of is less than the degree of ,

the irreducible polynomial of , must be the zero polynomial. Consequently,

or for . Therefore, we have shown uniqueness.

Example 21.14. Since is irreducible over , is a maximal ideal

in . So is a field extension of that contains a root of
. Let . We can identify with the complex numbers. By
 Proposition 21.12, is isomorphic to . We know
that in , since

Hence, we have an isomorphism of with defined by the map that takes

to .

Let be a field extension of a field . If we regard as a vector space over , then

we can bring the machinery of linear algebra to bear on the problems that we will
encounter in our study of fields. The elements in the field are vectors; the elements
in the field are scalars. We can think of addition in as adding vectors. When we
multiply an element in by an element of , we are multiplying a vector by a scalar.
This view of field extensions is especially fruitful if a field extension of is a
finite dimensional vector space over , and Theorem 21.13 states that is
finite dimensional vector space over with basis .

If an extension field of a field is a finite dimensional vector space over of

dimension , then we say that is a finite extension of degree over . We write

to indicate the dimension of over .

Theorem 21.15. Every finite extension field of a field is an algebraic

extension.

Proof. Let . Since , the elements

cannot be linearly independent. Hence, there exist , not all zero, such that
Therefore,

is a nonzero polynomial with .

Remark 21.16. Theorem 21.15 says that every finite extension of a field is an
algebraic extension. The converse is false, however. We will leave it as an exercise
to show that the set of all elements in that are algebraic over forms an infinite
field extension of .

The next theorem is a counting theorem, similar to Lagrange's Theorem in group

theory. Theorem 21.17 will prove to be an extremely useful tool in our investigation
of finite field extensions.

Theorem 21.17. If is a finite extension of and is a finite extension of ,

then is a finite extension of and

Proof. Let be a basis for as a vector space over and

be a basis for as a vector space over . We claim that is a
basis for over . We will first show that these vectors span . Let . Then
and , where and . Then

So the vectors must span over .

We must show that are linearly independent. Recall that a set of vectors
in a vector space are linearly independent if
implies that

Let

for . We need to prove that all of the 's are zero. We can rewrite as

where . Since the 's are linearly independent over , it must be the
case that

for all . However, the are also linearly independent over . Therefore,
for all and , which completes the proof.

The following corollary is easily proved using mathematical induction.

Corollary 21.18. If is a field for and is a finite extension of

, then is a finite extension of and

Corollary 21.19. Let be an extension field of . If is algebraic over

with minimal polynomial and with minimal polynomial , then
divides .
Proof. We know that and . Since
,

Example 21.20. Let us determine an extension field of containing . It

is easy to determine that the minimal polynomial of is .
It follows that

We know that is a basis for over . Hence, cannot be

in . It follows that cannot be in either. Therefore, is
a basis for over and
is a basis for over
. This example shows that it is possible that some extension is
actually a simple extension of even though .

Example 21.21. Let us compute a basis for , where is the

positive square root of and is the real cube root of . We know that
, so

It is easy to determine that is a basis for over . We

also know that is a basis for over . Hence, a basis for
over is

Notice that is a zero of . We can show that this polynomial is

irreducible over using Eisenstein's Criterion, where we let . Consequently,
 But it must be the case that , since the degree of both of
these extensions is .

Theorem 21.22. Let be a field extension of . Then the following statements

are equivalent.

1. is a finite extension of .
2. There exists a finite number of algebraic elements such that
.
3. There exists a sequence of fields

where each field is algebraic over .

Proof. (1) (2). Let be a finite algebraic extension of . Then is a finite

dimensional vector space over and there exists a basis consisting of elements
in such that . Each is algebraic over by
Theorem 21.15.

(2) (3). Suppose that , where every is algebraic over .

Then

where each field is algebraic over .

(3) (1). Let

where each field is algebraic over . Since

is simple extension and is algebraic over , it follows that

is finite for each . Therefore, is finite.

Algebraic Closure
Given a field , the question arises as to whether or not we can find a field such
that every polynomial has a root in . This leads us to the following theorem.

Theorem 21.23. Let be an extension field of . The set of elements in that

are algebraic over form a field.

Proof. Let be algebraic over . Then is a finite extension of .

Since every element of is algebraic over , , , and ( )
are all algebraic over . Consequently, the set of elements in that are algebraic
over form a field.

Corollary 21.24. The set of all algebraic numbers forms a field; that is, the set of
all complex numbers that are algebraic over makes up a field.

Let be a field extension of a field . We define the algebraic closure of a field

in to be the field consisting of all elements in that are algebraic over . A field
is algebraically closed if every nonconstant polynomial in has a root in .

Theorem 21.25. A field is algebraically closed if and only if every nonconstant

polynomial in factors into linear factors over .

Proof. Let be an algebraically closed field. If is a nonconstant

polynomial, then has a zero in , say . Therefore, must be a factor of
and so , where . Continue
this process with to find a factorization
where . The process must eventually stop since the
degree of is finite.

Conversely, suppose that every nonconstant polynomial in factors into

linear factors. Let be such a factor. Then . Consequently, is
algebraically closed.

Corollary 21.26. An algebraically closed field has no proper algebraic

extension .

Proof. Let be an algebraic extension of ; then . For , the minimal

polynomial of is . Therefore, and .

Theorem 21.27. Every field has a unique algebraic closure.

It is a nontrivial fact that every field has a unique algebraic closure. The proof is not
extremely difficult, but requires some rather sophisticated set theory. We refer the
reader to [3], [4], or [8] for a proof of this result.

We now state the Fundamental Theorem of Algebra, first proven by Gauss at the age
of 22 in his doctoral thesis. This theorem states that every polynomial with
coefficients in the complex numbers has a root in the complex numbers. The proof of
this theorem will be given in Chapter 23.

Theorem 21.28. Fundamental Theorem of Algebra. The field of complex

numbers is algebraically closed.

OceanofPDF.com
21.2 Splitting Fields
Let be a field and be a nonconstant polynomial in . We already know
that we can find a field extension of that contains a root of . However, we
would like to know whether an extension of containing all of the roots of
exists. In other words, can we find a field extension of such that
factors into a product of linear polynomials? What is the “smallest” extension
containing all the roots of ?

Let be a field and be a nonconstant

polynomial in . An extension field of is a splitting field of if there
exist elements in such that and

A polynomial splits in if it is the product of linear factors in

.

Example 21.29. Let be in . Then has

irreducible factors and . Therefore, the field is a
splitting field for .

Example 21.30. Let be in . Then has a root in the

field . However, this field is not a splitting field for since the
complex cube roots of 3,

are not in .
 Theorem 21.31. Let be a nonconstant polynomial. Then there
exists a splitting field for .

Proof. We will use mathematical induction on the degree of . If

, then is a linear polynomial and . Assume that the
theorem is true for all polynomials of degree with and let
. We can assume that is irreducible; otherwise, by our
induction hypothesis, we are done. By Theorem 21.5, there exists a field such
that has a zero in . Hence, , where
. Since , there exists a splitting field of
that contains the zeros of by our induction hypothesis.
Consequently,

is a splitting field of .

The question of uniqueness now arises for splitting fields. This question is
answered in the affirmative. Given two splitting fields and of a polynomial
, there exists a field isomorphism that preserves . In
order to prove this result, we must first prove a lemma.

Lemma 21.32. Let be an isomorphism of fields. Let be an

extension field of and be algebraic over with minimal polynomial
. Suppose that is an extension field of such that is root of the
polynomial in obtained from under the image of . Then extends to
a unique isomorphism such that and agrees
with on .

Proof. If has degree , then by Theorem 21.13 we can write any element in
as a linear combination of . Therefore, the isomorphism
that we are seeking must be
where

is an element in . The fact that is an isomorphism could be checked by

direct computation; however, it is easier to observe that is a composition of maps
that we already know to be isomorphisms.

We can extend to be an isomorphism from to , which we will also

denote by , by letting

This extension agrees with the original isomorphism , since constant

polynomials get mapped to constant polynomials. By assumption,
; hence, maps onto . Consequently, we have an
isomorphism . By Proposition 21.12, we have
isomorphisms and ,
defined by evaluation at and , respectively. Therefore, is the
required isomorphism (see Figure 21.33).

Figure 21.33.

We leave the proof of uniqueness as a exercise.

 Theorem 21.34. Let be an isomorphism of fields and let be
a nonconstant polynomial in and the corresponding polynomial in
under the isomorphism. If is a splitting field of and is a splitting
field of , then extends to an isomorphism .

Proof. We will use mathematical induction on the degree of . We can assume

that is irreducible over . Therefore, is also irreducible over . If
, then by the definition of a splitting field, and and
there is nothing to prove.

Assume that the theorem holds for all polynomials of degree less than . Since
is a splitting field of , all of the roots of are in . Choose one of these
roots, say , such that . Similarly, we can find a root of
in such that . By Lemma 21.32, there exists an isomorphism
such that and agrees with on (see
Figure 21.35).

Figure 21.35.

Now write and , where the degrees

of and are less than the degrees of and , respectively. The
field extension is a splitting field for over , and is a splitting field
for over . By our induction hypothesis there exists an isomorphism
 such that agrees with on . Hence, there exists an
isomorphism such that agrees with on .

Corollary 21.36. Let be a polynomial in . Then there exists a

splitting field of that is unique up to isomorphism.

OceanofPDF.com
21.3 Geometric Constructions
In ancient Greece, three classic problems were posed. These problems are
geometric in nature and involve straightedge-and-compass constructions
from what is now high school geometry; that is, we are allowed to use only
a straightedge and compass to solve them. The problems can be stated as
follows.

1. Given an arbitrary angle, can one trisect the angle into three equal
subangles using only a straightedge and compass?
2. Given an arbitrary circle, can one construct a square with the same
area using only a straightedge and compass?
3. Given a cube, can one construct the edge of another cube having twice
the volume of the original? Again, we are only allowed to use a
straightedge and compass to do the construction.

After puzzling mathematicians for over two thousand years, each of these
constructions was finally shown to be impossible. We will use the theory of
fields to provide a proof that the solutions do not exist. It is quite
remarkable that the long-sought solution to each of these three geometric
problems came from abstract algebra.

First, let us determine more specifically what we mean by a straightedge

and compass, and also examine the nature of these problems in a bit more
depth. To begin with, a straightedge is not a ruler. We cannot measure
arbitrary lengths with a straightedge. It is merely a tool for drawing a line
through two points. The statement that the trisection of an arbitrary angle is
impossible means that there is at least one angle that is impossible to trisect
with a straightedge-and-compass construction. Certainly it is possible to
trisect an angle in special cases. We can construct a angle; hence, it is
possible to trisect a angle. However, we will show that it is impossible
to construct a angle. Therefore, we cannot trisect a angle.

Constructible Numbers
A real number is constructible if we can construct a line segment of
length in a finite number of steps from a segment of unit length by
using a straightedge and compass.

Theorem 21.37. The set of all constructible real numbers forms a

subfield of the field of real numbers.

Proof. Let and be constructible numbers. We must show that ,

, , and ( ) are also constructible numbers. We can
assume that both and are positive with . It is quite obvious how
to construct and . To find a line segment with length , we
assume that and construct the triangle in Figure 21.38 such that
triangles and are similar. Since , the line
segment has length . A similar construction can be made if . We
will leave it as an exercise to show that the same triangle can be used to
construct for .
Figure 21.38. Construction of products

Lemma 21.39. If is a constructible number, then is a

constructible number.

Proof. In Figure 21.40 the triangles , , and are

similar; hence, , or .

Figure 21.40. Construction of roots

By Theorem 21.37, we can locate in the plane any point that
has rational coordinates and . We need to know what other points can be
constructed with a compass and straightedge from points with rational
coordinates.

Lemma 21.41. Let be a subfield of .

1. If a line contains two points in , then it has the equation

, where , , and are in .
2. If a circle has a center at a point with coordinates in and a radius
that is also in , then it has the equation
, where , , and are in .

Proof. Let and be points on a line whose coordinates

are in . If , then the equation of the line through the two points is
, which has the form . If , then the
equation of the line through the two points is given by

which can also be put into the proper form.

To prove the second part of the lemma, suppose that is the center
of a circle of radius . Then the circle has the equation

This equation can easily be put into the appropriate form.

Starting with a field of constructible numbers , we have three possible

ways of constructing additional points in with a compass and
straightedge.

1. To find possible new points in , we can take the intersection of two

lines, each of which passes through two known points with
coordinates in .
2. The intersection of a line that passes through two points that have
coordinates in and a circle whose center has coordinates in with
radius of a length in will give new points in .
3. We can obtain new points in by intersecting two circles whose
centers have coordinates in and whose radii are of lengths in .

The first case gives no new points in , since the solution of two equations
of the form having coefficients in will always be in
. The third case can be reduced to the second case. Let

be the equations of two circles, where , , and are in for .

These circles have the same intersection as the circle

and the line

The last equation is that of the chord passing through the intersection points
of the two circles. Hence, the intersection of two circles can be reduced to
the case of an intersection of a line with a circle.
Considering the case of the intersection of a line and a circle, we must
determine the nature of the solutions of the equations

If we eliminate from these equations, we obtain an equation of the form

, where , , and are in . The coordinate of
the intersection points is given by

and is in , where . We have proven the

following lemma.

Lemma 21.42. Let be a field of constructible numbers. Then the

points determined by the intersections of lines and circles in lie in the
field for some in .

Theorem 21.43. A real number is a constructible number if and only

if there exists a sequence of fields

such that with and . In particular,

there exists an integer such that .

Proof. The existence of the 's and the 's is a direct consequence of
Lemma 21.42 and of the fact that
 Corollary 21.44. The field of all constructible numbers is an algebraic
extension of .

As we can see by the field of constructible numbers, not every algebraic

extension of a field is a finite extension.

Doubling the Cube and Squaring the Circle

We are now ready to investigate the classical problems of doubling the cube
and squaring the circle. We can use the field of constructible numbers to
show exactly when a particular geometric construction can be
accomplished.

Doubling the cube is impossible. Given the edge of the cube, it is

impossible to construct with a straightedge and compass the edge of the
cube that has twice the volume of the original cube. Let the original cube
have an edge of length and, therefore, a volume of . If we could
construct a cube having a volume of , then this new cube would have an
edge of length . However, is a zero of the irreducible polynomial
over ; hence,

This is impossible, since is not a power of .

Squaring the circle. Suppose that we have a circle of radius . The area
of the circle is ; therefore, we must be able to construct a square with side
 . This is impossible since and consequently are both
transcendental. Therefore, using a straightedge and compass, it is not
possible to construct a square with the same area as the circle.

Trisecting an Angle
Trisecting an arbitrary angle is impossible. We will show that it is
impossible to construct a angle. Consequently, a angle cannot be
trisected. We first need to calculate the triple-angle formula for the cosine:

The angle can be constructed if and only if is constructible.

Let . Then . By the triple-angle formula
for the cosine,

Therefore, is a zero of . This polynomial has no factors in

, and hence is irreducible over . Thus, .
Consequently, cannot be a constructible number.

Historical Note
Algebraic number theory uses the tools of algebra to solve problems in
number theory. Modern algebraic number theory began with Pierre de
Fermat (1601–1665). Certainly we can find many positive integers that
satisfy the equation ; Fermat conjectured that the equation
has no positive integer solutions for . He stated in
the margin of his copy of the Latin translation of Diophantus' Arithmetica
that he had found a marvelous proof of this theorem, but that the margin of
the book was too narrow to contain it. Building on work of other
mathematicians, it was Andrew Wiles who finally succeeded in proving
Fermat's Last Theorem in the 1990s. Wiles's achievement was reported on
the front page of the New York Times.

Attempts to prove Fermat's Last Theorem have led to important

contributions to algebraic number theory by such notable mathematicians as
Leonhard Euler (1707–1783). Significant advances in the understanding of
Fermat's Last Theorem were made by Ernst Kummer (1810–1893).
Kummer's student, Leopold Kronecker (1823–1891), became one of the
leading algebraists of the nineteenth century. Kronecker's theory of ideals
and his study of algebraic number theory added much to the understanding
of fields.

David Hilbert (1862–1943) and Hermann Minkowski (1864–1909) were

among the mathematicians who led the way in this subject at the beginning
of the twentieth century. Hilbert and Minkowski were both mathematicians
at Göttingen University in Germany. Göttingen was truly one the most
important centers of mathematical research during the last two centuries.
The large number of exceptional mathematicians who studied there
included Gauss, Dirichlet, Riemann, Dedekind, Noether, and Weyl.

André Weil answered questions in number theory using algebraic geometry,

a field of mathematics that studies geometry by studying commutative
rings. From about 1955 to 1970, Alexander Grothendieck dominated the
field of algebraic geometry. Pierre Deligne, a student of Grothendieck,
solved several of Weil's number-theoretic conjectures. One of the most
recent contributions to algebra and number theory is Gerd Faltings' proof of
the Mordell conjecture. This conjecture of Mordell, now known as Faltings'
theorem, essentially says that certain polynomials in have
only a finite number of integral solutions.

OceanofPDF.com
21.4 Reading Questions
1. What does it mean for an extension field of a field to be a simple
extension of ?

2. What is the definition of a minimal polynomial of an element ,

where is an extension of , and is algebraic over ?

3. Describe how linear algebra enters into this chapter. What critical result
relies on a proof that is almost entirely linear algebra?

4. What is the definition of an algebraically closed field?

5. What is a splitting field of a polynomial ?

OceanofPDF.com
21.5 Exercises
1. Show that each of the following numbers is algebraic over by finding
the minimal polynomial of the number over .

a.

b.

c.

d. for with

e.

2. Find a basis for each of the following field extensions. What is the
degree of each extension?

a. over

b. over

c. over

d. over

e. over

f. over
 g. over

h. over

i. over

3. Find the splitting field for each of the following polynomials.

a. over
b. over
c. over
d. over

4. Consider the field extension over .

a. Find a basis for the field extension over . Conclude that

.

b. Find all subfields of such that .

c. Find all subfields of such that .

5. Show that is a field with eight elements.

Construct a multiplication table for the multiplicative group of the field.

6. Show that the regular -gon is not constructible with a straightedge and
compass, but that the regular -gon is constructible.
7. Prove that the cosine of one degree ( ) is algebraic over but not
constructible.

8. Can a cube be constructed with three times the volume of a given cube?

9. Prove that is an algebraic extension of but not

a finite extension.

10. Prove or disprove: is algebraic over .

11. Let be a nonconstant polynomial of degree in . Prove that

there exists a splitting field for such that .

12. Prove or disprove: .

13. Prove that the fields and are isomorphic but not
equal.

14. Let be an algebraic extension of , and an algebraic extension of

. Prove that is algebraic over . [Caution: Do not assume that the
extensions are finite.]

15. Prove or disprove: is a field.

16. Let be a field of characteristic . Prove that either is

irreducible over or splits in .
17. Let be the algebraic closure of a field . Prove that every
polynomial in splits in .

18. If every irreducible polynomial in is linear, show that is

an algebraically closed field.

19. Prove that if and are constructible numbers such that , then
so is .

20. Show that the set of all elements in that are algebraic over form a
field extension of that is not finite.

21. Let be an algebraic extension of a field , and let be an

automorphism of leaving fixed. Let . Show that induces a
permutation of the set of all zeros of the minimal polynomial of that are
in .

22. Show that . Extend your proof to

show that , where and neither nor
is a perfect square.

23. Let be a finite extension of a field . If , show that is

a splitting field of for some polynomial .

24. Prove or disprove: Given a polynomial in , it is possible to

construct a ring such that has a root in .
25. Let be a field extension of and . Determine
.

26. Let be transcendental over . Prove that either or is

also transcendental.

27. Let be an extension field of and be transcendental over .

Prove that every element in that is not in is also transcendental
over .

28. Let be a root of an irreducible monic polynomial , with

. Prove that .

OceanofPDF.com
21.6 References and Suggested
Readings
[1] Dean, R. A. Elements of Abstract Algebra . Wiley, New York, 1966.

[2] Dudley, U. A Budget of Trisections. Springer-Verlag, New York,

1987. An interesting and entertaining account of how not to trisect
an angle.

[3] Fraleigh, J. B. A First Course in Abstract Algebra. 7th ed. Pearson,

Upper Saddle River, NJ, 2003.

[4] Kaplansky, I. Fields and Rings, 2nd ed. University of Chicago

Press, Chicago, 1972.

[5] Klein, F. Famous Problems of Elementary Geometry. Chelsea, New

York, 1955.

[6] Martin, G. Geometric Constructions. Springer, New York, 1998.

[7] H. Pollard and H. G. Diamond. Theory of Algebraic Numbers,

Dover, Mineola, NY, 2010.

[8] Walker, E. A. Introduction to Abstract Algebra. Random House,

New York, 1987. This work contains a proof showing that every
field has an algebraic closure.

OceanofPDF.com
21.7 Sage
In Sage, and other places, an extension of the rationals is called a “number
field.” They are one of Sage's most mature features.

Number Fields
There are several ways to create a number field. We are familiar with the
syntax where we adjoin an irrational number that we can write with
traditional combinations of arithmetic and roots.

M.<a> = QQ[sqrt(2)+sqrt(3)]; M

Number Field in a with defining polynomial x^4 - 10*x^2 + 1

with a = 3.146264369941973?

We can also specify the element we want to adjoin as the root of a monic
irreducible polynomial. One approach is to construct the polynomial ring
first so that the polynomial has the location of its coefficients specified
properly.

F.<y> = QQ[]
p = y^3 - 1/4*y^2 - 1/16*y + 1/4
p.is_irreducible()

True

N.<b> = NumberField(p, 'b'); N

Number Field in b with

defining polynomial y^3 - 1/4*y^2 - 1/16*y + 1/4

Rather than building the whole polynomial ring, we can simply introduce a
variable as the generator of a polynomial ring and then create polynomials
from this variable. This spares us naming the polynomial ring. Notice in the
example that both instances of z are necessary.

z = polygen(QQ, 'z')
q = z^3 - 1/4*z^2 - 1/16*z + 1/4
q.parent()

Univariate Polynomial Ring in z over Rational Field

P.<c> = NumberField(q, 'c'); P

Number Field in c with

defining polynomial z^3 - 1/4*z^2 - 1/16*z + 1/4

We can recover the polynomial used to create a number field, even if we

constructed it by giving an expression for an irrational element. In this case,
the polynomial is the minimal polynomial of the element.

M.polynomial()

x^4 - 10*x^2 + 1

N.polynomial()

y^3 - 1/4*y^2 - 1/16*y + 1/4

For any element of a number field, Sage will obligingly compute its
minimal polynomial.

element = -b^2 + 1/3*b + 4

element.parent()

Number Field in b with

defining polynomial y^3 - 1/4*y^2 - 1/16*y + 1/4
 r = element.minpoly('t'); r

t^3 - 571/48*t^2 + 108389/2304*t - 13345/216

r.parent()

Univariate Polynomial Ring in t over Rational Field

r.subs(t=element)

Substituting element back into the alleged minimal polynomial and

getting back zero is not convincing evidence that it is the minimal
polynomial, but it is heartening.

Relative and Absolute Number Fields

With Sage we can adjoin several elements at once and we can build nested
towers of number fields. Sage uses the term “absolute” to refer to a number
field viewed as an extension of the rationals themselves, and the term
“relative” to refer to a number field constructed, or viewed, as an extension
of another (nontrivial) number field.

A.<a,b> = QQ[sqrt(2), sqrt(3)]

A

Number Field in sqrt2 with defining polynomial x^2 - 2 over

its base field

B = A.base_field(); B

Number Field in sqrt3 with defining polynomial x^2 - 3

 A.is_relative()

True

B.is_relative()

False

The number field A has been constructed mathematically as what we

would write as . Notice the slight difference
in ordering of the elements we are adjoining, and notice how the number
fields use slightly fancier internal names ( sqrt2 , sqrt3 ) for the new
elements.

We can “flatten” a relative field to view it as an absolute field, which may

have been our intention from the start. Here we create a new number field
from A that makes it a pure absolute number field.

C.<c> = A.absolute_field()
C

Number Field in c with defining polynomial x^4 - 10*x^2 + 1

Once we construct an absolute number field this way, we can recover

isomorphisms to and from the absolute field. Recall that our tower was built
with generators a and b , while the flattened tower is generated by c .
The .structure() method returns a pair of functions, with the
absolute number field as the domain and codomain (in that order).

fromC, toC = C.structure()

fromC(c)
 sqrt2 - sqrt3

toC(a)

1/2*c^3 - 9/2*c

toC(b)

1/2*c^3 - 11/2*c

This tells us that the single generator of the flattened tower, c , is equal to
, and further, each of and can be expressed as
polynomial functions of c . With these connections, you might want to
compute the final two expressions in c by hand, and appreciate the work
Sage does to determine these for us. This computation is an example of the
conclusion of the upcoming Theorem 23.13.

Many number field methods have both relative and absolute versions, and
we will also find it more convenient to work in a tower or a flattened
version, thus the isomorphisms between the two can be invaluable for
translating both questions and answers.

As a vector space over , or over another number field, number fields that
are finite extensions have a dimension, called the degree. These are easy to
get from Sage, though for a relative field, we need to be more precise about
which degree we desire.

B.degree()

A.absolute_degree()
 4

A.relative_degree()

Splitting Fields
Here is a concrete example of how to use Sage to construct a splitting field
of a polynomial. Consider . We first build a number
field with a single root, and then factor the polynomial over this new, larger,
field.

x = polygen(QQ, 'x')
p = x^4 + x^2 - 1
p.parent()

Univariate Polynomial Ring in x over Rational Field

p.is_irreducible()

True

M.<a> = NumberField(p, 'a')

y = polygen(M, 'y')
p = p.subs(x = y)
p

y^4 + y^2 - 1

p.parent()

Univariate Polynomial Ring in y over Number Field in a with

defining polynomial x^4 + x^2 - 1
 p.factor()

(y - a) * (y + a) * (y^2 + a^2 + 1)

a^2 + 1 in QQ

False

So our polynomial factors partially into two linear factors and a quadratic
factor. But notice that the quadratic factor has a coefficient that is irrational,
, so the quadratic factor properly belongs in the polynomial ring
over M and not over QQ .

We build an extension containing a root of the quadratic factor, called q

here. Then, rather than using the polygen() function, we build an
entire polynomial ring R over N with the indeterminate z . The
reason for doing this is we can illustrate how we “upgrade” the polynomial
p with the syntax R(p) to go from having coefficients in M to
having coefficients in N .

q = y^2 + a^2 + 1
N.<b> = NumberField(q, 'b')
R.<z> = N[]
s = R(p)
s

z^4 + z^2 - 1

s.parent()

Univariate Polynomial Ring in z over Number Field in b with

defining polynomial y^2 + a^2 + 1 over its base field

s.factor()
 (z + b) * (z + a) * (z - a) * (z - b)

a in N, b in N

(True, True)

So we have a field, N , where our polynomial factors into linear factors

with coefficients from the field. We can get another factorization by
converting N to an absolute number field and factoring there. We need to
recreate the polynomial over N , since a substitution will carry coefficients
from the wrong ring.

P.<c> = N.absolute_field()
w = polygen(P, 'w')
p = w^4 + w^2- 1
p.factor()

(w - 7/18966*c^7 + 110/9483*c^5 + 923/9483*c^3 +

3001/6322*c) *
(w - 7/37932*c^7 + 55/9483*c^5 + 923/18966*c^3 -
3321/12644*c) *
(w + 7/37932*c^7 - 55/9483*c^5 - 923/18966*c^3 +
3321/12644*c) *
(w + 7/18966*c^7 - 110/9483*c^5 - 923/9483*c^3 -
3001/6322*c)

This is an interesting alternative, in that the roots of the polynomial are

expressions in terms of the single generator c . Since the roots involve a
seventh power of c , we might suspect (but not be certain) that the
minimal polynomial of c has degree and that P is a degree
extension of the rationals. Indeed P (or N ) is a splitting field for
. The roots are not really as bad as they appear —
lets convert them back to the relative number field.
First we want to rewrite a single factor (the first) in the form to
identify the root with the correct signs.

(w - 7/18966*c^7 + 110/9483*c^5 + 923/9483*c^3 + 3001/6322*c)

=
(w - (7/18966*c^7 - 110/9483*c^5 - 923/9483*c^3 -
3001/6322*c))

With the conversion isomorphisms, we can recognize the roots for what
they are.

fromP, toP = P.structure()

fromP(7/18966*c^7 - 110/9483*c^5 - 923/9483*c^3 - 3001/6322*c)

-b

So the rather complicated expression in c is just the negative of the root

we adjoined in the second step of constructing the tower of number fields. It
would be a good exercise to see what happens to the other three roots
(being careful to get the signs right on each root).

This is a good opportunity to illustrate Theorem 21.17.

M.degree()

N.relative_degree()

P.degree()

8
 M.degree()*N.relative_degree() == P.degree()

True

Algebraic Numbers
Corollary 21.24 says that the set of all algebraic numbers forms a field. This
field is implemented in Sage as QQbar . This allows for finding roots of
polynomials as exact quantities which display as inexact numbers.

x = polygen(QQ, 'x')
p = x^4 + x^2 - 1
r = p.roots(ring=QQbar); r

[(-0.7861513777574233?, 1), (0.7861513777574233?, 1),

(-1.272019649514069?*I, 1), (1.272019649514069?*I, 1)]

So we asked for the roots of a polynomial over the rationals, but requested
any root that may lie outside the rationals and within the field of algebraic
numbers. Since the field of algebraic numbers contains all such roots, we
get a full four roots of the fourth-degree polynomial. These roots are
computed to lie within an interval and the question mark indicates that the
preceding digits are accurate. (The integers paired with each root are the
multiplicities of that root. Use the keyword multiplicities=False
to turn them off.) Let us take a look under the hood and see how Sage
manages the field of algebraic numbers.

r1 = r[0][0]; r1

-0.7861513777574233?

r1.as_number_field_element()
 (Number Field in a with defining polynomial y^4 - y^2 - 1,
a^3 - a,
Ring morphism:
From: Number Field in a with defining polynomial y^4 - y^2
- 1
To: Algebraic Real Field
Defn: a |--> -1.272019649514069?)

Three items are associated with this initial root. First is a number field, with
generator a and a defining polynomial similar to the polynomial we are
finding the roots of, but not identical. Second is an expression in the
generator a , which is the actual root. You might evaluate this expression
with the numerical approximation of a , coming next, to verify this is a
root. Finally, there is a ring homomorphism from the number field to the
“Algebraic Real Field”, AA , the subfield of QQbar with just real
elements, which associates the generator a with the number
-1.272019649514069? . Let us verify, in two ways, that the root
given is really a root.

r1^4 + r1^2 - 1

N, rexact, homomorphism = r1.as_number_field_element()

(rexact)^4 + rexact^2 - 1

Now that we have enough theory to understand the field of algebraic

numbers, and a natural way to represent them exactly, you might consider
the operations in the field. If we take two algebraic numbers and add them
together, we get another algebraic number (Corollary 21.24). So what is the
resulting minimal polynomial? How is it computed in Sage? You could read
the source code if you wanted the answer.
Geometric Constructions
Sage can do a lot of things, but it is not yet able to lay out lines with a
straightedge and compass. However, we can very quickly determine that
trisecting a degree angle is impossible. We adjoin the cosine of a
degree angle (in radians) to the rationals, determine the degree of the
extension, and check that it is not an integer power of . In one line. Sweet.

log(QQ[cos(pi/9)].degree(), 2) in ZZ

False

OceanofPDF.com
21.8 Sage Exercises
1. Create the polynomial over . Verify that it
does not have any linear factors by evaluating with each element of
, and then check that is irreducible.

Create a finite field of order with the FiniteField() command,

but include the modulus keyword set to the polynomial to
override the default choice.

Recreate as a polynomial over this field. Check each of the

elements of the field to see if they are roots of the polynomial and list all of
the elements which are roots. Finally, request that Sage give a factorization
of over the field, and comment on the relationship between your list
of roots and your factorization.

2. This problem continues the previous one. Build the ring of polynomials
over and within this ring use to generate a principal ideal. Finally
construct the quotient of the polynomial ring by the ideal. Since the
polynomial is irreducible, this quotient ring is a field, and by
Proposition 21.12 this quotient ring is isomorphic to the number field in the
previous problem.

Borrowing from your results in the previous question, construct five roots
of the polynomial within this quotient ring, but now as expressions in
the generator of the quotient ring (which is technically a coset). Use Sage to
verify that they are indeed roots. This demonstrates using a quotient ring to
create a splitting field for an irreducible polynomial over a finite field.
3. The subsection Algebraic Elements relies on techniques from linear
algebra and contains Theorem 21.15: every finite extension is an algebraic
extension. This exercise will help you understand this proof.

The polynomial is irreducible over the rationals

(Eisenstein's criterion with prime ). Create a number field that
contains a root of . By Theorem 21.15, and the remark following,
every element of this finite field extension is an algebraic number, and
hence satisfies some polynomial over the base field (it is this polynomial
that Sage will produce with the .minpoly() method). This exercise
will show how we can use just linear algebra to determine this minimal
polynomial.

Suppose that a is the generator of the number field you just created with
. Then we will determine the minimal polynomial of t = 3a + 1
using just linear algebra. According to the proof, the first five powers of
t (start counting from zero) will be linearly dependent. (Why?) So a
nontrivial relation of linear dependence on these powers will provide the
coefficients of a polynomial with t as a root. Compute these five powers,
then construct the correct linear system to determine the coefficients of the
minimal polynomial, solve the system, and suitably interpret its solutions.

Hints: The vector() and matrix() commands will create vectors

and matrices, and the .solve_right() method for matrices can be
used to find solutions. Given an element of the number field, which will
necessarily be a polynomial in the generator a , the .vector()
method of the element will provide the coefficients of this polynomial in a
list.
4. Construct the splitting field of and find a
factorization of over this field into linear factors.

5. Form the number field, , which contains a root of the irreducible

polynomial . Name your root a . Verify
that factors, but does not split, over . With now as the base field,
form an extension of where the quadratic factor of has a root.
Name this root b , and call this second extension of the tower .

Use M.<c> = L.absolute_field() to form the flattened tower

that is the absolute number field M . Find the defining polynomial of M
with the .polynomial() method. From this polynomial, which must
have the generator c as a root, you should be able to use elementary
algebra to write the generator as a fairly simple expression.

should be the splitting field of . To see this, start over, and build
from scratch a new number field, , using the simple expression for c
that you just found. Use d as the name of the root used to construct P .
Since d is a root of the simple minimal polynomial for c , you should
be able to write an expression for d that a pre-calculus student would
recognize.

Now factor the original polynomial (with rational coefficients) over

, to see the polynomial split (as expected). Using this factorization, and
your simple expression for d write simplified expressions for the three
roots of . See if you can convert between the two versions of the roots
“by hand”, and without using the isomorphisms provided by the
.structure() method on M .

OceanofPDF.com
Chapter 22 Finite Fields
Finite fields appear in many applications of algebra, including coding
theory and cryptography. We already know one finite field, , where is
prime. In this chapter we will show that a unique finite field of order
exists for every prime , where is a positive integer. Finite fields are also
called Galois fields in honor of Évariste Galois, who was one of the first
mathematicians to investigate them.

OceanofPDF.com
22.1 Structure of a Finite Field
Recall that a field has characteristic if is the smallest positive integer such that
for every nonzero element in , we have . If no such integer exists, then
has characteristic . From Theorem 16.19 we know that must be prime. Suppose
that is a finite field with elements. Then for all in . Consequently,
the characteristic of must be , where is a prime dividing . This discussion is
summarized in the following proposition.

Proposition 22.1. If is a finite field, then the characteristic of is , where is

prime.

Throughout this chapter we will assume that is a prime number unless otherwise
stated.

Proposition 22.2. If is a finite field of characteristic , then the order of is

for some .

Proof. Let be the ring homomorphism defined by . Since

the characteristic of is , the kernel of must be and the image of must be a
subfield of isomorphic to . We will denote this subfield by . Since is a
finite field, it must be a finite extension of and, therefore, an algebraic extension of
. Suppose that is the dimension of , where is a vector space.
There must exist elements such that any element in can be
written uniquely in the form

where the 's are in . Since there are elements in , there are possible linear
combinations of the 's. Therefore, the order of must be .

Lemma 22.3. Freshman's Dream. Let be prime and be an integral

domain of characteristic . Then
 for all positive integers .

Proof. We will prove this lemma using mathematical induction on . We can use the
binomial formula (see Chapter 2, Example 2.4) to verify the case for ; that is,

If , then

must be divisible by , since cannot divide . Note that is an integral

domain of characteristic , so all but the first and last terms in the sum must be zero.
Therefore, .

Now suppose that the result holds for all , where . By the induction
hypothesis,

Therefore, the lemma is true for and the proof is complete.

Let be a field. A polynomial of degree is separable if it has

distinct roots in the splitting field of ; that is, is separable when it factors
into distinct linear factors over the splitting field of . An extension of is a
separable extension of if every element in is the root of a separable polynomial
in .

Example 22.4. The polynomial is separable over since it factors as

. In fact, is a separable extension of . Let
be any element in . If , then is a root of . If
, then is the root of the separable polynomial
Fortunately, we have an easy test to determine the separability of any polynomial. Let

be any polynomial in . Define the derivative of to be

Lemma 22.5. Let be a field and . Then is separable if and

only if and are relatively prime.

Proof. Let be separable. Then factors over some extension field of as

, where for . Taking the
derivative of , we see that

Hence, and can have no common factors.

To prove the converse, we will show that the contrapositive of the statement is true.
Suppose that , where . Differentiating, we have

Therefore, and have a common factor.

Theorem 22.6. For every prime and every positive integer , there exists a finite
field with elements. Furthermore, any field of order is isomorphic to the
splitting field of over .
Proof. Let and let be the splitting field of . Then by
Lemma 22.5, has distinct zeros in , since
is relatively prime to . We claim that the roots of form a subfield of .
Certainly 0 and 1 are zeros of . If and are zeros of , then and
are also zeros of , since and . We
also need to show that the additive inverse and the multiplicative inverse of each root
of are roots of . For any zero of , we know that is also a zero
of , since

provided is odd. If , then

If , then . Since the zeros of form a

subfield of and splits in this subfield, the subfield must be all of .

Let be any other field of order . To show that is isomorphic to , we must

show that every element in is a root of . Certainly 0 is a root of . Let
be a nonzero element of . The order of the multiplicative group of nonzero elements
of is ; hence, or . Since contains elements,
must be a splitting field of ; however, by Corollary 21.36, the splitting field of
any polynomial is unique up to isomorphism.

The unique finite field with elements is called the Galois field of order . We
will denote this field by .

Theorem 22.7. Every subfield of the Galois field has elements,

where divides . Conversely, if for , then there exists a unique
subfield of isomorphic to .

Proof. Let be a subfield of . Then must be a field extension of

that contains elements, where is isomorphic to . Then , since
 .

To prove the converse, suppose that for some . Then divides

. Consequently, divides . Therefore, must
divide , and every zero of is also a zero of . Thus,
contains, as a subfield, a splitting field of , which must be isomorphic to
.

Example 22.8. The lattice of subfields of is given in Figure 22.9.

Figure 22.9. Subfields of

With each field we have a multiplicative group of nonzero elements of which we

will denote by . The multiplicative group of any finite field is cyclic. This result
follows from the more general result that we will prove in the next theorem.

Theorem 22.10. If is a finite subgroup of , the multiplicative group of

nonzero elements of a field , then is cyclic.
Proof. Let be a finite subgroup of of order . By the Fundamental Theorem of
Finite Abelian Groups (Theorem 13.4),
where and the are (not necessarily distinct) primes. Let
be the least common multiple of . Then contains an element of
order . Since every in satisfies for some dividing , must also be
a root of . Since has at most roots in , . On the other
hand, we know that ; therefore, . Thus, contains an element of
order and must be cyclic.

Corollary 22.11. The multiplicative group of all nonzero elements of a finite field
is cyclic.

Corollary 22.12. Every finite extension of a finite field is a simple extension

of .

Proof. Let be a generator for the cyclic group of nonzero elements of . Then
.

Example 22.13. The finite field is isomorphic to the field

. Therefore, the elements of can be taken to be

Remembering that , we add and multiply elements of

exactly as we add and multiply polynomials. The multiplicative group of is
isomorphic to with generator :
OceanofPDF.com
22.2 Polynomial Codes
With knowledge of polynomial rings and finite fields, it is now possible to derive more
sophisticated codes than those of Chapter 8. First let us recall that an -block code consists
of a one-to-one encoding function and a decoding function . The
code is error-correcting if is onto. A code is a linear code if it is the null space of a matrix
.

We are interested in a class of codes known as cyclic codes. Let be a binary

-block code. Then is a cyclic code if for every codeword , the
cyclically shifted -tuple is also a codeword. Cyclic codes are
particularly easy to implement on a computer using shift registers [2, 3].

Example 22.14. Consider the -linear codes generated by the two matrices

Messages in the first code are encoded as follows:

It is easy to see that the codewords form a cyclic code. In the second code, 3-tuples are
encoded in the following manner:
 This code cannot be cyclic, since is a codeword but is not a codeword.

Polynomial Codes
We would like to find an easy method of obtaining cyclic linear codes. To accomplish this, we
can use our knowledge of finite fields and polynomial rings over . Any binary -tuple can
be interpreted as a polynomial in . Stated another way, the -tuple
corresponds to the polynomial

where the degree of is at most . For example, the polynomial corresponding to the
-tuple is

Conversely, with any polynomial with we can associate a binary

-tuple. The polynomial corresponds to the -tuple .

Let us fix a nonconstant polynomial in of degree . We can define an -

code in the following manner. If is a -tuple to be encoded, then
is the corresponding polynomial in . To encode
, we multiply by . The codewords in are all those polynomials in of degree
less than that are divisible by . Codes obtained in this manner are called polynomial
codes.

Example 22.15. If we let , we can define a -code as follows. To

encode a -tuple , we multiply the corresponding polynomial
by . We are defining a map by
. It is easy to check that this map is a group homomorphism. In fact, if
we regard as a vector space over , is a linear transformation of vector spaces (see
Exercise 20.5.15, Chapter 20). Let us compute the kernel of . Observe that
exactly when
 Since the polynomials over a field form an integral domain, must be the
zero polynomial. Therefore, and is one-to-one.

To calculate a generator matrix for , we merely need to examine the way the polynomials ,
, and are encoded:

We obtain the code corresponding to the generator matrix in Example 22.14. The parity-
check matrix for this code is

Since the smallest weight of any nonzero codeword is , this code has the ability to detect all
single errors.

Rings of polynomials have a great deal of structure; therefore, our immediate goal is to
establish a link between polynomial codes and ring theory. Recall that
. The factor ring

can be considered to be the ring of polynomials of the form

that satisfy the condition . It is an easy exercise to show that and are isomorphic
as vector spaces. We will often identify elements in with elements in . In
this manner we can interpret a linear code as a subset of .

The additional ring structure on polynomial codes is very powerful in describing cyclic codes.
A cyclic shift of an -tuple can be described by polynomial multiplication. If
is a code polynomial in , then
is the cyclically shifted word obtained from multiplying by . The following theorem
gives a beautiful classification of cyclic codes in terms of the ideals of .

Theorem 22.16. A linear code in is cyclic if and only if it is an ideal in

.

Proof. Let be a linear cyclic code and suppose that is in . Then must also be in
. Consequently, is in for all . Since is a linear code, any linear
combination of the codewords is also a codeword;
therefore, for every polynomial , is in . Hence, is an ideal.

Conversely, let be an ideal in . Suppose that

is a codeword in . Then is a codeword in ;
that is, is in .

Theorem 22.16 tells us that knowing the ideals of is equivalent to knowing the linear cyclic
codes in . Fortunately, the ideals in are easy to describe. The natural ring
homomorphism defined by is a surjective homomorphism.
The kernel of is the ideal generated by . By Theorem 16.34, every ideal in is of
the form , where is an ideal in that contains . By Theorem 17.20, we
know that every ideal in is a principal ideal, since is a field. Therefore,
for some unique monic polynomial in . Since is contained in , it must be the
case that divides . Consequently, every ideal in is of the form

The unique monic polynomial of the smallest degree that generates is called the minimal
generator polynomial of .

Example 22.17. If we factor into irreducible components, we have

We see that generates an ideal in . This code is a -block

code. As in Example 22.15, it is easy to calculate a generator matrix by examining what
does to the polynomials 1, , , and . A generator matrix for is
In general, we can determine a generator matrix for an -code by the manner in which
the elements are encoded. Let in . If
and , then the
matrix

is a generator matrix for the code with generator polynomial . The parity-check matrix
for is the matrix

We will leave the details of the proof of the following proposition as an exercise.

Proposition 22.18. Let be a cyclic code in and suppose that

. Then and are generator and parity-check matrices for ,
respectively. Furthermore, .
 Example 22.19. In Example 22.17,

Therefore, a parity-check matrix for this code is

To determine the error-detecting and error-correcting capabilities of a cyclic code, we need to

know something about determinants. If are elements in a field , then the
matrix

is called the Vandermonde matrix. The determinant of this matrix is called the Vandermonde
determinant. We will need the following lemma in our investigation of cyclic codes.

Lemma 22.20. Let be elements in a field with . Then

In particular, if the 's are distinct, then the determinant is nonzero.

Proof. We will induct on . If , then the determinant is . Let us assume the

result for and consider the polynomial defined by
Expanding this determinant by cofactors on the last column, we see that is a polynomial
of at most degree . Moreover, the roots of are , since the substitution
of any one of these elements in the last column will produce a column identical to the last
column in the matrix. Remember that the determinant of a matrix is zero if it has two identical
columns. Therefore,

where

By our induction hypothesis,

If we let , the result now follows immediately.

The following theorem gives us an estimate on the error detection and correction capabilities
for a particular generator polynomial.

Theorem 22.21. Let be a cyclic code in and suppose that is a primitive

th root of unity over . If consecutive powers of are roots of , then the minimum
distance of is at least .

Proof. Suppose that

Let be some polynomial in with or fewer nonzero coefficients. We can assume that

be some polynomial in . It will suffice to show that all of the 's must be 0. Since

and divides ,

Equivalently, we have the following system of equations:

Therefore, is a solution to the homogeneous system of linear equations

However, this system has a unique solution, since the determinant of the matrix

can be shown to be nonzero using Lemma 22.20 and the basic properties of determinants
(Exercise). Therefore, this solution must be .
BCH Codes
Some of the most important codes, discovered independently by A. Hocquenghem in 1959 and
by R. C. Bose and D. V. Ray-Chaudhuri in 1960, are BCH codes. The European and
transatlantic communication systems both use BCH codes. Information words to be encoded are
of length , and a polynomial of degree is used to generate the code. Since
, we are dealing with a -block code. This BCH code
will detect six errors and has a failure rate of in million. One advantage of BCH codes is
that efficient error correction algorithms exist for them.

The idea behind BCH codes is to choose a generator polynomial of smallest degree that has the
largest error detection and error correction capabilities. Let for some .
Suppose that is a primitive th root of unity over , and let be the minimal
polynomial over of . If

then the cyclic code in is called the BCH code of length and distance . By
Theorem 22.21, the minimum distance of is at least .

Theorem 22.22. Let be a cyclic code in . The following statements are

equivalent.

1. The code is a BCH code whose minimum distance is at least .

2. A code polynomial is in if and only if for .

3. The matrix

is a parity-check matrix for .

Proof. (1) (2). If is in , then in . Hence, for ,

since . Conversely, suppose that for . Then
is divisible by each , since is the minimal polynomial of . Therefore,
by the definition of . Consequently, is a codeword.

(2) (3). Let be in . The corresponding -tuple

in is . By (2),

exactly when is in . Thus, is a parity-check matrix for .

(3) (1). By (3), a code polynomial is in exactly

when for . The smallest such polynomial is
. Therefore, .

Example 22.23. It is easy to verify that has a factorization

where each of the factors is an irreducible polynomial. Let be a root of . The

Galois field is

By Example 22.8, is a primitive th root of unity. The minimal polynomial of is

. It is easy to see that and are also roots of . The
minimal polynomial of is . Therefore,

has roots , , , . Since both and divide , the BCH code is a

-code. If , then ; therefore, a
parity-check matrix for this code is
OceanofPDF.com
22.3 Reading Questions
1. When is a field extension separable?

2. What are the possible orders for subfields of a finite field?

3. What is the structure of the non-zero elements of a finite field?

4. Provide a characterization of finite fields using the concept of a splitting

field.

5. Why is a theorem in this chapter titled “The Freshman's Dream?”

OceanofPDF.com
22.4 Exercises
1. Calculate each of the following.

a. b.

c. d.

2. Calculate , where .

3. What is the lattice of subfields for ?

4. Let be a zero of over . Construct a finite field of

order . Show that splits in .

5. Construct a finite field of order .

6. Prove or disprove: is cyclic.

7. Factor each of the following polynomials in .

a.
b.

c.
d.

8. Prove or disprove: .
9. Determine the number of cyclic codes of length for .

10. Prove that the ideal in is the code in consisting of all

words of even parity.

11. Construct all BCH codes of

a. length .
b. length .

12. Prove or disprove: There exists a finite field that is algebraically closed.

13. Let be prime. Prove that the field of rational functions is an

infinite field of characteristic .

14. Let be an integral domain of characteristic . Prove that

for all .

15. Show that every element in a finite field can be written as the sum of
two squares.

16. Let and be subfields of a finite field . If is isomorphic to ,

show that .

17. Let be fields. If is a separable extension of , show

that is also separable extension of .
18. Let be an extension of a finite field , where has elements. Let
be algebraic over of degree . Prove that has elements.

19. Show that every finite extension of a finite field is simple; that is, if
is a finite extension of a finite field , prove that there exists an
such that .

20. Show that for every there exists an irreducible polynomial of degree
in .

21. Prove that the Frobenius map given by

is an automorphism of order .

22. Show that every element in can be written in the form for
some unique .

23. Let and be subfields of . If and ,

what is the order of ?

24. Wilson's Theorem. Let be prime. Prove that

.

25. If is the minimal generator polynomial for a cyclic code in ,

prove that the constant term of is .

26. Often it is conceivable that a burst of errors might occur during

transmission, as in the case of a power surge. Such a momentary burst of
interference might alter several consecutive bits in a codeword. Cyclic
codes permit the detection of such error bursts. Let be an -cyclic
code. Prove that any error burst up to digits can be detected.

27. Prove that the rings and are isomorphic as vector spaces.

28. Let be a code in that is generated by . If is another

code in , show that if and only if divides
in .

29. Let be a cyclic code in and suppose that

, where and
. Define to be the matrix

and to be the matrix

a. Prove that is a generator matrix for .

b. Prove that is a parity-check matrix for .

c. Show that .

OceanofPDF.com
22.5 Additional Exercises: Error
Correction for BCH Codes
BCH codes have very attractive error correction algorithms. Let be a
BCH code in , and suppose that a code polynomial
is transmitted. Let
be the polynomial in that is
received. If errors have occurred in bits , then
, where is the error
polynomial. The decoder must determine the integers and then recover
from by flipping the th bit. From we can compute
for , where is a primitive th root of unity
over . We say the syndrome of is .

1. Show that is a code polynomial if and only if for all .

2. Show that

for . The error-locator polynomial is defined to be

3. Recall the -block BCH code in Example 22.19. By Theorem 8.13,

this code is capable of correcting two errors. Suppose that these errors occur
in bits and . The error-locator polynomial is
. Show that
4. Let . Determine what the
originally transmitted code polynomial was.

OceanofPDF.com
22.6 References and Suggested
Readings
[1] Childs, L. A Concrete Introduction to Higher Algebra. 2nd ed.
Springer-Verlag, New York, 1995.

[2] Gåding, L. and Tambour, T. Algebra for Computer Science.

Springer-Verlag, New York, 1988.

[3] Lidl, R. and Pilz, G. Applied Abstract Algebra. 2nd ed. Springer,
New York, 1998. An excellent presentation of finite fields and their
applications.

[4] Mackiw, G. Applications of Abstract Algebra. Wiley, New York,

1985.

[5] Roman, S. Coding and Information Theory. Springer-Verlag, New

York, 1992.

[6] van Lint, J. H. Introduction to Coding Theory. Springer, New York,

1999.

OceanofPDF.com
22.7 Sage
You have noticed in this chapter that finite fields have a great deal of
structure. We have also seen finite fields in Sage regularly as examples of
rings and fields. Now we can combine the two, mostly using commands we
already know, plus a few new ones.

Creating Finite Fields

By Theorem 22.6 we know that all finite fields of a given order are
isomorphic and that possible orders are limited to powers of primes. We can
use the FiniteField() command, as before, or a shorter equivalent
is GF() . Optionally, we can specify an irreducible polynomial for the
contruction of the field. We can view this polynomial as the generator of the
principal ideal of a polynomial ring, or we can view it as a “re-writing” rule
for powers of the field's generator that allow us to multiply elements and
reformulate them as linear combinations of lesser powers.

Absent providing an irreducible polynomial, Sage will use a Conway

polynomial. You can determine these with the
conway_polynomial() command, or just build a finite field and
request the defining polynomial with the .polynomial() method.

F.<a> = GF(7^15); F

Finite Field in a of size 7^15

F.polynomial()

a^15 + 5*a^6 + 6*a^5 + 6*a^4 + 4*a^3 + a^2 + 2*a + 4

a^15 + 5*a^6 + 6*a^5 + 6*a^4 + 4*a^3 + a^2 + 2*a + 4

 0

conway_polynomial(7, 15)

x^15 + 5*x^6 + 6*x^5 + 6*x^4 + 4*x^3 + x^2 + 2*x + 4

Just to be more readable, we coerce a list of coefficients into the set of

polynomials (obtained with the .parent() method on a simple
polynomial) to define a polynomial.

y = polygen(Integers(7), 'y')
P = y.parent()
p = P([4, 5, 2, 6, 3, 3, 6, 2, 1, 1, 2, 5, 6, 3, 5, 1]); p

y^15 + 5*y^14 + 3*y^13 + 6*y^12 + 5*y^11 + 2*y^10 + y^9 +

y^8 + 2*y^7 + 6*y^6 + 3*y^5 + 3*y^4 + 6*y^3 + 2*y^2 + 5*y + 4

p.is_irreducible()

True

T.<b> = GF(7^15, modulus=p); T

Finite Field in b of size 7^15

Logarithms in Finite Fields

One useful command we have not described is the .log() method for
elements of a finite field. Since we now know that the multiplicative group
of nonzero elements is cyclic, we can express every element as a power of
the generator. The log method will return that power.
Usually we will want to use the generator as the base of a lograithm
computation in a finite field. However, other bases may be used, wih the
understanding that if the base is not a generator, then the logarithm may not
exist (i.e. there may not be a solution to the relevant equation).

F.<a> = GF(5^4)
a^458

3*a^3 + 2*a^2 + a + 3

(3*a^3 + 2*a^2 + a + 3).log(a)

458

exponent = (3*a^3 + 2*a^2 + a + 3).log(2*a^3 + 4*a^2 + 4*a)

exponent

211

(2*a^3 + 4*a^2 + 4*a)^exponent == 3*a^3 + 2*a^2 + a + 3

True

(3*a^3 + 2*a^2 + a + 3).log(a^2 + 4*a + 4)

Traceback (most recent call last):

...
ValueError: no discrete log of 3*a^3 + 2*a^2 + a + 3 found
to base a^2 + 4*a + 4

Since we already know many Sage commands, there is not much else worth
introducing before we can work profitably with finite fields. The exercises
explore the ways we can examine and exploit the structure of finite fields in
Sage.
OceanofPDF.com
22.8 Sage Exercises
1. Create a finite field of order and then factor over
this field. Comment on what is interesting about this result and why it is not
a surprise.

2. Corollary 22.11 says that the nonzero elements of a finite field are a
cyclic group under multiplication. The generator used in Sage is also a
generator of this multiplicative group. To see this, create a finite field of
order . Create two lists of the elements of the field: first, use the
.list() method, then use a list comprehension to generate the proper
powers of the generator you specified when you created the field.

The second list should be the whole field, but will be missing zero. Create
the zero element of the field (perhaps by coercing into the field) and
.append() it to the list of powers. Apply the sorted() command
to each list and then test the lists for equality.

3. Subfields of a finite field are completely classified by Theorem 22.7. It is

possible to create two finite fields of the correct orders for the
superfield/subfield relationship to hold, and to translate between one and
the other. However, in this exercise we will create a subfield of a finite field
from scratch. Since the group of nonzero elements in a finite field is cyclic,
the nonzero elements of a subfield will form a subgroup of the cyclic group,
and necessarily will be cyclic.

Create a finite field of order . Theory says there is a subfield of order ,

since . Determine a generator of multiplicative order for the nonzero
elements of this subfield, and construct these elements. Add in the field's
zero element to this list. It should be clear that this set of elements is
closed under multiplication. Absent our theorems about finite fields and
cyclic groups, the closure under addition is not a given. Write a single
statement that checks if this set is also closed under addition, by considering
all possible sums of elements from the set.

4. This problem investigates the “separableness” of . You can

create this number field quickly with the NumberFieldTower
constructor, along with the polynomials and . Flatten the
tower with the .absolute_field() method and use the
.structure() method to retrieve mappings between the tower and
the flattened version. Name the tower N and use a and b as
generators. Name the flattened version L with c as a generator.

Create a nontrivial (“random”) element of L using as many powers of c

as possible (check the degree of L to see how many linearly independent
powers there are). Request from Sage the minimum polynomial of your
random element, thus ensuring the element is a root. Construct the
minimum polynomial as a polynomial over N , the field tower, and find its
factorization. Your factorization should have only linear factors. Each root
should be an expression in a and b , so convert each root into an
expression with mathematical notation involving and . Use one of
the mappings to verify that one of the roots is indeed the original random
element.

Create a few more random elements, and find a factorization (in N or in

L ). For a field to be separable, every element of the field should be a root
of some separable polynomial. The minimal polynomial is a good
polynomial to test. (Why?) Based on the evidence, does it appear that
is a separable extension?
5. Exercise 22.4.21 describes the Frobenius Map, an automorphism of a
finite field. If F is a finite field in Sage, then End(F) will create the
automorphism group of F, the set of all bijective mappings between the
field and itself.

a. Work Exercise 22.4.21 to gain an understanding of how and why the

Frobenius mapping is a field automorphism. (Do not include any of
this in your answer to this question, but understand that the following
will be much easier if you do this problem first.)
b. For some small, but not trivial, finite fields locate the Frobenius map
in the automorphism group. Small might mean and
, with prime versus composite.
c. Once you have located the Frobenius map, describe the other
automorphisms. In other words, with a bit of investigation, you
should find a description of the automorphisms which will allow you
to accurately predict the entire automorphism group for a finite field
you have not already explored. (Hint: the automorphism group is a
group. What if you “do the operation” between the Frobenius map
and itself? Just what is the operation? Try using Sage's multiplicative
notation with the elements of the automorphism group.)
d. What is the “structure” of the automorphism group? What special
status does the Frobenius map have in this group?
 e. For any field, the subfield known as the fixed field is an important
construction, and will be especially important in the next chapter.
Given an automorphism of a field , the subset,
, can be shown to be a subfield of . It is
known as the fixed field of in . For each automorphism of
identify the fixed field of the automorphism. Since we
understand the structure of subfields of a finite field, it is enough to
just determine the order of the fixed field to be able to identify the
subfield precisely.

6. Exercise 22.4.15 suggests that every element of a finite field may be

written (expressed) as a sum of squares. This exercise suggests
computational experiments which might help you formulate a proof for the
exercise.

a. Construct two small, but not too small, finite fields, one with
and the other with an odd prime. Repeat the following for each field,
.
b. Choose a “random” element of the field, say . Construct the
sets

using Sage sets with the constructor. (Be careful: set() is

a Python command which behaves differently in fundamental ways.)
c. Examine the size of the two sets and the size of their intersection
( .intersection() ). Try different elements for , perhaps
writing a loop to try all possible values. Note that will behave
quite differently.
d. Suppose you have an element of the intersection. (You can get one
with .an_element() .) How does this lead to the sum of squares
proposed in the exercise?
e. Can you write a Python function that accepts a finite field whose
order is a power of an odd prime and then lists each element as a sum
of squares?

OceanofPDF.com
Chapter 23 Galois Theory
A classic problem of algebra is to find the solutions of a polynomial
equation. The solution to the quadratic equation was known in antiquity.
Italian mathematicians found general solutions to the general cubic and
quartic equations in the sixteenth century; however, attempts to solve the
general fifth-degree, or quintic, polynomial were repulsed for the next three
hundred years. Certainly, equations such as or
could be solved, but no solution like the quadratic
formula was found for the general quintic,

Finally, at the beginning of the nineteenth century, Ruffini and Abel both
found quintics that could not be solved with any formula. It was Galois,
however, who provided the full explanation by showing which polynomials
could and could not be solved by formulas. He discovered the connection
between groups and field extensions. Galois theory demonstrates the strong
interdependence of group and field theory, and has had far-reaching
implications beyond its original purpose.

In this chapter we will prove the Fundamental Theorem of Galois Theory.

This result will be used to establish the insolvability of the quintic and to
prove the Fundamental Theorem of Algebra.

OceanofPDF.com
23.1 Field Automorphisms
Our first task is to establish a link between group theory and field theory by
examining automorphisms of fields.

Proposition 23.1. The set of all automorphisms of a field is a group

under composition of functions.

Proof. If and are automorphisms of , then so are and . The

identity is certainly an automorphism; hence, the set of all automorphisms
of a field is indeed a group.

Proposition 23.2. Let be a field extension of . Then the set of all

automorphisms of that fix elementwise is a group; that is, the set of
all automorphisms such that for all is a
group.

Proof. We need only show that the set of automorphisms of that fix
elementwise is a subgroup of the group of all automorphisms of . Let
and be two automorphisms of such that and for
all . Then and . Since the
identity fixes every element of , the set of automorphisms of that leave
elements of fixed is a subgroup of the entire group of automorphisms of
.

Let be a field extension of . We will denote the full group of

automorphisms of by . We define the Galois group of over
to be the group of automorphisms of that fix elementwise; that is,
If is a polynomial in and is the splitting field of over
, then we define the Galois group of to be .

Example 23.3. Complex conjugation, defined by ,

is an automorphism of the complex numbers. Since

the automorphism defined by complex conjugation must be in .

Example 23.4. Consider the fields .

Then for ,

is an automorphism of leaving fixed. Similarly,

is an automorphism of leaving fixed. The

automorphism moves both and . It will soon be clear that
is the Galois group of over . The following
table shows that this group is isomorphic to .
 We may also regard the field as a vector space over that
has basis . It is no coincidence that
.

Proposition 23.5. Let be a field extension of and be a

polynomial in . Then any automorphism in defines a
permutation of the roots of that lie in .
Proof. Let

and suppose that is a zero of . Then for ,

therefore, is also a zero of .

Let be an algebraic extension of a field . Two elements are

conjugate over if they have the same minimal polynomial. For example,
in the field the elements and are conjugate over
since they are both roots of the irreducible polynomial .

A converse of the last proposition exists. The proof follows directly from
Lemma 21.32.
 Proposition 23.6. If and are conjugate over , there exists an
isomorphism such that is the identity when
restricted to .

Theorem 23.7. Let be a polynomial in and suppose that is

the splitting field for over . If has no repeated roots, then

Proof. We will use mathematical induction on . If ,

then and there is nothing to show. If , let
, where is irreducible of degree . We may assume
that ; otherwise, splits over and . Let be a
root of . If is any injective homomorphism, then
is a root of , and is a field
automorphism. Since has no repeated roots, has exactly roots
. By Proposition 23.5, there are exactly isomorphisms
that fix , one for each root of (see
Figure 23.8).

Figure 23.8.
Since is a splitting field of over , it is also a splitting field over
. Similarly, is a splitting field of over . Since
, induction shows that each of the
isomorphisms has exactly extensions, , and we
have constructed isomorphisms that fix . Finally, suppose that
is any automorphism fixing . Then restricted to is for some
.

Corollary 23.9. Let be a finite field with a finite extension such

that . Then is cyclic of order .

Proof. Let be the characteristic of and and assume that the orders of
and are and , respectively. Then . We can also assume
that is the splitting field of over a subfield of order .
Therefore, must also be the splitting field of over . Applying
Theorem 23.7, we find that .

To prove that is cyclic, we must find a generator for .

Let be defined by . We claim that is the
element in that we are seeking. We first need to show that is in
. If and are in ,

by Lemma 22.3. Also, it is easy to show that . Since

is a nonzero homomorphism of fields, it must be injective. It must also be
onto, since is a finite field. We know that must be in , since
is the splitting field of over the base field of order . This
means that leaves every element in fixed. Finally, we must show that
the order of is . By Theorem 23.7, we know that
is the identity of . However, cannot be the identity for
; otherwise, would have roots, which is
impossible.

Example 23.10. We can now confirm that the Galois group of

over in Example 23.4 is indeed isomorphic to .
Certainly the group is a subgroup of
; however, must be all of ,
since

Example 23.11. Let us compute the Galois group of

over . We know that is irreducible by Exercise 17.5.20 in

Chapter 17. Furthermore, since , we can use
DeMoivre's Theorem to determine that the roots of are , where
and

Hence, the splitting field of must be . We can define

automorphisms of by for . It is easy
to check that these are indeed distinct automorphisms in .
Since
 the 's must be all of . Therefore,
since is a generator for the Galois group.

Separable Extensions
Many of the results that we have just proven depend on the fact that a
polynomial in has no repeated roots in its splitting field. It is
evident that we need to know exactly when a polynomial factors into
distinct linear factors in its splitting field. Let be the splitting field of a
polynomial in . Suppose that factors over as

We define the multiplicity of a root of to be . A root with

multiplicity 1 is called a simple root. Recall that a polynomial
of degree is separable if it has distinct roots in its splitting field .
Equivalently, is separable if it factors into distinct linear factors over
. An extension of is a separable extension of if every element
in is the root of a separable polynomial in . Also recall that is
separable if and only if (Lemma 22.5).

Proposition 23.12. Let be an irreducible polynomial over . If

the characteristic of is , then is separable. If the characteristic of
is and for some in , then is also
separable.
Proof. First assume that . Since and
is irreducible, the only way is if is the
zero polynomial; however, this is impossible in a field of characteristic
zero. If , then can be the zero polynomial if every
coefficient of is a multiple of . This can happen only if we have a
polynomial of the form .

Certainly extensions of a field of the form are some of the easiest

to study and understand. Given a field extension of , the obvious
question to ask is when it is possible to find an element such that
. In this case, is called a primitive element. We already know
that primitive elements exist for certain extensions. For example,

and

Corollary 22.12 tells us that there exists a primitive element for any finite
extension of a finite field. The next theorem tells us that we can often find a
primitive element.

Theorem 23.13. Primitive Element Theorem. Let be a finite

separable extension of a field . Then there exists an such that
.

Proof. We already know that there is no problem if is a finite field.

Suppose that is a finite extension of an infinite field. We will prove the
result for . The general case easily follows when we use
mathematical induction. Let and be the minimal polynomials of
 and , respectively. Let be the field in which both and
split. Suppose that has zeros in and has
zeros in . All of these zeros have multiplicity , since
is separable over . Since is infinite, we can find an in such that

for all and with . Therefore, . Let

. Then

hence, for all with . Define by

. Then . However, for
. Hence, and have a single common factor in ;
that is, the minimal polynomial of over must be linear, since is
the only zero common to both and . So and
is in . Hence, .

OceanofPDF.com
23.2 The Fundamental Theorem
The goal of this section is to prove the Fundamental Theorem of Galois Theory. This
theorem explains the connection between the subgroups of and the
intermediate fields between and .

Proposition 23.14. Let be a collection of automorphisms of a field

. Then

is a subfield of .

Proof. Let and . Then

and

If , then . Finally, and

since is an automorphism.

Corollary 23.15. Let be a field and let be a subgroup of . Then

is a subfield of .

The subfield of is called the fixed field of . The field fixed by a

subgroup of will be denoted by .

Example 23.16. Let be the automorphism that

maps to . Then is the subfield of left fixed by .
 Proposition 23.17. Let be a splitting field over of a separable polynomial.
Then .

Proof. Let . Clearly, . Also, must be a splitting

field of and . By Theorem 23.7,

Therefore, . Consequently, .

A large number of mathematicians first learned Galois theory from Emil Artin's
monograph on the subject [1]. The very clever proof of the following lemma is due to
Artin.

Lemma 23.18. Let be a finite group of automorphisms of and let .

Then .

Proof. Let . We must show that any set of elements in

is linearly dependent over ; that is, we need to find elements , not all zero,
such that

Suppose that are the automorphisms in . The homogeneous

system of linear equations

has more unknowns than equations. From linear algebra we know that this system has
a nontrivial solution, say for . Since is the identity,
the first equation translates to
The problem is that some of the 's may be in but not in . We must show that
this is impossible.

Suppose that at least one of the 's is in but not in . By rearranging the 's we
may assume that is nonzero. Since any nonzero multiple of a solution is also a
solution, we can also assume that . Of all possible solutions fitting this
description, we choose the one with the smallest number of nonzero terms. Again, by
rearranging if necessary, we can assume that is in but not in .
Since is the subfield of that is fixed elementwise by , there exists a in
such that . Applying to each equation in the system, we end up with
the same homogeneous system, since is a group. Therefore, ,
, , is also a solution of the original system. We
know that a linear combination of two solutions of a homogeneous system is also a
solution; consequently,

must be another solution of the system. This is a nontrivial solution because

, and has fewer nonzero entries than our original solution. This is a
contradiction, since the number of nonzero solutions to our original solution was
assumed to be minimal. We can therefore conclude that .

Let be an algebraic extension of . If every irreducible polynomial in with a

root in has all of its roots in , then is called a normal extension of ; that is,
every irreducible polynomial in containing a root in is the product of linear
factors in .

Theorem 23.19. Let be a field extension of . Then the following statements are
equivalent.

1. is a finite, normal, separable extension of .

2. is a splitting field over of a separable polynomial.
 3. for some finite group of automorphisms of .
Proof. (1) (2). Let be a finite, normal, separable extension of . By the
Primitive Element Theorem, we can find an in such that . Let
be the minimal polynomial of over . The field must contain all of the roots of
since it is a normal extension ; hence, is a splitting field for .

(2) (3). Let be the splitting field over of a separable polynomial. By

Proposition 23.17, . Since , this is a finite
group.

(3) (1). Let for some finite group of automorphisms of . Since

, is a finite extension of . To show that is a finite, normal
extension of , let be an irreducible monic polynomial that has a root
in . We must show that is the product of distinct linear factors in . By
Proposition 23.5, automorphisms in permute the roots of lying in . Hence,
if we let act on , we can obtain distinct roots in . Let
. Then is separable over and . Any
automorphism in permutes the factors of since it permutes these roots;
hence, when acts on , it must fix the coefficients of . Therefore, the
coefficients of must be in . Since and is the
minimal polynomial of , .

Corollary 23.20. Let be a field extension of such that for some

finite group of automorphisms of . Then .

Proof. Since , is a subgroup of . Hence,

It follows that , since they must have the same order.

Before we determine the exact correspondence between field extensions and

automorphisms of fields, let us return to a familiar example.
 Example 23.21. In Example 23.4 we examined the automorphisms of
fixing . Figure 23.22 compares the lattice of field extensions of with the lattice
of subgroups of . The Fundamental Theorem of Galois Theory
tells us what the relationship is between the two lattices.

Figure 23.22.

We are now ready to state and prove the Fundamental Theorem of Galois Theory.

Theorem 23.23. Fundamental Theorem of Galois Theory. Let be a finite

field or a field of characteristic zero. If is a finite normal extension of with
Galois group , then the following statements are true.

1. The map is a bijection of subfields of containing with

the subgroups of .
2. If , then

3. if and only if
.

4. is a normal extension of if and only if is a normal subgroup of

. In this case
Proof. (1) Suppose that . Both and are fixed fields
of ; hence, and the map defined by is one-to-one. To
show that the map is onto, let be a subgroup of and be the field fixed
by . Then ; consequently, is a normal extension of . Thus,
and the map is a bijection.

(2) By Theorem Theorem 23.7, ; therefore,

Thus, .

Statement (3) is illustrated in Figure 23.24. We leave the proof of this property as an
exercise.

(4) This part takes a little more work. Let be a normal extension of . If is in
and is in , we need to show that is in ; that is,
we need to show that for all . Suppose that is the
minimal polynomial of over . Then is also a root of lying in , since
is a normal extension of . Hence, or .

Conversely, let be a normal subgroup of . We need to show that

. Let . For all there exists a
such that . Consequently, for all

hence, must be in the fixed field of . Let be the restriction of to

. Then is an automorphism of fixing , since for all ; hence,
. Next, we will show that the fixed field of is . Let be an
element in that is fixed by all automorphisms in . In particular,
for all . Therefore, belongs to the fixed field of .

Finally, we must show that when is a normal extension of ,

For , let be the automorphism of obtained by restricting to .
Since is a normal extension, the argument in the preceding paragraph shows that
. Consequently, we have a map defined
by . This map is a group homomorphism since

The kernel of is . By (2),

Hence, the image of is and is onto. Applying the First Isomorphism

Theorem, we have

Figure 23.24. Subgroups of and subfields of

Example 23.25. In this example we will illustrate the Fundamental Theorem of

Galois Theory by determining the lattice of subgroups of the Galois group of
. We will compare this lattice to the lattice of field extensions of
that are contained in the splitting field of . The splitting field of is
. To see this, notice that factors as ; hence,
the roots of are and . We first adjoin the root to and then
adjoin the root of to . The splitting field of is then
.

Since and is not in , it must be the case that

. Hence, . The set

is a basis of over . The lattice of field extensions of contained in

is illustrated in Figure 23.26(a).

The Galois group of must be of order . Let be the automorphism defined

by and , and be the automorphism defined by complex
conjugation; that is, . Then has an element of order and an element
of order . It is easy to verify by direct computation that the elements of are
and that the relations , , and
are satisfied; hence, must be isomorphic to . The lattice of
subgroups of is illustrated in Figure 23.26(b).
Figure 23.26. Galois group of

Historical Note
Solutions for the cubic and quartic equations were discovered in the 1500s. Attempts
to find solutions for the quintic equations puzzled some of history's best
mathematicians. In 1798, P. Ruffini submitted a paper that claimed no such solution
could be found; however, the paper was not well received. In 1826, Niels Henrik Abel
(1802–1829) finally offered the first correct proof that quintics are not always solvable
by radicals.

Abel inspired the work of Évariste Galois. Born in 1811, Galois began to display
extraordinary mathematical talent at the age of 14. He applied for entrance to the
École Polytechnique several times; however, he had great difficulty meeting the
formal entrance requirements, and the examiners failed to recognize his mathematical
genius. He was finally accepted at the École Normale in 1829.

Galois worked to develop a theory of solvability for polynomials. In 1829, at the age
of 17, Galois presented two papers on the solution of algebraic equations to the
Académie des Sciences de Paris. These papers were sent to Cauchy, who subsequently
lost them. A third paper was submitted to Fourier, who died before he could read the
paper. Another paper was presented, but was not published until 1846.

Galois' democratic sympathies led him into the Revolution of 1830. He was expelled
from school and sent to prison for his part in the turmoil. After his release in 1832, he
was drawn into a duel possibly over a love affair. Certain that he would be killed, he
spent the evening before his death outlining his work and his basic ideas for research
in a long letter to his friend Chevalier. He was indeed dead the next day, at the age of
20.

OceanofPDF.com
23.3 Applications
Solvability by Radicals
Throughout this section we shall assume that all fields have characteristic
zero to ensure that irreducible polynomials do not have multiple roots. The
immediate goal of this section is to determine when the roots of a
polynomial can be computed with a finite number of operations on
the coefficients of . The allowable operations are addition, subtraction,
multiplication, division, and the extraction of th roots. Certainly the
solution to the quadratic equation, , illustrates this
process:

The only one of these operations that might demand a larger field is the
taking of th roots. We are led to the following definition.

An extension field of a field is an extension by radicals if there exists

a chain of subfields

such for , we have and for

some positive integer . A polynomial is solvable by radicals over
if the splitting field of over is contained in an extension of by
radicals. Our goal is to arrive at criteria that will tell us whether or not a
polynomial is solvable by radicals by examining the Galois group
.
The easiest polynomial to solve by radicals is one of the form . As
we discussed in Chapter 4, the roots of are called the nth roots of
unity. These roots are a finite subgroup of the splitting field of . By
Corollary 22.11, the th roots of unity form a cyclic group. Any generator
of this group is called a primitive nth root of unity.

Example 23.27. The polynomial is solvable by radicals over .

The roots of this polynomial are , where

The splitting field of over is .

We shall prove that a polynomial is solvable by radicals if its Galois group

is solvable. Recall that a subnormal series of a group is a finite sequence
of subgroups

where is normal in . A group is solvable if it has a subnormal

series such that all of the factor groups are abelian. For
example, if we examine the series , we see that is
solvable. On the other hand, is not solvable, by Theorem 10.11.

Lemma 23.28. Let be a field of characteristic zero and be the

splitting field of over with . Then is a solvable
group.

Proof. The roots of are , where is a

primitive th root of unity. Suppose that contains all of its th roots of
unity. If is one of the roots of , then distinct roots of are
, and . Since permutes the roots
, the elements in must be determined by their action on
these roots. Let and be in and suppose that and
. If contains the roots of unity, then

Therefore, and is abelian, and must be

solvable.

Now suppose that does not contain a primitive th root of unity. Let
be a generator of the cyclic group of the th roots of unity. Let be a zero
of . Since and are both in the splitting field of ,
is also in . Let . Then . Since
is the splitting field of , is a normal extension of . Therefore,
any automorphism in is determined by . It must be
the case that for some integer since all of the zeros of
are powers of . If is in , then

Therefore, is abelian. By the Fundamental Theorem of Galois

Theory the series

is a normal series. By our previous argument, is abelian.

Since
is also abelian, is solvable.

Lemma 23.29. Let be a field of characteristic zero and let

a radical extension of . Then there exists a normal radical extension

such that that contains and is a normal extension of .

Proof. Since is a radical extension of , there exists a chain of subfields

such for , we have and for

some positive integer . We will build a normal radical extension of ,

such that . Define for be the splitting field of . The

roots of this polynomial are , where is a
primitive th root of unity. If contains all of its roots of unity, then
. On the other hand, suppose that does not contain a
primitive th root of unity. If is a root of , then all of the
roots of must be , where is a primitive
th root of unity. In this case, . Thus, is a normal
radical extension of containing . Continuing in this manner, we obtain
such that is a normal extension of and for
.

We will now prove the main theorem about solvability by radicals.

Theorem 23.30. Let be in , where . If is

solvable by radicals, then the Galois group of over is solvable.

Proof. Since is solvable by radicals there exists an extension of

by radicals . By Lemma 23.29, we can
assume that is a splitting field and is normal over . By the
Fundamental Theorem of Galois Theory, is a normal subgroup
of . Therefore, we have a subnormal series of subgroups of
:

Again by the Fundamental Theorem of Galois Theory, we know that

By Lemma 23.28, is solvable; hence, is also

solvable.

The converse of Theorem 23.30 is also true. For a proof, see any of the
references at the end of this chapter.

Insolvability of the Quintic

We are now in a position to find a fifth-degree polynomial that is not
solvable by radicals. We merely need to find a polynomial whose Galois
group is . We begin by proving a lemma.

Lemma 23.31. If is prime, then any subgroup of that contains a

transposition and a cycle of length must be all of .

Proof. Let be a subgroup of that contains a transposition and a

cycle of length . We may assume that . The order of is and
must be a cycle of length for . Therefore, we may assume
that for some , where (see
Exercise 5.4.13 in Chapter 5). Noting that
and
, we can obtain all the
transpositions of the form for . However, these
transpositions generate all transpositions in , since
. The transpositions generate .
Figure 23.32. The graph of

Example 23.33. We will show that

is not solvable. We claim that
the Galois group of over is . By Eisenstein's Criterion, is
irreducible and, therefore, must be separable. The derivative of is
; hence, setting and solving, we
find that the only real roots of are
 Therefore, can have at most one maximum and one minimum. It is
easy to show that changes sign between and , between
and , and once again between and (Figure 23.32). Therefore,
has exactly three distinct real roots. The remaining two roots of must
be complex conjugates. Let be the splitting field of . Since
has five distinct roots in and every automorphism of fixing is
determined by the way it permutes the roots of , we know that
is a subgroup of . Since is irreducible, there is an element
in such that for two roots and of . The
automorphism of that takes leaves the real roots
fixed and interchanges the complex roots; consequently,
contains a transposition. If is one of the real roots of , then
by Exercise 21.5.28. Since is a subfield of , it
must be the case that is divisible by 5. Since
and , we know that
contains a cycle of length . By Lemma 23.31, is generated by a
transposition and an element of order ; therefore, must be all
of . By Theorem 10.11, is not solvable. Consequently, cannot
be solved by radicals.

The Fundamental Theorem of Algebra

It seems fitting that the last theorem that we will state and prove is the
Fundamental Theorem of Algebra. This theorem was first proven by Gauss
in his doctoral thesis. Prior to Gauss's proof, mathematicians suspected that
there might exist polynomials over the real and complex numbers having no
solutions. The Fundamental Theorem of Algebra states that every
polynomial over the complex numbers factors into distinct linear factors.

Theorem 23.34. Fundamental Theorem of Algebra. The field of

complex numbers is algebraically closed; that is, every polynomial in
has a root in .
Proof. Suppose that is a proper finite field extension of the complex
numbers. Since any finite extension of a field of characteristic zero is a
simple extension, there exists an such that with the
root of an irreducible polynomial in . The splitting field of
is a finite normal separable extension of that contains . We must
show that it is impossible for to be a proper extension of .

Suppose that is a proper extension of . Since is the splitting field of

over , is a finite normal separable extension of .
Let be the fixed field of a Sylow 2-subgroup of . Then
and . Since
, we know that must be odd.
Consequently, with having a minimal polynomial of
odd degree. Therefore, .

We now know that must be a 2-group. It follows that is

a -group. We have assumed that ; therefore, . By
the first Sylow Theorem and the Fundamental Theorem of Galois Theory,
there exists a subgroup of of index 2 and a field fixed
elementwise by . Then and there exists an element
with minimal polynomial in . This polynomial has roots
 that are in , since is in . This is
impossible; hence, .

Although our proof was strictly algebraic, we were forced to rely on results
from calculus. It is necessary to assume the completeness axiom from
analysis to show that every polynomial of odd degree has a real root and
that every positive real number has a square root. It seems that there is no
possible way to avoid this difficulty and formulate a purely algebraic
argument. It is somewhat amazing that there are several elegant proofs of
the Fundamental Theorem of Algebra that use complex analysis. It is also
interesting to note that we can obtain a proof of such an important theorem
from two very different fields of mathematics.

OceanofPDF.com
23.4 Reading Questions
1. What is the Galois group of a field extension?

2. When are two elements of a field extension conjugate? (In other words,
what is the definition?)

3. Summarize the nature and importance of the Fundamental Theorem of

Galois Theory. Capture the essence of the result without getting bogged
down in too many details.

4. Why are “solvable” groups so named? Paraphrasing the relevant theorem

would be a good answer.

5. Argue the following statement, both pro and con. Which side wins the
debate?

Everything we have done in this entire course has been in preparation

for this chapter.

OceanofPDF.com
23.5 Exercises
1. Compute each of the following Galois groups. Which of these field
extensions are normal field extensions? If the extension is not normal, find
a normal extension of in which the extension field is contained.

a. b.

c. d.

e.

2. Determine the separability of each of the following polynomials.

a. over
b. over
c. over
d. over

3. Give the order and describe a generator of the Galois group of

over .

4. Determine the Galois groups of each of the following polynomials in

; hence, determine the solvability by radicals of each of the
polynomials.

a.
b.
c.
 d.
e.
f.

g.
h.
i.

5. Find a primitive element in the splitting field of each of the following

polynomials in .

a.
b.
c.
d.

6. Prove that the Galois group of an irreducible quadratic polynomial is

isomorphic to .

7. Prove that the Galois group of an irreducible cubic polynomial is

isomorphic to or .

8. Let be fields. If is a normal extension of , show that

must also be a normal extension of .

9. Let be the Galois group of a polynomial of degree . Prove that

divides .
10. Let . If is solvable over , show that is also
solvable over .

11. Construct a polynomial in of degree that is not solvable

by radicals.

12. Let be prime. Prove that there exists a polynomial of

degree with Galois group isomorphic to . Conclude that for each prime
with there exists a polynomial of degree that is not solvable by
radicals.

13. Let be a prime and be the field of rational functions over .

Prove that is an irreducible polynomial in . Show
that is not separable.

14. Let be an extension field of . Suppose that and are two

intermediate fields. If there exists an element such that
, then and are said to be conjugate fields. Prove that
and are conjugate if and only if and are conjugate
subgroups of .

15. Let . If is a positive real number, show that .

16. Let be the splitting field of . Prove or

disprove that is an extension by radicals.

17. Let be a field such that . Prove that the splitting field
of is , where .
18. Prove or disprove: Two different subgroups of a Galois group will have
different fixed fields.

19. Let be the splitting field of a polynomial over . If is a field

extension of contained in and , then is the splitting
field of some polynomial in .

20. We know that the cyclotomic polynomial

is irreducible over for every prime . Let be a zero of , and

consider the field .

a. Show that are distinct zeros of , and

conclude that they are all the zeros of .

b. Show that is abelian of order .

c. Show that the fixed field of is .

21. Let be a finite field or a field of characteristic zero. Let be a finite

normal extension of with Galois group . Prove that
if and only if
.

22. Let be a field of characteristic zero and let be a

separable polynomial of degree . If is the splitting field of , let
 be the roots of in . Let . We
define the discriminant of to be .

a. If , show that .

b. If , show that .

c. Prove that is in .

d. If is a transposition of two roots of , show that

.

e. If is an even permutation of the roots of , show

that .

f. Prove that is isomorphic to a subgroup of if and only if

.

g. Determine the Galois groups of and .

OceanofPDF.com
23.6 References and Suggested
Readings
[1] Artin, E. Theory: Lectures Delivered at the University of Notre
Dame (Notre Dame Mathematical Lectures, Number 2). Dover,
Mineola, NY, 1997.

[2] Edwards, H. M. Galois Theory. Springer-Verlag, New York, 1984.

[3] Fraleigh, J. B. A First Course in Abstract Algebra. 7th ed. Pearson,

Upper Saddle River, NJ, 2003.

[4] Gaal, L. Classical Galois Theory with Examples. American

Mathematical Society, Providence, 1979.

[5] Garling, D. J. H. A Course in Galois Theory. Cambridge University

Press, Cambridge, 1986.

[6] Kaplansky, I. Fields and Rings. 2nd ed. University of Chicago

Press, Chicago, 1972.

[7] Rothman, T. “The Short Life of Évariste Galois,” Scientific

American, April 1982, 136–49.

OceanofPDF.com
23.7 Sage
Again, our competence at examining fields with Sage will allow us to study
the main concepts of Galois Theory easily. We will thoroughly examine
Example 7 carefully using our computational tools.

Galois Groups
We will repeat Example 23.25 and analyze carefully the splitting field of
the polynomial . We begin with an initial field extension
containing at least one root.

x = polygen(QQ, 'x')
N.<a> = NumberField(x^4 - 2); N

Number Field in a with defining polynomial x^4 - 2

The .galois_closure() method will create an extension containing

all of the roots of the defining polynomial of a number field.

L.<b> = N.galois_closure(); L

Number Field in b with defining polynomial x^8 + 28*x^4 + 2500

L.degree()

y = polygen(L, 'y')
(y^4 - 2).factor()

(y - 1/120*b^5 - 19/60*b) *
(y - 1/240*b^5 + 41/120*b) *
 (y + 1/240*b^5 - 41/120*b) *
(y + 1/120*b^5 + 19/60*b)

From the factorization, it is clear that L is the splitting field of the

polynomial, even if the factorization is not pretty. It is easy to then obtain
the Galois group of this field extension.

G = L.galois_group(); G

Galois group 8T4 ([4]2) with order 8 of x^8 + 28*x^4 + 2500

We can examine this group, and identify it. Notice that since the field is a
degree extension, the group is described as a permutation group on
symbols. (It is just a coincidence that the group has elements.) With a
paucity of nonabelian groups of order , it is not hard to guess the nature of
the group.

G.is_abelian()

False

G.order()

G.list()

[(), (1,2,8,7)(3,4,6,5),
(1,3)(2,5)(4,7)(6,8), (1,4)(2,3)(5,8)(6,7),
(1,5)(2,6)(3,7)(4,8), (1,6)(2,4)(3,8)(5,7),
(1,7,8,2)(3,5,6,4), (1,8)(2,7)(3,6)(4,5)]

G.is_isomorphic(DihedralGroup(4))
 True

That's it. But maybe not very satisfying. Let us dig deeper for more
understanding. We will start over and create the splitting field of
again, but the primary difference is that we will make the
roots extremely obvious so we can work more carefully with the Galois
group and the fixed fields. Along the way, we will see another example of
linear algebra enabling certain computations. The following construction
should be familiar by now.

x = polygen(QQ, 'x')
p = x^4 - 2
N.<a> = NumberField(p); N

Number Field in a with defining polynomial x^4 - 2

y = polygen(N, 'y')
p = p.subs(x=y)
p.factor()

(y - a) * (y + a) * (y^2 + a^2)

M.<b> = NumberField(y^2 + a^2); M

Number Field in b with defining polynomial y^2 + a^2 over

its base field

z = polygen(M, 'z')
(z^4 - 2).factor()

(z - b) * (z - a) * (z + a) * (z + b)

The important thing to notice here is that we have arranged the splitting
field so that the four roots, a, -a, b, -b , are very simple functions
of the generators. In more traditional notation, a is , and b
is (or their negatives).

We will find it easier to compute in the flattened tower, a now familiar

construction.

L.<c> = M.absolute_field(); L

Number Field in c with defining polynomial x^8 + 28*x^4 + 2500

fromL, toL = L.structure()

We can return to our original polynomial (over the rationals), and ask for its
roots in the flattened tower, custom-designed to contain these roots.

roots = p.roots(ring=L, multiplicities=False); roots

[1/120*c^5 + 19/60*c,
1/240*c^5 - 41/120*c,
-1/240*c^5 + 41/120*c,
-1/120*c^5 - 19/60*c]

Hmmm. Do those look right? If you look back at the factorization obtained
in the field constructed with the .galois_closure() method, then
they look right. But we can do better.

[fromL(r) for r in roots]

[b, a, -a, -b]

Yes, those are the roots.

The End() command will create the group of automorphisms of the field
L .

G = End(L); G

Automorphism group of Number Field in c with

defining polynomial x^8 + 28*x^4 + 2500

We can check that each of these automorphisms fixes the rational numbers
elementwise. If a field homomorphism fixes 1, then it will fix the integers,
and thus fix all fractions of integers.

[tau(1) for tau in G]

[1, 1, 1, 1, 1, 1, 1, 1]

So each element of G fixes the rationals elementwise and thus G is the

Galois group of the splitting field L over the rationals.

Proposition 23.5 is fundamental. It says every automorphism in the Galois

group of a field extension creates a permutation of the roots of a polynomial
with coefficients in the base field. We have all of those ingredients here. So
we will evaluate each automorphism of the Galois group at each of the four
roots of our polynomial, which in each case should be another root. (We use
the Sequence() constructor just to get nicely-aligned output.)

Sequence([[fromL(tau(r)) for r in roots] for tau in G],

cr=True)

[
[b, a, -a, -b],
[-b, -a, a, b],
[a, -b, b, -a],
[b, -a, a, -b],
[-a, -b, b, a],
 [a, b, -b, -a],
[-b, a, -a, b],
[-a, b, -b, a]
]

Each row of the output is a list of the roots, but permuted, and so
corresponds to a permutation of four objects (the roots). For example, the
second row shows the second automorphism interchanging a with -a ,
and b with -b . (Notice that the first row is the result of the identity
automorphism, so we can mentally comine the first row with any other row
to imagine a “two-row” form of a permutation.) We can number the roots, 1
through 4, and create each permutation as an element of . It is overkill,
but we can then build the permutation group by letting all of these elements
generate a group.

S4 = SymmetricGroup(4)
elements = [S4([1, 2, 3, 4]),
S4([4, 3, 2, 1]),
S4([2, 4, 1, 3]),
S4([1, 3, 2, 4]),
S4([3, 4, 1, 2]),
S4([2, 1, 4, 3]),
S4([4, 2, 3, 1]),
S4([3, 1, 4, 2])]
elements

[(), (1,4)(2,3), (1,2,4,3), (2,3), (1,3)(2,4),

(1,2)(3,4), (1,4), (1,3,4,2)]

P = S4.subgroup(elements)
P.is_isomorphic(DihedralGroup(4))

True

Notice that we now have built an isomorphism from the Galois group to a
group of permutations using just four symbols, rather than the eight used
previously.
Fixed Fields
In a previous Sage exercise, we computed the fixed fields of single field
automorphisms for finite fields. This was “easy” in the sense that we could
just test every element of the field to see if it was fixed, since the field was
finite. Now we have an infinite field extension. How are we going to
determine which elements are fixed by individual automorphisms, or
subgroups of automorphisms?

The answer is to use the vector space structure of the flattened tower. As a
degree extension of the rationals, the first powers of the primitive
element c form a basis when the field is viewed as a vector space with
the rationals as the scalars. It is sufficient to know how each field
automorphism behaves on this basis to fully specify the definition of the
automorphism. To wit,

So we can compute the value of a field automorphism at any linear

combination of powers of the primitive element as a linear combination of
the values of the field automorphism at just the powers of the primitive
element. This is known as the “power basis”, which we can obtain simply
with the .power_basis() method. We will begin with an example of
how we can use this basis. We will illustrate with the fourth automorphism
of the Galois group. Notice that the .vector() method is a
convenience that strips a linear combination of the powers of c into a
vector of just the coefficients. (Notice too that is totally defined by the
value of , since as a field automorphism . However,
we still need to work with the entire power basis to exploit the vector space
structure.)

basis = L.power_basis(); basis

[1, c, c^2, c^3, c^4, c^5, c^6, c^7]

tau = G[3]
z = 4 + 5*c+ 6*c^3-7*c^6
tz = tau(4 + 5*c+ 6*c^3-7*c^6); tz

11/250*c^7 - 98/25*c^6 + 1/12*c^5 + 779/125*c^3 +

6006/25*c^2 - 11/6*c + 4

tz.vector()

(4, -11/6, 6006/25, 779/125, 0, 1/12, -98/25, 11/250)

tau_matrix = column_matrix([tau(be).vector() for be in basis])

tau_matrix

[ 1 0 0 0 -28 0 0
0]
[ 0 -11/30 0 0 0 779/15 0
0]
[ 0 0 -14/25 0 0 0 -858/25
0]
[ 0 0 0 779/750 0 0 0
-4031/375]
[ 0 0 0 0 -1 0 0
0]
[ 0 1/60 0 0 0 11/30 0
0]
[ 0 0 -1/50 0 0 0 14/25
0]
 [ 0 0 0 11/1500 0 0 0
-779/750]

tau_matrix*z.vector()

(4, -11/6, 6006/25, 779/125, 0, 1/12, -98/25, 11/250)

tau_matrix*(z.vector()) == (tau(z)).vector()

True

The last line expresses the fact that tau_matrix is a matrix

representation of the field automorphism, viewed as a linear transformation
of the vector space structure. As a representation of an invertible field
homomorphism, the matrix is invertible. As an order permutation of the
roots, the inverse of the matrix is itself. But these facts are just verifications
that we have the right thing, we are interested in other properties.

To construct fixed fields, we want to find elements fixed by automorphisms.

Continuing with tau from above, we seek elements z (written as
vectors) such that tau_matrix*z=z . These are eigenvectors for the
eigenvalue , or elements of the null space of (tau_matrix - I)
(null spaces are obtained with .right_kernel() in Sage).

K = (tau_matrix-identity_matrix(8)).right_kernel(); K

Vector space of degree 8 and dimension 4 over Rational Field

Basis matrix:
[ 1 0 0 0 0 0 0 0]
[ 0 1 0 0 0 1/38 0 0]
[ 0 0 1 0 0 0 -1/22 0]
[ 0 0 0 1 0 0 0 1/278]
Each row of the basis matrix is a vector representing an element of the field,
specifically 1 , c + (1/38)*c^5 , c^2 - (1/22)*c^6 ,
c^3 + (1/278)*c^7 . Let's take a closer look at these fixed elements,
in terms we recognize.

fromL(1)

fromL(c + (1/38)*c^5)

60/19*b

fromL(c^2 - (1/22)*c^6)

150/11*a^2

fromL(c^3 + (1/278)*c^7)

1500/139*a^2*b

Any element fixed by tau will be a linear combination of these four

elements. We can ignore any rational multiples present, the first element is
just saying the rationals are fixed, and the last element is just a product of
the middle two. So fundamentally tau is fixing rationals, b (which is
) and a^2 (which is ). Furthermore, b^2 = -a^2 (the check
follows), so we can create any fixed element of tau by just adjoining
b = to the rationals. So the elements fixed by tau are .

a^2 + b^2

0
Galois Correspondence
The entire subfield structure of our splitting field is determined by the
subgroup structure of the Galois group (Theorem 23.23), which is
isomorphic to a group we know well. What are the subgroups of our Galois
group, expressed as permutation groups? (For brevity, we just list the
generators of each subgroup.)

sg = P.subgroups();
[H.gens() for H in sg]

[[()],
[(1,4)(2,3)],
[(2,3)],
[(1,4)],
[(1,2)(3,4)],
[(1,3)(2,4)],
[(2,3), (1,4)(2,3)],
[(1,2,4,3), (1,4)(2,3)],
[(1,2)(3,4), (1,4)(2,3)],
[(2,3), (1,2,4,3), (1,4)(2,3)]]

[H.order() for H in sg]

[1, 2, 2, 2, 2, 2, 4, 4, 4, 8]

tau above is the fourth element of the automorphism group, and the
fourth permutation in elements is the permutation (2,3) , the
generator (of order 2) for the second subgroup. So as the only nontrivial
element of this subgroup, we know that the corresponding fixed field is
.

Let us analyze another subgroup of order 2, without all the explanation, and
starting with the subgroup. The sixth subgroup is generated by the fifth
automorphism, so let us determine the elements that are fixed.
tau = G[4]
tau_matrix = column_matrix([tau(be).vector() for be in basis])
(tau_matrix-identity_matrix(8)).right_kernel()

Vector space of degree 8 and dimension 4 over Rational Field

Basis matrix:
[ 1 0 0 0 0 0 0 0]
[ 0 1 0 0 0 1/158 0 0]
[ 0 0 1 0 0 0 1/78 0]
[ 0 0 0 1 0 0 0 13/614]

fromL(tau(1))

fromL(tau(c+(1/158)*c^5))

120/79*b - 120/79*a

fromL(tau(c^2+(1/78)*c^6))

-200/39*a*b

fromL(tau(c^3+(13/614)*c^7))

3000/307*a^2*b + 3000/307*a^3

The first element indicates that the rationals are fixed (we knew that).
Scaling the second element gives b - a as a fixed element. Scaling the
third and fourth fixed elements, we recognize that they can be obtained
from powers of b - a .

(b-a)^2

-2*a*b
 (b-a)^3

2*a^2*b + 2*a^3

So the fixed field of this subgroup can be formed by adjoining b - a to

the rationals, which in mathematical notation is
, so the fixed field is
.

We can create this fixed field, though as created here it is not strictly a
subfield of L . We will use an expression for b - a that is a linear
combination of powers of c .

subinfo = L.subfield((79/120)*(c+(1/158)*c^5)); subinfo

(Number Field in c0 with defining polynomial x^4 + 8

with c0 = 1/240*c^5 + 79/120*c,
Ring morphism:
From: Number Field in c0 with defining polynomial x^4 + 8
with c0 = 1/240*c^5 + 79/120*c
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c0 |--> 1/240*c^5 + 79/120*c)

The .subfield() method returns a pair. The first item is a new

number field, isomorphic to a subfield of L . The second item is an
injective mapping from the new number field into L . In this case, the
image of the primitive element c0 is the element we have specified as
the generator of the subfield. The primitive element of the new field will
satisfy the defining polynomial — you can check that
is indeed a root of the polynomial .
There are five subgroups of order , we have found fixed fields for two of
them. The other three are similar, so it would be a good exercise to work
through them. Our automorphism group has three subgroups of order 4, and
at least one of each possible type (cyclic versus non-cyclic). Fixed fields of
larger subgroups require that we find elements fixed by all of the
automorphisms in the subgroup. (We were conveniently ignoring the
identity automorphism above.) This will require more computation, but will
restrict the possibilities (smaller fields) to where it will be easier to deduce a
primitive element for each field.

The seventh subgroup is generated by two elements of order and is

composed entirely of elements of order (except the identity), so is
isomorphic to . The permutations correspond to automorphisms
number 0, 1, 3, and 6. To determine the elements fixed by all four
automorphisms, we will build the kernel for each one and as we go, we
form the intersection of all four kernels. We will work via a loop over the
four automorphisms.

V = QQ^8
for tau in [G[0], G[1], G[3], G[6]]:
tau_matrix = column_matrix([tau(be).vector() for be in
basis])
K = (tau_matrix-identity_matrix(8)).right_kernel()
V = V.intersection(K)
V

Vector space of degree 8 and dimension 2 over Rational Field

Basis matrix:
[ 1 0 0 0 0 0 0 0]
[ 0 0 1 0 0 0 -1/22 0]

Outside of the rationals, there is a single fixed element.

fromL(tau(c^2 - (1/22)*c^6))
 150/11*a^2

Removing a scalar multiple, our primitive element is a^2 , which

mathematically is , so the fixed field is . Again, we can build
this fixed field, but ignore the mapping.

F, mapping = L.subfield((11/150)*(c^2 - (1/22)*c^6))

F

Number Field in c0 with defining polynomial x^2 - 2

with c0 = -1/300*c^6 + 11/150*c^2

One more subgroup. The penultimate subgroup has a permutation of order 4

as a generator, so is a cyclic group of order 4. The individual permutations
of the subgroup correspond to automorphisms 0, 1, 2, 7.

V = QQ^8
for tau in [G[0], G[1], G[2], G[7]]:
tau_matrix = column_matrix([tau(be).vector() for be in
basis])
K = (tau_matrix-identity_matrix(8)).right_kernel()
V = V.intersection(K)
V

Vector space of degree 8 and dimension 2 over Rational Field

Basis matrix:
[1 0 0 0 0 0 0 0]
[0 0 0 0 1 0 0 0]

So we compute the primitive element.

fromL(tau(c^4))

-24*a^3*b - 14
Since rationals are fixed, we can remove the and the multiple and take
a^3*b as the primitive element. Mathematically, this is , so we might
as well use just as the primitive element and the fixed field is . We
can then build the fixed field (and ignore the mapping also returned).

F, mapping = L.subfield((c^4+14)/-48)
F

Number Field in c0 with defining polynomial x^2 + 1

with c0 = -1/48*c^4 - 7/24

There is one more subgroup of order , which we will leave as an exercise

to analyze. There are also two trivial subgroups (the identity and the full
group) which are not very interesting or surprising.

If the above seems like too much work, you can always just have Sage do it
all with the .subfields() method.

L.subfields()

[
(Number Field in c0 with defining polynomial x, Ring morphism:
From: Number Field in c0 with defining polynomial x
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: 0 |--> 0, None),
(Number Field in c1 with defining polynomial x^2 + 112*x +
40000, Ring morphism:
From: Number Field in c1 with defining polynomial x^2 +
112*x + 40000
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c1 |--> 4*c^4, None),
(Number Field in c2 with defining polynomial x^2 + 512, Ring
morphism:
From: Number Field in c2 with defining polynomial x^2 + 512
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c2 |--> 1/25*c^6 + 78/25*c^2, None),
(Number Field in c3 with defining polynomial x^2 - 288, Ring
morphism:
From: Number Field in c3 with defining polynomial x^2 - 288
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c3 |--> -1/25*c^6 + 22/25*c^2, None),
(Number Field in c4 with defining polynomial x^4 + 112*x^2 +
40000, Ring morphism:
From: Number Field in c4 with defining polynomial x^4 +
112*x^2 + 40000
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c4 |--> 2*c^2, None),
(Number Field in c5 with defining polynomial x^4 + 8, Ring
morphism:
From: Number Field in c5 with defining polynomial x^4 + 8
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c5 |--> -1/80*c^5 + 1/40*c, None),
(Number Field in c6 with defining polynomial x^4 + 648, Ring
morphism:
From: Number Field in c6 with defining polynomial x^4 + 648
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c6 |--> 1/80*c^5 + 79/40*c, None),
(Number Field in c7 with defining polynomial x^4 - 512, Ring
morphism:
From: Number Field in c7 with defining polynomial x^4 - 512
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c7 |--> -1/60*c^5 + 41/30*c, None),
(Number Field in c8 with defining polynomial x^4 - 32, Ring
morphism:
From: Number Field in c8 with defining polynomial x^4 - 32
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c8 |--> 1/60*c^5 + 19/30*c, None),
(Number Field in c9 with defining polynomial x^8 + 28*x^4 +
2500, Ring morphism:
From: Number Field in c9 with defining polynomial x^8 +
28*x^4 + 2500
To: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
Defn: c9 |--> c, Ring morphism:
From: Number Field in c with defining polynomial x^8 +
28*x^4 + 2500
To: Number Field in c9 with defining polynomial x^8 +
28*x^4 + 2500
 Defn: c |--> c9)
]

Ten subfields are described, which is what we would expect, given the 10
subgroups of the Galois group. Each begins with a new number field that is
a subfield. Technically, each is not a subset of L , but the second item
returned for each subfield is an injective homomorphism, also known
generally as an “embedding.” Each embedding describes how a primitive
element of the subfield translates to an element of L . Some of these
primitive elements could be manipulated (as we have done above) to yield
slightly simpler minimal polynomials, but the results are quite impressive
nonetheless. Each item in the list has a third component, which is almost
always None , except when the subfield is the whole field, and then the
third component is an injective homomorphism “in the other direction.”

Normal Extensions
Consider the third subgroup in the list above, generated by the permutation
(1,4) . As a subgroup of order , it only has one nontrivial element,
which here corresponds to the seventh automorphism. We determine the
fixed elements as before.

tau = G[6]
tau_matrix = column_matrix([tau(be).vector() for be in basis])
(tau_matrix-identity_matrix(8)).right_kernel()

Vector space of degree 8 and dimension 4 over Rational Field

Basis matrix:
[ 1 0 0 0 0 0 0 0]
[ 0 1 0 0 0 -1/82 0 0]
[ 0 0 1 0 0 0 -1/22 0]
[ 0 0 0 1 0 0 0 11/58]

fromL(tau(1))
 1

fromL(tau(c+(-1/82)*c^5))

-120/41*a

fromL(tau(c^2+(-1/22)*c^6))

150/11*a^2

fromL(tau(c^3+(11/58)*c^7))

3000/29*a^3

As usual, ignoring rational multiples, we see powers of a and recognize

that a alone will be a primitive element for the fixed field, which is thus
. Recognize that a was our first root of , and was used to
create the first part of original tower, N . So N is both and the
fixed field of .

contains at least one root of the irreducible , but not all of

the roots (witness the factorization above) and therefore does not qualify as
a normal extension. By part (4) of Theorem 23.23 the automorphism group
of the extension is not normal in the full Galois group.

sg[2].is_normal(P)

False

As expected.

OceanofPDF.com
23.8 Sage Exercises
1. In the analysis of Example 23.25 with Sage, two subgroups of order
and one subgroup of order were not analyzed. Determine the fixed fields
of these three subgroups.

2. Build the splitting field of and then

determine the Galois group of as a concrete group of explicit
permutations. Build the lattice of subgroups of the Galois group, again
using the same explicit permutations. Using the Fundamental Theorem of
Galois Theory, construct the subfields of the splitting field. Include your
supporting documentation in your submitted Sage worksheet. Also, submit
a written component of this assignment containing a complete layout of the
subgroups and subfields, written entirely with mathematical notation and
with no Sage commands, designed to illustrate the correspondence between
the two. All you need here is the graphical layout, suitably labeled — the
Sage worksheet will substantiate your work.

3. The polynomial has all of the symmetric group as its

Galois group. Because is not solvable, we know this polynomial to be
an example of a quintic polynomial that is not solvable by radicals.
Unfortunately, asking Sage to compute this Galois group takes far too long.
So this exercise will simulate that experience with a slightly smaller
example.

Consider the polynomial .

a. Build the splitting field of one root at a time. Create an
extension, factor there, discard linear factors, use the remaining
irreducible factor to extend once more. Repeat until factors
completely. Be sure to do a final extension via just a linear factor.
This is a little silly, and Sage will seem to ignore your final generator
(so you will want to setermine what it is equivalent to in terms of the
previous gfenerators). Directions below depend on taking this extra
step.
b. Factor the original polynomial over the final extension field in the
tower. What is boring about this factorization in comparison to some
other examples we have done?
c. Construct the full tower as an absolute field over . From the degree
of this extension and the degree of the original polynomial, infer the
Galois group of the polynomial.
d. Using the mappings that allow you to translate between the tower and
the absolute field (obtained from the .structure() method),
choose one of the roots (any one) and express it in terms of the single
generator of the absolute field. Then reverse the procedure and
express the single generator of the absolute field in terms of the roots
in the tower.
e. Compute the group of automorphisms of the absolute field (but don't
display the whole group in what you submit). Take all four roots
(including your silly one from the last step of the tower construction)
and apply each field automorphism to the four roots (creating the
guaranteed permutations of the roots). Comment on what you see.
f. There is one nontrivial automorphism that has an especially simple
form (it is the second one for me) when applied to the generator of
the absolute field. What does this automorphism do to the roots of
?
 g. Consider the extension of formed by adjoining just one of the
roots. This is a subfield of the splitting field of the polynomial, so is
the fixed field of a subgroup of the Galois group. Give a simple
description of the corresponding subgroup using language we
typically only apply to permutation groups.

4. Return to the splitting field of the quintic discussed in the introduction to

the previous problem ( ). Create the first two intermediate fields
by adjoining two roots (one at a time). But instead of factoring at each step
to get a new irreducible polynomial, divide by the linear factor you know is
a factor. In general, the quotient might factor further, but in this exercise
presume it does not. In other words, act as if your quotient by the linear
factor is irreducible. If it is not, then the NumberField() command
should complain (which it will not).

After adjoining two roots, create the extension producing a third root, and
do the division. You should now have a quadratic factor. Assuming the
quadratic is irreducible (it is) argue that you have enough evidence to
establish the order of the Galois group, and hence can determine exactly
which group it is.

You can try to use this quadratic factor to create one more step in the
extensions, and you will arrive at the splitting field, as can be seen with
logic or division. However, this could take a long time to complete (save
your work beforehand!). You can try passing the check=False
argument to the NumberField() command — this will bypass
checking irreducibility.

5. Create the finite field of order , letting Sage supply the default
polynomial for its construction. The polynomial is
irreducible over this finite field. Check that this polynomial splits in the
finite field, and then use the .roots() method to collect the roots of
the polynomial. Get the group of automorphisms of the field with the
End() command.

You now have all of the pieces to associate each field automorphism with a
permutation of the roots. From this, identify the Galois group and all of its
subgroups. For each subgroup, determine the fixed field. You might find the
roots easier to work with if you use the .log() method to identify them
as powers of the field's multiplicative generator.

Your Galois group in this example will be abelian. So every subgroup is

normal, and hence any extension is also normal. Can you extend this
example by choosing a nontrivial intermediate field with a nontrivial
irreducible polynomial that has all of its roots in the intermediate field and a
nontrivial irreducible polynomial with none of its roots in the intermediate
field?

Your results here are “typical” in the sense that the particular field or
irreducible polynomial makes little difference in the qualitative nature of
the results.

6. The splitting field for the irreducible polynomial

has degree 168 (hence this is the order of the Galois group). This
polynomial is derived from an “Elkies trinomial curve,” a hyperelliptic
curve (below) that produces polynomials with interesting Galois groups:

For the resulting Galois group is , a simple group. If

is all matrices over with determinant 1, then
 is the quotient by the subgroup . It is the second-
smallest non-abelian simple group (after ).

See how far you can get in using Sage to build this splitting field. A degree
extension will yield one linear factor, and a subsequent degree
extension will yield two linear factors, leaving a quartic factor. Here is
where the computations begin to slow down. If we believe that the splitting
field has degree , then we know that adding a root from this degree 4
factor will get us to the splitting field. Creating this extension may be
possible computationally, but verifying that the quartic splits into linear
factors here seems to be infeasible.

7. Return to Example 23.25, and the complete list of subfields obtainable

from the .subfields() method applied to the flattened tower. As
mentioned, these are technically not subfields, but do have embeddings into
the tower. Given two subfields, their respective primitive elements are
embedded into the tower, with an image that is a linear combination of
powers of the primitive element for the tower.

If one subfield is contained in the other, then the image of the primitive
element for the smaller field should be a linear combination of the
(appropriate) powers of the image of the primitive element for the larger
field. This is a linear algebra computation that should be possible in the
tower, relative to the power basis for the whole tower.

Write a procedure to determine if two subfields are related by one being a

subset of the other. Then use this procedure to create the lattice of subfields.
The eventual goal would be a graphical display of the lattice, using the
existing plotting facilities available for lattices, similar to the top half of
Figure 23.26. This is a “challenging” exercise, which is code for “it is
speculative and has not been tested.”
OceanofPDF.com
Appendix A GNU Free Documentation
License
Version 1.3, 3 November 2008

Copyright © 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc.
< www.fsf.org >

Everyone is permitted to copy and distribute verbatim copies of this license

document, but changing it is not allowed.

0. PREAMBLE. The purpose of this License is to make a manual,

textbook, or other functional and useful document “free” in the sense of
freedom: to assure everyone the effective freedom to copy and redistribute
it, with or without modifying it, either commercially or noncommercially.
Secondarily, this License preserves for the author and publisher a way to get
credit for their work, while not being considered responsible for
modifications made by others.

This License is a kind of “copyleft”, which means that derivative works of

the document must themselves be free in the same sense. It complements
the GNU General Public License, which is a copyleft license designed for
free software.

We have designed this License in order to use it for manuals for free
software, because free software needs free documentation: a free program
should come with manuals providing the same freedoms that the software
does. But this License is not limited to software manuals; it can be used for
any textual work, regardless of subject matter or whether it is published as a
printed book. We recommend this License principally for works whose
purpose is instruction or reference.
1. APPLICABILITY AND DEFINITIONS. This License applies to
any manual or other work, in any medium, that contains a notice placed by
the copyright holder saying it can be distributed under the terms of this
License. Such a notice grants a world-wide, royalty-free license, unlimited
in duration, to use that work under the conditions stated herein. The
“Document”, below, refers to any such manual or work. Any member of the
public is a licensee, and is addressed as “you”. You accept the license if you
copy, modify or distribute the work in a way requiring permission under
copyright law.

A “Modified Version” of the Document means any work containing the

Document or a portion of it, either copied verbatim, or with modifications
and/or translated into another language.

A “Secondary Section” is a named appendix or a front-matter section of the

Document that deals exclusively with the relationship of the publishers or
authors of the Document to the Document's overall subject (or to related
matters) and contains nothing that could fall directly within that overall
subject. (Thus, if the Document is in part a textbook of mathematics, a
Secondary Section may not explain any mathematics.) The relationship
could be a matter of historical connection with the subject or with related
matters, or of legal, commercial, philosophical, ethical or political position
regarding them.

The “Invariant Sections” are certain Secondary Sections whose titles are
designated, as being those of Invariant Sections, in the notice that says that
the Document is released under this License. If a section does not fit the
above definition of Secondary then it is not allowed to be designated as
Invariant. The Document may contain zero Invariant Sections. If the
Document does not identify any Invariant Sections then there are none.
The “Cover Texts” are certain short passages of text that are listed, as Front-
Cover Texts or Back-Cover Texts, in the notice that says that the Document
is released under this License. A Front-Cover Text may be at most 5 words,
and a Back-Cover Text may be at most 25 words.

A “Transparent” copy of the Document means a machine-readable copy,

represented in a format whose specification is available to the general
public, that is suitable for revising the document straightforwardly with
generic text editors or (for images composed of pixels) generic paint
programs or (for drawings) some widely available drawing editor, and that
is suitable for input to text formatters or for automatic translation to a
variety of formats suitable for input to text formatters. A copy made in an
otherwise Transparent file format whose markup, or absence of markup, has
been arranged to thwart or discourage subsequent modification by readers is
not Transparent. An image format is not Transparent if used for any
substantial amount of text. A copy that is not “Transparent” is called
“Opaque”.

Examples of suitable formats for Transparent copies include plain ASCII

without markup, Texinfo input format, LaTeX input format, SGML or XML
using a publicly available DTD, and standard-conforming simple HTML,
PostScript or PDF designed for human modification. Examples of
transparent image formats include PNG, XCF and JPG. Opaque formats
include proprietary formats that can be read and edited only by proprietary
word processors, SGML or XML for which the DTD and/or processing
tools are not generally available, and the machine-generated HTML,
PostScript or PDF produced by some word processors for output purposes
only.

The “Title Page” means, for a printed book, the title page itself, plus such
following pages as are needed to hold, legibly, the material this License
requires to appear in the title page. For works in formats which do not have
any title page as such, “Title Page” means the text near the most prominent
appearance of the work's title, preceding the beginning of the body of the
text.

The “publisher” means any person or entity that distributes copies of the
Document to the public.

A section “Entitled XYZ” means a named subunit of the Document whose

title either is precisely XYZ or contains XYZ in parentheses following text
that translates XYZ in another language. (Here XYZ stands for a specific
section name mentioned below, such as “Acknowledgements”,
“Dedications”, “Endorsements”, or “History”.) To “Preserve the Title” of
such a section when you modify the Document means that it remains a
section “Entitled XYZ” according to this definition.

The Document may include Warranty Disclaimers next to the notice which
states that this License applies to the Document. These Warranty
Disclaimers are considered to be included by reference in this License, but
only as regards disclaiming warranties: any other implication that these
Warranty Disclaimers may have is void and has no effect on the meaning of
this License.

2. VERBATIM COPYING. You may copy and distribute the

Document in any medium, either commercially or noncommercially,
provided that this License, the copyright notices, and the license notice
saying this License applies to the Document are reproduced in all copies,
and that you add no other conditions whatsoever to those of this License.
You may not use technical measures to obstruct or control the reading or
further copying of the copies you make or distribute. However, you may
accept compensation in exchange for copies. If you distribute a large
enough number of copies you must also follow the conditions in section 3.

You may also lend copies, under the same conditions stated above, and you
may publicly display copies.

3. COPYING IN QUANTITY. If you publish printed copies (or

copies in media that commonly have printed covers) of the Document,
numbering more than 100, and the Document's license notice requires
Cover Texts, you must enclose the copies in covers that carry, clearly and
legibly, all these Cover Texts: Front-Cover Texts on the front cover, and
Back-Cover Texts on the back cover. Both covers must also clearly and
legibly identify you as the publisher of these copies. The front cover must
present the full title with all words of the title equally prominent and
visible. You may add other material on the covers in addition. Copying with
changes limited to the covers, as long as they preserve the title of the
Document and satisfy these conditions, can be treated as verbatim copying
in other respects.

If the required texts for either cover are too voluminous to fit legibly, you
should put the first ones listed (as many as fit reasonably) on the actual
cover, and continue the rest onto adjacent pages.

If you publish or distribute Opaque copies of the Document numbering

more than 100, you must either include a machine-readable Transparent
copy along with each Opaque copy, or state in or with each Opaque copy a
computer-network location from which the general network-using public
has access to download using public-standard network protocols a complete
Transparent copy of the Document, free of added material. If you use the
latter option, you must take reasonably prudent steps, when you begin
distribution of Opaque copies in quantity, to ensure that this Transparent
copy will remain thus accessible at the stated location until at least one year
after the last time you distribute an Opaque copy (directly or through your
agents or retailers) of that edition to the public.

It is requested, but not required, that you contact the authors of the
Document well before redistributing any large number of copies, to give
them a chance to provide you with an updated version of the Document.

4. MODIFICATIONS. You may copy and distribute a Modified

Version of the Document under the conditions of sections 2 and 3 above,
provided that you release the Modified Version under precisely this License,
with the Modified Version filling the role of the Document, thus licensing
distribution and modification of the Modified Version to whoever possesses
a copy of it. In addition, you must do these things in the Modified Version:

A. Use in the Title Page (and on the covers, if any) a title distinct from
that of the Document, and from those of previous versions (which
should, if there were any, be listed in the History section of the
Document). You may use the same title as a previous version if the
original publisher of that version gives permission.
B. List on the Title Page, as authors, one or more persons or entities
responsible for authorship of the modifications in the Modified
Version, together with at least five of the principal authors of the
Document (all of its principal authors, if it has fewer than five), unless
they release you from this requirement.
C. State on the Title page the name of the publisher of the Modified
Version, as the publisher.
D. Preserve all the copyright notices of the Document.
E. Add an appropriate copyright notice for your modifications adjacent
to the other copyright notices.
F. Include, immediately after the copyright notices, a license notice
giving the public permission to use the Modified Version under the
terms of this License, in the form shown in the Addendum below.
G. Preserve in that license notice the full lists of Invariant Sections and
required Cover Texts given in the Document's license notice.
H. Include an unaltered copy of this License.
I. Preserve the section Entitled “History”, Preserve its Title, and add to it
an item stating at least the title, year, new authors, and publisher of the
Modified Version as given on the Title Page. If there is no section
Entitled “History” in the Document, create one stating the title, year,
authors, and publisher of the Document as given on its Title Page,
then add an item describing the Modified Version as stated in the
previous sentence.
J. Preserve the network location, if any, given in the Document for
public access to a Transparent copy of the Document, and likewise the
network locations given in the Document for previous versions it was
based on. These may be placed in the “History” section. You may
omit a network location for a work that was published at least four
years before the Document itself, or if the original publisher of the
version it refers to gives permission.
K. For any section Entitled “Acknowledgements” or “Dedications”,
Preserve the Title of the section, and preserve in the section all the
substance and tone of each of the contributor acknowledgements
and/or dedications given therein.
L. Preserve all the Invariant Sections of the Document, unaltered in their
text and in their titles. Section numbers or the equivalent are not
considered part of the section titles.
 M. Delete any section Entitled “Endorsements”. Such a section may not
be included in the Modified Version.
N. Do not retitle any existing section to be Entitled “Endorsements” or to
conflict in title with any Invariant Section.
O. Preserve any Warranty Disclaimers.

If the Modified Version includes new front-matter sections or appendices

that qualify as Secondary Sections and contain no material copied from the
Document, you may at your option designate some or all of these sections
as invariant. To do this, add their titles to the list of Invariant Sections in the
Modified Version's license notice. These titles must be distinct from any
other section titles.

You may add a section Entitled “Endorsements”, provided it contains

nothing but endorsements of your Modified Version by various parties —
for example, statements of peer review or that the text has been approved
by an organization as the authoritative definition of a standard.

You may add a passage of up to five words as a Front-Cover Text, and a

passage of up to 25 words as a Back-Cover Text, to the end of the list of
Cover Texts in the Modified Version. Only one passage of Front-Cover Text
and one of Back-Cover Text may be added by (or through arrangements
made by) any one entity. If the Document already includes a cover text for
the same cover, previously added by you or by arrangement made by the
same entity you are acting on behalf of, you may not add another; but you
may replace the old one, on explicit permission from the previous publisher
that added the old one.

The author(s) and publisher(s) of the Document do not by this License give
permission to use their names for publicity for or to assert or imply
endorsement of any Modified Version.
5. COMBINING DOCUMENTS. You may combine the Document
with other documents released under this License, under the terms defined
in section 4 above for modified versions, provided that you include in the
combination all of the Invariant Sections of all of the original documents,
unmodified, and list them all as Invariant Sections of your combined work
in its license notice, and that you preserve all their Warranty Disclaimers.

The combined work need only contain one copy of this License, and
multiple identical Invariant Sections may be replaced with a single copy. If
there are multiple Invariant Sections with the same name but different
contents, make the title of each such section unique by adding at the end of
it, in parentheses, the name of the original author or publisher of that
section if known, or else a unique number. Make the same adjustment to the
section titles in the list of Invariant Sections in the license notice of the
combined work.

In the combination, you must combine any sections Entitled “History” in

the various original documents, forming one section Entitled “History”;
likewise combine any sections Entitled “Acknowledgements”, and any
sections Entitled “Dedications”. You must delete all sections Entitled
“Endorsements”.

6. COLLECTIONS OF DOCUMENTS. You may make a collection

consisting of the Document and other documents released under this
License, and replace the individual copies of this License in the various
documents with a single copy that is included in the collection, provided
that you follow the rules of this License for verbatim copying of each of the
documents in all other respects.
You may extract a single document from such a collection, and distribute it
individually under this License, provided you insert a copy of this License
into the extracted document, and follow this License in all other respects
regarding verbatim copying of that document.

7. AGGREGATION WITH INDEPENDENT WORKS. A

compilation of the Document or its derivatives with other separate and
independent documents or works, in or on a volume of a storage or
distribution medium, is called an “aggregate” if the copyright resulting from
the compilation is not used to limit the legal rights of the compilation's
users beyond what the individual works permit. When the Document is
included in an aggregate, this License does not apply to the other works in
the aggregate which are not themselves derivative works of the Document.

If the Cover Text requirement of section 3 is applicable to these copies of

the Document, then if the Document is less than one half of the entire
aggregate, the Document's Cover Texts may be placed on covers that
bracket the Document within the aggregate, or the electronic equivalent of
covers if the Document is in electronic form. Otherwise they must appear
on printed covers that bracket the whole aggregate.

8. TRANSLATION. Translation is considered a kind of modification,

so you may distribute translations of the Document under the terms of
section 4. Replacing Invariant Sections with translations requires special
permission from their copyright holders, but you may include translations
of some or all Invariant Sections in addition to the original versions of these
Invariant Sections. You may include a translation of this License, and all the
license notices in the Document, and any Warranty Disclaimers, provided
that you also include the original English version of this License and the
original versions of those notices and disclaimers. In case of a disagreement
between the translation and the original version of this License or a notice
or disclaimer, the original version will prevail.

If a section in the Document is Entitled “Acknowledgements”,

“Dedications”, or “History”, the requirement (section 4) to Preserve its Title
(section 1) will typically require changing the actual title.

9. TERMINATION. You may not copy, modify, sublicense, or

distribute the Document except as expressly provided under this License.
Any attempt otherwise to copy, modify, sublicense, or distribute it is void,
and will automatically terminate your rights under this License.

However, if you cease all violation of this License, then your license from a
particular copyright holder is reinstated (a) provisionally, unless and until
the copyright holder explicitly and finally terminates your license, and (b)
permanently, if the copyright holder fails to notify you of the violation by
some reasonable means prior to 60 days after the cessation.

Moreover, your license from a particular copyright holder is reinstated

permanently if the copyright holder notifies you of the violation by some
reasonable means, this is the first time you have received notice of violation
of this License (for any work) from that copyright holder, and you cure the
violation prior to 30 days after your receipt of the notice.

Termination of your rights under this section does not terminate the licenses
of parties who have received copies or rights from you under this License.
If your rights have been terminated and not permanently reinstated, receipt
of a copy of some or all of the same material does not give you any rights to
use it.
10. FUTURE REVISIONS OF THIS LICENSE. The Free
Software Foundation may publish new, revised versions of the GNU Free
Documentation License from time to time. Such new versions will be
similar in spirit to the present version, but may differ in detail to address
new problems or concerns. See www.gnu.org/copyleft .

Each version of the License is given a distinguishing version number. If the

Document specifies that a particular numbered version of this License “or
any later version” applies to it, you have the option of following the terms
and conditions either of that specified version or of any later version that
has been published (not as a draft) by the Free Software Foundation. If the
Document does not specify a version number of this License, you may
choose any version ever published (not as a draft) by the Free Software
Foundation. If the Document specifies that a proxy can decide which future
versions of this License can be used, that proxy's public statement of
acceptance of a version permanently authorizes you to choose that version
for the Document.

11. RELICENSING. “Massive Multiauthor Collaboration Site” (or

“MMC Site”) means any World Wide Web server that publishes
copyrightable works and also provides prominent facilities for anybody to
edit those works. A public wiki that anybody can edit is an example of such
a server. A “Massive Multiauthor Collaboration” (or “MMC”) contained in
the site means any set of copyrightable works thus published on the MMC
site.

“CC-BY-SA” means the Creative Commons Attribution-Share Alike 3.0

license published by Creative Commons Corporation, a not-for-profit
corporation with a principal place of business in San Francisco, California,
as well as future copyleft versions of that license published by that same
organization.

“Incorporate” means to publish or republish a Document, in whole or in

part, as part of another Document.

An MMC is “eligible for relicensing” if it is licensed under this License,

and if all works that were first published under this License somewhere
other than this MMC, and subsequently incorporated in whole or in part
into the MMC, (1) had no cover texts or invariant sections, and (2) were
thus incorporated prior to November 1, 2008.

The operator of an MMC Site may republish an MMC contained in the site
under CC-BY-SA on the same site at any time before August 1, 2009,
provided the MMC is eligible for relicensing.

ADDENDUM: How to use this License for your documents. To

use this License in a document you have written, include a copy of the
License in the document and put the following copyright and license notices
just after the title page:

Copyright (C) YEAR YOUR NAME.

Permission is granted to copy, distribute and/or
modify this document
under the terms of the GNU Free Documentation
License, Version 1.3
or any later version published by the Free
Software Foundation;
with no Invariant Sections, no Front-Cover Texts,
and no Back-Cover Texts.
A copy of the license is included in the section
 entitled "GNU
Free Documentation License".

If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts,

replace the “with… Texts.” line with this:

with the Invariant Sections being LIST THEIR

TITLES, with the
Front-Cover Texts being LIST, and with the Back-
Cover Texts being LIST.

If you have Invariant Sections without Cover Texts, or some other

combination of the three, merge those two alternatives to suit the situation.

If your document contains nontrivial examples of program code, we

recommend releasing these examples in parallel under your choice of free
software license, such as the GNU General Public License, to permit their
use in free software.

OceanofPDF.com
Appendix B Hints and Answers to Selected
Exercises
1 Preliminaries
1.4 Exercises
1.4.1.
Hint.

1.4.2.
Hint.

1.4.6.
Hint.

1.4.10.
Hint.

1.4.14.
Hint.

1.4.17.
Hint.

1.4.18.
Hint.

1.4.20.
Hint.
1.4.22.
Hint.

1.4.23.
Hint.

1.4.24.
Hint.

1.4.25.
Hint.

1.4.28.
Hint.

2 The Integers
2.4 Exercises
2.4.1.
Hint.

2.4.3.
Hint.

2.4.8.
Hint.

2.4.11.
Hint.

2.4.17. Fibonacci Numbers.

Hint.

2.4.19.
Hint.

2.4.23.
Hint.

2.4.27.
Hint.

2.4.29.
Hint.

3 Groups
3.5 Exercises
3.5.1.
Hint.

3.5.2.
Hint.

3.5.6.
Hint.

3.5.8.
Hint.

3.5.15.
Hint.
3.5.16.
Hint.

3.5.17.
Hint.

3.5.18.
Hint.

3.5.25.
Hint.

3.5.31.
Hint.

3.5.35.
Hint.

3.5.41.
Hint.

3.5.46.
Hint.

3.5.49.
Hint.

4 Cyclic Groups
4.5 Exercises
4.5.1.
Hint.

4.5.2.
Hint.

4.5.3.
Hint.

4.5.4.
Hint.

4.5.10.
Hint.

4.5.11.
Hint.

4.5.15.
Hint.

4.5.16.
Hint.

4.5.17.
Hint.

4.5.18.
Hint.

4.5.22.
Hint.
4.5.27.
Hint.

4.5.31.
Hint.

4.5.37.
Hint.

5 Permutation Groups
5.4 Exercises
5.4.1.
Hint.

5.4.2.
Hint.

5.4.3.
Hint.

5.4.4.
Hint.

5.4.5.
Hint.

5.4.8.
Hint.

5.4.11.
Hint.

5.4.17.
Hint.

5.4.25.
Hint.

5.4.29.
Hint.

5.4.30.
Hint.

6 Cosets and Lagrange's Theorem

6.5 Exercises
6.5.1.
Hint.

6.5.2.
Hint.

6.5.3.
Hint.

6.5.4.
Hint.

6.5.5.
Hint.
6.5.7.
Hint.

6.5.12.
Hint.

6.5.19.
Hint.

6.5.22.
Hint.

7 Introduction to Cryptography
7.4 Exercises
7.4.1.
Hint.

7.4.3.
Hint.

7.4.4.
Hint.

7.4.7.
Hint.

7.4.9.
Hint.

7.4.10.
Hint.

8 Algebraic Coding Theory

8.6 Exercises
8.6.2.
Hint.

8.6.3.
Hint.

8.6.4.
Hint.

8.6.6.
Hint.

8.6.7.
Hint.

8.6.9.
Hint.

8.6.11.
Hint.

8.6.12.
Hint.

8.6.15.
Hint.
8.6.19.
Hint.

8.6.23.
Hint.

9 Isomorphisms
9.4 Exercises
9.4.1.
Hint.

9.4.2.
Hint.

9.4.3.
Hint.

9.4.6.
Hint.

9.4.8.
Hint.

9.4.11.
Hint.

9.4.16.
Hint.

9.4.19.
Hint.

9.4.20.
Hint.

9.4.25.
Hint.

9.4.27.
Hint.

9.4.38.
Hint.

9.4.45.
Hint.

10 Normal Subgroups and Factor Groups

10.4 Exercises
10.4.1.
Hint.

10.4.8.
Hint.

10.4.11.
Hint.

10.4.12.
Hint.
10.4.14.
Hint.

11 Homomorphisms
11.4 Exercises
11.4.2.
Hint.

11.4.4.
Hint.

11.4.5.
Hint.

11.4.9.
Hint.

11.4.17.
Hint.

12 Matrix Groups and Symmetry

12.4 Exercises
12.4.1.
Hint.

12.4.3.
Hint.

12.4.5.
Hint.
12.4.7.
Hint.

12.4.10.
Hint.

12.4.13.
Hint.

12.4.17.
Hint.

13 The Structure of Groups

13.4 Exercises
13.4.1.
Hint.

13.4.4.
Hint.

13.4.7.
Hint.

13.4.12.
Hint.

13.4.16.
Hint.

13.4.21.
Hint.

14 Group Actions
14.5 Exercises
14.5.1.
Hint.

14.5.2.
Hint.

14.5.3.
Hint.

14.5.6.
Hint.

14.5.8.
Hint.

14.5.11.
Hint.

14.5.15.
Hint.

14.5.17.
Hint.

14.5.22.
Hint.
15 The Sylow Theorems
15.4 Exercises
15.4.1.
Hint.

15.4.2.
Hint.

15.4.5.
Hint.

15.4.8.
Hint.

15.4.10.
Hint.

15.4.17.
Hint.

15.4.23.
Hint.

15.4.26.
Hint.

16 Rings
16.7 Exercises
16.7.1.
Hint.

16.7.3.
Hint.

16.7.4.
Hint.

16.7.7.
Hint.

16.7.8.
Hint.

16.7.13.
Hint.

16.7.16.
Hint.

16.7.18.
Hint.

16.7.26.
Hint.

16.7.28.
Hint.

16.7.33.
Hint.
16.7.37.
Hint.

17 Polynomials
17.5 Exercises
17.5.2.
Hint.

17.5.3.
Hint.

17.5.5.
Hint.

17.5.7.
Hint.

17.5.8.
Hint.

17.5.10.
Hint.

17.5.13.
Hint.

17.5.14.
Hint.

17.5.16.
Hint.

17.5.20. Cyclotomic Polynomials.

Hint.

17.5.26.
Hint.

18 Integral Domains
18.4 Exercises
18.4.1.
Hint.

18.4.2.
Hint.

18.4.4.
Hint.

18.4.9.
Hint.

18.4.15.
Hint.

18.4.16.
Hint.

19 Lattices and Boolean Algebras

19.5 Exercises
19.5.2.
Hint.

19.5.4.
Hint.

19.5.5.
Hint.

19.5.6.
Hint.

19.5.8.
Hint.

19.5.10.
Hint.

19.5.14.
Hint.

19.5.18.
Hint.

19.5.20.
Hint.

20 Vector Spaces
20.5 Exercises
20.5.3.
Hint.

20.5.5.
Hint.

20.5.7.
Hint.

20.5.10.
Hint.

20.5.12.
Hint.

20.5.15. Linear Transformations.

Hint.

20.5.17. Direct Sums.

Hint.

21 Fields
21.5 Exercises
21.5.1.
Hint.

21.5.2.
Hint.

21.5.3.
Hint.
21.5.5.
Hint.

21.5.8.
Hint.

21.5.14.
Hint.

21.5.22.
Hint.

21.5.27.
Hint.

21.5.28.
Hint.

22 Finite Fields
22.4 Exercises
22.4.1.
Hint.

22.4.4.
Hint.

22.4.5.
Hint.

22.4.7.
Hint.

22.4.8.
Hint.

22.4.11.
Hint.

22.4.12.
Hint.

22.4.17.
Hint.

22.4.18.
Hint.

22.4.24. Wilson's Theorem.

Hint.

23 Galois Theory
23.5 Exercises
23.5.1.
Hint.

23.5.2.
Hint.

23.5.3.
Hint.
23.5.4.
Hint.

23.5.5.
Hint.

23.5.7.
Hint.

23.5.9.
Hint.

23.5.16.
Hint.

23.5.20.
Hint.

OceanofPDF.com
Appendix C Notation
The following table defines the notation used in this book. Page numbers or
references refer to the first appearance of each symbol.
Symbol Description Location
is in the set Paragraph
the natural numbers Paragraph
the integers Paragraph
the rational numbers Paragraph
the real numbers Paragraph
the complex numbers Paragraph
is a subset of Paragraph
the empty set Paragraph
the union of sets and Paragraph
the intersection of sets and Paragraph
complement of the set Paragraph
difference between sets and Paragraph
Cartesian product of sets and Paragraph
( times) Paragraph
identity mapping Paragraph
inverse of the function Paragraph
is congruent to modulo Example 1.30
factorial Example 2.4
binomial coefficient Example 2.4
divides Paragraph
greatest common divisor of and Paragraph
power set of Exercise 2.4.12
the least common multiple of and Exercise 2.4.23
the integers modulo Paragraph
group of units in Example 3.11
the matrices with entries in Example 3.14
the determinant of Example 3.14
the general linear group Example 3.14
the group of quaternions Example 3.15
the multiplicative group of complex numbers Example 3.16
the order of a group Paragraph
the multiplicative group of real numbers Example 3.24
the multiplicative group of rational numbers Example 3.24
the special linear group Example 3.26
the center of a group Exercise 3.5.48
cyclic group generated by Theorem 4.3
the order of an element Paragraph
Paragraph
the circle group Paragraph
the symmetric group on letters Paragraph
cycle of length Paragraph
the alternating group on letters Paragraph
the dihedral group Paragraph
index of a subgroup in a group Paragraph
the set of left cosets of a subgroup in a group Theorem 6.8
the set of right cosets of a subgroup in a group Theorem 6.8
does not divide Theorem 6.19
Hamming distance between and Paragraph
the minimum distance of a code Paragraph
the weight of Paragraph
the set of matrices with entries in Paragraph
null space of a matrix Paragraph
Kronecker delta Lemma 8.27
is isomorphic to a group Paragraph
automorphism group of a group Exercise 9.4.37
Exercise 9.4.41
inner automorphism group of a group Exercise 9.4.41
right regular representation Exercise 9.4.44
factor group of mod Paragraph
commutator subgroup of Exercise 10.4.14
kernel of Paragraph
matrix Paragraph
orthogonal group Paragraph
length of a vector Paragraph
special orthogonal group Paragraph
Euclidean group Paragraph
orbit of Paragraph
fixed point set of Paragraph
isotropy subgroup of Paragraph
normalizer of s subgroup Paragraph
the ring of quaternions Example 16.7
the Gaussian integers Example 16.12
characteristic of a ring Paragraph
ring of integers localized at Exercise 16.7.33
degree of a polynomial Paragraph
ring of polynomials over a ring Paragraph
ring of polynomials in indeterminants Paragraph
evaluation homomorphism at Theorem 17.5
field of rational functions over Example 18.5
Euclidean valuation of Paragraph
field of rational functions in Item 18.4.7.a
field of rational functions in Item 18.4.7.b
is less than Paragraph
join of and Paragraph
meet of and Paragraph
largest element in a lattice Paragraph
smallest element in a lattice Paragraph
complement of in a lattice Paragraph
dimension of a vector space Paragraph
direct sum of vector spaces and Item 20.5.17.b
set of all linear transformations from into Item 20.5.18.a
dual of a vector space Item 20.5.18.b
smallest field containing and Paragraph
dimension of a field extension of over Paragraph
Galois field of order Paragraph
multiplicative group of a field Paragraph
Galois group of over Paragraph
field fixed by the automorphism Proposition 23.14
field fixed by the automorphism group Corollary 23.15
discriminant of a polynomial Exercise 23.5.22

OceanofPDF.com
Index
Abel, Niels Henrik , Paragraph
Abelian group , Paragraph
Ackermann's function , Exercise
Adleman, L. , Paragraph
Algebraic closure , Paragraph
Algebraic extension , Paragraph
Algebraic number , Paragraph
Algorithm
division , Theorem
Euclidean , Paragraph
Ascending chain condition , Paragraph
Associate elements , Paragraph
Atom , Paragraph
Automorphism
inner , Exercise

Basis of a lattice , Paragraph

Bieberbach, L. , Paragraph
Binary operation , Paragraph
Binary symmetric channel , Paragraph
Boole, George , Paragraph
Boolean algebra
atom in a , Paragraph
definition of , Paragraph
finite , Paragraph
isomorphism , Paragraph
Boolean function , Paragraph Exercise
Burnside's Counting Theorem , Theorem
Burnside, William , Paragraph Paragraph Paragraph

Cancellation law
for groups , Paragraph
 for integral domains , Proposition
Cardano, Gerolamo , Paragraph
Carmichael numbers , Exercise
Cauchy's Theorem , Theorem
Cauchy, Augustin-Louis , Paragraph
Cayley table , Paragraph
Cayley's Theorem , Theorem
Cayley, Arthur , Paragraph
Centralizer
of a subgroup , Paragraph
Characteristic of a ring , Paragraph
Chinese Remainder Theorem
for integers , Theorem
Cipher , Paragraph
Ciphertext , Paragraph
Circuit
parallel , Paragraph
series , Paragraph
series-parallel , Paragraph
Class equation , Paragraph
Code
BCH , Paragraph
cyclic , Paragraph
group , Paragraph
linear , Paragraph
minimum distance of , Paragraph
polynomial , Paragraph
Commutative diagrams , Paragraph
Commutative rings , Paragraph
Composite integer , Paragraph
Composition series , Paragraph
Congruence modulo , Example
Conjugacy classes , Paragraph
Conjugate elements , Paragraph
Conjugate, complex , Paragraph
Conjugation , Example
Constructible number , Paragraph
Correspondence Theorem
for groups , Theorem
for rings , Theorem
Coset
leader , Paragraph
left , Paragraph
representative , Paragraph
right , Paragraph
Coset decoding , Paragraph
Cryptanalysis , Paragraph
Cryptosystem
affine , Paragraph
definition of , Paragraph
monoalphabetic , Paragraph
polyalphabetic , Paragraph
private key , Paragraph
public key , Paragraph
RSA , Paragraph
single key , Paragraph
Cycle
definition of , Paragraph
disjoint , Paragraph

De Morgan's laws
for Boolean algebras , Item
for sets , Theorem
De Morgan, Augustus , Paragraph
Decoding table , Paragraph
Deligne, Pierre , Paragraph
DeMoivre's Theorem , Theorem
Derivative , Paragraph
Determinant, Vandermonde , Paragraph
Dickson, L. E. , Paragraph
Diffie, W. , Paragraph
Direct product of groups
external , Paragraph
internal , Paragraph
Discriminant
of the cubic equation , Exercise
of the quadratic equation , Exercise
Division algorithm
for integers , Theorem
for polynomials , Theorem
Division ring , Paragraph
Domain
Euclidean , Paragraph
principal ideal , Paragraph
unique factorization , Paragraph
Doubling the cube , Paragraphs

Eisenstein's Criterion , Theorem

Element
associate , Paragraph
identity , Item
inverse , Item
irreducible , Paragraph
order of , Paragraph
prime , Paragraph
primitive , Paragraph
transcendental , Paragraph
Equivalence class , Paragraph
Equivalence relation , Paragraph
Euclidean algorithm , Paragraph
Euclidean domain , Paragraph
Euclidean group , Paragraph
Euclidean inner product , Paragraph
Euclidean valuation , Paragraph
Euler -function , Paragraph
Euler, Leonhard , Paragraph Paragraph
Extension
 algebraic , Paragraph
field , Paragraph
finite , Paragraph
normal , Paragraph
radical , Paragraph
separable , Paragraph Paragraph
simple , Paragraph
External direct product , Paragraph

Faltings, Gerd , Paragraph

Feit, W. , Paragraph Paragraph
Fermat's factorizationalgorithm , Exercise
Fermat's Little Theorem , Theorem
Fermat, Pierre de , Paragraph Paragraph
Ferrari, Ludovico , Paragraph
Ferro, Scipione del , Paragraph
Field , Paragraph
algebraically closed , Paragraph
base , Paragraph
extension , Paragraph
fixed , Paragraph
Galois , Paragraph
of fractions , Paragraph
of quotients , Paragraph
splitting , Paragraph
Finitely generated group , Paragraph
Fior, Antonio , Paragraph
First Isomorphism Theorem
for groups , Theorem
for rings , Theorem
Fixed point set , Paragraph
Freshman's Dream , Lemma
Function
bijective , Paragraph
Boolean , Paragraph Exercise
composition of , Paragraph
 definition of , Paragraph
domain of , Paragraph
identity , Paragraph
injective , Paragraph
invertible , Paragraph
one-to-one , Paragraph
onto , Paragraph
range of , Paragraph
surjective , Paragraph
switching , Paragraph Exercise
Fundamental Theorem
of Algebra , Theorem Theorem
of Arithmetic , Theorem
of Finite Abelian Groups , Theorem
Fundamental Theorem of Galois Theory , Theorem

Galois field , Paragraph

Galois group , Paragraph
Galois, Évariste , Paragraph Paragraph
Gauss's Lemma , Theorem
Gauss, Karl Friedrich , Paragraph
Gaussian integers , Example
Generator of a cyclic subgroup , Paragraph
Generators for a group , Paragraph
Glide reflection , Paragraph
Gorenstein, Daniel , Paragraph
Greatest common divisor
of two integers , Paragraph
of two polynomials , Paragraph
Greatest lower bound , Paragraph
Greiss, R. , Paragraph
Grothendieck, Alexander , Paragraph
Group
abelian , Paragraph
action , Paragraph
alternating , Paragraph
 center of , Paragraph
circle , Paragraph
commutative , Paragraph
cyclic , Paragraph
definition of , Paragraph
dihedral , Paragraph
Euclidean , Paragraph
factor , Paragraph
finite , Paragraph
finitely generated , Paragraph
Galois , Paragraph
general linear , Example Paragraph
generators of , Paragraph
homomorphism of , Paragraph
infinite , Paragraph
isomorphic , Paragraph
isomorphism of , Paragraph
-group , Paragraph Paragraph
nonabelian , Paragraph
noncommutative , Paragraph
of units , Example
order of , Paragraph
orthogonal , Paragraph
permutation , Paragraph
point , Paragraph
quaternion , Example
quotient , Paragraph
simple , Paragraph Paragraph
solvable , Paragraph
space , Paragraph
special linear , Example Paragraph
special orthogonal , Paragraph
symmetric , Paragraph
symmetry , Paragraph
Gödel, Kurt , Paragraph

Hamming distance , Paragraph

Hamming, R. , Paragraph
Hellman, M. , Paragraph
Hilbert, David , Paragraph Paragraph Paragraph Paragraph
Homomorphic image , Paragraph
Homomorphism
canonical , Paragraph Paragraph
evaluation , Example Paragraph
kernel of a group , Paragraph
kernel of a ring , Paragraph
natural , Paragraph Paragraph
of groups , Paragraph
ring , Paragraph

Ideal
definition of , Paragraph
maximal , Paragraph
one-sided , Remark
prime , Paragraph
principal , Paragraph
trivial , Example
two-sided , Remark
Indeterminate , Paragraph
Index of a subgroup , Paragraph
Induction
first principle of , Principle
second principle of , Principle
Infimum , Paragraph
Inner product , Paragraph
Integral domain , Paragraph
Internal direct product , Paragraph
International standard book number , Exercise
Irreducible element , Paragraph
Irreducible polynomial , Paragraph
Isometry , Paragraph
Isomorphism
of Boolean algebras , Paragraph
of groups , Paragraph
 ring , Paragraph

Join , Paragraph
Jordan, C. , Paragraph
Jordan-Hölder Theorem , Theorem

Kernel
of a group homomorphism , Paragraph
of a ring homomorphism , Paragraph
Key
definition of , Paragraph
private , Paragraph
public , Paragraph
single , Paragraph
Klein, Felix , Paragraph Paragraph Paragraph
Kronecker delta , Lemma Paragraph
Kronecker, Leopold , Paragraph
Kummer, Ernst , Paragraph

Lagrange's Theorem , Theorem

Lagrange, Joseph-Louis , Paragraph Paragraph Paragraph
Laplace, Pierre-Simon , Paragraph
Lattice
completed , Paragraph
definition of , Paragraph
distributive , Paragraph
Lattice of points , Paragraph
Lattices, Principle of Duality for , Axiom
Least upper bound , Paragraph
Left regular representation , Paragraph
Lie, Sophus , Paragraph Paragraph
Linear combination , Paragraph
Linear dependence , Paragraph
Linear independence , Paragraph
Linear map , Paragraph
Linear transformation
definition of , Example Paragraph
Lower bound , Paragraph

Mapping . See Function

th root of unity , Paragraph Paragraph
-equivalent , Paragraph
-set , Paragraph
Matrix
distance-preserving , Paragraph
generator , Paragraph
inner product-preserving , Paragraph
invertible , Paragraph
length-preserving , Paragraph
nonsingular , Paragraph
null space of , Paragraph
orthogonal , Paragraph
parity-check , Paragraph
similar , Example
unimodular , Paragraph
Matrix, Vandermonde , Paragraph
Maximal ideal , Paragraph
Maximum-likelihood decoding , Paragraph
Meet , Paragraph
Minimal generator polynomial , Paragraph
Minimal polynomial , Paragraph
Minkowski, Hermann , Paragraph
Monic polynomial , Paragraph
Mordell conjecture , Paragraph
Multiplicity of a root , Paragraph

Noether, A. Emmy , Paragraph

Noether, Max , Paragraph
Normal extension , Paragraph
Normal series of a group , Paragraph
Normal subgroup , Paragraph
Normalizer , Paragraph
Null space
of a matrix , Paragraph

Odd Order Theorem , Theorem

Orbit , Paragraph
Orthogonal group , Paragraph
Orthogonal matrix , Paragraph
Orthonormal set , Paragraph

Partial order , Paragraph

Partially ordered set , Paragraph
Partitions , Paragraph
Permutation
cycle structure of , Exercise
definition of , Example Paragraph
even , Paragraph
odd , Paragraph
Permutation group , Paragraph
Plaintext , Paragraph
Polynomial
code , Paragraph
content of , Paragraph
definition of , Paragraph
degree of , Paragraph
error , Paragraph
error-locator , Exercise
greatest common divisor of , Paragraph
irreducible , Paragraph
leading coefficient of , Paragraph
minimal , Paragraph
minimal generator , Paragraph
monic , Paragraph
primitive , Paragraph
root of , Paragraph
 separable , Paragraph
zero of , Paragraph
Polynomial separable , Paragraph
Polynomial!in indeterminates , Paragraph
Poset
definition of , Paragraph
largest element in , Paragraph
smallest element in , Paragraph
Power set , Example
Prime element , Paragraph
Prime ideal , Paragraph
Prime integer , Paragraph
Primitive element , Paragraph
Primitive Element Theorem , Theorem
Primitive th root of unity , Paragraph Paragraph
Primitive polynomial , Paragraph
Principal ideal , Paragraph
Principal ideal domain (PID) , Paragraph
Principal series , Paragraph
Pseudoprime , Exercise

Quaternions , Example Example

Resolvent cubic equation , Exercise

Rigid motion , Paragraph Paragraph
Ring
characteristic of , Paragraph
commutative , Paragraph
definition of , Paragraph
division , Paragraph
factor , Paragraph
homomorphism , Paragraph
isomorphism , Paragraph
Noetherian , Paragraph
quotient , Paragraph
with identity , Paragraph
 with unity , Paragraph
Rivest, R. , Paragraph
RSA cryptosystem , Paragraph
Ruffini, P. , Paragraph
Russell, Bertrand , Paragraph

Scalar product , Paragraph

Second Isomorphism Theorem
for groups , Theorem
for rings , Theorem
Shamir, A. , Paragraph
Shannon, C. , Paragraph
Sieve of Eratosthenes , Exercise
Simple extension , Paragraph
Simple group , Paragraph
Simple root , Paragraph
Solvability by radicals , Paragraph
Spanning set , Paragraph
Splitting field , Paragraph
Squaring the circle is impossible , Paragraphs
Standard decoding , Paragraph
Subgroup
centralizer , Paragraph
commutator , Paragraph
cyclic , Paragraph
definition of , Paragraph
index of , Paragraph
isotropy , Paragraph
normal , Paragraph
normalizer of , Paragraph
proper , Paragraph
stabilizer , Paragraph
Sylow -subgroup , Paragraph
translation , Paragraph
trivial , Paragraph
Subgroup! -subgroup , Paragraph
Subnormal series of a group , Paragraph
Subring , Paragraph
Supremum , Paragraph
Switch
closed , Paragraph
definition of , Paragraph
open , Paragraph
Switching function , Paragraph Exercise
Sylow -subgroup , Paragraph
Sylow, Ludvig , Paragraph
Syndrome of a code , Paragraph Paragraph

Tartaglia , Paragraph
Third Isomorphism Theorem
for groups , Theorem
for rings , Theorem
Thompson, J. , Paragraph Paragraph
Transcendental element , Paragraph
Transcendental number , Paragraph
Transposition , Paragraph
Trisection of an angle , Subsection

Unique factorization domain (UFD) , Paragraph

Unit , Paragraph Paragraph
Universal Product Code , Exercise
Upper bound , Paragraph

Vandermonde determinant , Paragraph

Vandermonde matrix , Paragraph
Vector space
basis of , Paragraph
definition of , Paragraph
dimension of , Paragraph
subspace of , Paragraph
Weight of a codeword , Paragraph
Weil, André , Paragraph
Well-defined map , Paragraph
Well-ordered set , Paragraph
Whitehead, Alfred North , Paragraph

Zero
multiplicity of , Paragraph
of a polynomial , Paragraph
Zero divisor , Paragraph

OceanofPDF.com
Colophon
This book was authored and produced with PreTeXt18.

OceanofPDF.com
Endnotes
1.
2.
3.

(a) ; (b) .

(a) ; (d) .

Observe that if and only if or . Equivalently, or , which is the same as

. Therefore, .

(a) Not a map since is undefined; (b) this is a map; (c) not a map, since but
; (d) this is a map.

(a) is one-to-one but not onto. . (c) is neither one-to-one nor onto.
.

(a) .

(a) Let . Then . Thus, and , so

is one-to-one. (b) Let , then for some . Since , is
onto.

(a) Let . Then there exists an such that . Hence, or .

Therefore, . Consequently, . Conversely, if
, then or . Hence, there exists an in or such that .
Thus, there exists an such that . Therefore, , and
.

(a) The relation fails to be symmetric. (b) The relation is not reflexive, since is not equivalent to itself. (c) The
relation is not transitive.

Let and define if .

The base case, is true. Assume that

is true. Then
and so is true. Thus, is true for all positive integers .

The base case, is true. Assume is true. Then

, so is true. Thus, is true for all positive integers .

Follow the proof in Example 2.4.

The base case, is true. Assume is true.

Then

so is true. Therefore, is true for all positive integers .

For (a) and (b) use mathematical induction. (c) Show that , , and . (e) Use part
(b) and Exercise 2.4.16.

Use the Fundamental Theorem of Arithmetic.

Use the Principle of Well-Ordering and the division algorithm.

Since , there exist integers and such that . Thus, .

Every prime must be of the form , , , or . Suppose there are only finitely many primes of the
form .

(a) ; (c) ; (e) .

(a) Not a group; (c) a group.

Pick two matrices. Almost any pair will work.

There is a nonabelian group containing six elements.

Look at the symmetry group of an equilateral triangle or a square.

The are five different groups of order 8.

Let

be in . All of the s must be distinct. There are ways to choose , ways to choose , 2 ways to
choose , and only one way to choose . Therefore, we can form in ways.

Since , we know that .

, , , , , .

The identity of is . Since , is

closed under multiplication. Finally, .

Look at .

4. The results in this section are needed only in Chapter 7

(a) False; (c) false; (e) true.

(a) ; (c) infinite; (e) .

(a) ; (b) ; (c) , , , ,

; (g) ; (j) .

(a)

(c)

(a) ; (b) .
 .

(a) ; (c) ; (e)

(a) ; (c) .

(a) ; (c) ; (e) .

(a) ; (c) ; (e) .

(a) ; (c) .

The identity element in any group has finite order. Let have orders and , respectively. Since
and , the elements of finite order in form a subgroup of .

If is an element distinct from the identity in , must generate ; otherwise, is a nontrivial proper
subgroup of .
5. Since we are in an abstract group, we will adopt the convention that group elements are multiplied left to right.

(a) ; (c) .

(a) ; (c) ; (e) ; (g) ; (n) .

(a) ; (c) .

(a) is not a subgroup.

Permutations of the form

are possible for .

Calculate and .

Consider the cases and .

Show that the center of consists of the identity if is odd and consists of the identity and a rotation if
is even.

For (a), show that .

6.

The order of and the order must both divide the order of .

The possible orders must divide .

This is true for every proper nontrivial subgroup.

False.

(a) , , , , , , , and ; (c) , , and .

Let . Show that and thus .

Show that .

If , then (Exercise 2.4.26 in Chapter 2).

7.

LAORYHAPDWK

Hint: V = E , E = X (also used for spaces and punctuation), K = R .

(a) ; (c) .

(a) (c) .

(a) ; (c) .
8.
9.
10. We will adopt the convention that bits are numbered left to right in binary -tuples.
11. This section requires a knowledge of probability, but can be skipped without loss of continuity.
12. Since we will be working with matrices, we will write binary -tuples as column vectors for the remainder of
this chapter.

This cannot be a group code since .

(a) ; (c) .

(a) ; (c) .

(a) ; (c) .

a.
 b.

Multiple errors occur in one of the received words.

(a) A canonical parity-check matrix with standard generator matrix

(c) A canonical parity-check matrix with standard generator matrix

(a) All possible syndromes occur.

(a) , , , , , , ,
. A decoding table does not exist for since this is only a single error-detecting code.

Let have odd weight and define a map from the set of odd codewords to the set of even codewords by
. Show that this map is a bijection.

For information positions, at least 6 check bits are needed to ensure an error-correcting code.

Every infinite cyclic group is isomorphic to by Theorem 9.7.

Define by
False.

Define a map from into the th roots of unity by .

Assume that is cyclic and try to find a generator.

There are two nonabelian and three abelian groups that are not isomorphic.

(a) ; (c) .

Draw the picture.

True.

True.

Let be a generator for . If is an isomorphism, show that is a generator for .

Any automorphism of must send 1 to another generator of .

To show that is one-to-one, let and and consider .

(a)

(c) is not normal in .

If is a generator for , then is a generator for .

For any , show that the map defined by is an isomorphism of with itself.
Then consider .

Suppose that is normal in and let be an arbitrary element of . If , we must show that
is also in . Show that .

(a) Let and . If , then

We also need to show that if with , then is a product of elements of the
same type. However, .

(a) is a homomorphism with kernel ; (c) is not a homomorphism.

Since , is a homomorphism.

For any homomorphism , the kernel of must be a subgroup of and the image of must be a
subgroup of . Now use the fact that a generator must map to a generator.

Let . Then .

Find a counterexample.

(a) is in ; (c) is not in .

(a) .

Use the unimodular matrix

Show that the kernel of the map is .

True.

There are three possible groups.

(a) ; (e)
.

Use the Fundamental Theorem of Finitely Generated Abelian Groups.

If and are solvable, then they have solvable series

Use the fact that has a cyclic subgroup of index .

 is abelian.

Example 14.1: , . Example 14.2: .

(a) , , , , .
, , .

(a) .

The conjugacy classes for are

The class equation is .

The group of rigid motions of the cube can be described by the allowable permutations of the six faces and is
isomorphic to . There are the identity cycle, 6 permutations with the structure that correspond to the
quarter turns, 3 permutations with the structure that correspond to the half turns, 6 permutations with the
structure that correspond to rotating the cube about the centers of opposite edges, and 8
permutations with the structure that correspond to rotating the cube about opposite vertices.

Use the fact that if and only if .

If , then the order of a Sylow -subgroup is , and the order of a Sylow -subgroup is .

The four Sylow -subgroups of are , ,

, .

Since , has either one or three Sylow -subgroups by the Third Sylow Theorem. If there is
only one subgroup, we are done. If there are three Sylow -subgroups, let and be two of them. Therefore,
; otherwise, would have elements, which is impossible. Thus,
is normal in both and since it has index in both groups.

Show that has a normal Sylow -subgroup of order and a normal Sylow -subgroup of order .

False.
If is abelian, then is cyclic, since . Now look at Example 15.14.

Define a mapping between the right cosets of in and the conjugates of in by .

Prove that this map is a bijection.

Let . Then .
13.
14.
15. It is possible to define prime ideals in a noncommutative ring. See [1] or [3].

(a) is a ring but not a field; (c) is a field; (f) is not a ring.

(a) ; (c) ; (e)

(a) , , , , ; (c) there are no nontrivial

ideals.

Assume there is an isomorphism with .

False. Assume there is an isomorphism such that .

(a) ; (c) .

If , show that .

(a) .

Let with . Then the principal ideal generated by is . Thus, there exists a such that
.

Compute and .

Let . Then and are both in ,

since .

Suppose that and . Since is an integral domain, . To find a nontrivial idempotent, look in
.

(a) ; (b) .

(a) ; (c)
.

(a) No zeros in ; (c) , .

Look at .

(a) Reducible; (c) irreducible.

One factorization is .

The integers do not form a field.

False.

Let be an isomorphism. Define by

.

The polynomial

is called the cyclotomic polynomial. Show that is irreducible over for any prime .

Find a nontrivial proper ideal in .

16.

Note that is in if and only if . The

only integer solutions to the equation are .

(a) ; (c) .

True.

Let and be in . Prove that .

Let with a unit. Then . Similarly, .

Show that 21 can be factored in two different ways.

What are the atoms of ?

False.

(a)

(c)

Not equivalent.

(a) .

Let be ideals in . We need to show that is the smallest ideal in

containing both and . If and , then
is in . For , ; hence, is an ideal in .

(a) No.

. . .

. A symmetric argument shows that .

has basis over .

The set is a basis for .

(a) Subspace of dimension with basis ; (d) not a subspace

Since , it follows that .

Let and . Then .

(a) Let and . Then

Hence, , and is a subspace of .

(c) The statement that is equivalent to , which is true if and only

if or .

(a) Let and . Then

17. The probability that a real number chosen at random from the interval will be transcendental over the
rational numbers is one.

(a) ; (c) .

(a) ; (c) ; (e) .

(a) .

Use the fact that the elements of are 0, 1, , , , , ,

and the fact that .

False.
Suppose that is algebraic over and is algebraic over . Let . It suffices to show that is algebraic
over some finite extension of . Since is algebraic over , it must be the zero of some polynomial
in . Hence is algebraic over .

Since is a basis for over , . Since

, or 4. Since the degree of the minimal polynomial of
is 4, .

Let not in . Then , where and are polynomials in with and

coefficients in . If is algebraic over , then there exists a polynomial such that . Let
. Then

Now multiply both sides by to show that there is a polynomial in that has as a zero.

See the comments following Theorem 21.13.

Make sure that you have a field extension.

There are eight elements in . Exhibit two more zeros of other than in these eight elements.

Find an irreducible polynomial in of degree and show that has elements.

(a) ; (c) .

True.

(a) Use the fact that .

False.

If , then .

Since is algebraic over of degree , we can write any element uniquely as

with . There are possible -tuples .

Factor over .

(a) ; (c) .

(a) Separable over since ; (c) not separable over since

.

If
then . A generator for is , where
for .

(a) ; (c) ; (g) see Example 23.11.

(a)

Let be the splitting field of a cubic polynomial in . Show that is less than or equal to and is
divisible by . Since is a subgroup of whose order is divisible by , conclude that this group must be
isomorphic to or .

is a subgroup of .

True.

a. Clearly are distinct since or 0. To show that is a zero of , calculate .

b. The conjugates of are . Define a map by

where . Prove that is an isomorphism of fields. Show that generates .

c. Show that is a basis for over , and consider which linear combinations of
are left fixed by all elements of .
18.

OceanofPDF.com