An Introduction to Number Theory

J. J. P. Veerman
March 16, 2022
© 2022 J. J. P. Veerman

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International

(CC BY-NC 4.0)

You are free to:

Share—copy and redistribute the material in any medium or format

Adapt—remix, transform, and build upon the material for any purpose, even commercially.
The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

Attribution—You must give appropriate credit, provide a link to the license, and indicate if
changes were made. You may do so in any reasonable manner, but not in any way that suggests
the licensor endorses you or your use.

No additional restrictions—You may not apply legal terms or technological measures that legally
restrict others from doing anything the license permits.

Non-Commercial—You may not use the material for commercial purposes.

List of Figures

√
1 Eratosthenes’ sieve up to n = 30. All multiples of a less than 31
are cancelled. The remainder are the primes less than n = 31. 4
2 f is a minimal polynomial for the irrational number r. By
minimality f 0 (p/q) is not zero. On the interval (r − 1, r), the
absolute value of the derivative of f attains its maximum at t. 9
3 A directed path γ passing through all points of Z2 . 13
4 A rectangle of 30 by 12 squares can be subdivided into squares
non larger than 6 by 6. 19
5 Two meshing gear wheels have 30, resp. 12 teeth. Each tiny
square represents the turning of one tooth in each wheel. After
precisely 5 turns of the first wheel and 2 of the second, both are
back in the exact same position. 20

6 The division algorithm: for any two integers r1 and r2 , we can find
an integer q and a real e ∈ [0, 1) so that r1 /r2 = q2 + e. 22
On the left, the function 2x lnt dt in blue, π(x) in red, and
R
7
x/ ln x in green. On the right, we have 2x lnt dt − x/ ln x in blue,
R

π(x) − x/ ln x in red. Note the different scales. 32

R∞
8 Proof that ∑∞
n=1 f (n) is greater than 1 f (x) dx if f is positive and
(strictly) decreasing. 39

3
4 List of Figures

9 Proof that ∑∞n=1 f (n) (shaded in blue and green) minus f (1)
(shaded in blue) is less than 1∞ f (x) dx if f is positive and (strictly)
R

decreasing to 0. 40
10 The origin is marked by “×”. The red dots are visible from ×;
between any blue dot and × there is a red dot. The picture shows
exactly one quarter of {−4, · · · , 4}2 \(0, 0) ⊂ Z2 . 40

11 The general solution of the inhomogeneous equation (~r,~x) = c in

R2 . 47
12 A ‘greedy’ (or locally best) algorithm to tile the the 188 × 158
rectangle by squares. The 3 smallest — and barely visible —
squares are 2 × 2. Note how the squares spiral inward as they get
smaller. See exercise 3.13. 52
13 The greedy algorithm of exercise 3.2 (a) applied to the golden
mean rectangle. The spiral connecting the corners of the square
is known as the golden spiral. (In actual fact we used a 55 by 34
rectangle as an approximation. An approximation to a true spiral
was created by fitting circular segments to the corners.) 55

14 A one parameter family ft of maps from the circle to itself. For

every t ∈ [0, 1] the map ft is constructed by truncating the map
x → 2x mod 1 as indicated in this figure. 69
15 Two ways of computing the volume of a big box: add the volumes
of the small boxes, or compute the dimensions of the big box. 70

16 The part to the right of the intersection with ` : y = x + 1 (dashed)

of a bad path (in red) is reflected. The reflected part in indicated
in green. The path becomes a monotone path from (0, 0) to
(n − 1, n + 1). 97

17 Four branches of the Gauss map. 100

18 The line y = ωx and (in red) successive iterates of the rotation Rω .
Closest returns in this figure are q in {2, 3, 5, 8}. 109
19 The geometry of successive closest returns. 109
20 Drawing y = ω1 x and successive approximations (an+1 is taken to
be 3). The green arrows correspond to en−1 , en , and en+1 . 110
List of Figures 5

21 A few branches of the twice iterated Gauss map T 2 . The points

T −2 (0) are marked in red. The reader should compare this plot to
Figure 17. 112
22 Black: thread from origin with golden mean slope; red: pulling the
thread down from the origin; green: pulling the thread up from the
origin. 114
23 The placement of x between its convergents pn /qn and pn+1 /qn+1 . 115
24 Plots of the points (n, n) in polar coordinates, for n ranging from 1
to 50, 180, 330, and 3000, respectively. 118
25 Plots of the prime points (p, p) (p prime) in polar coordinates
with p ranging between 2 and 3000, and between 2 and 30000,
respectively. 119

26 ABCar+s is the sum of the BbiCc j along the green line in the i − j
diagram. The red lines indicate where p - Bbi and p - Cc j . So all
contributions exceptBbrCcs are divisible by p. Thus p - ABCar+s . 127
27 Intuitively we wrap R around a circle of length 1, so that points
that differ by an integer land on the same point. 131

28 The Gaussian integers are the lattice points in the complex plane;
both real and imaginary parts are integers. For an arbitrary point
z ∈ C — marked by x in the figure, a nearby integer is k1 + ik2
where k1 is the closest integer to Re (z) and k2 the closest integer
to Im (z). In this case that is 2 + 3i. 157
√
29 A depiction of Z[ −6] in the complex plane; √ real parts are
integers and imaginary parts are multiples of 6. 159
√
30 Left, the elements of the ring Z[ −3]. Right, the ring
√
Z[ 12 (1 + −3)]. The units of each ring are indicated in green and
√
the ideals h2, 1 + −3i on the left and h2i on the left are indicated
in red. Fundamental domains (Definition 8.17) are shaded in blue. 161
√ √
31 Left, the fundamental domain of Z[ −3]. Here, h = i 3. Right,
one of the 2 isosceles triangles that constitute the√fundamental
√
domain of Z[ 12 (1 + −3)]. Its height d equals 12 3. The point
that maximizes the distance to the closest of the 3 corner points
lies on the bisector of the top angle at height y. 162
6 List of Figures

32 Points in the area red shaded are a distance less than from√an integer
in Z. The blue area maps into the red under
√ x → 2x − 19/4
indicated
√ by the arrow. We note that 19/4 ≈ 1.09 and
3/2 ≈ 0.87. 165
33 Possible values of ργ −1 in the proof of Proposition 8.16. 168
34 The Gaussian primes described in Proposition 8.30. There are
approximately 950 within a radius 40 of the origin (left figure) and
about 3300 within a radius 80 (right figure). 170

35 A comparison between approximating the Lebesgue integral (left)

and the Riemann integral (right). 180
36 The pushforward of a measure ν. 181
37 The functions µ(Xc− ) and µ(Xc+ ). 182
38 This map has many ergodic measures 184
39 The first two stages of the construction of the singular measure ν p . 187
40 The first two stages of the construction of the middle third Cantor
set. The shaded parts are taken out. 190

41 The inverse image of a small interval dy is T −1 (dy) 196

p
42 ω is irrational and is a convergent of ω. Then x + qω modulo 1
q
is close to x. Thus adding qω modulo 1 amounts to a translation
by a small distance. Note: “om” in the figure stands for ω. 200
43 `(I) is between 31 and 12 of `(J). So there are two disjoint images
of I under R−1
ω that fall in J. 200
44 An example of the system described in Corollary 10.10. 202
45 Illustration of the fact that for a concave function f , we have
f (wx + (1 − w)y) ≥ w f (x) + (1 − w) f (y) (Jensen’s inequality). 210
46 Plot of the function ln(x) ln(1 + x) 212

47 If f is analytic on the closed set S, then f must be analytic on

some open set containing S. 216
48 Left, a curve. Then two simple, closed curves with opposite
orientation. The curve on the right is a union of two simple, closed
curves. 218
List of Figures 7

49 In the interior of the curve obtained by concatenating γ, p, c, and

H H
−p, f is analytic. Therefore γ f dz − c f dz = 0. If f is also
H
bounded inside c, we also have c f dz = 0. 219
50 The curve γ goes around z exactly once in counter-clockwise
direction. If d is small enough, z + d also lies inside γ. 222
R
51 F(z) does not depend on the path. So F(z + d) − F(z) = c f≈
f (z)d 223
52 The curve w goes around z0 exactly once in counter-clockwise
direction. . 225
53 g is analytic in DR := {Re z ≥ −dR } ∩ {|z| ≤ R} (shaded). The red
curve is given by C+ (s) = Reis with s ∈ (− π2 , π2 ). The green curve
is given by C+ (s) = Reis with s ∈ ( π2 , 3π
2 ). The blue L− consists of
2 small circular segments plus the segment connecting their left
endpoints at a distance 0 < d < dR to the left of the the imaginary
axis. 226
54 In the proof of Proposition 11.20, |p(z)| must have a minimum z0
in the interior of the disk |z| < 2R and it cannot have a minimum
unless at z0 unless it is zero. 229
55 The complex plane with eit , −e−it and e−it on the unit circle. cost
is the average of eit and e−it and i sint as the average of eit and
−e−it . 232
56 Moving around the origin once in the positive direction increases
ϕ, and thus ln z, by 2π. Discontinuities can be avoided if we agree
never to cross the half line or branch cut L. 232
57 The functions gk and hk of exercise 11.19 for i ∈ {2, 8, 15, 30}. 236
58 The contour C is the concatenation of c (celeste), b1 (blue), r1
(red), g (green), p (purple), −g, r2 , and b2 . The path r is a
semi-circle of radius R. The path p is a small circle of radius r.
See exercise 11.20. 237

59 The Riemann-Stieltjes integral (12.1) near x = 5 picks up the value

f (5)(θ (xi+1 ) − θ (xi )). 240
60 Integration over the shaded triangle of area 1/2 in equation
(12.11). 246
61 The prime gaps pn+1 − pn divided by ln pn+1 for n in {1, · · · , 1000}. 255
8 List of Figures

62 The functions θ (x)/x (green), ψ(x)/x (red), and π(x) ln x/x (blue)
for x ∈ [1, 1000]. All converge to 1 as x tends to infinity. The x-axis
is horizontal. 257
1
63 Plot of the function f (n) := ( lcm (1, 2, · · · , n)) n for n in
{1, · · · , 100} (left) and in {104 , · · · , 105 } (right). The function
converges to e indicated in the plots by a line. 259

64 The two characters modulo 3 illustrate the orthogonality of the

Dirichlet characters. 268
65 The set S consists of the natural numbers contained in intervals
shaded in the top figure of the form [22n−1 , 22n ). The bottom
picture is the same but with a logarithmic horizontal scale. 283
R1
66 Proof that 0 f (x) dx is between ∑kj=1
f ( j dx)dx and
k−1
∑ j=0 f ( j dx)dx if f is strictly decreasing. 284
67 The function ln(ln(x)) for x ∈ [1, 1040 ]. 287

68 A sequence of functions fn (x) = x1/n that converge almost

everywhere pointwise to f (x) = 1 on [0, 1]. The convergence is
uniform on U = [ε, 1] for any ε ∈ (0, 1). 292
c
69 This figure illustrates that (∩ Ai ) = ∪i Aci . 292
70 The definition of the Lebesgue integral. Let {yi } be a countable
R
partition of the range of f .
We approximate f dµ from below by
∑i µ f −1 ({y : y ≥ yi+1 }) (yi+1 − yi ). f is integrable if the limit
converges as the mesh of the partition goes to zero. The function y
in the proof of Lemma 14.8 (ii) is indicated in red. (Here µ is the
Lebesgue measure.) 293
71 A plot of Snf (x0 ) for some fixed x0 for n ∈ {0, · · · , N}. 299
72 The function fn (in red) in exercise 14.7 is a sum of very thin
triangles with height 1. Each triangle is given by hn ( j, k, x) (in
black). 303
73 In this figure r = 2. We show the function gk (x) (red) on [0, 1] and
its intersections. The sum of the rectangles like the one shaded in
R
red give a lower bound for Gk dx while the sum of the red and
green rectangles give an upper bound. 305
List of Figures 9

74 A schematic illustration of the quantities defined in exercises

14.12 and 14.13. 306
75 A few branches of the Lüroth map of exercise 14.16. The names
of the branches are as indicated in the figure. 307
76 A few branches of the k + 1st iterate of the Lüroth map T restricted
to the interval Ik . In red a branch of T k and in black a few branches
of T k+1 . 309
Contents

List of Figures 3

Part 1. Introduction to Number Theory

Chapter 1. A Quick Tour of Number Theory 3

§1.1. Divisors and Congruences 4
§1.2. Rational and Irrational Numbers 6
§1.3. Algebraic and Transcendental Numbers 8
§1.4. Countable and Uncountable Sets 10
§1.5. Exercises 14

Chapter 2. The Fundamental Theorem of Arithmetic 21

§2.1. Bézout’s Lemma 22
§2.2. Corollaries of Bézout’s Lemma 24
§2.3. The Fundamental Theorem of Arithmetic 25
§2.4. Corollaries of the Fundamental Theorem of Arithmetic 27
§2.5. The Riemann Hypothesis 29
§2.6. Exercises 33

Chapter 3. Linear Diophantine Equations 41

§3.1. The Euclidean Algorithm 41

11
12 Contents

§3.2. A Particular Solution of ax + by = c 43

§3.3. Solution of the Homogeneous equation ax + by = 0 45
§3.4. The General Solution of ax + by = c 46
§3.5. Recursive Solution of x and y in the Diophantine Equation 48
§3.6. The Chinese Remainder Theorem 49
§3.7. Polynomials 50
§3.8. Exercises 51

Chapter 4. Number Theoretic Functions 59

§4.1. Multiplicative Functions 59
§4.2. Additive Functions 62
§4.3. Möbius inversion 62
§4.4. Euler’s Phi or Totient Function 64
§4.5. Dirichlet and Lambert Series 66
§4.6. Exercises 69

Chapter 5. Modular Arithmetic and Primes 77

§5.1. Euler’s Theorem and Primitive Roots 77
§5.2. Fermat’s Little Theorem and Primality Testing 81
§5.3. Fermat and Mersenne Primes 84
§5.4. A Divisive Issue: Rings and Fields 86
§5.5. Wilson’s Theorem 90
§5.6. Exercises 91

Chapter 6. Continued Fractions 99

§6.1. The Gauss Map 99
§6.2. Continued Fractions 100
§6.3. Computing with Continued Fractions 105
§6.4. The Geometric Theory of Continued Fractions 107
§6.5. Closest Returns 108
§6.6. Another Interpretation of the Convergents 111
§6.7. Exercises 113
Contents 13

Part 2. Currents in Number Theory: Algebraic, Probabilistic, and

Analytic

Chapter 7. Fields, Rings, and Ideals 123

§7.1. Rings of Polynomials 123
§7.2. Ideals 128
§7.3. Fields and Extensions 132
§7.4. The Algebraic Integers 136
§7.5. Rings of Quadratic Numbers and Modules 139
§7.6. Exercises 141

Chapter 8. Factorization in Rings 149

§8.1. So, How Bad Does It Get? 149
§8.2. Integral Domains 151
§8.3. Euclidean Domains 154
§8.4. Example and Counter-Example 156
§8.5. Ideal Numbers 159
§8.6. Principal Ideal Domains 163
§8.7. ED, PID, and UFD are Different 164
§8.8. Exercises 167

Chapter 9. Ergodic Theory 175

§9.1. The Trouble with Measure Theory 175
§9.2. Measure and Integration 177
§9.3. The Birkhoff Ergodic Theorem 181
§9.4. Examples of Ergodic Measures 184
§9.5. The Lebesgue Decomposition 187
§9.6. Exercises 189

Chapter 10. Three Maps and the Real Numbers 195

§10.1. Invariant Measures 195
§10.2. The Lebesgue Density Theorem 198
§10.3. Rotations and Multiplications on R/Z 199
14 Contents

§10.4. The Return of the Gauss Map 202

§10.5. Number Theoretic Implications 204
§10.6. Exercises 208

Chapter 11. The Cauchy Integral Formula 215

§11.1. Analyticity versus Isolated Singularities 215
§11.2. The Cauchy Integral Formula 218
§11.3. Corollaries of the Cauchy Integral Formula 221
§11.4. A Tauberian Theorem 225
§11.5. A Polynomial Must Have a Root 228
§11.6. Exercises 229

Chapter 12. The Prime Number Theorem 239

§12.1. Preliminaries 239
§12.2. Chebyshev’s Theorem 242
§12.3. Properties of the Zeta Function 245
§12.4. The Function Φ(z) 248
§12.5. The Prime Number Theorem 249
§12.6. Exercises 250

Part 3. Topics in Number Theory

Chapter 13. Primes in Arithmetic Progressions 263

§13.1. Finite Abelian Groups 263
§13.2. The Hermitian Inner Product 265
§13.3. Characters of Finite Abelian Groups 266
§13.4. Dirichlet Characters and L-functions 270
§13.5. Preliminary Steps 272
§13.6. Primes in Arithmetic Progressions 274
§13.7. Exercises 277

Chapter 14. The Birkhoff Ergodic Theorem 289

§14.1. Measurable Functions 289
§14.2. Dominated Convergence 291
Contents 15

§14.3. Littlewood’s Three Principles 295

§14.4. Weyl’s Criterion 296
§14.5. Proof of Birkhoff’s Ergodic Theorem 298
§14.6. Exercises 302

Bibliography 313

Index 317
Part 1

Introduction to Number
Theory
Chapter 1

A Quick Tour of Number

Theory

Overview. We give definitions of the following concepts of congruence and

divisor in the integers, of rational and irrational number, and of countable
versus uncountable sets. We also discuss some of the elementary properties
of these notions.
Before we start, a general comment about the structure of this book
may be helpful. Each chapter consists of a “bare bones” outline of a piece
of the theory followed by a number of exercises. These exercises are meant
to achieve two goals. The first is to get the student used to the mechanical or
computational aspects of the theory. For example, the division algorithm in
Chapter 2 comes back numerous times in slightly different guises. In Chap-
ter 3, we use solve equations of the type ax+by = c for given a, b, and c, and
in Chapter 6, we take that even further to study continued fractions. To rec-
ognize and understand the use of the algorithm in these different contexts,
it is therefore crucial that the student sufficient practice with elementary ex-
amples. Thus, even if the algorithm is “more or less” clear or familiar, a
wise student will carefully do all the computational problems in order for
it to become “thoroughly” familiar. The second goal of the exercises is to
extend the bare bones theory, and fill in some details covered in most text-
books. For instance, in this Chapter we explain what rational and irrational
numbers are. However, the proof that the number e is irrational is left to the

3
4 1. A Quick Tour of Number Theory

exercises. In summary, as a rule the student should spend at least as much

time on the exercises as on the theory.
The natural numbers starting with 1 are denoted by N, and the collec-
tion of all integers (positive, negative, and 0) by Z. Elements of Z are also
called integers .

1.1. Divisors and Congruences

Definition 1.1. Given two numbers a and b. A multiple b of a is a number
that satisfies b = ac. A divisor a of b is an integer that satisfies ac = b where
c is an integer. We write a | b. This reads as a divides b or a is a divisor of
b.
Definition 1.2. Let a and b non-zero. The greatest common divisor of two
integers a and b is the maximum of the numbers that are divisors of both
a and b. It is denoted by gcd(a, b). The least common multiple of a and b
is the least of the positive numbers that are multiples of both a and b. It is
denoted by lcm (a, b).

Note that for any a and b in Z, gcd(a, b) ≥ 1, as 1 is a divisor of every

integer. Similarly lcm (a, b) ≤ |ab|.
Definition 1.3. A number p > 1 is prime1 in N if its only divisors in N are
a and 1 (the so-called trivial divisors). A number a > 1 is composite or
reducible if it has more than 2 divisors in N. (The number 1 is neither.)

2 3 4 5 6 7 8 9 10

11 12 13 14 15 16 17 18 19 20

21 22 23 24 25 26 27 28 29 30

Figure 1. Eratosthenes’ sieve up to n = 30. All multiples of a less than

√
31 are cancelled. The remainder are the primes less than n = 31.

1In a more general context — see Chapter 8 — these are called irreducible numbers, while the term
prime is reserved for numbers satisfying Corollary 2.9.
1.1. Divisors and Congruences 5

An equivalent definition of prime is a natural number with precisely two

(distinct) divisors. Eratosthenes’ sieve is a simple and ancient method to
generate a list of primes for all numbers less than, say, 225. First, list all
integers from 2 to 225. Start by circling the number 2 and crossing out all
its remaining multiples: 4, 6, 8, etcetera. At each step, circle the smallest
unmarked number and cross out all its remaining multiples
√ in the list. It
turns out that we need to sieve out only multiples of 225 = 15 and less
(see exercise 2.5). This method is illustrated if Figure 1. When done, the
primes are those numbers that are circled or unmarked in the list.
It will turn out that it is more natural to work in Z where all elements
have an additive inverse. We therefore introduce extend the definition of
primes to Z and introduce units.
Definition 1.4. A (multiplicative) unit in Z is a number a such that there is
b ∈ Z with the property that ab = 1. The only units in Z are 1 and −1. All
other numbers are non-units. A number n 6= 0 in Z is called composite or
reducible if it can be written as a product of two non-units. If n is not 0, not
a unit, and not composite, it is a prime or irreducible .
Remark 1.5. A concise way to characterize a unit is saying that it is an
invertible element.
Definition 1.6. Let a and b in Z. Then a and b are relatively prime if
gcd(a, b) = 1.
Definition 1.7. Let a and b in Z and m ∈ N. Then a is congruent to b
modulo m if a + my = b for some y ∈ Z or m | (b − a). We write
a =m b or a=b mod m or a ∈ b + mZ .

Definition 1.8. The residue of a modulo m is the (unique) integer r in

{0, · · · m − 1} such that a =m r. It is denoted by Resm (a).

These notions are cornerstones of much of number theory as we will

see. But they are also very common in all kinds of applications. For in-
stance, our expressions for the time on the clock are nothing but counting
modulo 12 or 24. To figure out how many hours elapse between 4pm and
3am next morning is a simple exercise in working with modular arithmetic,
that is: computations involving congruences.
6 1. A Quick Tour of Number Theory

1.2. Rational and Irrational Numbers

We start with a few results we need in the remainder of this subsection.
Theorem 1.9 (well-ordering principle). Any non-empty set S in N ∪ {0}
or in N has a smallest element.

Proof. Suppose this is false. Pick s1 ∈ S. Then there is another natural

number s2 in S such that s2 ≤ s1 − 1. After a finite number of steps, we pass
zero, implying that S has elements less than 0 in it. This is a contradiction.


Note that any non-empty set S of integers with a lower bound can be
transformed by addition of a integer b ∈ N0 into a non-empty S + b in N0 .
Then S + b has a smallest element, and therefore so does S. Furthermore, a
non-empty set S of integers with a upper bound can also be transformed into
a non-empty −S + b in N0 . Here, −S stands for the collection of elements
of S multiplied by −1. Thus we have the following corollary of the well-
ordering principle.
Corollary 1.10. Let be a non-empty set S in Z with a lower (upper) bound.
Then S has a smallest (largest) element.
Definition 1.11. i) An element x ∈ R is called an integer if it is a root of a
degree 1 polynomial with leading coefficient 1, that is if x − p = 0.
ii) An element x ∈ R is called rational if it a root of a degree 1 polynomial,
that is: qx − p = 0 where p and q 6= 0 are integers.
iii) Otherwise it is called an irrational number.

The set of integers is denoted by Z, and the rational numbers are de-
noted by Q. The usual way of expressing a rational number is that it can
be written as qp . The advantage of expressing a rational number as the solu-
tion of a degree 1 polynomial, however, is that it naturally paves the way to
Definitions 1.15 and 1.16.
Theorem 1.12. Any interval in R contains an element of Q. We say that Q
is dense in R.

The crux of the following proof is that we take an interval and scale it
up until we know there is an integer in it, and then scale it back down.
1.2. Rational and Irrational Numbers 7

Proof. Let I = (a, b) with b > a any interval in R. From Corollary 1.10 we
1
see that there is an n such that n > b−a . Indeed, if that weren’t the case, then
N would be bounded from above, and thus it would have a largest element
n0 . But if n0 ∈ N, then so is n0 + 1. This gives a contradiction and so the
above inequality must hold.
It follows that nb − na > 1. Thus the interval (na, nb) contains an in-
teger, say, p. So we have that na < p < nb. The theorem follows upon
dividing by n. 
√
Theorem 1.13. 2 is irrational.
√
Proof. Suppose 2 can be expressed as the quotient of integers rs . We may
assume that gcd(r, s) = 1 (otherwise just divide out the common factor).
After squaring, we get
2s2 = r2 .
The right-hand side is even, therefore the left-hand side is even. But the
square of an odd number is odd, so r is even. But then r2 is a multiple of 4.
Thus s must be even. This contradicts the assumption that gcd(r, s) = 1. 

It is pretty clear who the √

rational numbers are. But who or where are
the others? We just saw that 2 √ is irrational. It is not hard to see that the
sum of any rational number
√ plus 2 is also irrational. Or that√any√rational√
non-zero multiple of 2 is irrational. The same holds for 2, 3, 5,
etcetera. We look at this in exercise 1.7. From there, is it not hard to see
that the irrational numbers are also dense (exercise 1.8). In exercise 1.15,
we prove that the number e is irrational. The proof that π is irrational is
a little harder and can be found in [24][section 11.17]. In Chapter 2, we
will use the fundamental theorem of arithmetic, Theorem 2.11, to construct
other irrational numbers. In conclusion, whereas rationality is seen at face
value, irrationality of a number may take some effort to prove, even though
they are much more numerous as we will see in Section 1.4.
If you think about it, we cannot express the exact numerical value of an
irrational number! The only way to do that would be in a decimal (or any
other base) expansion. But if such an expansion were finite, of course, the
number would be rational! Thus the question of how well we can approxi-
mate irrational numbers by rational ones arises (see exercise 1.18). Here is
an important general result which we will have occasion to prove in Chapter
6.
8 1. A Quick Tour of Number Theory

Theorem 1.14. Let ρ ∈ R be irrational. Then there are infinitely many

p p 1
q ∈ Q such that ρ − q < q2 .

1.3. Algebraic and Transcendental Numbers

The set of polynomials with coefficients in Z, Q, R, or C is denoted by Z[x],
Q[x], R[x], and C[x], respectively.
Definition 1.15. An element x ∈ C is called an algebraic integer if it satis-
fies p(x) = 0, where p is a non-zero polynomial in Z[x] with leading coeffi-
cient 1.
Definition 1.16. An element x ∈ C is called an algebraic number if it sat-
isfies p(x) = 0, where p is a non-zero polynomial in Z[x]. Otherwise it is
called a transcendental number.

The transcendental numbers are even harder to pin down than the gen-
eral irrational numbers. We do know that e and π are transcendental, but the
proofs are considerably more difficult (see [26]). We’ll see below that the
transcendental numbers are far more abundant than the rationals or the alge-
braic numbers. In spite of this, they are harder to analyze and, in fact, even
hard to find. This paradoxical situation where the most prevalent numbers
are hardest to find, is actually pretty common in number theory.
The most accessible tool to construct transcendental numbers is Liou-
ville’s Theorem. The setting is the following. Given an algebraic number
y, it is the root of a polynomial with integer coefficients f (x) = ∑di=0 ai xi ,
where we always assume that the coefficient ad of the highest power is
non-zero. That highest power is called the degree of the polynomial and is
denoted by deg( f ) . Note that we can always find a polynomial of higher
degree that has y as a root. Namely, multiply f by any other polynomial g.
Definition 1.17. We say that f (x) = ∑di=0 ai xi in Z[x] is a minimal polynomial
in Z[x] for ρ if f is a non-zero polynomial in Z[x] of minimal degree, say d,
such that f (ρ) = 0. We say that the degree of ρ is d.

Theorem 1.18 (Liouville’s Theorem). Let f be a minimal polynomial of

degree d ≥ 2 for r ∈ R. Then
p p c(r)
∃ c(r) > 0 such that ∀ ∈ Q : r− > d .
q q q
1.3. Algebraic and Transcendental Numbers 9

Proof. Clearly, if r − qp ≥ 1, the inequality is satisfied. So assume that

r − qp < 1. Now let f be a minimal polynomial for r (see Figure 2), and
set
K = max f 0 (t) .
t∈[r−1,r+1]
We know that f (p/q) is not zero, because otherwise f would have a factor
(x − p/q). In that case, the quotient g of f and (x − p/q) would not neces-
sarily have integer coefficients, but some integral multiple mg of g would.
However, mg would be of lower degree, thus contradicting the minimality
of f . This gives us that qd f (p/q) is an integer, because
  d
d p
q f = ∑ ai pi qd−i ≥ 1 ,
q i=0

because it is a non-zero integer. Thus | f (p/q)| ≥ q−d . Finally, we use the

mean value theorem which tells us that for K as above, there is a t between
r and qp such that
 
f qp − f (r) q−d
K ≥ f 0 (t) = p ≥ ,
q −r
p
−r q

since f (r) = 0. This gives us the desired inequality. 

t
( )
r−1 r p/q r+1

Figure 2. f is a minimal polynomial for the irrational number r. By

minimality f 0 (p/q) is not zero. On the interval (r − 1, r), the absolute
value of the derivative of f attains its maximum at t.
10 1. A Quick Tour of Number Theory

Definition 1.19. A real number ρ is called a Liouville number if for all

n ∈ N, there is a rational number qp such that
p 1
ρ− < n.
q q

It follows directly from Liouville’s theorem that such numbers must

be transcendental. Liouville numbers can be constructed fairly easily. The
number
∞
ρ= ∑ 10−k!
k=1
p
is an example. If we set q equal to ∑nk=1 10−k! , then q = 10n! . Then
∞
p
ρ− = ∑ 10−k! . (1.1)
q k=n+1

It is easy to show that this is less than q−n (exercise 1.17).

It is worth noting that there is an optimal version of Liouville’s Theo-
rem. We record it here without proof.
Theorem 1.20 (Roth’s Theorem). Let ρ ∈ R be algebraic. Then for all
ε >0
p p c(ρ, ε)
∃ c(ρ, ε) > 0 such that ∀ ∈ Q : ρ − > 2+ε ,
q q q
where c(ρ, ε) depends only on ρ and ε.

This result is all the more remarkable if we consider it in the context of

Theorem 1.14.

1.4. Countable and Uncountable Sets

Definition 1.21. i) A set S is finite if there is a bijection f : {1, · · · , n} → S
for some n > 0.
ii) A set S is countably infinite if there is a bijection f : N → S.
iii) An infinite set for which there is no such bijection is called uncountable.
iv) A set S is countable if it is finite or if it is countably infinite.
Proposition 1.22. Every infinite set S contains a countable subset.
1.4. Countable and Uncountable Sets 11

Proof. Choose an element s1 from S. Now S − {s1 } is not empty because S

is not finite. So, choose s2 from S − {s1 }. Then S − {s1 , s2 } is not empty be-
cause S is not finite. In this way, we can remove sn+1 from S − {s1 , s2 , · · · sn }
for all n. The set {s1 , s2 , · · · } is countable and is contained in S. 

So countable sets are the smallest infinite sets in the sense that there are
no infinite sets that contain no countable set. But there certainly are larger
sets, as we will see next.
Theorem 1.23. The set R is uncountable.

Proof. The proof is one of mathematics’ most famous arguments: Cantor’s

diagonal argument [16]. The argument is developed in two steps .
Let T be the set of semi-infinite sequences formed by the digits 0 and
2. An element t ∈ T has the form t = t1t2t3 · · · where ti ∈ {0, 2}. The
first step of the proof is to prove that T is uncountable. So suppose it is
countable. Then a bijection t between N and T allows us to uniquely define
the sequence t(n), the unique sequence associated to n. Furthermore, they
form an exhaustive list of the elements of T . For example,

t(1) = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 · · ·
t(2) = 2, 0, 2, 0, 2, 0, 2, 0, 2, 2, 2 · · ·
t(3) = 0, 0, 0, 2, 2, 2, 2, 2, 2, 2, 2 · · ·
t(4) = 2, 2, 2, 2, 2, 2, 0, 0, 0, 0, 0 · · ·
t(5) = 0, 0, 0, 2, 0, 0, 2, 0, 0, 2, 0 · · ·
t(6) = 2, 0, 0, 0, 0, 2, 0, 0, 0, 2, 2 · · ·
.. .. ..
. . .
Construct t ∗ as follows: for every n, its nth digit differs from the nth digit
of t(n). In the above example, t ∗ = 2, 2, 2, 0, 2, 0, · · · . But now we have
a contradiction, because the element t ∗ cannot occur in the list. In other
words, there is no surjection from N to T . Hence there is no bijection
between N and T .
The second step is to show that there is a subset K of R such that there
is no surjection (and thus no bijection) from N to K. Let t be a sequence
with digits ti . Define f : T → R as follows
∞
f (t) = ∑ ti 3−i .
i=1
12 1. A Quick Tour of Number Theory

If s and t are two distinct sequences in T , then for some k they share the
first k − 1 digits but tk = 2 and sk = 0. So
∞ ∞
f (t) − f (s) = 2 · 3−k + ∑ (ti − si )3−i ≥ 2 · 3−k − 2 ∑ 3−i = 3−k .
i=k+1 i=k+1
Thus f is injective. Therefore f is a bijection between T and the subset
K = f (T ) of R. If there is a surjection g from N to K = f (T ), then,
g f
N −→ K ←− T .
And so f −1 g is a surjection from N to T . By the first step, this is impossible.
Therefore, there is no surjection g from N to K, much less from N to R. 

The crucial part here is the diagonal step, where an element is con-
structed that cannot be in the list. This really means the set T is strictly
larger than N. The rest of the proof seems an afterthought, and perhaps
needlessly complicated. You might think that it is much more straightfor-
ward to just use the digits 0 and 1 and the representation of the real numbers
on the base 2, as opposed to the digits 0 and 2 and the base 3. But if you
do that, you run into a problem that has to be dealt with. The sequence t ∗
might end with an infinite all-ones subsequence such as t ∗ = 1, 1, 1, 1, · · · .
This corresponds to the real number x = 1.0... which might be in the list.
To circumvent that problem leads to slightly more complicated proofs (see
exercise 1.10).
Meanwhile, this gives us a very nice corollary which we will have
occasion to use in later chapters. For b an integer greater than 1, denote
by {0, 1, 2, · · · b − 1}N the set of sequences a1 a2 a3 · · · where each ai is in
{0, 1, 2, · · · b − 1}. Such sequences are often called words.
Corollary 1.24. (i) The set of infinite sequences in {0, 1, 2, · · · b − 1}N is
uncountable. (ii) The set of finite sequences (but without bound) in {0, 1, 2, · · · b−
1}N is countable.

Proof. The proof of (i) is the same as the proof that T is uncountable in the
proof of Theorem 1.23. The proof of (ii) consists of writing first all b words
of length 1, then all b2 words of length 2, and so forth. Every finite string
will occur in the list. 
Theorem 1.25. (i) The set Z2 is countable. (ii) Q is countable.
1.4. Countable and Uncountable Sets 13

Proof. (i) The proof relies on Figure 3. In it, a directed path γ is traced
out that passes through all points of Z2 . Imagine that you start at (0, 0) and
travel along γ with unit speed. Keep a counter c ∈ N that marks the point
(0, 0) with a “1”. Up the value of the counter by 1 whenever you hit a point
of Z2 . This establishes a bijection between N and Z2 .

Figure 3. A directed path γ passing through all points of Z2 .

(ii) Again travel along γ with unit speed. Keep a counter c ∈ N that
marks the point (0, 1) with a “1”. Up the value of the counter by 1. Con-
tinue to travel along the path until you hit the next point (p, q) that is not
a multiple of any previous and such q is not zero. Mark that point with
the value of the counter. Q contains N and so is infinite. Identifying each
marked point (p, q) with the rational number qp establishes the countability
of Q. 

Notice that this argument really tells us that the product (Z × Z)of a
countable set (Z) and another countable set is still countable. The same
holds for any finite product of countable set. Since an uncountable set is
strictly larger than a countable, intuitively this means that an uncountable
set must be a lot larger than a countable set. In fact, an extension of the
above argument shows that the set of algebraic numbers numbers is count-
able (see exercises 1.9 and 1.26). And thus, in a sense, it forms small subset
of all reals. All the more remarkable, that almost all reals that we know
14 1. A Quick Tour of Number Theory

anything about are algebraic numbers, a situation we referred to at the end

of Section 1.4.
It is useful and important to have a more general definition of when two
sets “have the same number of elements”.
Definition 1.26. Two sets A and B are said to have the same cardinality
if there is a bijection f : A → B. It is written as |A| = |B|. If there is an
injection f : A → B, then |A| ≤ |B|.
Definition 1.27. An equivalence relation on a set A is a (sub)set R of or-
dered pairs in A × A that satisfy three requirements.
- (a, a) ∈ R (reflexivity).
- If (a, b) ∈ R, then (b, a) ∈ R (symmetry).
- If (a, b) ∈ R and (b, c) ∈ R, then If (a, c) ∈ R (transitivity).
Usually (a, b) ∈ R is abbreviated to a ∼ b. The mathematical symbol “=”
is an equivalence.

It is easy to show that having the same cardinality is an equivalence

relation on sets (exercise 1.24). Note that the cardinality of a finite set is
just the number of elements it contains. An excellent introduction to the
cardinality of infinite sets in the context of naive set theory can be found in
[29].

1.5. Exercises
Exercise 1.1. Apply Eratosthenes’ Sieve to get all prime numbers between
1 and 200. (Hint: you should get 25 primes less than 100, and 21 between
100 and 200.)

Exercise 1.2. Factor the following into prime numbers (write as a product
of primes).
393, 16000, 5041, 1111, 1763, 720.
Exercise 1.3. Find pairs of primes that differ by 2. These are called twin
primes. Are there infinitely many such pairs? (Hint: This is an open prob-
lem; the affirmative answer is called the twin prime conjecture.)

Conjecture 1.28 (Twin Prime Conjecture). There are infinitely many twin
prime pairs2.

2Still unsolved in 2022.

1.5. Exercises 15

Exercise 1.4. Show that small enough even integers greater than 3 can be
written as the sum of two primes. Is this always true? (Hint: This is an
open problem; the affirmative answer is called the Goldbach conjecture.)

Exercise 1.5. Comment on the types of numbers (rational, irrational, tran-

scendental) we use in daily life.
a) What numbers do we use to pay our bills?
b) What numbers do we use in computer simulations of complex pro-
cesses?
c) What numbers do we use to measure physical things?
d) Give examples of the usage of the “other” numbers.

Exercise 1.6. Let a and b be rationals and x and y irrationals.

a) Show that ax is irrational iff a 6= 0.
b) Show that b + x is irrational.
c) Show that ax + b√is irrational iff a 6= 0.
d) Conclude that a 2 + b is irrational iff a 6= 0.
√ √
Exercise 1.7. a) Show that 3, 5, et cetera (square roots of primes) are
irrational. (Hint: use Corollary 2.9.)
√
b) Show that for p prime, the numbers {a p + b : a, b ∈ Z} are dense in
the reals.
√
Exercise 1.8. Show that numbers of the form that a 2 + b are irrational
and dense in the reals (a and b are rational).

Lemma 1.29. The countable union of countable sets is countable.

Exercise 1.9. a) Use an pictorial argument similar to that of Figure 3 to

show that N × N (the set of lattice points (n, m) with n and m in N) is
countable.
b) Suppose Ai are countable sets where i ∈ I and I countable. Show that
there is a bijection {1, · · · , n} → I or N → I.
c) Define A01 = A1 , A02 = A2 \A01 , A03 = A3 \{A01 ∪ A02 }, et cetera. Show that
there is a bijection fi : {1, · · · , ni } → Ai or fi : N → Ai for each i.
c) Show there is a bijection F : N × N → i∈I Ai given by F(n, m) = fn (m).
S
0
(Hint: place the elements of A1 on (1, 1), (1, 2), (1, 3), ...; the elements of
A02 on (2, 1), (2, 2), (2, 3), ... and so on. Now use the argument in item (a).)
d) Conclude that Lemma 1.29 holds.
16 1. A Quick Tour of Number Theory

Exercise 1.10. What is wrong in the following attempt to prove that [0, 1]
is uncountable?
Assume that [0, 1] is countable, that is: there is a bijection f between [0, 1]
and N. Let r(n) be the unique number in [0, 1] assigned to n. Thus the
infinite array (r(1), r(2), · · · ) forms an exhaustive list of the numbers in
[0, 1], as follows:

r(1) = 0.00000000000 · · ·
r(2) = 0.10101010111 · · ·
r(3) = 0.00011111111 · · ·
r(4) = 0.11111100000 · · ·
r(5) = 0.00010010010 · · ·
r(6) = 0.10000100011 · · ·
.. .. ..
. . .
(Written as number on the base 2.) Construct r∗ as the string whose nth
digit differs from that of r(n). Thus in this example:
r∗ = 0.111010 · · · ,
which is different from all the other listed binary numbers in [0, 1].
(Hint: what if r∗ ends with an infinite all ones subsequence?)

Exercise 1.11. The set f (T ) in the proof of Theorem 1.23 is called the
middle third Cantor set. Find its construction. What does it look like?
(Hint: locate the set of numbers whose first digit (base 3) is a 1; then
the set of numbers whose second digit is a 1.)

Exercise 1.12. The integers exhibit many, many other intriguing patterns.
Given the following function:

 n even: f (n) = 2n
.
 n odd: f (n) = 3n+1 2
a) (Periodic orbit) Show that f sends 1 to 2 and 2 to 1.
b) (Periodic orbit attracts) Show that if you start with a small positive inte-
ger and apply f repeatedly, eventually you fall on the orbit in (a).
c) Show that this is true for all positive integers.
(Hint: This is an open problem; the affirmative answer is called the Collatz
conjecture.)

Exercise 1.13. It is known that 211213 − 1 is prime. How many decimal

digits does this number have? (Hint: log10 2 ≈ 0.301029996.)
1.5. Exercises 17

Exercise 1.14. This exercise prepares for Mersenne and Fermat primes,
see Definition 5.13.
2ab −1
a) Use ∑a−1 ib p
i=0 2 = 2a −1 to show that if 2 − 1 is prime, then p must be
prime.
(−2b )a −1
b) Use ∑a−1 b i p
i=0 (−2 ) = (−2)a −1 to show that if 2 + 1 is prime, then p has
no odd factor. (Hint: assume a is odd.)
1 p
Exercise 1.15. In what follows, we assume that e − 1 = ∑∞
i=1 i! = q is
rational and show that this leads to a contradiction.
a) Show that the above assumption implies that
q ∞
q! q!
∑ +∑ = p(q − 1)! .
i=1 i! i=1 (q + i)!
(Hint: multiply both sides of by q! .)
q! 1
b) Show that ∑∞ ∞
i=1 (q+i)! < ∑i=1 (q+1)i . (Hint: write out a few terms of the
sum on the left.)
c) Show that the sum on the left hand side in (b) cannot have an integer
value.
d) Show that the other two terms in (a) have an integer value.
e) Conclude there is a contradiction unless the assumption that e is rational
is false.
Exercise 1.16. Show that Liouville’s theorem (Theorem 1.18) also holds
for rational for rational numbers ρ = rs as long as qp 6= rs .

Exercise 1.17. a) Show that for all positive integers p and n, we have
p(n + 1)n! ≤ (n + p)! .
b) Use (a) to show that
∞ ∞  −1
∑ 10−k! ≤ ∑ 10−p(n+1)n! = 10−(n+1)n! 1 − 10−(n+1)n! .
k=n+1 p=1
c) Show that b) implies the affirmation after equation (1.1).

Exercise 1.18. a) Use a calculator to write down the decimal expansion of

√
2 in 10 decimal√places.
b) How close to 2 is the decimal approximation 1414/1000? √
c) Compute 1393/985 is 10 decimal places. How close is it to 2? (Hint:
compare with Theorem 1.14.)

Exercise 1.19. Show that the inequality of Roth’s theorem does not hold
for all numbers. (Hint: Let ρ be a Liouville number.)

Definition 1.30. Let A be a set. Its power set P(A) is the set whose elements
are the subsets of A. This always includes the empty set denoted by 0. /
18 1. A Quick Tour of Number Theory

In the next two exercises, the aim is to show something that is obvious
for finite sets, namely:
Theorem 1.31. The cardinality of a power set is always (strictly) greater
than that of the set itself.

Exercise 1.20. a) Given a set A, show that there is an injection f : A →

P(A). (Hint: for every element a ∈ A there is a set {a}.)
b) Conclude that |A| ≤ |P(A)|. (Hint: see Definition 1.26.)

Exercise 1.21. Let A be an arbitrary set. Assume that that there is a surjec-
tion S : A → P(A) and define
R = {a ∈ A | a 6∈ S(a)} . (1.2)
a) Show that there is a q ∈ A such that S(q) = R.
b) Show that if q ∈ R, then q 6∈ R. (Hint: equation (1.2).)
c) Show that if q 6∈ R, then q ∈ R. (Hint: equation (1.2).)
d) Use (b) and (c) and exercise 1.20, to establish that |A| < |P(A)|. (Hint:
see Definition 1.26.)
In the next two exercises we show that the cardinality of R equals that
of P(N). This implies that that |R| > |N|, which also follows from Theorem
1.23.
Exercise 1.22. Let T be the set of sequences defined in the proof of Theo-
rem 1.23. To a sequence t ∈ T , associate a set S(t) in P(N) as follows:
i ∈ S if t(i) = 2 and i 6∈ S if t(i) = 0 .
a) Show that there is a bijection S : T → P(N).
b) Use the bijection f in the proof of Theorem 1.23 to show there is a bi-
jection K → P(N).
c) Show that (a) and (b) imply that |P(N)| = |K| = |T |. (Hint: see Defini-
tion 1.26.)
d) Find an injection K → R and conclude that |P(N)| ≤ |R|.

Exercise 1.23. a) Show that there is a bijection R → (0, 1).

b) Show that there is an injection (0, 1) → T . (Hint: use usual binary (base
2) expansion of reals.)
c) Use (a), (b), and exercise 1.22 (a), to show that |R| ≤ |P(N)|.
d) Use (c) and exercise 1.22 (d) to show that |R| = |P(N)|.

Exercise 1.24. Show that having the same cardinality (see Definition 1.26)
is an equivalence relation on sets.
1.5. Exercises 19

Exercise 1.25. a) Fix some n > 0. Show that having the same remainder
modulo n is an equivalence relation on Z. (Hint: for example, -8, 4, and
16 have remainder 4 modulo 12.)
b) Show that addition respects this equivalence relation. (Hint: If a+b = c,
a ∼ a0 , and b ∼ b0 , then a0 + b0 = c0 with c ∼ c0 .)
c) The same question for multiplication.

Exercise 1.26. a) Show that the set of algebraic numbers is countable.

(Hint: use Lemma 1.29.)
b) Conclude that the transcendental numbers form an uncountable set.

Exercise 1.27. a) Show that rectangular grid of n by m squares can be

divided into d by d squares where d is a common divisor of n and m.
b) Show that in (a) the largest d equals gcd(n, m), see Figure 4.

12

30

Figure 4. A rectangle of 30 by 12 squares can be subdivided into

squares non larger than 6 by 6.

Exercise 1.28. Suppose two meshing gear wheels have n and m teeth, re-
spectively. Each wheel has one marked tooth.
a) Show that the positions of the wheels after ` teeth are traversed is in-
dicated by the projection of the point (`, `) on both in a rectangular coor-
dinate system with n by m units. See Figure 5. (Hint: each small square
corresponds to the turn through one tooth on both wheels. Show that the
first time the marked teeth return exactly to their original position occurs
when the first wheel has made lcm (n, m)/n = m/ gcd(n, m) complete turns
and the second lcm (n, m)/n = n/ gcd(n, m).
20 1. A Quick Tour of Number Theory

12

12

12

12

12

30 30

Figure 5. Two meshing gear wheels have 30, resp. 12 teeth. Each tiny
square represents the turning of one tooth in each wheel. After precisely
5 turns of the first wheel and 2 of the second, both are back in the exact
same position.
Chapter 2

The Fundamental Theorem

of Arithmetic

Overview. We derive the Fundamental Theorem of Arithmetic. The most

important part of that theorem says every integer can be uniquely written
as a product of primes up to re-ordering of the factors, and up to factors -1.
We discuss two of its most important consequences, namely the fact that the
number of primes is infinite and the fact that non-integer roots are irrational.
On the way to proving the Fundamental Theorem of Arithmetic, we
need Bézout’s Lemma and Euclid’s Lemma. The proofs of these well-
known lemma’s may appear abstract and devoid of intuition. To have some
intuition, the student may assume the Fundamental Theorem of Arithmetic
and derive from it each of these lemma’s (see Exercise 2.9) and things will
seem much more intuitive. The reason we do not do it that way in this book
is of course that indirectly we use both results to establish the Fundamental
Theorem of Arithmetic.
The principal difference between Z and N is that in Z addition has an
inverse (subtraction). This makes Z a into a ring, a type of object we will
encounter in Chapter 5. It will thus save us a lot of work and is not much
more difficult to work in Z instead of in N.

21
22 2. The Fundamental Theorem of Arithmetic

2.1. Bézout’s Lemma

Definition 2.1. The floor of a real number θ is defined as follows: bθ c is
the greatest integer less than than or equal to θ . The fractional part {θ } of
the number θ is defined as θ − bθ c. Similarly, the ceiling of θ , dθ e, gives
the smallest integer greater than or equal to θ .

By the well-ordering principle, Corollary 1.10, the number bθ c and dθ e

exist for any θ ∈ R. Given a number ξ ∈ R, we denote its absolute value by
|ξ |.
Lemma 2.2. Given r1 and r2 with r2 > 0, then there are q2 and r3 with
|r3 | < |r2 | such that r1 = r2 q2 + r3 .
r1
Proof. Noting that r2 is a rational number, we can choose the integer q2 =
b rr21 c so that
r1
= q2 + e ,
r2
where e ∈ [0, 1) (see Figure 6). The integer q2 is called the quotient. Multi-
plying by r2 gives the result. 

r /r2
1
e

0 q

Figure 6. The division algorithm: for any two integers r1 and r2 , we

can find an integer q and a real e ∈ [0, 1) so that r1 /r2 = q2 + e.

Note that in this proof, in fact, r3 ∈ {0, · · · r2 − 1} and is unique. Thus

among other things, this lemma implies that every integer has a unique
residue (see Definition 1.8). More generally, we just require |r3 | < |r2 |,
and there is more than one choice for q2 . This is typical in the more general
context of rings (Chapter 8).
If |r1 | < |r2 |, then we can choose q2 = 0. In this case, ε = rr21 and we
learn nothing new. But if |r1 | > |r2 |, then q2 6= 0 and we have written r1 as
a multiple of r2 plus a remainder r3 .
2.1. Bézout’s Lemma 23

Definition 2.3. Given r1 and r2 with r2 > 0, the computation of q2 and r3 in

Lemma 2.2 is called the division algorithm. Note that r3 = Resr2 (r1 ) (see
Definition 1.8).
Remark 2.4. Lemma 2.2 is also called Euclid’s division lemma. This is
not to be confused with the Euclidean algorithm of Definition 3.3.
Lemma 2.5. (Bézout’s Lemma) Let a and b be such that gcd(a, b) = d.
Then ax + by = c has integer solutions for x and y if and only if c is a
multiple of d.

Proof. Let S and ν(S) be the sets:

S = {ax + by : x, y ∈ Z, ax + by 6= 0}
.
ν(S) = {|s| : s ∈ S} ⊆ N ∪ {0}
Then ν(S) 6= 0/ (it contains |a| and |b|) and is bounded from below. Thus by
the well-ordering principle of N, it has a smallest element n. Then there is
an element d ∈ S that has that norm: |d| = n.
For that d, we use the division algorithm to establish that there are q
and r ≥ 0 such that
a = dq + r and |r| < |d| . (2.1)
Now substitute d = ax+by. A short computation shows that r can be rewrit-
ten as:
r = a(1 − qx) + b(−qy) .
Suppose r 6= 0. Then this shows that r ∈ S. But we also know from (2.1)
that |r| is smaller than |d|. This is a contradiction because of the way d
is defined. But r = 0 implies that d is a divisor of a. The same argument
shows that d is also a divisor of b. Thus d is a common divisor of both a
and b.
Now let e be any divisor of both a and b. Then e | (ax + by), and so
e | d. But if e | d, then |e| must be smaller than or equal to |d|. Therefore, d
is the greatest common divisor of both a and b.
By multiplying x and y by f , we achieve that for any multiple f d of d
that
afx+bfy = fd.
24 2. The Fundamental Theorem of Arithmetic

On the other hand, let d be as defined above and suppose that x, y, and c are
such that
ax + by = c .
Since d divides a and b, we must have that d | c, and thus c must be a
multiple of d. 

2.2. Corollaries of Bézout’s Lemma

Lemma 2.6. (Euclid’s Lemma) Let a and b be such that gcd(a, b) = 1 and
a | bc. Then a | c.

Proof. By Bézout, there are x and y such that ax + by = 1. Multiply by c to

get:
acx + bcy = c .
Since a | bc, the left-hand side is divisible by a, and so is the right-hand
side. 

Euclid’s lemma is so often used, that it will pay off to have a few of the
standard consequences for future reference.
Theorem 2.7 (Cancellation Theorem). Let gcd(a, b) = 1 and b positive.
Then ax =b ay if and only if x =b y.

Proof. The statement is trivially true if b = 1, because all integers are equal
modulo 1.
If ax =b ay, then a(x − y) =b 0. The latter is equivalent to b | a(x − y).
The conclusion follows from Euclid’s Lemma. Vice versa, if x =b y, then
(x − y) is a multiple of b and so a(x − y) is a multiple of b. 

Used as we are to cancellations in calculations in R, it is easy to un-

derestimate the importance of this result. As an example, consider solving
21x =35 21y. It is tempting to say that this implies that x =35 y. But in fact,
gcd(21, 35) = 7 and the solution set is x =5 y, as is easily checked. This
example is in fact a special case of the following corollary.
Corollary 2.8. Let gcd(a, b) = d and b positive. Then ax =b ay if and only
if x =b/d y.
2.3. The Fundamental Theorem of Arithmetic 25

Proof. Divide by d to get da x = b a

dy and apply the cancellation theorem.
d


For the following results, recall the definition of primes in Z (Definition

1.4).
Corollary 2.9. For any n ≥ 1, p is prime and p | ∏ni=1 ai , if and only if there
is j ≤ n such that p | a j .

Proof. If p | a j , then p | ∏ni=1 ai . We prove the other direction by induction

on n, the number of terms in the product. Let S(n) be the statement of the
corollary. S(1) says: If p is prime and p | a1 , then p | a1 , which is trivially
true.
For the induction step, suppose that for any k > 1, S(k) is valid and let
p | ∏k+1
i=1 ai . Then ! !
k
p| ∏ ai ak+1 .
i=1
Applying Euclid’s Lemma, it follows that
k
p | ∏ ai or, if not, then p | ak+1 .
i=1
In the former case S(k + 1) holds because S(k) does. In the latter, we see
that S(k + 1) also holds. 
Corollary 2.10. If p and qi are prime and p | ∏ni=1 qi , then there is j ≤ n
such that p = q j .

Proof. Corollary 2.9 says that if p and all qi are primes, then there is j ≤ n
such that p | q j . Since q j is prime, its only divisors are 1 and itself. Since
p 6= 1 (by the definition of prime), p = q j . 

2.3. The Fundamental Theorem of Arithmetic

The last corollary of the previous section enables us to prove the most im-
portant result of this chapter.

Theorem 2.11 (The Fundamental Theorem of Arithmetic). Every non-

zero integer n ∈ Z
i) is a product of powers of primes (up to multiplication by units) and
26 2. The Fundamental Theorem of Arithmetic

ii) that product is unique (up to the order of multiplication and up to multi-
plication by the units).
Remark 2.12. The theorem is also called the unique factorization theorem.
Its statement means that up to re-ordering of the pi and factors ±1, every
integer n can be uniquely expressed as
r
n = ±1 · ∏ p`i i ,
i=1
where the pi are distinct primes.

Proof. First we prove (i). Define S to be the set of integers n that are not
products of primes times a unit, and the set ν(S) their absolute values. If
the set S is non-empty, then by the well-ordering principle (Theorem 1.9),
ν(S) has a smallest element. Let a be one of the elements in S that minimize
ν(S).
If a is prime, then it can be factored into primes, namely a = a, which
contradicts the assumption. Thus a is a composite number, a = bc and both
b and c are non-units. Thus |b| and |c| are strictly smaller than |a|. By
assumption, both b and c are products of primes. Then, of course, so is
a = bc. But this contradicts the assumptions on a.
Next, we prove (ii). Let S be the set of integers that have more than
one factorization and ν(S) the set of their absolute values. If the set S is
non-empty, then, again by the well-ordering principle, ν(S) has a smallest
element. Let a be one of the elements in S that minimize ν(S).
Thus we have
r s
a = u ∏ pi = u0 ∏ p0i ,
i=1 i=1
where at least some of the pi and p0i do not match up. Here, u and u0 are
units. Clearly, p1 divides a. By Corollary 2.10, p1 equals one of the p0i , say,
p01 . Since primes are not units, pa1 is strictly less than |a|. Therefore, by
hypothesis, pa1 is uniquely factorizable. But then the primes in
r s
a
= u ∏ pi = u0 ∏ p0i ,
p1 i=2 i=2
all match up (up to units). 
2.4. Corollaries of the Fundamental Theorem of Arithmetic 27

Remark 2.13. It is interesting to note that the proof of this theorem depends
on two distinct characterizations of primes. In part (i), we use Definition
1.4, which essentially says that primes are numbers that cannot be factored
into smaller numbers (the literal meaning of “irreducible”). But for part (ii),
we essentially use the fact that if a prime p divides ab, then it divides a or
b (or both). Now (through Corollary 2.10) we know both characterizations
hold in Z, but it will turn out that they are not equivalent in general (see
Proposition 8.3).
If the reader investigates the arguments carefully, it will become clear
that underneath it all lurks the division algorithm in Z. To wit, we use
Corollary 2.10 which Corollary 2.9 which uses Euclid’s lemma which uses
Bézout which finally uses the division algorithm. It is precisely this division
algorithm that is not available in all rings, and which plays an important role
in algebraic number theory, see Chapter 8).
Remark 2.14. The student might reflect on this and conclude that one can-
not write 1 as a product of primes. So how come that in Theorem 2.11 we
do not make an exception for the number 1 (or -1 for that matter). The
answer is this: 1 is a unit times “the empty product” of primes, and this is
unique. This piece of apparent sophistry actually turns out to be useful as
we will see in Chapter 8 (corollary 8.14).

2.4. Corollaries of the Fundamental Theorem of

Arithmetic
The unique factorization theorem is intuitive and easy to use. It is very
effective in proving a great number of results. Some of these results can be
proved with a little more effort without using the theorem (see exercise 2.6
for an example). We start with two somewhat technical results that we need
for later reference.
Lemma 2.15. We have
n
∀ i ∈ {1, · · · n} : gcd(ai , b) = 1 ⇐⇒ gcd(∏ ai , b) = 1 .
i=1

Proof. The easiest way to see this uses prime power factorization. If
gcd(∏ni=1 ai , b) = d > 1, then d contains a factor p > 1 that is a prime.
Since p divides ∏ni=1 ai , at least one of the ai must contain (by Corollary
28 2. The Fundamental Theorem of Arithmetic

2.9) a factor p. Since p also divides b, this contradicts the assumption that
gcd(ai , b) = 1.
Vice versa, if gcd(ai , b) = d > 1 for some i, then also ∏ni=1 ai is divisible
by d. 
Corollary 2.16. For all a and b in Z not both equal to 0, we have that
gcd(a, b) · lcm (a, b) = ab up to units.

Proof. Given two numbers a and b, let P = {pi }ki=1 be the list of all prime
numbers occurring in the unique factorization of a or b. We then have:
s s
a = u ∏ pki i and b = u0 ∏ p`i i ,
i=1 i=1
where u and u0 are units and ki and `i in N ∪ {0}. Now define:
mi = min(ki , `i ) and Mi = max(ki , `i ) ,
and let the numbers m and M be given by
s s
m = ∏ pm
i
i
and M = ∏ pMi
i .
i=1 i=1
Since mi + Mi = ki + `i , it is clear that the multiplication m · M yields ab.
Now all we need to do, is showing that m equals gcd(a, b) and that M
equals lcm (a, b). Clearly m divides both a and b. On the other hand, any
integer greater than m has a unique factorization that either contains a prime
not in the list P and therefore divides neither a nor b, or, if not, at least one
of the primes in P in its factorization has a power greater than mi . In the last
case m is not a divisor of at least one of a and b. The proof that M equals
lcm (a, b) is similar. 

A question one might ask is: how many primes are there? In other
words, how long can the list of primes in a factorization be? Euclid provided
the answer around 300BC.
Theorem 2.17 (Infinitude of Primes). There are infinitely many primes.

Proof. Suppose the list P of all primes is finite, so that P = {pi }ni=1 . Define
the integer d as the product of all primes (to the power 1):
n
d = ∏ pi .
i=1
2.5. The Riemann Hypothesis 29

If d + 1 is a prime, we have a contradiction. So d + 1 must be divisible by a

prime pi in P. But then we have
pi | d and pi | d + 1 . (2.2)
But since (d + 1)(1) + d(−1) = 1, Bézout’s lemma implies that gcd(d, d +
1) = 1, which contradicts equation (2.2). 

One the best known consequences of the fundamental theorem of arith-

metic
√ is probably the theorem that follows below. A special case, namely
2 is irrational (see Theorem 1.13), was known to Pythagoras in the 6th
century BC.
1
Theorem 2.18. Let n > 0 and k > 1 be integers. Then n k is either an integer
or irrational.
1
Proof. Assume n k is rational. That is: suppose that there are integers a and
b such that
1 a
nk = =⇒ n · bk = ak .
b
Divide out any common divisors of a and b, so that gcd(a, b) = 1. Then by
`i
the fundamental theorem of arithmetic, b = ∏si=1 pm i r
i and a = ∏i=s+1 pi (a
and b share no prime factors) and so
s r
n ∏ pkm
i
i
= ∏ pk`i
i .
i=1 i=s+1
The primes pi on the left and right side are distinct. This is only possible if
km
∏si=1 pi i equals 1. But then n is the k-th power of an integer. 

2.5. The Riemann Hypothesis

Analytic continuation will be discussed in more detail in Chapter 11. For
now, we note that it is akin to replacing ex where x is real by ez where z is
complex. A better example is the series ∑∞j=0 z j . This series diverges for
|z| > 1. But as an analytic function, it can be replaced by (1 − z)−1 on all of
C except at the pole z = 1 where it diverges.
Analytic continuations are meaningful because they are unique. The
reason this is true is roughly as follows (for details, see Theorem 11.22).
30 2. The Fundamental Theorem of Arithmetic

Analytic functions are functions that are differentiable, that is to say, wher-
ever the derivative is non-zero, the derivative equals a scaling times a rota-
tion. Equivalently, they are locally given by a convergent power series. If f
and g are two analytic continuations to a region U of a function h given on
a region V ⊂ U, then the difference f − g is zero on V . One can then show
that the power series of f − g must be zero on the entire region U. Hence,
analytic continuations f and g are unique.
Definition 2.19. The Riemann zeta function ζ (z) is a complex function de-
fined on {z ∈ C | Re z > 1} by
∞
ζ (z) = ∑ n−z .
n=1
On other values of z ∈ C it is defined by the analytic continuation of this
function (except at z = 1 where it has a simple pole).

In analytic number theory, it is common to denote the argument of the

zeta function by s, while in other branches of complex analysis z is the go-to
complex variable. We will stick to the latter. Note that
n−z = e− ln n Re z−i ln n Im z ,
and so |n−z | = n−Re z . Therefore for Re z > 1 the series is absolutely con-
vergent. More about this in Chapter 11. At this point, the student should
remember – or look up in [3] – the fact that absolutely convergent series
can be re-arranged arbitrarily without changing the sum. This leads to the
following proposition.
Proposition 2.20 (Euler’s Product Formula). For Re z > 1 we have
∞
ζ (z) := ∑ n−z = ∏ (1 − p−z )−1 .
n=1 p prime

There are two common proofs of this formula. It is worth presenting both.

proof 1. The first proof uses the Fundamental Theorem of Arithmetic. First,
we use the geometric series
∞
(1 − p−z )−1 = ∑ p−kz
k=0
2.5. The Riemann Hypothesis 31

to rewrite the right-hand side of the Euler product. This gives

! ! !
∞ ∞ ∞
−k z
∏ −z −1
(1 − p ) = ∑ p−k
1
1z
∑ p−k
2
2z
∑ p3 3 ···
p prime k1 =0 k2 =0 k3 =0

Re-arranging terms yields

 −z
k
··· = ∑ pk11 pk22 p33 · · · .
k1 ,k2 ,k3 ,···≥0
 
k
By the Fundamental Theorem of Arithmetic, the expression pk11 pk22 p33 · · ·
runs through all positive integers exactly once. Thus upon re-arranging
again we obtain ∑∞ −z 
n=1 n .

proof 2. The second proof, the one that Euler used, employs a sieve method.
This time, we start with the left-hand side of the Euler product. If we mul-
tiply ζ by 2−z , we get back precisely the terms with n even. So
1 − 2−z ζ (z) = 1 + 3−z + 5−z + · · · = ∑ n−z .


2- n

Subsequently we multiply this expression by (1 − 3−z ).

This has the effect
of removing the terms that remain where n is a multiple of 3. It follows that
eventually
1 − p−z · · · 1 − p−z ∑ n−z .



` 1 ζ (z) =
p1 - n,···p` - n

The argument used in Eratosthenes’ sieve (Section 1.1) now serves to show
that in the right-hand side of the last equation all terms other than 1 disap-
pear as ` tends to infinity. Therefore, the left-hand side tends to 1, which
implies the proposition. 

The most important theorem concerning primes is probably the follow-

ing. We will give a proof in Chapter 12.
Theorem 2.21 (Prime Number Theorem). Let π(x) denote the prime
counting function, that is: the number of primes less than or equal to x
with x ≥ 2. Then
π(x) π(x)
1) lim = 1 and 2) lim R x = 1,
x→∞ (x/ ln x)
2 lnt dt
x→∞

where ln is the natural logarithm.

32 2. The Fundamental Theorem of Arithmetic

Figure 7. On the left, the function 2x lnt dt in blue, π(x) in red, and
R

x/ ln x in green. On the right, we have 2x lnt dt − x/ ln x in blue, π(x) −

R

x/ ln x in red. Note the different scales.

The first estimate is the one we will prove directly in Chapter 12. It
turns out the second is equivalent to it (exercise 12.10). However, it is
this one that gives the better estimate of π(x). In Figure 7 on the left, we
plotted, for x ∈ [2, 1000], from top to bottom the functions 2x lnt dt in blue,
R

π(x) in red, and x/ ln x. In the right-hand figure, we augment the domain to

x ∈ [2, 105 ]. and plot the difference of these functions with x/ ln x. It now
becomes clear that 2x lnt dt is indeed a much better approximation of π(x).
R

From this figure one may be tempted to conclude that 2x lnt dt − π(x) is
R

always greater than or equal to zero. This, however, is false. It is known

that there are infinitely many n for which π(n) > 2n lnt dt. The first such
R

n is called the Skewes number. Not much is known about this number1,
except that it is less than 10317 .
Perhaps the most important open problem in all of mathematics is the
following. It concerns the analytic continuation of ζ (z) given above.
Conjecture 2.22 (Riemann Hypothesis). All non-real zeros of ζ (z) lie on
the line Re z = 12 .

In his only paper on number theory [46], Riemann realized that the
hypothesis enabled him to describe detailed properties of the distribution
1In 2020.
2.6. Exercises 33

of primes in terms of of the location of the non-real zero of ζ (z). This

completely unexpected connection between so disparate fields — analytic
functions and primes in N — spoke to the imagination and led to an enor-
mous interest in the subject2 In further research, it has been shown that the
hypothesis is also related to other areas of mathematics, such as, for exam-
ple, the spacings between eigenvalues of random Hermitian matrices [1],
and even physics [9, 12].

2.6. Exercises
Exercise 2.1. Apply the division algorithm to the following number pairs.
(Hint: replace negative numbers by positive ones.)
a) 110 , 7.
b) 51 , −30.
c) −138 , 24.
d) 272 , 119.
e) 2378 , 1769.
f) 270 , 175560.

Exercise 2.2. In this exercise we will exhibit the division algorithm applied
to polynomials x + 1 and 3x3 + 2x + 1 with coefficients in Q, R, or C.
a) Apply long division to divide 3021 by 11. (Hint: 3021 = 11 · 275 − 4.)
b) Apply the exact same algorithm to divide 3x3 + 2x + 1 by x + 1. In this
algorithm, xk behaves as 10k in (a). (Hint: at every step, cancel the highest
power of x.)
c) Verify that you obtain 3x3 + 2x + 1 = (x + 1)(3x2 − 3x + 5) − 4.
d) Show that in general, if p1 and p2 are polynomials such that the degree
of p1 is greater or equal to the degree of p2 , then
p1 = q2 p2 + p3 ,
where the degree of p3 is less than the degree of p2 . (Hint: perform long
division as in (b). Stop when the degree of the remainder is less than that
of p2 .)
e) Why does this division not work for polynomials with coefficients in Z?
(Hint: replace x + 1 by 2x + 1.)

Exercise 2.3. a) For a, b in Z, let gcd(a, b) = 1. Show that if a | c and b | c,

then ab | c. (Hint: observe that a | by and use Euclid’s lemma.)
b) Show that ax =m c has a solution if and only gcd(a, m) | c. (Hint: note
that ax + my = c for some y and use Bézout.)

2This area of research, complex analysis methods to investigate properties of primes, is now called
analytic number theory. We take this up in Chapters 11 and 12.
34 2. The Fundamental Theorem of Arithmetic

Exercise 2.4. a) Compute by long division that 3021 = 11 · 274 + 7.

b) Conclude from exercise 2.2 that 3021 = 11(300 − 30 + 5) − 4. (Hint: let
x = 10.)
c) Conclude from exercise 2.2 (b) that
3 · 163 + 2 · 16 + 1 = 17(3 · 162 − 3 · 16 + 5) − 4 .
(Hint: let x = 16.)

Exercise 2.5. a) Use unique factorization to show that any composite num-
√
ber n must have a prime factor less than or equal to n.
b) Use that fact to prove: If we apply Eratosthenes’ sieve to {2, 3, · · · n}, it
√
is sufficient to sieve out numbers less than or equal to n.

Exercise 2.6. We give an elementarya proof of Corollary 2.16.

b
a) Show that a · gcd(a,b) is a multiple of a.
a
b) Show that gcd(a,b) · b is a multiple of b.
ab
c) Conclude that gcd(a,b) is a multiple of both a and b and thus greater than
or equal to lcm (a,
 b). 
lcm (a,b)
d) Show that a/ lcmab (a,b)
= b is an integer. Thus lcmab
(a,b)
is a
divisor of a.
e) Similarly, show that lcmab(a,b)
is a divisor of b.
f) Conclude that lcmab
(a,b)
≤ gcd(a, b).
h) Finish the proof.
aThe word elementary has a complicated meaning, namely a proof that does not use some
at first glance unrelated results. In this case, we mean a proof that does not use unique factor-
ization. It does not imply that the proof is easier. Indeed, the proof in the main text seems much
easier once unique factorization is understood.

Exercise 2.7. It is possible to extend the definition of gcd and lcm to more
than two integers (not all of which are zero). For example gcd(24, 27, 54) =
3.
a) Compute gcd(6, 10, 15) and lcm (6, 10, 15).
b) Give an example of a triple whose gcd is one, but every pair of which
has a gcd greater than one.
c) Show that there is no triple {a, b, c} whose lcm equals abc, but every
pair of which has lcm less than the product of that pair. (Hint: consider
lcm (a, b) · c.)

Exercise 2.8. a) Give the prime factorization of the following numbers:

12, 392, 1043, 31, 128, 2160, 487.
b) Give the prime factorization of the following numbers: 12 · 392, 1043 ·
31, 128 · 2160.
c) Give the prime factorization of: 1, 250 000, 633 , 720, and the product of
the last three numbers.
2.6. Exercises 35

Exercise 2.9. Use the Fundamental Theorem of Arithmetic to prove:

a) Bézout’s Lemma.
b) Euclid’s Lemma.

Exercise 2.10. For positive integers m and n, suppose that mα = n. Show

that α = ba with gcd(a, b) = 1 if and only if
s s
m = ∏ pki i and n = ∏ p`i i with ∀ i : aki = b`i .
i=1 i=1

Exercise 2.11. Let E be the set of even numbers. Let a, c in E, then c is

divisible by a if there is a b ∈ E so that ab = c. Define a prime p in E as a
number in E such that there are no a and b in E with ab = p.
a) List the first 30 primes in E.
b) Does Euclid’s lemma hold in E? Explain.
c) Factor 60 into primes (in E) in two different ways.

Exercise 2.12. See exercise 2.11. Show that any number in E is a product
of primes in E. (Hint: follow the proof of Theorem 2.11, part (i).)

Exercise 2.13. See exercise 2.11 which shows that unique factorization
does not hold in E = {2, 4, 6, · · · }. The proof of unique factorization uses
Euclid’s lemma. In turn, Euclid’s lemma was a corollary of Bézout’s
lemma, which depends on the division algorithm. Where exactly does the
chain break down in this case?
Exercise 2.14. Let L = {p1 , p2 , · · · } be the list of all (infinitely many)
primes, ordered according ascending magnitude. Show that pn+1 ≤
∏ni=1 pi . (Hint: consider d = ∏ni=1 pi and let pn+1 be the smallest prime
divisor of d − 1. See the proof of Theorem 2.17.)
A much stronger version of exercise 2.14 is the so-called Bertrand’s Pos-
tulate. That theorem says that for every n ≥ 1, there is a prime in {n +
1, · · · , 2n}. It was proved by Chebyshev. Subsequently the proof was sim-
plified by Ramanujan and Erdös [2].
Exercise 2.15. Let p and q be primes greater than 3.
a) Show that Res12 (p) = r with r ∈ {1, 5, 7, 11}. (The same holds for q.)
b) Show that 24 | p2 − q2 . (Hint: use (a) to show that p2 = 24x + r2 and
check all cases.)
36 2. The Fundamental Theorem of Arithmetic

Exercise 2.16. A square full integer is an integer n that has a prime factor
and each prime factor occurs with a power at least 2. A square free integer
is an integer n such that each prime factor occurs with a power at most 1.
a) If n is square full, show that there are positive integers a and b such that
n = a2 b3 .
b) Show that every integer greater than one is the product of a square free
number and a square full number.

Exercise 2.17. Let L = {p1 , p2 , · · · } be the list of all primes, ordered ac-
cording ascending magnitude. The numbers En = 1 + ∏ni=1 pi are called
Euclid numbers.
a) Check the primality of E1 through E6 .
b) Show that En =4 3. (Hint: En − 1 is twice an odd number.)
c) Show that for n ≥ 3 the decimal representation of En ends in a 1. (Hint:
look at the factors of En .)

Exercise 2.18. Twin primes are a pair of primes of the form p and p + 2.
a) Show that the product of two twin primes plus one is a square.
b) Show that p > 3, the sum of twin primes is divisible by 12. (Hint: see
exercise 2.15)

Exercise 2.19. Show that there arbitrarily large gaps between successive
primes. More precisely, show that every integer in {n!+2, n!+3, · · · n!+n}
is composite for any n ≥ 2.
The usual statement for the fundamental theorem of arithmetic includes
only natural numbers n ∈ N (i.e. not Z) and the common proof uses in-
duction on n. We review that proof in the next two problems.
Exercise 2.20. a) Prove that 2 can be written as a product of primes.
b) Let k > 2. Suppose all numbers in {1, 2, · · · k} can be written as a product
of primes (or 1). Show that k + 1 is either prime or composite.
c) If in (b), k +1 is prime, then all numbers in {1, 2, · · · k +1} can be written
as a product of primes (or 1).
d) If in (b), k + 1 is composite, then there is a divisor d ∈ {2, · · · k} such
that k + 1 = dd 0 .
e) Show that the hypothesis in (b) implies also in this case, all numbers in
{1, 2, · · · k + 1} can be written as a product of primes (or 1).
f) Use the above to formulate the inductive proof that all elements of N can
be written as a product of primes.
2.6. Exercises 37

Exercise 2.21. The set-up of the proof is the same as in exercise 2.20. Use
induction on n. We assume the result of that exercise.
a) Show that n = 2 has a unique factorization.
b) Suppose that if for k > 2, {2, · · · k} can be uniquely factored. Then there
are primes pi and qi , not necessarily distinct, such that
s r
k + 1 = ∏ pi = ∏ qi .
i=1 i=1
c) Show that then p1 divides ∏ri=1 qi and so, Corollary 2.10 implies that
there is a j ≤ r such that p1 = q j .
d) Relabel the qi ’s, so that p1 = q1 and divide n by p1 = q1 . Show that
k+1 s r
= ∏ pi = ∏ qi .
q1 i=2 i=2
e) Show that the hypothesis in (b) implies that the remaining pi equal the
remaining qi . (Hint: qk1 ≤ k.)
f) Use the above to formulate the inductive proof that all elements of N can
be uniquely factored as a product of primes.
Here is a different characterization of gcd and lcm. We prove it as a corol-
lary of the prime factorization theorem.
Corollary 2.23. (1) A common divisor d > 0 of a and b equals gcd(a, b) if
and only if every common divisor of a and b is a divisor of d.
(2) Also, a common multiple d > 0 of a and b equals lcm (a, b) if and only
if every common multiple of a and b is a multiple of d.

Exercise 2.22. Use the characterization of gcd(a, b) and lcm (a, b) given
in the proof of Corollary 2.16 to prove Corollary 2.23.
38 2. The Fundamental Theorem of Arithmetic

Exercise 2.23. We develop the proof of Theorem 2.17 as it was given by

Euler. We start by assuming that there is a finite list L of k primes. We will
show in the following steps how that assumption leads to a contradiction.
We order the list according to ascending order of magnitude of the primes.
So L = {p1 , p2 , · · · , pk } where p1 = 2, p2 = 3, p3 = 5, and so forth, up to
the last prime pk .
a) Show that ∏ki=1 pip−1 i
is finite, say M.
b) Show that for r > 0,
!
k pi k 1 k 1 − p−r−1 k r
i −j
∏ = ∏ −1
> ∏ −1
= ∏ ∑ pi .
i=1 pi − 1 i=1 1 − pi i=1 1 − pi i=1 j=0
c) Use the fundamental theorem of arithmetic to show that there is an
α(r) > 0 such that
!
k r α(r)
1 1
∏ ∑ pj = ∑ ` +R,
i=1 j=0 i`=1
where R is a non-negative remainder.
d) Show that for all K there is an r such that α(r) > K.
e) Thus for any K, there is an r such that
!
k r K
1 1
∏ ∑ pj ≥ ∑ ` .
i=1 j=0 i `=1
f) Conclude with a contradiction between a) and e). (Hint: the harmonic
series ∑ 1` diverges or see exercise 2.24 c).)

Exercise 2.24. In this exercise we consider the Riemann zeta function for
real values of z greater than 1.
a) Show that for all x > −1, we have ln(1 + x) ≤ x.
b) Use Proposition 2.20 and a) to show that
p−z p−z p−z
 
ln ζ (z) = ∑ ln 1 + −z
≤ ∑ −z
≤ ∑ −z
.
p prime 1− p p prime 1 − p p prime 1 − 2

c) Use the following argument to show that limz&1 ζ (z) = ∞.

∞ ∞ Z ∞
∑ n−1 > ∑ n−z > 1
x−z dx .
n=1 n=1
(Hint: for the last inequality, see Figure 8.)
d) Show that b) and c) imply that ∑ p prime p−z diverges as z & 1.
e) Use (d) to show that — in some sense — primes are more frequent than
squares in the natural numbers. (Hint: ∑∞ −2 converges.)
n=1 n
2.6. Exercises 39

R∞
Figure 8. Proof that ∑∞ n=1 f (n) is greater than 1 f (x) dx if f is positive
and (strictly) decreasing.

Exercise 2.25. a) Let p be a fixed prime. Show that the probability that
two independently chosen integers in {1, · · · , n} are divisible by p tends to
1/p2 as n → ∞. Equivalently, the probability that they are not divisible by
p tends to 1 − 1/p2 .
b) Make the necessary assumptions, and show that the probability that two
two independently chosen integers
in {1, · · · , n} are not divisible by any
prime tends to ∏ p prime 1 − p−2 . (Hint: you need to assume that the
probabilities in (a) are independent and so they can be multiplied.)
c) Show that from (b) and Euler’s product formula, it follows that for 2
random (positive) integers a and b to have gcd(a, b) = 1 has probability
1/ζ (2) ≈ 0.61.
d) Show that for d > 1 and integers {a1 , a2 , · · · ad } that probability equals
1/ζ (d). (Hint: the reasoning is the same as in (a), (b), and (c).)
e) Show that for real d > 1:
1
Z ∞
1 < ζ (d) < 1 + x−d dx = 1 +
1 d
For the middle inequality, see Figure 9.
f) Show that for large d, the probability that gcd(a1 , a2 , · · · ad ) = 1 tends to
1.
Exercise 2.26. This exercise in based on exercise 2.25.
a) In the {−4, · · · , 4}2 \(0, 0) grid in Z2 , find out which proportion of the
lattice points is visible from the origin, see Figure 10.
b) Use exercise 2.25 (c) to show that in a large grid, this proportion tends
to 1/ζ (2).
c) Use exercise 2.25 (d) to show that as the dimension increases to infin-
ity, the proportion of the lattice points Zd that are visible from the origin,
increases to 1.
40 2. The Fundamental Theorem of Arithmetic

Figure 9. Proof that ∑∞n=1 f (n) (shaded in blue and green) minus f (1)
(shaded in blue) is less than 1∞ f (x) dx if f is positive and (strictly)
R

decreasing to 0.

Figure 10. The origin is marked by “×”. The red dots are visible from
×; between any blue dot and × there is a red dot. The picture shows
exactly one quarter of {−4, · · · , 4}2 \(0, 0) ⊂ Z2 .

2
Exercise 2.27. We note here that ζ (2) = π6 .
a) Show that the irrationality of π implies that ζ (2) is irrational.
b) Show that (a) and Proposition 2.20 yield another proof of the infinity of
primes.
Chapter 3

Linear Diophantine
Equations

Overview. A Diophantine equation is a polynomial equation in two or

more unknowns and for which we seek to know what integer solutions it
has. We determine the integer solutions of the simplest linear Diophantine
equation ax + by = c. The central element this reasoning is the Euclidean
algorithm. That algorithm has much wider applications. We discuss a few
of those.

3.1. The Euclidean Algorithm

Lemma 3.1. In the division algorithm of Lemma 2.2, we have gcd(r1 , r2 ) =
gcd(r2 , r3 ).

Proof. On the one hand, we have r1 = r2 q2 +r3 , and so any common divisor
of r2 and r3 must also be a divisor of r1 (and of r2 ). Vice versa, since
r1 − r2 q2 = r3 , we have that any common divisor of r1 and r2 must also be
a divisor of r3 (and of r2 ). 

Thus by calculating r3 , the residue of r1 modulo r2 , we have simplified

the computation of gcd(r1 , r2 ). This is because r3 is strictly smaller (in ab-
solute value) than both r1 and r2 . In turn, the computation of gcd(r2 , r3 ) can
be simplified similarly, and so the process can be repeated. Since the ri form

41
42 3. Linear Diophantine Equations

a monotone decreasing sequence in N, this process must end when rn+1 = 0

after a finite number of steps. We then have gcd(r1 , r2 ) = gcd(rn , 0) = rn .
Corollary 3.2. Given r1 > r2 > 0, apply the division algorithm until rn >
rn+1 = 0. Then gcd(r1 , r2 ) = gcd(rn , 0) = rn . Since ri is decreasing, the
algorithm always ends.
Definition 3.3. The repeated application of the division algorithm to com-
pute gcd(r1 , r2 ) is called the Euclidean algorithm.

We now give a framework to reduce the messiness of these repeated

computations. Suppose we want to compute gcd(188, 158). We do the
following computations:

188 = 158 · 1 + 30
158 = 30 · 5 + 8
30 = 8·3+6 ,
8 = 6·1+2
6 = 2·3+0
We see that gcd(188, 158) = 2. The numbers that multiply the ri are the
quotients of the division algorithm (see the proof of Lemma 2.2). If we call
them qi , the computation looks as follows:

r1 = r2 q2 + r3
r2 = r3 q3 + r4
.. .. ..
. . . , (3.1)
rn−3 = rn−2 qn−2 + rn−1
rn−2 = rn−1 qn−1 + rn
rn−1 = rn qn + 0
where we use the convention that rn+1 = 0 while rn 6= 0. Observe that with
that convention, (3.1) consists of n − 1 steps. A much more concise form
(in part based on a suggestion of Katahdin [30]) to render this computation
is as follows.
| qn | qn−1 | ··· | q3 | q2 |
(3.2)
0 | rn | rn−1 | ··· | r3 | r2 | r1 |
Thus, each step ri+1 | ri | is similar to the usual long division, except that
its quotient qi+1 is placed above ri+1 (and not above ri ), while its remainder
3.2. A Particular Solution of ax + by = c 43

ri+2 is placed all the way to the left of of ri+1 . The example we worked out
before, now looks like this:

| 3 | 1 | 3 | 5 | 1 |
(3.3)
0 | 2 | 6 | 8 | 30 | 158 | 188 |
There is a beautiful visualization of this process outlined in exercise 3.2.

3.2. A Particular Solution of ax + by = c

Another interesting way to encode the computations done in equations (3.1)
and (3.2), is via matrices.
    
ri−1 qi 1 ri
 =  . (3.4)
ri 1 0 ri+1
Denote the matrix in this equation by Qi . Its determinant equals −1, and so
it is invertible. In fact,
   
qi 1 0 1
Qi =   and Q−1 i =
 .
1 0 1 −qi
These matrices Qi are very interesting. We will use them again to study
the theory of continued fractions in Chapter 6. For now, as we will see in
Theorem 3.4, they give us an explicit algorithm to find a solution to the
equation r1 x + r2 y = r gcd(r1 , r2 ). Note that from Bézout’s lemma (Lemma
2.5), we already know this has a solution. But the next result gives us a
simple way to actually calculate a solution. In what follows Xi j means the
(i, j) entry of the matrix X.
Theorem 3.4. Give r1 and r2 , a solution for x and y of r1 x+r2 y = r gcd(r1 , r2 )
is given by
x = r Q−1 −1
and y = r Q−1 −1



n−1 · · · Q2 2,1 n−1 · · · Q2 2,2 .
44 3. Linear Diophantine Equations

Proof. Let ri , qi , and Qi be defined as above, and set rn+1 = 0. From equa-
tion (3.4), we have
       
ri r r r
  = Q−1i
 i−1
 =⇒ r  n−1
 = rQ−1 · · · Q−1  1  .
n−1 2
ri+1 ri rn r2
Observe that rn+1 = 0 and so gcd(r1 , r2 ) = rn and
    
rn−1 xn−1 yn−1 r
 =   1 .
rn xn yn r2
The theorem follows immediately by setting x = xn and y = yn . 

In practice, rather than multiplying all these matrices, it may be more

convenient to solve equation (3.1) or (3.2) “backward”, as the expression
goes. This can be done as follows. Start with
gcd(r1 , r2 ) = rn = rn−2 − rn−1 qn−1 ,
which follows from equation (3.1). The line above it in that same equation
gives rn−1 = rn−3 − rn−2 qn−2 . Use this to eliminate rn−1 in favor of rn−2
and rn−3 . So,

gcd(r1 , r2 ) = rn = rn−2 − (rn−3 − rn−2 qn−2 ) qn−1

= rn−2 (1 + qn−1 qn−2 ) + rn−3 (−qn−1 ) .

This computation can be done still more efficiently by employing the

notation of equation (3.2) again.

| + | − | + | − | + | ···
| qn | qn−1 | qn−2 | qn−3 | qn−4 | ···
0 | rn | rn−1 | rn−2 | rn−3 | rn−4 | ···
| 1 | | | | |
| 0 | −qn−1 | 1 | | |
| | | qn−1 qn−2 | −qn−1 | |
| | | | −qn−3 (1 + qn−1 qn−2 ) | 1 + qn−1 qn−2 | ···
The algorithm proceeds as follows. Number the columns from right to left,
so that ri (in row 1) and qi (in row 2) are in the ith column. (The signs in
row “0” serve only to keep track of the signs of the coefficients in row 3
and below.) In the first two rows, the algorithm proceeds from right to left.
3.3. Solution of the Homogeneous equation ax + by = 0 45

From ri−1 and ri determine qi and ri+1 by ri−1 = ri qi + ri+1 . The division
guarantees that these exist, but they may not be unique (see exercise 7.22).
In rows 3 and below, the algorithm proceeds from left to right. Each column
has at most two non-zero entries. Start with column n + 1 which has only
zeroes and column n which has one 1. The bottom non-zero entry of column
i equals the sum of column i + 1 times qi times (-1). The top non-zero entry
of column i equals the sum of the entries in column i + 2. Finally, we obtain
that rn = r2 x + r1 y, where x is the sum of the entries in the 2nd column
(rows 3 and below) and y, the sum of the entries (row 3 and below) of the
1st column.
Applying this to the example gives

| + | − | + | − | + | −
| 3 | 1 | 3 | 5 | 1 | 0
0 | 2 | 6 | 8 | 30 | 158 | 188
| 1 | | | | | (3.5)
| | −1 | 1 | | |
| | | 3 | −1 | |
| | | | −20 | 4 |
| | | | | 21 | −21
Adding the last two lines gives that 2 = 158(25) + 188(−21).

3.3. Solution of the Homogeneous equation ax + by = 0

Proposition 3.5. The general solution of the homogeneous equation r1 x +
r2 y = 0 is given by
r2 r1
x=k and y = −k ,
gcd(r1 , r2 ) gcd(r1 , r2 )
where k ∈ Z.

Proof. On the one hand, by substitution the expressions for x and y into the
homogeneous equation, one checks they are indeed solutions. On the other
hand, x and y must satisfy
r1 r2
x=− y.
gcd(r1 , r2 ) gcd(r1 , r2 )
46 3. Linear Diophantine Equations

The integers gcd(rri ,r ) (for i in {1, 2}) have greatest common divisor equal
1 2
to 1. Thus Euclid’s lemma applies and therefore gcd(rr1 ,r ) is a divisor of y
1 2
while gcd(rr2 ,r ) is a divisor of x. 
1 2

A different proof of this lemma goes as follows.The set of all solu- 

 
 r2

tion in R2 of r1 x + r2 y = 0 is given by the line ` := t   : t ∈R
 −r 
1
 
r1
orthogonal to  . To obtain all its lattice points (i.e., points that are also
r2
in Z2 ), both tr2 and −tr1 must be integers. The smallest positive number t
for which this is possible, is t = gcd(r1 ,r ) .
1 2

3.4. The General Solution of ax + by = c

Definition 3.6. Let r1 and r2 be given. The equation r1 x + r2 y = 0 is
called homogeneous1. The equation r1 x + r2 y = c when c 6= 0 is called
inhomogeneous. An arbitrary solution of the inhomogeneous equation is
called a particular solution. By general solution, we mean the set of all
possible solutions of the full (homogeneous or inhomogeneous) equation.

It is useful to have some geometric intuition relevant to the equation

   
r1 x
r1 x + r2 y = c. In R2 , we set ~r =  , ~x =  , etcetera. The standard
r2 y
inner product is written as (·, ·). The set of points in R2 satisfying the above
inhomogeneous equation thus lie on the line m ⊂ R2 given by (~r,~x) = c.
This line is orthogonal to the vector ~r and its distance to the origin (mea-
sured along the vector~r) equals √|c| . The situation is illustrated in Figure
(~r,~r)
11.
It is a standard result from linear algebra that the problem of finding
all solutions of a inhomogeneous equation comes down to to finding one
1The word “homogeneous” in daily usage receives the emphasis often on its second syllable (“ho-
MODGE-uhnus”). However, in mathematics, its emphasis is always on the third syllable (“ho-mo-GEE-
nee-us”). A probable reason for the daily variation of the pronunciation appears to be conflation with the
word “homogenous” (having the same genetic structure). For details, see wiktionary.
3.4. The General Solution of ax + by = c 47

solution of the inhomogeneous equation, and finding the general solution

of the homogeneous equation.
Lemma 3.7. Let (x(0) , y(0) ) be a particular solution of r1 x + r2 y = c. The
general solution of the inhomogeneous equation is given by (x(0) + z1 , y(0) +
z2 ) where (z1 , z2 ) is the general solution of the homogeneous equation r1 x +
r2 y = 0.

x
2
(r ,r )
1 2

(0) (0)
(x1,x2)
(0) (0)
(z1+x1,z +x2)
2
x
1

m
(z1,z2)
m’

Figure 11. The general solution of the inhomogeneous equation

(~r,~x) = c in R2 .

 
x(0)
Proof. Let   be that particular solution. Let m be the line given by
y(0)
 
−x(0)
(~r,~x) = c. Translate m over the vector   to get the line m0 . Then an
−y (0)
 
z1
integer point on the line m0 is a solution   of the homogeneous equation
z2
 
x(0) + z1
if and only if   on m is also an integer point (see Figure 11). 
y(0) + z2
48 3. Linear Diophantine Equations

Bézout’s Lemma says that r1 x + r2 y = c has a solution if and only if

gcd(r1 , r2 ) | c. Theorem 3.4 gives a particular solution of that equation (via
the Euclidean algorithm). Putting those results and Proposition 3.5 together,
gives our final result.
Corollary 3.8. Given r1 , r2 , and c, the general solution of the equation
r1 x + r2 y = c, where gcd(r1 , r2 ) | c, is the sum of a particular solution of
Theorem 3.4 and the general homogeneous solution of r1 x + r2 y = 0 of
Proposition 3.5.

3.5. Recursive Solution of x and y in the Diophantine

Equation
Theorem 3.4 has two interesting corollaries. The first is in fact stated in
the proof of that theorem, and the second requires a very short proof. We
will make extensive use of these two results in Chapter 6 when we discuss
continued fractions.
Corollary 3.9. Given r1 , r2 , and the successive quotients q2 through qn
as in equation (3.1). Then for i ∈ {3, · · · , n}, the solution for (xi , yi ) in
ri = r1 xi + r2 yi is given by:
   
ri r
−1  1 
  = Q−1
i · · · Q2 .
ri+1 r2

Corollary 3.10. Given r1 , r2 , and the successive quotients q2 through qn as

in equation (3.1). Then xi and yi of Corollary 3.9 can be solved as follows:
        
xi yi 0 1 xi−1 yi−1 x1 y1 1 0
 =   with  = .
xi+1 yi+1 1 −qi xi yi x2 y2 0 1

Proof. The initial condition follows, because

r1 = r1 · 1 + r2 · 0 .
r2 = r1 · 0 + r2 · 1
3.6. The Chinese Remainder Theorem 49

Notice that, by definition,

      
ri r1 xi + r2 yi x yi r
 = = i   1 .
ri+1 r1 xi+1 + r2 yi+1 xi+1 yi+1 r2
From Corollary 3.9, we now have that
       
ri r x yi x yi−1
  = Q−1
i
 i−1
 =⇒  i  = Q−1
i
 i−1 .
ri+1 ri xi+1 yi+1 xi yi
From this, one deduces the equations for xi+1 and yi+1 . 

We remark that the recursion in Corollary 3.10 can also be expressed

as
xi+1 = −qi xi + xi−1 .
yi+1 = −qi yi + yi−1

3.6. The Chinese Remainder Theorem

We now present an important generalization of these ideas. First we need a
small update of Definition 1.2.
Definition 3.11. Let {bi }ki=1 be non-zero integers. Their greatest common
divisor, gcd(b1 , · · · , bk ), is the maximum of the numbers that are divisors of
every bi ; their least common multiple, lcm (b1 , · · · , bk ), is the least of the
positive numbers that are multiples of of every bi .

Surprisingly, for this more general definition, the generalization of Corol-

lary 2.16 is false. For an example, see exercise 2.7. However, other impor-
tant properties do generalize.
Lemma 3.12. Let {bi }ki=1 be non-zero integers.
(i) If m is a common divisor of the bi , then m | gcd(b1 , · · · bk ).
(ii) If M is a common multiple of the bi , then lcm (b1 , · · · bk ) | M.

Proof. The proof follows from unique factorization and is similar to that of
k
Corollary 2.16. Suppose b j = ∏si=1 pi i j , where ki j ≥ 0. Set
mi = min ki j and Mi = max ki j ,
j j
50 3. Linear Diophantine Equations

Then
s s
gcd(b1 , · · · bk ) = ∏ pm
i
i
and lcm (b1 , · · · bk ) = ∏ pMi
i .
i=1 i=1
`
Any common divisor of the bi must be equal to ∏si=1 pi i with `i ≤ mi and
similar for common multiples. 
Theorem 3.13 (Chinese Remainder Theorem). Let n = ∏ki=1 bi , where bi
are positive integers such that gcd (b j , bi ) = 1 for i 6= j. The set of solutions
of
∀i ∈ {1, · · · , k} : z =bi ci
is given by
k
n n
z =n ∑ x jc j where xi satisfies xi =bi 1 .
j=1 bj bi

Proof. Note that gcd(n/bi , bi ) = 1. So by Bézout, there are xi and yi (for

i ∈ {1, · · · , k}) so that
n n
xi + bi yi = 1 ⇐⇒ xi =bi 1 .
bi bi
For these xi , we have
k
n
∑ b j x j =bi 1 .
j=1

Thus z = ∑kj=1 bnj x j c j is a particular solution. By Lemma 3.12, the homo-

geneous equation has solution z =n 0. The proof is completed by observing
that the general solution is the sum of a particular solution plus the solutions
to the homogeneous equation. 

3.7. Polynomials
In this section, we illustrate that the division and Euclidean algorithms have
much wider applications than just the integers, see also exercises 2.2 and
2.4.
Definition 3.14. A polynomial f in Q[x] of positive degree is irreducible
over Q if it cannot be written as a product of two polynomials in Q[x] with
positive degree. Recall (Definition 1.17) that f is minimal polynomial in
3.8. Exercises 51

Q[x] for ρ if f is a non-zero polynomial in Q[x] of minimal degree such that

f (ρ) = 0.
Definition 3.15. Let f and g in Q[x]. The greatest common divisor of f and
g, or gcd( f , g), is a polynomial in R[x] with maximal degree that is a factor
of both f and g. The least common multiple of f and g, or lcm ( f , g), is a
polynomial in Q[x] with minimal degree that has both f and g as factors.
Remark 3.16. If p is minimal for ρ, it must be irreducible, because if not,
one of its factors with smaller degree would also have ρ as a root.

We mention without proof (but see exercise 2.2) that in Q[x] the divi-
sion algorithm holds: given r1 and r2 , then there are q2 and r3 such that
r1 = r2 q2 + r3 such that degree(r3 ) < degree(r1 ) .
Remark 3.17. To make this valid without exceptions, we adopt the con-
vention that the degree of a non-zero constant equals 0, while the degree of
0 equals −∞. For example, if r1 = r2 = 1, the inequality for r3 still holds.
The student is likely already familiar with these facts.

It is important to understand that for this to work, division of coeffi-

cients is essential. For example, with coefficients in Z, we cannot express
2x2 + 1 as a multiple of 3x + 1 plus a remainder of smaller degree. However,
in Q[x] we can divide coefficients and thus follow the reasoning of Section
2.1 and show the following. See also exercise 3.22).
The gcd of two polynomials can be computed in the same two ways
we have seen before, and the proofs are the same. One is done by factor-
ing both polynomials and multiplying together the common factors to the
lowest power as in the proof of Corollary 2.23. Note though that factoring
polynomials is hard. The other is applying the Euclidean Algorithm as in
equation (3.1). An example is given in exercise 3.22. The relation between
lcm and gcd of two polynomials is the same as in the proof of Corollary
2.23.

3.8. Exercises
Exercise 3.1. Let ` be the line in R2 given by y = ρx, where ρ ∈ R.
a) Show that ` intersects Z2 if and only if ρ is rational.
b) Given a rational ρ > 0, find the intersection of ` with Z2 . (Hint: set
ρ = rr21 and use Proposition 3.5.)
52 3. Linear Diophantine Equations

Exercise 3.2. This problem was taken (and reformulated) from [24].
a) Tile a 188 by 158 rectangle by squares using what is called a
greedy algorithm a. The first square is 158 by 158. The remaining rec-
tangle is 158 by 30. Now the optimal choice is five 30 by 30 squares.
What remains is an 30 by 8 rectangle, and so on. Explain how this is a
visualization of equation (3.3). See Figure 12.
b) Consider equation (3.1) or (3.2) and use a) to show that
n
r1 r2 = ∑ qi ri2 .
i=2
(Hint: assume that r1 > r2 > 0, rn 6= 0, and rn+1 = 0.)
aBy “greedy” we mean that at every step, you choose the biggest square possible and as
many of them as possible. In general a greedy algorithm always makes a locally optimal choice.

158 30

30

30

30
158

30

30

6 8
6888

Figure 12. A ‘greedy’ (or locally best) algorithm to tile the the 188 ×
158 rectangle by squares. The 3 smallest — and barely visible —
squares are 2 × 2. Note how the squares spiral inward as they get
smaller. See exercise 3.13.

Exercise 3.3. In (3.1), assume that r1 > r2 > 0. What happens if you start
the Euclidean algorithm with r2 = r1 · 0 + r3 instead of r1 = r2 · q2 + r3 ?
3.8. Exercises 53

Exercise 3.4. Apply the Euclidean algorithm to find the greatest common
divisor of the following number pairs. (Hint: replace negative numbers by
positive ones. For the division algorithm applied to these pairs (r1 , r2 ), see
exercise 2.1)
a) 110 , 7.
b) 51 , −30.
c) −138 , 24.
d) 272 , 119.
e) 2378 , 1769.
f) 270 , 175560.

Exercise 3.5. Determine if the following Diophantine equations admit a

solution for x and y. If yes, find a (particular) solution. (Hint: Use one of
the algorithms in Section 3.2.)
a1) 110x + 7y = 13.
a2) 110x + 7y = 5.
b1) 51x − 30y = 6.
b2) 51x − 30y = 7.
c1) −138x + 24y = 7.
c2) −138x + 24y = 6.
d1) 272x + 119y = 54.
d2) 272x + 119y = 17.
e1) 2378x + 1769y = 300.
e2) 2378x + 1769y = 57.
f1) 270x + 175560y = 170.
f2) 270x + 175560y = 150.

Exercise 3.6. Find all solutions for x and y of the following (homogeneous)
Diophantine equations. (Hint: Use one of the algorithms in Section 3.2.)
a) 110x + 7y = 0.
b) 51x − 30y = 0.
c) −138x + 24y = 0.
d) 272x + 119y = 0.
e) 2378x + 1769y = 0.
f) 270x + 175560y = 0.

Exercise 3.7. Find the general solution for x and y in all problems of exer-
cise 3.5 that admit a solution. (Hint: use Corollary 3.8.)

Exercise 3.8. Use Corollary 3.10 to express xi and yi in the successive

remainders ri in each of the items in exercise 3.4. (Hint: you need to know
the qi for each item in exercise 3.4.)
54 3. Linear Diophantine Equations
 
r
 1
3
Exercise 3.9. Consider the line ` in R defined by `(ξ ) = r2  ξ , where
 
 
r3
ξ ∈ R and the ri are integers.
a) Show that `(ξ ) ∈ Z3 \{~0} if and only if ξ = gcd(r t,r ,r ) and t ∈ Z.
1 2 3
b) Show that this implies that if any of the ri is irrational, then ` has no
non-zero points in common with Z3 .

Definition 3.18. The sequence {Fi }∞

i=0 of Fibonacci numbers Fi is defined
as follows
F0 = 0 , F1 = 1 , ∀ i > 1 : Fi+1 = Fi + Fi−1 .

√
Exercise 3.10. Denote the golden mean , or 1+2 5 ≈ 1.618, by g.
a) Show that g2 = g + 1 and thus for n ∈ Z: gn+1 = gn + gn−1 .
b) Show that F3 ≥ g1 and F2 ≥ g0 .
n
c) Use induction to show that
 F√n+2≥ g for n > 0.
1+ 5
d) Use the fact that 5 log10 2 ≈ 1.045, to show that F5k+2 > 10k for
k ≥ 0.
Exercise 3.11. Consider the equations in (3.1) and assume that rn+2 = 0
and rn+1 > 0.
a) Show that rn+1 ≥ F2 = 1 and rn ≥ F3 = 2. (Hint: r(i) is strictly increas-
ing.)
b) Show that r1 ≥ Fn+2 .
c) Suppose r1 and r2 in N and max{r1 , r2 } < Fn+2 . Show that the Eu-
clidean Algorithm to calculate gcd(r1 , r2 ) takes at most n − 1 iterates of
the division algorithm.

Exercise 3.12. Use exercises 3.10 and 3.11 to show that the Euclidean
Algorithm to calculate gcd(r1 , r2 ) takes at most 5k − 1 iterates where
k is the number of decimal places of max{r1 , r2 }. (This is known as
Lamé’s theorem.)
3.8. Exercises 55

Exercise 3.13. Apply the greedy algorithm of exercise 3.2 (a) to the rec-
tangle whose sides have length 1 and g (see exercise 3.10 (a)). At step 0,
we start with the 1 × 1 square.
a) Use exercise 3.10 (a) to show at that step i, you get one g−i × g−i square
(see Figure 13).
b) Use exercise 3.2 (b) to show that g = ∑∞ −2i .
i=0 g
c) Use this construction, but now with a Fn+1 × Fn Fibonacci rectangle, to
show that Fn+1 Fn = ∑ni=1 Fi2 . For Fi , see Definition 3.18.
d) Show that in polar coordinates (r, θ ) the red spiral connecting the cor-
ners of the squares in Figure 13 is given by r = Cg2θ /π for some C.(Note:
this is called the golden spiral.)

1 1/g

1/g

1/g 2
1/g 3
3 2
1/g 1/g

Figure 13. The greedy algorithm of exercise 3.2 (a) applied to the
golden mean rectangle. The spiral connecting the corners of the square
is known as the golden spiral. (In actual fact we used a 55 by 34 rectan-
gle as an approximation. An approximation to a true spiral was created
by fitting circular segments to the corners.)

Exercise 3.14. a) Write the numbers 287, 513, and 999 in base 2, 3, and 7,
using the division algorithm. Do not use a calculating device. (Hint: start
with base 10. For example:
287 = 28 · 10 + 7
28 = 2 · 10 + 8
2 = 0 · 10 + 2
Hence the number in base 10 is 2 · 102 + 8 · 101 + 7 · 100 .)
b) Show that to write n in base b takes about logb n divisions.
56 3. Linear Diophantine Equations

Exercise 3.15. Use Theorem 3.13 to solve:

z =2 1
z =3 2
z =5 3
z =7 5.

Exercise 3.16. The Fibonacci numbers Fn are defined in Definition 3.18.

a) Use the method of equation (3.1) to show that gcd(Fn , Fn+1 ) = 1.
b) Determine the qi in (a).    n 
0 1 Fn−1 Fn
c) Use recursion to show that   = .
1 1 Fn Fn+1
d) Show that (c) implies that Fn+1 Fn−1 − Fn2 = (−1)n . (Hint: in (c) take
the determinant.)

Exercise 3.17. Use Theorem 3.13 to solve:

z =Fn Fn−1
z =Fn+1 Fn .
where Fn are the Fibonacci numbers of Definition 3.18. (Hint: you need to
use exercise 3.16 (a) and (d).)

Exercise 3.18. (The Chinese remainder theorem generalized.) Suppose

{bi }ni=1 are positive integers. We want to know all z that satisfy
z =bi ci for i ∈ {1, · · · n} .
a) Set B = lcm (b1 , b2 , · · · bn ) and show that the homogeneous problem is
solved by
z =B 0 .
b) Show that if there is a particular solution then
∀ i 6= j : ci =gcd(bi ,b j ) c j .
c) Formulate the general solution when the condition in (b) holds.

Exercise 3.19. Use exercise 3.18 to solve:

z =6 15
z =10 6
z =15 10 .
See also exercise 2.7.
3.8. Exercises 57

Exercise 3.20. There is a reformulation of the Euclidean algorithm that

will be very useful in Chapter 6.
a) Rewrite the example in Section 3.1 as follows.
30 188
= −1
158 158
8 158
= −5
30 30
6 30 .
= −3
8 8
2 8
= −1
6 6
Note that the right hand side is a fraction minus its integer part.
b) Now rewrite this again as
30 1
= −1
158 158/188
8 1
= −5
30 30/158
6 1 .
= −3
8 8/30
2 1
= −1
6 6/8

Exercise 3.21. a) Apply the Euclidean algorithm to (r1 , r2 ) =

(14142, 10000). (Hint: you should get (q2 , · · · , q10 ) =
(1, 2, 2, 2, 2, 2, 1, 1, 29).)
b) Show that for i ∈ {2, · · · , 8}:
 
ri+1 1 1
= − ,
ri ri−1 /ri ri−1 /ri
where bxc is the greatest integer less than or equal to x. (Hint: see also
exercise 3.20.)
58 3. Linear Diophantine Equations

Exercise 3.22. For this exercise, read Section 3.7 carefully. All polynomi-
als are in Q[x] (that is: with coefficients in Q). Let p1 (x) = x7 − x2 + 1,
p2 (x) = x3 + x2 , and e(x) = 2 − x.
a) Use the Euclidean Algorithm to determine gcd(p1 , p2 ). Hint: We list the
steps of the Euclidean algorithm:

(x7 − x2 + 1) = (x3 + x2 ) (x4 − x3 + x2 − x + 1) + (−2x2 + 1)

(x3 + x2 ) = (−2x2 + 1) (− 12 x − 21 ) + ( 12 x + 12 ) ,
(−2x + 1) = ( 12 x + 21 ) (−4x + 4)
2 + (−1)
( 12 x + 12 ) = (−1) (− 12 x − 12 ) + (0)
b) Explain why there are polynomials g p and h p such that
p1 (x)g p (x) + p2 (x)h p (x) = e(x) .
c) Use “backward solving” to find a particular solution of the equation in
(b).
d) Find the general (homogeneous) solution of
p1 (x)g0 (x) + p2 (x)h0 (x) = 0 .
e) Use (c) and (d) to give the general solution of the inhomogeneous equa-
tion (the one in (b)).

Exercise 3.23. All polynomials are in Q[x]. Let p(x) be a polynomial and
p0 (x) its derivative.
a) Show that if p(x) has a multiple root λ of order k > 1, then p0 (x) has
that same root of order k − 1. (Hint: Differentiate p(x) = h(x)(x − λ )k .)
b) Use exercise 3.22, to give an algorithm to find a polynomial q(x) that
has the same roots as p(x), but all roots are simple (i.e. no multiple roots).
(Hint: you need to divide p by gcd(p, p0 ).)

Exercise 3.24. Assume that every polynomial f of degree d ≥ 1 has at

least 1 root, prove the fundamental theorem of algebra. (Hint: let ρ be a
root and use the division algorithm to write f (x) = (x − ρ)q(x) + r where
r has degree 0.)
In Proposition 11.20, we will prove that every polynomial with complex
coefficients has at least one zero in C. Together with the result of exercise
3.24, this establishes the following important theorem.
Theorem 3.19 (Fundamental Theorem of Algebra). A polynomial in C[x]
(the set of polynomials with complex coefficients) of degree d ≥ 1 has ex-
actly d roots, counting multiplicity.
Exercise 3.25. Let f and p be polynomials in Q[x] with root ρ and suppose
that p is minimal (Definition 1.17). Show that p | f . (Hint: use the division
algorithm and 2.4 to write f (x) = p(x)q(x) + r(x) where r has degree less
than g.)
Chapter 4

Number Theoretic
Functions

Overview. We study number theoretic functions. These are functions de-

fined on the positive integers with values in C. In the context of number
theory, the value typically depends on the arithmetic nature of its argument
(i.e. whether it is a prime, and so forth), rather than just on the size of its
argument. An example is τ(n) which equals the number of positive divisors
of n.

4.1. Multiplicative Functions

Definition 4.1. Number theoretic functions, arithmetic functions, or
sequences are functions defined on the positive integers (i.e. N) with values
in C.

Note that outside number theory, the term sequence is the one that is
most commonly used. We will use these terms interchangeably.
Definition 4.2. A multiplicative function is a sequence such that gcd(a, b) =
1 implies f (ab) = f (a) f (b). A completely multiplicative function is one
where the condition that gcd(a, b) = 1 is not needed.

Note that completely multiplicative implies multiplicative (but not vice versa).
The reason this definition is interesting, is that it allows us to evaluate the

59
60 4. Number Theoretic Functions

value of a multiplicative function f on any integer as long as we can com-

pute f (pk ) for any prime p. Indeed, using the fundamental theorem of
arithmetic,
r r
if n = ∏ p`i i then f (n) = ∏ f (p`i i ) ,
i=1 i=1
as follows immediately from Definition 4.2.
Proposition 4.3. Let f be a multiplicative function on the integers. Then
F(n) = ∑ f (d)
d|n

is also multiplicative.

Proof. Let n = ∏si=1 p`i i . The summation ∑d|n f (d) can be written out using
the previous lemma and the fact that f is multiplicative:

F(n) = ∑`a11 =0 · · · ∑`ass =0 f (pa11 ) · · · f (par r )

 
= ∏si=1 ∑`aii =0 f (pai i ) .
Exercise 4.3 provides a visual explanation for the second equality.
Now let a and b two integers greater than 1 and such that gcd(a, b) = 1
and ab = n. Then by the unique factorization theorem a and b can be written
as:
r s
a = ∏ p`i i and b= ∏ p`i i
i=1 i=r+1
Applying the previous computation to a and b yields that f (a) f (b) = f (n).


Perhaps the simplest multiplicative functions are the ones where f (n) =
nk for some fixed k. Indeed, f (n) f (m) = nk mk = f (nm). In fact, this is a
completely multiplicative function. Thus Proposition 4.3 implies that the
functions σk defined below are multiplicative.
Definition 4.4. Let k ∈ R. The multiplicative function σk : N → R gives the
sum of the k-th power of the positive divisors of n. Equivalently:
σk (n) = ∑ d k .
d|n
4.1. Multiplicative Functions 61

Note that the multiplicativity of σk follows directly from Proposition 4.3.

Special cases are when k = 1 and k = 0. In the first case, the function
is simply the sum of the positive divisors and the subscript ‘1’ is usually
dropped. When k = 0, the function is usually called τ, and the function’s
value is the number of positive divisors of its argument.
Theorem 4.5. Let n = ∏ri=1 p`i i where the pi are primes. Then for k 6= 0
k(` +1)
!
r pi i − 1
σk (n) = ∏ ,
i=1 pki − 1
while for k = 0
r
σ0 (n) = τ(n) = ∏ (`i + 1) .
i=1

Proof. By Proposition 4.3, σk (n) is multiplicative, so it is sufficient to com-

pute for some prime p:
`
pk(`+1) − 1
σk (p` ) = ∑ pik = .
i=0 pk − 1
Thus σk (n) is indeed a product of these terms. 

However, there are other interesting multiplicative functions beside the

powers of the divisors. The Möbius function defined below is one of these,
as we will see.
Definition 4.6. The Möbius function µ : N → Z is given by:

 1 if n = 1


µ(n) = 0 if ∃p > 1 prime with p2 | n .

 (−1)r

if n = p1 · · · pr and pi are distinct primes

Definition 4.7. We say that n is square free if there is no prime p such that
p2 | n.
Lemma 4.8. The Möbius function µ is multiplicative.

Proof. By unique factorization, we are allowed to assume that

r s
n = ab where a = ∏ p`i i and b= ∏ p`i i .
i=1 i=r+1
62 4. Number Theoretic Functions

If a equals 1, then µ(ab) = µ(a)µ(b) = 1µ(b), and similar if b = 1. If either

a or b is not square free, then neither is n = ab, and so in that case, we again
have µ(ab) = µ(a)µ(b) = 0. If both a and b are square free, then r (in the
definition of µ) is strictly additive and so (−1)r is strictly multiplicative,
hence multiplicative. 

4.2. Additive Functions

Also important are the additive functions to which we will return in Chapter
12.
Definition 4.9. An additive function is a sequence such that gcd(a, b) = 1
implies f (ab) = f (a) + f (b). A completely addititive function is one where
the condition that gcd(a, b) = 1 is not needed.

Here are some examples.

Definition 4.10. Let ω(n) denote the number of distinct prime divisors of n
and let Ω(n) denote the total number of prime divisors of n. These functions
are called the prime omega functions.

So if n = ∏si=1 p`i i , then

s
ω(n) = s and Ω(n) = ∑ `i .
i=1
The additivity of ω and the complete additivity of Ω should be clear. By
way of example, since 72 = 23 · 32 , ω(72) = 2 while Ω(72) = 5.

4.3. Möbius inversion

Lemma 4.11. Define ε(n) ≡ ∑d|n µ(d). Then ε(1) = 1 and for all n > 1,
ε(n) = 0.

Proof. Lemma 4.8 says that µ is multiplicative. Therefore, by Proposition

4.3, ε is also multiplicative. It follows that ε(∏ri=1 p`i i ) can be calculated
by evaluating a product of terms like ε(p` ) where p is prime. For example,
when p is prime, we have
ε(p) = µ(1) + µ(p) = 1 + (−1) = 0 and
2 2
ε(p ) = µ(1) + µ(p) + µ(p ) = 1 − 1 + 0 = 0 .
4.3. Möbius inversion 63

Thus one sees that ε(p` ) is zero unless ` = 0. 

Lemma 4.12. For n ∈ N, define
(a, b) ∈ N2 : ∃ d > 0 such that d | n and ab = d

Sn ≡ and
n no
Tn ≡ (a, b) ∈ N2 : b | n and a | .
b
Then Sn = Tn .

Proof. Suppose (a, b) is in Sn . Then ab | n and so

ab = d
o n
=⇒ b | n and a | .
d|n b
And so (a, b) is in Tn . Vice versa, if (a, b) is in Tn , then by setting d ≡ ab,
we get 
b | n
n =⇒ d | n and ab = d .
a| 
b
And so (a, b) is in Sn . 
Theorem 4.13. (Möbius inversion) Let F : N → C be any number theoretic
function and µ the Möbius function. Then the following equation holds
F(n) = ∑ f (d)
d|n

if and only if f : N → C satisfies

 
d
f (d) = ∑ µ(a) F = ∑ µ(a) F (b) .
a|d
a {(a,b) : ab=d}

Proof. ⇐=: We show that substituting f gives F. Define H as

 
d
H(n) ≡ ∑ f (d) = ∑ ∑ µ(a) F .
d|n d|n a|d
a
Then we need to prove that H(n) = F(n). This proceeds in three steps. For
the first step we write ab = d, so that now
H(n) ≡ ∑ f (d) = ∑ ∑ µ(a) F (b) . (4.1)
d|n d|n ab=d
64 4. Number Theoretic Functions

For the second step we apply Lemma 4.12 to the set over which the sum-
mation takes place. This gives:
 

H(n) = ∑ ∑n µ(a) F(b) = ∑  ∑n µ(a) F(b) . (4.2)

b|n a| b b|n a| b
n


Finally, Lemma 4.11 implies that the term in parentheses equals ε b . This
equals 0, except when b = n when it equals 1. The result follows.

=⇒: By the previous part, we already know one solution for f if we

are given that F(n) = ∑d|n f (d). So suppose there are two solutions f and
g. We have:
F(n) = ∑ f (d) = ∑ g(d) .
d|n d|n
We show by induction on n that f (n) = g(n).
Clearly F(1) = f (1) = g(1). Now suppose that for i ∈ {1, · · · k}, we
have f (i) = g(i). Then
! !
F(k +1) = ∑ f (d) + f (k +1) = ∑ g(d) +g(k +1) .
d|(k+1), d≤k d|(k+1), d≤k

The desired equality for k + 1 follows from the induction hypothesis. 

Remark 4.14. It is important that multiplicativity plays no role in this ar-
gument.

4.4. Euler’s Phi or Totient Function

Definition 4.15. Euler’s phi function, also called Euler’s totient function is
defined as follows: ϕ(n) equals the number of integers in {1, · · · n} that are
relative prime to n.
Lemma 4.16 (Gauss’ Theorem). For n ∈ N: n = ∑d|n ϕ(d).

Proof. Define S(d, n) as the set of integers m between 1 and n such that
gcd(m, n) = d:
S(d, n) = {m ∈ N : m ≤ n and gcd(m, n) = d} .
4.4. Euler’s Phi or Totient Function 65

Since every for natural number m ≤ n has a unique gcd(m, n) which is a

divisor of n, we get
n = ∑ |S(d, n)| .
d|n
Because the definition of Sn can be rewritten as
n m n o
S(d, n) = m ∈ N : m ≤ n and gcd , =1 ,
d d
n


the cardinality |S(d, n)| of S(d, n) is given by ϕ d . Thus we obtain:
n
n = ∑ |S(d, n)| = ∑ ϕ .
d|n d|n
d
As d runs through all divisors of n in the last sum, so does dn . Therefore the
last sum is equal to ∑d|n ϕ(d), which proves the lemma. 
Theorem 4.17. Let ∏ri=1 p`i i be the prime power factorization of n. Then
ϕ(n) = n ∏ri=1 1 − p1i .

1
Proof. Apply Möbius inversion to Lemma 4.16:
d µ(a)
ϕ(d) = ∑ µ(a) = d∑ . (4.3)
a|d
a a|d
a

The functions µ and a → a1 are multiplicative. It is easy to see that the

product of two multiplicative functions is also multiplicative. Therefore ϕ
is also multiplicative (Proposition 4.3). Thus for n as given,
!
r r  
ϕ(n) = ϕ ∏ pi = ∏ ϕ p`i i .
`i
(4.4)
i=1 i=1
So it is sufficient to evaluate the function ϕ on prime powers. Noting that
the divisors of the prime power p` are {1, p, · · · p` }, we get from equation
(4.3)
`
µ(p j )
 
` ` ` 1
ϕ(p ) = p ∑ = p 1− .
j=0 pj p
Substituting this into equation (4.4) completes the proof. 

From this proof we obtain the following corollary.

Corollary 4.18. Euler’s phi function is multiplicative.
1There is a conceptually simpler — but in its details much more challenging — proof if you are familiar
with the inclusion-exclusion principle. We review that proof in exercise 4.12.
66 4. Number Theoretic Functions

4.5. Dirichlet and Lambert Series

We will take a quick look at some interesting series without worrying too
much about their convergence, because we are ultimately interested in the
analytic continuations that underlie these series. For that, it is sufficient that
there is convergence in any open non-empty region of the complex plane.
Definition 4.19. Let f , g, and F be arithmetic functions (see Definition
4.1). Define the Dirichlet convolution of f and g, denoted by f ∗ g, as
( f ∗ g)(n) ≡ ∑ f (a)g(b) .
ab=n

This convolution is a very handy tool. Similar to the usual convolution

of sequences, one can think of it as a sort of multiplication. It pays off to
first define a few standard number theoretic functions.
Definition 4.20. We use the following notation for certain standard se-
quences. The sequence ε(n) is 1 if n = 1 and otherwise returns 0, 1(n)
always returns 1, and I(n) returns n (so I(n) = n).

The function ε acts as the identity of the convolution. Indeed,

(ε ∗ g)(n) = ∑ ε(a)g(b) = g(n) .
ab=n
Note that I(n) is the identity as a function, but should not be confused with
the identity of the convolution (ε). In other words, I(n) = n but I ∗ f 6= f .
We can now do some very cool2 things of which we can unfortunately
give but a few examples. As a first example, the Möbius inversion of Theo-
rem 4.13
F(n) = ∑ f (d) ⇐⇒ f (d) = ∑ µ(a) F (b) ,
d|n {(a,b) : ab=d}

can be more succinctly translated as follows:

F = 1∗ f ⇐⇒ f = µ ∗F . (4.5)
This leads to the next example. The first of the following equalities holds
by Lemma 4.16, the second follows from Möbius inversion (4.5).
I = 1∗ϕ ⇐⇒ ϕ = µ ∗I. (4.6)
2A very unusual word in mathematics textbooks.
4.5. Dirichlet and Lambert Series 67

And the best of these examples is gotten by substituting the identity ε for F
in equation (4.5):
ε = 1∗ f ⇐⇒ f = µ ∗ε = µ . (4.7)
Thus µ is the convolution inverse of the sequence (1, 1, 1 · · · ). This imme-
diately leads to an unexpected3 expression for 1/ζ (z) of equation (4.8).
Definition 4.21. Let f (n) is an arithmetic function (or sequence). A Dirichlet
series is a series of the form F(z) = ∑∞ −z
n=1 f (n)n . Similarly, a Lambert series
∞ xn
is a series of the form F(x) = ∑n=1 f (n) 1−xn .

The prime example of a Dirichlet series is – of course – the Riemann

zeta function of Definition 2.19, ζ (z) = ∑ 1(n) n−z .
Lemma 4.22. For the product of two Dirichlet series we have
! !
∞
∑ f (n)n−z ∑ g(n)n−z = ∑ ( f ∗ g)(n) n−z .
n=1 n=1 n=1

Proof. This follows easily from re-arranging the terms in the product:
!
∞ ∞
f (a)g(b)
∑ (ab)z = ∑ ∑ f (a)g(b) n−z .
a,b≥1 n=1 ab=n

We collected the terms with ab = n. 

Can we find f (n) such that 1

ζ (z)
= ∑ f (n)(n) n−z ? Yes! Because Lemma
1
4.22 translates 1 = ζ (z) · ζ (z) as
ε = 1∗ f .
And equation (4.7) gives that f = µ, or
1 µ(n)
=∑ z . (4.8)
ζ (z) n≥1 n

Recall from Chapter 2 that one of the chief concerns of number theory
is the location of the non-real zeros of ζ . At stake is Conjecture 2.22 which
states that all its non-real zeros are on the line Re z = 1/2. The original
definition of the zeta function is as a series that is absolutely convergent
for Re z > 1 only. Equation (4.8) converges in that same region, and so
3The fact that this follows so easily, justifies the use of the word referred to in the previous footnote
68 4. Number Theoretic Functions

establishes that at least in Re z > 1 there are no zeroes. A (weak) partial

result in the direction of the Riemann Hypothesis!
It is also important to establish that the analytic continuation of ζ is
valid for all z 6= 1. The next result serves as a first indication that ζ (z) can
indeed be continued for values Re z ≤ 1.
Corollary 4.23. Let ζ be the Riemann zeta function and σk as in Definition
4.4, then
∞
σk (n)
ζ (z − k)ζ (z) = ∑ z
.
n=1 n

Proof.
ζ (z − k)ζ (z) = ∑ a−z ∑ bk b−z = ∑ n−z ∑ bk .
a≥1 b≥1 n≥1 b|n


Lemma 4.24. A Lambert series can re-summed as follows:
∞
xn ∞
∑ f (n) = ∑ (1 ∗ f )(n) xn .
1 − xn n=1
n=1

Proof. First use that

xb ∞
= ∑ xab .
1 − xb a=1
This gives that
xb ∞ ∞
∑ f (b) = ∑ ∑ f (b) xab .
1 − xb b=1
b=1 a=1
Now set n = ab and collect terms. Noting that (1 ∗ f )(b) = ∑b- n f (b) yields
the result. 
Corollary 4.25. The following equality holds
xn x
∑ ϕ(n) = .
n≥1 1−x n (1 − x)2
4.6. Exercises 69

Proof. We have
xn
∑ ϕ(n) 1 − xn = ∑ (1 ∗ ϕ)(n) xn = ∑ I(n) xn .
n≥1 n≥1 n≥1
The first equality follows from Lemma 4.24 and the second from Lemma
d
4.16. The last sum can be computed as x dx (1−x)−1 which gives the desired
expression. 

t/2

Figure 14. A one parameter family ft of maps from the circle to itself.
For every t ∈ [0, 1] the map ft is constructed by truncating the map x →
2x mod 1 as indicated in this figure.

The last result is of importance in the study of dynamical systems. In

figure 14, the map ft is constructed by truncating the map x → 2x mod 1
for t ∈ [0, 1]. Corollary 4.25 can be used to show that the set of t for which
ft does not have a periodic orbit has measure (“length”) zero [57, 58], even
though that set is uncountable.

4.6. Exercises
Exercise 4.1. Decide which functions are not multiplicative, multiplica-
tive, or completely multiplicative (see Definition 4.2).
a) f (n) = 1.
b) f (n) = 2.
c) f (n) = ∑ni=1 i.
d) f (n) = ∏ni=1 i.
e) f (n) = n.
f) f (n) = nk .
g) f (n) = ∑d|n d.
h) f (n) = ∏d|n d.
70 4. Number Theoretic Functions

Exercise 4.2. a) Let h(n) = 0 when n is even, and 1 when n is odd. Show
that h is multiplicative.
b) Now let H(n) = ∑d|n h(d). Show without using Proposition 4.3 that H is
multiplicative. (Hint: write a = 2k ∏ri=1 p`i i by unique factorization, where
the pi are odd primes. Compute the number of odd divisors. Similarly for
b.)
c) What does Proposition 4.3 say?

Exercise 4.3. In Figure 15 a large volume in R3 with coordinates x, y, and

z is chopped up into smaller rectangular boxes of dimensions xi by y j by
zk as indicated. See the proof of Proposition 4.3.
n3
a) Show that the volume of the big box equals ∑ni=1 1 n2
∑ j=1 ∑k=1 xi y j zk .
(Hint: add the volumes of the small boxes.)
b) Show that  the volume of the big box equals

 2
n1
xi ∑nj=1 y j ∑nk=1
3


∑i=1 zk . (Hint: compute the dimensions of
the big box.)

z4

z3

z2

z1 y
y2 3
y
x1 x2 x3 x4 1

Figure 15. Two ways of computing the volume of a big box: add the
volumes of the small boxes, or compute the dimensions of the big box.

Exercise 4.4. a) Compute the numbers σ1 (n) = σ (n) of Definition 4.4 for
n ∈ {1, · · · , 30} without using Theorem 4.5.
b) What is the only value n for which σ (n) = n?
c) Show that σ (p) = p + 1 whenever p is prime.
d) Use (c) and multiplicativity of σ to check the list obtained in (a).
e) For what values of n in the list of (a) is n | σ (n)? (Hint: 6 and 28.)

Exercise 4.5. a) Compute the numbers σ0 (n) = τ(n) of Definition 4.4 for
n ∈ {1, · · · , 30} without using Theorem 4.5.
b) What is the only value n for which τ(n) = 1?
c) Show that τ(p) = 2 whenever p is prime.
d) Use (c) and multiplicativity of τ to check the list obtained in (a).
4.6. Exercises 71

Exercise 4.6. a) Compute the numbers ϕ(n) of Definition 4.15 for n ∈

{1, · · · , 30} without using Theorem 4.17.
b) What is ϕ(p) when p is a prime?
c) How many positive numbers less than pn are not divisible by p?
d) Use (c) and multiplicativity of ϕ to check the list obtained in (a).

Exercise 4.7. a) Compute the numbers µ(n) of Definition 4.6 for n ∈

{1, · · · , 30}.
b) What is µ(p) when p is a prime?
c) Use (c) and multiplicativity of µ to check the list obtained in (a).

Exercise 4.8. Let τ(n) be the number of distinct positive divisors of n.

Answer the following question without using Theorem 4.5.
a) Show that τ is multiplicative.
b) If p is prime, show that τ(pk ) = k + 1.
c) Use the unique factorization theorem, to find an expression for τ(n) for
n ∈ N.
Exercise 4.9. Two positive integers a and b are called amicable if σ (a) =
σ (b) = a + b. The smallest pair of amicable numbers is is formed by 220
and 284.
a) Use Theorem 4.5 to show that 220 and 284 are amicable.
b) The same for 1184 and 1210.

Exercise 4.10. A positive integer n is called perfect if σ (n) = 2n.

a) Show that n is perfect if and only if the sum of its positive divisors less
than n equals n.
b) Show that if p and 2 p − 1 are primes, then n = 2 p−1 (2 p − 1) is perfect.
(Hint: use Theorem 4.5 and exercise 4.4(c).)
c) Use exercise 1.14 to show that if 2 p − 1 is prime, then p is prime, and
thus n = 2 p−1 (2 p − 1) is perfect.
d) Check that this is consistent with the list in exercise 4.4.
72 4. Number Theoretic Functions

Exercise 4.11. Draw the following directed graph G: the set of vertices
V represent 0 and the natural numbers between 1 and 50. For a, b ∈ V , a
directed edge ab exists if σ (a) − a = b. Finally, add a loop at the vertex
representing 0. Notice that every vertex has 1 outgoing edge, but may have
more than 1 incoming edge.
a) Find the cycles of length 1 (loops). The non-zero of these represent per-
fect numbers.
b) Find the cycles of length 2 (if any). A pair of numbers a and b that
form a cycle of length 2 are called amicable numbers. Thus for such a pair,
σ (b) − b = a and σ (a) − a = b.a
c) Find any longer cycles. Numbers represented by vertices in longer cy-
cles are called sociable numbers.
d) Find numbers whose path ends in a cycle of length 1. These are called
aspiring numbers.
e) Find numbers (if any) that have no incoming edge. These are called un-
touchable numbers.
f) Determine the paths starting at 2193 and at 562. (Hint: both end in a
cycle (or loop).)
aAs of 2017, about 109 amicable number pairs have been discovered.

A path through this graph is called an aliquot sequence. The so-called

Catalan-Dickson conjecture says that every aliquot sequence ends in some
finite cycle (or loop). However, even for a relatively small number such as
276, it is unknown (in 2017) whether its aliquot sequence ends in a cycle.
4.6. Exercises 73

Exercise 4.12. In this exercise, we give a different proof of Theorem 4.17.

It uses the principle of inclusion-exclusion [47]. We state it here for com-
pleteness. Let S be a finite set with subsets A1 , A2 , and so on through Ar .
Then, if we denote the cardinality of a set A by |A|,
r
Ai = |S| − |S1 | + |S2 | − · · · + (−1)r |Sr | ,
[
S− (4.9)
i=1
where |S` | is the sum of the sizes of all intersections of ` members of
{A1 , · · · Ar }.
Now, in the following we keep to these conventions. Using prime factor-
ization, write
n = ∏ri=1 pki i ,
Ai = {z ∈ S | pi divides z} .
S = {1, 2 · · · n} and R = {1, 2 · · · r} ,
I` ⊆ R such that |I` | = ` .
Sr
a) Show that ϕ(n) = S − i=1 Ai . (Hint: any number that is not co-prime
with n is a multiple of at least one of the pi .)
b) Show that Ai = pni .
T 1
c) Show that i∈I` Ai = n ∏i∈I`
pi . (Hint: use Lemma 3.12.)
d) Show that S` = n ∑I` ⊆R ∏i∈I` p1i .
e) Show that the principle of inclusion-exclusion implies that S −
Sr r ` 1
i=1 Ai = n + n ∑`=1 (−1) ∑I` ⊆R ∏i∈I` pi .
1 1
f) Show that n + n ∑r`=1 (−1)` ∑I` ⊆R ∏i∈I` pi = n ∏ri=1 (1 −
pi ) . Notice
that this implies Theorem 4.17. (Hint: write out the product ∏ri=1 (1 − p1i ).)

Exercise 4.13. Let F(n) = n = ∑d|n f (n). Use the Möbius inversion for-
mula (or f (n) = ∑d|n µ(d)F( dn )) to find f (n). (Hint: substitute the Möbius
function of Definition 4.6 and use multiplicativity where needed.)

Exercise 4.14. a) Compute the sets Sn and Tn of Lemma 4.12 explicitly for
n = 4 and n = 12.
b) Perform the resummation done in equations 4.1 and 4.2 explicitly for
n = 4 and n = 12.
74 4. Number Theoretic Functions

Exercise 4.15. Recall the definition of Dirichlet convolution f ∗ g of the

arithmetic functions f and g (Definition 4.19).
a) Show that the set A of arithmetic functions with addition forms an
Abelian group (see Definition 5.19).
b) Show that Dirichlet convolution is associativea, that is:
( f ∗ g) ∗ h = f ∗ (g ∗ h) .
c) Show that Dirichlet convolution is distributive over addition, that is:
f ∗ (g + h) = f ∗ g + f ∗ h .
d) The binary operation Dirichlet convolution has an identity ε (Definition
4.20), defined by
f ∗ε = ε ∗ f = f .
Show that the function ε of Lemma 4.11 is the identity of the convolution.
e) Show that Dirichlet convolution is commutative, that is:
f ∗g = g∗ f .
(Note: In this exercise we proved that the set of arithmetic functions with
addition and convolution is a commutative ring, see Definitions 5.20 and
5.26. This ring is sometimes called the Dirichlet ring .)

aAssociativity is a property whose importance is sometimes hush-hushed a bit. We chose

to elaborate it, see exercise 5.23

Exercise 4.16. Use exercise 4.15 to prove the following:

a) Show that the Dirichlet convolution of two multiplicative functions is
multiplicative.
b) Show that the sum of two multiplicative functions is not necessarily
multiplicative. (Hint: ε + ε.)

Exercise 4.17. See Definition 4.10. Define f (n) ≡ τ(n2 ) and g(n) ≡ 2ω(n) .
a) Compute ω(n), f (n), and g(n) for n equals 10n and 6!.
b) For p prime, show that τ(p2k ) = ∑d|pk 2ω(d) = 2k + 1. (Hint: use The-
orem 4.5.)
c) Show that f is multiplicative. (Hint: use that τ is multiplicative.)
d) Use (d) to show that g is multiplicative.
e) Show that
τ(n2 ) = ∑ 2ω(d) .
d|n
4.6. Exercises 75

Exercise 4.18. Let S(n) denote the number of square free divisors of n
with S(1) = 1 and ω(n) the number of distinct prime divisors of n. See
also Definition 4.10.
a) Show that S(n) = ∑d|n |µ(d)|. (Hint: use Definition 4.6.)
b) Show that S(n) = 2ω(n) . (Hint: let W be the set of prime divisors of
n. Then every square free divisor corresponds to a subset — product — of
those primes. How many subsets of primes are there in W ?)
c) Conclude that
∑ |µ(d)| = 2ω(n) .
d|n

Exercise 4.19. Define the Liouville λ -function by λ (1) = 1 and λ (n) =

(−1)Ω(n) .
a) Compute λ (10n ) and λ (6!).
b) Show that λ is multiplicative. (Hint: Ω(n) is completely additive.)
c) Use Proposition 4.3 to show that F(n) = ∑d|n λ (d) is multiplicative.
d) For p prime, show that
k
∑ λ (d) = ∑ (−1)i
d|pk i=0

which equals 1 if k is even and 0 if k is odd.

e) Use (c) and (d) to conclude that
if n = m2 .
n
F(n) = ∑ λ (d) = 1
d|n
0 else

Exercise 4.20. Let f be a multiplicative function.

Define q(n) ≡ ∑d|n µ(d) f (d), where µ is the Möbius function.
a) Show that f (1) = 1.
b) Show that f µ (their product) is multiplicative.
c) Use Proposition 4.3 to show that q(n) is multiplicative.
d) Show that if p is prime, then q(pk ) = f (1) − f (p) = 1 − f (p).
e) Use (c) and (d) to show that
q(n) = ∑ µ(d) f (d) = ∏ (1 − f (p)) .
d|n p prime, p|n

Exercise 4.21. Use exercise 4.20 (e) and the definition of ω in exercise
4.17 and λ in exercise 4.19 to show that
∑ µ(d)λ (d) = 2ω(n) .
d|n
76 4. Number Theoretic Functions

Exercise 4.22. a) Show that for all n ∈ N, µ(n)µ(n+1)µ(n+2)µ(n+3) =

0. (Hint: divisibility by 4.)
b) Show that for any integer n ≥ 3, ∑nk=1 µ(k!) = 1. (Hint: use (a).)

Exercise 4.23. a) Use Euler’s product formula and the sequence µ of Def-
inition 4.6 to show that
!
1 −z

i −iz
= 1− p = ∏ ∑ µ(p )p .
ζ (z) p ∏prime p prime i≥0
b) Without using equation (4.7), prove that the expression in (a) equals
∑n≥1 µ(n) n−z . (Hint: since µ is multiplicative, you can write a proof
re-arranging terms as in the first proof of Euler’s product formula.)

Exercise 4.24. a) Use equation (4.8) to show that

ζ (z − 1) a µ(b)
=∑ z ∑ z
.
ζ (z) a≥1 a b≥1 b
b) Show that I ∗ µ = ϕ.
c) Use Lemma 4.22, (a), and (b) to show that
ζ (z − 1) ϕ(n)
=∑ z .
ζ (z) n≥1 n

Exercise 4.25. a) Use Corollary 4.23 to show that

σk (a) µ(b)
ζ (z − k) = ∑ z ∑ z
.
a≥1 a b≥1 b
b) Show that
ζ (z − k) = ∑ (σk ∗ µ)(n) n−z ,
n≥1
where ∗ means the Dirichlet convolution (Definition 4.19).

Exercise 4.26. Show that ζ (z) has no zeroes and no poles in the region
ℜ(z) > 1. (Hint: use that ζ (z) converges for ℜ(z) > 1 and (4.8).)
Chapter 5

Modular Arithmetic and

Primes

Overview. We return to the study of primes in N. This is related to the

study of modular arithmetic (the properties of addition and multiplication
in Zb ), because a ∈ N is a prime if and only if there are no non-trivial divi-
sors or, expressed differently, there is no 0 < b < a so that a =b 0. Modular
arithmetic concerns itself with computations involving addition and mul-
tiplication in Z modulo b, denoted by Zb , i.e. calculations with residues
modulo b (see Definition 1.8). One common way of looking at this is to
consider integers x and y that differ by a multiple of b as equivalent (see
exercise 5.1). We write x ∼ y. One then proves that the usual addition and
multiplication is well-defined for these equivalence classes. This is done in
exercise 5.2.

5.1. Euler’s Theorem and Primitive Roots

The order of an element g is the smallest positive integer k such that g ∗ g ∗
· · · ∗ g, repeated k times and usually written as gk , equals e. One can show
that the elements {e, g, g2 , · · · , gk−1 } also form a group (Definition 5.19).
More details can be found in [22], [43], or [27]. In the case at hand, Zb , we
have a structure with two operations, namely addition with identity element
0 and multiplication with identity element 1. We could therefore define
the order of an element in Zb with respect to addition and with respect to

77
78 5. Modular Arithmetic and Primes

multiplication. As an example, we consider the element 3 in Z7 :

3 + 3 + 3 + 3 + 3 + 3 + 3 =7 0 and 3 · 3 · 3 · 3 · 3 · 3 =7 1 .
The first gives 7 as the additive order of 3, and the second gives 6 for the
multiplicative order. For our current purposes, however, it is sufficient to
work only with the multiplicative version.
Definition 5.1. The (multiplicative) order of a modulo b, written as Ord×
b (a),
is the smallest positive number k such that ak =b 1. (If there is no such k,
the order is ∞.)

Recall that ϕ denotes Euler’s phi or totient function (Definition 4.15).

Definition 5.2. i) A complete set of residues C modulo b is a set of b inte-
gers in Z, such C has exactly one integer in each congruence class (modulo
b).
ii) A reduced set of residues R modulo b is a set of ϕ(b) integers in Z, such R
has exactly one integer in each class congruent to a ∈ {1, · · · b − 1} (modulo
b) such that a is relatively prime to b (gcd(a, b) = 1).

As an example, the set {0, 1, 2, · · · , 11} is a complete set of residues

modulo 12, while {1, 5, 7, 11} is a reduced set of residues modulo 12.
Lemma 5.3. Suppose gcd(a, b) = 1. If the numbers {xi } form a complete
set of residues modulo b (reduced set of residues modulo b), then {axi } is a
complete set of residues modulo b (reduced set of residues modulo b).

Proof. Let {xi } be a complete set of residues modulo b. Then the b numbers
{axi } form complete set of residues unless two of them are congruent. But
that is impossible by Theorem 2.7.
Let {xi } be a reduced set of residues modulo b. Then, as above, no two
of the ϕ(b) numbers {axi } are congruent modulo b. Furthermore, Lemma
2.15 implies that if gcd(a, b) = 1 and gcd(xi , b) = 1, then gcd(axi , b) = 1.
Thus the set {axi } is a reduced set of residues modulo b. 
Theorem 5.4 (Euler). Let a, b > 1 and gcd(a, b) = 1. Then aϕ(b) =b 1.
ϕ(b)
Proof. Let {xi }i=1 be a reduced set of residues modulo b. Then by Lemma
ϕ(b)
5.3, {axi }i=1 is a reduced set of residues modulo b. Because multiplication
5.1. Euler’s Theorem and Primitive Roots 79

is commutative, we get
ϕ(b) ϕ(b) ϕ(b)
∏ xi =b ∏ axi =b aϕ(b) ∏ xi
i=1 i=1 i=1
 
ϕ(b)
Since gcd(xi , a) = 1, Lemma 2.15 implies that gcd ∏i=1 xi , a = 1. The
cancelation theorem applied to the equality between the first and third terms
proves the result. 

Euler’s theorem says that ϕ(b) is a multiple of Ord× b (a). But it does
not say what multiple. In fact, in practice, that question is difficult to decide.
It is of theoretical importance to decide when the two are equal.
Definition 5.5. Let a and b positive integers with gcd(a, b) = 1. If Ord×
b (a) =
ϕ(b), then a is called a primitive root modulo b.

For example, the smallest integer k for which 3k =7 1 is 6. Since ϕ(7) =

6, we see that 3 is a primitive root of 7. Since multiplication is well-defined
in Z7 , it follows that (3 + 7k)6 =7 36 =7 1. Thus {· · · − 4, 3, 10, · · · } are all
primitive roots of 7. The only other non-congruent primitive root of 7 is 5.
Not all numbers have primitive roots. For instance, 8 has none.
The importance of the notion of primitive root is perhaps more easily
remembered via the next lemma.
Lemma 5.6. a is a primitive root modulo b if and only if the orbit
ϕ(b)
{ai mod b}i=1 contains all reduced residues modulo b.
ϕ(b)
Proof. If a is a primitive root, then all values of {ai mod b}i=1 must be
distinct, because if ai = a j for some i > j in {1, · · · , ϕ(b)}, then ai− j =b 1,
contradicting that a is a primitive root.
We prove the contrapositive1 of the other direction. If ai =b 1 for some
positive i less than ϕ(b), then ai+1 =b a and the numbers start repeating so
ϕ(b)
that {ai mod b}i=1 cannot contain all reduced residues modulo b. 

The salient fact about prime roots is that we know exactly when they
occur. An accessible proof of Theorem 5.7 (i) can be found in [15]chapter
8 and part (ii) in [4]chapter 10.
1The contrapositive of (P ⇒ Q) is (qQ ⇒qP) (or: not Q implies not P) and holds if and only if the
former holds.
80 5. Modular Arithmetic and Primes

Theorem 5.7. i) An integer n has a primitive root if and only if n equals 1,

2, 4, pk , or 2pk , where p is an odd prime and k ≥ 1.
ii) If n has a primitive root g, then it has ϕ(ϕ(n)) primitive roots given by
gi for every i such that gcd(i, ϕ(n)) = 1.

The primitive root also has interesting connections with day-to-day

arithmetic, namely the expression of rational numbers in any base. We use
base 10 as an example.
Proposition 5.8. Let a and n greater than 0 and gcd(a, n) = gcd(10, n) = 1.
The expansion of a/n in base 10 is non-terminating and eventually periodic
with period p, where (i) p = Ord×n (10) and (ii) p | ϕ(n).

Proof. The proof proceeds by executing a long division, each step of which
uses the division algorithm. Start by reducing a modulo n and call the result
r0 .
a = nq0 + r0 ,
where r0 ∈ {0, · · · n−1}. Lemma 3.1 implies that gcd(a, n) = gcd(r0 , n) = 1.
So in particular, r0 6= 0. The integer part of a/n is q0 . The next step of the
long division is:
10r0 = nq1 + r1 ,
where again we choose r1 ∈ {0, · · · n − 1}.
Note that 0 ≤ 10r0 < 10n and so q1 ∈ {0, · · · 9}. We now record the first
digit “after the decimal point” of the decimal expansion: q1 . By Lemma 3.1,
we have gcd(10r0 , n) = gcd(r1 , n). In turn, this implies via Lemma 2.15 that
gcd(r0 , n) = gcd(r1 , n). And again, we see that r1 6= 0.
The process now repeats itself.
10 (10r0 − nq1 ) = nq2 + r2 ,
| {z }
r1
and we record the second digit after the decimal dot, q2 ∈ {0, · · · 9}. By the
same reasoning, gcd(r2 , n) = 1 and so r2 6= 0. One continues and proves by
induction that gcd(ri , n) = 1. In particular, ri 6= 0, so the expansion does not
terminate.
Since the remainders ri are in {1, · · · n − 1}, the sequence must be
eventually periodic with (least positive) period p. At that point, we have
10k+p r0 =n 10k r0 .
5.2. Fermat’s Little Theorem and Primality Testing 81

By Theorem 2.7, we can cancel the common factors 10k and r0 , and we
obtain that 10 p =n 1. Since p is the least such (positive) number, we have
proved (i). Item (ii) follows directly from Euler’s Theorem. 

Of course, this proposition easily generalizes to computations in any

other base b. As an en example, we mention that if gcd(a, n) = 1 and b is a
primitive root of n, then the expansion of a/b has period ϕ(n).
The next result follows by setting y = x + kϕ(b) in ay and applying
Euler’s theorem. It has important applications in cryptography.
Corollary 5.9. Let a and b be coprime with b > 1.
x =ϕ(b) y =⇒ ax =b ay .

5.2. Fermat’s Little Theorem and Primality Testing

Euler’s theorem has many other important consequences. It implies what
is known as Fermat’s little theorem, although it was not proved by Fermat
himself, since, as he writes in the letter in which he stated the result, he
feared “its being too long” [15][Section 5.2]. Not an isolated case, it would
appear!
Corollary 5.10 (Fermat’s little theorem). If p is prime and gcd(a, p) = 1,
then a p−1 = p 1.

This follows from Euler’s Theorem by noticing that for a prime p,

ϕ(p) = p − 1. There is an equivalent formulation which allows p to be
a divisor of a. Namely, if p is prime, then a p = p a. Notice that if p | a, then
both sides are congruent to 0.
Primes are of great theoretical and practical value (think of encryption,
for example). Algorithms for primality testing are therefore very useful.
The simplest test to find out if some large number n is prime, consists of
course of applying some version of Eratosthenes’ sieve to the positive inte-
√
gers less than or equal to n. To carry this out, we will have to perform on
√
the order of n divisions.
Another possibility is to use the converse of Fermat’s little theorem
(Corollary 5.10). If n and p are distinct primes, we know that pn−1 =n 1.
The Fermat primality test for n consists of testing, for example, whether
82 5. Modular Arithmetic and Primes

2n−1 =n 1. If that fails, we know that n is not prime. However, the converse
of Fermat’s little theorem is not true! So even if 2n−1 =n 1, it could be that
n is not prime; we will discuss this possibility at the end of this section. As
it turns out, primality testing via Fermat’s little theorem can be done much
faster than the naive method, provided one uses fast modular exponentiation
algorithms. We briefly illustrate this technique by computing 11340 modulo
341.
Start by expanding 340 in base 2 as done in exercise 3.14, where it was
shown that this takes on the order of log2 340 (long) divisions.

340 = 170 · 2 + 0
170 = 85 · 2 + 0
85 = 42 · 2 + 1
42 = 21 · 2 + 0
21 = 10 · 2 + 1
10 = 5·2+0
5 = 2·2+1
2 = 1·2+0
1 = 0·2+1
And so
340 = 101010100 in base 2 .
i
Next, compute a table of powers 112 modulo 341, as done below. This
can be done using very few computations. For instance, once 118 =341 143
has been established, the next up is found by computing 1432 modulo 341,
5.2. Fermat’s Little Theorem and Primality Testing 83

which gives 330, and so on. So this takes about log2 340 multiplications.

0 111 =341 11
0 112 =341 121
1 114 =341 319
0 118 =341 143
1 1116 =341 330
0 1132 =341 121
1 1164 =341 319
0 11128 =341 143
1 11256 =341 330
The first column in the table thus obtained now tells us which coefficients
in the second we need to compute the result.
11340 =341 330 · 319 · 330 · 319 =341 132 .
Again, this takes no more than log2 340 multiplications. Thus altogether, for
a number n and a computation in base b, this takes on the order of 2 logb n
multiplications plus logb n divisions2. For large numbers, this is much more
√
efficient than the n of the naive method.
As mentioned, the drawback is that we can get false positives. While
there are partial converses to Fermat’s little theorem, they do not yield com-
putationally efficient improvements (see exercise 5.20).
Definition 5.11. The number n ∈ N is called a pseudoprime to the base b
if gcd(b, n) = 1 and bn−1 =n 1 but nonetheless n is composite. (When the
base is 2, the clause to the base 2 is often dropped.)

Some numbers pass all tests to every base and are still composite.
These are called Carmichael numbers. The smallest Carmichael number
is 561. It has been proved [44] that there are infinitely many of them.
Definition 5.12. The number n ∈ N is called a Carmichael number if it is
composite and it is a pseudoprime to every base.
2Divisions take more computations than multiplications. We do not pursue this here.
84 5. Modular Arithmetic and Primes

The smallest pseudoprime is 341, because 2340 =341 1 while 341 =

11 · 31. In this case, one can still show that 341 is not a prime by using a
different base: 3340 =341 56. Thus by Fermat’s little theorem, 341 cannot
be prime.
The reason that the method sketched here is still useful is that pseu-
doprimes are very much rarer than primes. The numbers below 2.5 · 1010
contain on the order of 109 primes. At the same time, this set contains only
21853 pseudoprimes to the base 2. There are only 1770 integers below
2.5 · 1010 that are pseudoprime to the bases 2, 3, 5, and 7. Thus if a number
passes these four tests, it is overwhelmingly likely that it is a prime.

5.3. Fermat and Mersenne Primes

Through the ages, back to early antiquity, people have been fascinated by
numbers, such as 6, that are the sum of their positive divisors other than
itself, to wit: 6=1+2+3. Mersenne and Fermat primes, primes of the form
2k ± 1, have also attracted centuries of attention. Note that if p is a prime
other than 2, then pk ± 1 is divisible by 2 and therefore not a prime.
Definition 5.13. (i) The Mersenne numbers are Mk = 2k − 1. A Mersenne
prime is a Mersenne number that is also prime.
k
(ii) The Fermat numbers are Fk = 22 + 1. A Fermat prime is a Fermat
number that is also prime.
(iii) The number n ∈ N is called a perfect, if σ (n) = 2n.
Lemma 5.14. (i) If ab = k, then (2b − 1) | (2k − 1).
(ii) If ab = k and a is odd, then (2b + 1) | (2k + 1).

Proof. We only prove (ii); (i) can be proved similarly. So suppose that a is
odd, then
2b =2b +1 −1 =⇒ 2ab =2b +1 (−1)a =2b +1 −1 =⇒ 2ab + 1 =2b +1 0
which proves the statement. Notice that this includes the case where b = 1.
In that case, we have 3 | (2a + 1) (whenever a odd). 

A proof using geometric series can be found in exercise 1.14. This

lemma immediately implies the following.
Corollary 5.15. i) If 2k − 1 is prime, then k is prime.
ii) If 2k + 1 is prime, then k = 2r .
5.3. Fermat and Mersenne Primes 85

So candidates for Mersenne primes are the numbers 2 p − 1 where p is

prime. This works for p ∈ {2, 3, 5, 7}, but 211 − 1 = 2047 is the monkey-
wrench. It is equal to 23 · 89 and thus is composite. After that, the Mersenne
primes become increasingly sparse. For example, 8 of the first 11 Mersenne
numbers are prime (M11 , M23 , M29 are not prime). However, among the
first approximately 2.3 million Mersenne numbers, only 45 give Mersenne
primes. As of this writing (2021), it is not known whether there are infin-
itely many Mersenne primes. In 2020, a very large Mersenne prime was
discovered: 282,589,933 − 1. Mersenne primes are used in pseudo-random
number generators.
r
Turning to primes of the form 2k + 1, the only candidates are Fr = 22 +
1. Fermat himself noted that Fr is prime for 0 ≤ r ≤ 4}, and he conjectured
that all these numbers were primes. Again, Fermat did not quite get it right!
It turns out that the 5-th Fermat number, 232 + 1, is divisible by 641 (see
exercise 5.11). In fact, as of this writing in 2017, there are no other known
Fermat primes among the first 297 Fermat numbers! Fermat primes are also
used in pseudorandom number generators.
Lemma 5.16. If 2k − 1 is prime, then k > 1 and 2k−1 (2k − 1) is perfect.

Proof. If 2k − 1 is prime, then it must be at least 2, and so k > 1. Let

n = 2k−1 (2k − 1). Since σ is multiplicative and 2k − 1 is prime, we can
compute (using Theorem 4.5):
!
k−1
σ (n) = σ (2k−1 )σ (2k − 1) = ∑ 2i 2k = (2k − 1) 2k = 2n
i=0
which proves the lemma. 
Theorem 5.17 (Euler’s Theorem). Suppose n > 0 is even. Then n is of the
form 2k−1 (2k − 1) where 2k − 1 is prime if and only if n is perfect.

Proof. One direction follows from the previous lemma. Thus we only need
to prove that if an even number n is perfect, then it is of the form stipulated.
Since n is even, we may assume n = q 2k−1 where k ≥ 2 and q is odd.
Using multiplicativity of σ and the fact that σ (n) = 2n:
σ (n) = σ (q) (2k − 1) = 2n = q 2k .
86 5. Modular Arithmetic and Primes

Thus
(2k − 1) σ (q) − 2k q = 0 . (5.1)
Since 2k −(2k −1) = 1, we know by Bézout that gcd((2k −1), 2k ) = 1. Thus
Proposition 3.5 implies that the general solution of the above equation is:
q = (2k − 1)t and σ (q) = 2k t , (5.2)
where t > 0, because we know that q > 0.
Assume first that t > 1. The form of q, namely q = (2k − 1)t, allows us
to identify at least four distinct divisors of q. This gives that
σ (q) ≥ 1 + t + (2k − 1) + (2k − 1)t = 2k (t + 1) .
This contradicts equation (5.2), and so t = 1.
Now use equation (5.2) again (with t = 1) to get that n = q 2k−1 =
(2k − 1) 2k−1 has the required form. Furthermore, the same equation says
that σ (q) = σ (2k − 1) = 2k which proves that 2k − 1 is prime. 

It is unknown at the date of this writing (2021) whether any odd perfect
numbers exist.

5.4. A Divisive Issue: Rings and Fields

The next result is a game changer! It tells us that there is a unique element
a−1 such that aa−1 =b 1 if and only if a is in the reduced set of residues
(modulo b). Thus division is well-defined in the reduced set of residues
modulo b. So, for example, the reduced set of residues modulo 15 equals
{1, 2, 4, 7, 8, 11, 13, 14}. In this group, we can multiply and divide all we
want. For example, the inverse of 8 in Z15 is 2 because 8 · 2 =15 1. In fact,
this set forms a nice Abelian group (defined below) under multiplication.
Proposition 5.18. Let R be a reduced set of residues modulo b. Then
i) for every a ∈ R, there is a unique a0 in R such that a0 a =b aa0 =b 1,
ii) for every a 6∈ R, there exists no x ∈ Zb such that ax =b 1,
iii) let R = {xi }i=1 , then also R = {xi−1 }i=1 .
ϕ(b) ϕ(b)

Proof. Statement (i): Since gcd(a, b) = 1, the existence of a solution fol-

lows immediately from Bézout’s Lemma. Namely a0 solves for x in ax +
by = 1. This solution must be in R, because a, in turn, is the solution of
a0 x + by = 1 and thus Bézout’s Lemma implies that gcd(a0 , b) = 1. Suppose
5.4. A Divisive Issue: Rings and Fields 87

we have two solutions ax =b 1 and ay =b 1, then uniqueness follows from

applying the cancelation Theorem 2.7 to the difference of these equations.
Statement (ii): By hypothesis, gcd(a, b) > 1. We have that ax =b 1 is
equivalent to ax + by = 1, which contradicts Bézout’s lemma.
Statement (iii): This is similar to Lemma 5.3. By (1), we know that all
inverses are in R. So if the statement is false, there must be two elements
of R with the same inverse: ax =b cx. This is impossible by cancellation
(Theorem 2.7). 

What this means is that in structures like Zb addition and multiplication

have a complicated relationship. Under addition, they form a group.
Definition 5.19. A group is defined as a set G with an operation * satisfy-
ing:
i) G is closed under the operation, or all a, b in G, a ∗ b ∈ G.
ii) The operation is associative or (a ∗ b) ∗ c = a ∗ (b ∗ c).
iii) R has an identity element e and for all a in G, a ∗ e = e ∗ a = a.
iv) Each a ∈ G has an inverse a−1 such that a ∗ a−1 = a−1 ∗ a = e.
The group is called Abelian group if the operation is commutative or a ∗ b =
b ∗ a).

The additive group Zb is generated by the element 1, because repeated

addition of 1 gives the entire group. This also makes it clear that we can
not leave any elements out and still obtain an additive group. But under
multiplication, the story is more complicated. There is no multiplicative
inverse of 0. But even if we exclude 0, then according to Proposition 5.18,
we only get a multiplicative group if b is prime. Indeed, in general we only
get a multiplicative group if we further restrict to the reduced set of residues
modulo b. Let us illustrate the point by showing the tables for multiplication
in Z5 and Z6 . In the latter case, the only multiplicative group consists of the
elements 1 and 5.
88 5. Modular Arithmetic and Primes

Z× 0 1 2 3 4 5
Z×
5 0 1 2 3 4 6

0 0 0 0 0 0 0
0 0 0 0 0 0
1 0 1 2 3 4 5
1 0 1 2 3 4
2 0 2 4 0 2 4
2 0 2 4 1 3
3 0 3 0 3 0 3
3 0 3 1 4 2
4 0 4 2 0 4 2
4 0 4 3 2 1
5 0 5 4 3 2 1
The optimistic reader might be inclined to think that maybe not all is
lost, as long as things work for the most important number system, Z itself.
Alas, a moment’s thought reveals that multiplication in Z, like multiplica-
tion in Zb for b non-prime, does not have an inverse. Thus our hand is
forced, and we define a structure where addition has all the nice properties
— in particular, it has an inverse — and where we are a bit more prudent in
assigning the characteristics of multiplication.
Definition 5.20. A ring is defined as a set R which is closed under two op-
erations, usually called addition and multiplication, and has the following
properties:
i) R with addition is an Abelian group (with additive identity 0).
ii) Multiplication in R is associative (see exercise 5.23).
iii) Multiplication is distributive over addition (that is: a(b + c) = ab + bc
and (b + c)a = ba + ca).
iv) R has a (multiplicative) identity denoted by 1 and 0 6= 1.
A commutative ring is a ring in which multiplication is commutative.
Remark 5.21. Note that N is not a ring, because addition is not invertible.
We will from here on out consider the primes as a subset of Z.
Remark 5.22. We will assume rings to be commutative and drop the ad-
jective “commutative” for brevity, unless needed for clarity.
Remark 5.23. The requirement that 0 6= 1 only excludes the 0 ring (R =
{0}).
Remark 5.24. An important example of an “almost ring” are the multiples
nZ in Z for n > 1. Indeed, that set satisfies all the requirements of a ring
5.4. A Divisive Issue: Rings and Fields 89

except that it does not have a multiplicative identity. This is sometimes

called a rng.
Definition 5.25. A unit in a ring is an element that has a multiplicative
inverse in the ring. This is also called an invertible element.

On the other hand, other important sets, such as Q, R, or C, do have

a well-defined multiplicative inverse (again excepting 0) much like Z p for
p prime. Thus we also need to define a structure where multiplication is
treated on more equal footing with addition — it has an inverse.
Definition 5.26. A field is a commutative ring for which multiplication by
a non-zero number has an inverse. Equivalently, considered as a ring, all
non-zero elements are units.

But in generally, the words division and multiplicative inverse have to

be used carefully in a ring.
Definition 5.27. Let a, b, and x in a ring. We say that b is a divisor of a
and write b | a if there is a solution x of bx = a.

The sets Z, Q, and Zb are all examples of rings, but of these only Q and
Z p with p prime are fields, because all elements are invertible as we saw in
Proposition 5.18. The field of the integers modulo a prime p will be from
now be denoted by F p , where p is understood to be a prime.
Rings and fields occur in all kinds of other situations and applications.
To mention one unexpected example, we already looked at one interesting
example of a ring, namely the arithmetic functions with addition and convo-
lution as operations (exercise 4.15). Here are some √ other examples of rings
that are not fields. Real numbers of the form a + b 3 where a and √ b in Z,
complex numbers of the form a + ib or those of the form a + ib 6 where
a and b in Z. Other examples are the n by n matrices (n ≥ 2). We have
already seen the polynomials with rational coefficients exercise 3.22. They
also form a ring. All of these rings have different properties. For instance,
the ring of n by n matrices is not commutative. We will see later that not all
rings (that are not fields) have primes.
It is useful to reflect a moment on how the absence of division influ-
ences how we think about such sets. It is precisely that curious absence that
brings us to the study of primes, integers that have no non-trivial divisors at
90 5. Modular Arithmetic and Primes

all. The situation in fields like Z p (for prime p) or R is very different! Here
multiplication does have an inverse, and thus given a and b not equal to 0,
we can always write a as a non-trivial product as follows:
a = p (ab)b−1 .

Here is another interesting observation. If we extend the integers to the

rationals Q, we obtain a field. Thus the problem of where the primes are
goes away: in Q (or R) we can always divide (except by 0), and there are
no primes. Of course, since, even in mathematics, nothing is perfect, in the
rationals we have other problems. If we allow the integers to be arbitrarily
divided by other integers, we obtain the field of the rational numbers. It
was a source of surprise and mystery to the ancients, that within the rational
numbers we still cannot solve for x in x2 = 2, although we can get arbi-
trarily good approximations. Those ‘gaps’ in the rational numbers, are the
irrational numbers. We are then left with the thorny question of whether
the reals containing both the rational and the irrational numbers still have
gaps. How can we approximate irrational numbers using rational numbers?
How can we calculate with the reals? Well, among other things you have to
learn how to take limits, which is a whole other can of worms.

5.5. Wilson’s Theorem

We end this chapter with one important application of division in Z p .
Lemma 5.28. Let p be prime. Then a2 = p 1 if and only if a = p ±1. Equiv-
alently, a ∈ Z p is its own multiplicative inverse if and only if a = p ±1.

Proof. We have
a2 = p 1 ⇐⇒ a2 − 1 = p (a + 1)(a − 1) = p 0 ⇐⇒ p | (a + 1)(a − 1) .
Because p is prime, Corollary 2.9 says that the last statement holds if and
only if either p | a + 1 (and so a = p −1) or p | a − 1 (and so a = p +1). 

Perhaps surprisingly, this last lemma is false if p is not prime. For

example, 42 =15 1, but 4 6=15 ±1.
Theorem 5.29 (Wilson’s theorem). If p prime in Z, then (p − 1)! = p −1.
If b is composite, then (b − 1)! 6=b ±1.
5.6. Exercises 91

Proof. This is true for p is 2 and 3. If p > 3, then Proposition 5.18 (3) and
Lemma 5.28 imply that every factor ai in the product (p − 1)! other than -1
or 1 has a unique inverse a0i different from itself. The factors a0i run through
all factors 2 through p − 2 exactly once. Thus in the product, we can pair
each ai different from ±1 with an inverse a0i distinct from itself. This gives
(p − 1)! = p (+1)(−1) ∏ ai a0i = p −1 .

The second part is easier. If b is composite, there are least residues a

and d greater than 1 so that ad =b 0. Now either we can choose a and d
distinct and then (b − 1)! contains the product ad, and thus it equals zero
mod b. Or else this is impossible and there exists a such that a2 =b 0. But
then still gcd((b − 1)!, b) is a multiple of a. Then, by Bézout, (b − 1)! mod
b cannot be equal to ±1. 

Wilson’s theorem could be used to test primality of a number n. How-

ever, this takes n multiplications, which in practice is more expensive than
√
trying to divide n by all numbers less than n. Note, however, that if you
want to compute a list of all primes between 1 and N, Wilson’s theorem
can be used much more efficiently. After computing (k − 1)! mod k to de-
termine whether k is prime, it takes only 1 multiplication and 1 division to
determine whether k + 1 is prime.

5.6. Exercises
Exercise 5.1. a) Let m > 0. Show that a =m b is an equivalence relation
on Z. (Use Definitions 1.7 and 1.27.)
b) Describe the equivalence classes of Z modulo 6. (Which numbers in Z
are equivalent to 0? Which are equivalent to 1? Et cetera.)
c) Show that the equivalence classes are identified by their residue, that is:
a ∼ b if and only if Resm (a) = Resm (b).
Note: If we pick one element of each equivalence class, such an element
is called a representative of that class. The smallest non-negative represen-
tative of a residue class in Zm , is called the least residue (see Definition
1.8). The collection consisting of the smallest non-negative representative
of each residue class is called a complete set of least residues.
92 5. Modular Arithmetic and Primes

Exercise 5.2. This exercise relies on exercise 5.1. Denote the set of equiva-
lence classes of Z modulo m by Zm (see Definition 1.7). Prove that addition
and multiplication are well-defined in Zm , using the following steps.
a) If a =m a0 and b =m b0 , then Resm (a) + Resm (b) =m Resm (a0 ) +
Resm (b0 ). (Hint: show that a + b = c if and only if a + b =m c. In other
words: the sum modulo m only depend on Resm (a) and Resm (b) and not
on which representative in the class (see exercise 5.1) you started with.)
b) Do the same for multiplication.

Exercise 5.3. Let n = ∑ki=1 ai 10i where ai ∈ {0, 1, 2, · · · , 9}.

a) Show that 10k =3 1 for all k ≥ 0. (Hint: use exercise 5.2.)
b) Show that n =3 ∑ki=1 ai .
c) Show that this implies that n is divisible by 3 if and only the sum of its
digits is divisible by 3.

Exercise 5.4. Let n = ∑ki=1 ai 10i where ai ∈ {0, 1, 2, · · · , 9}. Follow the
strategy in exercise 5.3 to prove the following facts.
a) Show that n is divisible by 5 if and only if a0 is. (Hint: Show that
n =5 a0 .)
b) Show that n is divisible by 2 if and only if a0 is.
c) Show that n is divisible by 9 if and only if ∑ki=1 ai is.
d) Show that n is divisible by 11 if and only if ∑ki=1 (−1)i ai is.
e) Find the criterion for divisibility by 4.
f) Find the criterion for divisibility by 7. (Hint: this is a more complicated
criterion!)

Exercise 5.5. a) Determine the period of the decimal expansion of the

following numbers: 100/13, 13/77, and 1/17 through long division.
b) Use Proposition 5.8 to determine the period.
c) Check that this period equals a divisor of ϕ(n).
d) The same questions for expansions in base 2 instead of base 10.

Exercise 5.6. a) Compute 2n−1 mod n for n odd in {3 · · · 40}.

b) Are there any pseudo-primes in the list?

Exercise 5.7. Assume that n is a pseudoprime to the base 2.

a) Show that 2n − 2 =n 0.
b) Show from (a) that n | Mn − 1. (See Definition 5.13.)
c) Use Lemma 5.14 to show that (b) implies that Mn | 2Mn −1 − 1.
d) Conclude from (c) that if n is a pseudoprime in base 2, so is Mn .
5.6. Exercises 93

Exercise 5.8. a) List (n − 1)! mod n for n ∈ {2, · · · , 16}.

b) Where does the proof of the first part of Wilson’s theorem fail in the
case of n = 16?
c) Does Wilson’s theorem hold for p = 2? Explain!
d) Characterize the set of n ≥ 2 for which (n − 1)! mod n is not in {0, −1}.

Exercise 5.9. a) Compute 772 mod 13, using modular exponentiation.

b) Similarly for 484187 mod 1189.
c) Find 100! + 102! mod 101. (Hint: Wilson.)
d) Show that 1381! =1382 0. (Hint: Wilson.)

Exercise 5.10. a) For i in {1, 2, · · · 11} and j in {2, 3, · · · 11}, make a table
of Ord×j (i), i varying horizontally. After the jth column, write ϕ( j).
b) List the primitive roots i modulo j for i and j as in (a). (Hint: the
smallest primitive roots modulo j are: {1, 2, 3, 2, 5, 3, 0,/ 2, 3, 2}.)

Exercise 5.11. We show that the 5-th Fermat number, 232 + 1, is a com-
posite number.
a) Show that 24 =641 −54 .(Hint: add 24 and 54 .)
b) Show that 27 5 =641 −1.
c) Show that 232 + 1 = (27 )4 24 + 1 =641 0.
d) Conclude that F5 is divisible by 641.

Exercise 5.12. a) Compute ϕ(100). (Hint: use Theorem 4.17.)

b) Show that 179121 =100 79121 .
c) Show that 79121 =100 791 . (Hint: use Theorem 5.4)
d) What are the last 2 digits of 179121 ?
The following 5 exercises on basic cryptography are based on [56].
First some language. The original readable message is called the plain text.
Encoding the message is called encryption. And the encoded message is
often called the encrypted message or code. To revert the process, that
is: to turn the encrypted message back into plain text, you often need a
key. Below we will encode the letters by 0 through 25 (in alphabetical
order). We encrypt by using a multiplicative cipher. This means that we
will encrypt our text by multiplying each number by the cipher modulo 26,
and then return the corresponding letter. For example, if we use the cipher
3 to encrypt the plain text bob, we obtain the encrypted text as follows
1.14.1 → 3.42.3 → 3.16.3.
94 5. Modular Arithmetic and Primes

Exercise 5.13. a) Use the multiplicative cipher 3 to decode DHIM.

b) Show that an easy way to decode is multiplying by 9 (modulo 26). The
corresponding algorithm at the number level is called division by 3 modulo
26.
c) Suppose instead that our multiplicative cipher was 4. Encode bob again.
d) Can we invert this encryption by using multiplication modulo 26? Ex-
plain why.

Exercise 5.14. Suppose we have an alphabet of q letters and we encrypt

using the multiplicative cipher p ∈ {0, · · · q−1}. Use modular arithmetic to
show that the encryption can be inverted if and only gcd(p, q) = 1. (Hint:
Assume the encryption of j1 and j2 are equal. Then look up and use the
Unique Factorization theorem in Chapter 2.)

Exercise 5.15. Assume the setting of exercise 5.14. Assume p and q are
such that the encryption is invertible. What is the decryption algorithm?
Prove it. (Hint Find r ∈ {0, · · · q − 1} such that rp =q 1. Then multiply the
encryption by r.)

Exercise 5.16. Work out the last two problems if we encrypt using an affine
cipher (a, p) . That is, the encryption on the alphabet {0, · · · q − 1} is done
as follows:
i → a + pi mod q
Work out when this can be inverted, and what the algorithm for the inverse
is.
Exercise 5.17. Decrypt the code V’ir Tbg n Frperg.

Theorem 5.30 (Binomial Theorem). If n is a positive integer, then

n    
n i n−i n n!
(a + b)n = ∑ ab where = .
i=0 i i i!(n − i)!

Exercise 5.18. a) If p is prime, show that pi mod p equals 0 if 1 ≤ i ≤

p − 1 and equals
1 if i = 0 or i =

p.
b) Evaluate 4i mod 4 and 6i mod 6. So where in (a) did you use the
fact that p is prime?
c) Use (a) and the binomial theorem to show that if p is prime, then we
have (a + b) p = p a p + b p .
5.6. Exercises 95

Exercise 5.19. Let p be prime.

a) Show that 1 p = p 1.
b) Use exercise 5.18 (c) to show that for k > 0, if k p = p k, then (k + 1) p = p
k + 1.
c) Conclude from (b) that for for all n ∈ N, n p = p n. (Hint: use induction.)
d) Prove that for for all n ∈ Z, n p = p n. (Hint: (−n) p = p (−1) p n p and
assume p odd. Prove separately for p = 2.)
e) Use (d) to prove Fermat’s little theorem. (Hint: use cancellation.)
There are partial converses to Fermat’s little theorem. But if our aim is
testing for primality, these do not yield computationally efficient improve-
ments. We give the simplest of these results here.
Lemma 5.31. Suppose a and n in N such that an−1 =n 1 and that for all
primes that divide n − 1 we have a(n−1)/p 6=n 1. Then n is a prime.

Exercise 5.20. In this exercise, we prove Lemma 5.31. For this purpose,
abbreviate Ord×n (a) by o and assume the condition of the lemma.
a) Show that n − 1 = o j for some j ∈ N.
b) Show that if j > 1 in (a), there is a prime p dividing j such that
a(n−1)/p =n ao( j/p) =n 1 .
c) Show that j = 1 and so o = Ord×n (a) = n − 1.
d) Show that (c) implies the lemma. (Hint: use Euler.)
e) Use the lemma to show that 997 is prime. (Hint: 996 has prime divisors
2, 3, and 83.)
Theorem 3.13 and exercise 3.18 show how to solve linear congruences gen-
erally. Quadratic congruences are much more complicated. As an example,
we look at the equation x2 = p ±1 in the following exercise.
Exercise 5.21. a) Show that Fermat’s little theorem gives a solution of
p−1
x2 − 1 = p 0 whenever p is an odd prime. (Hint: consider x 2 .)
p−1
b) Use Lemma 5.28 to show that x 2 = p ±1.
c) Show that Wilson’s theorem implies that for odd primes p
  2
p−1 p−1
(−1) 2 ! = p −1 .
2
(Hint: the left-hand side gives all reduced residues modulo p.)
d)
h Use(c) i to show that if p =4 1 (examples are 13, 17, 29, etc), then
p−1
2 ! satisfies the quadratic congruence x2 + 1 = p 0.
e) Show that if p =4 3 (examples are 7, 11, 19, etc), then the quadratic
congruence x2 + 1 = p 0 has no solutions. (Hint: we have x4 = p 1 and by
Euler xϕ(p) = p 1; derive a contradiction if p =4 3.)
96 5. Modular Arithmetic and Primes

Exercise 5.22. Given b > 2, let R ⊆ Zb be the reduced set of residues and
let S ⊆ Zb be the set of solutions in Zb of x2 =b 1 (or self inverses).
a) Show that S ⊆ R. (Hint:Bézout.)
b) Show that
∏ x =b ∏ x (=b 1 if S is empty) .
x∈R x∈S
c) Show that if S contains a, then it contains −a.
d) Show that if a =b −a, then a and −a are not in S.
e) Show that
∏ x =b (−1)m some m .
x∈R
f) Show that
∏ x =b (−1)|S|/2 .
x∈R
g) Compute ∏x∈R x in a few cases (b = 6, 8), and verify that (f) holds.
1 2n 2n
2n



Definition 5.32. The nth Catalan number Cn equals n+1 n = n − n+1 .

Exercise 5.23. Many common operations in R are not associative.

4
a) Compute 23 , 4 − 3 − 2, 4/3/2. (Hint: depending on how you place the
parentheses, you get different answers.) In the last two cases, the problem
disappears if we recast the computation in terms of the (associative) oper-
ators + and ×: compute 4 + (−3) + (−2) and 4 × 13 × 12 .
b) Show that the number of monotone lattice paths from (0, 0) to (a, b)
where a, b > 0 equals a+b


a . (Hint: place a + b edges of which a are hori-
zontal and b are vertical in any order.)
c) For notational ease, indicate the non-associative operation by ∗. Show
that the number of ways ∗n+1 i=1 ai can be interpreted equals the number of
“good paths”, that is: monotone lattice paths in R2 from (0, 0) to (n, n)
that do not go above the diagonal. (Hint: write the expression so that it has
n opening parentheses “(” in it; there are n operations to be performed;
reading from left to right, each ( corresponds to a “right” move, each * to
an “up” move.)
d) Show that there is a bijection from the set of “bad paths”, that is: mono-
tone lattice paths in R2 from (0, 0) to (n, n) that touch the line ` : y = x + 1,
to the set of monotone paths in R2 from (0, 0) to (n − 1, n + 1). (Hint: re-
flect the bad path in ` as indicated in Figure 16 and show this is invertible.)
e) Use (c) and (d) to show that the number of good paths equals the num-
ber of monotone paths from (0, 0) to (n, n) minus the number of monotone
paths from (0, 0) to (n − 1, n + 1).
f) Use (e) to show that the number of interpretations in (c) equals Cn of
Definition 5.32.
5.6. Exercises 97

(n,n)

(0,0)

Figure 16. The part to the right of the intersection with ` : y = x + 1

(dashed) of a bad path (in red) is reflected. The reflected part in in-
dicated in green. The path becomes a monotone path from (0, 0) to
(n − 1, n + 1).

Exercise 5.24. Show that the following sets with the usual additive and
multiplicative operations
√ are not fields:
a) The numbers a + b 3 where a and √ b in Z.
b) The numbers of the form a + ib 6 where a and b in Z.
c) Z6 .
d) The 2 by 2 real matrices.
e) The polynomials with rational coefficients.
f) The Gaussian integers, i.e. the numbers a + bi where a and b in Z.
(Hint: in each case, exhibit at least one element that does not have a mul-
tiplicative inverse.)

Exercise 5.25. We revisit the Dirichlet ring of exercise 4.15.

a) Show that given an arithmetic function f , we have that if f (1) 6= 0

1
 g(1) = f (1) if n = 1
g ∗ f = ε ⇐⇒
g(n) = −1 ∑ f n


g(d) if n > 1
f (1) d|n, d<n d
(Note: g is called the Dirichlet inverse of f .)
b) Show that f is a unit if and only if f (1) 6= 0.
c) Compute the first 12 terms of the Dirichlet inverse
of the Fibonacci sequence (Definition 3.18). (Hint:
(1, −1, −2, −2, −5, −4, −13, −16, −30, −45, −89, −122).)
d) Show g(n) = − f (n) if n is prime.
e) What is the Dirichlet inverse of the (non-zero) constant function? (Hint:
Equation (4.7).)
Chapter 6

Continued Fractions

Overview. The algorithm for continued fractions is really a reformulation

of the Euclidean algorithm. However, the reformulated algorithm has had
such a spectacular impact on mathematics that it deserves its own name and
a separate treatment. One of the best introductions to this subject is the
classic [32].

6.1. The Gauss Map

Definition 6.1. The Gauss map (see Figure 17) is the transformation T :
[0, 1] → [0, 1) defined by
   
1 1 1
T (ξ ) = − = and T (0) = 0 ,
ξ ξ ξ
where we have used the notation of Definition 2.1.
j k
Lemma 6.2. Set qi = ri−i ri as in equation (3.1). Then the sequence {ri }
defined by the Euclidean algorithm of Definition 3.3 satisfies:
  
ri+1 1 ri
= − qi = T and



 ri
 ri−1 /ri ri−1
ri 1 .
 = ri+1
 ri−1

qi +


ri

99
100 6. Continued Fractions

0
0 1/3 1/2 1

Figure 17. Four branches of the Gauss map.

Proof. From equation (3.1) or (3.4), we recall that ri−1 = ri qi + ri+1 , or

 
ri−1
ri+1 = ri−1 − qi ri where qi = ,
ri
and that {ri } is a decreasing sequence. The first equation is obtained by
r ri
dividing both sides by ri and replacing i−1
ri by the reciprocal of ri−1 . The
second equation of the lemma is obtained by inverting the first. 

In the exercises 3.20 and 3.21, we indicated by example how the Gauss map
is related to the Euclidean algorithm.

6.2. Continued Fractions

The beauty of the relation in Lemma 6.2 is that, having sacrificed the value
of gcd(r1 , r2 ) — whose value we therefore may as well set at 1, we have
a procedure that applies to rational numbers! There is no reason why this
recursive procedure should be restricted to rational numbers. Indeed, very
interesting things happen when we extend the procedure to also allow irra-
tional starting values.
r
Definition 6.3. In the second equation of Lemma 6.2, write ωi = i+1 ri and
 
1 1 1
ai = (or,equivalently, ai = ` if ωi ∈ ( `+1 , ` ]). Extend ω to allow for
ωi
all values in [0, 1).

It is important to note that, in effect, we have set ai equal to qi+1 . This

very unfortunate bit of redefining is done so that the qi mesh well with
6.2. Continued Fractions 101

the Euclidean algorithm (see equation (3.2)) while making sure that the
sequence of the ai in Definition 6.4 below starts with a1 .
At any rate, with these conventions, the equations of Lemma 6.2 be-
come:
1

 ωi = ω − ai−1 = T (ωi−1 ) and


i−1
. (6.1)
 1
 ωi−1 =

ai−1 + ωi
The way one thinks of this is as follows. The first equation defines a
dynamical system1. Namely, given an initial value ω1 ∈ [0, 1), the repeated
application of T gives a string of positive integers {a1 , a2 , · · · }. The string
ends only if after n steps ωn = 1` , and so ωn+1 = 0. We show in Theorem 6.5
that this happens if and only if ω1 is rational. The `th branch of T , depicted
1 1
in Figure 17, has I` = ( `+1 , ` ] as its domain. It is easy to see that ai = `
precisely if ωi ∈ I` .
If, on the other hand, the {ai } are given, then we can use the second
equation to formally2 derive a possibly infinite quotient that characterizes
ω1 . For, in that case, we have
1
ω1 = 1
. (6.2)
a1 + 1 a2 + a + ···
3

The expression stops after n steps, if ωn+1 = 0. Else the expression contin-
ues forever, and we can only hope that converges to a limit. We now give
some definitions.
Definition 6.4. Let ω1 ∈ [0, 1]. The expression
1 def
ω1 = 1
≡ [a1 , a2 , a3 , · · · ] .
a1 + 1 a2 + a + ···
3

is called the continued fraction expansion of ω1 . The finite truncations

pn 1 def
= 1
≡ [a1 , a2 , · · · , an ] .
qn a1 +
a2 + ··· a1n

1A dynamical system is basically a rule that describes short term changes. Usually the purpose of
studying such a system is to derive long term behavior, such as, in this case, deciding whether the sequence
{ai } is finite, periodic, or neither.
2Here, “formally” means that we have an expression for ω , but (1) we don’t yet know if the actual
1
computation of that expression converges to that number, and on the other hand (2) we “secretly” do know
that it converges, or we would not bother with it.
102 6. Continued Fractions

are called the continued fraction convergents (or continued fraction approximants)
of ω1 . The coefficients ai are called the continued fraction coefficients.

Let us illustrate this definition with a few examples of continued frac-

tion expansions:
π − 3 = [7, 15, 1, 292, 1, 1, 1, 2, · · · ] ,
e − 2 = [1, 2, 1, 1, 4, 1, 1, 6, 1, 1, 8, · · · ] ,
√
θ ≡ 2 − 1 = [2, 2, 2, 2, 2, · · · ] ,
√
5−1
g≡ = [1, 1, 1, 1, 1, · · · ] .
2
For example, π − 3 the sequence of continued fraction convergents starts
15
out as: 17 , 106 16
, 113 4687
, 33102 4703
, 33215 , · · · . The number g is also well-known. It
is usually called the golden mean. Its continued fraction convergents are
formed by the Fibonacci numbers defined in Definition 3.18 and given by
{1, 1, 2, 3, 5, 8, 13, 21, · · · }. Namely, the convergents are 11 , 12 , 23 , 53 , 58 , and
so forth.
We have defined continued fraction expansion only for numbers in ω
in [0, 1). This can be easily be remedied by adding a “zeroth” digit a0 —
signifying the floor of ω — to it. Thus the expansion of π would then
become [3; 7, 15, 1, 292, 1, · · · ]. We do not pursue this further.
Theorem 6.5. The continued fraction expansion of ω ∈ [0, 1) is finite if and
only if ω is rational.

Proof. If ω is rational, then by Lemma 6.2 and Corollary 3.2, the algorithm
ends. On the other hand, if the expansion is finite, namely [a1 , a2 , · · · , an ],
then, from equation (6.2), we see that ω is rational. 
Theorem 6.6. For the continued fraction convergents, we have

pn = an pn−1 + pn−2 with q0 = 1 , p0 = 0 ,

qn = an qn−1 + qn−2 q−1 = 0 , p−1 = 1
or, in matrix notation,
   
qn pn q pn−1
  = An  n−1  = An · · · A2 A1 ,
qn−1 pn−1 qn−2 pn−2
6.2. Continued Fractions 103

where    
ai 1 0 1
Ai =   and A−1
i =
 .
1 0 1 −ai

Remark. We encountered Ai in Chapter 3 where it was called Qi+1 . We

changed the name so we have convenient subscript that agrees with the
standard notation. Note that the variables qi are not the same as the qi of
Chapter 3.

Proof. From Definition 6.4, we have that q1 = a1 and p1 = 1 and thus

   
q1 p1 a1 1
 =  = A1 .
q0 p0 1 0
We proceed by induction. Suppose that the recursion holds for all n ≤ k,
then
pk = ak pk−1 + pk−2 . (6.3)
qk = ak qk−1 + qk−2
The definition of the convergents gives:
pk 1 pk+1 1
= 1
and = 1
.
qk a1 + · · · a qk+1 a1 + · · ·
k ak + a 1
k+1
pk+1 pk 1
Thus qk+1 is obtained from by replacing ak by ak + a or
qk k+1
 
pk+1 = a + 1 p + pk−2
 k ak+1  k−1 .
qk+1 = ak + a 1 qk−1 + qk−2
k+1

Using equation (6.3) gives

pk+1 = pk + a 1 pk−1
k+1 .
qk+1 = qk + a 1 qk−1
k+1
p
The quotient qk+1 does not change if if we multiply only the right-hand side
k+1
of these equations by ak+1 to insure that both pk+1 and pk+1 are integers.
This gives the result. 
104 6. Continued Fractions

Corollary 6.7. We have

(i) qn pn−1 − qn−1 pn = (−1)n

pn−1 pn (−1)n .
(ii) − =
qn−1 qn qn−1 qn

Proof. The left-hand side of the expression in (i) equals the determinant of
 
qn pn
 , which, by Theorem 6.6, must equal the determinant of
qn−1 pn−1
An · · · A2 A1 . Finally, each Ai has determinant -1. To get the second equation,
divide the first by qn−1 qn . 
Corollary 6.8. We have
n−1 n−1
(i) pn ≥ 2 2 and qn ≥ 2 2
.
(ii) gcd(pn , qn ) = 1

Proof. i) Iterating the recursion in Theorem 6.6 twice, we conclude that

pn+1 = (an an−1 + 1)pn−2 + an pn−3 ≥ 2pn−2 + pn−3 ,
while p1 = 1 and p2 ≥ 2. The same holds for qn .
ii) By Corollary 6.7 (i) and Bézout. 
pn
Theorem 6.9. For irrational ω, the limit limn→∞ qn exists and equals ω.

Proof. If we replace n by n − 1 in the equality of Corollary 6.7(ii), we get

another equality. Adding those two equalities gives:
(−1)n (−1)n−1 pn pn−2 (−1)n
 
pn−2 pn 1 1
− = + or − = − .
qn−2 qn qn−1 qn qn−1 qn−2 qn qn−2 qn−1 qn−2 qn
By Theorem 6.6, the qi are positive and strictly increasing, and so the right-
hand side of the last equality is positive if n is even, and negative if n is odd.
Thus the sequence { qpnn }n even is increasing while the sequence { qpnn }n odd is
decreasing.
In addition, by substituting 2n for n in Corollary 6.7(ii), we see that
the decreasing sequence (n odd) is bounded from below by the increas-
ing sequence, and vice versa. Since a bounded monotone sequence of real
6.3. Computing with Continued Fractions 105

numbers has a limit3, the decreasing sequence has a limit ω− . Similarly, the
increasing sequence must have a limit ω+ . Now we use Corollary 6.7(ii)
again to see that for all n, the difference between the two cannot exceed
1
qn−1 qn . So ω+ = ω− = ω. 
p
2n−1
Corollary 6.10. Suppose ω is irrational. For every n > 0, we have q2n−1 <
p2n
ω < q2n . If ω is rational, the same happens, until we obtain equality of ω
and the last convergent.

6.3. Computing with Continued Fractions

Suppose we have a positive real ω0 and want to know its continued fraction
coefficients ai . By the remark just before Theorem 6.5, we start by setting
a0 = bω0 c and ω1 = ω0 − a0 .
After that, we use Lemma 6.2, and get
 
1 1
ai = and ωi+1 = − ai .
ωi ωi
For example, we want to compute the ai for
√
1+ 6
ω1 = ≈ 0.6898979 · · · . (6.4)
5
If you do this numerically, bear in mind that to compute all the ai you need
to know the number with infinite precision. This is akin to computing, say,
the binary representation of ω1 : if we want infinitely many binary digits, we
need to know all its decimal digits. To circumvent this issue, we keep the
exact form of ω1 . This involves some careful manipulations with the square
root. Here are the details. Since ω1 ∈ (1/2, 1), we have a1 = 1. Thus
√
5 4− 6
ω2 = √ −1 = √ .
1+ 6 1+ 6
To get rid of the square
√ root in the denominator, we multiply √both sides√by
the “conjugate” 1 − 6 of the denominator. Note that (1 + 6)(−1 + 6)
gives −1 + 6 = 5. So we obtain
√ √
√
 
4 − 6 −1 + 6 1 1
ω2 = √ · √ = −2 + 6 ≈ 0.45 ∈ , =⇒ a2 = 2 .
1 + 6 −1 + 6 5 4
3This is the monotone convergence theorem, see for example [42]
106 6. Continued Fractions

Subsequently, we repeat the same steps to get

√  
1 −2 + 6 1 1
ω3 = √ −2 = ··· = ≈ 0.225 ∈ , =⇒ a3 = 4 .
−2 + 6 2 3 2
This is beginning to look desperate, but rescue is on the way:
2 √
ω4 = √ − 4 = −2 + 6 = ω2 .
−2 + 6
Now everything repeats, and thus we know the complete representation of
ω1 in terms of its continued fraction coefficients:
√
1+ 6
ω1 = = [1, 2, 4, 2, 4, 2, 4 · · · ] = [1, 2, 4] .
5
The reverse problem is also interesting. Suppose we just know the con-
tinued fraction coefficients {ai }∞
i=1 of ω1 . We can compute the continued
fraction convergents by using Theorem 6.6
   
qn pn ai 1
  = An · · · A2 A1 where Ai =  .
qn−1 pn−1 1 0
Theorem 6.9 assures us that the limit of the convergents { qpnn }∞ i=1 indeed
equals ω1 = [a1 , a2 , · · · ]. If also a0 > 0, add a0 to ω1 in order to obtain ω0 .
So in our example ω1 = [1, 2, 4], this is easy enough to do:

i : 0 1 2 3 4 5 ···
ai : - 1 2 4 2 4 ···
pi : 0 1 2 9 20 89 ···
qi : 1 1 3 13 29 129 ···
But, because the ai are eventually periodic, we can also opt for a more
explicit representation of ω1 . The periodic tail can be easily analyzed. In-
deed, let
1 1
x= 1
=⇒ x =
2+ 1 2 + 4 +1 x
4 + 2 + ···
After some manipulation, this simplifies to a quadratic equation for x with
one root in [0, 1).
√
x2 + 4x − 2 = 0 =⇒ x = −2 ± 6 .
6.4. The Geometric Theory of Continued Fractions 107

Select the root in [0, 1) as answer. Now we compute ω1 as follows.

√
1 1 1 1+ 6
ω1 = 1
= = √ = ,
1+ 1 + x −1 + 6 5
2+ 1 4 + ···

which agrees with our earlier choice of ω1 in equation (6.4).

6.4. The Geometric Theory of Continued Fractions

We now give a brief description of the geometric theory of continued frac-
tions. This description allows us to prove one of the most remarkable char-
acteristics of the continued fraction convergents (Theorem 6.13). Another
geometric description can be found in exercise 6.15.
The theory consists of constructing successive line segments that ap-
proximate the line y = ω1 x in the Cartesian plane. The construction is in-
ductive. Here is the first step.
Start with    
0 1
e−1 =   and e0 =   . (6.5)
1 0
Note that these are row vectors. Although at first sight a little odd, it is the
convention that e−1 is the basis vector along the y-axis and e0 the one along
the x-axis. To get the first new approximation, define
 
a1
e1 = a1 e0 + e−1 =   , (6.6)
1
where we choose a1 to be the largest integer so that e1 and e−1 lie on the
same side of y = ω1 x (see Figure 20). With this definition it is easy to see
 
a1
that in particular e1 =   and
1
 
1
a1 = ,
ω1
the same as in Definition 6.3. Note that ω1 lies between the slopes of e0 and
e1 . Now define the two by two matrix A1 as the matrix corresponding to the
108 6. Continued Fractions

coordinate change T1 such that T1 (e−1 ) = e0 and T1 (e0 ) = e1 . Thus from

equations (6.5) and (6.6), one concludes that the matrix A1 satisfies
   
x2 x
A1   = x1 e0 + x2 e1 and  2  = A−1 (x1 e0 + x2 e1 ) .
1
x1 x1
The first equation implies that, indeed, A1 is the matrix we defined earlier
(in Theorem 6.6). The second equation says that A−1 1 is the coordinate
transform that gives the coordinates of a point in terms of the new basis e0
 
x
and e1 . The new coordinates of the line   become
ω1 x
     
x ω 1 x 1
A−1
1
 = =t  ,
ω1 x x − a1 ω1 x ω1−1 − a1
upon reparametrizing t = ω1 x. Thus the slope of that line in the new co-
ordinates, ω2 , is the one given by equation (6.1). Since a1 was chosen the
greatest integer so that the new slope is non-negative, we obtain that ω1 is
contained in [0, 1).
Since ω2 > 0, the construction now repeats itself, so that we get
en+1 = an+1 en + en−1 ,
p
as long as ωn > 0. By construction, ω1 always lies between qpnn and qn+1 n+1
.
Consider the parallelogram p(en , en−1 ) spanned by en and en−1 . Define en =
(qn , pn ). Thus, the oriented area of p(en , en−1 ) is exactly the determinant of
 
qn pn
the matrix  . One now obtains Corollary 6.7 again4.
qn−1 pn−1

6.5. Closest Returns

Consideration of the line ωx in the plane gives us another insight, see Figure
18. The successive intersections with the vertical unit edges are in fact the
4Geometrically, the proof of that corollary is most easily expressed in the language of exterior or wedge
products. The relevant induction step is the following computation.
en ∧ en−1 = (an en−1 + en−2 ) ∧ en−1 = −en−1 ∧ en−2 .
6.5. Closest Returns 109

iterates of the rotation Rω : x → x + ω mod 1 on the circle starting with

initial condition 0. A natural question that arises is: when do these iterates
return close to their starting point?
Definition 6.11 (Closest Returns). Rqω is a closest return if Rqω (0) is closer
to 0 (on the circle) than Rnω (0) for any 0 < n < q.

The surprise is that the continued fraction convergents correspond exactly

to the closest returns (Theorem 6.13).
p

Figure 18. The line y = ωx and (in red) successive iterates of the rota-
tion Rω . Closest returns in this figure are q in {2, 3, 5, 8}.

Lemma 6.12. Define dn ≡ ω1 qn − pn . Then the sequence {dn } is alter-

nating and its absolute value decreases monotonically. In fact, |dn+1 | <
1
1+an+1 |dn−1 |.

0 dn−1 +2 dn dn−1 + dn

dn d n+1 d n−1

Figure 19. The geometry of successive closest returns.

Proof. The sequence {ω1 − qpnn } alternates in sign by construction. There-

fore, so does {dn }. Recall that an+1 is the largest integer such that
ω1 qn+1 − pn+1 = ω1 (an+1 qn + qn−1 ) − (an+1 pn + pn−1 )

= (ω1 qn−1 − pn−1 ) + an+1 (ω1 qn − pn ) ,

110 6. Continued Fractions

has the same sign as ω1 qn−1 − pn−1 . This says that

dn+1 = dn−1 + an+1 dn .
Together with the fact that the dn alternate, this implies that dn is decreasing.
So
(1 + an+1 )|dn+1 | < |dn+1 | + an+1 |dn | = |dn−1 | .
This implies the lemma. 

c
en+1= an+1en+ en−1

b
y=wx

e n−1

en a
qn+1

Figure 20. Drawing y = ω1 x and successive approximations (an+1 is

taken to be 3). The green arrows correspond to en−1 , en , and en+1 .

p0
Theorem 6.13 (The closest return property). q0 is a continued fraction
convergent if and only if
|ω1 q0 − p0 | < |ω1 q − p| for all 0 < q < q0 .

Proof. We will first show by induction that the parallelogram p(en+1 , en )

spanned by en+1 and en contains no integer lattice points except on the four
vertices. Clearly, this is the case for p(e−1 , e0 ). Suppose p(en , en−1 ) has the
same property. The next parallelogram p(en+1 , en ) is contained in a union
6.6. Another Interpretation of the Convergents 111

of an+1 + 1 integer translates of the previous and one can check that that it
inherits this property (Figure 20).
Next we show, again by induction, that the Rqωn are closest returns, and
that there are no others. It is trivial that R1ω is the only closest return for
q = 1. It is easy to see that Raω1 is the only closest return5 for 0 < q ≤
a1 . Now suppose that up to q = qn the only closest returns are ei , i ≤ n.
We have to prove that the next closest return is en+1 . By Lemma 6.12,
dn+1 < dn . Now we only need to prove that there are no closest returns
for q in {qn + 1, qn + 2, · · · , qn+1 − 1}. To that purpose we consider Figure
20. With the exception of the origin and the endpoints of en , and en+1 , the
shaded regions in the figure are contained in the interior of translates of the
parallelogram p(en−1 , en ), and therefore contain no lattice points. Since the
vector c is parallel to and larger than en , we have that b > a. Thus there is
a band of width dn around y = ω1 x that contain no points in Z2 except the
origin, en , and en+1 . 

6.6. Another Interpretation of the Convergents

Given a number x1 ∈ [0, 1), we easily see that the first convergent 1/a1 maps
to zero under the Gauss map T , that is: T (p1 /q1 ) = 0. Furthermore, since
1 1
x1 = 1
= ,
a1 + 1
a1 + x2
a2 + a + ···
3

and x2 ∈ [0, 1), we can conclude that x1 lies on the a1 -branch of T defined on
( a11+1 , a11 ] that contains x1 , see Figure 17. More precisely, if b1 : I1 → [0, 1)
is the branch of T such that x ∈ I1 , then the end point of I1 that maps to zero
under T is the first convergent. It is this statement we wish to generalize.
To get an idea what iterates of T look like, let’s have a look at T 2 in
Figure 21. T has a countable collection of branches. Each branch maps
onto [0, 1). Thus T 2 has countably many branches for every single branch
b : I → [0, 1) of T . In turn, each of the branches of T 2 also maps onto [0, 1).
And so forth.
Proposition 6.14. Let bk : Ik → [0, 1) be the branch of T k such that x ∈ Ik ,
then the kth convergent pk /qk of x is the (unique) end point of Ik that maps
to zero under T k .
5By definition of a , the first time qω is within ω of a natural number is when q = a .
1 1 1 1
112 6. Continued Fractions

... ... ... ...

0
0 1/3 1/2 2/3 1

Figure 21. A few branches of the twice iterated Gauss map T 2 . The
points T −2 (0) are marked in red. The reader should compare this plot
to Figure 17.

Proof. From the expression given in Definition 6.4 for qpnn = [a1 , a2 , · · · , an ],
we see that T ([a1 , a2 , · · · , an ]) = [a2 , · · · , an ]. Continuing by induction, we
find
T n ([a1 , a2 , · · · , an ]) = T n−1 ([a2 , · · · , an ]) = · · · = T ([an ]) = 0 .
So the nth convergent is indeed an nth pre-image of 0 under T .
Similarly, (6.1) implies that
x = [a1 , a2 , · · · ] = [a1 , a2 , · · · , an , an+1 , · · · ] = [a1 , a2 , · · · , (an + xn+1 )] .
Since xn+1 ∈ [0, 1), this is a single branch whose domain contains x. 

By way of example, we look briefly at the golden mean g = [1, 1, · · · ] ≈

0.61803 · · · in this context. The first convergent is 1/1 = 1. We immediately
remark something perhaps a little unexpected: while this convergent is pre-
image of 0 that belongs to the same branch as g, it is not that element of
T −1 (0) that is closest to 0 under T , The next convergent of g is 1/2. The
same thing happens: again, the element of T −2 (0) closest to g is in fact 2/3.
This characterization of convergents is in fact very familiar. Indeed in
our usual decimal expansion, based on the map T : [0, 1) → [0, 1) given by
T (x) = {10x}, the third convergent of the golden mean mentioned above is
p3 /q3 = [6, 1, 8], more commonly written as 0.618. Note that T 3 (p3 /q3 ) =
0 and that g lies in the domain of the 618 branch of T 3 .
Another interesting observation is that the fact that the all slopes of T
are negative, means that the signs of the slopes of T k equal (−1)k . So, for
6.7. Exercises 113

odd k the convergents (the zeroes of the branches) are on the right of the
interval of definition of the branch they belong to, and for the k even they
are on the left side. This is convenient, because it mimplies that x is always
‘sandwiched’ between two successive convergents.

6.7. Exercises
Exercise 6.1. Give the continued fraction expansion of 1331 ,
21 34 n−1
34 , 21 , n for
n > 1, n−1
n 2 for n > 1 by following the steps in Section 6.3.
√
Exercise 6.2. Verify the continued fraction expansion of 2 ≈ 1.4 given
in the text by following the steps in Section 6.3.

Exercise 6.3. a) Find the continued fraction expansion of the fixed points
(i.e. solutions of T (x) = x for T in Definition 6.1) of the Gauss map.
b) Use the continued fractions in (a) to find quadratic equations for the
fixed points in (a).
c) Derive the same equations from T (x) = x.
d) Give the positive solutions of the quadratic equations in (b) and (c).
√
Exercise 6.4. Compute the continued fraction expansion for n for n be-
tween 1 and 15.
Exercise 6.5. Given the following continued fraction expansions, deduce
a quadratic equation for x. (Hint: see Section 6.3.)
a) x = [8] = [8, 8, 8, 8, 8, · · · ].
b) x = [3, 6] = [3, 6, 6, 6, 6, · · · ].
c) x = [1, 2, 3] = [1, 2, 3, 1, 2, 3, · · · ].
d) x = [4, 5, 1, 2, 3] = [4, 5, 1, 2, 3, 1, 2, 3, · · · ].

Exercise 6.6. In exercise 6.5:

a) solve the quadratic equations (leaving roots intact).
b) give approximate decimal expressions for x.
c) give the first 4 continued fraction convergents.

Exercise 6.7. Derive a quadratic equation for the number with continued
fraction expansion: [n], [m, n], [n, m], [a, b, n, m].

Exercise 6.8. From the expressions given in Section 6.2, compute the first
6 convergents of π − 3, e − 2, θ , and g.

Exercise 6.9. In exercise 6.8, numerically check how close the nth conver-
gent of ω is to the actual value of ω.
b) Compare your answer to (a) with the decimal expansion approximation
using i digits.
114 6. Continued Fractions

Exercise 6.10. In exercise 6.8, check that the increasing/decreasing pat-

terns of the approximants satisfies the one described in the proof of Theo-
rem 6.9.
Exercise 6.11. a) Characterize when the decimal expansion of a real num-
ber is finite. (Hint: see exercises 5.3, and 5.4.)
b) Compare (a) with Theorem 6.5.

Exercise 6.12. What does the matrix in Theorem 6.6 correspond to in terms
of the Euclidean algorithm of Chapter 3?

Exercise 6.13. Use Lemma 6.12 to show that

p2n+1 1 n 1
ω− < ∏ .
q2n+1 q2n+1 i=1 1 + a2i+1

Exercise 6.14. Check Theorem 6.13 for the continued fraction convergents
in exercise 6.9.

Figure 22. Black: thread from origin with golden mean slope; red:
pulling the thread down from the origin; green: pulling the thread up
from the origin.
6.7. Exercises 115

Exercise 6.15. (Adapted from [5]) Consider the line ` given by y = ωx

with ω ∈ (0, 1) an irrational number. Visualize a thread lying on the line `
fastened at infinity on one end and at the origin at the other. An infinitely
thin pin is placed at every lattice point in the positive quadrant. Since the
slope of the thread is irrational, the thread touches none of the pins (except
the one at the origin). Now remove the pin at the origin and pull the free
end of the thread downward towards e0 (as defined in the text). The thread
will touch the pin at e0 and certain other pins with slopes less than ω.
Mark the nth of those pins as v2n for n ∈ N. We will denote the points of
the positive quadrant lying on or below the thread by A. Repeat the same
pulling the thread up towards e1 . Mark the pins the thread touches, starting
with e−1 as f2n−1 for n ∈ N. Denote the points of the positive quadrant
lying or or above the thread by B. See Figure 22.
a) Show that A and B are convex sets.
b) Show that A and B contain all the lattice points of the positive quadrant.
c) Show that for all n ∈ N, fn = (qn , pn ) where (qn , pn ) are as defined in
the text.
d) Compute the slopes of the upper boundary of the region A. The same
for the lower boundary of the region B.

pn+1/q n+1 x pn /q n

Figure 23. The placement of x between its convergents pn /qn and pn+1 /qn+1 .

Exercise 6.16. Assume x is irrational.

a) Use Corollary 6.7(ii) and Corollary 6.10 to show that
pn 1
x− < .
qn qn qn+1
b) Use Lemma 6.12 to show that
pn+1 pn
x− < x− .
qn+1 qn
c) Use (a), (b), Figure 23 to show that
1 pn 1
< x− < .
2qn qn+1 qn qn qn+1

Exercise 6.17. Use exercise 6.16 to generate bounds for the errors com-
puted in exercise 6.9. Compare your answers.

Exercise 6.18. Use exercise 6.16 (a) to prove Theorem 1.14.

116 6. Continued Fractions

Exercise 6.19. a) Let x ∈ [0, 1) have periodic coefficients ai . Show that x

satisfies x = ax+b
cx+d where a, b, c, and d are integers. (Hint: see Section 6.3.)
b) Show that x in (a) is an algebraic number of degree 2 (See Definition
1.16).
c) Show that if x ∈ [0, 1) has eventually periodic coefficients ai , then x is
an algebraic number of degree 2.
This is one direction of the following Theorem.

Theorem 6.15. The continued fraction coefficients {ai } of a number x are

eventually periodic if and only if x is an algebraic number of degree 2.

It is not known whether the continued fraction coefficients of algebraic

numbers of degree 3 exhibit a recognizable pattern.
Exercise 6.20. A natural question that arises is whether you can formulate
continued fraction for polynomials [17]. We try this for the rational func-
3 2
tion f (x) = x7x−x+x2 +1 . Referring to exercise 3.22 and the definition of ai in
the remark after Definition 6.3, we see that
a1 = (x4 − x3 + x2 − x + 1)
a2 = (− 12 x − 21 )
a3 = (−4x + 4)
and a4 = (− 12 x − 21 )
a) Compute the continued fraction convergents qpnn for n ∈ {1, · · · 4} of f (x).
(Hint: perform the computations as given in Theorem 6.6.)
b) In (a), you obtained the polynomials of exercise 3.22 up to a factor -
1. Why? (Hint: The gcd we computed in that exercise is actually -1. As
stated in that exercise, we neglect constants when using the algorithm for
polynomials. At any rate, in the quotient, the constant cancels.)
c) Is there a theorem like the one in exercise 6.18? (Hint: Yes, follow the
hint in that exercise.)
d) Solve for y: y = [x]. (Hint: check exercise 6.7)
e) Any ideas for other non-rational functions? (Hint: check the web for
Padé approximants.)
6.7. Exercises 117

Exercise 6.21. What is the mistake in the following reasoning?

We prove that countable=uncountable. First we show that a countably in-
finite product of countably infinite sets is countable.
n = ∏ri=1 p`i i and there are infinitely many primes. Thus we can encode the
natural numbers as an infinite sequence (`1 , `2 , `3 , · · · ) of natural numbers.
That gives a bijection of infinite product of N’s to N. Therefore an infinite
product of N is countable.
On the other hand, an infinite number of natural numbers [q1 , q2 , · · · ] can
be used to give the real numbers in (0, 1) in terms of their continued frac-
tion expansion. This gives of bijection on to the interval. Therefore the
infinite product of N is uncountable.

Exercise 6.22. Consider Figure 24. The first plot contains the points
{(n, n)}50
n=1 in standard polar coordinates, the first coordinate denoting the
radius and the second, the angle with the positive x-axis in radians. The
next plots are the same, but now for n ranging from 1 to 180, 330, and
2000, respectively.
a) Determine the first 4 continued fraction convergents of 2π.
b) Use a) to explain why we appear to see 6, 19, 25, and 44 spiral arms.
c) Why does the curvature of the spiral arms appear to (a) alternate and (b)
decrease?
Exercise 6.23. The exercise depends on exercise 6.22. Suppose we restrict
the points plotted in that exercise to primes (in N) only. Consider the last
plot (with 44 spiral arms) of Figure 24.
a) Show that each spiral arm corresponds to a residue class i modulo 44.
b) Show that if gcd(i, 44) > 1, that arm contain no primes (except possibly
i itself), see the left plot of Figure 25.
c) Use Theorem 6.16 to show that the primes tend (as max p → ∞) to be
equally distributed over the co-prime arms.
d) Use Theorem 4.17 to determine the number of co-prime arms. Confirm
this in the left plot of Figure 25.
e) Explain the new phenomenon occurring in the right plot of Figure 25.
The following result will be proved in Chapter 13.
Theorem 6.16 (Prime Number Theorem for Arithmetic Progressions).
For given n, denote by r any of its reduced residues. Let π(x; n, r) stand for
the number of primes p less than or equal to x such that Resn (p) = r. Then
π(x; n, r) 1
lim = .
x→∞ π(x) ϕ(n)
118 6. Continued Fractions

Figure 24. Plots of the points (n, n) in polar coordinates, for n ranging
from 1 to 50, 180, 330, and 3000, respectively.

Exercise 6.24. a) Visualize the continued fraction expansion of another ir-

rational number ρ ∈ (0, 1) by plotting a polar plot of the numbers (n, 2ρπn)
for various ranges of n as in exercise 6.22.
b) Check Dirchlet’s theorem as in exercise 6.23
6.7. Exercises 119

Figure 25. Plots of the prime points (p, p) (p prime) in polar coordi-
nates with p ranging between 2 and 3000, and between 2 and 30000,
respectively.

Exercise 6.25. Set ω1 = e − 2 ≈ 0.71828.

a) Compute a1 through a4 numerically.
b) From (a), compute the convergents pi /qi for i ∈ {1, 2, 3}.
c) Show that 1/2 (which is not a convergent) is a closest approximant in
the following sense.
1 p
∀ q ≤ 2 : ω1 − ≤ ω1 − .
2 q
d) Show that 1/2 is not a closest return in the sense of Theorem 6.13.
Part 2

Currents in Number
Theory: Algebraic,
Probabilistic, and Analytic
Chapter 7

Fields, Rings, and Ideals

Overview. The characteristics of Z are so familiar to us, that it is hard to

break through that familiarity to understand what makes things like unique
factorization tick. Algebraic number theory and with it large swaths of
algebra were developed to deal with more general number systems in or-
der to overcome this problem. So in this chapter, we initially move away
from numbers a little to study concepts of abstract algebra. This disci-
pline of mathematics seems to start with a daunting barrage of definitions
or nomenclature1. Here, we look at some of these and relate them as much
as possible to their origins in number theory. An excellent introduction to
abstract algebra is [43], while [27] is a standard among the more advanced
texts.

7.1. Rings of Polynomials

Since one of our aims is to study factorization properties in certain sets of
algebraic integers — which are defined through polynomials — we need
to start by studying sets of polynomials. Broadly speaking, there are two
important cases. The coefficients of the polynomials belong either to a ring
such as Z or — an important special case — they belong to a field such as
Q. In what follows we denote a ring by R and a field by F.
1From Latin nomen or ‘name’ and calare or ‘to call’. So — taken quite literally — name-calling.

123
124 7. Fields, Rings, and Ideals

Definition 7.1. A ring R[x] of polynomials is the set of polynomials with co-
efficients in a (commutative) ring R without zero divisors2 (unless otherwise
mentioned).

Without the extra requirements, the resulting ring would have very
strange properties indeed. For example, if R consists of the integers modulo
6, then, indeed, very strange factorizations can happen:
(2x − 3)(3x + 2) =6 6x2 − 5x − 6 =6 x .
So, in particular, the degree of the product is not equal to the sum of the de-
grees of the factors. Dropping commutativity would lead to another strange
problem. Given f ∈ R[x], we may want to evaluate f at c ∈ R by substituting
the value c for x. Suppose for example that R is the non-commutative ring
of 2 by 2 matrices. Set for some a ∈ R,
f (x) = (x − a)(x + a) = x2 − a2 .
But if we substitute another 2 by 2 matrix c for x such that the matrices
a and c do not commute, then the above equality does not hold anymore.
However, if R satisfies the two requirements, one can prove that the result-
ing polynomial ring has no zero divisors, evaluations are safe, and that the
degree of a product is additive (see [27][sections 8.5 and 8.6] for details).
Definition 7.2. Recall (Definition 1.17) that f is minimal polynomial in
R[x] for ρ if f is a non-zero polynomial in R[x] of minimal degree such that
f (ρ) = 0. A polynomial f in R[x] of positive degree is irreducible over R
if it cannot be written as a product of two polynomials in R[x] with positive
degree. A polynomial f in R[x] is prime over R if if whenever f divides gh
(g and h in R[x]), it must divide g or h.
Definition 7.3. Let f and g in R[x]. The greatest common divisor of f and
g, or gcd( f , g), is a polynomial in R[x] with maximal degree that is a factor
of both f and g. The least common multiple of f and g, or lcm ( f , g), is a
polynomial in R[x] with minimal degree that has both f and g as factors.
Remark 7.4. If p is minimal for ρ, it must be irreducible, because if not,
one of its factors with smaller degree would also have ρ as a root.
2This means that if for a, b in R, we have that ab = 0, then a = 0 or b = 0, see Definition 8.4.
7.1. Rings of Polynomials 125

It turns out that in the special case where the coefficients of the poly-
nomials are taken from a field F, the result is a ring F[x] that is very rem-
iniscent of the trusty old ring Z. The underlying reason for this similarity
is that in F[x], the division algorithm works (see exercise 7.1): given r1 and
r2 , then there are q2 and r3 such that3
r1 = r2 q2 + r3 such that deg(r3 ) < deg(r1 ) .
Recall that the gcd of two polynomials in F[x] can be computed by factor-
ing both polynomials and multiplying together the common factors to the
lowest power as in the proof of Corollary 2.23. Since factoring polynomials
is hard, it is often easier to just use the Euclidean algorithm. An example is
given in exercise 3.22. The relation between lcm and gcd of two polynomi-
als is the same as in the proof of Corollary 2.23. The minimal polynomials
of F[x] are “like” the primes in Z. We will see later that this implies unique
factorization, and that primes and irreducibles are the same4. We give a few
properties that will be immediately useful5
Proposition 7.5. Given ρ ∈ C and p ∈ F[x] so that p(ρ) = 0.
i) p is minimal for ρ if and only if p is irreducible.
ii) If p is minimal, it has no repeated roots.

Proof. If p is minimal, see Remark 7.4. On the other hand, if f is irre-

ducible and p is minimal for ρ, then the division algorithm tells us that
there are polynomials q and r such that
f = pq + r ,
where r has degree strictly less than p. Since p(ρ) = f (ρ) = 0, we have
r(ρ) = 0. But since p is minimal, we must have r(x) = 0. Thus p | f . But
f is irreducible, so q must be a constant and f is also minimal. This proves
(i).
To prove (ii), suppose that p has a repeated root α. Since p ∈ F[x], we
have that also p0 (its derivative) in F[x]. But if
p(x) = (x − α)2 r(x) then p0 (x) = 2(x − α)r(x) + (x − α)2 r0 (x) .
3Since remark 3.17, we adopt the convention that the degree of a non-zero constant equals 0, while the
degree of 0 equals −∞.
4In fact, the fact that the division algorithm works, makes this ring a Euclidean domain (Definition
8.11).
5But in Corollary 8.13 we will get much more: irreducibles equal primes and unique factorization.
126 7. Fields, Rings, and Ideals

The latter is of lower degree and still has a root α. This contradicts the
minimality of p. 

An even simpler argument gives the following result.

Lemma 7.6. Given ρ ∈ C and p minimal for ρ in F[x]. If f ∈ F[x] has a
root ρ, then p | f .

Proof. We use again the division algorithm to establish that

f = pq + r ,
where r has degree less than p. Since f (ρ) = p(ρ) = 0, also r(ρ) must
be zero, contradicting the minimality of p unless r(x) = 0. The lemma
follows. 
Theorem 7.7. Given a(x) and b(x) in F[x], there are g and h in F[x] satis-
fying
a(x) g(x) + b(x) h(x) = c(x)
if and only if c is a multiple of gcd(a, b).

Proof. We paraphrase the proof of Lemma 2.5 with “degree” replacing “ab-
solute value”. Let S and ν(S) be the sets:

S = {a(x)g(x) + b(x)h(x) : a(x)g(x) + b(x)h(x) 6= 0}

ν(S) = {deg(s) : s ∈ S} ⊆ N ∪ {−∞, 0} .
Again ν(S) is non-empty, and so by well-ordering, it must have a smallest
element, say δ , the degree of a polynomial d(x). If δ = 0, then d(x) is
a constant γ ∈ F. After dividing by γ, we see that gcd(a, b) = 1 since no
common factor can have degree less than 0.
If δ > 0, we use the division algorithm exactly as in the proof of Lemma
2.5 and conclude that d(x) is a divisor (or factor) of both a(x) and b(x).
Suppose e is a factor of both a and b. Since d(x) = a(x)g(x)+b(x)h(x),
we see that e must also be a factor of d. And thus d is the greatest common
divisor.
The proof is finished by repeating the last paragraph of the proof of
Lemma 2.5 to show that a(x) g(x) + b(x) h(x) = c(x) has a solution if and
only if c is a multiple of d. 
7.1. Rings of Polynomials 127

Next, we present a result that holds for more general rings of the form
R[x] (though not for all). For simplicity, however, we give the result for Z[x].
It says that if we can factor a polynomial in Z[x] as a product of polynomials
with rational coefficients, then, in fact, those coefficients are integers.
Lemma 7.8 (Gauss’ Lemma). Let A` ∈ Z, and bi , c j ∈ Q. If
! !
m+n m n
∑ A` x` = ∑ bi xi ∑ c jx j ,
`=0 i=0 j=0

then bi , c j ∈ Z.

Proof. Let A := gcd({A` }) and set a` = A` /A. In addition, we fix integers B

and C such that Bbi and Cc j are integers and gcd({Bbi }) = gcd({Cc j }) = 1.
We then get
! !
m+n m n
∑ ABCa` x` = ∑ Bbi xi ∑ Cc j x j .
`=0 i=0 j=0

We now show that ABC = 1 and so all three are ±1. Given any prime p in
Z, let r be the minimum of the index i such that p - Bbi , and the minimum
of the index j such that p - Cc j . From the way the coefficient ABCar+s is
computed, see Figure 26, it immediately follows that p - ABCar+s . Since
we can do this for any prime p, the result follows. 

n
j

s
s−1

1 i
0
0 1 2 r−1 r r+s m

Figure 26. ABCar+s is the sum of the BbiCc j along the green line in
the i − j diagram. The red lines indicate where p - Bbi and p - Cc j . So
all contributions except BbrCcs are divisible by p. Thus p - ABCar+s .

We end this section with a note on some notation that can be confusing.
We can “adjoin” x to a ring R in two ways. If we use square brackets [·], we
take R[x] to be the minimal (smallest) ring that contains both R and x. On
128 7. Fields, Rings, and Ideals

the other hand, parentheses (·) are used to indicate the minimal (smallest)
field that contains both R and x. On the other hand, A little reflection leads
to the following definition.

R[x] := { f (x) : f is a polynomial over R} ,


f (x)
 (7.1)
R(x) := : f , g are polynomials over R .
g(x)
Here, x can be a place holder or an actual number. In the former case, R(x)
denotes the rational functions in x, and R[x] are the polynomials.
The ring of power series (not just polynomials of finite degree) is in-
dicated by R[[x]] . For a field F, the field of quotients or fractions F[[x]] is
written as F((x)). This field consists of the quotients of power series. Con-
sider f (x) = ∑∞ i ∞ i
i=0 ai x and g(x) = ∑i=0 bi x . Then if b0 6= 0, the quotient
f /g can be formally reduced to a power series:
 
f (x) 2 a0 a1 a0 b1
:= c0 + c1 x + c2 x + · · · = + − 2 x+··· . (7.2)
g(x) b0 b0 b0
If b0 = 0 and b1 6= 0, then employing the same method (exercise 7.2) we get
   
f (x) 1 a0 a1 a0 b2
= + − 2 x+··· . (7.3)
g(x) x b1 b1 b1
Continuing this way, we see that the F((x)) is the set of formal Laurent
series (which is how it is usually defined):
( )
∞
F((x)) = ∑ ci xi : n ∈ Z and ci ∈ F .
i=n

For a ring R, the notation R((x)) is best avoided because it is ambiguous:

in this case the field of quotients is not the same as the set of Laurent series
over R.

7.2. Ideals
Definition 7.9. A non-empty subset I of a ring R is called an ideal6 if
i) For all i and j in I, i ± j is in I (closed under addition and negatives).
ii) For all x in R and i in I, xi and7 ix are in I (it “absorbs” products).

6Usually “fraktur” letters (a, b, c ...) are used for ideals. On a blackboard or whiteboard, these are
hard to distinguish from normal letters. So instead we will use capital letters to indicate ideals.
7One of the two is sufficient if R is commutative.
7.2. Ideals 129

The smallest ideal containing the elements i and j will be indicated8 by

hi, ji.
A principal ideal is an ideal that is generated by a single element, that is:
it is of the form Ri. An ideal I is a maximal ideal if there is no other ideal L
so that I ( L ( R.
To guide our considerations, we look at Z first. In Z it is clear that
for any j ∈ Z, the corresponding ideal h ji is given by the set jZ of integer
multiples of j. The relation 3 | 15 can now be replaced by h3i ⊇ h15i.
Addition of ideals is defined as in the following example
h6i + h15i := {n + m : n ∈ h6i, m ∈ h15i} = hgcd(6, 15)i .
Notice that the last equality is not trivial. It in fact encodes Bézout’s lemma
(Lemma 2.5). In turn, this says that h6i + h15i is the smallest ideal contain-
ing both h6i and h15i. We also say that h6i + h15i is the ideal generated by
6 and 15. This is more conveniently written as h6, 15i. More generally, for
ideals A and B, we have that
A + B := {a + b : a ∈ A, b ∈ B} . (7.4)

This example also illustrates the fact that h6i + h15i is a principal ideal.
In fact, in Z, it is easy to see that every ideal I is principal. One can use
Bźout to show that I is generated by its least positive element. Another
non-trivial example of a principal ideal is the set of polynomials q satisfying
q(ρ) = 0 in the ring of polynomials over a field F. Indeed, we need to
refer to Lemma 7.6 to establish that this is the case (work out the details in
exercise 7.8).
Next, we look at multiplication of ideals . If ideals are to behave like
numbers, then the product of two ideals should also be an ideal. At first
glance, one would think the collection of products of one element in h6i and
one in h15i would do the trick. This is indeed the case in Z (exercise 7.4).
However, in general this construct is not closed under addition (exercise
7.5). Thus we define AB as the smallest ideal containing the products of
one element in A and one in B, or
( )
k
AB := ∑ ai bi : ai ∈ A, bi ∈ B, k ∈ N . (7.5)
i=1

8In most texts parentheses (·) are used. We want to avoid ambiguity with the notation for an n tuple
(i, j, · · · ).
130 7. Fields, Rings, and Ideals

The relation between ring and ideal is very similar to one between
group and normal subgroup (Definition 7.28). In fact, since a ring R is an
Abelian group with respect to addition, any ideal in R is a normal subgroup.
There is one interesting difference: a normal subgroup is also a group. In
contrast an ideal (like the even numbers) may not have a multiplicative iden-
tity and so it is not a ring (see Remark 5.24). The remainder of this section
spells out the relation between rings and their ideals.
Definition 7.10. Given two rings I and J, a ring homomorphism is a map
f : I → J that preserves addition and multiplication and their respective
identities 0 and 1. The kernel of a ring homomorphism is the pre-image of
the additive identity 0. A ring isomorphism is a ring homomorphism that is
a bijection. The word “‘ring” is often omitted.
Proposition 7.11. i) The quotient R/K of a ring R by an ideal K is a ring.
ii) The kernel K of a ring homomorphism f : R → H is an ideal.

Proof. K is an ideal and thus a normal subgroup of the Abelian additive

group R. Thus R/K is a group under addition (exercise 7.6). We have to
show that multiplication is well-defined and is associative, distributive, and
has an identity (Definition 5.20).
Multiplication in R/K is well-defined if for all a, a0 , b, and b0 in R such
that a − a0 and b − b0 are in K, we have
(a + K)(b + K) − (a0 + K)(b0 + K) ⊆ K .
The left hand side can be expanded as

ab − a0 b0 + (a − a0 )K + K(b − b0 ) + K · K =
(a − a0 )b + a0 (b − b0 ) + (a − a0 )K + K(b − b0 ) + K · K .
The absorption property of the product does the rest.
Associativity and distributivity now follow easily. For example, since
[ab]c = a[bc] in R and multiplication is well-defined, we must have
[(a + K)(b + K)] (c + K) = (a + K) [(b + K)(c + K)] .
Similarly for distributivity. Again, by absorption, (a + K)(1 + K) ⊆ (a + K)
and so 1 + K is the multiplicative identity. This proves (i).
7.2. Ideals 131

The proof of (ii) is rather trivial. Just use Definitions 7.9 and 7.10.
Choose x and y in the kernel of f and conclude that f (x ± y) = 0 and that
for any r ∈ G, f (rx) also equals 0. 
Theorem 7.12 (Fundamental Homomorphism Theorem). If f : R → H is
a surjective ring homomorphism with kernel K, then H is (ring) isomorphic
to R/K.

Proof. Define the map ϕ : R/K → H by

ϕ(K + x) := f (x) .
We need to prove that (a) ϕ is a bijection, that (b) it preserves addition and
that (c) it preserves multiplication.
To prove (a), note that ϕ is onto because f is. So next suppose that
ϕ(K +x) = ϕ(K +y). Because f preserves addition, we get f (x−y) = 0 and
therefore x − y ∈ K. Injectivity follows: because K + x = (K + (x − y)) + y
and K + K = K, we get K + x = K + y.
The proofs of (b) and (c) are almost identical. We prove only (c).
ϕ(K + x)ϕ(K + y) = f (x) f (y) = f (xy) = ϕ(K + xy) .
But by the absorbing property of ideals, (K + x)(K + y) = K + xy. 

The idea that quotients of certain structures are isomorphic to structures

they map onto, is important not only in algebra (groups, modules) but also
in topology and analysis (quotient spaces). For instance, R/Z with the right
topology is homeomorphic to the standard (unit) circle. See Figure 27

Figure 27. Intuitively we wrap R around a circle of length 1, so that

points that differ by an integer land on the same point.

Theorem 7.12 has the surprising consequence, for example, that there
are no non-trivial (ring) homomorphisms C → R (see exercise 7.7).
132 7. Fields, Rings, and Ideals

Corollary 7.13. A ring homomorphism f : F → R where F is a field is

either trivial (zero) or injective.

Proof. If f is not injective, it has a non-trivial kernel, which by Theorem

7.12, is an ideal I in the field F. So I contains a a non-zero element i. Now
pick any x ∈ F. Then by Definition 7.9 (ii), xi−1 · i = x is in I. Thus I = F,
and hence f (F) = 0. 

In many common cases, the conclusion if the fundamental homomor-

phism theorem is intuitively obvious. For example, we did not need it to
prove that Z/5Z is isomorphic to Z5 . However, in Theorem 7.15 below the
conclusion is not self-evident and we make essential use of it.

7.3. Fields and Extensions

As a first example, let us consider the field Q and adjoin the number π (or
any other transcendental number). We denote the smallest field containing
both by Q(π). The pair of fields (Q(π), Q) in this example is called a field
extension. Q(π) is the extension field of Q. By equation (7.1), it consists
of all quotients of polynomials. Since π is transcendental, there exists no
polynomial p with rational coefficients so that p(π) = 0. Thus none of
these expressions simplify. Therefore this set is isomorphic to Q(x). An
extension of this nature is also called a transcendental extension .
In order to get something both new and manageable, we should adjoin
a number α to the field Q that requires us to take only finitely many powers
of α into account. This is done by taking α to be an algebraic number. Such
as extension is called finite or algebraic .
√
√A simple example tells the whole story. Let us take α = 2 and study
2+i i
√ α = 2α , so any polynomial over Q in α can be rewrit-
Q( 2). Clearly,
ten as a + b 2 with a and b in Q. Any quotient of polynomials in α can
therefore be written as
√ √ √ √
a + b 2 (a + b 2)(c − d 2) ac − 2bd (bc − ad) 2
√ = √ √ = 2 + .
c + d 2 (c − d 2)(c − d 2) c − 2d 2 c2 − 2d 2
Since 2 is square
√ free, the denominator is √ not zero and hence every element
in the field Q( 2) can be written as e + f 2 with e and f in Q. This holds
is general as the next result shows.
7.3. Fields and Extensions 133

Proposition 7.14. Let F(ρ) a finite extension of a field F. Suppose p is a

minimal polynomial for ρ and has degree d. Then, as sets,
( )
d−1
F(ρ) = ∑ ai ρ i : ai ∈ F .
i=0

Proof. Clearly, {1, ρ, · · · , ρ d−1 } are independent over F (otherwise the min-
imal polynomial would have degree less than d) and since a field is closed
under addition, subtraction, and multiplication, and so F(ρ) must contain
all expressions ∑d−1
i=0 ai ρ .
i

We only need to check that F(ρ) is closed under (multiplicative) inver-

sion. So choose bi ∈ F such that f (x) := ∑d−1 i
i=0 bi x is not 0. The minimal
polynomial p for ρ is irreducible (Proposition 7.5); it can have only trivial
factors in common with f . Thus by Theorem 7.7, there are polynomials s
and t such that
f (x)s(x) + p(x)t(x) = 1 .
Using the minimal polynomial, s can be reduced to have degree less than d.
Substitute ρ for x in this equation to obtain (since p(ρ) = 0 and f (ρ) 6= 0)
s(ρ) = 1/ f (ρ) .
Thus F(ρ) is indeed closed under (multiplicative) inversion. 

All we are doing in this last proof, really, is taking an arbitrary quo-
tient f /g of polynomials f and g in ρ and reducing it using the minimal
polynomial. That insight leads to a sharper result.
Theorem 7.15. Let F(ρ) a finite extension of a field F. Suppose p is a
minimal polynomial for ρ. Then F(ρ) is ring isomorphic to F[x]/hp(x)i.

Proof. Define a map σρ : F[x] → F(ρ) as follows. Given a polynomial f ,

σρ ( f ) = f (ρ) .
Clearly, σρ is a ring homomorphism, because
σρ ( f · g) = σρ ( f )σρ (g) and σρ ( f + g) = σρ ( f ) + σρ (g) .
Since
d−1 d−1
σρ ( ∑ ai xi ) = ∑ ai ρ i ,
i=0 i=0
134 7. Fields, Rings, and Ideals

Proposition 7.14 shows that σρ is onto. By Proposition 7.11, the kernel of

σρ is an ideal, and by Lemma 7.6 it is the ideal hp(x)i generated by p(x).
Thus by the fundamental homomorphism theorem, F(ρ) is isomorphic to
F[x]/hp(x)i. 
Remark 7.16. The map σρ is called an evaluation map .

This is all very well, but what if we adjoin another algebraic element, β ,
to Q(α)? What does Q(α, β ) look like? Are the results we just proved still
useful? The answer, miraculously, is yes. And the reason is the primitive
element theorem below (Theorem 7.18).
√
Let us look√ at an example again. Adjoin β = 3 to the previous exam-
ple Q(α) = Q( 2), and consider Q(α, β ). Since √ the
√ squares of α and β
are integers, it is clear that every element of Q( 2, 3) can be written as
√ √ √
a + b 2 + c 3 + d 6 where a, b, c, d ∈ Q .
√ √ √
What is not immediately obvious is that 1, 2, 3, and 6 are linearly
independent over the rationals, but let us assume that for now (see exercises
7.17 to 7.20).
Remark 7.17. We obtain a 4 dimensional vector space over Q with a basis
√ √ √
formed by the vectors {1, 2, 3, 6}.

Now we make the “inspired9” guess that√in this √ example Q(α + β ) is iden-
tical to Q(α, β )! To verify that, set γ = 2 + 3. Clearly, γ ∈ Q(α, β ) and
so
Q(γ) ⊆ Q(α, β ) .
A simple computation indeed yields
√ √ √ √
γ 2 = 5 + 2 6 , γ 3 = 11 2 + 9 3 , γ 4 = 49 + 20 6 . (7.6)
3
√ 3
√ 2
√ so γ −9γ generates 2, γ −11γ generates 3, while γ −5 generates
And
6. Thus
Q(α, β ) ⊆ Q(γ) .
We have established that Q(γ) = Q(α, β ). That we can do this in general,
is the content of the primitive element theorem.
9“Inspired” is pretentious way of saying that I do not want to say where I got this (but see the proof of
Theorem 7.18).
7.3. Fields and Extensions 135

Theorem 7.18 (Primitive Element Theorem). Let F be an infinite field

and K := F(α, β , γ, · · · , δ ) a finite (algebraic) extension. Then there is θ in
K, called a primitive element , such that F(θ ) = K.

Proof. If we can find a single generator ϕ for α and β , we can then repeat
the argument to find a generator θ for ϕ and γ, and so forth. Thus it is
sufficient to prove this result for F(α, β ).
Let p and q be minimal polynomials in F[x] for α and β , respectively.
The roots of p are {αi }m n
i=1 with α1 ≡ α and those of q are {βi }i=1 with
β1 ≡ β . Now define for c 6= 0 in F
r(x) := p(α + cβ − cx) .
This polynomial has several intriguing properties. First, it is a member of
the field F(α + cβ )[x], for it has coefficients in F(α + cβ ). Furthermore,
its roots are given by
α1 − αi
α1 + cβ − cx = αi ⇐⇒ xi = + β1 .
c
For i = 1, we of course get β = β1 as a root. But now, since F is infinite,
we fix a value of c∗ of c such that none of the other roots equals βi for i > 1.
Since both q ∈ F[x] ⊆ F(α + c∗ β )[x] and r ∈ F(α + c∗ β )[x] and both
have β as a root, Lemma 7.6 implies that the minimal polynomial d for β in
F(α + c∗ β )[x] must be a divisor of both q and r. But these two share only
one root, and therefore d ∈ F(α + c∗ β )[x] has degree one:
s(x) = a1 x + a0 = a1 (x − β ) .
Clearly, the ai are in F(α + c∗ β ), but then so does β = a0 /a1 , and the same
holds for α = (α + c∗ β ) − c∗ β . Thus α + c∗ β generates F(α, β ). 

Thus a primitive element generates the whole field extension through ad-
dition and multiplication (and their inverses). In contrast, a primitive root
(Definition 5.5) is an element of F p (the elements of Z p with addition and
multiplication as operations) whose powers generate F p .
As mentioned in our last example, Q(γ) is in fact a vector space over
Q. From (7.6), it is clear that γ 4 − 10γ 2 + 1 = 0. Therefore Q(γ) has four
basis vectors, like Q(α, β ), namely {1, γ, γ 2 , γ 3 } span the space Q(γ). The
scalars are elements of Q. As such, it is somewhat confusingly denoted by
Q(γ)/Q in the literature, though this is not to be interpreted as a quotient.
136 7. Fields, Rings, and Ideals

The dimension of the vector space is denoted by [Q(γ) : Q] and is also

commonly called the degree of the extension. Notice that
[Q(α, β ) : Q] = [Q(α, β ) : Q(α)] · [Q(α) : Q] .
This holds much more generally (see [54] or [28]).

7.4. The Algebraic Integers

We look at the ring of all algebraic integers and show that it unsuitable for
the study factorization into primes or irreducibles for it has neither primes
nor irreducibles.
Theorem 7.19. The set A of algebraic integers forms a ring with no zero
divisors.

We can take advantage of the fact that algebraic integers are complex
numbers, which in turn form a commutative field (and thus a ring) without
zero divisors. Many of the properties mentioned in Definition 5.20 as well
as the absence of zero divisors are thus automatically satisfied. To make a
long story short, we only need to prove that A is closed under additive in-
version, under addition, and under multiplication. The first is easy. Suppose
that θ ∈ A is a root of xd +ad−1 xd−1 +· · ·+a0 , where the ai are in Z. Then,
of course, −θ is a root of the same polynomial with the odd ai replaced by
−ai . The remaining two criteria have a very interesting constructive proof.
To understand it, we need to define the Kronecker product.
Definition 7.20. Given two matrices A and B, their Kronecker product A ⊗
B is given by
 
A11 B A 12 B A 13 B · · ·
 
A ⊗ B := A21 B A22 B · · ·

.
· · ·
 . . 
.. ..

Lemma 7.21. Suppose that A and B be square matrices of dimension a and

b, respectively and denote by Ia and Ib the identity matrices of the appropri-
ate dimension. If A has eigenpair10 (α, x) and B, (β , y). Then

10This means that Ax = αx.

7.4. The Algebraic Integers 137

i) A ⊗ B has eigenpair (αβ , x ⊗ y), and

ii) A ⊗ Ib + Ia ⊗ B has eigenpair (α + β , x ⊗ y) .

Proof. We have that

    
A11 B A12 B A13 B · · · x1 y A11 x1 By + A12 x2 By + · · ·
    
 x2 y = A21 x1 By + A22 x2 By + · · · ,
 A21 b A22 B · · · · · ·    

 . ..  .   .. 
.. . .. .
which equals Ax ⊗ By or αx ⊗ β y. Using Definition 7.20 again, it is easy to
check that this in turn equals αβ x ⊗ y. This proves item (i).
By (i), A ⊗ Ib has eigenpair (α, x ⊗ y), and Ia ⊗ B has eigenpair (β , x ⊗
y). Adding the two gives item (ii). 

As an example, consider the matrices

   
0 2 0 3
A=  and B =  ,
1 0 1 0
√ √
with eigenvalues ± 3 and ± 2. We obtain:
   
 0 0 0 6   0 3 2 0 
   
0 0 2 0 1 0 0 2
A⊗B =  and A ⊗ Ib + Ia ⊗ B =  ,
   

0 3 0 0 1 0 0 3
   
   
1 0 0 0 0 1 1 0
√ √ √
with eigenvalues ± 6 (of multiplicity 2) and ± 3 ± 2, respectively. The
characteristic polynomials are (x2 −6)2 and x4 −10x2 +1, respectively. The
polynomial was obtained earlier from equation (7.6).

Proof of Theorem 7.19. We only need to prove that A is closed under ad-
dition and under multiplication. So let α and β be in A . Then α is a root
of a monic polynomial pA (x) of degree a and the same for β and pB (x) of
degree b. Suppose pA (x) = ∑a−1 i
i=0 ai x . The so-called companion matrix ,
138 7. Fields, Rings, and Ideals

that is the a × a matrix whose characteristic polynomial equals pA is

 
0 0 0 ··· −a0
 
 
1 0 0 · · · −a1 
 
 
A= 0 1 0 · · · ,
−a2 
 .. .. 
. .
 
 
 
0 · · · 0 1 −aa−1
and similarly a matrix B can be defined for pB . Now form the matrices
mentioned in Lemma 7.21 (i) and (ii). Then αβ and α + β are roots of
these polynomials or of factors of these polynomials. Since a factor (over
Z) of a monic polynomial is monic, we see that both αβ and α + β are
algebraic integers. 

While, like Z, the algebraic integers A form a ring, that ring does not
“look” like Z at all! We will take this up later when we prove that A
is dense in the complex numbers and has no irreducibles and no primes
(Theorem 8.6). So to study factorization, we must look at more restricted
collections of algebraic integers.
Examples of more restricted rings of integers are Z(γ), the ring con-
sisting of numbers of the form ∑d−1 i
i=0 ci γ with ci ∈ Z, where γ is algebraic
of degree d. To see that Z(γ) is a ring is trivial, since we do not have to
worry about multiplicative inverses, which was the only complication in
Proposition 7.14.
We end this section with a slightly confusing definition and a warning
in the form of a Lemma.
Definition 7.22. Consider the field Q(γ). The integers of Q(γ) are those
elements in Q(γ) that are algebraic integers.

This is not necessarily the same as the set Z(γ)! As an example we will
prove the lemma below in exercise 7.25.
√
Lemma 7.23. Let j be square free. The integers of Q( j) are precisely the
√ √
elements of the ring Z( 21 (1 + j)) if j =4 1, and Z( j) else.
7.5. Rings of Quadratic Numbers and Modules 139

7.5. Rings of Quadratic Numbers and Modules

Let j be a non-zero square free integer j ∈ Z (see exercise 2.16) not equal to
√
0 or 1. Then j is a algebraic integer of degree 2. If j is negative, we can
√ √
think of Z[ j] and Q[ j] as subsets of the complex plane. If j is positive,
√ √
then they are subset of the real line. In both cases Z[ j] and Q[ j] are
√
countable (see Theorem 1.25). All elements of Z[ j] are algebraic integers
of degree 2, because they are roots of
(x − a − b j)(x − a + b j) = x2 − 2ax + a2 − b2 j = 0 ,
p p
(7.7)
and that degree 2 polynomial cannot be factored over the integers.
√
We can look at Z[ j] as having two basis vectors
   
1 0 p
  = 1 and  = j.
0 1
√ √
The elements of Z[ j] are precisely the linear combinations a · 1 + b · j.
Just like a the vector space of remark 7.17! The only difference is that the
“scalars” now belong to a ring and not a field. The resulting construction is
called a module.
Definition 7.24. A module M (or left module ) is a set with the same struc-
ture as a finite-dimensional vector space, except that its scalars form a com-
mutative ring R (and not a field as in a vector space). Scalars multiply the
elements of M from the left. (If in a non-Abelian ring, scalars multiply from
the right, the result is called a right module.)
√ √ √
Next, we interpret multiplication by α = a + b j in Z[ j] when j
is an algebraic integer of degree 2. Clearly, it is linear, because
p p
α(c + d j) = cα1 + dα j .
 
1 √
Therefore, α can be seen as a matrix. Identify 1 with   and j with
0
 
0 √ √ √ √
 . Then the equations (a + b j)1 = a + b j and (a + b j) j = b j +
1
140 7. Fields, Rings, and Ideals
√
a j can be rewritten as
       
1 a 0 bj
A  =   and A  =   .
0 b 1 a
Thus we can use elementary linear algebra to see that
 
a bj
A= . (7.8)
b a
What is interesting here, is that the determinant of A
det A = a2 − b2 j (7.9)
is clearly an integer and cannot be zero, because if jb2 − a2 = 0, because j
is square free. The beauty of this is that this allows us to study factorization
√
in complicated rings like Z[ j] using the tools of a simpler ring, namely
√
Z. All we have to do is to phrase factorization in Z[ j] in terms of the
determinant of A. In number theory, this is known as the norm of α.
Definition 7.25. The field norm, or simply norm11, of an element α of
√ √
Z[ j] or Q[ j] is the determinant of the matrix that represents multiplica-
tion by α. It will be denoted by N(α). The trace of that matrix will be call
the trace of α and is denoted by T (α).

A fundamental result about determinants from linear algebra (det AB =

det A det B) gives a handy rule.
Corollary 7.26. The norm of a ring of quadratic integers is a completely
multiplicative function: N(αβ ) = N(α)N(β ). (See Definition 4.2.)
√ √
Remark 7.27. Suppose α = a + b j in Z[ j]. From equation (7.9), we
√
also get N(α) = αα where α = a − b j. α is called the conjugate of α.
Note that if j is negative, the conjugate α corresponds to the usual complex
conjugate of α and so the norm N(α) corresponds to the usual absolute
value squared |α|2 .

All this can be seamlessly generalized to Z[β ] where β is some alge-

braic number of degree d > 2. We then get a d-dimensional module.
11This is another case of assigning a name that gives rise to confusion: the “norm” as defined here can
be negative! Nonetheless, this seems to be the most common name for this notion, and so we’ll adhere to it.
7.6. Exercises 141

7.6. Exercises
Exercise 7.1. The reader might want to review exercises 3.22 to 3.25 first.
Let f and g in F[x]. We will show that there are polynomials q and r in
F[x] such that
f = gq + r and deg(r) < deg(g) . (7.10)
a) Show that this holds if deg(g) > deg( f ).
b) Now let n = deg( f ) ≥ deg(g) = m and f (x) = ∑ni=0 ai xi and g(x) =
∑m i
i=0 bi x . Define
an n−m
f j (x) = f (x) − x g(x) ,
bm
where f j has degree j. Show that j ≤ n − 1. (Hint: by assumption, an and
bm are not zero.)
c) Show that the computation in (b) can be repeated with f replaced by f j
as long as j ≥ m. (Hint: we are just formalizing long division here.)
d) Show that r(x) = fi (x), where fi is the first of the f j to have degree less
than m.
e) Show that the leading term of q(x) in (7.10) is bamn xn−m .

Exercise 7.2. We perform long division to divide f (x) = a0 + a1 x + a2 x2 +

· · · by g(x) = b0 + b1 x + b2 x2 + · · · . In contrast to exercise 7.1, now con-
sider the constant term as the leading term, the next leading term is the one
linear in x, and so on.
a) Assume b0 6= 0, then f − ba00 g cancels the constant term. So the first term
of the quotient equals ab00 . Find the next two terms. (Hint: see equation
7.2.)
b) Assume b0 = 0 and b1 6= 0. Divide f by xg(x) = b1 + b2 x + · · · using
the method in (a). Find the first three terms of the quotient. (Hint: see
equation 7.3.)

Exercise 7.3. We prove that Z(i) = Q[i].

a) Show that Z[i] is the set {a + bi : a, b ∈ Z}. (Hint: i2 ∈ Z.)
b) Show that Z(i) equals {(a + bi)/(c + di) : a, b, c, d ∈ Z}.
c) From (b), rewrite Z(i) as {r + si : r, s ∈ Q}.
d) Show that R[i] = C.

Exercise 7.4. a) Given two ideals hai and hbi in Z. Show that
( )
k
hai · hbi = ∑ ni mi ab : ni , mi ∈ Z, k ∈ N .
i=1
b) Use (a) to prove that in Z
hai · hbi = habi .
142 7. Fields, Rings, and Ideals

Exercise 7.5. Consider the ideals I = h2, xi and J = h3, xi in Z[x].

a) Show that
I = g1 (x)2 + g2 (x)x and J = h1 (x)3 + h2 (x)x ,
where gi and hi are arbitrary elements of Z[x].
b) Show that 3x and −2x can be written as (g1 (x)2 + g2 (x)x)(h1 (x)3 +
h2 (x)x).
c) Use (b) to show that x must be in the ideal IJ.
d) Show that x cannot be written as (g1 (x)2 + g2 (x)x)(h1 (x)3 + h2 (x)x).
e) Use (d) to show that IJ is not equal to the “naive” definition of the
product of ideals, {ab : a ∈ I, b ∈ J}.

Definition 7.28. Let G be a group and N a group contained in G. Then N is

a normal subgroup of G if for every n ∈ N and every x ∈ G, also x−1 nx ∈ N.
In other words, if n ∈ N, then every conjugate x−1 nx of an element n is also
in N.
Exercise 7.6. a) Show that for a non-abelian additive group G with a sub-
group I, we have
(a + I) + (b + I) = (a + b − b + I) + (b + I) = (a + b) + (−b + I + b) + I .
b) Show that (a) implies that addition of cosets is well-defined if I is nor-
mal.
c) Let I be a normal subgroup of a group R, then R/I is a group. Where in
the proof do you need normality. (Hint: check the items in Definition 5.20
(1).)
d) Let h : R → H be a homomorphism of groups. Show that ker h is a nor-
mal subgroup. (Hint: write h(x−1 nx) = h(x−1 )h(n)h(x). What is h(n)?)

Exercise 7.7. Show that there is no non-trivial (ring) homomorphism C →

R. (Hint: use Corollary 7.13 to show that the kernel of f is {0}. Use
i2 = −1 to see f (i) is undefined.)

Exercise 7.8. Let ρ be an algebraic number with minimal polynomial p.

a) Show that the set of polynomials q in Q[x] such that q(ρ) = 0 form an
ideal. (Hint: use only Definition 7.9.)
b) Show that this is a principal ideal. (Hint: Lemma 7.6.)

Exercise 7.9. a) Solve the polynomial γ 4 − 10γ 2 + 1 = 0 using the standard

quadratic formula and then taking a square root again. Show that
√
q
γ = ± 5±2 6.
√ √
b) Show that the root with the two ‘+’ signs equals 2 + 3 .
7.6. Exercises 143
√
Exercise 7.10. a) Show that − 12 + 2i 3 is an algebraic integer. (Hint:
√ √
compute (x + 12 − 2i 3)(x + 12 + 2i 3).)
√
b) Use a computation similar to (a) to show that − 12 + 12 3 satisfies x2 +
x − 12 = 0.
√
c) Show that (b) implies that − 21 + 12 3 is not a algebraic integer. (Hint:
what if that number also satisfied x2 + bx + c = 0 with b and c in Z?)

Exercise 7.11. Consider primes p and q (in Z). Use Lemma 7.21 to find
√ √ √ √
minimal polynomials for p q and p + q.

Exercise 7.12. Let ρ be algebraic integer with minimal polynomial p(x) =

xd + ∑d−1 i
i=0 ci x (ci ∈ Z).
a) Use Lemma 7.21 to show that for all a and b in Z, a + bρ is also an
algebraic integer of degree at most d. (Hint: Let C be the companion
matrix for the minimal polynomial for ρ; the lemma leads to considering
the characteristic polynomial of aI + bC.)
b) Show that q(a + bρ) = 0 if q is the polynomial given by
d−1
q(x) = (x − a)d + ∑ ci bd−i (x − a)i .
i=0
c) Show that if b 6= 0, then if q(x) can be factored over the integers by
f (x)g(x), then p(x) can be factored by b−d f (bx + a)g(bx + a).
d) Conclude that q is the minimal polynomial for a + bρ (b 6= 0).
Theorem 7.19 and the next two exercises imply the following. Theorem 8.6
provides more information.
Proposition 7.29. The set A forms a integral domain but not a field and
A is dense in C.
Exercise 7.13. a) Show that the algebraic numbers are closed under mul-
tiplicative inversion. (Hint: let d be the degree of the polynomial p and
consider the polynomial q(x) := xd p(x−1 ).)
b) Show that if the degree d polynomial p ∈ Z[x] is irreducible, then
so is q(x) := xd p(x−1 ). (Hint: q(x) = f (x)g(x) implies p(x−1 ) =
f (x−1 )g(x−1 ).)
c) Use (b) to prove the following. An algebraic integer α is a unit (is in-
vertible) if and only if α has minimal polynomial p(x) = xd + ∑d−1i=0 ai x
i

with a0 = ±1. (Hint: in a minimal polynomial, a0 cannot be zero.)

d) Conclude that the algebraic integers do not form a field.
144 7. Fields, Rings, and Ideals

Exercise 7.14. a) For any real α > 1, and any n ∈ N, we can choose k =
bα n c. Show that
1 1
k n ≤ α < (k + 1) n .
b) Use (a) to show that
1 1
 1 
(k + 1) n − k n < α 2 n − 1 .
c) Show that the algebraic integers are dense in {x ∈ R : x ≥ 1}. (Hint:
k1/n is an algebraic integer.)
d) Extend the conclusion in (c) to all of R by using exercise 7.12 (a).
e) Use (d) and Lemma 7.21 to prove that A is dense in C.

Exercise 7.15. a) Use

√ the√
method
√ of Section 7.3 to find the minimal poly-
nomial in Z[x] for 2 + 3 + 5. (Hint: x8 − 40x6 + 352x4 − 960x2 +
576.)
In the following five exercises, we prove the remarkable proposition below.
Our approach is inspired by [13]; more general results can be found in [50].
Proposition 7.30. Let p1 , p2 , p3 , · · · , pn denote any succession of distinct
primes in N.
√ √ √ √
i) Let γn = ∑ni=1 pi . Then Q( p1 , p2 , · · · , pn ) = Q(γn )
√ √ √
ii) Denote Fn = Q( p1 , p2 , · · · , pn ). The degree [Fn : Fn−1 ] equals 2
and so [Fn : Q] = 2n
iii) Items (i) and (ii) hold for any collection of n distinct primes in Z.

The first part of this proposition actually says that γn is a primitive

element (See Theorem 7.18) for Fn . We say that the fields Fn form an infinite
tower of fields.
Definition 7.31. A tower of fields is a (finite or infinite) sequence of succes-
sive field extensions F1 ⊆ F2 ⊆ · · · ⊆ Fn ⊆ · · · .

We first need a lemma that is interesting in its own right. This lemma is
proved in the next exercise.
Lemma 7.32. Let {m1 , m2 , · · · , m` } be a collection of distinct square free
√
integers in Z. Then for ai ∈ Z, ∑`i=1 ai mi = 0 if and only if ai = 0 for all
i.
7.6. Exercises 145

Exercise 7.16. Given ` distinct square free integers in Z, {m1 , m2 , · · · , m` }.

Assume the lemma is false.
a) Show there is a minimal r > 1 such that upon re-ordering the mi , the first
r terms are linearly dependent over Z:
r √
∑ ai mi = 0 and ∀ i ai 6= 0 .
i=1
b) Show that r > 2. (Hint: this is trivial if one of the mi is negative and
√
one is positive; if they have the same sign, square the relation a1 m1 =
√
−a2 m2 .)
c) Define the polynomial of degree 2r
 √

Pr (x) := ∏ x + ε · a m (r) ,
ε∈Sr
and show that for r > 1
 √
√   √
√ 
Pr (x) = ∏ x + ε · a m (r−1) + ar mr · ∏ x + ε · a m (r−1) − ar mr
ε∈Sr−1 ε∈Sr−1
√ √
= Pr−1 (x + a mr ) · Pr−1 (x − ar mr ) .
d) Show that
√ √
Pr−1 (x ± ar mr ) = ± mr On−1 (x) + Er−1 (x) ,
where On−1 and En−1 are in Z[x].
e) Show that (a) implies that On−1 (0) = En−1 (0) = 0.
f) Show that (c), (d), and (e) imply that there is an ε ∈ Sr−1 so that
√
√
ε · a m (r−1) − ar mr = 0 .
h) Add the equalities in (a) and (f) to show that the first r − 1 terms are
linearly dependent.
i) Show that this proves Lemma 7.32.
The next two exercises prove part (i) of Proposition 7.30. Somewhat con-
fusingly, the reasoning is very similar to that of exercise 7.16.
146 7. Fields, Rings, and Ideals
√
Exercise 7.17. Set Sn = {−1, +1}n , n > 0. Abbreviate ε1 p1 + · · · +
√ √

εn pn by ε · p (n) .
a) Define the polynomial of degree 2n
 √ 
Pn (x) := ∏ x + (ε · p)(n) .
ε∈Sn
Show that for n > 1
 √ √  √ √ 
Pn (x) = ∏ x + (ε · p)(n−1) + pn x + (ε · p)(n−1) − pn
ε∈Sn−1
 
√ 2
= ∏ x + (ε · p)(n−1) − pn .
ε∈Sn−1
√
b) Use (a) to show that no coefficient in Pn contains an odd power of pn .
c) Use (a) and (b) to show that Pn ∈ Z[x]. (Hint: the order of the primes in
the set (p1 , · · · , pn ) is arbitrary.)
d) Use Lemma 7.6 to show that the minimal polynomial for γn over Z or Q
is a factor of Pn .

√
Exercise 7.18. a) Show that Pn−1 (γn − pn ) = 0. (Hint: show that
Pn (γn ) = 0 and use exercise 7.17 (a).)
b) Show that
√ √
Pn−1 (x − pn ) = En−1 (x) + pn On−1 (x) ,
where On−1 and En−1 are in Z[x]. (Hint: use exercise 7.17 (d).)
c) Show that On−1 (x) = −(n − 1)x plus higher order in x. (Hint: direct
calculation from its definition.)
d) Use (c) and Lemma 7.32 to show that On−1 (γn ) 6= 0. (Hint: how does
the fact that an (n−)-degree polynomial in γn equals zero contradict the
√
lemma.) e) Use (d) to show that Q(γn ) contains pn .
f) Use that fact that the order of the primes is arbitrary to show that Q(γn )
√
contains pi for any i ∈ {1, · · · , n}.
g) Prove Proposition 7.30 (i). That is: show that Q(γn ) = Fn or γn is a
primitive element for the field Fn . (Hint: it
is trivial that Q(γn ) ⊆ Fn .)
√
h) Show that (e) holds for any γn = ε · p (n) with ε ∈ Sn fixed.

Exercises 7.17 and 7.18 establish that γn is a primitive element for

√ √ √
Q( p1 , p2 , · · · , pn ) (where the pi are distinct primes). However, see
exercise 7.17 (d), we only know that the degree of the extension is at most
2n . We now prove that, in fact, equality holds.
Exercise 7.19. Show that Lemma 7.32 given below implies Proposi-
tion 7.30 (ii). (Hint: recall that 1 is a square free integer. So from
p1 , p2 , p3 , · · · , pn and their products we can form exactly 2n distinct square
free integers (the empty product corresponding to the integer 1).)
7.6. Exercises 147

We are now in a position to prove Proposition 7.30 (iii). This consists of

carefully checking those proofs and making sure that the extension to Z
does not cause any problems. The following exercise summarizes that.
Exercise 7.20. Repeat exercises 7.17 through 7.16, but now the pi are dis-
tinct primes in Z. Show that we obtain an infinite tower contained in C.

Exercise 7.21. Suppose ρ ∈ A is not a unit and has minimal (monic) poly-
nomial p in Z[x].
√
a) Show that q(x) = p(x2 ) has root ρ.
b) Show that any factor in Z[x] of q is monic.
√
c) Show that ρ is not a unit. (Hint: if it is, then its square must be too.)
d) Conclude that ρ is not irreducible.
√
Exercise 7.22. We apply the Euclidean algorithm in Z[ −1] to 17 + 15i
and 7 + 5i. Compare with the computations in Section 3.2 and exercise
3.22.
a) Check all computations in the following diagram.

| + | − | + | − |
| 2 + 2i | −2 − i | 3 | 0 |
0 | −1 + i | −4 | 7 + 5i | 17 + 15i |
| 1 | | | |
| | 2+i | 1 | |
| | | −6 − 3i | −2 − i |
b) Check all computations in the following diagram.

| + | − | + | − | + |
| 1 + 2i | 1−i | 1−i | 2 | 0 |
0 | 1+i | −1 + 3i | 3 + 5i | 7 + 5i | 17 + 15i |
| 1 | | | | |
| | −1 + i | 1 | | |
| | | −2i | −1 + i | |
| | | | −2 + 4i 1 − 2i | |
√
c) From the diagram in (a), compute values for x and y in Z[ −1] such
that
−1 + i = (7 + 5i)x + (17 + 15i)y .
(Hint: follow instructions in Section 3.2.) √
d) From the diagram in (b), compute values for x and y in Z[ −1] such
that
1 + i = (7 + 5i)x + (17 + 15i)y .
e) Compute gcd(17 + 15i, 7 + 5i) (up to invertible elements).
f) Compute lcm (17 + 15i, 7 + 5i) (up to invertible elements). (Hint: see
Corollary 2.16.)
148 7. Fields, Rings, and Ideals

Exercise 7.23. Find a greatest common divisor and a least common multi-
ple for each of the following pairs of Gaussian integers. (Hint: see exercise
7.22.)
a) 7 + 5i and 3 − 5i.
b) 8 + 38i and 9 + 59i.
c) −9 + 19i and 52 + 68i.

Exercise 7.24. a) Show that the arithmetic functions (Definition 4.1) with
the operations addition and Dirichlet convolution (Definition 4.19 form a
commutative ring. (Hint: see exercise 4.15).
b) Show that the same does not hold for the multiplicative (Definition 4.1)
arithmetic functions. (Hint: see exercise 4.16).
c) Show that the functions f : R → R together with the operations addition
and multiplication form a commutative ring.
d) Is the ring in (c) a domain?
e) Show that the square integrable functions f : [0, ∞) → [0, ∞) together
with the operations addition and convolution form almost a commutative
ring. (Hint: only the multiplicative identity is missing.)
f) Look up Titchmarsh’s convolution theorem and show that it implies that
the ring in (e) (with the “Dirac delta function” added) is a domain.
√
Exercise 7.25. a) Show that all elements of Q[ j], j ∈ Z, are algebraic
numbers. (Hint: see equation (7.7).) √ √
b) Now let j be square free and show that if a + b j is an integer of Q[ j],
then
2a ∈ Z and a2 − b2 j ∈ Z .
c) Show (b) implies that if a ∈ Z, then b ∈ Z. (Hint: set b = qp where
gcd(p, q) = 1.)
d) Show that (b) implies that if a ∈ Z + 12 , then 4b2 j ∈ 4Z + 1.
e) Show that in (d) we obtain that b ∈ Z + 21 and j =4 1. (Hint: set b = qp
where gcd(p, q) = 1 and conclude that q = 2. Then show that p2 j = 2n + 1
implies that j =4 1.) √
f) Use (c) and (e) to show that if j =4 1, the integers of Q[ j] are given by
   
n p o 1 1 p
I = a + b j : a, b ∈ Z ∪ a + + b + j : a, b ∈ Z .
2 2
g) Use (f) to prove Lemma 7.23.
Chapter 8

Factorization in Rings

Overview. We now get back to factorization. It is instructive to go back to

the discussion of the proof of unique factorization in Z (Section 2.3) at this
point. Our familiarity with Z may hide underlying structures from us. To
circumvent this familiarity, we study factorization in rings. Perhaps unex-
pectedly, at this level of generality, pretty much anything can happen, as we
show in the first section below. We then add various ingredients to rings in
an effort to end up with an abstract structure that guarantees unique factor-
ization. Unless mentioned otherwise, we restrict to commutative rings.

8.1. So, How Bad Does It Get?

Recall that even in Z, we have unique factorization up to factor -1 (see
remark 2.12). So the best we can reasonably hope for in a general ring
is to have unique factorization up to multiplication by units and up to re-
ordering. In this section, we dash those hopes. Let us start by revising our
basic notions to this more general context.
Definition 8.1. Given a ring R and an element r that is not zero or a unit.
Then r is reducible if it is a product of two non-units (or non-invertible
elements). If r is not equal to a product of two non-invertible elements it is
called irreducible (or not reducible). If whenever r | ab, then r | a or r | b
(or both), then it is called a prime.

149
150 8. Factorization in Rings

The important observation here is that the two characteristics of primes

in Z that mentioned in remark 2.13 have been separated, because they do
not coincide in general rings: irreducibles and primes become two different
things1.
Next we must realize that in general rings, we cannot necessarily order
divisors according to their absolute value as we do in Z (see Definition 1.2).
Instead, in the new definition we order divisors according to the partial order
given by the division relation.
Definition 8.2. Let R be a integral domain and α and β non-zero el-
ements. A greatest common divisor g = gcd(α, β ) is a common divisor
of both α and β such that for any common divisor γ we have γ | g. A
least common multiple ` = lcm (α, β ) is a common multiple of both α and
β such that for any common multiple γ we have ` | γ.

So given a general ring, pick an arbitrary element, what different iden-

tities can it have? Well, it can be irreducible, reducible, a unit, or 0. These
categories are mutually exclusive. In addition, every non-zero, non-unit el-
ement can also be prime or non-prime. But the primes and irreducibles are
not necessarily the same. The next result gives a sample of the truly bizarre
behaviors of factorizations in general (commutative) rings.
Proposition 8.3. i) In a ring that is also a field, there are no primes or
irreducibles.
ii) The set of algebraic integers A form a proper ring (i.e. not a field) that
has no irreducibles and no primes.
iii) In the ring Z6√, the element 2 is prime, but not irreducible.
iv) In the ring Z[ −5], the element 3 is irreducible, but not prime.
√ √
v) In Z[ −3], the gcd of 4 and 2 + 2 −3 does not exist.
vi) In Z6 [x], 2x(1 + 3h(x))n divides 4x2 for any polynomial h and any n ≥ 0.
Proof. (i) Recall that in a field, every non-zero element is a unit, and so
there are no primes or irreducibles.
(ii) Pick any non-zero, non-unit ρ ∈ A . According to exercise 7.13 (c),
ρ has minimal polynomial
d
p(x) = ∑ ai xi with ad = 1 and a0 6= −1, 0, +1 .
i=0

1And the meaning of “prime” has changed to confuse non-algebraists. But we’re not falling for it!
8.2. Integral Domains 151
√
Set a = b = ρ. Then a is a root of q(x) = p(x2 ) by exercise 7.13 (b).
Now q ∈ Z[x] is monic and any polynomial factor of q must also be monic.
Therefore is in A . Since ρ = ab, ρ is reducible. Clearly, we also have
ρ | ab. But if ρ divides a (or b), then a/ρ is in A . Since A is closed under
multiplication, its square, which equals ρ −1 would then also be in A . This
contradicts our initial choice of ρ. Hence ρ cannot divide a or b, and so ρ
is not prime.
(iii) Suppose 2 | ab in Z6 . Then in Z, 2 divides ab + 6m. But that means
that ab is even and thus a (or b) has a factor 2. But then in Z6 , 2 divides a
(or b). Therefore 2 is prime in Z6 . On the other hand, 2 · 4 =6 2. Since both
2 and 4 are non-invertible, 2 is reducible.

√(iv) Suppose the number 3 equals the product xy, where x and y in
Z[ −5]. Clearly, x and y cannot both be real, because 3 is prime and irre-
ducible √in Z. If both are non-real, then b 6= 0 and each has absolute value
at least 5, and |xy| ≥ 5, a contradiction. If one of them is non-real, then
so is their product, another contradiction. Therefore,
√ one of x or y must be
a unit. This proves that 3 is irreducible in Z[ −5]. But on the other hand,
√ √ √ √
(2 + i 5)(2 − i 5) = 9 =⇒ 3 | (2 + i 5)(2 − i 5) .
√ √
But since (2±i3 5) 6∈ Z[ −5], 3 does not divide either of these factors.
(v) Since √ √
4 = 2 · 2 = (1 + −3)(1 − −3) ,
√
both 2 and (1 + −3) are divisors of 4. They are also divisors of (2 +
√ √
2 −3). however, it is a simple check to see that 2 and (1 + −3) do not
divide each other. In other words, there is no mximal common divisor in
this case.
(vi) Using the binomial theorem, we see that modulo 6
n  
2 n i
n
2x · 2x · (1 + 3h(x)) =6 4x ∑ 3 h(x)i =6 4x2 ,
i=0 i

because 4 · 3i =6 0 for i > 0. 

8.2. Integral Domains

In order to “tame” factorizations, the first thing to do is to require the ab-
sence of zero divisors.
152 8. Factorization in Rings

Definition 8.4. An integral domain or domain is a commutative ring R with

no zero divisors (i.e. if a 6= 0 and b 6= 0, then ab 6= 0).

Thus, in an integral domain, if we have ab = 0, then we can conclude

that either a = 0 or b = 0 or both. This applies to the situation where we
have a(x − y) = 0. If a 6= 0, we must have x = y. This immediately implies
(see Theorem 2.7) the following.
Theorem 8.5 (Cancellation Theorem). In an integral domain, if a 6= 0,
then ax = ay if and only if x = y. (See also Theorem 2.7.)

Polynomials whose coefficients form an integral domain are themselves

an integral domain (see Section 3.7 and Definition 7.1). Other examples are
the fields F p of the integers modulo a prime p. In this context, Lagrange’s
theorem (Theorem8.32) is interesting: it says that an degree n polynomial
over a field has at most n roots. So,
x2 + 5x + 6 =11 0 =⇒ (x + 2)(x + 3) =11 0 .
And this implies that x =11 −2 =11 9 or x =11 −3 =11 8. If we work modulo
12, factoring does not solve the problem. For example, x2 + 5x + 6 modulo
12 has roots {1, 6, 9, 10}.
A (non-Abelian) ring that does have zero divisors are the 2 by 2 matri-
 
0 1
ces with coefficients in Z. In fact, if N =  , then N 2 = 0.
0 0
Note that C does not have zero divisors. Therefore, the same holds for
any subset of C, such as the set A of all algebraic integers. Propositions
7.29 and 8.3 (ii) imply the following remarkable facts.
Theorem 8.6. The set A forms a integral domain but not a field and
i) A is dense in C, ii) A has no irreducibles, iii) A has no primes.

It might seem that we have not done much to tame the factorization
process. However, the following result indicates that we on the right track.
Theorem 8.7. Any prime p in an integral domain R is irreducible.

Proof. Suppose that the prime p satisfies p = ab. We need to show that a
or b is a unit. Certainly p 6= 0 divides ab, and so, from Definition 8.1, p | a
or p | b. Assume the former. So there is a c such that pc = abc = a. We then
8.2. Integral Domains 153

get The cancellation theorem gives, of course, that bc = 1, and so b has an

inverse and therefore is a unit. Similar if we assume p | b. 
√
Like any ring in C, Z[ −5] is an integral domain. So Proposition 8.3
(iv) shows that the converse is false. However, here is an interesting lemma
that implies (once again) that F p is a field (see Proposition 5.18). The proof
is essentially the same as that of Lemma 5.3.
Lemma 8.8. A finite integral domain is a field.

Proof. Fix some a 6= 0 in the integral domain R. Consider the (finitely

many) elements {ax}x∈R . Either all these elements are all distinct, or two
are the same. But if ax = ay, the cancellation theorem gives a contradiction.
If they are all distinct, then there is an x such that ax = 1 ∈ R. Thus a has a
multiplicative inverse. 
Theorem 8.9. Let R be an integral domain in which every element has a
factorization into irreducibles. Every irreducible is a prime if and only if
factorization into irreducibles is always unique.

Proof. First, suppose that every irreducible is a prime and assume that the
following are two factorizations of x ∈ R into irreducibles.
x = up1 · · · pk = u0 q1 · · · q` .
Now if p1 is a prime, upon relabeling the qi , it must divide q1 . Since q1 is
irreducible, we must have p1 = q1 up to units. Doing finitely many steps,
one proves that the factorization is unique.
Next, suppose that q is irreducible and that there are non-zero a and
b such that q | ab. This implies qc = ab. We factor both sides of this last
equation into irreducibles.
uq(p1 · · · pk ) = u0 (q1 · · · q` )(q`+1 · · · qm ) .
By unique factorization, q must equal to q1 (upon relabeling and up to units)
and thus it divides a or b. 
Definition 8.10. An integral domain R is a unique factorization domain2 if
every element admits a unique factorization into irreducibles. This is often
abbreviated to UFD.
2The word “domain” serves as a reminder that R must be an integral domain.
154 8. Factorization in Rings

By Theorems 8.7 and 8.9, in a UFD, “prime” and “irreducible” are syn-
onymous. In a UFD, the notions of greatest common divisor and least com-
mon multiple are well-defined. The reason these notions are well-defined
can be found in the proof of Corollary 2.16. To repeat that argument, sup-
pose that
s s
α = u ∏ pki i and β = u0 ∏ p`i i ,
i=1 i=1
where u and u0 are units and ki and `i in N ∪ {0}. Now define:
mi = min(ki , `i ) and Mi = max(ki , `i ) .
Then, of course, we have
s s
gcd(α, β ) = ∏ pm
i
i
and lcm (α, β ) = ∏ pMi
i .
i=1 i=1
The pi are unique up to a unit. And so are the gcd and lcm, since the product
of units is a unit.
We still need to be slightly cautious. For instance, in Z[i], which is a
UFD, the units are ±1 and ±i. The gcd of 2i and −4 is 2 up to units, that
is: ±2 or ±2i.

8.3. Euclidean Domains

The next step in the taming process, is to make sure there is a division
algorithm.
Definition 8.11. A Euclidean function on a ring R is a function E : R\{0} →
N ∪ {0} that satisfies:
i) For all ρ1 and ρ2 in R, there are κ and ρ3 in R such that ρ1 = κρ2 + ρ3
and E(ρ3 ) < E(ρ2 ) and
ii) For all α and γ in R\{0}, we have E(αγ) ≥ E(α) .
A Euclidean ring or Euclidean domain is an integral domain R for which
there is a Euclidean function.

In a Euclidean domain, we can perform the division algorithm of Lemma

3
2.2 . All statements and proofs in Chapter 2 from Bézout’s Lemma (Lemma
2.5) on, up to and including Corollary 2.16, hold with minor modifications.
For example, we need to use E(n) instead of the norm of n. Theorem 2.7
3The name “Euclidean domain” derives from the alternative name of that algorithm, see remark 2.4.
8.3. Euclidean Domains 155

needs the reformulation given by Theorem 8.5. Corollary 2.8 would need
to be reformulated (which we omit). Among other things, the unique fac-
torization, and the Euclidean algorithm of Chapter 3, which in turn led us
to continued fractions, follow from these. So the consequences of having
a Euclidean function are indeed staggering! Exercise 8.11 investigates the
relation between the two chapters.
In Euclidean domains the notions of prime and irreducible are again
happily reunited.
Proposition 8.12. Let R be a Euclidean domain. If p ∈ R is irreducible,
then p is prime.

Proof. Suppose p is irreducible and p | ab and let g be a gcd(a, p). Then

there are h and k such that p = gh and a = gk. Since p is irreducible, either
g or h is a unit. Suppose first that h is a unit. Then a = ghh−1 k = ph−1 k and
so p | a. If, on the other hand, g is a unit, then g divides 1 (the multiplicative
identity). Of course, 1 is a common divisor of a and p, and thus we also
have gcd(a, p) = 1. Euclid’s lemma (Lemma 2.6) gives that p | b. 
Corollary 8.13. Let R be a Euclidean domain. Then
i) p ∈ R is prime if and only if p is irreducible.
ii) Every element admits a unique factorization into powers of primes up to
re-ordering and products of units.

Proof. Item (i) follows from the previous proposition together with Theo-
rem 8.7. Theorem 8.9 implies item(ii). 

Polynomial rings over a field, such as Q[x] or R[x], are a great examples
of Euclidean domains. We already saw in Section 7.1, that the degree is a
Euclidean function in these rings.
We finally come to the reason to introduce empty products in Remark
2.14.
Corollary 8.14. A field F is a Euclidean domain and therefore has unique
factorization. Namely, every non-zero x ∈ F is a unit times the empty
product of primes. In particular, there are no primes and no irreducible
numbers in F.
156 8. Factorization in Rings

Proof. We take x and y in F and write x = yq + 0, where q = y−1 x. So every

remainder maps to zero4. 

Thus the results in Chapter 2 starting with Theorem 2.17 (the infinitude
of primes) do not generalize to all Euclidean domains. The problem in the
proof of Theorem 2.17 is that it crucially depends on adding “1” to some
number in order to get a “bigger” number. The rest of that Chapter depends
on the embedding of the integers in the real numbers (or even C).
The last result, together with Definitions 8.11, 8.4, and 5.20, immedi-
ately implies the following.
Corollary 8.15. We have the following inclusions:
fields ( Eucl. domains ( UFDs ( domains ( comm. rings ( rings .

8.4. Example and Counter-Example

√
As an example we consider the elements of the set Z[ −1]. These are
usually called the Gaussian integers (see Figure 28). From equations 7.8
and 7.9, we can infer that α = a + bi can be represented in matrix form as:
 
a −b
α =  with N(α) = a2 + b2 .
b a
It is easy to check that multiplication of these matrices is commutative —
after all, multiplication of the underlying complex numbers is commutative.
Proposition 8.16. The Gaussian integers form a Euclidean domain with
the norm as Euclidean function.

Proof. For j a square free integer, N(α) is the square of the absolute value
of α, and so it is a positive integer. So the second requirement of Definition
8.11 follows immediately from Corollary 7.26. It remains to prove that the
first requirement is satisfied.
Given any ρ1 and ρ2 in Z[i], we can certainly choose κ and ρ3 so that
ρ1 = κρ2 + ρ3 .
4This is one of reasons we added 0 to the image of E in Definition 8.11
8.4. Example and Counter-Example 157

Im
x

Re

Figure 28. The Gaussian integers are the lattice points in the complex
plane; both real and imaginary parts are integers. For an arbitrary point
z ∈ C — marked by x in the figure, a nearby integer is k1 + ik2 where
k1 is the closest integer to Re (z) and k2 the closest integer to Im (z). In
this case that is 2 + 3i.

(For example, κ = 0 and ρ3 = ρ1 .) Dividing by ρ2 gives

ρ1 ρ2−1 = κ + ρ3 ρ2−1 . (8.1)
5
We choose κ to be the closest Gaussian integer to (indicated byρ1 ρ2−1
“x” in Figure 28). Recalling that in this case, the norm corresponds to the
usual absolute value squared, we immediately see from the figure that we
can choose κ so that N(ρ3 ρ2−1 ) ≤ 1/2. And thus with that choice, using
Corollary 7.26,
1
N(ρ3 ) = N(ρ3 ρ2−1 )N(ρ2 ) ≤ N(ρ2 ) (8.2)
2
which proves the first requirement. 

The computation that leads from equation (8.1) to equation (8.2) can
also be done explicitly. Let ρ1 = a + bi and ρ2 = c + di. It is an easy
computation to see that
ac + bd −ad + bc
ρ1 ρ2−1 = 2 +i 2 .
c + d2 c + d2
We want to express this as a Gaussian integer κ = k1 + ik2 plus a remainder
ρ3 ρ2−1 = ε1 + iε2 whose norm is less than 1. We choose k1 to be the integer
closest (or one of the integers closest) to ac+bd
c2 +d 2
, and k2 , the integer closest
−ad+bc
to c2 +d 2 . With those choices, the remainders
ac + bd −ad + bc
ε1 = − k1 and ε2 = − k2
c2 + d 2 c2 + d 2
5If there is more than one closest Gaussian integer, pick any one of them.
158 8. Factorization in Rings

1
are each not greater than 2 in absolute value. Thus
ρ3 = (ε1 + iε2 )(c + id) ,
with norm (ε12 + ε22 )(c2 + d 2 ) by Corollary 7.26. Since the εi are no greater
than 21 , (8.2) follows.
The computation in the foregoing proof will be important, and so it is
useful to summarize it even more succinctly.
Definition 8.17. A fundamental domain of Z[i] is a simply connected region
in C such that it contains exactly one representative of every set z + Z[i].
Usually one takes the unit square as a fundamental domain for Z[i].

Remark 8.18. For j negative and square free, N is a Euclidean function on

√
Z[ j] if and only if in a fundamental domain, the distance to the nearest
algebraic integer is strictly less than 1.

Note that in Z, to get a small remainder we simply choose the floor

of ρ1 ρ2−1 for the equivalent of κ (see the proof of Lemma 2.2). But in the
above proof — working the Gaussian integers — it is clear that in general
there is no obvious natural choice for κ = k1 + ik2 that makes N(ε) less than
1. In exercise 8.2, we look in some more detail at the possible choices for
k1 and k2 . So the Euclidean algorithm applied to, say, 17 + 15i and 7 + 5i
may lead to different computations. We gave an example of this in exercise
7.22.
√
Proposition 8.19. The ring Z[ −6] does not have the unique factorization
(into irreducibles) property. Therefore this ring is not a Euclidean domain.
√
Proof. Z[ −6] (see Figure√29) is an integral domain, because it is a sub-
ring of C. We show that Z[ −6] does not have unique factorization in two
steps. The first step is to observe that
√ √
10 = 2 · 5 = (2 + i 6)(2 − i 6) .
√
We are done if we show that 2, 5, and 2 ± i 6 are irreducible. Assume
2 = αγ, both non-units. Taking the norm6 (always using Corollary 7.26),
we get
4 = N(α)N(γ) .
6This part of this proof illustrates how to use the norm to reduce the question whether a number in a
Euclidean domain R is irreducible to the same question in Z.
8.5. Ideal Numbers 159

Im

Re

√
Figure 29. A depiction of Z[ −6] in the complex
√ plane; real parts are
integers and imaginary parts are multiples of 6.

Thus each of the norms equals 2. But 2 = a2 + 6b2 has no integer solutions,
hence 2 is irreducible. The exact same argument applied to 5 gives that
25 = N(α)N(γ) .
2 2
√ 5 = a + 6b has no integer
Each of the norms now must equal 5. But again
solutions. If we apply the argument to 2 ± i 6, we obtain
10 = N(α)N(γ) .
Thus either α must have norm 2 and β must have norm 5, or vice versa.
But the previous arguments show that both are impossible. 

8.5. Ideal Numbers

In this section, we explain how ideals arise from the study of factorization
into primes in rings of algebraic integers. We base this description loosely
on the historical record as described in chapter 21 of the excellent book
[55]. For the definition and basic properties of ideals, we refer to Section
7.2. We start by reformulating gcd and lcm in the language of ideals.
Definition 8.20. Let A and B ideals. The greatest common divisor of A and
B is the smallest ideal that contains both of these. It is denoted by gcd(A, B).
The least common multiple of A and B is the largest ideal that is contained
in both A and B. It is denoted by lcm (A, B).

Recall that an ideal h ji in Z is maximal if and only if j is prime. For if j

is not prime, the ideal generated by a divisor of j contains h ji. On the other
160 8. Factorization in Rings

hand, consider the ideal hp, ji. The fact that it is generated by gcd(p, j) is
non-trivial: it follows from Bézout (Lemma 2.5).
Now let us see how this pans out in some examples of ideals in rings
√
of algebraic integers. Start by considering the ring Z[ −3] of algebraic
integers (see equation (7.7)) displayed in the left of Figure 30. We start
by showing that this ring does not have the unique factorization property.
Knowing that √ √
4 = 2 · 2 = (1 + i 3)(1 − i 3) , (8.3)
the proof of that statement is almost verbatim that of Proposition 8.19 (see
exercise 8.20. This exercise goes on to show that 4 admits no factorization
at all into primes!).
√
What is interesting here is that the numbers 2 and (1 ± i 3) belong to
the same maximal ideal.
√ √
Lemma 8.21. I = h2, 1 + i 3i is a maximal ideal in R = Z[ −3].

Proof. I √
is depicted in red in the left of Figure 30. It clearly contains both 2
and 1 + i 3. It clearly forms a lattice and so is closed under addition. Next
we check the absorption property of the ideal. Denote the two generators
by x and y for brevity. For any elements α, β , and γ of R, we must have
α(β x + γy) = δ x + εy ∈ I .
It is an easy but tedious exercise to check that for any integers a, b, c, and d
√ √ √ √
(a+ib 3)·2+(c+id 3)·(1+i 3) = (a−b−2d)·2+(c+d +2b)·(1+i 3) .
And so all these elements lie in the lattice I.
If we add I any
√ element not in I, then the resulting set contains the
differences 1 and i 3 (see Figure 30). Taking the closure under addition, it
√
immediately follows that we obtain all of Z[ −3]. Thus I is maximal. 

The upshot is that we are tempted (or, rather, Kummer was [55]) to
think of the set I as the set√of multiples of some hidden or “ideal”7 prime
Q. Then both 2 and (1 ± i 3) are multiples of this “ideal” number Q (up
to units at least). This way, lo and behold, unique factorization into irre-
ducibles or primes is restored!
7Hence the name “ideal”.
8.5. Ideal Numbers 161

Im Im

Re Re

√
√ Left, the elements of the ring Z[ −3]. Right, the ring
Figure 30.
1
Z[ 2 (1 + −3)]. The units of each ring are indicated in green and the
√
ideals h2, 1 + −3i on the left and h2i on the left are indicated in red.
Fundamental domains (Definition 8.17) are shaded in blue.

There√is more than a grain of truth in this. Recall that the ring R0 =
√
Z[ 12 (1 + i 3)] is the ring of integers in Q( −3) (Lemma 7.23). This ring,
√
depicted on the right of Figure 30, contains the units (drawn in green) 1±i2 3 .
√
Clearly, 2 and 1 + i 3 are now the same up to a unit. Therefore, this time
around 2 generates I. In other words, R0 contains R, and has the same set
I as an ideal, only now it is a principal ideal. Indeed, in R0 , equation (8.3)
does not represent
√ distinct factorizations of 4, precisely because in this ring,
2 and 1 + i 3 differ by a unit.
Finally, we finish this section by checking that indeed
√ the norm is not a
√
Euclidean function for Z[ −3], while it is for Z[ 12 (1+i 3)]. Thus this ring
is a Euclidean domain and so, by Corollary 8.13, primes and irreducibles
are the same, and factorization is unique. This ring is an important example
and has its own name; its elements are called the Eisenstein integers .
√
Proposition 8.22. i) The norm in Z[ −3] is not a Euclidean function.
√
ii) The norm in Z[ 21 (1 + −3)] is a Euclidean function.

Proof. According to Remark 8.18, the norm — which in these two cases
is positive — is a Euclidean function if and only if it is less than 1 in a
fundamental domain. In both cases, the norm of a number is simply the
square of the usual absolute value of that number. The fundamental domains
are shaded in Figure 30.
Proof of √
(i). The fundamental domain D is given by a rectangle of
height |h| = 3 and width 1 (see Figure 31). The diagonals in D have
162 8. Factorization in Rings
√
length 1 + 3 = 2 and so we have that the distance to the nearest algebraic
integer is between 0 and 1. It equals 1 at the intersection of the diagonals.
Thus N fails to be a Euclidean function.
Proof of (ii). The fundamental domain consists of two isosceles trian- √
gles, one of which is depicted on the right of Figure 31. Its height d is 21 3
and its base has length 1. We are looking for the point that maximizes the
distance to the nearest point of the triangle. That point lies at height y on
the bisector of the top-angle and its its distance d − y to the three points of
the triangle is the same. Thus we compute
1 4d 2 − 1 4d 2 + 1
+ y2 = (d − y)2 =⇒ y= =⇒ d −y = .
22 8d 8d
√
3
This evaluates to d − y = 3 which is less than 1. 

h 1+h d

1 1/2 1/2
0

√ √
Figure 31. Left, the fundamental domain of Z[ −3]. Here, h = i 3.
Right, one of the 2 √isosceles triangles that constitute
√ the fundamental
domain of Z[ 12 (1 + −3)]. Its height d equals 12 3. The point that
maximizes the distance to the closest of the 3 corner points lies on the
bisector of the top angle at height y.

It is surprising that in the first part of the proof, the criterion of Eu-
clidean fails at only 1 point in the fundamental domain. An analyst might
suspect that somehow we can get around the exception because it has mea-
√
sure zero. Note, however, that (8.3) shows that Z[ −3] does not have have
unique factorization and thus there is no Euclidean function (Proposition
8.13).
8.6. Principal Ideal Domains 163

8.6. Principal Ideal Domains

Definition 8.23. A principal ideal domain is an integral domain in which
every ideal is a principal ideal. This is usually abbreviated to PID.

We now complete the containments given in Corollary 8.15.

Theorem 8.24. We have the following inclusions:
fields ( ED’s ( PID’s ( UFD’s ( domains ( comm. rings ( rings .

Proof. In view of Corollary 8.15, we only need to prove (i) that a Euclidean
domain is a PID, (ii) that a PID is a UFD, and (iii) that the three categories
are not equal. We leave (iii) for the next section.
i) In a Euclidean domain, the trivial ideal {0} is of course a principal
ideal (as it has only one element). Let E be the Euclidean function in D.
Fix a non-trivial ideal I and pick x ∈ I that minimizes E on I\{0}. Pick any
other y ∈ I. Then by the division algorithm
y = xq + r and E(r) < E(x) .
But since y − xq ∈ I, r is in I, and so E(r) must be zero by the minimality
of x. Hence x generates y.
ii) Suppose x0 is an element of a principal ideal domain D that cannot
be written as a a product of irreducibles. Then, clearly, there are non-zero
non-units x1 and y1 so that x0 = x1 y1 . But by definition of x0 , at least one
of x1 and y1 cannot be written as a product of irreducibles. Suppose that is
x1 . Now x1 divides x0 , and we get hx0 i ( hx1 i. We can apply the same ar-
guments to x1 , and so on. Thus we get what is called an (infinite) ascending
chain of ideals:
hx0 i ( hx1 i · · · ( hxn i · · · .
We define I = ∪∞ i=0 hxi i. It is easy to see that I is an ideal (Definition 7.9).
But because D is a PID, I must have a single generator p. The element p
must reside in hxn i for some n. Since p generates hxn i it must in fact be
equal to xn . Thus the ascending chain must end, contradicting the hypothe-
sis on x0 , which implies that every element in D can be written as a product
of irreducibles.
It is then sufficient by Theorem 8.9 to show that every irreducible p is
also prime. Let element a not in hpi and consider the ideal hp, ai. Because
164 8. Factorization in Rings

D is a PID, there is a q that generates this ideal: hqi = hp, ai. But then we
must have
hqi = D ,
because if not, p has a non-trivial divisor q. In particular, we get that there
are x and y so that
1 = px + ay =⇒ ∀b ∈ D : b = pxb + ayb
But this implies that if p | ab and p - a, then we must have p | b. Thus p is
prime. 

Common PID’s are Z and F[x], but these are also Euclidean domains.

8.7. ED, PID, and UFD are Different

PID’s that are not Euclidean domains
√
are a not so easy to come by. Here we
1+ −19
show, following [60], that Z[ 2 ] is an example of this. Recall that by
√ √
Lemma 7.23, Z[ 1+ 2−19 ] is the set of integers of Q[ −19].
√
−19
Lemma 8.25. In Z[ 1+ 2 ], the units are ±1, while 2 and 3 are irreducible.

√
Proof. For brevity, we set θ = 1+ 2−19 and denote R = Z[θ ]. The norm of
a + bθ satisfies (see, for example, remark 7.27)
b 2 19b2
 
N(a + bθ ) = a + + = a2 + ab + 5b2 ∈ N ∪ {0} .
2 4
We have that the norm of units must be ±1, so
b 2 19b2
 
a+ + = 1.
2 4
Clearly, the only solutions are a = ±1 and b = 0.
By the multiplicative property of the norm, if 2 is reducible we have
2 = xy =⇒ N(2) = 4 = N(x)N(y) .
N(x) and N(y) are natural numbers and not equal to 0 or ±1. The only
solution is N(x) = N(y) = 2 which is easily seen to be impossible. Hence 2
is irreducible. The same reasoning works for 3. 
√
−19
Proposition 8.26. Z[ 1+ 2 ] is not a Euclidean domain.
8.7. ED, PID, and UFD are Different 165

Proof. We start by assuming that R is a Euclidean domain (ED) and derive

a contradiction. So let E denote the Euclidean function8 of Definition 8.11
and let m be an element of R that minimizes E over the set of non-zero,
non-unit elements. In a ED, we are allowed to use the division algorithm,
so
2 = mq + r with E(r) < E(m) .
From the inequality and the assumption on m, we see that r must be zero or
a unit. So by Lemma 8.25, r ∈ {0, ±1}. Now if r = 1, then mq = 2 − r = 1
and so m is invertible, contradicting the assumption on m.
If r equals 0 or −1, we need to do one more step. In this case, mq
equals 2 or 3. By Lemma 8.25 these numbers are irreducible, and thus
q must be a unit (since m is not), whence m ∈ {±2, ±3}. We apply the
division algorithm to θ :
θ = mq0 + r0 with E(r0 ) < E(m) .
So θ − r0 is divisible by m where r0 ∈ {0, ±1}, that is to say: by 2 or 3. But
it is easy to see that any of these numbers divided by 2 or 3 are not in R. 
√
Theorem 8.27. The set R of the integers of Q[ −19] is a PID but not a
Euclidean domain.

19 /4

3 /2

1 1

i i+1/2 i+1

− 3 /2

− 19 /4

Figure 32. Points in the area red shaded are a distance less than
√ from
an integer in Z. The blue area maps into
√ the red under x →
√ 2x − 19/4
indicated by the arrow. We note that 19/4 ≈ 1.09 and 3/2 ≈ 0.87.

8Some unknown function, not necessarily the norm.

166 8. Factorization in Rings

Proof. Of course, the second part is settled by the previous result. So here
we just prove that R is a PID. So consider any non-zero ideal I in R and pick
a b in I which minimizes the norm N(b) on the non-zero elements of I. Now
assume I is not principal, then certainly bR will not equal I. In this case,
we choose any a ∈ I\bR and investigate what happens. By the absorption
property, we have that
∀p, q ∈ R : ap − bq ∈ I .
We will show, however, that
∃p, q ∈ R : ap − bq 6= 0 and N(ap − bq) < N(b) , (8.4)
which contradicts our choice of b, and therefore disproves the assumption
that I is not principal. By the multiplicativity of norms, (8.4) will be proved
if N (ap/b − q) < 1. By remark 7.27 then, (8.4) is equivalent to
a
∃p, q ∈ R : ap − bq 6= 0 and p−q < 1. (8.5)
b
√ q so that the real part of ap/b − q is not zero. Then
Clearly, we can choose
add√a multiple
√ of i 19/2 to q so that the imaginary part of ap/b − q is in
(− 19/4,
√ √19/4]. Note that ap/b − q 6= 0. If in fact the imaginary part is
in (− 3/2, 3/2) (shaded red in Figure 32), then by subtracting an integer
Z) from√q we are done. If, however, the imaginary part of ap/b −√
(in √ q lands
in [ 3/2, 19/4], then we multiply both p and q by 2 and subtract i √19/2.
One can check (see exercise 8.23) that the complex map g : z → 2z−i 19/4
maps the top blue shaded area in Figure 32 into the area shaded in red. The
argument for the lower blue area is identical. 
Theorem 8.28. The set Z[x] is a UFD but not a PID.

Proof. We start by showing that I = h2, xi is not a principal ideal in Z[x].

Let p ∈ I. Then p(x) = 2 f (x) + xg(x) and so p(0) = 2n for some n ∈ Z. If
p generates the ideal I, then we must also have
2 = p(x)a(x) and x = p(x)b(x) .
The first equality implies that p has degree 0 and p(x) = 2n, while the
second then yields that x = 2nb(x) which is impossible. So I is not principal.
Given f ∈ Z[x]. It is not surprising that any factorization of f in Z[x]
is also a factorization in Q[x]. However, the reverse is also true by Gauss’
8.8. Exercises 167

lemma (Lemma 7.8). Now f as an element of Q[x] has a unique factoriza-

tion by Corollary 8.13 and the fact that the degree is a Euclidean function
in Q[x]. Thus the same holds in Z[x]. 

Many results about factorization of rings of quadratic integers are known.

We mention a few without proof.
√
Proposition 8.29. [26] For d square free, the norm in Q( d) is a Euclidean
functions if and only if d is an element of
{−11, −7, −3, −2, −1, 2, 3, 5, 6, 7, 11, 13, 17, 19, 21, 29, 33, 37, 41, 57, 73} .
√
There are exist quadratic fields, such as Q[ 69], that are Euclidean but
whose norm is not a Euclidean function [18].
Furthermore (Baker-Heegner-Stark Theorem , see [52]), for negative square
√
free d, the integers of Q( d) form a PID and not a Euclidean domain if and
only if
d ∈ {−163, −67, −43, −19} .
Is has been conjectured that for positive (square
√ free) d, there are infinitely
many values for which the integers of Q(√ d) have unique factorization.
For d square free, if the integers of Q( d) are a UFD, then they are also a
PID.

8.8. Exercises
Exercise 8.1. Let R be an integral domain. Consider the set
R × {R\{0}} = {(a, b) : a, b ∈ R, b 6= 0} .
Define an equivalence relation ∼ as follows.
(a, b) ∼ (c, d) if ad = bc .
Frac(R) is the collection of equivalence classes with addition and multipli-
cation:
(a, b) + (c, d) = (ad + bc, bd) and (a, b) · (c, d) = (ac, bd) .
It is not hard (but tedious) to show [22][Chapter 8] that ∼ is indeed an
equivalence and that Frac(R) is the minimal field containing R. Frac(R) is
called the field of fractions or field of quotients of R.
a) Show that addition and multiplication are well-defined in Frac(R).
b) What is the field of fractions of Z?
c) The identity is not used in the definition of Frac(R). What is the “field
of fractions” of the “rng” (see remark 5.24) mZ where m > 1 in N?
d) Why is it necessary to require that R has no zero divisors?
168 8. Factorization in Rings
√
Exercise 8.2. We apply the Euclidean algorithm in Z[ −1] as in Section
8.4. For the notation, see the proof of Proposition 8.16. Suppose ργ −1
falls in the unit square depicted in Figure 33. We have drawn four quarter
circles of radius 1 in the unit square, denoted by a, b, c, and d.
a) Show that we cannot always choose κ = κ1 + iκ2 where κ1 is the floor
of the real part of κ + ργ −1 and κ2 the floor of the imaginary part. (Hint:
Consider the region “northeast” of the quarter circle a.)
b) Compute the coordinates of the points A, B, C, and D indicated in the
figure. (Hint: Because of the symmetries of the figure, the x coordinate of
A equals 1/2. et cetera.)
c) Show that if ργ −1 falls in the interior of the convex shape FACE, then
there are four possible choices for κ so that N(ρ) < N(γ).
d) Estimate the area of the convex shape FACE. (Hint: It is contained in a
square with sides of length BD and it contains a square with sides of length
AC.)
e) Is it possible that there is only one value for κ so that N(ρ) < N(γ)?

i 1+i
a b

A
d B

F C

1
0

Figure 33. Possible values of ργ −1 in the proof of Proposition 8.16.

In the following proposition and in exercises 8.3, 8.4, and 8.5, we study
√
the primes in Z[ −1] — called Gaussian primes. Recall that the Gaussian
integers from a Euclidean domain (Proposition 8.16), and so we have unique
factorization and primes and irreducibles are the same (Corollary 8.13). We
use the following notation. C (for “cross”) denotes the set Z ∪ iZ minus
√
the origin. Recall that the units in Z[ −1] are {±1, ±i} and those in Z
√
are {±1}. The notation π means a prime in Z[ −1], whereas p means a
positive prime in Z.
8.8. Exercises 169
√
Proposition 8.30 (Gaussian Primes). A number π ∈ Z[ −1] is prime if:
i) π ∈ C and |π| equals a prime p in Z with p =4 3,
ii) π 6∈ C and |π|2 equals a prime p in Z with p = 2 or p =4 1.
iii) Furthermore, if π is reducible then (i) and (ii) cannot hold. (So “if” can
be replaced by “if and only if”.)

For an illustration of the Gaussian primes, see Figure 34.

Exercise 8.3. a) Show that
N(π) = ππ = ∏ pki i .
i
b) Show that N(π) equals p or p2 (up to units). (Hint: π must divide one
of the primes, say p, in (a).)
c) Use (b) to show that if π ∈ C, then 2
√ N(π) = p and so |π| = p.
d) Use unique factorization in Z[ −1] to show that if π 6∈ C, then N(π) =
p. (Hint: can p · p = π · π?)

Exercise 8.4. a) Use exercise 5.21 (c) to show that if p =4 1 and p prime
in Z, then there is m such that p | m2 + 1. √
b) Show that if p =4 1, then p is not a prime in Z[ −1]. √ (Hint: use that
p | (m + i)(m − i).) Also show that 2 is not a prime in Z[ −1].
c) Show that a2 + b2 6=4 3. (Hint: compute modulo 4.)
d) Show that if a prime p in Z does not have residue 1 or 3 modulo 4, then
p = 2.
e) Use exercise 8.3 (c) and (b) of this exercise to prove Proposition 8.30
(i).
f) Then use exercise 8.3 (d) and (c) and (d) of this exercise to prove part
(ii).
√
Exercise 8.5. a) Show that for a reducible γ in Z[ −1], N(γ) is not prime
in Z. (Hint: use Corollary 7.26.)
b) Use (a) to show that a reducible γ cannot satisfy Proposition 8.30 (ii).
c) Assume γ in C and γ = αβ up to units. Show that if α and β are in C,
then |γ| is not prime in Z.
d) Assume γ in N and γ = αβ up to units and that α and β are not in C.
Show that if γ = p, then |α| = |β |, and therefore are conjugates (Hint: use
Corollary 7.26.). Show that this implies that N(γ) has the form a2 + b2 .
e) Show that (c) and (d) and exercise 8.4 (c) imply that γ cannot satisfy
Proposition 8.30 (i).
f) Extend the reasoning in (d) and (e) to all of C.
170 8. Factorization in Rings

Figure 34. The Gaussian primes described in Proposition 8.30. There

are approximately 950 within a radius 40 of the origin (left figure) and
about 3300 within a radius 80 (right figure).

√
Exercise 8.6. Again, we consider numbers
√ in the ring R = Z[ −1].
a) Show that if bn − 1 is prime in Z[ −1], then b − 1 is a unit.
b) Use (a) to show that b must be 2 or 1 ± i.
c) Use Proposition 8.30 (i) to show that if b = √ 2, we obtain the usual
Mersenne primes (Definition 5.13) as primes in Z[ −1].
d) Show that if n is not prime, then bn − 1 is not prime. (Hint: as in exer-
cise 1.14 (i).)
e) Show that
n nπ
N((1 ± i)n − 1) = 2n − 21+ 2 cos +1.
4
(Hint: (1 ± i) = 21/2 e±iπ/4 and eiϕ + e−iϕ = 2 cos ϕ.)
f) Show that (1 ± i)n − 1 is prime if and only if its norm is prime and n is
odd. (Hint: use (d) to show that n must be odd, and then Proposition 8.30.)

The primes in exercise 8.6 are a generalization of the Mersenne primes of

√
Definition 5.13. These primes in Z[ −1] of the form (1 ± i)n − 1 are called
Gaussian Mersenne primes . A similar construction works also in the Eisen-
√
stein integers Z[ 12 (1 + −3)]; the resulting primes are called Eisenstein
Mersenne primes . For more details, see [11].
8.8. Exercises 171
√
Exercise 8.7. Given the ring R = Z[ −5].
a) Show that 2 is irreducible. (Hint: suppose 2 = β γ, where β and γ are
non-units. Use Corollary 7.26 to see that N(β ) = N(γ) = 2. Solve for the
coefficients of β and γ.)
b) Show that 3 is irreducible. (Hint:√as (a).)
√ to show that 1 ± i 5 are irreducible.
c) Use (a) and (b)
d) Show that Z[ −5] is a not Euclidean domain. (Hint: Show it does not
have unique factorization.)
√
Exercise 8.8. Given the ring R = Z[ 2].
a) Show that R has no zero divisors. (Hint: If αβ = 0, then one of the
norms must be zero by Corollary 7.26. Solve for the coefficients.)
b) Suppose
ρ1 = κρ2 + ρ3 ,
√ √ √ √
where ρ1 = a + b 2, ρ2 = c + d 2, κ = k1 + k2 2, and ρ3 = ε1 + ε2 2.
Show that
ac − 2bd −ad + bc √
ρ1 ρ2−1 = 2 + 2 2.
c − 2d 2 c − 2d 2
ac−2bd
c) Choose k1 to be the integer closest to c2 −2d 2 and k2 the one closest to
−ad+bc
c2 −2d 2
.Show that the remainder has norm with absolute value less than
2 2
√ is a − 2b !)
1. (Hint: recall that the norm
d) Show that the ring Z[ 2] is a Euclidean domain (Hint: use Corollary
7.26.)
√ √
Exercise 8.9. a) Show that in Z[ −5], (2 + i 5) is irreducible but not
prime. (Hint: follow the proof of Proposition 8.3 (iv), except now start
with 3 · 3 = 9 to prove non-primality.)
b) Show that in Z6 , 3 is prime but not irreducible. (Hint: follow the proof
of Proposition 8.3 (iii).)
c) Find other counterexamples.

Exercise 8.10. a) Solve 3x =b 6x where b is 11, 12, 13, 14, 15.

b) If b is such that Zb is an integral domain, solve by factoring. c) Use a
result in Chapter 5 to show that Zb is an integral domain and hence a field
if and only if p is prime.
d) Give a direct proof that a field is an integral domain. (Hint: if a and b
are non-zero elements of F, then abb−1 a−1 = 1.)
172 8. Factorization in Rings

Exercise 8.11. a) Prove Lemmas 2.5 and 2.6 for a Euclidean domain.
b) Theorem 8.5 follows immediately from the absence of zero divisors
(Definition 8.4). In Chapter 2, we take the absence of zero divisors in Z for
granted. Why do we need Euclid’s Lemma (Lemma 2.6) — whose proof
uses that division algorithm — to prove Theorem 2.7? (Hint: does the
cancellation take place in Z?)

In the next exercise, we prove:

√
Lemma 8.31. Let d ∈ Z be square free. α ∈ Z[ d] is a unit if and only if
N(α) = ±1.

Exercise 8.12. a) Show that if α is a unit, N(α −1 ) = N(α)

1
.
b) Use (a) to show that the norm of a unit must be ±1.
c) Vice versa, show that if N(α) = ±1, then α is invertible. (Hint: a
matrix with determinant ±1 is √ invertible. Show that the inverse matrix
corresponds to an element of Z[ d].)
√ √
Exercise 8.13. Consider Z[ −6] and define a± = 2 ± −6.
a) Show that a− a+ = 10 = 2 · 5. √
b) Show that a± , 2, and 5 are irreducible in Z[ −6]. (Hint: if a+ = αβ
is reducible, then N(a+ ) = N(α)N(β ). By Lemma 8.31, we may assume
N(α) = 2. Solve that equation. And so forth.)
c) Show that a± , 2, and 5 are not primes. (Hint: for a± , use (a)).
d) Show that unique factorization does not hold. (Hint: see (a)).
e) Show that Euclid’s lemma 2.6 does not hold here. (Hint: use Definition
8.2.)

Exercise 8.14. a) Which ones of the sets in exercise 5.24 are integral do-
mains?
b) Euclidean domains?
√ √
Exercise 8.15. a) Show that ±1 and ±1 ± 2) are units of Z[ 2]. (Hint:
see Lemma 8.31.)
a unit, then for all n ∈ Z, α n is a unit.
b) Show if α is √
c) Show that Z[ 2] has infinitely many units.
d) Find solutions of the quadratic equation a2 − 2b2 = ±1. (Note: an
equation of the form a2 − db2 = 0 where d is square free, is called Pell’s
equation .)
√ √
One can show that the set of units of Z[ 2] is {±(1 + 2)n : n ∈ Z}.
8.8. Exercises 173
√
Exercise 8.16. Given the ring R = Z[ 10]. √
a) Show that there is no α ∈ R with N(α) = ±2. (Hint: write α = a+b 10
and try to solve for the coefficients of α in Z10 .)
b)√Show that there is no α ∈ R with N(α) = ±5. (Hint: write α = a +
b 10. Then in Z5 , show that a =5 0. It follows that 25k2 − 10b2 = ±5.
Divide by 5 and solve in Z5 .)
c) Use (a) and (b) to show that 2 and 5 are irreducible. (Hint: assume that
2 = αβ , show that then N(α) =√±2, et cetera.)
d) Use (a) and (b)
√ to show that 10 is irreducible.
e) Show that Z[ 10] is a not Euclidean domain. (Hint: Show that 10 does
not have unique factorization.)

Exercise 8.17. Given a field F, we form the ring F[x] of polynomials. For
this exercise, read Section 3.7 again.
a) Use exercise 7.1 to show that the ring F[x] is a Euclidean domain with
the degree d (of the polynomial) as a Euclidean function.
b) What goes wrong in (a) if F = Z? (Hint: give a counter-example.)
c) What are the “primes” in F[x]. (Hint: see Proposition 7.5 and Corollary
8.13.)
d) p1 (x) = x2 +1 is reducible over C, R, or Q? What about p2 (x) = x2 −2?
e) Show that the degree in R[x] is an additive function if R is a domain.

Exercise 8.18. Given a field F.

a) Show that for any α ∈ F and p in F[x], there are q and r in F[x] such
that p(x) = (x − α)q(x) + r(x), where r(x) is a constant. (Hint: the degree
is a Euclidean function.)
b) Show that in (a), p(α) = 0 if and only if r = 0. (Hint: Substitute x = α.)
c) Use (b) to show that if pn ∈ F[x] of degree n has a root, then pn (x) =
pn−1 (x)(x − α) where pn−1 has degree n − 1.
d) Use (c) to show that a degree n polynomial in F[x] has at most n roots.
(Compare with exercises 3.22 and 7.22)
We state the last result of exercise 8.18.
Theorem 8.32 (Lagrange’s Theorem). If f is a degree n polynomial with
coefficients in a field F, then f (x) = 0 has at most n solutions.

Exercise 8.19. Define the product of ideals A and B as the smallest ideal
containing { ai bi : ai ∈ A, bi ∈B }.
a) Show that AB must contain ∑ki=1 ai bi : ai ∈ A, bi ∈ B k ∈ N .
b) Show that the set in (a) is an ideal.
c) Suppose A is generated by {xi } and B by {y j }. Show that AB is the ideal
generated by {ai y j }.
d) Use (c) to show that for I and J as in exercise 7.5, IJ = h6, xi. (Hint: x2
is in hxi, and so forth.)
174 8. Factorization in Rings
√ √
Exercise 8.20. a) Show that 2 and 1 ± i 3 are irreducible in Z[ −3].
(Hint: follow the proof of Proposition 8.19.) √
b) Use (a) to show that up to units, there are two factorizations in Z[ −3]
of 4 (see equation (8.3)).
c) Use equation (8.3) to show
√ that 4 is not prime.
d) Show that 2 and (1 ± i −3) are not prime. (Hint: see Proposition √8.3.)
e) Conclude that 4 does not
√ admit any factorization into
√ primes in Z[ −3].
f) Show that 2 and (1 ± i −3) are prime in Z[ 21 (1 + −3)].

Exercise 8.21. a) Modify the first part of the proof√of Proposition √ 8.22 to
show that√ the norm is a Euclidean function for Z[ −1] and Z[ −2] but
not for Z[ −n] for n ≥ 3.
b) Modify the second part of the proof of Proposition 8.22 to show that
√
the distance to the nearest lattice point of Z[ 12 (1 + j)] is less than 1 if
j ∈ {−11, · · · , −1}. (Hint: the height y of the equidistant point in
ptriangle
on the left of Figure 31 must be such that d − y < 1 where d = 12 | j|.)
c) Show that with Lemma 7.23, √ this implies that the norm is a Euclidean
function for the integers of Q[ j] where j ∈ {−11, −7, −3, −2, −1}.

Exercise 8.22. Use Definition 7.9 to show that I in part (ii) of the proof of
Theorem 8.24 is an ideal.
Exercise 8.23. Consider the map g :C√ →C, defined in the proof of part
(ii) of Theorem 8.27. a) Show that g 419 = 0.
√ √ 
b) Show that − 23 < g 23 < 0.
c) Show that (a) and (b) imply that g maps the blue region in Figure 32 into
the red region.

Exercise 8.24. Consider the ring Z[x].

a) Show that the ideal I := h3, 5xi is not principal. (Hint: see proof of
Theorem 8.28.)
b) Show by direct computation that I does not generate Z[x]. (Hint: solve
1 = 3 f (x) + 5xg(x).)
c) Show that (b) also follows directly from (a). (Hint: 1 generates all of
Z[x] ⊇ I.)
d) Find gcd(3, 5x) and lcm (3, 5x).
e) Show that Bézout does not hold in this ring.
Chapter 9

Ergodic Theory

Overview. This time we venture seemingly very distant from number the-
ory. The reason is that we wish to investigate what properties “typical” real
numbers have. By “typical” we mean “almost all”; and to define “almost
all”, we would need to delve fairly deeply into measure theory, one of the
backbones of abstract analysis. In this chapter, we will point to the tech-
nical problems that need to be addressed, and then quickly state the most
important result (the Birkhoff ergodic theorem). In Chapter 10 we will then
move to the implications for number theory. The proof of the Birkhoff er-
godic theorem will be postponed to Chapter 14. We remark that ergodic
theory was to a large extent inspired by a problem that arose in 19th century
physics [25, 39], namely how to describe statistical behavior of a determin-
istic dynamical system. Broadly speaking, an ergodic dynamical system
explores all parts of the available with equal probability, allowing quantita-
tive predictions for the long term behavior of such a system. The discussion
whether or not ‘physical’ systems tend to be ergodic has had a profound
impact on science, in particular physics [25, 39]. The use of probabilistic
methods to study number theory is often referred to as probabilistic number
theory.

9.1. The Trouble with Measure Theory

In analysis we can distinguish short intervals from long ones by looking at
their “length” even though both have the same cardinality (see Definition

175
176 9. Ergodic Theory

1.26). The notion of length works perfectly well for simple sets such as
intervals. But if we want to consider more general sets – such as Cantor
sets — it is definitely very useful to have a more general notion of length,
which we denote by measure. However, there is a difficulty in formulating
a rigorous mathematical theory of measure for arbitrary sets. The source
of the difficulty is that there are, in a sense, too many sets. Recall that the
real line is uncountable (see Theorem 1.23). The collection of subsets of
the line is in fact the same as the power set (Definition 1.30) P(R) of the
the real line. And thus the cardinality of the collection of subsets is strictly
larger than that of the real numbers (Theorem 1.31), making it a truly very
big set.
A reasonable theory of measure for arbitrary subsets of R should have
some basic properties that are consistent with with intuitive notions of “length”.
If we denote the measure of a set A by µ(A), then we would like µ to have
the following properties.
1) µ : P(R) → [0, ∞].
2) For any interval I: µ(I) equals the length of I.
3) µ is translation invariant.
∞
4) For a countable collection of disjoint sets Ai : µ(∪∞
i=1 Ai ) = ∑i=1 µ(Ai ).

The problem is that no such function exists. Among all the possible sets, we
can construct an — admittedly pretty weird — set for which the last three
properties cannot simultaneously hold.
To explain this more easily, let us replace R by the circle S = R/Z.
Now define an equivalence relation (Definition 1.27) in S as follows: a ∼ b
if a − b is rational. Each element of S clearly belongs to some equivalence
class (it is equivalent to itself), and cannot belong to two distinct equiva-
lence classes, because if a ∼ b and a ∼ c, then also the difference between
b and c is rational, and hence they belong to the same class. Note that each
equivalence class is countable, and so (see exercise 1.9) there are uncount-
ably many equivalence classes.
For every one of these equivalence classes, we pick exactly one rep-
resentative. The union of these representatives forms a set V . Now by
requirement (1), any set, no matter how exotic its construction, should have
a measure that is a real number. We choose V as our set. Let r : N → Q
be a bijection between N and the rationals in S. Consider the union of the
9.2. Measure and Integration 177

translates
∪∞
i=1 (V + ri ) .
By definition of V , this union covers the entire circle. So by requirement (2)
above, its measure is 1. By requirement (3), each of the translates of V must
have the same measure, ε. Since by the previous paragraph, the translates
of V are disjoint, requirement (4) implies that
∞
1= ∑ ε,
i=1
which is clearly impossible!
The construction of the set V just outlined is a little vague. It is not clear
at all how exactly we could choose an individual representative, much less
how we could achieve that feat for each of the uncountably many equiva-
lence classes. If we wanted to draw a picture of the set V , we’d get nowhere.
Does this construction V really exist as an honest set? It turns out that one
needs to invoke the axiom of choice1 to make sure that V exists.
The consensus in current mathematics (2020) is to accept the axiom
of choice. One consequence of that is that if we want to define a measure,
then at least one of those four requirements above needs to be dropped or
weakened. The measure theoretic answer to this quandary is to restrict the
collection sets for which we can determine a measure. This means, that
of the properties (1) through (4), we restrict property (1) to hold only for
certain sets. These are called the measurable sets.

9.2. Measure and Integration

To surmount the difficulty sketched in the previous section so that we can
define measure and integration unambiguously turns to be technically very
involved. This section serves just to give an idea of that complication and
its resolution. The interested student should consult the literature, such as
the excellent introduction [7].
Recall that a set O ⊆ R is an open set usually2 means that for all x ∈ O
there is an interval (x − ε, x + ε) contained in O. Closed sets are defined
1The axiom of choice states that for any set A, there exists a function f : P(A) → A that assigns to each
non-empty subset of A assigns an element of that subset. For more details, see [29].
2This is called the standard topology on R. It is possible to have different conventions for what the
open sets in R are.
178 9. Ergodic Theory

as sets whose complement is an open set. Vice versa, the complement of a

closed set is open. An open set in R can be written as a disjoint union of
open intervals (see exercise 9.4).
The outer measure3 of a set S is
µout (S) = inf ∑ `(Ik ) .
k
where the infimum is over the countable covers of S by open intervals Ik .
Definition 9.1. Consider the smallest collection of sets closed under com-
plementation, countable intersection, and countable union that contains the
open sets. These are called the Borel sets.
Definition 9.2. A set S is called Lebesgue measurable if it contains a Borel
set B whose outer measure equals µout (S).

One can work out [7] that the collection of Lebesgue measurable sets is
also closed under complementation, countable intersection, and countable
union. Furthermore, any open set in R is a countable union of disjoint open
intervals [33] (see also exercise 9.4). As a consequence of these facts, we
have the following result.
Proposition 9.3. i) A set S ⊂ R is Lebesgue measurable if and only if there
exist closed sets Ci ⊆ S such that
µout (S\ ∪∞
i=1 Ci ) = 0 .

ii) A set S ⊂ R is Lebesgue measurable if and only if there exist open sets
Oi ⊇ S such that
µout (∩∞
i=1 Oi \S) = 0 .

Proof. First observe that every closed set is the complement of an open set
and vice versa. Since complementation preserves the Lebesgue measurable
sets (by definition 9.2), (i) and (ii) are equivalent.
Definition 9.2 implies that for a measurable set S the following holds.
For all ε > 0, there are countably many disjoint open intervals Ii such that
µout (S) ≤ ∑ `(Ii ) < µout (S) + ε .
i

3the outer measure is not an actual measure.

9.2. Measure and Integration 179

Since we can make ε smaller and smaller, (ii) follows.

Vice versa, the countable union of closed sets is Borel, and thus (i)
implies Definition 9.2. 

Finally, we can define a general measure as follows and show that it

satisfies the above characteristics, if one limits the definition to measurable
sets.
Definition 9.4. A measure µ is a non-negative function from the measur-
able sets to [0, ∞] such that µ(0)
/ = 0 and for every countable sequence of
disjoint (measurable) sets Si :
∞
µ(∪∞
i=1 Si ) = ∑ µ(Si ) .
i=1
The Lebesgue measure assigns to each Lebesgue measurable set its outer
measure. (Thus the measure of an interval equals its length.)

Thus µ is a function from the measurable sets to the positive reals and
the measurable sets are constructed so that properties (2), (3), and (4) in
Section 9.1 hold. We summarize this as follows.
Corollary 9.5. The Lebesgue measure µ on R or R/Z satisfies the follow-
ing properties
1) µ : measurable sets → [0, ∞].
2) For any interval I: µ(I) equals the length of I.
3) µ is translation invariant.
∞
4) For a countable collection of disjoint sets Ai : µ(∪∞
i=1 Ai ) = ∑i=1 µ(Ai ).

We remark that part (4) of this result implies that in general sub-additivity
holds:
∞
µ(∪∞
i=1 Ai ) ≤ ∑ µ(Ai ) . (9.1)
i=1
The reason is that (4) says the measure of the union equals the sum of the
measures of the disjoint “new” parts Ani of Ai , i.e. Ai minus the intersection
of Ai with the A j where j < i. Since Ani ⊆ Ai , we have µ(Ani ) ≤ µ(Ai ).
Hence the sub-additivity.
We need a some more technical terms. If we have a space X and a col-
lection Σ of measurable sets, then the pair (X, Σ) is called a measurable space.
A function f : X → X is called measurable if the inverse image under f of
180 9. Ergodic Theory

any measurable set is measurable. A triple (X, Σ, µ) is called a measure space.

A probability measure is a measure that assigns a measure 1 to the entire
space. The Lebesgue integral of a measurable function f with respect to the
measure µ is written as Z
I= f dµ .
Assume f (x) is non-negative. To approximate the Lebesgue integral I, one

Figure 35. A comparison between approximating the Lebesgue inte-

gral (left) and the Riemann integral (right).

partitions the range of f into small pieces [yi , yi+1 ]. For each such layer, the
contribution is the measure of the inverse image f −1 ({y : y ≥ yi+1 }) times
yi+1 − yi . Sets of measure zero are neglected. Summing all contributions,
one obtains an approximation of the Lebesgue integral (see Figures 35 and
70). The Lebesgue integral itself is defined as the limit (if it exists) of
these. The Lebesgue integral of a not necessarily non-negative function f
is computed by splitting up f into its non-negative part f + and its negative
part f − , so that f = f + + f − . The integral of f is then defined as
Z Z
I= f + dµ − (− f − ) dµ .

We’ll see in Section 14.1 that the domains of f + and f − are measurable
so that this operation is well-defined. A function f is called integrable , or
R
µ-integrable for clarity, if | f | dµ exists and is finite. It turns out that the
Lebesgue integral generalizes the Riemann integral4 we know from calculus
(see exercise 9.6).
This level of technical sophistication means that the fundamental the-
orems in measure theory require a substantial mastery of the formalism.
Since pursuing all the technicalities would take a considerable effort and
4Recall that the Riemann integral is approximated by partitioning the domain of f , see Figure 35.
9.3. The Birkhoff Ergodic Theorem 181

would lead us well and far away from number theory, we will suppress
those details in this chapter. However, proofs will be completed in Chapter
14.

9.3. The Birkhoff Ergodic Theorem

The context here is that we have a measurable transformation T from a mea-
sure space (X, Σ, µ) to itself. The situation is quite general. The measure
µ is not necessarily the Lebesgue measure, but we will assume that it is a
R
probability measure, that is: X dµ = µ(X) = 1.

F
−1 (F nu)(B)
Y
nu(F (B))
X *

Figure 36. The pushforward of a measure ν.

Definition 9.6. Let F : X → Y be a measurable transformation and ν a

measure on X. The pushforward F∗ µ of the measure ν is a measure on Y
defined as
(F∗ µ)(B) := µ F −1 (B) ,

for every measurable set B in Y (see Figure 36).

Definition 9.7. Let T : X → X be measurable. We say that T preserves the

(probability) measure ν, or, equivalently, that µ is an invariant measure , if
−1


T∗ ν = ν. That is to say, if for every measurable set B, µ T (B) = µ(B).

Theorem 9.8 (Birkhoff or Pointwise Ergodic Theorem). Let T : X → X

be a transformation that preserves the probability measure µ. If f : X → R
is an integrable function, the limit of the time average
n−1
1
h f i(x) := lim ∑ f (T i (x))
n→∞ n i=0
182 9. Ergodic Theory

is defined on a set of full measure. It is an integrable function and satisfies

(wherever defined)
Z Z
h f i(T x) = h f i(x) and h f i(x) dµ = f (x) dµ .
X X

The proof of this theorem requires a substantial technical mastery of mea-

sure theory and we will postpone it to Chapter 14.
Definition 9.9. A transformation T of a measure space X to itself is called
ergodic (with respect to µ) if it preserves the measure µ and if every T
invariant set has measure 0 or 1. (A set S ⊆ X is called invariant if T −1 (S) =
S.)
Corollary 9.10. A measure preserving transformation T : X → X is ergodic
with respect to a probability measure µ if and only if for every integrable
function f
1 n−1
Z
lim ∑ f (T i (x)) = f (x) dµ
n→∞ n X
i=0
for all x except possibly on a set of measure 0.

Somewhat confusingly, this last result is often also called the Birkhoff er-
godic theorem. We will also adhere to that usage, just so that we can avoid
saying “the corollary to the Birkhoff ergodic theorem” on many occasions.
This corollary really says that a transformation is ergodic if and only if time
averages equal spatial averages. This is a very important result because, as
we will see, spatial averages are often much easier to compute.

0
c− c+

Figure 37. The functions µ(Xc− ) and µ(Xc+ ).

9.3. The Birkhoff Ergodic Theorem 183

Proof. By Theorem 9.8, h f i(x) is defined on a set of full measure. So let

Xc− := {x ∈ X : h f i(x) < c} and Xc+ := {x ∈ X : h f i(x) > c} .
Replacing x by an inverse image of x does not change the value of h f i(x),
and so Xc± are invariant sets. By the ergodic assumption, µ(Xc− ) (as a func-
tion of c) must therefore be a step function, with an increasing step of height
1 occurring at some value c− . Similarly, µ(Xc+ ) a step function, with an de-
creasing step of height 1 occurring at some value c+ . See Figure 37.
If c− < c+ , then for any interval [c1 , c2 ] ∈ (c− , c+ ), then we obtain that
for any interval [c1 , c2 ] ∈ (c+ , c− ), µ(Xc+2 ) = µ(Xc−1 ) = 1, which is impos-
sible, since these sets do not intersect. In the same way, if c+ < c− ,, then
for any interval [c1 , c2 ] ∈ (c+ , c− ) µ(Xc+1 ) = µ(Xc−2 ) = 0, which contradicts
the fact that the union of Xc+1 and Xc−2 is the entire space and so must have
measure 1. So c− = c+ = c0 . Thus h f i(x) = c0 on a set of full measure.
R
And therefore, X f (x) dµ = h f i(x) which implies that time average equals
space average.
Vice versa, if T is not ergodic, then there are invariant sets X1 and its
complement X2 both of positive measure. Let 1X1 be the function that is
1 on X1 and 0 elsewhere. The time average h1X1 i(x) is 1 or 0, depending
on where the starting point x is. In either case, it is not equal to the spatial
R
average X 1X1 (x) dµ ∈ (0, 1). 

One needs to be careful, because it can happen that a transformation is

ergodic with respect to two (or more) different measures.
Definition 9.11. Two probability measures µ and ν are mutually singular
if there is a measurable set S with µ(S) = 1 and ν(S) = 0, and vice versa.
Corollary 9.12. If T is ergodic with respect to two distinct probability mea-
sures µ and ν, then those measures are mutually singular.

Proof. If µ and ν are distinct measures, we can choose f such that

Z Z
c1 = f dµ 6= f dν = c2 .
X X
By Corollary 9.10, the time average h f i(x) must be c1 for µ almost every x
and so the x for which the average is c2 has µ measure 0. The reverse also
holds. 
184 9. Ergodic Theory

One can furthermore prove that the set of invariant probability mea-
sures is non empty and every invariant measure is a convex combination
of ergodic measures [38][chapter 8]. This says that, in a sense, ergodic
measures are the building blocks of chaotic dynamics. If we find ergodic
behavior with respect to some measure µ, then we understand the statisti-
cal behavior for almost all points with respect to µ. There may be other
complicated behavior but this is “negligible” if you measure it with µ.

9.4. Examples of Ergodic Measures

In this section, we consider the piecewise linear map T with derivative
equal to 2, depicted in Figure 38. To fix our thoughts, we set A = [0, 1]
and B = [1, 2]. In this section, we will exhibit uncountably many invari-
ant probability measures µ with respect to which T is ergodic. Note that
any two such measures must be mutually singular (Definition 9.11). This
situation is by no means exceptional.

A B

Figure 38. This map has many ergodic measures

We start with the measure δ0 that assigns (full) measure 1 to the point
0 and measure 0 to any (measurable) set not containing 0. As we can see in
Figure 38, for any set S
0 ∈ S ⇐⇒ 0 ∈ T −1 (S) .
Thus δ0 (S) = δ0 T −1 (S) , that is: δ0 is T -invariant. Since any T -invariant

set either contains the point 0 or not, such a set trivially has measure either
9.4. Examples of Ergodic Measures 185

zero or one. By Definition 9.9, T is ergodic with respect to δ0 . Let us check

the conclusion of Corollary 9.10. For some very small ε > 0, set

0 if x ∈ [0, ε)

f (x) =
α if x ∈ [ε, 2]

Take some arbitrary x. Under iteration by T , it will most likely bounce

around in the interval [0, 1] or in the other interval, [1, 2]. Thus the sum of
R
the corollary will give something close to α. But the integral X f (x) dδ0
gives 0. What is going on? See this footnote5.
The next example is the uniform measure µA in A = [0, 1]. Each mea-
surable subset of A has a measure equal to its Lebesgue measure. It is easy
to see that this is a probability measure (one that integrates to 1). From
Figure 38, we see that the inverse image of an interval J ⊆ A equals two
disjoint intervals of half its length. This shows that µA is invariant under T .
We will show in Chapter 10 that each T invariant set has µA measure either
0 or 1, but here is a partial result.
Proposition 9.13. If S ⊂ A is a T invariant set such that Sc = A\S is not
empty, then both S and its complement Sc must be dense in A.

Proof. Note that T restricted to the interval A = [0, 1] is just the doubling
map. Observe also that the complement Sc must also be T invariant.
Suppose that Sc , contains an interval J of positive length and choose
an interval I so that I ∩ S is not empty. Since S is invariant, we have that
for all n > 0, T −n (S) is contained in S. If we can show that these pre-
images are dense in A, then they must intersect the interval J and we have a
contradiction.
The inverse image T −1 (I) is:
I +0 I +1
∪ = ({0.0} ∪ {0.1}) + 2−1 I ,
2 2
where the expressions 0.0 and 0.1 are binary (base 2), so that 0.1 = 21 .
Iterating this procedure, we get
T −2 (I) = ({0.00} ∪ {0.01} ∪ {0.10} ∪ {0.11}) + 2−2 I ,
5The set (0, 1] has measure 0 with respect to δ . Corollary 9.10 tells us to neglect such sets. Thus we
0
must take x = 0, and then the summation also gives 0.
186 9. Ergodic Theory

Similarly, the nth iterate gives all the expressions in base of length n. This
is a collection of 2n regularly spaced copies of 2−n I. Clearly, the union of
these over n is dense and so must intersect J. 

This result implies that if S ⊂ [0, 1] is an invariant set and its comple-
ment in [0, 1], Sc , is not empty, then neither can contain an interval. This is
equivalent to the following.
Corollary 9.14. If S ⊂ A is a T invariant set containing an interval, then
S = A.

For now note that both A and B are T invariant sets and µA (A) = 1
while µA (B) = 0. We check Corollary 9.10 again. Let f be

0 if x ∈ [0, 12 )

f (x) =
α if x ∈ [ 1 , 1]
2

For arbitrary x in [0, 1], we expect T i (x) to hit the interval [0, 12 ] half the time
on average. So the sum should give α2 . Indeed, if we compute the integral
R
f dµA , that is what we obtain.
Now we turn to an at first sight very strange and counter-intuitive ex-
ample. In the unit interval, we consider the set of x with all possible bi-
nary expansions, but now we construct a measure ν p that assigns a measure
p ∈ (0, 1) to “0”, and 1 − p to “1”. In effect this amounts to assigning a
measure p to the interval [0, 12 ] and 1 − p to [ 12 , 1]. The interesting case is of
course when p 6= 12 . So that is what we will assume.
Continuing the construction of the measure ν p , the set of sequences
starting with 00 get assigned a measure p2 ; the ones starting with 01, a
measure p(1 − p); 10, a measure (1 − p)p; and 11, a measure (1 − p)2 . The
sum of these is 1. We now keep going ad infinitum, always keeping the sum
of the measures equal to 1, see Figure 39. So ν p is a probability measure.
The same reasoning as in Proposition 9.13 shows that an interval I
consisting of points whose binary expansion starts with a = a1 a2 · · · an has
as pre-image the interval I0 consisting of points whose expansion starts with
0a and I1 where the expansion starts with 1a.
ν p (A0 ) + ν p (A1 ) = pν p (A) + (1 − p)ν p (A) = ν p (A) ,
and the measure ν p is T invariant.
9.5. The Lebesgue Decomposition 187

p 1−p
0 1/2 1

p.p p(1−p) (1−p)p (1−p)(1−p)

Figure 39. The first two stages of the construction of the singular mea-
sure ν p .

This gives us an uncountable set of measures (namely one for each

p ∈ (0, 1)) with respect to which T is ergodic.

9.5. The Lebesgue Decomposition

The examples of invariant measures of Section 9.4 also help to illustrate the
following fact [33] which we mention without proof (but see [7]).
Theorem 9.15 (Lebesgue Decomposition). Let µ be a given measure. An
arbitrary measure ν has a unique representation as the sum
ν = νac + νd + νsc .
where νac absolutely continuous with respect to the Lebesgue measure µ,
νd is a discrete measure, and νsc is singular continuous.

We now define these notions somewhat informally. A measure νac

is absolutely continuous with respect to µ if for all measurable sets A,
µ(A) = 0 implies that νac (A) = 0. It is usually written as νac  µ. The
Radon-Nikodym theorem theorem then implies that νac has a non-negative,
integrable density with respect to µ. This means that if νac  µ, we can
write dνac = ρ(x)dµ (see [33]). The density ρ is also called the Radon-
Nikodym derivative of νac (relative to µ) and it is often written as
dνac
=ρ.
dµ
We can use the density to change variables under the integral. For any
integrable f Z Z
f (x) dνac (x) = f (x)ρ(x) dµ(x) .
Thus ρ is the density of νac (with respect to µ). Often, µ is the Lebesgue
measure so that dµ(x) = dx. This is usually the case when we think of
188 9. Ergodic Theory

common probability measures in statistics, such as the Beta distribution on

[0, 1],
dν(x) = Cxa−1 (1 − x)b−1 dx .
This is an example of a measure that is absolutely continuous with respect
to the Lebesgue measure. In this case, ρ is called the probability density,
and its integral is ν(x) − ν(0), the cumulative probability distribution. The
R
constant C is needed to normalize the integral dν = 1.
The discrete measure νd is concentrated on a finite or countable set of
µ-measure zero. The measure δ0 is an example of this.
Finally, the measure ν p for p 6= 12 is an example of a singular continu-
ous measure with respect to the Lebesgue measure µ. This is a measure that
is singular with respect to µ, but, still, single element sets {x} that satisfy
µ({x}) = 0 also have ν p -measure zero.
Recall that Corollary 9.12 says that if p 6= q are two numbers in [0, 1],
then the measures ν p and νq are mutually singular, even though they are
clearly continuous with respect to one another by the above informal defi-
nition. Since this is maybe more than a little counter-intuitive, let us verify
that again.
Lemma 9.16. Let p, q distinct numbers in [0, 1]. The measures ν p and νq
are mutually singular.

Proof. As we saw in Section 9.4, the angle doubling transformation given

by T restricted to the interval [0, 1] is ergodic with respect to each of the two
measures. So let f (x) = 1 on [0, 12 ] and 0 elsewhere. Birkhoff’s theorem
implies that for x in a set of full ν p -measure, we have
n−1
1
Z
lim ∑ f (T i (x)) = f (x) dν p = p .
n→∞ n i=0 X

This means that ν p -almost all x land in [0, 12 ] a fraction p of the time on
average. Thus the set of points that land in [0, 12 ] on average a fraction q of
the time has ν p measure zero. But those have full νq measure. 

Note that the binary expansion of the ν p typical (that is: in a subset having
full measure) x has on average a fraction of exactly p ones.
9.6. Exercises 189

9.6. Exercises
Exercise 9.1. Reformulate the counter example in Section 9.1 as a counter
example in R. (Hint: two numbers in [0, 1] are equivalent if their difference
is rational. Let V a set the contains exactly one representative of each
class. Let R be the set of rationals in [−1, 2]. Then consider the union
∪r∈RV + r. Show that it should have measure between 1 and 3.)

Exercise 9.2. a) Show there is an open set in [0, 1] of arbitrarily small outer
measure that contains all the rationals in [0, 1].
b) Show there is a closed set in [0, 1] of measure greater than 1 − ε that
contains only irrational numbers.

Exercise 9.3. a) Show that countable sets have Lebesgue measure zero.
(Hint: use the Definition 9.4 and Corollary 9.5 (4).)
b) What is the Lebesgue measure of the following sets: the rationals in
[0, 1], the algebraic numbers in [0, 1], the transcendental numbers in [0, 1],
and the irrational numbers in [0, 1]?

Exercise 9.4. Show that any open set O in R is a finite or countable union
of disjoint open intervals. (Hint: for every x ∈ O there is an open interval
(a, b) ⊆ O that contains x. Now let α = inf{a : (a, b) ⊆ O , x ∈ (a, b)} and
similar for β . This way we obtain a partitioning of O into open intervals.
Each such interval must contain a rational number.)
In the next exercise, we prove the following Lemma.
Lemma 9.17. i) Any set in a probability space X with outer measure zero
is Lebesgue measurable with Lebesgue measure zero.
ii) A countable union of measure 0 sets has measure 0.

Exercise 9.5. a) Show that the empty set has measure zero. (Hint: X and
0/ are disjoint. Use criterion (4) in Section 9.1.)
b) Prove part (i) of the lemma for a non empty set. (Hint: a non empty set
contains a point which is a Borel set; now apply Definition 9.2.)
c) Prove part (ii) of the lemma. (Hint: use equation (9.1).)

Exercise 9.6. Let X = [0, 1], E the set of irrational numbers in X, and µ
the Lebesgue measure. R
a) Use exercise 9.3 to show that E dµ = 1. (Hint: approximate the
Lebesgue integral as in Section 9.1.)R
b) Show that the Riemann integral E dx is undefined. (Hint: look up the
exact definition of Riemann integral)
190 9. Ergodic Theory

Exercise 9.7. Construct the middle third set Cantor set C ⊆ [0, 1] in the
following way (Figure 40). At stage 0, take out the open middle third
interval of the unit interval. At stage 1, take out the open middle third
interval of the two remaining intervals. At stage n, take out the open middle
third interval of each of the 2n remaining intervals. The set C consists of
the points that are not removed. See also exercise 1.11.
a) Show that C consists of all points x = ∑∞ −i where {a }∞ are
i=1 ai 3 i i=1
arbitrary sequences in {0, 2} .
N

b) Show that the Lebesgue measure of C is zero.

c) Show that C is uncountable. (Hint: look at the proof of Theorem 1.23.)

0 1/9 2/9 1/3 2/3 7/9 8/9 1

Figure 40. The first two stages of the construction of the middle third
Cantor set. The shaded parts are taken out.

Exercise 9.8. Construct the set C ⊆ [0, 1] in the same way as in exercise
9.7, but now at stage n, take out (open intervals of) an arbitrary fraction
mn ∈ (0, 1) of each of the remaining intervals.
a) Show that C is non-empty. (Hint: find a point that is never taken out.)
i
b) Let mi = 1 − e−α for some α ∈ (0, 1). Compute the Lebesgue measure
of C and its complement. (Hint: at every stage, consider the length of the
set that is left over. You should get e−α/(1−α) . )
We remark that Cantor sets with positive measure such as those in exercise
9.8 are sometimes called fat Cantor sets.
Exercise 9.9. a) Show that the Borel sets contain the closed sets. (Hint: a
closed set is the complement of an open set.)
b) Show that the middle third Cantor set (see exercise 9.7) is a Borel set.
c) Show that the Cantor sets of exercise 9.8 are Borel sets.
d) Show the sets in (a), (b), and (c) are measurable.
e) Show that the complements of the sets in (d) are measurable.

Exercise 9.10. Construct the Cantor function c : [0, 1] → [0, 1], also called
Devil’s staircase as follows. See also exercise 9.7.
a) Start with stage 0: c(0) = 0 and c(1) = 1. At stage 1, set c(x) = 12 if
x ∈ [ 13 , 23 ].
b) At stage 2, set c(x) = 14 if x ∈ [ 19 , 92 ] and c(x) = 34 if x ∈ [ 79 , 89 ].
c) Use a computer program to draw 5 or more stages. c(x) is the continuous
function that is the limit of this process.
9.6. Exercises 191

Exercise 9.11. See exercise 9.10 for the definition of the Cantor function,
c(x).
a) Use exercise 9.7 (a) to show that for x in the Cantor set
∞ ∞
ai −i
x= ∑ ai 3−i =⇒ c(x) = ∑ 2
2 .
i=1 i=1
b) Show that on any interval not intersecting the Cantor set c is constant.
c) Show that c : [0, 1] → [0, 1] is onto.
d) Show that c is non-decreasing.
e) Show that c(x), is continuous. (Hint: find a proof that a non-decreasing
function from an interval onto itself is continuous.)
Since c is increasing, we can interpret it as a cumulative distribution func-
tion. The measure µ of [a, b] ⊆ [0, 1] equals c(b) − c(a). If [a, b] is inside
any of the flat parts, then its measure equals zero. Thus the measure of the
complement of the Cantor set is zero, and all measure is concentrated on
the Cantor set.
Exercise 9.12. Find the Lebesgue decomposition (Theorem 9.15) of c in
exercise 9.11 interpreted as a measure. Explain!

Exercise 9.13. a) Show that the derivative c0 of c of exercise 9.10 equals 0

almost everywhere.
b) Show that Lebesgue integration gives 01 c0 (t) dt = 0. (Hint: c0 (t) = 0
R

on a set of full measure. Then use the informal definition of Lebesgue

integration in Section 9.2.)
c) Conclude that in this case c(1) − c(0) = 01 c0 (t) dt is false.
R

The equation in item (c) of exercise 9.13 holds in the case where the func-
tion c admits a derivative everywhere.
Exercise 9.14. Consider the map t : [0, 1] → [0, 1] given by t(x) = {10x},
the fractional part of 10x.
a) Show that the Lebesgue measure dx is invariant under t.
b) Prove Corollary 9.14.
c) Use (b) to show that if an invariant set contains an interval, then it equals
[0, 1].
d) Show that the frequency with t n (x) visits the interval I = [0.358, 0.359)
equals the frequency with which 358 occurs (if that average exists).
e) Assuming ergodicity, show that for Lebesgue almost every x, that av-
erage equals 10−3 . (Hint: use the corollary to Birkhoff’s theorem with
f (x) = 1 on I and 0 elsewhere.)
192 9. Ergodic Theory

Exercise 9.15. In an interview, Yakov Sinai explained ergodicity as fol-

lows. Suppose you live in a city above a shoe store. One day you decide
you want to buy a perfect pair of shoes. Two strategies occur to you. You
visit the shoe store downstairs every day until you find the perfect pair. Or
you can rent a car to visit every shoe store in the city and find the best
pair that way. The system is ergodic if both strategies give the same result.
Explain Sinai’s reasoning.

Exercise 9.16. a) Show that there exist x in whose decimal expansion the
word “358” occurs more often than in almost all other numbers (see exer-
cise 9.14 (d)).
b) Show that the frequency of occurrences of “358” in the decimal expan-
sion of a number x does not necessarily exist.
c) What is the measure of of set of numbers referred to in (a) and (b). (Hint:
use Birkhoff’s theorem and its corollary.)

Exercise 9.17. a) Fix b > 1 and let w be any finite word in {0, 1, · · · b − 1}N
of length n. Show that for almost all x, the frequency with which that word
occurs in the expansion in base b equals b−n . (Hint: follow the reasoning
in exercise 9.14.)
b) The measure of the set of x for which that frequency is not b−n is zero.

Definition 9.18. Let b > 2 an integer. A real number in [0, 1] is called

normal in base b if its infinite expansion in the base b has the property
that all words of length n occur with frequency b−n . A number is called
absolutely normal if the property holds for every integer b > 2.

Exercise 9.18. Use exercise 9.17, Corollary 1.24, and Lemma 9.17 to show
that the set of words not normal in base b has measure 0.
Exercise 9.19. Show that the set of absolutely normal numbers has full
measure. (Hint: follow the reasoning of exercise 9.18.)

Exercise 9.20. a) Show that the set of numbers that are not normal in base
b > 2 is uncountable. (Hint: words with a missing digit are a subset of
these; see exercise 9.7.)
b) Repeat (a), but now for base 2. (Hint: rewrite in base 4 with digits 00,
01, 10, and 11; follow (a).)

Exercise 9.21. a) Show that the set of absolutely normal numbers is dense.
(Hint: follows from exercise 9.19.)
b) Show that numbers with finite expansion in base b are non-normal in
base b.
c) For any b > 1, show that the set of non-normal numbers inn base b is
also dense. (Hint: pick any number and approximate it.)
9.6. Exercises 193

Exercise 9.22. Show that a rational number is non-normal in any base.

(Hint: generalize proposition 5.8 to show that the expansion of a rational
number in base b is eventually periodic.)

Exercise 9.23. a) In base 2, construct a number C2 whose expansion is

the list of all finite words. Start with all length 1 words: “01”. Then ob-
tain all length 2 words by concatenating first a “0”, then a “1”, so you get
“0100011011”. And so forth. (Note: this number in base 2 and its general-
izations to base b are usually called Champernowne numbers [14][Chapter
4].)
b) Show that the number Cb whose expansion in base b is the list of all
finite words constructed following the method in (a) is normal in base b.
(Hint: pick a word w of length n. Show that w occurs in 1 out of bn times
in every “level” at least n.)

Definition 9.19. A real sequence {xi }∞

i=1 is equidistributed modulo 1 (with
respect to Lebesgue measure) if its fractional values {ai }∞
i=1 are such that
for each subinterval [a, b] of R/Z
|{a1 , a2 , · · · an } ∩ [a, b]|
lim = b−a.
n→∞ n
In other words: the frequency of hitting a set is proportional to the Lebesgue
measure of that set.

Exercise 9.24. Show that x is normal in base b > 2 in N if and only if

the sequence an = {xbn } is equidistributed modulo 1, where {·} means
fractional part.
As with so many issues√in number theory, for any of the numbers we care
about — such as e, π, 2, et cetera — it is not known (in 2021) whether
they are normal in any base.
Exercise 9.25. Show that a rotation on R/Z preserves the Lebesgue mea-
sure. (Hint: Corollary 9.5 (iii).)
Chapter 10

Three Maps and the Real

Numbers

Overview. In this chapter, we consider the three maps from [0, 1) to itself
that are most important for our understanding of the statistical properties of
real numbers. They are: multiplication by an integer n modulo 1, rotation
by an irrational number, and the Gauss map that we discussed in Chapter 6.
In doing this, we review three standard techniques to establish ergodicity.
In this chapter we restrict all measures, transformations, and so on to live in
one dimension ([0, 1) or R/Z).

10.1. Invariant Measures

If we wish to prove that a measurable transformation T : X → X is ergodic,
we first need to find an invariant measure. Recall the notions of pushforward
of a measure (Definition 9.6) and invariant measure (Definition 9.7).
Lemma 10.1. Let T : X → X a measurable transformation and µ a T -
invariant measure on X. Then for every µ-integrable function f , we have
Z Z
f (x) dµ(x) = f (T (x)) dµ(x) .

195
196 10. Three Maps and the Real Numbers

Proof. By definition of the pushforward, we have

Z Z
ϕ(y) dT∗ µ(y) = ϕ(T (x)) dµ(x) .
On the other hand, since µ is invariant, we also have
Z Z
ϕ(y) dT∗ µ(y) = ϕ(y) dµ(y) .
Putting the two together gives the lemma. 

In most cases, and certainly in this text, we are interested in invari-

ant measures ν that are absolutely continuous with respect to the Lebesgue
measure (see Section 9.3). Thus dν = ρ(x)dx. It is often easier to compute
with densities than it is with measures. We formulate the pushforward for
densities.
Lemma 10.2. The pushforward T∗ ρ by T of a density ρ is given by
ρ(x)
T∗ ρ(y) = ∑ .
T x=y |T 0 (x)|
This is called the Perron-Frobenius operator.

Proof. The measure of the pushforward T∗ ρ contained in the small interval

dy is ρ̃(y)dy. By Definition 9.6, it is equal to ∑T x=y ρ(x)dx where dx is the
length of the interval T −1 (dy) (see Figure 41). Now the length of T −1 (dy)

dy

−1 −1
T (dy) T (dy)

Figure 41. The inverse image of a small interval dy is T −1 (dy)

d −1
is of course equal to the length of dy T (y) dy. Since
d −1 dy
T (y) dy = 0 ,
dy |T (x)|
10.1. Invariant Measures 197

the result follows. 

Thus T preserves an absolute continuous measure with density ρ if and

only if
ρ(x)
ρ(y) = ∑ 0 (x)|
. (10.1)
T x=y |T
The first, and simplest, of the three transformations are the rotations. A
rotation T is invertible and T 0 (x) = 1. Therefore, if ρ(x) = 1, Lemma 10.2
also yields 1 for its pushforward T∗ ρ, and thus equation (10.1) is satisfied.
If instead T is defined as x → τx modulo 1, where τ is any integer other
than ±1 or 0, the situation is different, but still not very complicated. We
will call these transformations angle multiplications for short. Now each y
has |τ| inverse images {x1 , · · · xτ } and T 0 (xi ) = τ1 . So if ρ(x) = 1, Lemma
10.2 yields T∗ ρ(x) = 1 for the pushforward.
The situation is slightly more complicated for the Gauss map of Defi-
nition 6.1.
Proposition 10.3. i) Rotations and angle multiplying transformations on
R/Z preserve the Lebesgue measure.
ii) The Gauss map preserves the probability measure
1 dx
dν = .
ln 2 1 + x

Proof. We already proved item (i). For item (ii), notice that
Z x
1 1 1
ν([0, x]) = ds = ln(1 + s) ,
ln 2 0 1 + x ln 2
so ν([0, 1]) = 1 and ν is as probability measure. It is easy to check that (see
also Figure  the inverse image under T of [0, x] is the union of the
 117)1that
intervals a+x , a , and so

ν(T −1 ([0, x])) = ν 1 1

S∞  

a=1 a+x , a

1 a+1 a+1+x



= ln 2 ∑∞
a=1 ln a − ln a+x

1 a+x a+1+x



= ln 2 ∑∞
a=1 ln a − ln a+1

1
= ln 2 ln(1 + x) .
198 10. Three Maps and the Real Numbers

The last equality follows because the sum telescopes.

This computation shows that the measure on intervals of the form [0, x]
or (0, x) is invariant. Taking a difference, we see that the measure an any
interval (x, y) is invariant. Therefore, the same is true for any open set
(see 9.4). Thus it is true any Borel set (Definition 9.1). Since Lebesgue
measurable sets can be approximated by Borel sets (Proposition 9.3), the
result follows. 

At the end of this last proof, we needed to jump through some hoops
to get from the invariance of the measure of simple intervals to that of all
Borel sets. This can be avoided if we prove the invariance of the density
directly via equation (10.1). But to do that, you first need to know a tricky
sum, see exercises 10.6 and 10.7.
With the invariant measures in hand, we can now turn to proving the
ergodicity of the three maps starring in this chapter.

10.2. The Lebesgue Density Theorem

Proposition 10.4. Given a measurable set E ⊆ [0, 1] with µ(E) > 0, then
for all ε > 0 there is an interval I such that
µ(E ∩ I)
> 1−ε .
µ(I)
We will say that the density of A in I is greater than 1 − ε.

Proof. By Proposition 9.3, there are open sets On containing E such that
µ(On \E) = δn , where δn tends to 0 as n tends to infinity. Using property
(4) of Corollary 9.5, we see that
µ(On ) = µ(On \E) + µ(E) = µ(E) + δn . (10.2)
According to exercise 9.4, for each n, there is a collection of disjoint open
intervals {In,i } such that
On = ∪i In,i .
Now suppose that µ(E ∩ I) ≤ (1 − ε)µ(I) for all intervals. In particular this
holds for those intervals belonging to the collection of intervals {In,i }. So
for any n, we have
µ(E ∩ On ) = µ (E ∩ (∪i In,i )) = ∑ µ(E ∩ In,i ) ≤ ∑(1 − ε)µ(In,i ) .
i i
10.3. Rotations and Multiplications on R/Z 199

The middle equality follows again from property (4) of Corollary 9.5. No-
tice that the left-hand side equals µ(E), since On contains E, and the right-
hand side equals (1 − ε)µ(On ) by definition of the intervals In,i . Together
with equation (10.2), this gives
µ(E) = (1 − ε)µ(On ) = (1 − ε)(µ(E) + δn ) .
If n tends to infinity, δn tends to 0, and thus µ(E) must be 0. 

This is a weak version of a much better theorem. We do not actually

need the stronger version, but its statement is so much nicer, it is probably
best to remember it and not the proposition. A proof can be found in [48].
Theorem 10.5 (Lebesgue Density Theorem). If E is a measurable set in
Rn with µ(E) > 0, then for almost all x ∈ E
µ(E ∩ Bε (x))
lim = 1,
ε→0 µ(Bε (x))
where Bε (x) := {y ∈ Rn : |y − x| < ε}, the open ε ball centered at x. That
is: this holds for all x in E, except possibly for a set of µ measure 0.

10.3. Rotations and Multiplications on R/Z

In this section, we will invoke the Lebesgue density theorem, to prove the
ergodicity of multiplications by τ ∈ {±2, ±3, ·} modulo 1 and translations
by an irrational number ω modulo 1 on R/Z. We denote the Lebesgue
measure by µ. In each case, however, Proposition 10.4 is sufficient.
Lemma 10.6. Every orbit of an irrational rotation Rω is dense in R/Z.

Proof. We want to show that for all x and y, the interval [y − δ , y + δ ] con-
tains a point of the orbit starting at x. Denote by qpnn the continued fraction
convergents of ω (of Definition 6.4). By Lemma 6.12
lim x + qn ω − pn = x .
n→∞
Fix n be big enough enough, so that the distance (on the circle) between x
and x + qn ω − pn is less than δ . Then the points xi := x + iqn ω modulo 1
advance (or recede) by less than δ . And thus at least one must land in the
stipulated interval (see Figure 42). 
200 10. Three Maps and the Real Numbers

0 1
x x+2q om
x+om

x+q om x+om+q om

Figure 42. ω is irrational and qp is a convergent of ω. Then x + qω

modulo 1 is close to x. Thus adding qω modulo 1 amounts to a transla-
tion by a small distance. Note: “om” in the figure stands for ω.

Theorem 10.7. Irrational rotations modulo 1 are ergodic with respect to

the Lebesgue measure.

Proof. By Proposition 10.3, the Lebesgue measure is invariant.

Suppose the conclusion of the theorem is false. Then there is an invari-
ant set A such that both it and its complement Ac — which is also invariant
— have strictly positive measure. By Proposition 10.4, for every ε there are
intervals I and J where A, respectively Ac , have density greater than 1 − ε.
Suppose that the length `(I) of I is less than `(J). Then there is an n ≥ 1 so
that
n`(I) ≤ `(J) < (n + 1)`(I) .
By Lemma 10.6, there is i such that R−i 1
ω (I) falls in the first n -fraction of J,
another one in the second, and so forth (see Figure 43). In all cases, this

0 1

I J

Figure 43. `(I) is between 31 and 12 of `(J). So there are two disjoint
−1 that fall in J.
images of I under Rω

means that at least half of J is covered by images of I. By invariance, the

images of I have A density greater than 1 − ε. That means that A has density
at least 12 (1 − ε) in J, which is a contradiction. The case where `(I) = `(J)
is easy (see exercise 10.4). 

In the proof of the next theorem, we employ the same strategy as in the
proof of Proposition 9.13 and Corollary 9.14. But this time, the Lebesgue
density theorem helps us get a much stronger result.
Theorem 10.8. Multiplication by τ ∈ Z with |τ| > 1 modulo 1 is ergodic.
10.3. Rotations and Multiplications on R/Z 201

Proof. By Proposition 10.3, the Lebesgue measure is invariant.

Suppose that the set A is invariant and has positive measure. For any
ε > 0, we can find an interval J in which A has density at least 1 − ε2 . We
now cover J by intervals of the form τkn , k+1
 
τ n . These intervals form a larger
interval C: J ⊆ C. If we take n large enough, µ(C\J) will be very small,
and so the density of A in C will be at least 1 − ε.
There will be at least one interval I = τkn , k+1
 
τn where the density of A
is at least equal to the average, 1 − ε. But this interval is an inverse image of
[0, 1] under an affine branch of T n . Thus the density of A in [0, 1] is at least
1 − ε. Since ε > 0 is arbitrary, it follows that A must have full measure. 

These theorems have interesting consequences. The most important

one for rotations is the following.
∞
Corollary 10.9. For ω irrational, the sequence Riω (x) i=1 is equidis-


tributed (see Definition 9.19) modulo 1 for every x.

Proof. Define f : [0, 1) → [0, ∞) as f (x) = 1 if x is in the interval [a, b] and 0

else. Note that Rω is ergodic by Theorem 10.7 with respect to the Lebesgue
meaasure. By Corollary 9.10 to f , for almost all x
n−1
1
Z
lim ∑ f (T i (x)) = f (x) dx = b − a .
n→∞ n i=0 X

The sequences { f (T i (x))}∞ i 0

i=1 and { f (T (x ))}i=1 differ only by a trans-
∞

lation on the circle. So if one is equidistributed, then the other must be

too. 

The principal consequence of the ergodicity of multiplication is the

absolute normality (see Definition 9.18) of almost all numbers. This was
discussed at length in the exercises of Chapter 9.
There is an extension of Theorem 10.8 that will be useful in the next
section.
Corollary 10.10. Let {Ii } be a finite or countable partition of [0, 1] of in-
tervals of positive length `i so that ∑i `i = 1. On each interval Ii , define
fi : Ii → [0, 1] to be an affine map onto [0, 1]. Let T = ∪i fi . Then T pre-
serves the Lebesgue measure and is ergodic with respect to that measure.
202 10. Three Maps and the Real Numbers

0
0 1

Figure 44. An example of the system described in Corollary 10.10.

Proof. By hypothesis we have ∑i | fi |−1

i = ∑i `i = 1 and so the Perron-
Frobenius equation (10.1) immediately implies that the Lebesgue measure
is preserved.
Note that T n is piecewise affine and, since | fi0 | ≥ c > 1, each branch of
T n maps an interval of size less than c−n onto [0, 1]. Denote these intervals
by the nth level intervals. As in the proof of Theorem 10.8, assume there is
an invariant set A of positive measure. We can then again construct for any
positive ε an nth level interval I such that A has density at least 1 − ε. Since
that is an affine inverse image of [0, 1], A must have density at least 1 − ε on
all of [0, 1]. 

10.4. The Return of the Gauss Map

Our next aim is to show that the Gauss map T of Definition 6.1 is ergodic.
Thanks to Proposition 10.3, we know the invariant measure. It might seem
that Corollary 10.10 proves the rest. It almost does! The only problem is
that the that the branches of the Gauss map are not affine. Here is what the
problem with that is.
We suppose again that A is an invariant set of positive measure. Just like
before, for every ε > 0 we can take n big enough so that there an nth level
interval I where A has density 1 − ε. This interval I is of course an inverse
image of [0, 1] under T n . Thus there is a branch of T n that maps I to [0, 1]
just as before. What is the problem? That branch is not affine. It might have
bigger derivative in Ac ∩ I than it does in A ∩ I. That could distort the image
under T n in such a way that it changes dramatically the proportion between
10.4. The Return of the Gauss Map 203

the measure of Ac and A in [0, 1]. There is no way to tell, because we do not
even know what A is. The solution lies in controlling that distortion. If we
n (x )
can prove that for that particular branch ∂∂ TT n (y 0
is bounded independent
0)
of n by, say, K, then the argument of the proof of Proposition 10.3 gives that
a small interval with the density of A being greater than 1 − ε must map to
a large interval with density at least 1 − Kε. Since we can let ε as small as
we want, the set A ∩ [0, 1] must have measure 1.
The exposition in the remainder of this section and the next closely
follows [59].
Definition 10.11. Let I0 be an interval. The distortion D of T n on that
interval is defined as
∂ T n (x0 )
D := sup ln .
x0 ,y0 ∈I0 ∂ T n (y0 )
Here, ∂ stands for the derivative with respect to x.
Proposition 10.12. Let T be the Gauss map. The distortion of T n on any
nth level interval I0 is uniformly bounded in n.

Proof. Denote the forward images of I0 by I1 , I2 , et cetera. Similarly for x0

and y0 . Set In = [0, 1]. The chain rule gives
∂ T n (x0 ) = ∂ T (x0 ) · ∂ T (x1 ) · · · ∂ T (xn−1 ) .
Substitute this into the definition of the distortion to get
n−1
D≤ ∑ sup |ln |∂ T (xi )| − ln |∂ T (yi )|| .
i=0 xi ,yi ∈Ii
By the mean value theorem, there is zi ∈ Ii such that the right-hand side of
this expression equals
n−1 n−1
∑ |∂ ln |∂ T (zi )|| · |yi − xi | ≤ ∑ zsup
∈I
|∂ ln |∂ T (zi )|| · |Ii | .
i=0 i=0 i i

∂ 2T
Now we note that ∂ ln |∂ T | equals ∂ T . Furthermore, the mean value the-
|Ii+1 |
orem (once again) gives |Ii | = |∂ T (ui )| for some ui ∈ Ii . Substituting this into
the last equation, we get
n−1
∂ 2 T (zi )
D≤ ∑ z sup · |Ii+1 | . (10.3)
,u ∈I
i=0 i i i
∂ T (zi )∂ T (ui )
204 10. Three Maps and the Real Numbers

We need to estimate the two expressions in the right-hand side. Recall

that we are analyzing a single branch of T n . That implies that each interval
Ii lies in one of the basic — or first level — intervals ( ai 1+1 , a1i ] depicted in
figure 17, where ai is the continued fraction coefficient associated with that
particular branch. For that branch, we have
∂ 2 T (zi ) 1 1
≤ 2(ai + 1) and ≤ 2.
∂ T (zi ) ∂ T (ui ) ai
Next we estimate the length on nth level interval |I|. In figure 17, one can
see that the only place where |∂ T (x)| is small is when x is close to 1. These
points are then mapped by T to a neighborhood of zero where they pick up a
large derivative. It follows that the derivative of T 2 is positive and bounded
by some d > 1 and thus the length of the intervals In−i decays as Kd −i/2 .
Putting this together, we see that (10.3) gives
n−1
2(ai + 1)
D≤ ∑ Kd (i+1−n)/2 .
i=0 a2i
Since ai ∈ N, this tells us that the expression in (10.3) is uniformly bounded
in n. 

As explained in the introduction to this section, our main result follows

immediately.
1 dx
Corollary 10.13. The Gauss map is ergodic with respect to dν = ln 2 1+x .

10.5. Number Theoretic Implications

Finally, it is pay-back time! We have seen some rewards for our efforts to
understand ergodic theory in terms of understanding normality in the exer-
cises of Chapter 9 (Definition 9.18). But the real pay-off is in understanding
some basic properties of the continued fraction of “typical” real numbers.
This is what we do in this section.
In this section, T denotes the the Gauss transformation and ν its in-
variant measure (see Proposition 10.3) while µ will denote the Lebesgue
measure. Note that a set has µ measure zero if and only if it has ν mea-
sure zero (exercise 10.1). For the continued fraction coefficients an and the
continued fraction convergents qpnn , see Definition 6.4.
10.5. Number Theoretic Implications 205

We start with a remarkable result that says that the arithmetic (usual)
mean of the continued fraction coefficients diverges (item (i)) for almost all
numbers, but their geometric mean is almost always converges (item (ii)).
Theorem 10.14. For almost all numbers x, the continued fraction coeffi-
cients an =an (x) satisfy:
a1 + ... + an
i) limn→∞ = ∞ and
n
 − log2 a
1
ii) limn→∞ (a1 · ... · an )1/n = ∏∞
a=1 1 − (1+a)2 < ∞.
This last constant is approximately equal to 2.86542 · · · is called Khinchin’s
constant.

Proof. i) Define fk : [0, 1] → N by

1 1

For a ∈ {1, · · · k} : fk (x) = a if x ∈ a+1 , a
 1 
fk (x) = 0 if x ∈ 0, k+1 .
Denote the pointwise limit by f∞ . We really want to use Corollary 9.10 to
show that the “time average”
1 n−1
 
a1 + ... + an
lim = lim ∑ f∞ (T i (x))
n→∞ n n→∞ n
i=0
is unbounded. But f∞ is not integrable and so cannot be used. However this
sum is bounded from below by the right-hand side if we replace f∞ by fk
(which is integrable). Proposition 10.3 and Corollary 9.10 say that the time
average of fk equals
Z 1 k 1
1 fk (x) 1 a
Z
a
dx = ∑ dx (10.4)
ln 2 0 1+x ln 2 a=1
1
a+1
1+x
The integral of 1/(1 + x) is of course ln(1 + x) and so the above gives
1 k
    
a+1 a+2
∑ a ln a − ln a + 1 .
ln 2 a=1
(10.5)

This sum telescopes and the student should verify (see exercise 10.14) that
this gives   
1 1
ln(k + 1) − k ln 1 + , (10.6)
ln 2 k+1
which diverges as k → ∞ and proves the first statement.
206 10. Three Maps and the Real Numbers

ii) This proof is very similar to that of (i), except that now we want to
compute the “time average”
 
ln a1 + ... + ln an
lim .
n→∞ n
The exponential of this will give us the result we need. So this time, we
define  
1 1
For a ∈ N : g∞ (x) = ln a if x ∈ , . (10.7)
a+1 a
This time around, g∞ is ν-integrable (as we will see below) and we get
Z 1 ∞     
1 g∞ (x) ln a a+1 a+2
dx = ∑ ln − ln . (10.8)
ln 2 0 1 + x a=1 ln 2 a a+1
ln a
(Note that = log2 a.) Since we can write
ln 2
     
a+1 a+2 1
ln − ln = − ln 1 − , (10.9)
a a+1 (a + 1)2
we finally get the result (as well as the assertion that g∞ is ν-integrable) by
taking the exponential of the sum in (10.8). 

An example of a sequence {an }∞ n=1 that has a diverging running aver-

age, but whose running geometric average converges, is given by an = 1,
k
except when n = 22k we set a22k = 22 . For n = 22k , we have
a1 + ... + an an k
> = 22 −2k ,
n n
which clearly diverges as k → ∞. Meanwhile, the geometric average at that
point is (after taking the logarithm):
k j
ln a1 + ... + ln an ∑ j=1 2 ln 2 2k+1 − 1
= = ln 2 .
n 22k 22k
The latter converges to 0, which makes the geometric average 1.
Theorem 10.15. For almost all numbers x, the convergents pn (x)/qn (x)
satisfy
π2
i) limn→∞ lnnqn = , and
12 ln 2
2
ii) limn→∞ n1 ln x − qpnn = − 6 πln 2 .

π2
Remark 10.16. The constant 12 ln 2 ≈ 1.1866 · · · is called Lévy’s constant.
10.5. Number Theoretic Implications 207

Proof. Item (ii) follows very easily from (i), see exercise 10.20. So here
we will prove only (i).
To simplify notation in this proof, we will write xi := T i (x0 ) where T
is the Gauss map. For the nth approximant of x0 ∈ (0, 1), see Definition 6.4,
(x)
we will write qpnn(x) . From that same definition, we conclude
pn (x0 ) 1 qn−1 (x1 )
= = .
qn (x0 ) a1 (x0 ) + pn−1 (x1 )/qn−1 (x1 ) a1 (x0 )qn−1 (x1 ) + pn−1 (x1 )
See also exercise 10.2 (a). By Corollary 6.8 (ii)), gcd(pn , qn ) = 1, and so
from exercise 10.2 (b) we see that pn (x0 ) equals qn−1 (x1 ). More generally,
we have by the same reasoning
pn (x j ) = qn−1 (x j−1 ) .
This implies that
pn (x0 ) pn−1 (x1 ) pn−2 (x2 ) p1 (xn−1 ) 1
· · ··· = ,
qn (x0 ) qn−1 (x1 ) qn−2 (x2 ) q1 (xn−1 ) qn (x0 )
since p1 = 1 by Theorem 6.6. Now we take the logarithm of the last equa-
tion. This yields
1 n−1 1 n−1
 
1 pn−i (xi )
− ln qn (x0 ) = ∑ ln xi − ∑ ln xi − ln .
n n i=0 n i=0 qn−i (xi )
Two more steps are required. The first is showing that the last sum is
finite. This not difficult, because
1 n−1 qn−i (xi )xi 1 n−1
 
(qn−i (xi )xi − pn−i (xi ))
∑ ln pn−i (xi ) = n ∑ ln 1 +
n i=0 pn−i (xi )
.
i=0
Corollary 6.7 or, more precisely, exercise 6.16 yields that
|qn−i (xi )xi − pn−i (xi )| 1 √
< < 2−(n−i) 2 ,
pn−i (xi ) pn−i (xi )qn−i+1 (xi )
where the last inequality follows from Corollary 6.8 (i). The fact that for
small x, ln(1 + x) ≈ x concludes the first step (see also exercise 10.12).
Since the above sum is bounded and xi = T i (x0 ), we now divide by n
and take a limit to get
1 1 n−1
lim − ln qn (x0 ) = lim ∑ ln T i (x0 ) .
n→∞ n n→∞ n
i=0
208 10. Three Maps and the Real Numbers

The second step is then to compute the right-hand side of this expression.
Naturally, the ergodicity of the Gauss map invites us to employ Birkhoff’s
theorem in the guise of Corollary 9.10 with f (x) set equal to ln(x).
1 n−1
Z 1
ln x
∑ ln T i (x0 ) =
n i=0 0 (1 + x) ln 2
dx .

The integral is evaluated in exercise 10.19. 

10.6. Exercises
Exercise 10.1. Show that for a set A: µ(A) = 0 (Lebesgue measure) if and
only if ν(A) = 0 (invariant measure of the Gauss map). (Hint: write both
equalities in terms of Lebesgue integrals.)

Exercise 10.2. To reacquaint ourselves with continued fractions, consider

1 def
x0 = ≡ [a1 , a2 , a3 , · · · ] . (10.10)
a1 + a + 1 1
2 a3 + ···

a) Show that bx0−1 c = a1 and that

1 def
T (x0 ) = x0−1 − a1 = 1
≡ [a2 , a3 , · · · ] .
a2 + a3 + a 1
4 + ···

b) Show that if gcd(p, q) = 1, then gcd(p + aq, q) = 1. (Hint: use Lemma

2.5.)

Exercise 10.3. a) Show that every probability density ρ on R/Z gives rise
to an invariant measure under the identity.
b) What are the absolutely continuous measures — i.e. with a density, see
Section 9.5 — that are invariant under rotation by 1/2? (Hint: consider
densities with period 1/2.)
c) The same for rotation by p/q for p and q in N.
d) Show that the uniform density — with density ρ(x) = 1 — is invariant
under x → nx modulo 1 (where n ∈ N).

Exercise 10.4. At the end of the proof of Theorem 10.7, assume that
|I| = |J| and complete the proof in that case.
a) Show that for every ε > 0, there is i such that Riω (I) falls in an ε-
neighborhood of J.
b) Estimate the fraction of J that must be in A.
c) Show that this gives a contradiction.
10.6. Exercises 209

Exercise 10.5. Let R0 be identity on R/Z.

a) Show that for any x, the delta measure δx is an invariant measure for R0 ,
and that I is ergodic with respect to that measure.
b) Show that for any of the invariant measure in exercise 10.3 (a), R0 is not
ergodic.
c) Show that R0 is not ergodic with respect to any of the measures of exer-
cise 10.3 (c).
1 1
Exercise 10.6. Show that ∑∞ i=1 (x+i)(x+i+1) = x+1 for all x ∈ R except the
negative integers. (Hint: use partial fractions, then note that the resulting
sum telescopes.)

Exercise 10.7. Prove that the Gauss map preserves the measure of Propo-
sition 10.3 via equation (10.1). Do not use the computation in the proof of
that proposition. (Hint: use exercise 10.6.)

Exercise 10.8. Show that ρ(x) = 1 is the only continuous invariant proba-
bility density of an irrational rotation R. (Hint: if ρ is invariant under R, it
must be invariant under Ri for all positive i. Use Lemma 10.6.)

Exercise 10.9. a) Show that ρ(x) = 1 is the only continuous invariant den-
sity for the angle doubling map. (Hint: use a reasoning similar to that of
Proposition 9.13.)
b) Check that the same is true for the map x → τx modulo 1 where τ ∈ Z
and τ > 1.
Exercise 10.10. The orbit of any irrational rotations is uniformly dis-
tributed. So why do we encounter specifically the golden mean in phyl-
lotaxis — the placement of leaves? Research this and add illustrations.

Exercises 10.11 and 10.12 discuss some very useful properties of the log-
arithm for later reference. In fact, they are useful in a much wider context
than discussed here. For instance, exercise 10.11 comes up in any discus-
sion of entropy [19] or in deciding the stability of Lotka-Volterra dynamical
systems [53]. Exercise 10.12 is important for deciding the convergence of
products of the form ∏(1 + xi ).
210 10. Three Maps and the Real Numbers

Exercise 10.11. a) Show that if x > −1, then ln(1 + x) ≤ x with equality
iff x = 0. (Hint: draw the graphs of ln(1 + x) and x.)
b) Let pi and qi positive and ∑i pi = ∑i qi . Use (a) to show that
− ∑i pi ln pi ≤ − ∑i pi ln qi . (Hint: − ∑i pi (ln pi − ln qi ) = ∑i pi ln qpii ≤
∑i qi − pi by (a).)
c) Let Sn be the open n-dimensional simplex pi > 0 and ∑ni=1 pi = 1. Show
that h : Sn → R given by h(p) = − ∑i pi ln pi has a single extremum at
pi = 1n . (Hint: The constraint is C = ∑i pi must be equal to 1. Deduce that
at the maximum, the gradients of h and C must be parallel.)
d) Show that this extremum is a maximum. (Hint: set f (x) := −x ln x and
show that f 00 (x) < 0. As a consequence, if wi are positive weights such
that ∑i wi = 1, we have Jensen’s inequality or f (∑i wi pi ) ≥ ∑i wi f (pi ).
See Figure 45.)

wx+(1−w)y
x y

Figure 45. Illustration of the fact that for a concave function f , we have
f (wx + (1 − w)y) ≥ w f (x) + (1 − w) f (y) (Jensen’s inequality).

In the next exercise, we prove this lemma.

Lemma 10.17. Suppose that xn > −1 and limn→∞ xn = 0. Then ∑n ln(1 +
xn ) converges absolutely if and only if ∑n xn converges absolutely. Also
∑n ln(1 + xn ) diverges absolutely if and only if ∑n xn diverges absolutely.
ln(1+x)−x
Exercise 10.12. a) Show that limx→0 x2
= − 12 . (Hint: use L’Hôpital
twice.)
b) From (a), conclude that if xn > −1 and limn→0 xn = 0, then ∃a > 0
such that for all n large enough |ln(1 + xn )| ≤ b|xn |. (Hint: use the direct
comparison text.)
c) From (a), conclude that if xn > −1 and limn→0 xn = 0, then ∃b > 0 such
that for all n large enough |xn | ≤ b |ln(1 + xn )|.
d) Show that (b) and (c) imply Lemma 10.17.
The next four exercises provide some computational details of the proof of
Theorem 10.14.
10.6. Exercises 211

Exercise 10.13. Compute the frequency with which an (x) = a occurs.

(Hint: set f (x) = 1 on (1/(1 + a), 1/a]. Then use Birkhoff.)

Exercise 10.14. a) Show that the right-hand side of (10.4) gives (10.5).
b) Show that (10.5) gives (10.6). (Hint: write out the first few terms explic-
itly.)
c) Use exercise 10.11 (a) to bound the second term of (10.6).
d) Conclude that (10.6) is unbounded.

Exercise 10.15. a) Show the equality in (10.8) holds.

b) Show the equality in (10.9) holds.
c) Show that (10.9) implies part (ii) of Theorem 10.14.

Exercise 10.16. a) Show that instead of (10.9), we also have

     
a+1 a+2 1
ln − ln = ln 1 + 2 .
a a+1 a + 2a
b) Use exercise 10.11 (a) to show that
 
1 1
ln 1 + 2 ≤ 2.
a + 2a a
c) Use (a) and (b) and equation (10.8) to show that
Z 1 ∞
1 g∞ (x) 1 ln a
dx ≤ ∑ .
ln 2 0 1+x ln 2 a=1 a2
(Hint: indeed, this is equivalent to the fact that g∞ is integrable. Can you
explain that?)
d) Show that (c) implies that Khinchin’s constant is bounded. (Hint: find
√
the maximum of ln a − 2 a. Then use Figure 9.)

Exercise 10.17. Use exercise 10.16 (a) to show that Khinchin’s constant
 log2 a
1
equals ∏∞a=1 1 + (1+a)2 .

Exercise 10.18. Let ν be absolutely continuous with respect to the

Lebesgue measure µ. Show that if a set has full µ measure then it has
full ν measure.
212 10. Three Maps and the Real Numbers

Figure 46. Plot of the function ln(x) ln(1 + x)

.

Exercise 10.19. a) Show that limx→0 ln(x) ln(1+x) = 0 (Figure 46). (Hint:
for the limit as x → 0, substitute x = ey , then use L’Hopital.)
R ln(1+x)
b) Use (a) to show that I := 01 (1+x)
ln x
dx = − 01
R
x dx. (Hint: integra-
tion by parts.)
(−1)n+1 xn
c) Show that ln(1 + x) = ∑∞ i=1 n .
d) Substitute (c) into I and integrate term by term to get I =
n −2
∑∞n=1 (−1) n .
2
e) The sum in (d) equals π12 . Show that that gives the result advertised in
Theorem 10.15. (Observation: we sure took the cowardly way out in this
last step; to really work out that last sum from first principles is elementary
but very laborious. The interested student should look this up on the web.)

n −2 = π while from2
In exercise 10.19, note the curious fact that ∑∞
n=1 (−1) n 12
−2 = π2
exercise 2.26 we have that ζ (2) = ∑∞
n=1 n 6 .

Exercise 10.20. a) Use exercise 6.16 and Theorem 10.15 (i) to show that
for almost all ω ∈ [0, 1]
1 pn π2
lim ln ω − =− .
n→∞ n qn 6 ln 2
b) What do you in (a) get if ω is rational? Is that a problem?

Definition 10.18. Given a one dimensional smooth map T : [0, 1] → [0, 1],
the Lyapunov exponent λ (x) at a point x is given by
1
λ (x) := lim ln |DT n (x)| ,
n→∞ n
10.6. Exercises 213

assuming that the limit exists. (There is a natural extension of this notion
for systems in dimension greater than or equal to 2, but we do not need it
here.)

Exercise 10.21. What does Definition 10.18 tell you about how fast T n x
and T n y separate if x is a typical point and y is very close to x?

Exercise 10.22. Let T be the Gauss map and µ its invariant measure. Show
that the Lyapunov exponent at x satisfies
n−1
1
λ (x) = lim ∑ ln DT (T j (x)) .
n→∞ n
j=0
(Hint: think chain rule.)
b) Show that Birkhoff’s theorem (Corollary 9.10) implies that for almost
all x ∈ [0, 1]
Z 1
−2 ln x
λ (x) = dx .
0 ln 2 (1 + x)
(Hint: refer to exercise 10.18.)
c) Use the last part of the proof of Theorem 10.15 and exercise 10.19 to
2
show that for almost all x, the Lyapunov exponent equals 6πln 2 ≈ 2.3731.

Exercise 10.23. a) See exercise 10.22. Let T be the Gauss map and x =
[n, n, · · · ]. Determine the Lyapunov exponent at x. (Hint: see also exercise
6.3.)
b) Why are these exponents different from the one computed in exercise
10.22?
Exercise 10.24. Let T be the map given in Corollary 10.10. a) Show
that for almost all points x, the Lyapunov exponent is given by λ (x) =
− ∑i `i ln `i . (Hint: see also exercise 10.22.)
b) Show that the answer in (a) is greater than 1.
c) Show if the map has n branches, then the Lyapunov exponent is extremal
if all branches have the same slope. (Hint: exercise 10.11 (c).)
d) Show that this extremum is a maximum. (Hint: exercise 10.11 (d).)

Exercise 10.25. a) Show that if k ∈ N is such that log10 k is rational, then

k = 10r , r ∈ N. (Hint: Prime factorization.)
b) From now on, suppose k 6= 10r . Show T : x → x + log10 k modulo 1 is
ergodic.
c) Let f (x) = 1 when x ∈ [log10 7, log10 8] and 0 elsewhere. Compute
limn→∞ n1 ∑ni=0 f (T i (x)).
d) Explain how often 1 through 9 occur in {ki x}∞
i=0 as first digits.
e) How often does any combination of any 2 successive digits, say 36,
occur as first digits?
214 10. Three Maps and the Real Numbers

Stock prices undergo multiplicative corrections, that is: each day their price
is multiplied by a factor like 0.99 or 1.01. On the basis of the previous prob-
lem, it seems reasonable that the distribution of their first digits satisfies the
logarithmic distribution of exercise 10.25. In fact, a much wider range of
real world data satisfies this distribution than this “multiplicative” explana-
tion would suggest. This phenomenon is called Benford’s law and appears
to be only partially understood [10].
Chapter 11

The Cauchy Integral

Formula

Overview. Again, we need to venture very far, apparently, from number

theory to make progress. In the mid 19th century, the main insight in num-
ber theory came from Riemann, who realized that the distribution of the
primes was intimately connected to the properties of the (analytic continu-
ation of the) Riemann zeta function to the complex plane. In this chapter,
we develop the necessary complex analysis tools — essentially the Cauchy
integral formula — to study the convergence of a certain improper integral
(Theorem 11.18), which is the key to the proof of the prime number theo-
rem in the next chapter (Theorem 12.14). For more detailed introductions
to complex analysis, we refer to [3, 21, 35].

11.1. Analyticity versus Isolated Singularities

Definition 11.1. A set is open if it contains no points lying on its boundary
and connected if it is not the disjoint union of two non-empty open sets. A
domain or region is an open, connected set in C.

An excellent source for information on topological notions such as connect-

edness is [40].

215
216 11. The Cauchy Integral Formula

Definition 11.2. Let A be a domain. A function f : A → C is analytic at z0

if
f (z0 + δ ) − f (z0 )
f 0 (z) := lim
δ →0 δ
exists in a neighborhood of z0 . The word holomorphic is synonymous with
analytic. If f is analytic on all of C, it is also called an entire function.

We will use the fact that this says that analyticity is an open condition.
Corollary 11.3. If f is analytic at z0 , then it is analytic in an open neigh-
borhood of z0 .

This creates, as it were, a loophole which will be crucial in the proof of

Theorem 11.18. Suppose we know f is analytic some closed set S. Then in
fact, f must be analytic in some open set containing S. Because if not, there
must be a sequence of points zi converging to z ∈ S where f is not analytic.
Then at z, f would not be analytic! See Figure 47.

{z }
i

Figure 47. If f is analytic on the closed set S, then f must be analytic

on some open set containing S.

Naturally, not all functions are analytic everywhere. What happens at

or near a point z where f is not analytic? We say that f is singular at such a
point z0 . If there is a neighborhood1 in which it is the only singularity, we
call it an isolated singularity. One can prove that every isolated singularity
is one of the ones defined below.
Definition 11.4. These are the types of isolated singularities at z0 .
i) f may have a removable singularity. In this case, f (z0 ) can be given a
sin(z−z0 )
value in such a way that f becomes analytic at z0 . An example is z−z0 .

1An open neighborhood of z minus the point z itself is often called a punctured neighborhood of z .
0 0 0
11.1. Analyticity versus Isolated Singularities 217

ii) f may have a pole of order k ∈ N. An example of this is ak (z − z0 )−k +

ak−1 (z − z0 )−(k−1) with ak 6= 0. A pole of order 1 is called a simple pole.
iii) f may have an essential singularity. This is a pole of “infinite order”.
An example is e1/(z−z0 ) . (Expand as eu and substitute u = (z − z0 )−1 .)

One might be tempted to say that the example in item (ii) above consists
of two singularities, one of order k and one of order k −1. However, we have
ak ak−1 (ak + ak−1 )z − ak−1 z0
+ = .
(z − z0 )k (z − z0 )k−1 (z − z0 )k
The numerator does not vanish at z0 , and so we have one singularity of order
k. A pole of “infinite order” in item (iii) means that the expansion contains
infinitely many non-zero terms ak (z − z0 )−k with k ∈ N.
Remark 11.5. A subtle — but sometimes important — point that is the
observation that branch points like the origin for z → (z − z0 )1/2 or z →
ln(z − z0 ) are not isolated singularities. The reason is that in any punctured
neighborhood of the origin these “functions” are not one-valued. In other
words, they are not functions, and therefore a fortiori they are not analytic
functions. Even if you redefine the function in this neighborhood so that
it describes a single branch of that function, then still there is a line of
discontinuities (the branch cut) with the branch point as its endpoint.
For completeness, we mention the only other types of singularities:
cluster points , these are limit points of other singularities; and natural
boundaries , entire sets where singularities are dense. An example of the
latter is the unit circle for the function ∑∞ n!
n=1 z . Needless to say, these
singularities are not isolated.
All singularities mentioned in this remark are non-isolated, and if z0 is
the locus of such a singularity, it is not possible to approximate its behavior
in terms of integral powers of (z − z0 ).
Definition 11.6. A function f is meromorphic in a domain A if it has only
isolated poles in the domain. It is meromorphic if this holds on all of C.

We need a criterion for uniform convergence.

Lemma 11.7 (Weierstrass M test). Let A ⊆ C and gn : A → C a sequence
of functions. Suppose that |gn (z)| ≤ mn on A and that ∑n mn converges
(uniform absolute convergence ). Then for all z in A:
218 11. The Cauchy Integral Formula

i) ∑∞n=1 |gn (z)| converges (absolute convergence), and

ii) For all ε > 0, there is n0 so that for all n > n0 : ∑∞
n+1 gi (z) < ε (uniform
convergence).

Proof. Item (i) follows immediately from the hypotheses. Item (ii) follows
from the fact that ∑∞ ∞ ∞
n+1 gi (z) ≤ ∑n+1 | gi (z)| ≤ ∑n+1 mi and the conver-
gence of ∑n mn (so the partial sums of {mn } form a Cauchy sequence). 

11.2. The Cauchy Integral Formula

First we set the scene with some notation. Let [a, b] be an interval in R of
positive length. A curve is a piecewise differentiable function γ : [a, b] → C.
Its orientation is the direction of increasing t ∈ [a, b]. A simple, closed curve
is a curve without self-intersections and whose endpoints are identical (or
γ(a) = γ(b). It follows that the complement of γ consists a well-defined
“inside” component and a “outside” component (see Figure 48). A line
R
integral evaluated along the curve γ is denoted by γ . If the curve is simple
H H
and closed, one often writes γ or simply .

Figure 48. Left, a curve. Then two simple, closed curves with opposite
orientation. The curve on the right is a union of two simple, closed
curves.

Proposition 11.8 (Cauchy’s Theorem). Let γ be a simple, closed curve

and assume f is analytic on γ and in its interior with at most finitely remov-
H
able singularities. Then we have γ f (z) dz = 0

For students familiar with differential forms and Stokes’ theorem, we

give a very simple proof. Students unfamiliar with that material can skip the
first paragraph of the proof. A full proof without assuming Stokes is more
laborious and can be found in [3] and in [35]. A proof of Stokes’ theorem
can be found in [45] Chapter 5, Section 9.
11.2. The Cauchy Integral Formula 219

Proof. By assumption γ bounds an ‘inside’ region D: γ = ∂ D. First assume

f is analytic in D (including boundary). As usual, we write f = u + iv and
z = x + iy to relate the complex notation to calculus in Rn .
I Z Z
f dz = u(dx + idy) + iv(dx + idy)
∂D ∂D ∂D
Z Z
udx − vdy + i udy + vdx .
∂D ∂D
By Stokes’ theorem, for any differential form ω on a region D with a piece-
R
wise differentiable boundary as specified by the proposition, we have ∂ D ω =
R
D dω, where d stands for the exterior derivative. Now
d(udx − vdy) = −(∂y u + ∂x v)dxdy and d(udy + vdx) = (∂x u − ∂y v)dxdy .
both of which are zero by the Cauchy-Riemann equations of Proposition
11.23 (exercises 11.11, 11.12, and 11.13). in the exercises. Hence,
I I
f dz = d( f dz) = 0
∂D D
if f is analytic.
Since f has only finitely many singularities, they cannot accumulate.
Now suppose that f has an isolated singular point z0 at which it is, however,
continuous. Let c be a circular path of small radius ε around z0 so that the
ε-disk around z0 does not contain any other singular points or points of γ
(see Figure 49). Let p be a path that connects γ to c. Now the curve Γ

c
z0 D

p gamma

Figure 49. In the interior of the curve obtained by concatenating γ, p,

H H
c, and −p, f is analytic. Therefore γ f dz − c f dz = 0. If f is also
H
bounded inside c, we also have c f dz = 0.

obtained by concatenating γ, p, c, and −p is a simple closed curve and thus

H
Γ f = 0. The integrals along p and −p
H
cancel one another. By continuity,
| f | is bounded by some M and so | c f | is bounded by 2πεM. We can
220 11. The Cauchy Integral Formula
H H
choose ε as small as we want, and so | c f | must be 0. Therefore, γ f =
H H
Γ f − c f = 0. 

It is also instructive to compare this with calculus on the real line. If

f : R → R is piecewise differentiable and continuous, then from calculus,
we know that Z b
f dx = F(b) − F(a) .
a
This does not depend on the path we choose to get from a to b. Let yi :
[0, 1] → [a, b] be different parametrizations of the segment [a, b]. Then
I Z Z  Z 1 Z 1
f= − f= f (y1 (t))y01 (t) dt − f (y2 (t))y02 (t) dt = 0 .
γ1 −γ2 γ1 γ1 0 0
It is this statement that Cauchy’s theorem generalizes.
Theorem 11.9 (Cauchy’s Integral Formula). Let γ be a simple, closed
curve going around z once in counter-clockwise direction and suppose that
f is analytic on and inside γ. Then
1 f (w)
Z
f (z) = dw .
2πi γ w−z

Proof. Define the function g


 f (w)− f (z) w 6= z
w−z
g(w) =
 f 0 (z) w=z
H
The function g is continuous and therefore analytic (also at z). So γ g = 0.
By linearity,
f (w) 1
Z Z Z
dw = g(w) dw + f (z) dw .
γ w−z γ γ w−z
The first integral in the right-hand side is zero by Cauchy’s theorem (Propo-
sition 11.8). Now let c be the curve w = z + reit with t ∈ [0, 2π]. The same
construction as in the second part of the proof of Proposition 11.8 shows
H H H H
that γ − c = 0 (see Figure 49) and thus γ = c . So
ireit
Z 2π
1
Z
dw = dt = 2πi .
γ w−z 0 reit
Substituting this into the earlier equation yields the statement. 
11.3. Corollaries of the Cauchy Integral Formula 221

Remark. The surprising aspect of this formula is that the value of an ana-
lytic function at z0 is determined by the values of that function on a simple,
closed curve that encircles z0 .

11.3. Corollaries of the Cauchy Integral Formula

Cauchy integral formula can be used to show the remarkable result that a
function that is analytic at z0 has derivatives of all orders at that point. These
derivatives are denoted by f (k) (z0 ). The simplest way of proving this is by
actually calculating an expression for these derivatives.
Lemma 11.10. Suppose that w − z 6= 0, then for |d| small enough w − z −
d 6= 0 and for some K we have
k(w − z)k−1 + R(d)d
   
1 1 1
− = ,
d (w − z − d)k (w − z)k (w − z − d)k (w − z)k
with |R(d)| ≤ K.

Proof. First set

1 1 (w − z)k − [(w − z) − d]k
− = .
(w − z − d)k (w − z)k (w − z − d)k (w − z)k
According to the binomial theorem (Theorem 5.30), there is a K such that
−[(w − z) − d]k = −(w − z)k + k(w − z)k−1 d + R(d)d 2 .
with |R(d)| ≤ K. Inserting this and canceling d in the left-hand side yields
the lemma. 
Theorem 11.11. Let γ be a simple, closed curve going around z once in
counter-clockwise direction and suppose that f analytic on and inside γ
(see Figure 50). Then for the kth derivative of f at z0 , or f (k) (z0 ), we have
f (k) (z) 1 f (w)
I
i) = dw .
k! 2πi γ (w − z)k+1

f (k) (z) M`(γ)

ii) ≤ ,
k! rk+1
where M = maxw∈γ (| f (w)|), `(γ) is the length of γ, and r is a lower bound
for the distance of z to γ.
222 11. The Cauchy Integral Formula

Proof. Cauchy’s integral formula establishes the result for k = 0. The in-
duction step proceeds as follows. Suppose we are given
(k − 1)! f (w)
I
f (k−1) (z) = dw .
2πi γ (w − z)k
Since z lies inside γ, so does z + d if d is small enough (Figure 50). We use

r
z+d
z

Figure 50. The curve γ goes around z exactly once in counter-

clockwise direction. If d is small enough, z + d also lies inside γ.

(k−1) (z+d)− f (k−1) (z)

the induction hypothesis to compute the next derivative as limd→0 f d .
This equals
I 
(k − 1)! f (w) f (w)
I
· · · = lim k
dw − k
dw
d→0 2πid γ (w − z − d) γ (w − z)

 
(k − 1)! 1 1
I
= lim f (w) − dw
d→0 2πid γ (w − z − d)k (w − z)k

k(w − z)k−1 + R(d)d

 
(k − 1)!
I
= lim f (w) dw .
d→0 2πi γ (w − z − d)k (w − z)k
The first and second equalities above follow by linearity of integration. The
final equality uses Lemma 11.10. The limit can now be taken safely, be-
cause the denominator is never zero, and so everything is nice and continu-
ous.
I  
k! f (w)
··· = dw .
2πi γ (w − z)k+1
This establishes (i). Item (ii) follows immediately. 

This has the remarkable implication that an analytic function — defined

as having one derivative, Definition 11.2 — has derivatives of all orders. In
particular, we have the following result.
11.3. Corollaries of the Cauchy Integral Formula 223

Corollary 11.12. The derivative of an analytic function is again analytic.

Proposition 11.13 (Morera’s Theorem). If f is continuous and if always
H
f dz = 0 in some region A, then f is analytic in A.

z c
z+d

z
0

Figure 51. F(z) does not depend on the path. So F(z + d) − F(z) =
R
c f ≈ f (z)d

Proof. Pick a point z0 and set F(z) := zz0 f (w) dw. Because f (w) dw = 0,
R H

F(z) does not depend on the path from z0 to z and so is uniquely defined.
R
Thus F(z + d) − F(z) = c f ≈ f (z)d, where c is a short, linear path from z
to z + d (see Figure 51). Then F 0 (z) = f (z) and so f is the derivative of an
analytic function and therefore is itself analytic. 
Proposition 11.14. Let {gi } be a sequence of functions that are analytic in
a region A and suppose that ∑∞ i=1 gi (z) converges uniformly on every closed
disk contained in A. Then
i) For any curve γ in A: γ limn ∑ni=1 gi = limn γ ∑ni=1 gi .
R R

ii) limn ∑ni=1 gi is analytic in A.

d d
iii) dz limn ∑ni=1 gi (z) = limn dz ∑ni=1 gi (z).

Proof. Write fn = ∑ni=1 gi and call the limit f . Then for all n > N
Z Z Z Z
fn − f = fn − f ≤ | fn − f | ≤ ε`(γ) .
γ γ γ γ
where `(γ) is the length of γ (a curve whose image is a compact set). The
fact that | fn (z) − f (z)| ≤ ε for all z ∈ γ is due to uniform convergence. This
proves (i).
Next, we prove (ii). Pick z0 ∈ A and let B = Br (z0 ) be an open disk
whose closure B̄ is contained in A. By assumption, fn → f uniformly on B̄
and thus f is continuous on B̄ (see exercise 11.17). Now let γ be any simple,
H
closed curve in B̄. Then by Cauchy’s theorem, γ fn = 0. Item (i) implies
H
that γ f = 0. Finally, Morera’s theorem implies that f is analytic at z0 .
224 11. The Cauchy Integral Formula

For part (iii), we have to show that | fn0 (z) − f 0 (z)| tends to zero as n
tends to infinity. We use Theorem 11.11 to do that. Fix some small r and so
that γ(t) := z0 + reit is contained in A. Then
1 fn (z) − f (z)
I
| fn0 (z0 ) − f 0 (z0 )| ≤ |dz| .
2π γ (z − z0 )2
By uniform convergence, for large n, | fn (z) − f (z)| is less than ε on γ while
|z − z0 | = r and the length of γ is 2πr. 
Lemma 11.15. If |z − z0 | < |w − z0 |, then
∞
(z − z0 )k 1
∑ = .
k=0 (w − z0 )k+1 w−z

h ik
z−z0 k
Proof. ∑∞
k=0 w−z0 is a geometric series that can be written as ∑∞
k=0 x ,
1
where |x| < 1. This equals 1−x . Substituting this in the right-hand side of
the lemma gives the result. 
Theorem 11.16 (Taylor’s Theorem). Suppose f is analytic in a region A
and let D be any open disk centered on z0 whose closure is contained in A.
Then for all z ∈ D we have
∞
f (n) (z0 )
f (z) = ∑ (z − z0 )n ,
n=0 n!
which converges on D. This is called the Taylor series of f at z0 .

Proof. Let D be the disk bounded by the curve γ given by w(t) = z0 + reit .
Take z inside D (see Figure 52) so that |z − z0 | < |w − z0 |. By Theorem 11.9
and Lemma 11.15, we have
1 f (w) 1 ∞
(z − z0 )k
I I
f (z) = dw = ∑ f (w) dw .
2πi γ (w − z) 2πi γ k=0 (w − z0 )k+1
Again because |z − z0 | < |w − z0 |, the sum converges uniformly, and so
Proposition 11.14 (i) implies that the sum and integral can be interchanged.
To the expression that then results, we apply Theorem 11.11 to get
1 ∞
(z − z0 )k ∞
f (k) (z0 )
I
··· = ∑ f (w) k+1
dw = ∑ (z − z0 )k .
2πi k=0 γ (w − z0 ) k=0 k!
11.4. A Tauberian Theorem 225

r w
D
z
0 z A

Figure 52. The curve w goes around z0 exactly once in counter-

clockwise direction. .

|z−z0 | k
By Theorem 11.11 (ii), the last expression is bounded by M ∑∞ k=0 rk
.
Uniform convergence on compact sets contained in the open disk of radius r
follows from Lemma 11.7. The series is analytic by Proposition 11.14. 

Remark 11.17. Note that it follows that the Taylor series of an entire func-
tion (Definition 11.2) converges in all of C.

11.4. A Tauberian Theorem

There is no formal definition of what a Tauberian theorem is, but generally
it is something along the lines of the theorem below: we know that some
transform T F(z) of f (t) converges for Re z > 0, but we want to know that it
converges for z = 0. The price we pay is some extra information on f as in
the case below, where we stipulate a bound on | f (t)|. The reader is strongly
encouraged to first have a look at the examples in exercise 11.23.
Theorem 11.18. Let f : [0, ∞) → R be integrable on compact intervals in
[0, ∞) and bounded by | f | ≤ F for some F > 0 and define
Z ∞
g(z) := f (t)e−zt dt .
0
R∞
If g(z) has an analytic continuation defined on Re z ≥ 0, then 0 f (t) dt
exists and equals g(0).

Remark 11.19. The function g in Theorem 11.18 is called the Laplace

transform of f .

Proof. First define Z T

gT (z) := f (t)e−zt dt .
0
226 11. The Cauchy Integral Formula

Note that g0T exists (exercise 11.24) and so gT is entire. Pick any ε > 0, we
will prove that for any ε > 0, we can choose T such that
lim |gT (0) − g(0)| < ε . (11.1)
T →∞
Since gT (0) is finite, this implies that g(0) also exists. So, fix ε > 0.

dR R
C−
C+

DR
d

L−

Figure 53. g is analytic in DR := {Re z ≥ −dR } ∩ {|z| ≤ R} (shaded).

The red curve is given by C+ (s) = Reis with s ∈ (− π2 , π2 ). The green
curve is given by C+ (s) = Reis with s ∈ ( π2 , 3π
2 ). The blue L− con-
sists of 2 small circular segments plus the segment connecting their left
endpoints at a distance 0 < d < dR to the left of the the imaginary axis.

For the definition of the region DR and the curves C+ , C− , and L− ,

we refer to Figure 53. Because g is analytic on Re z ≥ 0, Corollary 11.3
says that for any R, there is a dR so that g is analytic in the compact region
DR . Since gT is analytic on all of C, the Cauchy integral formula (Theorem
11.9) tells us that2
 
z2
1
I (g(z) − g T (z)) 1 + R 2 ezT
g(0) − gT (0) = dz . (11.2)
2πi C+ ∪L− z
We will show that |g(0) − gT (0)| < ε by cleverly splitting up this integral.
First compute the full integral along C+ where z = Reis = R(cos s +
i sin s). We will abbreviate cos s by c. For c > 0, we first estimate the three
factors in the integrand of (11.2).
Fe−RcT
Z ∞ Z ∞
|g(z) − gT (z)| = f (t)e−zt dt ≤ F e−Rct dt = . (11.3)
T T Rc
2The factor (1+ z2
R2
) in the integrand, introduced by Newman [41], may seem artificial and unnecessary
at this point, but is in fact essential, see exercise 11.25.
11.4. A Tauberian Theorem 227

Furthermore,
z2
 
1 1 1 −is 2|c|
1+ 2 = 1 + e2is = e + eis = . (11.4)
z R R R R
And finally
ezT = eRT c+iRT sin s = eRT c . (11.5)
Since the length of C+ is πR, we thus obtain from (11.2) that
1 1 Fe−RcT 2c RcT F
Z
≤ · · · e · πR = . (11.6)
2πi C+ 2π Rc R R
For the second step, analyticity of gT and Theorem 11.9 imply that
 2
  2

Z gT (z) 1 + z 2 ezT Z gT (z) 1 + z 2 ezT
1 R 1 R
dz = dz ,
2πi C− z 2πi L− z
allowing us to evaluate the integral along C− . We have, now for c < 0,
Fe−RcT
Z T Z T
|gT (z)| = f (t)e−zt dt ≤ F e−Rct dt = .
0 0 R|c|
Substituting this into the integral over C− and using (11.4) and (11.5) gives
 2

Z gT (z) 1 + z 2 ezT
1 R 1 Fe−RcT 2|c| RcT F
dz ≤ e πR = . (11.7)
2πi C− z 2π R|c| R R

The third (most painful) step is the evaluation of the remaining integral,
Z
G(z)ezt dz ,
L−
2
(see again Figure 53) where G(z) := g(z)(1+ Rz 2 )/(2πiz). On the two (com-
pact) circular segments z = Reis with Re z ∈ [−dR , 0], |G| is maximized by
the constant Mh (R, dR ). The combined length of these segments is less than
4d. Thus the integral over these pieces contributes at most Mh (R, dR ) 4d.
On the vertical segment, |G| is bounded by another constant, Mv (R, d). This
may very well increase as d decreases, since, with decreasing d, the path
passes very close to the origin. We have that ezT = e−dT and the path
length is less than 2R. So the contribution of the vertical segment is at most
Mv (R, d) e−dT 2R. Summarizing, this gives
Z
G(z)ezt dz ≤ 4d Mh (R, dR ) + 2R Mv (R, d) e−dT . (11.8)
L−
228 11. The Cauchy Integral Formula

Now we add up the contributions of equations (11.6), (11.7), and (11.8).

1 2F
I
≤ + 4d Mh (R, dR ) + 2R Mv (R, d) e−dT .
2π C+ ∪L− R
There are now three parameters, R, d, and T , whose values have not been
fixed yet. We use these to “talk” the right hand side into being less than
ε. Start by choosing R so that the first term is less than ε/3. Then choose
d ∈ [0, dR ] so that 4d Mh (R, dR ) < ε/3. Finally, we choose T so that the last
term is also less than ε/3. 

11.5. A Polynomial Must Have a Root

While we are on the topic of complex analysis, we take advantage of the
opportunity to fill a gap in our proof of the fundamental theorem of algebra
(Theorem 3.19).
Proposition 11.20. Every polynomial of degree d ≥ 1 has a root in C.

Proof. Let p(z) = ∑di=0 ai zi be a non-constant polynomial (with non-zero

leading coefficient ad ). The proof consists of showing that |p(z)| has a
minimum and that that minimum equals zero.
We write z = reiϕ (polar coordinates) and immediately obtain
 
ad−1 −1 −iϕ a0
p(reiϕ ) = ad rd ediϕ 1 + r e + · · · + r−d e−diϕ .
ad ad
The term in parentheses can be written as 1 + r−1 A(r), where A(r) can be
bounded from above by a geometric series in 1/r. Thus for r greater than
some R, A(r) is bounded by A0 ≥ 0. We then get for r > R
|p(reiϕ )| = |ad |rd 1 + A(r)r−1 where |A(r)| ≤ A0 .

Thus for R large enough, |p(2Reiϕ )| is larger than |p(Reiϕ )|. The closed
disk D of radius 2R is compact and p is continuous, so it follows that |p(z)|
must have a minimum in in the interior of that disk (see Figure 54).
Let z0 be this minimum. Take δ in the ball |δ | < ε, and ε small so
that the ε-disk around z0 is in the interior of D (see Figure 54). Now expand
p(z0 + δ ) = ∑di=0 ai (z0 + δ )i . The expansion must contain non-trivial terms,
because otherwise p would be constant. So for some 0 < k ≤ d,
p(z0 + δ ) = p(z0 ) + bk δ k + bk+1 δ k+1 + · · · + bd δ d ,
11.6. Exercises 229

z0

2R
0

Figure 54. In the proof of Proposition 11.20, |p(z)| must have a mini-
mum z0 in the interior of the disk |z| < 2R and it cannot have a minimum
unless at z0 unless it is zero.

where bk 6= 0. Thus
p(z0 + δ ) = p(z0 ) + bk δ k (1 + δ B(δ )) ,
where again for ε small enough |B(δ )| is bounded and so p(z0 + δ ) ≈
p(z0 ) + bk δ k . By choosing the phase of δ appropriately and |δ | small
enough, one make sure that if |p(z0 )| > 0, then |p(z0 )+bk δ k | < |p(z0 )|. 

Lest one might think that every complex function must have a zero, we
warn the reader that ez has no zero (see also exercise 11.16).
Together with exercise 3.24, the last result establishes the fundamental
theorem of algebra (Theorem 3.19), which we repeat verbatim here.
Theorem 11.21 (Fundamental Theorem of Algebra). A polynomial in
C[x] (the set of polynomials with complex coefficients) of degree d ≥ 1 has
exactly d roots, counting multiplicity.

11.6. Exercises
Exercise 11.1. Which of the following sets are regions or domains in C?
a) C\{0}.
b) C\N.
c) C minus the negative real axis.
d) C minus the real axis.
e) The union of the closed unit disks with centers at 1 and -1.
f) The same as (d), but minus the boundary.
g) The same as (e), but now add the imaginary axis.
230 11. The Cauchy Integral Formula

In exercise 11.2 briefly discuss two “bad” (non-isolated) singularities. Around

such a singularity no power series expansions can be used to approximate
the functions. Pictures of the two singularities can be found in [21][Sections
2.4 and 3.1].
Exercise 11.2. On D = {z : |z| < 1}, define
∞
1
f (z) = ∑ zn! and g(z) =
sin(1/z)
.
n=1

a) Let p and q be co-prime integers and set z = re2πip/q . Show that

| f (z)| ≥ −q + ∑ rn! ,
n≥q
and that this diverges as r % 1. (Note: the unit circle is a natural bound-
ary.)
b) Conclude that the singularities of f are dense on the unit circle.
c) Show that g has a cluster point at the origin.

Exercise 11.3. a) Show that on (0, 1), ∑∞ n

n=1 x is absolutely convergent but
not uniformly convergent.
(−1)n x
b) Show that on (0, 1), ∑∞n=1 n is uniformly convergent but not abso-
lutely convergent. (Hint: the sum is −x ln 2.)

Exercise 11.4. a) Let z = x + iy and show that for n ∈ N, n−z = n−x e−iy ln n .
b) From (a), show that n−z = n−x .
c) Use (b) to show that ζ (z) = ∑∞ −z is uniformly convergent on com-
n=1 n
pact disks in Re z > 1. (Hint: use Lemma 11.7 and exercise 2.25 (e).)

Exercise 11.5. Let f analytic at z0 and suppose furthermore that there is a

sequence {zn } converging to z0 such that f (zn ) = 0.
a) Show that f has all derivatives at z0 . (Hint: Theorem 11.11.)
b) Show that if at least one of f (n) (z0 ) 6= 0, then for z close enough to z0 ,
f (z) 6= 0. (Hint: the first non-zero term in the Taylor expansion dominates
as in Section 11.5.)
c) Use (a) and (b) to show that for all n ≥ 0, f (n) (z0 ) = 0.
d) Use Taylor’s theorem to show that f is zero in an open disk containing
z0 .
11.6. Exercises 231

Exercise 11.6. Let A be a region (that is: an open, connected set) contain-
ing a sequence {zn } converging to z0 . Let f and g be analytic functions on
A such that f (zn ) = g(zn ) for all n.
a) Show that h := f − g is analytic of A and satisfies h(zn ) = 0.
b) Use exercise 11.5 to show that h = 0 in an open disk containing z0 .
c) Write A as the disjoint union of
A0 := {z0 ∈ A : h(z) = 0 on an open neighborhood of z0 } and A1 := A\A0 .
Show that A0 is open in A. (Hint: by definition of A0 .)
d) Show A1 is open in A. (Hint: consider z ∈ A1 , if h(z) 6= 0, use continuity
of h; if h(z) = 0, use exercise 11.5 that h is not zero in a neighborhood of
z.)
e) Show that one of A0 or A1 must be empty. (Hint: use Definition 11.1.)
f) Conclude that the analytic continuations of f and g in A coincide. (Note
that this was remarked more informally in Section 2.5.)
The last result of exercise 11.6 will be relevant when we discuss the analytic
continuation of the zeta function. We isolate the result here.
Theorem 11.22 (Uniqueness of Analytic Continuation). Suppose f and
g are analytic in a region or domain A ∈ C. Let Z be the set of points such
that f (z) − g(z) = 0 and suppose that Z has a limit point in A. Then the
analytic continuation of f and g coincide on A.

Exercise 11.7. For z ∈ C, define

∞
zn
ez = ∑ .
n=0 n!
a) Assume or provea that the sum converges uniformly on every closed
disk. Conclude that ez is entire. (Hint: Proposition 11.14 (ii).)
b) Use exercise 11.6 to show that it is the unique analytic continuation of
the real function ex .
c) Compare the expansion of eiy with those of cos y and sin y and conclude
that eiy = cos y + i sin y.
d) Use ea+b = ea eb to establish that
ex+iy = ex (cos y + i sin y) .
e) Use (a) and (d) to show that ez is entire but never equal to 0.
aThe factorial always wins out.
232 11. The Cauchy Integral Formula

Exercise 11.8. a) Use exercise 11.7 (c) to show that (Figure 55) for y ∈ R
1  iy  1  iy 
cos y = e + e−iy and sin y = e − e−iy .
2 2i
b) Use exercise 11.6 to show that
1  iz  1  iz 
cos z = e + e−iz and sin z = e − e−iz
2 2i
are the unique extensions of the sine and cosine functions to the complex
plane.
sin x
c) Find a formula with only exponentials for tan z. (Hint: tan x = cos x .)

−exp(−it)
exp(it)
i sin(t)

cos(t)

exp(−it)

Figure 55. The complex plane with eit , −e−it and e−it on the unit cir-
cle. cost is the average of eit and e−it and i sint as the average of eit and
−e−it .

Exercise 11.9. Use eit e−it + eit = 1 + e2it to show that

a) 2 cos2 (t) = 1 + cos(2t), and

b) 2 sint cost = sin 2t.

0 r

r e i phi

Figure 56. Moving around the origin once in the positive direction in-
creases ϕ, and thus ln z, by 2π. Discontinuities can be avoided if we
agree never to cross the half line or branch cut L.
11.6. Exercises 233

Exercise 11.10. The complex logarithm ln z is the (local) inverse of ez . See

Figure 56.
a) Use “polar” coordinates, i.e. z = reiϕ , to show that ln z = ln r + iϕ.
b) Fix r and increase ϕ from 0 to 2π. Assuming that you do not encounter
discontinuities, show that ln z has increased by 2πi while its real part re-
mained constant.
c) Conclude that ln z is multivalued .
d) Let L be any half line from the origin to infinity. Show that ln z is analytic
of C minus L. L is called a branch cut .
For any function f : C → C, we can always write z = x + iy and f (z) =
u(x + iy) + iv(x + iy). In the next three exercises, we prove the following
result.
Proposition 11.23. f : C → C is analytic (see Definition 11.2) at z0 if and
only if in a neighborhood of z0 , f is differentiable3 as a function from R2 to
itself and the Cauchy-Riemann equations hold:
∂x u = ∂y v and ∂x v = −∂y u .

Exercise 11.11. a) Show that if f is analytic at z0 , then in a neighborhood

f (z+δ )− f (z)
of z0 , f 0 (z) = limδ →0 δ
does not depend on δ (as long as it tends
to 0).
b) Compute the derivative in (a) for δ real and δ imaginary.
c) Use (a) to show these two are equal.
d) Use (c) to prove that analyticity implies that u and v satisfy the Cauchy-
Riemann equations.
   
a −b x
Exercise 11.12. For real a and b, let A =   and z =  .
b a y
a) Show that multiplication by A of z in R2 acts exactly like multiplication
by a + ib of x + iy in C. √
b) Write the matrix A as Reiθ . (Hint: R = a2 + b2 . What is θ ?).
c) Use (b) to show that a non-zero derivative at a point z0 of an analytic
function is a dilatation composed with a rotation.
d) Explain that if f 0 (z0 ) is non-zero, f “locally” preserves angles.

Definition 11.24. A map f from a region A ⊂ C to C is conformal at z0 if

its derivative at z0 exists and is non-zero.

3This means that the partial derivatives exist and are continuous.
234 11. The Cauchy Integral Formula

Exercise 11.13. Write z = x + iy and f (z) = u(x + iy) + iv(x + iy), where u
and v are real functions. In a neighborhood of (x0 + iy0 ), suppose that the
matrix of (continuous) derivatives D f (x, y) satisfies Cauchy-Riemann.
a) Use exercise 11.12 to show that this implies that D f (x, y) acts like a
complex number.
b) Use (a) to imply that f is analytic.

Exercise 11.14. Write z = x + iy and f (z) = u(x + iy) + iv(x + iy), where u
and v are real functions.
a) Given that u(x + iy) = e−y cos x, compute v and f (z). (Hint: use the
Cauchy-Riemann equations to compute ∂x v and ∂y v. Integrate both to get
v. Finally, express u + iv as f (z).)
b) Given that v(x + iy) = −y3 + 3x2 y − y, compute u and f .
c) Given that f (z) = tan z, compute u and v. (Hint: use exercise 11.8 (c).)
An interesting result — though we will not prove it — is the following. A
weaker version of this is called the Casorati-Weierstrass Theorem and has
an easy proof [21][chapter 4] [35][chapter 3].
Theorem 11.25 (Picard Theorem). Let f have an isolated essential singu-
larity at z0 . Then the image of any punctured neighborhood of z0 contains
all values infinitely often with at most one exception.

The next results are important corollaries (proof in exercise 11.15).

Corollary 11.26 (Little Picard). Let f be entire and not constant. Then
the image of f contains all values with at most one exception.
Corollary 11.27 (Liouville’s theorem). A bounded entire function must be
constant.
Exercise 11.15. Assume f is entire and not constant.
a) Show that f has an expansion ∑∞ n
i=0 an x that converges in all of C. (Hint:
see Taylor’s theorem.)
b) Show that if f is a polynomial (only finitely many non-zero an ), then it
has a pole at infinity. (Hint: effect a coordinate change that moves ∞ to 0,
i.e. set w = 1/z. What does f look like in terms of the new coordinate?)
c) Show that in case (b), for all z0 ∈ C, f (z) − z0 has a zero. (Hint: the
fundamental theorem of algebra (Theorems 3.19 and 11.21).)
d) Show that if f is a not a polynomial, then it has an essential singularity
at infinity.
e) Show that (c) and (d) and the Picard Theorem imply little Picard.
f) Show that Little Picard implies Liouville’s theorem.
The function ez is a good illustration of little Picard (see exercise 11.7 (e)).
The next problem illustrates the Picard Theorem (Theorem 11.25).
11.6. Exercises 235

Exercise 11.16. a) Show that if z = x + iy, then

1 x y
= 2 −i 2 .
z x + y2 x + y2
b) Show that
    
1 x y y
f (z) := e z = e x2 +y2 cos 2 + i sin .
x + y2 x2 + y2
c) Show that if y = 0 and x & 0, then f (z) is real and tends to infinity.
d) Show that if y = 0 and x % 0, then f (z) is real and tends to zero.
e) Show that if you approach 0 in any other direction, f has arbitrarily large
oscillations. (Hint: fix t and set y = tx and let x & 0.)
f) Show that f (z) 6= 0 for all z.

Exercise 11.17. Let { fn } be a sequence of continuous functions on a com-

pact set S in Rn or C. Suppose fn → f uniformly on S and let x, y ∈ S.
a) Show that there is an n such that | fn (x) − f (x)| < ε/3.
b) Given n as in (a), show that there is a δ such that for all x with |y−x| < δ ,
we have | fn (y) − fn (x)| < ε/3.
c) Show that (a) and (b) imply that | f (y) − f (x)| < ε. (Hint: this is called
the “ε/3 trick”.)
d) Show that (c) implies that f is continuous.

Exercise 11.18. We give an easy informal “proof” of Theorem 11.11 by

interchanging differentiation and integration without justification.
a) Let k a non-negative integer. Suppose that
k! f (z)
I
f (k) (z0 ) = dz .
2πi γ (z − z0 )k+1
Change the order of integration and differentiation to show that
d (k) k! d f (z) (k + 1)! f (z)
I I
f (z0 ) = dz = dz .
dz0 2πi γ dz0 (z − z0 )k+1 2πi γ (z − z0 )k+2
b) Use (a) to give a proof by induction of Theorem 11.11.
Integrals and limits cannot always be exchanged, and the same holds for
derivatives. The following exercise provides examples (see Figure 57). For
uniformly converging analytic functions, the changes can be made (Propo-
sition 11.14).
236 11. The Cauchy Integral Formula

Exercise 11.19. On [0, 1], consider the functions

sin(kπx)
gk (x) = k2 xk (1 − x) and hk (x) = .
k
a) Show that limk→∞ gk (x) = 0.
b) Show that 01 limk→∞ gk (x) dx = 0 while limk→∞ 01 gk (x) dx =
R R

k2
limk→∞ (k+1)(k+2) = 1.
c) Show that limk→∞ hk (x) = 0.
d d
d) Show that dx limk→∞ hk (x) = 0 while limk→∞ dx hk (x) = 0 does not exist
at x = 1/2 (for example).

Figure 57. The functions gk and hk of exercise 11.19 for i ∈ {2, 8, 15, 30}.

Exercise 11.20. Set α = a + ib where a and b real and greater than zero
and let f (z) = (z − α)−1 .
a) Show that
H
f is analytic inside and on the contour C given in Figure 58.
b) Show C fR= 0.
c) Show that bi f tends to 0 as R tends to infinity. (Hint: | f | → 0 while the
path length remains
R
finite.)
d) Show that r f tends to πi as R tends to infinity. (Hint: set z(t) =
ib + Reit with Ht ∈ [0, π].)
e) Show that p f tends to −2πi as R tends to infinity. (Hint: set z(t) =
α + re−it with t ∈ [0, 2π].)
R +R
f) Conclude that limR→∞ −R f (z) dz = πi. (Hint: use (a).)
11.6. Exercises 237

r2

g
r1
ib
b2 p
b1
−R c a +R

Figure 58. The contour C is the concatenation of c (celeste), b1 (blue),

r1 (red), g (green), p (purple), −g, r2 , and b2 . The path r is a semi-circle
of radius R. The path p is a small circle of radius r. See exercise 11.20.

Exercise 11.21. We check the outcome of exercise 11.20 by direct integra-

tion. We use the notation of that problem.
a) Show that Z +R Z +R
x − a + ib
f (z) dz = dx .
−R −R (x − a)2 + b2
b) Sustitute s = x − a and show that
Z +R Z +R−a
s + ib
f (z) dz = ds .
−R −R−a s2 + b2
c) Show that the real part of this integral tends to zero as R → ∞. (Hint: it
is odd plus something that tends to zero.)
R +R−a ib
d) Show that limR→∞ −R−a s2 +b2
ds = πi. (Hint: substitute bt = s and
use that the derivative of arctan x equals 1/(x2 + 1).)

Exercise 11.22. Let f (z) = ∑n≥−k ak (z − z0 )k with k > 0.

a) Compute
1
I
Res( f , z0 ) := f (z) dz
2πi
it
along the path γ(t) = z0 + εe , t ∈ [0, 2π] for small ε > 0. This is called
the residue of f at z0 .
b) Let Γ be any piecewise smooth contour winding exactly once around z0
in the anti-clockwise direction. Show that
I
f (z) dz = 2πi Res( f , z0 ) .
Γ
(Hint: consider a contour that narrowly avoids the singularity such as the
contour C in Figure 58.)
238 11. The Cauchy Integral Formula

Exercise 11.23. a) Let f (t) = 1. Show that its Laplace transform as defined
in Theorem 11.18 does not have an analytic continuation to the imaginary
axis.
b) In (a), show that the conclusion of Theorem 11.18 does not hold.
c) Repeat (a) and (b), but now for f (t) = eiωt .

Exercise 11.24. Consider gT (z) as in the proof of Theorem 11.18.

a) Write out Hε := ε1 (gT (z + ε) − gT (z)).
b) Use linearity of integration to show that limε→0 Hε = 0T −t f (t)e−zt dt.
R

c) Show that the integral in (b) exists.

d) Conclude that gT is entire.

Exercise 11.25. a) Explain why it is crucial in the proof of Theorem 11.18

that g(z) is analytic on the imaginary axis.
2
b) Explain why the factor (1 + Rz 2 ) is essential to the proof of Theorem
11.18.
Chapter 12

The Prime Number

Theorem

Overview. In 1850, it seemed that Chebyshev was awfully close to proving

the prime number theorem (Theorem 2.21). But to bridge that last brook,
a whole new approach to the problem was needed. That approach was the
connection with analytic functions in the complex domain pioneered by
Riemann in 1859 [46]. Even so, it would take another 37 years after Rie-
mann’s monumental contribution before the result was finally proved by De
La Vallée Poussin and Hadamard in 1896. The version we prove is a highly
streamlined derivative of that proof, the last stage of which was achieved
by Newman in 1982 [41]. We made heavy use of Zagier’s rendition of this
proof [61] and of [49].

12.1. Preliminaries
Recall that π(x) denotes the number of primes in the interval [2, x]. So
π(2) = 1, π(3.2) = 2, and so on. The reason that the variable x is real is that
it simplifies the formulas to come. The Riemann zeta function is denoted
by ζ (s), see Definition 2.19 and Proposition 2.20. In this chapter, we will
frequently encounter sums of the form ∑ p . For example see Definition 12.1
below. Such sums will always be understood to be over all positive primes.
On the other hand, ∑ p≤x indicates a sum over all positive primes p less than

239
240 12. The Prime Number Theorem

or equal to x. A similar convention holds for products ∏ p and ∏ p≤x . The

letter z will always denote a complex variable.
We now define a couple of new functions.
Definition 12.1. The first Chebyshev function is defined as
θ (x) := ∑ ln p .
p≤x

The function Φ : {z ∈ C : Re z > 1} → C is defined as

ln p
Φ(z) := ∑ z .
p p

It is analytic in Re z > 1.

ln 2 + ln 3 + ln 5
theta(x)

ln 2 + ln 3

f(x)
3 5
2 xi x i+1

Figure 59. The Riemann-Stieltjes integral (12.1) near x = 5 picks up

the value f (5)(θ (xi+1 ) − θ (xi )).

In what follows, we will need to integrate expressions like

Z x
I(x) := f (t) dθ (t) , (12.1)
1
where f is differentiable. If we partition the interval [1, x] by 1 = x0 <
x1 · · · xn = x, then I(x) can be approximated as
n
I(x) ≈ ∑ f (ci )(θ (xi+1 ) − θ (xi )) ,
i=1
where ci ∈ (xi , xi+1 ) and then the appropriate limit (assuming it exists) can
be taken. This is a Riemann-Stieltjes integral. It is very similar to the
Riemann integral from calculus, except that instead of the increments xi+1 −
xi , we look at increments of a function: θ (xi+1 ) − θ (xi ) (see [33]), see
12.1. Preliminaries 241

Figure 59. Now, θ (t) is constant except at the values t = p (a prime) where
it has a jump discontinuity of size ln p. Thus, in this case, I(x) simplifies to
Z x
I(x) = f (t) dθ (t) = ∑ f (p) ln(p) . (12.2)
1 p≤x

On the other hand, we can find a different expression for I(x) by integration
by parts (sometimes called partial integration)
Z x Z x Z x
x
I(x) = d f (t)θ (t) − θ (t) d f (t) = f (t)θ (t) 1
− f 0 (t)θ (t) dt .
1 1 1
(12.3)
The point of this operation is usually that now we have expressed the in-
tegral in (12.2) as fixed expression plus another integral which has better
convergence properties than the original integral. For instance if f (t) = t −k ,
then f 0 (t) ∝ t −k−1 and so the integral converges faster.
Lemma 12.2. We have for x ≥ 2
Z x
θ (x) θ (t)
π(x) = + dt .
ln x 2 t (lnt)2

Proof. First note that since 2 is the smallest prime, equation (12.2) gives
Z x
d θ (t)
π(x) = .
lnt 2−ε
Apply integration by parts (12.3) to obtain
Z x
θ (x) 1
π(x) = − θ (t) d .
ln x 2−ε lnt
1 dt
Using d lnt = − t(lnt)
to work out the last term yields the lemma with lower
2

limit 2 − ε in the integral. But since θ (t) = 0 for t < 2, we may replace that
limit by 2. 
Lemma 12.3. For Re z > 1, we have
Z ∞ 
Φ(z) 1 θ (x)
− = − 1 x−z dx
z z−1 1 x
Z ∞
θ (et )e−t − 1 e−zt+t dt .


=
0
242 12. The Prime Number Theorem
R ∞ −z
Proof. Using (12.2), we can write Φ(z) as 1 x dθ (x). Then apply (12.3)
(partial integration) to obtain
∞
Z ∞
Φ(z) = x−z θ (x) +z x−z−1 θ (x) dx .
1 1
∞
We will see in equation (12.6) that for Re z > 1, the boundary term x−z θ (x)
1
vanishes. This gives
Φ(z)
Z∞ θ (x)
= x−z dx .
z 1 x
Noting that 1/(z − 1) = 1∞ x−z dx, the first equality follows. The second
R

equality follows by substitution of x by t where et = x. 

12.2. Chebyshev’s Theorem

We prove Theorem 12.7, an approximate version of the prime number theo-
rem (Theorem 2.21). Recall that bxc
is the greatest integer less than or equal
to x (see Definition 2.1), whereas ab indicates the binomial factor b!(a−b)!
a!

(see Theorem 5.30).

We start with a remarkable lemma. Let a, b, and k > 0 be integers. We
introduce the notation ak k b to mean that ak | b but not ak+1 | b. In words,
this is expressed by saying that ak divides b exactly.
Lemma 12.4. Let p prime and suppose that pk k mn with n > m > 0. Then

we have pk ≤ n.

Proof. Let p prime and suppose that pk k (1 · 2 · · · n). We want to find k.

Any multiple ap ≤ n in the product 1 · 2 · · · n contributes one factor
j k p to
pk . The number of multiples ap less than or equal to n equals np . So
j k
these contribute np to k. If ap is also a multiple of p2 then it contributes
j k
two factors to k. Thus we need to add another factor in the form of pn2 .
Continuing like that, we find
∞  
k n
p k n! =⇒ k = ∑ j
. (12.4)
j=1 p

As a consequence, we obtain for the binomial factor

  ∞      
k n n m n−m
p k =⇒ k = ∑ − − . (12.5)
m j=1 pj pj pj
12.2. Chebyshev’s Theorem 243

Consider the expression E = bx1 + x2 c − bx1 c − bx2 c. By substituting

x1 = a1 + ω1 and x2 = a2 + ω2 , where ai are integers and ωi ∈ (0, 1), one
sees that E ∈ {0, 1}. Going back to the expression in equation (12.5), we
see that if p j > n, then the contribution is always zero. Thus if n > m > 0,
the last positive contribution occurred for j = k such that pk ≤ n. 

The crux of the proof of Chebyshev’s theorem is contained in two sim-

ple, yet very clever, lemmas.
2n n

Lemma 12.5. For n ≥ 2, we have n+1 < bn/2c < 2n .

Proof. We prove the right-hand side first. From the binomial theorem (The-
orem 5.30), we see that (since the pi must divide k ≤ n)
  n  
n n
<∑ = 2n .
bn/2c i=0 i
n

For the left-hand side, we note that bn/2c is the largest of the n+1 numbers
n

i and so   n  
n n
(n + 1) >∑ = 2n .
bn/2c i=0 i

n

Lemma 12.6. i) For all n ≥ 2, we have bn/2c ≤ nπ(n) .
n

ii) For n ≥ 2 a power of 2, we have eθ (n)−θ (n/2) ≤ n/2 .

Proof. For the first inequality, use unique factorization (Theorem 2.11) and
the definition of π(n) to write
  π(n)
n
= ∏ pki i .
bn/2c i=1

By Lemma 12.4, pki i ≤ n. Thus ∏i=1 pki i ≤ nπ(n) , which yields the inequal-
π(n)

ity.
For the second inequality, we start by noticing that n is even and so any
n
prime p in the interval 2 , n is a divisor
of n! but not of the denominator of
n
n
n/2 . Therefore any such p divides n/2 . This implies that
 
n
∏ p≤ .
n <p≤n n/2
2
244 12. The Prime Number Theorem

Noting that p = eln p and inserting the definition of θ (x) (Definition 12.1)
yields the last inequality. 
Theorem 12.7 (Chebyshev’s Theorem). For any a < ln 2 and b > 4 ln 2,
there is a large enough K such that
π(x)
∀x ≥ K : ∈ [a, b] .
x/ ln x

Proof. Putting Lemmas 12.5 and 12.6 together gives

2n n
≤ nπ(n) and eθ (n)−θ ( 2 ) ≤ 2n (if n a power of 2) .
n+1
Taking the logarithm of the first of these inequalities gives
 
ln(n + 1) n
ln 2 − < π(n) ,
n ln n
which yields an estimate for a.
For n a power of 2, we get from the second inequality
n n n n
θ (n) − θ ≤ n ln 2 and θ −θ ≤ ln 2 and · · ·
2 2 4 2
and so on. Thus θ (n) ≤ 2n ln 2. For x ≥ 2, there is an n that is a power of 2
in the interval [x, 2x). Thus θ (x) ≤ θ (n) ≤ 2n ln 2. Therefore
θ (x) ≤ 4x ln 2 . (12.6)
Substituting this into Lemma 12.2 gives that
Z x
x
π(x) ≤ 4 ln 2 + 4 ln 2 (lnt)−2 dt . (12.7)
ln x 2
L’Hôpital’s rule implies that
Rx
2(lnt)−2 dt
lim = 1. (12.8)
x→∞ x(ln x)−2
Thus the integral in (12.7) can be replaced by x(ln x)−2 . The dominant term
of the right-hand side of that equation is the first one. Thus for any b > 4 ln 2,
we have for x large enough that π(x) < b lnxx . 

Equations (12.6) and (12.8) will also play an important role in the proof
of the (full) prime number theorem.
12.3. Properties of the Zeta Function 245

12.3. Properties of the Zeta Function

The proof of the prime number theorem relies in part on a careful study of
the analytic extensions of some functions related to the zeta function. We
do that in this section and the next.
Remark 12.8. From Chapter 4, equation (4.8) (see also exercise 4.26), we
know that ζ (z) and 1/ζ (z) both converge for Re z > 1. Therefore neither
has zeroes or poles in that region.

Here we prove a stronger statement.

Lemma 12.9. For Re z > 1, we have that
  ∞
e−zn ln p ∞
1
ln ζ (z) = − ∑ ln 1 − e−z ln p = ∑ ∑ =∑∑ nz
.
p p n=1 n p n=1 np

is analytic.

Proof. First, set w := p−z = e−z ln p . Using that the Taylor series at 0
wn
− ln(1 − w) = ∑ ,
n≥1 n

converges uniformly on |w| < 1 on compact subsets, we see from Proposi-

tion 11.14 (ii) that
  ∞
e−zn ln p 1
− ln 1 − p−z = − ln 1 − e−z ln p = ∑


= n (12.9)
n=1 n np
is analytic on Re z > 0 (and thus also on Re z > 1).
Next, from Proposition 2.20, we conclude that ln ζ (z) = − ∑ p ln (1 − p−z ).
By Lemma 10.17, this converges absolutely iff ∑ p p−z converges abso-
lutely. But if we set z = x + iy, then
∑ p−z ≤ ∑ n−z = ∑ n−x ,
p n n

which converges absolutely by exercise 2.25 (e), and thus uniformly on

closed disks in Re z > 1. Therefore, by Proposition 11.14, − ∑ p ln (1 − p−z )
is analytic on Re z > 1. 
246 12. The Prime Number Theorem

We saw in see exercise 2.24 (c) that ζ (z) diverges as z & 1+ . Here
is a more precise statement. Recall that analytic continuations are well-
defined (i.e. unique) in domains with only isolated singularities (see Theo-
rem 11.22).
Proposition 12.10. i) The functions (z − 1)ζ (z) and (z − 1)ζ 0 (z) + zζ (z)
have well-defined analytic continuations on Re z > 0.
ii) (The analytic continuation of) (z − 1)ζ (z) evaluated at z = 1 equals 1.

Remark: The factor (z − 1) precisely cancels the simple pole in ζ at z = 1.

n+1

n
u
n n+1

Figure 60. Integration over the shaded triangle of area 1/2 in equation (12.11).

Proof. We have that 1∞ x−z dx = 1/(z − 1) and nn+1 n−z dx = n−z . Using
R R

the definition of the zeta function (Definition 2.19), we define in Re z > 1

∞ ∞ Z n+1
1
Z ∞
= ∑ n−z − x−z dx = ∑ n−z − x−z dx .


h(z) := ζ (z) −
z − 1 n=1 1 n=1 n
(12.10)
Next, since n−z − x−z = nx −zu−z−1 du, we also have
R

∞ Z n+1 Z x
··· = ∑ −zu−z−1 dudx . (12.11)
n=1 n n

Each term of the sum is an integral over a triangular domain of area 1/2
(Figure 60). The maximum of the integrand is
p
zn−z−1 = σ 2 + τ 2 n−σ −1 ,
where z = σ +iτ (with σ , τ real). So, each summand has absolute value less
than half that. Thus (12.11) converges uniformly on compact disks in σ > 0
(see also exercise 11.4) and so h has an analytic continuation to Re z > 0.
12.3. Properties of the Zeta Function 247

To prove (i), note that, by the above, (z − 1)h(z) + 1 = (z − 1)ζ (z) is

analytic. Therefore so is its derivative — by Corollary 11.12. The second
function of part (i) is the sum of these two. Finally, evaluating (z − 1)ζ (z) =
(z − 1)h(z) + 1 at z = 1 establishes part (ii). 

Now follows a lemma that is brilliant and an essential step in proving

the prime number theorem. It will make its appearance in Proposition 12.12.
Lemma 12.11. ζ (z) has no zeroes on the line z = 1 + iτ (τ real).

Proof. Let z = σ + iτ with σ > 1 and τ 6= 0 real. We start by computing

the
3 4
admittedly strange expression E := ln ζ (σ ) ζ (σ + iτ) ζ (σ + 2iτ) . By
Proposition 12.10, ζ has a simple pole at 1 and no poles in Re z > 1. Thus
if ζ has a zero at 1 + iτ, it cannot be compensated by a pole at 1 + 4iτ and
the pole of order 1 at z = 1. Thus in this case, the expression eE evaluated
at σ + iτ where σ is slightly greater than 1, would yield a number that is
very close to zero. We now show that this cannot happen.
Combining the fact that ln(ab) = ln a + ln b and Lemma 12.9, we get
E = 3 ln ζ (σ ) + 4 ln ζ (σ + iτ) + ln ζ (σ + 2iτ)
e−σ n ln p  
= ∑∑ 3 + 4e−iτn ln p + e−2iτn ln p .
p n≥1 n
Now consider the real part of this expression:
3 + 4 cos(τn ln p) + cos(2τn ln p)
Re E = ∑ ∑ .
p n≥1 npnσ
Noting that 1 + cos 2x = 2 cos2 x (exercise 11.9), we obtain
2 + 4 cos(τn ln p) + 2 cos2 (τn ln p)
Re E = ∑∑
p n≥1 npnσ

2 (1 + cos(τn ln p))2
= ∑∑ > 0.
p n≥1 npnσ
But Re E > 0 yields |eE | > 1, which implies the lemma. 
248 12. The Prime Number Theorem

12.4. The Function Φ(z)

The proof we will give of the prime number theorem (Theorem 12.14) really
consists of inserting an analyticity property of the function Φ into Theorem
11.18 to prove the convergence of an improper integral. Here is the analyt-
icity property we need.
Φ(z) 1
Proposition 12.12. z − z−1 has an analytic continuation in the closed
half plane Re z ≥ 1.

Proof. Taking a derivative with respect to z on both sides of the first equal-
ity of Lemma 12.9, we obtain
−ζ 0 (z) ln p e−z ln p ln p
=∑ −z ln p
=∑ z .
ζ (z) p 1 − e p p −1
1
To express this in terms of the function Φ, we use x−1 = 1x + x(x−1)
1
to get
−ζ 0 (z) ln p ln p
= ∑ z +∑ z z .
ζ (z) p p p p (p − 1)
The first term on the right, of course, is Φ(z) (Definition 12.1). Subtracting
the second term on the right, we see that
Φ(z) 1 −ζ 0 (z) 1 1 ln p
− = − − ∑ pz (pz − 1)
z z−1 zζ (z) z−1 z p

(z − 1)ζ 0 (z) + zζ (z) 1 ln p

= − − ∑ pz (pz − 1) .
z(z − 1)ζ (z) z p

We tackle the first term on the right-hand side. From Proposition 12.10
(i), we obtain that both the numerator and the denominator are analytic on
Re z > 0. We only need to make sure the denominator does not have zeros
in Re z ≥ 1. By Proposition 12.10 (ii), we know that it does not have a zero
at z = 1. By remark 12.8, ζ (z) has no zeroes for Re z > 1. Lemma 12.11
says that it has no zeroes if Re z = 1.
Next we look at the second term on the right-hand side. Since ln p is
smaller than any positive power of p, the last term on the right-hand side is
comparable to p−2z . Since p−2z ≤ p−2 whenever Re z ≥ 1, it converges
uniformly in that region and is thus analytic in the desired region (Proposi-
tion 11.14 (ii)). 
12.5. The Prime Number Theorem 249

12.5. The Prime Number Theorem

Here we first prove that the prime number theorem is equivalent to the exis-
tence of a certain improper integral. Then we use the Tauberian theorem to
prove that that integral exists. That will finally establish the prime number
theorem.
Lemma 12.13. We have
θ (y) − y θ (x)
Z ∞
i) 2
dy exists =⇒ lim = 1.
1 y x→∞ x

θ (x) π(x)
ii) lim =1 ⇐⇒ lim =1.
x→∞ x x→∞ x/ ln x

Proof. We first prove (i). Suppose that the conclusion of the lemma does
not hold. Then for some ε > 0 either there is a sequence of xi such that
limi→∞ xi = ∞ with θ (xi ) > (1 + ε)xi or the same holds with θ (xi ) < (1 −
ε)xi .
Let us assume the former. Since θ is monotone, we have for all i
Z (1+ε)xi Z (1+ε)xi
θ (y) − y (1 + ε)xi − y (1+ε)xi
dy > dy = −(1+ε)xi y−1 −ln y .
xi y2 xi y2 xi

The latter can easily be worked out and yields ε − ln(1 + ε) for each i. Since
this is strictly greater than 0 by exercise 10.11, I(s) = 1s θ (y)−y
R
y2
dy cannot
converge to a fixed value as s tends to infinity.
The proof of non-convergence if θ (xi ) < (1 − ε)xi is almost identical
(exercise 12.17).
To prove (ii), we use Lemma 12.2 to establish that
Z x
θ (x) θ (t)
π(x) − = dt .
ln x 2 t (lnt)2
Next we use (12.6) to get rid of the θ (x) in the integrand, and subsequently
(12.8) to estimate the remaining integral. For large x, this gives
θ (x) x
π(x) − ≤ 8 ln 2 (1 + ε) ,
ln x (ln x)2
for any ε > 0. Now we multiply both sides by ln x/x to obtain the result. 
250 12. The Prime Number Theorem

So this lemma implies that to prove the prime number theorem at this
point, we need to show that 1∞ θ (x)−x dx = 0∞ (θ (et )e−t − 1) dt exists. We
R R
x2
restate Theorem 2.21 in its full glory.
Theorem 12.14 (Prime Number Theorem). We have
π(x) π(x)
1) lim = 1 and 2) lim R x = 1.
x→∞ (x/ ln x)
2 lnt dt
x→∞

Proof. The equivalence of parts (1) and (2) is due to the fact that L’Hopital’s
x)−1
rule implies that limx→∞ R xx(ln
(lnt)−1 dt
= 1. Thus, for example,
2

π(x) π(x) x/ ln x
lim R x = lim Rx .
x→∞
2 lnt dt x→∞ x/ ln x
2 lnt dt
The same reasoning works vice versa (exercise 12.10).
So we only need to prove part (1). Lemma 12.3 gives
Φ(z + 1) 1
Z ∞
θ (et )e−t − 1 e−zt dt .


− =
z+1 z 0
Proposition 12.12 says that the left-hand side has an analytic continuation
in Re z ≥ 0 while equation (12.6) says that θ (et )e−t − 1 is bounded. But
then, by Theorem 11.18, 0∞ (θ (et )e−t − 1) dt exists. Finally, Lemma 12.13
R

implies that then (1) holds. 

12.6. Exercises
Exercise 12.1. Write out in full the computations referred to in the proofs
of Lemmas 12.2 and 12.3.
Proposition 12.15 (Abel Summation). For the sequence {an }∞
n=1 , denote
A(x) = ∑n≤x an . Then for any differentiable f , we have
Z x
∑ an f (n) = A(x) f (x) − A(t) f 0 (t) dt .
n≤x 1
12.6. Exercises 251

Exercise 12.2. a) Show that for any small ε > 0,

Z x
∑ an f (n) = f (t) dA(t) .
n≤x 1−ε

b) Apply integration by parts to (a), to get

Z x
∑ an f (n) = A(x) f (x) − A(t) f 0 (t) dt .
n≤x 1−ε

(Hint: you need that A(1 − ε) = 0.)

c) Prove Proposition 12.15. (Hint: you need that A(t) f 0 (t) is finite and
continuous at t = 1.)

Exercise 12.3. Recall the notation bxc (floor) and {x} (fractional part) from
Definition 2.1.
a) Use Abel summation to show that
Z x
1 x − {x} t − {t}
∑ n = x + 1 t 2 dt .
n≤x

(Hint: set an = 1 and f (x) = 1x .)

b) Use (a) to show that
Z x
1 {x} {t}
∑ n − 1 − ln x = − x − 1 t 2 dt .
n≤x
c) Use (a) to show that
Z x
1 {t}
lim ∑ − 1 − ln x + dt = 0 .
x→∞
n≤x n 1 t2
R x {t}
d) Show that the Euler-Mascheroni constant γ := 1 − limx→∞ 1 t2 dt sat-
2 R n+1 t−n−1/2
π
isfies 1 − 12 < γ < 1. (Hint: show that n t2
dt is negative. Then
2
use exercise 2.24 (c) and the fact that ζ (2) = π6 . Note: in fact γ ≈ 0.577 · · ·
. At the time of this writing (2021), it is unknown whether γ is irrational.)

Exercise 12.4. a) Follow exercise 12.3 to show that

Z x
{t}
∑ ln n = bxc ln x − (x − 1) + 1 t dt .
n≤x
b) Show that (a) implies that
1 nn nn
< n! < n n .
n en e
(Hint: use that the absolute value of the integral in (a) is less than ln x.)
Exercise 12.4 proves part of what is known as Stirling’s formula , namely:
√ en
 
1
n! = 2πn n 1 + +··· .
n 12n
252 12. The Prime Number Theorem

Exercise 12.5. a) Use Proposition 12.15 to show that for Re z > 1

btc
Z ∞
ζ (z) = z dt .
1 t z+1
(Hint: write an = 1 and f (x) = x−z .)
b) Use that btc = t − {t} to show that
z
Z ∞ {t} 1 ∞ {t}
Z
ζ (z) = −z z+1
dt = +1−z dt .
z−1 1 t z−1 1 t z+1
c) Use (b) to reprove Proposition 12.10. (Hint: you need to prove analyt-
icity of h in Re z > 1.)

Exercise 12.6. a) How many trailing zeros does 400! (in decimal notation)

proof of Lemma 12.4 with p = 5 and p = 2.)
have? (Hint: use the
b) How about 400
200 ?

Exercise 12.7. Consider E(x1 , x2 ) := bx1 +x2 c−bx1 c−bx2 c as in the proof
of Lemma 12.4 and show that E ∈ {0, 1}.

Exercise 12.8. a) In Theorem 12.7, show that we can take

1
a = ln 2 − ln 3 ≈ 0.14 ,
2
for all x ≥ 2.
b) Establish numerically that
ln x x
Z
(lnt)−2 dt < 1 .
x 2
(Note: an analytic estimate of this expression is tricky and the reward
is
Rx
modest. But enthusiastic students can try the following. Show that
−2 ln x 2
2 (lnt) dt − x has a maximum at x = e . Then give a rough estimate
of the expression in (b) for that value of x. You will likely get a much worse
estimate than 1.)
c) Use (b) and equation 12.7 to show that b = 5 ln 2 works for all x ≥ 2.

Exercise 12.9. Suppose we had an “perfect” estimate for Lemma 12.5

n
n
of the form n/2 = c √2 n for some c > 0. Can you improve Theorem
12.7? (Hint: no. Conclusion: we need a different method to make further
progress.)
In the next exercise, we prove the equivalence of Theorem 12.14 (a) and
(b).
12.6. Exercises 253

Exercise 12.10. a) Compute the derivative of x(ln x)−r for r > 0.

b) Use (a) and L’Hopital to prove that for r > 0
Rx
1 (lnt)−r dt
lim = 1.
x→∞ x(ln x)−r

c) Use (b) to show that parts (a) and (b) of Theorem 12.14 are equivalent.
d) Compare (b) to (12.8).
In the next two problems we prove the following result.
Proposition 12.16. Let pn denote the nth prime. The prime number theorem
is equivalent to
pn
lim = 1.
n→∞ n ln n

Exercise 12.11. For this exercise, assume that limx→∞ x/yln x = 1 and that
x → ∞ if and only if y → ∞. (In fact, y stands for π(x), and we know that
x → ∞ if and only if π(x) → ∞, see Theorem 2.17.)
f (x)
a) Suppose limx→∞ fi (x) = ∞ and limx→∞ f1 (x) = 1. Show that
2

ln f1 (x)
lim = 1.
x→∞ ln f 2 (x)
f (x)
(Hint: for x large, (1 − ε) < f1 (x) < (1 + ε), multiply by f2 (x), and take
2
logarithms.)
t
b) Show that limx→∞ lnlnlnxx = 0. (Hint: substitute x = ee .)
c) Use the hypotheses and (a) to show that
x x y ln y 1
= = .
y ln y y ln y x/ ln x ln x − ln ln x 1 − lnlnlnxx
d) Use (b) to show that the limit in (c) as x → ∞ tends to 1. Use the
hypotheses to change to the limit as y → ∞.
e) Show that (d) implies one way of Proposition 12.16.

Exercise 12.12. For this exercise, assume that limy→∞ y lnx y = 1 and that
x → ∞ if and only if y → ∞. See exercise 12.11.
a) Follow exercise 12.11 in reverse to show that
y x y ln y 1
lim = lim = lim = 1.
x→∞ x/ ln x x→∞ y ln y x/ ln x ln x − ln ln x x→∞ 1 − ln ln x
ln x
b) Show that (b) implies the other direction of Proposition 12.16.
c) Whereabouts is the nth prime located?
254 12. The Prime Number Theorem

Exercise 12.13. In this exercise, we fix any K > 1 and {xi }∞ i=1 is a sequence
such that limi→∞ xi = ∞. We also set x0 = Kx for notational ease.
π(x )
a) Show that if π(xi0 ) = π(xi ) and limi→∞ x / lni x exists, then
i i

π(x0 ) 1 π(xi )
lim 0 i 0 = lim .
i→∞ xi / ln xi K i→∞ xi / ln xi
b) Show that (a) and the prime number theorem imply that for large enough
x, there are primes in (x, x0 ]. (Hint: if (a) holds, then there are no primes in
[xi , Kxi ].)
c) Show that in fact, the prime number theorem implies
π(xi0 )
lim = K.
i→∞ π(xi )
d) Show that (c) implies that for large enough x, there are approximately
(K − 1)π(x) primes in (x, x0 ].
In fact, the following holds for all n. We omit the proof, which involves
some careful computations. It can be found in [2].
Proposition 12.17 (Bertrand’s Postulate). For all n ≥ 2 there is a prime
in the interval [n, 2n).
The same reference [2] also mentions an open (in 2018) problem in this
direction: Is there always a prime between n2 and (n + 1)2 ?
Exercise 12.14. a) Show for every m ∈ N, the set {m! + 2, · · · , m! + m}
contains no primes. (Hint: for 2 ≤ j ≤ m we have j | (m! + j).)
b) Show that from Proposition 12.16, we might reasonably expect the “ex-
pected” prime gap pn+1 − pn to be equal to
Gn := (n + 1) ln(n + 1) − n ln n ≈ ln((n + 1)e) ,
if n large.
c) Use the prime number theorem to show that
Gn ≈ ln pn+1 − ln ln pn+1 + 1 ≈ ln pn+1 .
n+1 −pn
d) Assume the twin prime conjecture to show that pln pn+1 does not con-
verge to a limit. See also Figure 61.
d) Use lemma 12.13 to show that the prime number theorem is equivalent
to saying that the sum of the first n “expected” prime gaps equals pn+1 .

Exercise 12.15. a) Show for every m ∈ N, the set {m! + 2, · · · , m! + m}

contains no primes. (Hint: for 2 ≤ j ≤ m we have j | (m! + j).)
b) Compare that prime gap at pn ∼ m! with the gap you expect from exer-
cise 12.14. (Hint: use exercise 12.4 (b).) (
12.6. Exercises 255

Figure 61. The prime gaps pn+1 − pn divided by ln pn+1 for n in {1, · · · , 1000}.

Exercise 12.16. We give a different proof of Lemma 12.13 (ii) (following

[61]).
a) Show that θ (x) ≤ π(x) ln x.
b) Show that
(1 − ε) ln x ∑ 1≤ ∑ ln p ≤ θ (x) .
x1−ε ≤p≤x x1−ε ≤p≤x
c) Show that for all ε > 0
π(x) − x1−ε ≤ ∑ 1.
x1−ε ≤p≤x
d) Use (a), (b), and (c) to show that for all ε > 0
(π(x) − x1−ε ) ln x θ (x) π(x) ln x
(1 − ε) ≤ ≤ .
x x x
e) Use (d) to prove Lemma 12.13 (ii). (Hint: show that limx→∞ x−ε ln x = 0
by substituting x = et .)

Exercise 12.17. a) Suppose that in the proof of Lemma 12.13 there is a

sequence of xi such that limi→∞ xi = ∞ with θ (xi ) < (1 − ε)xi for some
ε > 0. Show that the integral in the lemma cannot converge.
b) How about if both occur and alternate?
We define two new functions. This definition usually accompanies Defini-
tion 12.1.
Definition 12.18. The von Mangoldt function is given by

ln p if n = pk where p is prime and k ≥ 1
Λ(n) :=
 0 otherwise
256 12. The Prime Number Theorem

The second Chebyshev function is given by

ψ(x) := ∑ Λ(n) .
n≤x

Just like the first Chebyshev function θ (x), the second Chebyshev function
ψ(x) is often used as a more tractable version of the prime counting function
π(x). In particular, in exercises 12.18 and 12.19, we will prove a lemma
similar to Lemma 12.13, namely
Lemma 12.19. We have
ψ(x) π(x)
lim = 1 ⇐⇒ lim = 1.
x→∞ x x→∞ x/ ln x

Exercise 12.18. a) Show that ψ(x) = ∑ pk ≤x ln p. (Hint: from Definition

12.18. Note that this means that ψ counts all prime powers no greater than
x.) j k
ln x
b) Show that ψ(x) = ∑ p≤x ln p ln p . (Hint: this expression only increases
at x a power of a prime.)
c) Show that ψ(x) ≤ ∑ p≤x ln x. (Hint: bac ≤ a.)
d) Show that (c) implies that ψ(x) ≤ π(x) ln x.

Exercise 12.19. a) Show that Definitions 12.1 and 12.18 imply that θ (x) ≤
ψ(x).
b) Use (a) and exercises 12.16 (d) and 12.18 (d) to show that
(π(x) − x1−ε ) ln x θ (x) ψ(x) π(x) ln x
(1 − ε) ≤ ≤ ≤ .
x x x x
c) Use (b) and Lemma 12.13 (ii) to prove Lemma 12.19.

Exercise 12.20. Plot θ (x)/x, ψ(x)/x, and π(x) ln x/x in one figure. (See
for example, Figure 62). Compare with exercise 12.18. b) Show that all
three tend to 1 as x tends to infinity.
12.6. Exercises 257

Figure 62. The functions θ (x)/x (green), ψ(x)/x (red), and π(x) ln x/x
(blue) for x ∈ [1, 1000]. All converge to 1 as x tends to infinity. The
x-axis is horizontal.

Exercise 12.21. The analysis of this exercise should be compared to the

proof of Proposition 12.12.
a) Use Lemma 12.9 and Corollary 11.12 to show that
−ζ 0 (z) ∞
ln p
= ∑ ∑ nz
ζ (z) p n=1 p
is analytic for Re z > 1.
b) Use Definition 12.18 to show that for Re z > 1
−ζ 0 (z) ∞
Λ(n)
=∑ z .
ζ (z) n=1 n
c) Use Abel summation (Proposition 12.15) and Definition 12.18 to show
that for Re z > 1
−ζ 0 (z)
Z ∞
=z ψ(x)x−z−1 dx .
ζ (z) 1
(Hint: in the proposition, set f (x) = x−z and A(x) = ψ(x). Then use that
in the boundary term, ψ(x)/x converges to 1.)
d) Subtract z/(z − 1) from (c) and divide by z to conclude that for Re z > 1
−ζ 0 (z) 1 ψ(x) − x
Z ∞
− = dx .
zζ (z) z−1 1 xz+1

Exercise 12.22. Show that limx→∞ a(x)/x = 1 is equivalent to the follow-

ing. For all ε > 0, we have |a(x) − x| < εx for x large enough.
258 12. The Prime Number Theorem

Exercise 12.23. For this problem, we assume that there is a θ ∈ (1/2, 1)

so that |ψ(x) − x| ≤ Kxθ .
a) Note (exercise 12.22) that this is stronger than limx→∞ ψ(x)/x = 1.
b) Use exercise 12.21 to show that
−ζ 0 (z)
Z n+1
1 ψ(x) − x
− =∑ dx .
zζ (z) z − 1 n≥1 n xz+1
c) Show that our hypothesis for this exercise implies that
Z n+1
ψ(x) − x
dx ≤ 2Knθ −Re z−1 .
n xz+1
d) Use Proposition 11.14 to show that the right hand side of (b) is analytic
for Re z > θ .
e) Show that (d) implies that ζ (z) has no zeros in Re z > θ .
In the next two problems, we prove a second version of the Tauberian theorem
in Chapter 11. This is essentially just a reformulation of Theorem 12.14 (2),
but with θ (n) replaced by an arbitrary sequence an satisfying certain condi-
tions. The proof is also essentially the same.
Theorem 12.20. Suppose an ≥ 0 so that there is a K > 0 with A(x) :=
∑n≤x an ≤ Kx. Define
∞
an
G(z) := ∑ z .
n=1 n
G is analytic on Re z > 1. Assume also that G admits an analytic continua-
tion to Re z ≥ 1 except for a simple pole at 1 with residue 1. Then
A(x)
lim = 1.
x→∞ x

Exercise 12.24. a) Show that G is analytic on Re z > 1. (Hint: use the

condition on A(x) and Proposition 11.14 (ii).)
b) Use (a) and Abel summation to show that
Z ∞
G(z) = z A(x)x−1−z dx .
1
c) Show that
z A(x) − x
Z ∞ Z ∞
A(et ) − et e−zt dt .


G(z) − =z 1+z
dx = z
z−1 1 x 0
d) In (c), set z0 + 1 = z and then drop the prime to show that
G(1 + z) 1 A((x) − x
Z ∞ Z ∞
A(et )e−t − 1 e−zt dt .


H(z) := − = dx =
z+1 z 0 x2+z 0
12.6. Exercises 259

Exercise 12.25. a) Show that the function H(z) of exercise 12.24 (d) has
an analytic continuation to Re z ≥ 0. (Hint: the pole at z = 0 has been
canceled by the subtraction of 1/z.)
R A(x)−x
b) Use Theorem 11.18 to show that 0∞ x2 dx converges.
A(x)
c) Use Lemma 12.13 (i) to show that limx→∞ x = 1.

Exercise 12.26. a) Show that

!1
n

lim ∏p =e
n→∞
p≤n
if and only the prime number theorem holds. (Hint: see Lemma 12.13 (ii).)
b) See Figure 63). Show that
1
lim ( lcm (1, 2, · · · , n)) n = e
n→∞
if and only the prime number theorem holds. (Hint: see Lemma 12.19.)

1
Figure 63. Plot of the function f (n) := ( lcm (1, 2, · · · , n)) n for n in
{1, · · · , 100} (left) and in {104 , · · · , 105 } (right). The function converges
to e indicated in the plots by a line.
Part 3

Topics in Number Theory

Chapter 13

Primes in Arithmetic
Progressions

Overview. An arithmetic progression is a set S of the form S := {a + kq |

k ∈ N}. If gcd(a, q) = d > 1, then any two distinct numbers in S are not co-
prime. Thus, in that case, S can contain at most one prime. We will see that
asymptotically the primes are distributed equally over the remaining arith-
metic progressions, namely the sets {a +kq | k ∈ N} such that gcd(a, q) = 1.
One of the more accessible introductions to the material in this chapter is
[4]. For section 13.6, we used [51] and [20].

13.1. Finite Abelian Groups

Definition 13.1. Two groups g and H are isomorphic if there exists a bijec-
tive homomorphism f : G → H (see also exercise 13.3).
Definition 13.2. A cyclic group is a group generated by a single element.

The proof of the following proposition is loosely based on the analo-

gous proof in [24][appendix 3C]. It uses the simple observation that every
element g of a finite Abelian group generates a cyclic group. This is evi-
dent, because the sequence {gi } can have finitely many distinct elements,
and so the smallest value of i ≥ 0 where a repeated value occurs must be the
order o of the element g.

263
264 13. Primes in Arithmetic Progressions

Proposition 13.3 (Fundamental Theorem of Finite Abelian Groups).

Any finite Abelian group G of order n is isomorphic to a cartesian prod-
r
uct of finite cyclic groups Z+ +
o1 × · · · × Zor . Furthermore, ∏i=1 oi = n.

Proof. There are finitely many ways of choosing a non-empty subset S of

elements of G. Since each element has order at most n, for each of these
subsets, we can find out whether it generates G. Let r be the minimal car-
dinality of the subsets that generate G and denote by Sr the (non-empty)
collection of all such sets of generators of cardinality r.
Pick S in Sr , denote its elements by gi , and the order of gi ∈ S by
oi (S). By construction, there is a map σ (S) from ∏ri=1 {0, 1, · · · , oi (S) −
1} = Z+ +
o1 × · · · × Zor onto G given by
r
σ : (a1 , · · · , ar ) → ∏ gai i .
i=1

Now let us assume that there is a non-empty set S r ⊆ Sr so that for S in

S r , σ (S) is not a bijection. We will show that this leads to a contradiction.
For S in S r , there are i and 0 ≤ ai , a0i < oi (S) such that
r r r r
a0 (ai −a0i ) mod oi (S)
∏ gai i = ∏ gi i ⇐⇒ ∏ gi = ∏ gci i = 1 ,
i=1 i=1 i=1 i=1
where we have set ci equal to the least residue of modulo oi (S). (ai − a0i )
Note that in this expression at least two of the coefficients ci are greater
than 0. Now let
( )
r r
s(S) := min
ci ∈{0,··· ,oi (S)−1}
∑ ci : ∏ gci i = 1 ≥ 2.
i=1 i=1

Finally, minimize s(S) over S r

s− := min s(S) ≥ 2 . (13.1)
S∈S r

Let {gi }ri=1 be the collection of generators at which this minimum is

assumed. At least two of the ci ’s are greater than 0, say, c2 ≥ c1 > 0. Define
f1 = g1 g2 and fi = gi for all i > 1. This change of variables is invertible, so
{hi }ri=1 still generate G. A simple calculation gives
r
1 = ∏ gci i = f1c1 f2c2 −c1 f3 3 · · · frcr .
c

i=1
13.2. The Hermitian Inner Product 265

Thus s− has decreased, which contradicts (13.1). This shows that S r is

empty and thus for all S in Sr , σ (S) is a bijection.
It is also a homomorphism, because for a and a0 in Z+ +
o1 × · · · × Zor
r r
a0
σ (a + a0 ) = ∏ gai i · ∏ gi i .
i=1 i=1
Thus σ is an isomorphism (see exercise 13.3). Clearly, the number of ele-
ments in G equals ∏ri=1 oi (S) which must therefore be equal to n. 

13.2. The Hermitian Inner Product

Later on, we will briefly need to consider V = Cn as an inner product space.
The Hermitian inner product generalizes the dot product of Rn .
Definition 13.4. The (standard) Hermitian inner product on Cn is given by
(x, y) = x1 y1 + · · · + xn yn ,
where y indicates the complex conjugate of y.

One easily checks that this binary operation satisfies the requirements
that for all x, y, and z in V and α in C

1) (x, x) ≥ 0 positivity
2) (x, x) = 0 ⇐⇒ x = 0 definiteness
3) (x, αu + v) = α(x, u) + (x, v) linearity
4) (x, y) = (y, x) conjugate symmetry
More generally, any function V × V that satisfies these requirements is
called an inner product, but we will not be needing that generality here.
Definition 13.5. A set {ei }ni=1 of vectors in V is an orthonormal basis if for
all i 6= j and all x in V

1) (ei , ei ) = 1 unit vectors

2) (ei , e j ) = 0 orthogonality
3) ∃ αi such that x = ∑ni=1 αi ei basis
266 13. Primes in Arithmetic Progressions

The property that is crucial for us is that the αi in item (3) of this defi-
nition can be computed easily, namely
n
x = ∑ (ei , x)ei . (13.2)
i=1
For more details and a good general introduction, see [6][Chapter 6].

13.3. Characters of Finite Abelian Groups

Definition 13.6. A character of a group G is a complex-valued homomor-
phism f : G → C× .

For example, the identity e of a group G satisfies e2 = e and since f is a

multiplicative homomorphism, we have that f (e)2 = f (e) and so f (e) = 0
or f (e) = 1. The former is excluded because 0 is not in the domain of C× .
Thus f (e) = 1 for any character. An example of a character of G is the
constant function, f (g) = 1, also called the principal character. We indicate
it by f0 .
Before continuing, let us look at a few examples of characters, namely
G = Z× ×
5 and G = Z8 .

mod 5 f0 f1 f2 f3 mod 8 f(0,0) f(0,1) f(1,0) f(1,1)

1 1 1 1 1 1 1 1 1 1
2 1 i -1 -i 3 1 1 -1 -1
3 1 -i -1 i 5 1 -1 1 -1
4 1 -1 1 -1 7 1 -1 -1
1
(13.3)
The table on the left lists the characters of Z×
5 . Each column corresponds to
a different character. The table on the right lists the characters of Z×
8 . Note
that each of these groups has four characters, but they are not the same.
How do we determine these characters? The short answer is: exploit
multiplicativity. First look at Z×
5 . We note it is a cyclic group generated by
the element 2, namely 2k mod 5 cycles through the values 2, 4, 3, and 1 for
k ∈ {1, 2, 3, 4}. Thus f (24 ) = ( f (2))4 = 1, and so for any character f , the
value of f (2) must be a 4th root of unity. So choose (as in the left table of
(13.3))
m
fm (2) = e2πi 4 .
13.3. Characters of Finite Abelian Groups 267

For any choice of m, we can obtain a multiplicative function as follows

m m m
e2πi(k+`) 4 = e2πik 4 e2πi` 4 =⇒ fm (2k+` ) = fm (2k ) fm (2` ) . (13.4)
This example is wonderful, because it turned out that is isomorphic to Z×
5
+
Z4 which simplifies things: we get something very reminiscent of a discrete
Fourier transform (see Definition 13.26).
The group Z× 8 also has 4 elements, namely {1, 3, 5, 7}. But none of
these elements has order 4, for 32 =8 52 =8 72 =8 1. Thus for any character
f , each of f (3), f (5), and f (7) must be square roots of unity. This group is
therefore not isomorphic to Z+ 4 . However, consider

(a1 , a2 ) (0,0) (0,1) (1,0) (1,1)

3a1 · 5a2 mod 8 1 5 3 7
This gives a bijection h : Z× + + + +
8 → Z2 × Z2 . But in Z2 × Z2 ,

h(3a1 5a2 )h(3b1 5b2 ) = (a1 , a2 )(b1 , b2 ) = (a1 + b1 , a2 + b2 )

h(3a1 5a2 · 3b1 5b2 ) = (a1 + b1 , a2 + b2 ) .
It also shows that h is a homomorphism, and thus Z× +
8 is isomorphic to Z2 ×
+
Z2 . So let m = (m1 , m2 ) where mi ∈ {0, 1} and set
m1 m2
fm (3) = e2πi 2 and fm (5) = e2πi 2 .
So that (as illustrated in the right table of (13.3))
a1 m1 a2 m2 a1 m1 a2 m2
fm (3a1 5a2 ) = e2πi 2 e2πi 2 = e2πi( 2 + 2 )) . (13.5)
fm is multiplicative by the same calculation as done in (13.4), but now sep-
arated out in ‘components’ to prove that
fm (3k1 +k2 5`1 +`2 ) = fm (3k1 5`1 ) fm (3k2 5`2 ) . (13.6)
The student is asked to provide a few more details in exercise 13.1.
These computations tell us what is going on. We first simplify the
notation, and then formulate the relevant theorem.
Definition 13.7. For the remainder of this chapter, we abbreviate:
Z+
o := Z+ +
o1 × · · · × Zor ;
r
n := ∏ oi ;
i=1
268 13. Primes in Arithmetic Progressions

m1 mr
and for a and m in Z+
o , we set m/o := ( o1 , · · · , or ) and
r
a
ga := ∏ gjj ;
j=1
r
a j m j mod o j
a · (m/o) := ∑ .
i=1 oj

Theorem 13.8. Let G be an n element Abelian group. With the notation of

Definition 13.7, we have:
i) The characters fm of G are given by
fm (ga ) = e2πia·(m/o) .
ii) The characters fm are all orthogonal to one another in the sense that:

n if m = `

∀ m , ` ∈ Z+ a a
o : ∑ f m (g ) f ` (g ) =
a∈Z+o
 0 if m 6= `
(see Figure 64). Thus the n characters are all distinct.

(1,1)

(1,−1)

Figure 64. The two characters modulo 3 illustrate the orthogonality of

the Dirichlet characters.

Proof. By complete multiplicativity (because f is a homomorphism), any

character f is completely determined by its value f (gi ) on the r generators
of G. So !
r r
a
f ∏ gjj = ∏ f (g j )a j .
j=1 j=1
f (g j ) must be an o j th root of unity, and is thus equal to exp(2πim j /o j ).
The second statement follows using Definition 13.7.
∑+ f` (ga ) fm (ga ) = ∑+ e2πia·((m−`)/o) . (13.7)
a∈Zo a∈Zo
13.3. Characters of Finite Abelian Groups 269

If m = `, the exponent is zero and so ∑a∈Z+o 1 = n. The above sum is really

a sum of products (Definition 13.7) which can be converted into a product
of sums (exercise 4.3) of the form
a (m −` )k
2πi j jo j j
∑+ e j .
a j ∈Zo j

So if m 6= `, then there is an j such that m j − ` j 6= 0. The above sum then

has the form
o−1 oK
2πi aK e2πi o − 1
e o = = 0,
∑ K
a=0 e2πi o − 1
and so the product of the sums also reduces to zero. 

Theorem 13.8 implies that there is an injection from Z+ o to the char-

acters given by F : m → fm . It is actually a bijection, because an injection
between sets of the same size — namely {m} and { fm } — must be a bijec-
tion. A slight variation on equation (13.7) allows us to go a little further,
namely
fm+` (ga ) = fm (ga ) f` (ga ) .
Thus the bijection becomes a group homomorphism. Using Theorem 13.3,
we obtain the following corollary.
Corollary 13.9. The characters of a finite Abelian group G together with
the multiplication ( fm fn )(ga ) = fm (ga ) fn (ga ) form a group that is isomor-
phic to G which in turn is isomorphic to Z+ o.

There is another interesting way to look at these characters. Order

the elements of Z+ +
o by defining some bijection, or counter, ϕ from Zo to
a
{1, · · · , n}. We can then think of fm (g ) as the ϕ(a)th component of the
vector fm in Cn . This is what we did in the tables (13.3). Theorem 13.8
implies that the vectors fm now form an orthogonal basis of Cn equipped
with the Hermitian inner product (Definition 13.4). Reformulating the theo-
rem gives yet another corollary. See Definition 13.26 and the exercises that
follow it for more details.
Corollary 13.10. If we define the vectors em as n−1/2 fm , then the set
{em }m∈Z+o is an orthonormal basis (Definition 13.5) of Cn .
270 13. Primes in Arithmetic Progressions

13.4. Dirichlet Characters and L-functions

The Dirichlet characters are essentially the characters of the multiplicative
group of the reduced residues of Zq (Z modulo q) with identity element 1.
See Section 5.4. In this Section, we will denote this group by Z× q . Since we
will use Dirichlet characters as the coefficients in Dirichlet series, we need
to convert them into arithmetic functions.
Definition 13.11. Corresponding to each character f : Z× ×
q → C , we define
a q-periodic arithmetic function χ f , the Dirichlet character modulo q, as
follows: 
 χ f (n) = f ( Resq (n)) if gcd(n, q) = 1
 χ f (n) = 0 if gcd(n, q) > 1
By Corollary 13.9, these characters form a multiplicative subgroup of C
that we will denote by Xq .

Recall that the principal Dirichlet character evaluates to 1 on numbers

relatively prime to q and equals 0 elsewhere. It will be denoted by χ f0 or
χ1 .
More generally, it is easy to see that the Dirichlet characters are com-
pletely multiplicative (Definition 4.2) arithmetic (Definition 4.1) functions.
For if gcd(ab, q) > 1, then gcd(a, q) > 1 or gcd(b, q) > 1 (or both). And
so from Definition 13.11, we see that then χ(ab) = χ(a)χ(b) = 0. On the
other hand, if both gcd(a, q) = 1 and gcd(b, q) = 1, then since f is a homo-
morphism, χ(ab) = χ(a)χ(b). That means that for any Dirichlet character
χ, we get χ(1) = 1.
Remark 13.12. Since from now on, we will only deal with Dirichlet char-
acters modulo q ∈ N, we will, in the interest of brevity, refer to these simply
as characters from now on.
Definition 13.13. The Dirichlet L-series associated to a Dirichlet character
χ is defined as
∞
χ(n)
L(χ, z) := ∑ z
.
n=1 n
The Dirichlet L-function associated to a Dirichlet character χ is the func-
tion defined by the analytic continuation of the Dirichlet L-series.
13.4. Dirichlet Characters and L-functions 271

Often these are abbreviated to L-series and L-function , though some authors
reserve those names for generalizations of those notions.
These L-function have the “feel” of a zeta function as the next result
indicates. We will use a complicated combination of L-functions as a “new”
zeta function to prove our main theorem. In the remainder of this chapter,
we abbreviate the function f has a well-defined analytic continuation in the
region S by f is analytic in S.
Proposition 13.14. If ψ is bounded and completely multiplicative, then
L(ψ, z) is analytic in Re z > 1 and
!
∞
−z
∞
ψ(pn )
ln ∑ ψ(n) n = ln L(ψ, z) = − ∑ ln(1−ψ(p)p−z ) = ∑ ∑ nz
.
n=1 p prime p n=1 np

If ψ is periodic and has average zero, then L(ψ, z) is analytic in Re z > 0.

Proof. The first equality follows from the definition of L. We paraphrase

the second proof of Proposition 2.20. Using the complete multiplicativity
of ψ, we obtain
∞ ∞
ψ(2)2−z L(ψ, z) = ∑ ψ(2)ψ(n) 2−z n−z = ∑ ψ(2n) (2n)−z .
n=1 n=1
Thus
1 − ψ(2)2−z L(ψ, z) = ∑ ψ(n)n−z .


2- n
Subsequently we multiply this expression by (1 − ψ(3)3−z ). This has the
effect of removing multiples of 3 from the remaining terms. Continuing
like this, it follows that eventually1
!
∏ (1 − ψ(p)p−z ) L(ψ, z) = 1 .
p prime

Upon taking the logarithm, we arrive at the second equality. The third one
— and analyticity — follows from Lemma 12.9.
To prove the last part, we use Proposition 12.15 and compute
Z x
L(ψ, z) = ∑ ψ(n) n−z = Ψ(x)x−z + z 1
Ψ(t)t −z−1 dt ,
n≤x

1Note that we use factorization in terms of primes here

272 13. Primes in Arithmetic Progressions

where Ψ(x) = ∑n≤x ψ(n). Since ψ has period, say, q with average 0, we
have Ψ(x + q) = Ψ(x), and so Ψ is bounded. Thus both terms in the above
equation converge for Re z > 0. 

13.5. Preliminary Steps

The way we want to prove the prime number theorem for arithmetic pro-
gressions is by defining an arithmetic function hq,a : N → C — the so-called
indicator function — that equals 1 when n is equal to a modulo q and 0 else-
where. With that function in hand, we then define ∑ p hq,a (n) n−z and use the
machinery in chapter 12 to compute the density of the primes in the arith-
metic progression (a, a + q, a + 2q, · · · ). But there is a problem here. The
function h is not multiplicative: hq,a (a2 ) is not generally equal to (hq,a (a))2
— by way of example, h3,2 (2) = 1 while h3,2 (22 ) = 0. So we have to be
more careful.
Lemma 13.15. Let gcd(a, q) = 1. We have

ϕ(q) if n =q a
∑ χ(a)χ(n) = .
χ∈Xq  0 else
Thus the indicator function hq,a equals (ϕ(q))−1 ∑χ∈Xq χ(a−1 )χ(n).

Proof. Since χ(a) has unit modulus, we have that χ(a)χ(a) = 1. Because
there are ϕ(q) characters, the first equality follows.
The second equality is automatic if either a or n is not co-prime to
q. If a and n are distinct co-primes, then recall that the characters form
an orthogonal basis. Thus there must be another character χ ∗ ∈ Xq so that
χ ∗ (a−1 n) 6= 1. Since the reduced residues mod q form a field, from the
above we must have that χ(a) = χ(a−1 ). Using multiplicativity, we obtain
that ∑χ∈Xq χ(a)χ(n) equals

∑ χ(a−1 n) = ∑ (χ ∗ χ)(a−1 n) = χ ∗ (a−1 n) ∑ χ(a−1 n) = 0 .

χ∈Xq χ∈Xq χ∈Xq

The first equality holds because χ∗χ

runs through the entire group (es-
sentially the same argument as Lemma 5.3). The second by multiplica-
tivity. 
13.5. Preliminary Steps 273

We will define quantities that allow us to mimic the proof of the prime
number theorem. To facilitate this, we use uppercase letters of the cor-
responding notation we used earlier. So ζ becomes Z, π becomes Π, θ
becomes Θ, and Φ stays the same. We will then proceed to give a proof
of the prime number theorem for arithmetic progressions that follows the
proof of Theorem 12.14 as closely as possible. As in Chapter 12, ∑ p and
∏ p mean sum or product over the (positive) primes.
The following definition should be compared with the definition of the
Riemann zeta function (Definition 2.19), of the prime counting function (in
Theorem 2.21), and Definition 12.1.
Definition 13.16. We introduce a new zeta function Zq,a , a function Πq,a
that counts the primes congruent to a mod q, and two auxiliary functions.
!
Zq,a (z) := ∏ L(χ, z)χ(a) = exp ∑ χ(a) ln(L(χ, z)) .
χ∈Xq χ∈Xq

Πq,a (x) := ∑ 1.
p≤x
p=q a
ln p
Θq,a (x) := ϕ(q) ∑ ln p and Φq,a (z) := ϕ(q) ∑ z
.
p≤x p=q a p
p=q a

From now on, we restrict a to Z×

q , the reduced residues modulo a.

Remark 13.17. Recall that there is at most 1 prime in each congruence

class that is not co-prime with q.

Note that Θq,a (x) ≤ ϕ(q)θ (x). Our first inequality follows from (12.6).
∃C > 0 such that Θq,a (x) ≤ Cx . (13.8)

The factor 1/ϕ(q) that figures so prominently in our main result, The-
orem 13.25, shows up in the following lemma.
Lemma 13.18. We have for x ≥ 2
Z x
Θq,a (x) 1 Θq,a (t)
Πq,a (x) = + dt .
ϕ(q) ln x ϕ(q) 2 t (lnt)2
274 13. Primes in Arithmetic Progressions

Proof. First note that since 2 is the smallest prime, equation (12.2) gives
Z x
1 d Θq,a (t)
Πq,a (x) = .
ϕ(q) 2−ε lnt
The rest follows as in Lemma 12.2 
Lemma 13.19. For Re z > 1, we have
Z ∞ 
Φq,a (z) 1 Θq,a (x)
− = − 1 x−z dx
z z−1 1 x
Z ∞
Θq,a (et )e−t − 1 e−zt+t dt .


=
0

Proof. Using (12.2), we can write Φq,a (z) as 1∞ x−z dΘq,a (x). Then apply
R

(12.3) (partial integration). The proof follows that of Lemma 12.3, except
that (12.6) is replaced by (13.8) 

13.6. Primes in Arithmetic Progressions

Now we follow the reasoning of Sections 12.3 to 12.5 as closely as possible.
Lemma 13.20. For Re z > 1, we have that
∞
  1
ln Zq,a (z) = − ∑ ∑ χ(a) ln 1 − χ(p)e−z ln p = ϕ(q) ∑ ∑ .
χ∈Xq p p-q n=1
npnz
pn =q a

and is analytic in that region.

Proof. The first equality follows from Proposition 13.14. Then we follow
the reasoning of Lemma 12.9 to get
  ∞
χ(pn )
− ln 1 − χ(p)e−z ln p = ∑ nz
,
n=1 np
where we used complete multiplicativity of χ. Since |χ| = 1, this is analytic
on Re z > 1. Substitute this back into the lemma. Analyticity then allows
us to perform the finite sum over χ first. By Lemma 13.15, this gives a
contribution ϕ(q) if both pn =q a and gcd(pn , q) = 1, and else zero. This
proves the second equality of the lemma. Now the proof follows verbatim
the second paragraph of the proof of Lemma 12.9. 
13.6. Primes in Arithmetic Progressions 275

Proposition 13.21. i) The functions (z − 1)Zq,a (z) and (z − 1)Zq,a 0 (z) +

zZq,a (z) have well-defined analytic continuations on Re z > 0.

ii) (The analytic continuation of) (z − 1)Zq,a (z) evaluated at z = 1 does not
equal 0.

Proof. Since χ1 (a) = 1, Definition 13.16 gives

 
 
(z − 1)Zq,a (z) = (z − 1)L(χ1 , z) · exp 
 ∑ .
χ(a) ln(L(χ, z))
χ∈Xq
χ6=χ1

We need to show that (z − 1)L(χ1 , z) and L(χ, z) are analytic in Re z > 0,

and therefore so is (z−1)Zq,a (z). Adding this function to its derivative gives
0 (z) + zZ (z).
(z − 1)Zq,a q,a
Since χ1 (n) equals 0 or 1, we can define
1
h(z) := L(χ1 , z) − .
z−1
The same argument presented in Proposition 12.10, shows that also here, h
is analytic in Re z > 0. Therefore, the same holds for
(z − 1)L(χ1 , z) = (z − 1)h(z) + 1 . (13.9)
Recall that any non-principal χ is orthogonal to the principal character χ1 .
Since χ1 is always 1 (on co-primes), χ must have average zero. All charac-
ters are periodic by construction, so Proposition 13.14 implies that ln L(χ, z)
is analytic in Re z > 0. This proves part (i).
Part (ii) is implied by the fact that (13.9) implies that (z − 1)L(χ1 , z)
evaluated at z = 1 gives 1 and that the exponential in the above expression
for (z − 1)Zq,a (z) cannot give zero. 
Lemma 13.22. Zq,a (z) has no zeroes on the line z = 1 + iτ (τ real).

Proof. Define E := ln(Zq,a (σ )3 Zq,a (σ + iτ)4 Zq,a (σ + 2iτ)). By Proposi-

tion 13.21, Zq,a has a simple pole at 1 and no poles in Re z > 1. Thus if Zq,a
has a zero at 1 + iτ, then the expression eE evaluated at σ + iτ where σ is
slightly greater than 1, would yield a number that is very close to zero. The
rest of the proof follows that of Lemma 12.11 verbatim. 
Φq,a (z) 1
Proposition 13.23. z − z−1 has an analytic continuation in the closed
half plane Re z ≥ 1.
276 13. Primes in Arithmetic Progressions

Proof. By Lemma 13.20,

0 (z)
−Zq,a χ(a)χ(p)p−z ln p χ(a)χ(p) ln p
= ∑ ∑ −z
= ∑ ∑ .
Zq,a (z) χ∈Xq p 1 − χ(p)p χ∈Xq p pz − χ(p)
1
To express this in terms of the function Φq,a , we use x−k = 1x + x(x−k)
k
to get
0 (z)
−Zq,a χ(a)χ(p) ln p χ(a)χ(p)2 ln p
= ∑∑ z
+∑ z z .
Zq,a (z) χ p p p p (p − χ(p))

Now we note that by Lemma 13.20, in the region z > 1, we may do the
summation over χ first. We then see that by Lemma 13.15, the first term
on the right hand side equals Φq,a (z). The rest of the proof follows that of
Lemma 12.12 
Lemma 13.24. For all q ≥ 2 and a such that gcd(a, q) = 1:
Θq,a (y) − y Θq,a (x)
Z ∞
i) dy exists =⇒ lim = 1.
1 y2 x→∞ x

Θq,a (x) Πq,a (x) 1

ii) lim = 1 ⇐⇒ lim = .
x→∞ x x→∞ x/ ln x ϕ(q)
(If gcd(a, q) > 1, the density of primes is 0.)

Proof. The proof of (i) is entirely parallel to that of Lemma 12.13. For the
proof of (ii), we use Lemma 13.18 and (13.8) instead of Lemma 12.2 and
(12.6). So,
Z x
Θq,a (x) 1 Θq,a (t) 1 Cx
Πq,a (x) − = 2
dt ≤ (1 + ε) .
ϕ(q) ln x ϕ(q) 2 t (lnt) ϕ(q) (ln x)2
for any ε > 0. Multiply both sides by ln x/x to obtain the result. 
Theorem 13.25 (Prime Number Theorem for Arithmetic Progressions).
We have
Πq,a (x) 1 Πq,a (x) 1
1) lim = and 2) lim R x = .
x→∞ (x/ ln x) ϕ(q) x→∞ lnt dt ϕ(q)
2

Proof. The equivalence of (1) and (2) is the same as in Theorem 12.14.
So we only need to prove part (1). Lemma 13.19 gives
Φq,a (z + 1) 1
Z ∞
Θq,a (et )e−t − 1 e−zt dt .


− =
z+1 z 0
13.7. Exercises 277

Proposition 13.23 says that the left-hand side has an analytic continuation
in Re z ≥ 0 while equation (13.8) says that Θq,a (e−t )e−t − 1 is bounded. But
then, by Theorem 11.18, 0∞ (θ (et )e−t − 1) dt exists. Finally, Lemma 13.24
R

implies that then (1) holds. 

13.7. Exercises
Exercise 13.1. a) Finish the computation of (13.6) to show that fm is mul-
tiplicative. (Hint: see equation (13.4).)
b) Check that the entries table on the right in (13.3) correspond to (13.5).

Exercise 13.2. a) Show that Z× +

5 as a group is isomorphic to Z4 . In other
× + ×
words, find a bijection f : Z5 → Z4 such that for all a, b in Z5 , f (ab) =
f (a) + f (b).
b) Show that Z× +
7 is isomorphic to Z6 .
c) Show that Z6 is isomorphic to Z2 × Z+
+ +
3.

Exercise 13.3. Let f : G → H a bijective homomorphism between groups.

Use multiplicative notation.
a) Show that for every a and b in H, there are unique x and y in G such that
x = f −1 (a) and y = f −1 (b) ,
where f −1
is the inverse of f .
b) Show that (a) implies that
xy = f −1 (a) f −1 (b) .
c) Show that (b) implies that f (xy) = ab and thus xy = f −1 (ab).
d) Conclude that f −1 is also a homomorphism.

Exercise 13.4. a) Show that Z× + +

16 is isomorphic to Z2 × Z4 .
× +
b) Show that Z16 is not isomorphic to Z8 . (Hint: find the elements of order
8.)
c) Consider the residues modulo 16 with addition and multiplication and
verify that it is a ring.
d) Find the units (Definition 5.25) of this ring.
e) Show that the units of a (commutative) ring form a multiplicative
Abelian group.

Exercise 13.5. a) Find a primitive root a modulo 26 (see Definition 5.5).

b) Find a primitive root b modulo 13.
c) Show that Z× × i i
26 is isomorphic to Z13 . (Hint: let h map a to b and show
that h is a bijective homomorphism.)
d) Use Theorem 5.7 to prove that for odd primes, Z× pk
is isomorphic to
Z×
2pk
.
278 13. Primes in Arithmetic Progressions

Definition 13.26. Given x = (x0 , x1 , · · · , xn−1 )T ∈ Cn . The discrete Fourier

transform is defined as
n−1 km
xbm = ∑ xk e−2πi n ,
k=0
for m ∈ {0, · · · , n − 1}. The inverse discrete Fourier transform is given by
n−1
1 km
xk = ∑ xbm e2πi n .
n m=0

Exercise 13.6. a) What are the characters of the group Z+ n?

b) Show that the composition of the discrete Fourier transform and the
inverse discrete Fourier transform of Definition 13.26 is the identity (i.e.
they are inverses of one another). (Hint: use Theorem 13.8 and equation
(13.2).)
1
c) Set α := e2πi n . Let F be the n by n matrix whose (m, k) entry is
α −(k−1)(m−1) . Show that the discrete Fourier transform is:
xb = Fx .
d) From Definition 13.26, deduce the inverse F −1 of the matrix F.

Exercise 13.7. a) What are the characters of the group Z+ +

n × Zm ?
b) What are the formulas in this case for the discrete Fourier transform and
its inverse? (Hint; think of this as a two-dimensional version of the Fourier
transform.)

Exercise 13.8. a) Use Theorem 13.8 and exercise 13.5 to construct the
characters of Z× ×
13 and Z26 .
b) Show that these characters basically correspond to the Fourier transform
of Definition 13.26, except that the xk are re-ordered (see also exercise
13.10).

Exercise 13.9. Proposition 2.20 is very similar to Proposition 13.14, but

the former was proved in two different ways. Give the “other” proof of
Proposition 13.14.
b) Is it sufficient for χ to be multiplicative (i.e. not completely multiplica-
tive)?
13.7. Exercises 279

Exercise 13.10. a) For any odd prime p denote by g its smallest primitive
root. Show that there is a bijection ind p : Z× +
p → Z p−1 given by
ind p (ga ) = a .
The value ind p (x) is called the index of x relative top p. The prime root g
is called the base.
b) For every odd prime less than 20, choose the smallest primitive root as
base, and determine the indices of {1, 2, · · · , p − 1}. Hint: as an example,
for p = 17 with base 3, we obtain the following table

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
16 14 1 12 5 15 11 10 2 3 7 13 4 9 6 8
c) Prove that the indices behave like logarithms, that is:
ind p (ab) =ϕ(p) ind p (a) + ind p (b) and ind p (ak ) =ϕ(p) k ind p (a) .

Exercise 13.11. In this exercise, we use indices (exercise 13.10) to solve

9x8 =17 8 .
a) Use exercise 13.10 (c) to show that the equation above is equivalent to
ind 17 (9) + 8 ind 17 (x) =16 ind 17 (8) .
b) Use exercise 13.10 (b) to show that (a) is equivalent to
8 ind 17 (x) =16 8 .
c) Use Corollary 3.8 to find the solutions to this equation. (Hint: there are
8 solutions.)

Exercise 13.12. Show that for any k > 0 there are infinitely many primes
ending in k consecutive 9’s.
There are useful relations between the newly minted functions in this chap-
ter and their counterparts in Chapter 12. We prove the following lemma in
exercise 13.13
Lemma 13.27. Let q = ∏ri=1 pki i . We have the following equalities:

L(χ1 , z) = ζ (z) ∏ p|q 1 − p−z

i) i ,
ii) ∏a∈Z×q Zq,a (z) = ζ (z)ϕ(q) ∏ p|q 1 − p−z

ϕ(q)
i .
280 13. Primes in Arithmetic Progressions

Exercise 13.13. a) Using the Euler product of Proposition 13.14, show that
ln L(χ1 , z) = − ∑ ln(1 − p−z ) + ∑ ln(1 − p−z ) ,
p p|q
b) Show that (a) implies item (i) of Lemma 13.27.
c) Show that

∏ Zq,a (z) = L(χ1 , z)ϕ(q) ∏ L(χ, z)∑a χ(a) .

a χ6=χ1
d) Show that (c) implies item (ii).
Many special cases of Dirichlet’s theorem can be proved without using the
machinery we have developed chapters 11 and 12 and applied in the current
chapter. We discuss these cases in the next three problems.
Exercise 13.14. Define S := {3 + 4k | k ∈ N}. Assume there are finitely
many primes in S, namely {p1 , · · · , pk } and derive a contradiction. Denote
k
P = 4 ∏ pi and D = P−1.
i=1
a) Show that D is not prime. (Hint: D =4 3.)
b) Use (a) to show that D must have a prime divisor pi in S. (Hint: xy =4 3
iff one of x or y is congruent to 3.)
c) Use (a) and (b) to show that there is a k such that
k
D = kpi = −1 + 4pi ∏ p j .
j6=i
d) Use (c) to derive that pi | 1, a contradiction.

Exercise 13.15. Define S := {1 + 3k | k ∈ N}. Assume there are finitely

many primes in S, namely {p1 , · · · , pk } and derive a contradiction. Denote
k
P = 3 ∏ pi and D = P2 + P + 1 .
i=1
a) Show that D must have a non-trivial prime divisor r 6= 3 and r 6∈ S. (Hint:
D =3 1 and pi - D.)
b) Show that P3 =r 1. (Hint: P3 − 1 = (P − 1)D.)
c) Show that Ord× 2
r (P) = 3. (Hint: if P =r 1, then P =r 1 by (b) and so
D =r 3; the latter is impossible, because by (a), D =r 0 and r 6= 3.)
d) Use (a) to show that gcd(P, r) = 1 and so Pr−1 =r 1. (Hint: Fermat’s
little theorem.)
e) Use (c) and (d) to show that 3 | (r − 1).
f) Point out the contradiction.
13.7. Exercises 281

Exercise 13.16. For any q > 1, define S := {±1 + qk | k ∈ N}. Assume

there are finitely many primes in S, namely {p1 , · · · , pk } and derive a
contradiction. Denote
k m−1
P = q ∏ pi and D=± ∑ Pi .
i=1 i=0
a) Show that D must have a prime divisor r - q and r 6∈ S. (Hint: for any
divisor e of q, D =e 1 and similarly D = pi 1.)
b) Show that Pq =r 1. (Hint: Pq − 1 = (P − 1)D and D = xr.)
c) Show that Ord× ×
 (Hint: Ordr (P) = d | q; if q = de with d, e >
r (P) = q.
1, then D =r ± ∑d−1 i=0 P
i
∑e−1
i=0 P
id = ±e; the latter is impossible,
r
because by (a), D =r 0 and r - e.)
d) Use (a) to show that gcd(P, r) = 1 and so Pr−1 =r 1. (Hint: Fermat’s
little theorem.)
e) Use (c) and (d) to show that q | (r − 1).
f) Point out the contradiction.
Dirichlet proved a weaker version of Theorem 13.25 that does not use the
Tauberian convergence argument of Theorem 11.18. We discuss the proof
in exercise 13.17 below.
Theorem 13.28 (Dirichlet’s Theorem). Define S := {n ∈ N : n =q a}.
Then
∑ p∈S p−z 1
lim −z
= .
z→1 + ∑p p ϕ(q)

Exercise 13.17. a) Use Proposition 13.14 to show that for real z ≥ 1 and
χ(a)χ(p)
χ 6= χ1 , ∑ p pz is bounded.
b) Use Lemma 13.15 to show that for Re z > 1
!
1 1 χ(a)χ(p) 1 χ(a)χ(p)
∑ = ∑ ∑ pz = ϕ(q) L(χ1 , z) + ∑∑ .
p=q a pz ϕ(q) χ∈Xq p χ6=χ1 p
pz
L(χ1 ,z)
c) Use Proposition 12.10 (ii) and (13.9) to show that limz&1+ ζ (z)
= 1.
d) Show that (a), (b), and (c) imply Dirichlet’s theorem.

Definition 13.29. The natural density of a set S ⊆ T relative to T is

S(x)
lim ,
x→∞ T (x)
282 13. Primes in Arithmetic Progressions

where S(x) = card (S ∩ [1, x]) and T (x) = card (T ∩ [1, x]). The Dirichlet
density of a set S ⊆ T relative to T is
∑n∈S n−z
lim .
z&1+ ∑n∈T n−z

Usually, the set T is understood to be the set of primes in N or N itself. The

function ∑ p p−z is sometimes called the prime zeta function.

Exercise 13.18. a) Show that for n ≥ 2

1 1 ∞ 1
Z
∑ npnz < n 1 x−nz dx = n(nz − 1) .
p

b) Use (a) and Lemma 12.9 to show that as z & 1+

ln ζ (z) = ∑ p−z + bounded .
p

c) Use (12.10) to show that as z & 1+

ln ζ (z) = − ln(z − 1) + bounded .
(Hint: h is analytic near z = 1 and from (12.10), one easily sees that it is
negative for z near 1 and real.)
d) Use (b) and (c) to show that as z & 1+
∑ p−z = − ln(z − 1) + bounded .
p
e) Therefore
∑ p f (p)p−z ∑ p f (p)p−z
lim+ −z
= lim+ .
z&1 ∑p p z&1 − ln(z − 1)

The relation between natural density and Dirichlet density (Definition 13.29)
is somewhat subtle. If the natural density exists then so does the Dirichlet
density, but not vice versa. To establish the former, we prove Lemma 13.30
below in exercise 13.19. The other direction of this statement is not so easy;
it is established by way of a counter-example in exercises 13.20 and 13.21.
Lemma 13.30. Let A and B be non-empty subsets of N and an and bn are
their indicator functions. That is: an equals 1 if n ∈ A and 0 elsewhere, and
similar for bn . Furthermore, A(x) = ∑n≤x an and similar for B(x). Now we
have for Re z > 1:
−z
A(x) ∑∞
n=1 an n
lim =µ =⇒ lim −z
=µ.
x→∞ B(x) z&1+ ∑∞
n=1 bn n
13.7. Exercises 283

Exercise 13.19. a) Use Abel summation to show that for Re z > 1

∞ Z ∞
∑ an n−z = z 1
A(t)t −z−1 dt .
n=1
(Hint: also use that A(x) ≤ x.)
b) Show that the hypothesis of Lemma 13.30 implies that for all ε > 0, we
have |A(x) − µB(x)| < εB.
c) Show that under the hypothesis of that lemma, we have that for all ε > 0,
A(t)t −z−1 dt
R∞
R1∞ −µ < ε.
1 B(t)t −z−1 dt
µB(t)t −z−1 dt
R∞
(Hint: write µ as R1 ∞ and use (b).)
1 B(t)t −z−1 dt

Definition 13.31. The logarithmic density of a set S ⊆ T relative to T is

∑k∈S,k≤x k−1
lim .
x→∞ ∑k∈T,k≤x k−1
Usually, the set T is understood to be the set of primes in N or N itself.

2 8 32

0 4 16 64

1 2 4 8 16 32 64 128 256

Figure 65. The set S consists of the natural numbers contained in in-
tervals shaded in the top figure of the form [22n−1 , 22n ). The bottom
picture is the same but with a logarithmic horizontal scale.
284 13. Primes in Arithmetic Progressions

Exercise 13.20. We show that the set S depicted in top of Figure 65 does
not have a natural density (relative to N), but that it does have a logarithmic
density.
a) Show that the limsup of the natural density is at least 5/8 while the
liminf of the density is at most 3/8. (Hint: first, take the average up to the
green points in the figure, and then up to the blue points)
b) Use Figure 66 to show that
2m −1 2m −1
2−m
Z 1
1 1
∑ = ∑ = dx + rm = ln 2 + rm ,
j=0 2m + j j=0 1 + j 2−m 0 1+x

where rm ∈ [0, 2−m+1 ].

(Note: for Riemann sum, see [42]chapter 6.)
c) Use (a) to show that
1 1
∑ k−1 = 2 log2 n ln 2 + R(n) = 2 ln n + R(n) ,
k∈S,k≤n
where |R(n)| ≤ 2(1 + ln 2).
d) Use (b) and exercise 12.3 (c) to show that the logarithmic density of S
is 1/2. (Note: a much simpler heuristic argument gives that according to
exercise 12.3 the logarithmic density corresponds to redrawing S with the
horizontal coordinate logarithmic as in the bottom picture of Figure 65,
and then computing the density.)

f(0)

dx

f(1)

0 1

Figure 66. Proof that 01 f (x) dx is between ∑kj=1 f ( j dx)dx and

R

∑k−1
j=0 f ( j dx)dx if f is strictly decreasing.
13.7. Exercises 285

Exercise 13.21. We show that if the logarithmic density of a set S (Defini-

tion 13.31) exists, then its Dirichlet density equals the logarithmic density.
a) Denote the elements of S by {n1 , n2 , · · · } and show that for Re z > 1
−1

1−z
n − (n + 1)1−z =


∑∞
n=1 ∑k∈S,k≤n k
 
n−1 n1−z
− (n 1 + 1) 1−z + · · · + (n − 1)1−z − n1−z
2
 1 1
 2

+ n−1 1 + n −1
2 n 1−z
2 − (n 2 + 1) 1−z + · · · + (n − 1)1−z − n1−z
3 3
  
+ n−1 −1
1 + n2 + n3
−1
n31−z − (n3 + 1)1−z + · · · + (n4 − 1)1−z − n1−z
4

+···
= ∑n∈S n−z .

(Hint: n−1
1 gets multiplied by (n
1−z − (n + 1)1−z ) for n ≥ n , n−1 by
1 2
(n1−z − (n + 1)1−z ) for n ≥ n2 , and so on. The sums as given telescope
to n−1 1−z 1−z −1 −1 1−z 1−z
1 (n1 − n2 ), (n1 + n2 )(n2 − n3 ), and so forth.)
b) Show that if the logarithmic density of S (with respect to N) equals µ,
then, by (a), we have
!
∞  
−z −1
∑ n = ∑ ∑ k n1−z − (n + 1)1−z =
n∈S n=1 k∈S,k≤n
!
∞  
−1
= ∑ µ ∑k n1−z − (n + 1)1−z =
n=1 k≤n
= µ ∑ n−z .
n∈N
c) Use (b) to demonstrate the statement heading this exercise.
To emphasize once again the similarity between our generalized zeta func-
tions and ζ of Chapter 12, we show that Zq,a has no zeroes in Re z > 1. The
proof can be copied from exercise 4.23, provided you make the requisite
substitutions.
Definition 13.32. The function Mq,a : N → Z is given by:




 1 if n = 1
0 if ∃p prime with p 6=q a and p | n

Mq,a (n) = .


 0 if ∃p prime with p2 | n
 (−1)r

if n = p1 · · · pr and pi =q a
This the counterpart of the Möbius function of Definition 4.6.
286 13. Primes in Arithmetic Progressions

Exercise 13.22. a) Show that Mq,a is a multiplicative function. (Hint: com-

pare with the Möbius function in Chapter 4.)
b) Use Euler’s product formula and Definition 13.32 to show that in
Re z > 1
!
1 −z

i −iz
= ∏ 1− p = ∏ ∑ Mq,a (p )p .
Zq,a (z) p= qa p prime i≥0
c) Without using equation (4.7), prove that the expression in (b) equals
∑n≥1 Mq,a (n) n−z . (Hint: since Mq,a is multiplicative, you can write a
proof re-arranging terms as in the first proof of Euler’s product formula.)

Exercise 13.23. Show that for q > 1 in N:

!1/n
lim ∏ p = e1/ϕ(q)
n→∞
p≤n, p=q a
if and only the prime number theorem for arithmetic progressions holds.
(Hint: see Lemma 13.24 (ii). See also exercise 12.26.)
In exercises 13.24 and 13.25, we prove partial versions of some remarkable
results knowns as Mertens’ theorems. These were proved 22 years before
the prime number theorem [37]. More details can be found in [26] [Section
22]. The version we give summarizes the statements given in [36].
Theorem 13.33 (Mertens’ Theorems).
 
i) limx→∞ ∑ p≤x lnpp − ln x = −B3 ≈ −1.3326 .
 
ii) limx→∞ ∑ p≤x 1p − ln ln x = B1 ≈ 0.2615 .

limx→∞ ∑ p≤x ln 1 − p−1 − ln ln x = −γ .

iii)
B1 and B3 are sometimes called Mertens constants , but also go by other
names. γ is the Euler-Mascheroni constant (see exercise 12.3).
13.7. Exercises 287

Exercise 13.24. a) Deduce from (12.4) and unique factorization that

1 ln p
ln(n!) = ∑ .
n k
p ≤n
pk
(Note: we sum over both the relevant integers k and primes p.)
b) Show that (a) implies that for some K1 > 0
1 ln p
ln(n!) − ∑ < K1 .
n p≤n p

(Hint: ∑k≥2 p−k = 1/(p(p − 1)).)

c) Use exercise 12.4 (a) to show that there is a K2 so that
1
ln(n!) − ln n < K2 .
n
d) Conclude that R(x) is bounded where
ln p
R(x) := ∑ − ln n .
p≤n p

Figure 67. The function ln(ln(x)) for x ∈ [1, 1040 ].

288 13. Primes in Arithmetic Progressions

Exercise 13.25. a) Let an = lnpp is n = p a prime and 0 else and set f (t) =
1/ lnt. Now use Abel summation (Proposition 12.15) to show that
Z x
1 1 ln p 1 ln p
=
∑ p ln x ∑ p + 2 ∑ p
dt .
n≤x p≤x 2 t(lnt) p≤t
b) Use exercise 13.24 (d) applied to the previous item to show that
Z x Z x
1 R(x) 1 R(t)
∑ = 1+ + dt + dt
n≤x p ln x 2 t lnt 2 t(lnt)2
c) Conclude that
1
∑ = ln ln x + o(ln ln x) .
p≤x p
d) Compare (a) with exercise 13.18(d).
e) To appreciate how agonizingly slow the approach of ln ln x to infinity is,
10
approximate ln ln 1010 . (Hint: about 25).
10
f) To write that number — 1010 — in full decimal notation in a series
of books, how many books would you fill? Assume that you write 2000
characters on a page and that 500 pages make one book.
Chapter 14

The Birkhoff Ergodic

Theorem

Overview. To fully understand and appreciate the proof of the Birkhoff

ergodic theorem, we have to dig a little deeper in analysis. We give the
necessary background in this chapter and then prove the theorem. It is rec-
ommended that you carefully read Sections 9.1 and 9.2 again before starting
Sections 14.1 and 14.2 below.

14.1. Measurable Functions

We recall from Section 9.2 that if we have a space X and a collection Σ of
measurable sets, then the pair (X, Σ) is called a measurable space. A func-
tion f : X → X is called measurable function if the inverse image under f
of any measurable set is measurable. A measure µ is a non-negative func-
tion from Σ to [0, ∞] that is countably additive on disjoint measurable sets
(Definition 9.4). A triple (X, Σ, µ) is called a measure space. A probability
measure is a measure that assigns a measure 1 to the entire space. It is time
to refine our understanding of those concepts.
Definition 14.1. A sigma algebra or σ -algebra is a collection Σ of sets with
the following properties:
0/ ∈ Σ and Σ is closed under complementation and under countable union.
In any topological space, the smallest σ -algebra that contains the open sets
are the Borel sets (Definition 9.1).

289
290 14. The Birkhoff Ergodic Theorem

Remark 14.2. Since (∪i∈N Ai )c = ∩i∈N Aci , we see that a σ -algebra is also
closed under countable intersection.

We are now in a position to give a more formal definition of a measure

(see Definition 9.4. The determination that certain combinations of mea-
surable sets are still measurable will play a role in the proof of Birkhoff’s
theorem.
Definition 14.3. Let (X, Σ) be a measure space. A measure is a function µ :
Σ → [0, ∞] such that µ(0)
/ = 0 and for every countable sequence of disjoint
(measurable) sets Si :
∞
µ(∪∞
i=1 Si ) = ∑ µ(Si ) .
i=1
If Σ contains the open sets, then µ is called a Borel measure .
Definition 14.4. A function f from a topological space X to R is called
measurable if for all x ∈ R, f −1 ((x, ∞)) is a measurable set.

Suppose f is measurable. Since f −1 ((−∞, x]) is the complement of the

measurable set f −1 ((x, ∞)), it is also measurable. f −1 ([x, ∞)) can be written
as the (countable) intersection ∩n∈N f −1 ((x − 1n , ∞)), it, too, is measurable.
Again, by complementation, f −1 ((−∞, x)) is measurable.
It is easy to see that if f and g are measurable, then h(x) = sup{ f (x), g(x)}
is measurable because h−1 ((x, ∞)) = f −1 ((x, ∞)) ∪ g−1 ((x, ∞)). Similar for
inf{ f (x), g(x)}. Almost as easy is the fact that also f + g and f · g are mea-
surable. For the set
Ar1 ,r2 := {x | f (x) > r1 } ∩ {x | g(x) > r1 }
is measurable for all rationals ri , and therefore so is the (countable) union
of Ar1 ,r2 over those rationals such that r1 + r2 > x or such that r1 r2 > x.
Lemma 14.5. Let { fn } be a sequence of measurable functions. Then supn fn (x),
infn fn (x), lim supn fn (x), and lim infn fn (x) are measurable.

Proof. Set h± equal to supn fn (x) and infn fn (x), respectively. Then
h−1 ∞ −1
+ ((x, ∞)) = ∪n=1 f n ((x, ∞)) ,

which proves the first case. The proof for h− is same, except that the union
must be replaced by an intersection.
14.2. Dominated Convergence 291

Set g± equal to lim supn fn (x) and lim infn fn (x), respectively. Since
g+ (x) = lim sup fi (x)
n→∞ i≥n

and supi≥n fi (x) is non-increasing (in i), we can replace the above limit by
the infimum, and use the above results for supremum and infimum to get
g−1 −1
+ ((x, ∞)) = ∩n≥1 ∪i≥n f i ((x, ∞)) .

A similar reasoning works for g− . 

Remark 14.6. As a result, the pointwise limit (if it exists) of a sequence of
measurable functions is also measurable.

14.2. Dominated Convergence

In this section, we prove — largely inspired by [7] — Lebesgue’s dominated
convergence theorem. This is a result of fundamental importance in its
own right. It is widely used not only in analysis but also in applications of
analysis to the study of partial differential equations and probability theory
among others. Here we will need it to prove the ergodic theorem.
The following theorem says that almost everywhere convergence im-
plies nearly uniform convergence, that is: convergence is uniform, except
on a set of small measure. See Figure 68.
Theorem 14.7 (Egorov’s Theorem). Let (X, Σ, µ) a finite measure1 space.
Suppose that { fi } is a sequence of measurable functions, so that µ almost
everywhere, fi (x) converges pointwise2 to f (x). Then there is a set U ∈ Σ
on which the convergence of fi → f is uniform, and so that the exceptional
set X\U has arbitrarily small (but positive) measure.

Proof. Let
 
1
Am,n := x ∈ X : ∀i ≥ m , | fi (x) − f (x)| < .
n
We have Am,n ⊆ Am+1,n and ∪m Am,n covers all of X, except for a measure
zero set Zn (see Figure 68). Thus we can choose mn such that
ε
µ(X\Amn ,n ) < n . (14.1)
2
1a space with µ(X) < ∞
2Pointwise convergence means that for x fixed lim fi (x) = f (x).
i→∞
292 14. The Birkhoff Ergodic Theorem

1
1/n f3 f2

f1

0 1
A1,n
0
A 3,n A 2,n

Figure 68. A sequence of functions fn (x) = x1/n that converge almost

everywhere pointwise to f (x) = 1 on [0, 1]. The convergence is uniform
on U = [ε, 1] for any ε ∈ (0, 1).

For any x in the intersection of all Amn ,n , we have that for i ≥ mn , | fi (x) − f (x)| <
1/n. And thus on U := ∩n≥1 Amn ,n , we have uniform convergence. Within
X, we have (∩n≥1 Amn ,n )c = ∪n≥1 Acmn ,n (see Figure 69 and exercise 14.1),
where the superscript indicates complement. So
X\U = ∩n≥1 (X\Amn ,n ) ,
and so, by equation (14.1) and subadditivity (9.1), µ(X\U) < ε. 

X A2
A1

Figure 69. This figure illustrates that (∩ Ai )c = ∪i Aci .

Next we prove first that integrable functions nearly live on sets of finite
measure and that integrals over small sets are small.
Lemma 14.8. Suppose : X → [0, ∞] is measurable and integrable. Then:
R
i) for every ε > 0 there is a set F of finite measure such X\F g dµ < ε.
ii) for all ε > 0, there is a δ > 0 such that for all small sets S with µ(S) < δ ,
R
S g dµ < 2ε.
14.2. Dominated Convergence 293

Proof. Let {yi } be a countable partition of the range of g. Denote Ai =

f −1 ({y : y ≥ yi+1 }) and ∆i = yi+1 −yi . From the definition of the Lebesgue
integral (Section 9.2 and Figure 70), we see that for every ε > 0 we can
choose a partition so that
∞ Z ∞
ε
∑ µ(Ai )∆i < g dµ < + ∑ µ(Ai )∆i .
2 i=1
i=1
Since the sum must converge, we can truncate at some n to get
n Z n
∑ µ(Ai )∆i < g dµ < ε + ∑ µ(Ai )∆i . (14.2)
i=1 i=1
Collect those Ai for which ∆i is positive in this sum; their union F must
have finite measure (otherwise that sum would diverge). Now we compute
!
Z Z Z n n
g dµ = g dµ − g dµ < ε + ∑ µ(Ai )∆i − ∑ µ(Ai )∆i .
X\F X F i=1 i=1
The last inequality follows from the two inequalities in (14.2).

y
5

y
4
f(x)
y3

y
2

y
1
y
0

Figure 70. The definition of the Lebesgue integral. Let {yi } be a count-
R
able partition of the range of

f . We approximate f dµ from below by
−1
∑i µ f ({y : y ≥ yi+1 }) (yi+1 − yi ). f is integrable if the limit con-
verges as the mesh of the partition goes to zero. The function y in the
proof of Lemma 14.8 (ii) is indicated in red. (Here µ is the Lebesgue
measure.)

To prove (ii), we start at equation (14.2). Denote by y the function

whose value equals yi on Ai (see Figure 70). Let y+ be the maximum of the
yi (in the definition of Ai ) for which the ∆i are positive. Choose δ so that
h+ δ < ε. Then for any B with µ(B) < δ
Z Z Z Z Z
g dµ = (g − y) dµ + y dµ < (g − y) dµ + y dµ < 2ε .
B B B X B
294 14. The Birkhoff Ergodic Theorem

y dµ is simply ∑ni=1 µ(Ai )∆i .)

R
(Note that X 
Theorem 14.9 (Lebesgue’s Dominated Convergence Theorem). Let { fk }
be a sequence of real valued measurable functions on (X, Σ, µ). Suppose
that the sequence converges µ almost everywhere to f and that it is domi-
nated by an integrable function g so that for all k, | fk (x)| ≤ g(x). Then
Z Z Z
lim fk dµ = lim fk dµ = f dµ .
k→∞ k→∞

Proof. For any set U ∈ Σ, we have (using linearity of the integral)

R R R R R R
| fk dµ − f dµ| = X\U fk dµ − X\U fk dµ + U fk dµ − U f dµ
R R
≤ 2 X\U g dµ + | U ( fk − f ) dµ| .
(14.3)
We consider the finite measure case (where µ(X) < ∞) and the infinite mea-
sure case separately.
When µ(X) < ∞, we use Egorov’s theorem to choose the set U on
which we have uniform convergence while at the same time making sure
that X\U is small so that µ(X\U) < δ as in Lemma 14.8 (ii). So for any
η > 0 we can choose k large enough so that (14.3) becomes
Z Z
fk dµ − f dµ < 2ε + η µ(U)

Upon choosing η small enough, the result follows because µ(U) < ∞.
In the infinite measure case, we need to do one step extra. Use Lemma
14.8 (i) to first find a set F of finite measure so that
Z Z Z
( fk − f ) dµ ≤ 2 g dµ + ( fk − f ) dµ ,
X\F F
where the first integral on the right hand can be made smaller than any
ε > 0. The second integral can no be estimated in exactly the same way as
before. 
Remark 14.10. While we proved the theorem here for real valued func-
tions, it also holds for complex valued functions. One simply proves the
result for the real and imaginary parts separately.
14.3. Littlewood’s Three Principles 295

14.3. Littlewood’s Three Principles

The subject of real analysis, and measure theory and Lebesgue integration in
particular, overtook the older, more informal notions of length and Riemann
integration in part because extremely useful theorems like the dominated
convergence theorem simply do not hold in the older setting. Here is a
simple example to illustrate that.
Let fn : [0, 1] → R be given by fn (x) = 1 if x = ki with k ≤ n and
gcd(i, k) = 1, while everywhere else fn (x) = 0. Clearly, each fn is Rie-
mann integrable (having only finitely many discontinuities). Also the fn are
R
dominated by g(x) = 1. However limn→∞ fn dx = 0 and limn→∞ fn is not
Riemann integrable, because it has a dense set of discontinuities. In exer-
cise 14.7, we show that even restricting to continuous functions does not
save the theorem for Riemann integration.
Nonetheless, this more powerful mode of reasoning seems very ab-
stract and for that reason it is difficult to develop an intuition in the subject.
It is perhaps comforting to know that at least some of the masters of the sub-
ject themselves recognized this. The most famous instance of this is formed
by Littlewood’s three principles [34].
Each of these principles describes a desirable behavior that indeed
holds if only one excludes sets of arbitrarily small measure. This is ex-
pressed by the word “nearly”: we say that the behavior nearly holds.
• Every measurable set is nearly a finite union of disjoint open in-
tervals.
• Every measurable function is nearly continuous.
• Every pointwise convergent sequence of functions is nearly uni-
formly convergent.
The first principle is in fact Proposition 9.3 (ii). The third principle is of
course Egorov’s theorem (Theorem 14.7). The second principle is Luzin’s
Theorem (Theorem 14.11). For completeness, we state it here without proof
(though, see [7]).
Theorem 14.11 (Luzin’s Theorem). Let f be measurable in (R, Σ, µ)
where Σ are the Borel sets and µ is the Lebesgue measure. For every ε > 0,
there is a small open set S of (Lebesgue) measure less than ε so that f is
continuous when restricted to R\S.
296 14. The Birkhoff Ergodic Theorem

One must be careful in the interpretation of this last result: it does not
mean that the points of the R\S are points of continuity of f . As an exam-
ple, consider the function that is 1 on the rational numbers and 0 everywhere
else. As a function R → R, it is nowhere continuous, but it’s restriction to
the irrational numbers is continuous. Luzin’s theorem still goes a little fur-
ther, and asserts that we can contain the rationals in an open sets of arbitrary
small measure (exercise 14.6).

14.4. Weyl’s Criterion

To get us in the mood for the ergodic theorem, we first look at a much
simpler result which is very often used in number theory. We start with a
result that we need in its proof.
Theorem 14.12 (Weierstrass Approximation Theorem). Given a contin-
uous function f : [0, 1] → R, for every ε > 0, there is a polynomial p such
that for all x ∈ [0, 1], | f (x) − p(x)| < ε.

For readable proofs of this theorem, we refer to [42, 45].

Now, recall the definition of equidistributed (Definition 9.19).
Theorem 14.13 (Weyl’s Criterion). The following are equivalent.
i) The real sequence {xn } is equidistributed modulo 1,
ii) For every continuous function f : R/Z → C,
n−1 Z 1
1
lim ∑ f (xk ) = f dx .
n→∞ n 0
k=1
iii) For all m 6= 0 in Z
n−1
1
lim
n→∞ n
∑ e2πimxk = 0 .
k=0

Proof. Denote χ[a,b] , the characteristic function that is 1 on the interval

[a, b] and 0 elsewhere. Definition 9.19 is equivalent with
n−1 Z 1
1
lim ∑ χ[a,b] (xk ) = χ[a,b] dx = |b − a| . (14.4)
n→∞ n 0
k=1
The real and imaginary parts of a continuous function f can be treated the
same way. So for the sake of simplicity, assume that f is real. Then f can
14.4. Weyl’s Criterion 297

be approximated by finite linear combinations of characteristic functions

on intervals as follows. Let {xi }m i=0 is a partition of the circle R/Z and
ci ∈ [xi , xi+1 ], then for any ε > 0, we can choose a fine enough partition so
that
m
fm (x) = ∑ f (ci ) χ[xi ,xi+1 ] (x) and | f (x) − fm (x)| < ε .
i=0
Such functions are also Riemann integrable, the latter integral defined as
Z 1 Z 1 m
f dx = lim fm dx := lim ∑ f (ci ) (xi+1 − xi ) .
0 m→∞ 0 m→∞
i=0
Finally, since summation is linear, (14.4) says that also
n−1 m
1
lim ∑ fm (xk ) = ∑ f (ci ) (xi+1 − xi ) .
n→∞ n
k=1 i=0
implying that (i) and (ii) are equivalent.
Let p be an arbitrary complex polynomial defined on the unit circle S
in the complex plane. Then
n−1 n−1 M
1 1
∑ p(xk ) = ∑ ∑ am e2πixk .
n k=1 n k=1 m=−M
Item (ii) says that this must be equal to
Z 2π M
··· = ∑ am e2πix dx = a0 .
0 m=−M
This can only happen if (iii) holds.
Finally, we prove that (iii) implies (ii). Let S be the unit circle parametrized
by z = e2πix in the complex plane. Let f : S → R. According to Theorem
14.12, for any ε > 0 there is a polynomial pM (z) = ∑M m=−M am e
2πix such

that | f (z) − pM (z)| < ε and thus

Z 2π Z 2π Z 2π
2πix dx 2πix dx dx
f (e ) − pM (e ) = f (e2πix ) − a0 < ε .
0 2π 0 2π 0 2π
Item (iii) now implies that
" #
1 n−1 2πixk
M
2πixk 1 n−1
lim
n→∞ n
∑ f (e ) − ∑ am e = lim
n→∞ n
∑ f (e2πixk ) − a0 < ε .
k=1 m=−M k=1
298 14. The Birkhoff Ergodic Theorem

Comparison of the last two inequalities yields the implication. If f is complex-

valued, we repeat the same reasoning for the real and imaginary parts sepa-
rately. 

If there is an ergodic map T so that T (xi ) = xi+1 and that preserves the
Lebesgue measure, then of course, item (ii) follows from Corollary 9.10,
which says that time averages equal space averages. The standard example
of this is T (xk+1 ) = xk + ρ where ρ is irrational, as we discussed at length
in Chapter 10. However, it is still amusing to give a very simple and direct
proof of this based Weyl’s criterion.
Indeed, it requires no more than than summing a geometric series to
see that
n−1 n−1
1 e2πimx0 e2πimx0 e2πimnρ − 1
n ∑ e2πimxk = n ∑ e2πimkρ = n
· 2πimρ
e −1
.
k=0 k=0

Since ρ is irrational and m 6= 0, we have that e2πimρ − 1 6= 0, and so the

factor 1/n drives the limit to zero. (If m = 0 the left hand side immediately
yields one).

14.5. Proof of Birkhoff’s Ergodic Theorem

Our proof is based on [38] [section 9]. We start by defining some notation.
We will denote iterates under T by subscripts.
T (x0 ) = x1 , T (T (x0 )) = T 2 (x0 ) = T (x1 ) = x2 , ···
and so on. We also define the sums
n
Snf (x0 ) = ∑ f (T i (x)) .
i=1

Remark 14.14. In this section, we work in a measure space (X, Σ, µ). We

stipulate that T : X → X is a measurable transformation that preserves the
measure µ and that f : X → R (or C) is an arbitrary µ-integrable function.
Proposition 14.15 (Maximal Ergodic Theorem). If for µ-almost every x,
n(x) R
there is an n(x) such that S f (x) ≥ 0 (≤ 0), then f dµ ≥ 0 (≤ 0).

Proof. Note that this statement holds for f with “≥” if and only if it holds
for g = − f with “≤”. So it is sufficient to prove only the ≥ version.
14.5. Proof of Birkhoff’s Ergodic Theorem 299

k
n
Sf (x )
0
N−k p N

Figure 71. A plot of Snf (x0 ) for some fixed x0 for n ∈ {0, · · · , N}.

First assume that n(x) is bounded (for almost all x) by some k > 0.
Then no matter how large we take N, there is some p(x) in {N − k, · · · , N}
p(x)
such that S f (x) ≥ 0 (see Figure 71). We then have for µ-almost all x0
p(x0 ) N−p(x0 ) N−p(x0 )
SNf (x0 ) = S f (x0 ) + S f (x p ) ≥ −S| f | (x p ) ≥ −S|kf | (xN−k ) .
Therefore for µ-almost all x
N N
∑ f (T i (x)) ≥ − ∑ f (T i (x)) .
i=1 i=N−k+1
Bearing in mind that µ is invariant, we integrate this inequality. So by
Lemma 10.1, f (T i (x)) dµ = f (x) dµ(x) and similarly for | f |. In this
R R
R R
way we obtain, after integrating, that N f dµ ≥ −k | f | dµ. But since
R
we may take N arbitrarily large, it follows that f dµ ≥ 0.
Let 
f (x) if n(x) ≤ k

fk (x) =
 0 else
We have | fk | ≤ | f | and so the fk are dominated by | f | and since f is µ-
integrable, so are the fk . Since the fk converge pointwise to f , we have
Z Z
f dµ = lim fk dµ ≥ 0 ,
k→∞
by dominated convergence (Theorem 14.9). 

We will need the contra-positive of this result. Here it is explicitly.

R
Corollary 14.16. Suppose f dµ < 0 (> 0), then there is a set S of positive
µ-measure such that for all x in S, Snf (x) < 0 (> 0) for all n.
300 14. The Birkhoff Ergodic Theorem

Under the hypotheses of remark 14.14, the statement of Theorem 9.8

is as follows.
Theorem 14.17 (Birkhoff or Pointwise Ergodic Theorem). Let µ be a
probability measure. The limit of the time average
n−1
1
h f i(x) := lim ∑ f (T i (x))
n→∞ n i=0
is defined on a set of full measure. It is an integrable function and satisfies
(wherever defined)
Z Z
h f i(T x) = h f i(x) and h f i(x) dµ = f (x) dµ .
X X

Proof. We want to compute the limit of the time average of f . So let

1 1
h f i+ (x) = lim sup Snf (x) and h f i− (x) = lim inf Snf (x) .
n→∞ n n→∞ n

By Lemma 14.5 and the comments immediately prior to it, h f i± are mea-
surable functions. First suppose they are bounded. Then they are also inte-
grable, because µ(X) = 1.
Suppose that the following statement is false:
Z Z
h f i− dµ ≥ f dµ .

Since h f i± and µ(X) are bounded, there must be an ε > 0 so that

Z Z Z
h f i− dµ < ( f − ε) dµ =⇒ (h f i− − f + ε) dµ < 0 .
By the contrapositive of the maximal ergodic theorem, this gives that there
are (a positive measure of) x so that Shnf i− − f +ε (x) < 0 for all n. Now it is
easy to see that Snf +g = Snf + Sgn and that h f i− is invariant along orbits. Thus
for any such x, we obtain that
1
nh f i− (x) − Snf (x) + nε < 0 or h f i− (x) < Snf (x) − ε .
n
Now if we take the lim inf as n → ∞ on both sides, we arrive at a contradic-
tion. Thus establishes that
Z Z
h f i− dµ ≥ f dµ . (14.5)
14.5. Proof of Birkhoff’s Ergodic Theorem 301

In a similar way (exercise 14.14), one derives that

Z Z
f dµ ≥ h f i+ dµ . (14.6)

Putting (14.5) and (14.6) together shows that if h f i± are bounded, then the
average has the desired properties.
Now we drop the hypotheses that h f i± are finite. So let
Xn := {x ∈ X : −n ≤ h f i− (x) ≤ h f i+ (x) ≤ n} .
T maps Xn to itself and so all hypotheses hold and therefore the above con-
clusion holds for all Xn , and thus for X∞ = ∪n Xn . We are done if X\X∞ has
µ-measure zero. Now Xn is measurable because h f i± are, and so X∞ and
its complement are also measurable. Suppose the complement has positive
measure, then since f is integrable, there must be a c > 0 so that
Z
(c − f ) dµ > 0 .
X\X∞
We apply again the contrapositive of the maximal ergodic theorem, to get
that there must be a (positive measure of) x in X\X∞ so that for all n
n
S(c− f ) (x) > 0 =⇒ nc − Snf (x) > 0 .
But this contradicts the definition of X\X∞ . 

Recall that Corollary 9.10, which in fact says that space averages equal
time averages, follows fairly easily from this theorem. Frequently, it is
that Corollary which one has in mind when referring to Birkhoff’s ergodic
theorem. We repeat that statement here for convenience. Its proof is in
Chapter 9.
Corollary 14.18. A transformation T : X → X that preserves a probability
measure µ has the property that every T invariant set has measure 0 or 1 if
and only if for every integrable function f
n−1
1
Z
lim ∑ f (T i (x)) = f (x) dµ
n→∞ n i=0 X

for all x except possibly on a set of measure 0.

In Section 9.3, we observed that ergodic measures are the building

blocks of chaotic dynamics. Thus transformations where there is a unique
ergodic are especially interesting.
302 14. The Birkhoff Ergodic Theorem

Definition 14.19. A transformation T of a measure space is uniquely ergodic

if there is a unique Borel probability measure with respect to which T is er-
godic.

14.6. Exercises
Exercise 14.1. Let An sets in a space X, and I any (possibly uncountable)
index set.
a) Show that (∩n∈I An )c = ∪n∈I Acn .
b) Show that (∪n∈I An )c = ∩n∈I Acn .
(Note: these two statements are known as the De Morgan laws .)

Exercise 14.2. a) Show that gn (X) = supi≥n fi (x) is non-increasing (in n).
b) Let fn (x) = sin nx. Determine lim supn fn (1). (Hint: use Lemma 10.6).
c) Show that the twin prime conjecture (Conjecture 1.28) is equivalent to
lim infn pn+1 − pn = 2.

Exercise 14.3. a) Give a definition of a measurable function f from a topo-

logical space to C. (Hint: split up the real and imaginary parts and then
follow Section 14.1.)
b) Show that if c is a constant and f measurable, then c f is measurable.
c) Consider the set V in Section 9.1 and show that i is not measurable.
d) Consider the function χV which is 1 on points in V and 0 elsewhere.
Show that χV is not measurable.

Exercise 14.4. Given a measurable function f .

a) Show that in the definition of the Lebesgue integral (9.2), the domains
of f + and f − are measurable.
b) Show that f + and f − are measurable functions.

Exercise 14.5. Explain why Henri Lebesgue wrote the following about his
method of integration (as cited by [23][ page 796]):
“I have to pay a certain sum, which I have collected in my pocket. I take
the bills and coins out of my pocket and give them to the creditor in the
order I find them until I have reached the total sum. This is the Riemann
integral. But I can proceed differently. After I have taken all the money
out of my pocket I order the bills and coins according to identical values
and then I pay the several heaps one after the other to the creditor. This is
my integral.”
14.6. Exercises 303

Exercise 14.6. a) Show that the rational numbers in the unit interval can
be contained in an open set of arbitrarily small measure. (Hint: for
some lambda > 1, put the number p/q in an open interval of length
Cϕ(q)−1 λ −q , where ϕ is the totient function.)
b) Use (a) to show that the rational numbers in R an be contained in an
open set of arbitrarily small measure. (Hint: in each unit interval, choose
an appropriate C as defined in (a).)

Exercise 14.7. In this exercise, we show that the dominated convergence

with Riemann integration cannot be saved even by restricting to continuous
functions f : [0, 1] → [0, 1].
a) Let fn be given as follows, see Figure 72. For every pair ( j, k) with
gcd( j, k) = 1 and so that j/k ∈ [0, 1], define
 
j
hn ( j, k, x) = max 0, 1 − n3 x − and fn (x) := ∑ h( j, k, x) .
k j/k∈[0,1]
gcd( j,k)=1

b) Show that fn is continuous and dominated by g(x) = 1. (Hint: show that

the minimal distance between the centers of any two “triangles” hn ( j, k, x)
defined in (a) is at least
R
1/n2 .)
c) Show that limn→∞ fn dx = 0. (Hint: first give a rough estimate how
many rationals with denominator less than n + 1 there are in the unit inter-
val.)
d) Let r ∈ [0, 1] be an algebraic number of degree at least two. Show that
Roth’s theorem (Theorem 1.20) implies that for all ε > 0
p j c(r, ε)k1−ε
∃ c(r, ε) > 0 such that ∀ ∈Q : ρ− > .
q k n3
e) Show that (d) implies that for every algebraic number r of degree at
least two, limn fn (r) = 0. f) Use exercise 7.14 (e) to show that for this
example dominated convergence does not hold for Riemann integration.
(Hint: show that the Riemann integral of limn fn is not defined.)

1
1/n3 1/n3

0
0 j/k 1

Figure 72. The function fn (in red) in exercise 14.7 is a sum of very
thin triangles with height 1. Each triangle is given by hn ( j, k, x) (in
black).
304 14. The Birkhoff Ergodic Theorem

Exercise 14.8. Let fn (x) = 1/n for x ∈ [0, 1/n] and 0 elsewhere and set
g(x) = 1/x.
a) Show that g dominates
R
the fk .R
b) Show that limk→∞ fk dµ 6= limk→∞ fk dµ.
c) Why do (a) and (b) not contradict Theorem 14.9?
Exercises 14.9 and 14.10 provide an interesting illustration of the dominated
convergence theorem. Generalizing exercise 11.19, for fixed r ≥ 1, consider
the functions gk (x) = kr xk (1 − x) on [0, 1]. Define Gk (x) = supi≤k g(i (x) and
G(x) = supi gi (x).
k
Exercise 14.9. a) Show that gk (x) is increasing on [0, k+1 ] and decreasing
k
on [ k+1 , 1].
 k+1
b) Show that gk has maximum kr−1 k+1 k
≈ kr−1 e−1 . (Hint:
limk→∞ (1 − 1/k)k = e.) n  r o
c) Show that gk−1 (x) = gk (x) iff x ∈ 0, k−1 k , 1 and that
 r   2k
gk k−1
k = kr−1 k−1
k (1 − 1k ) ≈ kr−1 e−2 .
n  r o
k
d) Show that gk (x) = gk+1 (x) iff x ∈ 0, k+1 , 1 and that
 r   2k+2
gk k
k+1
k
= kr−1 k+1 (2 + 1k ) ≈ (k + 1)r−1 e−2 .
 r  r
d) Show that k+1 k
− k−1k ≈ rk−2 . (Hint: compute the first term in
the expansionRof (1 + x)−r − (1 − x)r .)
e) Show that G(x) dx is “sandwiched” between the sum of the areas of
the rectangles like the one shaded red in Figure 73 and the sum of the red
plus the green ones.
f) Conclude that G is integrable iff r < 2.

Exercise 14.10. a) Use exercise 14.9 (f) to show that the dominated con-
vergence theorem implies that for r < 2, we have
Z 1 Z 1
lim gk (x) dx = lim gk (x) dx .
0 k→∞ k→∞ 0
b) What goes wrong for r ≥ 2?
c) Show that
kr
Z 1 Z 1
lim gk (x) dx = 0 and gk (x) dx = .
0 k→∞ 0 (k + 1)(k + 2)
d) Why is (c) consistent with (a) and (b)?
14.6. Exercises 305

g
(k+1) e −2 k+1

k e−2
g
k

g
k−1

0
2
((k−1)/k) (k/(k+1)) 2
0 1

Figure 73. In this figure r = 2. We show the function gk (x) (red) on

[0, 1] and its intersections. The sum of the rectangles like the one shaded
R
in red give a lower bound for Gk dx while the sum of the red and green
rectangles give an upper bound.

Exercise 14.11. Let A be a compact collection of irrational numbers and

and {ni } a sequence of natural numbers so that their partial sums satisfy
k
k
Sk = ∑ ni where lim = 0.
i=1 k→∞ Sk
Create a sequence {xi } of real numbers as follows. Choose an x0 and
set n0 = 0. For i ∈ {1, · · · , n1 , let xi = xi−1 + α1 where α1 ∈ A; for i ∈
{n1 + 1, · · · , n2 }, let xi = xi−1 + α2 where α2 ∈ A; and so on.
a) Show that for any fixed m 6= 0 in Z, there is a εm > 0 so that
max e2πimα − 1 > εm .
α∈A
(Hint: the compactness of the set of irrational numbers is crucial.)
b) Show that
( )
1 Sk −1 2πimxn 1 2πimx0
n1 −1
2πimnα1 2πimxSk−1
nk −1
2πimnαk
∑e = e ∑e +···+e ∑e .
Sk n=0 Sk n=0 n=0
c) Use the geometric series as in Section 14.4 to show that for each sum in
(b), we obtain
n` −1
e2πimn` αk − 1
∑ e2πimnαk = e2πimαk − 1 .
n=0
d) Use (a) to show that
n` −1
∑ e2πimnαk < 2εm−1 .
n=0
e) Use (d) and the condition on the partial sums to show that
Sk −1
1
lim ∑ e2πimxn = 0 .
k→∞ Sk n=0
f) Show that (e) and Weyl’s criterion imply that the sequence {xi } is
k −1
equidistributed modulo 1.(Hint: you need to pass from limk→∞ S1k ∑Sn=0
1 S
to limS→∞ S ∑n=0 ; so vary the value of the last nk .)
306 14. The Birkhoff Ergodic Theorem

Many number theory textbooks state (correctly) that the fractional parts of
f (n) = ln pn are not equidistributed. This is slightly misleading because an
unsuspecting student could be tempted into wondering to what mysterious
distribution the numbers the fractional parts of ln pn deign themselves to
converge to? The answer — perhaps somewhat disappointingly — is that
the logarithm increases so slowly that in fact those numbers do not converge
at all as we show in exercises 14.12 and 14.13. We denote the fractional of x
by {x}. For a slowly increasing function f : N → R and an interval I ⊂ [0, 1],
we define the “hitting frequency” as follows:
#{{ f (i)} ∈ I for i ∈ {1, · · · , n}}
F(0, n) := .
n
Note that if the fractional parts of { f (n)} converge to any distribution what-
soever, then there is a c ∈ [0, 1] so that limn→∞ F(0, n) = c.
Exercise 14.12. In this exercise, we set f (n) := ln n and let J = [α, α +
δ ) ⊂ [0, 1] be an arbitrary interval. For K ∈ N and nK , choose n0K so that
f (nK ) ≤ K + α < f (nK + 1) and f (n0K ) ≤ K + α + δ < f (n0K + 1) .
a) Show that
n0K
lim = eδ .
K→∞ nK
b) Show that (see Figure 74)
n0K F(0, n0K ) ≈ nK · c + (n0K − nK ) · 1 .
c) Show that
lim F(0, n0K ) − F(0, nK ) = (1 − c)(1 − e−δ ) .
K→∞
d) Conclude that the fractional parts of f (n) = ln n do not converge to any
distribution.

K+1

f(x)
K+J

x
n n’
K K

Figure 74. A schematic illustration of the quantities defined in exer-

cises 14.12 and 14.13.
14.6. Exercises 307

Exercise 14.13. In this exercise, we set f (n) := ln pn , where pn are the

primes. The definitions of J, nK , and n0K are as in exercise 14.12.
a) Recall the prime counting function (defined in Theorem 2.21) and show
that    
nK = π eK+α and n0K = π eK+α+δ .
b) Use Chebyshev’s theorem (Theorem 12.7) to show that there are positive
a and b (with a < b) so that for large enough K,
n0K
 
a b
∈ , .
nK b a
c) Use the reasoning of exercise 14.12 to show that the fractional parts of
f (n) = ln pn do not converge to any distribution.

Exercise 14.14. See the proof of Theorem 14.17.

a) Show that Snf +g = Snf + Sgn .
b) Show that h f i− is invariant along orbits.
c) Use (a) and (b) to show that Shnf i− − f +ε (x) = nh f i− (x) − Snf (x) + nε.
d) Use (a), (b), and (c) to deduce a contradiction from
 
1 n
lim infh f i− (x) < lim inf S f (x) − ε .
n→∞ n→∞ n

Exercise 14.15. See the proof of Theorem 14.17.

a) Show that T maps Xn to itself.
b) Use the results in Section 14.1to show that X\X∞ is measurable.
c) Show
R
that under the hypotheses of the proof, there must be a c > 0 so
that X\X∞ (c − f ) dµ > 0.

1
"3" "2" "1"

0
0 1/3 1/2 1

Figure 75. A few branches of the Lüroth map of exercise 14.16. The
names of the branches are as indicated in the figure.
308 14. The Birkhoff Ergodic Theorem

Exercise 14.16. The Lüroth map T : [0, 1) → [0, 1) is defined by


n(n + 1)x − n, 1 1
if x ∈ [ n+1 , n)
T (x) =
 0 if x = 0
where n ≥ 1.
a) Show that T preserves the Lebesgue measure and is ergodic. (Hint: see
Corollary 10.10.)
1
b) Show that for almost all x, the digit k has a frequency of k(k−1) in the
expansion of x for k ≥ 2.
c) Show that almost all x have Lyapunov exponent (Definition 10.18)
∞
ln k(k + 1)
λ (x) = ∑ ≈ 2.05 .
k=1 k(k + 1)
(Hint: see exercise 10.24.)

Exercise 14.17. This exercise relies on exercise 14.16 and Section 6.6. Let
bk (x) : Ik → [0, 1) be the branch of T k such that x ∈ Ik , then the kth conver-
gent [a1 , · · · , ak ] of x is the (unique) endpoint of Ik that maps to zero under
T k (see Proposition 6.14). The branches of T are labeled as indicated in
Figure 75. For simplicity, we note (without proof) that the kth convergent
is always a rational number also denoted by pk /qk . The Lüroth expansion
of a number x ∈ [0, 1) is the list [a1 , a2 , · · · ] where ai is the label of the
branch in whose domain T i (x) is located. For more details, see [8].
a) Show that
p
x − k < |Ik | ,
qk
where |Ik | is the length of Ik .
b) Show that T k : Ik → [0, 1) is an affine bijection.
c) Show that
p
|Ik+1 | < x − k < |Ik | ,
qk
(Hint: bk maps Ik affinely onto [0, 1) (see Figure 76) and so the sub-
intervals of Ik have the same proportions as the sub-intervals of the unit
interval in the Lüroth map of Figure 75.)
d) Use (b) to show that
k−1
1
ln = ∑ ln DT (T j (x)) .
|Ik | j=0
(Hint: see exercise 10.22.)
e) Use (c) and (d) to show that
1 p
lim ln x − k = −λ (x) ,
k→∞ k qk
where λ (x) is the Lyapunov exponent of T at x.
14.6. Exercises 309

x
0
pk /q k I k+1
Ik

Figure 76. A few branches of the k + 1st iterate of the Lüroth map T
restricted to the interval Ik . In red a branch of T k and in black a few
branches of T k+1 .

Exercise 14.18. This exercise is based on exercises 14.17 and 14.17.

a) Compare the almost everywhere convergence of the continued fraction
convergents with the Luroth convergents. (Hint: one is alternating and
converges faster.)
b) Can you venture an intuitive explanation for the faster convergence?
(Hint: look at T 2 in both cases.)

Exercise 14.19. Two measures ν and µ are said to be in the same measure
class if they have the same sets measure zero sets. Suppose we fix a mea-
sure class and are given that there is an (unknown) ergodic measure in this
class.
a)
R
Given a set S and its characteristic function χS . Show that µ(S) =
χS dµ.
b) Use (a) and Corollary 14.18 to show that
n−1
1
µ(S) = lim ∑ f (T i (x)) .
n→∞ n i=0
c) Show that this determines the measure µ.
d) Show that if there was another ergodic measure ρ, then it would live
entirely in the sets of µ-measure zero. (Hint: see Corollary 9.12.)
Sometimes the definition of ergodicity Definition 9.9 is replaced by the ap-
parently stronger one given below. In exercise 14.20, we show that these
are in fact equivalent.
Definition 14.20. A transformation T of a measure space X to itself is
called weakly ergodic (with respect to µ) if it preserves the measure µ and
310 14. The Birkhoff Ergodic Theorem

if every weakly invariant set has measure 0 or 1. (A set S ⊆ X is called

weakly invariant if T −1 (S) = S up to µ-measure zero.)

Exercise 14.20. a) Show that weakly ergodic implies ergodic. (Hint: this
is trivial.)
b) Now assume that T is ergodic with respect to the measure µ, and let S0
be a weakly invariant set of positive measure. Show that S = ∩∞ −i
i=0 T (S0 )
is invariant.
c) Set Sn = ∩ni=0 T −i (S0 ) and ∆n = Sn \Sn+1 . Show that µ(S0 ) = µ(S) +
∑∞i=0 µ(∆i ). (Hint: use Definition 14.3.)
d) Show that if x ∈ ∆n , then T n x ∈ S0 but T n x 6∈ T −1 S0 .
e) Use (c) and (d) to show that µ(∆n ) = 0 and thus µ(S0 ) = µ(S).
f) Use ergodicity to show that µ(S0 ) has full measure.

Exercise 14.21. For this exercise, assume that the linear combinations of
the functions e2πinx are dense in the set of integrable function on the circle
or L1 (R/Z).
a) Show that the Lebesgue measure is ergodic and measure preserving if
and only if for all m 6= 0 in Z
n−1
1 k
lim
n→∞ n ∑ e2πimT (x) = 0 .
k=0
(Hint: use the proof of Corollary 14.13.) b) Show that T in (a) is ergodic
if and only if {T k (x)} is equidistributed.
We saw in Section 9.4 that a given transformation T may have uncountably
many coexisting invariant measures. The Krylov-Bogoliubov theorem (see
[31]) states that a continuous map T from a compact metric space to itself
has an (at least one) invariant probability measure. Exercise 14.22 gives a
counterexample if we drop continuity.
14.6. Exercises 311

Exercise 14.22. T : [0, 1] → [0, 1] is given by T (x) = x/2 if x ≥ 0 and

T (0) = 1. Assume that there exists an invariant probability measure µ sat-
isfies µ(T −1 (A)) = µ(A) and such that µ is defined on all open sets.
a) Show that if µ((1/2, 1)) = p > 0, then µ((0, 1)) is unbounded, a con-
tradiction. (Hint: use Definition 14.3.)
b) Show that (a) implies that all measure must be concentrated on the points
{2−i }∞i=0 and {0}.
c) Show that if any of the points in (b) carry positive measure, then we also
get a contradiction. (Hint: similar to (a).)
d) Conclude that it is impossible to consistently assign an invariant mea-
sure to open sets.
e) Show that there does exist an invariant measure on the trivial sigma alge-
bra. (Hint: what is the smallest σ -algebra possible under Definition 14.1?)

Exercise 14.23. T : [0, 1] → [0, 1] is given by T (x) = x/2.

a) Show that T has a unique invariant probability measure, namely
µ({0}) = 1. (Hint: use the strategy of exercise 14.22.)
b) Show that with respect to the measure in (a), T is ergodic.
c) Show that T is uniquely ergodic (Definition 14.19).

Proposition 14.21. Suppose T : X → X where X is a compact, metric space.

If T has a unique invariant Borel probability measure µ, then that measure
is the unique ergodic measure for T .

Exercise 14.24. We prove Proposition 14.21 as in [31] [Section 4.1]. For

any measurable set A, define the conditional measure µA as
µ(A ∩ B)
µA (B) = .
µ(A)
Assume that there is an invariant measurable set S with 0 < µ(S) < 1.
a) Show that µS is an invariant measure.
b) Show that µX\S is an invariant measure.
c) Show that the measures in (a) and (b) are distinct. (Hint: what is the
measure of S?)
d) Show that (c) contradicts the hypothesis of Proposition 14.21.
Bibliography

[1] Odlyzko A. M., On the distributionof spacings between zeros of the zeta function, Mathematics of
Computation 48 (1987), 1003–1026.
[2] M. Aigner and G. M. Ziegler, Proofs from the book, 6th edition, Springer Verlag, Providence, RI, 2018.
[3] T. M. Apostol, Mathematical analysis, 2nd edn, Addison-Wesley, Philippines, 1974.
[4] , Introduction to analytic number theory, Springer Verlag, New York, 1989.
[5] V. I. Arnold, Geometrical methods in the theory of ordinary differential equations, Springer Verlag,
New York, 1983.
[6] S. Axler, Linear algebra done right, 3rd edition, Springer International Publishing, Cham, Switzerland,
2015.
[7] , Measure, integration & real analysis, Springer Nature Switzerland, Cham, Switzerland, 2020.
[8] L. Barreira and G. Iommi, Frequency of digits in the lüroth expansion, Journal of Number Theory
(2009), 1479–1490.
[9] C. M. Bender, D. C. Brody, and M. P. Müller, Hamiltonian for the zeros of the riemann zeta function,
Phys. Rev. Lett. 118 (2017Mar), 130–201.
[10] A. Berger and T. P. Hill, Benford’s law strikes back: No simple explanation in sight for mathematical
gem, Mathematical Intelligencer (2011), 85–91.
[11] P. Berrizbeitia and B. Iskra, Gaussian mersenne and eisenstein mersenne primes, Mathematics of Com-
putation 79 (2010), 1779–1791.
[12] M. V. Berry and J. P. Keating, The riemann zeros and eigenvalue asymptotics, SIAM Review 41 (1999),
236–266.
[13] I. Boreico, My favorite problem: Linear independence of radicals, The Harvard College Mathematics
Review (2007), 83–87.
[14] Y. Bugeaud, Distribution modulo one and diophantine approximation, Cambridge University Press,
Cambridge, UK, 2012.
[15] D. M. Burton, Elementary number theory, 7th edition, McGraw-Hill, New York, NY, 2011.
[16] G. Cantor, Über eine elementare frage der mannigfaltigkeitslehere 1 (1890), 75–78.
[17] J. S. Caughman, 2018. Personal communication.
[18] D. A. Clark, A quadratic field which is euclidean but not norm-euclidean, Manuscripta Mathematica
83 (1994), 327–330.
[19] I. P. Cornfeld, S. V. Fomin, and Ya. S. Sinai, Ergodic theory, Springer-Verlag, New York, NY, 1982.

313
314 Bibliography

[20] J. Esmonde and M. Ram Murty, Problems in algebraic number theory, Springer, New York, NY, 1999.
[21] B. Fornberg and C. Piret, Complex variables and analytic functions, an illustrated introduction, SIAM,
Philadelphia, 2020.
[22] W. J. Gilbert, Modern algebra with applications, John Wiley & Sons, New York, 1976.
[23] T. Gowers, The princeton companion to mathematics, Princeton University Press, Princeton, NJ, 2008.
[24] A. Granville, Number theory revealed: a masterclass, AMS, Providence, RI, 2019.
[25] Dumas H. S., The kam story: A friendly introduction to the content, history, and significance of classi-
cal kolmogorov-arnold-moser theory, World Scientific, Singapore, 2014.
[26] G. H. Hardy and E. M. Wright, An introduction to the theory of numbers, sixth edition, Oxford Uni-
versity Press, London, UK, 2008.
[27] Th. W. Hungerford, Algebra, Springer Verlag, New York, 1974.
[28] H. S. Zuckerman I. Niven and H. L. Montgomery, An introduction to the theory of numbers, Wiley &
Sons, New York, NY, 1991.
[29] I. Kaplansky, Set theory and metric spaces, 2nd edition, AMS Chelsea Publishing, Providence, RI,
2001.
[30] D. Katahdin, 2018. Personal communication.
[31] A. Katok and B. Hasselblatt, Cambridge, UK.
[32] A. Ya. Khintchine, Continued fractions, P. Noordhoff, Ltd, Groningen, 1963.
[33] A. N. Kolmogorov and S. V. Fomin, Introductory real analysis, Dover, New York, NY, 1970.
[34] J. E. Littlewood, Lectures of the theory of functions, Oxford University Press, Oxford, UK, 1944.
[35] J. E. Marsden and M. J. Hoffman, Basic complex analysis, 3rd edn, W. H. Freeman, New York, NY,
1999.
[36] Wolfram MathWorld, Mertens constant. Available online at: https://mathworld.wolfram.
com/MertensConstant.html.
[37] F. Mertens, Ein beitrag zur analytischen zahlentheorie, J. reine angew. Math. 78 (1874), 46–62.
[38] J. W. Milnor, Dynamics: Introductory lectures, University of Stony Brook, 2001.
[39] C. M. Moore, Ergodic theorem, ergodic theory, and statistical mechanics, PNAS 112 (2015), 1907–
1911.
[40] J. R. Munkres, Topology, 2nd edition, Prentice-Hall, Hoboken, NJ, 2000.
[41] D. J. Newman, Simple analytic proof of the prime number theorem, The American Mathematical
Monthly 97 (1980), 693–696.
[42] Fitzpatrick P. M., Advanced calculus. a course in mathematical analysis, PWS Publishing Company,
Boston, 1996.
[43] C. C. Pinter, A book of abstract algebra, 2nd edition, Dover, New York, 1990.
[44] C. Pomerance, J. L. Selfridge, and S. S. Wagstaff, The pseudoprimes to 25 · 109 , Mathematics of Com-
putation 35 (1980), 1003–1026.
[45] C. C. Pugh, Real mathematical analysis, 2nd edn, Springer, Cham, Switzerland, 2015.
[46] B. Riemann, Ueber die anzahl der primzahlen unter einer gegebenen grösse, Monatsberichte der
Berliner Akademie (1859).
[47] S. Roman, An introduction to discrete mathematics, Harcourt Brace Jovanovich, Orlando, FL, 1989.
[48] W. Rudin, Real and complex analysis, 3rd edn, McGraw-Hill International, New York, NY, 1987.
[49] J. H. Shapiro, 2020. Informal Lecture Notes.
[50] C. L. Siegel, Algebraische abhängigkeit von wurzeln. (german), Acta Arith. 21 (1972), 59–64.
[51] I. Soprounov, A short proof of the prime number theorem for arithmetic progressions, Journal of Num-
ber Theory (2010).
[52] H. M. Stark, On the gap in the theorem of heegner, Journal of Number Theory 1 (1) (1969), 16–27.
[53] S. Sternberg, Dynamical systems, revised in 2013, Dover Publications, United States, 2013.
Bibliography 315

[54] I. Stewart and D. Tall, Algebraic number theory and fermat’s last theorem, third edition, A K Peters,
Natick, MA, 2002.
[55] J. Stillwell, Mathematics and its history, third edition, Springer, New York, NY, 2010.
[56] S. Sutherland, V’ir Tbg n Frperg. Available online at: https://www.math.sunsysb.edu/
˜scott/papers/MSTP/crypto.pdf.
[57] J. J. P. Veerman, Symbolic dynamics of order-preserving sets, Physica D 29 (1986), 191–201.
[58] , Symbolic dynamics and rotation numbers, Physica A 134 (1987), 543–576.
[59] , The dynamics of well-ordered orbits, Autonomous University of Barcelona, Barcelon, SP,
1995.
[60] R. A. Wilson, An example of a pid which is not a euclidean domain. Robert A. Wilson’s website,
accessed in December 2021.
[61] D. Zagier, Newman’s short proof of the prime number theorem, The American Mathematical Monthly
104 (1997), 705–708.
Index

Bε (x), 199 dθ e, 22
F((x)), 128 bθ c, 22
F/E, 135 µ(n), 61
I(n), 66 ω(n), 62, 75
L-function, 271 ϕ(n), 64
L-series, 271 π(x), 31
L(χ, z), 270 ψ(x), 256
Mq,a (n), 285 Resm (a), 5
R(x), 128 σ -algebra, 289
R[[x]], 128 σk (n), 60
R[x], 128 τ(n), 61
Zq,a (z), 273 Frac(R), 167
[F : E], 136 θ (x), 240
C[x], 8 ζ (z), 30
F p , 89 {1, 2, · · · b − 1}N , 12
Λ(n), 255 {θ }, 22
Ω(n), 62 a | b, 4
Φ(z), 240 ak k b, 242
Φq,a (z), 273 deg( f ), 8
Πq,a (x), 273 1(n), 66
Q[x], 8
R[x], 8 Abel summation, 250
Θq,a (z), 273 Abelian group, 87
Z(γ), 138 absolute convergence, 218
Z[x], 8 absolutely continuous measure, 187
χ1 , 270 absolutely normal, 192
ε(n), 62, 66 absorbs products, 128
γ, 251 additive function, 62
ind p (x), 279 additive order, 78
λ (n), 75 affine cipher, 94

317
318 Index

agonizingly slow, 288 Chinese remainder theorem, generalized,

algebraic extension, 132 56
algebraic integer, 8 closed, 87
algebraic number, 8 closed set, 177
algebraic number theory, 123 closest return, 109
aliquot sequence, 72 cluster points, 217
amicable numbers, 71, 72 commutative, 74, 87
analytic at z0 , 216 commutative ring, 88
analytic continuation, 231 companion matrix, 137
angle multiplications, 197 complete set of least residues, 91
arithmetic function, 59 complete set of residues, 78
arithmetic progression, 263 completely additive function, 62
ascending chain of ideals, 163 completely multiplicative function, 59
aspiring numbers, 72 composite, 4, 5
associative, 74, 87 conditional measure, 311
axiom of choice, 177 conformal, 233
congruent, 5
Bézout’s Lemma, 23 conjugate, 140, 142
Baker-Heegner-Stark theorem, 167 continued fraction approximants, 102
base, 279 continued fraction coefficients, 102
Benford’s law, 214 continued fraction convergents, 102
Bertrand’s Postulate, 254 continued fraction expansion, 101
binomial theorem, 94 contrapositive, 79
Birkhoff Ergodic Theorem, 181, 300 cool, 66
Borel measure, 290 countable, 10
Borel sets, 178 countably infinite, 10
branch cut, 217, 233 cyclic group, 263
branch point, 217
De Morgan laws, 302
can of worms, 90 degree, 8
Cancellation Theorem, 24, 152 degree of an extension, 136
Cantor function, 190 dense, 6
cardinality, 14 density, 281, 283
cardinality of a finite set, 14 density of a measure, 187
Carmichael number, 83 density of a set, 198
Casorati-Weierstrass Theorem, 234 Devil’s staircase, 190
Catalan number, 96 diagonal argument, 11
Catalan-Dickson conjecture, 72 dimension, 136
Cauchy’s Integral Formula, 220 Diophantine equation, 41
Cauchy’s Theorem, 218 Dirichlet L-function, 270
Cauchy-Riemann equations, 233 Dirichlet L-series, 270
ceiling function, 22 Dirichlet character modulo q, 270
Champernowne number, 193 Dirichlet convolution, 66
character of a group, 266 Dirichlet density, 282
Chebyshev function, 256 Dirichlet inverse, 97
Chebyshev’s Theorem, 244 Dirichlet ring, 74
Chinese Remainder Theorem, 50 Dirichlet series, 67
Dirichlet’s Theorem, 281
Index 319

discrete Fourier transform, 278 field of fractions, 167

discrete Fourier Transform, inverse, 278 field of quotients, 167
discrete measure, 188 finite, 10
distortion, 203 finite extension, 132
distributive, 74, 88 finitely generated, 313
division algorithm, 23 first Chebyshev function, 240
divisor, 4, 89 floor function, 22
domain, 152, 215 formal expression, 101
dominated convergence theorem, 294 Fourier transform, 278
dynamical system, 101 Fourier transform, inverse, 278
fractional part, 22
Egorov’s theorem, 291 free Abelian group, 313
eigenpair, 136 fundamental domain, 158
Eisenstein integers, 161 Fundamental Homomorphism Theorem,
Eisenstein Mersenne primes, 170 131
elementary, 34 Fundamental Theorem of Algebra, 58,
emphasis, 46 228, 229
empty product, 155 fundamental theorem of arithmetic, 25
encryption, 93 fundamental theorem of finite Abelian
entire function, 216 groups, 263
equidistribution, 193
equivalence relation, 14 Gauss map, 99
Eratosthenes’ sieve, 5 Gauss’ lemma, 127
ergodic transformation, 182 Gauss’ Theorem, 64
essential singularity, 217 Gaussian integers, 156
Euclid numbers, 36 Gaussian Mersenne primes, 170
Euclid’s division lemma, 23 Gaussian Primes, 168
Euclid’s Lemma, 24 general solution, 46
Euclidean algorithm, 42 generators of a group, 313
Euclidean domain, 154 golden mean, 54, 102
Euclidean function, 154 golden spiral, 55
Euclidean ring, 154 greatest common divisor, 4, 37, 49, 150,
Euler’s phi function, 64 159
Euler’s Product Formula, 30 greatest common divisor, polynomial,
Euler’s Theorem, 85 51, 124
Euler’s totient function, 64 greedy algorithm, 52
Euler-Mascheroni constant, 251 group, 87
evaluation map, 134
extension field, 132 Hermitian inner product, 265
holomorphic, 216
fat Cantor set, 190 homogeneous, 46
Fermat number, 84 hush-hush, 74
Fermat prime, 84
Fermat’s little theorem, 81 ideal, 128
Fibonacci numbers, 54–56, 102 ideals, addition, 129
field, 89 ideals, multiplication, 129
field extension, 132 identity, 87
field norm, 140 inclusion-exclusion, 73
index, 279
320 Index

indicator function, 272 Liouville number, 10

Infinitude of Primes, 28 Liouville’s Theorem, 8
inhomogeneous, 46 Liouville’s theorem, 234
inner product, 265 Little Picard, 234
integer, 4, 6 logarithm, useful properties of, 209
integers of Q(γ), 138 Luzin’s theorem, 295
integrable function, 180 Lyapunov exponent, 212
integral domain, 152
integration by parts, 241 Möbius inversion, 63
invariant measure, 181 Möbius function, 61
invariant set, 182 Maximal Ergodic Theorem, 298
inverse, 87 maximal ideal, 129
invertible element, 89 measurable function, 179, 290
irrational number, 6 measurable sets, 177
irreducible, 5, 149 measurable space, 179
irreducible polynomial, 50, 124 measure, 179, 290
isolated singularity, 216 measure preserving, 181
iterates, 298 measure space, 180
Meissel-Mertens constant, 286
Jensen’s inequality, 210 meromorphic, 217
Mersenne number, 84
kernel of a ring homomorphism, 130 Mersenne prime, 84
key, 93 Mertens constant, 286
Khinchin’s constant, 205 Mertens’ Theorems, 286
Kronecker product, 136 middle third Cantor set, 16
Krylov-Bogoliubov theorem, 310 middle third set Cantor set, 190
Lüroth expansion, 308 minimal polynomial, 8, 50, 124
Lüroth map, 308 modular arithmetic, 5, 77
Lévy’s constant, 206 modular exponentiation, 82
Lagrange’s Theorem, 173 module, 139
Lamé’s theorem, 54 modulo, 5
Lambert series, 67 Morera’s Theorem, 223
laplace transform, 225 multiple, 4
Laurent series, 128 multiplicative cipher, 93
least common multiple, 4, 37, 49, 150, multiplicative function, 59
159 multiplicative order, 78
least common multiple, polynomial, 51, multiplicative unit, 5
124 multivalued, 233
least residue, 91 mutually singular measures, 183
Lebesgue Decomposition, 187 name-calling, 123
Lebesgue density theorem, 199 natural boundaries, 217
Lebesgue integral, 180 natural density, 281, 283
Lebesgue measurable sets, 178 Nielsen-Schreier theorem, 314
Lebesgue measure, 179 Noetherian domain, 314
Lebesgue’s dominated convergence non-unit, 5
theorem, 294 norm, 140
left module, 139 normal in base b, 192
Liouville λ -function, 75
Index 321

normal subgroup, 142 reducible, 4, 5, 149

number theoretic function, 59 region, 215
relatively prime, 5
open set, 177 removable singularity, 216
order, 77 residue, 5, 237
order of a modulo b, 78 Riemann Hypothesis, 32
orthonormal basis, 265 Riemann zeta function, 30
outer measure, 178 Riemann-Stieltjes integral, 240
partial integration, 241 right module, 139
particular solution, 46 ring, 88
Pell’s equation, 172 ring homomorphism, 130
perfect number, 71, 84 ring isomorphism, 130
Perron-Frobenius operator, 196 ring of polynomials, 124
Picard Theorem, 234 rng, 89
PID, 163 Roth’s Theorem, 10
plain text, 93 second Chebyshev function, 256
pointwise convergence, 291 sequences, 59
Pointwise Ergodic Theorem, 181, 300 sigma algebra, 289
pole of order k, 217 simple pole, 217
power set, 17 simple, closed curve, 218
prime, 4, 5, 149 singular continuous measure, 188
prime counting function, 31 Skewes number, 32
prime gap, 254 sociable numbers, 72
Prime Number Theorem, 31, 250 sophistry, 27
Prime Number Theorem for Arithmetic square free, 36, 61
Progressions, 117 square full, 36
Prime Number Theorem for arithmetic Stirling’s formula, 251
progressions, 276 Stokes’ theorem, 219
prime omega functions, 62 sub-additivity, 179
prime polynomial, 124 sum of divisors, 60
prime zeta function, 282
primitive element, 135 Tauberian theorem, first version, 225
primitive element theorem, 135 Tauberian theorem, second version, 258
primitive root, 79 Taylor series, 224
principal character, 266 Taylor’s Theorem, 224
principal ideal, 129 time average equals spatial average, 182
principal ideal domain, 163 Titchmarsh’s convolution theorem, 148
probabilistic number theory, 175 tower of fields, 144
probability measure, 180 trace, 140
pseudoprime to the base b, 83 transcendental extension, 132
punctured neighborhood, 216 transcendental number, 8
pushforward of a measure, 181 twin prime conjecture, 14
twin primes, 14
quadratic congruences, 95
UFD, 153
Radon-Nikodym, 187 uncountable, 10
rational number, 6 uniform absolute convergence, 217
reduced set of residues, 78 unique factorization domain, 153
322 Index

unique factorization theorem, 26

uniquely ergodic, 302
unit, 5, 89
untouchable numbers, 72

vector space, 134

Veerman, 3
von Mangoldt function, 255

weakly ergodic transformation, 309

weakly invariant set, 310
Weierstrass M test, 217
Weierstrass approximation theorem, 296
well-ordering principle, 6
Weyl’s criterion, 296
Wilson’s theorem, 90
word, 12

zeta function, 30