Algebraic Number Theory

Algebraic Number Theory
J.S. Milne
Version 3.01
September 28, 2008
An algebraic number field is a finite extension of Q; an algebraic number is an element
of an algebraic number field. Algebraic number theory studies the arithmetic of algebraic
number fields — the ring of integers in the number field, the ideals and units in the ring of
integers, the extent to which unique factorization holds, and so on.
An abelian extension of a field is a Galois extension of the field with abelian Galois
group. Class field theory describes the abelian extensions of a number field in terms of the
arithmetic of the field.
These notes are concerned with algebraic number theory, and the sequel with class field
theory. The original version was distributed during the teaching of a second-year graduate
course.
BibTeX information
@misc{milneANT,
author={Milne, James S.},
title={Algebraic Number Theory (v3.01)},
year={2008},
note={Available at www.jmilne.org/math/},
pages={155+viii}
}
v2.01 (August 14, 1996). First version on the web.

v2.10 (August 31, 1998). Fixed many minor errors; added exercises and an index; 138
pages.
v3.00 (February 11, 2008). Corrected; revisions and additions; 163 pages.
v3.01 (September 28, 2008). Fixed problem with hyperlinks; 163 pages.
Available at www.jmilne.org/math/
Please send comments and corrections to me at the address on my web page.
The photograph is of the Fork Hut, Huxley Valley, New Zealand.
Copyright 1996,
c 1998, 2008, J.S. Milne.
Single paper copies for noncommercial personal use may be made without explicit permis-
sion from the copyright holder.
Contents
Contents 2
Notations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1 Preliminaries from Commutative Algebra 7

Basic definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Ideals in products of rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Noetherian rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Noetherian modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Local rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Rings of fractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
The Chinese remainder theorem . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Review of tensor products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2 Rings of Integers 18
First proof that the integral elements form a ring . . . . . . . . . . . . . . . . . . 18
Dedekind’s proof that the integral elements form a ring . . . . . . . . . . . . . . 19
Integral elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Review of bases of A-modules . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Review of norms and traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Review of bilinear forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Discriminants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Rings of integers are finitely generated . . . . . . . . . . . . . . . . . . . . . . . 28
Finding the ring of integers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Algorithms for finding the ring of integers . . . . . . . . . . . . . . . . . . . . . 33
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3 Dedekind Domains; Factorization 39

Discrete valuation rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Dedekind domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Unique factorization of ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
The ideal class group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
2
Discrete valuations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Integral closures of Dedekind domains . . . . . . . . . . . . . . . . . . . . . . . 49
Modules over Dedekind domains (sketch). . . . . . . . . . . . . . . . . . . . . . 50
Factorization in extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
The primes that ramify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Finding factorizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Examples of factorizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Eisenstein extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
4 The Finiteness of the Class Number 61

Norms of ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Statement of the main theorem and its consequences . . . . . . . . . . . . . . . . 63
Lattices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Some calculus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Finiteness of the class number . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Binary quadratic forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5 The Unit Theorem 78

Statement of the theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Proof that UK is finitely generated . . . . . . . . . . . . . . . . . . . . . . . . . 80
Computation of the rank . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
S -units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Example: CM fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Example: real quadratic fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Example: cubic fields with negative discriminant . . . . . . . . . . . . . . . . . 85
Finding .K/ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Finding a system of fundamental units . . . . . . . . . . . . . . . . . . . . . . . 87
Regulators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
6 Cyclotomic Extensions; Fermat’s Last Theorem. 89

The basic results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Class numbers of cyclotomic fields . . . . . . . . . . . . . . . . . . . . . . . . . 95
Units in cyclotomic fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
The first case of Fermat’s last theorem for regular primes . . . . . . . . . . . . . 96
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
7 Valuations; Local Fields 99

Valuations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Nonarchimedean valuations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Equivalent valuations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Properties of discrete valuations . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Complete list of valuations for the rational numbers . . . . . . . . . . . . . . . . 103
The primes of a number field . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
The weak approximation theorem . . . . . . . . . . . . . . . . . . . . . . . . . 107
Completions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Completions in the nonarchimedean case . . . . . . . . . . . . . . . . . . . . . . 109
Newton’s lemma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Extensions of nonarchimedean valuations . . . . . . . . . . . . . . . . . . . . . 116
Newton’s polygon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Locally compact fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Unramified extensions of a local field . . . . . . . . . . . . . . . . . . . . . . . 120
Totally ramified extensions of K . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Ramification groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Krasner’s lemma and applications . . . . . . . . . . . . . . . . . . . . . . . . . 124
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
8 Global Fields 128

Extending valuations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
The product formula . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Decomposition groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
The Frobenius element . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Computing Galois groups (the hard way) . . . . . . . . . . . . . . . . . . . . . . 137
Computing Galois groups (the easy way) . . . . . . . . . . . . . . . . . . . . . . 137
Applications of the Chebotarev density theorem . . . . . . . . . . . . . . . . . . 142
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
A Solutions to the Exercises 145
B Two-hour examination 151
Bibliography 152
Index 154
Notations.
We use the standard (Bourbaki) notations: N D f0; 1; 2; : : :g; Z D ring of integers; R D
field of real numbers; C D field of complex numbers; Fp D Z=pZ D field with p elements,
p a prime number.
For integers m and n, mjn means that m divides n, i.e., n 2 mZ. Throughout the notes,
p is a prime number, i.e., p D 2; 3; 5; : : :.
Given an equivalence relation, Œ denotes the equivalence class containing . The
empty set is denoted by ;. The cardinality of a set S is denoted by jSj (so jS j is the number
of elements in S when S is finite). Let I and A be sets; a family of elements of A indexed
by I , denoted .ai /i 2I , is a function i 7! ai W I ! A.
X Y X is a subset of Y (not necessarily proper);
def
X D Y X is defined to be Y , or equals Y by definition;
X Y X is isomorphic to Y ;
X ' Y X and Y are canonically isomorphic (or there is a given or unique isomorphism);
,! denotes an injective map;
denotes a surjective map.
It is standard to use Gothic (fraktur) letters for ideals:
a b c m n p q A B C M N P Q
a b c m n p q A B C M N P Q
Prerequisites
The algebra usually covered in a first-year graduate course, for example, Galois theory,
group theory, and multilinear algebra. An undergraduate number theory course will also be
helpful.
References
In addition to the references listed at the end and in footnotes, I shall refer to the following
of my course notes (available at www.jmilne.org/math/):
GT Group Theory, v3.00, 2007.
FT Fields and Galois Theory, v4.20, 2008.
CFT Class Field Theory, v4.00, 2008.
Acknowledgements
I thank the following for providing corrections and comments for earlier versions of these
notes: Vincenzo Acciaro; Giedrius Alkauskas; Dustin Clausen; Keith Conrad; Loy Jiabao,
Jasper; Lee M. Goswick; Samir Hasan; Lars Kindler; Franz Lemmermeyer; Bijan Mohebi;
Wai Yan Pong; Nicolás Sirolli; Thomas Stoll; Vishne Uzi; and others.
PARI is an open source computer algebra system freely available from http://pari.math.u-
bordeaux.fr/.
D RAMATIS P ERSONÆ
F ERMAT (1601–1665). Stated his last “theorem”, and proved it for m D 4. He also posed
the problem of finding integer solutions to the equation,
X2 AY 2 D 1; A 2 Z; (1)
p
which is essentially the problem1 of finding the units in ZŒ A. The English mathemati-
cians found an algorithm for solving the problem, but neglected to prove that the algorithm
always works.
E ULER (1707–1783). He introduced analysis into the study of the prime numbers, and he
discovered an early version of the quadratic reciprocity law.
L AGRANGE (1736–1813). He found the complete form of the quadratic reciprocity law:

p q
D . 1/.p 1/.q 1/=4 ; p; q odd primes,
q p
and he proved that the algorithm for solving (7) always leads to a solution,

L EGENDRE (1752–1833). He introduced the “Legendre symbol” m p , and gave an incom-
plete proof of the quadratic reciprocity law. He proved the following local-global principle
for quadratic forms in three variables over Q: a quadratic form Q.X; Y; Z/ has a nontrivial
zero in Q if and only if it has one in R and the congruence Q 0 mod p n has a nontrivial
solution for all p and n.
G AUSS (1777–1855). He found the first complete proofs of the quadratic reciprocity law.
He studied the Gaussian integers ZŒi in order to find a quartic reciprocity law. He studied
the classification of binary quadratic forms over Z, which is closely related to the problem
of finding the class numbers of quadratic fields.
D IRICHLET (1805–1859). He introduced L-series, and used them to prove an analytic for-
mula for the class number and a density theorem for the primes in an arithmetic progression.
He proved the following “unit theorem”: let ˛ be a root of a monic irreducible polynomial
f .X/ with integer coefficients; suppose that f .X / has r real roots and 2s complex roots;
then ZŒ˛ is a finitely generated group of rank r C s 1.
K UMMER (1810–1893). He made a deep study of the arithmetic of cyclotomic fields, mo-
tivated by a search for higher reciprocity laws, and showed that unique factorization could
be recovered by the introduction of “ideal numbers”. He proved that Fermat’s last theorem
holds for regular primes.
H ERMITE (1822–1901). He made important contributions to quadratic forms, and he showed
that the roots of a polynomial of degree 5 can be expressed in terms of elliptic functions.
E ISENSTEIN (1823–1852). He published the first complete proofs for the cubic and quartic
reciprocity laws.
K RONECKER (1823–1891). He developed an alternative to Dedekind’s ideals. He also had
one of the most beautiful ideas in mathematics for generating abelian extensions of number
fields (the Kronecker liebster Jugendtraum).
R IEMANN (1826–1866). Studied the Riemann zeta function, and made the Riemann hy-
pothesis.
1 The Indian mathematician Bhaskara (12th century) knew general rules for finding solutions to the equa-
tion.
D EDEKIND (1831–1916). He laid the modern foundations of algebraic number theory by
finding the correct definition of the ring of integers in a number field, by proving that ideals
factor uniquely into products of prime ideals in such rings, and by showing that, modulo
principal ideals, they fall into finitely many classes. Defined the zeta function of a number
field.
W EBER (1842–1913). Made important progress in class field theory and the Kronecker
Jugendtraum.
H ENSEL (1861–1941). He gave the first definition of the field of p-adic numbers (as the set
of infinite sums 1 n
P
nD k an p , an 2 f0; 1; : : : ; p 1g).
H ILBERT (1862–1943). He wrote a very influential book on algebraic number theory in
1897, which gave the first systematic account of the theory. Some of his famous problems
were on number theory, and have also been influential.
TAKAGI (1875–1960). He proved the fundamental theorems of abelian class field theory,
as conjectured by Weber and Hilbert.
N OETHER (1882–1935). Together with Artin, she laid the foundations of modern algebra
in which axioms and conceptual arguments are emphasized, and she contributed to the
classification of central simple algebras over number fields.
H ECKE (1887–1947). Introduced Hecke L-series generalizing both Dirichlet’s L-series and
Dedekind’s zeta functions.
A RTIN (1898–1962). He found the “Artin reciprocity law”, which is the main theorem of
class field theory (improvement of Takagi’s results). Introduced the Artin L-series.
H ASSE (1898–1979). He gave the first proof of local class field theory, proved the Hasse
(local-global) principle for all quadratic forms over number fields, and contributed to the
classification of central simple algebras over number fields.
B RAUER (1901–1977). Defined the Brauer group, and contributed to the classification of
central simple algebras over number fields.
W EIL (1906–1998). Defined the Weil group, which enabled him to give a common gener-
alization of Artin L-series and Hecke L-series.
C HEVALLEY (1909–84). The main statements of class field theory are purely algebraic,
but all the earlier proofs used analysis; Chevalley gave a purely algebraic proof. With his
introduction of idèles he was able to give a natural formulation of class field theory for
infinite abelian extensions.
I WASAWA (1917–1998). He introduced an important new approach into algebraic number
theory which was suggested by the theory of curves over finite fields.
TATE (1925– ). He proved new results in group cohomology, which allowed him to give
an elegant reformulation of class field theory. With Lubin he found an explicit way of
generating abelian extensions of local fields.
L ANGLANDS (1936– ). The Langlands program2 is a vast series of conjectures that, among
other things, contains a nonabelian class field theory.
2 Notto be confused with its geometric analogue, sometimes referred to as the geometric Langlands pro-
gram, which appears to lack arithmetic significance.
INTRODUCTION 1
Introduction
It is greatly to be lamented that this virtue of
the [rational integers], to be decomposable into
prime factors, always the same ones for a given
number, does not also belong to the [integers of
cyclotomic fields].
Kummer 1844 (as translated by André Weil)
The fundamental theorem of arithmetic says that every nonzero integer m can be writ-
ten in the form,
m D ˙p1 pn ; pi a prime number,
and that this factorization is essentially unique.
Consider more generally an integral domain A. An element a 2 A is said to be a unit if
it has an inverse in A (element b such that ab D 1 D ba). I write A for the multiplicative
group of units in A. An element of A is said to prime if it is neither zero nor a unit, and if
jab H) ja or jb:
If A is a principal ideal domain, then every nonzero element a of A can be written in the
form,
a D u1 n ; u a unit; i a prime element;
and this factorization is unique up to order and replacing each i with an associate, i.e.,
with its product with a unit.
Our first task will be to discover to what extent unique factorization holds, or fails to
hold, in number fields. Three problems present themselves. First, factorization in a field
only makes sense with respect to a subring, and so we must define the “ring of integers”
OK in our number field K. Secondly, since unique factorization will fail in general, we
shall need to find a way of measuring by how much it fails. Finally, since factorization is
only considered up to units, in order to fully understand the arithmetic of K, we need to
understand the structure of the group of units UK in OK .
The ring of integers

Let K be an algebraic number field. Each element ˛ of K satisfies an equation
˛ n C a1 ˛ n 1
C C a0 D 0
with coefficients a1 ; : : : ; an in Q, and ˛ is an algebraic integer if it satisfies such an equa-

tion with coefficients a1 ; : : : ; an in Z. We shall see that the algebraic integers form a subring
OK of K.
The criterion as stated is difficult to apply. We shall show (2.11) that ˛ is an algebraic
integer if and only if its minimum polynomialpover Q has coefficients in Z.
Consider for example the field p K D QŒ d , where d is a square-free integer. The
minimum polynomial of ˛ D a C b d , b ¤ 0, a; b 2 Q, is
p p
.X .a C b d //.X .a b d // D X 2 2aX C .a2 b 2 d /;
and so ˛ is an algebraic integer if and only if
2a 2 Z; a2 b 2 d 2 Z:
2
From this it follows easily that, when d 2; 3 mod 4, ˛ is an algebraic integer if and only
if a and b are integers, i.e.,
p n p o
OK D ZŒ d D a C b d j a; b 2 Z ;
and, when d 1 mod 4, ˛ is an algebraic integer if and only if a and b are either both
integers or both half-integers, i.e.,
p n p ˇ o
OK D ZŒ 1C2 d D a C b 1C2 d a; b 2 Z .
ˇ
ˇ
p p
For example, the minimum polynomial
p of 1=2 C 5=2 is X 2 X 1, and so 1=2 C 5=2
is an algebraic integer in QŒ 5.
Let d be a primitive d th root of 1, for example, d D exp.2 i=d /, and let K D QŒd .
Then we shall see (6.2) that
mi di j mi 2 Z :
˚P
OK D ZŒd D
as one would hope.
Factorization
A nonzero element of an integral domain A is said to be irreducible if it is not a unit, and
can’t be written as a product of two nonunits. For example, a prime element is (obviously)
irreducible. A ring A is a unique factorization domain if every nonzero element of A can
be expressed as a product of irreducible elements in essentially one way. Is the ring of
integers OK a unique factorization domain? No, not in general!
We shall see that each element of OK can be written as a product of irreducible elements
(this is true for all Noetherian
p rings), and so it is the uniqueness that fails.
For example, in ZŒ 5 we have
p p
6 D 2 3 D .1 C 5/.1 5/:
p p
To see that 2, 3, 1 C 5, 1 5 are irreducible, and no two are associates, we use the
norm map p p
NmW QŒ 5 ! Q; a C b 5 7! a2 C 5b 2 :
This is multiplicative, and it is easy to see that, for ˛ 2 OK ,
Nm.˛/ D 1 ” ˛ ˛N D 1 ” ˛ is a unit. (*)

p p
If 1 C 5 D ˛ˇ, then Nm.˛ˇ/ D Nm.1 C 5/ D 6. Thus Nm.˛/ D 1; 2; 3, or 6. In
the first case, ˛ is a unit, the second and third casesp
don’t occur, and in the fourth case ˇ is
a unit. A similar argument shows that 2; 3, and 1 5 are irreducible. Next note
p that (*)
p that associates have the same norm, and so it remains to show that 1 C
implies 5 and
1 5 are not associates, but
p p p
1C 5 D .a C b 5/.1 5/
has no solution with a; b 2 Z.

Why does unique factorization fail in OK ? Thep
problem is that irreducible elements in
OK need not be prime. In the above example, 1 C 5 divides 2 3 but it divides neither
INTRODUCTION 3
2 nor 3. In fact, in an integral domain in which factorizations exist (e.g. a Noetherian ring),
factorization is unique if all irreducible elements are prime.
What can we recover? Consider
210 D 6 35 D 10 21:
If we were naive, we might say this shows factorization is not unique in Z; instead, we
recognize that there is a unique factorization underlying these two decompositions, namely,
210 D .2 3/.5 7/ D .2 5/.3 7/:
The idea of Kummer

p and Dedekind was to enlarge the set of “prime numbers” so that, for
example, in ZŒ 5 there is a unique factorization,
6 D .p1 p2 /.p3 p4 / D .p1 p3 /.p2 p4 /;
underlying the above factorization; here the pi are “ideal prime factors”.
How do we define “ideal factors”? Clearly, an ideal factor should be characterized
by the algebraic integers it divides. Moreover divisibility by a should have the following
properties:
aj0I aja; ajb ) aja ˙ bI aja ) ajab for all b 2 OK :
If in addition division by a has the property that
ajab ) aja or ajb;
then we call a a “prime ideal factor”. Since all we know about an ideal factor is the set of
elements it divides, we may as well identify it with this set. Thus an ideal factor a is a set
of elements of OK such that
0 2 aI a; b 2 a ) a ˙ b 2 aI a 2 a ) ab 2 a for all b 2 OK I
it is prime if an addition,
ab 2 a ) a 2 a or b 2 a:
Many of you will recognize that an ideal factor is what we now call an ideal, and a prime
ideal factor is a prime ideal.
There is an obvious notion of the product of two ideals:
X
abjc ” c D ai bi ; ajai ; bjbi :
In other words, nX o
ab D ai bi j ai 2 a; bi 2 b :
One see easily that this is again an ideal, and that if
a D .a1 ; :::; am / and b D .b1 ; :::; bn /
then
a b D .a1 b1 ; :::; ai bj ; :::; am bn /:
With these definitions, one recovers unique factorization: if a ¤ 0, then there is an
essentially unique factorization:
.a/ D p1 pn with each pi a prime ideal.

4
In the above example,

p p p p
.6/ D .2; 1 C 5/.2; 1 5/.3; 1 C 5/.3; 1 5/:
In fact, I claim
p p
.2; 1 C 5/.2; 1 5/ D .2/
p p
.3; 1 C 5/.3; 1 5/ D .3/
p p p
.2; 1 C 5/.3; 1 C 5/ D .1 C 5/
p p p
.2; 1 5/.3; 1 5/ D .1 5/:
p p p p
For example, .2; 1 C 5/.2; 1 5/ D .4; 2 C 2 5; 2 2 5; 6/. Since every
generator is divisible by 2, we see that
p p
.2; 1 C 5/.2; 1 5/ .2/:
Conversely, p p
2 D 6 4 2 .4; 2 C 2 5; 2 2 5; 6/
p p
p1C
and so .2; 5/.2;
p1 5/ Dp.2/, as claimed. Ipfurther claim that the four ideals
.2; 1 C 5/, .2; 1 p5/, .3; 1 C p5/, and .3; 1 5/ are all prime. For example,
the obvious map Z ! ZŒ 5=.3; 1 5/ is surjective with kernel .3/, and so
p p
ZŒ 5=.3; 1 5/ ' Z=.3/;
which is an integral domain.

How far is this from what we want, namely, unique factorization of elements? In other
words, how many “ideal” elements have we had to add to our “real” elements to get unique
factorization. In a certain sense, only a finite number: we shall see that there exists a finite
set S of ideals such that every ideal is of the form a .a/ for some a 2 S and some a 2 OK .
Better, we shall construct a group I of “fractional” ideals in which the principal fractional
ideals .a/, a 2 K , form a subgroup P of finite index. The index is called the class number
hK of K. We shall see that
hK D 1 ” OK is a principal ideal domain

” OK is a unique factorization domain.
Units
p
Unlike Z, OpK can have infinitely many units. For example, .1 C 2/ is a unit of infinite
order in ZŒ 2 W
p p p
.1 C 2/. 1 C 2/ D 1I .1 C 2/m ¤ 1 if m ¤ 0:
p p
In fact ZŒ 2 D f˙.1 C 2/m j m 2 Zg, and so
p
ZŒ 2 f˙1g ffree abelian group of rank 1g:
In general, we shall show (unit theorem) that the roots of 1 in K form a finite group .K/,
and that

OK .K/ Zr (as an abelian group);
moreover, we shall find r:
INTRODUCTION 5
Applications
One motivation for the development of algebraic number theory was the attempt to prove
Fermat’s last “theorem”, i.e., when m 3, there are no integer solutions .x; y; z/ to the
equation
X m C Y m D Zm
with all of x; y; z nonzero.
When m D 3, this can proved by the method of “infinite descent”, i.e., from one solu-
tion, you show that you can construct a smaller solution, which leads to a contradiction3 .
The proof makes use of the factorization
Y 3 D Z3 X 3 D .Z X /.Z 2 C XZ C X 2 /;
and it was recognized that a stumbling block to proving the theorem for larger m is that no
such factorization exists into polynomials with integer coefficients of degree 2. This led
people to look at more general factorizations.
In a famous incident, the French mathematician Lamé gave a talk at the Paris Academy
in 1847 in which he claimed to prove Fermat’s last theorem using the following ideas. Let
p > 2 be a prime, and suppose x, y, z are nonzero integers such that
xp C yp D zp :
Write Y
xp D zp yp D .z i y/; 0i p 1; D e 2 i=p :
He then showed how to obtain a smaller solution to the equation, and hence a contradiction.
Liouville immediately questioned a step in Lamé’s proof in which he assumed that, in order
to show that each factor .z i y/ is a pth power, it suffices to show that the factors are
relatively prime in pairs and their product is a pth power. In fact, Lamé couldn’t justify his
step (ZŒ is not always a principal ideal domain), and Fermat’s last theorem was not proved
for almost 150 years. However, shortly after Lamé’s embarrassing lecture, Kummer used
his results on the arithmetic of the fields QŒ to prove Fermat’s last theorem for all regular
primes, i.e., for all primes p such that p does not divide the class number of QŒp .
Another application is to finding Galois groups. The splitting field of a polynomial
f .X/ 2 QŒX is a Galois extension of Q. In the basic graduate algebra course (see FT),
we learn how to compute the Galois group only when the degree is very small. By using
algebraic number theory one can write down an algorithm to do it for any degree.
For applications of algebraic number theory to elliptic curves, see, for example, Milne
2006.
S OME COMMENTS ON THE LITERATURE

Computational number theory
Cohen 1993 and Pohst and Zassenhaus 1989 provide algorithms for most of the construc-
tions we make in this course. The first assumes the reader knows number theory, whereas
the second develops the whole subject algorithmically. Cohen’s book is the more useful as
a supplement to this course, but wasn’t available when these notes were first written. While
the books are concerned with more-or-less practical algorithms for fields of small degree
and small discriminant, Lenstra (1992) concentrates on finding “good” general algorithms.
3 The
p
simplest proof by infinite descent is that showing that 2 is irrational.
6
History of algebraic number theory
Dedekind 1996, with its introduction by Stillwell, gives an excellent idea of how algebraic
number theory developed. Edwards 1977 is a history of algebraic number theory, con-
centrating on the efforts to prove Fermat’s last theorem. The notes in Narkiewicz 1990
document the origins of most significant results in algebraic number theory.
Exercises
p Let d be a square-free integer. Complete the verification that the ring of integers in
0-1
QŒ d is as described.
p
0-2 Complete the verification that, in ZŒ 5,
p p p p
.6/ D .2; 1 C 5/.2; 1 5/.3; 1 C 5/.3; 1 5/
is a factorization of .6/ into a product of prime ideals.

Chapter 1
Preliminaries from Commutative

Algebra
Many results that were first proved for rings of integers in number fields are true for more
general commutative rings, and it is more natural to prove them in that context.
Basic definitions
All rings will be commutative, and have an identity element (i.e., an element 1 such that
1a D a for all a 2 A), and a homomorphism of rings will map the identity element to the
identity element.
A ring B together with a homomorphism of rings A ! B will be referred to as an
A-algebra. We use this terminology mainly when A is a subring of B. In this case, for
elements ˇ1 ; :::; ˇm of B, AŒˇ1 ; :::; ˇm denotes the smallest subring of B containing A
and the ˇi . It consists of all polynomials in the ˇi with coefficients in A, i.e., elements of
the form
ai1 :::im ˇ1i1 :::ˇm
X
im
; ai1 :::im 2 A:
We also refer to AŒˇ1 ; :::; ˇm as the A-subalgebra of B generated by the ˇi , and when
B D AŒˇ1 ; :::; ˇm we say that the ˇi generate B as an A-algebra.
For elements a1 ; a2 ; : : : of A, P
we let .a1 ; a2 ; : : :/ denote the smallest ideal containing
the ai . It consists of finite sums ci ai , ci 2 A, and it is called the ideal generated by
a1 ; a2 ; : : :. When a and b are ideals in A, we define
a C b D fa C b j a 2 a, b 2 bg:
It is again an ideal in A — in fact, it is the smallest ideal containing both a and b. If

a D .a1 ; :::; am / and b D .b1 ; :::; bn /, then a C b D .a1 ; :::; am ; b1 ; :::; bn /:
Given an ideal a in A, we can form the quotient ring A=a. Let f W A ! A=a be the ho-
momorphism a 7! a C a; then b 7! f 1 .b/ defines a one-to-one correspondence between
the ideals of A=a and the ideals of A containing a, and
1 '
A=f .b/ ! .A=a/=b:
A proper ideal a of A is prime if ab 2 a ) a or b 2 a. An ideal a is prime if and

only if the quotient ring A=a is an integral domain. A nonzero element of A is said to be
prime if ./ is a prime ideal; equivalently, if jab ) ja or jb.
7
8 CHAPTER 1. PRELIMINARIES FROM COMMUTATIVE ALGEBRA
A proper ideal a in A is maximal if there does not exist an ideal b, a & b & A: An
ideal a is maximal if and only if A=a is a field. Every proper ideal a of A is contained
in a maximal ideal — if A is Noetherian (see below) this is obvious; otherwise the proof
requires Zorn’s lemma. In particular, every nonunit in A is contained in a maximal ideal.
There are the implications: A is a Euclidean domain ) A is a principal ideal domain
) A is a unique factorization domain (see any good graduate algebra course).
Ideals in products of rings

P ROPOSITION 1.1 Consider a product of rings A B. If a and b are ideals in A and B
respectively, then a b is an ideal in A B, and every ideal in A B is of this form. The
prime ideals of A B are the ideals of the form
pB (p a prime ideal of A), A p (p a prime ideal of B).
P ROOF. Let c be an ideal in A B, and let
a D fa 2 A j .a; 0/ 2 cg; b D fb 2 B j .0; b/ 2 cg:
Clearly a b c. Conversely, let .a; b/ 2 c. Then .a; 0/ D .a; b/ .1; 0/ 2 a and

.0; b/ D .a; b/ .0; 1/ 2 b, and so .a; b/ 2 a b:
Recall that an ideal c C is prime if and only if C =c is an integral domain. The map
A B ! A=a B=b; .a; b/ 7! .a C a; b C b/
has kernel a b, and hence induces an isomorphism
A B=.a b/ ' A=a B=b:
Now use that a product of rings is an integral domain if and only one ring is zero and the
other is an integral domain. 2
R EMARK 1.2 The lemma extends in an obvious way to a finite product of rings: the ideals
in A1 Am are of the form a1 am with ai an ideal in Ai ; moreover, a1 am
is prime if and only if there is a j such that aj is a prime ideal in Aj and ai D Ai for i ¤ j:
Noetherian rings
A ring A is Noetherian if every ideal in A is finitely generated.
P ROPOSITION 1.3 The following conditions on a ring A are equivalent:

(a) A is Noetherian.
(b) Every ascending chain of ideals
a1 a2 an
becomes stationary, i.e., after a certain point an D anC1 D .

(c) Every nonempty set S of ideals in A has a maximal element a, i.e., there is an ideal
a in S that is not contained in any other ideal in S .
NOETHERIAN MODULES 9
S
P ROOF. (a))(b): Let a D ai ; it is an ideal, and hence is finitely generated, say a D
.a1 ; : : : ; ar /. For some n, an will contain all the ai , and so an D anC1 D D a.
(b))(c): Let a1 2 S. If a1 is not a maximal element of S , then there is an a2 2 S such that
a1 & a2 . If a2 is not maximal, then there is an a3 etc.. From (b) we know that this process
will lead to a maximal element after only finitely many steps.
(c))(a): Let a be an ideal in A, and let S be the set of finitely generated ideals in contained
in a. According to (c), S contains a maximal element, say, a0 D .a1 ; : : : ; ar /. If a0 ¤ a,
there exists an element a 2 a r a0 , and then a0 & .a1 ; : : : ; ar ; a/ a, which contradicts
the definition of a. 2
A famous theorem of Hilbert states that kŒX1 ; :::; Xn is Noetherian. In practice, al-
most all the rings that arise naturally in algebraic number theory or algebraic geometry are
Noetherian, but not all rings are Noetherian. For example, the ring kŒX1 ; : : : ; Xn ; : : : of
polynomials in an infinite sequence of symbols is not Noetherian because the chain of ideals
.X1 / .X1 ; X2 / .X1 ; X2 ; X3 /
never becomes stationary.
P ROPOSITION 1.4 Every nonzero nonunit element of a Noetherian integral domain can be
written as a product of irreducible elements.
P ROOF. We shall need to use that, for elements a and b of an integral domain A,
.a/ .b/ ” bja, with equality if and only if b D a unit:
The first assertion is obvious. For the second, note that if a D bc and b D ad then
a D bc D adc, and so dc D 1. Hence both c and d are units.
Suppose the statement of the proposition is false for a Noetherian integral domain A.
Then there exists an element a 2 A which contradicts the statement and is such that .a/ is
maximal among the ideals generated by such elements (here we use that A is Noetherian).
Since a can not be written as a product of irreducible elements, it is not itself irreducible,
and so a D bc with b and c nonunits. Clearly .b/ .a/, and the ideals can’t be equal for
otherwise c would be a unit. From the maximality of .a/, we deduce that b can be written
as a product of irreducible elements, and similarly for c. Thus a is a product of irreducible
elements, and we have a contradiction. 2
R EMARK 1.5 Note that the proposition fails for the ring O of all algebraic integers in the
algebraic closure of Q in C, because we can keep in extracting square roots: an algebraic
p
integer ˛ can not be an irreducible element of O because ˛ will also be an algebraic
p p
integer and ˛ D ˛ ˛. Thus O is not Noetherian.
Noetherian modules
Let A be a ring. An A-module M is said to be Noetherian if every submodule is finitely
generated.
P ROPOSITION 1.6 The following conditions on an A-module M are equivalent:

(a) A is Noetherian;
(b) every ascending chain of submodules becomes stationary;
(c) every nonempty set of submodules in M has a maximal element.
P ROOF. Similar to the proof of Proposition 1.3. 2
P ROPOSITION 1.7 Let M be an A-module, and let N be a submodule of M . If N and

M=N are both Noetherian, then so also is M .
P ROOF. I claim that if M 0 M 00 are submodules of M such that M 0 \ N D M 00 \ N

and M 0 and M 00 have the same image in M=N , then M 0 D M 00 . To see this, let x 2 M 00 ;
the second condition implies that there exists a y 2 M 0 with the same image as x in M=N ,
i.e., such that x y 2 M 00 \ N M 0 , and so x 2 M 0 .
Now consider an ascending chain of submodules of M . If M=N is Noetherian, the
image of the chain in M=N becomes stationary, and if N is Noetherian, the intersection of
the chain with N becomes stationary. Now the claim shows that the chain itself becomes
stationary. 2
P ROPOSITION 1.8 Let A be a Noetherian ring. Then every finitely generated A-module is
Noetherian.
P ROOF. If M is generated by a single element, then M A=a for some ideal a in A, and
the statement is obvious. We argue by induction on the minimum number n of generators
of M . Since M contains a submodule N generated by n 1 elements such that the quotient
M=N is generated by a single element, the statement follows from (1.7). 2
Local rings
A ring A is said to local if it has exactly one maximal ideal m. In this case, A D A r m
(complement of m in A).
L EMMA 1.9 (NAKAYAMA’ S LEMMA ) Let A be a local Noetherian ring, and let a be a
proper ideal in A. Let M be a finitely generated A-module, and define
P
aM D f ai mi j ai 2 a; mi 2 M g :
(a) If aM D M , then M D 0:
(b) If N is a submodule of M such that N C aM D M , then N D M:
P ROOF. (a) Suppose that aM D M but M ¤ 0. Among the finite sets of generators for
M , choose one fm1 ; :::; mk g having the fewest elements. From the hypothesis, we know
that we can write
mk D a1 m1 C a2 m2 C C ak mk some ai 2 a:
Then
.1 ak /mk D a1 m1 C a2 m2 C C ak 1 mk 1 :
RINGS OF FRACTIONS 11
As 1 ak is not in m, it is a unit, and so fm1 ; :::; mk 1 g generates M . This contradicts our

choice of fm1 ; :::; mk g, and so M D 0:
(b) We shall show that a.M=N / D M=N , and then apply the first part of the lemma to
deduce that M=N D 0. Consider m C N , m 2 M . From the assumption, we can write
P
m D n C ai mi , with ai 2 a, mi 2 M:
Then
P P
mCN D ai mi C N D ai .mi C N / (definition of the action of A on M=N /;
and so m C N 2 a.M=N /: 2
The hypothesis that M be finitely generated in the lemma is crucial. For example, if
A is a local integral domain with maximal ideal m ¤ 0, then mM D M for any field M
containing A but M ¤ 0.
Rings of fractions
Let A be an integral domain; there is a field K A, called the field of fractions of A, with
the property that every c 2 K can be written in the form c D ab 1 with a; b 2 A and
b ¤ 0. For example, Q is the field of fractions of Z, and k.X / is the field of fractions of
kŒX:
Let A be an integral domain with field of fractions K. A subset S of A is said to be
multiplicative if 0 … S , 1 2 S, and S is closed under multiplication. If S is a multiplicative
subset, then we define
S 1 A D fa=b 2 K j b 2 S g:
It is obviously a subring of K:
E XAMPLE 1.10 (a) Let t be a nonzero element of A; then

def
S t D f1,t ,t 2 ,...g
is a multiplicative subset of A, and we (sometimes) write A t for S t 1 A. For example, if d

is a nonzero integer, then1 Zd consists of those elements of Q whose denominator divides
some power of d :
Zd D fa=d n 2 Q j a 2 Z, n 0g:
(b) If p is a prime ideal, then Sp D A r p is a multiplicative set (if neither a nor b
belongs to p, then ab does not belong to p/. We write Ap for Sp 1 A. For example,
Z.p/ D fm=n 2 Q j n is not divisible by pg:
P ROPOSITION 1.11 Consider an integral domain A and a multiplicative subset S of A. For

an ideal a of A, write ae for the ideal it generates in S 1 A; for an ideal a of S 1 A, write
ac for a \ A. Then:
ace D a for all ideals a of S 1 A
aec D a if a is a prime ideal of A disjoint from S:
1 This notation conflicts with a later notation in which Zp denotes the ring of p-adic integers.
P ROOF. Let a be an ideal in S 1 A. Clearly .a \ A/e a because a \ A a and a is an

ideal in S 1 A. For the reverse inclusion, let b 2 a. We can write it b D a=s with a 2 A,
s 2 S . Then a D s .a=s/ 2 a \ A, and so a=s D .s .a=s//=s 2 .q \ A/e :
Let p be a prime ideal disjoint from S . Clearly .S 1 p/ \ A p. For the reverse
inclusion, let a=s 2 .S 1 p/ \ A, a 2 p, s 2 S . Consider the equation as s D a 2 p. Both
a=s and s are in A, and so at least one of a=s or s is in p (because it is prime); but s … p (by
assumption), and so a=s 2 p: 2
P ROPOSITION 1.12 Let A be an integral domain, and let S be a multiplicative subset of

def
A. The map p 7! pe D p S 1 A is a bijection from the set of prime ideals in A such that
p \ S D ∅ to the set of prime ideals in S 1 A; the inverse map is p 7! p \ A.
P ROOF. It is easy to see that
p a prime ideal disjoint from S ) pe is a prime ideal in S 1

A,
1
p a prime ideal in S A ) p \ A is a prime ideal in A disjoint from S;
and (1.11) shows that the two maps are inverse. 2
E XAMPLE 1.13 (a) If p is a prime ideal in A, then Ap is a local ring (because p contains
every prime ideal disjoint from Sp ).
(b) We list the prime ideals in some rings:
Z: .2/; .3/; .5/; .7/; .11/; : : : ; .0/I

Z2 : .3/; .5/; .7/; .11/; : : : ; .0/I
Z.2/ : .2/; .0/I
Z42 : .5/; .11/; .13/; : : : ; .0/I
Z=.42/: .2/; .3/; .7/:
Note that in general, for t a nonzero element of an integral domain,
fprime ideals of A t g $ fprime ideals of A not containing tg

fprime ideals of A=.t /g $ fprime ideals of A containing tg:
The Chinese remainder theorem

Recall the classical form of the theorem: let d1 ; :::; dn be integers, relatively prime in pairs;
then for any integers x1 ; :::; xn , the congruences
x xi mod di
have a simultaneous solution x 2 Z; moreover, if x is one solution,

Q then the other solutions
are the integers of the form x C md with m 2 Z and d D di :
We want to translate this in terms of ideals. Integers m and n are relatively prime if and
only if .m; n/ D Z, i.e., if and only if .m/ C .n/ D Z. This suggests defining ideals a and
b in a ring A to be relatively prime if a C b D A.
THE CHINESE REMAINDER THEOREM 13
T
If m1 ; :::; mkTare integers,
Q then .mi / D .m/Qwhere m is the least common multiple
of the mi . Thus Q .mi / . mi /, which T equals Q .mi /. If the mi are relatively prime in
pairs, then m D mi , and so we have .mi / D .mi /. Note that in general,
a1 a2 an a1 \ a2 \ ::: \ an ;
but the two ideals need not be equal.
These remarks suggest the following statement.
T HEOREM 1.14 Let a1 ; :::; an be ideals in a ring A, relatively prime in pairs. Then for any
elements x1 ; :::; xn of A, the congruences
x xi mod ai
have a simultaneous solution x 2 A; moreover,Tif x is oneTsolution,
Qthen the other solutions
are the elements of the form x C a with a 2 ai , and ai D ai . In other words, the
natural maps give an exact sequence
n
Y
0!a!A! A=ai ! 0
i D1
T Q
with a D ai D ai .
P ROOF. Suppose first that n D 2. As a1 C a2 D A, there are elements ai 2 ai such that

a1 C a2 D 1. The element x D a1 x2 C a2 x1 has the required property.
For each i we can find elements ai 2 a1 and bi 2 ai such that
ai C bi D 1, all i 2:
Q Q
The product i 2 .ai C bi / D 1, and lies in a1 C i 2 ai , and so
Y
a1 C ai D A:
i 2
We can now apply the theorem in the case n D 2 to obtain an element y1 of A such that
Y
y1 1 mod a1 ; y1 0 mod ai :
i 2
These conditions imply

y1 1 mod a1 ; y1 0 mod aj , all j > 1:
Similarly, there exist elements y2 ; :::; yn such that
yi 1 mod ai ; yi 0 mod aj for j ¤ i:
P
The element x D xi yi now T satisfies
Q the requirements. T Q
It remains to prove that ai D ai . We have already noted that ai ai . First
suppose that n D 2, and let a1 C a2 D 1, as before. For c 2 a1 \ a2 , we have
c D a1 c C a2 c 2 a1 a2
Q a1 \ a2 T
which proves that D a1 a2 . We complete the proof by induction.
Q This allows us
to assume that i 2 ai D i 2 ai . We showed above that a1 and i 2 ai are relatively
prime, and so Y Y \
a1 . ai / D a1 \ . ai / D ai :
i 2 i 2 2
The theorem extends to A-modules.
T HEOREM 1.15 Let a1 ; :::; an be ideals in A, relatively prime in pairs, and let M be an
A-module. There is an exact sequence:
Y
0 ! aM ! M ! M=ai M ! 0
i
Q T
with a D ai D ai :
This can be proved in the same way as Theorem 1.14, but I prefer to use tensor products,
which I now review.
Review of tensor products

Let M , N , and P be A-modules. A mapping f W M N ! P is said to be A-bilinear if
f .m C m0 ; n/ D f .m; n/ C f .m0 ; n/ =
9
f .m; n C n0 / D f .m; n/ C f .m; n0 / all a 2 A; m; m0 2 M; n; n0 2 N:

f .am; n/ D af .m; n/ D f .m; an/
;
i.e., if it is linear in each variable. A pair .Q; f / consisting of an A-module Q and an

A-bilinear map f W M N ! Q is called the tensor product of M and N if any other A-
bilinear map f 0 W M N ! P factors uniquely into f 0 D ˛ ı f with ˛W Q ! P A-linear.
The tensor product exists, and is unique (up to a unique isomorphism making the obvious
diagram commute). We denote it by M ˝A N , and we write .m; n/ 7! m ˝ n for f . The
pair .M ˝A N; .m; n/ 7! m ˝ n/ is characterized by each of the following two conditions:
(a) The map M N / M ˝A N is A-bilinear, and any other A-bilinear map M
N / P is of the form .m; n/ 7! ˛.m ˝ n/ for a unique A-linear map ˛W M ˝A N /P ;
thus
BilinA .M N; P / D HomA .M ˝A N; P /:
(b) The A-module M ˝A N has as generators the m ˝ n, m 2 M , n 2 N , and as
relations
.m C m0 / ˝ n D m ˝ n C m0 ˝ n =
9
m ˝ .n C n0 / D m ˝ n C m ˝ n0 all a 2 A; m; m0 2 M; n; n0 2 N:
am ˝ n D a.m ˝ n/ D m ˝ an
;
Tensor products commute with direct sums: there is a canonical isomorphism

M M ' M
. Mi / ˝A . Nj / ! Mi ˝A Nj ;
i j i;j
P P P
. mi / ˝ . nj / 7! mi ˝ nj :
It follows that if M and N are free A-modules2 with bases .ei / and .fj / respectively, then
M ˝A N is a free A-module with basis .ei ˝ fj /. In particular, if V and W are vector
spaces over a field k of dimensions m and n respectively, then V ˝k W is a vector space
over k of dimension mn.
2 Let Mbe an A-module. Elements e1 ; : : : ; em form a basis for M if every element of M can be expressed
uniquely as a linear combination of the ei ’s with coefficients in A. Then Am ! M , .a1 ; : : : ; am / 7!
P
ai ei ,
is an isomorphism of A-modules, and M is said to be a free A-module of rank m.
REVIEW OF TENSOR PRODUCTS 15
Let ˛W M ! M 0 and ˇW N ! N 0 be A-linear maps. Then

.m; n/ 7! ˛.m/ ˝ ˇ.n/W M N ! M 0 ˝A N 0
is A-bilinear, and therefore factors uniquely through M N ! M ˝A N . Thus there is a
unique A-linear map ˛ ˝ ˇW M ˝A N ! M 0 ˝A N 0 such that
.˛ ˝ ˇ/.m ˝ n/ D ˛.m/ ˝ ˇ.n/:
R EMARK 1.16 The tensor product of two matrices regarded as linear maps is called their
Kronecker product.3 If A is m n (so a linear map k n ! k m ) and B is r s (so a linear
map k s ! k r ), then A ˝ B is the mr ns matrix (linear map k ns ! k mr ) with
0 1
a11 B a1n B
A˝B D@ :: :: ::
A:
B C
: : :
am1 B amn B
L EMMA 1.17 If ˛W M ! M 0 and ˇW N ! N 0 are surjective, then so also is

˛ ˝ ˇW M ˝A N ! M 0 ˝A N 0 :
P ROOF. Recall that M 0 ˝ N 0 is generated as an A-module by the elements m0 ˝ n0 , m0 2

M 0 , n0 2 N 0 . By assumption m0 D ˛.m/ for some m 2 M and n0 D ˇ.n/ for some n 2 N ,
and so m0 ˝ n0 D ˛.m/ ˝ ˇ.n/ D .˛ ˝ ˇ/.m ˝ n/. Therefore the image of ˛ ˝ ˇ contains
a set of generators for M 0 ˝A N 0 and so it is equal to it. 2
One can also show that if

M 0 ! M ! M 00 ! 0
is exact, then so also is
M 0 ˝A P ! M ˝A P ! M 00 ˝A P ! 0:
For example, if we tensor the exact sequence
0 ! a ! A ! A=a ! 0
with M , we obtain an exact sequence
a ˝A M ! M ! .A=a/ ˝A M ! 0 (2)
The image of a ˝A M in M is
def P
aM D f ai mi j ai 2 a, mi 2 M g ;
and so we obtain from the exact sequence (2) that
M=aM ' .A=a/ ˝A M (3)
By way of contrast, if M ! N is injective, then M ˝A P ! N ˝A P need not be injective.
m m
For example, take A D Z, and note that .Z ! Z/ ˝Z .Z=mZ/ equals Z=mZ ! Z=mZ,
which is the zero map.
3 Kronecker products of matrices pre-date tensor products by about 70 years.
P ROOF ( OF T HEOREM 1.15) Return to the situation of the theorem. When we tensor the
isomorphism
' Q
A=a ! A=ai
with M , we get an isomorphism
' Q Q
M=aM ' .A=a/ ˝A M ! .A=ai / ˝A M ' M=ai M;
as required. 2
Extension of scalars
If A ! B is an A-algebra and M is an A-module, then B ˝A M has a natural structure of
a B-module for which
b.b 0 ˝ m/ D bb 0 ˝ m; b; b 0 2 B; m 2 M:
We say that B ˝A M is the B-module obtained from M by extension of scalars. The map
m 7! 1 ˝ mW M ! B ˝A M has the following universal property: it is A-linear, and for
any A-linear map ˛W M ! N from M into a B-module N , there is a unique B-linear map
˛ 0 W B ˝A M ! N such that ˛ 0 .1 ˝ m/ D ˛.m/. Thus ˛ 7! ˛ 0 defines an isomorphism
HomA .M; N / ! HomB .B ˝A M; N /, N a B-module:
For example, A ˝A M D M . If M is a free A-module with basis e1 ; : : : ; em , then B ˝A M

is a free B-module with basis 1 ˝ e1 ; : : : ; 1 ˝ em .
Tensor products of algebras

If f W A / B and gW A / C are A-algebras, then B ˝A C has a natural structure of an
A-algebra: the product structure is determined by the rule
.b ˝ c/.b 0 ˝ c 0 / D bb 0 ˝ cc 0
and the map A / B ˝A C is a 7! f .a/ ˝ 1 D 1 ˝ g.a/.

For example, there is a canonical isomorphism
a ˝ f 7! af W K ˝k kŒX1 ; : : : ; Xm ! KŒX1 ; : : : ; Xm (4)
Tensor products of fields

We are now able to compute K ˝k ˝ if K is a finite separable field extension of a field k
and ˝ is an arbitrary field extension of k. According to the primitive element theorem (FT
5.1), K D kŒ˛ for some ˛ 2 K. Let f .X / be the minimum polynomial of ˛. By definition
this means that the map g.X / 7! g.˛/ determines an isomorphism
kŒX =.f .X // ! K:
Hence
K ˝k ˝ ' .kŒX =.f .X /// ˝k ˝ ' ˝ŒX =.f .X //
EXERCISE 17
by (3) and (4). Because K is separable over k, f .X / has distinct roots. Therefore f .X /
factors in ˝ŒX into monic irreducible polynomials
f .X / D f1 .X / fr .X /
that are relatively prime in pairs. We can apply the Chinese Remainder Theorem to deduce
that Yr
˝ŒX =.f .X // D ˝ŒX =.fi .X //:
i D1
Finally, ˝ŒX =.fi .X // is a finite separable field extension of ˝ of degree deg fi . Thus we
have proved the following result:
T HEOREM 1.18 Let K be a finite separable field extension of k, and let ˝ be an arbitrary
field extension. Then K ˝k ˝ is a product of finite separable field extensions of ˝,
Yr
K ˝k ˝ D ˝i :
i D1
If ˛ is a primitive element for K=k, then the image ˛i of ˛ in ˝i is a primitive element

for ˝i =˝, and if f .X / and fi .X / are the minimum polynomials for ˛ and ˛i respectively,
then Yr
f .X / D fi .X /:
i D1
E XAMPLE 1.19 Let K D QŒ˛ with ˛ algebraic over Q. Then

Yr
C ˝Q K ' C ˝Q .QŒX =.f .X /// ' CŒX =..f .X // ' CŒX =.X ˛i / Cr :
i D1
Here ˛1 ; : : : ; ˛r are the conjugates of ˛ in C. The composite of ˇ 7! 1 ˝ ˇW K ! C ˝Q K

j
with projection onto the i th factor is aj ˛ j 7! aj ˛i .
P P
We note that it is essential to assume in (1.18) that K is separable over k. If not, there
will be an ˛ 2 K such that ˛ p 2 k but ˛ … k, and the ring K ˝k K will contain an element
ˇ D .˛ ˝ 1 1 ˝ ˛/ ¤ 0 such that
ˇp D ˛p ˝ 1 1 ˝ ˛ p D ˛ p .1 ˝ 1/ ˛ p .1 ˝ 1/ D 0:
Hence K ˝k K contains a nonzero nilpotent element, and so it can’t be a product of fields.
N OTES Ideals were introduced and studied by Dedekind for rings of algebraic integers, and later by
others in polynomial rings. It was not until the 1920s that the theory was placed in its most natural
setting, that of arbitrary commutative rings (by Emil Artin and Emmy Noether).
Exercise
1-1 Let A be an integral domain. A multiplicative subset S of A is said to be saturated if
ab 2 S ) a and b 2 S:
(a) Show that S is saturated ” its complement is a union of prime ideals.
(b) Show that given a multiplicative system S , there is a unique
S smallest saturated mul-
tiplicative system S 0 containing S , and that S 0 D A r p, where p runs over the
prime ideals disjoint from S . Show that S 0 1 A D S 1 A. Deduce that S 1 A is
characterized by the set of prime ideals of A that remain prime in S 1 A:
Chapter 2
Rings of Integers
Let A be an integral domain, and let L be a field containing A. An element ˛ of L is said

to be integral over A if it is a root of a monic polynomial with coefficients in A, i.e., if it
satisfies an equation
˛ n C a1 ˛ n 1
C C an D 0; ai 2 A:
T HEOREM 2.1 The elements of L integral over A form a ring.
I shall give two proofs of this theorem. The first uses Newton’s theory of symmetric
polynomials and a result of Eisenstein, and the second is Dedekind’s surprisingly modern
proof, which avoids symmetric polynomials.
First proof that the integral elements form a ring

A polynomial P .X1 ; :::; Xr / 2 AŒX1 ; : : : ; Xr is said to be symmetric if it is unchanged
when its variables are permuted, i.e., if
P .X .1/ ; : : : ; X .r/ / D P .X1 ; : : : ; Xr /; all 2 Symr :
For example
X X
S1 D Xi ; S2 D Xi Xj ; :::; Sr D X1 Xr ;
i <j
are all symmetric. These particular polynomials are called the elementary symmetric poly-
nomials.
T HEOREM 2.2 (Symmetric function theorem) Let A be a ring. Every symmetric polyno-
mial P .X1 ; :::; Xr / in AŒX1 ; :::; Xr is equal to a polynomial in the symmetric elementary
polynomials with coefficients in A, i.e., P 2 AŒS1 ; :::; Sr :
P ROOF. We define an ordering on the monomials in the Xi by requiring that

j j
X1i1 X2i2 Xrir > X1 1 X2 2 Xrjr
if either
i1 C i2 C C ir > j1 C j2 C C jr
18
DEDEKIND’S PROOF THAT THE INTEGRAL ELEMENTS FORM A RING 19
or equality holds and, for some s,
i1 D j1 ; : : : ; is D js ; but isC1 > jsC1 :
Let X1k1 Xrkr be the highest monomial occurring in P with a coefficient c ¤ 0. Because
P is symmetric, it contains all monomials obtained from X1k1 Xrkr by permuting the
X’s. Hence k1 k2 kr .
Clearly, the highest monomial in Si is X1 Xi , and it follows easily that the highest
monomial in S1d1 Srdr is
X1d1 Cd2 CCdr X2d2 CCdr Xrdr :
Therefore
P .X1 ; : : : ; Xr / cS1k1 k2
S2k2 k3
Srkr < P .X1 ; : : : ; Xr /:
We can repeat this argument with the polynomial on the left, and after a finite number of
steps, we will arrive at a representation of P as a polynomial in S1 ; : : : ; Sr . 2
Let f .X / D X n C a1 X n 1 C C an 2QAŒX , and let ˛1 ; : : : ; ˛n be the roots of f .X /

in some ring containing A, so that f .X / D .X ˛i / in the larger ring. Then
a1 D S1 .˛1 ; : : : ; ˛n /; a2 D S2 .˛1 ; : : : ; ˛n /; :::; an D ˙Sn .˛1 ; : : : ; ˛n /:
Thus the elementary symmetric polynomials in the roots of f .X / lie in A, and so the
theorem implies that every symmetric polynomial in the roots of f .X / lies in A.
P ROPOSITION 2.3 Let A be an integral domain, and let ˝ be an algebraically closed field
containing A. If ˛1 ; : : : ; ˛n are the roots in ˝ of a monic polynomial in AŒX , then any
polynomial g.˛1 ; : : : ; ˛n / in the ˛i with coefficients in A is a root of a monic polynomial
in AŒX .
P ROOF. Clearly
def
Y
h.X / D .X g.˛ .1/ ; : : : ; ˛ .n/ //
2Symn
is a monic polynomial whose coefficients are symmetric polynomials in the ˛i , and there-
fore lie in A. But g.˛1 ; : : : ; ˛n / is one of its roots. 2
We now prove Theorem 2.1. Let ˛1 and ˛2 be elements of L integral over A. There
exists a monic polynomial in AŒX having both ˛1 and ˛2 as roots. We can now apply (2.3)
with g.˛1 ; : : :/ equal to ˛1 ˙ ˛2 or ˛1 ˛2 to deduce that these elements are integral over A.
Dedekind’s proof that the integral elements form a ring

P ROPOSITION 2.4 Let L be a field containing A. An element ˛ of L is integral over A if
and only if there exists a nonzero finitely generated A-submodule of L such that ˛M M
(in fact, we can take M D AŒ˛, the A-subalgebra generated by ˛).
20 CHAPTER 2. RINGS OF INTEGERS
P ROOF. )W Suppose
˛ n C a1 ˛ n 1
C C an D 0; ai 2 A:
Then the A-submodule M of L generated by 1, ˛, ..., ˛ n 1 has the property that ˛M M .
(HW We shall need to apply Cramer’s rule. As usually stated (in linear algebra courses)
this says that, if
Xm
cij xj D di ; i D 1; : : : ; m;
j D1
then
xj D det.Cj /= det.C /
where C D .cij / and Cj is obtained from C by replacing the elements of the j th column
with the di s. When one restates the equation as
det.C / xj D det.Cj /
it becomes true over any ring (whether or not det.C / is invertible). The proof is elementary—
essentially it is what you wind up with when you eliminate the other variables (try it for
m D 2). Alternatively, expand out
ˇ ˇ
ˇ c11 : : : P c1j xj : : : c1m ˇ
det Cj D ˇ :::
ˇ
:: :: ˇ
ˇ
ˇ
ˇ P : : ˇˇ
ˇ cm1 : : : cmj xj : : : cmm ˇ
using standard properties of determinants.
Now let M be a nonzero A-module in L such that ˛M M , and let v1 ; : : : ; vn be a
finite set of generators for M . Then, for each i ,
P
˛vi D aij vj , some aij 2 A:
We can rewrite this system of equations as
.˛ a11 /v1 a12 v2 a13 v3 D 0
a21 v1 C .˛ a22 /v2 a23 v3 D 0
D 0:
Let C be the matrix of coefficients on the left-hand side. Then Cramer’s rule tells us that
det.C / vi D 0 for all i . Since at least one vi is nonzero and we are working inside the field
L, this implies that det.C / D 0. On expanding out the determinant, we obtain an equation
˛ n C c1 ˛ n 1
C c2 ˛ n 2
C C cn D 0; ci 2 A: 2
We now prove Theorem 2.1. Let ˛ and ˇ be two elements of L integral over A, and let
M and N be finitely generated A-modules in L such that ˛M M and ˇN N . Define
nX o
MN D mi ni j mi 2 M; ni 2 N :
Then:
(a) MN is an A-submodule of L (easy);
(b) it is finitely generated because, if fe1 ; : : : ; em g generates M and ff1 ; : : : ; fn g gener-
ates N , then fe1 f1 ; : : : ; ei fj ; : : : ; em fn g generates MN ;
(c) it is stable under multiplication by ˛ˇ and by ˛ ˙ ˇ:
We can now apply (2.4) to deduce that ˛ˇ and ˛ ˙ ˇ are integral over A.
INTEGRAL ELEMENTS 21
Integral elements
D EFINITION 2.5 The ring of elements of L integral over A is called the integral closure
of A in L. The integral closure of Z in an algebraic number field L is called the ring of
integers OL in L:
Next we want to see that L is the field of fractions of OL ; in fact we can prove more.
P ROPOSITION 2.6 Let K be the field of fractions of A, and let L be a field containing K.
If ˛ 2 L is algebraic over K, then there exists a d 2 A such that d˛ is integral over A.
P ROOF. By assumption, ˛ satisfies an equation

˛ m C a1 ˛ m 1
C C am D 0; ai 2 K:
Let d be a common denominator for the ai , so that dai 2 A for all i , and multiply through
the equation by d m W
d m ˛ m C a1 d m ˛ m 1
C ::. C am d m D 0:
We can rewrite this as
.d˛/m C a1 d.d˛/m 1
C C am d m D 0:
As a1 d , ... , am d m 2 A, this shows that d˛ is integral over A. 2
C OROLLARY 2.7 Let A be an integral domain with field of fractions K, and let B be the
integral closure of A in a field L containing K. If L is algebraic over K, then it is the field
of fractions of B:
P ROOF. The proposition shows that every ˛ 2 L can be written ˛ D ˇ=d with ˇ 2 B,
d 2 A. 2
D EFINITION 2.8 A ring A is integrally closed if it is its own integral closure in its field of
fractions K, i.e., if
˛ 2 K; ˛ integral over A ) ˛ 2 A:
P ROPOSITION 2.9 A unique factorization domain, for example, a principal ideal domain,
is integrally closed.
P ROOF. Let A be a unique factorization domain, and let a=b, with a; b 2 A, be an element
of the field of fractions of A integral over A. If b is a unit, then a=b 2 A. Otherwise we
may suppose that there is an irreducible element of A dividing b but not a. As a=b is
integral over A, it satisfies an equation
.a=b/n C a1 .a=b/n 1
C C an D 0; ai 2 A:
On multiplying through by b n , we obtain the equation
an C a1 an 1
b C ::. C an b n D 0:
The element then divides every term on the left except an , and hence must divide an .
Since it doesn’t divide a, this is a contradiction. 2
The proposition makes it easy to give examples of rings where

p unique factorization fails
— take any ring which is not integrally closed, for example, ZŒ 5.
E XAMPLE 2.10 (a) The rings Z and ZŒi are integrally closed because both are principal
ideal domains. p
(b) Unique factorization fails in ZŒ 3 because
p p
4 D 2 2 D .1 C 3/.1 3/;
andpthe four factors

p are all irreducible because they have the minimum norm 4. However,
3
ZŒ p 3 ZŒ p1 which is a principal ideal domain (and hence the integral closure of Z in
QŒ 3 D QŒ 3 1).
(c) For any field k, I claim that the integral closure of kŒS1 ; :::; Sm in k.X1 ; : : : ; Xm /
is kŒX1 ; : : : ; Xm (here the Si are the elementary symmetric polynomials).
Let f 2 k.X1 ; : : : ; Xm / be integral over kŒS1 ; : : : ; Sm . Then f is integral over
kŒX1 ; : : : ; Xm , which is a unique factorization domain, and hence is integrally closed in
its field of fractions. Thus f 2 kŒX1 ; : : : ; Xm .
Conversely, let f 2 kŒX1 ; : : : ; Xm . Then f is a root of the monic polynomial
Y
.T f .X .1/ ; : : : ; X .m/ //:
2Symm
The coefficients of this polynomial are symmetric polynomials in the Xi , and therefore (see
2.2) lie in kŒS1 ; : : : ; Sr .
P ROPOSITION 2.11 Let K be the field of fractions of A, and let L be an extension of K of

finite degree. Assume A is integrally closed. An element ˛ of L is integral over A if and
only if its minimum polynomial over K has coefficients in A.
P ROOF. Let ˛ be an element of L integral over A, so that
˛ m C a1 ˛ m 1
C ::. C am D 0; some ai 2 A:
Let f .X / be the minimum polynomial of ˛ over K. For any root ˛ 0 of f .X /, the fields
KŒ˛ and KŒ˛ 0 are both stem fields for f (see FT p9), and so there exists a K-isomorphism
W KŒ˛ ! KŒ˛ 0 ; .˛/ D ˛ 0 I
On applying to the above equation we obtain the equation
˛ 0m C a1 ˛ 0m 1
C ::. C am D 0;
which shows that ˛ 0 is integral over A. Hence all the roots of f .X / are integral over A, and
it follows that the coefficients of f .X / are integral over A (by 2.1). They lie in K, and A is
integrally closed, and so they lie in A. This proves the “only if” part of the statement, and
the “if” part is obvious. 2
R EMARK 2.12 As we noted in the introduction,

p this makes it easy to compute some rings
of integers. For example, an element ˛ 2 QŒ d is integral over Z if and only if its trace
and norm both lie in Z:
INTEGRAL ELEMENTS 23
P ROPOSITION 2.13 If B is integral over A and finitely generated as an A-algebra, then it

is finitely generated as an A-module.
P ROOF. First consider the case that B is generated as an A-algebra by a single element, say
B D AŒˇ. By assumption
ˇ n C a1 ˇ n 1
C C an D 0; some ai 2 A:
Every element of B can be expressed as a finite sum
c0 C c1 ˇ C c2 ˇ 2 C C cN ˇ N ; ci 2 A,
and we can exploit the preceding equality to replace ˇ n (successively) with a linear combi-
nation of lower powers of ˇ. Thus every element of B can be expressed as a finite sum
c0 C c1 ˇ C c2 ˇ 2 C C cn 1ˇ
n 1
, ci 2 A;
and so 1; ˇ; ˇ 2 ; : : : ; ˇ n 1 generate B as an A-module. In order to pass to the general case,

we need a lemma. 2
L EMMA 2.14 Let A B C be rings. If B is finitely generated as an A-module, and C

is finitely generated as a B-module, then C is finitely generated as an A-module.
P ROOF. If fˇ1 ; :::; ˇm g is a set of generators for B as an A-module, and f 1 ; :::; n g is

a set of generators for C as a B-module, then fˇi j g is a set of generators for C as an
A-module. 2
We now complete the proof of (2.13). Let ˇ1 ; : : : ; ˇm generate B as an A-algebra, and

consider
A AŒˇ1 AŒˇ1 ; ˇ2 AŒˇ1 ; :::; ˇm D B:
We saw above that AŒˇ1 is finitely generated as an A-module. Since AŒˇ1 ; ˇ2 D AŒˇ1 Œˇ2 ,
and ˇ2 is integral over AŒˇ1 (because it is over A), the same observation shows that
AŒˇ1 ; ˇ2 is finitely generated as a AŒˇ1 -module. Now the lemma shows that AŒˇ1 ; ˇ2
is finitely generated as an A-module. Continuing in this fashion, we find that B is finitely
generated as an A-module.
P ROPOSITION 2.15 Consider integral domains A B C ; if B is integral over A, and

C is integral over B, then C is integral over A.
P ROOF. Let 2 C ; it satisfies an equation
n C b1 n 1
C C bn D 0; bi 2 B:
Let B 0 D AŒb1 ; :::; bn . Then B 0 is finitely generated as an A-module (by the last proposi-
tion), and is integral over B 0 (by our choice of the bi /, and so B 0 Œ is finitely generated
as an A-module. Since B 0 Œ B 0 Œ , Proposition 2.4 shows that is integral over A. 2
C OROLLARY 2.16 The integral closure of A in an algebraic extension L of its field of

fractions is integrally closed.
P ROOF. Let B be the integral closure of A in L, and let C be the integral closure of B in
L. Then C is integral over A, and so C B. 2
R EMARK 2.17 In particular, the ring of integers in a number field is integrally closed.
Clearly we want this, since we want our ring of integers to have the best chance of being a
unique factorization domain (see 2.9).
E XAMPLE 2.18 Let k be a finite field, and let K be a finite extension of k.X /. Let OK be
the integral closure of kŒX in K. The arithmetic of OK is very similar to that of the ring
of integers in a number field.
Review of bases of A-modules

Let M be an A-module. Recall that a set of elements e1 ; :::; en is a basis for M if
P
(a) ai ei D 0, ai 2 A ) all ai D 0, and P
(b) every element x of M can be expressed in the form x D ai ei , ai 2 A.
Let fe1 ; :::; en g be a basis for
P M , and let ff1 ; :::; fn g be a second set of n elements in
M . Then we can write fi D aij ej , aij 2 A, and fi is also a basis if and only if the
matrix .aij / is invertible in the ring Mn .A/ of n n matrices with coefficients in A (this is
obvious). Moreover .aij / is invertible in Mn .A/ if and only if its determinant is a unit in
A, and in this case, the inverse is given by the usual formula:
1 1
.aij / D adj.aij / det.aij / :
def
In the case that A D Z, the index of N D Zf1 C Zf2 C C Zfn in M is j det.aij /j
(assuming this is nonzero). To prove this, recall from basic graduate algebra that we can
choose bases fei0 g for M and ffi0 g for N such that fi0 D mi ei0 , mi 2 Z, mi > 0. If .ei0 / D
U .ei / and .fi0 / D V .fi /, then .fi / D V 1 DU.ei / where D D diag.m1 ; : : : ; mn /, and
det.V 1 DU / D det.V 1 / det.D/ det.U / D mi D .M W N /:

Q
Review of norms and traces

Let A B be rings such that B is a free A-module of rank n. Then any ˇ 2 B defines an
A-linear map
x 7! ˇxW B ! B;
and the trace and determinant of this map are well-defined. We call them the trace TrB=A ˇ
and norm Nm P B=A ˇ of ˇ in the extensionP B=A. Thus if fe1 ; :::; en g is a basis for B over A,
and ˇei D aij ej , then TrB=A .ˇ/ D ai i and NmB=A .ˇ/ D det.aij /. When B A is
a finite field extension, this agrees with the usual definition. The following hold (for a 2 A,
ˇ; ˇ 0 2 B):
Tr.ˇ C ˇ 0 / D Tr.ˇ/ C Tr.ˇ 0 / Nm.ˇˇ 0 / D Nm.ˇ/ Nm.ˇ 0 /

Tr.aˇ/ D a Tr.ˇ/ Nm.a/ D an
Tr.a/ D na
REVIEW OF BILINEAR FORMS 25
P ROPOSITION 2.19 Let L=K be an extension of fields of degree n, and let ˇ 2 L. Let
f .X/ be the minimum polynomial of ˇ over K and let ˇ1 D ˇ, ˇ2 , ... , ˇm be the roots of
f .X/. Then
TrL=K .ˇ/ D r.ˇ1 C C ˇm /; NmL=K .ˇ/ D .ˇ1 ˇm /r
where r D ŒL W KŒˇ D n=m:
P ROOF. Suppose first that L D KŒˇ, and compute the matrix of x 7! ˇx relative
Q to the
basis f1; ˇ; : : : ; ˇ n 1 g — one sees easily that it has trace ˇi and determinant ˇi . For
P
the general case, use the transitivity of norms and traces (see FT 5.38). 2
C OROLLARY 2.20 Assume L is separable of degree n over K, and let f1 ; :::; n g be the
set of distinct K-homomorphisms L ,! ˝ where ˝ is some big Galois extension of K
(e.g., the Galois closure of L over K/. Then
TrL=K .ˇ/ D 1 ˇ C C n ˇ; NmL=K .ˇ/ D 1 ˇ n ˇ:
P ROOF. Each ˇi occurs exactly r times in the family fi ˇg. 2
C OROLLARY 2.21 Let A be an integrally closed integral domain, and let L be a finite
extension of the field of fractions K of A; if ˇ 2 L is integral over A, then TrL=K .ˇ/ and
NmL=K .ˇ/ are in A.
P ROOF. We know that if ˇ is integral, then so also is each of its conjugates. Alternatively,
apply 2.11. 2
A SIDE 2.22 Let L D KŒ˛, and let ˛1 D ˛; ˛2 ; : : : ; ˛n be the conjugates of ˛ (in some Galois
extension of K containing L). For any ˇ D g.˛/ in L;
NmL=K .ˇ/ D niD1 g.˛i /; TrL=K .ˇ/ D niD1 g.˛i /:

Q P
This is a restatement of (2.20), and is Dedekind’s original definition (Dedekind 1877, 17).
Review of bilinear forms

Let V be a finite-dimensional vector space over a field K. Recall that a bilinear form on V
is a K-bilinear map
W V V ! K:
Such a form is symmetric if .x; y/ D .y; x/ for all x; y 2 V . The discriminant of a
P fe1 ; :::; em g of V is det. .ei ; ej //. If ff1 ; :::; fm g is a
bilinear form relative to a basis
set of elements of V , and fj D aj i ei , then
X X
.fk ; fl / D .aki ei ; alj ej / D aki .ei ; ej / alj ;
i;j i;j
and so
. .fk ; fl // D A . .ei ; ej // Atr
(equality of m m matrices) where A is the invertible matrix .aij /. Hence
det. .fi ; fj // D det.A/2 det. .ei ; ej // (5)
The form is said to be nondegenerate if it satisfies each of the following equivalent

conditions:
(a) has a nonzero discriminant relative to one (hence every) basis of V I
(b) the left kernel fv 2 V j .v; x/ D 0 for all x 2 V g is zero;
(c) the right kernel of is zero.
Thus if is nondegenerate, the map v 7! .x 7! .v; x// from V onto the dual vector
def
space V _ D Hom.V; K/ is an isomorphism. Let fe1 ; :::; em g be a basis for V , and let
f1 ; :::; fm be the dual basis in V _ , i.e., fi .ej / D ıij (Kronecker delta). We can use the
isomorphism V ! V _ given by a nondegenerate form to transfer ff1 ; :::; fm g to a basis
fe10 ; :::; em
0 g of V ; it has the property that
.ei0 ; ej / D ıij :
For example, suppose fe1 ; :::; em g is a basis such that . .ei ; ej // is a diagonal matrix — the
Gram-Schmidt process always allows us to find such a basis when the form is symmetric
— then ei0 D ei = .ei ; ei /:
Discriminants
If L is a finite extension of K (L and K fields), then
.˛; ˇ/ 7! TrL=K .˛ˇ/W L L ! K
is a symmetric bilinear form on L regarded as a vector space over K, and the discriminant
of this form is called the discriminant of L=K.
More generally, let B A be rings, and assume B is free of rank m as an A-module.
Let ˇ1 ; :::; ˇm be elements of B. We define their discriminant to be
D.ˇ1 ; :::; ˇm / D det.TrB=A .ˇi ˇj //:

P
L EMMA 2.23 If j D aj i ˇi , aij 2 A, then
D. 1 ; :::; m / D det.aij /2 D.ˇ1 ; :::; ˇm /:
P ROOF. See the proof of (5). 2
If the ˇs and s each form a basis for B over A, then det.aij / is a unit (see p24).
Thus the discriminant D.ˇ1 ; :::; ˇm / of a basis fˇ1 ; :::; ˇm g of B is well-defined up to
multiplication by the square of a unit in A. In particular, the ideal in A that it generates is
independent of the choice of the basis. This ideal, or D.ˇ1 ; :::; ˇm / itself regarded as an
element of A=A2 , is called the discriminant disc.B=A/ of B over A.
For example, when we have a finite extension of fields L=K, disc.L=K/ is an element
of K, well-defined up to multiplication by a nonzero square in K.
When A D Z, disc.B=A/ is a well-defined integer, because 1 is the only square of a
unit in Z:
DISCRIMINANTS 27
Warning: We shall see shortly that, when K is a number field of degree m over Q,
the ring of integers OK in K is free of rank m over Z, and so disc.OK =Z/ is a well-
defined integer. Sometimes this is loosely referred to as the discriminant of K=Q — strictly
speaking, disc.K=Q/ is the element of Q =Q2 represented by the integer disc.OK =Z/:
P ROPOSITION 2.24 Let A B be integral domains and assume that B is a free A-module
of rank m and that disc.B=A/ ¤ 0. Elements 1 ; :::; m form a basis for B as an A-module
if and only if
.D. 1 ; :::; m // D .disc.B=A// (as ideals in A).
P ROOF. Let fˇ1 ; :::; ˇm gPbe a basis for B as an A-module, and let 1 ; :::; m be any ele-
ments of B. Write j D aj i ˇi , aj i 2 A. Then
.2:23/
D. 1 ; :::; m / D det.aij /2 D.ˇ1 ; :::; ˇm /;
and, as we noted earlier, f 1 ; : : : ; m g is a basis if and only if det.aij / is a unit. 2
R EMARK 2.25 Take A D Z in (2.24). Elements 1 ; 2 ; : : : ; m generate a submodule N

of finite index in B if and only if D. 1 ; : : : ; m / ¤ 0, in which case
D. 1 ; : : : ; m / D .BW N /2 disc.B=Z/:
P
To prove this, choose a basis ˇ1 ; : : : ; ˇm for B as a Z-module, and write j D aj i ˇi .
Then both sides equal det.aij /2 D.ˇ1 ; : : : ; ˇm /.
P ROPOSITION 2.26 Let L be a finite separable extension of the field K of degree m, and
let 1 ; :::; m be the distinct K-homomorphisms of L into some large Galois extension ˝
of L. Then, for any basis ˇ1 ; :::; ˇm of L over K;
D.ˇ1 ; :::; ˇm / D det.i ˇj /2 ¤ 0:
P ROOF. By direct calculation, we have

def
D.ˇ1 ; : : : ; ˇm / D det.Tr.ˇ
P i ˇj //
D det.Pk k .ˇi ˇj // (by 2.20)
D det. k k .ˇi / k .ˇj //
D det.k .ˇi // det.k .ˇj //
D det.k .ˇi //2 :
Suppose that det.i ˇj / D 0. Then there exist c1 ; :::; cm 2 ˝ such that

X
ci i .ˇj / D 0 all j:
i 2
P
By linearity, it follows that i ci i .ˇ/ D 0 for all ˇ 2 L, but this contradicts Dedekind’s
theorem on the independence of characters (apply it with G D L / :
Let G be a group and ˝ a field, and let 1 ; :::; m be distinct homomorphisms
G ! ˝ ; then 1 ; :::; m are
P linearly independent over ˝, i.e., there do not
exist ci 2 ˝ such that x 7! i ci i .x/W G ! ˝ is the zero map (FT 5.14).
C OROLLARY 2.27 Let K be the field of fractions of A, and let L be a finite separable
extension of K of degree m. If the integral closure B of A in L is free of rank m over A,
then disc.B=A/ ¤ 0:
P ROOF. If fˇ1 ; :::; ˇm g is a basis for B as an A-module, then it follows easily from (2.6)
that it is also a basis for L as a K-vector space. Hence disc.B=A/ represents disc.L=K/:2
R EMARK 2.28 (a) The proposition shows that the K-bilinear pairing
.ˇ; ˇ 0 / 7! Tr.ˇ ˇ 0 /W L L ! K
is nondegenerate (its discriminant is disc.L=K/).

(b) The assumption that L=K is separable is essential; in fact, if L=K is not separable,
then disc.L=K/ D 0 (see Exercise 2-3).
Rings of integers are finitely generated

We now show that OK is finitely generated as a Z-module.
P ROPOSITION 2.29 Let A be an integrally closed integral domain with field of fractions
K, and let B the integral closure of A in a separable extension L of K of degree m. There
exists free A-submodules M and M 0 of L such that
M B M 0. (6)
Therefore B is a finitely generated A-module if A is Noetherian, and it is free of rank m if

A is a principal ideal domain.
P ROOF. Let fˇ1 ; :::; ˇm g be a basis for L over K. According to (2.6), there exists a d 2 A
such that d ˇi 2 B for all i . Clearly fd ˇ1 ; : : : ; d ˇm g is still a basis for L as a
vector space over K, and so we may assume to begin with that each ˇi 2 B. Because the
trace pairing is nondegenerate, there is a “dual” basis fˇ10 ; :::; ˇm
0 g of L over K such that
0
Tr.ˇi ˇj / D ıij (see the discussion following (5), p26). We shall show that
Aˇ1 C Aˇ2 C C Aˇm B Aˇ10 C Aˇ20 C C Aˇm

0
:
Only the second inclusionPrequires proof. Let ˇ 2 B. Then ˇ can be written uniquely as a
linear combination ˇ D bj ˇj0 of the ˇj0 with coefficients bj 2 K, and we have to show
that each bj 2 A. As ˇi and ˇ are in B, so also is ˇ ˇi , and so Tr.ˇ ˇi / 2 A (see 2.21).
But X X X
Tr.ˇ ˇi / D Tr. bj ˇj0 ˇi / D bj Tr.ˇj0 ˇi / D bj ıij D bi :
j j j
Hence bi 2 A.
If A Noetherian, then M 0 is a Noetherian A-module (see 1.8), and so B is finitely
generated as an A-module. If A is a principal ideal domain, then B is free of rank m
because it is contained in a free A-module of rank m, and it has rank m because it
contains a free A-module of rank m (see any basic graduate algebra course). 2
RINGS OF INTEGERS ARE FINITELY GENERATED 29
C OROLLARY 2.30 The ring of integers in a number field L is the largest subring that is
finitely generated as a Z-module.
P ROOF. We have just seen that OL is a finitely generated Z-module. Let B be another
subring of L that is finitely generated as a Z-module; then every element of B is integral
over Z (by 2.4), and so B OL : 2
R EMARK 2.31 (a) The hypothesis that L=K be separable is necessary to conclude that
B is a finitely generated A-module (we used that the trace pairing was nondegenerate).
However it is still true that the integral closure of kŒX in any finite extension of k.X / (not
necessarily separable) is a finitely generated kŒX -module.
(b) The hypothesis that A be a principal ideal domain is necessary to conclude from (6)
that B is a free A-module — there do exist examples of number fields L=K such that OL
is not a free OK -module. p
(c) Here is an example of a finitely generated module that is not free. Let A D ZŒ 5,
and consider the A-modules
p p
.2/ .2; 1 C 5/ ZŒ 5:
p p p
Bothp .2/ and ZŒ 5 are free ZŒ 5-modules of rank 1, but .2; 1 C 5/ is not a free
ZŒ 5-module of rank 1, because it is not a principal ideal (see the Introduction). In fact,
it is not a free module of any rank.
D EFINITION 2.32 When K is a number field, a basis ˛1 ; :::; ˛m for OK as a Z-module is

called an integral basis for K.
R EMARK 2.33 We
P retain the notations of the proposition and its proof.
(a) Let C D Aˇi B, with ˇi a basis for L over K. Define
C D fˇ 2 L j Tr.ˇ / 2 A for all 2 C g:
By linearity,
ˇ 2 C ” Tr.ˇˇi / 2 A for i D 1; :::; m;
and it follows that X
C D Aˇi0 :
Thus we have: X X
C D Aˇi B Aˇi0 D C :
(b) Write L D QŒˇ with ˇ 2 B, and let f .X / be the minimum polynomial of ˇ. Let
C D ZŒˇ D Z1 C Zˇ C C Zˇ m 1 . We want to find C .
One can show (Artin 1959, Chapter 7) that

i 0 0 if 0 i m 2
Tr.ˇ =f .ˇ// D
1 if i Dm 1
(these formulas go back to Euler). It follows from this that
det.Tr.ˇ i ˇ j =f 0 .ˇ// D . 1/m

(the only term contributing to the determinant is the product of the elements on the other
0 is the dual basis to 1; ˇ; : : : ; ˇ m 1 , so that Tr.ˇ i ˇ 0 / D ı , then
diagonal). If ˇ10 ; :::; ˇm j ij
det.Tr.ˇ i ˇj0 // D 1:
On comparing these formulas, one sees that the matrix relating the family
f1=f 0 .ˇ/; :::; ˇ m 1

=f 0 .ˇ/g
to the basis
fˇ10 ; :::; ˇm
0
g
has determinant ˙1, and so it is invertible in Mn .A/. Thus we see that C is a free A-
module with basis f1=f 0 .ˇ/; : : : ; ˇ m 1 =f 0 .ˇ/g:
C D AŒˇ B f 0 .ˇ/ 1
AŒˇ D C :
Finding the ring of integers

We now assume K to be a field of characteristic zero.
P ROPOSITION 2.34 Let L D KŒˇ some Q ˇ, and let f .X / be the minimum polynomial of
ˇ over K. Suppose that f .X / factors into .X ˇi / over the Galois closure of L. Then
Y
D.1; ˇ; ˇ 2 ; : : : ; ˇ m 1 / D .ˇi ˇj /2 D . 1/m.m 1/=2 NmL=K .f 0 .ˇ//:
1i <j m
P ROOF. We have
D.1; ˇ; ˇ 2 ; : : : ; ˇ m 1/ D det.i .ˇ j //2 (2.26)
j 2
D det.ˇ
Q i/
D . i <j .ˇi ˇj //2 (Vandermonde)
D . 1/m.m 1/=2 i . j ¤i .ˇi
Q Q
ˇj //
D . 1/m.m 1/=2 j f 0 .ˇj /
Q
D . 1/m.m 1/=2 Nm.f 0 .ˇ//:

2
The number in (2.34) is called the discriminant of f .X /. It can also be defined as the
resultant of f .X / and f 0 .X /. The discriminant of f lies in K, and it is zero if and only if
f has a repeated root. It is a symmetric polynomial in the ˇi with coefficients in K, and so
(by 2.2) it can be expressed in terms of the coefficients of f .X /, but the formulas are quite
complicated.
E XAMPLE 2.35 We compute the discriminant of
f .X / D X n C aX C b, a; b 2 K;
assumed to be irreducible and separable. Let ˇ be a root of f .X /, and let
D f 0 .ˇ/ D nˇ n 1
C a:
FINDING THE RING OF INTEGERS 31
We compute NmKŒˇ =K . /. On multiplying the equation

ˇ n C aˇ C b D 0
by nˇ 1 and rearranging, we obtain the equation
nˇ n 1
D na nbˇ 1
:
Hence
D nˇ n 1
Ca D .n 1/a nbˇ 1
:
Solving for ˇ gives
nb
ˇD ;
C .n 1/a
from which it is clear that KŒˇ D KŒ , and so the minimum polynomial of over K also
has degree n. If we write

nb
f D P .X /=Q.X /;
X C .n 1/a
then P . /=Q. / D f .ˇ/ D 0 and so P . / D 0. Since
P .X / D .X C .n 1/a/n na.X C .n 1/a/n 1
C . 1/n nn b n 1
is monic of degree n, it must be the minimum polynomial of . Therefore Nm. / is . 1/n

times the constant term of this polynomial, and so we find that
Nm. / D nn b n 1
C . 1/n 1
.n 1/n 1 n
a :
Finally we obtain the formula:
disc.X n C aX C b/ D . 1/n.n 1/=2
.nn b n 1
C . 1/n 1
.n 1/n 1 n
a /
For example:
disc.X 2 C aX C b/ D 4b C a2 ;
disc.X 3 C aX C b/ D 27b 2 4a3 ;
disc.X 4 C aX C b/ D 256b 3 27a4 ,
disc.X 5 C aX C b/ D 55 b 4 C 44 a5 :
For any polynomials more complicated than the above, use a computer program. For
example, typing
poldisc(X^3+a*X^2+b*X+c)
in PARI returns
-4*c*a^3 + b^2*a^2 + 18*c*b*a + (-4*b^3 - 27*c^2)
i.e., 4ca3 C b 2 a2 C 18cba C . 4b 3 27c 2 /.
The general strategy for finding the ring of integers of K is to write K D QŒ˛ with
˛ an integer in K, and compute D.1; ˛; :::; ˛ m 1 /. It is an integer, and if it is square-free,
then f1; ˛; :::; ˛ m 1 g is automatically an integral basis, because (see 2.25)
D.1; ˛; : : : ; ˛ m 1
/ D disc.OK =Z/ .OK W ZŒ˛/2 : (7)
If it is not square-free, f1; ˛; :::; ˛ m 1 g may still be an integral basis, and sometimes one
can tell this by using Stickelberger’s theorem (see 2.40 below) or by looking at how primes
P If f1;
ramify (see later). ˛; :::; ˛ m 1 g is not an integral basis, one has to look for algebraic
integers not in Z ˛ i (we describe an algorithm below).
E XAMPLE 2.36 The polynomial X 3 X 1 is irreducible1 in QŒX , because, if it factored,

it would have a root in Q, which would be an integer dividing 1. Let ˛ be a root of X 3
X 1. We have
D.1; ˛; ˛ 2 / D disc.f .X // D 23;
which contains no square factor, and so f1; ˛; ˛ 2 g is an integral basis for QŒ˛ (and ZŒ˛ is
the ring of integers in QŒ˛).
E XAMPLE 2.37 The polynomial X 3 C X C 1 is irreducible in QŒX , and, for any root ˛
of it, D.1; ˛; ˛ 2 / D disc.f .X // D 31, which contains no square factor, and so again
f1; ˛; ˛ 2 g is an integral basis for QŒ˛:
E XAMPLE 2.38 This example goes back to Dedekind. Let K D QŒ˛, where ˛ is a root of
f .X / D X 3 C X 2 2X C 8:
The discriminant of f is 2012 D 4 503, but Dedekind showed that OK ¤ ZŒˇ, and
so disc.O=Z/ D 503. In fact Dedekind showed that there is no integral basis of the form
1, ˇ, ˇ 2 (see Weiss 1963, p170; for another example of this type, see Exercise 2-6.)
E XAMPLE 2.39 Consider the field QŒ˛ where ˛ is a root of f .X / D X 5 X 1. This

polynomial is irreducible, because it is irreducible in F3 ŒX . The discriminant of f .X / is
2869 D 19 151, and so the ring of integers in QŒ˛ is ZŒ˛.
P ROPOSITION 2.40 Let K be an algebraic number field.

(a) The sign of disc.K=Q/ is . 1/s , where 2s is the number of homomorphisms K ,! C
whose image is not contained in R:
(b) (Stickelberger’s theorem) disc.OK =Z/ 0 or 1 mod 4.
P ROOF. (a) Let K D QŒ˛, and let ˛1 D ˛, ˛2 , ..., ˛r be the real conjugates of ˛ and ˛rC1 ,
˛N rC1 ; :::; ˛rCs ; ˛N rCs the complex conjugates. Then
Y 2
sign.D.1; :::; ˛ m 1 // D sign .˛rCi s ˛N rCi s /
1i s
because the other terms are either squares of real numbers or occur in conjugate pairs, and
this equals . 1/s .
(b) Recall that disc.OK =Z/ D det.i ˛j /2 , where ˛1 ; :::; ˛m is an integral basis. Let P
be the sum of the terms in the expansion of det.i ˛j / corresponding to even permutations,
and N the sum of the terms corresponding to odd permutations. Then
disc.OK =Z/ D .P N /2 D .P C N /2 4PN:
If is an element of the Galois group of the Galois closure of K over Q, then either P D P
and N D N , or P D N and N D P . In either case, fixes P C N and PN , and so
they are rational numbers. As they are integral over Z, they must in fact be integers, from
which it follows that
disc.OK =Z/ .P C N /2 0 or 1 mod 4: 2
1 In fact, this is the monic irreducible cubic polynomial in ZŒX with the smallest discriminant.
ALGORITHMS FOR FINDING THE RING OF INTEGERS 33
p
E XAMPLE 2.41 Consider the field QŒ m, where m is a square-free integer.
p
Case m 2; 3 mod 4. Here D.1; m/ D disc.X 2 m/ D 4m, and so Stickelberger’s
p
theorem shows that disc.OK =Z/ D 4m, and hence f1; mg is an integral basis.
p
Case m 1 mod 4. The element .1 C m/=2 is integral because it is a root of
p p
X 2 X C .1 m/=4. As D.1; .1 C m/=2/ D m, we see that f1; .1 C m/=2g is an
integral basis.
R EMARK 2.42 Let K and K 0 be number fields. If K and K 0 are isomorphic, then they
have the same degree and the same discriminant, but the converse statement is false. For
example, there are four nonisomorphic cubic number fields with discriminant 4027 (4027
is prime). See (3.48) and (3.49) for two of them.
The curious may wonder why we didn’t give an example of a field generated over Q by
an integral element whose minimum polynomial has discriminant ˙1. The reason is that
there is no such polynomial of degree > 1 — see the discussion following Theorem 4.9
below.2
Algorithms for finding the ring of integers

By an algorithm I mean a procedure that could (in principle) be put on a computer and is
guaranteed to lead to the answer in a finite number of steps. Suppose the input requires
N digits to express it. A good algorithm is one whose running time is < N c for some
c. For example, there is no known good algorithm for factoring an integer. By a practical
algorithm I mean one that has been (or should have been) put on a computer, and is actually
useful.
The following variant of (2.29) is useful. Let A be a principal ideal domain with field
of fractions K, and let B be the integral closure of A in a finite separable extension L of K
of degree m:
P ROPOSITION 2.43 Let ˇ1 ; :::; ˇm be a basis for L over K consisting of elements of B,
and let d D disc.ˇ1 ; :::; ˇm /. Then
A ˇ1 C ::. C A ˇm B A .ˇ1 =d / C ::. C A .ˇm =d /:
P ROOF. Let ˇ 2 B, and write

ˇ D x1 ˇ1 C C xm ˇm ; xi 2 K:
Let 1 ; : : : ; m be the distinct K-embeddings of L into some large Galois extension ˝ of
K. On applying the ’s to this equation, we obtain a system of linear equations:
i ˇ D x1 i ˇ1 C x2 i ˇ2 C C xm i ˇm ; i D 1; : : : ; m:
Hence by Cramer’s rule
xi D i =ı
where ı D det.i ˇj / and i is the determinant of the same matrix, but with the ith column
replaced with .i ˇ/. From (2.34), we know that ı 2 D d . Thus xi D i ı=d , and i ı is
an element of K (because it equals dxi ) and is integral over A. Therefore i ı 2 A, which
completes the proof. 2
2 In
p
fact, the smallest discriminant is 3, which occurs for QŒ 3.
Thus there is the following algorithm for finding the ring of integers in a number field
K. Write K D QŒ˛ where ˛ is integral over Q. Compute d D disc.1; ˛; :::; ˛ m 1 /. Then
1
ZŒ˛ OK d ZŒ˛:
Note that .d 1 ZŒ˛W ZŒ˛/ D d m , which is huge but finite. Each coset ˇ C ZŒ˛, ˇ 2
d 1 ZŒ˛, consists entirely of algebraic integers or contains no algebraic integer. Find a set
of representatives ˇ1 ; :::; ˇn for ZŒ˛ in d 1 ZŒ˛, and test each to see whether it is integral
over Z (the coefficients of its minimum polynomial will have denominators bounded by a
power of d , and so it is possible to tell whether or not they are integers by computing them
with sufficient accuracy).
Unfortunately this method is not practical. For example,
f .X / D X 5 C 17X 4 C 3X 3 C 2X 2 C X C 1
is irreducible, and has discriminant 285401001. Hence, if ˛ is a root of f .X / and K D

4
QŒ˛, then the index of ZŒ˛ in Z d1 C Z d˛ C C Z ˛d is .285401001/5 . Actually, as luck
would have it, 285401001 D 3 179 233 2281 is square-free, and so OK D ZŒ˛.
Note that PARIpcan compute the minimum polynomial of an algebraic number. For
3 p
example, let a D 1 C 7. We first type “a=sqrtn(1+sqrt(7),3)” in PARI, which
reports that aD1:539084083333266359084139071. Now “algdep(a,6)” asks PARI for a
minimum polynomial for a of degree at most 6, which (correctly) reports it to be
X6 2X 3 6 D .X 3 1/2 7:
Unfortunately, of course, PARI will find a “minimum polynomial” for a even when a is
transcendental.
I now discuss a practical algorithm for finding OK for small degrees and small dis-
criminants from Pohst and Zassenhaus 1989 (see the additional references at the end of this
section). The next result will help us get an idea of what should be possible.
L EMMA 2.44 Let .A; ı/ be Euclidean domain, and let M be an m m matrix with coef-
ficients in A. Then it is possible to put M into upper triangular form by elementary row
operations of the following type:
(r1) add a multiple of one row to a second;
(r2) swap two rows.
P ROOF. By definition ıW A ! Z is a function with the following property: for any two
elements a; b of A with a ¤ 0, there exist elements q and r such that
b D qa C r, with r D 0 or ı.r/ < ı.a/:
Apply an operation of type (r2) so that the element of the first column with the minimum ı is
in the .1; 1/-position. If a11 divides all elements in the first column, we can use operations
of type (r1) to make all the remaining elements of the first column zero. If not, we can use
(r1) to get an element in the first column that has smaller ı-value than a11 , and put that
in the .1; 1/ position. Repeat — eventually, we will have the gcd of the original elements
in the first column in the .1; 1/ position and zeros elsewhere. Then move onto the next
column. . . . 2
ALGORITHMS FOR FINDING THE RING OF INTEGERS 35
R EMARK 2.45 (a) The operations (r1) and (r2) are invertible in matrices with coefficients
in A, and they correspond to multiplying on the left with an invertible matrix in Mn .A/.
Hence we have shown that there exists an invertible matrix U in Mn .A/ such that UM is
upper triangular. On taking transposes, we find that for any matrix M 2 Mn .A/, there is an
invertible matrix U in Mn .A/ such that M U is lower triangular.
(b) Take A D Z (for simplicity), and add the (invertible) operation:
(r3) multiply a row by 1.
Using (r1,r2,r3), it is possible to make the triangular matrix T D UM satisfy the fol-
lowing conditions (assuming det.M / ¤ 0):
ai i > 0 for all i I
the elements aij of the j th column satisfy 0 aij < ajj :
Then T is unique. It is called the Hermite normal form of A.
Consider the field K D QŒ˛ generated over Q by the algebraic integer ˛ with minimum
polynomial f .X /. Let f!1 ; :::; !n g be a basis for OK as a Z-module, and write
ADM ˝
where A D .1; ˛; :::; ˛ n 1 /tr and ˝ D .!1 ; :::; !n /tr . Choose U so that M U is lower
triangular (and in Hermite normal form), and write
1
A D MU U ˝ D T ˝ 0:
def
Here ˝ 0 D U 1 ˝ is again a Z-basis for OK , and ˝ 0 D T 1 A with T 1 also lower
triangular (but not necessarily with integer coefficients). Thus
!10 D a11 1I
!20 D a21 1 C a22 ˛I
etc.,
where d aij 2 Z, d D j det.M /j D j det.T /j:
p
E XAMPLE 2.46 Let K D QŒ m, m square-free, m 1 (mod 4). The integral basis
p
1C m
1;
2
is of the above form.
In Pohst and Zassenhaus 1989, 4.6, there is an algorithm that, starting from a monic
irreducible polynomial
f .X / D X n C a1 X n 1
C C an ; an 2 Z;
constructs an integral basis !1 ; :::; !n , such that

i
!
X
!i D ai k ˛ i =Ni
kD1
where
˛ is a root of f .X /; ai k 2 Z; Ni 2 Z; gcd.ai1 ; :::; ai i / D 1:
In an Appendix, they use it to show that QŒ˛, where ˛ is a root of
f .X / D X 11 C 101X 10 C 4151X 9 C 332150625;
has an integral basis

!1 D 1;
!2 D .1=2/˛ C 1=2
!3 D .1=4/˛ 2 1=4
!4 D .1=8/˛ 3 C .1=8/˛ 2 .1=8/˛ 1=8
...........
!11 D .1=9103145472000/˛ 10 C 4064571=49948672:
The discriminant of f is 2130 312 512 2918 822316 , and the index of ZŒ˛ in
OK is 256 36 53 299 .
The first step is to compute D.1; ˛; ˛ 2 ; : : :/ D disc.f .X // and to find its square factors.
Finding the square factors of disc.f .X // is the most time-consuming part of the algorithm.
The time taken to factor an N -digit number is exponential in the number of digits of N .
Every computer can factor a 50 digit number easily, but after that it becomes rapidly more
difficult. Hundred digit numbers are already difficult. Thus this is not a good algorithm in
the above sense. Once one has found the square factors of disc.f .X // the algorithm for
computing an integral basis of the above form is good.
Using PARI
To determine whether a polynomial f is irreducible, use polisirreducible(f). For
example, polisirreducible(X^5+17*X^4+3*X^3+2*X^2+X+1) returns 1, which means
that X 5 C 17X 4 C 3X 3 C 2X 2 C X C 1 is irreducible, and polisirreducible(X^2-1)
returns 0, which means that X 2 1 is reducible.
To find the discriminant of a polynomial f , use poldisc(f). For example,
poldisc(X^5+17*X^4+3*X^3+2*X^2+X+1) returns 285401001, and poldisc(X^2+3)
returns -12.
To study the stem field of a polynomial f , use nfinit(f). For example,
nfinit(X^5-5*X^3+4*X-1) returns
[X^5 - 5*X^3 + 4*X - 1, [5, 0], 38569, ...]
which means that X 5 5X 3 C 4X 1 has 5 real roots and no nonreal roots and that its
stem field QŒ˛ has discriminant 38569. Moreover, typing
nfbasis(X^5-5*X^3+4*X-1) returns
[1, X, X^2, X^3, ˚ X^4],
which means that 1; ˛; ˛ 2 ; ˛ 3 ; ˛ 4 is an integral basis for QŒ˛ (cf. p34).

On the other hand, typing

nfinit(X^2+3) returns
[X^2 + 3, [0, 1], -3, ...]
2
which means that,p X C 3 has no real roots and one conjugate pair of complex roots, and
that the field QŒ 3 has discriminant 3. Moreover, typing
nfbasis(X^2+3) returns
[1, 1/2*X + 1/2], n p o p
which means that 1; 21 3 C 12 is an integral basis for QŒ 3.
For Dedekind’s polynomial in (2.38), PARI says that it has one real root and one conju-
gate pair of nonreal roots, and that its stem field has discriminant 503. It finds the integral
EXERCISES 37
basis f1; ˛; 12 ˛ 2 C 12 ˛g. Note that
ZŒ˛ D ZŒ1; ˛; ˛ 2 C ˛;
and that r
2012
.OK W ZŒ˛/ D 2 D ,
503
as predicted by Equation 7, p31.
N OTES As noted earlier, it was Dedekind who found the correct definition of the ring of integers
in a number fields. Earlier authors either luckily chose the correct ring, e.g., Kummer chose ZŒ,
n D 1, which is the ring of integers in QŒ, or unluckily chose the wrong ring, e.g., Eulerpgave a
proof of Fermat’s last theorem for the exponent 3, which becomes correct when the ring ZŒ 3 is
replaced in the proof by its integral closure ZŒ, 3 D 1.
Exercises
p
2-1 Since ZŒ 5 is not integrally p
closed, it can not be a unique factorization domain.
Give an example of an element of ZŒ 5 that has two distinct factorizations into irreducible
elements.
2-2 Let A be an integrally closed ring, and let K be its field of fractions. Let f .X / 2 AŒX
be a monic polynomial. If f .X / is reducible in KŒX , show that it is reducible in AŒX .
2-3 Show that if L=K is not separable, then disc.L=K/ D 0.

p p
2-4 Let a Dp .2; 1 C 3/ in ZŒ 3. Show that a ¤ .2/, but a2 D .2/a.
p Conclude that
ideals in ZŒ 3 do not factor uniquely
p into prime ideals. (Hence ZŒ 3 is the wrong
choice for the ring of integers in QŒ 3.)
2-5 Let A be a subring of a ring B, and let ˇ be a unit in B. Show that every ˛ 2
AŒˇ \ AŒˇ 1 is integral over A. [This has a short solution, but it’s not obvious.]
p p
2-6 Let K D QŒ 7; 10, and let ˛ be an algebraic integer in K. The following argument
will show that OK ¤ ZŒ˛.
(a) Consider the four algebraic integers:
p p
˛1 D .1 C 7/.1 C 10/I
p p
˛2 D .1 C 7/.1 10/I
p p
˛3 D .1 7/.1 C 10/I
p p
˛4 D .1 7/.1 10/:
Show that all the products ˛i ˛j , i ¤ j , are divisible by 3 in OK , but that 3 does not divide
any power of any ˛i . [Hint: PShow that ˛in =3 is not an algebraic integer by considering its
trace: show that Tr.˛i / . ˛jn / 4n (mod 3) in ZŒ˛; deduce Tr.˛in / 1 (mod 3) in
n
Z.]
(b) Assume now that OK D ZŒ˛ — we shall derive a contradiction. Let f .X / be the
minimum polynomial of ˛ over Q. For g.X / 2 ZŒX , let g.X N / denote the image of g in
F3 ŒX, F3 D Z=.3/. Show that g.˛/ is divisible by 3 in ZŒ˛ if and only if gN is divisible by
fN in F3 ŒX :
(c) For each i , 1 i 4, let fi be a polynomial in ZŒX such that ˛i D fi .˛/. Show
that fNjfNi fNj .i ¤ j / in F3 ŒX , but that fN does not divide fNin for any n. Conclude that for
each i , fN has an irreducible factor which does not divide fNi but does divide all fNj , j ¤ i .
(d) This shows that fN has at least four distinct irreducible factors over F3 . On the other
hand, f has degree at most 4. Why is this a contradiction?
Chapter 3
Dedekind Domains; Factorization
Es steht schon bei Dedekind.

(It’s already in Dedekind.)
Emmy Noether
In this Chapter, we define the notion of a Dedekind domain, and prove that
˘ ideals in Dedekind domains factor uniquely into products of prime ideals, and
˘ rings of integers in number fields are Dedekind domains,
but first we consider a local version of a Dedekind domain.
Discrete valuation rings

The following conditions on a principal ideal domain are equivalent:
(a) A has exactly one nonzero prime ideal;
(b) up to associates, A has exactly one prime element;
(c) A is local and is not a field.
A ring satisfying these conditions is called a discrete valuation ring. Later we shall define
discrete valuations, and so justify the name.
def
E XAMPLE 3.1 The ring Z.p/ D f m n 2 Q j n not divisible by pg is a discrete valuation ring
with .p/ as its unique nonzero prime ideal. The units in Z.p/ are the nonzero elements m=n
with neither m nor n divisible by p, and the prime elements are those of the form unitp.
In a discrete valuation ring A with prime element , nonzero elements of A can be

expressed uniquely as u m with u a unit and m 0 (and m > 0 unless the element is a
unit). Every nonzero ideal in A is of the form . m / for a unique m 2 N. Thus, if a is an
ideal in A and p denotes the (unique) maximal ideal of A, then a D pm for a well-defined
integer m 0.
Recall that, for an A-module M and an m 2 M , the annihilator of m
Ann.m/ D fa 2 A j am D 0g:
It is an ideal in A, which is proper if m ¤ 0. Suppose that A is a discrete valuation ring,

and let c be a nonzero element of A. Let M D A=.c/. What is the annihilator of a nonzero
39
40 CHAPTER 3. DEDEKIND DOMAINS; FACTORIZATION
element b C .c/ of M ? Fix a prime element of A, and let c D u m , b D v n with u

and v units. Then n < m (else b C .c/ D 0 in M ), and
Ann.b C .c// D . m n
/:
Thus, a b for which Ann.b C .c// is maximal, is of the form v m 1 , and for this choice
Ann.b C .c// is a prime ideal generated by bc . We shall exploit these observations in the
proof of the next proposition, which gives a criterion for a ring to be a discrete valuation
ring.
P ROPOSITION 3.2 An integral domain A is a discrete valuation ring if and only if

(a) A is Noetherian,
(b) A is integrally closed, and
(c) A has exactly one nonzero prime ideal.
P ROOF. The necessity of the three conditions is obvious, and so let A be an integral domain
satisfying (a), (b), and (c). We have to show that every ideal in A is principal. As a first
step, we prove that the nonzero prime ideal is principal. Note that (c) implies that A is a
local ring.
def
Choose an element c 2 A, c ¤ 0, c ¤ unit, and consider the A-module M D A=.c/.
For each nonzero element m of M ,
Ann.m/ D fa 2 A j am D 0g
is a proper ideal in A. Because A is Noetherian, we can choose an m so that Ann.m/ is

maximal among these ideals. Write m D b C .c/ and p D Ann.b C .c//. Note that c 2 p,
and so p ¤ 0, and that
p D fa 2 A j cjabg:
I claim that p is prime. If not there exist elements x, y 2 A such that xy 2 p but
neither x nor y 2 p. Then yb C .c/ is a nonzero element of M because y … p. Consider
Ann.ybC.c//. Obviously it contains p and it contains x, but this contradicts the maximality
of p among ideals of the form Ann.m/. Hence p is prime.
I claim that bc … A. Otherwise b D c bc 2 .c/, and m D 0 (in M ).
I claim that bc 2 A, and p D . bc /. By definition, pb .c/, and so p bc A, and it is an
ideal in A. If p bc p, then bc is integral over A (by 2.4, since p is finitely generated), and
so bc 2 A (because of condition (b)), but we know bc … A. Thus p bc D A (by (c)), and this
implies that p D . bc /:
Let D bc , so that p D ./. Let a be a proper ideal of A, and consider the sequence
1 2
a a a :
If a r D a r 1 for some r, then 1 .a r / D a r , and 1 is integral over A (by

2.4), and so lies in A — this is impossible ( is not a unit in A). Therefore the sequence is
strictly increasing, and (again because A is Noetherian) it can’t be contained in A. Let m
be the smallest integer such that a m A but a m 1 * A. Then a m * p, and so
a m D A. Hence a D . m /: 2
DEDEKIND DOMAINS 41
Dedekind domains
D EFINITION 3.3 A Dedekind domain is an integral domain A, not equal to a field, such
that
(a) A is Noetherian,
(b) A is integrally closed, and
(c) every nonzero prime ideal is maximal.
Thus Proposition 3.2 says that a local integral domain is a Dedekind domain if and only
if it is a discrete valuation ring.
P ROPOSITION 3.4 Let A be a Dedekind domain, and let S be a multiplicative subset of A.

Then S 1 A is either a Dedekind domain or a field.
P ROOF. Condition (c) says that there is no containment relation between nonzero prime
ideals of A. If this condition holds for A, then (1.12) shows that it holds for S 1 A. Condi-
tions (a) and (b) follow from the next lemma. 2
P ROPOSITION 3.5 Let A be an integral domain, and let S be a multiplicative subset of A.

(a) If A is Noetherian, then so also is S 1 A:
(b) If A is integrally closed, then so also is S 1 A:
P ROOF. (a) Let a be an ideal in S 1 A. Then a D S 1 .a \ A/ (see 1.11), and so a is

generated by any (finite) set of generators for a \ A:
(b) Let ˛ be an element of the field of fractions of A (D field of fractions of S 1 A/ that
is integral over S 1 A. Then
˛ m C a1 ˛ m 1
C C am D 0, some ai 2 S 1
A:
For each i , there exists an si 2 S such that si ai 2 A. Set s D s1 sm 2 S , and multiply

through the equation by s m W
.s˛/m C sa1 .s˛/m 1

C C s m am D 0:
This equation shows that s˛ is integral over A, and so lies in A. Hence ˛ D .s˛/=s 2
S 1 A: 2
C OROLLARY 3.6 For any nonzero prime ideal p in a Dedekind domain A, the localization
Ap is a discrete valuation ring.
P ROOF. We saw in (1.13a) that Ap is local, and the proposition implies that it is Dedekind.2
Unique factorization of ideals

The main result concerning Dedekind domains is the following.
T HEOREM 3.7 Let A be a Dedekind domain. Every proper nonzero ideal a of A can be
written in the form
a D pr11 prnn
with the pi distinct prime ideals and the ri > 0; the pi and the ri are uniquely determined.
The proof will require several lemmas.
L EMMA 3.8 Let A be a Noetherian ring; then every ideal a in A contains a product of
nonzero prime ideals.
P ROOF. (Note the similarity to the proof of 1.4.) Suppose not, and choose a maximal
counterexample a. Then a itself can not be prime, and so there exist elements x and y of A
such that xy 2 a but neither x nor y 2 a. The ideals a C .x/ and a C .y/ strictly contain a,
but their product is contained in a. Because a is a maximal counterexample to the statement
of the lemma, each of a C .x/ and a C .y/ contains a product of prime ideals, and it follows
that a contains a product of prime ideals. 2
L EMMA 3.9 Let A be a ring, and let a and b be relatively prime ideals in A; for any m,
n 2 N, am and bn are relatively prime.
P ROOF. If am and bn are not relatively prime, then they are both contained in some prime
(even maximal) ideal p. But if a prime ideal contains a power of an element, then it contains
the element, and so p am ) p a and p bn ) p b. Thus a and b are both
contained in p, which contradicts the hypothesis.
Alternative proof: We are given that there exist elements a 2 A and b 2 B such that
a C b D 1. Consider
1 D .a C b/r D ar C 1r ar 1 b C C b r :

If r m C n, then the term on the right is the sum of an element of am with an element of
bn . 2
If p and p0 are distinct prime ideals of a Dedekind domain, then condition (c) of the
definition implies that p and p0 are relatively prime, and the lemma shows that pm and p0n
are also relatively prime for all m; n 1:
L EMMA 3.10 Let p be a maximal ideal of a ring A, and let q be the ideal it generates in
Ap , q D pAp . The map
a C pm 7! a C qm W A=pm ! Ap =qm
is an isomorphism.
UNIQUE FACTORIZATION OF IDEALS 43
P ROOF. We first show that the map is one-to-one. For this we have to show that qm \ A D
pm . But qm D S 1 pm , S D A p, and so we have to show that pm D .S 1 pm / \ A. An
element of .S 1 pm / \ A can be written a D b=s with b 2 pm , s 2 S, and a 2 A. Then
sa 2 pm , and so sa D 0 in A=pm . The only maximal ideal containing pm is p (because
m pm ) m p/, and so the only maximal ideal in A=pm is p=pm ; in particular, A=pm is
a local ring. As sCpm is not in p=pm , it is a unit in A=pm , and so sa D 0 in A=pm ) a D 0
in A=pm , i.e., a 2 pm :
We now prove that the map is surjective. Let as 2 Ap . Because s … p and p is maximal,
we have that .s/ C p D A, i.e., .s/ and p are relatively prime. Therefore .s/ and pm are
relatively prime, and so there exist b 2 A and q 2 pm such that bs C q D 1. Then b maps
to s 1 in Ap =qm and so ba maps to as . More precisely: because s is invertible in Ap =qm , as
is the unique element of this ring such that s as D a; since s.ba/ D a.1 q/, the image of
ba in Ap also has this property and therefore equals as . 2
R EMARK 3.11 With the notations of Proposition 1.11, we have shown in the above proof
that aec D a if a is a power of a maximal ideal p and S D S r p.
We now prove that a nonzero ideal a of A can be factored into a product of prime ideals.
According to 3.8 applied to A, the ideal a contains a product of nonzero prime ideals,
b D pr11 prmm :
We may suppose that the pi are distinct. Then
A=b ' A=pr11 A=prmm ' Ap1 =qr11 Apm =qrmm
where qi D pi Api is the maximal ideal of Api . The first isomorphism is given by the
Chinese Remainder Theorem (and 3.9), and the second is given by (3.10). Under this
isomorphism, a=b corresponds to q1s1 =qr11 qsmm =qrmm for some si ri (recall that the
rings Api are all discrete valuation rings). Since this ideal is also the image of ps11 psmm
under the isomorphism, we see that
a D ps11 psmm in A=b:
Both of these ideals contain b, and so this implies that
a D ps11 psmm
in A (because there is a one-to-one correspondence between the ideals of A=b and the ideals
of A containing b).
To complete the proof of Theorem 3.7, we have to prove that the above factorization is
unique, but in the course of the proof, we showed that si is determined by the condition,
aApi D qsi i ; qi the maximal ideal in Api :
R EMARK 3.12 Note that
si > 0 ” aApi ¤ Api ” a pi :

C OROLLARY 3.13 Let a and b be ideals in A; then
a b ” aAp bAp
for all ideals nonzero prime ideals p of A. In particular, a D b if and only if aAp D bAp
for all p.
P ROOF. The necessity is obvious. For the sufficiency, factor a and b
a D pr11 prmm ; b D ps11 psmm ; ri ; si 0:
Then
aApi bApi ” ri si ;
(recall that Api is a discrete valuation ring) and ri si all i implies a b. 2
C OROLLARY 3.14 Let A be an integral domain with only finitely many prime ideals; then
A is a Dedekind domain if and only if it is a principal ideal domain.
P ROOF. Assume A is a Dedekind domain. After (3.7), to show that A is principal, it suffices
to show that the prime ideals are principal. Let p1 ; : : : ; pm be these ideals. Choose an
element x1 2 p1 p21 . According to the Chinese Remainder Theorem (1.14), there is an
element x 2 A such that
x x1 mod p21 ; x1 mod pi ; i ¤ 1:
Now the ideals p1 and .x/ generate the same ideals in Api for all i , and so they are equal in
A (by 3.13). 2
C OROLLARY 3.15 Let a b ¤ 0 be two ideals in a Dedekind domain; then a D b C .a/

for some a 2 A:
P ROOF. Let b D pr11 prmm and a D ps11 psmm with ri ; sj 0. Because b a, si ri

for all i . For 1 i m, choose an xi 2 A such that xi 2 psi i , xi … psi i C1 . By the Chinese
Remainder Theorem, there is an a 2 A such that
a xi mod pri i , for all i:
Now one sees that b C .a/ D a by looking at the ideals they generate in Ap for all p: 2
C OROLLARY 3.16 Let a be an ideal in a Dedekind domain, and let a be any nonzero
element of a; then there exists a b 2 a such that a D .a; b/:
P ROOF. Apply (3.15) to a .a/: 2
C OROLLARY 3.17 Let a be a nonzero ideal in a Dedekind domain; then there exists a
nonzero ideal a in A such that aa is principal. Moreover, a can be chosen to be relatively
prime to any particular ideal c, and it can be chosen so that aa D .a/ with a any particular
element of a (but not both).
THE IDEAL CLASS GROUP 45
P ROOF. Let a 2 a, a ¤ 0; then a .a/, and so we have
.a/ D pr11 prmm and a D ps11 psmm ; si ri :
If a D p1r1 s1 prmm sm , then aa D .a/:

We now show that a can be chosen to be prime to c. We have a ac, and so (by 3.15)
there exists an a 2 a such that a D ac C .a/. As a .a/, we have .a/ D a a for some
ideal a (by the above argument); now, ac C aa D a, and so c C a D A. (Otherwise
c C a p some prime ideal, and ac C aa D a.c C a / ap ¤ a:/ 2
In basic graduate algebra courses, it is shown that

A a principal ideal domain ) A is a unique factorization domain.
The converse is false because, for example, kŒX; Y is a unique factorization domain in
which the ideal .X; Y / is not principal, but it is true for Dedekind domains.
P ROPOSITION 3.18 A Dedekind domain that is a unique factorization domain is a principal

ideal domain.
P ROOF. Let A be a Dedekind domain with unique factorization. It suffices to show that
the nonzero prime ideals are principal—let p be such an ideal. It will contain a nonzero
element, which (because of 1.4) is a product of irreducible elements. Because p is prime, it
will contain one of the irreducible factors , and we know from (3.17) that there exists an
ideal p such that pp D ./. I will show that p D A, and so p D ./. From (3.17) we
know that there are ideals q and q such that
pq D .a/; q C p D AI qq D .b/; q C p D A
for some a; b 2 A. Since .b/ D pp qq D .a/p q , we see that ajb, and so c D b a 2
A. Then b D ac, and because A is a unique factorization domain, this implies that ja or
jc.
If ja, then a 2 A, and a p D q. Thus any prime ideal dividing p will also divide

q, and this is impossible because q and p are relatively prime. Therefore, there is no such
ideal, and p D A in this case.
Similarly, if jc, then c p D q , which is impossible because p does not divide q

(q is relatively prime to p/. Thus this case does not occur. 2
The ideal class group

Let A be a Dedekind domain. A fractional ideal of A is a nonzero A-submodule a of K
such that
def
d a D fda j a 2 ag
is contained in A for some nonzero d 2 A (or K), i.e., it is a nonzero A-submodule of K
whose elements have a common denominator. Note that a fractional ideal is not an ideal
unless it is contained in A — when necessary to avoid confusion, we refer to the ideals in
A as integral ideals.
A fractional ideal a is a finitely generated A-module, because d a is an integral ideal,
hence finitely generated, for some d ¤ 0, and the map x 7! dxW a ! d a is an isomorphism
of A-modules. Conversely, a nonzero finitely generated A-submodule of K is a fractional

ideal, because a common denominator for the generators will be a common denominator
for all the elements of the module.
Every nonzero element b of K defines a fractional ideal
def def
.b/ D bA D fba j a 2 Ag:
A fractional ideal of this type is said to be principal.

The product of two fractional ideals is defined in the same way as for (integral) ideals
P
a b D f ai bi j ai 2 a; bi 2 bg :
This is again a fractional ideal: it is obviously an A-module, and if d a A and eb A,

then deab A. For principal fractional ideals, .a/.b/ D .ab/:
E XAMPLE 3.19 Let A be a discrete valuation ring with maximal ideal p and field of frac-
tions K. Write for a generator of p. Every nonzero element of K can be written uniquely
in the form a D u m with u a unit in A and m 2 Z. Let a be a fractional ideal of A. Then
d a A for some d 2 A, and we can suppose d D n . Thus n a is an ideal in A, and so it
is of the form . m / for some m 0. Clearly, a D . m n /. Thus the fractional ideals of A
are of the form . m /, m 2 Z. They form a free abelian group Id.A/ of rank 1, and the map
m 7! . m /W Z ! Id.A/
is an isomorphism.
T HEOREM 3.20 Let A be a Dedekind domain. The set Id(A) of fractional ideals is a group;
in fact, it is the free abelian group on the set of prime ideals.
P ROOF. We have noted that the law of composition is well-defined. It is obviously com-
mutative. For associativity, one checks that
nX o
.ab/c D ai bi ci j ai 2 a; bi 2 b; ci 2 c D a.bc/:
The ring A plays the role of an identity element: aA D a. In order to show that Id.A) is a
group, it remains to show that inverses exist.
Let a be a nonzero integral ideal. According to (3.17), there is an ideal a and an a 2 A
such that aa D .a/. Clearly a .a 1 a / D A, and so a 1 a is an inverse of a. If a is a
fractional ideal, then d a is an integral ideal for some d , and d .d a/ 1 will be an inverse
for a.
It remains to show that the group Id.A) is freely generated by the prime ideals, i.e.,
that each fractional ideal can be expressed in a unique way as a product of powers of prime
ideals. Let a be a fractional ideal. Then d a is an integral ideal for some d 2 A, and we can
write
d a D pr11 prmm ; .d / D ps11 psmm :
Thus a D pr11 s1 prmm sm
. The uniqueness follows from the uniqueness of the factoriza-
tion for integral ideals. 2
THE IDEAL CLASS GROUP 47
R EMARK 3.21 (a) Conversely, E. Noether showed that an integral domain whose frac-
tional ideals form a group under ideal multiplication is a Dedekind domain (see Cohn 1991,
Theorem 4.6).
(b) Let S be a multiplicative subset in a Dedekind domain A, and let AS D S 1 A. It is
an integral domain with the same field of fractions as A:
A AS K:
def
For any fractional ideal a of A, S 1 a D f as j a 2 a, s 2 S g is a fractional ideal of AS . It is
the AS -module generated by a. The following hold for any fractional ideals a and b,
1 1 1 1 1 1
S .ab/ D .S a/.S b/; S a D .aAS / :
For any fractional ideal a, define
a0 D fa 2 K j aa Ag:
This is an A-module, and if d 2 a, d ¤ 0, then d a0 A, and so a0 is a fractional ideal.

From the definition of a0 , we see that aa0 is an ideal in A. If it is not equal to A, then it
is contained in some prime ideal p. When we pass to Ap , the inclusion aa0 p becomes
bb0 q, where b, b0 , and q are the ideals in Ap generated by a, a0 , and p. Moreover,
b0 D fa 2 K j ab Ap g:
But q D ./, and b D . m / D m Ap for some m 2 Z. Clearly b0 D mA

p, and so
bb0 D Ap — we have a contradiction.
We define the ideal class group Cl(A) of A to be the quotient Cl.A/ D Id.A/=P.A/
of Id.A/ by the subgroup of principal ideals. The class number of A is the order of Cl(A)
(when finite). In the case that A is the ring of integers OK in a number field K, we often
refer to Cl.OK / as the ideal class group of K, and its order as the class number of K.
One of the main theorems of these notes will be that the class number hK of a number
field K is finite. Understanding how the class numbers of number fields vary remains an
p
interesting problem. For example, the class number of QŒ m for m positive and square-
free is 1 if and only if m D 1; 2; 3; 7; 11; 19; 43; 67; 163. It not difficult to show that these
fields have class number 1, but it was not until 1954 that it was shown (by Heegner) that
there were no more (and for more p than 15 years, no one believed Heegner’s proof to be
correct). We have seen that ZŒ 5 is not a principal ideal domain, and so can’t have class
number 1— in fact it has class number 2. The method we use to prove that the class number
is finite is effective: it provides an algorithm for computing it. There are expected to be an
infinite number of real quadratic fields with class number one, but this has not been proved.
Using the equivalent language of binary quadratic
p forms (see Chapter 4), Gauss showed
that the class group of a quadratic field QŒ d can have arbitrarily many cyclic factors of
even order.
It is known that every abelian group can be realized as the class group of a Dedekind
domain (not necessarily the ring of integers in a number field).1
1 Claborn, Luther. Every abelian group is a class group. Pacific J. Math. 18 1966 219–222.
E XAMPLE 3.22 Consider the affine elliptic curve

Y 2 D X 3 C aX C b; D 4a3 27b 2 ¤ 0:
The associated ring A D CŒX; Y =.Y 2 X 3 aX b/ of regular functions on A is a
Dedekind domain, and its class group is uncountable. In fact, it is isomorphic in a natural
way to C= for some lattice in C.2
P ROPOSITION 3.23 Let A be a Dedekind domain, and let S be a multiplicative set in A.

Then a 7! S 1 a defines an isomorphism from the subgroup of Id.A) generated by prime
ideals not meeting S to the group Id.S 1 A/.
P ROOF. Immediate consequence of 1.12 and 3.20. 2
R EMARK 3.24 Let A be a Dedekind domain with finite ideal class group. There is then a
finite set of ideals a1 ; :::; am which is a set of representatives for the ideal classes. Clearly we
may take the ai to be integral. Let b be any element in \ai , and let S be the multiplicative
set generated by b, S D f1; b; b 2 ; : : :g. I claim that S 1 A is a principal ideal domain.
By assumption, any ideal a A can be written a D .a/ ai for some a 2 K and i ,
1 i m. Because the map b 7! S 1 b is a homomorphism we have S 1 a D .a/ S 1 ai
where .a/ now denotes the ideal generated by a in S 1 A. Since S 1 ai contains a unit, it is
the whole ring. Thus S 1 a D .a/, and we see that every ideal in S 1 A of the form S 1 a
is principal. According to (3.11), all ideals of S 1 A are of this form.
R EMARK 3.25 The following conditions on an integral domain A are equivalent:

(a) A is a Dedekind domain;
(b) for every prime ideal p of A, Ap is a discrete valuation ring;
(c) the fractional ideals of A form a group;
(d) for every fractional ideal a of A, there is an ideal b such that ab D A:
We have seen that (a) implies (b) , (c), and (d), and the same arguments show that
(b) implies (c) and (d). The conditions (c) and (d) are obviously equivalent, and we have
already noted in (3.21) that (c) implies (a).
Discrete valuations
Let K be a field. A discrete valuation on K is a nonzero homomorphism vW K ! Z
such that v.a C b/ min.v.a/; v.b//. As v is not the zero homomorphism, its image is a
nonzero subgroup of Z, and is therefore of the form mZ for some m 2 Z. If m D 1, then
vW K ! Z is surjective, and v is said to be normalized; otherwise, x 7! m 1 v.x/ will
be a normalized discrete valuation.
Note that, for a discrete valuation ord,
ord.a1 C C am / min.ord.a1 /; ord.a2 C C am // min .ord.ai //: (8)
1i m
2 LetE be the associated complete curve, and let Div0 .E/ be the group of divisors of degree zero on E.
There is an obvious isomorphism Div0 .E/ ' Id.A/ under which principal divisors correspond to principal
ideals, and so
Cl.A/ ' Pic0 .E/ ' E.C/ ' C=
(Milne 2006, I 4.10, III 3.10).
DISCRETE VALUATIONS 49
E XAMPLE 3.26 (a) Let M be the field of meromorphic functions on a connected open
subset U of the complex plane (or, better, a compact Riemann surface), and let f 2 M .
For each P 2 U , define ordP .f / to be m, m, or 0 according as f has a pole of order m
at P , a zero of order m at P , or neither a pole nor a zero at P . Then ordP is a normalized
discrete valuation on M.
(b) Let A be a principal ideal domain with field of fractions K, and let be a prime
element of A. Then each element c of K can be expressed uniquely in the form c D m ab
with m 2 Z and a and b elements of A relatively prime to . Define v.c/ D m. Then v is
a normalized discrete valuation on K:
(c) Let A be a Dedekind domain and let p be a prime ideal in A. For any c 2 K , let
pv.c/ be the power of p in the factorization of .c/. Then v is a normalized discrete valuation
on K:
In all these examples, we have that v.a C b/ D v.b/ if v.a/ > v.b/. This is in fact
a general property of discrete valuations. First note that v./ D 0 for any element of K
of finite order because v is a homomorphism and Z has no elements of finite order); hence
v. a/ D v. 1/ C v.a/ D v.a/. Therefore, if v.a/ > v.b/, we have
v.b/ D v.a C b a// min.v.a C b/; v.a// min.v.a/; v.b// D v.b/;
and so equality must hold throughout, and this implies v.a C b/ D v.b/:
We often use “ord” rather than “v” to denote a discrete valuation; for example, we often
use ordp to denote the normalized discrete valuation defined by p in (c).
Example (b) shows that every discrete valuation ring gives rise to a discrete valuation
on its field of fractions. There is a converse to this statement.
P ROPOSITION 3.27 Let v be a discrete valuation on K, then
def
A D fa 2 K j v.a/ 0g
is a principal ideal domain with maximal ideal

def
m D fa 2 K j v.a/ > 0g:
If v.K / D mZ, then the ideal m is generated by any element such that v./ D m.
P ROOF. Routine. 2
Later we shall see that a discrete valuation ord defines a topology on K for which two
elements x and y are close if ord.x y/ is large. The Chinese Remainder Theorem can be
restated as an approximation theorem.
P ROPOSITION 3.28 Let x1 ; :::; xm be elements of a Dedekind domain A, and let p1 ; :::; pm
be distinct prime ideals of A. For any integer n, there is an x 2 A such that
ordpi .x xi / > n; i D 1; 2; :::; m:
P ROOF. From (3.9) we know that the ideals pnC1

i are relatively prime in pairs, and so (1.14)
provides us with an element x 2 A such that
x xi mod pnC1
i ; i D 1; 2; : : : ; m;
i.e., such that

ordpi .x xi / > n; i D 1; 2; :::; m: 2
Integral closures of Dedekind domains

We now prove a result that implies that rings of integers in number fields are Dedekind
domains, and hence that their ideals factor uniquely into products of prime ideals.
T HEOREM 3.29 Let A be a Dedekind domain with field of fractions K, and let B be the
integral closure of A in a finite separable extension L of K. Then B is a Dedekind domain.
P ROOF. We have to check the three conditions in the definition of a Dedekind domain
(p3.3). We first show that B is Noetherian. In (2.29) we showed that B is contained in
a finitely generated A-module. It follows that every ideal in B is finitely generated when
regarded as an A-module (being a submodule of a Noetherian A-module) and a fortiori as
an ideal .D B-module). Next, B is integrally closed because of (2.16). It remains to prove
that every nonzero prime ideal q of B is maximal. Let ˇ 2 q, ˇ ¤ 0. Then ˇ is integral
over A, and so there is an equation
ˇ n C a1 ˇ n 1
C C an D 0; ai 2 A;
which we may suppose to have the minimum possible degree. Then an ¤ 0. As an 2

ˇB \ A, we have that q \ A ¤ .0/. But q \ A is a prime ideal (obviously), and so it is a
maximal ideal p of A, and A=p is a field. We know B=q is an integral domain, and the map
a C p 7! a C q
identifies A=p with a subfield of B=q. As B is integral over A, B=q is algebraic over A=p.
The next lemma shows that B=q is a field, and hence that q is maximal. 2
L EMMA 3.30 Any integral domain B containing a field k and algebraic over k is itself a
field.
P ROOF. Let ˇ be a nonzero element of B — we have to prove that it has an inverse in B.

Because ˇ is algebraic over k, the ring kŒˇ is finite-dimensional as a k-vector space, and
the map x 7! ˇxW kŒˇ ! kŒˇ is injective (because B is an integral domain). From linear
algebra we deduce that the map is surjective, and so there is an element ˇ 0 2 kŒˇ such that
ˇˇ 0 D 1: 2
In fact, Theorem 3.29 is true without the assumption that L be separable over K —
see Janusz 1996, I 6.1 for a proof of the more general result. The added difficulty is that,
without the separability condition, B may fail to be finitely generated as an A-module, and
so the proof that it is Noetherian is more difficult.
MODULES OVER DEDEKIND DOMAINS (SKETCH). 51
Modules over Dedekind domains (sketch).

The structure theorem for finitely generated modules over principal ideal domains has an
interesting extension to modules over Dedekind domains. Throughout this subsection, A is
a Dedekind domain.
First, note that a finitely generated torsion-free A-module M need not be free. For
example, every fractional ideal is finitely generated and torsion-free but it is free if and only
if it is principal. Thus the best we can hope for is the following.
T HEOREM 3.31 Let A be a Dedekind domain.
(a) Every finitely generated torsion-free A-module M is isomorphic to a direct sum of
fractional ideals,
M a1 ˚ ˚ am :
(b) Two finitely generated torsion-free A-modules M Qa1 ˚ Q
˚ am and N b1 ˚
˚ bn are isomorphic if and only if m D n and ai bi modulo principal
ideals.
Hence,
M a1 ˚ ˚ am A ˚ ˚ A ˚ a1 am :
Moreover, two fractional ideals a and b of A are isomorphic as A-modules if and only they
define the same element of the class group of A.
The rank of a module M over an integral domain R is the dimension of K ˝R M as a
K-vector space, where K is the field of fractions of R. Clearly the rank of M a1 ˚˚am
is m:
These remarks show that the set of isomorphism classes of finitely generated torsion-
free R-modules of rank 1 can be identified with the class group of A. Multiplication
of elements in Cl(A) corresponds to the formation of tensor product of modules. The
Grothendieck group of the category of finitely generated A-modules is Cl.A/ ˚ Z.
T HEOREM 3.32 (I NVARIANT FACTOR THEOREM ) Let M N be finitely generated torsion-
free A-modules of the same rank m. Then there exist elements e1 ; :::; em of M , fractional
ideals a1 ; :::; am , and integral ideals b1 b2 ::. bm such that
M D a1 e1 ˚ ˚ am em ; N D a1 b1 e1 ˚ ˚ am bm em :
The ideals b1 , b2 , ..., bm are uniquely determined by the pair M N , and are called
the invariant factors of N in M:
The last theorem also yields a description of finitely generated torsion A-modules.
For proofs of the above results, see Curtis and Reiner 1962, III, 22, Fröhlich and Taylor
1991, II 4, or Narkiewicz 1990, I 3.
Factorization in extensions
Let A be a Dedekind domain with field of fractions K, and let B be the integral closure of
A in a finite separable extension L of K:
A prime ideal p of A will factor in B,
e
pB D Pe11 Pgg ; ei 1:
If any of the numbers is > 1, then we say that p is ramified in B (or L). The number
ei is called the ramification index. We say P divides p (written Pjp/ if P occurs in the
factorization of p in B. We then write e.P=p/ for the ramification index and f .P=p/ for
the degree of the field extension ŒB=PW A=p (called the residue class degree). A prime p
is said to split (or split completely) in L if ei D fi D 1 for all i , and it said to be inert in L
if pB is a prime ideal (so g D 1 D e).
For example, .2/ D .1 C i /2 in ZŒi , and so .2/ ramifies with ramification index 2. On
the other hand, .3/ is inert in QŒi with residue field ZŒi =.3/ D F9 , and .5/ splits as the
product of two prime ideals .5/ D .2 C i /.2 i /.
L EMMA 3.33 A prime ideal P of B divides p if and only if p D P \ K:
P ROOF. )W Clearly p P \ K and P \ K ¤ A. As p is maximal, this implies that

p D P \ K.
(W If p P, then pB P, and we have seen (3.12) that this implies that P occurs in
the factorization of pB: 2
T HEOREM 3.34 Let m be the degree of L over K, and let P1 ; :::; Pg be the prime ideals
dividing p; then
Xg
ei fi D m: (9)
i D1
If L is Galois over K, then all the ramification numbers are equal, and all the residue class
degrees are equal, and so
efg D m: (10)
P ROOF. To prove (9), P we shall show that both sides equal ŒB=pBW A=p:
For the equality giD1 ei fi D ŒB=pBW A=p, note that B=pB D B= Pei i ' B=Pei i
Q Q
(Chinese Remainder Theorem), and so it suffices to show that ŒB=Pei i W A=p D ei fi .
From the definition of fi , we know that B=Pi is a field of degree fi over A=p. For each
ri , Pri i =Piri C1 is a B=Pi -module, and because there is no ideal between Pri i and Pri i C1 ,
it must have dimension one as a B=Pi -vector space, and hence dimension fi as an A=p-
vector space. Therefore each quotient in the chain
B Pi P2i Pei i
has dimension fi over A=p, and so the dimension of B=Pei i is ei fi :

The proof of the equality ŒB=pBW A=p D m is easy when B is a free A-module, for
example, if A is a principal ideal domain, because an isomorphism An ! B of A-modules,
when tensored with K, gives an isomorphism K n ! L, which shows that n D m, and,
when tensored A=p, gives an isomorphism .A=p/n ! B=pB (see (3), p15), which shows
that n D ŒB=pBW A=p.
Now let S be a multiplicative subset of A disjoint from p and suchQ that S 1 A is principal
D A p). Write B D S B and A D S A. Then pB D .Pi B 0 /ei (see 3.23),
(e.g., S P 0 1 0 1 0
and so ei fi D ŒB 0 =pB 0 W A0 =pA0 ; but A0 is principal, and so ŒB 0 =pB 0 W A0 =pA0 D m:

This completes the proof (9).
Now assume L is Galois over K. An element of Gal.L=K/ maps B isomorphically
onto itself. In particular, if P is a prime ideal of B, then P is also a prime ideal. Moreover,
THE PRIMES THAT RAMIFY 53
if P divides p, then it follows from (3.33) that P divides p. Clearly e.P=p/ D e.P=p/
and f .P=p/ D f .P=p/, and so it remains to show that Gal.L=K/ acts transitively on the
prime ideals of B dividing p:
Suppose P and Q both divide p, and suppose Q is not conjugate to P, i.e., that for all
2 Gal.L=K/, P ¤ Q. According to the Chinese Remainder Theorem, we can find an
def Q
element ˇ lies in Q but not in any of the ideals P. Consider b D Nm.ˇ/ D ˇ. Then
b 2 A, and as ˇ 2 Q, it also lies in Q; hence b 2 Q \ A D Q p. On the other hand, for all
1
2 Gal.L=K/, ˇ … P, and so ˇ … P. The fact that ˇ 2 p P contradicts the
primality of P: 2
The primes that ramify

In this subsection, we obtain a description of the primes that ramify in an extension.
T HEOREM 3.35 Let L be a finite extension of a number field K, let A be a Dedekind

domain in K with field of fractions K (e.g., A D OK ), and let B be the integral closure
of A in L. Assume that B is a free A-module (this is true for example if A is principal
ideal domain). Then a prime p ramifies in L if and only if pj disc.B=A/. In particular, only
finitely many prime ideals ramify.
We obtain this as the consequence of a series of lemmas.
L EMMA 3.36 Let A be a ring and let B be a ring containing A and admitting a finite basis
fe1 ; :::; em g as an A-module. For any ideal a of A, feN1 ; :::; eNm g is a basis for the A=a-module
B=aB, and
D.eN1 ; :::; eNm / D.e1 ; :::; em / mod a:
P ROOF. As in the proof of (3.34), the isomorphism
.a1 ; : : : ; am / 7! ai ei W Am ! B
P
gives, when tensored with A=a, an isomorphism
.a1 ; : : : ; am / 7! ai eNi W .A=a/m ! B=a

P
which shows that eN1 ; :::; eNm is a basis for B=aB. The second assertion is obvious from the
definitions. 2
L EMMA 3.37 Let A be a ring and let B1 ; :::; Bg be rings containing A and free of finite
rank as A-modules. Then
Y Y
disc.. Bi /=A/ D disc.Bi =A/:
P ROOF. Choose bases "S

i for each of the Bi (as A-modules), and compute the discriminant
of B=A using the basis i "i . 2
An element ˛ of a ring is said to be nilpotent if ˛ m D 0 for some m > 1. A ring is said

to be reduced if it has no nonzero nilpotent elements.
L EMMA 3.38 Let k be a perfect field, and let B be a k-algebra of finite dimension. Then
B is reduced if and only if disc.B=k/ ¤ 0:
P ROOF. Let ˇ ¤ 0 be a nilpotent element of B, and choose a basis e1 ; : : : ; em for B with

e1 D ˇ. Then ˇei is nilpotent for all i , and so the k-linear map
x 7! ˇei xW B /B
is nilpotent. Its matrix is also nilpotent, but a nilpotent matrix has trace zero—its minimum
polynomial (and hence its characteristic polynomial) is of the form X r —and so the first
row of the matrix .Tr.ei ej // is zero. Therefore its determinant is zero.
Conversely, suppose B is reduced. We first show that the intersection N of the prime
ideals of B is zero (this, in fact, is true for any reduced Noetherian ring). Let b 2 B, b ¤ 0.
Let ˙ be the set of ideals of B containing no power of b. Because b is not nilpotent, ˙
contains the zero ideal, and hence is nonempty. Because B is Noetherian, ˙ has a maximal
element p. We shall show that p is prime. Since b … p, this will show that b … N.
Let x; y be elements of B not in p. Then p C .x/ and p C .y/ strictly contain p, and so
b m 2 p C .x/; b n 2 p C .y/
for some m; n, say,
b m D p C cx; b n D p 0 C c 0 y; p; p 0 2 p; c; c 0 2 B:
Then b mCn D pp 0 C pc 0 y C p 0 cx C cc 0 xy 2 p C .xy/, and so p C .xy/ is not in ˙;
in particular, p C .xy/ ¤ p, and xy … p. Therefore p is prime ideal, which completes the
proof that N D 0.
Let p be a prime ideal of B. Then B=p is an integral domain, algebraic over k, and
hence is a field (by 3.30). Therefore p is maximal. Let p1 ; p2 ; : : : ; pr be prime ideals of
B. Since they are all maximal, they are relatively prime in pairs. Therefore the Chinese
remainder theorem shows that
T Q
B= pi D B=pi (*).
Note that T P
ŒB W k ŒB= pi W k D ŒB=pi W k r:
Therefore
T B has only finitely many prime ideals, say p1 ; : : : ; pg where g ŒBW k, and
pi D 0. When we take r D g in (*) we find that
Yg
BD B=pi :
i D1
For each i , B=pi is a field, and it is a finite extension of k. Because k is perfect, it is even
a separable extension of k. Now we can apply (2.26) to deduce that disc..B=pi /=k/ ¤ 0,
and we can apply the preceding lemma to deduce that disc.B=k/ ¤ 0. 2
We now prove the theorem. From the first lemma, we see that
disc.B=A/ mod p D disc..B=pB/=.A=p//;
and from the
Q last lemma that disc..B=pB/=.A=p// D 0 if and only B=pB is not reduced.
ei Q e
Let pB D Pi . Then B=pB ' B=P , and i
B=Pei is reduced ” each B=Pei is reduced ” each ei D 1:

Q
FINDING FACTORIZATIONS 55
R EMARK 3.39 (a) In fact there is a precise, but complicated, relation between the power
of p dividing disc.B=A/ P and the extent to which p ramifies in B. It implies for example
that ordp .disc.B=A// fi .ei 1/, and that equality holds if no ei is divisible by the
characteristic of A=p. See Serre 1962, III 6.
(b) Let A be the ring of integers in a number field K, and let B be the integral closure
of A in a finite extension L of K. It is possible to define disc.B=A/ as an ideal without
assuming B to be a free A-module. Let p be an ideal in A, and let S D A p. Then
S 1 A D Ap is principal, and so we can define disc.S 1 B=S 1 A/. It is a power .pAp /m.p/
of pAp . Define Y
disc.B=A/ D pm.p/ :
The index m.p/ is nonzero for only finitely many p, and so this formula does define an ideal
in A. Clearly this definition agrees with the usual one when B is a free A-module, and the
above proof shows that a prime ideal p ramifies in B if and only if it divides disc.B=A/:
E XAMPLE 3.40 (For experts on Riemann surfaces.) Let X and Y be compact connected
Riemann surfaces, and let ˛W Y ! X be a nonconstant holomorphic mapping. Write M.X /
and M.Y / for the fields of meromorphic functions on X and Y . The map f 7! f ı ˛ is an
inclusion M.X / ,! M.Y / which makes M.Y / into a field of finite degree over M.X /;
let m be this degree. Geometrically, the map is mW 1 except at a finite number of branch
points.
Let P 2 X and let OP be the set of meromorphic functions on X that are holomorphic
at P — it is the discrete valuation ring attached to the discrete valuation ordP , and its
maximal ideal is the set of meromorphic functions on X that are zero at P . Let B be the
integral closure of OP in M.Y /. Let ˛ 1 .P / D fQ1 ; Q :::; Qg g and let ei be the number
of sheets of Y over X that coincide at Qi . Then pB D qei i where qi is the prime ideal
ff 2 B j f .Qi / D 0g:
Finding factorizations
The following result often makes it very easy to factor an ideal in an extension field. Again
A is a Dedekind domain with field of fractions K, and B is the integral closure of A in a
finite separable extension L of K.
T HEOREM 3.41 Suppose that B D AŒ˛, and let f .X / be the minimum polynomial of
˛ over K. Let p be a prime ideal in A. Choose monic polynomials g1Q .X /; : : : ; gr .X / in
AŒX that are distinct and irreducible modulo p, and such that f .X / gi .X /ei modulo
p. Then Y
pB D .p; gi .˛//ei
is the factorization of pB into a product of powers of distinct prime ideals. Moreover, the
residue field B=.p; gi .˛// ' .A=p/ŒX =.gN i /, and so the residue class degree fi is equal to
the degree of gi :
P ROOF. Our assumption is that the map X 7! ˛ defines an isomorphism
AŒX =.f .X // ! B:
When we divide out by p (better, tensor with A=p), this becomes an isomorphism
kŒX =.fN.X // ! B=pB; X 7! ˛:
where k D A=p. The ring kŒX =.fN/ has maximal ideals .gN 1 /; :::; .gN r /, and .gN i /ei D 0
Q
(but no product with smaller exponents is zero). The ideal .gN i / in kŒX =.fN/ corresponds
def
to the ideal .gi .˛// C pB in B=pB, and this corresponds to the ideal Pi D .p; gi .˛// in
B. Thus P1 ; :::; Pr is the complete set of prime ideals containing pB, Qand hence is the
complete set of prime divisors of p (see 3.12). Q When we write pB D Pei i , then the ei
are characterized by the fact that pB contains Pei i but it does not contain the product
when any ei is replaced with a smaller value. Thus it follows from the above (parenthetical)
statement that ei is the exponent of gN i occurring in the factorization of fN. 2
R EMARK 3.42 When it applies the last theorem can P be used to prove (3.34) and (3.35). For
example,
P m D deg.f /, and so the equation m D ei fi is simply the equation deg.f / D
ei deg.gi /. Also, disc.B=A/ D disc.f .X //, and this is divisible by p if and only if
fN.X/ has multiple factors (when regarded as an element of .A=p/ŒX /, i.e., if and only if
some ei > 0:
R EMARK 3.43 The conclusion of the theorem holds for a particular prime p of A under
the following weaker hypothesis: disc.1; ˛; :::; ˛ m 1 / D a disc.B=A/ with a an ideal of
A not divisible by p. To prove this, invert any element of a not in p, and apply the theorem
to the new ring and its integral closure.
Examples of factorizations
We use Theorem 3.41 to obtain some factorizations.
E XAMPLE 3.44 Let m ¤ 1 be a square-free integer. We consider the factorization of

p p
prime integers in K D QŒ m. Recall that disc.1; m/ D 4m, and that disc.OK =Z/ D
p p
disc.1; m/ if m 2; 3 mod 4, and that disc.OK =Z/ D disc.1; m/=4 if m 1 mod 4.
p
In both cases, we can use the set f1; mg to compute the factorization of an odd prime p
(see 3.43). Note that (3.34) allows only three possible factorizations of .p/ in OK , namely,
.p/ D p2 : .p/ ramifies, e D 2, f D 1, g D 1I
.p/ D p: .p/ stays prime, e D 1, f D 2, g D 1I
.p/ D p1 p2 : .p/ splits, e D 1, f D 1, g D 2:
One obtains the following result.
(i) If pj disc.OK =Z/, then .p/ ramifies in OK :
(ii) For an odd prime p not dividing the m, we have
.p/ is the product of two distinct ideals ” m is a square mod p, i.e., . m p / D 1I
p m
.p/ is a prime ideal in QŒ m ” m is not a square mod p, i.e., . p / D 1:
(iii) For the prime 2 when m 1 mod 4, we have
.p/ is the product of two distinct ideals ” m 1 mod 8;
p
.p/ is a prime ideal in QŒ m ” m 5 mod 8.
p
To prove (iii), we must use the integral basis f1; ˛g, ˛ D .1 C m/=2. The minimum
polynomial of ˛ is X 2 X C.1 m/=4. If m 1 mod 8, this factors as X 2 CX D X.X C1/
mod 2, and so .2/ D .2; ˛/.2; 1 C ˛/. If m 5 mod 8, then X 2 X C .1 m/=4
X 2 C X C 1 mod 2, which is irreducible, and so .2/ D .2; 1 C ˛ C ˛ 2 / D .2/:
EXAMPLES OF FACTORIZATIONS 57
E XAMPLE 3.45 It is proved in basic graduate algebra courses that ZŒi , the Gaussian inte-
gers, is a principal ideal domain. I claim that the following conditions on an odd prime p
are equivalent:
(a) p 1 mod 4;
(b) .p/ splits in ZŒi ;
(c) there exist integers a and b such that p D a2 C b 2 .
We know that .p/ splits in ZŒi if and only if X 2 C 1 splits modulo p, but this is so if
and only if Fp contains a 4th root of 1, i.e., if and only if the group Fp contains an element
of order 4. As Fp is a cyclic group (FT Exercise 1-3) of order p 1, this is so if and only
if 4jp 1. Thus we have shown that (a) and (b) are equivalent.
Suppose .p/ splits in ZŒi , say .p/ D p1 p2 . Then p1 and p2 are principal, and if
p1 D .a C i b/ then p2 D .a i b/. Therefore a2 C b 2 D p up to multiplication by a unit
in ZŒi. But the only units in ZŒi are ˙1, ˙i , and so obviously a2 C b 2 D p. Conversely,
if p D a2 C b 2 with a; b 2 Z, then .p/ D .a C i b/.a i b/ in ZŒi .
A SIDE 3.46 The fact that every prime of the form 4n C 1 is a sum of two squares was stated as a
theorem by Fermat in a letter in 1654. Euler, who was almost certainly unaware of Fermat’s letter,
found a proof. For some history, and a discussion of algorithms for finding a and b, see Edwards
1977, p. 55.
R EMARK 3.47 (a) From (3.41) and (3.43) we see that, for almost all p, factoring .p/ in OK
amounts to factoring a polynomial f .X / modulo p into a product of powers of irreducible
polynomials. Clearly, this can always be done, but it may require a lot of hard work but not
much intelligence. Hence it can safely be left to the computer. In PARI, factormod(f,p)
factors the polynomial f modulo p. For example,
factormod(X^3+10*X+1,2) returns .X C 1/.X 2 C X C 1/;
factormod(X^3+10*X+1,17) returns X 3 C 10X C 1;
factormod(X^3+10*X+1,4027) returns .X C2215/2 .X C3624/, etc., as in the following
table.
(b) In the next section, we shall show, not only that the class group of a number field
is finite, but that it is generated by the prime ideals dividing a certain small set of prime
numbers. Finding the class number therefore involves finding the prime ideal factors of
these prime numbers, and the relations among them.
E XAMPLE 3.48 Let ˛ be a root of X 3 C 10X C 1. Recall that the discriminant of the
polynomial is 4027, and so the ring of integers in QŒ˛ is Z C Z˛ C Z˛ 2 . There are the
following factorizations:
2 .1 C X /.1 C X C X 2 / .2/ D .2; 1 C ˛/.2; 1 C ˛ C ˛ 2 /
3 .2 C X /.2 C X C X 2 / .3/ D .3; 2 C ˛/.3; 2 C ˛ C ˛ 2 /
5 2
.1 C X /.1 C 4X C X / .5/ D .5; 1 C ˛/.5; 1 C 4˛ C ˛ 2 /
7 2
.3 C X /.5 C 4X C X / .7/ D .7; 3 C ˛/.7; 5 C 4˛ C ˛ 2 /
11 .6 C X /.2 C 5X C X 2 / .11/ D .11; 6 C ˛/.11; 2 C 5˛ C ˛ 2 /
13 1 C 10X C X 3 .13/ D .13; 1 C 10˛ C ˛ 3 / D .13/
17 1 C 10X C X 3 .17/ D prime ideal.
4027 .2215 C X / .3624 C X / .4027/ D .4027; 2215 C ˛/2 .4027; 3624 C ˛/:
2
E XAMPLE 3.49 Let ˛ be a root of X 3 8X C 15. Here again, the discriminant of the
polynomial is 4027, and so the ring of integers in QŒ˛ is Z C Z˛ C Z˛ 2 . There are the
following factorizations:
2 .1 C X /.1 C X C X 2 / .2/ D .2; 1 C ˛/.2; 1 C ˛ C ˛ 2 /
3 X.1 C X 2 / .3/ D .3; ˛/.3; 1 C ˛ 2 /
5 X.2 C X / 2 .5/ D .5; ˛/.5; 2 C ˛ 2 /
7 .5 C X /.3 C 2X C X 2 / .7/ D .7; ˛/.7; 3 C 2˛ C ˛ 2 /
11 2
.1 C X /.4 C 10X C X / .11/ D .11; ˛/.11; 4 C 10˛ C ˛ 2 /
13 2 C 5X C X 3 .13/ D .13/
17 .4 C X /.6 C X /.7 C X / .17/ D .17; 4 C ˛/.17; 6 C ˛/.17; 7 C ˛/
4027 .509 C X /.1759 C X /2 : .4027/ D .4027; 509 C ˛/.4027; 1759 C ˛/2
On comparing the factorizations of .17/ in the fields in the last two examples, we see that
the fields are not isomorphic.
R EMARK 3.50 When K is a number field, it is interesting to have a description of the set
p
Spl.K/ of prime numbers that split in K. For K D QŒ m, this is the set of p for which
.m
p / D 1, and we shall see later that the quadratic reciprocity law gives a good description
of the set. For any abelian Galois extension K of Q, class field theory gives a similarly good
description, but for an arbitrary extension very little is known about what sets can occur.
There is a theorem that says that two Galois extensions K and K 0 of Q are isomorphic if
and only if Spl.K/ DSpl.K 0 /. Moreover, this can be made into an effective procedure for
determining when fields are isomorphic. See Theorem 8.38 below.
E XAMPLE 3.51 In (2.39), we saw that f .X / D X 5 X 1 is irreducible in QŒX , and

that its discriminant is 19 151, which is square-free, and so, if ˛ is a root of f .X /, then
ZŒ˛ is the ring of integers in QŒ˛. We have the following factorizations:
f .6 C X /2 .10 C 13X C 17X 2 C X 3 /

19 2 2 3
.19/ D .19; 6 C ˛/ .19;2 10 C 13˛ C 17˛2 C ˛ /
f .9 C X /.39 C X / .61 C 64X C X /
151 2 2
.151/ D .151; 9 C ˛/.151; 39 C ˛/ .151; 61 C 64˛ C2 ˛ / 3
f .1261 C X /.2592 C X /.790 C 3499X C 174X C X /
4027
.4027/ D .4027; 1261 C ˛/.4027; 2592 C ˛/.4027; 790 C 3499˛ C 174˛ 2 C ˛ 3 :
Thus .19/ and .151/ are ramified in QŒ˛, and 4027 is not, which is what Theorem 3.35
predicts.
E XAMPLE 3.52 According to PARI,
X 4 C X 3 C X 2 C X C 1 .X C 4/4 mod 5
Why is this obvious?
Eisenstein extensions
Recall that Eisenstein’s Criterion says that a polynomial
X m C a1 X m 1
C C am ;
EISENSTEIN EXTENSIONS 59
such that ai 2 Z, pjai all i , and p 2 does not divide am , is irreducible in QŒX . We will
improve this result, but first we need to make two observations about discrete valuations.
Let A be a Dedekind domain, and let B be its integral closure in a finite extension L of
its field of fractions K. Let p be a prime ideal of A and let P be an ideal of B dividing p,
say pB D Pe . Write ordp and ordP for the normalized valuations on K and L defined
by p and P. Then
ordP jK D e ordp (11)
because, if .a/ D pm in A, then .a/ D Pme in B:
Next I claim that if
a1 C C an D 0;
then the minimum value of ord.ai / must be attained
P for at least two i s. Suppose not, say
ord.a1 / < ord.ai / for all i > 1. Then a1 D i 2 ai implies that
X .8/
ord.a1 / D ord. ai / min ord.ai /;
i 2 2i n
which is a contradiction.
Let A be a Dedekind domain and let p be a prime ideal in A. A polynomial
X m C a1 X m 1
C C am ; ai 2 A;
is said to be Eisenstein relative to p if
ordp .a1 / > 0, : : : , ordp .am 1/ > 0, ordp .am / D 1:
P ROPOSITION 3.53 Let f .X / 2 AŒX be an Eisenstein polynomial with respect to p. Then

f .X/ is irreducible, and if ˛ is a root of f .X /, then p is totally ramified in KŒ˛; in fact
pB D Pm with P D .p; ˛/ and m D deg.f /:
def
P ROOF. Let L be the field generated by a root ˛ of f .X /; then ŒLW K m D deg.f /.
Let P be a prime ideal dividing p, with ramification index e say. Consider the equation
˛ m C a1 ˛ m 1
C C am D 0:
Because f .X / is Eisenstein,
ordP .˛ m / D m ordP .˛/I

ordP .ai ˛ m i / .m i / ordP .˛/ C eI
ordP .am / D e:
If ordP .˛/ D 0, then the minimum value of ordP is taken for a single term, namely
˛ m . This is impossible, and so ordP .˛/ 1, and ordP .ai ˛ m i / > ordP .am / D e
for i D 1; :::; m. From the remark preceding the proposition, we see that m ordP .˛/ D e.
Then
m ordP .˛/ D e ŒKŒ˛ W K m;
and we must have equalities throughout: ordP .˛/ D 1, ŒK.˛/W K D m D e: 2
N OTES Gauss proved the quadratic reciprocity law, and studied the arithmetic of QŒi in order
to discover the quartic reciprocity law. Kummer made an intense study of the arithmetic of the
fields QŒn , where n is a primitive nth root of 1, in order to prove higher reciprocity laws. A
major problem for him was that unique factorization fails already for n D 23. To restore unique
factorization, he developed his theory of “ideal numbers”. One of Dedekind’s great achievements
was to realize that, by replacing Kummer’s “ideal numbers” with his new notion of “ideals”, it was
possible to simplify Kummer’s theory and extend it to the rings of integers in all number fields. A
difficult step for him was showing that if ajb, then there exists an ideal c such that a D bc. Emmy
Noether re-examined Kummer’s work more abstractly, and named the integral domains for which
his methods applied “Dedekind domains”.
Exercises
3-1 Let k be a field. Is kŒX; Y a Dedekind domain? (Explain).
p p p
Show that ZŒ 3pis the
3-2 p p ring of integers in QŒ 3 and ZŒ p 7 ispthe ring of integers
inpQŒ p7, but that ZŒ 3; 7 is not the ring of integers in QŒ 3; 7. (Hint: look at
. 3 C 7/=2.)
3-3 Complete the proofs of the following statements (cf. 3.45):

(a) x 2 C y 2 D p has a solution in Z ” p 1 mod 4;
(b) x 2 C 2y 2 D p has a solution in Z ” p 1 or 3 mod 8;
(c) x 2 C 3y 2 D p has a solution in Z ” p 1 mod 3:
p
You may assume that ZŒ p is a principal ideal domain for p < 5.
3-4 Let k be a field, and let A be the subring kŒX 2 ; X 3 of kŒX .

(a) Show that kŒX is a finitely generated kŒX 2 -module, and hence is a Noetherian
kŒX 2 -module. Deduce that A is Noetherian.
(b) Show that every nonzero prime ideal of A is maximal, but that A is not a Dedekind
domain.
Hence A satisfies conditions (a) and (c) to be a Dedekind domain, but not (b). There are
also rings that satisfy (b) and (c) but fail (a), and rings that satisfy (a) and (b) but not (c) (for
example, kŒX; Y ).
Chapter 4
The Finiteness of the Class Number
In this section we prove the first main theorem of the course: the class number of a number
field is finite. The method of proof is effective: it gives an algorithm for computing the
class group.
Norms of ideals
Let A be a Dedekind domain with field of fractions K, and let B be the integral closure of A
in a finite separable extension L. We want to define a homomorphism NmW Id.B/ ! Id.A/
which is compatible with taking norms of elements, i.e., such that the following diagram
commutes:
b7!.b/
L ! Id.B/
? ?
?
yNm
?
yNm (12)
a7!.a/
K ! Id.A/
Because Id.B/ is the free abelian group on the set of prime ideals, we only have to define
Nm.p/ for p prime.
Let p be a prime ideal A, and factor pB D Pei i . If p is principal, say p D ./, then
Q
we should have
Nm.pB/ D Nm. B/ D Nm./ A D . m / D pm ; m D ŒLW K:
Also, because Nm is to be a homomorphism, we should have
Nm.pB/ D Nm. Pei i / D Nm.Pi /ei :
Q Q
P
On comparing these two formulas, and recalling (3.34) that m D ei fi , we see that we
should define Nm.Pi / D pfi . We take this as our definition:
Nm.P/ D Pf .P=p/ where p D P \ A and f .P=p/ D ŒB=P W A=p:
To avoid confusion, I sometimes use N to denote norms of ideals.
If we have a tower of fields M L K, then
NL=K .NM=L a/ D NM=K a
because f .Q=P/ f .P=p/ D f .Q=p/, i.e., ŒC =Q W B=P ŒB=P W A=p D ŒC =Q W A=p
where C B A are the integral closures of A in M , L, and K respectively.
61
62 CHAPTER 4. THE FINITENESS OF THE CLASS NUMBER
P ROPOSITION 4.1 Let A B and K L be as above.

(a) For any nonzero ideal a A, NL=K .aB/ D am , where m D ŒL W K:
(b) Suppose L is Galois over K. Let P be a nonzero prime ideal of B and let p D P \ A.
Write p B D .P1 Pg /e (cf. 3.34). Then
Y
N P B D .P1 Pg /ef D P:
2Gal.L=K/
(c) For any nonzero element ˇ 2 B, Nm.ˇ/ A D Nm.ˇ B/ (i.e., (12) commutes).
P ROOF. (a) It suffices to prove this for a prime ideal p, and for such an ideal we have that
N .pB/ D N . Pei i / D p ei fi D pm
def
Q P
(by 3.34).
(b) Since N Pi D pf for each i , the first equality is obvious. In the course of the proof
of (3.34), we showed that Gal.L=K/ acts transitively on the set fP1 ; :::; Pg g, and it follows
that each Pi occurs m g D ef times in the family fP j 2 Gal.L=K/g:
(c) Suppose first that L is Galois over K, and let ˇB D b. The map a 7! aBW Id.A/ !
Id.B/ is injective (remember they are the free abelian groups on the sets of nonzero prime
ideals), and so it suffices to show that Nm.ˇ/ B D Nm.b/ B. But
.b/ Q Q Q
Nm.b/ B D b D .ˇ B/ D . ˇ/ B D Nm.ˇ/ B
as required.
In the general case, let E be a finite Galois extension of K containing L, and let
d D ŒEW L. Let C be the integral closure of B in E. From (a), the Galois case, and
the transitivity of N we have that
NL=K .ˇ B/d D NE=K .ˇ C / D NmE=K .ˇ/ A D NmL=K .ˇ/d A:
As the group of ideals Id.A/ is torsion-free, this implies that NL=K .ˇ B/ D NmL=K .ˇ/
A. 2
Let a be a nonzero ideal in the ring of integers OK of a number field K. Then a is of

finite index in OK , and we let Na, the numerical norm of a, be this index:
Na D .OK W a/:
P ROPOSITION 4.2 Let OK be the ring of integers in a number field K.

(a) For any ideal a in OK , NK=Q .a/ D .N.a//; therefore N.ab/ D N.a/N.b/.
(b) Let b a be fractional ideals in K; then
1
.a W b/ D N.a b/:
P ROOF. (a) Write a D pri i , and let fi D f .pi =pi / where .pi / D Z\pi ; then Nm.pi / D
Q
fi . From the Chinese remainder theorem, O =a ' OK =pri i , and so .OK W a/ D
Q
.p i / K
.OK W pi /. In the course of the proof of (3.34), we showed that OK =pri i is a vector
ri
Q
f r
space of dimension fi ri over Fpi , and so .OK W pri i / D pi i i . On taking the product over
STATEMENT OF THE MAIN THEOREM AND ITS CONSEQUENCES 63
Q fr
i , we find that .OK W a/ D .pi i i / D NK=Q a. When we identify the set of nonzero
ideals in Z with the set of positive integers, then N becomes identified with N, and so the
multiplicativity of N follows from that of N .
(b) For any nonzero d 2 K, the map x 7! dxW K ! K is an additive isomorphism,
and so .d a W d b/ D .a W b/. Since .d a/.d b/ 1 D ab 1 , we may suppose that a and b are
integral ideals. The required formula then follows from (a) and the formulas
.OK W a/.a W b/ D .OK W b/
and
1
N.a/ N.a b/ D N.b/: 2
Statement of the main theorem and its consequences

We now state the main theorem of this section and discuss some of its consequences.
T HEOREM 4.3 Let K be an extension of degree n of Q, and let K be the discriminant of

K=Q. Let 2s be the number of nonreal complex embeddings of K. Then there exists a set
of representatives for the ideal class group of K consisting of integral ideals a with
nŠ 4 s

1
N.a/ n jK j 2 :
n
The number on the right is called the Minkowski bound — we sometimes denote it by
s
BK . The term CK D nnŠn 4 is called the Minkowski constant. It takes the following
values:
n r s C
2 0 1 0:637
2 2 0 0:500
3 1 1 0:283
3 3 0 0:222
4 0 2 0:152
4 2 1 0:119
4 4 0 0:094
5 1 2 0:062
5 3 1 0:049
5 5 0 0:038
::: ::: ::: :::
100 100 0 0:93 10 42
Here r is the number of real embeddings of K. We have
K ˝Q R Rr Cs ;
and, if K D QŒ˛ and f .X / is the minimum polynomial of ˛, then r is the number of real
roots of f .X / and 2s is the number of its nonreal roots. To see that these descriptions of r
and s agree, apply (1.18).
Before proving (4.3), we give some applications and examples.
T HEOREM 4.4 The class number of K is finite.
P ROOF. It suffices to show that there are only finitely many integral ideals a in OK such
that N.a/ is less than the Minkowski bound — in fact, we shall show that, for Q any integer
M , there are only finitely many integral ideals a with N.a/ < M . If a D pri i , then
Q ri fi
N.a/ D pi where .pi / D pi \ Z. As N.a/ < M , this allows only finitely many
possibilities for the pi (and hence for the pi /, and only finitely many possibilities for the
exponents ri . 2
Let S be the set of integral ideals in K with norm < BK . Then S is a finite set, and
Cl.OK / D S= ; where a b if one ideal is the product of the other with a principal (frac-
tional) ideal. There is an algorithm for finding S , and an algorithm for deciding whether
a b, and so there is an algorithm for finding Cl.OK / (the group, not just it’s order).
To find S , find the prime ideal factors of enough prime numbers, and form some of their
products. To decide whether a b, one has to decide whether c D ab 1 is principal. From
(4.2b) we know that, for 2 c,
c D . / ” Nc D j Nm j
and so we have to solve the equation:
Nm D constant.
When we express in terms of an integral basis, this becomes a (very special) type of
diophantine equation. For a descriptions of algorithms for finding Cl.OK /, see Cohen
1993, 6.5, and Pohst and Zassenhaus 1989, p424.
E XAMPLE 4.5 Let K D QŒi . The condition in Theorem 4.3 is that N.a/ 42 4 2 < 1:27.
There are no such ideals other than ZŒi , and so ZŒi is a principal ideal domain. (Of course,
the elementary proof of this shows more, namely, that ZŒi is a Euclidean domain. Even
for rings of integers in number fields,pit is not true that all principal ideal domains are
Euclidean domains. For example, QŒ 19 has class number 1, but its ring of integers
is not a Euclidean domain. For more on such things, see the survey article Lemmermeyer
19951 .)
p p
E XAMPLE 4.6 Let K D QŒ 5. Here N.a/ 0:63 p20< 3. Any ideal satisfying
this must divide .2/. In fact, .2/ D p2 where p D .2; 1 C 5/, and Np2 DpN.2/ D 4,
and so Np D 2. The ideals OK and p form a set of representatives for Cl.ZŒ p 5/. The
p not exist an element ˛ D m C n
ideal p can’t be principal because there does 5 such that
Nm.˛/ D m2 C 5n2 D 2, and so Cl.ZŒ 5/ has order 2.
E XAMPLE 4.7 Let K be a cubic field with discriminant < 0. Since the sign of K is
. 1/s , and ŒK W Q D r C 2s, we have s D 1, r D 1. The Minkowski bound is
1
BK < 0:283jK j 2 :
1 Lemmermeyer, Franz. The Euclidean algorithm in algebraic number fields. Exposition. Math. 13 (1995),
no. 5, 385–416.
STATEMENT OF THE MAIN THEOREM AND ITS CONSEQUENCES 65
For jK j 49, BK < 2, and so for cubic fields with 49 K < 0, the class number
h D 1. For example, this is true for the number fields with discriminants 23 and 31
discussed earlier (see 2.36, 2.37).
For the stem field of X 3 C 10X C 1, the discriminant is 4027, and the Minkowski
bound is < 18. Recall from (3.48) that
.2/ D .2; 1 C ˛/.2; 1 C ˛ C ˛ 2 /:
Let p D .2; 1 C ˛/; its norm is 2. One can show that it generates the class group, and that
it has order 6 in the class group, i.e., p6 but no smaller power is principal. Hence the class
group is cyclic of order 6. (The proof takes quite a bit of hard work if you do it by hand —
see Artin 1959, 12.6, 13.3. Using PARI, you can type “bnfclgp(X^3+10*X+1)”)
E XAMPLE 4.8 Let ˛ be a root of f .X / D X 5 X C 1. We saw in (2.39) that f .X / is

irreducible and its discriminant is 19 151, and so the ring of integers of QŒ˛ is ZŒ˛:
According to Theorem 4.3, every class of ideals for QŒ˛ contains an integral ideal a
with p
N.a/ < 0:062 19 151 D 3:3 < 4:
If p is a prime ideal with N.p/ D 2, then the residue field at p must be F2 , and f .X / must
have a root mod 2; however, both f .0/ and f .1/ are odd, and so f .X / doesn’t have a root
in F2 , which shows that p doesn’t exist. Similarly, there is no prime ideal p with N.p/ D 3,
and so OK is a principal ideal domain!
The Galois group of the splitting field M of f .X / is S5 (later we shall see how to
find Galois groups; for the moment type “polgalois(X^5-X-1)” p in PARI), and hence
ŒM W Q D 120. It is possible to show that M is unramified over QŒ 19 151:
An extension L of a number field K is said to be unramified over K if no prime ideal

of OK ramifies in OL :
T HEOREM 4.9 There does not exist an unramified extension of Q:
P ROOF. Let K be a finite extension of Q. Since a set of representatives for the class group
must have at least one element, and that element will have numerical norm 1, Theorem
4.3 shows that
1 nn s nn n=2
jj 2 :
nŠ 4 nŠ 4
a 1
2
Let an D rhs. Then a2 > 1, and nC1 an D 4 .1 C n1 /n > 1, and so the sequence an
is monotonically increasing. Hence the discriminant of K has absolute value > 1, and we
know from (3.35) that any prime dividing the discriminant ramifies. 2
C OROLLARY 4.10 There does not exist an irreducible monic polynomial f .X / 2 ZŒX of
degree > 1 with discriminant ˙1.
P ROOF. Let f .X / be such a polynomial, and let ˛ be a root of f .X /. Then disc.ZŒ˛=Z/ D

def
˙1, and so ZŒ˛ is the ring of integers in K D QŒ˛ and disc.OK =Z/ D ˙1, which contra-
dicts the theorem. 2
R EMARK 4.11 There may exist unramified extensions of number fields other than Q. In
fact, class field theory says that the maximal abelian unramified2 extension of K (called
the Hilbert class field of K) haspGalois group canonically isomorphic to Cl.OK /. For
example, the theory
p says p that QŒ 5 has an unramified
p extension of degree 2, and one
verifies
p that
p QŒ 1; p 5 is unramified over QŒ 5. In particular, the discriminant of
QŒ 1; 5 over QŒ 5 is a unit.
R EMARK 4.12 Let K1 be a number field with class number hK1 > 1. Its Hilbert class field
is an abelian unramified extension K2 of K1 with Gal.K2 =K1 / ' Cl.K1 /. Let K3 be the
Hilbert class field of K2 , and so on. In this way, we obtain a tower of fields,
K1 K2 K3
It was a famous question (class field tower problem) to decide whether this tower can be
infinite, or must always terminate with a field of class number 1 after a finite number of
steps. It was shown by Golod and Shafarevich in the early 60s that the tower is frequently
infinite. See Roquette 1967.
Lattices
Let V be a vector space of dimension n over R. A lattice in V is a subgroup of the form
D Ze1 C C Zer
with e1 ; :::; er linearly independent elements of V . Thus a lattice is the free abelian sub-
group of V generated by elements of V that are linearly independent over R. When r D n,
the lattice is said to be full. At the opposite extreme, D f0g is a lattice (generated by the
empty set of elements). In terms of tensor products, one can say that a full lattice in V is a
subgroup of V such that the map
P P
ri ˝ xi 7! ri xi W R ˝Z ! V;
is an isomorphism.
p
N ONEXAMPLE 4.13 The subgroup ZCZ 2 of R is a free abelian group of rank 2 (because
p
2 is not rational), but it is not a lattice in R.
We shall need another criterion for a subgroup of V to be a lattice. The choice of

a basis for V determines an isomorphism of V with Rn , and hence a topology on V ; the
topology is independent of the basis, because any linear automorphism of Rn is a homeo-
morphism. A subgroup of V is said to be discrete if it is discrete in the induced topology.
A topological space is discrete if its points (hence all subsets) are open, and so to say
that is discrete means that every point ˛ of has a neighbourhood U in V such that
U \ D f˛g.
L EMMA 4.14 The following conditions on a subgroup of a finite-dimensional real vector

space V are equivalent:
2 TheHilbert class field L of K is required to be unramified even at the infinite primes — this means that
every real embedding of K extends to a real embedding of L.
LATTICES 67
(a) is a discrete subgroup;

(b) there is an open subset U of V such that U \ D f0g;
(c) each compact subset of V intersects in a finite set;
(d) each bounded subset of V intersects in a finite set.
P ROOF. (a) ” (b). Obviously (a) implies (b). For the converse, note that the translation
map x 7! ˛ C xW V ! V is a homeomorphism, and so, if U is a neighbourhood of 0 such
that U \ D f0g, then ˛ C U is a neighbourhood of ˛ such that .˛ C U / \ D f˛g.
(a))(c). Condition (a) says that is a discrete space for the induced topology. Hence,
if C is compact, then C \ is both discrete and compact, and therefore must be finite.
(c))(d). The closure of a bounded set in Rn (hence in V ) is compact, and so this is
obvious.
(d))(b). Let U be a bounded open neighbourhood of 0. Then S D U \rf0g is finite
and hence closed, and so U r S is an open neighbourhood of f0g such that .U r S / \ D
f0g. 2
P ROPOSITION 4.15 A subgroup of V is a lattice if and only if it is discrete.
P ROOF. Clearly, a lattice is discrete. For the converse, let be a discrete subgroup of V ,
and choose a maximal R-linearly independent subset fe1 ; : : : ; er g of . We shall argue by
induction on r:
If r D 0, D 0, and there is nothing to prove.
If r D 1, then Re1 . Because is discrete, for each M > 0,
fae1 j jaj < M g \
is finite, and so there is an f 2 such that, when we write f D ae1 , a attains its minimum
value > 0. I claim D Zf . Any ˛ 2 r Zf will equal .m C b/f for some m 2 Z and
b with 0 < b < 1; but then .˛ mf / D bf D abe1 , and 0 < ab < a, which contradicts
our choice of f:
If r > 1, we let 0 D \ .Re1 C C Rer 1 /. Clearly this is a discrete subgroup of
def
the vector space V 0 D Re1 C CRer 1 and so, by induction, 0 D Zf1 C CZfr 1 for
some fi that are linearly independent over R (and hence also form a basis for V 0 /. Every
˛ 2 can be written uniquely
˛ D a1 f1 C C ar 1 fr 1 C aer ; ai ; a 2 R:
Let 'W ! R be the map ˛ 7! a, and let 00 D Im.'/. Note that a is also the image of
.a1 Œa1 /f1 C C .ar 1 Œar 1 /fr 1 C aer ; Œ D integer part,
and so each element a 2 00 in a bounded set, say with 0 jaj < M , is the image of an
element of in a bounded set,
0 ai < 1; i D 1; : : : ; r 1; jaj < M:
Thus there are only finitely many such as, and so 00 is a lattice in R, say 00 D Z '.fr /,
fr 2 .
Let ˛ 2 . Then '.˛/ D a'.fr / for some a 2 Z, and '.˛ afr / D 0. Therefore
˛ afr 2 0 , and so it can be written
˛ afr D a1 f1 C C ar 1 fr 1 ; ai 2 Z:
Hence
˛ D a1 f1 C C ar 1 fr 1 C afr ; ai ; a 2 Z;
P
which proves that D Zfi . 2
P V be a real vector space of dimension n, and let be a full lattice in V , say

Let
D Zei . For any 0 2 , let
P
D D f0 C ai ei j 0 ai < 1g:
Such a set is called a fundamental parallelopiped for . The shape of the parallelopiped
depends on the choice of the basis .ei /, but if we fix the basis and vary 0 2 , then the
parallelopipeds cover Rn without overlaps.
R EMARK 4.16 (a) For a fundamental parallelopiped D of a full lattice
D Zf1 C C Zfn
in Rn , the volume of D
.D/ D j det.f1 ; ; fn /j:
(See any good book on calculus.) If also
D Zf10 C Zf20 C C Zfn0 ;
then the determinant of the matrix relating ffi g and ffi0 g has determinant ˙1, and so the
volume of the fundamental parallelopiped doesn’t depend on the choice of the basis for .
(b) When 0 are two full lattices Rn , we can choose bases fei g and ffi g for and
0
such that fi D mi ei with mi a positive integer. With this choice of bases, the funda-
mental parallelopiped D of is a disjoint union of . W 0 / fundamental parallelopipeds
D 0 of 0 . Hence
.D 0 /
D . W 0 / (*).
.D/
As we noted above, the choice of a basis for V determines an isomorphism V Rn ,

and hence a measure on V . This measure is translation invariant (because the Lebesgue
measure on Rn is translation invariant), and well-defined up to multiplication by a nonzero
constant (depending on the choice of the basis) 3 . Thus the ratio of the measures of two sets
is well-defined, and the equation (*) holds for two full lattices 0 in V .
T HEOREM 4.17 Let D0 be a fundamental parallelopiped for a full lattice in V , and let S
be a measurable subset in V . If .S / > .D0 /, then S contains distinct points ˛ and ˇ
such that ˇ ˛ 2 :
3 The experts will recognize as being a Haar measure on V .
LATTICES 69
P ROOF. The set S \ D is measurable for all fundamental parallelopipeds D, and

X
.S / D .S \ D/
(sum over translates of D by elements of ). For each D, a (unique) translate of S \ D by

an element of will be a subset of D0 . Since .S / > .D0 /, at least two of these sets
will overlap, i.e., there exist elements ˛; ˇ 2 S such that
˛ Dˇ 0 ; some ; 0 2 :
Then ˇ ˛ 2 . 2
R EMARK 4.18 In the language of differential geometry, the theorem can be given a more
geometric statement. Let M D V =; it is an n-dimensional torus. The measure on V
defines a measure on M for which M has measure .M / D .D/. The theorem says that
if .S/ > .M /, then the restriction of the quotient map V ! M to S can’t be injective.
Let T be a set such that

1
˛,ˇ 2 T ) .˛ ˇ/ 2 T; (**)
2
and let S D 12 T . Then T contains the difference of any two points of S , and so T will
contain a point of other than the origin whenever
1 n
.D/ < . T / D 2 .T /;
2
i.e., whenever
.T / > 2n .D/:
We say that a set T is convex if, with any two points, it contains the line joining the
two points, and that T is symmetric in the origin if ˛ 2 T implies ˛ 2 T . A convex set,
symmetric in the origin, obviously satisfies (**), and so it will contain a point of n f0g if
its volume is greater than 2n .D/.
T HEOREM 4.19 (M INKOWSKI ’ S ) Let T be a subset of V that is compact, convex, and

symmetric in the origin. If
.T / 2n .D/
then T contains a point of the lattice other than the origin.
P ROOF. Replace T with .1 C "/T , " > 0. Then ..1 C "/T / D .1 C "/n .T / > 2n .D/,
and so .1 C "/T contains a point of other than the origin (see the preceding remark). It
will contain only finitely many such points because is discrete and .1 C "/T is compact.
Because T is closed
T D \">0 .1 C "/T:
If none of the points of \ .1 C "/T is in T , we will be able to shrink .1 C "/T (keeping
" > 0) so that it contains no point of other than the origin—which is a contradiction. 2
R EMARK 4.20 Theorem 4.19 was discovered by Minkowski in 1896. Although it is al-
most trivial to prove, it has lots of nontrivial consequences, and was the starting point for
the branch of number theory called the “geometry of numbers”. We give one immediate
application of it to prove that every positive integer is a sum of four squares of integers.
From the identity
.a2 C b 2 C c 2 C d 2 /.A2 C B 2 C C 2 C D 2 / D
.aA bB cC dD/2 C .aB C bA C cD dC /2 C
.aC bD C cA C dB/2 C .aD C bC cB C dA/2 ;
we see that it suffices to prove that a prime p is a sum of four squares.

Since
2 D 12 C 12 C 02 C 02 ;
we can suppose that p is odd. I claim that the congruence
m2 C n2 C 1 0 mod p
has a solution in Z. As m runs through 0; 1; : : : ; p 1, m2 takes exactly .p C 1/=2 distinct

values modulo p, and similarly for 1 n2 . For the congruence to have no solution, all
these values, p C 1 in total, must be distinct, but this is impossible.
Fix a solution m; n to the congruence, and consider the lattice Z4 consisting of
.a; b; c; d / such that
c ma C nb; d mb na mod p:
Then Z4 pZ4 and =pZ4 is a 2-dimensional subspace of Fp4 (the a and b can be
arbitrary mod p, but then c and d are determined). Hence has index p 2 in Z4 , and so the
volume of a fundamental parallelopiped is p 2 . Let T be a closed ball of radius r centered
at the origin. Then T has volume 2 r 4 =2, and so if we choose r so that 2p > r 2 > 1:9p
say, then
.T / > 16.D/:
According to Minkowski’s theorem, there is a point .a; b; c; d / 2 . n f0g/ \ T . Because
.a; b; c; d / 2 ,
a2 C b 2 C c 2 C d 2 a2 .1 C m2 C n2 / C b 2 .1 C m2 C n2 / 0 mod p;
and because .a; b; c; d / 2 T ,
a2 C b 2 C c 2 C d 2 < 2p:
As a2 C b 2 C c 2 C d 2 is a positive integer, these conditions imply that it equals p.

This result was stated by Fermat. Euler tried to prove it over a period of 40 years, and
Lagrange succeeded in 1770.
Some calculus
4.21 Let V be a finite-dimensional real vector space. A norm on V is a function kkW V !
R such that
SOME CALCULUS 71
(a) for all x 2 V , kxk 0, and kxk D 0 ” x D 0;

(b) for r 2 R and x 2 V , krxk D jrjkxk;
(c) (triangle law) for x; y 2 V , kx C yk kxk C kyk.
Let V D Rr Cs — it is a real vector space of dimension n D r C 2s. Define a norm

on V by
Xr rCs
X
kxk D jxi j C 2 jzi j
i D1 i DrC1
if x D .x1 ; :::; xr ; zrC1 ; :::; zrCs /.
L EMMA 4.22 For any real number t > 0, let
X.t / D fx 2 V j kxk tg:
Then
.X.t // D 2r .=2/s t n =nŠ:
P ROOF. Since X.t / is symmetric with respect to the r real axes, we have
.X.t // D 2r .Y .t //
where Y .t / D fx j kxk t, x1 ; :::; xr 0g. For the complex variables, we make the
change of variable
1
zj D xj C iyj D j .cos j C i sin j /:
2
The Jacobian of this change of variables is j =4. After integrating over the j , for 0 j
2, we find that
Z
.X.t // D 2r 4 s .2/s rC1 rCs dx1 dxr drC1 drCs
Z
where
Z D f.x; / 2 RrCs j xi ; i 0;
P P
xi C i t g:
The result now follows from the next lemma by taking: m D r C s; ai D 0, 1 i r;
ai D 1, r C 1 i m; for then
.X.t // D 2r 4 s
.2/s t n =nŠ
as required. 2
L EMMA 4.23 For ai > 0 2 R, let

Z
I.a1 ; :::; am ; t / D x1a1 xm
am
dx1 dxm ;
Z.t /
where Z.t / D fx 2 Rm j xi 0,
P
xi tg. Then
P
ai Cm .a1 C 1/ .am C 1/
I.a1 ; : : : ; am I t / D t :
.a1 C C am C m C 1/
P ROOF. Recall that, by definition, (e.g., Widder, D., Advanced Calculus, 1961, Chapter
11), Z 1
.x/ D e t t x 1 dt:
0C
It takes the value .n/ D .n 1/Š for n a nonnegative integer.
By making the change of variables xi0 D txi in I , we see that
P
ai Cm
I.a1 ; : : : ; am I t / D t I.a1 ; : : : ; am I 1/:
Therefore it suffices to prove the formula for t D 1. We prove this case by induction on m.
First, we have Z 1
1 .a1 C 1/
I.a1 I 1/ D x1a1 dx1 D D :
0 a1 C 1 .a1 C 2/
Let X
Z.xm /0 D fx 2 Rm 1
j xi 0; xi 1 xm g:
Then
Z 1 Z
I.a1 ; :::; am I 1/ D am
xm x1a1 am 1
xm 1 dx1 dxm 1 dxm ;
0 Z.xm /0
Z 1
am
D xm I.a1 ; :::; am 1 I 1 xm /dxm
0
Z 1 P
am
DI.a1 ; :::; am 1 I 1/ xm .1 xm / ai Cm 1
dxm
0
.am C 1/ .a1 C C am 1 C m/
DI.a1 ; :::; am 1 I 1/ :
.a1 C C am C m C 1/
In the last step, we used the standard formula
1
.m/ .n/
Z
xm 1
.1 x/n 1
dx D B.m; n/ D :
0 .m C n/ 2
E XAMPLE 4.24 p (a) Case r D 2, s D 0.2 Then X.t / is defined by jxj C jyj t . It is a
square of side 2t, and so .X.t // D 2t :
(b) Case r D 0, s D 1. Then X.t / is the circle of radius t =2, which has area t 2 =4:
L EMMA 4.25 Let a1 ; : : : ; an be positive real numbers. Then
. ai /1=n . ai / =nI
Q P
equivalently,
ai . ai /n =nn :
Q P
(The geometric mean is less than or equal to the arithmetic mean.)
P ROOF. See any good course on advanced calculus. 2

FINITENESS OF THE CLASS NUMBER 73
Finiteness of the class number

Let K be a number field of degree n over Q. Suppose that K has r real embeddings
f1 ; : : : ; r g and 2s complex embedding frC1 ; N rC1 ; : : : ; rCs ; N rCs g. Thus n D r C 2s.
We have an embedding
W K ,! Rr Cs ; ˛ 7! .1 ˛; : : : ; rCs ˛/:

def
We identify V D Rr Cs with Rn using the basis f1; ig for C:
P ROPOSITION 4.26 Let a be an ideal in OK ; then .a/ is a full lattice in V , and the volume
1
of a fundamental parallelopiped of .a/ is 2 s Na jK j 2 :
P ROOF. Let ˛1 ; : : : ; ˛n be a basis for a as a Z-module. To prove that .a/ is a lattice

we show that the vectors .˛1 /; : : : ; .˛n / are linearly independent, and we prove this by
showing that the matrix A, whose i th row is
.1 .˛i /; : : : ; r .˛i /; <.rC1 ˛i /; =.rC1 ˛i /; : : :/
has nonzero determinant.

First consider the matrix B whose i th row is
.1 .˛i /; : : : ; r .˛i /; rC1 .˛i /; rC1 .˛i /; : : : ; rCs .˛i //:
We saw in (2.26) that det.B/2 D disc.˛1 ; : : : ; ˛n / ¤ 0:

What is the relation between the determinants of A and B? Add column r C 2 in B
to column r C 1, and then subtract 1=2 column r C 1 from column r C 2. This gives us
2<.rC1 .˛i // in column r C 1 and i =.rC1 .˛i // in column r C 2. Repeat for the other
pairs of columns. These column operations don’t change the determinant of B, and so
det.B/ D . 2i /s det.A/;
or
s s
det.A/ D . 2i / det.B/ D . 2i / disc.˛1 ; : : : ; ˛n /1=2 ¤ 0:
Thus .a/ is a lattice
P in V:
Since .a/ D niD1 Z .˛i /, the volume of a fundamental parallelopiped D for .a/ is
j det.A/j, and from (2.25) we know that
j disc.˛1 ; : : : ; ˛n /j D .OK W a/2 j disc.OK =Z/j:
Hence
1 1
s s
.D/ D 2 j disc.˛1 ; : : : ; ˛n /j 2 D 2 Na jK j 2 : 2
P ROPOSITION 4.27 Let a be an ideal in OK . Then a contains a nonzero element ˛ of K

with s
4 nŠ 1
j Nm.˛/j BK Na D n
Najj 2 :
n
P ROOF. Let X.t / be as in (4.22), and let D be a fundamental domain for the lattice .a/.
The set X.t / is compact convex and symmetric in the origin, and so, when we choose t so
large that .X.t // 2n .D/, Minkowski’s Theorem shows that X.t / contains a point
.˛/ ¤ 0 of .a/. For this ˛ 2 a,
j Nm.˛/j D j1 .˛/j jr .˛/jjrC1 .˛/j2 jrCs .˛/j2

X X
. ji ˛j C 2ji ˛j/n =nn (by 4.25)
t n =nn :
In order to have .X.t // 2n .D/, we need

1
2r .=2/s t n =nŠ 2n 2 s
Na jK j 2 ;
i.e.,
2n r 1
t n nŠ
s
Na jK j 2 :

n
When we take t to equal the expression on the right, we find that
nŠ 2n r 1
j Nm.˛/j n
s Na jK j 2 :
n
As n r D 2s, this is the required formula. 2
P ROOF ( OF T HEOREM 4.3) Let c be a fractional ideal in K — we have to show that the
class of c in the ideal class group is represented by an integral ideal a with
s
def nŠ 4 1
Na BK D n jK j 2 :
n
For some d 2 K , d c 1 is an integral ideal, say .d / c 1 D b. According to the result just

proved, there is a ˇ 2 b, ˇ ¤ 0, with
j Nm.ˇ/j BK Nb:
Now ˇOK b ) ˇOK D ab with a integral, and a b 1 c. Moreover,
Na Nb D j NmK=Q ˇj BK Nb:
On cancelling Nb, we find that Na BK . 2
R EMARK 4.28 Proposition 4.27 can be useful in deciding whether an integral ideal is prin-
cipal.
Binary quadratic forms

Gauss studied binary quadratic forms, and even defined a product for them. This work
was greatly clarified when Kummer and Dedekind defined ideals, and it was realized that
Gauss’s results were related to the ideal class groups of quadratic number fields. Here I
briefly explain the connection.
BINARY QUADRATIC FORMS 75
By a binary quadratic form we mean an expression of the form
Q.X; Y / D aX 2 C bX Y C cY 2 :
We call the form integral if Q.m; n/ is an integer whenever m and n are integers, or,
equivalently, if a; b; c 2 Z. The discriminant of Q is
dQ D b 2 4ac:
A form is said to be nondegenerate if its discriminant is nonzero. Two integral binary

0 ˛ ˇ
quadratic forms Q and Q are said to be equivalent if there exists a matrix A D 2
ı
SL2 .Z/ such that
Q0 .X; Y / D Q.˛X C ˇY; X C ıY /:
Clearly, equivalent forms have the same discriminant, but there exist inequivalent forms
with the same discriminant. The question considered by Gauss was to try to describe the
set of equivalence classes of forms with a fixed discriminant.
p
Let d ¤ 1 be a square-free integer, let K D QŒ d , and let dK D disc.OK =Z/. Define
the norm form qK by
p
qK .X; Y / D NmK=Q .X C Y d / D X 2 d Y 2 ; if d 2; 3 mod 4
or
p
qK .X; Y / D NmK=Q .X C Y 1C d
2 / D X2 C XY C 1 d 2
4 Y ; if d 1 mod 4:
In both cases qK has discriminant dK .D 4d or d ).

2
pQ is an integral binary quadratic form, then dQ D dK f , some integer f ,
In general, if
where K D QŒ dQ . Moreover, if dQ D dK , then Q is primitive, i.e., gcd.a; b; c/ D 1:
p p
Fix a field K D QŒ d and an embedding K ,! C. We choose p d topbe positive
p
if d > 0, and to have positive imaginary part if d is negative. Set dK D 2 d or d .
Write Gal.K=Q/ D f1; g. If d < 0, define ClC .K/ D Cl.K/ (usual class group of K)
and if d > 0, define
ClC .K/ D Id.K/=PC .K/
where P C .K/ is the group of principal ideals of the form .˛/ with ˛ > 0 under every
embedding of K into R.
Let a be a fractional ideal in K, and let a1 ; a2 be a basis for a as a Z-module. From
(2.25) we know that
ˇ ˇ2
ˇ a1 a2 ˇˇ 2
ˇ a1 a2 ˇ D dK Na :
ˇ
After possibly reordering the pair a1 ; a2 we will have

ˇ ˇ
ˇ a1 a2 ˇˇ p
ˇ a1 a2 ˇ D dK Na:
ˇ
For such a pair, define

1
Qa1 ;a2 .X; Y / D Na NmK=Q .a1 X C a2 Y /:
This is an integral binary quadratic form with discriminant dK .

T HEOREM 4.29 The equivalence class of Qa1 ;a2 .X; Y / depends only on the image of a in
ClC .K/; moreover, the map sending a to the equivalence class of Qa1 ;a2 defines a bijec-
tion from ClC .K/ to the set of equivalence classes of integral binary quadratic forms with
discriminant dK .
P ROOF. See Fröhlich and Taylor 1991, VII.2 (and elsewhere). 2
In particular, the set of equivalence classes is finite, and has the structure of an abelian
group. This was known to Gauss, even though groups had not yet been defined. (Gauss
even knew it was a direct sum of cyclic groups.)
p
A SIDE 4.30 Write hd for the class number of QŒ d , d a square-free integer ¤ 1. In modern
terminology, Gauss conjectured that, for a fixed h, there are only finitely many negative d such that
hd D h. (Actually, because of a difference of terminology, this is not quite what Gauss conjectured.)
In 1935, Siegel showed that, for every " > 0, there exists a constant c > 0 such that
1
"
hd > cjd j 2 ; d < 0:
This proves Gauss’s conjecture. Unfortunately, the c in Siegel’s theorem is not effectively com-
putable, and so Siegel’s theorem gives no way of computing the d s for a given h.
In 1951, Tatuzawa showed that Siegel’s theorem is true with an effectively computable c except
for at most one exceptional d .
It is easy to show that hd D 1 for d D 1; 2; 3; 7; 11; 19; 43; 67; 163 (exercise!). Thus in 1951
it was known that there exist these 9 quadratic imaginary number fields with class number 1, and
possibly 1 more.
In 1952 Heegner proved that there was no 10th such field, but his proof was not recognized to
be correct until 1969 (by Deuring and Stark). In the interim, Baker (1966), Stark (1966), and Siegel
(1968) had found proofs.
More recently (1983), Goldfeld, Gross, and Zagier showed, using completely different methods
from Siegel, that there is an effective procedure for finding all d < 0 with hd equal to a given h. For
an expository article on this, see Goldfeld, Bull. Amer. Math. Soc. 13 (1985), 23–37.
By way of contrast, it is conjectured that there are infinitely many real quadratic fields with class
number 1, but this has not been proved.
N OTES Fermat stated, and probably proved, the three statements in Exercise 3-3. However, for 5
he could only state the following conjecture:
If two primes are of the form 20k C 3 or 20k C 7, then their product is of the form
x 2 C 5y 2 .
p than it is for 1, 2, or 3 was the first indication that

The fact that this statement is more complicated
the arithmetic of the ring of integers in QŒ 5 is more complicated than it is in the fields with
smaller discriminant. Lagrange found an explanation for Fermat’s statements by showing that all
binary quadratic forms of discriminant 4 are equivalent, and similarly for discriminants 8 and
12, but that the forms of discriminant
p 20 fall into two equivalence classes. Dedekind was able to
interprete this as showing that QŒ 5 has class number 2.
Exercises
4-1 Give an example of an integral domain B, a nonzero prime ideal p in B, and a subring
A of B such that p \ A D 0. (Note that this can’t happen if B is integral over A — see the
paragraph preceding 3.30.)
EXERCISES 77
4-2 Let F K L be a sequence of number fields, and let A B C be their rings

of integers. If QjP and Pjp (prime ideals in C , B, and A respectively), show that
e.Q=P/ e.P=p/ D e.Q=p/; f .Q=P/ f .P=p/ D f .Q=p/:
4-3 Let K D QŒ˛ where ˛ is a root of X 3 C X C 1 (see 2.37). According to (3.34),

what are the possible ways that .p/ can factor in OK as a product of prime ideals. Which
of these possibilities actually occur? (Illustrate by examples.)
p p
4-4 Show that QŒ 23 has class number 3, and that QŒ 47 has class number 5.
4-5 Let K be an algebraic number field. Prove that there is a finite extension L of K
such that every ideal in OK becomes principal in OL . [Hint: Use the finiteness of the class
number.]
4-6 Let K D QŒ˛ where ˛ is a root of X 3 X C 2. Show that OK D ZŒ˛ and that K
has class number 1. [One approach is to consider the square factors of the discriminant of
X 3 X C 2, and show that 21 .a C b˛ C c˛ 2 / is an algebraic integer if and only if a, b, and
c are all even, but you may be able to find a better one.]
p p p p
4-7 Let K D QŒ 1; 5. Show that OK D ZŒ 1; 1C2 5 . Show that the only primes
(in Z) that ramify in K are 2 p and 5, and that their ramification
p indexes are both 2. Deduce
that K is unramified over QŒ 5. p
Prove that QŒ 5 has class number 2, and deduce
that K is the Hilbert class field of QŒ 5. (Cf. 4.11.)
Chapter 5
The Unit Theorem
In this section we prove the second main theorem of the course.
Statement of the theorem

Recall that a finitely generated abelian group A is isomorphic to Ators ˚Zt for some t where
Ators is the (finite) subgroup of torsion elements of A (i.e., of elements of finite order). The
number t is uniquely determined by A, and is called the rank of A.
As before, we write r for the number of real embeddings of a number field K and 2s
for the number of nonreal complex embeddings. Thus
K ˝Q C Rr Cs
and r C 2s D ŒKW Q. Moreover, if K D QŒ˛, then r is the number of real conjugates of ˛
and 2s is the number of nonreal complex conjugates.
T HEOREM 5.1 The group of units in a number field K is finitely generated with rank equal
to r C s 1.
For example, for a real quadratic field, the rank is 2 C 0 1 D 1, and for an imaginary
quadratic field it is 0 C 1 1 D 0.
The theorem is usually referred to as the “Dirichlet Unit Theorem” although Dirichlet
proved it for rings of the form ZŒ˛ rather than OK .

Write UK .D OK / for the group of units in K. The torsion subgroup of UK is the group
.K/ of roots of 1 in K.
A set of units u1 ; : : : ; urCs 1 is called a fundamental system of units if it forms a
basis for UK modulo torsion, i.e., if every unit u can be written uniquely in the form
m
u D um1 rCs 1
1 urCs 1 ; 2 .K/; mi 2 Z:
The theorem implies that .K/ is finite (and hence cyclic). As we now explain, this
can be proved directly. In Chapter 7, we shall see that, if m is a primitive mth root of 1,
then is a Galois extension of Q with Galois group isomorphic to .Z=mZ/Q . If m D
Q rQŒ
pi is the factorization of m into powers of distinct primes, then Z=mZ ' Z=piri Z
i

by the Chinese remainder theorem, and so .Z=mZ/ ' Z=piri Z . As the nonunits of
Q
78
STATEMENT OF THE THEOREM 79
Z=piri Z are exactly the elements divisible by p, and there are piri 1
of these, we see that
ˇZ=p ri Z ˇ D p ri 1 .pi 1/, and so
ˇ ˇ
i i
ˇZ=mZ ˇ D p ri 1 def
ˇ ˇ Q
i .pi 1/ D '.m/.
Since
m 2 K ) QŒm K ) '.m/jŒK W Q;
the field K can contain only finitely many m .
L EMMA 5.2 An element ˛ 2 K is a unit if and only if ˛ 2 OK and NmK=Q ˛ D ˙1.
P ROOF. If ˛ is a unit, then there is a ˇ 2 OK such that ˛ˇ D 1, and then Nm.˛/ and
Nm.ˇ/ lie in Z and 1 D Nm.˛ˇ/ D Nm.˛/ Nm.ˇ/. Hence Nm ˛ 2 Z D f˙1g.
For the converse, fix an embedding 0 of K into C, and use it to identify K with a
subfield of C. Recall (2.20) that
Y Y
Nm .˛/ D ˛ D ˛ ˛:
WK,!C ¤0
Q
Let ˇ D ¤0 ˛. If ˛ 2 OK , then ˇ is an algebraic integer. If Nm .˛/ D ˙1, then
ˇ D ˙˛ 1 and so belongs to K. Therefore, if ˛ satisfies both conditions, it has an inverse
˙ˇ in OK , and so is a unit. 2
For all real fields, i.e., fields with an embedding into R, .K/ D f˙1g; for “most”
nonreal fields, this is also true.
p p
E XAMPLE 5.3 p Let K be a quadratic field QŒ d . Then OK D fm C n d j m; n 2 Zg or
fm C n.1 C d /=2 j m; n 2 Zg. In the two cases, the units in OK are the solutions to the
equations
m2 n2 d D ˙1, or
.2m C n/2 d n2 D ˙4:
When d < 0, these equations (obviously) have only finitely many solutions, and so UK D
.K/. Note that m lies in a quadratic field if and only if '.m/ 2. This happens only for
m dividing 4 or 6. Thus .K/ D f˙1g except for the following fields:
QŒip, .K/ D f˙1; ˙ig; p
QŒ 3, .K/ D f˙1; ˙; ˙2 g, with D .1 C 3/=2/.
When d > 0, the theorem shows that there are infinitely many solutions, and that UK D
˙uZ for some element u (called the fundamental unit). As Cohn (19781 ) puts it, “the
actual computation of quadratic units lies in the realm of popularized elementary number
theory, including devices such as continued fractions.” The method is surprisingly effective,
and yields some remarkably large numbers — see later.
1 Cohn, Harvey. A classical invitation to algebraic numbers and class fields. With two appendices by Olga
Taussky: ”Artin’s 1932 Göttingen lectures on class field theory” and ”Connections between algebraic number
theory and integral matrices”. Universitext. Springer-Verlag, New York-Heidelberg, 1978. xiii+328 pp.
80 CHAPTER 5. THE UNIT THEOREM
E XAMPLE 5.4 Let K D QŒ˛, where ˛ is a root of X 3 C 10X C 1. We know that the
discriminant K D 4027. Since sign.K / D . 1/s and r C 2s D 3, we must have
r D 1 D s. From its minimum equation, we see that Nm .˛/ D 1, and so ˛ is a unit.
Clearly ˛ is of infinite order, and later we shall show that it is a fundamental unit, and so
UK D f˙˛ m j m 2 Zg.
Proof that UK is finitely generated

We first need an elementary result.
P ROPOSITION 5.5 For any integers m and M , the set of all algebraic integers ˛ such that
˘ the degree of ˛ is m, and
˘ j˛ 0 j < M for all conjugates ˛ 0 of ˛
is finite.
P ROOF. The first condition says that ˛ is a root of a monic irreducible polynomial of de-
gree m, and the second condition implies that the coefficients of the polynomial are
bounded in terms of M . Since the coefficients are integers, there are only finitely many
such polynomials, and hence only finitely many ˛s. 2
C OROLLARY 5.6 An algebraic integer ˛, all of whose conjugates in C have absolute value
1, is a root of 1.
P ROOF. According to the proposition, the set f1; ˛; ˛ 2 ; : : :g is finite. 2
R EMARK 5.7 It is essential to require ˛ to be an algebraic integer. For example, ˛ D

.3 C 4i /=5 and its conjugate both have absolute value 1, as do their powers, but the set
f1; ˛; ˛ 2 ; : : :g is not finite.
Recall that we previously considered the map
W K ! Rr Cs ; ˛ 7! .1 ˛; : : : ; r ˛; rC1 ˛; : : : ; rCs ˛/
where f1 ; : : : ; r ; rC1 ; N rC1 ; : : : ; rCs ; N rCs g is the complete set of embeddings of K
into C. It takes sums to sums. Now we want a map that takes products to sums, and so we
take logarithms. Thus we consider the map:
L W K ! RrCs ; ˛ 7! .log j1 ˛j; : : : ; log jr ˛j; 2 log jrC1 ˛j; : : : ; 2 log jrCs ˛j/:
It is a homomorphism. If u is a unit in OK , then NmK=Q u D ˙1, and so
j1 uj jr ujjrC1 uj2 jrCs uj2 D 1:
On taking logs, we see that L.u/ is contained in the hyperplane
H W x1 C C xr C 2xrC1 C C 2xrCs D 0:
Dropping the last coordinate defines an isomorphism H RrCs 1:

COMPUTATION OF THE RANK 81
P ROPOSITION 5.8 The image of LW U ! H is a lattice in H , and the kernel of L is a finite

group (hence is .K//:
P ROOF. Let C be a bounded subset of H containing 0, say
C fx 2 H j jxi j M g:
If L.u/ 2 C , then jj uj e M for all j , and Lemma 5.5 implies that there are only finitely
many such us. Thus L.U / \ C is finite, and this implies that L.U / is a lattice in H (by
4.15). Since everything in the kernel maps into C , the kernel is finite. 2
Since the kernel of L is finite, we have
rank.U / D rank.L.U // dim H D r C s 1:
Computation of the rank

We now prove the unit theorem.
T HEOREM 5.9 The image L.U / of U in H is a full lattice; thus U has rank r C s 1:
P ROOF. To prove the theorem, we have to find a way to construct units. We work again
with the embedding
W K ,! Rr Cs RrC2s :
For x D .x1 ; :::; xr ; xrC1 ; :::/ 2 Rr Cs , define
Nm.x/ D x1 xr xrC1 xN rC1 xrCs xN rCs :
Then Nm. .˛// D Nm.˛/. Note that j Nm.x/j D jx1 j jxr jjxrC1 j2 jxrCs j2 :
Recall from (4.26), that .OK / is a full lattice in Rr Cs , and the volume of its funda-
1
mental parallelopiped is 2 s jj 2 ; in more detail, if ˛1 ; : : : ; ˛n is a Z-basis for OK , then
we showed that the absolute value of the determinant of the matrix whose i th row is
.˛i / D .1 .˛i /; : : : ; <.rC1 .˛i //; =.rC1 .˛i //; : : :/

1
is 2 s jj 2 . In fact, we showed that we could get this matrix from the matrix whose i th
row is
.1 .˛i /; : : : ; rC1 .˛i /; N rC1 .˛i /; : : :/
by some elementary column operations that multiplied the absolute value of the determinant
1
by 2 s , and we know that the determinant of the second matrix is ˙jj 2 .
In the rest of the proof, x will be a point of Rr Cs with
1=2 j Nm.x/j 1:
Define
x .OK / D fx .˛/ j ˛ 2 OK g:
Since Rr Cs is a ring, this product makes sense. This is again a lattice in Rr Cs , and the
volume of its fundamental parallelopiped is the determinant of the matrix whose i th row is
.x1 1 .˛i /; : : : ; <.xrC1 rC1 .˛i //; =.xrC1 rC1 .˛i //; : : :/:
As before, the absolute value of the determinant of this matrix is 2 s times the absolute
value of the determinant of the matrix whose i th row is
.x1 1 .˛i /; : : : ; xrC1 rC1 .˛i /; xN rC1 N rC1 .˛i /; : : :/;
which is
1
jj 2 j Nm.x/j:
1
Therefore x .OK / is a lattice with 2 s jj 2 j Nm.x/j as the volume of its fundamental
domain. Note that as x ranges over our set these volumes remain bounded.
Let T be a compact convex subset of Rr Cs , which is symmetric in the origin, and
whose volume is so large that, for every x in the above set, Minkowski’s theorem (4.19)
implies there is a point of OK , ¤ 0, such that x . / 2 T . The points of T have
bounded coordinates, and hence bounded norms, and so
x . / 2 T ) j Nm.x . //j M;
for some M (depending on T /; thus
j Nm. /j M= Nm.x/ 2M:
Consider the set of ideals OK , where runs through the ’s in OK for which x . / 2 T
for some x in our set. The norm N of such an ideal is 2M , and so there can only be finitely
many such ideals, say 1 OK ; : : : ; t OK . Now if is any element of OK with x . / 2 T ,
some x, then OK D i OK for some i , and so there exists a unit " such that D i ".
Then x ."/ 2 . i 1 / T . The set T 0 D . 1 1 / T [ ::: [ . t 1 / T is bounded, and
so we have shown that, for each x in our set there exists a unit " such that the coordinates
of x ."/ are bounded uniformly in x (the set T 0 doesn’t depend on x).
We are now ready to prove that L.U / is a full lattice in H . If r C s 1 D 0, there is
nothing to prove, and so we assume r C s 1 1:
For each i , 1 i r C s, we choose an x in our set such that all the coordinates of x
except xi are very large (compared with T 0 /, and xi is sufficiently small that j Nm xj D 1.
We know that there exists a unit "i such that x ."i / has bounded coordinates, and we
deduce that jj "i j < 1 for j ¤ i , and hence that log jj "i j < 0:
I claim that L."1 /; :::; L."rCs 1 / are linearly independent vectors in the lattice L.U /.
For this we have to prove that the matrix whose i th row is
.l1 ."i /; :::; lrCs 1 ."i //; li ."/ D log ji "j;
is invertible. The elements of the matrix except those on the diagonal are negative, but the
sum
l1 ."i / C C lrCs 1 ."i / C lrCs ."i / D 0;
and so the sum of the terms in the i th row
l1 ."i / C C lrCs 1 ."i / D lrCs ."i / > 0:
The next lemma implies that the matrix is invertible, and so completes the proof of Theorem
5.9. 2
L EMMA 5.10 Let .aij / be a real m m matrix such that

S-UNITS 83
˘ a
Pij < 0 for i ¤ j I
˘ j aij > 0 for i D 1; 2; :::; m:
Then .aij / is invertible.
P ROOF. If it isn’t, then the system of equations

X
aij xj D 0 i D 1; : : : ; m
has a nontrivial solution. Write x1 ; :::; xm for such a solution, and suppose i0 is such that
jxi0 j D maxfjxj jg. We can scale the solution so that xi0 D 1. Then jxj j 1 for j ¤ i0 ,
and the i0 th equation gives a contradiction:
X X X
0D ai0 j xj D ai0 i0 C ai0 j xj ai0 i0 C ai0 j > 0:
j j ¤i0 j ¤i0 2
S-units
Let S be a finite set of prime ideals of K, and define the ring of S-integers to be
\
OK .S / D Op D f˛ 2 K j ordp .˛/ 0, all p … Sg:
p…S
For example, if S D ;, then OK .S / D OK .

Define the group of S-units, to be
U.S / D OK .S / D f˛ 2 K j ordp .˛/ D 0, all p … S g:
Clearly, the torsion subgroup of U.S / is again .K/.
T HEOREM 5.11 The group of S -units is finitely generated with rank r C s C #S 1.
P ROOF. Let p1 ; p2 ; : : : ; p t be the elements of S . The homomorphism
u 7! .: : : ; ordpi .u/; : : :/W U.S / ! Zt
has kernel U . To complete the proof, it suffices to show that the image of U.S / in Zt has
rank t . Let h be the class number of K. Then phi is principal, say phi D .i /, and i is an
S -unit with image
.0; : : : ; h; : : : ; 0/ .h in the i t h position).
Clearly these elements generate a subgroup of rank t. 2
For example, if K D Q and S D f.2/, (3), .5/g then
U.S / D f˙2k 3m 5n j k; m; n 2 Zg;
and the statement is obvious in this case.

Example: CM fields
A number field is totally real if all of its embeddings in C lie in R, and it is totally imaginary
if none of its embeddings in C lie in R. For example, K D QŒ˛ ' QŒX =.f / is totally
real if all the roots of f are real, and it is totally imaginary if none of the roots of f are real.
A CM field is a totally imaginary quadratic extension of a totally real field. Every such
field can be obtained from a totally real field by adjoining the square root of an element all
of whose real conjugates are negative.
Let K be a CM field, which is a quadratic extension of the totally real field K C , and let
2n D ŒK W Q. Then K has 2n complex embeddings and K C has n real embeddings, and
so
rank.UK / D n 1 D rank.UK C /.
Therefore, UK C has finite index in UK . In fact, it is possible to prove more.
P ROPOSITION 5.12 The index of .K/ UK C in UK is either 1 or 2.
P ROOF. Let a 7! aN be the nontrivial automorphism of K fixing K C . Then .a/ N D .a/

for all homomorphisms W K ! C. In particular, for any a 2 K, all conjugates of a=aN
in C have absolute value 1, and so a=aN 2 .K/ (by 5.6). Consider the map W UK !
.K/=.K/2 determined by a 7! a=a. N Clearly is a homomorphism. Suppose u lies in its
2
kernel, so that u=uN D for some 2 .K/. Then u= N u
N D 1, and so uN 2 K C . It follows
that u 2 .K/ UK C . Conversely, if u D u 2 .K/ UK C , then u=uN D 2 2 Ker./.
C
We have shown that Ker./ D .K/ UK C . As .K/=.K/2 has order 2, this completes
the proof. 2
Example: real quadratic fields

An expression
1
a0 C
1
a1 C
1
a2 C
a3 C
is called a continued fraction. We abbreviate the expression on the right as
Œa0 ; a1 ; a2 ; : : ::
We shall always assume that the ai are integers with a1 > 0, a2 > 0; : : :. The integers
ai are called the quotients, and Œa0 ; a1 ; :::; an is called the nth convergent. Every irra-
tional number ˛ can be expressed in just one way as an infinite continued fraction, and
the continued fraction is periodic if and only if ˛ has degree 2 over Q. (See any book on
elementary number theory, for example, Hardy, G. H., and Wright, E. M., An Introduction
to the Theory of Numbers, Oxford Univ. Press, 1960 (4th edition), Chapter X.)
Nowp let d be a square-free positive integer, and let " be the (unique) pfundamental unit
for QŒ d with " > 1. Let s be the period of the continued fraction for d and let p=q be
the .s 1/th convergent of it; then
p
" D p C q d if d 2; 3 mod 4, or d 1 mod 8;
EXAMPLE: CUBIC FIELDS WITH NEGATIVE DISCRIMINANT 85
and p p
" D p C q d or "3 D p C q d otherwise.
Using a computer algebra program, it is very easy to carry this out, and one obtains some
spectacularly large numbers. p p
For example, to find the fundamentalpunit in QŒ 94, first compute 94 D 9: 6954 : : :.
Then compute the continued fraction of 94. One gets
f9; 1; 2; 3; 1; 1; 5; 1; 8; 1; 5; 1; 1; 3; 2; 1; 18; 1; 2; 3; : : :g:
This suggests the period is 16. Now evaluate the 15th convergent. One gets
2143295
:
221064
Hence the fundamental unit > 1 is
p
" D 2143295 C 221064 94:
Compute that
.2143295/2 .221064/2 94 D 1;
which verifies that " is a unit. p
When one carries out this procedure for QŒ 9199, the first coefficient of the funda-
mental unit has 88 digits! The computer has no problem finding the fundamental unit —
the only problem is counting the length of the period, which is about 180.
Example: cubic fields with negative discriminant

Since the sign of the discriminant is . 1/s (see 2.40), a cubic field K will have negative
discriminant if and only if r D 1 D s. We identify K with a subfield of R using its unique
real embedding. We have < 0, and the group of units is f˙"m g for some " (fundamental
unit). We want to find ". Since ", " 1 , and " 1 are also fundamental units, we may
suppose that " > 1.
L EMMA 5.13 Let K be a cubic extension of Q with negative discriminant, and let " be the
fundamental unit with " > 1. Then
jK j < 4"3 C 24:
P ROOF. Since " … Q, it must generate K. The two conjugates of " (other than " itself) must
be complex conjugates, and so the product of " with its conjugates must be C1 (rather than
1). Write " D u2 , u 2 R, u > 1. Then the remaining conjugates of " can be written
1 i 1 i
u e ; u e .0 /:
Let 0 D D.1; "; "2 / be the discriminant of the minimum equation of ". Then
1
0 2 D .u2 u 1 i
e /.u2 u 1
e i
/.u 1 i
e u 1
e i
/ D 2i.u3 C u 3
2 cos / sin :
If we set 2 D u3 C u 3, then
1
j0 j 2 D 4. cos / sin ;
which, for a given u, has a maximum where
cos cos2 C sin2 D 0;
or
def
g.x/ D x 2x 2 C 1 D 0; jxj 1; x D cos :
We seek a root of g.x/ with jxj < 1. But g.1/ D 1 < 0 (because u > 1 implies
3 3
D u 2u > 1), and g. 2u1 3 / D 43 .u 6 1/ < 0. Since g.x/ D 2x 2 C , it follows
g.x/ has one root > 1, and that the desired root x0 , with jx0 j 1, is < 2u1 3 . But then
1
x02 > )u 6
4x02 < 0 ) u 6
4x0 2 4x04 < 0: (13)
4u6
This maximum yields
j0 j 16. 2 2x0 C x02 /.1 x02 /;
and, on applying the conditions x0 D 2x02 1, 2 x02 D 4x04 4x02 C 1, and the inequality
(13) we find that
j0 j 16. 2 C 1 x02 x04 / D 4u6 C 24 C 4.u 6

4x02 4x04 / < 4u6 C 24:
Hence
j0 j < 4"3 C 24:
Since 0 D K (square of an integer), this completes the proof. 2
E XAMPLE 5.14 Let K D QŒ˛qwhere ˛ is a real root of X 3 C 10X C 1. Here the discrim-
inant is 4027, and so " > 3 40274 24 > 10 for " the fundamental unit with " > 1.
Note that Nm.˛/ D 1, and so ˛ is a unit. Moreover, ˛ D 0:0999003::. and so
ˇ D ˛ 1 D 10:00998:::. Since ˇ is a power of ", we must have ˇ D "; i.e., ˛ 1
is the fundamental unit > 1: Thus
UK D f˙˛ m j m 2 Zg:
Once one knows ", it becomes easier to compute the class group. We know (see 3.48)
that there is a prime ideal p D .2; 1 C ˛/ such that N.p/ D 2. One shows that p generates
the class group, and it then remains to find the order of p. One verifies that p6 is the ideal
1/3
generated by .˛˛C2 , and so it remains to show that p2 and p3 are nonprincipal.
3
Suppose p3 D . /. Then 2 D ˙˛ m .˛˛C2
1/
for some m and choice of signs. But this
˛ 1 ˛ 1 ˛ 1 ˛ 1
says that at least one of the numbers ˛C2 , ˛C2 , ˛ ˛C2 , ˛ ˛C2 is a square. Let ˇ be that
number. If q is a prime ideal such that ˇ 2 Oq (i.e., such that ordq .ˇ/ 0/, then we can
look at ˇ mod q and ask if it is a square.
We first work modulo 29. We have
X 3 C 10X C 1 .X C 5/.X 3/.X 2/ mod 29:
Take q to be the ideal .29; ˛ 2/. The residue field OK =q is F29 D Z=.29/, and the map
ZŒ˛ ! F29 is ˛ 7! 2 (mod 29). Thus
1
˛ 1 7! 1; ˛ C 2 7! 4; .˛ C 2/ 7! 22; 1 7! 1:
FINDING .K/ 87
The numbers 1, 4, and 1 122 are squares modulo 29, but 2 is not; hence m must be 0.
˛ 1
Since ˛C2 < 0 it can’t be a square in K (since it isn’t even in R), and so the only possibility
˛ 1
for ˇ is ˛C2 . We eliminate this by looking mod 7.
Take q D .7; ˛ C 3/ (see 3.48). Then in the map ZŒ˛ ! ZŒ˛=q D F7 ;
˛ 1 3 1
˛ 7! 3 D 4; 7! 4 3 mod 7;
˛C2 6 2
˛ 1
and 3 is not a square modulo 7. Thus ˛C2 is not a square in QŒ˛:
2
Similarly, p D . / can be shown to be impossible. Thus Cl.OK / is a cyclic group of
order 6.
Finding .K/
As we noted eariler, if QŒm K, where m is a primitive mth root of 1, then '.m/jŒKW Q.
Thus there are only finitely many possibilities for m. For each of them, use the test in the
later section on algorithms to determine whether the minimum polynomial ˚m for m has
a root in K.
Finding a system of fundamental units

One strategy for finding units in the general case seems to be to find lots of solutions to
equations Nm.˛/ D m for m a fixed small number, and then take quotients of solutions.
Note that there can be only finitely many ideals a with N.a/ D m; thus if we have lots of
elements ˛i with Nm.˛i / D m, then frequently ˛i OK D ˛j OK , and this implies that
˛i and ˛j differ by a unit — note that this was the strategy used to prove the unit theorem.
See Pohst and Zassenhaus 1989, Chapter 5.
Regulators
There is one other important invariant that we should define. Let t D r C s 1, and let
u1 ; :::; u t be a system of fundamental units. Then the vectors
df
L.ui / D .log j1 ui j; :::; log jr ui j; 2 log jrC1 ui j; : : : ; 2 log j t ui j/ 2 Rt
generate the lattice L.U / in Rt . The regulator is defined to be determinant of the matrix
whose i th row is L.ui /. Thus, up to sign, the regulator is the volume of a fundamental
domain for L.U / (regarded as a full lattice in Rt /:
The regulator plays the same role for the group of units (mod torsion) that the dis-
criminant plays for OK . One can similarly define the regulator of any set f"1 ; :::; " t g of
independent units, and the index of the group generated by the "i and .K/ in the full
group of units is measured by ratio
jReg."1 ; : : : ; " t /j=jReg.U /j:
There are lower bounds for the regulator (see Pohst and Zassenhaus 1989, p 365) similar
to the one we proved for a cubic field with one real embedding.
For an algorithm that computes the class group, regulator, and fundamental units of a
general number field, but which requires the generalized Riemann hypothesis to prove its
correctness, see Cohen 1993, Algorithm 6.5.9.
p
N OTES To find the units in QŒ d , d > 0, one has to solve certain diophantine equations (see 5.3),
whose study has a long history. Theorem 5.1 was proved by Dirichlet (1840, 1846)2 only for rings
of the form ZŒ˛ because, at the time, a definition of OK was lacking. However, his proof extends
easily to OK (and to OK .S /).
Exercises
5-1 Fix an m and and M . Is it necessarily true that the set of algebraic integers ˛ in C of
degree < m and with j˛j < M is finite? [Either prove, or give a counterexample.]
p
5-2 Find a fundamental unit for the field QŒ 67.
5-3 Let ˛ be an element of a number field K. Does NmK=Q D ˙1 imply that ˛ is unit in
OK . [Either prove, or give a counterexample.]
2 Dirichlet, P. G. Lejeune-, Sur la théorie des nombres, C. R. Acad.

Sci. Paris 10 (1840), 285–288. Dirichlet,
P. G. Lejeune-, Zur Theorie der complexen Einheiten. Verhandl. Preuss. Akad. Wiss. (1846), 103–107.
Chapter 6
Cyclotomic Extensions; Fermat’s

Last Theorem.
The cyclotomic1 extensions of Q are those generated by a root of 1. They provide interest-
ing examples of the theory we have developed, but, more significantly, they have important
applications, for example, to Fermat’s last theorem and to the existence of reciprocity laws
(more generally, to class field theory itself).
The basic results

An element of a field K is said to be a primitive nth root of 1 if n D 1 but d ¤ 1 for
any d < n, i.e., if is an element of order n in K . For example, the nth roots of 1 in C
are the numbers e 2 i m=n , 0 m n 1, and the next lemma shows that e 2 i m=n is a
primitive nth root of 1 if and only if m is relatively prime to n.
L EMMA 6.1 Let be a primitive nth root of 1. Then m is again a primitive nth root of 1
if and only if m is relatively prime to n:
P ROOF. This is a consequence of a more general fact: if ˛ is an element of order n in a

group, then ˛ m is also of order n if and only if m is relatively prime to n. Here is the proof.
n m
If d jm; n, then .˛ m / d D ˛ n d D 1. Conversely, if m and n are relatively prime, then there
are integers a and b such that
am C bn D 1:
Now ˛ am D ˛ and so .˛ m /d D 1 ) ˛ d D .˛ am /d D 1 ) njd . 2
Let K D QŒ, where is a primitive nth root of 1. Then K is the splitting field of
X n 1, and so it is Galois over Q. Let G D Gal.QŒ=Q/. It permutes the set of primitive
nth roots of 1 in K, and so, for any 2 G, D m for some integer m relatively prime to
n; moreover, m is well-defined modulo n. The map 7! Œm is an injective homomorphism
G ! .Z=nZ/ . In FT, Proposition 5.7, it is proved that this map is an isomorphism, and so
def
ŒK W Q D '.n/ D #.Z=nZ/ . We shall give another proof, and at the same time obtain
many results concerning the arithmetic of QŒ.
1 The name cyclotomic (circle-dividing) derives from the fact that the nth roots of 1 are space evenly around
the unit circle.
89
90 CHAPTER 6. CYCLOTOMIC EXTENSIONS; FERMAT’S LAST THEOREM.
The cyclotomic polynomial ˚n is defined to be,

Y
˚n .X / D .X m /
where the product runs over a set of representatives m for the elements of .Z=nZ/ , for
example, over the integers m, 0 m n 1, relatively prime to n. Equivalently,
Y
˚n .X / D .X 0 /
where 0 runs over the primitive nth roots of 1. Because G permutes the 0 , ˚n .X / 2 QŒX ,
and clearly ˚n ./ D 0. Therefore, ˚n .X / is the minimum polynomial of if and only if it is
irreducible, in which case ŒK W Q D '.n/ and the map G ! .Z=nZ/ is an isomorphism.
Hence the following statements are equivalent:
(a) the map Gal.QŒ=Q/ / .Z=nZ/ is an isomorphism;
(b) ŒQŒ W Q D '.n/I
(c) Gal.QŒ=Q/ acts transitively on the set of primitive nth roots of 1 (i.e., they are
conjugates);
(d) ˚n .X / is irreducible (and so ˚n .X / is the minimum polynomial of /:
We shall see that all these statements are true.
Note that each nth root of 1 is a primitive d th root of 1 for exactly one d jn, and so
Y
Xn 1 D ˚d .X / D .X 1/ ˚n .X /:
d jn
To find the nth cyclotomic polynomial, type “polcyclo(n,X)” in PARI. For example,
˚3 .X / D X 2 C X C 1
˚4 .X / D X 2 C 1
˚6 .X / D X 2 X C1
4
˚12 .X / D X X2 C 1
and
X 12 1 D .X 1/.X C 1/.X 2 C X C 1/.X 2 C 1/.X 2 X C 1/.X 4 X 2 C 1/:
We first examine a cyclotomic extension in the case that n is a power p r of a prime.

P ROPOSITION 6.2 Let be a primitive p r th root of 1, and let K D QŒ:
(a) The field QŒ is of degree '.p r / D p r 1 .p 1/ over Q:
(b) The ring of integers in QŒ is ZŒ:
def
(c) The element D 1 is a prime element of OK , and .p/ D ./e with e D '.p r /:
(d) The discriminant of OK over Z is ˙p c , some c (in fact, c D p r 1 .pr r 1/);
therefore, p is the only prime to ramify in QŒ:
P ROOF. Because is integral over Z, the ring ZŒ is contained in OK .

If 0 is another primitive p r th root of 1, then 0 D s and D 0t for some integers s
and t not divisible by p, and so ZŒ 0 D ZŒ and QŒ 0 D QŒ. Moreover,
1 0
D 1 C C C s 1
2 ZŒ:
1
THE BASIC RESULTS 91
Similarly, .1 /=.1 0 / 2 ZŒ, and so .1 0 /=.1 / is a unit in ZŒ (hence also in

OK ). Note that
r
Xp 1 tp 1 r 1
˚pr .X / D r 1
D D 1 C t C C tp 1
; t D Xp ;
Xp 1 t 1
and so
˚pr .1/ D p:
For its definition, we see that
Y Y1 0 r
˚pr .1/ D .1 0/ D .1 / D u .1 /'.p / ;
1
with u a unit in ZŒ. Therefore we have an equality of ideals in OK ,

def
.p/ D ./e ; D1 ; e D '.p r /; (14)
and so .p/ has at least '.p r / prime factors in OK . Now (3.34) implies that ŒQŒ W Q
'.p r /. This proves (a) of the Proposition since we know ŒQŒ W Q '.p r /:
Moreover we see that must generate a prime ideal in OK , otherwise, again, .p/ would
have too many prime-ideal factors. This completes the proof of (c).
For future reference, we note that, in OK ,
r
.p/ D p'.p / ; p D ./; f .p=p/ D 1:
The last equality means that the map Z=.p/ ! OK =./ is an isomorphism.
We next show that (up to sign) disc.ZŒ=Z/ is a power of p. Since
disc.OK =Z/ .OK W ZŒ/2 D disc.ZŒ=Z/;
this will imply:

(i) disc.OK =Z/ is a power of p;
(ii) .OK W ZŒ/ is a power of p, and therefore p M OK ZŒ for some M .
To compute disc.ZŒ=Z/, we shall use the formula in (2.34), which in our case reads:
disc.ZŒ=Z/ D ˙ NmK=Q .˚p0 r .//:
On differentiating the equation

r 1 r
.X p 1/ ˚pr .X / D X p 1
r 1 =. p r 1
and substituting for X, we find that ˚p0 r ./ D p r p 1/. Clearly
r/ r
NmK=Q D ˙1; NmK=Q p r D .p r /'.p D p r'.p / :
We shall show that

s s
NmK=Q .1 p / D ˙p p ; 0 s < r;
and so
NmK=Q ˚p0 r ./ D ˙p c ; c D r.p 1/p r 1

pr 1
D pr 1
.pr r 1/:
First we compute NmK=Q .1 /. The minimum polynomial of 1 is ˚pr .1 X /,

which has constant term ˚pr .1/ D p, and so NmK=Q .1 / D ˙p:
s s
We next compute NmK=Q .1 p / some s < r. Because p is a primitive p r s th root
of 1, the computation just made (with r replaced by r s) shows that
s
NmQŒ ps =Q .1 p / D ˙p:
Using that
NmM=K D NmL=K ı NmM=L and NmM=L ˛ D ˛ ŒM WL if ˛ 2 L;
we see that
s s
NmK=Q .1 p / D ˙p a where a D ŒQŒ W QŒ p D '.p r /='.p r s
/ D ps :
This completes the proof of (d).

We are now ready to prove (b). As we observed above the inclusion Z ,! OK induces
an isomorphism Z=.p/ ! OK =./. In other words,
OK D Z C OK ;
and so, certainly,

OK D ZŒ C OK :
On multiplying through by , we obtain the equality
OK D ZŒ C 2 OK :
Therefore,
OK D ZŒ C ZŒ C 2 OK
D ZŒ C 2 OK :
On repeating this argument, we find that
OK D ZŒ C m OK
r/
for all m 1. Since '.p D p .unit/, this implies that
OK D ZŒ C p m OK
for all m 1. But for m large enough, we know that p m OK ZŒ, and so ZŒ D OK .
This completes the proof of (b). 2
R EMARK 6.3 (a) The sign of the disc.QŒ=Q/, any root of 1, can be computed most
easily by using (2.40a). Clearly QŒ has no real embeddings unless D ˙1 (and QŒ D
Q), and so, except for this case,
sign.disc.QŒ=Q// D . 1/s ; s D ŒQŒ W Q=2:
If is a primitive p r th root of 1, p r > 2, then
ŒQŒ W Q=2 D .p 1/p r 1

=2
THE BASIC RESULTS 93
which is odd if and only if p r D 4 or p 3 mod 4.

(b) Let and 0 be primitive p r th and q s th roots of 1. If p and q are distinct primes,
then
QŒ \ QŒ 0 D Q;
because if K QŒ, then p ramifies totally in K and q does not, and if K QŒ 0 , then q
ramifies totally in K and p does not, and these are contradictory unless K D Q:
T HEOREM 6.4 Let be a primitive nth root of 1.

(a) The field QŒ is of degree '.n/ over Q:
(b) The ring of integers in QŒ is ZŒ, and so 1; ; : : : ; '.n/ 1 is an integral basis for
OQŒ over Z.
(c) If p ramifies in QŒ then pjn; more precisely, if n D p r m with m relatively prime
to p, then
r
.p/ D .P1 Ps /'.p /
in QŒ with the Pi distinct primes in QŒ:
P ROOF. We use induction on the number of primes dividing n. Write n D p r m with m

def
not divisible by p. We may assume the theorem for m. Note that pr D m is a primitive
r
p r th root of 1, m D p is a primitive mth root of 1, and that QŒ D QŒpr QŒm .
Consider the fields:
r/
.pO/'.p
Q
QŒ? D pO
i
?? ??
?? ??
?? ??
??
?
r
QŒpr QŒm p'.p ?/
Q
?? pi
??
?? ??
?? ??
??
?
Q .p/
r
According to Proposition 6.2, .p/ ramifies totally in QŒpr , say .p/ D p'.p / , but is un-
ramified in QŒm , say .p/ D p1 ps with the pi distinct primes. Because QŒ is obtained
from QŒm by adjoining pr , its degree over QŒm is at most '.p r /. It follows from
Theorem 3.34 that p1 ps can become a '.p r /th power in QŒ only if ŒQŒW QŒm D
'.p r /
'.p r / and each prime pi ramifies totally in QŒ, say pi OQŒ D Pi . Therefore,
r
ŒQŒ W Q D '.p / '.m/ D '.n/, and to complete the proof, it remains to show that
OQŒ D ZŒpr ; m D ZŒ. This is accomplished by the next lemma, because the only
primes that can divide the discriminant of OQŒm =Z are the divisors of m (induction hy-
pothesis and 3.35). 2
L EMMA 6.5 Let K and L be finite extensions of Q such that
ŒKLW Q D ŒKW Q ŒLW Q;
and let d be the greatest common divisor of disc.OK =Z/ and disc.OL =Z//. Then
1
OKL d OK OL :
P ROOF. Let f˛1 ; :::; ˛m g and fˇ1 ; :::; ˇn g be integral bases for K and L respectively. Then
˛i ˇj is a basis for K L over Q. Thus every 2 OKL can be written in the form
X aij
D ˛i ˇj ; aij ; r 2 Z;
r
ij
a
with rij uniquely determined. After dividing out any common factors from top and bottom,
no prime factor of r will divide all the aij , and we then have to show that rjd:
When we identify L with a subfield of C, every embedding of K into C will extend
uniquely to an embedding of K L into C fixing the elements of L. To see this, write
K D QŒ˛; then K L D LŒ˛, and the hypothesis on the degrees implies that the minimum
polynomial of ˛ doesn’t change when we pass from Q to L; there is therefore a unique
L-homomorphism LŒ˛ ! C sending ˛ to ˛.
On applying such a to the above equation, we obtain an equation
X aij
. / D .˛i /ˇj :
r
ij
P
Write xi D j .aij =r/ˇj , and let 1 ; 2 ; :::; m be the distinct embeddings of K into C.
We obtain a system of m linear equations
X
k .˛i /xi D k . /; k D 1; 2; :::; m;
i
and Cramer’s rule tells us that

Dxi D Di
def
where D D det.j .˛i // and Di is a similar determinant. According to (2.26), D 2 D D
disc.OK =Z/, and so
xi D DDi :
By construction, both D and Di are algebraic integers, and so xi is an algebraic integer.
P aij aij
But xi D r ˇj , and the ˇj s form an integral basis for OL , and so r 2 Z. Hence
rjaij all i; j , and, because of our assumption on r and the aij s, this implies that rj.
Similarly, rj disc.OL =Z/, and so r divides the greatest common divisor of disc.OK =Z/
and disc.OL =Z/: 2
R EMARK 6.6 (a) Statement (c) of the theorem shows that if p divides n, then p ramifies
unless '.p r / D 1. Since '.p r / D p r 1 .p 1/, this happens only if p r D 2. Thus, if p
divides n, then p ramifies in QŒn except when p D 2 and n D 2 (odd number).
(b) Let m be an integer > 1; then '.mn/ > '.n/ except when n is odd and m D 2.
Therefore .QŒn / is cyclic of order n (generated by n ) except when n is odd, in which
case it is cyclic of order 2n (generated by n ).
(c) In the situation of the lemma,
disc.KL=Q/ D disc.K=Q/ŒLWQ disc.L=Q/ŒKWQ ; (15)
provided OKL D OK OL . This can be proved by an elementary determinant calculation.

Using this, one can show that, for n a primitive nth root of 1,
Y
disc.QŒn =Q/ D . 1/'.n/=2 n'.n/ = p '.n/=.p 1/ :
pjn
CLASS NUMBERS OF CYCLOTOMIC FIELDS 95
The example p p
QŒi; 5 D QŒi QŒ 5
shows that the conditionpon the rings of integers is necessary for (15) to hold, because
p the
extensions QŒi and QŒ 5 have discriminants 4 and 20 respectively, but QŒi; 5 has
discriminant 42 52 D 42 202 =42 .
Class numbers of cyclotomic fields

Let be a primitive pth root of 1, p an odd prime. It is known that the class number of QŒ
grows quite rapidly with p, and that in fact the class number is 1 if and only if p 19.
Here is how to prove that QŒ has class number > 1 when p D 23. The Galois group
of QŒ over Q is cyclic of order 22, and therefore has a unique subgroup of index 2. Hence
QŒ contains a unique quadratic extension K of Q. Since 23 is the only prime ramifyingp in
QŒ, it must also be the only prime
p ramifying in K, and this implies that K D QŒ 23.
One checks that .2/ splits in QŒ 23, say .2/ D pq, that p is not principal, and that p3 is
principal. Let P be a prime ideal of ZŒ lyingp over p. Then N P D pf , where f is the
residue class degree. Since f divides ŒQŒ W QŒ 23 D 11, we see that f D 1 or 11 (in
f
fact, f D 11). In either case, p is not principal, and this implies that P is not principal,
because the norm of a principal ideal is principal.
Because of the connection to Fermat’s last theorem, primes p such that p does not
divide the class number of QŒ are of particular interest. They are called regular. Kummer
found a simple test for when a prime is regular: define the Bernoulli numbers Bn by the
formula
1
t X tn
D B n ; Bn 2 QI
et 1 nŠ
nD0
then p is regular if and only if p divides the numerator of some Bk with k D 2; 4; : : : ; p 3.

It has long been known that there are infinitely many irregular primes, but it is still not
proved that there are infinitely many regular primes. It is expected that 61% of primes are
regular and 39% are irregular.
Units in cyclotomic fields

Let be a primitive nth root of 1, n > 2. Define
QŒC D QŒ C 1
:
For example, if D e 2 i=n , then QŒC D QŒcos 2 n . Under any embedding of QŒ into
1
C, maps to the complex conjugate of , and therefore the image of QŒC is fixed under
complex conjugation and hence lies in R. Thus, we see that QŒ is a CM field with maximal
totally real subfield QŒC . According to Proposition 5.12, the index of .QŒ/ UQŒ C in
UQŒ is 1 or 2. In fact, when n is a prime power, it must be 1.
P ROPOSITION 6.7 Assume that n is a prime power; then every unit u 2 QŒ can be written
uDv
with a root of unity and v a unit in QŒC .

P ROOF. We prove this only for powers of odd primes (which is all we shall need in the next
section). If the statement is false, then the homomorphism
N UQŒ ! =2 ;
u 7! u=uW D .QŒ/;
in the proof of Proposition (5.12) is surjective, and so there exists a unit u of QŒ such that
uN D 0 u where 0 is a root of 1 that is not a square. Recall (6.6b) that, because n is odd,
D f˙1g hi, and so 2 D hi. Therefore 0 D m for some integer m. Let
'.n/ 1
u D a0 C C a'.n/ 1 , ai 2 Z:
Then uN D a0 C C a'.n/ N '.n/

1
1, and modulo the prime ideal p D .1 / D .1 N
/
of OQŒ ;
u a0 C C a'.n/ 1 u.
N
Thus
u mu u mod p;
and so 2u 2 p. This is a contradiction because p is prime, 2 … p, and u … p. 2
The first case of Fermat’s last theorem for regular primes

Kummer proved Fermat’s last theorem for regular primes. Here we prove a weaker result,
known as the first case of Fermat’s last theorem.
T HEOREM 6.8 Let p be an odd prime. If the class number of QŒ is not divisible by p,
then there does not exist an integer solution .x; y; z/ to
X p C Y p D Zp
with p relatively prime to xyz.
We show that existence of integers x; y; z with x p C y p D z p and p - xyz leads to a

contradiction. After removing any common factor, we may suppose that gcd.x; y; z/ D 1.
We first treat the case p D 3. The only cubes modulo 9 are 1, 0, 1, and so
x3 C y3 2; 0, or 2 mod 9;
3
z 1 or 1 mod 9;
which are contradictory. Similarly we may eliminate the case p D 5 by looking modulo
25. Henceforth we assume p > 5.
If x y z mod p, then 2z p z p and pj3z, contradicting our hypotheses.
Hence one of the congruences can’t hold, and after rewriting the equation x p C . z/p D
. y/p if necessary, we may assume that p - x y.
The roots of X p C 1 are 1; ; : : : ; p 1 , and so
Yp 1
Xp C 1 D .X C i /:
i D0
Hence Yp 1
.x C i y/ D z p :
i D0
THE FIRST CASE OF FERMAT’S LAST THEOREM FOR REGULAR PRIMES 97
The idea of the proof is to exploit this factorization and what we know of the arithmetic of
QŒ to obtain a contradiction.
Let p be the unique prime ideal of ZŒ dividing .p/; thus p D .1 i / where i can be
any integer such that 1 i p 1 (see 6.2).
L EMMA 6.9 The elements x C i y of ZŒ are relatively prime in pairs.
P ROOF. We have to show that there does not exist a prime ideal q dividing x C i y and
xC j y for i ¤ j . Suppose there does. Then qj.. i j /y/ D py, and qj.. j i /x/ D px.
By assumption, x and y are relatively prime, and therefore q D p. Thus x Cy x C i y
0 mod p. Hence x C y 2 p \ Z D .p/. But z p D x p C y p x C y 0 mod p, and
so pjz, which contradicts our hypotheses. 2
L EMMA 6.10 For every ˛ 2 ZŒ, ˛ p 2 Z C pZŒ.
P ROOF. Write
p 2
˛ D a0 C a1 C C ap 2 ; ai 2 Z:
Then
p p p
˛ p a0 C a1 C C ap 1 mod p;
which lies in Z. 2
L EMMA 6.11 Let ˛ D a0 C a1 C C ap 1 p 1 with ai 2 Z and at least one ai D 0.

If ˛ is divisible by an integer n, i.e., if ˛ 2 nZŒ, then each ai is divisible by n.
P ROOF. Since 1 C C C p 1 D 0, any subset of f1; ; : : : ; p 1g with p 1 elements

will be a Z-basis for ZŒ. The result is now obvious. 2
We can now complete the proof of Theorem 6.8. Regard the equation
Yp 1
.x C i y/ D .z/p
i D0
as an equality of ideals in ZŒ. Since the factors on the left are relatively prime in pairs,
each one must be the pth power of an ideal, say
p
.x C i y/ D ai
for some ideal ai in ZŒ. This equation implies that ai has order dividing p in the class
group, but we are assuming that the class group of ZŒ is of order prime to p, and so ai
itself is principal, say ai D .˛i /.
Take i D 1, and omit the subscript on ˛1 . Then we have that x C y D u˛ p for some
unit u in ZŒ. We apply (6.7) to write u D r v where vN D v. According to (6.10), there is
an a 2 Z such that ˛ p a mod p. Therefore
x C y D r v˛ p r va mod p:
Also
N D
x C y r
v ˛N p r
va mod p:
On combining these statements, we find that

r
.x C y/ r .x C 1
y/ mod p;
or
x C y 2r x 2r 1
y0 mod p: (16)
If 1; ; 2r 1 ; 2r are distinct, then, because p 5, Lemma 6.11 implies that p divides x
and y, which is contrary to our original assumption. The only remaining possibilities are:
(a) 1 D 2r ; but then (*) says
1
y y0 mod p;
and Lemma 6.11 implies pjy, which contradicts our original assumption.
(b) 1 D 2r 1 ; then D 2r , and (*) says
.x y/ .x y/ 0 mod p;
and Lemma 6.11 implies that pjx y, which contradicts the choice of x and y made
at the start of the proof.
(c) D 2r 1 ; but then (*) says
x 2x 0 mod p;
and Lemma 6.11 implies that pjx, which contradicts our original assumption.
This completes the proof.
N OTES Everything in this section was known to Kummer, but in terms of “ideal numbers” rather
than ideals. The methods of this section have not (so far) sufficed to prove Fermat’s last theorem
but, as the reader may already be aware, other methods have.
Exercises
6-1 Show that X 3 3X C 1 is an irreducible polynomial in QŒX with three real roots.
Let ˛ be one of them, and let K D QŒ˛. Compute disc.ZŒ˛=Z/, and deduce that
OK ZŒ˛ 3m OK
for some m. Show that ˛ and ˛C2 are units in ZŒ˛ and OK , and that .˛C1/3 D 3˛.˛C2/.
Deduce that .˛ C 1/ is a prime ideal in OK , and show that OK D ZŒ˛ C .˛ C 1/OK . Use
this to show that OK D ZŒ˛. Show that .2/ is a prime ideal in OK , and deduce that OK is
a principal ideal domain.
6-2 Show that the ring of integers in QŒcos 2 2

m is ZŒ2 cos m .
Chapter 7
Valuations; Local Fields
In this section, we define the notion of a valuation and study the completions of number
fields with respect to valuations.
Valuations
A (multiplicative) valuation on a field K is a function x 7! jxjW K ! R such that
(a) jxj > 0 except that j0j D 0I
(b) jxyj D jxjjyj
(c) jx C yj jxj C jyj (triangle inequality).
If the stronger condition
(c0 ) jx C yj maxfjxj; jyjg
holds, then j j is called a nonarchimedean valuation.
Note that (a) and (b) imply that j j is a homomorphism K ! R>0 (multiplicative
group of positive real numbers). Since R>0 is torsion-free, j j maps all roots of unity in K
to 1. In particular, j 1j D 1, and j xj D jxj for all x.
E XAMPLE 7.1 (a) For any number field K, and embedding W K ,! C, we get a valuation
on K by putting jaj D j aj:
(b) Let ordW K ! Z be an (additive) discrete valuation, and let e be a real number
with e > 1; then
jaj D .1=e/ord.a/ ; a ¤ 0; j0j D 0
is a nonarchimedean valuation on K. For example, for any prime number p, we have the
p-adic valuation j jp on Q W
jajp D .1=e/ordp .a/ :
Usually we normalize this by taking e D p; thus
jajp D .1=p/ordp .a/ D 1=p r if a D a0 p r with ordp .a0 / D 0:
Similarly, for any prime ideal p in a number field K, we have a normalized p-adic valuation
jajp D .1=Np/ordp .a/ :
(c) On any field we can define the trivial valuation: jaj D 1 for all a ¤ 0. When K is
finite, there is no other (because all nonzero elements of a finite field are roots of 1).
99
100 CHAPTER 7. VALUATIONS; LOCAL FIELDS
Nonarchimedean valuations
Recall that this means that, instead of the triangle inequality, we have
jx C yj maxfjxj; jyjg:
By induction, this condition implies that

P
j xi j maxfjxi jg: (17)
P ROPOSITION 7.2 A valuation j j is nonarchimedean if and only if it takes bounded values

on fm1 j m 2 Zg.
P ROOF. If j j is nonarchimedean, then, for m > 0;
jm1j D j1 C 1 C C 1j j1j D 1:
As we noted above, j 1j D j1j, and so j m1j D jm1j 1:

Conversely, suppose jm1j N for all m. Then
X n X n
jx C yjn D j r n r
r x y j j r j jxjr jyjn r
:
r
n
Clearly jxjr jyjn r maxfjxjn ; jyjn g D maxfjxj; jyjgn and r is an integer, and so
jx C yjn N.n C 1/ maxfjxj; jyjgn :
On taking nth roots we find that
jx C yj N 1=n .n C 1/1=n maxfjxj; jyjg:
When we let n ! 1, the terms involving n tend to 1 (to see this, take logs). 2
C OROLLARY 7.3 If char K ¤ 0, then K has only nonarchimedean valuations.
P ROOF. In this case, the set fm 1 j m 2 Zg is finite. 2
A SIDE 7.4 Archimedes stated that for any two line segments, laying the shorter segment end-to-end
a sufficient finite number of times will create a segment longer than the other. In other words, for any
two nonzero real numbers a and b, there is an n 2 N such that jbj < jnaj. The proposition shows
that the nonarchimedean valuations are exactly those that don’t have this “archimedean property”.
As we noted above, a discrete (additive) valuation ord on K determines a valuation by

ord.x/
jxj D e ;
any e > 1. Taking logs gives loge jxj D ord.x/, or ord.x/ D loge jxj. This suggests
how we might pass from multiplicative valuations to additive valuations.
P ROPOSITION 7.5 Let j j be a nontrivial nonarchimedean valuation, and put v.x/ D log jxj,
x ¤ 0 (log to base e for any real e > 1/. Then vW K ! R satisfies the following condi-
tions:
EQUIVALENT VALUATIONS 101
(a) v.xy/ D v.x/ C v.y/I

(b) v.x C y/ minfv.x/; v.y/g:
If v.K / is discrete in R, then it is a multiple of a discrete valuation ordW K Z R:
P ROOF. That v satisfies (a) and (b) is obvious. For the last statement, note that v.K / is
a subgroup of R (under addition). If it is a discrete subgroup, then it is a lattice (by 4.15),
def
which means that v.K / D Zc for some c. Now ord D c 1 v is an additive discrete
valuation K Z. 2
We shall say j j is discrete when jK j is a discrete subgroup of R>0 . Note that, even
when jK j is discrete in R, jKj usually won’t be, because 0 will be a limit point for the set
jK j: For example, jp n jp D p n , which converges to 0 as n ! 1.
P ROPOSITION 7.6 Let j j be a nonarchimedean valuation. Then
def
A D fa 2 K j jaj 1g is a subring of K, with
def
U D fa 2 K j jaj D 1g as its group of units, and
def
m D fa 2 K j jaj < 1g as its unique maximal ideal.
The valuation j j is discrete if and only if m is principal, in which case A is a discrete
valuation ring.
P ROOF. The first assertion is obvious. If j j is discrete, then A and m are the pair associated
(as in 3.27) with the additive valuation log j j, and so A is a discrete valuation ring and m
is generated by any element 2 K such that jj is the largest element of jK j less than
one. Conversely, if m D ./, then jK j is the subgroup of R>0 generated by jj: 2
R EMARK 7.7 There do exist nondiscrete nonarchimedean valuations. For example, let Qal
be an algebraic closure of Q. We shall see later that the p-adic valuation j jp W Q ! R
extends to Qal (in many different ways). Since Qal contains an element p 1=n for all n, we
p p
see that jQal j 3 .p 1 /1=n D 1= n p for all n, and 1= n p ! 1 as n ! 1. In fact, one can
show that jQal j D fp r j r 2 Qg, which is not discrete in R>0 .
Equivalent valuations
Note that a valuation j j defines a metric on K, with distance function
d.a; b/ D ja bj;
and hence a topology on K: for a 2 K, the sets
U.a; "/ D fx 2 K j jx aj < "g; " > 0;
form a fundamental system of open neighbourhoods of a. A set is open if and only if it is a
union of sets of the form U.a; "/.
For example, for the topology on Q defined by j jp , a and b are close if their difference
is divisible by a high power of p. In particular, the sequence
1; p; p 2 ; : : : ; p n ; : : :
converges to 0.
The topology defined by the p-adic valuation j jp is called the p-adic topology on K.
P ROPOSITION 7.8 Let j j1 , j j2 be valuations on K, with j j1 nontrivial. The following

conditions are equivalent:
(a) j j1 , j j2 define the same topology on KI
(b) j˛j1 < 1 ) j˛j2 < 1I
(c) j j2 D j ja1 for some a > 0:
P ROOF. (a) ) (b): Since j˛ n j D j˛jn , clearly ˛ n ! 0 if and only if j˛j < 1: Therefore (a)
implies that
j˛j1 < 1 ” j˛j2 < 1:
(b) ) (c): Because j j1 is nontrivial, there exists a y 2 K such that jyj > 1. Let
a D log jyj2 = log jyj1 ;
so that
log jyj2 D a log jyj1 ;
or
jyj2 D jyja1 :
Now let x be any nonzero element of K. There is a real number b such that
jxj1 D jyjb1 :
To prove (c), it suffices to prove that
jxj2 D jyjb2 ;
because then
jxj2 D jyjb2 D jyjab a
1 D jxj1 :
Let m=n, n > 0, be a rational number > b. Then
m
jxj1 D jyjb1 < jyj1n
and so
jx n =y m j1 < 1:
From our assumption (b), this implies that
jx n =y m j2 < 1
and so m
jxj2 < jyj2n :
m
This is true for all rational numbers n > b, and so
jxj2 jyjb2 :
m
A similar argument with rational numbers n < b shows that
jxj2 jyjb2 ;
and so we have equality, which completes the proof of (a). 2
Two valuations are said to be equivalent if they satisfy the conditions of the proposition.
PROPERTIES OF DISCRETE VALUATIONS 103
Properties of discrete valuations

We make some easy, but important, observations about discrete valuations.
7.9 For an additive valuation, we are given that
ord.a C b/ minford.a/; ord.b/g
and we checked (3.26 et seq.) that this implies that equality holds if ord.a/ ¤ ord.b/. For
multiplicative valuations, we are given that
ja C bj maxfjaj; jbjg;
and a similar argument shows that equality holds if jaj ¤ jbj. This has the following
consequences.
7.10 Recall that we define a metric on K by setting d.a; b/ D ja bj. I claim that if x is
closer to b than it is to a, then d.a; x/ D d.a; b/. For we are given that
jx bj < jx aj;
and this implies that

jb aj D jb xCx aj D jx aj:
7.11 Suppose
a1 C a2 C C an D 0:
Then an argument as on p59 shows that the maximum value of the summands must be
attained for at least two values of the subscript.
Complete list of valuations for the rational numbers

We now give a complete list of the valuations on Q (up to equivalence). We write j j1
for the valuation on Q defined by the usual absolute value on R, and we say that j j1 is
normalized.
T HEOREM 7.12 (O STROWSKI ) Let j j be a nontrivial valuation on Q:

(a) If j j is archimedean, then j j is equivalent to j j1 :
(b) If j j is nonarchimedean, then it is equivalent to j jp for exactly one prime p.
P ROOF. Let m; n be integers > 1. Then we can write
m D a0 C a1 n C C ar nr
with the ai integers, 0 ai < n, nr m. Let N D maxf1; jnjg. By the triangle inequality,
X X
jmj jai jjnji jai jN r :
We know
r log.m/= log.n/;
(log relative to some e > 1) and the triangle inequality shows that
jai j j1 C C 1j D ai j1j D ai n:
On putting these into the first inequality, we find that

r log m log m
jmj .1 C r/nN 1 C nN log n :
log n
In this inequality, replace m with mt (t an integer), and take t th roots:

1
t log m t 1 log m
jmj 1 C n t N log n :
log n
Now let t ! 1. The terms involving t tend to 1, and so
log m
jmj N log n : (*)
C ASE (i): For all integers n > 1, jnj > 1.

In this case N D jnj, and (*) yields:
jmj1= log m jnj1= log n :
By symmetry, we must have equality, and so there is an c > 1 such that
c D jmj1= log m D jnj1= log n
for all integers m; n > 1. Hence
jnj D c log n D e log c log n D nlog c , all integers n > 1:
Let a D log c, and rewrite this
jnj D jnja1 , all integers n > 1;
where j j1 is the usual absolute value on Q. Since both j j and j ja1 are homomorphisms
Q / R>0 , the fact that they agree on a set of generators for the group Q (the primes
and 1) implies that they agree on all of Q .
C ASE (ii): For some n > 1, jnj 1.
In this case, N D 1, and (*) implies jmj 1 for all integers m. Therefore the valuation
is nonarchimedean. Let A be the associated local ring and m its maximal ideal. From the
definition of A, we know that Z A. Then m\Z is a prime ideal in Z (because m is a prime
ideal), and it is nonzero for otherwise the valuation would be trivial. Hence m\Z D .p/ for
some p. This implies that jmj D 1 if m is an integer not divisible by p, and so jnp r j D jpjr
if n is a rational number whose numerator and denominator are not divisible by p. If a is
such that jpj D .1=p/a ; then jxj D jxjpa for all x 2 Q: 2
T HEOREM 7.13 (P RODUCT F ORMULA ) For p D 2; 3; 5; 7; :::; 1, let j jp be the corre-

sponding normalized valuation on Q. For any nonzero rational number a
Y
jajp D 1 (product over all p including 1/:
THE PRIMES OF A NUMBER FIELD 105
P ROOF. Let ˛ D a=b, a; b 2 Z. Then j˛jp D 1 unless pja or pjb. Therefore j˛jv D 1 for
Qvs, and so the product is really finite.
all but finite many
Let .a/ D jajv . Then is a homomorphism Q ! R , and so it suffices to show
that . 1/ D 1 and .p/ D 1 for each prime number p. The first is obvious, because
j 1j D 1 for all valuations j j. For the second, note that
jpjp D 1=p; jpjq D 1; q a prime ¤ p; jpj1 D p:
The product of these numbers is 1. 2
The primes of a number field

Let K be an algebraic number field. An equivalence class of valuations on K is called a
prime or place of K.
T HEOREM 7.14 Let K be an algebraic number field. There exists exactly one prime of K
(a) for each prime ideal p;
(b) for each real embedding;
(c) for each conjugate pair of complex embeddings.
P ROOF. See Chapter 8. 2
In each equivalence class of valuations of K we select a normalized valuation1 as fol-

lows:
for a prime ideal p of OK , jajp D .1=Np/ordp .a/ D .Op W .a// 1 ;
for a real embedding W K ,! R, jaj D j ajI
for a nonreal complex embedding W K ,! C, jaj D j aj2 .
Note that this last is not actually a valuation, because it doesn’t satisfy the triangle law.
There are various ways of getting around this problem the best of which is simply to ignore
it.
N OTATIONS
We generally write v for a prime. If it corresponds to a prime ideal p of OK , then we call it a
finite prime, and we write pv for the ideal. If it corresponds to a (real or nonreal) embedding
of K, then we call it an infinite (real or complex) prime. We write j jv for a valuation in the
equivalence class. If L K and w and v are primes of L and K such that j jw restricted
to K is equivalent to j jv , then we say that w divides v, or w lies over v, and we write wjv.
For a finite prime, this means Pw \ OK D pv or, equivalently, that Pw divides pv OL .
For an infinite prime, it means that w corresponds to an embedding W L ,! C that extends
the embedding corresponding to v (or its complex conjugate).
1 These are the most natural definitions for which the product formula hold. Alternatively, let K be the
v
completion of K with respect to the valuation v, and let be a Haar measure on .Kv ; C/ — it is uniquely
df
determined up to a nonzero constant. For any nonzero a 2 Kv , a .U / D .aU / is also a Haar measure on
.Kv ; C/, and so a D c.a/ for some constant c.a/. In fact, c.a/ D jaj, the normalized valuation of a.
T HEOREM 7.15 (P RODUCT F ORMULA ) For each prime v, let j jv be the normalized valu-
ation. For any nonzero ˛ 2 K;
Y
j˛jv D 1 (product over all primes of K/:
P ROOF. The product formula for a general number field follows from the product formula
for Q and the next result. 2
L EMMA 7.16 Let L be a finite extension of a number field K:

(a) Each prime on K extends to a finite number of primes of L:
(b) For any prime v of K and ˛ 2 L ,
Y
j˛jw D j NmL=K ˛jv :
wjv
P ROOF. See Chapter 8. 2
R EMARK 7.17 The product formula is true in two other important situations.
(a) Let K be a finite extension of k.T / where k is a finite field. According to (7.3),
the valuations of K are all discrete, and hence correspond to discrete valuation rings in K.
As in the number field case, we can normalize a valuation by setting jajv D .1=Nv/ordv .a/
where Nv is the numberQof elements in the residue field of the discrete valuation ring and
ordv W K Z. Then v jajv D 1: The proof of this is easy when K D k.T /, and the
general case is obtained by means of a result like (7.16).
(b) Let K be a finite extension of k.T / where k is an algebraically closed field. In
this case we look only at primes that are trivial when restricted to k. All such primes are
nonarchimedean, and hence correspond to discreteQvaluations ordv W K Z. Fix an e > 1,
and define jajv D .1=e/ordv .a/ for every v. Then jajv D 1 for all a 2 K . This of course
is equivalent to the statement
X
ordv .a/ D 0:
For example, let X be a compact Riemann surface, and let K be the field of meromorphic
functions on X . For each point P of X we have a discrete valuation, defined by ordP .f / D
m or m according as f has a zero or pole of order m at P . The valuations ordP are
precisely the valuations on K trivial on C K, and so the product formula for K is simply
the statement that f has as many zeros as poles.
The proof of this runs as follows: the Cauchy integral formula implies that if f is a
nonconstant meromorphic function on an open set U in C, and is the oriented boundary
of a compact set C contained in U , then
f 0 .z/
Z
dz D 2 i.Z P /
f .z/
where Z is the number of zeros of f in C and P is the number of poles of f , both counted
with multiplicities. This formula also holds for compact subsets of manifolds. If the man-
ifold M is itself compact, then we can take C D M , which has no boundary, and so the
formula becomes
Z P D 0;
i.e., X
ordP .f / D 0; P 2 M:
THE WEAK APPROXIMATION THEOREM 107
The weak approximation theorem

Recall that a valuation on a field K is homomorphism a 7! jaj W K ! R>0 such that
ja C bj jaj C jbj for all a; b 2 K . We extend it to K by setting j0j D 0. A valuation
is trivial if jaj D 1 for all a ¤ 0. Two nontrivial valuations j j1 and j j2 are equivalent
if jaj1 < 1 implies jaj2 < 1, in which case j j2 D j jr1 for some r 2 R>0 (see 7.8). The
statements in this section continue to hold if we replace “valuation” with “positive power
of a valuation” (which, in the archimedean case, may fail to satisfy the triangle rule).
L EMMA 7.18 If j j1 , j j2 , : : : , j jn are nontrivial inequivalent valuations of K, then
there is an element a 2 K such that

jaj1 > 1
jaji < 1; i ¤ 1:
P ROOF. First let n D 2. Because j j1 and j j2 are inequivalent, there are elements b and c
such that
jbj1 < 1; jbj2 1
jcj1 1; jcj2 < 1:
Now a D bc has the required properties.
We proceed by induction assuming that the lemma is true for n 1 valuations. There
exist elements b; c such that

jbj1 > 1; jbji < 1; i D 2; 3; : : : ; n 1
jcj1 < 1; jcjn > 1
cb r
If jbjn 1, then a D cb r works for sufficiently large r. If jbjn > 1, then ar D 1Cb r works
b r
for sufficiently large r, because 1Cb r converges to 0 or 1 according as jbj < 1 or jbj > 1.2
L EMMA 7.19 In the situation of the last lemma, there exists an element of K that is close
to 1 for j j1 and close to 0 for j ji , i D 2; : : : n.
ar
P ROOF. Choose a as in (7.18), and consider ar D 1Car . Then
1 1
jar 1j1 D r
r !0
j1 C a j1 jaj1 1
as r ! 1. For i 2,
jajri jajri
jar ji D !0
j1 C ajri 1 jajri
as r ! 0. 2
T HEOREM 7.20 Let j j1 , j j2 , : : : , j jn be nontrivial inequivalent valuations of a field

K, and let a1 ; : : : ; an be elements of K. For any " > 0, there is an element a 2 K such that
ja ai ji < " for all i .
P ROOF. Choose bi , i D 1; : : : ; n, close to 1 for j ji and close to 0 for j jj , j ¤ i . Then

a D a1 b1 C C an bn
works. 2
Let Ki be the completion of K for j ji . The statement of the theorem also holds with
ai in Ki (rather than K)—choose ai0 2 K very 0
Q close to ai and a 2 K very close to each ai .
Thus K (embedded diagonally) is dense in Ki .
The theorem shows that there can be no finite product formula. More precisely:
C OROLLARY 7.21 Let j j1 , j j2 , : : : , j jn be nontrivial inequivalent valuations on a field

K. If
jajr11 jajrnn D 1; ri 2 R;
for all a 2 K , then ri D 0 for all i .
P ROOF. If any ri ¤ 0, an a for which jaji is sufficiently large and the jajj , j ¤ i , are
sufficiently small provides a contradiction. 2
The reader should compare the Weak Approximation Theorem with what the Chinese
Remainder Theorem gives (see Exercise 7-1).
N OTES The Weak Approximation Theorem first occurs in Artin and Whaples 1945.2 See also Artin
1959, Our account follows the original.
Completions
Let K be a field with a nontrivial valuation. A sequence .an / of elements in K is called a
Cauchy sequence if, for every " > 0, there is an N such that
jan am j < ", all m; n > N:
The field K is said to be complete if every Cauchy sequence has a limit in K. (The limit is
necessarily unique.)
E XAMPLE 7.22 Consider the sequence in Z
4; 34; 334; 3334; : : : :
As
n
jam an j5 D 5 .m > n/;
this is a Cauchy sequence for the 5-adic topology on Q. Note that
3 4 D 12; 3 34 D 102; 3 334 D 1002; 3 3334 D 10002; : : :
and so 3 an 2 ! 0 as n ! 1. Thus limn!1 an D 2=3 2 Q.
There is a similar notion of Cauchy series. For example, any series of the form
n
a np C C a0 C a1 p C C am p m C ; 0 ai < p;
is a Cauchy series in Q for the p-adic topology.

2 Axiomatic characterization of fields by the product formula for valuations, Bull. AMS, 51, 1945, pp.
469–492.
COMPLETIONS IN THE NONARCHIMEDEAN CASE 109
T HEOREM 7.23 Let K be a field with a valuation j j. Then there exists a complete valued
O j j/ and a homomorphism K ! KO preserving the valuation that is universal in the
field .K;
following sense: any homomorphism K ! L from K into a complete valued field .L; j j/
preserving the valuation, extends uniquely to a homomorphism KO ! L.
P ROOF (S KETCH ) Every point of KO will be the limit of a sequence of points in K, and the
sequence will be Cauchy. Two Cauchy sequences will converge to the same point in KO if
and only if they are equivalent in the sense that
lim jan bn j D 0:
n!1
This suggests defining KO to be the set of equivalence classes of Cauchy sequences in K.

Define addition and multiplication of Cauchy sequences in the obvious way, and verify
that KO is a field. There is a canonical map K ! KO sending a to the constant Cauchy
O We can extend a
sequence a; a; a; : : :, which we use to identify K with a subfield of K.
O
homomorphism from K into a second complete valued field L to K by mapping the limit
of a Cauchy sequence in KO to its limit in L: 2
R EMARK 7.24 (a) As usual, the pair .K ! K; O j j/ is uniquely determined up to a unique

isomorphism by the universal property (cf. GT 2.4).
(b) The image of K in KO is dense because the closure KN of K in KO is complete, and
.K ! K;N j j/ has the same universal property as .K ! K; O j j/.
For a prime v of K, we write Kv for the completion of K with respect to v. When

v corresponds to a prime ideal p, we write Kp for the completion, and OO p for the ring of
integers in Kp . For example, Qp is the completion of Q with respect to the p-adic valuation
j jp . We write Zp (not ZO p ) for the ring of integers in Qp (the ring of p-adic integers).
Completions in the nonarchimedean case

Let j j be a discrete nonarchimedean valuation on K, and let be an element of K with
largest value < 1 (therefore generates the maximal ideal m in the valuation ring A). Such
a is called a local uniformizing parameter.
The set of values is
jKj D fc m j m 2 Zg [ f0g; c D jj:
Let a 2 KO , and let an be a sequence in K converging to a. Then jan j ! jaj (because j j

is a continuous map), and so jaj is a limit point for the set jK j. But jK j is closed (being
discrete), and so jaj 2 jK j. Thus jKjO D jKj, and so j j is a discrete valuation on KO also.

Let ordW K Z be a normalized discrete additive valuation corresponding to j j; then ord
extends to a normalized discrete valuation on K:O
Note that if an ! a ¤ 0, then jan j ! jaj ¤ 0, and (because jK j is discrete),
jan j D jaj for all n large enough.
The ring associated with j j in KO is
AO D fa 2 KO j jaj 1g:
Clearly AO is the set of limits of Cauchy sequences in A, and it is therefore the closure of A
O The maximal ideal in AO is
in K:
O D fa 2 KO j jaj < 1g:

m
Again it is the set of limits of Cauchy sequences in m, and so it is the closure of m: Similarly,
O n is the closure of mn . Let be an element with ord./ D 1; then generates m in A
m
and m O
O in A:
O m
L EMMA 7.25 For any n, the map A=mn ! A= O n is an isomorphism.
P ROOF. Note that
mn D fa 2 A j jaj jjn g D fa 2 A j jaj < jjn 1

g
O n is open,
is both open and closed in A. Because it is closed, the map is injective; because m
the map is surjective. 2
P ROPOSITION 7.26 Choose a set S of representatives for A=m, and let generate m. The
series
a n n C C a0 C a1 C C am m C ; ai 2 S
is a Cauchy series, and every Cauchy series is equivalent to exactly one of this form. Thus
each element of KO has a unique representative of this form.
PM i.
P ROOF. Let sM D iD n ai Then
jsM sN j jjM C1 , if M < N;
which shows that the sequence sM is Cauchy. Let ˛ 2 K. O Because jKj O D jKj, we can
n O
write ˛ D ˛0 with ˛0 a unit in A. From the definition of S , we see that there exists an
a0 2 S such that ˛0 a0 2 m. O Now ˛0 a0 2 A,O and so there exists an a1 2 S such that
˛0 a0

O Now there exists an a2 such that ˛0 a02 a1 a2 2 m,
a1 2 m. O etc. In the limit,
˛0 D a0 C a1 C ; ˛ D n ˛0 :
Note that
ai i j D j m j
P
j
if am is the first nonzero coefficient. Therefore ai i D 0 (if and) only if ai D 0 for all
P
i . This proves the uniqueness. 2
Thus, for example, every equivalence class of Cauchy sequences in Q for j jp has a
unique representative of the form
n
a np C C a0 C a1 p C a2 p 2 C ; 0 ai < p:
Note that the partial sums of such a series are rational numbers. It is as easy to work with
such series as with decimal expansions of real numbers — just remember high powers of p
are small, and hence the first to be ignored.
COMPLETIONS IN THE NONARCHIMEDEAN CASE 111
We explain this in more detail. The maps
Z=.p n / ! Z.p/ =.p n / ! Zp =.p n /
are both bijective (see 3.10 for the first map). Let ˛ 2 Zp . Because the map is bijective,
for all n, there is an an 2 Z such that ˛ an mod p n : Note that, if n < m, an am
mod p n , which implies that .an / is a Cauchy sequence. Let
n 1
an c0 C c1 p C C cn 1p mod p n ; 0 ci p 1I
then X
˛D ci p i :
i 0
ci p i , 0 ci p
P
Conversely, if ˛ D 1, then c0 ; c1 ; : : : is the unique sequence of
integers, 0 ci p 1, such that
n
X1
˛ ci p i mod p n :
i D0
If ˛ 2 Qp but not Zp , then p m ˛ 2 Zp for a sufficiently large m, and the above arguments
can be applied to it.
The following examples illustrate how to work with p-adic numbers.
E XAMPLE 7.27 In Q2 ;
1 C 2 C C 2n C
converges to 1, because the sum of the first n terms is
2n 1
D 2n 1
2 1
which converges to 1.
E XAMPLE 7.28 I claim that 1 is a square in Q5 . We have to find a series
a0 C a1 5 C a2 52 C ; ai D 0; 1; 2; 3, or 4
such that
.a0 C a1 5 C a2 52 C :::/2 C 1 D 0:
We first need that
a02 C 1 0 mod 5.
Thus we must take a0 D 2 or 3; we choose 2 (choosing 3 would lead to the other root).
Next we need
.2 C a1 5/2 C 1 0 mod 52 ;
and so we want
5 C 20a1 0 (mod 52 /:
We must take a1 D 1. Suppose we have found
cn D a0 C a1 5 C a2 52 C C an 5n
such that
cn2 C 1 0 (mod 5nC1 /;
and consider cn C anC1 5nC1 . We want
.cn C anC1 5nC1 /2 C 1 0 (mod 5nC2 /,
for which we need that
cn2 C 1 C 2cn anC1 5nC1 0 (mod 5nC2 /;
or that
2cn anC1 5nC1 . 1 cn2 / (mod 5nC2 /;
or that
2cn anC1 . 1 cn2 /=5nC1 (mod 5);
or that
4anC1 D . 1 cn2 /=5nC1 (mod 5).
Since 4 is invertible modulo 5, we can always achieve this. Hence we obtain a series
converging to 1. In fact,
!
p 1
1p 1 X1
1D 1 5D . 1/n 2 5n :
2 2 nD0 n
E XAMPLE 7.29 We study the convergence of the power series

x2 xn
exp.x/ D 1 C x C C C C
2Š nŠ
in Qp . Write
n D a0 C a1 p C C ar p r ; 0 ai p 1:
Then
n n n
ordp .nŠ/ D C C C ;
p p2 pr
where here Œa denotes the floor of a (largest integer less than a), and

n
D a1 Ca2 p C a3 p 2 C Car p r 1
p

n
2
D a2 p C Car p r 2
p

n
D ar :
pr
On summing these equalities, we find that
p0 1 p1 1 p2 1 pr 1
ordp .nŠ/ D a0 C a1 C a2 C C ar
p 1 p 1 p 1 p 1
P
n ai
D .
p 1
NEWTON’S LEMMA 113
Therefore
xn
P
1 ai
ordp D n ordp .x/ p 1 C p 1:
nŠ
P
ai log.n/ xn 1
As p 1 log.p/
, we see that nŠ ! 0 if and only if ord.x/ > p 1. Therefore (see
1
Exercise 7-2), the series exp.x/ converges for ord.x/ > p 1.
There is a leisurely, and very detailed, discussion of Qp in the first chapter of Koblitz
19773 .
A SIDE 7.30 Those who have taken a course in commutative algebra will know another method of
completing a local ring R, namely
R0 D lim R=mn D f.an / j an 2 R=mn ; anC1 an mod mn g:
In the case that R is a discrete valuation ring, this definition agrees with the above. There is an
injective homomorphism
R ! R0 ; a 7! .an /; an D a mod n :
We can define a homomorphism R0 ! RO as follows: let .an / 2 R0 , and choose a representative an0
for an in R; then .an0 / is an Cauchy sequence whose equivalence class is independent of the choices
of the an0 , and we can map .an / to .an0 /. It is easy to see that the map R0 ! RO is surjective, and it
follows that it is an isomorphism.
Newton’s lemma
The argument in the above example works much more generally. Let f .X / D X 2 C 1.
Then all we in fact used was that f .X / has a simple root modulo 5.
In the rest of this subsection, A is a complete discrete valuation ring and generates its
maximal ideal (unless we say otherwise).
P ROPOSITION 7.31 Let f .X / 2 AŒX , and let a0 be a simple root of f .X / mod . Then
there is a unique root a of f .X / with a a0 mod .
P ROOF. Suppose we have found an a0 mod such that
f .an / 0 mod nC1 :
Let anC1 D an C h nC1 , h 2 A. We want
f .an C h nC1 / 0 mod nC2 :
Recall (trivial Taylor’s expansion) that, for any polynomial f;
f .c C t/ D f .c/ C t f 0 .c/ C
where f 0 .X / is the formal derivative of f .X /. Then
f .an C h nC1 / D f .an / C h nC1 f 0 .an / C ;

3 Koblitz,
Neal. p-adic numbers, p-adic analysis, and zeta-functions. Graduate Texts in Mathematics, Vol.
58. Springer-Verlag, New York-Heidelberg, 1977.
which we want 0 mod nC2 . Hence we must take h so that

f .an /
hD f 0 .an / 1
mod :
nC1
This is possible because nC1 jf .an / and
f 0 .an / f 0 .a0 / mod ;
which is nonzero, and hence invertible, mod . 2
There is a stronger form of the proposition. Recall Newton’s approximation4 method

for finding a solution to f .x/ D 0, where f is a function of a real variable. Starting from
an a0 such that f .a0 / is small, define a sequence a1 ; a2 ; ::: by putting
anC1 D an f .an /=f 0 .an /:
Often an converges to a root of f .x/. In the above proof, this is what we did, but the same
argument can be made to work more generally.
T HEOREM 7.32 (N EWTON ’ S LEMMA ) Let f .X / 2 AŒX . Let a0 2 A satisfy
jf .a0 /j < jf 0 .a0 /j2 :
Then there is a unique root a of f .X / such that

ˇ ˇ
ˇ f .a0 / ˇ
ja a0 j ˇ 0
ˇ ˇ:
f .a0 /2 ˇ
P ROOF. Define a sequence a0 ; a1 ; : : : by setting
f .an /
anC1 D an
f 0 .an /
and prove that it is a Cauchy sequence converging to a root of f .X /. See, for example,
Milne 2006, 2.12. 2
Proposition 7.31 shows that a simple factor of degree 1 of f .X / mod lifts to a factor
of f .X /. This generalizes.
T HEOREM 7.33 (H ENSEL’ S LEMMA ) Let k be the residue field of A; for f .X / 2 AŒX ,
write fN.X / for the image of f in kŒX . Consider a monic polynomial f .X / 2 AŒX . If
fN.X/ factors as fN D g0 h0 with g0 and h0 monic and relatively prime (in kŒX ), then f
itself factors as f D gh with g and h monic and such that gN D g0 and hN D h0 . Moreover,
g and h are uniquely determined, and .g; h/ D AŒX .
We first prove that .g; h/ D AŒX (such a pair is said to be strictly coprime; in kŒX
strictly coprime just means coprime, i.e., relatively prime).
4 When Newton found his interpolation formula in 1670, ancient Chinese mathematicians had been using
the formula in more sophisticated forms for more than one millennium. He, Ji-Huan, Appl. Math. Comput.
152 (2004), no. 2, 367–371.
NEWTON’S LEMMA 115
L EMMA 7.34 Let A be a local ring with residue field k. If f; g 2 AŒX are such that fN
and gN are relatively prime and f is monic, then .f; g/ D AŒX :
P ROOF. Let M D AŒX =.f; g/. As f is monic, this is a finitely generated A-module. As
.fN; g/
N D kŒX , we have that .f; g/CmAŒX D AŒX and so mM D M . Now Nakayama’s
Lemma (1.9) implies that M D 0: 2
We next prove uniqueness of g and h.

L EMMA 7.35 Let A be a local ring with residue field k. Suppose f D gh D g 0 h0 with
g; h; g 0 ; h0 all monic, and gN D gN 0 , hN D hN 0 with gN and hN relatively prime. Then g D g 0 and
h D h0 :
P ROOF. From the preceding lemma we know that .g; h0 / D AŒX , and so there exist r; s 2
AŒX such that gr C h0 s D 1. Now
g 0 D g 0 gr C g 0 h0 s D g 0 gr C ghs;
and so g divides g 0 . As both are monic and have the same degree, they must be equal. 2
Finally, we prove the existence of g and h. We are given that there exist monic polyno-
mials g0 , h0 2 AŒX such that
f g0 h0 2 AŒX :
Suppose we have constructed monic polynomials gn , hn such that
f gn hn 0 mod nC1 AŒX
and gn g0 , hn h0 mod AŒX : We want to find u, v 2 AŒX such that
f .gn C nC1 u/.hn C nC1 v/ 0 mod nC2 AŒX ;
i.e., we want
.f gn hn / nC1 .uhn C gn v/ 0 mod nC2 AŒX :
Thus we are looking for polynomials u, v in AŒX such that
uhn C gn v .f gn hn /= nC1 mod AŒX :
From (7.34), we know that hn and gn are strictly coprime, and so we can always find such
polynomials u; v:
R EMARK 7.36 An induction argument extends the theorem to show that a factorization of
f into a product of relatively prime polynomials in kŒX lifts to a factorization in AŒX .
For example, in Fp ŒX , X p X splits into p distinct factors, and so it also splits in Zp ŒX .
Hence Zp contains the .p 1/st roots of 1. More generally, if K has a residue field k with
q elements, then K contains q roots of the polynomial X q X. Let S be the set of these
roots. Then
a 7! aW
N S ! k;
is a bijection preserving multiplication (but not, of course, addition) – the elements of S are
called the Teichmüller representatives for the elements of the residue field.
R EMARK 7.37 Theorems 7.32 and 7.33 are both P stronger versions of 7.31. There is in fact
a stronger version of 7.32. For a polynomial h D ci X i , define
khk D max jci j:
Let
f .X / D an X n C an 1X
n 1
C C a0 2 AŒX
have jan j D 1 (i.e., an is a unit). Let g0 .X / and h0 .X / be polynomials in AŒX with
degrees r and s respectively, and suppose that
kf .X / g0 .X /h0 .X /k < j Res.g0 .X /; h0 .X //j2
where Res denotes the resultant. Then f .X / factors in AŒX as the product of a polynomial
of degree r and a polynomial of degree s. The proof follows the same general lines as the
above proofs. In fact, the hypothesis can be replaced by
kf .X / g0 .X /h0 .X /k < jdisc.f /j:
(For this, see Cassels 1986, p107.)

Note that, this gives an algorithm for factoring polynomials in Qp ŒX (for example).
Given f .X /, compute disc.f /. If this is zero, then f and f 0 have a common factor,
which we can find by the Euclidean algorithm. Otherwise ord.disc.f // D m for some m,
and it is enough to consider factorizations of f into polynomials with coefficients in the
finite ring Z=p m Z. Apparently the fastest algorithms for factoring polynomials in ZŒX
begin by factoring in Zp ŒX for an appropriate prime p — computers seem to have no
problem handling polynomials of degree 200. (But Exercise 7-6 shows that there exist
irreducible polynomials in ZŒX of arbitrarily large degree that factor in all the rings Zp ŒX
into polynomials of low degree.)
Extensions of nonarchimedean valuations

We explain how to extend a valuation to a larger field.
T HEOREM 7.38 Let K be complete with respect to a discrete valuation j jK , and let L be a
finite separable extension of K of degree n. Then j j extends uniquely to a discrete valuation
j jL on L, and L is complete for the extended valuation. For all ˇ 2 L;
1=n
jˇjL D j NmL=K ˇjK :
P ROOF. Let A be the discrete valuation ring in K, and let B be its integral closure in L.
Let p be the maximal ideal of A. We know from (3.29) that B is a Dedekind domain, and
the valuations of L extending j jp correspond to the ideals of B lying over p.
Suppose that there are distinct prime ideals P1 and P2 in B dividing p. There will be
a ˇ 2 B such that P1 \ AŒˇ ¤ P2 \ AŒˇ; for example, choose ˇ 2 B such that ˇ 2 P1 ,
ˇ … P2 . Let f .X / be the minimum polynomial of ˇ over K, so that AŒˇ ' AŒX =.f .X //.
Because f .X / is irreducible in AŒX and A is complete, Hensel’s lemma shows that fN.X /
(image of f .X / in kŒX , k D A=p) must be a power of an irreducible polynomial. Then
AŒˇ=pAŒˇ kŒX =.fN.X //

EXTENSIONS OF NONARCHIMEDEAN VALUATIONS 117
is a local ring, which contradicts the fact that AŒˇ has two prime ideals containing p.
Hence j jp extends uniquely to a valuation j j on L:
Clearly, j jp also extends uniquely to the Galois closure L0 of L. For each 2
Gal.L=K/, consider the map L ,! C, ˇ 7! jˇj. This is again a valuation of L, and
so the uniqueness implies that jˇj D jˇj. Now
Y
j Nm.ˇ/j D j ˇj D jˇjn
which implies the formula.

Finally, we have to show that L is complete. Let e1 ; : : : ; en be a basis for B as an
A-module, and let .˛.m// be a Cauchy sequence in L. Write ˛.m/ D a1 .m/e1 C C
an .m/en , with ai .m/ 2 K. For each i , ai .m/ is a Cauchy sequence, and if ai denotes its
df
limit, then ˛ D a1 e1 C C an en is the limit of the sequence ˛.m/: 2
R EMARK 7.39 It is obvious from the criterion (7.2) that a nonarchimedean valuation can
only extend to a nonarchimedean valuation. It is possible to prove (7.38) without assuming
that the valuation j j on K is discrete or even nonarchimedean, but the proof is then com-
pletely different, and much longer — we shall in fact need this in the Chapter 8, and so I
1=n
should have included it. The formula jˇjL D j NmL=K ˇjK shows that j jL is discrete if
and only if j jK is discrete.
C OROLLARY 7.40 Let K be as in the theorem, and let ˝ be a (possibly infinite) separable
algebraic extension of K. Then j j extends in a unique way to a valuation j j on ˝:
P ROOF. The theorem shows that j j extends in a unique way to any finite subextension of
˝, and hence it extends uniquely to ˝: 2
R EMARK 7.41 In the last corollary, the extended valuation is still nonarchimedean, but it
need not be discrete, and ˝ need not be complete. However, the completion of ˝ is again
algebraically closed.
For example as we noted in (7.6), the valuation on the algebraic closure Qpal of Qp
is not discrete, and Exercise 7-7 shows that Qpal is not complete. The completion of Qpal
is often denoted Cp because it plays the same role for the p-adic valuation on Q that C
plays for the real valuation. (In fact Cp C as abstract fields because they are both
algebraically closed, and they both have a transcendence basis with cardinality equal to
that of R. The isomorphism is as far from being canonical as it is possible to get — its
construction requires the axiom of choice.)
C OROLLARY 7.42 Let K and L be as in the theorem; then n D ef where n D ŒL W K, e

is the ramification index, and f is the degree of the residue field extension.
P
P ROOF. We know from (3.34) that n D ei fi . In this case, there is only one prime
dividing p and so the formula becomes n D ef: 2
When e D n, so that pB D Pn , we say that L is totally ramified over K; when f D n,

we say that L is unramified over K:
Note that the valuation ring B of L is the integral closure of the valuation ring A of K:
Many of the results proved above for complete discrete valuation rings hold also for
Henselian local rings (see 4 of my notes Lectures on Etale Cohomology).
R EMARK 7.43 Let K be complete with respect to a discrete valuation, and let L be a finite
extension of K. Let P and p be the maximal ideals in the rings of integers A and B of
K and L. Then pB D Pe where e is the ramification index. Let and ˘ be generators
of p and P. The normalized valuations ordK and ordL on K and L are characterized by
equations:
ordK ./ D 1; ordL .˘ / D 1:
Note that D ˘ e unit, and so
1
ordK D e ordL :
If we denote the extension of ordK to L by ord, then
ord.L / D e 1
Z:
This characterizes the ramification index.
Newton’s polygon
Let K be complete with respect to a discrete valuation. Let ord be the corresponding
additive valuation ordW K Z, and extend ord to a valuation ord W K al ! Q. For a
polynomial
f .X / D X n C a1 X n 1 C C an ; ai 2 K;
define the Newton polygon5 of f .X / to be the lower convex hull of the set of points
def
Pi D .i; ord.ai //, i D 0; :::; n:
In more detail, rotate the negative y-axis counter-clockwise about P0 D .0; 0/ until it hits
a Pi — the first segment of the Newton polygon is the line P0 Pi1 where Pi1 is the point
furthest from P0 on the rotated y-axis. Repeat the process rotating about Pi1 , etc.. The
resulting polygon starts at P0 and ends at Pn ; each of its segments begins and ends at a Pi ;
each Pi either lies on the polygon or is above it; any line joining two points of the polygon
has no point that is below the polygon (this is what we mean by the Newton polygon being
lower convex).
P ROPOSITION 7.44 Suppose that the Newton polygon of f .X / 2 KŒX has segments of
x-length ni and slope si . Then f .X / has exactly ni roots ˛ (in K al / with
ord.˛/ D si :
def Q
Moreover, the polynomial fi .X / D ord.˛i /Dsi .X ˛i / has coefficients in K:
5 Most people write the polynomial a0 C a1 X C C X n when they define Newton polygons. This is
slightly less convenient than the way I do it, but allows you to define the Newton polygon of a power series.
LOCALLY COMPACT FIELDS 119
P ROOF. In proving the first part, we don’t have to assume that f .X / has coefficients in K
Q extension of K will do. Thus it suffices to prove the following statement: let
— any finite
f .X/ D .X ˛j /; if exactly ni of the ˛j ’s have ord.si /, then the Newton polygon of
f .X/ has a segment of slope si and x-length ni .
We prove this by induction on n D deg.f /. If n D 1, then it is obvious. Assume it for
n, and put
g.X / D .X ˛/f .X / D X nC1 C b1 X n C b2 X n 1
C C bnC1 :
Note that bi D ai ˛ai 1 :
C ASE (i). ord.˛/ < s1 . Recall ord.a C b/ minford.a/; ord.b/g, with equality if
ord.a/ ¤ ord.b/. Using this, one finds that
the Newton polygon of g is obtained from that of f by adding a segment of slope ord.˛/
and x-length 1, and moving the Newton polygon of f to start at .1; ord.˛//. This is what
the proposition predicts.
C ASE (ii). ord.˛/ D s1 . In this case, the initial segment of slope s1 is lengthened by 1,
and the rest of the polygon is as before. This is what the proposition predicts.
The remaining cases are similar.
We now prove the second statement. Let ˛ be a root of f .X /, and let m˛ .X / be the
minimum polynomial of ˛. As we saw in the proof of (7.38), ord.˛ 0 / D ord.˛/ for all
conjugates ˛ 0 of ˛, i.e., for all roots of m˛ .X /. Because f .˛/ D 0, m˛ .X /jf .X /, and the
remark just made implies that in fact m˛ .X /jfi .X / where si D ord.˛/. If ˇ is a root of
fi .X/=m˛ .X /, then a similar argument shows that mˇ .X /j.fi =m˛ /. Continuing in this
way, we find that fi .X / is a product of polynomials with coefficients in K. 2
E XAMPLE 7.45 Consider the polynomial

def
f .X / D X 3 C X 2 C 2X 8:
By testing ˙1, ˙2, ˙4, ˙8 (actually, by asking PARI) one sees that this polynomial is
irreducible over Q. The Newton polygon of f relative to ord2 has slopes 0; 1; 2, each with
x-length 1. Therefore f splits in Q2 ŒX , and it has roots ˛1 , ˛2 , ˛3 with ords 0, 1, 2.
Locally compact fields

We now look at the compactness properties of our fields.
P ROPOSITION 7.46 Let K be complete with respect to a nonarchimedean discrete valua-
tion. Let A be the ring of integers in K and let m be the maximal ideal in A. Then A is
compact if and only if A=m is finite.
P ROOF. Let S be a set of representatives for A=m. We have to show that A is compact if
and only if S is finite.
): Clearly m D fx 2 K j jxj < 1g is open in K. As A is the disjoint union of the
open sets s C m, s 2 S , S must be finite if A is compact.
(: Recall that a metric space X is compact if and only if it is complete and totally
bounded (this means that for any r > 0, there is a finite covering of X by open balls of
radius r). But every element of A can be written
s0 C s1 C s2 2 C C sn n C ; si 2 S:
For a fixed n, there are only finitely many sums

s0 C s1 C s2 2 C C sn n ; si 2 S;
and every element of A is within j nC1 j of such an element. 2
C OROLLARY 7.47 Assume that the residue field is finite. Then pn , 1 C pn , and A are all
compact.
P ROOF. They are all closed subsets of A: 2
D EFINITION 7.48 A local field is a field K with a nontrivial valuation j j (as defined at the
start of this section) such that K is locally compact (and hence complete).
R EMARK 7.49 It is possible to give a complete classification of local fields.

(a) Let K be a field that is complete with respect to an archimedean valuation j j; then
K is isomorphic to R or C, and the valuation is equivalent to the usual absolute value (also
a theorem of Ostrowski).6 Thus for archimedean valuations, completeness implies local
compactness.
(b) A nonarchimedean local field K of characteristic zero is isomorphic to a finite exten-
sion of Qp , and the valuation is equivalent to the (unique) extension of the p-adic valuation.
(To prove this, note that, by assumption, K contains Q. The restriction of j j to Q can’t be
the trivial valuation, because otherwise A wouldn’t be compact. Therefore (see 7.12) j j
induces a valuation on Q equivalent to the p-adic valuation for some prime number p. The
closure of Q in K is therefore Qp . If K has infinite degree over Qp , it will not be locally
compact.)
(c) A nonarchimedean local field K of characteristic p ¤ 0 is isomorphic to the field
of formal Laurent series k..T // over a finite field k. The field k..T // is the completion of
k.T / for the valuation defined by the ideal .T / kŒT ; it consists of finite-tailed formal
power series:
1
X
ai T i :
i n
Unramified extensions of a local field

Again K is a field complete with respect to a discrete valuation j j. To avoid problems with
separability, we assume that K and the residue field k are both perfect7 — of course in the
6 Here is a sketch of the proof. The field K contains Q, and the restriction of j j to Q is the usual absolute
value. Therefore K contains R, and after adjoining a square root of 1 (if necessary), we may assume K C.
Let x 2 K r C, and let c be the closest element of C to x. Replace x with x c, so that now jx zj jxj
for all z in C. It follows that
jx n z n j D jx zjjx zjjx 2 zj jx zjjxjn 1
;
where is a primitive nth root of 1:
On choosing jzj < 1 and letting n ! 1, we find that jxj jx zj. Hence jx zj D jxj and so (taking x z
in place of x) jx 2zj D jxj, and thus (repeating the argument) jx nzj D jxj, contradicting the archimedean
property.
7 When k is not perfect, we should define L=K to be unramified if (a) the ramification index is 1, and (b)
the residue field extension is separable. These conditions imply that L=K is separable. With this definition,
(7.50) continues to hold without K and k being assumed to be perfect
UNRAMIFIED EXTENSIONS OF A LOCAL FIELD 121
case we are particularly interested in, K has characteristic zero and k is finite. Let A be the
discrete valuation ring in K corresponding to j j:
If L is an algebraic (possibly infinite) extension of K, we can still define
B D f˛ 2 L j j˛j 1g
p D f˛ 2 B j j˛j < 1g
and call B=p the residue field of L.
P ROPOSITION 7.50 Let L be an algebraic extension of K, and let l be the residue field
of L. The map K 0 7! k 0 sending an unramified extension K 0 of K contained in L to its
residue field k 0 is a one-to-one correspondence between the sets
fK 0 L, finite and unramified over Kg $ fk 0 l, finite over kg:
Moreover:
(a) if K 0 $ k 0 and K 00 $ k 00 , then K 0 K 00 ” k 0 k 00 I
(b) if K 0 $ k 0 , then K 0 is Galois over K if and only if k 0 is Galois over k, in which case
there is a canonical isomorphism
Gal.K 0 =K/ ! Gal.k 0 =k/:
P ROOF. Let k 0 be a finite extension of k. We can write it k 0 D kŒa. Let f0 .X / be the

minimum polynomial of a over k, and let f .X / be any lifting of f0 .X / to AŒX . As a is
a simple root of f0 .X /, Newton’s lemma (7.31) shows that there is a (unique) ˛ 2 L such
def
that f .˛/ D 0 and ˛ a mod p. Now K 0 D KŒ˛ has residue field k 0 . Thus K 0 7! k 0
is surjective. Suppose that K 0 and K 00 are unramified extensions of K in L with the same
residue field k 0 . Then K 0 K 00 is an unramified extension of K (see 6.5 and 6.6b) with
residue field k 0 . Hence
ŒK 0 K 00 W K D Œk 0 W k D ŒK 0 W K;
and so K 00 D K 0 .
Statement (a) is obvious.
Assume K 0 is Galois over K; then Gal.K 0 =K/ preserves A0 (the valuation ring in K 0 /
and its maximal ideal, and so we get a map Gal.K 0 =K/ / Aut.k 0 =k/. Write k 0 D kŒa,
and let g.X / 2 AŒX be such that g.X N / 2 kŒX is the minimum polynomial of a. Let
˛ 2 A0 be the unique root of g.X / such that ˛N D a. Because K 0 is Galois over K, g.X /
splits in A0 ŒX , and this implies that g.X
N / splits in k 0 ŒX , and so k 0 is Galois over k. Let
0 0
f D Œk W k D ŒK W K, and let ˛1 ; : : : ; ˛f be the roots of g.X /. Then
f˛1 ; :::; ˛f g D f ˛ j 2 Gal.L=K/g:
N / is separable, the ˛i are distinct modulo p, and this shows that the image of the
Because g.X
map Gal.K 0 =K/ / Gal.k 0 =k/ has order f , and hence is an isomorphism. Conversely,
suppose k =k is Galois. Again write k 0 D kŒa, and ˛ 2 A0 lift a. It follows from Hensel’s
0
lemma that A0 contains the conjugates of ˛, and hence that K 0 is Galois over K. 2
C OROLLARY 7.51 There is a field K0 L containing all unramified extensions of K in

L (called the largest unramified extension of K in L/: In fact, it is obtained from K by
adjoining all roots of 1 of order prime to the characteristic of k.
P ROOF. This is an obvious consequence of the theorem. 2
C OROLLARY 7.52 The residue field of K al is k al ; there is a subfield K un of K al such that

a subfield L of K al , finite over K, is unramified if and only if L K un . (Recall that we are
assuming k and K to be perfect.)
P ROOF. Let f0 .X / be any polynomial in kŒX , and let f .X / be any lift of f0 .X / to AŒX .
Then K al contains all the roots of f .X /, and so the residue field k 0 of K al contains all the
roots of f0 .X /. Hence k 0 is algebraic over k, and every polynomial in kŒX splits in k 0 , and
so it must be the algebraic closure of k. 2
R EMARK 7.53 For those familiar with the language of category theory, we can be a little
more precise: there is an equivalence between the category of finite unramified extensions
of K and the category of finite (separable) extensions of k:
E XAMPLE 7.54 Let K be a local field of characteristic zero (hence a finite extension of Qp
for some p), and let q be the order of the residue field k of K:
Recall from (FT 4.18) that, for each n, there is an extension kn of k of degree n, and
n
that kn is unique up to k-isomorphism; it is the splitting field of X q X. The Galois
group Gal.kn =k/ is a cyclic group of order n, having as canonical generator the Frobenius
element x 7! x q :
Therefore, for each n, there is an unramified extension Kn of K of degree n, and it
n
is unique up to K-isomorphism; it is the splitting field of X q X; the Galois group
Gal.Kn =K/ is a cyclic group of order n, having as canonical generator the Frobenius
element which is determined by the property
ˇ ˇ q (mod p/;
all ˇ 2 B. (Here B is the discrete valuation ring in Kn , and p is the nonzero prime ideal in
B.)
Totally ramified extensions of K

Let K be a complete discretely-valued nonarchimedean field, and let be a local uniformiz-
ing parameter for K. A polynomial f .X / 2 KŒX is said to be Eisenstein if it is Eisenstein
for the maximal ideal of the ring of integers in K, i.e., if
f .X / D a0 X n C a1 X n 1
C C an ; with ja0 j D 1; jai j < 1; jan j D jj:
Equivalently,
ord.a0 / D 0; ord.ai / > 0; ord.an / D 1;
for the normalized additive valuation. Equivalently, the Newton polygon of f .X / has only
one segment, which has slope n1 , n D deg f . Eisenstein polynomials allow us to give an
explicit description of all totally ramified extensions of K:
P ROPOSITION 7.55 Let L be a finite extension of K. Then L=K is totally ramified if and
only if L D KŒ˛ with ˛ a root of an Eisenstein polynomial.
RAMIFICATION GROUPS 123
P ROOF. (: Suppose L D KŒ˛ with ˛ a root of an Eisenstein polynomial f .X / of degree

n. If ord is the extension of the normalized discrete (additive) valuation on K to L, then
ord.˛/ D 1=n. This implies that the ramification index of L=K is n. But it can’t be
greater than n, and so it is exactly n — L is totally ramified over K. (Compare the proof of
6.2.)
): Suppose L is a totally ramified extension of K of degree n. Let ˛ be a generator
of the maximal ideal in the ring of integers in L; thus ord.˛/ D 1=n if ord extends the
normalized discrete valuation on K. The elements 1; ˛; :::; ˛ n 1 represent different cosets
of ord.K / in ord.L /, and so it is impossible to have a nontrivial relation
n 1
a0 C a1 ˛ C C an 1˛ D 0; ai 2 K
(because of 7.11). Hence L D KŒ˛. The elements 1; ˛; : : : ; ˛ n 1; ˛n are linearly depen-

dent over K, and so we have a relation:
˛ n C a1 ˛ n 1
C C an D 0; ai 2 K:
Applying (7.11) again, we see that the minimum ord of a summand must be attained for two
terms. PThe only way this can happen is if ord.ai / > 0 for all i and ord.an / D ord.˛ n / D 1,
i.e., if ai X i is an Eisenstein polynomial. 2
R EMARK 7.56 Let L be a finite totally ramified extension of K. Let A and B be the
discrete valuation rings in K and L, and let and ˘ be a prime elements in A and B. I
claim that B D AŒ˘ . The argument is the same as in the proof of 6.2 (see also Exercise
6-1). Because B and A have the same residue field,
AŒ˘ C ˘B D B:
The discriminant of 1; ˘; ˘ 2 ; : : : is a unit m for some m, and so
pc B AŒ˘ B
for some c. As before, these two conditions suffice to imply that B D AŒ˘ :
Ramification groups
Let L be a finite Galois extension of K, and assume that the residue field k of K is perfect.
def
As we have noted, G D Gal.L=K/ preserves the valuation on L. In particular, it preserves
B D f˛ 2 L j j˛j 1g; p D f˛ 2 L j j˛j < 1g:
Let ˘ be a prime element of L (so that p D .˘ //. We define a sequence of subgroups

G G0 G1 by the condition:
2 Gi ” j ˛ ˛j < j˘ ji , all ˛ 2 B:
The group G0 is called the inertia group, the group G1 is called the ramification group,
and the groups Gi , i > 1, are called the higher ramification groups of L over K:
L EMMA 7.57 The Gi are normal subgroups of G, and Gi D f1g for i large enough.
P ROOF. For ; 2 G,
1
j ˛ ˛j D j . ˛/ . ˛/j
(because jxj D j xj). As ˛ runs through B, so also does ˛, and so 1 2 Gi exactly
when does. This proves that Gi is normal.
If ¤ 1, then ˛ ¤ ˛ for some ˛ 2 B. Hence … Gi as soon as j ˛ ˛j j˘ ji : 2
T HEOREM 7.58 Let L=K be a Galois extension, and assume that the residue field exten-
sion l=k is separable.
(a) The fixed field of G0 is the largest unramified extension K0 of K in L, and
G=G0 D Gal.K0 =K/ D Gal.l=k/:
(b) For i 1, the group
Gi D f 2 G0 j j˘ ˘ j < j˘ ji g:
P ROOF. (a) Let K0 be the largest unramified extension in L (see 7.51). Then K0 is also
unramified, and so it is contained in K0 . Thus K0 is Galois over K, and the canonical map
Gal.K0 =K/ ! Gal.l=k/ is an isomorphism (see 7.50). By definition G0 is the kernel of
G ! Gal.l=k/, and so K0 is its fixed field.
(b) Let A0 be the discrete valuation ring in K0 . Then B D A0 Œ˘ (by 7.54). Since G0
leaves A0 fixed, in order to check that 2 Gi it suffices to check that j ˛ ˛j < j˘ ji for
the element ˛ D ˘: 2
C OROLLARY 7.59 We have an exhaustive filtration G G0 such that

G=G0 D Gal.l=k/I
G0 =G1 ,! l I
Gi =Gi C1 ,! l:
Therefore, if k is finite, then Gal.L=K/ is solvable.
P ROOF. Let 2 G0 ; then ˘ is also a prime element and so ˘ D u˘ with u a unit in

B. The map 7! u mod p is a homomorphism G0 ! l with kernel G1 :
Let 2 Gi . Then j˘ ˘ j j˘ jiC1 , and so ˘ D ˘ C a˘ i C1 some a 2 B. The
map 7! a (mod p/ is a homomorphism Gi ! l with kernel Gi C1 : 2
An extension L=K is said to be wildly ramified if pje where p D char.k/. Otherwise

it is said to be tamely ramified. Hence for a Galois extension
L=K is unramified ” G0 D f1g;
and
L=K is tamely ramified ” G1 D f1g:
KRASNER’S LEMMA AND APPLICATIONS 125
Krasner’s lemma and applications

Again let K be complete with respect to a discrete nonarchimedean valuation j j, and extend
the valuation (uniquely) to a valuation on K al . It is clear from our discussion of unramified
extensions of K that roots of distinct polynomials f .X / and g.X / will often generate the
same extension of K; in fact, this will be true if fN D gN and both are irreducible in kŒX .
Krasner’s lemma and its consequences show that the roots of two polynomials will generate
the same extension if they are sufficiently close.
P ROPOSITION 7.60 (K RASNER ’ S L EMMA ) Let ˛; ˇ 2 K al , and assume that ˛ is separa-

ble over KŒˇ. If ˛ is closer to ˇ than to any conjugate of ˛ (over K/, then KŒ˛ KŒˇ:
P ROOF. Let be an embedding of KŒ˛; ˇ into K al fixing KŒˇ. By Galois theory, it

suffices to show that ˛ D ˛. But
j ˛ ˇj D j ˛ ˇj D j˛ ˇj
because ˇ D ˇ and j j D j j. Hence
j ˛ ˛j D j ˛ ˇCˇ ˛j j˛ ˇj:
Since ˛ is a conjugate of ˛ over K, the hypothesis now implies that ˛ D ˛: 2
P Now assume K has characteristic zero (to avoid complications). As before, for h.X / D
ci X i , we define khk D maxfjci jg. Note that if h.X / varies in a family of monic polyno-
mials for which khk remains bounded, then the maximum value of a root of h is bounded;
in fact, if X
ci ˇ i D 0;
we must have jˇ n j jcj ˇ j j for some j < n, and so jˇjn j jcj j:

Fix a monic irreducible polynomial f .X / in KŒX , and let
Y
f .X / D .X ˛i /; ˛i 2 K al :
The ˛i must be distinct. Let g.X / be a second monic polynomial in KŒX , and suppose
that kf gk is small. For any root ˇ of g.X /, jf .ˇ/j D j.f g/.ˇ/j is small (because
kf gk small implies that kgk is bounded, and hence jˇj is bounded). But
Y
jf .ˇ/j D jˇ ˛i j:
In order for this to be small, at least one term jˇ ˛i j must be small. By taking kf gk
small enough, we can force ˇ to be closer to one root ˛i than ˛i is to any other ˛j . That is,
we can achieve:
jˇ ˛i j < j˛i ˛j j, all j ¤ i:
In this case, we say that ˇ belongs to ˛i . Krasner’s lemma then says that KŒ˛i KŒˇ,
and because f and g have the same degree, they must be equal. We have proved:
P ROPOSITION 7.61 Let f .X / be a monic irreducible polynomial of KŒX . Then any

monic polynomial g.X / 2 KŒX sufficiently close to f .X / is also irreducible, and each
root ˇ of g.X / belongs to some root ˛ of f .X /. For such a root KŒ˛ D KŒˇ.
C OROLLARY 7.62 Let K be a finite extension of Qp . Then there is a finite extension L of

Q contained in K such that ŒLW Q D ŒKW Qp and L Qp D K:
P ROOF. Write K D Qp Œ˛, and let f .X / be the minimum polynomial of ˛ over Qp .

Choose g.X / 2 QŒX sufficiently close to f .X /, and let L D QŒˇ for ˇ a root of g.X /
belonging to ˛: 2
Fix a monic polynomial f in KŒX , and let ˛1 ; ˛2 ; : : : be its roots in K al . As a second

monic polynomial g in KŒX approaches f , each root ˇi of g approaches some root ˛j.i / of
f , and the function i 7! j.i / doesn’t change once g is close. Let fs .X / be the polynomial
with roots the ˛j.i / (possibly with repetitions). Then, when g is close to f , it is close to fs
because each of its roots is close to the corresponding root of fs . But if we choose g to be
closer to f than f is to any possible fs , this will be impossible. We have proved:
P ROPOSITION 7.63 Assume K is of characteristic zero. If two monic irreducible polyno-

mials f and g are sufficiently close, then each root of g will belong to exactly one root of
f , and so
fKŒ˛ j ˛ a root of f g D fKŒˇ j ˇ a root of gg:
P ROPOSITION 7.64 Assume K has characteristic zero and has finite residue field. Then,
up to isomorphism, there are only finitely many totally ramified extensions of Qp of a given
degree.
P ROOF. We fix an n and show that there are only finite many extensions of degree n.
Each point of
.a1 ; :::; an / 2 p p p A
defines an Eisenstein polynomial of degree n, namely,
f .X / D X n C a1 X n 1
C C an ;
and hence a finite set of totally ramified extensions of degree n, namely, those generated by
the roots of f .X /. According to the last proposition, each point of p p p A
has a neighbourhood such that the points in the neighbourhood all give the same extensions
of K. In (7.47) we showed that the factors of p p p A are compact, hence the
product is compact, and so a finite number of these neighbourhoods will cover it. 2
R EMARK 7.65 We proved above that

(a) every finite extension L of K contains a largest unramified extension of K;
(b) for each m 1, there is an unramified extension of degree m of K, and any two such
extensions are K-isomorphic.
Fix an n; then each extension L of K of degree n can be realized as a totally ramified
extension of degree n=m of the (unique) unramified extension of degree m, some m dividing
n. Clearly there are only finitely many such L’s (up to K-isomorphism).
EXERCISES 127
Exercises
7-1 Let j j1 , : : : , j jn be the valuations on a number field K corresponding to distinct
prime ideals pi , and let a1 ; : : : ; an be elements of K. Let d be a common denominator for
the ai (so that dai 2 OK ). Show that, for any " > 0, there is an element a 2 K such that
ja ai ji < " for i D 1; : : : ; n and jaj 1=jd j for all valuations j j corresponding to prime
ideals other than the pi .
Hint: Apply the Chinese Remainder Theorem to the dai .
7-2 Let j j be nonarchimedean valuation on a field K.

(a) Define an open disk with radius r and centre a to be
D.a; r/ D fx 2 K j jx aj < rg:
Prove that D.a; r/ D D.b; r/ for any b 2 D.a; r/. Deduce that if two disks meet, then the
large disk contains the smaller. P
(b) Assume K to be complete. Show that the series an converges if and only if
an ! 0.
(This problem illustrates the weirdness of the topology defined by a nonarchimedean valu-
ation.)
7-3 For which a 2 Z is 7X 2 D a solvable in Z7 ? For which a 2 Q is it solvable in Q7 ?
7-4 (a) Show that .X 2 2/.X 2 17/.X 2 34/ has a root in Zp for every p.
(b) Show that 5X 3 7X 2 C 3X C 6 has a root ˛ in Z7 with j˛ 1j7 < 1. Find an
a 2 Z such that j˛ aj7 7 4 .
7-5 Find all the quadratic extensions of Q2 . Hint: there are exactly 7 (up to isomorphism).
p
7-6 Let p1 ; : : : ; pm be distinct prime numbers, and let ˛i D p. Let K D QŒ˛1 ; : : : ; ˛m .
Show that ŒKW Q D 2m . Let D
P
˛i . Show that K D QŒ , and deduce that the mini-
mum polynomial f .X / of over Q has degree 2m . Show that f .X / factors in Zp ŒX into
a product of polynomials of degree 4 (p ¤ 2) or of degree 8 (p D 2).
7-7 Fix an algebraic closure Qpal of Qp , and for each n prime to p, let n be a primitive
nth root of 1. Show that a finite extension K of Qp can contain only finitely many n ’s.
Deduce that the Cauchy sequence n p n does not converge to an element of Qpal .
P
7-8 (a) Find two monic polynomials of degree 3 in Q5 ŒX with the same Newton polygon,
but with one irreducible and the other not.
(b) Find a monic irreducible polynomial in ZŒX of degree 6 which factors in Q5 ŒX
into a product of 3 irreducible polynomials of degree 2.
Chapter 8
Global Fields
A global field an algebraic number field (finite extension of Q/ or a function field in one
variable over a finite field (finite extension of Fq .T / for some q/. We are mainly interested
in the number field case.
Extending valuations
Let K be a field with a valuation j j (archimedean or discrete nonarchimedean), and let L
be a finite separable extension of K. When K is complete, we know that there is a unique
extension of j j to L (see 7.38, 7.39), and we want to understand the extensions when K is
not complete.
Write L D KŒ˛, and let f .X / be the minimum polynomial of ˛ over K. Let j j0 be
an extension of j j to L. Then we can form the completion L O of L with respect to j j0 , and
obtain a diagram:

L /L
O

/ KO
K
Then LO D KŒ˛
O O
because KŒ˛ is complete, being finite over K,O and contains L. Let g.X /
be the minimum polynomial of ˛ over K. O Since f .˛/ D 0, g.X /jf .X /, and so with each
O .
extension of j j, we have associated an irreducible factor of f .X / in KŒX
O O
Conversely, let g.X / be a monic irreducible factor of f .X / in KŒX , and let KŒx D
O
KŒX=.g.X //. Then we obtain a diagram:

L / KŒx
˛7!x O

K / KO
According to (7.38, 7.39), the valuation on KO extends uniquely to KŒx,

O and this induces a
valuation on L extending j j.
These two operations are inverse, and so we have proved the following result:
128
EXTENDING VALUATIONS 129
P ROPOSITION 8.1 Let L D KŒ˛ be a finite separable extension of K, and let f .X / be

the minimum polynomial of ˛ over K. Then there is a natural one-to-one correspondence
O .
between the extensions of j j to L and the irreducible factors of f .X / in KŒX
There is a more canonical way of obtaining the completions of L for the various exten-
sions of j j.
P ROPOSITION 8.2 Let j j be a valuation on K (archimedean or discrete nonarchimedean)

and let L be a finite separable extension of K. Let KO be the completion of K with respect
to j j. Then j j has finitely many extensions j j1 ; : : : ; j jg to L; if Li denotes the completion
of L with respect to the valuation j ji , then
L ˝K KO ' giD1 Li :
Q
(18)
P ROOF. Since L is separable over K, L D KŒ˛ ' KŒX =.f .X // for a primitive element
O as
˛ 2 L and its minimum polynomial f .X /. Suppose f .X / factors in KŒX
f .X / D f1 .X / f2 .X / fg .X /
with fi .X / monic and irreducible. Then (see 1.18)
L ˝K KO D KŒ˛ ˝K KO KŒX
O =..f .X // ' O =.fi .X //
Q
KŒX
and so the proposition follows from (8.1). Denote the canonical map from L into its com-
pletion by a 7! ai , and denote the canonical extension of K ! Li to KO by b 7! b; then
the map (18) is a ˝ b 7! .a1 b; : : : ; ag b/. 2
R EMARK 8.3 Suppose now that K is a number field, that OL D OK Œ˛, and that j j D j jp
for some prime ideal p in OK . Because fi .X / is irreducible in KŒX O , Hensel’s lemma
shows that, modulo pO , fi .X / is a power of an irreducible polynomial, say,
fNi .X / D gi .X /ei :
Then
fN.X / D giD1 gi .X /ei ;
Q
and (3.41) tells us that Q e

pOL D Pi i ; Pi D .p; gi .˛//:
The valuations extending j jp correspond to the primes Pi , and so the two descriptions of
the extensions agree.
C OROLLARY 8.4 In the situation of the Proposition, for any element ˛ 2 L;

Q P
NmL=K .˛/ D NmL =KO .˛/; TrL=K .˛/ D TrL =KO .˛/:
i i
(in the i th factor or summand on the right, ˛ is regarded as an element of Li /:
P ROOF. By definition the norm and trace of ˛ are the determinant and trace of the K-linear
map x 7! ˛xW L ! L. These don’t change when L is tensored with K, O and it easy to see
that norms and traces in products break up into products and sums respectively. 2
130 CHAPTER 8. GLOBAL FIELDS
E XAMPLE 8.5 According to PARI
f .X / D X 6 C 5X 5 C 5X 3 C 25X C 125
is irreducible in QŒX . Its Newton polygon for ord5 has three segments of x-lengths 3, 2, 1
respectively, and so it has at least three factors in Q5 . The discriminant of f .X / is
24 511 .59/.365587/;
and so according to (7.37), to find the number of factors of f .X / in Q5 ŒX , it suffices to

factor in modulo 511 . Better, according to Pari, f .X / has exactly 3 irreducible factors in
Q5 ŒX, namely,
X C 5 C 4 52 C 2 53 C O.54 /

X 2 C 3 52 X C .5 C 52 C 3 53 / C O.54 /

X 3 C .3 52 C 53 /X 2 C 4 5 C 3 52 X C 5 C O.54 /

(Type factorpadic(f,p,r) where r is the precision required.)

Suppose have a factorization
f .X / D f1 .X /f2 .X /f3 .X /
cj ˛ j to ˇi D
P
(to whatever degree of accuracy we wish). To compute jˇji , map ˇ D
P j def
cj ˛i 2 Li D Q5 Œ˛i , ˛i a root of fi .X /, and use that
1= deg fi
jˇji D jˇi ji D j NmLi =Q5 ˇji :
The product formula

Before proving the product formula for a number field, we need one extra fact for local
fields.
Let K be a local field with normalized valuation j j. Recall that this means that j j
is the usual absolute value if K is R, the square of the usual valuation if K is C, and
jaj D .1=Np/ord.a/ if the valuation is defined by a prime ideal p.
Let L be a finite separable extension of K, and let j j be the unique extension of j j to
L. Let k k be the normalized valuation on L corresponding to j j. What is the relation of
k k to j j?
L EMMA 8.6 In the above situation, kak D jajn , where n D ŒLW K.
P ROOF. When K is archimedean, there are only two cases to consider, and both are obvi-
ous. Thus, assume K is nonarchimedean. Since, by assumption, k k D j jc for some c, we
only have to check that the formula holds for a prime element of K. Let ˘ be a prime
element of L, and let P D .˘ / and p D ./; then D .unit/ ˘ e , and so
kk D k˘ e k D .1=NP/e D .1=Np/ef D jjn ;
as required.
Alternatively, use (7.43). For a 2 K, we have
def ordL a .7:43/
kak D NP D .Npf / eordK a
D jajef D jajn : 2
THE PRODUCT FORMULA 131
P ROPOSITION 8.7 Let L=K be a finite extension of number fields. For any prime v of K
and ˛ 2 L; Y
k˛kw D k NmL=K ˛kv :
wjv
Here k kw and k kv denote the normalized valuations for the primes w and v:
P ROOF. Let j ji , i D 1; 2; : : : ; g, be the extensions of k kv to L, and let k ki be the

normalized valuation corresponding to j ji . Then
8:4 Qg Qg
k NmL=K ˛kv D k i D1 NmLi =KO ˛kv D iD1 k NmLi =KO ˛kv
7:38 Qg n.i / 8:6 Qg
D i D1 j˛ji D i D1 k˛kw ;
O
where ni D ŒLi W K. 2
T HEOREM 8.8 (P RODUCT FORMULA ) Let K be an algebraic number field; for all nonzero
˛ 2 K; Q
w k˛kw D 1;
where the product is over the primes of K and k kw is the normalized valuation for the
prime w:
P ROOF. We have
Q Q Q Q
w k˛kw D v wjv k˛kw / D v k Nm ˛kv
where v runs through the primes 2; 3; 5; 7; :::; 1 of Q. The last product is 1 by (7.13). 2
A SIDE 8.9 E. Artin and Whaples (1946)1 proved that global fields can be characterized axiomat-
ically. Let K be a field with a set V of primes (equivalence classes of valuations) satisfying the
following axioms.
A XIOM I. There is a set of representatives j jv for the primes such that, for any nonzero a 2 K,
jajv ¤ 1 for only finitely many v and
Y
jajv D 1 (product over all v 2 V/:
v
A XIOM II. There exists at least one prime v for which Kv is a local field.
Then K is a global field, and V consists of all the primes for K: They then derived the main theorems
(unit theorem and finiteness of the class number) directly from the axioms, thereby avoiding the use
of either ideal theory or the Minkowski theory of lattice points.
Throughout his career, E. Artin promoted the idea that if only one could understand the similar-
ities between function fields and number fields sufficiently well, then one could transfer proofs from
function fields to number fields (e.g. the proof of the Riemann hypothesis!). This hasn’t worked
as well as he hoped, but the analogy has still been very fruitful. In the above paper, he suggested
one should develop number theory and class field theory as much as possible working only from the
axioms.
1 Artin, Emil; Whaples, George.Axiomatic characterization of fields by the product formula for valuations.
Bull. Amer. Math. Soc. 51, (1945). 469–492. Reprinted in: Artin, Emil. Exposition by Emil Artin: a selection.
Edited by Michael Rosen. History of Mathematics, 30. American Mathematical Society, Providence, RI;
London Mathematical Society, London, 2007. x+346 pp.
Decomposition groups
Let L be a finite Galois extension of a number field K, and let G D Gal.L=K/. For a
valuation w of L, we write w for the valuation such that j ˛j w D j˛jw , i.e., j˛j w D
j 1 ˛jw . For example, if w is the prime defined by a prime ideal P, then w is the prime
defined by the prime ideal P, because
1
j˛j w < 1 ” ˛ 2 P ” ˛ 2 P:
The group G acts on the set of primes of L lying over a fixed prime v of K, and we define
the decomposition (or splitting) group of w to be the stabilizer of w in G; thus
Gw D f 2 G j w D wg:
Equivalently, Gw is the set of elements of G that act continuously for the topology defined
by j jw . Each 2 Gw extends uniquely to a continuous automorphism of Lw . Note that
G w D G w 1 :
P ROPOSITION 8.10 The homomorphism Gw ! Gal.Lw =Kv / just defined is an isomor-

phism.
P ROOF. Clearly the map is injective, and so .Gw W 1/ ŒLw W Kv . The valuation w
has decomposition group Gw 1 , which has the same order as Gw , and so we also have
.Gw W 1/ ŒL w W Kv . The number of distinct ws dividing v is .G W Gw /, and so
X .8:2/
.G W 1/ D .G W Gw /.Gw W 1/ ŒL w W Kv ŒL W K:
2G=Gw
Hence equality holds: .Gw W 1/ D ŒLw W Kv (and G acts transitively on the primes
dividing v, which we knew already from the proof of 3.34). 2
Let D.P/ (or G.P/) be the decomposition group of P, so that D.P/ D Gal.LP =Kp /,
and let I.P/ D.P/ be the inertia group. We have the following picture:
P L — LP
je je
I.P/
PI LI.P/ — LP — l
jf jf j D.P/=I.P/
PD LD.P/ — Kp — k
jg
p K
Here:
PI D P \ LI.P/ , PD D P \ LD.P/ , p D P \ KI
the fields in the second column are the completions of those in the first;
the fields in the third column are the residue fields of those in the second.
DECOMPOSITION GROUPS 133
P ROPOSITION 8.11 (a) The only prime ideal of L lying over PD is P:

(b) The prime ideal PD is unramified in LI , and f .PI =PD / D f .P=p/:
(c) The prime ideal PI is totally ramified in L, and e.P=PI / D e.P=p/:
(d) If D.P/ is normal in G, then
Q
pOLD D PD
where the product is over a set of representatives for G=D.P/.
P ROOF. (a) Because L is Galois over LD.P/ , its Galois group D.P/ acts transitively on the
set of prime ideals of L lying over PD . Thus (a) is obvious from the definition of D.P/.
(b), (c), (d) are similarly straightforward. 2
The diagram, and the proposition, show that we can construct a chain of fields
L LI LD K
such that all the ramification of P over p takes place in the top extension, all the residue
field extension takes place in the middle extension, and, when LD is normal over K, all the
splitting takes place in the bottom extension. One should be a little careful about the last
assertion when D.P/ is not normal in G; all we know in general is that
p OLD D Pei i , P1 D PD
Q
with e1 D 1 D f1 (i.e., in general p will not split completely in LD /:
R EMARK 8.12 Let L be a Galois extension of Q, with Galois group G. Suppose that
OL D ZŒ˛ for some ˛ 2 L. Let f .X / be the minimum polynomial of ˛ over Q, and write
fN.X/ for f .X / modulo p. Choose an irreducible factor g1 .X / of fN.X /, and let g1 .X /e1
be the largest power of g1 .X / dividing fN.X /. According to Hensel’s lemma, g1 .X /e1 lifts
to an irreducible factor f1 .X / of f .X / in Qp ŒX , which can be found to any desired degree
of accuracy by factoring f .X / modulo a high power of p (essentially using the method of
proof of Hensel’s lemma). Let P1 D .p; h1 .˛// for any lifting h1 of g1 to ZŒX . Then
D.P1 / D f 2 G j P1 D P1 g;
which can be computed easily (provided G has been found explicitly as a subgroup of the
symmetric group on the set of roots of f .X /). Let ˛N be the image of ˛ in OL =P1 D Fp Œ˛.
N
Then g1 .X / is the minimum polynomial of ˛N over Fp , and I.P1 / is the subgroup of D.P1 /
N Finally D.P1 /=I.P1 / D Gal.Fp Œ˛=F
fixing ˛. N p /.
Consider a tower of fields

1 M P
j
H L PL
j
G K p
Assume M is Galois over K with Galois group G, and that H is the subgroup of G fixing
L: (Recall D.P/ and G.P/ are two notations for the same object.)
P ROPOSITION 8.13 Let P be a prime ideal in OM , and let PL D P \ L:

(a) The decomposition group H.P/ of P over L is G.P/ \ H:
(b) Suppose further that H is a normal subgroup of G, so that G=H is the Galois group
of L=K. The decomposition group of PL over K is the image of G.P/ in G=H:
P ROOF. (a) Clearly
H.P/ D f 2 G j 2 H; P D Pg D H \ G.P/:
(b) This is equally obvious. 2
The Frobenius element

Let L=K be a Galois extension of number fields with Galois group G. Given an ideal P
of L that is unramified in L=K we define the Frobenius2 element D .P; L=K/ to be the
element of G.P/ that acts as the Frobenius automorphism on the residue field. Thus is
uniquely determined by the following two conditions:
(a) 2 G.P/, i.e., P D PI
(b) for all ˛ 2 OL , ˛ ˛ q mod P, where q is the number of elements the residue field
OK =p, p D P \ K:
We now list the basic properties of .P; L=K/:
8.14 Let P be a second prime dividing p, 2 G. Then G.P/ D G.P/ 1, and

1
.P; L=K/ D .P; L=K/ :
P ROOF. Let ˛ 2 OL ; then

1 1
.˛/ D .. ˛/q C a/, some a 2 P, and
1
.. ˛/q C a/ D ˛ q C a ˛ q mod P: 2
Thus if Gal.L=K/ is abelian, then .P; L=K/ D .P0 ; L=K/ for all primes P, P0 divid-
ing p, and we write .p; L=K/ for this element. If Gal.L=K/ is not abelian, then
f.P; L=K/ j Pjpg
is a conjugacy class in G, which (by an abuse of notation) we again denote .p; L=K/.
Thus, for a prime p of K, .p; L=K/ is either an element of Gal.L=K/ or a conjugacy class
depending on whether Gal.L=K/ is abelian or nonabelian.
2 Here is a direct proof of the existence of the Frobenius element. Let L=K be a finite Galois extension
of number fields with Galois group G, and let P be a prime ideal of OL (not necessarily unramified). By the
Chinese remainder theorem, there existsQan element ˛ of OL such that ˛ generates the group .OL =P/ and lies
in P for all … G.P/. Let F .X/ D 2G .X ˛/. Then F .˛/ 0 mod P, and so F .˛ q / F .˛/q 0
mod P. Therefore ˛ q ˛ mod P for some 2 G. If … G.P/, then 1 P ¤ P, and so ˛ 2 1 P; but
then ˛ q ˛ 0 mod P, which is a contradiction. Thus 2 G.P/. Every element of OL can be written
D ˛ i C ˇ, with ˇ 2 P, and so
.˛ i / ˛ i q q mod P:
EXAMPLES 135
8.15 Consider a tower of fields

M Q
j
L P
j
K p
and assume that Q is unramified over p; then
.Q; M=K/f .P=p/ D .Q; M=L/:
P ROOF. Let k.Q/ k.P/ k.p/ be the corresponding sequence of residue fields. Then
f .P=p/ D Œk.P/ W k.p/, and the Frobenius element in Gal.k.Q/=k.P// is the f .P=p/th
power of the Frobenius element in Gal.k.Q/=k.p//: 2
8.16 In (8.15), assume that L is Galois over K; then
.Q; M=K/jL D .P; L=K/:
P ROOF. Obvious. 2
Let L1 and L2 be Galois extensions of K contained in some field ˝, and let M D

L1 L2 . Then M is Galois over K, and there is a canonical homomorphism
7! . jL1 ; jL2 /W Gal.M=K/ / Gal.L1 =K/ Gal.L2 =K/
which is injective.
8.17 Under the above map,
.Q; M=K/ 7! .P1 ; L1 =K/ .P2 ; L2 =K/:
P ROOF. This follows from (8.16). 2
Note that p splits completely in L if and only if .P; L=K/ D 1 for one (hence all)
primes P lying over it. Hence, in the situation of (8.17), p splits completely in M if and
only if it splits completely in L1 and L2 :
Examples
We find the Frobenius maps for quadratic and cyclotomic fields, and obtain a surprisingly
simple proof of the quadratic reciprocity law.
E XAMPLE 8.18 Let K D QŒn , where n is a primitive nth root of 1. If pjn then p
ramifies in K, and .p; K=Q/ is not defined. Otherwise D .p; K=Q/ is the unique element
of Gal.K=Q/ such that
˛ ˛ p mod p; for all ˛ 2 ZŒn ;
for any prime ideal p lying over p:

p
I claim that is the element of the Galois group such that .n / D n : let p be a prime
lying over p in ZŒn ; then modulo p, we have,
ip P p ip
. ai ni / D ai n ai n . ai ni /p
P P P
as required.
Note that .p; K=Q/ has order f where f is the smallest integer such that njp f 1
(because this is the order of p in .Z=.n// ).
p
E XAMPLE 8.19 Let K D QŒ d , and let p be a prime that is unramified in K. Identify
Gal.K=Q/ with f˙1g. Then .p; K=Q/ D C1 or 1 according as p does, or does not, split
in K, i.e., according as d is, or is not, a square modulo p. Thus .p; K=Q/ D dp :
Application: the quadratic reciprocity law

Let K D QŒ, where is a primitive pth root of 1, p ¤ 2. Because Gal.K=Q/ '
.Z=pZ/ is cyclic of order p 1, it contains a unique subgroup of order .p 1/=2 (consist-
ing of the elements of .Z=pZ/ that are squares), and hence K contains a unique quadratic
p
extension F of Q. If p 1 mod 4, then p is the only prime ramifying in QŒ p, and
p
QŒ p is the only quadratic field for which this is true. Similarly if p 3 mod 4, then
p p
p 1 mod 4, and p is the only prime ramifying in QŒ p. Thus F D QŒ d
where d D . 1/.p 1/=2 p:
If q is an odd prime ¤ p; then
.q; K=Q/./ D q :
p
Thus .q; K=Q/ restricts to the identity element of Gal.QŒ d =Q/ or not according as q is
p
a square in .Z=pZ/ or not. Thus .q; K=Q/jQŒ d D . pq /. But we know that it is also
equal to . dq /. Hence
! !.p 1/=2 ! !
q 1 p p
D D . 1/.p 1/.q 1/=4
:
p p q q
Here we have used that 1 is square in Fq if and only if 4jq 1, so that q1 D . 1/.q 1/=2 .

The displayed formula, together with the equalities

!
1 .p 1/=2 1 if p 1 mod 4
D . 1/ D
p 1 if p 1 mod 4
!
2 .p 2 1/=8 1 if p ˙1 mod 8
D . 1/ D
p 1 if p ˙5 mod 8;
constitutes the quadratic reciprocity law. We have already proved the first equality, and the
second can be proved as follows. Let be a primitive 8th root of 1 in an algebraic closure
of Fp , and let a D C 1 . From 4 D 1, we see that
X 4 C 1 D .X 2 2 /.X 2 2
/ in Fp ŒX
because the roots of both polynomials are ˙, ˙ 1 . Therefore, 2 C 2 D 0, and so
a2 D 2. When p ˙1 mod 8, p C p D C 1 , i.e., ap D a, and so 1 D ap 1 D
2.p 1/=2 D p2 . When p ˙5 mod 8, p C p D 5 C 5 D . C 1 /, i.e.,
ap D a, and so 1 D ap 1 D 2.p 1/=2 D p2 .

COMPUTING GALOIS GROUPS (THE HARD WAY) 137
Computing Galois groups (the hard way)

Let f .X / be a polynomial over a field K, and let ˛1 ; : : : ; ˛n be the roots of f .X / in K al .
We want to determine the Galois group of f as a subgroup of the group of permutations Sn
of f˛1 ; : : : ; ˛n g.
P any 2 Sn and polynomial f .t1 ; : : : ; tn /, define
Introduce variables t1 ; : : : ; tn . For
t f D f .t .1/ ; : : : ; t .n/ /. Let D ˛i ti , and define a polynomial
Q
F .X; t / D .X t / (product over 2 Sn /:
The coefficients of this polynomial are symmetric polynomials in the ˛i , and so lie in K.
Now factor
F .X; t / D F1 .X; t / Fr .X; t /
in KŒX; t1 ; : : : ; tn :
T HEOREM 8.20 Let G be the set of 2 Sn such that t fixes F1 .X; t /; then G is the
Galois group of f:
P ROOF. See van der Waerden, Algebra, Vol 1, 61 (Calculation of the Galois group). 2
This theorem gives an algorithm (unfortunately impractical) for computing the Galois
group of a polynomial f .X / 2 QŒX . We may suppose f .X / to be monic with integer
coefficients. First find the roots of f .X / to a high degree of accuracy. Then compute
F .X; t / exactly, noting that this has coefficients in Z. Factor F .X; t /, and take one of the
factors F1 .X; t /. Finally list the elements of Sn such that t fixes F1 .X; t /. The problem
with this approach is that F .X; t / has degree nŠ. It will probably work (on a computer) if
n 5, but otherwise it is like trying to compute a determinant directly from the definition
as a sum of products.
Computing Galois groups (the easy way)

We now give a more practical procedure (also largely in van der Waerden with a more direct
proof).
P ROPOSITION 8.21 Let f .X / be a monic separable polynomial of degree n over a field

K, and suppose that the Galois group G of f .X / has s orbits (as a group of permutations
of the roots of f ) with n1 ; : : : ; ns elements respectively (so that n1 C n2 C C ns D n);
then there is a factorization
f .X / D f1 .X / fr .X /
with fi .X / an irreducible polynomial in KŒX of degree ni :
Q Q
P ROOF. Write f .X / D .X ˛i /. For S f1; 2; : : : ; ng, consider fS D i 2S .X
˛i /. This polynomial divides f .X /, and it is fixed under the action of G (and hence has
coefficients in K/ if and only if S is stable under G. Therefore the irreducible factors of
f .X/ are the polynomials fS with S a minimal subset of f1; : : : ; ng stable under G, but
such sets S are precisely the orbits of G in f1; 2; : : : ; ng: 2
Let 2 Sn . In GT, 4, it is proved that is a product of disjoint cycles. More precisely,
if
o1 D fm11 ; : : : ; m1n1 g; o2 D fm21 ; ; m2n2 g; :::
are the orbits of hi acting on f1; 2; :::; ng, numbered in such a way that mij D mi j C1 ,
then
D .m11 : : : m1n1 / .m21 : : : m2n2 / : : : :
This remark, together with (8.21), gives us the following result.
C OROLLARY 8.22 Let f .X / be a monic separable polynomial of degree n over a finite
field k, and let ` be the splitting field of f .X /. Suppose that the Frobenius element 2
Gal.`=k/ (when regarded as a permutation of the roots P of f .X // is a product of disjoint
cycles D c1 cs with ci of length ni (so that ni D n/. Then f .X / factors as a
product of irreducible polynomials in kŒX
f .X / D f1 .X / fr .X /
with fi of degree ni :
In other words, the type of the cycle decomposition of can be read off from the
factorization of f .X /.
T HEOREM 8.23 (D EDEKIND ) Let f .X / be a polynomial of degree n over a number field
K, and let G be the Galois group of f . Assume f .X / 2 OK ŒX and is monic. Let p be a
prime ideal of K, and suppose that
f .X / f1 .X / fr .X / mod p
with the fi distinct irreducible polynomials in kŒX and fi of degree ni , k D OK =p. Then
G contains a permutation that is a product of disjoint cycles of length ni :
P ROOF. Take to be the Frobenius element of any prime lying over p — the hypothesis on
the factorization of f .X / mod p implies that p is unramified in the splitting field (because
it implies that p doesn’t divide the discriminant of f ). 2
R EMARK 8.24 There is a similar statement for real primes, namely, if
f .X / D f1 .X / fr .X /
in RŒX with f1 ; : : : ; fj of degree 2 and the remainder of the degree 1, then G contains a
permutation that is a product of disjoint j cycles of length 2.
This suggests the following strategy for factoring a polynomial QŒX : factor f .X /
modulo many primes p; discard the result if f .X / mod p has multiple factors; continue
until a sequence of, say n, primes has yielded no new cycle types for the elements. Then
attempt to read off the type of the group from tables. We discuss how effective this is later.
E XAMPLE 8.25 Let f .X / D X 5 X 1. Modulo 2 this factors as .X 2 C X C 1/.X 3 C
X 2 C 1/; modulo 3 it is irreducible. Hence G contains (12345) and .i k/.`mn/ for some
numbering of the roots. It also contains ..i k/.`mn//3 D .i k/, and this implies that G D S5
(see 8.28 below).
COMPUTING GALOIS GROUPS (THE EASY WAY) 139
L EMMA 8.26 Let H be a subgroup of Sn ; if H is transitive (for example, contains an

n-cycle) and contains an .n 1/-cycle and a transposition, then H D Sn :
P ROOF. After possibly renumbering, we may suppose that the .n 1/-cycle is (1 2 3 : : : n

1/. By virtue of the transitivity, the transposition can be transformed into .i n/, some i n
1. Now the .n 1/-cycle and its powers will transform this into .1 n/, .2 n/, : : :, .n 1 n/,
and these elements obviously generate Sn (because Sn is generated by transpositions). 2
E XAMPLE 8.27 Select monic polynomials of degree n, f1 , f2 , f3 with coefficients in Z

such that
(a) f1 is irreducible modulo 2;
(b) f2 D(degree 1)(irreducible of degree n 1) mod 3;
(c) f3 D(irreducible of degree 2)(product of one or two irreducible polynomials of odd
degree) mod 5. We need to choose f3 to have distinct roots modulo 5.
Take
f D 15f1 C 10f2 C 6f3 ;
and let G be the Galois group of f . Then
(a0 ) G is transitive (it contains an n-cycle because of (a));
(b0 ) G contains a cycle of length n 1I
(c0 ) G contains a transposition (because it contains the product of a transposition with
a commuting element of odd order).
The above lemma shows that G D Sn :
R EMARK 8.28 There are other criteria for a subgroup H of Sn to be all of Sn . For example,
a subgroup H of Sp , p prime, that contains an element of order p and a transposition is
equal to Sp (FT, Lemma 4.14).
R EMARK 8.29 In Pohst and Zassenhaus 1989, p73, there are suggestions for constructing
irreducible polynomials f .X / of degree n in Fp ŒX . A root of such a polynomial will
generate Fq , q D p n , and so every such f .X / will divide X q X . One can therefore find
all f .X /s by factoring X q X.
For example, consider X 125 X 2 F5 ŒX . Its splitting field is F125 , which has degree
3 over F5 . The factors of X 125 X are the minimum polynomials of the elements of
F125 . They therefore have degree 1 or 3. There are 5 linear factors, X , X 1, X 2,
X 3, X 4, and 40 cubic factors, which constitute a complete list of all the monic
irreducible cubic polynomials in F5 ŒX . PARI has no trouble factoring X 125 X modulo
5 (factormod(X^125-X,5)) or X 625 X modulo 5, but for X 3125 X modulo 5, which
gives a complete list of monic irreducible polynomials of degree 1 or 5 in F5 ŒX , I had to
increase the allocated memory (allocatemem(10000000)).
However, if you only want one irreducible polynomial of degree n, it is easier to write
down a polynomial at random, and check whether it is irreducible.
Cubic polynomials
The group S3 has the following subgroups:
order group group elements
1 1 1
2 C2 11C12
3 A3 11C23
6 S3 1 1 C 3 2 C 2 3:
By the last row, I mean S3 has one 1-cycle, three 2-cycles, and two 3-cycles.
Note that any subgroup of S3 containing cycles of length 2 and 3 is the whole of S3 ;
thus if f is irreducible modulo some prime and has an irreducible factor of degree 2 modulo
a second prime, then its Galois group is S3 . On the other hand, if factorizing f modulo
many primes doesn’t turn up a factor of degree 2, but f is irreducible, then expect the
Galois group of f to be A3 . This can be checked by seeing whether disc.f / is a square.
For example, the calculations on p. 61 show that the polynomials X 3 C 10X C 1 and
X 3 8X C 15 both have Galois group S3 :
To make this more effective (in the technical sense), we need the Chebotarev density
theorem.
Chebotarev density theorem

D EFINITION 8.30 Let S be a set of finite primes in a number field K, and let P be the set
of all finite primes. We say that S has natural density ı if
jfp 2 S j Np N gj
lim D ı:
N !1 jfp j Np N gj
T HEOREM 8.31 (C HEBOTAREV DENSITY THEOREM ) Let L be a finite Galois extension

of the number field K, with Galois group G, and let C be a conjugacy class in G. The set
of prime ideals p of K such that .p; L=K/ D C has density ı D jC j = jGj.
P ROOF. See my notes CFT (in fact, normally one proves this result with a slightly weaker
notion of density). 2
For example, if G is abelian, then for each 2 G, the set of p such that .p; L=K/ D
has density 1= jGj :
C OROLLARY 8.32 The primes that split in L have density 1=ŒL W K. In particular, there
exist infinitely many primes of K not splitting in L:
R EMARK 8.33 There is a bound for the error in implicit in (8.31) in terms of the dis-
criminant of the polynomial, but it is large. The existence of the bound has the following
consequence: given a polynomial f .X / 2 QŒX (say), there exists a bound B such that, if
a given cycle type doesn’t occur as the Frobenius element of some p B, then it doesn’t
occur at all. For a discussion of the effective version of the Chebotarev density theorem,
see Lagarias and Odlysko, 1977.3
3 Lagarias,J. C.; Odlyzko, A. M. Effective versions of the Chebotarev density theorem. Algebraic number
fields: L-functions and Galois properties (Proc. Sympos., Univ. Durham, Durham, 1975), pp. 409–464.
Academic Press, London, 1977.
COMPUTING GALOIS GROUPS (THE EASY WAY) 141
E XAMPLE 8.34 Let K D QŒn . Then Gal.K=Q/ D .Z=nZ/ and .p; K=Q/ D Œp. The
Chebotarev density theorem says that the primes are equidistributed among the congruence
classes. In other words, each of the arithmetic progressions
k, k C n, k C 2n, k C 3n; : : : gcd.k; n/ D 1;
contains 1='.n/ of the primes. In particular, each of the arithmetic progressions contains
infinitely many primes. This statement was conjectured by Legendre and proved by Dirich-
let (using Dirichlet series). The proof of the Chebotarev density theorem is a generalization
of that of Dirichlet.
E XAMPLE 8.35 In a quadratic extension, half the primes split and half the primes remain
prime.
E XAMPLE 8.36 Let f be a cubic polynomial with coefficients in Q. The Chebotarev den-
sity theorem implies the following statements (see the above table):
G D 1: f splits modulo all primes.
G D C2 : f splits for 1=2 of the primes and has an irreducible factor of degree 2 for
1=2 of the primes.
G D A3 : f splits for 1=3 of the primes and f remains irreducible for 2=3 of the
primes.
G D S3 : f splits for 1=6 of the primes, has a factor of degree 2 for 1=2 of the primes,
and remains prime for 1=3 of the primes.
E XAMPLE 8.37 Let f be a quartic polynomial with no linear factor.

(a) When disc.f / is a square, the possible Galois groups are:
order group elements

2 C2 1 1 C 1 22
4 V4 1 1 C 3 22
12 A4 1 1 C 3 22 C 8 3
(b) When disc.f / is not a square, the possible Galois groups are:
order group elements

4 C4 1 1 C 1 22 C 2 4
8 D8 1 1 C 2 2 C 3 22 C 2 4
24 S4 1 1 C 3 22 C 6 2 C 8 3 C 6 4
See FT 4. Thus if f is a polynomial of degree 4 with Galois group D8 , then it will
split modulo p for 1=8 of the primes, factor as the product of a quadratic and two linear
polynomials for 1=4 of the primes, factor as the product of two quadratics for 3=8 of the
primes, and remain irreducible for 1=4 of the primes.
For a similar table for polynomials of degree 5, see Pohst and Zassenhaus 1989, p132.
One strategy for determining the Galois group of a polynomial is
(a) test whether f is irreducible over QI
(b) compute the discriminant of f ;
(c) factor f modulo good primes (i.e., those not dividing the discriminant) until you
seem to be getting no new cycle types;
(d) compute the orbit lengths on the r-sets of roots (these are the degrees of the irre-
ducible factors in QŒX of the polynomial whose roots are the sums of r roots of
f /;
(e) ad hoc methods.
As late as 1984, it had not been proved that the Mathieu group M11 occurs as a Galois
group over Q (M11 is subgroup of S11 of order 11Š=5040 D 7920/:
R EFERENCES
Butler, Gregory; McKay, John. The transitive groups of degree up to eleven. Comm.
Algebra 11 (1983), no. 8, 863–911. (This lists all transitive subgroups of Sn , n 11,
and gives the cycle types of their elements and the orbit lengths of the subgroup acting on
the r-sets of roots; with a few exceptions, these invariants are sufficient to determine the
subgroup up to isomorphism.)
Cohen 1993, Section 6.3.
Ford, David J.; McKay, John, Computation of Galois groups from polynomials over the
rationals. Computer algebra (New York, 1984), 145–150, Lecture Notes in Pure and Appl.
Math., 113, Dekker, New York, 1989.
Pohst and Zassenhaus 1989. Chapter 2 is entirely concerned with computing Galois
groups; for example, II.10.8 discusses the following problem: given G H Sn , deter-
mine whether G is contained in a given smaller subgroup J of H .)
Soicher, L. H. An algorithm for computing Galois groups. Computational group theory
(Durham, 1982), 291–296, Academic Press, London, 1984.
Soicher, Leonard; McKay, John. Computing Galois groups over the rationals. J. Num-
ber Theory 20 (1985), no. 3, 273–281.
PARI can find the Galois group of a polynomial of degree 11.
Applications of the Chebotarev density theorem

We now discuss some other applications of the Chebotarev density theorem.
For any extension L=K of number fields, write Spl.L=K/ for the set of primes that split
completely in L, and write Spl0 .L=K/ for the set of primes that have at least one split factor.
Then Spl.L=K/ Spl0 .L=K/ always, and equality holds if L=K is Galois, in which case
the Chebotarev density theorem shows that Spl.L=K/ has density 1=ŒL W K.
T HEOREM 8.38 If L and M are Galois over K, then
L M ” Spl.L=K/ Spl.M=K/:
P ROOF. ): This is obvious.

(: We have
Spl.LM=K/ D Spl.L=K/ \ Spl.M=K/:
To see this, note that
p 2 Spl.LM=K/ ” .p; LM=K/ D 1

” .p; LM=K/jL D 1 and .p; LM=K/jM D 1I
APPLICATIONS OF THE CHEBOTAREV DENSITY THEOREM 143
but .p; LM=K/jL D .p; L=K/ and .p; LM=K/jM D .p; M=K/. Now
Spl.M=K/ Spl.L=K/ ) Spl.LM=K/ D Spl.M=K/
8:31
) ŒLM W K D ŒM W K ) L M: 2
C OROLLARY 8.39 If L and M are Galois over K, then

L D M ” Spl.M=K/ D Spl.L=K/:
P ROOF. Obvious from the Proposition. 2
R EMARK 8.40 (a) In fact, L D M if Spl.M=K/ and Spl.L=K/ differ by at worst a finite
set of primes (or if they differ by at worst a set of primes of density zero).
(b) The effective form of the Chebotarev density theorem shows that (8.38) is effective:
in order to show that L M it suffices to check that
p splits in M ) p splits in L
for all primes p less than some bound.
(c) Proposition 8.39 is not true without the Galois assumptions: there exist nonisomor-
phic extensions L and M of Q such that Spl.L=K/ D Spl.M=K/. In fact there exist
nonisomorphic extensions L and M of Q of the same degree such that
˘ L and M have the same discriminant;
˘ a prime p not dividing the common discriminant decomposes in exactly the same
way in the two fields.
(d) It is clear from (8.39) that if a separable polynomial f .X / 2 KŒX splits into linear
factors mod p for all but finitely many primes p of K, then f .X / splits into linear factors in
KŒX. With a little more work, one can show that an irreducible polynomial f .X / 2 KŒX
can not have a root mod p for all but a finite number of primes. This last statement is false
for reducible polynomials — consider for example,
.X 2 2/.X 2 3/.X 2 6/:
For more on these questions, see Exercise 6, p361, of Algebraic number theory. Proceed-
ings of an instructional conference organized by the London Mathematical Society. Edited
by J. W. S. Cassels and A. Frhlich Academic Press, London; Thompson Book Co., Inc.,
Washington, D.C. 1967.
(e) It is easy to give examples of polynomials f .X / that are irreducible over Q but
become reducible over Qp for all p, including p D 1. Since the Galois group of any
extension of local fields is solvable, one only has to chose f to have nonsolvable Galois
group, for example, Sn for n 5.
E XAMPLE 8.41 Fix a number field K. According to (8.39), a Galois extension L of K

is determined by the set Spl.L=K/. Thus, in order to classify the Galois extensions of
K, it suffices to classify the sets of primes in K that can occur as Spl.L=K/. For abelian
extensions of K, class field theory does this — see CFT (they are determined by congruence
conditions). For nonabelian extensions the sets are still a mystery — it is known that they
are not determined by congruence conditions — but Langlands’s conjectures shed some
light.
Exercises
8-1 Let K D QŒ˛ where ˛ is a root of X 3 X 2 2X 8. Show that there are three
extensions of the 2-adic valuation to K. Deduce that 2j disc.ZŒ˛=Z/ but not disc.OK =Z/.
8-2 Let L be a finite Galois extension of the local field K, and let Gi , i 0, be the
i th ramification group. Let ˘ generate the maximal ideal in OL . For 2 Gi , write
˘ D ˘ C a. /˘ i C1 , and consider the map Gi ! l, 7! a. / mod .˘ /, where
l D OL =.˘ /. Show that this is a homomorphism (additive structure on l) if and only if
i > 0.
8-3 “It is a thought-provoking question that few graduate students would know how to
approach the question of determining the Galois group of, say,4
X 6 C 2X 5 C 3X 4 C 4X 3 C 5X 2 C 6X C 7:”
(a) Can you find it?

(b) Can you find it without using a computer?
8-4 Let K D k.X / where k is a finite field. Assume that every valuation of K comes
from a prime ideal of kŒX or kŒX 1 ], and prove the product formula.
And after the first year [as an undergraduate at Göttingen] I went home with
Hilbert’s Zahlbericht under my arm, and during the summer vacation I worked
my way through it — without any previous knowledge of elementary number
theory or Galois theory. These were the happiest months of my life, whose
shine, across years burdened with our common share of doubt and failure, still
comforts my soul.
Hermann Weyl, Bull. Amer. Math. Soc. 50 (1944), 612–654.
4I don’t remember where this quote is from.

Appendix A
Solutions to the Exercises
p
0-1. Use that ˛ D m C n d is an algebraic integer if and only if Tr.˛/ D 2m 2 Z and
Nm.˛/ D m2 n2 d 2 Z.
0-2. Similar to Exercise 2-1 below.
S
1-1. (a) (: Let S D A r i pi with the pi prime ideals.
x; y 2 S ” 8i; x; y … pi ” 8i; xy … pi ” xy 2 S:
): Let a … S . Then .a/ \ S D ; because S is saturated. Let I be maximal among the

ideals of A containing a and disjoint from S — exists by Zorn’s Lemma. I’ll show that I
is prime. Suppose xy 2 I .
If x … I , then I C .x/ properly contains I , and so .I C .x// \ S is nonempty — let
c C ax 2 S with c 2 I and a 2 A.
Similarly, if y … I , there exists c 0 C a0 y 2 S .
But .c Cax/.c 0 Ca0 y/ 2 I , which is not possible because S is multiplicative. Therefore
x or y 2 I , and so I is prime.
(b) Given S , let S 0 D fx 2 A j 9y 2 A such that xy 2 Sg — verify that it is
multiplicative and saturated, and is the smallest such set containing S; moreover, it is a
union of the prime ideals not meeting S , and S 1 M Š S 0 1 M for all A-modules. For the
final statement, use that p remains prime in S 1 A if and only if S \ p D ;.
[Cf. Bourbaki, Alg. Comm., 1961, II, Ex. 2, no. 1, and Atiyah and MacDonald,
Chapt. 3, no. 7.]
p p p
2-1. pBy inspection, 4 D 2 2 D .3 C 5/.3 5/. We have to show that 2, 3 C 5, and
3 5 are irreducible, and 2 is not an associate of the other two.
If 2 D ˛ˇ then 4 D Nm.2/ D Nm.˛/ Nm.ˇ/, from which it follows that Nm.˛/ D
˙1, ˙2, or ˙4. If Nm.˛/ D ˙1, ˛ is unit (with inverse ˙ its conjugate); by looking mod
5, one sees that Nm.˛/ D ˙2 is impossible; if Nm.˛/ D ˙4, then ˇ is a unit. Hence 2
can’t be factored into a product of nonunits. The same argument applies to the other two
elements. p p p
If 2 and
p 3 C 5 werep associates, then there would be a unit m C n 5 in ZŒ 5 such
that 3 C 5 D 2.m C n 5/, but this is impossible.
Q
2-2. Suppose f .X / D gi .X / with gi .X / irreducible in KŒX . Let ˛ be a root of gi .X /
in some extension field. Then gi .X / is the minimum polynomial of ˛ over K. Because ˛
is a root of f .X /, it is integral over A, and so gi .X / has coefficients in A (by 2.9).
145
146 APPENDIX A. SOLUTIONS TO THE EXERCISES
2-3. Consider first the case that L D KŒ˛, ˛ p D a 2 K.

p p
2-4. Clearly 2 does not divide 1 C 3 in ZŒ 3, and so a ¤ .2/, but
p p p p
a2 D .4; 2 C 2 3; 2 C 2 3/ D .4; 2 C 2 3/ D .2/.2; 1 C 3/ D .2/a:
If there were unique factorization into products of prime ideals, then
ab D ac; a ¤ 0 ) b D c:
p
We have shown that the ring ZŒ 3 doesn’t have this property.
2-5. Let ˛ 2 AŒˇ \ AŒˇ 1 . By hypothesis, we can write
˛ D a0 C a1 ˇ C C am ˇ m
n
˛ D b0 C b1 ˇ C C bn ˇ :
Let M be the A-submodule of B generated by fˇ n ; : : : ; 1; : : : ; ˇ m g. From the first equa-

tion, we find that ˛ˇ i 2 M , 0 i n, and from the second equation we find that
˛ˇ j 2 M , 0 j m. We can apply (2.4) to deduce that ˛ is integral over A.
2-6.
P (a) CheckP easily that the products ˛i ˛j , i ¤ j , are divisible by 3, and this implies that
. ˛i /n ˛in mod 3: The rest is easy.
(b) Using Gauss’s Lemma, one finds that X 7! ˛W ZŒX ! ZŒ˛ defines an isomor-
phism ZŒX =.f .X // ' ZŒ˛. Hence
3jg.˛/ ” 9h 2 ZŒX s.t. f jg 3h ” 3jg:

N
(c) O.K.
(d) Since F3 has only 3 elements, there are only 3 monic polynomials of degree 1.
3-1. It is not a Dedekind domain because it has a chain of prime ideals
.X; Y / .X / .0/:
p p
3-2. From Galois theory (or playing around, or from PARI) find that . 3 C 7/=2 is a root
of the polynomial X 4 5X 2 C 1.
3-4. Let A D kŒX 2 ; X 3 kŒX . As kŒX D kŒX 2 1 C kŒX 2 X , it is a Noetherian
kŒX 2 -module. Therefore, an ideal in A is finitely generated when regarded as a kŒX 2 -
module, and a fortiori as an A-module. Thus A Noetherian. If p is nonzero prime ideal of
A, then p contains a nonzero polynomial, and so A=p is a finite-dimensional vector space
over k. Since it is an integral domain, it must be a field (see 3.30), and so p is maximal. The
element X of k.X / is integral over A because it is a root of the polynomial T 2 X 2 2 AŒT ,
but X … A. Therefore A is not integrally closed.
4-1. For example, take B D kŒX; Y kŒX D A and p D .Y /, or B D kŒX k D A
and p D .X /.
Q e.P =p/ Q e.Q =P /
4-2. Write pB D Pi i and Pi C D Qij ij i . Then
e.Pi =p/e.Qij =Pi /

Y Y
pC D .Pi C /e.Pi =p/ D Qij ;
i i;j
147
and Qij ¤ Qi 0 j 0 unless .i; j / D .i 0 ; j 0 /. For the second part of the problem, see the start
of 4 of the notes.
P
4-3. The possibilities are determined by ei fi D 3. Since the discriminant is 31, only
31 ramifies, and X 3 C 10X C 1 .X C 28/.X C 17/2 mod 31. All possibilities except
.p/ D p3 occur.
4-4. Compute the Minkowski bound to find a small set of generators for the class group. In
order to show that two ideals a and b are equivalent, it is often easiest to verify that a bm 1
is principal, where m is the order of b in the class group.
4-5. Let a1 ; : : : ; ah be a set of representatives of the ideal classes. It suffices to find a field
L such that each ai becomes principal in L. Because the ideal class group is finite, each of
the ai is of finite order, say am i
i D .ai /, ai 2 K. Let L be a finite extension of K such that
each ai becomes an mi th power in L, say ai D ˛imi , ˛i 2 L. In the group of fractional
ideals of L, we have
am i mi
i L D .ai / D .˛i / D .˛i / :
mi
Since the group of fractional ideals is torsion-free, this equation implies that ai OL D .˛i /.
[In fact, every ideal of K becomes principal in the Hilbert class field of K (see 4.9), but this
is very difficult to prove — it is the Principal Ideal Theorem (see CFT).]
4-6. The discriminant of X 3 X C 2 is . 26/22 , and Stickleberger’s lemma shows 26
is not a possible discriminant, and so OK D ZŒ˛. To show that the class number is 1, it is
only necessary to show that the ideals dividing .2/ are principal.
p
4-7. To show that OK D ZŒi Œ , D 1C2 5 , observe that D.1; / D 5, and 5 is not a
p
square in ZŒi ; now apply Lemma 2.23. The prime 2 ramifies in QŒi , but not in QŒ 5,
and so it ramifies in K with ramification index 2 (this follows from the multiplicativity of
the e’s). Similarly, 5 ramifies in K with ramification index 2. Since disc.OK =ZŒi / D .5/,
p.5/ (in ZŒi ) can ramify in K , and hence only 2 and 5 can ramify in K.
only the divisors of
The proof that QŒ 5 has class number 2 is sketched in (4.6). [Of course, this problem
becomes much easier once one has (6.5).]
5-1. No!
p Some infinite
p sets:
fmp 2 Œm 2 j m; n 2 Zg, Œ Dinteger part;
f.p 2 1/n j n 2 Ng;
f n2 C 1 n j n 2 Ng;
f˛ j ˛ is the smaller root of X 2 C mX C 1 D 0; m 2 Zg
5-2. The period is 10, and the fundamental unit is
p
48842 C 5967 67:
5-3. No! One way to obtain a counterexample is to note that, if a prime p factors as
p D 1 2 (i nonassociate primes) in a quadratic extension of Q, then Nm 1 D ˙p D
Nm 2 , and so 1 =2 has norm ˙1. For example 5 D .2 C i /.2 i / in QŒi , and so
.2 C i/=.2 i / has norm 1, but it is not an algebraic integer. Alternatively, note that any
root of an irreducible polynomial X n C a1 X n 1 C C 1, ai 2 Q, not all ai 2 Z, will
have norm ˙1, but will not be an algebraic integer.
6-1. Let ˛ be a root of X 3 3X C 1. Then disc.ZŒ˛=Z/ D 81. Since its sign is . 1/s ,
we must have s D 0, r D 3 — three real embeddings. From their minimum polynomials,
one sees that ˛ and ˛ C 2 are algebraic integers with norms 1 and 1 respectively. From
3 3
P
.˛ C 1/ D 3˛.˛ C 2/ we find .˛ C 1/ D .3/ in OK . From the formula ei fi D 3,
we find that there can be no further factorization, and e D 3, f D 1. The second equality
implies that OK =.˛ C 1/ D Z=.3/, and so K D Z C .˛ C 1/K . The proof that OK D ZŒ˛
proceeds as in the proof of 6.2. The Minkowski bound is 2, and 2 OK is prime, because
X 3 3X C 1 is irreducible modulo 2.
6-2. First solution: Let ˛ be an algebraic integer in QŒ C 1 . We can write it
˛ D ai . C 1 /i ; 0 i < '.m/=2; ai 2 Q:
P
Pn
Suppose an is the last coefficient not in Z. Then ˛ 0 D i D0 ai . C
1 /i is also an
algebraic integer. On expanding this out, and multiplying through by n , we find that
n ˛ 0 D an 2n C terms of lower degree in ; an … Z:
This contradicts the fact that n ˛ 0 is in ZŒ.

Second solution: Clearly, OQŒC 1 D OQŒ \QŒC 1 . It follows that the algebraic
integers in QŒ C 1 are those elements that can be expressed ai . i C i /, ai 2 Z.
P
Now prove inductively that i C i 2 ZŒ C 1 .
7-2. (a) Easy. (b) Show sn D niD0 ai is Cauchy if and only if ai ! 0.
P
7-3. If a D 0, there is a solution, and so we now take a ¤ 0. To have a solution in Z7 ,

clearly it is necessary that a D 72mC1 b, m 0, with b an integer that is not divisible by
7 but is a square modulo 7 (hence b 1; 2; 4 mod 7). Newton’s lemma shows that this
condition is also sufficient.
For a 2 Q, 7X 2 D a has a solution in Q7 if and only if a D 72mC1 b, m 2 Z, b 2 Z,
b 1; 2; 4 mod 7.
7-4. (a) Because the product of two nonsquares in Z=.p/ is a square, and least one of
X 2 2, X 2 17, X 2 34 has a root modulo p, and if p ¤ 2; 17, the root is simple and
hence lifts to a root in Zp (by Newton’s lemma). The polynomial X 2 2 has 6 as a simple
root modulo 17, and so it has a root in Z17 . Let g.X / D X 2 17 and a0 D 1. Then
jg.a0 /j2 D 1=16 and jg 0 .a0 /2 j2 D 1=4 and so Newton’s lemma (7.32) again shows that it
has a root in Z2 .
(b) Apply the method of proof of (7.31) to find
a D 1 C 5 7 C 73 C 2 74 C 5 75 C :
p
7-5. If k is a field of characteristic ¤ 2, a quadratic extension of k is of the form kŒ a for
some a 2 k, a … k 2 , and two nonsquare elements a and b of k define the same quadratic
extension if and only if they differ by a square (FT, Theorem 5.27). Thus the quadratic
extensions of k are in one-to-one correspondence with the cosets of k 2 in k other than
k 2 itself.
We have to find a set of representatives for Q2 n
2 in Q2 . Clearly an element u 2 of

Q2 , u 2 Z2 , is a square if and only if n is even and u is a square in Z2 , and Newton’s
lemma shows that u is a square in Z2 if (and only if) it is a square in Z2 =.8/ D Z=.8/.
The elements ˙1; ˙5 form a set of representatives for .Z=.8// , and of these only 1 is
a square. Hence f˙1; ˙5 ˙ 2; ˙10g is a set of representatives for Q 2
2 =Q2 , and so the
p
distinct quadratic extensions of Q2 are the fields QŒ a] for a D 1; ˙2; ˙5; ˙10.
149
There is a description of the structure of Qp in Serre, Course..., II.3. Let U D Zp and
let Ui be the subgroup 1 C p i Zp of U ; we know from (7.27) that Qp contains the group
p 1 of .p 1/st roots of 1, and one shows that
Qp Z p 1 U1 ; U1 Zp ; p ¤ 2I
Q
2 Z U1 ; U1 D f˙1g U2 ; U2 Z2 :
There is a general formula,
m
.K W K m / D .m W 1/
kmk
for any finite extension K of Qp ; here m is the group of mt h roots of 1 in K. See CFT VII.
7-6. If 2 occurs among the ˛i , number it ˛1 . Then ˛i … QŒ˛1 ; ˛2 ; :::; ˛i 1 because pi does
not ramify in QŒ˛1 ; ˛2 ; :::; ˛i 1 . Therefore the degree is 2m (alternatively, use Kummer
theory). The element is moved by every element of Gal.K=Q/, and so it generates K.
The group Gal.K=Q/ is abelian of exponent 2 (i.e., every element has square 1). TheQsame
is true of the decomposition groups of the primes lying over p. Write K ˝Q Qp D Ki ,
so that Ki KŒX =.fi .X // where fi .X / is the i t h irreducible factor of f .X / in Qp ŒX
(cf. 8.2). Kummer theory and the description of Qp given above show that ŒKi W Qp 4
if p ¤ 2 and ŒKi W Q2 8 (because their Galois groups are abelian of exponent 2). This
implies that f .X / factors as stated.
7-7. The degree of Qp Œn , p does not divide n, is f , where f is the smallest integer such
that njp f 1. As n ! 1, fP! 1, and so a finite extension K of Qp can contain only
finitely many n ’s. Suppose n p n converges to ˇ 2 Qpal . Then K D Qp Œˇ is a finite
Pt n
extension of Qp . Let ˛ t D nD1 n p . Then ˛ t is further from its conjugates than it
is from ˇ, and so Krasner’s lemma (7.60) implies that Qp Œ˛ t Qp Œˇ. It follows (by
induction) that Qp Œˇ contains all the n , and this is impossible.
7-8. (a) The polynomial
X3 C X2 C X C 1
has the factor X 1, but
X3 C X2 C X 1
is irreducible because it is irreducible modulo 5:
(b) Consider
f D X 6 C 3 5X 5 C 3 5X 4 C 3 54 X 3 C 3 54 X 2 C 3 59 X C 3 59 :
It is Eisenstein for 3, and hence is irreducible over Q. Its Newton polygon for 5 has slopes
1=2, 3=2, and 5=2, each of length 2. Correspondingly, in Q5 ŒX it is a product of three
polynomials f D f1 f2 f3 . Each of the fi is irreducible because the field generated by a
root of it is ramified (because the slope isn’t an integer).
8-1. The Newton polygon of f .X / D X 3 X 2 2X 8 has three distinct slopes 1; 2; 3,
Pit splits over Q2 . Now (8.1) shows that j j2 has three distinct extensions to K. Using
and so
that ei fi D 3, we see that 2 doesn’t ramify in K, and so 2 does not divide disc OK =Z.
On the other hand 2j disc.f .X // because f .X / has multiple roots modulo 2 (according to
PARI, its discriminant is 2012).
8-2. Straightforward.
8-3. (a) In PARI, type polgalois(X^6+2*X^5+3*X^4+4*X^3+5*X^2+6*X+7):
(b) There are the following factorizations:
mod 3, irreducible;
mod 5, .deg 3/ .deg 3/;
mod 13, .deg 1/ .deg 5/I
mod 19, .deg 1/2 .deg 4/I
mod 61, .deg 1/2 .deg 2/2 I
mod 79, .deg 2/3 :
Thus the Galois group of f has elements of type:
6; 3 C 3; 1 C 5; 1 C 1 C 4; 1 C 1 C 2 C 2; 2 C 2 C 2:
No element of type 2, 3, 3 C 2, or 4 C 2 turns up by factoring modulo any of the first 400

primes (so I’m told). Thus it is the group T 14 in the tables in Butler and McKay (see p141)
of the notes. It has order 120, and is isomorphic to PGL2 .F5 / (group of invertible 2 2
matrices over F5 modulo the scalar matrices aI2 , a 2 F 5 ).
8-4. Prime ideals of kŒX and kŒX 1 define the same valuation of k.X / if and only if
they generate the same prime ideal of kŒX; X 1 . Thus there is one valuation ordp for each
monic irreducible polynomial p.X / of kŒX , and one for the polynomial X 1 in kŒX 1 .
The normalized valuation corresponding to p.X / is
ordp g ordp h
1
kg.X /= h.X /k D
q deg p
where q D #k and ordp .g/ is the power of p.X / dividing g.X /, and the normalized
valuation corresponding to X 1 is
kg.X /= h.X /k D deg h deg g:
Thus the product formula is equivalent to the formula,

X
deg p.ordp g ordp h/ D deg g deg h;
p.X /
which is obvious.
Appendix B
Two-hour examination
Prove (or, at least, explain) your answers.

p
1. (a) Is .1 Cpi /= 2 an algebraic integer?
(b) Is ZŒ 29 a principal ideal domain?
2. Let K D QŒ˛ where ˛ is a root of X n 2, n 2:
(a) Find ŒK W Q:
(b) In how many ways can the usual archimedean valuation on Q be extended to K?
(c) Same question for the 2-adic valuation.
(d) Find the rank of the group of units in OK and the order of its torsion subgroup.
3. Let be a primitive 8t hproot of 1.pShow that
p QŒ contains exactly 3 subfields of degree
2 over Q, and they are QŒ 1, QŒ 2, QŒ 2.
4. Let ˛ and be nonzero elements of the ring of integers OK of a number field K with
irreducible (i.e., D ab ) a or b a unit). If j˛ 3 , can you conclude that j˛? What
condition on the class group would allow you to conclude this?
5. Let K D Q3 Œ, where is a primitive 3rd root of 1. Find the Galois group of K over
Q3 and its ramification groups.
6. Let K be a finite Galois extension of Q with Galois group G. For each prime ideal P of
OK , let I.P/ be the inertia group. Show that the groups I.P/ generate G.
151
Bibliography
A RTIN , E. 1959. Theory of algebraic numbers. Notes by Gerhard Würges from lectures
held at the Mathematisches Institut Göttingen, Germany, 1956/7, in the Winter Semester.
Translated and distributed by George Striker, Schildweg 12, Göttingen. Reprinted in
Artin 2007.
C ASSELS , J. W. S. 1986. Local fields, volume 3 of London Mathematical Society Student

Texts. Cambridge University Press, Cambridge.
C OHEN , H. 1993. A course in computational algebraic number theory, volume 138 of

Graduate Texts in Mathematics. Springer-Verlag, Berlin.
C OHN , P. M. 1991. Algebraic numbers and algebraic functions. Chapman and Hall Math-
ematics Series. Chapman & Hall, London.
C URTIS , C. W. AND R EINER , I. 1962. Representation theory of finite groups and associa-
tive algebras. Pure and Applied Mathematics, Vol. XI. Interscience Publishers, a division
of John Wiley & Sons, New York-London.
D EDEKIND , R. 1877. Sur la théorie des nombres entiers algébriques. Bull. des Sc. Math.
1:?–?
D EDEKIND , R. 1996. Theory of algebraic integers. Cambridge Mathematical Library.

Cambridge University Press, Cambridge. Translated from the 1877 French original and
with an introduction by John Stillwell.
E DWARDS , H. M. 1977. Fermat’s last theorem, volume 50 of Graduate Texts in Mathe-

matics. Springer-Verlag, New York. A genetic introduction to algebraic number theory.
F R ÖHLICH , A. AND TAYLOR , M. J. 1991. Algebraic number theory, volume 27 of Cam-

bridge Studies in Advanced Mathematics. Cambridge University Press, Cambridge.
JANUSZ , G. J. 1996. Algebraic number fields, volume 7 of Graduate Studies in Mathemat-

ics. American Mathematical Society, Providence, RI, second edition.
L ENSTRA , J R ., H. W. 1992. Algorithms in algebraic number theory. Bull. Amer. Math.

Soc. (N.S.) 26:211–244.
M ILNE , J. S. 2006. Elliptic Curves. BookSurge Publishers.
NARKIEWICZ , W. 1990. Elementary and analytic theory of algebraic numbers. Springer-

Verlag, Berlin, second edition.
152
BIBLIOGRAPHY 153
P OHST, M. AND Z ASSENHAUS , H. 1989. Algorithmic algebraic number theory, volume 30

of Encyclopedia of Mathematics and its Applications. Cambridge University Press, Cam-
bridge.
ROQUETTE , P. 1967. On class field towers, pp. 231–249. In Algebraic Number Theory
(Proc. Instructional Conf., Brighton, 1965). Thompson, Washington, D.C.
S ERRE , J.-P. 1962. Corps locaux. Publications de l’Institut de Mathématique de

l’Université de Nancago, VIII. Actualités Sci. Indust., No. 1296. Hermann, Paris.
W EISS , E. 1963. Algebraic number theory. McGraw-Hill Book Co., Inc., New York.
Index
algebra, 7 inertia, 123

algebraic integer, 1 ramification, 123
algorithm, 33 splitting, 132
good, 33
practical, 33 Hermite normal form, 35
Hilbert class field, 66
basis, 24
binary quadratic form, 75 ideal
fractional, 45
Cauchy sequence, 108 integral, 45
class field tower, 66 principal, 46
class number, 4, 47 ideal class group, 47
complete field, 108 integral basis, 29
continued fraction, 84 integral closure, 21
convex set, 69 integral element, 18
cyclotomic polynomial, 90 integrally closed ring, 21
Dedekind domain, 41 lattice, 66

discrete subgroup, 66 lemma
discrete valuation, 48 Hensel’s, 114
discrete valuation ring, 39 Krasner’s, 125
discriminant, 25, 26, 30 Nakayama’s, 10
Newton’s, 113, 114
Eisenstein polynomial, 59, 122
local field, 120
Eisenstein’s criterion, 58
local ring, 10
element
local uniformizing parameter, 109
irreducible, 2
prime, 1 maximal ideal, 8
equivalent valuations, 102 Minkowski bound, 63
Minkowski constant, 63
field of fractions, 11
multiplicative subset, 11
Frobenius element, 134
full lattice, 66 natural density, 140
fundamental parallelopiped, 68 Newton’s polygon, 118
fundamental system of units, 78 nilpotent, 53
Noetherian module, 9
global field, 128
Noetherian ring, 8
group
nondegenerate bilinear form, 26
decomposition, 132
norm, 24, 70
higher ramification, 123
154
INDEX 155
numerical, 62 p-adic, 101

norm of an ideal, 61 trace, 24
normalized discrete valuation, 48
unique factorization domain, 2
PARI, 5, 31, 34, 36, 57, 58, 65, 90, 119, unit, 1
130, 139, 142 unramified, 65
prime ideal, 7
primitive nth root of 1, 89 valuation
archimedean, 99
reduced, 53 discrete, 101
regulator, 87 multiplicative, 99
relatively prime, 12 trivial, 99
ring of integers, 21
wildly ramified, 124
S-integer, 83
S-unit, 83
symmetric in the origin, 69
symmetric polynomial, 18
elementary, 18
tamely ramified, 124

tensor product, 14
theorem
Chebotarev density, 140
Chinese Remainder, 13
Chinese Remainder (for modules), 14
cyclotomic fields, 93
Dedekind’s on computing Galois groups,
138
extending valuations, 116
factoring primes in an extension, 55
Fermat’s Last, 96
fractional ideals form group, 46
integral closure of Dedekind domain,
50
invariant factor, 51
Minkowski bound, 63
modules over Dedekind domain, 51
points in lattice, 68
primes of a number field, 105
primes that ramify, 53
product formula, 104, 105, 131
Stickelberger’s, 32
sum of ef’s is the degree, 52
tensor product of fields, 17
the class number is finite, 63
unique factorization of ideals, 42
unit, 78, 81
topology

Algebraic Number Theory - J. S. Milne PDF

Uploaded by

Algebraic Number Theory - J. S. Milne PDF

Uploaded by

v2.01 (August 14, 1996). First version on the web.

The photograph is of the Fork Hut, Huxley Valley, New Zealand.

1 Preliminaries from Commutative Algebra 7

3 Dedekind Domains; Factorization 39

4 The Finiteness of the Class Number 61

5 The Unit Theorem 78

6 Cyclotomic Extensions; Fermat’s Last Theorem. 89

7 Valuations; Local Fields 99

8 Global Fields 128

A Solutions to the Exercises 145

B Two-hour examination 151

jab H) ja or jb:

The ring of integers

with coefficients a1 ; : : : ; an in Q, and ˛ is an algebraic integer if it satisfies such an equa-

and so ˛ is an algebraic integer if and only if

as one would hope.

Nm.˛/ D 1 ” ˛ ˛N D 1 ” ˛ is a unit. (*)

has no solution with a; b 2 Z.

210 D .2 3/.5 7/ D .2 5/.3 7/:

The idea of Kummer

6 D .p1 p2 /.p3 p4 / D .p1 p3 /.p2 p4 /;

ajab ) aja or ajb;

a D .a1 ; :::; am / and b D .b1 ; :::; bn /

.a/ D p1 pn with each pi a prime ideal.

In the above example,

which is an integral domain.

hK D 1 ” OK is a principal ideal domain

S OME COMMENTS ON THE LITERATURE

History of algebraic number theory

is a factorization of .6/ into a product of prime ideals.

Preliminaries from Commutative

It is again an ideal in A — in fact, it is the smallest ideal containing both a and b. If

A proper ideal a of A is prime if ab 2 a ) a or b 2 a. An ideal a is prime if and

Ideals in products of rings

pB (p a prime ideal of A), A p (p a prime ideal of B).

P ROOF. Let c be an ideal in A B, and let

a D fa 2 A j .a; 0/ 2 cg; b D fb 2 B j .0; b/ 2 cg:

Clearly a b  c. Conversely, let .a; b/ 2 c. Then .a; 0/ D .a; b/ .1; 0/ 2 a and

A B ! A=a B=b; .a; b/ 7! .a C a; b C b/

has kernel a b, and hence induces an isomorphism

A B=.a b/ ' A=a B=b:

P ROPOSITION 1.3 The following conditions on a ring A are equivalent:

becomes stationary, i.e., after a certain point an D anC1 D .

.X1 /  .X1 ; X2 /  .X1 ; X2 ; X3 / 

never becomes stationary.

.a/  .b/ ” bja, with equality if and only if b D a unit:

P ROPOSITION 1.6 The following conditions on an A-module M are equivalent:

P ROOF. Similar to the proof of Proposition 1.3. 2

P ROPOSITION 1.7 Let M be an A-module, and let N be a submodule of M . If N and

P ROOF. I claim that if M 0  M 00 are submodules of M such that M 0 \ N D M 00 \ N

As 1 ak is not in m, it is a unit, and so fm1 ; :::; mk 1 g generates M . This contradicts our

E XAMPLE 1.10 (a) Let t be a nonzero element of A; then

is a multiplicative subset of A, and we (sometimes) write A t for S t 1 A. For example, if d

Z.p/ D fm=n 2 Q j n is not divisible by pg:

P ROPOSITION 1.11 Consider an integral domain A and a multiplicative subset S of A. For

P ROOF. Let a be an ideal in S 1 A. Clearly .a \ A/e  a because a \ A  a and a is an

P ROPOSITION 1.12 Let A be an integral domain, and let S be a multiplicative subset of

P ROOF. It is easy to see that

p a prime ideal disjoint from S ) pe is a prime ideal in S 1

and (1.11) shows that the two maps are inverse. 2

Z: .2/; .3/; .5/; .7/; .11/; : : : ; .0/I

Note that in general, for t a nonzero element of an integral domain,

fprime ideals of A t g $ fprime ideals of A not containing tg

The Chinese remainder theorem

have a simultaneous solution x 2 Z; moreover, if x is one solution,

P ROOF. Suppose first that n D 2. As a1 C a2 D A, there are elements ai 2 ai such that

These conditions imply

The theorem extends to A-modules.

Review of tensor products

f .m; n C n0 / D f .m; n/ C f .m; n0 / all a 2 A; m; m0 2 M; n; n0 2 N:

i.e., if it is linear in each variable. A pair .Q; f / consisting of an A-module Q and an

Tensor products commute with direct sums: there is a canonical isomorphism

Let ˛W M ! M 0 and ˇW N ! N 0 be A-linear maps. Then

L EMMA 1.17 If ˛W M ! M 0 and ˇW N ! N 0 are surjective, then so also is

P ROOF. Recall that M 0 ˝ N 0 is generated as an A-module by the elements m0 ˝ n0 , m0 2

jab H) ja or jb:

Clearly a b c. Conversely, let .a; b/ 2 c. Then .a; 0/ D .a; b/ .1; 0/ 2 a and

.X1 / .X1 ; X2 / .X1 ; X2 ; X3 /

.a/ .b/ ” bja, with equality if and only if b D a unit:

P ROOF. I claim that if M 0 M 00 are submodules of M such that M 0 \ N D M 00 \ N

P ROOF. Let a be an ideal in S 1 A. Clearly .a \ A/e a because a \ A a and a is an

a ˝ f 7! af W K ˝k kŒX1 ; : : : ; Xm ! KŒX1 ; : : : ; Xm (4)

E XAMPLE 1.19 Let K D QŒ˛ with ˛ algebraic over Q. Then

P .X .1/ ; : : : ; X .r/ / D P .X1 ; : : : ; Xr /; all 2 Symr :

Let f .X / D X n C a1 X n 1 C C an 2QAŒX , and let ˛1 ; : : : ; ˛n be the roots of f .X /

W KŒ˛ ! KŒ˛ 0 ; .˛/ D ˛ 0 I

On applying to the above equation we obtain the equation

L EMMA 2.14 Let A B C be rings. If B is finitely generated as an A-module, and C

P ROPOSITION 2.15 Consider integral domains A B C ; if B is integral over A, and

where r D ŒL W KŒˇ D n=m:

TrL=K .ˇ/ D 1 ˇ C C n ˇ; NmL=K .ˇ/ D 1 ˇ n ˇ:

P ROOF. Each ˇi occurs exactly r times in the family fi ˇg. 2

D.ˇ1 ; :::; ˇm / D det.i ˇj /2 ¤ 0:

Suppose that det.i ˇj / D 0. Then there exist c1 ; :::; cm 2 ˝ such that

Aˇ1 C Aˇ2 C C Aˇm B Aˇ10 C Aˇ20 C C Aˇm