Gabriel Dospinescu -Teoria Numerelor

7/22/2019 Gabriel Dospinescu -Teoria Numerelor

1/123

An introduction to number theory

Gabriel Dospinescu, A.M.S.P 2012

July 6, 2012

1


2/123

1 Lectures 1 and 2: Making sense of abstract nonsense

This first lecture introduces a few basic definitions of abstract algebra (much more is to come

in the next lectures...) and gives examples of fundamental rings in number theory. Most ofthis course will try to give a glimpse on their structure and will explain how they are relatedto more down to earth problems in number theory.

1.1 Some dry definitions

Agroupis just a set enhanced with a multiplication rule, satisfying some natural properties.More precisely, suppose that G is a set and that: G GG is a map such that

We have (a b) c= a (b c)for all a, b, cG. There is an element 1G such that a 1 = 1 a= a for all aG. For any aG one can findbG such that ab = ba = 1.We say that (G,

) is a group. Most of the time the operation

will be obvious and so

well simply say that G is a group. Also, I will writeab instead ofa b. The elementb inthe third axiom is unique (exercise) and we call it a1.

Remark 1.2. Basically all groups that well encounter in this course will be commutative,i.e. we will have ab = ba for all a, bG.

Next, we have more developed sets, which are called commutative unital rings (orsimply rings, to simplify). This time we have a setR and two operations + : R R R,: R RR such that

(R, +) is a commutative group. We call 0 its unit element (i.e. what was called1 inthe definition of a group).

There exists 1

R such thata

1 = 1

a= a for all a

R.

We have a b= b a and (a b) c= a (b c)for all a, b, cR. + andare compatible, i.e. we have a(b + c) =ab + ac.Of course, people also study rings which are not unital or commutative, but for our

purposes well stick to this class of rings. The thing to keep in mind is that you can add andmultiply things in a ring, but one has to be careful, because one cannot do divisions in anarbitrary ring. Speaking about divisions, lets introduce two very important definitions.

Definition 1.3.a) An elementx of a ringR is called aunitif one can findyR such thatxy= yx = 1. Such a y is then unique and we call it x1.

b) Afield is a ring in which every nonzero element is a unit.

There is one point which you should be aware of: ifR is a ring and a, b, cR are nonzeroand satisfy ab = ac, then it does not necessarily follow that b= c. This is the case ifR is afield, as then you can multiply by a1. If course, there are other rings for which you havethis cancelation law (they are called domains and well see them in the next lecture).

1.4 The usual examples....

Of course, you already know quite a few rings: Z, Q, R, C. What are their units? For Z,they are1, as1 are the only divisors of 1. On the other hand, Q, R, C are fields, sotheir units are precisely the nonzero elements.

2


3/123

1.5 The ring Z/nZ

Recall that ifa, b Z andn is a nonzero integer, we writea = b (modn)ifn|ab. Ifa Z,

we denote a= a + nZ ={a + nb|b Z}and call it the residue class of a mod n. There are exactly n residue classes, those of0, 1,...,n 1, and we call Z/nZ the set of these residue classes. So

Z/nZ ={0, 1,...,n 1}.

By definition,x = y as elements ofZ/nZ if and only ifx = y (mod n). This causes somedifficulties when trying to define maps from Z/nZ to a setX. Indeed, suppose you are givena map g : Z X. You would like to define a map f : Z/nZ X by setting f(x) =g(x).You can do this if and only ifg is n-periodical, i.e. g(x) =g(x + n) for all x.

Proposition 1.6. Z/nZ becomes a ring for the following operations: a+ b = a + b andab = ab. The units of Z/nZ are the elements a with gcd(a, n) = 1 (so there are (n)units).

Proof. The fact that these operations are well defined is a consequence of basic propertiesof congruences: you need to check that ifa= c and b = d, then a + b= c + d and ab = cd.Checking that Z/nZ becomes a ring for these operations is just a matter of unwindingdefinitions. Lets consider the units issue. By definition, a is a unit if and only if there is bsuch that a b = 1. The last is equivalent to ab = 1, that is ab = 1 (modn). By Bezout,suchb exists iffa is relatively prime to n.

Understanding the units ofZ/nZ will occupy most of the next lecture and is a basic andvery important result in number theory.

1.7 Rings of polynomials and formal series

Anextremely importantconstruction of rings is the following: letR be a ring (recall thatits commutative unital). The ring of polynomials with coefficients in R is denotedR[X]. Its elements are of the form

n0 anXn, where an R and only finitely many of

them are nonzero. Let me recall how you add and multiply two polynomials

n anXn + n bnX

n = n (an+ bn)Xn,

n

anXn

n

bnXn

=

n

ni=0

aibni

Xn.

The largest n for which an= 0 is said to be the degree of the polynomial. We candefine the set of n-variables polynomials with coefficients in R, denoted R[X1,...,Xn], byinduction: R[X1] = R[X] and R[X1,...,Xn] = (R[X1,...,Xn1])[Xn]. You can easily provethat any element in R[X1,...,Xn] can be uniquely written in the form

f(X1,...,Xn) =

i1,...,in0ai1,...,inX

i11 ...X

inn ,

3


4/123

withai1,...,inR almost all (i.e. all except finitely many) equal to 0.What happens if you dont impose the condition that only finitely many ans should

be nonzero? Well, you get thering of formal series (or generating functions) with

coefficients in R, which plays an extremely important role in combinatorics (and not only,its a crucial technical tool in number theory, too). Well denote this ring R[[X]].

Let me give you right away an example which shows why we do care about polynomialswhen doing number theory. It is hard to find something more elegant than the followingproof of the famous Lucass theorem:

Theorem 1.8. (Lucas) Writen= n0+ n1p + ... + nkpk in basep and letm= m0+ m1p +

... + mkpk with0mip 1. Then

n

m

=

ki=0

nimi

(mod p).

Proof. LetR = Z/pZ and note that (1 + X)p = 1 + Xp inR[X], as all binomial coefficientspi

(1i < p) are multiples ofp. We deduce immediately that (1 + X)pj = 1 + Xpj inR[X]

for any j1. But then we have in R[X](1 + X)n = (1 + X)n0 (1 + X)pn1 ... (1 + X)nkpk = (1 + X)n0(1 + Xp)n1 ...(1 + Xpk)nk .

Simply identity the coefficients ofXm (as elements ofR, not as integers!).

1.9 The ring of arithmetic functions

An arithmetic function is simply a mapf : NC. There is a very nice and useful operationon arithmetic functions, called the convolution product(or Dirichlet convolution)

f g(n) = ab=n

f(a)g(b) =d|n

f(d)gn

d

.

Note that every time I write a sum indexed by d|n, I mean that the sum is taken over allpositive divisors ofn. The following theorem resumes the main properties of the convolutionproduct:

Theorem 1.10. The set of arithmetic functions becomes a commutative ring with unitywhen endowed with the usual addition and with multiplication defined by. The element 1of this ring is the map sending 1 to 1 and everything else to 0. The units of this ring areprecisely the arithmetic functionsf such thatf(1)= 0.Proof. The fact that its a ring is a simple exercise left to the reader (for instance, in orderto prove that (f g) h= f (g h), you can easily check that

(f g) h(n) =

abc=n

f(a)g(b)h(c),

and this is obviously symmetric in f , g , h). The nontrivial part is the computation of theunits of this ring.

Suppose thatfis a unit and letf1 be its inverse for . Then we must havef1(1) = 1f(1)(thusf(1)= 0) and

d|nf1(d)f

n

d= 0 for n >1.

4


5/123


6/123

Assume now that x= pku= plv for some u, v units and some nonnegative integers k, l.If k > l, lemma 1.15 yields pklu = v. As v is invertible, we deduce that pkluv1 = 1,which contradicts proposition 1.13. Similarly, we cannot have k < l, so thatk = l. Applying

lemma 1.15 once more, we get u = v, which proves the uniqueness part of the theorem.To prove the existence, write x as a compatible sequence and letm be the largest integer

j such that xj 0 (mod pj ). Then yn = xn+mpm are integers, since by compatibility xn+mxm 0 (mod pm). Moreover, since xn is compatible, so is yn. Then by construction thesequenceyn defines a p-adic integer y such that p

my = x. We claim that y is a unit, whichwill finish the proof of the first part of the theorem. But note that the first component ofyndoes not vanish, so the result follows from proposition 1.13.

1.16 The ring Z[]

Letf Q[X] be a nonconstant polynomial and let be a complex root off. We defineZ[] ={g()|g Z[X]}

and we call it the ring generated by . It is the smallest ring that contains . We define

Q[] ={f()g()

|f, gQ[X]}.

This is the smallest field containing .

Exercise 1.17. Prove that Q[] ={f()|f Q[X]}.This ring Z[]has a very rich arithmetic structure and in the next lectures well see some

basic things about it. It is a subring of a much bigger and very mysterious ring, which willbe introduced in the next section.

1.18 The ring of algebraic integers Z

Well now introduce a highly intricate ring, which controls a good deal of the modern numbertheory.

Definition 1.19. a) A complex number z is called algebraicif it is root of some nonzeropolynomial with rational coefficients.

b) A complex number z is called an algebraic integer if it is root of some nonzero

monic polynomial with integer coefficients.c) I will denote by Q (respectively Z) the set of algebraic numbers (resp. algebraic

integers).

The following result is absolutely not obvious at first sight, but it is a rather easy conse-quence of the theorem on symmetric polynomials, see the next section.

Theorem 1.20. Q is an algebraically closed field andZ is a ring.

To see how amazing this theorem is, try to find an explicit monic polynomial with integer

coefficients killing 3

1 + 3

19 + 3

20097 + 1. Or do the same with

2 +

3 +

5 +

6 +7 +

11 (this is easier to handle, though very tricky).

6


7/123

Definition 1.21. IfKis any subfield ofC, denote byOK=KZ. By the previous theorem,OK is a subring ofK. We call it the ring of integers ofK.

Although very easy, the following result is absolutely fundamental and I will use it alot. Note that it crucially uses the fundamental theorem of arithmetic (which will be hugelygeneralized in the next lectures).

Proposition 1.22. We have OZ = Z. That is, an algebraic integer which is a rationalnumber is actually a rational integer.

Proof. Writez = uv with relatively prime integersu, v. Suppose thatzn+an1zn1+...+a0=

0for some integersai. Thusun+an1un1v+...+a0vn = 0 and sovdividesun. As(u, v) = 1,

Gauss lemma implies that v =1 and so z Z.

1.23 The fundamental theorem of symmetric polynomials

The proof of the following result is quite elementary, but the result itself is incredibly powerfuland useful.

Theorem 1.24. (Fundamental theorem of symmetric polynomials.) LetR be any (commu-tative) ring and letfR[X1, . . . , X n]be a symmetric polynomial (i.e. for any permutationof{1, 2,...,n}we havef(X1, . . . , X n) =f(X(1), . . . , X (n)).Then there isgR[X1, . . . , X n]such that

f(X1,...,Xn) =g(X1+ ... + Xn,

1i


8/123

for some h Q[X1,...,Xn] (resp Z[X1,...,Xn]). The conclusion follows from the fact thatall symmetric sums inzis are related to the coefficients ofg by Vietes relations.

We can now easily prove that Q is a ring (the argument for Z being identical). Supposethatand are algebraic numbers, lets prove that is still an algebraic number. Choosef, g Q[X] monic vanishing at , respectively and let

f(x) =n

i=1

(x i), g(x) =m

i=1

(x i) Q[X]

Consider the polynomialn

i=1

nj=1

(x ij ) Q[X]

and call ith. Definitely, h vanishes at

and I claim that it has rational coefficients. Note

that when we expand that huge product, all coefficients ofh are polynomial expressions in1,...,n and 1,...,m, which are moreover symmetric in 1,...,n and in 1,...,m. Fixa coefficient of h and consider it as a polynomial expression in 1,...,n with coefficientsin Q[1,...,m]. Since it is symmetric in j, by the previous theorem it is a polynomialwith coefficients in Q[1,...,m] in the symmetric sums of1,...,n. But these symmetricsums are just (up to signs) coefficients off, which are rational. Therefore, we get that thiscoefficient is a polynomial expression with rational coefficients in1,...,m, symmetric inj.Apply once more this argument to conclude that it is a rational number.

1.26 A very subtle irrationality criterion

Ive stolen this material from Iurie Boreico and Vesselin Dimitrov... I find it extremelyelegant and it nicely illustrates the power of the symmetric polynomials theorem.

Theorem 1.27. Letk >1 and consider positive rational numbersa1, . . . , an, b1, . . . , bn suchthat

a1k

b1+ a2k

b2+ + an k

bn Q.Then k

bi Q,in.

Proof. (Following Vasselin Dimitrov and Iurie Boreico) We may assume that all ais areequal to 1 (exercise).

Let Ai ={roots ofXk bi}={j k

bi|1j < k} where is a primitive root of orderk of 1, S=ni=1 k

bi and consider

P(X) =

x2A2,...,xnAn(S X x2 xn).

The usual argument with symmetric polynomials shows thatP Q[X].ClearlyP( kb1) = 0.Let d be the least positive divisor ofk for which k

bd1 Q (it exists, as k

bk1 Q). We

needd = 1, because then we know that k

b1 Q, then we can delete the first term from thesum and make induction onn. By definition, we can write k

b1= d

x with x Q+. A very

easy but crucial fact is the

Lemma 1.28. Xd

x is irreducible inQ[X].

8


9/123

Proof. Look at the roots and constant term of a factor ofXd x and use the minimalityof d: if F is a monic polynomial with rational coefficients of degree between 1 and d1that divides Xd

x, all roots ofF have absolute value d

x and so

|F(0)

|= ( d

x)deg(f) is a

rational number, that is kbdeg(F)1 Q, contradicting the minimality ofd. Now P( d

x) = 0 and by the lemma Xd x| P in Q[X]. Take z a primitive root of

order d of 1. Then P(z d

x) = 0 so there are (x2, . . . , xn) A2A3 An withS z dk= x2+ + xn. Then

Re(S) =S= Re(z d

x + x2+ + xn)Re(z d

x) +n

i=2

(xi)

which is equal to

Re(z d

x) +n

i=2k

bi1.

6. (China TST 2000) Show that10012 + 1 +

10022 + 1 + +

20002 + 1 Q.

7. a) (useful) IfQandcos() Q, then cos() {12 , 1, 0}.b) (classical) Suppose that a regular polygon in the plane has all coordinates integernumbers. Show that it is a square.

8. (IMO Shortlist 1991) Let be a rational number with 0 < < 1 and cos(3) +

2 cos(2) = 0. Prove that = 23 .

9. Prove the following generalization of Fermats little theorem: letf Z[X] be a monicpolynomial with complex rootsz1, z2,...,zn(counted with multiplicities). Then for anyprimep we have

zp1+ zp2+ ... + z

pn(z1+ z2+ ... + zn)p (modp).

10. (classical) Leta1 = 0, a2 = 2, a3 = 3, an+1 = an1+ an2. Prove that for any primenumber p we have that p|ap.

11. (Iran 2006) a) Let P, R be polynomials with rational coefficients with P

= 0. Prove

that there exists a non-zero polynomial Q Q[X] such that P(X)|Q(R(X))b) LetP, Rbe polynomials with integer coefficients and suppose that Pis monic. Provethat there exists a monic polynomial Q Z[X] such that P(X)|Q(R(X)).

12. (USAMO 2009) Let s1, s2,... and t1, t2,... be two infinite nonconstant sequences ofrational numbers such that (si sj)(ti tj) is an integer for all i, j 1. Prove thatthere exists a rational number r such that (si sj)r and titjr are integers for alli, j.

13. (Kroneckers theorem) Let f Z[X] be a monic polynomial, all of whose roots haveabsolute value less than or equal to1. Then all roots offare either0 or roots of unity.

14. Show that if a1, a2,...,an are rational numbers and p1, p2,...,pn are pairwise distinctprimes such thata1

p1+ a2

p2+ ... + an

pn= 0,

thena1= a2= ... = an= 0.

2 Lecture 3: Modular arithmetic via the abstract approach

Is all this abstract nonsense useful in number theory? The answer is undoubtedly yes, andin this section Ill give you some "abstract proofs" of things that you already know. Theseapplications wont probably be considered impressive, but, believe me, by the end of thecourse you will appreciate the power of the approach weve taken here.

10


11/123

2.1 Euler and Lagranges theorems

I guess you know Eulers theorem

gcd(a, n) = 1a(n) 1 (modn).

This is a consequence of a much more general and incredibly useful theorem of Lagrange.

Theorem 2.2. (Lagrange) IfG is a finite group, then for anygG one hasg|G| = 1.Proof. (almost...) Ill just prove it whenG is commutative, since this will be the only casewere interested in. Observe that the map f : GG sending x to xg is bijective. Indeed,its inverse is simply the map xxg1 (check this!). But then, since G is commutative, wecan write

xGx=

xG(xg) =

xGx g|G|.

Multiplying the previous equality by the inverse ofxG, youre done. Of course, Eulers theorem is simply a special case of Lagranges theorem, by taking

G= (Z/nZ), the group of units ofZ/nZ.

2.3 The Chinese remainder theorem

Let me recall the classical statement of the Chinese remainder theorem.

Theorem 2.4. Ifm1, m2,...,mk are pairwise relatively prime integers, then for any integersa1, a2,...,ak the system x = ai (mod mi) has integral solutions. Moreover, two integral

solutions differ by a multiple ofm1m2...mk.

Let us reformulate this in a more algebraic way. Consider the map

Z/m1...mkZ Z/m1Z ... Z/mkZ

sending xto (x, ...,x)is bijective Note that all these xare not the same thing: the first oneis the class ofx modm1...mk, the second one is the class ofx modm1 and so on. However,it would have been too painful for me to invent special notations...

A few seconds of thought will show that the Chinese remainder theorem is saying nothingelse than the fact that the previous map is bijective. As the source and the target of themap have the same number of elements, namely m1m2...mk, it is enough to prove that f is

injective. But ifx and y are two elements ofZ/m1...mkZ mapping to the same thing, thenby definition x= y in Z/mjZ for all j , hence mj divides x y for all j. Since the mj s arerelatively prime, it follows thatm1...mk dividesx y. This is another way to say that x= yas elements ofZ/m1...mkZ. This finishes the proof of the Chinese remainder theorem.

Let me end this section with another very important result. It is a simple application ofthe CRT, but it is constantly used when studying polynomial congruences.

Theorem 2.5. Let f Z[X] and n = pk11 ...pkss . The equation f(x) = 0 (mod n) hassolutions if and only if each of the equationsf(x) = 0 (mod pkii ) has solutions. In this case,the number of solutions inZ/nZ of the first equation is simply the product of the numbers

of solutions of each of the other equations inZ/pkjj Z.

11


12/123

Proof. Well, iff(x) = 0 (mod n), then certainlyf(x) = 0 (mod pkii ), so that ifAd is the setof solutions of the equation f(x) = 0 (mod d), then we have a mapAnApk11 ... Apkss .This simply sends x (taken modn) to (x,...,x) (taken mod pki

i...). As in the proof of CRT,

this map is injective. Lets prove surjectivity. If (x1,...,xk) is a k-tuple with xi solution off(x) = 0 (mod pkii ), then by CRT there isx such thatx = xi (mod p

kii ). Then by the usual

argument f(x) = 0 (mod pkii ), so that f(x) = 0 (modn) and we created a solution modn.

2.6 Order modulo n

The definitions and results of this section will be used all along the course, so please be sureyou digest them. LetG be a finite group. Recall that Lagranges theorem yields g |G| = 1forall gG. This shows that the following definition makes sense.

Definition 2.7. IfG is a finite group and g G, ord(g) is the smallest positive integer ksuch thatgk = 1.

Applied to G = (Z/nZ), the units ofZ/nZ, this yields the following definition:

Definition 2.8. Ifais relatively prime ton, the order ofamodnis the order ofa(Z/nZ).It is also the smallest positive integer k such thatg k = 1 (mod n).

I cannot emphasize enough the importance of the following result. We will use it con-stanly.

Theorem 2.9. a) Letn, k be positive integers and leta be an integer prime to n. Then

ak = 1 (modn)ord(a (mod n))|k.

b) The order ofa modn divides(n).

Proof. For a) simply use division with remainder: if ak = 1 (mod n), divide k = qd + r(0r < d), whered is the order ofa modn. By definitionad = 1 (mod n), so thatadq = 1(modn). But then ar = 1 (modn). Since 0r < d, the minimality ofd forces r = 0, thatis d|k. The rest is obvious. Definition 2.10. Say a is a primitive root mod n if its order mod n is (n). This is thesame as saying that the units ofZ/nZ are exactly 1, a, a2,..., a(n)1.

The purpose of the next sections is to prove the following beautiful and rather difficulttheorem.

Theorem 2.11. (Gauss) For any odd primep and anyn1 there are primitive roots modpn.

The proof is rather long and tricky, but it contains many beautiful and useful ideas, so Iwill try to explain it. The hardest part of the proof is the case n = 1.

12


13/123

2.12 The casen= 1

So, let us suppose first that n = 1and introduce G = (Z/pZ), a group with p 1elements.

Ifd|p 1, let Ad={gG|ord(g) =d}.As the order of any element ofG divides p 1, the sets Ad form a partition ofG, so

d|p1|Ad|=|G|= p 1.

Heres the first crucial ingredient:

Lemma 2.13. For anyd we have|Ad| (d).Proof. IfAd is empty, we are done, so assume the contrary and take any element aAd. Soa has order d and so ad = 1. In particular, the elements 1,a,...,ad1 are distinct solutionsof the equation xd = 1. Now, this equation has at most d solutions in G, because Z/pZ is afield and because the polynomial Xd 1 (seen as polynomial with coefficients in this field)has at most d roots in Z/pZ. Thus, ifxAd is arbitrary, then there is 0id 1 suchthatx = ai (because xd = 1 and by the previous argument). But since x has order preciselyd, it is not difficult to check that (i, d) = 1. In particular, Ad is a subset of{ai|(i, d) = 1}.Since the last set has (d) elements, 1) of the lemma follows.

The second ingredient:

Lemma 2.14. (Gauss) For alln we have

d|n (d) =n.

Proof. There are many proofs, but heres the shortest one: look at the numbers 1k ,..., kk .These are k distinct rational numbers. Imagine you wrote them in lowest terms, then forevery d|k there are (k) fractions whose denominator is d. By double-counting, we get theconclusion.

These two lemmas finish the proof of the casen = 1: indeed, they imply that|Ad|= (d)for anyd|p1, in particular |Ap1| 1. But any element ofAp1is (by definition) a primitiveroot modp.

2.15 The casen= 2

This follows from the following nice

Lemma 2.16. Leta Z be such thata (modp) is a primitive root modp. Then eitheraora +p is a primitive root modp2.

Proof. Botha and a +pare primitive roots modp (when reduced mod p they are the samething) and ifb {a, a+p} and d is the order ofd mod p2, then d divides p(p 1) and dis a multiple ofp 1 (because bd = 1 (mod p2), so bd = 1 (mod p) and so p 1 divides d,because b is a primitive root modp). So, ifd is notp(p 1)for any ofa, a +p, then we haveap1 = 1 (mod p2) and (a+p)p1 = 1 (mod p2). Using the binomial formula for the lastone, it is easy to check that this cannot happen.

13


14/123

2.17 Lifting the exponent lemma

Ifn is a nonzero integer and p is a prime, we denote by vp(n)the largest nonnegative integer

k such that p

k

|n. So vp(n) = 0 iff p does not divide n, vp(n) = 1 iff p divides exactlyn, etc. By a natural convention, we set vp(0) =. It is easy to check that vp(a+ b)min(vp(a), vp(b)). On the other hand, ifp does not divide a or b, then it does not divide ab(this is classical; see the next lecture for much more general situations). We easily deducethat vp(ab) =vp(a) + vp(b)for all a, b.

The next result is very useful in olympiad-type problems (and not only...). I stronglyadvise you to understand the following proof, as it appears all the time in different forms.

Theorem 2.18. (Lifting the exponent lemma) Letp >2 be an odd prime, a, b integers suchthat(p, ab) = 1 andp|a b. For alln1 we have

vp(an bn) =vp(n) + vp(a b).

Proof. This is done in three steps. First, we check it when vp(n) = 0. In this case we needto prove that p does not divide a

nbnab . This is clear, as by hypothesis

an bna b =a

n1 + an2b + ... + bn1 nan1 (modp)

and p does not divide nan1 (by our hypotheses). Next, we prove it forn = p. Thus, weneed to check that p divides exactly once ap1 + ... + bp1. Writeb = a +pk for some integerk. Then by the binomial formula we have bi ai + iai1pk (modp2), so thatap bp

a b =p1

i=0ap1ibi

p1

i=0(ap1 + ipkap2)pap1 +p2kp 1

2 ap2 pap1 (modp2).

Note that p12 is an integer, asp > 2. This is why the hypothesis p > 2 is so important!The previous congruence proves the claim.

Finally, to prove the general casevp(n)1, use induction onvp(n): if its ok forvp(n) =l,apply the case n = p to an/p and bn/p (note that they still satisfy the hypotheses of theproblem). We get vp(a

n bn) = 1 + vp(an/p bn/p). Now apply the inductive hypothesis.

You might wonder what happens forp = 2. There is of course a version for p = 2, but itis slightly more complicated to state (but much easier to prove).

Theorem 2.19. Letx, y be odd integers and letn be anevenpositive integer. Then

v2(xn yn) =v2

x2 y22

+ v2(n).

Proof. Write n = 2ka for some odd number a. Then

xn yn = (xa ya)(xa + ya)(x2a + y2a)...(x2k1a + y2k1a).Now observe that ifu, v are odd numbers, then u2 + v2 2 (mod 4). Thus

v2(xn yn) =v2(x2a y2a) + k 1.

Finally, since a, x, y are odd, it is easy to see that x2ay2ax2y2 is odd. The result follows.

14


15/123

Remark 2.20. 1) Every time you apply this result, be sure you check all hypotheses. Veryoften one forgets to check them all and one gets stupid results at the end.

2) I strongly advise you to repeat the arguments for p = 2 every single time you have to

use it. On the one hand, they are almost completely trivial, on the other hand they avoidproblems concerning bad memory...

2.21 The casen >2 in Gauss theorem

We are finally able to finish the proof of Gauss theorem, via the following

Proposition 2.22. If a is an integer such that a (modp) and a (mod p2) are primitiveroots modp andp2 respectively, thena (modpn) is a primitive root modpn for anyn.

Proof. Assume that n3 and let d be the order ofa mod pn. Then d divides pn1(p 1)and d is a multiple of p

1 (as a is primitive mod p). But then d = (p

1)pj for some

0jn 1. Since ad = 1 (mod pn), the lifting the exponent lemma yieldsnvp(ad 1) =vp(apj(p1) 1) =vp(ap1 1) +j.

Butvp(ap1 1) = 1, sincep2 cannot divideap1 1(becausea is a primitive root modp2).

So jn 1 and soj = n 1. Thus a has order pn1(p 1) modpn and we are done.

2.23 Some other applications of the lifting lemma

Example 2.24. (Chinese TST 2004)Leta be a fixed positive integer. Prove that the equationn! =ab

ac has a finite number

of solutions(n,b,c) in positive integers.

Proof. (simplified by Richard Stong)Letp be an odd prime not dividing a. Then by the lifting exponent lemma we have

vp(an 1)vp((ap1)n 1) =vp(ap1 1) + vp(n).

Taking n = bc and noting that vp(n!) > np 1 (since p, 2p, ..., [n/p]p all divide n!), weconclude that

vp(b c)vp(n!) vp(ap1 1) np

K

for some constantK, independent ofn. Letting = pK

>0, we conclude thatbcpn/p

.Thus

nn > n! =ab ac > abc apn/p.Taking logarithms, we deduce that n is bounded in terms of a. Since c, bc < n!, theconclusion follows.

Example2.25. (Chinese TST 2009) Let n be a positive integer and let a > b > 1 be integerssuch thatbis odd andbn|an 1. Prove thatab > 3nn.

15


16/123

Proof. Take any prime factor p of b. Since b is odd, we have p > 2. As in the previousexample, we have

nvp(bn

)vp(an

1)vp(ap

1

1) + vp(n),so that

ab > ap1 1pvp(ap11) pn

n 3

n

n.

Example 2.26. (generalizes IMO 1990 and 1999) Find all primes p and all positive integersn such that np1 divides(p 1)n + 1.Proof. Let p, n be as in the statement. Note that ifp= 2, then n= 1 or n = 2. From nowon, we assume thatp >2. Ifn is even, then4 cannot divide np1 (because 4 does not divide

(p 1)n

+ 1) and so p = 2, a contradiction. So, n is odd. Let qbe the smallest prime factorofn. Since qdivides (p 1)2n 1and (p 1)q1 1and since gcd(2n, q 1) = 2, it followsthat qdivides (p 1)2 1 =p(p 2).

Suppose first thatqdividesp 2. Then, by the lifting exponent lemma and the fact thatq does not divide (p 1)n 1 (otherwise qdivides 2, contradicting the fact that n is odd)we have

(p 1)vq(n) =vq(np1)vq((p 1)2n 1) =vq((p 1)2 1) + vq(n),

so that(p 2)vq(n)vq(p 2). In particular, p 2qp2 3p2. This easily implies thatp= 3, contradicting the fact that qdivides p 2.

Next, assume that q= p, so that again by the lifting exponent lemma (using that n isodd) we have

(p 1)vp(n) =vp(np1)vp((p 1)n + 1) = 1 + vp(n).Thus (p 2)vp(n)1. In particular, p = 3 and vp(n) = 1. Writen = 3a with gcd(a, 3) =1 and observe that a2 divides 8a + 1. We claim that a = 1. Otherwise, let r be thesmallest prime factor ofa, so that r divides 64a 1and64r1 1. Thus r divides63, sincegcd(a, r 1) = 1. But then r = 3 or r = 7. Since3 does not divide a, we must have r = 7and 7 divides 8a + 1. Since this is of course impossible, it follows that a = 1 and n = 3.

Remark2.27. The trick of playing with the smallest prime factor is quite subtle and efficient.

Be sure it is part of your toolbox, as it appears very often in this kind of problems. Just fortraining, here is an absolute classic: prove that n does not divide 2n 1 or 3n 2n ifn >1.

2.28 Problem set for lecture 2

1. (IMO Shortlist 1989) Show that for alln there aren consecutive positive integers noneof which is a power of a prime number.

2. a) Show that there are arbitrarily long arithmetic progressions all of whose terms areperfect powers (i.e. squares or cubes or...).

b) Can we find an infinite such progression?

16


17/123

3. (Romania TST 1995) Let f(x) = lcm(1, 2,...,x). Show that for any n 2 there is asetA ofn consecutive positive integers on which f is constant.

4. A lattice point is called visible (from the origin) if its coordinates are relatively primenumbers. Is there any lattice point whose distance from each visible lattice point is atleast 2000?

5. (St. Petersburg) Show thatn|(an 1) for all n1 and a Z.6. (Bulgaria) Find allm, n1 such that n|m23n + m3n + 1.7. Show thatx4 =1 (mod p) has a solution iffp= 1 (mod 8).8. (Iran 2007) Letn be relatively prime to 2(21386 1) and leta1, a2,...,ak be a reduced

system mod n. Show that n divides a13861 + a13862 + ... + a

1386k .

9. Find the number ofd-th powers in Z/pZ for p >2 and d a positive integer (fixed).

10. Easy applications of the lifting exponent lemma:

a) (Romania TST) Find all n for which 2n|3n 1.b) (AMM) Let a, b, c be positive integers such that c|ac bc. Prove thatc|acbcab .c) (Romania TST 2009) Let a, n2 be integers such that n divides(a 1)k for somek1. Prove thatn divides 1 + a + a2 + ... + an1.d) (Romania TST 1994) Prove that ((n 1)n + 1)2 dividesn(n 1)(n1)n+1 + nfor allodd n >1.

11. Letfbe a polynomial with integer coefficients such that for some prime number p wehavef(i) = 0 (mod p)or f(i) = 1 (mod p)for any integer i. Iff(0) = 0and f(1) = 1,prove that deg(f)p 1.

12. (Don Zagier) Somebody incorrectly remembered Fermats little theorem as saying thatthe congruencean+1 a (modn) holds for all a. Describe the set of integersn forwhich this property is in fact true.

13. (Romania TST 2008) Compute the gcd of the numbers 2n 2, 3n 3,...,nn n forgiven n.

14. (Unesco Competition 1995) Let m, n be integers greater than 1. Prove that the re-

mainders of the numbers 1n

, 2n

,...,mn

modulo m are pairwise distinct if and only ifmis square-free andn is relatively prime to (m).

15. (IMO Shortlist 1989) Letm > 1 be odd. Find the smallestn for which 21989 dividesmn 1.

16. A Carmichael number is a natural numbern such that n|an a for any integer a.a) Prove thatn is a Carmichael number if and only ifn is squarefree andp 1dividesn 1 for any prime p dividingn.b) Find all Carmichael numbers of the form 3pqwithp, qprimes.

17. (Ljungren) Let p >2. Show that for any integers a, b we have papb= ab (mod p3).17


18/123

18. Letp be a prime number and m, nbe integers greater than 1 such that n|mp(n1) 1.Prove that gcd(mn1 1, n)> 1.

19. Trickier applications of the lifting exponent lemma:a) (Balkan Math. Olympiad 1993) Let m > 1 be an integer and let p be a prime.Suppose that the equation

xp + yp

2 =

x + y

2

mhas integral solutions x,y >1. Then m = p.

b) (IMO Shortlist 2000) Find all a,m,n positive integers such that am + 1 divides(a + 1)n.

c) Find all positive integers m, n such that mn|nm 1.d) (Mathlinks Contest) Leta, bbe distinct positive rational numbers such that an

bn

Z for infinitely many positive integers n. Show that a, b Z.20. a) Find all primes p, q such that pqdivides 2p + 2q.

b) Find all primes p, q such that pqdivides 5p + 5q.

21. (IMO) Prove that for any primep there is a prime qthat does not divide any of thenumbers np p, withn1.

22. (Sierpinski) Show that there isk >1 such that k 2n + 1 is composite for all n0.23. (Erdos) Show that there is an infinite arithmetic progression of odd numbers, none of

which can be written p + 2k withp a prime andk

0.

24. (Morleys congruence) Show that

(1)p12

p 1p1

2

4p1 (modp3)

for all prime numbers p withp5.25. (Bulgaria TST 2000). Leta, b >1 be relatively prime. Show that for infinitely many

primesp, vp(ap1 bp1) is odd.

18


19/123

3 Lecture 4: Legendres formula and applications

The following theorem has a very simple proof, but one can emphasize enough its importance.

Hopefully the results to be proved in this lecture will show its power.

Theorem 3.1. (Legendre) One has

vp(n!) =k1

n

pk

=

n sp(n)p 1 ,

wheresp(n) is the sum of digits ofn when written in basep.

Proof. For the first part: there are

npj

npj+1

integers 1xn such that vp(x) =j, so

vp(n!) =

n

k=1

vp(k) =

j=1

vp(x)=j

j=

j=1

j npj npj+1= j1

n

pj (consider the last part as exercise). For the second part let n = akpk + + a0, ai{0, 1, . . . , p 1} then

n

p

= akpk1 + + a1,

n

p2

= akpk2 + + a2, . . .

so

j1 n

pj = ak(p

k1 + +p + 1) + ak1(pk2 + + 1) +

=akpk 1p 1 + ak1

pk1 1p 1 + + a1

p 1p 1+ a0

p0 1p 1

=n ai

p 1 =n sp(n)

p 1 .

3.2 Some amazing applications (following Tchebyshev and Erdos)

If the results and proofs in this section dont convince you that number theory is wonderful,you are a desperate case! Lets start with a simple, but a bit technical application of Legen-

dres formula. Well see that it yields some rather amazing things.

Crucial estimate For any n 2, n[n2 ] dividespnp[logpn] and is a multiple of[n+12 ]


20/123

and the fact that

[n+12 ]logp n are equal to 0. Thus vp

n[n2 ][logp n] and we are done.

This estimate yields two very nice and useful results.

Corollary 3.3. (Erdos) Forn2 we havepn< 4n1.Proof. The proof is by induction. Ill leave you check that it holds for n = 2. Suppose its

o.k. for all numbers smaller than n and let us prove thatpn+1< 4n. Ifn + 1 is even, thisis clear, so suppose that n = 2k. By the crucial estimate we have

k+2p2k+1p

2k+1k

,

which combined with the induction hypothesis for k gives

pn+1

p=

pk+1p

k+2p2k+1

p < 4k

2k+ 1

k

4n,

the last inequality being a consequence of

2 4k = (1 + 1)2k+1 =bla+

2k+ 1

k

+

2k+ 1

k+ 1

+bla> 2

2k+ 1

k

.

Let (n) =

pn1 be the number of prime numbers smaller than or equal to n. Thefamous (and deep) prime number theorem asserts that for n large enough(n)behaves like

nlog n . The following result gives a uniform lower bound estimate. Of course, it is weakerthan the prime number theorem, but it is rather amazing that with so little tools it alreadygives the "correct" lower bound.

Corollary 3.4. For alln2 we have

(2n)

n ln 2

ln(2n)

.

Proof. Using the crucial estimate for N=2n

n

, we obtain

log N =

p2nvp(N)logp

p2n

[logp(2n)] logp(2n) log(2n).

Next, N is the largest among the2n

k

and

k

2nk

= 4n, hence N 4n2n+1 . We even get the

stronger inequality

(2n) log Nlog(2n)

2n log2 log(2n + 1)log2n

.

20


21/123

Next, we give an upper bound for (n)using the same ideas:

Corollary 3.5. Forn2 we have

(n)< 6nlog2 n

.

Proof. By the crucial estimate, we obtain

n(2n)(n) 2n,

thenvp(2n

n

)1. Erdoss key observation is that ifp is between 2n3 andn, thenvp(

2nn

) = 0.

This is immediate to check using Legendres formula. Putting everything together yields (the

first factor 2n comes from the possible p = 2n 1 factor of 2nn ).4n

2n + 1

2n

n

2n

2n


22/123

which implies that 4n/3 < (2n)1+

n/2 and so n3log 4 < (1 +

n2)log2n

3log 4 . This is equivalent to 2

50 > (1250)3 and it is

clear, as for instance (1250)3 1, n! is not a perfect power (i.e. perfect square or cube or fourthpower or...).

Proof. Let me assume that n > 3. By Bertrands postulate there is a prime between n/2and n. Clearly vp(n!) = 1 and the result follows.

Remark 3.8. 1. There are some very deep theorems of Rosser and Schoenfeld which statethat ifpn is the nth prime, then pn> n log n and that

n

log n 12< (n)66. Of course, they are waaaaay beyond this course.

2. A deep generalization of Bertrands postulate is due to Sylvester: if n > k, then atleast one of the numbers n, n + 1,...,n + k 1 has a prime factor greater than k .

Let me end this section with a rather delicate, but absolutely classical theorem of Mertens.

I will not give a proof of the second and third points, since this requires some pretty involvedcomputations with integrals.

Theorem 3.9. (Mertens)

1. There exists a constantc1 such that for alln1

pn

logp

p log n

c1.2. There exists constantsc2, c3 such that for alln > 2 we have

pn

1

p c2 log log n

c3log n .3. Let= limn

1 + 12+ ... +

1n log n

. Then there exists a constantc5 such that

pn

1 1

p

e

log n

c5log2 n .

22


23/123

Let me just prove the first part, since it is elementary. We will use the prime factorizationofn!. Legendres formula yields

n

p 11 +log nlogp< vp(n!)< np 1 .Multiplying this bylogp and summing over pn yields

log

pnp (n) log n < log n! n

pn

logp

p 1 log n! > n(log n1) (the first one is obvious, the second one follows easily byinduction, using the inequality log

1 + 1n

< 1n ) yields

8log2> pnlogp

p 1log n >

1.

The theorem follows from this estimate and the fact that the series

plogp

p(p1) converges

(since logpp(p1) < 1p

p ifp is large enough).

3.10 Problem set for lecture 4

1. Show that all2n

k

for 1k 1 are such that for anyk >1 there is x withxn =b (modk). Show that b is a n-th power of an integer.

4. (Romania TST 2007) Solve in positive integersx2007 y2007 =x! y!.5. (AMM) Prove the identity

(n + 1) lcm

n

0

,

n

1

, ...,

n

n

= lcm(1, 2, . . . , n + 1)

for any positive integern.

6. Show thatp does not divide any of the binomial coefficients

n1

,

n2

,...

n

n1if and only

if there is 1s < p and k1 such that n = s pk 1.7. For given p >2 find all n such that all

nk

(1k < n) are multiples ofp.

8. a) (USA TST) For any positive integern we haven

0

1+

n

1

1+ +

n

n

1=

n + 1

2n+1

2

1+

22

2 + + 2

n+1

n + 1

.

b) (Kvant) Let xn be the exponent of2 in the prime factorization of the numerator of2

1+

22

2 + +2

n

n, when written in lowest terms. Prove thatlimn xn=and that

x2n

2n

n + 1

23


24/123

9. a) (Richard Stong) Prove that

v2 4k

2k (1)k2k

k = s2(k) + 2 + 3v2(k),wheres2(k) is the sum of the digits in the base 2 expansion ofk.

b)(IMO Shortlist 2007) Find v2(2n+1

2n 2n2n1).

10. Using Mertens theorem, prove the following results:

a) Iff {, }, then 1x

nx f(n) log log x has a finite limit as x .b) (Turans theorem) There exists a constant c >0 such that for all x we have

nx((n) log log x)2 cx log log x.

c) (Hardy-Ramanujans theorem) , have normal order log log n, i.e. iff {, },then for all >0 we have

limx

1

x

nx|1 < f(n)log log x0.c) Find the greatest common divisor of the numbers 225 2, 325 3, 425 4,....

d) Leta, b, c be integers, not all 0 and such that max(|a|, |b|, |c|)< 106. Show that

|a + b

2 + c

3|> 1021.

2. Let p >2 be a prime. Show that the following statements are equivalent

Every quadratic non-residue mod p is a primitive root mod p.There exists n such that p = 22n + 1.

24


25/123

3. Definea1= 2 and

an+1= 2an+

3(a2n 1)

for n1. Show that an is an integer for all n and that ap 2 (modp) for any oddprimep.4. (harder) Let k and a1, a2,...,ak be fixed integers, each of them being greater than 1.

Show that there are only finitely many k-tuples of prime numbers (p1, p2,...,pk), withthe following property: there exists a positive integer m such that

(ap11 1)(ap22 1)...(apkk 1) =m!.

Bonus: same question, but without assuming that the nis are primes.

5. (harder) Let x, y be distinct complex numbers such that xnynxy is an integer for 4

consecutive positive integers n. Show that it is an integer for all n1.

25


26/123

5 Unique factorization domains-the basics

The purpose of this lecture is to put the fundamental theorem of arithmetic (unique fac-

torization of integers) in a more general context. Again, it will be pretty dry at first, butwell see the power of this approach pretty quickly. Basically all general definitions will beinspired either by the statement or the proof of the fundamental theorem of arithmetic. Inorder to do that, let me recall the basic steps of the proof of this theorem:

First, one checks by an immediate induction that any integer greater than 1is a productof primes.

Next, and this is the most subtle part, on proves that any prime p satisfies: p|abp|aorp|b. This requires a few steps: first, using the division algorithm, one proves the existenceof gcd and Bezouts theorem. We easily deduce Gauss lemma: if a|bc and gcd(a, b) = 1,thena|c. This immediately implies the crucial property of primes introduced above.

Things will get much nastier for general rings, and the purpose of this lecture is to isolate

a class of nice rings, for which arithmetic is exactly as in Z. Doing all this will require a fewpreliminaries. We will need to define divisibility, gcd, primes, etc...

5.1 Domains

Definition 5.2. An integral domain (or simply domain) is a ring R so that ab = 0impliesa= 0 or b = 0. Equivalently, it is a subring of a field.

It is not really clear that the two definitions are equivalent. It is however clear that anysubring of a field satisfies the first condition. To prove the converse, one constructsthe fieldof fractions of R. Its elements are of the form ab , with a R and b= 0. Of course, wedecide that ab =

cd iffad = bc and addition and multiplication are defined in the usual way.

Exercise 5.3. a) Show that Z/nZis a domain iff it is a field iffn is a prime number.b) Is the ring of arithmetic functions a domain?c) (very important) IfR is a domain, then so isR[X]and we havedeg(f g) = deg f+deg g

for all f , gR[X].d) Show that Zp is a domain (use theorem 1.14) and that its field of fractions Qp can

also be described asQp={ a

pn|a Zp, n0}.

We call Qp the field ofp-adic integers.

5.4 Divisibility, associate elementsNext, we generalize the divisibility relation and we introduce the important relation of beingassociate. This will play a key role in the following.

Definition 5.5. Let R be a ring and let a, b R. We say thata divides b if we can findc R such that b = ac. We say thata and b are associate if one can find a unit u of Rsuch thatb= au.

Note that ifa and b are associate, then a divides b and b divides a. The converse doesnot hold in general, but it holds ifR is a domain.

26


27/123

5.6 Irreducibles and primes

LetR be a domain.

Definition 5.7.a) We say that aR is irreducibleifa is not a unit, but we cannot writea as the product of two non-units.

b) We say that aR is prime ifa|bc implies a|b or a|c (here b, c= 0).Example 5.8. a) The irreducibles ofZ are exactlyp, with p a prime number. Also, theprimes ofZ arep. Note the very unfortunate situation... This is due to the fact that Zalso has1 as a unit.

b) LetF be afield. The definition of irreducible inF[X]agrees with the usual definitionof irreducible polynomials. One can check (in the same way as for integers, but well seebelow a much more general statement) that irreducible and prime is the same thing in F[X].

c) You can easily check that 2 is irreducible in Z[3], but not a prime. On the other

hand, it is always true that any prime is irreducible (exercise).Well constantly use the following easy:

Lemma 5.9. Leta, bR be irreducible. Ifa|b, thena is associate to b.Proof. Ifb = ac, thenc must be a unit, as b is irreducible.

5.10 Unique factorization domains-examples

Definition 5.11. A domain R is called a unique factorization domain or UFD if any non-unit element is a product of irreducible elements ofR and

Any irreducible is prime.

Before delving into the arithmetic of UFDs, a natural question is whether there are suchrings.

Example 5.12. a) The discussion in the beginning of this lecture shows that Z is a UFD.Actually, the definition of a UFD was more or less modeled on the proof of the fundamentaltheorem of arithmetic, so this example is not very surprising.

b) Obviously, all fields are UFDs, for the stupid reason that there are no irreducibles atall...

c) It is a deep theorem of Gauss (well see the proof in the next section) that R[X] is aUFD whenever R is a UFD. So F[X] is a UFD when F is a field or F = Z. IfF is a field,there is a much easier proof, following exactly the arguments for Z (see the next lecture for

other similar examples). But the fact that Z[X] is a UFD is already quite nontrivial.d) It is a deep theorem that the ring of arithmetic functions is an UFD.e) The ringZp ofp-adic integers is an UFD. Indeed, we saw that any nonzero element of

Zp can be written uniquely as pku, for k0 andu a unit. This shows that p is the unique

irreducible and prime element, up to units.f) The ring Z of algebraic integers is not an UFD, actually it is as far as it can be from

being an UFD. There are no irreducible elements at all in this ring (nice exercise).g) Well see in the next lecture that Z[

d] with d {2, 1, 2, 3} is UFD. However, for

d > 2, Z[d] is not a UFD: it is easy to check that 2 is irreducible. It is however not a

prime. Indeed, there is x Z such that 2|x2 +d, so if2 were prime, it would divide one ofx

d. This is obviously impossible.

27


28/123

h) Consider the quadratic imaginary field K= Q(d), with d >0 squarefree. A very

deep theorem of Heegner, Baker and Stark shows that OK = K Z is UFD if and only ifd

{1, 2, 3, 7, 11, 19, 43, 67, 163

}.

i) If d > 0 is squarefree and K = Q(d), then one can prove that OK is UFD ford {2, 3, 5, 5, 7, 11, 13, 17, 19, 21, 29, 33, 37, 41, 57, 73}.

5.13 p-adic valuations, again

The following key proposition is a generalization of the fact that a nonzero integer has onlyfinitely many divisors.

Proposition 5.14. LetR be an UFD and letp be an irreducible ofR. IfxR {0}, thenthere exists a largest nonnegative integerk such thatpk|x inR.Proof. Ifx is a unit, it is not a multiple ofp and we are done. Otherwise, x is a product of

finitely many irreducibles. Now, among them some are associate to p, while the others arenot. Collecting those associate to x, we deduce that we can write x= pky, for some k0and some y , which is a product of irreducibles, none associated to p. It is easy to see that pdoes not divide y and we are done again.

We are now ready for a crucial result:

Proposition 5.15. LetR be an UFD and letpR be an irreducible element. There existsa unique mapvp: R {0} Nsuch that

vp(p) = 1.

vp(x + y)

min(vp(x), vp(y)) for allx, y such thatx + y

= 0.

vp(xy) =vp(x) + vp(y). vp(x) = 0 if and only ifp does not dividex.

Proof. Simply define vp(x)to be the largest nonnegative k for whichpk|x. The first, second

and fourth properties are then clear. To prove the third one, write x= pkx1 and y =ply1,

with x1, y1 not multiples ofp. Then xy = pk+l(x1y1) andp does not divide x1y1, because p

is a prime. This proves the third relation. Uniqueness is clear.

5.16 The fundamental theorem of arithmetic

Consider all irreducible elements of an UFD R and partition them into classes, by puttingin a class all irreducibles that are associate. Next, select one element from each class (thisrequires the axiom of choice, but Im one of those guys who prefer not to spend too muchtime on this) and put them in a setP. The fundamental theorem of arithmetic becomes:Theorem 5.17. (fundamental theorem of arithmetic in an UFD)

Any nonzero elementxR can be uniquely written in the form

x= u

pPpnp ,

for a unitu and some nonnegative integersnp, all but finitely many of which are zero.

28


29/123

Proof. First, we prove the existence of the decomposition. Ifx is a unit, we are done (takeu = x and all np = 0). Otherwise,x is a product of irreducibles. Each such irreducible isassociate to somep

P. Collecting all irreducibles associated to a givenp yields the desired

expression for x.Next, we prove uniqueness. It is enough to check that eachnp is uniquely determined by

x. But we havevp(x) =vp(u

qP

qnq) =vp(u) +qP

(qnq).

It is clear that vp(u) = 0 and that vp(qnq) = 0 ifq=p (as then q is not associate to p and

so it does not divide p). Therefore np= vp(x)and it is uniquely determined.

The following result is extremely useful:

Proposition 5.18.(local-global principle) LetR be an UFD and letx, y be nonzero elementsofR. Thenx|y if and only ifvp(x)vp(y) for all irreduciblesp ofR.Proof. This is clear, since x is associate to

pPpvp(x) and y is associate to

pPpvp(y), as

the proof of the fundamental theorem of arithmetic shows.

Note that we can extend the p-adic valuation to the whole field of fractions of R, bydefining

vp

a

b

= vp(a) vp(b).

This is well-defined, since if ab = cd , thenad = bc, sovp(a) + vp(d) =vp(b) + vp(c)and finally

vp(a)

vp(b) =vp(c)

vp(d).

5.19 Gcd

Definition 5.20. LetR be an integral domain and let a, bR. We say thatdR is a gcdofa andb if

d divides both a andb. Ife divides a andb, thend divides e.Note that the gcd of two elements is not uniquely determined (for instance, we can

multiply it by a unit). In Z, there was a way to make it unique, by asking that it shouldbe positive. In other rings, this is impossible, so when speaking about gcds, one must recallthat they are not unique. On the other hand, any two gcds ofa and b must be associate(exercise).

In general, the gcd ofa and b does not exist. On the other hand, we have:

Proposition 5.21. IfR is a UFD, then any two elements have a gcd. Moreover, for eachprimep ofR we have

vp(gcd(a, b)) = min(vp(a), vp(b)).

Proof. This is an easy exercise.

29


30/123


31/123

Now work withz C such thatz2 + z +1 = 0(this is the key step!). We have g(z) = 2g1(z),h(z) = 2h1(z) and f(z) = 2. Putting it together we get2g1(z)h1(z) = 1 or 2F(z) = 1 forsome F

Z[X]. But F(z) is always of the form az+ b with a, b

Z since higher powers

are linearly dependent (z2 =z 1, z3 = 1, z4 =z and so on. . . ). But comparing real andimaginary parts in 2F(z) = 1 yields contradiction.

5.29 A bonus problem

The following result turned out to be pretty useful in quite many situations, so let me mentionit.

Example 5.30. (Romania TST 2004) Let f Z[X] be monic and irreducible such that|a0|is not a square. Then f(X2) is irreducible.

Proof. So take g Z[X] such that g|f(X2) and g is irreducible. Then as f(X2)is even wehave g(X)h(X) =f(X2) =g(X)h(X)for some h Z[X]. Then also g (X)|f(X2). TakeG = gcd(g(X), g(X)), then G|g butas g is irreducible we have G = 1 or G = g.

IfG = 1 we have g(X)g(X)|f(X2)but the LHS is even and so g(X)g(X) =Q(X2)for some Q Z[X]. MoreoverQ(X2)|f(X2) implies Q|f. But f is irreducible so Q = 1(but then g is constant) or Q = fbut in this case we have g(X)g(X) = f(X2) which isimpossible as|a0| is not a square.

IfG = g we have g(X)| g(X) and by symmetry g(X)| g(X) so g(X) =g(X).In case if g is odd we have that a 0 is a root, which would imply a0 = 0 so this case isimpossible. And ifg is even we may write g(X) =P(X2) and by the same argument as in

the case (i) show that either P = 1 or P =fand we are done!

5.31 Problem set

1. Show that2and 1 5are irreducible in Z[5]. Deduce that Z[5]is not an UFD.2. Show that a ring satisfying the fundamental theorem of arithmetic is necessarily UFD.

3. Let R be an UFD and let a, b, cR be nonzero. Show thata) Ifc|ab and gcd(a, c) = 1, thenc|b.

b) Ifa|c, b|c and gcd(a, b) = 1, then ab|c.c) Ifab = cn an gcd(a, b) = 1, thena and b areassociate to nth powers in R.

4. (stupid) Show that a quadratic polynomial with odd coefficients is irreducible in Q[X].

5. (classical) Show that for all p > 2, one of1, 2, 2 is a square in Fp. Deduce thatX4 + 1 is irreducible in Z[X], but its reduction mod p is reducible for all p.

6. (classical) Let a1, a2,...,an be pairwise distinct integers. Then the polynomials (Xa1)...(X an) 1 and (X a1)2...(X an)2 + 1 are irreducible in Z[X].

7. (China TST 2009) Letf Z[X]withdeg f =n, all coefficients are 1and(X1)2k |f.Prove thatn

2k+1

1.

31


32/123

8. (China TST) Find for whicha is f(X) =Xn + aXn1 +pq(n2) reducible over therationals.

9. (IMO 1993) Prove thatXn

+ 5Xn

1

+ 3 is irreducible over the rational numbers forall n >1.

10. If p 3 (mod 4) is a prime, prove that (X2 + 1)n +p is irreducible in Z[X] for alln1.

11. (Romania TST 2006) For p >3 find the number of polynomials Xp +pXk +pXl + 1with1l < k < p that are irreducible in Z[X].

12. Often, studying the roots of a polynomial is very helpful in order to prove its irre-ducibility. Prove the following irreducibility criteria:

a) (Ostrowski) Let f(x) =anXn + an1Xn1 +

+ a0

Z[X] be such that

|a0|>|a1| + |a2| + + |an|

and|a0| is a prime. Then fis irreducible in Z[X].b) (hard, Perrons criterion) Let ai be integers such thatgcd(a0, a1,...,an) = 1,a0= 0and|an1|> 1 + |an2| + + |a0|. Thenf(x) =Xn + an1Xn1 + a0 is irreduciblein Z[X].

13. Some applications of Ostrowskis criterion:

a) Prove that for anyd1 there is a monic f Z[X]of degreed such thatXn + f(X)is irreducible for any n.

b) (MOP 2007) Show that for any f Z[X] nonconstant there are infinitely manyintegersn such that f+ n is irreducible over the rationals.

c)(Romanian TST 1999) Xn +aX+ p is irreducible over Z ifn1 and p is a primestrictly greater than1 + |a|.d) (China TST 2006) Let k, n > 1 and let A1,...,Ak be a partition of the positiveintegers. Show that there exists i and infinitely many irreducible polynomials of degreen with coefficients in Ai.

14. (Balkan 1989) Letp = a0+ a1 10 + ... + an 10n be the decimal expansion of a primeand suppose thatan> 1. Show that a0+ a1X+ ... + anX

n is irreducible inQ[X].

15. (Romania TST 2010) Letp be a prime number, n1 > n2 > np be positive integersandd = gcd(n1, n2, . . . , np). Prove that the polynomial:

P(X) =Xn1 + Xn2 + + Xnp p

Xd 1is irreducible inQ[X].

16. (St. Petersburg 2003) Let n p, a1, , an Z and define f0 = 1, fk =the numberofk-element subsets ofa1, , an that sum to a multiple ofp. Prove thatp|f0 f1+f2 + (1)nfn.

32


33/123

6 Gauss lemma and applications

In this lecture we will discuss a very beautiful result of Gauss and focus then on some of its

consequences.

6.1 Gauss lemma

Iff=a0+ a1X+ ... + anXn R[X]is a nonzero polynomial, we denote by c(f)(and call it

the content of f) a gcd ofa0, a1,...,an. Note thatc(f) is not really well-defined (becausegcds are not unique), but any two contents off are associate. Heres the key point whichwill make everything work in the next section.

Proposition 6.2. (Gauss lemma) For any nonzero polynomials f, g R[X] we havec(f g) =c(f)c(g) up to units.

Proof. By dividing f and g by their contents, we obtain polynomials with content associateto 1. So we may assume that c(f) =c(g) = 1. Well prove that c(f g) is a unit, by provingthat no irreducible p can divide c(f g). Suppose that p divides c(f g), then it divides allcoefficients off g. Then f g = 0 in (R/pR)[X]. But since R/pR is an integral domain, weobtain that f = 0 or g = 0. That is, p divides c(f) or c(g), obviously impossible.

6.3 Gauss theorem

LetR be a an UFD, with field of fractions F. It is easy to check that F[X]is an UFD, usingthe euclidean algorithm (see the next lecture). Wed like to deduce from this thatR[X]itselfis an UFD, by comparing factorizations in R[X] and F[X]. It turns out that you can dothis, but this is fairly not obvious at first sight.

This yields a characterization of the irreducible elements ofR[X], whenR is an UFD. Itis of crucial importance in practice:

Theorem 6.4. LetR be an UFD. An elementfR[X] is irreducible if and only if f is an irreducible element ofR or f isprimitive (i.e. c(f) is a unit) andf is irreducible inF[X].

Proof. The fact that the elements above are indeed irreducibles ofR[X] is immediate andleft to the reader. Well stick to the hard part, proving that these are all irreducibles ofR[X].

Letfbe an irreducible ofR[X], WLOGf nonconstant (otherwise fis an irreducible ofR and we are done). Then f is primitive: indeed, if a primep divided c(f), then we could

writef=pg, for some nonconstant gR[X]. Theng is not a unit in R[X] and so f is notirreducible, a contradiction.

Next (this is the hard part), well prove that fis irreducible inF[X], finishing the proofof the theorem. So, assume that f = gh, with g, h F[X] nonconstant. We can writeg = g1a, h =

h1b , for some g1, h1 R[X] and some a, b R (nonzero). Then abf = g1h1.

Using Gauss lemma and the fact thatfis primitive, we obtain ab= c(g1)c(h1)up to unitsand so (again up to units)

f= g1c(g1)

h1c(h1)

.

The previous equality implies that g1c(g1) or h1c(h1)

is a unit in R[X], in particular constant.But this contradicts the fact that g and h are nonconstant.

33


34/123

We are now in good shape for:

Theorem 6.5. (Gauss) IfR is an UFD, then so isR[X].

Proof. First, well check that any irreducible is prime. Let fbe an irreducible and supposethatf dividesghin R[X]. Sincefis irreducible, it is either a unit or an irreducible ofF[X](by the previous theorem), so we may assume that f divides g in F[X]. So we can finda R {0} and F R[X] such that ag = f F. Gauss lemma yields ac(g) = c(F) up tounits (as f is irreducible, c(f) is a unit). But then, up to units

g= c(g) Fc(F)

f

is a multiple off inR[X] and we are done.Next, well check the existence of prime factorization in R[X]. LetfR[X]be a nonzero

non-unit. As F[X] is an UFD, we can factor f into irreducibles in F[X]. Scaling them, weobtainaR {0}and giR[X]such thatgi is irreducible in F[X]and af=

i gi. Gauss

lemma yields ac(f) =

i c(gi)and so, up to units we have

f=c(f)

i

gic(gi)

.

Each of gic(gi) is primitive and irreducible in F[X], so irreducible inR[X]. It remains to factor

c(f)into irreducibles in R, which can be done as R is an UFD. This finishes the proof of thetheorem.

6.6 Eisensteins criterion

The following irreducibility criterion is rather useful, even though it is far from being uni-versal.

Theorem 6.7. (Eisensteins criterion) Let R be an UFD, p a prime in R and f = a0+a1X+ ...+anX

n R[X], such thatp dividesa0,...,an1, p does not dividean andp2 doesnot dividea0. Thenf is irreducible in(Frac(R))[X].

Proof. By dividingfby its content, we obtain a polynomial with the same properties (note

that p does not divide the content). So, we may assume that f is primitive and then itis enough to check that f is irreducible in R[X]. Suppose that f = gh, with g, h R[X]not units. As f is primitive, we have deg(g), deg(h) > 0. Reducing everything modulo p,we obtain anX

n = g h. That means that g = aXi and h = bXni for some a, b R. If0< i < n, thenp divides bothg(0)and h(0)and sop2 dividesa0, a contradiction. Lets sayi= 0, then deg(h)n and so deg(h)n, a contradiction as g is nonconstant.

The following is an absolute classic:

Example6.8. The polynomial f(X) =Xp1 + + X+ 1 is irreducible.

34


35/123

Proof. Note that f(X) is irreducible ifff(X+a) is irreducible (a Z). Using this we sumup the geometrical progression to get

f(X+ 1) = (X+ 1)p

1X

=Xp1 + p1Xp2 + + p

p 1and we are done by Eisenstein as p|pa for 0a < p.

Let me mention the following very useful corollary, that is used a lot in counting problems:

Corollary 6.9. Ifa0, a1,...,ap1 are rational numbers such thata0 + a1z + ...+ ap1zp1 = 0for somepth root of the unityz= 1, thena0= a1 = ... = ap1.

6.10 An important application of Gauss lemma

Recall that Z is the ring of algebraic integers, i.e. complex numbers killed by some monicpolynomial with integer coefficients. Also, Q is the field of algebraic numbers, i.e. thosekilled by a polynomial with rational (equivalently, integer) coefficients.

Definition 6.11. Ifx Q, let x (the minimal polynomial ofx) be the monicpolyno-mial ofsmallest degree such that x(x) = 0.

The following result is a simple application of the division algorithm, but it is absolutelyessential.

Proposition 6.12. Letx Q. Thenx is irreducible inQ[X]. Moreover, for a polynomialf Q[X], we havef(x) = 0 if and only ifx dividesf inQ[X].Proof. Suppose thatx= f g, for some nonconstantf, gQ[X], which may be taken monic.Then one off or g vanishes at z and has degree smaller than x, a contradiction. Sox isirreducible in Q[X]. The only nontrivial point that remains to be proved is that x dividesf whenever f Q[X] and f(x) = 0. Use the division algorithm to write f =qx+r withr = 0 or deg(r) < deg(x). Suppose that r= 0. Since f and x vanish at x, so does r.By scaling r, we may assume that r is monic. Since deg(r)< deg(x), this contradicts thedefinition ofx.

Heres an important application of Gauss lemma.

Theorem 6.13. Letx Z. Thenx has integer coefficients. HenceZ ={x Q|x Z[X]}.

Proof. Take a nonzero polynomial f Z[X] killing x. By the previous proposition thereexists g Q[X] such that f = x g. Choose d1, d2 N with d1g, d2x Z[X] andwrite d1d2f = (d1g)(d2x). Thend1d2= c(d1d2f) =c(d1g)c(d2x) by Gauss lemma. Next,c(d1, g)|d1 and c(d2x)|d2, since g, x are monic. Thus c(d2x) =d2, hence x Z[X].

With this result in hand, it is easy to find the algebraic integers in a quadratic field:

35


36/123

Theorem 6.14. Letd= 0, 1be a squarefree integer and letK= Q(d). ThenOK= Z[

d]

ford2, 3 (mod 4) andOK= Z

1+

d2

whend1 (mod 4).

Proof. LetR = Z[d] whend2, 3 (mod 4)andR = Z 1+d2 when d1 (mod 4). It iseasy to see thatROK(note that 1+

d

2 is a root ofX2 X+ 1d4 ). We need to prove the

opposite inclusion.Letx = a + b

dOK, witha, b Q. Ifb = 0, we are done, since we know that OZ= Z.

So, suppose thatb= 0. Thenx= (X a)2 b2d. Indeed,(X a)2 b2dvanishes atx andno linear polynomial with rational coefficients vanishes at x (as x / Q). Hence, the previoustheorem yields 2a Z and a2 b2d Z. From here, it is very easy to conclude.

6.15 Problem set

The following problems are not related to the previous lecture, but they are nice...

1. a) (Iran TST) Let n 2 and let a1, a2, . . . , an be positive integers, not all of themequal. Prove that there are infinitely many prime numbers p with the property: thereexists a positive integer k such that

p|ak1+ ak2+ + aknb) (Iran TST 2009) Let a be a positive integer. Prove that the set of prime divisors of22

n+ a for n = 1, 2, is infinite.

2. Let f

Z[X] such that pk divides f(x) for all x

Z. Ifk

p, prove that there are

polynomials g0, g1,...,gk Z[X] such that

f(X) =k

i=0

pki(Xp X)i gi(X).

3. (China TST 2007) Let n > 2 be an integer. Prove that n is a prime if and only ifthe following property holds: any equiangularn-gon with rational sides is regular. Anequiangular polygon is by definition a convex polygon all of whose angles are equal.

4. (China TST 2004) Let a > 1 and n 1. Show that there is a polynomial f withintegral coefficients, of degree n and such that f(0), f(1),...,f(n) are distinct positive

integers, each of the form 2ak

+ 3 for some integer k .

5. (USA TST 2009) Consider all polynomialsfof degreenwhich send integers to integersand all integers a, b for which f(a)= f(b). What is the least possible value of theexpression

f(a)f(b)ab ?6. (USA TST 2010) LetPbe a polynomial with integer coefficients such that P(0) = 0

andgcd(P(0), P(1), P(2), . . .) = 1.

Show there are infinitely many n such that

gcd(P(n)

P(0), P(n + 1)

P(1), P(n + 2)

P(2), . . .) =n.

36


37/123

7. (IMO Shortlist 1996, hard) For a given even integern, find the least positive integer ksuch that one can find polynomials f , g with integer coefficients such that

f(X)(X+ 1)

n

+ g(X)(X

n

+ 1) =k.

8. (China TST 2009, hard) Prove the existence of a constantc >0 with the property: forany prime p there are at most cp2/3 numbersn for which p divides n! + 1.

9. (USA TST 2005) Say a polynomial with integral coefficientsfis special if for anyk >1there are infinitely many numbers relatively prime to kin the sequence f(1), f(2), f(3),....Choose randomly a monic polynomial of degreenwith coefficients1, 2,...,n!(each coef-ficient is one of these numbers). Prove that the probability that the chosen polynomialis special is between0.71 and0.75.

10. (IMO Shortlist 2005, hard) Suppose that f is a polynomial of degree at least 2, with

positive leading coefficient and integral coefficients. Show that there is n such thatf(n!)is composite.

11. (generalization of USA TST 2008, hard) Suppose thatn is a positive integer. Considerall sequences (x1, x2,...,xn) with xi Z/nZ. For how many of these can we find apolynomial fwith integer coefficients such that f(i) (modn) =xi for all i?

7 The euclidean algorithm

The classical proof of the fact that Z is an UFD crucially uses the division algorithm. Thismay seem rather elementary and natural, but it does not generalize very well and most of

the interesting rings do not have a division algorithm. The purpose of this lecture is to defineeuclidean rings, give some important examples and prove that they are UFD. Therefore insuch rings we will have the fundamental theorem of arithmetic and this will have some verynice applications (see the next lecture).

Ok, now lets make again an abstract definition:

Definition 7.1. An integral domain R is called an euclidean domain if we can find afunction deg :R {0} Nsuch that:

for any a, b in R, with b= 0we can write a = bq+ r, with r = 0 or deg(r)< deg(b).Tricky point: ifR is euclidean, then we can choose such a function deg, which moreover

satisfies deg(ab)deg(a) for all a, b. Indeed, I will leave as a funny exercise to check that

a minb=0deg(ab) yields a new degree map, which satisfies all required properties. So,from now on I will assume that deg(ab)deg(a) for all a, b.For instance, Z is euclidean fordeg(n) =|n|. Heres another important class of euclidean

rings.

Theorem 7.2. IfF is afield, thenF[X] is euclidean for the usual degree map.

Proof. We need to prove that for any f , gF[X] withg= 0, we can write f=qg+ r, withr= 0 or deg(r)< deg(g). We do it by induction on deg f. Ifdeg f


38/123

The hypothesis that F should be a field is crucial. For instance, Z[X] is not euclideanfor the usual degree map (and actually it is not euclidean for any degree map). Indeed, tryto divide X2 + 1 by 2X+ 1 in Z[X]. On the other hand, we saw that Z[X] is an UFD. So

being UFD does not imply being euclidean. Well see on the other hand that all euclideanrings are UFD. This is a very important theorem!

Example7.3. a) Its a theorem of Motzkin that Z

1+d2

is an UFD (even a principal ideal

domain) ford {19, 43, 67, 163}, but it is not euclidean.b) Chatland, Davenport, Inkeri, Barns and Swinnerton-Dyer proved the following beau-

tiful theorem: ifd= 0, 1 is a squarefree integer and K = Q(d), then OK is euclidean forits usual norm map if and only if

d {11, 7, 3, 2, 1, 2, 3, 5, 6, 7, 11, 13, 17, 19, 21, 29, 33, 37, 41, 57, 73}.

c) Its only in 2004 that M.Harper proved that Z[

14] is euclidean (for some exotic

degree map). Also, it is a recent theorem of D.A.Clark that the ring of integers ofQ(69)is euclidean (again, it is not euclidean for the standard norm map).

d) Another deep result of Montgomery and Masley is that there are precisely 30 integers

n such that Z[e2in ] is euclidean. They are

1, 3, 4, 5, 7, 8, 9, 11, 12, 13, 15, 16, 17, 19, 20, 21, 24, 25, 27, 28, 32, 33, 35, 36, 40, 44, 45, 48, 60, 84.

e) Q( 3

m) is euclidean for the usual norm if and only ifm {2, 3, 10} (Cioffari).Lets consider now a negativesquarefree d and setK= Q(

d). Setdeg(x) =|x x| for

xK (here x is the complex conjugate ofx). This is the absolute value of the usual normon K.

Theorem 7.4. OKis euclidean with respect todeg if and only ifd {1, 2, 3, 7, 11}.Proof.

Lemma 7.5. OKis euclidean fordeg is and only if for allzKone can findqOK suchthatdeg(z q)< 1.Proof. Suppose that OK is euclidean for deg. Let z =

ab K, with a, b OK. Write

a= bq+ r, withr = 0 or deg(r)< deg(q). Ifr = 0, we have zOKand we can take q= z.If not, we have

deg(z

q) = deg(

r

b

) = deg(r)

deg(b)


39/123

First, suppose thatOKis euclidean. Lets consider first the cased2, 3 (mod 4), so thatOK = Z[

d]. By the lemma, we can find q= a +b

dOK such that deg( 1+

d

2 q)< 1.We deduce that

1> 12 a2 d1

2 b2 1 d

4 ,

sod >3. Similarly, ifd1 (mod 4), one chooses z = 1+

d4 in the lemma and one obtains

d deg(a) ifb is not a unit.

Proof. Writea = qab + r, avec r = 0 ou deg(r)< deg(ab). We cannot have r = 0, otherwiseb would be a unit. So deg(ab)> deg(r) = deg(a(1

qb))

deg(a)and we are done.

We can now prove the easy half of the theorem:

Corollary 7.9. If R is euclidean, then each nonzero non-unit is a product of irreducibleelements.

Proof. Well prove by induction on deg(a) that a is a product of irreducibles (here a= 0 isa non unit). Ifdeg(a) = 0, thena is irreducible (by the previous proposition). Suppose thatthe result holds when for elements of degree less than k and take a for whichdeg(a) =k. Ifa is irreducible, we are done. Otherwise writea = bc, with b, c non units. Then deg(b) 0 and y0.

On the other hand, the previous proposition yields

Q(i)(s) = 1

1 2s

p1 (mod 4)

1(1 ps)2

q3 (mod 4)

11 qs =

=p

1

1 psp

1

1 (p)ps ,

where (p) = 1 if p 1 (mod 4) and (p) =1 if p 1 (mod 4) (with (2) = 0).Extending to Nby multiplicativity, we finally obtain

Q(i)(s) =

n1

1

ns

n1

(n)

ns

.Expanding and identifying coefficients, we obtain the following beautiful

Theorem 7.13. We have f(n) =

d|n (n) for all n. The number of solutions of theequationx2 + y2 =n withx, y Z is4d|n (d).

Since is multiplicative, so is f(n). It is then easy to compute the explicit value ofd|n (d) and we obtain:

Corollary 7.14. The equation x2 +y2 = n has integer solutions iff vp(n) is even for allprimesp3 (mod 4). In this case, it has4 p1 (mod 4)(1 + vp(n)) solutions.

Let = 1+3

2 , so that the ring of integers inQ(3) is Z[]. The associated norm

is then

N(a + b) = (a + b)(a + b) =a2

ab + b2

.Proposition 7.15.a) The units ofZ[] are1, , 2.

b) A set of representatives for the primes ofZ[] (up to being associate) is given by thefollowing list:

rational primesq2 (mod 3). Z[] such that = p for some primep1 (mod 3). 1 .

Proof. a) An element a + b is a unit iffN(a + b) = 1, i.e. iff(2a b)2 + 3b2 = 4. The restis immediate.

b) Let be a prime, then|N(), so divides a rational prime p dividingN(). So, weneed to determine the prime factorization of rational primes.

Suppose that p 2 (mod 3). Then p is a prime in Z[]. Indeed, otherwise we canwrite p = ab, with a, b Z[] non units. Passing to units, we see that p = N(a) = N(b).But the congruence a2 ab + b2 2 (mod 3) is impossible.

Suppose thatp1 (mod 3). Then(Z/pZ) has an element of order 3 (as it is a cyclicgroup of order p 1) and so we easily get the existence of some x Z such that p dividesx2 + x + 1. Thenp divides (2x + 1)2 + 3. Ifp was a prime in Z[], thenp would divide oneof2x + 1 3, which is clearly not the case. So p is not irreducible, and since its norm is

p2, we must have p = for some prime . Finally, we easily check that 3 =2(1 )2 and that 1 is a prime (its norm is

3). The result follows.

41


42/123

7.16 Euclidean rings and diophantine equations

Theorem 7.17. (Fermat) The integer solutions of the equationy2 =x3 2 are(3, 5).

Proof. Well work in the UFD R = Z[2] and write the equation asx3 = (y+

2)(y 2).

We claim thaty +2and y 2are relatively prime. Ifd is a prime ofR which divides

y 2, then it divides 22 and x. So its norm divides8 and also x2. But its easy tosee that x is odd, so d has norm 1, contradicting the fact that its a non unit.

We deduce thaty +2is associate to a third power in R. However, the units ofR are

1, and both are cubes in R. Hence we can find integers a, b such that

y+2 = (a + b2)3.

Expanding, we obtainy = a(a2 6b2), 1 =b(3a2 2b2).

From here, everything follows with no difficulty.

Remark 7.18. A deep theorem of Mordell ensures that the equation y 2 =x3 + k has finitelymany integer solutions, for each k= 0. However, it typically has infinitely many rationalsolutions. We deduce that for any Nwe can find k= 0 such that the equation y2 =x3 +khas more thanN integer solutions. For instance, y2 =x3 47has integer solutions(6, 13),(12, 41), (63, 500).Theorem 7.19. The equationy2 =x3 1 has the only integer solution(1, 0).Proof. Work in the UFD R = Z[i]and write the equation (y + i)(y i) =x3. Ifp is a primeofR which divides y + iand y i, it also divides 2i= (1 + i)2i, so it divides1 + i. Hence theonly prime divisor ofy i is 1 + i. Using this and the fact that y must be even, we easilydeduce thaty + i and y iare actually relatively prime. Again, all units ofR are cubes, soy + i= (a + ib)3 for some integersa, b. We obtainy = a(a2 3b2)and 1 =b(3a2 b2), fromwhich the result follows easily.

It is much more challenging to solve in integers the equation y 2 =x3 + 1. Indeed, if we

try to follow the same approach as above, we obtain the equation a3

2b3

= 1, which is noteasy to solve. Another equation which requires quite a lot of work is:

Theorem 7.20. (Ramanujan-Nagell) The integer solutions of the equationx2 + 7 = 2n arex=1, 3, 5, 11, 181 andn= 3, 4, 5, 7, 15.

7.21 Problem set 1

1. Find the integer solutions of the equationx2 + y2 =zn, wheren >1 and gcd(x, y) = 1.

2. Solve in integersx2 + 8 =y3.

3. Let S={

a2 + 2b2

|a, b

Z, b

= 0

}and let p be a prime such that p2

S. Thenp

S.

42


43/123

4. a) Show that an odd primep can be written in the form a2 2b2 for some integersa, biffp 1 (mod 8).b) Show that an odd prime p can be written in the form a2 + 2b2 iffp

1 (mod 8) or

p3 (mod 8).5. a) Find allz Z[i] for which one can find n1 such that z n R.

b) Show that the only rational values tan(k/n)can take (wherek, nare integers) are0, 1, 1.

6. Show thatZ[

d] is euclidean for d {2, 3, 6}.7. Solve in integers the equation y 2 + 1 =xn, where n >1.

8. LetR be an UFD and let x, y ,z ,w be nonzero elements ofR such thatxy = zw . Showthat we can findm,n, p, q

R such that gcd(n, p) = 1 and

x= mn, y= pq, z = mp, w= nq.

9. a) Let a, b, c, d be positive integers such that a2 +b2 = cd. Show that we can findintegersx, y, z ,w,t such that

a= t(xz yw), b= t(xw+ yz), c= t(x2 + y2), d= t(z2 + w2).

b) Leta, b be integers such that a|b2 + 1. Show that a is a sum of two squares.10. Let a > b > c > d be positive integers such that

a2

ac + c2 =b2 + bd + d2.

Show that ab + cdis composite.

11. Solve in integers 13x + 3 =y2.

8 Finite fields

Just as sometimes one needs to work with algebraic inters instead of rational integers (tryto solve the equation x3 =y 2 1 by staying only in the ring of rational integers and youllsee what happens...), it is useful to work in finite field extensions ofFp = Z/pZ. These areprecisely those fields which have a finite number of elements and which contain Fp. In this

chapter well try to work a bit with these fields, by insisting once more on their applications.

8.1 First construction of finite fields

We will fix a prime number p and an algebraic closure Fp of the field Fp = Z/pZ. Recallthat this means that Fp is a field such that

anyx Fp is a root of some nonzero polynomial f Fp[X] any f Fp[X] has at least one root in Fp (which actually implies that it splits into

linear factors over Fp).It is a rather nontrivial theorem of Steinitz that any field has an algebraic closure and

any two algebraic closures are isomorphic.Let us glorify the following easy result, which will be constantly used in this chapter:

43


44/123

Proposition 8.2. Let p be a prime and let A be a ring such that1 pa = 0 for all a A.Then for all powersq ofp and for alla1, a2,...,anA we have

(a1+ a2+ ... + an)q

=aq1+ a

q2+ ... + a

qn.

Proof. By induction on n, we may assume that n = 2. Then everything follows from theusual binomial formula, the hypothesis on A and the fact that

qi

0 (mod p) for any1i < q.

Ifqis a power ofp, letFq ={x Fp|xq =x}.

We have the following easy, but crucial result:

Theorem 8.3. Fq is the unique field withq elements contained inFp.

Proof. First, let us check that Fq is a field. It is clearly stable by multiplication and stabilityunder addition follows from the previous proposition. Fq hasqelements since X

q X splitsinto linear factors overFp (because Fp is algebraically closed) and all of these linear factorsare distinct (because Xq Xis prime to its derivative1).

Let us consider now a subfield L ofFp with q elements. As L is a group with q1

elements, Lagranges theorem yields xq1 = 1 for all xL. Thus xq =x for all xL andsoL Fq. A cardinality argument finishes the proof.

Actually, one can prove that any finite field has a cardinality which is a power of a prime(basically by Cauchys theorem for groups or by basic linear algebra for those who know it).So the previous theorem says that the converse is true: if I have a power of a prime, I can

construct a field with that cardinality.

8.4 Second construction: finding an irreducible polynomial over Fp

The previous construction is very neat, but it doesnt say how to construct in practice a finitefield. Another important construction of finite fields is as follows: suppose thatf Fp[X]isirreducible, of degreen. The ring Fp[X]is euclidean and an easy division algorithm argumentshows that Fp[X]/f has p

n elements (indeed, the division algorithm shows that a system ofrepresentatives for the residue classes modulo f is given by polynomials of degree at mostn1). On the other hand, Fp[X]/fis an integral domain, since fis irreducible and Fp[X]isan UFD. So Fp[X]/fis a field with p

n elements (see a lemma in the first lecture on UFDs).

Now, the hard point is proving that for any n one can find an irreducible polynomialof degree n over Fp. This is much harder than the analogous statement over the rationals(Eisensteins criterion shows that Xn 2 is irreducible over the rationals, but there is noanalogue of this over Fp). Well actually prove the existence by a combinatorial argument,without exhibiting any irreducible polynomial of degree n. Heres the main result:

Theorem 8.5. For alln1, there exists an irreducible polynomialf Fp[x], of degreen.I need one more preliminary. The following theorem is proved is exactly the same way

as the existence of primitive roots mod p:

1We say that A has characteristic p.

44


45/123

Theorem 8.6. IfK is a finite field, thenK is a cyclic group, that is there existsxKof order|K| 1.

Lets come back to the proof of the existence of irreducible polynomials of a given degree.Well actually find an explicit formula for their number!

Theorem 8.7. The product of the irreducible monic polynomials f Fq[X], such thatdeg(f)|n isXqn X.Proof. Let Pbe this product. Note that Xq

n Xis squarefree in Fq[X], as it is relativelyprime to its derivative, which is1. Thus, in order to prove that P =Xqn X, it is enoughto check that they have the same monic irreducible factors.

Let fbe a monic irreducible factor ofXqn X, say deg(f) = d. We need to provethat d|n. Then L = Fq[X] is a field with qd elements. We claim that xqn =x for all xL.Suppose we managed to prove this. Then, sinceL is cyclic we can choose x

L of order

qd 1, so that xqn

= x gives qd 1|qn 1, and finally d|n. To prove the claim, writex= a0+ a1X+ + ad1Xd1 and use the first proposition of the lecture to write

xqn

= (a0+ a1X+ + ad1Xd1)qn

=aqn

0 + aqn

1 xqn + = a0+ a1Xqn + + ad1Xqn(d1)

=a0+ a1X+ + ad1Xd1 =x.Let f Fq[X]irreducible, monic, of degree d|n. We will prove thatf|Xqn X. Again,

L= Fq[X]/f is a finite field with qd elements, so by Lagranges theorem we have Xq

d= X.

Since d

|n, it follows that Xq

n= X, which is exactly what we needed.

Corollary 8.8. If Nn is the number of irreducible pol

Date post:	09-Feb-2018
Category:	Documents
Upload:	georgiana-zavoi
View:	240 times
Download:	7 times

Gabriel Dospinescu -Teoria Numerelor

Documents