Professional Documents
Culture Documents
Arithmetic in Extensions of Q
Dušan Djukić
Contents
1 General Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
2 Arithmetic in the Gaussian Integers Z[i] . . . . . . . . . . . . . . . . . . . . . . . . 4
3 Arithmetic in the ring Z[ω ] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4 Arithmetic in other quadratic rings . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1 General Properties
What makes work with rational numbers and integers comfortable are the essential properties they
have, especially the unique factorization property (the Main Theorem of Arithmetic). However,
the might of the arithmetic in Q is bounded. Thus, some polynomials, although they have zeros,
cannot be factorized into polynomials with rational coefficients. Nevertheless, such polynomials can
always be factorized in a wider field. For instance, the polynomial x2 + 1 is irreducible over Z or
Q, but over the ring of the so called Gaussian integers Z[i] = {a + bi | a, b ∈ Z} it can be factorized
as (x + i)(x − i). Sometimes the wider field retains many properties of the rational numbers. In
particular, it will turn out that the Gaussian integers are a unique factorization domain, just like the
(rational) integers Z. We shall first discuss some basics of higher algebra.
Definition 2. Let α be an algebraic integer and p(x) = xn + an−1 xn−1 + · · · + a0 (ai ∈ Z) be its
minimal polynomial. The extension of a ring A by the element α is the set A[α ] of all complex
numbers of the form
c0 + c1α + · · · + cn−1α n−1 (ci ∈ A), (∗)
with all the operations inherited from A. The degree of the extension is the degree n of the polynomial
p(x).
2 Olympiad Training Materials, www.imomath.com
The theme of this text are extensions of the ring Z of degree 2, so called quadratic extensions.
√the polynomials x + 1 and x + x + 1 determine the extensions Z[i] and Z[ω ],
Thus, for example, 2 2
−1 + 3
where ω = (this notation will be used later).
2
All elements of a quadratic extension of Z are algebraic integers with the minimal polynomial of
second degree. Two elements having the same minimal polynomials are said to be conjugates. Each
nonrational element z of the quadratic extension has exactly one conjugate, called the conjugate of z
and denoted z. For a rational integer z we define z = z.
The norm is always an integer. Roughly speaking, it is a kind of equivalent of the absolute value
in the set of integers Z.
√ √ √
Example 3. If z ∈ Z[ d], z = a + b d (a, b ∈ Z), then z = a − b d and N(z) = a2 − db2 . In
particular, in Z[i] the norm of element a + bi (a, b ∈ N) is N(a + bi) = a2 + b2.
If z = a + bω ∈ Z[ω ] (a, b ∈ Z), then z = a − b − bω and N(z) = a2 − ab + b2.
In every complex quadratic field the conjugation corresponds to the complex conjugation.
Theorem 1. The conjugation is multiplicative, i.e. for arbitrary elements z1 , z2 of a quadratic ex-
tension of Z it holds that z1 z2 = z1 z2 . 2
Theorem 2. The norm is multiplicative, i.e. for arbitrary elements z1 , z2 of a quadratic extension of
Z it holds that N(z1 z2 ) = N(z1 )N(z2 ). 2
An element ε ∈ Z[α ] is called a unit if there exists ε ′ ∈ Z[α ] such that εε ′ = 1. In that case
N(ε )N(ε ′ ) = N(1) = 1, so N(ε ) = ±1. In fact, ε is a unit if and only if its norm is ±1: indeed, if
N(ε ) = ±1 then εε = ±1 by definition.
Solution. Denote P(x) = (1 + x)(2 + x) . . . (p − 1 + x). We know that P(x) = x p−1 − 1 + pQ(x) for
some polynomial Q(x) with integer coefficients.
Since k2 + 1 = (k + i)(k − i) for each k, we immediately obtain that
The divisibility and congruences in an extension K of the ring Z is defined in the usual way:
x ∈ K is divisible by y ∈ K (denoted y | x) if there exists z ∈ K such that x = yz, and x ≡ y (mod z) if
z | x − y.
Since every element of a quadratic ring is divisible by every unit, the definition of the notion of
a prime must be adjusted to the new circumstances.
Dušan Djukić: Arithmetic in Extensions of Q 3
Definition 5. A nonzero element x ∈ K which is not a unit is prime if it has no other divisors but the
units and elements adjoint to itself.
Proof. Suppose that x = yz, y, z ∈ K. Then N(x) = N(y)N(z), so at least one of N(y), N(z) equals
±1, i.e. either y or z is a unit, while the other is (by definition) adjoint to x. 2
The converse does not hold, as 3 is a prime in Z[i], but N(3) = 9 is composite.
Of course, the elements conjugate or adjoint to a prime are also primes. Therefore the smallest
positive rational integer divisible by a prime z equals zz = N(z).
Consider an arbitrary nonzero and nonunit element x ∈ K. If x is not prime then there are nonunit
elements y, z ∈ K such that yz = x. Hereby N(y)N(z) = N(x) and N(y), N(z) > 1. Hence N(y), N(z) <
N(x). Continuing this procedure we end up with a factorization x = x1 x2 · · · xk in which all elements
are prime. This shows that:
Problem 2. Given a nonzero and nonunit element z ∈ K, find the number of equivalence classes in
K modulo z.
Definition 6. FTA, or ”The Fundamental Theorem of Arithmetic” means: Each nonzero and nonunit
element of Z or of its quadratic extension K can be written as a product of primes. This factorization
is unique up to the order of the factors and adjoining between corresponding factors.
Definition 7. DWR means: For each a, b ∈ K with b 6= 0 there exist p, q ∈ K such that a = pb + q
and N(q) < N(b).
Obviously, such a division, if it exists, is not necessarily unique - it is not so even in Z itself.
Moreover, it does not exist in some quadratic extensions, as we shall see later. The significance of
the existence of a division with remainder, however, lies in the fact that it implies the uniqueness of
factorization:
Theorem 5. If the division with remainder in a quadratic ring K is always possible, then FTA holds
in K.
4 Olympiad Training Materials, www.imomath.com
Proof. If the division with remainder is possible in K, then the Euclidean algorithm ends in a finite
number of steps. A simple implication of the Euclidean algorithm is that if p is a prime, a, b ∈ K and
p | ab, then p | a or p | b. The uniqueness of factorization into primes (FTA) now easily follows. 2
There are quadratic rings in which FTA holds despite the nonexistence of a division with remain-
der. However, FTA is an exception rather than a rule.
√
Example 5.√ FTA is false in Z[ −5], as 9 has two √
√ factorizations into primes: 9 = 3 · 3 = (2 +
−5)(2 − −5), which are not equivalent since 2 ± −5 6∼ 3.
Theorem 6. The Fundamental Theorem of Arithmetic (FTA) holds in the set of Gaussian integers
Z[i].
Proof. Based on theorem 5, it is enough to show that for all a, b ∈ Z[i] with b 6= 0 there exists an
element p ∈ Z[i] such that N(a − pb) < N(b).
Let σ , τ ∈ R be such that a/b = σ + τ i, and let s,t ∈ Z be such that |σ −s| ≤ 1/2 and |τ −t| ≤ 1/2.
Setting p = s + ti yields a − pb = (σ + τ i)b − pb = [(σ − s) + (τ − t)i]b, which implies
N(a − pb) = N[(σ − s) + (τ − t)i]N(b) = [(σ − s)2 + (τ − t)2]N(b) ≤ N(b)/2 < N(b).
Theorem 7. An element x ∈ Z[i] is prime if and only if N(x) is a prime or |x| is a prime integer of
the form 4k − 1, k ∈ N.
Proof. Consider an arbitrary prime x = a + bi ∈ Z[i] (a, b ∈ Z). Element x is prime also (indeed, if
x = yz, then x = y z), so N(x) factorizes into primes as xx.
Suppose that N(x) is composite, N(x) = mn for some two natural numbers m, n > 1. It follows
from xx = mn and the FTA that x ∼ m or x ∼ n, so we may suppose w.l.o.g. that x is a prime integer.
If x = 2 or x ≡ 1 (mod 4), then there exist integers a, b ∈ Z such that N(a + bi) = (a + bi)(a − bi) =
a2 + b2 = x; hence x is composite in Z[i]. On the other hand, if x is a prime integer with x ≡ 3
(mod 4), then x is also prime in Z[i]. Indeed, if x = uv for some nonunit elements u, v ∈ Z[i], then
x2 = N(x) = N(u)N(v) implies N(u) = N(v) = x which is impossible. This proves our claim. 2
Solution. Rewrite the equation in the form x5 = (y + i)(y − i). Note that x is not even, as otherwise
y2 ≡ −1 (mod 4). Thus y is even and consequently the elements y + i and y − i are coprime in
Z[i]. Since (y + i)(y − i) is a fifth power, it follows that y + i and y − i are both fifth powers. Let
a, b ∈ Z be such that y + i = (a + bi)5 = a(a4 − 10a2b2 + 5b4) + b(5a4 − 10a2b2 + b4 )i. It holds that
b(5a4 − 10a2b2 + b4 ) = 1, and therefore b = ±1. It is easily seen that in both cases we have a = 0;
hence y = 0, x = ±1 are the only solutions. △
Problem 4. Suppose that x, y and z are natural numbers satisfying xy = z2 + 1. Prove that there
exist integers a, b, c, d such that x = a2 + b2, y = c2 + d 2 and z = ac + bd.
Dušan Djukić: Arithmetic in Extensions of Q 5
Solution. We use the following important fact: If m, n, p, q are elements of a unique factorization
domain K (in this case, K = Z[i]) satisfying mn = pq, then there exist u1 , u2 , v1 , v2 ∈ K such that m =
u1 v1 , n = u2 v2 , p = u1 v2 , q = u2 v1 . The proof of this fact is the same as in the case of m, n, p, q ∈ Z
and follows directly from the factorizations of m, n, p, q into primes.
Since xy = z2 + 1 = (z + i)(z − i), the above fact gives us
for some u1 , u2 , v1 , v2 ∈ Z[i]. The numbers x, y are real, and therefore v1 = q1 u1 , v2 = q2 u2 for
some rational numbers q1 , q2 . From (3) and (4) we easily conclude that q1 = q2 = 1. Now putting
u1 = a + bi, u2 = c + di yields x = u1 u1 = a2 + b2, y = c2 + d 2 and z = ac + bd. △
Proof. By the theorem 5, it suffices to show that a division with remainder is possible, i.e. for all
a, b ∈ Z[ω ], b 6= 0 there exist p ∈ Z[ω ] such that N(a − pb) < N(b).
Like in the proof for the Gaussian integers, let σ , τ ∈ R be such that a/b = σ + τ i, and let s,t ∈ Z
be such that |σ − s| ≤ 1/2 and |τ −t| ≤ 1/2. Setting p = s+ti gives us N(a − pb) ≤ 3N(b)/4 < N(b),
implying the theorem. 2
Problem 5. If p ≡ 1 (mod 6) is a prime number, prove that there exist a, b ∈ Z such that p =
a2 − ab + b2.
Solution. It suffices to show that p is composite in Z[ω ]. Indeed, if there is a prime element
z = a + bω ∈ Z[ω ] (a, b ∈ Z) that divides p, then also z | p = p. Note that z and z are coprime;
otherwise z | z, so there exists a unit element ε with z = ε z, and hence z ∼ (1 − ω ) | 3, which is false.
Therefore a2 − ab + b2 = zz | p, which implies a2 − ab + b2 = p.
Thus we need to prove that p is composite in Z[ω ]. It follows from the condition on p that
-3 is a quadratic residue modulo p, so there exist m, n ∈ Z which are not divisible by p such that
p | (2m − n)2 + 3n2 = 4(m2 − mn + n2), i.e. p | (m − nω )m − nω . However, p does not divide any of
the elements (m − nω ), m − nω , so it must be composite. △
Theorem 9. Element x ∈ Z[ω ] is prime if and only if N(x) is prime or |x| is a prime integer of the
form 3k − 1, k ∈ N.
Proof. Suppose that x, y, z are nonzero elements of Z[ω ] that satisfy (∗). We can assume w.l.o.g. that
x, y, z are pairwise coprime.
Consider the number ρ = 1 − ω . It is prime, as its norm equals (1 − ω )(1 − ω 2 ) = 3. We observe
that ρ = 1 − ω 2 = (1 − ω )(1 + ω ) ∼ ρ ; hence α ∈ Z[ω ] is divisible by ρ if and only if so is al pha.
Each element in Z[ω ] is congruent to −1, 0 or 1 (mod ρ ): indeed, a + bω ≡ a + b = 3q + r ≡ r (mod
ρ ) for some q ∈ Z and r ∈ {−1, 0, 1}.
The importance of number ρ lies in the following property:
x + y = Aρ , ω x + ω 2 y = Bρ , ω 2 x + ω y = C ρ ,
where A, B,C ∈ Z[ω ] are pairwise coprime and A + B + C = 0. The product ABC is a perfect cube
(equal to (z/ρ )3 ), and hence each of A, B,C is adjoint to a cube:
A = αζ 3 , B = β η 3 , C = γξ 3
αζ 3 + β η 3 + γξ 3 = 0. (3)
Since αβ γ is a unit and a perfect cube, we have αβ γ = ±1. Furthermore, ABC = (z/ρ )3 is divisible
by ρ (since ρ 2 | z), so (exactly) one of the numbers ζ , η , ξ , say ξ , is divisible by ρ . In fact, ξ 3
divides ABC which is divisible by ρ 3k−3 and not by ρ 3k−2 , so ρ k−1 is the greatest power of ρ that
divides ξ . The numbers ζ and η are not divisible by ρ ; consequently, ζ 3 and η 3 are congruent to
±1 modulo ρ 4 . Thus the equality A + B + C = 0 gives us α ± β ≡ 0 (mod ρ 4 ), therefore β = ±α ;
now αβ γ = ±1 implies γ = ±α .
Canceling α in equation (3) yields ζ 3 ± η 3 ± ξ 3 = 0, which gives us another nontrivial solution
to (∗) with (ζ , η , ξ ) = 1. However, in this solution we have ρ k−1 | ξ and ρ k ∤ ξ , which contradicts
the choice of k. 2
" √ #
√ −1 + d
Some of these rings are Euclidean, such as Z[ d] for d = −2, −1, 2, 3, 6, 7 and Z
2
for d = −7, −3, 5.
Determining all quadratic unique factorization rings (including the non-Euclidean ones) is ex-
tremely serious. Among the rings of the type 1◦ and 2◦ with d < 0, apart from the ones men-
tioned already, the FTA holds in only five other rings: namely, the rings of the type 2◦ for d =
−11, −19, −43, −67, −163. Gauss’ conjecture that the FTA holds in infinitely many quadratic rings
with a positive d has not been proved nor disproved until today.
Problem 6. Find all integer solutions of the equation x2 + 2 = y3 .
√ √
Solution. Let us write the equation as (x + −2)(x − √−2) = y3 . For 3
√ x even we have y ≡ 2 (mod
4),√which is impossible; therefore x is odd. Then x + −2 and x√− −2 are coprime elements √ of
Z[ −2]√whose product is a perfect cube. Using the FTA in Z[ −2] we conclude √ that x +√ −2
and x − −2 are both perfect cubes. Hence there exist a, b ∈ Z such that (a + b −2)3 = x + −2.
√
Comparing the coefficients at −2 yields b(3a2 − 2b2 ) = 1; therefore b = 1 and a = ±1. Now we
easily obtain that x = ±5 and y = 3 is the only integral solution of the equation. △
Problem 7. Consider the sequence a0 , a1 , a2 , . . . given by a0 = 2 and ak+1 = 2a2k − 1 for k ≥ 0.
Prove that if an odd prime number p divides an , then p ≡ ±1 (mod 2n+2 ).
Solution. Consider the sequence xk of positive numbers given by ak = cosh xk (cosh is the hyperbolic
t −t
cosine, defined by cosht = e +e 2
2 ). It is easily verified that cosh(2xk ) = 2ak − 1 = cosh xk+1 , so
√
xk+1 = 2xk , i.e. xk = λ · 2 for some λ > 0. The condition a0 = 2 gives us λ = log(2 + 3).
k
Therefore √ n √ n
(2 + 3)2 + (2 − 3)2
an = .
2
Let p > 2 be a prime number such p | an . We distinguish two cases.
1◦ m2 ≡ 3 (mod p) for some m ∈ Z. Then
n n
(2 + m)2 + (2 − m)2 ≡ 0 (mod p). (1)
n
Since (2 + m)(2 − m) = 4 − m2 ≡ 1 (mod p), multiplying both sides of (1) by (2 + m)2 yields
n+1
(2 + m)2 ≡ −1 (mod p). It follows that the order of number (2 + m) modulo p equals 2n+2 ,
from which we conclude 2n+2 | p − 1.
√
2◦ The congruence m2 ≡ 3 (mod p) has √ no solutions. We work in the quadratic extension Z p ( 3)
of the field Z p in which number 3 actually plays the role of the number m from case (1).
√ n+1 √
As in case (1) we have √ (2 + 3)2 = −1, which means that the order of 2 + 3 in the
∗ n+2
√ Z∗ p ( 3)2 equals 2 . This is not enough to finish the
multiplicative group proof as in case (1),
n+2 | p2 − 1. However,
as the group Z p ( 3) has p − 1 elements;
√ instead, we only √get that 2
we shall be done if we find u ∈ Z p ( 3) for which u2 = 2 + 3: indeed, then the order of u is
2n+3 , so 2n+3 | p2 − 1 and therefore 2n+2 | p − 1, since 4 ∤ p + 1.
√ √
Note that√(1 + 3)2 = 2(2 + 3). Now it is enough to show that 1/2 is a perfect square in the
field Z p ( 3). This immediately follows from the relation an = 0 = 2a2n−1 − 1, as 1/2 = a2n−1 .
This finishes the proof. △